Answer the question
In order to leave comments, you need to log in
How can I check for the page owner with this code?
Of course, I understand that all this is g **** code, but this is my first project in php
. In general, the question is this. How can I make the write field on the page visible only to its owner?
Can this be done with my code? I just climbed on all sorts of forums, but everything is not right there ...
<?php
session_start();
include_once "core/engine/session.php";
include_once "core/connect/database.php";
if(!isset($_GET["id"])){
$id = $_SESSION["user_id"];
}
else{
$id = $_GET["id"];
}
$result = mysql_query("SELECT * FROM users WHERE id='$id'") or die(mysql_error()) ;
$users = mysql_fetch_array($result);
do{
printf('
<head>
<title>%s</title>
<meta http-equiv="Content-Type" content="text/html; charset=windows-1251">
<link rel="stylesheet" href="templates/Default/user/avatar.css" />
<link rel="stylesheet" href="templates/css/style.css" />
</head>
<body style="background: url(%s); no-repeat; background-size: cover;">
<div class="avatar_area">
<img src="%s" />
<div class="name">
<a href="/user?id=%s">%s</a>
</div>
<div class="menu">
<ul class="l1">
<li><a href="/settings">Настройки</a></li>
<li><a href="/news">Новости</a></li>
<li><a>Сообщения</a></li>
<li><a href="/mobile?act_logout=1">Выход</a></li>
</ul>
<div class="wall_post">
<form method="post" action="send_post.php">
<table>
<tr>
<td><input type="text" name="wall_post" placeholder="Что нового?" required /></td>
</tr>
<tr>
<td><center><input type="submit" name="submit" value="Отправить" /></center></td>
</tr>
</table>
</form>
</div>
</div>
</div>
</body>
',$users["username"], $users['background'], $users["avatar"], $users["id"], $users["username"]);
}
while($users = mysql_fetch_array($result));
?>
Answer the question
In order to leave comments, you need to log in
It's not that this is shit code or in XSS, but that you are using functions that are no longer in PHP.
Do not output the entire html at once, in the place where you have the field to write, do another if with the owner check
. In general, they use not printf here, but the output buffer, but you can google it yourself.
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question