<?php require 'api/_apiHeaderGeneric.php'; header("HTTP/1.0 200"); if (!empty($_POST['callback'])) { $json->callback = $_POST['callback']; } if (!empty($_POST['_fbAppId']) && $json->status == 'OK') { $fbAppId = $_POST['_fbAppId']; if (!empty($_POST['_session']) && $json->status == 'OK') { $sessionId = $_POST['_session']; if ($memcache = new Memcache()) { if ($memcache->connect('localhost', 11211, 3)) { try { if ($json->status == 'OK') { $session = verify_session($memcache, $sessionId, $_SERVER, __DOMAIN__); if (!empty($session)) { if ($session->admin) { unset($session->admin); } if ($session->developer) { unset($session->developer); } if ($session->content_creator) { unset($session->content_creator); } $memcache->set($session->id, $session); } else { $json->status = 'ERROR'; $json->message = 'Invalid session'; }
<?php include "utility_functions.php"; //Access level $access = "a"; $sessionid = $_GET["sessionid"]; verify_session($sessionid, $access); // Verify where we are from, manage.php or user_update_action.php. if (!isset($_POST["update_fail"])) { // from manage.php // Fetch the record to be updated. $username = $_GET["username"]; // the sql string $sql = "select username, passw, isstudent, isadmin from users where username = '******'"; $result_array = execute_sql_in_mysql($sql); $result = $result_array["flag"]; $cursor = $result_array["cursor"]; if ($cursor == false) { die("Query Failed."); } $values = mysqli_fetch_array($cursor); $username = $values[0]; $password = $values[1]; $isstudent = $values[2]; $isadmin = $values[3]; } else { // from user_update_action.php // Obtain values of the record to be updated directly. $username = $_POST["username"]; $password = $_POST["password"]; $isstudent = $_POST["isstudent"];
<?php require "include/session.php"; verify_session(); ?> <?php ?> <html> <head> <meta charset="UTF-8"> <title>Módulo de Activos</title> <link rel="stylesheet" type="text/css" href="../css/solRealizada.css"> </head> <body> <div class="contenedor"> <header> <div class="banner"></div> </header> <div class="main"> <main> <h1>Su solicitud ha sido realizada exitosamente</h1> <a href="seleccionarDep.php"><div class="nueva"></div></a> <a href="../index.php"><div class="salir"></div></a> </main>
// Make sure they are logged in $email = verify_session(); if ($email == "") { set_msg_err("Error: you do not appear to be logged in"); header("Location: " . $_SERVER['PHP_SELF'] . "?" . SID); exit; } else { header("Location: " . $_SERVER['PHP_SELF'] . "?" . SID . "&state=logged_in"); exit; } } } else { if ($_REQUEST['state'] == "logged_in") { // SHOW MAIN SCREEN // First make sure they are really logged in! $email = verify_session(); if ($email == "") { set_msg_err("Error: you do not appear to be logged in."); header("Location: " . $_SERVER['PHP_SELF'] . "?" . SID); exit; } else { // Set base url for convenience $base_url = $_SERVER['PHP_SELF'] . "?" . SID . "&state=logged_in"; // Get current account settings $result = $pdo->query("select * from accounts where Email='{$email}'") or die(print_r($pdo->errorInfo())); $user_info = $result->fetchAll(); $user_info = $user_info[0]; // Setup smarty stuff $smarty->assign('email', $email); $smarty->assign('state', $_REQUEST['state']); if (isset($_REQUEST['mode'])) {
<?php include "utility_functions.php"; include "prereq_check.php"; //Access level $access = "s"; $sessionid = $_GET["sessionid"]; $user_info = verify_session($sessionid, $access); $seqids = $_POST['seqids']; if (empty($seqids)) { echo "You didn't select any courses."; } else { $n = count($seqids); $error_messages = array(); for ($i = 0; $i < $n; $i++) { $already_registered = false; $sql = "select seqid from taken where id = '{$user_info['1']}'"; $result_array = execute_sql_in_mysql($sql); $result = $result_array["flag"]; $cursor = $result_array["cursor"]; if ($cursor == false) { //display_oracle_error_message($cursor); die("Client Query Failed."); } while ($values = mysqli_fetch_array($cursor)) { if ($values[0] == $seqids[$i]) { $already_registered = true; } } $class_full = false; $prereq_check_result = prereq_check($user_info[0], $seqids[$i]);
################################################################################ */ $have_session = false; $thwb_cookie = ''; $g_user = array(); $uri = $HTTP_SERVER_VARS['REQUEST_URI']; if (!stristr($uri, 'login.php') && !stristr($uri, 'do_register.php') && !stristr($uri, 'misc.php')) { if (substr($uri, -1, 1) != '/') { $path = urlencode(preg_replace("/(&|&|\\?)s=([a-zA-Z0-9]+)/", '', basename($HTTP_SERVER_VARS['REQUEST_URI']))); } else { $path = ''; } } else { $path = ''; } $thwb_cookie = verify_session(); $_have_sid_cookie = $g_user['have_cookie']; if ($thwb_cookie != "guest") { $thwb_cookie_userid = substr($thwb_cookie, 32); $thwb_cookie_userpassword = substr($thwb_cookie, 0, 32); $r_user = thwb_query("SELECT username, useremail, userid, userpassword, userhidesig,\n userbanned, userisadmin, userlastpost, usernoding, styleid, groupids FROM " . $pref . "user\n WHERE userid='" . intval($thwb_cookie_userid) . "'"); $g_user = mysql_fetch_array($r_user); if (!isset($g_user['userpassword'])) { $g_user['userpassword'] = ''; } if ($g_user['userisadmin']) { error_reporting(E_ALL); } $is_guest = false; } else { $is_guest = true;