$newDay = str_pad((int) substr($_POST['value'], 3, 2), 2, 0, STR_PAD_LEFT); $newDate = checkdate($newMonth, $newDay, $newYear) ? "{$newYear}-{$newMonth}-{$newDay}" : FALSE; if ($newDate) { if (updateDetails($_SESSION['cardNo'], NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, $newDate, NULL, $_SESSION['userID'])) { echo date('m/d/Y', strtotime($newDate)); } else { echo date('m/d/Y', strtotime($oldDate)); } } } elseif (isset($_POST['id']) && $_POST['id'] == 'editNext') { $dateQ = "SELECT nextPayment FROM details WHERE cardNo={$_SESSION['cardNo']}"; $dateR = mysqli_query($DBS['comet'], $dateQ); list($oldDate) = mysqli_fetch_row($dateR); $newYear = (int) substr($_POST['value'], 6, 4); $newMonth = str_pad((int) substr($_POST['value'], 0, 2), 2, 0, STR_PAD_LEFT); $newDay = str_pad((int) substr($_POST['value'], 3, 2), 2, 0, STR_PAD_LEFT); $newDate = checkdate($newMonth, $newDay, $newYear) ? "{$newYear}-{$newMonth}-{$newDay}" : FALSE; if ($newDate) { if (updateDetails($_SESSION['cardNo'], NULL, NULL, NULL, NULL, NULL, NULL, NULL, $newDate, NULL, NULL, NULL, $_SESSION['userID'])) { echo date('m/d/Y', strtotime($newDate)); } else { echo date('m/d/Y', strtotime($oldDate)); } } } if (isset($_GET['plans'])) { print json_encode($plan); } } else { header('Location: ../index.php'); }
function signedIn() { redirectSignIn(); if ($_SESSION['signedIn'] == 1) { $profileData = mysql_query("SELECT * FROM user WHERE emailAddress = '" . $_SESSION['user'] . "' "); $row = mysql_fetch_array($profileData); if (isset($_POST["saveChanges"])) { updateDetails($row); } elseif (isset($_POST['reset'])) { resetEmail($row); } elseif (isset($_POST['delete'])) { deleteAccount(); } $refreshData = mysql_query("SELECT * FROM user WHERE emailAddress = '" . $_SESSION['user'] . "' "); $row = mysql_fetch_array($refreshData); return $row; } }
// If paid up fully, next due = null if ($total + $amount == $sPrice) { // If fully paid, shareholder. $nextDue = 'NULL'; // Okay this part requires PHP 5.3 or greater. Date Time work. // If after next due or null, next due = payment date + (12/period) } elseif (is_null($next) || strtotime($date) > strtotime($next)) { $nextDue = date_create($date); $nextDue = date_add($nextDue, new DateInterval("P" . $period . "M")); $nextDue = date_format($nextDue, 'Y-m-d'); // If before or on next due, next due = next due + (12/period) } elseif (strtotime($date) <= strtotime($next)) { $nextDue = date_create($next); $nextDue = date_add($nextDue, new DateInterval("P" . $period . "M")); $nextDue = date_format($nextDue, 'Y-m-d'); } if (updateDetails($_SESSION['cardNo'], NULL, NULL, NULL, NULL, NULL, NULL, NULL, $nextDue, $plan, NULL, NULL, $_SESSION['userID'])) { echo '{ "success": "success!" }'; } else { printf('{ "errorMsg":"MySQL Error: %s"}', mysqli_error($DBS['comet'])); } } } else { echo '{ "errorMsg":"That payment amount would overpay the current share price." }'; } } else { echo '{ "errorMsg":"The amount must be a number and the date a date." }'; } } else { header('Location: ../index.php'); }
// Empty. Error out. echo ' "errorMsg": "Record cannot be empty." }'; exit; } elseif ($details && $owner) { // Mostly filled in. Check secondary owner rows. checkPost($_POST); // Will kill the script if there are errors. $phone = ereg_replace("[^0-9]", "", escapeData($DBS['comet'], $_POST['phone'])); $zip = ereg_replace("[^0-9]", "", escapeData($DBS['comet'], $_POST['zip'])); $detailsQ = sprintf("SELECT * FROM details \n\t\t\t\t\t\tWHERE cardNo=%u AND address='%s' AND phone='%s' AND city='%s' AND state='%s' AND zip=%u AND email='%s' AND noMail=%u", $_SESSION['cardNo'], escapeData($DBS['comet'], $_POST['address']), $phone, escapeData($DBS['comet'], $_POST['city']), escapeData($DBS['comet'], $_POST['state']), $zip, escapeData($DBS['comet'], $_POST['email']), isset($_POST['noMail']) ? 1 : 0); $detailsR = mysqli_query($DBS['comet'], $detailsQ); if (mysqli_num_rows($detailsR) == 1) { echo ' "message": "No changes", '; } else { // Updating records. if (updateDetails($_SESSION['cardNo'], $_POST['address'], $phone, $_POST['city'], $_POST['state'], $zip, $_POST['email'], isset($_POST['noMail']) ? 1 : 0, NULL, NULL, NULL, NULL, $_SESSION['userID'])) { echo ' "message": "Changes made, details updated", '; } } for ($i = 1; $i <= $_SESSION['houseHoldSize']; $i++) { /* Four possibilities. - No changes (numRows1 = 1 and numRows = 1) - Someone being added who wasn't there before (numRows1 = 0, first and last not empty) - Someone being taken away that was there before (numRows1 = 1, numRows = 0, first and last empty) - Someone being updated (numRows1 = 1, numRows = 0, first and last not empty) */ $ownerQ1 = sprintf("SELECT * FROM owners WHERE cardNo=%u AND personNum=%u", $_SESSION['cardNo'], $i); $ownerR1 = mysqli_query($DBS['comet'], $ownerQ1); $ownerNumRows1 = mysqli_num_rows($ownerR1); $first = escapeData($DBS['comet'], $_POST['first'][$i]); $last = escapeData($DBS['comet'], $_POST['last'][$i]);