Mini Shell Moded By TiGER HeX
Home
||
Turbo Force
||
B-F Config_Cpanel
Current Path :
/
var
/
www
/
ridazz
/
admin
/
Linux midnightridazz 4.19.0-11-cloud-amd64 #1 SMP Debian 4.19.146-1 (2020-09-17) x86_64
Upload File :
New :
File
Dir
//var/www/ridazz/admin/linkAdd.php
<? include_once('../includes/static/configure.php'); include_once('../includes/static/util.php'); include_once('../includes/static/dbcon2.php'); include_once('../includes/static/gdimg.php'); include_once('../includes/static/sessions.php'); include_once('includes/static/util.php'); include_once('includes/appTop2.php'); $page_id = str_replace(".php","",basename($_SERVER['PHP_SELF'])); if(!has_permission($page_id)){ die("You don't have permission to view this page!"); } ?> <? $link_id = 0; if(isset($_REQUEST['linkId'])){ $link_id = isNum($_REQUEST['linkId'], 0); } if(isset($_REQUEST['addLink'])){ $name = $db->sanitize_input($_REQUEST['name']); $url = $db->sanitize_input($_REQUEST['url']); $userId = $db->sanitize_input($_REQUEST['userId']); $sql = "INSERT INTO 50mm_links (name,url,user_id) VALUES ('".$name."','".$url."','".$userId."')"; if( !($result = $db->sql_query($sql)) ){ $sql_error = $db->sql_error(); die($sql_error['message']); } } include_once('includes/header.php'); ?> <script> divs = new Array('url'); </script> <form action="<?echo $_SERVER['PHP_SELF']?>" method="POST" enctype="multipart/form-data" onSubmit="return validateForm(this,divs,'error');"> Name:<br> <input class="field" name="name" style="width:250px"><br> Link:<span id="errurl" class="error" style="visibility:hidden;"> *</span><br> <input class="field" name="url" style="width:250px" value="http://"><br> <? if(isset($_SESSION['admin_id'])){ $sql = "SELECT username,user_id FROM 50mm_users WHERE user_type = 'EDITOR' ORDER BY username ASC;"; if( !($result = $db->sql_query($sql)) ){ $sql_error = $db->sql_error(); die($sql_error['message']); } $options = 'Editor:<br>'; $options.= '<select name="userId">'."\n"; $options.= '<option value="">-- no one --</option>'."\n"; while($row = $db->sql_fetchrow($result)){ $options.= '<option value="'.$row['user_id'].'">'.$row['username'].'</option>'."\n"; } $options.= '</select>'."\n"; }elseif(isset($_SESSION['editor_id'])){ $options = '<input type="hidden" class="field" name="userId" value="'.$_SESSION['editor_id'].'">'."\n"; } echo $options; ?> <br> <input name="addLink" type="submit" class="button" value="Add Link"> <div id="error" class="error" style="visibility:hidden;">Please correct the fields marked by *</div> </form> <? include_once('includes/linkExplorer.php'); ?> <br> <? include_once('includes/footer.php'); include_once('includes/appBottom.php'); ?>