<?php require_once '../configuration_admin.php'; // start the session $session = getSession(); // get smarty handle $smarty = getSmartyHandle(); // see if form was submitted if (isset($_REQUEST['submit'])) { // yes, this is a login attempt // verify variables needed for this page $errors = checkVariableConstraints($session, array(array('variable' => 'username', 'error_invalid' => 'You must enter a username.', 'error_missing' => 'You must enter a username.', 'regex' => '/^.+$/'), array('variable' => 'password', 'error_invalid' => 'You must enter a password.', 'error_missing' => 'You must enter a password.', 'regex' => '/^.+$/')), 'index'); // check if there were constraint errors if (sizeof($errors)) { // we didn't get the variables we needed, don't even attempt to log in // show index again $errors['global']['message'] = "Please correct the issues in the form below."; $smarty->assign('errors', $errors); $smarty->assign('username', $session->username); $smarty->display('index_management.tpl'); } else { // try to log in $success = $session->login($_POST['username'], $_POST['password'], isset($_POST['employee'])); if ($success) { // remove password from session - no reason to store that $session->password = null; // log in succeeded, redirect to home page header("Location: home.php"); } else { // login failed, display form again $errors['global']['message'] = "Login failed.";
<?php require_once '../configuration_admin.php'; // start the session $session = getSession(); // get smarty handle $smarty = getSmartyHandle(); // check permissions if ($session->isLoggedIn()) { // get handle on database $db = getDBHandle(); if (isset($_REQUEST['submit'])) { try { // check variable constraints // verify variables needed for this page $errors = checkVariableConstraints($session, array(array('variable' => 'link_url', 'error_invalid' => 'You must enter a link URL.', 'error_missing' => 'You must enter a link URL.', 'regex' => '/^https*:\\/\\/.+$/'), array('variable' => 'title', 'error_invalid' => 'You must enter a title.', 'error_missing' => 'You must enter a title.', 'regex' => '/^.+$/'), array('variable' => 'description', 'error_invalid' => 'You must enter a description.', 'error_missing' => 'You must enter a description.', 'regex' => '/^.+$/'), array('variable' => 'slot', 'error_invalid' => "You must choose an ad slot.", 'error_missing' => "You must choose an ad slot.", 'regex' => '/^[0-9]+$/')), 'ad_add'); // override empty link URLs, those are allowed if (!strlen($_REQUEST['link_url'])) { unset($errors['link_url']); } // manually check date // first set values for session $session->start_year = $_REQUEST['start_year']; $session->start_month = $_REQUEST['start_month']; $session->start_day = $_REQUEST['start_day']; $session->end_year = $_REQUEST['end_year']; $session->end_month = $_REQUEST['end_month']; $session->end_day = $_REQUEST['end_day']; if (!checkdate($session->start_month, $session->start_day, $session->start_year)) { $GLOBALS['applog']->logMessage("Invalid start date entered", LOGGER_DEBUG, 'ad_add'); $errors['start_date']['message'] = "You must enter a valid start date.";
require_once '../configuration_admin.php'; // start the session $session = getSession(); // get smarty handle $smarty = getSmartyHandle(); // check permissions if ($session->isLoggedIn()) { // get DB handle $db = getDBHandle(); // set error message on bad context $badContext = 'ad_delete.php was called without a context. If this error persists, please contact the system administrator.'; if (isset($_REQUEST['submit'])) { try { // check variable constraints // verify variables needed for this page $errors = checkVariableConstraints($session, array(array('variable' => 'delete_id', 'error_invalid' => $badContext, 'error_missing' => $badContext, 'regex' => '/^[0-9]+$/')), 'ad_delete'); // check if that worked, if yes, try to delete the logo file this points to if (!sizeof($errors)) { // check that the ad exists, find the logo it points to and delete it from the file system $ad = $db->query("SELECT image_url FROM ads WHERE id = ?", 'i', array($_REQUEST['delete_id'])); if (sizeof($ad)) { $filePath = $GLOBALS['baseDir'] . '/html' . $ad[0]['image_url']; if (unlink($filePath)) { // success $GLOBALS['applog']->logMessage('Deleted file ' . $filePath . '.', LOGGER_DEBUG, 'ad_delete'); } else { $GLOBALS['applog']->logMessage('Unable to delete logo file for ad with ID ' . $_REQUEST['delete_id'] . '.', LOGGER_INFO, 'ad_delete'); $errors['global']['message'] = 'Unable to delete logo file for ad with ID ' . $_REQUEST['delete_id'] . '.'; } } else { $GLOBALS['applog']->logMessage('Unable to find ad with ID ' . $_REQUEST['delete_id'] . '.', LOGGER_INFO, 'ad_delete');