// AdminView - LINE 501
// adduser - LINE 791
// document - LINE 1071
// categories - LINE 1113
// status - LINE 1353
// newticket - LINE 1421
// footer - LINE 1715
#############################################################################################
############################ INCLUDE THE CONFIG AND HEADER FILE #############################
#############################################################################################
// STARTS THE SESSION FOR THE USERS SO LOGIN IS TRACKED THROUGH THE PAGES
session_start();
include_once 'header.php';
include_once '../config.php';
include_once '../class/functions.php';
updateUserInfo();
if ($adminInfo['li_level'] != 'full') {
$sql_user_limit = 'Error ' . $adminInfo['userid'];
}
if ($adminInfo['li_level'] == 'gateway') {
$sql_user_limit = 'and cs_gateway_id = ' . $adminInfo['li_gw_ID'];
}
if ($adminInfo['li_level'] == 'customerservice') {
$sql_ticket_limit = 'and a.tickets_category = 1';
$sql_user_limit = '';
}
#############################################################################################
###################### AUTH LOGIN AND LOGOUT SYSTEM REQUIRES SESSIONS #######################
#############################################################################################
// LOGOUT
if (isset($_GET['action']) && $_GET['action'] == 'Logout') {
$user_followers_count = $tmp_redis->hget($tmp_u_id, 'followers_count');
if ($user_info['followees_count'] != $user_followees_count) {
updateUserInfo($tmp_u_id);
echo "--------start getting {$tmp_u_id}'s " . $user_info['followees_count'] . " followees user list--------\n";
$followee_users = getUserList($tmp_u_id, 'followees', $user_info['followees_count'], 1);
$tmp_redis->set($tmp_u_id, 'followees_count', count($followee_users));
if (!empty($followee_users)) {
foreach ($followee_users as $user) {
$tmp_redis->lpush('request_queue', $user[3]);
}
}
Log::info('empty followee_users u_id' . $tmp_u_id);
echo "--------get " . count($followee_users) . " followees users done--------\n";
}
if ($user_info['followers_count'] != $user_followers_count) {
updateUserInfo($tmp_u_id);
echo "--------start getting {$tmp_u_id}'s " . $user_info['followers_count'] . " followers user list--------\n";
$follower_users = getUserList($tmp_u_id, 'followers', $user_info['followers_count'], 1);
$tmp_redis->set($tmp_u_id, 'follower_users', count($follower_users));
if (!empty($follower_users)) {
foreach ($follower_users as $user) {
$tmp_redis->lpush('request_queue', $user[1]);
}
}
Log::info('empty follower_users u_id' . $tmp_u_id);
echo "--------get " . count($follower_users) . " followers users done--------\n";
}
$tmp_redis->zadd('already_get_queue', 1, $tmp_u_id);
$tmp_redis->close();
$endTime = microtime();
$startTime = explode(' ', $startTime);
$first = $userInfo[1];
$last = $userInfo[2];
$email = $userInfo[4];
$phone = $userInfo[3];
$cred_id = getCredentialTable($email);
//User hits submit, run following code
if (isset($_POST['submit'])) {
$first = $_POST['first'];
$last = $_POST['last'];
$email = $_POST['email'];
$phone = $_POST['phone'];
$user_id = $_POST['user_id'];
$cred_id = $_POST['cred_id'];
//grab users data and input them into a variable
if ($first != "" && $last != "" && $email != "" && $phone != "") {
updateUserInfo($first, $last, $email, $phone, $user_id);
updateCredInfo($cred_id, $email);
header('location:client.php?email=' . $_POST['email']);
} else {
header('location:client.php?email=' . $_POST['email'] . '&error=please make sure all data has been filled, thank you.');
}
}
?>
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<title> Welcome!</title>
<link rel="stylesheet" type="text/css" href="/css/custom.css"/>
<script type="text/javascript" src="/js/custom.js"></script>
if (session_id() == '' || !isset($_SESSION)) {
// session isn't started
session_start();
}
/*
* If "action" post variable was set then the function was called via ajax (javascript)
* the action variable specifies which php function to run to insert/remove/update database entries
*/
if (isset($_POST['action'])) {
switch ($_POST['action']) {
case 'addEmploymentHistory':
$result = addEmploymentHistory($_SESSION['user_id'], $_POST['companyID'], $_POST['startDate'], $_POST['endDate'], $_POST['rating']);
echo $result;
break;
case 'updateUserInfo':
$result = updateUserInfo($_SESSION['user_id'], $_POST['first_name'], $_POST['last_name'], $_POST['email']);
break;
case 'deleteUserInfo':
$result = deleteUserInfo($_SESSION['user_id'], $_POST['first_name'], $_POST['last_name']);
break;
}
}
function updateUserInfo($userID, $firstName, $lastName, $email)
{
try {
$mysqli = new mysqli("localhost", "root", "eqBZKHCd775HA2fS", "JobGossip");
$userSQL = "UPDATE `user` SET `first_name`=?, `last_name`=?, `email`=? WHERE `user_id`=? LIMIT 1";
$stmt = $mysqli->prepare($userSQL);
$stmt->bind_param('ssss', $firstName, $lastName, $email, $userID);
$result = $stmt->execute();
$stmt->close();
<?php
include_once '../../config/init.php';
include_once $BASE_DIR . 'database/users.php';
include_once $BASE_DIR . 'database/session.php';
if ($_GET['username']) {
if (isAdmin($_GET['username']) == 0) {
updateUserInfo('admin', 2, $_GET['username']);
}
if (isAdmin($_GET['username']) == 2) {
updateUserInfo('admin', 0, $_GET['username']);
}
}
header('Location: ' . $BASE_URL . 'pages/admin/users.php');
<?php
//login_delegate.php
session_start();
//require "/home/amcisaor/secure/login_rpc.php";
require $_SERVER['DOCUMENT_ROOT'] . "/secure/login_rpc.php";
//print_r(session_id());
if ($_POST["action"] == "LOGIN") {
print_r(checkUserExists($_POST["Matric_NO"], $_POST["Password"]));
} elseif ($_POST["action"] == "CHECKLOGINSTATUS") {
print_r(checkLoginStatus());
} elseif ($_POST["action"] == "LOGOUT") {
print_r(signOutFromSession());
} elseif ($_POST["action"] == "UPDATEINFO") {
//REMINDER TO SUBMIT TO DB TO UPDATE
//REMINDER TO ESCAPE ALL CHARACTERS
print_r(updateUserInfo(dissoc($_POST, "action")));
}
//elseif($_POST["action"]=="READUSERNAME_EN"){
//print_r(returnUserNameEnglish());
//}elseif($_POST["action"]=="READUSERNAME_CH"){
//print_r(returnUserNameChinese());
//}
<?php
include "query.php";
if (!isLogged()) {
die("Non siete loggati");
}
$id = getId();
$utente = $_POST['utente'];
$email = $_POST['email'];
if (updateUserInfo($id, $utente, $email) != 0) {
echo 202;
} else {
echo 403;
}
$db_name = 'db03152';
//'qdm163951542_db';
$conn = new mysqli($db_server, $db_account, $db_password, $db_name, '3306');
if ($conn->connect_error) {
die('连接失败!' . $conn->connection_error);
return;
}
//接收成绩
$rec = $_POST['goal'];
//修改用户成绩数据
function updateUserInfo($conn, $goal, $userKey)
{
$sql = 'update game_redbag_data set goal = "' . $goal . '" , end_time = "' . date("y-m-d H:i:s") . '", userKey = "" where userKey = "' . $userKey . '"';
$conn->query($sql);
}
updateUserInfo($conn, $rec, $_POST['userKey']);
//查询成绩阶段
function queryGoal($conn, $goal)
{
$sql = 'select zanValue, comment, share_comm, percent_min, percent_max, time_min, time_max from game_redbag_comment where time_min <= ? and time_max > ?';
$stmt = $conn->prepare($sql);
$stmt->bind_param('ss', $goal, $goal);
$stmt->execute();
$stmt->store_result();
$stmt->bind_result($zanValue, $comment, $share_comm, $percent_min, $percent_max, $time_min, $time_max);
$result = array();
while ($stmt->fetch()) {
array_push($result, $zanValue, $comment, $share_comm, $percent_min, $percent_max, $time_min, $time_max);
}
$stmt->free_result();
$stmt->close();
<?php
require "../includes/Db.class.php";
require "../classes/User.php";
$mode = isset($_REQUEST['mode']) ? $_REQUEST['mode'] : "";
$inputArr = $_REQUEST;
switch ($mode) {
case "save":
$arr = saveUserInfo($inputArr);
break;
case "update":
$arr = updateUserInfo($inputArr);
break;
default:
$arr = getUserDetails($inputArr);
}
header('Content-type: application/json');
//echo $_REQUEST['callback'] . '(' . json_encode($arr) . ');';
echo json_encode($arr);
exit;
function updateUserInfo($inputArr)
{
try {
global $db;
//server side validation
foreach ($inputArr as $key => $key_value) {
$keyArr[$key] = $key_value;
}
$docObj = new User($db);
$r_user = $docObj->updateUserDetails($keyArr);
$arr = array('status' => $r_user);
while ($row = mysql_fetch_array($result, MYSQL_ASSOC)) {
$user_ids[] = $row['user_id'];
}
if (empty($user_ids)) {
$cron->set_cron_state('upd_info', 0);
exit;
}
if (!is_connected()) {
//internet connection seems broken
$cron->set_cron_state('upd_info', 0);
exit;
}
$users_info = $connection->post('users/lookup', array('user_id' => implode(',', $user_ids)));
$usersRequestsRemaining--;
foreach ($users_info as $user_info) {
updateUserInfo($user_info);
unset($user_ids[array_search($user_info->id_str, $user_ids)]);
}
//delete users that was not found
foreach ($user_ids as $id) {
$db->query("DELETE FROM " . DB_PREFIX . "extracted_user_data WHERE user_id='" . $db->prep($id) . "'");
}
$cron->store_cron_log(5, 'Successfuly updated ' . count((array) $users_info) . ' records', '');
}
$cron->set_cron_state('upd_info', 0);
function getIds()
{
global $db;
return $db->query("\n SELECT user_id\n FROM " . DB_PREFIX . "extracted_user_data\n WHERE datetime_updated IS NULL\n ORDER BY datetime_created ASC LIMIT " . 100 . "\n ");
}
function updateUserInfo($userInfo)
} else {
if ($_POST['username']) {
updateUserInfo("username", $_POST['username'], $_SESSION['username']);
$_SESSION['username'] = $_POST['username'];
} else {
if ($_POST['firstname']) {
updateUserInfo('firstname', $_POST['firstname'], $_SESSION['username']);
} else {
if ($_POST['secondname']) {
updateUserInfo('secondname', $_POST['secondname'], $_SESSION['username']);
} else {
if ($_POST['phonenumber']) {
updateAboutInfo('phonenumber', $_POST['phonenumber'], $_SESSION['username']);
} else {
if ($_POST['password1'] && $_POST['password2']) {
updateUserInfo('passwordhash', sha1($_POST['password1']), $_SESSION['username']);
} else {
if ($_POST['presentationmessage']) {
updateAboutInfo('presentationmessage', $_POST['presentationmessage'], $_SESSION['username']);
} else {
if ($_POST['birthdate']) {
updateAboutInfo('birthdate', $_POST['birthdate'], $_SESSION['username']);
} else {
if ($_POST['occupation']) {
updateAboutInfo('occupation', $_POST['occupation'], $_SESSION['username']);
} else {
if ($_POST['gender']) {
updateAboutInfo('gender', $_POST['gender'], $_SESSION['username']);
} else {
if ($_POST['city']) {
updateAboutInfo('idcity', $_POST['city'], $_SESSION['username']);