<?php
$selected_page = "User";
require 'includes/header.php';
if (!isset($_SESSION['user_id']) && !isset($_SESSION['admin_id'])) {
header('Location: login.php');
}
if (!get_running1_batch_id() && !get_running2_batch_id() && !get_published_batch_id() && isset($_SESSION['user_id'])) {
// destroy session
session_destroy();
//unset cookies
setcookie("username", "", time() - 7200);
header('Location: login.php');
}
if (isset($_SESSION['admin_id']) && !get_published_batch_id()) {
header('Location: admin.php');
}
?>
<div class="content">
<div class="topContent">
<?php
if (isset($_SESSION['user_id'])) {
if (get_published_batch_id()) {
$user = $_SESSION['user_id'];
$name = get_user_by_id($user);
$batch = get_published_batch_id();
echo "<h2>" . get_text('Information') . " " . strtolower(get_text('About')) . ": {$name['0']} {$name['1']}</h2>";
?>
<p>
<a href="pdf.php?id=<?php
echo $_SESSION['user_id'];
function login($username, $password, $rememberme)
{
$username = sanitize($username);
$password = sanitize($password);
$rememberme = sanitize($rememberme);
if (get_running1_batch_id() || get_running2_batch_id() || get_published_batch_id()) {
$query = mysql_query("SELECT ID, Password, Username FROM user WHERE UPPER(Username) = UPPER('{$username}')");
if (!$query || mysql_num_rows($query) <= 0) {
//echo mysql_error();
return get_text('Error_occured') . get_text('Do_you_have_account');
} else {
$user = mysql_fetch_row($query);
if (password_verify($password, $user['1'])) {
if ($rememberme == "on") {
setcookie("username", $username, time() + 7200);
} else {
if ($rememberme == "") {
$_SESSION['user_id'] = $user['0'];
$_SESSION['user_name'] = $user['2'];
}
}
header('Location: index.php');
exit;
} else {
return get_text('Wrong_password');
}
}
} else {
return get_text('Login_not_allowed');
}
}
<h3><?php
echo get_text('Who_may_answer_your_poll');
?>
</h3>
<form action="<?php
echo $_SERVER['PHP_SELF'];
?>
?Start&Step=2" method="post">
<?php
foreach ($users as $user) {
if ($user['ID'] != $_SESSION['user_id']) {
$batch = get_running1_batch_id();
if (is_preferred_reviewer($_SESSION['user_id'], $user['ID'], $batch)) {
?>
<input type="checkbox" name="preferred_reviewer[]" id="<?php
echo $user['Username'];
?>
"
value="<?php
echo $user['Username'];
?>
" checked/><label
for="<?php
echo $user['Username'];
?>
"><?php
echo $user['Lastname'] . ' ' . $user['Firstname'];
?>
</label>
<br/>
<?php
$selected_page = "Admin";
require_once 'includes/header.php';
if (!isset($_SESSION['admin_id'])) {
header('Location:admin_login.php');
}
$add_user_message = "";
$add_department_message = "";
?>
<div class="content">
<?php
if (get_running1_batch_id() || get_running2_batch_id()) {
?>
<div class="topContent">
<?php
if (get_running1_batch_id()) {
$users = get_users_not_answered_own_questions();
if ($users) {
$number = 0;
foreach ($users as $user) {
$number++;
}
?>
<p style="width: 100%;">
<b><?php
echo $number;
?>
</b> <?php
echo get_text('Users_have_not_filled_in_own_poll');
?>
.
</a>
</h3>
<h3 class="next"><a
href="<?php
echo $_SERVER['PHP_SELF'];
?>
?Exit"><?php
echo get_text('Exit');
?>
</a></h3>
</div>
<?php
} else {
if ($_GET['Step'] == 1) {
$poll = get_poll_by_reviewer_reviewee_batch($_SESSION['user_id'], $_SESSION['user_id'], get_running1_batch_id());
if ($poll) {
$poll_status = get_poll_status($poll);
echo '<div class="topContent">';
include 'includes/form/own_poll.php';
echo '</div>';
} else {
echo '<div class="topContent">' . get_text('Error_occured_try_again') . '</div>';
}
} else {
if ($_GET['Step'] == 2) {
echo '<div class="topContent">';
include 'includes/form/preferred_reviewer.php';
echo '</div>';
} else {
if ($_GET['Step'] == 3) {
echo $batch['ID'];
?>
"/>
<?php
if (get_batch_status_name($batch['Status']) == 'Init') {
?>
<input type="submit" name="change_batch_status"
onclick="change_batchstatus(<?php
echo $batch['ID'];
?>
, 'Start')"
value="<?php
echo get_text('Start_phase_1');
?>
" <?php
if (get_running1_batch_id() || get_running2_batch_id() || get_calculating_batch_id() || get_accepted_batch_id()) {
echo 'disabled="disabled"';
}
?>
/>
<?php
} else {
if (get_batch_status_name($batch['Status']) == 'Running1') {
?>
<input type="submit" name="change_batch_status"
onclick="change_batchstatus(<?php
echo $batch['ID'];
?>
, 'Calculate')"
value="<?php
echo get_text('Calculate_polls');
