function admin_rooms() { global $sr_default_chat_name; // Show Rooms Page if ($_SERVER['REQUEST_METHOD'] != 'POST') { if (!sr_is_signed_in()) { sr_redirect('/d/main/signin/'); } if (!sr_is_admin()) { sr_redirect('/d/'); } $db = sr_pdo(); $stmt = $db->prepare('SELECT * FROM room ORDER BY start_time DESC LIMIT 10'); $stmt->execute(); $room_list = $stmt->fetchAll(PDO::FETCH_CLASS, 'Room'); foreach ($room_list as $a_room) { $room_id = $a_room->id; $stmt = $db->prepare("SELECT name FROM participant WHERE room_id='{$room_id}'"); $stmt->execute(); $participants = $stmt->fetchAll(PDO::FETCH_COLUMN); $a_room->participants = ''; foreach ($participants as $a_participant) { if ($a_participant == '') { $a_participant = $sr_default_chat_name; } $a_room->participants .= $a_participant . '<br />'; } } $stmt = $db->prepare('SELECT * FROM room_log ORDER BY id DESC LIMIT 10'); $stmt->execute(); $room_log_list = $stmt->fetchAll(PDO::FETCH_CLASS, 'RoomLog'); foreach ($room_log_list as $a_room_log) { $room_id = $a_room_log->room_id; $stmt = $db->prepare("SELECT participant_name FROM participant_log WHERE type=2 AND room_id='{$room_id}'"); $stmt->execute(); $participants = $stmt->fetchAll(PDO::FETCH_COLUMN); $a_room_log->participants = ''; foreach ($participants as $a_participant) { if ($a_participant == '') { $a_participant = $sr_default_chat_name; } $a_room_log->participants .= $a_participant . '<br />'; } } $context = array('room_list' => $room_list, 'room_log_list' => $room_log_list); sr_response('views/admin/rooms.php', $context); // Handling Ajax Request } else { // Pagination or Filtering if ($_POST['type'] == 'pagination') { try { $db = sr_pdo(); $json = $_POST['filter']; $json = stripslashes($json); $filter = json_decode($json); $where = ''; $index = 0; foreach ($filter as $field => $value) { if ($index++ == 0) { $where .= 'WHERE '; } else { $where .= ' AND '; } $where .= $field . '=' . $value; } if ($_POST['table'] == 't1') { $total_record_number = Room::getRecordNum($filter); } else { $total_record_number = RoomLog::getRecordNum($filter); } if ($_POST['page_number'] == -1) { $beginRecordNum = (int) ($total_record_number / 10) * 10; } else { $beginRecordNum = ($_POST['page_number'] - 1) * 10; } if ($_POST['table'] == 't1') { $stmt = $db->prepare("SELECT * FROM room {$where} ORDER BY start_time DESC LIMIT {$beginRecordNum}, 10"); $stmt->execute(); $record_list = $stmt->fetchAll(PDO::FETCH_CLASS, 'Room'); foreach ($record_list as $a_room) { $room_id = $a_room->id; $stmt = $db->prepare("SELECT name FROM participant WHERE room_id='{$room_id}'"); $stmt->execute(); $participants = $stmt->fetchAll(PDO::FETCH_COLUMN); $a_room->participants = ''; foreach ($participants as $a_participant) { if ($a_participant == '') { $a_participant = $sr_default_chat_name; } $a_room->participants .= $a_participant . '<br />'; } } } else { $stmt = $db->prepare("SELECT * FROM room_log {$where} ORDER BY id DESC LIMIT {$beginRecordNum}, 10"); $stmt->execute(); $record_list = $stmt->fetchAll(PDO::FETCH_CLASS, 'RoomLog'); foreach ($record_list as $a_room_log) { $room_id = $a_room_log->room_id; $stmt = $db->prepare("SELECT participant_name FROM participant_log WHERE type=2 AND room_id='{$room_id}'"); $stmt->execute(); $participants = $stmt->fetchAll(PDO::FETCH_COLUMN); $a_room_log->participants = ''; foreach ($participants as $a_participant) { if ($a_participant == '') { $a_participant = $sr_default_chat_name; } $a_room_log->participants .= $a_participant . '<br />'; } } } $result = array('record_list' => $record_list, 'total_record_number' => $total_record_number); echo json_encode($result); } catch (PDOException $e) { } // Close Room Request } else { try { $db = sr_pdo(); $stmt = $db->prepare('SELECT * FROM room WHERE id = :id'); $stmt->bindParam(':id', $_POST['id']); $stmt->setFetchMode(PDO::FETCH_CLASS, 'Room'); $stmt->execute(); $room = $stmt->fetch(); $roomLog = new RoomLog(); $roomLog->room_id = $room->id; $roomLog->name = $room->name; $roomLog->title = $room->title; $roomLog->description = $room->description; $roomLog->is_open = $room->is_open; $roomLog->start_time = $room->start_time; $roomLog->end_time = Model::getCurrentTime(); $roomLog->add($db); $room->close($db); } catch (PDOException $e) { } } } }
function main_signup() { if (sr_is_signed_in()) { sr_redirect('/d/'); } if ($_SERVER['REQUEST_METHOD'] === 'POST') { global $sr_regex_name; global $sr_regex_email; global $sr_regex_password; global $sr_default_authority; $user = new User(); $context = array(); if (!preg_match($sr_regex_email, $_POST['signup_email'])) { $context['result'] = 3; $context['msg'] = 'Please enter a valid email address'; } else { if (!preg_match($sr_regex_password, $_POST['signup_password'])) { $context['result'] = 4; $context['msg'] = 'Please enter a valid password. Password should be alphanumeric.'; } else { if (!preg_match($sr_regex_name, $_POST['first_name'])) { $context['result'] = 5; $context['msg'] = 'Name should consist of only alphabets (uppercase or lowercase).'; } else { if (!preg_match($sr_regex_name, $_POST['last_name'])) { $context['result'] = 6; $context['msg'] = 'Name should consist of only alphabets (uppercase or lowercase).'; } else { if ($_POST['signup_password'] != $_POST['repeat_password']) { $context['result'] = 7; $context['msg'] = 'Please repeat your password.'; } else { $user->first_name = ucfirst($_POST['first_name']); $user->last_name = ucfirst($_POST['last_name']); $user->email = strtolower($_POST['signup_email']); $user->password = md5($_POST['signup_password']); $user->is_authorized = $sr_default_authority; $user->is_admin = 0; $user->join_date = Model::getCurrentTime(); $user->last_active_date = Model::getCurrentTime(); try { $db = sr_pdo(); $id = $user->add($db); $context['result'] = 0; $context['msg'] = 'Successfully registered'; } catch (PDOException $e) { switch ($e->errorInfo[1]) { case 1062: // Duplicated entry $context['result'] = 1; $context['msg'] = 'The email address is already registered.'; break; default: // Other exceptions $context['result'] = 2; $context['msg'] = 'Failed to signup. Please try it again.'; } } } } } } } if ($context['result'] === 0) { sr_signin($user); if (isset($_SESSION['next_page']) && isset($_SESSION['room_name'])) { $room_name = $_SESSION['room_name']; unset($_SESSION['next_page']); unset($_SESSION['room_name']); sr_redirect('/d/room/?name=' . $room_name); } else { sr_redirect('/d/'); } } else { sr_response('views/main/signup.php', $context); } } else { // Show signup view sr_response('views/main/signup.php', null); } }