eaglelegend

Im sorry, there is nothing there...

Thanks mate, Maybe that will work, heh. lets hope so. if I remember what you said by then heh!. night

I was thinking instead if deleting my mail straight off my system, when mail etc. are deleted, they are moved to a "deleted" table, now how do I move a message say, when user clicks delete, it moves too that table, and as far as the user knows its deleted, however, staff are allowed to see that message so then if anything fishy is going on, staff can spot it quickly and efficiantly!

yep. I have that, thanks!

errm, this IS logging in/egerstering with the database online and not for the mobile, anyway they both work, but could you explain more about this other things you are saying?

Ok this is the original... DoLogin.php <?php session_start(); include("config.php"); $u = $_POST['u']; $p = $_POST['p']; $check = mysql_num_rows(mysql_query("SELECT * FROM `members` WHERE `username`='$u' AND `password`='$p'")); if($check==1) { $_SESSION['Board'] = $u; session_register('Board'); header("Location: main.php"); print"<a href=main.php>Click here</a> to continue."; } else { print "User/Pass mismatch!"; print"<a href=index.php>Click here</a> to continue."; } ?> is this correct?: <?php session_start(); include("config.php"); $u = $_POST['u']; $p = md5($_POST['p']); $check = mysql_num_rows(mysql_query("SELECT * FROM `members` WHERE `username`='$u' AND `password`='$p'")); if($check==1) { $_SESSION['Board'] = $u; session_register('Board'); header("Location: main.php"); print"<a href=main.php>Click here</a> to continue."; } else { print "User/Pass mismatch!"; print"<a href=index.php>Click here</a> to continue."; } ?> Note, this my first official attempt at md5ing something myself heh!

to make the login/register MD5, as it dont md5 :/

can anyone help? :-\

Hey, some guys helped me out with getting my site using MD5 and encrypted from here, thanks you guys, just one more problem, I just get a mobile version, now I need to have the login and register pges md5, if you notice its not here I have to change it, please et me know where and I can get it for you. right... Register: <!DOCTYPE html PUBLIC "-//WAPFORUM//DTD XHTML Mobile 1.0//EN" "http://www.wapforum.org/DTD/xhtml-mobile10.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Cache-Control" content="no-cache"/> <meta http-equiv="Content-Type" content="text/html;charset=ISO-8859-1" /> <link href="di.css" rel="stylesheet" type="text/css" /> <title>Eagle Legend Mobile</title> </head> <body> <div class="navItem2">1. <a href="index.php" accesskey="0">Home</a></div> <p><img src="cp_2.gif" alt="Teen Board" width="100" height="37" /></p> <?php include("ads.php"); ?> Register for your free account<br /> <form action="doregister.php" method="post"> Username<br /> <input type="text" name="u" size="5" /> <br /> Password<br /> <input type="password" name="p" size="5" /> <br /> <input type="submit" value="Register"> </form> </p> <div id="navigation"> <div class="navItem2">0. <a href="index.php" accesskey="0">Home</a></div> </div> <p> <strong>© Eagle Legend MMVIII</strong></p> </body> </html> Login.php: <!DOCTYPE html PUBLIC "-//WAPFORUM//DTD XHTML Mobile 1.0//EN" "http://www.wapforum.org/DTD/xhtml-mobile10.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Cache-Control" content="no-cache"/> <meta http-equiv="Content-Type" content="text/html;charset=ISO-8859-1" /> <link href="di.css" rel="stylesheet" type="text/css" /> <title>Eagle Legend Mobile</title> </head> <body> <div class="navItem2">0. <a href="index.php" accesskey="0">Home</a></div> <p><img src="cp_2.gif" alt="Eagle Legend Mobile" width="100" height="37" /></p> <?php include("ads.php"); ?> <p class="style1">Login<br /> <form action="dologin.php" method="post"> Username<br /> <input type="text" name="u" size="5" /> <br /> Password<br /> <input type="password" name="p" size="5" /> <br /> <input type="submit" value="Login"> </form> </p> <div id="navigation"> <div class="navItem2">0. <a href="index.php" accesskey="0">Home</a></div> </div> <p> <strong>© Eagle Legend MMVIII</strong> </p> </body> </html>

ok... errm I pasted gingers code into thre query and it says You have to choose at least one column to display what coloumn?

Thanks ginger- I thought of that yes, but, I wasnt sure if I couldnt for some reason heh. thanks guys!

well it keeps going like I just said :/ is there any way I can query itin the actual database area that I can query on etc.?

hehe, approaching 100!

PROBLEM LOADING PAGE The connection was reset The connection to the server was reset while the page was loading. * The site could be temporarily unavailable or too busy. Try again in a few moments. * If you are unable to load any pages, check your computer's network connection. * If your computer or network is protected by a firewall or proxy, make sure that Firefox is permitted to access the Web. EDIT: I checked the database and it hasent encryped any of the passwords :/

ok did that sure, but now I get this :/ Parse error: syntax error, unexpected '{' in /misc/39/000/171/334/2/user/web/eaglelegend.com/md5.php on line 6 Thanks btw for hellping out! heh, I didnt think people would be so kind, but justgo to my site and abuse the security holes :/ heh I dont know what half of them are, people keep saying I have security holes, they never say what!

ok this shown include 'header.php'; while(list($username, $password) = mysql_fetch_assoc(mysql_query('SELECT username, password FROM members')) { mysql_query('UPDATE members SET password='.md5($password).' WHERE username="'.$username.'"'); } should I put <?php CODE ?> in it?

ok, that script you game me, is there any special name I need for it?

Login.php <?php include("header.php"); $username = $_POST['username']; $password = $_POST['password']; if($username && $password) { $check = mysql_num_rows(mysql_query("SELECT * FROM `members` WHERE `username`=\"$username\" AND `password`=\"$password\"")); if($check == 1) { if(setcookie("ELv2",$username,time()+(3600*24))) { Header("Location: index.php"); } else { print "Cant set cookie"; } } else { print "Sorry, username/password mismatch!"; } } else { ?> <h2>Login</h2><p> <form action="login.php" method="post"> Username<br> <input type="text" name="username" class="text_box" size="20" value="Username" title="Please enter the Username you registered here with." alt="Please enter the Username you registered here with."><p> Password<br> <input type="password" name="password" class="text_box" size="20" value="password" title="Please enter the Password you registered here with." alt="Please enter the Password you registered here with."><p> <input type="submit" class="text_box" value=" Login " title="Click here to log in." alt="Click here to log in."></form> <? } include("footer.php"); ?> Register.php <?php include("header.php"); ?> <?php $username = $_POST['username']; $password = $_POST['password']; $password_confirm = $_POST['password_confirm']; $email = $_POST['email']; if($username && $password && $password_confirm && $email) { $siteurl = preg_replace( "/[^a-zA-Z0-9s]/", "", $siteurl ); $check_user = mysql_num_rows(mysql_query("SELECT * FROM `members` WHERE `username`=\"$username\"")); $check_site = mysql_num_rows(mysql_query("SELECT * FROM `members` WHERE `url`=\"$siteurl\"")); if($check_user == 0) { if($password == $password_confirm) { $newpass = $password; $date = date("m/d/y"); $sql = mysql_query("SELECT * FROM `sites` WHERE `url`='$Z'"); while($r = mysql_fetch_array($sql)) { $money = $r["money"]; $points = $r["points"]; } $insert = mysql_query("INSERT INTO `members` (`admin`, `date`, `username`, `password`, `email`, `points`, `money`) VALUES('0', '$date', \"$username\", \"$newpass\", \"$email\", '$points', '$money')"); if($insert) { print "<h2>Congratulations!</h2><p> You are now a registered member of this site!<p> Username: $username<br> Password: $password<p> You can login using the form to the right!"; } else { print mysql_error(); } } else { print "<p>Passwords do not match!</p>"; } } else { if($check_user > 0) { print "<p>That username already exists!</p>"; } } } else { ?> <h2>Register</h2><p> <img src="http://www.eaglelegend.com/images/pets/Quadra.png" title="Mr. Helpya" alt="Mr. Helpya"> <form action="register.php" method="post"> Hello. My name is Mr. Helpya and as it is says in my name, I am here to help you! As you play throughout the game, you will see me bringing up help or tooltips as they are otherwise known. Even though I am to busy to see every user on the site, you will still be able to get the tooltips from me personally!.<br><br> Here is an example of my work, put your mouse over my picture above here... do you see the little box come up with my name? thats how it works, just put your mouse over any image, function or form fields and I will tell you what it is for!.<br><br> So, you want to register eh?, OK, the register form is another example of what I just taught you!, again put your mouse over the fields before you write to find out what you have to put there! please, whatever you write, do not enter any personal info on your username, as it is viewed by hundreds every day, and you wouldnt walk down town handing out your personal info would you? and what would your parents think? not to happy, I should think, so...<br><br> Please ask your parents about joining up with us, by registering we are assuming you have had your parents consent.<p> <b>Username:</b> <br> <input type="text" name="username" class="text_box" size="25" title="You need a username, it will be publically seen all over the site. NO personal info." alt="You need a username, it will be publically seen all over the site. NO personal info."><br> <b>Password</b> <br> <input type="password" name="password" class="text_box" size="25" title="You need a password that you can remember but others cannot guess." alt="You need a password that you can remember but others cannot guess."><p> <b>Password Confirm</b><br> <input type="password" name="password_confirm" class="text_box" size="25" title="Please enter the password you just written above here, again." alt="Please enter the password you just written above here, again."><p> <b>Email</b><br> <input type="text" name="email" class="text_box" size="30" title="Please enter your email address. We rarely email. Please talk to your parents first." alt="Please enter your email address. We rarely email. Please talk to your parents first."><p> <input type="submit" value="Register" class="text_box" alt="Click here to register your new account!" title="Click here to register your new account!"></form> <?php } include("footer.php"); ?> I think there maybe more, but thats all I can think I can provide right now :/ ALSO, how do I query the mysql about that?

it has no md5 tags :/ thats why I need help installing it on ther and FAST!

I bought most of the script, I have repaired, and gtot help from most of your guys. right I need to have the passwords etc. that are stored in the datbases encrypted, so if anyone accesses them, they cannot get any login details, as I currently dont have that like that :/

No, the guy whose I bought it off, as everyone knows, as I told them, he sold it to me with no help or anything, it was only because people have notified me about these issues I have had to well... try but not successfully understand how to put it in!

I know its not something I should shout out about, but I need MD5 for my login/register and cookies scripts, however, I dont know how to install it, and really I'd rather not throw all the info here with database info etc. to affect, but, my hosting people provide no php help unfortunately.

nope, thanks, but I already have that, however correctly, when you send an email you choose say, "mark@site.com" like it is meant to, however, I am wanting to have replys go to the users REAL email address, the email that the user registered with, and I WILL have a system where it validates users email address to besure no one is going to be usingmy online/offline features just to "spam"

Thanks for all the work, there IS something I didnt think about, but has just come to me, the email thing, how can I have it show as for example "mark@site.com" which it does., however, when user replys, if you look in the code you may see I TRIED to have it reply to the user's email address? could you check and work out how I can have it successfully have it do that? thanks! <?php include("header.php"); include("members.php"); $a = $_GET['action']; $u = $_COOKIE['ELv2']; $id = $_GET['id']; ?> <h2>Message Center</h2> <input type='button' value='Send a New Message!' onClick='parent.location="/mail.php?action=newmsg"' class='text_box' style='width: 200px' alt='Send a message!' title='Send a message!'> <input type='button' value='Inbox!' onClick='parent.location="/mail.php?action=inbox"' class='text_box' style='width: 200px' alt='View your recieved mail!' title='View your recieved mail!'> <input type='button' value='Outbox!' onClick='parent.location="/mail.php?action=outbox"' class='text_box' style='width: 200px' alt='View mail you have sent!' title='View mail you have sent!'> <?php switch($a) { case "inbox": print "<br><h1>Inbox</h1><p> <table border=\"0\" cellpadding=\"3\" cellspacing=\"1\" width=\"100%\" bgcolor=\"#000000\"> <tr> <Td bgcolor=\"#dddddd\" class=\"text_box\">Subject</td> <td bgcolor=\"#dddddd\" class=\"text_box\">From</td> <td bgcolor=\"#dddddd\" class=\"text_box\">Date</td> <td bgcolor=\"#dddddd\" class=\"text_box\">Status</td> <td bgcolor=\"#dddddd\" class=\"text_box\">Actions</td> </tr>"; $query = "SELECT * FROM `messages` WHERE `to` = '{$u}' AND `site` = '$Z' ORDER BY `id` DESC"; $sql = mysql_query($query) or die("MySQL Error in query: ".$query."<br />".mysql_error()); while($row = mysql_fetch_array($sql)) { extract($row); print "<tr> <td bgcolor=\"#ffffff\" class=\"other\">" . $subject . "</td> <td bgcolor=\"#ffffff\" class=\"other\">" . $from . "</td> <td bgcolor=\"#ffffff\" class=\"other\">" . $date . "</td> <td bgcolor=\"#ffffff\" class=\"other\">" . $status . "</td> <td bgcolor=\"#ffffff\" class=\"other\"><a href=\"mail.php?action=sview&id=" . $id . "\">Read - <a href=\"mail.php?action=delete&id=" . $id . "\">Delete</td> </tr>"; } print "</table>"; break; case "outbox": print "<br><h1>Outbox</h2><p> <table border=\"0\" cellpadding=\"3\" cellspacing=\"1\" width=\"100%\" bgcolor=\"#000000\"> <tr> <Td bgcolor=\"#dddddd\" class=\"text_box\">Subject</td> <td bgcolor=\"#dddddd\" class=\"text_box\">To</td> <td bgcolor=\"#dddddd\" class=\"text_box\">Date</td> <td bgcolor=\"#dddddd\" class=\"text_box\">Status</td> <td bgcolor=\"#dddddd\" class=\"text_box\">Actions</td> </tr>"; $query = "SELECT * FROM `messages` WHERE `from` = '{$u}' AND `site` = '$Z' ORDER BY `id` DESC"; $sql = mysql_query($query) or die("MySQL Error in query: ".$query."<br />".mysql_error()); while($row = mysql_fetch_array($sql)) { extract($row); print "<tr> <td bgcolor=\"#ffffff\" class=\"other\">$subject</td> <td bgcolor=\"#ffffff\" class=\"other\">$to</td> <td bgcolor=\"#ffffff\" class=\"other\">$date</td> <td bgcolor=\"#ffffff\" class=\"other\">$status</td> <td bgcolor=\"#ffffff\" class=\"other\"><a href=\"mail.php?action=view&id=$id\">Read - <a href=\"mail.php?action=delete&id=$id\">Delete</td> </tr>"; } print "</table>"; break; case "delete": $del = mysql_query("DELETE FROM `messages` WHERE `id` = '$id' AND `site` = '$Z'"); if($del) { Header("Location: mail.php?action=inbox"); } else { print mysql_error(); } break; case "view": $update = mysql_query("UPDATE `messages` SET `status`='read' WHERE `id`='$id' AND `site`='$Z'"); $query = "SELECT * FROM `messages` WHERE `id`='$id' AND `site` = '$Z'"; $sql = mysql_query($query) or die("MySQL Error in query: ".$query."<br />".mysql_error()); while($row = mysql_fetch_array($sql)) { extract($row); print "<h2>$subject</h2><p> To: $to<br> From: $from<br> Date: $date<p> <form action=\"mail.php?action=sendmsg\" method=\"post\"> <input type=\"hidden\" name=\"to\" value=\"$from\" class=\"text_box\"> <input type=\"hidden\" name=\"subject\" value=\"RE: $subject\" class=\"text_box\"> <input type=\"hidden\" name=\"type\" value=\"2\" class=\"text_box\"> Message:<br> <textarea rows=\"6\" cols=\"60\" nowrap name=\"message\" class=\"text_box\"> $body </textarea><p>"; } break; case "sendmsg": if($_POST['type'] == "1") { $headers = "MIME-Version: 1.0\r\n"; $headers .= "Content-type: text/plain; charset=iso-8859-1\r\n"; $headers .= "To: ".trim($_POST['to'])."\r\n"; $headers .= "From: ".trim($_POST['from'])."\r\n"; $headers .= "Reply-To: ".trim($email)."\r\nnew;reply-to: ".trim($email)."\r\n"; @mail(trim($_POST['to']), trim($_POST['subject']), $_POST['message'], $headers); echo("Mail sent to ".trim($_POST['to']) ); }elseif ($_POST['type'] == "2") { $subject = $_POST['subject']; $message = $_POST['message']; $date = date("m/d/y"); $status = "unread"; $to = $_POST['to']; if($subject && $to && $message) { $insert = mysql_query("INSERT INTO `messages` (`site`, `subject`, `body`, `status`, `date`, `to`, `from`) VALUES('$Z', '$subject', '$message', '$status', '$date', '$to', '$u')"); if($insert) { print "<h2>Message Sent</h2><p> Your message has been sent!<P> <a href=\"mail.php?action=inbox\">Back to Inbox"; }else { print mysql_error(); } } else { print "Subject, To User, and Message are required!"; } } break; case "sview": $update = mysql_query("UPDATE `messages` SET status = 'read' WHERE `id`='$id' AND `site`= '$Z'"); $query = "SELECT * FROM `messages` WHERE `id`='$id' AND `site` = '$Z'"; $sql = mysql_query($query) or die("MySQL Error in query: ".$query."<br />".mysql_error()); while($row = mysql_fetch_array($sql)) { extract($row); print "<h2>$subject</h2><p> To: $to <br>From: $from <br>Date: $date<p> $body<p> <form action=\"mail.php?action=sendmsg\" method=\"post\"> <input type=\"hidden\" name=\"to\" value=\"$from\" class=\"text_box\"> <input type=\"hidden\" name=\"type\" value=\"2\" class=\"text_box\"> <input type=\"hidden\" name=\"subject\" value=\"RE: $subject\" class=\"text_box\"> Reply:<br> <textarea rows=\"6\" cols=\"60\" nowrap name=\"message\" class=\"text_box\"> <p><p>Original Message --------------------------- To: $to From: $from Date: $date Message: $body</textarea><p> <input type=\"submit\" value=\" Send Reply \" class=\"text_box\"></form>"; } break; default: $query = "SELECT count(*) as msgs FROM `messages` WHERE `to` = '$u' AND `site` = '$Z' "; $sql = mysql_query($query) or die("MySQL Error in query: ".$query."<br />".mysql_error()); $msg = mysql_fetch_array($sql); echo "You have {$msg['msgs']} messages"; echo "<h1>Send Message</h1><p> <form action=\"mail.php?action=sendmsg\" method=\"post\">"; echo "<input type=\"radio\" name=\"type\" value=\"1\" class=\"text_box\" alt=\"Click here if you are sending your message outside this site via email\" title=\"Click here if you are sending your message outside this site via email\"> Email <input type=\"radio\" name=\"type\" value=\"2\" checked class=\"text_box\" alt=\"Click here if you are sending a message within this site and NOT via email!\" title=\"Click here if you are sending a message within this site and NOT via email!\"> Private Message <br> To: <br> <input type=\"text\" name=\"to\" class=\"text_box\" alt=\"Who do you want to send your message to?\" title=\"Who do you want to send your message to?\"><p> From:<br> <select name=\"from\" size=\"1\" class=\"text_box\" alt=\"Please choose where your sending from!\" title=\"Please choose where you are sending from!\">"; $sql = mysql_query("SELECT * FROM `members` WHERE `username`='$u'"); while($row = mysql_fetch_array($sql)) { $us = $row["username"]; print "<option value=\"$us\">$us</option> <option value=\"$us@eaglelegend.com\">$us@eaglelegend.com</option>"; } print "</select><p> Subject:<br> <input type=\"text\" name=\"subject\" size=\"30\" class=\"text_box\" alt=\"What is the title/subject of your message?\" title=\"What is the title/subject of your message?\"><p> Message:<br> <textarea rows=\"6\" cols=\"60\" nowrap name=\"message\" class=\"text_box\" alt=\"Please enter your message!\" title=\"Please enter your message!\"></textarea><p> <input type=\"submit\" value=\" Send Message \" class=\"text_box\" alt=\"Click here to send your message!\" title=\"Click here to send your message!\"></form>"; #$query = "SELECT `email` FROM `members` WHERE `username`='".mysql_escape_string($username)."' LIMIT 1"; break; } include("footer.php"); ?>

Parse error: syntax error, unexpected T_DEFAULT in /misc/39/000/171/334/2/user/web/actorwise.com/nav.php on line 33 Nav.php <?php if($_COOKIE['ELv2']=="") { ?> <h2>Navigation</h2> <input type='button' value='Home' onClick='parent.location="index.php"' class='text_box' style='width: 170px' alt='Click here to go to the main page!' title='Click here to go to the main page!'> <input type='button' value='Register!' onClick='parent.location="register.php"' class='text_box' style='width: 170px' alt='Register!' title='Register!'> <h2>Login</h2> <form action=login.php method=post> Username:<br> <input type="text" name="username" class="text_box" size="15" value="Username" onclick="document.form1.type.value ='''';" onclick="make_blank();" title="Please enter the Username you registered here with." alt="Please enter the Username you registered here with."><p> Password:<br> <input type="password" name="password" class="text_box" size="15" value="Password" title="Please enter the Password you registered here with." alt="Please enter the Password you registered here with."><p><p> <input type='submit' class="text_box" value='Login' title="Click here to log in." alt="Click here to log in."></form> <?php } else { ?> <?php $sql = mysql_query("SELECT * FROM `members` WHERE `username`='{$_COOKIE['ELv2']}' AND `site`=\"$Z\""); while($row = mysql_fetch_array($sql)) { $username = $row["username"]; } ?> <h2>Hello <?php echo $username; ?>!</h2> <div class="text_box" style="width: 160px"> If you are not <?php echo $username; ?>, please click <a href="logout.php">here</a>!<p> You have <?php echo $POINTS; ?> Eagle Gold on you! <br> <?php default: $query = "SELECT count(*) as msgs FROM `messages` WHERE `to` = '$u' AND status = 'unread' AND `site` = '$Z' "; $sql = mysql_query($query) or die("MySQL Error in query: ".$query."<br />".mysql_error()); $msg = mysql_fetch_array($sql); echo "You have {$msg['msgs']} new messages"; $query = "SELECT count(*) as msgs FROM `messages` WHERE `to` = '{$_COOKIE['ELv2']}' AND `site` = '$Z' "; $sql = mysql_query($query) or die("MySQL Error in query: ".$query."<br />".mysql_error()); $msg = mysql_fetch_array($sql); echo "You have {$msg['msgs']} messages!"; ?></div> <script type="text/javascript"> // Current Server Time script (SSI or PHP)- By JavaScriptKit.com (http://www.javascriptkit.com) // For this and over 400+ free scripts, visit JavaScript Kit- http://www.javascriptkit.com/ // This notice must stay intact for use. //Depending on whether your page supports SSI (.shtml) or PHP (.php), UNCOMMENT the line below your page supports and COMMENT the one it does not: //Default is that SSI method is uncommented, and PHP is commented: //var currenttime = '<!--#config timefmt="%B %d, %Y %H:%M:%S"--><!--#echo var="DATE_LOCAL" -->' //SSI method of getting server date var currenttime = '<? print date("F d, Y H:i:s", time())?>' //PHP method of getting server date ///////////Stop editting here///////////////////////////////// var montharray=new Array("January","February","March","April","May","June","July","August","September","October","November","December") var serverdate=new Date(currenttime) function padlength(what){ var output=(what.toString().length==1)? "0"+what : what return output } function displaytime(){ serverdate.setSeconds(serverdate.getSeconds()+1) var datestring=montharray[serverdate.getMonth()]+" "+padlength(serverdate.getDate())+", "+serverdate.getFullYear() var timestring=padlength(serverdate.getHours())+":"+padlength(serverdate.getMinutes())+":"+padlength(serverdate.getSeconds()) document.getElementById("servertime").innerHTML=datestring+" "+timestring } window.onload=function(){ setInterval("displaytime()", 1000) } </script> <div align="center"> <span id="servertime" class="text_box" style="width: 160px" alt="LOOK!, a clock!" title="LOOK!, a clock!"></span> </div><br> <input type='button' value='Home' onClick='parent.location="index.php"' class='text_box' style='width: 170px' alt='Click here to go to the main page!' title='Click here to go to the main page!'><br> <input type='button' value='Mail!' onClick='parent.location="mail.php"' class='text_box' style='width: 170px' alt='Click here to read, send and manage your mail!' title='Click here to read, send and manage your mail!'><br> <input type='button' value='Forum!' onClick='parent.location="forum.php"' class='text_box' style='width: 170px' alt='Click here to view the mail!' title='Click here to view the forum!'><br> <input type='button' value='Logout!' onClick='parent.location="logout.php"' class='text_box' style='width: 170px' alt='Click here to log out!' title='Click here to log out!'><br> <?php $ch = mysql_num_rows(mysql_query("SELECT * FROM `members` WHERE `username`='{$_COOKIE['ELv2']}' AND `admin`='1'")); if($ch == 1) { ?> <input type='button' value='Manage site!' onClick='parent.location="managesite.php"' class='text_box' style='width: 170px' alt='Click here to manage the site!' title='Click here to manage the site!'> <?php } } ?>