<?php
session_save_path("/home/users/web/b557/sl.flyingcoachlimo/public_html/cgi-bin/tmp");
session_start();
if (!isset($_SESSION["verified"])) {
header ("Location: index.php");
exit();
}
// Determine pageID and section user wishes to edit
if (isset($_GET['pageID'])) {
$pageID = $_GET['pageID'];
$pageSection = $_GET['pageSection'];
}
elseif (isset($_POST['pageID'])) {
$pageID = $_POST['pageID'];
$pageSection = $_POST['pageSection'];
}
else
exit("NO PAGE ID FOUND");
// Connect to the database
include("incDBConnectAdmin.php");
// Determine if the user had submitted new data and update the database
if (isset($_POST["submit"])) {
$pageID = $_POST["pageID"];
$newImage = $_POST["backdrop"];
$query = "UPDATE pages SET pageImage='$newImage' WHERE pageName ='$pageID'";
mysql_query($query);
}
elseif (isset($_POST["Delete"])) {
$pageID = $_POST["pageID"];
$newImage = $_POST["backdrop"];
$query = "DELETE FROM images WHERE eFilename ='$newImage'";
mysql_query($query);
}
?>
<link rel="stylesheet" href="../stylesheet.css" type="text/css" />
<table align="center" border="0" width="350">
<tr valign="top" height="25">
<td>
<h1>
www.LetUsDesign.it - Edit.it CMS v1.0.7
</h1>
<p>
Please note that upon submission, all changes you make are final and will be committed to the database immediately. All changes and edits made are final and can not be reverted.<br/><br/>
</p>
</td>
</tr>
<tr valign="top" height="50px">
<td>
<form method="post" action="backdrop.php">
<hr/>
<h1>Current Backdrop for: <?php echo $pageID; ?>
<?php
$query = "SELECT pageImage FROM pages WHERE pageName='" .$pageID . "'";
// Place results into variables
$result = mysql_query($query);
if(!$result)
{
echo 'Query failed: '.mysql_error();
}
while($row = mysql_fetch_array($result))
{
$currentPageImage = $row[0];
}
?>
<br/>
<img src="../images/backdrops/<?php echo $currentPageImage; ?>" height="50%" />
<br/><br/><br/>
<br />
<?php
$query = "SELECT eFilename FROM images";
// Place results into variables
$result = mysql_query($query);
if(!$result)
{
echo 'Query failed: '.mysql_error();
}
while($row = mysql_fetch_array($result))
{
echo "<tr>";
echo "<td>";
echo "<img src=\"../images/backdrops/" . $row[0] . "\" height=\"50\%\" />";
echo "<input type=\"radio\" name=\"backdrop\" value=\"" . $row[0] . "\">";
echo "</tr>";
echo "</td>";
}
?>
<tr>
<td>
<br/><br/>
<?php echo "<input type='hidden' name='pageID' value='" . $pageID . "'>"; ?>
<?php echo "<input type='hidden' name='pageSection' value='" . $pageSection . "'>"; ?>
<input type="submit" name="submit" value="Submit" />
<input type="reset" name="reset" value="Reset" />
<input type="submit" name="Delete" value="Delete" />
</td>
</tr>
</form>
</td>
</tr>
<tr>
<td>
<br/><br/>
<a href="main.php">Go Back To Main Menu</a>
<br/><br/>
<a href="logout.php">Logout of Page Editor</a>
</td>
</tr>
</table>
</body>
</html>