Experts database

Edit message

mihai.andronie@gmail.com (Mihai Andronie) — Wed, 17 May 2017 17:06:19 +0300

Send mail

mihai.andronie@gmail.com (Mihai Andronie) — Sun, 14 May 2017 12:03:36 +0300

{source}

session_start();

if(isset($_GET["to"]) && isset($_GET["from"]) && isset($_GET["sub"]) && isset($_GET["mes"])){

$to = $_GET["to"];

$from = $_GET["from"];

$sub = $_GET["sub"];

$mes = $_GET["mes"];

$servername = "94.176.180.19";
$username = "db-usr-cercetare";
$password = "8BYDrE2KcyjGtJKH";
$dbname = "Experts";

// Create connection

$conn = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
$result = $conn->query("SELECT `email` from info a where a.`date` = (select max(b.`date`) from info b where a.`idu` = b.`idu`) and `idu`=" . $to);

if ($result->num_rows > 0)
while($row = $result->fetch_array())
$rec = $row[0];

$conn->close();

$mailer = JFactory::getMailer();
$config = JFactory::getConfig();
$sender = array(
$config->get( 'mailfrom' ),
$config->get( 'fromname' )
);

$mailer->setSender($sender);
$user = JFactory::getUser();
$recipient = $user->email;

$mailer->addRecipient($recipient);
$recipient = array($rec);

$mailer->addRecipient($recipient);

//$body = "Testare script email \nYour body string\nin double quotes if you want to parse the \nnewlines etc";
$mailer->setSubject($sub);
$mailer->setBody($from . " has just said: \n" . $mes);

// Optional file attached
//$mailer->addAttachment(JPATH_COMPONENT.'/assets/document.pdf');

$send = $mailer->Send();
if ( $send !== true ) {
echo 'Error sending email: ';
} else {
echo 'Email trimis';
}
} else {
echo "Please fill in all the fields!";
}
?>
{/source}

Upload script

mihai.andronie@gmail.com (Mihai Andronie) — Wed, 10 May 2017 10:24:23 +0300

{source}

session_start();
$servername = "94.176.180.19";
$username = "db-usr-cercetare";
$password = "8BYDrE2KcyjGtJKH";
$dbname = "Experts";

$idu = $_SESSION["idm"];

if($_SESSION["logged"]=="yes") {

$target_dir = "./";
$target_file = $target_dir . basename($_FILES["fileToUpload"]["name"]);
$uploadOk = 1;
$imageFileType = pathinfo($target_file,PATHINFO_EXTENSION);
// Check if image file is a actual image or fake image
if(isset($_POST["submit"])) {
$check = getimagesize($_FILES["fileToUpload"]["tmp_name"]);
if($check !== false) {
echo "File is an image - " . $check["mime"] . ".";
$uploadOk = 1;
} else {
echo "File is not an image.";
$uploadOk = 0;
}
}
// Check if file already exists
if (file_exists($target_file)) {
echo "Sorry, file already exists.";
$uploadOk = 0;
}
// Check file size
if ($_FILES["fileToUpload"]["size"] > 500000) {
echo "Sorry, your file is too large.";
$uploadOk = 0;
}
// Allow certain file formats
if($imageFileType != "jpg" && $imageFileType != "png" && $imageFileType != "jpeg"
&& $imageFileType != "gif" ) {
echo "Sorry, only JPG, JPEG, PNG & GIF files are allowed.";
$uploadOk = 0;
}
// Check if $uploadOk is set to 0 by an error
if ($uploadOk == 0) {
echo "Sorry, your file was not uploaded.";
// if everything is ok, try to upload file
} else {
if (move_uploaded_file($_FILES["fileToUpload"]["tmp_name"], $target_file)) {
// Create connection
$conn = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}

$sql = "update info set image = '$target_file' where idu = $idu";

if ($conn->query($sql) === TRUE) {
header("Location: http://spiruharet.qareer.ro/platform/experts-database");
die();
} else {
//echo "Error: " . $sql . "
" . $conn->error;
echo "You have to add your data first!";
}

$conn->close();
echo "The file ". basename( $_FILES["fileToUpload"]["name"]). " has been uploaded.";
} else {
echo "Sorry, there was an error uploading your file.";
}
}
} else {

echo "Sorry, we are unable to submit your image. Please login first!";}
?>

{/source}

Add Experts

mihai.andronie@gmail.com (Mihai Andronie) — Wed, 26 Apr 2017 20:17:21 +0300

{source}

session_start();
$servername = "94.176.180.19";
$username = "db-usr-cercetare";
$password = "8BYDrE2KcyjGtJKH";
$dbname = "Experts";
//$idu=$_GET["idu"];
$fname = $_GET["fname"];
$lname = $_GET["lname"];
$profile= $_GET["profile"];
$co=$_GET["co"];
$org=$_GET["org"];
$email=$_GET["email"];

$site=$_GET["site"];
//$user=$_GET["user"];
//$pwd=$_GET["pwd"];

$idu = $_SESSION["idm"];

if($_SESSION["logged"]=="yes") {

// Create connection
$conn = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}

$sql = "INSERT INTO info (`fname`, `lname`, `profile`, `institution`, `country`, `email`, `site`, `idu`) VALUES ('$fname', '$lname', '$profile', '$org', '$co', '$email', '$site', $idu)";

if ($conn->query($sql) === TRUE) {
header("Location: http://spiruharet.qareer.ro/platform/experts-database ");
die();
} else {
echo "Error: " . $sql . "
" . $conn->error;
}

$conn->close();

} else {

echo "Sorry, we are unable to submit your data. Please login first!";}
?>

{/source}

Report results

mihai.andronie@gmail.com (Mihai Andronie) — Wed, 26 Apr 2017 19:45:03 +0300

{source}

echo "

$servername = "94.176.180.19";
$username = "db-usr-cercetare";
$password = "8BYDrE2KcyjGtJKH";
$dbname = "Experts";

// Create connection

$conn = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}

if (isset($_GET["country"])) {

$cty=$_GET["country"];

$sql = "SELECT `fname`,`lname`,`profile`,`institution`,`country`,`idu`,`image` from info a where a.`date` = (select max(b.`date`) from info b where a.`idu` = b.`idu`) AND (country LIKE '$cty')";

} else {

$sql = "SELECT `fname`,`lname`,`profile`,`institution`,`country`,`idu`,`image` from info a where a.`date` = (select max(b.`date`) from info b where a.`idu` = b.`idu`) order by `country`";}

$result = $conn->query($sql);

if ($result->num_rows > 0) {
// output data of each row
echo "

Last NameProfileInstitutionCountryEmail";

while($row = $result->fetch_array()) {

$x++; 

$class = ($x%2 == 0)? 'white': 'lightgray';

echo "bgcolor='$class'>

";
}
echo "

First Name
" . $row[0] . "	" . $row[1] . "	" . $row[2] . "	" . $row[3] . "	" . $row[4] . "	email

First Name

" . $row[0] . "

" . $row[1] . "

" . $row[2] . "

" . $row[3] . "

" . $row[4] .

";
} else {
echo "0 results";
}
$conn->close();

echo "

";
?>

{/source}

Login result

mihai.andronie@gmail.com (Mihai Andronie) — Wed, 26 Apr 2017 18:55:05 +0300

{source}

session_start();

$servername = "94.176.180.19";
$username = "db-usr-cercetare";
$password = "8BYDrE2KcyjGtJKH";
$dbname = "Experts";

$usr_name=$_GET["user"];
$usr_pwd=$_GET["pwd"];

// Create connection
$conn = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}

$sql = "SELECT * FROM `users` WHERE `user` LIKE '$usr_name' AND `pwd` LIKE '$usr_pwd'";
$result = $conn->query($sql);

if ($result->num_rows > 0) {

$_SESSION["logged"] = "yes";
// output data of each row
while($row =mysqli_fetch_array($result,MYSQLI_ASSOC)) {

$idm = $row["idu"];

//echo $idm;

echo "Wellcome, " . $row["user"] . "!
";
}

$_SESSION["idm"] = $idm;
echo "Click">'>Click here to enter your data:";
} else {

$_SESSION["logged"] = "no";
echo "Sorry, your credentials are wrong!";
}
$conn->close();
?>

{/source}