Code: Select all
<?php
session_start();
define ('PATH','../../');
require_once (PATH.'items/head.php');
function check() {
if(isset($_SESSION['uchitel_egn']) && isset($_SESSION['uchitel_pass'])) {
$egn=$_SESSION['uchitel_egn'];
$pass=$_SESSION['uchitel_pass'];
return true;
}
elseif(isset($_POST['egn']) && isset($_POST['pass'])) {
$egn=mysql_real_escape_string($_POST['egn']);
$pass=mysql_real_escape_string($_POST['pass']);
return false;
}
else {
form_login();
}
}
function shutit() {
mysql_close();
require_once(PATH.'items/foot.php');
exit;
}
function auth($_egn,$_pass) {
$query="SELECT * FROM uchiteli WHERE egn='$_egn' AND pass='$_pass'";
$result=mysql_query($query) or die(mysql_error());
$rows=mysql_num_rows($result);
if($rows!=FALSE)
return true;
else
return false;
}
function main() {
$connect=mysql_connect(MYSQL_HOST,MYSQL_USER,MYSQL_PASS) or die('?????? ?????? ? MySQL ???????!<br>');
mysql_query('set names utf8');
mysql_select_db(MYSQL_DB) or die('?? ?????????? ???? ?? ????? ? ?????? ???!<br>');
$check=check();
if($check==FALSE && (empty($egn)||empty($pass))) {
echo '?? ??? ?????? ??? ??? ??????!';
shutit();
}
if(auth($egn,$pass)) {
$_SESSION['uchitel_egn']=$egn;
$_SESSION['uchitel_pass']=$pass;
menu();
}
else {
echo '?????? ??? ??? ??????!';
shutit();
}
}
function menu() {
if(isset($_GET['cmd']) && !empty($_GET['cmd'])) {
xcmd($_GET['cmd']);
}
echo '
<div id="table">
<ul>
<li>????????, ?????????, ?????????, ?????????:
<ul>
<li><a href="index.php?cmd=add_ocenka">???????? ?? ??????</a></li>
<li><a href="index.php?cmd=edit_ocenka">????????? ?? ??????</a></li>
<li><a href="index.php?cmd=del_ocenka">????????? ?? ??????</a></li>
<li><a href="index.php?cmd=sel_ocenka">????????? ?? ??????</a></li>
<li><a href="index.php?cmd=add_zabelejka">???????? ?? ?????????</a></li>
<li><a href="index.php?cmd=edit_zabelejka">????????? ?? ?????????</a></li>
<li><a href="index.php?cmd=del_zabelejka">????????? ?? ?????????</a></li>
<li><a href="index.php?cmd=sel_zabelejka">????????? ?? ?????????</a></li>
<li><a href="index.php?cmd=add_srgod">???????? ?? ?????? ??? ??????? ??????</a></li>
<li><a href="index.php?cmd=edit_srgod">????????? ?? ?????? ??? ??????? ??????</a></li>
<li><a href="index.php?cmd=del_srgod">????????? ?? ?????? ??? ??????? ??????</a></li>
<li><a href="index.php?cmd=sel_srgod">????????? ?? ?????? ??? ??????? ??????</a></li>
</ul>
</li>
<li>?????:
<ul>
<li><a href="passwd">????? ?? ??????</a></li>
<li><a href="logout">?????</a></li>
</ul>
</li>
<li>?????????:
<ul>
<li><a href="index.php?cmd=sel_direktori">????????? ?? ?????????</a></li>
<li><a href="index.php?cmd=sel_klasove">????????? ?? ???????</a></li>
<li><a href="index.php?cmd=sel_ocenki">????????? ?? ??????</a></li>
<li><a href="index.php?cmd=sel_paralelki">????????? ?? ?????????</a></li>
<li><a href="index.php?cmd=sel_predmeti">????????? ?? ????????</a></li>
<li><a href="index.php?cmd=sel_srgodocenki">????????? ?? ?????? ? ??????? ??????</a></li>
<li><a href="index.php?cmd=sel_uchenici">????????? ?? ???????</a></li>
<li><a href="index.php?cmd=sel_uchiteli">????????? ?? ???????</a></li>
<li><a href="index.php?cmd=sel_zabelejki">????????? ?? ?????????</a></li>
</ul>
</li>
</ul>
</div>
';
}
function form_login() {
echo '
<h2><a href="#">???? ?? ???????</a></h2>
<div class="articles">
<form id="form1" name="form1" method="post" action="">
<pre>???: <input type="text" name="egn" id="egn" /></pre>
<pre>??????: <input type="password" name="pass" id="pass" /></pre>
<input name="login" type="submit" value="Вход" />
</form>
</div>
';
shutit();
}
function xcmd($_cmd) {
$cmds=new cmds();
if($_cmd=='logout')
logout();
elseif($_cmd=='passwd')
form_passwd();
elseif($_cmd=='add_ocenka')
$cmds->add_ocenka();
elseif($_cmd=='edit_ocenka')
$cmds->edit_ocenka();
elseif($_cmd=='del_ocenka')
$cmds->del_ocenka();
elseif($_cmd=='sel_ocenka')
$cmds->sel_ocenka();
elseif($_cmd=='add_zabelejka')
$cmds->add_zabelejka();
elseif($_cmd=='edit_zabelejka')
$cmds->edit_zabelejka();
elseif($_cmd=='del_zabelejka')
$cmds->del_zabelejka();
elseif($_cmd=='sel_zabelejka')
$cmds->sel_zabelejka();
elseif($_cmd=='add_srgod')
$cmds->add_srgod();
elseif($_cmd=='edit_srgod')
$cmds->edit_srgod();
elseif($_cmd=='del_srgod')
$cmds->del_srgod();
elseif($_cmd=='sel_srgod')
$cmds->sel_srgod();
elseif($_cmd=='sel_direktori')
$cmds->sel_direktori();
elseif($_cmd=='sel_klasove')
$cmds->sel_klasove();
elseif($_cmd=='sel_ocenki')
$cmds->sel_ocenki();
elseif($_cmd=='sel_paralelki')
$cmds->sel_paralelki();
elseif($_cmd=='sel_predmeti')
$cmds->sel_predmeti();
elseif($_cmd=='sel_srgodocenki')
$cmds->sel_srgodocenki();
elseif($_cmd=='sel_uchenici')
$cmds->sel_uchenici();
elseif($_cmd=='sel_uchiteli')
$cmds->sel_uchiteli();
elseif($_cmd=='sel_zabelejki')
$cmds->sel_zabelejki();
}
class cmds {
public function sel_zabelejki() {
echo 'test!';
shutit();
}
public function logout() {
if(session_destroy())
echo '??? ????????? ??????? ?? ?????? ??????!';
shutit();
}
public function form_passwd() {
echo '
<h2><a href="#">??????? ?? ??????:</a></h2>
<div class="articles">
<form id="form1" name="form1" method="post" action="">
<pre>???? ??????: <input type="password" name="changepass" id="changepass" /></pre>
<input name="login" type="submit" value="???????!" />
</form>
</div>
';
}
}
main();
?>