function display_surveys($su_id = null, $skin_dir = 'basic') { global $g5, $member, $is_admin; $su_id = clean_xss_tags($su_id); if (preg_match('#^theme/(.+)$#', $skin_dir, $match)) { if (G5_IS_MOBILE) { $surveys_skin_path = G5_THEME_MOBILE_PATH . '/' . G5_SKIN_DIR . '/surveys/' . $match[1]; if (!is_dir($surveys_skin_path)) { $surveys_skin_path = G5_THEME_PATH . '/' . G5_SKIN_DIR . '/surveys/' . $match[1]; } $surveys_skin_url = str_replace(G5_PATH, G5_URL, $surveys_skin_path); } else { $surveys_skin_path = G5_THEME_PATH . '/' . G5_SKIN_DIR . '/surveys/' . $match[1]; $surveys_skin_url = str_replace(G5_PATH, G5_URL, $surveys_skin_path); } $skin_dir = $match[1]; } else { if (G5_IS_MOBILE) { $surveys_skin_path = G5_MOBILE_PATH . '/' . G5_SKIN_DIR . '/surveys/' . $skin_dir; $surveys_skin_url = G5_MOBILE_URL . '/' . G5_SKIN_DIR . '/surveys/' . $skin_dir; } else { $surveys_skin_path = G5_SKIN_PATH . '/surveys/' . $skin_dir; $surveys_skin_url = G5_SKIN_URL . '/surveys/' . $skin_dir; } } $conditions = array(" su_removed = 0 "); if (!is_null($su_id)) { $conditions[] = whereClause('su_id', $su_id); } else { if (!$is_admin) { // 관리자는 기간설정이 없음 $conditions[] = 'su_begin_time <= "' . date('Y-m-d H:i:s') . '"'; $conditions[] = 'su_end_time >= "' . date('Y-m-d H:i:s') . '"'; } } $condition = count($conditions) ? ' where ' . implode(' and ', $conditions) : ''; $sql = "select * from {$g5['surveys_m_table']} " . $condition . ' order by su_id desc'; $surveys = sql_fetch($sql); // 회원레벨설정 $surveys_level = explode(',', $surveys['su_level']); if ($surveys != false && !in_array($member['mb_level'], $surveys_level)) { $message = '설문조사 권한이 없습니다.'; } if ($surveys['su_multiple'] == 'Y') { if ($member) { $sql = "select suq_id from {$g5['surveys_r_table']} where su_id = '{$surveys['su_id']}' and mb_id = '{$member['mb_id']}' group by mb_id "; } else { $sql = "select suq_id from {$g5['surveys_r_table']} where su_id = '{$surveys['su_id']}' and sur_ip = '{$_SERVER['REMOTE_ADDR']}' group by sur_ip "; } $has_result = sql_fetch($sql); if ($has_result['suq_id']) { $message = '이미 설문조사에 참여하셨습니다. 현재 설문조사는 한번만 참여가 가능합니다.'; } } if ($surveys) { $categories = array(); $sql = "select * from {$g5['surveys_c_table']} where su_id = '{$surveys['su_id']}'"; $result = sql_query($sql); while ($row = sql_fetch_array($result)) { $categories[$row['suc_id']] = $row; } $group_surveys_items = array(); $rows = array(); $sql = "select * from {$g5['surveys_q_table']} q left join {$g5['surveys_c_table']} c on q.suq_category = c.suc_id where q.su_id = '{$surveys['su_id']}' order by suq_sort asc "; $result = sql_query($sql); while ($row = sql_fetch_array($result)) { $rows[] = $row; $group_surveys_items[$row['suc_id']][] = $row; } } ob_start(); include_once $surveys_skin_path . '/surveys.skin.php'; $content = ob_get_contents(); ob_end_clean(); return $content; }
function generateQuery($data, $tableName, $dateColumns = null, $conditions = null) { $query = null; if (!is_null($dateColumns)) { $dateColumns = is_array($dateColumns) ? $dateColumns : array($dateColumns); $dateTypes = array('datetime' => 'NOW()', 'date' => 'CURDATE()', 'time' => 'CURTIME()', 'timestamp' => 'UNIX_TIMESTAMP()'); } if (is_null($conditions)) { $queryFormat = 'INSERT INTO `%s` ( %s ) VALUES ( %s )'; $dataFixed = array(); foreach ($data as $column => $value) { if (is_null($value)) { continue; } if (substr($column, 0, 1) == '#') { $dataFixed['`' . substr($column, 1) . '`'] = $value; } else { if (substr($column, 0, 1) == '!') { $dataFixed['`' . substr($column, 1) . '`'] = 'PASSWORD( "' . $value . '" )'; } else { if ($value === 0) { $dataFixed['`' . $column . '`'] = $value; } else { $dataFixed['`' . $column . '`'] = '"' . escapeStringForQuery($value) . '"'; } } } } if (!is_null($dateColumns)) { $columnsToAppend = array(); $valuesToAppend = array(); foreach ($dateColumns as $columnType => $columnName) { $dateType = strtolower($columnType); $dateValue = isset($dateTypes[$dateType]) ? $dateTypes[$dateType] : 'NOW()'; if (is_string($columnName)) { $dataFixed['`' . $columnName . '`'] = $dateValue; } else { foreach ($columnName as $childrenName) { $dataFixed['`' . $childrenName . '`'] = $dateValue; } } } } $columns = implode(', ', array_keys($dataFixed)); $values = implode(', ', array_values($dataFixed)); $query = sprintf($queryFormat, $tableName, $columns, $values); } else { $queryFormat = 'UPDATE `%s` SET %s WHERE %s'; $values = array(); foreach ($data as $column => $value) { /* if ( is_null( $value ) ) { continue; } */ if (substr($column, 0, 1) == '#') { $values[] = whereClauseWithFunction(substr($column, 1), $value); } else { if (substr($column, 0, 1) == '!') { $values[] = whereClauseWithFunction(substr($column, 1), 'PASSWORD( "' . $value . '" )'); } else { if (is_null($value) || $value === 0) { $values[] = ' `' . $column . '` = "' . $value . '"'; } else { $values[] = whereClause($column, $value); } } } } if (!is_null($dateColumns)) { $columnsToAppend = array(); $valuesToAppend = array(); foreach ($dateColumns as $columnType => $columnName) { $dateType = strtolower($columnType); $dateValue = isset($dateTypes[$dateType]) ? $dateTypes[$dateType] : 'NOW()'; if (is_string($columnName)) { $values[] = whereClauseWithFunction($columnName, $dateValue); } else { foreach ($columnName as $childrenName) { $values[] = whereClauseWithFunction($childrenName, $dateValue); } } } } $where = array(); if (is_array($conditions)) { foreach ($conditions as $column => $value) { $where[] = whereClause($column, $value); } $where = implode(' AND ', $where); } else { $where = $conditions; } $values = implode(', ', $values); $query = sprintf($queryFormat, $tableName, $values, $where); } return $query; }
$rgOutput = ""; if (!$rgQueryID) { echo "Invalid Report ID\n"; exit; } else { $getQuery = "SELECT tTitle, nType, tQuery, tGroupBy, tOrderBy, tLimit FROM tblQueries WHERE qID = {$rgQueryID}"; $result = mysql_query($getQuery) or die("Invalid Query: " . mysql_error()); $row = mysql_fetch_array($result); $title = $row['tTitle']; $type = $row['nType']; // Type of query - Fact/Aggregate - D/W/M $query = $row['tQuery']; $groupby = $row['tGroupBy']; $orderby = $row['tOrderBy']; $limitto = $row['tLimit']; $USR_WHERE_CLAUSE = whereClause($query, $type, $selAction, $selHost, $selVolume, $selUser, $selPrinter); // Get File or Folder IDS for match files $fids = getFileIDs($selWildFile, $selFile); $FILE_CLAUSE = getFileIDClause($query, $type, $fids); $CUSTOM_REPORT = 0; if ($USR_WHERE_CLAUSE != '') { $CUSTOM_REPORT = 1; } $GROUPBY_CLAUSE = $groupby; $ORDER_CUSTOM = " ORDER BY 1 ASC "; // Column 1 is assumed as Date $ORDERBY_CLAUSE = $orderby; if ($ORDERBY_CLAUSE == "") { $ORDERBY_CLAUSE = $ORDER_CUSTOM; } $LIMIT_CUSTOM = limitResults();