$addfname = "";
$addsname = "";
$addemail = "";
$addpass = "";
$editfname = "";
$editsname = "";
$editemail = "";
$editpass = "";
$editmsg = "";
$addmsg = "";
$addcheck = 1;
$editcheck = 1;
$search = "";
$rowsonpage = 5;
if (!isset($_SESSION["managerID"])) {
smartRedirect("index.php");
} else {
$managerID = $_SESSION["managerID"];
$select = pg_query($db, "SELECT id,email,firstname,surname,password FROM managers where id='{$managerID}'");
if (!$select) {
echo "An error occurred with the database.\n";
}
if ($row = pg_fetch_row($select)) {
if (isset($_POST["deleteMem"])) {
$id = $_POST["id"];
$delete = pg_query($db, "DELETE FROM members WHERE id={$id}");
$select = pg_query($db, "SELECT member_id FROM taskelementcomments where member_id={$id}");
if ($row = pg_fetch_row($select)) {
$delete = pq_query($db, "DELETE FROM taskelementcomments WHERE member_id={$id}");
}
$select = pg_query($db, "SELECT member_id FROM taskelementmembers where member_id={$id}");
<?php
// for posting through the callback
// switch on p and o
function smartRedirect($url)
{
if (headers_sent()) {
echo '<script type="text/javascript">window.location = "' . $url . '";</script>';
die;
} else {
@header("Location: " . $url);
}
}
switch ($o) {
case 'challenge':
$passback = '';
require_once PATH_FACEBOOK . '/pages/pageChallengeSubmit.class.php';
$b = pageChallengeSubmit::processChallengeSubmit($code, $passback);
$msg = urlencode($code);
if ($b) {
smartRedirect(URL_CANVAS . "/?p=profile&memberid={$_POST['fb_sig_user']}&message={$msg}");
} else {
smartRedirect(URL_CANVAS . "/?p=challengeSubmit&id={$_POST['challengeid']}&message={$msg}" . $passback);
}
break;
default:
break;
}
$regmsg = "One or more of your inputs were incorrect!";
}
}
if (isset($_POST["signin"])) {
$emailsign = $_POST["emailsign"];
$passsign = $_POST["passsign"];
if (filter_var($emailsign, FILTER_VALIDATE_EMAIL) !== false && preg_match("[a-zA-Z0-9@#\$%^&*_-!?<>]", $passsign) !== false) {
$filtemailsign = pg_escape_literal($emailsign);
$select = pg_query($db, "SELECT id,email,password FROM managers where email={$filtemailsign}");
if (!$select) {
$signmsg = "An error occurred with the database.";
}
if ($row = pg_fetch_row($select)) {
if (password_verify($passsign, $row[2]) !== false) {
$_SESSION["managerID"] = $row[0];
smartRedirect("tasks.php");
} else {
$signmsg = "Wrong password of manager!";
}
} else {
$signmsg = "No manager with such name exists!";
}
} else {
$signmsg = "One or more of your inputs were incorrect!";
}
}
pg_close($db);
?>
<h1>TaskerMAN</h1>
<div class="signF">
<br>
function logout()
{
$_SESSION = array();
session_destroy();
smartRedirect("index.php");
}
