public function Update() { global $database; $attributes = $this->SanitizedAttributes(); $attributes_pairs = array(); foreach ($attributes as $key => $value) { $attributes_pairs[] = "{$key} = '{$value}' "; } $query = "UPDATE " . self::$table_name . " SET "; $query .= join(", ", $attributes_pairs); $query .= " WHERE id=" . $database->EscapeValue($this->id); $database->Query($query); return $database->AffectedRows() == 1 ? RedirectTo("manage_admin.php") : RedirectTo("edit_admin.php?id=" . $this->id); }
<?php if (!$session->IsLoggedIn()) { RedirectTo("login.php"); } ?> <?php IncludeLayout("left-menu.php"); ?> <section class="page-cont"> <div> <h2>Welcome, <?php echo $session->user_id; ?> </h2> <?php echo $session->Message(); ?> </div> </section> <?php if ($_GET['logout'] == 'true') { $session->Logout(); RedirectTo("login.php"); } ?> <?php IncludeLayout("footer.php");
include "../includes/layouts/admin-header.php"; ?> <?php $current_subject = FindSubjectById($_GET["subject"], false); if (!$current_subject) { RedirectTo("manage_content.php"); } $pages_set = PagesForSubjects($current_subject["id"], false); if (mysqli_num_rows($pages_set) > 0) { $_SESSION["message"] = "Can't delete subject with pages"; RedirectTo("manage_content.php?subject={$current_subject["id"]}"); } $id = $current_subject["id"]; $query = "DELETE FROM subjects WHERE id = {$id} LIMIT 1"; $result = mysqli_query($db, $query); if ($result && mysqli_affected_rows($db) == 1) { $_SESSION["message"] = "Subject deleted."; RedirectTo("manage_content.php"); } else { $message = "Subject deletion failed"; RedirectTo("new_subject.php?subject={$id}"); } ?> <?php include "../includes/layouts/footer.php";
<?php require_once "../includes/session.php"; require_once "../includes/functions.php"; ?> <?php $_SESSION["admin_id"] = null; $_SESSION["username"] = null; RedirectTo("admin_login.php");
$errMsg .= "</div>"; } $data = array('msg1' => $errMsg, 'msg2' => ''); echo json_encode($data); } //EDIT PEMELIHARAAN if (isset($_GET['idPemeliharaan'])) { $errMsg = ""; $idPemeliharaan = $_GET['idPemeliharaan']; $idAlat = htmlspecialchars($_POST['idAlat']); $startBroken = htmlspecialchars($_POST['startBroken']); $startRepair = htmlspecialchars($_POST['startRepair']); $finishRepair = htmlspecialchars($_POST['finishRepair']); $qry = "UPDATE pemeliharaan SET id_kerusakan='{$idPemeliharaan}', id_alat='{$idAlat}',start_broken='{$startBroken}',start_repair='{$startRepair}', finish_repair='{$finishRepair}'\n\t\t WHERE id_kerusakan='{$idPemeliharaan}'"; $hsl = querydb($qry); RedirectTo('pemeliharaan.php', false); } if (isset($_POST['hapusPemeliharaan'])) { $errMsg = ""; $idPemeliharaan = $_POST['idPemeliharaan']; $qri = "DELETE FROM pemeliharaan WHERE id_kerusakan='" . $idPemeliharaan . "'"; $res = querydb($qri); if ($res) { $errMsg .= "<div class=\"alert alert-success alert-dismissible\" role=\"alert\">"; $errMsg .= "<button type=\"button\" class=\"close\" data-dismiss=\"alert\" aria-label=\"Close\"><span aria-hidden=\"true\">×</span></button>"; $errMsg .= "SUKSES !!! Data sudah dihapus!!!"; $errMsg .= "</div>"; } else { $errMsg .= "<div class=\"alert alert-danger alert-dismissible\" role=\"alert\">"; $errMsg .= "<button type=\"button\" class=\"close\" data-dismiss=\"alert\" aria-label=\"Close\"><span aria-hidden=\"true\">×</span></button>"; $errMsg .= "GAGAL !!! Data tidak bisa dihapus !!!";
if (isset($_POST['submit'])) { $fields_required = array("username", "password"); ValidatePresence($fields_required); $fields_with_max_lengths = array("username" => 40); ValidateMaxLengths($fields_with_max_lengths); $fields_with_max_lengths = array("username" => 40); ValidateMaxLengths($fields_with_max_lengths); if (empty($errors)) { //Login $username = $_POST["username"]; $password = $_POST["password"]; $found_admin = AttemptLogin($username, $password); if ($found_admin) { $_SESSION['admin_id'] = $found_admin["id"]; $_SESSION['username'] = $found_admin["username"]; RedirectTo("admin.php"); } else { $_SESSION["message"] = "Username/Password not found."; } } } else { } ?> <?php $context = "admin"; include "../includes/layouts/admin-header.php"; ?> <section class="all-subj-menu"><div></div></section> <section class="page">
$username = trim($_POST["username"]); $password = trim($_POST["password"]); //Validations $fields_required = array("username", "password"); foreach ($fields_required as $field) { $value = trim($_POST[$field]); if (!HasPresence($value)) { $errors[$field] = ucfirst($field) . " can't be blank"; } } $fields_with_max_lengths = array("username" => 10, "password" => 3); ValidateMaxLengths($fields_with_max_lengths); // Login if (empty($errors)) { if ($username == "Vera" && $password == "123") { RedirectTo("index.php"); } else { $message = "Username/password doesn't match"; } } } else { $username = ""; $message = "Please log in."; } ?> <!DOCTYPE html> <html> <head> <title>Form Single Page</title> <meta charset="UTF-8">
// Update } $id = $current_subject["id"]; $menu_name = MysqlPrep($_POST["menu_name"]); $position = (int) $_POST["position"]; $visible = (int) $_POST["visible"]; $query = "UPDATE subjects SET "; $query .= "menu_name = '{$menu_name}' , "; $query .= "position = {$position} , "; $query .= "visible = {$visible} "; $query .= "WHERE id = {$id} "; $query .= "LIMIT 1"; $result = mysqli_query($db, $query); if ($result && mysqli_affected_rows($db) >= 0) { $_SESSION["message"] = "Subject updated."; RedirectTo("manage_content.php"); } else { $message = "Subject update failed"; } } else { //Prob GET request } // end: if (isset($_POST['submit'])) ?> <section class="all-subj-menu"> <div> <?php echo Navigation($current_subject, $current_page, false); ?> </div>
$visible = (int) $_POST["visible"]; $fields_required = array("menu_name", "position", "visible"); ValidatePresence($fields_required); $fields_with_max_lengths = array("menu_name" => 70); ValidateMaxLengths($fields_with_max_lengths); if (!empty($errors)) { $_SESSION["errors"] = $errors; RedirectTo("new_subject.php"); } $query = "INSERT INTO subjects ("; $query .= "menu_name, position, visible"; $query .= ") VALUES ("; $query .= " '{$menu_name}', {$position}, {$visible}"; $query .= ")"; $result = mysqli_query($db, $query); if ($result) { $_SESSION["message"] = "Subject created."; RedirectTo("manage_content.php"); } else { $_SESSION["message"] = "Subject creation failed"; RedirectTo("new_subject.php"); } } else { RedirectTo("new_subject.php"); } ?> <?php if (isset($db)) { mysqli_close($db); }
<?php namespace ScriptAcid; require_once $_SERVER["DOCUMENT_ROOT"] . "/scriptacid/core/kernel.php"; SetTitle("Завершение сеанса пользователя"); //App::get()->makePage(function(&$arPageParams) { ?> <?php if (App::USER()->IsAuthorized() and $_GET['logout'] == 'Y') { App::USER()->UnAuthorize(); ShowMsg('Заходите к нам еще!'); RedirectTo('/', 3000); } else { ShowError('Вы не вошли'); } ?> <?php // }); // end of makePage
function ConfirmLoggedIn() { if (!LoggedIn()) { RedirectTo("admin_login.php"); } }
<?php // header("HTTP 1.1 / 404 Not Found"); // header("X-Powered-By: none of your business"); function RedirectTo($newLocation) { header("Location: " . $newLocation); exit; } $loggedIn = $_GET['loggedIn']; if ($loggedIn == "1") { RedirectTo("FirstPage.php"); } else { RedirectTo("http://google.com"); } ?> <!DOCTYPE html> <html> <head> <title>JClass</title> <meta charset="UTF-8"> </head> <body> <pre> <?php print_r(headers_list()); ?> </pre>
<?php App::callComponent(":catalog.element.add", "_admin", array("FIELDS" => array("ID", "ACTIVE", "NAME", "CATALOG_SECTION_ID", "CATALOG_ID", "SORT", "CODE", "PREVIEW_PICTURE", "PREVIEW_TEXT", "PREVIEW_TEXT_TYPE", "DETAIL_PICTURE", "DETAIL_TEXT", "DETAIL_TEXT_TYPE", "TAGS"), "ID" => $_GET['ID'], "CATALOG_ID" => $_GET['CATALOG_ID'], "TYPE" => $_GET["TYPE"])); ?> <?php break; ?> <?php case 'DELETE': ?> <?php ShowMsg(); ?> <?php if (CatalogElement::Delete($_GET["ID"])) { AddMsg("Элемент успешно удалён"); RedirectTo('/scriptacid/admin/catalog/element.php' . '?CATALOG_ID=' . $_GET["CATALOG_ID"] . '&TYPE=' . $_GET["TYPE"] . '&ID=' . $_GET["ID"]); } else { echo ShowError("Ошибка при удалении элемента каталога"); } ?> <p><a href="/scriptacid/admin/catalog/">Список типов</a></p> <?php break; ?> <?php default: ?> <?php $arCaralogType = CatalogType::GetByID($_GET["TYPE"]);
$fields_required = array("menu_name", "position", "visible", "content"); ValidatePresence($fields_required); $fields_with_max_lengths = array("menu_name" => 70); ValidateMaxLengths($fields_with_max_lengths); if (empty($errors)) { $query = "UPDATE pages SET "; $query .= "menu_name = '{$menu_name}', "; $query .= "position = {$position}, "; $query .= "visible = {$visible}, "; $query .= "content = '{$content}' "; $query .= "WHERE id = {$id} "; $query .= "LIMIT 1"; $result = mysqli_query($db, $query); if ($result && mysqli_affected_rows($db) == 1) { $_SESSION["message"] = "Page updated."; RedirectTo("manage_content.php?page={$id}"); } else { $_SESSION["message"] = "Page update failed."; } } } else { //Prob GET request } // end: if (isset($_POST['submit'])) ?> <?php include "../includes/layouts/admin-header.php"; ?> <section class="all-subj-menu">
<?php App::callComponent(":catalog.type.add", "_admin", array("FIELDS" => array("ID", "NAME", "SORT", "SID", "SECTION_NAME", "ELEMENT_NAME"), "ID" => $_GET['ID'])); ?> <?php break; ?> <?php case 'DELETE': ?> <?php ShowMsg(); ?> <?php if (CatalogType::Delete($_GET["ID"])) { AddMsg("Тип успешно удалён"); RedirectTo('/scriptacid/admin/catalog/'); } else { ShowError("Ошибка при удалении типа каталога"); } ?> <p><a href="/scriptacid/admin/catalog/">Список типов</a></p> <?php break; ?> <?php default: ?> <h3><?php echo LANG("MODULE_CATALOG_TYPES_TITLE"); ?> </h3>
<?php require_once "../../includes/initialize.php"; if (!$session->IsLoggedIn()) { RedirectTo("login.php"); } IncludeLayout("admin-header.php"); $max_file_size = 10485760; if (isset($_POST["submit"])) { $photograph = new Photograph(); $photograph->caption = $_POST["caption"]; $photograph->AttachFile($_FILES["upload_file"]); $photograph->id = $database->InsertId(); if ($photograph->SaveWithFile()) { $session->SetMessage("Successfully uploaded."); RedirectTo("photo_view.php"); } else { $message = join("<br/>", $photograph->errors); } } ?> <?php IncludeLayout("left-menu.php"); ?> <div> <section> <div> <h2>Upload photo</h2> <?php echo Messages($message);
<?php include "../../includes/layouts/admin-header.php"; require_once "../../includes/initialize.php"; $user = User::FindById($_GET["id"]); if (!$user) { redirect_to("manage_admin.php"); } else { $user->id = $_GET['id']; if ($user->Delete()) { RedirectTo("manage_admin.php"); } else { RedirectTo("edit_admin.php?id=" . $user->id); } } ?> <?php include "../../includes/layouts/footer.php";
function GetSingleDeal() { global $LanguageID; global $LanguageCode; if ($LanguageID == 0) { $LanguageID = 1; $LanguageCode = 'en'; $Expiry = time() + 60 * 60; setcookie('LID', $LanguageID, $Expiry); } list($QR, $DR, $T) = QuerySingle("SELECT D.DealID, COALESCE(LSDa.StringText, LSDb.StringText) AS Title\n FROM 4000_Deals D\n INNER JOIN 0200_Language_Strings LSDa ON D.StringID = LSDa.StringID AND LSDa.LanguageID = " . $LanguageID . "\n INNER JOIN 0200_Language_Strings LSDb ON D.StringID = LSDb.StringID AND LSDb.LanguageID = 1\n WHERE D.DealID = " . (int) $_SERVER['QUERY_STRING'] . ";"); if ($QR > 0) { return DisplayMainScreen('InitD(' . $DR['DealID'] . ');', $DR['Title']); } RedirectTo(); }
<?php require_once "session.php"; if (!checkSession()) { RedirectTo("http://localhost/xampp/ProjectX/SigninPage.php"); exit; } ?> <div class="profile"> <?php include 'connect.php'; $username = $_SESSION['username']; $password = $_SESSION['password']; $query = "SELECT username,phone,firstname,lastname,email,gender,photopath FROM profile WHERE (username='******' AND password='******') AND activation IS NULL"; $result = mysqli_query($connection, $query); $result_array = mysqli_fetch_array($result); $photopath = $result_array['photopath']; echo "<img src='" . $photopath . "' /> </br></br>"; echo "Username :"******"</br>"; echo "Phone no. :" . $result_array['phone'] . "</br>"; echo "FirstName :" . $result_array['firstname'] . "</br>"; echo "LastName :" . $result_array['lastname'] . "</br>"; echo "Email :" . $result_array['email'] . "</br>"; echo "Gender :" . $result_array['gender'] . "</br>"; ?> </div>
$fields_with_max_lengths = array("username" => 40); ValidateMaxLengths($fields_with_max_lengths); $fields_with_max_lengths = array("username" => 40); ValidateMaxLengths($fields_with_max_lengths); if (empty($errors)) { $username = MysqlPrep($_POST["username"]); $hashed_password = PasswordEncrypt($_POST["password"]); $query = "INSERT INTO admins ("; $query .= "username, hashed_password"; $query .= ") VALUES ("; $query .= " '{$username}', '{$hashed_password}' "; $query .= ")"; $result = mysqli_query($db, $query); if ($result) { $_SESSION["message"] = "Admin user created."; RedirectTo("manage_admin.php"); } else { $_SESSION["message"] = "Admin user creation failed"; } } } else { } ?> <?php $context = "admin"; include "../includes/layouts/admin-header.php"; ?> <section class="all-subj-menu"><div></div></section> <section class="page">
<?php require_once "../includes/session.php"; require_once "../includes/db_connect.php"; require_once "../includes/functions.php"; include "../includes/layouts/admin-header.php"; ?> <?php $current_admin = FindAdminById($_GET["id"]); if (!$current_admin) { RedirectTo("manage_admin.php"); } $id = $current_admin["id"]; $query = "DELETE FROM admins WHERE id = {$id} LIMIT 1"; $result = mysqli_query($db, $query); if ($result && mysqli_affected_rows($db) == 1) { $_SESSION["message"] = "Admin deleted."; RedirectTo("manage_admin.php"); } else { $message = "Admin deletion failed"; RedirectTo("new_admin.php?id={$id}"); } ?> <?php include "../includes/layouts/footer.php";
ValidateMaxLengths($fields_with_max_lengths); if (empty($errors)) { $subject_id = $current_subject["id"]; $menu_name = MysqlPrep($_POST["menu_name"]); $position = (int) $_POST["position"]; $visible = (int) $_POST["visible"]; $content = MysqlPrep($_POST["content"]); $query = "INSERT INTO pages ("; $query .= "subject_id, menu_name, position, visible, content"; $query .= ") VALUES ("; $query .= " {$subject_id}, '{$menu_name}', {$position}, {$visible}, '{$content}' "; $query .= ")"; $result = mysqli_query($db, $query); if ($result) { $_SESSION["message"] = "Page created."; RedirectTo("manage_content.php?subject=" . urlencode($current_subject["id"])); } else { $_SESSION["message"] = "Page creation failed"; } } } else { } ?> <section class="all-subj-menu"> <div> <?php echo Navigation($current_subject, $current_page, false); ?> </div> </section>