/booka/trunk : contents of BooKa.php at revision 33

: (revision 33)

To get this branch, use:

bzr branch
http://gegoxaren.bato24.eu/bzr/booka/trunk

<?php
session_start();
	/*
	BooKa.php
	This is the "main" file or "index" file
	*/

if(file_exists("./cfg/lock.lock") == false){
	
	header('Location: ./firstrun.php');
	
}

include "./inc/dbConnect.php";
include "./inc/head.php";

if($_SESSION[logedin]){

?>
	<p><img src="./img/Logo.png" alt="BooKa´s logo" /></p>
	
	<div class="menu">
		 <h1> Logedin <a href="./logout.php">[logout]</a> </h1>
		 <hr />
		 <p>
		 You are logged in.<br />
		 continue to <a href="dbEditor.php"> dbEditor </a> to start booking peopel!
		 </p>
		 <hr />
		 <?php if($_GET[showadminpage]=="true"){ ?><h2> User registration </h2> <?php }?>
		 <p>
		 	
		 	<?php
		 	if($_SESSION[admin]){ //this section prpbobly needs re work?
		 		if($_GET[showadminpage]=="true"){
		 			echo "<a href='BooKa.php?showadminpage=false'>[hide adminpage]</a><br /> \n";
		 		}
		 		if($_GET[showadminpage]=="false" || $_GET[showadminpage] == null){
		 			echo "<a href='BooKa.php?showadminpage=true'>[Show adminpage]</a><br /> \n";
		 		}
		 	} ?>
		 </p>
		 	<?php
		 	if($_SESSION[admin] == true && $_GET[showadminpage]== "true" ){
		 	?>
		 	
		 	<form action="BooKa.php?showadminpage=true" method="post" >
		 		<p>
		 		<input type="hidden" name="userreg" value="true" />
		 		<label for="username">Name of the new user</label><input type="text" name="username" /><br />
		 		<label for="password1">password of the new user</label><input type="password" name="password1" />
		 		<label for="password2">password again</label><input type="password" name="password2" /><br />
		 		<label for="isadmin">is this user a admin?</label> <input type="checkbox" name="isadmin" /><br />
		 		
		 		
		 			<?php
		 			//ifs and buts goes here
		 			if($_POST[userreg]){
		 				
		 				
		 				$canreg = true;
		 				
		 				$query = "SELECT * FROM users WHERE username = '{$_POST[username]}';";
	
						$userinfo = $db->query($query);
	
						$newinfo = $userinfo->fetch();
		 				
		 				if($newinfo[username] == $_POST[username]){
		 					
		 					echo "<span class='warning'> username is already in use </span> <br />";
		 					$canreg = false;
		 				}
		 				
		 				if($_POST[username] == null){
		 					echo "<span class='warning'>you need to enter a new username </span> <br />";
		 					$canreg = false;
		 				}
		 				
		 				if($_POST[password1] == null){
		 					
		 					echo "<span class='warning'>you need to have a password <br /> </span>";
		 					$canreg = false;
		 				}
		 				
		 				if($_POST[password2] != $_POST[password1]){
		 					
		 					echo "<span class='warning'>passwords deos not match </span> <br />";
		 					$canreg = false;
		 				}
		 				sleep(.5);//to prevent $conreg being true whun it should be false 0_o?
		 				if($canreg){
		 					if($_POST[isadmin]){
		 						$group = 1;
		 					}else {
		 						
		 						$group = 2;
		 						
		 					}
		 					$username1 = $_POST[username];
		 					$password1 = md5($_POST[password1]);
		 					
		 					$db->queryExec("BEGIN;
								INSERT INTO users (username, password, 'group')
								VALUES('{$username1}' , '{$password1}', '{$group}');
							COMMIT;") or die("could not do query");
		 					echo $db->error;
		 					echo "Registration of user {$_POST[username]} complite!";
		 				}
		 			}
		 			?>
		 		<input type="submit" /><br />
		 		</p>
		 	</form>
		 	
		 	<?php 	
		 		if($_SESSION[admin]){ //this section prpbobly needs re work?
		 			if($_GET[showrmuser]=="true"){
		 				echo "<a href='BooKa.php?showadminpage=true&amp;showrmuser=false'>[Hide remove user page]</a><br /> \n";
		 			}
		 			if($_GET[showrmuser]=="false" || $_GET[showrmuser] == null){
		 				echo "<a href='BooKa.php?showadminpage=true&amp;showrmuser=true'>[Show remove user page]</a><br /> \n";
		 			}
		 		}
		 		if($_GET[showrmuser]=="true"){
		 			
		 			//table with user id, user name and a remove button goes here...
		 			?>
		 			<h2>DO NOT REMOVE THE LAST ADMIN PL0X!</h2>
		 			<table> <!-- muckup tabell -->
						<tr> <!-- row one -->
							<td> uid </td>
							<td> User Name </td>
							<td> Admin </td>
							<td> remove </td>
						</tr> <!-- end of row one -->
						<?php
						
						$result = $db->query("SELECT * FROM users") or die("could not do query!");
						foreach($result as $row){
						?>
						<tr> <!-- Row two and up -->
							<td> <?php echo $row[id]?> </td>
							<td> <?php echo $row[username]?> </td>
							<td> <?php
								if($row[group] == 1){
									echo "Yes";
								} else {
									echo "no";
								}
								
							?> </td>
							<td>
								<form action="removeUser.php" method="post">
									<p>
										<input type="submit" value="remove" />
										<input type="hidden" value="<? echo $row[id]?>" name="id"/>
									</p>
								</form>
							</td>
						</tr> <!-- end of row two and up -->
						
						<?php
						}
						?>
					</table>
					 


			<?php
		 		}
		 	}
		 	?>
	</div>
<?php
} else {
?>
	<div class="head"><img src="./img/Logo.png" alt="BooKa´s logo" /></div>
	
	<div class="menu">
		 <h1> Login </h1>
		 <hr />
		 <form action="login.php" method="post">
		 	<p>
		 		User name: <input type="text" name="userName" /> <br/>
		 		Pass word:  <input type="password" name="userPassword" /> <br />
		 		<input type="hidden" name="login" value="true" />
		 		<input type="submit" name="null" value="Login" />
		 	</p>
		 </form>
		 <p>
		 	All registrations are performed by admin.
		 </p>
	</div>
	
<?php
}

include "./inc/foot.php";

?>

11 by Gustav Hartvigsson merging Neo to trunk. freezing neo branshs.	1	<?php
	2	session_start();
	3	/*
	4	BooKa.php
	5	This is the "main" file or "index" file
	6	*/
	7
	8	if(file_exists("./cfg/lock.lock") == false){
	9
	10	header('Location: ./firstrun.php');
	11
	12	}
	13
	14	include "./inc/dbConnect.php";
	15	include "./inc/head.php";
	16
	17	if($_SESSION[logedin]){
	18
	19	?>
	20	<p><img src="./img/Logo.png" alt="BooKa´s logo" /></p>
	21
	22	<div class="menu">
	23	<h1> Logedin <a href="./logout.php">[logout]</a> </h1>
	24	<hr />
	25	<p>
	26	You are logged in.<br />
	27	continue to <a href="dbEditor.php"> dbEditor </a> to start booking peopel!
	28	</p>
	29	<hr />
	30	<?php if($_GET[showadminpage]=="true"){ ?><h2> User registration </h2> <?php }?>
	31	<p>
	32
	33	<?php
	34	if($_SESSION[admin]){ //this section prpbobly needs re work?
	35	if($_GET[showadminpage]=="true"){
13 by Gustav Hartvigsson Fixed stiff with the url's cousing the admin panel to not show.	36	echo "<a href='BooKa.php?showadminpage=false'>[hide adminpage]</a><br /> \n";
11 by Gustav Hartvigsson merging Neo to trunk. freezing neo branshs.	37	}
	38	if($_GET[showadminpage]=="false" \|\| $_GET[showadminpage] == null){
13 by Gustav Hartvigsson Fixed stiff with the url's cousing the admin panel to not show.	39	echo "<a href='BooKa.php?showadminpage=true'>[Show adminpage]</a><br /> \n";
11 by Gustav Hartvigsson merging Neo to trunk. freezing neo branshs.	40	}
26 by Gustav Hartvigsson added so that webpage is served as XHTML, and then some coding errors in XHTML code...	41	} ?>
	42	</p>
29.1.1 by gustav.hartvigsson Fixed a parsing error, namly replaced all <? with <?php.	43	<?php
11 by Gustav Hartvigsson merging Neo to trunk. freezing neo branshs.	44	if($_SESSION[admin] == true && $_GET[showadminpage]== "true" ){
	45	?>
	46
	47	<form action="BooKa.php?showadminpage=true" method="post" >
	48	<p>
	49	<input type="hidden" name="userreg" value="true" />
	50	<label for="username">Name of the new user</label><input type="text" name="username" /><br />
	51	<label for="password1">password of the new user</label><input type="password" name="password1" />
	52	<label for="password2">password again</label><input type="password" name="password2" /><br />
	53	<label for="isadmin">is this user a admin?</label> <input type="checkbox" name="isadmin" /><br />
	54
	55
	56	<?php
	57	//ifs and buts goes here
	58	if($_POST[userreg]){
	59
	60
	61	$canreg = true;
	62
	63	$query = "SELECT * FROM users WHERE username = '{$_POST[username]}';";
	64
	65	$userinfo = $db->query($query);
	66
	67	$newinfo = $userinfo->fetch();
	68
	69	if($newinfo[username] == $_POST[username]){
	70
22 by Gustav Hartvigsson Made the Warnings in the user registration more eye-catching.	71	echo "<span class='warning'> username is already in use </span> <br />";
11 by Gustav Hartvigsson merging Neo to trunk. freezing neo branshs.	72	$canreg = false;
	73	}
	74
	75	if($_POST[username] == null){
22 by Gustav Hartvigsson Made the Warnings in the user registration more eye-catching.	76	echo "<span class='warning'>you need to enter a new username </span> <br />";
11 by Gustav Hartvigsson merging Neo to trunk. freezing neo branshs.	77	$canreg = false;
	78	}
	79
	80	if($_POST[password1] == null){
	81
22 by Gustav Hartvigsson Made the Warnings in the user registration more eye-catching.	82	echo "<span class='warning'>you need to have a password <br /> </span>";
11 by Gustav Hartvigsson merging Neo to trunk. freezing neo branshs.	83	$canreg = false;
	84	}
	85
	86	if($_POST[password2] != $_POST[password1]){
	87
22 by Gustav Hartvigsson Made the Warnings in the user registration more eye-catching.	88	echo "<span class='warning'>passwords deos not match </span> <br />";
11 by Gustav Hartvigsson merging Neo to trunk. freezing neo branshs.	89	$canreg = false;
	90	}
	91	sleep(.5);//to prevent $conreg being true whun it should be false 0_o?
	92	if($canreg){
	93	if($_POST[isadmin]){
	94	$group = 1;
	95	}else {
	96
	97	$group = 2;
	98
	99	}
	100	$username1 = $_POST[username];
	101	$password1 = md5($_POST[password1]);
	102
	103	$db->queryExec("BEGIN;
	104	INSERT INTO users (username, password, 'group')
	105	VALUES('{$username1}' , '{$password1}', '{$group}');
	106	COMMIT;") or die("could not do query");
	107	echo $db->error;
	108	echo "Registration of user {$_POST[username]} complite!";
	109	}
	110	}
	111	?>
	112	<input type="submit" /><br />
	113	</p>
	114	</form>
	115
	116	<?php
	117	if($_SESSION[admin]){ //this section prpbobly needs re work?
	118	if($_GET[showrmuser]=="true"){
27 by Gustav Hartvigsson fixxed stupid xhtml parsing error... that I coused yesturday, lol.	119	echo "<a href='BooKa.php?showadminpage=true&showrmuser=false'>[Hide remove user page]</a><br /> \n";
11 by Gustav Hartvigsson merging Neo to trunk. freezing neo branshs.	120	}
	121	if($_GET[showrmuser]=="false" \|\| $_GET[showrmuser] == null){
27 by Gustav Hartvigsson fixxed stupid xhtml parsing error... that I coused yesturday, lol.	122	echo "<a href='BooKa.php?showadminpage=true&showrmuser=true'>[Show remove user page]</a><br /> \n";
11 by Gustav Hartvigsson merging Neo to trunk. freezing neo branshs.	123	}
	124	}
	125	if($_GET[showrmuser]=="true"){
	126
	127	//table with user id, user name and a remove button goes here...
	128	?>
	129	<h2>DO NOT REMOVE THE LAST ADMIN PL0X!</h2>
	130	<table> <!-- muckup tabell -->
	131	<tr> <!-- row one -->
	132	<td> uid </td>
	133	<td> User Name </td>
	134	<td> Admin </td>
	135	<td> remove </td>
	136	</tr> <!-- end of row one -->
29.1.1 by gustav.hartvigsson Fixed a parsing error, namly replaced all <? with <?php.	137	<?php
11 by Gustav Hartvigsson merging Neo to trunk. freezing neo branshs.	138
	139	$result = $db->query("SELECT * FROM users") or die("could not do query!");
	140	foreach($result as $row){
	141	?>
	142	<tr> <!-- Row two and up -->
	143	<td> <?php echo $row[id]?> </td>
	144	<td> <?php echo $row[username]?> </td>
	145	<td> <?php
23 by Gustav Hartvigsson fixxed osme stupid shit with the user rehistration, now it works.	146	if($row[group] == 1){
11 by Gustav Hartvigsson merging Neo to trunk. freezing neo branshs.	147	echo "Yes";
	148	} else {
	149	echo "no";
	150	}
	151
	152	?> </td>
	153	<td>
	154	<form action="removeUser.php" method="post">
	155	<p>
	156	<input type="submit" value="remove" />
	157	<input type="hidden" value="<? echo $row[id]?>" name="id"/>
	158	</p>
	159	</form>
	160	</td>
	161	</tr> <!-- end of row two and up -->
	162
29.1.1 by gustav.hartvigsson Fixed a parsing error, namly replaced all <? with <?php.	163	<?php
11 by Gustav Hartvigsson merging Neo to trunk. freezing neo branshs.	164	}
	165	?>
	166	</table>
	167
	168
	169
29.1.1 by gustav.hartvigsson Fixed a parsing error, namly replaced all <? with <?php.	170	<?php
11 by Gustav Hartvigsson merging Neo to trunk. freezing neo branshs.	171	}
	172	}
	173	?>
	174	</div>
29.1.1 by gustav.hartvigsson Fixed a parsing error, namly replaced all <? with <?php.	175	<?php
11 by Gustav Hartvigsson merging Neo to trunk. freezing neo branshs.	176	} else {
	177	?>
	178	<div class="head"><img src="./img/Logo.png" alt="BooKa´s logo" /></div>
	179
	180	<div class="menu">
	181	<h1> Login </h1>
	182	<hr />
	183	<form action="login.php" method="post">
	184	<p>
	185	User name: <input type="text" name="userName" /> <br/>
	186	Pass word: <input type="password" name="userPassword" /> <br />
	187	<input type="hidden" name="login" value="true" />
22 by Gustav Hartvigsson Made the Warnings in the user registration more eye-catching.	188	<input type="submit" name="null" value="Login" />
11 by Gustav Hartvigsson merging Neo to trunk. freezing neo branshs.	189	</p>
	190	</form>
	191	<p>
	192	All registrations are performed by admin.
	193	</p>
	194	</div>
	195
	196	<?php
	197	}
	198
	199	include "./inc/foot.php";
	200
	201	?>