API tools faq
paste
View difference between Paste ID: 0bnZUwpZ and W89XXAQV
SHOW: | | - or go back to the newest paste.
1
--blank.php--
2
<?php
3
    include 'common-top.php';
4
    print '<h2 id="message">Please Login To Access Page</h2>';
5
    header( 'refresh:3;url=form-login.php' );
6
    include 'common-bottom.php';
7
?>
8
--common-bottom--
9
			<footer>
10
				Site/Contact Info
11
			</footer>
12
		</div>
13
	</body>
14
</html>
15
--common-top--
16
<!doctype html>
17
<html lang="en">
18
19
	<?php
20
		session_name('Genji');
21
		session_start();
22
		if(isset($_SESSION['id']) && isset($_SESSION['name'])){
23
			$id = $_SESSION['id'];
24
			$name = $_SESSION["name"];
25
			$logged_in = true;
26
		}
27
		else{
28
			$logged_in = false;
29
		}
30
	?>
31
32
	<head>
33
		<meta charset="utf-8">
34
		<title>Blog</title>
35
		<meta name="author" content="Cam Austin">
36
		<link rel="stylesheet" href="css/styles.css">
37
	</head>
38
39
	<body>
40
		<div id="wrapper">
41
42
			<header>
43
				<h1>Site Title</h1>
44
			</header>
45
46
			<section id="info">
47
				<?php
48
					if($logged_in){
49
						print $name.' [<a href = "do-logout.php">Logout</a>]';
50
					}
51
					else{
52
						print '<a href = "form-login.php">Login</a>';
53
					}
54
				?>
55
			</section>
56
57
			<nav>
58
				<a href="form-new-post.php">New Post</a>
59
				<a href="index.php">Home</a>
60
				<a href="form-new-user.php">New User</a>
61
62
				<?php
63
					if( $logged_in ) {
64
				        print '<a href="form-admin.php">Admin</a>';
65
				    }
66
				?>
67
			</nav>
68
--connect--
69
<?php
70
	$link = mysqli_connect( 'localhost',
71
							'cd16588_db',
72
							'D5l',
73
							'cd16588_blog' );
74
?>
75
--do-add-post--
76
<?php
77
	require_once("connect.php");
78
79
	$postTitle = $_POST['title'];
80
	$postAuthor = $_POST['author'];
81
	$postText = $_POST['entry'];
82
83
	$postTitle = strip_tags($postTitle);
84
	$postText = strip_tags($postText);
85
86
	$statment = mysqli_prepare($link, "INSERT INTO posts
87
										(title, author_id, entry)
88
										VALUES (?,?,?)");
89
90
	if($statment){
91
		mysqli_stmt_bind_param($statment, "sss", $postTitle,
92
												 $postAuthor,
93
												 $postText);
94
		mysqli_stmt_execute($statment);
95
		mysqli_stmt_close($statment);
96
	}
97
	mysqli_close($link);
98
	header( 'location:index.php' ) ;
99
?>
100
--do-delete-post--
101
<?php
102
    require_once('connect.php');
103
104
    $blog_post_id = $_POST['id'];
105
    $query = "DELETE FROM posts
106
                WHERE id='".$blog_post_id."'";
107
    $result = mysqli_query($link, $query) or die(mysqli_error($link) );
108
    mysqli_close($link);
109
    header('location:index.php');
110
?>
111
--edit-post--
112
<?php
113
    require_once 'connect.php';
114
115
    $post_id = $_POST['id'];
116
    $post_title = $_POST['title'];
117
    $post_author = $_POST['author'];
118
    $post_text = $_POST['entry'];
119
120
    $post_title = strip_tags($post_title);
121
    $post_text = strip_tags($post_text);
122
123
    $statment = mysqli_prepare($link,"UPDATE posts
124
                                        SET title=?, author_id=?, entry=?
125
                                        WHERE id=?" );
126
    if($statment){
127
        mysqli_stmt_bind_param( $statement, "ssss", $post_title,
128
                                                    $post_author,
129
                                                    $post_text,
130
                                                    $post_id);
131
        mysqli_stmt_execute($statment);
132
        mysqli_stmt_close($statment);
133
    }
134
    mysqli_close($statment);
135
    header('refresh:2;url=index.php');
136
?>
137
--do-login--
138
<?php
139
	include('common-top.php');
140
	require_once('connect.php');
141
142
	$username = $_POST['username'];
143
	$password = $_POST['password'];
144
145
	print '<p>Attempting to login user '.$username.'...';
146
	$statment = mysqli_prepare($link, "SELECT id, name, hash, salt
147
										FROM authors
148
										 WHERE username=?");
149
150
	if($statment){
151
		print '<p>Querying the database...';
152
153
		mysqli_stmt_bind_param($statment,'s',$username);
154
		mysqli_stmt_execute($statment);
155
		mysqli_stmt_bind_result($statment,
156
								$id,
157
								$name,
158
								$hash,
159
								$salt);
160
		print '<p>Checking for matching user...';
161
162
		if(mysqli_stmt_fetch($statment)){
163
			print '<p>User account found. Checking password...';
164
165
			if(hash('sha256', $password.$salt) == $hash){
166
				$_SESSION['id'] = $id;
167
				$_SESSION['name'] = $name;
168
				print '<P>Password is correct...';
169
				header('refresh:2;url=index.php');
170
			}
171
			else{
172
				print '<p class="error">Incorrect password';
173
				header('refresh:2;url=form-login.php');
174
			}
175
		}
176
		else{
177
			print'<p class="error">Unknown User';
178
			header('refresh:3;url=form-login.php');
179
		}
180
		mysqli_stmt_close($statment);
181
	}
182
	mysqli_close($link);
183
	include'common-bottom.php'
184
?>
185
--do-logout--
186
<?php
187
    include 'common-top.php';
188
    unset($_SESSION["id"] );
189
    unset($_SESSION["name"] );
190
    print '<h2 id="message">You Have been logged out</h2>';
191
    header('refresh:2;url=index.php');
192
    include 'common-bottom.php';
193
?>
194
--do-new-user--
195
<?php
196
	require_once("connect.php");
197
198
	$username = $_POST['username'];
199
	$fullname = $_POST['name'];
200
	$password = $_POST['password'];
201
202
	$fullname = strip_tags($fullname);
203
	print '<h2>Attempting to create user '.$fullname.' ('.$username.')</h2>';
204
205
	$salt = md5(microtime(true)*100000);
206
	$hash = hash('sha256', $password.$salt);
207
208
	print '<p>Salt for hashing:'.$salt;
209
	print '<p>Hashed password: '.$hash;
210
	print '<p>Connecting to database...';
211
212
	$statement = mysqli_prepare($link, "INSERT INTO authors
213
										(name, username, hash, salt)
214
										VALUES (?,?,?,?)");
215
216
	if($statement){
217
		print '<p>Adding new user record...';
218
219
		mysqli_stmt_bind_param($statement, "ssss", $fullname,
220
													$username,
221
													$hash,
222
													$salt);
223
224
		mysqli_stmt_execute($statement);
225
		mysqli_stmt_close($statement);
226
227
		print '<p>User successfully added';
228
		header( 'refresh:5;url=index.php' );
229
	}
230
	mysqli_close($link);
231
232
?>
233
--form-delete-post--
234
<?php
235
    include 'common-top.php';
236
    $blog_post_id = $_GET['id'];
237
?>
238
239
<h2>Delete Blog Post #<?php print $blog_post_id?> </h2>

240
<p>Are you sure that you want ot <strong>permanently</strong> delete this blog post?</p>

241
242
<form method="post" action="do-delete-post.php">

243
    <input type="hidden" name="id" value="<?php print $blog_post_id ?>">

244
    <input type="submit" value="Delete It">

245
    <input type="button" value="Cancel" onclick="window.location.replace('index.php')">

246
</form>

247
--form-edit-post--

248
<?php

249
    include 'common-top.php';

250
    $blog_post_id = $_GET['id'];

251
    

252
    require_once('connect.php');

253
    $query = "SELECT * FROM posts 

254
                WHERE id='".$blog_post_id."'";

255
    $all_posts = mysqli_query($link, $query) or die(mysqli_error($link) );

256
    $blog_post = mysqli_fetch_assoc($all_posts);

257
    mysqli_close($link);

258
?>

259
260
<form method="post" action="do-edit-post.php">

261
    <input type="hidden" name="id" value="<?php print $blog_post_id ?>">

262
    

263
    <label for="title">Title</label>

264
    <input type="text" name="title" value="<?php print $blog_post['title'] ?>">

265
    <br>

266
    

267
    <label for="author">Author</label>

268
    <input type="text" name="author" value="<?php print $blog_post['author_id'] ?>">

269
    <br>

270
    

271
    <label for="entry">Post Text</label>

272
    <textarea name="entry" rows="10">

273
        <?php print $blog_post['entry'] ?>

274
    </textarea>

275
    <br>

276
    

277
    <input type="submit" value="Post Updated Blog Entry">

278
</form>

279
--form-login--

280
<?php

281
	include('common-top.php');

282
?>

283
284
<form name="form" method="post" action="do-login.php">

285
	<label for="username">Username</label>

286
	<input name="username" type="text">

287
	<br>

288
	

289
	<label for="password">Password</label>

290
	<input name="password" type="password">

291
	<br>

292
	

293
	<input type="submit" name="Submit" value="Login">

294
</form>

295
296
<?php

297
	include('common-bottom.php');

298
?>

299
--form-new-post--

300
<?php

301
	include("common-top.php");

302
	

303
	if( !$logged_in ) {

304
		print 'Please Login';

305
		header( 'location:blank.php' );

306
	}

307
?>

308
309
<form method="post" action="do-add-post.php">

310
	<label for="title">Title</label>

311
	<input type="text" name="title" size="50">

312
	<br>

313
	

314
	<label for="author">Author ID</label>

315
	<input type="number" name="author" size="3" value="1">

316
	<br>

317
	

318
	<label for="entry">Post Text</label>

319
	<textarea name="entry" rows="10"></textarea>

320
	<br>

321
	

322
	<input type="submit" value="Post This Blog Entry">

323
	<input type="button" value="Cancel" onclick="window.location.replace( 'index.php');">

324
</form>

325
326
<?php

327
	include("common-bottom.php");

328
?>

329
--form-new-user--

330
<?php

331
	include("common-top.php");

332
	

333
	if( !$logged_in ) {

334
		print 'Please Login';

335
		header( 'location:blank.php' );

336
	}

337
?>

338
339
<form method="post" action="do-add-post.php">

340
	<label for="title">Title</label>

341
	<input type="text" name="title" size="50">

342
	<br>

343
	

344
	<label for="author">Author ID</label>

345
	<input type="number" name="author" size="3" value="1">

346
	<br>

347
	

348
	<label for="entry">Post Text</label>

349
	<textarea name="entry" rows="10"></textarea>

350
	<br>

351
	

352
	<input type="submit" value="Post This Blog Entry">

353
	<input type="button" value="Cancel" onclick="window.location.replace( 'index.php');">

354
</form>

355
356
<?php

357
	include("common-bottom.php");

358
?>

359
--index.php--

360
<?php

361
	require_once( "connect.php" );

362
	include("common-top.php");

363
?>

364
365
<section id="content">

366
		

367
	<h2>Page Title</h2>

368
	

369
	<?php

370
		$query = ('select * from posts');

371
		$results = mysqli_query( $link, $query ) or die( mysql_error($link) );

372
373
		while( $blog_post = mysqli_fetch_assoc($results) ){

374
			$post_text = htmlspecialchars($blog_post['entry']);

375
			$post_text = str_replace("\n", '<p>', $blog_post['entry']);

376
			date_default_timezone_set("Pacific/Auckland");

377
			$date = date("d M Y", strtotime($blog_post['date']));

378
			print '<article>';

379
			print '		<header>';

380
			print '			<h3>'.$blog_post['title'].'</h3>';

381
			print '			Posted on <strong>'.$blog_post['date'].'</strong>';

382
			print '			by author #<strong>'.$blog_post['author_id'].'</strong>';

383
			print '		</header>';

384
			print '		<p id="text">'.$blog_post['entry'].'</p>';

385
			

386
			if($logged_in){

387
				print '	<footer>';

388
				print '		<a href="form-delete-post.php?id='.$blog_post['id'].'">Delete</a>';

389
				print '		<a href="form-edit-post.php?id='.$blog_post['id'].'">Edit</a>';

390
				print ' </footer>';

391
			}

392
			

393
			print '</article>';

394
			}

395
	?>

396
	

397
	

398
</section>

399
400
<?php

401
	include("common-bottom.php");

402
?>
        

    


            


                                


        

            



                
    

        Public Pastes
    

    
            

    

                    

        

    





    


    
    
    
    
    
    
    
    




    


    



                

            We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.             OK, I Understand
        

    
                

            

                
                    
                
            

            

                Not a member of Pastebin yet?

                Sign Up, it unlocks many cool features!