Viewing file: results.php (3.27 KB) -rw-rw-rw- Select action/file-type: (+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) |
<?php
/**
* Copyright 2008 Grestul Group
* Powered by Grestul
**/
?>
<?php session_start();
require "inc/config.php";
if(!isset($_SESSION['loggedin'])) {
header('Location: index.php?error=1');
exit();
}
$did = SafeAddSlashes($_GET['did']);
if(isset($_GET['did'])) {
$req = "DELETE FROM comments WHERE ID=$did";
$result = mysql_query ($req,$db);
header('Location: '.$domain.'/admin/manage.php');
exit();
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-type" content="text/html; charset=iso-8859-1" />
<title><?php echo "$webad"; ?></title>
<link href="inc/admin.css" rel="stylesheet" type="text/css" />
<link href="inc/manage.css" rel="stylesheet" type="text/css" />
</head>
<body>
<img src="inc/images/logo.png" class="logo" />
<div class="logout"><a href="close.php">Logout</a></div>
<div class="navi">
<a href="home.php"><img src="inc/images/homeoff.png" class="navihoff" /></a>
<a href="management.php"><img src="inc/images/manageon.png" class="navion" /></a>
<a href="stylehome.php"><img src="inc/images/styleoff.png" class="navioff" /></a>
</div>
<div class="contentrep">
<div class="infobar">
<div class="infotext">
<br />
<div align="center">
<form method="post" action="results.php">
<input type="text" name="search" size="50">
<select name="menu" id="menu">
<option value="ID">CID (comment ID)</option>
<option value="name">Name</option>
<option value="comment">Comment</option>
</select>
<input type="submit" value="Search">
</form>
</div>
</div>
</div>
<div class="btite">
Grestul Management - Search Comments
</div>
<div class="bodycontent">
<div id="wrapper">
<?php
$search=htmlentities($_POST["search"]);
$menu=$_POST["menu"];
$result = mysql_query("SELECT * FROM comments WHERE ".$menu." LIKE '%$search%'");
while($row=mysql_fetch_array($result))
{
$id=$row["ID"];
$name=htmlentities($row["name"]);
$comment=htmlentities($row["comment"]);
$ip=$row["ip"];
echo '<div class="comment">'."\n";
echo ' <div class="postertime">'."\n";
echo ' <span class="poster">';
echo "$name";
echo '</span> - <span><a href="?did='.$id.'" class="remove">[Remove]</a>
<a href="#wrapper" class="remove">[Top]</a>';
echo ' - [IP: '."$ip] [CID: $id]</span>";
echo ' </div>'."\n\n";
echo ' <div class="usercomment">'."\n";
echo ' <p>'.(nl2br($comment)).'</p>'."\n";
echo ' </div>'."\n\n";
echo '</div>'."\n\n";
}
if (!$id) {
echo 'No Results found!';
}
elseif (!$name) {
echo 'No Results found!';
}
elseif (!$comment) {
echo 'No Results found!';
}
?>
</div>
</div>
</div>
<div class="footer">
<!-- DO NOT CHANGE, REMOVE, OR HINDER WITH THE COPYRIGHT OR POWERED BY LINES BELOW -->
<!-- YOU AGREED TO THE AGREEMENT WHEN YOU DOWNLOADED AND INSTALLED OUR SOFTWARE -->
<!-- REMOVING THE LINES BELOW WILL FORCE US TO TAKE LEGAL ACTION -->
<!-- BE FAIR AND KEEP THE POWERED BY AND COPYRIGHT LINES. -->
Powered By: <a href="http://grestul.com" target="_blank">Grestul,</a> Copyright © 2007-2008 <a href="http://grestul.com" target="_blank">Grestul Group.</a>
</div>
</body>
</html>
|