<?php
session_save_path("/home/users/web/b557/sl.flyingcoachlimo/public_html/cgi-bin/tmp");
session_start();
if (!isset($_SESSION["verified"])) {
header ("Location: index.php");
exit();
}
// Connect to the database
include("incDBConnectAdmin.php");
// Determine if the user had submitted new data and update the database
if (isset($_POST["submit"])) {
$pageID = $_POST["pageID"];
$newImage = $_POST["header"];
$query = "UPDATE headers SET eFilename='$newImage' WHERE eID=1";
mysql_query($query);
}
elseif (isset($_POST["Delete"])) {
$pageID = $_POST["pageID"];
$newImage = $_POST["header"];
if ($newImage == "originalheader.gif") {
echo "<h3 style=color:red>You can not delete this image</h3>";
}
else {
$query = "DELETE FROM headers WHERE eFilename ='$newImage'";
mysql_query($query);
}
}
?>
<link rel="stylesheet" href="../stylesheet.css" type="text/css" />
<table align="center" border="0" width="350">
<tr valign="top" height="25">
<td>
<h1>
www.LetUsDesign.it - Edit.it CMS v1.0.7
</h1>
<p>
Please note that upon submission, all changes you make are final and will be committed to the database immediately. All changes and edits made are final and can not be reverted.<br/><br/>
</p>
</td>
</tr>
<tr valign="top" height="50px">
<td>
<form method="post" action="header.php">
<hr/>
<h1>Current Header
<?php
$query = "SELECT eFilename FROM headers WHERE eID=1";
// Place results into variables
$result = mysql_query($query);
if(!$result)
{
echo 'Query failed: '.mysql_error();
}
while($row = mysql_fetch_array($result))
{
$currentPageImage = $row[0];
}
?>
<br/>
<img src="../images/headers/<?php echo $currentPageImage; ?>" height="50%" />
<br/><br/><br/>
<br />
<?php
$query = "SELECT eFilename FROM headers WHERE eID>1";
// Place results into variables
$result = mysql_query($query);
if(!$result)
{
echo 'Query failed: '.mysql_error();
}
while($row = mysql_fetch_array($result))
{
echo "<tr>";
echo "<td>";
echo "<img src=\"../images/headers/" . $row[0] . "\" height=\"50\%\" />";
echo "<input type=\"radio\" name=\"header\" value=\"" . $row[0] . "\">";
echo "</tr>";
echo "</td>";
}
?>
<tr>
<td>
<br/><br/>
<?php echo "<input type='hidden' name='pageID' value='" . $pageID . "'>"; ?>
<?php echo "<input type='hidden' name='pageSection' value='" . $pageSection . "'>"; ?>
<input type="submit" name="submit" value="Submit" />
<input type="reset" name="reset" value="Reset" />
<input type="submit" name="Delete" value="Delete" />
</td>
</tr>
</form>
</td>
</tr>
<tr>
<td>
<br/><br/>
<a href="main.php">Go Back To Main Menu</a>
<br/><br/>
<a href="logout.php">Logout of Page Editor</a>
</td>
</tr>
</table>
</body>
</html>