<?php require './includes/config.inc.php'; redirect_invalid_user('user_admin'); $page_title = 'dodavanje knjige'; include './includes/header.html'; require MYSQL; if ($_SERVER['REQUEST_METHOD'] == 'POST') { if (!empty($_POST['art_descr'])) { $t = mysqli_real_escape_string($dbc, strip_tags($_POST['art_descr'])); } else { echo ' Molim unesite naslov knjige!'; } if (!empty($_POST['price'])) { $d = mysqli_real_escape_string($dbc, strip_tags($_POST['price'])); } else { echo ' Molim unesite cijenu proizvoda!'; } $descr = $_POST['art_descr']; $amount = $_POST['amount']; $price = $_POST['price']; $num = $_POST['art_no']; $pic = $_POST['pic']; $q = "INSERT INTO stock (art_descr, amount, price, art_no, pic) VALUES ('{$descr}', '{$amount}', '{$price}', '{$num}', '{$pic}')"; $r = mysqli_query($dbc, $q); if (mysqli_affected_rows($dbc) == 1) { echo '<h4>Knjiga je dodana!</h4>'; } else { trigger_error('Knjige se nije mogla dodati zbog sistemskog errora.'); } }
<?php require './includes/config.inc.php'; redirect_invalid_user(); $page_title = 'Promijenite vasu lozinku'; include './includes/header.html'; require MYSQL; $pass_errors = array(); if ($_SERVER['REQUEST_METHOD'] == 'POST') { if (!empty($_POST['current'])) { $current = mysqli_real_escape_string($dbc, $_POST['current']); } else { $pass_errors['current'] = 'Molim vas unesite svoju lozinku!'; } if (preg_match('/^(\\w*(?=\\w*\\d)(?=\\w*[a-z])(?=\\w*[A-Z])\\w*){6,20}$/', $_POST['pass1'])) { if ($_POST['pass1'] == $_POST['pass2']) { $p = mysqli_real_escape_string($dbc, $_POST['pass1']); } else { $pass_errors['pass2'] = 'Vasa lozinka nije nadena u bazi podataka!'; } } else { $pass_errors['pass1'] = 'Molim unesite ispravnu lozinku!'; } if (empty($pass_errors)) { $q = "SELECT id FROM users WHERE pass='******' AND id={$_SESSION['user_id']}"; $r = mysqli_query($dbc, $q); if (mysqli_num_rows($r) == 1) { $q = "UPDATE users SET pass='******' WHERE id={$_SESSION['user_id']} LIMIT 1"; if ($r = mysqli_query($dbc, $q)) { echo '<h3>Vasa lozinka je promjenjena.</h3>'; include './includes/footer.html';
<?php // This page adds a page of content to the list of the user's favorites. // This is bonus material based upon recommendations suggested in Chapter 5. // Require the configuration before any PHP code as the configuration controls error reporting: require './includes/config.inc.php'; // The config file also starts the session. // If the user isn't active, redirect them: redirect_invalid_user('user_not_expired'); // Require the database connection: require MYSQL; // Validate the page ID: if (filter_var($_GET['id'], FILTER_VALIDATE_INT, array('min_range' => 1))) { $page_id = $_GET['id']; // Get the page info: $q = 'SELECT title, description, content FROM pages WHERE id=' . $page_id; $r = mysqli_query($dbc, $q); if (mysqli_num_rows($r) != 1) { // Problem! $page_title = 'Error!'; include './includes/header.html'; echo '<p class="error">This page has been accessed in error.</p>'; include './includes/footer.html'; exit; } // Fetch the page info: $row = mysqli_fetch_array($r, MYSQLI_ASSOC); $page_title = $row['title']; include 'includes/header.html'; echo "<h3>{$page_title}</h3>"; // Add this favorite to the database: