function getSetting($name) { $results = databaseQuery("SELECT value FROM settings WHERE name=%s", $name); if ($results == NULL) { return ""; } $result = databaseFetchAssoc($results); return $result['value']; }
?> <span style="color: #ff0000">Missing fields.</span><?php exit; } if (!filter_var($contact, FILTER_VALIDATE_EMAIL)) { $contact = preg_replace("/[^0-9]/", "", $contact); if (strlen($contact) == 7) { $contact = "256" . $contact; } else { if (strlen($contact) != 10) { ?> <span style="color: #ff0000">Invalid contact info.</span><?php exit; } } } $rsvps = databaseQuery("SELECT * FROM rsvp WHERE meeting=%s AND contact=%s", $id, $contact); $rsvp = databaseFetchAssoc($rsvps); if ($rsvp != NULL) { databaseQuery("UPDATE rsvp SET choice=%s WHERE meeting=%s AND contact=%s", $choice, $id, $contact); ?> <span style="color: #00ff00">Your RSVP was updated.</span><?php } else { databaseQuery("INSERT INTO rsvp (meeting,name,contact,choice,date) VALUES (%s,%s,%s,%s,%s)", $id, $name, $contact, $choice, $_MGM['time']); ?> <span style="color: #00ff00">Your RSVP was submitted.</span><?php } } } } exit;
<?php // // rsvp.php // IT Club // // Copyright (c) 2015, Mr. Gecko's Media (James Coleman) // All rights reserved. // // RSVP Center. // require_once "header.php"; if (!empty($_MGM['path'][1]) && intVal($_MGM['path'][1]) != 0) { $meetings = databaseQuery("SELECT * FROM meetings WHERE id=%s", $_MGM['path'][1]); $meeting = databaseFetchAssoc($meetings); ?> <style type="text/css"> #rsvp_form { margin: 0 auto; width: 280px; padding: 20px; border-radius: 20px; background: #ffffff; } .rsvp_option { display: inline; } </style> <br /> <div id="rsvp_form"> <h4 style="text-align: center;">Meeting RSVP for<br /><?php
// // login.php // IT Club // // Copyright (c) 2015, Mr. Gecko's Media (James Coleman) // All rights reserved. // // The log in page. // $error = ""; if (isset($_REQUEST['login'])) { $email = isset($_REQUEST['email']) ? trim($_REQUEST['email']) : ""; $password = isset($_REQUEST['password']) ? trim($_REQUEST['password']) : ""; $result = databaseQuery("SELECT * FROM users WHERE email=%s AND level!=0", $email); $user = databaseFetchAssoc($result); if ($user == NULL) { $error = "Invalid login credentials."; } else { $salt = substr($user['password'], 0, 12); $epassword = $salt . hashPassword($password, hex2bin($salt)); if ($epassword != $user['password']) { $error = "Invalid login credentials."; } else { databaseQuery("UPDATE users SET time=%d WHERE email=%s", $_MGM['time'], $email); setcookie("{$_MGM['CookiePrefix']}user_email", $email, $_MGM['time'] + 31536000, $_MGM['CookiePath'], $_MGM['CookieDomain']); setcookie("{$_MGM['CookiePrefix']}user_password", hash("sha512", $epassword . $_MGM['time']), $_MGM['time'] + 31536000, $_MGM['CookiePath'], $_MGM['CookieDomain']); header("location: " . generateURL("members")); exit; } }
<body> <div id="wrapper"> <nav id="sidebar-wrapper"> <ul class="sidebar-nav"> <li class="sidebar-brand"> <a href="<?php echo $_MGM['installPath']; ?> "><img src="<?php echo $_MGM['installPath']; ?> logo.png" alt="logo" id="sidebar-logo" /></a> </li> <?php $results = databaseQuery("SELECT * FROM `sidebar` ORDER BY `order`"); while ($result = databaseFetchAssoc($results)) { ?> <li class="sidebar-link"><a <?php echo substr($result['url'], 0, 1) == "/" ? "" : "target=\"_blank\""; ?> href="<?php echo htmlspecialchars($result['url'], ENT_COMPAT | ENT_HTML401, 'UTF-8', true); ?> "><?php echo htmlspecialchars($result['title'], ENT_COMPAT | ENT_HTML401, 'UTF-8', true); ?> </a></li><?php } ?> <?php if (isset($_MGM['user'])) {