Jump to content

Recommended Posts

hey everyone, well i was making a website to sell pictures on and i decided to use a pre-made php script which when i first got was not working, ive been tweaking it and managed to get it working apart from it wont submit the password on the admin page, ive narrowed it down to this bit of code but i cant see whats wrong, i tried putting method="post" like that but then the whole admin.php page just pops up white, could someone please shed some light on what im doing wrong? thanks a lot. heres the bit of code below ive managed to narrow it down to

 

} else echo "<form name=form1 method=post action=$PHP_SELF method=post>Password : <input type=\"password\" name=\"password\" size=20>
<input type=submit name=submit value=OK>
</form>";

Link to comment
https://forums.phpfreaks.com/topic/106548-solved-hmm-new-to-php-help-with-this/
Share on other sites

erm well the code uses an "if" at the beggining, sorry if my terms arnt correct as im a vb6 programmer not php hehe... erm here it is..

 

include("config.inc");
if ($password==$adpass) {
if ($submit=="Edit") {

 

then if the password isnt right it will goto an else which is =

 

} else echo "<form name=form1 method=post action=$PHP_SELF method=post>Password : <input type=\"password\" name=\"password\" size=20>
<input type=submit name=submit value=OK>
</form>";

 

 

so in my url i either get:

 

http://localhost/test/method=post

 

or if i take out the first method=post then i get =

 

http://localhost/test/method=post?password=mypass&submit=OK

It seems as if the script is relying on register_globals.

i agree

 

change

if ($password==$adpass) {
if ($submit=="Edit") {

to

if ($_POST['password']==$adpass) {
if ($_POST['submit']=="Edit") {

 

if you wanted to cheat (not recommended) but you could do this

extract($_POST); //ADD this line
if ($password==$adpass) {
if ($submit=="Edit") {

 

okay ive changed this bit below

 

if ($_POST['password']==$adpass) {
if ($_POST['submit']=="Edit") {

 

further down in my code i have this :

    <input type=\"submit\" name=\"submit\" value=\"Edit\">
    <input type=\"hidden\" name=\"password\" value=\"$password\">
    <input type=\"submit\" name=\"submit\" value=\"Delete\">

 

im assuming i change it to something like:

 

    <input type=\"submit\" name=\"submit\" value=\"Edit\">
    <input type=\"hidden\" name=\"password\" value=\"password\">
    <input type=\"submit\" name=\"submit\" value=\"Delete\">

 

oh and just incase this still doesnt work heres  the full script just to let you know what im working with:

 

<html>
<head>
<title>upload form</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<script language="JavaScript">
function pre() {
form2.preview.src = 'thumbnails/image'+form2.choiceimage.options[form2.choiceimage.selectedIndex].value+'.jpg';
}
</script>
</head>
<body bgcolor="#000000" text="#CCCCCC" link="#FF3300" vlink="#FF3300">
<div align="center"><font color="#FF3300" face="Arial, Helvetica, sans-serif"><strong>GALLERY
  ADMIN PAGE</strong></font><br>
</div>
<?php
include("config.inc");
if ($_POST['password']==$adpass) {
if ($_POST['submit']=="Edit") {
echo "<script language='JavaScript'>
window.location = 'uploadform.php?i=$choiceimage&password=$password';
</script>";
}elseif ($submit=="Delete") {
for ($i=1; file_exists("images/image".strval($i).".jpg"); $i++) {
}
$num=$i-1;
function unlinkk($f) {
if (!file_exists($f)) return true;
else return unlink($f);
}
function del($i) {
if (unlinkk("images/image$i.jpg") and unlinkk("thumbnails/image$i.jpg") and unlinkk("down/image$i.zip")
and unlinkk("des/image$i.txt")) return true;
}
if (!del($choiceimage)) echo "Error";
for ($i=intval($choiceimage)+1; $i<$num; $i--) {
$j=$i-1;
if (!rename("images/image$i.jpg", "images/image$j.jpg")) $error="r";
}
if ($error=="") echo "Image$choiceimage deleted successfully";
} else {
echo "<form name=\"form2\" action=\"$PHP_SELF\" method=\"post\">
  <p align=\"center\"><font color=\"#CCCCCC\" size=\"1\" face=\"verdana\"><strong><font size=\"2\">Upload
    New Picture</font></strong></font></p>
  <p align=\"center\"><strong><font color=\"#CCCCCC\" size=\"1\" face=\"verdana\"><a href=\"uploadform.php?password=$password\">click
    here</a> </font></strong></p>
  <p align=\"center\"><strong><font color=\"#CCCCCC\" size=\"1\" face=\"verdana\">OR</font></strong></p>
  <p align=\"center\"><strong><font color=\"#CCCCCC\" size=\"1\" face=\"verdana\"><strong><font size=\"2\">EDIT
    Existing Picture</font></strong></font></strong></p>
  <p align=\"center\"><font color=\"#CCCCCC\" size=\"1\" face=\"verdana\"><strong>Image
    Select :<br>
    <table border=0><tr><td><select name=\"choiceimage\" size=10 onChange=\"pre()\">";
       for ($i=1; file_exists("thumbnails/image".strval($i).".jpg"); $i++) {
    echo "<option value=$i>Image$i</option>";
}
    echo "</select></td>
    </strong></font></p>
  <p align=center>
    <td><img src=\"noth.gif\" border=0 name=preview></td></p></tr></table>
  <p align=\"center\"><strong><font color=\"#CCCCCC\" size=\"1\" face=\"verdana\">
    <input type=\"submit\" name=\"submit\" value=\"Edit\">
    <input type=\"hidden\" name=\"password\" value=\"$password\">
    <input type=\"submit\" name=\"submit\" value=\"Delete\">
    </font></strong> </p>
</form>";
}
} else echo "<form name=form1 method=post action=$PHP_SELF method=post>Password : <input type=\"password\" name=\"password\" size=20>
<input type=submit name=submit value=OK>
</form>";
?>
<div align="center"><br><font color="#CCCCCC" size="1" face="verdana"><a href="index.php">Go To Gallery</a><br>
  <br>©Kyscorp.tk -2000-2003- Kys
  Gallery 1.0
  </font></div>
<style>
BODY { scrollbar-face-color: "#000000"; scrollbar-arrow-color: "#000000"; scrollbar-track-color: "#000000"; scrollbar-3dlight-color:"#333333"; scrollbar-darkshadow-color: "#333333"; }
</style></body>
</html>

sorry dont mean to double post, heres the code for the page it goes to though:

 

<html>
<head>
<title>upload form</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<script language="JavaScript" type="text/JavaScript">
function validate(){
if (form1.name.value=="" | form1.author.value=="" | form1.des.value=="" | form1.image.value=="" | form1.thumb.value=="")  {
alert("Name, author, File Source, Description and Thumbnail fields are required");
return false;
} else if((form1.web.value!="") & (form1.web.value.indexOf("http://")!=0)) {
alert("the web address must begin with 'http://'");
return false;
} else {
return true;
form1.submit();
}
}
</script>
</head>
<body bgcolor="#000000" text="#CCCCCC" link="#FF3300" vlink="#FF3300">
<div align="center"><font color="#FF3300" face="Arial, Helvetica, sans-serif"><strong>GALLERY
  ADMIN PAGE</strong></font><br>
</div>
<?php include("config.inc");
if ($password==$adpass) {
if ($action=="save") {
if ($i=="") for ($i=1; file_exists("images/image".strval($i).".jpg"); $i++) {
}
$file ="des/image$i.txt";
$fp =fopen($file, "w+");
$name=stripslashes($name);
$des=stripslashes($des);
$code=stripslashes($code);
$author=stripslashes($author);
$w ="name=".$name."&price=".$price."&code=".$code."&des=".$des."&author=".$author."&mail=".$mail."&date=".$date."&web=".$web;
for ($ii=1; $ii<100; $ii++) {
$w=stripcslashes($w);
}
if ($down<>"") $w = $w."&counter=0";
fwrite($fp, $w);
fclose($fp);
if (copy($thumb, "thumbnails/image".strval($i).".jpg"))  echo "Thumbnail copied<br>";
if (copy($image, "images/image".strval($i).".jpg"))  echo "Image copied<br>";
if (copy($down, "down/image".strval($i).".zip"))  echo "Download File copied";
} else {
$file="des/image$i.txt";
///
if (file_exists("des/image$i.txt")) {
$fp=fopen($file, "r");
$w=fread($fp, filesize($file));
for ($j=1; $j<10; $j++) {
$w=stripcslashes($w);
}
parse_str($w);
$name=stripslashes($name);
$des=stripslashes($des);
$code=stripslashes($code);
$author=stripslashes($author);
fclose($fp);
}
echo "<form method=\"post\" onsubmit=\"return validate();\" enctype=\"multipart/form-data\" name=\"form1\" action=\"$PHP_SELF\">
  <p> <font size=\"1\" face=\"verdana\">File Source:
    <input name=\"image\" type=\"file\" id=\"image\" value='images/image$i.jpg'>
    <input name=\"i\" type=\"hidden\" id=\"i\" value=$i>
    </font></p>
  <p><font size=\"1\" face=\"verdana\"> Name:
    <input name=\"name\" type=\"text\" id=\"name\" value='$name'>
    </font></p>
  <p><font size=\"1\" face=\"verdana\">Thumbnail:
    <input name=\"thumb\" type=\"file\" id=\"thumb\" value='thumbnails/image$i.jpg'>
    </font></p>
  <p><font size=\"1\" face=\"verdana\">Download File: (Not required)
    <input name=\"down\" type=\"file\" id=\"down\" value='down/image$i.jpg'>
    </font></p>
  <p><font size=\"1\" face=\"verdana\">Date:
    <input name=\"date\" type=\"text\" id=\"date\" value='$date'>
    <input name=\"action\" type=\"hidden\" id=\"action\" value=\"save\">
    <input name=\"password\" type=\"hidden\" id=\"action\" value=\"$password\">
    </font></p>
  <p><font size=\"1\" face=\"verdana\">Author:
    <input name=\"author\" type=\"text\" id=\"author\" value='$author'><br><br>
Author Web: <input name=\"web\" type=\"text\" id=\"web\" value='$web'>
    </font></p>
  <p><font size=\"1\" face=\"verdana\">E-mail:
    <input name=\"mail\" type=\"text\" id=\"mail\" value='$mail'><br><br>Price :
<input name=\"price\" type=\"text\" id=\"price\" value=\"$price\">
    </font></p>
  <p><font size=\"1\" face=\"verdana\">Description:</font></p>
  <p> <font size=\"1\" face=\"verdana\">
    <textarea name=\"des\" id=\"des\">$des</textarea>
    </font></p>
  <p><font size=\"1\" face=\"verdana\">Paypal HTML Code:</font></p>
  <p> <font size=\"1\" face=\"verdana\">
    <textarea name=\"code\" id=\"code\">$code</textarea>
    </font></p>
  <p align=\"center\">  </p>
  <p align=\"center\"> <font size=\"1\" face=\"verdana\">
    <input type=\"submit\" name=\"Submit\" value=\"Submit\">
    </font></p>
</form>";

}
} else echo "<form name=form1 action=$PHP_SELF method=post>Password : <input type=\"password\" name=\"password\" size=20>
<input type=submit name=submit value=OK>
</form>";
?>
<div align="center"><br><font color="#CCCCCC" size="1" face="verdana"><a href="index.php">Go To Gallery</a><br>
  <br>©Kyscorp.tk -2000-2003- Kys
  Gallery 1.0
  </font></div>
<style>
BODY { scrollbar-face-color: "#000000"; scrollbar-arrow-color: "#000000"; scrollbar-track-color: "#000000"; scrollbar-3dlight-color:"#333333"; scrollbar-darkshadow-color: "#333333"; }
</style></body>
</html>

from last script on 2nd to last post

change

}elseif ($submit=="Delete") {

to

}elseif ($_POST['submit']=="Delete") {

 

 

on the last post

change

if ($password==$adpass) {
if ($action=="save") {

to

if ($_POST['password']==$adpass) {
if ($_POST['action']=="save") {

 

and

$name=stripslashes($name);
$des=stripslashes($des);
$code=stripslashes($code);
$author=stripslashes($author);

to

$name=stripslashes($_POST['name']);
$des=stripslashes($_POST['des']);
$code=stripslashes($_POST['code']);
$author=stripslashes($_POST['author']);

theirs 2 of the above

 

 

i think thats all

 

 

thanks a lot for helping but im just getting

 

Not Found

 

The requested URL /test/method=post was not found on this server.

 

>_<

 

EDIT: uhg i hate the fact in programing its always the simplest things lol i figured it out :D thanks a lot for the help as well

... i just needed to put the ' ' on each side of --> '$PHP_SELF' on both pages, well thats sorted :-) thanks

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.