<?php $session = new Session(); //the $session->applicant_id is the user_id of the admin $user = AdminLog::find_by_id($session->applicant_id); ?> <h5 align="center">Edit Profile</h5> <hr> <h6 align="center">All Fields are Required</h6> <form action="" method="POST" class="create_form form-horizontal" > <div class="control-group"> <label class="control-label" for="inputEmail">Surname</label> <div class="controls"> <div class="input-prepend"> <span class="add-on"><i class="icon-user"></i></span> <input type="text" id="surname" name="surname" placeholder="Enter surname" value="<?php if (isset($user->surname)) { echo $user->surname; } ?> " required /> </div> </div> </div> <div class="control-group"> <label class="control-label" for="inputEmail">Other Names</label> <div class="controls"> <div class="input-prepend"> <span class="add-on"><i class="icon-user"></i></span> <input type="text" id="othernames" name="othernames" placeholder="Enter other names" value="<?php
sleep(2); echo '<h4 class="alert alert-error">Error</h4>'; echo '<hr>'; echo "The E-mail:<font color='#FF0000'>'" . $user_exist->email . "'</font> already exists in our database"; echo '<br>'; echo 'Use the Close Button to Continue'; } elseif ($user_exist->staff_id == $staff_id) { sleep(2); echo '<h4 class="alert alert-error">Error</h4>'; echo '<hr>'; echo "The Staff ID:<font color='#FF0000'> '" . $user_exist->staff_id . "'</font> already exists in our database"; echo '<br>'; echo 'Use the Close Button to Continue'; } else { //get current details from the db $initial_details = AdminLog::find_by_id($session->applicant_id); if ($initial_details->edit_status == 0 && $initial_details->password == htmlspecialchars(sha1($_POST['epassword']), ENT_QUOTES)) { sleep(2); echo '<h4 class="alert alert-error">Error</h4>'; echo '<hr>'; echo "You cannot use the same password<br> "; echo '<hr>'; exit; } $user = new AdminLog(); $user->user_id = $session->applicant_id; $user->surname = htmlspecialchars($_POST['surname'], ENT_QUOTES); $user->othernames = htmlspecialchars($_POST['othernames'], ENT_QUOTES); $user->password = htmlspecialchars(sha1($_POST['epassword']), ENT_QUOTES); $user->email = htmlspecialchars($_POST['email'], ENT_QUOTES); $user->staff_id = htmlspecialchars($_POST['staffid'], ENT_QUOTES);
<!-- Content --> <div class="row-fluid"> <?php include_layout_template('admin_menu.php'); ?> <div class="span9"> <h2>Read Notification</h2> <hr> <?php $nid = customDecrypt($_POST["nid"]); $from = customDecrypt($_POST["from"]); $notification = NotificationLog::find_by_sql("SELECT * FROM `notifications` WHERE notification_id = " . $nid); $notification = array_shift($notification); $sender = AdminLog::find_by_id($notification->user_id); $sender = show_role($sender->role, $sender->staff_id, $sender->department_id); ?> <form action="<?php echo $from; ?> " method="POST" class="form-horizontal" > <div class="control-group"> <label class="control-label" for="selectRecipient">Sender: </label> <div class="controls"> <div class="input-prepend"> <span class="add-on"><i class="icon-user"></i></span> <input type="text" class="input-large" value="<?php if (isset($sender)) { echo $sender;
} else { echo '<h4 class="alert alert-error">Error</h4>'; echo '<hr>'; echo "Failed to insert into news event table."; echo '<hr>'; } break; case 'update_news': $news = new News_Events(); $news->db_fields = array('title', 'display_line', 'content', 'visible', 'verified_by', 'last_update'); $news->id = customDecrypt($_POST['nid']); $news->title = $_POST['title']; $news->display_line = $_POST['display_line']; $news->content = $_POST['content']; $news->visible = $_POST['status']; $admin = AdminLog::find_by_id($_SESSION['applicant_id']); $news->verified_by = $admin->surname . " " . $admin->othernames; $time = time(); $news->last_update = date("Y-m-d H:i:s", $time); if ($news->save()) { echo '<h4 class="alert alert-success">Success</h4>'; echo '<hr>'; echo "<p>You have successfully updated news event table</p>"; echo '<hr>'; } else { echo '<h4 class="alert alert-error">Error</h4>'; echo '<hr>'; echo "Failed to update news event table."; echo '<hr>'; } break;
<!-- //header --> <br> <br> <!-- Content --> <div class="row-fluid"> <?php include_layout_template('admin_menu.php'); ?> <div class="span9"> <?php if (isset($_POST["uid"])) { $user_id = customDecrypt($_POST["uid"]); $user = AdminLog::find_by_id($user_id); if (isset($user->surname) && isset($user->othernames)) { echo '<h5 align="center">Edit ' . $user->surname . ' ' . $user->othernames . '\'s Profile</h5>'; } } ?> <hr> <form action="" method="POST" class="admin_edit_form form-horizontal" > <div class="control-group"> <label class="control-label" for="inputSurname">Surname</label> <div class="controls"> <div class="input-prepend"> <span class="add-on"><i class="icon-user"></i></span> <input type="text" id="surname" name="surname" placeholder="Enter surname" value="<?php if (isset($user->surname)) { echo $user->surname;