<?php
include '../../config.php';
$idR = $_POST['fb'];
//id
$a = $_POST['a'];
//pass actual
$b = $_POST['b'];
//pass nuevo
function cifrarpass($pass)
{
$salt = "pneyan\$/";
$cifrar = sha1(md5($salt . $pass));
return $cifrar;
}
if ($idR == "" || $a == "" || $b == "") {
echo "1";
} else {
$passAC = cifrarpass($a);
$passNV = cifrarpass($b);
$existe = "SELECT * from administrador where id_adm={$idR} and pass_adm='{$passAC}'";
$sql_existe = mysql_query($existe, $conexion) or die(mysql_error());
$numero = mysql_num_rows($sql_existe);
if ($numero > 0) {
$modificar = "UPDATE administrador set pass_adm='{$passNV}' where id_adm={$idR}";
mysql_query($modificar, $conexion) or die(mysql_error());
echo "3";
} else {
echo "2";
}
}
for ($x = 0; $x <= $long; $x++) {
$rand = rand(1, strlen($chars));
$code .= substr($chars, $rand, 1);
}
return $code;
}
function cifrarpass($pass)
{
$salt = "pneyan\$/";
$cifrar = sha1(md5($salt . $pass));
return $cifrar;
}
if ($a == "" || $b == "" || $c == "" || $d == "") {
echo "1";
} else {
$pscif = cifrarpass($d);
$existe = "SELECT * from usuarios where cor_us='{$c}'";
$sql_existe = mysql_query($existe, $conexion) or die(mysql_error());
$numero = mysql_num_rows($sql_existe);
if ($numero > 0) {
echo "2";
} else {
$caracteres = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ012456789";
$longitud = 20;
$longib = 8;
$codigoal = rand_code($caracteres, $longitud);
$ingresar = "INSERT into usuarios(nom_ap_us,cor_us,pass_us,tp_us,estd_us,cod_reg_us,fecr_us) \n\t\t\t\tvalues('{$nombreComp}','{$c}','{$pscif}','1','2','{$codigoal}','{$hoy}')";
mysql_query($ingresar, $conexion) or die(mysql_error());
$tomar_id = "SELECT id_us from usuarios where cor_us='{$c}'";
$sql_tomar = mysql_query($tomar_id, $conexion) or die(mysql_error());
while ($fg = mysql_fetch_array($sql_tomar)) {
include 'config.php';
$a = $_POST['a'];
//users
$b = $_POST['b'];
//ps
function cifrarpass($pass)
{
$salt = "pneyan\$/";
$cifrar = sha1(md5($salt . $pass));
return $cifrar;
}
if ($a == "" || $b == "") {
echo "1";
} else {
$passcifr = cifrarpass($b);
$existe = "SELECT * from usuarios where cor_us='{$a}' and pass_us='{$passcifr}'";
$sql_existe = mysql_query($existe, $conexion) or die(mysql_error());
$Numexs = mysql_num_rows($sql_existe);
if ($Numexs > 0) {
$activado = "SELECT * from usuarios where cor_us='{$a}' and estd_us='1'";
$sqlacti = mysql_query($activado, $conexion) or die(mysql_error());
$numact = mysql_num_rows($sqlacti);
if ($numact > 0) {
while ($us = mysql_fetch_array($sql_existe)) {
$idus = $us['id_us'];
}
session_start();
$_SESSION['us'] = $idus;
echo "4";
} else {
<?php
include '../config.php';
$idR = $_POST['fdd'];
$pasactual = $_POST['a'];
$passnew = $_POST['b'];
function cifrarpass($pass)
{
$salt = "pneyan\$/";
$cifrar = sha1(md5($salt . $pass));
return $cifrar;
}
if ($idR == "" || $pasactual == "" || $passnew == "") {
echo "1";
} else {
$a = cifrarpass($pasactual);
$b = cifrarpass($passnew);
$existe = "SELECT * from usuarios where id_us={$idR} and pass_us='{$a}'";
$sql_existe = mysql_query($existe, $conexion) or die(mysql_error());
$numexiste = mysql_num_rows($sql_existe);
if ($numexiste > 0) {
$modificar = "UPDATE usuarios set pass_us='{$b}' where id_us={$idR}";
mysql_query($modificar, $conexion) or die(mysql_error());
echo "3";
} else {
echo "2";
}
}
<?php
include '../config.php';
$a = $_POST['a'];
//usuario
$b = $_POST['b'];
//contraseña
function cifrarpass($pass)
{
$salt = "pneyan\$/";
$cifrar = sha1(md5($salt . $pass));
return $cifrar;
}
if ($a == "" || $b == "") {
echo "1";
} else {
$codpass = cifrarpass($b);
$existe = "SELECT * from administrador where user_adm='{$a}' and pass_adm='{$codpass}'";
$sql_existe = mysql_query($existe, $conexion) or die(mysql_error());
$numero = mysql_num_rows($sql_existe);
if ($numero > 0) {
while ($ad = mysql_fetch_array($sql_existe)) {
$idad = $ad['id_adm'];
}
session_start();
$_SESSION['adm'] = $idad;
echo "3";
} else {
echo "2";
}
}
<?php
include '../config.php';
$a = $_POST['a'];
//usuario
$b = $_POST['b'];
//contraseña
function cifrarpass($pass)
{
$salt = "pneyan\$/";
$cifrar = sha1(md5($salt . $pass));
return $cifrar;
}
if ($a == "" || $b == "") {
echo "1";
} else {
$passc = cifrarpass($b);
$existe = "SELECT * from administrador where user_adm='{$a}' and pass_adm='{$passc}'";
$sqlex = mysql_query($existe, $conexion) or die(mysql_error());
$numex = mysql_num_rows($sqlex);
if ($numex > 0) {
while ($ad = mysql_fetch_array($sqlex)) {
$idad = $ad['id_adm'];
}
session_start();
$_SESSION['adm'] = $idad;
echo "3";
} else {
echo "2";
}
}
