function check($SQLConn) { // Maybe use another time /* $sessionKey = ""; $SQL=" SELECT US.LastActive, U.FirstName, U.LastName, U.ProfilePicture FROM UserSessions AS US INNER JOIN Users AS U ON US.UserPkey = U.UserPkey WHERE US.SessionKey = '".$sessionKey."' "; */ session_start(); if (isset($_SESSION['LAST_ACTIVITY']) && time() - $_SESSION['LAST_ACTIVITY'] > 1800) { // last request was more than 30 minutes ago session_unset(); // unset $_SESSION variable for the run-time session_destroy(); // destroy session data in storage } if ($_SESSION['userSession']) { $error = false; } else { $error = true; $_SESSION['userSession'] = true; } if ($error == false) { $act = checkAccount($SQLConn); if ($act == true) { $return = $error == true ? "Error" : "Success"; $_SESSION['LAST_ACTIVITY'] = time(); // update last activity time stamp } else { $return = "Error"; } } echo $return; }
<?php /** * Created by PhpStorm. * User: radim_000 * Date: 1. 7. 2015 * Time: 17:08 */ include_once "../functions/check.php"; include_once "../functions/functions.php"; include_once "../functions/dbconnect.php"; include_once "../functions/ages.php"; include_once "../functions/player.php"; checkAccount($_COOKIE["MTU"], $mysqli); ?> <!DOCTYPE html> <html lang="en"> <head> <meta charset="utf-8"> <meta http-equiv="X-UA-Compatible" content="IE=edge"> <meta name="viewport" content="width=device-width, initial-scale=1"> <!-- The above 3 meta tags *must* come first in the head; any other head content must come *after* these tags --> <meta name="description" content=""> <meta name="author" content=""> <link rel="icon" href="../../favicon.ico"> <title>Minecore Times - Úvodní stránka</title> <!-- Bootstrap core CSS --> <link href="../css/bootstrap.min.css" rel="stylesheet">
<?php session_start(); require_once '../../config.php'; require_once '../../model/mysql_query.php'; if (isset($_POST['username']) && isset($_POST['password'])) { $username = $_POST['username']; $password = $_POST['password']; if (checkAccount($username, $password)) { $_SESSION['username'] = $username; echo true; } else { echo "Password or Username are wrong"; } } mysql_close($db);
function migrateUserStats() { $denora = new mysqli(DENORA_HOSTNAME, DENORA_USERNAME, DENORA_PASSWORD, DENORA_DATABASE); $anope = new mysqli(ANOPE_HOSTNAME, ANOPE_USERNAME, ANOPE_PASSWORD, ANOPE_DATABASE); $result = $denora->query("SELECT * FROM ustats ORDER BY chan, `type`", MYSQLI_USE_RESULT); while ($row = $result->fetch_assoc()) { $account = getAccount($row['uname']); if (!$account) { continue; } if (!checkAccount($account)) { continue; } $query = sprintf("INSERT INTO anope_chanstats (chan, nick, `type`, letters, words, line, actions, smileys_other, kicks, modes, topics,\r\n\t\ttime0, time1, time2, time3, time4, time5, time6, time7, time8, time9, time10, time11,\r\n\t\ttime12, time13, time14, time15, time16, time17, time18, time19, time20, time21, time22, time23)\r\n\t\tVALUES('%s', '%s', '%s', %d, %d, %d, %d, %d, %d, %d, %d, %d, %d, %d, %d, %d, %d, %d, %d, %d, %d, %d, %d, %d, %d, %d, %d, %d, %d, %d, %d, %d, %d, %d, %d)\r\n\t\tON DUPLICATE KEY UPDATE letters = letters + %d, words = words + %d, line = line + %d, actions = actions + %d, smileys_other = smileys_other + %d,\r\n\t\tkicks = kicks + %d, modes = modes + %d, topics = topics + %d,\r\n\t\ttime0 = time0 + %d, time1 = time1 + %d, time2 = time2 + %d, time3 = time3 + %d, time4 = time4 + %d, time5 = time5 + %d,\r\n\t\ttime6 = time6 + %d, time7 = time7 + %d, time8 = time8 + %d, time9 = time9 + %d, time10 = time10 + %d, time11 = time11 + %d,\r\n\t\ttime12 = time12 + %d, time13 = time13 + %d, time14 = time14 + %d, time15 = time15 + %d, time16 = time16 + %d, time17 = time17 + %d,\r\n\t\ttime18 = time18 + %d, time19 = time19 + %d, time20 = time20 + %d, time21 = time21 + %d, time22 = time22 + %d, time23 = time23 + %d\r\n\t\t", $row['chan'] == 'global' ? '' : $row['chan'], $account, getAnopeChanstatsType($row['type']), $row['letters'], $row['words'], $row['line'], $row['actions'], $row['smileys'], $row['kicks'], $row['modes'], $row['topics'], $row['time0'], $row['time1'], $row['time2'], $row['time3'], $row['time4'], $row['time5'], $row['time6'], $row['time7'], $row['time8'], $row['time9'], $row['time10'], $row['time11'], $row['time12'], $row['time13'], $row['time14'], $row['time15'], $row['time16'], $row['time17'], $row['time18'], $row['time19'], $row['time20'], $row['time21'], $row['time22'], $row['time23'], $row['letters'], $row['words'], $row['line'], $row['actions'], $row['smileys'], $row['kicks'], $row['modes'], $row['topics'], $row['time0'], $row['time1'], $row['time2'], $row['time3'], $row['time4'], $row['time5'], $row['time6'], $row['time7'], $row['time8'], $row['time9'], $row['time10'], $row['time11'], $row['time12'], $row['time13'], $row['time14'], $row['time15'], $row['time16'], $row['time17'], $row['time18'], $row['time19'], $row['time20'], $row['time21'], $row['time22'], $row['time23']); if (!$anope->query($query)) { die('FAILURE: ' . $query); } } $result->close(); $denora->close(); $anope->close(); }
<img border="0" src="logo.jpg"/> </a> <img id="upl" border="0" src="upload.jpg"/> <form id="uploadform" action="add.php" method="post" enctype="multipart/form-data"> <label for="file">Filename:</label> <input type="file" name="file" id="file" /> <br /> <label for="title">Movie title:</label> <input value="" title="movie title" size="22" name="title" maxlength="255" /> <input type="submit" name="submit" value="Submit" /> </form> <?php require "db_utils.php"; if (isset($_POST['title'])) { checkAccount(); } ?> <div id="back"> <script type="text/javascript"> function goBack() { window.history.back() } </script> <a href="javascript:goBack()">Back</a> </div>
<?php include_once '../functions.php'; checklogin(); $conn = opendb(); if ($loggedin == 1) { $account = sanitise('account'); $sd = sanitise('sd'); $sm = sanitise('sm'); $sy = sanitise('sy'); $ed = sanitise('ed'); $em = sanitise('em'); $ey = sanitise('ey'); $value = sanitise('value'); $order = sanitise('order'); $field = sanitise('field'); $perpage = intval(sanitise('perpage')); if ($perpage == 0) { $perpage = 20; } $offset = intval(sanitise('offset')); checkAccount($user, $account, 0); $startdate = strtotime($sm . "/" . $sd . "/" . $sy) - 1; $enddate = strtotime($em . "/" . $ed . "/" . $ey) + 1; if ($enddate < $startdate) { $enddate = $startdate + 2; } statement($perpage, $user, $order, $account, $offset, $value, $field, $startdate, $enddate); } else { loginform(); }
<head> <title>WAPAgenda Administration</title> </head> <body> <?php if (!session_is_registered("account")) { function checkAccount($account, $password) { include "./../connect.php"; $sql = "select * from accounts where account='" . $account . "' and password='******' and state=1"; $result = mysql_query($sql); $num = mysql_num_rows($result); return $num > 0; } if (isset($account) && isset($password)) { if (checkAccount($account, $password)) { include "./stat.php"; session_register("account"); } } ?> <h1 align="center">Welcom to</h1> <p align="center"><img src="./../logo.jpg"></p> <p>Today is <?php print date("j of F Y, \\a\\t g.i a", time()); ?> .</p> <p>Please, enter your account and your password than validate.</p> <form action="index.php" method="post"> <table align="center"> <tr><td>Account: </td><td><input type="text" name="account"></td></tr>
<?php session_start(); $input_id = $_POST[id]; $input_pw = $_POST[password]; $user_info = checkAccount($input_id, $input_pw); if (empty($user_info)) { $_SESSION["login_error"] = "帳號密碼錯誤"; header("Location: http://127.0.0.1/PSMS/login.php"); } else { $_SESSION["user_id"] = $input_id; $_SESSION["user_name"] = $user_info[0]; $_SESSION["user_isAdmin"] = $user_info[1]; if (isset($_SESSION["login_error"])) { unset($_SESSION["login_error"]); } if ($_SESSION["user_isAdmin"]) { header("Location: http://127.0.0.1/PSMS/manager.php"); } else { header("Location: http://127.0.0.1/PSMS/employee.php"); } } function checkAccount($id, $pw) { $db_host = "127.0.0.1"; $db_user = "******"; $db_pass = "******"; $db_select = "PSMS"; $db_connect = "mysql:host=" . $db_host . ";dbname=" . $db_select; $db_go = new PDO($db_connect, $db_user, $db_pass); $db_go->exec("SET NAMES UTF8");
function updatereconcile($user, $account, $value) { $account = checkAccount($user, $account, 0); $query = "UPDATE accounts SET ReconciledTotal='{$value}' WHERE AccountID='{$account}'"; mysql_query($query) or die(mysql_error()); if ($account != 0) { $account = "AccountID='{$account}' AND "; } else { $account = NULL; } $query = "SELECT * FROM payments WHERE " . $account . " UserID='{$user}' AND Reconciled='1'"; $result = mysql_query($query) or die(mysql_error()); $recbal = 0; while ($row = mysql_fetch_assoc($result)) { $recbal = $recbal + $row['PaymentAmount']; } $diff = $value - $recbal; $recbal = displayamount($recbal, $user); $diff = displayamount($diff, $user); echo "Reconciled Balance: " . $recbal . " Difference: " . $diff; }
include_once '../functions.php'; checklogin(); $conn = opendb(); if ($loggedin == 1) { $id = sanitise('id'); $otherparty = sanitise('o'); $toaccount = sanitise('toaccount'); $toaccount = checkAccount($user, $toaccount, 0); $desc = sanitise('d'); $amount = sanitise('a'); $type = sanitise('t'); $d = sanitise('day'); $m = sanitise('month'); $y = sanitise('year'); $account = sanitise('account'); $account = checkAccount($user, $account); $label = sanitise('label'); $label = checklabel($user, $label); $time = strtotime($m . "/" . $d . "/" . $y); if ($toaccount != 0) { $otherparty = getaccountname($toaccount); } $query = "UPDATE payments SET "; if ($otherparty != NULL) { $query = $query . "PaymentName='{$otherparty}', "; } if ($desc != NULL) { $query = $query . "PaymentDesc='{$desc}', "; } if ($amount != NULL) { $query = $query . "PaymentAmount='{$amount}', ";
$accsel = checkAccount($user, $accsel, 0); $order = sanitise('order'); $rt = sanitise('rt'); $rf = sanitise('rf'); $offset = sanitise('offset'); $recvalue = sanitise('recvalue'); $perpage = sanitise('perpage'); $field = sanitise('field'); $label = sanitise('label'); $label = checklabel($user, $label); $time = strtotime($m . "/" . $d . "/" . $y); if ($amount != NULL && $otherparty != NULL && $desc != NULL) { $account = checkAccount($user, $account); if (substr($otherparty, 0, 11) == 'ThisAccount') { $toaccount = substr($otherparty, 11); $toaccount = checkAccount($user, $toaccount, 0); if ($toaccount != 0) { $theotherparty = getaccountname($account); $toamount = -$amount; $query = "INSERT INTO payments (UserID, AccountID, Timestamp, PaymentName, PaymentDesc, PaymentAmount, PaymentType, ToAccount, LabelID) VALUES ('{$user}', '{$toaccount}', '{$time}', '{$theotherparty}', '{$desc}', '{$toamount}', '{$type}', '{$account}', '{$label}')"; mysql_query($query) or die(mysql_error() . " addpayment#001"); $insertid = mysql_insert_id(); $otherparty = getaccountname($toaccount); } } if ($insertid == NULL) { $insertid = 0; } $query = "INSERT INTO payments (UserID, AccountID, Timestamp, PaymentName, PaymentDesc, PaymentAmount, PaymentType, ToAccount, PairedID, LabelID) VALUES ('{$user}', '{$account}', '{$time}', '{$otherparty}', '{$desc}', '{$amount}', '{$type}', '{$toaccount}', '{$insertid}', '{$label}')"; mysql_query($query) or die(mysql_error() . " addpayment#002"); $paymentid = mysql_insert_id();