am new to PHP and I am having a problem removing a password restriction
from a simple Text Updater script (below). I have a bunch of files that need
to be protected and I am planning to use .htaccess, but this script calls
for the password to be input before allowing the update (redundant for my
purposes). Any help would be very much appreciated. Thank you. My e-mail
address is [EMAIL PROTECTED]
<?php
include("/publik/websites/petalchamber.com/cgi-pchamber/disaster.cgi");
if(phpversion()>="4.1.0"){
extract($_POST);
extract($_GET);
extract($_SERVER);
}
$lines = @file($logfile);
if ($action) {
if ($REQUEST_METHOD != "POST") die("Invalid posting.");
if (!$pass) die("Please input password.");
if (isset($pass) && $pass != $password) die("Incorrect password.");
}
switch ($action) {
case 'prev':
if (empty($com)) $err="<b>Please input text</b>";
if (get_magic_quotes_gpc()) {
$com = stripslashes($com);
}
$com = str_replace("\r\n", "\r", $com);
$com = str_replace("\r", "\n", $com);
$com = str_replace("\n\n", "</p><p>", $com);
$com = str_replace("\n", "<br>", $com);
$com = str_replace("\t", " ", $com);
echo $com;
echo <<<EOB
<b>$err</b>
<table><tr><td>
<form action="$PHP_SELF" method="POST">
<input type=hidden name=action value=update>
<input type=hidden name=pass value="$pass">
<input type=hidden name=com value='$com'>
<input type=hidden name=wtime value="$utime">
<input type=hidden name=lineno value="$lineno">
<input type=submit value="Update"></form>
</td><td>
<form action="$PHP_SELF" method="POST">
<input type=hidden name=action value=edit>
<input type=hidden name=pass value="$pass">
<input type=hidden name=ecom value='$com'>
<input type=submit value="BACK"></form>
</td></tr></table>
</body></html>
EOB;
break;
### UPDATING LOG FILE ###
case 'update':
if (get_magic_quotes_gpc()) {
$com = stripslashes($com);
}
$fp = fopen($logfile, "w");
flock($fp, LOCK_EX);
fputs($fp, $com);
fclose($fp);
echo <<<EOF
<form action="$PHP_SELF" method="POST">
Successfully updated.<br>
<input type=hidden name=action value=admin>
<input type=hidden name=pass value="$pass">
<input type=submit value="BACK"></form>
</td></tr></table><hr>
EOF;
break;
### UPDATING LOG FILE ###
case 'edit':
if (get_magic_quotes_gpc()) {
$ecom = stripslashes($ecom);
$ecom = str_replace("<br>", "\n", $ecom);
$ecom = str_replace("</p><p>", "\n\n", $ecom);
}
case 'admin':
$ecom = $lines[0];
$tcom = $ecom;
if (get_magic_quotes_gpc()) {
$ecom = str_replace("<br>", "\n", $ecom);
$ecom = str_replace("</p><p>", "\n\n", $ecom);
}
// TEXT FORM
echo <<<EOD
<form action="$PHP_SELF" method="POST">
<input type=hidden name=action value=prev>
<input type=hidden name=pass value="$pass">
<input type=hidden name=lineno value="$etime">
<table>
<tr><td><b>TEXT FORM</b></td></tr>
<tr><td align=left>
<textarea name="com" cols="76" rows="20">$ecom</textarea></td></tr>
<tr><td><input type=submit value="Preview">
<input type=reset value="clear"></form>
</td></tr></table><hr>
EOD;
break;
default:
$ecom = $lines[0];
$tcom = $ecom;
echo "<p><form action=\"$PHP_SELF\" method=POST>
<input type=hidden name=action value=admin>
<input type=password name=pass size=10>
<input type=submit value=\"ADMIN\"></form></p>";
echo $tcom;
}
;
?>
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
