$weight = trim($_POST["weight"]);
}
if (trim($_POST["publish"]) != "") {
$publish1 = trim($_POST["publish"]);
}
//DOB
$dd = $_POST["dd"];
$dm = $_POST["dm"];
$dy = $_POST["dy"];
// Last date of donation.
$ld = $_POST["ld"];
$lm = $_POST["lm"];
$ly = $_POST["ly"];
$dob = dmy2mysql($dd, $dm, $dy);
$last = dmy2mysql($ld, $lm, $ly);
$hashed_password = superHash($password);
if ($publish1 == "on") {
$publish = 1;
}
$sql = "INSERT INTO registration (Name,DOB,Gender,Bloodgroup,Weight,AdmissionYear, Branch, Batch, Designation, ContactNo,Emailid,LastDonation,Publish,District,Post)\r\n VALUES ('{$name}', '{$dob}',{$sex},'{$bgroup}','{$weight}','{$admnyear}','{$branch}','{$batch}','{$designation}','{$phone}','{$email}','{$last}', '{$publish}','{$district}','{$address}')";
$sql2 = "INSERT INTO user (UserID, PWD)VALUES ('{$email}' , '{$hashed_password}')";
mysql_query($sql2, $link);
$sql3 = "UPDATE stock SET Stock = Stock + 1 WHERE BGroup = '{$bgroup}'";
mysql_query($sql3, $link);
if (!mysql_query($sql, $link)) {
die('Error' . mysql_error());
} else {
mysql_query($result1, $link);
$_SESSION['key1'] = '$email';
header("Location: ./index.php?msg=Please login here");
}
$s = "";
if (isset($_POST["userid"])) {
if (trim($_POST["userid"]) != "") {
$uid = trim($_POST["userid"]);
} else {
header('Location: ./index.php?msg = "Enter username"');
}
}
if (isset($_POST["pwd"])) {
if ($_POST["pwd"] != "") {
$pwd = $_POST["pwd"];
} else {
header('Location: ./index.php?msg = "Enter password"');
}
}
$hashed_pass = superHash($pwd);
if ($uid != "" && $pwd != "") {
$sql = "select * from user where UserID = '" . $uid . "' and PWD = '" . $hashed_pass . "'";
$rst = mysql_query($sql);
$nt = mysql_fetch_array($rst);
if ($nt) {
if ($nt[UserID] == 'admin') {
$k = 0;
$i = '1';
$_SESSION['key'] = $k;
header('Location: ./main.php');
mysql_query("UPDATE user SET keyvalue ='" . $k . "' where UserID='" . $uid . "'");
} else {
$i = '1';
$_SESSION['key'] = $uid;
header('Location: ./profile.php');
<?php
require 'cnn.php';
require 'hash.php';
$hashed_password = superHash($_POST['password']);
$sql = 'UPDATE user SET PWD=\'' . $hashed_password . '\' WHERE UserId=\'' . $_POST['email'] . '\'';
mysql_query($sql);
header('Location: ./index.php?msg=Password Changed. Login with new password');
$link = mysql_connect(\'' . $dbhost . '\', \'' . $dbuser . '\', \'' . $dbpass . '\');
if (!$link)
die("CONNECTION ERROR!!!: " . mysql_error());
mysql_select_db (\'' . $dbname . '\');
?>';
$cnn_file = 'cnn.php';
if (is_writable($cnn_file)) {
header('Location: ./install.php?msg=Error: ' . $cnn_file . ' not writable<br/>');
}
$file_handler = fopen($cnn_file, 'w');
fwrite($file_handler, $cnn_string);
fclose($file_handler);
chmod("cnn.php", 0444);
require $cnn_file;
// Install initial database
$dbfile = 'database.sql';
/*if(is_readable($dbfile))
header( 'Location: ./install.php?msg=Error: '.$dbfile.' not readable<br/>');*/
$file_handler = fopen($dbfile, 'r');
// Execute all the queries stored in database file
while (!feof($file_handler)) {
$sql_statement = fgets($file_handler);
mysql_query($sql_statement, $link);
}
require 'hash.php';
$hashed_pass = superHash($pass1);
$user_sql = "INSERT INTO `user` (`UserID`, `keyvalue`, `PWD`)\n VALUES ('admin', '5', '{$hashed_pass}')";
mysql_query($user_sql, $link);
header('Location: ./index.php?msg= Installation Sucessfull. You can now login.');
