<?php require_once './includes/configuration.php'; require_once './student/student_controller.php'; $display_message = FALSE; $sc = new Student_controller(); if (isset($_POST['login'])) { $user = sanitize_text($_POST['user']); $pass = sanitize_text($_POST['pass']); $error_msg; if ($sc->validate_username($user) !== 1 || $sc->validate_password($pass) === FALSE) { $error_msg = "Invalid username or password"; $display_message; } else { $answer = $sc->log_member_in($user, $pass); if ($answer !== FALSE && $answer !== TRUE) { $display_message = TRUE; } elseif ($answer === FALSE) { $display_message = TRUE; } } if (isset($_SESSION['logged_in'])) { if (!empty($_SESSION['tried_url'])) { $tried_url = $_SESSION['tried_url']; $_SESSION['tried_url'] = null; ?> <script>window.location = "<?php echo $tried_url; ?> ";</script> <?php
<?php require './includes/configuration.php'; require './student/student_controller.php'; $sc = new Student_controller(); $sc->log_member_out(); ?> <script> window.location = "<?php echo W1BASE; ?> "; </script>
<?php require_once './includes/configuration.php'; require_once './student/student_controller.php'; $sc = new Student_controller(); if (isset($_SESSION['logged_in']) and isset($_GET['id'])) { ?> <script>window.location = "<?php echo BASE; ?> ";</script> <?php die; } $username = ""; $firstname = ""; $lastname = ""; $email = ""; $error_message = ""; if (isset($_POST['join'])) { $username = sanitize_text($_POST['username']); $firstname = sanitize_text($_POST['firstname']); $lastname = sanitize_text($_POST['lastname']); $email = sanitize_email($_POST['email']); //First, let's check if token is correct! $form_token = $_POST['token']; $sess_token = retrieve_session_token(); if ($form_token === $sess_token) { $pass1 = sanitize_text($_POST['password1']); $pass2 = sanitize_text($_POST['password2']); $answer = $sc->create_student($username, $firstname, $lastname, $email, $pass1, $pass2);
die; } $student = new Student($_SESSION['user_id']); if (!isset($_GET['id'])) { if (!isset($_GET['usr'])) { $student_visited = $student; } else { if (sanitize_text(strtolower($_GET['usr'])) == "buddies") { ?> <script>window.location = "<?php echo SERVER . BASE; ?> student/buddies.php";</script> <?php } $sc = new Student_controller(); $user_array = $sc->get_member_with_username(sanitize_text($_GET['usr'])); $student_visited = new Student($user_array['id']); } } else { $student_visited = new Student($_GET['id']); } /* * Setting buddy statuses */ $buddies_pending = FALSE; $buddies = FALSE; if (isset($_POST['becomeBuddy'])) { if ($student_visited->apply_for_buddies($student->get_id())) { $buddies_pending = TRUE; } else {
if (!isset($_GET['s'])) { ?> <script>window.location = "<?php echo BASE; ?> ";</script> <?php die; } else { $search_string = sanitize_text($_GET['s']); if ($_GET['s'] !== $search_string) { //Something is not as it should be! $crooked = true; $message = "You bastard! We've logged your search with ip: " . get_ip_address(); } $sc = new Student_controller(); $search_student_ids = $sc->search_for_student($search_string); } ?> <html> <head> <meta charset="UTF-8"> <title><?php echo $student->get_firstname(); ?> (Member Area)</title> <?php require '../includes/header.php'; ?> </head> <body>
<?php require_once '../includes/configuration.php'; require_once './student_controller.php'; require_once './student.php'; $display_message = FALSE; $we_have_an_answer = false; $sc = new Student_controller(); if (isset($_SESSION['logged_in'])) { ?> <script>window.location = "<?php echo BASE; ?> ";</script> <?php die; } //We're using u, e and c codes from the url... if (isset($_GET['u']) && isset($_GET['e']) && isset($_GET['c'])) { $ready_for_reset = true; } else { $ready_for_reset = false; if (isset($_POST['sendReset'])) { $answer = $sc->please_reset_my_password_because_im_stupid($_POST['user']); $we_have_an_answer = true; } } if ($ready_for_reset === true) { $u = sanitize_text($_GET['u']); $e = sanitize_text($_GET['e']); $c = sanitize_text($_GET['c']);