SHARE
TWEET

Untitled

a guest May 21st, 2017 86 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. <?php
  2. if(isset($_POST['Submit']) and $_POST['Submit'] == "Submit"){
  3.   include('../database.conf');
  4.   $link = mysql_connect($database, $user, $password) or die('Could not connect to database!');
  5.   $query = sprintf("SELECT * FROM byte_website.users WHERE User='%s' AND Password='%s'", mysql_real_escape_string($_POST['user']), mysql_real_escape_string(SHA1($POST['password'])));
  6.   $result = mysql_query($query) or die('There was an error querying the database!');
  7.   if($result){
  8.     // Create an array containing existing pages...
  9.     $query = 'SELECT Page,ID FROM byte_website.pages';
  10.     $result = mysql_query($query) or die('There was an error querying the database!');
  11.     $pagelist = array();
  12.     $i = 0;
  13.     $highestID;
  14.     while($row = mysql_fetch_assoc($result)){
  15.       $pagelist[$i] = $row['Page'];
  16.       $i++;
  17.       if (!isset($highestID) or $row['ID'] > $highestID){
  18.         $highestID = $row['ID'];
  19.       }
  20.     }
  21.     $exists = false;
  22.     foreach($pagelist as $page){
  23.       if ($_POST['page'] == $page){
  24.         $exists = true;
  25.         break;
  26.       }
  27.     }
  28.     if($exists){ // Edit an existing page
  29.       $query = sprintf("UPDATE byte_website.pages SET Content=\"%s\" WHERE Page='%s'", mysql_real_escape_string(($_POST['content'])), $_POST['page']);
  30.       $result = mysql_query($query) or die('There was an error changing the page!');
  31.       if ($result){
  32.         echo "<p>Page edited!</p>";
  33.       }
  34.     }
  35.     else{ // Create a new page
  36.       $highestID += 1;
  37.       $query = sprintf("INSERT INTO byte_website.pages VALUES (%s, '%s', \"%s\")", $highestID, $_POST['page'], mysql_real_escape_string(($_POST['content'])));
  38.       $result = mysql_query($query) or die('There was an error adding the page!');
  39.       if ($result){
  40.         echo "<p>Page added!</p>";
  41.       }
  42.     }
  43.   }
  44. }
  45. ?>
  46.  
  47.  
  48. <form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
  49. Page:<input type="text" size="14" name="page" value="" />
  50. <br />
  51. <textarea name="content" rows="20" cols="50">Page content.</textarea>
  52. <br />
  53. User:<input type="text" name="user" size="14" value="" maxlength="20" />
  54. Password:<input type="password" size="14" name="password" value="" maxlength="20" />
  55. <input type="submit" name="Submit" value="Submit" />
  56. </form>
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top