A little game of find the error. [Archive] - Lissa Explains it All: Web Design Forums

rublind

01-09-2004, 05:59 AM

A little game of find the error?

<?php

##########
#Admin Page #
##########

#################
#Approvals And Approve#
#################
session_start();
header("Cache-Control: private");
include('../db.php');
$t = $HTTP_GET_VARS['t'];
if (!isset($HTTP_GET_VARS['id']))
{
if ($t == 'rev')
{
$t2 = 'reviews';
} else if ($t == 'news') {
$t2 = 'story';
} else if ($t == 'story') {
$t2 = 'text';
} else if ($t == 'flash') {
$t2 = 'flash';
}
if ($t == 'rev')
{
$t1 = 'Reviews';
} else if ($t == 'news') {
$t1 = 'News';
} else if ($t == 'story') {
$t1 = 'Storys';
} else if ($t == 'flash') {
$t1 = 'Flash Movies';
}
$apps = <<< EOF
<center>
<u>
<b>
<h1>
Approvals for {$t1}
</h1>
</b>
</u>
<table width="70%">
<tr bgcolor="#333333">
<td colspan="3" align="center">
<b>Things Needing Approval</b>
</td>
</tr>
EOF;

$mysql = mysql_connect('localhost', "$db_user", "$db_pass");
if (!$mysql)
{
echo "Error: " . mysql_error();
exit;
}
$mysql = mysql_select_db("$db_name");
if (!$mysql)
{
echo "Error: " . mysql_error();
exit;
}
$result = mysql_query("SELECT * FROM `$t2` WHERE `act` = '0'") or die("Error: " .mysql_error());
if (mysql_num_rows($result) < 1)
{

$apps .= <<< EOF
<tr bgcolor='#666666'>
<td colspan='3' align='center'>
There are no {$t1} seeking approval.
</td>
</tr>
<tr bgcolor='#666666'>
<td colspan='3' align='center'>
<a href="admin.php?act=home">Admin Home</a>
</td>
</tr>
</table>
</center>
EOF;
} else {

if ($t2 == 'flash' || $t2 == 'text')
{
if ($t2 == 'flash')
{
$l = 'movies';
} else if ($t2 == 'text') {
$l = 'funnystuff';
}
$apps .= <<< EOF
<tr bgcolor='#333333'>
<td width='40%' align='center'>
<u>Name / Link</u>
</td>
<td width='40%' align='center'>
<u> From </u>
</td>
<td width='20%' align='center'>
<u>Keep or Not</u>
</td>
</tr>
EOF;
$result = mysql_query("SELECT * FROM `$t2` WHERE `act` = '0'");
while ($row = mysql_fetch_assoc($result))
{
$loc = $row['loc'];
$name = $row['name'];
$from = $row['from'];
$id = $row['id'];
$apps .= <<< EOF
<tr bgcolor='#666666'>
<td>
<a href="#" onClick="window.open('{$l}/{$loc}','{$t}','width=700,height=500,location=0,me nubar=0,resizable=0,scrollbars=1,status=0,titlebar =0

,toolbar=0');">{$name}</a>
</td>
<td>
{$from}
</td>
[ <a href="admin.php?act=app&t={$t}&id={$id}">Approve</a> | <a href="admin.php?act=del&t={$t}&id={$id}">Delete</

a> ]
</td>
</tr>
EOF;
}
$apps .= <<< EOF
<tr bgcolor='#666666'>
<td colspan='3'>
<a href='admin.php?act=home'>Admin Home</a>
</td>
</tr>
</table>
</center>
EOF;
} else if ($t2 == 'reviews') {
$apps .= <<< EOF
<tr bgcolor='#333333'>
<td width='40%' align='center'>
<u>Name / Link</u>
</td>
<td width='40%' align='center'>
<u> By </u>
</td>
<td width='20%' align='center'>
<u>Keep or Not</u>
</td>
</tr>
EOF;
$result = mysql_query("SELECT * FROM `$t2` WHERE `act` = '0'");
while ($row = mysql_fetch_assoc($result))
{
$name = $row['name'];
$writer = $row['poster'];
$loc = $row['title'];
$type = $row['type'];
$id = $row['id'];
$apps .= <<< EOF
<tr bgcolor='#666666'>
<td>
<a href="#" onClick="window.open('reviews/{$loc}','{$t}','width=700,height=500,location=0,me nubar=0,resizable=0,scrollbars=1,status=0

,titlebar=0,toolbar=0');">{$name}</a>
</td>
<td>
{$writer} {$type}
</td>
[ <a href="admin.php?act=app&t={$t}&id={$id}">Approve</a> | <a href="admin.php?act=del&t={$t}&id={$id}">Delete</

a> ]
</td>
</tr>
EOF;
}
$apps .= <<< EOF
<tr bgcolor='#666666'>
<td colspan='3'>
<a href='admin.php?act=home'>Admin Home</a>
</td>
</tr>
</table>
</center>
EOF;
} else if ($t2 == 'story') {
$result = mysql_query("SELECT * FROM `$t2` WHERE `act` = '0'");
while ($row = mysql_fetch_assoc($result))
{
$title = $row['title'];
$author = $row['author'];
$text = $row['text'];
$date = $row['date'];
$id = $row['id'];
$apps .= <<< EOF
<tr>
<td colspan='3'>
 
</td>
</tr>
<tr bgcolor='#333333'>
<td colspan='3' align='center'>
<b>{$title}</b>
</td>
</tr>
<tr>
<td colspan='3'>
{$text}
</td>
</tr>
<tr bgcolor='#666666'>
<td>
By: {$author}
</td>
<td>
On: {$date}
</td>
<td>
[ <a href="admin.php?act=app&t={$t}&id={$id}">Approve</a> | <a href="admin.php?act=del&t={$t}&id={$id}">Delete</

a> ]
</td>
</tr>
EOF;
}
$apps .= <<< EOF
<tr bgcolor='#666666'>
<td colspan='3'>
<a href='admin.php?act=home'>Admin Home</a>
</td>
</tr>
</table>
</center>
EOF;
}
}
echo $top;
include("nav.php");
echo $middle;
echo $apps;
echo $footer;

} else if (isset($HTTP_GET_VARS['t']) && isset($HTTP_GET_VARS['id']) && $HTTP_SESSION_VARS['is_admin'] && $HTTP_SESSION_VARS['is_super'])

{
$t = $HTTP_GET_VARS['t'];
$id = $HTTP_GET_VARS['id'];
if ($t == 'rev') {
$t2 = 'reviews';
} else if ($t == 'news') {
$t2 = 'story';
} else if ($t == 'story') {
$t2 = 'text';
} else if ($t == 'flash') {
$t2 = 'flash';
}
$mysql = mysql_connect('localhost', "$db_user", "$db_pass");
if (!$mysql)
{
echo "Error: " . mysql_error();
exit;
}
$mysql = mysql_select_db("$db_name");
if (!$mysql)
{
echo "Error: " . mysql_error();
exit;
}
$result = mysql_query("UPDATE `$t2` SET `act` = '1' WHERE `id` = '$id'") or die ("Error: " .mysql_error());
$apps = <<< EOF
<center>
<u>
<b>
<h1>
Approved
</h1>
</b>
</u>
<table width="70%">
<tr bgcolor="#333333">
<td colspan="3" align="center">
<b>The item has been approved, and is now active.</b>
</td>
</tr>
<tr bgcolor='#666666'>
<td colspan='3'>
<a href='admin.php?act=home'>Admin Home</a>
</td>
</tr>
</table>
</center>
EOF;
echo $top;
include("nav.php");
echo $middle;
echo $apps;
echo $footer;
}
?>

Thanks to all who help!