function check_valid_user()
{
if (isset($_SESSION['valid_user'])) {
echo "Logged in as " . $_SESSION['valid_user'] . ".<br />";
} else {
do_html_heading('Problem:');
echo 'You are not logged in.<br />';
do_html_url('login.php', 'Login');
do_html_footer();
exit;
}
}
function check_valid_user()
{
//see if somebody is logged in and notify them if not
if (isset($_SESSION['valid_user'])) {
echo "Logged in as " . $_SESSION['valid_user'] . "<br/>";
} else {
//they are not logged in
do_html_heading('Problem');
echo 'You are not logged in.<br/>';
do_html_URL('login.php', 'Login');
do_html_footer();
exit;
}
}
function check_valid_user()
{
global $valid_user;
if (session_is_registered("valid_user")) {
echo "Logged in como {$valid_user}.";
echo "<br>";
} else {
// they are not logged in
do_html_heading("Problema:");
echo "No estás logged in.<br>";
do_html_url("login.php", "Login");
do_html_footer();
exit;
}
}
function check_valid_user()
{
global $HTTP_SESSION_VARS;
if (isset($HTTP_SESSION_VARS['valid_user'])) {
echo 'Logged in as ' . $HTTP_SESSION_VARS['valid_user'] . '.';
echo '<br />';
} else {
// they are not logged in
do_html_heading('Problem:');
echo 'You are not logged in.<br />';
do_html_url('login.php', 'Login');
do_html_footer();
exit;
}
}
function setup_view_all_bids(&$num_rows, &$dbprefix, $err_message = "")
{
//Establish connection with database
$db = adodb_connect(&$err_message);
//global $_SESSION ;
//SQL Query to select all the papers
$selectionSQL = " SELECT PP.PaperID";
$selectionSQL .= " FROM " . $GLOBALS["DB_PREFIX"] . "Paper AS PP LEFT JOIN " . $GLOBALS["DB_PREFIX"] . "Selection AS S ";
$selectionSQL .= " USING (PaperID) ";
$selectionSQL .= " WHERE PP.Withdraw='false' AND S.MemberName=" . db_quote($db, $_SESSION["valid_user"]);
// echo $selectionSQL ;
$result = $db->Execute($selectionSQL);
if (!$result) {
do_html_header("View Bid Papers Failed", &$err_message);
$err_message .= " Could not execute \"setup_view_all_bids\" in \"bid_all_papers.php\". <br>\n";
$err_message .= "<br><br> Try <a href='" . $_SERVER["PHP_SELF"] . "?" . $_SERVER["QUERY_STRING"] . "'>again</a>?";
do_html_footer(&$err_message);
exit;
}
$paperid = "";
if ($id = $result->FetchNextObj()) {
$paperid = $id->PaperID;
while ($id = $result->FetchNextObj()) {
$paperid .= " , " . $id->PaperID;
}
$selectionSQL = "SELECT * FROM " . $GLOBALS["DB_PREFIX"] . "Paper";
$selectionSQL .= " WHERE PaperID NOT IN (" . $paperid . ")";
$selectionSQL .= " AND Withdraw = 'false'";
} else {
$selectionSQL = "SELECT * FROM " . $GLOBALS["DB_PREFIX"] . "Paper";
$selectionSQL .= " WHERE Withdraw = 'false'";
}
$result = $db->Execute($selectionSQL);
if (!$result) {
do_html_header("View Bid Papers Failed", &$err_message);
$err_message .= " Could not execute \"setup_view_all_bids\" in \"bid_all_papers.php\". <br>\n";
$err_message .= "<br><br> Try <a href='" . $_SERVER["PHP_SELF"] . "?" . $_SERVER["QUERY_STRING"] . "'>again</a>?";
do_html_footer(&$err_message);
exit;
}
$num_rows = $result->RecordCount();
if ($num_rows <= 0) {
$selectionSQL = " There are no papers to bid. <br>\n";
}
return $selectionSQL;
}
function check_valid_user()
{
//checks that current user has a registered session. This is aimed at users who have not just logged in,
//but are mid-session. So does not connect to db again
//see if somebody is logged in and notify them if not
if (isset($_SESSION["valid_user"])) {
echo "";
echo "Logged in as " . $_SESSION["valid_user"] . ".<br /n>";
} else {
//they are not logged in
do_html_header("Problem: ");
echo "You are not logged in. <br />";
do_html_url("login.php", "Login");
do_html_footer();
exit;
}
}
function redisplay(&$dbprefix, $err_message = "")
{
// global $_SERVER ;
if (($phasesResult = getAllPhases(&$err_message)) === NULL) {
do_html_header("Edit Phases Failed", &$err_message);
$err_message .= " Could not execute \"getAllPhases\" in \"edit_phases.php\". <br>\n";
$err_message .= "<br><br> Try <a href='" . $_SERVER["PHP_SELF"] . "?" . $_SERVER['QUERY_STRING'] . "'>again</a>?";
do_html_footer(&$err_message);
exit;
}
$array = array();
$r = 0;
while ($phaseInfo = $phasesResult->FetchNextObj()) {
$array["arrPhaseID"][$r] = $phaseInfo->PhaseID;
$array["arrPhaseName"][$r] = $phaseInfo->PhaseName;
$array["arrStartDate"][$r] = $phaseInfo->StartDate;
$array["arrEndDate"][$r] = $phaseInfo->EndDate;
$array["arrStatus"][$r] = $phaseInfo->Status;
$r++;
}
//end of while loop
return $array;
}
//create short variable names
$username = isset($_POST["username"]) ? $_POST["username"] : "";
$password = isset($_POST["password"]) ? $_POST["password"] : "";
//first check whether the user has come from the front page by filling out the form
if ($username && $password) {
//they have just tried to log in
try {
login($username, $password);
//if they are in the database (as in they are a member), register their username to the session ID variable called valid_user
$_SESSION["valid_user"] = $username;
} catch (Exception $e) {
//unsuccessful login
do_html_header("Problem: ");
echo "We could not log you in. You must be logged in to view this page.";
do_html_url("login.php", "Login");
do_html_footer();
exit;
}
}
//start the display
do_html_header("Home");
check_valid_user();
//get the bookmarks this user has saved
if ($url_array = get_user_urls($_SESSION["valid_user"])) {
//gilho instead of session valid user
display_user_urls($url_array);
}
//give menu options
display_user_menu();
do_html_footer();
$sql = "SELECT File,FileName,FileSize,FileType FROM " . $GLOBALS["DB_PREFIX"] . "File F , " . $GLOBALS["DB_PREFIX"] . "Paper P";
$sql .= " WHERE F.FileID=" . $_GET["fileid"] . " AND F.PaperID=P.PaperID";
$result = $db->Execute($sql);
$rows = $result->RecordCount();
if (!$result) {
do_html_header("View File Failed", &$err_message);
$err_message .= " Could not connect to File database.<br>\n";
$err_message .= "<br><br> Try <a href='view_file.php?fileid=" . $_GET["fileid"] . "'>again</a>?";
do_html_footer(&$err_message);
exit;
} else {
if (!$rows) {
do_html_header("View File Failed", &$err_message);
$err_message .= " The requested file is not available.<br>\n";
$err_message .= "<br><br> Try <a href='view_file.php?fileid=" . $_GET["fileid"] . "'>again</a>?";
do_html_footer(&$err_message);
exit;
}
}
$row = $result->FetchNextObj();
$data = $row->File;
$name = $row->FileName;
$size = $row->FileSize;
$type = $row->FileType;
// Check for Internet Explorer to avoid inline PDF viewing bug
$browser = getBrowser();
if ($browser == "IEWin") {
$method = "attachment";
} else {
$method = "inline";
}
<br/>用 户 名
<input class="input" tabindex="1" type="text" maxlength="20" size="40" name="uName"></input>
<br/>密 码
<input class="input" tabindex="2" type="password" maxlength="20" size="40" name="uPass"></input>
<br/>重复密码
<input class="input" tabindex="3" type="password" maxlength="20" size="40" name="uPass1"></input>
<br/>
<br/>性别
女<input type="radio" name="gender" value="1"></input>
男<input type="radio" name="gender" value="2" checked="checked"></input>
<br/>
<br/>请选择头像<br/>
<?php
for ($i = 1; $i <= 15; $i++) {
echo "<img src='image/head/{$i}.gif'><input type='radio' name='head' value='{$i}.gif'>";
if ($i % 5 == 0) {
//每5行换一行
echo "<br/>";
}
}
?>
<br/>
<input class="btn" tabindex="4" type="submit" value="注册"></input>
</form>
</div>
<br/>
<?php
echo do_html_footer();
?>
</body>
</html>
$sql = "SELECT File,FileName,FileSize,FileType FROM " . $GLOBALS["DB_PREFIX"] . "File F , " . $GLOBALS["DB_PREFIX"] . "Paper P";
$sql .= " WHERE F.FileID=" . $_GET["fileid"] . " AND F.PaperID=P.PaperID AND Withdraw='false'";
$result = $db->Execute($sql);
$rows = $result->RecordCount();
if (!$result) {
do_html_header("View File Failed", &$err_message);
$err_message .= " Could not connect to File database.<br>\n";
$err = $err_message . "<br><br> Try <a href='view_file.php?fileid=" . $_GET["fileid"] . "'>again</a>?";
do_html_footer(&$err);
exit;
} else {
if (!$rows) {
do_html_header("View File Failed", &$err_message);
$err_message .= " The requested file is not available.<br>\n";
$err = $err_message . "<br><br> Try <a href='view_file.php?fileid=" . $_GET["fileid"] . "'>again</a>?";
do_html_footer(&$err);
exit;
}
}
$row = $result->FetchNextObj();
$data = $row->File;
$name = $row->FileName;
$size = $row->FileSize;
$type = $row->FileType;
// Check for Internet Explorer to avoid inline PDF viewing bug
$browser = getBrowser();
if ($browser == "IEWin") {
$method = "attachment";
} else {
$method = "inline";
}
function redisplay(&$paperid_array, &$process, &$dbprefix, $err_message = "")
{
//Establish connection with database
$db = adodb_connect(&$err_message);
//global $_SESSION ;
$i = 0;
$array = array();
reset($paperid_array);
foreach ($paperid_array as $some => $paperID) {
//Get the paper information
if (($paperInfo = get_paper_info($paperID, &$err_message)) === false) {
do_html_header("Update Paper Bids Failed", &$err_message);
$err_message .= " Cannot retrieve information from database. <br>\n";
$err_message .= "<br><br> Try <a href='" . $_SERVER["PHP_SELF"] . "?" . $_SERVER["QUERY_STRING"] . "'>again</a>?";
do_html_footer(&$err_message);
exit;
}
$array[$i]["paperid"] = $paperInfo->PaperID;
$array[$i]["papertitle"] = stripslashes($paperInfo->Title);
//Get the lastest file of the paper
if (($FileIDData = get_latestFile($paperID, &$err_message)) === false) {
do_html_header("Update Paper Bids Failed", &$err_message);
$err_message .= " Could not execute \"get_latestFile\" in \"update_biddings.php\". <br>\n";
$err_message .= "<br><br> Try <a href='" . $_SERVER["PHP_SELF"] . "?" . $_SERVER["QUERY_STRING"] . "'>again</a>?";
do_html_footer(&$err_message);
exit;
}
$array[$i]["fileid"] = $FileIDData->FileID;
if ($catcomsep = getSelectedCategoryCommaSeparated($paperInfo->PaperID, &$err_message) || numCategories(&$err_message) == 0) {
$array[$i]["cat"] = $catcomsep;
} else {
do_html_header("Update Paper Bids Failed", &$err_message);
$err_message .= " Could not execute \"getSelectedCategoryCommaSeparated\" in \"update_biddings.php\". <br>\n";
$err_message .= "<br><br> Try <a href='" . $_SERVER["PHP_SELF"] . "?" . $_SERVER["QUERY_STRING"] . "'>again</a>?";
do_html_footer(&$err_message);
exit;
}
if ($authors = retrieve_authors($paperInfo->PaperID, &$err_message)) {
$array[$i]["author"] = $authors;
} else {
do_html_header("Update Paper Bids Failed", &$err_message);
$err_message .= " Could not execute \"retrieve_authors\" in \"update_biddings.php\". <br>\n";
$err_message .= "<br><br> Try <a href='" . $_SERVER["PHP_SELF"] . "?" . $_SERVER["QUERY_STRING"] . "'>again</a>?";
do_html_footer(&$err_message);
exit;
}
if ($process === "update") {
$preferenceSQL = " SELECT PreferenceID FROM " . $GLOBALS["DB_PREFIX"] . "Selection ";
$preferenceSQL .= " WHERE PaperID = " . $paperInfo->PaperID;
$preferenceSQL .= " AND Membername = '" . $_SESSION["valid_user"] . "'";
$preferenceResult = $db->Execute($preferenceSQL);
if (!$preferenceResult) {
do_html_header("Update Paper Bids Failed", &$err_message);
$err_message .= " Could not query \"Selection\" table in database by \"redisplay()\" of \"update_biddings.php\". <br>\n";
$err_message .= "<br><br> Try <a href='" . $_SERVER["PHP_SELF"] . "?" . $_SERVER["QUERY_STRING"] . "'>again</a>?";
do_html_footer(&$err_message);
exit;
}
$userPreference = $preferenceResult->FetchNextObj();
$array[$i]["bidid"] = $userPreference->PreferenceID;
}
if ($bidtable = Generate_Preference_Radio_Input_Table($paperInfo->PaperID, $array[$i]["bidid"], &$err_message)) {
$array[$i]["bid"] = $bidtable;
} else {
do_html_header("Update Paper Bids Failed", &$err_message);
$err_message .= " Could not execute \"retrieve_authors\" in \"update_biddings.php\". <br>\n";
$err_message .= "<br><br> Try <a href='" . $_SERVER["PHP_SELF"] . "?" . $_SERVER["QUERY_STRING"] . "'>again</a>?";
do_html_footer(&$err_message);
exit;
}
$i++;
}
//End of for loop
return $array;
}
function check_valid_user()
{
if (isset($_SESSION['valid_user'])) {
echo '<div id="login_form">';
echo 'Bienvenido ' . $_SESSION['valid_user'] . '.';
} else {
// they are not logged in
echo 'You are not logged in.<br />';
echo '<a href="login.php">Login</a>';
do_html_footer();
exit;
}
}
function check_valid_user()
{
if (isset($_SESSION['valid_user'])) {
/*echo '<div id="login_form">';
echo 'Bienvenido '.$_SESSION['valid_user'].'.';
*/
header('Location: index.php');
exit;
} else {
// they are not logged in
echo 'El usuario o contraseña es erroneo.<br />';
echo '<a href="login.php">Login</a>';
do_html_footer();
exit;
}
}
function check_admin_user()
{
if (isset($_SESSION['admin_user'])) {
return true;
} else {
do_html_header("出错了:");
do_html_url('login.php', '您还没有登录,请先登录');
do_html_footer();
exit;
}
}
function isValidLogoFile(&$file, $error_array = array(), $index = 0, $array_key = NULL)
{
static $hasvalue = "false";
switch ($array_key) {
case "name":
$hasvalue = "true";
break;
case "type":
if ($file == "image/jpeg" || $file == "image/pjpeg" || $file == "image/x-png" || $file == "image/png") {
} else {
$error_array[$index] = " This \"{$file}\" file type is not supported.<br>\n";
return false;
}
break;
case "tmp_name":
break;
case "size":
if ($file == 0 && $hasvalue == "true") {
// echo "Failed \$string: " . $string . " <br>\n" ;
$error_array[$index] = " Please upload a valid file.<br>\n";
return false;
} else {
$err_message =& $GLOBALS["err_message"];
if (($setobj = get_Conference_Settings(&$err_message)) === NULL) {
// global $_SERVER ;
do_html_header("Data Validation Failed", &$err_message);
$err_message .= " Could not execute \"get_Conference_Settings\" in \"data_validation_fns.php\". <br>\n";
$err_message .= "<br><br> Try <a href='" . $_SERVER["PHP_SELF"] . "?" . $_SERVER["QUERY_STRING"] . "'>again</a>?";
do_html_footer(&$err_message);
exit;
}
$maxfilesize = intval(ini_get("upload_max_filesize")) * 1000000;
if ($setobj) {
$maxfilesize = $setobj->MaxLogoSize;
}
if ($file > $maxfilesize) {
$error_array[$index] = " Please keep file size to the limit of {$maxfilesize} bytes.<br>\n";
return false;
break;
}
return true;
}
break;
case "error":
if ($file == 2) {
$error_array[$index] = " Please keep file size under the limit.<br>\n";
return false;
} else {
return true;
}
break;
default:
break;
}
}
