function __construct() { $variables = new Variables(); $connect = new Connect($variables->dbHost, $variables->dbUser, $variables->dbPassword, $variables->dbName); $result; //receinving and striping the variables $this->userMatricula = $connect->antiInjection(isset($_POST["tfMatricula"]) ? $_POST["tfMatricula"] : NULL); $this->password = $connect->antiInjection(isset($_POST["tfPassword"]) ? $_POST["tfPassword"] : NULL); $this->select = $connect->antiInjection(isset($_POST["slSelect"]) ? $_POST["slSelect"] : NULL); if (!$connect->start()) { echo "Impossible to start connection in Sigin."; } //encoding to md5 hash $this->password = base64_encode($this->password); if (!($result = $connect->execute("SELECT * FROM Cadastros c INNER JOIN Folhas f ON c.codigo_fol = f.codigo_fol WHERE c.matricula = '{$this->userMatricula}' AND c.senha = '{$this->password}' AND f.codigo_fol = '{$this->select}'"))) { echo "Impossible to execute MySQL query."; } if ($connect->counterResult($result) > 0) { $result = $connect->execute("SELECT * FROM Pessoal WHERE matricula = '{$this->userMatricula}'"); $row = mysql_fetch_assoc($result); $_SESSION["user"] = $this->userMatricula; $_SESSION["userPass"] = $this->password; $_SESSION["nome"] = $row["nome"]; $connect->close(); header("Location: ../index.php?ok=true"); die; } $connect->close(); header("Location: ../index.php?ok=false"); die; }
function __construct() { foreach ($_POST as $fieldName => $value) { $comand = "\$" . $fieldName . "='" . $value . "';"; eval($comand); } $DB; //seting up the matrix of datas for ($x = 0; $x < $numRows; $x++) { for ($y = 0; $y < $numFields; $y++) { $str = "tf{$x}{$y}"; eval("\$aux = \"\${$str}\";"); $DB[$x][$y] = $aux; } } //by security, it conts the amount of rows to update $loopForUpdate = 0; for ($x = 0; $x < $numRows; $x++) { if ($DB[$x][0] == NULL) { continue; } $loopForUpdate++; } //starting the data base $variables = new Variables(); $MySQLconnect = new Connect($variables->dbHost, $variables->dbUser, $variables->dbPassword, $variables->dbName); //it conts the amount of rows it was updated $uptCont = 0; if (!$MySQLconnect->start()) { echo "Impossible to star connection in Handler."; } for ($x = 0; $x < $numRows; $x++) { if ($DB[$x][0] == NULL) { continue; } switch ($tableId) { case "dcr": $aux = "UPDATE Cargos SET descricao_cargo = '" . $DB[$x][1] . "', tipo='" . $DB[$x][2] . "', vencimento=" . $DB[$x][3] . " WHERE cargo='" . $DB[$x][0] . "'"; break; case "dlt": $aux = "UPDATE Lotacoes SET descricao_lotacao = '" . $this->DB[$x][1] . "', secretaria = '" . $this->DB[$x][2] . "' WHERE lotacao='" . $this->DB[$x][0] . "'"; break; case "especial": $aux = "UPDATE Especialidades SET descricao_especialidade = '" . $this->DB[$x][1] . "', cargo = '" . $this->DB[$x][2] . "' WHERE codigo_esp='" . $this->DB[$x][0] . "'"; break; case "eventos": $aux = "UPDATE Eventos SET descricao_evento='" . $this->DB[$x][1] . "', IRRF='" . $this->DB[$x][2] . "', IPMT='" . $this->DB[$x][3] . "', FAL='" . $this->DB[$x][4] . "', FIXO='" . $this->DB[$x][5] . "', TEMP='" . $this->DB[$x][6] . "', valor_eve=" . $this->DB[$x][7] . ", GRAT='" . $this->DB[$x][8] . "', FGTS='" . $this->DB[$x][9] . "', desconto=" . $this->DB[$x][10] . ", nivel_eve='" . $this->DB[$x][11] . "', INSS='" . $this->DB[$x][12] . "' WHERE codigo_eve='" . $this->DB[$x][0] . "'"; break; } if ($MySQLconnect->execute($aux)) { $uptCont++; } } $MySQLconnect->close(); if ($uptCont == $loopForUpdate) { header("Location: ../importDocuments.php?upl=true&tab={$tableId}"); } else { header("Location: ../importDocuments.php?upl=false&tab={$tableId}"); } }
function __construct() { $variables = new Variables(); $connect = new Connect($variables->dbHost, $variables->dbUser, $variables->dbPassword, $variables->dbName); //receinving and striping the variables $this->name = $connect->antiInjection(isset($_POST["tfNome"]) ? $_POST["tfNome"] : NULL); $this->description = $connect->antiInjection(isset($_POST["tdDescricao"]) ? $_POST["tdDescricao"] : NULL); if (strlen($this->name) == 0) { header("Location: ../importDocuments.php?upl=false&tab=folha"); die; } if (!$connect->start()) { echo "Impossible to star connection in Sigin."; } if (!$connect->execute("INSERT INTO Folhas (nome, descricao) VALUES ('{$this->name}', '{$this->description}')")) { echo "Impossible to execute MySQL query."; } if ($connect->counterAffected() > 0) { header("Location: ../importDocuments.php?upl=true&tab=folha"); } else { header("Location: ../importDocuments.php?upl=false&tab=folha"); } $connect->close(); die; }
function __construct() { $variables = new Variables(); $connect = new Connect($variables->dbHost, $variables->dbUser, $variables->dbPassword, $variables->dbName); //receinving and striping the variables $this->nivel = $connect->antiInjection(isset($_POST["slNivel"]) ? $_POST["slNivel"] : NULL); $this->userName = $connect->antiInjection(isset($_POST["tfUserName"]) ? $_POST["tfUserName"] : NULL); $this->password = $connect->antiInjection(isset($_POST["tfPassword"]) ? $_POST["tfPassword"] : NULL); $this->password2 = $connect->antiInjection(isset($_POST["tfPassword2"]) ? $_POST["tfPassword2"] : NULL); if ($this->password != $this->password2) { header("Location: ../importDocuments.php?sigin=false"); die; } if (!$connect->start()) { echo "Impossible to star connection in Sigin."; } //encoding to md5 hash $this->password = md5($this->password); if (!$connect->execute("INSERT INTO Administradores (id_nivel, usuario, senha) VALUES ({$this->nivel}, '{$this->userName}', '{$this->password}')")) { echo "Impossible to execute MySQL query."; } if ($connect->counterAffected() > 0) { header("Location: ../importDocuments.php?sigin=true"); } else { header("Location: ../importDocuments.php?sigin=false"); } $connect->close(); die; }
function __construct() { ini_set('memory_limit', '32M'); $variables = new Variables(); $connect = new Connect($variables->dbHost, $variables->dbUser, $variables->dbPassword, $variables->dbName); $result; $this->date1 = $connect->antiInjection(isset($_POST["tfDate1"]) ? $_POST["tfDate1"] : NULL); $this->date2 = $connect->antiInjection(isset($_POST["tfDate2"]) ? $_POST["tfDate2"] : NULL); $this->month1 = $connect->antiInjection(isset($_POST["slDate1"]) ? $_POST["slDate1"] : NULL); $this->month2 = $connect->antiInjection(isset($_POST["slDate2"]) ? $_POST["slDate2"] : NULL); $this->date1 = "01-" . $this->month1 . "-" . $this->date1; $this->date2 = "31-" . $this->month2 . "-" . $this->date2; $temp1 = explode("-", $this->date1); $temp2 = explode("-", $this->date2); $diff = $this->dateCounterDiff($this->date1, $this->date2); if (!checkdate($temp1[1], $temp1[0], $temp1[2]) or !checkdate($temp2[1], $temp2[0], $temp2[2]) or $diff > 1200 or $diff < 0) { header("Location: ../index.php?date=false"); die; } if (!$connect->start()) { echo "Impossible to star connection in Sigin."; } $this->printCC($connect); //$connect->close(); }
function __construct() { $variables = new Variables(); $connect = new Connect($variables->dbHost, $variables->dbUser, $variables->dbPassword, $variables->dbName); $result; $xkey = "fmsfmsfms"; if (!$connect->start()) { echo "Impossible to star connection in Sigin."; } if (!($result = $connect->execute("SELECT matricula, senha, codigo_fol FROM Cadastros ORDER BY matricula"))) { echo "Impossible to execute MySQL query."; } while ($row = mysql_fetch_array($result)) { echo "Matricula: " . zkl($xkey, $row["matricula"]) . ", senha: " . base64_decode($row["senha"]) . ", folha: " . $row["codigo_fol"] . "<br/>"; } //$connect->close(); }
function __construct() { $variables = new Variables(); $connect = new Connect($variables->dbHost, $variables->dbUser, $variables->dbPassword, $variables->dbName); $result; //receinving and striping the variables $this->userName = $connect->antiInjection(isset($_POST["tfUserName"]) ? $_POST["tfUserName"] : NULL); $this->password = $connect->antiInjection(isset($_POST["tfPassword"]) ? $_POST["tfPassword"] : NULL); if (!$connect->start()) { echo "Impossible to star connection in Sigin."; } //encoding to md5 hash $this->password = md5($this->password); if (!($result = $connect->execute("SELECT * FROM Administradores WHERE usuario = '{$this->userName}' and senha = '{$this->password}'"))) { echo "Impossible to execute MySQL query."; } if ($connect->counterResult($result) > 0) { $_SESSION["usuario"] = $this->userName; $_SESSION["senha"] = $this->password; $row = mysql_fetch_assoc($result); $_SESSION["nivel"] = $row["id_nivel"]; //$connect->close(); switch ($_SESSION["nivel"]) { case 1: header("Location: ../importDocuments.php"); break; case 2: header("Location: ../makeRegister.php"); break; } die; } //$connect->close(); header("Location: ../admin.php?login=false"); die; }
<?php session_start(); require_once "utils/Connect.class.php"; include_once "beans/Variables.class.php"; $variables = new Variables(); $connect = new Connect($variables->dbHost, $variables->dbUser, $variables->dbPassword, $variables->dbName); if (!$connect->start()) { die("ERRO na conexão com o banco!"); } $login = "******"; $search = "hidden"; $messageVs = "hidden"; if (isset($_SESSION["user"])) { $login = "******"; $search = "visible"; if (isset($_GET["found"])) { $message = "Nenhum contracheque a seu respeito foi encontrado."; $messageVs = "visible"; } if ($_GET["pass"] == "true") { $message = "Senha alterada com sucesso!"; $messageVs = "visible"; } else { if ($_GET["pass"] == "false") { $message = "A senha não foi alterada!"; $messageVs = "visible"; } } } else { if (isset($_GET["ok"])) {
<?php $uf = isset($_GET["uf"]) ? $_GET["uf"] : "%"; $cidade = urldecode(isset($_GET["cidade"]) ? $_GET["cidade"] : "%"); $bairro = urldecode(isset($_GET["bairro"]) ? $_GET["bairro"] : "%"); $cep = isset($_GET["cep"]) ? $_GET["cep"] : "%"; $text = urldecode(isset($_GET["text"]) ? $_GET["text"] : "%"); if ($text != NULL && strlen($uf) > 1 && strlen($cidade) > 1 && strlen($bairro) > 1) { require_once "Connect.class.php"; include_once "../beans/Variables.class.php"; $variables = new Variables(); $connect = new Connect($variables->dbHost, $variables->dbUser, $variables->dbPassword, $variables->dbName); $connect->start(); $db = "br_estado_" . strtolower($uf); $text .= ".{0,}"; $sql = "SELECT distinct tp_logradouro FROM {$db} WHERE tp_logradouro REGEXP '{$text}' AND cidade = '{$cidade}' AND bairro = '{$bairro}'"; $result = $connect->execute($sql); echo "<div id='---'>Selecione um logradouro!</div>"; while ($row = mysql_fetch_assoc($result)) { echo "<div id='" . $row["tp_logradouro"] . "' onclick='javascript: setLogradouto(\"" . urlencode($row["tp_logradouro"]) . "\", \"tfTipoLog\");' style='cursor:pointer'>" . utf8_encode($row["tp_logradouro"]) . "</div>"; } } else { echo "Digite seu logradouro"; }
function fixProblems($numFields, $numRows) { $variables = new Variables(); $nR = 0; $MySQLconnect = new Connect($variables->dbHost, $variables->dbUser, $variables->dbPassword, $variables->dbName); /*if($this->tableId == "cadstro"){ for($x=0; $x<$numRows; $x++){ $aux = array("UPDATE Cadastros SET cargo='".$this->DB[$x][8]."', lotacao='".$this->DB[$x][1]."', data_admissao='".$this->dateFormater($this->DB[$x][4])."', vinculo='".$this->DB[$x][5]."', previdencia'".$this->DB[$x][7]."', nivel='".$this->DB[$x][9]."', dep_imp_re='".$this->DB[$x][11]."', hora_sem='".$this->DB[$x][13]."', instrucao='".$this->DB[$x][14]."', data_afastamento='".$this->dateFormater($this->DB[$x][18])."', sindical='".$this->DB[$x][19]."', dp_sal_fam='".$this->DB[$x][20]."', hora_ponto='".$this->DB[$x][21]."', vale_transporte='".$this->DB[$x][22]."', data_promocao='".$this->dateFormater($this->DB[$x][24])."', tipo='".$this->DB[$x][27]."', situacao='".$this->DB[$x][28]."', descontar='".$this->DB[$x][29]."', receber='".$this->DB[$x][30]."', funcao='".$this->DB[$x][31]."', maior_360='".$this->DB[$x][33]."', prof_40h='".$this->DB[$x][34]."', vlt_ver='".$this->DB[$x][35]."', val_niv=".$this->valueFormater($this->DB[$x][36]).", data_FGTS='".$this->dateFormater($this->DB[$x][37])."', permanente='".$this->DB[$x][38]."', remuneracao_bruto=".$this->valueFormater($this->DB[$x][39]).", vencimento=".$this->valueFormater($this->DB[$x][40]).", flag='".$this->DB[$x][41]."', entrada='".$this->DB[$x][42]."', liquido=".$this->valueFormater($this->DB[$x][45]).", sobregrat='".$this->DB[$x][46]."', assistencia='".$this->DB[$x][47]."', medico='".$this->DB[$x][48]."', codigo_fol=".$code." WHERE matricula='".addslashes(zkl($this->xkey, $this->DB[$x][0])."'", "UPDATE Pessoal SET nome='".addslashes(zkl($this->xkey, $this->DB[$x][3])."', sexo='".$this->DB[$x][12]."', CPF='".addslashes(zkl($this->xkey, $this->DB[$x][15])."', PIS_PASEP='".addslashes(zkl($this->xkey, $this->DB[$x][16])."', data_nascimento='".$this->dateFormater($this->DB[$x][17])."', ultimo_nome='".addslashes(zkl($this->xkey, $this->DB[$x][32])."', codigo_fol=".$code." WHERE matricula='".addslashes(zkl($this->xkey, $this->DB[$x][0])."'", "UPDATE RG SET identidade='".addslashes(zkl($this->xkey, $this->DB[$x][25])."', orgao_expedidor='".addslashes(zkl($this->xkey, $this->DB[$x][26])."', codigo_fol=".$code." WHERE matricula='".addslashes(zkl($this->xkey, $this->DB[$x][0])."'", "UPDATE Inf_Bancaria SET conta='".addslashes(zkl($this->xkey, $this->DB[$x][6])."', banco='".$this->DB[$x][43]."', numero='".addslashes(zkl($this->xkey, $this->DB[$x][44])."', codigo_fol=".$code." WHERE matricula='".addslashes(zkl($this->xkey, $this->DB[$x][0])."'"); foreach($aux as $temp){ $MySQLconnect->execute($temp); } } }*/ if (!$MySQLconnect->start()) { echo "Impossible to star connection in Handler."; } echo '<script language="javascript" type="text/javascript"> function setField(param, cont){ for(x=0; x<cont; x++){ eval("if(document.form."+param+x+".disabled == true){document.form."+param+x+".disabled = false;}else{ document.form."+param+x+".disabled = true;}"); } return true; } </script> <form id="form" name="form" method="post" action="Updater.class.php">'; for ($x = 0; $x < $numRows; $x++) { if ($this->DB[$x][$numFields] == "true") { echo '<table width="100%" border="1"><tr><td width="62">Modificar:</td><td width="586"><table width="100%" border="1"><tr><td width="43">Antigo:</td>'; switch ($this->tableId) { case "dcr": $aux = "SELECT * FROM Cargos WHERE cargo='" . $this->DB[$x][0] . "'"; $columnNames = array("Cargo", "Descicao", "Tipo", "Vencimento"); break; case "dlt": $aux = "SELECT * FROM Lotacoes WHERE lotacao='" . $this->DB[$x][0] . "'"; $columnNames = array("Lotação", "Descicao", "Secretaria"); break; case "especial": $aux = "SELECT * FROM Especialidades WHERE codigo_esp ='" . $this->DB[$x][0] . "'"; $columnNames = array("Código", "Descicao", "Cargo"); break; case "eventos": $aux = "SELECT * FROM Eventos WHERE codigo_eve ='" . $this->DB[$x][0] . "'"; $columnNames = array("Código", "Descrição", "IRRF", "IPMT", "FAL", "FIXO", "TEMP", "Valor", "Gratifição", "FGTS", "Desconto", "Nível", "INSS"); break; /*case "cadastro" : $aux = "SELECT * FROM Pessoal p INNER JOIN Cadastros c ON p.matricula = c.matricula INNER JOIN inf_bancaria ib ON c.matricula = ib.matricula INNER JOIN rg ON c.matricula = rg.matricula WHERE c.matricula='".addslashes(zkl($this->xkey, $this->DB[$x][0])."'"; $columnNames = array("matricula", "nome", "sexo", "CPF", "PIS_PASEP", "data_nascimento","ultimo_nome","Codigo", "Matricula", "Cargo", "Lotacao", "Data admissão", "Vínculo", "Previdência", "Nível", "dep_imp_re", "hora_sem", "instrução", "data_afastamento", "sindical", "dp_sal_fam", "hora_ponto", "vale_transporte", "data_promocao", "tipo", "situação", "descontar", "receber", "funcao", "maior_360", "prof_40h", "vlt_ver", "val_niv", "data_FGTS", "permanente", "remuneracao_bruto", "vencimento", "flag", "entrada", "liquido", "sobregrat", "assistencia","medico", "senha", "Código", "Matricula", "conta", "banco", "numero", "código", "matricula", "identidade", "orgão_expedidor", "código");*/ /*matricula, cargo, lotacao, data_admissao, vinculo, previdencia, nivel, dep_imp_re, hora_sem, instrucao, data_afastamento, sindical, dp_sal_fam, hora_ponto, vale_transporte, data_promocao, tipo, situacao, descontar, receber, funcao, maior_360, prof_40h, vlt_ver, val_niv, data_FGTS, permanente, remuneracao_bruto, vencimento, flag, entrada, liquido, sobregrat, assistencia, medico, senha, codigo, matricula, nome, sexo, CPF, PIS_PASEP, data_nascimento, ultimo_nome, codigo, matricula, identidade, orgao_expedidor, codigo, matricula, conta, banco, numero, codigo*/ /*$ar = array(0, 3, 12, 15, 16, 17, 32, "x", 0, 8, 1, 4, 5, 7, 9, 11, 13, 14, 18, 19, 20, 21, 22, 24, 27, 28, 29, 30, 31, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 45, 46, 47, 48, "x", "x", 0, 6, 43, 44, "x", 0, 25, 26, "x"); break;*/ /*case "cadastro" : $aux = "SELECT * FROM Pessoal p INNER JOIN Cadastros c ON p.matricula = c.matricula INNER JOIN inf_bancaria ib ON c.matricula = ib.matricula INNER JOIN rg ON c.matricula = rg.matricula WHERE c.matricula='".addslashes(zkl($this->xkey, $this->DB[$x][0])."'"; $columnNames = array("matricula", "nome", "sexo", "CPF", "PIS_PASEP", "data_nascimento","ultimo_nome","Codigo", "Matricula", "Cargo", "Lotacao", "Data admissão", "Vínculo", "Previdência", "Nível", "dep_imp_re", "hora_sem", "instrução", "data_afastamento", "sindical", "dp_sal_fam", "hora_ponto", "vale_transporte", "data_promocao", "tipo", "situação", "descontar", "receber", "funcao", "maior_360", "prof_40h", "vlt_ver", "val_niv", "data_FGTS", "permanente", "remuneracao_bruto", "vencimento", "flag", "entrada", "liquido", "sobregrat", "assistencia","medico", "senha", "Código", "Matricula", "conta", "banco", "numero", "código", "matricula", "identidade", "orgão_expedidor", "código");*/ /*matricula, cargo, lotacao, data_admissao, vinculo, previdencia, nivel, dep_imp_re, hora_sem, instrucao, data_afastamento, sindical, dp_sal_fam, hora_ponto, vale_transporte, data_promocao, tipo, situacao, descontar, receber, funcao, maior_360, prof_40h, vlt_ver, val_niv, data_FGTS, permanente, remuneracao_bruto, vencimento, flag, entrada, liquido, sobregrat, assistencia, medico, senha, codigo, matricula, nome, sexo, CPF, PIS_PASEP, data_nascimento, ultimo_nome, codigo, matricula, identidade, orgao_expedidor, codigo, matricula, conta, banco, numero, codigo*/ /*$ar = array(0, 3, 12, 15, 16, 17, 32, "x", 0, 8, 1, 4, 5, 7, 9, 11, 13, 14, 18, 19, 20, 21, 22, 24, 27, 28, 29, 30, 31, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 45, 46, 47, 48, "x", "x", 0, 6, 43, 44, "x", 0, 25, 26, "x"); break;*/ default: $aux = "autoUp"; } $row = mysql_fetch_array($MySQLconnect->execute($aux)); for ($y = 0; $y < $numFields; $y++) { echo '<td>' . $columnNames[$y] . ': ' . $row[$y] . '</td>'; } echo '</tr><tr><td>Novo:</td>'; for ($y = 0; $y < $numFields; $y++) { echo '<td>' . $columnNames[$y] . ': <input name="tf' . $x . $y . '" disabled="disabled" type="text" id="tf' . $x . $y . '" value="' . $this->DB[$x][$y] . '"/></td>'; } echo '</tr></table></td><td width="96">Marcar: <input type="checkbox" name="checkbox' . $x . '" value="checkbox' . $x . '" onchange="javascript: return setField(' . "'" . 'tf' . $x . "'" . ', ' . $numFields . ');"/></td></tr></table>'; } } echo '<input name="tableId" type="text" id="tableId" style="visibility:hidden" value="' . $this->tableId . '"/><input name="numFields" type="text" id="numFields" style="visibility:hidden" value="' . $numFields . '"/><input name="numRows" type="text" id="numRows" style="visibility:hidden" value="' . $nR . '"/><input name="update" type="submit" id="update" value="Atualizar" /></form>'; //$MySQLconnect->close(); }