|
PHP - Admin Facility For A Gossip Site
I am writing a site that will allow users to upload stories with images etc. I would like to retain this info after they have uploaded the story and then display it on the site with images and the original format such as paragraphs, bold, etc.
What is the best way to store this data. Is MySQl fine for this and how will we retain the original formatting. Thanks Lional Similar TutorialsHi I have a custom built website with 40 pages or so that I am working on. Its all PHP based. However it is not on a CMS, it was a static HTML site converted into php with a bunch of include files etc now. I am keen to add a search facility, however I have no idea how to go about this. I know there are 3rd party paid offerings from Google, but I was wondering if anyone can advise me if its easy to setup without having to pay a 3rd party? Any advice is greatly appreciated. please i need tutorial to learn me how to create admin panel like jommla or other >>> please dont late to answer this is my first topic Hey guys, I'm kind of a n00b with PHP and i'm trying to practice by building a mock e-comm site, but i'm having a problem with my admin login form. When the information is submitted the form just clears and doesn't redirect me to the index.php file i have set-up. My knowledge of php isn't where i'd like it to be yet, so i'm here for help! I'll post the code for bpoth the admin login page and the index.php file. ADMIN LOGIN PAGE | | V <?php session_start(); if (isset($_SESSION["username"])) { header("location: index.php"); exit(); } ?> <?php if (isset($_POST["username"]) && isset($_POST["password"])){ $username = $_POST["username"]; // filter everything but numbers and letters $password = $_POST["password"]; // filter everything but numbers and letters include "../storescripts/connect_to_mysql.php"; $sql = mysql_query("SELECT id FROM admin WHERE username='$username' AND password='$password' LIMIT 1"); $existCount = mysql_num_rows($sql); // count the row nums if ($existCount == 1) { // evaluate the count while($row = mysql_fetch_array($sql)){ $id = $row["id"]; } $_SESSION["id"] = $id; $_SESSION["username"] = $username; $_SESSION["password"] = $password; header("location: index.php"); exit(); } else { echo 'That information is incorrect, try again <a href="index.php">Click Here</a>'; exit(); } } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>Store Admin Area</title> <link rel="stylesheet" type="text/css" href="../css/main_style.css" /> </head> <body> <div id="wrapper"> <div id="text"><br /> <div align="left" style="margin-left:100px; margin-top:100px;"> <h2>Please Login To Manage The Store</h2> <br /><br /> <form id="form1" name="form1" method="post" action="admin_login.php"> <strong>Username</strong> <input name="username" type="text" id="username" size="40" /> <br /><br /> <strong>Password</strong> <input name="password" type="password" id="password" size="40" /> <br /> <br /> <input type="submit" name="button" id="button" value="Login" /> </form> </div> </div><!--closes wrapper--> </body> </html> INDEX.PHP FILE | | V <?php session_start(); if (!isset($_SESSION["username"])) { header("location: admin_login.php"); exit(); } $usernameID = preg_replace('#[^0-9]#i', '', $_SESSION["id"]); $username = preg_replace('#[^A-Za-z0-9]#i', '', $_SESSION["username"]); $password = preg_replace('#[^A-Za-z0-9]#i', '', $_SESSION["password"]); include "../storescripts/connect_to_mysql.php"; $sql = mysql_query("SELECT * FROM admin WHERE id='$usernameID' AND username='$username' AND password='$password' LIMIT 1"); // query the person $existCount = mysql_num_rows($sql); // count the row nums if ($existCount == 0) { // evaluate the count echo "Your login session data is not on record in the database."; exit(); } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>Store Admin Area</title> <link rel="stylesheet" type="text/css" href="../css/main_style.css" /> </head> <body> <div id="wrapper"> <div id="text"><br /> <div align="left" style="margin-left:100px; margin-top:100px;"> <h2>Hello store manager, what would you like to do today?</h2> <p><a href="inventory_list.php">Manage Inventory</a><br /> <a href="#">Manage Blah Blah </a></p> </div> <br /> <br /> <br /> </div><!--closes wrapper--> </body> </html> Any help and suggestions are greatly appreciated! Thanks! Hi Guys, I have a simple PHP search facility (Below this post) for my customer system which uses a input form so users enter a customers name/telephone/address and it echos the result. Its great but I observed as my customer table got bigger the search got less accurate, what i mean is when you search for mr test is give ur mr test along with mr andy and ms danielle. Its ok but those any know how to make my search code better or can y'all help me with a better php search script. Thanks. <?php $query=$_GET['query']; $query= str_replace("'","",$query); // Change the fields below as per the requirements $db_host="localhost"; $db_username="root"; $db_password=""; $db_name=""; $db_tb_name="customer"; $db_tb_atr_name="c_name"; $query= str_replace("'","",$query); //Now we are going to write a script that will do search task // leave the below fields as it is except while loop, which will display results on screen mysql_connect("$db_host","$db_username","$db_password"); mysql_select_db("$db_name"); $query_for_result=mysql_query("SELECT * FROM customer WHERE c_name like '%".$query."%' OR c_telephone like '%".$query."%' OR c_address like '%".$query."%'"); while($row=mysql_fetch_assoc($query_for_result)) { $c_id = $row['c_id']; $c_name = $row["c_name"]; $c_address = $row["c_address"]; $c_postcode = $row["c_postcode"]; $c_city = $row["c_city"]; $c_telephone = $row["c_telephone"]; $c_email = $row["c_email"]; $salesman = $row["salesman"]; echo '<table width="100%" border="0"> <tr> <td><a href="customers.php?id=' . $c_id . '"> ' . $c_name . '</a> - ' . $c_address . ' - ' . $c_city . ' - ' . $c_telephone . '• <a href="customer_edit_index.php?pid=' . $c_id . '">edit</a><br /><br/></td> </tr> </table>'; } mysql_close(); ?> Hi all, I am having trouble in getting my search facility to work on a web server. Currently when I run the website on my local server using WAMP it works fine and retrieves all the results contained in the database but it does not retrieve any results when uploaded to a web server. I'm currently using Heart Internet if this helps. Below is the code I have used for the search facility: Code: [Select] <?php // this script searches for matches on the posted search string in courses, modules tables. $searchstr = $_POST['search']; $trimmedstr = trim($searchstr); //trim whitespace from the stored variable echo "<h2 id='homecol'>Searching for... "".$trimmedstr.""</h2><hr class='homecols' />"; //Build SQL search queries //search courses table $queryProd = "SELECT * FROM courses WHERE courseTitle LIKE \"%$trimmedstr%\" OR courseDescription LIKE \"%$trimmedstr%\" OR courseCode LIKE \"%$trimmedstr%\"ORDER BY courseTitle"; $numresultsProd=mysql_query($queryProd); $numrowsProd=mysql_num_rows($numresultsProd); // echo "results found for courses: ".$numrowsProd."<br>"; // test code //search modules table $queryCat = "SELECT * FROM modules WHERE moduleTitle LIKE \"%$trimmedstr%\" OR moduleSummary LIKE \"%$trimmedstr%\" OR moduleCode LIKE \"%$trimmedstr%\"ORDER BY moduleTitle"; $numresultsCat=mysql_query($queryCat); $numrowsCat=mysql_num_rows($numresultsCat); // echo "results found for modules: ".$numrowsCat."<br>"; //test code // If no results found, offer google search as alternative or back to home page if ($numrowsProd + $numrowsCat == 0) { echo "<h3>Results:</h3><br>"; echo "<p>Sorry, we could not find any results for: "".$trimmedstr.""</p>"; echo "<p><a href=\"http://www.google.com/search?q=".$trimmedstr."\" target=\"_blank\" title=\"Look up".$trimmedstr." on Google\"> Click here to search on google instead</a> or Return to our <a href='../home.php'>Home Page</a></p>"; } else //list search results { if($numrowsProd >0) // list results fromcourses { $resultProd = mysql_query($queryProd) or die("Couldn't execute query"); // begin ordered list echo "<h3><strong>Results from Courses:</strong></h3><p><ol>"; $countProd = 1; // display the results returned while ($rowProd= mysql_fetch_array($resultProd)) { $courseCode = $rowProd["courseCode"]; $title = $rowProd["courseTitle"]; $prodID = $rowProd["courseID"]; $descProd = $rowProd["courseDescription"]; echo "<p><li><a href='../department/courseselect.php?pid=$prodID'>$title</a> - $descProd</li></p>"; $countProd++ ; } echo "</ol></p>"; } if($numrowsCat >0) // and/or list results from modules { $resultCat = mysql_query($queryCat) or die("Couldn't execute query"); // begin ordered list echo " <h3>Results from Modules:</h3><p><ol>"; $countCat = 1; // display the results returned while ($rowCat= mysql_fetch_array($resultCat)) { $moduleCode = $rowCat["moduleCode"]; $catName = $rowCat["moduleTitle"]; $catID = $rowCat["moduleID"]; $descCat = $rowCat["moduleSummary"]; echo "<p><li><a href='../department/module_detail.php?pid=$catID'>$catName</a> - $descCat</li></p>"; $countCat++ ; } echo "</ol></p>"; } echo "<p>Please click on either the course or module to view further information</p>"; } ?> If anyone has any ideas please let me know. Thanks hello. I need your help please. I'm building logistics website with user panel and admin panel. I've done all login and register forms. now I want to : admin can add package with: tracking number , weight , cost , and declaration form. user can fill declaration form after admin add package to user panel. then admin can see the declared form. is it possible in php? thank you in advance Hey, So i have an admin.php page that lists all of the users in the database and im wondering how i can add functions so the administrator can delete / ban the user from the webpage i'm not sure on how you would select the user?
Any help would be greatly appreciated! <?php $host="localhost"; // Host name $username="user"; // Mysql username $password=""; // Mysql password $db_name=""; // Database name $tbl_name=""; // Table name mysql_connect("$host", "$username", "$password")or die("cannot connect"); mysql_select_db("$db_name")or die("cannot select DB"); $barcodeID=$_POST['barcode']; echo $barcodeID; $barcodeID = stripslashes($barcodeID); $barcodeID = mysql_real_escape_string($barcodeID); $sql="SELECT * FROM $tbl_name WHERE BarcodeID='$barcodeID'"; $result=mysql_query($sql); // Mysql_num_row is counting table row $count=mysql_num_rows($result); $count=mysql_num_rows($result); if($count==1){ $_SESSION['barcode'] = $barcodeSession; $_SESSION['userlevel'] = $row['Priority']; if($row['userlevel'] == "Admin") { header("location:AdminSection.php"); }else{ header("location:index.php"); } header("location:LoggedIn.php"); } else { header("location:index.php"); } ?> when the script has been run, I want it to redirect to either the user page or admin page depending on their priority level. if Priority field == "Admin" then go to admin page. Can you see anything missing? Thank You Hey guys, I've set up a database with a login and logout script for my site.. There is a TINYINT value called admin and it either equals 1 or 0 depending on whether the user is an admin or not.. The registration script works perfectly to create the table value and the login script works fine for the site.. The question I had was if I wanted to add a link to the bottom of every page that said: Go to Administration Panel and make it only viewable by ADMINS I figured this little script would work.. Here would be the end of the page: Code: [Select] <br /> <center>Copyright © 2010 <a href="http://www.website.com">www.WEBSITE.com</a></center> <?php include('includes/start_admincheck.php'); ?> <center><a href="<?php echo $homedir .'admin.php'; ?>">Go to Administration Panel</a></center> <?php include('includes/end_admincheck.php'); ?> </body> </html> Inside start_admincheck.php I have: (NOTE: $cUsername refers to a setcookie and $cAdmin does as well.. They are defined on my Variable page included at the top.) Code: [Select] <?php include('variables/variables.php'); ?> <?php mysql_connect("$mysql_hostname", "$mysql_username", "$mysql_password") or die(mysql_error()); mysql_select_db("$mysql_database") or die(mysql_error()); if(isset($cUsername)) { $check = mysql_query("SELECT * FROM users WHERE username = '$cUsername'")or die(mysql_error()); while($info = mysql_fetch_array( $check )) { if (($cAdmin == 1) && ($info['admin'] == 1)) { ?> And this is the end_admincheck.php Code: [Select] <?php include('variables/variables.php'); ?> <?php } else die(); } } else die(); ?> ?> I get this Parse error thrown at the bottom of the page: Code: [Select] Parse error: syntax error, unexpected $end in /*******/includes/start_admincheck.php on line 15 Naturally I would checkout line 15 in start_admincheck.php, but normally when I get an $end error it is the last line of the code and leaves me lost.. Something I'm missing guys? As always, thanks in advance Hallo I have a problem.
This is my code:
<?php include 'connect.php';
?>
<html>
<head>
<title>Admin Insert page!</title>
</head>
<body>
<?php
error_reporting(-1);ini_set('display_errors',1);
if (isset($_POST['submit'])){
$name = $_POST['name'];
$password = $_POST['password'];
$result = mysql_query("SELECT * FROM users WHERE user='$name' AND password='$password'");
$num = mysql_num_rows($result);
if($num == 0){
echo "Bad login, go <a href='login.php'>back</a>";
}else{
session_start();
$_SESSION['name'] = $name;
header("Location: admin.php");
}
}else{
?>
<form action='login.php' methody='post'>
Username: <input type='text' name='name'/><br />
Password: <input type='password' name='password'/><br />
<input type='submit' name='submit' value='Login' />
</body>
</html>
I try to use console to find the problem but I didn't....
I know that there is some problem with $num
Can somebody help me?
Thank you.
Edited by Artur, 19 October 2014 - 12:11 PM. Hey, in a nutshell the only thing in admin.php is the ability to moderate unapproved images, however, once approved, the "Approve Delete" links are still on screen. How it works is a user uploads an image, the filename is added to mysql and the image is added to uploads/ once I Approve an image, the image is then moved to img/ to display on the index.php (to prevent porn and anything that doesn't belong to the general public). I know what's happening, because I've got while loops to display the image while looping through the mysql database, so once the image is moved, the links are still on screen, displaying an "Approve Delete" for every image in the database. Also another thing that happens is the images on index.php are blank until approved. How can I work around this? Here is the index.php when an image hasn't been approved: http://www.xodiac.net/1.png And here is the admin.php displaying Approve and Delete once an image has been approved: http://www.xodiac.net/2.png Hi, I am new here 🙂 I have been learning PHP and am currently working on my own OOP MVC CMS. I am up to the stage where I would like to start working on the admin area, but I am not sure how best to organise things. Should I create admin specific Controllers and Models? In Views, should I create a sub directory Admin, and place all admin view templates within it? Are there any good books on OOP/MVC you would recommend?
I get this error: Code: [Select] Warning: mysql_fetch_array() expects parameter 1 to be resource, boolean given in C:\xampp\htdocs\user\user.php on line 5 code: user.php: Code: [Select] <?php $get = (isset($_GET['id'])); //this means that user.php?id=1 would mean $get = 1. Note: This is not SQL Inject protected. $users = mysql_query("SELECT * FROM users WHERE id='".$get."'"); while ($row = mysql_fetch_array($users)) { echo ' Id = '.$row['id'].' Name = '.$row['name'].' Username = '.$row['username'].' Password = '.$row['password'].' Reg. on = '.$row['date'].' '; } ?> <html> <body> <form action='user.php' method='GET'> Username: <input type='text' value=''> <input type='submit' value='submit'> </form> <?php //what goes here? ?> </body> </html> Hello I am trying to add an IF statement to my login script so that if the username entered is 'admin' it directs to 'adminpage.php Here is my script: <?php include ("connection.php"); session_start(); // Collect data from form and save in variables //See if any info was submitted $Username = $_GET['Username']; //Clean data - trim space $Username = trim ( $Username); //Check its ok - if not then add an error message to the error string if (empty($Username)) $errorString = $errorString."<br>Please supply Username."; //See if any info was submitted $Password = $_GET['Password']; //Clean data - trim space $Password = trim ( $Password); //Check its ok - if not then add an error message to the error string if (empty($Password)) $errorString = $errorString."<br>Please supply Password."; // Query to search the user table $query= "SELECT * FROM Users WHERE Username='$Username' AND Password='$Password'"; // Run query through connection $result = mysql_query ($query); $row = mysql_fetch_assoc($result); // if rows found set authenticated user to the user name entered if (mysql_num_rows($result) > 0) { $_SESSION["authenticatedUser"] = $Username; $_SESSION['UserID'] = $row['UserID']; // Relocate to the logged-in page header("Location: loggedon.php"); } else // login failed redirect back to login page with error message { $_SESSION["message"] = "Could not connect as $Username " ; header("Location: login.php"); } ?> Thank you So i got my login down and the cookies, kinda set up my problem is how do i make the admin panle save the true/false in the string in settings.php id like do do it with a drop down menu to enable/disable it. any help? Code download Hello, Do you know where I can download a nice looking PHP admin dashboard for free? Thanks in advance for the help hello, I have created a website which has to incorporate administration features. I hjave been trying to do this for a couple of days and any help will be much appreciated. I have a login screen (form) when the user enters their username and password they are brought to the homepage.php. Is there anyway to redirect the administrator (username=admin) to a different page from all ordinary members? e.g. deletemember.php Thanks I am trying to check for an admin user to access the admin panel. I have been playing around try different things and this what I have ended up with in my database table I have a column called usergroup and i do the follow to check for admin user. Code: [Select] $checkAdmin = mysql_query("SELECT * FROM `users` WHERE email='$email' , usergroup = 'admin'"); $adminUser = mysql_num_rows($checkAdmin); if ($adminUser == 0) { echo count($adminUser); die ('You do not have permissions to access this area'); } I do the select statement through phpmyadmin and it comes back with one row. which is basically hat i want to check for. I do have a variable called $email which is getting a value from the email cookie. currently $adminUser Return a value of 10. All of the count() functions is for testing purposes only. I am developing a system that with have 4 different levels of permissions. My question is this. From a structure standpoint, some systems will have the administrators area in one file and the users admin area in another file. Others will have a level of permission with all the different levels of administrative tasks, menus, etc, coming from the database. Is one of these better than the other or does it matter. From a coding standpoint it would be much easier to just have permissions and allow access to user menus and admin pages accordingly. Thanks in advance. This topic has been moved to HTML Help. http://www.phpfreaks.com/forums/index.php?topic=356360.0 |
|||||||