function updateUserLevel($fromLevel, $toLevel)
{
global $userid;
$fromLevel = escape($fromLevel);
$toLevel = escape($toLevel);
$updateQuery = mysql_query("INSERT INTO `user_level` (`userid`, `from`, `to`) VALUES ('{$userid}','{$fromLevel}','{$toLevel}')") or die(mysql_erro());
if ($updateQuery) {
return true;
} else {
return false;
}
}
<?php
$con = mysql_connect("localhost", "instinct_noel", "cuttingRoom");
if (!con) {
die('Could not connect: ' . mysql_erro());
}
mysql_select_db("instinct_freebird", $con);
if (@$_GET['numberOfMoves']) {
//echo "You said \"{$_GET['numberOfMoves']}\"";
$numberOfMoves = $_GET['numberOfMoves'];
$userID = $_GET['user'];
$sql = "INSERT INTO numberOfMoves (movesMade)\n\tVALUES\n\t('{$numberOfMoves}')";
if (!mysql_query($sql, $con)) {
die('Error: ' . mysql_error());
}
}
mysql_close($con);
if ($act == 'load') {
$query1 = mysql_query("select user_security from sdcac_user_table where user_id='{$id}'") or die(mysql_error());
if (mysql_num_rows($query1) == 1) {
$d1 = mysql_fetch_array($query1);
echo $d1[0];
} else {
echo "Invalid ID/Un Registered ID";
}
} else {
if ($act = 'action') {
$qu = htmlentities(addslashes($_POST['us_qu']));
$ans = $_POST['us_ans'];
$query2 = mysql_query("select * from sdcac_user_table where user_id='{$id}' and user_answer='{$ans}'") or die(mysql_error());
if (mysql_num_rows($query2) != 1) {
$ans = encrypt($ans);
$query2 = mysql_query("select * from sdcac_user_table where user_id='{$id}' and user_answer='{$ans}'") or die(mysql_erro());
}
$pas = encrypt($_POST['us_pass']);
if (mysql_num_rows($query2) == 1) {
$query3 = mysql_query("update sdcac_user_table set user_password='******' where user_id='{$id}'") or die(mysql_error());
if ($query3) {
echo <<<s
\t\t\t\t<div style='width:60%;height:60%;font-weight:1em;color:#330099;margin-left:20%'>
\t\t\t\t<div class='notification confirm' style="width:110%"><em><img alt='' src='assets/img/icons/tick_circle.png'></img>
\t\t\t\tPassword Changed
\t\t\t\t<img style="float:right;cursor:pointer;" src="assets/img/icons/cross.png" onclick="\$('#register_black').fadeOut()"></img>
\t\t\t\t</em></div>
\t\t\t\tYour Password is Changed...</br></br>Other Details are not Modified</br></br>Login with new Password
\t\t\t\t</div>
s;
}
?>
<strong>Search:</strong> <input type="text" id="search_key" /> <button id="find" onClick="return false" class="button">Find</button>
<strong>Period: </strong><select id="period" name="period" class="size1" style="width:150px">
<?php
if ($accessLevel < 3) {
?>
<?php
$firstDate = 0;
$result = mysql_query("SELECT MIN(date) AS date FROM invoices LIMIT 1;") or die(mysql_error());
if (mysql_num_rows($result) > 0) {
$row = mysql_fetch_assoc($result);
$firstDate = $row['date'];
}
$result = mysql_query("SELECT MIN(expense_date) AS date FROM expenses LIMIT 1;") or die(mysql_erro());
if (mysql_num_rows($result) > 0) {
$row = mysql_fetch_assoc($result);
$firstDate = $row['date'] < $firstDate ? $row['date'] : $firstDate;
}
$result = mysql_query("SELECT MIN(date) AS date FROM waste LIMIT 1;") or die(mysql_error());
if (mysql_num_rows($result) > 0) {
$row = mysql_fetch_assoc($result);
$firstDate = $row['date'] < $firstDate ? $row['date'] : $firstDate;
}
$result = mysql_query("SELECT MIN(date) AS date FROM stock_arrival LIMIT 1;") or die(mysql_error());
if (mysql_num_rows($result) > 0) {
$row = mysql_fetch_assoc($result);
$firstDate = $row['date'] < $firstDate ? $row['date'] : $firstDate;
}
$firstYear = date('m', $firstDate) >= 7 ? date('Y', $firstDate) : date('Y', $firstDate) - 1;
}
//closedir($handle);
}
break;
case 'excelDetail':
$kodeorg = $_GET['kdOrg'];
$tgl = $_GET['tgl'];
$sKary = "select namakaryawan,karyawanid from " . $dbname . ".datakaryawan where lokasitugas='" . substr($kodeorg, 0, 4) . "'";
$qKary = mysql_query($sKary) or die(mysql_error());
while ($rKary = mysql_fetch_assoc($qKary)) {
$rArrKary[$rKary['karyawanid']] = $rKary['namakaryawan'];
}
$tab .= "\r\n <table class=sortable cellpadding=1 border=1>\r\n <thead>\r\n <tr class=rowheader>\r\n <td bgcolor=#DEDEDE align=center>No.</td>\r\n <td bgcolor=#DEDEDE align=center>" . $_SESSION['lang']['notransaksi'] . "</td>\r\n <td bgcolor=#DEDEDE align=center>" . $_SESSION['lang']['blok'] . "</td>\r\n <td bgcolor=#DEDEDE align=center>" . $_SESSION['lang']['nikmandor'] . "</td> \r\n <td bgcolor=#DEDEDE align=center>" . $_SESSION['lang']['namakaryawan'] . "</td>\r\n <td bgcolor=#DEDEDE align=center>" . $_SESSION['lang']['hasilkerja'] . "</td>\r\n <td bgcolor=#DEDEDE align=center>" . $_SESSION['lang']['hasilkerjakg'] . "</td>\r\n <td bgcolor=#DEDEDE align=center>" . $_SESSION['lang']['upahkerja'] . "</td>\r\n <td bgcolor=#DEDEDE align=center>" . $_SESSION['lang']['upahpenalty'] . "</td>\r\n <td bgcolor=#DEDEDE align=center>" . $_SESSION['lang']['premibasis'] . "</td>\r\n <td bgcolor=#DEDEDE align=center>" . $_SESSION['lang']['upahpremi'] . "</td>\r\n <td bgcolor=#DEDEDE align=center>" . $_SESSION['lang']['rupiahpenalty'] . "</td>\r\n </tr></thead><tbody>\r\n ";
$sPrestasi = "select a.*,b.tanggal,b.nikmandor from " . $dbname . ".kebun_prestasi a \r\n left join " . $dbname . ".kebun_aktifitas b on a.notransaksi=b.notransaksi \r\n where a.kodeorg='" . $kodeorg . "' and b.tanggal='" . $tgl . "' and b.tipetransaksi='PNN'";
//echo $sPrestasi;
$qPrestasi = mysql_query($sPrestasi) or die(mysql_erro($conn));
while ($rPrestasi = mysql_fetch_assoc($qPrestasi)) {
$no += 1;
$tab .= "<tr class=rowcontent>\r\n <td>" . $no . "</td>\r\n <td>" . $rPrestasi['notransaksi'] . "</td>\r\n <td>" . $rPrestasi['kodeorg'] . "</td>";
if ($tempNik != $rPrestasi['nikmandor']) {
$brs = 1;
}
if ($brs == 1) {
$tempNik = $rPrestasi['nikmandor'];
$tab .= "<td>" . $rArrKary[$rPrestasi['nikmandor']] . "</td>";
$brs = 0;
} else {
$tab .= "<td> </td>";
}
$tab .= "\r\n <td>" . $rArrKary[$rPrestasi['nik']] . "</td>\r\n <td align=right>" . number_format($rPrestasi['hasilkerja'], 2) . "</td>\r\n <td align=right>" . number_format($rPrestasi['hasilkerjakg'], 2) . "</td>\r\n <td align=right>" . number_format($rPrestasi['upahkerja'], 2) . "</td>\r\n <td align=right>" . number_format($rPrestasi['upahpenalty'], 2) . "</td>\r\n <td align=right>" . number_format($rPrestasi['premibasis'], 2) . "</td>\r\n <td align=right>" . number_format($rPrestasi['upahpremi'], 2) . "</td>\r\n <td align=right>" . number_format($rPrestasi['rupiahpenalty'], 2) . "</td>\r\n </tr>";
$totKerja += $rPrestasi['hasilkerja'];