This is my control panel:
Code: Select all
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<meta http-equiv="Content-Style-Type" content="text/css">
<meta http-equiv="Content-Language" content="en-us">
<meta name="language" content="en-us">
<title>Backstage V2 Administration Console</title>
<link rel="stylesheet" href="backstage.css" type="text/css" media="screen">
<link rel="stylesheet" href="backstage_print.css" type="text/css" media="print">
<script src="prototype.js" type="text/javascript"></script>
<script src="scriptaculous.js" type="text/javascript"></script>
<script type="text/javascript" src="ajax.js"></script>
</head>
<body>
<div id=container>
<div class=header><form method=POST name=changedefaultcharacter>
<input type=hidden name=action value=mainmenu>
<input type=hidden name=newdefaultcharacterid value=0>
</form>
<script type="text/javascript" language="javascript">
function executeformchangedefaultcharacter(newdefaultcharacterid) {
document.changedefaultcharacter.newdefaultcharacterid.value = newdefaultcharacterid;
document.changedefaultcharacter.submit();
}
</script>
<table cellpadding="0" cellspacing="0" border="0" width="95%">
<tr>
<td width=110 align=center><a target=_blank href=/bio.php?username=andreas><img src="/backstage_125x150.php?username=andreas" border=0 width=100 height=100 hspace=5 vspace=5 /></a></td>
<td><form method=POST name=changecharacter>
<select name=newdefaultcharacterid class=dropdown onChange="executeformchangedefaultcharacter(document.changecharacter.newdefaultcharacterid.value);"><option value=349>Andreas van der Wal<option>** Active Characters **<option value=196>Angelica Brooks<option value=219>Beef<option value=367>Bernie Roberts<option value=165>Blaine Blair<option value=335>Bryan Dawkins<option value=339>C.P. Cantrell<option value=106>Chandler Tsonda<option value=360>Christian Novak<option value=328>Colby Korver<option value=340>Connor O'Reily<option value=337>Cozen<option value=351>Dametreyus Fuqueiawytas<option value=330>Delta Upsilon Iota<option value=193>Devin Shakur<option value=208>Dusk<option value=220>El Janito<option value=270>Eli VanNess<option value=17>Ellie<option value=271>Felix Young<option value=164>Gerald Barrett<option value=365>Ham Patrick<option value=329>Hank Cobb<option value=311>High Flyer<option value=338>Jason Natas<option value=345>Jeeves<option value=336>Jimmy Bonafide<option value=346>Kaiser Vashaun<option value=361>Kale Ryder</select>
</form>
</td>
<td width=40% valign=bottom align=right>
<a href="#" onClick="executeform('mainmenu','0');">Home</a> | <a href="#" onClick="executeform('logout','0');">Logout</a> | <a target="_blank" href="http://kansasoutlawwrestling.com/phpBB3">Forums</a> </td>
</tr>
</table>
</div>
<div id=container2>
<div id=nav>
<h1>Character</h1>
<ul>
<li><a href="#" onclick="ajaxpage('bio', 'content'); return false;">Bio</a></li>
<li><a href="#" onclick="ajaxpage('allies', 'content'); return false;">Allies</a></li>
<li><a href="#" onclick="ajaxpage('rivals', 'content'); return false;">Rivals</a></li>
<li><a href="#" onclick="ajaxpage('quotes', 'content'); return false;">Quotes</a></li>
</ul>
<h1>Submit</h1>
<ul>
<li><a href="#" onclick="ajaxpage('roleplay', 'content'); return false;">Roleplay</a></li>
<li><a href="#" onclick="ajaxpage('news', 'content'); return false;">News</a></li>
<li><a href="#" onclick="ajaxpage('match', 'content'); return false;">Match</a></li>
<li><a href="#" onclick="ajaxpage('seg', 'content'); return false;">Seg</a></li>
</ul>
<h1>Handler</h1>
<ul>
<li><a href="#" onclick="ajaxpage('directory', 'content'); return false;">Directory</a></li>
</ul>
</ul>
<h1>Booking</h1>
<ul>
<li><a href="#" onclick="ajaxpage('champions', 'content'); return false;">Champions</a></li>
<li><a href="#" onclick="ajaxpage('booker', 'content'); return false;">Booker</a></li>
<li><a href="#" onclick="ajaxpage('compiler', 'content'); return false;">Compiler</a></li>
<li><a href="#" onclick="ajaxpage('archives', 'content'); return false;">Archives</a></li>
</ul>
<h1>Fed Admin</h1>
<ul>
<li><a href="#" onclick="ajaxpage('handlers', 'content'); return false;">Handlers</a></li>
<li><a href="#" onclick="ajaxpage('characters', 'content'); return false;">Characters</a></li>
<li><a href="#" onclick="ajaxpage('applications', 'content'); return false;">Applications</a></li>
<li><a href="#" onclick="ajaxpage('eventnames', 'content'); return false;">Event Names</a></li>
<li><a href="#" onclick="ajaxpage('titlenames', 'content'); return false;">Title Names</a></li>
<li><a href="#" onclick="ajaxpage('matchtypes', 'content'); return false;">Match Types</a></li>
<li><a href="#" onclick="ajaxpage('divisions', 'content'); return false;">Divisions</a></li>
<li><a href="#" onclick="ajaxpage('countries', 'content'); return false;">Arenas</a></li>
</ul>
<h1>Site Admin</h1>
<ul>
<li><a href="#" onclick="ajaxpage('templates', 'content'); return false;">Templates</a></li>
<li><a href="#" onclick="ajaxpage('content', 'content'); return false;">Content</a></li>
<li><a href="#" onclick="ajaxpage('biosconfig', 'content'); return false;">Bio Configuration</a></li>
<li><a href="#" onclick="ajaxpage('newscat', 'content'); return false;">News Categories</a></li>
<li><a href="#" onclick="ajaxpage('menus', 'content'); return false;">Menus</a></li>
</ul>
</div>
<div id=content>
<h1 class=backstage>Backstage Admin Console</h1><br />
<h2 class=backstage>Upcoming Events</h2><br />
<h3 class=backstage>Upcoming Show 1</h3><br />
<table class="table1" width="100%">
<tr class="rowheading">
<td>Match</td>
<td>Lead Writer</td>
</tr>
<tr class=row2>
<td>Troy Douglas vs. Jason Natas</td>
<td>Alex Clark</td>
</tr>
<tr class=row1>
<td>Kaiser Vashaun© vs. Rhett Locke</td>
<td>Matt Ward</td>
</tr>
<tr class=row2>
<td>DUI vs. The Awakening vs. Union Jack and Jeeves</td>
<td>Will Otto</td>
</tr>
<tr class=row1>
<td>Team <span style='color:red;text-decoration:blink' title='Alert a moderator!'>grilled spam</span> vs. The Princes of New England©</td>
<td>Mike Renner</td>
</tr>
<tr class=row2>
<td>Cozen vs. Dusk</td>
<td>Craig Maloof</td>
</tr>
<tr class=row1>
<td>The Roulette</td>
<td>Matt Repchak</td>
</tr>
</table><br />
<h2 class=backstage>Maintenance</h2><br />
<h3 class=backstage>Records requiring editing</h3><br />
<form method=POST name=recordsmodule>
<input type=hidden name=action value=records>
<input type=hidden name=routine value=0>
<input type=hidden name=bookingid value=0>
</form>
<script type="text/javascript" language="javascript">
function executeformrecords(routine,bookingid) {
document.recordsmodule.routine.value = routine;
document.recordsmodule.bookingid.value = bookingid;
document.recordsmodule.submit();
}
</script>
<table class=table2 width="100%">
<tr class=rowheading>
<td> </td>
<td>Show</td>
</tr>
<tr class=row2>
<td valign=top align=center width=30><a href="#" onClick="executeformrecords('listrecords','139');">W/L</td>
<td valign=top>ReVolution 175 (08 Oct 2008) </td>
</tr>
<tr class=row1>
<td valign=top align=center width=30><a href="#" onClick="executeformrecords('listrecords','138');">W/L</td>
<td valign=top>ReVolution 174 (01 Oct 2008) </td>
</tr>
<tr class=row2>
<td valign=top align=center width=30><a href="#" onClick="executeformrecords('listrecords','137');">W/L</td>
<td valign=top>ReVolution 173 (24 Sep 2008) </td>
</tr>
</table><br />
</div>
<div id="footer">Backstage 1 © 2009</div>
</div>
</div>
</div>
</body>
</html>
Code: Select all
<?php
//if the login form is submitted
if(isset($_POST['login']))
{
// makes sure they filled it in
if(!$_POST['username'] || !$_POST['pass'])
{
die('You did not fill in a required field.');
}
$username = mysql_real_escape_string($_POST['username']);
$pass = mysql_real_escape_string($_POST['pass']);
$check = mysql_query("SELECT * FROM users WHERE username = '".$username."'")or die(mysql_error());
//Gives error if user dosen't exist
$check2 = mysql_num_rows($check);
if ($check2 == 0)
{
die('That user does not exist in our database.');
}
while($info = mysql_fetch_array( $check ))
{
$pass = md5(stripslashes($_POST['pass']));
$info['password'] = stripslashes($info['password']);
//$_POST['pass'] = md5($_POST['pass']); THIS IS DONE IN THE ABOVE STATEMENT
//gives error if the password is wrong
if ($pass != $info['password'])
{
die('Incorrect password, please try again.');
}
else
// if login is ok then we add a cookie and send them to the correct page
{
$username = stripslashes($username);
session_start();
$_SESSION['username'] = $username;
$_SESSION['loggedin'] = time();
// Finds out the user type
$query = "SELECT `authlevel` FROM `users` WHERE `username` = '" . $username . "'";
$result = mysql_query($query) or die(mysql_error());
$row = mysql_fetch_array($result);
$authLevel = $row['authlevel'];
$_SESSION['authlevel'] = $authLevel;
// Sends them to correct page after login
if($authLevel == "2")
{
$page = "admin.php";
}
else
{
$page = "backstage.php";
}
header("Location: $page");
}
}
}
else
{
// if they have not submitted the form
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN""http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<meta http-equiv="Content-Style-Type" content="text/css">
<meta http-equiv="Content-Language" content="en-us">
<meta name="language" content="en-us">
<title>Backstage V2 Administration Console</title>
<link rel=stylesheet href=backstage.css type=text/css media=screen>
<link rel=stylesheet href=backstage_print.css type=text/css media=print>
</head>
<body>
<form method="POST" action="http://kansasoutlawwrestling.com/other/backstage.php">
<div id=login>
<h1>KOW Backstage</h1>
<p><label>Username:<br /><input type=text name=uname id=log tabindex=1 /></label></p>
<p><label>Password:<br /><input type=password name=pword id=pwd tabindex=2 /></label></p>
<p style="text-align: center;"><input type=submit class=button name=submit id=submit value="Login »" tabindex=4 /></p>
</form>
</div>
</body>
</html>
<?php
}
?>