public function run() { $tpl = new template(); if (isset($_POST['save'])) { if (isset($_POST['title']) && isset($_POST['submoduleAlias'])) { $this->addWidget($_POST['submoduleAlias'], $_POST['title']); $tpl->setNotification('SAVE_SUCCESS', 'success'); } else { $tpl->setNotification('MISSING_FIELDS', 'error'); } } $setting = new setting(); $tpl->assign('submodules', $setting->getAllSubmodules()); $tpl->display('dashboard.addWidget'); }
public static function getInstance() { if (is_null(self::$instance)) { self::$instance = new setting(); } return self::$instance; }
function editform_action() { chkpw('defined_form_edit'); $this->view->table=front::get('table'); if(front::post('submit') &&$this->check_mytable()) { $post=front::$post; if(!preg_match('/^(myform)\/(\w)+\.html$/i', $post['template'])){ exit('非法参数'); } unset($post['submit']); setting::$_var[front::post('name')]['myform']=$post; setting::save(); front::flash('修改成功!'); front::redirect(url::modify('act/listform',true)); } }
function Sidebar_Show($parameters) { global $configVal; requireComponent('Textcube.Function.Setting'); $datas = setting::fetchConfigVal($configVal); $cityname = $datas['city1']; $weather = 'http://www.google.co.kr/ig/api?&weather=' . $cityname . '&hl=ko&oe=utf-8'; $img = "http://www.google.co.kr"; $xml = simplexml_load_file($weather)->weather->forecast_information; $xml1 = simplexml_load_file($weather)->weather->current_conditions; $xml2 = simplexml_load_file($weather)->weather->forecast_conditions; $city = $xml->city; $date = $xml->forecast_date; $condition = $xml1->condition; $temp_min = $xml2->low; $temp_max = $xml2->high; $humidity = $xml1->humidity; $imgdata = $xml1->icon; $wind = $xml1->wind_condition; //인터페이스 부분// $code = "<br>"; $code .= "<b>지역명 : </b>"; $code .= $cityname; $code .= "<br>"; $code .= "<b>날짜</b> : "; $code .= $date[data]; $code .= "<br><br><center>"; $code .= "<b>기상상태</b>"; $code .= "<br>"; $code .= "<img src=" . $img . $imgdata[data] . ">"; $code .= "<br>"; $code .= $condition[data]; $code .= "</center><br>"; $code .= "<b>최저 ~ 최고온도</b> : "; $code .= $temp_min[data] . "℃ ~ "; $code .= $temp_max[data] . "℃"; $code .= "<br>"; $code .= $humidity[data]; $code .= "<br>"; $code .= $wind[data]; return $code; }
<?php require_once '../config/dbc.php'; require_once '../class/systemSetting.php'; $system = new setting(); if (array_key_exists("logSystem", $_POST)) { if (isset($_POST['userName']) && !empty($_POST['userName']) && isset($_POST['password']) && !empty($_POST['password'])) { $user = $_POST['userName']; $pass = $_POST['password']; $userQuery = "SELECT\nin_usr.usrID,\nin_usr.usrName,\nin_usr.usrPwd,\nin_usr.usrStatus,\nin_usr.usrLevel,\nin_usr.userBranchID\nFROM\nin_usr\nWHERE\n(in_usr.usrStatus = '1') AND\nin_usr.usrName = '{$user}' LIMIT 1"; $userAvailability = $system->getCountByQuery($userQuery); if ($userAvailability > 0) { $userDetails = $system->prepareSelectQuery($userQuery); $encriptedPass = sha1('MDCC' . $pass . 'badboyes'); foreach ($userDetails as $ud) { if ($ud['usrPwd'] == $encriptedPass) { //Set Cookie if select remember btn session_start(); $_SESSION['user_id'] = $ud['usrID']; $_SESSION['user_name'] = $ud['usrName']; $_SESSION['user_level'] = $ud['usrLevel']; $_SESSION['usrStatus'] = $ud['usrStatus']; $_SESSION['branch'] = $ud['userBranchID']; $_SESSION['HTTP_USER_AGENT'] = md5($_SERVER['HTTP_USER_AGENT']); if (isset($_POST['remember']) && $_POST['remember'] == 'r') { setcookie("user_id", $_SESSION['user_id'], time() + 60 * 60 * 24 * COOKIE_TIME_OUT, "/"); setcookie("user_name", $_SESSION['user_name'], time() + 60 * 60 * 24 * COOKIE_TIME_OUT, "/"); } echo json_encode(array(array("msgType" => 0, "msg" => "Successfully Logged to the System"))); } else { echo json_encode(array(array("msgType" => 1, "msg" => "Password was incorrect.Please Check your Password")));
<?php require_once '../config/dbc.php'; require_once '../class/database.php'; require_once '../class/systemSetting.php'; $dbClass = new database(); $system = new setting(); if (array_key_exists("comboBox", $_POST)) { if ($_POST['comboBox'] == 'makers') { $system->prepareSelectQueryForJSON("SELECT\n maker.maker_id,\n maker.maker_name\n FROM maker\n WHERE maker.maker_status = '1'"); } else { if ($_POST['comboBox'] == 'coordinator_category') { $system->prepareSelectQueryForJSON("SELECT\n syscode.`code`,\n syscode.description\n FROM\n syscode\n WHERE\n syscode.type = '11'"); } else { if ($_POST['comboBox'] == 'transmission_types') { $system->prepareSelectQueryForJSON("SELECT\n syscode.`code`,\n syscode.description\n FROM\n syscode\n WHERE\n syscode.type = '10'"); } else { if ($_POST['comboBox'] == 'fuel_types') { $system->prepareSelectQueryForJSON("SELECT\n syscode.`code`,\n syscode.description\n FROM\n syscode\n WHERE\n syscode.type = '9'"); } else { if ($_POST['comboBox'] == 'currency_types') { $system->prepareSelectQueryForJSON("SELECT\n syscode.`code`,\n syscode.description\n FROM\n syscode\n WHERE\n syscode.type = '6'"); } else { if ($_POST['comboBox'] == 'drive_types') { $system->prepareSelectQueryForJSON("SELECT\n syscode.`code`,\n syscode.description\n FROM\n syscode\n WHERE\n syscode.type = '8'"); } else { if ($_POST['comboBox'] == 'syscode_types') { $system->prepareSelectQueryForJSON("SELECT\n syscode.`code`,\n syscode.description,\n syscode.remarks\n FROM\n syscode\n WHERE\n syscode.type = '{$_POST['sys_type']}'"); } else { if ($_POST['comboBox'] == 'vahicle_code_combo') { $system->prepareSelectQueryForJSON("SELECT\nvehicle.vh_id,\nvehicle.vh_code\nFROM\nvehicle\nWHERE\nvehicle.record_status = '1' AND\nvehicle.stock_status = '1'");
<?php require_once '../config/defineVaribles.php'; require_once '../config/dbc.php'; require_once '../class/database.php'; require_once '../class/systemSetting.php'; $dbClass = new database(); $system = new setting(); if (array_key_exists("proccess", $_POST)) { if ($_POST['proccess'] == 'logout') { session_start(); echo $dbClass->logout(); } } if (array_key_exists("logSystem", $_POST)) { //3 = no user exist,2 = no username password,1 = sucesss and redirec if (isset($_POST['userName']) && !empty($_POST['userName']) && isset($_POST['password']) && !empty($_POST['password'])) { $user = $dbClass->filterData($_POST['userName']); $pass = $dbClass->filterData($_POST['password']); $userQuery = "SELECT\nat_system_users.id,\nat_system_users.user_name,\nat_system_users.pwd,\nat_system_users.approved,\nat_system_users.user_level\nFROM\nat_system_users\nWHERE\nat_system_users.approved = '1' AND\nat_system_users.user_name = '{$user}' LIMIT 1"; $userAvailability = $system->getCountByQuery($userQuery); if ($userAvailability > 0) { $userDetails = $system->prepareSelectQuery($userQuery); foreach ($userDetails as $ud) { if ($ud['pwd'] == $dbClass->PasswordHash($pass, substr($ud['pwd'], 0, 9))) { //Set Cookie if select remember btn session_start(); $_SESSION['user_id'] = $ud['id']; $_SESSION['user_name'] = $ud['user_name']; $_SESSION['user_level'] = $ud['user_level']; $_SESSION['HTTP_USER_AGENT'] = md5($_SERVER['HTTP_USER_AGENT']);
public static function getInstance() { if (self::$instance === null) { self::$instance=new setting(); } return self::instance; }
/** * executeAction - includes the class in includes/modules by the Request * * @access private * @param $completeName * @return string|object */ private function executeAction($completeName) { //actionname.filename //actionName is foldername $actionName = self::getActionName($completeName); //moduleName is filename $moduleName = self::getModuleName($completeName); $defaultModules = array('general/class.main.php', 'general/class.loginInfo.php', 'general/class.header.php', 'general/class.footer.php', 'general/class.ajaxRequest.php', 'general/class.logout.php' . 'general/class.headMenu.php'); $setting = new setting(); if (isset($_SESSION['userdata']['role']) !== false) { $availableUserModules = $setting->getAvailableModules($_SESSION['userdata']['role']); $availableModules = array_merge($availableUserModules, $defaultModules); } else { $availableModules = $defaultModules; } $settings = new settings(); if (is_dir('./includes/modules/' . $moduleName) === false) { throw new Exception('No access'); } elseif (in_array('' . $moduleName . '/class.' . $actionName . '.php', $availableModules) === false && (isset($_SESSION['userdata']) === false || $_SESSION['userdata']['id'] != 'x') && $actionName != '') { $tpl = new template(); $tpl->display('general.error'); throw new Exception('No Access'); } elseif (is_file('./includes/modules/' . $moduleName . '/actions/class.' . $actionName . '.php') === false) { $tpl = new template(); $tpl->display('general.error'); throw new Exception('No Access'); } else { // Else is not necessary - throw stops execution - but for the look... require_once './includes/modules/' . $moduleName . '/actions/class.' . $actionName . '.php'; //Initialize Action $action = new $actionName(); if (is_object($action) === false) { throw new Exception('Coult not initialize action'); } else { // Look at last else try { //Everything ok? run action $action->run(); } catch (Exception $e) { echo $e->getMessage(); } } $this->lastAction = $completeName; } }
<?php require_once '../config/dbc.php'; require_once '../class/database.php'; require_once '../class/systemSetting.php'; $dbClass = new database(); $system = new setting(); if (array_key_exists("table", $_POST)) { if ($_POST['table'] == 'maker_info') { //@Sachith : load sub category table by main category id $system->prepareSelectQueryForJSON("SELECT maker_id, maker_name, `desc`, maker_status \r\n FROM maker WHERE maker.maker_status = 1"); } else { if ($_POST['table'] == 'c_customers_table') { //kitz $query = "SELECT\r\n customer.cus_id,\r\n customer.cus_name,\r\n customer.cus_inv_name,\r\n customer.cus_address,\r\n customer.cus_inv_address,\r\n customer.cus_phone1,\r\n customer.cus_phone2,\r\n customer.other_contact,\r\n customer.comments\r\n FROM `customer`\r\n WHERE\r\n customer.cus_status != 99"; $system->prepareSelectQueryForJSON($query); } else { if ($_POST['table'] == 'model_info') { $query = "SELECT\r\n maker_model.mod_id,\r\n maker_model.mod_name,\r\n maker_model.mod_options\r\n FROM\r\n maker_model\r\n WHERE\r\n maker_model.mod_status = 1 AND\r\n maker_model.maker_id = '{$_POST['maker_id']}'"; $system->prepareSelectQueryForJSON($query); } else { if ($_POST['table'] == 'load_sup_reg_tbl') { $system->prepareSelectQueryForJSON("SELECT\r\nsupplier.supp_id,\r\nsupplier.supp_code,\r\nsupplier.supp_name,\r\nsupplier.inv_name,\r\nsupplier.supp_address,\r\nsupplier.inv_address,\r\nsupplier.phone,\r\nsupplier.inv_phone,\r\nsupplier.supp_email,\r\nsupplier.web,\r\nsupplier.supp_fax\r\nFROM\r\nsupplier\r\nWHERE supplier.supp_status = '1'"); } else { if ($_POST['table'] == 'load_clearnce_tbl') { $rec_per_page = 15; // enter the same value in 'view_vehicle_tbl_paging' if (filter_var($_REQUEST["records"], FILTER_VALIDATE_INT)) { $rec_per_page = $_REQUEST["records"]; } if (isset($_REQUEST["page"])) {
private function parseURL() { $ezphp_config = setting::getInstance(); $path = ""; $route_path = empty($_GET['route']) ? '' : $_GET['route']; $route_path = trim($route_path, '/\\'); $route_path_len = strlen($route_path); if ($route_path_len > 1 && substr($route_path, -1) == '/') { $route_path = substr($route_path, 0, -1); } elseif ($route_path_len == 0) { $route_path = '/'; } //print $route_path;exit; // for routed urls start $routes = $ezphp_config->get['routes']; if (count($routes) > 0) { if (!in_array('/', array_keys($routes))) { $controller = $ezphp_config->get['application']['default_controller'] ? $ezphp_config->get['application']['default_controller'] : 'home'; $routes['/'] = $controller . '/index'; } foreach ($routes as $route => $uri) { if (strpos($route, ':') !== false) { $wildcard = array(':any', ':alphanum', ':num', ':alpha'); $regex = array('(.+)', '([a-z0-9]+)', '([0-9]+)', '([a-z]+)'); $route = str_replace($wildcard, $regex, $route); } if (preg_match('#^' . $route . '$#u', $route_path)) { if (strpos($uri, '$') !== false && strpos($route, '(') !== false) { // for regex routing $route_path = preg_replace('#^' . $route . '$#', $uri, $route_path); } else { // for normal routing $route_path = $uri; } // we found a valid route $lib_uri = ezphp::ez_get('uri'); $lib_uri->ruri = $route_path; $lib_uri->rparts = explode('/', $route_path); break; } } } // for routed urls end // filter bad/malacious urls // (not sure whether we really need this...) // $route_path = $this->filter_url($route_path); $parts = explode('/', str_replace('../', '', $route_path)); $path = __SITE_PATH . '/content/controllers/'; // Find right controller including sub-dirs foreach ($parts as $part) { $fullpath = $path . $part; // do we have dir? if (is_dir($fullpath)) { $path .= $part . '/'; array_shift($parts); continue; } // find the file if (is_file($fullpath . '.php')) { $this->__controller = $part; array_shift($parts); break; } } if (empty($this->__controller)) { if (@$parts[0]) { $this->__controller = $parts[0]; } } if (empty($this->__controller)) { # default controller $def_controller = $ezphp_config->get['application']['default_controller']; $this->__controller = $def_controller ? $def_controller : 'home'; } $method = ''; if (!empty($parts)) { $method = array_shift($parts); } $this->__action = !empty($method) ? $method : 'index'; $this->__args = $parts; # do we have the same suffix in url and config file? if (count($this->__args)) { if ($this->match_suffix(end($this->__args)) === false) { # show the 404 error page $this->error404(); return; } } if ($this->match_suffix($this->__action) === false || $this->match_suffix($this->__controller) === false) { # show the 404 error page $this->error404(); return; } ######################### # strip url suffix if any if (count($this->__args)) { foreach ($this->__args as $key => $value) { $this->__args[$key] = $this->clean_suffix($value); } } $this->__action = $this->clean_suffix($this->__action); $this->__controller = $this->clean_suffix($this->__controller); ################# # is this private action/function? $private = substr($this->__action, 0, 8); if (strtolower($private) === "private_") { # show the 404 error page $this->error404(); } else { $this->__file = $path . $this->__controller . '.php'; $this->__file = str_replace('../', '', $this->__file); } }
/** * getUserByLogin - Check login data andset email vars * * @access public * @param $emailname * @param $password * @return boolean */ public function getUserByLogin($username, $password) { $query = "SELECT username, password FROM zp_user \n\t\t WHERE username = :username LIMIT 1"; $stmn = $this->db->{'database'}->prepare($query); $stmn->bindValue(':username', $username, PDO::PARAM_STR); $stmn->execute(); $returnValues = $stmn->fetch(); $userCounter = count($returnValues); $stmn->closeCursor(); //echo 'getUserByLogin count:'. $userCounter; if ($userCounter === false || !$this->hasher->CheckPassword($password, $returnValues['password'])) { //echo 'return false<br>'; unset($_SESSION['userdata']); unset($_SESSION['template']); unset($_COOKIE); return false; } else { // $query = "SELECT \n\t\t\t\t\tid,\n\t\t\t\t\tusername,\n\t\t\t\t\trole,\n\t\t\t\t\tlastname AS name\n\t\t\t\t\t\n\t\t\t\t\t\tFROM zp_user \n\t\t\t WHERE username = :username\n\t\t\t LIMIT 1"; //echo $query; $stmn = $this->db->{'database'}->prepare($query); $stmn->bindValue(':username', $username, PDO::PARAM_STR); $stmn->execute(); $returnValues = $stmn->fetch(); $stmn->closeCursor(); $this->name = $returnValues['name']; $this->mail = $returnValues['username']; $this->userId = $returnValues['id']; $user = new users(); $roles = $user->getRole($returnValues['role']); $this->role = $roles['roleName']; $setting = new setting(); $roleArray = explode(',', $this->role); $this->sysOrgs = $setting->getSysOrgsStringByRoles($roleArray); return true; } }
/** * This escapes data and forces all newline characters to "\n". * * @param unknown_type string to clean * @return string */ function clean_input_data($str) { $ezphp_config = setting::getInstance(); $xss_filter = $ezphp_config->get['security']['xss_filter']; if (is_array($str)) { $new_array = array(); foreach ($str as $key => $val) { // recursion! $new_array[$this->clean_input_keys($key)] = $this->clean_input_data($val); } return $new_array; } if (get_magic_quotes_gpc()) { // remove annoying magic quotes $str = stripslashes($str); } /* if ($xss_filter == '1') { $str = $this->clean_xss($str); } */ if (strpos($str, "\r") !== false) { // standardize newlines $str = str_replace(array("\r\n", "\r"), "\n", $str); } return $str; }
<?php session_start(); require_once '../config/dbc.php'; require_once '../class/database.php'; require_once '../class/systemSetting.php'; $system = new setting(); $database = new database(); MainConfig::connectDB(); if (array_key_exists("action", $_POST)) { if ($_POST['action'] == 'get_selected_employee_data') { $emp_id = $_POST['emp_id']; $system->prepareSelectQueryForJSON("SELECT\r\n r_employee.emp_id,\r\n r_employee.empno,\r\n r_employee.title,\r\n r_employee.`name`,\r\n r_employee.designation,\r\n r_employee.nic,\r\n r_employee.tel,\r\n r_employee.gender,\r\n r_employee.epfno,\r\n r_employee.basic,\r\n r_employee.reg_date,\r\n r_employee.`status`\r\n FROM\r\n r_employee\r\n where r_employee.`status` = '1' AND\r\n r_employee.emp_id = '{$emp_id}'"); } else { if ($_POST['action'] == 'save_employee') { $today = date('Y-m-d'); $data = $_POST['form_data']; if (empty($data['empno'])) { echo json_encode(array(array("msgType" => 2, "msg" => "Enter a supplier code"))); return; } foreach ($data as $key => $value) { $data[$key] = mysql_real_escape_string($data[$key]); } mysql_query("START TRANSACTION"); $ins = mysql_query("INSERT INTO `r_employee` (\r\n\t`emp_id`,\r\n\t`empno`,\r\n\t`name`,\r\n\t`nic`,\r\n\t`tel`,\r\n\t`gender`,\r\n\t`epfno`,\r\n\t`basic`,\r\n\t`reg_date`,\r\n\t`status`\r\n)\r\nVALUES" . "('{$data['emp_id']}', '{$data['empno']}', '{$data['name']}', '{$data['nic']}', '{$data['tel']}', '{$data['gender']}', '{$data['epfno']}', '{$data['basic']}','{$data['reg_date']}','1')") or die(mysql_error()); $trn = mysql_query("INSERT INTO `transaction` (`tr_type`, `tr_desc`, `tr_date`, `tr_user_id`) VALUES ('INSERT', 'employee-{$data['empno']}', '{$today}', '{$_SESSION['user_id']}')") or die(mysql_error()); if ($ins && $trn) { mysql_query("COMMIT"); echo json_encode(array(array("msgType" => 1, "msg" => "Employee saved"))); } else {
} # directory separator define('DS', DIRECTORY_SEPARATOR); # sets folder name application resides in. $_SERVER['PHP_SELF'] = filter_var($_SERVER['PHP_SELF'], FILTER_SANITIZE_STRING); define('__DIRNAME', dirname($_SERVER['PHP_SELF'])); # sets site path for inclusion of files define('__SITE_PATH', $_SERVER['DOCUMENT_ROOT'] . __DIRNAME); # sets absolute site path define('__SITE_PATH_ABS', realpath(__SITE_PATH)); // save paths for global access ezphp::ez_set('ez_dir', __DIRNAME); ezphp::ez_set('ez_site_path', __SITE_PATH); ezphp::ez_set('ez_site_path_abs', __SITE_PATH_ABS); # get the site settings $ezphp_config = setting::getInstance(); // set time zone if (function_exists('date_default_timezone_set')) { # default time zone $timezone = $ezphp_config->get['application']['timezone']; if (!$timezone) { $timezone = 'Europe/London'; } date_default_timezone_set(empty($timezone) ? date_default_timezone_get() : $timezone); } $possible_values = array('0', '1'); # security settings ################################## $error_reporting = $ezphp_config->get['security']['error_reporting']; error_reporting(strlen(trim($error_reporting)) ? $error_reporting : E_ALL); $display_errors = $ezphp_config->get['security']['display_errors']; $xss_filter = $ezphp_config->get['security']['xss_filter'];
<?php /* * Copyright (C) 2014 saez0pub * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License * as published by the Free Software Foundation; either version 2 * of the License, or (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ include_once dirname(__FILE__) . '/../lib/common.php'; $page = new page(); $content = "\n <div class=row>\n <div class=\"highlight col-md-3\">\n <h1>Paramètres</h1>\n </div>\n <div class=\"col-md-9\">\n"; $settings = new setting(); $settings->prepare(); $content .= $settings->getTable(); $content .= "\n </div>\n </div>\n"; $page->addcontent($content); $page->showPage();
function keywordDataSet($DATA) { requireComponent('Textcube.Function.Setting'); $cfg = setting::fetchConfigVal($DATA); return true; }
require "order/OrderOnline.php"; $obj = new OrderOnline(); $obj->getPreviousOrderDetails(); break; case 15: require "login/UserProfile.php"; $obj = new UserProfile(); $obj->updateProfileInfo(); break; case 16: require "order/OrderOnline.php"; $obj = new OrderOnline(); $obj->getUserFavouriteList(); break; case 17: require "order/OrderOnline.php"; $obj = new OrderOnline(); $obj->getOfferTabInformation(); break; case 18: require 'setting/setting.php'; $obj = new setting(); $obj->calculateLatLong(); break; case 19: require 'order/OrderOnline.php'; $obj = new OrderOnline(); $obj->getRestaurantIonic(); break; } }
function KeywordLink_setConfig($data) { requireComponent('Textcube.Function.Setting'); $cfg = setting::fetchConfigVal($data); return true; }
function batch_action(){ if(is_array(front::$post['select']) && !empty(front::$post['select'])){ foreach(front::$post['select'] as $v){ if(!preg_match('/^my_.+/',$v)) { front::flash('字段名称不正确!'); } $delete=$this->_table->query("ALTER TABLE `{$this->_table->name}` DROP `".$v."`"); if(!$delete) { front::flash('字段删除失败!'); }else { unset(setting::$var[$this->table][$v]); setting::save(); front::flash('字段删除成功!'); front::redirect(url::modify('act/list',true)); } } } }
$val[vSelf] = $res['self_color']; $val[vOverall] = $res['overall_color']; $file = $common->direct_replace($db_object,$file,$val); echo $file; }//end view function save_color($db_object,$common,$default,$user_id,$post_var) { $config_table = $common->prefix_table("config"); if($user_id=='1') { while(list($key,$value)=each($post_var)) { $$key = $value; } $insert = "update $config_table set commit_color='$fCommitment',accomplish_color='$fAccomplish', admin_color='$fAdmin',rater1_color='$fRater1',rater2_color='$fRater2', rater3_color='$fRater3',self_color='$fSelf',overall_color='$fOverall' where id = '1'"; $db_object->insert($insert); }//check admin } }//end class $ob = new setting; if($submit!="") { $ob->save_color($db_object,$common,$default,$user_id,$post_var); } $ob->view_form($db_object,$common,$default,$user_id); include_once("footer.php"); ?>
/** * displayLink */ public function displayLink($module, $name, $params = NULL, $attribute = NULL) { $mod = explode('.', $module); if (is_array($mod) === true && count($mod) == 2) { $action = $mod[1]; $module = $mod[0]; $mod = $module . '/class.' . $action . '.php'; $setting = new setting(); $available = $setting->getAvailableModules($_SESSION['userdata']['role']); } else { $mod = array(); } $returnLink = false; if (!empty($available) && in_array($mod, $available) !== false) { $url = "/" . $module . "/" . $action . "/"; if (!empty($params)) { foreach ($params as $key => $value) { $url .= $value . "/"; } } $attr = ''; if ($attribute != NULL) { foreach ($attribute as $key => $value) { $attr .= $key . " = '" . $value . "' "; } } $returnLink = "<a href='" . $url . "' " . $attr . ">" . $name . "</a>"; } return $returnLink; }
<?php session_start(); require_once '../config/dbc.php'; require_once '../class/database.php'; require_once '../class/systemSetting.php'; $system = new setting(); $database = new database(); MainConfig::connectDB(); if (array_key_exists("action", $_POST)) { if ($_POST['action'] == 'maker_save') { $today = date('Y-m-d'); if (empty($_POST['maker_name'])) { echo json_encode(array(array("msgType" => 2, "msg" => "Enter a Maker Name"))); return; } mysql_query("START TRANSACTION"); $ins = mysql_query("INSERT INTO `maker`(`maker_name`, `desc`, `maker_status`) VALUES ('{$_POST['maker_name']}', '{$_POST['maker_desc']}', '1')"); $trn = mysql_query("INSERT INTO `transaction` (`tr_type`, `tr_desc`, `tr_date`, `tr_user_id`) VALUES ('INSERT', 'Maker', '{$today}', '{$_SESSION['user_id']}')"); if ($ins && $trn) { mysql_query("COMMIT"); echo json_encode(array(array("msgType" => 1, "msg" => "Maker saved"))); } else { mysql_query("ROLLBACK"); echo json_encode(array(array("msgType" => 2, "msg" => "Could not save"))); } MainConfig::closeDB(); } else { if ($_POST['action'] == 'maker_update') { $today = date('Y-m-d'); $form = $_POST['form_data'];
<?php //require_once '../class/ap_funtions.php'; require_once '../config/dbc.php'; require_once '../class/database.php'; require_once '../class/systemSetting.php'; //require_once '../class/functionsByKIT.php'; $system = new setting(); $database = new database(); //$pasdManage = new MainConfig(); if (array_key_exists("action", $_POST)) { if ($_POST['action'] == 'saveAdminLevels') { MainConfig::connectDB(); $getSeqno = mysql_query("SELECT\nin_usrlevel.usrLvlPrvSeq,\nin_usrlevel.lvID\nFROM\nin_usrlevel\nWHERE in_usrlevel.usrLvlPrvSeq != '20'"); $count = mysql_num_rows($getSeqno); $seqNo = $count + 1; $system->prepareCommandQueryForAlertify("INSERT INTO `in_usrlevel` (`lvName`, `usrLvlPrvSeq`) VALUES ('{$_POST['userLevel']}', '{$seqNo}');", "Successfully Saved", "Sorry ..! Counld Not Be Saved"); } else { if ($_POST['action'] == 'userLevelTbl') { $system->prepareSelectQueryForJSON("SELECT\nin_usrlevel.lvID,\nin_usrlevel.lvName,\nin_usrlevel.usrLvlPrvSeq\nFROM\nin_usrlevel\nORDER BY in_usrlevel.lvID DESC"); } else { if ($_POST['action'] == 'deleteUserLevel') { $system->prepareCommandQueryForAlertify("DELETE FROM `in_usrlevel` WHERE (`lvID`='{$_POST['userLevelId']}')", "Successfully Deleted", "Sorry ..! Counld Not Be Deleted"); } else { if ($_POST['action'] == 'loadUserLevelCombo') { $system->prepareSelectQueryForJSON("SELECT\nin_usrlevel.lvName,\nin_usrlevel.lvID,\nin_usrlevel.usrLvlPrvSeq\nFROM\nin_usrlevel\nWHERE in_usrlevel.usrLvlPrvSeq != '20'"); } else { if ($_POST['action'] == 'loadPrivillegeCombo') { $system->prepareSelectQueryForJSON("SELECT\nin_sysprvlg.prvCode,\nin_sysprvlg.usrPrvMnuName\nFROM `in_sysprvlg`\n"); } else { if ($_POST['action'] == 'selectUlevel') {
<?php session_start(); require_once '../config/dbc.php'; require_once '../class/database.php'; require_once '../class/systemSetting.php'; $system = new setting(); $database = new database(); MainConfig::connectDB(); if (array_key_exists("action", $_POST)) { if ($_POST['action'] == 'update_emp_data') { $emp_name = mysql_real_escape_string($_POST['emp_name']); $system->prepareCommandQueryForAlertify("UPDATE `r_employee` SET `emp_id`='{$_POST['emp_id']}', `name`='{$_POST['emp_name']}", "Successfully Updated Employee Data", "Sorry ! Could not be Update"); } else { if ($_POST['action'] == 'del_emp') { $system->prepareCommandQueryForAlertify("DELETE FROM `r_employee` WHERE (`emp_id`='{$_POST['emp_id']}')", "Successfully Deleted Employee", "Sorry ! Could not be Delete"); } else { if ($_POST['action'] == 'check_emp_no') { $data = $system->prepareSelectQuery("SELECT\r\n COUNT(r_employee.emp_id) AS tot\r\n FROM `employee`\r\n WHERE\r\n lms_emp_data.lms_emp_NO = '{$_POST['id']}'"); if (!empty($data)) { echo $current_tot = $data[0]['tot']; } } else { if ($_POST['action'] == 'select_emp') { $system->prepareSelectQueryForJSON("SELECT\r\n r_employee.emp_id,\r\n r_employee.name,\r\n r_employee.gender\r\n r_employee.nic,\r\n FROM r_employee\r\n WHERE\r\n r_employee.emp_id = {$_POST['emp_id']}"); } else { if ($_POST['action'] == 'save_paysheet') { // $query = "INSERT INTO `paysheet` (`paysheet_id`,`emp_id`,`emp_name`,`nicno`,`nopay`,`late`,`meal`,`hours`,`hourlyrate`,`advance`,`basic`,`epfno`,`sallary`,`date`) VALUES ('{$_POST['paysheet_id']}','{$_POST['emp_id']}','{$_POST['name']}','{$_POST['nic']}','{$_POST['nopay']}','{$_POST['late']}','{$_POST['meal']}','{$_POST['othours']}','{$_POST['otrate']}','{$_POST['advance']}','{$_POST['basic']}','{$_POST['epfno']}',{$_POST['sallary']}','{$_POST['date']}')" ; $query = "INSERT INTO `r_paysheet` (`paysheet_id`,`emp_id`,`emp_name`,`nicno`,`nopay`,`late`,`meal`,`hours`,`hourlyrate`,`advance`,`basic`,`epfno`,`sallary`,`epfval`,`date`) VALUES ('{$_POST['paysheet_id']}','{$_POST['emp_id']}','{$_POST['name']}','{$_POST['nic']}','{$_POST['nopay']}','{$_POST['late']}','{$_POST['meal']}','{$_POST['othours']}','{$_POST['otrate']}','{$_POST['advance']}','{$_POST['basic']}','{$_POST['epfno']}','{$_POST['salary']}','{$_POST['epfval']}','{$_POST['date']}')"; $errMsg = "paysheet not added to the database"; $succMsg = "employee paysheet was sucessfully added to the database";
$obj = new setting(); $obj->updateRestaurantLogo(); break; case 21: require "setting/setting.php"; $obj = new setting(); $obj->updateRestaurantSliderImage(); break; case 22: require "setting/setting.php"; $obj = new setting(); $obj->updateRestaurantReservationInfo(); break; case 23: require "setting/setting.php"; $obj = new setting(); $obj->updasteDeliveryPostcodeList(); break; /***********Update From Backoffice ENDS***************/ /***********Update From Backoffice ENDS***************/ case 24: //incomplete require 'order/OrderOnline.php'; $obj = new OrderOnline(); $obj->getRestaurantBusinessHour(); break; case 25: require 'order/OrderOnline.php'; $obj = new OrderOnline(); $obj->getRestaurantDeliveryArea(); break;