<?php include_layout_template('admin_menu.php'); ?> <div class="span9"> <h2>Send Mail To Admin</h2> <hr> <h3>Note:</h3> <ul> <li>This function is used for sending of mails to other admins</li> <li>You will be required to enter your unijos mail password before you can send the mail</li> </ul> <?php $database = new MySQLDatabase(); $sql_all_users = $database->query("SELECT * FROM admin_users"); $admin_details = AdminLog::find_by_sql("SELECT * FROM admin_users WHERE user_id='" . $session->applicant_id . "'"); $admin_details = array_shift($admin_details); ?> <form action="" method="POST" class="form-horizontal sendmail" id="sendmail" > <div class="control-group"> <label class="control-label" for="inputEmail">Email: </label> <div class="controls"> <div class="input-prepend"> <span class="add-on"><i class="icon-envelope"></i></span> <input type="text" class="input-large" value="<?php echo $admin_details->email; ?> " id="email" name="email" readonly /> </div> </div>
<?php require_once "../../inc/initialize.php"; //print_r ($_POST); $email = htmlspecialchars($_POST['email'], ENT_QUOTES); $staff_id = htmlspecialchars($_POST['staffid'], ENT_QUOTES); //checks if an account with the email & phone number already exists $sql = "SELECT * FROM `admin_users` WHERE `email`='" . $email . "' OR `staff_id`= '" . $staff_id . "' LIMIT 1"; $user_exists = AdminLog::find_by_sql($sql); foreach ($user_exists as $user_exist) { $user_exist->email; $user_exist->staff_id; } if ($user_exist->email == $email) { sleep(2); echo '<h4 class="alert alert-error">Error</h4>'; echo '<hr>'; echo "The E-mail:<font color='#FF0000'>'" . $user_exist->email . "'</font> already exists in our database"; echo '<br>'; echo 'Use the Close Button to Continue'; } elseif ($user_exist->staff_id == $staff_id) { sleep(2); echo '<h4 class="alert alert-error">Error</h4>'; echo '<hr>'; echo "The Staff ID:<font color='#FF0000'> '" . $user_exist->staff_id . "'</font> already exists in our database"; echo '<br>'; echo 'Use the Close Button to Continue'; } else { $user = new AdminLog(); $user->surname = htmlspecialchars($_POST['surname'], ENT_QUOTES); $user->othernames = htmlspecialchars($_POST['othernames'], ENT_QUOTES);
require_once "../../inc/initialize.php"; $staff_id = htmlspecialchars($_POST['staff_id'], ENT_QUOTES); $pass = htmlspecialchars($_POST['apassword'], ENT_QUOTES); // Ensure password is not the default // if($pass == '' || $pass == 'pass' || $pass == 'password') { // sleep(2); // echo '<h4 class="alert alert-error">Error</h4>'; // echo '<hr>'; // echo 'Your password is too predictable.'; // } $password = sha1($pass); //Create the greeting message $display_greeting = greeting(); //check if an admin account with the staff_id & password already exists $sql = "SELECT * FROM `admin_users` WHERE `staff_id`='" . $staff_id . "' AND `password`= '" . $password . "' LIMIT 1"; $user = AdminLog::find_by_sql($sql); $user = array_shift($user); if (empty($user)) { // Your don't have an account yet or email and password combination wrong sleep(2); echo '<h4 class="alert alert-error">Error</h4>'; echo '<hr>'; echo 'Your information does not exist in our database it may be due to the following reasons.'; echo '<ol>'; echo '<li>Your staff_id and password combination is wrong.</li>'; echo '<li>You do not have an account.</li>'; echo '</ol>'; } else { // store applicant_id in session $adminLog = new AdminLog(); $adminLog->user_id = $user->user_id;