Mercurial > hg > index.fcgi > www > www-1
comparison laterlinks/index.php @ 83:d521df55f56c
fix pinlib cookie parsing and check in pics app
author | paulo |
---|---|
date | Wed, 29 Jun 2016 00:48:53 -0700 |
parents | |
children |
comparison
equal
deleted
inserted
replaced
-1:000000000000 | 0:b43a3907e5cd |
---|---|
1 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> | |
2 <HTML> | |
3 <HEAD> | |
4 <META NAME="generator" CONTENT="http://txt2tags.sf.net"> | |
5 <LINK REL="stylesheet" TYPE="text/css" HREF="index.css"> | |
6 <TITLE>later links...</TITLE> | |
7 </HEAD> | |
8 <BODY> | |
9 | |
10 <DIV CLASS="header" ID="header"> | |
11 <H1>later links...</H1> | |
12 </DIV> | |
13 | |
14 <DIV CLASS="body" ID="body"> | |
15 | |
16 <?php | |
17 | |
18 include('../../login.php'); | |
19 $database = 'pauloang_laterlinks'; | |
20 | |
21 $link = mysql_connect('localhost', $username, $password); | |
22 if (!$link) | |
23 die('Could not connect to MySQL server: ' . mysql_error()); | |
24 | |
25 $db_selected = mysql_select_db($database, $link); | |
26 if (!$db_selected) | |
27 die('Could not select database: ' . mysql_error()); | |
28 | |
29 ?> | |
30 | |
31 <?php | |
32 | |
33 $_MY_PIN = 'qwop'; | |
34 $pin = ''; | |
35 | |
36 if (count($_POST) > 0) { | |
37 echo '<PRE>' . "\n"; | |
38 | |
39 foreach ($_POST as $postKey => $postValue) { | |
40 if ($postKey != "pin") | |
41 echo $postKey . " => " . $postValue . "\n"; | |
42 else if ($postKey == "pin") { | |
43 echo 'pin => '; | |
44 for ($i = 0, $n = strlen($postValue); $i < $n; $i++) echo 'x'; | |
45 echo "\n"; | |
46 $pin = $postValue; | |
47 } | |
48 } | |
49 | |
50 if ($pin == $_MY_PIN) { | |
51 echo "PIN OK \n"; | |
52 | |
53 $query = NULL; | |
54 | |
55 if ($_POST["submit"] == "Delete") { | |
56 $delete_ids = array(); | |
57 $delete_id_prefix = "delete_id_"; | |
58 $delete_id_prefix_len = strlen($delete_id_prefix); | |
59 foreach ($_POST as $postKey => $postValue) { | |
60 if (strncmp($postKey, $delete_id_prefix, $delete_id_prefix_len) == 0) | |
61 array_push($delete_ids, intval($postValue)); | |
62 } | |
63 if (count($delete_ids) > 0) { | |
64 $query = sprintf("DELETE FROM LaterLinks WHERE id in (%s)", join(',', $delete_ids)); | |
65 echo $query; | |
66 } | |
67 } else if ($_POST["submit"] == "Add") { | |
68 $title = mysql_real_escape_string(trim($_POST["title"])); | |
69 $url = mysql_real_escape_string(trim($_POST["url"])); | |
70 if (strlen($title) && strlen($url)) { | |
71 $query = sprintf("INSERT INTO LaterLinks SET title='%s', url='%s'", $title, $url); | |
72 echo $query; | |
73 } | |
74 } | |
75 | |
76 if (!is_null($query)) | |
77 mysql_query($query); | |
78 } else | |
79 echo "PIN FAIL \n"; | |
80 | |
81 echo '</PRE>' . "\n"; | |
82 } | |
83 | |
84 ?> | |
85 | |
86 <FORM ACTION="index.php" METHOD=post> | |
87 | |
88 <TABLE> | |
89 <TR> | |
90 <TH>Link</TH> | |
91 <TH>Created</TH> | |
92 <TH><INPUT TYPE=submit NAME="submit" VALUE="Delete"></TH> | |
93 </TR> | |
94 | |
95 <?php | |
96 | |
97 $query = 'SELECT * FROM LaterLinks'; | |
98 $results = mysql_query($query); | |
99 | |
100 while ($row = mysql_fetch_assoc($results)) { | |
101 echo '<TR>'; | |
102 echo ' <TD><A HREF="'.$row['url'].'">'.$row['title'].'</A></TD>'; | |
103 echo ' <TD>'.$row['created_at'].'</TD>'; | |
104 echo ' <TD><INPUT TYPE=checkbox NAME="delete_id_'.$row['id'].'" VALUE="'.$row['id'].'"></TD>'; | |
105 echo '</TR>'; | |
106 } | |
107 | |
108 mysql_free_result($results); | |
109 mysql_close($link); | |
110 ?> | |
111 | |
112 </TABLE> | |
113 | |
114 <P> | |
115 <LABEL>Title<INPUT TYPE=text NAME="title"></LABEL><BR> | |
116 <LABEL>URL<INPUT TYPE=text NAME="url"></LABEL><BR> | |
117 <INPUT TYPE=submit NAME="submit" VALUE="Add"> | |
118 <P> | |
119 | |
120 <P> | |
121 <INPUT TYPE=password NAME="pin" VALUE="<?php echo $pin ?>"> | |
122 </P> | |
123 | |
124 </FORM> | |
125 | |
126 </DIV> | |
127 | |
128 <!-- html code generated by txt2tags 2.4 (http://txt2tags.sf.net) --> | |
129 <!-- cmdline: txt2tags index.t2t --> | |
130 </BODY></HTML> |