<?php
require 'api/_apiHeaderGeneric.php';
header("HTTP/1.0 200");
if (!empty($_POST['callback'])) {
$json->callback = $_POST['callback'];
}
if (!empty($_POST['_fbAppId']) && $json->status == 'OK') {
$fbAppId = $_POST['_fbAppId'];
if (!empty($_POST['_session']) && $json->status == 'OK') {
$sessionId = $_POST['_session'];
if ($memcache = new Memcache()) {
if ($memcache->connect('localhost', 11211, 3)) {
try {
if ($json->status == 'OK') {
$session = verify_session($memcache, $sessionId, $_SERVER, __DOMAIN__);
if (!empty($session)) {
if ($session->admin) {
unset($session->admin);
}
if ($session->developer) {
unset($session->developer);
}
if ($session->content_creator) {
unset($session->content_creator);
}
$memcache->set($session->id, $session);
} else {
$json->status = 'ERROR';
$json->message = 'Invalid session';
}
<?php
include "utility_functions.php";
//Access level
$access = "a";
$sessionid = $_GET["sessionid"];
verify_session($sessionid, $access);
// Verify where we are from, manage.php or user_update_action.php.
if (!isset($_POST["update_fail"])) {
// from manage.php
// Fetch the record to be updated.
$username = $_GET["username"];
// the sql string
$sql = "select username, passw, isstudent, isadmin from users where username = '******'";
$result_array = execute_sql_in_mysql($sql);
$result = $result_array["flag"];
$cursor = $result_array["cursor"];
if ($cursor == false) {
die("Query Failed.");
}
$values = mysqli_fetch_array($cursor);
$username = $values[0];
$password = $values[1];
$isstudent = $values[2];
$isadmin = $values[3];
} else {
// from user_update_action.php
// Obtain values of the record to be updated directly.
$username = $_POST["username"];
$password = $_POST["password"];
$isstudent = $_POST["isstudent"];
<?php
require "include/session.php";
verify_session();
?>
<?php
?>
<html>
<head>
<meta charset="UTF-8">
<title>Módulo de Activos</title>
<link rel="stylesheet" type="text/css" href="../css/solRealizada.css">
</head>
<body>
<div class="contenedor">
<header>
<div class="banner"></div>
</header>
<div class="main">
<main>
<h1>Su solicitud ha sido realizada exitosamente</h1>
<a href="seleccionarDep.php"><div class="nueva"></div></a>
<a href="../index.php"><div class="salir"></div></a>
</main>
// Make sure they are logged in
$email = verify_session();
if ($email == "") {
set_msg_err("Error: you do not appear to be logged in");
header("Location: " . $_SERVER['PHP_SELF'] . "?" . SID);
exit;
} else {
header("Location: " . $_SERVER['PHP_SELF'] . "?" . SID . "&state=logged_in");
exit;
}
}
} else {
if ($_REQUEST['state'] == "logged_in") {
// SHOW MAIN SCREEN
// First make sure they are really logged in!
$email = verify_session();
if ($email == "") {
set_msg_err("Error: you do not appear to be logged in.");
header("Location: " . $_SERVER['PHP_SELF'] . "?" . SID);
exit;
} else {
// Set base url for convenience
$base_url = $_SERVER['PHP_SELF'] . "?" . SID . "&state=logged_in";
// Get current account settings
$result = $pdo->query("select * from accounts where Email='{$email}'") or die(print_r($pdo->errorInfo()));
$user_info = $result->fetchAll();
$user_info = $user_info[0];
// Setup smarty stuff
$smarty->assign('email', $email);
$smarty->assign('state', $_REQUEST['state']);
if (isset($_REQUEST['mode'])) {
<?php
include "utility_functions.php";
include "prereq_check.php";
//Access level
$access = "s";
$sessionid = $_GET["sessionid"];
$user_info = verify_session($sessionid, $access);
$seqids = $_POST['seqids'];
if (empty($seqids)) {
echo "You didn't select any courses.";
} else {
$n = count($seqids);
$error_messages = array();
for ($i = 0; $i < $n; $i++) {
$already_registered = false;
$sql = "select seqid from taken where id = '{$user_info['1']}'";
$result_array = execute_sql_in_mysql($sql);
$result = $result_array["flag"];
$cursor = $result_array["cursor"];
if ($cursor == false) {
//display_oracle_error_message($cursor);
die("Client Query Failed.");
}
while ($values = mysqli_fetch_array($cursor)) {
if ($values[0] == $seqids[$i]) {
$already_registered = true;
}
}
$class_full = false;
$prereq_check_result = prereq_check($user_info[0], $seqids[$i]);
################################################################################
*/
$have_session = false;
$thwb_cookie = '';
$g_user = array();
$uri = $HTTP_SERVER_VARS['REQUEST_URI'];
if (!stristr($uri, 'login.php') && !stristr($uri, 'do_register.php') && !stristr($uri, 'misc.php')) {
if (substr($uri, -1, 1) != '/') {
$path = urlencode(preg_replace("/(&|&|\\?)s=([a-zA-Z0-9]+)/", '', basename($HTTP_SERVER_VARS['REQUEST_URI'])));
} else {
$path = '';
}
} else {
$path = '';
}
$thwb_cookie = verify_session();
$_have_sid_cookie = $g_user['have_cookie'];
if ($thwb_cookie != "guest") {
$thwb_cookie_userid = substr($thwb_cookie, 32);
$thwb_cookie_userpassword = substr($thwb_cookie, 0, 32);
$r_user = thwb_query("SELECT username, useremail, userid, userpassword, userhidesig,\n userbanned, userisadmin, userlastpost, usernoding, styleid, groupids FROM " . $pref . "user\n WHERE userid='" . intval($thwb_cookie_userid) . "'");
$g_user = mysql_fetch_array($r_user);
if (!isset($g_user['userpassword'])) {
$g_user['userpassword'] = '';
}
if ($g_user['userisadmin']) {
error_reporting(E_ALL);
}
$is_guest = false;
} else {
$is_guest = true;
