/** * POST | This handles the registration with validation. * * @return mixed */ public function storeRegistrationForm() { $inputs = request()->get(); $validator = new RegistrationValidator(); $validation = $validator->validate($inputs); if (count($validation)) { session()->set('input', $inputs); return redirect()->to(url()->previous())->withError(RegistrationValidator::toHtml($validation)); } $token = bin2hex(random_bytes(100)); $connection = db()->connection(); try { $connection->begin(); $user = new User(); $success = $user->create(['email' => $inputs['email'], 'password' => security()->hash($inputs['password']), 'token' => $token]); if ($success === false) { throw new Exception('It seems we can\'t create an account, ' . 'please check your access credentials!'); } queue(\Components\Queue\Email::class, ['function' => 'registeredSender', 'template' => 'emails.registered-inlined', 'to' => $inputs['email'], 'url' => route('activateUser', ['token' => $token]), 'subject' => 'You are now registered, activation is required.']); $connection->commit(); } catch (TransactionFailed $e) { $connection->rollback(); throw $e; } catch (Exception $e) { $connection->rollback(); throw $e; } return redirect()->to(route('showLoginForm'))->withSuccess(lang()->get('responses/register.creation_success')); }
public function pub_run($o) { $this->stomp = new Stomp('tcp://network.home.micoli.org:61613'); $this->stomp->connect('guest', 'guest'); try { $this->imapProxy->setAccount($o['account']); $this->imapProxy->open('INBOX'); if (!$this->imapProxy->isConnected()) { return $res; } $this->getLatestMails($o); $running = true; do { db(date('H:i:s ') . "IN IDLE "); $response = $this->imapProxy->idle(5 * 60); if ($response) { db(date('H:i:s -------------') . $response); $this->getLatestMails($o); } else { db(date('H:i:s ') . 'TIMEOUT OCCURED'); } } while ($running); db(__CLASS__ . " " . __LINE__); } catch (Horde_Imap_Client_Exception $e) { db($e); } catch (InvalidArgumentException $e) { db($e); } }
/** * Order step */ function _order_step_start($FORCE_DISPLAY_FORM = false) { module('shop')->_basket_save(); $basket_contents = module('shop')->_basket_api()->get_all(); $products_ids = []; foreach ((array) $basket_contents as $_item_id => $_info) { if ($_info["product_id"]) { $products_ids[$_info["product_id"]] = $_info["product_id"]; } } if (!empty($products_ids)) { $products_infos = db()->query_fetch_all("SELECT * FROM " . db('shop_products') . " WHERE id IN(" . implode(",", $products_ids) . ") AND active='1'"); $products_atts = module('shop')->_products_get_attributes($products_ids); $group_prices = module('shop')->_get_group_prices($products_ids); } $total_price = 0; foreach ((array) $products_infos as $_info) { $_product_id = $_info["id"]; $_info["_group_price"] = $group_prices[$_product_id][module('shop')->USER_GROUP]; $quantity = $basket_contents[$_info["id"]]["quantity"]; $price = module('shop')->_product_get_price($_info); $dynamic_atts = []; foreach ((array) $products_atts[$_product_id] as $_attr_id => $_attr_info) { if ($basket_contents[$_product_id]["atts"][$_attr_info["name"]] == $_attr_info["value"]) { $dynamic_atts[$_attr_id] = "- " . $_attr_info["name"] . " " . $_attr_info["value"]; $price += $_attr_info["price"]; } } $URL_PRODUCT_ID = module('shop')->_product_id_url($_info); $products[$_info["id"]] = ["name" => _prepare_html($_info["name"]), "price" => module('shop')->_format_price($price), "currency" => _prepare_html(module('shop')->CURRENCY), "quantity" => intval($quantity), "details_link" => process_url("./?object=shop&action=product_details&id=" . $URL_PRODUCT_ID), "dynamic_atts" => !empty($dynamic_atts) ? implode("\n<br />", $dynamic_atts) : "", "cat_name" => _prepare_html(module('shop')->_shop_cats[$_info["cat_id"]]), "cat_url" => process_url("./?object=shop&action=products_show&id=" . module('shop')->_shop_cats_all[$_info["cat_id"]]['url'])]; $total_price += $price * $quantity; } $replace = ["products" => $products, "total_price" => module('shop')->_format_price($total_price), "currency" => _prepare_html(module('shop')->CURRENCY), "back_link" => "./?object=shop&action=basket", "next_link" => "./?object=shop&action=order&id=delivery", "cats_block" => module('shop')->_categories_show()]; return tpl()->parse("shop/order_start", $replace); }
/** * Get a summary of how many accounts, graphs, pages etc the current user has. * Does not include disabled accounts towards the limit (#217). * May be cached per user. */ function user_limits_summary($user_id) { global $global_user_limits_summary; if (!isset($global_user_limits_summary[$user_id])) { $accounts = array(); foreach (account_data_grouped() as $group) { foreach ($group as $key => $data) { if (!isset($data['group'])) { continue; } $q = db()->prepare("SELECT COUNT(*) AS c FROM " . $data['table'] . " WHERE user_id=?" . ($data['failure'] ? " AND is_disabled=0" : "") . (isset($data['query']) ? $data['query'] : "")); $q->execute(array($user_id)); $accounts[$key] = $q->fetch(); $accounts[$key] = $accounts[$key]['c']; if (!isset($accounts['total_' . $data['group']])) { $accounts['total_' . $data['group']] = 0; } $accounts['total_' . $data['group']] += $accounts[$key]; if (!isset($data['wizard'])) { continue; } if (!isset($accounts['wizard_' . $data['wizard']])) { $accounts['wizard_' . $data['wizard']] = 0; } $accounts['wizard_' . $data['wizard']] += $accounts[$key]; } } $global_user_limits_summary[$user_id] = $accounts; } return $global_user_limits_summary[$user_id]; }
function basket_add() { $product = db()->query_fetch("SELECT id FROM " . db('shop_products') . " WHERE active = '1' AND " . (is_numeric($_GET["id"]) ? "id=" . intval($_GET["id"]) : "url='" . _es($_GET['id']) . "'")); if (!empty($product)) { $_GET['id'] = $product['id']; } $atts = module('shop')->_products_get_attributes($product["id"]); if ($_GET["id"]) { $_GET["id"] = intval($_GET["id"]); $_POST["quantity"][$_GET["id"]] = 1; } if (!empty($atts) && empty($_POST["atts"])) { module('shop')->_basket_is_processed = true; return js_redirect("./?object=shop&action=product_details&id=" . $_GET["id"]); } if (!empty($_POST["quantity"]) && !module('shop')->_basket_is_processed) { foreach ((array) $_POST["quantity"] as $_product_id => $_quantity) { $_product_id = intval($_product_id); $_old_quantity = (int) module('shop')->_basket_api()->get($_product_id, 'quantity'); $_quantity = intval($_quantity) + intval($_old_quantity); if ($_product_id && $_quantity) { module('shop')->_basket_api()->set($_product_id, ["product_id" => $_product_id, "quantity" => $_quantity, "atts" => $_POST["atts"][$_product_id]]); } } // Prevent double processing module('shop')->_basket_is_processed = true; } return js_redirect("./?object=shop"); }
/** */ function show() { $filter_name = $_GET['object'] . '__' . $_GET['action']; $default_filter = ['order_by' => 'date', 'order_direction' => 'desc']; $sql = 'SELECT * FROM ' . db('log_auth'); return table($sql, ['filter' => (array) $_SESSION[$filter_name] + $default_filter, 'filter_params' => ['name' => 'like']])->user('user_id')->text('login')->link('group', './?object=user_groups&action=edit&id=%d', main()->get_data('user_groups'))->link('ip', './?object=' . $_GET['object'] . '&action=show_for_ip&id=%d')->date('date', ['format' => 'full', 'nowrap' => 1])->text('user_agent')->text('referer'); }
function top_match() { global $db, $allowHover, $llwars, $picformat, $sql_prefix; $qry = db("SELECT s1.datum,s1.cid,s1.id,s1.bericht,s1.xonx,s1.punkte,s1.gpunkte,s1.squad_id,s2.icon,s2.name FROM " . $db['cw'] . " AS s1\n LEFT JOIN " . $db['squads'] . " AS s2 ON s1.squad_id = s2.id\n WHERE `top` = '1'\n ORDER BY RAND()"); if ($get = _fetch($qry)) { //Clans Mod $clandetailssql = db("SELECT clantag, gegner FROM " . $sql_prefix . "clans WHERE id LIKE " . $get['cid']); $clans = _fetch($clandetailssql); $squad = '_defaultlogo.jpg'; $gegner = '_defaultlogo.jpg'; foreach ($picformat as $end) { if (file_exists(basePath . '/inc/images/clanwars/' . $get['cid'] . '_logo.' . $end)) { $gegner = $get['cid'] . '_logo.' . $end; } if (file_exists(basePath . '/inc/images/squads/' . $get['squad_id'] . '_logo.' . $end)) { $squad = $get['squad_id'] . '_logo.' . $end; } } if ($allowHover == 1 || $allowHover == 2) { $hover = 'onmouseover="DZCP.showInfo(\'<tr><td colspan=2 align=center padding=3 class=infoTop>' . jsconvert(re($get['name'])) . '<br/>vs.<br/> ' . jsconvert(re($clans['gegner'])) . '</td></tr><tr><td><b>' . _played_at . ':</b></td><td>' . date("d.m.Y H:i", $get['datum']) . _uhr . '</td></tr><tr><td><b>' . _cw_xonx . ':</b></td><td>' . jsconvert(re($get['xonx'])) . '</td></tr><tr><td><b>' . _result . ':</b></td><td>' . cw_result_nopic_raw($get['punkte'], $get['gpunkte']) . '</td></tr><tr><td><b>' . _comments_head . ':</b></td><td>' . cnt($db['cw_comments'], "WHERE cw = '" . $get['id'] . "'") . '</td></tr>\')" onmouseout="DZCP.hideInfo()"'; } $topmatch .= show("menu/top_match", array("id" => $get['id'], "clantag" => re(cut($clans['clantag'], $llwars)), "team" => re(cut($get['name'], $llwars)), "game" => substr(strtoupper(str_replace('.' . $icon, '', re($get['icon']))), 0, 5), "id" => $get['id'], "gegner" => $gegner, "squad" => $squad, "hover" => $hover, "info" => $get['datum'] > time() ? date("d.m.Y", $get['datum']) : cw_result_nopic($get['punkte'], $get['gpunkte']))); } return empty($topmatch) ? '<center style="margin:3px 0">' . _no_top_match . '</center>' : '<table class="navContent" cellspacing="0">' . $topmatch . '</table>'; }
/** * Track user error message * * @param string * @return void */ function _track_error($error_message = "") { if (empty($error_message)) { return false; } // Try to get user error message source $backtrace = debug_backtrace(); $cur_trace = $backtrace[1]; $next_trace = $backtrace[2]; // Prepare log text $text = "## LOG STARTS AT " . date("Y-m-d H:i:s") . "; QUERY_STRING: " . $_SERVER["QUERY_STRING"] . "; REFERER: " . $_SERVER["HTTP_REFERER"] . "; USER_ID: " . main()->USER_ID . "; USER_GROUP: " . main()->USER_GROUP . "; SITE_ID: " . SITE_ID . "; USER_AGENT: " . $_SERVER["HTTP_USER_AGENT"] . " ##\r\n"; $text .= "URL: http://" . $_SERVER["HTTP_HOST"] . $_SERVER["REQUEST_URI"] . "\r\n"; $text .= "SOURCE FILE: \"" . $cur_trace["file"] . "\" at LINE " . $cur_trace["line"] . "; " . (!empty($next_trace["class"]) ? "METHOD: " . $next_trace["class"] . "->" . $next_trace["function"] : "FUNCTION: " . $next_trace["function"]) . ";\r\n"; $text .= "MESSAGE: " . $error_message . "\r\n"; $text .= "## LOG ENDS ##\r\n"; // Do add current error info to the log file $h = fopen(INCLUDE_PATH . $this->LOG_USER_ERRORS_FILE_NAME, "a"); fwrite($h, $text); fclose($h); // Do store message into database (also check if that possible) if ($this->LOG_INTO_DB && is_object(db())) { $error_type = 0; db()->insert_safe('log_user_errors', ['error_level' => intval($error_type), 'error_text' => $error_message, 'source_file' => $cur_trace['file'], 'source_line' => intval($cur_trace['line']), 'date' => time(), 'site_id' => (int) conf('SITE_ID'), 'user_id' => intval($_SESSION[MAIN_TYPE_ADMIN ? 'admin_id' : 'user_id']), 'user_group' => intval($_SESSION[MAIN_TYPE_ADMIN ? 'admin_group' : 'user_group']), 'is_admin' => MAIN_TYPE_ADMIN ? 1 : 0, 'ip' => common()->get_ip(), 'query_string' => WEB_PATH . '?' . $_SERVER['QUERY_STRING'], 'user_agent' => $_SERVER['HTTP_USER_AGENT'], 'referer' => $_SERVER['HTTP_REFERER'], 'request_uri' => $_SERVER['REQUEST_URI'], 'env_data' => $this->DB_LOG_ENV ? $this->_prepare_env() : '', 'object' => $_GET['object'], 'action' => $_GET['action']]); } }
function InsertSalesType($SalesTypeDetails, $user, $password) { $Errors = array(); $db = db($user, $password); if (gettype($db) == 'integer') { $Errors[0] = NoAuthorisation; return $Errors; } $FieldNames = ''; $FieldValues = ''; foreach ($SalesTypeDetails as $key => $value) { $FieldNames .= $key . ', '; $FieldValues .= '"' . $value . '", '; } $sql = 'INSERT INTO salestypes (' . substr($FieldNames, 0, -2) . ') ' . 'VALUES (' . substr($FieldValues, 0, -2) . ') '; if (sizeof($Errors) == 0) { $result = DB_Query($sql, $db); if (DB_error_no($db) != 0) { $Errors[0] = DatabaseUpdateFailed; } else { $Errors[0] = 0; } } return $Errors; }
function motm() { global $db, $allowHover; $userpics = get_files(basePath . '/inc/images/uploads/userpics/'); $qry = db("SELECT * FROM " . $db['users'] . " WHERE level >= 2"); while ($rs = _fetch($qry)) { foreach ($userpics as $userpic) { $tmpId = intval($userpic); if ($tmpId == $rs['id']) { $temparr[] = $rs['id']; $a++; break; } } } $arrayID = rand(0, count($temparr) - 1); $uid = $temparr[$arrayID]; $get = _fetch(db("SELECT * FROM " . $db['users'] . " WHERE id = '" . $uid . "'")); if (!empty($get) && !empty($temparr)) { $status = $get['status'] == 1 || $get['level'] == 1 ? _aktiv : _inaktiv; if ($allowHover == 1) { $info = 'onmouseover="DZCP.showInfo(\'<tr><td colspan=2 align=center padding=3 class=infoTop>' . rawautor($get['id']) . '</td></tr><tr><td width=80px><b>' . _posi . ':</b></td><td>' . getrank($get['id']) . '</td></tr><tr><td><b>' . _status . ':</b></td><td>' . $status . '</td></tr><tr><td><b>' . _age . ':</b></td><td>' . getAge($get['bday']) . '</td></tr><tr><td colspan=2 align=center>' . jsconvert(userpic($get['id'])) . '</td></tr>\')" onmouseout="DZCP.hideInfo()"'; } $member = show("menu/motm", array("uid" => $get['id'], "upic" => userpic($get['id'], 130, 161), "info" => $info)); } else { $member = ''; } return empty($member) ? '' : '<table class="navContent" cellspacing="0">' . $member . '</table>'; }
public function action(\Baguette\Application $app, \Teto\Routing\Action $action) { if ($app->session->get('user_id', ['default' => false])) { return new Response\RedirectResponse('/'); } if (!$app->isTokenVerified) { return new Response\RedirectResponse('/'); } // systemは特殊なユーザーなのでログインできない if (isset($_REQUEST['user'], $_REQUEST['password']) && $_REQUEST['user'] != 'system') { $user = trim($_REQUEST['user']); $pass = $_REQUEST['password']; $query = 'SELECT * FROM `users` WHERE `slug` = ?'; $stmt = db()->prepare($query); $stmt->execute([$user]); if ($login = $stmt->fetch(\PDO::FETCH_ASSOC)) { $query = 'SELECT `password` FROM `user_passwords` WHERE `user_id` = ?'; $stmt = db()->prepare($query); $stmt->execute([$login['id']]); $res = $stmt->fetch(\PDO::FETCH_ASSOC); if ($res && password($pass, $res['password']) === true) { $app->refreshSession(); $app->session->set('user_id', $login['id']); $app->session->set('user_slug', $login['slug']); $app->session->set('user_name', $login['name']); return new Response\RedirectResponse('/'); } } } return new Response\TemplateResponse('login.tpl.html', ['user' => isset($_REQUEST['user']) ? $_REQUEST['user'] : null]); }
function is_installed() { if (!db()) { return false; } return my_sql("SHOW COLUMNS FROM `user`"); }
/** * Get geo info by IP from db */ function _get_geo_data_from_db($cur_ip = "") { $cur_ip = trim(array_pop(explode(",", preg_replace("/[^0-9\\.,]/i", "", $cur_ip)))); if (empty($cur_ip)) { return false; } if ($this->_is_ip_to_skip($cur_ip)) { return false; } $STORE_UNKNOWN_IPS = true; // Also check if IP is not recognized by our system and skip it if ($STORE_UNKNOWN_IPS && db()->query_num_rows("SELECT * FROM " . db('geo_skip_ip') . " WHERE ip = INET_ATON('" . _es($cur_ip) . "')")) { return false; } // Prepare query $sql = "SELECT * \n\t\t\tFROM " . db('geo_city_location') . " \n\t\t\tWHERE loc_id = ( \n\t\t\t\tSELECT loc_id FROM " . db('geo_city_blocks') . "\n\t\t\t\tWHERE start_ip <= INET_ATON('" . _es($cur_ip) . "') \n\t\t\t\t\tAND end_ip >= INET_ATON('" . _es($cur_ip) . "') \n\t\t\t\tLIMIT 1 \n\t\t\t)"; $A = db()->query_fetch($sql); if (empty($A)) { if ($STORE_UNKNOWN_IPS) { db()->query("INSERT INTO " . db('geo_skip_ip') . " (\n\t\t\t\t\t\tip, hits\n\t\t\t\t\t) VALUES (\n\t\t\t\t\t\tINET_ATON('" . _es($cur_ip) . "'), 1\n\t\t\t\t\t) ON DUPLICATE KEY UPDATE hits = hits + 1"); } return false; } $geo_data = ["country_code" => $A["country"], "country_name" => _country_name($A["country"]), "region_code" => $A["region"], "city_name" => $A["city"], "dma_code" => $A["dma_code"], "area_code" => $A["area_code"], "longitude" => $A["longitude"], "latitude" => $A["latitude"]]; return $geo_data; }
function InsertGLAccountGroup($AccountGroupDetails, $user, $password) { $Errors = array(); $db = db($user, $password); if (gettype($db) == 'integer') { $Errors[0] = NoAuthorisation; return $Errors; } foreach ($AccountGroupDetails as $key => $value) { $AccountGroupDetails[$key] = DB_escape_string($value); } $Errors = VerifyAccountGroup($AccountGroupDetails['groupname'], sizeof($Errors), $Errors, $db); $Errors = VerifyAccountSectionExists($AccountGroupDetails['sectioninaccounts'], sizeof($Errors), $Errors, $db); if (isset($AccountGroupDetails['pandl'])) { $Errors = VerifyPandL($AccountGroupDetails['pandl'], sizeof($Errors), $Errors); } $Errors = VerifyParentGroupExists($AccountGroupDetails['parentgroupname'], sizeof($Errors), $Errors, $db); $FieldNames = ''; $FieldValues = ''; foreach ($AccountGroupDetails as $key => $value) { $FieldNames .= $key . ', '; $FieldValues .= '"' . $value . '", '; } if (sizeof($Errors) == 0) { $sql = 'INSERT INTO accountgroups (' . substr($FieldNames, 0, -2) . ') ' . 'VALUES (' . substr($FieldValues, 0, -2) . ') '; $result = DB_Query($sql, $db); if (DB_error_no($db) != 0) { $Errors[0] = DatabaseUpdateFailed; } else { $Errors[0] = 0; } } return $Errors; }
public function pertimeAction() { return; db()->exec("SELECT store_stats_graph('app', '2010-01-01', NOW()::date::text)"); // $stats = new Default_Model_AppStats($this->appType); // $this->view->entries = $stats->perVO(); }
function InsertGLAccountSection($AccountSectionDetails, $user, $password) { $Errors = array(); $db = db($user, $password); if (gettype($db) == 'integer') { $Errors[0] = NoAuthorisation; return $Errors; } foreach ($AccountSectionDetails as $key => $value) { $AccountSectionDetails[$key] = DB_escape_string($value); } $Errors = VerifyAccountSection($AccountSectionDetails['sectionname'], sizeof($Errors), $Errors, $db); if (isset($AccountSectionDetails['accountname'])) { $Errors = VerifySectionName($AccountSectionDetails['sectionname'], sizeof($Errors), $Errors); } $FieldNames = ''; $FieldValues = ''; foreach ($AccountSectionDetails as $key => $value) { $FieldNames .= $key . ', '; $FieldValues .= '"' . $value . '", '; } if (sizeof($Errors) == 0) { $sql = "INSERT INTO accountsection ('" . mb_substr($FieldNames, 0, -2) . "')\n\t\t\t\t\tVALUES ('" . mb_substr($FieldValues, 0, -2) . "')"; $result = DB_Query($sql, $db); if (DB_error_no($db) != 0) { $Errors[0] = DatabaseUpdateFailed; } else { $Errors[0] = 0; } } return $Errors; }
public function getDBInstance() : \PDO { if ($this->pdo == null) { $this->pdo = db()->getInstance(); } return $this->pdo; }
function _site_map_items($sm_obj) { if (!is_object($sm_obj)) { return false; } $shop_cats = _class('cats')->_get_items_array('shop_cats'); foreach ((array) $shop_cats as $cid => $c) { if (!$c['parent_id']) { $top_level[$cid] = $cid; } } foreach ((array) $top_level as $cid) { $c =& $shop_cats[$cid]; if (!$c['active']) { unset($shop_cats[$cid]); continue; } $sm_obj->_store_item(['url' => url('/shop/products/' . $cid)]); } $q = db()->query('SELECT id FROM ' . db('shop_products') . ' WHERE active="1" AND image="1"'); while ($a = db()->fetch_assoc($q)) { $sm_obj->_store_item(['url' => url('/shop/product/' . $a['id'])]); } return true; }
static function getAdvs($position_id, $limit = 10) { $condition = " WHERE `position_id` = '" . $position_id . "' AND `status` = '" . self::ST_ON . "' "; $condition .= " AND `end_date` > '" . date('Y-m-d') . "' "; $result = db()->exec("SELECT `id`, `title`, `status`, `pic`, `uri`, `background`, `summary` FROM `" . self::fmTbl() . "` " . $condition . " ORDER BY rand() LIMIT " . $limit); return 1 === $limit && !empty($result) ? $result[0] : $result; }
function orders() { if (!main()->USER_ID) { if (main()->is_post()) { module('shop')->order_validate_data(); // Display next form if we have no errors if (!common()->_error_exists()) { return module('shop')->order_view(true); } } $items[] = ["order_id" => $_POST["order_id"], "email" => $_POST["email"], "form_action" => "./?object=shop&action=orders", "back_link" => "./?object=shop"]; } else { $sql = "SELECT * FROM " . db('shop_orders') . " WHERE user_id=" . intval(main()->USER_ID); //$filter_sql = $this->PARENT_OBJ->USE_FILTER ? $this->PARENT_OBJ->_create_filter_sql() : ""; $sql .= strlen($filter_sql) ? " WHERE 1=1 " . $filter_sql : " ORDER BY date DESC "; list($add_sql, $pages, $total) = common()->divide_pages($sql); $orders_info = db()->query_fetch_all($sql . $add_sql); if (!empty($orders_info)) { foreach ((array) $orders_info as $v) { $user_ids[] = $v["user_id"]; } $user_infos = user($user_ids); } foreach ((array) $orders_info as $v) { if ($v["status"] == "pending" or $v["status"] == "pending payment") { $del = "./?object=shop&action=order_delete&id=" . $v["id"]; } else { $del = ""; } $items[] = ["order_id" => $v["id"], "date" => _format_date($v["date"], "long"), "sum" => module('shop')->_format_price($v["total_sum"]), "user_link" => _profile_link($v["user_id"]), "user_name" => _display_name($user_infos[$v["user_id"]]), "status" => $v["status"], "delete_url" => $del, "view_url" => "./?object=shop&action=order_view&id=" . $v["id"]]; } } $replace = ["error_message" => _e(), "items" => (array) $items, "pages" => $pages, "total" => intval($total), "filter" => module('shop')->USE_FILTER ? module('shop')->_show_filter() : ""]; return tpl()->parse("shop/order_show", $replace); }
public function table_settings() { $table = z(t(v('table'))); $tables = get_table_list(db()); if (!in_array($table, $tables)) { return info_page('<a href="javascript:history.back(1);">table不存在,点击返回</a>'); } $data['fields'] = get_fields_info($table); $data['actions'] = array('list' => 'List', 'insert' => 'Insert', 'update' => 'Update', 'remove' => 'Remove'); $data['table'] = $table; $data['my_actions'] = get_data("SELECT * FROM `__meta_code` WHERE `table` = '" . s($table) . "' ORDER BY `id` DESC"); //print_r( $fields ); $data['title'] = $data['top_title'] = 'API设置'; $data['js'][] = 'codemirror.js'; $data['js'][] = 'util/runmode.js'; $data['js'][] = 'mode/php/php.js'; $data['js'][] = 'mode/htmlmixed/htmlmixed.js'; $data['js'][] = 'mode/css/css.js'; $data['js'][] = 'mode/javascript/javascript.js'; $data['js'][] = 'mode/xml/xml.js'; $data['js'][] = 'mode/clike/clike.js'; $data['css'][] = 'codemirror.css'; $data['css'][] = 'theme/night.css'; render($data); }
function insertElement() { if (isset($_POST['ClassificationID'])) { $ClassificationID = json_decode(sanitize($_POST['ClassificationID'])); } if (isset($_POST['Element'])) { $Element = json_decode(sanitize($_POST['Element'])); } if (isset($_POST['AtomicMass'])) { $AtomicMass = json_decode(sanitize($_POST['AtomicMass'])); } $dbConn = mysqli_connect(server(), username(), password(), db("Elements")); if ($dbConn->connect_error) { die("Connection failed: " . $dbConn->connect_error); } $query = "INSERT INTO Elements ( ClassificationID, Element, AtomicMass ) " . "VALUES ( " . "" . $ClassificationID . ", " . "'" . $Element . "', " . "" . $AtomicMass . " );"; $result = $dbConn->query($query); $return = new stdClass(); $return->querystring = (string) $query; if ($result) { $return->success = true; } else { $return->success = false; } return json_encode($return); }
public function oauth($tokenid) { $successURL = isset($_GET['returnurl']) ? $_GET['returnurl'] : new URL('auth', 'invalidReturn'); $failureURL = isset($_GET['cancelurl']) ? $_GET['cancelurl'] : $successURL; $grant = isset($_GET['grant']) ? (int) $_GET['grant'] === 1 : null; $session = Session::getInstance(); $token = db()->table('token')->get('token', $tokenid)->fetch(); #No token, no access if (!$token) { throw new PublicException('No token', 404); } $this->view->set('token', $token); $this->view->set('cancelURL', $failureURL); $this->view->set('continue', (string) new URL('auth', 'oauth', $tokenid, array_merge($_GET->getRaw(), array('grant' => 1)))); if (!$session->getUser()) { return $this->response->getHeaders()->redirect(new URL('user', 'login', array('returnto' => (string) URL::current()))); } if ($grant === false) { return $this->response->getHeaders()->redirect($failureURL); } if ($grant === true) { $token->user = $this->user; $token->store(); return $this->response->getHeaders()->redirect($successURL); } }
function products_similar_by_basket($id) { $sql_order_id = "SELECT order_id FROM " . db('shop_order_items') . " WHERE product_id = " . $id; $orders = db()->query($sql_order_id); while ($A = db()->fetch_assoc($orders)) { $order_id .= $A["order_id"] . ","; } $order_id = rtrim($order_id, ","); if (!empty($order_id)) { $sql_product_id = "SELECT product_id FROM " . db('shop_order_items') . " WHERE order_id IN ( " . $order_id . ") AND product_id != " . $id; $products = db()->query($sql_product_id); while ($A = db()->fetch_assoc($products)) { $product_id .= $A["product_id"] . ","; } $product_id = rtrim($product_id, ","); } if (!empty($product_id)) { $sql = "SELECT * FROM " . db('shop_products') . " WHERE id in ( " . $product_id . ")"; $product = db()->query_fetch_all($sql); foreach ((array) $product as $k => $product_info) { $thumb_path = $product_info["url"] . "_" . $product_info["id"] . "_1" . module("shop")->THUMB_SUFFIX . ".jpg"; $URL_PRODUCT_ID = module("shop")->_product_id_url($product_info); $items[$product_info["id"]] = ["name" => _prepare_html($product_info["name"]), "price" => module("shop")->_format_price(module("shop")->_product_get_price($product_info)), "currency" => _prepare_html(module("shop")->CURRENCY), "image" => file_exists(module("shop")->products_img_dir . $thumb_path) ? module("shop")->products_img_webdir . $thumb_path : "", "link" => $product_info["external_url"] ? $product_info["external_url"] : process_url("./?object=shop&action=product_details&id=" . $URL_PRODUCT_ID), "special" => ""]; } } $replace = ["items" => $items, "title" => "Those who purchased this product also buy"]; return tpl()->parse("shop/products_similar_by_price", $replace); }
public static function import($datafile) { db('import')->echoOn(); db('import')->beginTransaction(); $data = Yaml::read($datafile); $schema = $data['schema']; $tables = $data['data']; $automap = array(); foreach ($tables as $tableName => $rows) { foreach ($rows as $row) { $values = array(); foreach ($row as $fieldName => $fieldValue) { if (!isset($schema[$tableName]['auto']) || !in_array($fieldName, $schema[$tableName]['auto'])) { $values[$fieldName] = $fieldValue; } } if (isset($schema[$tableName]['refs'])) { foreach ($schema[$tableName]['refs'] as $fieldName => $referee) { $values[$fieldName] = $automap[$referee[0]][$referee[1]][$row[$fieldName]]; } } $id = db('import')->insertArray($tableName, $values); if (isset($row['id'])) { $automap[$tableName]['id'][$row['id']] = $id; } } } db('import')->rollbackTransaction(); }
/** * Prepare DB for application settings * @return mixed */ public function prepare() { db()->execute("\n CREATE TABLE IF NOT EXISTS `email_distribution` (\n `distribution_id` int(11) NOT NULL AUTO_INCREMENT,\n `template_id` int(11) NOT NULL,\n `status` int(11) DEFAULT '0',\n `recipient_count` int(11) DEFAULT '0',\n `bounce_count` int(11) DEFAULT '0',\n `open_count` int(11) DEFAULT '0',\n `click_count` int(11) DEFAULT '0',\n `ts` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP,\n `finished` datetime NOT NULL,\n `active` int(11) NOT NULL DEFAULT '0',\n PRIMARY KEY (`distribution_id`)\n ) ENGINE=InnoDB AUTO_INCREMENT=4 DEFAULT CHARSET=utf8;\n "); db()->execute("\n CREATE TABLE IF NOT EXISTS `email_letter` (\n `letter_id` int(11) NOT NULL AUTO_INCREMENT,\n `distribution_id` int(11) NOT NULL,\n `template_id` int(11) NOT NULL,\n `recipient` varchar(50) NOT NULL,\n `status` int(11) DEFAULT '0',\n `ts` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP,\n PRIMARY KEY (`letter_id`)\n ) ENGINE=InnoDB AUTO_INCREMENT=6 DEFAULT CHARSET=utf8;\n "); db()->execute("\n CREATE TABLE IF NOT EXISTS `email_template` (\n `template_id` int(11) NOT NULL AUTO_INCREMENT,\n `content` text NOT NULL,\n `locale` varchar(5) NOT NULL DEFAULT 'en',\n `ts` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP,\n PRIMARY KEY (`template_id`)\n ) ENGINE=InnoDB AUTO_INCREMENT=7 DEFAULT CHARSET=utf8;\n "); return parent::prepare(); }
function var_set($name, $value, $exp = 0) { $db = db(); $value = json_encode($value); $db->dquery('SELECT id FROM variable WHERE name = ":name"'); $db->arg(':name', $name); $db->execute(); $res = $db->fetch_single(); if ($exp) { $exp = time() + $exp * 3600; } if (empty($res)) { $db->dquery('INSERT INTO variable (name, value, expires) VALUES (":name", ":value", :exp)'); $db->arg(':name', $name); $db->arg(':value', $value); $db->arg(':exp', $exp); $db->execute(); } else { $db->dquery('UPDATE variable SET name = ":name", value = ":value", expires = :exp WHERE id = :id;'); $db->arg(':name', $name); $db->arg(':value', $value); $db->arg(':exp', $exp); $db->arg(':id', $res['id']); $db->execute(); } }
public function startAttempt($quiz, $studentId = null) { db()->beginTransaction(); if (empty($studentId)) { $studentId = studentId(); } if (!empty($quiz['maxAttemptNum'])) { $numAttemptsUsed = field_sql('SELECT COUNT(quizAttemptId) FROM quiz_attempt WHERE quizId=:quizId AND studentId=:studentId', array('quizId' => $quiz['quizId'], 'studentId' => $studentId)); if ($numAttemptsUsed >= $quiz['maxAttemptNum']) { throw new Exception('Attempt limit consumed', 403); } } $numAttemptsInproc = field_sql('SELECT COUNT(quizAttemptId) FROM quiz_attempt WHERE quizId=:quizId AND studentId=:studentId AND status=:status', array('quizId' => $quiz['quizId'], 'studentId' => $studentId, 'status' => STATUS_INPROC)); if ($numAttemptsInproc > 0) { throw new Exception('Already started', 403); } entry_change('quiz_attempt', array('quizId' => $quiz['quizId'], 'studentId' => $studentId, 'status' => STATUS_INPROC, 'timeStart' => date('Y-m-d H:i:s'))); $attemptId = db()->lastInsertId(); $questions = entries_sql('SELECT questionId FROM question WHERE questionBaseId=:questionBaseId', array('questionBaseId' => $quiz['questionBaseId'])); if (empty($questions)) { throw new Exception('Questions not found', 404); } shuffle($questions); $num = 1; foreach ($questions as $q) { if (!empty($quiz['numQuestion']) && $num > $quiz['numQuestion']) { break; } entry_change('question_session', array('num' => $num++, 'quizAttemptId' => $attemptId, 'questionId' => $q['questionId'], 'status' => STATUS_NEW)); } db()->commit(); return $attemptId; }
public function removeava() { if (isset($_GET['avi_id']) && isset($_GET['cli_id'])) { $idAvis = $_GET['avi_id']; $idUser = $_GET['cli_id']; $st = db()->prepare("DELETE FROM T_J_AVISABUSIF_AVA WHERE avi_id=:avi and cli_id=:cli"); $st->bindParam(':avi', $idAvis); $st->bindParam(':cli', $idUser); $st->execute(); $m = new message(); $m->setFlash("L'avis abusif a été ignoré", "success"); header("Refresh:0; url=../Sprint/?r=src"); // $id = $_GET['avi_id']; // $avis = new T_E_AVIS_AVI($id); // if($avis->avi_id == null){ // $m = new message(); // $m->setFlash("Cet avis n'existe pas"); // header("Refresh:0; url=../Sprint/?r=src"); // } else { // $avis->deleteAllAva(); // $m = new message(); // $m->setFlash("l'avis a bien été supprimé","success"); // header("Refresh:0; url=../Sprint/?r=src"); // // } } }
public function search() { //quelque soit le mot il est mis en minuscule $motclef = strtolower($_POST["mot_clef"]); $srchConsole = $_POST["choiceconsole"]; $srchRayon = $_POST["choicerayon"]; $class = get_called_class(); $table = strtolower($class); if ($srchConsole == "console") { if ($srchRayon == "rayon") { //console - et rayon - $st = db()->prepare("select * from t_e_jeuvideo_jeu j where (lower(jeu_nom) like '%" . $motclef . "%') or (jeu_id in (select w.jeu_id from t_e_motcle_mot w where lower(w.mot_mot) like '%" . $motclef . "%'))"); } else { //console - et rayon + $st = db()->prepare("select * from t_e_jeuvideo_jeu j join t_r_console_con c on c.con_id = j.con_id join t_j_jeurayon_jer v on v.jeu_id = j.jeu_id join t_r_rayon_ray r on r.ray_id=v.ray_id where (lower(jeu_nom) like '%" . $motclef . "%' or j.jeu_id in (select w.jeu_id from t_e_motcle_mot w where lower(w.mot_mot) like '%" . $motclef . "%')) and ray_nom like '%" . $srchRayon . "%'"); } } else { if ($srchRayon == "rayon") { //console + et rayon - $st = db()->prepare("select * from t_e_jeuvideo_jeu j join t_r_console_con c on c.con_id = j.con_id where (lower(jeu_nom) like '%" . $motclef . "%' or j.jeu_id in (select w.jeu_id from t_e_motcle_mot w where lower(w.mot_mot) like '%" . $motclef . "%')) and con_nom like '%" . $srchConsole . "%'"); } else { //console + et rayon + $st = db()->prepare("select * from t_e_jeuvideo_jeu j join t_r_console_con c on c.con_id = j.con_id join t_j_jeurayon_jer v on v.jeu_id = j.jeu_id join t_r_rayon_ray r on r.ray_id=v.ray_id where (lower(jeu_nom) like '%" . $motclef . "%' or j.jeu_id in (select w.jeu_id from t_e_motcle_mot w where lower(w.mot_mot) like '%" . $motclef . "%')) and ray_nom like '%" . $srchRayon . "%' and con_nom like '%" . $srchConsole . "%'"); } //join t_e_motcle_mot w on w.jeu_id=j.jeu_id "lower(mot_mot) like '".$motclef."'" } $st->execute(); $list = array(); while ($row = $st->fetch(PDO::FETCH_ASSOC)) { $list[] = new T_e_jeuvideo_jeu($this->_jeu_id = $row["jeu_id"]); } $this->render("search", $list); }