<?php if (isset($_SESSION['login_status']) && $_SESSION['login_status'] == false) { session_unset(); echo "<div class=\"col-md-12\"> <div class=\"update-nag\"><div class=\"update-text\">The username or password you entered is incorrect.</div> </div></div>\n"; } ?> </div> </div> </div> <?php if (isset($_POST['user']) && isset($_POST['pass'])) { $user = $_POST['user']; $pass = $_POST['pass']; $login = login($user, $pass); if (loginCheck($login) == true && isAdmin($login) == true) { $_SESSION["login_user"] = $user; $_SESSION["login_status"] = true; header('Location: index'); exit; } else { $_SESSION["login_status"] = false; header('Location: ?'); exit; } } ?> <script src="js/jquery-1.11.1.min.js"></script> <script src="js/bootstrap.min.js"></script> <script>
<?php include "accessor.php"; $user = json_decode(stripslashes($_REQUEST['obj'])); //echo $user->username." | ".$user->password; echo loginCheck($link, $user->username, $user->password);
<?php /* SQL Buddy - Web based MySQL administration http://www.sqlbuddy.com/ index.php - output page structure, content loaded through ajax MIT license 2008 Calvin Lough <http://calv.in> */ /* MODx integration security check */ include "functions.php"; loginCheck(false); outputPage();
function editEmail($mysqli, $password, $email1, $email2) { $userid = $_SESSION['userid']; if (!loginCheck($mysqli)) { return false; } if ($email1 != $email2) { $_SESSION['msg'] = 'EMAIL ADRESSES MUST MATCH'; return false; } if ($stmt = $mysqli->prepare("SELECT password FROM Account WHERE id = ? LIMIT 1")) { $stmt->bind_param('i', $userid); $stmt->execute(); $stmt->store_result(); $stmt->bind_result($dbPassword); $stmt->fetch(); $password = sha1($password); if ($stmt->num_rows == 1) { if ($dbPassword != $password) { $_SESSION['msg'] = 'INCORRECT PASSWORD'; return false; } } else { $_SESSION['msg'] = 'DATABASE ERROR'; return false; } } else { $_SESSION['msg'] = 'DATABASE ERROR'; return false; } if ($stmt = $mysqli->prepare("SELECT email FROM Account WHERE email = ?")) { $stmt->bind_param('s', $email1); $stmt->execute(); $stmt->store_result(); $stmt->bind_result($tmp); $stmt->fetch(); if ($stmt->num_rows > 0) { $_SESSION['msg'] = 'EMAIL ALREADY IN USE'; return false; } } if ($stmt = $mysqli->prepare("UPDATE Account SET Account.email = ? WHERE Account.id = ?")) { $stmt->bind_param('si', $email1, $userid); $stmt->execute(); $_SESSION['msg'] = 'EMAIL ADRESS UPDATED SUCCESSFULLY'; return true; } else { $_SESSION['msg'] = 'DATABASE ERROR'; return false; } }
*/ $tab = "admin"; $nav = "staff"; $returnLocation = "../admin/staff_list.php"; /** * Checking for query string. Go back to $returnLocation if none found. */ if (count($_GET) == 0 || !is_numeric($_GET["id_member"]) || empty($_GET["surname1"]) || empty($_GET["first_name"])) { header("Location: " . $returnLocation); exit; } /** * Checking permissions */ require_once "../auth/login_check.php"; loginCheck(OPEN_PROFILE_ADMINISTRATOR); require_once "../lib/Form.php"; require_once "../lib/Check.php"; /** * Retrieving get vars */ $idMember = intval($_GET["id_member"]); $surname1 = Check::safeText($_GET["surname1"]); $surname2 = Check::safeText($_GET["surname2"]); $firstName = Check::safeText($_GET["first_name"]); /** * Show page */ $title = _("Delete Staff Member"); require_once "../layout/header.php"; /**
* Checking for get vars. Go back to log statistics if none found. */ if (count($_GET) == 0) { header("Location: ../admin/log_stats.php"); exit; } /** * Controlling vars */ $tab = "admin"; $nav = "logs"; /** * Checking permissions */ require_once "../auth/login_check.php"; loginCheck(OPEN_PROFILE_ADMINISTRATOR, false); // There are not logs in demo version require_once "../lib/LogStats.php"; /** * Retrieving get vars */ $table = isset($_GET['table']) ? Check::safeText($_GET['table']) : 'access'; $year = isset($_GET["year"]) ? intval($_GET["year"]) : 0; $month = isset($_GET["month"]) ? intval($_GET["month"]) : 0; $day = isset($_GET["day"]) ? intval($_GET["day"]) : 0; //$hour = (isset($_GET["hour"])) ? intval($_GET["hour"]) : 0; // @todo ? /** * Show page */ if ($table == 'record') { $title = _("Record Logs");
/** * Gets APIService SOAP client proxy that uses SOAP header authentication * @return APIService */ function getAPI() { loginCheck(); global $api_endpoint; $api_wsdl = "api/APIService.wsdl"; $api_options = array('location' => $api_endpoint, 'trace' => true, 'features' => SOAP_SINGLE_ELEMENT_ARRAYS); $api = new APIService($api_wsdl, $api_options); $api->setCredentials("[" . $_SESSION["IntegratorsKey"] . "]" . $_SESSION["UserID"], $_SESSION["Password"]); return $api; }
* @package OpenClinic * @copyright 2002-2008 jact * @license http://www.gnu.org/copyleft/gpl.html GNU GPL * @version CVS: $Id: history_personal_view.php,v 1.26 2008/03/23 12:00:17 jact Exp $ * @author jact <*****@*****.**> */ /** * Controlling vars */ $tab = "medical"; $nav = "history"; /** * Checking permissions */ require_once "../auth/login_check.php"; loginCheck(OPEN_PROFILE_DOCTOR); require_once "../model/Query/History.php"; require_once "../model/Patient.php"; /** * Retrieving var (PGS) */ $idPatient = Check::postGetSessionInt('id_patient'); $patient = new Patient($idPatient); if ($patient->getName() == '') { FlashMsg::add(_("That patient does not exist."), OPEN_MSG_ERROR); header("Location: ../medical/patient_search_form.php"); exit; } /** * Search database for problem */
function login($username, $password, $codestring = '', $captcha = '') { global $bdstoken; request('http://pan.baidu.com/'); if ($codestring == '') { $captcha = loginCheck($username); if ($captcha) { $ret['errno'] = 257; $ret['code_string'] = $captcha; $ret['captcha'] = 'https://passport.baidu.com/cgi-bin/genimage?' . $captcha; return $ret; } } $guid = GUID(); getToken($guid); //加密登录不太灵,不知道怎么回事,抽风似的,不用了 /*$_key = request('https://passport.baidu.com/v2/getpublickey?token='.$bdstoken); $key = json_decode(str_replace("'", '"', $_key['body']), true); if (!isset($key['pubkey']) || !isset($key['key'])) { echo '无法获取public key!请联系开发者!服务器返回:'.$_key['body']; die(); } $pubkey = openssl_pkey_get_public($key['pubkey']); openssl_public_encrypt($password, $crypted_password, $pubkey); $crypted_password = base64_encode($crypted_password); $result = request('https://passport.baidu.com/v2/api/?login', "charset=utf-8&tpl=netdisk&subpro=netdisk_web&apiver=v3&tt=".time()."&token=$bdstoken&loginmerge=true&safeflg=0&codestring=$codestring&detect=1&foreignusername=&gid=&idc=&isPhone=&loglogintype=pc_loginBasic&logintype=basicLogin&mem_pass=on&password=$crypted_password&rsakey={$key['key']}&crypttype=12&quick_user=0&safeflag=0&staticpage=http://pan.baidu.com/res/static/thirdparty/pass_v3_jump.html&u=http://pan.baidu.com/&username=$username&countrycode=&verifycode=$captcha&gid=$guid&ppui_logintime=".mt_rand(10000, 15000));*/ $result = request('https://passport.baidu.com/v2/api/?login', "charset=utf-8&tpl=netdisk&subpro=netdisk_web&apiver=v3&tt=" . time() . "&token={$bdstoken}&loginmerge=true&safeflg=0&codestring={$codestring}&detect=1&foreignusername=&gid=&idc=&isPhone=&loglogintype=pc_loginBasic&logintype=basicLogin&mem_pass=on&password={$password}&quick_user=0&safeflag=0&staticpage=http://pan.baidu.com/res/static/thirdparty/pass_v3_jump.html&u=http://pan.baidu.com/&username={$username}&countrycode=&verifycode={$captcha}&gid={$guid}&ppui_logintime=" . mt_rand(10000, 15000)); parse_str(findBetween($result['body'], 'href += "', '"'), $output); if (!isset($output['err_no'])) { echo '无法登录!请联系开发者!服务器返回:<xmp>' . $result['body']; die; } $ret['errno'] = $output['err_no']; if (strlen($output['codeString'])) { $ret['code_string'] = $output['codeString']; $ret['captcha'] = 'https://passport.baidu.com/cgi-bin/genimage?' . $output['codeString']; } return $ret; }
<?php ob_start(); require '../setup.php'; require $GLOBALS['root'] . '../../database.php'; ob_end_clean(); // supresses output. if (!loginCheck($session)) { echo "Error: You're not signed in"; $_SESSION['ERROR'] = "unsubscribehandler.php failed to verify that you are signed in"; } else { if (isset($_POST['key'])) { $key = $_POST['key']; $sql = 'DELETE FROM endpoints WHERE user_id="' . $_SESSION['ID'] . '" AND id="' . $key . '";'; $result = query($sql); } else { echo "Error: Nothing recieved"; $_SESSION['ERROR'] = "subscribehandler.php recieved nothing"; } }
if (strcmp(getCommand(), "insertToSQL") == 0) { $nameToInsert = $_POST['username']; $passToInsert = $_POST['password']; insertToSQL($nameToInsert, $passToInsert, SQLConnect(), "LoginSystem"); } else { if (strcmp(getCommand(), "getFromSQL") == 0) { getFromSQL(SQLConnect(), "LoginSystem"); } else { if (strcmp(getCommand(), "updateSQL") == 0) { $nameToUpdate = $_POST['username']; $passToUpdate = $_POST['password']; /* needs the new ones too, deal with that later */ updateSQL($nameToUpdate, $passToUpdate, SQLConnect()); } else { if (strcmp(getCommand(), "loginCheck") == 0) { $name = $_POST['username']; $pass = $_POST['password']; loginCheck($name, $pass, SQLConnect()); } else { if (strcmp(getCommand(), "deleteFromSQL") == 0) { $name = $_POST['username']; echo $name; deleteFromSQL($name, SQLConnect()); } else { die("Invalid command."); /* die prints a message, in the bracket and exits the script */ } } } } }
} } } } } } else { if ($wants == "films") { $filmnight_id = getCurrentFilmNight(); $selections = []; if (loginCheck($session)) { $selections = getSelectedFilmsInUserOrder($filmnight_id, $_SESSION['ID']); } echo json_encode(["status" => "success", "filmList" => $selections, "hasVoted" => $selections[1]["voted"] == "1"]); } else { if ($wants == "votes") { $results = []; if (loginCheck($session) == "admin" && status() == "voting" && !isset($_GET["night"])) { $results = getResults(getCurrentFilmNight()); } else { $results = getResults(getCurrentResultsFilmNight()); } echo json_encode(["status" => "success", "votes" => $results]); } else { echo '{"status": "error", "error": "Don\'t know how to get ' . $wants . '"}'; } } } } } else { echo '{"status": "error", "error": "Nothing Received"}'; }
<script type="text/javascript"> /* validation */ $(document).ready(function(){ $("#login").validate();}); </script> <?php if ($_POST) { $username = $_POST["username"]; $password = md5($_POST["password"]); $adminlanguage = $_POST["admin_language"]; $result = loginCheck($username, $password, $adminlanguage); // Include language file $admin_lang = $_SESSION["site_admin_language"]; if ($admin_lang) { include DOCUMENT_ROOT . "/system/language/admin_" . $admin_lang . ".php"; } else { include DOCUMENT_ROOT . "/system/language/admin_en.php"; } if ($result == "Success") { set_response_mes(1, $admin_language['successfullylogged']); url_redirect(DOCROOT . "admin/profile/"); } else { if ($result == "Blocked") { set_response_mes(1, $admin_language['loginblocked']); url_redirect(DOCROOT . "admin/login/"); } else { set_response_mes(-1, $admin_language['usernameorpasswordincorrect']); url_redirect(DOCROOT . "admin/login/"); } } }
if (empty($username)) { $errors[] = "Please input your username"; } if (checkUser($username) === false) { $errors[] = "That username does not exist in our database."; } $passCheck = checkPassword($username, $password); if ($passCheck === false) { $errors[] = "Your password is incorrect. Please try again."; } } if (!empty($errors)) { foreach ($errors as $error) { $return['error'] = true; $return['msg'] = $error; } } else { $ua = getBrowser(); $browser = $ua['name'] . ' ' . $ua['version']; $os = $ua['platform']; loginCheck($username); loginLog($passCheck, $browser, $os); $random = rand(1000000000, 9999999999.0); $sec = sha1(base64_encode($random)); $_SESSION['securedid'] = $sec; $_SESSION['uid'] = $passCheck; $url = "index.php"; $return['error'] = false; $return['msg'] = $url; } echo json_encode($return);
function loginController($action) { switch ($action) { case 10: // 로그인 관련 처리 액션 header("location:../view/MainView.php?action={$action}"); //콘트롤러 재호출 break; case 11: // 로그인 처리 액션 $userID = $_REQUEST['user_id']; $userPW = $_REQUEST['user_pwd']; $resultArr = loginCheck($userID, $userPW); if ($resultArr['code'] == 1) { $_SESSION['loginID'] = $userID; $_SESSION['userLevel'] = $resultArr['level']; $action = 0; } else { if ($resultArr['code'] == -1) { $action = 10; } else { if ($resultArr['code'] == -2) { $action = 10; } else { $action = 10; } } } header("location:./MainCTL.php?action={$action}"); break; case 12: // 로그아웃 처리 액션 unset($_SESSION['loginID']); unset($_SESSION['userLevel']); session_destroy(); $msg = "로그 아웃 처리 되었습니다."; $_SESSION['msg'] = $msg; $action = 0; header("location:../view/MainView.php?action={$action}"); break; case 13: // 회원정보 입력 뷰로 디다이렉트 header("location:../view/MainView.php?action={$action}"); break; case 14: // 회원정보 입력 처리 액션 $data['id'] = isset($_REQUEST['user_id']) ? $_REQUEST['user_id'] : null; $data['password'] = isset($_REQUEST['user_pwd']) ? $_REQUEST['user_pwd'] : null; $data['name'] = isset($_REQUEST['user_name']) ? $_REQUEST['user_name'] : null; $data['tel'] = isset($_REQUEST['user_tel']) ? $_REQUEST['user_tel'] : null; $result = insertMember($data); if ($result) { $msg = "회원정보를 정상적으로 입력 하였습니다."; //성공메시지 뷰로 리다이렉트 } else { $msg = "회원정보 입력에 오류가 발생 하였습니다."; //다시 입력하도록 실패메시지 뷰로 리다이렉트 } $_SESSION['msg'] = $msg; $action = 0; header("location:../view/MainView.php?action={$action}"); break; default: header("location:../view/MainView.php?action={$action}"); break; } }
?> <script type = "text/javascript"> /* validation */ $(document).ready(function(){$("#login").validate();}); </script> <?php if ($_SESSION["userid"]) { url_redirect(DOCROOT . "profile.html"); } if ($_POST['submit'] == $language['login']) { $username = $_POST["username"]; $password = md5($_POST["password"]); $result = loginCheck($username, $password); if ($result == "Success") { set_response_mes(1, $language['login_success']); $reference_url = $_SESSION["ref"]; $_SESSION["ref"] = ""; if ($reference_url) { url_redirect($reference_url); } else { url_redirect(DOCROOT . "profile.html"); } } else { set_response_mes(-1, $language['password_incorrect']); url_redirect(DOCROOT . "login.html"); } } ?>
<?php include 'setup.php'; $permission = loginCheck($session); include 'head.php'; head('Film Night Admin Console'); ?> <body> <?php include 'top-nav.php'; ?> <div id="container">; <?php if (loginCheck($session, TRUE) == "admin") { echo "<script>window.onload = function() { closeClapper(); setTimeout(shrinkHeader, 500); };</script>"; echo "<p>Connected successfully"; echo "<br>"; echo "Current time:<br>"; $now = date('Y-m-d H:i:s'); echo $now; echo "<br>Current status:<br>"; echo status(); $times = getFilmNights(); if ($times != "None") { echo "</p><table>"; echo "<tr><td>ID</td><td>Roll Call Start</td><td>Roll Call End</td><td>Voting Start</td><td>Voting End</td><td>Results Start</td><td>Results End</td></tr>"; foreach ($times as &$time) { echo "<tr>"; echo "<td>" . $time[0] . "</td><td>" . $time[1] . "</td><td>" . $time[2] . "</td><td>" . $time[3] . "</td><td>" . $time[4] . "</td><td>" . $time[5] . "</td><td>" . $time[6] . "</td>"; echo "</tr>"; }
* developed to meet the specific data and security requirements of the * application. * * THIS CODE AND INFORMATION ARE PROVIDED "AS IS" WITHOUT WARRANTY OF ANY * KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND/OR FITNESS FOR A * PARTICULAR PURPOSE. */ // start session and some helper functions include "include/session.php"; // credential service proxy classes and soapclient include "api/CredentialService.php"; // api service proxy classes and soapclient include "api/APIService.php"; // redirect to setup page if we aren't logged in loginCheck("../login.php"); // get Integrator Key from credentials.ini $ini_array = parse_ini_file("integrator.php"); $IntegratorsKey = $ini_array["IntegratorsKey"]; // setup api connection $api_endpoint = "https://demo.docusign.net/api/3.0/api.asmx"; $api_wsdl = "api/APIService.wsdl"; $api_options = array('location' => $api_endpoint, 'trace' => true, 'features' => SOAP_SINGLE_ELEMENT_ARRAYS); $api = new APIService($api_wsdl, $api_options); // set credentials on the api object - if we have an integrator key then we prepend that to the UserID if (isset($IntegratorsKey) && $IntegratorsKey != "") { $api->setCredentials($IntegratorsKey . $_SESSION["UserID"], $_SESSION["Password"]); } else { $api->setCredentials($_SESSION["UserID"], $_SESSION["Password"]); } $RequestStatusesParams = new RequestStatuses();
* This source code is intended only as a supplement to DocuSign SDK * and/or on-line documentation. * This sample is designed to demonstrate DocuSign features and is not intended * for production use. Code and policy for a production application must be * developed to meet the specific data and security requirements of the * application. * * THIS CODE AND INFORMATION ARE PROVIDED "AS IS" WITHOUT WARRANTY OF ANY * KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND/OR FITNESS FOR A * PARTICULAR PURPOSE. */ // start session and some helper functions include "include/session.php"; // redirect to setup page if we aren't logged in loginCheck("login.php"); ?> <!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"><head> <title>InsuranceCo</title> <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"> <script type="text/javascript" src="scripts/jquery-1.4.1.min.js"></script> <script type="text/javascript" src="scripts/webservice-status.js"></script> <link rel="stylesheet" type="text/css" href="css/style.css"> </head><body> <div class="header" style=" background:url(images/fond.jpg); background-repeat:repeat-x; background-position:top"> <div class="floatLeft"> <img src="images/logo.png" alt="InsuranceCo - Insuring the security of your future"> </div>
/** * Controlling vars */ $returnLocation = "../medical/patient_search_form.php"; /** * Checking for post vars. Go back to form if none found. */ if (count($_POST) == 0) { header("Location: " . $returnLocation); exit; } /** * Checking permissions */ require_once "../auth/login_check.php"; loginCheck(OPEN_PROFILE_ADMINISTRATIVE); require_once "../lib/Form.php"; Form::compareToken('../medical/patient_search_form.php'); require_once "../model/Query/History.php"; require_once "../model/Query/Page/Patient.php"; require_once "../model/Query/Relative.php"; // referencial integrity require_once "../model/Query/DelPatient.php"; require_once "../model/Query/Page/Problem.php"; // referencial integrity require_once "../model/Query/DelProblem.php"; // referencial integrity require_once "../model/Query/Page/Record.php"; /** * Retrieving post vars */
function easyRegister($userid, $firstname, $lastname, $email, $image, $login_type) { if ($login_type == '2') { $queryString = "select username,password from coupons_users where username='******' "; } else { $queryString = "select username,password from coupons_users where email='" . $email . "' and login_type='" . $login_type . "'"; } $resultSet = mysql_query($queryString); if (mysql_num_rows($resultSet) > 0) { $noticia = mysql_fetch_array($resultSet); loginCheck($noticia['username'], $noticia['password']); } else { if (!empty($email)) { $query_email = "select email from coupons_users where email='" . $email . "'"; $result_email = mysql_query($query_email); if (mysql_num_rows($result_email) > 0) { set_response_mes(-1, 'Email Already Exist'); ?> <script type="text/javascript"> window.opener.location = '/'; window.close(); </script> <?php exit; } } $roleid = 4; $uid = maxUserId() + 1; $ranval = referral_ranval(); $firstname = htmlentities($firstname, ENT_QUOTES); $lastname = htmlentities($lastname, ENT_QUOTES); $queryString = "insert into coupons_users\n (username,password,email,user_role,created_by,created_date,user_status,firstname,lastname,referral_id,login_type) values\n ('{$userid}','798449d5cc26268f9a3aaa356b639ca6','{$email}',{$roleid},{$uid},now(),'A','{$firstname}','{$lastname}','{$ranval}','{$login_type}')"; $resultset = mysql_query($queryString) or die(mysql_error()); $insert_id = mysql_insert_id(); $img = DOCUMENT_ROOT . '/uploads/profile_images/' . $insert_id . '.jpg'; $user_img = file_get_contents($image); file_put_contents($img, $user_img); loginCheck($userid, '798449d5cc26268f9a3aaa356b639ca6'); } }
<?php /* SQL Buddy - Web based MySQL administration http://www.sqlbuddy.com/ import.php - import from file MIT license 2008 Calvin Lough <http://calv.in> */ include "functions.php"; loginCheck(); ?> <div class="import"> <div id="importMessage" style="display: none; margin-bottom: 11px"></div> <h4><?php echo __("Import"); ?> </h4> <form id="importForm" onsubmit="startImport()" action="ajaximportfile.php?db=<?php if (isset($db)) { echo $db; } ?> &table=<?php if (isset($table)) { echo $table;
* @package OpenClinic * @copyright 2002-2008 jact * @license http://www.gnu.org/copyleft/gpl.html GNU GPL * @version CVS: $Id: test_list.php,v 1.37 2008/03/23 12:00:18 jact Exp $ * @author jact <*****@*****.**> */ /** * Controlling vars */ $tab = "medical"; $nav = "problems"; /** * Checking permissions */ require_once "../auth/login_check.php"; loginCheck(OPEN_PROFILE_DOCTOR, false); // Not in DEMO to prevent users' malice require_once "../model/Query/Test.php"; require_once "../model/Patient.php"; require_once "../model/Problem.php"; /** * Retrieving vars (PGS) */ $idProblem = Check::postGetSessionInt('id_problem'); $idPatient = Check::postGetSessionInt('id_patient'); $patient = new Patient($idPatient); if ($patient->getName() == '') { FlashMsg::add(_("That patient does not exist."), OPEN_MSG_ERROR); header("Location: ../medical/patient_search_form.php"); exit; }
<?php include '../setup.php'; require $root . '../../database.php'; $permission = loginCheck($session); if ($permission != FALSE && status() == "voting" || $permission == "admin") { ?> <div id="background" style="width:94%;background:#d5d5d5;padding:3%;"> <div id="cards"></div> <div style="margin:auto;width:50%;display:flex;justify-content:space-around"> <button type="button" id="submit" style="flex-basis:40%" >Submit Vote</button> <button type="button" id="withdraw" style="flex-basis:40%" >Withdraw Vote</button> </div> </div> <?php }
<?php ob_start(); require '../setup.php'; ob_end_clean(); // supresses output. if (loginCheck($session) == "admin") { if (isset($_POST['updateID'])) { $sql = 'INSERT INTO timings VALUES (' . $_POST['updateID'] . ',"' . $_POST['roll_call_start'] . '","' . $_POST['roll_call_end'] . '","' . $_POST['voting_start'] . '","' . $_POST['voting_end'] . '" ,"' . $_POST['results_start'] . '", "' . $_POST['results_end'] . '") ON DUPLICATE KEY UPDATE Roll_Call_Start=VALUES(Roll_Call_Start), Roll_Call_End=VALUES(Roll_Call_End), Voting_Start=VALUES(Voting_Start), Voting_End=VALUES(Voting_End), Results_Start=VALUES(Results_Start), Results_End=VALUES(Results_End)'; $result = query($sql); if ($result == 1) { header("location: ../admin-console.php"); } else { echo "Something went wrong. SQL call:<br>" . $sql . "<br>Result:<br>" . $result; $_SESSION['ERROR'] = "adminhandler.php went wrong. SQL call:<br>" . $sql . "<br>Result:<br>" . $result; } } else { echo "ERROR: Unknown request"; $_SESSION['ERROR'] = "adminhandler.php reported an unknown request"; } } else { echo "You do not have sufficient permissions to do this";