/** * @param string $destination * @author Erik Aybar */ public static function redirectIfLoggedIn($destination = '/') { if (static::checkIfLoggedIn()) { $message = "You are already logged in!"; redirect_user($destination, $message); } }
function checksessionorkill() { session_start(); if (!isset($_SESSION['uid'])) { // Need the functions: require 'includes/login_functions.inc.php'; redirect_user(); } else { // Cancel the session: $_SESSION = array(); // Clear the variables array. session_destroy(); // Destroy the session itself. setcookie('PHPSESSID', '', time() - 3600, '/', '', 0, 0); // Destroy the cookie. } }
function createFile($filename) { // For security reasons we strip file path and constrain // allowable file name $file = preg_replace("/[^A-Za-z0-9_\\- ]/", "", basename($filename)); if (!$file) { redirect_user('index.php', http_build_query(array('status_message' => "File {$file} name is invalid"))); } $file .= ".txt"; $filepath = PATH_TO_FILES . "/{$file}"; if (file_exists($filepath)) { redirect_user('index.php', http_build_query(array('status_message' => "{$file} already exists"))); } else { if (file_put_contents($filepath, "") === false) { redirect_user('index.php', http_build_query(array('status_message' => "Couln't create file {$file}"))); } chmod($filepath, 0666); } return array($file, $filepath); }
<?php require_once $_SERVER['DOCUMENT_ROOT'] . '/bootstrap.php'; \MyClasses\Auth\AuthMaster::logOut(); redirect_user('/', 'You have been logged out');
<?php require_once $_SERVER['DOCUMENT_ROOT'] . '/bootstrap.php'; if ($_SERVER['REQUEST_METHOD'] != "POST") { redirect_with_message('/users/index.php', "Bad method. Bad user!"); } $upload_id = $_POST['id']; $upload = \MyClasses\Models\Upload::getOne($upload_id); $destroyed = \MyClasses\Models\Upload::destroy($upload_id); redirect_user('/uploads/index.php', "You killed {$upload['original_filename']}!");
$_SESSION['eventDropDown_errors'] = true; $errorText .= "<br/> - Invalid event"; } //Makes form sticky if any errors //*itemNameDropDown not sticky because of how number in stock col is being pulled if ($errorText) { //Set variables $name = $_POST['name']; $changeAmount = $_POST['changeAmount']; $eventDropDown = $_POST['eventDropDown']; //Display variables back on restock.php to make form sticky $_SESSION['name'] = $name; $_SESSION['changeAmount'] = $changeAmount; $_SESSION['eventDropDown'] = $eventDropDown; } else { //Set variables for query $action = $_GET['action']; $name = $_GET['name']; $currentItem = $_GET['itemName']; $currentNumInStock = $_GET['currentNumInStockURL']; $amount = $_POST['changeAmount']; $updatedNumInStock = $_GET['currentNumInStockURL'] + $_POST['changeAmount']; $event = $_GET['event']; //Updates inventory list $sql = mysqli_query($db, "UPDATE InventoryList SET numInStock='{$updatedNumInStock}' WHERE itemName='{$currentItem}'"); //Updates change log $sql2 = mysqli_query($db, "INSERT INTO ChangeLog (action, name, itemName, numInStock, amount, updatedNumInStock, event, date_time) VALUES ('{$action}', '{$name}', '{$currentItem}', '{$currentNumInStock}', '{$amount}', '{$updatedNumInStock}', '{$event}', NOW())"); } $_SESSION['form_error_text'] = $errorText; redirect_user('restock.php'); mysqli_close($db);
$householder = 0; } } else { print '<p style="color: red;">Please submit both a title and an entry.</p>'; $problem = TRUE; } if (!$problem) { // Define the query. $query = "UPDATE users SET first_name='{$f_name}', last_name='{$l_name}', email='{$email}', send_email='{$send_email}', phone_1='{$phone_1}', phone_2='{$phone_2}', pub_type_id='{$pub_type}', servant_type_id='{$serv_type}', public_speaker='{$public_speaker}', chairman='{$chairman}', reader='{$reader}', overseer='{$overseer}', prayer='{$prayer}', bible_high='{$bible_high}', no_1='{$no_1}', no_2='{$no_2}', no_3='{$no_3}', serv_meet='{$serv_meet}', attend='{$attend}', sound_panel='{$sound_panel}', stage='{$stage}', mic='{$mic}', grounds_keeper='{$grounds_keeper}', householder='{$householder}' WHERE user_id={$_POST['id']}"; $r = mysqli_query($dbc, $query); // Execute the query. // Report on the result: if (mysqli_affected_rows($dbc) == 1 or mysqli_affected_rows($dbc) == 0) { require 'include/login_functions.inc.php'; $user_id = $_POST['id']; $page = "display_person.php?user_id={$user_id}"; redirect_user($page); } else { print '<p style="color: red;">Could not update the entry because:<br />' . mysqli_error($dbc) . '.</p><p>The query being run was: ' . $query . '</p>'; } } // No problem! } else { // No ID set. print '<p style="color: red;">This page has been accessed in error.</p>'; } // End of main IF. // Close the connection. include 'db_close.php'; //Include the footer: include 'include/footer.html';
if (strlen($Password1) > 0 && strlen($Password2) > 0 && $Password1 != $Password2) { $errors[] = 'Passwords do not match'; } } if (empty($errors)) { $Email1 = mysqli_real_escape_string($dbc, $Email1); //Update the email address mysqli_query($dbc, "Call spUpdateUserPassword({$UserID},'{$Password1}');"); complete_procedure($dbc); //Redirect user back to the account settings page redirect_user('account_settings.php'); } } } else { //Redirect user back to the account settings page redirect_user('account_settings.php'); } ?> <div class="content"> <img class="responsive" src="images/wood_image.jpg" alt="wood"> </div> <div class="contentwidth"> <div class="row flush"> <div class="col s7"> <div class="author roundcorner"> <h3 class="title">Change Password</h3> </div> <div class="box_guest author_alt"> <?php if (!empty($errors)) { echo '<h1>Error!</h1><p class="error">The following error(s) occurred:<br />';
<?php if ($_SERVER['REQUEST_METHOD'] == 'POST') { require 'login_functions.inc.php'; require 'mysqli_connect.php'; list($check, $data) = check_login($dbc, $_POST['email'], $_POST['pass']); if ($check) { setcookie('user_id', $data['user_id'], time() + 3600, '/', '', 0, 0); setcookie('first_name', $data['first_name'], time() + 3600, '/', '', 0, 0); redirect_user('loggedin.php'); } else { $errors = $data; } mysqli_close($dbc); } include 'login_page.inc.php';
// Written by: Jonathan Sankey on 4/15/2016 // This page removes announcements from the database // It is accessed through the announcement managment page require './include_utils/login_functions.php'; //redirect // Check for a valid announcement ID, through GET or POST: if (isset($_GET['id']) && is_numeric($_GET['id'])) { // From announcement_management.php $id = $_GET['id']; } elseif (isset($_POST['id']) && is_numeric($_POST['id'])) { // From announcement_management.php $id = $_POST['id']; } else { // No valid ID, kill the script. echo '<p class="error">Announcement not found.</p>'; exit; } require '../mysqli_connect.php'; // Make the query: $q = "CALL spRemoveAnnouncement('{$id}')"; if (mysqli_query($dbc, $q)) { // If it ran OK. redirect_user('manage_announcements.php'); } else { // If the query did not run OK. echo '<p class="error">The user could not be deleted due to a system error.</p>'; // Public message. echo '<p>' . mysqli_error($dbc) . '</p>'; // Debugging message. } mysqli_close($dbc);
<?php require_once $_SERVER['DOCUMENT_ROOT'] . '/bootstrap.php'; $rules = ['email' => ["email"], 'password' => ["not_empty"]]; $validator = new \MyClasses\Validation\Validator(); $validator->validate($rules, $_POST); $validator->redirectWithErrorsIfFailed('/users/login.php'); $user = \MyClasses\Models\User::getOneBy('email', $_POST['email']); $hashed = $user['encrypted_password']; $password_is_correct = password_verify($_POST['password'], $hashed); if ($password_is_correct) { \MyClasses\Auth\AuthMaster::logUserInUsingId($user['id']); redirect_user('/users/index.php', "Log in success. Congratulations, {$user['first_name']}!"); } else { redirect_user('/users/login.php', "Wrong password! Try again..."); }
if ($errorText) { //Set variables $name = $_POST['name']; $changeAmount = $_POST['changeAmount']; $eventDropDown = $_POST['eventDropDown']; //Display variables back on request.php to make form sticky $_SESSION['name'] = $name; $_SESSION['changeAmount'] = $changeAmount; $_SESSION['eventDropDown'] = $eventDropDown; } else { //Set variables for query $action = $_GET['action']; $name = $_GET['name']; $currentItem = $_GET['itemName']; $currentNumInStock = $_GET['currentNumInStockURL']; $amount = $_POST['changeAmount']; $updatedNumInStock = $_GET['currentNumInStockURL'] - $_POST['changeAmount']; $event = $_GET['event']; $date = date('m/d/y h:i:sa'); //Updates inventory list $sql = mysqli_query($db, "UPDATE InventoryList SET numInStock='{$updatedNumInStock}' WHERE itemName='{$currentItem}'"); //Updates change log $sql2 = mysqli_query($db, "INSERT INTO ChangeLog (action, name, itemName, numInStock, amount, updatedNumInStock, event, date_time) VALUES ('{$action}', '{$name}', '{$currentItem}', '{$currentNumInStock}', '{$amount}', '{$updatedNumInStock}', '{$event}', '{$date}')"); } $_SESSION['form_error_text'] = $errorText; redirect_user('out-of-stock.php'); mysqli_close($db); ?> </body> </html>
<?php session_start(); // Check if the form has been submitted: if ($_SERVER['REQUEST_METHOD'] == 'POST') { $errors1 = array(); require 'login_functions.inc.php'; require '/Applications/MAMP/mysqli_connect.php'; if ($_POST['pass'] !== $_POST['pass2']) { $errors1[] = "Make sure both passwords are correct!"; } if (empty($_POST['pass']) or empty($_POST["fname"]) or empty($_POST["email"]) or empty($_POST["lname"])) { $errors1[] = "All fields must be filled!<br>"; } else { // OK! $_SESSION['fname'] = $_POST['fname']; $_SESSION['lname'] = $_POST['lname']; $_SESSION['email'] = $_POST['email']; $_SESSION['pass'] = $_POST['pass']; // Redirect: redirect_user('registration_handle.php'); } mysqli_close($dbc); // Close the database connection. } // End of the main submit conditional. // Create the page: include 'registration.php';
<?php require_once $_SERVER['DOCUMENT_ROOT'] . '/bootstrap.php'; $rules = ['first_name' => ['not_empty'], 'last_name' => ['not_empty'], 'email' => ['not_empty'], 'password' => ['not_empty'], 'password_confirmation' => ['not_empty']]; $validator = new \MyClasses\Validation\Validator(); $validator->validate($rules, $_POST); $validator->redirectWithErrorsIfFailed('/users/new.php'); if ($_POST['password'] != $_POST['password_confirmation']) { redirect_user("/users/new.php", "Whoops. Your password confirmation didn't match..."); } $encrypted_password = password_hash($_POST['password'], PASSWORD_BCRYPT); $user_create_data = ['first_name' => $_POST['first_name'], 'last_name' => $_POST['last_name'], 'email' => $_POST['email'], 'encrypted_password' => $encrypted_password]; $users_id = \MyClasses\Models\User::create($user_create_data); $user = \MyClasses\Models\User::getOne($users_id); \MyClasses\Auth\AuthMaster::logUserInUsingId($user['id']); redirect_user('/users/show.php?id=' . $users_id, "Welcome, {$user['first_name']}!");
$_SESSION['status'] = $new_user->status; $_SESSION['user_type'] = $new_user->user_type; $_SESSION['timeout'] = time(); //Setting user meta information. $user_ip = get_client_ip(); //Function is inside function.php to get ip $new_user->set_user_meta($_SESSION['user_id'], 'last_login_time', date("Y-m-d H:i:s")); //setting last login time. $new_user->set_user_meta($_SESSION['user_id'], 'last_login_ip', $user_ip); //setting last login IP. $new_user->set_user_meta($_SESSION['user_id'], 'login_attempt', '0'); //On login success default loign attempt is 0. $new_user->set_user_meta($_SESSION['user_id'], 'login_lock', 'No'); //setting last login time. $message = $language['login_success_message']; redirect_user($new_user->user_type); //Checks authentication and redirect user as per his/her level. } } //setting session variables if user loged in successful! } //login process ends here if form submits $page_title = $language['login_title']; //You can edit this to change your page title. $sub_title = "Please login below to access the dashboard."; require_once 'Includes/header.php'; //adding facebook if activate. if (get_option('facebook_login') == '1') { include 'Includes/add_facebook.php'; echo '<div id="fb_return_msg"></div>'; }
<?php session_start(); if (!isset($_SESSION['ID'])) { require 'loginfunction.php'; redirect_user('login.html'); } ?> <!DOCTYPE html> <!--[if lt IE 7 ]><html class="ie ie6" lang="en"> </html><![endif]--> <!--[if IE 7 ]><html class="ie ie7" lang="en"> </html><![endif]--> <!--[if IE 8 ]><html class="ie ie8" lang="en"> </html><![endif]--> <!--[if (gte IE 9)|!(IE)]><!--><html lang="en"> <!--<![endif]--> <head> <meta charset="utf-8" /> <title>目的地</title> <meta name="description" content="Tour Pal Home" /> <meta name="author" content="solojoe" /> <!-- Mobile Specific Metas ================================================== --> <meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1" /> <!-- CSS ================================================== --> <link rel="stylesheet" href="./stylesheets/base.css" /> <link rel="stylesheet" href="./stylesheets/skeleton.css" /> <link rel="stylesheet" href="./stylesheets/layout.css" /> <link href='http://fonts.googleapis.com/css?family=Droid+Serif:400italic' rel='stylesheet' type='text/css' /> <!--[if lt IE 9]> <script src="http://html5shim.googlecode.com/svn/trunk/html5.js"></script> <![endif]--> <!-- Favicons================================================== -->
if (empty($_POST['type'])) { $errors[] = 'No type'; } else { $t = $mysqli->real_escape_string(trim($_POST['type'])); } // ensure user has privileges to create entity type // only players and game masters can create creatures and effects, and only // game masters can create encounters. if (($t == 2 || $t == 3) && ($ul == 0 || $ul == 3 || $ul == 4) || $t == 1 && $ul != 2) { echo 'Insufficient privileges: ' . $t . ' : ' . $ul; } else { if (empty($errors)) { // If everything's OK. $t_value = array(1 => 'encounter', 2 => 'creature', 3 => 'effect'); // begin constructing the query: $q = "UPDATE " . $t_value[$t] . "s "; // specify columns and values $q .= "SET name='" . $n . "', description='" . $d . "' WHERE " . $t_value[$t] . "_id=" . $uid; if ($mysqli->query($q)) { redirect_user('../profile.php'); } else { // echo $q; } } // End of empty($errors) IF. } // Close the connection: $mysqli->close(); unset($mysqli); } // End of the main submit conditional.
<?php session_start(); if (isset($_SESSION['manageID'])) { $_SESSION = array(); session_destroy(); setcookie('PHPSESSID', '', time() - 3600, '', 0, 0); } require 'loginfunction2.php'; redirect_user('manage.html');
require 'include/config.inc.php'; require 'model/data_functions.php'; $user_id = $_SESSION['user_id']; // Assign the sessions varibles $email = $_SESSION['email']; $page = $_SERVER['REQUEST_URI']; // Assign URL to use in the form action- This will include the GET date for the week of Monday... $nav_href = 'edit_tms.php?monday='; // For use in week_nav() $meeting = 'tms'; $user_auth = 'fail'; $user_auth =& user_auth($user_id, $email, $meeting); if ($user_auth == 0) { // If either public or admin is TRUE (1), then the script continue require 'include/login_functions.inc.php'; redirect_user('index.php'); } else { require 'include/functions.inc.php'; require 'include/functions_date.php'; $monday = $_GET['monday']; // Date value from URL. Always represents the date of a Monday of the week. $date = date('F j, Y', strtotime($monday)); $midweek = date('F j, Y', strtotime('+2 days', strtotime($monday))); $sunday = date('F j, Y', strtotime('+6 days', strtotime($monday))); $view = 'date'; $page_id = 3; $meeting_type_id = 1; $highlights = 7; $main_1 = 8; $main_2 = 9; $main_2_hh = 33;
// From encounters.php $e = $_GET['e']; $i = $_GET['i']; $r = $_GET['r']; } else { // No valid encounter ID, Init, or round, kill the script. header("Location: ../encounters.php"); exit; // Quit the script. } require MYSQL2; // Get the next highest initiative $new_init = init_up($mysqli, $e, $i); // The assumption is that a returned value of 0 means we need to increment the round and set // the init to the first creature in the order $q = "UPDATE encounters SET "; if ($new_init == 0 || $r == 0) { // increment round and get init of first creature $new_round = $r + 1; $q .= "current_round = '{$new_round}', "; $new_init = init_up($mysqli, $e, 0); } $q .= "current_init={$new_init} WHERE encounter_id={$e}"; $r = $mysqli->query($q); // Run the query. if ($mysqli->affected_rows == 1) { redirect_user('../view_encounter.php?e=' . $e); } else { //echo $q; //echo $r; }
<?php require_once $_SERVER['DOCUMENT_ROOT'] . '/bootstrap.php'; if ($_SERVER['REQUEST_METHOD'] != "POST") { redirect_user('/people/index.php', "Bad method. Bad user!"); } $person_id = $_POST['id']; $person = \MyClasses\Models\Person::getOne($person_id); $destroyed = \MyClasses\Models\Person::destroy($person_id); redirect_user('/people/index.php', "You killed {$person['first_name']}!");
<?php # Script changepass.php // This page allows users to change their password for the site. require 'includes/config.inc.php'; $page_title = 'Change Password'; include 'header.php'; // If no session value is present, redirect the user: // Also validate the HTTP_USER_AGENT! if (!isset($_SESSION['agent']) or $_SESSION['agent'] != md5($_SERVER['HTTP_USER_AGENT'])) { // Need the functions: require 'includes/login_functions.inc.php'; redirect_user(login . php); } $uid = $_SESSION['user_id']; if ($_SERVER['REQUEST_METHOD'] == 'POST') { // Handle the form. // Need the database connection: require MYSQL; // Trim all the incoming data: $trimmed = array_map('trim', $_POST); // Assume invalid values: $op = $p = FALSE; // Check for the old password: if (preg_match('/^\\w{4,20}$/', $trimmed['oldpass'])) { $op = $mysqli->real_escape_string($trimmed['oldpass']); } else { echo '<p class="error">Please enter your old password!</p>'; } // Check for a new password and match against the confirmed password: if (preg_match('/^\\w{4,20}$/', $trimmed['password1'])) {
<?php if ($_SERVER['REQUEST_METHOD'] == 'POST') { // Need two helper files: require 'includes/login_functions.inc.php'; require '../mysqli_connect.php'; // Check the login: list($check, $data) = check_login($dbc, $_POST['email'], $_POST['passwd']); if ($check) { // OK! // Set the session data: session_start(); $_SESSION['uid'] = $data['uid']; $_SESSION['name'] = $data['name']; // Redirect: redirect_user('home.php'); } else { // Unsuccessful! // Assign $data to $errors for login_page.inc.php: $errors = $data; } mysqli_close($dbc); // Close the database connection. } // End of the main submit conditional. // Print any error messages, if they exist: if (isset($errors) && !empty($errors)) { echo '<h1>Error!</h1> <p class="error">The following error(s) occurred:<br />'; foreach ($errors as $msg) { echo " - {$msg}<br />\n";
} } else { if ($sub == 'RemoveCorpse') { // user wishes to remove the participant and add as a corpse $q = "DELETE FROM corpses WHERE corpse_id=" . $coid; } else { $errors[] = 'No submit value'; } } } } // End submit selection if // run the query if ($mysqli->query($q)) { $url = '../edit_init_order.php?x=' . $eid; redirect_user($url); } else { // echo $q; } // End query if } else { foreach ($errors as $e) { echo $e; } } // End of empty($errors) IF. // Close the connection: $mysqli->close(); unset($mysqli); } // End of the main submit conditional.
<?php # Script loggedin.php // The user is redirected here from login.php. // Set the page title and include the HTML header: $page_title = 'Logged In!'; include 'header.php'; // If no session value is present, redirect the user: // Also validate the HTTP_USER_AGENT! if (!isset($_SESSION['agent']) or $_SESSION['agent'] != md5($_SERVER['HTTP_USER_AGENT'])) { // Need the functions: require 'includes/login_functions.inc.php'; redirect_user('login.php'); } // Print a customized message: echo "<h1>Logged In!</h1>\n<p>You are now logged in as, {$_SESSION['username']}!</p>"; include 'footer.php';
// Also validate the HTTP_USER_AGENT! if (!isset($_SESSION['agent']) or $_SESSION['agent'] != md5($_SERVER['HTTP_USER_AGENT'])) { redirect_user('login.php'); } $uid = $_SESSION['user_id']; // Now that a user is logged in and we have the encounter id // we need to retrieve the encounter name and show it $q = "SELECT * FROM encounters WHERE encounter_id='{$eid}'"; $r = $mysqli->query($q); // Run the query. $encounter = $r->fetch_array(MYSQLI_ASSOC); $ename = $encounter['name']; $oid = $encounter['user_id']; // Finally as a last measure of protection make sure that the user is the encounter owner if ($uid != $oid) { redirect_user('encounters.php'); } echo "<h2>{$encounter['name']} " . ' <a style="font-size: .5em" href="view_encounter.php?e=1">return</a></h2>'; echo '<h3>Active Effects</h3>'; //retrieve all active effects $q = "SELECT active_effect_id, effect_id, participant_id FROM active_effects WHERE encounter_id=" . $eid; $r = $mysqli->query($q); // Run the query. // prepared statements for effect queries // get the name of the creature who created the effect $qp_creature = "SELECT c.name, c.user_id FROM creatures AS c JOIN participants AS p USING (creature_id) WHERE p.participant_id = ? ORDER BY name ASC"; $stmt_p = $mysqli->prepare($qp_creature); $stmt_p->bind_param('i', $pid); // get the name and description of the effects $qp_effect = "SELECT name, description FROM effects WHERE effect_id = ?"; $stmt_e = $mysqli->prepare($qp_effect);
<?php # Script 12.11 - logout.php #2 // This page lets the user logout. // This version uses sessions. session_start(); // Access the existing session. // If no session variable exists, redirect the user: if (!isset($_SESSION['user_id'])) { // Need the functions: require 'includes/login_functions.inc.php'; redirect_user(); } else { // Cancel the session: $_SESSION = array(); // Clear the variables. session_destroy(); // Destroy the session itself. setcookie('PHPSESSID', '', time() - 3600, '/', '', 0, 0); // Destroy the cookie. } // Set the page title and include the HTML header: $page_title = 'Logged Out!'; include './includes/header.html'; include './includes/top.html'; // Print a customized message: echo "<h1>Logged Out!</h1>\n<p>You are now logged out!</p>"; include './includes/bottom.html'; include './includes/footer.html';
<?php require_once $_SERVER['DOCUMENT_ROOT'] . '/bootstrap.php'; if (!isset($_GET['id'])) { redirect_user('/people/index.php', 'No person found for ID ... or you didn\'t supply one!'); } $person_id = $_GET['id']; $person = \MyClasses\Models\Person::getOne($person_id); $page['title'] = 'Edit Person'; echo get_partial('header.php', ['page' => $page]); ?> <h1>Edit <?php echo $person['first_name'] . " " . $person['last_name']; ?> </h1> <form action="/people/update.php" method="POST" class="form-horizontal"> <div class="form-group"> <div class="col-sm-3"> <label>First Name</label> <input type="text" name="first_name" value="<?php echo $person['first_name']; ?> " placeholder="Your First Name" class="form-control input-lg"> </div> <div class="col-sm-3"> <label>Last Name</label> <input type="text" name="last_name" value="<?php echo $person['last_name']; ?> " placeholder="Your Last Name" class="form-control input-lg">
//*itemNameDropDown not sticky because of how number in stock col is being pulled if ($errorText) { //Set variables $name = $_POST['name']; $changeAmount = $_POST['changeAmount']; $eventDropDown = $_POST['eventDropDown']; //Display variables back on request.php to make form sticky $_SESSION['name'] = $name; $_SESSION['changeAmount'] = $changeAmount; $_SESSION['eventDropDown'] = $eventDropDown; } else { //Set variables for query $action = $_GET['action']; $name = $_GET['name']; $currentItem = $_GET['itemName']; $currentNumInStock = $_GET['currentNumInStockURL']; $amount = $_POST['changeAmount']; $updatedNumInStock = $_GET['currentNumInStockURL'] - $_POST['changeAmount']; $event = $_GET['event']; //Updates inventory list $sql = mysqli_query($db, "UPDATE InventoryList SET numInStock='{$updatedNumInStock}' WHERE itemName='{$currentItem}'"); //Updates change log $sql2 = mysqli_query($db, "INSERT INTO ChangeLog (action, name, itemName, numInStock, amount, updatedNumInStock, event, date_time) VALUES ('{$action}', '{$name}', '{$currentItem}', '{$currentNumInStock}', '{$amount}', '{$updatedNumInStock}', '{$event}', NOW())"); } $_SESSION['form_error_text'] = $errorText; redirect_user('request.php'); mysqli_close($db); ?> </body> </html>
<?php session_start(); // Access the existing session. // If no session variable exists, redirect the user: if (!isset($_SESSION['user_id'])) { // Need the functions: require 'login_functions.inc.php'; redirect_user('loginreg.php'); } else { // Cancel the session: $_SESSION = array(); // Clear the variables. session_destroy(); // Destroy the session itself. setcookie('PHPSESSID', '', time() - 3600, '/', '', 0, 0); // Destroy the cookie. } // Set the page title and include the HTML header: $page_title = 'Logged Out!'; // Print a customized message: ?> <head> <?php echo "<center><h2>Logged Out!</h2>\n\t<p>You are now logged out!"; include 'loginreg.php'; ?> </head>