function __construct()
{
$variables = new Variables();
$connect = new Connect($variables->dbHost, $variables->dbUser, $variables->dbPassword, $variables->dbName);
$result;
//receinving and striping the variables
$this->userMatricula = $connect->antiInjection(isset($_POST["tfMatricula"]) ? $_POST["tfMatricula"] : NULL);
$this->password = $connect->antiInjection(isset($_POST["tfPassword"]) ? $_POST["tfPassword"] : NULL);
$this->select = $connect->antiInjection(isset($_POST["slSelect"]) ? $_POST["slSelect"] : NULL);
if (!$connect->start()) {
echo "Impossible to start connection in Sigin.";
}
//encoding to md5 hash
$this->password = base64_encode($this->password);
if (!($result = $connect->execute("SELECT * FROM Cadastros c INNER JOIN Folhas f ON c.codigo_fol = f.codigo_fol WHERE c.matricula = '{$this->userMatricula}' AND c.senha = '{$this->password}' AND f.codigo_fol = '{$this->select}'"))) {
echo "Impossible to execute MySQL query.";
}
if ($connect->counterResult($result) > 0) {
$result = $connect->execute("SELECT * FROM Pessoal WHERE matricula = '{$this->userMatricula}'");
$row = mysql_fetch_assoc($result);
$_SESSION["user"] = $this->userMatricula;
$_SESSION["userPass"] = $this->password;
$_SESSION["nome"] = $row["nome"];
$connect->close();
header("Location: ../index.php?ok=true");
die;
}
$connect->close();
header("Location: ../index.php?ok=false");
die;
}
function __construct()
{
$variables = new Variables();
$connect = new Connect($variables->dbHost, $variables->dbUser, $variables->dbPassword, $variables->dbName);
//receinving and striping the variables
$this->name = $connect->antiInjection(isset($_POST["tfNome"]) ? $_POST["tfNome"] : NULL);
$this->description = $connect->antiInjection(isset($_POST["tdDescricao"]) ? $_POST["tdDescricao"] : NULL);
if (strlen($this->name) == 0) {
header("Location: ../importDocuments.php?upl=false&tab=folha");
die;
}
if (!$connect->start()) {
echo "Impossible to star connection in Sigin.";
}
if (!$connect->execute("INSERT INTO Folhas (nome, descricao) VALUES ('{$this->name}', '{$this->description}')")) {
echo "Impossible to execute MySQL query.";
}
if ($connect->counterAffected() > 0) {
header("Location: ../importDocuments.php?upl=true&tab=folha");
} else {
header("Location: ../importDocuments.php?upl=false&tab=folha");
}
$connect->close();
die;
}
function __construct()
{
$variables = new Variables();
$connect = new Connect($variables->dbHost, $variables->dbUser, $variables->dbPassword, $variables->dbName);
//receinving and striping the variables
$this->nivel = $connect->antiInjection(isset($_POST["slNivel"]) ? $_POST["slNivel"] : NULL);
$this->userName = $connect->antiInjection(isset($_POST["tfUserName"]) ? $_POST["tfUserName"] : NULL);
$this->password = $connect->antiInjection(isset($_POST["tfPassword"]) ? $_POST["tfPassword"] : NULL);
$this->password2 = $connect->antiInjection(isset($_POST["tfPassword2"]) ? $_POST["tfPassword2"] : NULL);
if ($this->password != $this->password2) {
header("Location: ../importDocuments.php?sigin=false");
die;
}
if (!$connect->start()) {
echo "Impossible to star connection in Sigin.";
}
//encoding to md5 hash
$this->password = md5($this->password);
if (!$connect->execute("INSERT INTO Administradores (id_nivel, usuario, senha) VALUES ({$this->nivel}, '{$this->userName}', '{$this->password}')")) {
echo "Impossible to execute MySQL query.";
}
if ($connect->counterAffected() > 0) {
header("Location: ../importDocuments.php?sigin=true");
} else {
header("Location: ../importDocuments.php?sigin=false");
}
$connect->close();
die;
}
function __construct()
{
ini_set('memory_limit', '32M');
$variables = new Variables();
$connect = new Connect($variables->dbHost, $variables->dbUser, $variables->dbPassword, $variables->dbName);
$result;
$this->date1 = $connect->antiInjection(isset($_POST["tfDate1"]) ? $_POST["tfDate1"] : NULL);
$this->date2 = $connect->antiInjection(isset($_POST["tfDate2"]) ? $_POST["tfDate2"] : NULL);
$this->month1 = $connect->antiInjection(isset($_POST["slDate1"]) ? $_POST["slDate1"] : NULL);
$this->month2 = $connect->antiInjection(isset($_POST["slDate2"]) ? $_POST["slDate2"] : NULL);
$this->date1 = "01-" . $this->month1 . "-" . $this->date1;
$this->date2 = "31-" . $this->month2 . "-" . $this->date2;
$temp1 = explode("-", $this->date1);
$temp2 = explode("-", $this->date2);
$diff = $this->dateCounterDiff($this->date1, $this->date2);
if (!checkdate($temp1[1], $temp1[0], $temp1[2]) or !checkdate($temp2[1], $temp2[0], $temp2[2]) or $diff > 1200 or $diff < 0) {
header("Location: ../index.php?date=false");
die;
}
if (!$connect->start()) {
echo "Impossible to star connection in Sigin.";
}
$this->printCC($connect);
//$connect->close();
}
function __construct()
{
$variables = new Variables();
$connect = new Connect($variables->dbHost, $variables->dbUser, $variables->dbPassword, $variables->dbName);
$result;
//receinving and striping the variables
$this->userName = $connect->antiInjection(isset($_POST["tfUserName"]) ? $_POST["tfUserName"] : NULL);
$this->password = $connect->antiInjection(isset($_POST["tfPassword"]) ? $_POST["tfPassword"] : NULL);
if (!$connect->start()) {
echo "Impossible to star connection in Sigin.";
}
//encoding to md5 hash
$this->password = md5($this->password);
if (!($result = $connect->execute("SELECT * FROM Administradores WHERE usuario = '{$this->userName}' and senha = '{$this->password}'"))) {
echo "Impossible to execute MySQL query.";
}
if ($connect->counterResult($result) > 0) {
$_SESSION["usuario"] = $this->userName;
$_SESSION["senha"] = $this->password;
$row = mysql_fetch_assoc($result);
$_SESSION["nivel"] = $row["id_nivel"];
//$connect->close();
switch ($_SESSION["nivel"]) {
case 1:
header("Location: ../importDocuments.php");
break;
case 2:
header("Location: ../makeRegister.php");
break;
}
die;
}
//$connect->close();
header("Location: ../admin.php?login=false");
die;
}
<?php
session_start();
if (isset($_SESSION["user"]) == NULL && isset($_SESSION["userPass"]) == NULL) {
header("Location: admin.php");
}
include_once "../beans/Variables.class.php";
require_once "../utils/Connect.class.php";
$variables = new Variables();
$connect = new Connect($variables->dbHost, $variables->dbUser, $variables->dbPassword, $variables->dbName);
$oldPass = $connect->antiInjection(isset($_POST["tfOldPass"]) ? $_POST["tfOldPass"] : NULL);
$newPass1 = $connect->antiInjection(isset($_POST["tfNewPass1"]) ? $_POST["tfNewPass1"] : NULL);
$newPass2 = $connect->antiInjection(isset($_POST["tfNewPass2"]) ? $_POST["tfNewPass2"] : NULL);
if (strcmp($newPass1, $newPass2) == 0) {
$newPass1 = base64_encode($newPass1);
$oldPass = base64_encode($oldPass);
} else {
$connect->close();
header("Location: ../index.php?pass=false");
die;
}
if (!$connect->start()) {
echo "Impossible to star connection in Sigin.";
}
if (!($result = $connect->execute("SELECT * FROM Cadastros WHERE matricula = '" . $_SESSION["user"] . "' AND senha = '" . $oldPass . "'"))) {
echo "Impossible to execute MySQL query.";
}
if ($connect->counterResult($result) > 0) {
$connect->execute("UPDATE Cadastros SET senha='" . $newPass1 . "' WHERE matricula = '" . $_SESSION["user"] . "'");
$_SESSION["userPass"] = $newPass1;
$connect->close();
