Here is the myaccount page, just as a note it does not depend on which page is used when redirected after a process.
Code: Select all
<?php
include 'dbc.php';
page_protect();
session_regenerate_id();
# connect to the database
mysql_c------------------------
$result = mysql_query("SELECT * FROM `proof` WHERE userproof_id='$_SESSION[user_id]' AND proof.clickstatus= 1 LIMIT 5") or die( mysql_error() );
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<style type="text/css">
table.sample5 {
border-width: 0px 0px 0px 0px;
border-spacing: 0px;
border-style: none none none none;
border-color: white white white white;
border-collapse: collapse;
background-color: white;
}
table.sample5 th {
border-width: 1px 1px 1px 1px;
padding: 5px 35px 5px 35px;
border-style: none none none none;
border-color: white white white white;
background-color: white;
-moz-border-radius: 0px 0px 0px 0px;
}
table.sample5 td {
border-width: 1px 1px 1px 1px;
padding: 5px 5px 5px 5px;
border-style: none none none none;
border-color: white white white white;
background-color: white;
-moz-border-radius: 0px 0px 0px 0px;
}
</style>
<title>- My Account</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<meta name="keywords" content="" />
<meta name="description" content="" />
<!-- TemplateEndEditable --><!-- TemplateBeginEditable name="head" --><!-- TemplateEndEditable -->
<style type="text/css" media="all">
<!--
@import url("styles.css");
* {/* for demo only*/
margin:0;
padding:0
}
html, body {
height:100%;/* needed to base 100% height on something known*/
text-align:center;
}
body {
background:#333
}
#outer {
width:890px;
background:#fff;
margin:auto;
min-height:100%;
margin-top:-59px;/*footer height - this drags the outer 40px up through the top of the monitor */
text-align:left;
}
#header {
border-top:59px solid #fff;
}
#outerWrapper {
margin: 0 auto;
text-align: left;
width: 790px;
background-color: #FFF;
}
#outerWrapper #footer {/* footer now sits at bottom of window*/
width:770px;
margin:auto;
height:58px;/* must match negative margin of #outer */
clear:both;
border-top:1px solid #fff;
background-color: #fff;
padding: 30px 60px 0px 10px;
background: url(images/footer-bg.png) no-repeat top;
color: #ffffff;
text-align: left;
line-height: 22px;
background-repeat: no-repeat;
background-position: left top;
vertical-align: bottom;
}
/*Opera Fix*/
body:before {/* thanks to Maleika (Kohoutec)*/
content:"";
height:100%;
float:left;
width:0;
margin-top:-32767px;/* thank you Erik J - negate effect of float*/
}
.redtext {
color: #F00;
}
-->
</style>
<!--[if IE 5]>
<style type="text/css">
#outerWrapper #contentWrapper #leftColumn1 {
width: 170px;
}
#outerWrapper #contentWrapper #rightColumn1 {
width: 170px;
}
</style>
<![endif]-->
<!--[if IE]>
<style type="text/css">
#outerWrapper #contentWrapper #content-left, #outerWrapper #contentWrapper #content-right {
zoom: 1;
}
</style>
<![endif]-->
<script language="JavaScript">
function show5()
{
d = document.getElementById("formpart");
d.style.display = "";
d.style.visibility = "";
return;
}
function show7()
{
d = document.getElementById("employer2");
d.style.display = "";
d.style.visibility = "";
return;
}
</script>
</head>
<body>
<div id="outer">
<div id="header">
<div id="headlinks"> <a href="index.php">Home</a> | <a href="#">Forums</a> | <a href="#">Help</a></div>
<img src="images/logonoblock.png" width="195" height="58" alt="logo" /></div>
<div id="topinfo-noimage"></div>
<div id="outerWrapper">
<div id="contentWrapper">
<div id="leftColumn1"><!-- TemplateBeginEditable name="leftsidebar" --><strong>Workers Menu</strong>
<ul>
<li></li>
<li><a href="jobs.php">Available Jobs</a></li>
<li><a href="finished.php">Finished Jobs</a></li>
<li><a href="myaccount.php">My Account</a></li>
<li><a href="logout.php">Logout</a></li>
<li><a href="Templates/rightnav-noheader.html"> Withdraw Money</a></li>
</ul>
<div id="leftColumnContent"> <strong> Employers Menu</strong>
<ul>
<li></li>
<li><a href="job_create.php">Create Jobs</a></li>
<li><a href="myjobs.php">My Jobs</a></li>
<li><a href="myaccount.php">My Account</a></li>
<li><a href="Templates/rightnav-noheader.html"> Deposit Money</a></li>
</ul>
<div class="sidebarbox">
<div class="sidebarboxtop">
<p><strong>Your Account</strong>:</p>
<p><p><font color="#336600">Name:</font> <? echo $_SESSION['user_realname'];?></p>
<p><font color="#336600">Jobs Completed:</font><? echo $_SESSION['jobs_completed'] ;?></p>
<p><font color="#336600">Earnings:</font> $<? echo $_SESSION['user_earning'] ;?><br />
<p><font color="#336600">Deposited:</font> $<? echo $_SESSION['user_money'] ;?>
</p>
<p><br />
</p>
</div>
<div class="sidebarboxbottom"></div>
</div>
<div class="sidebarbox">
<div class="sidebarboxtop">
<?php
$query2 =("SELECT * FROM `messages` WHERE `to` ='$_SESSION[user_id]' and `to_viewed` = 0") or die( mysql_error() );
$result2 = mysql_query($query2);
$num_rows2 = mysql_num_rows($result2);
if ($num_rows2 > 0){echo("<a href ='inbox.php'>You have a new message!</a><br/><img src='images/mail.jpg' width='98' height='41'></img>");
}else {
echo "<a href ='inbox.php'>Inbox</a> has no new messages received.";
}
?>
</div>
<div class="sidebarboxbottom"></div>
</div>
</div>
<!-- TemplateEndEditable --></div>
<div id="content-right"><!-- TemplateBeginEditable name="maincontent" -->
<table width="100%" border="0" cellspacing="0" cellpadding="5" class="main">
<tr>
<td colspan="3"><h1>My Account</h1></td>
</tr>
<tr>
<td width="17" valign="top">
<?
if (isset($_SESSION['user_id'])) {?>
<? }
?> <td width="457" valign="top">
<h3 class="titlehdr"> Welcome <? echo $_SESSION['user_realname'] ;?></h3>
<?
if (isset($_GET['msg'])) {
echo "<div class=\"error\">$_GET[msg]</div>";
}
?>
</table>
<br/><p class="sidebarlt">Welcome to your account page, look at an overview of your activties as well as change settings.
</p>
<p>
<p><br />
<table class="" width="100%" border="0" cellpadding="0" cellspacing="0">
<tr>
<td width="3%"></td>
<td width="6%"><img src="images/settings-icon.jpg" width="48" height="48" /></td>
<td width="29%"><a href>Account Settings </a></td>
<td width="6%"><img src="images/Mail-icon.jpg" width="48" height="48" /></td>
<td width="22%"><a href>Your Inbox</a></td>
<td width="6%"><img src="images/spanner.jpg" width="48" height="48" /></td>
<td width="28%"><a href="report.php">Report A Problem</a></td>
</tr>
</table>
<p> </p>
<p><br />
</p>
<h3>Working Information:</h3>
</p>
<div class="sidebarbox">
<div class="sidebarboxtop">
<p><font color="#009900">Jobs Completed</font>: <? echo $_SESSION['jobs_completed'] ;?> <br/>
<font color="#009900">Jobs Failed</font>: <? echo $_SESSION['jobs_failed'] ;?> <br/>
<font color="#009900">Money Earned</font>: $<? echo $_SESSION['user_earning'] ;?>
</div>
<div class="sidebarboxbottom"><br />
</p>
</div>
</div>
<p> </p>
<p> </p>
<p><br />
</p>
<h6>Featured Jobs</h6>
<p> </p>
<p>
<? echo $_SESSION['user_id'] ;?>
<?
$result3 = mysql_query("SELECT * FROM `fulldata` WHERE feature= 1 AND amountworkers > 0") or die( mysql_error() );
$i=1;
// START AN OUTPUT TABLE
echo "<table class='sample' width='100%'>";
// IF NO RESULTS
if (!mysql_num_rows($result3))
{
echo "<tr><td colspan='8'><font color='green'><u>Their are no featued jobs at this time.</u></font></td></tr>";
}
// IF WE HAVE RESULTS
else
{
// TITLE FOR COLUMNS
echo "<tr><td nowrap><b><u></u></b></td><td align='Left'><b>Job Title</b></th><td align='center'><b><u>Cash</u></b></th></tr>";
echo "<tr><td colspan='5'> <img src='images/breaker.gif' width='580' height='2'></img></tr><td>";
// ITERATE OVER THE RESULTS SET
while ($line = mysql_fetch_assoc($result3))
{
// GET EASY-TO-READ LOCAL VARIABLES
foreach ($line as $key => $val) { $$key = htmlentities($val); }
// CREATE THE ROW OF DATA
$color = ($i % 2) ? "#EEFDEC" : "#FFFFFF";
echo "<tr>";
echo "<td style='background-color:$color' width='5%' align='left'><img src ='images/star.png'></img></td>\n";
$i++;
echo "<td style='background-color:$color' width='70%' align='left'><a href='jobinfo.php?ID=$job_id'>" . substr($title,0,45) . "</a></td>\n";
$i++;
echo "<td style='background-color:$color' width='10%' align='center'>$" . $perperson . "</td>\n";
$i++;
echo "</tr>\n";
} // END WHILE ITERATOR
echo "<tr><td colspan='5'> <img src='images/breaker.gif' width='580' height='2'></img></tr><td>";
echo "</table>\n";
} // END IF/ELSE
?>
<p> </p>
Are you an employer creating jobs? <a href="changestyle.php">Click here</a> to change your account page to employer style.
</table></p><!-- TemplateEndEditable -->
<p>
<p>
</div>
<br class="clearFloat" />
</div>
</div
></div>
<div style="width: 890px; background: #fff; margin: auto; padding: 0; position: relative;">
<div id="outerWrapper">
<div id="footer">
<p><a href="#">Home</a>| <a href="#">Services</a> | <a href="#">About Us</a> | <a href="#">Contact Us</a> | <a href="#">Terms & Conditons</a> | <a href="#">Privacy</a></p>
<p>This site is copyright © 2009 </p>
</div>
</div>
</div>
</body>
</html>
Messy i know but this is first site i ever made
Now for a process i have seen this happen on:
Code: Select all
<?php
// Connect to server and select database.
mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");
$total_cost = round(($_POST['amountworkers'] * $_POST['perperson']) * 1.05, 2);
$user_cost = $_SESSION['user_money'];
$userid2 = $_SESSION['user_id'];
try {
if ($total_cost > $user_cost) {
throw new Exception("You have insufficient funds to create this job, please allow room for a 5% charge onto your job total cost.");
}
else{
$_SESSION['user_money'] = round($user_cost - $total_cost, 2);
$sql = "UPDATE `users`
SET users.user_money = round($user_cost - $total_cost, 2)
WHERE users.id = '$_SESSION[user_id]'";
$result = mysql_query($sql)
or die('Invalid query: ' . $sql . ' - Error is ' . mysql_error());
}
//Function definition
function onlyLetters($str){
$text = str_replace("\n", "xyxy", $str);
$pattern = '/[^0-9a-zA-Z-. "]*/';
$text = preg_replace($pattern, '', $text);
return str_replace("xyxy", "<br />\n", $text);
}
function onlyNumbers($str){
$pattern = '/[^0-9.]*/';
return preg_replace($pattern, '', $str);
}
// Get and strip values from form
$title=onlyLetters($_POST['title']);
$descript=onlyLetters($_POST['descript']);
$proof=onlyLetters($_POST['proof']);
$min=onlyNumbers($_POST['min']);
$amountworkers=onlyNumbers($_POST['amountworkers']);
$perperson=onlyNumbers($_POST['perperson']);
$createuser_id=onlyLetters($_POST['createuser_id']);
$user_name=onlyLetters($_POST['user_name']);
$ujob_id=onlyNumbers($_POST['id']);
// Insert data into mysql
$sql= mysql_query("INSERT INTO $tbl_name(job_id, title, descript, proof, min, amountworkers, perperson, createuser_id, user_name, date)VALUES('$ujob_id', '$title', '$descript', '$proof', '$min', '$amountworkers', '$perperson', '$createuser_id', '$user_name',now())") or die( mysql_error() );
// if successfully insert data into database, displays message "Successful".
if($sql){
echo "Thank you for submiting your job, our team will now take a look and approve very soon ";
echo "<BR>";
echo "<a href='http:///jobs.php'>Click here to go back to</a>";
}
else {
echo "ERROR";
}
} catch (Exception $e) {
// There has been an error
echo "You have insufficient funds to create this job, please allow room for a 5% charge onto your job total cost.";
}
?>
You may need to see this to dbc.php its the page protect function ( I did not make this script):
Code: Select all
<?php
// INITIAL SETTINGS //
// JUST COMPLETE WHEREVER MARKED XXXXXXXXXXXXXXXXXXX
/************* MYSQL DATABASE SETTINGS *****************/
// Enter database name.
// Note: If you use cpanel, the name will be like account_database
$dbname = '1';
// Change the 2nd and 3rd parameters in inside $link and the user should have ALL previleges assigned to databse
$link = mysql_connect("************") or die("Couldn't make connection.");
$db = mysql_select_db($dbname, $link) or die("Couldn't select database");
//ADMIN SECTION PASSWORD
$admin_user = '*****';
$admin_pass = '******';
/*************** reCAPTCHA KEYS****************/
$publickey = "******";
$privatekey = "*****";
function page_protect() {
session_start();
//check for cookies
if(isset($_COOKIE['user_id']) && isset($_COOKIE['user_name'])){
$_SESSION['user_id'] = $_COOKIE['user_id'];
$_SESSION['user_name'] = $_COOKIE['user_name'];
$_SESSION['user_earning'];
$_SESSION['jobs_failed'];
$_SESSION['jobs_completed'];
$_SESSION['user_money'];
$_SESSION['user_realname'];
}
if (!isset($_SESSION['user_id']))
{
header("Location: login.php");
}
/*******************END********************************/
}
function makecomma($input)
{
// This function is written by some anonymous person - I got it from Google
if(strlen($input)<=2)
{ return $input; }
$length=substr($input,0,strlen($input)-2);
$formatted_input = makecomma($length).",".substr($input,-2);
return $formatted_input;
}
function india($num){
// This is my function
$pos = strpos((string)$num, ".");
if ($pos === false) { $decimalpart="00";}
else { $decimalpart= substr($num, $pos+1, 2); $num = substr($num,0,$pos); }
if(strlen($num)>3 & strlen($num) <= 12){
$last3digits = substr($num, -3 );
$numexceptlastdigits = substr($num, 0, -3 );
$formatted = makecomma($numexceptlastdigits);
$stringtoreturn = $formatted.",".$last3digits ;
}elseif(strlen($num)<=3){
$stringtoreturn = $num;
}elseif(strlen($num)>12){
$stringtoreturn = number_format($num, 2);
}
if(substr($stringtoreturn,0,2)=="-,"){$stringtoreturn = "-".substr($stringtoreturn,2 );}
return $stringtoreturn;
}
function EncodeURL($url)
{
$new = strtolower(ereg_replace(' ','_',$url));
return($new);
}
function DecodeURL($url)
{
$new = ucwords(ereg_replace('_',' ',$url));
return($new);
}
function ChopStr($str, $len)
{
if (strlen($str) < $len)
return $str;
$str = substr($str,0,$len);
if ($spc_pos = strrpos($str," "))
$str = substr($str,0,$spc_pos);
return $str . "...";
}
?>