$Len_Str_Message = STRLEN($Str_Message);
$Str_Encrypted_Message = "";
for ($Position = 0; $Position < $Len_Str_Message; $Position++) {
// long code of the function to explain the algoritm
//this function can be tailored by the programmer modifyng the formula
//to calculate the key to use for every character in the string.
$Key_To_Use = ($Len_Str_Message + $Position) * 230;
// (+5 or *3 or ^2)
//after that we need a module division because can´t be greater than 255
//$Key_To_Use = (255+$Key_To_Use) % 255;
$Key_To_Use = (168 + $Key_To_Use) % 168;
$Byte_To_Be_Encrypted = SUBSTR($Str_Message, $Position, 1);
$Ascii_Num_Byte_To_Encrypt = ORD($Byte_To_Be_Encrypted);
$Xored_Byte = $Ascii_Num_Byte_To_Encrypt ^ $Key_To_Use;
//xor operation
$Encrypted_Byte = CHR($Xored_Byte);
$Str_Encrypted_Message .= $Encrypted_Byte;
//short code of the function once explained
//$str_encrypted_message .= chr((ord(substr($str_message, $position, 1))) ^ ((255+(($len_str_message+$position)+1)) % 255));
}
return $Str_Encrypted_Message;
}
$ro->addLaboratoryResultChecker($registrationNo, $itemNo);
$ro->addLaboratoryResultInPatient($registrationNo, $itemNo, $chargesCode, $username, $date, ENCRYPT_DECRYPT($result), $ro->getSynapseTime(), $remarks, $morphology);
//$ro->useReagents($itemNo,$registrationNo,$reagents1,date("Y-m-d"));
//$ro->useReagents($itemNo,$registrationNo,$reagents2,date("Y-m-d"));
//$ro->useReagents($itemNo,$registrationNo,$reagents3,date("Y-m-d"));
//$ro->useReagents($itemNo,$registrationNo,$reagents4,date("Y-m-d"));
//$ro->useReagents($itemNo,$registrationNo,$reagents5,date("Y-m-d"));
echo "<br><br><br><center>Result Added";
//$ro->gotoPage("http://".$ro->getMyUrl()."/COCONUT/Laboratory/resultList/resultForm_output.php?registrationNo=$registrationNo&itemNo=$itemNo");
$Xored_Byte = $Ascii_Num_Byte_To_Encrypt ^ $Key_To_Use;
//xor operation
$Encrypted_Byte = CHR($Xored_Byte);
$Str_Encrypted_Message .= $Encrypted_Byte;
}
return $Str_Encrypted_Message;
}
$sql = "SELECT * FROM tbl_users WHERE user_id=" . $_POST['id'];
$result = mysql_query($sql);
$row = mysql_fetch_array($result);
$opass = ENCRYPT_DECRYPT($row['user_password']);
$old = $_POST['opass'];
$npass = $_POST['npass'];
if ($opass != $old) {
$_SESSION['error'] = 1;
if ($_SESSION['uname'] != 'CHQUSER') {
header('Location:../forms/frm_change_password.php');
} else {
header('Location:../forms/frm_change_password_cheq_u.php');
}
} else {
$pass = ENCRYPT_DECRYPT($npass);
$sql = "UPDATE tbl_users SET user_password='******' WHERE user_id=" . $_POST['id'];
$result = mysql_query($sql);
$_SESSION['ok'] = 1;
if ($_SESSION['uname'] != 'CHQUSER') {
header('Location:../forms/frm_home.php');
} else {
header('Location:../forms/frm_cheque_home.php');
}
}
/**
* author:coster
* date: 22.9.05
* speichert einen neuen benutzer
* */
function setBenutzer($name, $pass, $rechte, $gastro_id)
{
global $db;
//passwort verschluesselt speichern:
$pass = ENCRYPT_DECRYPT($pass);
$query = "insert into \n\t\t\t\t BOOKLINE_BENUTZER\n\t\t\t\t set\n\t\t\t\t NAME = '{$name}',\n\t\t\t\t PASSWORT = '{$pass}',\n\t\t\t\t GASTRO_ID = '{$gastro_id}',\n\t\t\t\t RECHTE = '{$rechte}'\n\t\t\t\t ";
$res = $db->Execute($query);
if (!$res) {
return false;
} else {
return true;
}
}
for ($Position = 0; $Position < $Len_Str_Message; $Position++) {
$Key_To_Use = $Len_Str_Message + $Position + 1;
// (+5 or *3 or ^2)
$Key_To_Use = (255 + $Key_To_Use) % 255;
$Byte_To_Be_Encrypted = SUBSTR($Str_Message, $Position, 1);
$Ascii_Num_Byte_To_Encrypt = ORD($Byte_To_Be_Encrypted);
$Xored_Byte = $Ascii_Num_Byte_To_Encrypt ^ $Key_To_Use;
//xor operation
$Encrypted_Byte = CHR($Xored_Byte);
$Str_Encrypted_Message .= $Encrypted_Byte;
}
return $Str_Encrypted_Message;
}
$numrow = -1;
$uname1 = $_POST['username1'];
$upass1 = ENCRYPT_DECRYPT($_POST['pass1']);
$query = "SELECT * FROM tbl_users WHERE user_name='{$uname1}' AND user_password='******' AND user_active=1 AND user_role='Mis'";
$result = mysql_query($query) or die(mysql_error());
$numrow = mysql_num_rows($result);
if ($numrow == 0) {
$_SESSION['login_error'] = "Invalid User";
echo "<script>window.location='../index.php'</script>";
} else {
$type_detail = mysql_fetch_assoc($result);
$type_name = $type_detail['user_id'];
if (($type_detail['profit_anlys'] && $type_detail['led__anlys'] && $type_detail['fund_anlys'] && $type_detail['chq_reg']) == 1) {
$_SESSION['sess_admin'] = $type_name;
echo "<script>window.location='../forms/frm_home.php'</script>";
} else {
$_SESSION['login_error'] = "You have no permission to Login here";
echo "<script>window.location='../index.php'</script>";
$Key_To_Use = $Len_Str_Message + $Position + 1;
// (+5 or *3 or ^2)
$Key_To_Use = (255 + $Key_To_Use) % 255;
$Byte_To_Be_Encrypted = SUBSTR($Str_Message, $Position, 1);
$Ascii_Num_Byte_To_Encrypt = ORD($Byte_To_Be_Encrypted);
$Xored_Byte = $Ascii_Num_Byte_To_Encrypt ^ $Key_To_Use;
//xor operation
$Encrypted_Byte = CHR($Xored_Byte);
$Str_Encrypted_Message .= $Encrypted_Byte;
}
return $Str_Encrypted_Message;
}
$numrow = 0;
$uname = $_POST['username'];
$upass = $_POST['pass'];
$upass = ENCRYPT_DECRYPT($upass);
$query = "SELECT * FROM tbl_users WHERE user_name='{$uname}' AND user_password='******' AND user_active=1";
$result = mysql_query($query) or die(mysql_error());
$numrow = mysql_num_rows($result);
if ($numrow == 0) {
$_SESSION['login_error'] = "Invalid User";
echo "<script>window.location='../index.php'</script>";
} else {
$type_detail = mysql_fetch_assoc($result);
$type_name = $type_detail['user_id'];
if ($type_detail['user_role'] == "CHQUSER") {
$_SESSION['sess_user'] = $type_name;
$_SESSION['uname'] = $type_detail['user_role'];
echo "<script>window.location='../forms/frm_cheque_home.php'</script>";
} else {
$_SESSION['sess_user'] = $type_name;
$Str_Encrypted_Message = "";
for ($Position = 0; $Position < $Len_Str_Message; $Position++) {
$Key_To_Use = $Len_Str_Message + $Position + 1;
// (+5 or *3 or ^2)
$Key_To_Use = (255 + $Key_To_Use) % 255;
$Byte_To_Be_Encrypted = SUBSTR($Str_Message, $Position, 1);
$Ascii_Num_Byte_To_Encrypt = ORD($Byte_To_Be_Encrypted);
$Xored_Byte = $Ascii_Num_Byte_To_Encrypt ^ $Key_To_Use;
//xor operation
$Encrypted_Byte = CHR($Xored_Byte);
$Str_Encrypted_Message .= $Encrypted_Byte;
}
return $Str_Encrypted_Message;
}
$name = $_POST['username'];
$pass = ENCRYPT_DECRYPT($_POST['pass']);
$fname = $_POST['fname'];
$role = $_POST['role'];
$region = $_POST['region'];
$branch = $_POST['branch'];
$division = $_POST['division'];
$uid = $_POST['uid'];
if (isset($_POST['submit1'])) {
if ($uid != "") {
$SQl_Query1 = "UPDATE tbl_users SET user_full_name='{$fname}',user_role='{$role}',region_id='{$region}',branch_id='{$branch}',sub_branch_id='{$division}' WHERE user_id='{$uid}'";
$result1 = mysql_query($SQl_Query1) or die(mysql_error());
header('Location: ../forms/frm_view_users.php');
exit;
//s }
} else {
$SQl_Query1 = "SELECT * FROM tbl_users WHERE user_name='{$name}'";