/**
* Renders the next profile to view.
*/
function render_next()
{
//find current viewnum
$viewNum = CS50::query("SELECT viewNum FROM users WHERE id = ?", $_SESSION["id"]);
$viewnum = $viewNum[0]["viewNum"];
//find id of last viable profile
$last = CS50::query("SELECT MAX(id) FROM users");
//increment viewnum to next viable profile
do {
CS50::query("UPDATE users SET viewNum = viewNum + 1 WHERE id = ?", $_SESSION["id"]);
$viewnum++;
if ($viewnum > $last[0]["MAX(id)"]) {
apologize("You've seen e'rybody!");
break;
}
} while (count(CS50::query("SELECT * FROM users WHERE id = ?", $viewnum)) == 0 || $viewnum == $_SESSION["id"]);
// render homepage; show new profile.
render("home.php", ["title" => "home", "profile" => prof_lookup($viewnum)]);
}
<?php
//configuration
require "../includes/config.php";
//query portfolio
$rows = CS50::query("SELECT * FROM portfolios WHERE user_id = ?", $_SESSION["id"]);
//new array to story portfolio contents
$positions = [];
//go through each row
foreach ($rows as $row) {
//look up symbol from row's stock on Yahoo
$stock = lookup($row["symbol"]);
//if look up was successful
if ($stock !== false) {
//fill information into array 'positions'
$positions[] = ["name" => $stock["name"], "symbol" => $row["symbol"], "price_per_stock" => $stock["price"], "shares" => $row["shares"], "total_price" => $stock["price"] * $row["shares"]];
}
}
//query user's cash
$cash = CS50::query("SELECT cash FROM users WHERE id = ?", $_SESSION["id"]);
//render portfolio
render("portfolio.php", ["positions" => $positions, "title" => "Portfolio", "cash" => $cash]);
<?php
// Mostly original code
// configuration
require "../startbootstrap-business-casual-1.0.4/config.php";
//query username from users and stock from recruiter_userss
$rows = CS50::query("SELECT company, event_date, event_time FROM events WHERE school = ? AND company= ?", $_POST["school"], $_POST["company"]);
if ($rows != false) {
$new_insertion = CS50::query("INSERT INTO user_events (company, event_time, event_date, user_id) \n VALUES (?, ?, ?, ?)", $_POST["company"], $rows[0]["event_time"], $rows[0]["event_date"], $_SESSION["id"]);
if ($new_insertion !== false) {
redirect("students.php");
}
} else {
apologize("sorry, there is no event for this company");
}
// validate inputs
if (empty($_POST["username"])) {
apologize("You must provide a username.");
} else {
if (empty($_POST["password"])) {
apologize("You must provide a password.");
} else {
if (empty($_POST["confirmation"]) || $_POST["password"] != $_POST["confirmation"]) {
apologize("Those passwords did not match.");
}
}
}
// try to register user
$rows = CS50::query("INSERT IGNORE INTO users (username, hash) VALUES(?, ?)", $_POST["username"], password_hash($_POST["password"], PASSWORD_DEFAULT));
if ($rows !== 1) {
apologize("That username appears to be taken.");
}
// get new user's ID
$rows = CS50::query("SELECT LAST_INSERT_ID() AS id");
if (count($rows) !== 1) {
apologize("Can't find your ID.");
}
$id = $rows[0]["id"];
// log user in
$_SESSION["id"] = $id;
// redirect to portfolio
redirect("/");
} else {
// else render form
render("register_form.php", ["title" => "Register"]);
}
/**
* Initializes library with JSON file at $path.
*/
public static function init($path)
{
// ensure library is not already initialized
if (isset(self::$config)) {
trigger_error("CS50 Library is already initialized", E_USER_ERROR);
}
// ensure configuration file exists
if (!is_file($path)) {
trigger_error("Could not find {$path}", E_USER_ERROR);
}
// read contents of configuration file
$contents = file_get_contents($path);
if ($contents === false) {
trigger_error("Could not read {$path}", E_USER_ERROR);
}
// decode contents of configuration file
$config = json_decode($contents, true);
if (is_null($config)) {
trigger_error("Could not decode {$path}", E_USER_ERROR);
}
// store configuration
self::$config = $config;
}
}
// check for negative service
for ($j = -3; $j <= 3; $j++) {
// check if i + j within array.
if ($i + $j >= 0 && $i + $j < $terms) {
// check up to three words before and after, as well as tracker[$i] itself.
if (strpos($tracker[$i + $j], 'service') !== false) {
// update service score if location given in comment
if ($info[0]["place_name"] != '') {
$updatefoodscore = CS50::query("UPDATE locations SET service_score = service_score - 1 WHERE place_name = ?", $info[0]["place_name"]);
} else {
$updatefoodscore = CS50::query("UPDATE locations SET service_score = service_score - 1 WHERE place_name = ''");
}
}
}
}
}
}
// mark comment as processed
$processed = CS50::query("UPDATE comments SET processed = true WHERE id = ?", $info[0]["id"]);
}
} while (count($info) !== 0);
// retrieve scores for all locations
$scores = CS50::query("SELECT place_name, comments_received, overall_score, food_score, service_score FROM locations");
// array to store scores
$locations = [];
foreach ($scores as $score) {
$locations[] = ["location" => $score["place_name"], "num_comments" => $score["comments_received"], "overall" => $score["overall_score"], "food" => $score["food_score"], "service" => $score["service_score"]];
}
// render analysis_view
render("analysis_view.php", ["locations" => $locations, "title" => "Analysis"]);
<?php
// include functions in config.php
require __DIR__ . "/../includes/config.php";
// numerically indexed array of places
$places = [];
// Declare variable geo
$geo = $_GET["geo"];
// Query database for the search key to find places that match that and return a variable with that data
$places = CS50::query("SELECT * FROM places WHERE MATCH (country_code, postal_code, place_name, admin_name1, admin_code1) AGAINST (?)", $geo);
// output places as JSON (pretty-printed for debugging convenience)
header("Content-type: application/json");
print json_encode($places, JSON_PRETTY_PRINT);
$shares = $rows[0]["shares"];
// sell shares
$stock = lookup($_POST["symbol"]);
if ($stock !== false) {
// update portfolio
CS50::query("DELETE FROM portfolios WHERE user_id = ? AND symbol = ?", $_SESSION["id"], $_POST["symbol"]);
// update cash
CS50::query("UPDATE users SET cash = cash + ? WHERE id = ?", $shares * $stock["price"], $_SESSION["id"]);
// update history
CS50::query("INSERT INTO history (user_id, type, symbol, shares, price, datetime)\n VALUES(?, 'SELL', ?, ?, ?, NOW())", $_SESSION["id"], $stock["symbol"], $shares, $stock["price"]);
// redirect user
redirect("/");
}
} else {
// get user's portfolio
$symbols = [];
$rows = CS50::query("SELECT symbol FROM portfolios WHERE user_id = ? ORDER BY symbol", $_SESSION["id"]);
if ($rows === false) {
apologize("Could not find your portfolio.");
}
// get symbols in portfolio
foreach ($rows as $row) {
$symbols[] = $row["symbol"];
}
// render form
if (count($symbols) > 0) {
render("sell_form.php", ["symbols" => $symbols, "title" => "Sell"]);
} else {
apologize("Nothing to sell.");
}
}
apologize("Wasn't able to retreive shares to sell from database");
return;
}
//delete sold stock from database
$deleted = CS50::query("DELETE FROM portfolio WHERE user_id = ? AND symbol = ?", $_SESSION["id"], $_POST["symbol"]);
if (!$deleted) {
apologize("Wasn't able to delete shares from database");
return;
}
//lookup symbol for current price
$stock = lookup($_POST["symbol"]);
if (!$stock) {
apologize("Wasn't able to lookup symbol");
return;
}
//update cash with profit from sold stock
$updated = CS50::query("UPDATE users SET cash = cash + ? WHERE id = ?", $stock["price"] * $shares[0]["shares"], $_SESSION["id"]);
if (!$updated) {
apologize("Wasn't able to update cash in database");
return;
}
//insert this transaction into history
$updatedHistory = CS50::query("INSERT INTO history (user_id, symbol, transaction, shares, price, time) \n VALUES(?, ?, 'sell', 0, ?, NOW())", $_SESSION["id"], strtoupper($_POST["symbol"]), $stock["price"]);
if (!$updatedHistory) {
apologize("Wasn't able to update history will sell transaction");
return;
}
redirect("/");
} else {
render("sell_form.php");
}
<?php
// configuration
require "../includes/config.php";
// if form was submitted
if ($_SERVER["REQUEST_METHOD"] == "POST") {
if ($_POST['interest']) {
//This is to add an interest to the database
CS50::query("INSERT INTO `interests` (`user_id`, `interest`) VALUES (?,?)", $_SESSION["id"], $_POST['interest']);
}
redirect("index.php");
} else {
// render form
redirect("index.php");
}
?>
<!-- original code -->
<?php
// configuration
require "../startbootstrap-business-casual-1.0.4/config.php";
// if user reached page via GET (as by clicking a link or via redirect)
if ($_SERVER["REQUEST_METHOD"] == "GET") {
// else render form
render("students.html", ["title" => "buy"]);
} else {
if ($_SERVER["REQUEST_METHOD"] == "POST") {
// Record Input
CS50::query("INSERT INTO student_update (FirstName, LastName, Email, University) VALUES (?, ?, ?,?)", $_POST["FirstName"], $_POST["LastName"], $_POST["Email"], $_POST["University"]);
}
}
redirect("/");
} else {
if (empty($_POST["newpassword"])) {
apologize("You must produce a password");
} else {
if (empty($_POST["confirmation"])) {
apologize("You must produce a password");
} else {
if ($_POST["newpassword"] != $_POST["confirmation"]) {
apologize("Passwords must match");
} else {
$userstats = CS50::query("SELECT * FROM users WHERE id = ?", $_SESSION["id"]);
$username = $userstats[0]["username"];
// check username for correctnes
if ($username != $_POST["username"]) {
apologize("Wrong username");
} else {
if (!password_verify($_POST["oldpassword"], $userstats[0]["hash"])) {
apologize("Wrong original password");
} else {
// update password
CS50::query("UPDATE users SET hash=? where id =?", password_hash($_POST["newpassword"], PASSWORD_DEFAULT), $_SESSION["id"]);
redirect("index.php");
}
}
}
}
}
}
}
}
}
// Store id of article in variable
$article = $_POST["article_id"];
// update mySQL
CS50::query("UPDATE portfolio SET status = 3 WHERE id = ?", $article);
// set submission destination and subject
$email_to = "*****@*****.**";
$email_subject = "Crimson Article Submission";
// Actual article text variable
$articles = $_POST['articles'];
// Start of email message
$email_message = "Form details below.\n\n";
// Get title of article
$pieces = CS50::query("SELECT title FROM portfolio WHERE id = ?", $article);
$piece = $pieces[0]["title"];
// Get name of comper
$compers = CS50::query("SELECT name, email FROM users WHERE userid = ?", $_SESSION["id"]);
$name = $compers[0]["name"];
$email = $compers[0]["email"];
// Craft e-mail message body
$email_message .= "Comper: " . $name . "\r\n";
$email_message .= "Article Title: " . $piece . "\r\n";
$email_message .= "Comments: " . $articles . "\r\n";
$client = new PostmarkClient("211bda55-ecef-447c-ba35-7b2ca54e802f");
// Send email
$sendResult = $client->sendEmail("*****@*****.**", "*****@*****.**", "Comper Article Submissions", "{$email_message}");
// Redirect
redirect("/");
} else {
if ($_SERVER["REQUEST_METHOD"] == "GET") {
redirect("/");
}
<?php
/**
* config.php
*
* Computer Science 50
* Veritalks
*
* Configures app.
*/
// display errors, warnings, and notices
ini_set("display_errors", true);
error_reporting(E_ALL);
// requirements
require "helpers.php";
// CS50 Library
require "../vendor/library50-php-5/CS50/CS50.php";
CS50::init(__DIR__ . "/../config.json");
// enable sessions
session_start();
// require authentication for certain pages except those listed below
if (!in_array($_SERVER["PHP_SELF"], ["/login.php", "/logout.php", "/register.php", "/main_page.php", "/about_us.php", "/ask_question.php", "/give_advice.php", "/upvote.php", "/user.php", "/academics.php", "/social_scene.php", "/student_life.php", "/real_world.php", "/prospective_students.php", "/financial_aid.php", "/academics_user.php", "/social_scene_user.php", "/student_life_user.php", "/real_world_user.php", "/prospective_students_user.php", "/financial_aid_user.php", "/academics_upvote.php", "/social_scene_upvote.php", "/student_life_upvote.php", "/real_world_upvote.php", "/prospective_students_upvote.php", "/financial_aid_upvote.php"])) {
if (empty($_SESSION["id"])) {
redirect("main_page.php");
}
}
<?php
//configuration
require "../includes/config.php";
//create new array to store history information
$history = CS50::query("SELECT * FROM history WHERE user_id = ?", $_SESSION["id"]);
if (count($history) == 0) {
apologize("No transactions recorded.");
}
// dump($history);
//render buy form
render("history_form.php", ["title" => "History", "history" => $history]);
// prints name
if (!empty($_SESSION["id"])) {
print "<div style='font-style: italic;'>";
$signed = "You are signed in as ";
$users = CS50::query("SELECT name FROM users WHERE userid = ?", $_SESSION["id"]);
$name = $users[0]["name"];
$signed .= $name;
$signed .= ".";
echo $signed;
print "</div>";
}
?>
<!-- shows different menu depending on type of user -->
<?php
if (!empty($_SESSION["id"])) {
$people = CS50::query("SELECT role FROM users WHERE userid = ?", $_SESSION["id"]);
if ($people[0]["role"] == "COMPER") {
print "<ul class='nav nav-tabs nav-justified'>";
print "<li><a href='index.php'>MyArticles</a></li>";
print "<li><a href='claim_pitch.php'>Pitches</a></li>";
print "<li><a href='current_articles.php'>Due</a></li>";
print "<li><a href='submitted.php'>Submitted</a></li>";
print "<li><a href='schedule.php'>Schedule</a></li>";
print "<li><a href='update_info.php'>Personal Information</a></li>";
print "<li><a href='logout.php' style='font-weight: bold;'>Log Out</a></li>";
print "</ul>";
} else {
print "<ul class='nav nav-tabs nav-justified'>";
print "<li><a href='add_pitch.php'>Add Pitches</a></li>";
print "<li><a href='add_article.php'>Add Article</a></li>";
print "<li><a href='submitted.php'>Current Submissions</a></li>";
<?php
// configuration
require "../includes/config.php";
// if user reached page via GET (as by clicking a link or via redirect)
if ($_SERVER["REQUEST_METHOD"] == "GET") {
//logic to deal with this new proposal
$viewNum = CS50::query("SELECT viewNum FROM users WHERE id = ?", $_SESSION["id"]);
$viewnum = $viewNum[0]["viewNum"];
//try deleting the complement of this proposal. if deletion works, we have a match.
//deletion is optional, but an optimization to keep proposals table small.
if (CS50::query("DELETE FROM proposals WHERE user_id = ? AND proposee_id = ?", $viewnum, $_SESSION["id"])) {
//we have a match; insert into match table.
CS50::query("INSERT INTO matches (user1_id, user2_id) VALUES(?, ?)", $_SESSION["id"], $viewnum);
} else {
// no match yet; insert proposal into proposals table
CS50::query("INSERT INTO proposals (user_id, proposee_id) VALUES(?, ?)", $_SESSION["id"], $viewnum);
}
//show the next profile. This function is defined in helpers.php
render_next();
}
<?php
require __DIR__ . "/../includes/config.php";
// numerically indexed array of places
$places = [];
// search database for places matching $_GET["geo"], store in $places
// ie: if you look up cambridge, should give all results for cambridge
// (Massachussets & England too)
//search database for places matching $_GET["geo"]
//MATCH -- much better matching than LIKE, http://stackoverflow.com/questions/792875/which-sql-query-is-better-match-against-or-like
//IN BOOLEAN MODE -- used for correct searching, https://dev.mysql.com/doc/refman/5.5/en/fulltext-boolean.html
//ORDER BY keyword -- used to sort the result-set by one or more columns, http://www.w3schools.com/sql/sql_orderby.asp
$search = CS50::query("SELECT * FROM places WHERE MATCH (place_name, postal_code, admin_name1, admin_code1) \n AGAINST (? IN BOOLEAN MODE) \n ORDER BY place_name;", $_GET["geo"]);
//store matches in $places
foreach ($search as $input) {
array_push($places, $input);
}
// dump($places);
// output places as JSON (pretty-printed for debugging convenience)
header("Content-type: application/json");
print json_encode($places, JSON_PRETTY_PRINT);
//https://ide50-hs682.cs50.io/search.php?geo=New+Haven,Connecticut,US
//https://ide50-hs682.cs50.io/search.php?geo=New+Haven,+Massachusetts
//https://ide50-hs682.cs50.io/search.php?geo=New+Have,+MA
//https://ide50-hs682.cs50.io/search.php?geo=New+Haven+MA
//https://ide50-hs682.cs50.io/search.php?geo=06511
//they all work as they should! :D
<?php
// configuration
require "../includes/config.php";
// if user reached page via GET (as by clicking a link or via redirect)
if ($_SERVER["REQUEST_METHOD"] == "GET") {
render("prof_form.php", ["title" => "Edit"]);
} else {
if ($_SERVER["REQUEST_METHOD"] == "POST") {
//insert new interest into interests database
CS50::query("INSERT INTO interests (user_id, interest) VALUES(?, ?)", $_SESSION["id"], $_POST["interest"]);
// render updated profile
render("prof_page.php", ["title" => "Profile", "profile" => prof_lookup($_SESSION["id"])]);
}
}
<?php
// configuration
require "../includes/config.php";
// if user reached page via GET (as by clicking a link or via redirect)
if ($_SERVER["REQUEST_METHOD"] == "GET") {
$viewnum = CS50::query("SELECT viewNum FROM users WHERE id = ?", $_SESSION["id"]);
$last = CS50::query("SELECT MAX(id) FROM users");
if ($viewnum[0]["viewNum"] > $last[0]["MAX(id)"]) {
apologize("You've seen e'rybody!");
}
// render homepage
render("home.php", ["title" => "home", "profile" => prof_lookup($viewnum[0]["viewNum"])]);
}
<!-- original code -->
<?php
// configuration
require "../startbootstrap-business-casual-1.0.4/config.php";
// if user reached page via GET (as by clicking a link or via redirect)
if ($_SERVER["REQUEST_METHOD"] == "GET") {
// eer form
render("register_company_company.php");
}
// else if user reached page via POST (as by submitting a form via POST)
if ($_SERVER["REQUEST_METHOD"] == "POST") {
// validate submission
if (empty($_POST["company"]) or empty($_POST["company_code"])) {
apologize("Sorry");
}
//add the user to the the database
$new_insertion = CS50::query("INSERT INTO companies (company, company_code) \n VALUES (?, ?)", $_POST["company"], $_POST["company_code"]);
// insert new user into database
if ($new_insertion === false) {
apologize("Cannot log you in at this time");
} else {
redirect("register_company.php");
}
}
<?php
// makes sure that the interests of the profile owner are generated, not
// the session id owner
$id = CS50::query("SELECT id FROM users WHERE username = ?", $username);
//grabs an array of the interests from MySQL
$interests = CS50::query("SELECT * FROM `interests` WHERE `user_id` = ?", $id[0]['id']);
?>
<!--Outter table for interests-->
<TABLE BORDER="0" ALIGN=center>
<strong class="stats" style="background-color: transparent">Interests</strong>
<TR>
<?php
if ($interests) {
for ($i = count($interests) - 1; $i >= 0; $i--) {
?>
<!--user interests-->
<TD class="stats"><a href="#" style="border: solid transparent"> <?php
echo $interests[$i]['interest'];
?>
</a></TD>
<?php
}
}
?>
</TR>
</TABLE>
<!--toggle switch to add new interests-->
// configuration
require "../includes/config.php";
// if user reached page via GET (as by clicking a link or via redirect)
if (empty($_SESSION["id"])) {
apologize("You don't have the proper authorization to access this page...");
}
if ($_SERVER["REQUEST_METHOD"] == "GET" && empty($_GET["match_id"])) {
$matches = CS50::query("SELECT * FROM matches");
render("remove_scores_view.php", ["title" => "Remove Scores", "matches" => $matches, "sport_map" => $sport_map]);
} else {
if ($_SERVER["REQUEST_METHOD"] == "GET") {
$remove = CS50::query("SELECT * FROM matches WHERE id = ?", $_GET["match_id"]);
if ($remove == false) {
apologize("No match found.");
}
$college_names = "BK, BR, CC, DC, ES, JE, MC, PC, SM, SY, TC, TD";
foreach ($remove[0] as $key => $value) {
if (strpos($college_names, $key) !== false) {
CS50::query("UPDATE stats SET total = total - ?," . $remove[0]["sport"] . " = " . $remove[0]["sport"] . " - ? WHERE college = ?", $value, $value, $key);
}
}
if (CS50::query("DELETE FROM matches WHERE id = ?", $_GET["match_id"]) == false) {
apologize("Error deleting match from database");
}
render("score_removed.php", ["title" => "Success"]);
}
}
?>
<?php
// configuration
require "../includes/config.php";
$q = CS50::query("SELECT * FROM users WHERE id=?", $_SESSION["id"]);
//dump($positions);
if ($_SERVER["REQUEST_METHOD"] == "GET") {
render("buyform.php", ["title" => "Buy", "cash" => $q[0]["cash"]]);
} else {
if ($_SERVER["REQUEST_METHOD"] == "POST" && preg_match("/^\\d+\$/", $_POST["buy"]) == true) {
render("buyview.php", ["title" => "Buy", "cash" => $q[0]["cash"]]);
/*$price=CS50::query("SELECT shares FROM portfolios WHERE id=? AND symbol=?",$_SESSION["id"], $_POST["symbol"]);
$share=$shares[0]["shares"];
$check=preg_match("/^\d+$/", $_POST["shares2sell"]);
if($_POST["shares2sell"]>$share || $check==false){
apologize("Operation cannot be done, you don't have that many shares!");
}
else{
$q=CS50::query("UPDATE portfolios SET shares=shares-? WHERE id =? AND symbol =?",$_POST["shares2sell"],$_SESSION["id"],$_POST["symbol"]);
foreach ($positions as $position)
{
if($position["symbol"]==$_POST["symbol"]){
$price=$position["price"];
}
}
$p=CS50::query("UPDATE users SET cash=cash+? WHERE id =?",$_POST["shares2sell"]*$price,$_SESSION["id"]);
}*/
} else {
apologize("Make sure you entered a valid number of shares!");
}
}
if ($_SERVER["REQUEST_METHOD"] == "POST") {
$name = $_POST["name"];
$cell = $_POST["cell"];
$email = $_POST["email"];
// update information in database
if (!empty($name)) {
CS50::query("UPDATE users SET name = ? WHERE userid = ?", $name, $_SESSION["id"]);
if (!empty($cell)) {
CS50::query("UPDATE users SET cell_number = ? WHERE userid = ?", $cell, $_SESSION["id"]);
if (!empty($email)) {
CS50::query("UPDATE users SET email = ? WHERE userid = ?", $email, $_SESSION["id"]);
}
}
} else {
if (!empty($cell)) {
CS50::query("UPDATE users SET cell_number = ? WHERE userid = ?", $cell, $_SESSION["id"]);
if (!empty($email)) {
CS50::query("UPDATE users SET email = ? WHERE userid = ?", $email, $_SESSION["id"]);
}
} else {
if (!empty($email)) {
CS50::query("UPDATE users SET email = ? WHERE userid = ?", $email, $_SESSION["id"]);
} else {
apologize("Please choose one to submit.");
}
}
}
// redirect
redirect("/update_info.php");
}
}
<!-- original code -->
<?php
// configuration
require "../startbootstrap-business-casual-1.0.4/config.php";
//query username from company events from recruiter_userss
$rows = CS50::query("SELECT company, event_date, event_time FROM user_events WHERE user_id = ?", $_SESSION["id"]);
$events = [];
foreach ($rows as $row) {
$events[] = ["company" => $row["company"], "time" => $row["event_time"], "date" => $row["event_date"]];
}
// render
render("student_events.php", ["events" => $events]);
<?php
require "../includes/config.php";
// if user reached page via GET (as by clicking a link or via redirect)
if (!isset($_GET['upvote'])) {
apologize("You didn't enter anything!");
} else {
// set variables
$id = $_GET['id'];
$new = 0;
// increment upvote by 1
$new = $_GET['upvote'] + 1;
$s = "UPDATE posts SET upvotes={$new} WHERE id={$id}";
// update upvotes for the post
CS50::query("UPDATE posts SET upvotes='" . $new . "' WHERE id='" . $id . "'");
}
// forces URL change so browser obtains latest data
$millitime = round(microtime(true) * 1000);
header("Location: /financial_aid.php?UTC={$millitime}&NEW={$new}&SQL={$s}");
// if user reached page via GET (as by clicking a link or via redirect)
if ($_SERVER["REQUEST_METHOD"] == "GET") {
// else render form
render("login_form.php", ["title" => "Log In"]);
} else {
if ($_SERVER["REQUEST_METHOD"] == "POST") {
// validate submission
if (empty($_POST["username"])) {
apologize("You must provide your username.");
} else {
if (empty($_POST["password"])) {
apologize("You must provide your password.");
}
}
// query database for user
$rows = CS50::query("SELECT * FROM users WHERE username = ?", $_POST["username"]);
// if we found user, check password
if (count($rows) == 1) {
// first (and only) row
$row = $rows[0];
// compare hash of user's input against hash that's in database
if (password_verify($_POST["password"], $row["hash"])) {
// remember that user's now logged in by storing user's ID in session
$_SESSION["id"] = $row["id"];
// redirect to portfolio
redirect("/");
}
}
// else apologize
apologize("Invalid username and/or password.");
}
<?php
// configuration
require "../includes/config.php";
// if user reached page via GET (as by clicking a link or via redirect)
if ($_SERVER["REQUEST_METHOD"] == "POST") {
//insert the posted message into the database.
if (CS50::query("INSERT INTO messages (match_id, sender_id, message) VALUES(?, ?, ?)", $_SESSION["temp_match"], $_SESSION["id"], $_POST["message"]) == 0) {
apologize("could not upload message to database");
}
}
//regardless of whether we had to insert a new message, render current messages.
$messages = CS50::query("SELECT * FROM messages WHERE match_id = ?", $_SESSION["temp_match"]);
render("match_chat.php", ["title" => "Match Profile", "messages" => $messages, "chat_buddy" => $_SESSION["chat_buddy"]]);
*
* Crimson Compster
* Manav Khandelwal
* manavkhandelwal@college.harvard.edu
*
*
* Processes publishing of article by director.
* Can process GET or POST requests.
*/
// configuration
require "../includes/config.php";
// if user reached page via GET (as by clicking a link or via redirect)
if ($_SERVER["REQUEST_METHOD"] == "GET") {
$submitteds = CS50::query("SELECT title FROM portfolio WHERE status = 3");
render("addarticle_view.php", ["title" => "Add A Published Article", "submitteds" => $submitteds]);
} else {
if ($_SERVER["REQUEST_METHOD"] == "POST") {
// validate submission
if (!isset($_POST["title"])) {
apologize("You must choose a title.");
} else {
if (empty($_POST["link"])) {
apologize("You must provide a link to the article on thecrimson.com");
}
}
// Update database with link and status (from submitted to published)
CS50::query("UPDATE portfolio SET status = 2 WHERE title = ?", $_POST["title"]);
CS50::query("UPDATE portfolio SET link = ? WHERE title = ?", $_POST["link"], $_POST["title"]);
redirect("/");
}
}
