function getConfirmPassword()
{
$COMMON = new Common($debug);
$sql = "SELECT * FROM `Proj2Advisors` WHERE `New` = 'true'";
$rs = $COMMON->executeQuery($sql, "Advising Appointments");
$row = mysql_fetch_row($rs);
return $row[5];
}
function getAdvisor()
{
$COMMON = new Common($debug);
$sID = $_SESSION["studID"];
$sql = "select * from Proj2Students where `StudentID` = '{$sID}'";
$rs = $COMMON->executeQuery($sql, $_SERVER["SCRIPT_NAME"]);
$row = mysql_fetch_row($rs);
return $row[7];
}
function getStudent()
{
$debug = false;
$COMMON = new Common($debug);
//Use this as base for student access method
$sql = "select * from Proj2Students where `StudentID` = '{$this->ID}'";
$rs = $COMMON->executeQuery($sql, $_SERVER["SCRIPT_NAME"]);
$studRow = mysql_fetch_row($rs);
return $studRow;
//end
}
function stage2($_POST)
{
global $debug;
include '../../CommonMethods.php';
$COMMON = new Common($debug);
$sql = "insert into `work_orders` (`id`, `url`, `description`, `priority`, `author`, `time_entered`) values (null, '" . $_POST['url'] . "', '" . $_POST['description'] . "', '" . $_POST['priority'] . "', '" . $_SESSION['UserN'] . "', CURRENT_TIMESTAMP)";
$rs = $COMMON->executeQuery($sql, $_SERVER['SCRIPT_NAME']);
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8" />
<title>Work order</title>
<script type="text/javascript">
function saveValue(target){
var stepVal = document.getElementById(target).value;
alert("Value: " + stepVal);
}
</script>
<link rel='stylesheet' type='text/css' href='../css/standard.css'/>
</head>
<body>
<div id="login">
Thank you. Work order entered.
<form action="">
<input type="submit" name="home" class="button large" value="Close" onClick="window.close()">
</form>
</div>
</div>
</body>
</html>
<?php
$message = "From: " . $_SESSION['userN'] . "\n\r Priority: " . $_POST['priority'] . "\n\r " . $_POST['description'];
mail("*****@*****.**", "Work Order for COE Advising", $message);
}
<?php
session_start();
/*Set our session variables
$_SESSION["firstN"] = strtoupper($_POST["firstN"]);
$_SESSION["lastN"] = strtoupper($_POST["lastN"]);
$_SESSION["email"] = $_POST["email"];
$_SESSION["major"] = $_POST["major"];*/
//Set our local variables
$firstn = strtoupper($_POST["firstN"]);
$lastn = strtoupper($_POST["lastN"]);
$studid = $_SESSION["studID"];
$email = $_POST["email"];
$major = $_POST["major"];
$debug = false;
include '../CommonMethods.php';
$COMMON = new Common($debug);
//If the student exists, update their information
//if($_SESSION["studExist"] == true){
$sql = "update `Proj2Students` set `FirstName` = '{$firstn}', `LastName` = '{$lastn}', `Email` = '{$email}', `Major` = '{$major}' where `StudentID` = '{$studid}'";
$rs = $COMMON->executeQuery($sql, $_SERVER["SCRIPT_NAME"]);
//}
header('Location: 02StudHome.php');
<link rel='stylesheet' type='text/css' href='./css/standard.css'/>
</head>
<body>
<div id="login">
<div id="form">
<div class="top">
<h1>Removed Appointment</h1><br>
<div class="field">
<?php
$debug = false;
include '../CommonMethods.php';
$COMMON = new Common($debug);
$ind = $_POST["IndApp"];
parse_str($ind);
$sql = "SELECT `id` FROM `Proj2Advisors` WHERE `FirstName` = '{$row['1']}' AND `LastName` = '{$row['2']}'";
$rs = $COMMON->executeQuery($sql, "Advising Appointments");
$rod = mysql_fetch_row($rs);
$adv = $rod[0];
if ($row[4]) {
$sql = "SELECT `FirstName`, `LastName`, `Email` FROM `Proj2Students` WHERE `StudentID` = '{$row['4']}'";
$rs = $COMMON->executeQuery($sql, "Advising Appointments");
$ros = mysql_fetch_row($rs);
$std = $ros[0] . " " . $ros[1];
$eml = $ros[2];
}
$sql = "DELETE FROM `Proj2Appointments` WHERE `Time` = '{$row['0']}' AND `AdvisorID` = '{$adv}' AND `Major` = '{$row['3']}' AND `EnrolledID` = '{$row['4']}'";
$rs = $COMMON->executeQuery($sql, "Advising Appointments");
echo "Time: " . date('l, F d, Y g:i A', strtotime($row[0])) . "<br>";
echo "Advisor: {$row['1']} {$row['2']}<br>";
echo "Majors included: ";
if ($row[3]) {
<?php
session_start();
//Only student ID is created as a session variable
include '../../CommonMethods.php';
$debug = false;
$Common = new Common($debug);
$_SESSION["studID"] = strtoupper($_POST["studID"]);
$studID1 = $_SESSION["studID"];
$sql = "SELECT * FROM `Proj2Students` WHERE `StudentID` = '{$studID1}'";
$rs = $Common->executeQuery($sql, "Advising Appointments");
$row = mysql_fetch_row($rs);
if ($row) {
header('Location: 02StudHome.php');
} else {
$first = $_POST["firstN"];
$last = $_POST["lastN"];
$studID = $_SESSION["studID"];
$email = $_POST["email"];
$major = $_POST["major"];
//Else insert into the database!
$sql = "INSERT INTO `Proj2Students`(`FirstName`, `LastName`, `StudentID`, `Email`, `Major`)\n \t\t\tVALUES ('{$first}', '{$last}', '{$studID}', '{$email}','{$major}')";
//echo ("<h3>$first $last<h3>");
$rs = $Common->executeQuery($sql, "Advising Appointments");
header('Location: 02StudHome.php');
}
</script>
<link rel='stylesheet' type='text/css' href='../css/standard.css'/>
</head>
<body>
<div id="login">
<div id="form">
<div class="top">
<h2>Select which appointment you would like to change: </h2>
<div class="field">
<?php
$debug = false;
include '../CommonMethods.php';
$COMMON = new Common($debug);
$sql = "SELECT * FROM `Proj2Appointments` WHERE `AdvisorID` != '0' and `Time` > '" . date('Y-m-d H:i:s') . "' ORDER BY `Time`";
$rs = $COMMON->executeQuery($sql, "Advising Appointments");
$row = mysql_fetch_array($rs, MYSQL_NUM);
//first item in row
if ($row) {
echo "<form action=\"AdminConfirmEditInd.php\" method=\"post\" name=\"Confirm\">";
echo "<table border='1px'>\n<tr>";
echo "<tr><td width='320px'>Time</td><td>Majors</td><td>Enrolled</td></tr>\n";
//get the advisor name
$secsql = "SELECT `FirstName`, `LastName` FROM `Proj2Advisors` WHERE `id` = '{$row['2']}'";
$secrs = $COMMON->executeQuery($secsql, "Advising Appointments");
$secrow = mysql_fetch_row($secrs);
if ($row[4]) {
$trdsql = "SELECT `FirstName`, `LastName` FROM `Proj2Students` WHERE `StudentID` = '{$row['4']}'";
$trdrs = $COMMON->executeQuery($trdsql, "Advising Appointments");
$trdrow = mysql_fetch_row($trdrs);
}
}
}
//major stuff
$majorDB = "";
$majorPrint = "All";
if (!empty($majors)) {
$majorPrint = "";
foreach ($majors as $m) {
$majorDB .= $m . " ";
$majorPrint .= $m . ", ";
}
$majorPrint = substr($majorPrint, 0, -2);
}
//get advisor id
$sql = "select * from `Proj2Advisors` where `id` = '{$_SESSION["UserId"]}'";
$rs = $COMMON->executeQuery($sql, $_SERVER["SCRIPT_NAME"]);
$row = mysql_fetch_row($rs);
$id = $row[0];
/* Loop through $datetimes and create the "SELECT" query */
$selectQuery = "SELECT * from `Proj2Appointments` WHERE ";
$sentinel = 0;
foreach ($datetimes as $dt) {
// If this is the first time, don't print 'OR...'
if ($sentinel != 0) {
$selectQuery .= "OR ";
}
// Start with the parenthesises
$selectQuery .= "(";
//Check for Time
$selectQuery .= "`Time` = '";
$selectQuery .= $dt;
function getAdvisorPassword($username)
{
global $debug;
$Common = new Common($debug);
$sql2 = "select * from Proj2Advisors where `Username` = '{$username}'";
$rs2 = $Common->executeQuery($sql2, $_SERVER["SCRIPT_NAME"]);
$row2 = mysql_fetch_row($rs2);
$advisorName = $row2[4];
return $advisorName;
}
</head>
<body>
<div id="login">
<div id="form">
<div class="top">
<h2> Hello
<?php
// someone landed this page by accident
if (!isset($_SESSION["UserN"])) {
return;
}
// grab the user from the database query
$User = $_SESSION["UserN"];
$Pass = $_SESSION["PassW"];
$sql = "SELECT `firstName` FROM `Proj2Advisors` \n\t\t\tWHERE `Username` = '{$User}' \n\t\t\tand `Password` = '{$Pass}'";
$rs = $COMMON->executeQuery($sql, $_SERVER["AdminUI"]);
$row = mysql_fetch_row($rs);
echo $row[0];
?>
</h2>
<!-- add the various option buttons to the user -->
<form action="AdminProcessUI.php" method="post" name="UI">
<input type="submit" name="next" class="button large selection" value="Schedule appointments"><br>
<input type="submit" name="next" class="button large selection" value="Print schedule for a day"><br>
<input type="submit" name="next" class="button large selection" value="Edit appointments"><br>
<input type="submit" name="next" class="button large selection" value="Search for an appointment"><br>
<input type="submit" name="next" class="button large selection" value="Create new Admin Account"><br>
</form>
<br>
/usr/bin/fs sa /afs/umbc.edu/public/web/sites/coeadvising/prod/php/session/ web.coeadvising all
then edit .htaccess file here in the same directory
*/
session_start();
include 'GetAdvisorData.php';
$debug = false;
$Common = new Common($debug);
// Added to get admin ID from the input username
$tempN = $_POST["UserN"];
$tempP = $_POST["PassW"];
$sql = "SELECT * FROM `Proj2Advisors` WHERE `Username` = '{$tempN}' AND `Password` = '{$tempP}'";
$rs = $Common->executeQuery($sql, $_SERVER["SCRIPT_NAME"]);
$row = mysql_fetch_row($rs);
$_SESSION["userID"] = $row[0];
// Addition to provide a single session variable in place of all others
$user = getUsername();
$pass = getPassword();
$sql = "SELECT * FROM `Proj2Advisors` WHERE `Username` = '{$user}' AND `Password` = '{$pass}'";
$rs = $Common->executeQuery($sql, "Advising Appointments");
$row = mysql_fetch_row($rs);
if ($row) {
if ($debug) {
echo "<br>" . var_dump($_SESSION) . "<- Session variables above<br>";
} else {
header('Location: AdminUI.php');
}
} else {