//if user has config set, then send them an email if ($db->get_var("select user_msg_send from site_users where user_id = {$user_id};") == 1) { mail($call_email, $subject, $message, $headers); } $mailsent = "&mailsent=yes"; //notify admin mail(TO_EMAIL, "New Ticket [# {$insert_id}]", $message, $headers); //</SEND EMAIL> header("Location: fhd_calls.php?added=yes{$mailsent}"); } } //</ADD> $nacl = md5(AUTH_KEY . $db->get_var("select last_login from site_users where user_id = {$user_id} limit 1;")); //GET USERS INFO $myquery = "SELECT user_name,user_phone,user_email from site_users WHERE (user_id = {$user_id}) limit 1;"; $user_info = $db->get_row($myquery); ?> <h4><i class='fa fa-tag'></i> Open Ticket</h4> <?php echo $actionstatus; ?> <form action="fhd_user_call_add.php" method="post" enctype="multipart/form-data" class="form-horizontal"> <table class="<?php echo $table_style_2; ?> " style='width:75%;'> <tr><td style="width: 150px;">Date and Time</td> <td><?php echo date('n/j/y g:i a');
$checkusing = "user_login"; } else { $checkusing = "user_email"; } $is_pending = $db->get_var("select user_pending from site_users where user_login = '******' OR user_email = '{$user_login}' limit 1;"); if ($is_pending == 1) { //if user is pending, then set invalid to 0 $is_valid = 0; } if ($is_valid != 1) { $_SESSION['hit'] += 1; echo "<div class='alert alert-warning' style='width: 375px;'><i class='glyphicon glyphicon-info-sign'></i> Login incorrect, or your registration is pending.</div>"; include "includes/footer.php"; exit; } $site_users = $db->get_row("select user_id,user_name,user_level from site_users WHERE {$checkusing} = '{$user_login}' limit 1;"); $user_id = $site_users->user_id; $user_name = $site_users->user_name; $user_level = $site_users->user_level; if ($user_level == 0) { $_SESSION['admin'] = 1; } else { $_SESSION['user'] = 1; } $_SESSION['user_id'] = $user_id; $_SESSION['user_name'] = $user_name; $_SESSION['user_level'] = $user_level; $_SESSION['hit'] = 0; include "includes/all-nav.php"; echo "<!-- <p>{$user_id}</p> -->"; echo "<h2>Welcome, {$user_name}</h2>";
<html lang="en"> <head> <meta charset="utf-8"> <title>Ticket Details</title> <?php include "fhd_config.php"; include "includes/header.php"; include "includes/all-nav.php"; include "includes/functions.php"; $call_id = checkid($_GET['call_id']); include "includes/ez_sql_core.php"; include "includes/ez_sql_mysqli.php"; //echo date('l jS \of F Y h:i:s A'); $db = new ezSQL_mysqli(db_user, db_password, db_name, db_host); $nacl = md5(AUTH_KEY . $db->get_var("select last_login from site_users where user_id = {$user_id};")); $site_calls = $db->get_row("SELECT call_id,call_first_name,call_last_name,call_phone,call_email,call_department,call_request,call_device,call_details ,call_date,call_date2,call_status,call_solution,call_user,call_staff FROM site_calls WHERE (call_id = {$call_id}) limit 1;"); ?> <h4><i class='fa fa-tag'></i> Ticket Details [ #<?php echo $call_id; ?> ]</h4> <?php if ($user_level != 1) { ?> <p><i class="glyphicon glyphicon-edit"></i> <a href="fhd_call_edit.php?call_id=<?php echo $call_id; ?> ">Edit Ticket</a></p> <?php }
$user_pending = 0; if (isset($_POST['user_pending'])) { $user_pending_value = $db->escape($_POST['user_pending']); if ($user_pending_value == 1) { $user_pending = 1; } } $db->query("UPDATE site_users SET {$user_password_set} user_email='{$user_email}',user_name='{$user_name}',user_phone='{$user_phone}',user_address='{$user_address}',user_city='{$user_city}',user_state='{$user_state}',user_zip='{$user_zip}',user_country='{$user_country}',user_level={$user_level},user_msg_send={$user_msg_send},user_protect_edit={$user_protect_edit},user_pending={$user_pending} where user_id = {$url_user_id};"); $actionstatus = "<div class=\"alert alert-success\" style=\"max-width: 250px;\">\n <button type=\"button\" class=\"close\" data-dismiss=\"alert\">×</button>\n User Update Successful.\n </div>"; //$db->debug(); } } //</UPDATE> if (isset($_REQUEST['url_user_id'])) { $url_user_id = valid_user($_REQUEST['url_user_id']); $site_users = $db->get_row("SELECT user_login,user_password,user_name,user_address,user_city,user_state,user_zip,user_country,user_phone,user_email,user_msg_send,user_protect_edit,user_pending,user_level FROM site_users WHERE (user_id = {$url_user_id}) limit 1;"); $user_msg_send = $site_users->user_msg_send; $user_protect_edit = $site_users->user_protect_edit; $user_pending = $site_users->user_pending; } $nacl = md5(AUTH_KEY . $db->get_var("select last_login from site_users where user_id = {$user_id};")); echo $actionstatus; ?> <p><a href="fhd_users.php">Users</a></p> <form action="fhd_edit_user.php" method="post" class="form-horizontal"> <table class="<?php echo $table_style_2; ?> " style='width: auto;'>
include "includes/header.php"; include "includes/ez_sql_core.php"; include "includes/ez_sql_mysqli.php"; include "includes/functions.php"; $thedomain = $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']; //initilize db $db = new ezSQL_mysqli(db_user, db_password, db_name, db_host); //if STEP 2 of the process if (isset($_GET['action'])) { $action = $db->escape($_GET['action']); $key = $db->escape($_GET['key']); //check if action is to reset password and that the key is not blank. if ($action == "rp") { if (!empty($key)) { $myquery = "SELECT user_id,user_email FROM site_users WHERE user_im_other = '{$key}' limit 1;"; $resets = $db->get_row($myquery); // if a record is returned then continue if ($db->num_rows == 1) { $user_email = $resets->user_email; $user_id = $resets->user_id; //generage a new password, set resetcode to blank so link cannot be used again. $user_password_plain = generatePassword(8, 9); $user_password = makepwd(trim($db->escape($user_password_plain))); //update the password in the database. $db->query("UPDATE site_users set user_password = '******',user_im_other = '' WHERE user_id = {$user_id} limit 1;"); //send out the message $from = FROM_EMAIL; $to = $user_email; $subject = 'Your new password'; // message $message = '