session_start(); $user = $_SESSION["username"]; include 'create-recipe-form.php'; //credentials include 'db-credentials.php'; //connect to db $conn = connectToDb($servername, $username, $password, $dbname); //get user id $userId; if (isset($_GET["user_id"])) { $userId = $_GET["user_id"]; if ($userId == '') { header('Location: fail.php'); } else { //check if admin $loggedUser = getAuthorId($conn, $user); //check status $sql = "SELECT isAdmin\n FROM Account\n WHERE user_id = '{$loggedUser}'"; $result = mysqli_query($conn, $sql); $row = mysqli_fetch_assoc($result); $isAdmin = $row["isAdmin"]; if ($isAdmin == 0) { header('Location: fail.php'); } } } else { header('Location: fail.php'); } //get username $sql = "SELECT username\n FROM Account\n WHERE user_id = '{$userId}'"; $result = mysqli_query($conn, $sql);
<?php session_start(); $user = $_SESSION["username"]; include 'create-recipe-form.php'; //credentials $servername = "localhost"; $username = "******"; $password = ""; $dbname = "cookbooknetwork"; //connect to db $conn = connectToDb($servername, $username, $password, $dbname); //get user id $userId = getAuthorId($conn, $user); ?> <!DOCTYPE html> <html> <head> <meta charset="UTF-8"> <meta name="description" content="A virtual cookbook that allows user's to view, create and share recipes."> <meta name="keywords" content="recipe, cookbook, food, ingredients"> <meta name="author" content="Cookbook Network Inc."> <link rel="stylesheet" type="text/css" href="page_style.css"> <link href='http://fonts.googleapis.com/css?family=Tangerine:700' rel='stylesheet' type='text/css'> <link href='http://fonts.googleapis.com/css?family=IM+Fell+Double+Pica' rel='stylesheet' type='text/css'> </head> <body> <img class="background-image" src="images/food_spaghetti_1920x1080_wallp_2560x1440_miscellaneoushi.com_.jpg" height="700"/>
<!DOCTYPE html> <html> <?php session_start(); include 'create-recipe-form.php'; include 'db-credentials.php'; //if form submitted if ($_SERVER['REQUEST_METHOD'] == "POST") { //connect to db $conn = connectToDb($servername, $username, $password, $dbname); $userId = getAuthorId($conn, $_SESSION["username"]); //if friend does not have account if (!checkPrivacy($conn)) { exit("Sorry, your friend(s) is not a registered user."); } $recipeName = getRecipeName($conn); $allSteps = getAllSteps($conn); $privacy = getPrivacy(); $recipeId = insertRecipeIntoDB($recipeName, $userId, $allSteps, $privacy, $conn); //if error in inserting recipe into db if ($recipeId < 0) { exit("Sorry, could not access database when adding recipe. Please try again."); } $photoPath = NULL; //check if image uploaded if (checkImageUploaded()) { $photo = getImageTmpName(); $photoPath = getImagePath($recipeId); if (!mkdir("images/" . $recipeId, 0777, true)) { exit('Could not upload image to server.');
$info[$key] = array('fullname' => trim($args[0]) . ', ' . $firstname, 'shortname' => trim($args[0]) . ', ' . $firstname[0], 'position' => trim($args[2]), 'start_date' => trim($args[3])); if (isset($args[4])) { $info[$key]['end_date'] = trim($args[4]); } } if (count($info) == 0) { exit('no data to update database with'); } //pdDb::debugOn(); $db = pdDb::newFromParams(); $positions =& getAicmlPositions($db); $staff = array(); foreach ($info as $key => $p) { $author_id = getAuthorId($db, $p['fullname']); if ($author_id < 0) { $author_id = getAuthorId($db, $p['shortname']); if ($author_id < 0) { // author information will not be added to database echo "author ", $p['fullname'], " not in database\n"; continue; } } // make sure the position matches the one in the database if (!in_array($p['position'], array_keys($positions))) { if ($p['position'] == 'PI') { $pos_id = $positions['Principal Investigator']; } else { if ($p['position'] == 'PDF') { $pos_id = $positions['Post Doctoral Fellow']; } else { if ($p['position'] == 'PhD') {