function confirmlogin()
{
if (!loggedin()) {
header("Location: ./index.php");
/* Redirect browser */
exit;
}
}
/**
* Index Page for this controller.
*
* Maps to the following URL
* http://example.com/index.php/welcome
* - or -
* http://example.com/index.php/welcome/index
* - or -
* Since this controller is set as the default controller in
* config/routes.php, it's displayed at http://example.com/
*
* So any other public methods not prefixed with an underscore will
* map to /index.php/welcome/<method_name>
* @see http://codeigniter.com/user_guide/general/urls.html
*/
public function index() {
$this->load->view('top');
if(loggedin()) {
$this->load->view('loggedin');
} else {
$this->load->view('login');
}
$this->load->view('bottom');
}
public function profile() {
if(loggedin() ) {
$data['content'] = 'profile';
$this->load->model('User_model');
$data['info'] = $this->User_model->getUserinfo();
$this->load->view('template', $data);
} else {
redirect(base_url().'news/', 'refresh');
}
}
public function index() {
if(loggedin() ) {
$this->load->model('events_model');
$data['events'] = $this->events_model->get_last_events();
$data['content'] = 'events';
$this->load->view('template', $data);
} else {
redirect(base_url().'news/', 'refresh');
}
}
function isEditor()
{
if (loggedin()) {
if (!empty($_SESSION['user_type'])) {
if ($_SESSION['user_type'] == 'edit') {
return true;
}
}
}
return false;
}
function submissionform_redo()
{
global $logged_in, $user, $HTTP_POST_VARS, $SUBMISSION, $MAIN;
$WORK = loggedin();
//lets redraw the submission form.
$WORK = insert_into_template($SUBMISSION, "{LOGGEDIN}", $WORK);
$WORK = insert_into_template($WORK, "{REQUESTFOR}", $HTTP_POST_VARS['request_for']);
$WORK = insert_into_template($WORK, "{REQUEST}", $HTTP_POST_VARS['request']);
$WORK = insert_into_template($MAIN, "{CONTENT}", $WORK);
$WORK = filltemplate($WORK, "Submit a Prayer Request");
printf("%s", striptemplate($WORK));
}
function submissionform_redo()
{
global $logged_in, $user, $HTTP_POST_VARS, $HTTP_GET_VARS, $MAIN, $LEAVEPRAISE;
$WORK = loggedin();
//lets redraw the request form.
$WORK = insert_into_template($LEAVEPRAISE, "{LOGGEDIN}", $WORK);
$WORK = insert_into_template($WORK, "{REQUESTID}", $HTTP_GET_VARS['request']);
$WORK = insert_into_template($WORK, "{PREFILL}", $HTTP_POST_VARS['praise']);
$WORK = insert_into_template($MAIN, "{CONTENT}", $WORK);
$WORK = filltemplate($WORK, "Leave Praise");
printf("%s", striptemplate($WORK));
}
function getuser()
{
global $conn;
if (loggedin()) {
$query = "SELECT * FROM `users` WHERE `username` = '" . $_SESSION['username'] . "'";
} else {
$query = "SELECT * FROM `users` WHERE `username` = '" . $conn->real_escape_string($_POST['username']) . "'";
}
$result = $conn->query($query);
if ($result->num_rows > 0) {
return $result->fetch_assoc();
}
}
function signin($db)
{
echo "Enter username:"******"\n";
$name = trim(fgets(STDIN));
echo "Enter password:\n";
$pass = trim(fgets(STDIN));
$val = $db->checkUser($name, $pass);
if ($val) {
echo "\n** Welcome ----login successfull**\n";
loggedin($db);
} else {
echo "login fails";
}
}
function getfield($field, $table, $conn)
{
if (loggedin()) {
$userid = $_SESSION['userid'];
$query = "SELECT {$field} FROM {$table} WHERE id='{$userid}'";
if ($result = $conn->query($query)) {
if ($result->num_rows > 0) {
if ($result = $result->fetch_row()) {
return $result;
} else {
echo "fetch row fault";
}
} elseif ($result->num_rows < 0) {
echo "num_rows < 0";
} else {
echo "cant detect";
}
} else {
echo "failed - in getfield";
}
}
}
function tmpCountModules($module_name)
{
if (substr($module_name, 0, 4) == 'user') {
return false;
}
if ($module_name == 'quicklinks') {
return false;
}
if ($module_name == 'right') {
return false;
}
if ($module_name == 'commands') {
return loggedin() && !gpExists('x4Page');
}
if ($module_name == 'menuright') {
return loggedin();
}
if (gpExists('x4Page')) {
return false;
}
return true;
}
public function listing() {
if(loggedin() ) {
$ppage = 5;
$start = 0;
$this->load->model('Events_model');
$config['base_url'] = base_url().'event/listing/page/';
$config['total_rows'] = count($this->Events_model->get_events_by_user($_SESSION['id']));
$config['per_page'] = $ppage;
$config['full_tag_open'] = '<p>';
$config['full_tag_close'] = '</p>';
$this->pagination->initialize($config);
if($this->uri->segment(4) != '') {
$start = $this->uri->segment(4);
}
$data['events'] = $this->Events_model->get_events_by_user($_SESSION['id'], $start, $ppage);
$data['content'] = 'events';
$data['pages'] = $this->pagination->create_links();
$this->load->view('template', $data);
} else {
redirect(base_url().'news/', 'refresh');
}
}
<div class="menu_bg">
<ul>
<li><a href="<?php echo $sitepath; ?>/index.php">Home</a></li>
<li><a href="<?php echo $sitepath; ?>/about.php">About</a></li>
<li><a href="<?php echo $sitepath; ?>/services.php">Services</a></li>
<li><a href="<?php echo $sitepath; ?>/faq.php">FAQ</a></li>
<li><a href="<?php echo $sitepath; ?>/terms.php">Terms</a></li>
<li><a href="<?php echo $sitepath; ?>/contact.php">Contact Us</a></li>
<li><a href="<?php echo $sitepath; ?>/signup.php">Registration</a></li>
</ul>
</div>
<span class="nav_icon_right"></span>
</div>
<div class="login_button">
<span class="login_icon"></span>
<?php if(loggedin())
{
?>
<h1><a href="<?php echo $sitepath; ?>/logout.php">Logout</a></h1>
<?php
}
else
{
?>
<h1><a href="<?php echo $sitepath; ?>/login.php">Login</a></h1>
<?php
}
?>
</div>
</div>
</div>
<?php
session_start();
include 'config.php';
include 'functions.php';
@($uid = $_SESSION['user_id']);
@($user = $_SESSION['user']);
$date = time();
$dateAjax = date("M j G", $date);
echo "<div id='dateAjax' class='{$dateAjax}'></div>";
loggedin();
//IF USER ONLINE OR NO
$unread_notif = unread_notif($uid);
echo "Welcome back , " . $user;
echo "\t <a href='user/{$user}'>PROFILE</a> | <a href='friends.php?id={$uid}'>My friends</a> |<a href='notifications.php'>Notifications (" . $unread_notif . ")</a> | <a href='freq.php'>Friend requests( " . Nfreq($uid) . " )</a> |<a href='settings.php'>Settings</a>| <a href='search.php'>Search</a> | Help | <a href='logout.php'>Sign out</a><hr />";
//GET LAST ID POSTED
$lastID = mysql_query("select * from notes order by notes_id desc limit 1");
$IDoop = mysql_fetch_array($lastID);
$lastUsedID = $IDoop['notes_id'];
$lastUsedID1 = $lastUsedID++;
$lastUsedID = hashit($lastUsedID);
echo "<input type='hidden' name='lastID' id='lastID' value='{$lastUsedID}' />";
?>
<script type="text/javascript" src="jquery.js"></script>
<script type="text/javascript">
jQuery(function($) {
//ADD A NOTE///////////////////////////////////////////////////////////////////////
$('#send_note').click(function() {
<body>
<div id="header">
<h1><?php
echo SITE_TITLE;
?>
</h1>
<?php
$menuitems = array();
if ($GLOBALS["page"] != "mainMenu") {
$menuitems[] = "<a href=\"" . SITEROOT_WEB . "\">Back to main menu</a>";
}
$menuitems[] = "<a href=\"" . SITEROOT_WEB . "eqiat\">Authoring tool</a>";
if (loggedin() && $GLOBALS["page"] != "logout") {
$menuitems[] = "<a id=\"logoutlink\" href=\"" . SITEROOT_WEB . "?page=logout\">Log out (<strong>" . htmlspecialchars(username()) . "</strong>)</a>";
} else {
if (!loggedin() && ($GLOBALS["page"] != "login" && !isset($_SESSION["nextpage"]))) {
$menuitems[] = "<a href=\"" . SITEROOT_WEB . "?page=login\">Log in</a>";
}
}
if ($GLOBALS["page"] != "help") {
$menuitems[] = "<a href=\"" . SITEROOT_WEB . "?page=help\">Help</a>";
}
if (!empty($menuitems)) {
?>
<ul id="headermenu">
<?php
foreach ($menuitems as $menuitem) {
?>
<li><?php
echo $menuitem;
?>
<div class="btn-group pull-right" >
<button onclick="window.location = 'cart.php'" class ="btn btn-info btn-medium"><i class = "icon-shopping-cart icon-white"></i> <?php
print cheakrow();
?>
</button>
<button id = "userfullname" class="btn btn-info btn-medium"><i class = "icon-user icon-white"></i> <?php
print loggedin();
?>
</button>
<button class="btn btn-info btn-medium dropdown-toggle" data-toggle="dropdown">
<span class="caret"></span>
</button>
<ul class="dropdown-menu">
<li>
<a id = "admintools" href="admin.php">Admin Tools</a>
<a href = "orders.php">My orders</a>
<a href = "userlogout.php">Sign out</a>
</li>
</ul>
</div>
}
$design->footer();
break;
case 'refuse':
$title = $allgAr['title'] . ' :: Users :: Freundschaftsanfrage abgelehnt';
$hmenu = $extented_forum_menu . '<a class="smalfont" href="?user">Users</a><b> » </b> Freundschaftsanfrage abgelehnt';
$design = new design($title, $hmenu, 1);
$design->header();
if (loggedin() and is_numeric($fid)) {
db_query("DELETE FROM prefix_friendscheck WHERE uid = " . $fid . " AND fid = " . $uid);
wd('?user-fcheck-' . $uid, 'Du hast die Freundschaftsanfrage abgelehnt.');
} else {
wd('?user-fcheck-' . $uid, 'Es ist ein Fehler aufgetreten');
}
$design->footer();
break;
case 'del':
$title = $allgAr['title'] . ' :: Users :: Freund entfernen';
$hmenu = $extented_forum_menu . '<a class="smalfont" href="?user">Users</a><b> » </b> Freund entfernen';
$design = new design($title, $hmenu, 1);
$design->header();
if (loggedin() and is_numeric($fid)) {
db_query("DELETE FROM prefix_friends WHERE uid = " . $uid . " AND fid = " . $fid);
db_query("DELETE FROM prefix_friends WHERE uid = " . $fid . " AND fid = " . $uid);
wd('?user-details-' . $fid, 'Freund wurde entfernt.');
} else {
wd('?user-details-' . $fid, 'Es ist ein Fehler aufgetreten');
}
$design->footer();
break;
}
break;
case 'del':
$title = $allgAr['title'] . ' :: Users :: Eintrag gelöscht';
$hmenu = $extented_forum_menu . '<a class="smalfont" href="?user">Users</a><b> » </b> Eintrag gelöscht';
$design = new design($title, $hmenu, 1);
$design->header();
if (loggedin() and is_numeric($menu->get(4)) and $_SESSION['authid'] == $fid) {
$did = escape($menu->get(4), 'integer');
db_query("DELETE FROM prefix_usergbook WHERE id = " . $did);
db_query("DELETE FROM prefix_usergbook_koms WHERE gbid = " . $did);
wd('?user-details-' . $fid, 'Eintrag erfolgreich gelöscht.');
} else {
wd('?user-details-' . $fid, 'Es ist ein Fehler aufgetreten');
}
$design->footer();
break;
case 'delk':
$title = $allgAr['title'] . ' :: Users :: Eintrag gelöscht';
$hmenu = $extented_forum_menu . '<a class="smalfont" href="?user">Users</a><b> » </b> Eintrag gelöscht';
$design = new design($title, $hmenu, 1);
$design->header();
if (loggedin() and is_numeric($menu->get(4)) and $_SESSION['authid'] == $fid) {
$did = escape($menu->get(4), 'integer');
db_query("DELETE FROM prefix_usergbook_koms WHERE id = " . $did);
wd('?user-details-' . $fid, 'Eintrag erfolgreich gelöscht.');
} else {
wd('?user-details-' . $fid, 'Es ist ein Fehler aufgetreten');
}
$design->footer();
break;
}
<?php
include "core.php";
include_once "user/core.inc.php";
$tracker = $_GET['t'];
if (loggedin() != 1) {
header('location: index');
} else {
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<!--upload page-->
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>PDF Books</title>
<meta name="keywords" content="PDFs Books" />
<meta name="description" content="Free Pdfs to download" />
<link href="http://fonts.googleapis.com/css?family=Varela" rel="stylesheet" />
<link href="default.css" rel="stylesheet" type="text/css" media="all" />
<link href="fonts.css" rel="stylesheet" type="text/css" media="all" />
</head>
<body>
<div id="wrapper">
<div id="header-wrapper">
<?php
include "header.php";
?>
</div>
<div id="banner">
<div class="container">
<?php
include_once 'includes/header.php';
include_once 'includes/footer.php';
?>
<head>
<title>
Edit Profile
</title>
</head>
<div id="container">
<?php
if (loggedin() && isset($_SESSION['student_id'])) {
if (isset($_POST['name']) || isset($_POST['email'])) {
$name = $_POST['s_name'];
$email = $_POST['email'];
if (empty($name) && empty($email)) {
echo '<br /><span style="color:red;">Fill in the deatils or </span><a href="profile.php?id=' . $_SESSION['student_id'] . '">Go back.</a><br />';
}
if (!empty($name)) {
$name = test_input($name);
if (!preg_match("/^[a-zA-Z ]*\$/", $name)) {
$s_name_err = 'Only alphabets and white spaces allowed.';
} else {
$query = "UPDATE student SET `s_name`='" . mysql_real_escape_string($name) . "' WHERE `r_no`='" . mysql_real_escape_string($_SESSION['student_id']) . "'";
if ($query_run = mysql_query($query)) {
echo '<br /><center><span style="color:red;">Name changed successfully.</span><br />
<a href="profile.php?id=' . $_SESSION['student_id'] . '">Go back.</a>
// eintragen
$name = $xname;
$userreg = $lang['no'];
if (!loggedin() and $allgAr['forum_regist'] != 0) {
$x = user_regist($name, $mail, genkey(8));
$userreg = $lang['yes'];
}
db_query("INSERT INTO `prefix_usercheck` (`check`,`name`,`datime`,`ak`,`groupid`) VALUES ('" . genkey(8) . "','" . $name . "',NOW(),4," . $squad . ")");
$squad = escape($squad, 'integer');
$abf = "SELECT `mod1`, `mod2`, `mod4`, `name` FROM `prefix_groups` WHERE `id` = " . $squad;
$erg = db_query($abf);
$row = db_fetch_assoc($erg);
$rulz = isset($_POST['rules']) ? $_POST['rules'] : $lang['no'];
$skill = $skill_ar[$skill];
// bitte in der richtigen reihenfolge angeben, sonst das nicht gehen tun, kann.
$mailtxt = sprintf($lang['joinusprivmsg'], $name, $row['name'], $skill, $mail, $hometown, $age, $icqnumber, $favmap, $ground, $rulz, $userreg);
// pm an den leader
sendpm($_SESSION['authid'], $row['mod1'], 'Joinus Anfrage', $mailtxt, -1);
// Wenn Co Leader != Leader
if ($row['mod2'] != $row['mod1']) {
sendpm($_SESSION['authid'], $row['mod2'], 'Joinus Anfrage', $mailtxt, -1);
}
if ($row['mod4'] != $row['mod1'] and $row['mod2'] != $row['mod4']) {
sendpm($_SESSION['authid'], $row['mod4'], 'Joinus Anfrage', $mailtxt, -1);
}
if (!loggedin() and $allgAr['forum_regist'] != 0) {
echo $lang['amailhasbeensenttoyouwithmailandpass'] . '<br /><br />';
}
echo sprintf($lang['leaderofxalert'], $row['name']);
}
$design->footer();
$tpl->set_ar_out($ar, 1);
} else {
// save toipc
$_SESSION['klicktime'] = $dppk_time;
$design = new design($title, $hmenu, 0);
$design->header($load);
if (loggedin()) {
$uid = $_SESSION['authid'];
$erst = escape($_SESSION['authname'], 'string');
db_query("UPDATE `prefix_user` SET `posts` = `posts`+1 WHERE `id` = " . $uid);
} else {
$erst = $xnn;
$uid = 0;
}
db_query("INSERT INTO `prefix_topics` (`fid`, `name`, `erst`, `stat`) VALUES ( " . $fid . ", '" . $topic . "', '" . $erst . "', 1 )");
$tid = db_last_id();
// topic alert
if (!empty($_POST['topic_alert']) and $_POST['topic_alert'] == 'yes' and loggedin()) {
if (0 == db_result(db_query("SELECT COUNT(*) FROM `prefix_topic_alerts` WHERE `uid` = " . $_SESSION['authid'] . " AND `tid` = " . $tid), 0)) {
db_query("INSERT INTO `prefix_topic_alerts` (`tid`,`uid`) VALUES (" . $tid . ", " . $_SESSION['authid'] . ")");
}
}
db_query("INSERT INTO `prefix_posts` (`tid`,`fid`,`erst`,`erstid`,`time`,`txt`) VALUES ( " . $tid . ", " . $fid . ", '" . $erst . "', " . $uid . ", " . $time . ", '" . $txt . "')");
$pid = db_last_id();
db_query("UPDATE `prefix_topics` SET `last_post_id` = " . $pid . " WHERE `id` = " . $tid);
db_query("UPDATE `prefix_forums` SET `posts` = `posts` + 1, `last_post_id` = " . $pid . ", `topics` = `topics` + 1 WHERE `id` = " . $fid);
// toipc als gelesen markieren
$_SESSION['forumSEE'][$fid][$tid] = time();
wd('index.php?forum-showposts-' . $tid, $lang['createtopicsuccessful']);
}
$design->footer();
<?php
/*
* Question Bank
*/
/*------------------------------------------------------------------------------
(c) 2010 JISC-funded EASiHE project, University of Southampton
Licensed under the Creative Commons 'Attribution non-commercial share alike'
licence -- see the LICENCE file for more details
------------------------------------------------------------------------------*/
// clear the nextpage session var if we've come to the login page directly
if ($GLOBALS["page"] == "login" && isset($_SESSION["nextpage"])) {
unset($_SESSION["nextpage"]);
}
if (!isset($_REQUEST["async"]) && loggedin()) {
$title = "Already logged in";
include "htmlheader.php";
?>
<h2><?php
echo htmlspecialchars($title);
?>
</h2>
<p>
You're already logged in as
<strong><?php
echo htmlspecialchars(username());
?>
</strong>
– if this isn't you you can
<a href="<?php
echo SITEROOT_WEB;
function user_has_admin_right(&$menu, $sl = true)
{
if ($_SESSION['authright'] <= -8) {
// co leader...
return true;
} else {
$uri_to_check1 = $menu->get(0);
$uri_to_check2 = $menu->get(1);
if (count($_SESSION['authmod']) < 1 or !loggedin()) {
if ($sl === true) {
if (!loggedin()) {
$design = new design('', '', 0);
$menu->set_url(0, 'user');
load_modul_lang();
$tpl = new tpl('user/login.htm');
$design->addheader($tpl->get(0));
$design->header();
$tpl->set_out('WDLINK', 'admin.php', 1);
$design->footer();
} else {
echo '<strong>Keine Berechtigung!</strong> <a href="index.php">Startseite</a>';
}
}
return false;
} elseif (isset($_SESSION['authmod'][$uri_to_check1]) and $_SESSION['authmod'][$uri_to_check1] == true or isset($_SESSION['authmod'][$uri_to_check1 . '-' . $uri_to_check2]) and $_SESSION['authmod'][$uri_to_check1 . '-' . $uri_to_check2] == true) {
return true;
} elseif (count($_SESSION['authmod']) > 0 and loggedin()) {
if ($sl === true) {
foreach ($_SESSION['authmod'] as $k => $v) {
$x = $k;
break;
}
$x = explode('-', $x);
$menu->set_url(0, $x[0]);
if (isset($x[1])) {
$menu->set_url(1, $x[1]);
}
}
return true;
}
}
return false;
}
}
# kommentar add
# kommentar loeschen
if ($menu->getA(2) == 'd' and is_numeric($menu->getE(2)) and has_right(-7, 'news')) {
$kommentar_id = escape($menu->getE(2), 'integer');
db_query("DELETE FROM prefix_koms WHERE uid = " . $nid . " AND cat = 'NEWS' AND id = " . $kommentar_id);
}
# kommentar loeschen
$kategorie = news_find_kat($row->news_kat);
$textToShow = bbcode($row->news_text);
$textToShow = str_replace('[PREVIEWENDE]', '', $textToShow);
if (!empty($such)) {
$textToShow = markword($textToShow, $such);
}
$tpl = new tpl('news.htm');
$ar = array('TEXT' => $textToShow, 'KATE' => $kategorie, 'NID' => $nid, 'uname' => $_SESSION['authname'], 'ANTISPAM' => loggedin() ? '' : get_antispam('newskom', 0), 'NAME' => $row->news_title);
$tpl->set_ar_out($ar, 2);
if ($komsOK) {
$tpl->set_ar_out(array('NAME' => $row->news_title, 'NID' => $nid), 3);
}
$erg1 = db_query("SELECT text, name, id FROM `prefix_koms` WHERE uid = " . $nid . " AND cat = 'NEWS' ORDER BY id DESC");
$ergAnz1 = db_num_rows($erg1);
if ($ergAnz1 == 0) {
echo '<b>' . $lang['nocomments'] . '</b>';
} else {
$zahl = $ergAnz1;
while ($row1 = db_fetch_assoc($erg1)) {
$row1['text'] = bbcode(trim($row1['text']));
if (has_right(-7, 'news')) {
$row1['text'] .= '<a href="?news-' . $nid . '-d' . $row1['id'] . '"><img src="include/images/icons/del.gif" alt="löschen" border="0" title="löschen" /></a>';
}
<?php
include "core.php";
include_once 'user/core.inc.php';
if (loggedin() == 1) {
//to display only if user is loggind
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<!--upload page-->
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>PDF Books upload section</title>
<meta name="keywords" content="PDFs Books" />
<meta name="description" content="Free Pdfs to download" />
<link href="http://fonts.googleapis.com/css?family=Varela" rel="stylesheet" />
<link href="default.css" rel="stylesheet" type="text/css" media="all" />
<link href="fonts.css" rel="stylesheet" type="text/css" media="all" />
</head>
<body>
<div id="wrapper">
<div id="header-wrapper">
<?php
include "header.php";
?>
</div>
<div id="banner">
<div class="container">
<div class="title">
<h2>Upload</h2>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
</head>
<body>
<?php
include 'config.php';
include 'functions.php';
if (!loggedin()) {
header("location: index.php");
} else {
$id = $_GET['id'];
$query = mysql_query("SELECT * FROM services WHERE id='{$id}'");
$row = mysql_fetch_array($query);
$service_name = $row['name'];
$service_article = $row['comments'];
$service_picture = $row['picture'];
if (isset($_POST['submit']) && !empty($_POST['submit'])) {
if (isset($_FILES['newpicture']['name']) && !empty($_FILES['newpicture']['name'])) {
$new_service_name = $_POST['name'];
$new_service_article = $_POST['article'];
$picture_temp = $_FILES['newpicture']['tmp_name'];
$picture_name = "pic_" . $id . ".jpg";
mysql_query("UPDATE services SET name='{$new_service_name}', comments='{$new_service_article}' WHERE id='{$id}'");
move_uploaded_file($picture_temp, "uploaded/" . $picture_name);
header("location: admin.php?option=services&sub=alter");
} else {
$new_service_name = $_POST['name'];
$new_service_article = $_POST['article'];
mysql_query("UPDATE services SET name='{$new_service_name}', comments='{$new_service_article}' WHERE id='{$id}'");
header("location: admin.php?option=services&sub=alter");
function itemrating($qtiid)
{
if (!loggedin() || !itemexists($qtiid)) {
return false;
}
$item = getitem($qtiid);
$result = db()->query("\n\t\tSELECT rating\n\t\tFROM ratings\n\t\tWHERE item='" . db()->escapeString($qtiid) . "'\n\t\tAND posted > " . max($item["uploaded"], is_null($item["modified"]) ? 0 : $item["modified"]) . "\n\t\tAND user='******'\n\t;");
if ($row = $result->fetchArray(SQLITE3_NUM)) {
return $row[0];
}
return null;
}
<?php
include 'db_config.php';
include 'check_login.php';
if (loggedin()) {
if ($_SESSION['username'] == "admin") {
header("Location:/admin");
exit;
}
}
?>
<!DOCTYPE html>
<!--[if lt IE 7 ]><html class="ie ie6" lang="en"> <![endif]-->
<!--[if IE 7 ]><html class="ie ie7" lang="en"> <![endif]-->
<!--[if IE 8 ]><html class="ie ie8" lang="en"> <![endif]-->
<!--[if (gte IE 9)|!(IE)]><!--><html lang="en"> <!--<![endif]-->
<head>
<!-- Basic Page Needs
================================================== -->
<meta charset="utf-8">
<title>Y.R.Y.S. | Your rules, your style.</title>
<meta name="description" content="">
<meta name="author" content="">
<!-- Mobile Specific Metas
================================================== -->
<meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1">
<!-- CSS
================================================== -->
$class = 'Cnorm';
$i = 0;
if (db_num_rows($erg) > 0) {
while ($row = db_fetch_assoc($erg)) {
$class = $class == 'Cmite' ? 'Cnorm' : 'Cmite';
$row['class'] = $class;
$row['besch'] = unescape($row['besch']);
if (loggedin() and (is_siteadmin() or $uid == $_SESSION['authid'])) {
$row['besch'] = '<a href=\'index.php?user-usergallery-' . $uid . '-p' . $page . '-d' . $row['id'] . '\'><img src=\'include/images/icons/del.gif\' border=\'0\' alt=\'löschen\' title=\'löschen\' /></a> ' . $row['besch'];
}
$row['width'] = round(100 / $img_per_line);
if ($i != 0 and $i % $img_per_line == 0) {
echo '</tr><tr>';
}
$tpl->set_ar_out($row, 1);
$i++;
}
if ($i % $img_per_line != 0) {
$anzahl = $img_per_line - $i % $img_per_line;
for ($x = 1; $x <= $anzahl; $x++) {
echo '<td class="' . $class . '"></td>';
}
}
}
$tpl->out(2);
// bilder abfragen
// bild hochladen
if (is_writeable('include/images/usergallery') and loggedin() and $uid == $_SESSION['authid']) {
$tpl->out(3);
}
$design->footer();
