function changePassword($loggedUser) { if (isset($_POST[oldPassWOrd])) { echo "<hr>"; print_r($_POST); print_r($loggedUser); echo "<hr>"; echo $loggedUser->getUname(); echo "<hr>"; if ($loggedUser->getPasswd() == md5($_POST[oldPassWOrd])) { if ($_POST["passwd"] == $_POST["passwdConf"]) { if (validate_pass1($_POST["passwd"])) { $hash_passwd = md5($_POST["passwd"]); } else { return FALSE; } } $sql = "UPDATE users SET Password='******' Where Username='******'"; printSqlQuary($sql); executeQuary($sql); } } }
print_r($_POST); echo "<HR>"; ?> <html> <style type="text/css"> @import url(zivStyle.css); </style> <script language="javascript" src="javascripts/javaScriptFunctions.js"></script> <head></head> <body> <form name="ExtendEvent" method="post" action="guideEvent.php"> <?php if (isset($_POST['event'])) { $ins = explode(",", $_POST['saveDate2']); $sql = "INSERT INTO EventTable(Username,Eday,Emonth,Eyear,Ehour,eventDis, eventActionsbefore ,eventActionsduring ,eventActionsdAfter ,summary ,prevent ,react ,comments) values('" . $loggedUser->getUname() . "'," . 12 . "," . 1 . "," . 2 . ",'" . $_post[Ehour] . "','" . $_post[eventDis] . "','" . $_POST[eventActionsbefore] . "','" . $_post[eventActionsduring] . "','" . $_post[eventActionsdAfter] . "','" . $_post[summary] . "','" . $_POST[prevent] . "','" . $_post[react] . "','" . $_post[comments] . "')"; printSqlQuary($sql); $result = executeQuary($sql); if (mysql_affected_rows() == 0) { echo "Error in Insert SQL Query: " . $sql; } } ?> <h1>דו"ח אירוע חריג משמעת ובטיחות </h1><br> <h2>שם המדריך: <?php echo $loggedUser->getUname(); ?> <br> שם בית הספר: <?php getUserGroup($loggedUser->getUname(), true); ?>