echo '<script> alert("You has successfully changed your password. \\nPlease login to continue."); </script>'; session_unset(); session_destroy(); echo '<meta http-equiv="refresh" content= "0;url=http://localhost/cls/login.php" />'; } } else { echo '<script>alert("The password you entered does not match with those in files.");</script>'; } } } if (isset($_POST['chgEml'])) { $newEml = checkInput($_POST['newEml']); $Pwd = checkInput($_POST['Pwd']); $valid = checkValidity(); if ($valid) { if (sha1($Pwd) == $_SESSION['user_password']) { $query = mysql_query("UPDATE profile SET email = '{$newEml}' WHERE user_name='{$username}';", $connect) or die(mysql_error()); if ($query) { echo '<script> alert("You has successfully changed your email. \\nPlease login to continue."); </script>'; session_unset(); session_destroy(); echo '<meta http-equiv="refresh" content= "0;url=http://localhost/cls/login.php" />'; } } else { echo '<script>alert("The password you entered does not match with those in files.");</script>'; } }
$id = null; if (property_exists($data, "id") && $data->id != 'undefined') { $id = $data->id; } if ($data->desc == 'undefined') { $data->desc = ''; } $nb = 1 + substr_count($concern, ","); if ($id != null) { $sql = "UPDATE compta_comptabilite SET Montant='" . $montant . "', Payeur='" . $payeur . "', Concernes='" . $concern . "', nbConcernes='" . $nb . "',Description='" . $desc . "' WHERE Id='" . $id . "'"; } else { $sql = "INSERT INTO compta_comptabilite (Id, Montant, Payeur, Concernes, nbConcernes,Description, usergroup, docusland_user_id) VALUES (NULL,'"; $sql .= $montant . "','" . $payeur . "','" . $concern . "','" . $nb . "','" . $desc . "','" . $group . "', '" . $userId . "');"; } $result = false; if (checkValidity($payeur) && checkValidity($montant) && checkValidity($concern)) { $result = $conn->query($sql); } if ($result) { echo "{}"; } else { echo "FAILURE for " . $sql; } break; case "compta_users": if (strlen($data->name) > 0) { $sql = "INSERT INTO compta_users (Id, username,usergroup,docusland_user_id, usercolor) VALUES (NULL,'"; $sql .= $data->name . "','" . urldecode($data->group) . "','" . $userId . "', '" . $data->color . "');"; $result = $conn->query($sql); } if ($result) {