Esempio n. 1
0
<?php

include_once 'config.php';
include_once '../checkAdminPagePermissions.php';
$dbBean = new DatabaseBean();
$general = new General($dbBean);
$menu_id = empty($_REQUEST['menu_id']) ? $_SESSION['menu_id'] : $_REQUEST['menu_id'];
$heading = $general->getPageHeading($menu_id);
$query = "SELECT * FROM admins where id=" . $_REQUEST['id'];
if (!$dbBean->Query($query)) {
    $dbBean->Kill();
}
$result = $dbBean->RowArray();
?>
<!DOCTYPE html>
<!--[if IE 8]> <html lang="en" class="ie8 no-js"> <![endif]-->
<!--[if IE 9]> <html lang="en" class="ie9 no-js"> <![endif]-->
<!--[if !IE]><!-->
<html lang="en">
<!--<![endif]-->
<!-- BEGIN HEAD -->
<head>
<?php 
include '../common.php';
?>
<!-- BEGIN PAGE LEVEL STYLES -->
<link rel="stylesheet" type="text/css" href="<?php 
echo ADMIN_URL;
?>
/assets/global/plugins/datatables/plugins/bootstrap/dataTables.bootstrap.css"/>
<!-- END PAGE LEVEL STYLES -->
Esempio n. 2
0
<?php

include_once 'config.php';
include_once '../checkAdminPagePermissions.php';
$dbBean = new DatabaseBean();
$general = new General($dbBean);
$menu_id = empty($_REQUEST['menu_id']) ? $_SESSION['menu_id'] : $_REQUEST['menu_id'];
$heading = $general->getPageHeading($menu_id);
$query = "SELECT * FROM menu where id=" . $_REQUEST['id'];
if (!$dbBean->Query($query)) {
    $dbBean->Kill();
}
$rows = $dbBean->RowArray();
?>
<!DOCTYPE html>
<!--[if IE 8]> <html lang="en" class="ie8 no-js"> <![endif]-->
<!--[if IE 9]> <html lang="en" class="ie9 no-js"> <![endif]-->
<!--[if !IE]><!-->
<html lang="en">
<!--<![endif]-->
<!-- BEGIN HEAD -->
<head>
<?php 
include '../common.php';
?>
<!-- BEGIN PAGE LEVEL STYLES -->

<link rel="stylesheet" type="text/css" href="<?php 
echo ADMIN_URL;
?>
/assets/global/plugins/datatables/plugins/bootstrap/dataTables.bootstrap.css"/>
Esempio n. 3
0
/*****************************************************************************************************/
if ($_REQUEST['FLAG'] == 'FORGOT_PWD') {
    if (isset($_REQUEST['email']) && $_REQUEST['email'] != '') {
        if (!filter_var($_REQUEST['email'], FILTER_VALIDATE_EMAIL)) {
            $error = 'danger';
            $_SESSION['msg'] = 'Please fill valid email.';
            $url = ADMIN_URL . "/login.php";
            $general->redirectUrl($url, $error);
            exit;
        }
        $query = "SELECT * FROM `admins` where email='" . $_REQUEST['email'] . "'";
        if (!$dbBean->Query($query)) {
            $dbBean->Kill();
        }
        if ($dbBean->RowCount() > 0) {
            $email_data = $dbBean->RowArray(null, MYSQLI_ASSOC);
            $new_password = $general->create_password(12);
            $cond = array("id" => $email_data['id']);
            $fieldvalues = array('password' => md5($new_password));
            $updated = $dbBean->UpdateRows("admins", $fieldvalues, $cond);
            if ($updated) {
                $mail = new PHPMailer();
                $mail->IsSMTP();
                // telling the class to use SMTP
                $mail->Host = "smtp.gmail.com";
                // SMTP server
                $mail->SMTPDebug = 1;
                $mail->SMTPAuth = true;
                $mail->Port = 587;
                $mail->SMTPSecure = 'tls';
                $mail->Username = SMPT_EMAIL;
Esempio n. 4
0
<?php

require_once "config.php";
require_once "functions.inc.php";
$dbBean = new DatabaseBean();
$general = new General($dbBean);
$name = isset($_POST['user']) ? $_POST['user'] : "";
$password = isset($_POST['pw']) ? $_POST['pw'] : "";
$name = stripQuotes(removeBadChars($name));
$password = stripQuotes(removeBadChars($password));
$sql = "SELECT count(*) as ct FROM action_recorder WHERE user_name = '" . $name . "' AND success=0 AND DATE_SUB(NOW(), INTERVAL 15 MINUTE) <= date_added";
if (!$dbBean->Query($sql)) {
    $dbBean->Kill();
}
$row = $dbBean->RowArray();
$failattempts = $row['ct'];
if ($failattempts > 5) {
    $_SESSION['msg'] = 'The maximum number of login attempts has been reached. Please try again in 15 minutes.';
    $num = 'danger';
    $url = ADMIN_URL . "/login.php";
    $general->redirectUrl($url, $num);
    exit;
}
$sql = "SELECT * FROM admins WHERE username = '******' AND binary password='******' ;";
if (!$dbBean->Query($sql)) {
    $dbBean->Kill();
}
$row = $dbBean->RowArray();
if ($row) {
    $_SESSION['adm_logged'] = true;
    $_SESSION['adm_user_id'] = $row['id'];
Esempio n. 5
0
                                <th>Action</th>
							</tr>
							</thead>
							<tbody>
                    <?php 
if ($_SESSION['adm_user_id'] == 1 || $_SESSION['adm_status'] == 'Level4') {
    $query = "SELECT id, username, email, CONCAT(first_name ,' ',last_name) as name, status FROM admins ORDER BY id";
} else {
    $query = "SELECT id, username, email, CONCAT(first_name ,' ',last_name) as name, status FROM admins where id='" . $_SESSION['adm_user_id'] . "'ORDER BY id";
}
if (!$dbBean->Query($query)) {
    $dbBean->Kill();
}
if ($dbBean->RowCount() > 0) {
    for ($index = 0; $index < $dbBean->RowCount(); $index++) {
        $rows = $dbBean->RowArray($index);
        ?>
                                        <tr class="<?php 
        echo ($index + 1) % 2 == 0 ? 'even' : 'odd';
        ?>
 gradeX">
                                            <td> <input  name="delete[]" type="checkbox" id="delete[]" value="<?php 
        echo $rows['id'];
        ?>
" class="checkboxes" /> </td>
                                            <td><?php 
        echo $rows['username'];
        ?>
</td>
                                            <td><?php 
        echo $rows['name'];