<?php
session_start();
$admin_pass = "pass";
?>
<html><head><title>admin</title></head>
<?php
$host = "Locale host";
$user = "ditiseenphptest";
$pass = "";
$db = "ditiseenphptest_nl_db";
mysql_connect($host, $user, $pass);
mysql_select_db($db) or die("kon geen verbinding worden gemaakt");
function invoerveld()
{
?>
<form name="inlog" method="post" target="<?php echo $PHP_SELF;?>">
<input name="pass" onclick="document.inlog.pass.value=''" type="password" maxlength="20">
<input type="submit" value="Login" name="submit">
</form>
<?php
}
if(isset($_POST['pass']) == TRUE)
{
$pass = htmlspecialchars($_POST['pass']);
if($pass != $admin_pass)
{
echo "Ga weg hacker!";
invoerveld();
die();
}
else
{
$_SESSION["password"] = $admin_pass;
echo "Je bent ingelogd en word doorverwezen.";
echo "<meta http-equiv=refresh content=2;URL=\"admin.php\">";
die();
}
}
else
{
if(isset($_SESSION["password"]) == FALSE)
{
invoerveld();
die();
}
else
{
if($_SESSION["password"] != $admin_pass)
{
invoerveld();
echo "Ga weg hacker!";
die();
}
}
}
$query = "SELECT * FROM Shoutbox ORDER BY ID DESC";
$result = mysql_query($query) or die("select fout!");
echo "<table border='0' width='500'><tr><td width='250'>";
echo "<form name='smilies' action='admin.php' method='post'>";
echo "Smilies:<select name='smile'><option>aan</option><option>uit</option></select><br>";
echo "<input type='submit' value='submit' name='smilesubmit'></form>";
echo "</td><td width='250'>";
echo "<form name='id' action='admin.php' method='post'>";
echo "Delete ID: <select name='id'><option></option>";
while($rec = mysql_fetch_object($result))
{
echo "<option>" . $rec->ID . "</option>";
}
echo "</select><br><input type='submit' name='idsubmit' value='Delete'></form>";
echo "</tr></table>";
$qwerty = "SELECT * FROM Shoutbox ORDER BY ID DESC";
$res = mysql_query($qwerty) or die("select fout 2!");
echo "<table border='1' bordercolor='#440000' celpadding='0' cellspacing='0'><tr><td><b>ID:</b></td><td><b>Naam:</b></td><td><b>Bericht:</b></td><td><b>Actie:</b></td></tr>";
if(($_POST['smile']) == "uit")
{
while($record = mysql_fetch_object($res))
{
echo "<tr><td>" . $record->ID . "</td><td>" . $record->Name . "</td><td>" . $record->Mssg . "</td><td>Delete</td></tr>";
}
}
else
{
while($record = mysql_fetch_object($res))
{
$id = $record->ID;
$name = $record->Name;
$mssg = $record->Mssg;
$mssg = str_replace(":)", "<img src='smilies/happy.gif'>", $mssg);
$mssg = str_replace(":D", "<img src='smilies/happy2.gif'>", $mssg);
$mssg = str_replace(":P", "<img src='smilies/p.gif'>", $mssg);
$mssg = str_replace(":$", "<img src='smilies/shame.gif'>", $mssg);
$mssg = str_replace(":@", "<img src='smilies/angry.gif'>", $mssg);
$mssg = str_replace("(A)", "<img src='smilies/angel.gif'>", $mssg);
$mssg = str_replace("(6)", "<img src='smilies/devil.gif'>", $mssg);
$mssg = str_replace(":+", "<img src='smilies/dirty.gif'>", $mssg);
$mssg = str_replace("^0^", "<img src='smilies/funny.gif'>", $mssg);
$mssg = str_replace("|-)", "<img src='smilies/sleep.gif'>", $mssg);
$mssg = str_replace("(Y)", "<img src='smilies/thumb.gif'>", $mssg);
$mssg = str_replace("(L)", "<img src='smilies/love.gif'>", $mssg);
$mssg = str_replace(":||", "<img src='smilies/muur.gif'>", $mssg);
$mssg = str_replace(":^", "<img src='smilies/hate.gif'>", $mssg);
echo "<tr><td>" . $id . "</td><td>" . $name . "</td><td>" . $mssg . "</td><td>Delete</td></tr>";
}
}
if(($_POST['id']) != "")
{
$idd = ($_POST['id']);
$q = "DELETE FROM Shoutbox WHERE ID = '" . $_idd . "'";
$r = mysql_query($q) or die("ID " . $idd . " kon niet verwijderd worden!");
if(mysql_affected_rows() > 0)
{
echo "Heb bericht met het ID " . $idd . " is verwijderd.";
}
else
{
echo "Query werd succesvol uitgevoerd, maar er zijn geen rijen in de database verwijderd met de opgegeven specificaties.";
}
}
?>