case 0:
$error[$num_errors++] = "The Name must be filled";
break;
case -2:
$error[$num_errors++] = "There are invalid characteres at the name";
break;
case 1:
$current = List_Units('', $units[0][1], $bd);
if ($current) {
if ($current[0][0] != $units[0][0]) {
$error[$num_errors++] = "This unit name is already in use";
}
}
break;
}
switch (User_Validate_Simple_Field($units[0][2], 15)) {
case 0:
$error[$num_errors++] = "The Acronym must be filled";
break;
case -2:
$error[$num_errors++] = "There are invalid characteres at the acronym";
break;
}
if (empty($error)) {
Update_Unit($units[0][0], $units[0][1], $units[0][2], $units[0][3], $bd);
$alert[$num_alerts++] = "Unit Updated Successfully";
include "adm_units.php";
exit;
}
} else {
$units = List_Units($_GET['unit_id'], '', $bd);
$cur_room = List_Rooms($rooms[0][0], '', '', '', '', $bd);
$cur_email = $cur_person[0][5];
switch (User_Validate_Simple_Field($rooms[0][1], 15)) {
case 0:
$error[$num_errors++] = "The Name must be filled";
break;
case -2:
$error[$num_errors++] = "There are invalid characteres at the name";
break;
}
switch (User_Validate_Simple_Field($rooms[0][2], 256)) {
case -2:
$error[$num_errors++] = "There are invalid characteres at the comments";
break;
}
switch (User_Validate_Simple_Field($rooms[0][5], 100)) {
case -2:
$error[$num_errors++] = "There are invalid characteres at the location";
break;
}
switch (User_Validate_Numeric_Field($rooms[0][4])) {
case -1:
$error[$num_errors++] = "The capacity must be a integer greater than 0";
break;
case 0:
$error[$num_errors++] = "The capacity must be filled";
break;
case -2:
$error[$num_errors++] = "There are invalid characteres at the location";
break;
}
if (!isset($num_alerts)) {
$num_alerts = 0;
}
if (Validate_Session($complete_sess_id, $_SERVER['REMOTE_ADDR'], $bd)) {
Get_Account_Id($sess_id, $account_id, $bd);
if ($account_id != 'admin') {
$error[$num_errors++] = "You are not the administrator";
include "logout.php";
exit;
}
if (!empty($_POST['create'])) {
$categories[0][0] = '';
$categories[0][1] = $_POST['name'];
$categories[0][2] = $_POST['description'];
echo $_POST['description'];
switch (User_Validate_Simple_Field($categories[0][1], 30)) {
case 0:
$error[$num_errors++] = "The Name must be filled";
break;
case -2:
$error[$num_errors++] = "There are invalid characteres at the name";
break;
case 1:
$current = List_Categories('', $categories[0][1], $bd);
if ($current) {
$error[$num_errors++] = "This category name is already in use";
}
break;
}
if (empty($error)) {
Insert_Category($categories[0][1], $categories[0][2], $bd);
$category = $cat[0][1];
$commentaries = $_POST['commentaries'];
$type_array = $role . "_type";
$image_enable = "";
for ($i = 0; $cfg[$type_array][$i]; $i++) {
$field_type = $cfg[$type_array][$i];
if ($_POST[$field_type] == 'on') {
$image_enable .= "1";
} else {
$image_enable .= "0";
}
}
if (!User_Authenticate_Password($account_id, $cur_password, $bd)) {
$error[$num_errors++] = "The Current Password is Wrong";
}
switch (User_Validate_Simple_Field($name, 50)) {
case 0:
$error[$num_errors++] = "The name is blank";
break;
case -1:
$error[$num_errors++] = "The name length is more than 50 characters";
break;
}
switch (User_Validate_Email($email, 70)) {
case 0:
$error[$num_errors++] = "The e-mail is invalid";
break;
case -1:
$error[$num_errors++] = "The e-mail length is more than 70 characters";
break;
case 1:
case -2:
$error[$num_errors++] = "There are invalid characteres at the group acronym";
break;
case 1:
$current = List_Groups('', '', '', $groups[0][3], 1, $bd);
if ($current) {
$error[$num_errors++] = "This Group Acronym is already in use";
}
break;
}
switch (User_Validate_Simple_Field($groups[0][2], 256)) {
case -2:
$error[$num_errors++] = "There are invalid characteres at the group category";
break;
}
switch (User_Validate_Simple_Field($groups[0][3], 256)) {
case -2:
$error[$num_errors++] = "There are invalid characteres at the group description";
break;
}
if (empty($error)) {
Insert_Group($groups[0][1], $groups[0][2], $groups[0][3], $groups[0][4], $bd);
$groups_new = List_Groups('', $groups[0][1], '', '', 1, $bd);
Insert_Group_Member($groups_new[0][0], $account_id, 'O', '', $bd);
$alert[$num_alerts++] = "New Group Inserted Successfully";
include "groups.php";
exit;
}
}
$result_xsl = "xsl/" . $default_xsl . "/groups_new.xsl";
} else {
case -2:
$error[$num_errors++] = "There are invalid characteres at the year";
break;
}
switch (User_Validate_Numeric_Field($courses[0][6])) {
case -1:
$error[$num_errors++] = "The semester must be an integer value.";
break;
case 0:
$error[$num_errors++] = "The semester must be filled";
break;
case -2:
$error[$num_errors++] = "There are invalid characteres at the semester";
break;
}
switch (User_Validate_Simple_Field($courses[0][7], 32)) {
case 0:
$error[$num_errors++] = "A Lecturer must be chosen";
break;
case -2:
$error[$num_errors++] = "There are invalid characteres at the Lecturer";
break;
}
$current = List_Courses('', '', $courses[0][3], $courses[0][4], '', $courses[5], $courses[0][6], $bd);
if ($current) {
$error[$num_errors++] = 'This course already exists';
}
if (empty($error)) {
Insert_Course($courses[0][0], $courses[0][1], $courses[0][2], $courses[0][3], $courses[0][4], $courses[0][6], $courses[0][5], $courses[0][7], $bd);
$alert[$num_alerts++] = "New Course Inserted Successfully";
include "adm_acc_courses.php";
$array_type = $cfg[$var_type];
$array_color = $cfg[$var_color];
$array_image = $cfg[$var_image];
// If the user is actually owner of the group
if (!($membership == 'O' || $membership != 'M')) {
$error[$num_errors++] = "You are not moderator of this group.";
include "groups.php";
exit;
}
if ($is_pop) {
$result_xsl = "xsl/" . $default_xsl . "/groups_sch_ins_week_app_pop.xsl";
} else {
$result_xsl = "xsl/" . $default_xsl . "/groups_sch_ins_week_app.xsl";
}
if (!empty($_POST['submit_ins'])) {
if (User_Validate_Simple_Field($_POST['description'], 100) <= 0) {
$error[$num_errors++] = "The appointment description must be informed";
}
if ($_POST['beg_time'] >= $_POST['end_time']) {
$error[$num_errors++] = "The ending time must be greater than the beginning time";
}
$check = Group_Check_Weekly_Appointment_Overlap($group_id, $_POST['day'], $_POST['beg_time'], $_POST['end_time'], $bd);
if ($check) {
$error[$num_errors++] = "One of the members has another weekly appointment within this time span";
}
if (empty($error)) {
Group_Insert_Weekly_Appointment($group_id, $_POST['description'], $_POST['type'], $_POST['day'], $_POST['beg_time'], $_POST['end_time'], $_POST['url'], $account_id, $bd);
$alert[$num_alerts++] = "Appointment Inserted Successfully";
if (!$is_pop) {
include "groups_schedule.php";
exit;
case 0:
$error[$num_errors++] = "The E-mail must be filled";
break;
case -2:
$error[$num_errors++] = "There are invalid characteres at the e-mail";
break;
case 1:
$current = List_People('', '', $people[0][5], '', '', $bd);
if ($current) {
if ($current[0][5] != $cur_email) {
$error[$num_errors++] = "This e-mail is already in use";
}
}
break;
}
switch (User_Validate_Simple_Field($people[0][6], 100)) {
case -2:
$error[$num_errors++] = "There are invalid characteres at the url";
break;
}
if (empty($error)) {
$comp_person = List_People($people[0][0], '', '', '', '', $bd);
Update_Person($people[0][0], $people[0][1], $people[0][2], $people[0][5], $people[0][3], $people[0][6], $comp_person[0][7], $people[0][8], $bd);
$alert[$num_alerts++] = "Person Updated Successfully";
include "adm_acc_people.php";
exit;
}
} else {
$people = List_People($_GET['account_id'], '', '', '', '', $bd);
}
$departments = List_Departments('', '', '', $bd);
<?php
require "./inc/script_inicialization.php";
require "./inc/nrp_api.php";
$num_errors = 0;
$num_alerts = 0;
if (isset($_REQUEST['submit']) && $_REQUEST['submit'] == "Login") {
ob_start();
$val_id = User_Validate_Simple_Field($_REQUEST['id'], 32);
$val_password = User_Validate_Password($_REQUEST['password'], 6);
$user_ok = 0;
if ($val_id && $val_password) {
$auth_result = User_Authenticate_Password($_REQUEST['id'], $_REQUEST['password'], $bd);
if ($auth_result == 1) {
$user_ok = 1;
} elseif ($auth_result == 0) {
$error[$num_errors++] = "Wrong Password";
} else {
$error[$num_errors++] = "User Not Found";
}
} else {
if ($val_id == 0) {
$error[$num_errors++] = "The User ID is blank";
} else {
if ($val_id == -2) {
$error[$num_errors++] = "There are invalid characters in the User ID";
}
}
if ($val_password == 0) {
$error[$num_errors++] = "The password is blank";
} elseif ($val_password == -1) {
if ($is_pop) {
$result_xsl = "xsl/" . $default_xsl . "/sch_ins_app_pop.xsl";
} else {
$result_xsl = "xsl/" . $default_xsl . "/sch_ins_app.xsl";
}
if (!empty($_POST['submit_ins'])) {
if (User_Validate_Simple_Field($_POST['description'], 100) <= 0) {
$error[$num_errors++] = "The appointment description must be informed";
}
if ($_POST['beg_time'] >= $_POST['end_time']) {
$error[$num_errors++] = "The ending time must be greater than the beginning time";
}
if (User_Validate_Simple_Field($_POST['day'], 2) <= 0 && is_int($_POST['day'])) {
$error[$num_errors++] = "The day must be informed correctly";
}
if (User_Validate_Simple_Field($_POST['year'], 2) <= 0 && is_int($_POST['year'])) {
$error[$num_errors++] = "The year must be informed correctly";
} else {
$max_day = date('t', mktime(0, 0, 0, $_POST['month'], 1, $_POST['year']));
if ($_POST['day'] > $max_day) {
$error[$num_errors++] = "Invalid day";
}
}
$check = Check_Appointment_Overlap($account_id, $_POST['day'], $_POST['month'], $_POST['year'], $_POST['beg_time'], $_POST['end_time'], '', $bd);
if ($check) {
$error[$num_errors++] = "There is another appointment within this time span";
}
if ($ins_at_master) {
$check = Check_Appointment_Overlap($owner, $_POST['day'], $_POST['month'], $_POST['year'], $_POST['beg_time'], $_POST['end_time'], '', $bd);
if ($check) {
$error[$num_errors++] = "There is another appointment on the owner's schedule within this time span";
case 1:
$group_ok = 1;
break;
}
switch (User_Validate_Simple_Field($permissions[0][5], 32)) {
case 0:
$category_ok = 0;
break;
case -2:
$category_ok = 0;
break;
case 1:
$category_ok = 1;
break;
}
switch (User_Validate_Simple_Field($permissions[0][7], 16)) {
case 0:
$error[$num_errors++] = "A Slave Room must be chosen";
break;
case -2:
$error[$num_errors++] = "There are invalid characteres at the slave id";
break;
}
if ($permissions[0][1] xor $permissions[0][3] xor $permissions[0][5]) {
$current = List_Permissions('', $permissions[0][1], $permissions[0][3], $permissions[0][5], $permissions[0][7], 'room', $bd);
if ($current) {
$error[$num_errors++] = 'This permition already exists';
}
} else {
$error[$num_errors++] = "One (and only one) option of master must be chosen";
}
}
if (!empty($_POST['modify'])) {
$current_password = $_POST['current_password'];
$new_password = $_POST['new_password'];
$conf_password = $_POST['conf_password'];
switch (User_Validate_Simple_Field($current_password, 20)) {
case 0:
$error[$num_errors++] = "The Current Password must be filled";
break;
}
switch (User_Validate_Simple_Field($new_password, 20)) {
case 0:
$error[$num_errors++] = "The New Password must be filled";
break;
}
switch (User_Validate_Simple_Field($conf_password, 20)) {
case 0:
$error[$num_errors++] = "The Password Confirmation must be filled";
break;
}
if ($new_password != $conf_password) {
$error[$num_errors++] = "The password confirmation is not equal to the new password";
}
if (empty($error)) {
if (Admin_Set_Password($current_password, $new_password, $bd)) {
$alert[$num_alerts++] = "Password Updated Successfully";
include "adm_main.php";
exit;
} else {
$error[$num_errors] = "The current password is wrong";
}
$departments[0][5] = $unit[0][1];
switch (User_Validate_Simple_Field($departments[0][1], 50)) {
case 0:
$error[$num_errors++] = "The Name must be filled";
break;
case -2:
$error[$num_errors++] = "There are invalid characteres at the name";
break;
case 1:
$current = List_Departments('', $departments[0][1], '', $bd);
if ($current) {
$error[$num_errors++] = "This department name is already in use";
}
break;
}
switch (User_Validate_Simple_Field($departments[0][2], 15)) {
case 0:
$error[$num_errors++] = "The Acronym must be filled";
break;
case -2:
$error[$num_errors++] = "There are invalid characteres at the acronym";
break;
}
if (empty($error)) {
Insert_Department($departments[0][1], $departments[0][2], $departments[0][3], $departments[0][4], $bd);
$alert[$num_alerts++] = "New Department Inserted Successfully";
include "adm_departments.php";
exit;
}
}
$units = List_Units('', '', $bd);
