Announcement

Collapse
No announcement yet.

[php] please review & input

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • [php] please review & input

    i want to make a web application like www.team3d.net. it will display news and comments, matches for the servers clans and their demos, rosters (different kinds cuz we have 2 clans and a set of admins to keep track of), a similar feature to team3d's Ask 3d for feedback and FAQ reasons, a poll, archives, and a user database for people to login to post comments.

    this is what I have done so far and would like to know if this code for the index would work..
    i know this is a very stupid way to ask for help cuz i just put my code out to the public, but I plan on sharing after I finish anyway.

    I have the index.php done, and started a functions.php for some functions i called for

    # index.php

    PHP Code:
      <?php 
    require("./global.php");
    $getperms=permissions();
    /*  Select afew site variables  */
    $settings=mysql_query("SELECT sitename,siteurl,allowpoll,allowreg,maxnews,matches,demos FROM tbl_settings");
    $status=mysql_query("SELECT questions,serverip,serverstatus FROM tbl_status");
    $template=array("
    '1' => 'header',
    '2' => 'navigation',
    '3' => 'user_status_logged',
    '4' => 'user_status_unlogged',
    '5' => 'news',
    '6' => 'index_matches',
    '7' => 'index_demos',
    "
    );
    gettemplate($template[1],$settings['sitename'],$settings['siteurl']);

    $nav=mysql_query("SELECT id,linkname,linkurl FROM tbl_navigation");
    while (
    mysql_fetch_assoc($nav)) {
     eval(
    "\$navigation = \" . gettemplate($template[2]) . "\");
    }
    if (
    $getperms == 1) {
     
    $adminlink = "http://" . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . "/admin/";
    $modlink NULL;
    } else {
     
    $adminlink NULL;
    }
    if (
    $getperms == 2) {
     
    $modlink "http://" $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . "/mod/";
    $adminlink NULL;
    } else {
     
    $modlink NULL;
    }
    if (
    $getperms => 3) {
     
    $modlink NULL;
    $adminlink NULL;
    }

    if (
    $_COOKIE['username']) && $_COOKIE['password']) {
     
    $user[login]=$_COOKIE['username'];
     
    $user[pass]=$_COOKIE['password'];
     
    gettemplate($template[3]);
    } else {
     
    gettemplate($template[4]);

     if (
    $submit) {
     
    $check=mysql_query("SELECT id,username,password FROM tbl_users WHERE username=".$username);
       if (
    $password==$check['password'] && $login==$check['username']) {
    $user[pass]=$check[password];
    $user[login]=$check[username];
    $user[id]=$check[id];

    setcookie('username'$user[login], time()+3600000'/'''0);
    setcookie('password'$user[pass], time()+3600000'/'''0);
    setcookie('id'$user[id], time()+3600000'/'''0);
    header ("Location: http://" $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . "/index.php");
       } else {
    header ("Location: http://" $_SERVER['HTTP_HOST'] . dirname(S_SERVER['PHP_SELF']) . "/index.php?error=invalidlogin");
       }
     }
    }

    if (
    $status['questions']==0) {
     
    $questionstatus=$lang['offline'];
    } else {
     
    $questionstatus=$lang['online'];
    }
    if (
    $status['serverstatus']==0) {
     
    $serverstatus=$lang['offline'];
    } else {
     
    $serverstatus=$lang['online'];
    }

    $news=mysql_query("SELECT id,title,author,author_id,news,comments,posted FROM tbl_news LIMIT $settings['maxnews'] ORDER BY posted DESC");
    define("<AUTHOR>",$news['author']);
    define("<AUTHOR_ID>",$news['author_id']);
    define("<NID>",$news['id']);
    define("<NEWS>",$news['news']);
    define("<COMMENTS>",$news['comments']);
    define("<TITLE>",$news['title']);
    gettemplate($template[5]);

    function 
    matches() {
     global 
    $matches;

    $matches=mysql_query("SELECT id,opponent,score,date FROM tbl_matches LIMIT $settings[matches] ORDER BY date DESC");
    define("<MID>",$matches['id']);
    define("<OPPONENT>",$matches['opponent']);
    define("<SCORE>",$matches['score']);
    define("<DATE>",$matches['date']);
    }
    function 
    demos() {
     global 
    $demos;

    $deoms=mysql_query("SELECT id,opponent,date FROM tbl_demos LIMIT $settings[demos] ORDER BY date DESC");
    define("<DID>",$demos['id']);
    define("<DOPPONENT>",$demos['opponent']);
    define("<DDATE>",$demos['date']);
    }
    gettemplate($template[6]);
    gettemplate($template[7]);
    mysql_close();
    ?>
    # functions.php

    PHP Code:
      <?php

    function getpermissions() {
     if (
    $_COOKIE['username'] && $_COOKIE['uid'] && $_COOKIE['password']) {
      
    $user['name']=$_COOKIE['username'];
     
    $user['uid']=$_COOKIE['uid'];
     
    $user['pass']=$_COOKIE['password'];
    } else {
      
    $user['name']=FALSE;
     
    $user['uid']=FALSE;
     
    $user['pass']=FALSE;
    }

    if (
    $user['name'] && $user['uid'] && $user['pass']) {
      
    $getperms=mysql_query("SELECT permissions FROM tbl_users WHERE id=$user['uid']");
     if (
    $perms) {
       
    $getperms=$getperms['permissions'];
     } else {
       echo 
    $lang['perm_error'];
     }
    } else {
      
    $getperms=3;
    }
    return 
    $getperms;
    }

    function 
    gettemplate($template,$thing1,$thing2) {
    $file file("templates/".$template.".inc.php");
    $template implode("|||",$file);
    $template str_replace("\"","\\\"",$template);
    return 
    $template;
    }

    function 
    error_log ($error$log 1) {
     global 
    $error;
    if (
    $log==1) {
      
    $logerr=mysql_query("INSERT INTO tbl_error_log VALUES('',$error,now();)");
    }
    }
    if i renamed MySQL tables by accident like tbl_users, to users (which I think I did but fixed) dont even mention them cuz they are stupid mistakes that will be fixed
widgetinstance 262 (Related Topics) skipped due to lack of content & hide_module_if_empty option.
Working...
X