public function GetInfo($id, $pw, $usr, $requestkey, $id_check)
{
$validkey = md5(hash('sha512', $id_check . $id . $usr . $pw));
if ($requestkey != $validkey) {
die("insufficient credentials");
} else {
if (isUserAdmin($id_check)) {
return $this->Client->getinfo();
} else {
die("insufficient credentials");
}
}
}
<?php
require '../init.php';
require '../tools.php';
if (!isUserAdmin()) {
fail("Only admins can delete user accounts");
}
$userId = htmlspecialchars($_POST['id']);
$query = 'DELETE FROM user WHERE id=?';
if ($stmt = $link->prepare($query)) {
$stmt->bind_param("s", $userId);
if ($stmt->execute()) {
if ($stmt->affected_rows > 0) {
success();
}
fail("User does not exist");
}
fail("Error deleting user: "******"Error deleting user");
<?php
$id = $loggedInUser->user_id;
$account = $loggedInUser->display_username;
if(!isUserLoggedIn()){
echo '<meta http-equiv="refresh" content="0; URL=access_denied.php">';
}
if(isUserAdmin($id) === true)
{
echo "<h2>Welcome Admin</h2>";
$sql = mysql_query("SELECT * FROM Tickets");
}
if(isUserMod($id) === true)
{
echo "<h2>Welcome Moderator</h2>";
$sql = mysql_query("SELECT * FROM Tickets");
}
if(isUserNormal($id)){
echo "<h2>How may I help you today, <b>".$account."</b> ?</h2>";
echo "
<ul class='flatflipbuttons'>
<li style='width: 200px !important;' class='square'><a href='index.php?page=newticket'><span>Get Support</span></a></li>
</ul>
</br>";
$sql = mysql_query("SELECT * FROM Tickets WHERE `user_id`='$id'");
}
$num = mysql_num_rows($sql);
?>
<div id="page">
<?php
require_once "models/config.php";
if (!isUserLoggedIn()) {
echo '<meta http-equiv="refresh" content="0; URL=access_denied.php">';
die;
}
if (!isUserAdmin($id)) {
echo '<meta http-equiv="refresh" content="0; URL=access_denied.php">';
die;
}
?>
<table id="page">
<tr>
<th>Owner</th>
<th>Name</th>
<th>ID</th>
<th>IP Address</th>
<th>Type</th>
<th>User</th>
<th>Status</th>
</tr>
<?
$result = mysql_query("SELECT * FROM Servers");
while($row = mysql_fetch_array($result))
{
echo "<tr>";
echo "<td>" . $row['Server_Owner'] . "</td>";
echo "<td>" . $row['Server_Name'] . "</td>";
echo "<td>" . $row['Server_Id'] . "</td>";
<?php
if (!isset($_SESSION)) {
session_start();
}
include_once "functions.php";
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
$oldPassword = $_POST['oldPassword'];
$username = $_SESSION['loggedIn'];
$password = $_POST['password'];
if (isUserAdmin($username) || isset($oldPassword) && crypt($oldPassword, getSalt()) == getPassword($username)) {
include_once "functions.php";
changePassword($username, $password);
} else {
echo "denied";
}
}
<?php
if (!isset($_SESSION)) {
session_start();
}
include_once "functions.php";
if ($_SERVER['REQUEST_METHOD'] == "POST" && isUserAdmin($_SESSION['loggedIn'])) {
deleteUser($_POST['username']);
}
function displayEvents($sqlArray)
{
require 'include/configGlobals.php';
echo "<script type=\"text/javascript\">\n";
echo "parent.main_disablePopupBackButton();\n";
echo "</script>\n";
// Display events
$eventcheck = mysql_query("SELECT * FROM events ORDER BY `events`.`eventDate`, `events`.`eventDB` ASC") or die(mysql_error());
echo "<table class=\"default\" width=\"100%\">\n";
echo "<th colspan=\"6\">Events</th>\n";
echo "<tr><td>Event Type</td><td>Event Name</td><td>Event Location</td><td>Event Date</td><td>Pre-registered</td><td>Pre-Registration</td></tr>\n";
while ($eventinfo = mysql_fetch_assoc($eventcheck)) {
$paymentStatus = "";
$today = date('Y-m-d');
if ($eventinfo['eventType'] == "Autocross") {
if ($eventinfo['eventName'] == "All " . date('Y') . " Autocross Regular Events") {
$allAutoXEvents = 0x1;
$regBegin = date('Y-m-d', mktime(0, 0, 0, substr($eventinfo['eventDate'], 5, 2), substr($eventinfo['eventDate'], 8, 2) - 90, substr($eventinfo['eventDate'], 0, 4)));
} else {
$regBegin = date('Y-m-d', mktime(0, 0, 0, substr($eventinfo['eventDate'], 5, 2), substr($eventinfo['eventDate'], 8, 2) - 30, substr($eventinfo['eventDate'], 0, 4)));
}
$regCutoff = date('Y-m-d', mktime(0, 0, 0, substr($eventinfo['eventDate'], 5, 2), substr($eventinfo['eventDate'], 8, 2) - 2, substr($eventinfo['eventDate'], 0, 4)));
} else {
if ($eventinfo['eventType'] == "Hillclimb") {
$regCutoff = date('Y-m-d', mktime(0, 0, 0, substr($eventinfo['eventDate'], 5, 2), substr($eventinfo['eventDate'], 8, 2) - 7, substr($eventinfo['eventDate'], 0, 4)));
$regBegin = date('Y-m-d', mktime(0, 0, 0, substr($eventinfo['eventDate'], 5, 2), substr($eventinfo['eventDate'], 8, 2) - 60, substr($eventinfo['eventDate'], 0, 4)));
$regLateCutoff = date('Y-m-d', mktime(0, 0, 0, 05, 14, 2008));
}
}
echo "<tr>\n";
echo "<td>" . $eventinfo['eventType'] . "</td>";
echo "<td>" . $eventinfo['eventName'] . "</td>";
echo "<td>" . $eventinfo['eventLocation'] . "</td>";
echo "<td>" . $eventinfo['eventDate'] . "</td>";
echo "<td>";
$tempquery = $eventinfo['eventDB'];
$tempEventcheck = mysql_query("SELECT * FROM {$tempquery}") or die(mysql_error());
$reg_count = 0;
$userRegistered = 0;
while ($tempEventInfo = mysql_fetch_assoc($tempEventcheck)) {
$reg_count = $reg_count + 1;
if ($tempEventInfo['registeredUser'] == $sqlArray['username']) {
$userRegistered = 1;
}
}
if ($reg_count > 0) {
if ($today <= $eventinfo['eventDate']) {
echo "<form action=\"eventregistered.php\" method=\"POST\">\n";
echo "[ " . $reg_count . " ] ";
echo "<input type=\"hidden\" name=\"regEventName\" value=\"" . $eventinfo['eventDB'] . "\" />";
echo " <input type=\"submit\" name=\"showRegistration\" value=\"Show\" />\n";
if ($sqlArray['admin'] != 0) {
echo "<input type=\"hidden\" name=\"regEventKey\" value=\"" . $eventinfo['eventID'] . "\" />\n";
// echo "<br /><input type=\"submit\" name=\"downloadMember\" value=\"Download Member File\" />";
// echo "<br /><input type=\"submit\" name=\"downloadEntries\" value=\"Download Entries File\" />";
// echo "<br /><input type=\"submit\" name=\"downloadPrintable\" value=\"Download Printable File\" />";
echo "<br /><input type=\"submit\" name=\"downloadAllFiles\" value=\"Download All Files\" />\n";
}
echo "</form>\n";
} else {
echo "-";
}
} else {
echo "None";
}
echo "</td>\n";
echo "<td>\n";
echo "<table class=\"blank\"><tr><td>\n";
if (!isUserInfoComplete($sqlArray)) {
echo "User Info Incomplete\n";
echo "<form action=\"events.php\" method=\"POST\">\n";
} else {
if ($userRegistered && $today < $regCutoff) {
$paymentStatus = displayPaypalEvent($sqlArray, $eventinfo);
echo "<form action=\"events.php\" method=\"POST\">\n";
} elseif ($reg_count < 50) {
echo "<form action=\"events.php\" method=\"POST\">\n";
if ($today < $regBegin) {
echo "Not Open Yet \n";
} else {
if ($today < $regCutoff) {
if ($eventinfo['eventType'] != "Hillclimb" && $eventinfo['eventName'] != "4th Annual North Country Rumble" && $allAutoXEvents != 0x1) {
echo "<input type=\"image\" src=\"images/classy-icons-set/png/32x32/folder_add.png\" name=\"register\" value=\"Register\" alt=\"Register\" title=\"Register For This Event\"onClick=\"alert('After registering for this event online you will still need to check-in with registration at the event.')\" />\n";
}
if ($allAutoXEvents == 0x1) {
echo "Not Available \n";
}
} else {
echo "Closed \n";
}
}
} else {
echo "Full \n";
}
}
echo "</td><td>\n";
echo "<input type=\"hidden\" name=\"regEventName\" value=\"" . $eventinfo['eventDB'] . "\">\n";
if ($userRegistered && ($today >= $regBegin && $today < $regCutoff)) {
echo "<input type=\"image\" src=\"images/classy-icons-set/png/32x32/folder_edit.png\" name=\"editregistration\" value=\"EditRegistration\" alt=\"Edit Registration\" title=\"Edit Registration\" />\n";
}
if ($userRegistered && ($paymentStatus == "" || $paymentStatus != "Completed" && $paymentStatus != "Pending" && $paymentStatus != "Processed" && $paymentStatus != "In-Progress")) {
// User is registered, but payment hasn't been completed. Allow them to unregister.
if ($today >= $regBegin && $today < $regCutoff) {
echo "<input type=\"image\" src=\"images/classy-icons-set/png/32x32/folder_remove.png\" name=\"unregister\" value=\"Unregister\" alt=\"Unregister\" title=\"Unregister\" />\n";
}
} else {
if ($eventinfo['eventType'] == "Autocross") {
$allAutoXEvents |= 0x2;
}
}
echo "</td></tr></table>\n";
if ($eventinfo['eventType'] == "Hillclimb" && $today < $regCutoff && $today >= $regBegin) {
if (isUserAdmin()) {
$itemName = $club_Abbr . " " . $eventinfo['eventType'] . " " . $eventinfo['eventName'] . " " . $eventinfo['eventDate'];
$hashinput = $itemName . $sqlArray['username'];
$itemNumber = hash('md5', $hashinput);
echo "<a href=\"#\" onclick=\"parent.main_openPopupWindow('entryHillclimb.php?" . $itemNumber . "')\">Register (testing)</a>\n";
}
// echo "<a target=\"_blank\" href=\"http://www.hillclimb.org/events/ascutney/ascutney.htm\">Register</a>\n";
echo "<a target=\"_blank\" href=\"http://www.sccnh.org/hillclimbreg.html\">Register at sccnh.org</a>\n";
} else {
if ($eventinfo['eventName'] == "4th Annual North Country Rumble") {
echo "Rumble registration not fully completed<br>\n";
echo "Use <a target=\"_blank\" href=\"http://sccnh.xhub.com/SCCNH%20Rumble%20Registration%20Form%202008.pdf\">Official Entry Form [pdf]</a>\n";
echo "for now.\n";
}
}
echo "</td></form>\n";
echo "</tr>\n";
}
echo "</table>\n";
}
require_once $syslog_mod_path . "/class/syslogXML.class.php";
# Get language
$locale = $oreon->user->get_lang();
putenv("LANG={$locale}");
setlocale(LC_ALL, $locale);
bindtextdomain("messages", $syslog_mod_path . "locale/");
bind_textdomain_codeset("messages", "UTF-8");
textdomain("messages");
/*
* Get ACL
*/
$pearDB = new CentreonDB();
$pearDBndo = new CentreonDB("ndo");
$sid = session_id($_GET["sid"]);
$contact_id = check_session($sid, $pearDB);
$is_admin = isUserAdmin($sid);
$access = new CentreonACL($contact_id, $is_admin);
$aclHostString = $access->getHostsString("ID", $pearDBndo);
/*
* Get selected option in lists
*/
if (isset($_GET['collector_id']) && $_GET['collector_id'] != "") {
$collector_id = $_GET['collector_id'];
} else {
$collector_id = "";
}
if (isset($_GET['Ffacility']) && $_GET['Ffacility'] != "" && $_GET['Ffacility'] != "undefined") {
$Ffacility_selected = $_GET['Ffacility'];
} else {
$Ffacility_selected = "";
}
<?php
include './php/libaries.php';
include './php/sqlconn.php';
// Connect to database
//Redirect users without administrative rights
if (isUserLoggedIn() == false || isUserAdmin() == false) {
redirectToHomePage();
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title>Admin</title>
<link rel="stylesheet" href="./foundation/css/foundation.css" />
<link rel="stylesheet" href="./css/customise.css" />
<?php
include 'includes/datepicker.html';
?>
<script src="js/admin.js"></script>
</head>
<body>
<?php
include 'includes/navbarAdmin.php';
?>
<div class="large-12 columns">
<div id="profileDiv" class="large-12 left columns">
<h3 class="white-font">Profiles</h3>
$userEmail = $userProfileDetails["email"];
if (isset($userProfileDetails["contact_number"])) {
$userContactNumber = $userProfileDetails["contact_number"];
} else {
$userContactNumber = "";
}
$address1 = $userProfileDetails["address_line1"];
if (isset($userProfileDetails["address_line2"])) {
$address2 = $userProfileDetails["address_line2"];
} else {
$address2 = "";
}
$country = $userProfileDetails["country"];
}
$userProfilePicturePath = getProfilePicturePathByUsername($username);
$isUserAdminValue = isUserAdmin($username);
if (isset($_POST['changePasswordSubmit'])) {
$currentPassword = $_POST['currentPassword'];
$newPassword = $_POST['newPassword'];
$updatePasswordResponseMsg = updateUserPassWord($username, $currentPassword, $newPassword);
}
if (isset($_POST['profilePicUploadSubmit'])) {
if ($_FILES["profilePicFile"]["type"] == "image/gif" || $_FILES["profilePicFile"]["type"] == "image/jpeg" || $_FILES["profilePicFile"]["type"] == "image/png" || $_FILES["profilePicFile"]["type"] == "image/pjpeg") {
if ($_FILES["profilePicFile"]["size"] < 40000) {
if ($_FILES["profilePicFile"]["error"] > 0) {
$error = "Return Code: " . $_FILES["profilePicFile"]["error"] . "<br />";
} else {
$uploadedFileName = $_FILES["profilePicFile"]["name"];
$fileExt = end(explode(".", $uploadedFileName));
$fileName = $username . "." . $fileExt;
$finalFilePath = "user_profile_pictures/" . $fileName;
<?php
if(!isUserLoggedIn())
{
echo '<meta http-equiv="refresh" content="0; URL=access_denied.php">';
die();
}
$id = @mysql_real_escape_string($_GET["id"]);
$sql = @mysql_query("SELECT * FROM Tickets WHERE `id`=$id");
$owner = @mysql_result($sql, 0, "user_id");
if ($loggedInUser->user_id == $owner OR isUserAdmin($loggedInUser->user_id) OR isUserMod($loggedInUser->user_id)) {
if (isset($_GET["action"])) {
if ($_GET["action"] == "closev") {
echo "<h3>Are you sure?</h3><br \><a href=\"index.php?page=viewticket&action=closey&id=" . $id . "\"><input type=\"submit\" class=\"blues\" value=\"Yes\"/></a><br /><a href=\"index.php?page=viewticket&id=$id\"><input type=\"submit\" class=\"blues\" value=\"No\"/></a><br />";
}
if ($_GET["action"] == "closey") {
mysql_query("UPDATE Tickets SET opened=0 WHERE `id`='$id'");
echo "Your ticket has been closed.";
echo '<meta http-equiv="refresh" content="0; URL=index.php?page=support">';
}
if ($_GET["action"] == "open")
{
mysql_query("UPDATE Tickets SET opened=1 WHERE `id`='$id'");
echo "Your ticket has been reopened.";
echo '<meta http-equiv="refresh" content="0; URL=index.php?page=support">';
}
} else {
$subject = mysql_result($sql, 0, "subject");
if (isset($_POST["post"])) {
$post = mysql_real_escape_string(strip_tags($_POST["post"]));
$uid = $loggedInUser->user_id;
<div id="white">
<table class="infos-small">
<tr class="infos-row">
<td colspan="2" class="infos-center">
<div id="new-user"><?php
if (isset($username)) {
echo $username;
}
?>
</div>
<div class="line line-no-space"></div>
</td>
</tr>
<?php
include_once "../helper/functions.php";
if (!isUserAdmin($username)) {
echo <<<'OLD_PASSWORD'
<tr class="infos-row">
<td class="infos-left">
<div class="icon">
<i class="material-icons">lock</i> <span class="icon-text">Old Password:</span>
</div>
</td>
<td class="infos-right">
<input class="input project" id="account-input-old-password" type="password" placeholder="*******"/>
</td>
</tr>
OLD_PASSWORD;
}
echo <<<'NEW_PASSWORD'
<tr class="infos-row">
<?php
require_once 'models/config.php';
include 'models/chat.config.php';
//___
$id = $loggedInUser->user_id;
$username = $loggedInUser->display_username;
//___
if (isUserCBanned($id)) {
die;
} else {
if (isUserAdmin($id)) {
$color = "#0404B4";
} else {
if (isUserMod($id)) {
$color = "#B43104";
} else {
$color = "#000000";
}
}
$color_ = $db->real_escape_string(htmlentities($color));
$user = $db->real_escape_string(htmlentities($username));
$message = $db->real_escape_string(strip_tags($_POST['message'], '<a>'));
$timestamp = $db->real_escape_string(gettime());
$db->Query("INSERT INTO messages (color, username, message, timestamp) VALUES ('{$color_}','{$user}','{$message}','{$timestamp}')");
}
</tr>
</table>
</td>
<td class="overview-right">
<a class="button edit" id="editUser_public" name="userOverviewEdit" href="javascript:void(null)">
<i class="material-icons">mode_edit</i>
</a>
</td>
</tr>
<tr class="overview-row">
<td colspan="2">
<div class="overview-line"> </div>
</td>
</tr>
<?php
$userArray = [];
include "../helper/getUsersFromJSON.php";
if (!empty($userArray)) {
for ($i = 0; $i < sizeof($userArray); $i++) {
$name = $userArray[$i]->{'username'};
if ($name != "public" && $name != "admin") {
if (isUserAdmin($name)) {
echo '<tr class="overview-row">' . '<td class="overview-left">' . '<table>' . '<tr>' . '<td class="user-overview-icon"> ' . '<div class="icon">' . '<i class="material-icons">security</i>' . '</div> ' . '</td>' . '<td class="user-overview-appname">' . $name . '</td>' . '</tr>' . '</table>' . '</td>' . '<td class="overview-right">' . '<a id="editUser_' . $name . '" class="button edit" name="userOverviewEdit" href="javascript:void(null)">' . '<i class="material-icons">mode_edit</i>' . '</a>' . '<a id="deleteUser_' . $name . '" class="button edit" name="userOverviewDelete" href="javascript:void(null)">' . '<i class="material-icons">delete</i>' . '</a>' . '</td>' . '</tr>' . '<tr class="overview-row">' . '<td colspan="2">' . '<div class="overview-line"> </div>' . '</td>' . '</tr>';
} else {
echo '<tr class="overview-row">' . '<td class="overview-left">' . '<table>' . '<tr>' . '<td class="user-overview-icon"> ' . '<div class="icon">' . '<i class="material-icons">person</i>' . '</div> ' . '</td>' . '<td class="user-overview-appname">' . $name . '</td>' . '</tr>' . '</table>' . '</td>' . '<td class="overview-right">' . '<a id="editUser_' . $name . '" class="button edit" name="userOverviewEdit" href="javascript:void(null)">' . '<i class="material-icons">mode_edit</i>' . '</a>' . '<a id="deleteUser_' . $name . '" class="button edit" name="userOverviewDelete" href="javascript:void(null)">' . '<i class="material-icons">delete</i>' . '</a>' . '</td>' . '</tr>' . '<tr class="overview-row">' . '<td colspan="2">' . '<div class="overview-line"> </div>' . '</td>' . '</tr>';
}
}
}
}
?>
</table>
<?php
require_once "models/config.php";
if (!isUserLoggedIn()) {
echo '<meta http-equiv="refresh" content="0; URL=access_denied.php">';
die;
}
if (!isUserMod($id) and !isUserAdmin($id)) {
echo '<meta http-equiv="refresh" content="0; URL=access_denied.php">';
die;
}
$account = $loggedInUser->display_username;
?>
<h1>Ban A user from chat</h1>
<form action="" name="banform" method="POST">
<input type="text" name="ban" class="field" />
<input type="submit" value="ban" class="blues" />
</form>
<?php
if (isset($_POST["ban"])) {
$banby = $account;
$username = mysql_real_escape_string(strip_tags($_POST["ban"]));
mysql_query("UPDATE userCake_Users SET `ChatBanned`='1' WHERE `Username`='{$username}'");
mysql_query("UPDATE userCake_Users SET `BannedBy`='{$banby}' WHERE `Username`='{$username}'");
$message_sys = mysql_real_escape_string(strip_tags("" . $username . " was banned from chat."));
$color_sys = mysql_real_escape_string(strip_tags("#FF0000"));
$user_sys = mysql_real_escape_string(strip_tags("system"));
mysql_query("INSERT INTO messages (color, username, message) VALUES ('{$color_sys}','{$user_sys}','{$message_sys}')");
}
if (isset($_GET["unban"])) {
$username = mysql_real_escape_string(strip_tags($_GET["unban"]));
<?php
/*
UserPie Version: 1.0
http://userpie.com
*/
require_once "models/config.php";
//require_once("models/slim-config.php");
if (!isUserLoggedIn()) {
include 'landing-page.php';
} else {
if (isUserAdmin()) {
header("Location: admin.php");
} else {
header("Location: football_playoff_grid.php");
}
}
break;
/**
* Authorize user.
*/
/**
* Authorize user.
*/
case 'userAuthorize':
if (loginAdmin($sId, $sPassword) == TRUE_VAL) {
$aUserInfo = getUserInfo($sId, true);
$aUser = array('id' => $aUserInfo['id'], 'nick' => $aUserInfo['nick'], 'sex' => $aUserInfo['sex'], 'age' => $aUserInfo['age'], 'desc' => $aUserInfo['desc'], 'photo' => $aUserInfo['photo'], 'profile' => $aUserInfo['profile'], 'type' => CHAT_TYPE_ADMIN);
} elseif (loginUser($sId, $sPassword) == TRUE_VAL && ($bBanned = doBan("check", $sId)) != TRUE) {
$aUser = getUserInfo($sId);
$aUser['id'] = $sId;
$aUser['sex'] = $aUser['sex'] == 'female' ? "F" : "M";
$aUser['type'] = isUserAdmin($sId) ? CHAT_TYPE_ADMIN : CHAT_TYPE_FULL;
} else {
$sContents = parseXml($aXmlTemplates['result'], $bBanned ? "msgBanned" : "msgUserAuthenticationFailure", FAILED_VAL);
break;
}
$aUser = initUser($aUser);
$sContents = parseXml($aXmlTemplates['result'], "", SUCCESS_VAL);
$sContents .= parseXml($aXmlTemplates['user'], $aUser['id'], USER_STATUS_NEW, $aUser['nick'], $aUser['sex'], $aUser['age'], $aUser['desc'], $aUser['photo'], $aUser['profile'], $aUser['type'], USER_STATUS_ONLINE);
break;
case 'banUser':
$sBanned = isset($_REQUEST["banned"]) ? process_db_input($_REQUEST['banned']) : FALSE_VAL;
$sUserId = getValue("SELECT `ID` FROM `" . MODULE_DB_PREFIX . "Profiles` WHERE `ID` = '" . $sId . "' LIMIT 1");
getResult(empty($sUserId) ? "INSERT INTO `" . MODULE_DB_PREFIX . "Profiles`(`ID`, `Banned`) VALUES('" . $sId . "', '" . $sBanned . "')" : "UPDATE `" . MODULE_DB_PREFIX . "Profiles` SET `Banned`='" . $sBanned . "' WHERE `ID`='" . $sId . "'");
break;
case 'kickUser':
getResult("UPDATE `" . MODULE_DB_PREFIX . "CurrentUsers` SET `Status`='" . USER_STATUS_KICK . "', `When`='" . time() . "' WHERE `ID`='" . $sId . "'");
function displayAdminEventsPage()
{
//otherwise they are shown the admin area
if (!isUserAdmin()) {
header("Location: logout.php");
}
$databaseName = getDatabaseName();
if (isset($_POST['createEvent'])) {
$newEventTableName = "event" . date('U');
$newEventName = $_POST['newEventName'];
$newEventLocation = $_POST['newEventLocation'];
$newEventDate = $_POST['newEventDate'];
$newEventType = $_POST['newEventType'];
$createQuery = "CREATE TABLE `" . $databaseName . "`.`" . $newEventTableName . "` (" . "`registeredUser` VARCHAR( 60 ) NOT NULL ," . "`vehicleKey` VARCHAR( 60 ) NOT NULL ," . "`vehicleClass` VARCHAR( 60 ) NOT NULL ," . "`vehicleNumber` VARCHAR( 60 ) NOT NULL ," . "`paid` TINYINT( 1 ) NOT NULL DEFAULT '0'" . ") ENGINE = MYISAM";
if (mysql_query($createQuery)) {
$insertQuery = "INSERT INTO `" . $databaseName . "`.`events` (`eventID`, `eventDB`, `eventName`, `eventLocation`, `eventDate`, `eventType`)" . "VALUES (NULL , '" . $newEventTableName . "', '" . $newEventName . "', '" . $newEventLocation . "', '" . $newEventDate . "', '" . $newEventType . "')";
if (!mysql_query($insertQuery)) {
die("Created new table but unable to insert event into database. Please contact administrator.");
}
} else {
die("Unable to create new table for event. Please contact administrator.");
}
header("Location: admin_events.php");
} elseif (isset($_POST['deleteEvent'])) {
$eventDB = $_POST['eventDB'];
$eventDBkey = $_POST['eventDBkey'];
// Delete Event from DB
$deleteQuery = "DELETE FROM events WHERE `events`.`eventID` = " . $eventDBkey . " LIMIT 1";
// Drop Table
$dropQuery = "DROP TABLE `" . $eventDB . "`";
// die($deleteQuery."\n".$dropQuery);
if ($queryCheck1 = mysql_query($deleteQuery)) {
if ($queryCheck2 = mysql_query($dropQuery)) {
header("Location: admin_events.php");
}
die("Deleted event from list. Unable to delete Table.");
}
die("Unable to delete event.");
} elseif (isset($_POST['emailUsers'])) {
$emailList = "";
$userCheck = mysql_query("SELECT * FROM users") or die(mysql_error());
while ($userInfo = mysql_fetch_array($userCheck)) {
$emailList .= $userInfo['email'];
}
}
echo file_get_contents("admin_header.html");
echo "<br />\n";
echo "<script type=\"text/javascript\">\n";
echo "function confirmDelete() {\n";
echo "var r=confirm(\"Are you sure you want to this event? This cannot be undone.\");\n";
echo "return r;";
echo "}\n";
echo "</script>\n";
echo "<form action=\"admin_events.php\" method=\"POST\">\n";
echo "<table class=\"default\">\n";
echo "<th colspan=\"5\">Create New Event:</th>\n";
echo "<tr><td>Event Name</td><td>Event Location</td><td>EventDate<br>YYYY-MM-DD</td><td>Event Type</td></tr>\n";
echo "<tr><td><input type=\"text\" name=\"newEventName\"></td>\n";
echo "<td><input type=\"text\" name=\"newEventLocation\"></td>\n";
echo "<td><input type=\"text\" name=\"newEventDate\"></td>\n";
echo "<td><select name=\"newEventType\">\n";
echo "<option value=\"Autocross\">Autocross</option>\n";
echo "<option value=\"Hillclimb\">Hillclimb</option>\n";
echo "</select></td>\n";
echo "<td><input type=\"submit\" name=\"createEvent\" value=\"Create Event\"></td></tr>\n";
echo "</table>\n";
echo "</form>\n";
echo "<br>\n";
// Display events
$eventcheck = mysql_query("SELECT * FROM events ORDER BY `events`.`eventDate`, `events`.`eventDB` ASC") or die(mysql_error());
echo "<table class=\"default\">\n";
echo "<th colspan=\"4\">Delete Events</th>\n";
echo "<tr><td>Event Type</td><td>Event Name</td><td>Event Location</td><td>Event Date</td></tr>\n";
while ($eventinfo = mysql_fetch_assoc($eventcheck)) {
echo "<tr>";
echo "<td>" . $eventinfo['eventType'] . "</td>";
echo "<td>" . $eventinfo['eventName'] . "</td>";
echo "<td>" . $eventinfo['eventLocation'] . "</td>";
echo "<td>" . $eventinfo['eventDate'] . "</td>";
echo "<td>";
$tempquery = $eventinfo['eventDB'];
$tempEventcheck = mysql_query("SELECT * FROM {$tempquery}") or die(mysql_error());
$reg_count = mysql_num_rows($tempEventcheck);
echo "<form action=\"admin_events.php\" method=\"POST\" onsubmit=\"return confirmDelete()\">\n";
echo "<input type=\"hidden\" name=\"eventDB\" value=\"" . $eventinfo['eventDB'] . "\">\n";
echo "<input type=\"hidden\" name=\"eventDBkey\" value=\"" . $eventinfo['eventID'] . "\">\n";
echo "<input type=\"submit\" name=\"deleteEvent\" value=\"Delete\">\n";
echo "</form>\n";
if ($reg_count != 0) {
echo "Users Registered.";
}
echo "</td></tr>\n";
}
echo "</table>\n";
}
<?php
if (!isset($_SESSION)) {
session_start();
}
include_once "helper/functions.php";
if (isset($_SESSION['loggedIn'])) {
if (isUserAdmin($_SESSION['loggedIn'])) {
header('Location: restricted/admin.php');
} else {
header('Location: index.php');
}
exit;
}
$developerName = "";
$colorScheme = "";
include 'helper/getGeneralSettingsFromJSON.php';
?>
<!DOCTYPE html>
<html>
<head>
<?php
include 'cookie.php';
?>
<title><?php
if (isset($developerName)) {
echo $developerName;
}
?>
if (!isUserMod($idaa) and !isUserAdmin($idaa)) {
$color = htmlentities($value['color']);
$user = htmlentities($value['username']);
$msg = htmlentities($value['message']);
echo "<li id='msg_row'><b id='u_name_chat' style='color: " . $color . ";'>" . $user . "</b>: " . $msg . "</li>";
} else {
$color = htmlentities($value['color']);
$user = htmlentities($value['username']);
$msg = htmlentities($value['message']);
$todelete = $db->real_escape_string($value['id']);
echo "<li id='msg_row'><b id='u_name_chat' style='color: " . $color . ";'>" . $user . "</b>: " . $msg . "<a color='blue' href='#' rel=" . $todelete . " class='delete' onClick='deleteChat(this);'>delete</a></li>";
}
}
?>
<script>
<?php
if (isUserMod($idaa) || isUserAdmin($idaa)) {
?>
function deleteChat(t) {
console.log("Clicked delete");
var toDEL = $(t).parent();
var id = $(t).attr('rel');
console.log(id);
$.post('ajaxDEL.php', {id: id})
.done(function(data) {
$(toDEL).hide();
});
}
/*$('.delete').click(function() {
