$conexao->commit();
} else {
$conexao->rollback();
}
header("Location: cadPessoa.php?cad=ok");
die;
} else {
$comitar = false;
}
break;
case "contato":
if ($slBancRef != NULL || $pesCod != NULL) {
include_once "../../dao/DAOBancoPessoa.class.php";
$dao = new DAOBancoPessoa($slBancRef, $pesCod, "../../", $conexao);
include_once "../../dao/DAOLog.class.php";
$log = new DAOLog($_SESSION["pessoa"], 3, $_SESSION["nivel"], $_SESSION["codigo"], 7, "id=\\'" . $slBancRef . "+" . $pesCod . "\\'", "../../", $conexao);
if (!$dao->cadastrar() || !$log->cadastrar()) {
$comitar = false;
}
if ($comitar) {
$conexao->commit();
} else {
$conexao->rollback();
}
header("Location: cadPessoa.php?cad=ok");
die;
} else {
$comitar = false;
}
break;
}
$nivelAcesso = "../../:2:3:4";
include_once "../../utils/controladorAcesso.php";
include_once "../../utils/funcoes.php";
$slVerRef = antiSQL(isset($_POST["slVerRef"]) ? $_POST["slVerRef"] : NULL);
$tfVerba = antiSQL(isset($_POST["tfVerba"]) ? $_POST["tfVerba"] : NULL);
$slEmpRef = antiSQL(isset($_POST["slEmpRef"]) ? $_POST["slEmpRef"] : NULL);
$slBancRef = antiSQL(isset($_POST["slBancRef"]) ? $_POST["slBancRef"] : NULL);
$slProRef = antiSQL(isset($_POST["slProRef"]) ? $_POST["slProRef"] : NULL);
$tfVerDesc = antiSQL(isset($_POST["tfVerDesc"]) ? $_POST["tfVerDesc"] : NULL);
if ($slVerRef != NULL && $tfVerba != NULL && $slEmpRef != NULL && $slBancRef != NULL && $slProRef != NULL && $tfVerDesc != NULL) {
include_once "../../utils/ConectarMySQL.class.php";
$conexao = new ConectarMySQL();
include_once "../../dao/DAOVerba.class.php";
include_once "../../dao/DAOLog.class.php";
$dao = new DAOVerba($tfVerba, $slEmpRef, $slBancRef, $slProRef, $tfVerDesc, "../../", $conexao);
$log = new DAOLog($_SESSION["pessoa"], 4, $_SESSION["nivel"], $_SESSION["codigo"], 9, "Log id=\\'" . $slVerRef . "\\'", "../../", $conexao);
if ($dao->alterar($slVerRef) && $log->cadastrar()) {
$conexao->commit();
} else {
$conexao->rollback();
}
header("Location: altVerba.php?alt=ok");
die;
}
$alt = antiSQL(isset($_GET["alt"]) ? $_GET["alt"] : NULL);
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>Untitled Document</title>
$linha = mysqli_fetch_array($resultado);
$dao = new DAOParcela(NULL, NULL, NULL, NULL, NULL, "../../", $conexao);
$parcela = new Parcela(NULL, NULL, NULL, NULL, NULL);
$parcela = $dao->getParcela("%", $slAveRef);
$dao = new DAOServidor(NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, "../../", $conexao);
$servidor = new Servidor(NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL);
$servidor = $dao->getServidor($linha["pes_codigo"], "%");
$servidor->setUtilizada($servidor->getUtilizada() - $parcela->getValor());
$servidor->setDisponivel($servidor->getDisponivel() + $parcela->getValor());
$dao->setServidor($servidor);
if (!$dao->alterar($servidor->getPesCodigo() . ":" . $servidor->getMatricula())) {
$comitar = false;
}
$comitar = true;
$dao = new DAOAverbacao(NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, "../../", $conexao);
$log = new DAOLog($_SESSION["pessoa"], 7, $_SESSION["nivel"], $_SESSION["codigo"], 12, "id=\\'" . $slEmpRef . "\\'", "../../", $conexao);
if (!$dao->deletar($slAveRef) || !$log->cadastrar()) {
$comitar = false;
}
if ($comitar == true) {
$conexao->commit();
} else {
$conexao->rollback();
}
header("Location: delAverbacao.php?can=ok");
die;
}
$can = antiSQL(isset($_GET["can"]) ? $_GET["can"] : NULL);
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
include_once $toRoot . "dao/DAOCliente.class.php";
include_once $toRoot . "dao/DAOLog.class.php";
$conexao = new ConectarMySQL();
$cliente = new Cliente();
$daoCli = new DAOCliente($cliente, $conexao);
$cliente = $daoCli->getCliente($tfNomUsu);
if ($cliente != NULL && $cliente->nomeUsuario == $tfNomUsu && decodificar($cliente->senha) == $tfSen) {
$_SESSION["codigo"] = $cliente->codigo;
$_SESSION["nivel"] = $cliente->nivel;
$_SESSION["pesCodigo"] = $cliente->pesCodigo;
$_SESSION["codigoPai"] = $cliente->codigoPai;
$_SESSION["nomeUsuario"] = $cliente->nomeUsuario;
$_SESSION["sennha"] = $cliente->sennha;
$_SESSION["solicitacoes"] = 0;
$log = new Log(1, 1, $_SESSION["nomeUsuario"] . " realizou log-in no sistema!");
$daoLog = new DAOLog($log, $conexao);
$daoLog->cadastrar();
if ($_SESSION["nivel"] == 3 || $_SESSION["nivel"] == 4) {
include_once $toRoot . "beans/FuncionarioEmpresa.class.php";
include_once $toRoot . "dao/DAOFuncionarioEmpresa.class.php";
$funcionarioEmpresa = new FuncionarioEmpresa();
$DAOFuncionarioEmpresa = new DAOFuncionarioEmpresa($funcionarioEmpresa, $conexao);
$array = $DAOFuncionarioEmpresa->getFuncionarioEmpresaLista($_SESSION["codigo"]);
foreach ($array as $temp) {
$funcionarioEmpresa = $temp;
$_SESSION["empresa"] = $funcionarioEmpresa->empCodigo;
$_SESSION["empresaNome"] = $funcionarioEmpresa->nome;
}
} else {
if ($_SESSION["nivel"] == 2) {
include_once $toRoot . "beans/Solicitacao.class.php";
$cadastrar = isset($_GET["cadastrar"]) ? $_GET["cadastrar"] : NULL;
if ($cadastrar == "sim") {
foreach ($_POST as $nomeCampo => $valor) {
$comando = "\$" . $nomeCampo . "= antiSQL(isset(\$_POST['{$nomeCampo}']) ? '" . $valor . "' : NULL);";
eval($comando);
}
include_once $toRoot . "utils/ConectarMySQL.class.php";
include_once $toRoot . "beans/Empresa.class.php";
include_once $toRoot . "beans/Funcionario.class.php";
include_once $toRoot . "beans/Log.class.php";
include_once $toRoot . "dao/DAOEmpresa.class.php";
include_once $toRoot . "dao/DAOFuncionario.class.php";
include_once $toRoot . "dao/DAOLog.class.php";
$conexao = new ConectarMySql($toRoot);
$empresa = new Empresa($tfNomEmp);
$daoEmpresa = new DAOEmpresa($empresa, $conexao);
$daoEmpresa->cadastrar();
$empresa = $daoEmpresa->getAtual();
$log = new Log(3, 7, $tfNomEmp . " cadastrado!");
$daoLog = new DAOLog($log, $conexao);
$daoLog->cadastrar();
$funcionario = new Funcionario($empresa->codigo, $_SESSION["codigo"]);
$daoFuncionario = new DAOFuncionario($funcionario, $conexao);
$daoFuncionario->cadastrar();
$log->alvCodigo = 6;
$log->descricao = "Empresa cadastrado!";
$daoLog->setLog($log);
$daoLog->cadastrar();
$conexao->fechar();
$cadastrar = true;
}
$periodo = "Out-" . $tfAno;
break;
case 11:
$periodo = "Nov-" . $tfAno;
break;
case 12:
$periodo = "Dez-" . $tfAno;
break;
}
$data = $tfAno . "/" . $slMes . "/" . $tfDia;
include_once "../../utils/ConectarMySQL.class.php";
$conexao = new ConectarMySQL();
include_once "../../dao/DAOParametro.class.php";
$dao = new DAOParametro($periodo, 1, $data, NULL, "../../", $conexao);
include_once "../../dao/DAOLog.class.php";
$log = new DAOLog($_SESSION["pessoa"], 3, $_SESSION["nivel"], $_SESSION["codigo"], 11, "Abriu=\\'" . $periodo . "\\'", "../../", $conexao);
if ($dao->cadastrar() && $log->cadastrar()) {
$conexao->commit();
} else {
$conexao->rollback();
}
header("Location: cadParametro.php?cad=ok");
die;
}
$cad = antiSQL(isset($_GET["cad"]) ? $_GET["cad"] : NULL);
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>Untitled Document</title>
include_once "funcoes.php";
$tfNomeUsuario = antiSQL(isset($_POST["tfNomeUsuario"]) ? $_POST["tfNomeUsuario"] : NULL);
$tfSenha = antiSQL(isset($_POST["tfSenha"]) ? $_POST["tfSenha"] : NULL);
if ($tfNomeUsuario != NULL && $tfSenha != NULL) {
include_once "ConectarMySQL.class.php";
$conexao = new ConectarMySQL();
include_once "../dao/DAOAdministrador.class.php";
$daoAdm = new DAOAdministrador(NULL, NULL, NULL, NULL, NULL, "../", $conexao);
$resultado = $daoAdm->pesquisar("nomUsu", $tfNomeUsuario);
while ($linha = mysqli_fetch_array($resultado)) {
if ($tfNomeUsuario == $linha["adm_nome_usuario"] && $tfSenha == decodificar($linha["adm_senha"])) {
session_start();
$_SESSION["codigo"] = $linha["adm_codigo"];
$_SESSION["pessoa"] = $linha["pes_codigo"];
$_SESSION["nivel"] = $linha["niv_codigo"];
$_SESSION["banco"] = $linha["ban_codigo"];
$_SESSION["usuario"] = $linha["adm_nome_usuario"];
$_SESSION["senha"] = $linha["adm_senha"];
$linha = mysqli_fetch_array($conexao->selecionar("SELECT ban_descricao FROM bancos WHERE ban_codigo='" . $linha["ban_codigo"] . "'"));
$_SESSION["banco_nome"] = $linha["ban_descricao"];
include_once "../dao/DAOLog.class.php";
$log = new DAOLog($linha["pes_codigo"], 1, $linha["niv_codigo"], $linha["adm_codigo"], 1, "Realizou log-in no sistema!", "../", $conexao);
$log->cadastrar();
$conexao->commit();
header("Location: ../main.php");
die;
}
}
$conexao->commit();
}
header("Location: ../index.php?login=erro");
<?php
session_start();
$nivelAcesso = "../../:2:3:4";
include_once "../../utils/controladorAcesso.php";
include_once "../../utils/funcoes.php";
$empDel = antiSQL(isset($_POST["slEmpRef"]) ? $_POST["slEmpRef"] : NULL);
if ($empDel != NULL) {
include_once "../../utils/ConectarMySQL.class.php";
$conexao = new ConectarMySQL();
include_once "../../dao/DAOLog.class.php";
$log = new DAOLog($_SESSION["pessoa"], 5, $_SESSION["nivel"], $_SESSION["codigo"], 2, "id=\\'" . $slEmpRef . "\\'", "../../", $conexao);
include_once "../../dao/DAOEmpresa.class.php";
$dao = new DAOEmpresa(NULL, "../../", $conexao);
if ($dao->deletar($empDel) && $log->cadastrar()) {
$conexao->commit();
} else {
$conexao->rollback();
}
header("Location: delEmpresa.php?del=ok");
die;
}
$del = antiSQL(isset($_GET["del"]) ? $_GET["del"] : NULL);
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>Untitled Document</title>
<style type="text/css">
<!--
case "admin":
include_once "../../dao/DAOAdministrador.class.php";
$dao = new DAOAdministrador(NULL, NULL, NULL, NULL, NULL, "../../", $conexao);
include_once "../../dao/DAOLog.class.php";
$log = new DAOLog($_SESSION["pessoa"], 5, $_SESSION["nivel"], $_SESSION["codigo"], 8, "id=\\'" . $slPesRef . "\\'", "../../", $conexao);
if ($dao->deletar($slPesRef) && $log->cadastrar()) {
$conexao->commit();
} else {
$conexao->rollback();
}
break;
case "contato":
include_once "../../dao/DAOBancoPessoa.class.php";
$dao = new DAOBancoPessoa(NULL, NULL, "../../", $conexao);
include_once "../../dao/DAOLog.class.php";
$log = new DAOLog($_SESSION["pessoa"], 5, $_SESSION["nivel"], $_SESSION["codigo"], 7, "id=\\'" . $slPesRef . "\\'", "../../", $conexao);
if ($dao->deletar("", $slPesRef) && $log->cadastrar()) {
$conexao->commit();
} else {
$conexao->rollback();
}
break;
}
header("Location: delPessoa.php?del=ok");
die;
}
$del = antiSQL(isset($_GET["del"]) ? $_GET["del"] : NULL);
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<?php
session_start();
$nivelAcesso = "../../:2:3:4";
include_once "../../utils/controladorAcesso.php";
include_once "../../utils/funcoes.php";
$slBancRef = antiSQL(isset($_POST["slBancRef"]) ? $_POST["slBancRef"] : NULL);
if ($slBancRef != NULL) {
include_once "../../utils/ConectarMySQL.class.php";
$conexao = new ConectarMySQL();
include_once "../../dao/DAOLog.class.php";
$log = new DAOLog($_SESSION["pessoa"], 5, $_SESSION["nivel"], $_SESSION["codigo"], 3, "id=\\'" . $slBancRef . "\\'", "../../", $conexao);
include_once "../../dao/DAOBanco.class.php";
$dao = new DAOBanco(NULL, NULL, "../../", $conexao);
if ($dao->deletar($slBancRef) && $log->cadastrar()) {
$conexao->commit();
} else {
$conexao->rollback();
}
header("Location: delBanco.php?del=ok");
die;
}
$del = antiSQL(isset($_GET["del"]) ? $_GET["del"] : NULL);
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>Untitled Document</title>
<style type="text/css">
<!--
<?php
session_start();
$nivelAcesso = "../../:2:3:4";
include_once "../../utils/controladorAcesso.php";
include_once "../../utils/funcoes.php";
$slEmpRef = antiSQL(isset($_POST["slEmpRef"]) ? $_POST["slEmpRef"] : NULL);
$desc = antiSQL(isset($_POST["tfEmpDesc"]) ? $_POST["tfEmpDesc"] : NULL);
if ($desc != NULL && $slEmpRef != NULL) {
include_once "../../utils/ConectarMySQL.class.php";
$conexao = new ConectarMySQL();
include_once "../../dao/DAOEmpresa.class.php";
include_once "../../dao/DAOLog.class.php";
$dao = new DAOEmpresa($desc, "../../", $conexao);
$log = new DAOLog($_SESSION["pessoa"], 4, $_SESSION["nivel"], $_SESSION["codigo"], 2, "id=\\'" . $slEmpRef . "\\'", "../../", $conexao);
if ($dao->alterar($slEmpRef) && $log->cadastrar()) {
$conexao->commit();
} else {
$conexao->rollback();
}
header("Location: altEmpresa.php?alt=ok");
die;
}
$alt = antiSQL(isset($_GET["alt"]) ? $_GET["alt"] : NULL);
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>Untitled Document</title>
<style type="text/css">
if ($slAveRef != NULL) {
include_once "../../utils/ConectarMySQL.class.php";
include_once "../../dao/DAOParcela.class.php";
include_once "../../dao/DAOServidor.class.php";
include_once "../../dao/DAOLog.class.php";
include_once "../../beans/Parcela.class.php";
include_once "../../beans/Servidor.class.php";
$comitar = true;
$conexao = new ConectarMySQL();
$sql = "UPDATE averbacoes SET sta_codigo = 3 WHERE ave_numero_externo = '" . $slAveRef . "'";
$log = new DAOLog($_SESSION["pessoa"], 4, $_SESSION["nivel"], $_SESSION["codigo"], 12, "id=\\'" . $slEmpRef . "\\'", "../../", $conexao);
if (!$log->cadastrar() || !$conexao->executar($sql)) {
$comitar = false;
}
$sql = "UPDATE parcelas SET sta_codigo = 4 WHERE ave_numero_externo = '" . $slAveRef . "'";
$log = new DAOLog($_SESSION["pessoa"], 4, $_SESSION["nivel"], $_SESSION["codigo"], 13, "id=\\'" . $slEmpRef . "\\'", "../../", $conexao);
if (!$log->cadastrar() || !$conexao->executar($sql)) {
$comitar = false;
}
$sql = "SELECT pes_codigo, ave_numero_parcelas FROM averbacoes WHERE ave_numero_externo = '" . $slAveRef . "'";
$resultado = $conexao->selecionar($sql);
$linha = mysqli_fetch_array($resultado);
$dao = new DAOParcela(NULL, NULL, NULL, NULL, NULL, "../../", $conexao);
$parcela = new Parcela(NULL, NULL, NULL, NULL, NULL);
$parcela = $dao->getParcela("%", $slAveRef);
$dao = new DAOServidor(NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, "../../", $conexao);
$servidor = new Servidor(NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL);
$servidor = $dao->getServidor($linha["pes_codigo"], "%");
$servidor->setUtilizada($servidor->getUtilizada() - $parcela->getValor());
$servidor->setDisponivel($servidor->getDisponivel() + $parcela->getValor());
$dao->setServidor($servidor);
<?php
session_start();
$nivelAcesso = "../../:2:3:4";
include_once "../../utils/controladorAcesso.php";
include_once "../../utils/funcoes.php";
$slBancRef = antiSQL(isset($_POST["slBancRef"]) ? $_POST["slBancRef"] : NULL);
$tfBanCod = antiSQL(isset($_POST["tfBanCod"]) ? $_POST["tfBanCod"] : NULL);
$tfBanDesc = antiSQL(isset($_POST["tfBanDesc"]) ? $_POST["tfBanDesc"] : NULL);
if ($slBancRef != NULL && $tfBanCod != NULL && $tfBanDesc != NULL) {
include_once "../../utils/ConectarMySQL.class.php";
$conexao = new ConectarMySQL();
include_once "../../dao/DAOBanco.class.php";
$dao = new DAOBanco($tfBanCod, $tfBanDesc, "../../", $conexao);
include_once "../../dao/DAOLog.class.php";
$log = new DAOLog($_SESSION["pessoa"], 4, $_SESSION["nivel"], $_SESSION["codigo"], 3, "id=\\'" . $slBancRef . "\\'", "../../", $conexao);
if ($dao->alterar($slBancRef) && $log->cadastrar()) {
$conexao->commit();
} else {
$conexao->rollback();
}
header("Location: altBanco.php?alt=ok");
die;
}
$alt = antiSQL(isset($_GET["alt"]) ? $_GET["alt"] : NULL);
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>Untitled Document</title>
<?php
session_start();
$nivelAcesso = "../../:2:3:4";
include_once "../../utils/controladorAcesso.php";
include_once "../../utils/funcoes.php";
$slVerRef = antiSQL(isset($_POST["slVerRef"]) ? $_POST["slVerRef"] : NULL);
if ($slVerRef != NULL) {
include_once "../../utils/ConectarMySQL.class.php";
$conexao = new ConectarMySQL();
include_once "../../dao/DAOVerba.class.php";
include_once "../../dao/DAOLog.class.php";
$dao = new DAOVerba(NULL, NULL, NULL, NULL, NULL, "../../", $conexao);
$log = new DAOLog($_SESSION["pessoa"], 5, $_SESSION["nivel"], $_SESSION["codigo"], 9, "Log id=\\'" . $slVerRef . "\\'", "../../", $conexao);
if ($dao->deletar($slVerRef) && $log->cadastrar()) {
$conexao->commit();
} else {
$conexao->rollback();
}
header("Location: delVerba.php?del=ok");
die;
}
$alt = antiSQL(isset($_GET["del"]) ? $_GET["del"] : NULL);
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>Untitled Document</title>
<style type="text/css">
<!--
$sql = "UPDATE parcelas SET sta_codigo = 2 WHERE par_periodo_parcela='" . $slPer . "'";
if (!$mysql->executar($sql)) {
$comitar = false;
die;
} else {
$comitar = true;
}
$sql = "UPDATE parametros SET sta_codigo = 3, par_link='" . $link . "' WHERE par_periodo='" . $slPer . "'";
if (!$mysql->executar($sql)) {
$comitar = false;
die;
} else {
$comitar = true;
}
include_once "../../dao/DAOLog.class.php";
$log = new DAOLog($_SESSION["pessoa"], 4, $_SESSION["nivel"], $_SESSION["codigo"], 11, "Encerrou=\\'" . $slPer . "\\'", "../../", $mysql);
$comitar = $log->cadastrar();
$dbf->fechar();
if ($comitar = true) {
$mysql->commit();
} else {
$mysql->rollback();
}
header("Location: altParametro.php");
die;
}
if ($ffPlanilha != NULL) {
$uri = "../../uploads/";
if (!ini_get('safe_mode')) {
set_time_limit(900);
}
