How do i stop this form happening?
Code: Select all
<?php
if (isset($_REQUEST['logout'])) {
session_unset();
}
if (isset($_POST['submitUpdate'])) {
if (get_magic_quotes_gpc()) {
$_POST = array_map('stripslashes',$_POST);
}
$fc = file_get_contents($_POST['file']);
// truncate file
$fw = fopen($_POST['file'], 'w+');
$text = explode("<!-- EDITABLE -->",$fc);
$newText = $text[0]."<!-- EDITABLE -->".($_POST['content'])."<!--EDITABLE -->".$text[2];
if (fwrite($fw, $newText)===FALSE) {
die("Cannot write to file.");
}
fclose($fw);
exit("<div><span class='redText'>The file has been updated. Click <a href=\"admin.php\">here</a> to go back to admin page.</div>");
}
if (isset($_POST['Submit'])) {
if (($_POST['username'] == 'admin') && ($_POST['passwd'] == 'yourpassword')) {
$_SESSION['username'] = 'login';
}
else {
echo "<b>You login details is not correct. Pls login again</b>";
}
}
if ($_SESSION['username']=='login') {
if (isset($_REQUEST['file'])) {
$fc = file_get_contents($_REQUEST['file']);
$text = explode("<!-- EDITABLE -->",$fc);
echo "<form method='post' action=''><textarea name='content'rows='40' cols='70'>$text[1]</textarea>";
echo "<p><input type='hidden' name='file' value='".$_REQUEST['file']."' /><input name='submitUpdate' type='submit' value='Update Page'></form>";
}
else {
// edit to link to your own static html files
echo "<p align='center'>
<a href=\"?file=index.html\">Home Page</a><br/>
<a href=\"?file=contact.html\">Contact Us</a><br/>
<br/>
<em>Click on the links above to edit the files.</em><br/>
<a href=\"?logout\">logout</a></p>";
}
}
?>
<form method="post" action="">
<table width="400" border="0" align="center" cellpadding="2" cellspacing="2">
<tr>
<td>Username: </td>
<td><input type="text" name="username"></td>
</tr>
<tr>
<td>Passwd: </td>
<td><input type="password" name="passwd"></td>
</tr>
<tr>
<td> </td>
<td><input type="submit" name="Submit" value="Submit"> <input type="reset" name="reset" value="Reset">
</td>
</tr>
</table>
</form>