<?phpif(isset($_POST['Submit']) and $_POST['Submit'] == "Submit"){ include(

1. <?php
2. if(isset($_POST['Submit']) and $_POST['Submit'] == "Submit"){
3.   include('../database.conf');
4.   $link = mysql_connect($database, $user, $password) or die('Could not connect to database!');
5.   $query = sprintf("SELECT * FROM byte_website.users WHERE User='%s' AND Password='%s'", mysql_real_escape_string($_POST['user']), mysql_real_escape_string(SHA1($POST['password'])));
6.   $result = mysql_query($query) or die('There was an error querying the database!');
7.   if($result){
8.     // Create an array containing existing pages...
9.     $query = 'SELECT Page,ID FROM byte_website.pages';
10.     $result = mysql_query($query) or die('There was an error querying the database!');
11.     $pagelist = array();
12.     $i = 0;
13.     $highestID;
14.     while($row = mysql_fetch_assoc($result)){
15.       $pagelist[$i] = $row['Page'];
16.       $i++;
17.       if (!isset($highestID) or $row['ID'] > $highestID){
18.         $highestID = $row['ID'];
19.       }
20.     }
21.     $exists = false;
22.     foreach($pagelist as $page){
23.       if ($_POST['page'] == $page){
24.         $exists = true;
25.         break;
26.       }
27.     }
28.     if($exists){ // Edit an existing page
29.       $query = sprintf("UPDATE byte_website.pages SET Content=\"%s\" WHERE Page='%s'", mysql_real_escape_string(($_POST['content'])), $_POST['page']);
30.       $result = mysql_query($query) or die('There was an error changing the page!');
31.       if ($result){
32.         echo "<p>Page edited!</p>";
33.       }
34.     }
35.     else{ // Create a new page
36.       $highestID += 1;
37.       $query = sprintf("INSERT INTO byte_website.pages VALUES (%s, '%s', \"%s\")", $highestID, $_POST['page'], mysql_real_escape_string(($_POST['content'])));
38.       $result = mysql_query($query) or die('There was an error adding the page!');
39.       if ($result){
40.         echo "<p>Page added!</p>";
41.       }
42.     }
43.   }
44. }
45. ?>
46.  
47.  
48. <form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
49. Page:<input type="text" size="14" name="page" value="" />
50. <br />
51. <textarea name="content" rows="20" cols="50">Page content.</textarea>
52. <br />
53. User:<input type="text" name="user" size="14" value="" maxlength="20" />
54. Password:<input type="password" size="14" name="password" value="" maxlength="20" />
55. <input type="submit" name="Submit" value="Submit" />
56. </form>