• Unfortunately, we have experienced significant hard drive damage that requires urgent maintenance and rebuilding. The forum will be a state of read only until we install our new drives and rebuild all the configurations needed. Please follow our Facebook page for updates, we will be back up shortly! (The forum could go offline at any given time due to the nature of the failed drives whilst awaiting the upgrades.) When you see an Incapsula error, you know we are in the process of migration.

[Code] RevCMS Catalog/Shop Category Editor [Addon]

C

C0R3G4M3R

Experienced Elementalist
Joined
Aug 21, 2012
Messages
215
Reaction score
52
Today I'm releasing my RevCMS Catalog/Shop Category Editor.

Note: You need to know the category ID.

Add this anywhere you want it in your hk:
PHP: 
<?php
    if(isset($_POST['update'])) {
mysql_query("UPDATE catalog_pages SET id = '" . mysql_real_escape_string($_POST['id']) . "', parent_id = '" . mysql_real_escape_string($_POST['parent_id']) . "', caption = '" . mysql_real_escape_string($_POST['caption']) . "', visible = '" . mysql_real_escape_string($_POST['visible']) . "', enabled = '" . mysql_real_escape_string($_POST['enabled']) . "', min_rank = '" . mysql_real_escape_string($_POST['min_rank']) . "', page_layout = '" . mysql_real_escape_string($_POST['page_layout']) . "', page_headline = '" . mysql_real_escape_string($_POST['page_headline']) . "' WHERE id = '" . mysql_real_escape_string($_POST['id_current']) . "'") or die(mysql_error());
    echo "<center>Category <b>" . htmlspecialchars($_POST['id_current']) . "</b> successfully updated!</center>"; 
    }
    if(isset($_POST['lookup'])) {
if(mysql_num_rows(mysql_query("SELECT * FROM catalog_pages WHERE id = '". ($_POST['l_id']) ."'")) == 0) { echo "<center>Not found!</center>"; }
else { 
    $two = mysql_fetch_assoc(mysql_query("SELECT * FROM catalog_pages WHERE id = '" . mysql_real_escape_string($_POST['l_id']) . "'"));
?>
<form method='post'>
<input type="hidden" name="id_current" value="<?php echo htmlspecialchars($_POST['l_id']); ?>" />
    <table style="width: 100%;">
<tr>
    <td>ID</td>
    <td><input type="text" name="id" value="<?php echo htmlspecialchars($_POST['l_id']); ?>" style="width: 95%" /></td>
</tr>
<tr>
    <td>Parent ID</td>
    <td><input type="text" name="parent_id" value="<?php echo htmlspecialchars($two['parent_id']); ?>" style="width: 95%" /></td>
</tr>
<tr>
    <td>Name</td>
    <td><input type="text" name="caption" value="<?php echo htmlspecialchars($two['caption']); ?>" style="width: 95%" /></td>
</tr>
<tr>
    <td>Visible</td>
    <td><input type="text" name="visible" value="<?php echo htmlspecialchars($two['visible']); ?>" style="width: 95%" /></td>
</tr>
<tr>
    <td>Enabled</td>
    <td><input type="text" name="enabled" value="<?php echo htmlspecialchars($two['enabled']); ?>" style="width: 95%" /></td>
</tr>
<tr>
    <td>Min. Rang</td>
    <td><input type="text" name="min_rank" value="<?php echo htmlspecialchars($two['min_rank']); ?>" style="width: 95%" /></td>
</tr>
<tr>
    <td>Layout</td>
    <td><input type="text" name="page_layout" value="<?php echo htmlspecialchars($two['page_layout']); ?>" style="width: 95%" /></td>
</tr>
<tr>
    <td>Headline</td>
    <td><input type="text" name="page_headline" value="<?php echo htmlspecialchars($two['page_headline']); ?>" style="width: 95%" /></td>
</tr>
    </table>
    <input type="submit" class="input button" value="Update/safe" name="update"/>
</form>
<?php
}
    }
?>
<form method='post' align="center">
    <input type="text" name="l_id" class="input text" placeholder="ID"><br>
    <input type="submit" class="input button" value="Search category" name="lookup" style="margin-top: 5px;" />
</form>
Big thanks to wesley66101 for improving the code (and making a screen)!

Screen (not translated):
0FQJnMc - [Code] RevCMS Catalog/Shop Category Editor [Addon] - RaGEZONE Forums


OLD!
PHP: 
<?php
	if(isset($_POST['update'])) {
mysql_query("UPDATE catalog_pages SET id = '" . ($_POST['id']) . "', parent_id = '" . ($_POST['parent_id']) . "', caption = '" . ($_POST['caption']) . "', visible = '" . ($_POST['visible']) . "', enabled = '" . ($_POST['enabled']) . "', min_rank = '" . ($_POST['min_rank']) . "', page_layout = '" . ($_POST['page_layout']) . "', page_headline = '" . ($_POST['page_headline']) . "' WHERE id = '" . ($_POST['id_current']) . "'") or die(mysql_error());
	echo "<center>Category " . $_POST['id_current'] . " updated succesfully!</center>"; 
	}
	if(isset($_POST['lookup'])) {
if(mysql_num_rows(mysql_query("SELECT * FROM catalog_pages WHERE id = '". ($_POST['l_id']) ."'")) == 0) { echo "<center>Not found!</center>"; }
else { 
	$two = mysql_fetch_assoc(mysql_query("SELECT * FROM catalog_pages WHERE id = '" . ($_POST['l_id']) . "'"));
?>
<form method='post'>
<input type="hidden" name="id_current" value="<?php echo $_POST['l_id']; ?>" />
	<table style="width: 100%;">
<tr>
	<td>ID</td>
	<td><input type="text" name="id" value="<?php echo $_POST['l_id']; ?>" style="width: 95%" /></td>
</tr>
<tr>
	<td>Parent ID</td>
	<td><input type="text" name="parent_id" value="<?php echo $two['parent_id']; ?>" style="width: 95%" /></td>
</tr>
<tr>
	<td>Name</td>
	<td><input type="text" name="caption" value="<?php echo $two['caption']; ?>" style="width: 95%" /></td>
</tr>
<tr>
	<td>Visible</td>
	<td><input type="text" name="visible" value="<?php echo $two['visible']; ?>" style="width: 95%" /></td>
</tr>
<tr>
	<td>Enabled</td>
	<td><input type="text" name="enabled" value="<?php echo $two['enabled']; ?>" style="width: 95%" /></td>
</tr>
<tr>
	<td>Min. Rang</td>
	<td><input type="text" name="min_rank" value="<?php echo $two['min_rank']; ?>" style="width: 95%" /></td>
</tr>
<tr>
	<td>Layout</td>
	<td><input type="text" name="page_layout" value="<?php echo $two['page_layout']; ?>" style="width: 95%" /></td>
</tr>
<tr>
	<td>Headline</td>
	<td><input type="text" name="page_headline" value="<?php echo $two['page_headline']; ?>" style="width: 95%" /></td>
</tr>
	</table>
	<input type="submit" class="input button" value="Update/Safe" name="update"/>
</form>
<?php
}
	}
?>
<form method='post' align="center">
	<input type="text" name="l_id" class="input text" placeholder="ID"><br>
	<input type="submit" class="input button" value="Search" name="lookup" style="margin-top: 5px;" />
</form>

Have fun with this :D
 

Attachments

You must be registered for see attachments list
Last edited:
The Best DDoS Protected Servers
Emily

Emily

Custom Title Activated
Loyal Member
1000 Posts Got A Reaction 10 Happy Years
Joined
Oct 26, 2012
Messages
2,357
Reaction score
1,086
PHP: 
($_POST['id'])

Oh man, I'll make sure that I force post something really nice... :sneaky2:

This is a really nice idea but it's fully exploitable and very unsafe. I don't like it :-(
 
C

C0R3G4M3R

Experienced Elementalist
Joined
Aug 21, 2012
Messages
215
Reaction score
52
FatalLulz said:
Please post a screenshot of this setup :): Thanks.
Click to expand...

It's just a simple html form.

Richaell said:
Yes, images before a download if very useful.
Click to expand...

Where do you see a "download link"?

The General said:
Yeah don't use this unless you want to get hacked.
Click to expand...

I know it's not safe :/ but it could be useful as a base or something.

Glaceon said:
PHP: 
($_POST['id'])

Oh man, I'll make sure that I force post something really nice... :sneaky2:

This is a really nice idea but it's fully exploitable and very unsafe. I don't like it :-(
Click to expand...

Yes it's very simple PHP because I'm not very good at PHP ^^
 
W

wesley66101

Junior Spellweaver
Joined
Oct 20, 2013
Messages
105
Reaction score
27
Improved version i don't have tested it because i don't use revCMS

PHP: 
<?php
    if(isset($_POST['update'])) {
mysql_query("UPDATE catalog_pages SET id = '" . mysql_real_escape_string($_POST['id']) . "', parent_id = '" . mysql_real_escape_string($_POST['parent_id']) . "', caption = '" . mysql_real_escape_string($_POST['caption']) . "', visible = '" . mysql_real_escape_string($_POST['visible']) . "', enabled = '" . mysql_real_escape_string($_POST['enabled']) . "', min_rank = '" . mysql_real_escape_string($_POST['min_rank']) . "', page_layout = '" . mysql_real_escape_string($_POST['page_layout']) . "', page_headline = '" . mysql_real_escape_string($_POST['page_headline']) . "' WHERE id = '" . mysql_real_escape_string($_POST['id_current']) . "'") or die(mysql_error());
    echo "<center>" . htmlspecialchars($_POST['id_current']) . " not found!</center>"; 
    }
    if(isset($_POST['lookup'])) {
if(mysql_num_rows(mysql_query("SELECT * FROM catalog_pages WHERE id = '". ($_POST['l_id']) ."'")) == 0) { echo "<center>Not found!</center>"; }
else { 
    $two = mysql_fetch_assoc(mysql_query("SELECT * FROM catalog_pages WHERE id = '" . mysql_real_escape_string($_POST['l_id']) . "'"));
?>
<form method='post'>
<input type="hidden" name="id_current" value="<?php echo htmlspecialchars($_POST['l_id']); ?>" />
    <table style="width: 100%;">
<tr>
    <td>ID</td>
    <td><input type="text" name="id" value="<?php echo htmlspecialchars($_POST['l_id']); ?>" style="width: 95%" /></td>
</tr>
<tr>
    <td>Parent ID</td>
    <td><input type="text" name="parent_id" value="<?php echo htmlspecialchars($two['parent_id']); ?>" style="width: 95%" /></td>
</tr>
<tr>
    <td>Name</td>
    <td><input type="text" name="caption" value="<?php echo htmlspecialchars($two['caption']); ?>" style="width: 95%" /></td>
</tr>
<tr>
    <td>Visible</td>
    <td><input type="text" name="visible" value="<?php echo htmlspecialchars($two['visible']); ?>" style="width: 95%" /></td>
</tr>
<tr>
    <td>Enabled</td>
    <td><input type="text" name="enabled" value="<?php echo htmlspecialchars($two['enabled']); ?>" style="width: 95%" /></td>
</tr>
<tr>
    <td>Min. Rang</td>
    <td><input type="text" name="min_rank" value="<?php echo htmlspecialchars($two['min_rank']); ?>" style="width: 95%" /></td>
</tr>
<tr>
    <td>Layout</td>
    <td><input type="text" name="page_layout" value="<?php echo htmlspecialchars($two['page_layout']); ?>" style="width: 95%" /></td>
</tr>
<tr>
    <td>Headline</td>
    <td><input type="text" name="page_headline" value="<?php echo htmlspecialchars($two['page_headline']); ?>" style="width: 95%" /></td>
</tr>
    </table>
    <input type="submit" class="input button" value="Aktualisieren/Speichern" name="update"/>
</form>
<?php
}
    }
?>
<form method='post' align="center">
    <input type="text" name="l_id" class="input text" placeholder="ID"><br>
    <input type="submit" class="input button" value="Shopseite suchen" name="lookup" style="margin-top: 5px;" />
</form>

Screen:
0FQJnMc - [Code] RevCMS Catalog/Shop Category Editor [Addon] - RaGEZONE Forums

-Wesley

Sorry for my bad english
 

Attachments

You must be registered for see attachments list
Last edited:
C

C0R3G4M3R

Experienced Elementalist
Joined
Aug 21, 2012
Messages
215
Reaction score
52
wesley66101 said:
Improved version i don't have tested it because i don't use revCMS

PHP: 
<?php
    if(isset($_POST['update'])) {
mysql_query("UPDATE catalog_pages SET id = '" . mysql_real_escape_string($_POST['id']) . "', parent_id = '" . mysql_real_escape_string($_POST['parent_id']) . "', caption = '" . mysql_real_escape_string($_POST['caption']) . "', visible = '" . mysql_real_escape_string($_POST['visible']) . "', enabled = '" . mysql_real_escape_string($_POST['enabled']) . "', min_rank = '" . mysql_real_escape_string($_POST['min_rank']) . "', page_layout = '" . mysql_real_escape_string($_POST['page_layout']) . "', page_headline = '" . mysql_real_escape_string($_POST['page_headline']) . "' WHERE id = '" . mysql_real_escape_string($_POST['id_current']) . "'") or die(mysql_error());
    echo "<center>" . htmlspecialchars($_POST['id_current']) . " not found!</center>"; 
    }
    if(isset($_POST['lookup'])) {
if(mysql_num_rows(mysql_query("SELECT * FROM catalog_pages WHERE id = '". ($_POST['l_id']) ."'")) == 0) { echo "<center>Not found!</center>"; }
else { 
    $two = mysql_fetch_assoc(mysql_query("SELECT * FROM catalog_pages WHERE id = '" . mysql_real_escape_string($_POST['l_id']) . "'"));
?>
<form method='post'>
<input type="hidden" name="id_current" value="<?php echo htmlspecialchars($_POST['l_id']); ?>" />
    <table style="width: 100%;">
<tr>
    <td>ID</td>
    <td><input type="text" name="id" value="<?php echo htmlspecialchars($_POST['l_id']); ?>" style="width: 95%" /></td>
</tr>
<tr>
    <td>Parent ID</td>
    <td><input type="text" name="parent_id" value="<?php echo htmlspecialchars($two['parent_id']); ?>" style="width: 95%" /></td>
</tr>
<tr>
    <td>Name</td>
    <td><input type="text" name="caption" value="<?php echo htmlspecialchars($two['caption']); ?>" style="width: 95%" /></td>
</tr>
<tr>
    <td>Visible</td>
    <td><input type="text" name="visible" value="<?php echo htmlspecialchars($two['visible']); ?>" style="width: 95%" /></td>
</tr>
<tr>
    <td>Enabled</td>
    <td><input type="text" name="enabled" value="<?php echo htmlspecialchars($two['enabled']); ?>" style="width: 95%" /></td>
</tr>
<tr>
    <td>Min. Rang</td>
    <td><input type="text" name="min_rank" value="<?php echo htmlspecialchars($two['min_rank']); ?>" style="width: 95%" /></td>
</tr>
<tr>
    <td>Layout</td>
    <td><input type="text" name="page_layout" value="<?php echo htmlspecialchars($two['page_layout']); ?>" style="width: 95%" /></td>
</tr>
<tr>
    <td>Headline</td>
    <td><input type="text" name="page_headline" value="<?php echo htmlspecialchars($two['page_headline']); ?>" style="width: 95%" /></td>
</tr>
    </table>
    <input type="submit" class="input button" value="Aktualisieren/Speichern" name="update"/>
</form>
<?php
}
    }
?>
<form method='post' align="center">
    <input type="text" name="l_id" class="input text" placeholder="ID"><br>
    <input type="submit" class="input button" value="Shopseite suchen" name="lookup" style="margin-top: 5px;" />
</form>

Screen:
0FQJnMc - [Code] RevCMS Catalog/Shop Category Editor [Addon] - RaGEZONE Forums

-Wesley

Sorry for my bad english
Click to expand...

Not working and I forgot to translate some things :eek:
 

Attachments

You must be registered for see attachments list
C

C0R3G4M3R

Experienced Elementalist
Joined
Aug 21, 2012
Messages
215
Reaction score
52
wesley66101 said:
What do not working?? Do you get a error or someting?
Click to expand...

It says not found. You translated both into "not found" but the first one shoud be "succes" I translated everything correct in my first post some minutes ago.

EDIT: It's working just the wrong translation, sorry :'D I'll change the code to yours in my first post.
 
Last edited:
You must log in or register to reply here.

About Us

RaGEZONE® is a website dedicated to the development of massively multiplayer online role-playing games (MMORPGs).

Online statistics

Members online
112
Guests online
11,648
Total visitors
11,760
Totals may include hidden visitors.

Forum statistics

Threads
429,198
Messages
4,590,913
Members
281,307
Latest member
ismodev
Most visitors online was 12720 , on 2 May 2024

RaGEZONE Sponsor

    HyperFilter
Back
Top