Пример #1
0
 private function addEntry()
 {
     // Get parameters
     $acronym = isset($_POST['acronym']) ? $_POST['acronym'] : null;
     $name = isset($_POST['name']) ? $_POST['name'] : null;
     $password = isset($_POST['password']) ? $_POST['password'] : null;
     $confirm = isset($_POST['confim_password']) ? $_POST['confim_password'] : null;
     $image = isset($_POST['image']) ? $_POST['image'] : null;
     $type = isset($_POST['type']) ? $_POST['type'] : null;
     $image = CEditMovies::addFolder($image);
     if ($password !== $confirm) {
         header("Location: " . getCurrentUrl() . "&fail&error=Löseorden matchar inte.");
     }
     $sql = "SELECT acronym FROM rm_user;";
     $res = $this->db->ExecuteSelectQueryAndFetchAll($sql);
     $users = null;
     foreach ($res as $val) {
         $users[] = $val->acronym;
     }
     if (in_array($acronym, $users)) {
         header("Location: " . getCurrentUrl() . "&fail&error=Användarnamnet finns redan.");
     }
     $sql = "INSERT INTO rm_user (acronym, name, type, image, since, salt) VALUES\n    (?, ?, ?, ?, NOW(), unix_timestamp());";
     $params = array($acronym, $name, $type, $image);
     $res = $this->db->ExecuteQuery($sql, $params);
     if ($res) {
         $sql = "UPDATE rm_user SET password = md5(concat(?, salt)) WHERE acronym = ?;";
         $params = array($password, $acronym);
         $res = $this->db->ExecuteQuery($sql, $params);
         if ($res) {
             header("Location: edit_users.php");
         } else {
             header("Location: " . getCurrentUrl() . "&fail");
         }
     } else {
         header("Location: " . getCurrentUrl() . "&fail");
     }
 }
Пример #2
0
 * This is a Hera pagecontroller.
 *
 */
// Include the essential config-file which also creates the $anax variable with its defaults.
include __DIR__ . '/config.php';
$hera['javascript_include'][] = 'js/checkbox.js';
// add style for forms
$hera['stylesheets'][] = 'css/forms.css';
$hera['stylesheets'][] = 'css/tables.css';
$hera['title'] = "Hantera filmer";
// Database
$db = new CDatabase($hera['database']);
//login-info
$user = new CUser($db);
//edit class
$edit = new CEditMovies($db);
if ($user->IsAuthenticated()) {
    if (isset($_GET['new'])) {
        $hera['main'] = $edit->printAndPostAdd();
    } elseif (isset($_GET['delete'])) {
        $edit->getEntryByID($_GET['delete']);
        $hera['main'] = $edit->printAndPostDelete();
    } elseif (isset($_GET['id'])) {
        $edit->getEntryByID($_GET['id']);
        $hera['main'] = $edit->printAndPostUpdate();
    } else {
        if (isset($_GET['publish'])) {
            $edit->publish($_GET['publish']);
        }
        $list = $edit->getAllAsList();
        $new = $user->IsAdmin() ? "<p><a class='as-button' href='?new'>Lägg till en ny film</a></p>" : "<p>För att skapa, radera och ändra filmer behöver man vara inloggad som admin.</p>";