<?php
/**
* Created by Kent M. Patrick
* Project: BPU
* Company: Fingerprints Ltd
* Date: 21/09/2016
* Time: 9:58 AM
*/
require_once 'header.php';
if (isset($_POST['submit'])) {
$gen = new Generators();
$username = $_POST['username'];
$password = $gen->salted($_POST['password']);
$result = $db->select("users", "username = '******' AND password = SHA('{$password}')", "id,username", 1);
if ($db->num_rows == 1) {
$_SESSION['userid'] = $result['id'];
$_SESSION['username'] = $result['username'];
$html->redirection("index.php");
} else {
$alerts->display("danger", "error", "Username/password combination is incorrect.");
}
}
$users = new Users();
$users->login_form("logon.php");
require_once 'footer.php';
function create_admin()
{
global $db, $tables_report;
if ($this->adminuser == "" || $this->adminuser == null) {
$this->adminuser = "******";
$this->adminpass = "******";
}
$select = $db->select("users", "username = '******'");
if ($select == false) {
$gen = new Generators();
$salted = $gen->salted($this->adminpass);
$success = $db->insert('users', 'username,password', "{$this->adminuser}||{$salted}");
$this->report($success, $this->adminuser, "user");
if ($success) {
$this->role_associate($db->affected_id, $this->adminuser);
}
} else {
$this->report(false, $this->adminuser, "user");
}
}
public function set_data()
{
$gen = new Generators();
$this->user_id = $_POST['user_id'];
$this->username = $_POST['username'];
$this->password1 = $_POST['password1'] != "" ? $gen->salted($_POST['password1']) : "";
$this->password2 = $_POST['password2'] != "" ? $gen->salted($_POST['password2']) : "";
$this->password_admin = $_POST['password_admin'] != "" ? $gen->salted($_POST['password_admin']) : "";
$this->role = isset($_POST['role']) ? $_POST['role'] : 0;
}
echo '{"status":"error"}';
exit;
}
$date_time = date("Ymdhis");
if (file_exists($dir_ . $_FILES['upl']['name'])) {
$file_name = preg_replace('/[^A-Za-z0-9\\-\\.]/', '', str_replace(' ', '-', $_FILES['upl']['name'])) . $date_time;
} else {
$file_name = preg_replace('/[^A-Za-z0-9\\-\\.]/', '', str_replace(' ', '-', $_FILES['upl']['name']));
}
$file_name = str_ireplace('image', 'no_image_name', $file_name);
if (move_uploaded_file($_FILES['upl']['tmp_name'], $dir_ . $file_name)) {
$file_url = $dir_ . $file_name;
$user = $db->select("users", "`username` = '{$ebay_user}'", '*', 1);
if (!$user) {
$gen = new Generators();
$db->insert("users", "username,password", "{$ebay_user}||" . $gen->salted("chocolatefrog"));
$user_id = $db->affected_id;
$db->insert("users_in_roles", "user_id,role_id", "{$db->affected_id}||4");
} else {
$user_id = $user['id'];
}
$order = $db->select("orders", "`name` = '{$ebay_order}'", '*', 1);
if (!$order) {
$db->insert("orders", "name", $ebay_order);
$order_id = $db->affected_id;
} else {
$order_id = $order['id'];
}
$db->insert("uploads", "user_id,order_id,filename", "{$user_id}||{$order_id}||{$file_name}");
echo '{"status":"success"}';
exit;
