$request_uri = $http . '://' . $_SERVER['HTTP_HOST'] . $_SERVER['SCRIPT_NAME']; $uri = parse_url($request_uri); $uri = str_replace('login.php', 'admin_top.php', $uri); header('Location: ' . $http . '://' . $uri['host'] . $uri['path']); exit; } else { header('Location: ' . $http . '://' . $_SERVER['HTTP_HOST'] . $cfg['root_path'] . $admin_dir . '/admin_top.php'); exit; } } else { if (isset($_SESSION['admin_login']) && $_SESSION['admin_login'] != '') { $session_on_off = 'on'; } else { $session_on_off = 'off'; } $contents = bad_req_error(); $admin = 'yes'; xhtml_output(''); exit; } } elseif (isset($_REQUEST['status']) && $_REQUEST['status'] == 'logout') { // Initialize session variables $_SESSION['admin_login'] = 0; $_SESSION['user_name'] = 0; $_SESSION['user_pass'] = 0; if (isset($_SESSION['admin_login']) && $_SESSION['admin_login'] != '') { $session_on_off = 'on'; } else { $session_on_off = 'off'; } $contents = login_form();
<?php /** * RSS link - add * * $Id: rss/admin/add.php, 2005/01/22 23:29:53 Exp $ */ //require_once '../lib/php/XML/RSS.php'; $cd = '../../..'; require_once $cd . '/include/config.inc.php'; require_once $cd . '/include/fnc_error_msgs.inc.php'; require_once $cd . '/include/http_headers.inc.php'; session_control(); against_xss(); if ($session_status == 'on') { $sql = 'UPDATE `p_rss_box` ' . 'SET ' . "r_name='" . $_POST['rss_name'] . "', " . "r_uri='" . $_POST['rss_uri'] . "', " . "r_category='" . $_POST['rss_category'] . "' " . "WHERE r_id='" . $_POST['rss_id'] . "'"; $res = mysql_query($sql); if ($res) { header('Location: ./modify.php'); exit; } } else { bad_req_error(); exit; } footer();