function update($conn)
{
$user = $_GET["user"];
$pass = $_GET["pass"];
if (check_duplicate($conn, $user, $pass) === true) {
echo "duplicate";
} else {
$original_password = $_GET["original_password"];
$sql = "UPDATE id_table SET user='******', pass='******' WHERE pass='******'";
if ($conn->query($sql) === TRUE) {
echo "update";
} else {
echo "error update record: " . $conn->error;
}
}
}
}
}
}
if (isset($_POST['cmt_save'])) {
if ($_POST['cmt_save'] != 'reload') {
###### Aktualisieren oder erstellern ######
$_POST['language'] = 'de';
$_POST['c_active'] = isset($_POST['c_active']) ? 1 : 0;
unset($_POST['cmt_save'], $_POST['update_parent'], $_POST['id'], $_POST['levels']);
if (!isset($_POST['title']) or !$_POST['title']) {
$alert['title'] = 'error';
}
if (isset($_POST['title'])) {
$_POST['title'] = strtoupper(str_replace(" ", "_", $_POST['title']));
}
if (check_duplicate($_POST['title']) === true) {
$alert['title'] = array('type' => 'error', 'label' => 'DUPLICATE');
}
$update_parent = true;
if (!isset($alert)) {
if (isset($action) && $action == 'edit') {
$num = count($_POST);
$i = 0;
$sql = "UPDATE " . $_SESSION['TABLE_PREFIX'] . $modul . " SET ";
foreach ($_POST as $key => $val) {
$i++;
$sql .= $key . " = '" . $val . "'";
if ($i != $num) {
$sql .= ", ";
}
}
} elseif ($action == "deletedownload") {
$eventid = safesql($_GET['event'], "int");
$data->delete_query("calendar_downloads", "id={$safe_id}");
show_message("Download Removed", "index.php?page=mythings&cat=events&action=signups&id={$eventid}&activetab=ical&menuid={$menuid}");
} elseif ($action == "newfield" || $action == "editfield") {
$pagenum = 12;
$tpl->assign("action", $action);
$eventid = safesql($_GET['event'], "int");
if ($action == "editfield") {
$item = $data->select_fetch_one_row("profilefields", "WHERE id={$safe_id}");
$item['options'] = unserialize($item['options']);
$tpl->assign("item", $item);
}
if ($_POST['Submit'] == "Submit") {
$name = safesql(str_replace(" ", "", $_POST['name']), "text");
if (check_duplicate("profilefields", "name", $name, $safe_id)) {
show_message("A field with that name already exists");
}
$query = safesql($_POST['query'], "text");
$hint = safesql($_POST['hint'], "text");
$required = safesql($_POST['required'], "int");
$register = safesql($_POST['register'], "int");
$type = safesql($_POST['type'], "int");
switch ($_POST['type']) {
case 1:
$options = $_POST['options'];
break;
case 2:
$options = $_POST['options'];
break;
case 3:
function setAdmin($conn, $user, $pass, $Admin)
{
if (check_duplicate($conn, $user, $pass) == true) {
echo "duplicate";
} else {
$sql = "INSERT INTO id_table (user, pass,Admin) VALUES ('{$user}','{$pass}','yes')";
if ($conn->query($sql) === TRUE) {
$return_pair = "[{\"" . $user . "\"" . ":" . "\"" . $pass . "\"}]";
echo $return_pair;
} else {
echo "Error: " . $sql . "<br>" . $conn->error;
}
}
}
function setAdmin($conn, $realname, $user, $pass, $Admin)
{
if (check_duplicate($conn, $realname, $user, $pass) == true) {
echo "duplicate";
} else {
$sql = "INSERT INTO id_table (realname, user, pass,Admin) VALUES ('{$realname}','{$user}','{$pass}','{$Admin}')";
//$sql = "INSERT INTO id_table (realname, user, pass,Admin) VALUES ('$realname',$user','$pass','yes')";
//$sql = "INSERT INTO id_table (user, pass,Admin) VALUES ('$user','$pass','yes')";
if ($conn->query($sql) === TRUE) {
$return_pair = '{"logs":[{"real":"' . $realname . '", "user":"******","pass":"******"}]}';
//$return_pair = "[{\"".$user."\"".":"."\"".$pass."\"}]";
echo $return_pair;
} else {
echo "Error: " . $sql . "<br>" . $conn->error;
}
}
}
function login($conn, $user, $pass)
{
$check = check_duplicate($conn, $user, $pass);
if ($check) {
echo "login";
} else {
echo "0result";
}
}
function update($conn)
{
$user = $_GET["user"];
$pass = $_GET["pass"];
if (check_duplicate($conn, $user, $pass) === true) {
echo "duplicate";
} else {
$original_password = $_GET["original_password"];
$original_username = $_GET["original_username"];
$sql = "UPDATE id_table SET user='******', pass='******' WHERE user='******' AND pass='******'";
if ($conn->query($sql) === TRUE) {
echo "update";
} else {
echo "fail_update";
}
/*
$sql = "DELETE FROM id_table WHERE user='******' AND pass='******'";
$v1 = $conn ->query($sql);
$sql = "INSERT INTO id_table (user, pass) VALUES ('$user','$pass')";
$v2 = $conn ->query($sql);
if($v1 && $v2){
echo "update";
}
else
echo "duplicate".$conn->error;
*/
}
}
unset($_POST['password']);
} else {
$_POST['password_salt'] = md5(time());
$_POST['password'] = md5($_POST['password_salt'] . $_POST['password']);
}
}
###### Aktualisieren oder erstellern ######
unset($_POST['cmt_save'], $_POST['update_parent'], $_POST['id'], $_POST['levels']);
$_POST['c_active'] = isset($_POST['c_active']) ? 1 : 0;
if (!isset($_POST['username']) or !$_POST['username']) {
$alert['username'] = '******';
}
if (check_duplicate($_POST['username'], 'username') === true) {
$alert['username'] = array('type' => 'error', 'label' => 'DUPLICATE');
}
if (check_duplicate($_POST['email'], 'email') === true) {
$alert['email'] = array('type' => 'error', 'label' => 'DUPLICATE');
}
$update_parent = true;
if (!isset($alert)) {
if (isset($action) && $action == 'edit') {
$num = count($_POST);
$i = 0;
$sql = "UPDATE " . $_SESSION['TABLE_PREFIX'] . $modul . " SET ";
foreach ($_POST as $key => $val) {
$i++;
$sql .= $key . " = '" . $val . "'";
if ($i != $num) {
$sql .= ", ";
}
}
