function SaveCompanyTemplates($company_id, $templates)
{
foreach ($templates as $key => $template) {
$escaped_template = EscapeString($template);
ExecuteQuery("UPDATE\n\t\t\t\t\tcompany_templates\n\t\t\t\tSET \n\t\t\t\t\tcopy = '{$escaped_template}'\n\t\t\t\tWHERE\n\t\t\t\t\tcompany_id = {$company_id}\n\t\t\t\t\tAND id = {$key}");
}
}
static function EscapeString($len, $scheme = null)
{
switch (func_num_args()) {
case 1:
$r = EscapeString($len);
break;
default:
$r = EscapeString($len, $scheme);
}
return $r;
}
public static function getRequest($key, $type, $default = '', $method = '')
{
if ($method == 'post') {
$value = empty($_POST[$key]) || empty($_POST[$key]) && $_POST[$key] != 0 ? $default : $_POST[$key];
} elseif ($method == 'get') {
$value = empty($_GET[$key]) || empty($_GET[$key]) && $_GET[$key] != 0 ? $default : $_GET[$key];
} else {
$value = empty($_REQUEST[$key]) || empty($_REQUEST[$key]) && $_REQUEST[$key] != 0 ? $default : $_REQUEST[$key];
}
if ($type == 'str') {
$value = EscapeString($value);
} elseif ($type == 'int') {
$value = intval($value);
} elseif ($type == 'array') {
$value = is_array($value) ? $value : array();
}
return $value;
}
function intercom_add($message, $to, $from = 0, $duration = 120)
{
$to = idstring($to);
$from = idstring($from);
$duration = idstring($duration);
$message = EscapeString($message);
doquery("INSERT INTO {{table}} (`to`,`from`,`time`,`expires`,`message`) VALUES ('" . $to . "', '" . $from . "', '" . time() . "', '" . (time() + $duration) . "', '" . $message . "');", 'im');
}
function ClearArrays()
{
foreach ($_POST as $key => $value) {
$_POST[$key] = EscapeString($value);
}
foreach ($_GET as $key => $value) {
$_GET[$key] = EscapeString($value);
}
foreach ($_REQUEST as $key => $value) {
$_REQUEST[$key] = EscapeString($value);
}
foreach ($_COOKIE as $key => $value) {
$_COOKIE[$key] = EscapeString($value);
}
}
function GetFieldContent($str, $bakdatatype, $i, $tbstrf)
{
if ($bakdatatype == 1 && !empty($str) && strstr($tbstrf, ',' . $i . ',')) {
$restr = '0x' . bin2hex($str);
} else {
$restr = '\'' . EscapeString($str) . '\'';
}
return $restr;
}
/**
* im.php
*
* @version 1.0
* @copyright 2009 by MadnessRed for XNova Redesigned
*/
if ($user['id'] < 1) {
die("Not logged in");
}
if ($_GET['mode'] == 'post') {
$message = EscapeString(stripslashes(htmlentities($_GET['message'])));
$to = idstring($_GET['to']);
intercom_add($message, $to, $user['id'], 300);
echo "Sent: " . date("H:i:s");
} elseif ($_GET['mode'] == 'close') {
$message = EscapeString(stripslashes(htmlentities($_GET['message'])));
$to = idstring($_GET['to']);
doquery("DELETE FROM {{table}} WHERE `to` = " . $user['id'] . " OR `from` = " . $user['id'] . " ;", 'im');
} else {
//Get messages
$qry = doquery("SELECT * FROM {{table}} WHERE (`to` = " . $user['id'] . " OR `from` = " . $user['id'] . ") AND `expires` > " . time() . " ORDER BY `time` ASC LIMIT 15 ;", 'im');
$likelyids = array($user['id'] => $user['username'], 0 => $lang['System']);
$mess = 0;
while ($row = FetchArray($qry)) {
//1 more message
$mess++;
//Who sent?
if (strlen($likelyids[$row['from']]) > 0) {
$from = $likelyids[$row['from']];
} else {
$from = doquery("SELECT `username` FROM {{table}} WHERE `id` = " . $row['from'] . " LIMIT 1 ", 'users', true);
