Jump to content

HDFilmMaker2112

Members
 View Profile  See their activity

  • Posts

    547

  • Joined

  • Last visited

    Never

 Content Type 

Everything posted by HDFilmMaker2112

  1. HDFilmMaker2112
    Fixed a few of the CSS issues but it's still not scrolling. http://www.area51entertainment.co/index.php There are 7 divs, three of them hidden. Mousing over or clicking on "Scroll Left" and "Scroll Right" does nothing.
  2. HDFilmMaker2112
    Need some help sorting this out. Saw this on another website and I'm trying to recreate it myself. I'm trying to make a set of div tags scroll. Can't get it to work. The fourth div tag isn't hidden and the scroll left and scroll right "links" don't work. Link to the current incarnation of the page: http://www.area51entertainment.co/index.php Basically what I'm looking to create is this: http://www.lionsgate.com/ The vertical scroller next the video. I want to do that in javascript/xhtml/css and have it horizontal. Here's my current code: Main Page: <?php require_once 'func.php'; if(isset($_GET['contact'])){ } else{ $javascript='<script type="text/javascript" src="scroll.js"></script>'."\n"; } header("Content-Type: application/xhtml+xml;charset=utf-8"); ?> <!DOCTYPE html> <html xmlns="http://www.w3.org/1999/xhtml" lang="en"> <head> <base href="http://www.area51entertainment.co/" /> <title>Area 51 Entertainment <?php echo "$section"; ?></title> <meta charset="UTF-8" /> <meta name="verify-v1" content="" /> <meta name="keywords" content="" /> <meta name="description" content="" /> <meta name="author" content="Andrew McCarrick" /> <meta name="robots" content="index, follow" /> <style type="text/css"> body { background: #000000; /* Old browsers */ /* IE9 SVG, needs conditional override of 'filter' to 'none' */ background: url(data:image/svg+xml;base64,PD94bWwgdmVyc2lvbj0iMS4wIiA/Pgo8c3ZnIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgd2lkdGg9IjEwMCUiIGhlaWdodD0iMTAwJSIgdmlld0JveD0iMCAwIDEgMSIgcHJlc2VydmVBc3BlY3RSYXRpbz0ibm9uZSI+CiAgPGxpbmVhckdyYWRpZW50IGlkPSJncmFkLXVjZ2ctZ2VuZXJhdGVkIiBncmFkaWVudFVuaXRzPSJ1c2VyU3BhY2VPblVzZSIgeDE9IjAlIiB5MT0iMCUiIHgyPSIwJSIgeTI9IjEwMCUiPgogICAgPHN0b3Agb2Zmc2V0PSIwJSIgc3RvcC1jb2xvcj0iIzQwMDQwMCIgc3RvcC1vcGFjaXR5PSIxIi8+CiAgICA8c3RvcCBvZmZzZXQ9IjEwMCUiIHN0b3AtY29sb3I9IiMwMDAwMDAiIHN0b3Atb3BhY2l0eT0iMSIvPgogIDwvbGluZWFyR3JhZGllbnQ+CiAgPHJlY3QgeD0iMCIgeT0iMCIgd2lkdGg9IjEiIGhlaWdodD0iMSIgZmlsbD0idXJsKCNncmFkLXVjZ2ctZ2VuZXJhdGVkKSIgLz4KPC9zdmc+); background: -moz-linear-gradient(top, #400400 0%, #000000 100%); /* FF3.6+ */ background: -webkit-gradient(linear, left top, left bottom, color-stop(0%,#400400), color-stop(100%,#000000)); /* Chrome,Safari4+ */ background: -webkit-linear-gradient(top, #300300 0%,#000000 100%); /* Chrome10+,Safari5.1+ */ background: -o-linear-gradient(top, #300300 0%,#000000 100%); /* Opera 11.10+ */ background: -ms-linear-gradient(top, #300300 0%,#000000 100%); /* IE10+ */ background: linear-gradient(top, #300300 0%,#000000 100%); /* W3C */ filter: progid:DXImageTransform.Microsoft.gradient( startColorstr='#300300', endColorstr='#000000',GradientType=0 ); /* IE6-8 */ background-repeat: no-repeat; background-attachment: fixed; color: #FFFFFF; font-family: Verdana; margin-right:auto; margin-left:auto; max-width:1000px; } </style> <link rel="stylesheet" type="text/css" href="style.css" /> <?php echo $javascript; ?> </head> <body> <div class="wrapper"> <div class="head_wrapper"> <div class="logo"></div> <div class="links"> Home | Films | Television | DVD/Blu-Ray | Web | Music | About | Contact | Investors </div> </div> <div class="content_wrapper"> <div class="video"></div> <div class="recentfilms_wrapper"> <div class="left_arrow" onclick="jumpLeft('recentfilms')" onmouseover="scrollLeft('recentfilms')" onmouseout="stopScroll()">scroll left</div> <div id="recentfilms"> <div id="scroller" class="scroller"> <div class="film_entry">Test</div> <div class="film_entry">Test2</div> <div class="film_entry">Test3</div> <div class="film_entry">Test4</div> </div> </div> <div class="right_arrow" onclick="jumpRight('recentfilms')" onmouseover="scrollRight('recentfilms')" onmouseout="stopScroll()">scroll right</div> </div> <div class="news"></div> </div> <div class="footer_wrapper"> <div class="copyright"><? echo copyyear('2012'); ?> Area 51 Entertainment, Inc.</div> </div> </div> </body> </html> scroll.js scrollStep=1 var timerLeft var timerRight function jumpLeft(id){ document.getElementById(id).scrollLeft+=scrollStep } function scrollLeft(id){ clearTimeout(timerRight) document.getElementById(id).scrollLeft+=scrollStep timerRight=setTimeout("scrollLeft('"+id+"')",10) } function scrollRight(id){ clearTimeout(timerLeft) document.getElementById(id).scrollLeft-=scrollStep timerLeft=setTimeout("scrollRight('"+id+"')",10) } function jumpRight(id){ document.getElementById(id).scrollLeft+=scrollStep } function stopScroll(){ clearTimeout(timerRight) clearTimeout(timerLeft) } style.css a:link {color: #FFFFFF; text-decoration: none;} a:visited {color: #FFFFFF; text-decoration: none;} a:active {color: #FFFFFF; text-decoration: none;} a:hover {color: #902C2C; text-decoration: underline;} .link a:link {text-decoration: none; color: #902C2C;} .link a:visited {text-decoration: none; color: #902C2C;} .link a:active {text-decoration: none; color:#902C2C;} .link a:hover {text-decoration: underline; color: #FFFFFF;} .wrapper{ height: 100%; } .header_wrapper{ width: 1000px; height: 100px; } .logo{ height: 90px; width: 300px; float: left; } .links{ height: 90px; width: 700px; float: right; } .tab{ width: 100px; float: left; text-align: center; } .tab2{ width: 15px; float: left; text-align: center; } .content_wrapper{ min-height: 530px; height: 110%; padding-top: 5px; clear: both; } .content{ width: 900px; margin-left: 50px; margin-top: 15px; } .content_text{ width: 795px; height: 100%; margin-left: 100px; clear: both; } .page_header{ width: 850px; margin-left: 25px; text-align: center; font-size: 28px; } .left_arrow{ float: left; width: 50px; } .recentfilms{ float: left; width: 720px; height: 200px; overflow: hidden; } .scroller{ width: 720px; height: 200px; } .film_entry{ width: 200px; height: 200px; float: left; margin-left: 10px; margin-right: 10px; } .right_arrow{ float: left; width: 50px; } .footer{ width: 998px; background-color: #000000; border: 0px; border-top: 2px; border-color: #902C2C; border-style: solid; border-collapse: collapse; clear: both; } .copyright{ width: 500px; height: 25px; float: left; font-size: 12px; background-color: #000000; }
  3. HDFilmMaker2112
    my issue was the elseif statement at the beginning. Should have been $_GET['get']=="password". PHP issue not Mysql. UPDATE $tbl_name11, $tbl_name10 SET password='$newpass' WHERE application.id=members.application_id AND username='$username' AND email='$email' (I know that wouldn't have been possible to figure out from the excerpt that I posted.)
  4. HDFilmMaker2112
    Still not working. UPDATE members, application SET password='$newpass' WHERE application.id=members.application_id AND username='$username' AND email='$email' I've also tried: UPDATE members INNER JOIN application ON application.id=members.application_id SET password='$newpass' WHERE members.username='$username' AND application.email='$email' No luck.
  5. HDFilmMaker2112
    I need help with the below MySQL query. I have two tables, with some information in one table that is needed to update the second table. The below is not update the table: elseif($_GET['forgot']=="password"){ if(email_verify($email)){ $new_password =& generatePassword(); $username=sanitize($_POST['username']); $newpass=kam3($new_password); $investors_forgot_password_sql1="UPDATE members SET password='$newpass' FROM application, members WHERE application.id=members.application_id AND username='$username' AND email='$email'"; $investors_forgot_password_result1=mysql_query($investors_forgot_password_sql1) or die(mysql_error()); $investors_forgot_password_num_rows1=mysql_affected_rows(); if($investors_forgot_password_num_rows1==1){ $content.='<p class="center">New password generated. It has been emailed to the email address provided.</p><br />'; $message='Some one (hopefully you) requested a new password be generated for your account on Make the Movie Happen. Below is the newly generated password: Password: '.$new_password.' Once you log-in, please change your password. Thank You, Make the Movie Happen Support Team '; mail($email, 'Make the Movie Happen - New Investor Password', $message, 'From: general@makethemoviehappen.com'); } else{ header("Location: ./index.php?investors=forgot&e=1"); } } else{ header("Location: ./index.php?investors=forgot&e=2"); } } The mysql_error(); returns nothing.
  6. HDFilmMaker2112
    Also, you should probably be using an elseif on the second check.
  7. HDFilmMaker2112
    Exactly right. Don't know why I used double quotes inside the query.
  8. HDFilmMaker2112
    The below code is taking the submission from the form and inserting into the members table, but it is not updating the application table. if($_GET['view']=="applications"){ $section.=' - New Investor Applications'; $content=' <div class="main"> <div class="main_header">New Investor Applications</div>'; if($_GET['approved']=="update"){ $id=(int)$_GET['id']; $approved=$_POST['approved']; $approved=sanitize($approved); $username=$_POST['username']; $username=sanitize($username); $password=$_POST['password']; $password=kam3($password); $approved_sql="INSERT INTO members (username, password, application_id) VALUES ('$username', '$password', '$id')"; $approved_result=mysql_query($approved_sql) or die(mysql_error()); $approved_rows=mysql_affected_rows(); $update_approved_sql='UPDATE application SET approved="y" WHERE id="$id"'; $update_approved_result=mysql_query($update_approved_sql) or die(mysql_error()); $update_approved_rows=mysql_affected_rows(); if($approved_rows==1 && $update_approved_rows==1){ header("Location: ./index.php??admincp=investors&view=applications&approved=updated"); } } elseif($_GET['approved']=="updated"){ $content.='<div class="center"> Application Status Updated. <br /> <a href="http://www.makethemoviehappen.com/index.php?admincp=investors&view=accounts">View Investor Accounts</a> </div>'; } elseif(isset($_GET['id'])){ $id=(int)$_GET['id']; $member_list_query="SELECT * FROM application WHERE id='$id'"; $member_list_result=mysql_query($member_list_query); while($member_list_row=mysql_fetch_array($member_list_result)){ extract($member_list_row); } $section.=' - '.$name.' - Application #'.$id.''; $content.=' <div class="center bold eighteen">Investor Application - '.$name.' - #'.$id.'</div> <br /> <div class="investor_applications_wrapper"> <div class="title_data_row"> <div class="title"><div class="investor_padding">Name:</div></div> <div class="data"><div class="investor_padding">'.$name.'</div></div> </div> <div class="title_data_row"> <div class="title"><div class="investor_padding">Organization (if applicable):</div></div> <div class="data"><div class="investor_padding">'.$organization.'</div></div> </div> <div class="title_data_row"> <div class="title" class="title"><div class="investor_padding">E-Mail Address:</div></div> <div class="data"><div class="investor_padding">'.$email.'</div></div> </div> <div class="title_data_row"> <div class="title"><div class="investor_padding">Phone Number:</div></div> <div class="data"><div class="investor_padding">'.$phone.'</div></div> </div> <div class="title_data_row"> <div class="title"><div class="investor_padding">Brief description of the organization you represent (if applicable):</div></div> <div class="data"><div class="investor_padding">'.$company_description.'</div></div> </div> <div class="title_data_row"> <div class="title"><div class="investor_padding">Nature of your inquiry into Make the Movie Happen:</div></div> <div class="data"><div class="investor_padding">'.$nature_inquiry.'</div></div> </div> <div class="title_data_row accredited_spacer"> <div class="bold center eighteen">"Accredited Investor" Qualification</div> </div> <div class="title_data_row"> <div class="title"><div class="investor_padding">The applicant is an entity with total assets in excess of $5,000,000:</div></div> <div class="data"><div class="investor_padding">'.ucfirst($company_assets).'</div></div> </div> <div class="title_data_row"> <div class="title"><div class="investor_padding">The applicant is a natural person whose individual net worth is above $1,000,000 or annual income of $2/300,000:</div></div> <div class="data"><div class="investor_padding">'.ucfirst($natural_person).'</div></div> </div> <div class="title_data_row"> <div class="title"><div class="investor_padding">The applicant is an employee benefit plan within the meaning of Title I of ERISA:</div></div> <div class="data"><div class="investor_padding">'.ucfirst($employee_benefit_plan).'</div></div> </div> <div class="title_data_row"> <div class="title"><div class="investor_padding">The applicant is licensed, or subject to supervision, by U.S. federal or state examining authorities as a bank or savings and loan association, insurance company or licensed small business investment company:</div></div> <div class="data"><div class="investor_padding">'.ucfirst($bank_savings).'</div></div> </div> <div class="title_data_row"> <div class="title"><div class="investor_padding">The applicant is registered with the U.S. Securities and Exchange Commission (the "SEC") as a broker or dealer under the Securities Exchange Act of 1934 or qualifies as a "business development company":</div></div> <div class="data"><div class="investor_padding">'.ucfirst($broker_dealer).'</div></div> </div> <div class="title_data_row"> <div class="title"><div class="investor_padding">The applicant is a private business development company as defined in Section 202(a)(22) of the Investment Advisers Act of 1940, as amended:</div></div> <div class="data"><div class="investor_padding">'.ucfirst($development_company).'</div></div> </div> <div class="title_data_row"> <div class="title"><div class="investor_padding">The applicant is an entity in which all of the equity owners are persons described above (including an IRA where the participant is an accredited investor):</div></div> <div class="data"><div class="investor_padding">'.ucfirst($equity_owners).'</div></div> </div> <div class="title_data_row"> <div class="title"><div class="investor_padding">Agreement Confirmed</div></div> <div class="data"><div class="investor_padding">'.ucfirst($confirm_agreement).'</div></div> </div> </div> <div class="investors_approve_form"> <div class="center bold eighteen">Approve Application</div> <form action="./index.php?admincp=investors&view=applications&approved=update&id='.$id.'" method="post"> <p><label>Username: </label><input type="text" name="username" size="32" /></p> <p><label>Password: </label><input type="text" name="password" size="32" /></p> <p><label>Approve: </label> Yes <input type="radio" name="rating" value="y" /> No <input type="radio" name="rating" value="n" /></p> <input type="submit" name="go" value="Go" /> </form> </div> <div class="spacer_bottom"> </div> '; } else{ $new_applications="SELECT * FROM application WHERE approved='n'"; $new_applications_result=mysql_query($new_applications); while($new_applications_row=mysql_fetch_assoc($new_applications_result)){ extract($new_applications_row); $content.='<div class="center"><a href="./index.php?admincp=investors&view=applications&id='.$id.'">'.(!empty($username) ? ''.$username.'' : ''.$name.'').'</a></div>'; } } $content.='</div>'; }
  9. HDFilmMaker2112
    Would there be any feasible way of combining the two Update statement below into one? The Members Table has id, username, password, and application_id The Application Table has the application id, the users application information and whether or not the application is approved. if($_GET['approved']=="update"){ $approved=$_GET['approved']; $approved=sanitize($approved); if($approved=="y"){ $id=(int)$_GET['id']; $username=$_GET['username']; $username=sanitize($username); $password=$_GET['password']; $password=sanitize($password); $approved_sql='UPDATE members SET username="$username" password="$password" application_id="$id"'; $approved_result=mysql_query($approved_sql); $approved_rows=mysql_affect_rows(); $update_approved_sql='UPDATE application SET approved="y" WHERE id="$id"'; $update_approved_result=mysql_query($update_approved_sql); $update_approved_rows=mysql_affect_rows(); if($approved_rows==1 && $update_approved_rows==1{ header("Location: ./index.php??admincp=investors&view=applications&id=1&approved=updated"); } } }
  10. HDFilmMaker2112
    I can not get the below to work: if(time() < strtotime("11/21/2011 3:30AM EST") && time() > strtotime("11/21/2011 2:30PM EST")) It should be evaluating to true between 3:30 AM and 2:30 PM EST for today. Now that it's past 2:30PM it should be evaluating to false, but it's coming up as true. Edit: Nevermind. Cache/Cookies Issue.
  11. HDFilmMaker2112
    Just looking to know if this is the proper way to implement this: I need the below if to be true when any number between 100 and 1000 is the value of x, including say "105.55" if($x>= 100 && $x <= 1000){ } Basically I'm asking will a value of x with a decimal in it not cause the if statement to be true.
  12. HDFilmMaker2112
    I have my database set to insert the current time stamp when an entry is made into the table, I am then trying to retrieve via the following code: $select_view_idea="SELECT * FROM $tbl_name5 WHERE message_number='$message_number'"; $result_view_idea=mysql_query($select_view_idea); while($row_view_idea=mysql_fetch_assoc($result_view_idea)){ extract($row_view_idea); } date_default_timezone_set('US/Eastern'); $date=date('l, F jS Y h:i:s A T', $date); echo $date; The above is outputting: Wednesday, December 31st 1969 07:33:31 PM EST the database contains: 2011-11-18 00:47:56
  13. HDFilmMaker2112
    Spelling mistake in my column name for "amount".
  14. HDFilmMaker2112
    For some reason the below is always redirecting to ./index.php?usercp=ideas&message=error I'm assuming it's something to do with mysql_affected_rows. <?php session_start(); require_once 'db_select.php'; require_once 'func.php'; $donor_id=$_POST['donor_id']; $donor_id=sanitize($donor_id); $username=$_POST['username']; $username=sanitize($username); $name=$_POST['name']; $name=sanitize($name); $amount=$_POST['amount']; $amount=sanitize($amount); $idea_message=$_POST['idea_message']; $idea_message=sanitize($idea_message); $_SESSION['idea_message']=$idea_message; $subject=$_POST['subject']; $subject=sanitize($subject); $_SESSION['subject']=$subject; $confirm_agreement=$_POST['confirm_agreement']; $confirm_agreement=sanitize($confirm_agreement); if($subject==""){ $error0=1; } else{ $error0=0; } if($idea_message==""){ $error1=1; } else{ $error1=0; } if(($confirm_agreement!="no" && $confirm_agreement!="yes") || $confirm_agreement=="no"){ $error2=1; } else{ $error2=0; } $error="".$error0."".$error1."".$error2.""; if($error!="000"){ header("Location: ./index.php?usercp=ideas&error=".$error.""); } else{ $sql="INSERT INTO $tbl_name5 (message_number, donor_id, username, name, amoutn, message) VALUES ('$message_number', '$donor_id', '$username', '$name', '$amount', '$message')"; mysql_query($sql); if(mysql_affected_rows()==1){ header("Location: ./index.php?usercp=ideas&message=submitted"); unset($_SESSION['idea_message']); unset($_SESSION['subject']); } else{ header("Location: ./index.php?usercp=ideas&message=error"); } } ?>
  15. HDFilmMaker2112
    For some reason I commented out mysql_real_escape_string on my sanitize function, and I don't remember why I did it. Is it something that is vital and I should un-comment it out? function sanitize($formValue){ if(function_exists('get_magic_quotes_gpc') && get_magic_quotes_gpc()) { $formValue = stripslashes($formValue); } //$formValue = mysql_real_escape_string($formValue); return $formValue; }
  16. HDFilmMaker2112
    Here's what I came up with: Conversation Number: id conversation_id message_number Message: message_number user_id username name message conversation_id Could that be simplified? If so how?
  17. HDFilmMaker2112
    But say I have the following: Situation 1: User 2 submits a message -> admin 1 sees it and replies to user 2 -> user 2 replies to the message from admin 1 -> moderator 3 sees the message from user 2 and replies. Situation 2: user 4 submits a message -> moderator 5 sees it and replies to user 4 -> user 4 replies to the message from moderator 5 -> admin 1 sees reply from user 4 and moderator 5, and replies to user 4 about the topic and messages moderator 5 to let them know something they told user 4 was incorrect. How would all of that be chained together with a simple SELECT statement? I would need to select say message id numbers in situation 1: 123234 123453 123454 123544 and then loop them, to display them. And then in situation 2 message id numbers: 342342 342346 342356 342643 342678
  18. HDFilmMaker2112
    Looking for the best way to set-up the db of a messaging system. Here's what I have so far (basically pulled from another forum), don't know if Table1 is even really necessary: Table1: id user_message_id recepient_id recepient_read Table2: user_message_id sender_id sender_read subject message created_at updated_at Basically it needs to function where, someone submits a message to the admin or moderator, the admin/moderators can review and reply, and then the user can submit another reply, and keeps going indefinitely. I want each reply to show up almost like a forum thread. How would I chain the reply messages to the original messages?
  19. HDFilmMaker2112
    Just looking for an opinion on which one of these two pieces of code would process faster: <tr align="center" class="border"> <td class="border">'; if($copper=="yes"){ $content.= '<span class="strike">Copper</span>'; } else{ $content.= 'Copper'; } $content.=' </td> <td class="border"> '; if($copper=="yes"){ $content.= '<span class="strike">$10 - $35</span>'; } else{ $content.= ' $10 - $35'; } $content.=' </td> <td class="border">'; if($copper=="yes"){ $content.= '<span class="strike">800</span>'; } else{ $content.= ' 800'; } $content.=' </td> <td class="border">'; if($copper=="yes"){ $content.='Levels that are crossed out are full.'; } else{ $content.='Name in end Credits + Nickel Level'; } $content.=' </td> </tr> vs. if($copper=="yes"){ <tr align="center" class="border"> <td class="border"> <span class="strike">Copper</span> </td> <td class="border"> <span class="strike">$10 - $35</span> </td> <td class="border"> <span class="strike">800</span> </td> <td class="border"> Levels that are crossed out are full. </td> </tr> } else{ <tr align="center" class="border"> <td class="border"> Copper </td> <td class="border"> $10 - $35 </td> <td class="border"> 800 </td> <td class="border"> Name in end Credits + Nickel Level </td> </tr> }
  20. HDFilmMaker2112
    Crap... thanks. I moved them out of an existing echo and forget to put another echo in front of them.
  21. HDFilmMaker2112
    The below isn't triggering the second if statement: if($_GET['admincp']!=""){ echo '<div class="center"><a href="./index.php?admincp">Admin CP</a>'; if($_GET['do']=="edit"){ (isset($_GET['id']) ? ' &#187; <a href="./index.php?admincp=users&do=edit">Edit Users</a>' : ''); } elseif($_GET['view']=="accounts"){ (isset($_GET['id']) ? ' &#187; <a href="./index.php?admincp=investors&view=accounts">View Accounts</a>' : ''); } echo '</div>'; } When a user is at index.php?admincp=users&do=edit&id=someid they should see Admin CP >> Edit Users When a user is at index.php?admincp=investors&view=accounts&id=someid they should see Admin CP >> View Accounts Right now only Admin CP shows up.
  22. HDFilmMaker2112
    Had to change it to this: if($cadmin2=="4" && isset($_SESSION['mypassword3']) && $_SESSION['mypassword3']==$_SESSION['mypassword2'] || $cadmin2=="3" && isset($_SESSION['mypassword3']) && $_SESSION['mypassword3']==$_SESSION['mypassword2']){ Seems pointless that I essentially had to double the length of the if statement conditional.
  23. HDFilmMaker2112
    Isn't "key" a reserved mysql word? Maybe MySQL is trying to escape it.
  24. HDFilmMaker2112
    I need people to have access to the page when they are either $cadmin=4 or $cadmin=3 and mypassword3 is set and mypassword3 = mypassword2 So User A = $cadmin=4 and mypassword3 = mypassword2 would work User B = $cadmin=3 and mypassword3 = mypassword2 would work User C = $cadmin=2 would not work. Or when mypassword3 isn't set or doesn't equal mypassword2.
  25. HDFilmMaker2112
    Partially a continuation from my other thread, as this a little similar, but... The below should be redirecting a user that is not logged into the admin control panel back to the admincp log-in page. Instead it's showing the actual page. This is only the case if the user has a cadmin number of 3 or 4... so it is limiting the access to people that should have access and blocking those that shouldn't. But it should still be pointing a user not logged in back to the admincp log-in page because the mypassword3 session variable should not be set. When I var_dump $_SESSION mypassword3 is NULL. Everything else is set properly. <?php require_once 'db_select.php'; require_once 'func.php'; session_start(); $cadmin2=$_SESSION['admin_check']; if($cadmin2=="4" || $cadmin2=="3" && isset($_SESSION['mypassword3']) && $_SESSION['mypassword3']==$_SESSION['mypassword2']){ if($_GET['view']=="applications"){ $section.=' - New Applications'; $content.=' <div class="main"> <div class="main_header">New Investor Applications</div> </div> '; } elseif($_GET['view']=="accounts"){ $section.=' - View Accounts'; $content.=' <div class="main"> <div class="main_header">View Investor Accounts</div> </div> '; } else{ header("Location: ./index.php?admincp"); } } else{ header("Location: ./index.php?usercp"); } ?> Here's the admin panel/admin panel log-in if it helps anything: <?php require_once 'func.php'; session_start(); $cadmin2=$_SESSION['admin_check']; if($cadmin2=="3" || $cadmin2=="4"){ if(isset($_SESSION['myusername2']) && kam3($_POST['password'])==$_SESSION['mypassword2'] || isset($_SESSION['myusername2']) && $_SESSION['mypassword3']==$_SESSION['mypassword2']){ if(!empty($_POST['password'])){ $_SESSION['mypassword3']=kam3($_POST['password']); } $content.=' <div class="main"> <p class="main_header">Admin Control Panel</p> </div> <div class="usercp_links">'; if($cadmin2=="4"){ $content.=' <div class="ilink"> <a href="./index.php?admincp=users&do=add">New User</a> </div> <div class="ilink"> <a href="./index.php?admincp=investors&view=applications">Investor Applications</a> </div> <div class="ilink"> <a href="./index.php?admincp=requests&view=donation">Additional Donation Requests</a> </div> '; } $content.=' <div class="ilink"> <a href="./index.php?admincp=manage&view=ideas">Manage Idea Submissions</a> </div> </div> <div class="usercp_links">'; if($cadmin2=="4"){ $content.=' <div class="ilink"> <a href="./index.php?admincp=users&do=edit">Edit Users</a> </div> <div class="ilink"> <a href="./index.php?admincp=investors&view=accounts">Investor Accounts</a> </div> <!--<div class="ilink"> <a href="./index.php?admincp=requests&view=credit">Additional Credit Requests</a> </div>-->'; } $content.=' <div class="ilink"> <a href="./index.php?admincp=manage&view=exclusive">Manage Exclusive Content</a> </div> <div class="ilink"> <a href="./logout.php?logout=admin">Log-Out</a> </div> </div>'; } else{ if(!isset($_SESSION['myusername2'])){ header("Location: ./index.php"); } $content=' <table class="actors_table"> <tr> <td align="center">'; if(isset($_GET['e']) && $_GET['e']=="0") { $content .= '<span style="color: #FF0000; font-weight: bold;">Incorrect Username or Password</span><br/><br/>'; } else{ $content .=""; } $content .='Re-Type your password to view this information: <form action="" method="post"> <p>Username: <input type="text" name="username" value="'.$_SESSION['myusername2'].'" disabled="disabled" /></p> <p>Password: <input type="password" name="password" /></p> <p><input type="submit" value="Submit" name="Submit" /></p> </form> </td> </tr> </table> '; } } else{ header("Location: ./index.php?usercp"); } ?>
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.