<?php $selected_page = "User"; require 'includes/header.php'; if (!isset($_SESSION['user_id']) && !isset($_SESSION['admin_id'])) { header('Location: login.php'); } if (!get_running1_batch_id() && !get_running2_batch_id() && !get_published_batch_id() && isset($_SESSION['user_id'])) { // destroy session session_destroy(); //unset cookies setcookie("username", "", time() - 7200); header('Location: login.php'); } if (isset($_SESSION['admin_id']) && !get_published_batch_id()) { header('Location: admin.php'); } ?> <div class="content"> <div class="topContent"> <?php if (isset($_SESSION['user_id'])) { if (get_published_batch_id()) { $user = $_SESSION['user_id']; $name = get_user_by_id($user); $batch = get_published_batch_id(); echo "<h2>" . get_text('Information') . " " . strtolower(get_text('About')) . ": {$name['0']} {$name['1']}</h2>"; ?> <p> <a href="pdf.php?id=<?php echo $_SESSION['user_id'];
function login($username, $password, $rememberme) { $username = sanitize($username); $password = sanitize($password); $rememberme = sanitize($rememberme); if (get_running1_batch_id() || get_running2_batch_id() || get_published_batch_id()) { $query = mysql_query("SELECT ID, Password, Username FROM user WHERE UPPER(Username) = UPPER('{$username}')"); if (!$query || mysql_num_rows($query) <= 0) { //echo mysql_error(); return get_text('Error_occured') . get_text('Do_you_have_account'); } else { $user = mysql_fetch_row($query); if (password_verify($password, $user['1'])) { if ($rememberme == "on") { setcookie("username", $username, time() + 7200); } else { if ($rememberme == "") { $_SESSION['user_id'] = $user['0']; $_SESSION['user_name'] = $user['2']; } } header('Location: index.php'); exit; } else { return get_text('Wrong_password'); } } } else { return get_text('Login_not_allowed'); } }
} else { $poll = $_GET['Poll']; $poll_status = get_poll_status($poll); $reviewee_id = get_poll_reviewee($poll); $reviewer_id = get_poll_reviewer($poll); $reviewee = get_user_by_id($reviewee_id); $reviewer = get_user_by_id($reviewer_id); if (isset($_GET['delete_comment'])) { if ($_SESSION['user_id'] == $reviewer_id) { delete_comment($poll); } } if (isset($_POST['answer_questions']) || isset($_POST['save_questions']) || isset($_POST['add_comment'])) { if ($_SESSION['user_id'] == $reviewer_id) { if (!isset($_POST['add_comment'])) { $poll = get_poll_by_reviewer_reviewee_batch($_SESSION['user_id'], $reviewee_id, get_running2_batch_id()); for ($question = 1; $question < 30; $question++) { $answer = $_POST[$question]; answer($poll, $question, $answer); } if (isset($_POST['answer_questions'])) { change_poll_status($poll, 'Ingestuurd'); $result = "<p>" . get_text('Poll_send_successfully') . "</p>"; if (isset($_POST['comment'])) { $comment = $_POST['comment']; add_poll_comment($poll, $comment); $result = "<p>" . get_text('Comment_added_successfully') . "</p>"; } } else { if (isset($_POST['save_questions'])) { change_poll_status($poll, 'Opgeslagen');
echo get_text('Send_reminder'); ?> "> </form> <?php if (isset($_POST['reminder_1'])) { foreach ($users as $user) { send_reminder_phase1($user['Username'], $user['Email']); } echo '<p>' . get_text('Reminder_send') . '.</p>'; } } else { echo get_text('Every_user_has_answered_own_poll_can_start_phase_2'); } } else { if (get_running2_batch_id()) { $users = get_users_not_answered_other_questions(); if ($users) { $number = 0; foreach ($users as $user) { $number++; } ?> <p style="width: 100%;"> <b><?php echo $number; ?> </b> <?php echo get_text('Users_have_not_filled_in_other_poll'); ?>
echo $batch['ID']; ?> "/> <?php if (get_batch_status_name($batch['Status']) == 'Init') { ?> <input type="submit" name="change_batch_status" onclick="change_batchstatus(<?php echo $batch['ID']; ?> , 'Start')" value="<?php echo get_text('Start_phase_1'); ?> " <?php if (get_running1_batch_id() || get_running2_batch_id() || get_calculating_batch_id() || get_accepted_batch_id()) { echo 'disabled="disabled"'; } ?> /> <?php } else { if (get_batch_status_name($batch['Status']) == 'Running1') { ?> <input type="submit" name="change_batch_status" onclick="change_batchstatus(<?php echo $batch['ID']; ?> , 'Calculate')" value="<?php echo get_text('Calculate_polls');