function InsertSalesType($SalesTypeDetails, $user, $password) { $Errors = array(); $db = db($user, $password); if (gettype($db) == 'integer') { $Errors[0] = NoAuthorisation; return $Errors; } $FieldNames = ''; $FieldValues = ''; foreach ($SalesTypeDetails as $key => $value) { $FieldNames .= $key . ', '; $FieldValues .= '"' . $value . '", '; } $sql = 'INSERT INTO salestypes (' . substr($FieldNames, 0, -2) . ') ' . 'VALUES (' . substr($FieldValues, 0, -2) . ') '; if (sizeof($Errors) == 0) { $result = DB_Query($sql, $db); if (DB_error_no($db) != 0) { $Errors[0] = DatabaseUpdateFailed; } else { $Errors[0] = 0; } } return $Errors; }
function InsertGLAccountSection($AccountSectionDetails, $user, $password) { $Errors = array(); $db = db($user, $password); if (gettype($db) == 'integer') { $Errors[0] = NoAuthorisation; return $Errors; } foreach ($AccountSectionDetails as $key => $value) { $AccountSectionDetails[$key] = DB_escape_string($value); } $Errors = VerifyAccountSection($AccountSectionDetails['sectionname'], sizeof($Errors), $Errors, $db); if (isset($AccountSectionDetails['accountname'])) { $Errors = VerifySectionName($AccountSectionDetails['sectionname'], sizeof($Errors), $Errors); } $FieldNames = ''; $FieldValues = ''; foreach ($AccountSectionDetails as $key => $value) { $FieldNames .= $key . ', '; $FieldValues .= '"' . $value . '", '; } if (sizeof($Errors) == 0) { $sql = "INSERT INTO accountsection ('" . mb_substr($FieldNames, 0, -2) . "')\n\t\t\t\t\tVALUES ('" . mb_substr($FieldValues, 0, -2) . "')"; $result = DB_Query($sql, $db); if (DB_error_no($db) != 0) { $Errors[0] = DatabaseUpdateFailed; } else { $Errors[0] = 0; } } return $Errors; }
function InsertGLAccount($AccountDetails, $user, $password) { $Errors = array(); $db = db($user, $password); if (gettype($db) == 'integer') { $Errors[0] = NoAuthorisation; return $Errors; } foreach ($AccountDetails as $key => $value) { $AccountDetails[$key] = DB_escape_string($value); } $Errors = VerifyAccountCode($AccountDetails['accountcode'], sizeof($Errors), $Errors, $db); if (isset($AccountDetails['accountname'])) { $Errors = VerifyAccountName($AccountDetails['accountname'], sizeof($Errors), $Errors); } $Errors = VerifyAccountGroupExists($AccountDetails['group_'], sizeof($Errors), $Errors, $db); $FieldNames = ''; $FieldValues = ''; foreach ($AccountDetails as $key => $value) { $FieldNames .= $key . ', '; $FieldValues .= '"' . $value . '", '; } if (sizeof($Errors) == 0) { $sql = "INSERT INTO chartmaster (" . mb_substr($FieldNames, 0, -2) . ") " . "VALUES ('" . mb_substr($FieldValues, 0, -2) . "') "; $result = DB_Query($sql, $db); $sql = "INSERT INTO chartdetails (accountcode,\n\t\t\t\t\t\t\tperiod)\n\t\t\t\tSELECT " . $AccountDetails['accountcode'] . ",\n\t\t\t\t\tperiodno\n\t\t\t\tFROM periods"; $result = DB_query($sql, $db, '', '', '', false); if (DB_error_no($db) != 0) { $Errors[0] = DatabaseUpdateFailed; } else { $Errors[0] = 0; } } return $Errors; }
function InsertSalesArea($AreaDetails, $User, $Password) { $Errors = array(); $db = db($User, $Password); if (gettype($db) == 'integer') { $Errors[0] = NoAuthorisation; return $Errors; } $Errors = VerifyAreaCodeDoesntExist($AreaDetails['areacode'], 0, $Errors, $db); if (sizeof($Errors > 0)) { // return $Errors; } $FieldNames = ''; $FieldValues = ''; foreach ($AreaDetails as $key => $value) { $FieldNames .= $key . ', '; $FieldValues .= '"' . $value . '", '; } $sql = 'INSERT INTO areas (' . mb_substr($FieldNames, 0, -2) . ")\n\t\t\t\tVALUES ('" . mb_substr($FieldValues, 0, -2) . "') "; if (sizeof($Errors) == 0) { $result = DB_Query($sql, $db); if (DB_error_no() != 0) { $Errors[0] = DatabaseUpdateFailed; } else { $Errors[0] = 0; } } return $Errors; }
function InsertGLAccountGroup($AccountGroupDetails, $user, $password) { $Errors = array(); $db = db($user, $password); if (gettype($db) == 'integer') { $Errors[0] = NoAuthorisation; return $Errors; } foreach ($AccountGroupDetails as $key => $value) { $AccountGroupDetails[$key] = DB_escape_string($value); } $Errors = VerifyAccountGroup($AccountGroupDetails['groupname'], sizeof($Errors), $Errors, $db); $Errors = VerifyAccountSectionExists($AccountGroupDetails['sectioninaccounts'], sizeof($Errors), $Errors, $db); if (isset($AccountGroupDetails['pandl'])) { $Errors = VerifyPandL($AccountGroupDetails['pandl'], sizeof($Errors), $Errors); } $Errors = VerifyParentGroupExists($AccountGroupDetails['parentgroupname'], sizeof($Errors), $Errors, $db); $FieldNames = ''; $FieldValues = ''; foreach ($AccountGroupDetails as $key => $value) { $FieldNames .= $key . ', '; $FieldValues .= '"' . $value . '", '; } if (sizeof($Errors) == 0) { $sql = 'INSERT INTO accountgroups (' . substr($FieldNames, 0, -2) . ') ' . 'VALUES (' . substr($FieldValues, 0, -2) . ') '; $result = DB_Query($sql, $db); if (DB_error_no($db) != 0) { $Errors[0] = DatabaseUpdateFailed; } else { $Errors[0] = 0; } } return $Errors; }
function generatenexlistFieldHTML($did, $row) { global $_CONF, $_TABLES; $p = new Template($_CONF['path_layout'] . 'nexlist'); $p->set_file(array('fields' => 'definition_fields.thtml', 'field_rec' => 'definition_field_record.thtml')); $p->set_var('definition_id', $did); $p->set_var('rowid', $row); $sql = "SELECT * FROM {$_TABLES['nexlistfields']} WHERE lid='{$did}' ORDER BY id"; $FLD_query = DB_Query($sql); $numfields = DB_numrows($FLD_query); if ($numfields > 0) { $j = 1; $p->set_var('show_fields', ''); while ($FLD = DB_fetchArray($FLD_query, false)) { $edit_link = " [<a href=\"#\" onClick='editListField({$row},{$j});'>Edit</a> ]"; $del_link = " [<a href=\"#\" onClick='ajaxUpdateDefinition(\"deleteField\",{$row},{$j});'\">Delete</a> ]"; $p->set_var('field_recid', $FLD['id']); $p->set_var('field_name', $FLD['fieldname']); $p->set_var('field_value', $FLD['value_by_function']); $p->set_var('field_width', $FLD['width']); $p->set_var('field_id', $j); $p->set_var('edit_link', $edit_link); $p->set_var('delete_link', $del_link); if ($FLD['predefined_function'] == 1) { $checked = 'CHECKED'; $display_ftext = 'none'; $display_fddown = ''; $p->set_var('function_dropdown_options', nexlist_getCustomListFunctionOptions($FLD['value_by_function'])); } else { $checked = ''; $display_ftext = ''; $display_fddown = 'none'; $p->set_var('function_dropdown_options', nexlist_getCustomListFunctionOptions()); } $p->set_var('checked', $checked); $p->set_var('display_ftext', $display_ftext); $p->set_var('display_fddown', $display_fddown); if ($j == 1) { $p->parse('definition_field_records', 'field_rec'); } else { $p->parse('definition_field_records', 'field_rec', true); } $j++; } $p->parse('definition_fields', 'fields'); } else { $p->set_var('show_fields', 'none'); $p->set_var('definition_field_records', ''); } $p->parse('output', 'fields'); $html = $p->finish($p->get_var('output')); $html = htmlentities($html); return $html; }
function DB_GetUsername($id) { $sql = "SELECT name FROM users WHERE id = {$id}"; $result = DB_Query($sql); $name = ""; if ($result) { $row = $result->fetch_assoc(); $name = $row["name"]; } return $name; }
function generateTemplateVariableHTML($rec, $cntr) { global $_TABLES, $_CONF; $p = new Template($_CONF['path_layout'] . 'nexflow/admin'); $p->set_file('variables', 'template_variables.thtml'); $p->set_file('variable_rec', 'template_variable_record.thtml'); $p->set_var('template_id', $rec); $p->set_var('cntr', $cntr); $sql = "SELECT * FROM {$_TABLES['nf_templatevariables']} WHERE nf_templateID='{$rec}' ORDER BY id"; $query = DB_Query($sql); $numrows = DB_numrows($query); if ($numrows > 0) { $j = 1; $p->set_var('show_vars', ''); $p->set_var('vdivid', ''); while ($A = DB_fetchArray($query)) { $edit_link = "[ <a href=\"#\" onClick='ajaxUpdateTemplateVar(\"edit\",{$rec},{$cntr},{$j});'\">Edit</a> ]"; $del_link = "[ <a href=\"#\" onClick='ajaxUpdateTemplateVar(\"delete\",{$rec},{$cntr},{$j});'\">Delete</a> ]"; $p->set_var('variable_name', $A['variableName']); $p->set_var('variable_value', $A['variableValue']); $p->set_var('var_id', $j); $p->set_var('edit_link', $edit_link); $p->set_var('delete_link', $del_link); if ($j == 1) { $p->parse('template_variable_records', 'variable_rec'); } else { $p->parse('template_variable_records', 'variable_rec', true); } $j++; } } else { $p->set_var('show_vars', 'none'); $p->set_var('vdivid', "vars{$cntr}"); $p->set_var('template_variable_records', ''); } $p->parse('output', 'variables'); $html = $p->finish($p->get_var('output')); $html = htmlentities($html); return $html; }
function SEC_checkTokenGeneral($token, $action = 'general', $uid = 0) { global $_USER, $_TABLES, $_DB_dbms; $return = false; // Default to fail. if ($uid == 0) { $uid = $_USER['uid']; } if (trim($token) != '') { $token = COM_applyFilter($token); $sql = "SELECT ((DATE_ADD(created, INTERVAL ttl SECOND) < NOW()) AND ttl > 0) as expired, owner_id, urlfor FROM " . "{$_TABLES['tokens']} WHERE token='" . DB_escapeString($token) . "'"; $tokens = DB_Query($sql); $numberOfTokens = DB_numRows($tokens); if ($numberOfTokens != 1) { if ($numberOfTokens == 0) { COM_errorLog("CheckTokenGeneral: Token failed - no token found in the database"); } else { COM_errorLog("CheckTokenGeneral: Token failed - more than one token found in the database"); } $return = false; // none, or multiple tokens. Both are invalid. (token is unique key...) } else { $tokendata = DB_fetchArray($tokens); /* Check that: * token's user is the current user. * token is not expired. */ if ($uid != $tokendata['owner_id']) { COM_errorLog("CheckTokenGeneral: Token failed - userid does not match token owner id"); $return = false; } else { if ($tokendata['expired']) { $return = false; } else { if ($tokendata['urlfor'] != $action) { COM_errorLog("CheckTokenGeneral: Token failed - token action does not match referer action."); COM_errorLog("Token Action: " . $tokendata['urlfor'] . " - ACTION: " . $action); if (function_exists('bb2_ban')) { bb2_ban($_SERVER['REMOTE_ADDR'], 3); } $return = false; } else { $return = true; // Everything is OK } } } } } else { $return = false; // no token. } return $return; }
if (Is_Error($IsQuery)) { return ERROR | @Trigger_Error(500); } #------------------------------------------------------------------------------- $IsQuery = DB_Query('ALTER TABLE `DomainSchemes` DROP `tmpServerID`'); if (Is_Error($IsQuery)) { return ERROR | @Trigger_Error(500); } #------------------------------------------------------------------------------- #------------------------------------------------------------------------------- $IsQuery = DB_Query('ALTER TABLE `DomainSchemes` ADD KEY `DomainSchemesServerID` (`ServerID`)'); if (Is_Error($IsQuery)) { return ERROR | @Trigger_Error(500); } #------------------------------------------------------------------------------- $IsQuery = DB_Query('ALTER TABLE `DomainSchemes` ADD CONSTRAINT `DomainSchemesServerID` FOREIGN KEY (`ServerID`) REFERENCES `Servers` (`ID`) ON DELETE CASCADE ON UPDATE CASCADE'); if (Is_Error($IsQuery)) { return ERROR | @Trigger_Error(500); } #------------------------------------------------------------------------------- #------------------------------------------------------------------------------- if (Is_Error(DB_Commit($TransactionID))) { return ERROR | @Trigger_Error(500); } #------------------------------------------------------------------------------- #------------------------------------------------------------------------------- $IsFlush = CacheManager::flush(); if (!$IsFlush) { @Trigger_Error(500); } #-------------------------------------------------------------------------------
if ($_GET['b'] == 'form') { print "<center><table cellspacing=\"3\" cellpadding=\"0\"\n"; print "<tr><td align=\"center\" width=\"800\" colspan=\"2\"><h2>Envoi d'un mail</h2></td></tr>\n"; print "<form method=\"post\" action=\"espacereserve.php?p=connexion&w=enseignants&a=mail&b=envoi&mat=" . $_GET['mat'] . "\" >\n"; print "<tr><td align=\"left\"><b> Sujet </b></td><td><input class=\"defaultInput\" name=\"sujet\" size=\"40\"></td></tr>\n"; print "<tr><td colspan=\"2\" align=\"left\" ><b> Contenu</b></td></tr>\n"; print "<tr><td colspan=\"2\" align=\"left\"width=\"800\"><textarea class=\"defaultInput\" rows=\"10\" cols=\"50\" name=\"contenu\"></textarea><br><br></td></tr>\n"; print "<tr><td colspan=\"2\" align=\"left\"width=\"800\"><input class=\"defaultButton\" type=\"submit\" value=\"Envoyer\"\"> - <input class=\"defaultButton\" type=\"reset\" value=\"Annuler\"></td></tr>\n"; print "</form>\n"; print "</table></center>\n"; } /* envoi */ if ($_GET['b'] == 'envoi') { $requeteMail = DB_Query('SELECT Etudiant.email FROM Etudiant, Inscrit, Module, Matiere WHERE (Etudiant.`id-etudiant` = Inscrit.`id-etudiant`) and (Inscrit.`id-diplome` = Module.`id-diplome`) and (Module.`id-module` = Matiere.`id-module`) and (Matiere.`id-matiere` = "' . $_GET['mat'] . '")'); $entete = "FROM : " . $_SESSION['nom'] . " " . $_SESSION['prenom'] . " \n"; while ($tableau = mysql_fetch_array($requeteMail)) { echo $tableau[0]; echo $_POST['sujet']; echo $_POST['contenu']; echo $entete; mail($tableau['email'], $_POST['sujet'], $_POST['contenu'], $entete); } print "<table width=\"800\" cellspacing=\"3\" cellpadding=\"0\">\n"; print "<tr>\n"; print "<td align=\"center\" width=\"800\"><br>Votre mail a ete envoyé à tous les élèves avec succes. Redirection...</td>"; print "</tr>\n"; print "</table>\n";
/* 删除SQL串首尾的空白符 */ $sql = trim($sql); /* 替换表前缀 */ $sql = preg_replace('/((TABLE|INTO|IF EXISTS)\\s+`)welive_/', '${1}' . $tableprefix, $sql); /* 解析查询项 */ $sql = str_replace("\r", '', $sql); $query_items = explode(";\n", $sql); foreach ($query_items as $query_item) { /* 如果查询项为空,则跳过 */ if (!$query_item) { continue; } else { DB_Query($query_item); } } DB_Query("INSERT INTO " . $tableprefix . "admin (aid, type, activated, username, password, email, first, fullname, fullname_en, post, post_en) VALUES (1, 1, 1, '{$username}', '" . md5($password) . "', '{$email}', '" . time() . "', '管理员', 'Admin', '系统管理员', 'Administrator')"); $thisfiledirname = strtolower(substr(str_replace(dirname(dirname(dirname(__FILE__))), '', dirname(dirname(__FILE__))), 1)); $script_name = strtolower($_SERVER['SCRIPT_NAME']); if (strstr($script_name, $thisfiledirname . '/')) { $thiswebsitedir = str_replace(strstr($script_name, $thisfiledirname . '/'), '', $script_name); $SYSDIR = $thiswebsitedir . $thisfiledirname . '/'; } else { $SYSDIR = '/'; } $BaseURL = "http://" . $_SERVER['HTTP_HOST'] . $SYSDIR; $filename = ROOT . "config/settings.php"; $fp = @fopen($filename, 'rb'); $contents = @fread($fp, filesize($filename)); @fclose($fp); $contents = trim($contents); $contents = preg_replace("/[\$]_CFG\\['BaseUrl'\\]\\s*\\=\\s*[\"'].*?[\"'];/is", "\$_CFG['BaseUrl'] = \"{$BaseURL}\";", $contents);
$lID = 1; // Check if new logical Task ID = 0 - not allowed } // lets determine if there are any other tasks in this workflow.. otherwise we have to set the first task bit.. $sql = "SELECT count( * ) FROM {$_TABLES['nf_templatedata']} WHERE nf_templateID = '{$templateID}'"; $fields = 'logicalID, nf_templateID,nf_stepType, nf_handlerId, function, formid, optionalParm, firstTask, taskname, regenerate,reminderInterval'; if (DB_numRows(DB_Query($sql))) { // no rows.. thus first task $sql = "INSERT INTO {$_TABLES['nf_templatedata']} ({$fields}) "; $sql .= "VALUES ('{$lID}','{$templateID}','{$stepID}','{$handlerID}','{$taskFunction}','{$task_formid}','{$optionalParm}',1,'{$taskName}','{$regen}','{$notifyinterval}')"; $result = DB_Query($sql); $taskID = DB_insertID(); } else { $sql = "INSERT INTO {$_TABLES['nf_templatedata']} ({$fields}) "; $sql .= "VALUES ('{$lID}','{$templateID}','{$stepID}','{$handlerID}','{$taskFunction}','{$task_formid}','{$optonalParm}',0,'{$taskName}','{$regen}','{$notifyinterval}')"; $result = DB_Query($sql); $taskID = DB_insertID(); } // echo $sql; } // Update the timestamp - used to sort records if we have duplicates that need to be re-ordered // Assume the latest updated record should have the logical ID entered - in case of new duplicate DB_query("UPDATE {$_TABLES['nf_templatedata']} set last_updated = now() WHERE id='{$taskID}'"); // Check and see if we have any duplicate logical ID's and need to reorder $sql = "SELECT id FROM {$_TABLES['nf_templatedata']} WHERE nf_templateID='{$templateID}' AND logicalID = '{$lID}'"; if (DB_numRows(DB_query($sql)) > 1) { $sql = "SELECT id,logicalID FROM {$_TABLES['nf_templatedata']} WHERE nf_templateID='{$templateID}' "; $sql .= "AND logicalID >= '{$lID}' ORDER BY logicalID ASC, last_updated DESC"; $query = DB_query($sql); $id = $lID; while ($A = DB_fetchArray($query)) {
} // --- if (!isset($content['ISERROR'])) { // Everything was alright, go and check if the entry exists! $result = DB_Query("SELECT FieldID FROM " . DB_FIELDS . " WHERE FieldID = '" . $content['FieldID'] . "'"); $myrow = DB_GetSingleRow($result, true); if (!isset($myrow['FieldID'])) { // Add custom Field now! $sqlquery = "INSERT INTO " . DB_FIELDS . " (FieldID, FieldCaption, FieldDefine, SearchField, FieldAlign, DefaultWidth, FieldType, SearchOnline) \n\t\t\tVALUES (\n\t\t\t\t\t'" . $content['FieldID'] . "', \n\t\t\t\t\t'" . $content['FieldCaption'] . "',\n\t\t\t\t\t'" . $content['FieldDefine'] . "',\n\t\t\t\t\t'" . $content['SearchField'] . "',\n\t\t\t\t\t'" . $content['FieldAlign'] . "', \n\t\t\t\t\t" . $content['DefaultWidth'] . ", \n\t\t\t\t\t" . $content['FieldType'] . ", \n\t\t\t\t\t" . $content['SearchOnline'] . " \n\t\t\t\t\t)"; $result = DB_Query($sqlquery); DB_FreeQuery($result); // Do the final redirect RedirectResult(GetAndReplaceLangStr($content['LN_FIELDS_HASBEENADDED'], DB_StripSlahes($content['FieldCaption'])), "fields.php"); } else { // Edit the Search Entry now! $result = DB_Query("UPDATE " . DB_FIELDS . " SET \n\t\t\t\tFieldCaption = '" . $content['FieldCaption'] . "', \n\t\t\t\tFieldDefine = '" . $content['FieldDefine'] . "', \n\t\t\t\tSearchField = '" . $content['SearchField'] . "', \n\t\t\t\tFieldAlign = '" . $content['FieldAlign'] . "', \n\t\t\t\tDefaultWidth = " . $content['DefaultWidth'] . ", \n\t\t\t\tFieldType = " . $content['FieldType'] . ", \n\t\t\t\tSearchOnline = " . $content['SearchOnline'] . "\n\t\t\t\tWHERE FieldID = '" . $content['FieldID'] . "'"); DB_FreeQuery($result); // Done redirect! RedirectResult(GetAndReplaceLangStr($content['LN_FIELDS_HASBEENEDIT'], DB_StripSlahes($content['FieldCaption'])), "fields.php"); } } } if (!isset($_POST['op']) && !isset($_GET['op'])) { // Default Mode = List Searches $content['LISTFIELDS'] = "true"; // Copy Search array for further modifications $content['FIELDS'] = $fields; $i = 0; // Help counter! foreach ($content['FIELDS'] as &$myField) { // Allow Delete Operation
function ModifyBranch($BranchDetails, $user, $password) { $Errors = array(); $db = db($user, $password); if (gettype($db) == 'integer') { $Errors[0] = NoAuthorisation; return $Errors; } foreach ($BranchDetails as $key => $value) { $BranchDetails[$key] = DB_escape_string($value); } $Errors = VerifyBranchNoExists($BranchDetails['debtorno'], $BranchDetails['branchcode'], sizeof($Errors), $Errors, $db); $Errors = VerifyBranchName($BranchDetails['brname'], sizeof($Errors), $Errors, $db); if (isset($BranchDetails['address1'])) { $Errors = VerifyBranchAddressLine($BranchDetails['address1'], 40, sizeof($Errors), $Errors, $db); } if (isset($BranchDetails['address2'])) { $Errors = VerifyBranchAddressLine($BranchDetails['address2'], 40, sizeof($Errors), $Errors, $db); } if (isset($BranchDetails['address3'])) { $Errors = VerifyBranchAddressLine($BranchDetails['address3'], 40, sizeof($Errors), $Errors, $db); } if (isset($BranchDetails['address4'])) { $Errors = VerifyBranchAddressLine($BranchDetails['address4'], 50, sizeof($Errors), $Errors, $db); } if (isset($BranchDetails['address5'])) { $Errors = VerifyBranchAddressLine($BranchDetails['address5'], 20, sizeof($Errors), $Errors, $db); } if (isset($BranchDetails['address6'])) { $Errors = VerifyBranchAddressLine($BranchDetails['address6'], 15, sizeof($Errors), $Errors, $db); } if (isset($BranchDetails['lat'])) { $Errors = VerifyLatitude($BranchDetails['lat'], sizeof($Errors), $Errors); } if (isset($BranchDetails['lng'])) { $Errors = VerifyLongitude($BranchDetails['lng'], sizeof($Errors), $Errors); } if (isset($BranchDetails['estdeliverydays'])) { $Errors = VerifyEstDeliveryDays($BranchDetails['estdeliverydays'], sizeof($Errors), $Errors); } if (isset($BranchDetails['area'])) { $Errors = VerifyAreaCode($BranchDetails['area'], sizeof($Errors), $Errors, $db); } if (isset($BranchDetails['salesman'])) { $Errors = VerifySalesmanCode($BranchDetails['salesman'], sizeof($Errors), $Errors, $db); } if (isset($BranchDetails['fwddate'])) { $Errors = VerifyFwdDate($BranchDetails['fwddate'], sizeof($Errors), $Errors); } if (isset($BranchDetails['phoneno'])) { $Errors = VerifyPhoneNumber($BranchDetails['phoneno'], sizeof($Errors), $Errors); } if (isset($BranchDetails['faxno'])) { $Errors = VerifyFaxNumber($BranchDetails['faxno'], sizeof($Errors), $Errors); } if (isset($BranchDetails['contactname'])) { $Errors = VerifyContactName($BranchDetails['contactname'], sizeof($Errors), $Errors); } if (isset($BranchDetails['email'])) { $Errors = VerifyEmailAddress($BranchDetails['email'], sizeof($Errors), $Errors); } if (isset($BranchDetails['defaultlocation'])) { $Errors = VerifyDefaultLocation($BranchDetails['defaultlocation'], sizeof($Errors), $Errors, $db); } if (isset($BranchDetails['taxgroupid'])) { $Errors = VerifyTaxGroupId($BranchDetails['taxgroupid'], sizeof($Errors), $Errors, $db); } if (isset($BranchDetails['defaultshipvia'])) { $Errors = VerifyDefaultShipVia($BranchDetails['defaultshipvia'], sizeof($Errors), $Errors, $db); } if (isset($BranchDetails['deliverblind'])) { $Errors = VerifyDeliverBlind($BranchDetails['deliverblind'], sizeof($Errors), $Errors); } if (isset($BranchDetails['disabletrans'])) { $Errors = VerifyDisableTrans($BranchDetails['disabletrans'], sizeof($Errors), $Errors); } if (isset($BranchDetails['brpostaddr1'])) { $Errors = VerifyBranchAddressLine($BranchDetails['brpostaddr1'], 40, sizeof($Errors), $Errors, $db); } if (isset($BranchDetails['brpostaddr2'])) { $Errors = VerifyBranchAddressLine($BranchDetails['brpostaddr2'], 40, sizeof($Errors), $Errors, $db); } if (isset($BranchDetails['brpostaddr3'])) { $Errors = VerifyBranchAddressLine($BranchDetails['brpostaddr3'], 30, sizeof($Errors), $Errors, $db); } if (isset($BranchDetails['brpostaddr4'])) { $Errors = VerifyBranchAddressLine($BranchDetails['brpostaddr4'], 20, sizeof($Errors), $Errors, $db); } if (isset($BranchDetails['brpostaddr5'])) { $Errors = VerifyBranchAddressLine($BranchDetails['brpostaddr5'], 20, sizeof($Errors), $Errors, $db); } if (isset($BranchDetails['brpostaddr6'])) { $Errors = VerifyBranchAddressLine($BranchDetails['brpostaddr6'], 15, sizeof($Errors), $Errors, $db); } if (isset($BranchDetails['specialinstructions'])) { $Errors = VerifySpecialInstructions($BranchDetails['specialinstructions'], sizeof($Errors), $Errors); } if (isset($BranchDetails['custbranchcode'])) { $Errors = VerifyCustBranchCode($BranchDetails['custbranchcode'], sizeof($Errors), $Errors); } $FieldNames = ''; $FieldValues = ''; foreach ($BranchDetails as $key => $value) { $FieldNames .= $key . ', '; $FieldValues .= '"' . $value . '", '; } $sql = 'UPDATE custbranch SET '; foreach ($BranchDetails as $key => $value) { $sql .= $key . '="' . $value . '", '; } $sql = mb_substr($sql, 0, -2) . " WHERE debtorno='" . $BranchDetails['debtorno'] . "'\n AND branchcode='" . $BranchDetails['branchcode'] . "'"; if (sizeof($Errors) == 0) { $result = DB_Query($sql, $db); if (DB_error_no() != 0) { $Errors[0] = DatabaseUpdateFailed; } else { $Errors[0] = 0; } } return $Errors; }
function InsertSalesCredit($CreditDetails, $user, $password) { $Errors = array(); $db = db($user, $password); if (gettype($db) == 'integer') { $Errors[0] = NoAuthorisation; return $Errors; } foreach ($CreditDetails as $key => $value) { $CreditDetails[$key] = DB_escape_string($value); } $PartCode = $CreditDetails['partcode']; $Errors = VerifyStockCodeExists($PartCode, sizeof($Errors), $Errors, $db); unset($CreditDetails['partcode']); $SalesArea = $CreditDetails['salesarea']; unset($CreditDetails['salesarea']); $CreditDetails['transno'] = GetNextTransactionNo(11, $db); $CreditDetails['type'] = 10; $Errors = VerifyDebtorExists($CreditDetails['debtorno'], sizeof($Errors), $Errors, $db); $Errors = VerifyBranchNoExists($CreditDetails['debtorno'], $CreditDetails['branchcode'], sizeof($Errors), $Errors, $db); $Errors = VerifyTransNO($CreditDetails['transno'], 10, sizeof($Errors), $Errors, $db); $Errors = VerifyTransactionDate($CreditDetails['trandate'], sizeof($Errors), $Errors, $db); if (isset($CreditDetails['settled'])) { $Errors = VerifySettled($CreditDetails['settled'], sizeof($Errors), $Errors); } if (isset($CreditDetails['reference'])) { $Errors = VerifyReference($CreditDetails['reference'], sizeof($Errors), $Errors); } if (isset($CreditDetails['tpe'])) { $Errors = VerifyTpe($CreditDetails['tpe'], sizeof($Errors), $Errors); } if (isset($CreditDetails['order_'])) { $Errors = VerifyOrderNumber($CreditDetails['order_'], sizeof($Errors), $Errors); } if (isset($CreditDetails['rate'])) { $Errors = VerifyExchangeRate($CreditDetails['rate'], sizeof($Errors), $Errors); } if (isset($CreditDetails['ovamount'])) { $Errors = VerifyOVAmount($CreditDetails['ovamount'], sizeof($Errors), $Errors); } if (isset($CreditDetails['ovgst'])) { $Errors = VerifyOVGst($CreditDetails['ovgst'], sizeof($Errors), $Errors); } if (isset($CreditDetails['ovfreight'])) { $Errors = VerifyOVFreight($CreditDetails['ovfreight'], sizeof($Errors), $Errors); } if (isset($CreditDetails['ovdiscount'])) { $Errors = VerifyOVDiscount($CreditDetails['ovdiscount'], sizeof($Errors), $Errors); } if (isset($CreditDetails['diffonexch'])) { $Errors = VerifyDiffOnExchange($CreditDetails['diffonexch'], sizeof($Errors), $Errors); } if (isset($CreditDetails['alloc'])) { $Errors = VerifyAllocated($CreditDetails['alloc'], sizeof($Errors), $Errors); } if (isset($CreditDetails['invtext'])) { $Errors = VerifyInvoiceText($CreditDetails['invtext'], sizeof($Errors), $Errors); } if (isset($CreditDetails['shipvia'])) { $Errors = VerifyShipVia($CreditDetails['shipvia'], sizeof($Errors), $Errors); } if (isset($CreditDetails['edisent'])) { $Errors = VerifyEdiSent($CreditDetails['edisent'], sizeof($Errors), $Errors); } if (isset($CreditDetails['consignment'])) { $Errors = VerifyConsignment($CreditDetails['consignment'], sizeof($Errors), $Errors); } $FieldNames = ''; $FieldValues = ''; $CreditDetails['trandate'] = ConvertToSQLDate($CreditDetails['trandate']); $CreditDetails['prd'] = GetPeriodFromTransactionDate($CreditDetails['trandate'], sizeof($Errors), $Errors, $db); foreach ($CreditDetails as $key => $value) { $FieldNames .= $key . ', '; $FieldValues .= '"' . $value . '", '; } if (sizeof($Errors) == 0) { $result = DB_Txn_Begin($db); $sql = "INSERT INTO debtortrans (" . mb_substr($FieldNames, 0, -2) . ")\n\t\t\t\t\t\tVALUES ('" . mb_substr($FieldValues, 0, -2) . "') "; $result = DB_Query($sql, $db); $sql = "UPDATE systypes SET typeno='" . GetNextTransactionNo(11, $db) . "' WHERE typeid=10"; $result = DB_Query($sql, $db); $SalesGLCode = GetSalesGLCode($SalesArea, $PartCode, $db); $DebtorsGLCode = GetDebtorsGLCode($db); $sql = "INSERT INTO gltrans VALUES(null,\n\t\t\t\t\t\t\t\t\t\t\t10,\n\t\t\t\t\t\t\t\t\t\t\t'" . GetNextTransactionNo(11, $db) . "',\n\t\t\t\t\t\t\t\t\t\t\t0,\n\t\t\t\t\t\t\t\t\t\t\t'" . $CreditDetails['trandate'] . "',\n\t\t\t\t\t\t\t\t\t\t\t'" . $CreditDetails['prd'] . "',\n\t\t\t\t\t\t\t\t\t\t\t'" . $DebtorsGLCode . "',\n\t\t\t\t\t\t\t\t\t\t\t'" . _('Invoice for') . ' - ' . $CreditDetails['debtorno'] . ' ' . -'Total' . ' - ' . $CreditDetails['ovamount'] . "',\n\t\t\t\t\t\t\t\t\t\t\t'" . $CreditDetails['ovamount'] . "',\n\t\t\t\t\t\t\t\t\t\t\t0,\n\t\t\t\t\t\t\t\t\t\t\t'" . $CreditDetails['jobref'] . "')"; $result = DB_Query($sql, $db); $sql = "INSERT INTO gltrans VALUES(null,\n\t\t\t\t\t\t\t\t\t\t\t10,\n\t\t\t\t\t\t\t\t\t\t\t'" . GetNextTransactionNo(11, $db) . "',\n\t\t\t\t\t\t\t\t\t\t\t0,\n\t\t\t\t\t\t\t\t\t\t\t'" . $CreditDetails['trandate'] . "',\n\t\t\t\t\t\t\t\t\t\t\t'" . $CreditDetails['prd'] . "',\n\t\t\t\t\t\t\t\t\t\t\t'" . $SalesGLCode . "',\n\t\t\t\t\t\t\t\t\t\t\t'" . _('Invoice for') . ' - ' . $CreditDetails['debtorno'] . ' ' . _('Total') . ' - ' . $CreditDetails['ovamount'] . "',\n\t\t\t\t\t\t\t\t\t\t\t'" . -intval($CreditDetails['ovamount']) . "',\n\t\t\t\t\t\t\t\t\t\t\t0,\n\t\t\t\t\t\t\t\t\t\t\t'" . $CreditDetails['jobref'] . "')"; $result = DB_Query($sql, $db); $result = DB_Txn_Commit($db); if (DB_error_no($db) != 0) { $Errors[0] = DatabaseUpdateFailed; } else { $Errors[0] = 0; } return $Errors; } else { return $Errors; } }
} #------------------------------------------------------------------------------- #------------------------------------------------------------------------------- $IsQuery = DB_Query('ALTER TABLE `HostingSchemes` ADD CONSTRAINT `HostingSchemesHardServerID` FOREIGN KEY (`HardServerID`) REFERENCES `Servers` (`ID`) ON DELETE CASCADE ON UPDATE CASCADE'); if (Is_Error($IsQuery)) { return ERROR | @Trigger_Error(500); } #------------------------------------------------------------------------------- #------------------------------------------------------------------------------- $IsQuery = DB_Query('DROP TABLE `HostingServersGroups`'); if (Is_Error($IsQuery)) { return ERROR | @Trigger_Error(500); } #------------------------------------------------------------------------------- #------------------------------------------------------------------------------- $IsQuery = DB_Query('ALTER TABLE `HostingOrders` DROP `ServerID`'); if (Is_Error($IsQuery)) { return ERROR | @Trigger_Error(500); } #------------------------------------------------------------------------------- #------------------------------------------------------------------------------- if (Is_Error(DB_Commit($TransactionID))) { return ERROR | @Trigger_Error(500); } #------------------------------------------------------------------------------- } #------------------------------------------------------------------------------- #------------------------------------------------------------------------------- $IsFlush = CacheManager::flush(); if (!$IsFlush) { @Trigger_Error(500);
// Correct FormUrlAddUrl! $szRediUrl = str_replace("op=addsavedreport", "op=editsavedreport", $content['FormUrlAddOP']); $szRediUrl .= "&savedreportid=" . $lastInsertID; // Redirect to editpage! RedirectResult(GetAndReplaceLangStr($content['LN_REPORTS_HASBEENADDED'], DB_StripSlahes($content['customTitle'])), "reports.php" . $szRediUrl); } } else { if (strpos($_POST['op'], "editsavedreport") !== false) { $result = DB_Query("SELECT ID FROM " . DB_SAVEDREPORTS . " WHERE ID = " . $content['SavedReportID']); $myrow = DB_GetSingleRow($result, true); if (!isset($myrow['ID'])) { $content['ISERROR'] = true; $content['ERROR_MSG'] = GetAndReplaceLangStr($content['LN_REPORTS_ERROR_SAVEDREPORTIDNOTFOUND'], $content['SavedReportID']); } else { $sqlquery = "UPDATE " . DB_SAVEDREPORTS . " SET \n\t\t\t\t\t\t\t\t\tsourceid = " . $content['SourceID'] . ", \n\t\t\t\t\t\t\t\t\tcustomTitle = '" . $content['customTitle'] . "', \n\t\t\t\t\t\t\t\t\tcustomComment = '" . $content['customComment'] . "', \n\t\t\t\t\t\t\t\t\tfilterString = '" . $content['filterString'] . "', \n\t\t\t\t\t\t\t\t\tcustomFilters = '" . $content['customFilters'] . "', \n\t\t\t\t\t\t\t\t\toutputFormat = '" . $content['outputFormat'] . "', \n\t\t\t\t\t\t\t\t\toutputTarget = '" . $content['outputTarget'] . "', \n\t\t\t\t\t\t\t\t\toutputTargetDetails = '" . $content['outputTargetDetails'] . "', \n\t\t\t\t\t\t\t\t\tscheduleSettings = '" . $content['scheduleSettings'] . "' \n\t\t\t\t\t\t\t\t\tWHERE ID = " . $content['SavedReportID']; $result = DB_Query($sqlquery); DB_FreeQuery($result); // Done redirect! if (strpos($_POST['op'], "_return") !== false) { RedirectResult(GetAndReplaceLangStr($content['LN_REPORTS_HASBEENEDIT'], DB_StripSlahes($content['customTitle'])), "reports.php"); } else { RedirectResult(GetAndReplaceLangStr($content['LN_REPORTS_HASBEENEDIT'], DB_StripSlahes($content['customTitle'])), "reports.php" . $content['FormUrlAddOP']); } } } } } } else { $content['ISERROR'] = true; $content['ERROR_MSG'] = GetAndReplaceLangStr($content['LN_REPORTS_ERROR_IDNOTFOUND'], $content['ReportID']); }
function GetBatches($StockID, $Location, $user, $password) { $Errors = array(); $db = db($user, $password); if (gettype($db) == 'integer') { $Errors[0] = NoAuthorisation; return $Errors; } $Errors = VerifyStockCodeExists($StockID, sizeof($Errors), $Errors, $db); $Errors = VerifyStockLocation($Location, sizeof($Errors), $Errors, $db); if (sizeof($Errors) != 0) { return $Errors; } $sql = "SELECT stockserialitems.stockid,\n\t\t\t\tloccode,\n\t\t\t\tstockserialitems.serialno as batchno,\n\t\t\t\tquantity,\n\t\t\t\tt.price as itemcost\n\t\t\tFROM stockserialitems JOIN (SELECT stockmoves.stockid,\n\t\t\t\t\t\t\t\t\t\tstockmoves.price,\n\t\t\t\t\t\t\t\t\t\tstockserialmoves.serialno\n\t\t\t\t\t\t\t\t\t\tFROM stockmoves JOIN stockserialmoves\n\t\t\t\t\t\t\t\t\t\tON stockmoves.stkmoveno=stockserialmoves.stockmoveno\n\t\t\t\t\t\t\t\t\t\tWHERE stockmoves.type=25) as t\n\t\t\t\tON stockserialitems.stockid=t.stockid and stockserialitems.serialno=t.serialno\n\t\t\tWHERE stockid='" . $StockID . "' AND loccode='" . $Location . "'"; $result = DB_Query($sql, $db); if (sizeof($Errors) == 0) { $i = 0; while ($myrow = DB_fetch_array($result)) { $answer[$i] = $myrow; $i++; } return $answer; } else { return $Errors; } }
function GetCustomerBranch($DebtorNumber, $BranchCode, $user, $password) { $Errors = array(); $db = db($user, $password); if (gettype($db) == 'integer') { $Errors[0] = NoAuthorisation; return $Errors; } $Errors = VerifyBranchNoExists($DebtorNumber, $BranchCode, sizeof($Errors), $Errors, $db); if (sizeof($Errors) != 0) { return $Errors; } $sql = 'SELECT * FROM custbranch WHERE debtorno="' . $DebtorNumber . '" and branchcode="' . $BranchCode . '"'; $result = DB_Query($sql, $db); if (sizeof($Errors) == 0) { return DB_fetch_array($result); } else { return $Errors; } }
function SearchCustomers($Field, $Criteria, $user, $password) { $Errors = array(); $db = db($user, $password); if (gettype($db) == 'integer') { $Errors[0] = NoAuthorisation; return $Errors; } $sql = "SELECT debtorno\n\t\t\tFROM debtorsmaster\n\t\t\tWHERE " . $Field . " LIKE '%" . $Criteria . "%'"; $result = DB_Query($sql, $db); $DebtorList = array(0); // First element: no errors while ($myrow = DB_fetch_array($result)) { $DebtorList[] = $myrow[0]; } return $DebtorList; }
<?php include "class_include.php"; switch ($_POST['mod']) { case "notice": $message = $_POST['message']; $message = urlencode($message); $sql = DB_Update("setting", array("notice" => $message)); break; case "permission": $off = $_POST["off"]; $sql = DB_Update("setting", array("permission" => $off)); break; } $result = DB_Query($sql, $con); if ($result) { System_messagebox("操作成功!", "success", "/admin"); } else { DB_printerror(DB_Error($con)); }
function movelidup($taskid) { global $_TABLES; //check if there is a lid above this one.. //also take into account if the lid above this one is the first task, this task must replace it as the first task.. $templateid = DB_getItem($_TABLES['nf_templatedata'], 'nf_templateID', "id=" . $taskid); $thisLid = DB_getItem($_TABLES['nf_templatedata'], 'logicalid', "id=" . $taskid); $sql = "SELECT id,logicalID FROM {$_TABLES['nf_templatedata']} WHERE nf_templateID='{$templateid}' AND logicalID < {$thisLid} "; $sql .= "ORDER BY logicalID DESC LIMIT 1"; $query = DB_query($sql); //only perform work if we're not the first task already.. if (DB_numRows($query) > 0) { list($previousID, $previousLID) = DB_fetchArray($query); $sql = "UPDATE {$_TABLES['nf_templatedata']} set logicalID='{$thisLid}' WHERE id='{$previousID}'"; $result = DB_Query($sql); $sql = "UPDATE {$_TABLES['nf_templatedata']} set logicalID='{$previousLID}' WHERE id='{$taskid}'"; $result = DB_Query($sql); if (DB_getItem($_TABLES['nf_templatedata'], 'firstTask', "id=" . $previousID) == 1) { $sql = "UPDATE {$_TABLES['nf_templatedata']} set firstTask=1 WHERE id='{$taskid}'"; $result = DB_Query($sql); $sql = "UPDATE {$_TABLES['nf_templatedata']} set firstTask=0 WHERE id='{$previousID}'"; $result = DB_Query($sql); } } }
function GetStockCatProperty($Property, $StockID, $user, $password) { $Errors = array(); $db = db($user, $password); if (gettype($db) == 'integer') { $Errors[0] = NoAuthorisation; return $Errors; } $sql = "SELECT value FROM stockitemproperties\n\t\t\t\tWHERE stockid='" . $StockID . "'\n\t\t\t\tAND stkcatpropid='" . $Property . "'"; $result = DB_Query($sql, $db); $myrow = DB_fetch_array($result); $Errors[0] = 0; $Errors[1] = $myrow[0]; return $Errors; }
print "</table>\n</center>\n"; } } } } } } else { print "<table width=\"800\" cellpadding=\"0\" cellspacing=\"3\">\n"; print "<tr>\n"; print "<td width=\"800\"><br><br><div id=\"name\">Bienvenue " . $_SESSION['nom'] . " " . $_SESSION['prenom'] . "</div><br><br></td>"; print "</tr>\n"; if (!isset($_GET['a'])) { //un enseignant est connecte if (isset($_SESSION['ensConnecte']) && $_SESSION['ensConnecte']) { print "<tr><td width=\"800\" align=\"right\"><br>< <a href=\"espacereserve.php?p=connexion&w=enseignants&a=logout\">Déconnexion</a> ></td></tr>\n"; $matiereList = DB_Query('SELECT * FROM matiere m, Enseignement e WHERE m.`id-matiere`=e.`id-matiere` and e.`id-enseignant`="' . $_SESSION['id-enseignant'] . '" ORDER BY intitule'); $matiereCount = mysql_num_rows($matiereList); // aucune matiere enseignee pour le moment if ($matiereCount == 0) { print "<tr align=\"center\">\n"; print "<td width=\"600\" align=\"center\"> "; print "Aucune matière enseignée !"; print "</td></tr>\n"; } else { print "<form name=\"formMatiere\" action=\"espacereserve.php?p=connexion&w=enseignants&a=acces\" method=\"post\">\n"; print "<tr align=\"center\">\n"; print "<td width=\"200\"><select class=\"defaultInput\" name=\"matiereListe\">"; for ($i = 0; $i < $matiereCount; $i++) { $fmatiereList = mysql_fetch_array($matiereList); print "<option value=\"{$fmatiereList['id-matiere']}\"> {$fmatiereList['intitule']} </option>\n"; }
$SQLAccExp = "SELECT glaccount,\n\t\t\t\t\t\t\t\t\ttag\n\t\t\t\t\t\t\t\tFROM pcexpenses\n\t\t\t\t\t\t\t\tWHERE codeexpense = '" . $myrow['codeexpense'] . "'"; $ResultAccExp = DB_query($SQLAccExp, $db); $myrowAccExp = DB_fetch_array($ResultAccExp); $AccountTo = $myrowAccExp['glaccount']; $TagTo = $myrowAccExp['tag']; } //get typeno $typeno = GetNextTransNo($type, $db); //build narrative $Narrative = _('PettyCash') . ' - ' . $myrow['tabcode'] . ' - ' . $myrow['codeexpense'] . ' - ' . DB_escape_string($myrow['notes']) . ' - ' . $myrow['receipt']; //insert to gltrans DB_Txn_Begin($db); $sqlFrom = "INSERT INTO `gltrans` (`counterindex`,\n\t\t\t\t\t\t\t\t\t\t\t`type`,\n\t\t\t\t\t\t\t\t\t\t\t`typeno`,\n\t\t\t\t\t\t\t\t\t\t\t`chequeno`,\n\t\t\t\t\t\t\t\t\t\t\t`trandate`,\n\t\t\t\t\t\t\t\t\t\t\t`periodno`,\n\t\t\t\t\t\t\t\t\t\t\t`account`,\n\t\t\t\t\t\t\t\t\t\t\t`narrative`,\n\t\t\t\t\t\t\t\t\t\t\t`amount`,\n\t\t\t\t\t\t\t\t\t\t\t`posted`,\n\t\t\t\t\t\t\t\t\t\t\t`jobref`,\n\t\t\t\t\t\t\t\t\t\t\t`tag`)\n\t\t\t\t\t\t\t\t\tVALUES (NULL,\n\t\t\t\t\t\t\t\t\t\t\t'" . $type . "',\n\t\t\t\t\t\t\t\t\t\t\t'" . $typeno . "',\n\t\t\t\t\t\t\t\t\t\t\t0,\n\t\t\t\t\t\t\t\t\t\t\t'" . $myrow['date'] . "',\n\t\t\t\t\t\t\t\t\t\t\t'" . $PeriodNo . "',\n\t\t\t\t\t\t\t\t\t\t\t'" . $AccountFrom . "',\n\t\t\t\t\t\t\t\t\t\t\t'" . $Narrative . "',\n\t\t\t\t\t\t\t\t\t\t\t'" . -$Amount . "',\n\t\t\t\t\t\t\t\t\t\t\t0,\n\t\t\t\t\t\t\t\t\t\t\t'',\n\t\t\t\t\t\t\t\t\t\t\t'" . $TagTo . "')"; $ResultFrom = DB_Query($sqlFrom, $db, '', '', true); $sqlTo = "INSERT INTO `gltrans` (`counterindex`,\n\t\t\t\t\t\t\t\t\t\t`type`,\n\t\t\t\t\t\t\t\t\t\t`typeno`,\n\t\t\t\t\t\t\t\t\t\t`chequeno`,\n\t\t\t\t\t\t\t\t\t\t`trandate`,\n\t\t\t\t\t\t\t\t\t\t`periodno`,\n\t\t\t\t\t\t\t\t\t\t`account`,\n\t\t\t\t\t\t\t\t\t\t`narrative`,\n\t\t\t\t\t\t\t\t\t\t`amount`,\n\t\t\t\t\t\t\t\t\t\t`posted`,\n\t\t\t\t\t\t\t\t\t\t`jobref`,\n\t\t\t\t\t\t\t\t\t\t`tag`)\n\t\t\t\t\t\t\t\tVALUES (NULL,\n\t\t\t\t\t\t\t\t\t\t'" . $type . "',\n\t\t\t\t\t\t\t\t\t\t'" . $typeno . "',\n\t\t\t\t\t\t\t\t\t\t0,\n\t\t\t\t\t\t\t\t\t\t'" . $myrow['date'] . "',\n\t\t\t\t\t\t\t\t\t\t'" . $PeriodNo . "',\n\t\t\t\t\t\t\t\t\t\t'" . $AccountTo . "',\n\t\t\t\t\t\t\t\t\t\t'" . $Narrative . "',\n\t\t\t\t\t\t\t\t\t\t'" . $Amount . "',\n\t\t\t\t\t\t\t\t\t\t0,\n\t\t\t\t\t\t\t\t\t\t'',\n\t\t\t\t\t\t\t\t\t\t'" . $TagTo . "')"; $ResultTo = DB_Query($sqlTo, $db, '', '', true); if ($myrow['codeexpense'] == 'ASSIGNCASH') { // if it's a cash assignation we need to updated banktrans table as well. $ReceiptTransNo = GetNextTransNo(2, $db); $SQLBank = "INSERT INTO banktrans (transno,\n\t\t\t\t\t\t\t\t\t\t\t\ttype,\n\t\t\t\t\t\t\t\t\t\t\t\tbankact,\n\t\t\t\t\t\t\t\t\t\t\t\tref,\n\t\t\t\t\t\t\t\t\t\t\t\texrate,\n\t\t\t\t\t\t\t\t\t\t\t\tfunctionalexrate,\n\t\t\t\t\t\t\t\t\t\t\t\ttransdate,\n\t\t\t\t\t\t\t\t\t\t\t\tbanktranstype,\n\t\t\t\t\t\t\t\t\t\t\t\tamount,\n\t\t\t\t\t\t\t\t\t\t\t\tcurrcode)\n\t\t\t\t\t\t\t\t\t\tVALUES ('" . $ReceiptTransNo . "',\n\t\t\t\t\t\t\t\t\t\t\t1,\n\t\t\t\t\t\t\t\t\t\t\t'" . $AccountFrom . "',\n\t\t\t\t\t\t\t\t\t\t\t'" . $Narrative . "',\n\t\t\t\t\t\t\t\t\t\t\t1,\n\t\t\t\t\t\t\t\t\t\t\t'" . $myrow['rate'] . "',\n\t\t\t\t\t\t\t\t\t\t\t'" . $myrow['date'] . "',\n\t\t\t\t\t\t\t\t\t\t\t'Cash',\n\t\t\t\t\t\t\t\t\t\t\t'" . -$myrow['amount'] . "',\n\t\t\t\t\t\t\t\t\t\t\t'" . $myrow['currency'] . "'\n\t\t\t\t\t\t\t\t\t\t)"; $ErrMsg = _('Cannot insert a bank transaction because'); $DbgMsg = _('Cannot insert a bank transaction with the SQL'); $resultBank = DB_query($SQLBank, $db, $ErrMsg, $DbgMsg, true); } $sql = "UPDATE pcashdetails\n\t\t\t\t\tSET authorized = '" . Date('Y-m-d') . "',\n\t\t\t\t\tposted = 1\n\t\t\t\t\tWHERE counterindex = '" . $myrow['counterindex'] . "'"; $resultupdate = DB_query($sql, $db, '', '', true); DB_Txn_Commit($db); } if ($k == 1) { echo '<tr class="EvenTableRows">'; $k = 0;
function ModifyPurchData($PurchDataDetails, $user, $password) { $Errors = array(); $db = db($user, $password); if (gettype($db) == 'integer') { $Errors[0] = NoAuthorisation; return $Errors; } foreach ($PurchDataDetails as $key => $value) { $PurchDataDetails[$key] = DB_escape_string($value); } $Errors = VerifyPurchDataLineExists($PurchDataDetails['supplierno'], $PurchDataDetails['stockid'], sizeof($Errors), $Errors, $db); $Errors = VerifyStockCodeExists($PurchDataDetails['stockid'], sizeof($Errors), $Errors, $db); $Errors = VerifySupplierNoExists($PurchDataDetails['supplierno'], sizeof($Errors), $Errors, $db); if (isset($StockItemDetails['price'])) { $Errors = VerifyUnitPrice($PurchDataDetails['price'], sizeof($Errors), $Errors); } if (isset($StockItemDetails['suppliersuom'])) { $Errors = VerifySuppliersUOM($PurchDataDetails['suppliersuom'], sizeof($Errors), $Errors); } if (isset($StockItemDetails['conversionfactor'])) { $Errors = VerifyConversionFactor($PurchDataDetails['conversionfactor'], sizeof($Errors), $Errors); } if (isset($StockItemDetails['supplierdescription'])) { $Errors = VerifySupplierDescription($PurchDataDetails['supplierdescription'], sizeof($Errors), $Errors); } if (isset($StockItemDetails['leadtime'])) { $Errors = VerifyLeadTime($PurchDataDetails['leadtime'], sizeof($Errors), $Errors); } if (isset($StockItemDetails['preferred'])) { $Errors = VerifyPreferredFlag($PurchDataDetails['preferred'], sizeof($Errors), $Errors); } $sql = "UPDATE purchdata SET "; foreach ($PurchDataDetails as $key => $value) { $sql .= $key . "='" . $value . "', "; } $sql = mb_substr($sql, 0, -2) . " WHERE stockid='" . $PurchDataDetails['stockid'] . "'\n\t\t\t\t\t\t\t\tAND supplierno='" . $PurchDataDetails['supplierno'] . "'"; if (sizeof($Errors) == 0) { $result = DB_Query($sql, $db); echo DB_error_no($db); if (DB_error_no($db) != 0) { $Errors[0] = DatabaseUpdateFailed; } else { $Errors[0] = 0; } } return $Errors; }
<?php /* Ensure that all tablse use the utf8_general_cli * character set */ $sql = 'SHOW TABLES'; $result = DB_Query($sql, $db); while ($table = DB_fetch_array($result)) { if (CharacterSet($table[0], $db) != 'utf8_general_ci') { $response = executeSQL('ALTER TABLE ' . $table[0] . ' CONVERT TO CHARACTER SET utf8', $db); if ($response == 0) { OutputResult(_('The character set of') . ' ' . $table[0] . ' ' . _('has been changed to utf8_general_ci'), 'success'); } else { OutputResult(_('The character set of') . ' ' . $table[0] . ' ' . _('could not be changed to utf8_general_ci'), 'error'); } } else { OutputResult(_('The character set of') . ' ' . $table[0] . ' ' . _('is already utf8_general_ci'), 'info'); } } UpdateDBNo(1, $db);
$NewUserID = $MaxUserID['ID']; } #------------------------------------------------------------------------------- foreach ($OldUserIDs as $OldUserID) { $NewUserID++; # меняем ID юзера $IsUpdate = DB_Update('Users', array('ID' => $NewUserID), array('ID' => $OldUserID['ID'])); if (Is_Error($IsUpdate)) { return ERROR | @Trigger_Error(500); } #------------------------------------------------------------------------------- # Events $IsUpdate = DB_Update('Events', array('UserID' => $NewUserID), array('Where' => SPrintF('`UserID` = %u', $OldUserID['ID']))); if (Is_Error($IsUpdate)) { return ERROR | @Trigger_Error(500); } # RequestLog $IsUpdate = DB_Update('RequestLog', array('UserID' => $NewUserID), array('Where' => SPrintF('`UserID` = %u', $OldUserID['ID']))); if (Is_Error($IsUpdate)) { return ERROR | @Trigger_Error(500); } } #------------------------------------------------------------------------------- $MaxID = DB_Query(SPrintF('ALTER TABLE `Users` AUTO_INCREMENT=%u;', $NewUserID + 2)); if (Is_Error($MaxID)) { return ERROR | @Trigger_Error(500); } #------------------------------------------------------------------------------- #------------------------------------------------------------------------------- return TRUE; #-------------------------------------------------------------------------------
function LoadSourcesFromDatabase() { // Needed to make global global $CFG, $content; // --- Create SQL Query // Create Where for USERID if (isset($content['SESSION_LOGGEDIN']) && $content['SESSION_LOGGEDIN']) { $szWhereUser = "******" . DB_SOURCES . "`.userid = " . $content['SESSION_USERID'] . " "; } else { $szWhereUser = ""; } if (isset($content['SESSION_GROUPIDS'])) { $szGroupWhere = " OR `" . DB_SOURCES . "`.groupid IN (" . $content['SESSION_GROUPIDS'] . ")"; } else { $szGroupWhere = ""; } $sqlquery = " SELECT " . DB_SOURCES . ".*, " . DB_USERS . ".username, " . DB_GROUPS . ".groupname " . " FROM `" . DB_SOURCES . "`" . " LEFT OUTER JOIN (`" . DB_USERS . "`) ON (`" . DB_SOURCES . "`.userid=`" . DB_USERS . "`.ID ) " . " LEFT OUTER JOIN (`" . DB_GROUPS . "`) ON (`" . DB_SOURCES . "`.groupid=`" . DB_GROUPS . "`.ID ) " . " WHERE (`" . DB_SOURCES . "`.userid IS NULL AND `" . DB_SOURCES . "`.groupid IS NULL) " . $szWhereUser . $szGroupWhere . " ORDER BY `" . DB_SOURCES . "`.userid, `" . DB_SOURCES . "`.groupid, `" . DB_SOURCES . "`.Name"; // --- // Get Sources from DB now! $result = DB_Query($sqlquery); $myrows = DB_GetAllRows($result, true); if (isset($myrows) && count($myrows) > 0) { // Overwrite existing Sources array unset($CFG['Sources']); // Append to Source Array foreach ($myrows as &$mySource) { // Append to Source Array $CFG['Sources'][$mySource['ID']] = $mySource; //['ID']; } // Copy to content array! $content['Sources'] = $CFG['Sources']; } }