Пример #1
0
<?php 
include "includes/connection.php";
include "includes/functions.php";
if (intval($_GET['page']) == 0) {
    redirect_to("content.php");
}
include_once "includes/form_functions.php";
if (isset($_POST['submit'])) {
    $errors = array();
    $obavezna_polja = array('menu_name', 'position', 'visible', 'content');
    $errors = array_merge($errors, check_required_fields($obavezna_polja));
    $polje_sa_duzinom = array('menu_name' => 30);
    $errors = array_merge($errors, check_max_fields_length($polje_sa_duzinom));
    $id = mysql_prep($_GET['page']);
    $menu = mysql_prep($_POST['menu_name']);
    $position = mysql_prep($_POST['position']);
    $visible = mysql_prep($_POST['visible']);
    $content = mysql_prep($_POST['content']);
    $page_get = get_page_by_id($id);
    $pages_all = get_all_pages_for_subject($page_get['subject_id']);
    $page_fetch = mysql_fetch_array($pages_all);
    $count_pages = mysql_num_rows($pages_all);
    $position_old = $page_get['position'];
    if (empty($errors)) {
        if ($position_old != $position) {
            if ($position_old < $position) {
                for ($i = $position_old; $i < $position; $i++) {
                    $new = $i + 1;
                    $qry = "UPDATE pages SET";
                    $qry .= " position={$i}";
Пример #2
0
<?php 
include "sessions.php";
include "includes/connection.php";
include "includes/functions.php";
include "includes/edit_functions.php";
if (isset($_POST['submit'])) {
    $errors = array();
    $obavezna_polja = array("user", "pass");
    $errors = array_merge($errors, check_required_fields($obavezna_polja, $_POST));
    $polja_sa_duzinom = array("user" => 30, "pass" => 30);
    $errors = array_merge($errors, check_max_fields_length($polja_sa_duzinom, $_POST));
    $username = mysql_prep($_POST['user']);
    $password = mysql_prep($_POST['pass']);
    $hashed_pass = sha1($password);
    if (empty($errors)) {
        $query = "SELECT id,username FROM users ";
        $query .= " WHERE username='******' AND password='******'";
        $query .= " LIMIT 1";
        $result = mysql_query($query, $conn);
        confirm_query($result);
        if (mysql_num_rows($result) == 1) {
            $message = "Found user.";
            $found_user = mysql_fetch_array($result);
            //$_COOKIE['user_id']=$found_user['id'];
            $_SESSION['user_id'] = $found_user['id'];
            $_SESSION['username'] = $found_user['username'];
            redirect_to("staff.php");
        } else {
            $message = "Username/password combination incorrect.<br />";
            $message .= "Please make sure your caps lock keys are turned off and try again!";