<?php session_start(); include_once 'dbconnect.php'; include_once 'functions.php'; if (isset($_POST['signin']) == "Sign In") { $username = mysqli_real_escape_string($connection, $_POST['username']); $password = mysqli_real_escape_string($connection, $_POST['password']); $select_query = mysqli_query($connection, "select * from signup_details where username = '******'\n and password = '******'"); $record = mysqli_fetch_assoc($select_query); $_SESSION['email'] = $record['email']; $_SESSION['username'] = $record['username']; $_SESSION['name'] = $record['firstname'] . " " . $record['lastname']; $_SESSION['userID'] = $record['signup_id']; if (count($record) > 0) { header('Location: dashboard.php'); } else { phpAlert("Either username or password is incorrect."); echo 'Kindly press BACK button.'; } }
include_once "functions.php"; $uID = $_GET['uid']; $cOf = $_SESSION['userID']; $name = $_SESSION['name']; if (isset($_POST['add']) == "Add") { $friend = mysqli_real_escape_string($connection, $_POST['isFriend']); $queryEleven = "select * from block where user_id = '{$cOf}' and blockedBy = '{$uID}'"; $recordEleven = mysqli_query($connection, $queryEleven); if (mysqli_num_rows($recordEleven) <= 0) { $queryOne = "insert into contacts (userID, contactOf, isFriend)\n\t\t\t\t\t values ('{$uID}', '{$cOf}', '{$friend}')"; mysqli_query($connection, $queryOne); $queryTen = "delete from block where user_id = '{$uID}' and blockedBy = '{$cOf}'"; mysqli_query($connection, $queryTen); header('Location: contacts.php'); } else { phpAlert("You have been blocked by the user who you are trying to add."); } } elseif (isset($_POST['edit']) == "Edit") { $friend = mysqli_real_escape_string($connection, $_POST['isFriend']); $blocked = mysqli_real_escape_string($connection, $_POST['isBlocked']); $queryTwo = "update contacts set isFriend = '{$friend}'\n\t\t\t where userID = '{$uID}' and contactOf = '{$cOf}'"; if (mysqli_query($connection, $queryTwo)) { header('Location: contacts.php'); } } elseif (isset($_POST['delete']) == "Delete") { $queryThree = "delete from contacts where userID = '{$uID}' and contactOf = '{$cOf}'"; if (mysqli_query($connection, $queryThree)) { header('Location: contacts.php'); } } elseif (isset($_POST['block']) == "Block") { $querySeven = "insert into block (user_id, blockedBy) values ('{$uID}', '{$cOf}')";
if (isset($_POST['updateProfile']) == "Update Profile") { $fname = mysqli_real_escape_string($connection, $_POST['firstname']); $lname = mysqli_real_escape_string($connection, $_POST['lastname']); $password = mysqli_real_escape_string($connection, $_POST['password']); $confirm_password = mysqli_real_escape_string($connection, $_POST['confirm_password']); echo 'Kindly press BACK button.'; if (empty($fname) or empty($lname) or empty($password) or empty($confirm_password)) { phpAlert("Atleast one field was empty."); } elseif ($password != $confirm_password) { phpAlert("Passwords do not match. Please try again."); } else { $updateQuery = "update signup_details set firstname = '{$fname}', lastname = '{$lname}',\n password = '******' where email = '{$email}'"; if (mysqli_query($connection, $updateQuery)) { header('Location: updateProfile.php'); } else { phpAlert("Something went wrong while updating."); } } } ?> <!DOCTYPE html> <html> <head> <link rel = "stylesheet" type = "text/css" href = "css/basic.css"> </head> <body background = "images/back.jpg"> <h2 class = "white" style = "position: absolute; left: 1150px; top: 2px"><?php echo $name;
} function setUsername($username) { $this->username = $username; } function setPassword($password) { $this->password = $password; } } $u = new User("kristof", "test"); $username = $u->getUsername(); $password = $u->getPassword(); phpAlert($username); echo $username, "</br>"; phpAlert($password); echo $password; class UserDAO { public function createUser($username, $password) { $user = new User($username, $password); if (!isset($_SESSION["allowedIn"])) { $_SESSION["allowedIn"] = array(); } array_push($_SESSION["allowedIn"], $user); } } $userDAO = new UserDAO(); $userDAO->createUser("sofie", "test"); var_dump($userDAO);
$lname = mysqli_real_escape_string($connection, $_POST['lastname']); $email = mysqli_real_escape_string($connection, $_POST['email']); $username = mysqli_real_escape_string($connection, $_POST['username']); $password = mysqli_real_escape_string($connection, $_POST['password']); $confirm_password = mysqli_real_escape_string($connection, $_POST['confirm_password']); echo 'Kindly press BACK button.'; if (checkIfEmailReused($connection, $email)) { phpAlert("An account with this e-mail ID already exists."); } elseif (checkIfUsernameReused($connection, $username)) { phpAlert("An account with this username already exists."); } elseif (empty($fname) or empty($lname) or empty($email) or empty($username) or empty($password) or empty($confirm_password)) { phpAlert("Atleast one field was empty."); } elseif (filter_var($email, FILTER_VALIDATE_EMAIL) == false) { phpAlert("Email format is incorrect."); } elseif ($password != $confirm_password) { phpAlert("Passwords do not match. Please try again."); } else { $insert_query = "insert into signup_details (firstname, lastname, email, username, password)\n values ('{$fname}', '{$lname}', '{$email}', '{$username}', '{$password}')"; if (mysqli_query($connection, $insert_query)) { $_SESSION['email'] = $email; $_SESSION['username'] = $username; $_SESSION['name'] = $fname . " " . $lname; $_SESSION['userID'] = mysqli_insert_id($connection); header('Location: dashboard.php'); } else { $message = "ERROR: " . $insert_query . "<br>" . mysqli_error($connection); phpAlert($message); } mysqli_close($connection); } }
} else { $_SESSION['useremail'] = $useremail; // if( $useremail=="*****@*****.**" && $userpassword=="administrator" ) // { // $message = $Results['name']." Login Sucessfully as administrator!!"; // echo "<script> window.location.assign('admin.html'); </script>"; // // } $strSQL = mysqli_query($connection, "select fname from clients where email='" . $useremail . "' and pass='******'"); $Results = mysqli_fetch_array($strSQL); if (count($Results) >= 1) { $message = $Results['fname'] . " Login Sucessfully!!"; // echo "<script> window.location.assign('userstart.php'); </script>"; // echo"<script> window.location.href = 'userstart.php? email=$useremail';</script>"; echo "<script> window.location.href = 'userstart.php';</script>"; } else { $message = "<p class='alert alert-warning fade in'>Invalid Login email or password!!</p>"; phpAlert("Invalid LOGIN Try again "); } echo $message; } } } ?> </div> </div> </div> </div>
mysqli_query($connection, "insert into playlist (playlist_id, user_id, media_id, name) values (\n '{$pid}', '{$u_id}', '{$mediaID}', '{$playlist}')"); } else { mysqli_query($connection, "update playlist set name = '{$playlist}' where user_id = '{$u_id}' and media_id = '{$mediaID}'"); } } } $queryFive = mysqli_query($connection, "select * from media_organization where user_id = '{$u_id}' and isPlaylist = 'yes'"); $querySix = mysqli_query($connection, "select * from playlist where user_id = '{$u_id}' and media_id = '{$mediaID}'"); $recordSix = mysqli_fetch_assoc($querySix); if (isset($_POST['postCommentScore'])) { $q = mysqli_query($connection, "select * from media where media_id = '{$mediaID}'"); $r = mysqli_fetch_assoc($q); $comment = isset($_POST['comment']) ? $_POST['comment'] : ""; $score = isset($_POST['score']) ? $_POST['score'] : 0; if ($r['allowDiscussion'] == "no" and $r['allowScoring'] == "no") { phpAlert('Posting comments and score for this media is not allowed.'); } elseif ($r['allowDiscussion'] == "yes" and $r['allowScoring'] == "no") { if (!empty($comment)) { mysqli_query($connection, "insert into comment (media_id, postedBy, comment)\n values ('{$mediaID}', '{$u_id}', '{$comment}')"); } } elseif ($r['allowDiscussion'] == "no" and $r['allowScoring'] == "yes") { postScore($connection, $mediaID, $u_id, $score); } elseif ($r['allowDiscussion'] == "yes" and $r['allowScoring'] == "yes") { if (!empty($comment)) { mysqli_query($connection, "insert into comment (media_id, postedBy, comment)\n values ('{$mediaID}', '{$u_id}', '{$comment}')"); } postScore($connection, $mediaID, $u_id, $score); } $incrementViews = false; } if ($incrementViews) {
$recordEleven = mysqli_fetch_assoc($queryEleven); $cid = $recordEleven['media_org_id']; $queryTen = mysqli_query($connection, "insert into channel (channel_id, user_id, media_id, name)\n\t\t\t\t\t\t\t\t values ('{$cid}', '{$uid}', '{$mediaID}', '{$channel}')"); } $urlOne = "Location: editDeleteMedia.php?id=" . $mediaID; header($urlOne); } } if (isset($_POST['delete']) == "Delete") { $directory = 'uploads' . DIRECTORY_SEPARATOR . $_SESSION['username'] . DIRECTORY_SEPARATOR . $recordOne['filename']; if (unlink($directory)) { $queryThree = "delete from media where media_id = '{$mediaID}'"; mysqli_query($connection, $queryThree); header('Location: myUploads.php'); } else { phpAlert("Something went wrong while deleting."); } } ?> <!DOCTYPE html> <html> <head> <link rel = "stylesheet" type = "text/css" href = "css/basic.css"> <body background = "images/back.jpg"> <h2 class = "white" style = "position: absolute; left: 1150px; top: 2px"><?php echo $name; ?> </h2> <h1 class = "white" style = "position: absolute; left: 566px; top:65px;"> Edit/Delete </h1> <a href = "logout.php"><img src = "images/logout.png" height = "45" width = "45"
} $sql5 = "select email FROM adprof where email='{$email}' "; $result5 = $link->query($sql5); $sql6 = "select id FROM adprof where id='{$id}' "; $result6 = $link->query($sql6); if (!filter_var($email, FILTER_VALIDATE_EMAIL)) { echo "<p class='alert alert-danger'>Invalid email address please type a valid email!!</p>"; phpAlert("Invalid email address please type a valid email!! "); } elseif ($result6->fetch_assoc() >= 1) { $message = $id . " <p class='alert alert-danger'> ID already exists !!</p>"; echo $message; phpAlert("Duplicate ID selected"); } elseif ($result5->fetch_assoc() >= 1) { $message = $email . " <p class='alert alert-danger'>Email already exist!!</p>"; echo $message; phpAlert($email . "_ already exists"); } else { $sql = "insert into adprof(id,number,name,email,pass) values('{$id}','{$pnumber}','{$name}','{$email}','" . md5($correct) . "')"; if (mysqli_query($link, $sql)) { echo "Signup Sucessfully!!"; phpAlert("Sign up Complete you can now Login into your account to Post your First Advertisement"); mysqli_close($link); } } } } ?> </div> </body>
<?php session_start(); include_once "dbconnect.php"; include_once "functions.php"; $name = $_SESSION['name']; $uid = $_SESSION['userID']; if (isset($_POST['create'])) { $gname = mysqli_real_escape_string($connection, $_POST['gname']); $gdesc = mysqli_real_escape_string($connection, $_POST['gdescription']); if (empty($gname) or empty($gdesc)) { phpAlert("Atleast one field is empty."); } else { mysqli_query($connection, "insert into group_details (user_id, name, description)\n values ('{$uid}', '{$gname}', '{$gdesc}')"); $g_id = mysqli_insert_id($connection); mysqli_query($connection, "insert into group_members (group_id, user_id)\n values ('{$g_id}', '{$uid}')"); header("Location: groups.php"); } } ?> <!DOCTYPE html> <html> <head> <link rel = "stylesheet" type = "text/css" href = "css/basic.css"> </head> <body background = "images/back.jpg"> <h2 class = "white" style = "position: absolute; left: 1150px; top: 2px"><?php echo $name;
<?php require_once 'business/UserService.php'; require_once 'debugger.php'; session_start(); /* * To change this license header, choose License Headers in Project Properties. * To change this template file, choose Tools | Templates * and open the template in the editor. */ if (isset($_GET["action"]) && $_GET["action"] == "new") { $usernname = $_POST["username"]; phpAlert($usernname); phpAlert($_POST["password"]); $userSvc = new UserService(); $userSvc->storeUser($_POST["username"], $_POST["password"]); header("location:aanmelden.php"); exit(0); } include 'presentation/nieuwegebruikerForm.php';
if (isset($_POST['create']) == "Create") { $playlistChannel = mysqli_real_escape_string($connection, $_POST['playlistChannel']); $name = mysqli_real_escape_string($connection, $_POST['name']); if (empty($playlistChannel) or empty($name)) { phpAlert("Atleast one field was empty."); } if ($playlistChannel == "playlist") { $isPlaylist = "yes"; $isChannel = "no"; } elseif ($playlistChannel == "channel") { $isPlaylist = "no"; $isChannel = "yes"; } $queryOne = "insert into media_organization (user_id, name, isChannel, isPlaylist)\n values ('{$uid}', '{$name}', '{$isChannel}', '{$isPlaylist}')"; if (mysqli_query($connection, $queryOne)) { phpAlert($flag); if ($flag == 0) { header("Location: uploadMedia.php"); } else { header("Location: mediaOrganization.php"); } } } ?> <!DOCTYPE html> <html> <head> <link rel = "stylesheet" type = "text/css" href = "css/basic.css"> </head> <body background = "images/back.jpg">
if (file_exists("uploads/" . $_SESSION['username'] . '/' . $filename) and $fileInDBFlag == 1) { phpAlert($filename . " already exists. "); } else { move_uploaded_file($_FILES["file"]["tmp_name"], "uploads/" . $_SESSION['username'] . "/" . $filename); chmod("uploads/" . $_SESSION['username'] . "/" . $filename, 0755); $queryTwo = "insert into media (user_id, title, description, filename, keywordOne, keywordTwo, keywordThree,\n category, shareWith, allowDiscussion, allowScoring, size, views, scoredBy, totalScore, averageScore) \n values ('{$userID}', '{$title}', '{$description}', '{$filename}', '{$keywordOne}',\n '{$keywordTwo}', '{$keywordThree}', '{$category}', '{$shareWith}', '{$allowDiscussion}', '{$allowScoring}',\n '{$filesize}', 0, 0, 0, 0)"; mysqli_query($connection, $queryTwo); $m_id = mysqli_insert_id($connection); if (!empty($playlist)) { $queryFour = mysqli_query($connection, "select * from media_organization where user_id = '{$userID}'\n and isPlaylist = 'yes' and name = '{$playlist}'"); $recordFour = mysqli_fetch_assoc($queryFour); $p_id = $recordFour['media_org_id']; $queryThree = "insert into playlist (playlist_id, user_id, media_id, name)\n values ('{$p_id}','{$userID}', '{$m_id}', '{$playlist}')"; mysqli_query($connection, $queryThree); } if (!empty($channel)) { $queryFive = mysqli_query($connection, "select * from media_organization where user_id = '{$userID}'\n and isChannel = 'yes' and name = '{$channel}'"); $recordFive = mysqli_fetch_assoc($queryFive); $c_id = $recordFive['media_org_id']; $querySix = "insert into channel (channel_id, user_id, media_id, name)\n values ('{$c_id}','{$userID}', '{$m_id}', '{$channel}')"; mysqli_query($connection, $querySix); } header('Location:myUploads.php'); } } } else { phpAlert("Invalid file. Either file type or file size is not allowed."); } } echo 'Kindly press BACK button.'; }
<?php include_once "dbconnect.php"; include_once "functions.php"; session_start(); phpAlert('yes'); if (isset($_GET)) { $mid = $_GET['mid']; $uid = $_SESSION['userID']; $query = "delete from favorite where user_id = '{$uid}' and media_id = '{$mid}'"; if (mysqli_query($connection, $query)) { header("Location: mediaOrganization.php"); } }
$correct = $_POST['pass1']; } else { echo "<p class='alert alert-danger'> >passwords dont match </p>"; phpAlert("Passwords dont match "); } if (!filter_var($email, FILTER_VALIDATE_EMAIL)) { echo "<p class='alert alert-danger'>Invalid email address please type a valid email!!</p>"; phpAlert("Invalid Email Address "); } elseif ($result6->fetch_assoc() >= 1) { $message = $id . " <p class='alert alert-danger'>DUPLICATE ID !!</p>"; echo $message; phpAlert("Duplicate ID NUMBER"); } elseif ($result5->fetch_assoc() >= 1) { $message = $email . " <p class='alert alert-danger'>Email already exist!!</p>"; echo $message; phpAlert($email . " already exists "); } else { $sql = "insert into clients(fname,oname,id,phone,email,gender,dob,pass) values('{$fname}','{$oname}','{$id}','{$phone1}','{$email}','{$gender}','{$dob}','" . md5($correct) . "')"; if (mysqli_query($link, $sql)) { echo "Signup Sucessfully!!"; phpgood("Sign up Successfull ...Login to proceed with booking "); echo "<script> window.location.assign('Bookinglogin.php'); </script>"; //header("Location: Bookinglogin.php"); mysqli_close($link); } } } } ?> </div> </div>
</div> </div> <?php function phpAlert($msg) { echo '<script type="text/javascript">alert("' . $msg . '")</script>'; } if (isset($_POST['action'])) { if ($_POST['action'] == "login") { $connection = mysqli_connect('localhost', 'root', '', 'phpgang') or die(mysqli_error($connection)); $ademail = mysqli_real_escape_string($connection, $_POST['ademail']); $userpassword = mysqli_real_escape_string($connection, $_POST['userpassword']); $_SESSION['ademail'] = $ademail; $strSQL = mysqli_query($connection, "select name from adprof where email='" . $ademail . "' and pass='******'"); $Results = mysqli_fetch_array($strSQL); if (count($Results) >= 1) { $message = $Results['name'] . " Login Sucessfully!!"; // echo "<script> window.location.assign('userstart.php'); </script>"; // echo"<script> window.location.href = 'userstart.php? email=$useremail';</script>"; echo "<script> window.location.href = 'advaddcar.php';</script>"; echo $_SESSION['ademail']; } else { $message = "<p class='alert alert-warning fade in'>Invalid Login email or password!!</p>"; phpAlert("INVALID LOGIN"); } echo $message; } } ?>