Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- /***********************************************************
- * Onderwijs Service Centrum - © Alle rechten voorbehouden *
- ***********************************************************
- * Ontwikkeld door - ICT IDCollege, Zotermeer *
- ***********************************************************/
- class mainFunctions {
- var $ID;
- var $name;
- var $email;
- var $username;
- var $password;
- var $p_conf;
- var $phone;
- var $osc['t'];
- var $osc['a'];
- var $osc['osc'];
- var $addr;
- var $school;
- var $tutor;
- var $administrator;
- var $select_SQL;
- var $insert_SQL;
- var $update_SQL;
- var $row;
- var $result;
- var $success;
- var $error;
- var $ovnr;
- var $ot;
- var $addr;
- var $postcode;
- var $city;
- var $gender;
- var $bdate;
- var $nationality;
- var $sindsin;
- var $education;
- var $kwg;
- var $clas;
- var $oteam;
- /*
- * Constructor function
- */
- function __constructor(0) {
- include($_SERVER['DOCUMENT_ROOT'].'/osc/includes/db.inc.php');
- db_connect();
- }
- /*
- * Login function
- */
- function __login() {
- $this->ID = mysql_real_escape_string($ID);
- $this->username = mysql_real_escape_string($_POST['username']);
- $this->password = mysql_real_escape_string($_POST['password']);
- /*******************************************************************************************
- * Check for empty field here , if not empty continue the process else die (end of script) *
- *******************************************************************************************/
- if (!empty($this->username) && !empty($this->password)) {
- /*********************************************************************************************
- * Check for existing result in the database and continue the process (pass&user validation) *
- *********************************************************************************************/
- $this->select_SQL = "SELECT ID, username, password FROM `users` WHERE
- username='$this->username' AND password='$this->password'";
- $this->result = mysql_query($this->select_SQL) or die (mysql_error($this->error = 'Syntax error'));
- if (mysql_num_rows($this->result) == 1) {
- $this->row = mysql_fetch_assoc($this->result);
- $_SESSION['level'] = $this->row['level'];
- $_SESSION['username'] = $this->row['username'];
- $_SESSION['login'] = TRUE;
- $_SESSION['ID'] = $this->row['ID'];
- header('Location: index.php');
- } else {
- echo $this->error = 'Gebruikersnaam en/of wachtwoord onjuist!';
- }
- } else {
- echo $this->error = 'Alle velden zijn verplicht!';
- }
- }
- /*
- * Logout function
- */
- function __logout() {
- if ($_SESSION['login'], $_SESSION['username'], $_SESSION['level']) {
- unset($_SESSION['login'], $_SESSION['username'], $_SESSION['level']);
- header('Location: logout.php');
- } else {
- header('Location: index.php');
- }
- }
- /*
- * Make Appointment function
- */
- function __makeAppointment() {
- $this->name = stripslashes($_POST['name']);
- $this->tutor = mysql_real_escape_string($_POST['tutor']);
- $this->date = date('Y-m-d-H:i');
- if (!empty($this->name) && !empty($this->tutor) && !empty($this->date)) {
- $this->insert_SQL = "INSERT INTO `appointments` (name, tutor, date) VALUES ('$this->name',
- '$this->tutor', '$this->date')";
- $this->result = mysql_query($this->insert_SQL) or die (mysql_error($this->error = 'Syntax error'));
- if ($this->result) {
- echo $this->success = 'Afspraak successvol gemaakt!';
- } else {
- echo $this->error = 'Syntax error!';
- }
- } else {
- echo $this->error = 'Alle velden zijn verplicht!';
- }
- }
- /*
- * Display all Appointments from db
- */
- function __showAppointment() {
- $this->select_SQL = "SELECT * FROM `appointments`";
- $this->result = mysql_query($this->select_SQL) or die (mysql_error($this->error = 'Syntax error'));
- $this->row = mysql_fetch_assoc($this->result);
- /*
- * Here goes the HTML form to show all db results from the above query
- * To display a live record us $this->row['statement'] instead of
- * plain text.
- */
- }
- /*
- * Create own account functions
- */
- function __createAccount() {
- $this->username = mysql_real_escape_string($_POST['username']);
- $this->password = md5(mysql_real_escape_string($_POST['password']));
- $this->p_conf = md5(mysql_real_escape_string($_POST['p_conf']));
- $this->ot = trim(strip_tags($_POST['ot']));
- $this->email = htmlspecialchars($_POST['email']);
- if (!$this->password == $this->p_conf) {
- echo $this->error = 'Wachtwoorden niet gelijk!';
- } else {
- if (!empty($this->username) && !empty($this->password) && !empty($this->p_conf) && !empty($this->ot) && !empty($this->email)) {
- $this->insert_SQL = "INSERT INTO `users` (username, password, ot, email) VALUES
- ('$this->username', '$this->password', '$this->ot', '$this->email')";
- $this->result = mysql_query($this->insert_SQL) or die (mysql_error($this->error = 'Syntax error'));
- if ($this->result) {
- echo $this->success = 'Uw account is successvol aangemaakt!';
- echo $this->success = '<a href="index.php" name="Homepage">Ga naar index</a>';
- } else {
- echo $this->error = 'Syntax error';
- }
- } else {
- echo $this->error = 'Alle velden zijn verplicht!';
- }
- }
- }
- function __showReports() {
- $this->select_SQL = "SELECT * FROM `aanmelding`,`student`,`user`,`soort_beg` WHERE `aanmelding`.`s_ovnr`=`student`.`ovnr` AND
- `aanmelding`.`u_naam`=`user`.`username` AND `soort_beg`.`code`=`aanmelding`.`soort_beg` ORDER BY `aanmelding`.`datum_tijd` ASC";
- $this->row = mysql_fetch_assoc($this->result);
- $this->result = mysql_query($this->select_SQL) or die (mysql_error($this->error = 'Syntax error'));
- while($this->row = mysql_fetch_assoc($this->result)){
- $this->gemaakt = mysql_real_escape_string($this->row['gemaakt']);
- $this->s_ovnr = mysql_real_escape_string($this->row['s_ovnr']);
- $this->id = mysql_real_escape_string($this->row['id']);
- if($this->gemaakt == FALSE){
- //deze Crap moet worden uitgespuugd in een tabelletje
- mysql_real_escape_string($this->row['datum_tijd']);
- mysql_real_escape_string($this->row['username']);
- mysql_real_escape_string($this->row['s_ovnr']);
- mysql_real_escape_string($this->row['naam']);
- mysql_real_escape_string($this->row['soort_beg']);
- mysql_real_escape_string($this->row['begeleiding']);
- mysql_real_escape_string($this->row['vraag']);
- mysql_real_escape_string($this->row['acties']);
- //<a href=\"index.php?p=maken&id=$id&s_ovnr=$ovnr\"> Afspraak maken </a></td>";
- }
- }
- }
- function __makeReports(){
- $this->select_SQL = "SELECT * FROM aanmelding AS a, student AS s WHERE a.aanmelding_id = ".$this->id." AND a.s_ovnr = ".$this->ovnr."";
- $this->row = mysql_fetch_assoc($this->result);
- $this->result = mysql_query($this->select_SQL) or die (mysql_error($this->error = 'Syntax error'));
- while($this->row = mysql_fetch_assoc($this->result)){
- $this->acties = mysql_real_escape_string($this->row['acties']);
- $this->vraag = mysql_real_escape_string($this->row['vraag']);
- }
- }
- function __searchStudents() {
- $this->ovnr = trim(strip_tags($_POST['ovnr'])); // Get's the OV Number
- $this->select_SQL = "SELECT * FROM `student` WHERE ovnummer='$this->ovnr' LIMIT 1";
- $this->result = mysql_query($this->select_SQL) or die (mysql_error($this->error = 'Syntax error'));
- $this->row = mysql_fetch_assoc($this->result);
- while($this->row = mysql_fetch_assoc($this->result)) {
- $this->name = mysql_real_escape_string($this->row['name']);
- $this->addr = mysql_real_escape_string($this->row['addr']);
- $this->postcode = mysql_real_escape_string($this->row['postcode'];
- $this->city = mysql_real_escape_string($this->row['city']);
- $this->gender = mysql_real_escape_string($this->row['gender']);
- $this->email = mysql_real_escape_string($this->row['email']);
- $this->bdate = mysql_real_escape_string($this->row['bdate']);
- $this->phone = mysql_real_escape_string($this->row['phone']);
- $this->nationality = mysql_real_escape_string($this->row['nationality']);
- $this->sindsin = mysql_real_escape_string($this->row['sindsin']);
- $this->education = mysql_real_escape_string($this->row['education']);
- $this->kwg = mysql_real_escape_string($this->row['kwg']);
- $this->clas = mysql_real_escape_string($this->row['clas']);
- $this->oteam = mysql_real_escape_string($this->row['oteam']);
- }
- }
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement