function CheckPassword($username, $password) { require_once "getSqlConnection.php"; $dbh = getSqlCon(); $sth = $dbh->prepare('SELECT Password, Typ FROM v_Account WHERE Username = ? LIMIT 1'); $sth->bind_param("s", $username); $sth->execute(); $sth->bind_result($hash, $Typ); $correct = false; if ($sth->fetch()) { if (hash_equals($hash, crypt($password, $hash))) { $correct = true; } } $dbh->close(); if ($correct) { return $Typ; } else { return ""; } }
<th> Dauer </th> <th> Vorstellungsdatum </th> <th> Filmbeginn </th> <th> </th> </thead> <tbody> <?php require_once "getSqlConnection.php"; $sqlcon = getSqlCon(); $x = $sqlcon->prepare("SELECT * FROM v_filmauffuerung where Saalname = ?"); $x->bind_param("s", $Name); $x->execute(); $x->bind_result($Kinoname, $Saalname, $Filmname, $Dauer, $Filmbeginndat, $Filmbeginn, $VorstellungsID); while ($x->fetch()) { echo "<tr><td>{$Kinoname}</td><td>{$Saalname}</td><td>{$Filmname}</td><td>{$Dauer}</td><td>{$Filmbeginndat}</td><td>{$Filmbeginn}</td><td><button type=\"button\" onclick=\"location.href='/editPerformance.php?hid=" . $_GET["id"] . "&cid=" . $cid . "&id={$VorstellungsID}'\">Bearbeiten</button><button type=\"button\" onclick=\"location.href='/editPerformance.php?hid=" . $_GET["id"] . "&cid=" . $cid . "&delid={$VorstellungsID}'\">Löschen</button></td></tr>"; } $sqlcon->close(); ?> </tbody> </table> <?php //load footer BuildPageFoot();
<ul class="right hide-on-med-and-down"> <li><a href="./admin.php">Admin</a></li> </ul> </div> </nav> <!-- 内容 --> <div class="container"> <div class="row"> <? if ($_COOKIE["isLogin"]!=true) die("<h1>Access Denied!</h1>"); setcookie("isLogin", true, time()+3600); $sql_con = getSqlCon(); if ($_COOKIE["isLogin"]!=true) die("<h1>Access Denied!</h1>"); $sql_con = getSqlCon(); $Page=1; if($_GET['Page']!=null) $Page=$_GET['Page']; $Content_Num=getMulNum($sql_con,"appmanager_content"); $Content_Limit=30; $AllPage=(integer)($Content_Num/$Content_Limit)+($Content_Num%$Content_Limit!=0?1:0); ?> <ul class="collection with-header"> <li class="collection-header"><h4>All contents(<? echo $Content_Num; ?>):</h4></li> <li class="collection-item"><div>新建产品<a href="./editApp.php" class="secondary-content"><i class="material-icons">send</i></a></div></li> <? $result=getMulLimit($sql_con,"appmanager_content",($Page-1)*$Content_Limit,$Content_Limit); while($row = mysql_fetch_array($result)) { echo '<li class="collection-item"><div>'.'ID='.$row['id'].' '.$row['title'].' --- '.$row['link'].'<a href="./editApp.php?ID='.$row['id'].'" class="secondary-content"><i class="material-icons">send</i></a></div></li>';
function delRow(){ $sql_con = getSqlCon(); $sql = "DELETE FROM `appmanager_content` WHERE `id` = {$_POST['ID']}"; runSql($sql_con,$sql); }