Пример #1
0
function print_mytasks_page()
{
    //jak wcisniety byl przycisk to wywolaj kasowanie zadan
    if (isset($_POST['del_task_submit'])) {
        del_finished_tasks();
    }
    if (isset($_POST['cancel_task_submit'])) {
        cancel_task();
    }
    if ($_SESSION['access_level'] >= 100) {
        $query = "SELECT \r\n            id_user,\r\n            user_name, \r\n            user_imie, \r\n            user_nazwisko, \r\n            user_dzial\r\n            FROM sms.users;";
        $users = get_from_db($query);
        echo '<table class="content">
                    <tr></tr>
                    <tr>
                        <td>
                    <form action="index.php" method="POST">
                        <select name="find_user_id">
                        <option value="' . $_SESSION["user_name"] . '">Moje -> ' . $_SESSION["user_name"] . '</option>
                        <option value="*">Wszystkie</option>';
        foreach ($users as $single_user_row) {
            echo '<option value="' . $single_user_row["id_user"] . '">' . $single_user_row["user_name"] . ' @ ' . $single_user_row["user_imie"] . ' ' . $single_user_row["user_nazwisko"] . ' ' . $single_user_row["user_dzial"] . '</option>';
        }
        echo '
                        </select>
                        <input type="hidden" name="kat" value="mytasks"/>
                        <input style="width: 100px;"type="submit" value="Wyszukaj" name="find_user"/>';
        //akt user
        //all
        //z bazy
        if (isset($_POST['find_user_id']) && !empty($_POST['find_user_id'])) {
            if ($_POST['find_user_id'] === $_SESSION['id_user']) {
                $dbres["user_name"] = $_SESSION['user_name'];
            } else {
                if ($_POST['find_user_id'] === '*') {
                    $dbres["user_name"] = 'wszystkie';
                } else {
                    $selected_user_id = $_POST['find_user_id'];
                    $dbres = find_user_by_id($selected_user_id);
                }
            }
        } else {
            $dbres["user_name"] = $_SESSION['user_name'];
        }
        //if(isset($_SESSION['id_user'])&&!empty($_SESSION['id_user'])){ $selected_user = $_SESSION['id_user'];}
        echo '<p class="msg">Wybrany użytkownik: ' . $dbres["user_name"] . '</p>';
        echo '</form>
                    </td>
                    </tr>
                </table>';
    }
    print_current_tasks();
    print_mytasks();
}
Пример #2
0
<?php

require_once "../../includes/sessions.php";
require_once "../../includes/db_connect.php";
require_once "../../includes/functions.php";
require_once "../../includes/validations_functions.php";
include "../../includes/layouts/page_header.php";
logged_in();
if (isset($_GET["userid"])) {
    $current_user = find_user_by_id($_GET["userid"]);
} else {
    $current_user = null;
}
if (!$current_user["id"]) {
    redirect_to("manage_users.php");
}
?>

<?php 
if (isset($_POST['submit'])) {
    $username = mysqli_prep($_POST["username"]);
    $password = password_encrypt($_POST["password"]);
    $required_fields = array("username", "password");
    validate_presences($required_fields);
    $field_with_max_lengths = array("username" => 60);
    validate_max_lengths($field_with_max_lengths);
    if (empty($errors)) {
        $id = $current_user["id"];
        $update_query = "UPDATE users SET ";
        $update_query .= "username = '******', ";
        $update_query .= "hashed_password = '******' ";
Пример #3
0
function make_comment_from_id($comment_id)
{
    $comment = get_comment_by_id($comment_id);
    $user = find_user_by_id($comment["user_id"]);
    $votes = get_votes_by_comment_id($comment_id);
    $formatted_votes = format_votes($votes);
    $avatar = get_user_avatar($comment["user_id"])["file_path"];
    // bug where time since doesn;'t show, figure it out later (edit, this fixes that)
    $time = format_time_in_words(strtotime($comment["date"]));
    if ($time == "") {
        $time_text = "now";
    } else {
        $time_text = $time . " ago ";
    }
    $output = "<div class=\"row comment_output_panel\" data-comment-id=\"{$comment_id}\">";
    $output .= "<div>";
    $output .= "<img class=\"left\" src=\"" . $avatar . "\"/>";
    $output .= "</div>";
    $output .= "<div class=\"comment_output\">";
    $output .= "<div ><span class=\"comment_output_info_label\">";
    $output .= "<a href=\"user.php?user="******"user_id"] . "\">" . $user["username"] . "</a>";
    $output .= "</span> ";
    $output .= "<span> " . $time_text . " </span></div>";
    $output .= "<div>";
    $output .= $comment["text"];
    $output .= "</div>";
    $output .= "<div class=\"vote_panel\">";
    $output .= "<span class=\"upvote_button  ";
    if (user_logged_in() && already_upvoted($_SESSION["user_id"], $comment_id)) {
        $output .= "upvote_button_clicked";
    }
    $output .= "\">";
    $output .= "<i class=\"fi-like\" ></i> Upvote <span class=\"vote_display_box ";
    if ($votes != "null" && (int) $votes > 0) {
        $output .= " positive_votes ";
    } else {
        if ($votes != "null" && (int) $votes < 0) {
            $output .= " negative_votes ";
        } else {
            if ($votes != "null" && (int) $votes == 0) {
                $output .= " zero_votes ";
            }
        }
    }
    $output .= "\" >" . $formatted_votes . "</span>";
    $output .= "</span>";
    $output .= "<span class=\"downvote_button ";
    if (user_logged_in() && already_downvoted($_SESSION["user_id"], $comment_id)) {
        $output .= "downvote_button_clicked";
    }
    $output .= "\">";
    $output .= "<i class=\"fi-dislike\" >   </i>";
    $output .= "</span>";
    $output .= "</div>";
    $output .= "</div>";
    $output .= "</div>";
    return $output;
}
Пример #4
0
<?php

session_start();
include 'filters/user_filter.php';
require 'config/dbconnect.php';
require 'includes/functions.php';
require 'includes/constants.php';
require 'initialization/locale.php';
if (!empty($_GET['id'])) {
    //Dans le cas où l'utilisateur existe, on va récupérer les infos sur lui en BDD en utilisant son id
    $user = find_user_by_id($_GET['id']);
    //var_dump($user->firstname);
    //die();
    if (!$user) {
        redirect('index.php');
    }
} else {
    redirect('profile.php?id=' . get_session('user_id'));
    //Sinon, on le redirige avec le bon id
}
require 'views/profile.view.php';
Пример #5
0
function find_appointment($cid, $app)
{
    $fields = array('ActionDate', 'ActionType', 'ActionDescription', 'ContactId', 'EndDate', 'ContactId', 'UserId');
    $query = array('UserID' => $cid, IsAppointment => 1);
    $result = $app->dsQuery('ContactAction', 10000, 0, $query, $fields);
    if ($cid == 0) {
        $query = array(IsAppointment => 1);
    }
    $result = $app->dsQuery('ContactAction', 10000, 0, $query, $fields);
    //echo "nombre de rendez vous pour cet utilisateur ". $count=count($result)." <br>";
    // $contact=find_contact_by_id($app,)
    //echo json_encode($result);
    // echo ($result->ActionDate);
    //echo json_encode( $result);
    $apointment = array();
    $count = count($result);
    for ($x = 0; $x < $count; $x++) {
        $user = find_user_by_id($app, $result[$x]['UserId'])[0];
        $contact = find_contact_by_id($app, $result[$x]['ContactId'])[0];
        $apointment[$x]['start'] = (string) date('c', strtotime($result[$x]['ActionDate']));
        $apointment[$x]['end'] = (string) date('c', strtotime($result[$x]['EndDate']));
        //$apointment[$x]['description']= $result[$x]['ActionDescription'];
        $apointment[$x]['user'] = $user['FirstName'] . " " . $user['LastName'];
        $apointment[$x]['contact'] = $contact['FirstName'] . " " . $contact['LastName'];
        $apointment[$x]['title'] = $result[$x]['ActionDescription'];
    }
    echo json_encode($apointment);
}
Пример #6
0
<?php

require_once "functions.php";
require_once "db_connection.php";
require_once "session.php";
if (!isset($_SESSION['id'])) {
    redirect_to("index.php");
} else {
    // fill the form
    $result = find_user_by_id($_SESSION['id']);
    $old_info = mysqli_fetch_row($result);
}
if (isset($_POST["edit"])) {
    $errors = array();
    //errors array
    validate_fields($_POST);
    if (!empty($_FILES["avatar"]["name"])) {
        validate_uploaded_image($_FILES["avatar"]);
        // validate the extension
    }
    if (empty($errors)) {
        // try to register
        $id = $_SESSION['id'];
        $firstname = mysqli_real_escape_string($db, $_POST["firstname"]);
        // to avoid SQL INjection
        $lastname = mysqli_real_escape_string($db, $_POST["lastname"]);
        $password = password_hash($_POST["password"], PASSWORD_DEFAULT);
        $email = mysqli_real_escape_string($db, $_POST["email"]);
        $credit = $_POST['credit'];
        if ($_FILES["avatar"]["name"] !== "") {
            $old_image = get_user_avatar($_SESSION['id']);
<?php

require_once "../includes/session.php";
require_once "../includes/db_connection.php";
require_once "../includes/functions.php";
require_once "../includes/validation_functions.php";
?>

<?php 
confirm_logged_in();
?>

<?php 
$user = find_user_by_id($_GET["id"]);
if (!$user) {
    redirect_to("manage_users.php");
}
?>

<?php 
if (isset($_POST['submit'])) {
    // Process the form
    // Validations
    $required_fields = array("username", "password");
    validate_presences($required_fields);
    $fields_with_max_lengths = array("username" => 30);
    validate_max_lengths($fields_with_max_lengths);
    if (empty($errors)) {
        //Perform Update
        $id = $user["id"];
        $username = mysql_prep($_POST["username"]);
Пример #8
0
function get_user_credit($user_id)
{
    $result = find_user_by_id($user_id);
    $user = mysqli_fetch_row($result);
    return $user[5];
}
Пример #9
0
<?php

require_once "../includes/session.php";
require_once "../includes/db_connection.php";
require_once "../includes/functions.php";
if (!isset($_GET["user"])) {
    set_error_output("No user selected");
} else {
    $user = find_user_by_id($_GET["user"]);
    if (!$user) {
        set_error_output("User not found. ");
    } else {
        if ($user["id"] == $_SESSION["user_id"]) {
            $users_profile = true;
        } else {
            $users_profile = false;
        }
    }
}
include "../includes/layouts/header.php";
?>
<div class="row">
	
	<div class="large-4 columns">
		<div class="panel">
			<h2><?php 
echo $user["username"];
?>
</h2>
			<img src="<?php 
echo get_user_avatar($user["id"])["file_path"];