function login_verify($dataInbound)
{
// Something something cookie, something something database
function return_failed($error)
{
echo '<script type="text/javascript"> window.alert("' . $error . '"); </script>';
echo '<script type="text/javascript"> window.location="/"; </script>';
die;
}
if (!function_exists('configure_active_database')) {
require '../api/settings.php';
require '../api/api.fnc.php';
$socket = ConnectToDatabase(configure_active_database()) or die("<strong>Error:</strong> couldn't find database! Try again in a few moments.");
} else {
$socket = ConnectToDatabase(configure_active_database()) or die("<strong>Error:</strong> couldn't find database! Try again in a few moments.");
}
$uvEmailAddress = $dataInbound['emailAddress'];
$uvFirstName = $dataInbound['firstName'];
$uvLoginStamp = $dataInbound['loginStamped'];
if (empty($uvLoginStamp)) {
// Well that was easy...
return_failed("No Stamp");
} else {
$return = array();
$emailAddress = $socket->real_escape_string(filter_var($uvEmailAddress, FILTER_VALIDATE_EMAIL));
$firstName = $socket->real_escape_string(filter_var($uvFirstName, FILTER_SANITIZE_FULL_SPECIAL_CHARS, FILTER_FLAG_NO_ENCODE_QUOTES));
$safeQuery = "SELECT * FROM `users` WHERE `emailaddress`='{$emailAddress}' AND `firstname`='{$firstName}';";
$result = MakeDatabaseQuery($safeQuery, $socket) or return_failed("Query Failed");
$isRows = $result->num_rows;
if ($isRows == 0) {
// Nothing came back in the query.
return_failed("No Rows");
} else {
// There was a result...
$returnKeys = MakeDatabaseFetch($result, $socket);
if ($returnKeys[emailaddress] == $emailAddress) {
if ($returnKeys[firstname] == $firstName) {
$return["email_address"] = $returnKeys['emailaddress'];
$return["first_name"] = $returnKeys['firstname'];
//$return["user_password"] = $returnKeys['password'];
}
}
}
}
return $return;
}
<?php
require "authentication_header.fnc.php";
require "api.fnc.php";
require "settings.php";
$db = configure_active_database();
$socket = ConnectToDatabase($db);
$query = MakeDatabaseQuery("SELECT * FROM `registrations`;", $socket);
$return = array();
foreach ($query as $key) {
$when = $key[when];
$where = $key[where];
$for = $key['for'];
$description = $key[description];
if ($key[priority] == 1) {
$priority = "Low";
}
if ($key[priority] == 2) {
$priority = "Medium";
}
if ($key[priority] == 3) {
$priority = "High";
}
if ($key[priority] == 4) {
$priority = "Urgent (LMA)";
}
$topush = array("id" => $key['id'], "when" => $when, "where" => $where, "for" => $for, "description" => $description, "priority" => $priority, "who" => $key['who']);
array_push($return, $topush);
}
echo json_encode($return, JSON_PRETTY_PRINT);
}
function fix_time($timeString)
{
try {
// COOKIE TIME FIXER!!!!!
$correctTimeStamp = date("l, d-M-Y H:i:s T", $timeString);
} catch (Exception $e) {
return_failed();
}
return $correctTimeStamp;
}
// @Build Query
$safeQuery = "SELECT * FROM `administrators` WHERE `emailaddress`='{$cleanData['emailaddress']}' AND `password`='{$cleanData['password']}';";
// @Insert New User
try {
$result = MakeDatabaseQuery($safeQuery, $socket) or return_failed();
$isRows = $result->num_rows;
if ($isRows == 0) {
// Nothing came back in the query.
return_failed();
} else {
// There was a result...
$returnKeys = MakeDatabaseFetch($result, $socket);
if ($returnKeys[emailaddress] == $cleanData[emailaddress]) {
if ($returnKeys[password] == $cleanData[password]) {
// Vaid user.
$time = fix_time(time() + 9000);
echo '<script type="text/javascript">
document.cookie="emailAddress=' . $returnKeys[emailaddress] . '; expires=' . $time . ';";
document.cookie="firstName=' . $returnKeys[firstname] . '; expires=' . $time . ';";
document.cookie="loginStamped=until; expires=' . $time . ';";
<?php
// Manegerial dashboard
// Functions
require "../api/api.fnc.php";
require "../api/settings.php";
require "loginverification.fnc.php";
// Wrapper
$userData = login_verify($_COOKIE);
$db = configure_active_database();
$socket = ConnectToDatabase($db);
$event = $socket->real_escape_string(filter_var($_GET['event'], FILTER_SANITIZE_FULL_SPECIAL_CHARS, FILTER_FLAG_NO_ENCODE_QUOTES));
$query = MakeDatabaseQuery("SELECT * FROM `registrations` WHERE `for`={$event};", $socket);
$inc = 0;
foreach ($query as $key) {
$inc++;
}
if ($_GET[csv] == true) {
header("Content-Type: text/plain");
header("Content-Disposition: attachment;filename=registrations.csv");
foreach ($query as $key) {
if (!empty($key[dietary])) {
echo "{$key['name']}, {$key['school']}, {$key['email']}, {$key['phone']}, {$key['dietary']},\n";
} else {
echo "{$key['name']}, {$key['school']}, {$key['email']}, {$key['phone']}, none,\n";
}
}
} else {
require "../attendees/header.php";
?>
<?php
// Manegerial dashboard
// Functions
require "../api/api.fnc.php";
require "../api/settings.php";
require "loginverification.fnc.php";
// Wrapper
require "header.php";
$userData = login_verify($_COOKIE);
$db = configure_active_database();
$socket = ConnectToDatabase($db);
$query = MakeDatabaseQuery("SELECT * FROM `registrations` WHERE `WHO`='{$userData['email_address']}' AND `completed`='0';", $socket);
$inc = 0;
foreach ($query as $key) {
$inc++;
}
?>
<div class="page-header">
<h2>TfEL Guru Reservations</h2>
<p class="lead">Professional One-To-One Development</p>
</div>
<p>Welcome back, <?php
echo $userData[first_name];
?>
. You have <?php
echo $inc;
?>
reservations upcoming.</p>
<?php
// Manegerial dashboard
// Functions
require "../api/api.fnc.php";
require "../api/settings.php";
require "loginverification.fnc.php";
$userData = login_verify($_COOKIE);
$db = configure_active_database();
$socket = ConnectToDatabase($db);
$delete = $socket->real_escape_string(filter_var($_GET['id'], FILTER_SANITIZE_FULL_SPECIAL_CHARS, FILTER_FLAG_NO_ENCODE_QUOTES));
$query = MakeDatabaseQuery("DELETE FROM `eventmanager`.`registrations` WHERE `registrations`.`id` = {$delete}", $socket);
if (!$query) {
die("Failed");
} else {
header("Location: /manager/dashboard.php");
}
$catering = $socket->real_escape_string(filter_var($_GET['catering'], FILTER_SANITIZE_FULL_SPECIAL_CHARS, FILTER_FLAG_NO_ENCODE_QUOTES));
$head = $socket->real_escape_string(filter_var($_GET['head'], FILTER_SANITIZE_FULL_SPECIAL_CHARS, FILTER_FLAG_NO_ENCODE_QUOTES));
$sub = $socket->real_escape_string(filter_var($_GET['sub'], FILTER_SANITIZE_FULL_SPECIAL_CHARS, FILTER_FLAG_NO_ENCODE_QUOTES));
$description = $socket->real_escape_string(filter_var($_GET['description']));
// Wrapper...
require "../attendees/header.php";
if (empty($dtbegin) || empty($dtend) || empty($name) || empty($venue) || empty($cost) || empty($catering) || empty($head) || empty($sub) || empty($description)) {
$success = false;
$error_message = "You didn't fill in all the required fields, please go back and try again";
} else {
if ($existing_event == true) {
$query = "UPDATE `eventmanager`.`events` SET `dtbegin`='{$dtbegin}', `dtend`='{$dtend}', `name`='{$name}', `venue`='{$venue}', `cost`='{$cost}', `catering`='{$catering}', `head`='{$head}', `sub`='{$sub}', `description`='{$description}' WHERE `events`.`id`={$event_id};";
$return = MakeDatabaseQuery($query, $socket);
} else {
$query = "INSERT INTO `eventmanager`.`events` (`id`, `created`, `owner`, `dtbegin`, `dtend`, `name`, `venue`, `cost`, `catering`, `head`, `sub`, `description`) VALUES (NULL, CURRENT_TIMESTAMP, '{$owner}', '2014-09-09 00:00:00', '2014-09-09 00:00:00', '{$name}', '{$venue}', '{$cost}', '{$catering}', '{$head}', '{$sub}', '{$description}');";
$return = MakeDatabaseQuery($query, $socket);
}
//$return = MakeDatabaseQuery("INSERT INTO `eventmanager`.`registrations` (`id`, `created`, `for`, `name`, `school`, `email`, `phone`, `dietary`) VALUES (NULL, CURRENT_TIMESTAMP, '$event', '$name', '$school', '$email', '$phone', '$dietary');", $socket);
}
if (!$return) {
$success = false;
$error_message = "Internal software error, it's not you, it's us, please try again";
} else {
$success = true;
}
?>
<div class="page-header">
<h2>Teaching for Effective Learning Events</h2>
<p class="lead">Evolved Event Management Dashboard</p>
</div>
<?php
// Manegerial dashboard
// Functions
require "../api/api.fnc.php";
require "../api/settings.php";
require "loginverification.fnc.php";
$userData = login_verify($_COOKIE);
$db = configure_active_database();
$socket = ConnectToDatabase($db);
$delete = $socket->real_escape_string(filter_var($_GET['id'], FILTER_SANITIZE_FULL_SPECIAL_CHARS, FILTER_FLAG_NO_ENCODE_QUOTES));
$query = MakeDatabaseQuery("DELETE FROM `reservations`.`registrations` WHERE `id` = {$delete}", $socket);
if (!$query) {
die("Failed");
} else {
header("Location: dashboard.php");
}