function basic_info($person) { global $officer, $uber; $member = mysql_fetch_array(mysql_query("select * from `member` where `email` = '{$person}'")); $about = getMemberAttribute('about', $person); if ($about == '') { $about = "I don't have a quote"; } $html .= "<img class='profile' src='" . profilePic($person) . "'>"; $html .= "<h3><span style='font-weight: normal; padding-right: 8pt'>" . implode(" and ", positions($person)) . " </span> " . completeNameFromEmail($person) . "</h3>"; $html .= "<div class='about'>\"{$about}\"</div>"; $html .= "<table style='width: initial'><tr><td style='width: 40%; vertical-align: top'>"; $html .= "<table>"; $html .= "<tr><td class='key'>Email</td><td><a href='mailto:{$person}'>{$person}</a></td></tr>"; $html .= "<tr><td class='key'>Phone</td><td><a href='tel:" . phoneNumber($person) . "'>" . phoneNumber($person) . "</a></td></tr>"; $html .= "<tr><td class='key'>Section</td><td>" . sectionFromEmail($person, 1) . "</td></tr>"; $html .= "<tr><td class='key'>Car</td><td>" . rosterProp($member, "Car") . "</td></tr>"; $html .= "<tr><td class='key'>Major</td><td>" . getMemberAttribute('major', $person) . "</td></tr>"; $html .= "<tr><td class='key'>Year at Tech</td><td>" . getMemberAttribute('techYear', $person) . "</td></tr>"; $sql = mysql_query("select `semester`.`semester` from `activeSemester`, `semester` where `activeSemester`.`member` = '{$person}' and `activeSemester`.`semester` = `semester`.`semester` order by `semester`.`beginning` desc"); $activeSemesters = ''; while ($row = mysql_fetch_array($sql)) { $activeSemesters .= "<span class='label'>" . $row['semester'] . "</span> "; } if ($officer) { $html .= "<tr><td class='key'>Active</td><td>{$activeSemesters}</td></tr>"; $html .= "</table></td><td style='width: 40%; vertical-align: top'><table>"; $html .= "<tr><td class='key'>Enrollment</td><td>" . rosterProp($member, "Enrollment") . "</td></tr>"; if ($uber || hasPosition($USER, "Treasurer")) { $html .= "<tr><td class='key'>Balance</td><td>" . rosterProp($member, "Balance") . "</td></tr>"; $html .= "<tr><td class='key'>Dues</td><td>" . rosterProp($member, "Dues") . "</td></tr>"; $html .= "<tr><td class='key'>Tie</td><td>" . rosterProp($member, "Tie") . "</td></tr>"; } if ($uber) { $html .= "<tr><td class='key'>Gigs</td><td>" . rosterProp($member, "Gigs") . "</td></tr>"; $html .= "<tr><td class='key'>Score</td><td>" . rosterProp($member, "Score") . "</td></tr>"; $html .= "<tr><td class='key'>Actions</td><td><button class='btn action' onclick='chgusr(\"{$person}\")'>Log in as</button><button class='btn action' style='color: red' onclick='delusr(\"{$person}\")'>Delete</button></td></tr>"; } } $html .= "</table></td></tr></table>"; return $html; }
function hasPosition($email, $position) { if ($position == "Member") { if (mysql_num_rows(mysql_query("select * from `member` where `email` = '" . mysql_real_escape_string($email) . "'"))) { return true; } # TODO Active semester return false; } if (array_search($position, positions($email)) !== false) { return true; } return false; }
<?php //it would seem you cannot connect to the database from outside a function and inside a function require_once 'functions.php'; if (!$USER) { die("Access denied"); } if (!$CHOIR) { die("Choir not set"); } $row = mysql_fetch_array(mysql_query("select `admin`, `list` from `choir` where `id` = '{$CHOIR}'")); $sender = $row['admin']; $recipient = $row['list']; $text = $_POST['text']; $sql = "INSERT INTO `announcement` (`announcementNo`, `choir`, `memberID`,`timePosted`,`announcement`) VALUES (NULL, '{$CHOIR}', '{$USER}', NOW( ),'" . mysql_real_escape_string($text) . "');"; mysql_query($sql); $position = positions($USER)[0]; $subject = "Important message from your {$position}!"; $headers = "Reply-To: {$sender}\n" . "From: {$sender}\n" . 'X-Mailer: PHP/' . phpversion(); mail($recipient, $subject, $text, $headers); //sendMessageEmail($recipient, $from, $text, $subject);