如果$_GET
变量对应于页面所询问的内容,我有一个应该显示某个页面的脚本。像,
if(($_GET['action'] === 'post')){
echo 'Post';
}
但问题是当我将其添加到页面时:
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Admin</title>
<link rel="stylesheet" type="text/css" href="include/style/content.css" />
</head>
<body>
<?php
include ("include/header.html");
include ("include/sidebar.html");
?>
<div class="container">
<div class="adminpanel">
<a class="navbutton" href="acp.php">Admin</a><a class="navbutton" href="acp.php?action=post">Posts</a><a class="navbutton" href="acp.php?action=usr">Users</a><a class="navbutton" href="acp.php?action=vc">Categories</a>
</div>
<?php session_start();
require_once('appvars.php');
require_once('connectvars.php');
require_once('include/functions.php');
$dbc = mysqli_connect(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME);
if(!verify("O")){
exit();
}
if(empty($_GET['action'])){
if (!isset($_SESSION['user_id'])) {
echo '<p class="login">Please <a href="login.php">log in</a> to access this page.</p>';
exit();
}
else {
echo('<p class="login">You are logged in as ' . $_SESSION['username'] . '. <a href="logout.php">Log out</a>.</p>');
}
echo' <h4>Admin Panel</h4>';
// Connect to the database
$dbc = mysqli_connect(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME);
// Grab the profile data from the database
$query = "SELECT * FROM options";
$data = mysqli_query($dbc, $query);
$row = mysqli_fetch_array($data);
if(!empty($row['name'])) {
echo '<h4>'.$row['name'].'</h4>';
}
if(!empty($row['desc'])) {
echo '<p>' . $row['desc'] . '</p>';
}
}
if(($_GET['action'] === 'post')){
$dbc = mysqli_connect(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME);
if (!isset($_SESSION['user_id'])) {
echo '<p class="login">Please <a href="login.php">log in</a> to access this page.</p>';
exit();
}
else {
echo('<p class="login">You are logged in as ' . $_SESSION['username'] . '. <a href="logout.php">Log out</a>.</p>');
}
if(!verify("O")){
exit();
}
$query = "SELECT * FROM posts ORDER BY post_id DESC";
$data = mysqli_query($dbc, $query);
$gender = $row['gender'];
$post = mysqli_real_escape_string( strip_tags ($post) );
while ($row = mysqli_fetch_array($data)) {
strip_tags($post);
echo'<table class="admin">';
if(!empty($row['title'])) {
echo'<tr><td>Title:' .$row['title']. '</td></tr>';
}
if(!empty($row['post'])) {
echo '<tr><td><pre>Post:<br/><br />' . $row['post'] . '</pre></td></tr>';
}
if(!empty($row['post_id'])) {
echo'<tr><td>Post ID:' .$row['post_id']. '<a href="delete.php?del='.$row['post_id'].'">Delete Post</a></td></tr>';
}
if(!empty($row['username'])) {
echo '<tr><td>UserName:' . $row['username'] . '</td></tr>';
}
if(!empty($row['rank'])) {
echo '<tr><td>Rank:' . $row['rank'] . '</td></tr>';
}
if(!empty($row['gender'])){
echo '<tr><td>Gender:' . $row['gender'] . '</td></tr>';
}
echo '</table><br />';
}
}
if(($_GET['action'] === 'usr')){
if(!verify("O")){
exit();
}
// Connect to the database
$dbc = mysqli_connect(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME);
// Grab the profile data from the database
$query = "SELECT * FROM user ORDER BY user_id DESC";
$data = mysqli_query($dbc, $query);
$gender = $row['gender'];
$post = mysqli_real_escape_string( strip_tags ($post) );
while ($row = mysqli_fetch_array($data)) {
strip_tags($post);
echo'<table class="admin">';
if(!empty($row['username'])) {
echo'<tr><td>Username:' .$row['username']. '</td></tr>';
}
if(!empty($row['first_name'])) {
echo '<tr><td>First Name:' . $row['first_name'] . '</td></tr>';
}
if(!empty($row['rank'])) {
echo '<tr><td>Rank:' . $row['rank'] . '<a href="adminrank.php?r='.$row['username'].'">Edit User Rank</a></td></tr></td></tr>';
}
if(!empty($row['user_id'])) {
echo'<tr><td>User ID:' .$row['user_id']. '<a href="deleteusr.php?del='.$row['user_id'].'">Delete User</a></td></tr>';
}
if(!empty($row['gender'])) {
echo '<tr><td>Gender:' . $row['gender'] . '</td></tr>';
}
if(!empty($row['permissions'])) {
echo '<tr><td>Perms:' . $row['permissions'] . '</td></tr>';
}
echo '</table><br />';
}
}
if(($_GET['action'] === 'vc')){
$dbc = mysqli_connect(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME);
if (!isset($_SESSION['user_id'])) {
echo '<p class="login">Please <a href="login.php">log in</a> to access this page.</p>';
exit();
}
else {
echo('<p class="login">You are logged in as ' . $_SESSION['username'] . '. <a href="logout.php">Log out</a>.</p>');
}
if (isset($_POST['submit'])) {
// Grab the profile data from the POST
$catt = mysqli_real_escape_string($dbc, strip_tags( trim($_POST['catt'])));
$desc = mysqli_real_escape_string($dbc, strip_tags( trim($_POST['desc'])));
// Update the post data in the database
if (!empty($catt)) {
$query = "INSERT INTO categories (`name`, `desc`) VALUES ('$catt', '$desc')";
mysqli_query($dbc, $query);
echo '<p>Your category has been successfully added. Would you like to go back to the <a href="acp.php">Admin Panel</a>?</p>';
echo $catt;
mysqli_close($dbc);
exit();
}
else {
echo '<p class="error">You must enter information into all of the fields.</p>';
}
}
if(!verify("O")){
exit();
}
echo'<form enctype="multipart/form-data" method="post" action="'echo $_SERVER['PHP_SELF']'">';
echo'<fieldset>';
echo'<legend>Create Category:</legend>';
echo'<label type="hidden" for="catt">Category name:</label><br />';
echo'<input type="text" name="catt"><br /><br />';
echo'<label type="hidden" for="desc">Description</label><br />';
echo'<textarea rows="4" name="desc" id="desc" cols="100"></textarea>';
echo'</fieldset>';
echo'<input type="submit" value="Save Category" name="submit" />' ;
echo'</form>';
}
?>
它返回一个空白页面,所以我需要知道它为什么这样做。我怀疑它与if(isset($_POST['submit']))
答案 0 :(得分:0)
这是什么功能?
if(!verify("O")){
exit();
}
如果删除它,页面会加载吗?
此外,您在回声中回应而不会逃避原始回声或正确连接:
echo'<form enctype="multipart/form-data" method="post" action="'echo $_SERVER['PHP_SELF']'">';
请改为尝试:
echo'<form enctype="multipart/form-data" method="post" action="'.$_SERVER['PHP_SELF'].'">';
答案 1 :(得分:0)
我必须将表单中的action
更改为acp.php?action=vc