<?php
session_start();
include "includes/library.inc.php";
include "includes/sql_connect.php";
select_forms();
head_std("Leagues");
body_top();
if (isset($_SESSION['fixtureID'])) {
echo "<div align=center>\n";
echo "<table><tr><td valign=top>\n";
viewtable($_SESSION['fixtureID']);
t_gate_stat($_SESSION['fixtureID']);
t_winnings_worst($_SESSION['fixtureID']);
echo "<table><tr><td>\n";
t_offense_best($_SESSION['fixtureID']);
echo "\n</td><td>\n";
t_offense_worst($_SESSION['fixtureID']);
echo "\n</td></tr></table>\n";
echo "<table><tr><td>\n";
t_cas_best($_SESSION['fixtureID']);
echo "\n</td><td>\n";
t_cas_worst($_SESSION['fixtureID']);
echo "\n</td></tr></table>\n";
t_winnings_stat($_SESSION['fixtureID']);
echo "\n</td><td valign=top>\n";
viewresults($_SESSION['fixtureID'], 3);
echo "\n</td></tr></table>\n";
echo "</div>\n";
}
echo "</body>\n</html>";
<td bgcolor="#ffffff" align=center>
<?php
if (isset($_SESSION['divisionid'])) {
$q_division = 'SELECT t_league_name , t_season_name , t_division_name FROM t_division d , t_season s , t_league l ' . ' WHERE d . t_division_ID = ' . $_SESSION['divisionid'] . ' AND d . t_season_ID = s . t_season_ID ' . ' AND s . t_league_ID = l . t_league_ID LIMIT 0, 30 ';
$r_division = mysql_query($q_division) or die("Division query failed");
$n_division = mysql_fetch_array($r_division);
$division_name = $n_division[1];
// Display the selected league, season and division*/
echo "<b><i>League: " . $n_division['t_league_name'] . " / Season: " . $n_division['t_season_name'] . " / Division: " . $n_division['t_division_name'] . "</i></b>\n";
?>
<tr>
<td valign=top colspan=2 align=center>
<?php
// :::Display table
viewtable($_SESSION['divisionid']);
?>
<br>
<table summary="Results table" bgcolor=#ffffff border=1 cellpadding=0 cellspacing=0>
<tr>
<td colspan=9 align=center><b><i>Results</i></b></td>
</tr>
<tr>
<th>Date</th>
<th align=left>Home</th>
<th align=left>Visitors</th>
<th>Touchdowns</th>
<th>Casualities</th>
<th>Gate</th>
<th>Winnings (H)</th>
<th>Winnings (V)</th>
while ($row = mysqli_fetch_array($result)) {
if ($row["cookie_value"] == $_COOKIE["login"]) {
viewtable($row["secret"]);
}
}
mysqli_close($con);
}
if (isset($_POST["submit"])) {
$email = $_POST["email"];
$password = sha1($_POST["password"]);
$con = mysqli_connect($db_server, $db_username, $db_password, $db_dbname);
$result = mysqli_query($con, 'SELECT * FROM `passwordmanager` WHERE 1');
while ($row = mysqli_fetch_array($result)) {
if ($row["email"] == $email && $row["password"] == $password) {
$cookie_value = sha1(rand(0, 999999999999));
mysqli_query($con, 'UPDATE `passwordmanager` SET `cookie_value`="' . $cookie_value . '" WHERE `userid`= "' . $row["userid"] . '"');
setcookie("login", $cookie_value, null);
//https://davidwalsh.name/php-cookies
viewtable($row["secret"]);
}
}
mysqli_close($con);
}
function viewtable($secret)
{
$data = explode("=", $secret);
echo "<script type='text/javascript'>document.getElementById('form').style.display = 'none'</script>";
echo "<script type='text/javascript'>document.getElementById('secret').style.display = 'inline'</script>";
echo "<script type='text/javascript'>document.getElementById('website').innerHTML = '" . $data[0] . "'</script>";
echo "<script type='text/javascript'>document.getElementById('secret_password').innerHTML = '" . $data[1] . "'</script>";
}
