if (strlen($valore) > 0) { $sqlinsertfield .= "{$campo},"; $sqlinsertvalues .= "{$valore},"; } } $sqlinsertfield = substr($sqlinsertfield, 0, strlen($sqlinsertfield) - 1); $sqlinsertvalues = substr($sqlinsertvalues, 0, strlen($sqlinsertvalues) - 1); $sqlinsert = "insert into {$tabelladb} ({$sqlinsertfield}) values ({$sqlinsertvalues})"; $sql = $sqlinsert; } //echo "<p>$sql</p>"; print_debug($sql, null, 'savedata'); $result = $db->sql_query($sql); $retval = ""; $elenco = $db->sql_fetchrowset(); $nrighe = $db->sql_numrows(); if (!$result) { echo "ERRORE NEL SALVATAGGIO<p>{$sql}</p>"; return; } //se ho inserito un nuovo valore ricavo l'ultimo id if ($_POST["mode"] == "new") { $sql = $tb->table_list ? "SELECT max(id) FROM {$tabelladb}" : "select currval ('" . trim($tabelladb) . "_id_seq')"; //echo "<p>$sql</p>"; $db->sql_query($sql); $row = $db->sql_fetchrow(); $lastid = $row[0]; $_SESSION["ADD_NEW"] = $lastid; //print_debug("sessione ho $lastid"); } }
} if ($opt[0] == "w") { $width = substr($opt, 1); } if ($opt[0] == "h") { $height = substr($opt, 1); } } // DATABASE $coddb = new sql_db($db_host, $db_user, $db_pass, $db_db, false); if (!$coddb->db_connect_id) { die("Could not connect to the database"); } $query = "SELECT * \n FROM {$t['players']}, {$t['b3_clients']} \n WHERE {$t['b3_clients']}.id = {$t['players']}.client_id \n AND (({$t['players']}.kills > {$minkills})\n OR ({$t['players']}.rounds > {$minrounds}))\n AND ({$t['players']}.hide = 0)\n AND ({$current_time} - {$t['b3_clients']}.time_edit < {$maxdays}*60*60*24)\n ORDER by skill DESC"; $result = $coddb->sql_query($query); $numrows = $coddb->sql_numrows($result); if ($numrows < $player_rank) { die("Rank out of reach!"); } $count = 1; while ($count <= $player_rank) { $player = $coddb->sql_fetchrow($result); $count += 1; } $c = $count - 1; $player['rank'] = "#" . $c . " - "; // TEMPLATE include "render.php"; // OUTPUT ob_start(); header("Cache-Control: no-cache, must-revalidate");
if (!$db->sql_query($sql)) { print_debug($sql); } //$db->sql_query($sql); //echo "<p>$sql</p>"; //$db->sql_fetchrow(); } $oneri = 1; if ($oneri) { $sql = "select * from oneri.e_rata_calcolo where tipo='{$tipo}' order by rata"; print_debug($sql); if (!$db->sql_query($sql)) { print_debug($sql); } $rate = $db->sql_fetchrowset(); $nrec = $db->sql_numrows(); //print_r($rate); for ($i = 0; $i < $nrec; $i++) { $nrata = $rate[$i]["rata"]; $titolo = $rate[$i]["titolo"]; $calcolacc = $rate[$i]["calcola_cc"]; $calcolab1 = $rate[$i]["calcola_b1"]; $calcolab2 = $rate[$i]["calcola_b2"]; $scadenza = $rate[$i]["scadenza"]; if ($data_rata1) { $sql = "insert into oneri.rate (pratica,rata,titolo,cc,b1,b2,data_scadenza) select {$idpratica},{$nrata},'{$titolo}',{$calcolacc},{$calcolab1},{$calcolab2},'{$data_rata1}'::date + INTERVAL '{$scadenza} months' from oneri.totali where oneri.totali.pratica={$idpratica}"; } else { if ($campo_cc) { $sql = "insert into oneri.rate (pratica,rata,titolo,cc,b1,b2,data_scadenza) select {$idpratica},{$nrata},'{$titolo}',{$calcolacc},{$calcolab1},{$calcolab2},{$campo_cc} + INTERVAL '{$scadenza} months' from oneri.totali left join pe.titolo on(oneri.totali.pratica=pe.titolo.pratica) where oneri.totali.pratica={$idpratica}"; } }
//first we need to retrieve the list of all active companies that might have imported data $db_support = new sql_db( $supportdb, $dbuser, $dbpasswd, 'nizex_support', false ); if ( $db_support->db_connect_id ) { $query = "select CompanyID, DBName, DBHost, TableVersion from optUserCompany where Active=1 "; if ( !( $result = $db_support->sql_query( $query ) ) ) { $lbl_error = $dblang[ "ErrorInSQL" ]."<br>".$db_support->sql_error(); } while ( $row = $db_support->sql_fetchrow( $result )) { $db = new sql_db( $dbhost, $dbuser, $dbpasswd, $row[ 'DBName' ], true ); $query = "select * from conLeadSources where LeadName='Other'"; if ( !( $result2 = $db->sql_query( $query ) ) ) echo "Problem with: ".$query; if ( $db->sql_numrows( $result2 ) == 0 ) { $query = "insert into conLeadSources values ( null, 'Other', 1 )"; if ( !( $result2 = $db->sql_query( $query ) ) ) echo "Problem with: ".$query; } } //end while looping through companies } ?>
<?php include_once "login.php"; $tabpath = "pe"; $titolo = $_SESSION["TITOLO_{$idpratica}"]; $idpratica = $_POST["pratica"]; $db = new sql_db(DB_HOST, DB_USER, DB_PWD, DB_NAME, false); if (!$db->db_connect_id) { die("Impossibile connettersi al database"); } $sql = "select e_vincoli.nome,e_vincoli.descrizione,vincoli.zona from pe.e_vincoli,pe.vincoli where e_vincoli.nome::text=vincoli.vincolo::text \nand e_vincoli.parametri=1 and vincoli.pratica={$idpratica} order by e_vincoli.ordine"; $db->sql_query($sql); $vincoli = $db->sql_fetchrowset(); $nzone = $db->sql_numrows(); $numcols = $nzone + 3; for ($i = 0; $i < $nzone; $i++) { if ($vincolo != $vincoli[$i]["nome"]) { $vincolo = $vincoli[$i]["nome"]; if ($n) { $colspan[] = $n; } //numero di colonne per lo span del vincolo $index[] = $i; //primo indice dove trovo la descrizione del vincolo $n = 1; } else { $n++; } // una colonna di parametri per ogni zona ARRAY[vincolo][zona][parametro] $zona = $vincoli[$i]["zona"]; $sql = "select parametro,valore from pe.e_parametri_zone where vincolo='{$vincolo}' and zona='{$zona}'";
$pratica = $_REQUEST["pratica"]; if ($_POST["azione"] == "Salva") { // Se necessario inserisco il nuovo riferimento nella tabella $idref = $_POST["id"]; if ($_POST["id"] == 0) { $descrizione = addslashes(trim($_POST["riferimento"])); $sql = "INSERT INTO pe.riferimenti(descrizione) VALUES('{$descrizione}')"; $db->sql_query($sql); $sql = "select currval ('pe.riferimenti_id_seq')"; $db->sql_query($sql); $row = $db->sql_fetchrow(); $idref = $row[0]; } //Modifico i riferimenti della tabella avvioproc $db->sql_query("SELECT pratica FROM pe.avvioproc,pe.riferimenti WHERE riferimenti.id=" . $_POST["id_prec"] . " AND avvioproc.riferimento=riferimenti.id"); $nrif = $db->sql_numrows(); if ($nrif <= 1) { $db->sql_query("DELETE FROM pe.riferimenti WHERE id=" . $_POST["id_prec"]); } $db->sql_query("update pe.avvioproc set riferimento={$idref} where pratica={$idpratica}"); } return; } //se ho passato una pratica da elenco ho finito if (isset($_POST["refpratica"])) { $flagOK = 1; return; } //Modalità di Ricerca $self = $_SERVER["PHP_SELF"]; $numeroprat = $_POST["numero"];
function UpdateAddConEmail( $oldemail='', $newemail='', $contactid, $addconid = 0 ) { global $db; global $lang; global $dbname; global $dbhost, $supportdb, $dbuser, $dbpasswd; $dbsupport = new sql_db( $supportdb, $dbuser, $dbpasswd, 'nizex_support', false, true ); $newemail = trim( $newemail ); $oldemail = trim( $oldemail ); /***************** //after talking with GHH I am changing this function in the following way //first check to see if there is a userid on the addcon we are editing, if not then //we allow them to add, edit or clear, we don't care what they do //if they have a userid then we make sure that who they are changing the email adress to //is not in the support tables under a different userid, if so then we error and exit; //***************/ $query = "select UserID from conAdditionalContacts where UserID > 0 and EmailAddress = '".$oldemail."' and AdditionalContactID = ".$addconid; if ( !$result = $db->sql_query( $query ) ) { LogError( 9255, $query ."<br>".$db->sql_error(), false ); return false; } if ( $db->sql_numrows( $result ) == 0 ) { //first make sure they are not changing the email address to one that already exists on the same contact $query = "select EmailAddress from conAdditionalContacts where EmailAddress = '".$newemail."' and ContactID = ".$contactid; if ( !$result = $db->sql_query( $query ) ) { LogError( 9141, $query .$dblang[ "ErrorInSQL" ]."<br>".$db->sql_error() ); return false; } if ( $db->sql_numrows( $result ) == 0 ) { $query = "update conAdditionalContacts set EmailAddress = '".$newemail."' where AdditionalContactID = ".$addconid; if ( !$result = $db->sql_query( $query ) ) { LogError( 9142, $query .$dblang[ "ErrorInSQL" ]."<br>".$db->sql_error() ); return false; } } }//end of editing for addcon with no userid else { //TKS 06.12.2012 noticed if trying to save an add con without an email on a user //they no longer set to login, it would enter here becuase of the userid then error //due to invalid email. So if the email was blank before and blank now, we just return if ( $oldemail == '' && $newemail == '' ) return true; //if the current email is hooked to a userid they cannot clear out the email address //TKS 01.25.2012 I moved this to the top of this else so that if they have a userid //and trying to clear out the email, we just return if ( !validEmail( $newemail ) || empty( $newemail ) || $newemail == '' ) { LogError( $lang[ "ErrEmailValid" ], false ); return false; } $temprow = $db->sql_fetchrow( $result ); $userid = $temprow['UserID']; //I spoke with Noel and he said to add Training DB and Demo and exit if they are editing a record with //a userid in either of those DBs because we have a bunch of customers and employees editing and messing with data // and it screwed up people's login ability. SO these 2 dbs, if oldemail has userid, they cannot edit it, they //will have to login to their individual DB to edit the record //05.14.2013 naj - added trial databases to the list of databases you cannot edit from. if ( ( $dbname == 'nizex_training' || $dbname == 'nizex_demo' || preg_match('/nizex_trial/', $dbname)) && ( $newemail != $oldemail ) ) { LogError( $lang[ "ErrDBEmail" ], false ); return false; } //first see if the email addresses are different if ( $newemail != $oldemail ) { //first check to see if the new address is in the optUsers table, under a different userid if so we return false $query = "select UserID from optUsers where EmailAddress = '$newemail' and UserID != $userid"; if ( !$result = $dbsupport->sql_query( $query ) ) { LogError( 9136, $query ."<br>".$dbsupport->sql_error(), false ); return false; } if ( $dbsupport->sql_numrows( $result ) > 0 ) { LogError( $lang[ "ErrEmailExists" ], false ); return false; } //grab all company DBs linked to this user $query = "select optUserCompany.DBName, DBHost from optUserCompany, optUserLinks where optUserLinks.UserID = $userid and optUserLinks.CompanyID = optUserCompany.CompanyID"; if ( !$result = $dbsupport->sql_query( $query ) ) { LogError( 9138, $query ."<br>".$dbsupport->sql_error(), false ); return false; } //04.09.2013 naj - changed everything to use a transaction, so we can roll this back if it fails $dbarray = array(); while ( $dbrow = $dbsupport->sql_fetchrow( $result ) ) { $tempdb = new sql_db( $dbrow[ "DBHost" ], $dbuser, $dbpasswd, $dbrow[ "DBName" ], false, true ); if ( $tempdb->db_connect_id ) { //04.09.2013 naj - add the current database to the db array. $dbarray[] = $tempdb; if ( !$tempresult = $tempdb->sql_query( '', 'BEGIN')) { LogError (12118, $query."<br>".$tempdb->sql_error()); foreach ($dbarray as $tempdb) { $tempdb->sql_query('', 'ROLLBACK'); $tempdb->sql_close(); } return false; } $query = "update conAdditionalContacts set EmailAddress = '".$newemail."' where EmailAddress = '".$oldemail."' and UserID = $userid"; if ( !$tempresult = $tempdb->sql_query( $query ) ) { LogError( 9139, $query."<br>".$tempdb->sql_error() ); foreach ($dbarray as $tempdb) { $tempdb->sql_query('', 'ROLLBACK'); $tempdb->sql_close(); } return false; } } } //now update the optUsers record $query = "update optUsers set EmailAddress = '".$newemail."' where UserID = $userid"; if ( !$result = $dbsupport->sql_query( $query ) ) { LogError( 9140, $query ."<br>".$dbsupport->sql_error(), false ); foreach ($dbarray as $tempdb) { $tempdb->sql_query('', 'ROLLBACK'); $tempdb->sql_close(); } return false; } //04.09.2013 naj - if we made it this far, then the update is complete. foreach ($dbarray as $tempdb) { $tempdb->sql_query('', 'COMMIT'); $tempdb->sql_close(); } //12.09.2013 naj - this is to ensure that the current database gets updated to in the event that the user was allowed to login in the past but now is not. $query = "update conAdditionalContacts set EmailAddress = '".$newemail."' where EmailAddress = '".$oldemail."' and UserID = $userid"; if ( !$result = $db->sql_query( $query ) ) { LogError(13858, $query ."<br>".$db->sql_error(), false ); return false; } } } return true; }//end of UpdateAddConEmail
$sql_vincoli = "select (coalesce(cdu.mappali.sezione,'') || ','::text || cdu.mappali.foglio || ','::text || cdu.mappali.mappale) as particella,mappali.vincolo,mappali.zona,mappali.perc_area,e_vincoli.descrizione from pe.e_vincoli, cdu.mappali where\nmappali.vincolo=e_vincoli.nome and pe.e_vincoli.cdu=1 and pratica={$idpratica} order by cdu.mappali.perc_area desc, cdu.mappali.sezione,cdu.mappali.foglio,cdu.mappali.mappale;"; print_debug("Vincoli\n" . $sql_vincoli); //aggiungo i mappali che non risultano legati a vincoli $sql_mappali = "select (coalesce(cdu.mappali.sezione,'') || ','::text || cdu.mappali.foglio || ','::text || cdu.mappali.mappale) as particella from cdu.mappali where pratica={$idpratica} and vincolo is null;"; print_debug($sql_mappali, "tabella"); //SCHEMA DB NUOVO //elenco dei piani $sql_piani2 = "select nome_vincolo,nome_tavola,descrizione from vincoli.tavola where cdu=1 order by ordine;"; print_debug($sql_piani2, "tabella"); //verifico l'esitenza dei vincoli per la pratica corrente $sql_vincoli2 = "select distinct(coalesce(cdu.mappali.sezione,'') || ','::text || cdu.mappali.foglio || ','::text || cdu.mappali.mappale) as particella,mappali.vincolo,mappali.zona,mappali.tavola,mappali.perc_area,\ncase when coalesce(zona.sigla,'')<>'' then zona.sigla else zona.descrizione end as descrizione from cdu.mappali left join vincoli.zona on (mappali.zona=zona.nome_zona and mappali.vincolo=zona.nome_vincolo) \nleft join vincoli.tavola on (mappali.tavola=zona.nome_tavola) where tavola.cdu=1 and pratica={$idpratica}"; print_debug("Vincoli\n" . $sql_vincoli2); //echo "<p>$sql_vincoli2</p>"; $db->sql_query($sql_piani2); $piani = $db->sql_fetchrowset(); $npiani = $db->sql_numrows(); $db->sql_query($sql_vincoli2); $vincoli = $db->sql_fetchrowset(); $nvincoli = $db->sql_numrows(); $db->sql_query($sql_mappali); $mappali = $db->sql_fetchrowset(); $nmappali = $db->sql_numrows(); $array_mappali = array(); $array_zone = array(); //verifico se esiste il vincolo nelle tavole for ($r = 0; $r < $nvincoli; $r++) { $idparticella = $vincoli[$r]["particella"]; $piano = $vincoli[$r]["tavola"]; $zona = $array_zone[$idparticella][$piano]; if ($zona) { $zona .= "<br>" . $vincoli[$r]["zona"] . " (" . $vincoli[$r]["perc_area"] . " %)";
$db_config['dbpass'] = $nv_Request->get_string('dbpass', 'post', $db_config['dbpass']); $db_config['prefix'] = $nv_Request->get_string('prefix', 'post', 'nv3'); $db_config['db_detete'] = $nv_Request->get_int('db_detete', 'post', '0'); $db_config['num_table'] = 0; $db_config['create_db'] = 1; if (!empty($db_config['dbhost']) and !empty($db_config['dbname']) and !empty($db_config['dbuname']) and !empty($db_config['prefix'])) { $db_config['dbuname'] = preg_replace(array("/[^a-z0-9]/", '/[\\_]+/', "/^[\\_]+/", "/[\\_]+\$/"), array("_", "_", "", ""), strtolower($db_config['dbuname'])); $db_config['dbname'] = preg_replace(array("/[^a-z0-9]/", '/[\\_]+/', "/^[\\_]+/", "/[\\_]+\$/"), array("_", "_", "", ""), strtolower($db_config['dbname'])); $db_config['prefix'] = preg_replace(array("/[^a-z0-9]/", '/[\\_]+/', "/^[\\_]+/", "/[\\_]+\$/"), array("_", "_", "", ""), strtolower($db_config['prefix'])); $db = new sql_db($db_config); if (!empty($db->error)) { $db_config['error'] = !empty($db->error['user_message']) ? $db->error['user_message'] : $db->error['message']; } else { $tables = array(); $result = $db->sql_query("SHOW TABLE STATUS LIKE '" . $db_config['prefix'] . "\\_%'"); $num_table = intval($db->sql_numrows($result)); if ($num_table > 0) { if ($db_config['db_detete'] == 1) { while ($item = $db->sql_fetch_assoc($result)) { $db->sql_query("DROP TABLE `" . $item['Name'] . "`"); } $num_table = 0; } else { $db_config['error'] = $lang_module['db_err_prefix']; } } $db_config['num_table'] = $num_table; if ($num_table == 0) { nv_save_file_config(); $db_config['error'] = ""; $sql_create_table = array();
<?php //Gestione dell'elenco delle pratiche recenti //quando apro una nuova pratica aggiorno la tabella //già che ci sono metto in sessione l'informazione legata a titolo della pagina (numero pratica .. del ...) $userid = $_SESSION["USER_ID"]; $db = new sql_db(DB_HOST, DB_USER, DB_PWD, DB_NAME, false); if (!$db->db_connect_id) { die("Impossibile connettersi al dadabase"); } $sql = "select pratica from pe.recenti where utente={$userid} and pratica={$idpratica}"; $db->sql_query($sql); $in_recenti = $db->sql_numrows(); if ($in_recenti == 0) { // se sono minori di 10 aggiungo altimenti aggiorno $sql = "select pratica from pe.recenti where utente={$userid}"; $db->sql_query($sql); $row = $db->sql_fetchrow(); $nrec = $db->sql_numrows(); if ($nrec > 11) { $sql = "update pe.recenti set pratica={$idpratica},data=" . time() . " where utente={$userid} and pratica=" . $row["pratica"]; } else { $sql = "insert into pe.recenti (pratica,utente,data) values ({$idpratica},{$userid}," . time() . ")"; } } else { //aggiorno la data di accesso $sql = "update pe.recenti set data=" . time() . " where utente={$userid} and pratica={$idpratica}"; } $db->sql_query($sql); //Aggiorno titolo della pagina // Da vedere se mettere tutto su una query