<?php require 'include/functions.php'; include 'include/head.html'; //we can only view the user if we get the id in the url and the id is stored in db if (isset($_GET['id']) && userIsValid($_GET['id'])) { $user = viewUser($_GET['id']); } else { header('Location:index.php?error=1'); } ?> <h2>View</h2> <table border="1" width="400"> <tr><th>Name</th><td><?php echo $user['name']; ?> </td></tr> <tr><th>Email address</th><td><?php echo $user['email']; ?> </td></tr> <tr><th>Phone</th><td><?php echo $user['phone']; ?> </td></tr> </table>
function go2page($view, $param = null) { if ($view === 'user') { return viewUser($param); } return viewList(); }
* @url http://www.mosets.com/tree/ */ defined('_JEXEC') or die('Restricted access'); require_once JPATH_ADMINISTRATOR . DS . 'components' . DS . 'com_mtree' . DS . 'spy.mtree.html.php'; $id = JRequest::getInt('id', 0); $owner = JRequest::getVar('owner', ''); $cid = JRequest::getVar('cid', array()); $task2 = strval(JRequest::getCmd('task2', '')); JArrayHelper::toInteger($cid, array()); HTML_mtspy::printStartMenu($option, $task2); switch ($task2) { case 'users': viewUsers($option); break; case 'viewuser': viewUser($option, $id); break; case 'viewclone': viewClone($option, $id); break; case 'listings': viewListings($option); break; case 'viewlisting': viewListing($option, $id); break; case 'clones': viewClones($option); break; case 'removelogs': removeLogs($option, $cid);
<?php session_start(); viewUser(); function viewUser() { $con = mysqli_connect("localhost", "root", "root", "eshop"); // Check connection if (!isset($_SESSION['U_ID'])) { echo "404"; } else { if (mysqli_connect_errno()) { echo "Failed to connect to MySQL: " . mysqli_connect_error(); } $user = mysqli_query($con, "SELECT * FROM User WHERE ID='{$_SESSION['U_ID']}'"); $user_info = array(); while ($row = mysqli_fetch_array($user)) { $user_row = array("first_name" => $row['first_name'], "last_name" => $row['last_name'], "email" => $row['email'], 'avatar' => $row['avatar']); array_push($user_info, $user_row); } echo json_encode($user_info); mysqli_close($con); } }
function deleteUser() { global $_GET, $_SESSION; global $user_admin; $OUTPUT = ""; if (isset($_GET["key"]) && isset($_GET["id"])) { $id = $_GET["id"]; $key = $_GET["key"]; // first make sure it is this person's contact, or that the user is root if (!$user_admin) { $rslt = db_exec("SELECT * FROM usradd WHERE id='{$id}' AND\r\n\t\t\t\t( by='{$_SESSION['USER_NAME']}' )"); if (pg_num_rows($rslt) <= 0) { return "You are not allowed to delete this user entry!"; } } //two butons // check if a confirmation or deletion should occur (confirm_delete let's the cofirmation display) if ($key == "confirm_delete") { $Sl = "SELECT * FROM usradd WHERE id='{$id}'"; $Ri = db_exec($Sl) or errDie("Unable to get user details."); $cdata = pg_fetch_array($Ri); $OUTPUT .= "<font size=2><b>Are you sure you want to delete this user:</b></font><br>"; $OUTPUT .= viewUser(); $OUTPUT .= "\r\n\t\t\t\t<table><tr><td align=center>\r\n\t\t\t\t\t<form method=post action='" . SELF . "'>\r\n\t\t\t\t\t\t<input type=hidden name=key value='delete'>\r\n\t\t\t\t\t\t<input type=hidden name=id value='{$id}'>\r\n\t\t\t\t\t\t<input type=submit value=yes>\r\n\t\t\t\t\t\t\r\n\t\t\t\t\t</form>\r\n\t\t\t\t</td></tr></table>"; } else { if ($key == "delete") { // delete it !!!!!!! $Ri = db_exec("DELETE FROM usradd WHERE id='{$id}' "); if (pg_cmdtuples($Ri) <= 0) { $OUTPUT .= "Error Deleting Entry<br> Please check that it exists, else contact Cubit<br>"; } else { $OUTPUT .= "<script> window.opener.parent.mainframe.location.reload(); window.close(); </script>"; } } } } else { $OUTPUT .= "<script> window.opener.parent.mainframe.location.reload(); window.close(); </script>"; } $link = "<table border=0 cellpadding='" . TMPL_tblCellPadding . "' cellspacing='" . TMPL_tblCellSpacing . "'>\r\n\t\r\n\t<tr><th>Quick Links</th></tr>\r\n\t<tr class='bg-odd'><td><a href='docman-index.php'>Document Management</a></td></tr>"; print $link; return $OUTPUT; }