Esempio n. 1
0
    $ticketCodequery = $ticketdb->PREPARE("SELECT uid, redeemed, classID FROM Tickets WHERE ticketCode = '{$ticketCode}';");
    $ticketCodequery->execute();
    $ticketCoderesult = $ticketCodequery->fetch();
    $ticketCodecount = $ticketCodequery->rowCount();
    if ($ticketCodecount != '0') {
        // Good Ticket Code now we check to see if it has been used
        $redeemed = $ticketCoderesult['redeemed'];
        $classID = $ticketCoderesult['classID'];
        if ($redeemed == 'yes') {
            // Ticket has been used
            echo "<p>Ticket has been redeemed before.</p>";
        } else {
            // Ticket has not been used
            $eventquery = $eventdb->PREPARE("SELECT title FROM Event WHERE uid = '{$classID}';");
            $eventquery->execute();
            $eventresult = $eventquery->fetch();
            $title = $eventresult['title'];
            echo "<p>Good Ticket for " . $title . "</p>";
            // Mark ticket as been used
            $ticketUpdatesql = "UPDATE Tickets SET redeemed= ? WHERE ticketCode = '" . $ticketCode . "'";
            $ticketUpdatequery = $useticketdb->PREPARE($ticketUpdatesql);
            $ticketUpdatequery->execute(array('yes'));
        }
    } else {
        // Can't find a record of provided ticket code
        echo "<p>No Such Ticket</p>";
    }
} else {
    // No ticket provided through URL
    echo "<p>No Ticket Code specified!</p>";
}
Esempio n. 2
0
<?php

include "config.php";
$title = $_POST["eventName"];
$startTime = $_POST["startDate"];
$endTime = $_POST["endDate"];
$location = $_POST["where"];
$description = $_POST["description"];
$agenda = $_POST["agenda"];
$aboutTeacher = $_POST["aboutYou"];
if ($sqlTicketservertype = 'mysql') {
    $db = new PDO('mysql:host=' . $sqlTicketserver . ';dbname=' . $sqlTicketdbname, $sqlTicketusername, $sqlTicketpassword);
}
$query = $db->PREPARE("INSERT INTO Event ( title, startTime, endTime, location, description, agenda, aboutTeacher, isActive ) VALUES ( '{$title}' , '{$startTime}', '{$endTime}', '{$location}', '{$description}', '{$agenda}', '{$aboutTeacher}', 1 )");
$query->execute();
header('Location: index.php?action=admin');
Esempio n. 3
0
<center><table width="75%" >
<tr>
<th>Event</th>
<th>Attendees</th>
</tr>
<?php 
if ($sqlTicketservertype = 'mysql') {
    $db = new PDO('mysql:host=' . $sqlTicketserver . ';dbname=' . $sqlTicketdbname, $sqlTicketusername, $sqlTicketpassword);
}
$query = $db->PREPARE("SELECT title,attendeeCount,uid FROM Event WHERE isActive = '1';");
$query->execute();
$query->setFetchMode(PDO::FETCH_ASSOC);
while ($row = $query->fetch()) {
    echo "<tr><td><a href=index.php?action=editevent&id=" . $row['uid'] . ">" . $row['title'] . "</a></td><td>" . $row['attendeeCount'] . "</td></tr>";
}
?>
<tr><td colspan="2">&nbsp;</td></tr>
<tr><td colspan="2"><a href="index.php?action=addEvent">Add event</a><br/></td></tr>
</table></center>


Esempio n. 4
0
include 'ipnlistener.php';
include "config.php";
if ($sqlTicketservertype = 'mysql') {
    $db = new PDO('mysql:host=' . $sqlTicketserver . ';dbname=' . $sqlTicketdbname, $sqlTicketusername, $sqlTicketpassword);
}
// tell PHP to log errors to ipn_errors.log in this directory
ini_set('log_errors', true);
ini_set('error_log', dirname(__FILE__) . '/ipn_errors.log');
$listener = new IpnListener();
$listener->use_sandbox = true;
try {
    $verified = $listener->processIpn();
} catch (Exception $e) {
    // fatal error trying to process IPN.
    error_log($e->getMessage());
    exit(0);
}
if ($verified) {
    // IPN response was "VERIFIED"
    $email = $_POST['payer_email'];
    $txn = $_POST['txn_id'];
    $firstName = $_POST['first_name'];
    $lastName = $_POST['last_name'];
    $paymentDate = $_POST['payment_date'];
    $query = $db->PREPARE("INSERT INTO Tickets ( email, txn, firstName, lastName, paymentDate  ) VALUES ( '{$email}', '{$txn}', '{$firstName}', '{$lastName}', '{$paymentDate}'  )");
    $query->execute();
    mail('*****@*****.**', 'Valid IPN', $listener->getTextReport());
} else {
    // IPN response was "INVALID"
    mail('*****@*****.**', 'Invalid IPN', $listener->getTextReport());
}
Esempio n. 5
0
<?php

if (isset($_GET['id'])) {
    $id = $_GET['id'];
}
if ($sqlTicketservertype = 'mysql') {
    $db = new PDO('mysql:host=' . $sqlTicketserver . ';dbname=' . $sqlTicketdbname, $sqlTicketusername, $sqlTicketpassword);
}
$query = $db->PREPARE("SELECT title,startTime,endTime,location,description,agenda,aboutTeacher FROM Event WHERE uid = '{$id}';");
$query->execute();
$query->setFetchMode(PDO::FETCH_ASSOC);
while ($row = $query->fetch()) {
    $classTitle = $row['title'];
    echo "<h2>" . $row['title'] . "</h2>";
    echo "<p><b>Description:</b> " . $row['description'] . "</p>";
    echo "<p>Class will be held on " . $row['startTime'] . " until " . $row['endTime'] . " at " . $row['location'] . "</p>";
    echo "<p><b>Agenda:</b> " . $row['agenda'] . "</p>";
    echo "<p><b>About the Teacher: " . $row['aboutTeacher'] . "</p>";
}
?>

<form name="_xclick" action="https://www.paypal.com/cgi-bin/webscr" method="post">
<input type="hidden" name="cmd" value="_xclick">
<input type="hidden" name="business" value="*****@*****.**">
<input type="hidden" name="currency_code" value="USD">
<input type="hidden" name="item_name" value="<?php 
echo $classTitle;
?>
">
<input type="hidden" name="item_number" value="Class">
<input type="hidden" name="custom" value="<?php 
Esempio n. 6
0
<?php

include "config.php";
$id = $_POST["id"];
$title = $_POST["eventName"];
$startTime = $_POST["startDate"];
$endTime = $_POST["endDate"];
$location = $_POST["where"];
$description = $_POST["description"];
$agenda = $_POST["agenda"];
$aboutYou = $_POST["aboutYou"];
if ($sqlTicketservertype = 'mysql') {
    $db = new PDO('mysql:host=' . $sqlTicketserver . ';dbname=' . $sqlTicketdbname, $sqlTicketusername, $sqlTicketpassword);
}
$sql = "UPDATE Event SET title = ?, startTime = ?, endTime = ?, location = ?, description = ?, agenda = ?, aboutTeacher= ? WHERE uid = '" . $id . "'";
$query = $db->PREPARE($sql);
$query->execute(array($title, $startTime, $endTime, $location, $description, $agenda, $aboutYou));
header('Location: index.php?action=admin');
?>


Esempio n. 7
0
<?php

include "config.php";
include "loggedin.php";
require_once 'PasswordHash.php';
// include the PHPass framework
$hasher = new PasswordHash(8, TRUE);
// initialize the PHPass class
if ($sqlServerType = 'mysql') {
    $db = new PDO('mysql:host=' . $sqlServer . ';dbname=' . $sqlDBname, $sqlUsername, $sqlPassword);
}
$username = $_POST["loginName"];
$password = $_POST["loginPassword"];
if ($username && $password) {
    global $hasher;
    $query = $db->PREPARE("SELECT password FROM users WHERE username = '******';");
    $query->execute();
    $result = $query->fetch();
    $numRows = $query->rowCount();
    if ($numRows < 1) {
        header('Location: index.php?error=1');
        //user does not exist
        die;
    }
    if (!$hasher->CheckPassword($password, $result['password'])) {
        header('Location: index.php?error=1');
        //password does not match
        die;
    } else {
        $query = $db->PREPARE("SELECT id, username, admin FROM users WHERE username = '******';");
        $query->execute();