<?php include '../config.php'; include '../function.php'; $alert = array(); $isSuccess = true; if (isset($_POST)) { $fhref = 'cancel_debtpayment.php'; $flogin = $_SESSION['login']; $privCheck = privilegeCheck($mysqli, $fhref, $flogin['user_id']); if ($privCheck['result'] == 'success') { $go = true; $currpagedata = $privCheck['data']; $fid = $mysqli->real_escape_string(strtoupper($_POST['input']['id'])); $fdescription = $mysqli->real_escape_string($_POST['input']['description']); // Checking Validation if (strlen($fid) < 10) { $alert[] = array('type' => 'danger', 'message' => 'Panjang Kode Pembayaran Utang minimal 10 karakter!'); $go = false; } if (strlen($fdescription) < 4) { $alert[] = array('type' => 'danger', 'message' => 'Panjang Keterangan minimal 4 karakter!'); $go = false; } if ($go == true) { $sQuery = "SELECT debtpayment_id FROM tdebtpayment WHERE debtpayment_id='{$fid}' AND debtpayment_status = 'posted'"; if ($sResult = $mysqli->query($sQuery)) { if ($sResult->num_rows > 0) { // Update Debt Status $uQuery = "UPDATE tdebtpayment SET debtpayment_status = 'pending' WHERE debtpayment_id = '{$fid}' AND debtpayment_status = 'posted'"; if (!($uResult = $mysqli->query($uQuery))) {
<?php include 'config.php'; include 'function.php'; $pagename = strtolower(getPageName()); $pagedata = array(); if ($pagename != '404.php') { if (isset($_SESSION["login"])) { /* Privilege Check */ $fuser_id = $mysqli->real_escape_string($_SESSION['login']['user_id']); $privCheck = privilegeCheck($mysqli, $pagename, $fuser_id); if ($privCheck['result'] == 'success') { $pagedata = $privCheck['data']; $fpageid = $pagedata['id']; $flogindate = date("Y-m-d H:i:s"); $query = "UPDATE tuser SET user_status = 'Online', module_id = '{$fpageid}', user_accessdate = '{$flogindate}' WHERE user_id='{$fuser_id}'"; if (!($result = $mysqli->query($query))) { printf("Errormessage: %s\n", $mysqli->error); } } else { if ($privCheck['result'] == '404') { header("Location: 404.php"); } else { echo $privCheck['message']; } } } else { header("Location: login.php?err=1"); } } else { $pagedata = array('category' => '404', 'name' => 'Error Page');
"> <?php echo $_SESSION['first_name'] . " " . $_SESSION['last_name']; ?> </a> </li> <li> <a href="./<?php echo $url; ?> logout"> Log out </a> </li> <?php if (privilegeCheck($mysqli, $_SESSION["id"]) == 0) { ?> <li> <a href="./admin.php">Admin</a> </li> <?php } ?> <?php if (isUserVerified($mysqli, $_SESSION["id"])) { ?> <li> <a href="./CreateAdventure.php">Create Adventure</a> </li> <?php
<?php $meta = array("<meta charset=\"UTF-8\">", "<meta http-equiv=\"X-UA-Compatible\" content=\"IE=edge\">", "<meta name=\"viewport\" content=\"width=device-width, initial-scale=1\">"); $css = array("css/bootstrap.min.css", "css/theme.min.css", "css/main.css"); $js = array("https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js", "https://maxcdn.bootstrapcdn.com/bootstrap/3.3.5/js/bootstrap.min.js", "js/main.js"); renderHeader("Admin Tools", $meta, $css, $js); ?> <body> <?php require_once "../resources/templates/menu.php"; ?> <div class="container"> <div class="row"> <?php if ($login->isUserLoggedIn() and isset($_SESSION['id']) and privilegeCheck($mysqli, $_SESSION['id']) == 0) { ?> <h1>Hello Boss xD</h1> <div id="admId" class="hidden"><?php echo $_SESSION['id']; ?> </div> <h2>Vew users</h2> <div class="col-md-12"> <div class="panel panel-default"> <div class="panel-heading" role="tab"> <h4 class="panel-title"> <a class="collapsed" id="usersTitle" role="button" data-toggle="collapse" href="#usersPanel" aria-expanded="false" aria-controls="usersPanel">Not verified users</a> </h4>
if ($stmt) { $cov = 1; $stmt->bind_param("iissi", $userID, $adventure_id, $ext, $dateNow, $cov); if ($stmt->execute()) { $id = $stmt->insert_id; $success = TRUE; } } // On this example, obtain safe unique name from its binary data. if ($success) { if (!move_uploaded_file($photoFile['tmp_name'], sprintf('./img/contents/%s.%s', $id, $ext))) { throw new RuntimeException('Failed to move uploaded file.'); } } else { echo "nothing inserted into db"; } echo 'File is uploaded successfully.'; } catch (RuntimeException $e) { echo $e->getMessage(); } } if (privilegeCheck($mysqli, $userID) != 0) { $stmt = new mysqli_stmt($mysqli, "UPDATE users SET privilege = ? WHERE id = ? "); if ($stmt) { $priv = 1; $stmt->bind_param("ii", $priv, $userID); $stmt->execute(); } } $str = 'Location: ./adventure.php?id=' . $adventure_id; header($str);
<?php } ?> <?php } ?> <?php } ?> <?php if ($login->isUserLoggedIn() == true) { if (privilegeCheck($mysqli, $_SESSION['id']) == 0 || $adventureUserID == $_SESSION['id']) { ?> <!-- Trigger the modal with a button --> <button type="button" class="btn btn-info btn-lg" data-toggle="modal" data-target="#myModal">Edit Info </button> <form class="form" name="upload_file" method="post" action="./php/upload_photo.php" enctype="multipart/form-data"> <label class="label">upload photo</label> <input class="" type="hidden" name="user_id" value="<?php echo $_SESSION['id']; ?> "> <input class="" type="hidden" name="adv_id" value="<?php echo $adv_id; ?> ">
* Created by PhpStorm. * User: piotr * Date: 14/12/2015 * Time: 14:26 */ require_once "../../resources/config.php"; require_once "./db_connect.php"; require_once "../../resources/library/functions.php"; // prepare result array $result = array("success" => FALSE, "errors" => NULL); if ($_POST['adminId']) { // get POST data (ids) $adminId = $_POST['adminId']; $userToVerifyId = $_POST['userToVerifyId']; // check if the admin is really the admin if (privilegeCheck($mysqli, $adminId) == 0) { // prepare stmt $stmt = new mysqli_stmt($mysqli, "UPDATE users SET verified=? WHERE id = ?"); if ($stmt) { $verified = 1; $stmt->bind_param("ii", $verified, $userToVerifyId); if ($stmt->execute()) { $result['success'] = TRUE; } else { $result["errors"] = "user is not an admin"; } } } else { $result["errors"] = "user is not an admin"; } } else {