$addfname = ""; $addsname = ""; $addemail = ""; $addpass = ""; $editfname = ""; $editsname = ""; $editemail = ""; $editpass = ""; $editmsg = ""; $addmsg = ""; $addcheck = 1; $editcheck = 1; $search = ""; $rowsonpage = 5; if (!isset($_SESSION["managerID"])) { smartRedirect("index.php"); } else { $managerID = $_SESSION["managerID"]; $select = pg_query($db, "SELECT id,email,firstname,surname,password FROM managers where id='{$managerID}'"); if (!$select) { echo "An error occurred with the database.\n"; } if ($row = pg_fetch_row($select)) { if (isset($_POST["deleteMem"])) { $id = $_POST["id"]; $delete = pg_query($db, "DELETE FROM members WHERE id={$id}"); $select = pg_query($db, "SELECT member_id FROM taskelementcomments where member_id={$id}"); if ($row = pg_fetch_row($select)) { $delete = pq_query($db, "DELETE FROM taskelementcomments WHERE member_id={$id}"); } $select = pg_query($db, "SELECT member_id FROM taskelementmembers where member_id={$id}");
<?php // for posting through the callback // switch on p and o function smartRedirect($url) { if (headers_sent()) { echo '<script type="text/javascript">window.location = "' . $url . '";</script>'; die; } else { @header("Location: " . $url); } } switch ($o) { case 'challenge': $passback = ''; require_once PATH_FACEBOOK . '/pages/pageChallengeSubmit.class.php'; $b = pageChallengeSubmit::processChallengeSubmit($code, $passback); $msg = urlencode($code); if ($b) { smartRedirect(URL_CANVAS . "/?p=profile&memberid={$_POST['fb_sig_user']}&message={$msg}"); } else { smartRedirect(URL_CANVAS . "/?p=challengeSubmit&id={$_POST['challengeid']}&message={$msg}" . $passback); } break; default: break; }
$regmsg = "One or more of your inputs were incorrect!"; } } if (isset($_POST["signin"])) { $emailsign = $_POST["emailsign"]; $passsign = $_POST["passsign"]; if (filter_var($emailsign, FILTER_VALIDATE_EMAIL) !== false && preg_match("[a-zA-Z0-9@#\$%^&*_-!?<>]", $passsign) !== false) { $filtemailsign = pg_escape_literal($emailsign); $select = pg_query($db, "SELECT id,email,password FROM managers where email={$filtemailsign}"); if (!$select) { $signmsg = "An error occurred with the database."; } if ($row = pg_fetch_row($select)) { if (password_verify($passsign, $row[2]) !== false) { $_SESSION["managerID"] = $row[0]; smartRedirect("tasks.php"); } else { $signmsg = "Wrong password of manager!"; } } else { $signmsg = "No manager with such name exists!"; } } else { $signmsg = "One or more of your inputs were incorrect!"; } } pg_close($db); ?> <h1>TaskerMAN</h1> <div class="signF"> <br>
function logout() { $_SESSION = array(); session_destroy(); smartRedirect("index.php"); }