<?php if (!isset($_SESSION)) { session_start(); } if ($content == null) { echo "To Be coded"; die; } if (isset($_SESSION['userID'])) { $results = DBAccess::getUserByUserID($_SESSION['userID']); $stuff = "<span style=\"clear:both; float:right\">Welcome, " . $results[0]['FirstName'] . "<a class=\"link\" href=\"../logout.php\">(Logout)</a>"; $stuff .= "</span>"; } ?> <!DOCTYPE html> <html> <head> <title>SEQAS - <?php echo $title; ?> </title> <link rel="stylesheet" href="../styles/jquery-ui.css" /> <link rel="Stylesheet" type="text/css" href="../styles/mainstyle.css" /> <link rel="Stylesheet" type="text/css" href="../styles/individual.css" /> <script src="../scripts/jquery-1.8.3.js" type="text/javascript"></script> <script src="../scripts/jquery-ui.js" type="text/javascript"></script> <script> $(function() {
<?php include_once '../scripts/DBAccess.php'; $pictureResult2 = DBAccess::getPictureRange('2012-01-01', '2014-06-01', TRUE); $rows2 = count($pictureResult2, 0); if ($rows2 > 6) { $rows2 = 6; } for ($i = 0; $i < $rows2; $i++) { $member = DBAccess::getUserByUserID($pictureResult2[$i]['UserID']); echo "<a href=\"/viewImage/" . $pictureResult2[$i]['PictureID'] . "\"><div class=\"pictureBox\">\n\t\t" . $pictureResult2[$i]['PictureName'] . " by " . $member[0]['FirstName'] . " " . $member[0]['LastName'] . "<br />\n\t\t<img src=\"/Images/" . $pictureResult2[$i]['PictureIcon'] . "\" width=144 alt=\"" . $pictureResult2[$i]['PictureName'] . "\"/> <br />\n\t\n\t\t</div></a>\n\t\t"; }
<?php session_start(); include_once '../scripts/Reports.php'; require './security.php'; include_once '../scripts/DBAccess.php'; include_once '../scripts/simpleimage.php'; include_once '../scripts/GlobalActions.php'; $targetUserID = $_GET['userID']; $result = DBAccess::getUserByUserID($targetUserID); $loginResult = DBAccess::getLoginRecordByUserID($targetUserID); $title = "User Details"; $head = ""; $rows = count($loginResult, 0); $content = "\n\n\n<div class=\"container2\" style=\" float:left;\">\n<h2>Basic Information</h2>\n<label class=\"formLabel\">First Name</label><label class=\"formField\">" . $result[0]['FirstName'] . "</label>\n<label class=\"formLabel\">Last Name</label><label class=\"formField\">" . $result[0]['LastName'] . "</label>\n<label class=\"formLabel\">User Name</label><label class=\"formField\">" . $result[0]['LoginName'] . "</label>\n<label class=\"formLabel\">Date Joined</label><label class=\"formField\">" . $result[0]['DateAdded'] . "</label>\n<label class=\"formLabel\">Email Address</label><label class=\"formField\">" . $result[0]['EmailAddress'] . "</label>\n<label class=\"formLabel\">Account Active</label><label class=\"formField\">"; if (ord($result[0]['Active']) == 1) { $content .= "Y"; } else { $content .= "N"; } $content .= "</label>\n\n<label class=\"formLabel\">Account Type</label><label class=\"formField\">"; if ($result[0]['Position'] == 1) { $content .= "Administrator"; } else { $content .= "User"; } $content .= "</label>\n\n<button style=\"float:left;clear:left;\" type=\"button\" onclick=\"window.location = './editUser.php?userID=" . $result[0]['UserID'] . "'\">Edit User</button>\n\n\n</div><!--End info div -->\n\n\n\n<div class=\"container2\" >\n<h2 style=\"float:left;clear:left\">Last Logged In</h2>\n<label class=\"formLabel\">Date</label><label class=\"formField\">" . $loginResult[0]['Date'] . "</label>\n<label class=\"formLabel\">Time</label><label class=\"formField\">" . $loginResult[0]['Time'] . "</label>\n<label class=\"formLabel\">IP</label><label class=\"formField\">" . $loginResult[0]['IP'] . "</label>\n<label class=\"formLabel\">Browser</label><label class=\"formField\">" . $loginResult[0]['Browser'] . "</label>\n<label class=\"formLabel\">Times Logged In</label><label class=\"formField\">" . $rows . "</label>\n\n<h2 style=\"float:left;clear:left\">Login History</h2>\n\n<br />\n<table class=\"loginTable\">\n<tr>\n<th>Date</th>\n<th>Time</th>\n<th>IP</th>\n<th>Browser</th>\n</tr>\n"; for ($i = 0; $i < $rows; $i++) { $content .= "<tr>"; $content .= "<td>" . $loginResult[$i]['Date'] . "</td>"; $content .= "<td>" . $loginResult[$i]['Time'] . "</td>";
$errorTextConfirm = ""; $current = ""; $new = ""; $confirm = ""; $error = false; $userID = $_SESSION['userID']; /* * Checking by the page itself to make submitted values are valid */ if ($_POST['Submitted'] != null) { $current = $_POST['current']; $new = $_POST['new']; $confirm = $_POST['confirm']; $IP = $_SERVER['REMOTE_ADDR']; $browser = $_SERVER['HTTP_USER_AGENT']; $details = DBAccess::getUserByUserID($userID); $response = DBAccess::verifyUser($details[0]['LoginName'], $current, $IP, $browser); if (strlen($current) == 0) { $errorTextCurrent = "Please enter your current password"; $errorStyleCurrent = "background-color:#F99;"; $error = true; } elseif ($response <= 0) { $error = true; $errorTextCurrent = "Invalid Password"; $errorStyleCurrent = "background-color:#F99;"; } if (strlen($new) == 0) { $errorTextNew = "Please enter a new password"; $errorStyleNew = "background-color:#F99;"; $error = true; } else {
<?php $root = realpath($_SERVER["DOCUMENT_ROOT"]); include_once $root . '/scripts/DBAccess.php'; $page = $_GET['page']; $title = 'Gallery'; $head = ''; $cutdown = false; $content = "\n\n\n<h1 class=\"heading\">SEQAS Gallery</h1>"; $classResult = DBAccess::getClassTypes(); $classRows = count($classResult, 0); for ($i = 0; $i < $classRows; $i++) { $cutdown = false; $pictureClassResult = DBAccess::getPictureByClassID($classResult[$i]['ClassID'], FALSE); $rowsClass = count($pictureClassResult, 0); for ($j = 0; $j < $rowsClass; $j++) { $member = DBAccess::getUserByUserID($pictureClassResult[$j]['UserID']); $content = $content . "<a href=\"/viewImage/" . $pictureClassResult[$j]['PictureID'] . "/\"><div class=\"pictureBox\">\n\t\t" . $pictureClassResult[$j]['PictureName'] . " by " . $member[0]['FirstName'] . " " . $member[0]['LastName'] . "<br />\n\t\t<img src=\"/Images/" . $pictureClassResult[$j]['PictureIcon'] . "\" width=134 alt=\"" . $pictureClassResult[$j]['PictureName'] . "\"/> <br />\t</div></a>\n\t\t"; } } require $root . '/template/userTemplate.php';
<?php $root = realpath($_SERVER["DOCUMENT_ROOT"]); include_once $root . '/scripts/DBAccess.php'; $imageID = $_GET['imageID']; if (!is_numeric($imageID)) { $title = "Images: "; $content = " "; require $root . '/template/userTemplate.php'; die; } $result = DBAccess::getPictureByPictureID($imageID, TRUE); $member = NULL; if ($result[0]['UserID'] != NULL) { $member = DBAccess::getUserByUserID($result[0]['UserID']); } $title = '' . $result[0]['PictureName']; $head = '<meta name="description" content="' . $result[0]['PictureDescription'] . '">'; $content = "\n\t<h1 class=\"heading\">" . $result[0]['PictureName'] . "</h1>\n\t<div class=\"container2\">"; if ($member != NULL) { $content .= "<label class=\"formLabel\">Member:</label><label class=\"formField\">" . $member[0]['FirstName'] . " " . $member[0]['LastName'] . "</label>"; } $content .= "<label class=\"formLabel\">Name:</label><label class=\"formField\">" . $result[0]['PictureName'] . "</label>\n\t<label class=\"formLabel\">Description:</label><label class=\"formField\">" . $result[0]['PictureDescription'] . "</label>\n\t<label class=\"formLabel\">Date:</label><label class=\"formField\">" . date('F, Y', strtotime($result[0]['PictureDate'])) . "</label>\n\n\t<img style=\"padding:50px 0px;display: block;margin-left: auto;margin-right: auto \" src=\"/Images/" . $result[0]['PictureImage'] . "\" alt=\"" . $result[0]['PictureName'] . "\" width=\"800\" />\n\t</div>\n\t\t"; require $root . '/template/userTemplate.php'; ?>
if (strlen($password) == 0) { $errorTextPassword = "******"; $errorStylePassword = "******"; $error = true; } /* * Verify Details */ $IP = $_SERVER['REMOTE_ADDR']; $browser = $_SERVER['HTTP_USER_AGENT']; $response = DBAccess::verifyUser($userName, $password, $IP, $browser); if ($response == -1) { $feedBack = "YOUR ACCOUNT HAS BEEN DISABLED"; } else { if ($response > 0) { $details = DBAccess::getUserByUserID($response); // store session data $_SESSION['userID'] = $response; $IP = $_SERVER['REMOTE_ADDR']; $browser = $_SERVER['HTTP_USER_AGENT']; //record login DBAccess::recordLogin($response, $IP, $browser); //redirect based on permission if ($details[0]['Position'] == 1) { header('Location: /admin/'); } elseif ($details[0]['Position'] == 2) { header('Location: /'); } else { header('Location: /index.php'); } } else {