<?php $selected_page = "User"; require 'includes/header.php'; if (!isset($_SESSION['user_id']) && !isset($_SESSION['admin_id'])) { header('Location: login.php'); } if (!get_running1_batch_id() && !get_running2_batch_id() && !get_published_batch_id() && isset($_SESSION['user_id'])) { // destroy session session_destroy(); //unset cookies setcookie("username", "", time() - 7200); header('Location: login.php'); } if (isset($_SESSION['admin_id']) && !get_published_batch_id()) { header('Location: admin.php'); } ?> <div class="content"> <div class="topContent"> <?php if (isset($_SESSION['user_id'])) { if (get_published_batch_id()) { $user = $_SESSION['user_id']; $name = get_user_by_id($user); $batch = get_published_batch_id(); echo "<h2>" . get_text('Information') . " " . strtolower(get_text('About')) . ": {$name['0']} {$name['1']}</h2>"; ?> <p> <a href="pdf.php?id=<?php echo $_SESSION['user_id'];
function login($username, $password, $rememberme) { $username = sanitize($username); $password = sanitize($password); $rememberme = sanitize($rememberme); if (get_running1_batch_id() || get_running2_batch_id() || get_published_batch_id()) { $query = mysql_query("SELECT ID, Password, Username FROM user WHERE UPPER(Username) = UPPER('{$username}')"); if (!$query || mysql_num_rows($query) <= 0) { //echo mysql_error(); return get_text('Error_occured') . get_text('Do_you_have_account'); } else { $user = mysql_fetch_row($query); if (password_verify($password, $user['1'])) { if ($rememberme == "on") { setcookie("username", $username, time() + 7200); } else { if ($rememberme == "") { $_SESSION['user_id'] = $user['0']; $_SESSION['user_name'] = $user['2']; } } header('Location: index.php'); exit; } else { return get_text('Wrong_password'); } } } else { return get_text('Login_not_allowed'); } }
<h3><?php echo get_text('Who_may_answer_your_poll'); ?> </h3> <form action="<?php echo $_SERVER['PHP_SELF']; ?> ?Start&Step=2" method="post"> <?php foreach ($users as $user) { if ($user['ID'] != $_SESSION['user_id']) { $batch = get_running1_batch_id(); if (is_preferred_reviewer($_SESSION['user_id'], $user['ID'], $batch)) { ?> <input type="checkbox" name="preferred_reviewer[]" id="<?php echo $user['Username']; ?> " value="<?php echo $user['Username']; ?> " checked/><label for="<?php echo $user['Username']; ?> "><?php echo $user['Lastname'] . ' ' . $user['Firstname']; ?> </label> <br/> <?php
$selected_page = "Admin"; require_once 'includes/header.php'; if (!isset($_SESSION['admin_id'])) { header('Location:admin_login.php'); } $add_user_message = ""; $add_department_message = ""; ?> <div class="content"> <?php if (get_running1_batch_id() || get_running2_batch_id()) { ?> <div class="topContent"> <?php if (get_running1_batch_id()) { $users = get_users_not_answered_own_questions(); if ($users) { $number = 0; foreach ($users as $user) { $number++; } ?> <p style="width: 100%;"> <b><?php echo $number; ?> </b> <?php echo get_text('Users_have_not_filled_in_own_poll'); ?> .
</a> </h3> <h3 class="next"><a href="<?php echo $_SERVER['PHP_SELF']; ?> ?Exit"><?php echo get_text('Exit'); ?> </a></h3> </div> <?php } else { if ($_GET['Step'] == 1) { $poll = get_poll_by_reviewer_reviewee_batch($_SESSION['user_id'], $_SESSION['user_id'], get_running1_batch_id()); if ($poll) { $poll_status = get_poll_status($poll); echo '<div class="topContent">'; include 'includes/form/own_poll.php'; echo '</div>'; } else { echo '<div class="topContent">' . get_text('Error_occured_try_again') . '</div>'; } } else { if ($_GET['Step'] == 2) { echo '<div class="topContent">'; include 'includes/form/preferred_reviewer.php'; echo '</div>'; } else { if ($_GET['Step'] == 3) {
echo $batch['ID']; ?> "/> <?php if (get_batch_status_name($batch['Status']) == 'Init') { ?> <input type="submit" name="change_batch_status" onclick="change_batchstatus(<?php echo $batch['ID']; ?> , 'Start')" value="<?php echo get_text('Start_phase_1'); ?> " <?php if (get_running1_batch_id() || get_running2_batch_id() || get_calculating_batch_id() || get_accepted_batch_id()) { echo 'disabled="disabled"'; } ?> /> <?php } else { if (get_batch_status_name($batch['Status']) == 'Running1') { ?> <input type="submit" name="change_batch_status" onclick="change_batchstatus(<?php echo $batch['ID']; ?> , 'Calculate')" value="<?php echo get_text('Calculate_polls');