function login_action()
{
if (empty($_POST['email'])) {
$_SESSION['errors'][] = "Email field is required";
}
if (!filter_var($_POST['email'], FILTER_VALIDATE_EMAIL)) {
$_SESSION['errors'][] = "Invalid Email";
}
if (empty($_POST['password'])) {
$_SESSION['errors'][] = "Password Field is requried";
}
if (empty($_SESSION['errors'])) {
$check_user = "******" . $_POST['email'] . "' AND password = '******'password']) . "' ";
$user = fetch_record($check_user);
if (!$user) {
$_SESSION['errors'][] = "Invalid email and \n\t\t\t\tpassword combination.";
} else {
$user += array("logged_in" => TRUE);
$_SESSION['user'] = $user;
header('Location: success.php');
exit;
}
}
header('Location: index.php');
}
function getDateByReference($RefEventId, $MainEvent)
{
$query = "SELECT juliandate FROM `pistahan` WHERE event_id = '" . $RefEventId . "'";
echo $query . "<br>";
$result = fetch_record($query);
var_dump($result);
die;
return fetch_record("SELECT juliandate FROM `pistahan` WHERE eventid = (SELECT _id FROM `events` WHERE reference = '" . $event . "')");
}
function clock_out()
{
// here we need to lock out
$query = "SELECT * FROM clocks WHERE student_id ='" . $_SESSION['student_info']['id'] . "' ORDER BY clockintime DESC LIMIT 1";
// echo $query;
$updated_clock = fetch_record($query);
$query = "UPDATE clocks SET clockouttime=NOW(), note = '" . $_POST['note'] . "' WHERE id = " . $updated_clock['id'];
['id'];
// echo $query;
// die();
mysql_query($query);
header('Location: index.php');
}
public function gawa_ng_kalendaryo($year)
{
$numberOfDays = 390;
$newdayofweek = 1;
$weekNumber = 1;
$days = "+0 days";
// check table for the last date on the the table
$query = "SELECT juliandate FROM fiscalcalendar ORDER BY juliandate desc Limit 1";
$result = fetch_record($query);
if ($result['juliandate'] == 0) {
$juliandate = gregoriantojd(01, 01, date('Y', strtotime($year)));
} else {
$juliandate = $result['juliandate'] + 1;
}
// $juliandate = gregoriantojd(01,01,date('Y',strtotime($days)));
echo "<table border='5px'><thead><td>Julian Date</td><td>Gregorian Date</td><td>end of week</td><td>end of month</td><td>week#</td></thead><tbody>";
for ($i = 0; $i <= $numberOfDays; $i++) {
// check for end of week
$days = JDToGregorian($juliandate);
if (date('N', strtotime($days)) == 7) {
$endOfWeek = 'Y';
} else {
$endOfWeek = 'N';
}
// end of year
if (date("m", strtotime($days)) == 12 && date("j", strtotime($days)) == date("t", strtotime($days))) {
$endofyear = 'Y';
} else {
$endofyear = 'N';
}
// end of month
if (date("j", strtotime($days)) == date("t", strtotime($days))) {
$endofmonth = 'Y';
} else {
$endofmonth = 'N';
}
if (date("j", strtotime($days)) == 1) {
$weekNumber = 1;
$newdayofweek = date('N', strtotime($days));
} else {
if ($newdayofweek == date('N', strtotime($days))) {
$weekNumber += 1;
}
}
echo "<tr>" . $juliandate . '</td><td>' . JDToGregorian($juliandate) . '</td><td>' . $endOfWeek . '</td><td>' . $endofmonth . '</td><td>' . $weekNumber . '</td></tr>';
$query = "INSERT INTO fiscalcalendar (juliandate,fdate, fmonth, fday, fyear, endOfWeek, endofmonth, dayOfWeek, weekNumber) VALUES('" . $juliandate . "','" . date("y-m-d", strtotime($days)) . "'," . date("m", strtotime($days)) . "," . date('j', strtotime($days)) . "," . date('Y', strtotime($days)) . ",'" . $endOfWeek . "','" . $endofmonth . "','" . date('N', strtotime($days)) . "'," . $weekNumber . ")";
$result = run_mysql_query($query);
$juliandate += 1;
}
}
function login_user($post)
{
// First the security stuff and then a query to get all of the needed data from the database
$username = escape_this_string($post['username']);
$email = escape_this_string($post['email']);
$password = escape_this_string($post['password']);
$query = "SELECT * FROM users WHERE users.username = '******'";
$user = fetch_record($query);
// Beginning of validation checks
if (empty($username)) {
$_SESSION['errors'][] = "Please enter your username";
}
if (empty($password)) {
$_SESSION['errors'][] = "Please enter your password";
}
if (empty($email)) {
$_SESSION['errors'][] = "Please enter your email";
}
if (count($_SESSION['errors']) > 0) {
header('Location: main.php');
exit;
}
// End of validation checks
// Check to see if $user is empty
if (empty($user)) {
$_SESSION['errors'][] = "There are no users present in the database";
header('Location: main.php');
exit;
} else {
if (!empty($user)) {
$encrypted_password = md5($password . '' . $user['salt']);
if ($user['password'] == $encrypted_password) {
$_SESSION['user_id'] = $user['id'];
$_SESSION['first_name'] = $user['first_name'];
$_SESSION['logged_in'] = true;
header('Location: wall.php');
} else {
// If an error occurs then this error is shown
$_SESSION['errors'][] = "Cannot find a matching user";
header('Location: main.php');
exit;
}
}
}
}
function grabAnchors($hrefLinks, $main_site)
{
// grab the last id for this main site
$query = 'SELECT max(link_id),link_id FROM scrapper WHERE main_site_id = ' . $hrefLinks['main_site_id'];
$result = fetch_record($query);
$id = intval($result['link_id']);
// cURL the link and dump into the array the result
$array = curlHREF($hrefLinks['ref_link']);
sort($array);
// $array is returned as sorted array. get the fist and last
// index of the a-html-tag and start the loop from there
// anything else can be ignored
// get begin index
$startpos = getStart($array);
// get last index
$endpos = getLast($array, $startpos);
// if startpos = endpos, it would mean that the a-html-tag is not found properly
// update the document and exit
if ($startpos == $endpos) {
updateDocument($hrefLinks);
return;
}
// start parsing the a-html-tag
for ($i = $startpos; $i <= $endpos; $i++) {
// extract the href from the a-html-tag
$href_a = getHREF($array[$i]);
// check if link if to be excluded
if (excludLink($href_a, $main_site) === false) {
if (checkduplicate($href_a) === true) {
$id = $id + 1;
$query = "INSERT INTO scrapper (main_site_id, ref_link, link_id) VALUES ('" . $hrefLinks['main_site_id'] . "','" . $href_a . "','" . $id . "')";
// add the links
run_mysql_query($query);
}
}
}
// update the document after the parsing of the a-html-tag
updateDocument($hrefLinks);
return;
}
function update()
{
$query = "SELECT * FROM students WHERE id = '" . $_POST['id'] . "'";
// echo $query;
// die();
$student = fetch_record($query);
// var_dump($student);
// die();
$student_id = $student['id'];
// var_dump($student_id);
// die();
$query = "SELECT * from clocks WHERE student_id = '" . $student_id . "' ORDER BY clockintime DESC LIMIT 1";
// echo $query;
// die();
$updated_clock = fetch_record($query);
// var_dump($updated_clock);
// die();
if ($updated_clock) {
if (!isset($updated_clock['clockouttime'])) {
//option to clock out of this one
$_SESSION['step2'] = "clockout";
$_SESSION['student_info'] = $student;
header("location: clock_in.php");
} else {
//time for a new clock in
$_SESSION['step2'] = "clockin";
$_SESSION['student_info'] = $student;
header("location: clock_in.php");
}
} else {
//set clock in form
$_SESSION['step2'] = "clockin";
$_SESSION['student_info'] = $student;
header("location: clock_in.php");
}
}
<!-----------------------END MESSAGE DISPLAY-------------------->
<?php
// var_dump($_SESSION);
// var_dump($comments);
// die();
//----------------------BEGIN COMMENT DISPLAY--------------------//
if (isset($comments)) {
foreach ($comments as $index => $name) {
//grab the commenting user's name
$query = "SELECT first_name, last_name FROM users JOIN comments ON users.id = comments.comment_user_id WHERE users.id = '" . $name['comment_user_id'] . "'";
$comment_name = fetch_record($query);
//grab the comment id
$query = "SELECT id FROM comments WHERE created_at_cmt = '" . $name['created_at_cmt'] . "'";
$comment_id = fetch_record($query);
?>
<!-- begin comment formatting -->
<div class="comments">
<h2><?php
echo $name['comment'];
?>
</h2>
<p class="comment_info">Submitted: <?php
$cmt_date = date_create($name['created_at_cmt']);
?>
<?php
echo date_format($cmt_date, 'm/d/Y H:i');
?>
/* ====================================================================================================== */
/* -------------- login form ------------------ */
if ($_POST['submitted_form'] == 'login') {
if (empty($_POST['username']) || empty($_POST['password'])) {
$errors[] = "Make sure no fields are empty";
} else {
if (strlen($_POST['password']) < 6 || strlen($_POST['username']) < 2) {
$errors[] = "Make sure password is more than 6 characters and username is more than 2 characters";
}
}
// Set local variables //
$query_2 = "SELECT * FROM users WHERE username = '******'username']}' ";
$user = fetch_record($query_2);
$encrypted_password = md5(escape_this_string($_POST['password']) . '' . $user['salt']);
// Check database for username & password //
if (!fetch_record($query_2)) {
$errors[] = "Username not found";
} else {
if ($user['password'] != $encrypted_password) {
$errors[] = "Password is incorrect";
}
}
// log user in if user exists //
if (!empty($errors)) {
$_SESSION['errors'] = $errors;
$errors = array();
header('location: index.php');
} else {
$_SESSION['user'] = $user;
header('location: success.php');
}
<?php
session_start();
require 'new_connection.php';
if (isset($_POST['action']) && $_POST['action'] == 'login') {
$query = "SELECT * FROM thewall.users WHERE users.email = '{$_POST['email']}' AND users.password = '******'password']}'";
// echo($query);
$user = fetch_record($query);
$_SESSION['session_id'] = $user['id'];
// var_dump($user);
if (empty($_POST['email'])) {
$_SESSION['error'][] = "Please enter an email address.";
}
if (empty($_POST['password'])) {
$_SESSION['error'][] = "You did not enter a password.";
} else {
if ($user['email'] == $_POST['email']) {
header("location: success.php?new=false");
die;
} else {
$_SESSION['error'][] = "That email/password combination does not exist.";
}
}
if (isset($_SESSION['error'])) {
header("location: index.php");
die;
}
} elseif (isset($_POST['action']) && $_POST['action'] == 'register') {
//notifies user to complete all fields
if (empty($_POST['first_name'])) {
$_SESSION['error'][] = "Please fill in all fields.";
exit;
}
} elseif ($_POST['action'] == 'login') {
$errors = array();
if (empty($_POST['email'])) {
$errors[] = "Email cannot be left blank";
}
if (empty($_POST['password'])) {
$errors[] = "Password cannot be left blank";
}
if (!empty($errors)) {
$_SESSION['log_errors'] = $errors;
header("LOACTION: index.php");
exit;
} else {
$logged_in = fetch_record("SELECT * FROM users WHERE email = '" . $_POST['email'] . "' && password = '******'password'] . "'");
var_dump($logged_in);
if (!empty($logged_in)) {
$_SESSION['status'] = 'logged_in';
header("LOCATION: home.php");
exit;
} else {
$errors[] = "Your email or password is incorrect.";
$_SESSION['log_errors'] = $errors;
//header("LOCATION: index.php");
exit;
}
}
} else {
session_destroy();
header("LOCATION: index.php");
} else {
if (!filter_var($_POST["email"], FILTER_VALIDATE_EMAIL)) {
$error = "Email is not valid!";
}
}
if ($error != "") {
$_SESSION["error"] = $error;
header("Location: index.php");
} else {
$_SESSION["error"] = "";
$query = "INSERT INTO emails (email, created_at, updated_at)\n\t\t\t\t\t VALUES ('{$_POST['email']}', NOW(), NOW())";
if (run_mysql_query($query)) {
$_SESSION["message"] = "The email address you entered {$_POST['email']} is a VALID email address! Thank you!";
} else {
$_SESSION["message"] = "Failed to add email";
}
header("Location: success.php");
}
} else {
if (isset($_POST["action"]) && $_POST["action"] == "delete_email") {
$query = "SELECT email\n\t\t\t\t FROM emails\n\t\t\t\t WHERE email = '{$_POST['email']}'";
$query2 = "DELETE FROM emailsdb.emails\n\t\t\t\t WHERE email = '{$_POST['email']}'";
if (count(fetch_record($query)) > 0) {
run_mysql_query($query2);
$_SESSION["message2"] = "The email has been deleted!";
} else {
$_SESSION["message2"] = "We were not able to delete the email!";
}
header("Location: success.php");
}
}
}
header('location: wall.php');
}
/* ======================== Login form validation ======================================================== */
if ($_POST['submitted_form'] == 'login') {
if (empty($_POST['email']) || empty($_POST['password'])) {
$errors[] = "Make sure no fields are empty";
}
if (strlen($_POST['password']) < 6 || !filter_var($_POST['email'], FILTER_VALIDATE_EMAIL)) {
$errors[] = "Make sure password is more than 6 characters and email is valid";
}
// Set local variables //
$query_1 = "SELECT * FROM users WHERE email = '{$_POST['email']}' ";
$query_2 = "SELECT posts.id as post_id, post, posts.created_at as post_created_at, posts.user_id, \n\t\t\t\t\tusers.id as user_id, users.first_name, users.last_name, users.created_at as users_created_at \n\t\t\t\t\tFROM posts LEFT JOIN users ON posts.user_id = users.id";
$query_3 = "SELECT comments.id AS comment_id, comments.comment, comments.created_at AS comment_created_at, \n\t\t\t\t\tcomments.user_id AS comment_user_id, comments.post_id AS comment_post_id, \n\t\t\t\t\tusers.first_name AS comment_first_name, users.id AS comment_user_id FROM comments\n\t\t\t\t\tLEFT JOIN users ON comments.user_id = users.id;";
$this_user = fetch_record($query_1);
// Check database for username & password //
$encrypted_password = md5(escape_this_string($_POST['password']) . '' . $this_user['salt']);
if (empty($this_user)) {
$errors[] = "Email was not found";
} else {
if ($this_user['password'] != $encrypted_password) {
$errors[] = "Password and email do not match";
}
}
/* ---------- use when troubleshooting password / email errors ------ */
// echo "this_user: "******"encrypted_password:"******"stored password:";
<div id="txt">
<textarea name="message"></textarea>
</div>
<input id="message-post" type="submit" value="Post a message">
</form>
</div>
<?php
$messages = fetch_all("SELECT * FROM thewall.messages ORDER BY updated_at DESC");
// var_dump($messages);
// die();
foreach ($messages as $message) {
//re-formats date
$phpdate = strtotime($message['created_at']);
$date = date('F j, Y h:i:s', $phpdate);
//creates message divs
$name = fetch_record("SELECT * FROM users WHERE id = '{$message['user_id']}'");
echo "<h4>" . $name['first_name'] . " " . $name['last_name'] . " at " . $date . "<div class='mb'><p class='messages'>" . $message['message'] . "</p></div>";
$comments = fetch_all("SELECT * FROM thewall.comments WHERE message_id = {$message['id']} ORDER BY updated_at DESC");
foreach ($comments as $comment) {
$name = fetch_record("SELECT * FROM users WHERE id = '{$comment['user_id']}'");
$phpdate = strtotime($comment['created_at']);
$date = date('F j, Y h:i:s', $phpdate);
echo "<h5>" . $name['first_name'] . " " . $name['last_name'] . " - " . $date . "</h5><p class='comments'>" . $comment['comment'] . "</p>";
}
echo "\n\n\t\t\t\t\t\t<div class='comment-box'>\n\t\t\t\t\t\t\t<p>Post a comment</p>\n\t\t\t\t\t\t\t<form action='process.php' method='post'>\n\t\t\t\t\t\t\t<input type='hidden' name='action' value='cmt'>\n\t\t\t\t\t\t\t<input type='hidden' name='userid' value= " . $user['id'] . ">\n\t\t\t\t\t\t\t<input type='hidden' name='messageid' value = " . $message['id'] . ">\n\t\t\t\t\t\t\t<div class='comt'>\n\t\t\t\t\t\t\t\t<textarea rows='10' cols='100' name='comment'></textarea>\n\t\t\t\t\t\t\t</div>\n\t\t\t\t\t\t\t<input class='comment-post' type='submit' value='Post a comment'>\n\t\t\t\t\t\t\t</form>\n\t\t\t\t\t\t</div>\n\t\t\t\t\t";
}
?>
<div><audio autoplay="true" loop="true" src="thewall.mp3"></div>
</div>
</body>
</html>
$salt = bin2hex(openssl_random_pseudo_bytes(22));
$encrypted_password = md5($password . '' . $salt);
$query = "INSERT INTO users (first_name, last_name, email, password, salt, created_at, updated_at)\n\t\t\t\tVALUES ('{$first_name}', '{$last_name}', '{$email}', '{$encrypted_password}','{$salt}', NOW(), NOW())";
$_SESSION['user_id'] = run_mysql_query($query);
if ($_SESSION['user_id']) {
header('location: main.php');
die;
} else {
echo 'failed';
}
} else {
if (isset($_POST['action']) && $_POST['action'] == 'login') {
$email = escape_this_string($_POST['email']);
$password = escape_this_string($_POST['password']);
$user_query = "SELECT * FROM users WHERE users.email = '{$email}'";
$user = fetch_record($user_query);
if (!empty($user)) {
$encrypted_password = md5($password . '' . $user['salt']);
if ($user['password'] == $encrypted_password) {
$_SESSION['user_id'] = $user['id'];
header('location: main.php');
die;
} else {
$errors[] = "incorrect password";
$_SESSION['errors'] = $errors;
header('location: index.php');
die;
}
} else {
$errors[] = "unknown user";
$_SESSION['errors'] = $errors;
// Another program will then read through the selected record for sampling, then the actual scraping itself
// set runtime to only 10minutes
set_time_limit(1200);
// set the connection
include 'new-connection.php';
require 'crawler_lib.php';
// set the job-scheduler
// include( dirname(__FILE__) . "/phpjobscheduler/firepjs.php");
// get the first record.
// it will be assumed that the table will have an inital record which will contain the main site
// only get the records that are tag for drilling : drill = 'Y'.
// this will only loop(drill) 3times (or 3levels) just to be sure
// anything after the 3rd level will be ignored
// get the details of the site to determine how many levels to drill
$query = "SELECT * FROM sites WHERE drill = 'Y' AND status = 'Pending'";
$results = fetch_record($query);
// loop through the list
for ($list_loop = 0; $list_loop <= count($results); $list_loop++) {
// set runtime to only 10 minutes
set_time_limit(600);
for ($loopCounter = 0; $loopCounter <= $results['level']; $loopCounter++) {
// get the first link
$query = "SELECT * FROM scrapper WHERE main_site_id =" . $results['site_id'] . " AND drill = 'Y' AND drillStatus = 'Not Started'";
$query_results = fetch_all($query);
if (count($query_results) == 0) {
// update the site record
$query = "UPDATE sites SET drill='N', status='Completed' WHERE main_site_id =" . $results['site_id'];
run_mysql_query($query);
$loopCounter = $results['level'];
} else {
foreach ($query_results as $listing) {
$value = htmlspecialchars($value);
return $value;
}
function fetch_record($path)
{
$file = fopen($path, "r");
if (!$file) {
return FALSE;
}
$data = '';
while (!feof($file)) {
$data .= fgets($file, 1024);
}
return $data;
}
$string = fetch_record($url);
if ($string == FALSE) {
echo FALSE;
return;
}
/// fecth title
$title_regex = "/<title>(.+)<\\/title>/i";
preg_match_all($title_regex, $string, $title, PREG_PATTERN_ORDER);
$url_title = $title[1];
/// fecth decription
$tags = get_meta_tags($url);
// fetch images
$image_regex = '/<img[^>]*' . 'src=[\\"|\'](.*)[\\"|\']/Ui';
preg_match_all($image_regex, $string, $img, PREG_PATTERN_ORDER);
$images_array = $img[1];
$data = array();
//if user is Logging in
if ($_POST['action'] == 'login') {
$errors = array();
if (empty($_POST['email'])) {
$errors[] = "Email cannot be left blank";
}
if (empty($_POST['password'])) {
$errors[] = "Password cannot be left blank";
}
if (!empty($errors)) {
$_SESSION['log_errors'] = $errors;
header("LOCATION: index.php");
exit;
} else {
$query = "SELECT id FROM users WHERE email = '" . escape_this_string($_POST['email']) . "' && password = '******'password']) . "'";
$logged_in = fetch_record($query);
//var_dump($logged_in);
if (!empty($logged_in)) {
$_SESSION['status'] = 'logged_in';
$_SESSION['user_id'] = $logged_in['id'];
header("LOCATION: home.php");
exit;
} else {
$errors[] = "Your email or password is incorrect.";
$_SESSION['log_errors'] = $errors;
header("LOCATION: index.php");
exit;
}
}
}
//if user is posting a message
<?php
session_start();
require_once "new-connection.php";
if (!isset($_SESSION['status'])) {
header("LOCATION: index.php");
die;
}
$array_of_ids = fetch_all("SELECT id FROM messages WHERE created_at >=NOW() - INTERVAL 30 MINUTE AND user_id = '" . $_SESSION['user_id'] . "'");
$ids = array();
foreach ($array_of_ids as $array) {
array_push($ids, $array['id']);
}
$messages = fetch_all("SELECT messages.id, messages.user_id, messages.message, messages.created_at, users.first_name, users.last_name FROM messages LEFT JOIN users ON messages.user_id = users.id ORDER BY messages.id DESC");
$user_name = fetch_record("SELECT first_name, last_name FROM users WHERE id = " . $_SESSION['user_id']);
$name = $user_name['first_name'] . " " . $user_name['last_name'];
//print_r($emails);
?>
<!DOCTYPE html>
<html>
<head>
<title>The Wall</title>
<link rel="stylesheet" href="style.css">
</head>
<body>
<div class="background"></div>
<div class="header">
<h1>Coding Dojo Wall!</h1>
<h3 class="head">Welcome, <span><?php