function parseURI()
{
parse_str($_SERVER['QUERY_STRING'], $params);
$ustreamUID = $params['ustreamUID'] ? $params['ustreamUID'] : NULL;
$longitude = $params['longitude'] ? $params['longitude'] : NULL;
$latitude = $params['latitude'] ? $params['latitude'] : NULL;
$event = $params['event'] ? $params['event'] : NULL;
echo "uid: " . $ustreamUID . " latitude: " . $latitude . " longitude: " . $longitude . " event: " . $event . "<br/>";
if ($ustreamUID && $longitude && $latitude && $event) {
if (findUser($ustreamUID)) {
updateUser($ustreamUID, $longitude, $latitude, $event);
} else {
insertUser($ustreamUID);
updateUser($ustreamUID, $longitude, $latitude, $event);
}
}
}
include_once $basedir . '/lib/Template.class.php';
include_once $basedir . '/lib/Reservation1.class.php';
include_once $basedir . '/lib/AnonymousUser.class.php';
$t = new Template(translate('Join Reservation'));
$t->printHTMLHeader();
$t->startMain();
$resid = htmlspecialchars($_POST['h_join_resid']);
$userid = htmlspecialchars($_POST['h_join_userid']);
$fname = htmlspecialchars(trim($_POST['h_join_fname']));
$lname = htmlspecialchars(trim($_POST['h_join_lname']));
$email_address = htmlspecialchars(trim($_POST['h_join_email']));
$found_user = false;
// Get the Reservation
$res = new Reservation($resid);
if ($res != null && !empty($resid)) {
$found_user = findUser($userid);
// Validate data
if (validate_data($userid, $fname, $lname, $email) == '') {
$user = new User();
// Load get the userid or create one if the data is ok
// First see if we have a user with this email address
if (($userid == $user->get_id_by_email($email)) != false) {
// Invite the user we found in the database
$user = new User($userid);
$userid = $user->get_id();
$found_user = true;
} else {
if (($userid == AnonymousUser::get_id_by_email($email)) != false) {
// There is an anonymous user with this email already, update info
$a_user = new AnonymousUser($userid);
$a_user->fname = $fname;
| and give it the controller to call when that URI is requested.
|
*/
Route::get('/', function () {
return redirect('vacation');
});
Route::get('vacation', function () {
$id = Input::get('u');
$idSelected = true;
if ($id == null) {
$idSelected = false;
}
$VDate = getVDate();
$myApplies = getMyApplies($id);
$users = getUsersSimple();
$user = findUser($users, $id);
return view('vacation', ['h1' => "내 휴가 현황", 'h1_small' => "내 남은 휴가와 휴가 사용내용을 확인합니다.", 'pagetype' => "user", 'vdate' => $VDate, 'myApplies' => $myApplies, 'users' => $users, 'user' => $user, 'id' => $id, 'idSelected' => $idSelected]);
});
Route::get('admin', function () {
$appies = getApplies();
return view('admin', ['h1' => "휴가 관리", 'h1_small' => "전 직원의 휴가신청서를 조회합니다.", 'pagetype' => "admin", 'applies' => $appies]);
});
Route::get('apply', function () {
$users = getUsersSimple();
return view('apply', ['pagetype' => "admin", 'users' => $users]);
});
Route::post('apply', function (\Illuminate\Http\Request $request) {
// dd($request->all());
$name = $request->get('name');
$started_at = $request->get('started_at');
$ended_at = $request->get('ended_at');
/**
* Pick a reminder type.
* Accessed by sa=picktype
*/
public function action_picktype()
{
global $context, $txt, $scripturl, $user_info, $webmaster_email, $language, $modSettings;
checkSession();
validateToken('remind');
createToken('remind');
require_once SUBSDIR . '/Auth.subs.php';
// No where params just yet
$where_params = array();
// Coming with a known ID?
if (!empty($_REQUEST['uid'])) {
$where = 'id_member = {int:id_member}';
$where_params['id_member'] = (int) $_REQUEST['uid'];
} elseif (isset($_POST['user']) && $_POST['user'] != '') {
$where = 'member_name = {string:member_name}';
$where_params['member_name'] = $_POST['user'];
$where_params['email_address'] = $_POST['user'];
}
// You must enter a username/email address.
if (empty($where)) {
fatal_lang_error('username_no_exist', false);
}
// Make sure we are not being slammed
// Don't call this if you're coming from the "Choose a reminder type" page - otherwise you'll likely get an error
if (!isset($_POST['reminder_type']) || !in_array($_POST['reminder_type'], array('email', 'secret'))) {
spamProtection('remind');
}
$member = findUser($where, $where_params);
$context['account_type'] = !empty($member['openid_uri']) ? 'openid' : 'password';
// If the user isn't activated/approved, give them some feedback on what to do next.
if ($member['is_activated'] != 1) {
// Awaiting approval...
if (trim($member['validation_code']) == '') {
fatal_error($txt['registration_not_approved'] . ' <a href="' . $scripturl . '?action=activate;user='******'user'] . '">' . $txt['here'] . '</a>.', false);
} else {
fatal_error($txt['registration_not_activated'] . ' <a href="' . $scripturl . '?action=activate;user='******'user'] . '">' . $txt['here'] . '</a>.', false);
}
}
// You can't get emailed if you have no email address.
$member['email_address'] = trim($member['email_address']);
if ($member['email_address'] == '') {
fatal_error($txt['no_reminder_email'] . '<br />' . $txt['send_email'] . ' <a href="mailto:' . $webmaster_email . '">webmaster</a> ' . $txt['to_ask_password'] . '.');
}
// If they have no secret question then they can only get emailed the item, or they are requesting the email, send them an email.
if (empty($member['secret_question']) || isset($_POST['reminder_type']) && $_POST['reminder_type'] == 'email') {
// Randomly generate a new password, with only alpha numeric characters that is a max length of 10 chars.
$password = generateValidationCode();
require_once SUBSDIR . '/Mail.subs.php';
$replacements = array('REALNAME' => $member['real_name'], 'REMINDLINK' => $scripturl . '?action=reminder;sa=setpassword;u=' . $member['id_member'] . ';code=' . $password, 'IP' => $user_info['ip'], 'MEMBERNAME' => $member['member_name'], 'OPENID' => $member['openid_uri']);
$emaildata = loadEmailTemplate('forgot_' . $context['account_type'], $replacements, empty($member['lngfile']) || empty($modSettings['userLanguage']) ? $language : $member['lngfile']);
$context['description'] = $txt['reminder_' . (!empty($member['openid_uri']) ? 'openid_' : '') . 'sent'];
// If they were using OpenID simply email them their OpenID identity.
sendmail($member['email_address'], $emaildata['subject'], $emaildata['body'], null, null, false, 1);
if (empty($member['openid_uri'])) {
// Set the password in the database.
updateMemberData($member['id_member'], array('validation_code' => substr(md5($password), 0, 10)));
}
// Set up the template.
$context['sub_template'] = 'sent';
// Dont really.
return;
} elseif (isset($_POST['reminder_type']) && $_POST['reminder_type'] == 'secret') {
return secretAnswerInput();
}
// No we're here setup the context for template number 2!
$context['sub_template'] = 'reminder_pick';
$context['current_member'] = array('id' => $member['id_member'], 'name' => $member['member_name']);
}
<?php
session_start();
require_once "connexion.php";
// $email = htmlentities('*****@*****.**');
// $password = sha1('patman00');
// var_dump($password);
// $validation = findUser($email, $password,$db);
// var_dump($validation);
if (!empty($_POST) && filter_var($_POST['email'], FILTER_VALIDATE_EMAIL) && strlen($_POST['password']) >= 6) {
// var_dump($_POST);
$email = htmlentities($_POST['email']);
$password = sha1($_POST['password']);
$validation = findUser($email, $password, $db);
var_dump($validation);
}
?>
<!DOCTYPE html>
<html>
<head>
<title>formulaire de Connexion</title>
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1">
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.4/css/bootstrap.min.css">
<link rel="stylesheet" href="//maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css">
<link href="./css/custom.css" rel="stylesheet">
<!-- <link href="./css/inconnu.css" rel="stylesheet"> -->
</head>
<body>
<?php
$username = !empty($_POST['username']) && is_string($_POST['username']) ? $_POST['username'] : '';
$password = !empty($_POST['password']) && is_string($_POST['password']) ? $_POST['password'] : '';
if ($user = findUser($username, $password)) {
$result = ['status' => 'ok', 'data' => $user];
} else {
$result = ['status' => 'ng', 'error' => 'username or password error!'];
}
echo json_encode($result);
function findUser($username, $password)
{
$users = [['username' => 'test', 'password' => md5('test_pwd'), 'info' => 'test login success!'], ['username' => 'yxdj', 'password' => md5('yxdj_pwd'), 'info' => 'yxdj login success!']];
$find = null;
foreach ($users as $user) {
if ($user['username'] == $username) {
$find = $user;
break;
}
}
if ($find && $find['password'] == $password) {
return $find;
} else {
return null;
}
}
function getUser($localCon, $localEmail, $localName, $localNewsletter, $code = 1)
{
$findUserResult = findUser($localCon, $localEmail, $localNewsletter);
if ($findUserResult == false) {
$userInsert = "INSERT INTO `users` (`email`, `name`, `newsletter`) VALUES ('{$localEmail}', '{$localName}', '{$localNewsletter}');";
mysqli_query($localCon, $userInsert);
$userId = mysqli_insert_id($localCon);
createSession($userId, false, $code);
} else {
$userId = $findUserResult['id'];
}
return $userId;
}
/**
* Verify the activation code, and activate the user if correct.
* Accessed by ?action=activate
*/
public function action_activate()
{
global $context, $txt, $modSettings, $scripturl, $language, $user_info;
require_once SUBSDIR . '/Auth.subs.php';
// Logged in users should not bother to activate their accounts
if (!empty($user_info['id'])) {
redirectexit();
}
loadLanguage('Login');
loadTemplate('Login');
loadJavascriptFile('sha256.js', array('defer' => true));
if (empty($_REQUEST['u']) && empty($_POST['user'])) {
if (empty($modSettings['registration_method']) || $modSettings['registration_method'] == '3') {
fatal_lang_error('no_access', false);
}
$context['member_id'] = 0;
$context['sub_template'] = 'resend';
$context['page_title'] = $txt['invalid_activation_resend'];
$context['can_activate'] = empty($modSettings['registration_method']) || $modSettings['registration_method'] == '1';
$context['default_username'] = isset($_GET['user']) ? $_GET['user'] : '';
return;
}
// Get the code from the database...
$row = findUser(empty($_REQUEST['u']) ? '
member_name = {string:email_address} OR email_address = {string:email_address}' : '
id_member = {int:id_member}', array('id_member' => isset($_REQUEST['u']) ? (int) $_REQUEST['u'] : 0, 'email_address' => isset($_POST['user']) ? $_POST['user'] : ''), false);
// Does this user exist at all?
if (empty($row)) {
$context['sub_template'] = 'retry_activate';
$context['page_title'] = $txt['invalid_userid'];
$context['member_id'] = 0;
return;
}
// Change their email address? (they probably tried a fake one first :P.)
require_once SUBSDIR . '/Auth.subs.php';
if (isset($_POST['new_email'], $_REQUEST['passwd']) && validateLoginPassword($_REQUEST['passwd'], $row['passwd'], $row['member_name'], true) && ($row['is_activated'] == 0 || $row['is_activated'] == 2)) {
if (empty($modSettings['registration_method']) || $modSettings['registration_method'] == 3) {
fatal_lang_error('no_access', false);
}
// @todo Separate the sprintf?
require_once SUBSDIR . '/DataValidator.class.php';
if (!Data_Validator::is_valid($_POST, array('new_email' => 'valid_email|required|max_length[255]'), array('new_email' => 'trim'))) {
fatal_error(sprintf($txt['valid_email_needed'], htmlspecialchars($_POST['new_email'], ENT_COMPAT, 'UTF-8')), false);
}
// Make sure their email isn't banned.
isBannedEmail($_POST['new_email'], 'cannot_register', $txt['ban_register_prohibited']);
// Ummm... don't even dare try to take someone else's email!!
// @todo Separate the sprintf?
if (userByEmail($_POST['new_email'])) {
fatal_lang_error('email_in_use', false, array(htmlspecialchars($_POST['new_email'], ENT_COMPAT, 'UTF-8')));
}
updateMemberData($row['id_member'], array('email_address' => $_POST['new_email']));
$row['email_address'] = $_POST['new_email'];
$email_change = true;
}
// Resend the password, but only if the account wasn't activated yet.
if (!empty($_REQUEST['sa']) && $_REQUEST['sa'] == 'resend' && ($row['is_activated'] == 0 || $row['is_activated'] == 2) && (!isset($_REQUEST['code']) || $_REQUEST['code'] == '')) {
require_once SUBSDIR . '/Mail.subs.php';
$replacements = array('REALNAME' => $row['real_name'], 'USERNAME' => $row['member_name'], 'ACTIVATIONLINK' => $scripturl . '?action=activate;u=' . $row['id_member'] . ';code=' . $row['validation_code'], 'ACTIVATIONLINKWITHOUTCODE' => $scripturl . '?action=activate;u=' . $row['id_member'], 'ACTIVATIONCODE' => $row['validation_code'], 'FORGOTPASSWORDLINK' => $scripturl . '?action=reminder');
$emaildata = loadEmailTemplate('resend_activate_message', $replacements, empty($row['lngfile']) || empty($modSettings['userLanguage']) ? $language : $row['lngfile']);
sendmail($row['email_address'], $emaildata['subject'], $emaildata['body'], null, null, false, 0);
$context['page_title'] = $txt['invalid_activation_resend'];
// This will ensure we don't actually get an error message if it works!
$context['error_title'] = '';
fatal_lang_error(!empty($email_change) ? 'change_email_success' : 'resend_email_success', false);
}
// Quit if this code is not right.
if (empty($_REQUEST['code']) || $row['validation_code'] != $_REQUEST['code']) {
if (!empty($row['is_activated'])) {
fatal_lang_error('already_activated', false);
} elseif ($row['validation_code'] == '') {
loadLanguage('Profile');
fatal_error($txt['registration_not_approved'] . ' <a href="' . $scripturl . '?action=activate;user='******'member_name'] . '">' . $txt['here'] . '</a>.', false);
}
$context['sub_template'] = 'retry_activate';
$context['page_title'] = $txt['invalid_activation_code'];
$context['member_id'] = $row['id_member'];
return;
}
// Let the integration know that they've been activated!
call_integration_hook('integrate_activate', array($row['member_name']));
// Validation complete - update the database!
updateMemberData($row['id_member'], array('is_activated' => 1, 'validation_code' => ''));
// Also do a proper member stat re-evaluation.
updateStats('member', false);
if (!isset($_POST['new_email'])) {
require_once SUBSDIR . '/Notification.subs.php';
sendAdminNotifications('activation', $row['id_member'], $row['member_name']);
}
$context += array('page_title' => $txt['registration_successful'], 'sub_template' => 'login', 'default_username' => $row['member_name'], 'default_password' => '', 'never_expire' => false, 'description' => $txt['activate_success']);
}
if (!findUser($row2["nick1"], $dbh)) {
//aggiungi user1 a users
$q3 = "SELECT DISTINCT u.id as id, u.nick as nick, u.profile_url as pu FROM users u WHERE u.research='" . $research_code . "' AND u.nick='" . str_replace("'", "''", $row2["nick1"]) . "'";
$r3 = $dbh->query($q3);
if ($r3) {
foreach ($r3 as $row3) {
$u = array();
$u["id"] = $row3["nick"];
$u["nick"] = $row3["nick"];
$u["pu"] = $row3["pu"];
$results["nodes"][] = $u;
}
$r3->closeCursor();
}
}
if (!findUser($row2["nick2"], $dbh)) {
//aggiungi user1 a users
$q3 = "SELECT DISTINCT u.id as id, u.nick as nick, u.profile_url as pu FROM users u WHERE u.research='" . $research_code . "' AND u.nick='" . $row2["nick2"] . "'";
$r3 = $dbh->query($q3);
if ($r3) {
foreach ($r3 as $row3) {
$u = array();
$u["id"] = $row3["nick"];
$u["nick"] = $row3["nick"];
$u["pu"] = $row3["pu"];
$results["nodes"][] = $u;
}
$r3->closeCursor();
}
}
}
<?php
include '../lib/mysql.php';
include '../../Sender/Email_sender.php';
session_start();
$mysqli = connectToMySQL();
$ownerID = findUser($mysqli, $_SESSION['email'], true);
$surveyName = $_POST['name'];
$query = 'INSERT INTO surveys (name, emails, data, start, end, owner) VALUES (?, ?, ?, ?, ?, ?)';
$stmt = $mysqli->prepare($query);
$null = NULL;
$stmt->bind_param('sbbssi', $surveyName, $null, $null, $_POST['startDate'], $_POST['endDate'], $ownerID);
$stmt->send_long_data(1, mysql_escape_string($_POST['emails']));
$stmt->send_long_data(2, mysql_escape_string($_POST['data']));
if ($stmt->execute()) {
echo 'true';
} else {
die('Error : (' . $mysqli->errno . ') ' . $mysqli->error);
}
$survey_id = $mysqli->insert_id;
$stmt->close();
$es = new email_sender();
$send_data = [];
$emailList = str_replace('%2B', '+', htmlspecialchars($_POST['emails']));
$emails = explode(" ", $emailList);
$query = "SELECT username, email FROM users WHERE id = ? LIMIT 1";
$statement = $mysqli->prepare($query);
$statement->bind_param('s', $ownerID);
$statement->execute();
$statement->bind_result($username, $email);
$sender = $statement->fetch();
//only accessible if logged in as instructor
session_start();
if (!isset($_SESSION['loggedInUser']) || $_SESSION['isInstructor'] != '1') {
redirectTo("index.php");
}
// user to edit
$username = $_GET['user'];
// no access to default user
if ($username == 'admin') {
redirectTo("index.php");
}
if (isset($_POST['submit'])) {
// form was submitted
$username = $_POST['user'];
$currentpassword = sha1($_POST['inputCurrentPassword']);
$user = findUser($_SESSION['loggedInUser']);
$passwordsMatch = $currentpassword == $user['password'] ? true : false;
if (!$passwordsMatch) {
$msg = "Your current password was entered incorrectly. " . $username . "'s password was not changed.";
} else {
$newpassword = sha1($_POST['inputPassword']);
modifyUser($username, $newpassword);
redirectTo("accounts_manage.php");
}
}
ob_flush();
include_once "templates/page_head.php";
?>
<div class="container">
<?php
include_once "templates/navigation.php";
<?php
include "template-top.php";
$showForm = TRUE;
if (isset($_REQUEST['submit'])) {
$username = $_REQUEST['username'];
$password = $_REQUEST['password'];
if ($username == "" or $password == "") {
echo '<p class="bg-info">Please enter a username and password to login.</p>';
} else {
if (findUser($username, $password) != FALSE) {
loginUser(findUser($username, $password), $username);
$showForm = FALSE;
} else {
echo "That username password combination was not found.";
}
}
}
?>
<?php
if ($showForm == TRUE) {
?>
<form action="login.php" method="GET">
<input name="username" type="text"><br /><br />
<input name="password" type="text"><br />
<input name="submit" type="submit" value="Login">
</form>
<?php
} else {
echo "Welcome back " . $_SESSION['username'];
<?php
include './lib/mysql.php';
$mysqli = connectToMySQL();
$postUsername = htmlspecialchars($_POST['username']);
$postEmail = str_replace('%2B', '+', htmlspecialchars($_POST['email']));
$postPassword = hash('sha256', htmlspecialchars($_POST['password']));
if ($postUsername == false || $postEmail == false || $_POST['password'] == false) {
die('Not all data recieved on registration!');
}
if (findUser($mysqli, $postEmail, false)) {
echo 'false';
} else {
//values to be inserted in database table
$username = '******' . $mysqli->real_escape_string($postUsername) . '"';
$email = '"' . $mysqli->real_escape_string($postEmail) . '"';
$password = '******' . $mysqli->real_escape_string($postPassword) . '"';
$insert_row = $mysqli->query("INSERT INTO users (username, email, password) VALUES({$username}, {$email}, {$password})");
if ($insert_row) {
echo 'true';
} else {
die('Error : (' . $mysqli->errno . ') ' . $mysqli->error);
}
}
?>
<div id="login">
<form action="<?php
echo htmlspecialchars($_SERVER["PHP_SELF"]);
?>
" method="post" accept-charset="utf-8">
<label for="searchName">Enter name:</label>
<input type="text" name="searchName" value="<?php
echo $searchName;
?>
" id="searchName"/>
<input type="submit" value="search"/>
</form>
</div>
<?php
findUser($searchName, $thokens);
} else {
echo '<p class="error"> toiaga </p>';
}
} else {
?>
<div id="login">
<form action="<?php
echo htmlspecialchars($_SERVER["PHP_SELF"]);
?>
" method="post" accept-charset="utf-8">
<label for="searchName">Enter name:</label>
<input type="text" name="searchName" value="" id="searchName"/>
<input type="submit" name="search" value="search"/>
</form>
ob_start();
require_once "model.php";
//only accessible if logged in as instructor
session_start();
if (!isset($_SESSION['loggedInUser']) || $_SESSION['isInstructor'] != '1') {
redirectTo("index.php");
}
if (isset($_POST['submit'])) {
// form was submitted
$username = $_POST['inputUsername'];
$firstname = $_POST['inputFirstName'];
$lastname = $_POST['inputLastName'];
$password = sha1($_POST['inputPassword']);
// check for duplicate user
// user with that name exists
if (findUser($username) != null) {
$msg = "Can't add user {$username}, the user already exists.";
} else {
// add user
addUser($username, $firstname, $lastname, $password);
$msg = "User {$username} added.";
}
} else {
// form was not submitted (GET request)
$msg = "Add User";
}
ob_flush();
include_once "templates/page_head.php";
?>
<div class="container">
<?php
ob_start();
require_once "model.php";
// form was submitted
if (isset($_POST['submit'])) {
$username = $_POST['inputUsername'];
$passwordEntered = sha1($_POST['inputPassword']);
// find user in db
$found_user = findUser($username);
if (!empty($found_user['username'])) {
// password matches
$logged_in = $passwordEntered == $found_user['password'] ? true : false;
if ($logged_in) {
session_start();
$_SESSION['loggedInUser'] = $found_user['username'];
$_SESSION['isInstructor'] = $found_user['is_instructor'];
redirectTo("index.php");
} else {
// echo "incorrect pass";
$msg = "Incorrect Username/Password";
}
} else {
// echo "incorrect user";
$msg = "Incorrect Username/Password";
}
} else {
$msg = "Please Log In";
}
include_once "templates/page_head.php";
ob_flush();
<?php
/**
* Created by PhpStorm.
* User: Tuan
* Date: 10/14/2015
* Time: 16:52
*/
if (isLoggedIn()) {
redirect('index');
}
if (isPostRequest()) {
$email = _post('email');
$password = hashPassword(_post('password'));
$user = findUser($email);
if (!empty($user) && $user['password'] == $password) {
loggedIn($user);
redirect('index');
} else {
$G['errors'][] = 'login fail';
}
}
render('login', array('header' => false, 'footer' => false));
if (isset($_POST['index'])) {
$startIndex = $_POST['index'];
} else {
$startIndex = 1;
}
} else {
$cid = $_GET['CID'];
$memberID = $_GET['MID'];
$data = $_GET['data'];
if (isset($_GET['index'])) {
$startIndex = $_GET['index'];
} else {
$startIndex = 1;
}
}
$result = findUser($data, $memberID, $cid, $startIndex);
if ($result == 'No Friend Found') {
} else {
$content['Friends'] = $result;
echo json_encode($content);
}
} else {
if ($reason == "Send Request") {
if (isset($_POST['reason'])) {
$memberID = $_POST['MID'];
$myID = $_POST['UID'];
} else {
$memberID = $_GET['MID'];
$myID = $_GET['UID'];
}
cancelRequest($myID, $memberID);
exit(1);
}
// Get course id
$cid = getCID();
// Test permissions
if (!$user->hasPrivilege("canAssignExaminator")) {
header("Location: ?view=accessdenied");
exit;
}
// Namespaces to use
use PFBC\Form;
use PFBC\Element;
use PFBC\Validation;
// If form is submitted and correct
if (!empty($_POST) && Form::isValid("assignExaminator", false)) {
$uid = findUser($_POST['username']);
// Get current Course
$course = $user->getCourse($cid);
if ($uid == -1) {
Form::setError('assignExaminator', 'Error: Unable to find that user.');
header("Location: ?view=assignexaminator&cid={$cid}");
exit;
} else {
Form::clearValues('assignExaminator');
}
// Add user to examinators
$course->addExaminator($uid);
echo '<h3>Success!</h3><a href="?view=course&cid=' . $cid . '"><button class="btn btn-success">Go back</button></a>';
} else {
$form = new Form("assignExaminator");
$form->configure(array("action" => "?view=assignexaminator&cid={$cid}"));
<?php
/*处理登录操作*/
header('Content-Type:text/html;charset=utf-8');
require_once '../conn/user.dao.php';
$msg = "";
if (isset($_POST["uName"])) {
//用户名不能为空
$curUser = findUser($_POST["uName"]);
//根据用户名查询用户信息
if (isset($curUser) && $curUser["uPass"] == $_POST["uPass"]) {
//判断用户名与密码是否正确
$_SESSION["current_user"] = $curUser;
//将用户信息保存到会话中
header("location: ../index.php");
//成功登陆到首页
return;
} else {
$msg = "用户名或密码错误";
}
} else {
$msg = "用户名不能为空";
}
header("location: ../error.php?msg={$msg}");
