function Display_emp($res) { $row = $res[0]; $code = decode_public($res[0]['code']); $isAdmin = admin_byEmail($_SESSION['email']); $myEmail = $res[0]['email'] == $_SESSION['email']; echo '<ul class="list-group">'; echo '<li class="list-group-item"><b>Name</b>: ' . $row["first_name"] . ' ' . $row["last_name"] . '</li>'; echo '<li class="list-group-item"><b>Username</b>: ' . $row["name"] . '</li>'; if ($myEmail || $isAdmin || $code[0] == 1) { echo '<li class="list-group-item"><b>Phone number</b>: ' . $row["phone_number"] . '</li>'; } if ($myEmail || $isAdmin || $code[1] == 1) { echo '<li class="list-group-item"><b>Address</b>: ' . $row["address"] . '</li>'; } if ($myEmail || $isAdmin || $code[2] == 1) { echo '<li class="list-group-item"><b>LinkedIn hompage</b>: ' . $row["Linkedin"] . '</li>'; } if ($myEmail || $isAdmin || $code[3] == 1) { echo '<li class="list-group-item"><b>Company Name</b>: ' . $row["company"] . '</li>'; } if ($myEmail || $isAdmin || $code[4] == 1) { echo '<li class="list-group-item"><b>Position</b>: ' . $row["position"] . '</li>'; } echo '</ul>'; }
}); }) </script> </head> <body> <?php session_start(); include_once "sqlfuncs.php"; include_once "header.php"; if (!isset($_SESSION['email'])) { header('Location: index.php'); exit; } $myemail = $_SESSION["email"]; if (!admin_byEmail($myemail)) { echo '<h3>You have no authentication to visit admin pages</h3>'; return; } /*$active_pos = 0; if(isset($_POST["delete"])) $active_pos = 1; else if(isset($_POST["deletePost"])) $active_pos = 2; else if(isset($_POST["submit"])) $active_pos = 3;*/ ?> <div class="container"> <h2>Welcome Admin!!</h2> <h3><a href="adminUsr.php">Manage User</a><h3>
if (sql_is_verified($myemail, $_SESSION['type'])) { } else { echo "<h3>Please verify your email</h3>"; return; } echo '<div style="width:700px; margin:auto" class = "container">'; echo '<h1>Profile Page</h1>'; $myUid = sql_get_uid_byEmail($myemail); if (isset($_GET['uid'])) { display_profile($_GET['uid']); if ($_GET['uid'] == $myUid && !admin_byEmail($_SESSION['email'])) { ?> <p><a href='settings.php'>Edit your profile</a> <?php } } else { display_profile($myUid); if (!admin_byEmail($_SESSION['email'])) { ?> <p><a href='settings.php'>Edit your profile</a> <?php } } ?> </div> <?php include_once "footer.php"; ?> </body> </html>
pdo_die($stmt); } $stmt = $conn->prepare("select * from post_info where postid=:id"); $stmt->bindParam(":id", $_GET['postid']); $result = $stmt->execute(); if (!$result) { pdo_die($stmt); } $rset = $stmt->fetchAll(PDO::FETCH_ASSOC); echo '<div class="showarticle">'; $postEmail = $rset[0]["user_email"]; $postTitle = $rset[0]['title']; if ($postTitle == NULL) { $postTitle = "No title"; } if ($myemail == $postEmail || admin_byEmail($myemail)) { echo '<form action = "editpost.php" method = post><button class="btn btn-primary" type=submit name="edit" value =' . $rset[0]["postid"] . '>Edit</button></form>'; } echo '<h3>' . $rset[0]['title'] . '</h3>'; echo '<h4>Company: ' . $rset[0]['company'] . '</h4>'; echo '<h4>Job position: ' . $rset[0]['position'] . '</h4>'; echo '<h4>Email: ' . $rset[0]['email'] . '</h4>'; echo '<h4>Time: ' . $rset[0]['time'] . '</h4>'; if ($rset[0]['filename'] != NULL) { echo '<h5><a target=something href="../upload-file/post/' . rawurlencode($rset[0]['filename']) . '">File:' . $rset[0]['filename'] . '</a></h5>'; } echo '<h6>This job has been viewed ' . $rset[0]['visit'] . ' times</h6>'; $stmt = $conn->prepare("select * from post_content where postid=:id"); $stmt->bindParam(":id", $_GET['postid']); $result = $stmt->execute(); if (!$result) {
if (admin_byEmail($_SESSION["email"]) == true) { echo '<form action="tutorial.php" method="post">'; echo '<input type=hidden name=id value=' . $entry['id'] . '>'; echo '<input type=submit name=submit value=delete>'; echo '</form>'; } echo "</div>"; echo "</li>"; } ?> </ul> </div> <?php if (admin_byEmail($_SESSION["email"]) == true) { echo "<div style='width: 70%; margin: auto; list-style-type: none;'>"; echo "<h3>Add New tutorial</h3>"; echo "<form enctype = multipart/form-data method=post action=tutorial.php>"; echo "Tutorial title : "; echo "<input class='form-control' type=text name='title'>"; echo "<input type=hidden name='' value=''>"; echo "Short Descriptions: "; echo "<textarea class='form-control' type=text name=description></textarea>"; echo "<input type=hidden name='' value=''>"; echo "<lable for = 'file'> File Upload: </lable>"; echo "<input name='file' type='file' class='form-control'>"; echo "<input type=submit name=submit value=submit>"; echo "</form>"; echo "</div>"; }