Просмотр файла admin.php

Размер файла: 7.9Kb 
<?php
header("Content-type: text/vnd.wap.xhtml+xml; charset=utf-8");
header("Cache-control: no-cache;");
header("Pragma: no-cache;");
if(empty($_GET))
echo '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">                    
  <head>                                  
    <meta http-equiv="Content-Type" content="application/vnd.wap.xhtml+xml; charset=utf-8"/> 
    <meta http-equiv="Content-Style-Type" content="text/css"/>                                 
    <title>Добавление статьи                                   
    </title>                    
  </head>                    
  <body>                                  
    <p align="center" style="background-color:green">                           
      <span style="color:white"><small>Добавление статьи</small>                           
      </span>                   
    </p>                     
    <p align="left" style="background-color:white">                                                
      <form action="admin.php?psw" method="post">
      <span style="color:green"><small>Введите пароль:</small></span><br />                      
        <input name="pswd" value="" /><br />                     
        <input type="submit" value="отправить" />          
    </form>
    </p>                                                               
    <p align="center" style="background-color:green">                                               
      <span style="color:white"><small>All rights reserved 2008</small>                                        
      </span>                                          
    </p>                    
  </body>
</html>';
$pswd = $_POST['pswd'];
if (isset($_GET['psw'])) {
require_once('config.ini');
if ($pswd==$admpswd) 
echo '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">                    
  <head>                                  
    <meta http-equiv="Content-Type" content="application/vnd.wap.xhtml+xml; charset=utf-8"/> 
    <meta http-equiv="Content-Style-Type" content="text/css"/>                                 
    <title>Добавление статьи                                   
    </title>                    
  </head>                    
  <body>                                  
    <p align="center" style="background-color:green">                           
      <span style="color:white"><small>Добавление статьи</small>                           
      </span>                   
    </p>                     
    <p align="left" style="background-color:white">                                                
      <form action="admin.php?addarticle" method="post">
      <span style="color:green"><small>Введите название:</small></span><br />                      
        <input name="name" value="" /><br />  
        <span style="color:green"><small>Введите статью:</small></span><br />                      
        <input name="article" value="" /><br />                    
        <input type="submit" value="Добавить" />         
    </form>
    </p>                                          
    <p align="center" style="background-color:green">                                               
      <span style="color:white"><small>All rights reserved 2008</small>                                        
      </span>                                          
    </p>                    
  </body>
</html>';

elseif($pswd!=='test') 
echo '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">                    
  <head>                                  
    <meta http-equiv="Content-Type" content="application/vnd.wap.xhtml+xml; charset=utf-8"/>
    <meta http-equiv="Content-Style-Type" content="text/css"/>                                  
    <title>Добавление статьи                                   
    </title>                    
  </head>                    
  <body>                                  
    <p align="center" style="background-color:green">                           
      <span style="color:white"><small>Добавление статьи</small>                           
      </span>                   
    </p>                     
    <p align="left" style="background-color:white">                                                
идите на хуй
    </p>                      
    <br />                                          
    <p align="center" style="background-color:green">                                               
      <span style="color:white"><small>All rights reserved 2008</small>                                        
      </span>                                          
    </p>                    
  </body>
</html>'; }
if (isset($_GET['addarticle'])) { 
error_reporting(0);
echo '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">                    
  <head>                                  
    <meta http-equiv="Content-Type" content="application/vnd.wap.xhtml+xml; charset=utf-8"/> 
    <meta http-equiv="Content-Style-Type" content="text/css"/>                                 
    <title>Добавление статьи                                   
    </title>                    
  </head>                    
  <body>                                  
    <p align="center" style="background-color:green">                           
      <span style="color:white"><small>Добавление статьи</small>                           
      </span>                   
    </p>                     
    <p align="left" style="background-color:white">'; 
require_once("config.ini");
$error = array();  
$date = date("d.m.y");
if(!empty($_POST)) {
$name = mysql_escape_string(trim($_POST['name'])); 
$article = mysql_escape_string(trim($_POST['article']));
if(empty($name)) 
$error['empty']='<small><span style="color:green">Вы не ввели название статьи ;(</span></small><br /><a href="./admin.php">
<small><span style="color:green">Попробуйте ещё раз!</span></small></a><br />'; 
if(empty($article)) 
$error['empty']='<small><span style="color:green">Вы не ввели статью ;(</span></small><br /><a href="./admin.php"><small>
<span style="color:green">Попробуйте ещё раз!</span></small></a><br />'; 
$povtor = mysql_query("SELECT name FROM articles ORDER BY id DESC LIMIT 1;");
$povtor2 = mysql_result($povtor,0);
if($povtor2==$name) 
$error['empty']='<small><span style="color:green">Такая статья уже существует!!!</span></small><br /><a href="./admin.php"><small>
<span style="color:green">Попробуйте ещё раз!</span></small></a><br />';
if(empty($error)) 
mysql_query("INSERT INTO articles SET name = '$name', article = '$article', date = '$date';") or die(mysql_error()); 
$_GET['ok'] = 1;    
if(!empty($error)) 
echo implode('<br />',$error); 
elseif (isset($_GET['ok']))   
echo '<small><span style="color:green">Статья добавлена :)</span></small><br />'; 

echo '    </p>                      
                                             
    <p align="center" style="background-color:green">                                               
      <span style="color:white"><small>All rights reserved 2008</small>                                        
      </span>                                          
    </p>                    
  </body>
</html>';   } }
?>