function print_mytasks_page()
{
//jak wcisniety byl przycisk to wywolaj kasowanie zadan
if (isset($_POST['del_task_submit'])) {
del_finished_tasks();
}
if (isset($_POST['cancel_task_submit'])) {
cancel_task();
}
if ($_SESSION['access_level'] >= 100) {
$query = "SELECT \r\n id_user,\r\n user_name, \r\n user_imie, \r\n user_nazwisko, \r\n user_dzial\r\n FROM sms.users;";
$users = get_from_db($query);
echo '<table class="content">
<tr></tr>
<tr>
<td>
<form action="index.php" method="POST">
<select name="find_user_id">
<option value="' . $_SESSION["user_name"] . '">Moje -> ' . $_SESSION["user_name"] . '</option>
<option value="*">Wszystkie</option>';
foreach ($users as $single_user_row) {
echo '<option value="' . $single_user_row["id_user"] . '">' . $single_user_row["user_name"] . ' @ ' . $single_user_row["user_imie"] . ' ' . $single_user_row["user_nazwisko"] . ' ' . $single_user_row["user_dzial"] . '</option>';
}
echo '
</select>
<input type="hidden" name="kat" value="mytasks"/>
<input style="width: 100px;"type="submit" value="Wyszukaj" name="find_user"/>';
//akt user
//all
//z bazy
if (isset($_POST['find_user_id']) && !empty($_POST['find_user_id'])) {
if ($_POST['find_user_id'] === $_SESSION['id_user']) {
$dbres["user_name"] = $_SESSION['user_name'];
} else {
if ($_POST['find_user_id'] === '*') {
$dbres["user_name"] = 'wszystkie';
} else {
$selected_user_id = $_POST['find_user_id'];
$dbres = find_user_by_id($selected_user_id);
}
}
} else {
$dbres["user_name"] = $_SESSION['user_name'];
}
//if(isset($_SESSION['id_user'])&&!empty($_SESSION['id_user'])){ $selected_user = $_SESSION['id_user'];}
echo '<p class="msg">Wybrany użytkownik: ' . $dbres["user_name"] . '</p>';
echo '</form>
</td>
</tr>
</table>';
}
print_current_tasks();
print_mytasks();
}
<?php
require_once "../../includes/sessions.php";
require_once "../../includes/db_connect.php";
require_once "../../includes/functions.php";
require_once "../../includes/validations_functions.php";
include "../../includes/layouts/page_header.php";
logged_in();
if (isset($_GET["userid"])) {
$current_user = find_user_by_id($_GET["userid"]);
} else {
$current_user = null;
}
if (!$current_user["id"]) {
redirect_to("manage_users.php");
}
?>
<?php
if (isset($_POST['submit'])) {
$username = mysqli_prep($_POST["username"]);
$password = password_encrypt($_POST["password"]);
$required_fields = array("username", "password");
validate_presences($required_fields);
$field_with_max_lengths = array("username" => 60);
validate_max_lengths($field_with_max_lengths);
if (empty($errors)) {
$id = $current_user["id"];
$update_query = "UPDATE users SET ";
$update_query .= "username = '******', ";
$update_query .= "hashed_password = '******' ";
function make_comment_from_id($comment_id)
{
$comment = get_comment_by_id($comment_id);
$user = find_user_by_id($comment["user_id"]);
$votes = get_votes_by_comment_id($comment_id);
$formatted_votes = format_votes($votes);
$avatar = get_user_avatar($comment["user_id"])["file_path"];
// bug where time since doesn;'t show, figure it out later (edit, this fixes that)
$time = format_time_in_words(strtotime($comment["date"]));
if ($time == "") {
$time_text = "now";
} else {
$time_text = $time . " ago ";
}
$output = "<div class=\"row comment_output_panel\" data-comment-id=\"{$comment_id}\">";
$output .= "<div>";
$output .= "<img class=\"left\" src=\"" . $avatar . "\"/>";
$output .= "</div>";
$output .= "<div class=\"comment_output\">";
$output .= "<div ><span class=\"comment_output_info_label\">";
$output .= "<a href=\"user.php?user="******"user_id"] . "\">" . $user["username"] . "</a>";
$output .= "</span> ";
$output .= "<span> " . $time_text . " </span></div>";
$output .= "<div>";
$output .= $comment["text"];
$output .= "</div>";
$output .= "<div class=\"vote_panel\">";
$output .= "<span class=\"upvote_button ";
if (user_logged_in() && already_upvoted($_SESSION["user_id"], $comment_id)) {
$output .= "upvote_button_clicked";
}
$output .= "\">";
$output .= "<i class=\"fi-like\" ></i> Upvote <span class=\"vote_display_box ";
if ($votes != "null" && (int) $votes > 0) {
$output .= " positive_votes ";
} else {
if ($votes != "null" && (int) $votes < 0) {
$output .= " negative_votes ";
} else {
if ($votes != "null" && (int) $votes == 0) {
$output .= " zero_votes ";
}
}
}
$output .= "\" >" . $formatted_votes . "</span>";
$output .= "</span>";
$output .= "<span class=\"downvote_button ";
if (user_logged_in() && already_downvoted($_SESSION["user_id"], $comment_id)) {
$output .= "downvote_button_clicked";
}
$output .= "\">";
$output .= "<i class=\"fi-dislike\" > </i>";
$output .= "</span>";
$output .= "</div>";
$output .= "</div>";
$output .= "</div>";
return $output;
}
<?php
session_start();
include 'filters/user_filter.php';
require 'config/dbconnect.php';
require 'includes/functions.php';
require 'includes/constants.php';
require 'initialization/locale.php';
if (!empty($_GET['id'])) {
//Dans le cas où l'utilisateur existe, on va récupérer les infos sur lui en BDD en utilisant son id
$user = find_user_by_id($_GET['id']);
//var_dump($user->firstname);
//die();
if (!$user) {
redirect('index.php');
}
} else {
redirect('profile.php?id=' . get_session('user_id'));
//Sinon, on le redirige avec le bon id
}
require 'views/profile.view.php';
function find_appointment($cid, $app)
{
$fields = array('ActionDate', 'ActionType', 'ActionDescription', 'ContactId', 'EndDate', 'ContactId', 'UserId');
$query = array('UserID' => $cid, IsAppointment => 1);
$result = $app->dsQuery('ContactAction', 10000, 0, $query, $fields);
if ($cid == 0) {
$query = array(IsAppointment => 1);
}
$result = $app->dsQuery('ContactAction', 10000, 0, $query, $fields);
//echo "nombre de rendez vous pour cet utilisateur ". $count=count($result)." <br>";
// $contact=find_contact_by_id($app,)
//echo json_encode($result);
// echo ($result->ActionDate);
//echo json_encode( $result);
$apointment = array();
$count = count($result);
for ($x = 0; $x < $count; $x++) {
$user = find_user_by_id($app, $result[$x]['UserId'])[0];
$contact = find_contact_by_id($app, $result[$x]['ContactId'])[0];
$apointment[$x]['start'] = (string) date('c', strtotime($result[$x]['ActionDate']));
$apointment[$x]['end'] = (string) date('c', strtotime($result[$x]['EndDate']));
//$apointment[$x]['description']= $result[$x]['ActionDescription'];
$apointment[$x]['user'] = $user['FirstName'] . " " . $user['LastName'];
$apointment[$x]['contact'] = $contact['FirstName'] . " " . $contact['LastName'];
$apointment[$x]['title'] = $result[$x]['ActionDescription'];
}
echo json_encode($apointment);
}
<?php
require_once "functions.php";
require_once "db_connection.php";
require_once "session.php";
if (!isset($_SESSION['id'])) {
redirect_to("index.php");
} else {
// fill the form
$result = find_user_by_id($_SESSION['id']);
$old_info = mysqli_fetch_row($result);
}
if (isset($_POST["edit"])) {
$errors = array();
//errors array
validate_fields($_POST);
if (!empty($_FILES["avatar"]["name"])) {
validate_uploaded_image($_FILES["avatar"]);
// validate the extension
}
if (empty($errors)) {
// try to register
$id = $_SESSION['id'];
$firstname = mysqli_real_escape_string($db, $_POST["firstname"]);
// to avoid SQL INjection
$lastname = mysqli_real_escape_string($db, $_POST["lastname"]);
$password = password_hash($_POST["password"], PASSWORD_DEFAULT);
$email = mysqli_real_escape_string($db, $_POST["email"]);
$credit = $_POST['credit'];
if ($_FILES["avatar"]["name"] !== "") {
$old_image = get_user_avatar($_SESSION['id']);
<?php
require_once "../includes/session.php";
require_once "../includes/db_connection.php";
require_once "../includes/functions.php";
require_once "../includes/validation_functions.php";
?>
<?php
confirm_logged_in();
?>
<?php
$user = find_user_by_id($_GET["id"]);
if (!$user) {
redirect_to("manage_users.php");
}
?>
<?php
if (isset($_POST['submit'])) {
// Process the form
// Validations
$required_fields = array("username", "password");
validate_presences($required_fields);
$fields_with_max_lengths = array("username" => 30);
validate_max_lengths($fields_with_max_lengths);
if (empty($errors)) {
//Perform Update
$id = $user["id"];
$username = mysql_prep($_POST["username"]);
function get_user_credit($user_id)
{
$result = find_user_by_id($user_id);
$user = mysqli_fetch_row($result);
return $user[5];
}
<?php
require_once "../includes/session.php";
require_once "../includes/db_connection.php";
require_once "../includes/functions.php";
if (!isset($_GET["user"])) {
set_error_output("No user selected");
} else {
$user = find_user_by_id($_GET["user"]);
if (!$user) {
set_error_output("User not found. ");
} else {
if ($user["id"] == $_SESSION["user_id"]) {
$users_profile = true;
} else {
$users_profile = false;
}
}
}
include "../includes/layouts/header.php";
?>
<div class="row">
<div class="large-4 columns">
<div class="panel">
<h2><?php
echo $user["username"];
?>
</h2>
<img src="<?php
echo get_user_avatar($user["id"])["file_path"];
