<?phprequire_once("functions.php");session_start();//mysql access info

1. <?php
2. require_once("functions.php");
3. session_start();
4.  
5. //mysql access info
6. $db_host = "localhost";
7. $db_username = "root";
8. $db_password = "*******";
9. $db_database = "iacuc";
10.  
11. $connection = mysql_connect($db_host, $db_username, $db_password);
12. if (!$connection) die ("Could not connect to the database.  ".mysql_error());
13.  
14. $db_select = mysql_select_db($db_database);
15. if (!$db_select) die ("Could not select a database.  ".mysql_error());
16.  
17.  
18. //is user logged in?
19. if (isset($_SESSION['user']) && isset($_SESSION['password']))
20. {
21.     $user = $_SESSION['user'];
22.     $password = $_SESSION['password'];
23.     $loggedin = true;
24.  
25.     //is user admin?
26.     $adminquery = "SELECT COUNT(*) FROM admin WHERE user='$user'"; //will have to refine this to prevent someone from making a user name the same as an admin user name and being granted admin privileges upon login
27.     $resultadminquery = mysql_query($adminquery);
28.     $resultadminquery_row = mysql_fetch_row($resultadminquery);
29.     if ($resultadminquery_row[0] == 1) $adminloggedin = true;
30.     else $adminloggedin = false;
31.  
32.  
33. }
34. else $loggedin = false;
35.  
36. //the header
37. echo <<<_END
38. <html>
39. <title>IACUC</title>
40. <head>
41. </head>
42. <body>
43. <script src="aR.js"></script>
44. _END;
45.  
46.  
47. if ($loggedin == true)
48. {
49.     //user toolbar
50.     echo <<<_END
51.     <a href="index.php">IACUC</a> |
52.     <a href="profile.php">Profile</a> |
53.     <a href="oldsub.php">Your Submission</a> |
54.     <a href="newsub.php">Create a New Submission</a> |
55.     <a href="contact.php">Contact</a> |
56.     <a href="logout.php">Log Out</a>
57.     <br /><br />
58. _END;
59.     //change all instances of submission to request?
60.  
61.     if ($adminloggedin == true)
62.     {
63.         //admin toolbar
64.         echo <<<_END
65.         <a href="viewsub.php">View All Submissions</a> |
66.         <a href="userdir.php">Directory</a> |
67.         <a href="searchengine.php">Search!</a>
68.         <br /><br />
69. _END;
70.         //decide b/w viewsub != oldsub (w/ viewsub protected)
71.         //or split oldsub into user version and admin version
72.     }
73. }
74.  
75. else
76. {
77.     //not logged in
78.     echo <<<_END
79.     <a href="login.php">Log In</a> |
80.     <a href="register.php">Register</a>
81.     <br /><br />
82. _END;
83. }
84.  
85. //session_destroy();
86. ?>