<?php
session_start();
include_once 'dbconnect.php';
include_once 'functions.php';
if (isset($_POST['signin']) == "Sign In") {
$username = mysqli_real_escape_string($connection, $_POST['username']);
$password = mysqli_real_escape_string($connection, $_POST['password']);
$select_query = mysqli_query($connection, "select * from signup_details where username = '******'\n and password = '******'");
$record = mysqli_fetch_assoc($select_query);
$_SESSION['email'] = $record['email'];
$_SESSION['username'] = $record['username'];
$_SESSION['name'] = $record['firstname'] . " " . $record['lastname'];
$_SESSION['userID'] = $record['signup_id'];
if (count($record) > 0) {
header('Location: dashboard.php');
} else {
phpAlert("Either username or password is incorrect.");
echo 'Kindly press BACK button.';
}
}
include_once "functions.php";
$uID = $_GET['uid'];
$cOf = $_SESSION['userID'];
$name = $_SESSION['name'];
if (isset($_POST['add']) == "Add") {
$friend = mysqli_real_escape_string($connection, $_POST['isFriend']);
$queryEleven = "select * from block where user_id = '{$cOf}' and blockedBy = '{$uID}'";
$recordEleven = mysqli_query($connection, $queryEleven);
if (mysqli_num_rows($recordEleven) <= 0) {
$queryOne = "insert into contacts (userID, contactOf, isFriend)\n\t\t\t\t\t values ('{$uID}', '{$cOf}', '{$friend}')";
mysqli_query($connection, $queryOne);
$queryTen = "delete from block where user_id = '{$uID}' and blockedBy = '{$cOf}'";
mysqli_query($connection, $queryTen);
header('Location: contacts.php');
} else {
phpAlert("You have been blocked by the user who you are trying to add.");
}
} elseif (isset($_POST['edit']) == "Edit") {
$friend = mysqli_real_escape_string($connection, $_POST['isFriend']);
$blocked = mysqli_real_escape_string($connection, $_POST['isBlocked']);
$queryTwo = "update contacts set isFriend = '{$friend}'\n\t\t\t where userID = '{$uID}' and contactOf = '{$cOf}'";
if (mysqli_query($connection, $queryTwo)) {
header('Location: contacts.php');
}
} elseif (isset($_POST['delete']) == "Delete") {
$queryThree = "delete from contacts where userID = '{$uID}' and contactOf = '{$cOf}'";
if (mysqli_query($connection, $queryThree)) {
header('Location: contacts.php');
}
} elseif (isset($_POST['block']) == "Block") {
$querySeven = "insert into block (user_id, blockedBy) values ('{$uID}', '{$cOf}')";
if (isset($_POST['updateProfile']) == "Update Profile") {
$fname = mysqli_real_escape_string($connection, $_POST['firstname']);
$lname = mysqli_real_escape_string($connection, $_POST['lastname']);
$password = mysqli_real_escape_string($connection, $_POST['password']);
$confirm_password = mysqli_real_escape_string($connection, $_POST['confirm_password']);
echo 'Kindly press BACK button.';
if (empty($fname) or empty($lname) or empty($password) or empty($confirm_password)) {
phpAlert("Atleast one field was empty.");
} elseif ($password != $confirm_password) {
phpAlert("Passwords do not match. Please try again.");
} else {
$updateQuery = "update signup_details set firstname = '{$fname}', lastname = '{$lname}',\n password = '******' where email = '{$email}'";
if (mysqli_query($connection, $updateQuery)) {
header('Location: updateProfile.php');
} else {
phpAlert("Something went wrong while updating.");
}
}
}
?>
<!DOCTYPE html>
<html>
<head>
<link rel = "stylesheet" type = "text/css" href = "css/basic.css">
</head>
<body background = "images/back.jpg">
<h2 class = "white" style = "position: absolute; left: 1150px; top: 2px"><?php
echo $name;
}
function setUsername($username)
{
$this->username = $username;
}
function setPassword($password)
{
$this->password = $password;
}
}
$u = new User("kristof", "test");
$username = $u->getUsername();
$password = $u->getPassword();
phpAlert($username);
echo $username, "</br>";
phpAlert($password);
echo $password;
class UserDAO
{
public function createUser($username, $password)
{
$user = new User($username, $password);
if (!isset($_SESSION["allowedIn"])) {
$_SESSION["allowedIn"] = array();
}
array_push($_SESSION["allowedIn"], $user);
}
}
$userDAO = new UserDAO();
$userDAO->createUser("sofie", "test");
var_dump($userDAO);
$lname = mysqli_real_escape_string($connection, $_POST['lastname']);
$email = mysqli_real_escape_string($connection, $_POST['email']);
$username = mysqli_real_escape_string($connection, $_POST['username']);
$password = mysqli_real_escape_string($connection, $_POST['password']);
$confirm_password = mysqli_real_escape_string($connection, $_POST['confirm_password']);
echo 'Kindly press BACK button.';
if (checkIfEmailReused($connection, $email)) {
phpAlert("An account with this e-mail ID already exists.");
} elseif (checkIfUsernameReused($connection, $username)) {
phpAlert("An account with this username already exists.");
} elseif (empty($fname) or empty($lname) or empty($email) or empty($username) or empty($password) or empty($confirm_password)) {
phpAlert("Atleast one field was empty.");
} elseif (filter_var($email, FILTER_VALIDATE_EMAIL) == false) {
phpAlert("Email format is incorrect.");
} elseif ($password != $confirm_password) {
phpAlert("Passwords do not match. Please try again.");
} else {
$insert_query = "insert into signup_details (firstname, lastname, email, username, password)\n values ('{$fname}', '{$lname}', '{$email}', '{$username}', '{$password}')";
if (mysqli_query($connection, $insert_query)) {
$_SESSION['email'] = $email;
$_SESSION['username'] = $username;
$_SESSION['name'] = $fname . " " . $lname;
$_SESSION['userID'] = mysqli_insert_id($connection);
header('Location: dashboard.php');
} else {
$message = "ERROR: " . $insert_query . "<br>" . mysqli_error($connection);
phpAlert($message);
}
mysqli_close($connection);
}
}
} else {
$_SESSION['useremail'] = $useremail;
// if( $useremail=="*****@*****.**" && $userpassword=="administrator" )
// {
// $message = $Results['name']." Login Sucessfully as administrator!!";
// echo "<script> window.location.assign('admin.html'); </script>";
//
// }
$strSQL = mysqli_query($connection, "select fname from clients where email='" . $useremail . "' and pass='******'");
$Results = mysqli_fetch_array($strSQL);
if (count($Results) >= 1) {
$message = $Results['fname'] . " Login Sucessfully!!";
// echo "<script> window.location.assign('userstart.php'); </script>";
// echo"<script> window.location.href = 'userstart.php? email=$useremail';</script>";
echo "<script> window.location.href = 'userstart.php';</script>";
} else {
$message = "<p class='alert alert-warning fade in'>Invalid Login email or password!!</p>";
phpAlert("Invalid LOGIN Try again ");
}
echo $message;
}
}
}
?>
</div>
</div>
</div>
</div>
mysqli_query($connection, "insert into playlist (playlist_id, user_id, media_id, name) values (\n '{$pid}', '{$u_id}', '{$mediaID}', '{$playlist}')");
} else {
mysqli_query($connection, "update playlist set name = '{$playlist}' where user_id = '{$u_id}' and media_id = '{$mediaID}'");
}
}
}
$queryFive = mysqli_query($connection, "select * from media_organization where user_id = '{$u_id}' and isPlaylist = 'yes'");
$querySix = mysqli_query($connection, "select * from playlist where user_id = '{$u_id}' and media_id = '{$mediaID}'");
$recordSix = mysqli_fetch_assoc($querySix);
if (isset($_POST['postCommentScore'])) {
$q = mysqli_query($connection, "select * from media where media_id = '{$mediaID}'");
$r = mysqli_fetch_assoc($q);
$comment = isset($_POST['comment']) ? $_POST['comment'] : "";
$score = isset($_POST['score']) ? $_POST['score'] : 0;
if ($r['allowDiscussion'] == "no" and $r['allowScoring'] == "no") {
phpAlert('Posting comments and score for this media is not allowed.');
} elseif ($r['allowDiscussion'] == "yes" and $r['allowScoring'] == "no") {
if (!empty($comment)) {
mysqli_query($connection, "insert into comment (media_id, postedBy, comment)\n values ('{$mediaID}', '{$u_id}', '{$comment}')");
}
} elseif ($r['allowDiscussion'] == "no" and $r['allowScoring'] == "yes") {
postScore($connection, $mediaID, $u_id, $score);
} elseif ($r['allowDiscussion'] == "yes" and $r['allowScoring'] == "yes") {
if (!empty($comment)) {
mysqli_query($connection, "insert into comment (media_id, postedBy, comment)\n values ('{$mediaID}', '{$u_id}', '{$comment}')");
}
postScore($connection, $mediaID, $u_id, $score);
}
$incrementViews = false;
}
if ($incrementViews) {
$recordEleven = mysqli_fetch_assoc($queryEleven);
$cid = $recordEleven['media_org_id'];
$queryTen = mysqli_query($connection, "insert into channel (channel_id, user_id, media_id, name)\n\t\t\t\t\t\t\t\t values ('{$cid}', '{$uid}', '{$mediaID}', '{$channel}')");
}
$urlOne = "Location: editDeleteMedia.php?id=" . $mediaID;
header($urlOne);
}
}
if (isset($_POST['delete']) == "Delete") {
$directory = 'uploads' . DIRECTORY_SEPARATOR . $_SESSION['username'] . DIRECTORY_SEPARATOR . $recordOne['filename'];
if (unlink($directory)) {
$queryThree = "delete from media where media_id = '{$mediaID}'";
mysqli_query($connection, $queryThree);
header('Location: myUploads.php');
} else {
phpAlert("Something went wrong while deleting.");
}
}
?>
<!DOCTYPE html>
<html>
<head>
<link rel = "stylesheet" type = "text/css" href = "css/basic.css">
<body background = "images/back.jpg">
<h2 class = "white" style = "position: absolute; left: 1150px; top: 2px"><?php
echo $name;
?>
</h2>
<h1 class = "white" style = "position: absolute; left: 566px; top:65px;"> Edit/Delete </h1>
<a href = "logout.php"><img src = "images/logout.png" height = "45" width = "45"
}
$sql5 = "select email FROM adprof where email='{$email}' ";
$result5 = $link->query($sql5);
$sql6 = "select id FROM adprof where id='{$id}' ";
$result6 = $link->query($sql6);
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
echo "<p class='alert alert-danger'>Invalid email address please type a valid email!!</p>";
phpAlert("Invalid email address please type a valid email!! ");
} elseif ($result6->fetch_assoc() >= 1) {
$message = $id . " <p class='alert alert-danger'> ID already exists !!</p>";
echo $message;
phpAlert("Duplicate ID selected");
} elseif ($result5->fetch_assoc() >= 1) {
$message = $email . " <p class='alert alert-danger'>Email already exist!!</p>";
echo $message;
phpAlert($email . "_ already exists");
} else {
$sql = "insert into adprof(id,number,name,email,pass) values('{$id}','{$pnumber}','{$name}','{$email}','" . md5($correct) . "')";
if (mysqli_query($link, $sql)) {
echo "Signup Sucessfully!!";
phpAlert("Sign up Complete you can now Login into your account to Post your First Advertisement");
mysqli_close($link);
}
}
}
}
?>
</div>
</body>
<?php
session_start();
include_once "dbconnect.php";
include_once "functions.php";
$name = $_SESSION['name'];
$uid = $_SESSION['userID'];
if (isset($_POST['create'])) {
$gname = mysqli_real_escape_string($connection, $_POST['gname']);
$gdesc = mysqli_real_escape_string($connection, $_POST['gdescription']);
if (empty($gname) or empty($gdesc)) {
phpAlert("Atleast one field is empty.");
} else {
mysqli_query($connection, "insert into group_details (user_id, name, description)\n values ('{$uid}', '{$gname}', '{$gdesc}')");
$g_id = mysqli_insert_id($connection);
mysqli_query($connection, "insert into group_members (group_id, user_id)\n values ('{$g_id}', '{$uid}')");
header("Location: groups.php");
}
}
?>
<!DOCTYPE html>
<html>
<head>
<link rel = "stylesheet" type = "text/css" href = "css/basic.css">
</head>
<body background = "images/back.jpg">
<h2 class = "white" style = "position: absolute; left: 1150px; top: 2px"><?php
echo $name;
<?php
require_once 'business/UserService.php';
require_once 'debugger.php';
session_start();
/*
* To change this license header, choose License Headers in Project Properties.
* To change this template file, choose Tools | Templates
* and open the template in the editor.
*/
if (isset($_GET["action"]) && $_GET["action"] == "new") {
$usernname = $_POST["username"];
phpAlert($usernname);
phpAlert($_POST["password"]);
$userSvc = new UserService();
$userSvc->storeUser($_POST["username"], $_POST["password"]);
header("location:aanmelden.php");
exit(0);
}
include 'presentation/nieuwegebruikerForm.php';
if (isset($_POST['create']) == "Create") {
$playlistChannel = mysqli_real_escape_string($connection, $_POST['playlistChannel']);
$name = mysqli_real_escape_string($connection, $_POST['name']);
if (empty($playlistChannel) or empty($name)) {
phpAlert("Atleast one field was empty.");
}
if ($playlistChannel == "playlist") {
$isPlaylist = "yes";
$isChannel = "no";
} elseif ($playlistChannel == "channel") {
$isPlaylist = "no";
$isChannel = "yes";
}
$queryOne = "insert into media_organization (user_id, name, isChannel, isPlaylist)\n values ('{$uid}', '{$name}', '{$isChannel}', '{$isPlaylist}')";
if (mysqli_query($connection, $queryOne)) {
phpAlert($flag);
if ($flag == 0) {
header("Location: uploadMedia.php");
} else {
header("Location: mediaOrganization.php");
}
}
}
?>
<!DOCTYPE html>
<html>
<head>
<link rel = "stylesheet" type = "text/css" href = "css/basic.css">
</head>
<body background = "images/back.jpg">
if (file_exists("uploads/" . $_SESSION['username'] . '/' . $filename) and $fileInDBFlag == 1) {
phpAlert($filename . " already exists. ");
} else {
move_uploaded_file($_FILES["file"]["tmp_name"], "uploads/" . $_SESSION['username'] . "/" . $filename);
chmod("uploads/" . $_SESSION['username'] . "/" . $filename, 0755);
$queryTwo = "insert into media (user_id, title, description, filename, keywordOne, keywordTwo, keywordThree,\n category, shareWith, allowDiscussion, allowScoring, size, views, scoredBy, totalScore, averageScore) \n values ('{$userID}', '{$title}', '{$description}', '{$filename}', '{$keywordOne}',\n '{$keywordTwo}', '{$keywordThree}', '{$category}', '{$shareWith}', '{$allowDiscussion}', '{$allowScoring}',\n '{$filesize}', 0, 0, 0, 0)";
mysqli_query($connection, $queryTwo);
$m_id = mysqli_insert_id($connection);
if (!empty($playlist)) {
$queryFour = mysqli_query($connection, "select * from media_organization where user_id = '{$userID}'\n and isPlaylist = 'yes' and name = '{$playlist}'");
$recordFour = mysqli_fetch_assoc($queryFour);
$p_id = $recordFour['media_org_id'];
$queryThree = "insert into playlist (playlist_id, user_id, media_id, name)\n values ('{$p_id}','{$userID}', '{$m_id}', '{$playlist}')";
mysqli_query($connection, $queryThree);
}
if (!empty($channel)) {
$queryFive = mysqli_query($connection, "select * from media_organization where user_id = '{$userID}'\n and isChannel = 'yes' and name = '{$channel}'");
$recordFive = mysqli_fetch_assoc($queryFive);
$c_id = $recordFive['media_org_id'];
$querySix = "insert into channel (channel_id, user_id, media_id, name)\n values ('{$c_id}','{$userID}', '{$m_id}', '{$channel}')";
mysqli_query($connection, $querySix);
}
header('Location:myUploads.php');
}
}
} else {
phpAlert("Invalid file. Either file type or file size is not allowed.");
}
}
echo 'Kindly press BACK button.';
}
<?php
include_once "dbconnect.php";
include_once "functions.php";
session_start();
phpAlert('yes');
if (isset($_GET)) {
$mid = $_GET['mid'];
$uid = $_SESSION['userID'];
$query = "delete from favorite where user_id = '{$uid}' and media_id = '{$mid}'";
if (mysqli_query($connection, $query)) {
header("Location: mediaOrganization.php");
}
}
$correct = $_POST['pass1'];
} else {
echo "<p class='alert alert-danger'> >passwords dont match </p>";
phpAlert("Passwords dont match ");
}
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
echo "<p class='alert alert-danger'>Invalid email address please type a valid email!!</p>";
phpAlert("Invalid Email Address ");
} elseif ($result6->fetch_assoc() >= 1) {
$message = $id . " <p class='alert alert-danger'>DUPLICATE ID !!</p>";
echo $message;
phpAlert("Duplicate ID NUMBER");
} elseif ($result5->fetch_assoc() >= 1) {
$message = $email . " <p class='alert alert-danger'>Email already exist!!</p>";
echo $message;
phpAlert($email . " already exists ");
} else {
$sql = "insert into clients(fname,oname,id,phone,email,gender,dob,pass) values('{$fname}','{$oname}','{$id}','{$phone1}','{$email}','{$gender}','{$dob}','" . md5($correct) . "')";
if (mysqli_query($link, $sql)) {
echo "Signup Sucessfully!!";
phpgood("Sign up Successfull ...Login to proceed with booking ");
echo "<script> window.location.assign('Bookinglogin.php'); </script>";
//header("Location: Bookinglogin.php");
mysqli_close($link);
}
}
}
}
?>
</div>
</div>
</div>
</div>
<?php
function phpAlert($msg)
{
echo '<script type="text/javascript">alert("' . $msg . '")</script>';
}
if (isset($_POST['action'])) {
if ($_POST['action'] == "login") {
$connection = mysqli_connect('localhost', 'root', '', 'phpgang') or die(mysqli_error($connection));
$ademail = mysqli_real_escape_string($connection, $_POST['ademail']);
$userpassword = mysqli_real_escape_string($connection, $_POST['userpassword']);
$_SESSION['ademail'] = $ademail;
$strSQL = mysqli_query($connection, "select name from adprof where email='" . $ademail . "' and pass='******'");
$Results = mysqli_fetch_array($strSQL);
if (count($Results) >= 1) {
$message = $Results['name'] . " Login Sucessfully!!";
// echo "<script> window.location.assign('userstart.php'); </script>";
// echo"<script> window.location.href = 'userstart.php? email=$useremail';</script>";
echo "<script> window.location.href = 'advaddcar.php';</script>";
echo $_SESSION['ademail'];
} else {
$message = "<p class='alert alert-warning fade in'>Invalid Login email or password!!</p>";
phpAlert("INVALID LOGIN");
}
echo $message;
}
}
?>
