API tools faq
paste
Advertisement
Guest User

Untitled

a guest
May 6th, 2017
140
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
PHP 8.73 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2.  
  3. /***********************************************************
  4.  * Onderwijs Service Centrum - © Alle rechten voorbehouden *
  5.  ***********************************************************
  6.  *        Ontwikkeld door - ICT IDCollege, Zotermeer       *
  7.  ***********************************************************/
  8.  
  9. class mainFunctions {
  10.  
  11.     var $ID;
  12.     var $name;
  13.     var $email;
  14.     var $username;
  15.     var $password;
  16.     var $p_conf;
  17.     var $phone;
  18.     var $osc['t'];
  19.     var $osc['a'];
  20.     var $osc['osc'];
  21.     var $addr;
  22.     var $school;
  23.     var $tutor;
  24.     var $administrator;
  25.     var $select_SQL;
  26.     var $insert_SQL;
  27.     var $update_SQL;
  28.     var $row;
  29.     var $result;
  30.     var $success;
  31.     var $error;
  32.     var $ovnr;
  33.     var $ot;
  34.     var $addr;
  35.     var $postcode;
  36.     var $city;
  37.     var $gender;
  38.     var $bdate;
  39.     var $nationality;
  40.     var $sindsin;
  41.     var $education;
  42.     var $kwg;
  43.     var $clas;
  44.     var $oteam;
  45.  
  46.     /*
  47.      * Constructor function
  48.      */
  49.     function __constructor(0) {
  50.  
  51.         include($_SERVER['DOCUMENT_ROOT'].'/osc/includes/db.inc.php');
  52.         db_connect();
  53.  
  54.     }
  55.  
  56.     /*
  57.      * Login function
  58.      */
  59.     function __login() {
  60.  
  61.         $this->ID           =   mysql_real_escape_string($ID);
  62.         $this->username     =   mysql_real_escape_string($_POST['username']);
  63.         $this->password     =   mysql_real_escape_string($_POST['password']);
  64.        
  65.         /*******************************************************************************************
  66.          * Check for empty field here , if not empty continue the process else die (end of script) *
  67.          *******************************************************************************************/
  68.         if (!empty($this->username) && !empty($this->password)) {
  69.  
  70.             /*********************************************************************************************
  71.              * Check for existing result in the database and continue the process (pass&user validation) *
  72.              *********************************************************************************************/
  73.             $this->select_SQL   =   "SELECT ID, username, password FROM `users` WHERE
  74.                             username='$this->username' AND password='$this->password'";
  75.             $this->result       =   mysql_query($this->select_SQL) or die (mysql_error($this->error = 'Syntax error'));
  76.             if (mysql_num_rows($this->result) == 1) {
  77.  
  78.                 $this->row              =   mysql_fetch_assoc($this->result);
  79.                 $_SESSION['level']      =   $this->row['level'];
  80.                 $_SESSION['username']   =   $this->row['username'];
  81.                 $_SESSION['login']      =   TRUE;
  82.                 $_SESSION['ID']         =   $this->row['ID'];
  83.                 header('Location: index.php');
  84.  
  85.             } else {
  86.  
  87.                 echo $this->error   =   'Gebruikersnaam en/of wachtwoord onjuist!';
  88.            
  89.             }
  90.  
  91.         } else {
  92.  
  93.             echo $this->error   =   'Alle velden zijn verplicht!';
  94.  
  95.         }
  96.  
  97.     }
  98.  
  99.     /*
  100.      * Logout function
  101.          */
  102.     function __logout() {
  103.  
  104.         if ($_SESSION['login'], $_SESSION['username'], $_SESSION['level']) {
  105.  
  106.             unset($_SESSION['login'], $_SESSION['username'], $_SESSION['level']);
  107.             header('Location: logout.php');
  108.  
  109.         } else {
  110.  
  111.             header('Location: index.php');
  112.  
  113.         }
  114.  
  115.     }
  116.  
  117.     /*
  118.      * Make Appointment function
  119.      */
  120.     function __makeAppointment() {
  121.  
  122.         $this->name                 =   stripslashes($_POST['name']);
  123.         $this->tutor                =   mysql_real_escape_string($_POST['tutor']);
  124.         $this->date                 =   date('Y-m-d-H:i');
  125.         if (!empty($this->name) && !empty($this->tutor) && !empty($this->date)) {
  126.            
  127.             $this->insert_SQL   =   "INSERT INTO `appointments` (name, tutor, date) VALUES ('$this->name',
  128.                             '$this->tutor', '$this->date')";
  129.             $this->result       =   mysql_query($this->insert_SQL) or die (mysql_error($this->error = 'Syntax error'));
  130.             if ($this->result) {
  131.  
  132.                 echo $this->success =   'Afspraak successvol gemaakt!';
  133.  
  134.             } else {
  135.  
  136.                 echo $this->error   =   'Syntax error!';
  137.  
  138.             }
  139.  
  140.         } else {
  141.  
  142.             echo $this->error   =   'Alle velden zijn verplicht!';
  143.  
  144.         }
  145.  
  146.     }
  147.  
  148.     /*
  149.      * Display all Appointments from db
  150.      */
  151.     function __showAppointment() {
  152.  
  153.         $this->select_SQL   =   "SELECT * FROM `appointments`";
  154.         $this->result       =   mysql_query($this->select_SQL) or die (mysql_error($this->error = 'Syntax error'));
  155.         $this->row      =   mysql_fetch_assoc($this->result);
  156.        
  157.         /*
  158.          * Here goes the HTML form to show all db results from the above query
  159.          * To display a live record us $this->row['statement'] instead of
  160.          * plain text.
  161.          */
  162.  
  163.     }
  164.  
  165.     /*
  166.      * Create own account functions
  167.      */
  168.     function __createAccount() {
  169.  
  170.         $this->username     =   mysql_real_escape_string($_POST['username']);
  171.         $this->password     =   md5(mysql_real_escape_string($_POST['password']));
  172.         $this->p_conf       =   md5(mysql_real_escape_string($_POST['p_conf']));
  173.         $this->ot           =   trim(strip_tags($_POST['ot']));
  174.         $this->email        =   htmlspecialchars($_POST['email']);
  175.         if (!$this->password == $this->p_conf) {
  176.  
  177.             echo $this->error   =   'Wachtwoorden niet gelijk!';
  178.  
  179.         } else {
  180.  
  181.             if (!empty($this->username) && !empty($this->password) && !empty($this->p_conf) && !empty($this->ot) && !empty($this->email)) {
  182.  
  183.                 $this->insert_SQL = "INSERT INTO `users` (username, password, ot, email) VALUES
  184.                 ('$this->username', '$this->password', '$this->ot', '$this->email')";
  185.                 $this->result     = mysql_query($this->insert_SQL) or die (mysql_error($this->error = 'Syntax error'));
  186.                 if ($this->result) {
  187.  
  188.                     echo $this->success =   'Uw account is successvol aangemaakt!';
  189.                     echo $this->success =   '<a href="index.php" name="Homepage">Ga naar index</a>';
  190.  
  191.                 } else {
  192.  
  193.                     echo $this->error   =   'Syntax error';
  194.  
  195.                 }
  196.  
  197.             } else {
  198.  
  199.                 echo $this->error   =   'Alle velden zijn verplicht!';
  200.  
  201.             }
  202.  
  203.         }
  204.  
  205.     }
  206.    
  207.     function __showReports() {
  208.    
  209.    
  210.     $this->select_SQL           =       "SELECT * FROM `aanmelding`,`student`,`user`,`soort_beg` WHERE `aanmelding`.`s_ovnr`=`student`.`ovnr` AND
  211.                                         `aanmelding`.`u_naam`=`user`.`username` AND `soort_beg`.`code`=`aanmelding`.`soort_beg` ORDER BY `aanmelding`.`datum_tijd` ASC";
  212.                                        
  213.     $this->row                  =       mysql_fetch_assoc($this->result);
  214.     $this->result               =       mysql_query($this->select_SQL) or die (mysql_error($this->error = 'Syntax error'));
  215.    
  216.     while($this->row = mysql_fetch_assoc($this->result)){
  217.    
  218.     $this->gemaakt              =       mysql_real_escape_string($this->row['gemaakt']);
  219.     $this->s_ovnr               =       mysql_real_escape_string($this->row['s_ovnr']);
  220.     $this->id                   =       mysql_real_escape_string($this->row['id']);
  221.    
  222.     if($this->gemaakt  == FALSE){
  223.    
  224.    
  225.     //deze Crap moet worden uitgespuugd in een tabelletje
  226.     mysql_real_escape_string($this->row['datum_tijd']);
  227.    
  228.     mysql_real_escape_string($this->row['username']);
  229.     mysql_real_escape_string($this->row['s_ovnr']);
  230.     mysql_real_escape_string($this->row['naam']);
  231.     mysql_real_escape_string($this->row['soort_beg']);
  232.     mysql_real_escape_string($this->row['begeleiding']);
  233.     mysql_real_escape_string($this->row['vraag']);
  234.     mysql_real_escape_string($this->row['acties']);
  235.    
  236.    
  237.     //<a href=\"index.php?p=maken&id=$id&s_ovnr=$ovnr\"> Afspraak maken </a></td>";
  238.    
  239.    
  240.     }
  241.    
  242.    
  243.    
  244.    
  245.    
  246.     }
  247.    
  248.     }
  249.    
  250.     function __makeReports(){
  251.    
  252.     $this->select_SQL           =       "SELECT * FROM aanmelding AS a, student AS s WHERE a.aanmelding_id = ".$this->id." AND a.s_ovnr = ".$this->ovnr."";
  253.     $this->row                  =       mysql_fetch_assoc($this->result);
  254.     $this->result               =       mysql_query($this->select_SQL) or die (mysql_error($this->error = 'Syntax error'));
  255.    
  256.     while($this->row = mysql_fetch_assoc($this->result)){
  257.    
  258.     $this->acties               =       mysql_real_escape_string($this->row['acties']);
  259.     $this->vraag                =       mysql_real_escape_string($this->row['vraag']);
  260.    
  261.    
  262.    
  263.     }
  264.    
  265.    
  266.     }
  267.    
  268.    
  269.  
  270.     function __searchStudents() {
  271.    
  272.         $this->ovnr             =       trim(strip_tags($_POST['ovnr']));  // Get's the OV Number
  273.         $this->select_SQL       =       "SELECT * FROM `student` WHERE ovnummer='$this->ovnr' LIMIT 1";
  274.         $this->result           =       mysql_query($this->select_SQL) or die (mysql_error($this->error = 'Syntax error'));
  275.         $this->row              =       mysql_fetch_assoc($this->result);
  276.        
  277.         while($this->row = mysql_fetch_assoc($this->result)) {
  278.  
  279.             $this->name         =       mysql_real_escape_string($this->row['name']);
  280.             $this->addr         =       mysql_real_escape_string($this->row['addr']);
  281.             $this->postcode     =       mysql_real_escape_string($this->row['postcode'];
  282.             $this->city         =       mysql_real_escape_string($this->row['city']);
  283.             $this->gender       =       mysql_real_escape_string($this->row['gender']);
  284.             $this->email        =       mysql_real_escape_string($this->row['email']);
  285.             $this->bdate        =       mysql_real_escape_string($this->row['bdate']);
  286.             $this->phone        =       mysql_real_escape_string($this->row['phone']);
  287.             $this->nationality  =       mysql_real_escape_string($this->row['nationality']);
  288.             $this->sindsin      =       mysql_real_escape_string($this->row['sindsin']);
  289.             $this->education    =       mysql_real_escape_string($this->row['education']);
  290.             $this->kwg          =       mysql_real_escape_string($this->row['kwg']);
  291.             $this->clas         =       mysql_real_escape_string($this->row['clas']);
  292.             $this->oteam        =       mysql_real_escape_string($this->row['oteam']);
  293.  
  294.         }
  295.    
  296.     }
  297.  
  298. }
  299.  
  300. ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!