Location: PHPKode > projects > GBook > gbook/admin.php
<?
// GBook made by Racin Nygaard. If you have any questions please ask them on irc (darkking @ Efnet)
// Or email me at: hide@address.com :)

// Don't remove this include!
include("config.php");

global $table, $database, $link, $entry, $adminpassword, $bantable, $check, $designtable;

// Checking if the admin is logged in or not...

if (isset($_COOKIE["checklogin"]) && $_COOKIE["checklogin"] == $adminpassword)
{
    
$query = "select * from $designtable";
$result = mysql_db_query($database, $query, $link) or die(mysql_error());
$design = mysql_fetch_row($result);

$title = $design[1];
$background = $design[2];
$picture = $design[3];
$tablebg = $design[4];
$txtcolor = $design[5];
$logopoint = $design[6];
$aover = $design[7];
$alink = $design[8];
$active = $design[9];
$avis = $design[10];

// The delete section..

if (isset($_GET["del"]) && !isset($_GET["id"]) && !isset($_POST["id"]) && !isset($_GET["post"]) && !isset($check))
{

// Checking if there should be sent out an error..

if (isset($_GET["del"]) && $_GET["del"] == "error")
{
$errormsg = "All fields are mandatory!";
}
elseif (isset($_GET["del"]) && $_GET["del"] == "errormysql")
{
$errormsg = $_GET["mysql"];
}

echo "
<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.0 Transitional//EN\">
<html>
<head><meta http-equiv=\"Content-Type\" content=\"text/html; charset=iso-8859-1\"><title>Delete a post from 
".$title."</title>
<style type=\"text/css\">
BODY {
        SCROLLBAR-FACE-COLOR: #B0B0B0; SCROLLBAR-HIGHLIGHT-COLOR: #000000;
        SCROLLBAR-SHADOW-COLOR: #333333; SCROLLBAR-3DLIGHT-COLOR: #2e425a;
        SCROLLBAR-ARROW-COLOR: #3300FF; SCROLLBAR-TRACK-COLOR: #000000;
        SCROLLBAR-DARKSHADOW-COLOR: #000000; BACKGROUND-COLOR: $background;
}
A:link {
        COLOR: $alink; TEXT-DECORATION: none
}
A:active {
        COLOR: $active; TEXT-DECORATION: none
}
A:visited {
        COLOR: $avis; TEXT-DECORATION: none
}
A:hover {
        COLOR: $aover;
}

</style></head><font size=\"2\" face=\"Verdana,Geneva,Arial,Helvetica,sans-serif\" color='$txtcolor'><center>
<h1>Delete a post</h1></center>
<blockquote> 
<p>Input the ID of the post you want to delete. It's the number before each post.
</blockquote>
<center><strong>".$errormsg."<br></strong></font>

<form ACTION=\"admin.php?del=action\" METHOD=\"POST\" align=\"center\">
 <table>

                                <tr>
         <th><font size=\"2\" face=\"Verdana,Geneva,Arial,Helvetica,sans-serif\" color='$txtcolor'>ID:</font></th>
          <td><input type=\"text\" name=\"id\">
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
&nbsp;&nbsp;&nbsp;</tr>
     <td><input type=\"reset\" value=\"Clear\"></td>
          <td><input type=\"submit\" value=\"Send\"></td>
        </tr></font>
      </table>
</form>
<p align=\"center\">&nbsp;</p>";


$query = "select * from $table order by id desc" or die("Error in query");

$result = mysql_db_query($database, $query, $link) or
die("Error in query");

// Outputing all messages

while ($entry = mysql_fetch_row($result))
{
echo "</font><table width=\"100%\" border=\"1\"><TR><TD BGCOLOR=\"".$tablebg."\" ALIGN=\"left\" VALIGN=\"top\" 
width=\"400\"><font size=\"2\" face=\"Verdana,Geneva,Arial,Helvetica,sans-serif\" c
color='$txtcolor'><b>".htmlentities($entry[0])."</b> posted by 
".htmlentities($entry[1])."</a> 
<br><strong>Time: </strong>".htmlentities($entry[2])." <br><strong>IP:</strong> 
".htmlentities($entry[3])." 
<br><strong>Email: </strong>".htmlentities($entry[4])."<br><strong>Homepage:</strong>
".htmlentities($entry[5])."</font><TR><TD BGCOLOR=\"".$tablebg."\" ALIGN=\"left\" VALIGN=\"top\" width=\"400\"><font 
face=\"Verdana,Geneva,Arial,Helvetica,sans-serif\" color='$txtcolor'><p><pre>".htmlentities($entry[6])." 
</pre></tr></font></td></table><br></html>"; 
}
mysql_free_result($result);
}
if (isset($_GET["del"]) && $_GET["del"] == "action" && !$_POST["id"]) 
{
echo "<META HTTP-EQUIV=\"refresh\" CONTENT=\"0; URL=admin.php?del=error\">";
}
if (isset($_GET["del"]) && isset($_GET["id"]))
{
$id = $_GET["id"];
$check = "del";
}
elseif (isset($_GET["del"]) && $_GET["del"] == "action" && isset($_POST["id"]) && $_POST["id"])
{
$id = $_POST["id"];
$check = "del";
}
if ($check == "del") 
{ 
$qadd = "
        Delete from $table Where id = ('{$id}') "; 



if (!$result = mysql_query($qadd,$link)) { 
echo "<META HTTP-EQUIV=\"refresh\" CONTENT=\"0; URL=admin.php?del=errormysql&mysql=".mysql_error()."\">";
} else { 
   
	  echo 'The Post has been deleted. <a href="index.php">Click here to return to the index</a><META 
	  HTTP-EQUIV="refresh" CONTENT="1; URL=index.php">';
} 
}

// Delete section ends, Modify section starts.

elseif (isset($_GET["mod"]))
{
// Finding out whether to echo one or all.

if (isset($_GET["mod"]) && isset($_GET["id"]))
{
$id = "= $_GET[id]";
}
else 
{
$id = ">= 0";
}
if (isset($_GET["mod"]) && $_GET["mod"] != "action")
{
// Finding out if there should be echo'd any error messages
if (isset($_GET["mod"]) && $_GET["mod"] == "error")
{
$errormsg = "All fields are mandatory!";
}
elseif (isset($_GET["mod"]) && $_GET["mod"] == "errormysql")
{
$errormsg = $_GET["mysql"];
}
echo "
<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.0 Transitional//EN\">
<html>
<head><meta http-equiv=\"Content-Type\" content=\"text/html; charset=iso-8859-1\"><title>Modify a post from 
".$title."</title>
<style type=\"text/css\">
BODY {
        SCROLLBAR-FACE-COLOR: #B0B0B0; SCROLLBAR-HIGHLIGHT-COLOR: #000000;
        SCROLLBAR-SHADOW-COLOR: #333333; SCROLLBAR-3DLIGHT-COLOR: #2e425a;
        SCROLLBAR-ARROW-COLOR: #3300FF; SCROLLBAR-TRACK-COLOR: #000000;
        SCROLLBAR-DARKSHADOW-COLOR: #000000; BACKGROUND-COLOR: $background;
}
A:link {
        COLOR: $alink; TEXT-DECORATION: none
}
A:active {
        COLOR: $active; TEXT-DECORATION: none
}
A:visited {
        COLOR: $avis; TEXT-DECORATION: none
}
A:hover {
        COLOR: $aover;
}

</style></head><font size=\"2\" face=\"Verdana,Geneva,Arial,Helvetica,sans-serif\" color='$txtcolor'>
<h1>Modify a post</h1></center>
<p>Modify any post how you like it.
</p>
<center><strong>".$errormsg."</strong>";
$query = "select * from $table where id $id order by id desc" or die("Error in query");
 
// run the query on the database
$result = mysql_db_query($database, $query, $link) or
die(mysql_error());

// Output.....
while ($entry = mysql_fetch_row($result))
{
echo "<form ACTION=\"admin.php?mod=action\" name=\"saveform\" METHOD=\"POST\">
 <table>
        
                                         <tr>
         <th><font size=\"2\" face=\"Verdana,Geneva,Arial,Helvetica,sans-serif\" color='$txtcolor'>ID::</font></th>
          <td><input type=\"hidden\" name=\"id\" value='".$entry[0]."'> </td>
        </tr><br>

                                <tr>
         <th><font size=\"2\" face=\"Verdana,Geneva,Arial,Helvetica,sans-serif\" color='$txtcolor'>Name:</font></th>
          <td><input type=\"text\" name=\"name\" value=\"".$entry[1]."\"> </td>
        </tr><br>               <tr>
        <th><font size=\"2\" face=\"Verdana,Geneva,Arial,Helvetica,sans-serif\" color='$txtcolor'>Time:</font></th>
          <td><font size=\"2\" face=\"Verdana,Geneva,Arial,Helvetica,sans-serif\" color='$txtcolor'>".$entry[2]."</font></td></tr>
                                <tr>
            <th><font size=\"2\" face=\"Verdana,Geneva,Arial,Helvetica,sans-serif\" color='$txtcolor'>IP:</font></th>
          <td><font size=\"2\" face=\"Verdana,Geneva,Arial,Helvetica,sans-serif\" color='$txtcolor'>".$entry[3]."</font></td></tr>
                                <tr>
          <th><font size=\"2\" face=\"Verdana,Geneva,Arial,Helvetica,sans-serif\" color='$txtcolor'>Email:</font></th>
          <td><input type=\"text\" name=\"email\" value=\"".$entry[4]."\"> </td>
        </tr><br>
                                <tr>
        <th><font size=\"2\" face=\"Verdana,Geneva,Arial,Helvetica,sans-serif\" color='$txtcolor'>Homepage:</font></th>
          <td><input type=\"text\" name=\"homepage\" value='".$entry[5]."'> </td>
        </tr><br>
                                <tr>
          <th><font size=\"2\" face=\"Verdana,Geneva,Arial,Helvetica,sans-serif\" color='$txtcolor'>Post:</font></th>
          <td> <textarea name=\"guestbook\" rows=\"9\" cols=\"100%\">".$entry[6]."</textarea></td>
            </tr>
          <td><input type=\"reset\" value=\"Clear\"></td>
          <td><input type=\"submit\" value=\"Send\"></td>
        </tr>
      </table></form></font></html>";
}
mysql_free_result($result);
}
if (isset($_GET["mod"]) && $_GET["mod"] == "action") 
{
if (!isset($_POST["name"]) || !$_POST["name"] || !isset($_POST["guestbook"]) || !$_POST["guestbook"] || 
!isset($_POST["email"]) || !$_POST["email"] || !isset($_POST["homepage"]) || !$_POST["homepage"])
{
echo "<META HTTP-EQUIV=\"refresh\" CONTENT=\"0; URL=admin.php?mod=error&id=".$_POST["id"]."\">";
}
else 
{
$navn = str_replace("\"", "'", $_POST["name"]);
$guestbook = str_replace("\"", "'", $_POST["guestbook"]);
$qadd = "
     UPDATE $table SET 
name = (\"{$navn}\"), 
guestbook = (\"{$guestbook}\"), 
email = (\"{$_POST['email']}\"),
homepage = (\"{$_POST['homepage']}\")
where id = ('{$_POST['id']}')";
    



if (!$result = mysql_query($qadd,$link)) {

echo "<META HTTP-EQUIV=\"refresh\" CONTENT=\"0; 
URL=admin.php?mod=errormysql&id=".$_POST["id"]."&mysql=".mysql_error()."\">";
} else {

          echo $_POST['name']."'s post has been modified. <a href=\"index.php\">
Click here to return to the index.</a><META HTTP-EQUIV=\"refresh\" CONTENT=\"1; URL=index.php\">";
}
}
}
}

// Modify section ends, banIP section starts..
elseif (isset($_GET["ban"]) && $_GET["ban"] != "action")
{

// Error messages.
if (isset($_GET["ban"]) && $_GET["ban"] == "error")
{
$errormsg = "All fields are mandatory!";
}
elseif (isset($_GET["ban"]) && $_GET["ban"] == "mysqlerror")
{
$errormsg = $_GET["mysql"];
}
echo "
<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.0 Transitional//EN\">
<html>
<head><meta http-equiv=\"Content-Type\" content=\"text/html; charset=iso-8859-1\"><title>Ban an IP from 
".$title."</title>
<style type=\"text/css\">
BODY {
        SCROLLBAR-FACE-COLOR: #B0B0B0; SCROLLBAR-HIGHLIGHT-COLOR: #000000;
        SCROLLBAR-SHADOW-COLOR: #333333; SCROLLBAR-3DLIGHT-COLOR: #2e425a;
        SCROLLBAR-ARROW-COLOR: #3300FF; SCROLLBAR-TRACK-COLOR: #000000;
        SCROLLBAR-DARKSHADOW-COLOR: #000000; BACKGROUND-COLOR: $background;
}
A:link {
        COLOR: $alink; TEXT-DECORATION: none
}
A:active {
        COLOR: $active; TEXT-DECORATION: none
}
A:visited {
        COLOR: $avis; TEXT-DECORATION: none
}
A:hover {
        COLOR: $aover;
}

</style></head><font size=\"2\" face=\"Verdana,Geneva,Arial,Helvetica,sans-serif\" color='$txtcolor'><center>
<h1>Ban an IP</h1></center>
<blockquote>
<p>Type in the IP you want to ban from your guestbook.
</blockquote>
<center><strong>".$errormsg."</strong>
     

<form ACTION=\"admin.php?ban=action\" METHOD=\"POST\" align=\"center\">
 <table>

                                <tr>
         <th><font size=\"2\" face=\"Verdana,Geneva,Arial,Helvetica,sans-serif\" color='$txtcolor'>IP:</font></th>
          <td><input type=\"text\" name=\"ip\">
</tr>
     <td><input type=\"reset\" value=\"Clear\"></td>
          <td><input type=\"submit\" value=\"Send\"></td>
        </tr> 
      </table>
</form>
<p align=\"center\">&nbsp;</p></font></html>";
}
if (isset($_GET["ban"]) && $_GET["ban"] == "action")
{
if ( !isset($_POST["ip"]) || !$_POST["ip"])
{
echo "<META HTTP-EQUIV=\"refresh\" CONTENT=\"0; URL=admin.php?ban=error\">";
}
else 
{
$dato = date('H:i:s - d.m.y');
$qadd = "
     INSERT INTO $bantable
     (id,ip,dato)
     VALUES
     ('{$_POST['id']}', '{$_POST['ip']}', '$dato')";



if (!$result = mysql_query($qadd,$link))
{
                echo "<META HTTP-EQUIV=\"refresh\" CONTENT=\"0; 
                URL=admin.php?ban=mysqlerror&mysql=".mysql_error()."\">";
}
else
{
        echo $_POST['ip']." has been banned from the guestbook. <a href=\"index.php\">Click here to return to the 
        guestbook</a><META HTTP-EQUIV=\"refresh\" CONTENT=\"1; URL=index.php\">";
}
}
}

// BanIP section ends, unbanIP section starts
elseif (isset($_GET["unban"]))
{
    
// This error message thing.. 
if (isset($_GET["unban"]) && $_GET["unban"] == "error")
{
$errormsg = "All fields are mandatory!";
}
elseif (isset($_GET["unban"]) && $_GET["unban"] == "mysqlerror")
{
$errormsg = $_GET["mysql"];
}
if (isset($_GET["unban"]) && $_GET["unban"] != "action")
{
echo "
<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.0 Transitional//EN\">
<html>
<head><meta http-equiv=\"Content-Type\" content=\"text/html; charset=iso-8859-1\"><title>Remove a banned ip from ". 
$title."</title>
<style type=\"text/css\">
BODY {
        SCROLLBAR-FACE-COLOR: #B0B0B0; SCROLLBAR-HIGHLIGHT-COLOR: #000000;
        SCROLLBAR-SHADOW-COLOR: #333333; SCROLLBAR-3DLIGHT-COLOR: #2e425a;
        SCROLLBAR-ARROW-COLOR: #3300FF; SCROLLBAR-TRACK-COLOR: #000000;
        SCROLLBAR-DARKSHADOW-COLOR: #000000; BACKGROUND-COLOR: $background;
}
A:link {
        COLOR: $alink; TEXT-DECORATION: none
}
A:active {
        COLOR: $active; TEXT-DECORATION: none
}
A:visited {
        COLOR: $avis; TEXT-DECORATION: none
}
A:hover {
        COLOR: $aover;
}

</style></head><font size=\"2\" face=\"Verdana,Geneva,Arial,Helvetica,sans-serif\" color='$txtcolor'><center>
<h1>Remove a banned IP</h1></center>
<blockquote>
<p>Type in the ID number for the IP you want to unban from the forum.
</blockquote>
<center><strong>".$errormsg."<br>


<form ACTION=\"admin.php?unban=action\" METHOD=\"POST\" align=\"center\">
 <table>

                                <tr>
         <th><font size=\"2\" face=\"Verdana,Geneva,Arial,Helvetica,sans-serif\" color='$txtcolor'>ID:</font></th>
          <td><input type=\"text\" name=\"id\">
</tr>
     <td><input type=\"reset\" value=\"Clear\"></td>
          <td><input type=\"submit\" value=\"Send\"></td>
        </tr>
      </table>
</form>
<center>";
$query = "select * from $bantable order by id desc" or die("Error in query");

$result = mysql_db_query($database, $query, $link) or
die("Error in query");  
echo "<font size=\"3\"> Here are the banned IPs<br><br><br></font><table>";
while ($entry = mysql_fetch_row($result))
{
echo "<TR><TD BGCOLOR=\"".$tablebg."\" VALIGN=\"top\" width=\"400\"><font 
size=\"2\" face=\"Verdana,Geneva,Arial,Helvetica,sans-serif\" color='$txtcolor'><b>".$entry[0]."</b> IP: ".$entry[1]."
&nbsp;&nbsp; ".$entry[2];
}
echo "</table></center></font></html>";
mysql_free_result($result);
}
if (isset($_GET["unban"]) && $_GET["unban"] == "action")
{
if (!isset($_POST["id"]) || !$_POST["id"] )
{
echo "<META HTTP-EQUIV=\"refresh\" CONTENT=\"0; URL=admin.php?unban=error\">";
}
else 
{
$qadd = "
        Delete from $bantable Where id = ('{$_POST['id']}') ";

if (!$result = mysql_query($qadd,$link)) {

echo "<META HTTP-EQUIV=\"refresh\" CONTENT=\"0; URL=admin.php?unban=mysqlerror&mysql=".mysql_error()."\">";
} else {

          echo "The IP has been unbanned. <a href=\"index.php\">Click here to return to the index</a><META 
          HTTP-EQUIV=\"refresh\" CONTENT=\"1; URL=index.php\">";
}
}
}
}

// UnbanIP section ends, Change design section starts.
elseif (isset($_GET["change"]))
{

// Error messages
if (isset($_GET["change"]) && $_GET["change"] == "error")
{
$errormsg = "All fields are mandatory!";
}
elseif (isset($_GET["change"]) && $_GET["change"] == "mysqlerror")
{
$errormsg = $_GET["mysql"];
}
if (isset($_GET["change"]) && !isset($_GET["type"]))
{
    
echo "
<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.0 Transitional//EN\">
<html>
<head><meta http-equiv=\"Content-Type\" content=\"text/html; charset=iso-8859-1\"><title>Set up the design for 
".$title."</title>
<style type=\"text/css\">
BODY {
        SCROLLBAR-FACE-COLOR: #B0B0B0; SCROLLBAR-HIGHLIGHT-COLOR: #000000;
        SCROLLBAR-SHADOW-COLOR: #333333; SCROLLBAR-3DLIGHT-COLOR: #2e425a;
        SCROLLBAR-ARROW-COLOR: #3300FF; SCROLLBAR-TRACK-COLOR: #000000;
        SCROLLBAR-DARKSHADOW-COLOR: #000000; BACKGROUND-COLOR: $background;
}
A:link {
        COLOR: $alink; TEXT-DECORATION: none
}
A:active {
        COLOR: $active; TEXT-DECORATION: none
}
A:visited {
        COLOR: $avis; TEXT-DECORATION: none
}
A:hover {
        COLOR: $aover;
}

</style><font size=\"2\" face=\"Verdana,Geneva,Arial,Helvetica,sans-serif\" color='$txtcolor'></head>
<center><strong>".$errormsg."</strong>
<h2>Pre-mades</h2>
<a href=\"admin.php?change&type=original\">Original Design!</a><br>
<a href=\"admin.php?change&type=blackwhite\">Black/White Design!</a><br>
<a href=\"admin.php?change&type=deepblue\">DeepBlue Design!</a><br>
<a href=\"admin.php?change&type=red\">Red Design!</a><br>
<a href=\"admin.php?change&type=xmas\">Christmas Design!</a><br>
";


echo "
<form method=\"post\" action=\"admin.php?change&type=myown\">
<h2>Current design</h2>
Background Color: <input type=\"text\" name=\"background1\" value=\"".$background."\"><br>
Title: <input type=\"text\" name=\"title1\" value=\"".$title."\"><br>
Logo: <input type=\"text\" name=\"banner\" value=\"".$picture."\"><br>
Logo should point to: <input type=\"text\" name=\"logopoint1\" value=\"".$logopoint."\"><br>
Table Background: <input type=\"text\" name=\"tablebg1\" value=\"".$tablebg."\"><br>
Text color: <input type=\"text\" name=\"txtcolor1\" value=\"".$txtcolor."\"><br>
Link color: <input type=\"text\" name=\"alink\" value=\"".$alink."\"><br>
Mouse over link: <input type=\"text\" name=\"aover1\" value=\"".$aover."\"><br>
Active link: <input type=\"text\" name=\"active\" value=\"".$active."\"><br>
Visited link: <input type=\"text\" name=\"avis\" value=\"".$avis."\"><br><br><br>
<input type=\"submit\" value=\"OK!\"></font></form></html>";
}
if (isset($_GET["change"]) && isset($_GET["type"]) && $_GET["type"] == "original")
{
$title = "My Guestbook";
$background = "#F0F8FF";
$picture = "gbook.png";
$tablebg = "#F0F8FF";
$txtcolor = "#000000";
$logopoint = "http://darkking-gbook.sourceforge.net";
$aover = "#000000";
$alink = "#006699";
$active = "#006699";
$avis = "#006699";
}

elseif (isset($_GET["change"]) && isset($_GET["type"]) && $_GET["type"] == "blackwhite")
{
$title = "My Guestbook";
$background = "#000000";
$picture = "gbook-black.png";
$tablebg = "#000000";
$txtcolor = "#ffffff";
$logopoint = "http://darkking-gbook.sourceforge.net";
$aover = "#ffffff";
$alink = "#006699";
$active = "#006699";                                             
$avis = "#006699";
}

elseif (isset($_GET["change"]) && isset($_GET["type"]) && $_GET["type"] == "deepblue")
{
$title = "My Guestbook";
$background = "#336699";
$picture = "gbook-blue.gif";
$tablebg = "#336699";
$txtcolor = "#ffffff";
$logopoint = "http://darkking-gbook.sourceforge.net";
$aover = "#ffffff";
$alink = "#00ff00";
$active = "#00ff00";
$avis = "#00ff00";
}

elseif (isset($_GET["change"]) && isset($_GET["type"]) && $_GET["type"] == "red")
{
$title = "My Guestbook";
$background = "#b22222";
$picture = "gbook-red.gif";
$tablebg = "#b22222";
$txtcolor = "#00cc00";
$logopoint = "http://darkking-gbook.sourceforge.net";
$aover = "#ffffff";
$alink = "#cc99ff";
$active = "#cc99ff";
$avis = "#cc99ff";
}

elseif(isset($_GET["change"]) && isset($_GET["type"]) && $_GET["type"] == "xmas")
{
$title = "My Guestbook";
$background = "#006600";
$picture = "gbook-christmas.gif";
$tablebg = "#006600";
$txtcolor = "#ff0000";
$logopoint = "http://darkking-gbook.sourceforge.net";
$aover = "#ffffff";
$alink = "#663300";
$active = "#663300";
$avis = "#663300";
}
elseif (isset($_GET["change"]) && isset($_GET["type"]) && $_GET["type"] == "myown")
{
if (!$_POST["background1"] || !$_POST["title1"] || !$_POST["banner"] || !$_POST["logopoint1"] || 
!$_POST["tablebg1"] || !$_POST["txtcolor1"] || !$_POST["alink"] || !$_POST["aover1"] || !$_POST["active"] || 
!$_POST["avis"])
{
echo "<META HTTP-EQUIV=\"refresh\" CONTENT=\"0; URL=admin.php?change=error\">";
}
$title = $_POST["title1"];
$background = $_POST["background1"];
$picture = $_POST["banner"];
$tablebg = $_POST["tablebg1"];
$txtcolor = $_POST["txtcolor1"];
$logopoint = $_POST["logopoint1"];
$aover = $_POST["aover1"];
$alink = $_POST["alink"];
$active = $_POST["active"];
$avis = $_POST["avis"];
}
if (isset($_GET["change"]) && isset($_GET["type"]))
{
$titlesecond = str_replace("\"", "'", $title);
$qadd = "update $designtable set
title = (\"{$titlesecond}\"),
background = ('{$background}'),
picture = ('{$picture}'),
tablebg = ('{$tablebg}'),
textcolor = ('{$txtcolor}'),
logopoint = ('{$logopoint}'),
aover = ('{$aover}'),
alink = ('{$alink}'),
active = ('{$active}'),
avis = ('{$avis}')";


if (!$result = mysql_query($qadd,$link)) {

             echo "<META HTTP-EQUIV=\"refresh\" CONTENT=\"0; 
             URL=admin.php?change=mysqlerror&mysql=".mysql_error()."\">";
} else {

          echo "The design has been changed. <a href=\"index.php\">Click here to return to the index</a><META 
          HTTP-EQUIV=\"refresh\" CONTENT=\"1; URL=index.php\">";
}
}
}
}
else
{
echo "Please log in to use the admin function.";
}
if (!isset($_GET["mod"]) && !isset($_GET["del"]) && !isset($_GET["ban"]) && !isset($_GET["unban"]) && 
!isset($_GET["change"]) && isset($_COOKIE["checklogin"]) && $_COOKIE["checklogin"] == $adminpassword)
{
echo "
<html><head><title>Admin menu for ".$title."</title>
<style type=\"text/css\">
BODY {
        SCROLLBAR-FACE-COLOR: #B0B0B0; SCROLLBAR-HIGHLIGHT-COLOR: #000000;
        SCROLLBAR-SHADOW-COLOR: #333333; SCROLLBAR-3DLIGHT-COLOR: #2e425a;
        SCROLLBAR-ARROW-COLOR: #3300FF; SCROLLBAR-TRACK-COLOR: #000000;
        SCROLLBAR-DARKSHADOW-COLOR: #000000; BACKGROUND-COLOR: $background;
}
A:link {
        COLOR: $alink; TEXT-DECORATION: none
}
A:active {
        COLOR: $active; TEXT-DECORATION: none
}
A:visited {
        COLOR: $avis; TEXT-DECORATION: none
}
A:hover {
        COLOR: $aover;
}

</style><font size=\"2\" face=\"Verdana,Geneva,Arial,Helvetica,sans-serif\" color='$txtcolor'></head>
<center><h1>Admin menu</h1><br><br></center>
<a href=\"admin.php?mod\">Modify a post</a><br>
<a href=\"admin.php?del\">Delete a post</a><br>
<a href=\"admin.php?ban\">Ban an IP</a><br>
<a href=\"admin.php?unban\">Unban an IP</a><br>
<a href=\"admin.php?change\">Change design</a><br><br><br>
<a href=\"index.php\">Return to the index.</a></font></html>";
}
?>
Return current item: GBook