File: /home/nyiet8349bzl/Backup/sbc_back/homedir/public_html/old-myadmin/admin/processAdmin.php
<?php
require_once '../../library/config.php';
require_once '../library/functions.php';
checkUser();
$action = isset($_GET['action']) ? $_GET['action'] : '';
switch ($action) {
case 'modifyAdmin' :
modifyAdmin();
break;
case 'changePsw' :
changePsw();
break;
case 'changeShip' :
changeShip();
break;
default :
header('Location: index.php');
}
/*
Modify a Admin
*/
function modifyAdmin()
{
//AID Full_Name Email Address User_Name User_Password Last_Log_Date Last_Log_IP Status
$AId = (int)$_GET['AId'];
$Afname = $_POST['afname'];
$Aemail = $_POST['aemail'];
$Aaddress = $_POST['apassword'];
$Auname = $_POST['auname'];
$sql = "UPDATE chadmin SET Full_Name = '$Afname', Email = '$Aemail', Address = '$Aaddress', User_Name = '$Auname' WHERE AID = $AId";
$result = dbQuery($sql);
$sql = "UPDATE website_config SET ch_email = '$Aemail'";
$result = dbQuery($sql);
header('Location: index.php');
}
/*
Change Admin Password
*/
function changePsw()
{
if (isset($_GET['AId']) && (int)$_GET['AId'] > 0) {
$AId = (int)$_GET['AId'];
} else { header('Location: index.php'); }
$opass = $_POST['oldPass'];
$npass = $_POST['newPass'];
$cpass = $_POST['confPass'];
$sql= "SELECT * FROM chadmin WHERE AID=$AId";
$result = dbQuery($sql);
$row = dbFetchAssoc($result);
if($opass != "" && $opass != md5($row['User_Password']))
{
$errmsg = "Old Password Not Matched";
}
elseif ($npass != $cpass)
{
$errmsg = "Confirm Password Not Matched ";
}
else {
$sql= "UPDATE chadmin SET User_Password = '".md5($cpass)."' WHERE AID=$AId";
$result = dbQuery($sql);
$errmsg = "Password Changed";
}
return $errmsg;
}
?>