Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- $allowedTags='<p><strong><em><u><h1><h2><h3><h4><h5><h6><img>';
- $allowedTags.='<li><ol><ul><span><div><br><ins><del>';
- if($_POST['cmsText']!='') {
- $sHeader = '<h1>הוכנס בהצלחה</h1>';
- $sContent = strip_tags(stripslashes($_POST['cmsText']),$allowedTags);
- } else {
- $sHeader = '<h1>ברוך הבא למערכת הניהול LewCMS</h1>';
- $sContent = '<p>כתוב את התוכן כאן ומחק את השורה הזו</p>';
- }
- ?>
- <html>
- <head>
- <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
- <link href="style.css" rel="stylesheet" type="text/css" />
- <title>LewCMS Control Panel</title>
- <script language="javascript" type="text/javascript" src="tinymce/jscripts/tiny_mce/tiny_mce.js"></script>
- <script language="javascript" type="text/javascript">
- tinyMCE.init({
- theme : "advanced",
- mode: "exact",
- elements : "cmsText",
- theme_advanced_toolbar_location : "top",
- theme_advanced_buttons1 : "bold,italic,underline,strikethrough,separator,"
- + "justifyleft,justifycenter,justifyright,justifyfull,formatselect,"
- + "bullist,numlist,outdent,indent",
- theme_advanced_buttons2 : "link,unlink,anchor,image,separator,"
- +"undo,redo,cleanup,code,separator,sub,sup,charmap",
- theme_advanced_buttons3 : "",
- height:"350px",
- width:"600px",
- file_browser_callback : 'myFileBrowser'
- });
- function myFileBrowser (field_name, url, type, win) {
- var fileBrowserWindow = new Array();
- fileBrowserWindow['title'] = 'File Browser';
- fileBrowserWindow['file'] = "my_cms_script.php" + "?type=" + type;
- fileBrowserWindow['width'] = '420';
- fileBrowserWindow['height'] = '400';
- tinyMCE.openWindow(fileBrowserWindow, { window : win, resizable : 'yes', inline : 'yes' });
- return false;
- }
- </script>
- </head>
- <body>
- <?php
- if ((strlen($_POST['username']) > 0) && (strlen($_POST['password']) > 0)) {
- // Connect to the DB
- $link = mysql_connect('localhost', 'root', '****');
- // If it couldn't connect
- if (!$link) {
- die('Could not connect: ' . mysql_error());
- }
- mysql_query("SET character_set_client = utf8");
- mysql_query("SET character_set_connection = utf8");
- mysql_query("SET character_set_results = utf8");
- // Select the DB
- $db_selected = mysql_select_db('lewCMS', $link);
- // Get the password for the username from the POST
- $query = "SELECT * FROM users";
- $result = mysql_query($query);
- while($row = mysql_fetch_array($result))
- {
- if ($row['username'] == $_POST['username'])
- $b = true;
- }
- if ($b == false)
- {
- echo "<body onload=\"javascript:window.location='login.php';\">";
- echo "פרטי ההתחברות שגויים, אנא לחץ <a href='login.php'>כאן</a> בכדי לחזור לדף ההתחברות";
- }
- else
- {
- $query = "SELECT * FROM users WHERE username = '".$_POST['username']."'";
- $result = mysql_query($query);
- while($row = mysql_fetch_array($result))
- {
- $password = $row['password'];
- $name = $row['username'];
- $ID = $row['ID'];
- }
- if ($password == md5($_POST['password']))
- {
- if (strlen($_POST['cmsText']) > 2) {
- $query = "INSERT INTO pages (title, content) VALUES('".$_POST['pageTitle']."', '".strip_tags(stripslashes($_POST['cmsText']),$allowedTags)."')";
- mysql_query($query);
- $responseText = "הוכנס בהצלחה!";
- }
- ?>
- <?php echo $sHeader;?>
- <h2>מערכת הניהול של Lewin.co.il</h2>
- <form method="post" action="new.php">
- <div align="center">
- <?php
- if (strlen($responseText) > 2)
- echo $responseText."<br />";
- ?>
- <input type="text" value="נושא" name="pageTitle" />
- <br /><br />
- <textarea id="cmsText" name="cmsText" rows="15" cols="80"><?php echo $sContent;?></textarea>
- </div>
- <br />
- <input type="submit" name="save" value="שמור" />
- <input type="reset" name="reset" value="מחק" />
- <input type='hidden' name='username' value='<?php echo $_POST['username']; ?>' />
- <input type='hidden' name='password' value='<?php echo $_POST['password']; ?>' />
- </form>
- <?
- }
- else
- {
- echo "<body onload=\"javascript:window.location='login.php';\">";
- echo "פרטי ההתחברות שגויים, אנא לחץ <a href='login.php'>כאן</a> בכדי לחזור לדף ההתחברות";
- }
- }
- }
- else
- {
- echo "<body onload=\"javascript:window.location='login.php';\">";
- echo "פרטי ההתחברות שגויים, אנא לחץ <a href='login.php'>כאן</a> בכדי לחזור לדף ההתחברות";
- }
- ?>
- </body>
- </html>
Add Comment
Please, Sign In to add comment