0

I found this script for adding and deleting users on the internet and I tweaked it to make it work for my uses. I understand that this script is vulnerable to sql injection and that mysql_* is depreciated, but for my purposes it doesn't matter as this will never be released in a live environment.

I am unable to delete any records. I also want to remove the add user functionality, for if a new user is to be created they can just use the registration page I have created.

Here are the scripts:

<?php //admin.php
session_start();
$user = $_SESSION['username'];
include ("connection.php");

$get = mysql_query ("SELECT * FROM Users WHERE username='$user'");
while ($row = mysql_fetch_assoc($get))
{
$admin = $row['admin']; 
}

if ($admin==0)
die("Your not an ADMIN!");
?>

Next Script:

<?php//conection.php
$mysql_hostname = "localhost";
$mysql_user = "root";
$mysql_password = "";
$mysql_database = "ninjaz_gaming";
$prefix = "";
$bd = mysql_connect($mysql_hostname, $mysql_user, $mysql_password) or die("Could not connect database");
mysql_select_db($mysql_database, $bd) or die("Could not select database");
?>

Remove and update users script:

<?php//urmuser.php
include('admin.php');
include('connection.php');

if (isset($_POST['id']) &&
isset($_POST['username']) &&
isset($_POST['password']) &&
isset($_POST['email']) &&
isset($_POST['birth']) &&
isset($_POST['age']) &&
isset($_POST['ircts3']) &&
isset($_POST['game']) &&
isset($_POST['gender']) &&
isset($_POST['name']) &&
isset($_POST['admin']))

{
$id = get_post('id');
$username = get_post('username');
$password = get_post(md5('password'));
$email = get_post('email');
$birth = get_post('birth');
$age = get_post('age');
$ircts3 = get_post('ircts3');
$game = get_post('game');
$gender = get_post('gender');
$name = get_post('name');
$administrator = get_post('admin');

if (isset($_POST['delete']) && $id != "") 
{
$query = "DELETE FROM Users WHERE id='$id'";

if (!mysql_query($query, $bd))
echo "DELETE failed: $query<br />" .
mysql_error() . "<br /><br />";
}
else
{
$query = "INSERT INTO Users VALUES" .
"('$id', '$username', '$password', '$email', '$birth', '$age', '$ircts3', '$game',    '$gender', '$name'. '$administrator')";

if (!mysql_query($query, $bd))
echo "INSERT failed: $query<br />" .
mysql_error() . "<br /><br />";
}
}

echo <<<_END
<form action="urmuser.php" method="post"><pre>
Id: <input type="text" name="id" />
Username: <input type="text" name="username" />
Password: <input type="text" name="password" />
E-mail: <input type="text" name="email" />
Birth Year: <input type="text" name="birth" />
Age: <input type="text" name="age" />
IRCTS3: <input type="text" name="ircts3" />
Game: <input type="text" name="game" />
Gender: <input type="text" name="gender" />
Name: <input type="text" name="name" />
Admin: <input type="text" name="admin" />
<input type="submit" value="ADD USER" />
</pre></form>
_END;

$query = "SELECT * FROM Users";
$result = mysql_query($query);

if (!$result) die ("Database access failed: " . mysql_error());
$rows = mysql_num_rows($result);

for ($j = 0 ; $j < $rows ; ++$j)
{
$row = mysql_fetch_row($result);
echo <<<_END
<pre>
Id: $row[0]
Username: $row[1]
Password: $row[2]
Email: $row[3]
Birth: $row[4]
Age: $row[5]
IRCTS3: $row[6]
Fav Game: $row[7]
Gender: $row[8]
Name: $row[9]
Admin: $row[10]
</pre>
<form action="urmuser.php" method="post">
<input type="hidden" name="delete" value="yes" />
<input type="hidden" name="id" value="$row[0]" />
<input type="submit" value="DELETE USER" /></form>
_END;
}

mysql_close($bd);

function get_post($var)
{
return mysql_real_escape_string($_POST[$var]);
}
?>
Improve this question
1
  • Can you fix the indentation, it's hard to tell the nesting of your if statements. Commented May 12, 2013 at 18:56

2 Answers 2

Reset to default
1

As i see in your code, you delete the user and if the query result is true you add it again.

if (isset($_POST['delete']) && $id != "") {
    ##################################
    #####YOU DELETE THE USER HERE
    ##################################
    $query = "DELETE FROM Users WHERE id='$id'";

    if (!mysql_query($query, $bd))
        echo "DELETE failed: $query<br />" .
        mysql_error() . "<br /><br />";

    }else{
        ##################################
        ##### YOU ADD THE USER AGAIN IF IT WAS DELETE
        ##################################
        $query = "INSERT INTO Users VALUES" .
        "('$id','$username','$password','$email','$birth','$age','$ircts3','$game','$gender','$name'. '$administrator')";

    if (!mysql_query($query, $bd))
        echo "INSERT failed: $query<br />" . mysql_error() . "<br /><br />";

    }
}

That way the user is never going to be deleted.

::Edited::

you can do this

<?php
session_start();
include ("connection.php");

// check admin part
$isAdmin = 0;
$user = $_SESSION['username'];
$sql = "SELECT * FROM Users WHERE username = '$user' AND admin = 1";
$query = mysql_query($sql,$bd)or die(mysql_error());

if(mysql_num_rows($query)>0){
    $isAdmin = 1;
}

if(isset($_GET['id'])){
    if($isAdmin == 1){
        $delete_id = mysql_real_escape_string($_GET['id']);
        $sql = "DELETE FROM Users WHERE id = '$delete_id'";
        $query = mysql_query($sql,$bd)or die(mysql_error());
        echo "User id: {$_GET['id'] deleted}";
    }else{
        echo 'You are not an admin';
    }
}

$sql = "SELECT * FROM Users ORDER BY id ASC";
$query = mysql_query($sql,$bd)or die(mysql_error());

if(mysql_num_rows($query)>0){
    while($row = mysql_fetch_array($query)){
        echo '<a href="'.$_SERVER['PHP_SELF'].'?id="'.$row['id'].'">'.$row['id'].'</a> '.$row['username'];

    }
}else{
    echo "No results in database";
}

?>
Improve this answer
Sign up to request clarification or add additional context in comments.

4 Comments

Could you possibly edit out the parts that readd the user so that it is only a delete user script?
You need a user list and delete script?
it doesn't work it lists the users and their id # is a link. When you click their number it just brings you to another page with an apache error is their a way to do it without the admin and connection files being melded in. So that I can just include both admin and connection.php files?
it didnt work because you didnt change file.php to your file name. But now its fixed i used $_SERVER['PHP_SELF'] to get the file name by itself and also added the connection.php file. try it now!
0

The code to delete a user is inside the if that checks if all the fields for a new user are set, which obviously isn't the case when deleting a user.

if (isset($_POST['id']) &&
isset($_POST['username']) &&
isset($_POST['password']) &&
isset($_POST['email']) &&
isset($_POST['birth']) &&
isset($_POST['age']) &&
isset($_POST['ircts3']) &&
isset($_POST['game']) &&
isset($_POST['gender']) &&
isset($_POST['name']) &&
isset($_POST['admin']))
{
  $id = get_post('id');
  $username = get_post('username');
  $password = get_post(md5('password'));
  $email = get_post('email');
  $birth = get_post('birth');
  $age = get_post('age');
  $ircts3 = get_post('ircts3');
  $game = get_post('game');
  $gender = get_post('gender');
  $name = get_post('name');
  $administrator = get_post('admin');
  $query = "INSERT INTO Users VALUES" .
"('$id', '$username', '$password', '$email', '$birth', '$age', '$ircts3', '$game',    '$gender', '$name'. '$administrator')";

  if (!mysql_query($query, $bd))
  echo "INSERT failed: $query<br />" .
  mysql_error() . "<br /><br />";
  }
}
else if (isset($_POST['delete']) && isset($_POST['id']) 
{
$id = intval(get_post('id'));
$query = "DELETE FROM Users WHERE id='$id'";

if (!mysql_query($query, $bd))
echo "DELETE failed: $query<br />" .
mysql_error() . "<br /><br />";
}
Improve this answer

1 Comment

I understand that part, what the script actually is is a script that adds and removes users, however I am trying to make it a script that lists the users in my database and then allows me to click the delete button and remove that user from the database.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.