Jump to content

url mod writing not working properly


sassenach

Recommended Posts

Hi,

 

I have a site which i added mod write to the url.

Some of the pages are not opening correctly. For example, the WHIWH login, should open a user & pass field in the page. You can see it is not opening it. http://www.whiwh.com/login/

 

Also a page like this http://www.whiwh.com/who_we_are/bill_of_rights/ does not open the actual page. it is sort of the same problem as the login page above.

 

This is my htaccess code:

RewriteEngine On
RewriteRule ^([0-9a-z\_]+)/$ /index.php?pname=$1 [L]
RewriteRule ^([0-9a-z\_]+)/([0-9a-z\_]+)/$ /index.php?pname=$1&spname=$2 [L]
RewriteRule ^([0-9a-z\_]+)/([0-9a-z\_]+)/([0-9a-z\_]+)/$ /index.php?pname=$1&spname=$2&sspname=$3 [L]
RewriteRule ^login/$ /staff.php?mid=8&smid=0&ssmid=0&login=1 [L]
RewriteRule ^forgot/$ /staff.php?mid=8&smid=0&ssmid=0&pass=1 [L]
RewriteRule ^account/$ /staff.php?mid=8&smid=0&ssmid=0&account=1 [L]
RewriteRule ^modpass/$ /staff.php?mid=8&smid=0&ssmid=0&modpass=1 [L]
RewriteRule ^meet/$ /staff.php?mid=8&smid=0&ssmid=0&meet=1 [L]
RewriteRule ^logout/$ /staff.php?mid=8&smid=0&ssmid=0&logout=1 [L]
RewriteRule ^newsletter/$ /newsletter.php?mid=7&smid=44&ssmid=8&news=1 [L]

IndexIgnore .htaccess */.??* *~ *# */HEADER* */README* */_vti*

AuthName whiwh.com
AuthUserFile /home/xxx/public_html/_vti_pvt/service.pwd
AuthGroupFile /home/xxx/public_html/_vti_pvt/service.grp

ErrorDocument 400 /400.php
ErrorDocument 401 /401.php
ErrorDocument 403 /403.php
ErrorDocument 404 /404.php
ErrorDocument 500 /500.php

AddHandler server-parsed .scss
AddType application/x-javascript .js
suPHP_ConfigPath /home/xxx/public_html

 

 

Here is the code where i deal with the mod write within the php page.

if (isset($_GET['pname'])) {
	$pname = str_replace('_', ' ',  $_GET['pname']);
	$pname = str_replace ('and', '&', $pname); 										
	$pname = ucwords($pname);
	if ($_GET['pname']=='calendar_of_events') {
		$mid = 4;
		$midT = 'Calendar of Events';
	} else {
			$pnameQ = mysql_query("SELECT menu_id, title FROM menu WHERE title = '".$pname."' ") or trigger_error("Query: $pnameQ\n<br />MySQL Error: " .mysql_error());
			if(mysql_affected_rows() > 0){	//if not empty, display
				$pnameR = @mysql_fetch_array ($pnameQ);
				$mid = (int) $pnameR['menu_id'];
				$midT = $pnameR['title'];
				mysql_free_result ($pnameQ); // Free up the resources.
			}
	}
} 

if (isset($_GET['spname'])) {
		$spname = str_replace('_', ' ', $_GET['spname']);
		$spname = str_replace ( 'and', '&', $spname); 										
	$spname = ucwords($spname);
	$spnameQ = mysql_query("SELECT smenu_id, title FROM smenu WHERE title = '".$spname."' ") or trigger_error("Query: $spnameQ\n<br />MySQL Error: " .mysql_error());
	if(mysql_affected_rows() > 0){	//if not empty, display
		$spnameR = @mysql_fetch_array ($spnameQ);
		$smid = (int) $spnameR['smenu_id'];
		$smidT = $spnameR['title'];
		mysql_free_result ($spnameQ); // Free up the resources.						 			 
	}

} 


if (isset($_GET['sspname'])) { 
	$sspname = str_replace('_', ' ', $_GET['sspname']);
	$sspname = str_replace ('and', '&',$sspname); 
	$sspname = ucwords($sspname);
	$sspnameQ = mysql_query("SELECT ssmenu_id, title FROM ssmenu WHERE title = '".$sspname."' ") or trigger_error("Query: $sspnameQ\n<br />MySQL Error: " .mysql_error());
	if(mysql_affected_rows() > 0){	//if not empty, display
		$sspnameR = @mysql_fetch_array ($sspnameQ);
		$ssmid = (int) $sspnameR['ssmenu_id'];
		$ssmidT = $sspnameR['title'];
		mysql_free_result ($sspnameQ); // Free up the resources.						 			 
	}

} 

 

If you look above, i had the same problem in Calendar of Events, therefore, i had to manually declare the variables $mid  and midT. That is the only way it worked.

any help is welcomed.

 

thanks

Link to post
Share on other sites

Place these in reverse order

RewriteRule ^([0-9a-z\_]+)/$ /index.php?pname=$1 [L]
RewriteRule ^([0-9a-z\_]+)/([0-9a-z\_]+)/$ /index.php?pname=$1&spname=$2 [L]
RewriteRule ^([0-9a-z\_]+)/([0-9a-z\_]+)/([0-9a-z\_]+)/$ /index.php?pname=$1&spname=$2&sspname=$3 [L]

 

So it should be

RewriteRule ^([0-9a-z\_]+)/([0-9a-z\_]+)/([0-9a-z\_]+)/$ /index.php?pname=$1&spname=$2&sspname=$3 [L]
RewriteRule ^([0-9a-z\_]+)/([0-9a-z\_]+)/$ /index.php?pname=$1&spname=$2 [L]
RewriteRule ^([0-9a-z\_]+)/$ /index.php?pname=$1 [L]

Link to post
Share on other sites

i reversed as suggested, as well as the login mod write:

RewriteRule ^login/$ /staff.php?mid=8&smid=0&ssmid=0&login=1 [L]
RewriteRule ^forgot/$ /staff.php?mid=8&smid=0&ssmid=0&pass=1 [L]
RewriteRule ^account/$ /staff.php?mid=8&smid=0&ssmid=0&account=1 [L]
RewriteRule ^modpass/$ /staff.php?mid=8&smid=0&ssmid=0&modpass=1 [L]
RewriteRule ^meet/$ /staff.php?mid=8&smid=0&ssmid=0&meet=1 [L]
RewriteRule ^logout/$ /staff.php?mid=8&smid=0&ssmid=0&logout=1 [L]
RewriteRule ^newsletter/$ /newsletter.php?mid=7&smid=44&ssmid=8&news=1 [L]
RewriteRule ^([0-9a-z\_]+)/([0-9a-z\_]+)/([0-9a-z\_]+)/$ /index.php?pname=$1&spname=$2&sspname=$3 [L]
RewriteRule ^([0-9a-z\_]+)/([0-9a-z\_]+)/$ /index.php?pname=$1&spname=$2 [L]
RewriteRule ^([0-9a-z\_]+)/$ /index.php?pname=$1 [L]

 

so now i got the login to work, but something like this http://www.whiwh.com/who_we_are/bill_of_rights/ is not opening the correct page.

 

any ideas?

Link to post
Share on other sites

also say i login http://www.whiwh.com/login/

user: admin@dachooch.com

pass: 1234

 

i see sub menu at the yellow strip. it works the same way as the rest of the site. we have main menu (mid) like "WHIWH Login" or "Who We Are", then we have sub menu (smid) like "General Info".

For example, i log into WHIWH Login, then i see the sub menu, i click on General Info and it opens this "http://www.whiwh.com/login/general_info/". This does not open the page it suppose to. Remember, in mod write, we change the menu title "WHIWH Login" to "login". So therefore i would assume the link goes like this "http://www.whiwh.com/login/general_info/". When I try to change the link to "http://www.whiwh.com/whiwh_login/general_info/", it still does not work.

i am not sure where i am going wrong with this as well.

 

Link to post
Share on other sites

The code in your .htaccess is correct, it will pass the correct urls to PHP. The problem is more to do with your PHP code.

 

If your PHP code was working correctly then this form of url should display the correct page

index.php?pname=who_we_are&spname=bill_of_writes

 

But it doesn't it just displays the who_we_are page. You'll need to debug your PHP code to see why its not displaying your sub pages correctly

Link to post
Share on other sites

you were right! the problem with some of the pages (not in the login) was that i use "ucwords()" which capitalizes the first character of every word. some of the words had a lower case, and the mysql query was case sensitive, so it wouldn't show the correct page.

 

the other problem with the login page, well that i cant seem to figure out. HELP????

Link to post
Share on other sites

i am guessing these lines are clashing in the htaccess file:

RewriteRule ^login/$ /staff.php?mid=8&smid=0&ssmid=0&login=1 [L]

 

and

RewriteRule ^([0-9a-z\_]+)/([0-9a-z\_]+)/$ /index.php?pname=$1&spname=$2 [L]

 

If we open this http://www.whiwh.com/login/ then its fine, i see the login page. but if we go to an inner page (sub menu) within the login page, such as this one http://www.whiwh.com/login/general_info/, then i think its clashing.

 

how can i solve this?

Link to post
Share on other sites

EDIT

i am guessing these lines are clashing in the htaccess file:

RewriteRule ^login/$ /staff.php?mid=8&smid=0&ssmid=0&login=1 [L]

 

and

RewriteRule ^([0-9a-z\_]+)/([0-9a-z\_]+)/$ /index.php?pname=$1&spname=$2 [L]

 

If we open this http://www.whiwh.com/login/ then its fine, i see the login page. but if we go to an inner page (sub menu) within the login page, such as this one http://www.whiwh.com/login/general_info/, then i think its clashing.

 

how can i solve this?

Yes they are clashing. When you go to

http://www.whiwh.com/login/

 

Then that url will match this rule

RewriteRule ^login/$ /staff.php?mid=8&smid=0&ssmid=0&login=1 [L]

 

However when you go to this url

http://www.whiwh.com/login/general_info/

 

Then it will match this rule

RewriteRule ^([0-9a-z\_]+)/([0-9a-z\_]+)/$ /index.php?pname=$1&spname=$2 [L]

 

Do you know what the (non clean) url should be for displaying the sub pages once logged in?

 

Link to post
Share on other sites

the staff page is only the code where the body text of the website goes.

<?php # index.php
include ('includes/header.php'); 		

//Content pages
echo '<div id="mainContentBox">';					
	if($mid=={	//WHIWH LOGIN ONLY							

		if((isset($_GET['login']) && $_GET['login']==1) && (!isLogged())){	//is not logged in, show login form
					echo '<p>WHIWH Login</p>';
					if (isset($_POST['submitted'])) { // Handle the form.										

							if (eregi ('^[[:alnum:]][a-z0-9_\.\-]*@[a-z0-9\.\-]', stripslashes(trim($_POST ['email'])))) { 
						      $e = escape_data($_POST ['email']);
						   } else {
						      $e = FALSE;
						      $ErrorMsg .= 'Please enter a valid email address.<br />';
						   }						   						  
						   
						   if (eregi ('^[[:alnum:]]{4,20}$', stripslashes(trim($_POST ['pass'])))) { 	   		   	
						      $p = escape_data($_POST ['pass']);
						   } else {   
						      $p = FALSE;
						      $ErrorMsg .= 'Please enter a password 4-20 characters long.<br />';
						   }
						   
							 $sendCurDate = returnLocalDateTime();

							 if ($e && $p) { // If everything's OK.
							   	// Make sure the email and pass are available, and user is not blocked and activated account.
						      $staffQ = mysql_query("SELECT staff_id, CONCAT_WS(' ', first_name, last_name) AS fn, email, bod FROM staff_members WHERE (email='$e' AND pass=SHA('$p')) AND active IS NULL") or trigger_error("Query: $staffQ\n<br />MySQL Error: " .mysql_error()); 
						      if (mysql_affected_rows() > 0) { // A match was made.			      
						      	$staffR = @mysql_fetch_array ($staffQ);	
						      	$updateQ = mysql_query("UPDATE staff_members SET last_login_date='$sendCurDate' WHERE staff_id=".$staffR['staff_id']."") or trigger_error("Query: $updateQ\n<br />MySQL Error: " .mysql_error());				
						      	
						      	$_SESSION['staffn'] = $staffR['fn'];
							      $_SESSION['staffid'] = $staffR['staff_id'];
							      $_SESSION['staffe'] = $staffR['email'];
							      $_SESSION['staffbod'] = $staffR['bod'];	 
							      ob_end_clean(); // Delete the buffer.
								  $smenu1Q = mysql_query("SELECT smenu_id FROM smenu WHERE menu_id=".$mid." ORDER BY smenu_id ASC LIMIT 1") or trigger_error("Query: $smenu1Q\n<br />MySQL Error: " .mysql_error()); 
							      $staffR = @mysql_fetch_array ($staffQ);	
								  //staff.php?mid=".$mid."&smid=".$staffR['smenu_id']."&ssmid=0&login=1
							      header("Location: ".$site_url."login/");	//redirect to insert
							     	exit(); // Quit the script.
						      } else {$ErrorMsg .= 'The information was incorrect or you haven\'t activated your account yet, please try again.<br />';}		
							 }
					}	//close is submitted
					if (isset($_POST['email'])) {$e = $_POST['email'];} else {$e = '';}																		
					echo '<div class="ErrMsg">' . $ErrorMsg . '</div>';
					echo '<form action="'.$site_url.'login/" method="post" name="frmMain">';
							echo '<table width="100%" border="0" cellpadding="0" cellspacing="5">';
								echo '<tr>
									<td width="100" class="inputText">Email*:</td>
									<td><input type="text" name="email" value="'.$e.'" /></td>
								</tr>';
								echo '<tr>
									<td class="inputText">Password*:</td>
									<td><input type="password" name="pass" /></td>
								</tr>';												
							echo '<tr>
							<td> </td><td>
								<div id="progbarSubmit" style="position:relative;visibility:visible;">
									<input type="submit" class="submitBTN" name="submit" onclick="BeforeSending();this.form.submitted.value=\'true\';" value="'.strtoupper('Login').'" />
									<input type="hidden" name="submitted" value="TRUE" />																	
								</div>
								<script language="javascript" type="text/javascript">
									var bar1= createBar(barBWidth,barBHeight,barBgColor,1,barBorderColor,barBlockColor,85,7,3,"");		
								</script>
							</td></tr>';
							echo '<tr><td> </td><td><a href="'.$site_url.'forgot/" style="font-size:11px;" title="forgot password?">forgot password?</a></td></tr>';

						echo '</table></form>';						
		}	elseif((isset($_GET['logout']) && $_GET['logout']==1) && (isLogged())){ //if logged in, show welcome screen, logout
			unset($_SESSION['staffn'], $_SESSION['staffid'], $_SESSION['staffe'], $_SESSION['staffu'], $_SESSION['staffbod']); 
	    #setcookie (session_name(), '',time()-300, '/', '', 0); // Destroy the cookie.
	    header("Location: ".$site_url."login/");	//redirect to insert			
		} elseif((isset($_GET['login']) && $_GET['login']==1) && (isLogged())){	//is logged in, show my account
			echo '<br/>Hi '.$_SESSION['staffn'].',<br/><br/>Welcome to the WHIWH Internal Site.<br/><br/>Use the links on the bar above to navigate through the internal site.';
			echo '<br/><br/><strong>Manage your account</strong><ul class="cardeptsUL">';
				echo '<li><a href="'.$site_url.'account/" title="My Account" >Modify Account</a></li>';
				echo '<li><a href="'.$site_url.'modpass/" title="Change Password" >Modify Password</a></li>';
				echo '<li><a href="'.$site_url.'logout/" title="Logout" >Logout</a></li>';
			echo '</ul>';
		} elseif((isset($_GET['active']) && $_GET['active']==1) && (!isLogged())){	//is not logged in, activate account
			if (isset($_GET['x'])) {$x = (int) $_GET['x'];} else {$x = 0;}
			if (isset($_GET['y'])) {$y = $_GET['y'];} else {$y = 0;}
			if (($x > 0) && (strlen($y) == 32)) {
			   $updateQ = mysql_query("UPDATE staff_members SET active=NULL WHERE (staff_id=$x AND active='" . escape_data($y) . "') LIMIT 1") or trigger_error("Query: $updateQ\n<br />MySQL Error: " .mysql_error());				
			   if (mysql_affected_rows() == 1) {
			      echo '<p>Your WHIWH login account is now activated.<br /><br />You may now <a href="'.$site_url.'login/">login</a>.<br /><br />Thank You</p>';
			   } else {
			      echo '<p>Your account has already been activated.<br /><br />You may now <a href="'.$site_url.'login/">login</a>.<br /><br />Thank You</p>';	      
			   }
			} 				
		} elseif((isset($_GET['pass']) && $_GET['pass']==1) && (!isLogged())){	//is not logged in, forgot password
				$isSuccess = false;
				echo '<p>Forgot Password</p>';
				if (isset($_POST['submitted'])) { // Handle the form.										

						if (eregi ('^[[:alnum:]][a-z0-9_\.\-]*@[a-z0-9\.\-]', stripslashes(trim($_POST ['email'])))) { 
					      $e = escape_data($_POST ['email']);
					   } else {
					      $e = FALSE;
					      $ErrorMsg .= 'Please enter a valid email address.<br />';
					   }						   						  

						 if ($e) { // If everything's OK.
						   	$emailQ = mysql_query("SELECT staff_id, first_name, last_name FROM staff_members WHERE email='".$e. "'") or trigger_error("Query: $emailQ\n<br />MySQL Error: " .mysql_error());				
					      if (mysql_num_rows($emailQ) > 0) {  //retieve member id
			   					list($cid, $fn, $ln) = @mysql_fetch_array ($emailQ);// Retrieve the user ID.
							  } else {
						      $ErrorMsg .= 'The email address you entered is incorrect.<br />';
						      $cid = FALSE;
							  }
							  
							  if ($cid) { // If everything's OK.
					   				$p = substr ( md5(uniqid(rand(),1)), 3, 6);	// Create a new, random password. [3-6 characters]
					   				$updateQ = mysql_query("UPDATE staff_members SET pass = SHA('$p') WHERE staff_id = ".$cid."") or trigger_error("Query: $updateQ\n<br />MySQL Error: " .mysql_error());				
			   						$isSuccess = true;
			   						if (mysql_affected_rows() > 0) { // A match was made.	  						   						
			   							$bmsg = "Hi ".$fn." ".$ln.",<br/><br/>";
			   							$bmsg .= "Your password has been changed to [ <b>$p</b> ].<br /><br />";
						          $bmsg .= "Please keep this in a secure place.<br /><br />";	  
						          $bmsg .= "Please <a href='".$site_url."login/' title='Login'>click here</a> to login with your new password.<br /><br />";	  	          
						          $bmsg .= "Or copy and paste this link [ ".$site_url."login/ ] to login.<br /><br />";	  	          
						          $bmsg .= "Thank You";	 
								      #$combinedResults['info'][] = 'info@whiwh.com';
					          	mymailer($e, 'WHIWH Password Reset', $bmsg, 1);	//no BCC needed
								      echo 'Thank you for reseting your password!<br /><br />An email has been sent to your email address with the new password to <a href="'.$site_url.'login/" title="login">login</a>.<br /><br />Thank You';	           										           
			   						} else {$ErrorMsg .= "Reset password failed, try again.<br />";}
			   				} else {$ErrorMsg .= "Try again.<br />";}								  							   	
						 }
				}	//close is submitted
				if(!$isSuccess){	//if not submitted successfully					
					echo '<div class="ErrMsg">' . $ErrorMsg . '</div>';
					echo '<form action="'.$site_url.'forgot/" method="post" name="frmMain">';
							echo '<table width="100%" border="0" cellpadding="0" cellspacing="5">';
								echo '<tr>
									<td width="100" class="inputText">Email*:</td>
									<td><input type="text" name="email" /><br/></td>
								</tr>';																				
							echo '<tr>
							<td> </td><td>
								<div id="progbarSubmit" style="position:relative;visibility:visible;">
									<input type="submit" class="submitBTN" name="submit" onclick="BeforeSending();this.form.submitted.value=\'true\';" value="'.strtoupper('RESET').'" />
									<input type="hidden" name="submitted" value="TRUE" />																	
								</div>
								<script language="javascript" type="text/javascript">
									var bar1= createBar(barBWidth,barBHeight,barBgColor,1,barBorderColor,barBlockColor,85,7,3,"");		
								</script>
							</td></tr>';
							echo '<tr><td colspan="2"><em><small>[you will receive a new password to your registered email]</small></em></td></tr>';

						echo '</table></form>';
				}	//close if !issuccess
		} elseif((isset($_GET['modpass']) && $_GET['modpass']==1) && (isLogged())){	//is logged in, change password
				$isSuccess = false;
				echo '<p>Modify Password</p>';
				if (isset($_POST['submitted'])) { // Handle the form.										

						if (eregi ('^[[:alnum:]]{4,20}$', stripslashes(trim($_POST ['password1'])))) { 	   		   	
					      if ($_POST['password1'] == $_POST['password2']) {   
					        $p = escape_data($_POST ['password1']);
					      } else {   
					        $p = FALSE;   
					        $ErrorMsg .= 'The passwords do not match.<br />';
					      }   
					   } else {   
					      $p = FALSE;
					      $ErrorMsg .= 'Please enter a correct password 4-20 characters long.<br />';
					   }				   						  

						 if ($p) { // If everything's OK.
			   				$updateQ = mysql_query("UPDATE staff_members SET pass=SHA('$p') WHERE staff_id={$_SESSION['staffid']}") or trigger_error("Query: $updateQ\n<br />MySQL Error: " .mysql_error());				
	   						$isSuccess = true;
	   						if ($updateQ > 0) { // updated correctly  						   						
	   							$bmsg = "Hi ".$_SESSION['staffn'].",<br/><br/>";
	   							$bmsg .= "Your password has been changed to [ <b>$p</b> ].<br /><br />";
				          $bmsg .= "Please keep this in a secure place.<br /><br />";	  
				          $bmsg .= "Please	 <a href='".$site_url."login/' title='Login'>click here</a> to login with your new password.<br /><br />";	  	          
				          $bmsg .= "Or copy and paste this link [ ".$site_url."login/ ] to login.<br /><br />";	  	          
				          $bmsg .= "Thank You";	 
						      #$combinedResults['info'][] = 'info@whiwh.com';
			          	mymailer($_SESSION['staffe'], 'WHIWH Password Modification', $bmsg, 1);	//no BCC needed
						      echo 'Thank you for changing your password!<br /><br />An email has been sent to your email address with the new password to <a href="'.$site_url.'login/" title="login">login</a>.<br /><br />Thank You';	           										           
	   						} else {$ErrorMsg .= "Modifing password failed, try again.<br />";}				   				
						 } else {$ErrorMsg .= "Try again.<br />";}
				}	//close is submitted
				if(!$isSuccess){	//if not submitted successfully					
					echo '<div class="ErrMsg">' . $ErrorMsg . '</div>';
					echo '<form action="'.$site_url.'modpass/" method="post" name="frmMain">';
							echo '<table width="100%" border="0" cellpadding="0" cellspacing="5">';
								echo '<tr>
									<td width="210" class="inputText">*New Password:</td>
									<td><input type="password" name="password1" /><br/></td>
								</tr>';	
								echo '<tr>
									<td class="inputText">*Confirm New Password:</td>
									<td><input type="password" name="password2" /><br/></td>
								</tr>';																				
							echo '<tr>
							<td> </td><td>
								<div id="progbarSubmit" style="position:relative;visibility:visible;">
									<input type="submit" class="submitBTN" name="submit" onclick="BeforeSending();this.form.submitted.value=\'true\';" value="'.strtoupper('modify').'" />
									<input type="hidden" name="submitted" value="TRUE" />																	
								</div>
								<script language="javascript" type="text/javascript">
									var bar1= createBar(barBWidth,barBHeight,barBgColor,1,barBorderColor,barBlockColor,85,7,3,"");		
								</script>
							</td></tr>';
							echo '<tr><td colspan="2"><em><small>[you password will be sent to your registered email address]</small></em></td></tr>';

						echo '</table></form>';
				}	//close if !issuccess
		} elseif((isset($_GET['account']) && $_GET['account']==1) && (isLogged())){	//is logged in, account details
				$isSuccess = false;
				echo '<p>Modify Account Details</p>';
				if (isset($_POST['submitted'])) { // Handle the form.										

						if (eregi ('^[[:alpha:]\.\' \-]{2,15}$', stripslashes(trim($_POST['first_name'])))) {
					      $fn = escape_data($_POST ['first_name']);
					   } else {
					      $fn = FALSE;
					      $ErrorMsg .= 'Please enter your first name.<br />';
					   }

					   // Check for a last name.
					   if (eregi ('^[[:alpha:]\.\' \-]{1,30}$', stripslashes(trim($_POST ['last_name'])))) {
					      $ln = escape_data($_POST ['last_name']);
					   } else {
					      $ln = FALSE;
					      $ErrorMsg .= 'Please enter your last name.<br />';
					   }
					   			   						    						  
						 if ($fn && $ln) { //If everything's OK.							   	
			   				// Make sure the email addresss are available.
					      #$staffQ = mysql_query("SELECT staff_id FROM staff_members WHERE email='$e' AND staff_id <> {$_SESSION['staffid']}") or trigger_error("Query: $staffQ\n<br />MySQL Error: " .mysql_error());				
					      #if (mysql_num_rows($staffQ) == 0) { //email is Available.
				   				$updateQ = mysql_query("UPDATE staff_members SET first_name='$fn', last_name='$ln' WHERE staff_id = {$_SESSION['staffid']}") or trigger_error("Query: $updateQ\n<br />MySQL Error: " .mysql_error());				
		   						$isSuccess = true;
		   						if (mysql_affected_rows() > 0) { // A match was made.	  						   						
							      echo 'Your account details were modified successfully.<br/><a href="'.$site_url.'login/" title="WHIWH Login">Back to WHIWH Login</a>';
		   						} else {$ErrorMsg .= "Reset password failed, try again.<br />";}
		   					#} else { $ErrorMsg .= 'That email has already been registered. Please try another.<br />';}	// The email address is not available.
		   					#mysql_free_result($staffQ);
						 } else {$ErrorMsg .= "Try again.<br />";}
				}	//close is submitted
				if(!$isSuccess){	//if not submitted successfully					
					$staffQ = mysql_query("SELECT first_name, last_name FROM staff_members WHERE staff_id={$_SESSION['staffid']}") or trigger_error("Query: $staffQ\n<br />MySQL Error: " .mysql_error());				
					$staffR = @mysql_fetch_array ($staffQ);
					if(isset($staffR['first_name'])) {$fn = $staffR['first_name'];} else {$fn = '';}
					if(isset($staffR['last_name'])) {$ln = $staffR['last_name'];} else {$ln = '';}
					echo '<div class="ErrMsg">' . $ErrorMsg . '</div>';
					echo '<form action="'.$site_url.'account/" method="post" name="frmMain">';
							echo '<table width="100%" border="0" cellpadding="0" cellspacing="5">';
								echo '<tr>
									<td width="100" class="inputText">First Name*:</td>
									<td><input type="text" name="first_name" value="'.$fn.'" /><br/></td>
								</tr>
								<tr>
									<td width="100" class="inputText">Last Name*:</td>
									<td><input type="text" name="last_name" value="'.$ln.'" /><br/></td>
								</tr>
								<tr>
									<td> </td><td>
									<div id="progbarSubmit" style="position:relative;visibility:visible;">
										<input type="submit" class="submitBTN" name="submit" onclick="BeforeSending();this.form.submitted.value=\'true\';" value="'.strtoupper('MODIFY').'" />
										<input type="hidden" name="submitted" value="TRUE" />																	
									</div>
									<script language="javascript" type="text/javascript">
										var bar1= createBar(barBWidth,barBHeight,barBgColor,1,barBorderColor,barBlockColor,85,7,3,"");		
									</script>
								</td></tr>';																				
						echo '</table></form>';
					mysql_free_result($staffQ);
				}	//close if !issuccess
		}	elseif(isLogged()) { //CLOSE $_GET['login'], then if logged in, show welcome screen
			/******************ALL CONTENT PAGES START**********************/
			if($_SESSION['staffbod'] == 0 || $_SESSION['staffbod'] == 1){	//show all STAFF or BOD content pages
				$pagesQ = mysql_query("SELECT isbod, description FROM pages WHERE menu_id = 8 AND ".$makeCond1." AND ".$makeCond2." AND isbod={$_SESSION['staffbod']}") or trigger_error("Query: $pagesQ\n<br />MySQL Error: " .mysql_error());								
			} else {	//show all staff & BOD content pages
				$pagesQ = mysql_query("SELECT isbod, description FROM pages WHERE menu_id = 8 AND ".$makeCond1." AND ".$makeCond2."") or trigger_error("Query: $pagesQ\n<br />MySQL Error: " .mysql_error());								
			}
			if(mysql_affected_rows() > 0){	//if not empty, display
				 $pagesR = @mysql_fetch_array ($pagesQ);
				 echo $pagesR['description'];
				 mysql_free_result ($pagesQ); // Free up the resources.						 			 
			}	else {echo '<small>This page can be viewed by Board of Directors only.</small><br/><br/>';}
			/******************ALL CONTENT PAGES END**********************/			
			if($smid == 22){	//show staff meeting minutes
				if(isset($_GET['meet']) && $_GET['meet']==1){	//show meeting details
					$meetQ = mysql_query("SELECT date_FORMAT(meet_date, '%M %d, %Y %H:%i') as newdate, title, description FROM staff_meetings WHERE display=1 AND meet_id={$_GET['meet']}") or trigger_error("Query: $meetQ\n<br />MySQL Error: " .mysql_error());									
					$meetR = @mysql_fetch_array ($meetQ);
					echo '<p>'.$meetR['newdate'].'</p>';
					echo '<p><strong>'.$meetR['title'].'</strong></p>';
					echo '<p>'.$meetR['description'].'</p>';
					echo '<p><a href="'.$site_url.'login/" title="Meeting Minutes">Back to Meeting Minutes List</a></p>';
					mysql_free_result ($meetQ); // Free up the resources.
				} else {
					$meetQ = mysql_query("SELECT meet_id, date_FORMAT(meet_date, '%M %d, %Y %H:%i') as newdate, title FROM staff_meetings WHERE display=1 ORDER BY meet_date DESC") or trigger_error("Query: $meetQ\n<br />MySQL Error: " .mysql_error());									
					if(mysql_num_rows($meetQ) > 0){	//if not empty, display
						echo '<br/><br/><ul class="cardeptsUL">';
							//vladamir
							while ($meetRow = mysql_fetch_array($meetQ, MYSQL_ASSOC)) {echo '<li><a href="'.$site_url.'meet='.$meetRow['meet_id'].'" title="'.$meetRow['title'].'">'.$meetRow['newdate'].' - '.$meetRow['title'].'</a></li>';}
						echo '</ul>';
					}
					mysql_free_result ($meetQ); // Free up the resources.
				}
			}		
		}	else {	//if none of the options above, redirect to login page
			header("Location: ".$site_url."login/");	//redirect to insert
		}	//close IF logged in

}	//close MID
echo '</div>';

include ('includes/footer.php');
?>

 

Link to post
Share on other sites

i also attached the header that deals with the mod write.

<?php # header.html
date_default_timezone_set('America/Toronto');
ob_start();
session_start();
echo '
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<title>Women\'s Health in Women\'s Hands</title>
<meta name="description" content="" /> 
<meta name="keywords" content="" /> 
<link rel="stylesheet" type="text/css" media="screen" href="/includes/layout.php" />
<script language="javascript" type="text/javascript" src="/includes/functions.js"></script>			
<script language="javascript" type="text/javascript" src="/backend/includes/progress_bar.js"></script>';
?>
<!--[if IE 6]>
<style type="text/css">	
.menuTitleStrip{
	clear:both;
	float:left;	
	margin: 0px;	
	background: url('/images/menu/menu_0_off.jpg') no-repeat;	
	width:80px;
	font-family:arial;
	height:113px;	
	border:0px solid red;
}

.subMenuDiv a{
	float:right;	
	color:#f6f6f6;	
	font-size:13px;	
	text-decoration:none;	
	/*word-wrap: break-word;*/
	padding:11px 4px 5px 3px;
	border:0px solid red;
}	
</style>
<![endif]-->
<?php 
echo '</head>';

require_once ('includes/config.inc.php');						  
require_once ('includes/functions.inc.php');
require_once ('includes/mysql_connect.php');
require_once ('includes/header_params.php');
echo '<body'.$homeOnload.'>
<table width="996" border="0" cellpadding="0" cellspacing="0" align="center"><tr><td class="bgImage" valign="top">
		<div id="outterBox">					
				<div id="logoBox" onclick="javascript:goToUrl(\'/index.php\');" title="Home">';
					if($mid==1){
						echo '<div id="logo" class="logo"><img src="'.$site_url.'images/logo1.gif" border="0" alt="" /><img src="'.$site_url.'images/logo2.gif" id="logoimg" border="0" alt="" /></div>';
						echo '<script language="javascript" type="text/javascript">window.onload = function() {initImage()}</script>';
					} else {
						echo '<div id="logo" class="logo"><img src="'.$site_url.'images/logo.gif" border="0" id="logoimg" alt="" /></div>';
						echo '<script language="javascript" type="text/javascript">document.getElementById(\'logoimg\').style.visibility = "visible";</script>';
					}
				echo '</div>					
				<div id="mainMenuBox">';
                if($mid=={$isOn8 = '/images/menu/menu_ylw_on.jpg';} else {$isOn8 = '/images/menu/menu_ylw_off.jpg';}
                if($mid==1){$isOn1 = '/images/menu/menu_purple_on.jpg';} else {$isOn1 = '/images/menu/menu_purple_off.jpg';}
                if($mid==2){$isOn2 = '/images/menu/menu_brown_on.jpg';} else {$isOn2 = '/images/menu/menu_brown_off.jpg';}
                if($mid==3){$isOn3 = '/images/menu/menu_org_on.jpg';} else {$isOn3 = '/images/menu/menu_org_off.jpg';}
                if($mid==4){$isOn4 = '/images/menu/menu_beige_on.jpg';} else {$isOn4 = '/images/menu/menu_beige_off.jpg';}
                if($mid==10){$isOn10 = '/images/menu/menu_rust_on.jpg';} else {$isOn10 = '/images/menu/menu_rust_off.jpg';}                        
                if($mid==5){$isOn5 = '/images/menu/menu_grey_on.jpg';} else {$isOn5 = '/images/menu/menu_grey_off.jpg';}                        
                if($mid==7){$isOn7 = '/images/menu/menu_green_on.jpg';} else {$isOn7 = '/images/menu/menu_green_off.jpg';}                        
                if($mid==6){$isOn6 = '/images/menu/menu_pink_on.jpg';} else {$isOn6 = '/images/menu/menu_pink_off.jpg';}                        
                if($mid==9){$isOn9 = '/images/menu/menu_burg_on.jpg';} else {$isOn9 = '/images/menu/menu_burg_off.jpg';}                                                
?>
							<!-- YELLOW - LOGIN - 8--> <div id="menu_8" class="menuButton" onmouseover="javascript:changeMenuImage(8,'/images/menu/menu_ylw_on.jpg',1);" onmouseout="javascript:changeMenuImage(8,'<?php echo $isOn8; ?>',0);" onclick="javascript:goToUrl('<?php echo $site_url; ?>login/');" style="width:89px;background: url('<?php echo $isOn8; ?>') no-repeat;"><img src="/images/spacer.gif" border="0" alt="" /></div>
                  <!-- PURPLE - HOME - 1--> <div id="menu_1" class="menuButton" onmouseover="javascript:changeMenuImage(1,'/images/menu/menu_purple_on.jpg',1);" onmouseout="javascript:changeMenuImage(1,'<?php echo $isOn1; ?>',0);" onclick="javascript:goToUrl('<?php echo $site_url; ?>');" style="background: url('<?php echo $isOn1; ?>') no-repeat;"><img src="/images/spacer.gif" border="0" alt="" /></div>
                  <!-- BROWN - WHO WE ARE - 2--> <div id="menu_2" class="menuButton" onmouseover="javascript:changeMenuImage(2,'/images/menu/menu_brown_on.jpg',1);" onmouseout="javascript:changeMenuImage(2,'<?php echo $isOn2; ?>',0);" onclick="javascript:goToUrl('<?php echo $site_url; ?>who_we_are/');" style="background: url('<?php echo $isOn2; ?>') no-repeat;"><img src="/images/spacer.gif" border="0" alt="" /></div>
                  <!-- ORANGE - PROGRAMS & SERVICES - 3--> <div id="menu_3" class="menuButton" onmouseover="javascript:changeMenuImage(3,'/images/menu/menu_org_on.jpg',1);" onmouseout="javascript:changeMenuImage(3,'<?php echo $isOn3; ?>',0);" onclick="javascript:goToUrl('<?php echo $site_url; ?>programs_and_services/');" style="background: url('<?php echo $isOn3; ?>') no-repeat;"><img src="/images/spacer.gif" border="0" alt="" /></div>
                  <!-- BEIGE - CALENDAR OF EVENTS - 4--> <div id="menu_4" class="menuButton" onmouseover="javascript:changeMenuImage(4,'/images/menu/menu_beige_on.jpg',1);" onmouseout="javascript:changeMenuImage(4,'<?php echo $isOn4; ?>',0);" onclick="javascript:goToUrl('<?php echo $site_url; ?>calendar_of_events/events/');" style="background: url('<?php echo $isOn4; ?>') no-repeat;"><img src="/images/spacer.gif" border="0" alt="" /></div>
                  <!-- RUST - RESEARCH - 10--> <div id="menu_10" class="menuButton" onmouseover="javascript:changeMenuImage(10,'/images/menu/menu_rust_on.jpg',1);" onmouseout="javascript:changeMenuImage(10,'<?php echo $isOn10; ?>',0);" onclick="javascript:goToUrl('<?php echo $site_url; ?>research/');" style="background: url('<?php echo $isOn10; ?>') no-repeat;"><img src="/images/spacer.gif" border="0" alt="" /></div>
                  <!-- GREY - RESOURCE - 5--> <div id="menu_5" class="menuButton" onmouseover="javascript:changeMenuImage(5,'/images/menu/menu_grey_on.jpg',1);" onmouseout="javascript:changeMenuImage(5,'<?php echo $isOn5; ?>',0);" onclick="javascript:goToUrl('<?php echo $site_url; ?>resources/');" style="background: url('<?php echo $isOn5; ?>') no-repeat;"><img src="/images/spacer.gif" border="0" alt="" /></div>
                  <!-- GREEN - GET INVOLVED - 7--> <div id="menu_7" class="menuButton" onmouseover="javascript:changeMenuImage(7,'/images/menu/menu_green_on.jpg',1);" onmouseout="javascript:changeMenuImage(7,'<?php echo $isOn7; ?>',0);" onclick="javascript:goToUrl('<?php echo $site_url; ?>get_involved/');" style="background: url('<?php echo $isOn7; ?>') no-repeat;"><img src="/images/spacer.gif" border="0" alt="" /></div>
                  <!-- PINK - IN THE NEWS - 6--> <div id="menu_6" class="menuButton" onmouseover="javascript:changeMenuImage(6,'/images/menu/menu_pink_on.jpg',1);" onmouseout="javascript:changeMenuImage(6,'<?php echo $isOn6; ?>',0);" onclick="javascript:goToUrl('<?php echo $site_url; ?>in_the_news/');" style="background: url('<?php echo $isOn6; ?>') no-repeat;"><img src="/images/spacer.gif" border="0" alt="" /></div>
                  <!-- BURGUNDY - CONTACT US - 9--> <div id="menu_9" class="menuButton" onmouseover="javascript:changeMenuImage(9,'/images/menu/menu_burg_on.jpg',1);" onmouseout="javascript:changeMenuImage(9,'<?php echo $isOn9; ?>',0);" onclick="javascript:goToUrl('<?php echo $site_url; ?>contact_us/');" style="background: url('<?php echo $isOn9; ?>') no-repeat;"><img src="/images/spacer.gif" border="0" alt="" /></div>
<?php	                
					$menuColor=array("0"=>"F1EB6F","1"=>"301448","2"=>"584209","3"=>"CD6A4A","4"=>"c6ab7b","5"=>"9f8e80","6"=>"9b194e","7"=>"747144","8"=>"f1eb6f","9"=>"4d0000","10"=>"8d4131");
				    echo '<script language="javascript" type="text/javascript">currentColor="'.$menuColor[$mid].'";</script>';					      
                        //SUB MENU
                        echo '<div id="subMenuBox" >';
                            echo '<div id="sub_'.$mid.'" class="subMenuDiv" onmouseover="showCurrentSub(this.id,'.$mid.',1);">';
                                if($mid == {$smenuUrl = 'login';
                                } else {$smenuUrl = '';}
                                //echo 'mid= '.$mid.'---smid='.$smid;
                                if(!isLogged()){	//not logged in, dont show WHIWH login menu
                                    $menuSubQ = mysql_query("SELECT smenu.menu_id as menu_id, smenu.smenu_id AS smenu_id, smenu.title AS stitle, menu.title AS mtitle FROM smenu INNER JOIN menu ON menu.menu_id=smenu.menu_id WHERE smenu.menu_id = ".$mid." AND smenu.menu_id <> 8 ORDER BY smenu.smenu_id DESC") or trigger_error("Query: $menuSubQ\n<br />MySQL Error: " .mysql_error());
                                    $countSubR = 0;
                                    while ($menuSubR = mysql_fetch_array($menuSubQ, MYSQL_ASSOC)) {	
                                        $countSubR++;
                                        $smenuTitle = str_replace(' ', '_',  strtolower($menuSubR['stitle']));
																	$smenuTitle = str_replace('&', 'and',  $smenuTitle);										
																	$menuTitle = str_replace(' ', '_',  strtolower($menuSubR['mtitle']));
																	$menuTitle = str_replace('&', 'and',  $menuTitle);
																	//?mid='.$menuSubR['menu_id'].'&smid='.$menuSubR['smenu_id'].'&ssmid=0
																	if($smid == $menuSubR['smenu_id']){$smidON = ' style="font-weight:600;text-decoration:underline;" ';} else {$smidON = "";}                                        
                                        echo '<a href="'.$site_url.''.$smenuUrl.''.$menuTitle.'/'.$smenuTitle.'/" title="'.$menuSubR['stitle'].'" '.$smidON.'>'.$menuSubR['stitle'].'';
                                        	if($countSubR == 1) {echo '';} else {echo ' | ';}
                                        echo '</a>';
                                    }										      	
                              } elseif(isLogged()){	//is logged in, show WHIWH login menu		                                
	                                if($mid == {		                                	
	                                    if($_SESSION['staffbod'] == 0 || $_SESSION['staffbod'] == 1){	//show STAFF or BOD only
	                                        $menuSubQ = mysql_query("SELECT pages.menu_id AS menu_id, pages.smenu_id AS smenu_id, smenu.title AS stitle FROM pages INNER JOIN smenu ON pages.smenu_id=smenu.smenu_id WHERE pages.menu_id = 8 AND pages.isbod={$_SESSION['staffbod']} GROUP BY pages.smenu_id ORDER BY smenu.smenu_id DESC") or trigger_error("Query: $menuSubQ\n<br />MySQL Error: " .mysql_error());
	                                    } else {	//show BOTH
	                                        $menuSubQ = mysql_query("SELECT pages.menu_id AS menu_id, pages.smenu_id AS smenu_id, smenu.title AS stitle FROM pages INNER JOIN smenu ON (pages.smenu_id=smenu.smenu_id) WHERE pages.menu_id = 8 GROUP BY pages.smenu_id ORDER BY smenu.smenu_id DESC") or trigger_error("Query: $menuSubQ\n<br />MySQL Error: " .mysql_error());                                    
	                                    }
	                                } else {//all other menu boxes																				
																			$menuSubQ = mysql_query("SELECT smenu.menu_id AS menu_id, smenu.smenu_id AS smenu_id, smenu.title AS stitle, menu.title AS mtitle FROM smenu INNER JOIN menu ON menu.menu_id=smenu.menu_id WHERE smenu.menu_id = ".$mid." ORDER BY smenu.smenu_id ASC") or trigger_error("Query: $menuSubQ\n<br />MySQL Error: " .mysql_error());
																	}		                                  
                                  if(mysql_num_rows($menuSubQ) > 0){
                                      $countSubR = 0;	 	                                                                        
                                      while ($menuSubR = mysql_fetch_array($menuSubQ, MYSQL_ASSOC)) {	
                                            $countSubR++;
                                            if($smid == $menuSubR['smenu_id'] && $mid=={$smidON = ' style="font-weight:600;text-decoration:underline;color:#9E1B51;" ';} 
                                            elseif($smid == $menuSubR['smenu_id']){$smidON = ' style="font-weight:600;text-decoration:underline;" ';}                                                 
                                            elseif($mid=={$smidON = ' style="color:#9E1B51;" ';} 
                                            else {$smidON = '';}
																					$smenuTitle = str_replace(' ', '_',  strtolower($menuSubR['stitle']));
																					$smenuTitle = str_replace('&', 'and',  $smenuTitle);
																					$smenuTitle = str_replace('/', 'or',  $smenuTitle);
																					if($mid == {$menuTitle = 'login';
																					} else {
																						$menuTitle = str_replace(' ', '_',  strtolower($menuSubR['mtitle']));
																						$menuTitle = str_replace('&', 'and',  $menuTitle);
																					}
                                            if($countSubR != mysql_num_rows($menuSubQ)) {$putDiv = ' | ';} else {$putDiv = '';}
																					echo '<a href="'.$site_url.''.$menuTitle.'/'.$smenuTitle.'/" title="'.$menuSubR['stitle'].'" '.$smidON.'>'.$menuSubR['stitle'];
                                                if($countSubR == 1) {echo '';} else {echo ' | ';}
                                            echo '</a>';
                                      }
                                  }
                                  if(isLogged() && $mid=={
                                      echo '<a href="'.$site_url.'logout/" title="Logout" style="color:#9E1B51;">Logout | </a>';
                                  }
			                            }	//close is logged in function call
			                            mysql_free_result ($menuSubQ); // Free up the resources. 
                            echo '</div>';	//close subMenuDiv	
                         echo '</div>';	//close subMenuBox	
		     	echo '</div>';	//	<!-- CLOSE mainMenuBox -->	     

			   echo '<div id="mainContentArea" onmouseover="showCurrentSub(0,\''.$mid.'\',0);">';

		    		echo '<div id="qlContent" ';

		    			if($mid==1 && $smid==0){echo 'style="min-height:100px;width:770px;"';}	//home page only

		    		echo '>';

			    		echo '<div id="qlBox" ';

			    			if($mid==1 && $smid==0){echo 'style="margin: 0px 0px 0px 0px;	"';}	//home page only

			    		echo '>';

						//QUICK LINKS									      

					      $qlMenuQ = mysql_query("SELECT ql_id FROM ql_to_menus WHERE menu_id=".$mid."") or trigger_error("Query: $qlMenuQ\n<br />MySQL Error: " .mysql_error());						       		       				       				

								$qlMenuR = @mysql_fetch_array ($qlMenuQ);

								if (mysql_affected_rows() > 0) {		

							      $qlQ = mysql_query("SELECT quicklinks.ql_id AS ql_id, quicklinks.file_name AS file_name, quicklinks.url AS url, quicklinks.caption AS caption, ql_positions.pos_num AS pos, 

							      										quicklinks.color_r AS color_r, quicklinks.color_g AS color_g, quicklinks.color_b AS color_b, quicklinks.color_effect AS color_effect, quicklinks.pos_x AS pos_x, quicklinks.pos_y AS pos_y 

																FROM quicklinks INNER JOIN ql_positions 

																ON quicklinks.ql_id = ql_positions.field_num 

																WHERE ql_positions.field_num2 = ".$mid." 

																ORDER BY ql_positions.pos_num ASC LIMIT 5") or trigger_error("Query: $qlQ\n<br />MySQL Error: " .mysql_error());

							      while ($qlR = mysql_fetch_array($qlQ, MYSQL_ASSOC)) {	

							      	//echo '<div class="qlDivider"><img src="/images/spacer.gif" border="0" alt="" /></div>';

							      	$showImage = displayFontonImage(str_replace($qlR['file_name'], 'quicklinksimage'.$qlR['ql_id'].'_site_thumb.jpg', $qlR['file_name']), 6, 'quicklinks', '', $qlR['color_r'], $qlR['color_g'], $qlR['color_b'], $qlR['pos_x'], $qlR['pos_y'], $qlR['color_effect']);

							      	echo '<div class="qlText" onclick="javascript:goToUrl(\''.$qlR['url'].'\');" title="'.$qlR['caption'].'">'.$qlR['caption'].'</div>';

							      	echo '<div id="ql_'.$qlR['ql_id'].'"  class="qlImg" onmouseover="javascript:setOpacity(this.id,0.7);" onmouseout="javascript:setOpacity(this.id,1.0);" onclick="javascript:goToUrl(\''.$qlR['url'].'\');">'.$showImage.'</div>';						      									      	

							      }

							      mysql_free_result ($qlQ); // Free up the resources.		

						    }

						    mysql_free_result ($qlMenuQ); // Free up the resources.		

							echo '</div>'; //<!-- CLOSE qlBox -->
?>

 

and the header params page.

<?php
//get menu, smenu and ssmenu ids in order to display quicklinks and page content
$mid = 0; $smid = 0; $ssmid = 0;
if (isset($_GET['mid']) && $_GET['mid'] > 0) { $mid = (int) $_GET['mid'];} else { $mid = 1;} 
if (isset($_GET['smid']) && $_GET['smid'] > 0) { $smid = (int) $_GET['smid'];} else { $smid = 0;} 
if (isset($_GET['ssmid']) && $_GET['ssmid'] > 0) { $ssmid = (int) $_GET['ssmid'];} else { $ssmid = 0;}
//echo 'pname= '.$_GET['pname'].'--spname= '.$_GET['spname'].'<br/>';
if (isset($_GET['pname'])) {
	$pname = str_replace('_', ' ',  $_GET['pname']);
	$pname = str_replace ('and', '&', $pname); 										
	$pname = ucwords($pname);
	$pnameQ = mysql_query("SELECT menu_id, title FROM menu WHERE title = '".$pname."' ") or trigger_error("Query: $pnameQ\n<br />MySQL Error: " .mysql_error());
	if(mysql_affected_rows() > 0){	//if not empty, display
		$pnameR = @mysql_fetch_array ($pnameQ);
		$mid = (int) $pnameR['menu_id'];
		$midT = $pnameR['title'];
		mysql_free_result ($pnameQ); // Free up the resources.
	}
} 

if (isset($_GET['spname'])) { 		
		$spname = str_replace('_', ' ', $_GET['spname']);
		$spname = str_replace ( 'and', '&', $spname); 										
	$spname = ucwords($spname);
	$spnameQ = mysql_query("SELECT smenu_id, title FROM smenu WHERE title = '".$spname."' ") or trigger_error("Query: $spnameQ\n<br />MySQL Error: " .mysql_error());		
	if(mysql_affected_rows() > 0){	//if not empty, display			
		$spnameR = @mysql_fetch_array ($spnameQ);
		$smid = (int) $spnameR['smenu_id'];
		$smidT = $spnameR['title'];
		mysql_free_result ($spnameQ); // Free up the resources.						 			 
	}

} 


if (isset($_GET['sspname'])) { 
	$sspname = str_replace('_', ' ', $_GET['sspname']);
	$sspname = str_replace ('and', '&',$sspname); 
	$sspname = ucwords($sspname);
	$sspnameQ = mysql_query("SELECT ssmenu_id, title FROM ssmenu WHERE title = '".$sspname."' ") or trigger_error("Query: $sspnameQ\n<br />MySQL Error: " .mysql_error());
	if(mysql_affected_rows() > 0){	//if not empty, display
		$sspnameR = @mysql_fetch_array ($sspnameQ);
		$ssmid = (int) $sspnameR['ssmenu_id'];
		$ssmidT = $sspnameR['title'];
		mysql_free_result ($sspnameQ); // Free up the resources.						 			 
	}

} 
//------------------------------

#if (isset($_GET['pid'])) {$pid = (int) $_GET['pid'];}
#else {$pid = 0;} 
if($mid == 0){$mid = 'NULL';}
if($smid == 0){$smid = 'NULL';}
if($ssmid == 0){$ssmid = 'NULL';}
$makeCond1 = $makeCond2 = 0;
if($smid == 'NULL'){$makeCond1 = 'smenu_id IS NULL';} else {$makeCond1 = 'smenu_id = '.$smid;}
if($ssmid == 'NULL'){$makeCond2 = 'ssmenu_id IS NULL';} else {$makeCond2 = 'ssmenu_id = '.$ssmid;}
$homeOnload = '';
?>

Link to post
Share on other sites

Add this rewrite rule

RewriteRule ^login/([0-9a-z\_]+)/$ /staff.php??mid=8&spname=$1 [L]

 

Before this rule

RewriteRule ^login/$ /staff.php?mid=8&smid=0&ssmid=0&login=1 [L]

 

That will get some of your links working.

Link to post
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.