All pastes #628723 Raw Edit

stranichka

public php v1 · immutable
#628723 ·published 2007-07-21 16:17 UTC
rendered paste body
<?php/** * Addresses  * * Manage addresses * * @package		LeaCOR * @subpackage		Backend Interface * @version		1.0 */ 		  	require_once 'lea_includer.php';	checkUserLevel('is_user', $lea_user_level);		$_POST = filterData($_POST);	$_GET = filterData($_GET);	if (!$lea_user_level['is_user']) {		echo 'Hack attempt'; die();	}		// init locals 	$idADDRESS = 0;	$MEMBER_idMEMBER = 0;	$street = "";	$street_number = 0;	$postal_code = 0;	$city = "";	$phone = 0;	$fax = 0;	$notes = "";		extract($_GET, EXTR_IF_EXISTS);	$address = new Addresses;	$address->setMysqlHandler($sql);		/* Delete */ 	if ($act == "del") { 		checkUserLevel('is_admin', $lea_user_level);		$tmp = $address->del($id);		if (is_array($tmp)) { //error			$error = true;			$output = printErrors($tmp);		} else {			$act = "list";		}	}	/* Show */ 	if ($act == 'show') { 		$address->get($id);		extract($address->data);	}			/* New */	if ($act == 'new') {		/* Security: 			Member ID should be a positive integer			Member ID should be my Member ID			OR I must be an admin		*/		$member = new Members;		$member->setMysqlHandler($sql);		$MEMBER_idMEMBER = $mid;		if ($member->get($mid)) {			if ($mid < 0 || ($member->data['USERACCOUNT_idUSERACCOUNT'] !== $_SESSION['gml_user_id'] || $lea_user_level['is_admin'] !== true)) {				die('Hack attempt: invalid member ID');			}		}	}		/* Edit */	if ($act == 'edit') { 		$address->get($id);		extract($address->data);	}		if ($act == 'list') { 		$address->getData("WHERE `MEMBER_idMEMBER` = '".$thisMemberId."'");	}		// OUTPUT	include_once $leaElements.'header.php'; // XHTML/CSS header?>		<div id="welcome">			<h2>Welcome to LeaCOR!</h2>			<p><strong>LeaCOR</strong> is a project by the <em>University of Duisburg-Essen.</em></p>		</div>		<div id="members">			<?php				switch ($act) {					case "show":						include $leaTemplates.'address.tpl.php';						break;					case "edit":						include $leaForms.'addressform.php';						break;					case "new":						include $leaForms.'addressform.php';						break;					case "list":						echo $output;						echo '<a href="addresses.php?act=new&amp;mid='.$mid.'">Add new</a>';						for ($i=0;$i<count($address->data);$i++) {						extract($address->data[$i]);						include $leaTemplates.'address.tpl.php';						echo "\n<br />\n";						}						break;				}				if ($error) {					include_once $leaForms.'addressform.php';				}			?>		</div><?include_once $leaElements.'main.close.sidebar.open.php'; // right panelinclude_once $leaElements.'login.field.php'; // Login Forminclude_once $leaElements.'upper_links.php'; // First Panel on the rightinclude_once $leaElements.'lower_links.php'; // Second Panel on the rightinclude_once $leaElements.'footer.php'; // Footer?>?>