function confirm_user_is_admin() { confirm_logged_in(); if ($_SESSION['admin'] != 1) { redirect_to("index.php"); } }
<?php //if returns yes in sched.php this page will be executed include '../../config/connection.php'; include '../../config/sy.php'; require '../../auth.php'; confirm_logged_in(); check_level(); $course = $_REQUEST['course']; $yrlvl = $_REQUEST['yrlvl']; $sem = $_REQUEST['sem']; $s = mysql_query("SELECT * FROM scheds WHERE course_id='{$course}' AND yrlvl='{$yrlvl}' AND sem='{$sem}'"); while ($t = mysql_fetch_array($s)) { $trappings = mysql_query("SELECT * FROM schedules WHERE `subject_id`='{$t['subject_id']}' AND `course_id`='{$t['course_id']}' AND `section_id`='{$t['section_id']}' OR `time_id`='{$t['time_id']}' AND `room_id`='{$t['room_id']}' AND `sy_id`='{$sy['sy_id']}' AND `sem`='{$sem}' "); if (mysql_num_rows($trappings) > 0) { } else { $insert = mysql_query("INSERT INTO schedules(`sched_id`,`subject_id`,`course_id`,`yrlvl`,`time_id`,`section_id`,`room_id`,`size`,`pop`,`sy_id`,`sem`,`status`)VALUES('','{$t['subject_id']}','{$t['course_id']}','{$t['yrlvl']}','{$t['time_id']}','{$t['section_id']}','{$t['room_id']}','{$t['size']}','{$t['pop']}','{$t['sy_id']}','{$t['sem']}','{$t['status']}')"); } } //$deleteexist=mysql_query("DELETE FROM scheds WHERE EXISTS (SELECT * FROM schedules WHERE scheds.sched_id=schedules.sched_id)"); echo "<meta http-equiv='refresh' content='0; url=classmenu.php'><script>alert('Schedules has been set successfully!')</script>";
<?php require_once '../_includes/functions.php'; require_once '../_includes/session.php'; require_once '../_includes/connection.php'; require_once '../_includes/headfoot.php'; require_once '_includes/blog_functions.php'; confirm_logged_in(2); $url = 'comment.php'; if (isset($_GET['page'])) { $url .= '?page=' . $_GET['page']; } //decided if someone is friendly is_friendly($_GET['friendly'], $_SESSION['user_name'], $_COOKIE['friendly'], $url); if (!isset($_GET['id']) || !is_numeric($_GET['id'])) { redirect_to("index.php?error=1"); } //insert the post into the database if (isset($_POST['submit'])) { $clean_comment = strip_tags($_POST['comment'], '<p><h2><h3><br><a>'); $html_ready_comment = htmlspecialchars($clean_comment); global $connection; $query = "INSERT INTO "; $query .= " comments ("; $query .= "author, comment, page_id"; $query .= ") VALUES ("; $query .= "'{$_SESSION['user_name']}', '{$html_ready_comment}', '{$_GET['id']}')"; $result = mysql_query($query, $connection); redirect_to('ind_blog.php?page=' . $_GET['id'] . '&msg=1'); } ?>
<?php require_once '../_includes/connection.php'; require_once '_includes/header_footer_blog.php'; require_once '../_includes/functions.php'; require_once '_includes/blog_functions.php'; require_once '_includes/session.php'; confirm_logged_in(4); if (!$_GET['page']) { redirect_to("index.php?error=4"); } $clean_id = mysql_prep($_GET['page']); if ($page = get_page_by_id($clean_id)) { $query = "DELETE FROM pages WHERE id ={$clean_id} LIMIT 1"; $result = mysql_query($query, $connection); if (mysql_affected_rows() == 1) { $message = "A single post was deleted.<br />"; if (get_comments($clean_id, ALL) > 0) { $query_comments = "DELETE FROM comments WHERE page_id={$clean_id}"; mysql_affected_rows(); if (mysql_affected_rows() == 1) { $message .= "And a single comment was deleted."; } else { $message .= "And " . mysql_affected_rows() . " comments were deleted."; } } } else { $message = '<p>Subject Deletion Failed</p>'; } } ?>
<?php require_once '../_includes/connection.php'; require_once '_includes/header_footer_blog.php'; require_once '../_includes/functions.php'; require_once '_includes/blog_functions.php'; require_once '_includes/session.php'; confirm_logged_in(3); $url = 'add_post.php'; is_friendly($_GET['friendly'], $_SESSION['user_name'], $_COOKIE['friendly'], $url); //insert the post into the database if (isset($_POST['submit'])) { global $connection; $query = "INSERT INTO "; $query .= " pages ("; $query .= "subject_id, page_name, content, tags, visible, author, draft"; $query .= ") VALUES ("; $query .= "4, '{$_POST[page_name]}', '{$_POST['content']}', '{$_POST['tags']}', {$_POST['public']}, '{$_SESSION['user_name']}', {$_POST['draft']})"; $result = mysql_query($query, $connection); redirect_to('index.php'); } echo $header_blog1; ?> <link rel= "stylesheet" type = "text/css" href="../blog/_stylesheets/form.css"> <link href='http://fonts.googleapis.com/css?family=Rock+Salt' rel='stylesheet' type='text/css'> <title>RCM: Add</title> <?php echo $header_blog2; ?> <body>