|
PHP - Making Admin Page For Client
I am trying to make an admin page for a client using the rich text editor CKeditor. I have the standard page set up to get it's content with a php include of an html file. This html files is also used to preload the content into the CKeditor. What I need to know is how to get the CKeditor to change the html file so it will load into the page.
The admin page is located at www.wisconsincrosscountry.org/admin the html content is located at www.wisconsincrosscountry.org/phpContent/Content-test.html the page that the changes should appear on www.wisconsincrosscountry.org/testing.php I don't have much experience in php, so any help is greatly appreciated. Similar TutorialsSeveral months ago I created an "Add an Article" form to create articles for my website. Just now it dawned on me that this is really insecure, because if someone happened to know that my form was located at... Code: [Select] http://local.dev3/create_article.php ...then they could insert things into my database?! What are some things I can do to make this back-end, admin form secure and out of the hands of hackers? Thanks, Debbie hello, I have created a website which has to incorporate administration features. I hjave been trying to do this for a couple of days and any help will be much appreciated. I have a login screen (form) when the user enters their username and password they are brought to the homepage.php. Is there anyway to redirect the administrator (username=admin) to a different page from all ordinary members? e.g. deletemember.php Thanks Hello: Seeking some input, please. I use single-pages in my admin panel to update and maintain each corresponding page on the front end. Code: [Select] ADMIN = FRONT END a_Home.php = Home.php a_About.php = About.php Etc... The code is the same for each page, except I have to rename the TABLE everytime I make a new page: Code: [Select] <?php include('../include/myConn.php'); //contains your mysql connection and table selection include('../include/myCodeLib.php'); include('include/myCheckLogin.php'); include('include/myAdminNav.php'); include('ckfinder/ckfinder.php'); include('ckeditor/ckeditor.php'); if ($_SERVER['REQUEST_METHOD'] == 'POST') { $myTitle = mysql_real_escape_string($_POST['myTitle']); $myDesc = mysql_real_escape_string($_POST['myDesc']); $myHeader = mysql_real_escape_string($_POST['myHeader']); $mySubHeader = mysql_real_escape_string($_POST['mySubHeader']); $myPageData = mysql_real_escape_string($_POST['myPageData']); $sql = " UPDATE myTestimonials SET myTitle = '$myTitle', myDesc = '$myDesc', myHeader = '$myHeader', mySubHeader = '$mySubHeader', myPageData = '$myPageData' "; mysql_query($sql) && mysql_affected_rows() ?> <script language="JavaScript"> alert("This page was updated!"); location.href = "a_Testimonials.php"; </script> <?php } $query=mysql_query("SELECT * FROM myTestimonials") or die("Could not get data from db: ".mysql_error()); while($result=mysql_fetch_array($query)) { $myTitle=$result['myTitle']; $myDesc=$result['myDesc']; $myHeader=$result['myHeader']; $mySubHeader=$result['mySubHeader']; $myPageData=$result['myPageData']; } ?> <!DOCTYPE HTML> <html> <head> <meta name="author" content="MontyTheWebmaster.com" /> <meta charset="ISO-8859-1" /> <title>Admin Area</title> <?php echo spAdminLinks(); ?> </head> <body> <div id="siteContainer"> <div id="topContainer"> <?php echo spAdminTopMenu(); ?> </div> <div id="topMenuContainer"> <div id="topMenu"> <?php echo spAdminMenu(); ?> </div> </div> <div id="contentContainer"> <div id="mainContent"> <h1>Editing: Testimonials</h1> <p> <form method="post" action="<?php echo $PHP_SELF;?>"> <input type="hidden" name="POSTBACK" value="EDIT"> <div style="float: left; width: 120px; margin-right: 30px;"> Page Title: </div> <div style="float: left; width: 550px;"> <textarea cols="80" rows="1" name="myTitle"><?php echo $myTitle; ?></textarea> </div> <div style="clear: both;"><br /></div> <div style="float: left; width: 120px; margin-right: 30px;"> Page Description: </div> <div style="float: left; width: 550px;"> <textarea cols="80" rows="1" name="myDesc"><?php echo $myDesc; ?></textarea> </div> <div style="clear: both;"><br /></div> <div style="float: left; width: 120px; margin-right: 30px;"> Page Header: </div> <div style="float: left; width: 550px;"> <textarea cols="80" rows="1" name="myHeader"><?php echo $myHeader; ?></textarea> </div> <div style="clear: both;"><br /></div> <div style="float: left; width: 120px; margin-right: 30px;"> Page SubHeader: </div> <div style="float: left; width: 550px;"> <textarea cols="80" rows="1" name="mySubHeader"><?php echo $mySubHeader; ?></textarea> </div> <div style="clear: both;"><br /></div> Page Content:<br /> <textarea cols="80" id="myPageData" name="myPageData"><?php echo $myPageData; ?></textarea> <script type="text/javascript"> CKEDITOR.replace( 'myPageData', { filebrowserBrowseUrl : 'ckfinder/ckfinder.html', filebrowserImageBrowseUrl : 'ckfinder/ckfinder.html?Type=Images', filebrowserFlashBrowseUrl : 'ckfinder/ckfinder.html?Type=Flash', filebrowserUploadUrl : 'ckfinder/core/connector/php/connector.php?command=QuickUpload&type=Files', filebrowserImageUploadUrl : 'ckfinder/core/connector/php/connector.php?command=QuickUpload&type=Images', filebrowserFlashUploadUrl : 'ckfinder/core/connector/php/connector.php?command=QuickUpload&type=Flash' } ); </script> <br /> <input type="submit" value="Submit" /> </form> </p> </div> <div style="clear: both;"></div> </div> <div id="footerContainer"> <?php echo spAdminFooter(); ?> </div> </div> </body> </html> What I am curious about is how can I take this page and make it so I can add a new page, delete a page, etc. all from just one page like above? And on the frontend, what would be the best way to display the data in a search engine friendly way (i.e. without QueryStrings like MyPage.php?id=2 Hi, I'm very new to php/mysql, but for a project I'm working on I need to create users that are admins, and normal users. The admins would be able to post news stories, and delete user accounts. Whereas the users would just be able to comment on the news stories. I'm just wondering how I would create a normal 'register' page for both, which has the same fields, but somehow creates some people as admins, and others as normal users... with the ability to limit who can become an admin, so not everyone can register as one. I'm not sure how I would achieve this, or even know how to do it. Does anyone know any tutorials or code on how to achieve this? Your help is greatly appreciated, Thanks. Hi all, Can anyone give me some suggestion please. I'm a bit stuck here -- I am trying to build an admin and user log in. Admin: can view and edit, delete and create the page. User: can only create their profile. The problem is: I have almost the same index page for admin and user. I wonder if we can make it one page instead depending on what sort of user it has been log in. Also, the create page also almost similar...I don't know how to work it out as when I use the back button it go back to admin page (as I set it admin_area.php) - Do I have to create two create page as well? Or is there any better way to deal these forms? Login page -> (If admin) -> admin_area.php (can view all of them and page contains: create.php, edit.php and delete.php) Login page -> (If user/member) ->user_area.php (page contains: create their profile only) Any inputs would be helpful. Thanks. Hi guy's, I'm having problems adjusting a script to add a level (user rights) function. When i login with a admin or normal user it gives a blank page (not redirecting to home.php). It even does'nt return an echo that user / pass is incorrect. I'm breaking my head over this for day's now. Can you help me out? Code: [Select] <?php session_start(); //Login form (index.php) include "db_connect.php"; if(!$_POST['submit']) { ?> <html> <head> <!--[if IE]> <link rel="stylesheet" type="text/css" href="style.css" /> <![endif]--> <![if !IE]> <link rel="stylesheet" type="text/css" href="firefox.css" /> <![endif]> </head> <body> <div id="wrapper"> <div id="header"> <?php include('header.php'); ?> </div> <div class="divider"> <strong>Login</strong> <form method="post" action="index.php"> <div class="formElm"> <label for="username">Klantnummer:</label> <input id="username" type="text" name="username" maxlength="16"> </div> <div class="formElm"> <label for="password">Wachtwoord:</label> <input type="password" name="password" maxlength="16"> </div> <input type="submit" name="submit" value="Login"> </form> </div> <div id="footer"> <?php include('footer.php'); ?> </div> </div> </html> <?php } else { $user = protect($_POST['username']); $pass = protect($_POST['password']); $level = protect($_POST['level']); if($user && $pass && $level) { $pass = md5($pass); //compare the encrypted password $sql1 ="SELECT id,username FROM `users` WHERE `username`='$user' AND `password`='$pass' AND `level`='1'"; $sql2 ="SELECT id,username FROM `users` WHERE `username`='$user' AND `password`='$pass' AND `level`='9'"; $queryN=mysql_query($sql1) or die(mysql_error()); $queryA=mysql_query($sql2) or die(mysql_error()); if(mysql_num_rows($queryN) == 1) { $resultN = mysql_fetch_assoc($queryN); $_SESSION['id'] = $resultN['id']; $_SESSION['username'] = $resultN['username']; header("location:home.php"); } elseif(mysql_num_rows($queryA) == 1) { $resultA = mysql_fetch_assoc($queryA); $_SESSION['id'] = $resultA['id']; $_SESSION['username'] = $resultA['username']; header("location:home.php"); } else{ echo "Wrong Username or Password"; } } } ?> and the mysql code: Code: [Select] CREATE TABLE `user` ( `id` int(4) unsigned NOT NULL auto_increment, `username` varchar(32) NOT NULL, `password` varchar(32) NOT NULL, `level` int(4) default '1', PRIMARY KEY (`id`) ) ENGINE=InnoDB AUTO_INCREMENT=27 DEFAULT CHARSET=latin1; Hello- I want to create is fairly simple client login. Basically we have an area in our server, a directory really, filled with pw protected directories which house client project sites, basically viewing rooms for graphics and video we post. we have a few sites up and working, but instead of giving our clients a link and a password (which is kinda sloppy) it would be ideal to have them go to a single index page and login from there. I see the client entering a name and password and the script would match it to the directory and they would be taken to their designated client area. Another way would be to select their directory from a drop down and then enter the user and password, though then clients will be able to see other clients names, which would be less than ideal for disclosure reasons. I hope this makes sense. I am not new to html css, but have only a bit of experience with php, so any help would be greatly appreciated. thanks Matt I wish to create validation rules once which are used both on the client and on the server.
For instance, I will start off with the following PHP object:
stdClass Object
(
[rules] => stdClass Object
(
[email] => stdClass Object
(
[required] => 1
[email] => 1
[remote] => stdClass Object
(
[url] => check-email.php
[type] => post
[data] => stdClass Object
(
[username] => function() {return $( '#username' ).val();}
)
)
)
)
[messages] => stdClass Object
(
[email] => stdClass Object
(
[required] => an email is required
)
)
)
When the edit page is downloaded to the client, I will include this object in some format suitable to the client.
The client will then use the jQuery Validation plugin (http://jqueryvalidation.org/) along with the validation object, and client side validate the page.
When the form passes client side validation and is uploaded, PHP will use the same validation object to serverside validate the form (I have this part working as desired).
My question is how should I pass this data to the client? Originally, I would just use PHP to write some JavaScript.
exit('var myObj='.json_encode($myObj));
Note that when I json_encode the object, the value of $myObj->rules->email->remote->data->username is a string with quotes around it, however, I can easily use PHP to strip these tags before sending it to the client.
As Jacques1 pointed out in http://forums.phpfre...ascript-client/, I should never ever use PHP to generate JavaScript, and should use AJAX to download the JSON directly. I tried doing the later, but found that a callback function could not be included in the JSON.
Please advise on the best way to accomplish this.
Thank you
hi i need help an idea how can i separate members from admins since i dont know how to create login form i used tutorial ( http://www.youtube.com/watch?v=4oSCuEtxRK8 ) (its session login form only that i made it work other tutorials wre too old or something) how what i want to do is separate members and admins because admin need more rights to do now i have idea but dont know will it work like that what i want to do is create additional row in table named it flag and create 0 (inactive user) 1 (member) 2 (admin) will that work? and how can i create different navigation bars for users and admins? do you recommend that i use different folders to create it or just script based on session and flag? hello. I need your help please. I'm building logistics website with user panel and admin panel. I've done all login and register forms. now I want to : admin can add package with: tracking number , weight , cost , and declaration form. user can fill declaration form after admin add package to user panel. then admin can see the declared form. is it possible in php? thank you in advance Hi everybody, I want to build a script that lets someone register with a simple form that logs all activity into a MySQL db. The thing is, I want to log all attempts to signup into the system even if they do not satisfy password strength, or the required fields criteria. In the following code, the string "email" isn't being used. The field named 'name' is what I'm using to collect the email, and the field named 'msg' is what I'm using to collect the password. I've gotten to the point where if they don't provide anything for either email or password, then it directs them to the same page and it asks them to re enter their information. but I can't seem to capture the attempt (so if they enter an email but not a pass, i still want to know what email they entered). I'm getting this error Parse error: syntax error, unexpected T_ELSE in /hermes/bosweb25c/b1454/ipg.domainname/nameofsite/contact_insert2.php on line 41 Line 41 corresponds to the line with the first "else{" I'm really not sure what to do, it seems straight forward when I think it through in my head. If pass or email field is empty, enter it into the db, and then send them back to the beginning, if pass or email field not empty, continue in script. Code: [Select] <?php define('DB_NAME', 'dbname'); define('DB_USER', 'phpchick'); define('DB_PASS', 'password'); define('DB_HOST', 'localhost'); // contact to database $connect = mysql_connect(DB_HOST, DB_USER, DB_PASS) or die('Error , check your server connection.'); mysql_select_db(DB_NAME); //Get data in local variable $v_name=$_POST['name']; $v_email=$_POST['email']; $v_msg=$_POST['msg']; // check for null values if ($v_name=="" or $v_msg=="") $query="insert into contact(name,email,msg) values('$v_name','$v_email','$v_msg')"; mysql_query($query) or die(mysql_error()); echo " <head> <link rel=\"stylesheet\" type=\"text/css\" href=\"http://site.com/signup.css\"></head> <h2>Free Registration</h2> <form action=\"contact_insert2.php\" method=\"POST\" id=\"insert\"> <table> <tr> <td >Email</td> <td ><input type=\"text\" size=40 name=\"name\"></td> </tr> <tr> <td >Password</td> <td ><input type=\"password\" size=40 name=\"msg\" ></td> </tr> You must enter an email and password. <tr> <td colspan=2 id=\"sub\"><input type=\"submit\" name=\"submit\" value=\"submit\" ></td> </tr> </Table> </form>"; else{ if (strcspn($_REQUEST['msg'], '0123456789') == strlen($_REQUEST['msg'])) echo "true"; else{ $query="insert into contact(name,email,msg) values('$v_name','$v_email','$v_msg')"; mysql_query($query) or die(mysql_error()); echo "Your message has been received"; } } ?> MySQL Version: 5.5.20 (<-- This is my WAMPServer version to test my program, my hosting has 5.1 though) PHP Version: 5.3.10 (My Hosting says its PHP 5 but not sure what version, i know its not the newest) What im trying to do is have my site have a page like "www.mysite.com/data.php?user=Nicholas&country=USA" Thing is, i dont know what to add in my data.php source code to make it work like that. What im trying to achieve is for my users to sign up for my page but I DO NOT want to add my MySQL user and pass in the page where it can be cracked and hacked. When the user goes to the page, a script will automatically put the user and country and then the page will automatically add the user and his country to the MySQL table on my database. Im also making a program that will work like this and that will have a higher chances of being hacked if i add my MySQL info into the program in order to add data. Can someone please provide me of a sample source i can try? I will not only be adding user and country but i want to test this out. Thanks! People upload photos to my site. They go into a gallery. They are all linked. Right now when you click one they go nowhere. I want to be each photo to open in its own page with my comment system already on it. Should I be using templates? If so how? Heres code to the gallery page if needed. And I'm using dreamweavers server behaviors. If that will cause a problem let me know. Still new to PHP but getting better...maybe. Sorry to keep asking noob questions. Code: [Select] <?php require_once('myconn.php'); if (!function_exists("GetSQLValueString")) { function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "") { if (PHP_VERSION < 6) { $theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue; } $theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue); switch ($theType) { case "text": $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL"; break; case "long": case "int": $theValue = ($theValue != "") ? intval($theValue) : "NULL"; break; case "double": $theValue = ($theValue != "") ? doubleval($theValue) : "NULL"; break; case "date": $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL"; break; case "defined": $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue; break; } return $theValue; } } $maxRows_Recordset1 = 40; $pageNum_Recordset1 = 0; if (isset($_GET['pageNum_Recordset1'])) { $pageNum_Recordset1 = $_GET['pageNum_Recordset1']; } $startRow_Recordset1 = $pageNum_Recordset1 * $maxRows_Recordset1; mysql_select_db($database_myconn, $myconn); $query_Recordset1 = "SELECT name, photopath, `state` FROM photo"; $query_limit_Recordset1 = sprintf("%s LIMIT %d, %d", $query_Recordset1, $startRow_Recordset1, $maxRows_Recordset1); $Recordset1 = mysql_query($query_limit_Recordset1, $myconn) or die(mysql_error()); $row_Recordset1 = mysql_fetch_assoc($Recordset1); if (isset($_GET['totalRows_Recordset1'])) { $totalRows_Recordset1 = $_GET['totalRows_Recordset1']; } else { $all_Recordset1 = mysql_query($query_Recordset1); $totalRows_Recordset1 = mysql_num_rows($all_Recordset1); } $totalPages_Recordset1 = ceil($totalRows_Recordset1/$maxRows_Recordset1)-1; ?> <div id="photos"> <table border=""> <?php $i=0; $numperpage=8; ?> <?php do { ?> <?php if ($i%$numperpage==0) echo "<tr>"; ?> <td align="center"> <a href=<?php echo $row_Recordset1['photopath']; ?>/> <img src=<?php echo $row_Recordset1['photopath']; ?> height="200" width="200"/> <br/> <?php echo $row_Recordset1['name']; ?><br/> <?php echo $row_Recordset1['state']; ?></td> <?php $i++; if ($i%$numperpage==0) echo "</tr>"; ?> <?php } while ($row_Recordset1 = mysql_fetch_assoc($Recordset1)); ?> </table> </div> </body> </html> <?php mysql_free_result($Recordset1); ?> Hello, Hi, i dont know how to explain this so ill start with what i want to do. Id like to create a simple text based game in php for learning purposes but im stuck on 1 thing, making a page refresh based on a server timer. Basically every 2 minutes is a server tick and at such time your character gets +gold based on resources etc. im just not sure what such a thing would be called so i havnt been able to google it, obviously the ticks need to be server controlled so a user cant just refresh a page to get a new tick. i would also need the page to display how long left till next tick. the only way i can see it possible is to have a server side application controlling timers, and the php page requests time remaining or something. Any help would be muchly appreciated, thanks. I need help making the uploaded image file name, that's chosen to be uploaded, be displayed on the html page with the path /upload/ added to the beginning of the displayed file name like so: ../upload/test.png Any help/improvements will be appreciated.
<html>
<head>
<title>PHP Test</title>
</head>
<body>
<?php
if ($form_submitted == 'yes') {
$allowedExts = array("gif", "jpeg", "jpg", "png");
$temp = explode(".", $_FILES["file"]["name"]);
$extension = strtolower( end($temp) );
if ( $_FILES["file"]["size"] < 200000
&& in_array($extension, $allowedExts) )
{
if ($_FILES["file"]["error"]!= 0)
{
echo "Return Code: " . $_FILES["file"]["error"] . "<br>";
} else {
$length = 20;
move_uploaded_file($_FILES["file"]["tmp_name"], "upload/" . $newfilename );
$file_location = '<a href="http://../upload/' . $newfilename . '">' . $newfilename . '</a>';
}
} else {
echo "Invalid upload file";
}
?>
<label for="file">Filename:</label>
<input type="file" name="file" id="file">
</body>
</html>
This topic has been moved to Third Party PHP Scripts. http://www.phpfreaks.com/forums/index.php?topic=358619.0 Hi, I am making a dating site where I have made the user profile edit page visible to the user when they log in, and I think I can get away with not showing the user their "public" profile view. But I definitely need to show other users on the site the "public" non editing profile page view. But I don't know how to do this. I have yet to create the search, search results, thumbnails with optional descriptions of the possible dating results. But I first want to just get 2 versions of the user profile page view. One that the user sees that I have already done. (The editable one). And the other I need to make which is the page the other users will see, (The public profile) Please if anyone has any idea how to do this I would greatly appreciate it, especially if you have any pseudocode ideas. thank you. In one of my pages I have a section which contains a hidden line of text. When the user clicks a button the box containing the text will expand showing the line more clearly. I want this to happen live i.e. no page refresh/reload. I've seen such things done on other sites but my question is, is this done using a php function or is JavaScript required to achieve this? I assume that in order for any php functions to take place there must be a page refresh to reload the data/parameters/variables that are required? The site I'm referring to is this one:- http://www.vouchercodes.co.uk/featured-voucher-codes.html If you click on the "Get code and open site" buttons there for any of the vouchers the area expands live and the voucher is revealed however as I say there is no page refresh and it is done live. Is this effect done in JavaScript and not php or is there some way of using php alone to do something similar? Obviously including JScript in a site is more risky as if a user does not have it installed/activated then they may not be able to use such elements hence the reason I want to know how it is done. Any help would be greatly appreciated! <?php $host="localhost"; // Host name $username="user"; // Mysql username $password=""; // Mysql password $db_name=""; // Database name $tbl_name=""; // Table name mysql_connect("$host", "$username", "$password")or die("cannot connect"); mysql_select_db("$db_name")or die("cannot select DB"); $barcodeID=$_POST['barcode']; echo $barcodeID; $barcodeID = stripslashes($barcodeID); $barcodeID = mysql_real_escape_string($barcodeID); $sql="SELECT * FROM $tbl_name WHERE BarcodeID='$barcodeID'"; $result=mysql_query($sql); // Mysql_num_row is counting table row $count=mysql_num_rows($result); $count=mysql_num_rows($result); if($count==1){ $_SESSION['barcode'] = $barcodeSession; $_SESSION['userlevel'] = $row['Priority']; if($row['userlevel'] == "Admin") { header("location:AdminSection.php"); }else{ header("location:index.php"); } header("location:LoggedIn.php"); } else { header("location:index.php"); } ?> when the script has been run, I want it to redirect to either the user page or admin page depending on their priority level. if Priority field == "Admin" then go to admin page. Can you see anything missing? Thank You |
|||||||