/** * * @param array $historyEntries Many objects of History class * @return sfRss201Feed */ public function getFeed($historyEntries) { $this->createFeed(); $i = 0; foreach ($historyEntries as $historyEntry) { $user = $historyEntry->getUser(); $content = (string) $historyEntry; $item = new sfFeedItem(); $item->initialize(array('title' => strip_tags($content), 'link' => 'http://' . RaykuCommon::getCurrentHttpDomain(), 'pubDate' => strtotime($historyEntry->getCreatedAt()), 'description' => $content)); $this->feed->addItem($item); } return $this->feed; }
?> /js/widget/jquery.ui.core.js"></script> <script src="http://<?php echo RaykuCommon::getCurrentHttpDomain(); ?> /js/widget/jquery.ui.widget.js"></script> <script src="http://<?php echo RaykuCommon::getCurrentHttpDomain(); ?> /js/widget/jquery.ui.mouse.js"></script> <script src="http://<?php echo RaykuCommon::getCurrentHttpDomain(); ?> /js/widget/jquery.ui.slider.js"></script> <script type="text/javascript" src="http://<?php echo RaykuCommon::getCurrentHttpDomain(); ?> /js/widget/jquery.qtip-1.0.0-rc3.min.js"></script> <script type="text/javascript"> var vd = jQuery.noConflict(); vd('#rank').qtip({ content: '<span id="rank-heading">Rank in the <b>top #25</b> and<br >you will show up on the<br >1st page of tutor search lists.</span>', position: { corner: { target: 'topRight', tooltip: 'topLeft' } }, show: 'mouseover', hide: 'mouseout',
public function executeFacebook() { /* @var $raykuUser User */ $raykuUser = $this->getUser()->getRaykuUser(); if (@$_POST['_hidden_facebook'] && !empty($_POST['fbname'])) { $fb_username = $_POST['fbname']; $this->redirect('http://www.facebook.com/dialog/friends/?id=raykubot&app_id=304330886250108&redirect_uri=http://' . RaykuCommon::getCurrentHttpDomain() . '/dashboard/facebookadd?username=' . $fb_username); } $this->userFb = $raykuUser->getUserFb(); }
" alt="Certified Tutor" /> <?php } else { ?> <div> <?php } } ?> <?php } ?> <?php echo link_to($user->getName(), 'http://' . RaykuCommon::getCurrentHttpDomain() . '/tutor/' . $user->getUsername(), array('class' => 'username')); ?> </div> <div class="points" style="font-weight:normal;color:#666">Posts: <strong><?php $logedUserId = $user->getID(); $v = new Criteria(); $v->add(PostPeer::POSTER_ID, $logedUserId); $_postCount = PostPeer::doCount($v); echo $_postCount; ?> </strong> </div> <div class="points" style="font-weight:normal;color:#666;margin-top:4px;">RP: <strong><?php $query = mysql_query("select * from user where id=" . $logedUserId . " ", $connection) or die(mysql_error()); $detailPoints = mysql_fetch_assoc($query);
/** * Action to check login credentials */ public function executeLoginCheck() { $connection = RaykuCommon::getDatabaseConnection(); $sEmail = trim($this->getRequestParameter('name')); $sPassword = trim($this->getRequestParameter('pass')); if ($sEmail == '' && $sPassword == '') { StatsD::increment("login.failure"); $this->redirect('login/index'); } //Check the user credentials $this->user = UserPeer::checkLogin($sEmail, $sPassword); if (!$this->user) { StatsD::increment("login.failure"); $_SESSION['loginErrorMsg'] = 'Your username or password was incorrect.'; } else { StatsD::increment("login.success"); } /** * @todo - check if we ever got a chance to hit this place with recaptch - it looks like no so either lets remove it or make it working */ if (isset($_SESSION['loginWrongPass']) && $_SESSION['loginWrongPass'] >= 5) { require_once $_SERVER['DOCUMENT_ROOT'] . '/recaptcha/recaptchalib.php'; // Get a key from https://www.google.com/recaptcha/admin/create $publickey = "6Lc_mscSAAAAAE0Bxon37XRl56V_l3Ba0sqib2Zm"; $privatekey = "6Lc_mscSAAAAAKG3YnU2l3uHYqcBDB6R31XlVTW8"; # the response from reCAPTCHA $resp = null; # the error code from reCAPTCHA, if any $error = null; # was there a reCAPTCHA response? $resp = recaptcha_check_answer($privatekey, $_SERVER["REMOTE_ADDR"], $_POST["recaptcha_challenge_field"], $_POST["recaptcha_response_field"]); if ($resp->is_valid) { $_SESSION['loginWrongPass'] = 0; $_SESSION['recaptchaError'] = ''; } else { # set the error code so that we can display it $_SESSION['recaptchaError'] = $resp->error; $this->user = false; } } if (!$this->user) { $this->msg = 'Your username or password was incorrect.'; /////incrementing session value plus one if the password is wrong $_SESSION['loginWrongPass'] = @$_SESSION['loginWrongPass'] + 1; if ($_SESSION['loginWrongPass'] >= 5) { $this->redirect("/login"); } return sfView::ERROR; } //If the user hasn't confirmed their account, display a message if ($this->user->isTypeUnconfirmed()) { $this->msg = 'You have not confirmed your account yet. Please go to your email inbox and click on the link in the confirmation email.'; return sfView::ERROR; } //If the user is banned, display a message if ($this->user->getHidden()) { $this->msg = 'You are currently banned.'; return sfView::ERROR; } $this->getUser()->signIn($this->user, $this->getRequestParameter('remember', false)); /** * Invisible in practice means "invisible until next login" * On each login this flag is set either to 0 or 1 * There is no possibility to change invisible status while being logged in */ $this->user->setInvisible($this->getRequestParameter('invisible', false)); $_SESSION[$this->user->getUsername()] = time(); $this->user->save(); $currentUser = $this->getUser()->getRaykuUser(); $userId = $currentUser->getId(); if (!empty($userId)) { mysql_query("delete from popup_close where user_id=" . $userId, $connection) or die(mysql_error()); mysql_query("delete from sendmessage where asker_id =" . $userId, $connection) or die(mysql_error()); mysql_query("delete from user_expert where checked_id=" . $userId, $connection) or die(mysql_error()); } if (isset($_SESSION['modelPopupOpen'])) { unset($_SESSION['modelPopupOpen']); if ($_SESSION['popup_session']) { unset($_SESSION['popup_session']); } } if ($this->getRequestParameter('referer') != 'http://' . RaykuCommon::getCurrentHttpDomain() . '/login') { if ($this->getRequestParameter('referer') != NULL) { return $this->redirect($this->getRequestParameter('referer')); } } else { return sfView::SUCCESS; } }
<?php $raykuUser = $sf_user->getRaykuUser(); $num_of_row = 0; $IP = $_SERVER['REMOTE_ADDR']; $_query = mysql_query("select * from thread where user_ip='" . $IP . "' and banned=1"); $num_of_row = mysql_num_rows($_query); if ($num_of_row > 0) { echo "\n <script type='text/javascript'>\n document.location='http://" . RaykuCommon::getCurrentHttpDomain() . "/error';\n\t\t</script>"; } $_query = mysql_query("select * from banned_ips where ip like '%" . $IP . "%' "); $num_of_row = mysql_num_rows($_query); if ($num_of_row > 0) { echo "\n <script type='text/javascript'>\n document.location='http://" . RaykuCommon::getCurrentHttpDomain() . "/error';\n\t\t</script>"; } $logedUserId = @$_SESSION['symfony/user/sfUser/attributes']['symfony/user/sfUser/attributes']['user_id']; if ($logedUserId != '') { $user_id = $raykuUser->getId(); $num_of_row = 0; $_query = mysql_query("select * from thread where \tposter_id='" . $user_id . "' and banned=1"); $num_of_row = mysql_num_rows($_query); if ($num_of_row > 0) { echo "\n\t\t\t\t<script type='text/javascript'>\n document.location='http://" . RaykuCommon::getCurrentHttpDomain() . "/error';\n\t\t\t\t</script>"; } }
public function execute($request) { $connection = RaykuCommon::getDatabaseConnection(); $logedUserId = $_SESSION['symfony/user/sfUser/attributes']['symfony/user/sfUser/attributes']['user_id']; $currentUser = $this->getUser()->getRaykuUser(); $userId = $currentUser->getId(); $this->userId = $currentUser->getId(); $time = time(); $this->cat = $this->getRequestParameter('category'); $this->course_id = $this->getRequestParameter('course'); if (empty($this->course_id)) { if (!empty($_SESSION['course_id'])) { $this->course_id = $_SESSION['course_id']; } else { $this->course_id = 1; } } else { $_SESSION['course_id'] = $this->course_id; } if (empty($this->cat)) { if (!empty($_SESSION['subject'])) { $this->cat = $_SESSION['subject']; } else { $this->cat = 1; } } else { $_SESSION['subject'] = $this->cat; } if (empty($_SESSION["course_id"])) { $_SESSION["course_id"] = '1'; } /* Quick Registration Users - Listing Tutors */ if ($this->studentFromQuickRegistrationAskingAQuestion()) { $_dash_question = ''; $_dash_course_id = ''; $_school = ''; $_dash_education = ''; $_dash_code_id = ''; $_dash_year = ''; $_SESSION['subject'] = 1; $_dash_education = $_SESSION['edu']; $_dash_course_id = $_SESSION['course_id']; if ($_dash_course_id) { $queryCname = mysql_query("select * from courses where id ='" . $_dash_course_id . "'", $connection) or die(mysql_error()); $rowCoursename = mysql_fetch_array($queryCname); $_SESSION['course_name_sess'] = $rowCoursename['course_name']; } if (strtolower($_SESSION['year']) != "Choose year") { $_dash_year = trim($_SESSION['year']); } elseif (strtolower($_SESSION['grade']) != "Choose grade") { $_dash_year = trim($_SESSION['grade']); } $c = new Criteria(); $c->add(UserQuestionTagPeer::CATEGORY_ID, 1); $c->add(UserQuestionTagPeer::USER_ID, $userId); $c->add(UserQuestionTagPeer::COURSE_ID, $_dash_course_id); $c->add(UserQuestionTagPeer::COURSE_CODE, $_dash_code_id); $c->add(UserQuestionTagPeer::EDUCATION, $_dash_education); $c->add(UserQuestionTagPeer::SCHOOL, $_school); $c->add(UserQuestionTagPeer::YEAR, $_dash_year); $userQuestionTag = UserQuestionTagPeer::doSelectOne($c); if ($userQuestionTag) { $userQuestionTag->delete(); } $userQuestionTag = new UserQuestionTag(); $userQuestionTag->setUserId($userId); $userQuestionTag->setCategoryId(1); $userQuestionTag->setCourseId($_dash_course_id); $userQuestionTag->setCourseCode($_dash_code_id); $userQuestionTag->setEducation($_dash_education); $userQuestionTag->setSchool($_school); $userQuestionTag->setYear($_dash_year); $userQuestionTag->setQuestion($_SESSION['question']); $userQuestionTag->save(); } else { if ($this->loggedStudentAsksAQuestion()) { $_dash_question = ''; $_dash_course_id = ''; $_school = ''; $_dash_education = ''; $_dash_code_id = ''; $_dash_year = ''; $_dash_question = $_POST['question']; $_SESSION['question'] = $_dash_question; $_SESSION['subject'] = 1; if (!empty($_POST['course_category_hidden'])) { $course_name = trim($_POST['course_category_hidden']); $_SESSION['course_name_sess'] = $course_name; $_queryCourse = mysql_query("select * from courses where course_name ='" . $course_name . "' ", $connection) or die(mysql_error()); $_rowCourse = mysql_fetch_assoc($_queryCourse); $_dash_course_id = $_rowCourse['id']; $_SESSION["course_id"] = $_dash_course_id; } $_dash_education = $_POST['edu']; /* Student Confirmation */ $_SESSION['edu'] = $_dash_education; if (strtolower($_POST['year_hidden']) != "choose year") { $_dash_year = trim($_POST['year_hidden']); /* student confirmation */ $_SESSION['year'] = $_dash_year; } elseif (strtolower($_POST['grade_hidden']) != "choose grade") { $_dash_year = trim($_POST['grade_hidden']); /* student confirmation */ $_SESSION['grade'] = $_dash_year; } $c = new Criteria(); $c->add(UserQuestionTagPeer::CATEGORY_ID, 1); $c->add(UserQuestionTagPeer::USER_ID, $userId); $c->add(UserQuestionTagPeer::COURSE_ID, $_dash_course_id); $c->add(UserQuestionTagPeer::COURSE_CODE, $_dash_code_id); $c->add(UserQuestionTagPeer::EDUCATION, $_dash_education); $c->add(UserQuestionTagPeer::SCHOOL, $_school); $c->add(UserQuestionTagPeer::YEAR, $_dash_year); $userQuestionTag = UserQuestionTagPeer::doSelectOne($c); if ($userQuestionTag) { $userQuestionTag->delete(); } $userQuestionTag = new UserQuestionTag(); $userQuestionTag->setUserId($userId); $userQuestionTag->setCategoryId(1); $userQuestionTag->setCourseId($_dash_course_id); $userQuestionTag->setCourseCode($_dash_code_id); $userQuestionTag->setEducation($_dash_education); $userQuestionTag->setSchool($_school); $userQuestionTag->setYear($_dash_year); $userQuestionTag->setQuestion($_POST['question']); $userQuestionTag->save(); } } /** * @todo - below block of code could be extracted to separate action */ if (!empty($_POST['hidden'])) { $count = count($_POST['checkbox']); /* Clearing Cookies */ if (isset($_COOKIE['cookcount'])) { for ($u = $_COOKIE['cookcount']; $u >= 1; $u--) { $cookname = 'expert_' . $u; setcookie($cookname, '', time() - 3600, "/", sfConfig::get('app_cookies_domain')); } } setcookie("expertscount", '', time() - 3600, "/", sfConfig::get('app_cookies_domain')); setcookie("cooktotal", '', time() - 3600, "/", sfConfig::get('app_cookies_domain')); /* Clearing Cookies */ if ($count == 4) { $close = 46000; $_SESSION['connected_tutors'] = 4; } else { if ($count == 3) { $close = 46000; $_SESSION['connected_tutors'] = 3; } else { if ($count == 2) { $close = 61000; $_SESSION['connected_tutors'] = 2; } else { if ($count == 1) { $close = 61000; $_SESSION['connected_tutors'] = 1; } else { $close = 61000; $_SESSION['connected_tutors'] = 1; } } } } $j = 0; $c = new Criteria(); $c->add(UserQuestionTagPeer::USER_ID, $userId); $c->addDescendingOrderByColumn(UserQuestionTagPeer::ID); $userQuestionTag = UserQuestionTagPeer::doSelectOne($c); $course_code = ''; $year = ''; $course_id = '1'; $school = ''; if ($userQuestionTag) { $course_id = $userQuestionTag->getCourseId(); $course_code = $userQuestionTag->getCourseCode(); $year = $userQuestionTag->getYear(); $school = $userQuestionTag->getSchool(); if ($userQuestionTag->getEducation() == 2) { $school = "High School"; } } // this is where the sql injection error is happening, fix this // escape single quotes for ($i = 0; $i < $count; $i++) { mysql_query("INSERT INTO `user_expert` (`user_id`, `checked_id`, `category_id`, course_id, `question`, `exe_order`, `time`,course_code, year, school, status, close) VALUES ('" . mysql_real_escape_string($userId) . "', '" . mysql_real_escape_string($_POST['checkbox'][$i]) . "', " . mysql_real_escape_string($this->cat) . ", " . mysql_real_escape_string($course_id) . ",'" . mysql_real_escape_string($_SESSION['question']) . "','" . mysql_real_escape_string(++$j) . "', '" . mysql_real_escape_string($time) . "', '" . mysql_real_escape_string($course_code) . "', '" . mysql_real_escape_string($year) . "', '" . mysql_real_escape_string($school) . "', 1, " . mysql_real_escape_string($close) . ") ", $connection) or die("Error In Insert-->" . mysql_error()); } /* Notify same tutor again */ $l = 0; $source = 'expertmanager'; mysql_query("DELETE FROM `student_questions` WHERE user_id = " . $userId . "", $connection); for ($i = 0; $i < $count; $i++) { $question = new StudentQuestion(); $question->setStudentId($userId); $question->setTutorId($_POST['checkbox'][$i]); $question->setCategoryId($this->cat); $question->setCourseId($course_id); $question->setQuestion($_SESSION['question']); $question->setExeOrder(++$l); $question->setTime($time); $question->setCourseCode($course_code); $question->setYear($year); $question->setSchool($school); $question->setStatus(1); $question->setClose($close); $question->setSource($source); $question->save(); } setcookie("asker_que", urldecode($_SESSION['question']), time() + 600, "/", sfConfig::get('app_cookies_domain')); $this->getResponse()->setCookie("redirection", 1, time() + 600, '/', sfConfig::get('app_cookies_domain')); $this->getResponse()->setCookie("forumsub", $_SESSION['subject'], time() + 600, '/', sfConfig::get('app_cookies_domain')); $this->redirect('expertmanager/connect'); } $logedUserId = $_SESSION['symfony/user/sfUser/attributes']['symfony/user/sfUser/attributes']['user_id']; $c = new Criteria(); $c->addJoin(ExpertCategoryPeer::USER_ID, UserTutorPeer::USERID, Criteria::INNER_JOIN); if ($this->cat == 5) { $experts = ExpertCategoryPeer::doSelect($c); } else { $c->add(ExpertCategoryPeer::CATEGORY_ID, $this->cat); $experts = ExpertCategoryPeer::doSelect($c); } $queryPoints = mysql_query("select * from user where id = " . $userId, $connection) or die("Error In rate" . mysql_error()); if (mysql_num_rows($queryPoints) > 0) { $rowPoints = mysql_fetch_assoc($queryPoints); $_points = $rowPoints['points']; } $newUser = array(); $i = 0; $eachExpertOnlyOnce = array(); foreach ($experts as $exp) { if ($userId != $exp->getUserId()) { if (in_array($exp->getUserId(), $eachExpertOnlyOnce)) { continue; } $eachExpertOnlyOnce[] = $exp->getUserId(); $_queryCourse = ''; $tutorsq = mysql_query("select * from tutor_profile where category = 1 and user_id = " . $exp->getUserId() . "", $connection) or die("Er-1-->" . mysql_error()); $tutors = mysql_fetch_array($tutorsq); $tutor = ''; $tutor = explode("-", $tutors['course_id']); if (in_array($_SESSION["course_id"], $tutor)) { $_queryCourse = mysql_query("select * from tutor_profile where category = 1 and user_id = " . $exp->getUserId() . "", $connection) or die("Er-1-->" . mysql_error()); } if ($_queryCourse && mysql_num_rows($_queryCourse) > 0) { $query = mysql_query("select * from user_score where user_id = " . $exp->getUserId(), $connection) or die(mysql_error()); $score = mysql_fetch_assoc($query); if ($score['score'] != 0) { if ($_points == '' || $_points == '0.00') { $emptyRCquery = mysql_query("select * from user_rate where userid = " . $exp->getUserId() . " and (rate = 0.00 || rate = 0) ", $connection) or die("Error In rate" . mysql_error()); if (mysql_num_rows($emptyRCquery) > 0) { $dv = new Criteria(); $dv->add(UserPeer::ID, $exp->getUserId()); $_thisUser = UserPeer::doSelectOne($dv); $rankUsersFinal[$i] = array("score" => $score['score'], "userid" => $exp->getUserId(), "category" => $this->cat, "createdat" => $_thisUser->getCreatedAt()); $newUser[$i] = array("score" => $score['score'], "userid" => $exp->getUserId(), "category" => $this->cat, "createdat" => $_thisUser->getCreatedAt()); $i++; } } else { $dv = new Criteria(); $dv->add(UserPeer::ID, $exp->getUserId()); $_thisUser = UserPeer::doSelectOne($dv); $rankUsersFinal[$i] = array("score" => $score['score'], "userid" => $exp->getUserId(), "category" => $this->cat, "createdat" => $_thisUser->getCreatedAt()); $newUser[$i] = array("score" => $score['score'], "userid" => $exp->getUserId(), "category" => $this->cat, "createdat" => $_thisUser->getCreatedAt()); $i++; } } } } } asort($newUser); arsort($newUser); asort($rankUsersFinal); arsort($rankUsersFinal); $this->rankCheckUsers = $rankUsersFinal; ////if no online expert available redirecting to the board page // // ant-edit get rid of adding notification bots right now $onlineusers = array(); $offlineusers = array(); $newOnlineUser = array(); $newOfflineUser = array(); $j = 0; $k = 0; // $facebookTutors = BotServiceProvider::createFor("http://facebook.rayku.com/tutor")->getContent(); // $onlineTutorsByNotificationBot = BotServiceProvider::createFor("http://notification-bot.rayku.com/tutor")->getContent(); // $Users = json_decode($facebookTutors, true); // $_Users = json_decode($onlineTutorsByNotificationBot, true); //Iterate through every user and check if they are online (either on fb gchat local rayku etc... foreach ($newUser as $new) { $a = new Criteria(); $a->add(UserPeer::ID, $new['userid']); $users_online = UserPeer::doSelectOne($a); $onlinecheck = ''; if ($users_online->isOnline()) { $onlinecheck = "online"; } // // ant-edit get rid of gtalk users for now if (empty($onlinecheck)) { $userGtalk = $users_online->getUserGtalk(); if ($userGtalk) { $onlinecheck = BotServiceProvider::createFor(sfConfig::get('app_rayku_url') . ':' . sfConfig::get('app_g_chat_port') . '/status/' . $userGtalk->getGtalkid())->getContent(); } } // if ((empty($onlinecheck) || ($onlinecheck != "online")) && is_array($Users)) { // $userFb = UserFbPeer::retrieveByUserId($new['userid']); // if ($userFb) { // $fb_username = $userFb->getFbUsername(); // foreach ($Users as $key => $user) { // if ($user['username'] == $fb_username) { // $onlinecheck = 'online'; // break; // } // } // } // } // if ((empty($onlinecheck) || ($onlinecheck != "online")) && is_array($_Users)) { // foreach ($_Users as $key => $_user) { // if ($_user['email'] == $users_online->getEmail()) { // $onlinecheck = 'online'; // break; // } // } // } //if user was online then store ; if ($onlinecheck == "online") { $onlineusers[$j] = $new['userid']; $newOnlineUser[$j] = array("score" => $new['score'], "userid" => $new['userid'], "category" => $new['category'], "createdat" => $new['createdat']); $j++; } elseif ($users_online->isOnline()) { $newOnlineUser[$j] = array("score" => $new['score'], "userid" => $new['userid'], "category" => $new['category'], "createdat" => $new['createdat']); $onlineusers[$j] = $new['userid']; $j++; } else { $newOfflineUser[$k] = array("score" => $new['score'], "userid" => $new['userid'], "category" => $new['category'], "createdat" => $new['createdat']); $offlineusers[$k] = $new['userid']; $k++; } } $this->newOnlineUser = $newOnlineUser; $this->newOfflineUser = $newOfflineUser; $this->_checkOnlineUsers = $onlineusers; if (count($onlineusers) < 1) { $this->redirect('http://' . RaykuCommon::getCurrentHttpDomain() . '/forum/newthread/' . $_SESSION['subject'] . '?exp_online = 1'); } $onoff = isset($_COOKIE['onoff']) ? $_COOKIE['onoff'] : null; if ($onoff == 1) { if (!empty($_COOKIE["school"])) { $cookieSchool = array(); $m = 0; foreach ($newOnlineUser as $new) { $b = new Criteria(); $b->add(UserPeer::ID, $new['userid']); $schoolusers = UserPeer::doSelectOne($b); $mail = explode("@", $schoolusers->getEmail()); $newMail = explode(".", $mail[1]); if ($newMail[0] == $_COOKIE["school"] || $newMail[1] == $_COOKIE["school"]) { $cookieSchool[$m] = $new; $m++; } } $this->expert_cats = $cookieSchool; } else { $this->expert_cats = $newOnlineUser; } } else { if ($onoff == 2) { if (!empty($_COOKIE["school"])) { $cookieSchool = array(); $m = 0; foreach ($newOfflineUser as $new) { $b = new Criteria(); $b->add(UserPeer::ID, $new['userid']); $schoolusers = UserPeer::doSelectOne($b); $mail = explode("@", $schoolusers->getEmail()); $newMail = explode(".", $mail[1]); if ($newMail[0] == $_COOKIE["school"] || $newMail[1] == $_COOKIE["school"]) { $cookieSchool[$m] = $new; $m++; } } $this->expert_cats = $cookieSchool; } else { $this->expert_cats = $newOfflineUser; } } else { if (!empty($_COOKIE["school"])) { $cookieSchool = array(); $m = 0; foreach ($newUser as $new) { $b = new Criteria(); $b->add(UserPeer::ID, $new['userid']); $schoolusers = UserPeer::doSelectOne($b); $mail = explode("@", $schoolusers->getEmail()); $newMail = explode(".", $mail[1]); if ($newMail[0] == $_COOKIE["school"] || $newMail[1] == $_COOKIE["school"]) { $cookieSchool[$m] = $new; $m++; } } $this->expert_cats = $cookieSchool; } else { $this->expert_cats = $newUser; } } } $this->tutorsCount = count($this->expert_cats); $c = new Criteria(); $c->add(CategoryPeer::ID, $this->cat); $this->e = CategoryPeer::doSelectOne($c); }
public function executeCurrenttutor() { // connect to the database and get the current user's id $connection = RaykuCommon::getDatabaseConnection(); $currentUser = $this->getUser()->getRaykuUser(); $userId = $currentUser->getId(); // make a query to the user_expert table (which should hold current questions) // sort by status, lowest first, and limit to one $sql = "SELECT * FROM user_expert WHERE user_id='" . mysql_real_escape_string($userId) . "' ORDER BY exe_order LIMIT 0,1"; $result = mysql_query($sql); // if there is nothing else, let sami know by returning a blank object if (mysql_num_rows($result) === 0) { print ""; exit; } // get the target tutor's id, and get their information $tutor_row = mysql_fetch_assoc($result); $tutor_id = $tutor_row['checked_id']; // get their username, firt, and last name $sql = "SELECT * FROM user WHERE id='" . mysql_real_escape_string($tutor_id) . "'"; $result = mysql_query($sql); $tutor_info = mysql_fetch_assoc($result); $tutor_user_name = $tutor_info['username']; $tutor_full_name = $tutor_info['name']; $tutor_pic_url = 'http://' . RaykuCommon::getCurrentHttpDomain() . "/avatar/{$tutor_id}/0"; // get their experience and profile $sql = "SELECT * FROM tutor_profile WHERE user_id='" . mysql_real_escape_string($tutor_id) . "'"; $result = mysql_query($sql); $tutor_info = mysql_fetch_assoc($result); $tutor_school = $tutor_info['school']; $tutor_role = $tutor_info['tutor_role']; $tutor_study = $tutor_info['study']; // get an object ready to return to client end $return_obj = new stdClass(); $return_obj->id = $tutor_id; $return_obj->user_name = $tutor_user_name; $return_obj->full_name = $tutor_full_name; $return_obj->pic_url = $tutor_pic_url; $return_obj->school = $tutor_school; $return_obj->role = $tutor_role; $return_obj->study = $tutor_study; // return json-encoded object print json_encode($return_obj); exit; }