$error .= 'Brak ilości użyć. ';
}
if (!is_numeric($amount)) {
$error .= 'Błędna ilość użyć';
}
###
if (!empty($error)) {
$_SESSION['msg1'] = $error;
$_SESSION['msg-type'] = 'danger';
unset($error);
header("Location: admin.php?page=5");
die;
}
###
if (empty($code)) {
$code = pass_generator();
}
###
query_basic("INSERT INTO `voucher` SET\n\t\t\t`code` = '" . $code . "',\n\t\t\t`amount` = '" . $amount . "'");
###
$_SESSION['msg1'] = 'Voucher został dodany!';
$_SESSION['msg-type'] = 'success';
header("Location: admin.php?page=5");
die;
break;
case 'voucherdelete':
if (isset($_POST['id'])) {
$id = mysql_real_escape_string($_POST['id']);
} else {
if (isset($_GET['id'])) {
$id = mysql_real_escape_string($_GET['id']);
require_once __DIR__ . "/../../moneyio.php";
open_session();
if (isset($_SESSION["mio-username"]) && !empty($_SESSION["mio-username"]) && isset($_SESSION["mio-username_id"]) && !empty($_SESSION["mio-username_id"]) && isset($_SESSION["mio-pic"]) && !empty($_SESSION["mio-pic"])) {
$usr = $_POST["nickname"];
$pwd = $_POST["pwd"];
$pwd_check = $_POST["pwd_check"];
$email = $_POST["email"];
$status = $_POST["status_u"];
$rol = $_POST["rol"];
if (isset($usr) && !empty($usr) && isset($pwd) && !empty($pwd) && isset($pwd_check) && !empty($pwd_check) && isset($email) && !empty($email) && isset($status) && !empty($status)) {
if ($pwd != $pwd_check) {
echo get_message("pass_not_same");
} else {
// Everything it's ok
require_once __DIR__ . "/user_func.php";
if (get_user($usr, $email)) {
echo get_message("email_user_exists");
} else {
require_once __DIR__ . "/../../moneyio.php";
$crypt_pass = pass_generator($pwd);
if (create_user($usr, $crypt_pass, $email, $status, $rol)) {
echo get_message("user_created");
} else {
echo get_message("user_error");
}
}
}
}
} else {
echo get_message("no_session");
}
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
* MA 02110-1301, USA.
*
*
*/
$username = $_POST["username"];
$passwd = $_POST["pass"];
require_once __DIR__ . "/../../moneyio.php";
if (isset($username) && !empty($username) && isset($passwd) && !empty($passwd)) {
require_once __DIR__ . "/login_func.php";
$new_passwd = pass_generator($passwd);
$user_data = check_user_data($username, $new_passwd);
// 2015-11-26 problem. $username = "******" so, It does not do login
if (isset($user_data) && !empty($user_data)) {
if ($username === $user_data->nick && $new_passwd === $user_data->passwd) {
require_once __DIR__ . "/../../session.php";
open_session();
$_SESSION["mio-username"] = $user_data->nick;
$_SESSION["mio-username_id"] = $user_data->id;
$_SESSION["mio-pic"] = $user_data->avatar;
echo get_message("login_ok");
} else {
echo get_message("login_bad");
}
} else {
echo get_message("no_data");
{
//require_once(__DIR__.'/config.php'); // Language static was replaced by DB lang assigned.
require_once __DIR__ . "/mio-lib/lang.php";
$lang = get_lang();
require_once __DIR__ . "/mio-lang/" . $lang . "/main.php";
return constant($text);
}
function pass_generator($text)
{
$jump_st = hash("sha512", $text) . "345kñgDFgDfgWER";
$jump_nd = hash("sha512", $jump_st) . "sTrRfDFGppoi12093";
$jump_rd = hash("sha512", $jump_nd) . "ZpopSDFpo02409";
return $jump_rd;
}
function get_html_meta_tag()
{
require_once __DIR__ . "/mio-admin/update_func.php";
$storage = get_moneyio();
return $storage;
}
function get_encode_charset($encode)
{
$set_encode = strtolower(substr($encode, 6, 5));
return $set_encode;
}
#### DATE/TIME FORMAT ####
require_once __DIR__ . "/mio-lib/date.php";
$moneyio_data = get_html_meta_tag();
$moneyio_data_charset = get_encode_charset($moneyio_data->lang);
$pass = pass_generator("hola");
echo $pass;
<?php
$args = array('id_client' => FILTER_VALIDATE_INT, 'id_model' => FILTER_VALIDATE_INT, 'date' => array('filter' => FILTER_VALIDATE_REGEXP, 'options' => array('regexp' => "/^\\d{4}-\\d{2}-\\d{2}\$/")), 'fio_human' => FILTER_SANITIZE_STRING, 'tel_human' => array('filter' => FILTER_VALIDATE_REGEXP, 'options' => array('regexp' => "/^\\(\\d{3}\\).\\d{3}-\\d{4}\$/")), 'serial' => FILTER_SANITIZE_STRING, 'defect' => array('filter' => FILTER_SANITIZE_STRING, 'flags' => FILTER_FLAG_NO_ENCODE_QUOTES), 'complect' => array('filter' => FILTER_SANITIZE_STRING, 'flags' => FILTER_FLAG_NO_ENCODE_QUOTES), 'print' => FILTER_SANITIZE_STRING, 'prin' => FILTER_VALIDATE_INT);
$inputs = filter_input_array(INPUT_POST, $args);
// var_dump($inputs);
$query = "INSERT INTO `" . $S_CONFIG['prefix'] . "remont` \n\t\t\tVALUE (NULL, ?, ?, 'NNNNNNNNNN', ?, ?, ?, ?, ?, ?, ?, 0, ?, 1, 'N', NULL, 'N', '', 'N')";
$prep = mysqli_prepare($S_CONFIG['link'], $query);
$pass = pass_generator();
mysqli_stmt_bind_param($prep, 'ssississsi', $pass, $inputs['date'], $inputs['id_client'], $inputs['fio_human'], $inputs['tel_human'], $inputs['id_model'], $inputs['complect'], $inputs['defect'], $inputs['serial'], $inputs['prin']);
$redirect['timer'] = 0;
if (!mysqli_execute($prep)) {
$redirect['error_text'] = mysqli_error($S_CONFIG['link']);
$redirect['url'] = $_SERVER['HTTP_REFERER'];
} else {
$insert_id = mysqli_insert_id($S_CONFIG['link']);
$redirect['url'] = "?r=single/view&id=" . $insert_id;
if (isset($inputs['print'])) {
$redirect['text'] = '<script type="text/javascript">
window.open("/index.php?r=print/add&id=' . $insert_id . '", "_blank");
</script>';
}
}
render(array('redirect' => $redirect), "redirect");
function pass_generator()
{
$lowercase = "zyxwvutsrqponmlkjihgfedcba";
//символы в нижнем регистре 26
$uppercase = "ABCDEFGHIJKLMNOPQRSTUVWXYZ";
//символы в верхнем регистре 26
$speccase = "!-_+.,";
//специальные символы 6