eventmanager/controller.php

<?php

	session_start();
	
	if (!isset($_SESSION['zalogowany']))
			{
				header('Location: index.php');
				exit();
			}
					$_SESSION['numevent'] = $_GET['info'];
					
					require_once "dbconnect.php";
					$polaczenie = mysqli_connect($host, $db_user, $db_password);
					mysqli_query($polaczenie, "SET CHARSET utf8");
					mysqli_query($polaczenie, "SET NAMES 'utf8' COLLATE 'utf8_polish_ci'");
					mysqli_select_db($polaczenie, $db_name);
					
					$query = "SELECT events.id_events, events.quantity FROM manager, events WHERE events.id_events = manager.id_events AND manager.id_events = '".$_SESSION['numevent']."'";
					$rezultat = mysqli_query($polaczenie, $query);
					$ile = mysqli_num_rows($rezultat);
					
					require_once "dbconnect.php";

					$polaczenie = @new mysqli($host, $db_user, $db_password, $db_name);
							
							if ($polaczenie->connect_errno!=0)
							{
								echo "Error: ".$polaczenie->connect_errno;
							}
							else
							{
								#$login = $_SESSION['employeeID'];
								
								$login = htmlentities($login, ENT_QUOTES, "UTF-8");
								
								if ($rezultat = @$polaczenie->query(
								sprintf("SELECT events.id_events, events.quantity FROM manager, events WHERE events.id_events = manager.id_events AND manager.id_events = '".$_SESSION['numevent']."' AND manager.employeeID='".$_SESSION['login']."'",
								mysqli_real_escape_string($polaczenie,$login))))
								{
									$ilu_userow = $rezultat->num_rows;
									if($ilu_userow>0)
									{				
										$wiersz = $rezultat->fetch_assoc();
										$_SESSION['controller'] = "true";
										$rezultat->free_result();
										
										header('Location: join_page_style.php');
										
									} 
									else 
									{
										$_SESSION['controller'] = "false";
										//Osoby które nie sa w wydarzeniu
										header('Location: join_page_style.php');
									}
								}
								$polaczenie->close();
							}
					
?>
Prześlij pliki do '' 2021-03-27 17:14:05 +01:00			`<?php`

			`session_start();`

			`if (!isset($_SESSION['zalogowany']))`
			`{`
			`header('Location: index.php');`
			`exit();`
			`}`
			`$_SESSION['numevent'] = $_GET['info'];`
Prześlij pliki do '' 2021-03-27 17:37:00 +01:00
Prześlij pliki do '' 2021-03-27 17:14:05 +01:00			`require_once "dbconnect.php";`
			`$polaczenie = mysqli_connect($host, $db_user, $db_password);`
			`mysqli_query($polaczenie, "SET CHARSET utf8");`
			`mysqli_query($polaczenie, "SET NAMES 'utf8' COLLATE 'utf8_polish_ci'");`
			`mysqli_select_db($polaczenie, $db_name);`

			`$query = "SELECT events.id_events, events.quantity FROM manager, events WHERE events.id_events = manager.id_events AND manager.id_events = '".$_SESSION['numevent']."'";`
			`$rezultat = mysqli_query($polaczenie, $query);`
			`$ile = mysqli_num_rows($rezultat);`

			`require_once "dbconnect.php";`

			`$polaczenie = @new mysqli($host, $db_user, $db_password, $db_name);`

			`if ($polaczenie->connect_errno!=0)`
			`{`
			`echo "Error: ".$polaczenie->connect_errno;`
			`}`
			`else`
			`{`
			`#$login = $_SESSION['employeeID'];`

			`$login = htmlentities($login, ENT_QUOTES, "UTF-8");`

			`if ($rezultat = @$polaczenie->query(`
			`sprintf("SELECT events.id_events, events.quantity FROM manager, events WHERE events.id_events = manager.id_events AND manager.id_events = '".$_SESSION['numevent']."' AND manager.employeeID='".$_SESSION['login']."'",`
			`mysqli_real_escape_string($polaczenie,$login))))`
			`{`
			`$ilu_userow = $rezultat->num_rows;`
			`if($ilu_userow>0)`
			`{`
			`$wiersz = $rezultat->fetch_assoc();`
			`$_SESSION['controller'] = "true";`
			`$rezultat->free_result();`

			`header('Location: join_page_style.php');`

			`}`
			`else`
			`{`
			`$_SESSION['controller'] = "false";`
			`//Osoby które nie sa w wydarzeniu`
			`header('Location: join_page_style.php');`
			`}`
			`}`
			`$polaczenie->close();`
			`}`

			`?>`