Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
A
A
Andrey2017-06-19 16:15:29
CMS
Andrey, 2017-06-19 16:15:29

How to insert a script tag into a page template?

The crux of the matter: have your own bike that connects the page template and the page itself. The specific script code will be below.
However, this script refuses point-blank to save the page if there are third-party scripts in the code.
How to insert lines with scripts into a template?

Template code. Inside is an empty script tag. Doesn't save when completed
<html>
<head>
<title>Начаркина Ирина Александровна</title>
</head>
<body bgcolor=#E0E0E0 onload="startTime()"><center>
<table border=0 width=90% bgcolor=#B939D4>
<tr height=10>
<td colspan=3>
</td>
</tr>
<tr height=40>
<td>

</td> 
<td width=15% bgcolor=#A031B7>
<font color=#FFFFFF face="Century Gothic"></font>
</td> 
<td width=15% bgcolor=#A031B7>
<font color=#FFFFFF face="Century Gothic"></font>
</td> 
</tr>
<tr height=200>
<td colspan=3 align="left" valign="middle">
<table bgcolor=#A031B7 width=55% height=150>
<tr>
<td align=center>
<font color=#FFFFFF face="Comic Sans MS" size=6>Начаркина Ирина Александровна</font>
<br><br>
<font color=#FFFFFF face="Comic Sans MS" size=4>Учитель начальных классов МОУ "Средняя школа №37"</font>
</td>
</tr>
</table>
</td>
</tr>
</table>
<br>
<table border=0 width=90% cellspacing="0" >
<tr>
<td  width=24% bgcolor=#45D2B8 valign=top><br><br><center>
<script type=text/javascript></script>
</center>
</td>
<td  width=2% bgcolor=#FFFFFF>
</td>
<td height=450 bgcolor=#FFFFFF valign="top"><br>

<br><br>
</td>
<td width=2% bgcolor=#FFFFFF>
</td>
</tr>

</table>
</center>
<br><br>
</body>
</html>


Actually a line.
<script type=text/javascript src='http://www.estpovod.ru/informer_show2.php?news_cnt=5&inf_width=250&bg=45D2B8&csp=1&cpd=4&fsz=18&bg1=45D2B8&fcl1=0066FF&fsz1=16&bg2=FFFFFF&fcl=0066FF&fsz2=16&wt=on&show_dat=&wt1=&grp=10&new=on'></script>

The code of the script itself
<?php
include ('../db.php');
include ('config.inc.php');
$title="Редактирование";
$LINK = mysqli_connect($SQLSERVER, $SQLUSER, $SQLPASSWORD,$SQLBASE) or die(mysqli_error($LINK));
mysqli_query($LINK,"SET NAMES 'utf8'");
mysqli_query($LINK,"SET CHARACTER SET 'utf8'");

$footer="</body></html>";

$type = 'page';
if (isset($_GET['type'])) {
    $type = $_GET['type'];
}
$item="";
if (isset($_GET['item'])) {
    $item = $_GET['item'];
};

$array = array();
$response = GetId($item,$LINK);

include ('panel.inc.php');

$p_id = $item;
if (isset($_POST['type'])) {
        switch ($_POST['type']) {
            case 'page':
        $response = GetId($_POST['id'],$LINK);
        $array = mysqli_fetch_assoc($response);
                $p_name = $_POST['name'];
                $p_cnt =$_POST['content'];
                $p_template =$_POST['template'];
                $p_id =$_POST['id'];
                if ($array['id']=="") {
                    $response = AddPage($p_id,$p_name,$p_template,$p_cnt,$LINK);
          $item = $p_id;
                } else {
                    $response = ModifyPage($p_id,$p_name,$p_template,$p_cnt,$LINK);
                }
                break;
            case 'template':
      $response = TemplateCheck($_POST['id'],$LINK);
        $array = mysqli_fetch_assoc($response);
                $p_cnt =$_POST['content'];
                $p_id =$_POST['id'];
                if ($array['id']=="") {
                    AddTemplate($p_id,$p_cnt,$LINK);
                } else {
                    ModifyTemplate($p_id,$p_cnt,$LINK);
                }
                break;
            case 'block':
      $response = GetRealChankId($_POST['id'],$LINK);
        $array = mysqli_fetch_assoc($response);
                $p_cnt =$_POST['content'];
                $p_id =$_POST['id'];
                if ($array['id']=="") {
                    AddChank($p_id,$p_cnt,$LINK);
                } else {
                    ModifyChank($p_id,$p_cnt,$LINK);
                }
      default :
        break;
        }
        $type = $_POST['type'];
        $item = $_POST['id'];
    
}

switch ($type) {
    case 'page':
        $response = GetId($item,$LINK);
        $response = GetTemplateId($item,$LINK);
        $array = mysqli_fetch_assoc($response);
        $idt = $array['template'];
        $response = GetPageName($item,$LINK);
        $array = mysqli_fetch_assoc($response);
        $name = $array['name'];
        $response = GetIdContent($item,$LINK);
        $array = mysqli_fetch_assoc($response);
        $content = $array['content'];
        break;
    case 'template':
        $response = GetTemplate($item,$LINK);
        $array = mysqli_fetch_assoc($response);
        $content = $array['content'];
        break;
    case 'block':
        $response = GetChank($item,$LINK);
        $array = mysqli_fetch_assoc($response);
        $content = $array['content'];
        break;
}

echo '<div align="center">';
echo '<form action="edit.php" method="post" id="mainform">';
echo '<table width="80%" border="1">';
echo '<tr>';
echo '<td height="120px" align="center"><label>Идентификатор: </label></td>';
echo '<td align="center"><input type="text" name="id" value="'.$item.'"></td>';
echo '</tr>';

if ($type=='page') {
    echo '<tr>';
    echo '        <td height="120px" align="center"><label>Имя страницы: </label></td>';
    echo '        <td align="center"><input type="text" name="name" value="'.$name.'"></td>';
    echo '    </tr>';
    echo '    <tr>';
    echo '        <td height="120px" align="center"><label>Шаблон: </label></td>';
    echo '        <td align="center"><input type="text" name="template" value="'.$idt.'"></td>';
    echo '    </tr>';
};
echo ' <tr>';
echo '        <td colspan="2" align="center">';
echo '             <textarea id="mytextbox" form="mainform" name="content" style="height: 450px; width: 900px" value="">'.$content.'</textarea>';
echo '         </td>';
echo '     </tr>';

echo '<tr>';
echo '        <td colspan="2" align="center">';
echo '    <br><br>';
echo '      <input type="hidden" name="item" value="'.$item.'">';
echo '      <input type="hidden" name="type" value="'.$type.'">';
echo '        <input type="submit" class="btn" value="Сохранить" width="80">';
echo '    </table>';
echo '    </form>';
echo '    <form action="index.php" method="get">';
echo '        <input type="hidden" name="id" value="'.$type.'">';
echo '       <input type="submit" class="btn" value="Закрыть" width="80">';
echo '    </form>';
echo '   </div>';


echo $footer;

?>

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

1 answer(s)
Report
B
Boris Korobkov, 2017-06-19
@BorisKorobkov

return mysqli_query($LINK,'UPDATE template SET content=\''.$content'\' WHERE id = \''.$identificator.'\'');

When $content contains a single quote, the result is invalid SQL, which is obviously not executed. And the old version of the template is shown on the screen.
Use PDO or at least mysql_real_escape_string

Similar questions
D
Degibenz2011-01-31 18:06:19
Ready-made CMS or self-written? 17Reply
A
Andrey2021-06-09 19:05:36
Where is the head code in amiro cms? 0Reply
M
MoyMirok2021-06-10 17:24:25
Why is Umbraco CMS not installing? 1Reply
O
oleg_druzhkov2015-09-30 09:09:58
How to set up an exchange with 1C? 0Reply
E
eugene1592020-04-18 00:35:14
What is the best CMS to choose for creating online stores in 2020 with the following features (see inside)? 3Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question