Ik heb een cms script alleen als ik druk op edit werkt het niet. Hij vernieuwt dan de pagina. Ik heb het inlogsysteem net ingebouwt. Hier ligt de fout denk ik.
<?
// Volgende regel commentaar maken als je config.php al geinclude hebt (# of //)
include("config.php");
if(isset($_SESSION['user_id'])) {
// Inloggen correct, updaten laatst actief in db
$sql = "UPDATE gebruikers SET lastactive=NOW() WHERE id='".$_SESSION['user_id']."'";
mysql_query($sql);
}else{
if(isset($_COOKIE['user_id'])) {
$sql = "SELECT wachtwoord,status FROM gebruikers WHERE id='".$_COOKIE['user_id']."'";
$query = mysql_query($sql);
$rij = mysql_fetch_object($query);
$dbpass = htmlspecialchars($rij->wachtwoord);
$dbstatus = htmlspecialchars($rij->status);
$status = $sql['status'];
if($dbpass == $_COOKIE['user_password']) {
$_SESSION['user_id'] = $_COOKIE['user_id'];
$_SESSION['user_status'] = $dbstatus;
}else{
setcookie("user_id", "", time() - 3600);
setcookie("user_password", "", time() - 3600);
echo "Cookies incorrect. Cookies verwijderd.";
header("Location: inloggen.php");
}
}else{
header("Location: inloggen.php");
}
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<title>Content Management Systeem - Ozone.nl</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<meta http-equiv="content-style-type" content="text/css" />
<meta http-equiv="content-script-type" content="javascript" />
<meta name="author" content="X-Qlusive Style" />
<meta name="publisher" content="Infra Specials" />
<meta name="copyright" content="(c)2006 Infraspecials" />
<meta name="robots" content="noindex, nofollow" />
<link href="style.css" rel="stylesheet" type="text/css" />
<script type="text/javascript">
<!--
function sub_productenShow()
{
document.getElementById('sub_producten').style.visibility = 'visible';
}
function sub_productenHide()
{
document.getElementById('sub_producten').style.visibility = 'hidden';
}
function sub_nieuwsShow()
{
document.getElementById('sub_nieuws').style.visibility = 'visible';
}
function sub_nieuwsHide()
{
document.getElementById('sub_nieuws').style.visibility = 'hidden';
}
function MM_displayStatusMsg(msgStr) { //v1.0
status=msgStr;
document.MM_returnValue = true;
}
function MM_findObj(n, d) { //v4.01
var p,i,x; if(!d) d=document; if((p=n.indexOf("?"))>0&&parent.frames.length) {
d=parent.frames[n.substring(p+1)].document; n=n.substring(0,p);}
if(!(x=d[n])&&d.all) x=d.all[n]; for (i=0;!x&&i<d.forms.length;i++) x=d.forms[i][n];
for(i=0;!x&&d.layers&&i<d.layers.length;i++) x=MM_findObj(n,d.layers[i].document);
if(!x && d.getElementById) x=d.getElementById(n); return x;
}
function MM_validateForm() { //v4.0
var i,p,q,nm,test,num,min,max,errors='',args=MM_validateForm.arguments;
for (i=0; i<(args.length-2); i+=3) { test=args[i+2]; val=MM_findObj(args[i]);
if (val) { nm=val.name; if ((val=val.value)!="") {
if (test.indexOf('isEmail')!=-1) { p=val.indexOf('@');
if (p<1 || p==(val.length-1)) errors+='- '+nm+' must contain an e-mail address.\n';
} else if (test!='R') { num = parseFloat(val);
if (isNaN(val)) errors+='- '+nm+' must contain a number.\n';
if (test.indexOf('inRange') != -1) { p=test.indexOf(':');
min=test.substring(8,p); max=test.substring(p+1);
if (num<min || max<num) errors+='- '+nm+' must contain a number between '+min+' and '+max+'.\n';
} } } else if (test.charAt(0) == 'R') errors += '- '+nm+' is required.\n'; }
} if (errors) alert('The following error(s) occurred:\n'+errors);
document.MM_returnValue = (errors == '');
}
//-->
</script>
</head>
<body onload="MM_displayStatusMsg('CMS - Ozone.nl - Producten aanpassen.');return document.MM_returnValue">
<div id="container">
<div id="top">
<div id="logo"></div>
<div id="top_menu">
<a href="index.php" class="top_menu-n">Home</a>
<a href="" class="top_menu-n" onmouseover="sub_productenHide(), sub_nieuwsHide()">Content</a>
<a href="" class="top_menu-a" onmouseover="sub_productenShow(), sub_nieuwsHide()">Producten</a>
<a href="" class="top_menu-n" onmouseover="sub_productenHide(), sub_nieuwsShow()">Nieuws</a>
<?php
if(isset($_SESSION['status'])){
echo' <a href="logout.php" class="top_menu-n" onmouseover="sub_productenHide(), sub_nieuwsHide()">UITLOGGEN</a>';
}
else {
echo'<a href="login.php" class="top_menu-n" onmouseover="sub_productenHide(), sub_nieuwsHide()">INLOGGEN</a>';
}
?><br />
</div>
<div id="sub_producten" class="sub">
<p class="sub_menu">
<a href="addproduct.php" class="sub_menu-n">Voeg product toe</a> <br />
<a href="editproducten.php" class="sub_menu-a">Bewerk producten</a></p>
</div>
<div id="sub_nieuws" class="sub">
<p class="sub_menu">
<a href="addproduct.php" class="sub_menu-n">Voeg nieuws toe</a> <br />
<a href="editproduct.php" class="sub_menu-n">Bewerk nieuws</a></p>
</div>
</div>
<?php
echo' <div id="left" onmouseover="sub_productenHide(), sub_nieuwsHide()"><h1><span class="rood">CMS</span> - Ozone.nl</h1>';
$tijd = date('G'); //bepaal de tijd in uren
if($tijd < 6)
{
echo 'Goede nacht '.$user.'<br /><br />';
}
elseif($tijd < 12)
{
echo 'Goedemorgen '.$user.'<br /><br />';
}
elseif($tijd < 18)
{
echo 'Goedemiddag '.$user.'<br /><br />';
}
else
{
echo 'Goede avond '.$user.'<br /><br />';
}
echo 'U kunt hier de pagina’s beheren die gekoppeld zijn aan uw account. <br /><br />
<br />
<h1>Help</h1>
Cms
<br />
Uploaden
<br />
<br />
<br />
<br />
<br />
<h1>Contact</h1>
<b>Vragen:</b> [email protected]<br />
<b>Storing:</b> [email protected]
</div>';
?>
<div id="content" onmouseover="sub_productenHide(), sub_nieuwsHide()">
<?php
$result = mysql_query("SELECT * FROM producten order by id ASC");
if(isset($result))
{
while($r=mysql_fetch_assoc($result))
{
echo '
<table width="300" border="0" cellspacing="4" bgcolor="#E9E9E9" class="edit_vlakken">
<tr>
<td width="85" valign="top" ><b>ID</b></td>
<td colspan="2"><div class="edit_tekst">'.$r['id'].'</div></td>
</tr>
<tr>
<td valign="top"><b>Naam</b></td>
<td colspan="2"><div class="edit_tekst">'.$r['naam'].'</div></td>
</tr>
<tr>
<td valign="top"><b>Artikelnummer</b></td>
<td colspan="2"><div class="edit_tekst">'.$r['art_nr'].'</div></td>
</tr>
<tr>
<td class="wijzigen"></td>
<td width="134" class="wijzigen"><div align="right"><a href="editproducten.php?mode=edit&id='.$r['id'].'&rank='.$rank.'">Wijzigen</a></div></td>
<td width="57" class="wijzigen"><div align="center"><a href="'.$_SERVER['PHP_SELF'].'?mode=delete&id='.$r['id'].'">Delete</a></div></td>
</table>';
}
}
else
{
echo '';
} ?>
<?php
if( isset( $_GET['mode'] ) && $_GET['mode'] == 'delete' || isset( $_POST['mode'] ) && $_POST['mode'] == 'delete')
{
$sql = "DELETE FROM producten WHERE id=".$_GET['id'];
$result = mysql_query($sql) or die(mysql_error());
echo '<span class="ok">Het product is verwijderd!</span><META HTTP-EQUIV=Refresh CONTENT="2; URL='.$_SERVER['PHP_SELF'].'">';
if( isset( $_GET['mode'] ) && $_GET['mode'] == 'edit' || isset( $_POST['mode'] ) && $_POST['mode'] == 'edit' )
{
if (!isset($_POST['submit']))
{
$id = $_GET['id'];
$sql = 'SELECT * FROM producten WHERE id='.$_GET['id'];
$result = mysql_query($sql) or die(mysql_error());
$content = mysql_fetch_array($result);
?>
<form action="<?php $_SERVER['PHP_SELF'] ?>" method="post" onsubmit="MM_validateForm('naam','','R','img_sm','','R','img_bg','','R');return document.MM_returnValue">
<table width="100%" border="0" cellpadding="5" cellspacing="0" bgcolor="#E9E9E9" class="edit_vlakken">
<tr>
<td width="163" class="naam">ID:<br />
<br /></td>
<td width="417"><?php echo $content['id'].'<br /><br />' ?> </td>
</tr>
<tr>
<td width="163" class="naam">Laatst aangepast door:<br />
<br /></td>
<td width="417"><?php echo $content['user'].'<br /><br />' ?> </td>
</tr>
<tr>
<td width="163" class="naam">Artikelnummer:<br />
<br /></td>
<td width="417"><?php echo $content['art_nr'].'<br /><br />' ?> </td>
</tr>
<tr>
<td width="163" class="naam">Naam:</td>
<td width="417"><input name="naam" type="text" id="naam" onblur="MM_validateForm('naam','','R');return document.MM_returnValue" value="<?php echo $content['naam'] ?>" size="50" />
<input type="hidden" name="mode" value="edit" /> </td>
</tr>
<tr> </tr>
<tr>
<td class="naam" valign="">Categorie:</td>
<td><label>
<select name="cat">
<option value="1" <?php if($content['cat'] < 2) { echo 'selected="selected"'; } ?>>Boeken</option>
<option value="2" <?php if($content['cat'] == 2) { echo 'selected="selected"'; } ?>>Muziek & DVD</option>
<option value="3" <?php if($content['cat'] == 3) { echo 'selected="selected"'; } ?>>Speelgoed</option>
<option value="4" <?php if($content['cat'] == 4) { echo 'selected="selected"'; } ?>>Beeld & Geluid</option>
<option value="5" <?php if($content['cat'] == 5) { echo 'selected="selected"'; } ?>>Automaterialen</option>
<option value="6" <?php if($content['cat'] == 6) { echo 'selected="selected"'; } ?>>PC & Toebehoren</option>
<option value="7" <?php if($content['cat'] == 7) { echo 'selected="selected"'; } ?>>Huishouden</option>
<option value="8" <?php if($content['cat'] == 8) { echo 'selected="selected"'; } ?>>Gereedschap</option>
<option value="9" <?php if($content['cat'] == 9) { echo 'selected="selected"'; } ?>>Verzorging</option>
</select>
</label></td>
</tr>
<td width="163" class="naam" valign="">Info:</td>
<td width="417"><textarea name="info" cols="50" rows="8" id="info"><?php echo $content['info'] ?></textarea>
<input type="hidden" name="mode" value="edit" /> </td>
</tr>
<tr>
<td class="naam">Prijs:</td>
<td><input name="prijs" type="text" id="prijs" value="<?php echo $content['prijs'] ?>" size="50" />
<input type="hidden" name="mode" value="edit" /> </td>
</tr>
<tr>
<td class="naam">Kleine afbeelding</td>
<td><input name="img_sm" type="text" id="img_sm" onblur="MM_validateForm('img_sm','','R');return document.MM_returnValue" value="<?php echo $content['img_sm'] ?>" size="50" />
<input type="hidden" name="mode" value="edit" /> </td>
</tr>
<tr>
<td class="naam">Grote afbeelding </td>
<td><input name="img_bg" type="text" id="img_bg" onblur="MM_validateForm('img_bg','','R');return document.MM_returnValue" value="<?php echo $content['img_bg'] ?>" size="50" />
<input type="hidden" name="mode" value="edit" /> </td>
</tr>
<tr>
<td class="naam">Actie</td>
<td><table width="113">
<tr>
<td width="47"><label>
<input type="radio" name="actie" value="1" <?php if($content['actie'] > 0) { echo 'checked="checked"'; } ?>/>Ja</label></td>
<td width="54"><input name="actie" type="radio" value="0" <?php if($content['actie'] == 0) { echo 'checked="checked"'; } ?>/>Nee</td>
</tr>
</table>
<input type="hidden" name="mode" value="edit" /> </td>
</tr>
<tr>
<td class="naam">Top 5 </td>
<td><label>
<select name="top5">
<option value="0">Nee</option>
<option value="1" <?php if($content['top5'] < 2) { echo 'selected="selected"'; } ?>>1</option>
<option value="2" <?php if($content['top5'] == 2) { echo 'selected="selected"'; } ?>>2</option>
<option value="3" <?php if($content['top5'] == 3) { echo 'selected="selected"'; } ?>>3</option>
<option value="4" <?php if($content['top5'] == 4) { echo 'selected="selected"'; } ?>>4</option>
<option value="5" <?php if($content['top5'] == 5) { echo 'selected="selected"'; } ?>>5</option>
</select>
</label>
<input type="hidden" name="mode" value="edit" /> </td>
</tr>
<tr>
<td class="naam">Nieuw</td>
<td><table width="113">
<tr>
<td width="47"><label>
<input type="radio" name="nieuw" value="1" <?php if($content['nieuw'] > 0) { echo 'checked="checked"'; } ?>/>Ja</label></td>
<td width="54"><input name="nieuw" type="radio" value="0" <?php if($content['nieuw'] == 0) { echo 'checked="checked"'; } ?>/>Nee</td>
</tr>
</table>
<input type="hidden" name="mode" value="edit" /> </td>
</tr>
<tr>
<td class="naam">Tips</td>
<td><table width="113">
<tr>
<td width="47"><label>
<input name="tips" type="radio" onclick="MM_validateForm('info','','R');return document.MM_returnValue" value="1" <?php if($content['tips'] > 0) { echo 'checked="checked"'; } ?>/>
Ja</label></td>
<td width="54"><input name="tips" type="radio" value="0" <?php if($content['tips'] == 0) { echo 'checked="checked"'; } ?>/>Nee</td>
</tr>
</table>
<input type="hidden" name="mode" value="edit" /> </td>
</tr>
<tr>
<td class="naam">Verwacht</td>
<td><table width="113">
<tr>
<td width="47"><label>
<input name="verwacht" type="radio" onclick="MM_validateForm('info','','R');return document.MM_returnValue" value="1" <?php if($content['verwacht'] > 0) { echo 'checked="checked"'; } ?>/>
Ja</label></td>
<td width="54"><input name="verwacht" type="radio" value="0" <?php if($content['verwacht'] == 0) { echo 'checked="checked"'; } ?>/>Nee</td>
</tr>
</table>
<input type="hidden" name="mode" value="edit" /> </td>
</tr>
<tr>
<td width="163" class="naam"></td>
<td><input type="submit" name="submit" value="Wijzigen" />
<input name="button" type="button" onclick="history.back()" value="Back" /> </td>
</tr>
</table>
</form>
<? } ?>
<?php
if(isset($_POST['submit']))
{
$naam = $_POST['naam'];
$info = $_POST['info'];
$prijs = $_POST['prijs'];
$img_sm = $_POST['img_sm'];
$img_bg = $_POST['img_bg'];
$actie = $_POST['actie'];
$top5 = $_POST['top5'];
$nieuw = $_POST['nieuw'];
$tips = $_POST['tips'];
$verwacht = $_POST['verwacht'];
$sql = "UPDATE producten SET
naam='".$naam."',
info='".$info."',
prijs='".$prijs."',
img_sm='".$img_sm."',
img_bg='".$img_bg."',
actie='".$actie."',
top5='".$top5."',
nieuw='".$nieuw."',
tips='".$tips."',
verwacht='".$verwacht."',
user='".$user."'
WHERE id=".$_GET['id'];
$result = mysql_query($sql) or die(mysql_error());
echo '<span class="ok">Uw aanpassingen zijn doorgevoerd!</span><br /><br /><meta http-equiv="refresh"
content="2;URL=editproducten.php">';
}
}
}
?>
</div>
</body>
</html> 