annotate laterlinks/index.php @ 83:d521df55f56c

fix pinlib cookie parsing and check in pics app
author paulo
date Wed, 29 Jun 2016 00:48:53 -0700
parents
children
rev   line source
paulo@33 1 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
paulo@33 2 <HTML>
paulo@33 3 <HEAD>
paulo@33 4 <META NAME="generator" CONTENT="http://txt2tags.sf.net">
paulo@33 5 <LINK REL="stylesheet" TYPE="text/css" HREF="index.css">
paulo@33 6 <TITLE>later links...</TITLE>
paulo@33 7 </HEAD>
paulo@33 8 <BODY>
paulo@33 9
paulo@33 10 <DIV CLASS="header" ID="header">
paulo@33 11 <H1>later links...</H1>
paulo@33 12 </DIV>
paulo@33 13
paulo@33 14 <DIV CLASS="body" ID="body">
paulo@33 15
paulo@33 16 <?php
paulo@33 17
paulo@33 18 include('../../login.php');
paulo@33 19 $database = 'pauloang_laterlinks';
paulo@33 20
paulo@33 21 $link = mysql_connect('localhost', $username, $password);
paulo@33 22 if (!$link)
paulo@33 23 die('Could not connect to MySQL server: ' . mysql_error());
paulo@33 24
paulo@33 25 $db_selected = mysql_select_db($database, $link);
paulo@33 26 if (!$db_selected)
paulo@33 27 die('Could not select database: ' . mysql_error());
paulo@33 28
paulo@33 29 ?>
paulo@33 30
paulo@33 31 <?php
paulo@33 32
paulo@33 33 $_MY_PIN = 'qwop';
paulo@33 34 $pin = '';
paulo@33 35
paulo@33 36 if (count($_POST) > 0) {
paulo@33 37 echo '<PRE>' . "\n";
paulo@33 38
paulo@33 39 foreach ($_POST as $postKey => $postValue) {
paulo@33 40 if ($postKey != "pin")
paulo@33 41 echo $postKey . " => " . $postValue . "\n";
paulo@33 42 else if ($postKey == "pin") {
paulo@33 43 echo 'pin => ';
paulo@33 44 for ($i = 0, $n = strlen($postValue); $i < $n; $i++) echo 'x';
paulo@33 45 echo "\n";
paulo@33 46 $pin = $postValue;
paulo@33 47 }
paulo@33 48 }
paulo@33 49
paulo@33 50 if ($pin == $_MY_PIN) {
paulo@33 51 echo "PIN OK \n";
paulo@33 52
paulo@33 53 $query = NULL;
paulo@33 54
paulo@33 55 if ($_POST["submit"] == "Delete") {
paulo@33 56 $delete_ids = array();
paulo@33 57 $delete_id_prefix = "delete_id_";
paulo@33 58 $delete_id_prefix_len = strlen($delete_id_prefix);
paulo@33 59 foreach ($_POST as $postKey => $postValue) {
paulo@33 60 if (strncmp($postKey, $delete_id_prefix, $delete_id_prefix_len) == 0)
paulo@33 61 array_push($delete_ids, intval($postValue));
paulo@33 62 }
paulo@33 63 if (count($delete_ids) > 0) {
paulo@33 64 $query = sprintf("DELETE FROM LaterLinks WHERE id in (%s)", join(',', $delete_ids));
paulo@33 65 echo $query;
paulo@33 66 }
paulo@33 67 } else if ($_POST["submit"] == "Add") {
paulo@33 68 $title = mysql_real_escape_string(trim($_POST["title"]));
paulo@33 69 $url = mysql_real_escape_string(trim($_POST["url"]));
paulo@33 70 if (strlen($title) && strlen($url)) {
paulo@33 71 $query = sprintf("INSERT INTO LaterLinks SET title='%s', url='%s'", $title, $url);
paulo@33 72 echo $query;
paulo@33 73 }
paulo@33 74 }
paulo@33 75
paulo@33 76 if (!is_null($query))
paulo@33 77 mysql_query($query);
paulo@33 78 } else
paulo@33 79 echo "PIN FAIL \n";
paulo@33 80
paulo@33 81 echo '</PRE>' . "\n";
paulo@33 82 }
paulo@33 83
paulo@33 84 ?>
paulo@33 85
paulo@33 86 <FORM ACTION="index.php" METHOD=post>
paulo@33 87
paulo@33 88 <TABLE>
paulo@33 89 <TR>
paulo@33 90 <TH>Link</TH>
paulo@33 91 <TH>Created</TH>
paulo@33 92 <TH><INPUT TYPE=submit NAME="submit" VALUE="Delete"></TH>
paulo@33 93 </TR>
paulo@33 94
paulo@33 95 <?php
paulo@33 96
paulo@33 97 $query = 'SELECT * FROM LaterLinks';
paulo@33 98 $results = mysql_query($query);
paulo@33 99
paulo@33 100 while ($row = mysql_fetch_assoc($results)) {
paulo@33 101 echo '<TR>';
paulo@33 102 echo ' <TD><A HREF="'.$row['url'].'">'.$row['title'].'</A></TD>';
paulo@33 103 echo ' <TD>'.$row['created_at'].'</TD>';
paulo@33 104 echo ' <TD><INPUT TYPE=checkbox NAME="delete_id_'.$row['id'].'" VALUE="'.$row['id'].'"></TD>';
paulo@33 105 echo '</TR>';
paulo@33 106 }
paulo@33 107
paulo@33 108 mysql_free_result($results);
paulo@33 109 mysql_close($link);
paulo@33 110 ?>
paulo@33 111
paulo@33 112 </TABLE>
paulo@33 113
paulo@33 114 <P>
paulo@33 115 <LABEL>Title<INPUT TYPE=text NAME="title"></LABEL><BR>
paulo@33 116 <LABEL>URL<INPUT TYPE=text NAME="url"></LABEL><BR>
paulo@33 117 <INPUT TYPE=submit NAME="submit" VALUE="Add">
paulo@33 118 <P>
paulo@33 119
paulo@33 120 <P>
paulo@33 121 <INPUT TYPE=password NAME="pin" VALUE="<?php echo $pin ?>">
paulo@33 122 </P>
paulo@33 123
paulo@33 124 </FORM>
paulo@33 125
paulo@33 126 </DIV>
paulo@33 127
paulo@33 128 <!-- html code generated by txt2tags 2.4 (http://txt2tags.sf.net) -->
paulo@33 129 <!-- cmdline: txt2tags index.t2t -->
paulo@33 130 </BODY></HTML>