Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- session_start();
- require_once("config/config.php");
- require_once("config/database.php");
- require_once("functions.php");
- global $db_link;
- $page = "dashboard"; // init/ default // e default-ul din switch()
- if (isset($_GET["page"]) && !empty($_GET["page"])) {
- $page = $db_link->real_escape_string($_GET["page"]);
- }
- if ((is_user_logged_in() === false) && ($page!="login" && $page!="register" && $page!="activate" && $page!="recover")) {
- header('Location: index.php?page=login');
- }
- switch ($page) {
- case "dashboard":
- {
- $page = "dashboard";
- $page_title = "Noutati";
- $data = array();
- $news = array();
- $query = "SELECT * FROM news WHERE clasa = '-1' ORDER BY data DESC LIMIT 3";
- $result_k = $db_link->query($query) or die($db_link->error);
- while ($row_k = $result_k->fetch_assoc())
- $news[] = $row_k;
- $cls = $_SESSION["client_class"];
- $news2 = array();
- $query = "SELECT * FROM news WHERE clasa = '$cls' ORDER BY data DESC LIMIT 1";
- $result_k = $db_link->query($query) or die($db_link->error);
- while ($row_k = $result_k->fetch_assoc())
- $news2 = $row_k;
- $data["news"] = $news;
- $data["news2"] = $news2;
- display_template("dashboard", $data);
- break;
- }
- case "teste":
- {
- $page = "teste";
- $page_title = "Teste";
- $clasa = $_SESSION["client_class"];
- $teste = array();
- $query = "SELECT * FROM teste WHERE clasa = $clasa";
- $result_k = $db_link->query($query) or die($db_link->error);
- while ($row_k = $result_k->fetch_assoc())
- $teste[] = $row_k;
- $data = array();
- $data["teste"] = $teste;
- display_template("teste", $data);
- break;
- }
- case "allmsj":
- {
- $page = "allmsj";
- $page_title = "Toate mesajele";
- $data = array();
- $mesaje = array();
- $query = "SELECT * FROM mesaje WHERE ((reciever = ".$_SESSION["client_no"]." OR sender = ".$_SESSION["client_no"].") AND conversation = 0) ORDER BY data DESC";
- $result_k = $db_link->query($query) or die($db_link->error);
- while ($row_k = $result_k->fetch_assoc())
- $mesaje[] = $row_k;
- $data["mesaje"] = $mesaje;
- display_template("allmsj", $data);
- break;
- }
- case "viewmsj":
- {
- $msjid = -1;
- if (isset($_GET["id"]) && !empty($_GET["id"])) {
- $msjid = $db_link->real_escape_string($_GET["id"]);
- }
- $prep_stmt = "SELECT id FROM mesaje WHERE id = ? AND (reciever = ? OR sender = ?) LIMIT 1";
- $stmt = $db_link->prepare($prep_stmt);
- if ($stmt)
- {
- $stmt->bind_param('iii', $msjid, $_SESSION["client_no"], $_SESSION["client_no"]);
- $stmt->execute();
- $stmt->store_result();
- $rows = $stmt->num_rows;
- $stmt->close();
- }
- if($rows == 0)
- {
- $_SESSION["err_set"] = 1;
- $_SESSION["err_txt"] = "Acces interzis";
- header('Location: ../index.php?page=dashboard');
- break;
- }
- $page = "viewmsj";
- $page_title = "Vizualizare mesaj";
- $data = array();
- $mesaje = array();
- $query = "SELECT * FROM mesaje WHERE id = $msjid AND conversation = 0";
- $result_k = $db_link->query($query) or die($db_link->error);
- while ($row_k = $result_k->fetch_assoc())
- $mesaje = $row_k;
- $data["mesaje"] = $mesaje;
- $reply = array();
- $query = "SELECT * FROM mesaje WHERE conversation = $msjid ORDER BY id ASC";
- $result_k = $db_link->query($query) or die($db_link->error);
- while ($row_k = $result_k->fetch_assoc())
- $reply[] = $row_k;
- $data["reply"] = $reply;
- $query = "UPDATE mesaje SET `read` = '1' WHERE `id` = $msjid";
- $result_k = $db_link->query($query) or die($db_link->error);
- display_template("allmsj", $data);
- break;
- }
- case "allnot":
- {
- $page = "allnot";
- $page_title = "Toate notificarile";
- $data = array();
- $notificari = array();
- $query = "SELECT * FROM notificari WHERE userid = ".$_SESSION["client_no"]." ORDER BY data DESC";
- $result_k = $db_link->query($query) or die($db_link->error);
- while ($row_k = $result_k->fetch_assoc())
- $notificari[] = $row_k;
- $data["notificari"] = $notificari;
- $query = "UPDATE notificari SET `read` = '1' WHERE `userid` = ".$_SESSION["client_no"]."";
- $result_k = $db_link->query($query) or die($db_link->error);
- display_template("allnot", $data);
- break;
- }
- case "writemessage":
- {
- $user_id = -1;
- if (isset($_GET["id"]) && !empty($_GET["id"])) {
- $user_id = $db_link->real_escape_string($_GET["id"]);
- }
- $page = "writemessage";
- $page_title = "Scrie un mesaj";
- $data = array();
- $data["userid"] = $user_id;
- display_template("writemessage", $data);
- break;
- }
- case "logs":
- {
- if($_SESSION["client_role"] == 0)
- {
- $_SESSION["err_set"] = 1;
- $_SESSION["err_txt"] = "Permisiuni insuficiente";
- header('Location: index.php?page=dashboard');
- }
- $page = "logs";
- $page_title = "Log-uri";
- $data = array();
- display_template("logs", $data);
- break;
- }
- case "viewteste":
- {
- $page = "viewteste";
- $page_title = "Testele mele";
- $userid = $_SESSION["client_no"];
- $query = "SELECT * FROM teste WHERE prof_id = $userid";
- $result_k = $db_link->query($query) or die($db_link->error);
- while ($row_k = $result_k->fetch_assoc())
- $teste[] = $row_k;
- $data = array();
- $data["teste"] = $teste;
- display_template("viewteste", $data);
- break;
- }
- case "closetest":
- {
- $page = "closetest";
- $page_title = "Testele mele";
- $test_id = -1;
- if (isset($_GET["id"]) && !empty($_GET["id"])) {
- $test_id = $db_link->real_escape_string($_GET["id"]);
- }
- $userid = $_SESSION["client_no"];
- $query = "SELECT * FROM teste WHERE prof_id = $userid";
- $result_k = $db_link->query($query) or die($db_link->error);
- while ($row_k = $result_k->fetch_assoc())
- $teste[] = $row_k;
- $prep_stmt = "SELECT id FROM teste WHERE id = ? AND prof_id = ? LIMIT 1";
- $stmt = $db_link->prepare($prep_stmt);
- if ($stmt)
- {
- $stmt->bind_param('ii', $test_id, $userid);
- $stmt->execute();
- $stmt->store_result();
- $rows = $stmt->num_rows;
- $stmt->close();
- }
- if($rows == 0)
- {
- $_SESSION["err_set"] = 1;
- $_SESSION["err_txt"] = "Test gresit sau insuficiente permisiuni";
- header('Location: ../index.php?page=dashboard');
- break;
- }
- $result = "";
- $query = "SELECT activat FROM teste WHERE id = $test_id LIMIT 1";
- $result_k = $db_link->query($query) or die($db_link->error);
- while ($row_k = $result_k->fetch_assoc())
- {
- $result = $row_k["activat"];
- }
- $result_t = -1;
- if($result == 0)
- $result_t = 1;
- if($result == 1)
- $result_t = 0;
- $query = "UPDATE teste SET `activat` = '$result_t' WHERE `id` = $test_id";
- $result_k = $db_link->query($query) or die($db_link->error);
- header('Location: ../index.php?page=viewteste');
- break;
- }
- case "viewtest":
- {
- $test_id = -1;
- if (isset($_GET["id"]) && !empty($_GET["id"])) {
- $test_id = $db_link->real_escape_string($_GET["id"]);
- }
- $userid = $_SESSION["client_no"];
- $query = "SELECT * FROM teste WHERE prof_id = $userid";
- $result_k = $db_link->query($query) or die($db_link->error);
- while ($row_k = $result_k->fetch_assoc())
- $teste[] = $row_k;
- $prep_stmt = "SELECT id FROM teste WHERE id = ? AND prof_id = ? LIMIT 1";
- $stmt = $db_link->prepare($prep_stmt);
- if ($stmt)
- {
- $stmt->bind_param('ii', $test_id, $userid);
- $stmt->execute();
- $stmt->store_result();
- $rows = $stmt->num_rows;
- $stmt->close();
- }
- if($rows == 0)
- {
- $_SESSION["err_set"] = 1;
- $_SESSION["err_txt"] = "Test gresit sau insuficiente permisiuni";
- header('Location: ../index.php?page=dashboard');
- break;
- }
- $teste = array();
- $query = "SELECT * FROM teste WHERE id = $test_id";
- $result_k = $db_link->query($query) or die($db_link->error);
- while ($row_k = $result_k->fetch_assoc())
- $teste = $row_k;
- $page = "viewtest";
- $page_title = $teste["titlu"];
- $data = array();
- $data["teste"] = $teste;
- display_template("viewtest", $data);
- break;
- }
- case "viewtest2":
- {
- $test_id = -1;
- if (isset($_GET["id"]) && !empty($_GET["id"])) {
- $test_id = $db_link->real_escape_string($_GET["id"]);
- }
- $userid = $_SESSION["client_class"];
- $query = "SELECT * FROM teste WHERE prof_id = $userid";
- $result_k = $db_link->query($query) or die($db_link->error);
- while ($row_k = $result_k->fetch_assoc())
- $teste[] = $row_k;
- $prep_stmt = "SELECT id FROM teste WHERE id = ? AND clasa = ? LIMIT 1";
- $stmt = $db_link->prepare($prep_stmt);
- if ($stmt)
- {
- $stmt->bind_param('ii', $test_id, $userid);
- $stmt->execute();
- $stmt->store_result();
- $rows = $stmt->num_rows;
- $stmt->close();
- }
- if($rows == 0)
- {
- $_SESSION["err_set"] = 1;
- $_SESSION["err_txt"] = "Test gresit sau insuficiente permisiuni";
- header('Location: ../index.php?page=dashboard');
- break;
- }
- $teste = array();
- $query = "SELECT * FROM teste WHERE id = $test_id";
- $result_k = $db_link->query($query) or die($db_link->error);
- while ($row_k = $result_k->fetch_assoc())
- $teste = $row_k;
- $page = "viewtest2";
- $page_title = $teste["titlu"];
- $data = array();
- $data["teste"] = $teste;
- display_template("viewtest2", $data);
- break;
- }
- case "profs":
- {
- $page = "profs";
- if($_SESSION["client_profesor"] == 0)
- $page_title = "Profesori";
- else
- $page_title = "Colegii mei";
- $data = array();
- $materii = array();
- $query = "SELECT * FROM materii";
- $result_k = $db_link->query($query) or die($db_link->error);
- while ($row_k = $result_k->fetch_assoc())
- $materii[] = $row_k;
- $profs = array();
- for($i = 1; $i <= 21; $i++)
- {
- $query = "SELECT * FROM users WHERE profesor = $i";
- $result_k = $db_link->query($query) or die($db_link->error);
- while ($row_k = $result_k->fetch_assoc())
- $profs[] = $row_k;
- }
- $data["materii"] = $materii;
- $data["profs"] = $profs;
- display_template("profs", $data);
- break;
- }
- case "mabsente":
- {
- $page = "mabsente";
- $page_title = "Motiveaza Absente";
- $data = array();
- $clasa = $_SESSION["client_class"];
- $elevi = array();
- $query = "SELECT * FROM users WHERE class = $clasa AND profesor = 0 ORDER BY last_name ASC";
- $result_k = $db_link->query($query) or die($db_link->error);
- while ($row_k = $result_k->fetch_assoc())
- $elevi[] = $row_k;
- $data["elevi"] = $elevi;
- $absente = array();
- foreach($elevi as $elev)
- {
- $query = "SELECT * FROM absente WHERE user_id = ".$elev["id"]."";
- $result_k = $db_link->query($query) or die($db_link->error);
- while ($row_k = $result_k->fetch_assoc())
- $absente[] = $row_k;
- }
- $data["absente"] = $absente;
- display_template("mabsente", $data);
- break;
- }
- case "viewclass":
- {
- $user_id = -1;
- if (isset($_GET["id"]) && !empty($_GET["id"])) {
- $user_id = $db_link->real_escape_string($_GET["id"]);
- }
- $prep_stmt = "SELECT id FROM classes WHERE id = ? LIMIT 1";
- $stmt = $db_link->prepare($prep_stmt);
- if ($stmt)
- {
- $stmt->bind_param('i', $user_id);
- $stmt->execute();
- $stmt->store_result();
- $rows = $stmt->num_rows;
- $stmt->close();
- }
- if($rows == 0)
- {
- $_SESSION["err_set"] = 1;
- $_SESSION["err_txt"] = "Clasa gresita";
- header('Location: ../index.php?page=dashboard');
- break;
- }
- $page = "viewclass";
- $page_title = "Vizualizare clasa";
- $elevi = array();
- $query = "SELECT * FROM users WHERE class = $user_id AND profesor = 0 ORDER BY last_name ASC";
- $result_k = $db_link->query($query) or die($db_link->error);
- while ($row_k = $result_k->fetch_assoc())
- $elevi[] = $row_k;
- $dirig = array();
- $query = "SELECT * FROM users WHERE class = $user_id AND diriginte = 1 LIMIT 1";
- $result_k = $db_link->query($query) or die($db_link->error);
- while ($row_k = $result_k->fetch_assoc())
- $dirig = $row_k;
- $infoclasa = array();
- $query = "SELECT * FROM classes WHERE id = $user_id";
- $result_k = $db_link->query($query) or die($db_link->error);
- while ($row_k = $result_k->fetch_assoc())
- $infoclasa = $row_k;
- $data["users"] = $elevi;
- $data["dirig"] = $dirig;
- $data["clasa"] = $infoclasa;
- $data["pageid"] = $user_id;
- display_template("viewclass", $data);
- break;
- }
- case "viewprofile":
- {
- $user_id = -1;
- if (isset($_GET["id"]) && !empty($_GET["id"])) {
- $user_id = $db_link->real_escape_string($_GET["id"]);
- }
- $set = -1;
- if (isset($_GET["set"]) && !empty($_GET["set"])) {
- $set = $db_link->real_escape_string($_GET["set"]);
- }
- if($set == 1)
- insertFBid($_SESSION["client_no"], $_SESSION['FBID'], $_SESSION['FULLNAME']);
- $prep_stmt = "SELECT id FROM users WHERE id = ? LIMIT 1";
- $stmt = $db_link->prepare($prep_stmt);
- if ($stmt)
- {
- $stmt->bind_param('i', $user_id);
- $stmt->execute();
- $stmt->store_result();
- $rows = $stmt->num_rows;
- $stmt->close();
- }
- if($rows == 0)
- {
- $_SESSION["err_set"] = 1;
- $_SESSION["err_txt"] = "Utilizator gresit";
- header('Location: ../index.php?page=dashboard');
- break;
- }
- $page = "viewprofile";
- $page_title = "Vizualizare profil";
- $infos = array();
- $query = "SELECT * FROM users WHERE id = $user_id LIMIT 1";
- $result_k = $db_link->query($query) or die($db_link->error);
- while ($row_k = $result_k->fetch_assoc())
- $infos = $row_k;
- $premii = array();
- $query = "SELECT * FROM premii WHERE user_id = $user_id";
- $result_k = $db_link->query($query) or die($db_link->error);
- while ($row_k = $result_k->fetch_assoc())
- $premii[] = $row_k;
- $data["userdata"] = $infos;
- $data["premii"] = $premii;
- display_template("viewprofile", $data);
- break;
- }
- case "profpanel":
- {
- $acces_key = -1;
- if (isset($_GET["acces"]) && !empty($_GET["acces"])) {
- $acces_key = $db_link->real_escape_string($_GET["acces"]);
- }
- $acces_key2 = -1;
- if (isset($_GET["acces2"]) && !empty($_GET["acces2"])) {
- $acces_key2 = $db_link->real_escape_string($_GET["acces2"]);
- }
- $acces_key3 = -1;
- if (isset($_GET["acces3"]) && !empty($_GET["acces3"])) {
- $acces_key3 = $db_link->real_escape_string($_GET["acces3"]);
- }
- if($_SESSION["client_profesor"] == 0)
- {
- $_SESSION["err_set"] = 1;
- $_SESSION["err_txt"] = "Permisiuni insuficiente";
- header('Location: index.php?page=dashboard');
- }
- $page = "profpanel";
- $page_title = "Panoul profesorului";
- $infos = array();
- $query = "SELECT * FROM users WHERE class = $acces_key AND profesor = 0 ORDER BY last_name ASC";
- $result_k = $db_link->query($query) or die($db_link->error);
- while ($row_k = $result_k->fetch_assoc())
- $infos[] = $row_k;
- $teste = array();
- $userid = $_SESSION["client_no"];
- $query = "SELECT * FROM teste WHERE prof_id = $userid AND activat = 1";
- $result_k = $db_link->query($query) or die($db_link->error);
- while ($row_k = $result_k->fetch_assoc())
- $teste[] = $row_k;
- $numar = count($teste);
- $data = array();
- $data["acces_key"] = $acces_key;
- $data["acces_key2"] = $acces_key2;
- $data["acces_key3"] = $acces_key3;
- $data["elevi"] = $infos;
- $data["teste"] = $teste;
- $data["numarte"] = $numar;
- display_template("profpanel", $data);
- break;
- }
- case "catalog":
- {
- $page = "catalog";
- $page_title = "Carnet";
- $data = array();
- $cuser = $_SESSION["client_no"];
- $clasamea = $_SESSION["client_class"];
- $clasa = array();
- $query = "SELECT * FROM classes WHERE id = $clasamea";
- $result_k = $db_link->query($query) or die($db_link->error);
- while ($row_k = $result_k->fetch_assoc())
- $clasa = $row_k;
- $absente[] = array();
- $query = "SELECT * FROM absente WHERE user_id = $cuser ORDER BY data ASC";
- $result_k = $db_link->query($query) or die($db_link->error);
- while ($row_k = $result_k->fetch_assoc())
- $absente[] = $row_k;
- $note[] = array();
- $query = "SELECT * FROM note WHERE user_id = $cuser ORDER BY data ASC";
- $result_k = $db_link->query($query) or die($db_link->error);
- while ($row_k = $result_k->fetch_assoc())
- $note[] = $row_k;
- $data["clasa"] = $clasa;
- $data["absente"] = $absente;
- $data["note"] = $note;
- display_template("catalog", $data);
- break;
- }
- case "login":
- {
- if (user_login() == 1) {
- header('Location: index.php?page=dashboard');
- } else {
- $loginfb = 0;
- if (isset($_GET["loginfb"]) && !empty($_GET["loginfb"])) {
- $loginfb = $db_link->real_escape_string($_GET["loginfb"]);
- }
- if($loginfb == 1)
- LoginFB($_SESSION['FBID']);
- require_once("templates/login.php");
- }
- break;
- }
- case "logout":
- {
- user_logout();
- header('Location: index.php?page=login');
- break;
- }
- case "users":
- {
- if($_SESSION["client_role"] == 0)
- {
- $_SESSION["err_set"] = 1;
- $_SESSION["err_txt"] = "Permisiuni insuficiente";
- header('Location: index.php?page=dashboard');
- }
- $page = "users";
- $page_title = "Utilizatori";
- $data = array();
- $users = array();
- $query = "SELECT * FROM users";
- $result_k = $db_link->query($query) or die($db_link->error);
- while ($row_k = $result_k->fetch_assoc())
- $users[] = $row_k;
- $classes = array();
- $query = "SELECT * FROM classes";
- $result_k = $db_link->query($query) or die($db_link->error);
- while ($row_k = $result_k->fetch_assoc())
- $classes[] = $row_k;
- $data["users"] = $users;
- $data["classes"] = $classes;
- display_template("users", $data);
- break;
- }
- case "calendar":
- {
- $page = "calendar";
- $page_title = "Calendar";
- $data = array();
- $clasa = $_SESSION["client_class"];
- $events = array();
- $query = "SELECT * FROM calendar WHERE clasa = $clasa ORDER BY data DESC";
- $result_k = $db_link->query($query) or die($db_link->error);
- while ($row_k = $result_k->fetch_assoc())
- $events[] = $row_k;
- $data["events"] = $events;
- display_template("calendar", $data);
- break;
- }
- default:
- {
- $page = "dashboard";
- $page_title = "Dashboard";
- $data = array();
- display_template("dashboard", $data);
- break;
- }
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement