|
PHP - Admin Functions
Hey, So i have an admin.php page that lists all of the users in the database and im wondering how i can add functions so the administrator can delete / ban the user from the webpage i'm not sure on how you would select the user?
Similar Tutorialshello. I need your help please. I'm building logistics website with user panel and admin panel. I've done all login and register forms. now I want to : admin can add package with: tracking number , weight , cost , and declaration form. user can fill declaration form after admin add package to user panel. then admin can see the declared form. is it possible in php? thank you in advance I have a script I am putting together that simulate a cricket game. The only issue is, that there are a huge number of functions because there doesn't seem to be any other way to do this properly. As well as this, there a while() loop and all this seems to be leading to the page reaching a max 30 second timeout when generating the result. My code is attached below, it is quite messy at the moment because i've just be working on it, but I was wondering if anyone has any solutions of how I can speed this up or change to prevent a timeout: <?php // Error reporting error_reporting(E_ALL); // Connect DB mysql_connect("wickettowicket.adminfuel.com", "rockinaway", "preetha6488") or die(mysql_error()); // Select DB mysql_select_db("wickettowicket") or die(mysql_error()); // MySQL queries to find batsmen and bowlers $array_batsmen = mysql_query('SELECT id, name, ability, strength FROM wtw_players WHERE team_id = 1 ORDER BY id ASC'); $array_bowlers = mysql_query('SELECT id, name, ability, strength FROM wtw_players WHERE team_id = 2'); // Start table for data $data = '<table width="600px">'; // Create blank scorecard while ($array_bat = mysql_fetch_array($array_batsmen)) { $data .= '<tr><td>'.$array_bat['name'].'</td><td></td><td></td><td>0</td></tr>'; } // Set up arrays for players $current_batsman = $current_bowler = array(); // Reset query mysql_data_seek($array_batsmen,0); $in_one = $in_two = $it = ''; function currentBatsman($id, $name, $ability, $strength, $out, $in, $runs) { global $current_batsman; $current_batsman = array ( 'id' => $id, 'name' => $name, 'ability' => $ability, 'strength' => $strength, 'out' => $out, 'in' => $in, 'runs' => $runs ); echo 'set current'; } // Set up arrays of batsmen while ($array = mysql_fetch_array($array_batsmen)) { if ($it < 3 && $in_one == '') { currentBatsman($array['id'], $array['name'], $array['ability'], $array['strength'], 0, 1, 0); $batsmen[$array['id']] = array ( 'id' => $array['id'], 'name' => $array['name'], 'ability' => $array['ability'], 'strength' => $array['strength'], 'out' => 0, 'in' => 1, 'runs' => 0 ); $in_one = $array['id']; $current = $array['id']; $it++; } else if ($it < 3 && $in_two == '') { $batsmen[$array['id']] = array ( 'id' => $array['id'], 'name' => $array['name'], 'ability' => $array['ability'], 'strength' => $array['strength'], 'out' => 0, 'in' => 1, 'runs' => 0 ); $in_two = $array['id']; $it++; } else { $batsmen[$array['id']] = array ( 'id' => $array['id'], 'name' => $array['name'], 'ability' => $array['ability'], 'strength' => $array['strength'], 'out' => 0, 'in' => 0, 'runs' => 0 ); } } // Bowler Array while ($array = mysql_fetch_array($array_bowlers)) { $bowlers[] = array ( 'name' => $array['name'], 'ability' => $array['ability'], 'strength' => $array['strength'] ); } // Reset both queries mysql_data_seek($array_bowlers,0); mysql_data_seek($array_batsmen,0); function changeBatsman($just_out) { global $array_batsmen, $batsmen; //Update array $batsmen[$just_out] = array ( 'in' => 1, 'out' => 1 ); while ($array = mysql_fetch_array($array_batsmen)) { if ($just_out != $array['id'] && $batsmen[$array['id']]['out'] != 0) currentBatsman($array['id'], $array['name'], $array['ability'], $array['strength'], 0, 1, 0); } // Reset query mysql_data_seek($array_batsmen,0); echo 'change batsman'; } function swapBatsman($other_batsman) { global $array_batsmen, $batsman; while ($array = mysql_fetch_array($array_batsmen)) { if ($other_batsman != $array['id'] && $batsman[$array['id']]['out'] != 0 && $batsman[$array['id']]['in'] == 1) currentBatsman($array['id'], $array['name'], $array['ability'], $array['strength'], 0, 1, 0); } // Reset query mysql_data_seek($array_batsmen,0); echo 'swap batsman'; } $runs = $outs = $balls = $overs = 0; $played = array(); function selectBowler() { global $bowlers, $current_bowler; // Select random bowler $choose_bowler = array_rand($bowlers, 1); $current_bowler = array ( 'name' => $bowlers[$choose_bowler]['name'], 'ability' => $bowlers[$choose_bowler]['ability'], 'strength' => $bowlers[$choose_bowler]['strength'] ); } /* function selectBatsman(); { global $array_batsmen; while ($array_batsmen[]['out'] != 1) { }*/ function bowl() { global $batsmen, $bowlers, $current_bowler, $current_batsman, $data, $balls, $outs, $runs; if ($current_batsman['out'] == 0) { echo 'bowling'; // Set the initial number $number = rand(0, 190); // Ability of batsman if ($current_batsman['ability'] > 90) $number += 30; else if ($current_batsman['ability'] > 70) $number += 15; else if ($current_batsman['ability'] > 50) $number += 2; else $number = $number; // Strength of batsman if ($current_batsman['strength'] > 90) $number += 15; else if ($current_batsman['strength'] > 70) $number += 10; else if ($current_batsman['strength'] > 50) $number += 5; else $number = $number; // Depending on overs if ($balls > 270) $number += 30; else if ($balls > 120) $number -= 10; // Ability if ($current_bowler['ability'] > 90) $number -= 30; else if ($current_bowler['ability'] > 70) $number -= 15; else if ($current_bowler['ability'] > 50) $number -= 2; else $number = $number; // If batsman has made a huge total of runs, we need to knock some numbers off - more likely to get out if ($current_batsman['runs'] > 200) $number -= 70; else if ($current_batsman['runs'] > 100) $number -= 30; // Finally sort out runs if ($number > 190) $run = 6; else if ($number > 170) $run = 4; else if ($number > 160) $run = 3; else if ($number > 100) $run = 2; else if ($number > 50) $run = 1; else if ($number > 10) $run = 0; else if ($balls > 120 && $number > 0) $run = 0; else $run = -1; // Increase number of balls $balls += 1; // Are they out? if ($run == -1) { $current_batsman['out'] = 1; $played[] = $current_batsman['id']; $find = '<tr><td>'.$current_batsman['name'].'</td><td></td><td></td><td>0</td></tr>'; $replace = '<tr><td>'.$current_batsman['name'].'</td><td></td><td>'.$current_bowler['name'].'</td><td>'.$current_batsman['runs'].'</td></tr>'; $data = str_replace($find, $replace, $data); changeBatsman($current_batsman['id']); echo 'out'; } else { $current_batsman['runs'] += $run; $runs += $run; if ($run == 1 || $run == 3) { swapBatsman($current_batsman['id']); echo 'time to swap'; } echo $run; } // Count outs if ($current_batsman['out'] == 1) $outs += 1; } } function game() { global $main, $batsmen, $bowlers, $data, $batted, $balls, $outs, $current_batsman; // Check if possible while ($balls <= 295 && $outs < 10) { selectBowler(); // Actually bowl now bowl(); } } game(); echo $data; I teaching myself php, but I am coming from java and other compiled languages, so the process has been a little bumpy. I am trying to do something like this: Code: [Select] class my_class { function one () { $two = two (); $three = three (); $five = $two + $three; return $five; } function two () { $two = 2; return $two; } function three () { $three = 3; return $three; } } Unfortunately, I keep getting an error message saying that my call to two () is an undefined function. I am gathering from this that the scope of one () is not aware of the existence of two (). Is there a way to get around this so I can call two () and three () from one ()? Hallo I have a problem.
This is my code:
<?php include 'connect.php';
?>
<html>
<head>
<title>Admin Insert page!</title>
</head>
<body>
<?php
error_reporting(-1);ini_set('display_errors',1);
if (isset($_POST['submit'])){
$name = $_POST['name'];
$password = $_POST['password'];
$result = mysql_query("SELECT * FROM users WHERE user='$name' AND password='$password'");
$num = mysql_num_rows($result);
if($num == 0){
echo "Bad login, go <a href='login.php'>back</a>";
}else{
session_start();
$_SESSION['name'] = $name;
header("Location: admin.php");
}
}else{
?>
<form action='login.php' methody='post'>
Username: <input type='text' name='name'/><br />
Password: <input type='password' name='password'/><br />
<input type='submit' name='submit' value='Login' />
</body>
</html>
I try to use console to find the problem but I didn't....
I know that there is some problem with $num
Can somebody help me?
Thank you.
Edited by Artur, 19 October 2014 - 12:11 PM. Hey, in a nutshell the only thing in admin.php is the ability to moderate unapproved images, however, once approved, the "Approve Delete" links are still on screen. How it works is a user uploads an image, the filename is added to mysql and the image is added to uploads/ once I Approve an image, the image is then moved to img/ to display on the index.php (to prevent porn and anything that doesn't belong to the general public). I know what's happening, because I've got while loops to display the image while looping through the mysql database, so once the image is moved, the links are still on screen, displaying an "Approve Delete" for every image in the database. Also another thing that happens is the images on index.php are blank until approved. How can I work around this? Here is the index.php when an image hasn't been approved: http://www.xodiac.net/1.png And here is the admin.php displaying Approve and Delete once an image has been approved: http://www.xodiac.net/2.png Hello I am trying to add an IF statement to my login script so that if the username entered is 'admin' it directs to 'adminpage.php Here is my script: <?php include ("connection.php"); session_start(); // Collect data from form and save in variables //See if any info was submitted $Username = $_GET['Username']; //Clean data - trim space $Username = trim ( $Username); //Check its ok - if not then add an error message to the error string if (empty($Username)) $errorString = $errorString."<br>Please supply Username."; //See if any info was submitted $Password = $_GET['Password']; //Clean data - trim space $Password = trim ( $Password); //Check its ok - if not then add an error message to the error string if (empty($Password)) $errorString = $errorString."<br>Please supply Password."; // Query to search the user table $query= "SELECT * FROM Users WHERE Username='$Username' AND Password='$Password'"; // Run query through connection $result = mysql_query ($query); $row = mysql_fetch_assoc($result); // if rows found set authenticated user to the user name entered if (mysql_num_rows($result) > 0) { $_SESSION["authenticatedUser"] = $Username; $_SESSION['UserID'] = $row['UserID']; // Relocate to the logged-in page header("Location: loggedon.php"); } else // login failed redirect back to login page with error message { $_SESSION["message"] = "Could not connect as $Username " ; header("Location: login.php"); } ?> Thank you Hi, I am new here 🙂 I have been learning PHP and am currently working on my own OOP MVC CMS. I am up to the stage where I would like to start working on the admin area, but I am not sure how best to organise things. Should I create admin specific Controllers and Models? In Views, should I create a sub directory Admin, and place all admin view templates within it? Are there any good books on OOP/MVC you would recommend?
Hello, Do you know where I can download a nice looking PHP admin dashboard for free? Thanks in advance for the help Hey guys, I've set up a database with a login and logout script for my site.. There is a TINYINT value called admin and it either equals 1 or 0 depending on whether the user is an admin or not.. The registration script works perfectly to create the table value and the login script works fine for the site.. The question I had was if I wanted to add a link to the bottom of every page that said: Go to Administration Panel and make it only viewable by ADMINS I figured this little script would work.. Here would be the end of the page: Code: [Select] <br /> <center>Copyright © 2010 <a href="http://www.website.com">www.WEBSITE.com</a></center> <?php include('includes/start_admincheck.php'); ?> <center><a href="<?php echo $homedir .'admin.php'; ?>">Go to Administration Panel</a></center> <?php include('includes/end_admincheck.php'); ?> </body> </html> Inside start_admincheck.php I have: (NOTE: $cUsername refers to a setcookie and $cAdmin does as well.. They are defined on my Variable page included at the top.) Code: [Select] <?php include('variables/variables.php'); ?> <?php mysql_connect("$mysql_hostname", "$mysql_username", "$mysql_password") or die(mysql_error()); mysql_select_db("$mysql_database") or die(mysql_error()); if(isset($cUsername)) { $check = mysql_query("SELECT * FROM users WHERE username = '$cUsername'")or die(mysql_error()); while($info = mysql_fetch_array( $check )) { if (($cAdmin == 1) && ($info['admin'] == 1)) { ?> And this is the end_admincheck.php Code: [Select] <?php include('variables/variables.php'); ?> <?php } else die(); } } else die(); ?> ?> I get this Parse error thrown at the bottom of the page: Code: [Select] Parse error: syntax error, unexpected $end in /*******/includes/start_admincheck.php on line 15 Naturally I would checkout line 15 in start_admincheck.php, but normally when I get an $end error it is the last line of the code and leaves me lost.. Something I'm missing guys? As always, thanks in advance So i got my login down and the cookies, kinda set up my problem is how do i make the admin panle save the true/false in the string in settings.php id like do do it with a drop down menu to enable/disable it. any help? Code download Any help would be greatly appreciated! <?php $host="localhost"; // Host name $username="user"; // Mysql username $password=""; // Mysql password $db_name=""; // Database name $tbl_name=""; // Table name mysql_connect("$host", "$username", "$password")or die("cannot connect"); mysql_select_db("$db_name")or die("cannot select DB"); $barcodeID=$_POST['barcode']; echo $barcodeID; $barcodeID = stripslashes($barcodeID); $barcodeID = mysql_real_escape_string($barcodeID); $sql="SELECT * FROM $tbl_name WHERE BarcodeID='$barcodeID'"; $result=mysql_query($sql); // Mysql_num_row is counting table row $count=mysql_num_rows($result); $count=mysql_num_rows($result); if($count==1){ $_SESSION['barcode'] = $barcodeSession; $_SESSION['userlevel'] = $row['Priority']; if($row['userlevel'] == "Admin") { header("location:AdminSection.php"); }else{ header("location:index.php"); } header("location:LoggedIn.php"); } else { header("location:index.php"); } ?> when the script has been run, I want it to redirect to either the user page or admin page depending on their priority level. if Priority field == "Admin" then go to admin page. Can you see anything missing? Thank You I get this error: Code: [Select] Warning: mysql_fetch_array() expects parameter 1 to be resource, boolean given in C:\xampp\htdocs\user\user.php on line 5 code: user.php: Code: [Select] <?php $get = (isset($_GET['id'])); //this means that user.php?id=1 would mean $get = 1. Note: This is not SQL Inject protected. $users = mysql_query("SELECT * FROM users WHERE id='".$get."'"); while ($row = mysql_fetch_array($users)) { echo ' Id = '.$row['id'].' Name = '.$row['name'].' Username = '.$row['username'].' Password = '.$row['password'].' Reg. on = '.$row['date'].' '; } ?> <html> <body> <form action='user.php' method='GET'> Username: <input type='text' value=''> <input type='submit' value='submit'> </form> <?php //what goes here? ?> </body> </html> Hi all, I've tried to access the admin.php of the xcart installation he http://www.cleaningshopuk.com but it doesn't allow me to access it, saying that it's a 404 page not found error. That page does in fact exist, but I think the issue might be something to do with a redirection. The site owner apparently clicked on something in the admin section (possibly https or something similar) but what can I do to avoid this issue without having to re install everything? Thanks, Neil Hey all, I'm using cakephp and it asks me a question and I'm not sure what to put in, because I don't necessarily know the consequences of what I put in: Code: [Select] Would you like to create the methods for admin routing? (y/n) [y] > y You need to enable Configu :write('Routing.admin','admin') in /app/config/core.php to use admin routing. What would you like the admin route to be? Example: www.example.com/admin/controller What would you like the admin route to be? [admin] > Thanks for response I need to know how to allow admin to essentially be "all users" in otherwords, edit everyones profile and not just their own. Tell me what codes would be helpful and i will send them on in. By the way, i do have a script that allows members to edit own profile. Hello guys. By the end of the day, my client wants the daily report sent to his email account in .xls format. how can i attain this? I know the php mail() function but i dont know how will php create an excel file and email it to my client automatically. Where should i start? Thanks guys! Hi guys, Can anyone help me; I have created a registration form (can be use for create or modify) and login form (Admin). What I am trying to do is; once the admin log in he/she can create / register a new user which contains: -Firstname -Surname -Address -Mobile -Dept Name -Username -Password -Repeat Password My DB will look like this: Table PERSONS: id, firstname, surname, address, mobile, dept_id, username, password. Table USER: id, username, password Table DEPT: id, dept_name Can anyone help me how am I going to related the USER table into the PERSONS so when admin register a new user - the data will be created the into database as well as the data can be extracted for modification. Any suggestion? Here are my code: register.php <?php require 'includes/application_top.php'; if (!isset($_POST['name']) && isset($_GET['id'])) { $mode = "Modifying"; // Get data from DB $q = "SELECT * FROM `persons` WHERE `ID` = '".$_GET['id']."'"; $result = mysql_query($q) or die (mysql_error()); $row = mysql_fetch_array($result); $name = $row['firstname']; $surname = $row['surname']; $address = $row['address']; $dept = $row['dept_id']; $mobile = $row['mobile']; }else if (!isset($_POST['name']) && !isset($_GET['id'])) { $mode = "Register"; // Data is empty $name = $surname = $address = $dept = $mobile = ""; } else { $errors = array(); if ($_POST['name'] == "") $errors[] = "Name"; if ($_POST['surname'] == "") $errors[] = "Surname"; if ($_POST['mobile'] == "" || !is_numeric ($_POST['mobile'])) $errors[] = "Mobile No"; if (count($errors)) { $errormsg = "Please fill the blank info:<br/ >".implode('<br />',$errors); $mode = $_POST['mode']; $name = $_POST['name']; $surname = $_POST['surname']; $address = $_POST['address']; $dept = $_POST['dept']; $mobile = $_POST['mobile']; } else { foreach ($_POST as $key => $val) { $_SESSION[$key] = $val; } header("Location: confirmPage.php"); } } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> <title>Modify Document</title> </head> <body> <form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post"> <?php if (isset($errormsg)) echo "<div id=\"error_message\" style=\"color:red;\">$errormsg</div>"; ?> <div align="center"> <table width="370" border="0"> <h1> <?php echo $mode; ?> A User </h1> <p><font color="orangered" size="+1"><tt><b>*</b></tt></font> indicates a required field</p> <tr> <th width="200" height="35" align="left" scope="row" >First Name <font color="orangered" size="+1"><tt><b>*</b></tt></font> </th> <td width="160"><input type="text" name="name" value="<?php echo $name;?>" size="25"/></td> </tr> <tr> <th height="35" align="left"> Surname <font color="orangered" size="+1"><tt><b>*</b></tt></font> </th> <td> <input type="text" name="surname" value="<?php echo $surname; ?>" size="25"/></td> </tr> <tr> <th height="35" align="left"> Address</th> <td> <input type="text" name="address" value="<?php echo $address; ?>" size="25"/></td> </tr> <tr> <th height="35" align="left"> Choose a username <font color="orangered" size="+1"><tt>*</tt></font></th> <td> <input name="username" type="text" maxlength="100" size="25" /> </td> </tr> <tr> <th height="35" align="left"> Choose a password <font color="orangered" size="+1"><tt><b>*</b></tt></font> </th> <td> <input name="password" type="password" maxlength="100" size="25" /> </td> </tr> <tr> <th height="35" align="left"> Repeat your password <font color="orangered" size="+1"><tt><b>*</b></tt></font> </th> <td> <input name="repeatpassword" type="password" maxlength="100" size="25" /> </td> </tr> <tr> <th height="35" align="left">Department</th> <td> <select name="dept"> <option value="">Select..</option> <?php $data = mysql_query ("SELECT * FROM `dept` ORDER BY `id` DESC") or die (mysql_error()); while($row_dept = mysql_fetch_array( $data )) { ?> <option value="<?php echo $row_dept['id'] ;?>" <?php if($row_dept['id']==$dept){echo ' selected="selected"';}?>> <?php echo $row_dept['dept_name'] ;?> </option> <?php } ?> </select> </td> </tr> <tr> <th height="35" align="left">Mobile</th> <td><input type="text" name="mobile" value="<?php echo $mobile; ?>" size="25"/></td> </tr> <tr> <td align="right" colspan="2"> <hr noshade="noshade" /> </td> </tr> </table> <br/> <a href="index.php"> <input type="button" name="back" value="Back" /></a> <input type="hidden" name="id" value="<?php echo isset($_GET['id']); ?>"> <input type="hidden" name="mode" value="<?php echo $mode; ?>"> <input type="submit" value="<?php echo ($mode == "Register") ? 'Register' : 'Modify'; ?>"/> </div> </form> </body> </html> i want that when someone post some comment on post that don't insert in table directly before inserting i can check and after approving then insert in table for which what i doo ?any IDea about this I am trying to check for an admin user to access the admin panel. I have been playing around try different things and this what I have ended up with in my database table I have a column called usergroup and i do the follow to check for admin user. Code: [Select] $checkAdmin = mysql_query("SELECT * FROM `users` WHERE email='$email' , usergroup = 'admin'"); $adminUser = mysql_num_rows($checkAdmin); if ($adminUser == 0) { echo count($adminUser); die ('You do not have permissions to access this area'); } I do the select statement through phpmyadmin and it comes back with one row. which is basically hat i want to check for. I do have a variable called $email which is getting a value from the email cookie. currently $adminUser Return a value of 10. All of the count() functions is for testing purposes only. I am developing a system that with have 4 different levels of permissions. My question is this. From a structure standpoint, some systems will have the administrators area in one file and the users admin area in another file. Others will have a level of permission with all the different levels of administrative tasks, menus, etc, coming from the database. Is one of these better than the other or does it matter. From a coding standpoint it would be much easier to just have permissions and allow access to user menus and admin pages accordingly. Thanks in advance. |
|||||||