S
sarahshafawati
Guest
<?
include "common.php";
//$conn->debug=true;
if ($_POST['txtUsername']<>"") {
$sql="SELECT COUNT(*) AS bil FROM user WHERE username = '".$_POST['txtUsername']."' AND password = '".$_POST['txtPassword']."'";
$rs = $conn->Execute($sql);
if ($rs->fields("bil")>0) {
$_SESSION['userid'] = $_POST['txtUsername'];
print '<script>window.location.href="admin_index.php";</script>';
} else {
$errorMsg = "Maaf, username atau password anda tidak sah!";
}
}
if (!isset($_COOKIE['simplecount'])) {
$conn->Execute("UPDATE hits SET total_hits = total_hits+1");
setcookie("simplecount","Counted!",time()+66600000);
}
// IF ALL THE INPUT FIELDS ARE NOT BLANK ...
if (($_POST['txtNama'] != "") &&
($_POST['txtAlamat'] != "") &&
($_POST['txtNoTel'] != ""))
{
if ($conn->Execute($sql))
{
$sql = "INSERT INTO ekhidmatdb
(nama, alamat, no_tel)
VALUES
(\"$_POST[txtNama]\", \"$_POST[txtAlamat]\", \"$_POST[txtNoTel]\")";
$rs = $conn->Execute($sql);
}
}
?>
common.php------------------------------------------------------------------------------
<?php
error_reporting (E_ALL ^ E_NOTICE);
session_start();
include('adodb.inc.php');
include_once("ImageResizeFactory.php");
$serverIP = $HTTP_SERVER_VARS['REMOTE_ADDR'];
$DB_dbtype="mysql"; $DB_hostname="202.9.108.183"; $DB_username="ekhidmat"; $DB_password="qt51gc72"; $DB_dbname="ekhidmatdb"; // same mechine
$conn->debug=1;
$conn = &ADONEWConnection($DB_dbtype);
$conn->Connect($DB_hostname, $DB_username, $DB_password, $DB_dbname);
foreach($_POST as $key=>$val){ $$key = $val; }
foreach($_GET as $key=>$val){ $$key = $val; }
function tohtml($strValue)
{
return htmlspecialchars($strValue);
}
function tourl($strValue)
{
return urlencode($strValue);
}
function get_param($ParamName)
{
global $HTTP_POST_VARS;
global $HTTP_GET_VARS;
$ParamValue = "";
if(isset($HTTP_POST_VARS[$ParamName]))
$ParamValue = $HTTP_POST_VARS[$ParamName];
else if(isset($HTTP_GET_VARS[$ParamName]))
$ParamValue = $HTTP_GET_VARS[$ParamName];
return $ParamValue;
}
function get_session($ParamName)
{
global $HTTP_POST_VARS;
global $HTTP_GET_VARS;
global ${$ParamName};
$ParamValue = "";
if(!isset($HTTP_POST_VARS[$ParamName]) && !isset($HTTP_GET_VARS[$ParamName]) && session_is_registered($ParamName))
$ParamValue = ${$ParamName};
return $ParamValue;
}
function set_session($ParamName, $ParamValue)
{
global ${$ParamName};
if(session_is_registered($ParamName))
session_unregister($ParamName);
${$ParamName} = $ParamValue;
session_register($ParamName);
}
function is_number($string_value)
{
if(is_numeric($string_value) || !strlen($string_value))
return true;
else
return false;
}
function is_param($param_value)
{
if($param_value)
return 1;
else
return 0;
}
function tosql($value, $type="Text")
{
if($value == "")
{
return "NULL";
}
else
{
if($type == "Number")
return doubleval($value);
else
{
if(get_magic_quotes_gpc() == 0)
{
$value = str_replace("'","''",$value);
$value = str_replace("\","\\",$value);
}
else
{
$value = str_replace("\'","''",$value);
$value = str_replace("\\"","\"",$value);
}
return "'" . $value . "'";
}
}
}
function strip($value)
{
if(get_magic_quotes_gpc() == 0)
return $value;
else
return stripslashes($value);
}
function get_checkbox_value($sVal, $CheckedValue, $UnCheckedValue)
{
if(!strlen($sVal))
return tosql($UnCheckedValue);
else
return tosql($CheckedValue);
}
function dlookup($Table, $fName, $sWhere)
{
global $conn;
$sSQL = "";
$sSQL = "SELECT " . $fName . " FROM " . $Table . " WHERE " . $sWhere;
$rs2 = &$conn->Execute($sSQL);
if ($rs2) {
$_SESSION["group"] = $rs2->fields($fName);
return $rs2->fields($fName);
}
else
return "";
}
function set_pg($Page)
{
$Page = 30;
global ${$Page};
}
function get_pg()
{
$Page = 30;
global ${$Page};
return;
}
function displayDate($varDate)
{
$dateTime = explode(" ",$varDate);
$date = $dateTime[0];
$time = $dateTime[1];
$dateParts = split("-",$date);
$day = $dateParts[2];
$month = $dateParts[1];
$year = $dateParts[0];
if (($day==NULL) || ($month==NULL) || ($year==NULL) || ($day=="00") || ($month=="00") || ($year=="00"))
$convertDate = "";
else
$convertDate = $day."/".$month."/".$year;
return $convertDate;
}
function displayDateTime($varDate)
{
$dateTime = explode(" ",$varDate);
$date = $dateTime[0];
$time = $dateTime[1];
$dateParts = split("-",$date);
$day = $dateParts[2];
$month = $dateParts[1];
$year = $dateParts[0];
if (($day==NULL) || ($month==NULL) || ($year==NULL))
$co
include "common.php";
//$conn->debug=true;
if ($_POST['txtUsername']<>"") {
$sql="SELECT COUNT(*) AS bil FROM user WHERE username = '".$_POST['txtUsername']."' AND password = '".$_POST['txtPassword']."'";
$rs = $conn->Execute($sql);
if ($rs->fields("bil")>0) {
$_SESSION['userid'] = $_POST['txtUsername'];
print '<script>window.location.href="admin_index.php";</script>';
} else {
$errorMsg = "Maaf, username atau password anda tidak sah!";
}
}
if (!isset($_COOKIE['simplecount'])) {
$conn->Execute("UPDATE hits SET total_hits = total_hits+1");
setcookie("simplecount","Counted!",time()+66600000);
}
// IF ALL THE INPUT FIELDS ARE NOT BLANK ...
if (($_POST['txtNama'] != "") &&
($_POST['txtAlamat'] != "") &&
($_POST['txtNoTel'] != ""))
{
if ($conn->Execute($sql))
{
$sql = "INSERT INTO ekhidmatdb
(nama, alamat, no_tel)
VALUES
(\"$_POST[txtNama]\", \"$_POST[txtAlamat]\", \"$_POST[txtNoTel]\")";
$rs = $conn->Execute($sql);
}
}
?>
common.php------------------------------------------------------------------------------
<?php
error_reporting (E_ALL ^ E_NOTICE);
session_start();
include('adodb.inc.php');
include_once("ImageResizeFactory.php");
$serverIP = $HTTP_SERVER_VARS['REMOTE_ADDR'];
$DB_dbtype="mysql"; $DB_hostname="202.9.108.183"; $DB_username="ekhidmat"; $DB_password="qt51gc72"; $DB_dbname="ekhidmatdb"; // same mechine
$conn->debug=1;
$conn = &ADONEWConnection($DB_dbtype);
$conn->Connect($DB_hostname, $DB_username, $DB_password, $DB_dbname);
foreach($_POST as $key=>$val){ $$key = $val; }
foreach($_GET as $key=>$val){ $$key = $val; }
function tohtml($strValue)
{
return htmlspecialchars($strValue);
}
function tourl($strValue)
{
return urlencode($strValue);
}
function get_param($ParamName)
{
global $HTTP_POST_VARS;
global $HTTP_GET_VARS;
$ParamValue = "";
if(isset($HTTP_POST_VARS[$ParamName]))
$ParamValue = $HTTP_POST_VARS[$ParamName];
else if(isset($HTTP_GET_VARS[$ParamName]))
$ParamValue = $HTTP_GET_VARS[$ParamName];
return $ParamValue;
}
function get_session($ParamName)
{
global $HTTP_POST_VARS;
global $HTTP_GET_VARS;
global ${$ParamName};
$ParamValue = "";
if(!isset($HTTP_POST_VARS[$ParamName]) && !isset($HTTP_GET_VARS[$ParamName]) && session_is_registered($ParamName))
$ParamValue = ${$ParamName};
return $ParamValue;
}
function set_session($ParamName, $ParamValue)
{
global ${$ParamName};
if(session_is_registered($ParamName))
session_unregister($ParamName);
${$ParamName} = $ParamValue;
session_register($ParamName);
}
function is_number($string_value)
{
if(is_numeric($string_value) || !strlen($string_value))
return true;
else
return false;
}
function is_param($param_value)
{
if($param_value)
return 1;
else
return 0;
}
function tosql($value, $type="Text")
{
if($value == "")
{
return "NULL";
}
else
{
if($type == "Number")
return doubleval($value);
else
{
if(get_magic_quotes_gpc() == 0)
{
$value = str_replace("'","''",$value);
$value = str_replace("\","\\",$value);
}
else
{
$value = str_replace("\'","''",$value);
$value = str_replace("\\"","\"",$value);
}
return "'" . $value . "'";
}
}
}
function strip($value)
{
if(get_magic_quotes_gpc() == 0)
return $value;
else
return stripslashes($value);
}
function get_checkbox_value($sVal, $CheckedValue, $UnCheckedValue)
{
if(!strlen($sVal))
return tosql($UnCheckedValue);
else
return tosql($CheckedValue);
}
function dlookup($Table, $fName, $sWhere)
{
global $conn;
$sSQL = "";
$sSQL = "SELECT " . $fName . " FROM " . $Table . " WHERE " . $sWhere;
$rs2 = &$conn->Execute($sSQL);
if ($rs2) {
$_SESSION["group"] = $rs2->fields($fName);
return $rs2->fields($fName);
}
else
return "";
}
function set_pg($Page)
{
$Page = 30;
global ${$Page};
}
function get_pg()
{
$Page = 30;
global ${$Page};
return;
}
function displayDate($varDate)
{
$dateTime = explode(" ",$varDate);
$date = $dateTime[0];
$time = $dateTime[1];
$dateParts = split("-",$date);
$day = $dateParts[2];
$month = $dateParts[1];
$year = $dateParts[0];
if (($day==NULL) || ($month==NULL) || ($year==NULL) || ($day=="00") || ($month=="00") || ($year=="00"))
$convertDate = "";
else
$convertDate = $day."/".$month."/".$year;
return $convertDate;
}
function displayDateTime($varDate)
{
$dateTime = explode(" ",$varDate);
$date = $dateTime[0];
$time = $dateTime[1];
$dateParts = split("-",$date);
$day = $dateParts[2];
$month = $dateParts[1];
$year = $dateParts[0];
if (($day==NULL) || ($month==NULL) || ($year==NULL))
$co