$options->set_user();
$actionMsg = $lang['MSG_PREF_CHANGED'];
break;
case "ro":
$options->reset_user();
$options->set_user();
$actionMsg = $lang['MSG_PREF_RESET'];
break;
// CHANGE PASSWORD (all users)
// CHANGE PASSWORD (all users)
case "changepass":
// Check to see if password and confirmation matches
if ($_POST['passwordNew'] == $_POST['passwordNewRetype']) {
// SQL query checks to make sure username and old password is corrrect.
$sql = "UPDATE " . TABLE_USERS . " SET password=MD5('" . $_POST['passwordNew'] . "') WHERE username='******'username'] . "' AND password=MD5('" . $_POST['passwordOld'] . "') LIMIT 1";
$updatePassword = mysql_query($sql, $db_link) or die(ReportSQLError($sql));
if (mysql_affected_rows() < 1) {
$actionMsg = $lang['ERR_USER_PASSWORD_WRONG'];
} else {
$actionMsg = $lang['ERR_USER_PASSWORD_CHANGED'];
}
} else {
$actionMsg = $lang['ERR_USER_PASSWORD_SHORT'];
}
break;
// CHANGE EMAIL (all users)
// CHANGE EMAIL (all users)
case "changeemail":
$username = $_SESSION['username'];
$new_email = $_POST['emailNew'];
if (validate_email($new_email)) {
* Displays other phone numbers. Can generate a useful list
* of cell phone numbers. A hastily-coded feature for personal
* use; may not be included in future versions, or will be
* integrated in a more streamlined manner.
*
*************************************************************/
// ** GET CONFIGURATION DATA **
require_once 'constants.inc';
require_once FILE_FUNCTIONS;
// ** OPEN CONNECTION TO THE DATABASE **
$db_link = openDatabase($db_hostname, $db_username, $db_password, $db_name);
// ** CHECK FOR LOGIN **
checkForLogin("admin", "user");
// ** RETRIEVE INFORMATION **
$sql = "SELECT DISTINCT contact.id, otherphone.id, CONCAT(lastname,', ',firstname) AS fullname\n FROM " . TABLE_CONTACT . " as contact, " . TABLE_OTHERPHONE . " as otherphone\n WHERE contact.id=otherphone.id\n ORDER BY fullname";
$r_contact = mysql_query($sql, $db_link) or exit(ReportSQLError());
?>
<HTML>
<HEAD>
<TITLE>Address Book - Other Phone Numbers</TITLE>
<LINK REL="stylesheet" HREF="styles.css" TYPE="text/css">
</HEAD>
<BODY>
<P>
<CENTER>
<TABLE BORDER=0 CELLPADDING=0 CELLSPACING=0 WIDTH=570>
<TR><TD CLASS="headTitle"><B>Secondary Phone Information</B></TD></TR>
function doQuery($sql, $db_link)
{
mysql_query($sql, $db_link) or die(ReportSQLError($sql));
}
switch ($_GET['mode']) {
// **LOGOUT **
case "logout":
session_destroy();
require_once 'languages/' . $options->language . '.php';
// PRINT MESSAGE
$errorMsg = $lang[MSG_LOGGED_OUT];
header("location: index.php");
//required to force site language to override user language at sign in screen
break;
// ** AUTHENTICATE A USER
// ** AUTHENTICATE A USER
case "auth":
// LOOK FOR USERNAME AND PASSWORD IN THE DATABASE.
$usersql = "SELECT username, usertype, nature, batch, department, designation, password, is_confirmed FROM " . TABLE_USERS . " AS users WHERE username='******'username'] . "' AND password=MD5('" . $_POST['password'] . "') LIMIT 1";
$r_getUser = mysql_query($usersql, $db_link) or die(ReportSQLError($usersql));
$numrows = mysql_num_rows($r_getUser);
$t_getUser = mysql_fetch_array($r_getUser);
// THE USERNAME IS FOUND AND ACCOUNT IS CONFIRMED
if ($numrows != 0 && $t_getUser['is_confirmed'] == 1) {
// REGISTER SESSION VARIABLES
$_SESSION['username'] = $t_getUser['username'];
$_SESSION['usertype'] = $t_getUser['usertype'];
$_SESSION['nature'] = $t_getUser['nature'];
$_SESSION['batch'] = $t_getUser['batch'];
$_SESSION['department'] = $t_getUser['department'];
$_SESSION['designation'] = $t_getUser['designation'];
if (!isset($_SESSION['abspath'])) {
$_SESSION['abspath'] = dirname($_SERVER['SCRIPT_FILENAME']);
}
// REDIRECT TO LIST
