wiby/html/readf/feedback.php

<?php
	session_start();
	if($_SESSION["level"]!="admin")
	{
		echo "Access denied.";
		exit();
	}
	if($_SESSION["authenticated"]!=true)
	{
		include 'index.php';
		exit();
	}
	
	$link = mysqli_connect('localhost', 'approver', 'foobar');

	if (!$link)
	{
		$error = 'Cant connect to database.';
		include 'error.html.php';
		exit();
	}

	if (!mysqli_set_charset($link, 'utf8')) 
	{ 
	  $error = 'Unable to set database connection encoding.'; 
	  include 'error.html.php'; 
	  exit(); 
	}

	if(!mysqli_select_db($link, 'wiby'))
	{
	  $error = 'Unable to locate the database.'; 
	  include 'error.html.php'; 
	  exit(); 
	}
	
	if (isset($_POST['startid']) && $_SESSION["loadfeedback"]==false)    
	{    
		$startID = mysqli_real_escape_string($link, $_POST['startid']);
		$endID = mysqli_real_escape_string($link, $_POST['endid']);
	}	

	$lim = 10000000000;
	
	if (isset($_POST['startid']) && $_SESSION["loadfeedback"]==false) //this is incase any new submissions are made during the review process, they will be ignored   
	{  
		$result = mysqli_query($link,"SELECT * FROM feedback WHERE id >= '".$startID."' AND id <= '".$endID."'");
		if(!$result)
		{
		  $error = 'Error fetching index: ' . mysqli_error($link);  
		  include 'error.html.php';  
		  exit(); 
		}
	}
	else
	{
		$result = mysqli_query($link,"SELECT * FROM feedback LIMIT $lim");
		if(!$result)
		{
		  $error = 'Error fetching index: ' . mysqli_error($link);  
		  include 'error.html.php';  
		  exit(); 
		}	
	}

	//lets put contents of index into an array
	while($row = mysqli_fetch_array($result))
	{
		$id[] = $row['id'];
		$message[] = $row['message'];
		$time[] = $row['time'];
	}
	
	if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['startid']) && $_SESSION["loadfeedback"]==false)    
	{    //remove selected feedback					
		$i=0;
		foreach($id as $pageid)
		{

			if($_POST["drop$pageid"] == 'on')
			{
				$result2 = mysqli_query($link,"DELETE FROM feedback WHERE id = '".$pageid."'");
				if(!$result2)
				{
				  $error = 'Error deleting from feedback: ' . mysqli_error($link);  
				  include 'error.html.php';  
				  exit(); 
				}
			}			
			$i++;			
		}
		$_SESSION["loadfeedback"]=true;
		unset($id);
		unset($message);
		unset($time);
		unset($startID);
		unset($endID);		
		unset($result);
		unset($result2);
		$link -> close();			
		include 'feedback.php';
		exit();
	}
	else
	{
		$_SESSION["loadfeedback"]=false;
		include 'form.html.php';
	}
?>
Initial commit. 2022-07-08 03:48:28 +00:00			`<?php`
			`session_start();`
			`if($_SESSION["level"]!="admin")`
			`{`
			`echo "Access denied.";`
			`exit();`
			`}`
			`if($_SESSION["authenticated"]!=true)`
			`{`
			`include 'index.php';`
			`exit();`
			`}`
Add files via upload 2022-08-10 06:22:52 +00:00
Initial commit. 2022-07-08 03:48:28 +00:00			`$link = mysqli_connect('localhost', 'approver', 'foobar');`

			`if (!$link)`
			`{`
			`$error = 'Cant connect to database.';`
			`include 'error.html.php';`
			`exit();`
			`}`

			`if (!mysqli_set_charset($link, 'utf8'))`
			`{`
			`$error = 'Unable to set database connection encoding.';`
			`include 'error.html.php';`
			`exit();`
			`}`

			`if(!mysqli_select_db($link, 'wiby'))`
			`{`
			`$error = 'Unable to locate the database.';`
			`include 'error.html.php';`
			`exit();`
			`}`
Add files via upload 2022-08-10 06:22:52 +00:00
			`if (isset($_POST['startid']) && $_SESSION["loadfeedback"]==false)`
			`{`
			`$startID = mysqli_real_escape_string($link, $_POST['startid']);`
			`$endID = mysqli_real_escape_string($link, $_POST['endid']);`
			`}`
Initial commit. 2022-07-08 03:48:28 +00:00
			`$lim = 10000000000;`

			`if (isset($_POST['startid']) && $_SESSION["loadfeedback"]==false) //this is incase any new submissions are made during the review process, they will be ignored`
			`{`
Add files via upload 2022-08-10 06:22:52 +00:00			`$result = mysqli_query($link,"SELECT * FROM feedback WHERE id >= '".$startID."' AND id <= '".$endID."'");`
Initial commit. 2022-07-08 03:48:28 +00:00			`if(!$result)`
			`{`
			`$error = 'Error fetching index: ' . mysqli_error($link);`
			`include 'error.html.php';`
			`exit();`
			`}`
			`}`
			`else`
			`{`
			`$result = mysqli_query($link,"SELECT * FROM feedback LIMIT $lim");`
			`if(!$result)`
			`{`
			`$error = 'Error fetching index: ' . mysqli_error($link);`
			`include 'error.html.php';`
			`exit();`
			`}`
			`}`

			`//lets put contents of index into an array`
			`while($row = mysqli_fetch_array($result))`
			`{`
			`$id[] = $row['id'];`
			`$message[] = $row['message'];`
			`$time[] = $row['time'];`
			`}`

			`if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['startid']) && $_SESSION["loadfeedback"]==false)`
			`{ //remove selected feedback`
			`$i=0;`
			`foreach($id as $pageid)`
			`{`

			`if($_POST["drop$pageid"] == 'on')`
			`{`
Add files via upload 2022-08-10 06:22:52 +00:00			`$result2 = mysqli_query($link,"DELETE FROM feedback WHERE id = '".$pageid."'");`
Initial commit. 2022-07-08 03:48:28 +00:00			`if(!$result2)`
			`{`
			`$error = 'Error deleting from feedback: ' . mysqli_error($link);`
			`include 'error.html.php';`
			`exit();`
			`}`
			`}`
			`$i++;`
			`}`
			`$_SESSION["loadfeedback"]=true;`
			`unset($id);`
			`unset($message);`
			`unset($time);`
			`unset($startID);`
			`unset($endID);`
			`unset($result);`
			`unset($result2);`
			`$link -> close();`
			`include 'feedback.php';`
			`exit();`
			`}`
			`else`
			`{`
			`$_SESSION["loadfeedback"]=false;`
			`include 'form.html.php';`
			`}`
			`?>`