/** * Action handler for the INSERT / UPDATE of a membership record * returns err:string or success:messages ... * * @param int $membership_id * @param int $player_id * @param int $verein_id * @param int $mtype_id * @param string $v_passnr * @param date $v_mstart * @param date $v_mend */ function dso_insupdmembership($membership_id, $player_id, $verein_id, $mtype_id, $v_passnr, $v_mstart, $v_mend) { global $dbi, $usertoken; // CHECK ACCESS 2 $qV = sql_query('SELECT * from tverein WHERE vid=' . $verein_id, $dbi); $aV = sql_fetch_array($qV, $dbi); if ($usertoken['registermap'][$aV['verband_id']] < 3) { return 'E50:P2:RightsMissing:' . $usertoken['registermap'][$aV['verband_id']]; } // cre_INFO, date defaults ... $upd_date = ls_getdate(); // check Values if (!$verein_id > 0) { die_red('Verein not set'); } if (!$mtype_id > 0) { die_red('Type not set'); } if (!$player_id > 0) { die_red('Player not set'); } if (strlen($v_passnr) < 3) { die_red('Pass Number not set'); } if (!check_date($v_mstart)) { $v_mstart = substr($upd_date, 0, 4) . '-01-01'; } if (!check_date($v_mend)) { $v_mend = substr($upd_date, 0, 4) . '-12-31'; } /* CODE from the workflow ORM stuff ... $p=new cPlayer; $p->setDB($dbi); $p->getbyID($player_id); $p->saveMembershipVerein($v_verein,$v_mtype,$v_passnr,$v_mstart,$v_mend); if (strlen($p->pError)>1){debug($p->pError);return 0;}else{return 1;} */ if ($membership_id > 0) { $qry = "UPDATE tmembership SET mtype={$mtype_id},mvereinid={$verein_id},mpassnr='{$v_passnr}', mstart='{$v_mstart}',mend='{$v_mend}'," . "mcre_user='******'uname'] . "',mcre_date='{$upd_date}' where mpid={$player_id} and mid={$membership_id} limit 1"; } else { $qry = 'INSERT into tmembership(mid,mpid,mtype,mpassnr,mstart,mend,mvereinid,mcre_user,mcre_date,mstatus,mflag)' . " VALUES(0,{$player_id},{$mtype_id},'{$v_passnr}','{$v_mstart}','{$v_mend}',{$verein_id},'" . $usertoken['uname'] . "','{$upd_date}',0,0)"; } if (!($presult = sql_query($qry, $dbi))) { return '<font color=red>E71:DB error on MembershipRecord save possible constraint violation</font>'; } # // In any case we store the KEYVAL directly into the player record ... # // and we make sure the player is marked as active ... $keyfield = dso_getPassKeyFieldForType($mtype_id); $sql = "update tplayer set {$keyfield}=\"{$v_passnr}\",pactive=1 where pid={$player_id}"; if (!($ans = sql_query($sql, $dbi))) { return 'Database error on keyfield save ...'; } dsolog(1, $usertoken['uname'], 'Created Membership for pid: (' . $player_id . ')'); if ($presult == 1) { return 'Membership Saved'; } else { return 'E88:saving '; } }
function split_date($date) { if (check_date($date)) { $res = preg_match_all("/^([^\\.]+)\\.([^\\.]+)\\.([^\n]+)\n/", "{$date}\n", $parts, PREG_PATTERN_ORDER); return array($parts[1][0], $parts[2][0], $parts[3][0]); } return ''; }
function change_tpl_flag($reconcile_id) { global $Ajax; if (!check_date() && check_value("rec_" . $reconcile_id)) { // temporary fix return false; } if (get_post('bank_date') == '') { // new reconciliation $Ajax->activate('bank_date'); } $_POST['bank_date'] = date2sql(get_post('reconcile_date')); $reconcile_value = check_value("rec_" . $reconcile_id) ? "'" . $_POST['bank_date'] . "'" : 'NULL'; update_reconciled_values($reconcile_id, $reconcile_value, $_POST['reconcile_date'], input_num('end_balance'), $_POST['bank_account']); $Ajax->activate('reconciled'); $Ajax->activate('difference'); return true; }
public function get_day_ajax() { if (!$this->input->is_ajax_request()) { show_404(); } $this->load->helper('date'); $vdata = array('status' => 0, 'msg' => '没有任何数据'); if ($date = $this->input->get('dt', TRUE) and check_date($date)) { $day_start = day_unix(strtotime($date)); } else { // 当天 $day_start = day_unix(time()); } $day_end = $day_start + 60 * 60 * 24; $where = 'timeline between ' . $day_start . ' and ' . $day_end; if ($list = $this->model->get_all($where, "*")) { $vdata['status'] = 1; $vdata['msg'] = "已经返回数据!"; $vdata['list'] = $list; } $this->output->set_content_type('application/json')->set_output(json_encode($vdata)); }
function save_project($forms) { global $DB, $AUTH; $obj = new xajaxResponse(); $blad = false; $form = $forms['projectdata']; $obj->script("removeClassId('id_division','alerts');"); $obj->assign("warn_division", "innerHTML", ""); $obj->script("removeClassId('id_states','alerts');"); $obj->assign("warn_states", "innerHTML", ""); $obj->script("removeClassId('id_program','alerts');"); $obj->assign("warn_program", "innerHTML", ""); $obj->script("removeClassId('id_action','alerts');"); $obj->assign("warn_action", "innerHTML", ""); $obj->script("removeClassId('id_contractdate','alerts');"); $obj->assign("warn_contractdate", "innerHTML", ""); $obj->script("removeClassId('id_fromdate','alerts');"); $obj->assign("warn_fromdate", "innerHTML", ""); $obj->script("removeClassId('id_todate','alerts');"); $obj->assign("warn_todate", "innerHTML", ""); $obj->script("removeClassId('id_value','alerts');"); $obj->assign("warn_value", "innerHTML", ""); $obj->script("removeClassId('id_ownvalue','alerts');"); $obj->assign("warn_ownvalue", "innerHTML", ""); $obj->script("removeClassId('id_status','alerts');"); $obj->assign("warn_status", "innerHTML", ""); $obj->script("removeClassId('id_number','alerts');"); $obj->assign("warn_number", "innerHTML", ""); $obj->script("removeClassId('id_contract','alerts');"); $obj->assign("warn_contract", "innerHTML", ""); $obj->script("removeClassId('id_name','alerts');"); $obj->assign("warn_name", "innerHTML", ""); $obj->script("removeClassId('id_title','alerts');"); $obj->assign("warn_title", "innerHTML", ""); $obj->script("removeClassId('id_scope','alerts');"); $obj->assign("warn_scope", "innerHTML", ""); if (empty($form['division'])) { $blad = true; $obj->script("addClassId('id_division','alerts');"); $obj->assign("warn_division", "innerHTML", trans("Dane wymagane")); } if (empty($form['states'])) { $blad = true; $obj->script("addClassId('id_states','alerts');"); $obj->assign("warn_states", "innerHTML", trans("Dane wymagane")); } if ($form['eu'] == 1) { if ($form['program'] == '-1') { $blad = true; $obj->script("addClassId('id_program','alerts');"); $obj->assign("warn_program", "innerHTML", "Dane wymagane"); } if ($form['action'] == '-1') { $blad = true; $obj->script("addClassId('id_action','alerts');"); $obj->assign("warn_action", "innerHTML", "Dane wymagane"); } if (empty($form['contractdate'])) { $blad = true; $obj->script("addClassId('id_contractdate','alerts');"); $obj->assign("warn_contractdate", "innerHTML", "Data wymagana"); } elseif (!check_date($form['contractdate'])) { $blad = true; $obj->script("addClassId('id_contractdate','alerts');"); $obj->assign("warn_contractdate", "innerHTML", "Błędnie podana data"); } else { $form['contractdate'] = str_replace('-', '/', $form['contractdate']); } if (empty($form['todate'])) { $blad = true; $obj->script("addClassId('id_todate','alerts');"); $obj->assign("warn_todate", "innerHTML", "Data wymagana"); } elseif (!check_date($form['todate'])) { $blad = true; $obj->script("addClassId('id_todate','alerts');"); $obj->assign("warn_todate", "innerHTML", "Błędnie podana data"); } else { $form['todate'] = str_replace('-', '/', $form['todate']); } if (empty($form['contract'])) { $blad = true; $obj->script("addClassId('id_contract','alerts');"); $obj->assign("warn_contract", "innerHTML", "Dane wymagane"); } else { if ($form['id']) { $isset = $DB->getOne('SELECT 1 FROM invprojects WHERE UPPER(contract) = ? AND id != ? ' . $DB->Limit(1) . ';', array(strtoupper($form['contract']), intval($form['id']))); } else { $isset = $DB->getOne('SELECT 1 FROM invprojects WHERE UPPER(contract) = ? ' . $DB->Limit(1) . ';', array(strtoupper($form['contract']))); } if ($isset) { $blad = true; $obj->script("addClassId('id_contract','alerts');"); $obj->assign("warn_contract", "innerHTML", "Podany numer umowy już istnieje"); } } if (empty($form['title'])) { $blad = true; $obj->script("addClassId('id_title','alerts');"); $obj->assign("warn_title", "innerHTML", "Dane wymagane"); } if (empty($form['scope'])) { $blad = true; $obj->script("addClassId('id_scope','alerts');"); $obj->assign("warn_scope", "innerHTML", "Dane wymagane"); } } else { // eu if (!empty($form['todate']) && !check_date($form['todate'])) { $blad = true; $obj->script("addClassId('id_todate','alerts');"); $obj->assign("warn_todate", "innerHTML", "Błędnie podana data"); } else { $form['todate'] = str_replace('-', '/', $form['todate']); } } if (!empty($form['fromdate']) && !check_date($form['fromdate'])) { $blad = true; $obj->script("addClassId('id_fromdate','alerts');"); $obj->assign("warn_fromdate", "innerHTML", "Błędnie podana data"); } else { $form['fromdate'] = str_replace('-', '/', $form['fromdate']); } $form['value'] = str_replace(',', '.', $form['value']); $form['ownvalue'] = str_replace(',', '.', $form['ownvalue']); if (!empty($form['value']) && !check_natural($form['value'])) { $blad = true; $obj->script("addClassId('id_value','alerts');"); $obj->assign("warn_value", "innerHTML", "Błędnie podana wartość"); } elseif (!empty($form['value']) && check_natural($form['value'])) { $obj->assign("id_value", "value", $form['value']); } if (!empty($form['ownvalue']) && !check_natural($form['ownvalue'])) { $blad = true; $obj->script("addClassId('id_ownvalue','alerts');"); $obj->assign("warn_ownvalue", "innerHTML", "Błędnie podana wartość"); } elseif (!empty($form['ownvalue']) && check_natural($form['ownvalue'])) { $obj->assign("id_ownvalue", "value", $form['ownvalue']); } if ($form['status'] == '-1') { $blad = true; $obj->script("addClassId('id_status','alerts');"); $obj->assign("warn_status", "innerHTML", "Wybierz status"); } if (empty($form['number'])) { $blad = true; $obj->script("addClassId('id_number','alerts');"); $obj->assign("warn_number", "innerHTML", "Numer jest wymagany"); } else { if ($form['id']) { $isset = $DB->getOne('SELECT 1 FROM invprojects WHERE UPPER(number) = ? AND id != ? ' . $DB->Limit(1) . ';', array(strtoupper($form['number']), intval($form['id']))); } else { $isset = $DB->getOne('SELECT 1 FROM invprojects WHERE UPPER(number) = ? ' . $DB->Limit(1) . ';', array(strtoupper($form['number']))); } if ($isset) { $blad = true; $obj->script("addClassId('id_number','alerts');"); $obj->assign("warn_number", "innerHTML", "Numer już istnieje"); } } if (empty($form['name'])) { $blad = true; $obj->script("addClassId('id_name','alerts');"); $obj->assign("warn_name", "innerHTML", "Nazwa projektu jest wymagana"); } else { if ($form['id']) { $isset = $DB->getOne('SELECT 1 FROM invprojects WHERE UPPER(name) = ? AND id != ? ' . $DB->limit(1) . ';', array(strtoupper($form['name']), intval($form['id']))); } else { $isset = $DB->getOne('SELECT 1 FROM invprojects WHERE UPPER(name) = ? ' . $DB->limit(1) . ';', array(strtoupper($form['name']))); } if ($isset) { $blad = true; $obj->script("addClassId('id_name','alerts');"); $obj->assign("warn_name", "innerHTML", "Podana nazwa już istnieje"); } } if (!$blad) { if (empty($form['contractdate'])) { $contractdate = 0; } else { $contractdate = strtotime($form['contractdate'] . ' 00:00:00'); } if (empty($form['fromdate'])) { $fromdate = 0; } else { $fromdate = strtotime($form['fromdate'] . ' 00:00:00'); } if (empty($form['todate'])) { $todate = 0; } else { $todate = strtotime($form['todate'] . ' 23:59:29'); } $title = str_replace("\n", " ", $form['title']); $scope = str_replace("\n", " ", $form['scope']); if (!$form['eu']) { $form['program'] = $form['action'] = $contractdate = 0; } if ($form['id']) { $DB->Execute('UPDATE invprojects SET name=?, number=?, contract=?, title=?, program=?, action=?, division=?, contractdate=?, fromdate=?, todate=?, states=?, scope=?, value=?, ownvalue=?, status=?, eu=?, description=?, siis=?, mdate=?, muser=? WHERE id = ?;', array($form['name'] ? $form['name'] : '', $form['number'] ? $form['number'] : '', $form['contract'] ? $form['contract'] : '', $title ? $title : '', $form['program'] ? $form['program'] : 0, $form['action'] ? $form['action'] : 0, $form['division'] ? $form['division'] : '', $contractdate ? $contractdate : 0, $fromdate ? $fromdate : 0, $todate ? $todate : 0, $form['states'] ? $form['states'] : '', $scope ? $scope : '', $form['value'] ? str_replace(',', '.', $form['value']) : '0.00', $form['ownvalue'] ? str_replace(',', '.', $form['ownvalue']) : '0.00', $form['status'] ? $form['status'] : 0, $form['eu'] ? 1 : 0, $form['description'] ? $form['description'] : '', $form['siis'] ? 1 : 0, time(), $AUTH->id, $form['id'])); } else { $DB->Execute('INSERT INTO invprojects (name, type, number, contract, title, program, action, division, contractdate, fromdate, todate, states, scope, value, ownvalue, status, eu, description, siis, cdate, mdate, cuser, muser) VALUES (?, 0, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, 0, ?, 0) ;', array($form['name'] ? $form['name'] : '', $form['number'] ? $form['number'] : '', $form['contract'] ? $form['contract'] : '', $title ? $title : '', $form['program'] ? $form['program'] : 0, $form['action'] ? $form['action'] : 0, $form['division'] ? $form['division'] : '', $contractdate ? $contractdate : 0, $fromdate ? $fromdate : 0, $todate ? $todate : 0, $form['states'] ? $form['states'] : '', $scope ? $scope : '', $form['value'] ? str_replace(',', '.', $form['value']) : '0.00', $form['ownvalue'] ? str_replace(',', '.', $form['ownvalue']) : '0.00', $form['status'] ? $form['status'] : 0, $form['eu'] ? 1 : 0, $form['description'] ? $form['description'] : '', $form['siis'] ? 1 : 0, time(), $AUTH->id)); $form['id'] = $DB->getLastInsertId('invprojects'); } $obj->script("self.location.href='?m=projectinfo&id=" . $form['id'] . "';"); } return $obj; }
$nb_erreur++; } } if (!isset($_POST['summary']) or $_POST['summary'] == "") { $page['erreur'][$nb_erreur]['message'] = $lang['news']['E_empty_summary']; $nb_erreur++; } if (!isset($_POST['text']) or $_POST['text'] == "") { $page['erreur'][$nb_erreur]['message'] = $lang['news']['E_empty_text']; $nb_erreur++; } /* date */ if (!isset($_POST['release']) or $_POST['release'] == "") { $page['erreur'][$nb_erreur]['message'] = $lang['news']['E_empty_release']; $nb_erreur++; } elseif (!check_date($_POST['release'])) { $page['erreur'][$nb_erreur]['message'] = $lang['news']['E_invalid_release']; $nb_erreur++; } if (isset($_POST['release_time']) and !empty($_POST['release_time']) and !check_hour($_POST['release_time'])) { $page['erreur'][$nb_erreur]['message'] = $lang['news']['E_invalid_release_time']; $nb_erreur++; } $_POST['member'] = $_SESSION['session_member_id']; if ($nb_erreur == 0) { if (empty($_POST['release_time'])) { $_POST['release_time'] = '00:00'; } $_POST['release'] = convert_date_sql($_POST['release']); $_POST['release'] .= " " . $_POST['release_time']; /* cas d'un premier add */
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, * USA. * * $Id$ */ $customerid = intval($_GET['customerid']); if (!$LMS->CustomerExists($customerid)) { $SESSION->redirect('?m=customerlist'); } if (isset($_GET['cutoffstop'])) { if ($_GET['cutoffstop'] == '') { $cutoffstop = 0; } elseif (check_date($_GET['cutoffstop'])) { list($y, $m, $d) = explode('/', $_GET['cutoffstop']); if (checkdate($m, $d, $y)) { $cutoffstop = mktime(23, 59, 59, $m, $d, $y); } } // excluded groups check if (!$DB->GetOne('SELECT 1 FROM customerassignments a JOIN excludedgroups e ON (a.customergroupid = e.customergroupid) WHERE e.userid = lms_current_user() AND a.customerid = ?', array($customerid))) { $DB->Execute('UPDATE customers SET cutoffstop = ? WHERE id = ?', array($cutoffstop, $customerid)); } } $SESSION->redirect('?' . $SESSION->get('backto'));
with the same email who just wants to activate its account elseif(isset($_POST['email']) AND !empty($_POST['email'])) { $sgbd = sql_connect(); $sql_verif_email = sql_replace($sql['member']['verif_member_email'],$_POST); $res = sql_query($sql_verif_email); $nb_res = sql_num_rows($res); sql_free_result($res); sql_close($sgbd); if($nb_res!="0") { $page['erreur'][$nb_erreur]['message']=$lang['member']['E_choisi_email']; $nb_erreur++; } } */ # date of birth if (isset($_POST['date_birth']) and !empty($_POST['date_birth']) and !check_date($_POST['date_birth'])) { $page['erreur'][$nb_erreur]['message'] = $lang['member']['E_invalid_date_birth']; $nb_erreur++; } # login if (!isset($_POST['login_member']) or empty($_POST['login_member'])) { $page['erreur'][$nb_erreur]['message'] = $lang['member']['E_empty_login']; $nb_erreur++; } elseif (!check_login($_POST['login_member'])) { $page['erreur'][$nb_erreur]['message'] = $lang['member']['E_invalid_login']; $nb_erreur++; } elseif (isset($_POST['login']) and !empty($_POST['login'])) { $sgbd = sql_connect(); $sql_verif_login = sql_replace($sql['member']['verif_member_login'], $_POST); $res = sql_query($sql_verif_login); $nb_res = sql_num_rows($res);
if ($nb_match_empty != 0) { $page['erreur'][$nb_error]['message'] = $lang['match']['E_empty_matchs_club_visitor']; $nb_error++; } } # we check that the date is not empty if (isset($id_date)) { $nb_match_empty = 0; $nb_invalid = 0; $nb_no_season = 0; $date_found = array(); for ($i = 0; $i < $nb_match; $i++) { # the match has no name if (empty($_POST['data'][$i][$id_date])) { $nb_match_empty++; } elseif (!check_date($_POST['data'][$i][$id_date])) { array_push($date_found, $_POST['data'][$i][$id_date]); $nb_invalid++; } else { // we try to match with the season foreach ($season_list as $id_season => $value) { if (convert_date_sql($_POST['data'][$i][$id_date]) >= $value['date_start'] and convert_date_sql($_POST['data'][$i][$id_date]) <= $value['date_end']) { $season[$i] = $id_season; } } if (!isset($season[$i])) { $nb_no_season++; } } } if ($nb_match_empty != 0) {
$cl = 'ff4f00&to=ffffff'; } print '<td background="./themes/svg_gradient.php?from=' . $cl . '">' . $i['count'] . ' / ' . $i['h_count'] . ' (' . round($p) . ' %)</td>'; print '<td>' . money_format("%i", $i['cena']) . ' руб.</td>'; $t = $i['cena'] * $i['count']; $tt = $tt + $t; //print '<td>'.$t.' руб.</td>'; print '<td>' . money_format("%i", $t) . ' руб.</td>'; // выделить цветом до оканчания срока годности $d2 = strtotime($i['date_end']) - 604800; // неделя $d3 = strtotime($i['date_end']); if ($d1 > $d2) { print '<td background="./themes/svg_gradient.php?from=ff0000&to=ffffff" title="Срок годности скоро закончиться">' . check_date($i['date_end'], $user->date_format) . '</td>'; } else { print '<td>' . check_date($i['date_end'], $user->date_format) . '</td>'; } print '<td><a href="apteka_traffic.php?id=' . $i['id'] . '"><img src="./themes/img/b_tblexport.png" title="Переместить в отеделение"></a> | <a href="#" onclick="del_j(\'' . $i['id'] . '\')"><img src="./themes/img/b_drop.png" title="Удалить"></a></td>'; print '<td>' . $i['polka'] . '</td><td>' . $i['icheika'] . '</td>'; print '</tr>'; $j++; } print '<tr> <td></td> <td></td> <td></td> <td></td> <td></td> <td></td> <td class="hovr">Общее: ' . money_format("%i", $tt) . ' руб. </td> <td></td>
$params['tag_keywords'] = prepare_input($_POST['tag_keywords']); } if (isset($_POST['tag_description'])) { $params['tag_description'] = prepare_input($_POST['tag_description']); } if (isset($_POST['page_title'])) { $params['page_title'] = prepare_input($_POST['page_title']); } if (isset($_POST['page_text'])) { $params['page_text'] = prepare_input($_POST['page_text'], false, 'low'); } if (isset($_POST['menu_link'])) { $params['menu_link'] = prepare_input($_POST['menu_link']); } $params['menu_id'] = isset($_POST['menu_id']) ? prepare_input($_POST['menu_id']) : '0'; $params['page_key'] = create_seo_url(prepare_input($_POST['page_title'])); $params['language_id'] = isset($_POST['language_id']) ? prepare_input($_POST['language_id']) : ''; $params['finish_publishing'] = isset($_POST['finish_publishing']) && check_date($_POST['finish_publishing']) ? prepare_input($_POST['finish_publishing']) : '0000-00-00'; if ($objPage->PageCreate($params, $copy_to_other_langs)) { $msg = draw_success_message(_PAGE_CREATED, false); $objSession->SetMessage('notice', $msg); header('location: index.php?admin=pages' . (Application::Get('type') != '' ? '&type=' . Application::Get('type') : '') . '&mg_language_id=' . $params['language_id']); exit; } else { $msg = draw_important_message($objPage->error, false); } } if ($msg == '') { $msg = draw_message(_ALERT_REQUIRED_FILEDS, false); } }
$where[] = 'rttickets.state != ' . RT_RESOLVED; } else { $where[] = 'rttickets.state = ' . intval($status); } } if ($datefrom) { if (check_date($datefrom)) { list($year, $month, $day) = explode('/', $datefrom); $datefrom = mktime(0, 0, 0, $month, $day, $year); } else { $datefrom = 0; } $where[] = 'rttickets.createtime >= ' . $datefrom; } if ($dateto) { if (check_date($dateto)) { list($year, $month, $day) = explode('/', $dateto); $dateto = mktime(0, 0, 0, $month, $day, $year); } else { $dateto = 0; } $where[] = 'rttickets.createtime <= ' . $dateto; } $list = $DB->GetAllByKey('SELECT rttickets.id, createtime, customerid, subject, requestor, ' . $DB->Concat('UPPER(c.lastname)', "' '", 'c.name') . ' AS customername ' . (!empty($_POST['contacts']) || !empty($_GET['contacts']) ? ', address, (SELECT ' . $DB->GroupConcat('contact', ',', true) . ' FROM customercontacts WHERE customerid = c.id AND (customercontacts.type & ' . (CONTACT_MOBILE | CONTACT_FAX | CONTACT_LANDLINE) . ' > 0 ) GROUP BY customerid) AS phones, (SELECT ' . $DB->GroupConcat('contact', ',', true) . ' FROM customercontacts WHERE customerid = c.id AND (customercontacts.type & ' . CONTACT_EMAIL . ' = ' . CONTACT_EMAIL . ') GROUP BY customerid) AS emails ' : '') . 'FROM rttickets LEFT JOIN rtticketcategories tc ON tc.ticketid = rttickets.id LEFT JOIN customeraddressview c ON (customerid = c.id) WHERE 1 = 1 ' . (isset($where) ? ' AND ' . implode(' AND ', $where) : '') . ' ORDER BY createtime', 'id'); if ($list && $extended) {
{ $phone = trim($val['phone']); $name = trim($val['name']); $type = !empty($val['type']) ? array_sum($val['type']) : NULL; $customerdata['contacts'][$idx]['type'] = $type; if($name && !$phone) $error['contact'.$idx] = trans('Phone number is required!'); elseif($phone) $contacts[] = array('name' => $name, 'phone' => $phone, 'type' => $type); } if ($customerdata['cutoffstop'] == '') $cutoffstop = 0; elseif (check_date($customerdata['cutoffstop'])) { list ($y, $m, $d) = explode('/', $customerdata['cutoffstop']); if (checkdate($m, $d, $y)) $cutoffstop = mktime(23, 59, 59, $m, $d, $y); else $error['cutoffstop'] = trans('Incorrect date of cutoff suspending!'); } else $error['cutoffstop'] = trans('Incorrect date of cutoff suspending!'); $hook_data = $LMS->executeHook( 'customeredit_validation_before_submit', array( 'customerdata' => $customerdata, 'error' => $error ) );
function check_consultation() { if (strlen($_POST['c_title']) < 20) { //Short Consultation Title return '5@0'; } else { if (empty($_POST['c_num'])) { // No Post Num return '4@0'; } else { if ($_POST['c_num'] > 100) { $cons_id = build_consultation(); return '3@' . $cons_id; } else { if (!check_date()) { $cons_id = build_consultation(); return '2@' . $cons_id; } } } } $cons_id = build_consultation(); return '1@' . $cons_id; }
/** * Crewside */ protected static function page_crew() { global $__server, $_lang; ess::$b->page->add_title("Crew"); $subpage2 = getval("b"); redirect::store(page_min_side::addr(NULL, $subpage2 != "" ? "b=" . $subpage2 : '')); ess::$b->page->add_css(' .minside_crew_links .active { color: #CCFF00 }'); $links = array(); $links[] = '<a href="' . htmlspecialchars(page_min_side::addr(NULL, "", "player")) . '">Min spiller</a>'; $links[] = '<a href="' . htmlspecialchars(page_min_side::addr(NULL, "")) . '"' . ($subpage2 == "" ? ' class="active"' : '') . '>Oversikt / logg</a>'; if (access::has("forum_mod")) { $links[] = '<a href="' . htmlspecialchars(page_min_side::addr(NULL, "b=addlog")) . '"' . ($subpage2 == "addlog" ? ' class="active"' : '') . '>Nytt notat</a>'; } $links[] = '<a href="' . htmlspecialchars(page_min_side::addr(NULL, "b=blokk")) . '"' . ($subpage2 == "blokk" ? ' class="active"' : '') . '>Blokkeringer</a>'; if (access::has("mod")) { $links[] = '<a href="' . htmlspecialchars(page_min_side::addr(NULL, "b=banka")) . '"' . ($subpage2 == "banka" ? ' class="active"' : '') . '>Bankpassord</a>'; } if (access::has("mod")) { $links[] = '<a href="' . htmlspecialchars(page_min_side::addr(NULL, "b=birth")) . '"' . ($subpage2 == "birth" ? ' class="active"' : '') . '>Fødselsdato</a>'; } if (access::has("mod")) { $links[] = '<a href="' . htmlspecialchars(page_min_side::addr("set", "b=pass")) . '">Passord</a>'; } if (access::has("admin")) { $links[] = '<a href="' . htmlspecialchars(page_min_side::addr(NULL, "b=level")) . '"' . ($subpage2 == "level" ? ' class="active"' : '') . '>Tilgangsnivå</a>'; } $links[] = '<a href="' . htmlspecialchars(page_min_side::addr(NULL, "b=send_email")) . '"' . ($subpage2 == "send_email" ? ' class="active"' : '') . '>Send e-post</a>'; $links[] = '<a href="' . htmlspecialchars(page_min_side::addr(NULL, "b=warning")) . '"' . ($subpage2 == "warning" ? ' class="active"' : '') . '>Gi advarsel</a>'; echo ' <p class="c minside_crew_links">' . implode(" | ", $links) . '</p>'; if ($subpage2 == "") { // javascript for rapporteringer ess::$b->page->add_js_domready(' var w = $("minside_reports"); var xhr = new Request({ url: relative_path + "/ajax/minside_report", data: { u_id: ' . page_min_side::$active_user->id . ' }, evalScripts: function(script) { ajax.js += script; } }); xhr.addEvent("success", function(text) { w.set("html", text); w.getElements(".pagenumbers").each(function(elm) { elm.addEvent("set_page", function(s) { load(null, s, true); }); }); ajax.refresh(); }); xhr.addEvent("failure", function(x) { var p = new Element("p", {html: "Feil: " + x}).inject(w.empty()); }); function load(a, s, goto) { if (a !== null) xhr.options.data.a = a; if (s) xhr.options.data.s = s; if (goto) w.getParent().goto(-10); w.set("html", "<p>Laster inn data..</p>"); xhr.send(); } $("minside_reports_from").addEvent("click", function() { load("from", 1, true); }); $("minside_reports_to").addEvent("click", function() { load("to", 1, true); }); $("minside_reports_all").addEvent("click", function() { load("", 1, true); }); load();'); // css for rapporteringer ess::$b->page->add_css(' .rap_wrap { margin: 1em 0; background-color: #222222; position: relative; overflow: auto; } .rap_time { position: absolute; top: 8px; right: 5px; margin: 0; color: #777777; } .rap_time span { color: #EEEEEE; } .rap_w { margin: 0; padding: 5px; background-color: #282828; } .rap_u { font-size: 14px; } .rap_wrap .col2_w { margin: 0 } .rap_wrap .col_w.left { width: 40% } .rap_wrap .col_w.right { width: 60% } .rap_wrap .col_w.left .col { margin: 0 0 0 5px } .rap_wrap .col_w.right .col { margin: 5px 5px 5px 0 } .rap_note { background-color: #1C1C1C; padding: 5px !important; overflow: auto; border: 1px dotted #525252 } '); // faner ess::$b->page->add_js_domready(' $$(".minside_fane_link").addEvent("click", function(elm) { $$(".minside_fane").setStyle("display", "none"); $$(".minside_fane_link").removeClass("minside_fane_active"); this.addClass("minside_fane_active"); $(this.get("rel")).setStyle("display", ""); }); $$(".minside_fane_active").fireEvent("click");'); ess::$b->page->add_css(' .minside_fane_active, .minside_fane_active:hover { color: #CCFF00; }'); echo ' <div class="col2_w"> <div class="col_w left"> <div class="col"> <div class="bg1_c"> <h1 class="bg1">Oversikt<span class="left2"></span><span class="right2"></span></h1> <div class="bg1">'; // hent blokkeringer for brukeren $result = \Kofradia\DB::get()->query("SELECT ub_id, ub_type, ub_time_expire, ub_reason FROM users_ban WHERE ub_u_id = " . page_min_side::$active_user->id . " AND ub_time_expire > " . time()); if ($result->rowCount() > 0) { while ($row = $result->fetch()) { $access = access::has(blokkeringer::$types[$row['ub_type']]['access']); echo ' <p>Blokkert: ' . ($access ? '<a href="' . htmlspecialchars(page_min_side::addr(NULL, "b=blokk&t={$row['ub_type']}")) . '">' : '') . htmlspecialchars(blokkeringer::$types[$row['ub_type']]['title']) . ($access ? '</a>' : '') . ' (til ' . ess::$b->date->get($row['ub_time_expire'])->format(date::FORMAT_SEC) . ', ' . game::counter($row['ub_time_expire'] - time()) . ')</p>'; } } echo ' <p>Trykk deg inn på de forskjellige spillerene til brukeren for å se informasjon knyttet opp mot dem.</p> </div> </div> </div> </div> <div class="col_w right"> <div class="col"> <div class="bg1_c"> <h1 class="bg1">Crewnotat for brukeren<span class="left2"></span><span class="right2"></span></h1> <p class="h_right"><a href="' . htmlspecialchars(page_min_side::addr(NULL, "b=enote")) . '">rediger</a></p> <div class="bg1"> <p>Her kan hvem som helst i crewet legge til eller endre et notat for denne brukeren for å memorere ting som har med <u>brukeren</u> å gjøre.</p>' . (empty(page_min_side::$active_user->data['u_note_crew']) ? ' <p>Ingen notat er registrert.</p>' : ' <div class="p">' . game::bb_to_html(page_min_side::$active_user->data['u_note_crew']) . '</div>') . ' </div> </div> </div> </div> </div> <p class="c"><a class="minside_fane_link minside_fane_active" rel="minside_fane2">Loggoppføringer</a> | <a class="minside_fane_link" rel="minside_fane1">Rapporteringer</a></p> <div id="minside_fane1" class="minside_fane"> <p class="c">Filter: <a id="minside_reports_from">Brukerens egne rapporteringer</a> | <a id="minside_reports_to">Andres rapporteringer</a> | <a id="minside_reports_all">Alle</a></p> <div id="minside_reports"> <p>Laster inn..</p> </div> </div> <div id="minside_fane2" class="minside_fane"> <p class="c">Loggoppføringer for denne brukeren</p>'; // hent loggene for denne brukeren $pagei = new pagei(pagei::ACTIVE_GET, "side", pagei::PER_PAGE, 50); $result = $pagei->query("SELECT lc_id, lc_up_id, lc_time, lc_lca_id, lc_a_up_id, lc_log FROM log_crew JOIN users_players ON up_u_id = " . page_min_side::$active_user->id . " WHERE lc_a_up_id = up_id ORDER BY lc_time DESC"); // ingen handlinger? if ($result->rowCount() == 0) { echo ' <p class="c">Ingen oppføringer eksisterer.</p>'; } else { $rows = array(); while ($row = $result->fetch()) { $rows[$row['lc_id']] = $row; } $data = crewlog::load_summary_data($rows); $logs = array(); foreach ($data as $row) { // hent sammendrag $summary = crewlog::make_summary($row, NULL, $row['lc_a_up_id'] != page_min_side::$active_player->id); $day = ess::$b->date->get($row['lc_time'])->format(date::FORMAT_NOTIME); $logs[$day][] = '<p><span class="time">' . ess::$b->date->get($row['lc_time'])->format("H:i") . ':</span> ' . $summary . '</p>'; } ess::$b->page->add_css('.crewlog .time { color: #888888; padding-right: 5px }'); foreach ($logs as $day => $items) { echo ' <div class="bg1_c"> <h1 class="bg1">' . $day . '<span class="left2"></span><span class="right2"></span></h1> <div class="bg1 crewlog"> ' . implode(' ', $items) . ' </div> </div>'; } echo ' <p class="c">' . $pagei->pagenumbers() . '</p>'; } echo ' </div>'; } elseif ($subpage2 == "addlog" && access::has("forum_mod")) { // legge til? if (isset($_POST['notat'])) { $notat = trim(postval("notat")); $notat_bb = trim(game::bb_to_html($notat)); if (empty($notat_bb)) { ess::$b->page->add_message("Notatet kan ikke være tomt.", "error"); } else { // legg til i crewloggen crewlog::log("user_add_note", page_min_side::$active_player->id, $notat); ess::$b->page->add_message("Notatet ble registrert."); redirect::handle(page_min_side::addr()); } } ess::$b->page->add_title("Nytt notat"); ess::$b->page->add_js_domready('$("notat_felt").focus();'); echo ' <div class="bg1_c"> <h1 class="bg1">Legg til notat i crewloggen<span class="left2"></span><span class="right2"></span></h1> <div class="bg1"> <p>Notat: (Vil bli lagt til som vanlig logg i <a href="' . htmlspecialchars(page_min_side::addr(NULL)) . '">Crewloggen</a>.)</p> <form action="" method="post"> <p><textarea name="notat" id="notat_felt" rows="10" cols="30" style="width: 98%; overflow: auto">' . htmlspecialchars(postval("notat")) . '</textarea></p> <p>' . show_sbutton("Legg til notat") . '</p> </form> </div> </div>'; } elseif ($subpage2 == "blokk") { ess::$b->page->add_title("Blokkeringer"); $type = false; if (isset($_GET['t'])) { // kontroller type $type_id = intval($_GET['t']); // fant ikke? if (!isset(blokkeringer::$types[$type_id])) { ess::$b->page->add_message("Ugyldig type '.{$type_id}.'.", "error"); } else { $type = blokkeringer::$types[$type_id]; // har vi tilgang til å gjøre noe med denne blokkeringen? if (!access::has($type['access'])) { ess::$b->page->add_message('Du har ikke tilgang til denne typen blokkering. (' . htmlspecialchars($type['title']) . ')', "error"); $type = false; } } } // vise en type blokkering? if ($type) { redirect::store(page_min_side::addr(NULL, "b=blokk&t={$type_id}")); // sjekk om det er en aktiv blokkering for denne typen $active = blokkeringer::check($type_id, page_min_side::$active_user->id); if ($active) { // hent informasjon om blokkeringen $info = blokkeringer::get_info($active['ub_id']); } // handling: legg til blokkering if (isset($_POST['add']) && $active) { ess::$b->page->add_message("Det er allerede en blokkering på brukeren som varer til " . ess::$b->date->get($active['ub_time_expire'])->format() . ".", "error"); } elseif (isset($_POST['add'])) { // kontroller verdier $date_type = isset($_POST['date_type']) && $_POST['date_type'] == "abs" ? "abs" : "rel"; $rel_weeks = intval(postval("rel_weeks")); $rel_days = intval(postval("rel_days")); $rel_hours = intval(postval("rel_hours")); $rel_mins = intval(postval("rel_mins")); $abs_date = postval("abs_date"); $abs_time = postval("abs_time"); // sjekk type og verdiene $expire = false; // bestemt dato/tidspunkt if ($date_type == "abs") { // kontroller datoen if (!($abs_date_m = check_date($abs_date, "%y-%m-%d"))) { ess::$b->page->add_message('Datoen du skrev inn er ikke gyldig.', "error"); } elseif (!($abs_time_m = check_date($abs_time, "%h:%i:%s"))) { ess::$b->page->add_message('Tidspunktet du skrev inn er ikke gyldig.', "error"); } else { // ok $date = ess::$b->date->get(); $date->setTime($abs_time_m[1], $abs_time_m[2], $abs_time_m[3]); $date->setDate($abs_date_m[1], $abs_date_m[2], $abs_date_m[3]); $expire = $date->format("U"); } } else { // sjekk uker if ($rel_weeks < 0 || $rel_weeks > 9) { ess::$b->page->add_message('Antall uker kan ikke være under 0 eller over 9.', "error"); } elseif ($rel_days < 0 || $rel_days > 6) { ess::$b->page->add_message('Antall dager kan ikke være under 0 eller over 6.', "error"); } elseif ($rel_hours < 0 || $rel_hours > 23) { ess::$b->page->add_message('Antall timer kan ikke være under 0 eller over 23.', "error"); } elseif ($rel_mins < 0 || $rel_mins > 59) { ess::$b->page->add_message('Antall minutter kan ikke være under 0 eller over 59.', "error"); } else { // ok $expire = time() + $rel_weeks * 604800 + $rel_days * 86400 + $rel_hours * 3600 + $rel_mins * 60; } } // sjekke videre? if ($expire) { // sjekk at datoen er minst 1 min fremover i tid if ($expire < time() + 60) { ess::$b->page->add_message('Du kan ikke legge til en blokkering for mindre enn 1 minutt.', "error"); } else { // kontroller begrunnelse og intern informasjon $log = trim(postval("log")); $note = trim(postval("note")); // mangler begrunnelse? if ($log == "") { ess::$b->page->add_message('Mangler begrunnelse.', "error"); } elseif ($note == "") { ess::$b->page->add_message("Mangler intern informasjon", "error"); } else { // forsøk å legg til blokkeringen $add = blokkeringer::add(page_min_side::$active_user->id, $type_id, $expire, $log, $note); if ($add !== true) { ess::$b->page->add_message("Det er allerede en blokkering på brukeren som varer til " . ess::$b->date->get($add['ub_time_expire'])->format() . ".", "error"); } else { // legg til crewlogg crewlog::log("user_ban_active", page_min_side::$active_player->id, $log, array("type" => $type_id, "time_end" => $expire, "note" => $note)); ess::$b->page->add_message('Brukeren er nå blokkert til ' . ess::$b->date->get($expire)->format() . '. (' . htmlspecialchars($type['title']) . ')'); redirect::handle(); } } } } } elseif (isset($_POST['edit']) && !$active) { // ingen blokkering å redigere? ess::$b->page->add_message("Brukeren har ikke lengre denne blokkeringen.", "error"); } elseif (isset($_POST['edit'])) { // godkjent handling? if (isset($_POST['log_change'])) { // kontroller verdier $date = postval("date"); $time = postval("time"); // kontroller datoen if (!($date_m = check_date($date, "%y-%m-%d"))) { ess::$b->page->add_message('Datoen du skrev inn er ikke gyldig.', "error"); } elseif (!($time_m = check_date($time, "%h:%i:%s"))) { ess::$b->page->add_message('Tidspunktet du skrev inn er ikke gyldig.', "error"); } else { $date = ess::$b->date->get(); $date->setTime($time_m[1], $time_m[2], $time_m[3]); $date->setDate($date_m[1], $date_m[2], $date_m[3]); $expire = $date->format("U"); // sjekk at datoen er minst 1 min fremover i tid if ($expire < time() + 60) { ess::$b->page->add_message('Du kan ikke legge til en blokkering for mindre enn 1 minutt.', "error"); } else { // kontroller begrunnelse for utestengelse, begrunnelse for endring og intern informasjon $log_ban = trim(postval("log_ban")); $log_change = trim(postval("log_change")); $note = trim(postval("note")); // mangler begrunnelse for endring? if ($log_change == "") { ess::$b->page->add_message('Mangler begrunnelse for endring.', "error"); } elseif ($log_ban == "") { ess::$b->page->add_message('Mangler begrunnelse for utestengelse.', "error"); } elseif ($note == "") { ess::$b->page->add_message('Mangler intern informasjon.', "error"); } elseif ($expire == $info['ub_time_expire'] && $log_ban == $info['ub_reason'] && $note == $info['ub_note']) { ess::$b->page->add_message('Ingen endringer ble utført.', "error"); } else { // oppdater blokkeringen $edit = blokkeringer::edit($active['ub_id'], $expire, $log_ban, $note); if ($edit == 0) { ess::$b->page->add_message("Blokkeringen kunne ikke bli oppdatert. Den er mest sannsynlig ikke lengre aktiv.", "error"); } else { // legg til crewlogg $data = array("type" => $type_id, "time_end_old" => $info['ub_time_expire'], "log_old" => $info['ub_reason'], "note_old" => $info['ub_note']); if ($expire != $info['ub_time_expire']) { $data["time_end_new"] = $expire; } if ($log_ban != $info['ub_reason']) { $data["log_new"] = $log_ban; } if ($note != $info['ub_note']) { $data["note_new"] = $note; } crewlog::log("user_ban_change", page_min_side::$active_player->id, $log_change, $data); ess::$b->page->add_message('Du har oppdatert blokkeringen. Brukeren er nå blokkert til ' . ess::$b->date->get($expire)->format() . '. (' . htmlspecialchars($type['title']) . ')'); redirect::handle(); } } } } } } elseif (isset($_POST['delete']) && !$active) { // ingen blokkering å slette? ess::$b->page->add_message("Brukeren har ikke lengre denne blokkeringen.", "error"); } elseif (isset($_POST['delete'])) { // godkjent handling? if (isset($_POST['log'])) { $log = trim(postval("log")); // mangler logg? if ($log == "") { ess::$b->page->add_message('Mangler begrunnelse.', "error"); } else { // fjern blokkeringen $delete = blokkeringer::delete($active['ub_id']); if ($delete == 0) { ess::$b->page->add_message("Blokkeringen kunne ikke bli oppdatert. Den er mest sannsynlig ikke lengre aktiv.", "error"); } else { // legg til crewlogg crewlog::log("user_ban_delete", page_min_side::$active_player->id, $log, array("type" => $type_id, "time_end" => $info['ub_time_expire'], "log" => $info['ub_reason'], "note" => $info['ub_note'])); ess::$b->page->add_message('Du har fjernet blokkeringen. (' . htmlspecialchars($type['title']) . ')'); redirect::handle(); } } } } echo ' <div class="bg1_c" style="width: 350px"> <h1 class="bg1">Blokkering: ' . htmlspecialchars($type['title']) . '<span class="left2"></span><span class="right2"></span></h1> <div class="bg1"> <boxes /> <p class="r">Tilgangsnivå: ' . access::name($type['access']) . '</p> <p><u>Hensikt:</u> ' . $type['description'] . '</p>'; // blokkert? if ($active) { echo ' <p>Brukeren er blokkert.</p> <dl class="dd_right"> <dt>Lagt til</dt> <dd>' . ess::$b->date->get($info['ub_time_added'])->format(date::FORMAT_SEC) . '<br />' . game::timespan($info['ub_time_added'], game::TIME_ABS | game::TIME_ALL, 5) . '</dd> <dt>Utestengt til</dt> <dd>' . ess::$b->date->get($info['ub_time_expire'])->format(date::FORMAT_SEC) . '<br />' . game::counter($info['ub_time_expire'] - time()) . '</dd> </dl> <div class="section"> <h2>Begrunnelse</h2> <div class="p">' . (($reason = game::bb_to_html($info['ub_reason'])) == "" ? 'Ikke oppgitt.' : $reason) . '</div> <h2>Intern informasjon</h2> <div class="p">' . (($note = game::bb_to_html($info['ub_note'])) == "" ? 'Ikke oppgitt.' : $note) . '</div> </div>'; // handling: redigere blokkering if (isset($_POST['edit'])) { echo ' <p>Du er i ferd med å endre blokkeringen til brukeren.</p> <form action="" method="post"> <dl class="dd_right dl_2x"> <dt>Til</dt> <dd> Dato: <input type="text" name="date" id="ban_date" value="' . htmlspecialchars(postval("date", ess::$b->date->get($info['ub_time_expire'])->format("Y-m-d"))) . '" class="styled w80" /> <input type="text" name="time" id="ban_time" value="' . htmlspecialchars(postval("time", ess::$b->date->get($info['ub_time_expire'])->format("H:i:s"))) . '" class="styled w80" /> </dd> <dt>Begrunnelse for endring</dt> <dd><textarea name="log_change" cols="30" rows="5">' . htmlspecialchars(postval("log_change")) . '</textarea></dd> <dt>Begrunnelse for blokkering</dt> <dd><textarea name="log_ban" cols="30" rows="5">' . htmlspecialchars(postval("log_ban", $info['ub_reason'])) . '</textarea></dd> <dt>Intern informasjon</dt> <dd><textarea name="note" cols="30" rows="5">' . htmlspecialchars(postval("note", $info['ub_note'])) . '</textarea></dd> <dd> ' . show_sbutton("Lagre endringer", 'name="edit"') . ' ' . show_sbutton("Avbryt") . ' </dd> </dl> </form>'; } elseif (isset($_POST['delete'])) { echo ' <p>Du er i ferd med å fjerne blokkeringen til brukeren.</p> <form action="" method="post"> <dl class="dd_right dl_2x"> <dt>Begrunnelse for fjerning</dt> <dd><textarea name="log" cols="30" rows="5">' . htmlspecialchars(postval("log")) . '</textarea></dd> <form action="" method="post"> <dd> ' . show_sbutton("Fjern", 'name="delete"') . ' ' . show_sbutton("Avbryt") . ' </dd> </form> </dl> </form>'; } else { echo ' <form action="" method="post"> <p> ' . show_sbutton("Endre", 'name="edit"') . ' ' . show_sbutton("Fjern", 'name="delete"') . ' <a href="' . htmlspecialchars(page_min_side::addr(NULL, "b=blokk")) . '" class="button">Tilbake</a> </p> </form>'; } } else { $date_type = isset($_POST['type']) && $_POST['type'] == "abs" ? "abs" : "rel"; $hide_rel = $date_type == "rel" ? '' : ' hide'; $hide_abs = $date_type == "abs" ? '' : ' hide'; echo ' <p>Brukeren har ingen aktiv blokkering.</p> <form action="" method="post"> <input type="hidden" name="date_type" value="' . $date_type . '" /> <dl class="dd_right dl_2x"> <dt class="date_rel' . $hide_rel . '">Varighet (<a href="#" onclick="handleClass(\'.date_abs\', \'.date_rel\', event, this.parentNode.parentNode); $(\'date_type\').value=\'abs\'">velg dato</a>)</dt> <dd class="date_rel' . $hide_rel . '"> <input type="text" name="rel_weeks" class="styled w30 r" style="width: 10px" value="' . intval(postval("rel_weeks")) . '" maxlength="1" /> uker <input type="text" name="rel_days" class="styled w30 r" style="width: 10px" value="' . intval(postval("rel_days")) . '" maxlength="1" /> dager <input type="text" name="rel_hours" class="styled w30 r" style="width: 17px" value="' . intval(postval("rel_hours")) . '" maxlength="2" /> timer <input type="text" name="rel_mins" class="styled w30 r" style="width: 17px" value="' . intval(postval("rel_mins")) . '" maxlength="2" /> minutter </dd> <dt class="date_abs' . $hide_abs . '">Til (<a href="#" onclick="handleClass(\'.date_rel\', \'.date_abs\', event, this.parentNode.parentNode); $(\'date_type\').value=\'rel\'">velg varighet</a>)</dt> <dd class="date_abs' . $hide_abs . '"> Dato: <input type="text" name="abs_date" value="' . htmlspecialchars(postval("abs_date", ess::$b->date->get()->format("Y-m-d"))) . '" class="styled w80" /> <input type="text" name="abs_time" value="' . htmlspecialchars(postval("abs_time", ess::$b->date->get()->format("H:i:s"))) . '" class="styled w60" /> </dd> <dt>Begrunnelse</dt> <dd><textarea name="log" cols="30" rows="5">' . htmlspecialchars(postval("log")) . '</textarea></dd> <dt>Intern informasjon</dt> <dd><textarea name="note" cols="30" rows="5">' . htmlspecialchars(postval("note")) . '</textarea></dd> <dd> ' . show_sbutton("Legg til blokkering", 'name="add"') . ' <a href="' . htmlspecialchars(page_min_side::addr(NULL, "a=blokk")) . '" class="button">Tilbake</a> </dd> </dl> </form>'; } echo ' </div> </div>'; } else { // filtrer ut de blokkeringene vi har tilgang til å sette $types = blokkeringer::$types; $links = array(); foreach ($types as $id => $type) { if (!access::has($type['access'])) { continue; } $links[$type['title']] = ' <li><a href="' . htmlspecialchars(page_min_side::addr(NULL, "b=blokk&t={$id}")) . '" title="' . htmlspecialchars($type['description']) . '">' . htmlspecialchars($type['title']) . '</a></li>'; } // sorter ksort($links); $links = implode('', $links); // vis oversikt echo ' <div class="bg1_c" style="width: 350px"> <h1 class="bg1">Blokkeringer<span class="left2"></span><span class="right2"></span></h1> <div class="bg1"> <p>Velg type:</p>'; if ($links == '') { echo ' <p>Du har ikke tilgang til noen blokkeringstyper.</p>'; } else { echo ' <ul>' . $links . ' </ul>'; } echo ' </div> </div>'; // hent alle aktive blokkeringer $result = \Kofradia\DB::get()->query("SELECT ub_type, ub_time_expire, ub_reason FROM users_ban WHERE ub_u_id = " . page_min_side::$active_user->id . " AND ub_time_expire > " . time() . " ORDER BY ub_time_expire"); if ($result->rowCount() > 0) { echo ' <div class="bg1_c" style="width: 350px"> <h1 class="bg1">Aktive blokkeringer<span class="left2"></span><span class="right2"></span></h1> <div class="bg1"> <table class="table tablem" style="width: 100%"> <thead> <tr> <th>Type</th> <th>Dato</th> <th>Begrunnelse</th> </tr> </thead> <tbody>'; $i = 0; while ($row = $result->fetch()) { $type = blokkeringer::get_type($row['ub_type']); $access = access::has($type['access']); echo ' <tr' . (++$i % 2 == 0 ? ' class="color"' : '') . '> <td>' . ($access ? '<a href="' . htmlspecialchars(page_min_side::addr(NULL, "b=blokk&t={$row['ub_type']}")) . '">' : '') . htmlspecialchars($type['title']) . ($access ? '</a>' : '') . '</td> <td> ' . ess::$b->date->get($row['ub_time_expire'])->format(date::FORMAT_SEC) . '<br /> (' . game::timespan($row['ub_time_expire'], game::TIME_ABS | game::TIME_ALL, 5) . ') </td> <td>' . game::format_data($row['ub_reason'], "bb-opt", "Ingen begrunnelse gitt.") . '</td> </tr>'; } echo ' </tbody> </table> </div> </div>'; } } } elseif ($subpage2 == "send_email") { ess::$b->page->add_title("Send e-post"); // har tekst? $show_form = true; if (isset($_POST['text']) && !isset($_POST['edit'])) { $subject = trim(postval("subject")); $text = trim(postval("text")); // mangler emne? if (empty($subject)) { ess::$b->page->add_message("Du må fylle ut emnefeltet.", "error"); } elseif (empty($text)) { ess::$b->page->add_message("Du må fylle ut innholdet.", "error"); } else { $email_subject = $subject; $email_text = $text . "\n\n--\n" . login::$user->player->data['up_name'] . "\nwww.kofradia.no\n\nDenne meldingen ble sendt til " . page_min_side::$active_user->data['u_email'] . " som tilhører " . page_min_side::$active_player->data['up_name']; // godkjent? if (isset($_POST['send'])) { // send e-posten $email = new email(); $email->text = $email_text; $email->headers['BCC'] = "*****@*****.**"; $email->headers['Reply-To'] = "*****@*****.**"; $email->send(page_min_side::$active_user->data['u_email'], $email_subject); // legg til crewlogg crewlog::log("user_send_email", page_min_side::$active_player->id, NULL, array("email" => page_min_side::$active_user->data['u_email'], "email_subject" => $email_subject, "email_content" => $email_text)); ess::$b->page->add_message("E-posten ble sendt til " . htmlspecialchars(page_min_side::$active_user->data['u_email']) . "."); redirect::handle(page_min_side::addr("")); } echo ' <div class="bg1_c" style="width: 400px"> <h1 class="bg1">Send e-post<span class="left2"></span><span class="right2"></span></h1> <div class="bg1"> <p><b>Mottaker:</b> ' . htmlspecialchars(page_min_side::$active_user->data['u_email']) . '</p> <p><b>Emne:</b> ' . htmlspecialchars($email_subject) . '</p> <p style="font-family: monospace">' . nl2br(htmlspecialchars($email_text)) . '</p> <form action="" method="post"> <input type="hidden" id="email_subject" name="subject" value="' . htmlspecialchars($subject) . '" /> <input type="hidden" id="email_text" name="text" value="' . htmlspecialchars($text) . '" /> <p>' . show_sbutton("Send e-posten", 'name="send"') . ' ' . show_sbutton("Tilbake / endre", 'name="edit"') . '</p> </form> </div> </div>'; $show_form = false; } } if ($show_form) { ess::$b->page->add_js_domready('$("email_subject").focus();'); echo ' <div class="bg1_c" style="width: 400px"> <h1 class="bg1">Send e-post<span class="left2"></span><span class="right2"></span></h1> <div class="bg1"> <boxes /> <p>Her sender du e-post til brukeren på vegne av Kofradia. Avsender vil være den normale avsendere all e-post fra Kofradia blir sendt fra.</p> <form action="" method="post"> <dl class="dd_right dl_2x"> <dt>Mottaker</dt> <dd>' . htmlspecialchars(page_min_side::$active_user->data['u_email']) . '</dd> <dt>Emne</dt> <dd><input type="text" value="' . htmlspecialchars(postval("subject")) . '" name="subject" id="email_subject" class="styled w200" /></dd> <dt>Innhold</dt> <dd><textarea name="text" id="email_text" cols="50" rows="10">' . htmlspecialchars(postval("text", "Hei,\n\n")) . '</textarea></dd> <dd>' . show_sbutton("Forhåndsvis / fortsett") . '</dd> </dl> </form> </div> </div>'; } } elseif ($subpage2 == "warning") { ess::$b->page->add_title("Gi advarsel til brukeren"); $types = crewlog::$user_warning_types; // legge til advarsel? if (isset($_POST['log'])) { $log = trim(postval("log")); $note = trim(postval("note")); $type = postval("type"); $priority = (int) postval("priority"); $notify = isset($_POST['notify']); if (empty($log) || empty($note)) { ess::$b->page->add_message("Både begrunnelse og intern informasjon må fylles ut.", "error"); } elseif (!isset($types[$type])) { ess::$b->page->add_message("Ugyldig kategori.", "error"); } elseif ($priority < 1 || $priority > 3) { ess::$b->page->add_message("Ugylig alvorlighet.", "error"); } else { $data = array("type" => $types[$type], "note" => $note, "priority" => $priority); // legge til spillerlogg? if ($notify) { $data['notified'] = 1; $data['notified_id'] = player::add_log_static(gamelog::$items['advarsel'], urlencode($types[$type]) . ':' . urlencode($log), NULL, page_min_side::$active_player->id); ess::$b->page->add_message("Advarselen ble lagret. Brukeren ble informert."); } else { ess::$b->page->add_message("Advarselen ble lagret. Du har ikke informert brukeren om denne advarselen."); } // legg til advarselen crewlog::log("user_warning", page_min_side::$active_player->id, $log, $data); redirect::handle(); } } echo ' <div class="bg1_c" style="width: 400px"> <h1 class="bg1">Gi advarsel til brukeren<span class="left2"></span><span class="right2"></span></h1> <div class="bg1"> <form action="" method="post"> <boxes /> <p>Dette kan benyttes som et verktøy for å gi advarsler til brukere. Det kan velges om brukeren skal motta advarselen eller ikke. Hvis man ikke velger å informere brukeren om noe, blir det alikevel søkbart i crewloggen for brukeren.</p> <p>Alvorligheten av advarselen blir benyttet for å automatisere en poengsum brukeren får avhengig av antall advarseler. En advarsel med høy alvorlighet varer lenger og teller mer enn en med lav alvorlighet.</p> <dl class="dd_right"> <dt>Kategori</dt> <dd> <select name="type">'; $type = isset($_POST['type']) && isset($types[$_POST['type']]) ? intval($_POST['type']) : false; if ($type === false) { echo ' <option value="">Velg ..</option>'; } foreach ($types as $key => $row) { echo ' <option value="' . $key . '"' . ($key === $type ? ' selected="selected"' : '') . '>' . htmlspecialchars($row) . '</option>'; } echo ' </select> </dd> <dt>Alvorlighet/prioritet</dt> <dd> <select name="priority">'; $priority = isset($_POST['priority']) && is_numeric($_POST['priority']) && $_POST['priority'] >= 1 && $_POST['priority'] <= 3 ? $_POST['priority'] : 2; echo ' <option value="1"' . ($priority == 1 ? ' selected="selected"' : '') . '>Lav</option> <option value="2"' . ($priority == 2 ? ' selected="selected"' : '') . '>Moderat</option> <option value="3"' . ($priority == 3 ? ' selected="selected"' : '') . '>Høy</option> </select> </dd> </dl> <p>Begrunnelse:</p> <p><textarea name="log" rows="10" cols="30" style="width: 98%">' . htmlspecialchars(postval("log")) . '</textarea></p> <p>Intern informasjon:</p> <p><textarea name="note" rows="10" cols="30" style="width: 98%">' . htmlspecialchars(postval("note")) . '</textarea></p> <p><input type="checkbox" name="notify"' . ($_SERVER['REQUEST_METHOD'] == "POST" && !isset($_POST['notify']) ? '' : ' checked="checked"') . ' id="warning_notify" /><label for="warning_notify"> Gi brukeren informasjon om denne advarselen. Kun kategori og begrunnelse vil bli oppgitt til brukeren som en logg i hendelser.</label></p> <p class="c">' . show_sbutton("Lagre") . '</p> </form> </div> </div>'; // analyser advarsler $lca_id = crewlog::$actions['user_warning'][0]; $pagei = new pagei(pagei::ACTIVE_GET, "side", pagei::PER_PAGE, 15); $result = $pagei->query("\n\t\t\t\tSELECT lc_id, lc_up_id, lc_time, lc_log, lcd_data_int\n\t\t\t\tFROM log_crew\n\t\t\t\t\tJOIN users_players ON lc_a_up_id = up_id AND up_u_id = " . page_min_side::$active_user->id . "\n\t\t\t\t\tLEFT JOIN log_crew_data ON lcd_lc_id = lc_id AND lcd_lce_id = 5\n\t\t\t\tWHERE lc_lca_id = {$lca_id} AND (lcd_data_int IS NULL OR lcd_data_int = 0)\n\t\t\t\tORDER BY lc_time DESC"); $data = array(); while ($row = $result->fetch()) { $data[$row['lc_id']] = $row; } // sett opp data $data = crewlog::load_summary_data($data); echo ' <div class="bg1_c ' . (count($data) == 0 ? 'xsmall' : 'medium') . '"> <h1 class="bg1">Tidligere advarsler<span class="left2"></span><span class="right2"></span></h1> <div class="bg1">'; if (count($data) == 0) { echo ' <p>Brukeren har ingen tidligere advarsler.</p>'; } else { ess::$b->page->add_css(' .advarsel { border: 1px solid #292929; margin: 10px 0; padding: 0 10px }'); foreach ($data as $row) { $priority = $row['data']['priority'] == 1 ? "lav" : ($row['data']['priority'] == 2 ? "moderat" : "høy"); echo ' <div class="advarsel"> <p><b>' . ess::$b->date->get($row['lc_time'])->format() . '</b>: ' . $row['data']['type'] . ' (alvorlighet: <b>' . $priority . '</b>):</p> <ul> <li>' . game::format_data($row['lc_log']) . '</li> <li>Internt notat: ' . game::format_data($row['data']['note']) . '</li> </ul> <p>' . (empty($row['data']['notified']) ? 'Ble IKKE varslet.' : 'Ble varslet.') . ' Av <user id="' . $row['lc_up_id'] . '" /></p> </div>'; } echo ' <p class="c">' . $pagei->pagenumbers() . '</p>'; } echo ' </div> </div>'; } elseif ($subpage2 == "enote") { ess::$b->page->add_title("Endre notat for bruker"); // lagre endringer? if (isset($_POST['notat'])) { $notat = postval("notat"); if ($notat == page_min_side::$active_user->data['u_note_crew']) { ess::$b->page->add_message("Ingen endringer ble utført.", "error"); } else { \Kofradia\DB::get()->exec("UPDATE users SET u_note_crew = " . \Kofradia\DB::quote($notat) . " WHERE u_id = " . page_min_side::$active_user->id); // legg til crewlogg crewlog::log("user_note_crew", page_min_side::$active_player->id, NULL, array("note_old" => page_min_side::$active_user->data['u_note_crew'], "note_diff" => diff::make(page_min_side::$active_user->data['u_note_crew'], $notat))); ess::$b->page->add_message("Notatet ble endret."); redirect::handle(); } } echo ' <div class="bg1_c" style="width: 400px"> <h1 class="bg1">Endre crewnotat for bruker<span class="left2"></span><span class="right2"></span></h1> <div class="bg1"> <form action="" method="post"> <p>Dette endrer notatet som er tilknyttet brukeren. Du kan også tilknytte <a href="' . htmlspecialchars(page_min_side::addr(NULL, "b=enote", "player")) . '">informasjon til spilleren</a>, hvis det heller er ønskelig.</p> <p>Notat:</p> <p><textarea name="notat" rows="10" cols="30" style="width: 98%">' . htmlspecialchars(page_min_side::$active_user->data['u_note_crew']) . '</textarea></p> <p class="c">' . show_sbutton("Lagre") . '</p> </form> </div> </div>'; } elseif ($subpage2 == "level" && access::has("admin")) { // nivåer man kan bytte til static $levels = array(1 => "Vanlig bruker", 14 => "Skjult nostat (crewtilgang)", -4 => "Ressurs", 12 => "Ressurs (nostat)", 13 => "Utvikler", 4 => "Forummoderator", 6 => "Forummoderator (nostat)", 5 => "Moderator", 11 => "Seniormoderator"); if (access::has("sadmin")) { $levels[7] = "Administrator"; } if (access::has("sadmin")) { $levels[8] = "Superadministrator"; } // kan vi ikke endre brukernivået til denne brukeren? if (!isset($levels[page_min_side::$active_user->data['u_access_level']])) { ess::$b->page->add_message("Du har ikke rettigheter til å endre tilgangsnivået til denne brukeren.", "error"); redirect::handle(page_min_side::addr()); } // endre brukernivå? if (isset($_POST['level'])) { $level = intval($_POST['level']); $log = trim(postval("log")); // samme brukernivå? if ($level == page_min_side::$active_user->data['u_access_level']) { ess::$b->page->add_message("Du må velge et nytt tilgangsnivå.", "error"); } elseif (!isset($levels[$level])) { ess::$b->page->add_message("Ugyldig tilgangsnivå."); } elseif (empty($log)) { ess::$b->page->add_message("Mangler begrunnelse."); } else { // endre tilgangsnivå $old = page_min_side::$active_user->data['u_access_level']; if (page_min_side::$active_user->change_level($level, isset($_POST['no_update_up']))) { // e-post logg sysreport::log("Endring av tilgangsnivå: " . login::$user->player->data['up_name'] . " endret tilgangsnivået til " . page_min_side::$active_user->data['u_email'] . " (" . page_min_side::$active_player->data['up_name'] . ") fra {$levels[$old]} til {$levels[$level]} {$__server['path']}/min_side?u_id=" . page_min_side::$active_user->id . "\n\nBegrunnelse: " . strip_tags(game::format_data($log)), "Kofradia: Endring av tilgangsnivå for " . page_min_side::$active_user->data['u_email'] . " (" . page_min_side::$active_player->data['up_name'] . ")"); // finn totalt beløp spilleren har $result = \Kofradia\DB::get()->query("SELECT up_cash + up_bank FROM users_players WHERE up_id = " . page_min_side::$active_player->id); $money = $result->fetchColumn(0); // crewlogg $data = array("level_old" => $old, "level_old_text" => $levels[$old], "level_new" => $level, "level_new_text" => $levels[$level], "money" => $money, "points" => page_min_side::$active_player->data['up_points']); if (page_min_side::$active_player->active && !isset($_POST['no_update_up'])) { $data['up_id'] = page_min_side::$active_player->id; } crewlog::log("user_level", page_min_side::$active_player->id, $log, $data); putlog("CREWCHAN", "%bEndring av tilgangsnivå%b: " . login::$user->player->data['up_name'] . " endret tilgangsnivået til " . page_min_side::$active_user->data['u_email'] . " (" . page_min_side::$active_player->data['up_name'] . ") fra {$levels[$old]} til {$levels[$level]} {$__server['path']}/min_side?u_id=" . page_min_side::$active_user->id); ess::$b->page->add_message('Tilgangsnivået ble endret fra <b>' . htmlspecialchars($levels[$old]) . '</b> til <b>' . htmlspecialchars($levels[$level]) . '</b>.'); } else { ess::$b->page->add_message("Tilgangsnivået kunne ikke endres.", "error"); } redirect::handle(); } } echo ' <div class="bg1_c" style="width: 350px"> <h1 class="bg1">Endre tilgangsnivå for bruker<span class="left2"></span><span class="right2"></span></h1> <div class="bg1">' . (page_min_side::$active_player->active ? ' <p>Dette vil automatisk berøre spilleren ' . page_min_side::$active_player->profile_link() . '.<p>' : ' <p>Dette vil kun ha innvirkning på brukeren, siden det ikke er noen aktiv spiller.</p>') . ' <form action="" method="post"> <dl class="dd_right"> <dt>Nåværende tilgangsnivå</dt> <dd>' . $levels[page_min_side::$active_user->data['u_access_level']] . '</dd> <dt>Nytt tilgangsnivå</dt> <dd> <select name="level">'; $level = intval(postval("level", page_min_side::$active_user->data['u_access_level'])); foreach ($levels as $id => $name) { echo ' <option value="' . $id . '"' . ($level == $id ? ' selected="selected"' : '') . '>' . htmlspecialchars($name) . '</option>'; } echo ' </select> </dd> <dt>Begrunnelse</dt> <dd><textarea name="log" id="log" cols="30" rows="5">' . htmlspecialchars(postval("log")) . '</textarea></dd> </dl>' . (page_min_side::$active_player->active ? ' <p><input type="checkbox" id="no_update_up" name="no_update_up"' . (isset($_POST['no_update_up']) ? ' checked="checked"' : '') . ' /><label for="no_update_up"> Ikke oppdater det visuelle tilgangsnivået til ' . page_min_side::$active_player->profile_link() . '</label></p>' : '') . ' <p class="c">' . show_sbutton("Endre tilgangsnivå") . '</p> </form> </div> </div>'; } elseif ($subpage2 == "banka" && access::has("mod")) { // lagre nytt passord if (isset($_POST['bank_auth'])) { $bank_auth = postval("bank_auth"); $log = trim(postval("log")); // for kort? if (mb_strlen($bank_auth) < 6) { ess::$b->page->add_message("Passordet må inneholde minst 6 tegn.", "error"); } elseif (password::verify_hash($bank_auth, page_min_side::$active_user->data['u_bank_auth'], 'bank_auth')) { ess::$b->page->add_message("Passordet er det samme som nåværende.", "error"); } elseif ($log == "") { ess::$b->page->add_message("Mangler begrunnelse.", "error"); } else { $newpass = password::hash($bank_auth, null, 'bank_auth'); \Kofradia\DB::get()->exec("UPDATE users SET u_bank_auth = " . \Kofradia\DB::quote($newpass) . " WHERE u_id = " . page_min_side::$active_user->id); // crewlogg crewlog::log("user_bank_auth", page_min_side::$active_player->id, $log, array("pass_old" => page_min_side::$active_user->data['u_bank_auth'], "pass_new" => $newpass)); ess::$b->page->add_message("Bankpassordet ble endret."); redirect::handle(); } } ess::$b->page->add_title("Endre bankpassord"); echo ' <div class="bg1_c" style="width: 350px"> <h1 class="bg1">Endre bankpassord<span class="left2"></span><span class="right2"></span></h1> <div class="bg1"> <form action="" method="post" autocomplete="off"> <dl class="dd_right"> <dt>Nytt bankpassord</dt> <dd><input type="password" id="bank_auth" class="styled w120" /></dd> <dt>Begrunnelse for endring</dt> <dd><textarea name="log" id="log" cols="30" rows="5">' . htmlspecialchars(postval("log")) . '</textarea></dd> </dl> <p class="c">' . show_sbutton("Lagre") . '</p> </form> </div> </div>'; } elseif ($subpage2 == "phone" && access::has("mod")) { // lagre nytt nummer? if (isset($_POST['phone'])) { $phone = postval("phone"); $log = trim(postval("log")); if (!preg_match("/^47\\d{8}\$/Du", $phone) && $phone != "") { ess::$b->page->add_message("Ugyldig telefonnummer. Må bestå av 10 tall inkludert 47 først.", "error"); } else { // kontroller at nummeret ikke er lagt inn fra før $result = \Kofradia\DB::get()->query("SELECT u_id, u_email, up_id, up_name, up_access_level FROM users, users_players WHERE u_phone = " . \Kofradia\DB::quote($phone) . " AND u_id != " . page_min_side::$active_user->id . " AND up_id = u_active_up_id LIMIT 1"); if ($result->rowCount() > 0) { $row = $result->fetch(); ess::$b->page->add_message('Nummeret er allerede i bruk av <a href="min_side?u_id=' . $row['u_id'] . '">' . htmlspecialchars($row['u_email']) . '</a> (' . game::profile_link($row['up_id'], $row['up_name'], $row['up_access_level']) . ').', "error"); } elseif ($phone == page_min_side::$active_user->data['u_phone']) { ess::$b->page->add_message("Nummeret er det samme som nåværende nummer.", "error"); } elseif ($log == "") { ess::$b->page->add_message("Mangler logg melding."); } else { // lagre nytt nummer \Kofradia\DB::get()->exec("UPDATE users SET u_phone = " . \Kofradia\DB::quote($phone) . " WHERE u_id = " . page_min_side::$active_user->id); crewlog::log("user_phone", page_min_side::$active_player->id, $log, array("phone_old" => page_min_side::$active_user->data['u_phone'], "phone_new" => $phone)); ess::$b->page->add_message('Mobilnummeret ble endret fra <b>' . (empty(page_min_side::$active_user->data['u_phone']) ? 'tomt' : htmlspecialchars(page_min_side::$active_user->data['u_phone'])) . '</b> til <b>' . (empty($phone) ? 'tomt' : $phone) . '</b>.'); } } } ess::$b->page->add_title("Endre mobilnummer"); echo ' <div class="bg1_c" style="width: 350px"> <h1 class="bg1">Endre mobilnummer<span class="left2"></span><span class="right2"></span></h1> <div class="bg1"> <p>Her endrer du mobilnummeret til brukeren. Dette kan bli brukt til å sende ut forskjellig informasjon.</p> <form action="" method="post"> <dl class="dd_right dl_2x"> <dt>Nåværende nummer</dt> <dd>' . (empty(page_min_side::$active_user->data['u_phone']) ? 'Tomt' : htmlspecialchars(page_min_side::$active_user->data['u_phone'])) . '</dd> <dt>Nytt nummer</dt> <dd><input type="text" maxlength="10" value="' . htmlspecialchars(postval("phone", page_min_side::$active_user->data['u_phone'])) . '" name="phone" class="styled w80" /></dd> <dt>Begrunnelse for endring</dt> <dd><textarea name="log" cols="30" rows="5">' . htmlspecialchars(postval("log")) . '</textarea></dd> </dl> <p class="c">' . show_sbutton("Lagre") . '</p> </form> </div> </div>'; } elseif ($subpage2 == "birth" && access::has("mod")) { // lagre ny fødselsdato? if (isset($_POST['birth_day']) && isset($_POST['birth_month']) && isset($_POST['birth_year'])) { $birth = postval("birth"); // sjekk fødselsdato $birth_day = intval(postval("birth_day")); $birth_month = intval(postval("birth_month")); $birth_year = intval(postval("birth_year")); $date = ess::$b->date->get(); $n_day = $date->format("j"); $n_month = $date->format("n"); $n_year = $date->format("Y"); $age = $n_year - $birth_year - ($n_month < $birth_month || $birth_month == $n_month && $n_day < $birth_day ? 1 : 0); $birth = $birth_year . "-" . str_pad($birth_month, 2, "0", STR_PAD_LEFT) . "-" . str_pad($birth_day, 2, "0", STR_PAD_LEFT); // sjekk om fødselsdatoen er gyldig $birth_date = ess::$b->date->get(); $birth_date->setDate($birth_year, $birth_month, $birth_day); $birth_valid = $birth_date->format("Y-m-d") == $birth; $log = trim(postval("log")); // ugyldig dag? if ($birth_day < 0 || $birth_day > 31) { ess::$b->page->add_message("Du må velge en gyldig dag.", "error"); } elseif ($birth_month < 0 || $birth_month > 12) { ess::$b->page->add_message("Du må velge en gyldig måned.", "error"); } elseif (($birth_year < 1900 || $birth_year > $n_year) && $birth_year !== 0) { ess::$b->page->add_message("Du må velge et gyldig år.", "error"); } elseif (!$birth_valid && $birth !== '0-00-00') { ess::$b->page->add_message("Datoen du fylte inn for fødselsdatoen din eksisterer ikke."); } elseif ($birth == page_min_side::$active_user->data['u_birth']) { ess::$b->page->add_message("Fødselsdatoen ble ikke endret.", "error"); } elseif ($log == "") { ess::$b->page->add_message("Mangler begrunnelse.", "error"); } else { // oppdater \Kofradia\DB::get()->exec("UPDATE users SET u_birth = " . \Kofradia\DB::quote($birth) . " WHERE u_id = " . page_min_side::$active_user->id); // legg til crewlogg crewlog::log("user_birth", page_min_side::$active_player->id, $log, array("birth_old" => page_min_side::$active_user->data['u_birth'], "birth_new" => $birth)); // alder if ($age < 13) { ess::$b->page->add_message("Fødselsdatoen ble satt til <b>{$birth}</b> ({$age} år). Brukeren oppfyller <u>ikke</u> kravet om alder jf. betingelsene."); } else { ess::$b->page->add_message("Fødselsdatoen ble satt til <b>{$birth}</b> ({$age} år)."); } redirect::handle(); } } $birth = explode("-", page_min_side::$active_user->data['u_birth']); $birth_day = isset($birth[2]) ? intval($birth[2]) : 0; $birth_month = isset($birth[1]) ? intval($birth[1]) : 0; $birth_year = isset($birth[0]) ? intval($birth[0]) : 0; ess::$b->page->add_title("Endre fødselsdato"); echo ' <div class="bg1_c" style="width: 350px"> <h1 class="bg1">Endre fødselsdato<span class="left2"></span><span class="right2"></span></h1> <div class="bg1"> <form action="" method="post"> <dl class="dd_right dl_2x"> <dt>Nåværende fødselsdato</dt> <dd>' . (empty(page_min_side::$active_user->data['u_birth']) ? 'Ikke registrert' : htmlspecialchars(page_min_side::$active_user->data['u_birth'])) . '</dd> <dt>Ny fødselsdato</dt> <dd> <select name="birth_day"> <option value="">Dag</option> <option value="0">0</option>'; $active = postval("birth_day", $birth_day); for ($i = 1; $i <= 31; $i++) { echo ' <option value="' . $i . '"' . ($i == $active ? ' selected="selected"' : '') . '>' . $i . '</option>'; } echo ' </select> <select name="birth_month"> <option value="">Måned</option> <option value="0">Tom</option>'; $active = postval("birth_month", $birth_month); for ($i = 1; $i <= 12; $i++) { echo ' <option value="' . $i . '"' . ($i == $active ? ' selected="selected"' : '') . '>' . ucfirst($_lang['months'][$i]) . '</option>'; } echo ' </select> <select name="birth_year"> <option value="">År</option> <option value="0">0000</option>'; $active = postval("birth_year", $birth_year); for ($i = ess::$b->date->get()->format("Y"); $i >= 1900; $i--) { echo ' <option value="' . $i . '"' . ($i == $active ? ' selected="selected"' : '') . '>' . $i . '</option>'; } echo ' </select> </dd> <dt>Begrunnelse for endring</dt> <dd><textarea name="log" id="log" cols="30" rows="5">' . htmlspecialchars(postval("log")) . '</textarea></dd> </dl> <p class="c">' . show_sbutton("Lagre") . '</p> </form> </div> </div>'; } }
} /* leave this month alone */ if ($month === $nmonth) { return false; } if ($month < $nmonth) { /* we'll always keep the first of every month */ if ($day === '01') { return false; } /* we keep weeklies for 3 months */ if ($month > $nmonth - 3 && in_array($day, $wdays)) { return false; } /* we've filtered out what's to be kept */ return true; } /* return anything we don't know about */ return false; } if ($dir = @opendir("/local/backup")) { while (($file = readdir($dir)) !== false && ($file != '.' || $file != '..')) { $str = str_replace('mirrors.', '', $file); $str = str_replace('repository.', '', $str); $str = str_replace('.tar.bz2', '', $str); if (check_date($str)) { `rm -f /local/backup/{$file}`; } } closedir($dir); }
$u_id = login::$user->id; $up_name = login::$user->player->data['up_name']; if (isset($_GET['up_id']) && access::has("mod")) { $up_id = (int) getval("up_id"); $result = \Kofradia\DB::get()->query("SELECT up_u_id, up_id, up_name FROM users_players WHERE up_id = {$up_id}"); if ($result->rowCount() == 0) { ajax::text("ERROR:UP-404", ajax::TYPE_404); } $row = $result->fetch(); $u_id = $row['up_u_id']; $up_name = $row['up_name']; } // annen måned? $date = $_base->date->get(); if (isset($_GET['date'])) { $d = check_date($_GET['date'], "%y4%m"); if (!$d) { die("Invalid date."); } $date->setDate($d[1], $d[2], 1); } // finn tidspunkter $date->setDate($date->format("Y"), $date->format("n"), 1); $date->setTime(0, 0, 0); $time_from = $date->format("U"); $date->modify("+1 month -1 sec"); $time_to = $date->format("U"); // sett opp timestatistikk $days = $date->format("t"); $month = $date->format(date::FORMAT_MONTH); $stats = array();
$comment = trim(substr($comment, 9)); } break; // case FM // case FM case "CSV": $count++; if ($count == 1) { // Skip header row continue; } $id = $count - 1; // 0 Date Time, 1 From, 2 To,3 Flight_Number, 4 Airline_Code, 5 Distance, 6 Duration, 7 Seat, 8 Seat_Type, 9 Class // 10 Reason, 11 Plane, 12 Registration, 13 Trip, 14 Note, 15 From_Code, 16 To_Code, 17 Airline_Code, 18 Plane_Code $datetime = explode(' ', $row[0]); list($src_date, $date_bgcolor) = check_date($db, $fileType, $datetime[0]); $src_time = $datetime[1]; if (!$src_time) { $src_time = ""; } $src_iata = $row[1]; $src_apid = $row[15]; if ($src_apid) { $src_iata = "<small>ID {$src_apid}</small>"; $src_bgcolor = "#fff"; $id_note = true; } else { list($src_apid, $src_iata, $src_bgcolor) = check_airport($db, $src_iata, $src_iata); } $dst_iata = $row[2]; $dst_apid = $row[16];
<?php if ($_POST['banner_from'] == '' || $_POST['banner_end_date'] == '' || !(date('m/d/Y', strtotime($_POST['banner_from'])) < date('m/d/Y', strtotime($_POST['banner_end_date'])))) { $feedback = "Invalid date"; $time = $test = 0; } else { $time = check_date($records, $_POST['banner_from'], $_POST['banner_end_date']); $feedback = $time == 1 ? "Your Banner is granted" : " Banner Bord is unavailable for your Time"; $test = 1; } ?> <div><?php echo $feedback; ?> </div> <?php if ($time) { ?> <div class="form-actions" id="save_banner"> <input id="save" type="submit" name="save" class="btn btn-primary" value="<?php echo lang('banner_action_create'); ?> " /> <?php echo lang('bf_or'); ?> <?php echo anchor(SITE_AREA . '/content/banner', lang('banner_cancel'), 'class="btn btn-warning"'); ?>
/** * Get the variables for a task from the command line. This function is used when * adding/updating a task * * @param bool Specify that we're getting the variables for adding a task and not updating * @return array */ function get_task_params($adding = false) { global $PARAMS, $SOAP, $LOG; $group_id = get_working_group($PARAMS); $ret = array(); $ret["data"] = array(); $ret["desc"] = array(); $updating = !$adding; // we're updating if and only if we're not adding $group_project_id = get_parameter($PARAMS, "group", true); if (!$group_project_id || !is_numeric($group_project_id)) { exit_error("You must specify the group ID as a valid number"); } // Force the input of the task ID only if we're updating if ($updating) { if (!($project_task_id = get_parameter($PARAMS, "id", true))) { $project_task_id = get_user_input("ID of the task to modify: "); } if (!$project_task_id || !is_numeric($project_task_id)) { exit_error("You must specify the task ID as a valid number"); } // check the task ID is valid $tasks = $SOAP->call("getProjectTasks", array("group_id" => $group_id, "group_project_id" => $group_project_id, "assigned_to" => "", "status" => "", "category" => "", "group" => "")); if ($error = $SOAP->getError()) { $LOG->add($SOAP->responseData); exit_error($error, $SOAP->faultcode); } $original_data = array(); foreach ($tasks as $task) { if ($task["project_task_id"] == $project_task_id) { $original_data = $task; $original_summary = $task["summary"]; break; } } // The task wasn't found if (count($original_data) == 0) { exit_error("The task #" . $project_task_id . " doesn't exist"); } } // Check the summary if (!($summary = get_parameter($PARAMS, "summary")) && $adding) { $summary = get_user_input("Summary for this task: "); } $summary = trim($summary); if ($adding && !$summary) { // Summary is required only if adding an artifact exit_error("You must specify a summary for this item"); } // Check the details if (!($details = get_parameter($PARAMS, "details")) && $adding) { $details = get_user_input("Details for this task: "); } $details = trim($details); if ($adding && !$details) { exit_error("You must specify a detail for this item"); } // Check the priority if (!($priority = get_parameter($PARAMS, "priority", true)) && $adding) { // set a default value (only if adding) $priority = 3; } if (!is_null($priority) && (!is_numeric($priority) || $priority < 1 || $priority > 5)) { exit_error("The priority must be a number between 1 and 5"); } // Check the estimated hours if (!($hours = get_parameter($PARAMS, "hours", true)) && $adding) { // set a default value (only if adding) exit_error("You must define the estimated hours with the --hours parameter"); } if (!is_null($hours) && !is_numeric($hours)) { exit_error("The estimated hours must be a valid number"); } // Check the start date $start_date = get_parameter($PARAMS, "start_date", true); if ($start_date) { if ($date_error = check_date($start_date)) { exit_error("The starting date is invalid: " . $date_error); } else { $start_date = convert_date($start_date); } } else { if ($adding) { // set a default value (only if adding) $start_date = time(); } } $start_date_desc = strftime("%Y-%m-%d", $start_date); // Check the end date $end_date = get_parameter($PARAMS, "end_date", true); if ($end_date) { if ($date_error = check_date($end_date)) { exit_error("The ending date is invalid: " . $date_error); } else { $end_date = convert_date($end_date); } } else { if ($adding) { // set a default value (only if adding): one week after the starting date $end_date = $start_date + 60 * 60 * 24 * 7; } } $end_date_desc = strftime("%Y-%m-%d", $end_date); // Check the category if (!($category_id = get_parameter($PARAMS, "category", true)) && $adding) { $category_id = 100; // "none" } if ($category_id && !is_numeric($category_id)) { exit_error("The category ID must be a valid number"); } // Check the percent if (!($percent_complete = get_parameter($PARAMS, "percent", true)) && $adding) { // default value if adding $percent_complete = 0; } if (!is_null($percent_complete) && (!is_numeric($percent_complete) || $percent_complete < 0 || $percent_complete > 100 || $percent_complete % 5 != 0)) { exit_error("The percent must be a number divisible by 5 between 0 and 100"); } // Check the status (only if updating) $status_desc = ""; if ($updating) { if ($status_id = get_parameter($PARAMS, "status", true)) { if (strtolower($status_id) == "open" || strtolower($status_id) == "o" || $status_id == STATUS_OPEN) { $status_id = STATUS_OPEN; $status_desc = "Open"; } elseif (strtolower($status_id) == "closed" || strtolower($status_id) == "c" || $status_id == STATUS_CLOSED) { $status_id = STATUS_CLOSED; $status_desc = "Closed"; } else { exit_error("Status must be either " . STATUS_OPEN . " (open) or " . STATUS_CLOSED . " (closed)"); } } } // assigned_to is a list of comma-separated user IDs $assigned_to = get_parameter($PARAMS, "assigned_to", true); if ($assigned_to) { // special value if (strtolower($assigned_to) == "nobody") { $assigned_to = array(100); } else { $assigned_to = split(",", $assigned_to); //check they're all valid ints for ($i = 0; $i < count($assigned_to); $i++) { if (!is_numeric($assigned_to[$i])) { exit_error("The list of users must be a comma-separated list of valid users IDs"); } else { $assigned_to[$i] = intval($assigned_to[$i]); } } } } elseif ($adding) { $assigned_to = array(); } // dependent_on is a list of comma-separated task IDs $dependent_on = get_parameter($PARAMS, "dependent_on", true); if ($dependent_on) { // special value if (strtolower($dependent_on) == "none") { $dependent_on = array(); } else { $dependent_on = split(",", $dependent_on); //check they're all valid ints for ($i = 0; $i < count($dependent_on); $i++) { if (!is_numeric($dependent_on[$i])) { exit_error("The list of dependent tasks must be a comma-separated list of valid task IDs"); } else { $dependent_on[$i] = intval($dependent_on[$i]); } } } } elseif ($adding) { $dependent_on = array(); } else { // if updating, set to null to indicate we don't want any changes $dependent_on = null; } $group_id = get_working_group($PARAMS); // Check for invalid IDs $group_res = $SOAP->call("getGroups", array("group_ids" => array($group_id))); if (count($group_res) == 0) { // Group doesn't exist exit_error("Group " . $group_id . " doesn't exist"); } $group_name = $group_res[0]["group_name"]; $project_group_res = $SOAP->call("getProjectGroups", array("group_id" => $group_id)); if ($error = $SOAP->getError()) { $LOG->add($SOAP->responseData); exit_error($error, $SOAP->faultcode); } $found = false; foreach ($project_group_res as $project_group) { if ($project_group["group_project_id"] == $group_project_id) { $found = true; $group_project_name = $project_group["name"]; break; } } if (!$found) { exit_error("Group #" . $group_project_id . " doesn't exist"); } // check the category_id exists $category_name = ""; if ($category_id && $category_id != 100) { $categories_res = $SOAP->call("getProjectTaskCategories", array("group_id" => $group_id, "group_project_id" => $group_project_id)); if ($error = $SOAP->getError()) { $LOG->add($SOAP->responseData); exit_error($error, $SOAP->faultcode); } $found = false; foreach ($categories_res as $category) { if ($category["category_id"] == $category_id) { $found = true; $category_name = $category["category_name"]; break; } } if (!$found) { exit_error("Category #" . $category_id . " doesn't exist"); } } elseif ($adding) { $category_name = "(none)"; } // check the users IDs $assigned_to_names = ""; if (count($assigned_to) > 0) { $users_res = $SOAP->call("getUsers", array("user_ids" => $assigned_to)); if ($error = $SOAP->getError()) { $LOG->add($SOAP->responseData); exit_error($error, $SOAP->faultcode); } // check all IDs are valid foreach ($assigned_to as $user_id) { $found = false; foreach ($users_res as $user) { if ($user["user_id"] == $user_id) { $found = true; $assigned_to_names .= $user["firstname"] . " " . $user["lastname"] . " (" . $user["user_name"] . "), "; break; } } if (!$found) { exit_error("Invalid user ID: " . $user_id); } } // Remove trailing , $assigned_to_names = preg_replace("/, \$/", "", $assigned_to_names); } elseif ($adding) { $assigned_to_names = "(nobody)"; } // check the dependent tasks $dependent_on_names = ""; if (count($dependent_on) > 0) { $tasks_res = $SOAP->call("getProjectTasks", array("group_id" => $group_id, "group_project_id" => $group_project_id, "assigned_to" => "", "status" => "", "category" => "", "group" => "")); if ($error = $SOAP->getError()) { $LOG->add($SOAP->responseData); exit_error($error, $SOAP->faultcode); } foreach ($dependent_on as $dependent_on_id) { $found = false; foreach ($tasks_res as $task) { if ($task["project_task_id"] == $dependent_on_id) { $found = true; $dependent_on_names .= $task["summary"] . ", "; break; } } if (!$found) { exit_error("Invalid task ID: " . $dependent_on_id); } } // Remove trailing , $dependent_on_names = preg_replace("/, \$/", "", $dependent_on_names); } elseif ($adding || $updating && !is_null($dependent_on)) { $dependent_on_names = "(none)"; } $ret["data"]["group_id"] = $group_id; $ret["data"]["group_project_id"] = $group_project_id; if ($updating) { $ret["data"]["project_task_id"] = $project_task_id; $ret["data"]["original_data"] = $original_data; if ($summary) { $ret["data"]["summary"] = $summary; } if ($details) { $ret["data"]["details"] = $details; } if (!is_null($priority)) { $ret["data"]["priority"] = $priority; } if (!is_null($hours)) { $ret["data"]["hours"] = $hours; } if ($start_date) { $ret["data"]["start_date"] = $start_date; } if ($end_date) { $ret["data"]["end_date"] = $end_date; } if ($category_id) { $ret["data"]["category_id"] = $category_id; } if (!is_null($percent_complete)) { $ret["data"]["percent_complete"] = $percent_complete; } if (count($assigned_to) > 0) { $ret["data"]["assigned_to"] = $assigned_to; } if (!is_null($dependent_on)) { $ret["data"]["dependent_on"] = $dependent_on; } if (!is_null($status_id)) { $ret["data"]["status_id"] = $status_id; } $ret["desc"]["group_name"] = $group_name; $ret["desc"]["group_project_name"] = $group_project_name; $ret["desc"]["original_summary"] = $original_summary; if ($summary) { $ret["desc"]["summary"] = $summary; } if ($priority) { $ret["desc"]["priority"] = $priority; } if (!is_null($hours)) { $ret["desc"]["hours"] = $hours; } if ($start_date) { $ret["desc"]["start_date"] = $start_date_desc; } if ($end_date) { $ret["desc"]["end_date"] = $end_date_desc; } if ($category_name) { $ret["desc"]["category_name"] = $category_name; } if (!is_null($percent_complete)) { $ret["desc"]["percent_complete"] = $percent_complete . "%"; } if ($assigned_to_names) { $ret["desc"]["assigned_to"] = $assigned_to_names; } if ($dependent_on_names) { $ret["desc"]["dependent_on"] = $dependent_on_names; } if ($details) { $ret["desc"]["details"] = $details; } if ($status_desc) { $ret["desc"]["status"] = $status_desc; } } else { $ret["data"]["summary"] = $summary; $ret["data"]["details"] = $details; $ret["data"]["priority"] = $priority; $ret["data"]["hours"] = $hours; $ret["data"]["start_date"] = $start_date; $ret["data"]["end_date"] = $end_date; $ret["data"]["category_id"] = $category_id; $ret["data"]["percent_complete"] = $percent_complete; $ret["data"]["assigned_to"] = $assigned_to; $ret["data"]["dependent_on"] = $dependent_on; $ret["desc"]["group_name"] = $group_name; $ret["desc"]["group_project_name"] = $group_project_name; $ret["desc"]["summary"] = $summary; $ret["desc"]["priority"] = $priority; $ret["desc"]["hours"] = $hours; $ret["desc"]["start_date"] = $start_date_desc; $ret["desc"]["end_date"] = $end_date_desc; $ret["desc"]["category_name"] = $category_name; $ret["desc"]["percent_complete"] = $percent_complete . "%"; $ret["desc"]["assigned_to"] = $assigned_to_names; $ret["desc"]["dependent_on"] = $dependent_on_names; $ret["desc"]["details"] = $details; } return $ret; }
} else { $body = filter_var(check_body(trim($_GET['body'])), FILTER_SANITIZE_STRING); } } else { // no body input $body = ''; } // FROM if (isset($_GET['from']) && !empty($_GET['from'])) { $from = check_date($_GET['from']); } else { $from = ''; } // TO if (isset($_GET['to']) && !empty($_GET['to'])) { $to = check_date($_GET['to']); } else { $to = ''; } // TAGS if (isset($_GET['tag_exp']) && !empty($_GET['tag_exp']) && isset($_GET['type']) && $_GET['type'] === 'experiments') { $tags = filter_var($_GET['tag_exp'], FILTER_SANITIZE_STRING); } elseif (isset($_GET['tag_db']) && !empty($_GET['tag_db']) && isset($_GET['type']) && !empty($_GET['type']) && $_GET['type'] !== 'experiments') { $tags = filter_var($_GET['tag_db'], FILTER_SANITIZE_STRING); } else { $tags = ''; } // STATUS if (isset($_GET['status']) && !empty($_GET['status']) && is_pos_int($_GET['status'])) { $status = $_GET['status']; } else {
//Validation error flag $errflag = false; // CHECKS // ID if (is_pos_int($_POST['item_id'])) { $id = $_POST['item_id']; if (!item_is_in_team($id, $_SESSION['team_id'])) { die(_('This section is out of your reach.')); } } else { $id = ''; $msg_arr[] = _("The id parameter is not valid!"); $errflag = true; } $title = check_title($_POST['title']); $date = check_date($_POST['date']); $body = check_body($_POST['body']); if (!$errflag) { // SQL for editDB $sql = "UPDATE items \n SET title = :title, \n date = :date, \n body = :body, \n userid = :userid \n WHERE id = :id"; $req = $pdo->prepare($sql); $result1 = $req->execute(array('title' => $title, 'date' => $date, 'body' => $body, 'userid' => $_SESSION['userid'], 'id' => $id)); // we add a revision to the revision table $sql = "INSERT INTO items_revisions (item_id, body, userid) VALUES(:item_id, :body, :userid)"; $req = $pdo->prepare($sql); $result2 = $req->execute(array('item_id' => $id, 'body' => $body, 'userid' => $_SESSION['userid'])); // Check if insertion is successful if ($result1 && $result2) { header("location: ../database.php?mode=view&id=" . $id); } else { $errflag = true;
if (isset($_POST['up_id'])) { $up_id = empty($_POST['up_id']) ? false : intval($_POST['up_id']); $player = false; if ($up_id) { // kontroller at brukeren finnes $result = \Kofradia\DB::get()->query("SELECT up_id, up_name, u_email, up_access_level FROM users_players, users WHERE up_id = {$up_id} AND up_u_id = u_id"); if ($result->rowCount() == 0) { $_base->page->add_error("Fant ikke brukeren."); redirect::handle(); } $player = $result->fetch(); } // registrere donasjon? if (isset($_POST['time']) && isset($_POST['amount']) && !isset($_POST['edit'])) { // kontroller dato $date = check_date($_POST['time']); // d.m.y H:i:s if ($date) { $time = $_base->date->get(); $time->setDate($date[3], $date[2], $date[1]); $time->setTime($date[4], $date[5], $date[6]); } // kontroller beløp $amount = round(str_replace(",", ".", $_POST['amount']), 2); // ugyldig dato if (!$date) { $_base->page->add_message("Ugyldig dato.", "error"); } elseif ($amount <= 0) { $_base->page->add_message("Ugyldig beløp.", "error"); } elseif (isset($_POST['approve'])) { // legg til
</script> <?php // assign variables from get if (isset($_REQUEST['title']) && !empty($_REQUEST['title'])) { $title = filter_var($_REQUEST['title'], FILTER_SANITIZE_STRING); } else { $title = ''; } if (isset($_REQUEST['from']) && !empty($_REQUEST['from'])) { $from = check_date($_REQUEST['from']); } else { $from = ''; } if (isset($_REQUEST['to']) && !empty($_REQUEST['to'])) { $to = check_date($_REQUEST['to']); } else { $to = ''; } if (isset($_REQUEST['tags']) && !empty($_REQUEST['tags'])) { $tags = filter_var($_REQUEST['tags'], FILTER_SANITIZE_STRING); } else { $tags = ''; } if (isset($_REQUEST['body']) && !empty($_REQUEST['body'])) { $body = check_body($_REQUEST['body']); } else { $body = ''; } if (isset($_REQUEST['status']) && !empty($_REQUEST['status'])) { $status = check_status($_REQUEST['status']);
} else { echo json_encode("error"); } return 0; case 'month': if (!check_format_date("{$value}", $type)) { echo "error"; } break; case 'date_interval': $value = explode('_', $value); if (count($value) != 2) { echo "error"; break; } if (!check_date($value[0], $value[1])) { echo "error"; } break; case 'numeric': if (!check_numeric_value("{$value}")) { echo "error"; } break; case 'tolerance': if (isset($_GET['plug']) && !empty($_GET['plug'])) { $plug = $_GET['plug']; } else { return 0; } if (!check_tolerance_value($plug, $value)) {
$sgbd = sql_connect(); $sql_verif = sql_replace($sql['club']['verif_presence_club'], $_POST); $res_verif = sql_query($sql_verif); $nb_res = sql_num_rows($res_verif); sql_free_result($res_verif); sql_close($sgbd); if ($nb_res != "0") { $page['erreur'][$nb_erreur]['message'] = $lang['club']['E_exist_club']; $nb_erreur++; } } if (isset($_POST['logo']) and !empty($_POST['logo']) and !check_url($_POST['logo'])) { $page['erreur'][$nb_erreur]['message'] = $lang['club']['E_invalid_logo_club']; $nb_erreur++; } if (isset($_POST['creation_year']) and !empty($_POST['creation_year']) and !check_date("01-01-" . $_POST['creation_year'])) { $page['erreur'][$nb_erreur]['message'] = $lang['club']['E_invalid_creation_year_club']; $nb_erreur++; } if (isset($_POST['email']) and !empty($_POST['email']) and !check_email($_POST['email'])) { $page['erreur'][$nb_erreur]['message'] = $lang['club']['E_invalid_email_club']; $nb_erreur++; } if (isset($_POST['url']) and !empty($_POST['url']) and !check_url($_POST['url'])) { $page['erreur'][$nb_erreur]['message'] = $lang['club']['E_invalid_url_club']; $nb_erreur++; } # there is no error in submited datas if ($nb_erreur == 0) { if (!isset($_POST['creation_year']) or empty($_POST['creation_year'])) { $_POST['creation_year'] = "NULL";
$lock_begin_min = Request::optionArray('lock_begin_min'); $lock_end_year = Request::optionArray('lock_end_year'); $lock_end_month = Request::optionArray('lock_end_month'); $lock_end_day = Request::optionArray('lock_end_day'); $lock_end_hour = Request::optionArray('lock_end_hour'); $lock_end_min = Request::optionArray('lock_end_min'); if (!check_date($lock_begin_month[$key], $lock_begin_day[$key], $lock_begin_year[$key], $lock_begin_hour[$key], $lock_begin_min[$key])) { //$msg->addMsg(2); $illegal_begin=TRUE; } else { $lock_begin = mktime($lock_begin_hour[$key],$lock_begin_min[$key],0,$lock_begin_month[$key], $lock_begin_day[$key], $lock_begin_year[$key]); } if (!check_date($lock_end_month[$key], $lock_end_day[$key], $lock_end_year[$key], $lock_end_hour[$key], $lock_end_min[$key])) { //$msg -> addMsg(3); $illegal_end=TRUE; } else { $lock_end = mktime($lock_end_hour[$key],$lock_end_min[$key],0,$lock_end_month[$key], $lock_end_day[$key], $lock_end_year[$key]); } if ((!$illegal_begin) && (!$illegal_end) && ($lock_begin < $lock_end)) { $statement->execute(array( $lock_begin, $lock_end, $id )); if ($statement->rowCount() > 0) { $msg->addMsg(27);
function check_date_or_grades($x) { if ($x === "grades") { return array(true, $x); } else { return check_date($x); } }
$account = trim($val['account']); $name = trim($val['name']); $type = !empty($val['type']) ? array_sum($val['type']) : NULL; $type += CONTACT_BANKACCOUNT; $customeradd['accounts'][$idx]['type'] = $type; if ($account != '' && !check_bankaccount($account)) { $error['account' . $idx] = trans('Incorrect bank account!'); } elseif ($name && !$account) { $error['account' . $idx] = trans('Bank account is required!'); } elseif ($account) { $contacts[] = array('name' => $name, 'contact' => $account, 'type' => $type); } } if ($customeradd['cutoffstop'] == '') { $cutoffstop = 0; } elseif (check_date($customeradd['cutoffstop'])) { list($y, $m, $d) = explode('/', $customeradd['cutoffstop']); if (checkdate($m, $d, $y)) { $cutoffstop = mktime(23, 59, 59, $m, $d, $y); } else { $error['cutoffstop'] = trans('Incorrect date of cutoff suspending!'); } } else { $error['cutoffstop'] = trans('Incorrect date of cutoff suspending!'); } $hook_data = $LMS->executeHook('customeradd_validation_before_submit', array('customeradd' => $customeradd, 'error' => $error)); $customeradd = $hook_data['customeradd']; $error = $hook_data['error']; if (!$error) { $customeradd['cutoffstop'] = $cutoffstop; if (!isset($customeradd['consentdate'])) {
function start_a_command($proxy = array()) { if ($_POST['editConvergence']) { $changed_params = getChangedParams($_POST); if ($changed_params == array('active')) { print "We have to edit command...."; } } $error = ""; if (!check_date($_POST)) { $error .= _T("Your start and end dates are not coherent, please check them.<br/>", "msc"); } # should add some other tests on fields (like int are int? ...) if ($error != '') { new NotifyWidgetFailure($error); complete_post(); $url = "base/computers/msctabs?"; foreach ($_GET as $k => $v) { $url .= "{$v}={$k}"; } header("Location: " . urlStrRedirect("msc/logs/viewLogs", array_merge($_GET, $_POST, array('failure' => True)))); exit; } // Vars seeding $post = $_POST; $from = $post['from']; $path = explode('|', $from); $module = $path[0]; $submod = $path[1]; $page = $path[2]; $params = array(); foreach (array('start_script', 'clean_on_success', 'do_reboot', 'do_wol', 'next_connection_delay', 'max_connection_attempt', 'do_inventory', 'ltitle', 'parameters', 'papi', 'maxbw', 'deployment_intervals', 'max_clients_per_proxy', 'launchAction') as $param) { $params[$param] = $post[$param]; } $halt_to = array(); foreach ($post as $p => $v) { if (preg_match('/^issue_halt_to_/', $p)) { $p = preg_replace('/^issue_halt_to_/', '', $p); if ($v == 'on') { $halt_to[] = $p; } } } $params['issue_halt_to'] = $halt_to; $p_api = new ServerAPI(); $p_api->fromURI($post['papi']); foreach (array('start_date', 'end_date') as $param) { if ($post[$param] == _T("now", "msc")) { $params[$param] = "0000-00-00 00:00:00"; } elseif ($post[$param] == _T("never", "msc")) { $params[$param] = "0000-00-00 00:00:00"; } else { $params[$param] = $post[$param]; } } $pid = $post['pid']; $mode = $post['copy_mode']; if (isset($post['uuid']) && $post['uuid']) { // command on a single target $hostname = $post['hostname']; $uuid = $post['uuid']; $target = array($uuid); $tab = 'tablogs'; /* record new command */ $id = add_command_api($pid, $target, $params, $p_api, $mode, NULL); if (!isXMLRPCError()) { scheduler_start_these_commands('', array($id)); /* then redirect to the logs page */ header("Location: " . urlStrRedirect("msc/logs/viewLogs", array('tab' => $tab, 'uuid' => $uuid, 'hostname' => $hostname, 'cmd_id' => $id))); exit; } else { /* Return to the launch tab, the backtrace will be displayed */ header("Location: " . urlStrRedirect("msc/logs/viewLogs", array('tab' => 'tablaunch', 'uuid' => $uuid, 'hostname' => $hostname))); exit; } } else { # command on a whole group $gid = $post['gid']; $tab = 'grouptablogs'; // record new command // given a proxy list and a proxy style, we now have to build or proxy chain // target structure is an dict using the following stucture: "priority" => array(proxies) $ordered_proxies = array(); if ($_POST['proxy_mode'] == 'multiple') { // first case: split mode; every proxy got the same priority (1 in our case) foreach ($proxy as $p) { array_push($ordered_proxies, array('uuid' => $p, 'priority' => 1, 'max_clients' => $_POST['max_clients_per_proxy'])); } $params['proxy_mode'] = 'split'; } elseif ($_POST['proxy_mode'] == 'single') { // second case: queue mode; one priority level per proxy, starting at 1 $current_priority = 1; foreach ($proxy as $p) { array_push($ordered_proxies, array('uuid' => $p, 'priority' => $current_priority, 'max_clients' => $_POST['max_clients_per_proxy'])); $current_priority += 1; } $params['proxy_mode'] = 'queue'; } if (quick_get('convergence')) { $active = $_POST['active'] == 'on' ? 1 : 0; $cmd_type = 2; // Convergence command type if (quick_get('editConvergence')) { /* Stop command */ $cmd_id = xmlrpc_get_convergence_command_id($gid, $p_api, $pid); stop_command($cmd_id); /* Set end date of this command to now(), don't touch to start date */ $start_date = _get_command_start_date($cmd_id); extend_command($cmd_id, $start_date, date("Y-m-d H:i:s")); /* Create new command */ $deploy_group_id = xmlrpc_get_deploy_group_id($gid, $p_api, $pid); $command_id = add_command_api($pid, NULL, $params, $p_api, $mode, $deploy_group_id, $ordered_proxies, $cmd_type); if (!$active) { // If this convergence is not active, expire this command $start_date = _get_command_start_date($command_id); extend_command($command_id, $start_date, date("Y-m-d H:i:s")); } /* Update convergence DB */ $updated_datas = array('active' => $active, 'commandId' => intval($command_id), 'cmdPhases' => $params); xmlrpc_edit_convergence_datas($gid, $p_api, $pid, $updated_datas); } else { /* Create convergence */ // create sub-groups $group = new Group($gid, True); $package = to_package(getPackageDetails($p_api, $pid)); $convergence_groups = $group->createConvergenceGroups($package); $deploy_group_id = $convergence_groups['deploy_group_id']; $done_group_id = $convergence_groups['done_group_id']; // Add command on sub-group $command_id = add_command_api($pid, NULL, $params, $p_api, $mode, $deploy_group_id, $ordered_proxies, $cmd_type); if (!$active) { // If this convergence is not active, expire this command $start_date = _get_command_start_date($command_id); extend_command($command_id, $start_date, date("Y-m-d H:i:s")); } // feed convergence db xmlrpc_add_convergence_datas($gid, $deploy_group_id, $done_group_id, $pid, $p_api, intval($command_id), $active, $params); } header("Location: " . urlStrRedirect("base/computers/groupmsctabs", array('gid' => $gid))); exit; } else { $id = add_command_api($pid, NULL, $params, $p_api, $mode, $gid, $ordered_proxies); scheduler_start_these_commands('', array($id)); // then redirect to the logs page header("Location: " . urlStrRedirect("msc/logs/viewLogs", array('tab' => $tab, 'gid' => $gid, 'cmd_id' => $id, 'proxy' => $proxy))); exit; } } }