prepare("SELECT `LinkID`, `ContentID`, `Nickname` FROM Links");
$stmt1->bind_result($linkid, $contentid, $nickname);
$stmt1->execute();
$stmt1->store_result();
$out = "
";
echo $out;
}
if ($action == "deletelink" && !empty($_POST["id"])){
$stmt2 = $mysqli->prepare("DELETE FROM Links WHERE `LinkID` = ?");
$stmt2->bind_param('s', $_POST["id"]);
$stmt2->execute();
$stmt2->store_result();
}
if ($action == "addlink" && !empty($_POST["id"]) && !empty($_POST["contentid"]) && !empty($_POST["nickname"])){
$stmt3 = $mysqli->prepare("INSERT INTO Links (`LinkID`, `ContentID`, `Nickname`) VALUES (?, ?, ?);");
$stmt3->bind_param('sss', $_POST["id"], $_POST["contentid"], $_POST["nickname"]);
$stmt3->execute();
$stmt3->store_result();
}
if ($action == "getcontent"){
$stmt4 = $mysqli->prepare("SELECT `ContentID`, `Content` FROM Content");
$stmt4->bind_result ($contentid, $content);
$stmt4->execute();
$stmt4->store_result();
$out = "";
echo $out;
}
if ($action == "deletecontent" && !empty($_POST["id"])){
$stmt5 = $mysqli->prepare("DELETE FROM Content WHERE `ContentID` = ?");
$stmt5->bind_param('s', $_POST["id"]);
$stmt5->execute();
$stmt5->store_result();
}
if ($action == "addcontent" && !empty($_POST["id"]) && !empty($_POST["content"])){
$stmt6 = $mysqli->prepare("INSERT INTO Content (`ContentID`, `Content`) VALUES (?, ?);");
$stmt6->bind_param('ss', $_POST["id"], $_POST["content"]);
$stmt6->execute();
$stmt6->store_result();
}
if ($action == "setlink" && !empty($_POST["id"]) && !empty($_POST["contentid"]) && !empty($_POST["nickname"]) && !empty($_POST["idwhere"])){
$stmt9 = $mysqli->prepare("UPDATE Links SET `LinkID` = ?, `ContentID` = ?, `Nickname` = ? WHERE `LinkID` = ?;");
$stmt9->bind_param('ssss', $_POST["id"], $_POST["contentid"], $_POST["nickname"], $_POST["idwhere"]);
$stmt9->execute();
$stmt8->store_result();
}
if ($action == "setcontent" && !empty($_POST["id"]) && !empty($_POST["content"]) && !empty($_POST["idwhere"])){
$stmt8 = $mysqli->prepare("UPDATE Content SET `ContentID` = ?, `Content` = ? WHERE `ContentID` = ?;");
$stmt8->bind_param('sss', $_POST["id"], $_POST["content"], $_POST["idwhere"]);
$stmt8->execute();
$stmt8->store_result();
}
if ($action == "getlog"){
$idcko = $_POST["id"];
if (empty($idcko)||$idcko == "*"){
$query = "SELECT `ID`, `Action`, `LinkID`, `ContentID`, `Datetime`, `Timestamp`, `Nickname`, `IP` FROM Logs";
$stmt7 = $mysqli->prepare($query);
}
else{
$query = "SELECT `ID`, `Action`, `LinkID`, `ContentID`, `Datetime`, `Timestamp`, `Nickname`, `IP` FROM Logs WHERE `LinkID` = ? OR ContentID = ? OR Nickname = ?";
$stmt7 = $mysqli->prepare($query);
$stmt7->bind_param("sss", $idcko, $idcko, $idcko);
}
$stmt7->bind_result ($rowidx, $actionx, $linkidx, $contentidx, $datetimex, $timestampx, $nicknamex, $ipx);
$stmt7->execute();
$stmt7->store_result();
$out = "Action | Date and Time | Nickname | Link | Content | IP | Button |
";
while ($stmt7->fetch()) {
$action = htmlspecialchars($actionx);
$link = htmlspecialchars($linkidx);
$content = htmlspecialchars($contentidx);
$nickname = htmlspecialchars($nicknamex);
$ip = htmlspecialchars($ipx);
$rowid = htmlspecialchars($rowidx);
$datetime = htmlspecialchars($datetimex);
$out = $out . "$action | $datetime | $nickname | $link | $content | $ip | |
";
}
$out = $out . "
";
echo $out;
}
if ($action == "clrlog" && !empty($_POST["id"])){
$idcko = $_POST["id"];
if (empty($idcko)||$idcko == "*"){
$query = "DELETE FROM Logs";
$stmt10 = $mysqli->prepare($query);
}
else{
$query = "DELETE FROM Logs WHERE `ID` = ?";
$stmt10 = $mysqli->prepare($query);
$stmt10->bind_param("i", $idcko);
}
$stmt10->execute();
$stmt10->store_result();
}
}
else{
echo "ERROR";
}
?>