session_start();
$user = $_SESSION["username"];
include 'create-recipe-form.php';
//credentials
include 'db-credentials.php';
//connect to db
$conn = connectToDb($servername, $username, $password, $dbname);
//get user id
$userId;
if (isset($_GET["user_id"])) {
$userId = $_GET["user_id"];
if ($userId == '') {
header('Location: fail.php');
} else {
//check if admin
$loggedUser = getAuthorId($conn, $user);
//check status
$sql = "SELECT isAdmin\n FROM Account\n WHERE user_id = '{$loggedUser}'";
$result = mysqli_query($conn, $sql);
$row = mysqli_fetch_assoc($result);
$isAdmin = $row["isAdmin"];
if ($isAdmin == 0) {
header('Location: fail.php');
}
}
} else {
header('Location: fail.php');
}
//get username
$sql = "SELECT username\n FROM Account\n WHERE user_id = '{$userId}'";
$result = mysqli_query($conn, $sql);
<?php session_start(); $user = $_SESSION["username"]; include 'create-recipe-form.php'; //credentials $servername = "localhost"; $username = "******"; $password = ""; $dbname = "cookbooknetwork"; //connect to db $conn = connectToDb($servername, $username, $password, $dbname); //get user id $userId = getAuthorId($conn, $user); ?> <!DOCTYPE html> <html> <head> <meta charset="UTF-8"> <meta name="description" content="A virtual cookbook that allows user's to view, create and share recipes."> <meta name="keywords" content="recipe, cookbook, food, ingredients"> <meta name="author" content="Cookbook Network Inc."> <link rel="stylesheet" type="text/css" href="page_style.css"> <link href='http://fonts.googleapis.com/css?family=Tangerine:700' rel='stylesheet' type='text/css'> <link href='http://fonts.googleapis.com/css?family=IM+Fell+Double+Pica' rel='stylesheet' type='text/css'> </head> <body> <img class="background-image" src="images/food_spaghetti_1920x1080_wallp_2560x1440_miscellaneoushi.com_.jpg" height="700"/>
<!DOCTYPE html>
<html>
<?php
session_start();
include 'create-recipe-form.php';
include 'db-credentials.php';
//if form submitted
if ($_SERVER['REQUEST_METHOD'] == "POST") {
//connect to db
$conn = connectToDb($servername, $username, $password, $dbname);
$userId = getAuthorId($conn, $_SESSION["username"]);
//if friend does not have account
if (!checkPrivacy($conn)) {
exit("Sorry, your friend(s) is not a registered user.");
}
$recipeName = getRecipeName($conn);
$allSteps = getAllSteps($conn);
$privacy = getPrivacy();
$recipeId = insertRecipeIntoDB($recipeName, $userId, $allSteps, $privacy, $conn);
//if error in inserting recipe into db
if ($recipeId < 0) {
exit("Sorry, could not access database when adding recipe. Please try again.");
}
$photoPath = NULL;
//check if image uploaded
if (checkImageUploaded()) {
$photo = getImageTmpName();
$photoPath = getImagePath($recipeId);
if (!mkdir("images/" . $recipeId, 0777, true)) {
exit('Could not upload image to server.');
$info[$key] = array('fullname' => trim($args[0]) . ', ' . $firstname, 'shortname' => trim($args[0]) . ', ' . $firstname[0], 'position' => trim($args[2]), 'start_date' => trim($args[3]));
if (isset($args[4])) {
$info[$key]['end_date'] = trim($args[4]);
}
}
if (count($info) == 0) {
exit('no data to update database with');
}
//pdDb::debugOn();
$db = pdDb::newFromParams();
$positions =& getAicmlPositions($db);
$staff = array();
foreach ($info as $key => $p) {
$author_id = getAuthorId($db, $p['fullname']);
if ($author_id < 0) {
$author_id = getAuthorId($db, $p['shortname']);
if ($author_id < 0) {
// author information will not be added to database
echo "author ", $p['fullname'], " not in database\n";
continue;
}
}
// make sure the position matches the one in the database
if (!in_array($p['position'], array_keys($positions))) {
if ($p['position'] == 'PI') {
$pos_id = $positions['Principal Investigator'];
} else {
if ($p['position'] == 'PDF') {
$pos_id = $positions['Post Doctoral Fellow'];
} else {
if ($p['position'] == 'PhD') {
