function check_valid_user() { if (isset($_SESSION['valid_user'])) { echo "Logged in as " . $_SESSION['valid_user'] . ".<br />"; } else { do_html_heading('Problem:'); echo 'You are not logged in.<br />'; do_html_url('login.php', 'Login'); do_html_footer(); exit; } }
function check_valid_user() { //see if somebody is logged in and notify them if not if (isset($_SESSION['valid_user'])) { echo "Logged in as " . $_SESSION['valid_user'] . "<br/>"; } else { //they are not logged in do_html_heading('Problem'); echo 'You are not logged in.<br/>'; do_html_URL('login.php', 'Login'); do_html_footer(); exit; } }
function check_valid_user() { global $valid_user; if (session_is_registered("valid_user")) { echo "Logged in como {$valid_user}."; echo "<br>"; } else { // they are not logged in do_html_heading("Problema:"); echo "No estás logged in.<br>"; do_html_url("login.php", "Login"); do_html_footer(); exit; } }
function check_valid_user() { global $HTTP_SESSION_VARS; if (isset($HTTP_SESSION_VARS['valid_user'])) { echo 'Logged in as ' . $HTTP_SESSION_VARS['valid_user'] . '.'; echo '<br />'; } else { // they are not logged in do_html_heading('Problem:'); echo 'You are not logged in.<br />'; do_html_url('login.php', 'Login'); do_html_footer(); exit; } }
function setup_view_all_bids(&$num_rows, &$dbprefix, $err_message = "") { //Establish connection with database $db = adodb_connect(&$err_message); //global $_SESSION ; //SQL Query to select all the papers $selectionSQL = " SELECT PP.PaperID"; $selectionSQL .= " FROM " . $GLOBALS["DB_PREFIX"] . "Paper AS PP LEFT JOIN " . $GLOBALS["DB_PREFIX"] . "Selection AS S "; $selectionSQL .= " USING (PaperID) "; $selectionSQL .= " WHERE PP.Withdraw='false' AND S.MemberName=" . db_quote($db, $_SESSION["valid_user"]); // echo $selectionSQL ; $result = $db->Execute($selectionSQL); if (!$result) { do_html_header("View Bid Papers Failed", &$err_message); $err_message .= " Could not execute \"setup_view_all_bids\" in \"bid_all_papers.php\". <br>\n"; $err_message .= "<br><br> Try <a href='" . $_SERVER["PHP_SELF"] . "?" . $_SERVER["QUERY_STRING"] . "'>again</a>?"; do_html_footer(&$err_message); exit; } $paperid = ""; if ($id = $result->FetchNextObj()) { $paperid = $id->PaperID; while ($id = $result->FetchNextObj()) { $paperid .= " , " . $id->PaperID; } $selectionSQL = "SELECT * FROM " . $GLOBALS["DB_PREFIX"] . "Paper"; $selectionSQL .= " WHERE PaperID NOT IN (" . $paperid . ")"; $selectionSQL .= " AND Withdraw = 'false'"; } else { $selectionSQL = "SELECT * FROM " . $GLOBALS["DB_PREFIX"] . "Paper"; $selectionSQL .= " WHERE Withdraw = 'false'"; } $result = $db->Execute($selectionSQL); if (!$result) { do_html_header("View Bid Papers Failed", &$err_message); $err_message .= " Could not execute \"setup_view_all_bids\" in \"bid_all_papers.php\". <br>\n"; $err_message .= "<br><br> Try <a href='" . $_SERVER["PHP_SELF"] . "?" . $_SERVER["QUERY_STRING"] . "'>again</a>?"; do_html_footer(&$err_message); exit; } $num_rows = $result->RecordCount(); if ($num_rows <= 0) { $selectionSQL = " There are no papers to bid. <br>\n"; } return $selectionSQL; }
function check_valid_user() { //checks that current user has a registered session. This is aimed at users who have not just logged in, //but are mid-session. So does not connect to db again //see if somebody is logged in and notify them if not if (isset($_SESSION["valid_user"])) { echo ""; echo "Logged in as " . $_SESSION["valid_user"] . ".<br /n>"; } else { //they are not logged in do_html_header("Problem: "); echo "You are not logged in. <br />"; do_html_url("login.php", "Login"); do_html_footer(); exit; } }
function redisplay(&$dbprefix, $err_message = "") { // global $_SERVER ; if (($phasesResult = getAllPhases(&$err_message)) === NULL) { do_html_header("Edit Phases Failed", &$err_message); $err_message .= " Could not execute \"getAllPhases\" in \"edit_phases.php\". <br>\n"; $err_message .= "<br><br> Try <a href='" . $_SERVER["PHP_SELF"] . "?" . $_SERVER['QUERY_STRING'] . "'>again</a>?"; do_html_footer(&$err_message); exit; } $array = array(); $r = 0; while ($phaseInfo = $phasesResult->FetchNextObj()) { $array["arrPhaseID"][$r] = $phaseInfo->PhaseID; $array["arrPhaseName"][$r] = $phaseInfo->PhaseName; $array["arrStartDate"][$r] = $phaseInfo->StartDate; $array["arrEndDate"][$r] = $phaseInfo->EndDate; $array["arrStatus"][$r] = $phaseInfo->Status; $r++; } //end of while loop return $array; }
//create short variable names $username = isset($_POST["username"]) ? $_POST["username"] : ""; $password = isset($_POST["password"]) ? $_POST["password"] : ""; //first check whether the user has come from the front page by filling out the form if ($username && $password) { //they have just tried to log in try { login($username, $password); //if they are in the database (as in they are a member), register their username to the session ID variable called valid_user $_SESSION["valid_user"] = $username; } catch (Exception $e) { //unsuccessful login do_html_header("Problem: "); echo "We could not log you in. You must be logged in to view this page."; do_html_url("login.php", "Login"); do_html_footer(); exit; } } //start the display do_html_header("Home"); check_valid_user(); //get the bookmarks this user has saved if ($url_array = get_user_urls($_SESSION["valid_user"])) { //gilho instead of session valid user display_user_urls($url_array); } //give menu options display_user_menu(); do_html_footer();
$sql = "SELECT File,FileName,FileSize,FileType FROM " . $GLOBALS["DB_PREFIX"] . "File F , " . $GLOBALS["DB_PREFIX"] . "Paper P"; $sql .= " WHERE F.FileID=" . $_GET["fileid"] . " AND F.PaperID=P.PaperID"; $result = $db->Execute($sql); $rows = $result->RecordCount(); if (!$result) { do_html_header("View File Failed", &$err_message); $err_message .= " Could not connect to File database.<br>\n"; $err_message .= "<br><br> Try <a href='view_file.php?fileid=" . $_GET["fileid"] . "'>again</a>?"; do_html_footer(&$err_message); exit; } else { if (!$rows) { do_html_header("View File Failed", &$err_message); $err_message .= " The requested file is not available.<br>\n"; $err_message .= "<br><br> Try <a href='view_file.php?fileid=" . $_GET["fileid"] . "'>again</a>?"; do_html_footer(&$err_message); exit; } } $row = $result->FetchNextObj(); $data = $row->File; $name = $row->FileName; $size = $row->FileSize; $type = $row->FileType; // Check for Internet Explorer to avoid inline PDF viewing bug $browser = getBrowser(); if ($browser == "IEWin") { $method = "attachment"; } else { $method = "inline"; }
<br/>用 户 名 <input class="input" tabindex="1" type="text" maxlength="20" size="40" name="uName"></input> <br/>密 码 <input class="input" tabindex="2" type="password" maxlength="20" size="40" name="uPass"></input> <br/>重复密码 <input class="input" tabindex="3" type="password" maxlength="20" size="40" name="uPass1"></input> <br/> <br/>性别 女<input type="radio" name="gender" value="1"></input> 男<input type="radio" name="gender" value="2" checked="checked"></input> <br/> <br/>请选择头像<br/> <?php for ($i = 1; $i <= 15; $i++) { echo "<img src='image/head/{$i}.gif'><input type='radio' name='head' value='{$i}.gif'>"; if ($i % 5 == 0) { //每5行换一行 echo "<br/>"; } } ?> <br/> <input class="btn" tabindex="4" type="submit" value="注册"></input> </form> </div> <br/> <?php echo do_html_footer(); ?> </body> </html>
$sql = "SELECT File,FileName,FileSize,FileType FROM " . $GLOBALS["DB_PREFIX"] . "File F , " . $GLOBALS["DB_PREFIX"] . "Paper P"; $sql .= " WHERE F.FileID=" . $_GET["fileid"] . " AND F.PaperID=P.PaperID AND Withdraw='false'"; $result = $db->Execute($sql); $rows = $result->RecordCount(); if (!$result) { do_html_header("View File Failed", &$err_message); $err_message .= " Could not connect to File database.<br>\n"; $err = $err_message . "<br><br> Try <a href='view_file.php?fileid=" . $_GET["fileid"] . "'>again</a>?"; do_html_footer(&$err); exit; } else { if (!$rows) { do_html_header("View File Failed", &$err_message); $err_message .= " The requested file is not available.<br>\n"; $err = $err_message . "<br><br> Try <a href='view_file.php?fileid=" . $_GET["fileid"] . "'>again</a>?"; do_html_footer(&$err); exit; } } $row = $result->FetchNextObj(); $data = $row->File; $name = $row->FileName; $size = $row->FileSize; $type = $row->FileType; // Check for Internet Explorer to avoid inline PDF viewing bug $browser = getBrowser(); if ($browser == "IEWin") { $method = "attachment"; } else { $method = "inline"; }
function redisplay(&$paperid_array, &$process, &$dbprefix, $err_message = "") { //Establish connection with database $db = adodb_connect(&$err_message); //global $_SESSION ; $i = 0; $array = array(); reset($paperid_array); foreach ($paperid_array as $some => $paperID) { //Get the paper information if (($paperInfo = get_paper_info($paperID, &$err_message)) === false) { do_html_header("Update Paper Bids Failed", &$err_message); $err_message .= " Cannot retrieve information from database. <br>\n"; $err_message .= "<br><br> Try <a href='" . $_SERVER["PHP_SELF"] . "?" . $_SERVER["QUERY_STRING"] . "'>again</a>?"; do_html_footer(&$err_message); exit; } $array[$i]["paperid"] = $paperInfo->PaperID; $array[$i]["papertitle"] = stripslashes($paperInfo->Title); //Get the lastest file of the paper if (($FileIDData = get_latestFile($paperID, &$err_message)) === false) { do_html_header("Update Paper Bids Failed", &$err_message); $err_message .= " Could not execute \"get_latestFile\" in \"update_biddings.php\". <br>\n"; $err_message .= "<br><br> Try <a href='" . $_SERVER["PHP_SELF"] . "?" . $_SERVER["QUERY_STRING"] . "'>again</a>?"; do_html_footer(&$err_message); exit; } $array[$i]["fileid"] = $FileIDData->FileID; if ($catcomsep = getSelectedCategoryCommaSeparated($paperInfo->PaperID, &$err_message) || numCategories(&$err_message) == 0) { $array[$i]["cat"] = $catcomsep; } else { do_html_header("Update Paper Bids Failed", &$err_message); $err_message .= " Could not execute \"getSelectedCategoryCommaSeparated\" in \"update_biddings.php\". <br>\n"; $err_message .= "<br><br> Try <a href='" . $_SERVER["PHP_SELF"] . "?" . $_SERVER["QUERY_STRING"] . "'>again</a>?"; do_html_footer(&$err_message); exit; } if ($authors = retrieve_authors($paperInfo->PaperID, &$err_message)) { $array[$i]["author"] = $authors; } else { do_html_header("Update Paper Bids Failed", &$err_message); $err_message .= " Could not execute \"retrieve_authors\" in \"update_biddings.php\". <br>\n"; $err_message .= "<br><br> Try <a href='" . $_SERVER["PHP_SELF"] . "?" . $_SERVER["QUERY_STRING"] . "'>again</a>?"; do_html_footer(&$err_message); exit; } if ($process === "update") { $preferenceSQL = " SELECT PreferenceID FROM " . $GLOBALS["DB_PREFIX"] . "Selection "; $preferenceSQL .= " WHERE PaperID = " . $paperInfo->PaperID; $preferenceSQL .= " AND Membername = '" . $_SESSION["valid_user"] . "'"; $preferenceResult = $db->Execute($preferenceSQL); if (!$preferenceResult) { do_html_header("Update Paper Bids Failed", &$err_message); $err_message .= " Could not query \"Selection\" table in database by \"redisplay()\" of \"update_biddings.php\". <br>\n"; $err_message .= "<br><br> Try <a href='" . $_SERVER["PHP_SELF"] . "?" . $_SERVER["QUERY_STRING"] . "'>again</a>?"; do_html_footer(&$err_message); exit; } $userPreference = $preferenceResult->FetchNextObj(); $array[$i]["bidid"] = $userPreference->PreferenceID; } if ($bidtable = Generate_Preference_Radio_Input_Table($paperInfo->PaperID, $array[$i]["bidid"], &$err_message)) { $array[$i]["bid"] = $bidtable; } else { do_html_header("Update Paper Bids Failed", &$err_message); $err_message .= " Could not execute \"retrieve_authors\" in \"update_biddings.php\". <br>\n"; $err_message .= "<br><br> Try <a href='" . $_SERVER["PHP_SELF"] . "?" . $_SERVER["QUERY_STRING"] . "'>again</a>?"; do_html_footer(&$err_message); exit; } $i++; } //End of for loop return $array; }
function check_valid_user() { if (isset($_SESSION['valid_user'])) { echo '<div id="login_form">'; echo 'Bienvenido ' . $_SESSION['valid_user'] . '.'; } else { // they are not logged in echo 'You are not logged in.<br />'; echo '<a href="login.php">Login</a>'; do_html_footer(); exit; } }
function check_valid_user() { if (isset($_SESSION['valid_user'])) { /*echo '<div id="login_form">'; echo 'Bienvenido '.$_SESSION['valid_user'].'.'; */ header('Location: index.php'); exit; } else { // they are not logged in echo 'El usuario o contraseña es erroneo.<br />'; echo '<a href="login.php">Login</a>'; do_html_footer(); exit; } }
function check_admin_user() { if (isset($_SESSION['admin_user'])) { return true; } else { do_html_header("出错了:"); do_html_url('login.php', '您还没有登录,请先登录'); do_html_footer(); exit; } }
function isValidLogoFile(&$file, $error_array = array(), $index = 0, $array_key = NULL) { static $hasvalue = "false"; switch ($array_key) { case "name": $hasvalue = "true"; break; case "type": if ($file == "image/jpeg" || $file == "image/pjpeg" || $file == "image/x-png" || $file == "image/png") { } else { $error_array[$index] = " This \"{$file}\" file type is not supported.<br>\n"; return false; } break; case "tmp_name": break; case "size": if ($file == 0 && $hasvalue == "true") { // echo "Failed \$string: " . $string . " <br>\n" ; $error_array[$index] = " Please upload a valid file.<br>\n"; return false; } else { $err_message =& $GLOBALS["err_message"]; if (($setobj = get_Conference_Settings(&$err_message)) === NULL) { // global $_SERVER ; do_html_header("Data Validation Failed", &$err_message); $err_message .= " Could not execute \"get_Conference_Settings\" in \"data_validation_fns.php\". <br>\n"; $err_message .= "<br><br> Try <a href='" . $_SERVER["PHP_SELF"] . "?" . $_SERVER["QUERY_STRING"] . "'>again</a>?"; do_html_footer(&$err_message); exit; } $maxfilesize = intval(ini_get("upload_max_filesize")) * 1000000; if ($setobj) { $maxfilesize = $setobj->MaxLogoSize; } if ($file > $maxfilesize) { $error_array[$index] = " Please keep file size to the limit of {$maxfilesize} bytes.<br>\n"; return false; break; } return true; } break; case "error": if ($file == 2) { $error_array[$index] = " Please keep file size under the limit.<br>\n"; return false; } else { return true; } break; default: break; } }