marcus Posted November 26, 2006 Share Posted November 26, 2006 I'm making a comment system, and obviously I am making an admin panel for it, so an admin can delete/edit the comments. Well, I got up to the step where it would echo off the comments but now, when the form submits it will just go back to the normal screen, that shows which action you want to proceed with.[code]<? include('../header.php'); ?><?phpif($_COOKIE[admin]){ $action = $_GET[act]; $act = $_POST[act]; if($action == delete){ $NFin = "SELECT id,title FROM `news` WHERE `comments` =1"; $NFgo = mysql_query($NFin); $NFnu = mysql_numrows($NFgo); if($NFnu == 0){ echo "No active news"; }else { echo "<table border=0 cellspacing=2 cellpadding=1>"; echo "<form name=delcomfnews action='".$_SERVER[PHP_SELF]."' method=post>"; echo "<tr><td colspan=2 align=right><h3>Delete Comments - Step 1</h3>"; echo "<tr><td>"; echo "<select name=delcomnews>"; while ($row1 = mysql_fetch_array($NFgo, MYSQL_BOTH)){ echo "<option value=$row1[id]>$row1[title]</option>"; }; mysql_free_result($NFgo); echo "<td><input type=hidden name=act value=dels1><input type=submit value='Show Comments'>"; echo "</form>"; echo "</table>"; }; }else if($act == dels1){ $NFid = $_POST[delcomnews]; $NFin = "SELECT * FROM `comments` WHERE newsid ='$NFid'"; $NFgo = mysql_query($NFin) or die(mysql_error()); $NFnu = mysql_numrows($NFgo); if($NFnu == 0){ echo "There are no comments for news ID #$NFid"; }else { echo "<table border=0 cellspacing=2 cellpadding=1>"; echo "<tr><td colspan=2 align=right><h3>Delete Comments - Step 2</h3>"; while ($row1 = mysql_fetch_array($NFgo, MYSQL_BOTH)){ echo "<tr><td>Posted by: $row1[poster]<td>($row1[ip])"; echo "<tr><td colspan=2 align=left>$row1[message]"; echo "<form name=delcom action='".$_SERVER[PHP_SELF]."' method=post>"; echo "<input type=hidden name=act value=delcomgo>"; echo "<tr><td colspan=2 align=right><input type=hidden name=newid value=$NFid><input type=hidden name=comid value=$row1[id]><input type=submit value='Delect Comment #"."$row1[id]"."'>"; echo "</form>"; } mysql_free_result($NFgo); echo "</table>"; } if($act == delcomgo){ $comid = $_POST[comid]; $newid = $_POST[newid]; $DELcom = "DELETE * FROM `comments` WHERE id ='$comid'"; $DELsql = mysql_query($DELcom) or die(mysql_error()); $sql1 = "SELECT camount FROM `news` WHERE id ='$newid'"; $sql2 = mysql_query($sql1); $sql3 = mysql_fetch_assoc($sql2); $sql4 = $sql3[camount]; $sql5 = "$sql4 - 1"; $sql6 = "UPDATE `news` SET camount ='$sql5' WHERE id='$newid'"; $sql7 = mysql_query($sql6); echo "Comment ID #$comid has been deleted!"; }; }else if(!$act || !$action){ echo "<table border=0 cellspacing=3 cellpadding=2>"; echo "<tr><td colspan=2 align=right><h3>Comment Admin</h3>"; echo "<tr><td colspan=2 align=left><a href=comments.php?act=edit>Edit Comments</a>"; echo "<tr><td colspan=2 align=left><a href=comments.php?act=delete>Delete Comments</a>"; echo "</table>"; }; }else {echo "Bad auth";};?><? require('../footer.php'); ?>[/code]edit: updated code, still not working2ndedit: updated code, still not working Quote Link to comment Share on other sites More sharing options...
marcus Posted November 26, 2006 Author Share Posted November 26, 2006 help? Quote Link to comment Share on other sites More sharing options...
theironchef Posted November 26, 2006 Share Posted November 26, 2006 I have done things liekt his in the past... im a n00b but i think the submit will refresh the page after it finished the code inside the submit button. What i do is where the output should go in the actual page[code]<body><? echo $code ?></body>[/code]in the top php area after you submit jsut have it build the page adding to the string $codeexample[code]$code= "";$code.="<table border=0 cellspacing=2 cellpadding=1> <form name=delcomfnews action='".$_SERVER[PHP_SELF]."' method=post> <tr><td colspan=2 align=right><h3>Delete Comments - Step 1</h3>";[/code]Hard to explain but i've gotten it to work lol to be pissed if it doesnt work either :( Quote Link to comment Share on other sites More sharing options...
marcus Posted November 26, 2006 Author Share Posted November 26, 2006 changing the table really wont work... Quote Link to comment Share on other sites More sharing options...
corbin Posted November 26, 2006 Share Posted November 26, 2006 Try$action = $_GET['act'];$act = $_POST['act'];And also, while the cookie method is better than nothing, in its own way cookie authorization in the way that youre using it is a bad thing. I could create a cookie with an admin value on my own server then rename it and edit it to match your server, then poof I'm an admin. If the reason you're using a cookie auth method is because you want it to remember you, you could still use cookies but store the username and password in them. Auth the user and then store everything in a session array... Then compare the $_SESSION['admin'] value... Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.