Beispiel #1
1
			  <?php 
if (isset($_SESSION['login_status']) && $_SESSION['login_status'] == false) {
    session_unset();
    echo "<div class=\"col-md-12\"> <div class=\"update-nag\"><div class=\"update-text\">The username or password you entered is incorrect.</div> </div></div>\n";
}
?>
            </div>
         </div>
      </div>
	  
      <?php 
if (isset($_POST['user']) && isset($_POST['pass'])) {
    $user = $_POST['user'];
    $pass = $_POST['pass'];
    $login = login($user, $pass);
    if (loginCheck($login) == true && isAdmin($login) == true) {
        $_SESSION["login_user"] = $user;
        $_SESSION["login_status"] = true;
        header('Location: index');
        exit;
    } else {
        $_SESSION["login_status"] = false;
        header('Location: ?');
        exit;
    }
}
?>
		 
      <script src="js/jquery-1.11.1.min.js"></script>
      <script src="js/bootstrap.min.js"></script>
      <script>
<?php

include "accessor.php";
$user = json_decode(stripslashes($_REQUEST['obj']));
//echo $user->username." | ".$user->password;
echo loginCheck($link, $user->username, $user->password);
Beispiel #3
0
<?php

/*
SQL Buddy - Web based MySQL administration
http://www.sqlbuddy.com/
index.php
- output page structure, content loaded through ajax
MIT license
2008 Calvin Lough <http://calv.in>
*/
/* MODx integration security check */
include "functions.php";
loginCheck(false);
outputPage();
Beispiel #4
0
function editEmail($mysqli, $password, $email1, $email2)
{
    $userid = $_SESSION['userid'];
    if (!loginCheck($mysqli)) {
        return false;
    }
    if ($email1 != $email2) {
        $_SESSION['msg'] = 'EMAIL ADRESSES MUST MATCH';
        return false;
    }
    if ($stmt = $mysqli->prepare("SELECT password FROM Account WHERE id = ? LIMIT 1")) {
        $stmt->bind_param('i', $userid);
        $stmt->execute();
        $stmt->store_result();
        $stmt->bind_result($dbPassword);
        $stmt->fetch();
        $password = sha1($password);
        if ($stmt->num_rows == 1) {
            if ($dbPassword != $password) {
                $_SESSION['msg'] = 'INCORRECT PASSWORD';
                return false;
            }
        } else {
            $_SESSION['msg'] = 'DATABASE ERROR';
            return false;
        }
    } else {
        $_SESSION['msg'] = 'DATABASE ERROR';
        return false;
    }
    if ($stmt = $mysqli->prepare("SELECT email FROM Account WHERE email = ?")) {
        $stmt->bind_param('s', $email1);
        $stmt->execute();
        $stmt->store_result();
        $stmt->bind_result($tmp);
        $stmt->fetch();
        if ($stmt->num_rows > 0) {
            $_SESSION['msg'] = 'EMAIL ALREADY IN USE';
            return false;
        }
    }
    if ($stmt = $mysqli->prepare("UPDATE Account SET Account.email = ? WHERE Account.id = ?")) {
        $stmt->bind_param('si', $email1, $userid);
        $stmt->execute();
        $_SESSION['msg'] = 'EMAIL ADRESS UPDATED SUCCESSFULLY';
        return true;
    } else {
        $_SESSION['msg'] = 'DATABASE ERROR';
        return false;
    }
}
 */
$tab = "admin";
$nav = "staff";
$returnLocation = "../admin/staff_list.php";
/**
 * Checking for query string. Go back to $returnLocation if none found.
 */
if (count($_GET) == 0 || !is_numeric($_GET["id_member"]) || empty($_GET["surname1"]) || empty($_GET["first_name"])) {
    header("Location: " . $returnLocation);
    exit;
}
/**
 * Checking permissions
 */
require_once "../auth/login_check.php";
loginCheck(OPEN_PROFILE_ADMINISTRATOR);
require_once "../lib/Form.php";
require_once "../lib/Check.php";
/**
 * Retrieving get vars
 */
$idMember = intval($_GET["id_member"]);
$surname1 = Check::safeText($_GET["surname1"]);
$surname2 = Check::safeText($_GET["surname2"]);
$firstName = Check::safeText($_GET["first_name"]);
/**
 * Show page
 */
$title = _("Delete Staff Member");
require_once "../layout/header.php";
/**
Beispiel #6
0
 * Checking for get vars. Go back to log statistics if none found.
 */
if (count($_GET) == 0) {
    header("Location: ../admin/log_stats.php");
    exit;
}
/**
 * Controlling vars
 */
$tab = "admin";
$nav = "logs";
/**
 * Checking permissions
 */
require_once "../auth/login_check.php";
loginCheck(OPEN_PROFILE_ADMINISTRATOR, false);
// There are not logs in demo version
require_once "../lib/LogStats.php";
/**
 * Retrieving get vars
 */
$table = isset($_GET['table']) ? Check::safeText($_GET['table']) : 'access';
$year = isset($_GET["year"]) ? intval($_GET["year"]) : 0;
$month = isset($_GET["month"]) ? intval($_GET["month"]) : 0;
$day = isset($_GET["day"]) ? intval($_GET["day"]) : 0;
//$hour = (isset($_GET["hour"])) ? intval($_GET["hour"]) : 0; // @todo ?
/**
 * Show page
 */
if ($table == 'record') {
    $title = _("Record Logs");
Beispiel #7
0
/**
 * Gets APIService SOAP client proxy that uses SOAP header authentication
 * @return APIService
 */
function getAPI()
{
    loginCheck();
    global $api_endpoint;
    $api_wsdl = "api/APIService.wsdl";
    $api_options = array('location' => $api_endpoint, 'trace' => true, 'features' => SOAP_SINGLE_ELEMENT_ARRAYS);
    $api = new APIService($api_wsdl, $api_options);
    $api->setCredentials("[" . $_SESSION["IntegratorsKey"] . "]" . $_SESSION["UserID"], $_SESSION["Password"]);
    return $api;
}
 * @package   OpenClinic
 * @copyright 2002-2008 jact
 * @license   http://www.gnu.org/copyleft/gpl.html GNU GPL
 * @version   CVS: $Id: history_personal_view.php,v 1.26 2008/03/23 12:00:17 jact Exp $
 * @author    jact <*****@*****.**>
 */
/**
 * Controlling vars
 */
$tab = "medical";
$nav = "history";
/**
 * Checking permissions
 */
require_once "../auth/login_check.php";
loginCheck(OPEN_PROFILE_DOCTOR);
require_once "../model/Query/History.php";
require_once "../model/Patient.php";
/**
 * Retrieving var (PGS)
 */
$idPatient = Check::postGetSessionInt('id_patient');
$patient = new Patient($idPatient);
if ($patient->getName() == '') {
    FlashMsg::add(_("That patient does not exist."), OPEN_MSG_ERROR);
    header("Location: ../medical/patient_search_form.php");
    exit;
}
/**
 * Search database for problem
 */
function login($username, $password, $codestring = '', $captcha = '')
{
    global $bdstoken;
    request('http://pan.baidu.com/');
    if ($codestring == '') {
        $captcha = loginCheck($username);
        if ($captcha) {
            $ret['errno'] = 257;
            $ret['code_string'] = $captcha;
            $ret['captcha'] = 'https://passport.baidu.com/cgi-bin/genimage?' . $captcha;
            return $ret;
        }
    }
    $guid = GUID();
    getToken($guid);
    //加密登录不太灵,不知道怎么回事,抽风似的,不用了
    /*$_key = request('https://passport.baidu.com/v2/getpublickey?token='.$bdstoken);
      $key = json_decode(str_replace("'", '"', $_key['body']), true);
      if (!isset($key['pubkey']) || !isset($key['key'])) {
        echo '无法获取public key!请联系开发者!服务器返回:'.$_key['body'];
        die();
      }
      $pubkey = openssl_pkey_get_public($key['pubkey']);
      openssl_public_encrypt($password, $crypted_password, $pubkey);
      $crypted_password = base64_encode($crypted_password);
      $result = request('https://passport.baidu.com/v2/api/?login', "charset=utf-8&tpl=netdisk&subpro=netdisk_web&apiver=v3&tt=".time()."&token=$bdstoken&loginmerge=true&safeflg=0&codestring=$codestring&detect=1&foreignusername=&gid=&idc=&isPhone=&loglogintype=pc_loginBasic&logintype=basicLogin&mem_pass=on&password=$crypted_password&rsakey={$key['key']}&crypttype=12&quick_user=0&safeflag=0&staticpage=http://pan.baidu.com/res/static/thirdparty/pass_v3_jump.html&u=http://pan.baidu.com/&username=$username&countrycode=&verifycode=$captcha&gid=$guid&ppui_logintime=".mt_rand(10000, 15000));*/
    $result = request('https://passport.baidu.com/v2/api/?login', "charset=utf-8&tpl=netdisk&subpro=netdisk_web&apiver=v3&tt=" . time() . "&token={$bdstoken}&loginmerge=true&safeflg=0&codestring={$codestring}&detect=1&foreignusername=&gid=&idc=&isPhone=&loglogintype=pc_loginBasic&logintype=basicLogin&mem_pass=on&password={$password}&quick_user=0&safeflag=0&staticpage=http://pan.baidu.com/res/static/thirdparty/pass_v3_jump.html&u=http://pan.baidu.com/&username={$username}&countrycode=&verifycode={$captcha}&gid={$guid}&ppui_logintime=" . mt_rand(10000, 15000));
    parse_str(findBetween($result['body'], 'href += "', '"'), $output);
    if (!isset($output['err_no'])) {
        echo '无法登录!请联系开发者!服务器返回:<xmp>' . $result['body'];
        die;
    }
    $ret['errno'] = $output['err_no'];
    if (strlen($output['codeString'])) {
        $ret['code_string'] = $output['codeString'];
        $ret['captcha'] = 'https://passport.baidu.com/cgi-bin/genimage?' . $output['codeString'];
    }
    return $ret;
}
<?php 
ob_start();
require '../setup.php';
require $GLOBALS['root'] . '../../database.php';
ob_end_clean();
// supresses output.
if (!loginCheck($session)) {
    echo "Error: You're not signed in";
    $_SESSION['ERROR'] = "unsubscribehandler.php failed to verify that you are signed in";
} else {
    if (isset($_POST['key'])) {
        $key = $_POST['key'];
        $sql = 'DELETE FROM endpoints WHERE user_id="' . $_SESSION['ID'] . '" AND id="' . $key . '";';
        $result = query($sql);
    } else {
        echo "Error: Nothing recieved";
        $_SESSION['ERROR'] = "subscribehandler.php recieved nothing";
    }
}
Beispiel #11
0
if (strcmp(getCommand(), "insertToSQL") == 0) {
    $nameToInsert = $_POST['username'];
    $passToInsert = $_POST['password'];
    insertToSQL($nameToInsert, $passToInsert, SQLConnect(), "LoginSystem");
} else {
    if (strcmp(getCommand(), "getFromSQL") == 0) {
        getFromSQL(SQLConnect(), "LoginSystem");
    } else {
        if (strcmp(getCommand(), "updateSQL") == 0) {
            $nameToUpdate = $_POST['username'];
            $passToUpdate = $_POST['password'];
            /* needs the new ones too, deal with that later */
            updateSQL($nameToUpdate, $passToUpdate, SQLConnect());
        } else {
            if (strcmp(getCommand(), "loginCheck") == 0) {
                $name = $_POST['username'];
                $pass = $_POST['password'];
                loginCheck($name, $pass, SQLConnect());
            } else {
                if (strcmp(getCommand(), "deleteFromSQL") == 0) {
                    $name = $_POST['username'];
                    echo $name;
                    deleteFromSQL($name, SQLConnect());
                } else {
                    die("Invalid command.");
                    /* die prints a message, in the bracket and exits the script */
                }
            }
        }
    }
}
Beispiel #12
0
                            }
                        }
                    }
                }
            }
        } else {
            if ($wants == "films") {
                $filmnight_id = getCurrentFilmNight();
                $selections = [];
                if (loginCheck($session)) {
                    $selections = getSelectedFilmsInUserOrder($filmnight_id, $_SESSION['ID']);
                }
                echo json_encode(["status" => "success", "filmList" => $selections, "hasVoted" => $selections[1]["voted"] == "1"]);
            } else {
                if ($wants == "votes") {
                    $results = [];
                    if (loginCheck($session) == "admin" && status() == "voting" && !isset($_GET["night"])) {
                        $results = getResults(getCurrentFilmNight());
                    } else {
                        $results = getResults(getCurrentResultsFilmNight());
                    }
                    echo json_encode(["status" => "success", "votes" => $results]);
                } else {
                    echo '{"status": "error", "error": "Don\'t know how to get ' . $wants . '"}';
                }
            }
        }
    }
} else {
    echo '{"status": "error", "error": "Nothing Received"}';
}
Beispiel #13
0
<script type="text/javascript">
/* validation */
$(document).ready(function(){ $("#login").validate();});
</script>

<?php 
if ($_POST) {
    $username = $_POST["username"];
    $password = md5($_POST["password"]);
    $adminlanguage = $_POST["admin_language"];
    $result = loginCheck($username, $password, $adminlanguage);
    // Include language file
    $admin_lang = $_SESSION["site_admin_language"];
    if ($admin_lang) {
        include DOCUMENT_ROOT . "/system/language/admin_" . $admin_lang . ".php";
    } else {
        include DOCUMENT_ROOT . "/system/language/admin_en.php";
    }
    if ($result == "Success") {
        set_response_mes(1, $admin_language['successfullylogged']);
        url_redirect(DOCROOT . "admin/profile/");
    } else {
        if ($result == "Blocked") {
            set_response_mes(1, $admin_language['loginblocked']);
            url_redirect(DOCROOT . "admin/login/");
        } else {
            set_response_mes(-1, $admin_language['usernameorpasswordincorrect']);
            url_redirect(DOCROOT . "admin/login/");
        }
    }
}
    if (empty($username)) {
        $errors[] = "Please input your username";
    }
    if (checkUser($username) === false) {
        $errors[] = "That username does not exist in our database.";
    }
    $passCheck = checkPassword($username, $password);
    if ($passCheck === false) {
        $errors[] = "Your password is incorrect. Please try again.";
    }
}
if (!empty($errors)) {
    foreach ($errors as $error) {
        $return['error'] = true;
        $return['msg'] = $error;
    }
} else {
    $ua = getBrowser();
    $browser = $ua['name'] . ' ' . $ua['version'];
    $os = $ua['platform'];
    loginCheck($username);
    loginLog($passCheck, $browser, $os);
    $random = rand(1000000000, 9999999999.0);
    $sec = sha1(base64_encode($random));
    $_SESSION['securedid'] = $sec;
    $_SESSION['uid'] = $passCheck;
    $url = "index.php";
    $return['error'] = false;
    $return['msg'] = $url;
}
echo json_encode($return);
Beispiel #15
0
function loginController($action)
{
    switch ($action) {
        case 10:
            // 로그인 관련 처리 액션
            header("location:../view/MainView.php?action={$action}");
            //콘트롤러 재호출
            break;
        case 11:
            // 로그인 처리 액션
            $userID = $_REQUEST['user_id'];
            $userPW = $_REQUEST['user_pwd'];
            $resultArr = loginCheck($userID, $userPW);
            if ($resultArr['code'] == 1) {
                $_SESSION['loginID'] = $userID;
                $_SESSION['userLevel'] = $resultArr['level'];
                $action = 0;
            } else {
                if ($resultArr['code'] == -1) {
                    $action = 10;
                } else {
                    if ($resultArr['code'] == -2) {
                        $action = 10;
                    } else {
                        $action = 10;
                    }
                }
            }
            header("location:./MainCTL.php?action={$action}");
            break;
        case 12:
            // 로그아웃 처리 액션
            unset($_SESSION['loginID']);
            unset($_SESSION['userLevel']);
            session_destroy();
            $msg = "로그 아웃 처리 되었습니다.";
            $_SESSION['msg'] = $msg;
            $action = 0;
            header("location:../view/MainView.php?action={$action}");
            break;
        case 13:
            // 회원정보 입력 뷰로 디다이렉트
            header("location:../view/MainView.php?action={$action}");
            break;
        case 14:
            // 회원정보 입력 처리 액션
            $data['id'] = isset($_REQUEST['user_id']) ? $_REQUEST['user_id'] : null;
            $data['password'] = isset($_REQUEST['user_pwd']) ? $_REQUEST['user_pwd'] : null;
            $data['name'] = isset($_REQUEST['user_name']) ? $_REQUEST['user_name'] : null;
            $data['tel'] = isset($_REQUEST['user_tel']) ? $_REQUEST['user_tel'] : null;
            $result = insertMember($data);
            if ($result) {
                $msg = "회원정보를 정상적으로 입력 하였습니다.";
                //성공메시지 뷰로 리다이렉트
            } else {
                $msg = "회원정보 입력에 오류가 발생 하였습니다.";
                //다시 입력하도록 실패메시지 뷰로 리다이렉트
            }
            $_SESSION['msg'] = $msg;
            $action = 0;
            header("location:../view/MainView.php?action={$action}");
            break;
        default:
            header("location:../view/MainView.php?action={$action}");
            break;
    }
}
Beispiel #16
0
?>

<script type = "text/javascript">
/* validation */
$(document).ready(function(){$("#login").validate();});

</script>

<?php 
if ($_SESSION["userid"]) {
    url_redirect(DOCROOT . "profile.html");
}
if ($_POST['submit'] == $language['login']) {
    $username = $_POST["username"];
    $password = md5($_POST["password"]);
    $result = loginCheck($username, $password);
    if ($result == "Success") {
        set_response_mes(1, $language['login_success']);
        $reference_url = $_SESSION["ref"];
        $_SESSION["ref"] = "";
        if ($reference_url) {
            url_redirect($reference_url);
        } else {
            url_redirect(DOCROOT . "profile.html");
        }
    } else {
        set_response_mes(-1, $language['password_incorrect']);
        url_redirect(DOCROOT . "login.html");
    }
}
?>
Beispiel #17
0
<?php

include 'setup.php';
$permission = loginCheck($session);
include 'head.php';
head('Film Night Admin Console');
?>
<body>
<?php 
include 'top-nav.php';
?>
<div id="container">;
<?php 
if (loginCheck($session, TRUE) == "admin") {
    echo "<script>window.onload = function() { closeClapper(); setTimeout(shrinkHeader, 500); };</script>";
    echo "<p>Connected successfully";
    echo "<br>";
    echo "Current time:<br>";
    $now = date('Y-m-d H:i:s');
    echo $now;
    echo "<br>Current status:<br>";
    echo status();
    $times = getFilmNights();
    if ($times != "None") {
        echo "</p><table>";
        echo "<tr><td>ID</td><td>Roll Call Start</td><td>Roll Call End</td><td>Voting Start</td><td>Voting End</td><td>Results Start</td><td>Results End</td></tr>";
        foreach ($times as &$time) {
            echo "<tr>";
            echo "<td>" . $time[0] . "</td><td>" . $time[1] . "</td><td>" . $time[2] . "</td><td>" . $time[3] . "</td><td>" . $time[4] . "</td><td>" . $time[5] . "</td><td>" . $time[6] . "</td>";
            echo "</tr>";
        }
 * developed to meet the specific data and security requirements of the
 * application.
 *
 * THIS CODE AND INFORMATION ARE PROVIDED "AS IS" WITHOUT WARRANTY OF ANY
 * KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND/OR FITNESS FOR A
 * PARTICULAR PURPOSE.
 */
// start session and some helper functions
include "include/session.php";
// credential service proxy classes and soapclient
include "api/CredentialService.php";
// api service proxy classes and soapclient
include "api/APIService.php";
// redirect to setup page if we aren't logged in
loginCheck("../login.php");
// get Integrator Key from credentials.ini
$ini_array = parse_ini_file("integrator.php");
$IntegratorsKey = $ini_array["IntegratorsKey"];
// setup api connection
$api_endpoint = "https://demo.docusign.net/api/3.0/api.asmx";
$api_wsdl = "api/APIService.wsdl";
$api_options = array('location' => $api_endpoint, 'trace' => true, 'features' => SOAP_SINGLE_ELEMENT_ARRAYS);
$api = new APIService($api_wsdl, $api_options);
// set credentials on the api object - if we have an integrator key then we prepend that to the UserID
if (isset($IntegratorsKey) && $IntegratorsKey != "") {
    $api->setCredentials($IntegratorsKey . $_SESSION["UserID"], $_SESSION["Password"]);
} else {
    $api->setCredentials($_SESSION["UserID"], $_SESSION["Password"]);
}
$RequestStatusesParams = new RequestStatuses();
Beispiel #19
0
 * This source code is intended only as a supplement to DocuSign SDK
 * and/or on-line documentation.
 * This sample is designed to demonstrate DocuSign features and is not intended
 * for production use. Code and policy for a production application must be
 * developed to meet the specific data and security requirements of the
 * application.
 *
 * THIS CODE AND INFORMATION ARE PROVIDED "AS IS" WITHOUT WARRANTY OF ANY
 * KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND/OR FITNESS FOR A
 * PARTICULAR PURPOSE.
 */
// start session and some helper functions
include "include/session.php";
// redirect to setup page if we aren't logged in
loginCheck("login.php");
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"><head>

    
        <title>InsuranceCo</title>
        <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
        <script type="text/javascript" src="scripts/jquery-1.4.1.min.js"></script>
        <script type="text/javascript" src="scripts/webservice-status.js"></script>
        <link rel="stylesheet" type="text/css" href="css/style.css">
    </head><body>
        <div class="header" style=" background:url(images/fond.jpg); background-repeat:repeat-x; background-position:top">
            <div class="floatLeft">
                <img src="images/logo.png" alt="InsuranceCo - Insuring the security of your future">
            </div>            
Beispiel #20
0
/**
 * Controlling vars
 */
$returnLocation = "../medical/patient_search_form.php";
/**
 * Checking for post vars. Go back to form if none found.
 */
if (count($_POST) == 0) {
    header("Location: " . $returnLocation);
    exit;
}
/**
 * Checking permissions
 */
require_once "../auth/login_check.php";
loginCheck(OPEN_PROFILE_ADMINISTRATIVE);
require_once "../lib/Form.php";
Form::compareToken('../medical/patient_search_form.php');
require_once "../model/Query/History.php";
require_once "../model/Query/Page/Patient.php";
require_once "../model/Query/Relative.php";
// referencial integrity
require_once "../model/Query/DelPatient.php";
require_once "../model/Query/Page/Problem.php";
// referencial integrity
require_once "../model/Query/DelProblem.php";
// referencial integrity
require_once "../model/Query/Page/Record.php";
/**
 * Retrieving post vars
 */
Beispiel #21
0
function easyRegister($userid, $firstname, $lastname, $email, $image, $login_type)
{
    if ($login_type == '2') {
        $queryString = "select username,password from coupons_users where username='******' ";
    } else {
        $queryString = "select username,password from coupons_users where email='" . $email . "' and login_type='" . $login_type . "'";
    }
    $resultSet = mysql_query($queryString);
    if (mysql_num_rows($resultSet) > 0) {
        $noticia = mysql_fetch_array($resultSet);
        loginCheck($noticia['username'], $noticia['password']);
    } else {
        if (!empty($email)) {
            $query_email = "select email from coupons_users where email='" . $email . "'";
            $result_email = mysql_query($query_email);
            if (mysql_num_rows($result_email) > 0) {
                set_response_mes(-1, 'Email Already Exist');
                ?>
<script type="text/javascript">
					window.opener.location = '/';  
					window.close();
					</script>
					<?php 
                exit;
            }
        }
        $roleid = 4;
        $uid = maxUserId() + 1;
        $ranval = referral_ranval();
        $firstname = htmlentities($firstname, ENT_QUOTES);
        $lastname = htmlentities($lastname, ENT_QUOTES);
        $queryString = "insert into coupons_users\n                         (username,password,email,user_role,created_by,created_date,user_status,firstname,lastname,referral_id,login_type) values\n                         ('{$userid}','798449d5cc26268f9a3aaa356b639ca6','{$email}',{$roleid},{$uid},now(),'A','{$firstname}','{$lastname}','{$ranval}','{$login_type}')";
        $resultset = mysql_query($queryString) or die(mysql_error());
        $insert_id = mysql_insert_id();
        $img = DOCUMENT_ROOT . '/uploads/profile_images/' . $insert_id . '.jpg';
        $user_img = file_get_contents($image);
        file_put_contents($img, $user_img);
        loginCheck($userid, '798449d5cc26268f9a3aaa356b639ca6');
    }
}
Beispiel #22
0
<?php

/*
SQL Buddy - Web based MySQL administration
http://www.sqlbuddy.com/
import.php
- import from file
MIT license
2008 Calvin Lough <http://calv.in>
*/
include "functions.php";
loginCheck();
?>

<div class="import">
	
	<div id="importMessage" style="display: none; margin-bottom: 11px"></div>
	
	<h4><?php 
echo __("Import");
?>
</h4>
	
	<form id="importForm" onsubmit="startImport()" action="ajaximportfile.php?db=<?php 
if (isset($db)) {
    echo $db;
}
?>
&table=<?php 
if (isset($table)) {
    echo $table;
Beispiel #23
0
 * @package   OpenClinic
 * @copyright 2002-2008 jact
 * @license   http://www.gnu.org/copyleft/gpl.html GNU GPL
 * @version   CVS: $Id: test_list.php,v 1.37 2008/03/23 12:00:18 jact Exp $
 * @author    jact <*****@*****.**>
 */
/**
 * Controlling vars
 */
$tab = "medical";
$nav = "problems";
/**
 * Checking permissions
 */
require_once "../auth/login_check.php";
loginCheck(OPEN_PROFILE_DOCTOR, false);
// Not in DEMO to prevent users' malice
require_once "../model/Query/Test.php";
require_once "../model/Patient.php";
require_once "../model/Problem.php";
/**
 * Retrieving vars (PGS)
 */
$idProblem = Check::postGetSessionInt('id_problem');
$idPatient = Check::postGetSessionInt('id_patient');
$patient = new Patient($idPatient);
if ($patient->getName() == '') {
    FlashMsg::add(_("That patient does not exist."), OPEN_MSG_ERROR);
    header("Location: ../medical/patient_search_form.php");
    exit;
}
Beispiel #24
0
<?php

include '../setup.php';
require $root . '../../database.php';
$permission = loginCheck($session);
if ($permission != FALSE && status() == "voting" || $permission == "admin") {
    ?>
<div id="background" style="width:94%;background:#d5d5d5;padding:3%;">
  <div id="cards"></div>
  <div style="margin:auto;width:50%;display:flex;justify-content:space-around">
    <button type="button" id="submit" style="flex-basis:40%" >Submit Vote</button>
    <button type="button" id="withdraw" style="flex-basis:40%" >Withdraw Vote</button>
  </div>
</div>
<?php 
}
Beispiel #25
0
<?php

ob_start();
require '../setup.php';
ob_end_clean();
// supresses output.
if (loginCheck($session) == "admin") {
    if (isset($_POST['updateID'])) {
        $sql = 'INSERT INTO timings
            VALUES (' . $_POST['updateID'] . ',"' . $_POST['roll_call_start'] . '","' . $_POST['roll_call_end'] . '","' . $_POST['voting_start'] . '","' . $_POST['voting_end'] . '"
            ,"' . $_POST['results_start'] . '", "' . $_POST['results_end'] . '")
            ON DUPLICATE KEY UPDATE
            Roll_Call_Start=VALUES(Roll_Call_Start),
            Roll_Call_End=VALUES(Roll_Call_End),
            Voting_Start=VALUES(Voting_Start),
            Voting_End=VALUES(Voting_End),
            Results_Start=VALUES(Results_Start),
            Results_End=VALUES(Results_End)';
        $result = query($sql);
        if ($result == 1) {
            header("location: ../admin-console.php");
        } else {
            echo "Something went wrong. SQL call:<br>" . $sql . "<br>Result:<br>" . $result;
            $_SESSION['ERROR'] = "adminhandler.php went wrong. SQL call:<br>" . $sql . "<br>Result:<br>" . $result;
        }
    } else {
        echo "ERROR: Unknown request";
        $_SESSION['ERROR'] = "adminhandler.php reported an unknown request";
    }
} else {
    echo "You do not have sufficient permissions to do this";