"; // Base of the site $site_url = "http://arapaho.nsuok.edu/~ora/teacher_res; // Will be used to identify pages. $Page_Title = ""; # Validate function will verify that the admins are who they say they are.. function validate($usr,$passwd) { $sql = "SELECT * FROM users WHERE ((username='" . $usr . "') AND (verified='Y'))"; $result = db_connect($sql); if ( mysql_num_rows($result) == 0 ) { // Not a registered user return 0; } else { $row = mysql_fetch_assoc($result); if (($row['admin'] == 'N') && (($row['passwd'] == md5($passwd)) || (md5($row['passwd']) == md5($passwd)))) { // Registered User, Not an Admin return 1; } elseif (($row['admin']=='Y') && (($row['passwd'] == md5($passwd)) || (md5($row['passwd']) == md5($passwd)))) { // Admin User return 2; } } } # This function prompts user for a login name and password. # It will allow access to the administration section of links. function admin_login($return_url,$page) { $content =<< $page Administration

User ID:
Password:

EOD; return $content; } # Simple database connection function, takes an SQL statement and returns a result (recordset). function db_connect( $sql ) { mysql_pconnect("netnotes.nsuok.edu","webuser","webuser") or die("Cannot connect to MySQL Server!"); mysql_select_db("strategies") or die("Cannot open Database!"); return mysql_query($sql); } /* Clears the result */ function free_result($res) { mysql_free_result($res); } # Send an email out # $action can be "Approve" or "Decline" function send_mail($action,$link,$optTo,$optSub,$optBody,$optHeaders) { global $administrator,$site_url; if ($action == "Approve") { $sql = "SELECT link_poster,link_url,name FROM links,users WHERE ((users.username=links.link_poster) AND (link_id=" . $link . "))"; $result = db_connect($sql); $row = mysql_fetch_assoc($result); $body = $row['name'] . ",\nThe site you have submitted: ( " . $row['link_url'] . " ) has been approved. \n\nVisit " . $site_url . "/usefulsites.php to view the Useful Sites on the Oklahoma Reading Association page.\n\nWebsite Administration"; mail($row['link_poster'],"Thanks for the site suggestion!",$body,"From: " . $administrator); } elseif ($action == "Decline") { $sql = "SELECT link_poster,link_url,name FROM links,users WHERE ((users.username=links.link_poster) AND (link_id=" . $link . "))"; $result = db_connect($sql); $row = mysql_fetch_assoc($result); $body = $row['name'] . ",\nUnfortunately the site you have submitted: ( " . $row['link_url'] . " ) has, at this time, been declined. You may however submit sites that you find interesting in the future and we will consider them. \n\nVisit " . $site_url . "/usefulsites.php to view the Useful Sites on the Oklahoma Reading Association page.\n\nWebsite Administration"; mail($row['link_poster'],"Thanks for the site suggestion!",$body,"From: " . $administrator); } else { mail($optTo,$optSub,$optBody,$optHeaders); } } # This function will test to make sure a valid user@domain.ext combination exists # It will test domain extentions between 2 and 4 characters (ex: .uk or .info) function validate_email($email) { // checks proper syntax if(eregi("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,4})$" , $email)) { return true; } return false; } # This function will test to see if an email address already belongs to a user function is_current_user($email) { $result = db_connect("SELECT name FROM users WHERE username='" . $email . "'"); if (mysql_num_rows($result) > 0) return true; else return false; } ?>