function HandleExpand()
{
global $db;
if ($_REQUEST["treeId"] == "TreeCategories") {
$res =& $db->query(CMD_SEL_ITEMS, array($_REQUEST["nodeId"]));
if (PEAR::isError($res)) {
printErr($res);
exit;
}
$items = array();
while ($row =& $res->fetchRow(DB_FETCHMODE_OBJECT)) {
$customAttrs = array("categId" => $row->category_id);
$items[] = array("nodeId" => $row->id, "name" => $row->art . " - " . $row->name, "state" => "item", "tp" => NODE_SITE_ITEM, "image" => getImageState($row), "customAttrs" => $customAttrs);
}
printTree($items, false);
} else {
if ($_REQUEST["treeId"] == "TreeOurSite") {
$res =& $db->query(CMD_SEL_SUBCATEGORIES, array($_REQUEST["nodeId"]));
if (PEAR::isError($res)) {
printError($res);
exit;
}
$categories = array();
while ($row =& $res->fetchRow(DB_FETCHMODE_OBJECT)) {
$catCount = getItemsCount($row->id);
$state = null;
if ($catCount > 0) {
$state = "collapsed";
}
$imgState = $row->viewmode == true ? "pics/ourcategoryHidden.png" : "pics/ourcategory.png";
$categories[] = array("nodeId" => $row->id, "name" => $row->name, "state" => $state, "image" => $imgState);
}
addMovedItems($categories, $_REQUEST["nodeId"]);
printTree($categories, false);
}
}
}
if (file_exists(ROOT . PAGES_FOLDER . "abouts/{$_REQUEST['abt']}.php")) {
include ROOT . PAGES_FOLDER . "abouts/{$_REQUEST['abt']}.php";
} elseif (file_exists(ROOT . PAGES_FOLDER . "abouts/{$_REQUEST['abt']}.html")) {
include ROOT . PAGES_FOLDER . "abouts/{$_REQUEST['abt']}.html";
} elseif (file_exists(ROOT . PAGES_FOLDER . "abouts/{$_REQUEST['abt']}.htm")) {
include ROOT . PAGES_FOLDER . "abouts/{$_REQUEST['abt']}.htm";
} elseif (file_exists(ROOT . PAGES_FOLDER . "abouts/{$_REQUEST['abt']}.txt")) {
echo "<textarea style='width:99%;height:99%;border:0px;resize:none;' readonly>";
readfile(ROOT . PAGES_FOLDER . "abouts/{$_REQUEST['abt']}.txt");
echo "</textarea>";
} elseif (file_exists(ROOT . "{$_REQUEST['abt']}.txt")) {
echo "<textarea style='width:99%;height:99%;border:0px;resize:none;' readonly>";
readfile(ROOT . "{$_REQUEST['abt']}.txt");
echo "</textarea>";
} else {
printErr("DataNotFound", "About Page Not Found");
}
} else {
echo "Nothing Asked, Nothing Delivered :-)";
}
function countInDir($dir, $scanMode = "*", $checkFile = "")
{
$fs = scandir($dir);
unset($fs[0]);
unset($fs[1]);
$cnt = 0;
foreach ($fs as $a) {
if (strlen($checkFile) == 0) {
if ($scanMode == "*") {
$cnt++;
} elseif ($scanMode == "dir_only" && is_dir($dir . $a)) {
$dbhandle = database_connect();
$eventname = $_POST['eventname'];
$Quantity = $_POST['Quantity'];
$SQLString = "SELECT * FROM event WHERE Eventname = '{$eventname}'";
$result = mysqli_query($dbhandle, $SQLString);
$row = mysqli_fetch_assoc($result);
//echo "Remaining Tickets";
//echo $row['RemainingTickets'];
//$eventName = $_POST['eventname'];
if ($row['RemainingTickets'] < 1) {
printErr("No tickets available this time, please check back later.");
} else {
$RemainingTickets = (int) $row['RemainingTickets'];
$NRT = $RemainingTickets - $Quantity;
if ($NRT < 0) {
printErr("Number of Tickets booked exceeding number of remainding tickets!");
} else {
$SQLupdate = "UPDATE event SET RemainingTickets = '{$NRT}' WHERE Eventname = '{$eventname}'";
$result_update = mysqli_query($dbhandle, $SQLupdate);
$SoldTicket = (int) $row['SoldTickets'];
$NRT = $SoldTicket + $Quantity;
$SQLupdate = "UPDATE event SET SoldTickets = '{$NRT}' WHERE Eventname = '{$eventname}'";
$result_update = mysqli_query($dbhandle, $SQLupdate);
$eventID = $row['EventID'];
$ticketID = hash("md5", rand());
session_start();
$username = $_SESSION['loginuser'];
$SQLString = "INSERT INTO ticket (TicketID,EventID,Username,Quantity)\n\t\t\t\tVALUES( '{$ticketID}','{$eventID}', '{$username}', '{$Quantity}')";
mysqli_query($dbhandle, $SQLString);
}
}
function hasDuplicateEmail($username, $email)
{
printErr(2, $username, $email);
}
if (!empty($_POST['original_password']) && !empty($_POST['new_password']) && !empty($_POST['confirm_password'])) {
$original_password = $_POST['original_password'];
$new_password = $_POST['new_password'];
$confirm_password = $_POST['confirm_password'];
if ($original_password == $new_password) {
printErr('New password cannot be the same as old one');
}
if ($confirm_password != $new_password) {
printErr('Passwords do not match');
}
$hash = hash('md5', $original_password);
$SQLString = "SELECT * FROM account WHERE Username='******' AND Password='******'";
$result = mysqli_query($dbhandle, $SQLString);
$check = mysqli_num_rows($result);
if ($check < 1) {
printErr('Password is incorrect');
} else {
$hash = hash('md5', $new_password);
$SQLupdate = "UPDATE account SET Password = '******' WHERE Username = '******'";
$result = mysqli_query($dbhandle, $SQLupdate);
}
}
}
}
header("Location: success.php");
die;
/*print error*/
function printErr($_err)
{
echo '<html>
<head>
\tSELECT * FROM site_categories WHERE our_category_id = ?
SQL
);
define("CMD_SEL_MOVED_ITEMS", <<<SQL
\tSELECT * FROM items WHERE our_category_id = ?
\t\tORDER BY status DESC, mdate DESC
SQL
);
$a = new Auth("DB", CONN_DSN);
$a->start();
if (!$a->checkAuth()) {
exit;
}
$db =& DB::connect(CONN_DSN);
if (PEAR::isError($db)) {
printErr($db);
exit;
}
unset($_SESSION["statusMsg"]);
header("Content-type: text/html; charset=windows-1251");
SimpleController::processActions();
function removeNodeWithChilds($parentId)
{
global $db;
// ”далить скопированые категории из site_categories
$data =& $db->getAll(CMD_SEL_MOVED_SITECATEGORIES_IDS, array($parentId), DB_FETCHMODE_OBJECT);
if (PEAR::isError($data)) {
printError($data);
exit;
}
foreach ($data as $row) {
function usage($cmd)
{
printErr("Usage: " . $cmd . " <FROM> <TO>");
}