<?php function change_status1($id) { $dbhost = 'localhost'; $dblogin

1. <?php
2.  
3. function change_status1($id) {
4. $dbhost = 'localhost';
5. $dblogin = 'root';
6. $dbpass = '';
7. $dbselect = 'doc';
8. $conn = mysqli_connect($dbhost,$dblogin,$dbpass,$dbselect);
9. $query = "SELECT auth1 FROM req WHERE id='$id'";
10. $result = mysqli_query($conn, $query);
11. $tab = mysqli_fetch_array($result);
12.  
13. if ($tab['auth1']=="NIE_ZEZWOLONO") {
14. $query = "UPDATE req SET auth1='ZEZWOLONO' WHERE id='$id'";
15. print "asd";
16. } else {
17. $query = "UPDATE req SET auth1='NIE_ZEZWOLONO' WHERE id='$id'";
18. print "qwe";
19. }
20. $result = mysqli_query($conn, $query);
21.  
22. header("Location: form.php");
23. }
24.  
25. function change_status2($id) {
26. $dbhost = 'localhost';
27. $dblogin = 'root';
28. $dbpass = '';
29. $dbselect = 'doc';
30. $conn = mysqli_connect($dbhost,$dblogin,$dbpass,$dbselect);
31. $query = "SELECT auth2 FROM req WHERE id='$id'";
32. $result = mysqli_query($conn, $query);
33. $tab = mysqli_fetch_array($result);
34.  
35. if ($tab['auth2']=="NIE_ZEZWOLONO") {
36. $query = "UPDATE req SET auth2='ZEZWOLONO' WHERE id='$id'";
37. print "asd";
38. } else {
39. $query = "UPDATE req SET auth2='NIE_ZEZWOLONO' WHERE id='$id'";
40. print "qwe";
41. }
42. $result = mysqli_query($conn, $query);
43.  
44. header("Location: form.php");
45. }
46.  
47. function change_status3($id,$acctype) {
48. $dbhost = 'localhost';
49. $dblogin = 'root';
50. $dbpass = '';
51. $dbselect = 'doc';
52. $conn = mysqli_connect($dbhost,$dblogin,$dbpass,$dbselect);
53. $query = "SELECT * FROM req WHERE id='$id'";
54. $result = mysqli_query($conn, $query);
55. $tab = mysqli_fetch_array($result);
56.  
57. $query = "UPDATE users SET acctype='$acctype' WHERE id='$id'";
58.  
59. $result = mysqli_query($conn, $query);
60. header("Location: form.php");
61. }
62.  
63. function log_attempt($servername,$user,$pass) {
64. $dbhost = 'localhost';
65. $dblogin = 'root';
66. $dbpass = '';
67. $dbselect = 'doc';
68. $conn = mysqli_connect($dbhost,$dblogin,$dbpass,$dbselect);
69. $query = "SELECT * FROM users WHERE username='".$user."'";
70. $result = mysqli_query($conn, $query);
71. $tab = mysqli_fetch_array($result);
72. $userpass = $tab['password'];
73. $acctype = $tab['acctype'];
74.  
75. if (mysqli_num_rows($result) > 0 && $userpass == md5($pass)) {
76. mysqli_close($conn);
77.  
78. $_SESSION['acctype'] = $acctype;
79. $_SESSION['logsuccess'] = TRUE;
80. header("Location: form.php");
81. } else if ((mysqli_num_rows($result) == 0) && ($mbox = imap_open($servername, $user, $pass))) {
82. imap_close($mbox);
83.  
84. if ($conn) {
85. $user = mysqli_real_escape_string($conn, $user);
86. $pass = md5($pass);
87. $query = "INSERT INTO users (username, password) VALUES('$user','$pass')";
88. mysqli_query($conn, $query) or trigger_error(mysqli_error($conn)." in ".$query);
89. } else {
90. die("Błąd przy wyborze bazy danych");
91. }
92. mysqli_close($conn);
93.  
94. $_SESSION['acctype'] = 'user';
95. $_SESSION['logsuccess'] = TRUE;
96. header("Location: form.php");
97. } else {
98. mysqli_close($conn);
99.  
100. $_SESSION['logsuccess'] = FALSE;
101. header("Location: index.php");
102. }
103. }
104.  
105. function db_send($data,$imie,$nazwisko,$opis) {
106. $dbhost = 'localhost';
107. $dblogin = 'root';
108. $dbpass = '';
109. $dbselect = 'doc';
110. $conn = mysqli_connect($dbhost,$dblogin,$dbpass,$dbselect);
111. if ($conn) {
112. $imie = mysqli_real_escape_string($conn, $imie);
113. $nazwisko = mysqli_real_escape_string($conn, $nazwisko);
114. $opis = mysqli_real_escape_string($conn, $opis);
115. $query = "INSERT INTO req (data, imie, nazwisko, opis) VALUES('$data','$imie', '$nazwisko', '$opis')";
116. mysqli_query($conn, $query) or trigger_error(mysqli_error($conn)." in ".$query);
117. } else {
118. die("Błąd przy wyborze bazy danych");
119. }
120. mysqli_close($conn);
121. header("Location: form.php");
122. }
123.  
124. function get_data_portier() {
125. $dbhost = 'localhost';
126. $dblogin = 'root';
127. $dbpass = '';
128. $dbselect = 'doc';
129. $conn = mysqli_connect($dbhost,$dblogin,$dbpass,$dbselect);
130. $query = "SELECT * FROM req";
131. $result = mysqli_query($conn, $query);
132.  
133. $num = mysqli_num_rows($result);
134.  
135. ?> <div class="content"> <?php
136. for ($i = 0; $i < $num; $i++) {
137. $tab = mysqli_fetch_array($result);
138. ?> <div class="row"><?php
139. ?> <span class="tab_name"> <?php print $tab['imie']; ?> </span><?php
140. ?> <span class="tab_name"> <?php print $tab['nazwisko']; ?> </span><?php
141. ?> <span class="tab_opis"> <?php print $tab['opis']; ?> </span><?php
142. ?> <span class="tab_data"> <?php print $tab['data']; ?> </span><?php
143. if (!isset($_POST[$tab['id']])) {
144. ?> <form class="tab" action="form.php" method="post"><input class="tab buttons2" name="<?php print $tab['id']; ?>" type="submit" value="<?php print $tab['auth1']; ?>"></input></form><?php
145. } else {
146. change_status1($tab['id']);
147. }
148. ?> </div><?php
149. }
150. ?> </div> <?php
151. }
152.  
153. function get_data_kierownik() {
154. $dbhost = 'localhost';
155. $dblogin = 'root';
156. $dbpass = '';
157. $dbselect = 'doc';
158. $conn = mysqli_connect($dbhost,$dblogin,$dbpass,$dbselect);
159. $query = "SELECT * FROM req";
160. $result = mysqli_query($conn, $query);
161.  
162. $num = mysqli_num_rows($result);
163.  
164. ?> <div class="content"> <?php
165. for ($i = 0; $i < $num; $i++) {
166. $tab = mysqli_fetch_array($result);
167. ?> <div class="row"><?php
168. ?> <span class="tab_name"> <?php print $tab['imie']; ?> </span><?php
169. ?> <span class="tab_name"> <?php print $tab['nazwisko']; ?> </span><?php
170. ?> <span class="tab_opis"> <?php print $tab['opis']; ?> </span><?php
171. ?> <span class="tab_data"> <?php print $tab['data']; ?> </span><?php
172. ?> <span class="tab"> <?php print $tab['auth1']; ?> </span><?php
173. if (!isset($_POST[$tab['id']])) {
174. ?> <form class="tab" action="form.php" method="post"><input class="tab buttons2" name="<?php print $tab['id']; ?>" type="submit" value="<?php print $tab['auth2']; ?>"></input></form><?php
175. } else {
176. change_status2($tab['id']);
177. }
178. ?> </div><?php
179. }
180. ?> </div> <?php
181. }
182.  
183. function get_data_admin() {
184. $dbhost = 'localhost';
185. $dblogin = 'root';
186. $dbpass = '';
187. $dbselect = 'doc';
188. $conn = mysqli_connect($dbhost,$dblogin,$dbpass,$dbselect);
189. $query = "SELECT * FROM users";
190. $result = mysqli_query($conn, $query);
191.  
192. $num = mysqli_num_rows($result);
193.  
194. ?> <div class="content"> <?php
195. for ($i = 0; $i < $num; $i++) {
196. $tab = mysqli_fetch_array($result);
197. ?> <div class="row"><?php
198. ?> <span class="tab_name">ID: <?php print $tab['id']; ?> </span><?php
199. ?> <span class="tab_name"> <?php print $tab['username']; ?> </span><?php
200. ?> <span class="tab_name"> <?php print $tab['acctype']; ?> </span><?php
201. if (!isset($_POST[$tab['id']])) {
202. ?> <form class="tab" action="form.php" method="post">
203. <select name="accounttype">
204. <option value="user">User</option>
205. <option value="portier">Portier</option>
206. <option value="kierownik">Kierownik</option>
207. <option value="admin">Admin</option>
208. </select>
209. <input class="buttons2" name="<?php print $tab['id']; ?>" type="submit" value="Zmień uprawnienia"></input></form><?php
210. } else {
211. change_status3($tab['id'],$_POST['accounttype']);
212. }
213. ?> </div><?php
214. }
215. ?> </div> <?php
216. }
217. ?>