aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--admin.php55
-rw-r--r--edit.php15
-rw-r--r--test/notes.sql (renamed from notes.sql)0
3 files changed, 38 insertions, 32 deletions
diff --git a/admin.php b/admin.php
index 2bfdfde..39f268c 100644
--- a/admin.php
+++ b/admin.php
@@ -1,41 +1,32 @@
<?php
session_start();
-# DB CONNECT
-try {
- $user = "yota_user";
- $password = "leex3EThieK0ieLaiVaicaifef5eecei";
- $database = "yota_call_db";
- $conn = new PDO("mysql:host=localhost;dbname=$database", $user, $password);
- $conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
-} catch (PDOException $e) {
- echo "<p>Error!: " . $e->getMessage() . "</p>";
- die();
-}
-
-# SHOLUD SOMETHING BE APPROVED?
-if ($_SERVER["REQUEST_METHOD"] == "POST" && isset($_POST['id']) ) {
- $stmt = $conn->prepare("UPDATE activities SET approved = true WHERE id=:id");
-echo "lol:" . $_POST['id'];
- $stmt->bindParam(':id', $_POST['id']);
- $stmt->execute();
-}
-
# IS LOGIN LEGITIMATE?
if ($_SERVER["REQUEST_METHOD"] == "POST" && isset($_POST['email']) && isset($_POST['password'])) {
- try {
- $stmt = $conn->prepare("SELECT * FROM admins WHERE email=:email");
- $stmt->bindParam(':email', $_POST['email']);
- $stmt->execute();
- $row = $stmt->fetch();
- if (password_verify($_POST['password'], $row['password'])){
- $_SESSION['admin'] = true;
- } else {
- $_SESSION['admin'] = false;
+ # DB CONNECT
+ try {
+ $user = "yota_user";
+ $password = "gahdeer6shai9hogai2sai4quuaj1eVu";
+ $database = "yota_call_db";
+
+ $conn = new PDO("mysql:host=localhost;dbname=$database", $user, $password);
+ $conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
+
+ $stmt = $conn->prepare("SELECT * FROM admins WHERE email=:email");
+ $stmt->bindParam(':email', $_POST['email']);
+ $stmt->execute();
+ $row = $stmt->fetch();
+
+ if (password_verify($_POST['password'], $row['password'])){
+ $_SESSION['admin'] = true;
+ } else {
+ $_SESSION['admin'] = false;
+ }
+ } catch (PDOException $e) {
+ echo "<p>Error!: " . $e->getMessage() . "</p>";
}
- } catch (PDOException $e) {
- echo "<p>Error!: " . $e->getMessage() . "</p>";
- }
+ $stmt=null;
+ $conn=null;
}
?>
<!DOCTYPE html>
diff --git a/edit.php b/edit.php
new file mode 100644
index 0000000..3ddada5
--- /dev/null
+++ b/edit.php
@@ -0,0 +1,15 @@
+<?php
+session_start();
+
+if (isset($_SESSION['admin']) && $_SESSION['admin'] == true) {
+ try {
+ $user = "yota_admin";
+ $password = "quaequaquagh6ahwoh6Chahx1EiFooGh";
+ $database = "yota_call_db";
+ $conn = new PDO("mysql:host=localhost;dbname=$database", $user, $password);
+ $conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
+ } catch (PDOException $e) {
+ echo "<p>Error!: " . $e->getMessage() . "</p>";
+ }
+
+}
diff --git a/notes.sql b/test/notes.sql
index dd59770..dd59770 100644
--- a/notes.sql
+++ b/test/notes.sql