API tools faq
paste
Guest User

Untitled

a guest
May 20th, 2018
323
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 4.78 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2. $allowedTags='<p><strong><em><u><h1><h2><h3><h4><h5><h6><img>';
  3. $allowedTags.='<li><ol><ul><span><div><br><ins><del>';
  4. if($_POST['cmsText']!='') {
  5. $sHeader = '<h1>הוכנס בהצלחה</h1>';
  6. $sContent = strip_tags(stripslashes($_POST['cmsText']),$allowedTags);
  7. } else {
  8. $sHeader = '<h1>ברוך הבא למערכת הניהול LewCMS</h1>';
  9. $sContent = '<p>כתוב את התוכן כאן ומחק את השורה הזו</p>';
  10.  
  11. }
  12. ?>
  13. <html>
  14. <head>
  15. <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
  16. <link href="style.css" rel="stylesheet" type="text/css" />
  17. <title>LewCMS Control Panel</title>
  18. <script language="javascript" type="text/javascript" src="tinymce/jscripts/tiny_mce/tiny_mce.js"></script>
  19. <script language="javascript" type="text/javascript">
  20. tinyMCE.init({
  21. theme : "advanced",
  22. mode: "exact",
  23. elements : "cmsText",
  24. theme_advanced_toolbar_location : "top",
  25. theme_advanced_buttons1 : "bold,italic,underline,strikethrough,separator,"
  26. + "justifyleft,justifycenter,justifyright,justifyfull,formatselect,"
  27. + "bullist,numlist,outdent,indent",
  28. theme_advanced_buttons2 : "link,unlink,anchor,image,separator,"
  29. +"undo,redo,cleanup,code,separator,sub,sup,charmap",
  30. theme_advanced_buttons3 : "",
  31. height:"350px",
  32. width:"600px",
  33. file_browser_callback : 'myFileBrowser'
  34. });
  35.  
  36. function myFileBrowser (field_name, url, type, win) {
  37. var fileBrowserWindow = new Array();
  38. fileBrowserWindow['title'] = 'File Browser';
  39. fileBrowserWindow['file'] = "my_cms_script.php" + "?type=" + type;
  40. fileBrowserWindow['width'] = '420';
  41. fileBrowserWindow['height'] = '400';
  42. tinyMCE.openWindow(fileBrowserWindow, { window : win, resizable : 'yes', inline : 'yes' });
  43. return false;
  44. }
  45. </script>
  46. </head>
  47. <body>
  48. <?php
  49. if ((strlen($_POST['username']) > 0) && (strlen($_POST['password']) > 0)) {
  50. // Connect to the DB
  51. $link = mysql_connect('localhost', 'root', '****');
  52. // If it couldn't connect
  53. if (!$link) {
  54. die('Could not connect: ' . mysql_error());
  55. }
  56. mysql_query("SET character_set_client = utf8");
  57. mysql_query("SET character_set_connection = utf8");
  58. mysql_query("SET character_set_results = utf8");
  59. // Select the DB
  60. $db_selected = mysql_select_db('lewCMS', $link);
  61.  
  62. // Get the password for the username from the POST
  63. $query = "SELECT * FROM users";
  64. $result = mysql_query($query);
  65.  
  66. while($row = mysql_fetch_array($result))
  67. {
  68. if ($row['username'] == $_POST['username'])
  69. $b = true;
  70. }
  71.  
  72. if ($b == false)
  73. {
  74. echo "<body onload=\"javascript:window.location='login.php';\">";
  75. echo "פרטי ההתחברות שגויים, אנא לחץ <a href='login.php'>כאן</a> בכדי לחזור לדף ההתחברות";
  76. }
  77. else
  78. {
  79.  
  80. $query = "SELECT * FROM users WHERE username = '".$_POST['username']."'";
  81. $result = mysql_query($query);
  82.  
  83. while($row = mysql_fetch_array($result))
  84. {
  85. $password = $row['password'];
  86. $name = $row['username'];
  87. $ID = $row['ID'];
  88. }
  89.  
  90. if ($password == md5($_POST['password']))
  91. {
  92. if (strlen($_POST['cmsText']) > 2) {
  93. $query = "INSERT INTO pages (title, content) VALUES('".$_POST['pageTitle']."', '".strip_tags(stripslashes($_POST['cmsText']),$allowedTags)."')";
  94. mysql_query($query);
  95. $responseText = "הוכנס בהצלחה!";
  96. }
  97.  
  98. ?>
  99. <?php echo $sHeader;?>
  100. <h2>מערכת הניהול של Lewin.co.il</h2>
  101. <form method="post" action="new.php">
  102. <div align="center">
  103. <?php
  104. if (strlen($responseText) > 2)
  105. echo $responseText."<br />";
  106. ?>
  107. <input type="text" value="נושא" name="pageTitle" />
  108. <br /><br />
  109. <textarea id="cmsText" name="cmsText" rows="15" cols="80"><?php echo $sContent;?></textarea>
  110. </div>
  111. <br />
  112. <input type="submit" name="save" value="שמור" />
  113. <input type="reset" name="reset" value="מחק" />
  114. <input type='hidden' name='username' value='<?php echo $_POST['username']; ?>' />
  115. <input type='hidden' name='password' value='<?php echo $_POST['password']; ?>' />
  116. </form>
  117. <?
  118. }
  119. else
  120. {
  121. echo "<body onload=\"javascript:window.location='login.php';\">";
  122. echo "פרטי ההתחברות שגויים, אנא לחץ <a href='login.php'>כאן</a> בכדי לחזור לדף ההתחברות";
  123. }
  124. }
  125. }
  126. else
  127. {
  128. echo "<body onload=\"javascript:window.location='login.php';\">";
  129. echo "פרטי ההתחברות שגויים, אנא לחץ <a href='login.php'>כאן</a> בכדי לחזור לדף ההתחברות";
  130. }
  131. ?>
  132. </body>
  133. </html>
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!