function addUser($user, $pxwd, $email) { $db = new Database(); if (!$db->queryTrueFalse("select userExists('{$user}')")) { // If username does not exist if ($db->queryTrueFalse("select insertUser('{$user}', '{$pxwd}', '{$email}')")) { // Add user information to database // Log the user in login($user, $pxwd, $db); // $_SESSION["completedPref"] = FALSE; // header("Location: signup.php"); } } else { //Complain header("Location: index.php?err=2"); } }
include_once "session.php"; include_once "classes.php"; session_start(); // Get this from $_SESSION $me = $_SESSION["user"]->getName(); if (!$_SESSION['user']->isLoggedIn()) { header('location: index.php'); } $conn = new Database(); $result = $conn->queryTable("select * from getGames('{$me}');"); if (isset($_POST['games'])) { foreach ($_POST['games'] as $game) { $split = split('#', $game); $game = pg_escape_string($split[0]); $console = pg_escape_string($split[1]); if (!$conn->queryTrueFalse("select likeGame('{$me}','{$game}','{$console}');")) { die('Please contact benson'); } else { header('Location: question.php'); } } } ?> <!DOCTYPE HTML> <html> <head> <meta charset="utf-8"> <title>eHarbinger</title> <link rel="stylesheet" type="text/css" href="css/meg.css"> <script type='text/javascript' src='//code.jquery.com/jquery-1.7.1.js'></script>
} $i = 1; while (isset($_POST["qid{$i}"]) && trim($_POST["qid{$i}"]) && isset($_POST["ansSelf{$i}"]) && trim($_POST["ansSelf{$i}"])) { $qid = pg_escape_string($_POST["qid{$i}"]); $ansSelf = pg_escape_string($_POST["ansSelf{$i}"]); $imp = pg_escape_string($_POST["imp{$i}"]); $ansOthTmp = ""; for ($j = 1; $j <= 5; $j++) { if (isset($_POST["ans{$j}" . "Oth{$i}"])) { $ansOthTmp .= "1"; } else { $ansOthTmp .= "0"; } } $ansOth = pg_escape_string($ansOthTmp); if (!$conn->queryTrueFalse("select answerQuestion('{$me}',{$qid},{$ansSelf},'{$ansOth}',{$imp} );")) { echo "Error posting answer to one of your questions, please contact Benson"; } $i++; } ?> <!DOCTYPE> <html> <head> <meta charset="utf-8"> <title>eHarbinger</title> <link rel="stylesheet" type="text/css" href="css/meg.css"> </head> <body> <section id = 'banner' style='max-height: 250;'>
session_start(); $me = $_SESSION['user']->getName(); if (!$_SESSION['user']->isLoggedIn()) { header('location: index.php'); } elseif (!$_SESSION['user']->query("select isAdmin('{$me}');", 'boolean')) { header('location: index.php'); } $conn = new Database(); if ((isset($_POST['newconsole']) && trim($_POST['newconsole']) || isset($_POST['oldconsole']) && trim($_POST['oldconsole'])) && isset($_POST['newgame']) && trim($_POST['newgame'])) { $newconsole = pg_escape_string($_POST['newconsole']); if (!trim($newconsole)) { $newconsole = pg_escape_string($_POST['oldconsole']); } $newgame = pg_escape_string($_POST['newgame']); $newdesc = pg_escape_string($_POST['newdesc']); if (!$conn->queryTrueFalse("select insertGame( '{$newgame}', '{$newconsole}', '{$newdesc}' );")) { echo "Error: Game {$newgame} could not be added for console: {$newconsole}"; } } if (isset($_POST['qtext']) && trim($_POST['qtext']) && isset($_POST['ans1']) && trim($_POST['ans1']) && isset($_POST['ans2']) && trim($_POST['ans2'])) { $console = pg_escape_string($_POST['console']); $game = pg_escape_string($_POST['game']); $qtext = pg_escape_string($_POST['qtext']); $ans1 = pg_escape_string($_POST['ans1']); $ans2 = pg_escape_string($_POST['ans2']); $ans3 = pg_escape_string($_POST['ans3']); $ans4 = pg_escape_string($_POST['ans4']); $ans5 = pg_escape_string($_POST['ans5']); if (!$conn->queryTrueFalse("select insertQuestion('{$game}','{$console}','{$qtext}','{$ans1}','{$ans2}','{$ans3}','{$ans4}','{$ans5}');")) { echo "Error: Game {$game} does not exist for Console {$console}"; }