<?php
require_once "../include/Validation.php";
session_start();
$dbobj = new dbconnection();
$password = $_POST['password'];
$confirmPassword = $_POST['confirmPassword'];
if ($password == $confirmPassword) {
$dbobj->Update("update user set password = '******' where uname='" . $_SESSION['username'] . "'");
header('location: ../layout/index.php');
} else {
echo "password and confirm don't match";
}
<?php
require "../include/dbconnection.php";
error_reporting(E_ALL);
$dbobj = new dbconnection();
$oid = isset($_GET['oid']) ? $_GET['oid'] : 0;
//if($oid != -1)
$upd_stm = "update orders set alive=0 where oid='{$oid}';";
$dbobj->Update($upd_stm);
$response = "done";
echo json_encode($response);
<?php
error_reporting(E_ALL);
ini_set('display_errors', 1);
require_once "../include/Validation.php";
// deconnection already included in Validation
$dbobj = new dbconnection();
$vobj = new Validation();
$_product = "../../layout/products.php";
session_start();
if (!isset($_SESSION['uid'])) {
echo "You are not authoriezed to enter this page. You have to login first";
exit;
}
$uid = $_SESSION['uid'];
if (!$vobj->ifSuperUserId($uid)) {
echo "You are not authoriezed to enter this page. Only for admins.";
exit;
}
$pid = $_GET['pid'];
$dbobj->Update("update product set `active`=false where `pid`='{$pid}'");
header("location:" . $_product . "?uid=" . $uid);
<?php
error_reporting(E_ALL);
ini_set('display_errors', 1);
require_once "../include/Validation.php";
// deconnection already included in Validation
$dbobj = new dbconnection();
$vobj = new Validation();
$_user = "******";
session_start();
if (!isset($_SESSION['uid'])) {
echo "You are not authoriezed to enter this page. You have to login first";
exit;
}
$uid = $_SESSION['uid'];
if (!$vobj->ifSuperUserId($uid)) {
echo "You are not authoriezed to enter this page. Only for admins.";
exit;
}
$duid = $_GET['uid'];
if ($uid == $duid) {
echo "You are not allowed to delete yourself";
exit;
}
echo "before";
// $dbobj->Delete("delete from `user` where `uid`='$duid'");
$dbobj->Update("update user set `active`=false where `uid`='{$duid}'");
echo "after";
header("location:" . $_user . "?uid=" . $uid);
<?php
error_reporting(E_ALL);
ini_set('display_errors', 1);
$_orders = "../layout/orders.php";
require_once "../include/Validation.php";
// deconnection already included in Validation
$dbobj = new dbconnection();
$vobj = new Validation();
session_start();
if (!isset($_SESSION['uid'])) {
echo "You are not authoriezed to enter this page. You have to login first";
exit;
}
$uid = $_SESSION['uid'];
if (!$vobj->ifSuperUserId($uid)) {
echo "You are not authoriezed to enter this page. Only for admins.";
exit;
}
$oid = $_GET['oid'];
$flag = 0;
$dbobj->Update("update `orders` set `processing`=0 where `oid`='{$oid}'");
header("location:" . $_orders . "?uid=" . $uid);
}
$_user = "******";
$edtuid = $_POST['edtuid'];
$rid = $_POST['rid'];
$uname = $_POST['username'];
$email = $_POST['email'];
$rname = $_POST['rnum'];
$ext = $_POST['ext'];
$fname = $_POST['fname'];
$lname = $_POST['lname'];
if ($vobj->ifUserExists($uname)) {
echo "Ussser already exists";
exit;
}
if ($vobj->ifEmailExists($email)) {
echo "email already exists";
exit;
}
// if($pwd != $cpwd){
// echo "Passwords did not match";
// exit;
// }
if (!$vobj->ifRoomExists($rname)) {
echo "Room number : " . $uname . " does not exists in the system";
exit;
}
$rid = $dbobj->getRoomId($rname);
echo "before";
$dbobj->Update("update user set `uname`='{$uname}',`email`='{$email}',`rid`='{$rid}',`ext`='{$ext}' where `uid`='{$edtuid}'");
echo "after";
header("location:" . $_user);
<?php
error_reporting(E_ALL);
ini_set('display_errors', 1);
require_once "../include/Validation.php";
// deconnection already included in Validation
$dbobj = new dbconnection();
$vobj = new Validation();
$_product = "../../layout/products.php";
session_start();
if (!isset($_SESSION['uid'])) {
echo "You are not authoriezed to enter this page. You have to login first";
exit;
}
$uid = $_SESSION['uid'];
if (!$vobj->ifSuperUserId($uid)) {
echo "You are not authoriezed to enter this page. Only for admins.";
exit;
}
$pid = $_GET['pid'];
$avb = $dbobj->SelectColumn('available', 'product', 'pid', $pid);
$avb = $avb[0];
$avb = !$avb;
$dbobj->Update("update product set `available`='{$avb}' where `pid`='{$pid}'");
header("location:" . $_product . "?uid=" . $uid);
// deconnection already included in Validation
session_start();
$dbobj = new dbconnection();
$vobj = new Validation();
if (!isset($_SESSION['uid'])) {
echo "You are not authoriezed to enter this page. You have to login first";
exit;
}
$uid = $_SESSION['uid'];
if (!$vobj->ifSuperUserId($uid)) {
echo "You are not authoriezed to enter this page. Only for admins.";
exit;
}
$_product = "../layout/products.php";
$pid = $_POST['pid'];
echo $pid;
$pname = $_POST['pname'];
$price = $_POST['price'];
$category = trim($_POST['category']);
$cid = $dbobj->SelectColumn('cid', 'category', 'cname', $category);
print_r($cid);
$cid = $cid[0];
$products = $dbobj->SelectColumn('pname', 'product', null, null);
foreach ($products as $product) {
if ($pname == $product) {
echo "product already exists";
exit;
}
}
$dbobj->Update("update product set `pname`='{$pname}',`price`='{$price}',`cid`='{$cid}' where `pid`='{$pid}'");
header("location:" . $_product . "?uid=" . $uid);
