Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- session_start();
- include("config.php");
- switch ($_GET['content']) {
- case 'logout' : include 'logout.php'; break;
- case 'create.thread' : include 'create.thread.php'; break;
- }
- if (isset($_POST['checkData'])) {
- $username = mysql_real_escape_string($_POST['username']);
- $password = mysql_real_escape_string(md5($_POST['password']));
- $query = mysql_query("SELECT * FROM `users` WHERE `username` = '$username' AND `password` = '$password'");
- if (mysql_num_rows($query) == 1) {
- $_SESSION['id'] = mysql_result($query, 0, 'id');
- $_SESSION['username'] = $_POST['username'];
- header("location: ?");
- } else {
- echo "<script>alert(\"Fel användarnamn eller lösenord\");</script>";
- }
- }
- ?>
- <html>
- <head>
- <link rel="shortcut icon" type="image/icon" href="images/favicon.png">
- <title>Minecraftportalen</title>
- <link rel="stylesheet" type="text/css" href="stylesheet.css">
- </head>
- <body>
- <form method="POST">
- <!-- Fungerar inte i Internet Explorer... -->
- <div style="width:300px; margin:auto;">
- <!-- Logotyp -->
- <div id="logo">
- </div>
- </div>
- <!-- Fungerar inte i Internet Explorer... -->
- <div style="width:800px; margin:auto;">
- <div id="background">
- <table width="380">
- <?php
- if (!isset($_SESSION['username'])) {
- echo "<tr><td><input name=\"username\" type=\"text\"></td><td><input name=\"password\" type=\"password\"></td><td><input name=\"checkData\" type=\"submit\" value=\"Logga in\"></td></tr>";
- } else {
- echo "<a href=\"?userID={$_SESSION['id']}\">{$_SESSION['username']}</a> (<a href=\"?content=logout\">Logga ut</a>)</br>";
- }
- ?>
- </table>
- </div>
- </br>
- <div id="background">
- <?php
- if (isset($_GET['userID'])) {
- $id = intval($_GET['userID']);
- $query = "SELECT * FROM `users` WHERE `id` = '$id' LIMIT 1";
- $result = mysql_query($query);
- if (mysql_num_rows($result) == 1) {
- while ($row = mysql_fetch_assoc($result)) {
- $username = htmlspecialchars($row['username']);
- $email = htmlspecialchars($row['email']);
- echo "<strong>{$username}</strong></br>";
- echo "{$email}</br>";
- }
- } else {
- echo "Användaren hittades inte!</br>";
- }
- } elseif (isset($_GET['categoryID'])) {
- $id = intval($_GET['categoryID']);
- $query = "SELECT * FROM `categories` WHERE `id` = '$id' LIMIT 1";
- $result = mysql_query($query);
- if (mysql_num_rows($result) == 1) {
- $query = "SELECT * FROM `threads` WHERE `category` = '1'";
- $result = mysql_query($query);
- while ($row = mysql_fetch_assoc($result)) {
- $id = htmlspecialchars($row['id']);
- $name = htmlspecialchars($row['name']);
- $writer = htmlspecialchars($row['writer']);
- echo "<a href=\"?threadID={$id}\"><strong>{$name}</strong></a></br>";
- echo "Redaktör: {$writer}</br>";
- }
- } else {
- echo "Kategorin hittades inte!</br>";
- }
- } elseif (isset($_GET['threadID'])) {
- $id = intval($_GET['threadID']);
- $query = "SELECT * FROM `threads` WHERE `id` = '$id' LIMIT 1";
- $result = mysql_query($query);
- if (mysql_num_rows($result) == 1) {
- while ($row = mysql_fetch_assoc($result)) {
- name = htmlspecialchars($row['name']);
- $text = htmlspecialchars($row['text']);
- echo "#0 <strong>{$name}</strong></br>";
- echo "</br>";
- echo "{$text}</br>";
- echo "</br>";
- echo "</br>";
- $query = "SELECT * FROM `comments` WHERE `thread` = '1'";
- $result = mysql_query($query);
- if (mysql_num_rows($result) == 1) {
- while ($row = mysql_fetch_assoc($result)) {
- $id = htmlspecialchars($row['id']);
- $writer = htmlspecialchars($row['writer']);
- $text = htmlspecialchars($row['text']);
- echo "#{$id} <strong>{$writer}</strong></br>";
- echo "{$text}</br>";
- echo "</br>";
- }
- } else {
- echo "Tråden hittades inte!</br>";
- }
- }
- }
- } else {
- $query = "SELECT * FROM `categories` ORDER BY `id` DESC";
- $result = mysql_query($query);
- while ($row = mysql_fetch_assoc($result)) {
- $id = $row['id'];
- $name = $row['name'];
- $description = $row['description'];
- echo "<a href=\"?categoryID={$id}\"><strong>{$name}</strong></a></br>";
- echo "{$description}</br>";
- }
- }
- ?>
- </div>
- </div>
- </form>
- </body>
- </html>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement