<?php function change_status1($id) { $dbhost = 'localhost'; $dblogin

1. <?php
2.  
3. function change_status1($id) {
4. $dbhost = 'localhost';
5. $dblogin = 'root';
6. $dbpass = '';
7. $dbselect = 'doc';
8. $conn = mysqli_connect($dbhost,$dblogin,$dbpass,$dbselect);
9. $query = "SELECT auth1 FROM req WHERE id='$id'";
10. $result = mysqli_query($conn, $query);
11. $tab = mysqli_fetch_array($result);
12.  
13. if ($tab['auth1']=="NIE_ZEZWOLONO") {
14. $query = "UPDATE req SET auth1='ZEZWOLONO' WHERE id='$id'";
15. print "asd";
16. } else {
17. $query = "UPDATE req SET auth1='NIE_ZEZWOLONO' WHERE id='$id'";
18. print "qwe";
19. }
20. $result = mysqli_query($conn, $query);
21.  
22. header("Location: form.php");
23. }
24.  
25. function change_status2($id) {
26. $dbhost = 'localhost';
27. $dblogin = 'root';
28. $dbpass = '';
29. $dbselect = 'doc';
30. $conn = mysqli_connect($dbhost,$dblogin,$dbpass,$dbselect);
31. $query = "SELECT auth2 FROM req WHERE id='$id'";
32. $result = mysqli_query($conn, $query);
33. $tab = mysqli_fetch_array($result);
34.  
35. if ($tab['auth2']=="NIE_ZEZWOLONO") {
36. $query = "UPDATE req SET auth2='ZEZWOLONO' WHERE id='$id'";
37. print "asd";
38. } else {
39. $query = "UPDATE req SET auth2='NIE_ZEZWOLONO' WHERE id='$id'";
40. print "qwe";
41. }
42. $result = mysqli_query($conn, $query);
43.  
44. header("Location: form.php");
45. }
46.  
47. function change_status3($id,$acctype) {
48. $dbhost = 'localhost';
49. $dblogin = 'root';
50. $dbpass = '';
51. $dbselect = 'doc';
52. $conn = mysqli_connect($dbhost,$dblogin,$dbpass,$dbselect);
53. $query = "SELECT * FROM req WHERE id='$id'";
54. $result = mysqli_query($conn, $query);
55. $tab = mysqli_fetch_array($result);
56.  
57. $query = "UPDATE users SET acctype='$acctype' WHERE id='$id'";
58.  
59. $result = mysqli_query($conn, $query);
60. header("Location: form.php");
61. }
62.  
63. function log_attempt($servername,$user,$pass) {
64. $dbhost = 'localhost';
65. $dblogin = 'root';
66. $dbpass = '';
67. $dbselect = 'doc';
68. $conn = mysqli_connect($dbhost,$dblogin,$dbpass,$dbselect);
69. $query = "SELECT * FROM users WHERE username='".$user."'";
70. $result = mysqli_query($conn, $query);
71. $tab = mysqli_fetch_array($result);
72. $userpass = $tab['password'];
73. $acctype = $tab['acctype'];
74.  
75. if (mysqli_num_rows($result) > 0 && $userpass == md5($pass)) {
76. mysqli_close($conn);
77.  
78. $_SESSION['acctype'] = $acctype;
79. $_SESSION['logsuccess'] = TRUE;
80. header("Location: form.php");
81. } else if ((mysqli_num_rows($result) == 0) && ($mbox = imap_open($servername, $user, $pass))) {
82. imap_close($mbox);
83.  
84. if ($conn) {
85. $user = mysqli_real_escape_string($conn, $user);
86. $pass = md5($pass);
87. $query = "INSERT INTO users (username, password) VALUES('$user','$pass')";
88. mysqli_query($conn, $query) or trigger_error(mysqli_error($conn)." in ".$query);
89. } else {
90. die("Błąd przy wyborze bazy danych");
91. }
92. mysqli_close($conn);
93.  
94. $_SESSION['acctype'] = 'user';
95. $_SESSION['logsuccess'] = TRUE;
96. header("Location: form.php");
97. } else {
98. mysqli_close($conn);
99.  
100. $_SESSION['logsuccess'] = FALSE;
101. header("Location: index.php");
102. }
103. }
104.  
105. function db_send($data,$imie,$nazwisko,$opis) {
106. //print "$data";
107. //print "$imie";
108. //print "$nazwisko";
109. //print "$opis";
110.  
111. $dbhost = 'localhost';
112. $dblogin = 'root';
113. $dbpass = '';
114. $dbselect = 'doc';
115. $conn = mysqli_connect($dbhost,$dblogin,$dbpass,$dbselect);
116. if ($conn) {
117. $imie = mysqli_real_escape_string($conn, $imie);
118. $nazwisko = mysqli_real_escape_string($conn, $nazwisko);
119. $opis = mysqli_real_escape_string($conn, $opis);
120. $query = "INSERT INTO req (data, imie, nazwisko, opis) VALUES('$data','$imie', '$nazwisko', '$opis')";
121. mysqli_query($conn, $query) or trigger_error(mysqli_error($conn)." in ".$query);
122. } else {
123. die("Błąd przy wyborze bazy danych");
124. }
125. mysqli_close($conn);
126. header("Location: form.php");
127. }
128.  
129. function get_data_portier() {
130. $dbhost = 'localhost';
131. $dblogin = 'root';
132. $dbpass = '';
133. $dbselect = 'doc';
134. $conn = mysqli_connect($dbhost,$dblogin,$dbpass,$dbselect);
135. $query = "SELECT * FROM req";
136. $result = mysqli_query($conn, $query);
137.  
138. $num = mysqli_num_rows($result);
139.  
140. ?> <div class="content"> <?php
141. for ($i = 0; $i < $num; $i++) {
142. $tab = mysqli_fetch_array($result);
143. ?> <span class="tab_name"> <?php print $tab['imie']; ?> </span><?php
144. ?> <span class="tab_name"> <?php print $tab['nazwisko']; ?> </span><?php
145. ?> <span class="tab_opis"> <?php print $tab['opis']; ?> </span><?php
146. ?> <span class="tab"> <?php print $tab['data']; ?> </span><?php
147. if (!isset($_POST[$tab['id']])) {
148. ?> <form class="tab" action="form.php" method="post"><input name="<?php print $tab['id']; ?>" type="submit" value="<?php print $tab['auth1']; ?>"></input></form><?php
149. } else {
150. change_status1($tab['id']);
151. }
152. }
153. ?> </div> <?php
154. }
155.  
156. function get_data_kierownik() {
157. $dbhost = 'localhost';
158. $dblogin = 'root';
159. $dbpass = '';
160. $dbselect = 'doc';
161. $conn = mysqli_connect($dbhost,$dblogin,$dbpass,$dbselect);
162. $query = "SELECT * FROM req";
163. $result = mysqli_query($conn, $query);
164.  
165. $num = mysqli_num_rows($result);
166.  
167. ?> <div class="content"> <?php
168. for ($i = 0; $i < $num; $i++) {
169. $tab = mysqli_fetch_array($result);
170. ?> <span class="tab_name"> <?php print $tab['imie']; ?> </span><?php
171. ?> <span class="tab_name"> <?php print $tab['nazwisko']; ?> </span><?php
172. ?> <span class="tab_opis"> <?php print $tab['opis']; ?> </span><?php
173. ?> <span class="tab"> <?php print $tab['data']; ?> </span><?php
174. ?> <span class="tab"> <?php print $tab['auth1']; ?> </span><?php
175. if (!isset($_POST[$tab['id']])) {
176. ?> <form class="tab" action="form.php" method="post"><input name="<?php print $tab['id']; ?>" type="submit" value="<?php print $tab['auth2']; ?>"></input></form><?php
177. } else {
178. change_status2($tab['id']);
179. }
180. }
181. ?> </div> <?php //tak nie moze byc, ze br a nie w divie kurwa
182. }
183.  
184. function get_data_admin() {
185. $dbhost = 'localhost';
186. $dblogin = 'root';
187. $dbpass = '';
188. $dbselect = 'doc';
189. $conn = mysqli_connect($dbhost,$dblogin,$dbpass,$dbselect);
190. $query = "SELECT * FROM users";
191. $result = mysqli_query($conn, $query);
192.  
193. $num = mysqli_num_rows($result);
194.  
195. ?> <div class="content"> <?php
196. for ($i = 0; $i < $num; $i++) {
197. $tab = mysqli_fetch_array($result);
198. ?> <span class="tab_name"> <?php print $tab['id']; ?> </span><?php
199. ?> <span class="tab_name"> <?php print $tab['username']; ?> </span><?php
200. ?> <span class="tab_name"> <?php print $tab['acctype']; ?> </span><?php
201. if (!isset($_POST[$tab['id']])) {
202. ?> <form class="tab" action="form.php" method="post">
203. <select name="accounttype">
204. <option value="user">User</option>
205. <option value="portier">Portier</option>
206. <option value="kierownik">Kierownik</option>
207. <option value="admin">Admin</option>
208. </select>
209. <input name="<?php print $tab['id']; ?>" type="submit" value="Zmień uprawnienia"></input></form><?php
210. } else {
211. change_status3($tab['id'],$_POST['accounttype']);
212. }
213. }
214. ?> </div> <?php
215. }
216. ?>