Exemple #1
0
function check_login_info($_username, $_password) {
	$sql = new sql();
	$query = "select id, password, date_creation from qcs_users where username = '******'";
	$rs = $sql -> dquery($query);	
	
	if ($rs[0] > 0) {
		
		
		
		$date_creation = substr($rs[1]['date_creation'], 0, 10);
		$input_password = md5(md5($_password).$date_creation);
		$db_password = $rs[1]['password'];
		$user_id = $rs[1]['id'];
		
		
		if ($input_password != $db_password)
			$user_id = -1;
			
		//	echo "password = "******"rs[1]['password'] = " . $rs[1]['password'];
		//	exit();
			
		if($rs[1]['password'] == md5($_password))
			$user_id = $rs[1]['id'];
	}
	
	else $user_id = -1;
	$sql -> dclose();
	return $user_id;
}
Exemple #2
0
function email_exists($_email) {
  $sql = new sql();
  $query = "select id from member where email = '".$_email."'";
  $rs = $sql -> dquery($query);	
  $sql -> dclose();

  if ($rs[0] > 0) return FALSE;
  else return TRUE;
}
Exemple #3
0
    }
    if (isset($_GET["target"])) {
        $target = htmlspecialchars($_GET["target"]);
    }
    // insert in database
    $field_str[] = "email";
    $data_str[] = "'" . write_to_db($email) . "'";
    $field_str[] = "name";
    $data_str[] = "'" . write_to_db($company) . "'";
    $field_str[] = "country";
    $data_str[] = "'" . write_to_db($country) . "'";
    $field_str[] = "newsletter";
    $data_str[] = "'" . write_to_db($version) . "'";
    $field_str[] = "date_login";
    $data_str[] = Date("'Y-m-d H:i:s'");
    $cc = implode(',', $field_str);
    $dd = implode(',', $data_str);
    $sql = new sql();
    $query = "insert into qcs_tracking ({$cc}) values ({$dd})";
    $sql->dinsert($query);
    $sql->dclose();
}
// redirection
$host = $_SERVER['HTTP_HOST'];
$uri = rtrim(dirname($_SERVER['PHP_SELF']), '/\\');
if ($target != '') {
    header("Location: http://{$host}{$uri}/{$target}");
} else {
    header("Location: http://{$host}{$uri}/new-products");
}
exit;
Exemple #4
0
function delete_user($_id) {
    $sql = new sql();
	$query = 'delete from user where id = '.$_id;
	$sql -> dchange($query);
	$sql -> dclose();
}