function display_form($name, $place, $choices)
{
printf("<form method=\"post\" action=\"%s\">\n", script_name());
hidden_field("name", $name);
hidden_field("place", $place);
hidden_field("choices", implode("#", $choices));
printf("Where was %s born?<br /><br />\n", htmlspecialchars($name));
for ($i = 0; $i < 5; $i++) {
radio_button("response", $choices[$i], $choices[$i], FALSE);
print "<br />\n";
}
print "<br />\n";
submit_button("submit", "Submit");
print "</form>\n";
}
public function display_profile()
{
$userid = $this->id;
$username = $this->username;
$maxwebsites = $this->maxwebsites;
$fullnames = $this->full_names;
$phone = $this->phone;
$user_website = $this->website;
$email = $this->email;
if (isset($_SESSION['last_visit'])) {
$last_visit = $_SESSION['last_visit'];
} else {
$last_visit = $this->last_visit;
}
$register_date = $this->joined_date;
$status = $this->status;
$group = $this->group;
$date = getdate();
//date_add($date, date_interval_create_from_date_string('90 days')); //only available in PHP 5.3.0
date_modify($date, '+ 90 days');
$renewdate = date_format($date, 'Y-m-d');
$userlanguage = $this->language;
$profilemsg = file_get_contents('pages' . DS . 'profile_message.php');
$statuslink = '';
if ($this->status_id == '0') {
if ($this->group == 'User') {
$statuslink = ' - ' . text_link(script_name() . '?activate', translate('Activate your account', sz_config('language'))) . help_icon(translate('Activation is free. Click here to activate your account. Once you account is active you will be able to create your first website.', sz_config('language')));
} else {
$statuslink = ' - ' . text_link(script_name() . '?activate' . translate('Activate your account', sz_config('language'))) . help_icon(translate('Click here to activate your account. Once you account is active you will be able to create your first website.', sz_config('language')));
}
} elseif ($this->status_id == '3') {
$statuslink = ' - ' . text_link('mailto:' . sz_config('email'), translate('Please email us.', sz_config('language')));
}
include_once sz_config('base_path') . 'themes' . DS . sz_config('theme') . DS . 'views' . DS . 'profile.php';
}
<?php
if (STYLESHEET_BASE) {
$ss = STYLESHEET_BASE . "/style.css";
print "<link rel='StyleSheet' href='{$ss}' type='text/css'/>";
}
?>
</heaD>
<body>
<?php
$d = get_dir($n = dirname($_SERVER['SCRIPT_FILENAME']));
asort($d);
foreach ($d as $e) {
if (preg_match('/jpg|jpeg$/i', $e)) {
$ee = rawurlencode($e);
// print("<div class='image'><a target='view' href='".script_name()."?show=$ee'><img src='".php_self()."?thumb=$ee' alt='$e' /><br />$e</a></div>");
print "<p><a target='view' href='" . script_name() . "?show={$ee}'>" . preg_replace('/.jpeg$|.jpg$/i', '', $e) . "</a></p>";
} elseif (is_dir($n . '/' . $e) and file_exists($n . '/' . $e . '/index.php')) {
print "<p><a href='../{$e}/index.php/index-frame'>{$e}</a></p>";
} elseif (is_dir($n . '/' . $e)) {
print "<p><a href='../{$e}/'>{$e}</a></p>";
}
}
?>
</body>
</html>
<?php
} elseif ($_SERVER['PATH_INFO'] == '/view-frame') {
print doctype("XHTML/1.0") . "\n";
?>
<html>
<head><title></title>
function update_entry($dbh)
{
# Get script parameters; trim whitespace from the ID, but not
# from the password, because the password must match exactly,
# or from the row, because it is an array.
$member_id = trim(script_param("member_id"));
$password = script_param("password");
$row = script_param("row");
$member_id = trim($member_id);
if (empty($member_id)) {
die("No member ID was specified\n");
}
if (!ctype_digit($member_id)) {
# must look like integer
die("Invalid member ID was specified (must be an integer)\n");
}
if (!check_pass($dbh, $member_id, $password) && !check_pass($dbh, 0, $password)) {
die("Invalid password\n");
}
# Examine the metadata for the member table to determine whether
# each column allows NULL values. (Make sure nullability is
# retrieved in uppercase.)
$stmt = "SELECT COLUMN_NAME, UPPER(IS_NULLABLE)\n FROM INFORMATION_SCHEMA.COLUMNS\n WHERE TABLE_SCHEMA = ? AND TABLE_NAME = ?";
$sth = $dbh->prepare($stmt);
$sth->execute(array("sampdb", "member"));
$nullable = array();
while ($info = $sth->fetch()) {
$nullable[$info[0]] = $info[1] == "YES";
}
# Iterate through each field in the form, using the values to
# construct an UPDATE statement that contains placeholders, and
# the array of data values to bind to the placeholders.
$stmt = "UPDATE member ";
$delim = "SET";
$params = array();
foreach ($row as $col_name => $val) {
$stmt .= "{$delim} {$col_name}=?";
$delim = ",";
# if a form value is empty, update the corresponding column value
# with NULL if the column is nullable. This prevents trying to
# put an empty string into the expiration date column when it
# should be NULL, for example.
$val = trim($val);
if (empty($val)) {
if ($nullable[$col_name]) {
$params[] = NULL;
} else {
$params[] = "";
}
# enter empty string
} else {
$params[] = $val;
}
}
$stmt .= " WHERE member_id = ?";
$params[] = $member_id;
$sth = $dbh->prepare($stmt);
$sth->execute($params);
printf("<br /><a href=\"%s\">Edit another member record</a>\n", script_name());
}
function display_scores($dbh)
{
# Get event ID number, which must look like an integer
$event_id = script_param("event_id");
if (!ctype_digit($event_id)) {
die("Bad event ID\n");
}
# Select scores for the given event
$stmt = "\n SELECT\n student.student_id, student.name, grade_event.date,\n score.score AS score, grade_event.category\n FROM student\n INNER JOIN grade_event\n LEFT JOIN score ON student.student_id = score.student_id\n AND grade_event.event_id = score.event_id\n WHERE grade_event.event_id = ?\n ORDER BY student.name";
$sth = $dbh->prepare($stmt);
$sth->execute(array($event_id));
# fetch the rows into an array so we know how many there are
$rows = $sth->fetchAll();
if (count($rows) == 0) {
die("No information was found for the selected event\n");
}
printf("<form method=\"post\" action=\"%s?action=%d&event_id=%d\">\n", script_name(), ENTER_SCORES, $event_id);
# print scores as an HTML table
for ($row_num = 0; $row_num < count($rows); $row_num++) {
$row = $rows[$row_num];
# Print event info and table heading preceding the first row
if ($row_num == 0) {
printf("Event ID: %d, Event date: %s, Event category: %s\n", $event_id, $row["date"], $row["category"]);
print "<br /><br />\n";
print "<table border=\"1\">\n";
print "<tr>\n";
display_cell("th", "Name");
display_cell("th", "Score");
print "</tr>\n";
}
print "<tr>\n";
display_cell("td", $row["name"]);
$col_val = sprintf("<input type=\"text\" name=\"score[%d]\"", $row["student_id"]);
$col_val .= sprintf(" value=\"%d\" size=\"5\" /><br />\n", $row["score"]);
display_cell("td", $col_val, FALSE);
print "</tr>\n";
}
print "</table>\n";
print "<br />\n";
print "<input type=\"submit\" name=\"submit\" value=\"Submit\" />\n";
print "</form>\n";
}
