$database = true; } } else { // at /schedule/ $_SESSION['page'] = 'schedule'; display_header("My Schedule"); if (!empty($_SESSION['notice'])) { ?> <p class="info_notice fadeout"><?php echo $_SESSION['notice']; ?> <a href="#" class="js closebutton imagelink" ><img src="/images/x.png" /></a></p> <?php $_SESSION['notice'] = ''; } $sql = sprintf_escape("SELECT * FROM " . TABLE_PREFIX . "schedules WHERE user_id=%u LIMIT 1", $_SESSION['user_id']); $result = mysql_query($sql) or trigger_error('Query failed: ' . mysql_error(), E_USER_ERROR); $row = mysql_fetch_assoc($result); if (mysql_num_rows($result) === 1) { ?> <p>Below is your schedule. <a href="/schedule/edit">Click here to edit.</a></p> <?php print_schedule(true); } else { header("Location: " . BASE . "schedule/edit"); exit; } } if ($display_form) { ?> <p>Fill out your schedule by entering the ID numbers of the classes you are taking in the boxes. Then select the teacher you have for that class.
} ini_set('session.gc_maxlifetime', 1440); ini_set('session.gc_probability', 100); ini_set('session.gc_probability', 999); // start output buffering with gzip encoding if available if (substr_count($_SERVER['HTTP_ACCEPT_ENCODING'], 'gzip')) { ob_start("ob_gzhandler"); } else { ob_start(); } session_name('sched_session'); session_start(); if (isset($_COOKIE['sched_user']) && $_SESSION['logged_in'] != true) { require_once MYSQL; $cookie = explode(',', $_COOKIE['sched_user']); $sql = sprintf_escape("SELECT user_id, email, first_name, pass FROM " . TABLE_PREFIX . "users WHERE user_id='%u' AND pass='******' LIMIT 1", $cookie[0], $cookie[1]); $result = mysql_query($sql) or trigger_error('Query failed: ' . mysql_error(), E_USER_ERROR); if (mysql_num_rows($result) === 1 && $cookie[2] === md5(md5($_SERVER['HTTP_USER_AGENT']) . SALT)) { $row = mysql_fetch_assoc($result); $_SESSION['logged_in'] = true; $_SESSION['user_id'] = $row['user_id']; $_SESSION['first_name'] = $row['first_name']; $_SESSION['email'] = $row['email']; $_SESSION['user-agent'] = md5(md5($_SERVER['HTTP_USER_AGENT']) . session_id() . SALT); } else { // information in cookie is wrong. Cookie is bad, force logout and destroy cookie $_SESSION['logged_in'] = false; $domain = $_SERVER['HTTP_HOST'] != 'localhost' ? $config['basedomain'] : false; setcookie('sched_user', '', time() - 42000, '/', $domain, 0, 0); } }
function schedule_compare($user_id_1, $user_id_2) { require_once MYSQL; $sql = sprintf_escape("SELECT t1_h1, t1_h2, t1_h3, t1_h4, t2_h1, t2_h2, t2_h3, t2_h4, t3_h1, t3_h2, t3_h3, t3_h4, t4_h1, t4_h2, t4_h3, t4_h4 FROM " . TABLE_PREFIX . "schedules WHERE user_id=%u OR user_id=%u LIMIT 2", $user_id_1, $user_id_2); $result = mysql_query($sql) or trigger_error('Query failed: ' . mysql_error(), E_USER_ERROR); if (mysql_num_rows($result) !== 2) { return false; } $same = array_intersect_assoc(mysql_fetch_assoc($result), mysql_fetch_assoc($result)); foreach ($same as $hour => $class) { $sql = sprintf_escape("SELECT `class-teacher_1`, `class-teacher_2` FROM `" . TABLE_PREFIX . "class-hours` WHERE combo_id=%u", $class); $result = mysql_query($sql) or trigger_error('Query failed: ' . mysql_error(), E_USER_ERROR); $row = mysql_fetch_assoc($result); $sql = sprintf_escape("SELECT c.class_id, c.class_name, CONCAT(t.last_name, ', ', t.first_name) AS teacher_name FROM `" . TABLE_PREFIX . "classes-teachers` as ct\n\t\t\tINNER JOIN classes AS c USING(class_id)\n\t\t\tINNER JOIN teachers AS t USING(teacher_id)\n\t\t\tWHERE `class-teacher_id`=%u OR `class-teacher_id`=%u LIMIT 2", $row['class-teacher_1'], $row['class-teacher_2']); $result = mysql_query($sql) or trigger_error('Query failed: ' . mysql_error(), E_USER_ERROR); while ($row = mysql_fetch_assoc($result)) { if (empty($row['class_name'])) { $row['class_name'] = 'Open Hour'; } preg_match('/^t([0-9])+/i', $hour, $matches); $term = $matches[1]; preg_match('/_h([0-9])+$/i', $hour, $matches); $real_hour = $matches[1]; $output[(int) $row['class_id']] = array('name' => $row['class_name'], 'teacher' => $row['teacher_name'], 'term' => (int) $term, 'hour' => (int) $real_hour); } } if (empty($output)) { $output = false; } return $output; }