function createMainDataElement($plan, $num, $dbConn) { if ($plan['dato_principal_' . $num] != NULL) { $query_dato = sprintf("SELECT * FROM tipoDatosServicios WHERE id_tipoDato=%s", GetSQLValueString($plan['id_tipoDato_principal_' . $num], "int")); $dato = mysql_query($query_dato, $dbConn) or die(mysql_error()); $row_dato = mysql_fetch_assoc($dato); $display = true; $label = ""; if ($row_dato['tipo'] == "boolean") { if ($plan['dato_principal_' . $num] == "1") { $label = $row_dato['label']; } else { $display = false; } } else { if ($row_dato['display_label']) { $label = $plan['dato_principal_' . $num] . " " . $row_dato['label']; } else { $label = $plan['dato_principal_' . $num]; } } if ($display) { echo "<div class='dato'>"; echo "\t<li class='tipo_" . $plan['id_tipoDato_principal_' . $num] . "' value='" . $plan['dato_principal_' . $num] . "'>"; echo $label; echo "\t</li>"; echo "</div>"; } } //if }
public static function ValidateNameExistAndClean($string) { $UserName = new \CmsDev\util\CheckUserName(); $stringValid = $UserName->Fix($string); $SKTDB = \CmsDev\Sql\db_Skt::connect(); $user = $SKTDB->get_row("SELECT username FROM users WHERE username = "******""); if ($user) { return 'exist'; } else { return $stringValid; } }
function record($start_date, $end_date) { global $useradmin; $start = new DateTime($start_date); $end = new DateTime($end_date); $end = $end->modify('+1 day'); $interval = new DateInterval('P1D'); $period = new DatePeriod($start, $interval, $end); //var_dump($period); foreach ($period as $date) { $index_date = $date->format('Y-m-d'); //echo $index_date; $unique_visitors = get_unique_visits($index_date); $visits = get_visits($index_date); $time = get_time($index_date); echo "<br/><br/>" . $index_date . "<br/><br/>"; echo "unique visitors:" . $unique_visitors . "<br/>"; echo "visits:" . $visits . "<br/>"; echo "total time:" . $time . "<br/>"; $selectSQL = "SELECT * FROM visitor_daily_report WHERE report_date='" . $index_date . "'"; if ($row_record = mysql_fetch_assoc(mysql_query_or_die($selectSQL, $useradmin))) { echo "<br/>record already in database!<br/>"; } else { echo "<br/>inserting new record into database!<br/>"; $insertSQL = sprintf("INSERT INTO visitor_daily_report (report_date, visits, unique_visitors, total_time) VALUES(%s, %s, %s, %s)", GetSQLValueString($index_date, "date"), GetSQLValueString($visits, "int"), GetSQLValueString($unique_visitors, "int"), GetSQLValueString($time, "int")); $result = mysql_query_or_die($insertSQL, $useradmin); } } }
function save($user) { global $database_connMain, $connMain; $insertSQL = sprintf("Replace google_auth set email = %s, gender = %s, name = %s, `uid` = %s, link = %s, picture = %s", GetSQLValueString($user['email'], "text"), GetSQLValueString($user['gender'], "text"), GetSQLValueString($user['name'], "text"), GetSQLValueString($user['id'], "text"), GetSQLValueString($user['link'], "text"), GetSQLValueString($user['picture'], "text")); mysql_select_db($database_connMain, $connMain); $Result1 = @mysql_query($insertSQL, $connMain); if (empty($Result1)) { throw new Exception(mysql_error()); } }
function insert_sysid($sysid) { global $useradmin; $selectSQL = "SELECT * FROM sysid_raw_current WHERE sysid={$sysid}"; $get_sysid = mysql_query_or_die($selectSQL, $useradmin); if ($row_get_sysid = mysql_fetch_assoc($get_sysid)) { } else { $insertSQL = sprintf("INSERT INTO sysid_raw_current (sysid) VALUES(%s)", GetSQLValueString($sysid, "int")); $result = mysql_query_or_die($insertSQL, $useradmin); } }
function nombre($iduser) { global $database_conexion, $conexion; mysql_select_db($database_conexion, $conexion); $query_DatosFuncion = sprintf("SELECT user FROM z_users WHERE id=%s", GetSQLValueString($iduser, "int")); $DatosFuncion = mysql_query($query_DatosFuncion, $conexion) or die(mysql_error()); $row_DatosFuncion = mysql_fetch_assoc($DatosFuncion); $totalRows_DatosFuncion = mysql_num_rows($DatosFuncion); return $row_DatosFuncion['user']; mysql_free_result($DatosFuncion); }
private static function setParamsFromFile() { $SKTDB = \CmsDev\Sql\db_Skt::connect(); $query = $SKTDB->get_results("SELECT * FROM language ORDER BY LanguageName ASC"); global $SKT; foreach ($query as $language) { include 'site/' . $language->Prefix . '.php'; $Setparams = $SKTDB->query(\sprintf("UPDATE language Set SiteParams = %s\r\n\t\tWHERE ID = %s", GetSQLValueString(json_encode($SKT), "text"), GetSQLValueString($language->ID, "int"))); //$MessageBox = SKT_INFO\Asistance::get(); //$MessageBox->TipOk('El archivo Language/site/' . $language->Prefix . '.php, fue cargado correctamente.', true); } //self::getParams(); }
public function get_nearby_cities($lat, $lon, $radius = 30, $order = 'distance', $limit = 30) { global $connMainAdodb; $connMainAdodb->Execute("SET NAMES utf8"); $sql = sprintf("select *, (ROUND(\n\tDEGREES(ACOS(SIN(RADIANS(" . GetSQLValueString($lat, 'double') . ")) * SIN(RADIANS(c.latitude)) + COS(RADIANS(" . GetSQLValueString($lat, 'double') . ")) * COS(RADIANS(c.latitude)) * COS(RADIANS(" . GetSQLValueString($lon, 'double') . " -(c.longitude)))))*60*1.1515,2)) as distance from geo_cities as c WHERE (ROUND(\n\tDEGREES(ACOS(SIN(RADIANS(" . GetSQLValueString($lat, 'double') . ")) * SIN(RADIANS(c.latitude)) + COS(RADIANS(" . GetSQLValueString($lat, 'double') . ")) * COS(RADIANS(c.latitude)) * COS(RADIANS(" . GetSQLValueString($lon, 'double') . " -(c.longitude)))))*60*1.1515,2)) <= " . GetSQLValueString($radius, 'int') . " ORDER BY " . $order . " LIMIT " . $limit); $recordSet = $connMainAdodb->CacheExecute(_FUNC_TIME_DAY, $sql); $return = array(); while (!$recordSet->EOF) { $return['city_' . $recordSet->fields['cty_id']] = $recordSet->fields; $recordSet->MoveNext(); } return $return; }
function __construct($user, $SERVER, $POST, $GET) { $SKTDB = \CmsDev\Sql\db_Skt::connect(); $user = $user; $url = !empty($SERVER['HTTPS']) ? "https://" . $SERVER['SERVER_NAME'] . $SERVER['REQUEST_URI'] : "http://" . $SERVER['SERVER_NAME'] . $SERVER['REQUEST_URI']; $previousUrl = isset($SERVER['HTTP_REFERER']) ? $SERVER['HTTP_REFERER'] : '0'; $postData = json_encode($POST); $now = date("Y-m-d H:i:s"); $product = isset($GET['DetailID']) ? $GET['DetailID'] : ''; $search = isset($GET['SearchQuery']) ? $GET['SearchQuery'] : ''; $query = "INSERT INTO userstep" . "(user, previous_page, url_query_string, post_param, date_time, product, search )" . "VALUES (" . GetSQLValueString($user, 'int') . "," . GetSQLValueString($previousUrl, 'text') . "," . GetSQLValueString($url, 'text') . "," . GetSQLValueString($postData, 'text') . "," . GetSQLValueString($now, 'text') . "," . GetSQLValueString($product, 'int') . "," . GetSQLValueString($search, 'text') . ")"; $insert = $SKTDB->query($query); }
private function validateMD5($MD5 = 0) { $SKTDB = SKT_DB::connect(); $user = $SKTDB->get_row("SELECT * FROM users WHERE md5 = " . \GetSQLValueString($MD5, 'text') . ""); if ($user) { $updateSectionImage = mysql_query(sprintf("UPDATE users Set \r\n\t\t\t\t\t\t\tisactive = %s\r\n\t\t\t\t\t\t\tWHERE md5 = %s", GetSQLValueString(1, "int"), GetSQLValueString($MD5, "text"))); return true; } else { $MessageBox = SKT_INFO\Asistance::get(); $MessageBox->TipError('No se pudo validar el usuario.<br>' . $MD5, true); return false; } }
function claveUsuario1() { $usu = GetSQLValueString($_POST["usuario"], "text"); $respuesta = false; $claveUsuario = -1; $conexion = conectaBDSICLAB(); $consulta = sprintf("select * from lbusuarios where usuario=%s limit 1", $usu); $res = mysql_query($consulta); if ($row = mysql_fetch_array($res)) { $respuesta = true; $claveUsuario = $row["claveUsuario"]; } $arrayJSON = array('respuesta' => $respuesta, 'claveUsuario' => $claveUsuario); print json_encode($arrayJSON); }
private static function UserQuery() { $SKTDB = SKT_DB::connect(); $USER_EXIST = \CmsDev\Security\loginIntent::action('validateUser'); if ($USER_EXIST === true) { $user_row = $SKTDB->get_row("SELECT *\r\n FROM users as user, userprofile as profile \r\n WHERE user.md5 = " . \GetSQLValueString($_SESSION['login'], 'text') . " AND profile.IDX = user.id "); if ($user_row) { return $user_row; } else { return false; } } else { return false; } }
function insert_update_ranking($sysid, $ranking) { global $useradmin; $selectSQL = "SELECT sysid FROM listing_ranking WHERE sysid={$sysid}"; $get_sysid = mysql_query_or_die($selectSQL, $useradmin); if ($row_get_sysid = mysql_fetch_assoc($get_sysid)) { echo "<br/>sysid" . $row_get_sysid['sysid'] . "is already in the database<br/>"; $updateSQL = sprintf("UPDATE listing_ranking SET ranking=%s WHERE sysid=%s", GetSQLValueString($ranking, "double"), GetSQLValueString($row_get_sysid['sysid'], "int")); $result = mysql_query_or_die($updateSQL, $useradmin); } else { echo "<br/>{$sysid} is not in the database, inserting new record<br/>"; $insertSQL = sprintf("INSERT INTO listing_ranking (sysid, ranking) VALUES (%s, %s)", GetSQLValueString($sysid, "int"), GetSQLValueString($ranking, "double")); $result = mysql_query_or_die($insertSQL, $useradmin); } }
function get_nearby_cities($lat, $lon, $radius = 30, $order = 'distance', $limit = 30) { global $connMainAdodb; $connMainAdodb->Execute("SET NAMES utf8"); $sql = sprintf("select c.*, co.name as country, s.name as state, (ROUND(\nDEGREES(ACOS(SIN(RADIANS(" . GetSQLValueString($lat, 'double') . ")) * SIN(RADIANS(c.latitude)) + COS(RADIANS(" . GetSQLValueString($lat, 'double') . ")) * COS(RADIANS(c.latitude)) * COS(RADIANS(" . GetSQLValueString($lon, 'double') . " -(c.longitude)))))*60*1.1515,2)) as distance from geo_cities as c LEFT JOIN geo_states as s ON c.sta_id = s.sta_id LEFT JOIN geo_countries as co ON c.con_id = co.con_id WHERE (ROUND(\nDEGREES(ACOS(SIN(RADIANS(" . GetSQLValueString($lat, 'double') . ")) * SIN(RADIANS(c.latitude)) + COS(RADIANS(" . GetSQLValueString($lat, 'double') . ")) * COS(RADIANS(c.latitude)) * COS(RADIANS(" . GetSQLValueString($lon, 'double') . " -(c.longitude)))))*60*1.1515,2)) <= " . GetSQLValueString($radius, 'int') . " ORDER BY " . $order . " LIMIT " . $limit); $recordSet = $connMainAdodb->Execute($sql); $return = array(); $i = 0; while (!$recordSet->EOF) { $return[$i] = $recordSet->fields; $return[$i]['location'] = $recordSet->fields['name'] . ', ' . $recordSet->fields['state'] . ', ' . $recordSet->fields['country']; $i++; $recordSet->MoveNext(); } return $return; }
function loadAd($id_anuncio, $dbConn) { $query_ad = sprintf("SELECT * FROM anuncios where id_anuncio=%s", GetSQLValueString($id_anuncio, "int")); $ad = mysql_query($query_ad, $dbConn) or die(mysql_error()); $row_ad = mysql_fetch_assoc($ad); $totalRows_ad = mysql_num_rows($ad); if ($totalRows_ad > 0) { if ($row_ad['url'] != NULL) { echo "<a href='" . $row_ad['url'] . "' target='_blank'>"; } echo "<img src='uploads/anuncios/" . $row_ad['id_anuncio'] . "/" . $row_ad['imagen'] . "' />"; if ($row_ad['url'] != NULL) { echo "</a>"; } } }
public function findfen($fen = '', $table = 'games') { if (empty($fen)) { return array(0, ''); } global $database_conn, $conn; $colname_rsView = "-1"; if (isset($fen)) { $colname_rsView = $fen; } mysql_select_db($database_conn, $conn); $query_rsView = sprintf("SELECT * FROM {$table} WHERE fen = %s", GetSQLValueString($colname_rsView, "text")); $rsView = mysql_query($query_rsView, $conn) or die(mysql_error()); $row_rsView = mysql_fetch_assoc($rsView); $totalRows_rsView = mysql_num_rows($rsView); return array($totalRows_rsView, $row_rsView); }
function consultaCarrera() { $respuesta = false; $nControl = GetSQLValueString($_POST["nControl"], "text"); $CARNOM = ""; $CALNPE = ""; $conexion = conectaBDSIE(); $consulta = sprintf("select DCARRE.CARNOM, DCALUM.CALNPE from DCARRE INNER JOIN DCALUM ON DCALUM.CARCVE=DCARRE.CARCVE WHERE DCALUM.ALUCTR=%s limit 1", $nControl); $res = mysql_query($consulta); if ($row = mysql_fetch_array($res)) { $respuesta = true; $CARNOM = $row['CARNOM']; $CALNPE = $row['CALNPE']; } $arrayJSON = array('respuesta' => $respuesta, 'CARNOM' => $CARNOM, 'CALNPE' => $CALNPE); print json_encode($arrayJSON); }
function check_and_insert($sysid) { global $useradmin; $selectSQL = "SELECT * FROM listing_album WHERE sysid={$sysid}"; $get_album = mysql_query_or_die($selectSQL, $useradmin); if ($row_get_album = mysql_fetch_assoc($get_album)) { echo '<br/><span style="color:#ff0000">album found in database</span><br/>'; echo '<br/><span style="color:#ff0000">returning' . $row_get_album['album_id'] . ' as album_id</span><br/>'; return $row_get_album['album_id']; } else { $insertSQL = sprintf("INSERT INTO listing_album (sysid) VALUES(%s)", GetSQLValueString($sysid, "int")); $result = mysql_query_or_die($insertSQL, $useradmin); $album_id = mysql_insert_id($useradmin); $updateSQL = sprintf("UPDATE listings SET album_id=%s WHERE sysid=%s", GetSQLValueString($album_id, "int"), GetSQLValueString($sysid, "int")); $result = mysql_query_or_die($updateSQL, $useradmin); return $album_id; } }
function save($user) { global $database_connMain, $connMain; $insertSQL = sprintf("select * from google_auth WHERE `uid` = %s", GetSQLValueString($user['id'], "text")); mysql_select_db($database_connMain, $connMain); $Result1 = mysql_query($insertSQL, $connMain); $rec = mysql_fetch_array($Result1); if (!empty($rec)) { $insertSQL = sprintf("UPDATE google_auth set email = %s, gender = %s, name = %s, `uid` = %s, link = %s, picture = %s WHERE `uid`=%s", GetSQLValueString($user['email'], "text"), GetSQLValueString($user['gender'], "text"), GetSQLValueString($user['name'], "text"), GetSQLValueString($user['id'], "text"), GetSQLValueString($user['link'], "text"), GetSQLValueString($user['picture'], "text"), GetSQLValueString($user['id'], "text")); } else { $insertSQL = sprintf("Insert into google_auth set email = %s, gender = %s, name = %s, `uid` = %s, link = %s, picture = %s", GetSQLValueString($user['email'], "text"), GetSQLValueString($user['gender'], "text"), GetSQLValueString($user['name'], "text"), GetSQLValueString($user['id'], "text"), GetSQLValueString($user['link'], "text"), GetSQLValueString($user['picture'], "text")); } mysql_select_db($database_connMain, $connMain); $Result1 = @mysql_query($insertSQL, $connMain); if (empty($Result1)) { throw new Exception(mysql_error()); } }
protected function functionName() { if (isset($_POST['data']) && $_POST['data'] != '') { $RData = json_decode(\CmsDev\skt_Code::Decode($_POST['data'])); foreach ($RData as $data => $Value) { $CompiledData[$data] = $Value; } foreach ($CompiledData as $Field => $Value) { if (array_key_exists($Field, $this->PurchaseRequestsFields)) { $queryPurchaseRequestsFields .= $Field . ','; } } foreach ($CompiledData as $Field => $Value) { if (array_key_exists($Field, $this->PurchaseRequestsFields)) { $queryPurchaseRequestsValues .= self::DecodeValue(\GetSQLValueString($Value, $this->PurchaseRequestsFields[$Field])) . ','; } } } }
function get_geocode($address, $sysid) { global $useradmin; $selectSQL = "SELECT * FROM listing_geoaddress WHERE sysid=" . $sysid; $get_geocode = mysql_query_or_die($selectSQL, $useradmin); if ($row_get_geocode = mysql_fetch_assoc($get_geocode)) { return $row_get_geocode; } else { $url = "http://maps.google.com/maps/api/geocode/json?sensor=false&address=" . urlencode($address); $resp_json = file_get_contents($url); $resp = json_decode($resp_json, true); if ($resp['status'] = 'OK') { $insertSQL = sprintf("INSERT INTO listing_geoaddress(sysid, lat, lng)VALUES(%s,%s,%s)", GetSQLValueString($sysid, "int"), GetSQLValueString($resp['results'][0]['geometry']['location']['lat'], "double"), GetSQLValueString($resp['results'][0]['geometry']['location']['lng'], "double")); $result = mysql_query_or_die($insertSQL, $useradmin); return $resp['results'][0]['geometry']['location']; } else { return false; } } }
public function GetDataSet() { $SKTDB = SKT_DB::connect(); $USER_EXIST = \CmsDev\Security\loginIntent::action('validateUser'); if ($USER_EXIST === true) { $user_list = $SKTDB->get_row("SELECT *\r\n FROM users as user join userprofile as profile \r\n ON user.md5 = " . \GetSQLValueString($_SESSION['login'], 'int') . "\r\n WHERE user.id = profile.IDX \r\n "); if ($user_list) { $this->user_list = $user_list; $this->UserOk = true; } else { $this->UserOk = false; $MessageBox = SKT_INFO\Asistance::get(); $MessageBox->TipError(\SKT_ADMIN_User_max_attempts . \SKT_ADMIN_User_max_attempts_TXT, true); } } else { $this->UserOk = false; $MessageBox = SKT_INFO\Asistance::get(); $MessageBox->TipError(\SKT_ADMIN_User_max_attempts . \SKT_ADMIN_User_max_attempts_TXT, true); } }
public function set($PositionSelect = null, $SID = null) { if ($PositionSelect !== null && $SID !== null) { $randomID = 'Position' . \md5(\rand(1000, 99999)); $SID = \GetSQLValueString($SID, 'int'); $SKTDB = \CmsDev\Sql\db_Skt::connect(); $total = $SKTDB->get_var("SELECT count(*) FROM " . \DB_PREFIX . "sections WHERE Language = '" . \THIS_LANG . "' AND SID = '{$SID}'"); if (!isset($PositionSelect) or $PositionSelect == null) { $PositionSelect = 0; } elseif ($PositionSelect === 'max') { $PositionSelect = $total + 1; } $this->HTML .= '<input name="Position" id="' . $randomID . '" type="text" value="' . $PositionSelect . '" />'; $this->HTML .= '<script type="text/javascript">'; $this->HTML .= '$("#' . $randomID . '").spinner({step: 1,numberFormat: "n", min: 0, max: ' . ($total + 1) . '});'; //$this->HTML .= 'alert("$total =' . $total . ' y $SID =' . $SID . ' y $PositionSelect =' . $PositionSelect . '");'; $this->HTML .= '</script>'; return $this->HTML; } }
function my_json_encode($arr) { global $tankdb; global $database_tankdb; $arr = $_REQUEST; $method = $arr['method']; if ($method == "add") { $insertSQL = sprintf("INSERT INTO tk_team (tk_team_title, tk_team_parentID) VALUES (%s, %s)", GetSQLValueString($arr['title'], "text"), GetSQLValueString($arr['parentID'], "int")); mysql_select_db($database_tankdb, $tankdb); $result = mysql_query($insertSQL, $tankdb) or die(mysql_error()); $newID = mysql_insert_id(); $dataArray = array('id' => $newID, 'title' => $_POST['title'], 'parentID' => $_POST['parentID']); return utf8_encode(json_encode($dataArray)); } else { if ($method == "edit") { $updateSQL = sprintf("Update tk_team set tk_team_title = %s where pid = %s", GetSQLValueString($arr['title'], "text"), GetSQLValueString($arr['id'], "int")); mysql_select_db($database_tankdb, $tankdb); $result = mysql_query($updateSQL, $tankdb) or die(mysql_error()); $dataArray = array('id' => $arr['id'], 'title' => $arr['title']); return utf8_encode(json_encode($dataArray)); } else { if ($method == "delete") { $deleteID = implode(",", $arr['pids']); $deleteSQL = "delete from tk_team where pid in ({$deleteID})"; mysql_select_db($database_tankdb, $tankdb); $result = mysql_query($deleteSQL, $tankdb) or die(mysql_error()); return null; } else { if ($method == "moveTeam") { $ids = implode(",", $arr['_ids']); $moveTeamSQL = sprintf("update tk_team set tk_team_parentID = %s where pid in ({$ids})", GetSQLValueString($arr['parentID'], "int")); mysql_select_db($database_tankdb, $tankdb); $result = mysql_query($moveTeamSQL, $tankdb) or die(mysql_error()); return null; } } } } }
public static function set($PositionSelect = null, $IDPage = null, $Zone = 0) { if ($PositionSelect !== null && $IDPage !== null) { $rand = rand(2, 654); $Input = '<input name="Position" id="Position" class="Position' . $rand . ' form-control" type="text" value="[val]" />'; $IDPage = \GetSQLValueString($IDPage, 'int'); $Zone = \GetSQLValueString($Zone, 'int'); $HTML = ''; $SKTDB = \CmsDev\Sql\db_Skt::connect(); $total = $SKTDB->get_var("SELECT count(*) FROM " . \DB_PREFIX . "content WHERE IDZone = '" . $Zone . "' AND IDPage = '{$IDPage}'"); if (!isset($PositionSelect) or $PositionSelect == null) { $PositionSelect = 0; } elseif ($PositionSelect === -1) { $PositionSelect = $total + 1; } $HTML .= str_replace('[val]', $PositionSelect, $Input); $HTML .= '<script type="text/javascript">'; $HTML .= '$(".Position' . $rand . '").spinner({step: 1,numberFormat: "n", min: 0, max: ' . ($total + 1) . '});'; $HTML .= '</script>'; return $HTML; } }
public function Render($CC = '', $CCParams = array(), $file = 'Control.php', $location = 0, $CCID = false) { global $SKT; if ($file !== '') { $this->file = $file; } else { } $this->file = isset($file) && $file !== '' ? $file : 'Control.php'; $this->location = isset($location) && $location !== '' ? $location : 0; $SKTDB = SKT_DB::connect(); $this->CC = self::urlResolve($CC); if ($this->location === 0) { $this->location = \SKTPATH_TemplateSite . 'SKT_Controls' . \DS . $CC . \DS . $this->file; } $this->location = self::urlResolve($this->location); if ($CCID !== false) { $contentIDZone = $SKTDB->get_results("SELECT * FROM " . \DB_PREFIX . "content WHERE ID = '" . GetSQLValueString($CCID, "int") . "'"); $query = $SKTDB->get_col_info($info_type = "name", $col_offset = -1); $cols = array(); foreach ($query as $name) { array_push($cols, $name); } foreach ($contentIDZone as $Zone) { $this->TitleZone[$CCID] = \utf8_decode($Zone->Title); $this->CSSZone[$CCID] = \utf8_decode($Zone->css_class); $this->CustomPropertyZone[$CCID] = \utf8_decode($Zone->CustomProperty); } } if (\is_file($this->location)) { include $this->location; } else { if ($SKT['DEBUG'] === 1) { echo '<span style="color:red"><i class="skt-icon-error"></i> "' . $this->CC . '"</span>'; $MessageBox = SKT_INFO\Asistance::get(); $MessageBox->TipError('<i class="skt-icon-frown" style="font-size: 2em; vertical-align: sub;"></i> <b>No se encuentra el control</b>: "' . $CC . '" en ' . \LOCAL_DIR . $this->location, true); } } }
function get_success_happy_drop_down($arg_success_item_id, $arg_share_id) { if (strlen($arg_success_item_id)) { // Gimme rafl happy results $query = "SELECT DISTINCT {$_SESSION['RealS_prefix']}members.mb_firstname, {$_SESSION['RealS_prefix']}members.mb_surmame\r\n\t\t\t\t FROM {$_SESSION['RealS_prefix']}items\r\n\t\t\t\t \tINNER JOIN {$_SESSION['RealS_prefix']}webcells ON {$_SESSION['RealS_prefix']}webcells.webcell_id = {$_SESSION['RealS_prefix']}items.item_webcell\r\n\t\t\t\t \tINNER JOIN {$_SESSION['RealS_prefix']}rafl_res ON {$_SESSION['RealS_prefix']}items.item_id = {$_SESSION['RealS_prefix']}rafl_res.rafl_res_item \r\n\t\t\t\t \tINNER JOIN {$_SESSION['RealS_prefix']}items AS successes ON successes.item_id = {$_SESSION['RealS_prefix']}items.item_parent_item \r\n\t\t\t\t \tINNER JOIN {$_SESSION['RealS_prefix']}items AS tasks ON tasks.item_id = successes.item_parent_item \r\n\t\t\t\t \tINNER JOIN {$_SESSION['RealS_prefix']}items AS units ON units.item_id = tasks.item_parent_item \r\n\t\t\t\t \tINNER JOIN {$_SESSION['RealS_prefix']}share ON {$_SESSION['RealS_prefix']}share.share_item = units.item_id \r\n\t\t\t\t \tINNER JOIN {$_SESSION['RealS_prefix']}share_cohort_members ON ({$_SESSION['RealS_prefix']}share_cohort_members.s_c_m_share = {$_SESSION['RealS_prefix']}share.share_id AND {$_SESSION['RealS_prefix']}webcells.webcell_member = {$_SESSION['RealS_prefix']}share_cohort_members.s_c_m_member)\r\n\t\t\t\t \tINNER JOIN {$_SESSION['RealS_prefix']}members ON {$_SESSION['RealS_prefix']}members.mb_id = {$_SESSION['RealS_prefix']}share_cohort_members.s_c_m_member\r\n\t\t\t\t WHERE {$_SESSION['RealS_prefix']}items.item_parent_item = " . GetSQLValueString($arg_success_item_id, "int") . "\r\n\t\t\t\t \tAND {$_SESSION['RealS_prefix']}share.share_id = " . GetSQLValueString($arg_share_id, 'int') . "\r\n\t\t\t\t \tAND {$_SESSION['RealS_prefix']}members.mb_type != 'cohort'\r\n\t\t\t\t \tAND {$_SESSION['RealS_prefix']}items.item_default_type = 6\r\n\t\t\t\t \tAND rafl_res_rate = 2\r\n\t\t\t\t ORDER BY {$_SESSION['RealS_prefix']}members.mb_firstname, {$_SESSION['RealS_prefix']}members.mb_surmame"; // Debugging //echo $query; $mysql = new mysqlquery(); $rows = $mysql->getrows($query); if (count($rows)) { $drop_down = '<select size="1" class="who_is">'; //$drop_down .= ' <option>who is happy?</option>'; foreach ($rows as $row) { $drop_down .= ' <option>' . trim($row['mb_firstname'] . ' ' . $row['mb_surmame']) . '</option>'; } $drop_down .= '</select>'; return $drop_down; } else { return ' '; } } else { return ' '; } }
if (isset($_POST['update'])) { /*check whether gift coupon with the same name exists in the database*/ $select_coupon = "SELECT * FROM " . $tableprefix . "products WHERE LOWER(product_name) = " . GetSQLValueString(strtolower($_POST['txtGiftCouponName']), "text") . " AND product_id != " . $_GET['edit_product_id']; $result_coupon = mysql_query($select_coupon) or die(mysql_error()); if (mysql_num_rows($result_coupon) > 0) { $message = "Coupon Name Already Exists !!"; } else { $couponfiletype = $_FILES['txtCouponImage']['type']; $couponfilename = $_FILES['txtCouponImage']['name']; $coupontempname = $_FILES['txtCouponImage']['tmp_name']; //','txtCouponImage','txtCouponAmount','ddlArtist' $update_gift_coupon = "UPDATE " . $tableprefix . "products\n SET product_name = " . GetSQLValueString($_POST['txtGiftCouponName'], "text") . ",\n product_code = " . GetSQLValueString($_POST['txtGiftCouponCode'], "text") . ",\n product_description = " . GetSQLValueString($_POST['txtCouponDescription'], "text") . ",\n product_price = " . GetSQLValueString($_POST['txtCouponAmount'], "text"); $update_gift_coupon .= " WHERE product_id = '" . $_GET['edit_product_id'] . "'"; mysql_query($update_gift_coupon) or die(mysql_error()); $update_product_options = "UPDATE " . $tableprefix . "product_options\n SET product_stock = " . GetSQLValueString($_POST['txtCouponStock'], "text") . ",\n reorder_level = " . GetSQLValueString($_POST['txtStockReorder'], "text"); $update_gift_coupon_master = "UPDATE " . $tableprefix . "giftcoupon_master\n\t\t\t\t\t\t\t\t\t SET ngift_coupon_amount = " . GetSQLValueString($_POST['txtCouponAmount'], "text") . " WHERE ngift_product_id = " . $_GET['edit_product_id']; mysql_query($update_gift_coupon_master) or die(mysql_error()); $message = "Gift Coupon Details Updated Successfully !!"; if ($_FILES['txtCouponImage']['name'][0] != "") { if (!isValidWebImageType($couponfiletype, $couponfilename, $coupontempname)) { $message_image = " * Invalid Image !! Upload an image (jpg/gif/png)" . "<br>"; $image_flag = 1; } else { $imagewidth_height_type_array = explode(":", ImageTypeBanner($_FILES['txtCouponImage']['tmp_name'])); $imagetype = $imagewidth_height_type_array[0]; $assignedname_small = "gift_coupon_small" . time() . "." . $imagetype; $assignedname_large = "gift_coupon_large" . time() . "." . $imagetype; if (move_uploaded_file($_FILES['txtCouponImage']['tmp_name'], "../products/" . $assignedname_large)) { chmod("../products/{$assignedname_large}", 0777); /*taken from the general site settings table*/ $gift_image_size = '400,400';
} header(sprintf("Location: %s", $insertGoTo)); } if (isset($_POST["MM_insert"]) && $_POST["MM_insert"] == "form2") { $insertSQL = sprintf("INSERT INTO bidang_studi (bidang_kode, bidang_nama) VALUES (%s, %s)", GetSQLValueString($_POST['bidang_kode'], "text"), GetSQLValueString($_POST['bidang_nama'], "text")); mysql_select_db($database_siswa, $siswa); $Result1 = mysql_query($insertSQL, $siswa) or die(mysql_error()); $insertGoTo = "tampilbidangstudi.php"; if (isset($_SERVER['QUERY_STRING'])) { $insertGoTo .= strpos($insertGoTo, '?') ? "&" : "?"; $insertGoTo .= $_SERVER['QUERY_STRING']; } header(sprintf("Location: %s", $insertGoTo)); } if (isset($_POST["MM_insert"]) && $_POST["MM_insert"] == "form2") { $insertSQL = sprintf("INSERT INTO bidang_studi (bidang_kode, bidang_nama) VALUES (%s, %s)", GetSQLValueString($_POST['bidang_kode'], "text"), GetSQLValueString($_POST['bidang_nama'], "text")); mysql_select_db($database_siswa, $siswa); $Result1 = mysql_query($insertSQL, $siswa) or die(mysql_error()); $insertGoTo = "tampilbidangstudi.php"; if (isset($_SERVER['QUERY_STRING'])) { $insertGoTo .= strpos($insertGoTo, '?') ? "&" : "?"; $insertGoTo .= $_SERVER['QUERY_STRING']; } header(sprintf("Location: %s", $insertGoTo)); } mysql_select_db($database_siswa, $siswa); $query_Recordset1 = "SELECT * FROM bidang_studi ORDER BY bidang_kode ASC"; $Recordset1 = mysql_query($query_Recordset1, $siswa) or die(mysql_error()); $row_Recordset1 = mysql_fetch_assoc($Recordset1); $totalRows_Recordset1 = mysql_num_rows($Recordset1); ?>
<?php require_once 'config/tank_config.php'; $getjson = file_get_contents('php://input'); $dataarr = json_decode($getjson, true); $token = $dataarr['token']; $tab = $dataarr['tab']; $uid = check_token($token); if ($uid != 3) { mysql_select_db($database_tankdb, $tankdb); $query_Recordset_sumtotal = sprintf("SELECT \n\t\t\t\t\t\t\tCOUNT(*) as count_prj \n\t\t\t\t\t\t\tFROM tk_project \t\n\t\t\t\t\t\t\tWHERE project_to_user = %s", GetSQLValueString($uid, "int")); $Recordset_sumtotal = mysql_query($query_Recordset_sumtotal, $tankdb) or die(mysql_error()); $row_Recordset_sumtotal = mysql_fetch_assoc($Recordset_sumtotal); $my_totalprj = $row_Recordset_sumtotal['count_prj']; $get_function = project_list($uid, "project_lastupdate", "DESC", "0", $tab); $rearr = array('summprj' => $my_totalprj, 'list' => $get_function); $redata = json_encode($rearr); echo $redata; } else { echo 3; }