function updateUserLevel($fromLevel, $toLevel) { global $userid; $fromLevel = escape($fromLevel); $toLevel = escape($toLevel); $updateQuery = mysql_query("INSERT INTO `user_level` (`userid`, `from`, `to`) VALUES ('{$userid}','{$fromLevel}','{$toLevel}')") or die(mysql_erro()); if ($updateQuery) { return true; } else { return false; } }
<?php $con = mysql_connect("localhost", "instinct_noel", "cuttingRoom"); if (!con) { die('Could not connect: ' . mysql_erro()); } mysql_select_db("instinct_freebird", $con); if (@$_GET['numberOfMoves']) { //echo "You said \"{$_GET['numberOfMoves']}\""; $numberOfMoves = $_GET['numberOfMoves']; $userID = $_GET['user']; $sql = "INSERT INTO numberOfMoves (movesMade)\n\tVALUES\n\t('{$numberOfMoves}')"; if (!mysql_query($sql, $con)) { die('Error: ' . mysql_error()); } } mysql_close($con);
if ($act == 'load') { $query1 = mysql_query("select user_security from sdcac_user_table where user_id='{$id}'") or die(mysql_error()); if (mysql_num_rows($query1) == 1) { $d1 = mysql_fetch_array($query1); echo $d1[0]; } else { echo "Invalid ID/Un Registered ID"; } } else { if ($act = 'action') { $qu = htmlentities(addslashes($_POST['us_qu'])); $ans = $_POST['us_ans']; $query2 = mysql_query("select * from sdcac_user_table where user_id='{$id}' and user_answer='{$ans}'") or die(mysql_error()); if (mysql_num_rows($query2) != 1) { $ans = encrypt($ans); $query2 = mysql_query("select * from sdcac_user_table where user_id='{$id}' and user_answer='{$ans}'") or die(mysql_erro()); } $pas = encrypt($_POST['us_pass']); if (mysql_num_rows($query2) == 1) { $query3 = mysql_query("update sdcac_user_table set user_password='******' where user_id='{$id}'") or die(mysql_error()); if ($query3) { echo <<<s \t\t\t\t<div style='width:60%;height:60%;font-weight:1em;color:#330099;margin-left:20%'> \t\t\t\t<div class='notification confirm' style="width:110%"><em><img alt='' src='assets/img/icons/tick_circle.png'></img> \t\t\t\tPassword Changed \t\t\t\t<img style="float:right;cursor:pointer;" src="assets/img/icons/cross.png" onclick="\$('#register_black').fadeOut()"></img> \t\t\t\t</em></div> \t\t\t\tYour Password is Changed...</br></br>Other Details are not Modified</br></br>Login with new Password \t\t\t\t</div> s; }
?> <strong>Search:</strong> <input type="text" id="search_key" /> <button id="find" onClick="return false" class="button">Find</button> <strong>Period: </strong><select id="period" name="period" class="size1" style="width:150px"> <?php if ($accessLevel < 3) { ?> <?php $firstDate = 0; $result = mysql_query("SELECT MIN(date) AS date FROM invoices LIMIT 1;") or die(mysql_error()); if (mysql_num_rows($result) > 0) { $row = mysql_fetch_assoc($result); $firstDate = $row['date']; } $result = mysql_query("SELECT MIN(expense_date) AS date FROM expenses LIMIT 1;") or die(mysql_erro()); if (mysql_num_rows($result) > 0) { $row = mysql_fetch_assoc($result); $firstDate = $row['date'] < $firstDate ? $row['date'] : $firstDate; } $result = mysql_query("SELECT MIN(date) AS date FROM waste LIMIT 1;") or die(mysql_error()); if (mysql_num_rows($result) > 0) { $row = mysql_fetch_assoc($result); $firstDate = $row['date'] < $firstDate ? $row['date'] : $firstDate; } $result = mysql_query("SELECT MIN(date) AS date FROM stock_arrival LIMIT 1;") or die(mysql_error()); if (mysql_num_rows($result) > 0) { $row = mysql_fetch_assoc($result); $firstDate = $row['date'] < $firstDate ? $row['date'] : $firstDate; } $firstYear = date('m', $firstDate) >= 7 ? date('Y', $firstDate) : date('Y', $firstDate) - 1;
} //closedir($handle); } break; case 'excelDetail': $kodeorg = $_GET['kdOrg']; $tgl = $_GET['tgl']; $sKary = "select namakaryawan,karyawanid from " . $dbname . ".datakaryawan where lokasitugas='" . substr($kodeorg, 0, 4) . "'"; $qKary = mysql_query($sKary) or die(mysql_error()); while ($rKary = mysql_fetch_assoc($qKary)) { $rArrKary[$rKary['karyawanid']] = $rKary['namakaryawan']; } $tab .= "\r\n <table class=sortable cellpadding=1 border=1>\r\n <thead>\r\n <tr class=rowheader>\r\n <td bgcolor=#DEDEDE align=center>No.</td>\r\n <td bgcolor=#DEDEDE align=center>" . $_SESSION['lang']['notransaksi'] . "</td>\r\n <td bgcolor=#DEDEDE align=center>" . $_SESSION['lang']['blok'] . "</td>\r\n <td bgcolor=#DEDEDE align=center>" . $_SESSION['lang']['nikmandor'] . "</td> \r\n <td bgcolor=#DEDEDE align=center>" . $_SESSION['lang']['namakaryawan'] . "</td>\r\n <td bgcolor=#DEDEDE align=center>" . $_SESSION['lang']['hasilkerja'] . "</td>\r\n <td bgcolor=#DEDEDE align=center>" . $_SESSION['lang']['hasilkerjakg'] . "</td>\r\n <td bgcolor=#DEDEDE align=center>" . $_SESSION['lang']['upahkerja'] . "</td>\r\n <td bgcolor=#DEDEDE align=center>" . $_SESSION['lang']['upahpenalty'] . "</td>\r\n <td bgcolor=#DEDEDE align=center>" . $_SESSION['lang']['premibasis'] . "</td>\r\n <td bgcolor=#DEDEDE align=center>" . $_SESSION['lang']['upahpremi'] . "</td>\r\n <td bgcolor=#DEDEDE align=center>" . $_SESSION['lang']['rupiahpenalty'] . "</td>\r\n </tr></thead><tbody>\r\n "; $sPrestasi = "select a.*,b.tanggal,b.nikmandor from " . $dbname . ".kebun_prestasi a \r\n left join " . $dbname . ".kebun_aktifitas b on a.notransaksi=b.notransaksi \r\n where a.kodeorg='" . $kodeorg . "' and b.tanggal='" . $tgl . "' and b.tipetransaksi='PNN'"; //echo $sPrestasi; $qPrestasi = mysql_query($sPrestasi) or die(mysql_erro($conn)); while ($rPrestasi = mysql_fetch_assoc($qPrestasi)) { $no += 1; $tab .= "<tr class=rowcontent>\r\n <td>" . $no . "</td>\r\n <td>" . $rPrestasi['notransaksi'] . "</td>\r\n <td>" . $rPrestasi['kodeorg'] . "</td>"; if ($tempNik != $rPrestasi['nikmandor']) { $brs = 1; } if ($brs == 1) { $tempNik = $rPrestasi['nikmandor']; $tab .= "<td>" . $rArrKary[$rPrestasi['nikmandor']] . "</td>"; $brs = 0; } else { $tab .= "<td> </td>"; } $tab .= "\r\n <td>" . $rArrKary[$rPrestasi['nik']] . "</td>\r\n <td align=right>" . number_format($rPrestasi['hasilkerja'], 2) . "</td>\r\n <td align=right>" . number_format($rPrestasi['hasilkerjakg'], 2) . "</td>\r\n <td align=right>" . number_format($rPrestasi['upahkerja'], 2) . "</td>\r\n <td align=right>" . number_format($rPrestasi['upahpenalty'], 2) . "</td>\r\n <td align=right>" . number_format($rPrestasi['premibasis'], 2) . "</td>\r\n <td align=right>" . number_format($rPrestasi['upahpremi'], 2) . "</td>\r\n <td align=right>" . number_format($rPrestasi['rupiahpenalty'], 2) . "</td>\r\n </tr>"; $totKerja += $rPrestasi['hasilkerja'];