Zedd
06-23-2004, 02:38 PM
I'm trying to build an admin page for a book appendix that will give me a front-end to modify appendix content (MySQL-based). I would like to use the vB admin control panel to do this, so that I can base permissions on existing user logins, rather than write an entire app just for the appendix.
I have added the ./global.php and permissions check from the admin pages to my own, but I have one of two problems, depending on how I code (PHP) the rest of the page:
1) The PHP does not parse at all
2) The admin login runs every time I try to pass a value to MySQL
Here's the admincp code I used:
// ######################## SET PHP ENVIRONMENT ###########################
error_reporting(E_ALL & ~E_NOTICE);
// ##################### DEFINE IMPORTANT CONSTANTS #######################
define('CVS_REVISION', '$RCSfile: forum.php,v $ - $Revision: 1.83 $');
define('NO_REGISTER_GLOBALS', 1);
// #################### PRE-CACHE TEMPLATES AND DATA ######################
$phrasegroups = array('forum', 'cpuser');
$specialtemplates = array();
// ########################## REQUIRE BACK-END ############################
require_once('./global.php');
// ######################## CHECK ADMIN PERMISSIONS #######################
if (!can_administer('canadminforums'))
{
print_cp_no_permission();
}
And here's a sample of PHP script from my page:
if (isset($HTTP_POST_VARS['Search'])) {
$colname_Search = (get_magic_quotes_gpc()) ? $HTTP_POST_VARS['Search'] : addslashes($HTTP_POST_VARS['Search']);
$query_Search = sprintf("SELECT * FROM tablename WHERE Field_1 LIKE '%%%s%%' OR Field_2 LIKE '%%%s%%' ORDER BY Field_0 ASC", $colname_Search, $colname_Search);
$Search = mysql_query($query_Search) or die(mysql_error());
$totalRows_Search = mysql_num_rows($Search);
echo "Your search for \"<i>$colname_Search</i>\" yielded <b>$totalRows_Search</b> results as follows:<br>
<table width=\"100%\" border=\"0\" cellspacing=\"0\" cellpadding=\"2\">
<tr style=\"font-weight: bold\">
<td width=\"25%\" nowrap valign=\"top\">Topic</td>
<td>Description</td>
<td>From</td>
</tr>
<tr><td colspan=\"3\" height=\"3\" style=\"background: #AA0000\"></tr>
<tr>";
while ($row_Search = mysql_fetch_assoc($Search)) {
echo " <tr>
<td width=\"25%\" nowrap valign=\"top\">".$row_Search['Field_1']."</td>
<td>".$row_Search['Field_2']."</td>
<td color=\"#AAAAAA\" nowrap valign=\"top\"><i>".$row_Search['Field_3']."</i></td>
</tr>
<tr><td colspan=\"3\" style=\"background: #666666\"></td></tr>
<tr>";
}
echo "</table>";
mysql_free_result($Search);
}
Am I doing this the hard way? How would I go about wrapping my page into the vB admin control panel? Can I use the vB admin security, and still build my own MySQL queries?
You can see the working appendix here (http://www.prophets-inc.com/appendix.php), but it's not wrapped into vB like the admin page would be. Any ideas would be greatly appreciated.
I have added the ./global.php and permissions check from the admin pages to my own, but I have one of two problems, depending on how I code (PHP) the rest of the page:
1) The PHP does not parse at all
2) The admin login runs every time I try to pass a value to MySQL
Here's the admincp code I used:
// ######################## SET PHP ENVIRONMENT ###########################
error_reporting(E_ALL & ~E_NOTICE);
// ##################### DEFINE IMPORTANT CONSTANTS #######################
define('CVS_REVISION', '$RCSfile: forum.php,v $ - $Revision: 1.83 $');
define('NO_REGISTER_GLOBALS', 1);
// #################### PRE-CACHE TEMPLATES AND DATA ######################
$phrasegroups = array('forum', 'cpuser');
$specialtemplates = array();
// ########################## REQUIRE BACK-END ############################
require_once('./global.php');
// ######################## CHECK ADMIN PERMISSIONS #######################
if (!can_administer('canadminforums'))
{
print_cp_no_permission();
}
And here's a sample of PHP script from my page:
if (isset($HTTP_POST_VARS['Search'])) {
$colname_Search = (get_magic_quotes_gpc()) ? $HTTP_POST_VARS['Search'] : addslashes($HTTP_POST_VARS['Search']);
$query_Search = sprintf("SELECT * FROM tablename WHERE Field_1 LIKE '%%%s%%' OR Field_2 LIKE '%%%s%%' ORDER BY Field_0 ASC", $colname_Search, $colname_Search);
$Search = mysql_query($query_Search) or die(mysql_error());
$totalRows_Search = mysql_num_rows($Search);
echo "Your search for \"<i>$colname_Search</i>\" yielded <b>$totalRows_Search</b> results as follows:<br>
<table width=\"100%\" border=\"0\" cellspacing=\"0\" cellpadding=\"2\">
<tr style=\"font-weight: bold\">
<td width=\"25%\" nowrap valign=\"top\">Topic</td>
<td>Description</td>
<td>From</td>
</tr>
<tr><td colspan=\"3\" height=\"3\" style=\"background: #AA0000\"></tr>
<tr>";
while ($row_Search = mysql_fetch_assoc($Search)) {
echo " <tr>
<td width=\"25%\" nowrap valign=\"top\">".$row_Search['Field_1']."</td>
<td>".$row_Search['Field_2']."</td>
<td color=\"#AAAAAA\" nowrap valign=\"top\"><i>".$row_Search['Field_3']."</i></td>
</tr>
<tr><td colspan=\"3\" style=\"background: #666666\"></td></tr>
<tr>";
}
echo "</table>";
mysql_free_result($Search);
}
Am I doing this the hard way? How would I go about wrapping my page into the vB admin control panel? Can I use the vB admin security, and still build my own MySQL queries?
You can see the working appendix here (http://www.prophets-inc.com/appendix.php), but it's not wrapped into vB like the admin page would be. Any ideas would be greatly appreciated.