Example #1
0
				<input type="submit" name="search" value="Search" />
				<br />
					<?php 
if (isset($_GET['search'])) {
    echo "<br /><table class=\"schedule\">";
    searchCourses($_GET['searchbar']);
    echo "</table>";
    echo "<br /><input type=\"submit\" name=\"add\" value=\"Add\" />";
}
?>
				<br />
				<?php 
if (isset($_GET['add'])) {
    $classesadded = 0;
    $sql = "SELECT intStudentID FROM tblStudent WHERE strStudentEID = ?;";
    $studenteid = dbGetFirst($sql, "s", $_SESSION["cruser"])[0];
    foreach ($_GET['check'] as $key => $value) {
        if (addCourse($studenteid, $value)) {
            $classesadded = $classesadded + 1;
        }
    }
    if ($classesadded > 0) {
        echo "<table class=\"schedule\"><tr><td class=\"advcell\">You have successfully enrolled in " . $classesadded . " classes.</td></tr>";
    } else {
        echo "<table class=\"schedule\"><tr><td class=\"advcell\">No classes have been enrolled.</td></tr>";
    }
}
?>
			</form>
		</div>
	</body>
Example #2
0
function getSchoolContactInfo($eid)
{
    $sql = "SELECT intContactID AS id,\n\t\t\tstrStreet AS street,\n\t\t\tstrCity AS city,\n\t\t\tstrState AS state,\n\t\t\tstrCountry AS country,\n\t\t\tstrPostCode AS postCode,\n\t\t\tstrMobileNumber AS mobileNumber,\n\t\t\tstrHomeNumber AS homeNumber,\n\t\t\tstrEmail AS email\n\t\tFROM tblUserContact\n\t\tWHERE strExternalEID = ? AND blnEmergencyContact = 0 AND blnPermanent = 0";
    if ($result = dbGetFirst($sql, "s", $eid)) {
        return $result;
    }
    return false;
}
Example #3
0
<?php

echo "<table id=\"quicklist\">\r\n";
echo "<tr><td>&nbsp;ACCOUNT HOLD:</td><td>Financial Obligation Agreement</td></tr>\r\n";
echo "<tr><td>&nbsp;</td><td>&nbsp;</td></tr>\r\n";
$sql = "SELECT dblDues FROM tblstudent WHERE strStudentEID = ?;";
$row = dbGetFirst($sql, "s", $_SESSION['cruser']);
echo "<tr><td>&nbsp;Future Due:</td><td>\$" . $row["dblDues"] . " <span class=\"text-attn\">(Pay your bills deadbeat!)</span></td></tr>\r\n";
$sql = "SELECT CONCAT(fac.strFirstName,' ',fac.strLastName) AS \"strAdvisor\", fac.strPhone AS \"strAdvPhone\"\n\t\tFROM tblstudent stu\n\t\tJOIN tblfaculty fac ON stu.intFacultyID = fac.intFacultyID\n\t\tWHERE strStudentEID = ?;";
$row = dbGetFirst($sql, "s", $_SESSION['cruser']);
echo "<tr><td>&nbsp;Advisor:</td><td>" . $row["strAdvisor"] . " -- " . preg_replace("/(\\d{3})(\\d{3})(\\d{4})/", "(\\1) \\2-\\3", $row["strAdvPhone"]) . "</td></tr>\r\n";
echo "<tr><td>&nbsp;</td><td>&nbsp;</td></tr>\r\n";
$sql = "SELECT strStreet, CONCAT(strCity,', ',strState,' ',strPostCode) AS \"strUserAddress\", strMobileNumber, strEmail\n\t\tFROM tblusercontact WHERE blnPermanent = true AND strExternalEID = ?;";
$row = dbGetFirst($sql, "s", $_SESSION['cruser']);
echo "<tr><td>&nbsp;Contact Info:</td><td>&nbsp;</td></tr>\r\n";
echo "<tr><td>&nbsp;&nbsp;-Address:</td><td>" . preg_replace("/\\d{3,4}\\s/", "*** ", $row["strStreet"]) . "</td></tr>\r\n";
echo "<tr><td>&nbsp;&nbsp;-City:</td><td>" . $row["strUserAddress"] . "</td></tr>\r\n";
echo "<tr><td>&nbsp;&nbsp;-Phone:</td><td>" . preg_replace("/(\\d).(\\d)(\\d).(\\d)(\\d)..(\\d)/", "(\\1*\\2)\\3*\\4-\\5**\\6", $row["strMobileNumber"]) . "</td></tr>\r\n";
echo "<tr><td>&nbsp;&nbsp;-Email:</td><td>" . preg_replace("/([A-Za-z])\\w+(.)@/", "\\1*\\2@", $row["strEmail"]) . "</td></tr>\r\n";
echo "<tr><td>&nbsp;</td><td>&nbsp;</td></tr>";
echo "<tr><td>&nbsp;Outages:</td><td>None planned at the moment.</td></tr>";
echo "</table>";
Example #4
0
//With this it won't log us out when traversing through pages.
if (!isset($_SESSION["crlogin"])) {
    $_SESSION["crlogin"] = false;
}
$error = "";
//This string is displayed to the user upon f**k ups.
if ($_SERVER["REQUEST_METHOD"] == "POST" && $_SESSION["crlogin"] == false) {
    $username = strtolower(fixInput($_POST["username"]));
    $password = fixInput($_POST["password"]);
    $row = dbGetFirst("SELECT * FROM tbluser WHERE strEID = ?", "s", $username);
    if ($password != "" && $password == $row[2]) {
        $_SESSION["crlogin"] = true;
        $_SESSION["cruser"] = $username;
        $row = dbGetFirst("SELECT strFirstName, strLastName FROM tblStudent WHERE strStudentEID = ?", "s", $username);
        $_SESSION["crname"] = $row[0] . " " . $row[1];
        $row = dbGetFirst("SELECT vntImage FROM tblPictureID WHERE strOwner = ?", "s", $username);
        $_SESSION["crphototb"] = $row[0] . ".jpg";
    } else {
        $_SESSION["crlogin"] = false;
        $error = "*Incorrect user and password combination!";
    }
}
if ($_SESSION["crlogin"] == true) {
    header("Location:/index.php");
    exit;
} else {
    echo "<div style=\"width:304px; border:1px solid #2f2f2f; background-color:#e7e7e7; margin:auto; position:relative; height:112px; top:64px; padding:16px; box-shadow:0px 0px 24px #4f4f4f;\">";
    echo "<span class=\"title\">Login:</span>";
    echo "<form method=\"post\" action=\"" . htmlspecialchars($_SERVER["PHP_SELF"]) . "\"><table>\r\n";
    echo "<tr><td>Username:</td><td><input type=\"text\" name=\"username\" size=\"28\"></td></tr>\r\n";
    echo "<tr><td>Password:</td><td><input type=\"password\" name=\"password\" size=\"28\"></td></tr>\r\n";