geocachecs · October 23, 2015 01:50
diff --git a/admin.php b/admin.php

 <link rel="stylesheet" type="text/css" href="css/style.css">
 <?php
 	session_start();
 	require '../dbConnection.php';
 	$dbConn = getConnection();
 	$password = $_GET['password'];
 	$username = $_GET['username'];
 	
 	
 	$sql = "SELECT * FROM fp_admin where password = :password AND username = :username";
 	$namedParameters = array(); 
 	$namedParameters[':password'] = $password;
 	$namedParameters[':username'] = $username;
 	$stmt = $dbConn->prepare($sql);
 	$stmt->execute($namedParameters);
 	$result = $stmt->fetch();
 	
 	if(empty($result))
 	{
 		header("Location: index.php");
 		
 	}
 	else 
 	{
 		$_SESSION['admin'] = true;
 		header("Location: edit.php");
 	}
 	
 ?>
diff --git a/edit.php b/edit.php
 <link rel="stylesheet" type="text/css" href="css/style.css">
 <script src="https://code.jquery.com/jquery-1.10.2.js"></script>
 <?php
 	session_start();
 	require '../dbConnection.php';
 	

 	$dbConn=getConnection();

 	
 	
 	if($_SESSION['admin']==true)
 	{
 		$sql = "SELECT count(title) number FROM fp_manga where 1";
 		$stmt = $dbConn -> prepare($sql); //prepare
 		$stmt -> execute ();
 		$result=$stmt->fetch(); //fetch	
 		echo "<span style='font-size:140%'>" . $result['number'] . " mangas in library</span></br>";
 		
 		$sql = "SELECT count(searchId) number FROM fp_activity where 1";
 		$stmt = $dbConn -> prepare($sql); //prepare
 		$stmt -> execute ();
 		$result=$stmt->fetch(); //fetch	
 		echo "<span style='font-size:140%'>" . $result['number'] . " user searches</span></br>";
 		
 		echo 
 		"
 			<div style='font-size:200%'> Add Submission Below </div>
 			<form>
 				<input type='text' value='add title' name='newtitle'>
 				<input type='text' value='new description' name='newdesc'></br>
 				<input type='text' value='new year' name='newyear'>
 				<input type='text' value='new image URL' name='newdimg'>
 				<input type='submit' value='submit!' name='submit'></br></br>

 			</form>
 		";
 		
 		if(!empty($_GET['newtitle']))
 		{
 			$sql = "INSERT INTO `hart4492`.`fp_manga` (`mangaId`, `title`, `description`, 'Year', 'image') VALUES (NULL, :newtitle, :newdesc, :year, :image);";
 			$addParameter[':newtitle'] = $_GET['newtitle'];	
 			$addParameter[':newdesc'] = $_GET['newdesc'];	
 			$addParameter[':year'] = $_GET['newyear'];	
 			$addParameter[':image'] = $_GET['newimg'];	
 			$stmt = $dbConn -> prepare($sql); //prepare
 			$stmt -> execute ($addParameter); //execute
 								
 							
 		}
 		
 		
 		
 		
 		echo 
 		"
 		
 			<form>
 			<div style='font-size:200%'> Search/Modify/Delete Submissions Below </div>
 				<input type='text' value='search by title' name='title'>
 				<input type='submit' value='submit!' name='submit'></br></br>

 			</form>
 		";
 		
 		
 		
 		
 		if(!empty($_GET['title']))
 		{
 	    	$sql = "SELECT title, description, mangaId, Year, image FROM fp_manga WHERE title = :title";
 			$namedParameters[':title'] = $_GET['title'];
 	    	$stmt = $dbConn -> prepare($sql); //prepare
 			$stmt -> execute ($namedParameters); //execute
 			$result2=$stmt->fetch(); //fetch	
 		}	
 			if(!empty($result2))
 			{
 				echo "<h3>" . $result2['title'] . "</h3>";
 				
 				echo "<div style = 'width:500px;'>" . $result2['description'] . "</div><br/>";
 				
 				echo 
 				"
 					<form>
 						<input type='hidden' value='" . $_GET['title'] . "' name='title'>
 						<input type='submit' value='modify' name='modify'>
 						<input type='submit' value='delete' name='delete'>
 						
 					</form>
 					
 					
 				";
 				

 				if(!empty($_GET['modify']))
 				{
 								
 					echo 
 					"
 						<form>
 							Modify description:</br>
 							<input type='hidden' value='" . $_GET['title'] . "' name='title'>
 							<input type='hidden' value='" . $_GET['modify'] . "' name='modify'>
 							<input type='text' value='" . $result2['description'] . "' name='newDescription'>
 							</br>Modify year:</br>
 							<input type='text' value='" . $result2['Year'] . "' name='newYear'>
 							</br>Modify image link:</br>
 							<input type='text' value='" . $result2['image'] . "' name='newImage'>
 							<input type='submit' value='change' name='change'>
 							
 						
 						</form>
 						
 					";
 				}	
 				if(!empty($_GET['change']))
 				{
 					$sql = "UPDATE fp_manga set description = :newDescription, Year = :newYear, image = :newImage WHERE title=:title";
 					$newParameter[':newDescription'] = $_GET['newDescription'];	
 					$newParameter[':title'] = $_GET['title'];
 					$newParameter[':newImage'] = $_GET['newImage'];
 					$newParameter[':newYear'] = $_GET['newYear'];
 					$stmt = $dbConn -> prepare($sql); //prepare
 					$stmt -> execute ($newParameter); //execute
 								
 							
 				}
 						
 				
 				
 			
 				if(!empty($_GET['delete']))
 				{
 								
 					echo 
 					"
 						<form>
 							
 							Are tou sure you want to delte?
 							<input type='hidden' value='" . $_GET['title'] . "' name='title'>
 							<input type='hidden' value='" . $_GET['delete'] ."' name='delete'>
 							
 							<input type='submit' value='yes' name='confirm'>
 							
 						
 						</form>
 						
 					";
 				}	
 						if(!empty($_GET['confirm']))
 						{
 								$sql = "delete from fp_manga where title = :del";
 								$delParameter[':del'] = $_GET['title'];	
 								$stmt = $dbConn -> prepare($sql); //prepare
 								$stmt -> execute ($delParameter); //execute
 								
 							
 						}	
 				

 				
 			}
 			else 
 			if(!empty($_GET['title']))
 			{
 				echo "Nothing found";
 			}
 		}
 		
 		
 	  
 	
 ?>

 <div id="img"></div>



diff --git a/Index.php b/Index.php
 <?php





 ?>
 <script src="https://code.jquery.com/jquery-1.10.2.js"></script>
 <script>
 	function get_title() 
    	{        
 	      $.ajax({
 	            type: "get",
 	            url: "search.php",
 	            dataType: "json",
 	            data: { "title" : $('#title').val()},
 	            success: function(data,status) {
 	            	if(data['title'] != null)
 	            	{
 		            	 $("#name").html(data['title']);
 		                 $("#content").html(data['description']);
 		                 $("#image").html("<img src= " + data['image'] + " width = '300px' />");
 		             //	 $("#popularity").html("Popularity: " +data['popularity']);
 		             	 $("#year").html("Year: " + data['Year']);
 	             	}
 	             	else 
 	             	$("#name").html("Nothing found!");
 	              },
 	            complete: function(data,status) { //optional, used for debugging purposes
 	                 
 	            }
 	         });
 	   }
 	
 	
 	
 </script>

 <head><link rel="stylesheet" type="text/css" href="css/style.css"></head>

 <body>
 	
 	<h1>ULTIMATE ANIME DATABASE</h1>
 	
 	Admin Login: (username: MrAwesome password: coolOne)</br>
 	<form action = "admin.php">
 		<input type="text" value = "administrator" name="username">
 		<input type="text" value = "password" name="password">
 		<input type = "submit" value= "submit!" name ="submit">
 	</form>
 	</br>
 	<h1>Search Below:</h1>
 	<form id="thisform">
 		<input type="text" value = "search here" name="title" id="title">
 		<input type = "submit" value= "submit!" name ="submit">
 	</form>
 	
 	
 	<div style='font-size:300%' id="name"></div>
 	<div id="image"></div>
 	<div style='font-size:150%; width:475px;' id="content"></div>
 	<div style='font-size:150%;' id="year"></div>
 	<div style='font-size:150%;' id="popularity"></div>
 	
 	
 	
 	<script>$("#thisform").submit(function(event) {event.preventDefault();
 											get_title();
 												})</script>
 </body>
diff --git a/search.php b/search.php


 <?php
 require '../dbConnection.php';
 $dbConn=getConnection();

 if(!empty($_GET['title']))
 		{
 		
 		
 	    	$sql = "SELECT title, description, mangaId, image, Year FROM fp_manga WHERE title = :title";
 			$namedParameters[':title'] = $_GET['title'];
 	    	$stmt = $dbConn -> prepare($sql); //prepare
 			$stmt -> execute ($namedParameters); //execute
 			$result=$stmt->fetch(); //fetch	
 			
 			$sql = "INSERT INTO `hart4492`.`fp_activity` (`searchId`, `title`) VALUES (NULL, :title);";
 	    	$stmt = $dbConn -> prepare($sql); //prepare
 			$stmt -> execute ($namedParameters); //execute
 			
 	
 			
 			/*
 			if(isset($result))
 			{
 				echo "<h3>" . $result['title'] . "</h3>";
 				
 				echo $result['description'] . "<br/>";
 			}
 				
 			}
 			else {
 				echo "Nothing found";
 			}
 <!--
 <form action = "search.php">
 		<input type="text" value = "search here" name="title">
 		<input type = "submit" value= "submit!" name ="submit">
 	</form>
 	
 	
 </form>  !-->

 */			
 			
 			echo json_encode($result);
 			}
 ?>
diff --git a/style.css b/style.css


 @import url("http://fonts.googleapis.com/css?family=Just+Me+Again+Down+Here");

 body{	background-image: url("../back2.png");
 background-color: #23C4A4; color: white; font-family: 'Just Me Again Down Here', cursive;}

	<link rel="stylesheet" type="text/css" href="css/style.css">
	<?php
	session_start();
	require '../dbConnection.php';
	$dbConn = getConnection();
	$password = $_GET['password'];
	$username = $_GET['username'];


	$sql = "SELECT * FROM fp_admin where password = :password AND username = :username";
	$namedParameters = array();
	$namedParameters[':password'] = $password;
	$namedParameters[':username'] = $username;
	$stmt = $dbConn->prepare($sql);
	$stmt->execute($namedParameters);
	$result = $stmt->fetch();

	if(empty($result))
	{
	header("Location: index.php");

	}
	else
	{
	$_SESSION['admin'] = true;
	header("Location: edit.php");
	}

	?>
	<link rel="stylesheet" type="text/css" href="css/style.css">
	<script src="https://code.jquery.com/jquery-1.10.2.js"></script>
	<?php
	session_start();
	require '../dbConnection.php';


	$dbConn=getConnection();



	if($_SESSION['admin']==true)
	{
	$sql = "SELECT count(title) number FROM fp_manga where 1";
	$stmt = $dbConn -> prepare($sql); //prepare
	$stmt -> execute ();
	$result=$stmt->fetch(); //fetch
	echo "<span style='font-size:140%'>" . $result['number'] . " mangas in library</span></br>";

	$sql = "SELECT count(searchId) number FROM fp_activity where 1";
	$stmt = $dbConn -> prepare($sql); //prepare
	$stmt -> execute ();
	$result=$stmt->fetch(); //fetch
	echo "<span style='font-size:140%'>" . $result['number'] . " user searches</span></br>";

	echo
	"
	<div style='font-size:200%'> Add Submission Below </div>
	<form>
	<input type='text' value='add title' name='newtitle'>
	<input type='text' value='new description' name='newdesc'></br>
	<input type='text' value='new year' name='newyear'>
	<input type='text' value='new image URL' name='newdimg'>
	<input type='submit' value='submit!' name='submit'></br></br>

	</form>
	";

	if(!empty($_GET['newtitle']))
	{
	$sql = "INSERT INTO `hart4492`.`fp_manga` (`mangaId`, `title`, `description`, 'Year', 'image') VALUES (NULL, :newtitle, :newdesc, :year, :image);";
	$addParameter[':newtitle'] = $_GET['newtitle'];
	$addParameter[':newdesc'] = $_GET['newdesc'];
	$addParameter[':year'] = $_GET['newyear'];
	$addParameter[':image'] = $_GET['newimg'];
	$stmt = $dbConn -> prepare($sql); //prepare
	$stmt -> execute ($addParameter); //execute


	}




	echo
	"

	<form>
	<div style='font-size:200%'> Search/Modify/Delete Submissions Below </div>
	<input type='text' value='search by title' name='title'>
	<input type='submit' value='submit!' name='submit'></br></br>

	</form>
	";




	if(!empty($_GET['title']))
	{
	$sql = "SELECT title, description, mangaId, Year, image FROM fp_manga WHERE title = :title";
	$namedParameters[':title'] = $_GET['title'];
	$stmt = $dbConn -> prepare($sql); //prepare
	$stmt -> execute ($namedParameters); //execute
	$result2=$stmt->fetch(); //fetch
	}
	if(!empty($result2))
	{
	echo "<h3>" . $result2['title'] . "</h3>";

	echo "<div style = 'width:500px;'>" . $result2['description'] . "</div><br/>";

	echo
	"
	<form>
	<input type='hidden' value='" . $_GET['title'] . "' name='title'>
	<input type='submit' value='modify' name='modify'>
	<input type='submit' value='delete' name='delete'>

	</form>


	";


	if(!empty($_GET['modify']))
	{

	echo
	"
	<form>
	Modify description:</br>
	<input type='hidden' value='" . $_GET['title'] . "' name='title'>
	<input type='hidden' value='" . $_GET['modify'] . "' name='modify'>
	<input type='text' value='" . $result2['description'] . "' name='newDescription'>
	</br>Modify year:</br>
	<input type='text' value='" . $result2['Year'] . "' name='newYear'>
	</br>Modify image link:</br>
	<input type='text' value='" . $result2['image'] . "' name='newImage'>
	<input type='submit' value='change' name='change'>


	</form>

	";
	}
	if(!empty($_GET['change']))
	{
	$sql = "UPDATE fp_manga set description = :newDescription, Year = :newYear, image = :newImage WHERE title=:title";
	$newParameter[':newDescription'] = $_GET['newDescription'];
	$newParameter[':title'] = $_GET['title'];
	$newParameter[':newImage'] = $_GET['newImage'];
	$newParameter[':newYear'] = $_GET['newYear'];
	$stmt = $dbConn -> prepare($sql); //prepare
	$stmt -> execute ($newParameter); //execute


	}




	if(!empty($_GET['delete']))
	{

	echo
	"
	<form>

	Are tou sure you want to delte?
	<input type='hidden' value='" . $_GET['title'] . "' name='title'>
	<input type='hidden' value='" . $_GET['delete'] ."' name='delete'>

	<input type='submit' value='yes' name='confirm'>


	</form>

	";
	}
	if(!empty($_GET['confirm']))
	{
	$sql = "delete from fp_manga where title = :del";
	$delParameter[':del'] = $_GET['title'];
	$stmt = $dbConn -> prepare($sql); //prepare
	$stmt -> execute ($delParameter); //execute


	}



	}
	else
	if(!empty($_GET['title']))
	{
	echo "Nothing found";
	}
	}




	?>

	<div id="img"></div>
	<?php





	?>
	<script src="https://code.jquery.com/jquery-1.10.2.js"></script>
	<script>
	function get_title()
	{
	$.ajax({
	type: "get",
	url: "search.php",
	dataType: "json",
	data: { "title" : $('#title').val()},
	success: function(data,status) {
	if(data['title'] != null)
	{
	$("#name").html(data['title']);
	$("#content").html(data['description']);
	$("#image").html("<img src= " + data['image'] + " width = '300px' />");
	// $("#popularity").html("Popularity: " +data['popularity']);
	$("#year").html("Year: " + data['Year']);
	}
	else
	$("#name").html("Nothing found!");
	},
	complete: function(data,status) { //optional, used for debugging purposes

	}
	});
	}



	</script>

	<head><link rel="stylesheet" type="text/css" href="css/style.css"></head>

	<body>

	<h1>ULTIMATE ANIME DATABASE</h1>

	Admin Login: (username: MrAwesome password: coolOne)</br>
	<form action = "admin.php">
	<input type="text" value = "administrator" name="username">
	<input type="text" value = "password" name="password">
	<input type = "submit" value= "submit!" name ="submit">
	</form>
	</br>
	<h1>Search Below:</h1>
	<form id="thisform">
	<input type="text" value = "search here" name="title" id="title">
	<input type = "submit" value= "submit!" name ="submit">
	</form>


	<div style='font-size:300%' id="name"></div>
	<div id="image"></div>
	<div style='font-size:150%; width:475px;' id="content"></div>
	<div style='font-size:150%;' id="year"></div>
	<div style='font-size:150%;' id="popularity"></div>



	<script>$("#thisform").submit(function(event) {event.preventDefault();
	get_title();
	})</script>
	</body>


	@import url("http://fonts.googleapis.com/css?family=Just+Me+Again+Down+Here");

	body{ background-image: url("../back2.png");
	background-color: #23C4A4; color: white; font-family: 'Just Me Again Down Here', cursive;}