Código PHP:
<?php
$id=$_GET['id'];
$f=$_GET['f'];
if(isset($_COOKIE['user']) && isset($_COOKIE['pass']))
{
$pass=trim($_COOKIE['pass']);
$user=trim($_COOKIE['user']);
mysql_connect("xxxx","xxxxx","xxxxxxx");
mysql_select_db("xxxxx");
$q=mysql_query("select * from admins where user='$user' and password='$pass'");
if(mysql_fetch_array($q))
{
if($f==mod)
{
$q1=mysql_query("select * from videos where id='$id'");
$r=mysql_fetch_array($q1);
echo'<form actio="addvideo.php?id='.$id.'&f=mod" method="post">
<input type="text" name="titulo" value"'.$r['titulo'].'" />
<input type="submit" value="Modificar">
</form>';
}
else
{
if ($f==del)
{
$q2=mysql_query("select * from videos where id='$id'");
$r1=mysql_fetch_array($q2);
echo'<form onsubmit="return confirm(\'Está Seguro\')" action="addvideo.php?id='.$id.'&f=del" method="post">
<input type="hidden" name="query" value="inecesario" />
<h3>'.$r1['titulo'].'<h3><br>
<input type="submit" value="Borrar" />
</form>';
}
else
{
header("location:admin.php");
}
}
}
else
{
header("location:admin.php");
}
}
else
{
header("location:admin.php");
}
?>