API tools faq
paste
Advertisement
Guest User

Untitled

a guest
May 20th, 2017
79
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 7.20 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2. session_start();
  3.  
  4.  
  5. include('config.php');
  6. $db_connection = mysql_connect($db_host, $db_user, $db_pass) or die ('Error connecting to mysql');
  7. mysql_select_db($db_name,$db_connection) or die ("Could not find db");
  8. ?>
  9.  
  10. <html>
  11. <head>
  12. <title>e-shop</title>
  13. <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
  14. </head>
  15. <body>
  16.  
  17. <?php
  18.  
  19. if (isset($_POST['login'])){
  20. $username = mysql_real_escape_string($_POST['username'],$db_connection);
  21. $password = mysql_real_escape_string($_POST['password'],$db_connection);
  22. $passwordmd5 = md5($password);
  23.  
  24. if($username == NULL) { $message = 'Please enter username.';}
  25. if($message == NULL && $password == NULL){ $message = 'Please enter password.';}
  26.  
  27. if($message == NULL)
  28. {
  29. $userQuery = mysql_fetch_row(mysql_query("SELECT * FROM users WHERE username='$username' AND password ='$passwordmd5'"));
  30. if($userQuery){
  31. $_SESSION['isloged'] = 'yes';
  32. $_SESSION['username'] = $username;
  33. if($userQuery[6]== 'admin')
  34. $_SESSION['isadmin'] = true;
  35. else
  36. $_SESSION['isadmin'] = false;
  37. } else {
  38. $message = 'Invalid username or password!';
  39. }
  40. }
  41. }
  42.  
  43.  
  44.  
  45. if($message != NULL){?>
  46. <table width="100%" border="0" cellpadding="3" cellspacing="0" bgcolor="#FFCCCC">
  47. <tr>
  48. <td><div align="center"><strong><font color="#FF0000"><?=$message;?></font></strong></div></td>
  49. </tr>
  50. </table>
  51. <?php } ?>
  52.  
  53. <div>
  54. <h1 align="center">e-shop</h1>
  55. </div>
  56.  
  57. <table title="site" border="1" width="800" height="500" align="center">
  58. <tr>
  59. <td width="200" valign="top">
  60. <table title="menu" border="1" align="center" width="180" >
  61. <tr><th>Categories</th></tr>
  62. <?php
  63. $show_query="SELECT * FROM categories";
  64. $query_result=mysql_query($show_query,$db_connection);
  65.  
  66. while($row=mysql_fetch_object($query_result)){
  67. echo "<tr>";
  68. echo "<td><a href=\"index.php?cat=$row->cid\">$row->name</a></td>";
  69. echo "</tr>";
  70. }
  71. ?>
  72. </table>
  73. <p>&nbsp;</p>
  74. <table title="menu" border="1" align="center" width="180">
  75. <tr>
  76. <th>Menu</th>
  77. </tr>
  78. <tr>
  79. <td><a href="index.php">Home</a></td>
  80. </tr>
  81. <?php if ($_SESSION['isadmin']){echo "<tr><td><a href=\"manage.php\">Manage</a></td></tr>";} ?>
  82. </table>
  83. </td>
  84.  
  85. <td width="600" valign="top">
  86. <table title="products" border="1" width="590" align="center" >
  87. <?php
  88. if (!$_GET["searching"]){
  89. if (!$_GET["cat"]){
  90. $show_query = "SELECT * FROM products ORDER BY Rand() LIMIT 5";
  91. $query_result=mysql_query($show_query,$db_connection);
  92. echo "<tr><th width=\"510\">Random Products</th><th width=\"80\">Price</th></tr>";
  93. while($row=mysql_fetch_object($query_result)){
  94. if ($row->quantity > 0){
  95. echo "<tr>";
  96. echo "<td><a href=\"index.php?cat=$row->cid&prod=$row->pid\">$row->title</a></td>";
  97. echo "<td>$row->price</td>";
  98. echo "</tr>";
  99. }
  100. }
  101. }else if ($_GET["cat"] && !$_GET["prod"]){
  102.  
  103. $show_query="SELECT * FROM products where cid=".$_GET["cat"]."";
  104. $query_result=mysql_query($show_query,$db_connection);
  105.  
  106. echo "<tr><th width=\"510\">Products</th><th width=\"80\">Price</th></tr>";
  107. while($row=mysql_fetch_object($query_result)){
  108. if ($row->quantity > 0){
  109. echo "<tr>";
  110. echo "<td><a href=\"index.php?cat=$row->cid&prod=$row->pid\">$row->title</a></td>";
  111. echo "<td>$row->price</td>";
  112. echo "</tr>";
  113. }
  114. }
  115. }else if ($_GET["cat"] && $_GET["prod"]){
  116. $show_query="SELECT * FROM products where pid=".$_GET["prod"]."";
  117. $query_result=mysql_query($show_query,$db_connection);
  118.  
  119. $row=mysql_fetch_object($query_result);
  120.  
  121. echo "<tr><th>".$row->title."</th></tr>";
  122. echo "<tr><td>".htmlspecialchars_decode($row->descr)."</td><tr>";
  123. echo "<tr><td>Price: $row->price</td></tr>";
  124. echo "<tr><td><a href=\"basket.php?action=add&prod=$row->pid\">Buy</a></td></tr>";
  125. }
  126. }else{
  127. $find = $_GET["find"];
  128. $find = strtoupper($find);
  129. $find = strip_tags($find);
  130. $find = trim ($find);
  131.  
  132. $search_query="SELECT * FROM products WHERE title LIKE'%$find%'";
  133. $query_result=mysql_query($search_query,$db_connection);
  134.  
  135. echo "<tr><th width=\"510\">Search Results</th><th width=\"80\">Price</th></tr>";
  136. while($row=mysql_fetch_object($query_result)){
  137. if ($row->quantity > 0){
  138. echo "<tr>";
  139. echo "<td><a href=\"index.php?cat=$row->cid&prod=$row->pid\">$row->title</a></td>";
  140. echo "<td>$row->price</td>";
  141. echo "</tr>";
  142. }
  143. }
  144. }
  145. ?>
  146. </table>
  147.  
  148. </td>
  149. <td width="200" valign="top">
  150. <table title="search" border="1" align="center" width="180">
  151. <tr><th>Search</th></tr>
  152. <tr><td>
  153. <form name="search" method="get" action="<?=$PHP_SELF?>">
  154. <input type="text" name="find" size="10" />
  155. <input type="hidden" name="searching" value="yes" />
  156. <input type="submit" name="search" value="Search" />
  157. </form>
  158. </td></tr>
  159. </table>
  160. <p>&nbsp;</p>
  161. <table title="basket" border="1" align="center" width="180">
  162. <tr><th>Basket</th></tr>
  163. <tr><td>
  164. <?php echo count($_SESSION['basket'])." products"; ?>
  165. <br><a href="basket.php">View Basket</a>
  166. </td></tr>
  167. </table>
  168. <p>&nbsp;</p>
  169. <table title="user_menu" border="1" align="center" width="180">
  170. <tr><th>User</th></tr>
  171. <tr><td>
  172. <?php If($_SESSION['isloged']=='yes'){ ?>
  173. <center>Welcome <?=$_SESSION['username'];?></center>
  174. <?php echo "</td></tr> <tr><td><a href=\"logout.php\">Logout</a></td></tr>";}else{ ?>
  175. <form method="post" action="">
  176. <input type="text" name="username" value="User Name" size="15" />
  177. <input type="password" name="password" value="Password" size="15" />
  178. <input type="submit" name="login" value="Login" />
  179. </form>
  180. <p><a href="register.php">Register</a></p>
  181. echo "<img src=\"image.jpg\">"
  182. <?php } ?>
  183. ; </td></tr>
  184. </table>
  185.  
  186. </td>
  187. </tr>
  188. </table>
  189. </body>
  190. </html>
  191. <?php mysql_close($db_connection); ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!