function getAllCategoriesDetails()
{
$db = new database();
$db->pick_db("workoutlog");
$res = $db->send_sql("SELECT table_name, column_name, data_type FROM information_schema.columns WHERE table_schema='workoutlog' and table_name LIKE 'tbl_workoutlog_category_%'");
$categories = $res->fetch_all(MYSQLI_ASSOC);
foreach ($categories as $category) {
$categoryName = substr($category['table_name'], 24);
$columnName = $category['column_name'];
$columnDataType = $category['data_type'];
if (strtolower($columnName) != strtolower($categoryName . "Id") && strtolower($columnName) != strtolower("ExerciseId")) {
$allCategoriesDetails[$categoryName][$columnName] = $columnDataType;
}
}
return json_encode($allCategoriesDetails);
}
</form>
</div>
</div>
<div class="container">
<fieldset>
<legend>Content</legend>
<?php
//change to your path
include "./include/DB.php";
$LIMITATION = 10;
$db = new database();
$db->connect();
$query_question = "SELECT user.Name,questions.Title,questions.time,questions.QID\n FROM `user` \n INNER JOIN `questions`\n ON user.UID=questions.UID\n";
if (!($res_question = $db->send_sql($query_question))) {
$db->disconnect();
echo "Get Questions failed!<br>\n";
return -1;
}
$num = mysqli_num_rows($res_question);
$i = 0;
while ($i < $num) {
$content = $res_question->fetch_assoc();
$content_question[$i][0] = $content['Name'];
$content_question[$i][1] = $content['Title'];
$content_question[$i][2] = $content['time'];
$content_question[$i][3] = $content['QID'];
$i++;
}
$i = 0;
}
return implode($pass);
//turn the array into a string
}
$db = new database();
$db->setup(DB_USER, DB_PASS, DB_HOST, DB_NAME);
if ($_POST["proftype"] == "advisor") {
ini_set('SMTP', 'localhost');
ini_set('sendmail_from', '*****@*****.**');
$header = 'From: webmaster@example.com' . "\r\n" . 'Reply-To: webmaster@example.com' . "\r\n" . 'X-Mailer: PHP/' . phpversion();
$rpass = randomPassword();
echo "Advisor has been created and password is ";
echo $rpass;
//mail($profmail,"password for subject waiver account",$rpass,$header);
$createinstructor = "INSERT INTO instructor (i_id, i_name,ph_no,i_email,advisor_bool,admin_bool,department) VALUES ('" . $profid . "', '" . $profname . "', '" . $profphone . "', '" . $profmail . "', '1', '0','" . $profdept . "')";
$db->send_sql($createinstructor);
$hpassword = md5($rpass);
//Hashing the password
$createlogin = "******" . $profid . "','" . $hpassword . "')";
$db->send_sql($createlogin);
} elseif ($_POST["proftype"] == "admin") {
$createinstructor = "INSERT INTO instructor (i_id, i_name,ph_no,i_email,advisor_bool,admin_bool,department) VALUES ('" . $profid . "', '" . $profname . "', '" . $profphone . "', '" . $profmail . "', '0', '1','" . $profdept . "')";
$db->send_sql($createinstructor);
$rpass = randomPassword();
echo "Admin has been created and password is ";
echo $rpass;
$hpassword = md5($rpass);
//Hashing the password
$createlogin = "******" . $profid . "','" . $hpassword . "')";
$db->send_sql($createlogin);
} else {
header('Content-Type: application/json');
$db = new database();
$results = array();
if (isset($_POST['post']) && isset($_POST['for_name']) && $_POST['post'] != '') {
if (isset($_POST['showName'])) {
$showName = $db->escape($_POST['showName']);
if ($showName === true || $showName === 'true') {
$showName = 1;
} else {
$showName = 0;
}
} else {
$showName = 0;
}
if ($session->checkLoggedIn() === true) {
$db->send_sql("insert into ownage(u_id) values ('{$session->uid}')");
$ownage = $db->insert_id();
date_default_timezone_set('UTC');
$post = $db->escape($_POST['post']);
$for_name = $db->escape($_POST['for_name']);
$query = 'insert into posts(u_id, post, showName, ownage_id, for_name) values (\'' . $session->uid . '\', \'' . $post . '\', \'' . $showName . '\', \'' . $ownage . '\', \'' . $for_name . '\')';
$db->send_sql($query);
array_push($results, "success");
} else {
array_push($results, "Please log in");
}
} else {
if (isset($_POST['delete']) && $_POST['delete'] != '') {
$delete = $db->escape($_POST['delete']);
if ($session->isAdmin()) {
$query = 'update posts set hidden=1 where p_id=\'' . $delete . '\'';
<?php
session_start();
include "databaseClassMySQLi.php";
//include("projconfig.php");
$db = new database();
$db->setup(DB_USER, DB_PASS, DB_HOST, DB_NAME);
if (isset($_POST['sit']) && isset($_POST['password'])) {
$sit = addslashes(strip_tags($_POST['sit']));
$password = md5($_POST['password']);
$sql = "SELECT * FROM login WHERE id='{$sit}' AND password='******' ";
$res = $db->send_sql($sql);
$row = mysqli_num_rows($res);
if ($row > 0) {
$_SESSION['cwid'] = $sit;
echo 'true';
} else {
echo 'false';
}
}
if (!isset($_POST["submit"])) {
echo 'Please use the form to enter the fields';
} else {
$courseprofname = $_POST["courseprofname"];
$db1 = new database();
$db1->setup(DB_USER, DB_PASS, DB_HOST, DB_NAME);
$courseprofid = "SELECT i_id FROM instructor WHERE i_name='" . $courseprofname . "'";
$res = $db1->send_sql($courseprofid);
$courserefid = "SELECT course_id FROM course WHERE i_id='" . $row['i_id'] . "'";
$res1 = $db1->send_sql($courserefid);
$db2 = new database();
$db2->setup(DB_USER, DB_PASS, DB_HOST, DB_NAME);
while (($fetch = mysqli_fetch_array($res1)) != NULL) {
$row = $db1->next_row();
$selfile = "SELECT subq_id FROM files WHERE course_id='" . $row1['course_id'] . "'";
$res3 = $db2->send_sql($selfile);
$row3 = $db2->next_row();
$selsubq = "SELECT s_id FROM submissionqueue WHERE subq_id='" . $row3['subq_id'] . "'";
$res4 = $db2->send_sql($selsubq);
$row4 = $db2->next_row();
$delstud = "DELETE FROM student WHERE s_id='" . $row4['s_id'] . "'";
$res5 = $db2->send_sql($delstud);
$delsubq = "DELETE FROM submissionqueue WHERE subq_id='" . $row3['subq_id'] . "'";
$res6 = $db2->send_sql($delsubq);
/*$delfile="DELETE FROM files WHERE course_id='".$row1['course_id']."'";
$res7=$db1->send_sql($delfile);
/*$delsubt="DELETE FROM submissiontype WHERE course_id='".$row1['course_id']."'";
$res8=$db1->send_sql($delsubt);*/
$delcoursename = "DELETE FROM course WHERE course_id='" . $row['i_id'] . "'";
$res9 = $db2->send_sql($delcoursename);
<head>
<title>File upload</title>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<link rel="stylesheet" type="text/css" href="style.css">
</head>
<body bgcolor="#E6E6FA">
<form id = "theForm" action = "add_file.php" method = "POST" enctype = "multipart/form-data">
<?php
include "headerStudent.php";
include "databaseClassMySQLi.php";
//include("projconfig.php");
$databaseObj = new database();
$databaseObj->setup(DB_USER, DB_PASS, DB_HOST, DB_NAME);
$courseid = addslashes(strip_tags($_POST["course"]));
$query = "SELECT * FROM submissiontype WHERE course_id='" . $courseid . "'";
$result = $databaseObj->send_sql($query);
while ($row = $databaseObj->next_row()) {
$jsonData = stripslashes($row['submission_type']);
$jsonArray = json_decode($jsonData, true);
foreach ($jsonArray as $key => $key_v) {
echo "<b>" . $key . ":</b><br>";
foreach ($key_v as $value => $element) {
echo "<label for='{$element}'>{$element}</label>";
echo "<input type='file' name='{$element}' /><br/>";
}
}
}
?>
<input type ="hidden" name = "hid" value = "<?php
if (isset($_POST['course'])) {
echo $_POST['course'];
ob_start();
session_start();
include "databaseClassMySQLi.php";
//include("projconfig.php");
$db = new database();
$db->setup(DB_USER, DB_PASS, DB_HOST, DB_NAME);
$datab = new database();
$datab->setup(DB_USER, DB_PASS, DB_HOST, DB_NAME);
if (isset($_POST['sit']) && isset($_POST['password'])) {
$sid = addslashes(strip_tags($_POST['sit']));
$password = md5($_POST['password']);
// $password=$_POST['password'];
$sit = intval($sid);
$queryIns = "SELECT * FROM instructor WHERE i_id=" . $sit;
$query = "SELECT * FROM login WHERE id='{$sit}' AND password='******' ";
$res1 = $db->send_sql($queryIns);
$row1 = mysqli_num_rows($res1);
$ans = mysqli_fetch_array($res1);
$admin_bool = $ans['admin_bool'];
$res = $datab->send_sql($query);
$row = mysqli_num_rows($res);
if ($row1 > 0) {
if ($row > 0) {
$_SESSION['admin_bool'] = $admin_bool;
$_SESSION['cwid'] = $sit;
echo 'true';
}
} else {
echo 'false';
}
}
include "Includes/commonFuncs.php";
if (isset($_POST["exercises"]) && isset($_POST["date"]) && isset($_SESSION["username"])) {
$exercises = $_POST["exercises"];
$date = $_POST["date"];
$username = $_SESSION["username"];
$db = new database();
$db->pick_db("workoutlog");
$userId = getUserIdFromUsername($username);
if ($userId != null) {
//Add workout to tbl_workoutlog_workout, get workoutId
$stmt = $db->prepare("INSERT INTO tbl_workoutlog_workout (UserId, WorkoutDate) VALUES (?, STR_TO_DATE(?, '%Y-%m-%d'))");
$stmt->bind_param('is', $userId, $date);
$stmt->execute();
if ($stmt->affected_rows == 1) {
$stmt->free_result();
$res = $db->send_sql("SELECT LAST_INSERT_ID() AS Id");
if ($res->num_rows > 0) {
$row = $res->fetch_assoc();
$workoutId = $row['Id'];
foreach ($exercises as $exercise) {
//Add each exercise to tbl_WorkoutLog_Exercise linking to the workoutId
$stmt = $db->prepare("SELECT ExerciseNameId FROM tbl_workoutlog_exercisename WHERE ExerciseName = ?");
$stmt->bind_param('s', $exercise['name']);
$stmt->execute();
$stmt->bind_result($exerciseNameId);
$stmt->fetch();
$stmt->free_result();
if ($exerciseNameId == null) {
//New exercise name, add it to tbl_workoutlog_exercisename
$stmt = $db->prepare("INSERT INTO tbl_workoutlog_exercisename (ExerciseName, ExerciseCategory) VALUE (?, ?)");
$stmt->bind_param('ss', $exercise['name'], $exercise['category']);
<?php
ob_start();
session_start();
if (!isset($_SESSION['username'])) {
header('Location:index.php');
}
include "./Class_Database.php";
$db = new database();
//$db->setup("kaushal", "kaushal", "localhost", "jobportaldb");
$userid = $_GET['id'];
$query = "Select * from users where id_user={$userid}";
$res = $db->send_sql($query);
if (mysql_num_rows($res) > 0) {
while ($row = mysql_fetch_array($res)) {
$to = stripslashes($row["email_user"]);
}
}
if (isset($res)) {
unset($res);
}
$username = $_SESSION['username'];
$query1 = "Select * from admin where username='******' and usertype='admin'";
$res1 = $db->send_sql($query1);
if (mysql_num_rows($res1) > 0) {
while ($row = mysql_fetch_array($res1)) {
$from = stripslashes($row["email"]);
}
}
?>
<html xmlns="http://www.w3.org/1999/xhtml">
<header> <h1> Waiver Request Form</h1><header>
<div id="form">
<form id="theForm" method="post" action="upload.php" >
<p><label>Select your major:</label>
<select name="department" required="">
<option value="" disabled selected>---Select your major-----</option>
<?php
include "databaseClassMySQLi.php";
//include ("projconfig.php");
$db = new database();
$db->setup(DB_USER, DB_PASS, DB_HOST, DB_NAME);
$res = $db->send_sql("SELECT DISTINCT department FROM course");
$db1 = new database();
$db1->setup(DB_USER, DB_PASS, DB_HOST, DB_NAME);
$res1 = $db1->send_sql("SELECT DISTINCT course_id FROM course");
while (($row = mysqli_fetch_array($res)) != NULL) {
echo "<option>" . $row['department'] . "</option>";
}
?>
</select></p><br>
<p> <label for="course">Select the course you wish to enroll:</label>
<select name="course" required="">
<option value="" disabled selected>-----Select the course you want the waiver for----</option>
<?php
while (($row = mysqli_fetch_array($res1)) != NULL) {
echo "<option>" . $row['course_id'] . "</option>";
}
<header>
<center><h1>Remove Instructor and Remove Course Form</h1></center>
</header>
<div class="form">
<form id="deletecourse1" name="deletecourse1" action="deletecourse2.php" method="post">
<p><label>Enter the instructor you wish to remove</label></p><br>
<select name="courseprofname">
<option>---Select the name of the professor---</option>-->
<?php
include "databaseClassMySQLi.php";
$db = new database();
$db->setup(DB_USER, DB_PASS, DB_HOST, DB_NAME);
$res = $db->send_sql("SELECT * FROM instructor");
while (($row = mysqli_fetch_array($res)) != NULL) {
echo "<option>" . $row['i_name'] . "</option>";
}
?>
</select><br><br>
<input type="submit" name="submit">
</form>
</div>
</div>
</body>
</html>
<p><label>Enter the pre-requisite course required</label></p><br>
<input type="text" name="prerequisite" pattern="^[a-zA-Z]{2,3}[0-9]{3}" title="Enter valid course ID, eg:CS123" required=""><br>
<p><label>Enter the name of the professor</label></p><br>
<select name="courseprofname" required="">
<option>---Select the name of the professor---</option>-->
<?php
include "databaseClassMySQLi.php";
//include("projconfig.php");
$db = new database();
$db1 = new database();
$db->setup(DB_USER, DB_PASS, "localhost", DB_NAME);
$db1->setup(DB_USER, DB_PASS, "localhost", DB_NAME);
$res = $db->send_sql("SELECT DISTINCT i_name FROM instructor");
$res1 = $db1->send_sql("SELECT DISTINCT department FROM course");
//$num_row= mysqli_num_rows($res);
while (($row = mysqli_fetch_array($res)) != NULL) {
//$row = $db->next_row();
echo "<option>" . $row['i_name'] . "</option>";
//$num_row=$num_row-1;
}
?>
</select>
<p><label>Enter the name of the major</label></p><br>
<select name="coursemajor" required="">
<option>---Select the name of the major---</option>
<option value="NONE">---Select your major---
<option value="BME">Biomedical Engineering
<fieldset>
<legend>Search Result</legend>
<?php
$search_word = $_POST["search_input"];
if (empty($search_word)) {
echo "None input";
} else {
$search_word2 = addslashes($search_word);
//echo $search_word2;
include "../include/DB.php";
$db = new database();
$db->connect();
$query_search_title = "SELECT user.Name,questions.Title,questions.time,questions.QID\r\n\t From `user`\r\n\t\t\t\t INNER JOIN `questions`\r\n\t\t\t\t ON user.UID=questions.UID\r\n\t\t\t\t where Title Like '%{$search_word2}%'\r\n\t";
$query_search_content = "SELECT user.Name,questions.Content,questions.time,questions.QID,questions.Title\r\n\t From `user`\r\n\t\t\t\t\t\t INNER JOIN `questions`\r\n\t\t\t\t\t\t ON user.UID=questions.UID\r\n\t\t\t\t\t\t where Content LIKE '%{$search_word2}%'\r\n\t";
if (!($res_search = $db->send_sql($query_search_title))) {
$db->disconnect();
echo "Get search result failed!<br>\n";
return -1;
}
$i = 0;
$num_title = mysqli_num_rows($res_search);
while ($i < $num_title) {
$content = $res_search->fetch_assoc();
$str = $content['Title'];
$rep = "<span style=\"background-color: #66CCFF\">" . $search_word . "</span>";
$str = preg_replace('/' . $search_word . '/i', $rep, $str);
echo "<div class=\"jumbotron\">\n";
echo "<h4><a href=\"edit_answer.php?var=" . $content['QID'] . "\" >" . $str . "</a></h4>\n";
echo "<h6>Poster:" . $content['Name'] . "</h6>\n";
echo "<h6>Time:" . $content['time'] . "</h6>\n";
<?php
//get
//votePost.php?p_id=1&up
//votePost.php?p_id=1&down
require_once "include/databaseClassMySQLi.php";
require_once "include/session.php";
header('Content-Type: application/json');
$db = new database();
$results = array();
if (isset($_POST['p_id']) && $_POST['p_id'] != '') {
$p_id = $db->escape($_POST['p_id']);
if (isset($_POST['up'])) {
$query = 'select value from post_votes where p_id=\'' . $p_id . '\' and u_id=\'' . $session->uid . '\'';
$db->send_sql($query);
$row = $db->next_row();
if ($row === false || empty($row)) {
$query = 'insert into post_votes (p_id, u_id, value) values(\'' . $p_id . '\', \'' . $session->uid . '\', 1)';
$db->send_sql($query);
$query = 'update posts set votes = votes + 1 where p_id=' . $p_id;
$db->send_sql($query);
} else {
$query = 'update post_votes set value=1 where p_id=\'' . $p_id . '\' and u_id=\'' . $session->uid . '\'';
$db->send_sql($query);
$value = $row['value'];
if ($value == -1) {
$query = 'update posts set votes = votes + 2 where p_id=\'' . $p_id . '\'';
$db->send_sql($query);
}
}
} else {
<a href="emptrash.php"><br/>Trash</a></label></td>
</tr>
</table>
</div>
</div>
<!--FIRST COLUMN-->
<!--SECOND COLUMN-->
<div style="float:left; width:70%; background-color:#FFF">
<div style="padding:10px">
<h2>Send Message</h2>
<?php
$query2 = "Select * from admin_message where to_user='******' and from_user='******'and blockmessage= 1";
//echo $query2;
$res2 = $db->send_sql($query2);
if (mysql_num_rows($res2) > 0) {
echo "You are blocked by {$from_user}";
} else {
?>
<form action="empsavesendmessage.php" name="frmmessage" method="post" onSubmit="return ValidateForm(this)">
<table border="0" cellpadding="2" cellspacing="0" style="font-family:Verdana, Geneva, sans-serif; font-size:12px">
<tr>
<td id="errormessage" colspan="2" align="left">
<?php
if (isset($_GET['e']) && $_GET['e'] == 1) {
echo "<b style='color:red'>Please Enter Subject Name!</b>";
} else {
if (isset($_GET['e']) && $_GET['e'] == "2") {
echo "<b style='color:red'>Please Enter Message Body!</b>";
if ($mime != 'application/pdf') {
$databaseObj->__destruct();
header('location:waiver.php');
}
}
foreach ($_FILES as $x => $x_value) {
if (isset($_FILES[$x])) {
// Make sure the file was sent without errors
if ($_FILES[$x]['error'] == 0) {
/*echo $_FILES['uploaded_file']['name'];
echo $_FILES['uploaded_file']['type'];
echo file_get_contents($_FILES ['uploaded_file']['tmp_name']);*/
// Gather all required data
if ($flag == false) {
$q = "INSERT INTO submissionqueue (s_id, time_stamp, status, comments) VALUES ('{$s_id}', '" . time() . "', 'Pending', ' ')";
$db->send_sql($q);
$q = "SELECT MAX(subq_id) as subq_id FROM submissionqueue";
$r = $db->send_sql($q);
while (list($subid) = mysqli_fetch_array($r)) {
$subq_id = $subid;
}
$flag = true;
}
$name = $databaseObj->escape($_FILES[$x]['name']);
$mime = $databaseObj->escape($_FILES[$x]['type']);
$data = $databaseObj->escape($_FILES[$x]['tmp_name']);
$size = intval($_FILES[$x]['size']);
$fhand = fopen($data, 'r');
$content = fread($fhand, filesize($data));
$content = addslashes($content);
fclose($fhand);
<?php
include "databaseClassMySQLi.php";
if ($_SESSION['admin_bool'] == 1) {
include "headerInstructorAdvisor.php";
} else {
include "headerInstructor.php";
}
if (!isset($_POST["submit"])) {
echo 'Please use the form to enter the fields';
} else {
$courseid = addslashes(strip_tags($_POST["courseid"]));
$coursename = addslashes(strip_tags($_POST["coursename"]));
$courseprofname = addslashes(strip_tags($_POST["courseprofname"]));
$coursemajor = addslashes(strip_tags($_POST["coursemajor"]));
$prerequisite = addslashes(strip_tags($_POST["prerequisite"]));
//echo $courseprofid;
$db = new database();
$db->setup(DB_USER, DB_PASS, DB_HOST, DB_NAME);
$fetchprofid = "SELECT i_id FROM instructor WHERE i_name='" . $courseprofname . "'";
$res = $db->send_sql($fetchprofid);
$row = $db->next_row();
$courseprofid = $row['i_id'];
$createcourse = "INSERT INTO course (course_id,course_name,i_id,department,prerequisite) VALUES ('" . $courseid . "', '" . $coursename . "', '" . $courseprofid . "', '" . $coursemajor . "','" . $prerequisite . "')";
$db->send_sql($createcourse);
echo "<html><body><h1> Course Created successfully </h1></body></html>";
}
//}
?>
</body>
</html>
<!--Inbox-->
<div style="float:left; width:70%; background-color:#FFF">
<div style="padding:10px">
<hr size="1" color="#069" align="center">
<h2>Deleted Message</h2>
<hr size="1" color="#069" align="center">
<br/>
<?php
include "./Class_Database.php";
$db = new database();
//$db->setup("kaushal", "kaushal", "localhost", "jobportaldb");
$username = $_SESSION['username'];
$query = "select * from users where name_user='******' ";
//echo $query;
$res = $db->send_sql($query);
if (mysql_num_rows($res) > 0) {
while ($row = mysql_fetch_array($res)) {
$from = stripslashes($row["email_user"]);
//echo $from;
}
}
if (isset($res)) {
unset($res);
}
//$username = $_SESSION['username'];
$query = "Select * from admin_message where (from_user='******'and is_deletesent=1) or (to_user='******' and is_delete=1)";
//echo $query;
//echo $query;
$res = $db->send_sql($query);
//If Experience Detail is available show them in one table.
}
}
?>
<div class="container">
<fieldset>
<legend>Articles</legend>
<?php
$db = new database();
$db->connect();
$query_article = "SELECT user.Name,article.*,user.UID\r\n FROM `user`\r\n\t\t\t\tINNER JOIN `article`\r\n\t\t\t\tON user.UID=article.UID\r\n";
if (!($res_article = $db->send_sql($query_article))) {
$db->disconnect();
echo "Get Questions failed!<br>\n";
return -1;
}
$i = 0;
$num = mysqli_num_rows($res_article);
while ($i < $num) {
$content = $res_article->fetch_assoc();
echo "<div class=\"jumbotron\">\n";
echo "<h4><a href=\"article_view.php?var=" . $content['ArtID'] . "\">" . $content['Title'] . "</a></h4>";
echo "<h6>Author:" . $content['Name'] . "</h6>\n";
echo "<h6>Time:" . $content['Time'] . "</h6>\n";
echo "</div>";
$i++;
}
<?php
ob_start();
session_start();
include "./Class_Database.php";
$db = new database();
//$db->setup("kaushal", "kaushal", "localhost", "jobportaldb");
$query = "Select * from admin where id_admin='1'";
if ($res = $db->send_sql($query)) {
if (mysql_num_rows($res) > 0) {
while ($row = mysql_fetch_array($res)) {
$contactus = str_replace("\n", "<br/>", stripslashes($row["contactus"]));
}
}
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Contact Us</title>
<link rel="stylesheet" type="text/css" media="screen" href="css/maincss.css">
<script type="text/javascript">
function ShowJsLogin()
{
document.getElementById("JS").style.color="#FFF";
document.getElementById("EMP").style.color="#045";
document.getElementById("L1").innerHTML="<form action='login.php' method='post' name='loginform'><label for='username'>Username:</label><input type='text' name='username' placeholder='Username' /><label for='password'>Password:</label><input type='password' name='password' placeholder='Password' /><input type='hidden' name='usertype' value='JobSeeker' /><br /><input type='submit' name='login' value='Login' /></form><form action='register.php' method='post' name='registerform' style='font-size:10px'><br /><label style='font-family:Verdana, Geneva, sans-serif'>Don't Have a JobSeeker Account?</label><input type='submit' style='border:none; background:none; cursor:pointer; padding:0; font-family:Tahoma, Geneva, sans-serif; font-size:11px; font-weight:bold' name='register' value='Register' /><br /><br /><a href='forget.php' style='text-decoration:none; color:#000'>Forgot your Username/Passwod?</a><input type='hidden' name='usertype' value='JobSeeker' /></form>";
}
<?php
ob_start();
session_start();
if (!isset($_SESSION['username'])) {
header('Location:index.php?profile=EMP');
}
//include("Combo_Values.php");
$id = $_SESSION['userid'];
if (isset($id)) {
include "./Class_Database.php";
$db = new database();
//$db->setup("root", "", "localhost", "jobportaldb");
$Query = "SELECT * from emp_personalinfo where id_user={$id}";
$res = $db->send_sql($Query);
while ($row = mysql_fetch_array($res)) {
$companyname = stripslashes($row['companyname']);
$companyprofile = stripslashes($row['companyprofile']);
$companytype = stripslashes($row['companytype']);
$contactpersonfirstname = stripslashes($row['contactpersonfirstname']);
$contactpersonlastname = stripslashes($row['contactpersonlastname']);
$designation = stripslashes($row['designation']);
$phonenumber = stripslashes($row['phonenumber']);
$mobilenumber = stripslashes($row['mobilenumber']);
$email = stripslashes($row['email']);
$url = stripslashes($row['url']);
$address1 = stripslashes($row['address1']);
$address2 = stripslashes($row['address2']);
$city = stripslashes($row['city']);
$state = stripslashes($row['state']);
$zip = stripslashes($row['zip']);
