private function create_n_populate_tables() { $sql = null; $result = null; // Create states table $sql = "CREATE TABLE states (STATE varchar(36), CODE varchar(2))"; $result = sql_result($sql); echo "\"states\" table is created...<br />"; // Populate states table $sql = "LOAD DATA\n LOCAL INFILE 'database/states.csv'\n INTO TABLE states\n FIELDS TERMINATED BY \",\" OPTIONALLY ENCLOSED BY '\"'\n LINES TERMINATED BY '\r\n'\n IGNORE 1 LINES"; $result = sql_result($sql); echo "\"states\" table is populated...<br />"; // Create country table $sql = "CREATE TABLE country (CODE varchar(3), NAME varchar(25))"; $result = sql_result($sql); echo "\"country\" table is created...<br />"; // Populate country table $sql = "LOAD DATA\n LOCAL INFILE 'database/country.csv'\n INTO TABLE country\n FIELDS TERMINATED BY \",\" OPTIONALLY ENCLOSED BY '\"'\n LINES TERMINATED BY '\r\n'\n IGNORE 1 LINES"; $result = sql_result($sql); echo "\"country\" table is populated...<br />"; // Create airports table $sql = "CREATE TABLE airports (CODE varchar(3), NAME varchar(32), CITY varchar(32), STATE varchar(2), COUNTRY varchar(2), X float, Y float)"; $result = sql_result($sql); echo "\"airports\" table is created...<br />"; // Populate airports table $sql = "LOAD DATA\n LOCAL INFILE 'database/airports.csv'\n INTO TABLE airports\n FIELDS TERMINATED BY \",\" OPTIONALLY ENCLOSED BY '\"'\n LINES TERMINATED BY '\r\n'\n IGNORE 1 LINES"; $result = sql_result($sql); echo "\"airports\" table is populated...<br /><br />"; }
function rr_delete() { global $rr_table_name, $auto_update_ptr, $rr_active_types, $allow_ixfr; /* Load the SOA for this zone */ $soa = sql_result(soa_select() . "WHERE id=" . (int) $_POST['zone'], "SOA record for zone {$_POST['zone']}"); /* Get form vars */ $rr = rr_post_vars($soa); if ($allow_ixfr) { sql_query("UPDATE {$rr_table_name} SET active='" . $rr_active_types[2] . "',serial=" . (int) next_serial($soa['serial']) . " WHERE id=" . (int) $rr['id']) or ErrSQL("Error marking record deleted " . (int) $rr['id'] . " from zone " . (int) $soa['id'] . "."); } else { /* Delete the resource record */ sql_query("DELETE FROM {$rr_table_name} WHERE id=" . (int) $rr['id']) or ErrSQL("Error deleting record " . (int) $rr['id'] . " from zone " . (int) $soa['id'] . "."); } /* Update serial number for zone if configured to do so */ soa_update_serial($soa); /* Do PTR record update if configured to do so */ if ($auto_update_ptr) { if ($rr['type'] == "A") { $arpazone = ptr_create_soa($rr['data'], $name); ptr_delete_rr($arpazone, $name, $rr['name'], $soa['origin']); } } zone_redirect($soa['id']); }
$name_check = 0; $prequery = sql_pre_query("SELECT * FROM \"" . $Settings['sqltable'] . "groups\" WHERE \"id\"=%i LIMIT 1", array($_POST['id'])); $preresult = sql_query($prequery, $SQLStat); $prenum = sql_num_rows($preresult); if ($prenum == 0) { redirect("location", $rbasedir . url_maker($exfile['admin'], $Settings['file_ext'], "act=view", $Settings['qstr'], $Settings['qsep'], $prexqstr['admin'], $exqstr['admin'], false)); sql_free_result($preresult); ob_clean(); header("Content-Type: text/plain; charset=" . $Settings['charset']); $urlstatus = 302; gzip_page($Settings['use_gzip'], $GZipEncode['Type']); session_write_close(); die; } if ($prenum >= 1) { $OldGroupName = sql_result($preresult, 0, "Name"); sql_free_result($preresult); if ($_POST['GroupName'] != $OldGroupName) { $sql_name_check = sql_query(sql_pre_query("SELECT \"Name\" FROM \"" . $Settings['sqltable'] . "groups\" WHERE \"Name\"='%s'", array($_POST['GroupName'])), $SQLStat); $name_check = sql_num_rows($sql_name_check); sql_free_result($sql_name_check); } $errorstr = ""; if (!isset($_POST['PromotePosts'])) { $_POST['PromotePosts'] = 0; } if ($_POST['PromotePosts'] == null || !is_numeric($_POST['PromotePosts'])) { $_POST['PromotePosts'] = 0; } if (!isset($_POST['PromoteKarma'])) { $_POST['PromoteKarma'] = 0;
} $bdresult = sql_query($bdquery, $SQLStat); $bdmembers = sql_num_rows($bdresult); $bdi = 0; if ($bdmembers > 0) { $bdstring = $bdmembers . " member(s) have a birthday today"; } if ($bdmembers <= 0) { $bdstring = "<div> </div> No members have a birthday today<div> </div>"; } while ($bdi < $bdmembers) { $bdmemberz = $bdmembers - 1; $birthday['ID'] = sql_result($bdresult, $bdi, "id"); $birthday['Name'] = sql_result($bdresult, $bdi, "Name"); $birthday['IP'] = sql_result($bdresult, $bdi, "IP"); $birthday['BirthYear'] = sql_result($bdresult, $bdi, "BirthYear"); $bdThisYear = GMTimeGet("Y", $_SESSION['UserTimeZone'], 0, $_SESSION['UserDST']); $birthday['Age'] = $bdThisYear - $birthday['BirthYear']; $bdMemTitle = null; if ($GroupInfo['HasAdminCP'] == "yes") { $bdMemTitle = " title=\"" . $birthday['IP'] . "\""; } if ($bdi === 0) { $bdstring = $bdstring . "\n<br /> "; } $bdMemURL = "<a" . $bdMemTitle . " href=\"" . url_maker($exfile['member'], $Settings['file_ext'], "act=view&id=" . $birthday['ID'], $Settings['qstr'], $Settings['qsep'], $prexqstr['member'], $exqstr['member']) . "\">" . $birthday['Name'] . "</a>"; if ($bdi < $bdmemberz) { $bdstring = $bdstring . $bdMemURL . " (<span style=\"font-weight: bold;\">" . $birthday['Age'] . "</span>), "; } if ($bdi == $bdmemberz) { $bdstring = $bdstring . $bdMemURL . " (<span style=\"font-weight: bold;\">" . $birthday['Age'] . "</span>)";
$NextDay++; } } $EventsID[$EventDay] = $EventID; ++$is; } sql_free_result($result); $bdquery = sql_pre_query("SELECT * FROM \"" . $Settings['sqltable'] . "members\" WHERE \"BirthMonth\"=%i", array($MyMonth)); $bdresult = sql_query($bdquery, $SQLStat); $bdnum = sql_num_rows($bdresult); $bdi = 0; while ($bdi < $bdnum) { $UserNamebd = sql_result($bdresult, $bdi, "Name"); $BirthDay = sql_result($bdresult, $bdi, "BirthDay"); $BirthMonth = sql_result($bdresult, $bdi, "BirthMonth"); $BirthYear = sql_result($bdresult, $bdi, "BirthYear"); $oldusername = $UserNamebd; $UserNamebd1 = pre_substr($UserNamebd, 0, 20); if (pre_strlen($UserNamebd) > 20) { $UserNamebd1 = $UserNamebd1 . "..."; } $UserNamebd = $UserNamebd1; if (!isset($EventsName[$BirthDay])) { $EventsName[$BirthDay] = null; } if ($EventsName[$BirthDay] != null) { $EventsName[$BirthDay] .= ", <span title=\"" . $oldusername . "'s birthday.\">" . $UserNamebd1 . "</span>"; } if ($EventsName[$BirthDay] == null) { $EventsName[$BirthDay] = "<span title=\"" . $oldusername . "'s birthday.\">" . $UserNamebd1 . "</span>"; }
if ($ForumType == "subforum") { $apcquery = sql_pre_query("SELECT * FROM \"" . $Settings['sqltable'] . "forums\" WHERE \"ShowForum\"='yes' AND \"InSubForum\"=%i" . $ForumIgnoreList2 . " ORDER BY \"OrderID\" ASC, \"id\" ASC", array($ForumID)); $apcresult = sql_query($apcquery, $SQLStat); $apcnum = sql_num_rows($apcresult); $apci = 0; $apcl = 1; if ($apcnum >= 1) { while ($apci < $apcnum) { $NumsTopics = sql_result($apcresult, $apci, "NumTopics"); $NumTopics = $NumsTopics + $NumTopics; $NumsPosts = sql_result($apcresult, $apci, "NumPosts"); $NumPosts = $NumsPosts + $NumPosts; $SubsForumID = sql_result($apcresult, $apci, "id"); $SubsForumName = sql_result($apcresult, $apci, "Name"); $SubsForumType = sql_result($apcresult, $apci, "ForumType"); $SubsForumShowTopics = sql_result($result, $i, "CanHaveTopics"); if (isset($PermissionInfo['CanViewForum'][$SubsForumID]) && $PermissionInfo['CanViewForum'][$SubsForumID] == "yes") { $ExStr = ""; if ($SubsForumType != "redirect" && $SubsForumShowTopics != "no") { $ExStr = "&page=1"; } $shownum = null; if ($SubsForumType == "redirect") { $shownum = "(" . $NumRedirects . " redirects)"; } if ($SubsForumType != "redirect") { $shownum = "(" . $NumsPosts . " posts)"; } $sfurl = "<a href=\""; $sfurl = url_maker($exfile[$SubsForumType], $Settings['file_ext'], "act=lowview&id=" . $SubsForumID . $ExStr, $Settings['qstr'], $Settings['qsep'], $prexqstr[$SubsForumType], $exqstr[$SubsForumType]); $sfurl = "<li><ul style=\"list-style-type: none;\"><li><a href=\"" . $sfurl . "\">" . $SubsForumName . "</a><span style=\"color: gray; font-size: 10px;\">" . $shownum . "</span></li></ul></li>";
$Per2Error = true; } $CatPermissionInfo['ID'][$PerCatID] = sql_result($per2esult, $per2i, "id"); if (!is_numeric($CatPermissionInfo['ID'][$PerCatID])) { $Per2Error = true; } $CatPermissionInfo['PermissionID'][$PerCatID] = sql_result($per2esult, $per2i, "PermissionID"); if (!is_numeric($CatPermissionInfo['PermissionID'][$PerCatID])) { $Per2Error = true; } $CatPermissionInfo['Name'][$PerCatID] = sql_result($per2esult, $per2i, "Name"); $CatPermissionInfo['CategoryID'][$PerCatID] = sql_result($per2esult, $per2i, "CategoryID"); if (!is_numeric($CatPermissionInfo['CategoryID'][$PerCatID])) { $Per2Error = true; } $CatPermissionInfo['CanViewCategory'][$PerCatID] = sql_result($per2esult, $per2i, "CanViewCategory"); if ($CatPermissionInfo['CanViewCategory'][$PerCatID] != "yes" && $CatPermissionInfo['CanViewCategory'][$PerCatID] != "no") { $Per2Error = true; } if ($CatPermissionInfo['CanViewCategory'][$PerCatID] == "no") { if (strlen($CatIgnoreList1) > 1) { $CatIgnoreList1 .= " AND \"id\"<>" . $PerCatID; } if (strlen($CatIgnoreList1) < 1) { $CatIgnoreList1 = " \"id\"<>" . $PerCatID; } if (strlen($CatIgnoreList2) > 1) { $CatIgnoreList2 .= " AND \"id\"<>" . $PerCatID; } if (strlen($CatIgnoreList2) < 1) { $CatIgnoreList2 = " AND \"id\"<>" . $PerCatID;
$themenum = count($themelist); $themei = 0; while ($themei < $themenum) { echo $themelist[$themei] . "\n"; ++$themei; } } } if ($Settings['SQLThemes'] == "on") { $sknquery = sql_pre_query("SELECT * FROM \"" . $Settings['sqltable'] . "themes\" ORDER BY \"id\" ASC, \"Name\" ASC", array(null)); $sknresult = sql_query($sknquery, $SQLStat); $sknum = sql_num_rows($sknresult); $skni = 0; while ($skni < $sknum) { $ThemeInfo['Name'] = sql_result($sknresult, $skni, "Name"); $ThemeInfo['ThemeName'] = sql_result($sknresult, $skni, "ThemeName"); if ($Settings['DefaultTheme'] == $ThemeInfo['Name']) { echo "<option selected=\"selected\" value=\"" . $ThemeInfo['Name'] . "\">" . $ThemeInfo['ThemeName'] . "</option>\n"; } if ($Settings['DefaultTheme'] != $ThemeInfo['Name']) { echo "<option value=\"" . $ThemeInfo['Name'] . "\">" . $ThemeInfo['ThemeName'] . "</option>\n"; } ++$skni; } } ?> </select></td> <?php if ($_GET['board'] == $Settings['root_board']) { ?> </tr><tr style="text-align: left;">
</tr> <tr class="TableMenuRow4"> <td class="TableMenuColumn4"> </td> </tr> </table> </div> <?php } if ($_POST['act'] == "editmember" && $_POST['update'] == "now" && $_GET['act'] == "editmember" && ($_POST['id'] != "0" || $_POST['id'] != "-1")) { $ggidquery = sql_pre_query("SELECT * FROM \"" . $Settings['sqltable'] . "groups\" WHERE \"Name\"='%s' LIMIT 1", array($Settings['GuestGroup'])); $ggidresult = sql_query($ggidquery, $SQLStat); $GuestGroupID = sql_result($ggidresult, 0, "id"); sql_free_result($ggidresult); $vgidquery = sql_pre_query("SELECT * FROM \"" . $Settings['sqltable'] . "groups\" WHERE \"Name\"='%s' LIMIT 1", array($Settings['ValidateGroup'])); $vgidresult = sql_query($vgidquery, $SQLStat); $ValidateGroupID = sql_result($vgidresult, 0, "id"); sql_free_result($vgidresult); $DMemName = GetUserName($_POST['id'], $Settings['sqltable']); $DMemName = $DMemName['Name']; $_POST['MemName'] = stripcslashes(htmlspecialchars($_POST['MemName'], ENT_QUOTES, $Settings['charset'])); //$_POST['MemName'] = preg_replace("/&#(x[a-f0-9]+|[0-9]+);/i", "&#$1;", $_POST['MemName']); $_POST['MemName'] = remove_spaces($_POST['MemName']); $_POST['MemEmail'] = remove_spaces($_POST['MemEmail']); $username_check = null; if ($_POST['MemName'] != $DMemName) { $tquery = sql_pre_query("UPDATE \"" . $Settings['sqltable'] . "topics\" SET \"GuestName\"='%s' WHERE \"UserID\"=%i", array($_POST['MemName'], $_POST['id'])); sql_query($tquery, $SQLStat); $r1query = sql_pre_query("UPDATE \"" . $Settings['sqltable'] . "posts\" SET \"GuestName\"='%s' WHERE \"UserID\"=%i", array($_POST['MemName'], $_POST['id'])); sql_query($r1query, $SQLStat); $r2query = sql_pre_query("UPDATE \"" . $Settings['sqltable'] . "posts\" SET \"EditUserName\"='%s' WHERE \"EditUser\"=%i", array($_POST['MemName'], $_POST['id'])); sql_query($r2query, $SQLStat);
if ($numlog2 == 1) { $YourIDAM = sql_result($resultlog2, 0, "id"); $YourNameAM = sql_result($resultlog2, 0, "Name"); $YourGroupAM = sql_result($resultlog2, 0, "GroupID"); $YourGroupIDAM = $YourGroupAM; $YourPassAM = sql_result($resultlog2, 0, "UserPassword"); $gquery = sql_pre_query("SELECT * FROM \"" . $Settings['sqltable'] . "groups\" WHERE \"id\"=%i LIMIT 1", array($YourGroupAM)); $gresult = sql_query($gquery, $SQLStat); $YourGroupAM = sql_result($gresult, 0, "Name"); sql_free_result($gresult); $BanError = null; $YourTimeZoneAM = sql_result($resultlog2, 0, "TimeZone"); $UseThemeAM = sql_result($resultlog2, 0, "UseTheme"); $YourDSTAM = sql_result($resultlog2, 0, "DST"); $YourLastPostTime = sql_result($resultlog2, 0, "LastPostTime"); $YourBanTime = sql_result($resultlog2, 0, "BanTime"); sql_free_result($resultlog2); $CGMTime = GMTimeStamp(); if ($YourBanTime != 0 && $YourBanTime != null) { if ($YourBanTime >= $CGMTime) { $BanError = "yes"; } if ($YourBanTime < 0) { $BanError = "yes"; } } $NewDay = GMTimeStamp(); $NewIP = $_SERVER['REMOTE_ADDR']; if ($BanError != "yes") { $queryup = sql_pre_query("UPDATE \"" . $Settings['sqltable'] . "members\" SET \"LastActive\"=%i,\"IP\"='%s' WHERE \"id\"=%i", array($NewDay, $NewIP, $YourIDAM)); $_SESSION['Theme'] = $UseThemeAM;
<td><b>Avg time</b></td> <td><b>Total time</b></td> <td><b>%</b></td> <td><b>W/M Requests</b></td> <td><b>W/M Avg time</b></td> <td><b>W/M Total time</b></td> <td><b>W/M %</b></td> </tr> <?php $prfResult = sql_query("SELECT SUM(`prfTime`) FROM `profiler`"); $totalTime = sql_result($prfResult); if ($totalTime == 0) { $totalTime = 1; } $prfResult = sql_query("SELECT SUM(`prfWMTime`) FROM `profiler`"); $totalTimeWM = sql_result($prfResult); if ($totalTimeWM == 0) { $totalTimeWM = 1; } $prfResult = sql_query("SELECT * FROM `profiler` ORDER BY `prfTime` DESC"); while ($prfData = sql_next($prfResult)) { if ($prfData["prfCount"] == 0) { $prfData["prfCount"] = 1; } if ($prfData["prfWMCount"] == 0) { $prfData["prfWMCount"] = 1; } if (strpos($prfData["prfPage"], "(bot)") !== false) { $prfData["prfPage"] = '<span class="error">' . $prfData["prfPage"] . '</span>'; } ?>
<div style="width: 100%; height: 160px; overflow: auto;"> <table style="width: 100%; text-align: center;"><?php $renee_query = sql_pre_query("SELECT * FROM \"" . $Settings['sqltable'] . "smileys\" WHERE \"Display\"='yes'", array(null)); $renee_result = sql_query($renee_query, $SQLStat); $renee_num = sql_num_rows($renee_result); $renee_s = 0; $SmileRow = 0; $SmileCRow = 0; while ($renee_s < $renee_num) { ++$SmileRow; $FileName = sql_result($renee_result, $renee_s, "FileName"); $SmileName = sql_result($renee_result, $renee_s, "SmileName"); $SmileText = sql_result($renee_result, $renee_s, "SmileText"); $SmileDirectory = sql_result($renee_result, $renee_s, "Directory"); $ShowSmile = sql_result($renee_result, $renee_s, "Display"); $ReplaceType = sql_result($renee_result, $renee_s, "ReplaceCI"); if ($SmileRow == 1) { ?> <tr> <?php } if ($SmileRow < 5) { ++$SmileCRow; ?> <td><img src="<?php echo $SmileDirectory . "" . $FileName; ?> " style="vertical-align: middle; border: 0px; cursor: pointer;" title="<?php echo $SmileName; ?> " alt="<?php
} if (!isset($SetupDir['setup'])) { $SetupDir['setup'] = "setup/"; } if (!isset($SetupDir['convert'])) { $SetupDir['convert'] = "setup/convert/"; } $query = sql_pre_query("ALTER DATABASE \"" . $_POST['DatabaseName'] . "\" DEFAULT CHARACTER SET " . $Settings['sql_charset'] . " COLLATE " . $Settings['sql_collate'] . ";", array(null)); sql_query($query, $SQLStat); if (isset($Settings['sql_storage_engine'])) { $result = sql_query(sql_pre_query("SHOW ENGINES;", array(null)), $SQLStat); $num = sql_num_rows($result); $i = 0; $SQLEngines = null; while ($i < $num) { $SQLEngines[$i] = sql_result($result, $i, "Engine"); ++$i; } if (!in_array($Settings['sql_storage_engine'], $SQLEngines)) { $Settings['sql_storage_engine'] = "MyISAM"; } } if (!isset($Settings['sql_storage_engine'])) { $Settings['sql_storage_engine'] = "MyISAM"; } // You can set this to MyISAM or Maria/Aria if ($Settings['sql_storage_engine'] == "CSV") { $SQLStorageEngine = "CSV"; } if ($Settings['sql_storage_engine'] == "Maria") { $SQLStorageEngine = "Maria";
function load_danhmuc_option() { $sql_load_cat = "select * from danh_muc ORDER BY cat_id"; $kq_load_cat = sql_result($sql_load_cat); //echo $sql_load_cat; while ($row = mysql_fetch_array($kq_load_cat, MYSQL_ASSOC)) { if ($row['cat_id_cha'] == 0) { echo "<option value='" . $row['cat_id'] . "'>" . $row['cat_name'] . "</option>"; } else { echo "<option style='background-color:yellow;' disabled value='" . $row['cat_id'] . "'>" . $row['cat_name'] . "</option>"; } } }
//$kt_kichhoat=get_value_2dk('xacnhan','Code',$ma_kh,'ID',$id_kh,'Status'); //echo $kt_kichhoat; if (isset($kt_validate) && $status == "NO") { if ($time_ex < $time_current) { $sql_update_status = "update xacnhan set Status='YES' where ID='{$id_kh}'"; $kq_update_status = sql_result($sql_update_status); echo "<br/>Kích hoạt thành công. Sẽ quay lại trang chủ trong 5 giây."; //Set Cookie $username = get_value_dk('thanhvien', 'ID', $id_kh, 'Username'); setcookie("name", $username, time() + 86400); echo "<meta http-equiv='refresh' content='5;url=index.php'>"; } else { echo "\t\t<br/>KÍCH HOẠT THẤT BẠI vì:<br/>\n\t\t\t- Link kích hoạt đã hết hạn. !<br/>"; echo "<br/>Sẽ quay lại trang chủ trong 5 giây."; $sql_delete_thanhvien = "delete from thanhvien where ID='{$id_kh}'"; $kq_delete_thanhvien = sql_result($sql_delete_thanhvien); echo "<meta http-equiv='refresh' content='5;url=index.php'>"; } } else { echo "\t\t<br/>KHÔNG THỂ XÁC NHẬN EMAIL NÀY VÌ:<br/>\n\t\t- Email này đã được kích hoạt!<br/>\n\t\t- Email và mã kích hoạt không trùng khớp!<br/>"; } } else { } ?> <?php include "right.php"; include "footer.php"; ?>
$RWholeWord = "no"; } if ($RWholeWord != "yes" || $RWholeWord != "no") { $RWholeWord = "no"; } $RestrictedEventName = sql_result($lonewolfrt, $lonewolfs, "RestrictedEventName"); if ($RestrictedEventName == "on") { $RestrictedEventName = "yes"; } if ($RestrictedEventName == "off") { $RestrictedEventName = "no"; } if ($RestrictedEventName != "yes" || $RestrictedEventName != "no") { $RestrictedEventName = "no"; } $RestrictedUserName = sql_result($lonewolfrt, $lonewolfs, "RestrictedUserName"); if ($RestrictedUserName == "on") { $RestrictedUserName = "******"; } if ($RestrictedUserName == "off") { $RestrictedUserName = "******"; } if ($RestrictedUserName != "yes" || $RestrictedUserName != "no") { $RestrictedUserName = "******"; } $RWord = preg_quote($RWord, "/"); if ($RCaseInsensitive != "yes" && $RWholeWord == "yes") { if ($RestrictedEventName == "yes") { $RMatches = preg_match("/\\b(" . $RWord . ")\\b/", $_POST['EventName']); if ($RMatches == true) { break 1;
function getContent($type) { $query = 'SELECT scontent FROM ' . sql_table('skin') . " WHERE sdesc={$this->id} and stype='" . sql_real_escape_string($type) . "'"; $res = sql_query($query); if (sql_num_rows($res) == 0) { return ''; } else { return sql_result($res, 0, 0); } }
$MyDescription = text2icons($MyDescription, $Settings['sqltable'], $SQLStat); $MyDescription = preg_replace("/\\<br\\>/", "<br />", nl2br($MyDescription)); $MyDescription = url2link($MyDescription); if (isset($GroupNamePrefix) && $GroupNamePrefix != null) { $UsersName = $GroupNamePrefix . $UsersName; } if (isset($GroupNameSuffix) && $GroupNameSuffix != null) { $UsersName = $UsersName . $GroupNameSuffix; } $TheTime = sql_result($result, $i, "TimeStamp"); $AtomTime = GMTimeChange("Y-m-d\\TH:i:s\\Z", $TheTime, 0); //$OldRSSTime=GMTimeChange("Y-m-d\TH:i:s+0:00",$TheTime,0); $OldRSSTime = $AtomTime; $TheTime = GMTimeChange("D, j M Y G:i:s \\G\\M\\T", $TheTime, 0); $TopicName = sql_result($result, $i, "TopicName"); $ForumDescription = sql_result($result, $i, "Description"); if (isset($PermissionInfo['CanViewForum'][$ForumID]) && $PermissionInfo['CanViewForum'][$ForumID] == "yes" && isset($CatPermissionInfo['CanViewCategory'][$CategoryID]) && $CatPermissionInfo['CanViewCategory'][$CategoryID] == "yes") { if ($_GET['feedtype'] == "atom") { $CDataDescription = "<![CDATA[\n" . $MyDescription . "\n]]>"; $Atom .= '<entry>' . "\n" . '<title>' . $TopicName . '</title>' . "\n" . '<summary>' . $CDataDescription . '</summary>' . "\n" . '<link rel="alternate" href="' . $BoardURL . url_maker($exfilerss['topic'], $Settings['file_ext'], "act=view&id=" . $TopicID . "&page=1", $Settings['qstr'], $Settings['qsep'], $prexqstrrss['topic'], $exqstrrss['topic']) . '" />' . "\n" . '<id>' . $BoardURL . url_maker($exfilerss['topic'], $Settings['file_ext'], "act=view&id=" . $TopicID . "&page=1", $Settings['qstr'], $Settings['qsep'], $prexqstrrss['topic'], $exqstrrss['topic']) . '</id>' . "\n" . '<author>' . "\n" . '<name>' . $UsersName . '</name>' . "\n" . '</author>' . "\n" . '<updated>' . $AtomTime . '</updated>' . "\n" . '</entry>' . "\n"; } if ($_GET['feedtype'] == "oldrss") { $CDataDescription = "<![CDATA[\n" . $MyDescription . "\n]]>"; $PreRSS .= ' <rdf:li rdf:resource="' . $BoardURL . url_maker($exfilerss['topic'], $Settings['file_ext'], "act=view&id=" . $TopicID . "&page=1", $Settings['qstr'], $Settings['qsep'], $prexqstrrss['topic'], $exqstrrss['topic']) . '" />' . "\n"; $RSS .= '<item rdf:about="' . $BoardURL . url_maker($exfilerss['topic'], $Settings['file_ext'], "act=view&id=" . $TopicID . "&page=1", $Settings['qstr'], $Settings['qsep'], $prexqstrrss['topic'], $exqstrrss['topic']) . '">' . "\n" . '<title>' . $TopicName . '</title>' . "\n" . '<description>' . $CDataDescription . '</description>' . "\n" . '<dc:publisher>' . $UsersName . '</dc:publisher>' . "\n" . '<dc:creator>' . $UsersName . '</dc:creator>' . "\n" . '<dc:date>' . $OldRSSTime . '</dc:date>' . "\n" . '</item>' . "\n"; } if ($_GET['feedtype'] == "rss") { $CDataDescription = "<![CDATA[\n" . $MyDescription . "\n]]>"; $RSS .= '<item>' . "\n" . '<pubDate>' . $TheTime . '</pubDate>' . "\n" . '<author>' . $UsersName . '</author>' . "\n" . '<title>' . $TopicName . '</title>' . "\n" . '<description>' . $CDataDescription . '</description>' . "\n" . '<link>' . $BoardURL . url_maker($exfilerss['topic'], $Settings['file_ext'], "act=view&id=" . $TopicID . "&page=1", $Settings['qstr'], $Settings['qsep'], $prexqstrrss['topic'], $exqstrrss['topic']) . '</link>' . "\n" . '<guid>' . $BoardURL . url_maker($exfilerss['topic'], $Settings['file_ext'], "act=view&id=" . $TopicID . "&page=1", $Settings['qstr'], $Settings['qsep'], $prexqstrrss['topic'], $exqstrrss['topic']) . '</guid>' . "\n" . '</item>' . "\n"; } }
echo "</td></tr>"; echo "<tr>"; echo "<td><p>Tựa đề: </p></td><td>" . $title_rv; echo "</td></tr>"; echo "<tr>"; // echo "<td><p>Nội dung tin: </p></td><td>".$content_rv."</td>"; echo "</tr>"; echo "<tr>"; echo "<td><p>Khoản giá: </p></td><td>" . $price_range_name; echo "</td></tr>"; echo "</table>"; echo "</div>"; ////////////////// $sql_insert_duyet = "insert into duyet_rv values('{$id_rv}','','{$date_rv}','pending')"; //echo $sql_insert_duyet; $kq_insert_duyet = sql_result($sql_insert_duyet); } else { echo "<br/>ĐĂNG TIN RAO VẶT THẤT BẠI!"; echo "<a href='dangtin_raovat.php'>Trở lại</a>"; } //IF KIEM TRA THUC THI SQL } //ẢNH OK THÌ THỰC THI ?> </span> </div> <?php } else { //CODE FORM NHAP THONG TIN RAO VAT ?>
redirect("refresh", $rbasedir . url_maker($exfile['admin'], $Settings['file_ext'], "act=view&menu=categories", $Settings['qstr'], $Settings['qsep'], $prexqstr['admin'], $exqstr['admin'], FALSE), "4"); $prequery = sql_pre_query("SELECT * FROM \"" . $Settings['sqltable'] . "catpermissions\" WHERE \"id\"=%i LIMIT 1", array($_POST['permid'])); $preresult = sql_query($prequery, $SQLStat); $prenum = sql_num_rows($preresult); if ($prenum == 0) { redirect("location", $rbasedir . url_maker($exfile['admin'], $Settings['file_ext'], "act=view", $Settings['qstr'], $Settings['qsep'], $prexqstr['admin'], $exqstr['admin'], false)); sql_free_result($preresult); ob_clean(); header("Content-Type: text/plain; charset=" . $Settings['charset']); $urlstatus = 302; gzip_page($Settings['use_gzip'], $GZipEncode['Type']); session_write_close(); die; } if ($prenum >= 1) { $PermissionName = sql_result($preresult, 0, "Name"); sql_free_result($preresult); } //$nextidnum = sql_get_next_id($Settings['sqltable'],"catpermissions",$SQLStat); $query = sql_pre_query("INSERT INTO \"" . $Settings['sqltable'] . "catpermissions\" (\"PermissionID\", \"Name\", \"CategoryID\", \"CanViewCategory\") VALUES\n" . "(%i, '%s', %i, '%s')", array($_POST['permid'], $PermissionName, $_POST['id'], $_POST['CanViewCategory'])); sql_query($query, $SQLStat); } } $doupdate = false; if (isset($_POST['id']) && $_POST['subact'] == "editnow") { $doupdate = true; } if (isset($_POST['id']) && isset($_POST['permid']) && $_POST['subact'] == "makenow") { $doupdate = true; } if ($_POST['act'] == "addcategory" && $_POST['update'] == "now" && $_GET['act'] == "addcategory") {
function getSkinContent($pageType, $skinID) { $skinID = intval($skinID); $pageType = addslashes($pageType); $query = 'SELECT scontent ' . 'FROM %s ' . 'WHERE sdesc = %d ' . 'AND stype = %d'; $query = sprintf($query, sql_table('skin'), $skinID, $pageType); $res = sql_query($query); if (sql_num_rows($res) == 0) { return ''; } else { return sql_result($res, 0, 0); } }
$TForumID = sql_result($result, $i, "ForumID"); $OldForumID = sql_result($result, $i, "OldForumID"); $UsersID = sql_result($result, $i, "UserID"); $GuestsName = sql_result($result, $i, "GuestName"); $TheTime = sql_result($result, $i, "TimeStamp"); $TheTime = GMTimeChange($_SESSION['iDBDateFormat'] . ", " . $_SESSION['iDBTimeFormat'], $TheTime, $_SESSION['UserTimeZone'], 0, $_SESSION['UserDST']); $NumReply = sql_result($result, $i, "NumReply"); $NumberPosts = $NumReply + 1; $prepagelist = null; if (!isset($Settings['max_posts'])) { $Settings['max_posts'] = 10; } $TopicName = sql_result($result, $i, "TopicName"); $TopicDescription = sql_result($result, $i, "Description"); $PinnedTopic = sql_result($result, $i, "Pinned"); $TopicStat = sql_result($result, $i, "Closed"); $PreTopic = null; if ($PinnedTopic > 2) { $PinnedTopic = 1; } if ($PinnedTopic < 0) { $PinnedTopic = 0; } if (!is_numeric($PinnedTopic)) { $PinnedTopic = 0; } if ($TopicStat > 3) { $TopicStat = 1; } if ($TopicStat < 0) { $TopicStat = 0;
/** * Returns true if member is an admin for the given blog * (returns false if not a team member) */ function isBlogAdmin($blogid) { $query = 'SELECT tadmin FROM ' . sql_table('team') . ' WHERE' . ' tblog=' . intval($blogid) . ' and tmember=' . $this->getID(); $res = sql_query($query); if (sql_num_rows($res) == 0) { return 0; } else { return sql_result($res, 0, 0) == 1; } }
} } } ++$lonewolfs; } sql_free_result($lonewolfrt); $requery = sql_pre_query("SELECT * FROM \"" . $Settings['sqltable'] . "members\" WHERE \"Name\"='%s'", array($_POST['SendMessageTo'])); $reresult = sql_query($requery, $SQLStat); $renum = sql_num_rows($reresult); $rei = 0; while ($rei < $renum) { $SendMessageToID = sql_result($reresult, $rei, "id"); $SendToGroupID = sql_result($reresult, $rei, "GroupID"); $gquery = sql_pre_query("SELECT * FROM \"" . $Settings['sqltable'] . "groups\" WHERE \"id\"=%i", array($SendToGroupID)); $gresult = sql_query($gquery, $SQLStat); $SendUserCanPM = sql_result($gresult, 0, "CanPM"); $SendUserCanPM = strtolower($SendUserCanPM); if ($SendUserCanPM != "yes" && $SendUserCanPM != "no") { $SendUserCanPM = "no"; } sql_free_result($gresult); ++$rei; } sql_free_result($reresult); if ($renum == 0) { $Error = "Yes"; ?> <tr> <td><span class="TableMessage"> <br />Cound not find users name.<br /> </span> </td>
$User1Name = sql_result($reresult, $rei, "Name"); $User1IP = sql_result($reresult, $rei, "IP"); if ($User1IP == $MyPostIP) { $ipshow = "one"; } $User1Email = sql_result($reresult, $rei, "Email"); $User1Title = sql_result($reresult, $rei, "Title"); $User1Joined = sql_result($reresult, $rei, "Joined"); $User1Joined = GMTimeChange($_SESSION['iDBDateFormat'], $User1Joined, $_SESSION['UserTimeZone'], 0, $_SESSION['UserDST']); $User1Hidden = sql_result($reresult, $rei, "HiddenMember"); $User1GroupID = sql_result($reresult, $rei, "GroupID"); $gquery = sql_pre_query("SELECT * FROM \"" . $Settings['sqltable'] . "groups\" WHERE \"id\"=%i LIMIT 1", array($User1GroupID)); $gresult = sql_query($gquery, $SQLStat); $User1Group = sql_result($gresult, 0, "Name"); $GroupNamePrefix = sql_result($gresult, 0, "NamePrefix"); $GroupNameSuffix = sql_result($gresult, 0, "NameSuffix"); sql_free_result($gresult); } if ($User1CanUseBBags1 == "yes") { $MyPost = bbcode_parser($MyPost); } if ($User1CanExecPHP == "no") { $MyPost = preg_replace("/\\[ExecPHP\\](.*?)\\[\\/ExecPHP\\]/is", "<span style=\"color: red; font-weight: bold;\">ERROR:</span> cannot execute php code.", $MyPost); } if ($User1CanExecPHP == "yes") { $MyPost = php_execute($MyPost); } if ($User1CanDoHTML1 == "no") { $MyPost = preg_replace("/\\[DoHTML\\](.*?)\\[\\/DoHTML\\]/is", "<span style=\"color: red; font-weight: bold;\">ERROR:</span> cannot execute html.", $MyPost); } if ($User1CanDoHTML1 == "yes") {
$telephone = $_POST['dk_tel']; $address = $_POST['dk_address']; $join = date("Y-m-d"); if (isset($_POST['dk_username'])) { $sql_insert_thanhvien = "Insert into thanhvien (ID, Ten, Username, Password, Email, Sex, Telephone, Address, Join_date) values('{$id}', '{$ten}','{$username}','{$pw}','{$email}','{$sex}','{$telephone}','{$address}','{$join}')"; //echo $sql_insert_thanhvien; $kq_insert_thanhvien = sql_result($sql_insert_thanhvien); // if ($kq_insert_thanhvien) { echo "<div style='margin-left:50px;margin-top:30px;text-align:center;float:left;'>"; echo "Một email có chứa liên kết xác nhận đã được gửi đến email: <b>{$email}</b>,\n\t\t\t\t<br>Bạn vui lòng truy cập hộp thư để hoàn tất thủ tục đăng ký trở thành thành viên của CẦN THƠ NEW"; echo "</div>"; // $validate_code = tao_ma_validate(); $ex_time = strtotime($join . "+1 day"); $sql_insert_validate = "Insert into xacnhan (ID,Code,Ex_time,Status) values ('{$id}','{$validate_code}','{$ex_time}','NO')"; //echo $sql_insert_validate; $kq_insert_validate = sql_result($sql_insert_validate); gui_mail_validate($email, $validate_code); } else { echo "THẤT BẠI!"; } } ?> <?php include "right.php"; include "footer.php"; ?>
</tr> </table> </div> <?php sql_free_result($result); } if ($_POST['update'] == "now") { if ($_POST['act'] == "userinfo" && $_SESSION['UserGroup'] != $Settings['GuestGroup']) { $query = sql_pre_query("SELECT * FROM \"" . $Settings['sqltable'] . "members\" WHERE \"id\"=%i LIMIT 1", array($_SESSION['UserID'])); $result = sql_query($query, $SQLStat); $num = sql_num_rows($result); $i = 0; $OldPassword = sql_result($result, $i, "UserPassword"); $OldHashType = sql_result($result, $i, "HashType"); $OldJoined = sql_result($result, $i, "Joined"); $OldSalt = sql_result($result, $i, "Salt"); $UpdateHash = false; if ($OldHashType == "ODFH") { $YourPassword = PassHash2x($_POST['OldPass']); } if ($OldHashType == "IPB2") { $YourPassword = hash2xkey($_POST['OldPass'], $OldSalt); } if ($OldHashType == "DF4H") { $YourPassword = b64e_hmac($_POST['OldPass'], $OldJoined, $OldSalt, "sha1"); } if ($OldHashType == "iDBH2") { $YourPassword = b64e_hmac($_POST['OldPass'], $OldJoined, $OldSalt, "md2"); } if ($OldHashType == "iDBH4") { $YourPassword = b64e_hmac($_POST['OldPass'], $OldJoined, $OldSalt, "md4");
if ($_SESSION['UserGroup'] == $Settings['GuestGroup']) { $User1Name = $_POST['GuestName']; } $User1Email = sql_result($reresult, $rei, "Email"); $User1Title = sql_result($reresult, $rei, "Title"); $User1GroupID = sql_result($reresult, $rei, "GroupID"); $PostCount = sql_result($reresult, $rei, "PostCount"); if ($PostCountAdd == "on") { $NewPostCount = $PostCount + 1; } if (!isset($NewPostCount)) { $NewPostCount = $PostCount; } $gquery = sql_pre_query("SELECT * FROM \"" . $Settings['sqltable'] . "groups\" WHERE \"id\"=%i LIMIT 1", array($User1GroupID)); $gresult = sql_query($gquery, $SQLStat); $User1Group = sql_result($gresult, 0, "Name"); sql_free_result($gresult); $User1IP = $_SERVER['REMOTE_ADDR']; ++$rei; } sql_free_result($reresult); $query = sql_pre_query("INSERT INTO \"" . $Settings['sqltable'] . "topics\" (\"PollID\", \"ForumID\", \"CategoryID\", \"OldForumID\", \"OldCategoryID\", \"UserID\", \"GuestName\", \"TimeStamp\", \"LastUpdate\", \"TopicName\", \"Description\", \"NumReply\", \"NumViews\", \"Pinned\", \"Closed\") VALUES\n" . "(0, %i, %i, %i, %i, %i, '%s', %i, %i, '%s', '%s', 0, 0, 0, 0)", array($ForumID, $ForumCatID, $ForumID, $ForumCatID, $User1ID, $User1Name, $LastActive, $LastActive, $_POST['TopicName'], $_POST['TopicDesc'])); sql_query($query, $SQLStat); $topicid = sql_get_next_id($Settings['sqltable'], "topics", $SQLStat); $query = sql_pre_query("INSERT INTO \"" . $Settings['sqltable'] . "posts\" (\"TopicID\", \"ForumID\", \"CategoryID\", \"UserID\", \"GuestName\", \"TimeStamp\", \"LastUpdate\", \"EditUser\", \"EditUserName\", \"Post\", \"Description\", \"IP\", \"EditIP\") VALUES\n" . "(" . $topicid . ", %i, %i, %i, '%s', %i, %i, 0, '', '%s', '%s', '%s', '0')", array($ForumID, $ForumCatID, $User1ID, $User1Name, $LastActive, $LastActive, $_POST['TopicPost'], $_POST['TopicDesc'], $User1IP)); sql_query($query, $SQLStat); $postid = sql_get_next_id($Settings['sqltable'], "posts", $SQLStat); $_SESSION['LastPostTime'] = GMTimeStamp() + $GroupInfo['FloodControl']; if ($User1ID != 0 && $User1ID != -1) { $queryupd = sql_pre_query("UPDATE \"" . $Settings['sqltable'] . "members\" SET \"LastActive\"=%i,\"IP\"='%s',\"PostCount\"=%i,\"LastPostTime\"=%i WHERE \"id\"=%i", array($LastActive, $User1IP, $NewPostCount, $_SESSION['LastPostTime'], $User1ID)); sql_query($queryupd, $SQLStat);
if ($UsersName == "Guest") { $UsersName = $GuestsName; if ($UsersName == null) { $UsersName = "Guest"; } } if ($PermissionInfo['CanViewForum'][$ForumID] == "yes" && $CatPermissionInfo['CanViewCategory'][$CategoryID] == "yes" && $TopicStat >= 0 && $TopicStat < 3 || $PermissionInfo['CanViewForum'][$ForumID] == "yes" && $CatPermissionInfo['CanViewCategory'][$CategoryID] == "yes" && $PermissionInfo['CanModForum'][$ForumID] == "yes" && $TopicStat == 3) { $LastReply = " <br /> "; $glrquery = sql_pre_query("SELECT * FROM \"" . $Settings['sqltable'] . "posts\" WHERE \"TopicID\"=%i ORDER BY \"TimeStamp\" DESC LIMIT 1", array($TopicID)); $glrresult = sql_query($glrquery, $SQLStat); $glrnum = sql_num_rows($glrresult); if ($glrnum > 0) { $ReplyID1 = sql_result($glrresult, 0, "id"); $UsersID1 = sql_result($glrresult, 0, "UserID"); $GuestsName1 = sql_result($glrresult, 0, "GuestName"); $TimeStamp1 = sql_result($glrresult, 0, "TimeStamp"); $TimeStamp1 = GMTimeChange($_SESSION['iDBDateFormat'] . ", " . $_SESSION['iDBTimeFormat'], $TimeStamp1, $_SESSION['UserTimeZone'], 0, $_SESSION['UserDST']); $PreUsersName1 = GetUserName($UsersID1, $Settings['sqltable'], $SQLStat); if ($PreUsersName1['Name'] === null) { $UsersID1 = -1; $PreUsersName1 = GetUserName($UsersID1, $Settings['sqltable'], $SQLStat); } $UsersName1 = $PreUsersName1['Name']; $UsersHidden1 = $PreUsersName1['Hidden']; } $NumPages = null; $NumRPosts = $NumReply + 1; if (!isset($Settings['max_posts'])) { $Settings['max_posts'] = 10; } if ($NumRPosts > $Settings['max_posts']) {
} $gltnum = count($gltf); $glti = 0; $OldUpdateTime = 0; $UseThisFonum = null; if ($ForumType == "subforum") { while ($glti < $gltnum) { $ExtraIgnores = null; if ($PermissionInfo['CanModForum'][$gltf[$glti]] == "no") { $ExtraIgnores = " AND \"Closed\"<>3"; } $gltfoquery = sql_pre_query("SELECT * FROM \"" . $Settings['sqltable'] . "topics\" WHERE \"ForumID\"=%i" . $ExtraIgnores . " ORDER BY \"LastUpdate\" DESC LIMIT 1", array($gltf[$glti])); $gltforesult = sql_query($gltfoquery, $SQLStat); $gltfonum = sql_num_rows($gltforesult); if ($gltfonum > 0) { $NewUpdateTime = sql_result($gltforesult, 0, "LastUpdate"); if ($NewUpdateTime > $OldUpdateTime) { $UseThisFonum = $gltf[$glti]; $OldUpdateTime = $NewUpdateTime; } } sql_free_result($gltforesult); ++$glti; } } $shownum = null; if ($ForumType == "redirect") { $shownum = "(" . $NumRedirects . " redirects)"; } if ($ForumType != "redirect") { $shownum = "(" . $NumPosts . " posts)";