Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- require_once("functions.php");
- session_start();
- //mysql access info
- $db_host = "localhost";
- $db_username = "root";
- $db_password = "*******";
- $db_database = "iacuc";
- $connection = mysql_connect($db_host, $db_username, $db_password);
- if (!$connection) die ("Could not connect to the database. ".mysql_error());
- $db_select = mysql_select_db($db_database);
- if (!$db_select) die ("Could not select a database. ".mysql_error());
- //is user logged in?
- if (isset($_SESSION['user']) && isset($_SESSION['password']))
- {
- $user = $_SESSION['user'];
- $password = $_SESSION['password'];
- $loggedin = true;
- //is user admin?
- $adminquery = "SELECT COUNT(*) FROM admin WHERE user='$user'"; //will have to refine this to prevent someone from making a user name the same as an admin user name and being granted admin privileges upon login
- $resultadminquery = mysql_query($adminquery);
- $resultadminquery_row = mysql_fetch_row($resultadminquery);
- if ($resultadminquery_row[0] == 1) $adminloggedin = true;
- else $adminloggedin = false;
- }
- else $loggedin = false;
- //the header
- echo <<<_END
- <html>
- <title>IACUC</title>
- <head>
- </head>
- <body>
- <script src="aR.js"></script>
- _END;
- if ($loggedin == true)
- {
- //user toolbar
- echo <<<_END
- <a href="index.php">IACUC</a> |
- <a href="profile.php">Profile</a> |
- <a href="oldsub.php">Your Submission</a> |
- <a href="newsub.php">Create a New Submission</a> |
- <a href="contact.php">Contact</a> |
- <a href="logout.php">Log Out</a>
- <br /><br />
- _END;
- //change all instances of submission to request?
- if ($adminloggedin == true)
- {
- //admin toolbar
- echo <<<_END
- <a href="viewsub.php">View All Submissions</a> |
- <a href="userdir.php">Directory</a> |
- <a href="searchengine.php">Search!</a>
- <br /><br />
- _END;
- //decide b/w viewsub != oldsub (w/ viewsub protected)
- //or split oldsub into user version and admin version
- }
- }
- else
- {
- //not logged in
- echo <<<_END
- <a href="login.php">Log In</a> |
- <a href="register.php">Register</a>
- <br /><br />
- _END;
- }
- //session_destroy();
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement