ordine_farmacisti/blocks/modifyFormSubmit.php


<?php
    session_start();

    @include '../cgi-bin/conn.conn';
    @include '../cgi-bin/functions.inc';
    @include '../cgi-bin/params.inc';

    $GLOBALS['conn'];

    $conn=@mysqli_connect($DATAhst,$DATAusr,$DATApwd,$DATAdtb)or die("CONNECTION ERROR");
    mysqli_set_charset($conn, "utf8");

?>
<!DOCTYPE html>
<html>
<head>
    <title>Ordine dei Farmacisti della Provincia di Salerno</title>
    <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
    <base href="<?php echo $BASE_URL;?>/">
    <link href="<?php echo $BASE_URL;?>/css/styles.css" rel="stylesheet" type="text/css"/>
    <link href='http://fonts.googleapis.com/css?family=Roboto' rel='stylesheet' type='text/css'>
</head>
<body>
    <div class="row no-gutters py-4">

<?php


    if(sizeof($_GET)>0){
        $err = 0;
        $mess = "";

        if(!$_GET['nusr'] || strlen($_GET['nusr'])<8 ){
            $err += 1;
            $mess .= "<p>Lo username non deve essere inferiore di 8 caratteri.</p>";
        }
        if(!$_GET['npwd'] || strlen($_GET['npwd'])<8 ){
            $err += 1;
            $mess .= "<p>La password non deve essere inferiore di 8 caratteri.</p>";
        }
        if($_GET['npwd'] != $_GET['rnpwd']){
            $err += 1;
            $mess .= "<p>Le password inserite non corrispondono.</p>";
        }


        if($err!=0){
            echo "<div class=\"col-10 text-center text-red mx-auto\">".
                    "<p><i class=\"fa fa-exclamation-triangle font-alert p-4\"></i></p>".
                    $mess."</div>";
        }else{

            $q=mysqli_query($conn, "SELECT COUNT(id) FROM board WHERE
                                    usr='".$_SESSION['AUTH']['usr']."' AND
                                    pwd='".trim(md5($_GET['opwd']))."'
                                    ");
            $r=mysqli_fetch_array($q);

            if(!$r[0]){
                echo "<div class=\"col-10 text-center text-red mx-auto\">".
                    "<p><i class=\"fa fa-exclamation-triangle font-alert p-4\"></i></p>".
                    "ATTENZIONE: Controlla che la password inserita sia corretta.".
                "</div>";
            }else{

                $q=mysqli_query($conn, "UPDATE board SET
                                        usr='".trim($_GET['nusr'])."',
                                        pwd='".md5($_GET['npwd'])."'
                                        WHERE id='".$_SESSION['AUTH']['id']."'
                                        ");

                echo "<div class=\"col-10 text-center mx-auto\">".
                    "<p><i class=\"fa fa-check-circle font-alert p-4\"></i></p>".
                    "<b>Dati modificati correttamente.</b><br>".
                    "Potrai utilizzarli dal prossimo accesso.".
                "</div>";
            }
        }

    }

?>

    </div>
</body>
</html>
add personal area and modify data 7 years ago
			`<?php`
			`session_start();`

			`@include '../cgi-bin/conn.conn';`
			`@include '../cgi-bin/functions.inc';`
			`@include '../cgi-bin/params.inc';`

			`$GLOBALS['conn'];`

			`$conn=@mysqli_connect($DATAhst,$DATAusr,$DATApwd,$DATAdtb)or die("CONNECTION ERROR");`
			`mysqli_set_charset($conn, "utf8");`

			`?>`
			`<!DOCTYPE html>`
			`<html>`
			`<head>`
			`<title>Ordine dei Farmacisti della Provincia di Salerno</title>`
			`<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">`
			`<base href="<?php echo $BASE_URL;?>/">`
			`<link href="<?php echo $BASE_URL;?>/css/styles.css" rel="stylesheet" type="text/css"/>`
			`<link href='http://fonts.googleapis.com/css?family=Roboto' rel='stylesheet' type='text/css'>`
			`</head>`
			`<body>`
			`<div class="row no-gutters py-4">`

			`<?php`


			`if(sizeof($_GET)>0){`
			`$err = 0;`
			`$mess = "";`

			`if(!$_GET['nusr'] \|\| strlen($_GET['nusr'])<8 ){`
			`$err += 1;`
			`$mess .= "<p>Lo username non deve essere inferiore di 8 caratteri.</p>";`
			`}`
			`if(!$_GET['npwd'] \|\| strlen($_GET['npwd'])<8 ){`
			`$err += 1;`
			`$mess .= "<p>La password non deve essere inferiore di 8 caratteri.</p>";`
			`}`
			`if($_GET['npwd'] != $_GET['rnpwd']){`
			`$err += 1;`
			`$mess .= "<p>Le password inserite non corrispondono.</p>";`
			`}`


			`if($err!=0){`
			`echo "<div class=\"col-10 text-center text-red mx-auto\">".`
			`"<p><i class=\"fa fa-exclamation-triangle font-alert p-4\"></i></p>".`
			`$mess."</div>";`
			`}else{`

			`$q=mysqli_query($conn, "SELECT COUNT(id) FROM board WHERE`
			`usr='".$_SESSION['AUTH']['usr']."' AND`
			`pwd='".trim(md5($_GET['opwd']))."'`
			`");`
			`$r=mysqli_fetch_array($q);`

			`if(!$r[0]){`
			`echo "<div class=\"col-10 text-center text-red mx-auto\">".`
			`"<p><i class=\"fa fa-exclamation-triangle font-alert p-4\"></i></p>".`
			`"ATTENZIONE: Controlla che la password inserita sia corretta.".`
			`"</div>";`
			`}else{`

			`$q=mysqli_query($conn, "UPDATE board SET`
			`usr='".trim($_GET['nusr'])."',`
			`pwd='".md5($_GET['npwd'])."'`
			`WHERE id='".$_SESSION['AUTH']['id']."'`
			`");`

			`echo "<div class=\"col-10 text-center mx-auto\">".`
			`"<p><i class=\"fa fa-check-circle font-alert p-4\"></i></p>".`
			`"<b>Dati modificati correttamente.</b><br>".`
			`"Potrai utilizzarli dal prossimo accesso.".`
			`"</div>";`
			`}`
			`}`

			`}`

			`?>`

			`</div>`
			`</body>`
			`</html>`