function mySqlUpit($upit, $tip)
{
$konekcija = mysqli_connect("localhost", "root", "", "0007cinevision");
$konekcija->set_charset("utf8");
if (mysqli_connect_errno()) {
printf("Konekcija nije uspela: %s\n", mysqli_connect_error());
exit;
}
$rezultat = mysqli_query($konekcija, $upit);
if (!$rezultat) {
printf("Greska: %s\n", mysqli_error($konekcija));
exit;
}
if ($tip == 0) {
return 0;
}
if ($tip == 1) {
$rez = mysqli_fetch_array($rezultat, MYSQLI_NUM);
$konekcija->close();
} else {
if ($tip == 2) {
$rez = array();
$i = 0;
while (($red = mysqli_fetch_array($rezultat)) != NULL) {
$rez[$i++] = $red;
}
}
}
if (!empty($rez)) {
return $rez;
}
return -1;
}
function login()
{
$link = $this->db_connection();
$pass = $_POST['user_password'];
$user = $_POST['user_name'];
$query = "SELECT password, user_type, name FROM user WHERE user_name='{$user}'";
$result = mysqli_query($link, $query) or die(mysqli_error($link));
if (mysqli_num_rows($result) == 1) {
$result = mysqli_fetch_array($result);
//$hash= password_hash($result[0], PASSWORD_DEFAULT);
//$hash=$result[0];
//echo $hash;
//print_r($result);
// if($result[0]==$pass){
if (password_verify($pass, $result[0])) {
session_start();
$_SESSION['type'] = $result[1];
$_SESSION['name'] = $result[2];
//echo $_SESSION['type'].'<br>'.$_SESSION['name']=$result[2];
header("Location:card.php");
} else {
return $error = TRUE;
}
} else {
return $error = TRUE;
}
}
function get_data($id, $all = false)
{
include 'database.php';
$dbhandle = mysqli_connect($hostname, $username, $password, $database) or die("Unable to connect to MySQL");
$selected = mysqli_select_db($dbhandle, "esp");
if (!$selected) {
die("12 Could not select devices");
}
if ($all) {
$sql = "SELECT *\n\t\t\tFROM devices\n\t\t\tORDER BY esp_location ASC, esp_rx_date DESC, esp_rx_time DESC";
$result = mysqli_query($dbhandle, $sql);
while ($row = mysqli_fetch_array($result)) {
$json_arrays[] = array('status' => $row['esp_status'], 'esp' => $row['esp_id'], 'chan' => $row['esp_chan'], 'zone' => $row['esp_zone'], 'time' => $row['esp_rx_time'], 'date' => $row['esp_rx_date'], 'location' => $row['esp_location'], 'level' => $row['esp_rx_level'], 'tresh' => $row['esp_rx_treshold'], 'batt' => $row['esp_batt'], 'actives' => $row['esp_actives'], 'timenow' => date('H:i:s', time()));
}
mysqli_close($dbhandle);
return $json_arrays;
} else {
if ($id) {
$sql = "SELECT *\n\t\t\tFROM devices\n\t\t\tWHERE esp_id = " . $id . "\n\t\t\tORDER BY esp_rx_date DESC, esp_rx_time DESC";
$result = mysqli_query($dbhandle, $sql);
$row = mysqli_fetch_assoc($result);
$json_array = array('esp' => $row['esp_id'], 'chan' => $row['esp_chan'], 'zone' => $row['esp_zone'], 'time' => $row['esp_rx_time'], 'date' => $row['esp_rx_date'], 'location' => $row['esp_location'], 'level' => $row['esp_rx_level'], 'tresh' => $row['esp_rx_treshold'], 'batt' => $row['esp_batt'], 'actives' => $row['esp_actives'], 'timenow' => date('H:i:s', time()));
} else {
if ($id == 0) {
// grab the last active sensor data //
$sql = "SELECT *\n\t\t\tFROM devices\n\t\t\tORDER BY esp_rx_date DESC, esp_rx_time DESC";
$result = mysqli_query($dbhandle, $sql);
$row = mysqli_fetch_assoc($result);
$json_array = array('esp' => $row['esp_id'], 'chan' => $row['esp_chan'], 'zone' => $row['esp_zone'], 'time' => $row['esp_rx_time'], 'date' => $row['esp_rx_date'], 'location' => $row['esp_location'], 'level' => $row['esp_rx_level'], 'tresh' => $row['esp_rx_treshold'], 'batt' => $row['esp_batt'], 'actives' => $row['esp_actives'], 'timenow' => date('H:i:s', time()));
}
}
}
mysqli_close($dbhandle);
return $json_array;
}
public function getEmpresa($valRef)
{
$linha = mysqli_fetch_array($this->pesquisar($valRef));
$this->empresa->setCodigo($linha["emp_codigo"]);
$this->empresa->setDescricao($linha["emp_descricao"]);
return $this->empresa;
}
function check_login($dbc, $name = '', $password = '')
{
$errors = array();
if (empty($name)) {
$errors[] = 'you forget to input your ID';
} else {
$e = mysqli_real_escape_string($dbc, trim($name));
}
if (empty($password)) {
$errors[] = 'you forget to input your password';
} else {
$p = mysqli_real_escape_string($dbc, trim($password));
}
if (empty($errors)) {
$q = "SELECT name FROM Manager where name= '{$e}' AND Cro = '{$p}'";
$r = mysqli_query($dbc, $q);
if (mysqli_num_rows($r) == 1) {
$row = mysqli_fetch_array($r, MYSQLI_ASSOC);
return array(ture, $row);
} else {
$errors[] = 'your name OR password did not match!';
}
}
return array(false, $errors);
}
function getArraySQL($sql, $DB)
{
//Creamos la conexión con la función anterior
$conexion = connectDB();
mysqli_select_db($conexion, $DB);
//selecciono la base de datos
//generamos la consulta
mysqli_set_charset($conexion, "utf8");
//formato de datos utf8
if (!($result = mysqli_query($conexion, $sql))) {
die;
}
//si la conexión cancelar programa
$rawdata = array();
//creamos un array
//guardamos en un array multidimensional todos los datos de la consulta
$i = 0;
while ($row = mysqli_fetch_array($result)) {
$rawdata[$i] = $row;
$i++;
}
disconnectDB($conexion);
//desconectamos la base de datos
return $rawdata;
//devolvemos el array
}
function selectAuthority($authority)
{
$conn = tools::connectDatabase();
$allData = array();
$employeeID = array();
$result = mysqli_query($conn, "SELECT RoleID,RoleName FROM Roles WHERE {$authority}='1' ");
while ($row = mysqli_fetch_array($result)) {
array_push($allData, array('roleID' => $row['RoleID'], 'roleName' => $row['RoleName']));
}
for ($i = 0; $i < count($allData); $i++) {
$roleID = $allData[$i]["roleID"];
$result = mysqli_query($conn, "SELECT EmployeeID FROM UserRole WHERE RoleID='{$roleID}'");
while ($row = mysqli_fetch_array($result)) {
array_push($employeeID, $row['EmployeeID']);
}
}
$employee = array();
for ($i = 0; $i < count($employeeID); $i++) {
$id = $employeeID[$i];
$result = mysqli_query($conn, "SELECT EmployeeID,EmployeeName,DepartmentID,Title From Employees WHERE EmployeeID='{$id}'");
while ($row = mysqli_fetch_array($result)) {
array_push($employee, $row);
}
}
array_push($allData, $employee);
echo json_encode($allData);
}
function login2($user, $pass)
{
$con = new db();
$conc = $con->c();
$kcook = intval($_POST["remember"]);
$q = mysqli_query($conc, "SELECT `id`,`user`,`name`,`email`,`img1`,`img2`,`img3`,`bgcolor` FROM `users` WHERE (`user` = '{$user}' OR `email` ='{$user}') AND pass = '******'");
if (mysqli_num_rows($q) == 1) {
$r = mysqli_fetch_array($q);
setcookie("u", $r[1], time() + 52 * 60 * 60 * 24 * 7, "/");
$_SESSION["uid"] = $r[0];
$_SESSION["user"] = $r[1];
$_SESSION["name"] = $r[2];
$_SESSION["email"] = $r[3];
$_SESSION["p"] = $pass;
$_SESSION["color"] = $r[7];
$_SESSION["img1"] = $r[4];
$_SESSION["img2"] = $r[5];
$_SESSION["img3"] = $r[6];
$_SESSION["ula"] = md5("{$r['1']} {$pass} {$r['0']}");
$con->close_db_con($conc);
if (!valid_name($_SESSION["user"])) {
$_SESSION["set_user"] = "******";
header("location: ./?settings");
} else {
if ($kcook == 1) {
setcookie("um", $r[1], time() + 52 * 60 * 60 * 24 * 7, "/");
setcookie("pm", $pass, time() + 52 * 60 * 60 * 24 * 7, "/");
}
return true;
}
} else {
return false;
}
}
/** @return Le informazioni del sondaggio tramite un array associativo, dove:
"choices" => array con le scelte, dove:
"id" => id della scelta
"descr" => descrizione della scelta (come inserito dall'utente)
"votes" => numero di voti per questa scelta
"percentage" => percentuale normalizzata (0..1) in relazione al totale dei voti (4 decimali di precisione)
"votes_count" => numero di voti totali
"user_has_voted" => boolean se l'utente corrente ha gia' votato */
function getPollData()
{
global $currentUser;
// Cache
if ($this->poll_data == null) {
$poll_info = unserialize($this->getRaw('poll'));
$choices = array();
$votes_count = 0;
$user_has_voted = false;
foreach ($poll_info as $id => $value) {
// id = numero, value = stringa descrivente la scelta
$choices[] = array("id" => $id, "descr" => $value, "votes" => 0, "percentage" => 0);
}
// Prende i voti dal database
$q = exequery("SELECT user_id, vote FROM forum_poll WHERE topic_id = {$this['id']}");
while ($values = mysqli_fetch_array($q)) {
$choices[$values['vote']]['votes']++;
// perche' indice == id
$votes_count++;
if ($values['user_id'] == $currentUser['id']) {
$user_has_voted = true;
}
}
// Calcola le percentuali
if ($votes_count > 0) {
foreach ($choices as $id => &$values) {
$values['percentage'] = round((double) $values['votes'] / (double) $votes_count, 4);
}
}
$this->poll_data = array("choices" => $choices, "votes_count" => $votes_count, "user_has_voted" => $user_has_voted);
}
return $this->poll_data;
}
function login_check($sql)
{
// Überprüfe, ob alle Session-Variablen gesetzt sind
if (isset($_SESSION['nutzerID'], $_SESSION['name'], $_SESSION['login_string'])) {
$nutzerID = $_SESSION['nutzerID'];
$login_string = $_SESSION['login_string'];
$name = $_SESSION['name'];
// Hole den user-agent string des Benutzers.
$nutzer_browser = $_SERVER['HTTP_USER_AGENT'];
$login_ab = "SELECT * FROM nutzer WHERE nutzerID = '" . $nutzerID . "';";
if ($login_an = mysqli_query($sql, $login_ab)) {
if (mysqli_num_rows($login_an) == 1) {
$login = mysqli_fetch_array($login_an);
$login_check = hash('sha512', $login['passwort'] . $nutzer_browser);
if ($login_check == $login_string) {
// Eingeloggt!!!!
return true;
} else {
// Nicht eingeloggt
return false;
}
} else {
return false;
}
} else {
return false;
}
} else {
return false;
}
}
function buscar($dato)
{
$sql = "select * \r\n\t\t\tfrom ot\r\n\t\t\twhere folio like '%" . $dato . "%' OR nombre like '%" . $dato . "%' OR modelo like '%" . $dato . "%' OR serie like '%" . $dato . "%' ";
$rs = mysqli_query($this->conn, $sql);
$i = 0;
if (mysqli_num_rows($rs) < 1) {
echo "La busqueda no obtuvo resultados.";
} else {
echo "<table border='1' align='center' class='table_' ><thead>\r\n\t\t\t\t\t<th>Folio</th>\r\n\t\t\t\t\t<th>Nombre</th>\r\n\t\t\t\t\t<th>Apellido</th>\r\n\t\t\t\t\t<th>Modelo</th>\r\n\t\t\t\t\t<th>Serie</th>\r\n\t\t\t\t\t<th>descripcion</th>\r\n\t\t\t\t\t<th>Fallas</th>\r\n\t\t\t\t\t<th>Resultado</th>\r\n\t\t\t\t\t<th>Estatus</th>\r\n\t\t\t\t\t<th>Fecha_Reg</th>\r\n\t\t\t\t\t<th>Fecha_Entr</th>\r\n\t\t\t\t\t<th>Comentario</th>\r\n\t\t\t\t</thead><tbody>";
while ($row = mysqli_fetch_array($rs)) {
echo "<tr><td align='center'>" . $row["folio"] . "</td>";
echo "<td align='center'>" . $row["nombre"] . "</td>";
echo "<td align='center'>" . $row["apellido"] . "</td>";
echo "<td align='center'>" . $row["modelo"] . "</td>";
echo "<td align='center'>" . $row["serie"] . "</td>";
echo "<td align='center'>" . $row["des"] . "</td>";
echo "<td align='center'>" . $row["fallas"] . "</td>";
echo "<td align='center'>" . $row["resultado"] . "</td>";
echo "<td align='center'>" . $row["estatus"] . "</td>";
echo "<td align='center'>" . $row["fechae"] . "</td>";
echo "<td align='center'>" . $row["fecha"] . "</td>";
echo '<td align="center">
<a class="fancybox fancybox.iframe" href="index.php?id=' . $row["id"] . '&folio=' . $row["folio"] . '&nombre=' . $row["nombre"] . '&apellido=' . $row["apellido"] . '&telefono=' . $row["telefono"] . ' " >Comentario</a></td>';
$i++;
}
}
echo "</tbody></table>";
}
function onGetMessage($mynumber, $from, $id, $type, $time, $name, $body)
{
$from = chop($from, '@s.whatsapp.net');
$body = strtoupper($body);
$dbservername = "us-cdbr-iron-east-01.cleardb.net";
$dbusername = "******";
$dbpassword = "******";
$dbname = "heroku_3d91432389d0eb8";
$conn = new mysqli($dbservername, $dbusername, $dbpassword, $dbname);
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
$sql = "SELECT * FROM messages WHERE sender = '" . $from . "'";
$result = mysqli_query($conn, $sql);
$lastmessage = mysqli_fetch_array($result, MYSQLI_ASSOC);
if (!$lastmessage) {
$sql = "INSERT INTO messages (sender, time_sent, message, new) VALUES ('" . $from . "', " . $time . ", '" . $body . "', 1)";
if ($conn->query($sql) === TRUE) {
echo "New record created successfully<br/>";
} else {
echo "Error: " . $sql . "<br>" . $conn->error;
}
} else {
$sql = "UPDATE messages SET time_sent='" . $time . "', message='" . $body . "', prev_message='" . $lastmessage['message'] . "', new=1 WHERE sender='" . $from . "'";
if ($conn->query($sql) === TRUE) {
echo "Record updated successfully<br/>";
} else {
echo "Error: " . $sql . "<br>" . $conn->error;
}
}
$conn->close();
}
function player($pid)
{
global $con;
$result = mysqli_query($con, "SELECT * from players Where player_id='{$pid}'") or die(mysqli_error($con));
$row1 = mysqli_fetch_array($result);
return $row1['name'];
}
/**
* Storing new user
* returns user details
*/
public function storeUser($name, $email, $gcm_regid)
{
// insert user into database
$c = new DB_Connect();
$d = $c->connect();
$test = mysqli_query($d, "SELECT * class_details where code='{$email}'");
if ($test) {
$result = mysqli_query($d, "INSERT INTO gcm_users(name, email, gcm_regid, created_at) VALUES('{$name}', '{$email}', '{$gcm_regid}', NOW())");
// check for successful store
if ($result) {
// get user details
$id = mysqli_insert_id();
// last inserted id
$result = mysqli_query($d, "SELECT * FROM gcm_users WHERE id = {$id}") or die(mysql_error());
// return user details
if (mysqli_num_rows($result) > 0) {
return mysqli_fetch_array($result);
} else {
return false;
}
} else {
return false;
}
} else {
return false;
}
}
function validate($dbc, $email = '', $pwd = '')
{
$errors = array();
#Array to store errors.
if (empty($email)) {
$errors[] = 'Enter your email address.';
} else {
$e = mysqli_real_escape_string($dbc, trim($email));
#Escapes any special characters
#to avoid codes being run on the database.
$email = strip_tags($email);
}
if (empty($pwd)) {
$errors[] = 'Enter your password.';
} else {
$p = mysqli_real_escape_string($dbc, trim($pwd));
$pwd = strip_tags($pwd);
}
if (empty($errors)) {
$q = "SELECT customer_id,first_name,last_name\r\n\tFROM customers \r\n\tWHERE email='{$e}'\r\n\tAND password= SHA1('{$p}')";
#Retrieves customer related data
$r = mysqli_query($dbc, $q);
if (mysqli_num_rows($r) == 1) {
$row = mysqli_fetch_array($r, MYSQLI_ASSOC);
return array(true, $row);
} else {
$errors[] = 'Email address and password not found';
}
return array(false, $errors);
}
}
function display_results($num, $r, $lt)
{
// echo "<p>Retrieved $num players.</p>\n";
echo "<h1 style='border: none'>{$lt}</h1>";
// Table header:
echo '<table class="player-tbl" cellspacing="5" cellpadding="5"
width="75%">
<tr class="player-list-heading">
<td align="left"><b>Player Name</b></td>
<td align="left"><b>Years Played</b></td>
<td align="center"><b>Position</b></td>
<td align="left"><b>College</b></td>
</tr>
';
// Fetch and print all the records:
while ($row = mysqli_fetch_array($r, MYSQLI_ASSOC)) {
echo '<tr class="player-list">
<td align="left"><a href="/player/' . urlencode($row['fname']) . '">' . $row['name'] . '</a></td>
<td align="center">' . $row['fs'] . ' - ' . $row['ls'] . '</td>
<td align="center">' . $row['pos'] . '</td>
<td align="left">' . ($row['college'] != NULL ? $row['college'] : "None") . '</td>
</tr>
';
}
echo '</table>';
}
function get_enemy_material($database_connection, $material)
{
// Just in case a material has an apostraphe in it
$material = mysqli_real_escape_string($database_connection, $material);
$result = mysqli_query($database_connection, "SELECT * FROM `Bestiary` WHERE `Bestiary`.`Drops0` ='" . $material . "' \n OR `Bestiary`.`Drops1` ='" . $material . "' \n OR `Bestiary`.`Drops2` ='" . $material . "' \n OR `Bestiary`.`Drops3` ='" . $material . "' \n OR `Bestiary`.`Drops4` ='" . $material . "' \n OR `Bestiary`.`Drops5` ='" . $material . "' \n OR `Bestiary`.`Drops6` ='" . $material . "';");
// Obtain the number of rows from the result of the query
$num_rows = mysqli_num_rows($result);
// Will be storing all the rows in here
// Multidimensional array of form rows[table][row]
$rows = array();
// Get all the rows
for ($i = 0; $i < $num_rows; $i++) {
$rows[$i] = mysqli_fetch_array($result);
}
// Fields that we need
$name = array();
$genus = array();
$type = array();
$continent = array();
$location = array();
$lv = array();
$drops0 = array();
$drops1 = array();
$drops2 = array();
$drops3 = array();
$drops4 = array();
$drops5 = array();
$drops6 = array();
// Fill the arrays with the data from the database
for ($i = 0; $i < $num_rows; $i++) {
$name[$i] = $rows[$i]["Name"];
$genus[$i] = $rows[$i]["Genus"];
$type[$i] = $rows[$i]["Type"];
$continent[$i] = $rows[$i]["Continent"];
$location[$i] = $rows[$i]["Location"];
$lv[$i] = $rows[$i]["Lv"];
$drops0[$i] = $rows[$i]["Drops0"];
$drops1[$i] = $rows[$i]["Drops1"];
$drops2[$i] = $rows[$i]["Drops2"];
$drops3[$i] = $rows[$i]["Drops3"];
$drops4[$i] = $rows[$i]["Drops4"];
$drops5[$i] = $rows[$i]["Drops5"];
$drops6[$i] = $rows[$i]["Drops6"];
}
$data = array();
$data[0] = $name;
$data[1] = $genus;
$data[2] = $type;
$data[3] = $continent;
$data[4] = $location;
$data[5] = $lv;
$data[6] = $drops0;
$data[7] = $drops1;
$data[8] = $drops2;
$data[9] = $drops3;
$data[10] = $drops4;
$data[11] = $drops5;
$data[12] = $drops6;
return $data;
}
function check_login($link, $user, $pass)
{
if (!ctype_alnum(str_replace(array('@', '.', '-'), '', $user))) {
return false;
}
$pass = escapeshellcmd($pass);
$result = mysqli_query($link, "SELECT password FROM admin WHERE superadmin='1' AND username='******'");
while ($row = mysqli_fetch_array($result, MYSQL_NUM)) {
$row = "'" . $row[0] . "'";
if (strpos(shell_exec("echo {$pass} | doveadm pw -s SHA512-CRYPT -t {$row}"), "verified") !== false) {
return "admin";
}
}
$result = mysqli_query($link, "SELECT password FROM admin WHERE superadmin='0' AND active='1' AND username='******'");
while ($row = mysqli_fetch_array($result, MYSQL_NUM)) {
$row = "'" . $row[0] . "'";
if (strpos(shell_exec("echo {$pass} | doveadm pw -s SHA512-CRYPT -t {$row}"), "verified") !== false) {
return "domainadmin";
}
}
$result = mysqli_query($link, "SELECT password FROM mailbox WHERE active='1' AND username='******'");
while ($row = mysqli_fetch_array($result, MYSQL_NUM)) {
$row = "'" . $row[0] . "'";
if (strpos(shell_exec("echo {$pass} | doveadm pw -s SHA512-CRYPT -t {$row}"), "verified") !== false) {
return "user";
}
}
session_unset();
session_destroy();
session_write_close();
setcookie(session_name(), '', 0, '/');
sleep(1);
return false;
}
function team($abbr)
{
global $con;
$result = mysqli_query($con, "SELECT * from teamnames Where abbr='{$abbr}'") or die(mysqli_error($con));
$row1 = mysqli_fetch_array($result);
return $row1['name'];
}
function userLogin($email, $password)
{
$this->checkUserLogin($email, $password);
$sql = "SELECT username, email, password, name, surname, gender FROM user WHERE email = '{$this->email}'";
$result = $this->con->query($sql);
while ($row = mysqli_fetch_array($result)) {
$this->hash = $row['password'];
$this->username = $row['username'];
$this->name = $row['name'];
$this->surname = $row['surname'];
$this->gender = $row['gender'];
$this->password = $password;
}
if (!password_verify($this->password, $this->hash)) {
echo '<div class="alert alert-danger">Nepareizs lietotājvārds vai parole!</div>';
echo $this->email;
echo $this->password;
echo $this->hash;
} else {
//header("location:sakums.php");
session_start();
$_SESSION['username'] = $this->username;
$_SESSION['name'] = $this->name;
$_SESSION['surname'] = $this->surname;
$_SESSION['gender'] = $this->gender;
}
}
function allUsersMadeChoice($eventId)
{
global $connection;
//Get the event_date_ids that are associated with the user_choices.
$qry = "SELECT \n\t\t\t\t\tevent_date.id as event_date_id,\n\t\t\t\t\tevent_date.event_id\n\t\t\t\tFROM \n\t\t\t\t\tevent_date\n\t\t\t\tWHERE \n\t\t\t\t\tevent_date.event_id = '" . mysqli_real_escape_string($connection, $eventId) . "'";
if ($result = mysqli_query($connection, $qry)) {
$eventDateIds = array();
while ($row = mysqli_fetch_array($result)) {
//Save the event date ids
$eventDateIds[] = $row['event_date_id'];
}
if (count($eventDateIds) > 0) {
//Create a string from the array of IDS so we can use SQL's IN statement. WHERE id IN (1, 2, 3) etc.
$eventDateString = '';
foreach ($eventDateIds as $id) {
$eventDateString .= $id . ', ';
}
$eventDateString = substr($eventDateString, 0, -2);
$getChoices = "SELECT * FROM date_userchoice WHERE event_date_id IN(" . $eventDateString . ") AND choice = 0";
if ($result = mysqli_query($connection, $getChoices)) {
$count = mysqli_num_rows($result);
//If the count is = 0 it means that all choices are not 0(0 means no choice made)
if ($count == 0) {
return true;
}
}
}
}
return false;
}
public static function get_sources($arr = array())
{
global $config_q;
/*
if (isset($arr["current_page"]))
{
$limit_start = ($arr["current_page"]-1)*$config_q["quotes_on_page"];
$limit = "LIMIT ".(($arr["current_page"]-1)*$config_q["quotes_on_page"]).",".$config_q["quotes_on_page"];
}
if (isset($arr["char"]))
{
$s_where = "WHERE author_lastname_".$config_q["locale"]." LIKE '".$arr["char"]."%' ";
}
*/
if ($arr["has_alias"]) {
$s_where = " WHERE url_friendly_name_" . $config_q["locale"] . " IS NOT NULL ";
}
if (strlen($s_where) > 0) {
$s_where .= "\n\t\t\t\tAND\n\t\t\t\t\t" . $config_q["db"]["prefix"] . "sources.id = " . $config_q["db"]["prefix"] . "quotes.source_id\n\t\t\t\tAND\n\t\t\t\t\tactive = 1\n\t\t\t\tAND\n\t\t\t\t\tlang = '" . $config_q["locale"] . "' ";
} else {
$s_where .= "\n\t\t\t\tWHERE\n\t\t\t\t\t" . $config_q["db"]["prefix"] . "sources.id = " . $config_q["db"]["prefix"] . "quotes.source_id\n\t\t\t\tAND\n\t\t\t\t\tactive = 1\n\t\t\t\tAND\n\t\t\t\t\tlang = '" . $config_q["locale"] . "' ";
}
$a_out = array();
$q = "\n\t\t\tSELECT\n\t\t\t\tDISTINCT\n\t\t\t\tname_" . $config_q["locale"] . " AS name,\n\t\t\t\turl_friendly_name_" . $config_q["locale"] . " AS url_friendly_name\n\t\t\tFROM\n\t\t\t\t" . $config_q["db"]["prefix"] . "sources,\n\t\t\t\t" . $config_q["db"]["prefix"] . "quotes\n\t\t\t{$s_where}\n\t\t\torder by\n\t\t\t\tname_" . $config_q["locale"] . " asc\n\t\t\t{$limit};\n\t\t";
$r = q($q);
$a_out = array();
while ($row = mysqli_fetch_array($r, MYSQL_ASSOC)) {
$a_out[] = $row;
}
return $a_out;
}
function venda($conn, $idUsuario, $idCliente)
{
$data = date('Y-m-d h:m:s');
$statusVenda = '1';
/*
statusVenda (0) = cancelada
statusVenda (1) = aberda
statusVenda (2) = concluida
*/
$sqlVenda = "SELECT * FROM venda WHERE id_usuario='{$idUsuario}' AND id_cliente='{$idCliente}'";
//
$sVenda = mysqli_query($conn, $sqlVenda);
if (!mysqli_num_rows($sVenda)) {
/* Verificando a existencia dessa venda, relacao funcionario cliente */
$insert_pedido = "INSERT INTO venda (id_usuario, data, id_cliente, statusVenda) VALUE\n ('{$idUsuario}', '{$data}', '{$idCliente}', '{$statusVenda}')";
mysqli_query($conn, $insert_pedido);
$idVenda = mysqli_insert_id($conn);
/* ID referente a esta venda */
} else {
/* --- Encontrar o id relacionado a essa venda */
$sql = "SELECT idVenda FROM venda WHERE id_cliente='{$idCliente}' AND id_usuario='{$idUsuario}'";
$query = mysqli_query($conn, $sql);
$getId = mysqli_fetch_array($query);
$idVenda = $getId['idVenda'];
}
return $idVenda;
}
function RecupereNotices(&$tab_data, $entetes)
{
$jour = 0;
while (isset($entetes['entete'][$jour])) {
//$timestamp = RecupereTimestampJour($jour);
$timestamp = RecupereTimestampJour_CDT2($jour);
//$timestamp-=3600;
//echo "jour = ".$jour."<br/>";
//echo strftime("%S %M %H %d %b %Y", 1288825200 )."<br/>";
//echo strftime("%S %M %H %d %b %Y", $timestamp)."<br/>";
//echo $timestamp."<br/>";
$index_box = 0;
while (isset($tab_data[$jour]['type'][$index_box])) {
$tab_data[$jour]['id_ct'][$index_box] = 0;
if ($tab_data[$jour]['type'][$index_box] == "cours") {
$id_groupe = $tab_data[$jour]['id_groupe'][$index_box];
/*
$sql_request = "SELECT id_ct , date_ct FROM ct_entry WHERE id_groupe = '".$id_groupe."' AND
date_ct = '".$timestamp."'";
*/
$sql_request = "SELECT id_ct , date_ct FROM ct_entry WHERE id_groupe = '" . $id_groupe . "' AND \r\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\tdate_ct >= '" . $timestamp . "' AND \r\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\tdate_ct < '" . ($timestamp + 24 * 3600) . "' ORDER BY date_ct;";
//echo $sql_request."<br/>";
$req = mysqli_query($GLOBALS["mysqli"], $sql_request);
if ($rep = mysqli_fetch_array($req)) {
//echo $rep['id_ct']." ".$rep['date_ct'];
$tab_data[$jour]['id_ct'][$index_box] = $rep['id_ct'];
}
}
$index_box++;
}
$jour++;
}
}
public static function runSyncGroups()
{
$QCDB = WebSync_Database_Core::getQuartzcoreDatabase();
$options = XenForo_Application::get('options');
$userModel = XenForo_Model::create('XenForo_Model_User');
$userFieldModel = XenForo_Model::create('XenForo_Model_UserField');
if ($options->syncGroups) {
$fetchOptions = array('validOnly' => true);
$users = $userModel->getAllUsers($fetchOptions);
foreach ($users as $user) {
$hasUpdated = false;
$coreId = $userFieldModel->getUserFieldValues($user['user_id'])['CoreID'];
$secondaryGroups = $user['secondary_group_ids'];
$groups_raw = file_get_contents($options->restApiUrl . 'group.php?action=getAllGroups');
$groups = json_decode($groups_raw, true);
while ($groupId = mysqli_fetch_array($groups)) {
$group_raw = file_get_contents($options->restApiUrl . 'group.php?action=getGroup&id=' . $groupId);
$group = json_decode($group_raw);
foreach ($userGroups as $userGroup) {
if ($userGroup == $group['site_group_id']) {
$player_raw = file_get_contents($options->restApiUrl . 'player.php?action=updatePlayer&id=' . $coreId . '&primaryGroupID=' . $group['id'] . '&apikey=07af7e75676eab410d1f83937d7afb62');
$player = json_decode($player_raw, true);
$hasUpdated = $player['hasUpdated'];
}
}
}
if ($hasUpdated == false) {
$player_raw = file_get_contents($options->restApiUrl . 'player.php?action=updatePlayer&id=' . $coreId . '&primaryGroupID=2&apikey=07af7e75676eab410d1f83937d7afb62');
$player = json_decode($player_raw, true);
$hasUpdated = $player['hasUpdated'];
}
}
}
}
function login($user, $pass)
{
$con = new db();
$conc = $con->c();
$kcook = intval($_POST["remember"]);
$q = mysqli_query($conc, "SELECT `id`,`user`,`name`,`email`,`img1`,`img2`,`img3`,`bgcolor` FROM `users` WHERE (`user` = '{$user}' OR `email` ='{$user}') AND pass = '******'");
if (mysqli_num_rows($q) == 1) {
$r = mysqli_fetch_array($q);
setcookie("u", $r[1], time() + 52 * 60 * 60 * 24 * 7);
$_SESSION["uid"] = $r[0];
$_SESSION["user"] = $r[1];
$_SESSION["name"] = $r[2];
$_SESSION["email"] = $r[3];
$_SESSION["p"] = $pass;
$_SESSION["color"] = $r[7];
$_SESSION["img1"] = $r[4];
$_SESSION["img2"] = $r[5];
$_SESSION["img3"] = $r[6];
$_SESSION["ula"] = md5("{$r['1']} {$pass} {$r['0']}");
$con->close_db_con($conc);
if ($kcook == 1) {
setcookie("u", $r[1], time() + 2 * 60 * 60 * 24 * 7);
setcookie("p", $pass, time() + 2 * 60 * 60 * 24 * 7);
}
return true;
} else {
return false;
}
}
function displayBookings()
{
$host;
$user;
$pswd;
$dbnm;
$connection = mysqli_connect($host, $user, $pswd, $dbnm) or die('Failed to connect.');
$searchQuery = "SELECT * FROM bookings where status = 'unassigned'";
$result = mysqli_query($connection, $searchQuery);
$xml = new SimpleXMLElement('<xml/>');
if (mysqli_num_rows($result) > 0) {
while ($result_array = mysqli_fetch_array($result)) {
$data = $xml->addChild('search');
$data->addChild('bookingNumber', $result_array['bookingNumber']);
$data->addChild('customerName', $result_array['customerName']);
$data->addChild('pickupAddress', $result_array['pickupAddress']);
$data->addChild('suburb', $result_array['suburb']);
$data->addChild('destination', $result_array['destination']);
$data->addChild('phoneNumber', $result_array['contactPhone']);
$data->addChild('pickUpDate', $result_array['pickUpDate']);
$data->addChild('pickUpTime', $result_array['pickUpTime']);
$data->addChild('bookingDate', $result_array['bookingDate']);
$data->addChild('bookingTime', $result_array['bookingTime']);
}
}
echo $xml->asXML();
}
function viewuser()
{
$ob1 = new connect();
$conn = $ob1->dbcon();
// $sql = "SELECT users.*, groups.group_name FROM users INNER JOIN groups ON users.user_group = groups.group_id WHERE users.deleted ='0' ";
if ($_SESSION['user_type'] != '1') {
// $sql = "SELECT users.* FROM users LEFT OUTER JOIN user_group ON users.user_id = user_group.user_id WHERE users.deleted='0' AND users.user_is_admin <> '1' AND users.user_is_admin <> '2' ";
$sql = "SELECT users.*, owner.user_name AS owner, modi.user_name AS modify FROM users\n\t\t\tLEFT OUTER JOIN user_group ON users.user_id = user_group.user_id\n\t\t\tINNER JOIN users AS owner ON users.user_owner = owner.user_id\n\t\t\tLEFT OUTER JOIN users AS modi ON users.user_modified_by = modi.user_id\n\t\t\t\t\t WHERE users.deleted='0' AND users.user_is_admin <> '1' AND users.user_is_admin <> '2'";
$sql1 = mysqli_query($conn, " SELECT `group_id` FROM `user_group` WHERE `user_id` = '{$_SESSION['user_id']}' AND `user` > '1' ");
while ($row = mysqli_fetch_array($sql1)) {
$groups[] = $row['group_id'];
}
if (isset($groups)) {
// check if user have user view privilages
$ids = join(',', $groups);
// user groups
$sql .= "AND user_group.group_id IN ({$ids}) GROUP BY users.user_id";
} else {
$sql .= "AND user_group.group_id IN ('0')";
// reslut to desplay
}
} elseif ($_SESSION['user_type'] == '1') {
// $sql="SELECT users.* FROM users WHERE deleted = '0'";
$sql = "SELECT users.*, owner.user_name AS owner, modi.user_name AS modify FROM users\n\t\t\tLEFT OUTER JOIN user_group ON users.user_id = user_group.user_id\n\t\t\tINNER JOIN users AS owner ON users.user_owner = owner.user_id\n\t\t\tLEFT OUTER JOIN users AS modi ON users.user_modified_by = modi.user_id\n\t\t\t\t\t WHERE users.deleted='0' GROUP BY users.user_id";
}
// if($_SESSION['user_type']!='1'){
// $sql .= "AND user_is_admin <> '1' AND user_is_admin <> '2' ";
// }
// echo $sql;
return mysqli_query($conn, $sql);
}
function checkExist($name)
{
global $link;
$query = "SELECT COUNT(*) AS cnt FROM twebm WHERE cName = '{$name}'";
$result = $link->query($query) or die(mysqli_error($link));
return mysqli_fetch_array($result, MYSQLI_ASSOC);
}
public function getSales($connect)
{
$db = new db_config();
$data = '';
//$sql = "SELECT * FROM tbl_sales_trans_report WHERE brand_name = '". $brandName ."' ORDER BY transaction_date DESC";
$sql = "SELECT * FROM tbl_sales_trans_report ORDER BY transaction_date DESC";
$result = mysqli_query($connect, $sql);
//$num = $db->numrows($sql);
$counter = 1;
while ($row = mysqli_fetch_array($result)) {
$sales_transaction_id = $row['sales_transaction_id'];
$brand_name = $row['brand_name'];
$subtotal = $row['subtotal'];
$sales_tax_total = $row['sales_tax_total'];
$total_amount = $row['total_amount'];
$transaction_date = $row['transaction_date'];
$new_date = date("d/m/Y h:i:s", strtotime($transaction_date));
$data .= "<tr>";
$data .= "<td class='userEmail'>" . $sales_transaction_id . "</td>";
$data .= "<td class='userName'>" . $new_date . "</td>";
$data .= "<td class='userRole'>" . $subtotal . "</td>";
$data .= "<td class='userRole'>" . $sales_tax_total . "</td>";
$data .= "<td class='userRole'>" . $total_amount . "</td>";
$data .= "</tr>";
}
return $data;
}
