/**
* Processes loading of this sample code through a web browser.
*
* @return void
*/
function runWWWVersion()
{
session_start();
// Note that all calls to endHTML() below end script execution!
// Check to make sure that the user has set a password.
$p = LOGIN_PASSWORD;
if (empty($p)) {
startHTML(false);
displayPasswordNotSetNotice();
endHTML();
}
// Grab any login credentials that might be waiting in the request
if (!empty($_POST['password'])) {
if ($_POST['password'] == LOGIN_PASSWORD) {
$_SESSION['authenticated'] = 'true';
} else {
// Invalid password. Stop and display a login screen.
startHTML(false);
requestUserLogin("Incorrect password.");
endHTML();
}
}
// If the user isn't authenticated, display a login screen
if (!isset($_SESSION['authenticated'])) {
startHTML(false);
requestUserLogin();
endHTML();
}
// Try to login. If login fails, log the user out and display an
// error message.
try {
$client = getClientLoginHttpClient(GAPPS_USERNAME . '@' . GAPPS_DOMAIN, GAPPS_PASSWORD);
$gapps = new Zend_Gdata_Gapps($client, GAPPS_DOMAIN);
} catch (Zend_Gdata_App_AuthException $e) {
session_destroy();
startHTML(false);
displayAuthenticationFailedNotice();
endHTML();
}
// Success! We're logged in.
// First we check for commands that can be submitted either though
// POST or GET (they don't make any changes).
if (!empty($_REQUEST['command'])) {
switch ($_REQUEST['command']) {
case 'retrieveUser':
startHTML();
retrieveUser($gapps, true, $_REQUEST['user']);
endHTML(true);
case 'retrieveAllUsers':
startHTML();
retrieveAllUsers($gapps, true);
endHTML(true);
case 'retrieveNickname':
startHTML();
retrieveNickname($gapps, true, $_REQUEST['nickname']);
endHTML(true);
case 'retrieveNicknames':
startHTML();
retrieveNicknames($gapps, true, $_REQUEST['user']);
endHTML(true);
case 'retrieveAllNicknames':
startHTML();
retrieveAllNicknames($gapps, true);
endHTML(true);
case 'retrieveEmailLists':
startHTML();
retrieveEmailLists($gapps, true, $_REQUEST['recipient']);
endHTML(true);
case 'retrieveAllEmailLists':
startHTML();
retrieveAllEmailLists($gapps, true);
endHTML(true);
case 'retrieveAllRecipients':
startHTML();
retrieveAllRecipients($gapps, true, $_REQUEST['emailList']);
endHTML(true);
}
}
// Now we handle the potentially destructive commands, which have to
// be submitted by POST only.
if (!empty($_POST['command'])) {
switch ($_POST['command']) {
case 'createUser':
startHTML();
createUser($gapps, true, $_POST['user'], $_POST['givenName'], $_POST['familyName'], $_POST['pass']);
endHTML(true);
case 'updateUserName':
startHTML();
updateUserName($gapps, true, $_POST['user'], $_POST['givenName'], $_POST['familyName']);
endHTML(true);
case 'updateUserPassword':
startHTML();
updateUserPassword($gapps, true, $_POST['user'], $_POST['pass']);
endHTML(true);
case 'setUserSuspended':
if ($_POST['mode'] == 'suspend') {
startHTML();
suspendUser($gapps, true, $_POST['user']);
endHTML(true);
} elseif ($_POST['mode'] == 'restore') {
startHTML();
restoreUser($gapps, true, $_POST['user']);
endHTML(true);
} else {
header('HTTP/1.1 400 Bad Request');
startHTML();
echo "<h2>Invalid mode.</h2>\n";
echo "<p>Please check your request and try again.</p>";
endHTML(true);
}
case 'setUserAdmin':
if ($_POST['mode'] == 'issue') {
startHTML();
giveUserAdminRights($gapps, true, $_POST['user']);
endHTML(true);
} elseif ($_POST['mode'] == 'revoke') {
startHTML();
revokeUserAdminRights($gapps, true, $_POST['user']);
endHTML(true);
} else {
header('HTTP/1.1 400 Bad Request');
startHTML();
echo "<h2>Invalid mode.</h2>\n";
echo "<p>Please check your request and try again.</p>";
endHTML(true);
}
case 'setForceChangePassword':
if ($_POST['mode'] == 'set') {
startHTML();
setUserMustChangePassword($gapps, true, $_POST['user']);
endHTML(true);
} elseif ($_POST['mode'] == 'clear') {
startHTML();
clearUserMustChangePassword($gapps, true, $_POST['user']);
endHTML(true);
} else {
header('HTTP/1.1 400 Bad Request');
startHTML();
echo "<h2>Invalid mode.</h2>\n";
echo "<p>Please check your request and try again.</p>";
endHTML(true);
}
case 'deleteUser':
startHTML();
deleteUser($gapps, true, $_POST['user']);
endHTML(true);
case 'createNickname':
startHTML();
createNickname($gapps, true, $_POST['user'], $_POST['nickname']);
endHTML(true);
case 'deleteNickname':
startHTML();
deleteNickname($gapps, true, $_POST['nickname']);
endHTML(true);
case 'createEmailList':
startHTML();
createEmailList($gapps, true, $_POST['emailList']);
endHTML(true);
case 'deleteEmailList':
startHTML();
deleteEmailList($gapps, true, $_POST['emailList']);
endHTML(true);
case 'modifySubscription':
if ($_POST['mode'] == 'subscribe') {
startHTML();
addRecipientToEmailList($gapps, true, $_POST['recipient'], $_POST['emailList']);
endHTML(true);
} elseif ($_POST['mode'] == 'unsubscribe') {
startHTML();
removeRecipientFromEmailList($gapps, true, $_POST['recipient'], $_POST['emailList']);
endHTML(true);
} else {
header('HTTP/1.1 400 Bad Request');
startHTML();
echo "<h2>Invalid mode.</h2>\n";
echo "<p>Please check your request and try again.</p>";
endHTML(true);
}
}
}
// Check for an invalid command. If so, display an error and exit.
if (!empty($_REQUEST['command'])) {
header('HTTP/1.1 400 Bad Request');
startHTML();
echo "<h2>Invalid command.</h2>\n";
echo "<p>Please check your request and try again.</p>";
endHTML(true);
}
// If a menu parameter is available, display a submenu.
if (!empty($_REQUEST['menu'])) {
switch ($_REQUEST['menu']) {
case 'user':
startHTML();
displayUserMenu();
endHTML();
case 'nickname':
startHTML();
displayNicknameMenu();
endHTML();
case 'emailList':
startHTML();
displayEmailListMenu();
endHTML();
case 'logout':
startHTML(false);
logout();
endHTML();
default:
header('HTTP/1.1 400 Bad Request');
startHTML();
echo "<h2>Invalid menu selection.</h2>\n";
echo "<p>Please check your request and try again.</p>";
endHTML(true);
}
}
// If we get this far, that means there's nothing to do. Display
// the main menu.
// If no command was issued and no menu was selected, display the
// main menu.
startHTML();
displayMenu();
endHTML();
}
<?php
include_once 'database/connect.php';
include_once 'functions/general.php';
session_start();
if (isset($_GET['ref'])) {
$ref = $_GET['ref'];
$id = bookRefToId($ref, $dbconn);
$results = retrieveTextbook($id, $dbconn);
$user = retrieveUser($results['UserId'], $dbconn);
$categories = retrieveCategories($dbconn);
$conditions = retrieveConditions($dbconn);
if (isActiveUser($user['UserId'], $dbconn)) {
$currentUser = true;
} else {
$currentUser = false;
}
}
<?php include "core/database/connect.php"; include "core/functions/general.php"; include "core/validation.php"; $profile = retrieveProfile(activeUser(), $dbconn); $user = retrieveUser(activeUser(), $dbconn); ?> <html lang="en"> <head> <meta charset="UTF-8"> <meta http-equiv="X-UA-Compatible" content="IE=edge"> <meta name="viewport" content="width=device-width, initial-scale=1"> <title>BookHunters</title> <!-- Latest compiled and minified CSS --> <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.5/css/bootstrap.min.css"> <!-- BookHunters --> <link rel="stylesheet" href="css/bootstrap.css"> </head> <body> <?php include 'components/header.php'; ?> <div class="container" style="padding-top: 5px;"> <h2 class="page-header">Edit Profile</h2>
mysql_query($sqlQuery);
}
//Retrieves record based upon session id given
function retrieveUser($session, $database)
{
$sqlQuery = 'SELECT * FROM SESSION WHERE session_id=' . $session;
return mysql_query($sqlQuery);
}
//Deletes record of user id and session id from table
function removeSessionUserEntry($session, $user, $database)
{
$sqlQuery = 'DELETE FROM SESSION WHERE session_id=' . $session;
mysql_query($sqlQuery);
}
//Checks method type and calls appropriate function
if ($method == "create") {
createSessionUserEntry($session, $user, $database);
} else {
if ($method == "retrieve") {
$result = retrieveUser($session, $database);
//Fetch and return user id
while ($row = mysql_fetch_array($result)) {
echo $row['user_id'];
}
} else {
if ($method == "remove") {
removeSessionUserEntry($session, $user, $database);
}
}
}
mysql_close($database);
<?php
include "core/database/connect.php";
include "core/functions/general.php";
session_start();
if (!empty($_GET['verification_code']) && isset($_GET['verification_code'])) {
$verificationCode = $_GET['verification_code'];
//check the database for the verification code from the link
$sql = 'SELECT `UserId`, `Code` FROM `confirmation` WHERE `Code` = :verification';
$stmt = $dbconn->prepare($sql);
$stmt->bindParam(':verification', $verificationCode, PDO::PARAM_STR);
$stmt->execute();
$row = $stmt->fetch();
$Id = $row['UserId'];
$user = retrieveUser($Id, $dbconn);
if (empty($row)) {
setNotice("The account was not found", "alert alert-danger");
} elseif ($user['Active'] == 1) {
setNotice("You have already been validated!", "alert alert-danger");
} else {
//if they match. make the user active in db
$sql = 'UPDATE `users` SET Active = 1 WHERE UserId=:Id';
$stmt = $dbconn->prepare($sql);
$stmt->bindParam(':Id', $Id, PDO::PARAM_STR);
$stmt->execute();
$row = $stmt->fetch(PDO::FETCH_ASSOC);
setNotice("Succesfully Registered!", "alert alert-success");
}
}
header("location: index.php");
