Hi, i just created a page where i can access my phpadmin through. the problem is that, it has no security, which means who ever know's the url: can abuse it.
is there a way for me to add something like "You are not admin."
Here's my script.
PHP Code:
<?php
$connect = mysql_connect("localhost","root","pw") or die (mysql_error());
mysql_select_db("db")or die (mysql_error());
$Query = mysql_query("SELECT * FROM members ORDER BY setname DESC");
?>
<head>
<title>Untitled Document</title>
</head>
<body>
<style type="text/css">
table {border-collapse:collapse;}
table td, table th {border:1px #000 solid; padding:5px;}
</style>
<table width="500" border="1" cellpadding="2" cellspacing="0" bordercolor="#CCCCCC">
<tr>
<td>Edit</td>
<td>Delete</td>
<td>User ID</td>
<td>Username </td>
<td>Password</td>
<td>wins</td>
<td>loses</td>
</tr>
<?php
while ($Result = mysql_fetch_assoc($Query))
{
?>
<tr>
<td><a href="edit.php?uid=<?php echo $Result['id'];?>">Edit</a></td>
<td><a href="delete.php?uid=<?php echo $Result['id']?>">Delete</a></td>
<td><?php echo $Result['id']?></td>
<td><?php echo $Result['setname']?></td>
<td><?php echo $Result['password']?></td>
<td><?php echo $Result['wins']?></td>
<td><?php echo $Result['loses']?></td>
</tr>
<?php
}
?>
</table>
</body>
</html>
|
