Some functions only load

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
CoolAsCarlito
Forum Contributor
Posts: 192
Joined: Sat May 31, 2008 3:27 pm
Contact:

Some functions only load

Post by CoolAsCarlito »

Functions handlers and characters both load correctly however functions addhandler and edithandler does not load? Anyone understand why this is?

Code: Select all

 
<?php
 
include ('database.php');
 
/* Gets the value of 'f' from the URL and secures the variable against XSS */
$f = htmlentities($_GET['f'], ENT_QUOTES);
 
if (function_exists($f)) {
$f();
} else {
die('Error 404!');
}
 
function handlers() {
$query = "SELECT * FROM users";
$result = @mysql_query ($query);// Run The Query
if ($result) {
print'<h1 class=backstage>Handler Management</h1><br />';
print'<h2 class=backstage>Handlers :: <a href="#" onclick="ajaxpage(\"newhandler"\, \"content\"); return false;">Add New</a></h2><br />';
print'<table width="100%" class="table1">';
print'<tr class="rowheading">';
print'<td width=30>&nbsp;</td>';
print'<td>Username</td>';
print'<td>Surname</td>';
print'<td>First Name</td>';
print'<td>E-Mail</td>';
print'</tr>';
// Fetch and print all records.
while ($row = mysql_fetch_array ($result, MYSQL_ASSOC)) {
print'<tr class=row2>';
print'<td valign=top align=center width=30><a href="#" onclick="ajaxpage(\"edithandler\", \"content\"); return false;">Edit</a></td>';
print'<td>'.$row['username'].'</td>';
print'<td>'.$row['surname'].'</td>';
print'<td>'.$row['firstname'].'</td>';
print'<td>'.$row['email'].'</td>';
print'</tr>';
}
print'</table><br />';
print'<h2 class=backstage><form method=POST><input type=hidden name=action value=mainmenu><input type=submit value="Return to Main Menu" class=button200></form></h2>';
}
}
 
function newhandler() {
 
print'<h1 class=backstage>Handler Management</h1><br />';
print'<h2 class=backstage>Add New Handler Account</h2><br />';
print'<table width="100%" class="table2">';
print'<tr>';
print'<td width=120 class=rowheading>Username:</td><td class=row3><input type=text name=login class=fieldtext490></td>';
print'</tr>';
print'<tr>';
print'<td class=rowheading>Password:</td><td class=row3><input type=password name=password class=fieldtext490 onfocus="this.select()"></td>';
print'</tr>';
print'<tr>';
print'<td class=rowheading>Surname:</td><td class=row3>';
print'<input type=text name=surname class=fieldtext490></td>';
print'</tr>';
print'<tr>';
print'<td class=rowheading>Firstname:</td>';
print'<td class=row3><input type=text name=firstname class=fieldtext490></td>';
print'</tr>';
print'<tr>';
print'<td class=rowheading>Email:</td>';
print'<td class=row3><input type=text name=email class=fieldtext490></td>';
print'</tr>';
print'<tr>';
print'<td class=rowheading>AIM:</td>';
print'<td class=row3><input type=text name=aim class=fieldtext490></td>';
print'</tr>';
print'<tr>';
print'<td class=rowheading>MSN:</td>';
print'<td class=row3><input type=text name=msn class=fieldtext490></td>';
print'</tr>';
print'<tr>';
print'<td class=rowheading>Forum ID:</td>';
print'<td class=row3><input type=text name=forumid class=fieldtext490></td>';
print'</tr>';
print'<tr>';
print'<td class=rowheading>Account:</td>';
print'<td class=row3><select name=enabled class=selection>';
print'<option value=1>Enabled</option><option value=0>Disabled</option>';
print'</select></td>';
print'</tr>';
print'<tr>';
print'<td class=rowheading>Administrator:</td>';
print'<td class=row3><select name=isadministrator class=selection>';
print'<option value=0>No</option><option value=1>Yes</option>';
print'</select></td>';
print'</tr>';
print'</table><br />';
print'<input type=submit value="Save Handler" class=button></form><br />';
print'<form method=POST><input type=hidden name=action value=handler><input type=submit value="Return to Handler List" class=button200></form><br />';
print'<h2 class=backstage>Characters<br /><br /><form method=post><input type=hidden name=action value=handler><input type=hidden name=routine value=addcharacter><input type=hidden name=option value=0><input type=hidden name=id value="0"><select name=characterid class=dropdown>';
print'<option value=0>- Select -</option></select>&nbsp;&nbsp;<input type=submit value="Add" class=button></form></h2><br />';
print'This handler does not have any characters assigned.<br /><br />';
print'<h2 class=backstage><form method=POST><input type=hidden name=action value=mainmenu><input type=submit value="Return to Main Menu" class=button200></form></h2>';
}
 
function edithandler() {
 
print'<h1 class=backstage>Handler Management</h1><br />';
print'<h2 class=backstage>Edit Handler Details</h2><br />';
print'<table width="100%" class="table2">';
print'<tr>';
print'<td width=120 class=rowheading>Username:</td><td class=row3><input type=text name=login class=fieldtext490 value=""></td>';
print'</tr>';
print'<tr>';
print'<td class=rowheading>Password:</td><td class=row3><input type=password name=password class=fieldtext490 onfocus="this.select()" value=""></td>';
print'</tr>';
print'<tr>';
print'<td class=rowheadingred>Surname:</td><td class=row3>';
print'<input type=text name=surname class=fieldtext490 value=""></td>';
print'</tr>';
print'<tr>';
print'<td class=rowheading>Firstname:</td>';
print'<td class=row3><input type=text name=firstname class=fieldtext490 value=""></td>';
print'</tr>';
print'<tr>';
print'<td class=rowheading>Email:</td>';
print'<td class=row3><input type=text name=email class=fieldtext490 value=""></td>';
print'</tr>';
print'<tr>';
print'<td class=rowheading>AIM:</td>';
print'<td class=row3><input type=text name=aim class=fieldtext490 value=""></td>';
print'</tr>';
print'<tr>';
print'<td class=rowheading>MSN:</td>';
print'<td class=row3><input type=text name=msn class=fieldtext490 value=""></td>';
print'</tr>';
print'<tr>';
print'<td class=rowheading>Forum ID:</td>';
print'<td class=row3><input type=text name=forumid class=fieldtext490 value=""></td>';
print'</tr>';
print'<tr>';
print'<td class=rowheading>Account:</td>';
print'<td class=row3><select name=enabled class=selection>';
print'<option value=1>Enabled<option value=0>Disabled</option>';
print'</select></td>';
print'</tr>';
print'<tr>';
print'<td class=rowheading>Administrator:</td>';
print'<td class=row3><select name=isadministrator class=selection>';
print'<option value=1>Yes<option value=0>No';
print'</select></td>';
print'</tr>';
print'<tr>';
print'<td class=rowheading>Default Character:</td>';
print'<td class=row3></td>';
print'</tr>';
print'</table><br />';
print'<input type=checkbox name=deletehandler> <span class=table1heading>Delete Handler?</span><br /><br />';
print'<input type=submit value="Save Handler" class=button></form><br />';
print'<form method=POST><input type=hidden name=action value=handler><input type=submit value="Return to Handler List" class=button200></form><br />';
print'<h2 class=backstage>Characters<br /><br /><form method=post><input type=hidden name=action value=handler><input type=hidden name=routine value=addcharacter><input type=hidden name=option value=0><input type=hidden name=id value="130"><select name=characterid class=dropdown>';
print'<option value=0>- Select -</select>&nbsp;&nbsp;<input type=submit value="Add" class=button></form></h2><br />';
print'<br /><br />';
print'<h2 class=backstage><form method=POST><input type=hidden name=action value=mainmenu><input type=submit value="Return to Main Menu" class=button200></form></h2>';
}
 
function characters() {
 
print'<h1 class=backstage>Character Management</h1><br />';
print'<h2 class=backstage>Characters :: <a href="#" onclick="ajaxpage(\"addcharacters\", \"content\"); return false;">Add New</a></h2><br />';
print'<h2 class=backstage>Active</h2><br />';
print'<table width="100%" class="table1">';
print'<tr class="rowheading">';
print'<td>&nbsp;</td>';
print'<td>&nbsp;</td>';
print'<td align=center width=40>Sort</td>';
print'<td>Character Name</td>';
print'<td align=center width=100>Poser Name</td>';
print'<td align=center width=60>Style</td>';
print'<td align=center width=60>Alignment</td>';
print'</tr>';
print'<tr class=row2>';
print'<td valign=top align=center width=35><a href="#" onclick="ajaxpage(\"editcharacter\", \"content\"); return false;">Setup</a></td>';
print'<td valign=top align=center width=25><a href="#" onclick="ajaxpage(\"bio\", \"content\"); return false;">Bio</a></td>';
print'<td align=center width=40>?</td>';
print'<td>Wrestler 1</td>';
print'<td align=center width=100>Poser 1</td>';
print'<td align=center width=60>Style 1</td>';
print'<td align=center width=60>Alignment</td>';
print'</tr>';
print'<tr class=row1>';
print'<td valign=top align=center width=35><a href="#" onclick="ajaxpage(\"editcharacter\", \"content\"); return false;">Setup</a></td>';
print'<td valign=top align=center width=25><a href="#" onclick="ajaxpage(\"bio\", \"content\"); return false;">Bio</a></td>';
print'<td align=center width=40>?</td>';
print'<td>Wrestler 2</td>';
print'<td align=center width=100>Poser 2</td>';
print'<td align=center width=60>Style 2</td>';
print'<td align=center width=60>Alignment</td>';
print'</tr>';
print'</table><br />';
print'<h2 class=backstage>Inactive</h2><br />';
print'<table width="100%" class="table1">';
print'<tr class="rowheading">';
print'<td>&nbsp;</td>';
print'<td>&nbsp;</td>';
print'<td align=center width=40>Sort</td>';
print'<td>Character Name</td>';
print'<td align=center width=100>Poser Name</td>';
print'<td align=center width=60>Style</td>';
print'<td align=center width=60>Alignment</td>';
print'</tr>';
print'<tr class=row2>';
print'<td valign=top align=center width=35><a href="#" onclick="ajaxpage(\"editcharacter\", \"content\"); return false;">Setup</a></td>';
print'<td valign=top align=center width=25><a href="#" onclick="ajaxpage(\"bio\", \"content\"); return false;">Bio</a></td>';
print'<td align=center width=40>?</td>';
print'<td>Wrestler 3</td>';
print'<td align=center width=100>Poser 3</td';
print'<td align=center width=60>Style 3</td>';
print'<td align=center width=60>Alignment</td>';
print'</tr>';
print'<tr class=row1>';
print'<td valign=top align=center width=35><a href="#" onclick="ajaxpage(\"editcharacter\", \"content\"); return false;">Setup</a></td>';
print'<td valign=top align=center width=25><a href="#" onclick="ajaxpage(\"bio\", \"content\"); return false;">Bio</a></td>';
print'<td align=center width=40>?</td>';
print'<td>Wrestler 4</td>';
print'<td align=center width=100>Poser 4</td>';
print'<td align=center width=60>Style 4</td>';
print'<td align=center width=60>Alignment</td>';
print'</tr>';
print'</table><br />';
print'<h2 class=backstage><form method=POST><input type=hidden name=action value=mainmenu><input type=submit value="Return to Main Menu" class=button200></form></h2>';
}
 
?>
 
User avatar
requinix
Spammer :|
Posts: 6617
Joined: Wed Oct 15, 2008 2:35 am
Location: WA, USA

Re: Some functions only load

Post by requinix »

Before tackling that (I'm not even sure what the problem is) there's a really big problem with your code.

$_GET[f] can be any function that's defined in PHP, not just one of yours. So while ?f=handlers or ?f=edithandler is what you intend, someone could just as easily use ?f=phpinfo.
CoolAsCarlito
Forum Contributor
Posts: 192
Joined: Sat May 31, 2008 3:27 pm
Contact:

Re: Some functions only load

Post by CoolAsCarlito »

I have a feeling is has to deal with these two lines on how I have it escaping and having to use double quotes:

Code: Select all

 
print'<h2 class=backstage>Handlers :: <a href="#" onclick="ajaxpage(\"newhandler"\, \"content\"); return false;">Add New</a></h2><br />';
 
And

Code: Select all

 
print'<td valign=top align=center width=30><a href="#" onclick="ajaxpage(\"edithandler\", \"content\"); return false;">Edit</a></td>';
 
User avatar
requinix
Spammer :|
Posts: 6617
Joined: Wed Oct 15, 2008 2:35 am
Location: WA, USA

Re: Some functions only load

Post by requinix »

Try single quotes instead.

Code: Select all

print'<h2 class=backstage>Handlers :: <a href="#" onclick="ajaxpage(\'newhandler\', \'content\'); return false;">Add New</a></h2><br />';
 
print'<td valign=top align=center width=30><a href="#" onclick="ajaxpage(\'edithandler\', \'content\'); return false;">Edit</a></td>';
By the way, the forum software is screwing up the code: there should be \s before each of the four 's in those two lines of code.
(If you quote me you'll see it)
Post Reply