<?php require_once('Connections/t77_connect.php'); ?>
<?php
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "")
{
$theValue = (!get_magic_quotes_gpc()) ? addslashes($theValue) : $theValue;
switch ($theType) {
case "text":
$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
break;
case "long":
case "int":
$theValue = ($theValue != "") ? intval($theValue) : "NULL";
break;
case "double":
$theValue = ($theValue != "") ? "'" . doubleval($theValue) . "'" : "NULL";
break;
case "date":
$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
break;
case "defined":
$theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
break;
}
return $theValue;
}
$editFormAction = $HTTP_SERVER_VARS['PHP_SELF'];
if (isset($HTTP_SERVER_VARS['QUERY_STRING'])) {
$editFormAction .= "?" . $HTTP_SERVER_VARS['QUERY_STRING'];
}
if((isset($HTTP_POST_VARS["MM_update"])) && ((!isset($_POST['userpass'])) || (!isset($_POST['userpass2'])) || ($_POST['userpass2'] != $_POST['userpass']))) {
$error = "Please type your new password twice";
include('error.php');
} else {
if ((isset($HTTP_POST_VARS["MM_update"])) && ($HTTP_POST_VARS["MM_update"] == "form1")) {
$updateSQL = sprintf("UPDATE t77_bill_settings SET valuta_sign=%s, VAT=%s, company_name=%s, contact_name=%s, company_address=%s, company_zip=%s, company_city=%s, company_tel=%s, company_email=%s, company_bank=%s, username=%s, userpass=%s WHERE id=%s",
GetSQLValueString($HTTP_POST_VARS['valuta_sign'], "text"),
GetSQLValueString($HTTP_POST_VARS['VAT'], "double"),
GetSQLValueString($HTTP_POST_VARS['company_name'], "text"),
GetSQLValueString($HTTP_POST_VARS['contact_name'], "text"),
GetSQLValueString($HTTP_POST_VARS['company_address'], "text"),
GetSQLValueString($HTTP_POST_VARS['company_zip'], "text"),
GetSQLValueString($HTTP_POST_VARS['company_city'], "text"),
GetSQLValueString($HTTP_POST_VARS['company_tel'], "text"),
GetSQLValueString($HTTP_POST_VARS['company_email'], "text"),
GetSQLValueString($HTTP_POST_VARS['company_bank'], "text"),
GetSQLValueString($HTTP_POST_VARS['username'], "text"),
GetSQLValueString(md5($HTTP_POST_VARS['userpass']), "text"),
GetSQLValueString($HTTP_POST_VARS['id'], "int"));
mysql_select_db($database_t77_connect, $t77_connect);
$Result1 = mysql_query($updateSQL, $t77_connect) or die(mysql_error());
$updateGoTo = "settings.php";
if (isset($HTTP_SERVER_VARS['QUERY_STRING'])) {
$updateGoTo .= (strpos($updateGoTo, '?')) ? "&" : "?";
$updateGoTo .= $HTTP_SERVER_VARS['QUERY_STRING'];
}
header(sprintf("Location: %s", $updateGoTo));
}
mysql_select_db($database_t77_connect, $t77_connect);
$query_settings = "SELECT * FROM t77_bill_settings";
$settings = mysql_query($query_settings, $t77_connect) or die(mysql_error());
$row_settings = mysql_fetch_assoc($settings);
$totalRows_settings = mysql_num_rows($settings);
?>
<?php echo "<?xml version=\"1.0\" encoding=\"iso-8859-1\"?".">"; ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>Untitled Document</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<link href="styles.css" rel="stylesheet" type="text/css" />
<script language="JavaScript" type="text/JavaScript">
<!--
function GP_popupConfirmMsg(msg) { //v1.0
document.MM_returnValue = confirm(msg);
}
//-->
</script>
</head>
<body>
<table width="100%" height="100%" border="0" cellpadding="0" cellspacing="0" class="lineleft">
<tr>
<td align="left" valign="top"><table width="100%" border="0" cellspacing="0" cellpadding="0">
<tr>
<td height="31" align="left" valign="top"><table width="100%" height="31" border="0" cellpadding="0" cellspacing="0">
<tr>
<td width="20"><img src="images/tabletopstart.gif" width="20" height="31" /></td>
<td><table width="100%" height="30" border="0" cellpadding="5" cellspacing="0">
<tr>
<td><p><strong>Password</strong></p>
</td>
<td> </td>
</tr>
</table>
</td>
</tr>
</table>
</td>
</tr>
<tr>
<td align="left" valign="top"><table width="100%" border="0" cellspacing="0" cellpadding="20">
<tr>
<td>
<form method="post" name="form1" action="<?php echo $editFormAction; ?>">
<table width="100%" align="center" cellpadding="5" cellspacing="0" class="tableBorder">
<tr valign="baseline">
<td align="right" nowrap><h1>
New password:</h1></td>
<td>
<input name="userpass" type="password" id="userpass" size="32" />
<input type="hidden" name="valuta_sign" value="<?php echo $row_settings['valuta_sign']; ?>" />
<input type="hidden" name="VAT" value="<?php echo $row_settings['VAT']; ?>" />
<input type="hidden" name="company_name" value="<?php echo $row_settings['company_name']; ?>" />
<input type="hidden" name="company_address" value="<?php echo $row_settings['company_address']; ?>" />
<input type="hidden" name="company_zip" value="<?php echo $row_settings['company_zip']; ?>" />
<input type="hidden" name="company_city" value="<?php echo $row_settings['company_city']; ?>" />
<input type="hidden" name="company_tel" value="<?php echo $row_settings['company_tel']; ?>" />
<input type="hidden" name="company_email" value="<?php echo $row_settings['company_email']; ?>" />
<input type="hidden" name="company_bank" value="<?php echo $row_settings['company_bank']; ?>" />
<input type="hidden" name="username" value="<?php echo $row_settings['username']; ?>" />
<input name="id" type="hidden" id="id" value="<?php echo $row_settings['id']; ?>">
<input name="contact_name" type="hidden" id="contact_name" value="<?php echo $row_settings['contact_name']; ?>" /></td>
</tr>
<tr valign="baseline">
<td align="right" nowrap><h1>Confirm password: </h1></td>
<td><input name="userpass2" type="password" id="userpass2" size="32" /></td>
</tr>
<tr valign="baseline">
<td nowrap align="right"> </td>
<td><input type="submit" value="Update password">
</td>
</tr>
</table>
<input type="hidden" name="MM_update" value="form1">
</form>
</td>
</tr>
</table>
</td>
</tr>
</table>
</td>
</tr>
</table>
</body>
</html>
<?php
mysql_free_result($settings);
}
?>