function confirm_is_admin()
{
if (!logged_on()) {
header("Location: logon.php");
}
if (!is_admin()) {
header("Location: index.php");
}
}
/**
* Ensure the current user is an administrator.
*
* @param Session $session The session to check.
*/
function confirm_is_admin($session)
{
if (!logged_on($session)) {
header("Location: logon.php");
exit;
}
if (!is_admin($session)) {
header("Location: index.php");
exit;
}
}
<?php
require_once "Includes/header.php";
if (!logged_on() || ENV_logged_on()) {
header("Location: /Home.php");
}
$query = "SELECT * FROM riot4.users WHERE id = ?";
$params = array($_SESSION['userid']);
$statement = sqlsrv_query($conn, $query, $params);
if (sqlsrv_has_rows($statement)) {
$row = sqlsrv_fetch_array($statement);
if (!is_null($row['logged_MID'])) {
$msg = "Your account is beign used elsewhere.Please logoff from that environment before logging in here.";
header("Location: /userPref_settings.php?Message=" . urlencode($msg));
}
}
if (isset($_POST['Dev_Login'])) {
$Envir_ID = $_POST['Chip_ID'];
$password = $_POST['OTP'];
$valid = FALSE;
$query = "SELECT * FROM riot4.ENV WHERE id = ?";
$params = array($Envir_ID);
$statement = sqlsrv_query($conn, $query, $params);
if (sqlsrv_has_rows($statement)) {
$row = sqlsrv_fetch_array($statement);
if ($row['OTP'] == $password) {
$_SESSION['ENV_OTP'] = $row['OTP'];
$_SESSION['MID'] = $row['id'];
$_SESSION['ROOT'] = $row['root'];
$query_update = "UPDATE riot4.users SET logged_MID = ? WHERE id = ?";
$params = array($Envir_ID, $_SESSION['userid']);
<?php
if (logged_on($session)) {
echo '<li><a href="/logoff.php">Sign out</a></li>' . "\n";
if (is_admin($session)) {
echo '<li><a href="/addpage.php">Add</a></li>' . "\n";
echo '<li><a href="/selectpagetoedit.php">Edit</a></li>' . "\n";
echo '<li><a href="/deletepage.php">Delete</a></li>' . "\n";
}
} else {
echo '<li><a href="/logon.php">Login</a></li>' . "\n";
echo '<li><a href="/register.php">Register</a></li>' . "\n";
}
?>
</ul>
<?php
if (logged_on($session)) {
$username = $session->get('username');
echo "<div class=\"welcomeMessage\">Welcome, <strong>{$username}</strong></div>\n";
}
?>
</section>
</div>
<div class="clear-fix"></div>
</div>
<section class="navigation" data-role="navbar">
<nav>
<ul id="menu">
<?php
$statement = $databaseConnection->prepare("SELECT id, menulabel FROM pages");
<?php
require_once "Includes/session.php";
require_once "Includes/simplecms-config.php";
require_once "Includes/connectDB.php";
require_once "Includes/header.php";
require_once "send_email/sendgrid-php/vendor/autoload.php";
if (logged_on()) {
header("Location: /index.php");
}
?>
<?php
/* logon.php SUBMIT button function
-------------------------------------------------*/
if (isset($_POST['forgot_password'])) {
$username = $_POST['username'];
$emailto = $_POST['email'];
$valid = FALSE;
$query = " SELECT * FROM riot4.users WHERE username = ? and emailid = ?";
$params = array($username, $emailto);
$statement = sqlsrv_query($conn, $query, $params);
if (sqlsrv_has_rows($statement)) {
$_SESSION['random_key'] = rand(10000, 99999);
$_SESSION['temp_user'] = $username;
$user = '';
/*removed from public visibility*/
$pass = '';
/*removed from public visibility*/
$sendgrid = new SendGrid($user, $pass);
$email = new SendGrid\Email();
<?php
require_once "Includes/header.php";
if (!logged_on()) {
header("Location: /index.php");
}
if (isset($_POST['Update'])) {
$Uid = $_SESSION['userid'];
$query = "SELECT * FROM riot4.settings WHERE User_ID = ? ORDER BY PrimKey DESC";
$params = array($Uid);
$statement_user = sqlsrv_query($conn, $query, $params);
while ($row = sqlsrv_fetch_array($statement_user)) {
$d1 = $row['PrimKey'];
$val = $_POST[$d1];
$query_update = "UPDATE riot4.settings SET Value = ? WHERE PrimKey = ?";
$params = array($val, $row['PrimKey']);
$statement_update = sqlsrv_query($conn, $query_update, $params);
}
}
echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"/Styles/Settings.css\">";
global $conn;
$Uid = $_SESSION['userid'];
$query = "SELECT * FROM riot4.settings WHERE User_ID = ? ORDER BY PrimKey DESC";
$params = array($Uid);
$statement_user = sqlsrv_query($conn, $query, $params);
echo "<div id=\"main\">";
echo "<h2> Preferences</h2>";
echo "<p><form action=\"userPref_settings.php\" method=\"post\"></p>";
while ($row = sqlsrv_fetch_array($statement_user)) {
$d = $row['PrimKey'];
$dev = $row['Device'];
<li class="nav-expander">
<a href="/Home.php#Heading">Home</a>
</li>
<li class="nav-expander">
<a href="/Home.php#Desc1">Device</a>
</li>
<li class="nav-expander">
<a href="/Home.php#Desc2">Preference</a>
</li>
</ul>
</nav>
<div id="Lowerband_right">
<ul class="dev-navigation">
<li class="nav-expander">
<?php
if (logged_on() && !ENV_logged_on()) {
?>
<a href="/userPref_settings.php"><div id="Settings">My Settings</div></a>
<?php
}
if (ENV_logged_on()) {
?>
<a href="/userPref_settings.php"><div id="Settings">My Settings</div></a>
<a href="/env_settings.php"><div id="Settings">Env Settings</div></a>
<?php
}
?>
</li>
</ul>
</div>
</div>
