function getNavMenuObj($menuid, $menuAutoGroupFile = null, $params = null) { if ($params == null) { $params = array("dbtable" => _dbtable("links"), "requiredTableList" => _db(true)->getTableList(), "requiredModuleList" => null, "sysdb" => false, "site" => SITENAME); } if ($menuAutoGroupFile != null) { if (file_exists($menuAutoGroupFile)) { $json = file_get_contents($menuAutoGroupFile); $arrMenu = json_decode($json, true); if ($arrMenu == null) { $arrMenu = array(); } else { foreach ($arrMenu as $a => $b) { if (isset($b['enabled']) && !$b['enabled'] && !$allGenerators) { unset($arrMenu[$a]); } } } } } else { $arrMenu = array(); } $sm = new AutoMenus($arrMenu); //$sm->printTitle($params['printTitle']); $sm->requiredTableList($params['requiredTableList']); $sm->requiredModuleList($params['requiredModuleList']); $sm->generateSQL($params['site'], $_SESSION["SESS_PRIVILEGE_NAME"], $params['sysdb']); return $sm; }
function order_matching_user_hase() { global $fromDate, $toDate, $tmpFromDate, $tmpToDate, $maxTradingDate, $func; //HOSE $db = _db('eps'); $db->query('call sp_getStockSymbolList("' . $maxTradingDate . '",2)'); $objs = $db->fetchAll(); $db->connect(); //Kiem tra symbol truyen vao ton tai hay khong $hasSymbol = false; $symbol = ''; if (!empty($_GET['symbol'])) { $symbol = $_GET['symbol']; } foreach ($objs as $item) { $data['StockSymbols'][] = $item['StockSymbol']; if ($symbol == $item['StockSymbol']) { $hasSymbol = true; $data['StockSymbol'] = $symbol; $data['SecurityName'] = $item['SecurityName']; } } if (!empty($data['StockSymbols'])) { $data['StockSymbols'] = json_encode($data['StockSymbols']); } //Neu co symbol thi filter theo symbol if ($hasSymbol) { $data['hase_current_security'] = get_hn_security_filter($symbol, $fromDate, $toDate); $func = 'hase.filter'; $data['symbol'] = $symbol; } else { $db->connect(); $data['maxtradingdate'] = $maxTradingDate; $db->query('call sp_HN_getCurrentMarketInfo("' . $maxTradingDate . '")'); if ($obj = $db->fetch()) { $data['hase_total_market'] = $obj; } $db->connect(); $db->query('call sp_getTopUp("' . $maxTradingDate . '",2)'); if ($objs = $db->fetchAll()) { $data['hase_top_gainers'] = $objs; } $db->connect(); $db->query('call sp_getTopDown("' . $maxTradingDate . '", 2)'); if ($objs = $db->fetchAll()) { $data['hase_top_losers'] = $objs; } $db->connect(); $db->query('call sp_getTopActive("' . $maxTradingDate . '",2)'); if ($objs = $db->fetchAll()) { $data['hase_top_last_vol'] = $objs; } $data['hase_current_security'] = get_hn_security($maxTradingDate); } $data['from_date'] = $fromDate; $data['to_date'] = $toDate; $data['chart_startdate'] = date("Y-m-d", mktime(0, 0, 0, date("m", strtotime($maxTradingDate)) - 6, date("d", strtotime($maxTradingDate)), date("Y", strtotime($maxTradingDate)))); $data['chart_today'] = $maxTradingDate; return $data; }
function saveFeedback() { $feedback = array('name' => '', 'email' => '', 'subject' => '', 'message' => '', 'userid' => $_SESSION['SESS_USER_ID'], 'blocked' => 'false', 'dtoc' => date('Y-m-d H:i:s'), 'dtoe' => date('Y-m-d H:i:s')); foreach ($feedback as $k => $v) { if (isset($_POST[$k])) { $feedback[$k] = trim($_POST[$k]); } } $sql = _db()->_insertQ1('feedbacks', $feedback); $res = _dbQuery($sql); $id = _db()->insert_id(); if ($res) { _dbFree($res); //send email to admin $mailto = "*****@*****.**"; $mailfrom = "*****@*****.**"; $feedback_content = array("name" => $_REQUEST['name'], "email" => $_REQUEST['email'], "subject" => $_REQUEST['subject'], "message" => $_REQUEST['message']); $template = _template("feedback_admin", $profile); loadHelpers('email'); sendMail($mailto, " Feedback", $template, $mailfrom); return "success"; } else { return "error"; } }
function feedindustry_feed_main() { $db = _db('stockbiz'); $db->query('SELECT SectorId FROM _prefix_sector'); $objs = $db->fetchAll(); for ($i = 0; $i < count($objs); $i++) { feedIndustryBySector($objs[$i]['SectorId']); } }
function db_ping($name = "default") { $i = _db($name); if (mysql_ping($i) == False) { mysql_close($i); unset($GLOBALS["_db_instance_{$name}"]); } return _db($name); }
function feedlastestfinalratios_feed_symbol() { $db = _db('stockbiz'); $db->query('SELECT Symbol FROM symbol'); $objs = $db->fetchAll(); for ($i = 0; $i < count($objs); $i++) { feedLastestFinalRatiosBySymbol($objs[$i]['Symbol']); } }
function registerSettings($name, $value = "", $scope = "default") { $data = array("userid" => $_SESSION['SESS_USER_ID'], "site" => SITENAME, "scope" => $scope, "name" => $name, "settings" => $value); $q = _db(true)->_insertQ1(_dbtable("settings", true), $data); $res = _dbQuery($q, true); if ($res) { return true; } else { return false; } }
function get_hn_security($date) { $db = _db('eps'); $db->connect(); $db->query('call sp_HN_getCurrentStockInfo("' . $date . '")'); $ret = $db->fetchAll(); for ($i = 0; $i < count($ret); $i++) { $result[$i]["StockSymbol"] = $ret[$i]["StockCode"]; $result[$i]["PriorClosePrice"] = $ret[$i]["BasicPrice"] / 1000; $result[$i]["ceiling"] = $ret[$i]["CeilingPrice"] / 1000; $result[$i]["floor"] = $ret[$i]["FloorPrice"] / 1000; $result[$i]["best3bid"] = $ret[$i]["BOrdPrice3"] / 1000; $result[$i]["best3bidvolume"] = $ret[$i]["BOrdQtty3"]; $result[$i]["best2bid"] = $ret[$i]["BOrdPrice2"] / 1000; $result[$i]["best2bidvolume"] = $ret[$i]["BOrdQtty2"]; $result[$i]["best1bid"] = $ret[$i]["BOrdPrice1"] / 1000; $result[$i]["best1bidvolume"] = $ret[$i]["BOrdQtty1"]; $result[$i]["best3offer"] = $ret[$i]["SOrdPrice3"] / 1000; $result[$i]["best3offervolume"] = $ret[$i]["SOrdQtty3"]; $result[$i]["best3offer"] = $ret[$i]["SOrdPrice3"] / 1000; $result[$i]["best3offervolume"] = $ret[$i]["SOrdQtty3"]; $result[$i]["best3offer"] = $ret[$i]["SOrdPrice3"] / 1000; $result[$i]["best3offervolume"] = $ret[$i]["SOrdQtty3"]; $result[$i]["best2offer"] = $ret[$i]["SOrdPrice2"] / 1000; $result[$i]["best2offervolume"] = $ret[$i]["SOrdQtty2"]; $result[$i]["best1offer"] = $ret[$i]["SOrdPrice1"] / 1000; $result[$i]["best1offervolume"] = $ret[$i]["SOrdQtty1"]; $result[$i]["last_price"] = $ret[$i]["MatchPrice"] / 1000; $result[$i]["last_volume"] = $ret[$i]["TotalTradingQtty"]; $result[$i]["LastVal"] = $ret[$i]["TotalTradingValue"]; $result[$i]["unmatch_bid"] = $result[$i]["best3bidvolume"] + $result[$i]["best2bidvolume"] + $result[$i]["best1bidvolume"]; $result[$i]["unmatch_offer"] = $result[$i]["best3offervolume"] + $result[$i]["best2offervolume"] + $result[$i]["best1offervolume"]; if ($result[$i]["last_price"] == 0) { $result[$i]["last_change"] = $result[$i]["change"] = 0; } else { $result[$i]["last_change"] = $result[$i]["change"] = ($ret[$i]["MatchPrice"] - $ret[$i]["BasicPrice"]) / 1000; } $result[$i]["fbuy"] = $ret[$i]["FBuy"]; $result[$i]["fsell"] = $ret[$i]["FSell"]; $result[$i]["currentroom"] = $ret[$i]["RemainForeignQtty"]; $result[$i]["securityname"] = $ret[$i]["SecurityName"]; $result[$i]["totaltradingquantity"] = $ret[$i]["NmTotalTradedQtty"]; $result[$i]["highestprice"] = $ret[$i]["HighestPrice"] / 1000; $result[$i]["lowestprice"] = $ret[$i]["LowestPrice"] / 1000; if ($ret[$i]["ClosePrice"] != 0) { $result[$i]["percentage_change"] = $ret[$i]["BasicPrice"] / $ret[$i]["ClosePrice"]; } else { $result[$i]["percentage_change"] = 0; } } $db->connect(); return $result; }
function news_admin_main() { $paging = new Paging('p', _result_per_page(), 1, 9); $paging->sCurrentPageClass = 'current'; $paging->sPageNextClass = 'next'; $sqlOrder = 'news_id desc'; if (!empty($_GET['sortby'])) { $sortby = $_GET['sortby']; $sort = $_GET['sort']; if ($sort == 'asc') { $sqlOrder = $sortby . ' asc'; } else { if ($sort == 'desc') { $sqlOrder = $sortby . ' desc'; } } } $sqlOrder = 'ordering DESC,is_category desc,' . $sqlOrder; $data = array(); $db = _db(); $pid = 0; $parent = null; if (!empty($_GET['pid'])) { $pid = $_GET['pid']; if ($pid != 0) { $db->prepare('SELECT news_id, parent_id FROM `_prefix_news` WHERE news_id=:ID'); $db->bindValue(':ID', $pid, PARAM_INT); $db->execute(); if ($parent = $db->fetch()) { $data['parent'] = $parent; } else { $pid = 0; } } } $cats[0] = '-- Không thuộc nhóm --'; getCategoryList($cats); $data['category'] = $cats; $db->prepare('SELECT SQL_CALC_FOUND_ROWS ordering ,is_quantam, is_tieudiem,news_id, news_created, news_title, is_category, is_enabled, is_showintroimage,introimage FROM `_prefix_news` WHERE parent_id=:PARENT_ID ORDER BY :ORDER LIMIT :OFFSET, :TOTAL'); $db->bindValue(':PARENT_ID', $pid, PARAM_INT); $db->bindValue(':ORDER', $sqlOrder, PARAM_NONE); $db->bindValue(':OFFSET', $paging->getResultRowStart(), PARAM_INT); $db->bindValue(':TOTAL', _result_per_page(), PARAM_INT); $db->execute(); die('xyz'); if ($items = $db->fetchAll()) { $data['items'] = $items; } //Lay tong cong so record $paging->nTotalRow = $db->total_last_limit_query(); $data['paging'] = $paging; return $data; }
function push_user_upcom() { $db = _db('eps'); $db->query('call sp_upcom_getCurrentMarketInfo("' . maxTradingDate() . '")'); if ($data = $db->fetch()) { $obj['MarketIndex'] = _num_format($data['MarketIndex']); $obj['CHGIndex'] = _num_format($data['CHGIndex']); $obj['PCTIndex'] = _num_format($data['PCTIndex']); echo json_encode($obj); } exit(0); }
function companyrank_user_main() { $db = _db('stockbiz'); $data = array(); $view = 0; if (!empty($_GET['view'])) { $view = intval($_GET['view']); } if (!empty($_GET['sectorid'])) { $sectorId = intval($_GET['sectorid']); //{Lay thong tin nganh $db->query('SELECT * FROM _prefix_sector WHERE SectorId=' . $sectorId); if ($result = $db->fetch()) { //{Lay cac linh vuc thuoc nganh $db->query('SELECT * FROM _prefix_industry WHERE SectorId=' . $sectorId); $result['Industries'] = $db->fetchAll(); //} $data['sector'] = $result; } //} //{Lay cac cong ty thuoc linh vuc $db->query('SELECT c.Symbol,CompanyName,LFY,Quarter,Year,MarketCapitalization/1000000000 AS MarketCapitalization,DilutedPE_LFY,DilutedPE_TTM FROM _prefix_companyinfo c, _prefix_lastestfinancialratios f WHERE c.Symbol=f.Symbol AND c.IndustryID IN (SELECT IndustryID FROM _prefix_industry WHERE SectorId=' . $sectorId . ')'); if ($result = $db->fetchAll()) { $data['company'] = $result; } //} $data['display'] = 'sector'; } elseif (!empty($_GET['industryid'])) { $industryId = intval($_GET['industryid']); //{Lay thong tin nganh $db->query('SELECT * FROM _prefix_industry WHERE IndustryId=' . $industryId); if ($result = $db->fetch()) { //{Lay cac linh vuc thuoc nganh $db->query('SELECT * FROM _prefix_sector WHERE SectorId=' . $result['SectorId']); $data['sector'] = $db->fetch(); //} $data['industry'] = $result; } //} //{Lay cac cong ty thuoc nganh $db->query('SELECT c.Symbol,CompanyName,LFY,Quarter,Year,MarketCapitalization/1000000000 AS MarketCapitalization,DilutedPE_LFY,DilutedPE_TTM FROM _prefix_companyinfo c, _prefix_lastestfinancialratios f WHERE c.Symbol=f.Symbol AND c.IndustryID=' . $industryId); if ($result = $db->fetchAll()) { $data['company'] = $result; } //} $data['display'] = 'industry'; } $data['view'] = $view; return $data; }
function getGroupInfo($groupid) { $sql = _db(true)->_selectQ(_dbTable("users_group", true), "*")->_where(array("id" => $groupid)); if (!isset($_SESSION['SESS_PRIVILEGE_ID']) || $_SESSION['SESS_PRIVILEGE_ID'] > ROLE_PRIME) { $sql->_where(["guid" => $data['SESS_GUID']]); } $data = $sql->_GET(); if ($data) { return $data[0]; } else { return false; } }
function currentSession($date) { global $_session; if ($_session == -1) { $db = _db('eps'); $db->query('call sp_getSession_MarketStat(' . maxTradingDate($date) . ');'); $result = $db->fetch(); $_session = $result['Session']; //reset lai de o ngoai khong phai connect $db->connect(); } return $_session; }
function new_warning_post($post_or_userid, $subject, $message, $points, $KIND) { global $userdata, $settings, $locale; if ($KIND == "Forum") { $new_warning_sql = dbquery("SELECT post_id, thread_id, forum_id, post_author FROM " . DB_POSTS . " WHERE post_id='" . $post_or_userid . "'"); } if ($KIND == "Other" || dbrows($new_warning_sql) != 0) { if ($KIND == "Forum") { $post_warn_data = dbarray($new_warning_sql); $warnuser_id = $post_warn_data['post_author']; $post = $post_or_userid; $threadid = $post_warn_data['thread_id']; $forumid = $post_warn_data['forum_id']; } else { $warnuser_id = $post_or_userid; $post = "0"; $threadid = "0"; $forumid = "0"; } $insertdate = date("U"); $sql = dbquery("INSERT INTO " . DB_WARNING . "\r\n\t\t(warn_kind, user_id, post_id, thread_id, forum_id, warn_subject, warn_message, warn_point, warn_admin, warn_datestamp)\r\n\t\tVALUES\r\n\t\t(" . _db($KIND) . ", " . _db($warnuser_id) . ", " . _db($post) . ", " . _db($threadid) . ", " . _db($forumid) . ", " . _db($subject) . ", " . _db($message) . ",\r\n\t\t" . _db($points) . ", " . _db($userdata['user_id']) . ", " . _db($insertdate) . ");"); // We need to send a PM to the warned user if ($settings['warning_set_send_pm'] == 1) { $pn_subject = stripinput(trim($locale['WARN210'])); if ($KIND == "Forum") { $in = $locale['WARN211'] . " [url=" . $settings['siteurl'] . "forum/viewthread.php?thread_id=" . $post_warn_data['thread_id'] . "&pid=" . $post_warn_data['post_id'] . "#post_" . $post_warn_data['post_id'] . "]" . GetPostTitle($post_warn_data['thread_id']) . "[/url]\n"; } else { $in = ''; } $warning_subject = dbarray(dbquery("SELECT warn_subject FROM " . DB_WARNING_CATALOG . " WHERE warn_id='" . $subject . "'")); $data_w = dbarray(dbquery("SELECT warn_length FROM " . DB_WARNING_CATALOG . " WHERE warn_id='" . (int) $subject . "'")); $warning_length = $insertdate + $data_w['warn_length'] * 86400; $pn_messages = stripinput(trim($in . $locale['WARN212'] . " " . $warning_subject['warn_subject'] . "\r\n\t\t\t\t\t\t\t\t\t" . $locale['WARN213'] . " " . $message . "\r\n\t\t\t\t\t\t\t\t\t" . $locale['WARN214'] . date($locale['WARN215'], $warning_length) . $locale['WARN216'])); if ($settings['warning_set_pm_from'] == 0) { $pn_from = $userdata['user_id']; } else { $pn_from = $settings['warning_set_pm_from']; } $result = dbquery("INSERT INTO " . DB_MESSAGES . " (message_to, message_from, message_subject, message_message, message_smileys, message_read, message_datestamp, message_folder) VALUES ('" . $warnuser_id . "','" . $pn_from . "','" . $pn_subject . "','" . $pn_messages . "','y','0','" . $insertdate . "','0')"); } // We need to send a PM to an Admin if User has more than 100 points if (show_warning_points($warnuser_id) >= 100) { $pn_subject = stripinput(trim($locale['WARN217'])); $pn_messages = stripinput(trim("The member reached the limit:\n [url=" . $settings['siteurl'] . "warning.php?lookup=" . $warnuser_id . "]" . $locale['WARN218'] . "[/url]\n You should take some actions and suspend/bann this member!")); $result = dbquery("INSERT INTO " . DB_MESSAGES . " (message_to, message_from, message_subject, message_message, message_smileys, message_read, message_datestamp, message_folder) VALUES ('" . $settings['warning_set_pm_to'] . "','" . "0" . "','" . $pn_subject . "','" . $pn_messages . "','y','0','" . $insertdate . "','0')"); } return true; } else { return false; } }
function createDataSelector($dbLink, $groupID, $allowNone = true, $format = "select", $orderBy = null, $params = array()) { if (isset($_SESSION['SESS_PRIVILEGE_ID'])) { $where = "blocked='false' && groupid='{$groupID}' and (privilege='*' OR FIND_IN_SET('{$_SESSION['SESS_PRIVILEGE_NAME']}',privilege))"; } else { $where = "blocked='false' && groupid='{$groupID}' and privilege='*'"; } if ($orderBy == null) { $where .= " ORDER BY title"; } elseif (strlen($orderBy) > 0) { $where .= " ORDER BY {$orderBy}"; } return createDataSelectorFromTable(_db(), _dbtable("lists"), "title", "value", "class", null, $where, null, false, $allowNone, $format, $params); }
function registerSettings($name, $value = "", $scope = "system") { if (is_file($value)) { $value = json_decode(file_get_contents($value), true); } $data = array("guid" => $_SESSION['SESS_GUID'], "userid" => $_SESSION['SESS_USER_ID'], "site" => SITENAME, "scope" => strtolower($scope), "name" => $name, "settings" => $value); $q = _db(true)->_insertQ1(_dbTable("settings", true), $data); $res = _dbQuery($q, true); if ($res) { return true; } else { return false; } }
public static function online() { $db = _db(); $sql = 'SELECT COUNT(*) as user_online FROM session'; $db->query($sql); $db->execute(); $useronline = $db->fetch(); $useronline = $useronline['user_online']; $min = _db_option_value('default_visitor_online'); if ($min > $useronline) { $useronline = $min; } return $useronline; }
function feedsector_feed_main() { global $_configs; $url = 'http://datafeed.stockbiz.vn/CompanyService.asmx?WSDL'; $params = array('userName' => $_configs['stockbiz_user'], 'password' => $_configs['stockbiz_pass']); if ($objs = _feed_stockbiz('GetSectors', $url, $params)) { $db = _db('stockbiz'); $objs = $objs['GetSectorsResult']['Sector']; $db->query('TRUNCATE TABLE _prefix_sector'); for ($i = 0; $i < count($objs); $i++) { $sql = buildInsertSQL('_prefix_sector', $objs[$i]); $db->query($sql); } } }
function checkUserID($userid, $site = SITENAME) { if ($userid == "root") { return true; } if (!isset($_SESSION['SESS_PRIVILEGE_ID']) || $_SESSION['SESS_PRIVILEGE_ID'] > 2) { $site = SITENAME; } $sql = _db(true)->_selectQ(_dbTable("users", true), "count(*) as cnt")->_where(array("blocked" => 'false', "userid" => $userid)); $sql1 = _db(true)->_selectQ(_dbTable("access", true), "id")->_where(array("blocked" => 'false'))->_whereRAW(' (FIND_IN_SET("' . SITENAME . '",sites) OR sites="*")'); $sql = $sql->_query("accessid", $sql1); $res = _dbQuery($sql, true); if ($res) { $data = _dbData($res, true); _dbFree($res, true); return $data[0]['cnt'] > 0 ? true : false; } return false; }
global $settings; if ($settings['enable_tags']) { $result = dbquery("SELECT tag_name FROM " . DB_TAGS . " WHERE tag_item_id='" . (int) $item_id . "' AND tag_type=" . _db($type) . ""); if (dbrows($result)) { $result = dbquery("UPDATE " . DB_TAGS . " SET tag_name=" . _db($name) . " WHERE tag_item_id='" . (int) $item_id . "' AND tag_type=" . _db($type) . ""); } else { $result = dbquery("INSERT INTO " . DB_TAGS . " (tag_item_id, tag_type, tag_name) VALUES ('" . (int) $item_id . "', " . _db($type) . ", " . _db($name) . ")"); } } } function delete_tags($item_id, $type) { $result = dbquery("DELETE FROM " . DB_TAGS . " WHERE tag_item_id='" . (int) $item_id . "' AND tag_type=" . _db($type) . ""); return $result ? true : false; } function show_tags($item_id, $type) { global $settings, $locale; if ($settings['enable_tags']) { $result = dbquery("SELECT tag_name FROM " . DB_TAGS . " WHERE tag_item_id='" . (int) $item_id . "' AND tag_type=" . _db($type)); if (dbrows($result)) { $data = dbarray($result); if ($data['tag_name'] != "") { switch ($type) { case "N": $title = $locale['tag_news']; break; case "A": $title = $locale['tag_articles']; break; case "C": $title = $locale['tag_custom']; break; case "F": $title = $locale['tag_thread']; break; default: $title = $locale['tag_custom']; } opentable($title); $tag_a = explode(",", $data['tag_name']); $tag_r = "";
function createDataSelectorFromTable($table, $columns, $where = null, $groupBy = null, $orderBy = null, $dbKey = "app") { $sqlObj = _db($dbKey)->_selectQ($table, $columns)->_where(array("blocked" => "false")); if ($where != null) { $sqlObj = $sqlObj->_where($where); } // if(isset($_SESSION['SESS_PRIVILEGE_ID'])) { // $sqlObj=$sqlObj->_where(array("privilege"=>"*")) // ->where("(privilege='*' OR FIND_IN_SET('{$_SESSION['SESS_PRIVILEGE_NAME']}',privilege))"); // } else { // $sqlObj=$sqlObj->_where(array("privilege"=>"*")); // } if (strlen($groupBy) > 0) { $sqlObj = $sqlObj->_groupby($groupBy); } if (strlen($orderBy) > 0) { $sqlObj = $sqlObj->_orderby($orderBy); } return generateSelect(_dataSQL($sqlObj)); }
function companydata_ajax_getsymbol() { if (!empty($_GET['q'])) { $sql = 'SELECT Symbol, CompanyName FROM _prefix_companyinfo WHERE Symbol LIKE ":SYMBOL%"'; if (!empty($_GET['se'])) { $se = intval($_GET['se']); $seName = ''; switch ($se) { case 1: $seName = 'HOSE'; break; case 2: $seName = 'HASTC'; break; case 3: $seName = 'UPCOM'; break; } if ($seName != '') { $sql .= ' AND Bourse="' . $seName . '"'; } } if (!empty($_GET['industry'])) { $sql .= ' AND IndustryID=' . intval($_GET['industry']); } $db = _db('stockbiz'); $db->prepare($sql); $db->bindValue(':SYMBOL', $_GET['q'], PARAM_NONE); $db->execute(); if ($symbols = $db->fetchAll()) { for ($i = 0; $i < count($symbols); $i++) { echo $symbols[$i]['Symbol'] . '|' . $symbols[$i]['CompanyName'] . "\n"; } } } }
function changePWD() { $userid = $_SESSION["SESS_USER_ID"]; $tbl = _dbtable("users", true); $sql1 = "SELECT pwd FROM {$tbl} WHERE userid='{$userid}'"; $r = _dbQuery($sql1, true); $ra = _dbData($r); if (!isset($ra[0])) { $q = array("code" => "1", "msg" => "Error In Changing Password (1)."); echo json_encode($q); exit; } $ra = $ra[0]; $_POST["old"] = getPWDHash($_POST["old"]); $_POST["new"] = getPWDHash($_POST["new"]); //printArray($ra); //printArray($_POST); //exit(); if ($ra["pwd"] != $_POST["old"]) { $q = array("code" => "0", "msg" => "Old Password Doesn't Match. Please Use Correct Credentials. (2)"); echo json_encode($q); exit; } $oldPwd = $_POST["old"]; $newPwd = $_POST["new"]; $date = date("Y-m-d"); $q = "UPDATE {$tbl} SET pwd = '{$newPwd}', doe = '{$date}' WHERE userid='{$userid}' and pwd='{$oldPwd}'"; _dbQuery($q, true); if (_db(true)->affected_rows() <= 0) { $q = array("code" => "0", "msg" => "Old Password Doesn't Match. Please Use Correct Credentials.(3)"); echo json_encode($q); } else { $q = array("code" => "1", "msg" => "Successfully Updated Your New Password"); echo json_encode($q); } }
} } } displayLocalImage("images/warning.png", "view"); } elseif (strtolower($_REQUEST['loc']) == "dbfile") { $dbtbl = ""; if (isset($_REQUEST['dbtbl'])) { $dbtbl = $_REQUEST['dbtbl']; } else { $dbtbl = _dbtable("files"); } $sql = "SELECT file_name,file_type,file_data,file_size FROM {$dbtbl} WHERE ID=" . $_REQUEST['file']; $result = _db()->executeQuery($sql); if ($result) { if (_db()->recordCount($result) > 0) { $record = _db()->fetchData($result); $darr = explode(".", $record["file_name"]); $ext = $darr[sizeOf($darr) - 1]; printHeader($record["file_name"], $type); echo $record["file_data"]; exit; } } displayLocalImage("images/warning.png", "view"); } else { displayLocalImage("images/forbidden.png", "view"); } } else { displayLocalImage("images/warning.png", "view"); } exit;
function updateUser($attrs = array(), $userID = null, $site = SITENAME) { if (!isset($_SESSION['SESS_PRIVILEGE_ID']) || $_SESSION['SESS_PRIVILEGE_ID'] > ROLE_PRIME) { $site = SITENAME; $userID = $_SESSION['SESS_USER_ID']; } if ($userID == null && isset($_SESSION['SESS_USER_ID'])) { $userID = $_SESSION['SESS_USER_ID']; } if (checkUserID($userID, $site)) { $dataUser = $attrs; $reqParams = explode(",", getConfig("USER_CREATE_REQUIRED_FIELDS")); foreach ($reqParams as $vx) { if (isset($dataUser[$vx]) && ($dataUser[$vx] == null || strlen($dataUser[$vx]) <= 0)) { return array("error" => "Missing Field", "field" => $vx); } } //Check PrivilegeID if required if (isset($dataUser['privilegeid'])) { $privilegeID = $dataUser['privilegeid']; $sql = _db(true)->_selectQ(_dbTable("privileges", true), "count(*) as cnt")->_where(array("id" => $privilegeID))->_raw(" AND (site='" . SITENAME . "' OR site='*')"); $res = _dbQuery($sql, true); if (!$res) { return array("error" => "PrivilegeID Query Error"); } $data = _dbData($res, true); _dbFree($res, true); if ($data[0]['cnt'] <= 0) { return array("error" => "PrivilegeID Not Found This Site {$site}"); } } //Check AccessID if required if (isset($dataUser['accessid'])) { $accessID = $dataUser['accessid']; $sql = _db(true)->_selectQ(_dbTable("access", true), "count(*) as cnt")->_where(array("blocked" => 'false', "id" => $accessID))->_raw(" AND (FIND_IN_SET('" . SITENAME . "',sites) OR sites='*')"); $res = _dbQuery($sql, true); if (!$res) { return array("error" => "AccessID Query Error"); } $data = _dbData($res, true); _dbFree($res, true); if ($data[0]['cnt'] <= 0) { return array("error" => "AccessID Not Found For This Site {$site}"); } } $sql = _db(true)->_updateQ(_dbtable("users", true), $dataUser, array("userid" => "{$userID}")); $res = _dbQuery($sql, true); if ($res) { return true; } return array("error" => "Error In User Updating", "details" => _db(true)->get_error()); } return array("error" => "UserID Not Found"); }
function get_hcm_security($date) { $session = currentSession($date); $db = _db('eps'); $db->connect(); $db->query('call sp_current_security("' . $date . '")'); if ($result = $db->fetchAll()) { $total_value = 0; for ($i = 0; $i < count($result); $i++) { $total_value += $result[$i]["session_one_price"] * $result[$i]["session_one_vol"] + $result[$i]["session_two_price"] * $result[$i]["session_two_vol"] + $result[$i]["Last"] * ($result[$i]["LastVol"] * 10 - $result[$i]["session_one_vol"] - $result[$i]["session_two_vol"]); } /*echo '3146795997.795688<br/>'; echo $total_value; die(); $total_value /=10;*/ for ($i = 0; $i < count($result); $i++) { $result[$i]["session_one_price"] = $result[$i]["session_one_price"]; $result[$i]["session_one_vol"] = $result[$i]["session_one_vol"] * 10; $result[$i]["session_two_price"] = $result[$i]["session_two_price"]; $result[$i]["session_two_vol"] = $result[$i]["session_two_vol"] * 10; $result[$i]["session_three_vol"] = $result[$i]["LastVol"] * 10 - $result[$i]["session_one_vol"] - $result[$i]["session_two_vol"]; $result[$i]["LastVal"] = $result[$i]["session_one_price"] * $result[$i]["session_one_vol"] * 10 + $result[$i]["session_two_price"] * $result[$i]["session_two_vol"] * 10 + $result[$i]["Last"] * $result[$i]["session_three_vol"] * 10; if ($result[$i]["PriorClosePrice"] != 0) { $result[$i]["percentage_change"] = round(($result[$i]["Last"] - $result[$i]["PriorClosePrice"]) / $result[$i]["PriorClosePrice"] * 100, 2); } else { $result[$i]["percentage_change"] = 0; } $result[$i]["PriorClosePrice"] = $result[$i]["PriorClosePrice"]; $result[$i]["last_change"] = ""; switch ($session) { case "1": // pre open price $result[$i]["last_price"] = $result[$i]["ProjectOpen"]; if ($result[$i]["last_price"] != NULL && $result[$i]["last_price"] != "" && $result[$i]["last_price"] != 0) { $result[$i]["last_change"] = $result[$i]["ProjectOpen"] - $result[$i]["PriorClosePrice"]; } $result[$i]["last_volume"] = ""; break; case "2": // open price + last price $result[$i]["last_price"] = $result[$i]["last"]; if ($result[$i]["last_price"] != NULL && $result[$i]["last_price"] != "" && $result[$i]["last_price"] != 0) { $result[$i]["last_change"] = $result[$i]["Last"] - $result[$i]["PriorClosePrice"]; } $result[$i]["last_volume"] = $result[$i]["LastVol"] * 10; break; case "3": // pre close price $result[$i]["last_price"] = $result[$i]["ProjectOpen"]; if ($result[$i]["last_price"] != NULL && $result[$i]["last_price"] != "" && $result[$i]["last_price"] != 0) { $result[$i]["last_change"] = $result[$i]["ProjectOpen"] - $result[$i]["PriorClosePrice"]; } $result[$i]["last_volume"] = ""; break; case "0": case "4": case "5": default: // close price $result[$i]["last_price"] = $result[$i]["Last"]; if ($result[$i]["last_price"] != NULL && $result[$i]["last_price"] != "" && $result[$i]["last_price"] != 0) { $result[$i]["last_change"] = $result[$i]["Last"] - $result[$i]["PriorClosePrice"]; } $result[$i]["last_volume"] = $result[$i]["LastVol"] * 10; break; } if ($total_value != 0) { $result[$i]["ratio"] = round($result[$i]["LastVal"] / $total_value * 10000, 2); } $result[$i]["LastVol"] = $result[$i]["LastVol"] * 10; $result[$i]["change"] = $result[$i]["last_change"]; $result[$i]["unmatch_bid"] = ($result[$i]["Best1BidVolume"] + $result[$i]["Best2BidVolume"] + $result[$i]["Best3BidVolume"]) * 10; $result[$i]["unmatch_offer"] = ($result[$i]["Best1OfferVolume"] + $result[$i]["Best2OfferVolume"] + $result[$i]["Best3OfferVolume"]) * 10; } $db->connect(); return $result; } $db->connect(); }
</div> </div> <br/> <div class="form-inline"> <div class="form-group"> <label>Logiks Package</label> <select class="form-control" name="package_id" id="package_id" value="<?php if (isset($apiDetails['package_id'])) { echo $apiDetails['package_id']; } ?> "> <?php echo createDataSelector(_db(), "packages"); ?> </select> </div> </div> <div id='form-buttons-bar' class="form-group form-buttons"> <button type="reset" class="btn btn-danger" id="cancel">Cancel</button> <button type="submit" class="btn btn-default" id="submitApi">Submit</button> </div> </form> <div style="display:none"> <form id='api_upload_form' method="post" enctype="multipart/form-data" action="<?php echo SiteLocation; ?> services/?scmd=api&site=<?php
/** * function getGuideDetails returns the array of guide details of given id * @param $id |md5() * @return success/error **/ function getGuideDetails($id) { $cols = " *,guides_tbl.type as category,guides_tbl.guide_group as subcategory"; $whr = "blocked='false' AND md5(id)='" . $id . "'"; $sql = _db()->_selectQ('guides_tbl', $cols, $whr); $res = _dbQuery($sql); $data = _dbFetch($res); if (isset($data['author'])) { $data['authorid'] = extractUserID($data['author']); } else { $data['authorid'] = ""; } if (isset($data['creator'])) { $data['creatorid'] = extractUserID($data['creator']); } else { $data['creatorid'] = ""; } if ($data['authorid'] == $_SESSION['SESS_USER_ID'] || $data['creatorid'] == $_SESSION['SESS_USER_ID']) { $data['editable'] = "true"; $data['edit_url'] = _link("guides") . "/edit/" . md5($data['id']); } elseif (checkUserRoles("guides", "Allow Editing All Guides")) { $data['editable'] = "true"; $data['edit_url'] = _link("guides") . "/edit/" . md5($data['id']); } else { $data['editable'] = "false"; } if (checkUserRoles("guides", "Allow Editing All Guides")) { $data['viewable'] = true; } elseif ($data['status'] == "draft") { if ($data['authorid'] == $_SESSION['SESS_USER_ID'] || $data['creatorid'] == $_SESSION['SESS_USER_ID']) { $data['viewable'] = true; } else { $data['viewable'] = false; } } else { $data['viewable'] = true; } return $data; }
function belongToEPS($parent_id) { $db = _db(); $db->query('SELECT parent_id, news_alias FROM _prefix_news WHERE is_category=1 AND news_id=' . $parent_id); if ($obj = $db->fetch()) { if ($obj['news_alias'] == 'TINEPS') { return true; } return belongToEPS($obj['parent_id']); } return false; }
echo "<br/>\n<textarea name='notes_content' id='notes_content' class='textbox' cols='20' rows='4' style='width:140px'></textarea><br />\n"; echo "" . display_bbcodes("150px;", "notes_content", "notes_form", "smiley|b|u|url") . ""; echo "<input type='submit' id='notes_submit' name='notes_submit' class='button' value='" . $locale['note_02'] . "' />\n"; echo "</form>\n"; echo "</div><br />\n"; $result = dbquery("SELECT note_id, note_name, note_text, note_datestamp FROM " . DB_ADMIN_NOTES . " ORDER BY note_id DESC"); echo "<div class='admin_notes' id='notes_q'>"; echo "<div id='note_loading'></div>\n"; while ($data = dbarray($result)) { echo "<div style='float:left' class='admin_note'>"; echo "<strong>" . $data['note_name'] . "</strong> "; echo "<a id='" . $data['note_id'] . "' href='" . FUSION_SELF . "?id=" . $data['note_id'] . "'>"; echo "<img class='loding' src='" . get_image("cancel") . "' title='" . $locale['note_03'] . "?' alt='" . $locale['note_03'] . "?' style='border:0;margin:0;vertical-align:bottom;' />"; echo "</a><img src='' alt='' style='height:16px;width:0px;' /><br />"; echo "<div class='shoutboxdate'>" . showdate("%d %b %H:%M", $data['note_datestamp']) . "</div>"; echo "<div class='notify'>" . parseubb(parsesmileys($data['note_text']), "b|i|u|url") . "</div>"; echo "</div>"; } echo "</div>"; closeside(); if (isset($_POST['submit']) && @$_SERVER['HTTP_X_REQUESTED_WITH'] === 'XMLHttpRequest') { $content = trim(stripinput($_POST['content'])); $name = trim(stripinput($_POST['name'])); $ins = dbquery("INSERT INTO " . DB_ADMIN_NOTES . " (note_text, note_name, note_datestamp) VALUES (" . _db($content) . ", " . _db($name) . ", '" . time() . "')"); } elseif (isset($_GET['id']) && @$_SERVER['HTTP_X_REQUESTED_WITH'] === 'XMLHttpRequest') { $id = trim(stripinput($_GET['id'])); $delete = dbquery("DELETE FROM " . DB_ADMIN_NOTES . " WHERE note_id=" . _db($id)); return $locale['note_04']; } } require_once TEMPLATES . "footer.php";