开发者

Admin panel script not functioning properly

开发者 https://www.devze.com 2023-03-31 18:58 出处:网络
The script is as follows... <?php // ########## GAME UPDATE FORM ########## if (isset($_GET[\'tab\']) && $_GET[\'tab\'] === \'gameupdates\') {

The script is as follows...

<?php

// ########## GAME UPDATE FORM ##########

if (isset($_GET['tab']) && $_GET['tab'] === 'gameupdates') {

$delete = 'update';

if (isset($_SESSION['success'])) {

    echo $_SESSION['success'];
    unset($_SESSION['success']);
}

echo '<p>To make a new game update fill out the form below along with the type of update it corresponds to.</p><p>If you have completed a task make sure to remove it from the <a href="/adminpanel?tab=tasklist">task list</a>.</p><form action="/adminpanel?tab=process" method="post">
<fieldset>
<input type="hidden" name="newupdate" />
<textarea name="message"></textarea>
<select name="type">
    <option value="Community">Community</option>
    <option value="Security">Security</option>
    <option value="Gameplay">Gameplay</option>
    <option value="Account">Account</option>
    <option value="Miscellaneous">Misc.</option>
</select>
<input id="submit" type="submit" value="Insert Update" />
</fieldset>
</form><p>The last six updates were as follows from newest to oldest:</p><p>(To delete an entry hover over the update and press delete)</p>';

$q = $dbc -> prepare ("SELECT * FROM updates ORDER BY date_time DESC LIMIT 0, 6");
$q -> execute();

    while ($update = $q -> fetch(PDO::FETCH_ASSOC)) {

        echo '<div id="displaybox"><div><strong>' . $update['date_time'] . '</strong><span>' . $update['type'] . '</span></div><p>' . $update['message'] . '</p><a href="/adminpanel?tab=process&update=' . $update['date_time'] . '">Delete</a></div>';
    }
}

// ########## TO DO LIST ##########

elseif (isset($_GET['tab']) && $_GET['tab'] === 'tasklist') {

$delete = 'task';

if (isset($_SESSION['success'])) {

    echo $_SESSION['success'];
    unset($_SESSION['success']);
}

echo '<p>This is the to do list anything that needs to be done whether it be urgent or not put it here.</p><p>Remember once the task has been completed remember to add it to the <a href="/adminpanel?tab=gameupdates">game updates</a>.</p><p>Below (if any) are the current tasks that need doing, to add a new task complete the form at the bottom of this page.</p>';

$q = $dbc -> prepare ("SELECT * FROM tasks ORDER BY date_time");
$q -> execute();

    while ($task = $q -> fetch(PDO::FETCH_ASSOC)) {

        echo '<div id="displaybox"><div><strong>' . $task['date_time'] . '</strong><span>' . $task['type'] . '</span></div><p>' . $task['message'] . '</p><a href="/adminpanel?tab=process&task=' . $task['date_time'] . '">Delete</a></div>';
    }

echo '<p>To add a task complete the form below, along with which type of update it is.</p><p>To delete a task once it has been completed hover over the task and press delete.</p><form action="/adminpanel?tab=process" method="post">
<fieldset>
<input type="hidden" name="newtask" />
<textarea name="message"></textarea>
<select name="type">
    <option value="Community">Community</option>
    <option value="Security">Security</option>
    <option value="Gameplay">Gameplay</option>
    <option value="Account">Account</option>
    <option value="Miscellaneous">Misc.</option>
</select>
<input id="submit" type="submit" value="Insert New Task" />
</fieldset>
</form>';
}

// ########## PROCESS ADMIN CHANGES ##########

elseif (isset($_GET['tab']) && $_GET['tab'] === 'process') {

// ########## GAME UPDATE SUCCESS ##########

if (isset($_POST['newupdate'])) {

    if ($_POST['message'] === '') {
        header('Location:/adminpanel?tab=gameupdates');
        exit();
            }

    $q = $dbc -> prepare("INSERT INTO updates (message, type, date_time) VALUES (?, ?, ?)");
    $q -> execute(array($_POST['message'], $_POST['type'], date("y/m/d : H:i:s", time())));
    $_SESSION['success'] = '<p><strong>Successfully added a new game update.</strong></p>';
    header('Location:/adminpanel?tab=gameupdates');
    exit();
}

// ######### TO DO LIST SUCCESS ##########

elseif (isset($_POST['newtask'])) {

   开发者_Go百科 if ($_POST['message'] === '') {
        header('Location:/adminpanel?tab=tasklist');
        exit();
    }

    $q = $dbc -> prepare("INSERT INTO tasks (message, type, date_time) VALUES (?, ?, ?)");
    $q -> execute(array($_POST['message'], $_POST['type'], date("y/m/d : H:i:s", time())));
    $_SESSION['success'] = '<p><strong>Successfully added a new task.</strong></p>';
    header('Location:/adminpanel?tab=tasklist');
    exit();
}

// ########## GAME UPDATE DELETE ##########

elseif ($delete = 'update') {

    $q = $dbc -> prepare("DELETE FROM updates WHERE date_time = ?");
    $q -> execute(array($_GET['update']));
    $_SESSION['success'] = '<p><strong>Successfully deleted the selected update.</strong></p>';
    header('Location:/adminpanel?tab=gameupdates');
    exit();
}

// ########## TO DO LIST DELETE ##########

elseif ($delete = 'task') {

    $q = $dbc -> prepare("DELETE FROM tasks WHERE date_time = ?");
    $q -> execute(array($_GET['task']));
    $_SESSION['success'] = '<p><strong>Successfully deleted the selected task.</strong></p>';
    header('Location:/adminpanel?tab=tasklist');
    exit();
}

else {

    header('Location:/adminpanel');
    exit();
}
}

// ########## ADMIN CONTROL PANEL ##########

else {
echo '<p>This is the admin panel. Click on an option below to begin.</p><p><a href="/adminpanel?tab=gameupdates">Add/Remove A Game Update</a></p><p><a href="/adminpanel?tab=tasklist">Add/Remove A Task From List</a></p>';
}
?>

A long script I know, but you need to see it all for it to make sense, the script works fine apart from one little bug.

You will notice that the first if statement has a variable

$delete = 'update';

Which means that if the $_GET['tab'] = gameupdates, $delete = 'update'

The second elseif is different...

if $_GET['tab'] = tasklist, $delete = 'task'

In these first two if and else if statements there are while loops which contain a link something like

<a href="adminpanel?tab=process&update OR task=' . some variable . '">Delete</a>

Now the link is either update if it is in the $_GET['gameupdates'] or task if it is in $_GET['tasklist'].

In the third elseif statement where $_GET['tab'] = process, the first two statements are for the form submissions, but the last two elseif statements are what the links that I explained are for.

Now if someone clicks the link 'Delete' while in the $_GET['tab'] = updates, $delete = update. So the second elseif statement in the elseif $_GET['tab'] = process fires, and it does.

The thing is if someone clicks a link while in $_GET['tab'] = tasklist, then $delete = task. So the third elseif statement in the elseif statement $_GET['tab'] = process, should fire as $delete = task.

Instead the update one fires all the time, and the query fails, you will notice that after the query the header redirects to the previous page with a session containing confirmation of the action. When I click the link in 'Delete' in $_GET['tab'] = tasklist, it fires the one for update, when it should fire the one for the $_GET['tab'] = tasklist.

I hope this makes sense I am stuck as what to do, all my rules I think are correct, I cannot see my mistake...

Thanks for your patience (and a lot of it!!!)


Your code references the $_SESSION variable, but never starts the session (session_start()). You need to use session_start() at the top of your script to gain access to the session data.

Additionally, '=' is an assignment operator. You need an equality operator ('==').

In the following line, you assign the value of 'update' to $delete

elseif ($delete = 'update') {

Instead, you should check if $delete contains the value 'update':

elseif ($delete == 'update') {

You will need to make this change in multiple places.

0

精彩评论

暂无评论...
验证码 换一张
取 消