Skip to content
This repository has been archived by the owner on Jul 3, 2023. It is now read-only.

Commit

Permalink
Merge branch 'dev'
Browse files Browse the repository at this point in the history
  • Loading branch information
alexhambley committed Apr 21, 2018
2 parents 2771a1c + 823704b commit 4036177
Show file tree
Hide file tree
Showing 36 changed files with 1,183 additions and 357 deletions.
5 changes: 3 additions & 2 deletions src/_db-user-util.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -95,10 +95,11 @@ function fetchAnswers($username) {
return $result;
}

function resetPassword($username) {
function resetPassword($username, $password) {
global $pdo;
$stmt = $pdo->prepare('UPDATE Users SET Password = "e10adc3949ba59abbe56e057f20f883e" WHERE Name = :Name');
$stmt = $pdo->prepare('UPDATE Users SET Password = :Password WHERE Name = :Name');
$stmt->bindParam(':Name', $username);
$stmt->bindParam(':Password', md5($password));
$stmt->execute();
}
?>
38 changes: 26 additions & 12 deletions src/_deleteElement.php
View file
Original file line number Diff line number Diff line change
@@ -1,12 +1,18 @@
<?php

if (empty($_POST['name']))
exit("Invalid parameters.");

$name = trim($_POST['name']);

if ($name == "")
exit("Invalid parameters.");
if (empty($_POST['elementname'])) {
header( "refresh:3;url=index_admin.php" );
session_unset();
session_destroy();
exit("Invalid parameters. Redirecting in 3 seconds");
}
$name = trim($_POST['elementname']);
if ($name == "") {
header( "refresh:3;url=index_admin.php" );
session_unset();
session_destroy();
exit("Invalid parameters. Redirecting in 3 seconds");
}

include 'credentials.php';

Expand Down Expand Up @@ -95,14 +101,22 @@
$db = null;
$msg = "Error: Can't update database\n\nError Info: ".$e->getMessage()."\n\n";
$msg .= "Query: $query";
echo $msg;
exit;
}
echo $msg;
header( "refresh:3;url=index_admin.php" );
session_unset();
session_destroy();
exit("Invalid parameters. Redirecting in 3 seconds");
}

$db = null;


echo "The element '$name' has been deleted.";
exit;
// echo "The element '$name' has been deleted.";
session_unset();
session_destroy();
header("Location: index_admin.php");
exit();
$conn->close();
// exit;

?>
36 changes: 27 additions & 9 deletions src/_deleteRole.php
View file
Original file line number Diff line number Diff line change
@@ -1,13 +1,20 @@
<?php

if (empty($_POST['entry']))
exit("Invalid parameters.");
if (empty($_POST['entry'])) {
header( "refresh:3;url=index_admin.php" );
session_unset();
session_destroy();
exit("Invalid parameters. Redirecting in 3 seconds");
}

$name = trim($_POST['entry']);

if ($name == "")
exit("Invalid parameters.");

if ($name == "") {
header( "refresh:3;url=index_admin.php" );
session_unset();
session_destroy();
exit("Invalid parameters. Redirecting in 3 seconds");
}
include 'credentials.php';

$dsn = 'mysql:dbname='.$db_database.';host='.$db_host;
Expand All @@ -24,8 +31,11 @@
$id = $row['id'];
if ($id == "")
{
echo "Role: '$name' could not be found.";
exit;
echo "Role: '$name' could not be found.";
header( "refresh:3;url=index_admin.php" );
session_unset();
session_destroy();
exit("Invalid parameters. Redirecting in 3 seconds");
}

$query = str_replace("?", $name, "DELETE FROM role WHERE entry='?'");
Expand All @@ -37,13 +47,21 @@
$msg = "Error: Can't update database\n\nError Info: ".$e->getMessage()."\n\n";
$msg .= "Query: $query";
echo $msg;
exit;
header( "refresh:3;url=index_admin.php" );
session_unset();
session_destroy();
exit("Invalid parameters. Redirecting in 3 seconds");
}

$db = null;


echo "The role '$name' has been deleted.";
// echo "The role '$name' has been deleted.";
session_unset();
session_destroy();
header("Location: index_admin.php");
exit();
$conn->close();
exit;

?>
13 changes: 9 additions & 4 deletions src/_deleteTheme.php
View file
Original file line number Diff line number Diff line change
@@ -1,9 +1,9 @@
<?php

if (empty($_POST['name']))
if (empty($_POST['themeName']))
exit("Invalid parameters.");

$name = trim($_POST['name']);;
$name = trim($_POST['themeName']);;

if ($name == "")
exit("Invalid parameters.");
Expand Down Expand Up @@ -84,7 +84,12 @@
$db = null;


echo "The theme '$name' was deleted.";
exit;
// echo "The theme '$name' was deleted.";
session_unset();
session_destroy();
header("Location: index_admin.php");
exit();
$conn->close();
// exit;

?>
42 changes: 17 additions & 25 deletions src/_insertElement.php
View file
Original file line number Diff line number Diff line change
@@ -1,21 +1,19 @@
<?php

if (empty($_POST['name']) || empty($_POST['description']))
if (empty($_POST['name']) || empty($_POST['description']))
exit("Invalid parameters.");

$name = trim($_POST['name']);
$description = trim($_POST['description']);

if ($name == "" || $description == "")
exit("Invalid parameters.");

if ($name == "" || $description == "") {
header( "refresh:3;url=index_admin.php" );
session_unset();
session_destroy();
exit("Invalid parameters. Redirecting in 3 seconds");
}
include 'credentials.php';

$dsn = 'mysql:dbname='.$db_database.';host='.$db_host;
$db = new PDO($dsn,$db_username,$db_password);
$db->setAttribute(PDO::ATTR_EMULATE_PREPARES, false);
$db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);

try {
$db->beginTransaction();
$query = str_replace("?", $name, "INSERT INTO element (elementname, description) VALUES ('?','!')");
Expand All @@ -28,22 +26,16 @@
$msg = "Error: Can't update database\n\nError Info: ".$e->getMessage()."\n\n";
$msg .= "Query: $query";
echo $msg;
exit;
header( "refresh:3;url=index_admin.php" );
session_unset();
session_destroy();
exit("Invalid parameters. Redirecting in 3 seconds");
}

$db = null;


echo "The element '$name' has been added.";

session_unset();
session_destroy();

header("Location: index_admin.php");
exit();
$conn->close();


exit;

// echo "The element '$name' has been added.";
session_unset();
session_destroy();
header("Location: index_admin.php");
exit();
$conn->close();
?>
25 changes: 18 additions & 7 deletions src/_insertRole.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,18 +18,25 @@
$themes = implode(",", array_filter($tempArr));
//var_dump($themes);

if (empty($names) || empty($elements) || empty($_POST['entry']) || empty($_POST['description']))
exit("Invalid parameters.");
if (empty($names) || empty($elements) || empty($_POST['entry']) || empty($_POST['description'])) {
header( "refresh:3;url=index_admin.php" );
session_unset();
session_destroy();
exit("Invalid parameters. Redirecting in 3 seconds");
}

// $elements = trim($_POST['elements']);
$entry = trim($_POST['entry']);
$description = trim($_POST['description']);
// $themes = trim($_POST['themes']);


if ($elements == "" || $entry == "" || $names == "" || $description == "" || $themes == "")
exit("Invalid parameters.");

if ($elements == "" || $entry == "" || $names == "" || $description == "" || $themes == "") {
header( "refresh:3;url=index_admin.php" );
session_unset();
session_destroy();
exit("Invalid parameters. Redirecting in 3 seconds");
}
include 'credentials.php';

$dsn = 'mysql:dbname='.$db_database.';host='.$db_host;
Expand All @@ -54,7 +61,11 @@
$db = null;


echo "The role '$entry' has been added.";
exit;
// echo "The role '$entry' has been added.";
session_unset();
session_destroy();
header("Location: index_admin.php");
exit();
$conn->close();

?>
25 changes: 18 additions & 7 deletions src/_insertTheme.php
View file
Original file line number Diff line number Diff line change
@@ -1,14 +1,22 @@
<?php

if (empty($_POST['name']) || empty($_POST['explanation']))
exit("Invalid parameters.");
if (empty($_POST['name']) || empty($_POST['explanation'])) {
header( "refresh:3;url=index_admin.php" );
session_unset();
session_destroy();
exit("Invalid parameters. Redirecting in 3 seconds");
}

$name = trim($_POST['name']);
$explanation = trim($_POST['explanation']);


if ($name == "" || $explanation == "")
exit("Invalid parameters.");
if ($name == "" || $explanation == "") {
header( "refresh:3;url=index_admin.php" );
session_unset();
session_destroy();
exit("Invalid parameters. Redirecting in 3 seconds");
}

include 'credentials.php';

Expand Down Expand Up @@ -57,7 +65,10 @@
$db = null;


echo "The theme '$name' was added.";
exit;

// echo "The theme '$name' was added.";
session_unset();
session_destroy();
header("Location: index_admin.php");
exit();
$conn->close();
?>
6 changes: 5 additions & 1 deletion src/_resetPassword.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,8 +6,12 @@
if (strcmp($answers['Email'], $_POST['email']) == 0 and
strcmp($answers['Phone'], $_POST['phone']) == 0 and
strcmp($answers['Birthday'], $_POST['birthday']) == 0) {
resetPassword($_SESSION['username-forget']);
resetPassword($_SESSION['username-forget'], $_POST['password']);
header('Location: admin_login.php');
exit();
}
else {
header('Location: admin.php');
exit();
}
?>
42 changes: 23 additions & 19 deletions src/_updateElement.php
View file
Original file line number Diff line number Diff line change
@@ -1,24 +1,25 @@
<?php
var_dump($_POST);

if (empty($_POST['newName']) || empty($_POST['elementname']) || empty($_POST['description']))
exit("Invalid parameters.");

// var_dump($_POST);
if (empty($_POST['newName']) || empty($_POST['elementname']) || empty($_POST['description'])) {
header( "refresh:3;url=index_admin.php" );
session_unset();
session_destroy();
exit("Invalid parameters. Redirecting in 3 seconds");
}
$newName = trim($_POST['newName']);
$elementname = trim($_POST['elementname']);
$description = trim($_POST['description']);


if ($newName == "" || $elementname == "" || $description == "")
exit("Invalid parameters.");

if ($newName == "" || $elementname == "" || $description == "") {
header( "refresh:3;url=index_admin.php" );
session_unset();
session_destroy();
exit("Invalid parameters. Redirecting in 3 seconds");
}
include 'credentials.php';

$dsn = 'mysql:dbname='.$db_database.';host='.$db_host;
$db = new PDO($dsn,$db_username,$db_password);
$db->setAttribute(PDO::ATTR_EMULATE_PREPARES, false);
$db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);

try {
$db->beginTransaction();
$query = str_replace("?", $newName, "UPDATE element SET elementname = '?', description = '!' WHERE elementname = '£'");
Expand All @@ -32,13 +33,16 @@
$msg = "Error: Can't update database\n\nError Info: ".$e->getMessage()."\n\n";
$msg .= "Query: $query";
echo $msg;
exit;
header( "refresh:3;url=index_admin.php" );
session_unset();
session_destroy();
exit("Invalid parameters. Redirecting in 3 seconds");
}

$db = null;


echo "The element has been updated.";
exit;

// echo "The element has been updated.";
session_unset();
session_destroy();
header("Location: index_admin.php");
exit();
$conn->close();
?>
Loading

0 comments on commit 4036177

Please sign in to comment.