$weight = trim($_POST["weight"]); } if (trim($_POST["publish"]) != "") { $publish1 = trim($_POST["publish"]); } //DOB $dd = $_POST["dd"]; $dm = $_POST["dm"]; $dy = $_POST["dy"]; // Last date of donation. $ld = $_POST["ld"]; $lm = $_POST["lm"]; $ly = $_POST["ly"]; $dob = dmy2mysql($dd, $dm, $dy); $last = dmy2mysql($ld, $lm, $ly); $hashed_password = superHash($password); if ($publish1 == "on") { $publish = 1; } $sql = "INSERT INTO registration (Name,DOB,Gender,Bloodgroup,Weight,AdmissionYear, Branch, Batch, Designation, ContactNo,Emailid,LastDonation,Publish,District,Post)\r\n VALUES ('{$name}', '{$dob}',{$sex},'{$bgroup}','{$weight}','{$admnyear}','{$branch}','{$batch}','{$designation}','{$phone}','{$email}','{$last}', '{$publish}','{$district}','{$address}')"; $sql2 = "INSERT INTO user (UserID, PWD)VALUES ('{$email}' , '{$hashed_password}')"; mysql_query($sql2, $link); $sql3 = "UPDATE stock SET Stock = Stock + 1 WHERE BGroup = '{$bgroup}'"; mysql_query($sql3, $link); if (!mysql_query($sql, $link)) { die('Error' . mysql_error()); } else { mysql_query($result1, $link); $_SESSION['key1'] = '$email'; header("Location: ./index.php?msg=Please login here"); }
$s = ""; if (isset($_POST["userid"])) { if (trim($_POST["userid"]) != "") { $uid = trim($_POST["userid"]); } else { header('Location: ./index.php?msg = "Enter username"'); } } if (isset($_POST["pwd"])) { if ($_POST["pwd"] != "") { $pwd = $_POST["pwd"]; } else { header('Location: ./index.php?msg = "Enter password"'); } } $hashed_pass = superHash($pwd); if ($uid != "" && $pwd != "") { $sql = "select * from user where UserID = '" . $uid . "' and PWD = '" . $hashed_pass . "'"; $rst = mysql_query($sql); $nt = mysql_fetch_array($rst); if ($nt) { if ($nt[UserID] == 'admin') { $k = 0; $i = '1'; $_SESSION['key'] = $k; header('Location: ./main.php'); mysql_query("UPDATE user SET keyvalue ='" . $k . "' where UserID='" . $uid . "'"); } else { $i = '1'; $_SESSION['key'] = $uid; header('Location: ./profile.php');
<?php require 'cnn.php'; require 'hash.php'; $hashed_password = superHash($_POST['password']); $sql = 'UPDATE user SET PWD=\'' . $hashed_password . '\' WHERE UserId=\'' . $_POST['email'] . '\''; mysql_query($sql); header('Location: ./index.php?msg=Password Changed. Login with new password');
$link = mysql_connect(\'' . $dbhost . '\', \'' . $dbuser . '\', \'' . $dbpass . '\'); if (!$link) die("CONNECTION ERROR!!!: " . mysql_error()); mysql_select_db (\'' . $dbname . '\'); ?>'; $cnn_file = 'cnn.php'; if (is_writable($cnn_file)) { header('Location: ./install.php?msg=Error: ' . $cnn_file . ' not writable<br/>'); } $file_handler = fopen($cnn_file, 'w'); fwrite($file_handler, $cnn_string); fclose($file_handler); chmod("cnn.php", 0444); require $cnn_file; // Install initial database $dbfile = 'database.sql'; /*if(is_readable($dbfile)) header( 'Location: ./install.php?msg=Error: '.$dbfile.' not readable<br/>');*/ $file_handler = fopen($dbfile, 'r'); // Execute all the queries stored in database file while (!feof($file_handler)) { $sql_statement = fgets($file_handler); mysql_query($sql_statement, $link); } require 'hash.php'; $hashed_pass = superHash($pass1); $user_sql = "INSERT INTO `user` (`UserID`, `keyvalue`, `PWD`)\n VALUES ('admin', '5', '{$hashed_pass}')"; mysql_query($user_sql, $link); header('Location: ./index.php?msg= Installation Sucessfull. You can now login.');