function getTurns($username)
{
$waitTimePerTurn = 100;
$turns = array('time' => null, 'total' => null, 'used' => null, 'remaining' => null);
if ($username == \libAllure\Session::getUser()->getUsername()) {
$registerd = \libAllure\Session::getUser()->getData('registered');
} else {
global $db;
$sql = 'SELECT `usedturns`, `registerd` FROM `pfrog_users` WHERE "' . $username . '" LIMIT 1 ';
$result = $db->query($sql);
$result = $result->fetchRow();
$registerd = $result['registerd'];
$turns['used'] = $result['usedTurns'];
}
$now = time();
$timelapse = $now - $registerd;
$blocks = $timelapse / $waitTimePerTurn;
$temp = explode('.', $blocks);
if (strlen($temp[1]) == 1) {
$temp[1] = $temp[1] . 0;
}
$time_left = $waitTimePerTurn - $temp[1];
$temp[0] = $temp[0] - $turns['used'];
$turns['time'] = $time_left;
$turns['total'] = $blocks;
$turns['total_turns'] = $blocks;
$turns['remaining'] = $temp[0];
return $turns;
}
public static function isEmpty()
{
$sql = 'SELECT bi.id FROM basket_items bi WHERE bi.basketOwner = :userId';
$stmt = DatabaseFactory::getInstance()->prepare($sql);
$stmt->bindValue(':userId', Session::getUser()->getId());
$stmt->execute();
return $stmt->numRows() == 0;
}
public function process()
{
$event = Events::getById($this->getElementValue('id'));
Events::setSignupStatus($this->user->getId(), $event['id'], 'SIGNEDUP');
Events::appendSignupComment($this->user->getId(), $event['id'], 'Forced signup.', Session::getUser()->getUsername());
logActivity('Forced signup of:' . $this->getElementValue('username') . ' to event: ' . $event['id'] . ' (' . $event['name'] . ')');
redirect('viewEvent.php?id=' . $event['id'], 'They have been signed up.');
}
public function process()
{
global $db;
$sql = 'INSERT INTO plugin_shoutbox (user, content) VALUES (:user, :content) ';
$stmt = $db->prepare($sql);
$stmt->bindValue(':user', Session::getUser()->getId());
$stmt->bindValue(':content', $this->getElementValue('shout'));
$stmt->execute();
}
public function process()
{
$sql = 'INSERT INTO basket_items (user, event, basketOwner) VALUES (:user, :event, :basketOwner)';
$stmt = DatabaseFactory::getInstance()->prepare($sql);
$stmt->bindValue(':user', $this->user->getId());
$stmt->bindValue(':event', $this->getElementValue('event'));
$stmt->bindValue(':basketOwner', Session::getUser()->getId());
$stmt->execute();
}
function getQuadrants()
{
global $db;
$sql = 'SELECT q.id, q.name FROM quadrents q WHERE owner = :userId';
$stmt = $db->prepare($sql);
$stmt->bindValue(':userId', Session::getUser()->getId());
$stmt->execute();
return $stmt->fetchAll();
}
public function process()
{
global $db;
$sql = 'INSERT INTO news (title, content, author, date) VALUES (:title, :content, :author, now())';
$stmt = $db->prepare($sql);
$stmt->bindValue(':title', $this->getElementValue('title'));
$stmt->bindValue(':content', $this->getElementValue('content'));
$stmt->bindValue(':author', Session::getUser()->getId());
$stmt->execute();
}
function deleteSeatsForUser($eventId, $userId = null)
{
if (empty($userId)) {
$userId = Session::getUser()->getId();
}
$sql = 'DELETE FROM seatingplan_seat_selections WHERE event = :event AND user = :user ';
$stmt = DatabaseFactory::getInstance()->prepare($sql);
$stmt->bindValue(':event', $eventId);
$stmt->bindValue(':user', $userId);
$stmt->execute();
}
public function processNew()
{
global $db;
$sql = 'INSERT INTO page_content (page, content, updatedBy) VALUES (:title, :content, :userId) ';
$stmt = $db->prepare($sql);
$stmt->bindValue(':title', $this->getElementValue('title'));
$stmt->bindValue(':content', $this->getElementValue('content'));
$stmt->bindValue(':userId', Session::getUser()->getId());
$stmt->execute();
logActivity('Content created: ' . $this->getElementValue('title'));
return true;
}
function setUserInSeat($eventId, $seatId, $userId = null)
{
if (empty($userId)) {
$userId = Session::getUser()->getId();
}
logActivity('_u_' . ' selected seat ' . $seatId . ' for event _e_', null, array('user' => $userId, 'event' => $eventId));
$sql = 'INSERT INTO seatingplan_seat_selections (seat, event, user) VALUES (:seat, :event, :user1) ON DUPLICATE KEY UPDATE user = :user2';
$stmt = DatabaseFactory::getInstance()->prepare($sql);
$stmt->bindValue(':seat', $seatId);
$stmt->bindValue(':event', $eventId);
$stmt->bindValue(':user1', $userId);
$stmt->bindValue(':user2', $userId);
$stmt->execute();
}
public function process()
{
if (!empty($_SESSION['userHidden'])) {
$_SESSION['user'] = $_SESSION['userHidden'];
$_SESSION['userHidden'] = null;
} else {
// Directly manipulate the session to workaround the security restrictions.
if ($this->user->getId() == Session::getUser()->getId()) {
return;
}
$_SESSION['userHidden'] = $_SESSION['user'];
$_SESSION['user'] = $this->user;
}
}
private function removeEventsAlreadySignedupFor($events)
{
$sql = 'SELECT s.event, s.status FROM signups s WHERE s.user = :user AND s.status != "SIGNEDUP" ';
$stmt = DatabaseFactory::getInstance()->prepare($sql);
$stmt->bindValue(':user', Session::getUser()->getId());
$stmt->execute();
$eventIds = array();
foreach ($stmt->fetchAll() as $event) {
$eventIds[] = $event['event'];
}
foreach ($events as $key => $event) {
if (in_array($event['id'], $eventIds)) {
unset($events[$key]);
}
}
return $events;
}
public function process()
{
global $db;
$db->beginTransaction();
$sql = 'DELETE FROM survey_votes WHERE opt IN (SELECT id FROM survey_options WHERE survey = :survey) AND user = :user ';
$stmt = $db->prepare($sql);
$stmt->bindValue(':survey', $this->survey['id']);
$stmt->bindValue(':user', Session::getUser()->getId());
$stmt->execute();
$sql = 'INSERT INTO survey_votes (user, opt) VALUES (:user, :option)';
$stmt = $db->prepare($sql);
$count = 0;
foreach ($this->getElementValue('voteValue') as $vote) {
if ($count >= $this->survey['count']) {
break;
} else {
$count++;
}
$stmt->bindValue(':user', Session::getUser()->getId());
$stmt->bindValue(':option', $vote);
$stmt->execute();
}
$db->commit();
}
private function logSettingChange($settingKey)
{
if ($this->settings[$settingKey] != $this->getElementValue($settingKey)) {
logActivity('Changed site setting: ' . $settingKey, Session::getUser()->getId());
}
}
} else {
echo "You have <strong>" . $result->numRows() . "</strong> slaves. Keep your number of slaves up.";
}
break;
case 'business':
$result = $db->query("SELECT * FROM inventory WHERE owner = '" . $_SESSION['username'] . "' AND type = 'BUSINESS'");
if ($result->numRows() <= 0) {
echo "You've no businesses! Go to the shop, and buy some to start making money!";
echo "<br /><br /><strong>Overall</strong>: Bad";
} else {
echo "You have </strong>" . count_rows($result) . "</strong> businsesses, nice going.";
echo "<br /><br /><strong>Overall</strong>: Good";
}
break;
case 'financial':
if (\libAllure\Session::getUser()->getData('gold') <= 0) {
echo "We are in debt! Try raising some more cash.";
echo "<br /><br /><strong>Overall</strong>: Bad";
} else {
echo "We are not in debt, but make more money!";
echo "<br /><br /><strong>Overall</strong>: Good";
}
break;
case 'rankings':
$turns = get_turns($_SESSION['username']);
$rank = intval($turns['total_turns'] * $user->getData('gold') / 10000);
if ($rank <= 20) {
echo "You're rank is only <strong>" . $rank . "</strong>, you aught to try and improve this... Try making more money.";
echo "<br /><br /><strong>Overall</strong>: Bad";
} else {
echo "You've got a rank of <strong>" . $rank . "</strong>, keep going!";
/**
* FIXME: Check they are actually allowed to set the status.
*/
public static function setSignupStatus($userId, $eventId, $status)
{
global $db;
$status = strtoupper($status);
if ($userId != Session::getUser()->getId() && !Session::hasPriv('SIGNUPS_MODIFY')) {
throw new PermissionException('You may only edit your own signup.');
}
if ($status == 'DELETE') {
self::signupDelete($userId, $eventId);
return;
}
$sql = 'SELECT id FROM signups AS s WHERE s.user = :userId AND s.event = :eventId';
$stmt = $db->prepare($sql);
$stmt->bindValue(':userId', $userId);
$stmt->bindValue(':eventId', $eventId);
$stmt->execute();
if ($stmt->numRows() == 0) {
self::signupCreate($userId, $eventId, $status);
} else {
$signupId = $stmt->fetchRow();
$signupId = $signupId['id'];
self::signupUpdate($signupId, $status, false);
}
}
<li><h3>Financial</h3></li>
<li><a href="bank.php">bank</a></li>
<li><a href="shop.php">shop</a></li>
<li><a href="slaves.php">slaves</a></li>
<li><a href="business.php">business</a></li>
</ul>
<ul class = "mainmenu">
<li><h3>Account</h3></li>
<li><a href="contacts.php">contacts</a></li>
<li><a href="clans.php">clans</a></li>
<li><a href="logout.php">logout</a></li>
</ul>
</div>
<?php
$turns = getTurns(Session::getUser()->getUsername());
$gold = number_format(Session::getUser()->getData('gold'));
echo '<p class = "status">';
echo '<span class = "metric"><strong><img src = "resources/images/gold.png" /> ' . $gold . '</strong></span> ';
echo '<span class = "metric"><strong><img src = "resources/images/turn.png" /> ' . $turns['remaining'] . '</strong></span> ';
echo '<span class = "metric"><strong><img src = "resources/images/time.png" /> ' . $turns['time'] . '</strong></span>';
echo "</p>";
} else {
echo "<a href = \"register.php\">register</a> | ";
echo "<a href = \"login.php\">login</a>";
}
?>
</div>
<div class = "page">
<?php
require_once 'includes/widgets/header.php';
require_once 'includes/widgets/sidebar.php';
require_once 'includes/classes/FormPermissionCreate.php';
use libAllure\Session;
if (!Session::getUser()->hasPriv('VIEW_PRIVS')) {
box('You do not have permission to view this page.');
require_once 'includes/widgets/footer.php';
}
$sql = 'SELECT `key`, description FROM permissions ORDER BY `key` ASC';
$result = $db->query($sql);
$permissions = array();
while ($perm = $result->fetchRow()) {
if (Session::getUser()->hasPriv($perm['key'])) {
$priv = '<span class = "good">' . $perm['key'] . '</span>';
} else {
if (Session::hasPriv('VIEW_UNASSIGNED_PERMISSIONS')) {
$priv = '<span class = "bad">' . $perm['key'] . '</span>';
}
}
$perm['priv'] = $priv;
$permissions[] = $perm;
}
$tpl->assign('permissionsList', $permissions);
$tpl->display('listPermissions.tpl');
require_once 'includes/widgets/footer.php';
function getSingleUserSignupsWithStatuses($statuses, $user = null)
{
if ($user == null) {
$user = Session::getUser()->getId();
}
array_walk($statuses, array(DatabaseFactory::getInstance(), 'quote'));
array_walk($statuses, 'addQuotes');
$statusString = implode(", ", $statuses);
$sql = 'SELECT s.id, e.id AS eventId, e.name, s.status FROM signups s LEFT JOIN events e ON s.event = e.id WHERE s.user = :user AND s.status IN (' . $statusString . ')';
$stmt = DatabaseFactory::getInstance()->prepare($sql);
$stmt->bindValue(':user', $user);
$stmt->execute();
return $stmt->fetchAll();
}
protected function processUpdate()
{
global $db;
if ($this->getElementValue('status') == "DELETE") {
$this->processDelete();
}
$sanitizer = Sanitizer::getInstance();
$sql = 'UPDATE signups SET status = :status, numberMachinesAllowed = :machinesAllowed, comments = concat(comments, "\\n", now(), " (", :staffUsername, ") - ", :comments, :changeMetadata), gigabit = :gigabit, ticketCost = :ticketCost WHERE id = :id';
$stmt = $db->prepare($sql);
$stmt->bindValue(':id', $this->getElementValue('id'));
$stmt->bindValue(':status', $this->getElementValue('status'));
$stmt->bindValue(':comments', $sanitizer->formatString($this->getElementValue('comments')));
$stmt->bindValue(':gigabit', $sanitizer->formatBool($this->getElementValue('gigabit')));
$stmt->bindValue(':ticketCost', $this->getElementValue('ticketCost'));
$stmt->bindValue(':staffUsername', Session::getUser()->getUsername());
$stmt->bindValue(':changeMetadata', $this->getChangeMetadata());
$stmt->bindValue(':machinesAllowed', $this->getElementValue('numberMachinesAllowed'));
$stmt->execute();
$this->signup = $this->getSignup();
if ($this->getElementValue('status') == 'CANCELLED') {
require_once 'includes/functions.seatingPlan.php';
removeSeat($this->signup['event'], $this->signup['userId']);
}
$sql = 'SELECT e.id FROM events e WHERE e.id = :eventId LIMIT 1';
$stmt = $db->prepare($sql);
$stmt->bindValue(':eventId', $this->signup['event']);
$stmt->execute();
logActivity('Signup updated for _u_ to event _e_ ' . $this->getElementValue('comments') . '. ' . $this->getChangeMetadata(), null, array('user' => $this->signup['user'], 'event' => $this->signup['event']));
redirect('viewEvent.php?id=' . $this->signup['event'], 'Signup edited.');
}
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with pFrog; if not, write to the Free Software
Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
*******************************************************************************/
require_once 'includes/common.php';
$title = "index";
require_once "includes/widgets/header.php";
use libAllure\Session;
if (Session::isLoggedIn()) {
startBox("Hello again!", BOX_GREEN);
echo "Welcome back, " . Session::getUser()->getUsername() . ".";
stopBox(BOX_GREEN);
$sql = "SELECT * FROM `hints` ORDER BY rand() LIMIT 1 ";
$result = $db->query($sql);
$hint = $result->fetchRow();
startBox("Random Game Hint #" . $hint['id'], BOX_YELLOW);
echo $hint['content'];
stopBox(BOX_YELLOW);
} else {
echo "tycoonism is a free online role playing game, ( rpg for short ). The objectives of the game are as follows: ";
echo "<ul>";
echo "<li>Try to become the richest player in the game.</li>";
echo "<li>The richer you become, within the smallest time as possible will give you good rankings.</li>";
echo "<li>You play as a 'tycoon'. Earn lots of money while you get one up on your fellow players.</li>";
echo "</ul>";
}
<?php
use libAllure\HtmlLinksCollection;
use libAllure\Session;
if (!Session::isLoggedIn()) {
return;
}
$isMe = Session::getUser()->getId() == $user->getId() && Session::hasPriv('CHANGE_AVATAR');
$linksCollection = new HtmlLinksCollection('User admin');
$linksCollection->addIf(Session::hasPriv('DELETE_USER'), 'users.php?action=delete&id=' . $user->getId(), 'Delete', null, 'delete');
$linksCollection->addIf(Session::hasPriv('VIEW_ATTENDANCE'), 'viewAttendance.php?user='******'Attendance');
$linksCollection->addIf(Session::hasPriv('EDIT_USER') || $isMe, 'users.php?action=edit&user='******'Update my profile' : 'Edit user', null, 'update');
$linksCollection->addIf(Session::hasPriv('SEND_EMAIL'), 'sendEmail.php?userId=' . $user->getId(), 'Send email');
$linksCollection->addIf(Session::hasPriv('EDIT_OTHERS_AVATAR') || $isMe, 'updateAvatar.php?user='******'Avatar', null, 'avatar');
$linksCollection->addIfPriv('SUDO', 'formSudo.php?username='******'SUDO');
if ($linksCollection->hasLinks()) {
$tpl->assign('links', $linksCollection);
$tpl->display('sidebarLinks.tpl');
}
$tpl->error('Could not find user.');
}
if (Session::hasPriv('GROUP_EDIT')) {
$formAddUserToGroup = new FormAddUserToGroup($user->getId());
if ($formAddUserToGroup->validate()) {
$formAddUserToGroup->process();
}
}
require_once 'includes/widgets/header.php';
require_once 'includes/widgets/sidebar.php';
$userArray = array('username' => $user->getData('username'), 'realName' => $user->getData('real_name'), 'registered' => $user->getData('registered'));
$avatarUrl = 'resources/images/avatars/' . $user->getId() . '.png';
if (file_exists($avatarUrl)) {
$userArray['avatar'] = $avatarUrl;
}
if (Session::isLoggedIn() && Session::getUser()->hasPriv('VIEW_PROFILE_PRIVATE')) {
$userArray['canSeePrivate'] = true;
$userArray['lastLogin'] = $user->getData('lastLogin');
$userArray['email'] = $user->getData('email');
$bannedReason = $user->getData('bannedReason');
$userArray['isBanned'] = !empty($bannedReason);
$userArray['bannedReason'] = $bannedReason;
} else {
$userArray['canSeePrivate'] = false;
}
$tpl->assign('user', $userArray);
$tpl->display('profile.tpl');
if (Session::hasPriv('PRIVS_VIEW')) {
$listPermissions = array();
foreach ($user->getPrivs() as $privilege) {
if ($privilege['source'] == 'Group') {
loginPrompt();
}
$notifications = array();
if (Session::hasPriv('GALLERY_APPROVE_IMAGE')) {
$sql = 'SELECT i.filename, g.id AS gallery, g.title AS galleryTitle FROM images i LEFT JOIN galleries g ON i.gallery = g.id WHERE i.user_uploaded != 0 AND i.published = 0 ';
$stmt = DatabaseFactory::getInstance()->prepare($sql);
$stmt->execute();
$unpublishedUserUploadedImages = $stmt->fetchAll();
foreach ($unpublishedUserUploadedImages as $image) {
$notifications[] = 'Image <a href = "viewGalleryImage.php?filename=' . $image['filename'] . '&gallery=' . $image['gallery'] . '">' . $image['filename'] . '</a> in gallery ' . $image['galleryTitle'] . ', uploaded by a user, is unpublished. Please publish or delete.';
}
}
checkNotificationNotGuarenteedSeats($notifications);
$tpl->assign('notifications', $notifications);
$tpl->assign('emailFlagged', Session::getUser()->getData('emailFlagged'));
$tpl->assign('username', Session::getUser()->getUsername());
$standardLinks = new HtmlLinksCollection();
$standardLinks->addIf(Session::hasPriv('CHANGE_AVATAR'), 'updateAvatar.php', 'Avatar', 'avatar');
$standardLinks->addIf(Session::hasPriv('VIEW_ATTENDANCE'), 'viewAttendance.php', 'Attendance');
$standardLinks->addIfPriv('UPLOAD_GALLERY_IMAGE', 'formUploadImage.php', 'Upload gallery image');
$standardLinks->addIfPriv('VIEW_SURVEYS', 'listSurveys.php', 'Survey', 'survey');
$tpl->assign('standardLinks', $standardLinks);
$privilegedLinks = new HtmlLinksCollection();
$privilegedLinks->addIfPriv('ADMIN_USERS', 'users.php', 'Users', 'users');
$privilegedLinks->addIfPriv('ADMIN_GROUPS', 'listGroups.php', 'Groups');
$privilegedLinks->addIfPriv('ADMIN_USERS', 'formFlagEmail.php', 'Flag bad emails', 'users');
$privilegedLinks->addIfPriv('VIEW_PRIVS', 'listPermissions.php', 'Permissions');
$privilegedLinks->addIfPriv('VIEW_VENUES', 'listVenues.php', 'Venues');
$privilegedLinks->addIfPriv('EDIT_CONTENT', 'listContent.php', 'Content blocks', 'contentBlocks');
$privilegedLinks->addIfPriv('VIEW_LOG', 'listLogs.php', 'Log');
$privilegedLinks->addIfPriv('MAILING_LIST', 'viewMailingList.php', 'Mailing list');
function getThemeDirectory()
{
$installedThemes = 'resources/themes/';
if (Session::isLoggedIn()) {
$theme = Session::getUser()->getData('theme');
if (is_dir($installedThemes . $theme)) {
return $installedThemes . $theme;
}
}
return $installedThemes . getSiteSetting('theme', 'airdale');
}
public function process()
{
$filename = uniqid() . '.png';
$this->getElement('file')->destinationFilename = 'full/' . $filename;
$this->getElement('file')->savePng();
$this->getElement('file')->resize(100, 100);
$this->getElement('file')->destinationFilename = 'thumb/' . $filename;
$this->getElement('file')->savePng();
$gal = intval(str_replace('gallery', null, $this->getElementValue('dir')));
if ($gal != null) {
$sql = 'INSERT INTO images (filename, gallery, caption, published, user_uploaded) values (:filename, :gallery, :caption, 0, :user)';
$stmt = DatabaseFactory::getInstance()->prepare($sql);
$stmt->bindValue(':filename', $filename);
$stmt->bindValue(':gallery', $gal);
$stmt->bindValue(':caption', 'Uploaded by: ' . Session::getUser()->getUsername());
$stmt->bindValue(':user', Session::getUser()->getId());
$stmt->execute();
}
logActivity(Session::getUser()->getUsername() . ' uploaded image ' . $filename . ' to gallery: ' . $this->getElement('file')->destinationDir);
redirect('account.php', 'Image has been uploaded, thanks!');
}
require_once 'includes/widgets/footer.php';
break;
case 'bacsComplete':
foreach (Basket::getContents() as $ticket) {
Events::setSignupStatus(Session::getUser()->getId(), $ticket['eventId'], 'BACS_WAITING');
}
Basket::clear();
redirect('account.php', 'Thanks, you will be marked as PAID by an admin when they receive the transfer.');
break;
case 'paypalFail':
logAndRedirect('account.php', 'Paypal transaction failed.');
break;
case 'paypalComplete':
logActivity('Started processing PayPal payment notification');
foreach (Basket::getContents() as $ticket) {
logActivity('PayPal transaction processing - setting status to PAID for event. Ticket owner _u_, event _e_', $ticket['userId'], array('event' => $ticket['eventId'], 'user' => Session::getUser()->getId()));
Events::setSignupStatus($ticket['userId'], $ticket['eventId'], 'PAID');
}
logActivity('Finished processing PayPal payment notification.');
Basket::clear();
redirect('account.php', 'Thanks, payment complete!');
break;
default:
require_once 'includes/widgets/header.php';
require_once 'includes/widgets/sidebar.php';
startBox();
echo str_replace('%BASKETTOTAL%', doubleToGbp($cost), getContent('selectPaymentMethod'));
$tpl->assign('cost', $cost);
$tpl->assign('costPaypal', getPaypalCommission($cost));
$tpl->assign('paypalEmail', getSiteSetting('paypalEmail'));
$tpl->assign('listBasketContents', Basket::getContents());
(at your option) any later version.
pFrog is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with pFrog; if not, write to the Free Software
Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
*******************************************************************************/
require_once "includes/common.php";
$title = "slaves";
require_once "includes/widgets/header.php";
$sql = "SELECT * FROM slaves WHERE `user` = '" . \libAllure\Session::getUser()->getUsername() . "'";
$result = $db->query($sql);
$slaves = $result->numRows();
startBox("Slaves", BOX_GREEN);
echo "You currently have <strong>" . $slaves . "</strong> slaves.";
echo "<ul>";
while ($row = $result->fetchRow()) {
popup("<li>" . $row['name'] . "</li>", "view_slave.php?slave=" . $row['name']);
}
echo "</ul>";
stopBox(BOX_GREEN);
$sql = 'SELECT * FROM slaves WHERE user = ""';
$result = $db->query($sql);
if ($result->numRows() == 0) {
startBox("Slave Shop", BOX_RED);
echo "There are are not any slaves for sale.";
<?php
require_once 'includes/common.php';
use libAllure\Session;
$id = intval($_REQUEST['id']);
if (!(Session::isLoggedIn() && Session::getUser()->hasPriv('EVENT_DELETE'))) {
throw new PermissionsException();
}
$sql = 'DELETE FROM events WHERE id = :id LIMIT 1';
$stmt = $db->prepare($sql);
$stmt->bindValue(':id', $id);
$stmt->execute();
logActivity('Event deleted');
redirect('listEvents.php', 'Event deleted. Oh dear.');
<?php require_once 'includes/common.php'; require_once 'includes/classes/DatabaseItem.php'; require_once 'includes/classes/Events.php'; use libAllure\Session; var_dump(Session::getUser());