public function Update()
{
global $database;
$attributes = $this->SanitizedAttributes();
$attributes_pairs = array();
foreach ($attributes as $key => $value) {
$attributes_pairs[] = "{$key} = '{$value}' ";
}
$query = "UPDATE " . self::$table_name . " SET ";
$query .= join(", ", $attributes_pairs);
$query .= " WHERE id=" . $database->EscapeValue($this->id);
$database->Query($query);
return $database->AffectedRows() == 1 ? RedirectTo("manage_admin.php") : RedirectTo("edit_admin.php?id=" . $this->id);
}
<?php
if (!$session->IsLoggedIn()) {
RedirectTo("login.php");
}
?>
<?php
IncludeLayout("left-menu.php");
?>
<section class="page-cont">
<div>
<h2>Welcome, <?php
echo $session->user_id;
?>
</h2>
<?php
echo $session->Message();
?>
</div>
</section>
<?php
if ($_GET['logout'] == 'true') {
$session->Logout();
RedirectTo("login.php");
}
?>
<?php
IncludeLayout("footer.php");
include "../includes/layouts/admin-header.php";
?>
<?php
$current_subject = FindSubjectById($_GET["subject"], false);
if (!$current_subject) {
RedirectTo("manage_content.php");
}
$pages_set = PagesForSubjects($current_subject["id"], false);
if (mysqli_num_rows($pages_set) > 0) {
$_SESSION["message"] = "Can't delete subject with pages";
RedirectTo("manage_content.php?subject={$current_subject["id"]}");
}
$id = $current_subject["id"];
$query = "DELETE FROM subjects WHERE id = {$id} LIMIT 1";
$result = mysqli_query($db, $query);
if ($result && mysqli_affected_rows($db) == 1) {
$_SESSION["message"] = "Subject deleted.";
RedirectTo("manage_content.php");
} else {
$message = "Subject deletion failed";
RedirectTo("new_subject.php?subject={$id}");
}
?>
<?php
include "../includes/layouts/footer.php";
<?php
require_once "../includes/session.php";
require_once "../includes/functions.php";
?>
<?php
$_SESSION["admin_id"] = null;
$_SESSION["username"] = null;
RedirectTo("admin_login.php");
$errMsg .= "</div>";
}
$data = array('msg1' => $errMsg, 'msg2' => '');
echo json_encode($data);
}
//EDIT PEMELIHARAAN
if (isset($_GET['idPemeliharaan'])) {
$errMsg = "";
$idPemeliharaan = $_GET['idPemeliharaan'];
$idAlat = htmlspecialchars($_POST['idAlat']);
$startBroken = htmlspecialchars($_POST['startBroken']);
$startRepair = htmlspecialchars($_POST['startRepair']);
$finishRepair = htmlspecialchars($_POST['finishRepair']);
$qry = "UPDATE pemeliharaan SET id_kerusakan='{$idPemeliharaan}', id_alat='{$idAlat}',start_broken='{$startBroken}',start_repair='{$startRepair}', finish_repair='{$finishRepair}'\n\t\t WHERE id_kerusakan='{$idPemeliharaan}'";
$hsl = querydb($qry);
RedirectTo('pemeliharaan.php', false);
}
if (isset($_POST['hapusPemeliharaan'])) {
$errMsg = "";
$idPemeliharaan = $_POST['idPemeliharaan'];
$qri = "DELETE FROM pemeliharaan WHERE id_kerusakan='" . $idPemeliharaan . "'";
$res = querydb($qri);
if ($res) {
$errMsg .= "<div class=\"alert alert-success alert-dismissible\" role=\"alert\">";
$errMsg .= "<button type=\"button\" class=\"close\" data-dismiss=\"alert\" aria-label=\"Close\"><span aria-hidden=\"true\">×</span></button>";
$errMsg .= "SUKSES !!! Data sudah dihapus!!!";
$errMsg .= "</div>";
} else {
$errMsg .= "<div class=\"alert alert-danger alert-dismissible\" role=\"alert\">";
$errMsg .= "<button type=\"button\" class=\"close\" data-dismiss=\"alert\" aria-label=\"Close\"><span aria-hidden=\"true\">×</span></button>";
$errMsg .= "GAGAL !!! Data tidak bisa dihapus !!!";
if (isset($_POST['submit'])) {
$fields_required = array("username", "password");
ValidatePresence($fields_required);
$fields_with_max_lengths = array("username" => 40);
ValidateMaxLengths($fields_with_max_lengths);
$fields_with_max_lengths = array("username" => 40);
ValidateMaxLengths($fields_with_max_lengths);
if (empty($errors)) {
//Login
$username = $_POST["username"];
$password = $_POST["password"];
$found_admin = AttemptLogin($username, $password);
if ($found_admin) {
$_SESSION['admin_id'] = $found_admin["id"];
$_SESSION['username'] = $found_admin["username"];
RedirectTo("admin.php");
} else {
$_SESSION["message"] = "Username/Password not found.";
}
}
} else {
}
?>
<?php
$context = "admin";
include "../includes/layouts/admin-header.php";
?>
<section class="all-subj-menu"><div></div></section>
<section class="page">
$username = trim($_POST["username"]);
$password = trim($_POST["password"]);
//Validations
$fields_required = array("username", "password");
foreach ($fields_required as $field) {
$value = trim($_POST[$field]);
if (!HasPresence($value)) {
$errors[$field] = ucfirst($field) . " can't be blank";
}
}
$fields_with_max_lengths = array("username" => 10, "password" => 3);
ValidateMaxLengths($fields_with_max_lengths);
// Login
if (empty($errors)) {
if ($username == "Vera" && $password == "123") {
RedirectTo("index.php");
} else {
$message = "Username/password doesn't match";
}
}
} else {
$username = "";
$message = "Please log in.";
}
?>
<!DOCTYPE html>
<html>
<head>
<title>Form Single Page</title>
<meta charset="UTF-8">
// Update
}
$id = $current_subject["id"];
$menu_name = MysqlPrep($_POST["menu_name"]);
$position = (int) $_POST["position"];
$visible = (int) $_POST["visible"];
$query = "UPDATE subjects SET ";
$query .= "menu_name = '{$menu_name}' , ";
$query .= "position = {$position} , ";
$query .= "visible = {$visible} ";
$query .= "WHERE id = {$id} ";
$query .= "LIMIT 1";
$result = mysqli_query($db, $query);
if ($result && mysqli_affected_rows($db) >= 0) {
$_SESSION["message"] = "Subject updated.";
RedirectTo("manage_content.php");
} else {
$message = "Subject update failed";
}
} else {
//Prob GET request
}
// end: if (isset($_POST['submit']))
?>
<section class="all-subj-menu">
<div>
<?php
echo Navigation($current_subject, $current_page, false);
?>
</div>
$visible = (int) $_POST["visible"];
$fields_required = array("menu_name", "position", "visible");
ValidatePresence($fields_required);
$fields_with_max_lengths = array("menu_name" => 70);
ValidateMaxLengths($fields_with_max_lengths);
if (!empty($errors)) {
$_SESSION["errors"] = $errors;
RedirectTo("new_subject.php");
}
$query = "INSERT INTO subjects (";
$query .= "menu_name, position, visible";
$query .= ") VALUES (";
$query .= " '{$menu_name}', {$position}, {$visible}";
$query .= ")";
$result = mysqli_query($db, $query);
if ($result) {
$_SESSION["message"] = "Subject created.";
RedirectTo("manage_content.php");
} else {
$_SESSION["message"] = "Subject creation failed";
RedirectTo("new_subject.php");
}
} else {
RedirectTo("new_subject.php");
}
?>
<?php
if (isset($db)) {
mysqli_close($db);
}
<?php
namespace ScriptAcid;
require_once $_SERVER["DOCUMENT_ROOT"] . "/scriptacid/core/kernel.php";
SetTitle("Завершение сеанса пользователя");
//App::get()->makePage(function(&$arPageParams) {
?>
<?php
if (App::USER()->IsAuthorized() and $_GET['logout'] == 'Y') {
App::USER()->UnAuthorize();
ShowMsg('Заходите к нам еще!');
RedirectTo('/', 3000);
} else {
ShowError('Вы не вошли');
}
?>
<?php
// }); // end of makePage
function ConfirmLoggedIn()
{
if (!LoggedIn()) {
RedirectTo("admin_login.php");
}
}
<?php
// header("HTTP 1.1 / 404 Not Found");
// header("X-Powered-By: none of your business");
function RedirectTo($newLocation)
{
header("Location: " . $newLocation);
exit;
}
$loggedIn = $_GET['loggedIn'];
if ($loggedIn == "1") {
RedirectTo("FirstPage.php");
} else {
RedirectTo("http://google.com");
}
?>
<!DOCTYPE html>
<html>
<head>
<title>JClass</title>
<meta charset="UTF-8">
</head>
<body>
<pre>
<?php
print_r(headers_list());
?>
</pre>
<?php
App::callComponent(":catalog.element.add", "_admin", array("FIELDS" => array("ID", "ACTIVE", "NAME", "CATALOG_SECTION_ID", "CATALOG_ID", "SORT", "CODE", "PREVIEW_PICTURE", "PREVIEW_TEXT", "PREVIEW_TEXT_TYPE", "DETAIL_PICTURE", "DETAIL_TEXT", "DETAIL_TEXT_TYPE", "TAGS"), "ID" => $_GET['ID'], "CATALOG_ID" => $_GET['CATALOG_ID'], "TYPE" => $_GET["TYPE"]));
?>
<?php
break;
?>
<?php
case 'DELETE':
?>
<?php
ShowMsg();
?>
<?php
if (CatalogElement::Delete($_GET["ID"])) {
AddMsg("Элемент успешно удалён");
RedirectTo('/scriptacid/admin/catalog/element.php' . '?CATALOG_ID=' . $_GET["CATALOG_ID"] . '&TYPE=' . $_GET["TYPE"] . '&ID=' . $_GET["ID"]);
} else {
echo ShowError("Ошибка при удалении элемента каталога");
}
?>
<p><a href="/scriptacid/admin/catalog/">Список типов</a></p>
<?php
break;
?>
<?php
default:
?>
<?php
$arCaralogType = CatalogType::GetByID($_GET["TYPE"]);
$fields_required = array("menu_name", "position", "visible", "content");
ValidatePresence($fields_required);
$fields_with_max_lengths = array("menu_name" => 70);
ValidateMaxLengths($fields_with_max_lengths);
if (empty($errors)) {
$query = "UPDATE pages SET ";
$query .= "menu_name = '{$menu_name}', ";
$query .= "position = {$position}, ";
$query .= "visible = {$visible}, ";
$query .= "content = '{$content}' ";
$query .= "WHERE id = {$id} ";
$query .= "LIMIT 1";
$result = mysqli_query($db, $query);
if ($result && mysqli_affected_rows($db) == 1) {
$_SESSION["message"] = "Page updated.";
RedirectTo("manage_content.php?page={$id}");
} else {
$_SESSION["message"] = "Page update failed.";
}
}
} else {
//Prob GET request
}
// end: if (isset($_POST['submit']))
?>
<?php
include "../includes/layouts/admin-header.php";
?>
<section class="all-subj-menu">
<?php
App::callComponent(":catalog.type.add", "_admin", array("FIELDS" => array("ID", "NAME", "SORT", "SID", "SECTION_NAME", "ELEMENT_NAME"), "ID" => $_GET['ID']));
?>
<?php
break;
?>
<?php
case 'DELETE':
?>
<?php
ShowMsg();
?>
<?php
if (CatalogType::Delete($_GET["ID"])) {
AddMsg("Тип успешно удалён");
RedirectTo('/scriptacid/admin/catalog/');
} else {
ShowError("Ошибка при удалении типа каталога");
}
?>
<p><a href="/scriptacid/admin/catalog/">Список типов</a></p>
<?php
break;
?>
<?php
default:
?>
<h3><?php
echo LANG("MODULE_CATALOG_TYPES_TITLE");
?>
</h3>
<?php
require_once "../../includes/initialize.php";
if (!$session->IsLoggedIn()) {
RedirectTo("login.php");
}
IncludeLayout("admin-header.php");
$max_file_size = 10485760;
if (isset($_POST["submit"])) {
$photograph = new Photograph();
$photograph->caption = $_POST["caption"];
$photograph->AttachFile($_FILES["upload_file"]);
$photograph->id = $database->InsertId();
if ($photograph->SaveWithFile()) {
$session->SetMessage("Successfully uploaded.");
RedirectTo("photo_view.php");
} else {
$message = join("<br/>", $photograph->errors);
}
}
?>
<?php
IncludeLayout("left-menu.php");
?>
<div>
<section>
<div>
<h2>Upload photo</h2>
<?php
echo Messages($message);
<?php
include "../../includes/layouts/admin-header.php";
require_once "../../includes/initialize.php";
$user = User::FindById($_GET["id"]);
if (!$user) {
redirect_to("manage_admin.php");
} else {
$user->id = $_GET['id'];
if ($user->Delete()) {
RedirectTo("manage_admin.php");
} else {
RedirectTo("edit_admin.php?id=" . $user->id);
}
}
?>
<?php
include "../../includes/layouts/footer.php";
function GetSingleDeal()
{
global $LanguageID;
global $LanguageCode;
if ($LanguageID == 0) {
$LanguageID = 1;
$LanguageCode = 'en';
$Expiry = time() + 60 * 60;
setcookie('LID', $LanguageID, $Expiry);
}
list($QR, $DR, $T) = QuerySingle("SELECT D.DealID, COALESCE(LSDa.StringText, LSDb.StringText) AS Title\n FROM 4000_Deals D\n INNER JOIN 0200_Language_Strings LSDa ON D.StringID = LSDa.StringID AND LSDa.LanguageID = " . $LanguageID . "\n INNER JOIN 0200_Language_Strings LSDb ON D.StringID = LSDb.StringID AND LSDb.LanguageID = 1\n WHERE D.DealID = " . (int) $_SERVER['QUERY_STRING'] . ";");
if ($QR > 0) {
return DisplayMainScreen('InitD(' . $DR['DealID'] . ');', $DR['Title']);
}
RedirectTo();
}
<?php
require_once "session.php";
if (!checkSession()) {
RedirectTo("http://localhost/xampp/ProjectX/SigninPage.php");
exit;
}
?>
<div class="profile">
<?php
include 'connect.php';
$username = $_SESSION['username'];
$password = $_SESSION['password'];
$query = "SELECT username,phone,firstname,lastname,email,gender,photopath FROM profile WHERE (username='******' AND password='******') AND activation IS NULL";
$result = mysqli_query($connection, $query);
$result_array = mysqli_fetch_array($result);
$photopath = $result_array['photopath'];
echo "<img src='" . $photopath . "' /> </br></br>";
echo "Username :"******"</br>";
echo "Phone no. :" . $result_array['phone'] . "</br>";
echo "FirstName :" . $result_array['firstname'] . "</br>";
echo "LastName :" . $result_array['lastname'] . "</br>";
echo "Email :" . $result_array['email'] . "</br>";
echo "Gender :" . $result_array['gender'] . "</br>";
?>
</div>
$fields_with_max_lengths = array("username" => 40);
ValidateMaxLengths($fields_with_max_lengths);
$fields_with_max_lengths = array("username" => 40);
ValidateMaxLengths($fields_with_max_lengths);
if (empty($errors)) {
$username = MysqlPrep($_POST["username"]);
$hashed_password = PasswordEncrypt($_POST["password"]);
$query = "INSERT INTO admins (";
$query .= "username, hashed_password";
$query .= ") VALUES (";
$query .= " '{$username}', '{$hashed_password}' ";
$query .= ")";
$result = mysqli_query($db, $query);
if ($result) {
$_SESSION["message"] = "Admin user created.";
RedirectTo("manage_admin.php");
} else {
$_SESSION["message"] = "Admin user creation failed";
}
}
} else {
}
?>
<?php
$context = "admin";
include "../includes/layouts/admin-header.php";
?>
<section class="all-subj-menu"><div></div></section>
<section class="page">
<?php
require_once "../includes/session.php";
require_once "../includes/db_connect.php";
require_once "../includes/functions.php";
include "../includes/layouts/admin-header.php";
?>
<?php
$current_admin = FindAdminById($_GET["id"]);
if (!$current_admin) {
RedirectTo("manage_admin.php");
}
$id = $current_admin["id"];
$query = "DELETE FROM admins WHERE id = {$id} LIMIT 1";
$result = mysqli_query($db, $query);
if ($result && mysqli_affected_rows($db) == 1) {
$_SESSION["message"] = "Admin deleted.";
RedirectTo("manage_admin.php");
} else {
$message = "Admin deletion failed";
RedirectTo("new_admin.php?id={$id}");
}
?>
<?php
include "../includes/layouts/footer.php";
ValidateMaxLengths($fields_with_max_lengths);
if (empty($errors)) {
$subject_id = $current_subject["id"];
$menu_name = MysqlPrep($_POST["menu_name"]);
$position = (int) $_POST["position"];
$visible = (int) $_POST["visible"];
$content = MysqlPrep($_POST["content"]);
$query = "INSERT INTO pages (";
$query .= "subject_id, menu_name, position, visible, content";
$query .= ") VALUES (";
$query .= " {$subject_id}, '{$menu_name}', {$position}, {$visible}, '{$content}' ";
$query .= ")";
$result = mysqli_query($db, $query);
if ($result) {
$_SESSION["message"] = "Page created.";
RedirectTo("manage_content.php?subject=" . urlencode($current_subject["id"]));
} else {
$_SESSION["message"] = "Page creation failed";
}
}
} else {
}
?>
<section class="all-subj-menu">
<div>
<?php
echo Navigation($current_subject, $current_page, false);
?>
</div>
</section>
