function Html_catalog_ratings() { $getRatings = getRatings(); ?> <style> html.wp-toolbar { padding:0px !important; } #wpadminbar,#adminmenuback,#screen-meta, .update-nag,#dolly { display:none; } #wpbody-content { padding-bottom:30px; } #adminmenuwrap {display:none !important;} .auto-fold #wpcontent, .auto-fold #wpfooter { margin-left: 0px; } #wpfooter {display:none;} iframe {height:250px !important;} #TB_window {height:250px !important;} </style> <script type="text/javascript"> jQuery(document).ready(function() { jQuery('#check_all_ratings').click(function() { if(jQuery("#check_all_ratings").is(':checked')) jQuery(".del_one_rating").each(function(){ jQuery(this).attr('checked',true); }); else jQuery(".del_one_rating").each(function(){ jQuery(this).attr('checked',false); }); }); jQuery(".del_one_rating").click(function() { if(jQuery("#check_all_ratings").is(':checked')) { jQuery("#check_all_ratings").attr('checked',false); } }); jQuery('.del_few_ratings').on('click',function(){ del_few_ratings(); }); function del_few_ratings() { var ratings_for_delete = []; jQuery(".del_one_rating").each(function(){ if(jQuery(this).is(':checked')) { ratings_for_delete.push(jQuery(this).val()); } }); // alert(ratings_for_delete); var data = { action: 'my_action', post: 'delanyratings', ratings_for_delete: ratings_for_delete }; jQuery.post(ajaxurl, data, function(response) { // alert(response); if(response == 1) { // alert(reviews_for_delete); var forEach = Function.prototype.call.bind( Array.prototype.forEach ); forEach( ratings_for_delete, function( node ) { // alert( node ); var class_for_delete = "." + node; // alert(jQuery(class_for_delete).val()); jQuery(class_for_delete).parent().parent().remove(); }); } }); } jQuery('.edit_rating_ip').on('change',function(){ var rating_new_id = jQuery(this).parent().siblings(':first-child').find("input[name='rating_values_for_delete']").val(); // alert(rating_new_id); var rating_new_ip = jQuery(this).val(); // alert(com_new_name); var data = { action: 'my_action', post: 'editratingip', rating_new_ip: rating_new_ip, rating_new_id: rating_new_id }; jQuery.post(ajaxurl, data, function(response) { // alert(response); if(response == 1) { // alert(reviews_for_delete); jQuery('input').blur(); // alert("ay des vor uzum es karum es."); } }); }); jQuery('.edit_rating_value').on('change',function(){ var rating_new_id = jQuery(this).parent().siblings(':first-child').find("input[name='rating_values_for_delete']").val(); // alert(com_new_id); var rating_new_value = jQuery(this).val(); // alert(rating_new_value); var data = { action: 'my_action', post: 'editratingvalue', rating_new_value: rating_new_value, rating_new_id: rating_new_id }; jQuery.post(ajaxurl, data, function(response) { // alert(response); if(response == 1) { // alert(reviews_for_delete); jQuery('input').blur(); // alert("ay des vor uzum es karum es."); } else { // alert("Ajax Error."); } }); }); jQuery("#huge_it_view_ratings_wrap .manager-link").click(function(){ self.parent.tb_remove(); self.parent.location.assign('admin.php?page=huge_it_catalog_ratings_page'); }); }); </script> <div id="huge_it_view_ratings"> <div id="huge_it_view_ratings_wrap"> <h2><?php echo __("Product Ratings", "product-catalog"); ?> </h2> <a class="manager-link button"><?php echo __("All Ratings Manager", "product-catalog"); ?> </a> <div class="huge_it_prod_ratings_container"> <table> <tr><th><input type="checkbox" id="check_all_ratings"/></th><th>IP <?php echo __("Adress", "product-catalog"); ?> </th><th><?php echo __("Value", "product-catalog"); ?> </th><th class="del_few_ratings"><a class=""><?php echo __("Delete", "product-catalog"); ?> </a></th></tr> </table> <table style="border-collapse: collapse;"> <?php foreach ($getRatings as $rating) { ?> <tr style="border-bottom: 1pt solid #eee;"> <td><input type="checkbox" class="del_one_rating <?php echo $rating->id; ?> " value="<?php echo $rating->id; ?> " name="rating_values_for_delete" /></td> <td><input type="text" value="<?php echo $rating->ip; ?> " style="text-align: center; border: none;" class="edit_rating_ip" /></td> <td><input type="text" value="<?php echo $rating->value; ?> " style="text-align: center; border: none;" class="edit_rating_value" /></td> <td class="del_rating"><a href="admin.php?page=catalogs_huge_it_catalog&id=<?php echo $_GET['id']; ?> &task=ratings&prod_id=<?php echo $rating->prod_id; ?> &del_id=<?php echo $rating->id; ?> "><?php echo __("Delete", "product-catalog"); ?> </a></td> </tr> <?php } ?> </table> </div> </div> </div> <?php }
<option value="-1">Choose A Genre</option> <?php $movieGenres = getGenres(); foreach ($movieGenres as $genre) { echo "<option value='" . $genre['genre'] . "'>" . $genre['genre'] . "</option>"; } ?> </select> </td> <td> <h3>Rating</h3> <select size="1" name="rating"> <option value="-1">Choose A Rating</option> <?php $movieRatings = getRatings(); foreach ($movieRatings as $rating) { echo "<option value='" . $rating['rating'] . "'>" . $rating['rating'] . "</option>"; } ?> </select> </td> <td style="vertical-align: bottom;"> <input type="submit" value="Search" size="50"><img src="popcorn-icon.png"> </form> </td></tr> </table> <table id="results">
} */ if (!isset($_SESSION['FBID'])) { $_SESSION['FBID'] = "notfblogin"; /*OLD CODE $_SESSION['visitor_name']=$_POST['visitor_name']; $_SESSION['visitor_email']=$_POST['visitor_email']; $_SESSION['visitor_location']=$_POST['visitor_location']; $_SESSION['company_name']=$_POST['company_name'];*/ //NEW CODE WITH FILTERING INPUT // By Jay Shah On 21st July, 2015 at 14:18:31 $_SESSION['visitor_name'] = filter_input(INPUT_POST, 'visitor_name', FILTER_SANITIZE_STRING); $_SESSION['visitor_email'] = filter_input(INPUT_POST, 'visitor_email', FILTER_VALIDATE_EMAIL); $_SESSION['visitor_location'] = filter_input(INPUT_POST, 'visitor_location', FILTER_SANITIZE_STRING); $_SESSION['company_name'] = filter_input(INPUT_POST, 'company_name', FILTER_SANITIZE_STRING); } else { $_SESSION['visitor_name'] = $_SESSION['FULLNAME']; $_SESSION['visitor_email'] = $_SESSION['EMAIL']; $_SESSION['visitor_location'] = $_SESSION['LOCATION']; $_SESSION['company_name'] = "fblogin"; } include_once "../../../thfl-admin/model/functions.php"; include_once "../../../thfl-admin/model/db_config.php"; $xml = simplexml_load_file("../../../thfl-admin/config.xml") or die("Error: Cannot load configuration file"); $_SESSION['hash'] = hash("md5", time()); $sql_query = "INSERT INTO " . RESULT_TABLE . " SET name='" . $_SESSION['visitor_name'] . "', email='" . $_SESSION['visitor_email'] . "', location='" . $_SESSION['visitor_location'] . "',companyName='" . $_SESSION['company_name'] . "', quizName='" . $xml->Configuration->NameofActivity . "',hashtag='" . $_SESSION['hash'] . "',field1='" . $_SESSION['FBID'] . "',session_id='" . session_id() . "',ip_address='" . get_client_ip() . "',user_agent='" . $_SERVER['HTTP_USER_AGENT'] . "'"; runQuery($sql_query); $_SESSION['ratings'] = getRatings($_SESSION['visitor_email']); unset($_SESSION['form_token']); $_SESSION['isLoggedIn'] = true; echo "Login Successful";