if($_GET['valg'] == "medlemmer") { echo "<h1>Medlemmer</h1>"; $query = mysql_query("SELECT * FROM user ORDER BY fullname"); if(mysql_num_rows($query)) { while ($row = mysql_fetch_array($query, MYSQL_ASSOC)) { ?> <table width='100%'> <tr> <td align='left' width='40%'> Navn: </td> <td align='right' width='40%'> <?php echo $row['fullname']; ?> </td> </tr> <tr> <td align='left'> Alder: </td> <td align='right'> <?php echo $row['age']; ?> </td> </tr> <tr> <td align='left'> Ingame navn: </td> <td align='right'> <?php echo $row['ingame_name']; ?> </td> </tr> <tr> <td align='left'> Steam ID: </td> <td align='right'> <?php echo $row['steam_id']; ?> </td> </tr> <tr> <td align='left'> Email: </td> <td align='right'> <a href='mailto:<?php echo $row['email']; ?>'><?php echo $row['email']; ?></a> </td> </tr> <tr> <td colspan='2'> <hr /> </td> </tr> </table> <?php } } else { echo("Ingen medlemmer!"); } }
<tr> <td align='left'> Steam ID: </td> <td align='right'> <?php echo $row['steam_id']; ?> </td> </tr> <tr> <td align='left'> Email: </td> <td align='right'> <a href='mailto:<?php echo $row['email']; ?>'><?php echo $row['email']; ?></a> </td> </tr>
<?php session_start(); require("../includes/connect.php"); $username = $_POST['username']; $password = $_POST['password']; if($username&&$password) { if(strlen($username) > 25 || strlen($password) > 25) { echo("Brugernavn eller kodeord er for langt."); } else { $password = md5($password); $login = sprintf("SELECT * FROM user WHERE username='%s' AND password='%s'", mysql_real_escape_string($username), mysql_real_escape_string($password)); $rowcount = mysql_num_rows(mysql_query($login)); $fieldarray = mysql_fetch_assoc(mysql_query($login)); $id = $fieldarray['id']; if($rowcount==1) { $_SESSION['user']=$username; $_SESSION['id']=$id; $_SESSION['user_level'] = $brugerens_level; header("Location: ../?valg=forside"); } else { echo "Brugernavn eller kodeord er forkert! <a href='javascript: history.go(-1)'>Prøv igen!</a>"; } } } else { echo("Skriv både brugernavn og kodeord! <a href='javascript: history.go(-1)'>Prøv igen!</a>"); } ?>
if($_GET['valg'] == "medlemmer1") { echo "<h1>Medlemmer</h1>"; $query = mysql_query("SELECT * FROM user ORDER BY fullname"); if(mysql_num_rows($query)) { while ($row = mysql_fetch_array($query, MYSQL_ASSOC)) { ?> <table width='100%'> <tr> <td align='left' width='40%'> Navn: </td> <td align='right' width='40%'> <?php echo $row['fullname']; ?> </td> </tr> <tr> <td align='left'> Alder: </td> <td align='right'> <?php echo $row['age']; ?> </td> </tr> <tr> <td align='left'> Ingame navn: </td> <td align='right'> <?php echo $row['ingame_name']; ?> </td> </tr> <?php $_SESSION['user_level'] = $brugerens_level; if (isset($_SESSION['user_level'])) { if ($_SESSION['user_level'] == 1) { echo ""; } else { ?> <tr> <td align='left'> Steam ID: </td> <td align='right'> <?php echo $row['steam_id']; ?> </td> </tr> <tr> <td align='left'> Email: </td> <td align='right'> <a href='mailto:<?php echo $row['email']; ?>'><?php echo $row['email']; ?></a> </td> </tr> <?php } } ?> <tr> <td colspan='2'> <hr /> </td> </tr> </table> <?php } } else { echo("Ingen medlemmer!"); } }
<?php session_start(); ?> <html> <head> </head> <body> <?php if(isset($_SESSION['user'])) { ?> <table align='right'> <tr> <td align='right'> <div align='right'>Du er logget ind som <b><?php echo $_SESSION['user']; ?></b> <a href='includes/logout.php'>Log ud!</a><br /> </td> </tr> <tr> <td align='right'> <a href='./?valg=forside'>Nyheder</a> <a href='?valg=forum'>Forum</a> <a href='?valg=profil&id=<?php echo "id"; ?>'>Min profil</a></div> </td> </tr> </table> <?php } else { ?> <form action='includes/login.php' method='POST'> <table align='right'> <tr> <td> Brugernavn: </td> <td> Kodeord: </td> <td rowspan='3'> <input type='submit' name='submit' value='Log ind!' /> </td> </tr> <tr> <td> <input type='text' name='username' /> </td> <td> <input type='password' name='password' /> </td> </tr> <tr> <td> <a href='?valg=register'>Join os</a> </td> <td> <a href='?valg=glemt'>Glemt kodeord?</a> </td> </tr> </table> </form> <?php } ?> <center> <p> <p> <p> <table> <tr> <td> Logo </td> </tr> </table> <p> <table> <tr> <td> <a href='?valg=forside'><input type='button' value='Nyheder' /></a> <a href='?valg=om_os'><input type='button' value='Om os' /></a> </td> <td> <a href='?valg=kamp'><input type='button' value='Kæmp mod os' /></a> <a href='?valg=server'><input type='button' value='Servere' /></a> </td> <td> <a href='?valg=medlemmer'><input type='button' value='Medlemmer' /></a> <a href='?valg=kontakt'><input type='button' value='Kontakt' /></a> </td> <td> <a href='?valg=forum'><input type='button' value='Forum' /></a> </td> </tr> </table>
Kan man lave en side man kalder 'member.php' og hente alle der er registreret navne og lave dem til links. Så de kommer til at hedde, hvis admin har ID'et 1, 'member.php?id=1'?Og hvis man kan det, kan man så komme ind på fx 'member.php?id=1' og se den brugers info?
if($_GET['valg'] == "nyhed" && $_GET['id'] == $id) { echo "<h2>Nyhed</h2>"; $news_id = $_GET['id']; $user = mysql_query("SELECT * FROM news WHERE id = '$news_id'"); $row = mysql_fetch_array($user, MYSQL_ASSOC); echo 'ID: '.$row['id'].'<br />'; echo 'Overskrift: '.$row['overskrift'].'<br />'; echo 'Besked: '.$row['besked'].'<br />'; echo 'Dato: '.$row['dato'].'<br />'; echo 'Bruger level: '.$row['user_id'].'<br />'; }
if($_GET['valg'] == "nyhed") { echo "<h2>Nyhed</h2>"; $news_id = $_GET['n_id']; $user = mysql_query("SELECT * FROM news WHERE n_id = '$news_id'"); $row = mysql_fetch_array($user, MYSQL_ASSOC); echo 'ID: '.$row['n_id'].'<br />'; echo 'Overskrift: '.$row['overskrift'].'<br />'; echo 'Besked: '.$row['besked'].'<br />'; echo 'Dato: '.$row['dato'].'<br />'; echo 'Bruger level: '.$row['user_id'].'<br />'; }
-- -- Struktur-dump for tabellen `news` -- DROP TABLE IF EXISTS `news`; CREATE TABLE IF NOT EXISTS `news` ( `n_id` int(11) NOT NULL AUTO_INCREMENT, `overskrift` varchar(255) NOT NULL, `besked` text NOT NULL, `dato` varchar(25) NOT NULL, `user_id` int(11) NOT NULL, PRIMARY KEY (`id`) ) ENGINE=MyISAM DEFAULT CHARSET=latin1 AUTO_INCREMENT=11 ; -- -- Data dump for tabellen `news` --