function executa($sql, $prepared = 0)
{
$this->dados = null;
// $show_sql = 1;
if (substr(TRIM(STRTOUPPER($sql)), 0, strpos(TRIM(STRTOUPPER($sql)), " ")) == "SELECT") {
//select
$select = 1;
$this->res = $this->pdo->query($sql);
$this->nrw = $this->res->rowCount();
} else {
if ($prepared == 1) {
$stmt = $this->pdo->prepare($sql);
//$stmt->bindParam(":val", $prepared, PDO::PARAM_STR);
if ($stmt->execute()) {
$this->res = true;
$this->dados = $stmt->fetch(PDO::FETCH_ASSOC);
} else {
$this->res = false;
}
} else {
//others
$this->res = $this->pdo->exec($sql);
//$a = $this->pdo->fetchAll(); var_dump($a);
}
}
if ($show_sql) {
echo "\n BBBBBB " . $sql;
}
// var_dump($this->res);
if ($this->res > 0) {
//if ($select == 1)
// $this->navega(0);
//else
return true;
} else {
return false;
}
}
public function FileReceptor($fullFileName, $userdata)
{
// userdata is the same passed via widget config.
$path_parts = pathinfo($fullFileName);
if (rename($fullFileName, $path_parts['dirname'] . DIRECTORY_SEPARATOR . $userdata . '.' . $path_parts['extension'])) {
$ruta_imagen = $fullFileName;
$miniatura_ancho_maximo = 200;
$miniatura_alto_maximo = 200;
$info_imagen = getimagesize('materiales' . DIRECTORY_SEPARATOR . $userdata . '.' . $path_parts['extension']);
$imagen_ancho = $info_imagen[0];
$imagen_alto = $info_imagen[1];
$imagen_tipo = $info_imagen['mime'];
$proporcion_imagen = $imagen_ancho / $imagen_alto;
$proporcion_miniatura = $miniatura_ancho_maximo / $miniatura_alto_maximo;
if ($proporcion_imagen > $proporcion_miniatura) {
$miniatura_ancho = $miniatura_ancho_maximo;
$miniatura_alto = $miniatura_ancho_maximo / $proporcion_imagen;
} else {
if ($proporcion_imagen < $proporcion_miniatura) {
$miniatura_ancho = $miniatura_ancho_maximo * $proporcion_imagen;
$miniatura_alto = $miniatura_alto_maximo;
} else {
$miniatura_ancho = $miniatura_ancho_maximo;
$miniatura_alto = $miniatura_alto_maximo;
}
}
switch ($imagen_tipo) {
case "image/jpg":
case "image/jpeg":
$imagen = imagecreatefromjpeg('materiales' . DIRECTORY_SEPARATOR . $userdata . '.' . $path_parts['extension']);
break;
case "image/png":
$imagen = imagecreatefrompng('materiales' . DIRECTORY_SEPARATOR . $userdata . '.' . $path_parts['extension']);
break;
case "image/gif":
$imagen = imagecreatefromgif('materiales' . DIRECTORY_SEPARATOR . $userdata . '.' . $path_parts['extension']);
break;
}
$lienzo = imagecreatetruecolor($miniatura_ancho, $miniatura_alto);
imagecopyresampled($lienzo, $imagen, 0, 0, 0, 0, $miniatura_ancho, $miniatura_alto, $imagen_ancho, $imagen_alto);
imagejpeg($lienzo, 'materiales' . DIRECTORY_SEPARATOR . $userdata . '.' . STRTOUPPER($path_parts['extension']), 50);
} else {
}
}
function BrowseModuleTaskACL($module)
{
$db = $GLOBALS['db'];
$module_id = $GLOBALS['module_id'];
/* SETUP THE INITIAL MODULE DIRECTORY */
$dir = $GLOBALS['dr'] . "modules/" . $module . "/modules/";
/* CHECK THAT THE MODULE EXISTS */
if (!file_exists($dir)) {
return "No such directory";
}
/* LOOP THE PHP FILES IN EACH MODULE */
$dir_arr[] = "";
if ($handle = opendir($dir)) {
while (false !== ($file = readdir($handle))) {
if ($file != "." && $file != ".." && substr($file, -4) == ".php") {
$dir_arr[] = substr($file, 0, -4);
}
}
closedir($handle);
}
/* SORT THE ARRAY INTO ALPHABETICAL ORDER */
sort($dir_arr, SORT_REGULAR);
/**** THIS IS THE SUBMIT FORM PART WHICH WE PUT IN HERE BECAUSE THIS PAGE IS LOADED FROM MANY LOCATIONS ****/
if (isset($_POST['submit_form'])) {
for ($i = 1; $i < count($dir_arr); $i++) {
/* GRAB ALL THE ROLES SINCE WE DO NOT SIMPLY UPDATE WHATEVER CAME FROM THE FORM */
$sql = "SELECT crm.role_id,crm.role_name\n\t\t\t\t\t\tFROM " . $GLOBALS['database_prefix'] . "core_workspace_role_master crm\n\t\t\t\t\t\tWHERE crm.workspace_id = " . $GLOBALS['ui']->WorkspaceID() . "\n\t\t\t\t\t\tORDER BY crm.role_name\n\t\t\t\t\t\t";
//echo $sql."<br>";
$result = $db->Query($sql);
if ($db->NumRows($result) > 0) {
while ($row = $db->FetchArray($result)) {
$post_var = $dir_arr[$i] . "_" . $row['role_id'];
if (isset($_POST[$post_var]) && $_POST[$post_var] == "y") {
$access = "y";
} else {
$access = "n";
}
/* SINCE NEW TASKS AND ROLES CAN BE ADDED WE MAKE SURE THE RECORD EXISTS */
CheckCreateACLTaskExists($row['role_id'], $module_id, $dir_arr[$i]);
$sql = "UPDATE " . $GLOBALS['database_prefix'] . "core_space_task_acl\n\t\t\t\t\t\t\t\tSET access = '" . $access . "'\n\t\t\t\t\t\t\t\tWHERE role_id = " . $row['role_id'] . "\n\t\t\t\t\t\t\t\tAND module_id = '" . $module_id . "'\n\t\t\t\t\t\t\t\tAND task = '" . $dir_arr[$i] . "'\n\t\t\t\t\t\t\t\tAND workspace_id = " . $GLOBALS['workspace_id'] . "\n\t\t\t\t\t\t\t\tAND teamspace_id " . $GLOBALS['teamspace_sql'] . "\n\t\t\t\t\t\t\t\t";
//echo $sql."<br>";
$success = $db->Query($sql);
}
}
}
}
/**** END FORM SUBMITTING ****/
/* DISPLAY EACH */
$c = "<table class='plain' border='0'>\n";
$c .= "<form method='post' name='acl' action='index.php?module=" . $module . "&task=acl'>\n";
for ($i = 1; $i < count($dir_arr); $i++) {
$c .= "<tr class='alternatecell2'>\n";
$c .= "<td colspan='3'>" . STRTOUPPER($dir_arr[$i]) . "</td>\n";
$c .= "</tr>\n";
/* DISPLAY ALL THE ROLES*/
$sql = "SELECT crm.role_id,crm.role_name\n\t\t\t\t\t\tFROM " . $GLOBALS['database_prefix'] . "core_workspace_role_master crm\n\t\t\t\t\t\tWHERE crm.workspace_id = " . $GLOBALS['ui']->WorkspaceID() . "\n\t\t\t\t\t\tORDER BY crm.role_name\n\t\t\t\t\t\t";
//echo $sql."<br>";
$result = $db->Query($sql);
if ($db->NumRows($result) > 0) {
while ($row = $db->FetchArray($result)) {
if (CheckAccess($row['role_id'], $module_id, $dir_arr[$i])) {
$selected = "checked";
} else {
$selected = "";
}
$c .= "<tr>\n";
$c .= "<td><li></td>\n";
$c .= "<td>" . $row['role_name'] . "</td>\n";
$c .= "<td><input type='checkbox' value='y' name='" . $dir_arr[$i] . "_" . $row['role_id'] . "' {$selected}>\n";
$c .= "</tr>\n";
}
}
/* END */
}
$c .= "<tr class='alternatecell2'>\n";
$c .= "<td colspan='3'><input type='submit' name='submit_form' value='Save' class='buttonstyle'></td>\n";
$c .= "</tr>\n";
$c .= "</form>\n";
$c .= "</table>\n";
return $c;
}
$tampilurut = 'Saldo Akhir';
}
if ($urut == 'harga') {
$tampilurut = 'Harga';
}
$bg = " bgcolor=#DEDEDE";
$brdr = 1;
$tab .= 'Mutasi Stock ' . $unit . ' ' . $tahun . '<br>';
$tab .= 'Opsi: ' . $kelompok . ' ' . $mayor . ' ' . $pilih . '<br>';
$tab .= 'Urut: ' . $tampilurut . ' ' . $asc;
} else {
$bg = "";
$brdr = 0;
}
$tab .= "<table cellpadding=1 cellspacing=1 border=" . $brdr . " class=sortable style='width:100%;'><thead><tr>\r\n<td rowspan=1 align=center " . $bg . ">No.</td>";
$tab .= "<td align=left " . $bg . ">" . STRTOUPPER($_SESSION['lang']['kodebarang']) . "<br>" . STRTOUPPER($_SESSION['lang']['namabarang']) . "<br>" . STRTOUPPER($_SESSION['lang']['satuan']) . "</td>";
$tab .= "<td align=left " . $bg . "></td>";
for ($i = 1; $i <= 12; $i++) {
if (strlen($i) == 1) {
$ii = '0' . $i;
} else {
$ii = $i;
}
$per = $tahun . "-" . $ii;
$tab .= "<td align=center " . $bg . ">" . $per . "</td>";
// periode
}
$tab .= "<td align=center " . $bg . ">" . $tahun . "</td>";
// total setahun
$tab .= "</tr>";
$tab .= "</thead><tbody>";
function InitCap($v)
{
return STRTOUPPER(SUBSTR($v, 0, 1)) . SUBSTR($v, 1);
}
//echo strstr(strstr($tipodato,")",true),"(");
$longitud = substr_replace(strstr(strstr($tipodato, ")", true), "("), '', 0, 1);
//echo $longitud;
}
}
echo "<input type='text' size='4' maxlength='4' name='longitudCol' value='{$longitud}'/>";
echo "<input type='text' size='1' maxlength='1' name='precisionCol' value='{$precision}'/>";
echo "<input type='checkbox' name='noNulo'";
if (STRTOUPPER($valSQL['IS_NULLABLE']) == 'NO') {
echo " checked";
}
echo ">No Nulo";
echo "<input type='checkbox' name='default'";
$default = "";
$tipoDato = $valSQL['DATA_TYPE'];
if (STRTOUPPER($valSQL['COLUMN_DEFAULT']) != NULL) {
echo " checked";
$default = $valSQL['COLUMN_DEFAULT'];
/*if($tipoDato=="BIT" || $tipoDato=="TINYINT" || $tipoDato=="SMALLINT" || $tipoDato=="MEDIUMINT"
|| $tipoDato=="INT" || $tipoDato=="DOUBLE" || $tipoDato=="FLOAT" || $tipoDato=="NUMERIC"){
$default=$valSQL['COLUMN_DEFAULT'];
}else{
$default="'".$valSQL['COLUMN_DEFAULT']."'";
}
*/
}
echo ">default";
echo "<input type='text' size='30' maxlength='30' name='defaultVal' value='{$default}'/>";
echo "<input type='submit' value='ModificarColumna'/>";
echo "</tr>";
echo "<br>";
<tr valign="baseline">
<td nowrap align="right"><span class="label"><?php
echo $lang["lang_front"];
?>
</span><br>
<span class="info"><?php
echo $lang["lang_front_note"];
?>
</span></td>
<td><select name="lang_front" size="1" style="width: 70px;">
<?php
$dp = opendir('../lang/');
while (false !== ($file = readdir($dp))) {
$ext = explode('.', $file);
if ($file != '.' && $file != '..' && $ext[1] == 'php') {
$name = STRTOUPPER($ext[0]);
$value = STRTOLOWER($ext[0]);
$selected = $ext[0] == $langfront ? 'selected' : '';
echo '<option value="' . $value . '" ' . $selected . '>- ' . $name . ' -</option>';
}
}
closedir($dp);
?>
</select><br><br>
</td>
</tr>
<tr valign="top">
<td align="right" valign="top" nowrap><span class="label"><?php
echo $lang["wysiwyg"];
?>
</span><br>
//case "F" : Echo "The String Begins with a Consonant";Break;
//case "G" : Echo "The String Begins with a Consonant";Break;
//case "H" : Echo "The String Begins with a Consonant";Break;
//case "I" : Echo "The String Begins with a Vowel";Break;
//case "J" : Echo "The String Begins with a Consonant";Break;
//case "K" : Echo "The String Begins with a Consonant";Break;
//case "L" : Echo "The String Begins with a Consonant";Break;
//case "M" : Echo "The String Begins with a Consonant";Break;
//case "N" : Echo "The String Begins with a Consonant";Break;
//case "O" : Echo "The String Begins with a Vowel";Break;
//case "P" : Echo "The String Begins with a Consonant";Break;
//case "Q" : Echo "The String Begins with a Consonant";Break;
//case "R" : Echo "The String Begins with a Consonant";Break;
//case "S" : Echo "The String Begins with a Consonant";Break;
//case "T" : Echo "The String Begins with a Consonant";Break;
//case "U" : Echo "The String Begins with a Vowel";Break;
//case "V" : Echo "The String Begins with a Consonant";Break;
//case "X" : Echo "The String Begins with a Consonant";Break;
//case "Y" : Echo "The String Begins with a Consonant";Break;
//case "Z" : Echo "The String Begins with a Consonant";Break;
//}
$F = STRTOUPPER(substr($string, 0, 1));
if ($F == "A" || $F == "E" || $F == "I" || $F == "O" || $F == "U") {
echo "The String Begins with a Vowel";
}
if ($F == "B" || $F == "C" || $F == "D" || $F == "F" || $F == "G" || $F == "H" || $F == "J" || $F == "K" || $F == "L" || $F == "M" || $F == "N" || $F == "P" || $F == "Q" || $F == "R" || $F == "S" || $F == "T" || $F == "V" || $F == "W" || $F == "X" || $F == "Y" || $F == "Z") {
echo "The String Begins with a Consonant";
}
?>
</body>
</html>
function login($params)
{
$success = 1;
if (empty($params)) {
return false;
}
if (empty($params['username'])) {
output_message('alert', 'You did not provide your username');
$success = 0;
}
if (empty($params['password'])) {
output_message('alert', 'You did not provide your password');
$success = 0;
}
$res = $this->DB->selectRow("\n\t\t\t\tSELECT `account`.`id`,`username`,`sha_pass_hash`,`active`,`locked`, `gmlevel` FROM account\n\t\t\t\tLEFT JOIN account_banned ON (account_banned.id=account.id AND account_banned.active=1)\n WHERE account.username = ?", $params['username']);
if ($res['id'] < 1) {
$success = 0;
output_message('alert', 'Bad username or password');
}
if ($res['active'] > 0) {
output_message('alert', 'Your account is currently banned');
$success = 0;
}
if ($res['activation_code'] != null) {
output_message('alert', 'Your account is not active');
$success = 0;
}
if ($success != 1) {
return false;
}
$res['sha_pass_hash'] = strtoupper($res['sha_pass_hash']);
if ($res['sha_pass_hash'] == strtoupper($this->gethash(strtoupper(trim($params['username'])) . ":" . strtoupper(trim($params['password']))))) {
$this->user['id'] = $res['id'];
$this->user['name'] = $res['username'];
$this->user['level'] = $res['gmlevel'];
$uservars_hash = serialize(array($res['id'], STRTOUPPER($res['sha_pass_hash'])));
setcookie($this->config['site_cookie'], $uservars_hash, time() + 60 * 60 * 24 * 365, $this->config['site_href'], $this->config['site_domain']);
// expires in 365 days
if ($this->config['onlinelist_on']) {
$this->onlinelist_delguest();
}
return true;
} else {
output_message('alert', 'Your password is incorrect');
return false;
}
}
function LIST_ZIP($NODE)
{
global $encabezado;
$CURRENT_FILE = BUILD_PATH($NODE);
$REAL_FILE = str_replace(DIRECTORY_SEPARATOR . DIRECTORY_SEPARATOR, DIRECTORY_SEPARATOR, DIRNAME($_SESSION['Server_Path'])) . DIRECTORY_SEPARATOR . $CURRENT_FILE;
// the real full filename of the directory
if (empty($BGC)) {
$BGC = "BLACK";
}
if (empty($FGC)) {
$FGC = "YELLOW";
}
$fp = @fopen($REAL_FILE, 'rb');
if (!$fp) {
return;
}
fseek($fp, -22, SEEK_END);
// Get central directory field values
$headersignature = 0;
do {
// Search header
$data = fread($fp, 22);
list($headersignature, $numberentries, $centraldirsize, $centraldiroffset) = array_values(unpack('Vheadersignature/x6/vnumberentries/Vcentraldirsize/Vcentraldiroffset', $data));
fseek($fp, -23, SEEK_CUR);
} while ($headersignature != 0x6054b50 && ftell($fp) > 0);
// Go to start of central directory
fseek($fp, $centraldiroffset, SEEK_SET);
// Read central dir entries
PAGE_HEADER("FILE FUNCTIONS - DIRTREEVIEW", "LIST ZIP CONTENTS OF " . STRTOUPPER(basename($REAL_FILE)), $BGC, $FGC);
echo "<p><CENTER><table border='' bgcolor={$BGC} cellpadding='0' cellspacing='0' class=td>";
echo "\r\n <tr bgcolor={$BGC}>\r\n <td> </td>\r\n <td>\r\n <H3><b><font color={$FGC}>FileName</font></b></H3>\r\n </td>\r\n <td ALIGN=RIGHT>\r\n <H3><b><font color={$FGC}>Size</font></b></H3>\r\n </td>\r\n <td> </td>\r\n <td> </td>\r\n <td> </td>\r\n <td>\r\n <H3><b><font color={$FGC}>Date:Time</font></b></H3>\r\n </td>\r\n <td> </td>\r\n </tr>";
for ($i = 1; $i <= $numberentries; $i++) {
// Read central dir entry
$data = fread($fp, 46);
list($arcfiletime, $arcfiledate, $arcfilesize, $arcfilenamelen, $arcfileattr) = array_values(unpack("x12/varcfiletime/varcfiledate/x8/Varcfilesize/Varcfilenamelen/x6/varcfileattr", $data));
$filenamelen = fread($fp, $arcfilenamelen);
$arcfiledatetime = MSDOS_TIME_TO_UNIX($arcfiledate, $arcfiletime);
echo "<tr BGCOLOR={$FGC}>";
echo "<td> </td>";
// Print FileName
if ($arcfileattr == 16) {
echo "<td><font color='{$BGC}'>";
echo "<b>" . $filenamelen . "</b>";
echo "</td></font>";
} else {
echo "<td ><font color='{$BGC}'>";
echo "...." . basename($filenamelen);
echo "</font></td>";
}
// Print FileSize column
if ($arcfileattr == 16) {
echo "<td><font color='{$BGC}'>";
echo "<B>Folder</B>";
echo "</td><td> </td><td> </td><td> </td>";
} else {
echo "<td align=right><font color='{$BGC}'>";
if ($arcfilesize > 0) {
if (!isset($_SESSION['Display_Size'])) {
$_SESSION['Display_Size'] = "";
}
switch ($_SESSION['Display_Size']) {
case 2:
echo NUMBER_FORMAT($arcfilesize / (1024 * 1024), 2, ',', '.');
$DES_BYTES = "mb";
break;
case 1:
echo NUMBER_FORMAT($arcfilesize / 1024, 1, ',', '.');
$DES_BYTES = "kb";
break;
default:
echo NUMBER_FORMAT($arcfilesize, 0, ',', '.');
$DES_BYTES = "bytes";
}
// switch
} else {
echo " ";
$DES_BYTES = "";
}
echo "</Td>";
echo "<Td> </Td>";
echo "<td ALIGN=left><Font COLOR={$BGC}>{$DES_BYTES}</Td>";
echo "<Td ALIGN=right><Font COLOR={$BGC}> </Td>";
}
echo '</td></font>';
// Print FileDate column
echo "<td><font color={$BGC}>";
if ($arcfileattr == 16) {
echo "<B>" . date("d/m/y H:i", $arcfiledatetime) . "</B>";
} else {
echo date("d/m/y H:i", $arcfiledatetime);
}
echo '</td></font>';
echo "<td> </td>";
echo '</tr>';
}
echo "\r\n <tr bgcolor={$BGC}>\r\n <td VALIGN=middle COLSPAN=8><CENTER>\r\n <a href=" . $_SERVER['PHP_SELF'] . "?ACTION=expand&NODE=" . $NODE . "&FILE_EXTENSION=" . $_SESSION['File_Extension'] . "{$encabezado}><B><Font COLOR={$FGC}><H3>BACK</H3>\r\n </Font></B></A>\r\n </Td>\r\n </tr>";
echo '</table></p>';
fclose($fp);
PAGE_FOOTER($BGC, $FGC);
exit;
}