$message->setSubject($subject); $message->setBody($body); $message->setFrom($entrantObj->email, $entrantObj->email); $message->setContentType("text/html"); $mailer = Swift_Mailer::newInstance($transport); if ($sendMail) { $mailer->send($message); } //Send Email to the invitee if ($returnAction == 'success') { $cfg->infoMessage = "Contest successfully entered and invitation sent. Your current total point is: {$entrantObj->point}."; } else { $cfg->infoMessage = '<h3>Contest invitation failed!</h3> <p>Please try again later.</p>'; } } else { $cfg->infoMessage = $thisPage->showError($errorArr); } } //Refered Visitor's Handler if (filter_input(INPUT_GET, "referer") != NULL && filter_input(INPUT_GET, "invitee") != NULL) { $entrantObj->email = Entrant::getSingle($dbObj, 'email', filter_input(INPUT_GET, "referer", FILTER_VALIDATE_INT)); $entrantObj->friends = filter_input(INPUT_GET, "invitee") ? filter_input(INPUT_GET, "invitee") : ""; $entrantObj->contest = $thisContestId; $friendNamesList = Entrant::getSingle($dbObj, 'names', $entrantObj->email); $friendEmailsList = Entrant::getSingle($dbObj, 'friends', $entrantObj->email); $friendEmailsArr = explode(",", $friendEmailsList); $friendNamesArr = explode(",", $friendNamesList); $inviteeName = $friendNamesArr[array_search(trim($entrantObj->friends), $friendEmailsArr)]; //strrpos($friendNamesList, $friendNamesArr[array_search(trim($entrantObj->friends), $friendEmailsArr)]."[m]"); if (in_array(trim($entrantObj->friends), $friendEmailsArr) && !strrpos($inviteeName, "[m]")) { if ($entrantObj->emailExists() == true) {
if (filter_input(INPUT_POST, "delete-user") !== NULL) { $userToDel = new User(); //Instantiate user class $userToDel->id = filter_input(INPUT_POST, 'hidden-user-id') ? mysqli_real_escape_string($dbObj->connection, filter_input(INPUT_POST, 'hidden-user-id', FILTER_VALIDATE_INT)) : ''; if (filter_input(INPUT_POST, 'hidden-user-id') === "") { array_push($errorArr, "Illegal Operation."); } //If validated and not empty submit it to database if (count($errorArr) < 1) { if ($userToDel->delete($dbObj, 'users') === 'success') { $msg = $thisPage->messageBox('User successfully deleted.', 'success'); } else { $msg = $thisPage->messageBox('User deletion failed.', 'error'); } } else { $msg = $thisPage->showError($errorArr); } } //Admin Role Changer button click handler if (filter_input(INPUT_POST, "upgrade-user") !== NULL) { if (filter_input(INPUT_POST, 'hidden-user-id') === "") { array_push($errorArr, "Illegal operation parameter 1."); } if (filter_input(INPUT_POST, 'hidden-user-role') === "") { array_push($errorArr, "Illegal operation parameter 2."); } if (count($errorArr) < 1) { $postRoleVar = 'Admin'; //set default role to activate if (filter_input(INPUT_POST, 'hidden-user-role') == 'Admin') { $postRoleVar = 'Editor';
array_push($errorArr, "Password Mismatch !!! "); if (filter_input(INPUT_POST, $postVar) == "") { array_push($errorArr, "Please confirm your password. "); } } default: if (filter_input(INPUT_POST, $postVar) == "") { array_push($errorArr, "Please enter a {$postVar} "); } } } if (count($errorArr) < 1) { $thisUser->password = mysqli_real_escape_string($dbObj->connection, filter_input(INPUT_POST, 'password1')); $thisUser->id = $_SESSION['USERID']; $newPassword = mysqli_real_escape_string($dbObj->connection, filter_input(INPUT_POST, 'password')); switch ($thisUser->changePassword($dbObj, 'users', $newPassword)) { case 'success': $_SESSION['topmsg'] = $thisPage->messageBox('Password successfully changed.', 'success'); $thisPage->redirectTo($_SERVER['HTTP_REFERER']); break; case 'error': $_SESSION['topmsg'] = $thisPage->messageBox('Password update failed. Please re-enter your details.', 'error'); $thisPage->redirectTo($_SERVER['HTTP_REFERER']); break; } } else { $_SESSION['topmsg'] = $thisPage->showError($errorArr); $thisPage->redirectTo($_SERVER['HTTP_REFERER']); } //Display error messages }