User administrator

'.mysqli_error($db)); } mysqli_select_db($db, $mysql_database) or die('Failed to select database
'.mysqli_error($db)); if (!empty($action)) { if ($action == 'delete') { $sql = "DELETE FROM ".$mysql_table." WHERE `request_num` = '$request_num'"; mysqli_query($db, $sql); mysqli_close($db); header('Location: '.basename(__FILE__)); exit; } else if ($action == 'update') { include(connect.php); $token=mt_rand(); $title=$_GET['title']; $to = $_GET['email']; $pdfname=$_GET['pdfname']; $request_num=$_GET['request_num']; $from = "cocthesis@hotmail.com"; // this is the sender's Email address $subject = "Download Request"; $link="http://thesisit.comoj.com/downloadme.php?token=".$token."&&pdfname=".$pdfname.""; $message = "You requested to download the thesis ".$title."\nPlease click the link below to download the file\n".$link."" ; $headers = "From:" . $from; $headers2 = "From:" . $to; mail($to,$subject,$message,$headers); $sql1 = "insert into ".$mysql_table1." values(NULL, '$token', '$pdfname'"; mysqli_query($db, $sql1); $sql = "DELETE FROM ".$mysql_table." WHERE `request_num` = '$request_num'"; mysqli_query($db, $sql); mysqli_close($db); header('Location: '.basename(__FILE__)); exit; } else if ($action == 'logout') { session_unset(); session_destroy(); setcookie('admin_password', '', time() - 3600); header('Location: '.basename(__FILE__)); exit; } } ?> User administrator \n"; echo "

User administrator login

\n"; echo "\n"; echo "\n"; } else { if (!empty($action)) { if (($action == 'update') || ($action == 'new')) { $fullname_value = ''; $title_value = ''; $email_value = ''; $pdfname_value= ''; $oras_value= ''; $sql = "SELECT * FROM ".$mysql_table." WHERE fullname = '".$request_num."'"; $result = mysqli_query($db, $sql); if ($data = mysqli_fetch_array($result)) { $fullname_value = $data['fullname']; $title_value = $data['title']; $email_value = $data['email']; $pdfname_value = $data['pdfname']; $oras_value = $data['pdfname']; } echo "\n"; echo "

\n"; echo "\n"; if ($action == 'new') { echo "\n"; } else { echo "\n"; } } } else { echo "

\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; $sql = "SELECT * FROM ".$mysql_table; $result = mysqli_query($db, $sql); while ($data = mysqli_fetch_array($result)) { echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "

Fullname	Email	Title	Time Requested	Action
" . $data['fullname'] . "	" . $data['email'] . "	" . $data['title'] . "	" . $data['oras'] . "<%