function draw_paged_result($javascript = '') { $this->html_output = ''; //If there is more than one page, show the pager if ($this->total_pages > 1) { init_var($Result_Pager); $this->html_output .= "Page " . $this->current_page . " of " . $this->total_pages . " | Go to page: <input type=\"text\" name=\"result_pager\" value=\"{$Result_Pager}\" size=\"2\" {$javascript}>" . "<input type=\"submit\" name=\"pager_submit\" value=\"GO\"> " . "<input type=\"hidden\" name=\"current_page\" value=\"" . $this->current_page . "\">"; } else { $this->html_output = "Page " . $this->current_page . " of " . $this->total_pages . ' '; } return $this->html_output; }
//Cobalt on the web: http://cobalt.jvroig.com //****************************************************************** require 'path.php'; init_cobalt('Add user role'); $show_result = false; if (isset($_GET['filter_field_used']) && isset($_GET['filter_used']) && isset($_GET['page_from'])) { $role_id = $_GET['role_id']; require 'components/get_listview_referrer.php'; $role_name = cobalt_load_class('user_role')->get_role_name($role_id)->dump['role']; } if (xsrf_guard()) { init_var($_POST['btn_cancel']); init_var($_POST['btn_back']); init_var($_POST['btn_submit']); init_var($_POST['find']); init_var($_POST['passportButton']); require 'components/query_string_standard.php'; $role_id = $_POST['role_id']; $role_name = $_POST['role_name']; if ($_POST['btn_cancel'] || $_POST['btn_back']) { log_action('Pressed cancel button', $_SERVER['PHP_SELF']); redirect("listview_user_role.php?{$query_string}"); } if ($_POST['btn_submit']) { //Get all users with the role require 'subclasses/user.php'; $obj_user = new user(); $obj_user->get_role_users($role_id); $lst_user = $obj_user->lst_user; if (isset($obj_user->dump['username'])) { $arr_user = $obj_user->dump['username'];
<?php //****************************************************************** //This file was generated by Cobalt, a rapid application development //framework developed by JV Roig (jvroig@jvroig.com). // //Cobalt on the web: http://cobalt.jvroig.com //****************************************************************** require 'path.php'; init_cobalt('Delete refstudent'); if (isset($_GET['student_id'])) { $student_id = urldecode($_GET['student_id']); require_once 'form_data_refstudent.php'; } elseif (xsrf_guard()) { init_var($_POST['btn_cancel']); init_var($_POST['btn_delete']); require 'components/query_string_standard.php'; if ($_POST['btn_cancel']) { log_action('Pressed cancel button', $_SERVER['PHP_SELF']); redirect("listview_refstudent.php?{$query_string}"); } elseif ($_POST['btn_delete']) { log_action('Pressed delete button', $_SERVER['PHP_SELF']); require_once 'subclasses/refstudent.php'; $dbh_refstudent = new refstudent(); $object_name = 'dbh_refstudent'; require 'components/create_form_data.php'; $dbh_refstudent->del($arr_form_data); redirect("listview_refstudent.php?{$query_string}"); } } require 'subclasses/refstudent_html.php';
<?php //****************************************************************** //This file was generated by Cobalt, a rapid application development //framework developed by JV Roig (jvroig@jvroig.com). // //Cobalt on the web: http://cobalt.jvroig.com //****************************************************************** require 'path.php'; init_cobalt('View user passport groups'); if (isset($_GET['passport_group_id'])) { $passport_group_id = urldecode($_GET['passport_group_id']); require 'form_data_user_passport_groups.php'; } if (xsrf_guard()) { init_var($_POST['btn_back']); if ($_POST['btn_back']) { log_action('Pressed cancel button'); require 'components/query_string_standard.php'; redirect("listview_user_passport_groups.php?{$query_string}"); } } require 'subclasses/user_passport_groups_html.php'; $html = new user_passport_groups_html(); $html->draw_header('Detail View: User Passport Groups', $message, $message_type); $html->draw_listview_referrer_info($filter_field_used, $filter_used, $page_from, $filter_sort_asc, $filter_sort_desc); $html->detail_view = TRUE; $html->draw_controls('view'); $html->draw_footer();
<tr> <td align="center"> <?php $html->draw_text_field('', 'username', FALSE, 'text', FALSE, 'id="username" size="37" autocomplete="off" placeholder="Username"'); ?> </td> </tr> <tr> <td align="center"> <?php $html->draw_text_field('', 'password', FALSE, 'password', FALSE, 'maxlength="' . MAX_PASSWORD_LENGTH . '" size="37" autocomplete="off" placeholder="Password"'); ?> </td> </tr> <tr> <td align="center"> <input type=submit value="LOG IN" name="btnSubmit"> <?php init_var($error_message); $_SESSION['icon_set'] = 'cobalt'; $html->display_error($error_message); ?> </td> </tr> </table> </fieldset> </div> </form> </body> </html>
$ModuleOptions = $_GET['ModuleOptions']; $KeywordSearch = $_GET['KeywordSearch']; $IPAddressOptions = $_GET['IPAddressOptions']; $TimeStart = $_GET['TimeStart']; $TimeEnd = $_GET['TimeEnd']; $Username = $_GET['Username']; $Module = $_GET['Module']; $Keyword = $_GET['Keyword']; $IPAddress = $_GET['IPAddress']; if (isset($_GET['current_page'])) { $current_page = $_GET['current_page']; } $CREATE_FILTERS = TRUE; } if (xsrf_guard()) { init_var($_POST['btn_cancel']); if ($_POST['btn_cancel']) { log_action("Pressed cancel button", $_SERVER['PHP_SELF']); echo "<script>window.close()</script>"; } if (isset($_POST['start'])) { $start = $_POST['start']; } $DateTimeOptions = $_POST['DateTimeOptions']; $UserOptions = $_POST['UserOptions']; $ModuleOptions = $_POST['ModuleOptions']; $KeywordSearch = $_POST['KeywordSearch']; $IPAddressOptions = $_POST['IPAddressOptions']; $TimeStart = $_POST['TimeStart']; $TimeEnd = $_POST['TimeEnd']; $Username = $_POST['Username'];
function stmt_fetch($result_type = 'array') { $this->stmt_execute(); if ($this->num_rows > 0) { $result = $this->stmt; //Valid types are 'single' and 'array'. //Default is 'array', and for robustness any other value //simply gets treated as 'array'; //Get number of fields $num_fields = $result->field_count; //create temporary bind result vars $arr_results = array(); for ($a = 0; $a < $num_fields; ++$a) { $var_name = 'col' . $a; ${$var_name} = ''; $arr_results[] =& ${$var_name}; } call_user_func_array(array($this->stmt, 'bind_result'), $arr_results); //Get the field names $meta = $result->result_metadata(); $arr_fieldnames = array(); for ($a = 0; $a < $num_fields; ++$a) { $field = $meta->fetch_field(); $arr_fieldnames[] = $field->name; } //Result = single record, no need for arrays to store the result set if (strtoupper($result_type) == 'SINGLE') { $result->fetch(); for ($b = 0; $b < $num_fields; ++$b) { $field_name = $arr_fieldnames[$b]; $value = $arr_results[$b]; $this->dump[$field_name] = $value; } } else { for ($a = 0; $a < $this->num_rows; ++$a) { $result->fetch(); for ($b = 0; $b < $num_fields; ++$b) { $field_name = $arr_fieldnames[$b]; $value = $arr_results[$b]; init_var($this->dump[$field_name]); if (is_array($this->dump[$field_name])) { } else { $this->dump[$field_name] = array(); } $this->dump[$field_name][] = $value; } } } } return $this; }
?> <div class="container_mid"> <fieldset class="top"> New List </fieldset> <fieldset class="middle"> <table class="input_form"> <?php drawTextField('List Name', 'List_Name'); drawTextField('Remarks', '', '', 'Textarea'); drawMultiFieldStart('List Items'); if ($numParticulars < 1) { $numParticulars = 1; } for ($a = 0; $a < $numParticulars; $a++) { init_var($List_Item[$a]); echo "<li style='margin: 5'><input type='text' name='List_Item[{$a}]' value='{$List_Item[$a]}'>"; } drawMultiFieldEnd(); ?> </table> </fieldset> <fieldset class="bottom"> <?php drawSubmitCancel(); ?> </fieldset> </div> <?php drawFooter();
<?php require 'Core/SCV2_Core.php'; init_SCV2(); if (xsrf_guard()) { init_var($_POST['btnSubmit']); init_var($_POST['CreateDBConnections']); init_var($_POST['CreatePages']); init_var($_POST['CreatePredefinedLists']); init_var($_POST['CreateTables']); init_var($_POST['CreateUsers']); init_var($_POST['DefineTableFields']); init_var($_POST['DefineTableRelations']); init_var($_POST['ImportDBConnection']); if ($_POST['btnSubmit']) { header("location: {$_POST['location']}"); exit; } elseif ($_POST['CreateDBConnections']) { header("location: /cobalt/Screens/CreateDBConnections.php"); exit; } elseif ($_POST['CreatePages']) { header("location: /cobalt/Screens/CreatePages.php"); exit; } elseif ($_POST['CreatePredefinedLists']) { header("location: /cobalt/Screens/CreatePredefinedLists.php"); exit; } elseif ($_POST['CreateTables']) { header("location: /cobalt/Screens/CreateTables.php"); exit; } elseif ($_POST['CreateUsers']) { header("location: /cobalt/Screens/CreateUsers.php");
<?php require_once 'components/get_max_attachment_size.php'; init_var($max_attachment_height); init_var($max_attachment_width); $existing_file_upload_control_name = 'existing_' . $file_upload_control_name; for ($a = 0; $a < ${$mf_upload_counter_name}; ++$a) { $empty_previous_file = FALSE; $upload_destination_file = ''; $orig_filename = basename(str_replace("", '', $_FILES[$file_upload_control_name]['name'][$a])); if (empty($_FILES[$file_upload_control_name]['name'][$a])) { $extension = pathinfo($_POST[$existing_file_upload_control_name][$a], PATHINFO_EXTENSION); } else { $extension = pathinfo($orig_filename, PATHINFO_EXTENSION); } if ($extension == '' && empty($_FILES[$file_upload_control_name]['name'][$a])) { //No file uploaded at all. We treat it as "allowed extension" //since we aren't blocking an invalid file type. The fact that it is empty //will be caught by other checks below. $allowed_extension = TRUE; } else { //Verify that file extension is in whitelist $allowed_extension = FALSE; require_once 'upload_generic_whitelist.php'; if (in_array(strtolower($extension), $arr_good_extensions)) { //in whitelist, good $allowed_extension = TRUE; } else { $empty_previous_file = TRUE; } }
/** * @file index * @author ryan <*****@*****.**> * app logic * 此框架由王霄池纯粹手写而成,当然参照了不少鸡爷的框架,也参照了 LazyPHP */ // 打开错误提示 ini_set('display_errors', 1); // 在 SAE 上 ini_set() 不起作用,但也不会报错 error_reporting(E_ALL); define('IN_APP', 1); define('DS', DIRECTORY_SEPARATOR); define('APP_ROOT', __DIR__ . DS); define('CORE_ROOT', APP_ROOT . 'core' . DS); include APP_ROOT . 'config/common.php'; // if not debug, mute all error reportings if (!(defined('DEBUG') ? DEBUG : 0)) { ini_set('display_errors', 0); error_reporting(0); } require CORE_ROOT . 'function.php'; require CORE_ROOT . 'app.php'; init_var(); init_env(); require_once CORE_ROOT . 'BasicModel.php'; // 似乎可以到autoloader里面去 $user_lib_file = APP_ROOT . 'lib' . DS . 'function.php'; if (file_exists($user_lib_file)) { require_once $user_lib_file; } execute_logic();
$data = $result->fetch_assoc(); extract($data); } else { die($mysqli->error); } } if (xsrf_guard()) { init_var($_POST['btnCancel']); init_var($_POST['btnSubmit']); if ($_POST['btnCancel']) { header("location: " . HOME_PAGE); exit; } if ($_POST['btnSubmit']) { extract($_POST); init_var($Database_Connection_ID); $errMsg = scriptCheckIfNull('Project Name', $Project_Name, 'Client Name', $Client_Name, 'Description', $Project_Description, 'Base Directory', $Base_Directory, 'Database Connection', $Database_Connection_ID); if ($errMsg == "") { $select = "SELECT `Project_ID` FROM `project` WHERE `Project_Name`='{$Project_Name}' AND `Project_ID`!='{$Orig_Project_ID}'"; $error = "The project name '{$Project_Name}' already exists. Please choose a new one. <br>"; $errMsg = scriptCheckIfUnique($select, $error); if ($errMsg == "") { queryUpdateProject($_POST); header("location: ../success.php?success_tag=EditProject"); exit; } } } } drawHeader(); drawPageTitle('Edit Project', $errMsg);
<?php init_var($chosen_skill); if ($chosen_skill == "") { $html->fields['skill_id']['control_type'] = 'hidden'; } else { $html->fields['skill_id']['list_settings']['query'] = "SELECT skill.skill_id AS `Queried_skill_id`, skill.skill_name FROM skill WHERE skill.skill_set_id = {$chosen_skill} ORDER BY skill_name ASC"; }
<?php $html_subclass = $reporter->html_subclass; $title = $reporter->report_title; $arr_fields = $reporter->arr_rpt_fields; $num_fields = count($arr_fields); $arr_operators = $reporter->arr_operators; $operator_settings = array('items' => $arr_operators, 'values' => $arr_operators); $html = cobalt_load_class($html_subclass); $html->draw_header($title, $message, $message_type); require_once FULLPATH_BASE . 'javascript/reporting_tool.php'; $html->draw_container_div_start(); $html->draw_fieldset_header('Report Details'); $html->draw_fieldset_body_start(); $reporter->draw_report_interface_header(); init_var($show_field); init_var($sum_field); init_var($count_field); init_var($group_field1); init_var($group_field2); init_var($group_field3);
} if (isset($_POST[$count_var])) { $arr_form_data[$count_var] = $_POST[$count_var]; } foreach ($child->fields as $field_name => $metadata) { $cf_name = 'cf_' . $child->table_name . '_' . $field_name; if (isset($_POST[$cf_name])) { $arr_form_data[$cf_name] = $_POST[$cf_name]; } if ($metadata['control_type'] == 'date controls') { $var_year_element = 'cf_' . $child->table_name . '_' . $metadata['date_elements'][0]; $var_month_element = 'cf_' . $child->table_name . '_' . $metadata['date_elements'][1]; $var_day_element = 'cf_' . $child->table_name . '_' . $metadata['date_elements'][2]; init_var($arr_form_data[$var_year_element]); init_var($arr_form_data[$var_month_element]); init_var($arr_form_data[$var_day_element]); $num_dates = 0; if (isset($_POST[$var_year_element])) { $arr_form_data[$var_year_element] = $_POST[$var_year_element]; $num_dates = count($_POST[$var_year_element]); } if (isset($_POST[$var_month_element])) { $arr_form_data[$var_month_element] = $_POST[$var_month_element]; } if (isset($_POST[$var_day_element])) { $arr_form_data[$var_day_element] = $_POST[$var_day_element]; } for ($a = 0; $a < $num_dates; ++$a) { $arr_form_data[$cf_name][$a] = $arr_form_data[$var_year_element][$a] . '-' . $arr_form_data[$var_month_element][$a] . '-' . $arr_form_data[$var_day_element][$a]; if (strlen($arr_form_data[$cf_name][$a]) < 10) { $arr_form_data[$cf_name][$a] = '';
function draw_multifield_auto($label, $arr_multifield, $num_particulars_var = null, $particulars_count_var = null, $particular_button_var = null) { if ($num_particulars_var == null) { $num_particulars_var = 'num_particulars'; } if ($particulars_count_var == null) { $particulars_count_var = 'particulars_count'; } if ($particular_button_var == null) { $particular_button_var = 'particular_button'; } global ${$num_particulars_var}, ${$particulars_count_var}; //Get minimum according to DD $minimum = 0; foreach ($this->relations as $rel_info) { if ($rel_info['type'] == 'M-1') { $minimum = $rel_info['minimum']; } } echo '<fieldset class="fieldset_group">' . "\r\n"; if (empty($label)) { //no title, no legend } else { echo '<legend>' . $label . '</legend>'; } //if($$num_particulars_var>0) ; //else $$num_particulars_var=$$particulars_count_var; if (is_numeric(${$num_particulars_var})) { ${$particulars_count_var} = ${$num_particulars_var}; } else { ${$num_particulars_var} = ${$particulars_count_var}; } if (${$num_particulars_var} < $minimum) { ${$num_particulars_var} = $minimum; ${$particulars_count_var} = $minimum; } if ($this->detail_view == FALSE) { //if($$num_particulars_var!=0) echo "<input type=hidden name='" . $particulars_count_var . "' value=". $$num_particulars_var . ">\r\n"; //else echo "<input type=hidden name='" . $particulars_count_var . "' value=1>\r\n"; echo "<input type=\"hidden\" name=\"" . $particulars_count_var . "\" value=\"" . ${$num_particulars_var} . "\">\r\n"; } echo '<table class="input_form"><tr><td> </td>' . "\r\n"; //Count how many fields need to be drawn, //then loop the <td></td> tags with the corresponding labels. $numTDPairs = count($arr_multifield['field_labels']); for ($a = 0; $a < $numTDPairs; ++$a) { echo '<td><p class="multifield_detail_view_label">' . $arr_multifield['field_labels'][$a] . '</p></td>' . "\r\n"; } echo '</tr>' . "\r\n"; for ($a = 0; $a < ${$num_particulars_var}; ++$a) { echo '<tr><td class="label"> ' . ($a + 1) . ' </td>' . "\r\n"; for ($b = 0; $b < $numTDPairs; ++$b) { init_var($this->mf_col_align[$b]); if ($this->mf_col_align[$b] == '') { $this->mf_col_align[$b] == 'left'; } echo '<td align="' . $this->mf_col_align[$b] . '">'; if ($this->detail_view) { echo '<p class="multifield_detail_view">'; } else { echo '<p>'; } $this->{$arr_multifield}['field_controls'][$b]($arr_multifield['field_parameters'][$b], $a); echo '</p></td>' . "\r\n"; } echo '</tr>' . "\r\n"; } if (${$num_particulars_var} < 1) { $colspan = $numTDPairs + 1; if (isset($this->mf_label)) { $label = $this->mf_label; } else { $label = $this->readable_name; } echo '<tr><td colspan="' . $colspan . '"><p class="multifield_detail_view">'; if ($this->detail_view) { echo '[No Data]'; } else { echo '[Items for ' . $label . ' is set to zero. No data will be submitted for this section]'; } echo '</p></td></tr>'; } echo "</table>\r\n"; if ($this->detail_view == FALSE) { echo '<br> Change # of items to:'; ++$this->tabindex; echo '<input type="text" size="2" maxlength="2" name="' . $num_particulars_var . '" tabindex="' . $this->tabindex . '">'; ++$this->tabindex; echo '<input type="submit" name="' . $particular_button_var . '" tabindex="' . $this->tabindex . '" value="GO">' . "\r\n"; } echo '</fieldset>' . "\r\n"; echo '<br>' . "\r\n"; return $this; }
} $html_writer = new html(); $html_writer->draw_header('Set User Passports', $message, $message_type); ?> <div class="container"> <fieldset class="container_invisible"> <fieldset class="top"> Role-Based Access Control Interface</fieldset> <fieldset class="middle"> <table class="input_form" width="800"> <tr><td><a href="set_user_passports.php">[Custom Permissions]</a> :: <a href="set_user_passports2.php">[View and Remove Permissions Per Module]</a> :: <b>[Role-Based Access Control Interface]</b><hr></td> </table> <?php init_var($Username); init_var($Name); init_var($Type); ?> <table width="75%" cellpadding="2" cellspacing="2" class="input_form"> <tr> <td class="label"> Username: </td> <td><input type=text name="Username" value="<?php echo $Username; ?> "> <input type=submit name=find value="FIND" class=button1></td> </tr> <tr> <td class="label"> Full Name: </td> <td><input type=text name="Name" size=30 value="<?php echo $Name; ?> " readonly></td>
<?php init_var($chosen_region); init_var($chosen_province); init_var($chosen_city); init_var($chosen_barangay); if ($chosen_region == "") { $html->fields['province']['control_type'] = 'hidden'; $html->fields['city']['control_type'] = 'hidden'; $html->fields['barangay']['control_type'] = 'hidden'; $html->fields['district']['control_type'] = 'hidden'; } else { $html->fields['province']['list_settings']['query'] = "SELECT province.province_id AS `Queried_province_id`, province.province_name FROM province WHERE province.region_id = {$chosen_region} ORDER BY province_name ASC"; if ($chosen_province == "") { $html->fields['city']['control_type'] = 'hidden'; $html->fields['barangay']['control_type'] = 'hidden'; $html->fields['district']['control_type'] = 'hidden'; } else { $html->fields['city']['list_settings']['query'] = "SELECT city.city_id AS `Queried_city_id`, city.city_name FROM city WHERE city.province_id = {$chosen_province} ORDER BY city_name ASC"; } if ($chosen_city == "") { $html->fields['barangay']['control_type'] = 'hidden'; $html->fields['district']['control_type'] = 'hidden'; } else { $html->fields['barangay']['list_settings']['query'] = "SELECT barangay.barangay_id AS `Queried_barangay_id`, barangay.barangay_name FROM barangay WHERE barangay.city_id = {$chosen_city} ORDER BY barangay_name ASC"; if ($chosen_barangay == "") { $html->fields['district']['control_type'] = 'hidden'; } else { $html->fields['district']['list_settings']['query'] = "SELECT barangay.barangay_id AS `Queried_barangay_id`, barangay.district_number FROM barangay WHERE barangay.barangay_id = {$chosen_barangay} ORDER BY district_number ASC"; } }
} else { die($mysqli->error); } $mysqli = connect_DB(); $mysqli->real_query("SELECT `DB_Connection_Name` \n FROM `database_connection` \n WHERE `DB_Connection_ID`='{$Database_Connection_ID}'"); if ($result = $mysqli->use_result()) { if ($data = $result->fetch_assoc()) { extract($data); } $result->close(); } else { die($mysqli->error); } if (xsrf_guard()) { init_var($_POST['btnCancel']); init_var($_POST['btnSubmit']); if ($_POST['btnCancel']) { header("location: " . HOME_PAGE); exit; } elseif ($_POST['btnSubmit']) { //If base directory is composed of nested subdirectories, we only need the very first folder. $subdirectories = explode('/', $_POST['Base_Directory']); $base_directory = $subdirectories[0]; if (is_dir("../Generator/Projects/" . $base_directory)) { obliterate_dir("../Generator/Projects/" . $base_directory); } queryDeleteProject($_POST, $mysqli); } } drawHeader(); drawPageTitle('DESTROY PROJECT', 'YOU ARE ABOUT TO DESTROY AN ENTIRE PROJECT!<br>Are you sure you wish to permanently delete this project and all of its contents?');
<?php $html_subclass = $reporter->html_subclass; $title = $reporter->report_title; $arr_fields = $reporter->arr_rpt_fields; $num_fields = count($arr_fields); $arr_operators = $reporter->arr_operators; $operator_settings = array('items' => $arr_operators, 'values' => $arr_operators); $html = cobalt_load_class($html_subclass); $html->draw_header($title, $message, $message_type); require_once FULLPATH_BASE . 'javascript/reporting_tool.php'; $html->draw_container_div_start(); $html->draw_fieldset_header('Report Details'); $html->draw_fieldset_body_start(); $reporter->draw_report_interface_header(); init_var($show_field); init_var($sum_field); init_var($count_field); init_var($group_field);
<fieldset class="middle"> <table class="input_form"> <?php drawSelectField('drawDBConnection', 'DB Connection', 'DB_Connection_ID'); drawTextField('Table Name', 'Table_Name'); drawTextField('Folder / Subdirectory', 'Folder'); drawTextField('Remarks', '', '', 'Textarea'); drawMultiFieldStart('Table Pages'); if ($numParticulars < 1) { $numParticulars = 1; } echo "<table>\n <tr>\n <td> </td>\n <td>Page</td>\n <td>Filename</td>\n </tr>"; for ($a = 0; $a < $numParticulars; $a++) { echo "<tr><td>" . ($a + 1) . "</td><td>"; init_var($Page_ID[$a]); drawTablePage($Page_ID[$a], TRUE); echo " "; echo "</td><td>"; drawTextField('', 'Filename', FALSE, '', FALSE, TRUE, $a); echo " "; echo "</td></tr>"; } echo "</table>"; drawMultiFieldEnd(); ?> </table> </fieldset> <fieldset class="bottom"> <?php drawSubmitCancel();
$value2 = trim($data[1]); $new_entry = $arr_fields[$arr_fields_by_order[$key]] . " BETWEEN '" . $value1 . "' AND '" . $value2 . "'"; break; case 'NOT BETWEEN (value1, value2)': $data = explode(',', $op_value); $value1 = trim($data[0]); $value2 = trim($data[1]); $new_entry = $arr_fields[$arr_fields_by_order[$key]] . " NOT BETWEEN '" . $value1 . "' AND '" . $value2 . "'"; break; } make_list($where_clause, $new_entry, ' AND ', FALSE); } } } //Construct group by - actually just needs to identify the field to use for group by clause init_var($group_clause); if (isset($arr_fields[$group_field1])) { make_list($group_clause, $arr_fields[$group_field1], ', ', FALSE); } if (isset($arr_fields[$group_field2])) { make_list($group_clause, $arr_fields[$group_field2], ', ', FALSE); } if (isset($arr_fields[$group_field3])) { make_list($group_clause, $arr_fields[$group_field3], ', ', FALSE); } $obj_custom_report = cobalt_load_class($data_subclass); $obj_custom_report->custom_select_fields = $select_fields; $obj_custom_report->custom_where_clause = $where_clause; $obj_custom_report->custom_group_by = $group_clause; $obj_custom_report->custom_join = $custom_join; $obj_custom_report->custom_report();
<table class="listView" cellpadding="10"> <TR class="listRowHead"><TD colspan="4">Monitor Settings</TD></TR> <TR class='listRowOdd'><TD colspan=4>DATE & TIME RANGE Options: <?php init_var($DateTimeOptions); init_var($TimeStart); init_var($TimeEnd); init_var($UserOptions); init_var($Username); init_var($ModuleOptions); init_var($Module); init_var($KeywordSearch); init_var($Keyword); init_var($IPAddressOptions); init_var($IPAddress); if ($DateTimeOptions != "ViewAll") { echo "<input type=radio name=DateTimeOptions value=ViewAll onClick='NoRange();'> Since beginning"; echo "<input type=radio name=DateTimeOptions value=Specify onClick='WithRange();' checked> Specify date and time range"; } else { echo "<input type=radio name=DateTimeOptions value=ViewAll onClick='NoRange();' checked> Since beginning"; echo "<input type=radio name=DateTimeOptions value=Specify onClick='WithRange();'> Specify date and time range"; } ?> </TD></TR> <TR class='listRowEven'> <TD valign="middle">START:</TD><TD><input type="text" size="40" name="TimeStart" value="<?php echo $TimeStart; ?> "><br /><i>Sample: January 21 1986 6:25 am</i></span></TD> <TD valign="middle" align="right">END:</TD><TD><input type="text" size="40" name="TimeEnd" value="<?php
$Page_ID[$a] = $data['Page_ID']; $Filename[$a] = basename($data['Path_Filename']); $Folder = dirname($data['Path_Filename']); if ($Folder == '.') { $Folder = ''; } } } else { die($mysqli->error); } $mysqli->close(); $Orig_Table_Name = $Table_Name; } elseif (xsrf_guard()) { init_var($_POST['btnCancel']); init_var($_POST['btnSubmit']); init_var($_POST['particularButton']); if ($_POST['btnCancel']) { header('location: ListView_Tables.php'); exit; } if ($_POST['btnSubmit'] || $_POST['particularButton']) { extract($_POST); } if ($_POST['btnSubmit']) { $errMsg = scriptCheckIfNull('DB Connection', $DB_Connection_ID, 'Table Name', $Table_Name); for ($a = 0; $a < $particularsCount; $a++) { $b = $a + 1; $errMsg .= scriptCheckIfNull("Table page #{$b}", $Page_ID[$a]); if (trim($Folder) != '') { $Path_Filename[$a] = trim($Folder) . '/' . trim(basename($Filename[$a])); } else {
init_SCV2(); if (isset($_GET['List_ID'])) { $List_ID = rawurldecode($_GET['List_ID']); $mysqli = connect_DB(); $mysqli->real_query("SELECT `List_Name`, `Remarks` \n FROM `table_fields_predefined_list` \n WHERE `List_ID`='{$List_ID}'"); if ($result = $mysqli->use_result()) { $data = $result->fetch_assoc(); extract($data); } else { die($mysqli->error); } $mysqli->close(); $mysqli = connect_DB(); $mysqli->real_query("SELECT `List_Item` \n FROM `table_fields_predefined_list_items` \n WHERE `List_ID`='{$List_ID}' \n ORDER BY `Number`"); } elseif (xsrf_guard()) { init_var($_POST['btnCancel']); if ($_POST['btnCancel']) { header('location: ListView_PredefinedLists.php'); exit; } } drawHeader(); drawPageTitle('Detail View: Predefined Lists', $errMsg); ?> <div class="container_mid"> <fieldset class="top"> View List: <?php echo $List_Name; ?> </fieldset>
$html_writer = new html(); $html_writer->draw_header('Set User Passports', $message, $message_type); ?> <div class="container"> <fieldset class="container_invisible"> <fieldset class="top"> Modify the System Privileges of Users</fieldset> <fieldset class="middle"> <table class="input_form" width="800"> <tr><td><b>[Custom Permissions]</b> :: <a href="set_user_passports2.php">[View and Remove Permissions Per Module]</a> :: <a href="set_user_passports3.php">[Role-Based Access Control Interface]</a><hr></td> </table> <table cellpadding="2" cellspacing="2" class="tableContent"> <?php init_var($Username); init_var($Name); init_var($Role); init_var($passportGroup); ?> <tr><td align=right> Username: </td><td colspan=3><input type=text name="Username" value="<?php echo $Username; ?> "> <input type=submit name=find value="FIND" class=button1></td></tr> <tr><td align=right> Full Name: </td><td><input type=text name="Name" size=30 value="<?php echo $Name; ?> " readonly></td> <td align=right> Current Role: </td><td><input type=text name="Role" value="<?php echo $Role; ?> " readonly></td></tr> <tr><td align=right> Passport Group: </td><td colspan=3> <SELECT NAME=passportGroup>
<?php //**************************************************************************************** //Generated by Cobalt, a rapid application development framework. http://cobalt.jvroig.com //Cobalt developed by JV Roig (jvroig@jvroig.com) //**************************************************************************************** require 'path.php'; init_cobalt('View zone'); require 'reporter_class.php'; $reporter = cobalt_load_class('zone_rpt'); //$reporter->print_settings(); //You can uncomment this line to get the PHP code for the settings arrays. You can //use one or more of the arrays to customize the report output or deal with special cases //(adding special aliases, overriding labels for tables with similar field names, etc) require 'components/reporter_interface_proc.php'; require 'components/reporter_interface_head.php'; for ($i = 0; $i < $num_fields; ++$i) { init_var($text_field[$i]); require 'components/reporter_interface_body.php'; } require 'components/reporter_interface_foot.php';
function sanitize_new(&$param) { $lst_error = ''; require_once 'validation_class.php'; require_once 'char_set_class.php'; $validator = new validation(); $arr_error = array(); //Check if some required fields are left blank. foreach ($this->fields as $field_name => $field_details) { $label = $field_details['label']; $required = $field_details['required']; if ($required) { init_var($param[$field_name]); //$lst_error .= $validator->check_if_null($label, $param[$field_name]); $error = $validator->check_if_null_new($label, $param[$field_name]); if ($error == '') { //Skip } else { $arr_error[$field_name] = $validator->check_if_null_new($label, $param[$field_name]); } } } foreach ($param as $unclean => $unclean_value) { if (isset($this->fields[$unclean])) { $length = $this->fields[$unclean]['length']; $data_type = $this->fields[$unclean]['data_type']; $attribute = $this->fields[$unclean]['attribute']; $control_type = $this->fields[$unclean]['control_type']; $label = $this->fields[$unclean]['label']; $char_set_method = $this->fields[$unclean]['char_set_method']; $char_set_allow_space = $this->fields[$unclean]['char_set_allow_space']; $extra_chars_allowed = $this->fields[$unclean]['extra_chars_allowed']; $trim = $this->fields[$unclean]['trim']; $valid_set = $this->fields[$unclean]['valid_set']; //Apply trimming if specified. //Triming should be applied to $unclean_value for purposes of further filtering/checking, //and then also applied to $param[$unclean] so as to actually affect the POST variable. if (strtolower($trim) == 'trim') { $unclean_value = trim($unclean_value); $param[$unclean] = trim($unclean_value); } elseif (strtolower($trim) == 'ltrim') { $unclean_value = ltrim($unclean_value); $param[$unclean] = ltrim($unclean_value); } elseif (strtolower($trim) == 'rtrim') { $unclean_value = rtrim($unclean_value); $param[$unclean] = rtrim($unclean_value); } //Check length if ($length > 0) { if (strlen($unclean_value) > $length) { //$lst_error .= "The field '$label' can only accept $length characters.<br>"; $arr_error[$unclean] = "This field can only accept {$length} characters."; } } $validator = new validation(); //If there is a set of valid inputs, check if 'unclean' conforms to it. if (count($valid_set) > 1) { if ($unclean_value == '') { //No need to check because no value was submitted. } else { $validator->check_data_set_new($unclean_value, $valid_set, TRUE); if ($validator->validity == FALSE) { //$lst_error .= $validator->error_message . $label . '<br>'; $arr_error[$unclean] = $validator->error_message; } } } else { //If a char set method is given, check 'unclean' for invalid characters if ($char_set_method != '') { $cg = new char_set(); $cg->allow_space = $char_set_allow_space; $cg->{$char_set_method}($extra_chars_allowed); $allowed = $cg->allowed_chars; $validator->field_name = $label; $validator->validate_data($unclean_value, $data_type, $allowed); if ($validator->validity == FALSE) { $cntInvalidChars = count($validator->invalid_chars); if ($cntInvalidChars == 1) { //$lst_error .= "Invalid character found in '$label': " . cobalt_htmlentities($validator->invalid_chars[0]) . '<br>'; $arr_error[$unclean] = "This field has invalid character: " . cobalt_htmlentities($validator->invalid_chars[0]); } elseif ($cntInvalidChars > 1) { $lst_error .= "Invalid characters found in '{$label}': "; for ($a = 0; $a < $cntInvalidChars; ++$a) { $lst_error .= cobalt_htmlentities($validator->invalid_chars[$a]) . ' '; } $lst_error .= '<br>'; } } } } } } //determine if multifield data needs to be sanitized foreach ($this->relations as $rel_info) { if ($rel_info['type'] == '1-M') { $subclass = cobalt_load_class($rel_info['table']); $lst_error .= $subclass->sanitize_mf_new($param)->lst_error; } } $this->lst_error = $arr_error; return $this; }
<?php //****************************************************************** //This file was generated by Cobalt, a rapid application development //framework developed by JV Roig (jvroig@jvroig.com). // //Cobalt on the web: http://cobalt.jvroig.com //****************************************************************** require 'path.php'; init_cobalt('Add user links'); if (isset($_GET['filter_field_used']) && isset($_GET['filter_used']) && isset($_GET['page_from'])) { require 'components/get_listview_referrer.php'; } if (xsrf_guard()) { init_var($_POST['btn_cancel']); init_var($_POST['btn_submit']); require 'components/query_string_standard.php'; require 'subclasses/user_links.php'; $dbh_user_links = new user_links(); $object_name = 'dbh_user_links'; require 'components/create_form_data.php'; extract($arr_form_data); if ($_POST['btn_cancel']) { log_action('Pressed cancel button'); redirect("listview_user_links.php?{$query_string}"); } if ($_POST['btn_submit']) { log_action('Pressed submit button'); $message .= $dbh_user_links->sanitize($arr_form_data)->lst_error; extract($arr_form_data); if ($dbh_user_links->check_uniqueness($arr_form_data)->is_unique) {
function drawHeaderMenu() { init_var($_SESSION['Project_Name']); echo '<div class="HeaderMenu"> <table border=0 width=98% cellspacing=0 cellpadding=0 class="tableContent" align="center"> <tr class=printText> <td class="menu" align=left width=15%> <a class="menu" href="/cobalt/main.php"> HOME </a> </td> <td class="menu" align=left width=15%> <a class="menu" href="/cobalt/chooseProject.php"> CHANGE PROJECT </a> </td> <td class="menu" align=left width=15%> <a class="menu" href="/cobalt/About.php"> ABOUT </a> </td> <td align=right> Active Project: ' . htmlentities($_SESSION['Project_Name'], ENT_QUOTES) . '</td></tr> </table> </div>'; }