<?php if (isset($logged)) { $now = time(); if ($now > $_SESSION['expire']) { session_destroy(); echo "<script language='javascript'>\n\t\t\t\t\t\t\twindow.location=" . mainPageURL() . ";\n\t\t\t\t\t\t\talert('Timeout!!!Please login to continue browsing the site');\n\t\t\t\t\t\t</script>"; } else { echo '<div id="search"> <form action="' . mainPageURL() . '" enctype="multipart/form-data" name="searchForm" id="myForm" method="GET"> <input type="text" class="search_input" name="search" placeholder="Enter Search..." value="" /> </form> </div>'; $_SESSION['start_reset'] = time(); $_SESSION['expire'] = $_SESSION['start_reset'] + 30 * 60; $customer = getCustomerById($logged); $username = $customer['username']; $token = $customer['token']; $gravatar_image = $customer['email']; $gravatar_default = ""; $size = 40; $grav_url = "http://www.gravatar.com/avatar/" . md5(strtolower(trim($gravatar_image))) . "?d=" . urlencode($gravatar_default) . "&s=" . $size; echo '<div id="after_log_in"> <div class="user_name"> <img src="' . $grav_url . '" alt="" /> <a href="profile.html">' . $username . '</a> </div> <div class="token_left"> Token Left: ' . $token . ' </div>
function editCustomer($data) { $info = getCustomerById($data['customerId']); $sql = "UPDATE " . e01 . " SET id='" . $data['customerId'] . "'"; $implode = array(); if (isset($data['username'])) { if ($info['username'] != $data['username']) { $implode[] = " username = '******'username'] . "'"; insertCustomerLog($data['customerId'], 1, $info['username'], $data['username'], $data['modify_by']); } } if (isset($data['email'])) { if ($info['email'] != $data['email']) { $implode[] = " email = '" . $data['email'] . "'"; insertCustomerLog($data['customerId'], 2, $info['email'], $data['email'], $data['modify_by']); } } if (isset($data['password'])) { if ($info['password'] != $data['password']) { $implode[] = " password = '******'password'] . "'"; insertCustomerLog($data['customerId'], 3, $info['password'], $data['password'], $data['modify_by']); } } if (isset($data['status'])) { if ($info['status'] != $data['status']) { $implode[] = " status = '" . $data['status'] . "'"; insertCustomerLog($data['customerId'], 5, $info['status'], $data['status'], $data['modify_by']); } } if (isset($data['token'])) { if ($info['token'] != $data['token']) { $implode[] = " token = '" . $data['token'] . "'"; insertCustomerLog($data['customerId'], 4, $info['token'], $data['token'], $data['modify_by']); } } if (isset($data['fcode'])) { if ($info['fcode'] != $data['fcode']) { $implode[] = " fcode = '" . $data['fcode'] . "'"; } } if ($implode) { $sql .= " , " . implode(" , ", $implode); } $sql .= " WHERE id='" . $data['customerId'] . "'"; $query = mysql_query($sql); $sql_info = "UPDATE " . e02 . " SET customer_id='" . $data['customerId'] . "'"; $implode_info = array(); if (isset($data['fname'])) { if ($info['fname'] != $data['fname']) { $implode_info[] = " first_name = '" . $data['fname'] . "'"; insertCustomerLog($data['customerId'], 6, $info['fname'], $data['fname'], $data['modify_by']); } } if (isset($data['lname'])) { if ($info['lname'] != $data['lname']) { $implode_info[] = " last_name = '" . $data['lname'] . "'"; insertCustomerLog($data['customerId'], 7, $info['lname'], $data['lname'], $data['modify_by']); } } if (isset($data['dob'])) { if ($info['dob'] != $data['dob']) { $implode_info[] = " date_birth = '" . $data['dob'] . "'"; insertCustomerLog($data['customerId'], 8, $info['dob'], $data['dob'], $data['modify_by']); } } if (isset($data['gender'])) { if ($info['gender'] != $data['gender']) { $implode_info[] = " gender = '" . $data['gender'] . "'"; insertCustomerLog($data['customerId'], 9, $info['gender'], $data['gender'], $data['modify_by']); } } if (isset($data['add1'])) { if ($info['add1'] != $data['add1']) { $implode_info[] = " address1 = '" . $data['add1'] . "'"; insertCustomerLog($data['customerId'], 10, $info['add1'], $data['add1'], $data['modify_by']); } } if (isset($data['add2'])) { if ($info['add2'] != $data['add2']) { $implode_info[] = " address2 = '" . $data['add2'] . "'"; insertCustomerLog($data['customerId'], 11, $info['add2'], $data['add2'], $data['modify_by']); } } if (isset($data['city'])) { if ($info['city'] != $data['city']) { $implode_info[] = " city = '" . $data['city'] . "'"; insertCustomerLog($data['customerId'], 12, $info['city'], $data['city'], $data['modify_by']); } } if (isset($data['zip'])) { if ($info['zip'] != $data['zip']) { $implode_info[] = " zip = '" . $data['zip'] . "'"; insertCustomerLog($data['customerId'], 13, $info['zip'], $data['zip'], $data['modify_by']); } } if (isset($data['state'])) { if ($info['state'] != $data['state']) { $implode_info[] = " state = '" . $data['state'] . "'"; insertCustomerLog($data['customerId'], 14, $info['state'], $data['state'], $data['modify_by']); } } if (isset($data['country'])) { if ($info['country'] != $data['country']) { $implode_info[] = " country = '" . $data['country'] . "'"; insertCustomerLog($data['customerId'], 15, $info['country'], $data['country'], $data['modify_by']); } } if (isset($data['phone'])) { if ($info['phone'] != $data['phone']) { $implode_info[] = " phone = '" . $data['phone'] . "'"; insertCustomerLog($data['customerId'], 16, $info['phone'], $data['phone'], $data['modify_by']); } } if ($implode_info) { $sql_info .= " , " . implode(" , ", $implode_info); } $sql_info .= " WHERE customer_id='" . $data['customerId'] . "'"; $query_info = mysql_query($sql_info); if ($query && $query_info) { return true; } return false; }
<?php if (!isset($logged)) { header('Location:login.html'); } if (!hasPermission($logged, 'access', 'customer_form')) { header('Location:permission.html'); } if (isset($_GET['customer_id'])) { $customer_id = $_GET['customer_id']; } if (isset($customer_id) && $_SERVER['REQUEST_METHOD'] != 'POST') { $customer_info = getCustomerById($customer_id); } if (isset($_POST['username'])) { $username = $_POST['username']; } elseif (!empty($customer_info)) { $username = $customer_info['username']; } else { $username = ''; } if (isset($_POST['email'])) { $email = $_POST['email']; } elseif (!empty($customer_info)) { $email = $customer_info['email']; } else { $email = ''; } if (isset($_POST['password'])) { $password = $_POST['password']; } else {