<?php
$session = new Session();
//the $session->applicant_id is the user_id of the admin
$user = AdminLog::find_by_id($session->applicant_id);
?>
<h5 align="center">Edit Profile</h5>
<hr>
<h6 align="center">All Fields are Required</h6>
<form action="" method="POST" class="create_form form-horizontal" >
<div class="control-group">
<label class="control-label" for="inputEmail">Surname</label>
<div class="controls">
<div class="input-prepend">
<span class="add-on"><i class="icon-user"></i></span>
<input type="text" id="surname" name="surname" placeholder="Enter surname" value="<?php
if (isset($user->surname)) {
echo $user->surname;
}
?>
" required />
</div>
</div>
</div>
<div class="control-group">
<label class="control-label" for="inputEmail">Other Names</label>
<div class="controls">
<div class="input-prepend">
<span class="add-on"><i class="icon-user"></i></span>
<input type="text" id="othernames" name="othernames" placeholder="Enter other names" value="<?php
sleep(2);
echo '<h4 class="alert alert-error">Error</h4>';
echo '<hr>';
echo "The E-mail:<font color='#FF0000'>'" . $user_exist->email . "'</font> already exists in our database";
echo '<br>';
echo 'Use the Close Button to Continue';
} elseif ($user_exist->staff_id == $staff_id) {
sleep(2);
echo '<h4 class="alert alert-error">Error</h4>';
echo '<hr>';
echo "The Staff ID:<font color='#FF0000'> '" . $user_exist->staff_id . "'</font> already exists in our database";
echo '<br>';
echo 'Use the Close Button to Continue';
} else {
//get current details from the db
$initial_details = AdminLog::find_by_id($session->applicant_id);
if ($initial_details->edit_status == 0 && $initial_details->password == htmlspecialchars(sha1($_POST['epassword']), ENT_QUOTES)) {
sleep(2);
echo '<h4 class="alert alert-error">Error</h4>';
echo '<hr>';
echo "You cannot use the same password<br> ";
echo '<hr>';
exit;
}
$user = new AdminLog();
$user->user_id = $session->applicant_id;
$user->surname = htmlspecialchars($_POST['surname'], ENT_QUOTES);
$user->othernames = htmlspecialchars($_POST['othernames'], ENT_QUOTES);
$user->password = htmlspecialchars(sha1($_POST['epassword']), ENT_QUOTES);
$user->email = htmlspecialchars($_POST['email'], ENT_QUOTES);
$user->staff_id = htmlspecialchars($_POST['staffid'], ENT_QUOTES);
<!-- Content -->
<div class="row-fluid">
<?php
include_layout_template('admin_menu.php');
?>
<div class="span9">
<h2>Read Notification</h2>
<hr>
<?php
$nid = customDecrypt($_POST["nid"]);
$from = customDecrypt($_POST["from"]);
$notification = NotificationLog::find_by_sql("SELECT * FROM `notifications` WHERE notification_id = " . $nid);
$notification = array_shift($notification);
$sender = AdminLog::find_by_id($notification->user_id);
$sender = show_role($sender->role, $sender->staff_id, $sender->department_id);
?>
<form action="<?php
echo $from;
?>
" method="POST" class="form-horizontal" >
<div class="control-group">
<label class="control-label" for="selectRecipient">Sender: </label>
<div class="controls">
<div class="input-prepend">
<span class="add-on"><i class="icon-user"></i></span>
<input type="text" class="input-large" value="<?php
if (isset($sender)) {
echo $sender;
} else {
echo '<h4 class="alert alert-error">Error</h4>';
echo '<hr>';
echo "Failed to insert into news event table.";
echo '<hr>';
}
break;
case 'update_news':
$news = new News_Events();
$news->db_fields = array('title', 'display_line', 'content', 'visible', 'verified_by', 'last_update');
$news->id = customDecrypt($_POST['nid']);
$news->title = $_POST['title'];
$news->display_line = $_POST['display_line'];
$news->content = $_POST['content'];
$news->visible = $_POST['status'];
$admin = AdminLog::find_by_id($_SESSION['applicant_id']);
$news->verified_by = $admin->surname . " " . $admin->othernames;
$time = time();
$news->last_update = date("Y-m-d H:i:s", $time);
if ($news->save()) {
echo '<h4 class="alert alert-success">Success</h4>';
echo '<hr>';
echo "<p>You have successfully updated news event table</p>";
echo '<hr>';
} else {
echo '<h4 class="alert alert-error">Error</h4>';
echo '<hr>';
echo "Failed to update news event table.";
echo '<hr>';
}
break;
<!-- //header -->
<br>
<br>
<!-- Content -->
<div class="row-fluid">
<?php
include_layout_template('admin_menu.php');
?>
<div class="span9">
<?php
if (isset($_POST["uid"])) {
$user_id = customDecrypt($_POST["uid"]);
$user = AdminLog::find_by_id($user_id);
if (isset($user->surname) && isset($user->othernames)) {
echo '<h5 align="center">Edit ' . $user->surname . ' ' . $user->othernames . '\'s Profile</h5>';
}
}
?>
<hr>
<form action="" method="POST" class="admin_edit_form form-horizontal" >
<div class="control-group">
<label class="control-label" for="inputSurname">Surname</label>
<div class="controls">
<div class="input-prepend">
<span class="add-on"><i class="icon-user"></i></span>
<input type="text" id="surname" name="surname" placeholder="Enter surname" value="<?php
if (isset($user->surname)) {
echo $user->surname;
