<?php if (isset($selected_user)) { unset($selected_user); } if ($logged_in && isset($_GET["user_id"])) { $dao = new DAO(false); $user_request = $dao->escape($_GET["user_id"]); $properties = array("user_id", "user_name", "user_picture", "course_name", "university_name"); $dao->myquery("SELECT " . implode(",", $properties) . " FROM user " . "JOIN cohort ON user.cohort_id=cohort.cohort_id " . "JOIN course ON cohort.course_id=course.course_id " . "JOIN university ON course.university_id=university.university_id WHERE user_id=\"{$user_request}\";"); if ($dao->fetch_num_rows() > 0) { //User exists $selected_user = $dao->fetch_one_obj_part($properties); $friends_query = "SELECT * FROM connection WHERE (user_id1=\"{$user->user_id}\" AND user_id2=\"{$selected_user->user_id}\") OR " . "(user_id2=\"{$user->user_id}\" AND user_id1=\"{$selected_user->user_id}\");"; $dao->myquery($friends_query); $is_friend = $dao->fetch_num_rows() != 0 || $selected_user->user_id == $user->user_id || $selected_user->user_id == 1; // I am friends with myself $selected_user->is_friend = $is_friend; $dao->myquery("SELECT * FROM friend_request WHERE user_id1=\"{$user->user_id}\" AND user_id2=\"{$selected_user->user_id}\";"); $selected_user->request_sent = $dao->fetch_num_rows() != 0; $_SESSION["selected_user"] = $selected_user; unset($_SESSION["selected_cohort"]); } }
data:{user_password:new_pwd,conf_rnd: conf_rnd,user_id: user_id}, type:"POST" }).done(function() { id("info").innerHTML = "Password reset. Please <a href=\"../welcome/\">login</a>."; }); } return false; } </script> </head> <body> <div id="main"> <?php $query = "SELECT * FROM reset_request WHERE user_id=\"{$user->user_id}\" AND conf_rnd=\"{$conf_rnd}\";"; $dao->myquery($query); if ($dao->fetch_num_rows() == 1) { ?> <div> <form onsubmit="reset_password(event)" action=""> <input id="new_pwd" type="password" placeholder="New password" onkeyup="verify_password()"/> <input id="conf_pwd" type="password" placeholder="Confirm password" onkeyup="verify_password()"/> <input type="submit" value="reset"/> </form> </div> <div id="info"> </div> <?php } else { ?>
<?php if ($logged_in) { $dao = new DAO(false); if (isset($_GET["cohort_id"])) { $cohort_request = $dao->escape($_GET["cohort_id"]); if ($cohort_request == $user->cohort_id) { $dao->myquery("SELECT cohort_id,cohort.group_id,group_name,cohort_start,course.course_name,university.university_name FROM cohort \n\t\t\t\t\tJOIN course ON cohort.course_id=course.course_id \n\t\t\t\t\tJOIN university ON university.university_id=course.university_id\n\t\t\t\t\tJOIN user_group ON cohort.group_id=user_group.group_id WHERE cohort_id=\"{$cohort_request}\";"); $row = $dao->fetch_one_obj(); if ($dao->fetch_num_rows() > 0) { //It exists $selected_group = new stdClass(); $selected_group->cohort_id = $row->cohort_id; $selected_group->course_name = $row->course_name; $selected_group->university_name = $row->university_name; $selected_group->group_id = $row->group_id; $selected_group->group_name = $row->course_name . " at " . $row->university_name . " " . date("Y", strtotime($row->cohort_start)); $selected_group->can_be_added_to = false; $d = new DateTime($row->cohort_start); $selected_group->cohort_start = $d->format('jS F Y'); $selected_group->posting_enabled = $selected_group->cohort_id == $user->cohort_id; $_SESSION["selected_group"] = $selected_group; unset($_SESSION["selected_user"]); } } else { redirect("../"); } } }