any help would be appretiated
Login Page:
Code: Select all
<?php
session_start();
require_once 'functions.php';
echo '
<form method="post" action="">
<input type="text" name="Username"
<input type="password" name="Password">
<input type="submit" name="submit" value="Go!">
</form>
';
if($_SESSION['admin'] == false and isset($_POST['Username'], $_POST['Password']))
{
$username = htmlspecialchars($_POST['Username']);
$password = htmlspecialchars($_POST['Password']);
if ($username == 'Marko' AND $password == '*********(password is really here i just dont want to give it to you :p)')
{
$_SESSION['admin'] = true;
header("Location: adminInterface.php");
} else
{
die('Wrong username or password');
}
}
?>Code: Select all
<?php
ini_set('error_reporting', E_ALL);
if($_SESSION['admin'] == true)
{
require_once 'functions.php';
connectDB();
echo '
<table>
<tr>
<td>
<a href="adminInterface.php?op=editShop">Edit Shop Items</a>
</td>
<td>
<a href="adminInterface.php?op=viewOrders">View Orders</a>
</td>
<td>
<a href="adminInterface.php?op=logOut">Log out</a>
</td>
<tr>
</table>
';
switch($_GET['op'])
{
case('editShop'):
echo'
<table>
<form method="post" action="adminInterface.php">
Enter Product Name: 
<input type="text" name="productName"><br>
Enter Product Price: 
<input type="text" name="productPrice"><br>
Enter Product Unit: 
<input type="text" name="productUnit"><br>
<input type="submit" name="Submit" value="update">
</form>
</table>';
}
if(!empty($_POST['productName']) and !empty($_POST['productPrice']) and !empty($_POST['productUnit']))
{
$pName = $_POST['productName'];
$pPrice = $_POST['productPrice'];
$pUnit = $_POST['productUnit'];
$pName = mysql_real_escape_string($pName);
$pPrice = mysql_real_escape_string($pPrice);
$pUnit = mysql_real_escape_string($pUnit);
updateItems($pName, $pPrice, $pUnit);
}
function updateItems($pName, $pPrice, $pUnit)
{
$query='
INSERT INTO
MarkoPood
(name, hind, yhik)
values ("' . $pName . '","' . $pPrice . '","' . $pUnit . '")
';
mysql_query($query) or die(mysql_error());
}
} else
{
die("Bugger Off haxta newb!");
}
?>