function update($conn) { $user = $_GET["user"]; $pass = $_GET["pass"]; if (check_duplicate($conn, $user, $pass) === true) { echo "duplicate"; } else { $original_password = $_GET["original_password"]; $sql = "UPDATE id_table SET user='******', pass='******' WHERE pass='******'"; if ($conn->query($sql) === TRUE) { echo "update"; } else { echo "error update record: " . $conn->error; } } }
} } } if (isset($_POST['cmt_save'])) { if ($_POST['cmt_save'] != 'reload') { ###### Aktualisieren oder erstellern ###### $_POST['language'] = 'de'; $_POST['c_active'] = isset($_POST['c_active']) ? 1 : 0; unset($_POST['cmt_save'], $_POST['update_parent'], $_POST['id'], $_POST['levels']); if (!isset($_POST['title']) or !$_POST['title']) { $alert['title'] = 'error'; } if (isset($_POST['title'])) { $_POST['title'] = strtoupper(str_replace(" ", "_", $_POST['title'])); } if (check_duplicate($_POST['title']) === true) { $alert['title'] = array('type' => 'error', 'label' => 'DUPLICATE'); } $update_parent = true; if (!isset($alert)) { if (isset($action) && $action == 'edit') { $num = count($_POST); $i = 0; $sql = "UPDATE " . $_SESSION['TABLE_PREFIX'] . $modul . " SET "; foreach ($_POST as $key => $val) { $i++; $sql .= $key . " = '" . $val . "'"; if ($i != $num) { $sql .= ", "; } }
} elseif ($action == "deletedownload") { $eventid = safesql($_GET['event'], "int"); $data->delete_query("calendar_downloads", "id={$safe_id}"); show_message("Download Removed", "index.php?page=mythings&cat=events&action=signups&id={$eventid}&activetab=ical&menuid={$menuid}"); } elseif ($action == "newfield" || $action == "editfield") { $pagenum = 12; $tpl->assign("action", $action); $eventid = safesql($_GET['event'], "int"); if ($action == "editfield") { $item = $data->select_fetch_one_row("profilefields", "WHERE id={$safe_id}"); $item['options'] = unserialize($item['options']); $tpl->assign("item", $item); } if ($_POST['Submit'] == "Submit") { $name = safesql(str_replace(" ", "", $_POST['name']), "text"); if (check_duplicate("profilefields", "name", $name, $safe_id)) { show_message("A field with that name already exists"); } $query = safesql($_POST['query'], "text"); $hint = safesql($_POST['hint'], "text"); $required = safesql($_POST['required'], "int"); $register = safesql($_POST['register'], "int"); $type = safesql($_POST['type'], "int"); switch ($_POST['type']) { case 1: $options = $_POST['options']; break; case 2: $options = $_POST['options']; break; case 3:
function setAdmin($conn, $user, $pass, $Admin) { if (check_duplicate($conn, $user, $pass) == true) { echo "duplicate"; } else { $sql = "INSERT INTO id_table (user, pass,Admin) VALUES ('{$user}','{$pass}','yes')"; if ($conn->query($sql) === TRUE) { $return_pair = "[{\"" . $user . "\"" . ":" . "\"" . $pass . "\"}]"; echo $return_pair; } else { echo "Error: " . $sql . "<br>" . $conn->error; } } }
function setAdmin($conn, $realname, $user, $pass, $Admin) { if (check_duplicate($conn, $realname, $user, $pass) == true) { echo "duplicate"; } else { $sql = "INSERT INTO id_table (realname, user, pass,Admin) VALUES ('{$realname}','{$user}','{$pass}','{$Admin}')"; //$sql = "INSERT INTO id_table (realname, user, pass,Admin) VALUES ('$realname',$user','$pass','yes')"; //$sql = "INSERT INTO id_table (user, pass,Admin) VALUES ('$user','$pass','yes')"; if ($conn->query($sql) === TRUE) { $return_pair = '{"logs":[{"real":"' . $realname . '", "user":"******","pass":"******"}]}'; //$return_pair = "[{\"".$user."\"".":"."\"".$pass."\"}]"; echo $return_pair; } else { echo "Error: " . $sql . "<br>" . $conn->error; } } }
function login($conn, $user, $pass) { $check = check_duplicate($conn, $user, $pass); if ($check) { echo "login"; } else { echo "0result"; } }
function update($conn) { $user = $_GET["user"]; $pass = $_GET["pass"]; if (check_duplicate($conn, $user, $pass) === true) { echo "duplicate"; } else { $original_password = $_GET["original_password"]; $original_username = $_GET["original_username"]; $sql = "UPDATE id_table SET user='******', pass='******' WHERE user='******' AND pass='******'"; if ($conn->query($sql) === TRUE) { echo "update"; } else { echo "fail_update"; } /* $sql = "DELETE FROM id_table WHERE user='******' AND pass='******'"; $v1 = $conn ->query($sql); $sql = "INSERT INTO id_table (user, pass) VALUES ('$user','$pass')"; $v2 = $conn ->query($sql); if($v1 && $v2){ echo "update"; } else echo "duplicate".$conn->error; */ } }
unset($_POST['password']); } else { $_POST['password_salt'] = md5(time()); $_POST['password'] = md5($_POST['password_salt'] . $_POST['password']); } } ###### Aktualisieren oder erstellern ###### unset($_POST['cmt_save'], $_POST['update_parent'], $_POST['id'], $_POST['levels']); $_POST['c_active'] = isset($_POST['c_active']) ? 1 : 0; if (!isset($_POST['username']) or !$_POST['username']) { $alert['username'] = '******'; } if (check_duplicate($_POST['username'], 'username') === true) { $alert['username'] = array('type' => 'error', 'label' => 'DUPLICATE'); } if (check_duplicate($_POST['email'], 'email') === true) { $alert['email'] = array('type' => 'error', 'label' => 'DUPLICATE'); } $update_parent = true; if (!isset($alert)) { if (isset($action) && $action == 'edit') { $num = count($_POST); $i = 0; $sql = "UPDATE " . $_SESSION['TABLE_PREFIX'] . $modul . " SET "; foreach ($_POST as $key => $val) { $i++; $sql .= $key . " = '" . $val . "'"; if ($i != $num) { $sql .= ", "; } }