function __construct() { $variables = new Variables(); $connect = new Connect($variables->dbHost, $variables->dbUser, $variables->dbPassword, $variables->dbName); $result; //receinving and striping the variables $this->userMatricula = $connect->antiInjection(isset($_POST["tfMatricula"]) ? $_POST["tfMatricula"] : NULL); $this->password = $connect->antiInjection(isset($_POST["tfPassword"]) ? $_POST["tfPassword"] : NULL); $this->select = $connect->antiInjection(isset($_POST["slSelect"]) ? $_POST["slSelect"] : NULL); if (!$connect->start()) { echo "Impossible to start connection in Sigin."; } //encoding to md5 hash $this->password = base64_encode($this->password); if (!($result = $connect->execute("SELECT * FROM Cadastros c INNER JOIN Folhas f ON c.codigo_fol = f.codigo_fol WHERE c.matricula = '{$this->userMatricula}' AND c.senha = '{$this->password}' AND f.codigo_fol = '{$this->select}'"))) { echo "Impossible to execute MySQL query."; } if ($connect->counterResult($result) > 0) { $result = $connect->execute("SELECT * FROM Pessoal WHERE matricula = '{$this->userMatricula}'"); $row = mysql_fetch_assoc($result); $_SESSION["user"] = $this->userMatricula; $_SESSION["userPass"] = $this->password; $_SESSION["nome"] = $row["nome"]; $connect->close(); header("Location: ../index.php?ok=true"); die; } $connect->close(); header("Location: ../index.php?ok=false"); die; }
function __construct() { $variables = new Variables(); $connect = new Connect($variables->dbHost, $variables->dbUser, $variables->dbPassword, $variables->dbName); //receinving and striping the variables $this->name = $connect->antiInjection(isset($_POST["tfNome"]) ? $_POST["tfNome"] : NULL); $this->description = $connect->antiInjection(isset($_POST["tdDescricao"]) ? $_POST["tdDescricao"] : NULL); if (strlen($this->name) == 0) { header("Location: ../importDocuments.php?upl=false&tab=folha"); die; } if (!$connect->start()) { echo "Impossible to star connection in Sigin."; } if (!$connect->execute("INSERT INTO Folhas (nome, descricao) VALUES ('{$this->name}', '{$this->description}')")) { echo "Impossible to execute MySQL query."; } if ($connect->counterAffected() > 0) { header("Location: ../importDocuments.php?upl=true&tab=folha"); } else { header("Location: ../importDocuments.php?upl=false&tab=folha"); } $connect->close(); die; }
function __construct() { $variables = new Variables(); $connect = new Connect($variables->dbHost, $variables->dbUser, $variables->dbPassword, $variables->dbName); //receinving and striping the variables $this->nivel = $connect->antiInjection(isset($_POST["slNivel"]) ? $_POST["slNivel"] : NULL); $this->userName = $connect->antiInjection(isset($_POST["tfUserName"]) ? $_POST["tfUserName"] : NULL); $this->password = $connect->antiInjection(isset($_POST["tfPassword"]) ? $_POST["tfPassword"] : NULL); $this->password2 = $connect->antiInjection(isset($_POST["tfPassword2"]) ? $_POST["tfPassword2"] : NULL); if ($this->password != $this->password2) { header("Location: ../importDocuments.php?sigin=false"); die; } if (!$connect->start()) { echo "Impossible to star connection in Sigin."; } //encoding to md5 hash $this->password = md5($this->password); if (!$connect->execute("INSERT INTO Administradores (id_nivel, usuario, senha) VALUES ({$this->nivel}, '{$this->userName}', '{$this->password}')")) { echo "Impossible to execute MySQL query."; } if ($connect->counterAffected() > 0) { header("Location: ../importDocuments.php?sigin=true"); } else { header("Location: ../importDocuments.php?sigin=false"); } $connect->close(); die; }
function __construct() { ini_set('memory_limit', '32M'); $variables = new Variables(); $connect = new Connect($variables->dbHost, $variables->dbUser, $variables->dbPassword, $variables->dbName); $result; $this->date1 = $connect->antiInjection(isset($_POST["tfDate1"]) ? $_POST["tfDate1"] : NULL); $this->date2 = $connect->antiInjection(isset($_POST["tfDate2"]) ? $_POST["tfDate2"] : NULL); $this->month1 = $connect->antiInjection(isset($_POST["slDate1"]) ? $_POST["slDate1"] : NULL); $this->month2 = $connect->antiInjection(isset($_POST["slDate2"]) ? $_POST["slDate2"] : NULL); $this->date1 = "01-" . $this->month1 . "-" . $this->date1; $this->date2 = "31-" . $this->month2 . "-" . $this->date2; $temp1 = explode("-", $this->date1); $temp2 = explode("-", $this->date2); $diff = $this->dateCounterDiff($this->date1, $this->date2); if (!checkdate($temp1[1], $temp1[0], $temp1[2]) or !checkdate($temp2[1], $temp2[0], $temp2[2]) or $diff > 1200 or $diff < 0) { header("Location: ../index.php?date=false"); die; } if (!$connect->start()) { echo "Impossible to star connection in Sigin."; } $this->printCC($connect); //$connect->close(); }
function __construct() { $variables = new Variables(); $connect = new Connect($variables->dbHost, $variables->dbUser, $variables->dbPassword, $variables->dbName); $result; //receinving and striping the variables $this->userName = $connect->antiInjection(isset($_POST["tfUserName"]) ? $_POST["tfUserName"] : NULL); $this->password = $connect->antiInjection(isset($_POST["tfPassword"]) ? $_POST["tfPassword"] : NULL); if (!$connect->start()) { echo "Impossible to star connection in Sigin."; } //encoding to md5 hash $this->password = md5($this->password); if (!($result = $connect->execute("SELECT * FROM Administradores WHERE usuario = '{$this->userName}' and senha = '{$this->password}'"))) { echo "Impossible to execute MySQL query."; } if ($connect->counterResult($result) > 0) { $_SESSION["usuario"] = $this->userName; $_SESSION["senha"] = $this->password; $row = mysql_fetch_assoc($result); $_SESSION["nivel"] = $row["id_nivel"]; //$connect->close(); switch ($_SESSION["nivel"]) { case 1: header("Location: ../importDocuments.php"); break; case 2: header("Location: ../makeRegister.php"); break; } die; } //$connect->close(); header("Location: ../admin.php?login=false"); die; }
<?php session_start(); if (isset($_SESSION["user"]) == NULL && isset($_SESSION["userPass"]) == NULL) { header("Location: admin.php"); } include_once "../beans/Variables.class.php"; require_once "../utils/Connect.class.php"; $variables = new Variables(); $connect = new Connect($variables->dbHost, $variables->dbUser, $variables->dbPassword, $variables->dbName); $oldPass = $connect->antiInjection(isset($_POST["tfOldPass"]) ? $_POST["tfOldPass"] : NULL); $newPass1 = $connect->antiInjection(isset($_POST["tfNewPass1"]) ? $_POST["tfNewPass1"] : NULL); $newPass2 = $connect->antiInjection(isset($_POST["tfNewPass2"]) ? $_POST["tfNewPass2"] : NULL); if (strcmp($newPass1, $newPass2) == 0) { $newPass1 = base64_encode($newPass1); $oldPass = base64_encode($oldPass); } else { $connect->close(); header("Location: ../index.php?pass=false"); die; } if (!$connect->start()) { echo "Impossible to star connection in Sigin."; } if (!($result = $connect->execute("SELECT * FROM Cadastros WHERE matricula = '" . $_SESSION["user"] . "' AND senha = '" . $oldPass . "'"))) { echo "Impossible to execute MySQL query."; } if ($connect->counterResult($result) > 0) { $connect->execute("UPDATE Cadastros SET senha='" . $newPass1 . "' WHERE matricula = '" . $_SESSION["user"] . "'"); $_SESSION["userPass"] = $newPass1; $connect->close();