Making CMS

[cleanvar()]

Hi all,

Im making a cms and keep getting window.location='viewpost.php?pid=".$pid."'</script>"; with: but i dont know why.

      <?

       

/*###########################################*\
| THIS CODE IS PART OF RACKING CMS. NO PART   |
| MAY BE COPIED WITHOUT THE AUTHORS           |
| PERMISSION || http://www.stevengibbons.com  |
| FILE: lockpost.php    Created: 22/02/06     |
 \*###########################################*/

       

      /* INCLUDE SOME FILES */

       

      include('inc/connect.php');

      include('inc/class_core.php');

      include('inc/header.php');

       

      $username = $_SESSION['username'];

      $pid = $_GET['pid'];

       
       
 
      /* NOW FOR LOCK */

       

      $query1 = "SELECT * FROM users WHERE username = '$username' AND user_level = '2'";

      $result1 = mysql_query($query1) or die (mysql_error());

      $nr = mysql_num_rows($result1);

       

      /* NOW WE SEE */

       

      if ($nr != 1)

      {

      include('disallowed.php');

      die();

      }

       

       

      $query2 = "UPDATE posts SET status = '1' WHERE id = '$pid'";

      $result2 = mysql_query($query2);

      echo "<script type='text/javascript'>window.location='viewpost.php?pid=".$pid."'</script>";

      ?>

Thanks,
Will

 

[wackyjoe]

why dont you just use header('Location:viewpost.php?pid=$pid');

 

[cleanvar()]

have tried that still doesnt work:

      <?

       

/*###########################################*\
| THIS CODE IS PART OF RACKING CMS. NO PART   |
| MAY BE COPIED WITHOUT THE AUTHORS           |
| PERMISSION || http://www.stevengibbons.com  |
| FILE: lockpost.php    Created: 22/02/06     |
 \*###########################################*/

       

      /* INCLUDE SOME FILES */

       

      include('inc/connect.php');

      include('inc/class_core.php');

      include('inc/header.php');

       

      $username = $_SESSION['username'];

      $pid = $_GET['pid'];

       
       
 
      /* NOW FOR LOCK */

       

      $query1 = "SELECT * FROM users WHERE username = '$username' AND user_level = '2'";

      $result1 = mysql_query($query1) or die (mysql_error());

      $nr = mysql_num_rows($result1);

       

      /* NOW WE SEE */

       

      if ($nr != 1)

      {

      include('disallowed.php');

      die();

      }

       

       

      $query2 = "UPDATE posts SET status = '1' WHERE id = $pid";

      $result2 = mysql_query($query2);

      header('Location:viewpost.php?pid=$pid');

      ?>

Thanks for any help.

Steven

 

[lpxxfaintxx]

  <?

       

/*###########################################*\
| THIS CODE IS PART OF RACKING CMS. NO PART   |
| MAY BE COPIED WITHOUT THE AUTHORS           |
| PERMISSION || [url]http://www.stevengibbons.com[/url]  |
| FILE: lockpost.php    Created: 22/02/06     |
 \*###########################################*/

       

      /* INCLUDE SOME FILES */

       

      include('inc/connect.php');

      include('inc/class_core.php');

      include('inc/header.php');

       

      $username = $_SESSION['username'];

      $pid = $_GET['pid'];

       
       
 
      /* NOW FOR LOCK */

       

      $query1 = "SELECT * FROM users WHERE username = '$username' AND user_level = '2'";

      $result1 = mysql_query($query1) or die (mysql_error());

      $nr = mysql_num_rows($result1);

       

      /* NOW WE SEE */

       

      if ($nr != 1)

      {

      include('disallowed.php');

      die();

      }

       

       

      $query2 = "UPDATE posts SET status = '1' WHERE id = '$pid'";

      $result2 = mysql_query($query2);

      echo "<script type='text/javascript'>window.location='viewpost.php?pid='".$pid."'</script>";

      ?>

See if that works..

Also, when you used header('Location:viewpost.php?pid=$pid'); , how did it not work? Did it give an error? Did it just do nothing?

 

[cleanvar()]

Thanks for the code but it didnt work. I get window.location='viewpost.php?pid='".$pid."'"; ?>

there must be something wrong.
Will

 

[Eric]

Goodbye webmonkey.