0xV3NOMx
Linux ip-172-26-7-228 5.4.0-1103-aws #111~18.04.1-Ubuntu SMP Tue May 23 20:04:10 UTC 2023 x86_64

Your IP : 18.117.101.250

Current Path : /var/www/misc/public_html/oums_old/phpscript/
Upload File :
Current File : /var/www/misc/public_html/oums_old/phpscript/user_password.php

<?php
	include("sys_session.php");
	include("sys_connect.php");	
	$load_data=$_POST["load_data"];

	$resp_mesg="";
	$resp_stat="";
	$resp_file="";

	if($load_data=='dept_data')
	{
		if($type_id=='ADMIN')
		{
			$mysql="select * from masdept where fdeleted<>'T' order by fdeptcode";
		}		
		elseif($type_id=='CHIEF')
		{
			$mysql="select * from masdept where fdeptstat='T' and fdepthead='$empl_id' order by fdeptname";
		}		
		else
		{
			$mysql="select * from masdept where fdeptcode='$dept_id' and ifnull(fdeleted,'F')='F' order by fdeptcode";
		}
		$myres=mysqli_query($mycon,$mysql);
		if(mysqli_num_rows($myres)>1)
		{
			echo "<option value=0>--Select--</option>";
		}
		while($row = mysqli_fetch_assoc($myres))
		{
			echo "<option value='$row[fdeptcode]'>$row[fdeptname]</option>";
		}
	}

	if($load_data=='user_data')
	{
		$dept_code=$_POST["dept_code"];	

		if($type_id=='ADMIN')
		{
			$mysql="select * from masempl where fdeptcode='$dept_code' and ifnull(fusercode,'')<>'' and ifnull(femplstat,'F')='T' and ifnull(fdeleted,'F')='F' order by femplname";
		}
		elseif($type_id=='CHIEF')
		{
			$mysql="select * from masempl where fdeptcode='$dept_code' and ifnull(fusercode,'')<>'' and ifnull(femplstat,'F')='T' and ifnull(fdeleted,'F')='F' order by femplname";
		}
		else
		{
			$mysql="select * from masempl where femplcode='$empl_id'   and ifnull(fusercode,'')<>'' and ifnull(femplstat,'F')='T' and ifnull(fdeleted,'F')='F' order by femplname";
		}

		$myres=mysqli_query($mycon,$mysql);
		if(mysqli_num_rows($myres)>1)
		{
			echo "<option value=0>--Select--</option>";
		}
		while($row = mysqli_fetch_assoc($myres))
		{
			echo "<option value='$row[fusercode]'>$row[femplname]</option>";
		}
	}	

	if($load_data=="save_data")
	{
		$user_code=$_POST['user_code'];	
		$pswd_curr=$_POST['pswd_curr'];	
		$pswd_new2=$_POST['pswd_new2'];	
		
		if($pswd_new2=='')
		{
			$resp_stat="F";			
			$resp_mesg="New password cannot be blank!";						
		}

		$mysql="select * from masempl where fusercode='$user_code' and fpassword='$pswd_curr'";
		$myres=mysqli_query($mycon,$mysql);
		if(mysqli_num_rows($myres)==0)
		{
			$resp_mesg="Current password is incorrect!";			
			$resp_stat="F";
		}
		else
		{
			$mysql="update masempl set fpassword='$pswd_new2' where fusercode='$user_code'";
			$myres=mysqli_query($mycon,$mysql);
					
			$mysql="insert into sys_logs_user (fdeptcode,flogstype,fusercode,flogsdate,flogsipad,flogsmcad,fremarks,fdeleted) values('$dept_id','PASS','$user_id',now(),'$useripad','$usermcad','USER PASSWORD CHANGED FOR $user_code','F')";
			$myres=mysqli_query($mycon,$mysql);									
	
			$resp_stat="T";
			$resp_mesg="Password changed successfully!";
		}
		echo json_encode(array("mesg"=>$resp_mesg, "stat"=>$resp_stat, "file"=>$resp_file));				
	}

	if($load_data=="rset_data")
	{
		$user_code=$_POST['user_code'];	
		$pswd_new2=$_POST['pswd_new2'];	
		
		$mysql="update masempl set fpassword='$pswd_new2' where fusercode='$user_code'";
		$myres=mysqli_query($mycon,$mysql);
				
		$mysql="insert into sys_logs_user (fdeptcode,flogstype,fusercode,flogsdate,flogsipad,flogsmcad,fremarks,fdeleted) values('$dept_id','PASS','$user_id',now(),'$useripad','$usermcad','USER PASSWORD RESET FOR $user_code','F')";
		$myres=mysqli_query($mycon,$mysql);									

		$resp_stat="T";
		$resp_mesg="Password reset successfully!";
		echo json_encode(array("mesg"=>$resp_mesg, "stat"=>$resp_stat, "file"=>$resp_file));				
	}	
?>