function login($username, $password)
{
$con = getConnection::connectToDatabase();
getConnection::selectDatabase($con);
try {
$num = Alumni_Detail::getNoOfAlumni($username, $password);
if ($num == 1) {
$alu = Alumni_Detail::getAlumniObject($username);
if ($alu->alumni_status == 1) {
session_start();
$_SESSION['alumniuser'] = $alu;
return 1;
} else {
return 2;
}
} else {
return 0;
getConnection::closeConnection($con);
}
} catch (Exception $e) {
echo 'Message: ' . $e->getMessage();
getConnection::closeConnection($con);
}
}
<?php
if (!isset($_SERVER['HTTP_REFERER'])) {
header("location: ../../access_denied.php?data=You don't have direct access to this page");
}
require_once '../../db/alumni_detail.php';
require_once '../../db/ImageManipulator.php';
if (!isset($_SESSION)) {
session_start();
}
if (!isset($_SESSION['alumniuser'])) {
header("location:../../../talumniportal/login.php");
}
require_once '../../db/site_log_class.php';
require_once '../../db/user_class.php';
$lu = Alumni_Detail::getAlumniObject($_SESSION['alumniuser']->alumni_uname);
define('INCLUDE_CHECK', true);
if (isset($_POST['opassword'])) {
$oldpassword = $_POST['opassword'];
} else {
die("Enter old Password");
}
if (sha1($oldpassword) != $lu->alumni_password) {
die("wrong current password");
}
if (isset($_POST['password'])) {
$password = $_POST['password'];
} else {
die("Enter new Password");
}
if (isset($_POST['confirmPassword'])) {
$cpassword = $_POST['confirmPassword'];
<?php
if (isset($_POST['page'])) {
$page = $_POST['page'];
} else {
header('Location: index.php');
}
if (trim($page) == "blog") {
if (isset($_POST['id'])) {
$id = $_POST['id'];
}
require_once '../CMS/db/alumni_blog.php';
require_once '../CMS/db/alumni_detail.php';
$blog = Alumni_Blog::getBlogObject($id);
if ($blog === 0) {
die("No blog with this id.");
}
if ($blog->alumni_blog_status == 0 || $blog->alumni_blog_status == "0") {
die("This blog is not approved yet");
}
$alumni = Alumni_Detail::getAlumniObject($blog->alumni_uname);
echo " <h3>Alumni Blog</h3><hr /><br /><div class='articles'>\r\n <article class='clearfix'>\t\t\t\r\n <header>\r\n <span class='post-format-quote'></span>\r\n <h1><a href='BlogPost.php'>" . trim($blog->alumni_blog_subject) . "</a></h1>\r\n <p class='article-meta-extra'> " . date("F jS, Y", strtotime($blog->alumni_blog_date)) . ", by <a href=''>{$alumni->alumni_first_name} {$alumni->alumni_last_name}</a></p>\r\n\r\n </header>\r\n\r\n <figure class='article-preview-image'>\r\n <a href=''><img src='../cms/{$alumni->alumni_photo_url}' alt='Preview image'></a>\r\n </figure>\r\n\r\n <p>" . trim($blog->alumni_blog_detail) . "</p>\r\n\r\n </article> <hr class='fancy-hr'></div>";
}
<?php
//if(!isset($_SERVER['HTTP_REFERER'])){
// header("location: ../../access_denied.php?data=You don't have direct access to this page");
//}
require_once 'db/alumni_detail.php';
define('INCLUDE_CHECK', true);
if (!isset($_GET['id'])) {
die("go to blog management page");
}
$id = $_GET['id'];
$de = Alumni_Detail::getAlumniObject($id);
if ($de == "No Alumni's are Added Yet") {
die("No Alumni's are Added Yet");
} else {
?>
<image src="<?php
echo $de->alumni_photo_url;
?>
" />
<?php
if ($de->alumni_resume_url != NULL) {
?>
<a href="<?php
echo $de->alumni_resume_url;
?>
" >view resume</a><?php
}
?>
<label for="userName">Username<span style="color:red;">*</span>:</label>
<input type="text" readonly="true" id="userName" value="<?php