function get_user_info_by_id($uid)
{
$sql_pre = "SELECT `username` ,`password` FROM `user` WHERE `id` = ?i AND username = ?s LIMIT 1 ";
$array = array('1', "haixiao");
$sql = prepare($sql_pre, $array);
return get_line($sql);
}
function get_master_info($username)
{
$sql_pre = "SELECT `username` , `password` FROM `yxy_master` WHERE `username` = ?s";
$array = array($username);
$sql = prepare($sql_pre, $array);
return get_line($sql);
}
function freemed_basic_auth()
{
//----- Check for authentication
$headers = getallheaders();
$authed = false;
if (preg_match('/Basic/', $headers['Authorization'])) {
// Parse headers
$tmp = $headers['Authorization'];
$tmp = preg_replace('/ /', '', $tmp);
$tmp = preg_replace('/Basic/', '', $tmp);
$auth = base64_decode(trim($tmp));
list($user, $pass) = explode(':', $auth);
// Check for username/password
$query = "SELECT username, userpassword, userrealphy, id FROM user " . "WHERE username='******' AND " . "userpassword=MD5('" . addslashes($pass) . "')";
$r = $GLOBALS['sql']->queryRow($query);
if ($r['id']) {
$authed = true;
$GLOBALS['__freemed']['basic_auth_id'] = $r['id'];
$GLOBALS['__freemed']['basic_auth_phy'] = $r['userrealphy'];
} else {
// Clear basic auth id
$authed = false;
$GLOBALS['__freemed']['basic_auth_id'] = 0;
$GLOBALS['__freemed']['basic_auth_phy'] = 0;
}
} else {
// Otherwise return fault for no authorization
Header("WWW-Authenticate: Basic realm=\"" . prepare(PACKAGENAME . " v" . VERSION . " vCalendar") . "\"");
Header("HTTP/1.0 401 Unauthorized");
die;
}
return $authed;
}
/**
* Retrieve all replies to a given thread
*/
private function fetchReplies($board, $thread_id)
{
$query = prepare("SELECT * FROM ``posts_{$board}`` WHERE `thread` = :id");
$query->bindValue(':id', $thread_id, PDO::PARAM_INT);
$query->execute() or error(db_error($query));
return $query->fetchAll(PDO::FETCH_ASSOC);
}
/**
* 过滤条件
*
* @author boxcore
* @date 2014-10-23
* @param array $configs 过滤条件
* @return string
*/
private function __getWhere($configs)
{
$where = 'WHERE TRUE ';
if (isset($configs['need_push'])) {
$where .= prepare('AND `need_push` = ?s ', array($configs['need_push']));
}
if (isset($configs['url'])) {
$where .= prepare('AND `url` = ?s ', array($configs['url']));
}
if (isset($configs['task_list_id'])) {
$where .= prepare('AND `task_list_id` = ?i ', array($configs['task_list_id']));
}
if (isset($configs['type'])) {
$where .= prepare('AND `type` = ?i ', array($configs['type']));
}
if (isset($configs['start_goods_id'])) {
$where .= prepare('AND `goods_id` >= ?i ', array($configs['start_goods_id']));
}
if (isset($configs['price'])) {
if ($configs['price']) {
$where .= 'AND `price` > 0 ';
} else {
$where .= 'AND `price` = 0 ';
}
}
if (isset($configs['date'])) {
$where .= prepare('AND `created_time` >= ?s AND `created_time` <= ?s ', array($configs['date'] . " 00:00:00", $configs['date'] . " 23:59:59"));
}
return $where;
}
function assignments()
{
prepare();
$request = new AssignmentsRequest(ActionType::GET);
$response = $this->roots->assignments($request);
return $response;
}
function get_filecatname($catid)
{
$sql_pre = "SELECT `catname` FROM `yxy_filecat` WHERE `id` = ?i";
$array = array($catid);
$sql = prepare($sql_pre, $array);
return get_var($sql);
}
function show_timeSheetItems($template_name)
{
global $date_to_view;
$current_user =& singleton("current_user");
global $TPL;
$query = prepare("SELECT * \n FROM timeSheetItem \n LEFT JOIN timeSheet ON timeSheetItem.timeSheetID = timeSheet.timeSheetID\n LEFT JOIN project ON timeSheet.projectID = project.projectID\n WHERE dateTimeSheetItem='%s'\n AND timeSheet.personID=%d", date("Y-m-d", $date_to_view), $current_user->get_id());
$db = new db_alloc();
$db->query($query);
while ($db->next_record()) {
$timeSheetItem = new timeSheetItem();
$timeSheetItem->read_db_record($db);
$timeSheetItem->set_values();
if ($timeSheetItem->get_value("unit") == "Hour") {
$TPL["daily_hours_total"] += $timeSheetItem->get_value("timeSheetItemDuration");
}
$project = new project();
$project->read_db_record($db);
$project->set_values();
if ($project->get_value("projectShortName")) {
$TPL["item_description"] = $project->get_value("projectShortName");
} else {
$TPL["item_description"] = $project->get_value("projectName");
}
include_template($template_name);
}
}
function choose()
{
while (list($k, $v) = each($GLOBALS)) {
global ${$k};
}
$collectorid = getcollectorid("advalvas");
$query = "DELETE FROM station " . "WHERE collectorid='" . addslashes($collectorid) . "'";
$sql->query($query);
$query = "DELETE FROM program";
$sql->query($query);
print_header_open();
print_title("Choose Stations for " . $this->MODULE_NAME);
print_header_close();
print "\n <FORM ACTION=\"" . page_name() . "\" METHOD=POST>\n <INPUT TYPE=HIDDEN NAME=\"module\" VALUE=\"" . prepare($module) . "\">\n <TABLE BORDER=0 CELLSPACING=0 CELLPADDING=2>\n <TR BGCOLOR=\"#ccccff\">\n <TD><B>Original Name</B></TD>\n <TD><B>xawtv Name</B></TD>\n <TD><B>Channel</B></TD>\n </TR>\n ";
while (list($name, $value) = each($HTTP_POST_VARS)) {
if ($value == 1) {
$suburl = "?NL&" . $name;
$channel_name = preg_replace("/_/", " ", $name);
$channel_name = preg_replace("/\\|/", "+", $channel_name);
$query = $sql->insert_query("station", array("sname" => $this->transformName($channel_name), "collectorid" => $collectorid, "suburl" => $suburl, "rname" => $this->transformName($channel_name), "channel" => "0"));
$result = $sql->query($query);
$sid = $sql->last_record($result);
print "\n\t\t\t\t<TR>\n\t\t\t\t\t\t<TD>" . prepare($channel_name) . "</TD>\n\t\t\t\t\t\t<TD>\n\t\t\t\t\t\t\t\t<INPUT TYPE=TEXT NAME=\"T" . htmlentities($sid) . "\"\n\t\t\t\t\t\t\t\tVALUE=\"" . prepare($channel_name) . "\">\n\t\t\t\t\t\t</TD>\n\t\t\t\t\t\t<TD>" . html_form::text_widget("C" . htmlentities($sid)) . "</TD>\n\t\t\t\t</TR>\n\t\t\t\t";
}
}
print "</TABLE>\n";
print "<P><INPUT TYPE=SUBMIT NAME=SUBMIT VALUE=\"Update\"></P>\n";
print "</FORM>\n";
print_page_close();
exit;
}
function get_rate($projectID, $personID)
{
// Try to get the person's rate from the following sources:
// project.defaultTimeSheetRate
// person.defaultTimeSheetRate
// config.name == defaultTimeSheetRate
// First check the project for a rate
$project = new project($projectID);
$row = array('rate' => $project->get_value("defaultTimeSheetRate"), 'unit' => $project->get_value("defaultTimeSheetRateUnitID"));
if (imp($row['rate']) && $row['unit']) {
return $row;
}
// Next check person, which is in global currency rather than project currency - conversion required
$db = new db_alloc();
$q = prepare("SELECT defaultTimeSheetRate as rate, defaultTimeSheetRateUnitID as unit FROM person WHERE personID = %d", $personID);
$db->query($q);
$row = $db->row();
if (imp($row['rate']) && $row['unit']) {
if ($project->get_value("currencyTypeID") != config::get_config_item("currency")) {
$row['rate'] = exchangeRate::convert(config::get_config_item("currency"), $row["rate"], $project->get_value("currencyTypeID"));
}
return $row;
}
// Lowest priority: global
$rate = config::get_config_item("defaultTimeSheetRate");
$unit = config::get_config_item("defaultTimeSheetUnit");
if (imp($rate) && $unit) {
if (config::get_config_item("currency") && $project->get_value("currencyTypeID")) {
$rate = exchangeRate::convert(config::get_config_item("currency"), $rate, $project->get_value("currencyTypeID"));
}
return array('rate' => $rate, 'unit' => $unit);
}
}
function show_overdue($template_name)
{
global $db;
global $TPL;
$current_user =& singleton("current_user");
$db = new db_alloc();
$temp = mktime(0, 0, 0, date("m"), date("d"), date("Y"));
$today = date("Y", $temp) . "-" . date("m", $temp) . "-" . date("d", $temp);
$q = prepare("SELECT itemName,itemType,item.itemID,dateBorrowed,dateToBeReturned,loan.personID \n FROM loan,item \n WHERE dateToBeReturned < '%s' \n\t\t\t\t\t AND dateReturned = '0000-00-00' \n\t\t\t\t\t AND item.itemID = loan.itemID\n ", $today);
if (!have_entity_perm("loan", PERM_READ, $current_user, false)) {
$q .= prepare("AND loan.personID = %d", $current_user->get_id());
}
$db->query($q);
while ($db->next_record()) {
$i++;
$item = new item();
$loan = new loan();
$item->read_db_record($db);
$loan->read_db_record($db);
$item->set_values();
$loan->set_values();
$person = new person();
$person->set_id($loan->get_value("personID"));
$person->select();
$TPL["person"] = $person->get_name();
$TPL["overdue"] = "<a href=\"" . $TPL["url_alloc_item"] . "itemID=" . $item->get_id() . "&return=true\">Overdue!</a>";
include_template($template_name);
}
}
public static function get_config_item_id($name = '')
{
$db = new db_alloc();
$db->query(prepare("SELECT configID FROM config WHERE name = '%s'", $name));
$db->next_record();
return $db->f('configID');
}
function show_expenseFormList($template_name)
{
global $db;
global $TPL;
global $transactionRepeat;
$current_user =& singleton("current_user");
$db = new db_alloc();
$transactionRepeat = new transactionRepeat();
if (!$_GET["tfID"] && !$current_user->have_role("admin")) {
$tfIDs = $current_user->get_tfIDs();
$tfIDs and $sql = prepare("WHERE tfID in (%s)", $tfIDs);
} else {
if ($_GET["tfID"]) {
$sql = prepare("WHERE tfID = %d", $_GET["tfID"]);
}
}
$db->query("select * FROM transactionRepeat " . $sql);
while ($db->next_record()) {
$i++;
$transactionRepeat->read_db_record($db);
$transactionRepeat->set_values();
$TPL["tfName"] = tf::get_name($transactionRepeat->get_value("tfID"));
$TPL["fromTfName"] = tf::get_name($transactionRepeat->get_value("fromTfID"));
include_template($template_name);
}
$TPL["tfID"] = $tfID;
}
function unban($id)
{
$query = prepare("DELETE FROM `bans` WHERE `id` = :id");
$query->bindValue(':id', $id);
$query->execute() or error(db_error($query));
modLog("Removed ban #{$id}");
}
public function action()
{
global $board;
switch ($this->action) {
case 'reject':
error(isset($this->message) ? $this->message : 'Posting throttled by flood filter.');
case 'ban':
if (!isset($this->reason)) {
error('The ban action requires a reason.');
}
$reason = $this->reason;
if (isset($this->expires)) {
$expires = time() + $this->expires;
} else {
$expires = 0;
}
// Ban indefinitely
if (isset($this->reject)) {
$reject = $this->reject;
} else {
$reject = true;
}
if (isset($this->all_boards)) {
$all_boards = $this->all_boards;
} else {
$all_boards = false;
}
$query = prepare("INSERT INTO `bans` VALUES (NULL, :ip, :mod, :set, :expires, :reason, :board)");
$query->bindValue(':ip', $_SERVER['REMOTE_ADDR']);
$query->bindValue(':mod', -1);
$query->bindValue(':set', time());
if ($expires) {
$query->bindValue(':expires', $expires);
} else {
$query->bindValue(':expires', null, PDO::PARAM_NULL);
}
if ($reason) {
$query->bindValue(':reason', $reason);
} else {
$query->bindValue(':reason', null, PDO::PARAM_NULL);
}
if ($all_boards) {
$query->bindValue(':board', null, PDO::PARAM_NULL);
} else {
$query->bindValue(':board', $board['uri']);
}
$query->execute() or error(db_error($query));
if ($reject) {
if (isset($this->message)) {
error($message);
}
checkBan($board['uri']);
exit;
}
break;
default:
error('Unknown filter action: ' . $this->action);
}
}
public function nextId($entidade)
{
$query = "SELECT max(id) FROM ? ";
$stmt = prepare($query);
$reg = mysql_fetch_array($this->doSQL($query));
$sequencial = $reg[$max] + 1;
return $sequencial;
}
function recipients_to_text($recip)
{
$query = "SELECT * FROM user WHERE " . "FIND_IN_SET(id, '" . addslashes($recip) . "')";
$res = $GLOBALS['sql']->queryAll($query);
$a = array();
foreach ($res as $r) {
$a[] = prepare($r['userdescrip']);
}
return join(', ', $a);
}
protected function _getWhere($configs)
{
$where = 'WHERE TRUE ';
if (!empty($configs['cid'])) {
$where .= prepare('AND `list_id` = ?i ', array($configs['cid']));
}
if (!empty($configs['date'])) {
$where .= prepare('AND `created_time` >= ?s AND `created_time` <= ?s ', array($configs['date'] . ' 00:00:00', $configs['date'] . ' 23:59:59'));
}
return $where;
}
function get_roles_array($level = "person")
{
$rows = array();
$db = new db_alloc();
$q = prepare("SELECT * FROM role WHERE roleLevel = '%s' ORDER BY roleSequence", $level);
$db->query($q);
while ($row = $db->row()) {
$rows[$row["roleHandle"]] = $row["roleName"];
}
return $rows;
}
function sb_thread($b, $thread, $slugcheck = false)
{
global $config;
$thread = (int) $thread;
if ($thread < 1) {
return false;
}
if (!preg_match('/^' . $config['board_regex'] . '$/u', $b)) {
return false;
}
if (Cache::get("thread_exists_" . $b . "_" . $thread) == "no") {
return false;
}
$query = prepare(sprintf("SELECT MAX(`id`) AS `max` FROM ``posts_%s``", $b));
if (!$query->execute()) {
return false;
}
$s = $query->fetch(PDO::FETCH_ASSOC);
$max = $s['max'];
if ($thread > $max) {
return false;
}
$query = prepare(sprintf("SELECT `id` FROM ``posts_%s`` WHERE `id` = :id AND `thread` IS NULL", $b));
$query->bindValue(':id', $thread);
if (!$query->execute() || !$query->fetch(PDO::FETCH_ASSOC)) {
Cache::set("thread_exists_" . $b . "_" . $thread, "no");
return false;
}
if ($slugcheck && $config['slugify']) {
global $request;
$link = link_for(array("id" => $thread), $slugcheck === 50, array("uri" => $b));
$link = "/" . $b . "/" . $config['dir']['res'] . $link;
if ($link != $request) {
header("Location: {$link}", true, 301);
die;
}
}
if ($slugcheck == 50) {
// Should we really generate +50 page? Maybe there are not enough posts anyway
global $request;
$r = str_replace("+50", "", $request);
$r = substr($r, 1);
// Cut the slash
if (file_exists($r)) {
return false;
}
}
if (!openBoard($b)) {
return false;
}
buildThread($thread);
return true;
}
function apply_patch($f)
{
global $TPL;
static $files;
// Should never attempt to apply the same patch twice.. in case
// there are function declarations in the .php patches.
if ($files[$f]) {
return;
}
$files[$f] = true;
$db = new db_alloc();
$file = basename($f);
$failed = false;
$comments = array();
// This is an important patch that converts money from 120.34 to 12034.
// We MUST ensure that the user has a currency set before applying this patch.
if ($file == "patch-00188-alla.sql") {
if (!config::get_config_item('currency')) {
alloc_error("No default currency is set! Login to alloc (ignore any errors, you may need to manually change the url to config/config.php after logging in) go to Setup -> Finance and select a Main Currency. And then click the 'Update Transactions That Have No Currency' button. Then return here and apply this patch (patch-188). IT IS REALLY IMPORTANT THAT YOU FOLLOW THESE INSTRUCTIONS as the storage format for monetary amounts has changed.", true);
}
}
// Try for sql file
if (strtolower(substr($file, -4)) == ".sql") {
list($sql, $comments) = parse_sql_file($f);
foreach ($sql as $query) {
if (!$db->query($query)) {
#$TPL["message"][] = "<b style=\"color:red\">Error:</b> ".$f."<br>".$db->get_error();
$failed = true;
alloc_error("<b style=\"color:red\">Error:</b> " . $f . "<br>" . $db->get_error());
}
}
if (!$failed) {
$TPL["message_good"][] = "Successfully Applied: " . $f;
}
// Try for php file
} else {
if (strtolower(substr($file, -4)) == ".php") {
$str = execute_php_file("../patches/" . $file);
if ($str && !defined("FORCE_PATCH_SUCCEED_" . $file)) {
#$TPL["message"][] = "<b style=\"color:red\">Error:</b> ".$f."<br>".$str;
$failed = true;
ob_end_clean();
alloc_error("<b style=\"color:red\">Error:</b> " . $f . "<br>" . $str);
} else {
$TPL["message_good"][] = "Successfully Applied: " . $f;
}
}
}
if (!$failed) {
$q = prepare("INSERT INTO patchLog (patchName, patchDesc, patchDate) \n VALUES ('%s','%s','%s')", $file, implode(" ", $comments), date("Y-m-d H:i:s"));
$db->query($q);
}
}
function fix_this_comment($r, $num, $from, $messageid)
{
global $db;
global $alloc_from_addresses2;
if ($r["commentEmailUIDORIG"] != $num) {
unset($projectID);
if ($r["commentMaster"] == "task" && $r["commentMasterID"]) {
$q = prepare("select projectID from task where taskID = %d", $r["commentMasterID"]);
$db->query($q);
$task_row = $db->row();
$projectID = $task_row["projectID"];
}
// Try figure out and populate the commentCreatedUser/commentCreatedUserClientContactID fields
list($from_address, $from_name) = parse_email_address($from);
$person = new person();
$personID = $person->find_by_email($from_address);
$personID or $personID = $person->find_by_name($from_name);
$sql = array();
$sql[] = prepare("commentEmailUID = '%s'", trim($num));
if ($personID) {
$sql[] = prepare("commentCreatedUser = %d", $personID);
$sql[] = "commentCreatedUserClientContactID = NULL";
} else {
$sql[] = "commentCreatedUser = NULL";
$cc = new clientContact();
$clientContactID = $cc->find_by_email($from_address, $projectID);
$clientContactID or $clientContactID = $cc->find_by_name($from_name, $projectID);
$clientContactID and $sql[] = prepare("commentCreatedUserClientContactID = %d", $clientContactID);
}
$sql[] = prepare("commentCreatedUserText = '%s'", trim($from));
$sql[] = prepare("commentEmailMessageID = '%s'", trim($messageid));
if (!in_array($from_address, $alloc_from_addresses2)) {
// don't update items that are from alloc
$q = prepare("UPDATE comment SET " . implode(",", $sql) . " WHERE commentID = %d", $r["commentID"]);
$db->query($q);
printorlog("FIXED: " . $q . " (old uid: " . $r["commentEmailUIDORIG"] . ")", "blue");
}
} else {
// Try figure out and populate the commentCreatedUser/commentCreatedUserClientContactID fields
list($from_address, $from_name) = parse_email_address($from);
if (!in_array($from_address, $alloc_from_addresses2)) {
// don't update items that are from alloc
$sql = array();
$sql[] = prepare("commentEmailUID = '%s'", trim($num));
$sql[] = prepare("commentEmailMessageID = '%s'", trim($messageid));
$q = prepare("UPDATE comment SET " . implode(",", $sql) . " WHERE commentID = %d", $r["commentID"]);
$db->query($q);
printorlog("GOOD: " . $q, "green");
}
}
}
/**
* 获取组装条件
*
* @author boxcore
* @date 2014-06-02
* @param array $configs [description]
* @return [type] [description]
*/
private function __getWhere($configs = array())
{
$where = ' WHERE 1=1 ';
if (isset($configs['task_id']) && !empty($configs['task_id'])) {
$where .= " AND `id`={$configs['task_id']} ";
}
if (isset($configs['task_ids']) && !empty($configs['task_ids'])) {
$where .= " AND `id` IN( {$configs['task_ids']} ) ";
}
if (isset($configs['cat_id']) && !empty($configs['cat_id'])) {
$where .= prepare(' AND `cat_id` = ?i ', array($configs['cat_id']));
}
return $where;
}
function get_parent_taskIDs($taskID)
{
$q = prepare("SELECT taskID,taskName,parentTaskID \n FROM task \n WHERE taskID = %d \n AND (taskID != parentTaskID OR parentTaskID IS NULL)", $taskID);
$db = new db_alloc();
$db->query($q);
while ($db->next_record()) {
$rtn[$db->f("taskName")] = $db->f("taskID");
$arr = get_parent_taskIDs($db->f("parentTaskID"));
if (is_array($arr)) {
$rtn = array_merge($rtn, $arr);
}
}
return $rtn;
}
function max_posts_per_hour($post)
{
global $config, $board;
if (!$config['hour_max_threads']) {
return false;
}
if ($post['op']) {
$query = prepare(sprintf('SELECT COUNT(*) AS `count` FROM ``posts_%s`` WHERE `thread` IS NULL AND FROM_UNIXTIME(`time`) > DATE_SUB(NOW(), INTERVAL 1 HOUR);', $board['uri']));
$query->bindValue(':ip', $_SERVER['REMOTE_ADDR']);
$query->execute() or error(db_error($query));
$r = $query->fetch(PDO::FETCH_ASSOC);
return $r['count'] > $config['hour_max_threads'];
}
}
function get_buy_cost($id = false)
{
$id or $id = $this->get_id();
$db = new db_alloc();
$q = prepare("SELECT amount, currencyTypeID, tax\n FROM productCost\n WHERE isPercentage != 1\n AND productID = %d\n AND productCostActive = true\n ", $id);
$db->query($q);
while ($row = $db->row()) {
if ($row["tax"]) {
list($amount_minus_tax, $amount_of_tax) = tax($row["amount"]);
$row["amount"] = $amount_minus_tax;
}
$amount += exchangeRate::convert($row["currencyTypeID"], $row["amount"]);
}
return $amount;
}
function hash_to_entity($hash = "")
{
global $db;
if ($hash) {
$q = prepare("select * from token WHERE tokenHash = '%s'", $hash);
$row = $db->qr($q);
if ($row["tokenEntity"] == "comment") {
$q = prepare("SELECT commentMaster,commentMasterID FROM comment WHERE commentID = %d", $row["tokenEntityID"]);
$r = $db->qr($q);
return $r["commentMaster"] . $r["commentMasterID"];
} else {
return $row["tokenEntity"] . $row["tokenEntityID"];
}
}
}
function show_tasks()
{
$current_user =& singleton("current_user");
global $tasks_date;
list($ts_open, $ts_pending, $ts_closed) = task::get_task_status_in_set_sql();
$q = prepare("SELECT * \n FROM task \n WHERE (task.taskStatus NOT IN (" . $ts_closed . ") AND task.taskTypeID = 'Message') \n AND (personID = %d) \n ORDER BY priority\n ", $current_user->get_id());
$db = new db_alloc();
$db->query($q);
while ($db->next_record()) {
$task = new task();
$task->read_db_record($db);
echo $br . $task->get_task_image() . $task->get_task_link(array("return" => "html"));
$br = "<br>";
}
}
function save()
{
// Just ensure multiple 0 entries cannot be saved.
if ($this->get_value("commissionPercent") == 0) {
$q = prepare("SELECT * FROM projectCommissionPerson WHERE projectID = %d AND commissionPercent = 0 AND projectCommissionPersonID != %d", $this->get_value("projectID"), $this->get_id());
$db = new db_alloc();
$db->query($q);
if ($db->next_record()) {
$fail = true;
alloc_error("Only one Time Sheet Commission is allowed to be set to 0%");
}
}
if (!$fail) {
parent::save();
}
}
function get_skills()
{
global $TPL;
global $skill_class;
$skills = array("" => "Any Skill");
$query = "SELECT * FROM skill";
if ($skill_class != "") {
$query .= prepare(" WHERE skillClass='%s'", $skill_class);
}
$query .= " ORDER BY skillClass,skillName";
$db = new db_alloc();
$db->query($query);
while ($db->next_record()) {
$skill = new skill();
$skill->read_db_record($db);
$skills[$skill->get_id()] = sprintf("%s - %s", $skill->get_value('skillClass'), $skill->get_value('skillName'));
}
return $skills;
}