function login_action()
{
    if (empty($_POST['email'])) {
        $_SESSION['errors'][] = "Email field is required";
    }
    if (!filter_var($_POST['email'], FILTER_VALIDATE_EMAIL)) {
        $_SESSION['errors'][] = "Invalid Email";
    }
    if (empty($_POST['password'])) {
        $_SESSION['errors'][] = "Password Field is requried";
    }
    if (empty($_SESSION['errors'])) {
        $check_user = "******" . $_POST['email'] . "' AND password = '******'password']) . "' ";
        $user = fetch_record($check_user);
        if (!$user) {
            $_SESSION['errors'][] = "Invalid email and \n\t\t\t\tpassword combination.";
        } else {
            $user += array("logged_in" => TRUE);
            $_SESSION['user'] = $user;
            header('Location: success.php');
            exit;
        }
    }
    header('Location: index.php');
}
Example #2
0
function getDateByReference($RefEventId, $MainEvent)
{
    $query = "SELECT juliandate FROM `pistahan` WHERE event_id = '" . $RefEventId . "'";
    echo $query . "<br>";
    $result = fetch_record($query);
    var_dump($result);
    die;
    return fetch_record("SELECT juliandate FROM `pistahan` WHERE eventid = (SELECT _id FROM `events` WHERE reference = '" . $event . "')");
}
Example #3
0
function clock_out()
{
    // here we need to lock out
    $query = "SELECT * FROM clocks WHERE student_id ='" . $_SESSION['student_info']['id'] . "' ORDER BY clockintime DESC LIMIT 1";
    // echo $query;
    $updated_clock = fetch_record($query);
    $query = "UPDATE clocks SET clockouttime=NOW(), note = '" . $_POST['note'] . "' WHERE id = " . $updated_clock['id'];
    ['id'];
    // echo $query;
    // die();
    mysql_query($query);
    header('Location: index.php');
}
Example #4
0
 public function gawa_ng_kalendaryo($year)
 {
     $numberOfDays = 390;
     $newdayofweek = 1;
     $weekNumber = 1;
     $days = "+0 days";
     // check table for the last date on the the table
     $query = "SELECT juliandate FROM fiscalcalendar ORDER BY juliandate desc Limit 1";
     $result = fetch_record($query);
     if ($result['juliandate'] == 0) {
         $juliandate = gregoriantojd(01, 01, date('Y', strtotime($year)));
     } else {
         $juliandate = $result['juliandate'] + 1;
     }
     // $juliandate = gregoriantojd(01,01,date('Y',strtotime($days)));
     echo "<table border='5px'><thead><td>Julian Date</td><td>Gregorian Date</td><td>end of week</td><td>end of month</td><td>week#</td></thead><tbody>";
     for ($i = 0; $i <= $numberOfDays; $i++) {
         // check for end of week
         $days = JDToGregorian($juliandate);
         if (date('N', strtotime($days)) == 7) {
             $endOfWeek = 'Y';
         } else {
             $endOfWeek = 'N';
         }
         // end of year
         if (date("m", strtotime($days)) == 12 && date("j", strtotime($days)) == date("t", strtotime($days))) {
             $endofyear = 'Y';
         } else {
             $endofyear = 'N';
         }
         // end of month
         if (date("j", strtotime($days)) == date("t", strtotime($days))) {
             $endofmonth = 'Y';
         } else {
             $endofmonth = 'N';
         }
         if (date("j", strtotime($days)) == 1) {
             $weekNumber = 1;
             $newdayofweek = date('N', strtotime($days));
         } else {
             if ($newdayofweek == date('N', strtotime($days))) {
                 $weekNumber += 1;
             }
         }
         echo "<tr>" . $juliandate . '</td><td>' . JDToGregorian($juliandate) . '</td><td>' . $endOfWeek . '</td><td>' . $endofmonth . '</td><td>' . $weekNumber . '</td></tr>';
         $query = "INSERT INTO fiscalcalendar (juliandate,fdate, fmonth, fday, fyear, endOfWeek, endofmonth,  dayOfWeek, weekNumber) VALUES('" . $juliandate . "','" . date("y-m-d", strtotime($days)) . "'," . date("m", strtotime($days)) . "," . date('j', strtotime($days)) . "," . date('Y', strtotime($days)) . ",'" . $endOfWeek . "','" . $endofmonth . "','" . date('N', strtotime($days)) . "'," . $weekNumber . ")";
         $result = run_mysql_query($query);
         $juliandate += 1;
     }
 }
Example #5
0
function login_user($post)
{
    // First the security stuff and then a query to get all of the needed data from the database
    $username = escape_this_string($post['username']);
    $email = escape_this_string($post['email']);
    $password = escape_this_string($post['password']);
    $query = "SELECT * FROM users WHERE users.username = '******'";
    $user = fetch_record($query);
    // Beginning of validation checks
    if (empty($username)) {
        $_SESSION['errors'][] = "Please enter your username";
    }
    if (empty($password)) {
        $_SESSION['errors'][] = "Please enter your password";
    }
    if (empty($email)) {
        $_SESSION['errors'][] = "Please enter your email";
    }
    if (count($_SESSION['errors']) > 0) {
        header('Location: main.php');
        exit;
    }
    // End of validation checks
    // Check to see if $user is empty
    if (empty($user)) {
        $_SESSION['errors'][] = "There are no users present in the database";
        header('Location: main.php');
        exit;
    } else {
        if (!empty($user)) {
            $encrypted_password = md5($password . '' . $user['salt']);
            if ($user['password'] == $encrypted_password) {
                $_SESSION['user_id'] = $user['id'];
                $_SESSION['first_name'] = $user['first_name'];
                $_SESSION['logged_in'] = true;
                header('Location: wall.php');
            } else {
                // If an error occurs then this error is shown
                $_SESSION['errors'][] = "Cannot find a matching user";
                header('Location: main.php');
                exit;
            }
        }
    }
}
Example #6
0
function grabAnchors($hrefLinks, $main_site)
{
    // grab the last id for this main site
    $query = 'SELECT max(link_id),link_id FROM scrapper WHERE main_site_id = ' . $hrefLinks['main_site_id'];
    $result = fetch_record($query);
    $id = intval($result['link_id']);
    // cURL the link and dump into the array the result
    $array = curlHREF($hrefLinks['ref_link']);
    sort($array);
    // $array is returned as sorted array. get the fist and last
    // index of the a-html-tag and start the loop from there
    // anything else can be ignored
    // get begin index
    $startpos = getStart($array);
    // get last index
    $endpos = getLast($array, $startpos);
    // if startpos = endpos, it would mean that the a-html-tag is not found properly
    // update the document and exit
    if ($startpos == $endpos) {
        updateDocument($hrefLinks);
        return;
    }
    // start parsing the a-html-tag
    for ($i = $startpos; $i <= $endpos; $i++) {
        // extract the href from the a-html-tag
        $href_a = getHREF($array[$i]);
        // check if link if to be excluded
        if (excludLink($href_a, $main_site) === false) {
            if (checkduplicate($href_a) === true) {
                $id = $id + 1;
                $query = "INSERT INTO scrapper (main_site_id, ref_link, link_id) VALUES ('" . $hrefLinks['main_site_id'] . "','" . $href_a . "','" . $id . "')";
                // add the links
                run_mysql_query($query);
            }
        }
    }
    // update the document after the parsing of the a-html-tag
    updateDocument($hrefLinks);
    return;
}
Example #7
0
function update()
{
    $query = "SELECT * FROM students WHERE id = '" . $_POST['id'] . "'";
    // echo $query;
    // die();
    $student = fetch_record($query);
    // var_dump($student);
    // die();
    $student_id = $student['id'];
    // var_dump($student_id);
    // die();
    $query = "SELECT * from clocks WHERE student_id = '" . $student_id . "' ORDER BY clockintime DESC LIMIT 1";
    // echo $query;
    // die();
    $updated_clock = fetch_record($query);
    // var_dump($updated_clock);
    // die();
    if ($updated_clock) {
        if (!isset($updated_clock['clockouttime'])) {
            //option to clock out of this one
            $_SESSION['step2'] = "clockout";
            $_SESSION['student_info'] = $student;
            header("location: clock_in.php");
        } else {
            //time for a new clock in
            $_SESSION['step2'] = "clockin";
            $_SESSION['student_info'] = $student;
            header("location: clock_in.php");
        }
    } else {
        //set clock in form
        $_SESSION['step2'] = "clockin";
        $_SESSION['student_info'] = $student;
        header("location: clock_in.php");
    }
}
Example #8
0
		<!-----------------------END MESSAGE DISPLAY-------------------->


		<?php 
        // var_dump($_SESSION);
        // var_dump($comments);
        // die();
        //----------------------BEGIN COMMENT DISPLAY--------------------//
        if (isset($comments)) {
            foreach ($comments as $index => $name) {
                //grab the commenting user's name
                $query = "SELECT first_name, last_name FROM users JOIN comments ON users.id = comments.comment_user_id WHERE users.id = '" . $name['comment_user_id'] . "'";
                $comment_name = fetch_record($query);
                //grab the comment id
                $query = "SELECT id FROM comments WHERE created_at_cmt = '" . $name['created_at_cmt'] . "'";
                $comment_id = fetch_record($query);
                ?>

				<!-- begin comment formatting -->
				<div class="comments">
					<h2><?php 
                echo $name['comment'];
                ?>
</h2>
					<p class="comment_info">Submitted: <?php 
                $cmt_date = date_create($name['created_at_cmt']);
                ?>
 
					<?php 
                echo date_format($cmt_date, 'm/d/Y H:i');
                ?>
/* ====================================================================================================== */
/* -------------- login form ------------------ */
if ($_POST['submitted_form'] == 'login') {
    if (empty($_POST['username']) || empty($_POST['password'])) {
        $errors[] = "Make sure no fields are empty";
    } else {
        if (strlen($_POST['password']) < 6 || strlen($_POST['username']) < 2) {
            $errors[] = "Make sure password is more than 6 characters and username is more than 2 characters";
        }
    }
    // Set local variables //
    $query_2 = "SELECT * FROM users WHERE username = '******'username']}' ";
    $user = fetch_record($query_2);
    $encrypted_password = md5(escape_this_string($_POST['password']) . '' . $user['salt']);
    // Check database for username & password //
    if (!fetch_record($query_2)) {
        $errors[] = "Username not found";
    } else {
        if ($user['password'] != $encrypted_password) {
            $errors[] = "Password is incorrect";
        }
    }
    // log user in if user exists //
    if (!empty($errors)) {
        $_SESSION['errors'] = $errors;
        $errors = array();
        header('location: index.php');
    } else {
        $_SESSION['user'] = $user;
        header('location: success.php');
    }
Example #10
0
<?php

session_start();
require 'new_connection.php';
if (isset($_POST['action']) && $_POST['action'] == 'login') {
    $query = "SELECT * FROM thewall.users WHERE users.email = '{$_POST['email']}' AND users.password = '******'password']}'";
    // echo($query);
    $user = fetch_record($query);
    $_SESSION['session_id'] = $user['id'];
    // var_dump($user);
    if (empty($_POST['email'])) {
        $_SESSION['error'][] = "Please enter an email address.";
    }
    if (empty($_POST['password'])) {
        $_SESSION['error'][] = "You did not enter a password.";
    } else {
        if ($user['email'] == $_POST['email']) {
            header("location: success.php?new=false");
            die;
        } else {
            $_SESSION['error'][] = "That email/password combination does not exist.";
        }
    }
    if (isset($_SESSION['error'])) {
        header("location: index.php");
        die;
    }
} elseif (isset($_POST['action']) && $_POST['action'] == 'register') {
    //notifies user to complete all fields
    if (empty($_POST['first_name'])) {
        $_SESSION['error'][] = "Please fill in all fields.";
        exit;
    }
} elseif ($_POST['action'] == 'login') {
    $errors = array();
    if (empty($_POST['email'])) {
        $errors[] = "Email cannot be left blank";
    }
    if (empty($_POST['password'])) {
        $errors[] = "Password cannot be left blank";
    }
    if (!empty($errors)) {
        $_SESSION['log_errors'] = $errors;
        header("LOACTION: index.php");
        exit;
    } else {
        $logged_in = fetch_record("SELECT * FROM users WHERE email = '" . $_POST['email'] . "' && password = '******'password'] . "'");
        var_dump($logged_in);
        if (!empty($logged_in)) {
            $_SESSION['status'] = 'logged_in';
            header("LOCATION: home.php");
            exit;
        } else {
            $errors[] = "Your email or password is incorrect.";
            $_SESSION['log_errors'] = $errors;
            //header("LOCATION: index.php");
            exit;
        }
    }
} else {
    session_destroy();
    header("LOCATION: index.php");
    } else {
        if (!filter_var($_POST["email"], FILTER_VALIDATE_EMAIL)) {
            $error = "Email is not valid!";
        }
    }
    if ($error != "") {
        $_SESSION["error"] = $error;
        header("Location: index.php");
    } else {
        $_SESSION["error"] = "";
        $query = "INSERT INTO emails (email, created_at, updated_at)\n\t\t\t\t\t  VALUES ('{$_POST['email']}', NOW(), NOW())";
        if (run_mysql_query($query)) {
            $_SESSION["message"] = "The email address you entered {$_POST['email']} is a VALID email address! Thank you!";
        } else {
            $_SESSION["message"] = "Failed to add email";
        }
        header("Location: success.php");
    }
} else {
    if (isset($_POST["action"]) && $_POST["action"] == "delete_email") {
        $query = "SELECT email\n\t\t\t\t  FROM emails\n\t\t\t\t  WHERE email = '{$_POST['email']}'";
        $query2 = "DELETE FROM emailsdb.emails\n\t\t\t\t  WHERE email = '{$_POST['email']}'";
        if (count(fetch_record($query)) > 0) {
            run_mysql_query($query2);
            $_SESSION["message2"] = "The email has been deleted!";
        } else {
            $_SESSION["message2"] = "We were not able to delete the email!";
        }
        header("Location: success.php");
    }
}
Example #13
0
    }
    header('location: wall.php');
}
/* ========================  Login form validation  ======================================================== */
if ($_POST['submitted_form'] == 'login') {
    if (empty($_POST['email']) || empty($_POST['password'])) {
        $errors[] = "Make sure no fields are empty";
    }
    if (strlen($_POST['password']) < 6 || !filter_var($_POST['email'], FILTER_VALIDATE_EMAIL)) {
        $errors[] = "Make sure password is more than 6 characters and email is valid";
    }
    // Set local variables //
    $query_1 = "SELECT * FROM users WHERE email = '{$_POST['email']}' ";
    $query_2 = "SELECT posts.id as post_id, post, posts.created_at as post_created_at, posts.user_id, \n\t\t\t\t\tusers.id as user_id, users.first_name, users.last_name, users.created_at as users_created_at \n\t\t\t\t\tFROM posts LEFT JOIN users ON posts.user_id = users.id";
    $query_3 = "SELECT comments.id AS comment_id, comments.comment, comments.created_at AS comment_created_at, \n\t\t\t\t\tcomments.user_id AS comment_user_id, comments.post_id AS comment_post_id, \n\t\t\t\t\tusers.first_name AS comment_first_name, users.id AS comment_user_id FROM comments\n\t\t\t\t\tLEFT JOIN users ON comments.user_id = users.id;";
    $this_user = fetch_record($query_1);
    // Check database for username & password //
    $encrypted_password = md5(escape_this_string($_POST['password']) . '' . $this_user['salt']);
    if (empty($this_user)) {
        $errors[] = "Email was not found";
    } else {
        if ($this_user['password'] != $encrypted_password) {
            $errors[] = "Password and email do not match";
        }
    }
    /* ---------- use when troubleshooting password / email errors ------ */
    // echo "this_user: "******"encrypted_password:"******"stored password:";
Example #14
0
				<div id="txt">
					<textarea name="message"></textarea>
				</div>
				<input id="message-post" type="submit" value="Post a message">
			</form>
		</div>
		<?php 
$messages = fetch_all("SELECT * FROM thewall.messages ORDER BY updated_at DESC");
// var_dump($messages);
// die();
foreach ($messages as $message) {
    //re-formats date
    $phpdate = strtotime($message['created_at']);
    $date = date('F j, Y h:i:s', $phpdate);
    //creates message divs
    $name = fetch_record("SELECT * FROM users WHERE id = '{$message['user_id']}'");
    echo "<h4>" . $name['first_name'] . " " . $name['last_name'] . " at " . $date . "<div class='mb'><p class='messages'>" . $message['message'] . "</p></div>";
    $comments = fetch_all("SELECT * FROM thewall.comments WHERE message_id = {$message['id']} ORDER BY updated_at DESC");
    foreach ($comments as $comment) {
        $name = fetch_record("SELECT * FROM users WHERE id = '{$comment['user_id']}'");
        $phpdate = strtotime($comment['created_at']);
        $date = date('F j, Y h:i:s', $phpdate);
        echo "<h5>" . $name['first_name'] . " " . $name['last_name'] . " - " . $date . "</h5><p class='comments'>" . $comment['comment'] . "</p>";
    }
    echo "\n\n\t\t\t\t\t\t<div class='comment-box'>\n\t\t\t\t\t\t\t<p>Post a comment</p>\n\t\t\t\t\t\t\t<form action='process.php' method='post'>\n\t\t\t\t\t\t\t<input type='hidden' name='action' value='cmt'>\n\t\t\t\t\t\t\t<input type='hidden' name='userid' value= " . $user['id'] . ">\n\t\t\t\t\t\t\t<input type='hidden' name='messageid' value = " . $message['id'] . ">\n\t\t\t\t\t\t\t<div class='comt'>\n\t\t\t\t\t\t\t\t<textarea rows='10' cols='100' name='comment'></textarea>\n\t\t\t\t\t\t\t</div>\n\t\t\t\t\t\t\t<input class='comment-post' type='submit' value='Post a comment'>\n\t\t\t\t\t\t\t</form>\n\t\t\t\t\t\t</div>\n\t\t\t\t\t";
}
?>
		<div><audio autoplay="true" loop="true" src="thewall.mp3"></div>
	</div>
</body>
</html>
Example #15
0
    $salt = bin2hex(openssl_random_pseudo_bytes(22));
    $encrypted_password = md5($password . '' . $salt);
    $query = "INSERT INTO users (first_name, last_name, email, password, salt, created_at, updated_at)\n\t\t\t\tVALUES ('{$first_name}', '{$last_name}', '{$email}', '{$encrypted_password}','{$salt}', NOW(), NOW())";
    $_SESSION['user_id'] = run_mysql_query($query);
    if ($_SESSION['user_id']) {
        header('location: main.php');
        die;
    } else {
        echo 'failed';
    }
} else {
    if (isset($_POST['action']) && $_POST['action'] == 'login') {
        $email = escape_this_string($_POST['email']);
        $password = escape_this_string($_POST['password']);
        $user_query = "SELECT * FROM users WHERE users.email = '{$email}'";
        $user = fetch_record($user_query);
        if (!empty($user)) {
            $encrypted_password = md5($password . '' . $user['salt']);
            if ($user['password'] == $encrypted_password) {
                $_SESSION['user_id'] = $user['id'];
                header('location: main.php');
                die;
            } else {
                $errors[] = "incorrect password";
                $_SESSION['errors'] = $errors;
                header('location: index.php');
                die;
            }
        } else {
            $errors[] = "unknown user";
            $_SESSION['errors'] = $errors;
Example #16
0
// Another program will then read through the selected record for sampling, then the actual scraping itself
// set runtime to only 10minutes
set_time_limit(1200);
// set the connection
include 'new-connection.php';
require 'crawler_lib.php';
// set the job-scheduler
// include( dirname(__FILE__) . "/phpjobscheduler/firepjs.php");
// get the first record.
// it will be assumed that the table will have an inital record which will contain the main site
// only get the records that are tag for drilling : drill = 'Y'.
// this will only loop(drill) 3times (or 3levels) just to be sure
// anything after the 3rd level will be ignored
// get the details of the site to determine how many levels to drill
$query = "SELECT * FROM sites WHERE drill = 'Y' AND status = 'Pending'";
$results = fetch_record($query);
// loop through the list
for ($list_loop = 0; $list_loop <= count($results); $list_loop++) {
    // set runtime to only 10 minutes
    set_time_limit(600);
    for ($loopCounter = 0; $loopCounter <= $results['level']; $loopCounter++) {
        // get the first link
        $query = "SELECT * FROM scrapper WHERE main_site_id =" . $results['site_id'] . " AND drill = 'Y' AND drillStatus = 'Not Started'";
        $query_results = fetch_all($query);
        if (count($query_results) == 0) {
            // update the site record
            $query = "UPDATE sites SET drill='N', status='Completed' WHERE main_site_id =" . $results['site_id'];
            run_mysql_query($query);
            $loopCounter = $results['level'];
        } else {
            foreach ($query_results as $listing) {
Example #17
0
    $value = htmlspecialchars($value);
    return $value;
}
function fetch_record($path)
{
    $file = fopen($path, "r");
    if (!$file) {
        return FALSE;
    }
    $data = '';
    while (!feof($file)) {
        $data .= fgets($file, 1024);
    }
    return $data;
}
$string = fetch_record($url);
if ($string == FALSE) {
    echo FALSE;
    return;
}
/// fecth title
$title_regex = "/<title>(.+)<\\/title>/i";
preg_match_all($title_regex, $string, $title, PREG_PATTERN_ORDER);
$url_title = $title[1];
/// fecth decription
$tags = get_meta_tags($url);
// fetch images
$image_regex = '/<img[^>]*' . 'src=[\\"|\'](.*)[\\"|\']/Ui';
preg_match_all($image_regex, $string, $img, PREG_PATTERN_ORDER);
$images_array = $img[1];
$data = array();
//if user is Logging in
if ($_POST['action'] == 'login') {
    $errors = array();
    if (empty($_POST['email'])) {
        $errors[] = "Email cannot be left blank";
    }
    if (empty($_POST['password'])) {
        $errors[] = "Password cannot be left blank";
    }
    if (!empty($errors)) {
        $_SESSION['log_errors'] = $errors;
        header("LOCATION: index.php");
        exit;
    } else {
        $query = "SELECT id FROM users WHERE email = '" . escape_this_string($_POST['email']) . "' && password = '******'password']) . "'";
        $logged_in = fetch_record($query);
        //var_dump($logged_in);
        if (!empty($logged_in)) {
            $_SESSION['status'] = 'logged_in';
            $_SESSION['user_id'] = $logged_in['id'];
            header("LOCATION: home.php");
            exit;
        } else {
            $errors[] = "Your email or password is incorrect.";
            $_SESSION['log_errors'] = $errors;
            header("LOCATION: index.php");
            exit;
        }
    }
}
//if user is posting a message
Example #19
0
<?php

session_start();
require_once "new-connection.php";
if (!isset($_SESSION['status'])) {
    header("LOCATION: index.php");
    die;
}
$array_of_ids = fetch_all("SELECT id FROM messages WHERE created_at >=NOW() - INTERVAL 30 MINUTE AND user_id = '" . $_SESSION['user_id'] . "'");
$ids = array();
foreach ($array_of_ids as $array) {
    array_push($ids, $array['id']);
}
$messages = fetch_all("SELECT messages.id, messages.user_id, messages.message, messages.created_at, users.first_name, users.last_name FROM messages LEFT JOIN users ON messages.user_id = users.id ORDER BY messages.id DESC");
$user_name = fetch_record("SELECT first_name, last_name FROM users WHERE id = " . $_SESSION['user_id']);
$name = $user_name['first_name'] . " " . $user_name['last_name'];
//print_r($emails);
?>
<!DOCTYPE html>
    
<html>
<head>
    <title>The Wall</title>
    <link rel="stylesheet" href="style.css">
</head>

<body>
    <div class="background"></div>
    <div class="header">
        <h1>Coding Dojo Wall!</h1>
        <h3 class="head">Welcome, <span><?php