mysql_query("INSERT INTO clubs (name, description, view_time, open_time, close_time, money) VALUES ('{$name}', '{$description}', '0', '0', '0', '{$money}')");
$success = "Club added successfully!";
}
} else {
if ($action == 'delete') {
$club_id = escape($_REQUEST['id']);
mysql_query("DELETE FROM clubs WHERE id='{$club_id}'");
$success = "Club deleted successfully!";
} else {
if ($action == 'update') {
$club_id = escape($_REQUEST['id']);
$description = escape($_REQUEST['description']);
mysql_query("UPDATE clubs SET description='{$description}' WHERE id='{$club_id}'");
$success = "Club updated successfully!";
}
}
}
}
$result = mysql_query("SELECT id,name,description,money FROM clubs");
if (isset($error)) {
get_page_advanced("man_clubs", "root", array('error' => $error, 'clubsResult' => $result));
} else {
if (isset($success)) {
get_page_advanced("man_clubs", "root", array('success' => $success, 'clubsResult' => $result));
} else {
get_page_advanced("man_clubs", "root", array('clubsResult' => $result));
}
}
} else {
header('Location: index.php');
}
<?php
include "../config.php";
include "../include/common.php";
include "../include/db_connect.php";
include "../include/session.php";
include "../include/chk.php";
include "../include/apply_submit.php";
if (isset($_SESSION['root'])) {
$mismatches = false;
if (isset($_REQUEST['club_id'])) {
if (isset($_REQUEST['act'])) {
checkMismatchedApplications($_REQUEST['club_id'], true);
$mismatches = array("Errors should be fixed. Click <a href=\"check_mismatch.php?club_id=" . $_REQUEST['club_id'] . "\">here</a> to refresh.");
} else {
$mismatches = checkMismatchedApplications($_REQUEST['club_id']);
}
}
$clubInfo = listClubs();
get_page_advanced("check_mismatch", "root", array('mismatches' => $mismatches, 'clubInfo' => $clubInfo));
} else {
header('Location: index.php');
}
$action = $_REQUEST['action'];
$user_id = escape($_REQUEST['id']);
if ($action == 'Reset') {
//clear all application data of the user
mysql_query("DELETE FROM answers USING applications INNER JOIN answers WHERE applications.user_id = '{$user_id}' AND applications.id = answers.application_id");
mysql_query("DELETE FROM applications WHERE user_id = '{$user_id}'");
$success = "Application reset!";
} else {
if ($action == 'Delete') {
//keep application data in case it's useful later
mysql_query("DELETE FROM users WHERE id = '{$user_id}'");
$success = "User deleted!";
}
}
}
$result = mysql_query("SELECT id, accessed, username, email, name FROM users");
$users = array();
// array of (last_login_time, (username, email, name))
while ($row = mysql_fetch_array($result)) {
$infoUser = array($row[2], $row[3], $row[4]);
//array of (username, email, name)
$users[$row[0]] = array($row[1], $infoUser);
}
if (isset($success)) {
get_page_advanced("userlist", "root", array('success' => $success, 'userList' => $users));
} else {
get_page_advanced("userlist", "root", array('userList' => $users));
}
} else {
header('Location: index.php');
}
if ($_REQUEST['action'] == "add") {
$result = mysql_query("SELECT name FROM club_notes_categories WHERE club_id = '{$club_id}' AND name = '{$catName}'");
if ($row = mysql_fetch_array($result)) {
$error = "Category already exists!";
} else {
mysql_query("INSERT INTO club_notes_categories (name, club_id) VALUES ('{$catName}', '{$club_id}')");
$success = "Category added!";
}
}
}
}
$result = mysql_query("SELECT name FROM club_notes_categories WHERE club_id = '{$club_id}'");
$categories = array();
while ($row = mysql_fetch_array($result)) {
array_push($categories, $row[0]);
}
if (isset($error)) {
get_page_advanced("man_notes", "admin", array('box_enabled' => $box_enabled, 'cat_enabled' => $cat_enabled, 'comment_enabled' => $comment_enabled, 'categories' => $categories, 'error' => $error));
} else {
if (isset($success)) {
get_page_advanced("man_notes", "admin", array('box_enabled' => $box_enabled, 'cat_enabled' => $cat_enabled, 'comment_enabled' => $comment_enabled, 'categories' => $categories, 'success' => $success));
} else {
get_page_advanced("man_notes", "admin", array('box_enabled' => $box_enabled, 'cat_enabled' => $cat_enabled, 'comment_enabled' => $comment_enabled, 'categories' => $categories));
}
}
} else {
get_page_advanced("message", "admin", array('message' => "General application cannot view submissions, so note functions are not available.", 'title' => "Manage Club"));
}
} else {
header('Location: index.php?error=' . urlencode("You are not logged in!"));
}
<?php
include "../include/common.php";
include "../config.php";
include "../include/db_connect.php";
include "../include/session.php";
if (isset($_SESSION['user_id'])) {
get_page_advanced("index", "apply");
} else {
get_page_advanced("message", "apply", array("title" => "Not Logged In", "message" => "You cannot access the application because you are not logged in. Please <a href=\"../login.php\">login first</a>.", "redirect" => "../login.php"));
}
<?php
include "../config.php";
include "../include/common.php";
include "../include/db_connect.php";
include "../include/session.php";
if (isset($_SESSION['root']) && isset($_REQUEST['cat'])) {
$cat = $_REQUEST['cat'];
if (substr($cat, -4) == '.php') {
$cat = substr($cat, 0, -4);
}
get_page_advanced("root_cat", "root", array('cat' => $cat));
} else {
header('Location: index.php');
}
<?php
include "../include/common.php";
include "../config.php";
include "../include/db_connect.php";
include "../include/session.php";
include "../include/apply_submit.php";
if (isset($_SESSION['user_id'])) {
$clubsApplied = getUserClubsApplied($_SESSION['user_id']);
get_page_advanced("supplement", "apply", array("clubsApplied" => $clubsApplied));
} else {
get_page_advanced("index", "apply", array());
}
$options = array();
//try to find the options from the current configuration file
while ($line = fgets($fin)) {
$index = strpos($line, ' = ');
if ($index !== FALSE) {
$key = substr($line, 9, $index - 11);
$val_start = $index + 3;
$val_end = strrpos($line, ";");
//before the line's ending semicolon
$val = substr($line, $val_start, $val_end - $val_start);
if (in_array($key, $option_list) && !in_array($key, $hide_options)) {
if (in_array($key, $array_options)) {
$options[$key] = fromPHPArray($val);
} else {
$options[$key] = stripFromPHP($val);
}
}
}
}
//now let the user edit other options not in config
$counter = 0;
foreach ($option_list as $option_name) {
if (!array_key_exists($option_name, $options)) {
$options[$option_name] = FALSE;
//value of false denotes hidden type, show as password box
}
}
get_page_advanced("man_config", "root", array('optionsMap' => $options, 'tabs' => $option_tabs, 'tab_list' => $display_tabs));
} else {
header('Location: index.php');
}
}
$result = mysql_query("SELECT id,name FROM purchase_confirm ORDER BY orderId");
$purchaseList = array();
while ($row = mysql_fetch_array($result)) {
array_push($purchaseList, array($row[0], $row[1]));
}
$result = mysql_query("SELECT users.username FROM users, user_groups WHERE user_groups.user_id=users.id AND user_groups.group=-1");
while ($row = mysql_fetch_array($result)) {
$userList[] = array($row[0]);
}
$result = mysql_query("SELECT orderID FROM purchase_confirm WHERE id='" . $_SESSION['user_id'] . "'");
if ($val = mysql_fetch_array($result)) {
$status_desired = $val[0];
} else {
$status_desired = 1;
$warning = "You have not added any users to the purchase order list";
}
$result = mysql_query("SELECT id, club_id, submit_time, status, amount, filename FROM purchase_order WHERE status={$status_desired} ORDER BY status");
$result_two = mysql_query("SELECT club_id, submit_time, status_time, amount, status FROM purchase_order WHERE status!={$status_desired}");
if (isset($success)) {
get_page_advanced("man_funds", "root", array('success' => $success, 'pending' => $result, 'completed' => $result_two, 'purchaseList' => $purchaseList, 'userList' => $userList));
} else {
if (isset($error)) {
get_page_advanced("man_funds", "root", array('error' => $error, 'pending' => $result, 'completed' => $result_two, 'purchaseList' => $purchaseList, 'userList' => $userList));
} else {
get_page_advanced("man_funds", "root", array('pending' => $result, 'completed' => $result_two, 'purchaseList' => $purchaseList, 'userList' => $userList));
}
}
} else {
header('Location: index.php');
}
$backupLink = FALSE;
if (isset($_REQUEST['backup'])) {
$dbResult = backupDatabase();
$fileResult = backupFiles();
if ($fileResult !== false) {
$backupLink = array($dbResult, $fileResult[0], $fileResult[1]);
$success = "Backup created!";
} else {
$error = "Something went wrong! If this continues, contact us!";
}
}
if (isset($success)) {
get_page_advanced("backup", "root", array('backupLink' => $backupLink, 'success' => $success));
} else {
if (isset($error)) {
get_page_advanced("backup", "root", array('backupLink' => $backupLink, 'error' => $error));
} else {
if (isset($warning)) {
get_page_advanced("backup", "root", array('backupLink' => $backupLink, 'warning' => $warning));
} else {
if (isset($info)) {
get_page_advanced("backup", "root", array('backupLink' => $backupLink, 'info' => $info));
} else {
get_page_advanced("backup", "root", array('backupLink' => $backupLink));
}
}
}
}
} else {
header('Location: index.php');
}
} else {
$max_list = 1;
}
if (isset($_REQUEST['option'])) {
if ($_REQUEST['description'] == "" || $_REQUEST['amount'] <= 0) {
get_page_advanced("purchase", "admin", array('deposit' => $deposit, 'incomplete' => $incomplete, 'pending' => $pending, 'accept' => $accept, 'reject' => $reject, 'balance' => $money, 'max_list' => $max_list, 'error' => "New orders require a description and amount!"));
} else {
if ($_REQUEST['transfer_type'] == -1) {
$id = createPurchase($club_id, $_REQUEST['description'], $_REQUEST['amount'] * $_REQUEST['transfer_type']);
get_page_advanced("purchase_create", "admin", array('club_id' => $club_id, 'id' => $id));
} else {
if ($_REQUEST['transfer_type'] == 0) {
$amount = $_REQUEST['amount'];
createDeposit($club_id, $_REQUEST['description'], $_REQUEST['amount']);
get_page_advanced("purchase", "admin", array('deposit' => $deposit, 'incomplete' => $incomplete, 'pending' => $pending, 'accept' => $accept, 'reject' => $reject, 'balance' => $money, 'max_list' => $max_list, 'success' => "\${$amount} added to your account!"));
}
}
}
} else {
if (isset($_REQUEST['edit'])) {
get_page_advanced("purchase_create", "admin", array('club_id' => $club_id, 'id' => $_REQUEST['edit']));
} else {
get_page_advanced("purchase", "admin", array('deposit' => $deposit, 'incomplete' => $incomplete, 'pending' => $pending, 'accept' => $accept, 'reject' => $reject, 'balance' => $money, 'max_list' => $max_list));
}
}
} else {
get_page_advanced("message", "admin", array('message' => "General application admin cannot make purchase orders.", 'title' => "Purchase Orders"));
}
} else {
header('Location: index.php?error=' . urlencode("You are not logged in!"));
}
$whereString = "id = '" . $club_id . "'";
$clubInfo = clubInfo($club_id);
//array (club name, club description, open_time, close_time, num_recommendations)
$sectionheader = "Supplement: " . $clubInfo[0];
} else {
$sectionheader = "General Application";
}
$createResult = generatePDFByResult($result, "../pdf/", $sectionheader);
if (!$createResult[0]) {
$error = "Error during PDF generation: " . $createResult[1];
} else {
$basePath = basePath();
$style = getStyle();
$stylePath = $basePath . "/astyle/{$style}";
$message = "<a href=\"../pdf/" . $createResult[1] . ".pdf\"><div class=\"nav-button-vertical small right\"><div class=\"pdf\" ></div></div></a>";
$success = "PDF made!";
}
}
//categories list comes from the category manager
if (isset($error)) {
get_page_advanced("preview", "admin", array('questionList' => $questionList, 'categories' => $categories, 'error' => $error, 'message' => $message, 'categories' => $categories));
} else {
if (isset($success)) {
get_page_advanced("preview", "admin", array('questionList' => $questionList, 'categories' => $categories, 'success' => $success, 'message' => $message, 'categories' => $categories));
} else {
get_page_advanced("preview", "admin", array('questionList' => $questionList, 'categories' => $categories, 'message' => $message, 'categories' => $categories));
}
}
} else {
header('Location: index.php?error=' . urlencode("You are not logged in!"));
}
<?php
include "../config.php";
include "../include/common.php";
include "../include/db_connect.php";
include "../include/session.php";
include "../include/chk.php";
if (isset($_SESSION['root'])) {
$pdfArray = false;
if (isset($_REQUEST['delete'])) {
checkExtraPDFs(true);
} else {
$pdfArray = checkExtraPDFs();
}
get_page_advanced("check_pdf", "root", array('pdfArray' => $pdfArray));
} else {
header('Location: index.php');
}
<?php
include "../config.php";
include "../include/common.php";
include "../include/db_connect.php";
include "../include/session.php";
include "../include/chk.php";
if (isset($_SESSION['root'])) {
if (isset($_REQUEST['clean'])) {
fullClean();
$success = "Database cleansed to unecessary evils.";
}
if (isset($success)) {
get_page_advanced("full_clean", "root", array('success' => $success));
} else {
get_page_advanced("full_clean", "root");
}
} else {
header('Location: index.php');
}
<?php
include "../config.php";
include "../include/common.php";
include "../include/db_connect.php";
include "../include/session.php";
if (isset($_SESSION['admin']) && isset($_REQUEST['id'])) {
//todo: admins currently can get information of users that didn't apply to their club
$user_id = escape($_REQUEST['id']);
$userinfo = getUserInformation($user_id);
//userinfo is array(username, email)
$profile = getProfile($user_id);
get_page_advanced("user_detail", "admin", array('username' => $userinfo[0], 'email' => $userinfo[1], 'name' => $userinfo[2], 'profile' => $profile));
} else {
header('Location: index.php');
}
<?php
include "../config.php";
include "../include/common.php";
include "../include/db_connect.php";
include "../include/session.php";
include "../include/apply_gen.php";
include "../include/statistics.php";
if (isset($_SESSION['admin'])) {
$club_id = $_SESSION['admin_club_id'];
$adminStat = adminStatistics($club_id);
$responseStat = responseStatistics($club_id, true, 8);
get_page_advanced("statistics", "admin", array('adminStat' => $adminStat, 'responseStat' => $responseStat));
} else {
header('Location: index.php?error=' . urlencode("You are not logged in!"));
}
<?php
include "../config.php";
include "../include/common.php";
include "../include/db_connect.php";
include "../include/session.php";
include "../include/recommend.php";
include "../include/custom.php";
if (isset($_SESSION['root'])) {
$recommendationResult = FALSE;
$user_id = -1;
if (isset($_REQUEST['user_id'])) {
$user_id = escape($_REQUEST['user_id']);
if (isset($_REQUEST['remove_id'])) {
$recommend_id = escape($_REQUEST['remove_id']);
//get instance id
$result = mysql_query("SELECT instance_id from recommendations WHERE id = '{$recommend_id}'");
if ($row = mysql_fetch_row($result)) {
$instance_id = $row[0];
mysql_query("DELETE FROM recommendations WHERE id = '{$recommend_id}'");
customDestroy($instance_id);
}
}
$recommendationResult = mysql_query("SELECT * FROM recommendations WHERE user_id = '{$user_id}'");
}
$result = mysql_query("SELECT id,username FROM users ORDER BY id");
get_page_advanced("rm_peer", "root", array('user_id' => $user_id, 'recommendationResult' => $recommendationResult, 'userdata' => $result));
} else {
header('Location: index.php');
}
if ($club_id != 0) {
$whereString = "id = '" . $club_id . "'";
$clubInfo = clubInfo($club_id);
//array (club name, club description, open_time, close_time, num_recommendations)
$sectionheader = "Supplement: " . $clubInfo[0];
} else {
$sectionheader = "General Application";
}
$createResult = generatePDFByResult($result, "../pdf/", $sectionheader);
if (!$createResult[0]) {
$error = "Error during PDF generation: " . $createResult[1];
} else {
$basePath = basePath();
$style = getStyle();
$stylePath = $basePath . "/astyle/{$style}";
$message = "<a href=\"../pdf/" . $createResult[1] . ".pdf\"><img src=\"" . $stylePath . "/images/application_word.png\" width=\"64\"></a>";
$success = "PDF made!";
}
}
if (isset($error)) {
get_page_advanced("gen_pdf", "admin", array('error' => $error, 'message' => $message, 'categories' => $categories));
} else {
if (isset($success)) {
get_page_advanced("gen_pdf", "admin", array('success' => $success, 'message' => $message, 'categories' => $categories));
} else {
get_page_advanced("gen_pdf", "admin", array('message' => $message, 'categories' => $categories));
}
}
} else {
header('Location: index.php?error=' . urlencode("You are not logged in!"));
}
<?php
include "../config.php";
include "../include/common.php";
include "../include/db_connect.php";
include "../include/session.php";
include "../include/statistics.php";
if (isset($_SESSION['root'])) {
$stat_array = calculateStatistics();
get_page_advanced("statistics", "root", array('stat_array' => $stat_array));
} else {
header('Location: index.php');
}
<?php
include "../include/common.php";
include "../config.php";
include "../include/db_connect.php";
include "../include/session.php";
if (isset($_SESSION['user_id'])) {
session_unset();
get_page_advanced("message", "apply", array("title" => "Logged out", "message" => "You have been logged out. Click <a href=\"../\">here</a> to continue.", "redirect" => "../"));
} else {
get_page_advanced("message", "apply", array("title" => "Not Logged In", "message" => "You are not logged in, so there is no reason to log out. Click <a href=\"../\">here</a> to continue.", "redirect" => "../login.php"));
}
if (isset($_SESSION['root'])) {
$page = FALSE;
$contents = FALSE;
if (isset($_REQUEST['action']) && isset($_REQUEST['page'])) {
$page = $_REQUEST['page'];
if ($_REQUEST['action'] == "Edit") {
if (isset($_REQUEST['contents'])) {
savePage($page, $_REQUEST['contents']);
}
$contents = page_db_part($page);
} else {
if ($_REQUEST['action'] == "Delete") {
deletePage($page);
} else {
if ($_REQUEST['action'] == "Add") {
include_once "../include/default_pages.php";
if (array_key_exists($page, $pages)) {
savePage($page, $pages[$page]);
} else {
savePage($page, "");
}
}
}
}
}
$result = mysql_query("SELECT name FROM pages");
//we can't pass a variable named "page", so we set as "epage" for edit page
get_page_advanced("man_pages", "root", array('epage' => $page, 'contents' => $contents, 'pagesResult' => $result));
} else {
header('Location: index.php');
}
<?php
include "../config.php";
include "../include/common.php";
include "../include/db_connect.php";
include "../include/session.php";
if (isset($_SESSION['admin']) && isset($_REQUEST['peer_pdf']) && isset($_REQUEST['user_id'])) {
//todo: admins can see any peer recommendations if they know the user ID
$peer_pdf = escape($_REQUEST['peer_pdf']);
$user_id = escape($_REQUEST['user_id']);
$result = mysql_query("SELECT author, email FROM recommendations WHERE filename = '{$peer_pdf}' AND user_id = '{$user_id}'");
if ($row = mysql_fetch_array($result)) {
get_page_advanced("view_recommendation", "admin", array('author' => $row[0], 'email' => $row[1], 'filename' => $peer_pdf));
} else {
get_page_advanced("message", "admin", array("title" => "Error", "message" => "Could not find requested recommendation!"));
}
} else {
header('Location: index.php');
}
<?php
include "../config.php";
include "../include/common.php";
include "../include/db_connect.php";
include "../include/session.php";
include "../include/subscribe.php";
if (isset($_SESSION['admin'])) {
$club_id = $_SESSION['admin_club_id'];
$user_id = $_SESSION['user_id'];
if ($club_id > 0) {
$subscribers = listSubscriberInfo($club_id);
//array of user_id => userInformation array (username, email, name)
get_page_advanced("view_subscribe", "admin", array('subscribers' => $subscribers));
} else {
get_page_advanced("message", "admin", array('message' => "General application admin does not have a club to manage.", 'title' => "View submissions"));
}
} else {
header('Location: index.php?error=' . urlencode("You are not logged in!"));
}
if (isset($_REQUEST['method'])) {
$method = trim($_REQUEST['method']);
}
$size = "medium";
if (isset($_REQUEST['size'])) {
$size = trim($_REQUEST['size']);
}
$generate = $name . "\n";
$generate .= $description . "\n";
$type_line = "type:{$type}; status:{$status}";
if ($type == "essay" || $type == "short") {
$type_line .= "; showchars:{$showchars}; length:{$length}; size:{$size}";
} else {
if ($type == "select") {
$type_line .= "; method:{$method}";
}
}
$generate .= $type_line;
get_page_advanced("easyq_generated", "admin", array('generate' => $generate, 'name' => $name, 'description' => $description, 'type' => $type_line));
} else {
get_page_advanced("easyq_question", "admin", array('error' => "Question and Description are required", 'type' => $_REQUEST['type']));
}
} else {
get_page_advanced("easyq_question", "admin", array('type' => $_REQUEST['type']));
}
} else {
get_page_advanced("easyq_type", "admin");
}
} else {
header('Location: index.php?error=' . urlencode("You are not logged in!"));
}
<?php
include "../config.php";
include "../include/common.php";
include "../include/db_connect.php";
include "../include/session.php";
//check for $_REQUEST['id'] here because this page should never be accessed without an id set
if (isset($_SESSION['admin']) && isset($_REQUEST['id'])) {
$club_id = $_SESSION['admin_club_id'];
$user_id = $_SESSION['user_id'];
$app_id = escape($_REQUEST['id']);
if ($club_id > 0) {
//retrieve and display comments (if not found in table, comments have not been set yet so default to blank)
$current_comments = "";
$result = mysql_query("SELECT comments FROM club_notes WHERE application_id='{$app_id}' AND user_id='{$user_id}'");
if ($row = mysql_fetch_array($result)) {
$current_comments = $row[0];
}
get_page_advanced("comments", "admin", array('comments' => $current_comments, 'app_id' => $app_id));
} else {
get_page_advanced("index", "admin", array('warning' => "General application admin does not have comments!"));
}
} else {
header('Location: index.php');
}
} else {
if ($_REQUEST['action'] == "Add multiple questions" && isset($_REQUEST['data'])) {
$dataText = str_replace("\r", "", $_REQUEST['data']);
$dataLines = explode("\n", $dataText);
for ($i = 0; $i < count($dataLines) - 2; $i += 3) {
$result = insertQuestion($dataLines[$i], $dataLines[$i + 1], $dataLines[$i + 2], $club_id, $database, $whereString);
if ($result === TRUE) {
$message = "Addition successful!";
} else {
$message = "Addition failed: {$result}";
}
}
} else {
if ($_REQUEST['action'] == "deleteall") {
deleteQuestions($database, $whereString);
}
}
}
}
}
}
}
$result = mysql_query("SELECT id, orderId, varname, vardesc, vartype FROM {$database} WHERE {$whereString} ORDER BY orderId");
$questionList = array();
while ($row = mysql_fetch_array($result)) {
array_push($questionList, array($row[0], $row[1], $row[2], $row[3], $row[4]));
}
get_page_advanced("man_questions", "admin", array("message" => $message, "editInfo" => $editInfo, "questionList" => $questionList, "categories" => $categories, "inform" => $inform));
} else {
header('Location: index.php?error=' . urlencode("You are not logged in!"));
}
} else {
$warning = "You need your current password to make any changes!";
}
$result = mysql_query("SELECT name, description, view_time, open_time, close_time, num_recommend FROM clubs WHERE id='{$club_id}'");
if (isset($error)) {
$inform['error'] = $error;
} else {
if (isset($success)) {
$inform['success'] = $success;
} else {
if (isset($info)) {
$inform['info'] = $info;
} else {
if (isset($warning)) {
$inform['warning'] = $warning;
}
}
}
}
if ($row = mysql_fetch_array($result)) {
$parameters = array('club_name' => $row['name'], 'description' => $row['description'], 'view_time' => $row['view_time'], 'open_time' => $row['open_time'], 'close_time' => $row['close_time'], 'num_recommend' => $row['num_recommend'], 'username' => $userInfo[0], 'email' => $userInfo[1], 'name' => $userInfo[2], 'inform' => $inform);
get_page_advanced("man_club", "admin", $parameters);
} else {
get_page_advanced("message", "admin", array('message' => "Error: your club cannot be found in the clubs table.", 'title' => "Manage Club"));
}
} else {
get_page_advanced("message", "admin", array('message' => "Error: general application does not have club settings.", 'title' => "Manage Club"));
}
} else {
header('Location: index.php?error=' . urlencode("You are not logged in!"));
}
<?php
include "../config.php";
include "../include/common.php";
include "../include/db_connect.php";
include "../include/session.php";
include "../include/chk.php";
if (isset($_SESSION['root'])) {
if (isset($_REQUEST['delete'])) {
checkNoHome();
}
get_page_advanced("check_nohome", "root");
} else {
header('Location: index.php');
}
include "../include/chk.php";
if (isset($_SESSION['root'])) {
if (isset($_REQUEST['wipe']) && isset($_REQUEST['password'])) {
if (checkLogin($_SESSION['user_id'], $_REQUEST['password'])) {
databaseWipe();
$success = "Your database has been completely wiped.";
} else {
$error = "Invalid password! You have been logged out for security purposes!";
session_unset();
}
}
if (isset($success)) {
get_page_advanced("dbwipe", "root", array('success' => $success));
} else {
if (isset($error)) {
get_page_advanced("dbwipe", "root", array('error' => $error));
} else {
if (isset($warning)) {
get_page_advanced("dbwipe", "root", array('warning' => $warning));
} else {
if (isset($info)) {
get_page_advanced("dbwipe", "root", array('info' => $info));
} else {
get_page_advanced("dbwipe", "root");
}
}
}
}
} else {
header('Location: index.php');
}
}
}
}
}
//only continue if we haven't failed already
if (isset($_SESSION['user_id'])) {
$checkResult = checkRootLogin($_SESSION['user_id'], $_REQUEST['password']);
if ($checkResult === TRUE) {
$_SESSION['root'] = true;
} else {
if ($checkResult === -1) {
$parameters['error'] = "Login information is not correct.";
} else {
if ($checkResult === -2) {
$parameters['error'] = "Please try again later (you are locked out for too many failed attempts).";
} else {
if ($checkResult === 1) {
$parameters['error'] = "You are not a root administrator.";
}
}
}
}
}
}
}
if (isset($_SESSION['root'])) {
get_page_advanced("index", "root", $parameters);
} else {
$parameters['user_loggedin'] = isset($_SESSION['user_id']);
get_page_advanced("index_login", "root", $parameters);
}
