Ejemplo n.º 1
0
function confirm_user_is_admin()
{
    confirm_logged_in();
    if ($_SESSION['admin'] != 1) {
        redirect_to("index.php");
    }
}
Ejemplo n.º 2
0
<?php

//if returns yes in sched.php this page will be executed
include '../../config/connection.php';
include '../../config/sy.php';
require '../../auth.php';
confirm_logged_in();
check_level();
$course = $_REQUEST['course'];
$yrlvl = $_REQUEST['yrlvl'];
$sem = $_REQUEST['sem'];
$s = mysql_query("SELECT * FROM scheds WHERE course_id='{$course}' AND yrlvl='{$yrlvl}' AND sem='{$sem}'");
while ($t = mysql_fetch_array($s)) {
    $trappings = mysql_query("SELECT * FROM schedules WHERE `subject_id`='{$t['subject_id']}' AND `course_id`='{$t['course_id']}' AND `section_id`='{$t['section_id']}' OR `time_id`='{$t['time_id']}' AND `room_id`='{$t['room_id']}' AND `sy_id`='{$sy['sy_id']}' AND `sem`='{$sem}' ");
    if (mysql_num_rows($trappings) > 0) {
    } else {
        $insert = mysql_query("INSERT INTO schedules(`sched_id`,`subject_id`,`course_id`,`yrlvl`,`time_id`,`section_id`,`room_id`,`size`,`pop`,`sy_id`,`sem`,`status`)VALUES('','{$t['subject_id']}','{$t['course_id']}','{$t['yrlvl']}','{$t['time_id']}','{$t['section_id']}','{$t['room_id']}','{$t['size']}','{$t['pop']}','{$t['sy_id']}','{$t['sem']}','{$t['status']}')");
    }
}
//$deleteexist=mysql_query("DELETE FROM scheds WHERE EXISTS (SELECT * FROM schedules WHERE scheds.sched_id=schedules.sched_id)");
echo "<meta http-equiv='refresh' content='0; url=classmenu.php'><script>alert('Schedules has been set successfully!')</script>";
Ejemplo n.º 3
0
<?php

require_once '../_includes/functions.php';
require_once '../_includes/session.php';
require_once '../_includes/connection.php';
require_once '../_includes/headfoot.php';
require_once '_includes/blog_functions.php';
confirm_logged_in(2);
$url = 'comment.php';
if (isset($_GET['page'])) {
    $url .= '?page=' . $_GET['page'];
}
//decided if someone is friendly
is_friendly($_GET['friendly'], $_SESSION['user_name'], $_COOKIE['friendly'], $url);
if (!isset($_GET['id']) || !is_numeric($_GET['id'])) {
    redirect_to("index.php?error=1");
}
//insert the post into the database
if (isset($_POST['submit'])) {
    $clean_comment = strip_tags($_POST['comment'], '<p><h2><h3><br><a>');
    $html_ready_comment = htmlspecialchars($clean_comment);
    global $connection;
    $query = "INSERT INTO ";
    $query .= " comments (";
    $query .= "author, comment, page_id";
    $query .= ") VALUES (";
    $query .= "'{$_SESSION['user_name']}', '{$html_ready_comment}', '{$_GET['id']}')";
    $result = mysql_query($query, $connection);
    redirect_to('ind_blog.php?page=' . $_GET['id'] . '&msg=1');
}
?>
Ejemplo n.º 4
0
<?php

require_once '../_includes/connection.php';
require_once '_includes/header_footer_blog.php';
require_once '../_includes/functions.php';
require_once '_includes/blog_functions.php';
require_once '_includes/session.php';
confirm_logged_in(4);
if (!$_GET['page']) {
    redirect_to("index.php?error=4");
}
$clean_id = mysql_prep($_GET['page']);
if ($page = get_page_by_id($clean_id)) {
    $query = "DELETE FROM pages WHERE id ={$clean_id} LIMIT 1";
    $result = mysql_query($query, $connection);
    if (mysql_affected_rows() == 1) {
        $message = "A single post was deleted.<br />";
        if (get_comments($clean_id, ALL) > 0) {
            $query_comments = "DELETE FROM comments WHERE page_id={$clean_id}";
            mysql_affected_rows();
            if (mysql_affected_rows() == 1) {
                $message .= "And a single comment was deleted.";
            } else {
                $message .= "And " . mysql_affected_rows() . " comments were deleted.";
            }
        }
    } else {
        $message = '<p>Subject Deletion Failed</p>';
    }
}
?>
Ejemplo n.º 5
0
<?php

require_once '../_includes/connection.php';
require_once '_includes/header_footer_blog.php';
require_once '../_includes/functions.php';
require_once '_includes/blog_functions.php';
require_once '_includes/session.php';
confirm_logged_in(3);
$url = 'add_post.php';
is_friendly($_GET['friendly'], $_SESSION['user_name'], $_COOKIE['friendly'], $url);
//insert the post into the database
if (isset($_POST['submit'])) {
    global $connection;
    $query = "INSERT INTO ";
    $query .= " pages (";
    $query .= "subject_id, page_name, content, tags, visible, author, draft";
    $query .= ") VALUES (";
    $query .= "4, '{$_POST[page_name]}', '{$_POST['content']}', '{$_POST['tags']}', {$_POST['public']}, '{$_SESSION['user_name']}', {$_POST['draft']})";
    $result = mysql_query($query, $connection);
    redirect_to('index.php');
}
echo $header_blog1;
?>
<link rel= "stylesheet" type = "text/css" href="../blog/_stylesheets/form.css">
<link href='http://fonts.googleapis.com/css?family=Rock+Salt' rel='stylesheet' type='text/css'>
<title>RCM: Add</title>
<?php 
echo $header_blog2;
?>

<body>