function add($d)
{
$ardata = explode(";", $d);
$arbp = explode(" ", $ardata[6]);
$arprenom = explode(" ", $ardata[1]);
$nom = $ardata[0];
if (strpos($nom, "pse") > 0) {
$arnom = explode(" ", $ardata[0]);
$nom = $arnom[0];
$nommarriage = $arnom[2];
}
$prenom = utf8_encode($arprenom[0]);
$prenom2 = utf8_encode($arprenom[1]);
$gender = $ardata[2];
$dn = reversedate($ardata[3]);
$lieun = $ardata[4];
$obs = $ardata[5];
$bp = $arbp[1];
$cp = $ardata[7];
$codeprenom = str_replace('-', '', $prenom);
$codenom = str_replace('-', '', $nom);
$clientcode = code($dn, $codenom, $codeprenom);
if (!exist($clientcode)) {
$mysqli = new mysqli(DBSERVER, DBUSER, DBPWD, DB);
$mysqli->set_charset("utf8");
$query = "INSERT INTO `" . DB . "`.`clients` (`clientcode`, `clientstatus`," . " `clientcivilite`, `clientnom`, `clientnommarital`, `clientprenom`, `clientprenom2`, `clientdatenaissance`, `clientlieunaissance`," . " `clientbp`, `clientcp`,`obs`)" . " VALUES ('" . $clientcode . "', '1', '{$gender}', '" . $nom . "', '" . $nommarriage . "', '" . $prenom . "', '" . $prenom2 . "', '" . $dn . "', '" . $lieun . "'," . "'" . $bp . "','" . $cp . "','" . $obs . "')";
$mysqli->query($query);
$mysqli->close();
print $query;
}
}
$sth = $db->prepare('UPDATE user SET pulse=:pulse WHERE user=:user');
} else {
$sth = $db->prepare('INSERT INTO user (user, pulse) VALUES (:user, :pulse)');
}
$sth->bindParam(':user', $_POST["user"], PDO::PARAM_STR);
$sth->bindParam(':pulse', $_POST["pulse"], PDO::PARAM_STR);
$sth->execute();
return;
}
// update detail user information (avatar, key, ip, port)
if (isset($_POST["user"]) && isset($_POST["detail"]) && strlen(trim($_POST["user"])) > 0 && strlen(trim($_POST["detail"])) > 0) {
if (strlen($_POST["detail"]) > 3145728) {
header("HTTP/1.0 400 BAD REQUEST");
die("detail bigger than 3MB");
}
if (exist($db, $_POST["user"])) {
$sth = $db->prepare('UPDATE user SET detail=:detail WHERE user=:user');
} else {
$sth = $db->prepare('INSERT INTO user (user, detail) VALUES (:user, :detail)');
}
$sth->bindParam(':user', $_POST["user"], PDO::PARAM_STR);
$sth->bindParam(':detail', $_POST["detail"], PDO::PARAM_STR);
$sth->execute();
return;
}
// delete user
if (isset($_POST["user"]) && isset($_POST["delete"])) {
$sth = $db->prepare('DELETE FROM user WHERE user=:user');
$sth->bindParam(':user', $_POST["user"], PDO::PARAM_STR);
$sth->execute();
return;
</style>
</head>
<body>
<div id="main">
<?php
//传递店面名,name
echo '
<div id="subview">
<h2 class="title">' . $val['name'] . '</h2>
<hr class="line">
<p>详细资料</p>
<span class="icon">电话:</span><span>' . exist($val['telephone']) . '</span><br>
<div><span class="icon">地址</span>:' . exist($val['address']) . '</div><br>
<div><span class="icon">备注</span>:' . exist($val['note']) . '</div>
<hr class="line">
<p class="onlyheight">图文菜单:</p>
<div><img src="' . existpic($val['picture']) . '" onload="if(this.width>320){this.width=320}" ></div>
<div><img src="' . existpic($val['picture02']) . '" onload="if(this.width>320){this.width=320}" ></div>
</div>
';
function exist($a)
{
//判断是否提供了内容
if (!empty($a)) {
return $a;
} else {
return "未提供!";
}
}
function process_application()
{
global $deadline;
global $current_date;
if ($current_date < $deadline) {
include 'includes/form.php';
include 'includes/safe.php';
include 'includes/class.phpmailer.php';
$link = db_connect();
$code = substr(md5(uniqid(rand(), true)), 16, 16);
$submit = isset($_POST['send']) ? true : false;
$student_name = $submit ? $safe->input($_POST['student_name']) : '';
$student_surname = $submit ? $safe->input($_POST['student_surname']) : '';
$address = $submit ? $safe->input($_POST['address']) : '';
$phone = $submit ? $safe->input($_POST['phone']) : '';
$birthdate = $submit ? $safe->input($_POST['birthdate']) : '';
$citizenship = $submit ? $safe->input($_POST['citizenship']) : '';
$study_program = $submit ? $safe->input($_POST['study_program']) : '';
$study_year = $submit ? $safe->input($_POST['study_year']) : '';
$student_year = $submit ? $safe->input($_POST['student_year']) : '';
$semester = $submit ? $safe->input($_POST['semester']) : '';
$notes = $submit ? $safe->input($_POST['notes']) : '';
$ztp = $submit ? $safe->input($_POST['ztp']) : 0;
$soc = $submit ? $safe->input($_POST['soc']) : 0;
$bilateral_1 = $submit ? $safe->input($_POST['bilateral_1']) : 0;
$bilateral_2 = $submit ? $safe->input($_POST['bilateral_2']) : 0;
$bilateral_3 = $submit ? $safe->input($_POST['bilateral_3']) : 0;
$lang_1 = $submit ? $safe->input($_POST['lang_1']) : 0;
$lang_2 = $submit ? $safe->input($_POST['lang_2']) : 0;
$lang_3 = $submit ? $safe->input($_POST['lang_3']) : 0;
$birthdate = $submit ? $safe->input($_POST['birthdate']) : '';
$gender = $submit ? $safe->input($_POST['gender']) : '';
$email = $submit ? $safe->input($_POST['email']) : '';
$pass = $submit ? $safe->input($_POST['pass']) : '';
$pass_check = $submit ? $safe->input($_POST['pass_check']) : '';
//errors catching
$error = false;
$error_log = "";
global $year;
if ($submit) {
if ($pass != $pass_check) {
$error_log .= 'Overenie hesla sa nezhoduje!' . '<br>';
$error = true;
}
if (!valid_email($email)) {
$error_log .= 'Neplatný email!' . '<br>';
$error = true;
}
if (strlen($pass) < 6 || strlen($pass) > 10) {
$error_log .= 'Dĺžka hesla musí byť 6 až 10 znakov!' . '<br>';
$error = true;
}
if (exist('USERS', 'EMAIL', $email)) {
$error_log .= 'Zadaný email už niekto používa!' . '<br>';
$error = true;
}
$temp_born = explode(".", $birthdate);
// Palko edit
if (count($temp_born) != 3 && strlen($temp_born[2]) != 4 && strlen($temp_born[1]) != 2 && strlen($temp_born[0]) != 2 && is_int($temp_born[2]) == false && is_int($temp_born[1]) == false && is_int($temp_born[0]) == false) {
$error_log .= 'Nesprávne zadaný dátum narodenia' . '<br>';
$error = true;
} else {
$born = $temp_born[2] . '/' . $temp_born[1] . '/' . $temp_born[0];
}
if ($error == false) {
// insert into students
$sql = 'INSERT INTO STUDENTS (FIRSTNAME,MIDDLENAMES,LASTNAME,BORN,STUDENT_ID,GENDER,CITIZENSHIP, EMAIL, YEAR) VALUES ("' . $student_name . '", "", "' . $student_surname . '", "' . $born . '", "","' . $gender . '", "' . $citizenship . '","' . $email . '","' . $year . '");';
$query1 = mysqli_query($link, $sql) or die(mysqli_error($link));
//insert into users
$student_id = mysqli_insert_id($link);
$sql = 'INSERT INTO USERS (ROLE, EMAIL, PASSWD, NAME,STUDENT_ID, reg_code,reg_valid) VALUES ("student", "' . $email . '", "' . md5($pass) . '","' . $student_name . $student_surname . '", "' . $student_id . '", "' . $code . '",0);';
$query2 = mysqli_query($link, $sql) or die(mysqli_error($link));
$sql = 'INSERT INTO STUDENT_STUDY_PROGRAMS (ID_STUDENT,ID_STUDYPROGRAM) VALUES ("' . $student_id . '", "' . $study_program . '");';
$query3 = mysqli_query($link, $sql) or die(mysqli_error($link));
$id_student_program = mysqli_insert_id($link);
$sql = 'INSERT INTO STUDENT_EXCHANGES (ID_STUDENT_STUDY_PROGRAM,STUDY_YEAR,AGREEMENT_ID,FROM_DATE,TO_DATE,SEMESTER,ID_LANGUAGE,STUDENTLEVEL,REQUIREDLEVEL,SOCIALSTIPEND,HANDICAPPED,NOTES,CANCELLED,YEAR,STATE,ADDRESS,PHONE,STUDENT_YEAR) VALUES ("' . $id_student_program . '", "' . $study_year . '",0,1970/01/01, 1970/01/01, "' . $semester . '",0,"","","' . $soc . '","' . $ztp . '","' . $notes . '",0,"' . $year . '",0,"' . $address . '","' . $phone . '","' . $student_year . '");';
$query4 = mysqli_query($link, $sql) or die(mysqli_error($link));
$sql = 'INSERT INTO AGREEMENTS_PRIORITY (ID_UNIVERSITY, ID_STUDENT, ID_LANGUAGE, PRIORITY) VALUES ("' . $bilateral_1 . '","' . $student_id . '", "' . $lang_1 . '", 1)';
$query = mysqli_query($link, $sql) or die(mysqli_error($link));
$sql = 'INSERT INTO AGREEMENTS_PRIORITY (ID_UNIVERSITY, ID_STUDENT, ID_LANGUAGE, PRIORITY) VALUES ("' . $bilateral_2 . '","' . $student_id . '", "' . $lang_2 . '", 2)';
$query = mysqli_query($link, $sql) or die(mysqli_error($link));
$sql = 'INSERT INTO AGREEMENTS_PRIORITY (ID_UNIVERSITY, ID_STUDENT, ID_LANGUAGE, PRIORITY) VALUES ("' . $bilateral_3 . '","' . $student_id . '", "' . $lang_3 . '", 3)';
$query = mysqli_query($link, $sql) or die(mysqli_error($link));
$sql = 'INSERT INTO study_points (ID_STUDENT, TYPE, POINTS) VALUES ("' . $student_id . '", 1,0)';
$query = mysqli_query($link, $sql) or die(mysqli_error($link));
$sql = 'INSERT INTO study_points (ID_STUDENT, TYPE, POINTS) VALUES ("' . $student_id . '", 2,0)';
$query = mysqli_query($link, $sql) or die(mysqli_error($link));
$sql = 'INSERT INTO study_points (ID_STUDENT, TYPE, POINTS) VALUES ("' . $student_id . '", 3,0)';
$query = mysqli_query($link, $sql) or die(mysqli_error($link));
$files = array();
// if block 1
if (!empty($_FILES[$_FILES['files[]']]['tmp_name'])) {
echo "ti";
for ($i = 0; $i < count($_FILES[$_FILES['files[]']]['tmp_name']); $i++) {
// if block #2
if (!empty($_FILES[$_FILES['files[]']]['tmp_name']) && is_uploaded_file($_FILES[$_FILES['files[]']]['tmp_name'][$i])) {
# we're dealing with multiple uploads
$handle['key'] = $name;
$handle['name'] = $_FILES[$_FILES['files[]']]['name'][$i];
$handle['size'] = $_FILES[$_FILES['files[]']]['size'][$i];
$handle['type'] = $_FILES[$_FILES['files[]']]['type'][$i];
$handle['tmp_name'] = $_FILES[$_FILES['files[]']]['tmp_name'][$i];
// put each array into the $files array
array_push($files, $this->_process_image($handle));
}
#block 3...
}
return $files;
}
if ($query1 && $query2 && $query3 && $query4) {
$error_log .= 'Boli ste úspešne zaregistrovaný!';
try {
$mail = new PHPMailer();
$mail->From = "erasmus fmfi";
$mail->AddAddress($email);
$mail->Subject = "Registrácia na stránke Erasmus FMFI";
$email_body = file_get_contents('user_register.txt');
$patterns = array('([{]EMAIL[}])', '([{]CODE[}])');
$replacements = array($email, $code);
$email_body = preg_replace($patterns, $replacements, $email_body);
$mail->Body = $email_body;
$mail->Send();
} catch (phpmailerException $e) {
$error_log .= $e->errorMessage();
}
}
}
}
echo '<html>
<!-- Latest compiled and minified CSS -->
<meta http-equiv="Content-type" content="text/html; charset=utf-8" />
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css" integrity="sha384-1q8mTJOASx8j1Au+a5WDVnPi2lkFfwwEAa8hDDdjZlpLegxhjVME1fgjWPGmkzs7" crossorigin="anonymous">
<link rel="stylesheet" type="text/css" href="moj_style.css">
<form class="form-horizontal" name="application" method="post">
<fieldset>
<!-- Form Name -->
<legend>Nová prihláška</legend>
' . $error_log . '
<!-- Text input-->
<div class="form-group">
<label class="col-md-4 control-label" for="nameinput">Meno</label>
<div class="col-md-4">
<input id="nameinput" name="student_name" type="text" value="' . $_POST['student_name'] . '" placeholder="" class="form-control input-md" required="">
</div>
</div>
<!-- Text input-->
<div class="form-group">
<label class="col-md-4 control-label" for="secnameinput">Priezvisko</label>
<div class="col-md-4">
<input id="secnameinput" name="student_surname" type="text" value="' . $_POST['student_surname'] . '" placeholder="" class="form-control input-md" required="">
</div>
</div>
<!-- Text input-->
<div class="form-group">
<label class="col-md-4 control-label" for="adressinput">Kontaktná adresa</label>
<div class="col-md-4">
<input id="adressinput" name="address" type="text" value="' . $_POST['address'] . '" placeholder="" class="form-control input-md" required="">
</div>
</div>
<!-- Text input-->
<div class="form-group">
<label class="col-md-4 control-label" for="numberinput">Telefónne číslo</label>
<div class="col-md-4">
<input id="numberinput" name="phone" type="text" value="' . $_POST['phone'] . '" placeholder="" class="form-control input-md" required="">
</div>
</div>
<!-- Select Basic -->
<div class="form-group">
<label class="col-md-4 control-label" for="genderselect">Pohlavie</label>
<div class="col-md-4">
<select id="genderselect" name="gender" value="' . $_POST['gender'] . '" class="form-control">
<option value="F">žena</option>
<option value="M">muž</option>
</select>
</div>
</div>
<!-- Select Basic -->
<div class="form-group">
<label class="col-md-4 control-label" for="citizenselect">Príslušnosť</label>
<div class="col-md-4">
<select id="citizenselect" name="citizenship" value="' . $_POST['citizenship'] . '" class="form-control">
';
$query = "SELECT ID,NAME FROM COUNTRIES ORDER BY NAME ASC;";
$result = mysqli_query($link, $query);
while ($row = mysqli_fetch_array($result)) {
echo "<option value='" . $row['ID'] . "'>" . $row['NAME'] . "</option>";
}
echo '</select>
</div>
</div>
<!-- Text input-->
<div class="form-group">
<label class="col-md-4 control-label" for="dateinput">Dátum narodenia</label>
<div class="col-md-4">
<input id="dateinput" name="birthdate" value="' . $_POST['birthdate'] . '" type="text" placeholder="dd.mm.yyyy" class="form-control input-md" required="">
</div>
</div>
<!-- Select Basic -->
<div class="form-group">
<label class="col-md-4 control-label" for="programselect">Aktuálny študijný program</label>
<div class="col-md-4">
<select id="programselect" name="study_program" value="' . $_POST['study_program'] . '" class="form-control">
<option value="None">Výber študijného programu</option>
';
$query = "SELECT ID, CODE, NAME from STUDY_PROGRAMS order by NAME ASC;";
$result = mysqli_query($link, $query) or die(mysqli_error($link));
while ($row = mysqli_fetch_array($result)) {
echo "<option value='" . $row['ID'] . "'>" . $row['NAME'] . " - " . $row['CODE'] . "</option>";
}
echo '</select>
</div>
</div>
<!-- Multiple Radios -->
<div class="form-group">
<label class="col-md-4 control-label" for="semesterradio">Výber semestra</label>
<div class="col-md-4">
<div class="radio">
<label for="radios-0">
<input type="radio" name="semester" value="' . $_POST['semester'] . '" id="radios-0" value="W" checked="checked">
Zimný
</label>
</div>
<div class="radio">
<label for="radios-1">
<input type="radio" name="semester" value="' . $_POST['semester'] . '" id="radios-1" value="S">
Letný
</label>
</div>
</div>
<p>Vyber si semester v ktorom ideš na Erazmus.
</div>
<!-- Select Basic -->
<div class="form-group">
<label class="col-md-4 control-label" for="degreeselect">Stupeň štúdia</label>
<div class="col-md-4">
<select id="degreeselect" name="study_year" value="' . $_POST['study_year'] . '" class="form-control">
<option value="None">Výber stupňa štúdia</option>
<option value="1">Bc.</option>
<option value="2">Mgr.</option>
<option value="3">Phd.</option>
</select>
</div>
<p>Vyber si stupeň v ktorom ideš na Erazmus.
</div>
<div class="form-group">
<label class="col-md-4 control-label" for="yearselect">Ročník</label>
<div class="col-md-4">
<select id="yearselect" name="student_year" value="' . $_POST['student_year'] . '" class="form-control">
<option value="None">Výber roka štúdia</option>
<option value="1">1.</option>
<option value="2">2.</option>
<option value="3">3.</option>
<option value="4">4.</option>
<option value="5">5.</option>
</select>
</div>
<p>Vyber si ročník v ktorom ideš na Erazmus.
</div>
<!-- Select Basic -->
<div class="form-group">
<label class="col-md-4 control-label" for="agreementselect">Výber bilaterálnej dohody #1</label>
<div class="col-md-4">
<select id="agreementselect" name="bilateral_1" value="' . $_POST['bilateral_1'] . '" class="form-control">
<option value="None">Výber bilaterálnej dohody</option>
';
$query = "SELECT a.ID_UNIVERSITY,a.FROM_DATE, a.ID, a.BC, a.MGR, a.PHD, a.TO_DATE, a.SUBJECT_AREA_ID,u.ID as id_university, u.NAME as university_name, s.NAME as subject_name FROM AGREEMENTS as a join UNIVERSITIES as u on a.ID_UNIVERSITY = u.ID join SUBJECT_AREAS as s on a.SUBJECT_AREA_ID = s.ID ORDER BY u.NAME ASC;";
$result = mysqli_query($link, $query) or die(mysqli_error($link));
while ($row = mysqli_fetch_array($result)) {
$temp = '';
if ($row['BC'] == 1) {
$temp .= ' Bc.';
}
if ($row['MGR'] == 1) {
$temp .= ' Mgr.';
}
if ($row['PHD'] == 1) {
$temp .= ' Phd.';
}
echo "<option value='" . $row['id_university'] . "'>" . $row['university_name'] . " - " . $row['subject_name'] . " (" . $row['FROM_DATE'] . " - " . $row['TO_DATE'] . ").{$temp}</option>";
}
echo '</select>
<select id="selectbasic" name="lang_1" value="' . $_POST['lang_1'] . '" class="form-control">
<option value="None">Výber preferovaného jazyka</option>
';
$query = "SELECT ID,NAME FROM LANGUAGES order by NAME ASC;";
$result = mysqli_query($link, $query) or die(mysqli_error($link));
while ($row = mysqli_fetch_array($result)) {
echo "<option value='" . $row['ID'] . "'>" . $row['NAME'] . "</option>";
}
echo '</select>
</div>
</div>
<!-- Select Basic -->
<div class="form-group">
<label class="col-md-4 control-label" for="agreementselect2">Výber bilaterálnej dohody #2</label>
<div class="col-md-4">
<select id="agreementselect2" name="bilateral_2" value="' . $_POST['bilateral_2'] . '" class="form-control">
<option value="None">Výber bilaterálnej dohody</option>
';
$query = "SELECT a.ID_UNIVERSITY,a.FROM_DATE, a.ID, a.BC, a.MGR, a.PHD, a.TO_DATE, a.SUBJECT_AREA_ID,u.ID as id_university, u.NAME as university_name, s.NAME as subject_name FROM AGREEMENTS as a join UNIVERSITIES as u on a.ID_UNIVERSITY = u.ID\n join SUBJECT_AREAS as s on a.SUBJECT_AREA_ID = s.ID ORDER BY u.NAME ASC;";
$result = mysqli_query($link, $query) or die(mysqli_error($link));
while ($row = mysqli_fetch_array($result)) {
$temp = '';
if ($row['BC'] == 1) {
$temp .= ' Bc.';
}
if ($row['MGR'] == 1) {
$temp .= ' Mgr.';
}
if ($row['PHD'] == 1) {
$temp .= ' Phd.';
}
echo "<option value='" . $row['id_university'] . "'>" . $row['university_name'] . " - " . $row['subject_name'] . " (" . $row['FROM_DATE'] . " - " . $row['TO_DATE'] . ").{$temp}</option>";
}
echo '</select>
<select id="selectbasic" name="lang_2" value="' . $_POST['lang_2'] . '" class="form-control">
<option value="None">Výber preferovaného jazyka</option>
';
$query = "SELECT ID,NAME FROM LANGUAGES order by NAME ASC;";
$result = mysqli_query($link, $query) or die(mysqli_error($link));
while ($row = mysqli_fetch_array($result)) {
echo "<option value='" . $row['ID'] . "'>" . $row['NAME'] . "</option>";
}
echo '</select>
</div>
</div>
<!-- Select Basic -->
<div class="form-group">
<label class="col-md-4 control-label" for="agreementselect3">Výber bilaterálnej dohody #3</label>
<div class="col-md-4">
<select id="agreementselect3" name="bilateral_3" value="' . $_POST['bilateral_3'] . '" class="form-control">
<option value="None">Výber bilaterálnej dohody</option>
';
$query = "SELECT a.ID_UNIVERSITY,a.FROM_DATE, a.ID, a.BC, a.MGR, a.PHD, a.TO_DATE, a.SUBJECT_AREA_ID,u.ID as id_university, u.NAME as university_name, s.NAME as subject_name FROM AGREEMENTS as a join UNIVERSITIES as u on a.ID_UNIVERSITY = u.ID\n join SUBJECT_AREAS as s on a.SUBJECT_AREA_ID = s.ID ORDER BY u.NAME ASC;";
$result = mysqli_query($link, $query) or die(mysqli_error($link));
while ($row = mysqli_fetch_array($result)) {
$temp = '';
if ($row['BC'] == 1) {
$temp .= ' Bc.';
}
if ($row['MGR'] == 1) {
$temp .= ' Mgr.';
}
if ($row['PHD'] == 1) {
$temp .= ' Phd.';
}
echo "<option value='" . $row['id_university'] . "'>" . $row['university_name'] . " - " . $row['subject_name'] . " (" . $row['FROM_DATE'] . " - " . $row['TO_DATE'] . ").{$temp}</option>";
}
echo '</select>
<select id="selectbasic" name="lang_3" value="' . $_POST['lang_3'] . '" class="form-control">
<option value="None">Výber preferovaného jazyka</option>
';
$query = "SELECT ID,NAME FROM LANGUAGES order by NAME ASC;";
$result = mysqli_query($link, $query) or die(mysqli_error($link));
while ($row = mysqli_fetch_array($result)) {
echo "<option value='" . $row['ID'] . "'>" . $row['NAME'] . "</option>";
}
echo '</select>
</div>
</div>
<!-- Textarea -->
<div class="form-group">
<label class="col-md-4 control-label" for="activity">Účasť na projektoch/iné aktivity</label>
<div class="col-md-4">
<textarea class="form-control" id="activity" name="notes" value="' . $_POST['notes'] . '"></textarea>
</div>
</div>
<!-- Multiple Checkboxes (inline) -->
<div class="form-group">
<label class="col-md-4 control-label">ZŤP</label>
<div class="col-md-4">
<label class="checkbox-inline" >
<input type="checkbox" name="ztp" value="' . $_POST['ztp'] . '" id="checkboxes-0" value="1">
Áno
</label>
</div>
</div>
<div class="form-group">
<label class="col-md-4 control-label" >Poberateľ sociálneho štipendia</label>
<div class="col-md-4">
<label class="checkbox-inline" >
<input type="checkbox" name="soc" value="' . $_POST['soc'] . '" id="checkboxes-0" value="1">
Áno
</label>
</div>
</div>
<!-- Text input-->
<div class="form-group">
<label class="col-md-4 control-label" for="mail">E-mail</label>
<div class="col-md-4">
<input id="mail" name="email" value="' . $_POST['email'] . '" type="text" placeholder="" class="form-control input-md" required="">
</div>
</div>
<!-- Password input-->
<div class="form-group">
<label class="col-md-4 control-label" for="passwordinput">Heslo</label>
<div class="col-md-4">
<input id="passwordinput" name="pass" type="password" placeholder="minimálne 6 znakov" class="form-control input-md" required="">
</div>
</div>
<!-- Password input-->
<div class="form-group">
<label class="col-md-4 control-label" for="passwordinput1">Overenie hesla</label>
<div class="col-md-4">
<input id="passwordinput1" name="pass_check" type="password" placeholder="znova zadajte vaše heslo" class="form-control input-md" required="">
</div>
</div>
<!-- Button (Double) -->
<div class="form-group">
<div class="col-md-8">
<button id="button1id" name="send" class="btn btn-success">Odoslať</button>
</div>
</div>
</fieldset>
</form>
</html>';
} else {
header('Location: index.php');
}
}
function get_passed_code($exerid, $username)
{
$file_name = $username . '_exer_' . $exerid . '.pas';
if (exist($file_name) === FALSE) {
return '';
}
$code = read_src_file($file_name);
$passcode = '';
if ($exerid > 2) {
$pos1 = stripos($code, '(*---*)');
$pos2 = strrpos($code, '(*---*)');
$passcode = substr($code, 0, $pos2);
$passcode = substr($passcode, $pos1 + 8);
} else {
$passcode = $code;
}
return $passcode;
}
function edit_application()
{
include 'includes/form.php';
include 'includes/safe.php';
include 'includes/class.phpmailer.php';
$link = db_connect();
$code = substr(md5(uniqid(rand(), true)), 16, 16);
$submit = isset($_POST['send']) ? true : false;
$student_name = $submit ? $safe->input($_POST['student_name']) : '';
$student_surname = $submit ? $safe->input($_POST['student_surname']) : '';
$student_surname = $submit ? $safe->input($_POST['student_surname']) : '';
$birthdate = $submit ? $safe->input($_POST['birthdate']) : '';
$citizenship = $submit ? $safe->input($_POST['citizenship']) : '';
$study_program = $submit ? $safe->input($_POST['study_program']) : '';
$study_year = $submit ? $safe->input($_POST['study_year']) : '';
$semester = $submit ? $safe->input($_POST['semester']) : '';
$notes = $submit ? $safe->input($_POST['notes']) : '';
$ztp = $submit ? $safe->input($_POST['ztp']) : 0;
$birthdate = $submit ? $safe->input($_POST['birthdate']) : '';
$gender = $submit ? $safe->input($_POST['gender']) : '';
$email = $submit ? $safe->input($_POST['email']) : '';
$pass = $submit ? $safe->input($_POST['pass']) : '';
$pass_check = $submit ? $safe->input($_POST['pass_check']) : '';
//errors catching
$error = false;
$error_log = "";
$act_year = date("Y");
$next_year = $act_year + 1;
$year = $act_year . '/' . $next_year;
if ($submit) {
if ($pass != $pass_check) {
$error_log .= 'Overenie hesla sa nezhoduje!' . '<br>';
$error = true;
}
if (!valid_email($email)) {
$error_log .= 'Neplatný email!' . '<br>';
$error = true;
}
if (strlen($pass) < 6 || strlen($pass) > 10) {
$error_log .= 'Dĺžka hesla musí byť 6 až 10 znakov!' . '<br>';
$error = true;
}
if (exist('users', 'email', $email)) {
$error_log .= 'Zadaný email už niekto používa!' . '<br>';
$error = true;
}
$temp_born = explode(".", $birthdate);
// Palko edit
if (count($temp_born) != 3 && strlen($temp_born[2]) != 4 && strlen($temp_born[1]) != 2 && strlen($temp_born[0]) != 2 && is_int($temp_born[2]) == false && is_int($temp_born[1]) == false && is_int($temp_born[0]) == false) {
$error_log .= 'Nesprávne zadaný dátum narodenia' . '<br>';
$error = true;
} else {
$born = $temp_born[2] . '/' . $temp_born[1] . '/' . $temp_born[0];
}
if ($error == false) {
// insert into students
$sql = 'INSERT INTO students (firstname,middlenames,lastname,born,student_id,gender,citizenship, email, year) VALUES ("' . $student_name . '", "", "' . $student_surname . '", "' . $born . '", "","' . $gender . '", "' . $citizenship . '","' . $email . '","' . $year . '");';
$query1 = mysqli_query($link, $sql) or die(mysqli_error($link));
//insert into users
$student_id = mysqli_insert_id($link);
$sql = 'INSERT INTO users (role, email, passwd, name,student_id, reg_code,reg_valid) VALUES ("student", "' . $email . '", "' . md5($pass) . '","' . $student_name . $student_surname . '", "' . $student_id . '", "' . $code . '",0);';
$query2 = mysqli_query($link, $sql) or die(mysqli_error($link));
$sql = 'INSERT INTO student_study_programs (id_student,id_studyprogram) VALUES ("' . $student_id . '", "' . $study_program . '");';
$query3 = mysqli_query($link, $sql) or die(mysqli_error($link));
$id_student_program = mysqli_insert_id($link);
$sql = 'INSERT INTO student_exchanges (id_student_study_program,study_year,agreement_id,from_date,to_date,semester,id_language,studentlevel,requiredlevel,socialstipend,handicapped,notes,cancelled,year) VALUES ("' . $id_student_program . '", "' . $study_year . '",0,1970/01/01, 1970/01/01, "' . $semester . '",0,"","",0,"' . $ztp . '","' . $notes . '",0,"' . $year . '");';
$query4 = mysqli_query($link, $sql) or die(mysqli_error($link));
if ($query1 && $query2 && $query3 && $query4) {
$error_log .= 'Boli ste úspešne zaregistrovaný!';
try {
$mail = new PHPMailer();
$mail->From = "erasmus fmfi";
$mail->AddAddress($email);
$mail->Subject = "Registrácia na stránke Erasmus FMFI";
$email_body = file_get_contents('user_register.txt');
$patterns = array('([{]EMAIL[}])', '([{]PASSWORD[}])', '([{]CODE[}])');
$replacements = array($nick, $pass, $code);
$email_body = preg_replace($patterns, $replacements, $email_body);
$mail->Body = $email_body;
$mail->Send();
} catch (phpmailerException $e) {
$error_log .= $e->errorMessage();
}
}
}
}
echo '<html>
<!-- Latest compiled and minified CSS -->
<meta http-equiv="Content-type" content="text/html; charset=utf-8" />
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css" integrity="sha384-1q8mTJOASx8j1Au+a5WDVnPi2lkFfwwEAa8hDDdjZlpLegxhjVME1fgjWPGmkzs7" crossorigin="anonymous">
<link rel="stylesheet" type="text/css" href="moj_style.css">
<form class="form-horizontal" name="application" method="post">
<fieldset>
<!-- Form Name -->
<legend>Editácia prihlášky</legend>
' . $error_log . '
<!-- Text input-->
<div class="form-group">
<label class="col-md-4 control-label" for="textinput">Meno</label>
<div class="col-md-4">
<input id="textinput" name="student_name" type="text" placeholder="" class="form-control input-md" required="">
</div>
</div>
<!-- Text input-->
<div class="form-group">
<label class="col-md-4 control-label" for="textinput">Priezvisko</label>
<div class="col-md-4">
<input id="textinput" name="student_surname" type="text" placeholder="" class="form-control input-md" required="">
</div>
</div>
<!-- Select Basic -->
<div class="form-group">
<label class="col-md-4 control-label" for="selectbasic">Pohlavie</label>
<div class="col-md-4">
<select id="selectbasic" name="gender" class="form-control">
<option value="F">žena</option>
<option value="M">muž</option>
</select>
</div>
</div>
<!-- Select Basic -->
<div class="form-group">
<label class="col-md-4 control-label" for="selectbasic">Príslušnosť</label>
<div class="col-md-4">
<select id="selectbasic" name="citizenship" class="form-control">
';
$query = "SELECT id,name FROM countries ORDER BY name ASC;";
$result = mysqli_query($link, $query);
while ($row = mysqli_fetch_array($result)) {
echo "<option value='" . $row['id'] . "'>" . $row['name'] . "</option>";
}
echo '</select>
</div>
</div>
<!-- Text input-->
<div class="form-group">
<label class="col-md-4 control-label" for="textinput">Dátum narodenia</label>
<div class="col-md-4">
<input id="textinput" name="birthdate" type="text" placeholder="dd.mm.yyyy" class="form-control input-md" required="">
</div>
</div>
<!-- Select Basic -->
<div class="form-group">
<label class="col-md-4 control-label" for="selectbasic">Aktuálny študijný program</label>
<div class="col-md-4">
<select id="selectbasic" name="study_program" class="form-control">
<option value="None">Výber študijného programu</option>
';
$query = "SELECT id, code, name from study_programs order by name ASC;";
$result = mysqli_query($link, $query) or die(mysqli_error($link));
while ($row = mysqli_fetch_array($result)) {
echo "<option value='" . $row['id'] . "'>" . $row['name'] . " - " . $row['code'] . "</option>";
}
echo '</select>
</div>
</div>
<!-- Multiple Radios -->
<div class="form-group">
<label class="col-md-4 control-label" for="radios">Výber semestra</label>
<div class="col-md-4">
<div class="radio">
<label for="radios-0">
<input type="radio" name="semester" id="radios-0" value="W" checked="checked">
Zimný
</label>
</div>
<div class="radio">
<label for="radios-1">
<input type="radio" name="semester" id="radios-1" value="S">
Letný
</label>
</div>
</div>
</div>
<!-- Select Basic -->
<div class="form-group">
<label class="col-md-4 control-label" for="selectbasic">Stupeň štúdia</label>
<div class="col-md-4">
<select id="selectbasic" name="study_year" class="form-control">
<option value="None">Výber stupňa štúdia</option>
<option value="1">Bc.</option>
<option value="2">Mgr.</option>
<option value="3">Phd.</option>
</select>
</div>
</div>
<!-- Select Basic -->
<div class="form-group">
<label class="col-md-4 control-label" for="selectbasic">Výber bilaterálnej dohody #1</label>
<div class="col-md-4">
<select id="selectbasic" name="bilateral_1" class="form-control">
<option value="None">Výber bilaterálnej dohody</option>
';
$query = "SELECT a.id_university,a.from_date, a.id, a.bc, a.mgr, a.phd, a.to_date, a.subject_area_id, u.name as university_name, s.name as subject_name FROM agreements as a join universities as u on a.id_university = u.id\n join subject_areas as s on a.subject_area_id = s.id ORDER BY u.name ASC;";
$result = mysqli_query($link, $query) or die(mysqli_error($link));
while ($row = mysqli_fetch_array($result)) {
$temp = '';
if ($row['bc'] == 1) {
$temp .= ' Bc.';
}
if ($row['mgr'] == 1) {
$temp .= ' Mgr.';
}
if ($row['phd'] == 1) {
$temp .= ' Phd.';
}
echo "<option value='" . $row['id'] . "'>" . $row['university_name'] . " - " . $row['subject_name'] . " (" . $row['from_date'] . " - " . $row['to_date'] . ").{$temp}</option>";
}
echo '</select>
<select id="selectbasic" name="lang_1" class="form-control">
<option value="None">Výber preferovaného jazyka</option>
';
$query = "SELECT id,name FROM languages order by name ASC;";
$result = mysqli_query($link, $query) or die(mysqli_error($link));
while ($row = mysqli_fetch_array($result)) {
echo "<option value='" . $row['id'] . "'>" . $row['name'] . "</option>";
}
echo '</select>
</div>
<label for="checkboxes-1">
<input type="checkbox" name="checkboxes" id="checkboxes-1" value="1">
Vyber pre študenta túto dohodu
</label>
</div>
<!-- Select Basic -->
<div class="form-group">
<label class="col-md-4 control-label" for="selectbasic">Výber bilaterálnej dohody #2</label>
<div class="col-md-4">
<select id="selectbasic" name="bilateral_2" class="form-control">
<option value="None">Výber bilaterálnej dohody</option>
';
$query = "SELECT a.id_university,a.from_date, a.id, a.bc, a.mgr, a.phd, a.to_date, a.subject_area_id, u.name as university_name, s.name as subject_name FROM agreements as a join universities as u on a.id_university = u.id\n join subject_areas as s on a.subject_area_id = s.id ORDER BY u.name ASC;";
$result = mysqli_query($link, $query) or die(mysqli_error($link));
while ($row = mysqli_fetch_array($result)) {
$temp = '';
if ($row['bc'] == 1) {
$temp .= ' Bc.';
}
if ($row['mgr'] == 1) {
$temp .= ' Mgr.';
}
if ($row['phd'] == 1) {
$temp .= ' Phd.';
}
echo "<option value='" . $row['id'] . "'>" . $row['university_name'] . " - " . $row['subject_name'] . " (" . $row['from_date'] . " - " . $row['to_date'] . ").{$temp}</option>";
}
echo '</select>
<select id="selectbasic" name="lang_2" class="form-control">
<option value="None">Výber preferovaného jazyka</option>
';
$query = "SELECT id,name FROM languages order by name ASC;";
$result = mysqli_query($link, $query) or die(mysqli_error($link));
while ($row = mysqli_fetch_array($result)) {
echo "<option value='" . $row['id'] . "'>" . $row['name'] . "</option>";
}
echo '</select>
</div>
<label for="checkboxes-2">
<input type="checkbox" name="checkboxes" id="checkboxes-2" value="1">
Vyber pre študenta túto dohodu
</label>
</div>
<!-- Select Basic -->
<div class="form-group">
<label class="col-md-4 control-label" for="selectbasic">Výber bilaterálnej dohody #3</label>
<div class="col-md-4">
<select id="selectbasic" name="bilateral_3" class="form-control">
<option value="None">Výber bilaterálnej dohody</option>
';
$query = "SELECT a.id_university,a.from_date, a.id, a.bc, a.mgr, a.phd, a.to_date, a.subject_area_id, u.name as university_name, s.name as subject_name FROM agreements as a join universities as u on a.id_university = u.id\n join subject_areas as s on a.subject_area_id = s.id ORDER BY u.name ASC;";
$result = mysqli_query($link, $query) or die(mysqli_error($link));
while ($row = mysqli_fetch_array($result)) {
$temp = '';
if ($row['bc'] == 1) {
$temp .= ' Bc.';
}
if ($row['mgr'] == 1) {
$temp .= ' Mgr.';
}
if ($row['phd'] == 1) {
$temp .= ' Phd.';
}
echo "<option value='" . $row['id'] . "'>" . $row['university_name'] . " - " . $row['subject_name'] . " (" . $row['from_date'] . " - " . $row['to_date'] . ").{$temp}</option>";
}
echo '</select>
<select id="selectbasic" name="lang_3" class="form-control">
<option value="None">Výber preferovaného jazyka</option>
';
$query = "SELECT id,name FROM languages order by name ASC;";
$result = mysqli_query($link, $query) or die(mysqli_error($link));
while ($row = mysqli_fetch_array($result)) {
echo "<option value='" . $row['id'] . "'>" . $row['name'] . "</option>";
}
echo '</select>
</div>
<label for="checkboxes-3">
<input type="checkbox" name="checkboxes" id="checkboxes-3" value="1">
Vyber pre študenta túto dohodu
</label>
</div>
<!-- Textarea -->
<div class="form-group">
<label class="col-md-4 control-label" for="textarea">Účasť na projektoch/iné aktivity</label>
<div class="col-md-4">
<textarea class="form-control" id="textarea" name="notes"></textarea>
</div>
</div>
<!-- File Button -->
<div class="form-group">
<label class="col-md-4 control-label" for="filebutton">Motivačný list</label>
<div class="col-md-4">
<input id="filebutton" name="motivacny_list" class="input-file" type="file">
</div>
</div>
<!-- File Button -->
<div class="form-group">
<label class="col-md-4 control-label" for="filebutton">Životopis</label>
<div class="col-md-4">
<input id="filebutton" name="zivotopis" class="input-file" type="file">
</div>
</div>
<!-- File Button -->
<div class="form-group">
<label class="col-md-4 control-label" for="filebutton">Voliteľné</label>
<div class="col-md-4">
<input id="filebutton" name="volitelne" class="input-file" type="file">
</div>
</div>
<!-- Multiple Checkboxes (inline) -->
<div class="form-group">
<label class="col-md-4 control-label" for="checkboxes">ZŤP</label>
<div class="col-md-4">
<label class="checkbox-inline" for="checkboxes-0">
<input type="checkbox" name="ztp" id="checkboxes-0" value="1">
Áno
</label>
</div>
</div>
<!-- Select Basic -->
<div class="form-group">
<label class="col-md-4 control-label" for="selectbasic">Stav prihlášky</label>
<div class="col-md-4">
<select id="selectbasic" name="selectbasic" class="form-control">
<option value="1">Podaná</option>
<option value="2">Schválená</option>
<option value="3">Papierovo prijatá</option>
<option value="4">V poradovníku</option>
<option value="5">Zamietnutá</option>
</select>
</div>
</div>
<!-- Text input-->
<div class="form-group">
<label class="col-md-4 control-label" for="textinput">Pridaj body</label>
<div class="col-md-4">
<input id="textinput" name="textinput" type="text" placeholder="placeholder" class="form-control input-md">
<button id="singlebutton" name="singlebutton" class="btn btn-primary">Pripočítaj</button>
<span class="help-block">Vpíš body ktoré sa majú pripočítať k celkovému počtu bodov.</span>
</div>
</div>
<!-- Text input-->
<div class="form-group">
<label class="col-md-4 control-label" for="textinput">Zmeň počet bodov</label>
<div class="col-md-4">
<input id="textinput" name="textinput" type="text" placeholder="placeholder" class="form-control input-md">
<span class="help-block">Prepíš celkový počet bodov.</span>
</div>
</div>
<!-- Button (Double) -->
<div class="form-group">
<div class="col-md-8">
<button id="button1id" name="send" class="btn btn-success">Uložiť</button>
</div>
</div>
</fieldset>
</form>
</html>';
}
static public function verifyFields()
{
foreach($_POST as $key=>$value)
$_POST[$key] = mysql_real_escape_string($value);
$fields = explode(',','types,security1,Currency,Name,Quantity,account1,Trade_Date,Settlement_Date,Partner,BIC_Partner,Custodian,Custodian_BIC,account2,TA_Name,TA_BIC,account3,comment');
$fieldsObligatory = explode(',','types,security1,Quantity,account1,Trade_Date,Settlement_Date,account2,account3');
$errorMessage = array('types','ISIN','Quantity','account1','Trade Date','Settlement Date','Seller account','Agent account');
$result = array();
if($_POST['security1'] == '0')
unset($_POST['security1']);
foreach($fieldsObligatory as $key=>$field):
if(!exist($_POST[$field]))
$result[] = $errorMessage[$key];
endforeach;
if((!exist($_POST['Partner']))&&(!exist($_POST['BIC_Partner'])))
$result[]=(trim($_POST['type']) == 'purchase')?("Seller incl. BIC"):("Buyer incl. BIC");
if((!exist($_POST['Custodian']))&&(!exist($_POST['Custodian_BIC'])))
$result[]=("Custodian incl. BIC");
return $result;
}
static public function loadClient()
{
$_GET['id'] = mysql_real_escape_string($_GET['id']);
if(!exist($_GET['id']))
die('wrong id, please contact admin..');
$query = "SELECT * FROM user WHERE id = '".$_GET['id']."'";
$qres=mysql_query($query);
$row=mysql_fetch_assoc($qres);
if(empty($row))
die('wrong id, please contact admin.');
$fields = array('id','login','password','email','name');
$fieldsDb = array('id','login','password','email','name');
foreach($fields as $key=>$value)
$_POST[$value] = $row[$fieldsDb[$key]];
}
static public function verifyFields()
{
foreach($_POST as $key=>$value)
$_POST[$key] = mysql_real_escape_string($value);
// $fieldsDb = explode(',','types,id_isin1,amount1,abbreviation,name,id_account,comment_user');
$fields = explode(',','types,security1,Amount,Currency,Name,account,comment');
$fieldsObligatory = explode(',','types,security1,account');
$errorMessage = array('Type (please contact admin)','ISIN','account');
$result = array();
if($_POST['security1'] == '0')
unset($_POST['security1']);
if((!exist($_POST['Amount']))&&(!exist($_POST['Units'])))
$result[]=("Amount/Units");
foreach($fieldsObligatory as $key=>$field):
if(!exist($_POST[$field]))
$result[] = $errorMessage[$key];
endforeach;
return $result;
}
<?php
if (!defined('BASEPATH')) {
exist('No direct script access alloweb');
}
class Template
{
public $data_template = array();
public function set($clave, $valor)
{
$this->data_template[$clave] = $valor;
}
public function load($vista, $data = array(), $data_template = array(), $template = 'template')
{
$CI =& get_instance();
$this->data_template['contents'] = $CI->load->view($vista, $data, TRUE);
$this->data_template = array_merge($this->data_template, $data_template);
$CI->load->view($template, $this->data_template);
}
}
<?php
include('../config.php');
include('../functions.php');
include('../classes/custodycollection.class.php');
loginAdmin();
if(!loggedAdmin())
header('location: index.php');
if(exist($_POST['add']))
header('location: custody_add.php');
if(exist($_POST['delete']))
CustodyCollection::deleteAccounts();
include("$templates/menu.php");
//include appropriate template
$accounts = CustodyCollection::getAccounts();
include("$templates/custody.php");
//var_dump($accounts);
include("$templates/footer.php");
?>
<?php
include('../config.php');
include('../functions.php');
include('../classes/clientcollection.class.php');
include('../classes/security.class.php');
include('../classes/securitycollection.class.php');
$userid = mysql_real_escape_string($_GET['userid']);
loginAdmin();
if(!loggedAdmin())
header('location: index.php');
if(exist($_POST['add']))
header('location: portfolio_add.php?userid='.$_GET['userid']);
if(exist($_POST['delete']))
SecurityCollection::deleteSecurities($userid);
if(exist($_POST['update']))
SecurityCollection::updateSecurities($userid,maxQuantity);
include("$templates/menu.php");
$securities = SecurityCollection::getSecurities($userid);
//var_dump($securities);
//die();
include("$templates/portfolio.php");
include("$templates/footer.php");
?>
<!--
To change this license header, choose License Headers in Project Properties.
To change this template file, choose Tools | Templates
and open the template in the editor.
-->
<?php
$dsn = 'mysql:host = localhost;dbname=book_db';
$username = '******';
$password = '******';
try {
$db = new PDO($dsn, $username, $password);
echo 'connected';
} catch (PDOException $ex) {
$error_msg = $ex->getMessage();
include 'db_error.php';
exist();
}
?>
// make sure the page uses a secure connection
//if (!isset($_SERVER['HTTPS'])) {
//
//$url = 'https://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];
//
//header("Location: " . $url);
//
//exit();
static public function loadAccount()
{
$_GET['id'] = mysql_real_escape_string($_GET['id']);
if(!exist($_GET['id']))
die('wrong id, please contact admin..');
$query = "SELECT * FROM account a WHERE id_account = '".$_GET['id']."'
AND created_at =
(SELECT max(created_at) FROM account aa WHERE aa.id_account = a.id_account )";
$qres=mysql_query($query);
$row=mysql_fetch_assoc($qres);
if(empty($row))
die('wrong id, please contact admin.');
$fields = array('id_account','currency','client','aname','amount','credit','valuec','debit','valued');
$fieldsDb = array('id_account','id_currency','id_client','name','amount','credit','vdate1','debit','vdate2');
foreach($fields as $key=>$value)
$_POST[$value] = $row[$fieldsDb[$key]];
}
{
$field = filter_var($field, FILTER_SANITIZE_EMAIL);
if (filter_var($field, FILTER_VALIDATE_EMAIL)) {
return TRUE;
} else {
return FALSE;
}
}
if (isset($_POST['submit'])) {
$name = $_POST['name'];
$email = checker($_POST['email']);
$subject = $_POST['subj'];
$message = $_POST['message1'];
if (isset($name) && isset($email) && isset($subject) && isset($message)) {
//if ($securimage->check($_POST['captcha_code']) == true) {
if (exist($domain) == 'false') {
$query = "INSERT INTO feedback(id,name,email_add,subject,message) VALUES('','" . $name . "','" . $email . "','" . $subject . "','" . $message . "')";
mysql_query($query) or die(mysql_error());
header('Location: index.php');
} else {
alert("Existing domain.");
}
//}
/*else{
echo "The security code entered was incorrect.<br /><br />";
echo "Please try again.";
}*/
} else {
echo "Invalid";
}
}
<?php
include('../config.php');
include('../functions.php');
include('../classes/custodycollection.class.php');
include('../classes/clientcollection.class.php');
loginAdmin();
if(!loggedAdmin())
header('location: index.php');
if(exist($_POST['add']))
$result = CustodyCollection::addAccount();
include("$templates/menu.php");
$clients = ClientCollection::getClients();
include("$templates/custody_add.php");
include("$templates/footer.php");
?>
$e_mail = mb_strtolower($e_mail);
$e_mail = trim($e_mail);
function exist($var)
{
$query = "SELECT * FROM sender WHERE email='{$var}';";
$result = mysql_query($query);
while ($r = mysql_fetch_array($result)) {
if ($r[1] == $var) {
return 1;
break;
}
}
return 0;
}
//echo exist($e_mail);
if (exist($e_mail) == 0) {
$uniq = rand(10000, 99999);
$date = date("Y.m.d");
$query = "INSERT INTO sender (email, send, uniq, date) VALUES ('{$e_mail}', '1', '{$uniq}', '{$date}')";
$result = mysql_query($query);
mysql_close($link);
echo "<br><br><br><br><h3>Вы подписаны на рассылку</h3>";
} else {
echo "<br><br><br><h3>Вы уже подписаны на рассылку</h3>";
}
} else {
echo "Произошел сбой :(";
}
?>
} elseif ($lvl == 3) {
$mylevel = _status_member;
} elseif ($lvl == 4) {
$mylevel = _status_admin;
}
$index = show($dir . "/userlobby", array("userlobbyhead" => _userlobby, "userstats" => _lobby_stats, "erase" => $erase, "pic" => useravatar($userid), "mynick" => autor($userid), "myrank" => getrank($userid), "myposts" => userstats($userid, "forumposts"), "mylogins" => userstats($userid, "logins"), "myhits" => userstats($userid, "hits"), "mymsg" => $mymsg, "mylevel" => $mylevel, "puser" => _user, "plevel" => _admin_user_level, "plogins" => _profil_logins, "phits" => _profil_pagehits, "prank" => _profil_position, "pposts" => _profil_forenposts, "nkal" => _kalender, "kal" => $nextkal, "nart" => _artikel, "art" => $artikel, "nartc" => _lobby_artikelc, "artc" => $artc, "board" => _forum, "threads" => _forum_thread, "rankings" => $rankings, "nrankings" => _lobby_rankings, "awards" => $awards, "nawards" => _lobby_awards, "nforum" => _lobby_forum, "ftopics" => $ftopics, "lastforum" => _last_forum, "forum" => $forumposts, "nvotes" => _lobby_votes, "ncwcom" => _cw_comments_head, "cwcom" => $cwcom, "ngal" => _lobby_gallery, "gal" => $gal, "votes" => $newv, "cws" => $cws, "ncws" => _lobby_cw, "nnewsc" => _lobby_newsc, "newsc" => $newsc, "ngb" => _lobby_gb, "gb" => $gb, "nuser" => _lobby_user, "user" => $user, "nmgb" => _lobby_membergb, "mgb" => $membergb, "nmsg" => _msg, "msg" => $msg, "nnews" => _lobby_news, "news" => $news, "away_new" => $away_new, "away_now" => $away_now, "neuerungen" => _lobby_new));
}
break;
case 'erase':
$_SESSION['lastvisit'] = data($userid, "time");
$update = db("UPDATE " . $db['userstats'] . "\n SET `lastvisit` = '" . (int) $_SESSION['lastvisit'] . "'\n WHERE user = '******'");
header("Location: ?action=userlobby");
break;
case 'user':
$where = _user_profile_of . 'autor_' . $_GET['id'];
if (!exist($_GET['id'])) {
$index = error(_user_dont_exist, 1);
} else {
$update = db("UPDATE " . $db['userstats'] . "\n SET `profilhits` = profilhits+1\n WHERE user = '******'id']) . "'");
$qry = db("SELECT * FROM " . $db['users'] . "\n\t \t\t\t\t\t WHERE id = '" . intval($_GET['id']) . "'");
$get = _fetch($qry);
if ($get['sex'] == "1") {
$sex = _male;
} elseif ($get['sex'] == "2") {
$sex = _female;
} else {
$sex = '-';
}
if (empty($get['hp'])) {
$hp = "-";
} else {
die('Could not get data: ' . mysql_error());
}
while ($row = mysql_fetch_array($result, MYSQL_ASSOC)) {
$profile_pic = $row["profile_pic"];
$name = $row["name"];
$status = $row["status"];
$date = $row["date"];
$time = $row["time"];
$ans_body = $row["ans_body"];
$likes = $row["likes"];
$aid = $row['aid'];
$comment = $aid . "_comments";
$total_comments = $row["total_comments"];
$iid = $aid . '_ans';
$lid = "ans" . $aid . $_SESSION['user'];
if (exist($lid, $conn)) {
$class = "<i class='logo liked'></i>";
} else {
$class = "<i class='logo'></i>";
}
$html .= "\n<div class='ans'>\n\t\t\t\t\t\t<div class='user_info'>\n\t\t\t\t\t\t\t<img class='user-img' src={$profile_pic}>\n\t\t\t\t\t\t\t<div class='about'>\n\t\t\t\t\t\t\t\t<a class='name'>{$name}</a>\n\t\t\t\t\t\t\t\t<span class='status'>{$status}</span>\n\t\t\t\t\t\t\t</div>\n\t\t\t\t\t\t\t<div class='time_date'>\n\t\t\t\t\t\t\t\t<a class='date'>{$date}</a>\n\t\t\t\t\t\t\t\t<time class='time'>{$time}</time>\n\t\t\t\t\t\t\t</div>\n\t\t\t\t\t\t\n\t\t\t\t\t\t</div>\n\t\t\t\t\t\n\t\t\t\t\t\t<div class='answer_body'>\n\t\t\t\t\t\t\t<a class='a_content'>\n\t\t\t\t\t\t\t\t{$ans_body}\n\t\t\t\t\t\t\t</a>\n\t\t\t\t\t\t</div>\n\t\t\t\t\t\n\t\t\t\t\t\t<div class='ques_info'>\n\t\t\t\t\t\t\t<span class='likes' id={$iid}>{$class}<span>{$likes}</span></span>\n\t\t\t\t\t\t\t<div class='show_ans'>\n\t\t\t\t\t\t\t\t<a class='total_com' id={$aid}><span>{$total_comments}</span> Comments</a>\n\t\t\t\t\t\t\t</div>\n\t\t\t\t\t\t</div>\n\t\t\t\t\t\n\t\t\t\t\t\t<div class='comment_section' id={$comment}>\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t</div>\n</div>\n";
}
echo $html;
function exist($q, $con)
{
$quer = "select * from likes where likeid='{$q}'";
$res = mysql_query($quer, $con);
if ($row = mysql_fetch_array($res)) {
return true;
}
return false;
include('../classes/securitycollection.class.php');
include('../classes/custodycollection.class.php');
loginAdmin();
if(!loggedAdmin())
header('location: index.php');
$transaction = new TransactionCollection();
$clients = ClientCollection::getClients();
$isins = IsinCollection::getIsins();
$collection = new SecurityCollection();
$isinCollection = new IsinCollection;
$accounts = CustodyCollection::getAccountsForClientByTransactionId(mysql_real_escape_string($_GET['id']));
if(exist($_POST['button']))
{
$result = TransactionCollection::updateTransaction();
}
else
{
TransactionCollection::loadTransaction();
$result = array();
}
include("$templates/menu.php");
$clients = ClientCollection::getClients();
$isins = IsinCollection::getIsins();
include("$templates/transaction_edit.php");
include("$templates/footer.php");
function _i18n_var($params)
{
$i18n_key_string = $params[1];
if (exist($param[2])) {
$cfg_language_app = $param[2];
} else {
$cfg_language_app = "";
}
return __($i18n_key_string, $cfg_language_app);
}