'.mysqli_error($db));
}
mysqli_select_db($db, $mysql_database) or die('Failed to select database
'.mysqli_error($db));
if (!empty($action))
{
if ($action == 'delete')
{
$sql = "DELETE FROM ".$mysql_table." WHERE `request_num` = '$request_num'";
mysqli_query($db, $sql);
mysqli_close($db);
header('Location: '.basename(__FILE__));
exit;
}
else
if ($action == 'update')
{
include(connect.php);
$token=mt_rand();
$title=$_GET['title'];
$to = $_GET['email'];
$pdfname=$_GET['pdfname'];
$request_num=$_GET['request_num'];
$from = "cocthesis@hotmail.com"; // this is the sender's Email address
$subject = "Download Request";
$link="http://thesisit.comoj.com/downloadme.php?token=".$token."&&pdfname=".$pdfname."";
$message = "You requested to download the thesis ".$title."\nPlease click the link below to download the file\n".$link."" ;
$headers = "From:" . $from;
$headers2 = "From:" . $to;
mail($to,$subject,$message,$headers);
$sql1 = "insert into ".$mysql_table1." values(NULL, '$token', '$pdfname'";
mysqli_query($db, $sql1);
$sql = "DELETE FROM ".$mysql_table." WHERE `request_num` = '$request_num'";
mysqli_query($db, $sql);
mysqli_close($db);
header('Location: '.basename(__FILE__));
exit;
}
else
if ($action == 'logout')
{
session_unset();
session_destroy();
setcookie('admin_password', '', time() - 3600);
header('Location: '.basename(__FILE__));
exit;
}
}
?>
User administrator login
\n"; echo "\n"; echo "\n"; } else { if (!empty($action)) { if (($action == 'update') || ($action == 'new')) { $fullname_value = ''; $title_value = ''; $email_value = ''; $pdfname_value= ''; $oras_value= ''; $sql = "SELECT * FROM ".$mysql_table." WHERE fullname = '".$request_num."'"; $result = mysqli_query($db, $sql); if ($data = mysqli_fetch_array($result)) { $fullname_value = $data['fullname']; $title_value = $data['title']; $email_value = $data['email']; $pdfname_value = $data['pdfname']; $oras_value = $data['pdfname']; } echo "