function saveImage($base64img, $id)
{
    define('UPLOAD_DIR', '../../uploads/');
    $base64img = str_replace('data:image/jpeg;base64,', '', $base64img);
    $data = base64_decode($base64img);
    $file = UPLOAD_DIR . 'thuphat.jpg';
    if (file_put_contents($file, $data)) {
        $user_obj = new user();
        if ($user_obj->updateUser('', '', '', '', '', '', '', 'thuphat1231ssssss111â.jpg', $id)) {
            echo "true";
        } else {
            echo "false";
        }
    } else {
        echo "false";
    }
}
Esempio n. 2
0
<?php

require_once "../apps/User.php";
$u = new user();
if (!empty($_POST['email']) && !empty($_POST['password']) && !empty($_POST['cn']) && !empty($_POST['c']) && !empty($_POST['st']) && !empty($_POST['l']) && !empty($_POST['o']) && !empty($_POST['ou']) && !empty($_POST['tel'])) {
    if ($u->register($_POST['email'], $_POST['password'], $_POST['c'], $_POST['st'], $_POST['l'], $_POST['o'], $_POST['ou'], $_POST['cn'], $_POST['tel'])) {
        header("refresh:2;url=login.php");
        echo "Register With success";
    } else {
        header("Location: register.html?error=yes");
    }
} elseif (isset($_POST['email']) && isset($_POST['password'])) {
    if ($u->login($_POST['email'], $_POST['password'])) {
        header("Location: index.php");
    } else {
        header("Location: login.php?error=yes");
    }
} elseif (!empty($_POST['cn']) && !empty($_POST['c']) && !empty($_POST['st']) && !empty($_POST['l']) && !empty($_POST['o']) && !empty($_POST['ou']) && !empty($_POST['tel'])) {
    if ($u->updateUser($_POST['c'], $_POST['st'], $_POST['l'], $_POST['o'], $_POST['ou'], $_POST['cn'], $_POST['tel'])) {
        header("Location: profile.php?update=ok");
    } else {
        header("Location: profile.php?error=yes");
    }
} elseif (!empty($_POST['subj']) && !empty($_POST['type']) && !empty($_POST['len']) && !empty($_POST['d']) && !empty($_POST['hash'])) {
    if ($u->demande($_POST['hash'], $_POST['len'], $_POST['subj'], $_POST['type'], $_POST['d'])) {
        header("Location: demande.php?add=ok");
    } else {
        header("Location: demande.php?error=yes");
    }
}
 } elseif ('detail' === $_GET['action']) {
     if ($user->issetUser("id IN (" . secure::escQuoteData($_GET['id']) . ") AND token IN ('active','archived','moderate','new')")) {
         // удаление пользователя
         if (isset($_POST['delete'])) {
             $delNews = isset($_POST['news']) ? true : false;
             $delArticles = isset($_POST['articles']) ? true : false;
             $user->deleteUsers(array($_GET['id']), true, true, true, $delArticles, $delNews);
             messages::messageChangeSaved(MESSAGE_CHANGE_SAVED, false, CONF_ADMIN_FILE . '?m=users&s=manager');
         } elseif (isset($_POST['saveUserData'])) {
             if (!empty($_POST['conf']['user_type']) && !empty($_POST['conf']['user_group']) && !empty($_POST['user']['first_name']) && !empty($_POST['user']['last_name']) && !empty($_POST['user']['phone'])) {
                 $strWhere = "id IN (" . secure::escQuoteData($_GET['id']) . ")";
                 // Основные данные пользователя
                 $uData = $_POST['user'];
                 // Доп. данные пользователя
                 $ucData = $_POST['conf'];
                 $user->updateUser($uData, $strWhere);
                 $user->updateConfUser($ucData, $strWhere);
                 messages::messageChangeSaved(MESSAGE_CHANGE_SAVED, false, CONF_ADMIN_FILE . '?m=users&s=manager&action=detail&id=' . $_GET['id']);
             } else {
                 $arrErrors[] = ERROR_USER_REQUIRED_FIELDS_IS_EMPTY;
             }
         } elseif (isset($_POST['saveCompanyData'])) {
             //var_dump($_FILES);
             //exit;
             // получаем данные пользователя (нужны для проверки)
             $userData = $user->getCombinedUserData($_GET['id']);
             // если передан логотип для загрузки, пытаемся его загрузить
             if (!empty($_FILES['cLogo']['name'])) {
                 // проверяем существование файла с таким же именем, и принадлежит ли он текущему пользователю
                 if (!file_exists('uploads/images/logo/' . $_FILES['cLogo']['name']) || $_FILES['cLogo']['name'] == $userData['logo']) {
                     if (!$user->loadLogo('cLogo', 'uploads/images/logo/')) {
             $responce = array('status' => 'failed', 'error' => $error_message, 'data' => array());
         }
     } else {
         $responce = array('status' => 'failed', 'error' => 'Data missing', 'data' => array());
     }
 } else {
     if ($form_id == 39) {
         ///admin/owner change password
         if (isset($_POST['password']) and !empty($_POST['password'])) {
             $password = $_POST['password'];
             //mysql_real_escape_string($_POST['password']);
             $user = new user();
             $user->id = $_SESSION['user_id'];
             $user->getUser();
             $user->password_hashed = md5($password);
             if ($user->updateUser()) {
                 $mail = new mail();
                 $mail->send_password_changed_notification_mail($user->user_name);
                 $message = "Password Updated Successfuly";
                 $responce = array('status' => 'success', 'error' => '', 'data' => array("message" => $message, "id" => $user->id));
             } else {
                 $description = "Password update failed, Stock : " . $user->to_string();
                 Log::e($tag, $description);
                 $mysql_error = mysql_error();
                 if (empty($mysql_error)) {
                     $error_message = 'Some server error occured';
                 } else {
                     $error_message = $mysql_error;
                 }
                 $responce = array('status' => 'failed', 'error' => $error_message, 'data' => array());
             }
    $city = $_POST['city'];
    $state = $_POST['state'];
    $zip = $_POST['zip'];
    /*
    echo '<br/><br/><br/><br/><br/><br/><br/>';
    echo '--->' . $fname . '<br/>';
    echo '--->' . $lname . '<br/>';
    echo '--->' . $phone . '<br/>';
    echo '--->' . $job_title . '<br/>';
    echo '--->' . $speciality . '<br/>';
    echo '--->' . $speciality2 . '<br/>';
    echo '--->' . $city . '<br/>';
    echo '--->' . $state . '<br/>';
    echo '--->' . $zip . '<br/>';
    */
    $result = $objUser->updateUser($userid, $fname, $lname, $phone, $job_title, $speciality, $speciality2, $city, $state, $zip);
    if ($result == true) {
        $outputMessage = '
		<div style="text-align:center">
		<div class="alert alert-success alert-dismissible" role="alert" style="width:100%;">
  <button type="button" class="close" data-dismiss="alert" aria-label="Close"><span aria-hidden="true">&times;</span></button>
  <strong>Success!</strong> Profile is updated successfully.
</div></div>';
    } else {
        $outputMessage = '
		<div style="text-align:center">
		<div class="alert alert-danger alert-dismissible" role="alert" style="width:100%;">
  <button type="button" class="close" data-dismiss="alert" aria-label="Close"><span aria-hidden="true">&times;</span></button>
  <strong>Oh snap!</strong> Something went wrong!
</div></div>';
    }
Esempio n. 6
0
<?php

require_once '../classes/connection.class.php';
require_once '../classes/user.class.php';
require_once '../classes/locate.class.php';
if (isset($_POST['submit'])) {
    $user_id = $_POST['user_id'];
    $username = $_POST['username'];
    $password = $_POST['password'];
    $email = $_POST['email'];
}
$updateUserObject = new user();
$updateUserObject->setUserID($user_id);
$updateUserObject->setUsername($username);
$updateUserObject->setPassword($password);
$updateUserObject->setEmail($email);
$flag = $updateUserObject->updateUser();
/*echo '<pre>';
print_r($updateUserObject);
echo '</pre>';
exit;*/
if ($flag) {
    $_SESSION['user_updated'] = $err = "The user has been updated successfully";
    new Locate('../index.php?page=user&action=view');
} else {
    $_SESSION['user_not_updated'] = $err = "The user couldn't be updated";
    new Locate('../index.php?page=user&action=view');
}
Esempio n. 7
0
 if (token::check(input::get('token'))) {
     $validate = new validate();
     $validation = $validate->check($_POST, array('Password' => array('required' => true, 'min' => 6), 'password_again' => array('required' => true, 'matches' => 'Password')));
     if ($validation->passed()) {
         //session::flash('success','You registered successfully!');
         //header('Location: index.php');
         $user = new user(null, $_log);
         $salt = hash::salt(32);
         if ($data = $_db->get('Users', array('Username', '=', $username))) {
             //var_dump($data);
             if ($data->counts() > 0) {
                 if ($data->first()->User_Verified == 0) {
                     if ($data->first()->Confirm_Hash == $confirmCode) {
                         $oldUser = $data->first()->Old_User;
                         try {
                             $user->updateUser(array('Password' => hash::make(input::get('Password'), $salt), 'Salt' => $salt, 'User_Verified' => 1, 'Confirm_Hash' => null, 'Old_User' => null), $_GET['Username']);
                             session::flash('home', 'Your password has been created');
                             $_log->info('Username verified: ' . $username);
                             // Will be logged
                             if ($oldUser !== null) {
                                 try {
                                     if ($user->delete($oldUser)) {
                                         $_log->info('Old user deleted: ' . (string) $oldUser);
                                     } else {
                                         $_log->warning('Old user NOT deleted: ' . (string) $oldUser);
                                     }
                                 } catch (Exception $e) {
                                     var_dump($e->getMessage());
                                     $_log->info($e->getMessage());
                                     die($e->getMessage());
                                 }
Esempio n. 8
0
        }
    } else {
        echo ajax::sdgJSONencode(array('error' => ERROR_UPDATES_REQUEST_UNDEFINED_ACTION));
    }
} elseif (!empty($_POST['maintenance'])) {
    $maintenance = $_POST['maintenance'] == 'on' ? 'true' : 'false';
    $data = "<?php\n\n" . "(!defined('SDG')) ? die ('Triple protection!') : null;\n\n" . 'define("CONF_SERVICE_ADMINISTRATION_MAINTENANCE", ' . $maintenance . ');' . "\n";
    echo !tools::saveConfig('core/conf/const.config.service.php', $data, false) ? 'false' : 'true';
} elseif (!empty($_POST['mailFile']) && !empty($_POST['mailText']) && !empty($_POST['pathMailTemplates'])) {
    $_POST['mailFile'] = $_POST['pathMailTemplates'] . str_replace('_', '.', $_POST['mailFile']) . '.txt';
    // формируем имя файла
    echo tools::saveMailTemplateFile($_POST['mailFile'], $_POST['mailText']);
} elseif (!empty($_POST['uID']) && !empty($_POST['userType']) && !empty($_POST['userGroup'])) {
    $user = new user();
    $user->changeTable('conf_users');
    $response = !$user->updateUser(array('user_type' => $_POST['userType'], 'user_group' => $_POST['userGroup']), "id IN (" . secure::escQuoteData($_POST['uID']) . ")") ? db::$message_error : 'true';
    $user->changeTable('users', USR_PREFIX);
    echo $response;
} elseif (!empty($_POST['getArticleDetail']) && !empty($_POST['strQuery'])) {
    $articles = new articles();
    $arrArticle = $articles->getArticle("id IN (" . secure::escQuoteData($_POST['getArticleDetail']) . ")");
    $aComments = new articlesComments();
    $arrOrder = array('datetime' => 'DESC');
    $arrComments = $aComments->getRecords("id_article=" . secure::escQuoteData($_POST['getArticleDetail']) . " AND token='active'", $arrOrder, false, false);
    // адресная строка
    $smarty->assignByRef('qString', $_POST['strQuery']);
    $smarty->assignByRef('arrArticle', $arrArticle);
    $smarty->assignByRef('arrComments', $arrComments);
    $smarty->display('adm.manager.articles.detail.tpl');
} elseif (!empty($_POST['getNewsDetail']) && !empty($_POST['strQuery'])) {
    $news = new news();
Esempio n. 9
0
 // SET - e.g. UPDATE USER
 ////////////////////////////////////////////////////
 if ($_POST['action'] == 'set') {
     if (isset($_POST['user-id']) && isset($_POST['user-forename']) && isset($_POST['user-lastname']) && isset($_POST['user-email'])) {
         // Validate  and sanitise
         $userID = (int) $_POST['user-id'];
         $foreName = $_POST['user-forename'];
         $lastName = $_POST['user-lastname'];
         $email = $_POST['user-email'];
         // validate email
         if (!$user->isValidEmailAddress($email)) {
             echo json_encode(array('result' => false, 'msg' => 'Invalid email address'));
             exit;
         }
         // OK update the user
         $result = $user->updateUser($userID, $foreName, $lastName, $email);
         echo json_encode(array('result' => true));
         exit;
     } else {
         echo json_encode(array('result' => false));
         exit;
     }
 }
 ////////////////////////////////////////////////////
 // UPDATE PASSWORD
 ////////////////////////////////////////////////////
 if ($_POST['action'] == 'setPassword' && isset($_POST['user-id']) && isset($_POST['user-password1']) && isset($_POST['user-password2'])) {
     // Validate  and sanitise
     $userID = (int) $_POST['user-id'];
     $password1 = trim(htmlentities($_POST['user-password1']));
     $password2 = trim(htmlentities($_POST['user-password2']));
Esempio n. 10
0
<?php

require_once '../../models/config.php';
require_once '../../models/class.php';
require_once '../../models/class-user.php';
if (isset($_POST['act'])) {
    switch ($_POST['act']) {
        case "update":
            if (isset($_POST['user']) && isset($_POST['pass']) && isset($_POST['fullname'])) {
                $user_obj = new user();
                $user = $_POST['user'];
                $pass = md5($_POST['pass']);
                $fullname = $_POST['fullname'];
                $id = $_POST['id'];
                if ($user_obj->updateUser($user, $pass, $fullname, $id)) {
                    header("Location: ../index.php?view=list-user&stt=success");
                } else {
                    header("Location: ../index.php?view=list-user&stt=fail");
                }
            }
            break;
        case "xoa":
            $id = $_POST['id'];
            $user_obj = new user();
            if ($user_obj->delUser($id)) {
                header("Location: ../index.php?view=list-user&stt=success");
            } else {
                header("Location: ../index.php?view=list-user&stt=fail");
            }
            break;
        default:
        $user->addUser();
        $returnData = array('Success' => true, 'msg' => "Successfully added new user!");
        echo json_encode($returnData);
    } catch (Exception $e) {
        //return error msg to view.
        $returnData = array('Success' => false, 'msg' => "An error occured unable to add new user!");
        http_response_code(500);
        echo json_encode($returnData);
    }
} elseif (isset($_REQUEST['update'])) {
    try {
        $putdata = file_get_contents("php://input");
        $data = json_decode($putdata, true);
        $user = new user($dbc);
        $user->setProperties($data);
        $user->updateUser();
        $returnData = array('Success' => true, 'msg' => "Successfully updated user!");
        echo json_encode($returnData);
    } catch (Exception $e) {
        $returnData = array('Success' => false, 'msg' => "An error occured unable to update user!");
        http_response_code(500);
        echo json_encode($returnData);
    }
} elseif (isset($_REQUEST['setInactive'])) {
    try {
        $putdata = file_get_contents("php://input");
        $data = json_decode($putdata, true);
        $user_id = $data;
        $user = new user($dbc, $user_id);
        $user->setInactive();
        $returnData = array('Success' => true, 'msg' => "Successfully de-activated user!");
Esempio n. 12
0
<?php

require_once '../../models/config.php';
require_once '../../models/class.php';
require_once '../../models/class-user.php';
if ($_GET['id'] and $_GET['data']) {
    $id = $_GET['id'];
    $data = $_GET['data'];
    $key = $_GET['key'];
    $user = new user();
    if ($key == "user") {
        if ($user->updateUser($data, '', '', '', '', '', '', '', $id)) {
            echo "true";
        } else {
            echo "false";
        }
    } elseif ($key == "email") {
        if ($user->updateUser('', '', '', $data, '', '', '', '', $id)) {
            echo "true";
        } else {
            echo "false";
        }
    } elseif ($key == "fullname") {
        if ($user->updateUser('', '', $data, '', '', '', '', '', $id)) {
            echo "true";
        } else {
            echo "false";
        }
    } elseif ($key == "status") {
        if ($user->updateUser('', '', '', '', '', '', $data, '', $id)) {
            echo "select-true";