if (isset($_GET['post']) && $_GET['action'] == 'deletepost') { $index = $_GET['action']; $id = $_GET['post']; $result = request_delete($index, $id); if ($result) { $delete = "?delete=" . $result->rowCount(); header("location:viewpost.php{$delete}"); } // end if } // end isset() - deletepost ?> <?php // update one row of table post if press click *Update* if (isset($_POST['Update'])) { $index = "editpost"; $update = array("post_id" => "{$_POST['post_id']}", "post_title" => "{$_POST['post_title']}", "post_content" => "{$_POST['post_content']}", "post_category" => "{$_POST['post_category']}", "post_author" => "{$_POST['post_author']}", "post_date" => "{$_POST['post_date']}", "post_status" => "{$_POST['post_status']}", "post_comment" => "{$_POST['post_comment']}"); $result = request_update($index, $update); if ($result) { $update = "?post=" . $update['post_id'] . "&action=editpost&row_up=" . $result->rowCount(); header("location:post.php{$update}"); } // end if } // end isset() ?> <?php get_admin_sidebar(); get_admin_footer();
function user_login($login, $index, $url) { if (!empty($login['username']) && !empty($login['password'])) { $result = request_select($index, $login); if ($result) { foreach ($result as $row) { if ($row->user_username == $login['username'] && $row->user_password == $login['password']) { if ($row->user_role == 'admin') { $username = $login['username']; $res = request_select('isset-cookie', $username); // is username exit in cookie table if ($res) { foreach ($res as $user) { $cookie_name = $user->cookie_name; } // if username exist && a cookie exist and isset if ($username == $user->cookie_username && isset($_COOKIE[$cookie_name]) && $_COOKIE[$cookie_name] == $user->cookie_value) { if ($url) { header("location:{$url}"); exit; } else { header("location:admin/index.php"); exit; } // end else } elseif ($username == $user->cookie_username && !isset($_COOKIE[$cookie_name]) && $_COOKIE[$cookie_name] != $user->cookie_value) { $cookie_name = random_code(); $cookie_value = random_code(); $update = array("cookie_name" => "{$cookie_name}", "cookie_value" => "{$cookie_value}", "cookie_username" => "{$user->cookie_username}"); $upd = request_update('cookie_update', $update); if ($upd) { setcookie($cookie_name, $cookie_value, time() + 86400 * 30, "/"); if ($url) { header("location:{$url}"); exit; } else { header("location:admin/index.php"); exit; } // end else } // end if($upd) } // end elseif } elseif (!$res) { $cookie_name = random_code(); //$login['username']; $cookie_value = random_code(); //md5($login['username']); $cookie = array("cookie_name" => "{$cookie_name}", "cookie_value" => "{$cookie_value}", "cookie_username" => "{$username}"); $coo = request_insert('create-cookie', $cookie); if ($coo) { setcookie($cookie_name, $cookie_value, time() + 86400 * 30, "/"); if ($url) { header("location:{$url}"); exit; } else { header("location:admin/index.php"); exit; } // end else } // end if($coo) } // end elseif(!$res) } elseif ($row->user_role != 'admin') { echo "you can not login because you are not admin"; } } // end if } // end foreach() } // end if($result) if (!$result) { echo "username or passwrod is not correct"; } } elseif (empty($login['username']) && empty($login['password'])) { echo "please full username and password fields"; } }