The script is as follows...
<?php
// ########## GAME UPDATE FORM ##########
if (isset($_GET['tab']) && $_GET['tab'] === 'gameupdates') {
$delete = 'update';
if (isset($_SESSION['success'])) {
echo $_SESSION['success'];
unset($_SESSION['success']);
}
echo '<p>To make a new game update fill out the form below along with the type of update it corresponds to.</p><p>If you have completed a task make sure to remove it from the <a href="/adminpanel?tab=tasklist">task list</a>.</p><form action="/adminpanel?tab=process" method="post">
<fieldset>
<input type="hidden" name="newupdate" />
<textarea name="message"></textarea>
<select name="type">
<option value="Community">Community</option>
<option value="Security">Security</option>
<option value="Gameplay">Gameplay</option>
<option value="Account">Account</option>
<option value="Miscellaneous">Misc.</option>
</select>
<input id="submit" type="submit" value="Insert Update" />
</fieldset>
</form><p>The last six updates were as follows from newest to oldest:</p><p>(To delete an entry hover over the update and press delete)</p>';
$q = $dbc -> prepare ("SELECT * FROM updates ORDER BY date_time DESC LIMIT 0, 6");
$q -> execute();
while ($update = $q -> fetch(PDO::FETCH_ASSOC)) {
echo '<div id="displaybox"><div><strong>' . $update['date_time'] . '</strong><span>' . $update['type'] . '</span></div><p>' . $update['message'] . '</p><a href="/adminpanel?tab=process&update=' . $update['date_time'] . '">Delete</a></div>';
}
}
// ########## TO DO LIST ##########
elseif (isset($_GET['tab']) && $_GET['tab'] === 'tasklist') {
$delete = 'task';
if (isset($_SESSION['success'])) {
echo $_SESSION['success'];
unset($_SESSION['success']);
}
echo '<p>This is the to do list anything that needs to be done whether it be urgent or not put it here.</p><p>Remember once the task has been completed remember to add it to the <a href="/adminpanel?tab=gameupdates">game updates</a>.</p><p>Below (if any) are the current tasks that need doing, to add a new task complete the form at the bottom of this page.</p>';
$q = $dbc -> prepare ("SELECT * FROM tasks ORDER BY date_time");
$q -> execute();
while ($task = $q -> fetch(PDO::FETCH_ASSOC)) {
echo '<div id="displaybox"><div><strong>' . $task['date_time'] . '</strong><span>' . $task['type'] . '</span></div><p>' . $task['message'] . '</p><a href="/adminpanel?tab=process&task=' . $task['date_time'] . '">Delete</a></div>';
}
echo '<p>To add a task complete the form below, along with which type of update it is.</p><p>To delete a task once it has been completed hover over the task and press delete.</p><form action="/adminpanel?tab=process" method="post">
<fieldset>
<input type="hidden" name="newtask" />
<textarea name="message"></textarea>
<select name="type">
<option value="Community">Community</option>
<option value="Security">Security</option>
<option value="Gameplay">Gameplay</option>
<option value="Account">Account</option>
<option value="Miscellaneous">Misc.</option>
</select>
<input id="submit" type="submit" value="Insert New Task" />
</fieldset>
</form>';
}
// ########## PROCESS ADMIN CHANGES ##########
elseif (isset($_GET['tab']) && $_GET['tab'] === 'process') {
// ########## GAME UPDATE SUCCESS ##########
if (isset($_POST['newupdate'])) {
if ($_POST['message'] === '') {
header('Location:/adminpanel?tab=gameupdates');
exit();
}
$q = $dbc -> prepare("INSERT INTO updates (message, type, date_time) VALUES (?, ?, ?)");
$q -> execute(array($_POST['message'], $_POST['type'], date("y/m/d : H:i:s", time())));
$_SESSION['success'] = '<p><strong>Successfully added a new game update.</strong></p>';
header('Location:/adminpanel?tab=gameupdates');
exit();
}
// ######### TO DO LIST SUCCESS ##########
elseif (isset($_POST['newtask'])) {
开发者_Go百科 if ($_POST['message'] === '') {
header('Location:/adminpanel?tab=tasklist');
exit();
}
$q = $dbc -> prepare("INSERT INTO tasks (message, type, date_time) VALUES (?, ?, ?)");
$q -> execute(array($_POST['message'], $_POST['type'], date("y/m/d : H:i:s", time())));
$_SESSION['success'] = '<p><strong>Successfully added a new task.</strong></p>';
header('Location:/adminpanel?tab=tasklist');
exit();
}
// ########## GAME UPDATE DELETE ##########
elseif ($delete = 'update') {
$q = $dbc -> prepare("DELETE FROM updates WHERE date_time = ?");
$q -> execute(array($_GET['update']));
$_SESSION['success'] = '<p><strong>Successfully deleted the selected update.</strong></p>';
header('Location:/adminpanel?tab=gameupdates');
exit();
}
// ########## TO DO LIST DELETE ##########
elseif ($delete = 'task') {
$q = $dbc -> prepare("DELETE FROM tasks WHERE date_time = ?");
$q -> execute(array($_GET['task']));
$_SESSION['success'] = '<p><strong>Successfully deleted the selected task.</strong></p>';
header('Location:/adminpanel?tab=tasklist');
exit();
}
else {
header('Location:/adminpanel');
exit();
}
}
// ########## ADMIN CONTROL PANEL ##########
else {
echo '<p>This is the admin panel. Click on an option below to begin.</p><p><a href="/adminpanel?tab=gameupdates">Add/Remove A Game Update</a></p><p><a href="/adminpanel?tab=tasklist">Add/Remove A Task From List</a></p>';
}
?>
A long script I know, but you need to see it all for it to make sense, the script works fine apart from one little bug.
You will notice that the first if statement has a variable
$delete = 'update';
Which means that if the $_GET['tab'] = gameupdates
, $delete = 'update'
The second elseif is different...
if $_GET['tab'] = tasklist, $delete = 'task'
In these first two if and else if statements there are while loops which contain a link something like
<a href="adminpanel?tab=process&update OR task=' . some variable . '">Delete</a>
Now the link is either update if it is in the $_GET['gameupdates']
or task if it is in $_GET['tasklist']
.
In the third elseif statement where $_GET['tab'] = process
, the first two statements are for the form submissions, but the last two elseif statements are what the links that I explained are for.
Now if someone clicks the link 'Delete' while in the $_GET['tab'] = updates
, $delete = update
. So the second elseif statement in the elseif $_GET['tab'] = process
fires, and it does.
The thing is if someone clicks a link while in $_GET['tab'] = tasklist
, then $delete = task
. So the third elseif statement in the elseif statement $_GET['tab'] = process
, should fire as $delete = task
.
Instead the update one fires all the time, and the query fails, you will notice that after the query the header redirects to the previous page with a session containing confirmation of the action. When I click the link in 'Delete' in $_GET['tab'] = tasklist
, it fires the one for update, when it should fire the one for the $_GET['tab'] = tasklist
.
I hope this makes sense I am stuck as what to do, all my rules I think are correct, I cannot see my mistake...
Thanks for your patience (and a lot of it!!!)
Your code references the $_SESSION variable, but never starts the session (session_start()
). You need to use session_start()
at the top of your script to gain access to the session data.
Additionally, '=' is an assignment operator. You need an equality operator ('==').
In the following line, you assign the value of 'update' to $delete
elseif ($delete = 'update') {
Instead, you should check if $delete
contains the value 'update':
elseif ($delete == 'update') {
You will need to make this change in multiple places.
精彩评论