function updatePasswd($username, $password) { if (!existUser($username)) { return 0; } $query = "update account set password = '******' where username = '******'"; $result = mysql_query($query); if (!$result) { die("updatePasswd() failed. Could not query the database: <br />" . mysql_error()); } return 1; }
function Cadas($nome, $user, $senha) { global $servername; global $username; global $password; global $bdname; // Create connection $conn = new mysqli($servername, $username, $password, $bdname); // Check connection if ($conn->connect_error) { die("Connection failed: " . $conn->connect_error); } $sql = "INSERT INTO UserTab (Nome, Nickname, Senha) VALUES ('" . $nome . "', '" . $user . "','" . $senha . "')"; if (existUser($conn, $user) == false) { if ($conn->query($sql) === TRUE) { criaPersonagens(); } else { echo "Not Add<br>"; } } $conn->close(); }
$errortext_friend = "user " . $_POST["friend"] . " doesn't exist"; } else { $result = addFriend($_SESSION["username"], $_POST["friend"]); if ($result === 0) { $errortext_friend = "you are a foe of " . $_POST["contact"] . ", you can't add " . $_POST["contact"] . " as a friend"; } else { $errortext_friend = "add contact successfully"; } } } } else { if (!empty($_POST["foe"])) { if ($_POST["foe"] === $_SESSION["username"]) { $errortext_foe = "can't add yourself"; } else { if (existUser($_POST["foe"]) === 0) { $errortext_foe = "user " . $_POST["foe"] . " doesn't exist"; } else { addFoe($_SESSION["username"], $_POST["foe"]); $errortext_foe = "add foe successfully"; } } } } } $contacts = getContacts($_SESSION["username"]); $friends = getFriends($_SESSION["username"]); $foes = getFoes($_SESSION["username"]); render("contact_template.php", ["contacts" => $contacts, "friends" => $friends, "foes" => $foes, "errortext_contact" => $errortext_contact, "errortext_friend" => $errortext_friend, "errortext_foe" => $errortext_foe, "titile" => "Contact"]); } else { $contacts = getContacts($_SESSION["username"]);
function citacionClienteCompuesto($cliente) { global $conn; $str_datos = file_get_contents("json/totvs_clientes_compuestos.json"); $datos = json_decode($str_datos, true); foreach ($datos as $inx => $row) { if (trim($row['codigo']) == trim($cliente)) { // verifico que el cliente no este ya cargado $existUser = existUser($cliente); if ($existUser == "true") { // inserto el cliente $sql_insert_user = "******"; $sql_insert_user .= "values('',0,'" . mysql_real_escape_string($row['nombre']) . "','" . date('Y-m-d H:i:s') . "',0,NULL,0,0,3,'" . mysql_real_escape_string($row['codigo']) . "','1')"; executeQuery($sql_insert_user, $conn); $userid = mysql_insert_id($conn); } else { $userid = $existUser; } return $userid; } } }
$sql_insert_user .= mysql_real_escape_string($_POST["cliente_uno_totvs"]) . "',NULL,'" . mysql_real_escape_string($_POST["cliente_uno_tipo"]) . "',0,NULL,NULL,'" . mysql_real_escape_string($_POST["cliente_uno_telefono"]) . "','" . mysql_real_escape_string($_POST["cliente_uno_direccion"]) . "')"; executeQuery($sql_insert_user, $conn); $var_userid = mysql_insert_id($conn); } else { $var_userid = $existUser; } } } else { echo 'error'; die; } // inserto cliente dos $var_userid_dos = 'NULL'; if ($_POST["cliente_dos_tipo"] != "" and $_POST["cliente_dos_nombre"] != "" and $_POST["cliente_dos_direccion"] != "" and $_POST["cliente_dos_telefono"] != "" and $_POST["cliente_dos_totvs"] != "") { // verifico que el cliente no este ya cargado $existUser = existUser($_POST["cliente_dos_totvs"]); if ($existUser == "true") { // insertar cliente $sql_insert_user = "******"; $sql_insert_user .= "values('',0,'" . mysql_real_escape_string(utf8_decode($_POST["cliente_dos_nombre"])) . "','" . mysql_real_escape_string($_POST["cliente_dos_email"]) . "','','','" . date('Y-m-d H:i:s') . "',0,NULL,0,0,3,'"; $sql_insert_user .= mysql_real_escape_string($_POST["cliente_dos_totvs"]) . "',NULL,'" . mysql_real_escape_string($_POST["cliente_dos_tipo"]) . "',0,NULL,NULL,'" . mysql_real_escape_string($_POST["cliente_dos_telefono"]) . "','" . mysql_real_escape_string($_POST["cliente_dos_direccion"]) . "')"; executeQuery($sql_insert_user, $conn); $var_userid_dos = mysql_insert_id($conn); } else { $var_userid_dos = $existUser; } } // citacion /*if ( $_POST["citacion"] != "" ) { $citacion["citacion_tipo"] = $_POST["citacion"];
<? include_once('../database/userFunc.php'); include_once('../database/eventFunc.php'); $name = $_POST['name']; $evento = $_POST['evento']; $idEvent = getEventId($evento); if (!existUser($name)){ echo "user_not_exist"; return false; } $idUser = getUserID($name); try { $invite = invite($idUser, $idEvent); if ($invite === false){ echo "fail"; } else if ($invite === true){ echo "success"; } } catch (PDOException $e) { die($e->getMessage()); } ?>
<? include_once('../database/userFunc.php'); $oldname = $_POST['antigoNome']; $username = $_POST['username']; $pw = $_POST['pw']; $npw = $_POST['npw']; $npw2 = $_POST['npw2']; try { if ($oldname != $username){ $user = existUser($username); if ($user === true){ echo "username_in_use"; } else{ if (getUser($oldname, $pw)){ $user = editUser($oldname, $username, $pw); echo "name_changed"; session_start(); $_SESSION['username'] = $username; } else{ echo "wrong_password"; } } } else if ($pw == "" || $npw == "" ||$npw2 == ""){ echo "fill_all_pw";