${'graduationdegreemodeextra' . $y} = strip_tags(trim_awesome($_POST[$igraduationdegreemodeextra]));
${'finalgraduationdegreemodeextra' . $y} = htmlspecialchars(${'graduationdegreemodeextra' . $y}, ENT_QUOTES, 'UTF-8');
$igraduationcompletedextra = "graduationcompletedextra{$y}";
${'graduationcompletedextra' . $y} = strip_tags(trim_awesome($_POST[$igraduationcompletedextra]));
${'finalgraduationcompletedextra' . $y} = htmlspecialchars(${'graduationcompletedextra' . $y}, ENT_QUOTES, 'UTF-8');
$igradationcompletionyearextra = "gradationcompletionyearextra{$y}";
${'gradationcompletionyearextra' . $y} = strip_tags(trim_awesome($_POST[$igradationcompletionyearextra]));
${'finalgradationcompletionyearextra' . $y} = htmlspecialchars(${'gradationcompletionyearextra' . $y}, ENT_QUOTES, 'UTF-8');
$igraduationgpaorpercentageextra = "graduationgpaorpercentageextra{$y}";
${'graduationgpaorpercentageextra' . $y} = strip_tags(trim_awesome($_POST[$igraduationgpaorpercentageextra]));
${'finalgraduationgpaorpercentageextra' . $y} = htmlspecialchars(${'graduationgpaorpercentageextra' . $y}, ENT_QUOTES, 'UTF-8');
$igraduationclassextra = "graduationclassextra{$y}";
${'graduationclassextra' . $y} = strip_tags(trim_awesome($_POST[$igraduationclassextra]));
${'finalgraduationclassextra' . $y} = htmlspecialchars(${'graduationclassextra' . $y}, ENT_QUOTES, 'UTF-8');
$igraduationpercentageextra = "graduationpercentageextra{$y}";
${'graduationpercentageextra' . $y} = strip_tags(trim_awesome($_POST[$igraduationpercentageextra]));
${'finalgraduationpercentageextra' . $y} = htmlspecialchars(${'graduationpercentageextra' . $y}, ENT_QUOTES, 'UTF-8');
$igraduationgpaobtainedextra = "graduationgpaobtainedextra{$y}";
${'graduationgpaobtainedextra' . $y} = strip_tags(trim_awesome($_POST[$igraduationgpaobtainedextra]));
${'finalgraduationgpaobtainedextra' . $y} = htmlspecialchars(${'graduationgpaobtainedextra' . $y}, ENT_QUOTES, 'UTF-8');
$igraduationgpamaxextra = "graduationgpamaxextra{$y}";
${'graduationgpamaxextra' . $y} = strip_tags(trim_awesome($_POST[$igraduationgpamaxextra]));
${'finalgraduationgpamaxextra' . $y} = htmlspecialchars(${'graduationgpamaxextra' . $y}, ENT_QUOTES, 'UTF-8');
$sqlacademicextra = "INSERT INTO `vedica_admn_2017`.`added_academic_details` (`application_id`, `extra_academic_degree_level`, `extra_academic_degree_level_other`, `extra_academic_name_of_college`, `extra_academic_university`, `extra_academic_university_other`, `extra_academic_degree_mode`, `extra_academic_degree_name`, `extra_academic_discipline`, `extra_academic_discipline_other`, `extra_academic_specialisation`, `extra_academic_degree_completed`, `extra_academic_year_completion`, `extra_academic_grading_system`, `extra_academic_class`, `extra_academic_aggregate`, `extra_academic_gpa_obtained`, `extra_academic_gpa_max`) VALUES (\n\t\t\t\t" . mysql_real_escape_string_awesome($finalapplicationid) . ",\n\t\t\t\t" . mysql_real_escape_string_awesome(${'finalacademicextradegreelevel' . $y}) . ",\n\t\t\t\t" . mysql_real_escape_string_awesome(${'finalacademicextradegreeother' . $y}) . ",\n\t\t\t\t" . mysql_real_escape_string_awesome(${'finalgradutationcollegenameextra' . $y}) . ",\n\t\t\t\t" . mysql_real_escape_string_awesome(${'finalgradutationunversityextra' . $y}) . ",\n\t\t\t\t" . mysql_real_escape_string_awesome(${'finalgraduationuniversityothersextra' . $y}) . ",\n\t\t\t\t" . mysql_real_escape_string_awesome(${'finalgraduatindegreenameextra' . $y}) . ",\n\t\t\t\t" . mysql_real_escape_string_awesome(${'finalgraduationdisciplineextra' . $y}) . ",\n\t\t\t\t" . mysql_real_escape_string_awesome(${'finalgraduationdisciplineotherextra' . $y}) . ",\n\t\t\t\t" . mysql_real_escape_string_awesome(${'finalgraduationspecializationextra' . $y}) . ",\n\t\t\t\t" . mysql_real_escape_string_awesome(${'finalgraduationdegreemodeextra' . $y}) . ",\n\t\t\t\t" . mysql_real_escape_string_awesome(${'finalgraduationcompletedextra' . $y}) . ",\n\t\t\t\t" . mysql_real_escape_string_awesome(${'finalgradationcompletionyearextra' . $y}) . ",\n\t\t\t\t" . mysql_real_escape_string_awesome(${'finalgraduationgpaorpercentageextra' . $y}) . ",\n\t\t\t\t" . mysql_real_escape_string_awesome(${'finalgraduationclassextra' . $y}) . ",\n\t\t\t\t" . mysql_real_escape_string_awesome(${'finalgraduationpercentageextra' . $y}) . ",\n\t\t\t\t" . mysql_real_escape_string_awesome(${'finalgraduationgpaobtainedextra' . $y}) . ",\n\t\t\t\t" . mysql_real_escape_string_awesome(${'finalgraduationgpamaxextra' . $y}) . "\n\t\t\t\t);";
$insertacademicextra = mysql_query($sqlacademicextra);
if (!$insertacademicextra) {
die('Could not enter data: ' . mysql_error());
}
}
} else {
}
$_SESSION['start'] = time();
$_SESSION['expire'] = $_SESSION['start'] + 60 * 60;
if (strlen(trim($_SESSION['userName'])) == 0) {
session_destroy();
timeout();
die;
}
$applicationid = strip_tags(trim_awesome($_SESSION['userName']));
$refreetitle = strip_tags(trim_awesome($_POST['refreetitle']));
$refreename = strip_tags(trim_awesome($_POST['refreename']));
$refreeorganization = strip_tags(trim_awesome($_POST['refreeorganization']));
$refreedesignation = strip_tags(trim_awesome($_POST['refreedesignation']));
$refreecontact = strip_tags(trim_awesome($_POST['refreecontact']));
$refreeemail = strip_tags(trim_awesome($_POST['refreeemail']));
$refreeknowing = strip_tags(trim_awesome($_POST['refreeknowing']));
$finalapplicationid = htmlspecialchars($applicationid, ENT_QUOTES, 'UTF-8');
$finalrefreetitle = htmlspecialchars($refreetitle, ENT_QUOTES, 'UTF-8');
$finalrefreename = htmlspecialchars($refreename, ENT_QUOTES, 'UTF-8');
$finalrefreeorganization = htmlspecialchars($refreeorganization, ENT_QUOTES, 'UTF-8');
$finalrefreedesignation = htmlspecialchars($refreedesignation, ENT_QUOTES, 'UTF-8');
$finalrefreecontact = htmlspecialchars($refreecontact, ENT_QUOTES, 'UTF-8');
$finalrefreeemail = htmlspecialchars($refreeemail, ENT_QUOTES, 'UTF-8');
$finalrefreeknowing = htmlspecialchars($refreeknowing, ENT_QUOTES, 'UTF-8');
if ($mysql == true) {
$sqlrefree = "INSERT INTO `vedica_admn_2017`.`users_reference_details` (`application_id`, `title_of_refree`, `name_of_refree`, `organization`, `designation`, `phone_number`, `email_id`, `capacity_of_knowing`) VALUES (\n\t\t\t" . mysql_real_escape_string_awesome($finalapplicationid) . ",\n\t\t\t" . mysql_real_escape_string_awesome($finalrefreetitle) . ",\n\t\t\t" . mysql_real_escape_string_awesome($finalrefreename) . ",\n\t\t\t" . mysql_real_escape_string_awesome($finalrefreeorganization) . ",\n\t\t\t" . mysql_real_escape_string_awesome($finalrefreedesignation) . ",\n\t\t\t" . mysql_real_escape_string_awesome($finalrefreecontact) . ",\n\t\t\t" . mysql_real_escape_string_awesome($finalrefreeemail) . ",\n\t\t\t" . mysql_real_escape_string_awesome($finalrefreeknowing) . "\n\t\t\t)\n\t\tON DUPLICATE KEY\n\t\tUPDATE\n\t\ttitle_of_refree = VALUES(title_of_refree),\n\t\tname_of_refree = VALUES(name_of_refree),\n\t\torganization = VALUES(organization),\n\t\tdesignation = VALUES(designation),\n\t\tphone_number = VALUES(phone_number),\n\t\temail_id = VALUES(email_id),\n\t\tcapacity_of_knowing = VALUES(capacity_of_knowing)\n\t\t;";
$insertrefree = mysql_query($sqlrefree);
if (!$insertrefree) {
die('Could not enter data: ' . mysql_error());
}
} else {
}
$sqlregister = "INSERT INTO " . $admission_users . " (login_system_registrations_date,login_system_registrations_user_id,f_name,m_name,l_name,application_id,email_id,mobile_number,city,password,salt,registration_ip, application_status) VALUES (CURRENT_TIMESTAMP,'" . $finaluserid . "'," . mysql_real_escape_string_awesome($finalfirstname) . "," . mysql_real_escape_string_awesome($finalmiddlename) . "," . mysql_real_escape_string_awesome($finallastname) . ",''," . mysql_real_escape_string_awesome($finaluseremail) . "," . mysql_real_escape_string_awesome($finalmobile) . "," . mysql_real_escape_string_awesome($finalcity) . "," . mysql_real_escape_string_awesome($finalpassword) . "," . mysql_real_escape_string_awesome($finalsalt) . "," . mysql_real_escape_string_awesome($finaluserip) . "," . mysql_real_escape_string_awesome('Draft') . ")";
$insertregister = mysql_query($sqlregister);
$searchid = mysql_query("SELECT uid,login_system_registrations_user_id FROM " . $admission_users . " WHERE email_id = " . mysql_real_escape_string_awesome($finaluseremail) . "");
$resultid = mysql_num_rows($searchid);
$queryid = mysql_fetch_array($searchid);
$uid = $queryid['uid'];
$applicationid = str_pad($uid, 6, '0', STR_PAD_LEFT);
$applicationid = 'VS' . $year . $applicationid;
$finalusername = $applicationid;
$setapplicationid = "UPDATE " . $admission_users . " SET application_id = " . mysql_real_escape_string_awesome($finalusername) . " WHERE login_system_registrations_user_id = " . mysql_real_escape_string_awesome($queryid['login_system_registrations_user_id']) . "";
$setapplicationidquery1 = mysql_query($setapplicationid);
$sqlactivation = "INSERT INTO " . $mysqltable_name_4 . " (login_system_email_activation_user_id,login_system_email_activation_username,login_system_email_activation_expire,login_system_email_activation_useremail,login_system_email_activation_token,login_system_email_activation_date,login_system_email_activation_ip,login_system_email_activation_attempts,login_system_email_activation_status) VALUES (" . mysql_real_escape_string_awesome($queryid['login_system_registrations_user_id']) . "," . mysql_real_escape_string_awesome($finalusername) . "," . mysql_real_escape_string_awesome($expiretokenemail) . "," . mysql_real_escape_string_awesome($finaluseremail) . "," . mysql_real_escape_string_awesome($finalemailtoken) . "," . mysql_real_escape_string_awesome($datetime) . "," . mysql_real_escape_string_awesome($finaluserip) . ",'0','0')";
$insertactivation = mysql_query($sqlactivation);
$sqlpersonal = "INSERT INTO `vedica_admn_2017`.`users_personal_details` (`application_id`, `f_name`, `m_name`, `l_name`) VALUES (" . mysql_real_escape_string_awesome($finalusername) . "," . mysql_real_escape_string_awesome($finalfirstname) . "," . mysql_real_escape_string_awesome($finalmiddlename) . "," . mysql_real_escape_string_awesome($finallastname) . ")\n\t\t\t\t\t\tON DUPLICATE KEY\n\t\t\t\t\t\tUPDATE\n\t\t\t\t\t\tf_name = VALUES(f_name),\n\t\t\t\t\t\tm_name = VALUES(m_name),\n\t\t\t\t\t\tl_name = VALUES(l_name)\n\t\t\t\t\t\t;";
$insertpersonal = mysql_query($sqlpersonal);
$sqlcontact = "INSERT INTO `vedica_admn_2017`.`users_contact_details` (`application_id`, `email_id`, `mobile_number`) VALUES (\n\t\t\t\t\t" . mysql_real_escape_string_awesome($finalusername) . ",\n\t\t\t\t\t" . mysql_real_escape_string_awesome($finaluseremail) . ",\n\t\t\t\t\t" . mysql_real_escape_string_awesome($finalmobile) . "\n\t\t\t\t\t)\n\t\t\t\tON DUPLICATE KEY\n\t\t\t\tUPDATE\n\t\t\t\temail_id = VALUES(email_id),\n\t\t\t\tmobile_number = VALUES(mobile_number)\n\t\t\t\t;";
$insertcontact = mysql_query($sqlcontact);
include dirname(__FILE__) . '/phpmailer/PHPMailerAutoload.php';
include dirname(__FILE__) . '/messages/automessageemail.php';
$automail = new PHPMailer();
$automail->IsSMTP();
$automail->SMTPAuth = true;
$automail->SMTPSecure = $protocol;
$automail->Host = $host;
$automail->Port = $port;
$automail->Username = $smtpusername;
$automail->Password = $smtppassword;
$automail->From = $youremail;
$automail->FromName = $yourname;
$automail->isHTML(true);
$automail->CharSet = "UTF-8";
if (count($errors) === 0) {
$file_basename1 = substr($_FILES["resume"]["name"], 0, strripos($_FILES["resume"]["name"], '.'));
$file_extension1 = substr($_FILES["resume"]["name"], strripos($_FILES["resume"]["name"], '.'));
$finalnameresume0 = $file_basename1 . $file_extension1;
// Add a name to Random Files ID
$finalname1 = $finalapplicationid . "_RESUME" . $file_extension1;
if (!is_dir($physicalpath . 'admission-uploads/')) {
mkdir($physicalpath . 'admission-uploads/', 0777, true);
}
move_uploaded_file($_FILES['resume']['tmp_name'], $physicalpath . 'admission-uploads/' . $finalname1);
} else {
$doc_response['status'] = 'F';
$doc_response['msg'] = $errors;
/*foreach ( $errors as $error ) {
echo $error;
}*/
echo json_encode($doc_response);
die;
//Ensure no more processing is done
}
}
$sqldocs = "INSERT INTO `users_documents_uploads` (`application_id`, `passport_photo`, `resume`) VALUES (\n\t\t\t" . mysql_real_escape_string_awesome($finalapplicationid) . ",\n\t\t\t" . mysql_real_escape_string_awesome($finalnamephoto0) . ",\n\t\t\t" . mysql_real_escape_string_awesome($finalnameresume0) . "\n\t\t\t)\n\t\tON DUPLICATE KEY\n\t\tUPDATE\n\t\tpassport_photo = VALUES(passport_photo),\n\t\tresume = VALUES(resume)\n\t\t;";
$insertdocs = mysql_query($sqldocs);
if (!$insertdocs) {
die('Could not enter data: ' . mysql_error());
}
$doc_response['status'] = 'P';
$doc_response['msg'] = $baseurl;
echo json_encode($doc_response);
} else {
}
$finalcurrentaddress1 = htmlspecialchars($currentaddress1, ENT_QUOTES, 'UTF-8');
$finalcurrentaddress2 = htmlspecialchars($currentaddress2, ENT_QUOTES, 'UTF-8');
$finalcurrentaddress3 = htmlspecialchars($currentaddress3, ENT_QUOTES, 'UTF-8');
$finalcurrentcity = htmlspecialchars($currentcity, ENT_QUOTES, 'UTF-8');
$finalcurrentcountry = htmlspecialchars($currentcountry, ENT_QUOTES, 'UTF-8');
$finalcurrentstate = htmlspecialchars($currentstate, ENT_QUOTES, 'UTF-8');
$finalcurrentstateother = htmlspecialchars($currentstateother, ENT_QUOTES, 'UTF-8');
$finalcurrentzip = htmlspecialchars($currentzip, ENT_QUOTES, 'UTF-8');
$finalpermanentsameascurrent = htmlspecialchars($permanentsameascurrent, ENT_QUOTES, 'UTF-8');
$finalpermanentaddress1 = htmlspecialchars($permanentaddress1, ENT_QUOTES, 'UTF-8');
$finalpermanentaddress2 = htmlspecialchars($permanentaddress2, ENT_QUOTES, 'UTF-8');
$finalpermanentaddress3 = htmlspecialchars($permanentaddress3, ENT_QUOTES, 'UTF-8');
$finalpermanentcity = htmlspecialchars($permanentcity, ENT_QUOTES, 'UTF-8');
$finalpermanentcountry = htmlspecialchars($permanentcountry, ENT_QUOTES, 'UTF-8');
$finalpermanentstate = htmlspecialchars($permanentstate, ENT_QUOTES, 'UTF-8');
$finalpermanentstateother = htmlspecialchars($permanentstateother, ENT_QUOTES, 'UTF-8');
$finalpermanentzip = htmlspecialchars($permanentzip, ENT_QUOTES, 'UTF-8');
$finalparentname = htmlspecialchars($parentname, ENT_QUOTES, 'UTF-8');
$finalparentmobile = htmlspecialchars($parentmobile, ENT_QUOTES, 'UTF-8');
$finalparentrelation = htmlspecialchars($parentrelation, ENT_QUOTES, 'UTF-8');
$finalparentorganisation = htmlspecialchars($parentorganisation, ENT_QUOTES, 'UTF-8');
$finalparentdesignation = htmlspecialchars($parentdesignation, ENT_QUOTES, 'UTF-8');
$finalparentqualification = htmlspecialchars($parentqualification, ENT_QUOTES, 'UTF-8');
if ($mysql == true) {
$sqlcontact = "INSERT INTO `vedica_admn_2017`.`users_contact_details` (`application_id`, `email_id`, `mobile_number`, `phone_number`, `current_address_line1`, `current_address_line2`, `current_address_line3`, `current_address_city`, `current_address_state`, `current_address_state_other`, `current_address_country`, `current_address_pin`, `permanent_same_as_current_address`, `permanent_address_line1`, `permanent_address_line2`, `permanent_address_line3`, `permanent_address_city`, `permanent_address_state`, `permanent_address_state_other`, `permanent_address_country`, `permanent_address_pin`, `parent_name`, `parent_mobile`, `parent_relation`, `parent_organisation`, `parent_designation`, `parent_qualification`) VALUES (\n\t\t\t" . mysql_real_escape_string_awesome($finalapplicationid) . ",\n\t\t\t" . mysql_real_escape_string_awesome($finalemail) . ",\n\t\t\t" . mysql_real_escape_string_awesome($finalmobilenumber) . ",\n\t\t\t" . mysql_real_escape_string_awesome($finalphonenumber) . ",\n\t\t\t" . mysql_real_escape_string_awesome($finalcurrentaddress1) . ",\n\t\t\t" . mysql_real_escape_string_awesome($finalcurrentaddress2) . ",\n\t\t\t" . mysql_real_escape_string_awesome($finalcurrentaddress3) . ",\n\t\t\t" . mysql_real_escape_string_awesome($finalcurrentcity) . ",\n\t\t\t" . mysql_real_escape_string_awesome($finalcurrentstate) . ",\n\t\t\t" . mysql_real_escape_string_awesome($finalcurrentstateother) . ",\n\t\t\t" . mysql_real_escape_string_awesome($finalcurrentcountry) . ",\n\t\t\t" . mysql_real_escape_string_awesome($finalcurrentzip) . ",\n\t\t\t" . mysql_real_escape_string_awesome($finalpermanentsameascurrent) . ",\n\t\t\t" . mysql_real_escape_string_awesome($finalpermanentaddress1) . ",\n\t\t\t" . mysql_real_escape_string_awesome($finalpermanentaddress2) . ",\n\t\t\t" . mysql_real_escape_string_awesome($finalpermanentaddress3) . ",\n\t\t\t" . mysql_real_escape_string_awesome($finalpermanentcity) . ",\n\t\t\t" . mysql_real_escape_string_awesome($finalpermanentstate) . ",\n\t\t\t" . mysql_real_escape_string_awesome($finalpermanentstateother) . ",\n\t\t\t" . mysql_real_escape_string_awesome($finalpermanentcountry) . ",\n\t\t\t" . mysql_real_escape_string_awesome($finalpermanentzip) . ",\n\t\t\t" . mysql_real_escape_string_awesome($finalparentname) . ",\n\t\t\t" . mysql_real_escape_string_awesome($finalparentmobile) . ",\n\t\t\t" . mysql_real_escape_string_awesome($finalparentrelation) . ",\n\t\t\t" . mysql_real_escape_string_awesome($finalparentorganisation) . ",\n\t\t\t" . mysql_real_escape_string_awesome($finalparentdesignation) . ",\n\t\t\t" . mysql_real_escape_string_awesome($finalparentqualification) . "\n\t\t\t)\n\t\tON DUPLICATE KEY\n\t\tUPDATE\n\t\temail_id = VALUES(email_id),\n\t\tmobile_number = VALUES(mobile_number),\n\t\tphone_number = VALUES(phone_number),\n\t\tcurrent_address_line1 = VALUES(current_address_line1),\n\t\tcurrent_address_line2 = VALUES(current_address_line2),\n\t\tcurrent_address_line3 = VALUES(current_address_line3),\n\t\tcurrent_address_city = VALUES(current_address_city),\n\t\tcurrent_address_state = VALUES(current_address_state),\n\t\tcurrent_address_state_other = VALUES(current_address_state_other),\n\t\tcurrent_address_country = VALUES(current_address_country),\n\t\tcurrent_address_pin = VALUES(current_address_pin),\n\t\tpermanent_same_as_current_address = VALUES(permanent_same_as_current_address),\n\t\tpermanent_address_line1 = VALUES(permanent_address_line1),\n\t\tpermanent_address_line2 = VALUES(permanent_address_line2),\n\t\tpermanent_address_line3 = VALUES(permanent_address_line3),\n\t\tpermanent_address_city = VALUES(permanent_address_city),\n\t\tpermanent_address_state = VALUES(permanent_address_state),\n\t\tpermanent_address_state_other = VALUES(permanent_address_state_other),\n\t\tpermanent_address_country = VALUES(permanent_address_country),\n\t\tpermanent_address_pin = VALUES(permanent_address_pin),\n\t\tparent_name = VALUES(parent_name),\n\t\tparent_mobile = VALUES(parent_mobile),\n\t\tparent_relation = VALUES(parent_relation),\n\t\tparent_organisation = VALUES(parent_organisation),\n\t\tparent_designation = VALUES(parent_designation),\n\t\tparent_qualification = VALUES(parent_qualification)\n\t\t;";
$insertcontact = mysql_query($sqlcontact);
if (!$insertcontact) {
die('Could not enter data: ' . mysql_error());
}
} else {
}
redirect_time($baseurl . 'admin/dashboard.php?lang=' . $_GET['lang'] . '');
} else {
echo $lang['login_no_session'];
}
} else {
if ($sqlUser['login_system_login_attempts_attempts'] >= 3) {
$unlocktime = date("Y-m-d H:i:s", strtotime('+1 hour'));
$blocked = "UPDATE " . $mysqltable_name_2 . " SET login_system_login_attempts_blocked_time = " . mysql_real_escape_string_awesome($unlocktime) . " WHERE login_system_login_attempts_username = "******"";
$blockedquery = mysql_query($blocked);
echo $lang['login_account_blocked'];
} else {
if ($queryUser == 0) {
$insertfail = "INSERT INTO " . $mysqltable_name_2 . " (login_system_login_attempts_ip,login_system_login_attempts_attempts,login_system_login_attempts_date,login_system_login_attempts_username) VALUES (" . mysql_real_escape_string_awesome($finaluserip) . ",1," . mysql_real_escape_string_awesome($datetime) . "," . mysql_real_escape_string_awesome($finalusername) . ")";
$insertquery = mysql_query($insertfail);
} else {
$updatefail = "UPDATE " . $mysqltable_name_2 . " SET login_system_login_attempts_attempts = login_system_login_attempts_attempts+1, login_system_login_attempts_ip = " . mysql_real_escape_string_awesome($finaluserip) . ", login_system_login_attempts_date = " . mysql_real_escape_string_awesome($datetime) . " WHERE login_system_login_attempts_username = "******"";
$updatequery = mysql_query($updatefail);
}
echo $lang['login_incorrect_information'];
}
}
} else {
echo $lang['login_account_still_locked'];
}
} else {
echo $lang['login_account_not_activated'];
}
} else {
echo $lang['login_incorrect_information'];
}
}
<?php
include '../csrf_protection/csrf-token.php';
include '../csrf_protection/csrf-class.php';
if (!isset($_SESSION)) {
$some_name = session_name("VedicaAdmission");
session_start();
}
include '../config/config.php';
include '../config/functions.php';
$language = array('en' => 'en', 'pt' => 'pt');
if (isset($_GET['lang']) and array_key_exists($_GET['lang'], $language)) {
include '../language/' . $language[$_GET['lang']] . '.php';
} else {
include '../language/en.php';
}
$update_firstname = strip_tags(trim_awesome($_POST["update_firstname"]));
$update_lastname = strip_tags(trim_awesome($_POST["update_lastname"]));
$update_finalfirstname = htmlspecialchars($update_firstname, ENT_QUOTES, 'UTF-8');
$update_finallastname = htmlspecialchars($update_lastname, ENT_QUOTES, 'UTF-8');
if (!CSRF::check('update-account-form')) {
echo $lang['update_account_wrong_security_token'];
} else {
$update1 = "UPDATE " . $admission_users . " SET f_name = " . mysql_real_escape_string_awesome($update_finalfirstname) . ", l_name = " . mysql_real_escape_string_awesome($update_finallastname) . " WHERE login_system_registrations_user_id = " . mysql_real_escape_string_awesome($_SESSION['userLogin']) . "";
$updatequery1 = mysql_query($update1);
if ($updatequery1) {
echo $lang['update_account_successful'];
} else {
echo $lang['update_account_unsuccessful'];
}
}
$some_name = session_name("VedicaAdmission");
session_start();
}
include '../config/config.php';
include '../config/functions.php';
$language = array('en' => 'en', 'pt' => 'pt');
if (isset($_GET['lang']) and array_key_exists($_GET['lang'], $language)) {
include '../language/' . $language[$_GET['lang']] . '.php';
} else {
include '../language/en.php';
}
$update_social_email = strip_tags(trim_awesome($_POST["update_social_useremail"]));
$update_final_social_email = htmlspecialchars($update_social_email, ENT_QUOTES, 'UTF-8');
if (!CSRF::check('update-social-account')) {
echo $lang['update_social_account_wrong_security_token'];
} else {
$emailsearch = mysql_query("SELECT * FROM " . $mysqltable_name_5 . " WHERE login_system_register_social_networks_email = " . mysql_real_escape_string_awesome($update_final_social_email) . "");
$emailresult = mysql_num_rows($emailsearch);
$emailquery = mysql_fetch_array($emailsearch);
if ($emailquery && $emailquery['login_system_register_social_networks_provider_user_id'] != $_SESSION['loginProviderID']) {
echo $lang['update_social_account_already_taken'];
} else {
$update1 = "UPDATE " . $mysqltable_name_5 . " SET login_system_register_social_networks_email = " . mysql_real_escape_string_awesome($update_final_social_email) . " WHERE login_system_register_social_networks_provider_user_id = " . mysql_real_escape_string_awesome($_SESSION['loginProviderID']) . "";
$updatequery1 = mysql_query($update1);
if ($updatequery1) {
echo $lang['update_social_account_successful'];
} else {
echo $lang['update_social_account_unsuccessful'];
}
}
}
${'organizationtypeother' . $x} = strip_tags(trim_awesome($_POST[$iorganizationtypeother]));
${'industrytype' . $x} = strip_tags(trim_awesome($_POST[$iindustrytype]));
${'workstarted' . $x} = strip_tags(trim_awesome($_POST[$iworkstarted]));
${'workcompleted' . $x} = strip_tags(trim_awesome($_POST[$iworkcompleted]));
${'comapnyjoinedas' . $x} = strip_tags(trim_awesome($_POST[$icomapnyjoinedas]));
${'currentdesignation' . $x} = strip_tags(trim_awesome($_POST[$icurrentdesignation]));
${'annualrenumeration' . $x} = strip_tags(trim_awesome($_POST[$iannualrenumeration]));
${'rolesandresponsibility' . $x} = strip_tags(trim_awesome($_POST[$irolesandresponsibility]));
${'extraworkexcount' . $x} = strip_tags(trim_awesome($_POST[$iextraworkexcount]));
${'totalworkex' . $x} = strip_tags(trim_awesome($_POST[$itotalworkex]));
${'finalemployementtype' . $x} = htmlspecialchars(${'employementtype' . $x}, ENT_QUOTES, 'UTF-8');
${'finalorganizationname' . $x} = htmlspecialchars(${'organizationname' . $x}, ENT_QUOTES, 'UTF-8');
${'finalorganizationtype' . $x} = htmlspecialchars(${'organizationtype' . $x}, ENT_QUOTES, 'UTF-8');
${'finalorganizationtypeother' . $x} = htmlspecialchars(${'organizationtypeother' . $x}, ENT_QUOTES, 'UTF-8');
${'finalindustrytype' . $x} = htmlspecialchars(${'industrytype' . $x}, ENT_QUOTES, 'UTF-8');
${'finalworkstarted' . $x} = htmlspecialchars(${'workstarted' . $x}, ENT_QUOTES, 'UTF-8');
${'finalworkcompleted' . $x} = htmlspecialchars(${'workcompleted' . $x}, ENT_QUOTES, 'UTF-8');
${'finalcomapnyjoinedas' . $x} = htmlspecialchars(${'comapnyjoinedas' . $x}, ENT_QUOTES, 'UTF-8');
${'finalcurrentdesignation' . $x} = htmlspecialchars(${'currentdesignation' . $x}, ENT_QUOTES, 'UTF-8');
${'finalannualrenumeration' . $x} = htmlspecialchars(${'annualrenumeration' . $x}, ENT_QUOTES, 'UTF-8');
${'finalrolesandresponsibility' . $x} = htmlspecialchars(${'rolesandresponsibility' . $x}, ENT_QUOTES, 'UTF-8');
${'finalextraworkexcount' . $x} = htmlspecialchars(${'extraworkexcount' . $x}, ENT_QUOTES, 'UTF-8');
${'finaltotalworkex' . $x} = htmlspecialchars(${'totalworkex' . $x}, ENT_QUOTES, 'UTF-8');
$sqlworkexextra = "INSERT INTO `vedica_admn_2017`.`added_work_experience_details` (`application_id`, `employement_type`, `name_of_organization`, `organization_type`, `organization_type_other`, `started_work_date`, `completed_work_date`, `joined_as`, `current_designation`, `annual_renumeration`, `roles_and_responsibilty`) VALUES (\n\t\t\t\t" . mysql_real_escape_string_awesome($finalapplicationid) . ",\n\t\t\t\t" . mysql_real_escape_string_awesome(${'finalemployementtype' . $x}) . ",\n\t\t\t\t" . mysql_real_escape_string_awesome(${'finalorganizationname' . $x}) . ",\n\t\t\t\t" . mysql_real_escape_string_awesome(${'finalorganizationtype' . $x}) . ",\n\t\t\t\t" . mysql_real_escape_string_awesome(${'finalorganizationtypeother' . $x}) . ",\n\t\t\t\t" . mysql_real_escape_string_awesome(${'finalworkstarted' . $x}) . ",\n\t\t\t\t" . mysql_real_escape_string_awesome(${'finalworkcompleted' . $x}) . ",\n\t\t\t\t" . mysql_real_escape_string_awesome(${'finalcomapnyjoinedas' . $x}) . ",\n\t\t\t\t" . mysql_real_escape_string_awesome(${'finalcurrentdesignation' . $x}) . ",\n\t\t\t\t" . mysql_real_escape_string_awesome(${'finalannualrenumeration' . $x}) . ",\n\t\t\t\t" . mysql_real_escape_string_awesome(${'finalrolesandresponsibility' . $x}) . "\n\t\t\t\t);";
$insertworkexextra = mysql_query($sqlworkexextra);
if (!$insertworkexextra) {
die('Could not enter data: ' . mysql_error());
}
}
} else {
}
$applicationid = strip_tags(trim_awesome($_SESSION['userName']));
$firstname = strip_tags(trim_awesome($_POST["firstname"]));
$middlename = strip_tags(trim_awesome($_POST["middlename"]));
$lastname = strip_tags(trim_awesome($_POST["lastname"]));
$dob = strip_tags(trim_awesome($_POST["dob"]));
$gender = strip_tags(trim_awesome($_POST["gender"]));
$bloodgrp = strip_tags(trim_awesome($_POST["bloodgrp"]));
$hearaboutvs = strip_tags(trim_awesome($_POST["hearaboutvs"]));
$finalapplicationid = htmlspecialchars($applicationid, ENT_QUOTES, 'UTF-8');
$finalfirstname = htmlspecialchars($firstname, ENT_QUOTES, 'UTF-8');
$finalmiddlename = htmlspecialchars($middlename, ENT_QUOTES, 'UTF-8');
$finallastname = htmlspecialchars($lastname, ENT_QUOTES, 'UTF-8');
$finaldob = htmlspecialchars($dob, ENT_QUOTES, 'UTF-8');
$finalgender = htmlspecialchars($gender, ENT_QUOTES, 'UTF-8');
$finalbloodgrp = htmlspecialchars($bloodgrp, ENT_QUOTES, 'UTF-8');
$finalhearaboutvs = htmlspecialchars($hearaboutvs, ENT_QUOTES, 'UTF-8');
if ($finaldob) {
$c = date('Y');
$y = date('Y', strtotime($finaldob));
$finalage = $c - $y;
} else {
$finalage = '';
}
if ($mysql == true) {
$sqlpersonal = "INSERT INTO `vedica_admn_2017`.`users_personal_details` (`application_id`, `f_name`, `m_name`, `l_name`,`user_dob`, `age`, `gender`, `blood_group`, `hear_abt_vedica`) VALUES (" . mysql_real_escape_string_awesome($finalapplicationid) . "," . mysql_real_escape_string_awesome($finalfirstname) . "," . mysql_real_escape_string_awesome($finalmiddlename) . "," . mysql_real_escape_string_awesome($finallastname) . "," . mysql_real_escape_string_awesome($finaldob) . "," . mysql_real_escape_string_awesome($finalage) . "," . mysql_real_escape_string_awesome($finalgender) . "," . mysql_real_escape_string_awesome($finalbloodgrp) . "," . mysql_real_escape_string_awesome($finalhearaboutvs) . ")\n\t\tON DUPLICATE KEY\n\t\tUPDATE\n\t\tf_name = VALUES(f_name),\n\t\tm_name = VALUES(m_name),\n\t\tl_name = VALUES(l_name),\n\t\tuser_dob = VALUES(user_dob),\n\t\tage = VALUES(age),\n\t\tgender = VALUES(gender),\n\t\tblood_group = VALUES(blood_group),\n\t\thear_abt_vedica = VALUES(hear_abt_vedica)\n\t\t;";
$insertpersonal = mysql_query($sqlpersonal);
if (!$insertpersonal) {
die('Could not enter data: ' . mysql_error());
}
} else {
}
<div class="column-twelve">
<div id="activation-message">
<?php
if (isset($_GET['email']) && isset($_GET['token'])) {
$useremail = strip_tags(trim_awesome($_GET["email"]));
$emailtoken = strip_tags(trim_awesome($_GET["token"]));
$finaluseremail = htmlspecialchars($useremail, ENT_QUOTES, 'UTF-8');
$finalemailtoken = htmlspecialchars($emailtoken, ENT_QUOTES, 'UTF-8');
$emailtime = date("Y-m-d H:i:s");
$selectexpire = mysql_query("SELECT * FROM " . $mysqltable_name_4 . " WHERE login_system_email_activation_token = " . mysql_real_escape_string_awesome($finalemailtoken) . " AND login_system_email_activation_expire > " . mysql_real_escape_string_awesome($emailtime) . "");
$resultexpire = mysql_num_rows($selectexpire);
if ($resultexpire == 1) {
$search = mysql_query("SELECT login_system_email_activation_useremail, login_system_email_activation_token, login_system_email_activation_status FROM " . $mysqltable_name_4 . " WHERE login_system_email_activation_useremail = " . mysql_real_escape_string_awesome($finaluseremail) . " AND login_system_email_activation_token = " . mysql_real_escape_string_awesome($finalemailtoken) . " AND login_system_email_activation_status = '0'");
$result = mysql_num_rows($search);
if ($result == 1) {
$update = "UPDATE " . $mysqltable_name_4 . " SET login_system_email_activation_status ='1' WHERE login_system_email_activation_useremail = " . mysql_real_escape_string_awesome($finaluseremail) . " AND login_system_email_activation_token = " . mysql_real_escape_string_awesome($finalemailtoken) . " AND login_system_email_activation_status = '0'";
$updatequery = mysql_query($update);
if ($updatequery) {
echo $lang['activation_successful'];
} else {
echo $lang['activation_unsuccessful'];
}
} else {
echo $lang['activation_already_active'];
}
} else {
echo $lang['activation_link_expire'];
}
} else {
echo $lang['activation_wrong_link_or_email'];
}
$finalpasstoken = md5(uniqid(rand(), true));
$expiretokenpass = date("Y-m-d H:i:s", strtotime('+1 hour'));
if ($resultblock == 0) {
$sql = "INSERT INTO " . $mysqltable_name_3 . " (login_system_forgot_password_user_id,login_system_forgot_password_username,login_system_forgot_password_expire,login_system_forgot_password_useremail,login_system_forgot_password_token,login_system_forgot_password_date,login_system_forgot_password_ip,login_system_forgot_password_attempts) VALUES (" . mysql_real_escape_string_awesome($queryid['login_system_registrations_user_id']) . "," . mysql_real_escape_string_awesome($finalusername) . "," . mysql_real_escape_string_awesome($expiretokenpass) . "," . mysql_real_escape_string_awesome($finaluseremail) . "," . mysql_real_escape_string_awesome($finalpasstoken) . "," . mysql_real_escape_string_awesome($datetime) . "," . mysql_real_escape_string_awesome($finaluserip) . ",'1')";
$insert = mysql_query($sql);
} else {
$updatefail = "UPDATE " . $mysqltable_name_3 . " SET login_system_forgot_password_attempts = login_system_forgot_password_attempts+1, login_system_forgot_password_ip = " . mysql_real_escape_string_awesome($finaluserip) . " ,login_system_forgot_password_expire = " . mysql_real_escape_string_awesome($expiretokenpass) . ", login_system_forgot_password_token = " . mysql_real_escape_string_awesome($finalpasstoken) . ", login_system_forgot_password_date = " . mysql_real_escape_string_awesome($datetime) . " WHERE login_system_forgot_password_useremail = " . mysql_real_escape_string_awesome($finaluseremail) . "";
$updatequery = mysql_query($updatefail);
}
if ($blockResult['login_system_forgot_password_attempts'] == 5) {
$blockedtime = date("Y-m-d H:i:s", strtotime('+1 hour'));
$blocked = "UPDATE " . $mysqltable_name_3 . " SET login_system_forgot_password_blocked_time = " . mysql_real_escape_string_awesome($blockedtime) . " WHERE login_system_forgot_password_useremail = " . mysql_real_escape_string_awesome($finaluseremail) . "";
$blockedquery = mysql_query($blocked);
echo $lang['forgot_account_locked'];
} elseif ($blockResult['login_system_forgot_password_attempts'] >= 6) {
$sqlupdate = "UPDATE " . $mysqltable_name_3 . " SET login_system_forgot_password_attempts = '0', login_system_forgot_password_blocked_time = '0000-00-00 00:00:00', login_system_forgot_password_ip = " . mysql_real_escape_string_awesome($finaluserip) . ", login_system_forgot_password_token = " . mysql_real_escape_string_awesome($finalpasstoken) . ", login_system_forgot_password_expire = " . mysql_real_escape_string_awesome($expiretokenpass) . ", login_system_forgot_password_date = " . mysql_real_escape_string_awesome($datetime) . " WHERE login_system_forgot_password_useremail = " . mysql_real_escape_string_awesome($finaluseremail) . "";
$updatesql = mysql_query($sqlupdate);
include dirname(__FILE__) . '/phpmailer/PHPMailerAutoload.php';
include dirname(__FILE__) . '/messages/automessagepass.php';
$automail = new PHPMailer();
$automail->IsSMTP();
$automail->SMTPAuth = true;
$automail->SMTPSecure = $protocol;
$automail->Host = $host;
$automail->Port = $port;
$automail->Username = $smtpusername;
$automail->Password = $smtppassword;
$automail->From = $youremail;
$automail->FromName = $yourname;
$automail->isHTML(true);
$automail->CharSet = "UTF-8";
if ($resultexpire == 1) {
$search = mysql_query("SELECT login_system_forgot_password_useremail, login_system_forgot_password_token FROM " . $mysqltable_name_3 . " WHERE login_system_forgot_password_useremail = " . mysql_real_escape_string_awesome($finaluseremail) . " AND login_system_forgot_password_token = " . mysql_real_escape_string_awesome($finalpasstoken) . "");
$result = mysql_num_rows($search);
if ($result == 1) {
$newpassword = strip_tags(trim_awesome($_POST["password"]));
$newretypepassword = strip_tags(trim_awesome($_POST["retypepassword"]));
$newfinalpass = htmlspecialchars($newpassword, ENT_QUOTES, 'UTF-8');
$newfinalretypepass = htmlspecialchars($newretypepassword, ENT_QUOTES, 'UTF-8');
if (!CSRF::check('newpassword-form')) {
echo $lang['new_password_wrong_security_token'];
} else {
include dirname(__FILE__) . '/php-pass-framework/PasswordHash.php';
$hasher = new PasswordHash(8, false);
$finalsalt = hash('sha512', uniqid(mt_rand(1, mt_getrandmax()), true));
$newpassword = $hasher->HashPassword($newfinalpass . $finalsalt . $passwordsalt);
$update = "UPDATE " . $admission_users . " SET password = "******", salt = " . mysql_real_escape_string_awesome($finalsalt) . " WHERE email_id = " . mysql_real_escape_string_awesome($finaluseremail) . "";
$updatequery = mysql_query($update);
if ($updatequery) {
echo $lang['new_password_successful'];
} else {
echo $lang['new_password_unsuccessful'];
}
}
} else {
echo $lang['new_password_wrong_link_email_or_token'];
}
} else {
echo $lang['new_password_link_expire'];
}
} else {
echo $lang['new_password_wrong_link_or_email'];
if (isset($_GET['lang']) and array_key_exists($_GET['lang'], $language)) {
include '../language/' . $language[$_GET['lang']] . '.php';
} else {
include '../language/en.php';
}
$update_username = strip_tags(trim_awesome($_POST["update_username"]));
$update_finalusername = htmlspecialchars($update_username, ENT_QUOTES, 'UTF-8');
if (!CSRF::check('update-username-form')) {
echo $lang['update_username_wrong_security_token'];
} else {
$usersearch = mysql_query("SELECT * FROM " . $admission_users . " WHERE application_id = " . mysql_real_escape_string_awesome($update_finalusername) . "");
$userresult = mysql_num_rows($usersearch);
$userquery = mysql_fetch_array($usersearch);
if ($userquery && $userquery['login_system_registrations_user_id'] != $_SESSION['userLogin']) {
echo $lang['update_username_already_taken'];
} else {
$update1 = "UPDATE " . $admission_users . " SET application_id = " . mysql_real_escape_string_awesome($update_finalusername) . " WHERE login_system_registrations_user_id = " . mysql_real_escape_string_awesome($_SESSION['userLogin']) . "";
$updatequery1 = mysql_query($update1);
$update2 = "UPDATE " . $mysqltable_name_2 . " SET login_system_login_attempts_username = "******" WHERE login_system_login_attempts_user_id = " . mysql_real_escape_string_awesome($_SESSION['userLogin']) . "";
$updatequery2 = mysql_query($update2);
$update3 = "UPDATE " . $mysqltable_name_3 . " SET login_system_forgot_password_username = "******" WHERE login_system_forgot_password_user_id = " . mysql_real_escape_string_awesome($_SESSION['userLogin']) . "";
$updatequery3 = mysql_query($update3);
$update4 = "UPDATE " . $mysqltable_name_4 . " SET login_system_email_activation_username = "******" WHERE login_system_email_activation_user_id = " . mysql_real_escape_string_awesome($_SESSION['userLogin']) . "";
$updatequery4 = mysql_query($update4);
if ($updatequery1 && $updatequery2 && $updatequery3 && $updatequery4) {
echo $lang['update_username_successful'];
} else {
echo $lang['update_username_unsuccessful'];
}
}
}
include dirname(__FILE__) . '/hybridauth/Hybrid/Auth.php';
try {
$hybridauth = new Hybrid_Auth($config);
$provider = @trim(strip_tags($_GET["provider"]));
$adapter = $hybridauth->getAdapter($provider);
$finalemailtoken = md5(uniqid(rand(), true));
$datetime = date("Y-m-d H:i:s");
$expiretokenemail = date("Y-m-d H:i:s", strtotime('+1 hour'));
$duplicate = mysql_query("SELECT * FROM " . $mysqltable_name_5 . " WHERE login_system_register_social_networks_email = " . mysql_real_escape_string_awesome($finaluseremail) . "");
$result = mysql_num_rows($duplicate);
if ($result == 0) {
$usersuccess = mysql_query("SELECT login_system_register_social_networks_provider_user_id FROM " . $mysqltable_name_5 . " WHERE login_system_register_social_networks_provider_user_id = " . mysql_real_escape_string_awesome($_SESSION['loginProviderID']) . "");
$usersql = mysql_num_rows($usersuccess);
$updatesuccess = "UPDATE " . $mysqltable_name_5 . " SET login_system_register_social_networks_email = " . mysql_real_escape_string_awesome($finaluseremail) . ", login_system_register_social_networks_date = " . mysql_real_escape_string_awesome($datetime) . " WHERE login_system_register_social_networks_provider_user_id = " . mysql_real_escape_string_awesome($_SESSION['loginProviderID']) . "";
$updatesession = mysql_query($updatesuccess);
$usersearch = mysql_query("SELECT login_system_register_social_networks_email FROM " . $mysqltable_name_5 . " WHERE login_system_register_social_networks_provider_user_id = " . mysql_real_escape_string_awesome($_SESSION['loginProviderID']) . "");
$userquery = mysql_num_rows($usersearch);
if ($userquery) {
echo $lang['complete_registration_success'];
redirect_time($baseurl . 'admin/dashboard.php?provider=' . $provider . '&lang=' . $_GET['lang'] . '');
} else {
echo $lang['complete_registration_error'];
}
} else {
echo $lang['complete_registration_duplicate_email'];
}
} catch (Exception $e) {
switch ($e->getCode()) {
case 0:
$error = $lang['login_social_hybrid_error'];
break;
}
?>
<!doctype html>
<html>
<head>
<?php
include '../header.php';
?>
</head>
<body id="dashboard-body">
<?php
$userInfo = mysql_query("SELECT login_system_registrations_user_id,application_status FROM " . $admission_users . " WHERE login_system_registrations_user_id = " . mysql_real_escape_string_awesome($_SESSION['userLogin']) . "");
$userQuery = mysql_num_rows($userInfo);
$user = mysql_fetch_array($userInfo);
if ($user['application_status'] == "Completed") {
redirect($baseurl . 'admin/done.php');
} else {
if ($registration_closed == 'Y') {
redirect($baseurl . 'admin/thankyou.php');
die;
}
}
?>
<?php
if ($_SESSION['userLogin'] && $_SESSION['userName']) {
$resultuser = mysql_fetch_array($searchuser);
$finalfirstname = $resultuser['f_name'];
$finallastname = $resultuser['l_name'];
$finalusername = $resultuser['application_id'];
if ($result == 1) {
$finalemailtoken = md5(uniqid(rand(), true));
$expiretokenemail = date("Y-m-d H:i:s", strtotime('+1 hour'));
$sqlupdate = "UPDATE " . $mysqltable_name_4 . " SET login_system_email_activation_attempts = login_system_email_activation_attempts+1, login_system_email_activation_ip = " . mysql_real_escape_string_awesome($finaluserip) . ", login_system_email_activation_token = " . mysql_real_escape_string_awesome($finalemailtoken) . ",login_system_email_activation_expire = " . mysql_real_escape_string_awesome($expiretokenemail) . ", login_system_email_activation_date = " . mysql_real_escape_string_awesome($datetime) . " WHERE login_system_email_activation_useremail = " . mysql_real_escape_string_awesome($finaluseremail) . "";
$updatesql = mysql_query($sqlupdate);
if ($blockResult['login_system_email_activation_attempts'] == 5) {
$blockedtime = date("Y-m-d H:i:s", strtotime('+1 hour'));
$blocked = "UPDATE " . $mysqltable_name_4 . " SET login_system_email_activation_blocked_time = " . mysql_real_escape_string_awesome($blockedtime) . " WHERE login_system_email_activation_useremail = " . mysql_real_escape_string_awesome($finaluseremail) . "";
$blockedquery = mysql_query($blocked);
echo $lang['resend_activation_token_account_locked'];
} elseif ($blockResult['login_system_email_activation_attempts'] >= 6) {
$sqlupdate = "UPDATE " . $mysqltable_name_4 . " SET login_system_email_activation_attempts = 0, login_system_email_activation_blocked_time = '0000-00-00 00:00:00', login_system_email_activation_ip = " . mysql_real_escape_string_awesome($finaluserip) . ", login_system_email_activation_token = " . mysql_real_escape_string_awesome($finalemailtoken) . ",login_system_email_activation_expire = " . mysql_real_escape_string_awesome($expiretokenemail) . ", login_system_email_activation_date = " . mysql_real_escape_string_awesome($datetime) . " WHERE login_system_email_activation_useremail = " . mysql_real_escape_string_awesome($finaluseremail) . "";
$updatesql = mysql_query($sqlupdate);
include dirname(__FILE__) . '/phpmailer/PHPMailerAutoload.php';
include dirname(__FILE__) . '/messages/automessageemail.php';
$automail = new PHPMailer();
$automail->IsSMTP();
$automail->SMTPAuth = true;
$automail->SMTPSecure = $protocol;
$automail->Host = $host;
$automail->Port = $port;
$automail->Username = $smtpusername;
$automail->Password = $smtppassword;
$automail->From = $youremail;
$automail->FromName = $yourname;
$automail->isHTML(true);
$automail->CharSet = "UTF-8";
if (!isset($_SESSION)) {
$some_name = session_name("VedicaAdmission");
session_start();
}
include '../config/config.php';
include '../config/functions.php';
$language = array('en' => 'en', 'pt' => 'pt');
if (isset($_GET['lang']) and array_key_exists($_GET['lang'], $language)) {
include '../language/' . $language[$_GET['lang']] . '.php';
} else {
include '../language/en.php';
}
$update_password = strip_tags(trim_awesome($_POST["update_password"]));
$update_retypepassword = strip_tags(trim_awesome($_POST["update_retypepassword"]));
$update_finalpass = htmlspecialchars($update_password, ENT_QUOTES, 'UTF-8');
$update_finalretypepass = htmlspecialchars($update_retypepassword, ENT_QUOTES, 'UTF-8');
if (!CSRF::check('update-password-form')) {
echo $lang['update_password_wrong_security_token'];
} else {
include '../php-pass-framework/PasswordHash.php';
$hasher = new PasswordHash(8, false);
$finalsalt = hash('sha512', uniqid(mt_rand(1, mt_getrandmax()), true));
$newpassword = $hasher->HashPassword($update_finalpass . $finalsalt . $passwordsalt);
$update = "UPDATE " . $admission_users . " SET password = "******", salt = " . mysql_real_escape_string_awesome($finalsalt) . " WHERE login_system_registrations_user_id = " . mysql_real_escape_string_awesome($_SESSION['userLogin']) . "";
$updatequery = mysql_query($update);
if ($updatequery) {
echo $lang['update_password_successful'];
} else {
echo $lang['update_password_unsuccessful'];
}
}
if ($time > $_SESSION['expire']) {
session_destroy();
timeout();
exit(0);
}
}
$_SESSION['start'] = time();
$_SESSION['expire'] = $_SESSION['start'] + 60 * 60;
if (strlen(trim($_SESSION['userName'])) == 0) {
session_destroy();
timeout();
die;
}
$applicationid = strip_tags(trim_awesome($_SESSION['userName']));
$rolemodelinfo = strip_tags(trim_awesome($_POST["rolemodelinfo"]));
$failureinfo = strip_tags(trim_awesome($_POST["failureinfo"]));
$acheivementasalumnus = strip_tags(trim_awesome($_POST["acheivementasalumnus"]));
$supportinfo = strip_tags(trim_awesome($_POST["supportinfo"]));
$finalapplicationid = htmlspecialchars($applicationid, ENT_QUOTES, 'UTF-8');
$finalrolemodelinfo = htmlspecialchars($rolemodelinfo, ENT_QUOTES, 'UTF-8');
$finalfailureinfo = htmlspecialchars($failureinfo, ENT_QUOTES, 'UTF-8');
$finalacheivementasalumnus = htmlspecialchars($acheivementasalumnus, ENT_QUOTES, 'UTF-8');
$finalsupportinfo = htmlspecialchars($supportinfo, ENT_QUOTES, 'UTF-8');
if ($mysql == true) {
$sqladditionalinfo = "INSERT INTO `vedica_admn_2017`.`user_additional_info` (`application_id`, `role_model_info`, `failure_info`, `acheivement_as_alumnus`,`support_info`) VALUES (" . mysql_real_escape_string_awesome($finalapplicationid) . "," . mysql_real_escape_string_awesome($finalrolemodelinfo) . "," . mysql_real_escape_string_awesome($finalfailureinfo) . "," . mysql_real_escape_string_awesome($finalacheivementasalumnus) . "," . mysql_real_escape_string_awesome($finalsupportinfo) . ")\n\t\tON DUPLICATE KEY\n\t\tUPDATE\n\t\trole_model_info = VALUES(role_model_info),\n\t\tfailure_info = VALUES(failure_info),\n\t\tacheivement_as_alumnus = VALUES(acheivement_as_alumnus),\n\t\tsupport_info = VALUES(support_info)\n\t\t;";
$insertaddtionalinfo = mysql_query($sqladditionalinfo);
if (!$insertaddtionalinfo) {
die('Could not enter data: ' . mysql_error());
}
} else {
}
