function updatePasswd($username, $password)
{
if (!existUser($username)) {
return 0;
}
$query = "update account set password = '******' where username = '******'";
$result = mysql_query($query);
if (!$result) {
die("updatePasswd() failed. Could not query the database: <br />" . mysql_error());
}
return 1;
}
function Cadas($nome, $user, $senha)
{
global $servername;
global $username;
global $password;
global $bdname;
// Create connection
$conn = new mysqli($servername, $username, $password, $bdname);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
$sql = "INSERT INTO UserTab (Nome, Nickname, Senha) VALUES ('" . $nome . "', '" . $user . "','" . $senha . "')";
if (existUser($conn, $user) == false) {
if ($conn->query($sql) === TRUE) {
criaPersonagens();
} else {
echo "Not Add<br>";
}
}
$conn->close();
}
$errortext_friend = "user " . $_POST["friend"] . " doesn't exist";
} else {
$result = addFriend($_SESSION["username"], $_POST["friend"]);
if ($result === 0) {
$errortext_friend = "you are a foe of " . $_POST["contact"] . ", you can't add " . $_POST["contact"] . " as a friend";
} else {
$errortext_friend = "add contact successfully";
}
}
}
} else {
if (!empty($_POST["foe"])) {
if ($_POST["foe"] === $_SESSION["username"]) {
$errortext_foe = "can't add yourself";
} else {
if (existUser($_POST["foe"]) === 0) {
$errortext_foe = "user " . $_POST["foe"] . " doesn't exist";
} else {
addFoe($_SESSION["username"], $_POST["foe"]);
$errortext_foe = "add foe successfully";
}
}
}
}
}
$contacts = getContacts($_SESSION["username"]);
$friends = getFriends($_SESSION["username"]);
$foes = getFoes($_SESSION["username"]);
render("contact_template.php", ["contacts" => $contacts, "friends" => $friends, "foes" => $foes, "errortext_contact" => $errortext_contact, "errortext_friend" => $errortext_friend, "errortext_foe" => $errortext_foe, "titile" => "Contact"]);
} else {
$contacts = getContacts($_SESSION["username"]);
function citacionClienteCompuesto($cliente)
{
global $conn;
$str_datos = file_get_contents("json/totvs_clientes_compuestos.json");
$datos = json_decode($str_datos, true);
foreach ($datos as $inx => $row) {
if (trim($row['codigo']) == trim($cliente)) {
// verifico que el cliente no este ya cargado
$existUser = existUser($cliente);
if ($existUser == "true") {
// inserto el cliente
$sql_insert_user = "******";
$sql_insert_user .= "values('',0,'" . mysql_real_escape_string($row['nombre']) . "','" . date('Y-m-d H:i:s') . "',0,NULL,0,0,3,'" . mysql_real_escape_string($row['codigo']) . "','1')";
executeQuery($sql_insert_user, $conn);
$userid = mysql_insert_id($conn);
} else {
$userid = $existUser;
}
return $userid;
}
}
}
$sql_insert_user .= mysql_real_escape_string($_POST["cliente_uno_totvs"]) . "',NULL,'" . mysql_real_escape_string($_POST["cliente_uno_tipo"]) . "',0,NULL,NULL,'" . mysql_real_escape_string($_POST["cliente_uno_telefono"]) . "','" . mysql_real_escape_string($_POST["cliente_uno_direccion"]) . "')";
executeQuery($sql_insert_user, $conn);
$var_userid = mysql_insert_id($conn);
} else {
$var_userid = $existUser;
}
}
} else {
echo 'error';
die;
}
// inserto cliente dos
$var_userid_dos = 'NULL';
if ($_POST["cliente_dos_tipo"] != "" and $_POST["cliente_dos_nombre"] != "" and $_POST["cliente_dos_direccion"] != "" and $_POST["cliente_dos_telefono"] != "" and $_POST["cliente_dos_totvs"] != "") {
// verifico que el cliente no este ya cargado
$existUser = existUser($_POST["cliente_dos_totvs"]);
if ($existUser == "true") {
// insertar cliente
$sql_insert_user = "******";
$sql_insert_user .= "values('',0,'" . mysql_real_escape_string(utf8_decode($_POST["cliente_dos_nombre"])) . "','" . mysql_real_escape_string($_POST["cliente_dos_email"]) . "','','','" . date('Y-m-d H:i:s') . "',0,NULL,0,0,3,'";
$sql_insert_user .= mysql_real_escape_string($_POST["cliente_dos_totvs"]) . "',NULL,'" . mysql_real_escape_string($_POST["cliente_dos_tipo"]) . "',0,NULL,NULL,'" . mysql_real_escape_string($_POST["cliente_dos_telefono"]) . "','" . mysql_real_escape_string($_POST["cliente_dos_direccion"]) . "')";
executeQuery($sql_insert_user, $conn);
$var_userid_dos = mysql_insert_id($conn);
} else {
$var_userid_dos = $existUser;
}
}
// citacion
/*if ( $_POST["citacion"] != "" )
{
$citacion["citacion_tipo"] = $_POST["citacion"];
<?
include_once('../database/userFunc.php');
include_once('../database/eventFunc.php');
$name = $_POST['name'];
$evento = $_POST['evento'];
$idEvent = getEventId($evento);
if (!existUser($name)){
echo "user_not_exist";
return false;
}
$idUser = getUserID($name);
try {
$invite = invite($idUser, $idEvent);
if ($invite === false){
echo "fail";
}
else if ($invite === true){
echo "success";
}
} catch (PDOException $e) {
die($e->getMessage());
}
?>
<?
include_once('../database/userFunc.php');
$oldname = $_POST['antigoNome'];
$username = $_POST['username'];
$pw = $_POST['pw'];
$npw = $_POST['npw'];
$npw2 = $_POST['npw2'];
try {
if ($oldname != $username){
$user = existUser($username);
if ($user === true){
echo "username_in_use";
}
else{
if (getUser($oldname, $pw)){
$user = editUser($oldname, $username, $pw);
echo "name_changed";
session_start();
$_SESSION['username'] = $username;
}
else{
echo "wrong_password";
}
}
}
else if ($pw == "" || $npw == "" ||$npw2 == ""){
echo "fill_all_pw";
