@ 2013-08-31T18:27:07Z <?php
require_once('config.php');
require_once('login.php');
if($_SESSION['admin']!=='true'){
header("Location: members.php?msg=Ehm, ehm. You are not admin or you logged out (if so, please log in again).");
echo "You are not admin so please behave yourself :)";
} elseif($_SESSION['admin']=='true'){
if($_GET['action']=='addresult'){
if($_GET['user']){
$user = mysql_real_escape_string($_GET['user']);
if($_POST){
if($_POST['subject1']){
$subject=$_POST['subject1'];
$marks=$_POST['marks1'];
mysql_query("INERT INTO $tbl2 (user, subject, marks) VALUES ('$user', '$subject', '$marks'") or die(mysql_error());
}
if($_POST['subject2']){
$subject=$_POST['subject2'];
$marks=$_POST['marks2'];
mysql_query("INERT INTO $tbl2 (user, subject, marks) VALUES ('$user', '$subject', '$marks'") or die(mysql_error());
}
if($_POST['subject3']){
$subject=$_POST['subject3'];
$marks=$_POST['marks3'];
mysql_query("INERT INTO $tbl2 (user, subject, marks) VALUES ('$user', '$subject', '$marks'") or die(mysql_error());
}
if($_POST['subject4']){
$subject=$_POST['subject4'];
$marks=$_POST['marks4'];
mysql_query("INERT INTO $tbl2 (user, subject, marks) VALUES ('$user', '$subject', '$marks'") or die(mysql_error());
}
if($_POST['subject5']){
$subject=$_POST['subject5'];
$marks=$_POST['marks5'];
mysql_query("INERT INTO $tbl2 (user, subject, marks) VALUES ('$user', '$subject', '$marks'") or die(mysql_error());
}
if($_POST['subject6']){
$subject=$_POST['subject6'];
$marks=$_POST['marks6'];
mysql_query("INERT INTO $tbl2 (user, subject, marks) VALUES ('$user', '$subject', '$marks'") or die(mysql_error());
}
if($_POST['subject7']){
$subject=$_POST['subject7'];
$marks=$_POST['marks7'];
mysql_query("INERT INTO $tbl2 (user, subject, marks) VALUES ('$user', '$subject', '$marks'") or die(mysql_error());
}
if($_POST['subject8']){
$subject=$_POST['subject8'];
$marks=$_POST['marks8'];
mysql_query("INERT INTO $tbl2 (user, subject, marks) VALUES ('$user', '$subject', '$marks'") or die(mysql_error());
}
echo "Subject and marks added. Add more if you want!";
}
echo "<style>.admin { display:none; } .back { display: block !important; }</style><br />";
echo '<form method="POST" action="">';
for ($i = 1; $i <= 8; $i++) {
echo '<div style="border:1px solid #666;">Subject: <input type="text" name="subject'.$i.'" id="subject'.$i.'" placeholder="Subject name" /><br />
Marks: <input type="text" name="marks'.$i.'" id="marks'.$i.'" placeholder="Marks gained" /></div>';
}
echo '<input type="submit" value="Add" /></form>';
}
} elseif($_GET['action']=='updateresult']){
if($_GET['user']){
if($_POST){
foreach ($_POST as $name => $val){
if($name=='submit'){ break; }
//echo htmlspecialchars($name . ': ' . $val) . "\n";
mysql_query("UPDATE $tbl2 SET marks='$val' WHERE subject='$name'") or die(mysql_error());
}
echo "<style>.admin { display:none; } .back { display: block !important; }</style> <br /> Record Updated!";
} else {
$user = $_GET['user']; // profile name.
$user = mysql_real_escape_string($user);
$qr = mysql_query("SELECT * FROM $tbl2 WHERE user_name='$user'");
$rr = mysql_num_rows($qr);
if($rr=='0'){
echo "<style>.admin { display:none; } .back { display: block !important; }</style> <br /> No subjects added. You may need to add subjects first so <a href='?action=addresult&user=".$user."'>click here to do so</a>";
} else {
echo 'Total subjects: '.$rr;
echo '<br />
<form method="POST" action="" name="form21">';
while($s=mysql_fetch_array($qr)){
$subject=$s['subject'];
$marks=$s['marks'];
echo "<div style='border:1px solid #666;'> Subject: ".$subject."<br/>
Marks: <input name='".$subject."' type='text' id='".$subject."' value='".$marks."' /></div><br/>";
}
echo '<input type="submit" value="Update" /></form>';
}
}
}
} elseif($_GET['action']=='updateuser'){
if($_GET['user']){
$user = $_GET['user']; // profile name.
$user = mysql_real_escape_string($user);
if($_POST){
$pwd = mysql_real_escape_string($_POST['upassword']);
$fullname = mysql_real_escape_string($_POST['ufullname']);
$session = mysql_real_escape_string($_POST['usession']);
$class = mysql_real_escape_string($_POST['uclass']);
$campus = mysql_real_escape_string($_POST['ucampus']);
$fine = mysql_real_escape_string($_POST['ufine']);
$fee = mysql_real_escape_string($_POST['ufee']);
$attendance = mysql_real_escape_string($_POST['uattendance']);
$result_last = mysql_real_escape_string($_POST['uresult_last']);
$fone = mysql_real_escape_string($_POST['ufone']);
$addr = mysql_real_escape_string($_POST['uaddr']);
$email = mysql_real_escape_string($_POST['uemail']);
mysql_query("UPDATE $tbl_name SET fone='$fone', addr='$addr', email='$email', password='$pwd', fullname='$fullname', session='$session', class='$class', campus='$campus', fine='$fine', fee='$fee', attendance='$attendance', resul_last='$result_last' WHERE user_name='$user'") or die(mysql_error());
echo "<style>.admin { display:none; } .back { display: block !important; }</style> <br />
User has been updated!";
} else {
$sql22="SELECT * FROM $tbl_name WHERE user_name='$user'";
$result22=mysql_query($sql22) or die(mysql_error());
$user22=mysql_fetch_array($result22);
?>
<style>.admin { display:none; } .back { display: block !important; }</style>
<form name="form3" method="post" action="">
<strong>Edit a user </strong><br/><br/>
Fullname: <input name="ufullname" type="text" id="ufullname" value="<?=$user22['fullname']?>" /><br/>
Password: <input name="upassword" type="password" id="upassword" value="<?=$user22['password']?>" /><br/>
<strong> If student:</strong><br/>
Session: <input name="usession" type="text" id="usession" value="<?=$user22['session']?>" /><br/>
Class: <input name="uclass" type="text" id="uclass" value="<?=$user22['class']?>" /><br/>
Campus: <input name="ucampus" type="text" id="ucampus" value="<?=$user22['campus']?>" /><br/>
Fine: <input name="ufine" type="text" id="ufine" value="<?=$user22['fine']?>" /><br/>
Fee status: <input name="ufee" type="text" id="ufee" value="<?=$user22['fee']?>" /><br/>
Attendance: <input name="uattendance" type="text" id="uattendance" value="<?=$user22['attendance']?>" /><br/>
Last month result: <input name="uresult_last" type="text" id="uresult_last" value="<?=$user22['resul_last']?>" /><br/>
Phone: <input name="ufone" type="text" id="ufone" value="<?=$user22['fone']?>" /><br/>
Address: <input name="uaddr" type="text" id="uaddr" value="<?=$user22['addr']?>" /><br/>
Email: <input name="uemail" type="text" id="uemail" value="<?=$user22['email']?>" /><br/>
<br/><input type="submit" name="Submit" value="Update" /></form>
<?php
}
}
} elseif($_GET['action']=='logout'){
unset($_SESSION['admin']);
header("Location: index.php?msg_gr=You have been logged out of the admin panel!");
} elseif($_GET['action']=='adduser'){
if($_POST['user_name_add']){
$user_name = mysql_real_escape_string($_POST['user_name_add']);
$pwd = mysql_real_escape_string($_POST['password']);
$fullname = mysql_real_escape_string($_POST['fullname']);
$rank = mysql_real_escape_string($_POST['rank']);
$session = mysql_real_escape_string($_POST['session']);
$class = mysql_real_escape_string($_POST['class']);
$campus = mysql_real_escape_string($_POST['campus']);
$fine = mysql_real_escape_string($_POST['fine']);
$fee = mysql_real_escape_string($_POST['fee']);
$attendance = mysql_real_escape_string($_POST['attendance']);
$result_last = mysql_real_escape_string($_POST['result_last']);
if($rank=='1'){
$rank='teacher';
} else {
$rank='student';
}
$insert_query = "INSERT INTO $tbl_name (user_name, fullname, password, session, class, campus, fine, fee, attendance, resul_last) VALUES ('$user_name', '$fullname', '$pwd', '$rank','$session', '$class', '$campus', '$fine', '$fee', '$attendance', '$result_last')";
$insert_result = mysql_query($insert_query) or die(mysql_error());
$responsemsg = "User has been added!";
echo '<style>.admin { display:none; } .back { display: block !important; }</style>';
} else {
?>
<style>.admin { display:none; } .back { display: block !important; }</style>
<form name="form2" method="post" action="admin.php?action=adduser">
<strong>Add a user </strong><br/><br/>
Fullname: <input name="fullname" type="text" id="fullname" /><br/>
Username: <input name="user_name_add" type="text" id="user_name_add" /><br/>
Password: <input name="password" type="password" id="password" /><br/>
Rank: <input type="radio" value="2" name="rank" id="rank" /> Student <input type="radio" value="1" name="rank" id="rank" /> Teacher<br />
<strong> If student:</strong><br/>
Session: <input name="session" type="text" id="session" /><br/>
Class: <input name="class" type="text" id="class" /><br/>
Campus: <input name="campus" type="text" id="campus" /><br/>
Fine: <input name="fine" type="text" id="fine" /><br/>
Fee status: <input name="fee" type="text" id="fee" /><br/>
Attendance: <input name="attendance" type="text" id="attendance" /><br/>
Last month result: <input name="result_last" type="text" id="result_last" /><br/>
<br/><input type="submit" name="Submit" value="Add" /></form>
<?php
}
} elseif($_GET['action']=='deleteuser'){
if($_GET['user']){
$user = $_GET['user']; // profile name.
$user = mysql_real_escape_string($user);
$query5 = "DELETE FROM $tbl_name WHERE user_name = '$user'";
$result = mysql_query( $query5 ) or die(mysql_error());
$responsemsg = "User has been deleted!";
} else {
$qfo = "SELECT * FROM $tbl_name WHERE (rank = 'teacher' OR rank = 'student')";
$fo = mysql_query($qfo) or die(mysql_error());
$rowfo = mysql_num_rows($fo);
echo "<style>.admin { display:none; } .back { display: block !important; }</style>";
if ($rowfo == 0 ) { // no user
echo "No users.";
} else {
while($users = mysql_fetch_array($fo)){
$user_name = $users['user_name'];
$fullname = $users['fullname'];
$rank = $users['rank'];
$uid = $users['id'];
$session = $users['session'];
$class = $users['class'];
echo "<div>
".$uid." ~ ".$fullname." (".$user_name.") of Class ".$class." and session ".$session." - ".$rank." | <a href='?action=deleteuser&user=".$user_name."'>Delete</a> - <a href='?action=viewpwd&user=".$user_name."'>View password</a> - <a href='?action=updateuser&user=".$user_name."'>Update profile</a> - <a href='?action=updateresult&user=".$user_name."'>Update result</a></div>";
}
}
}
} elseif($_GET['action']=='viewpwd') {
echo '<style>.admin { display:none; } .back { display: block !important; }</style>';
if($_GET['user']){
$user = $_GET['user']; // profile name.
$user = mysql_real_escape_string($user);
$qfo = "SELECT * FROM $tbl_name WHERE user_name = '$user' AND (rank = 'teacher' OR rank = 'student')";
$fo = mysql_query($qfo) or die(mysql_error());
$foundu = mysql_num_rows($fo);
if($foundu=='0'){
echo "No such user found!";
} else {
$userinfo = mysql_fetch_array($fo);
$pwd = $userinfo['password'];
echo "Password is: <b>".$pwd."</b>";
}
}
}
?>
<?php if (isSet($_GET['msg'])){ echo "<span id='postmsg'>".htmlentities($_GET['msg'])."</span><br/>"; } ?>
<?php if (isSet($responsemsg)){ echo "<span id='postmsg'>".htmlentities($responsemsg)."</span><br/>"; } ?>
<div class="admin">
Welcome, <?=$_SESSION['fullname']?><br />
What you want to do? <br /><br />
<a href="?action=adduser&noredirect=1">Add a user</a><br />
<a href="?action=deleteuser&noredirect=1">View a user</a><br />
<a href="?action=logout&noredirect=1">Logout from admin panel</a><br />
</div>
<div class="back" style="display:none">
<a href="admin.php" >Go back</a><br />
</div>
<?php
}
?>
Enable javascript to submit You have javascript disabled. You will not be able to edit any code.
Here you find the average performance (time & memory) of each version. A grayed out version indicates it didn't complete successfully (based on exit-code).
Version System time (s) User time (s) Memory (MiB) 5.4.19 0.373 0.033 19.13 5.4.18 0.367 0.033 19.10 5.4.17 0.007 0.037 19.20 5.4.16 0.280 0.030 18.91 5.4.15 0.357 0.040 18.95 5.4.14 0.363 0.040 16.45 5.4.13 0.333 0.037 16.39 5.4.12 0.360 0.030 16.59 5.4.11 0.387 0.037 16.31 5.4.10 0.353 0.047 16.68 5.4.9 0.413 0.043 16.59 5.4.8 0.383 0.037 16.51 5.4.7 0.367 0.033 16.59 5.4.6 0.387 0.033 16.46 5.4.5 0.393 0.037 16.55 5.4.4 0.383 0.037 16.25 5.4.3 0.370 0.040 16.65 5.4.2 0.387 0.030 16.50 5.4.1 0.353 0.037 16.46 5.4.0 0.367 0.033 15.94 5.3.27 0.237 0.043 14.60 5.3.26 0.003 0.037 14.58 5.3.25 0.377 0.043 14.57 5.3.24 0.330 0.037 14.52 5.3.23 0.360 0.040 14.73 5.3.22 0.353 0.043 14.52 5.3.21 0.370 0.047 14.69 5.3.20 0.393 0.033 14.54 5.3.19 0.390 0.033 14.54 5.3.18 0.383 0.037 14.55 5.3.17 0.387 0.037 14.51 5.3.16 0.393 0.030 14.52 5.3.15 0.390 0.030 14.53 5.3.14 0.370 0.037 14.49 5.3.13 0.357 0.040 14.40 5.3.12 0.420 0.047 14.48 5.3.11 0.330 0.040 14.51 5.3.10 0.387 0.037 14.09 5.3.9 0.380 0.037 13.99 5.3.8 0.390 0.030 13.91 5.3.7 0.367 0.037 14.07 5.3.6 0.373 0.030 13.96 5.3.5 0.380 0.037 13.94 5.3.4 0.483 0.043 13.93 5.3.3 0.380 0.030 13.96 5.3.2 0.360 0.040 13.67 5.3.1 0.360 0.037 13.52 5.3.0 0.380 0.037 13.60
preferences:dark mode live preview
137.34 ms | 1394 KiB | 7 Q