} $entryTitleOld = decodeIt($_POST['entryTitleOld']); $entryTitle = encodeIt($_POST['entryTitle']); $entryDesc = encodeIt($_POST['entryDesc']); if ($_POST['entryNotes'] != '') { $entryNotes = encodeIt($_POST['entryNotes']); } else { $entryNotes = null; } if ($_POST['entryUsername'] != '') { $entryUsername = encodeIt($_POST['entryUsername']); } else { $entryUsername = null; } if ($_POST['entryUrl'] != '') { $entryUrl = encodeIt($_POST['entryUrl']); } else { $entryUrl = null; } $stmt = $mysqli->prepare("UPDATE\n\t\t\t\t\t\t\t\t\t\tentries\n\t\t\t\t\t\t\t\t\tSET\n\t\t\t\t\t\t\t\t\t\tcatId = ?,\n\t\t\t\t\t\t\t\t\t\tentryTitle = ?,\n\t\t\t\t\t\t\t\t\t\tentryDesc = ?,\n\t\t\t\t\t\t\t\t\t\tentryUsername = ?,\n\t\t\t\t\t\t\t\t\t\tentryUrl = ?,\n\t\t\t\t\t\t\t\t\t\tentryNotes = ?,\n\t\t\t\t\t\t\t\t\t\tlastUpdated = ?\n\t\t\t\t\t\t\t\t\tWHERE\n\t\t\t\t\t\t\t\t\t\tentryId = ?"); $stmt->bind_param('ssssssss', $catId, $entryTitle, $entryDesc, $entryUsername, $entryUrl, $entryNotes, $todayDt, $entryId); $stmt->execute(); $stmt->close(); // Add Recent Activity $activityType = '8'; $activityTitle = $theEntryText . ' "' . $entryTitleOld . '" ' . $wasUpdatedText; updateActivity($pw_userId, $activityType, $activityTitle); $msgBox = alertBox($theEntryText . " \"" . $entryTitleOld . "\" " . $theCatUpdMsg2, "<i class='fa fa-check-square'></i>", "success"); } } }
// Change Account Password if (isset($_POST['submit']) && $_POST['submit'] == 'chngPass') { // User Validations if ($_POST['currPassword'] == '') { $msgBox = alertBox($currAccPassReq, "<i class='fa fa-times-circle'></i>", "danger"); } else { if ($_POST['password1'] == '') { $msgBox = alertBox($yourNewAccPassReq, "<i class='fa fa-times-circle'></i>", "danger"); } else { if ($_POST['password1'] != $_POST['password2']) { $msgBox = alertBox($newAccPassNoMatch, "<i class='fa fa-times-circle'></i>", "danger"); } else { $currPassword = htmlspecialchars($_POST['currPassword']); $passwordOld = decodeIt($_POST['passwordOld']); if ($currPassword == $passwordOld) { $password1 = encodeIt($_POST['password1']); $stmt = $mysqli->prepare("UPDATE\r\n\t\t\t\t\t\t\t\t\t\t\tusers\r\n\t\t\t\t\t\t\t\t\t\tSET\r\n\t\t\t\t\t\t\t\t\t\t\tpassword = ?,\r\n\t\t\t\t\t\t\t\t\t\t\tlastUpdated = ?\r\n\t\t\t\t\t\t\t\t\t\tWHERE\r\n\t\t\t\t\t\t\t\t\t\t\tuserId = ?"); $stmt->bind_param('sss', $password1, $todayDt, $pw_userId); $stmt->execute(); $stmt->close(); // Add Recent Activity $activityType = '9'; $activityTitle = $myProfPassUpdAct1; updateActivity($pw_userId, $activityType, $activityTitle); $msgBox = alertBox($myProfPassUpdMsg1, "<i class='fa fa-check-square'></i>", "success"); } else { // Add Recent Activity $activityType = '0'; $activityTitle = $myProfPassUpdAct2; updateActivity($pw_userId, $activityType, $activityTitle); $msgBox = alertBox($myProfPassUpdMsg2, "<i class='fa fa-warning'></i>", "warning");
$siteName = htmlspecialchars($_POST['siteName']); $siteEmail = htmlspecialchars($_POST['siteEmail']); $saltCode = htmlspecialchars($_POST['installationSalt']); $userDocsPath = '../docs/'; $todayDt = date("Y-m-d H:i:s"); // Add data to the siteSettings Table $stmt = $mysqli->prepare("\n\t\t\t\t\t\t\t\t\tINSERT INTO\n\t\t\t\t\t\t\t\t\t\tsitesettings(\n\t\t\t\t\t\t\t\t\t\t\tinstallUrl,\n\t\t\t\t\t\t\t\t\t\t\tsiteName,\n\t\t\t\t\t\t\t\t\t\t\tsiteEmail,\n\t\t\t\t\t\t\t\t\t\t\tlocalization,\n\t\t\t\t\t\t\t\t\t\t\tsaltCode,\n\t\t\t\t\t\t\t\t\t\t\tallowRegistrations,\n\t\t\t\t\t\t\t\t\t\t\tcalLocalization,\n\t\t\t\t\t\t\t\t\t\t\tavatarFolder,\n\t\t\t\t\t\t\t\t\t\t\tuserDocsPath,\n\t\t\t\t\t\t\t\t\t\t\tavatarTypesAllowed,\n\t\t\t\t\t\t\t\t\t\t\tfileTypesAllowed,\n\t\t\t\t\t\t\t\t\t\t\tweatherLoc,\n\t\t\t\t\t\t\t\t\t\t\tweekStart,\n\t\t\t\t\t\t\t\t\t\t\tlastUpdated\n\t\t\t\t\t\t\t\t\t\t) VALUES (\n\t\t\t\t\t\t\t\t\t\t\t?,\n\t\t\t\t\t\t\t\t\t\t\t?,\n\t\t\t\t\t\t\t\t\t\t\t?,\n\t\t\t\t\t\t\t\t\t\t\t'english',\n\t\t\t\t\t\t\t\t\t\t\t?,\n\t\t\t\t\t\t\t\t\t\t\t1,\n\t\t\t\t\t\t\t\t\t\t\t'en',\n\t\t\t\t\t\t\t\t\t\t\t'avatars/',\n\t\t\t\t\t\t\t\t\t\t\t?,\n\t\t\t\t\t\t\t\t\t\t\t'jpg,png',\n\t\t\t\t\t\t\t\t\t\t\t'jpg,png,gif,txt,pdf,xls,xlsx,doc,docx,zip,rar',\n\t\t\t\t\t\t\t\t\t\t\t'Washington, DC',\n\t\t\t\t\t\t\t\t\t\t\t0,\n\t\t\t\t\t\t\t\t\t\t\t'0000-00-00 00:00:00'\n\t\t\t\t\t\t\t\t\t\t)"); $stmt->bind_param('sssss', $install, $siteName, $siteEmail, $saltCode, $userDocsPath); $stmt->execute(); $stmt->close(); $userEmail = htmlspecialchars($_POST['userEmail']); $password = htmlspecialchars($_POST['password']); $firstName = htmlspecialchars($_POST['firstName']); $lastName = htmlspecialchars($_POST['lastName']); // Encrypt Password $newPassword = encodeIt($password); // Generate a RANDOM Hash $randomHash = uniqid(rand()); $randHash = substr($randomHash, 0, 8); $hash = md5(rand(0, 1000)); // Create the User's Documents Folder // Replace any spaces with an underscore and set to all lower-case $docFolderName = $firstName . '_' . $lastName; $userFldr = str_replace(' ', '_', $docFolderName); $usrDocsFolder = strtolower($userFldr) . '_' . $randHash; // Create the User Document Directory if (mkdir($userDocsPath . $usrDocsFolder, 0755, true)) { $newDir = $userDocsPath . $usrDocsFolder; } // Add the new Admin Account $stmt = $mysqli->prepare("\n\t\t\t\t\t\t\t\t\tINSERT INTO\n\t\t\t\t\t\t\t\t\t\tusers(\n\t\t\t\t\t\t\t\t\t\t\tsuperUser,\n\t\t\t\t\t\t\t\t\t\t\tuserEmail,\n\t\t\t\t\t\t\t\t\t\t\tpassword,\n\t\t\t\t\t\t\t\t\t\t\tfirstName,\n\t\t\t\t\t\t\t\t\t\t\tlastName,\n\t\t\t\t\t\t\t\t\t\t\tlocation,\n\t\t\t\t\t\t\t\t\t\t\tuserFolder,\n\t\t\t\t\t\t\t\t\t\t\tuserAvatar,\n\t\t\t\t\t\t\t\t\t\t\tjoinDate,\n\t\t\t\t\t\t\t\t\t\t\trecEmails,\n\t\t\t\t\t\t\t\t\t\t\tisActive,\n\t\t\t\t\t\t\t\t\t\t\thash,\n\t\t\t\t\t\t\t\t\t\t\tlastVisited,\n\t\t\t\t\t\t\t\t\t\t\tlastUpdated\n\t\t\t\t\t\t\t\t\t\t) VALUES (\n\t\t\t\t\t\t\t\t\t\t\t1,\n\t\t\t\t\t\t\t\t\t\t\t?,\n\t\t\t\t\t\t\t\t\t\t\t?,\n\t\t\t\t\t\t\t\t\t\t\t?,\n\t\t\t\t\t\t\t\t\t\t\t?,\n\t\t\t\t\t\t\t\t\t\t\t'Washington, DC',\n\t\t\t\t\t\t\t\t\t\t\t?,\n\t\t\t\t\t\t\t\t\t\t\t'userAvatar.png',\n\t\t\t\t\t\t\t\t\t\t\t?,\n\t\t\t\t\t\t\t\t\t\t\t1,\n\t\t\t\t\t\t\t\t\t\t\t1,\n\t\t\t\t\t\t\t\t\t\t\t?,\n\t\t\t\t\t\t\t\t\t\t\t'0000-00-00 00:00:00',\n\t\t\t\t\t\t\t\t\t\t\t'0000-00-00 00:00:00'\n\t\t\t\t\t\t\t\t\t\t)");