function checkLogin($login, $pass)
{
$db = new Database();
//Traigo el usuario
$q = "select salt from jugador where login='******' limit 1";
$r = $db->query($q);
//Controlo que exista el usuario con el login $login
if ($db->num_rows($r) > 0) {
//Traigo el registro
$data = $db->fetch_array($r);
$salt_db = $data['salt'];
//Genero el mismo hash que se creo al registrar jugador
$hashedpass = hash('sha512', $pass . $salt_db);
$q2 = "select * from jugador where login='******' and pass=PASSWORD('{$hashedpass}')";
$r2 = $db->query($q2);
if ($db->num_rows($r2) > 0) {
return 1;
} else {
return 0;
}
} else {
alertMessage('El usuario no existe');
exit;
}
$db->close();
}
public function buscarFuncionario($nomeFunc = null, $loginFunc = null, $nivelAcessoFunc = null)
{
$result = null;
if (!isset($_SESSION)) {
session_start();
}
if (!isset($_SESSION['restaurante'])) {
session_destroy();
alertMessage("Erro ao tentar acessar a página.Por favor faça o login novamente!", base_url());
exit;
}
if (!empty($nomeFunc)) {
$this->_db->like("nome_funcionario", $nomeFunc);
}
if (!empty($loginFunc)) {
$this->_db->where("login", $loginFunc);
}
if (!empty($nivelAcessoFunc)) {
$this->_db->where("nivel_acesso", $nivelAcessoFunc);
}
$this->_db->where("id_restaurante", $_SESSION['restaurante']);
$query = $this->_db->get("funcionario");
/* echo $this->_db->last_query();
exit;*/
if ($query->num_rows() > 0) {
$result = $query->result_array();
}
return $result;
}
public function upload_domains()
{
$config['upload_path'] = './uploads/';
$config['allowed_types'] = 'xlsx|csv|xls';
$this->load->library('upload', $config);
if (!$this->upload->do_upload()) {
$message = alertMessage($this->upload->display_errors(), 'danger');
} else {
$data = array('upload_data' => $this->upload->data());
$file_name = $data['upload_data']['file_name'];
$full_path = $data['upload_data']['full_path'];
$objPHPExcel = PHPExcel_IOFactory::load($full_path);
$cell_collection = $objPHPExcel->getActiveSheet()->getCellCollection();
foreach ($cell_collection as $cell) {
$column = $objPHPExcel->getActiveSheet()->getCell($cell)->getColumn();
$row = $objPHPExcel->getActiveSheet()->getCell($cell)->getRow();
$data_value = $objPHPExcel->getActiveSheet()->getCell($cell)->getValue();
$userdata[$row][$column] = $data_value;
}
$ctrow = $row;
//to count the number of rows
$row = 1;
// to set the row to the 1st row
for ($ctr = 1; $ctr <= $ctrow; $ctr++) {
$domains = $userdata[$row]['A'];
//the cell in column A
if (empty($domains)) {
$message = alertMessage('a cell from "domain" column is empty', 'danger');
} else {
if ($this->shops->checkDomain($domains) >= 1) {
$message = alertMessage('There is an existing domain.<br/>' . $domains . " is already existing", 'danger');
} else {
$save = array("domains" => $domains, "status" => "0", "shop" => "none");
$this->shops->save_domain($save);
$row++;
}
}
}
}
$this->session->set_flashdata('message', $message);
// $this->session->set_flashdata('failed', $failed);
redirect("Domans/index");
}
function validateLogin()
{
if (isset($_POST['submitLogin'])) {
//check if these values are set and not blank.
if (isset($_POST['username']) && isset($_POST['password']) && $_POST['username'] != "" && $_POST['password'] != "") {
$username = isset($_POST['username']) ? addslashes($_POST['username']) : '';
$password = isset($_POST['password']) ? sha1(addslashes($_POST['password'])) : '';
$loginSuccessful = login($username, $password);
//login function will set the session === 1
if ($loginSuccessful == false) {
$message = 'Error: Invalid username or password.';
}
} else {
$message = 'Error: Invalid username or password.';
}
if (isset($message)) {
alertMessage($message);
}
//display alert message;
}
}
} else {
$forumlisting->set_var('newposts_link', '');
}
$forumlisting->parse('categorymenu_link', 'categorymenu_link');
} else {
$forumlisting->set_var('newposts_link', '');
$forumlisting->set_var('markread_link', '');
$forumlisting->set_var('categorymenu_link', '');
}
$forumlisting->parse('category_records', 'category_record', true);
$forumlisting->parse('forum_records', '');
}
}
if ($numCategories == 0) {
// Do we have any categories defined yet
$display .= alertMessage($LANG_GF01['MSG_NO_CAT'], $LANG_GF01['ERROR'], false);
}
$forumlisting->parse('output', 'forumlisting');
$display .= $forumlisting->finish($forumlisting->get_var('output'));
//$exectime = $mytimer->stopTimer();
//COM_errorLog("End of Listing - time:$exectime");
}
// Display Forums
if ($forum > 0) {
$topiclisting = COM_newTemplate(CTL_plugin_templatePath('forum'));
$topiclisting->set_file(array('topiclisting' => 'topiclisting.thtml', 'forum_icons' => 'forum_icons.thtml', 'forum_links' => 'forum_links.thtml'));
$topiclisting->set_block('topiclisting', 'topic_record');
$topiclisting->set_block('topiclisting', 'no_records_message');
$blocks = array('new_icon', 'quiet_icon', 'active_icon', 'normal_icon', 'normalnew_icon', 'sticky_icon', 'stickynew_icon', 'locked_icon', 'lockednew_icon', 'sort_desc', 'sort_desc_on', 'sort_asc', 'sort_asc_on');
foreach ($blocks as $block) {
$topiclisting->set_block('forum_icons', $block);
} elseif ($action == "doCutFolder") {
/**
* 执行剪切文件夹
* 2014-12-03 16:01:57
*/
$dstname = $_REQUEST["dstname"];
//echo $path."/".$dstname."/".basename($dirname);
$message = cutFolder($dirname, $path . "/" . $dstname);
alertMessage($message, $redirect);
} elseif ($action == "delFolder") {
/*
* 删除文件夹
* 2014-12-03 18:37:08
*/
$message = delFolder($dirname);
alertMessage($message, $redirect);
}
}
}
?>
<!DOCTYPE html>
<hmtl>
<head>
<meta http-equiv="content-type" content="text/html" charset="utf-8"/>
<title>在线文件管理器</title>
<link rel="stylesheet" href="css/cikonss.css"/>
<script type="text/javascript" src="js/jquery.js"></script>
<script type="text/javascript" src="js/jquery-ui.js"></script>
<link rel="stylesheet" href="css/jquery-ui.css"/>
<style type="text/css">
body,p,div,ul,ol,table,dl,dd,dt{
}
}
}
// Moderator or logged-in User is editing their topic post
if ($_USER['uid'] > 1 and $editAllowed) {
// Check to see if user has this topic or complete forum is selected for notifications
$fields1 = array('topic_id', 'uid');
$values1 = array($id, $edittopic['uid']);
$fields2 = array('topic_id', 'forum_id', 'uid');
$values2 = array(0, $edittopic['forum'], $edittopic['uid']);
// Check if there are any notification records for the topic or the forum - topic_id = 0
if (DB_count($_TABLES['gf_watch'], $fields1, $values1) > 0 or DB_count($_TABLES['gf_watch'], $fields2, $values2) > 0) {
$notify_val = 'checked="checked"';
}
} else {
alertMessage($LANG_GF02['msg72'], $LANG_GF02['msg191']);
exit;
}
}
// PREVIEW TOPIC
$numAttachments = 0;
if ($_REQUEST['preview'] == $LANG_GF01['PREVIEW']) {
$previewitem = array();
if ($method == 'edit') {
$previewitem['uid'] = $edittopic['uid'];
$previewitem['name'] = $edittopic['name'];
/* Check for any uploaded files */
$editpost = COM_applyfilter($_POST['id'], true);
$previewitem['id'] = $editpost;
gf_check4files($editpost);
$numAttachments = DB_count($_TABLES['gf_attachments'], 'topic_id', $editpost);
// Pass thru filter any get or post variables to only allow numeric values and remove any hostile data
$highlight = isset($_REQUEST['highlight']) ? COM_applyFilter($_REQUEST['highlight']) : '';
$lastpost = isset($_REQUEST['lastpost']) ? COM_applyFilter($_REQUEST['lastpost']) : '';
$mode = isset($_REQUEST['mode']) ? COM_applyFilter($_REQUEST['mode']) : '';
$msg = isset($_GET['msg']) ? COM_applyFilter($_GET['msg']) : '';
$onlytopic = isset($_REQUEST['onlytopic']) ? COM_applyFilter($_REQUEST['onlytopic']) : '';
$page = isset($_REQUEST['page']) ? COM_applyFilter($_REQUEST['page'], true) : '';
$show = isset($_REQUEST['show']) ? COM_applyFilter($_REQUEST['show'], true) : '';
$showtopic = isset($_REQUEST['showtopic']) ? COM_applyFilter($_REQUEST['showtopic'], true) : '';
$result = DB_query("SELECT forum, pid, subject FROM {$_TABLES['forum_topic']} WHERE id = '{$showtopic}'");
// <- new
list($forum, $topic_pid, $subject) = DB_fetchArray($result);
// <- new
if ($topic_pid == '') {
$display .= COM_startBlock();
$display .= alertMessage($LANG_GF02['msg172'], $LANG_GF02['msg171']);
$display .= COM_endBlock();
$display = COM_createHTMLDocument($display);
COM_output($display);
exit;
}
if ($topic_pid != 0) {
$showtopic = $topic_pid;
}
if ($onlytopic == 1) {
// Send out the HTML headers and load the stylesheet for the iframe preview
switch ($_CONF['doctype']) {
case 'html401transitional':
$display .= '<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">' . LB;
break;
case 'html401strict':
function forum_chkUsercanAccess($secure = false)
{
global $_CONF, $LANG_GF01, $LANG_GF02, $CONF_FORUM, $_USER;
if ($CONF_FORUM['registration_required'] && COM_isAnonUser()) {
$display = COM_siteHeader();
$message = sprintf($LANG_GF01['loginreqview'], '<a href="' . $_CONF['site_url'] . '/users.php?mode=new">', '<a href="' . $_CONF['site_url'] . '/users.php">');
$display .= alertMessage($message);
$display .= COM_siteFooter();
COM_output($display);
exit;
//} elseif ($secure AND empty($_USER['uid'])) {
} elseif ($secure and empty($_USER['uid'])) {
$display = COM_siteHeader();
$message = sprintf($LANG_GF01['loginreqfeature'], '<a href="' . $_CONF['site_url'] . '/users.php?mode=new">', '<a href="' . $_CONF['site_url'] . '/users.php">');
$display .= alertMessage($message, $LANG_GF01['ACCESSERROR']);
$display .= COM_siteFooter();
COM_output($display);
exit;
}
}
exit;
}
}
if ($method == 'newtopic' && $newtopic['is_readonly'] == 1) {
/* Check if this user has moderation rights now to allow a post to a locked topic */
if (!forum_modPermission($forum, $_USER['uid'], 'mod_edit')) {
$display .= alertMessage($LANG_GF02['msg87'], $LANG_GF01['ERROR']);
$display = gf_createHTMLDocument($display);
COM_output($display);
exit;
}
}
if ($method == 'postreply' and $edittopic['locked'] == 1 || $edittopic['is_readonly'] == 1) {
/* Check if this user has moderation rights now to allow a post to a locked topic */
if (!forum_modPermission($edittopic['forum'], $_USER['uid'], 'mod_edit')) {
$display .= alertMessage($LANG_GF02['msg87'], $LANG_GF01['ERROR']);
$display = gf_createHTMLDocument($display);
COM_output($display);
exit;
}
}
if ($method == 'postreply' or $method == 'edit' and $subject == '') {
$subject = $edittopic['subject'];
} else {
$subject = COM_stripslashes($subject);
}
$topicnavbar = COM_newTemplate(CTL_plugin_templatePath('forum'));
$topicnavbar->set_file(array('topicnavbar' => 'submissionform_header.thtml'));
$topicnavbar->set_var('imgset', $CONF_FORUM['imgset']);
$topicnavbar->set_var('navbreadcrumbsimg', '<img alt="" src="' . gf_getImage('nav_breadcrumbs') . '"' . XHTML . '>');
$topicnavbar->set_var('navtopicimg', '<img alt="" src="' . gf_getImage('nav_topic') . '"' . XHTML . '>');
public function add()
{
if (!$this->ion_auth->logged_in()) {
redirect('auth/login', 'refresh');
}
$data['title'] = 'Add Shop';
if ($this->input->post('submit') == 'shops') {
$this->form_validation->set_rules('shopname', 'Shopname', 'required');
$this->form_validation->set_rules('hostname', 'Hostname', 'required');
$this->form_validation->set_rules('dbname', 'Database', 'required');
$shopname = $this->input->post('shopname');
$hostname = $this->input->post('hostname');
$dbname = $this->input->post('dbname');
$url = $this->input->post('url');
$ecomm = $this->input->post('ecomm') == 'on' ? 1 : 0;
$vc = $this->input->post('vc') == 'on' ? 1 : 0;
$enabled = $this->input->post('enabled') == 'on' ? 1 : 0;
$dbname = preg_replace('/\\s+/', '', $dbname);
if ($this->input->post('domainname') != '') {
$domainname = $this->input->post('domainname');
} else {
$domainid = $this->input->post('domainid');
$domainname = $this->shops->get_domain_id($domainid);
}
$save = array("shopname" => $shopname, "domainname" => $domainname, "hostname" => $hostname, "dbname" => $dbname, "url" => $url, "ecomm" => $ecomm, "vc" => $vc, "enabled" => $enabled);
if ($this->form_validation->run() == FALSE) {
//checks if the input is empty
$message = alertMessage(validation_errors(), 'danger');
} else {
if ($this->shops->checkShop($shopname) >= 1) {
//checks if the shopname is existing
$message = alertMessage('Shopname ' . $shopname . ' is already existing', 'danger');
} else {
if ($this->shops->dbChecker($dbname) >= 1) {
//checks if the database is existing in `shops` table
$message = alertMessage('Database ' . $dbname . ' is already existing', 'danger');
} else {
if ($this->dbutil->database_exists($dbname)) {
//checks if the shopname is existing
$message = alertMessage('Database ' . $dbname . ' is already existing', 'danger');
} else {
$result = $this->shops->addShop($save);
if ($result) {
#added by obey
//to create a DB
$update = array("status" => 1, "shop" => $shopname);
$this->shops->update_domain($domainid, $update);
#end added by obey
// $connected = $this->shops->getNewConnection($save['domainname']);
// if($this->load->database($connected->dbname,TRUE)==true){
// die('heiro');
// }
// die('mis');
$message = alertMessage('Shop Created!', 'Success');
$this->session->set_flashdata('message', $message);
//$data['domains'] = $this->shops->get_inactive_domains();
redirect("shops");
} else {
//$data['msg'] = 'Database error occured!';
$message = alertMessage('Database error occured!', 'danger');
}
}
}
}
}
$this->session->set_flashdata('message', $message);
}
$data['domains'] = $this->shops->get_inactive_domains();
$this->load->view('addshops', $data);
}
//Traigo las clases Antes del POST para ver los grupos en la barra izquierda
include_once "../classes/jugador.php";
include_once "../classes/grupo.php";
include_once "../security.php";
//Mysql Inyection
$db = new Database();
$nombre = $db->checkInjection($_POST['nombre']);
$id = $db->checkInjection($_POST['grupo']);
//Si eligio imagen y pudo subirse al server
if (uploadPhoto("{$id}.jpg", 'grupos')) {
$path = "../images/grupos/{$id}.jpg";
} else {
$path = "../images/grupos/default.jpg";
}
$g = new grupo();
//Le asigno los datos al grupo creado arriba
$g->setNombre($nombre);
$g->setFoto($path);
$g->setId($id);
//Guardo el objeto en la Db
if ($g->objectToDb()) {
if ($g->addAdmin($_SESSION['id'])) {
alertMessage("Grupo Creado con Éxito");
} else {
alertMessage("Hubo un error Agregandote al Grupo");
}
} else {
alertMessage("Hubo un error Creando el grupo");
}
}
//Fin si esta seteado el nombre del grupo
$forum = isset($_REQUEST['forum']) ? COM_applyFilter($_REQUEST['forum'], true) : '';
$id = isset($_REQUEST['id']) ? COM_applyFilter($_REQUEST['id'], true) : '';
$msg = isset($_GET['msg']) ? COM_applyFilter($_GET['msg'], true) : '';
$notifytype = isset($_REQUEST['filter']) ? COM_applyFilter($_REQUEST['filter']) : '';
$op = isset($_REQUEST['op']) ? COM_applyFilter($_REQUEST['op']) : '';
$page = isset($_GET['page']) ? COM_applyFilter($_GET['page'], true) : '';
$show = isset($_GET['show']) ? COM_applyFilter($_GET['show'], true) : '';
$topic = isset($_REQUEST['topic']) ? COM_applyFilter($_REQUEST['topic'], true) : '';
//Check is anonymous users can access - and need to be signed in
forum_chkUsercanAccess(true);
$display = '';
// Debug Code to show variables
$display .= gf_showVariables();
// Display warning if no email found (usually happens with user oauth accounts)
if ($_USER['email'] == '' or !COM_isEmail($_USER['email'])) {
$display .= alertMessage($LANG_GF02['msg145'], $LANG_GF01['WARNING'], false);
}
if ($msg == 1) {
$display .= COM_showMessageText($LANG_GF02['msg146']);
}
// NOTIFY CODE -> SAVE
if (isset($_REQUEST['submit'])) {
if ($_REQUEST['submit'] == 'save' && $id != 0) {
$sql = "SELECT * FROM {$_TABLES['forum_watch']} WHERE ((topic_id='{$id}') AND (uid='{$_USER['uid']}') OR ";
$sql .= "((forum_id='{$forum}') AND (topic_id='0') AND (uid='{$_USER['uid']}')))";
$notifyquery = DB_query("{$sql}");
$pid = DB_getItem($_TABLES['forum_topic'], 'pid', "id='{$id}'");
if ($pid == 0) {
$pid = $id;
}
if (DB_numRows($notifyquery) > 0) {
include_once "../checkSession.php";
include_once "../functions.php";
//Si esta seteado el ID del grupo donde se creara el evento
if (isset($_GET['id'])) {
include_once "../classes/conexiones.php";
include_once "../security.php";
include_once "../classes/jugador.php";
include_once "../classes/grupo.php";
include_once "../classes/evento.php";
$idG = $_GET['id'];
$g = new grupo();
$g->xId($idG);
//Traigo al jugador logueado
$j = new jugador();
$j->xId($_SESSION['id']);
//Chequeo si el usuario con sesion abierta es Admin del grupo
if (!$j->isAdmin($idG)) {
echo "Usted no es administrador del grupo";
exit;
}
$e = new evento();
$id = $e->nextId();
$tipos = $e->allEventTypes();
//Los nombre de los jugadores para abajo del nombre del grupo
$nombresJ = $g->nombreJugadores();
//Traigo la vista
include_once "../view/createEvent.php";
}
//Fin si esta seteado el ID de grupo
alertMessage("No se encuentra seleccionado ningún Grupo");
function moderator_error($type)
{
global $forum_id, $_CONF, $LANG_GF02, $LANG_GF01;
$display = '';
if ($type == ACCESS_DENIED) {
echo COM_refresh($_CONF['site_url'] . '/forum/index.php');
exit;
}
$display = FF_siteHeader();
$display .= FF_ForumHeader($forum_id, '');
$display .= alertMessage($LANG_GF02['msg166'], $LANG_GF01['WARNING'], '', true);
$display .= FF_siteFooter();
echo $display;
exit;
}
$apellido = $db->checkInjection($_POST['apellido']);
$dni = $db->checkInjection($_POST['dni']);
$sexo = $db->checkInjection($_POST['sexo']);
$celular = $db->checkInjection($_POST['celular']);
$email = $db->checkInjection($_POST['email']);
$pais = $db->checkInjection($_POST['pais']);
$localidad = $db->checkInjection($_POST['localidad']);
$login = $db->checkInjection($_POST['login']);
$pass = $db->checkInjection($_POST['pass']);
//Si eligio imagen y pudo subirse al server
if (uploadPhoto("{$login}.jpg", 'login')) {
$path = "../images/login/{$login}.jpg";
} else {
$path = "../images/login/default.jpg";
}
//Creo un jugador y le asigno los datos
$j = new jugador($nombre, $apellido, $dni, $sexo, $celular, $email, $pais, $localidad, $login, '', '', $path);
//Creo el Salt y Hasheo la password
$salt = $j->createSalt();
$hashedpass = $j->createHash($pass, $salt);
//Asigno el halt y el pass al objeto
$j->setSalt($salt);
$j->setPass($hashedpass);
if (!$j->exists()) {
$j->objectToDb();
} else {
alertMessage('El Jugador ya existe');
}
}
//Traigo la vista
include_once "../view/register.php";
if ($submit != $LANG_GF01['CANCEL']) {
if ($msg == 1) {
$display .= COM_showMessageText($LANG_GF93['modadded']);
}
if ($msg == 2) {
$display .= COM_showMessageText($LANG_GF93['moddeleted']);
}
if ($msg == 3) {
$display .= COM_showMessageText($LANG_GF93['modedited']);
}
}
$display .= COM_startBlock($LANG_GF93['mod_title']);
$navbar->set_selected($LANG_GF06['4']);
$display .= $navbar->generate();
if (DB_count($_TABLES['forum_forums']) == 0) {
$display .= alertMessage($LANG_GF93['moderatorwarning'], $LANG_GF93['moderatorwarningtitle']);
} else {
if ($submit != $LANG_GF01['CANCEL']) {
$id = isset($_POST['recid']) ? COM_applyFilter($_POST['recid'], true) : '';
$op = isset($_POST['op']) ? COM_applyFilter($_POST['op']) : '';
switch ($op) {
case 'update':
if ($id > 0 && SEC_checkToken()) {
if (!isset($_POST["chk_delete{$id}"])) {
$mod_delete = "0";
} else {
$mod_delete = "1";
}
if (!isset($_POST["chk_ban{$id}"])) {
$mod_ban = "0";
} else {
$updateQuery = "UPDATE agents SET firstName ='" . $firstName . "', lastName ='" . $lastName . "', \n\t\t\t\t\t\t\t\t\t\tphone =" . $phone . ", email ='" . $email . "' WHERE agentUsername like '" . $_SESSION['valid_user'] . "'";
} else {
if ($_SESSION['userType'] == 'c') {
$updateQuery = "UPDATE customers SET firstName ='" . $firstName . "', lastName ='" . $lastName . "', \n\t\t\t\t\t\t\t\t\t\tphone =" . $phone . ", email ='" . $email . "' WHERE customerUsername like '" . $_SESSION['valid_user'] . "'";
}
}
if (mysqli_query($conn, $updateQuery)) {
$message = 'Edit Account Info Successful!';
} else {
$message = 'Error: Unable to save changes into database.';
}
} else {
$message = 'Error: All fields must be filled.';
}
if (isset($message)) {
alertMessage($message);
}
//display alert message;
}
//display the navbar and account info.
display_userNavbar();
if ($_SESSION['userType'] == 'a') {
?>
<div class='container'>
<table>
<tr>
<td valign="top"><?php
display_agentMenu();
?>
</td>
<td> </td>
<?php
//Verifico la sesion
include_once "../checkSession.php";
include_once "../functions.php";
$checkArray = array('nombre', 'grupo');
if (checkAllPost($checkArray)) {
//Traigo las clases Antes del POST para ver los grupos en la barra izquierda
include_once "../classes/jugador.php";
include_once "../classes/grupo.php";
include_once "../security.php";
//Mysql Inyection
$db = new Database();
$nombre = $db->checkInjection($_POST['nombre']);
$id = $db->checkInjection($_POST['grupo']);
//Subo la foto al server si la eligio, sino sigo de largo
uploadPhoto("{$id}.jpg", 'grupos');
$path = "../images/grupos/{$id}.jpg";
$g = new grupo();
//Le asigno los datos al grupo creado arriba
$g->setNombre($nombre);
$g->setFoto($path);
$g->setId($id);
//Guardo el objeto en la Db
if ($g->update()) {
alertMessage("Grupo Actualizado con Éxito");
} else {
alertMessage("Hubo un error Actualizando al Grupo");
}
}
//Fin si esta seteado el nombre del grupo
USES_forum_topic();
function ff_FormatForPrint($str, $postmode = 'html', $status = 0)
{
global $_FF_CONF;
$str = FF_formatTextBlock($str, $postmode, 'preview', $status);
$str = str_replace('{', '{', $str);
$str = str_replace('}', '}', $str);
// we don't have a stylesheet for printing, so replace our div with the style...
// $str = str_replace('<div class="quotemain">','<div style="border: 1px dotted #000;border-left: 4px solid #8394B2;color:#465584; padding: 4px; margin: 5px auto 8px auto;">',$str);
return $str;
}
$id = COM_applyFilter($_REQUEST['id'], true);
if ($_FF_CONF['registration_required'] && COM_isAnonUser()) {
echo COM_siteHeader();
echo COM_startBlock();
alertMessage($LANG_GF02['msg01'], $LANG_GF02['msg171']);
echo COM_endBlock();
echo COM_siteFooter();
exit;
}
//Check is anonymous users can access
if ($id == 0 or DB_count($_TABLES['ff_topic'], "id", (int) $id) == 0) {
echo COM_siteHeader();
echo FF_statusMessage($LANG_GF02['msg166'], $_CONF['site_url'] . "/forum/index.php?forum={$forum}", $LANG_GF02['msg166']);
echo COM_siteFooter();
exit;
}
$forum = DB_getItem($_TABLES['ff_topic'], "forum", "id=" . (int) $id);
$query = DB_query("SELECT grp_name from {$_TABLES['groups']} groups, {$_TABLES['ff_forums']} forum WHERE forum.forum_id=" . (int) $forum . " AND forum.grp_id=groups.grp_id");
list($groupname) = DB_fetchArray($query);
if (!SEC_inGroup($groupname) and $grp_id != 2) {
if (isset($_POST['login']) && isset($_POST['pass'])) {
include_once "../classes/conexiones.php";
include_once "../classes/jugador.php";
include_once "../functions.php";
$db = new Database();
$login = $db->checkInjection($_POST['login']);
$pass = $db->checkInjection($_POST['pass']);
//Creo un jugador
$j = new jugador();
$j->setLogin($login);
//Si encuentra el login
if ($j->exists()) {
//Traigo el jugador
$j->xLogin($login);
//Chequeo que la password sea correcta
if ($j->checkPassword($pass)) {
$j->createSession();
header("Location: ../controller/index.php");
exit;
} else {
alertMessage('Pass incorrecto', '../controller/login.php');
exit;
}
} else {
//Log incorrecto
alertMessage('User incorrecto', '../controller/login.php');
exit;
}
}
//Traigo la vista
include_once "../view/login.php";
$promptform .= '</FORM></div>';
$alertmessage = sprintf($LANG_GF03['splittopicmsg'], $topictitle, $poster, $postdate[0]);
alertMessage($alertmessage, $LANG_GF02['msg182'], $promptform);
}
}
} elseif ($modfunction == 'banip' and forum_modPermission($forum, $_USER['uid'], 'mod_ban') and $fortopicid != 0) {
$iptobansql = DB_query("SELECT ip FROM {$_TABLES['gf_topic']} WHERE id='{$fortopicid}'");
$forumpostipnum = DB_fetchArray($iptobansql);
if ($forumpostipnum['ip'] == '') {
alertMessage($LANG_GF02['msg174']);
exit;
}
$alertmessage = '<p>' . $LANG_GF02['msg68'] . '</p><p>';
$alertmessage .= sprintf($LANG_GF02['msg69'], $forumpostipnum['ip']) . '</p>';
$promptform = '<p><FORM ACTION="' . $_CONF['site_url'] . '/forum/moderation.php" METHOD="POST">';
$promptform .= '<INPUT TYPE="hidden" NAME="hostip" VALUE="' . $forumpostipnum['ip'] . '">';
$promptform .= '<INPUT TYPE="hidden" NAME="confirmbanip" VALUE="1">';
$promptform .= '<INPUT TYPE="hidden" NAME="forum" VALUE="' . $forum . '">';
$promptform .= '<INPUT TYPE="hidden" NAME="fortopicid" VALUE="' . $fortopicid . '">';
$promptform .= '<CENTER><INPUT TYPE="submit" NAME="submit" VALUE="' . $LANG_GF01['CONFIRM'] . '">';
$promptform .= ' <INPUT TYPE="submit" NAME="submit" VALUE="' . $LANG_GF01['CANCEL'] . '">';
$promptform .= '</CENTER></FORM></p>';
alertMessage($alertmessage, $LANG_GF02['msg182'], $promptform);
} else {
alertMessage($LANG_GF02['msg71'], $LANG_GF01['WARNING']);
}
} else {
alertMessage($LANG_GF02['msg72'], $LANG_GF01['ACCESSERROR']);
}
gf_siteFooter();
exit;
private function exibeMenu()
{
if (!isset($_SESSION)) {
session_start();
}
if (!isset($_SESSION['restaurante'])) {
session_destroy();
alertMessage("Erro ao tentar acessar a página.Por favor faça o login novamente!", base_url());
exit;
}
$arrayDadosTela = null;
//Buscar dados do Restaurante
$this->load->model("admin/Restaurante_model", "mRest");
$listaRestaurante = $this->mRest->listaRestaurante($_SESSION['restaurante']);
if (empty($listaRestaurante)) {
session_destroy();
alertMessage("Erro ao processar dados do restaurante.\nPor favor faça o login novamente.", base_url());
exit;
}
foreach ($listaRestaurante as $dadosRestaurante) {
$arrayDadosTela['nomeRestaurante'] = $dadosRestaurante['nomeRestaurante'];
$listaImagemPrincipal = $this->mRest->listaImagensRestaurante($_SESSION['restaurante'], null, 'S');
if (!empty($listaImagemPrincipal) && isset($listaImagemPrincipal[0]['imagem']) && !empty($listaImagemPrincipal[0]['imagem'])) {
$arrayDadosTela['imagemRestaurante'] = base_url("web-files/imagens/restaurantes/{$_SESSION['restaurante']}/imagens/{$listaImagemPrincipal[0]['imagem']}");
}
}
//------------------------------------------------------------------------------------
$this->load->view("menu", $arrayDadosTela);
}
