Example #1
0
 function get_counter_barcode($year)
 {
     $db = new Database();
     $counter = 0;
     $qList = "select * from counter_barcode where year= {$year} ";
     $rList = $db->sql_list($qList);
     if ($rList) {
         $counter = $rList['counter'] + 1;
         $updateBar = "UPDATE  counter_barcode set counter={$counter} where year= {$year}";
         $result = $db->sql_query($updateBar);
     } else {
         $createBar = "INSERT INTO counter_barcode(counter, year) VALUES (1,{$year})";
         $result = $db->sql_query($createBar);
         $counter = 1;
     }
     return $counter;
 }
Example #2
0
<?php

session_start();
include "database.php";
$username = $_REQUEST["username"];
$database = new Database();
$database->connect();
$dataValid = false;
$query = "SELECT * FROM Users";
$result = $database->sql_query($query);
while ($row = mysqli_fetch_assoc($result)) {
    if ($row['email'] == $username || $row['userName'] == $username) {
        if (crypt($_REQUEST["psw"], $row['password']) == $row['password']) {
            $dataValid = true;
            break;
        }
    }
}
if ($dataValid) {
    $_SESSION['username'] = $username;
    $_SESSION['loggedin'] = true;
    $query = "select role from Users where userName = '******'username'] . "'";
    $result = $database->sql_query($query);
    $row = mysqli_fetch_assoc($result);
    if ($row['role'] == true) {
        $_SESSION['admin'] = true;
        echo "Admin";
    }
} else {
    echo "Invalid username or password.Please try again";
}
Example #3
0
    function editEmail($get, $email, $name)
    {
        $database = new Database();
        $database->connect();
        $valid = true;
        $err = "";
        if ($_POST) {
            if (empty($_POST['email'])) {
                $err = "It is empty";
                $valid = false;
            }
            if (isset($_POST['email'])) {
                $query = "SELECT * FROM Users WHERE email = '" . $_POST['email'] . "'";
                $result = $database->sql_query($query);
                $rows = mysqli_num_rows($result);
                if ($rows > 0) {
                    $err = "email already exists.";
                    $valid = false;
                }
            }
            if ($valid) {
                $query = "update Users set email = '" . $_POST['email'] . "' where userID = '" . $_GET['ide'] . "'";
                $result = $database->sql_query($query);
                header('Location: mySettings.php');
            }
        }
        if (!$valid || !$_POST) {
            ?>
		
			<form method = "post" >
					<tr>
						<td>Email</td>
						<td style = "padding-left:180px">
						<input type = "text" name = "email" placeholder = "<?php 
            echo $email;
            ?>
" value = "<?php 
            if (isset($_POST['email'])) {
                echo $_POST['email'];
            }
            ?>
"><?php 
            echo $err;
            ?>
						<input style ="background-color:#ff9900; color:white"type= "submit" name="submit" value = "Change"/>
						</td>
					</tr>
					<tr>
						<td>Username</td>
						<td  style = "padding-left:180px"><input type = "text" placeholder = "<?php 
            echo $name;
            ?>
" name = "userName"/ disabled = "disabled"></td>
					</tr>
			</form>
<?php 
        }
    }