function login($username, $password)
{
$con = getConnection::connectToDatabase();
getConnection::selectDatabase($con);
try {
$num = Alumni_Detail::getNoOfAlumni($username, $password);
if ($num == 1) {
$alu = Alumni_Detail::getAlumniObject($username);
if ($alu->alumni_status == 1) {
session_start();
$_SESSION['alumniuser'] = $alu;
return 1;
} else {
return 2;
}
} else {
return 0;
getConnection::closeConnection($con);
}
} catch (Exception $e) {
echo 'Message: ' . $e->getMessage();
getConnection::closeConnection($con);
}
}
<?php
if (!isset($_SERVER['HTTP_REFERER'])) {
header("location: ../../access_denied.php?data=You don't have direct access to this page");
}
require_once '../../db/alumni_detail.php';
require_once '../../db/site_log_class.php';
require_once '../../db/user_class.php';
session_start();
if (!isset($_GET['id'])) {
die("go first to alumni management page.");
}
$id = $_GET['id'];
//session_start();
$a = Alumni_Detail::ApproveAlumni($id);
echo $a;
$_SESSION['answer'] = $a;
$l = new site_log(NULL, NULL, $_SESSION['user']->username, $_SERVER['REMOTE_ADDR'], $id . " alumni approved");
$l->insertlog();
header('Location: ../../alumni_user_manage_detail.php');
header("location:../../../talumniportal/login.php");
}
require_once '../../db/site_log_class.php';
require_once '../../db/user_class.php';
$lu = Alumni_Detail::getAlumniObject($_SESSION['alumniuser']->alumni_uname);
define('INCLUDE_CHECK', true);
if (isset($_POST['opassword'])) {
$oldpassword = $_POST['opassword'];
} else {
die("Enter old Password");
}
if (sha1($oldpassword) != $lu->alumni_password) {
die("wrong current password");
}
if (isset($_POST['password'])) {
$password = $_POST['password'];
} else {
die("Enter new Password");
}
if (isset($_POST['confirmPassword'])) {
$cpassword = $_POST['confirmPassword'];
} else {
die("Enter Confirm Password");
}
if ($password != $cpassword) {
die("Password mis-match");
}
echo Alumni_Detail::changepass($password, $lu->alumni_uname);
//
$l = new site_log(NULL, NULL, $lu->alumni_uname, $_SERVER['REMOTE_ADDR'], $lu->alumni_first_name . " " . $lu->alumni_last_name . " alumni password changed");
$l->insertlog();
} else {
die("Invalid file extension or file size grater then 2MB.");
}
} else {
$rurl = NULL;
}
$manipulator->save('../../alumni_photos/' . $username . "." . $extension);
$imageurl = "alumni_photos/" . $username . "." . $extension;
}
} else {
die("Invalid photo file");
}
} else {
die("Choose photo.");
}
$alu = new Alumni_Detail($username, $fname, $lname, $email, $linkedin_id, $rurl, $batch, $imageurl, $password, "1");
$res = $alu->InsertAlumni();
if ($res != 1) {
if ($_FILES["file"]["name"]) {
if (file_exists('../../alumni_photos/' . $username . "." . $extension)) {
unlink('../../alumni_photos/' . $username . "." . $extension);
}
}
if ($_FILES["rfile"]["name"]) {
if (file_exists("../../alumni_resume/" . $username . "." . $rextension)) {
unlink("../../alumni_resume/" . $username . "." . $rextension);
}
}
}
echo $res;
//
<?php
if (isset($_POST['page'])) {
$page = $_POST['page'];
} else {
header('Location: index.php');
}
if (trim($page) == "blog") {
if (isset($_POST['id'])) {
$id = $_POST['id'];
}
require_once '../CMS/db/alumni_blog.php';
require_once '../CMS/db/alumni_detail.php';
$blog = Alumni_Blog::getBlogObject($id);
if ($blog === 0) {
die("No blog with this id.");
}
if ($blog->alumni_blog_status == 0 || $blog->alumni_blog_status == "0") {
die("This blog is not approved yet");
}
$alumni = Alumni_Detail::getAlumniObject($blog->alumni_uname);
echo " <h3>Alumni Blog</h3><hr /><br /><div class='articles'>\r\n <article class='clearfix'>\t\t\t\r\n <header>\r\n <span class='post-format-quote'></span>\r\n <h1><a href='BlogPost.php'>" . trim($blog->alumni_blog_subject) . "</a></h1>\r\n <p class='article-meta-extra'> " . date("F jS, Y", strtotime($blog->alumni_blog_date)) . ", by <a href=''>{$alumni->alumni_first_name} {$alumni->alumni_last_name}</a></p>\r\n\r\n </header>\r\n\r\n <figure class='article-preview-image'>\r\n <a href=''><img src='../cms/{$alumni->alumni_photo_url}' alt='Preview image'></a>\r\n </figure>\r\n\r\n <p>" . trim($blog->alumni_blog_detail) . "</p>\r\n\r\n </article> <hr class='fancy-hr'></div>";
}
$imageurl = "alumni_photos/" . $username . "." . $extension;
}
} else {
die("Invalid file extension or file size grater then 2MB.");
}
} else {
$imageurl = $lu->alumni_photo_url;
}
//uploading pdf
if ($_FILES["rfile"]["name"]) {
if ($_FILES["rfile"]["type"] == "application/pdf" && $_FILES["rfile"]["size"] < 2048000) {
$tempr = explode(".", $_FILES["rfile"]["name"]);
$rextension = end($tempr);
// echo "Upload: " . $_FILES["cfile"]["name"] . "<br />";
// echo "Type: " . $_FILES["cfile"]["type"] . "<br />";
// echo "Size: " . ($_FILES["cfile"]["size"] / 1024) . " Kb<br />";
// echo "Temp file: " . $_FILES["cfile"]["tmp_name"] . "<br />";
move_uploaded_file($_FILES["rfile"]["tmp_name"], "../../alumni_resume/" . $username . "." . $rextension);
// echo "Stored in: " . "../resumes/" . $_FILES["cfile"]["name"];
$rurl = "alumni_resume/" . $username . "." . $rextension;
} else {
die("Invalid file extension or file size grater then 2MB.");
}
} else {
$rurl = $lu->alumni_resume_url;
}
$alu = new Alumni_Detail($lu->alumni_uname, $lu->alumni_first_name, $lu->alumni_last_name, $email, $linkedin_id, $rurl, $batch, $imageurl, NULL, "1");
echo $alu->updateAlumni();
//
$l = new site_log(NULL, NULL, $lu->alumni_uname, $_SERVER['REMOTE_ADDR'], $lu->alumni_first_name . " " . $lu->alumni_last_name . " alumni profile update");
$l->insertlog();
<?php
//if(!isset($_SERVER['HTTP_REFERER'])){
// header("location: ../../access_denied.php?data=You don't have direct access to this page");
//}
require_once 'db/alumni_detail.php';
define('INCLUDE_CHECK', true);
if (!isset($_GET['id'])) {
die("go to blog management page");
}
$id = $_GET['id'];
$de = Alumni_Detail::getAlumniObject($id);
if ($de == "No Alumni's are Added Yet") {
die("No Alumni's are Added Yet");
} else {
?>
<image src="<?php
echo $de->alumni_photo_url;
?>
" />
<?php
if ($de->alumni_resume_url != NULL) {
?>
<a href="<?php
echo $de->alumni_resume_url;
?>
" >view resume</a><?php
}
?>
<label for="userName">Username<span style="color:red;">*</span>:</label>
<input type="text" readonly="true" id="userName" value="<?php
<?php
require_once '../CMS/db/user_class.php';
require_once '../CMS/db/alumni_detail.php';
if (!isset($_SESSION)) {
session_start();
}
if (!isset($_SESSION['alumniuser'])) {
header("location:login.php");
}
$lu = Alumni_Detail::getAlumniObject($_SESSION['alumniuser']->alumni_uname);
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8" />
<title>Alumni Portal</title>
<link href='http://fonts.googleapis.com/css?family=Droid+Serif:400italic' rel='stylesheet' type='text/css'>
<link rel="stylesheet" href="../css/alumniportalcss.css" type="text/css" />
<link rel="stylesheet" href="../css/Alumni_Portal.css" type="text/css" />
<script src="//ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js"></script>
<script>window.jQuery || document.write('<script src="../jscript/jquery-1.10.2.min.js"><\/script>')</script>
</head>
<body class="logged-in">
<nav id="admin-bar">
<ul>
<li class="avatar"><a><img src="../CMS/<?php
echo $_SESSION['alumniuser']->alumni_photo_url;
?>
" height="30px" width="30px" /></a></li>
<?php
//if(!isset($_SERVER['HTTP_REFERER'])){
// header("location: ../../access_denied.php?data=You don't have direct access to this page");
//}
require_once 'db/alumni_detail.php';
$a = Alumni_Detail::getAllAlumni(0);
$b = Alumni_Detail::getAllAlumni(1);
if ($a === 0 && $b === 0) {
die("No Alumni are Added Yet");
}
echo "<table><tr><th>User Name</th><th>first Name</th><th>last Name</th><th>batch</th><th colspan='3'>Manage Detail</th></tr>";
if ($a != 0) {
foreach ($a as $arr) {
echo "<tr><td>{$arr->alumni_uname}</td><td>{$arr->alumni_first_name}</td><td>{$arr->alumni_last_name}</td><td>{$arr->alumni_batch}</td><td><a href='alumni_user_view.php?id={$arr->alumni_uname}'>View alumni</a></td><td><a id='delete' href='server/alumni/alumni_delete_detail.php?id={$arr->alumni_uname}'>Delete Alumni</a></td><td><a href='server/alumni/alumni_approve_detail.php?id={$arr->alumni_uname}'>Approve alumni</a></td>";
}
}
if ($b != 0) {
foreach ($b as $arr) {
echo "<tr><td>{$arr->alumni_uname}</td><td>{$arr->alumni_first_name}</td><td>{$arr->alumni_last_name}</td><td>{$arr->alumni_batch}</td><td><a href='alumni_user_view.php?id={$arr->alumni_uname}'>View alumni</a></td><td><a id='delete' href='server/alumni/alumni_delete_detail.php?id={$arr->alumni_uname}'>Delete Alumni</a></td>";
}
}
echo "</table>";
<?php
if (!isset($_SERVER['HTTP_REFERER'])) {
header("location: ../../access_denied.php?data=You don't have direct access to this page");
}
if (isset($_GET['uname']) && $_GET['uname'] != "") {
require_once '../../db/alumni_detail.php';
$r = Alumni_Detail::checkUsernameAvalibility($_GET['uname']);
echo $r;
} else {
die("Enter Username First.");
}
<?php
if (!isset($_SERVER['HTTP_REFERER'])) {
header("location: ../../access_denied.php?data=You don't have direct access to this page");
}
require_once '../../db/alumni_detail.php';
require_once '../../db/site_log_class.php';
require_once '../../db/user_class.php';
session_start();
if (!isset($_GET['id'])) {
die("go first to alumni management page.");
}
$id = $_GET['id'];
//session_start();
$de = Alumni_Detail::getAlumniObject($id);
$a = Alumni_Detail::deleteAlumni($id);
if (file_exists("../../" . $de->alumni_photo_url)) {
unlink("../../" . $de->alumni_photo_url);
}
if (file_exists("../../" . $de->alumni_resume_url)) {
unlink("../../" . $de->alumni_resume_url);
}
$_SESSION['answer'] = $a;
$l = new site_log(NULL, NULL, $_SESSION['user']->username, $_SERVER['REMOTE_ADDR'], $id . " alumni deleted");
$l->insertlog();
header('Location: ../../alumni_user_manage_detail.php');