/** * Internal function to convert CB-formatted date from field into SQL date. * @access private * * @param string $value * @return string */ protected function _displayDateToSql( $value ) { global $ueConfig; if ( $value !== null ) { $sqlFormat = 'Y-m-d'; $fieldForm = str_replace( 'y', 'Y', $ueConfig['date_format'] ); $value = dateConverter( stripslashes( $value ), $fieldForm, $sqlFormat ); if ( ! preg_match( '/[0-9]{4}-[01][0-9]-[0-3][0-9]/', $value ) ) { $value = ''; } } return $value; }
} $socMeddra = mysqli_real_escape_string($con, $_POST['socMeddra']); $seriousness = mysqli_real_escape_string($con, $_POST['seriousness']); if($seriousness == "" || $seriousness == NULL || empty($seriousness)) { $seriousness = "NULL"; } $seriousnessCrit = mysqli_real_escape_string($con, $_POST['seriousnessCrit']); if($seriousnessCrit == "" || $seriousnessCrit == NULL || empty($seriousnessCrit)) { $seriousnessCrit = "NULL"; } $dateOfDeath = mysqli_real_escape_string($con, $_POST['dateOfDeath']); $dateOfDeath = dateConverter($dateOfDeath); $causeOfDeath = mysqli_real_escape_string($con, $_POST['causeOfDeath']); $autopsyYesNo = mysqli_real_escape_string($con, $_POST['autopsyYesNo']); if($autopsyYesNo == "" || $autopsyYesNo == NULL || empty($autopsyYesNo)) { $autopsyYesNo = "NULL"; } $autopsyText = mysqli_real_escape_string($con, $_POST['autopsyText']); if($seriousnessCrit != 1) { $dateOfDeath = "0000-00-00"; $causeOfDeath = ""; $autopsyYesNo = "NULL"; $autopsyText = "";
<?php include 'secure.php'; checkSession(); include 'connection.php'; include 'date.php'; if (isset($_GET['from']) && isset($_GET['to'])) { $from = dateConverter($_GET['from']); $to = dateConverter($_GET['to']); $str = "SELECT DATE_FORMAT(DATE(datetime), '%d %b %y') as date, TIME_FORMAT(TIME(datetime), '%h:%i %s %p') as time, user, page, search, ip FROM `userdata` WHERE date(datetime) BETWEEN '" . $from . "' AND '" . $to . "'"; $dataObject = $db->query($str); $table = "<table class='table table-bordered table-hover table-condensed table-striped mytable'>"; $table .= "<tr><td>Date</td>"; $table .= "<td nowrap>Time</td>"; $table .= "<td nowrap>User</td>"; $table .= "<td nowrap>Loaded Page</td>"; $table .= "<td nowrap>Searching Dates</td>"; $table .= "<td nowrap>IP Address of user</td></tr>"; while ($row = $dataObject->fetch(PDO::FETCH_ASSOC)) { $table .= "<tr>"; $table .= "<td nowrap>" . $row['date'] . "</td>"; $table .= "<td nowrap>" . $row['time'] . "</td>"; $table .= "<td nowrap>" . $row['user'] . "</td>"; $table .= "<td nowrap>" . $row['page'] . "</td>"; $table .= "<td nowrap>" . $row['search'] . "</td>"; $table .= "<td nowrap>" . $row['ip'] . "</td>"; $table .= "</tr>"; } $table .= "</table>"; } ?>
$doseIntervalUnit = mysqli_real_escape_string($con, $_POST['doseIntervalUnit']); if ($doseIntervalUnit == "" || $doseIntervalUnit == NULL || empty($doseIntervalUnit)) { $doseIntervalUnit = "NULL"; } $cumDoseDay = mysqli_real_escape_string($con, $_POST['cumDoseDay']); if ($cumDoseDay == "" || $cumDoseDay == NULL || empty($cumDoseDay)) { $cumDoseDay = "NULL"; } $cumDoseDayUnit = mysqli_real_escape_string($con, $_POST['cumDoseDayUnit']); if ($cumDoseDayUnit == "" || $cumDoseDayUnit == NULL || empty($cumDoseDayUnit)) { $cumDoseDayUnit = "NULL"; } $theraphyStartDate = mysqli_real_escape_string($con, $_POST['theraphyStartDate']); $theraphyStartDate = dateConverter($theraphyStartDate); $theraphyStopDate = mysqli_real_escape_string($con, $_POST['theraphyStopDate']); $theraphyStopDate = dateConverter($theraphyStopDate); $indication = mysqli_real_escape_string($con, $_POST['indication']); $ICDCode = mysqli_real_escape_string($con, $_POST['ICDCode']); $drugAction = mysqli_real_escape_string($con, $_POST['drugAction']); if ($drugAction == "" || $drugAction == NULL || empty($drugAction)) { $drugAction = "NULL"; } $reacSubsided = mysqli_real_escape_string($con, $_POST['reacSubsided']); if ($reacSubsided == "" || $reacSubsided == NULL || empty($reacSubsided)) { $reacSubsided = "NULL"; } $reacReapp = mysqli_real_escape_string($con, $_POST['reacReapp']); if ($reacReapp == "" || $reacReapp == NULL || empty($reacReapp)) { $reacReapp = "NULL"; } if (isset($_POST['reactRel'])) {
$result = mysqli_query($mysqli, "select * from db_notizie_source a, db_notizie_scelte b where a.id in (b.idNews)"); $i = 0; while ($r = mysqli_fetch_array($result)) { $xmlDoc = new DOMDocument(); $xmlDoc->load($r['link']); $x = $xmlDoc->getElementsByTagName('item'); for ($i = 0; $i < $r['numero']; $i++) { $title = $x->item($i)->getElementsByTagName('title')->item(0)->childNodes->item(0)->nodeValue; $link = $x->item($i)->getElementsByTagName('link')->item(0)->childNodes->item(0)->nodeValue; $desc = $x->item($i)->getElementsByTagName('description')->item(0)->childNodes->item(0)->nodeValue; $date = $x->item($i)->getElementsByTagName('pubDate')->item(0)->childNodes->item(0)->nodeValue; $img = 'a'; if (substr($desc, 0, 1) == '<' && substr($desc, -1, 1) == '>') { $dom = new DOMDocument(); $dom->loadHTML($desc); $img = $dom->getElementsByTagName('p')->item(0)->getElementsByTagName('img')->item(0)->getAttribute('src'); $desc = $dom->getElementsByTagName('p')->item(1)->nodeValue; if ($desc == '') { $desc = $dom->getElementsByTagName('p')->item(0)->nodeValue; } $desc = utf8_decode($desc); } mysqli_query($mysqli, "INSERT INTO `db_notizie_aggiornate`(`id`, `idSource`, `ordine`, `date`, `title`, `desc`, `link`, `img`) \n \t\t\tVALUES (null,'" . $r['idNews'] . "'," . $r['ordine'] . ",'" . dateConverter($date) . "','" . addslashes($title) . "','" . addslashes($desc) . "','{$link}','{$img}')"); // echo "INSERT INTO `db_notizie_aggiornate`(`id`, `idSource`, `ordine`, `date`, `title`, `desc`, `link`, `img`) // VALUES (null,'".$r['idNews']."',".$r['ordine'].",'".dateConverter($date)."','$title','$desc','$link','$img')"; } } function dateConverter($str) { return date('Y-m-d H:i:s', strtotime($str)); }
<div class="row row-centered"> <div class="col-sm-10 col-centered"> <?php if (isset($_GET['from']) && isset($_GET['to'])) { function dateConverter($ddmmyyyy) { /*To Do: validate date format. if not valid, run the below function. * die("invalid date error."); */ $exploded = explode("-", $ddmmyyyy); return $exploded[2] . '-' . $exploded[1] . '-' . $exploded[0]; } $fromDate = dateConverter($_GET['from']); $toDate = dateConverter($_GET['to']); $selectedParty = $_GET['selectedParty']; $product = $_GET['product']; $commonStr = "SELECT DATE_FORMAT(date,'%d %b %y') as delDate, product, qty, party, lorry FROM sales "; //1st part/common part of all query if ($selectedParty == 'all' && $product == 'all') { $query = $commonStr . "WHERE date>=:from AND date<=:to ORDER BY date, party, product"; $dataObject = $db->prepare($query); // only date to be binded } elseif ($selectedParty !== 'all' && $product == 'all') { $query = $commonStr . "WHERE date>=:from AND date<=:to AND party=:userInput ORDER BY date, product"; $dataObject = $db->prepare($query); $dataObject->bindValue(':userInput', $selectedParty); // "date" & "party Name" needed. Party name binded. } elseif ($selectedParty == 'all' && $product !== 'all') { $query = $commonStr . "WHERE date>=:from AND date<=:to AND product=:product ORDER BY date, party";
/** * store() function override, instead of storing it imports. * * @param boolean $updateNulls * @return boolean */ public function store( $updateNulls = false ) { global $_CB_framework, $ueConfig; $return = ''; // Check if file uploads are enabled if (!(bool)ini_get('file_uploads')) { $this->_error = CBPTXT::T("Importer") . ' - ' . CBPTXT::T("error:") . ' ' . CBPTXT::T("The importer can't continue before file uploads are enabled in PHP settings."); return false; } if ( ! $this->import_type ) { $this->_error = CBPTXT::T("Importer") . ' - ' . CBPTXT::T("error:") . ' ' . CBPTXT::T("No import type selected"); return false; } $fromFile = cbStartOfStringMatch( $this->import_type, 'file_' ); if( $fromFile ) { $userfile = $_FILES['userfile']; if ( !$userfile || ( $userfile == null ) ) { $this->_error = CBPTXT::T("Importer") . ' - ' . CBPTXT::T("error:") . ' ' . CBPTXT::T("No file selected"); return false; } if ( isset( $userfile['error'] ) && ( $userfile['error'] ) ) { $errors_array = array( 1 => CBPTXT::T("The uploaded file exceeds the upload_max_filesize directive in php.ini.") , 2 => CBPTXT::T("The uploaded file exceeds the maximum size allowed by this form.") , 3 => CBPTXT::T("The uploaded file was only partially uploaded.") , 4 => CBPTXT::T("No file was selected and uploaded.") , 6 => CBPTXT::T("Missing a temporary folder in php.ini.") , 7 => CBPTXT::T("Failed to write file to disk.") , 8 => CBPTXT::T("File upload stopped by extension.") ); if ( in_array( $userfile['error'], $errors_array ) ) { $fileErrorTxt = $errors_array[$userfile['error']]; } else { $fileErrorTxt = CBPTXT::T("File upload error number ") . htmlspecialchars( $userfile['error'] ); } $this->_error = CBPTXT::T("Importer") . ' - ' . CBPTXT::T("error:") . ' ' . $fileErrorTxt; return false; } if ( ( ! $userfile['tmp_name'] ) || ( ! is_uploaded_file( $userfile['tmp_name'] ) ) ) { $this->_error = CBPTXT::T("Importer") . ' - ' . CBPTXT::T("error:") . ' ' . CBPTXT::T("No temporary file name"); return false; } if ( $userfile['size'] == 0 ) { $this->_error = CBPTXT::T("Importer") . ' - ' . CBPTXT::T("error:") . ' ' . CBPTXT::T("Empty file"); return false; } } else { $userfile = null; } if ( $this->import_type == 'cms_acl' ) { if ( !$this->usergroup ) { $this->_error = CBPTXT::T("Importer") . ' - ' . CBPTXT::T("error:") . ' ' . CBPTXT::T("No usergroup selected"); return false; } } if ( $this->import_type == 'subscription' ) { if ( !$this->from_plan ) { $this->_error = CBPTXT::T("Importer") . ' - ' . CBPTXT::T("error:") . ' ' . CBPTXT::T("No subscription plan selected"); return false; } if ( !$this->from_sub_status ) { $this->_error = CBPTXT::T("Importer") . ' - ' . CBPTXT::T("error:") . ' ' . CBPTXT::T("No subscription status selected"); return false; } } if ( $this->import_type != 'file_uid_plan_exp' ) { if ( !$this->plan ) { $this->_error = CBPTXT::T("Importer") . ' - ' . CBPTXT::T("error:") . ' ' . CBPTXT::T("No plan selected"); return false; } if ( !$this->state ) { $this->_error = CBPTXT::T("Importer") . ' - ' . CBPTXT::T("error:") . ' ' . CBPTXT::T("No subscription state selected"); return false; } if ( !$this->date ) { $this->_error = CBPTXT::T("Importer") . ' - ' . CBPTXT::T("error:") . ' ' . CBPTXT::T("No subscription date selected"); return false; } } if ( $fromFile ) { $tmpName = $userfile['tmp_name']; $fileSize = (int) $userfile['size']; // $fileType = $userfile['type']; } else { $tmpName = null; $fileSize = null; } $planStateDate = array(); switch ($this->import_type ) { case 'file_uid': $fp = fopen( $tmpName, 'r' ); $content = fread( $fp, $fileSize ); fclose( $fp ); unlink( $tmpName ); $userIdList = explode( ',', trim( $content ) ); break; case 'file_uid_plan_exp': $userIdList = array(); $fp = fopen( $tmpName, 'r' ); if ( $fp ) { $n = 0; while (!feof( $fp ) ) { $line = trim( str_replace( '"', '', fgets( $fp, 256 ) ) ); $n += 1; if ( strlen( $line ) > 0 ) { $matches = null; if ( preg_match( '/([1-9][0-9]*),([1-9][0-9]*),([AXC]),([0-9]{4}-[0-9]{2}-[0-9]{2} [0-9][0-9]:[0-9][0-9]:[0-9][0-9])/', $line, $matches ) ) { if ( ! in_array( (int) $matches[1], $userIdList ) ) { $userIdList[] = (int) $matches[1]; } $planStateDate[(int) $matches[1]][] = array( 'plan' => (int) $matches[2], 'status' => $matches[3], 'date' => $matches[4], ); } else { $this->_error = CBPTXT::T("Importer") . ' - ' . CBPTXT::T("error:") . ' ' . sprintf(CBPTXT::T("Line %s does not match the format userid,planid,status,date, e.g. 63,1,A,2009-01-01 00:00:00, and is instead: %s ."), $n, htmlspecialchars( $line ) ); fclose( $fp ); unlink( $tmpName ); return false; } } } } fclose( $fp ); unlink( $tmpName ); break; case 'cms_acl': if ( checkJversion() >= 2 ) { $sql = 'SELECT id FROM #__users u' . ' JOIN #__user_usergroup_map m ON ( u.id = m.user_id )' . ' WHERE m.group_id = ' . (int) $this->usergroup ; } else { $sql = 'SELECT id FROM #__users' . ' WHERE gid = ' . (int) $this->usergroup ; } $this->_db->setQuery( $sql ); $userIdList = $this->_db->loadResultArray(); break; case 'subscription': $statuses = $this->from_sub_status; foreach (array_keys( $statuses ) as $k ) { $statuses[$k] = $this->_db->Quote( $statuses[$k][0] ); } $sql = 'SELECT s.user_id FROM #__cbsubs_subscriptions s' . ' JOIN #__users u ON ( u.id = s.user_id AND u.block = 0 )' . ' JOIN #__comprofiler c ON ( c.id = s.user_id AND c.confirmed = 1 AND c.approved = 1 )' . ' WHERE s.plan_id = ' . (int) $this->from_plan . ' AND s.status IN (' . implode( ',', $statuses ) . ')' ; $this->_db->setQuery( $sql ); $userIdList = $this->_db->loadResultArray(); break; default: $this->_error = CBPTXT::T("Importer") . ' - ' . CBPTXT::T("error:") . ' ' . CBPTXT::T("Import type not implemented!"); return false; break; } if ( count( $userIdList ) == 0 ) { $this->_error = CBPTXT::T("Importer") . ' - ' . CBPTXT::T("error:") . ' ' . CBPTXT::T("No user to import"); return false; } $plansMgr =& cbpaidPlansMgr::getInstance(); $offset = $_CB_framework->getCfg( 'offset' ) * 3600; if ( $this->import_type != 'file_uid_plan_exp' ) { $plan =& $plansMgr->loadPlan( (int) $this->plan ); $this->date = dateConverter( $this->date, $ueConfig['date_format'], 'Y-m-d' ); $subscriptionTime = (int) ( $plan->strToTime( $this->date ) - $offset ); foreach( $userIdList as $key => $value ) { if ( ! is_numeric( $value ) ) { $this->_error = CBPTXT::T("Importer") . ' - ' . CBPTXT::T("error:") . ' ' . CBPTXT::T("non-numeric userid value: ") . str_replace( "\n", ' ', htmlspecialchars( $value ) ); return false; } $userIdList[$key] = (int) $value; } } else { $plan = null; $subscriptionTime = null; } $this->_db->setQuery( "SELECT u.id, u.username FROM #__comprofiler c, #__users u WHERE c.id=u.id AND u.block = 0 AND c.approved = 1 AND c.confirmed = 1 AND c.id IN (" . implode( ',', $userIdList ) . ")" ); $users = $this->_db->loadObjectList('id'); if ( count( $userIdList ) != count( $users ) ) { if ( is_array( $users ) ) { foreach ( $users as $u ) { $keys = array_keys( $userIdList, $u->id ); unset( $userIdList[$keys[0]] ); unset( $planStateDate[(int) $u->id] ); } } $idList = implode( ', ', $userIdList ); $this->_error = CBPTXT::T("Importer") . ' - ' . CBPTXT::T("error:") . ' ' . CBPTXT::T("Not all userId exist, are active (confirmed, approved and enabled) ! innexistant or inactive ids: ") . $idList; return false; } $this->_db->setQuery( "SELECT DISTINCT user_id FROM #__cbsubs_subscriptions WHERE user_id IN (" . implode( ',', $userIdList ) . ")" //FIXME: API needed to load the right type of subscriptions . " ORDER BY user_id" ); $usersSubscribed = $this->_db->loadResultArray(); $incompatibleUsersSubs = array(); if ( $this->import_type != 'file_uid_plan_exp' ) { foreach ( $users as $user ) { @set_time_limit( 60 ); $incompatible = false; if ( in_array( $user->id, $usersSubscribed ) ) { if ( $plan->get( 'exclusive' ) && ( $plan->get( 'item_type' ) == 'usersubscription' ) ) { $paidUserExtension =& cbpaidUserExtension::getInstance( $user->id ); $subscriptions = $paidUserExtension->getUserSubscriptions( null, false ); foreach ( $subscriptions as $s ) { if ( ( $s->parent_plan == $plan->get( 'parent' ) ) && $s->checkIfValid() ) { $sPlan = $s->getPlan(); if ( $sPlan->get( 'exclusive' ) && ( $sPlan->get( 'item_type' ) == 'usersubscription' ) ) { // check if any other exclusive subscription with same parent plan is active: $incompatible = true; break; } } } } } if ( ! $incompatible ) { if ( $plan->get( 'parent' ) ) { $plansMgr =& cbpaidPlansMgr::getInstance(); $parentPlan = $plansMgr->loadPlan( $plan->get( 'parent' ) ); $parentSub = $parentPlan->loadLatestSomethingOfUser( $user->id, null ); if ( ! $parentSub ) { $incompatible = true; } } } if ( $incompatible ) { if ( ! in_array( $user->id, $incompatibleUsersSubs ) ) { $incompatibleUsersSubs[] = $user->id; } continue; } if ( ! $this->dryrun ) { $userFull = CBuser::getUserDataInstance( $user->id ); $this->createSomething( $plan, $userFull, $this->state, $subscriptionTime ); CBuser::unsetUsersNotNeeded( array( (int) $user->id ) ); } } } else { foreach ( $users as $user ) { @set_time_limit( 60 ); foreach ( $planStateDate[(int) $user->id] as $psd ) { $plan =& $plansMgr->loadPlan( (int) $psd['plan'] ); $status = $psd['status']; $subscriptionTime = $plan->strToTime( $psd['date'] ) - $offset; $incompatible = false; if ( in_array( $user->id, $usersSubscribed ) ) { if ( $plan->get( 'exclusive' ) && ( $plan->get( 'item_type' ) == 'usersubscription' ) ) { $paidUserExtension =& cbpaidUserExtension::getInstance( $user->id ); $subscriptions = $paidUserExtension->getUserSubscriptions( null, false ); foreach ( $subscriptions as $s ) { if ( ( $s->parent_plan == $plan->get( 'parent' ) ) && $s->checkIfValid() ) { $sPlan = $s->getPlan(); if ( $sPlan->get( 'exclusive' ) && ( $sPlan->get( 'item_type' ) == 'usersubscription' ) ) { // check if any other exclusive subscription with same parent plan is active: $incompatible = true; break; } } } } } if ( ! $incompatible ) { if ( $plan->get( 'parent' ) ) { $plansMgr =& cbpaidPlansMgr::getInstance(); $parentPlan = $plansMgr->loadPlan( $plan->get( 'parent' ) ); $parentSub = $parentPlan->loadLatestSomethingOfUser( $user->id, null ); if ( ! $parentSub ) { $incompatible = true; } } } if ( $incompatible ) { if ( ! in_array( $user->id, $incompatibleUsersSubs ) ) { $incompatibleUsersSubs[] = $user->id; } continue; } if ( ! $this->dryrun ) { $userFull = CBuser::getUserDataInstance( $user->id ); $this->createSomething( $plan, $userFull, $status, $subscriptionTime ); CBuser::unsetUsersNotNeeded( array( (int) $user->id ) ); } } } } if ( ( count( $userIdList ) > 0 ) && ( count( $incompatibleUsersSubs ) == 0 ) ) { $resultText = CBPTXT::T("Success"); } elseif ( ( count( $userIdList ) > count( $incompatibleUsersSubs ) ) ) { $resultText = CBPTXT::T("Partial Success"); } elseif ( ( count( $userIdList ) == count( $incompatibleUsersSubs ) ) ) { $resultText = CBPTXT::T("Import failed"); } else { $resultText = CBPTXT::T("Unknow Result"); } $return .= '<h1>' . $resultText . ( $this->dryrun ? ' [' . CBPTXT::T("DRY-RUN - NO REAL SUBSCRIPTION") . ']' : '' ) . ':</h1>'; if ( count( $incompatibleUsersSubs ) > 0 ) { $idList = implode( ', ', $incompatibleUsersSubs ); $return .= '<p>' . CBPTXT::T("Some users have already subscriptions: user ids: ") . $idList. '</p>'; // $this->_error = CBPTXT::T("Importer") . ' - ' . CBPTXT::T("error:") . ' ' . CBPTXT::T("Some users have already subscriptions: user ids: ") . $idList; // return false; } if ( $this->import_type != 'file_uid_plan_exp' ) { $return .= '<p>' . sprintf( CBPTXT::T("%d users subscribed to plan: %s , with state: %s"), ( count( $userIdList ) - count( $incompatibleUsersSubs ) ), $plan->get( 'name' ), CBPTXT::T( $this->_states[$this->state] ) ) . '</p>'; if ( ( count( $userIdList ) - count( $incompatibleUsersSubs ) ) > 0 ) { $return .= '<p>' . CBPTXT::T("Users subscribed (usernames):") . '</p>'; $return .= '<p>'; foreach ( $users as $user ) { if ( ! in_array( $user->id, $incompatibleUsersSubs ) ) { $return .= $user->username . ' '; } } $return .= '</p>'; } } else { $return .= '<p>' . sprintf( CBPTXT::T("%d users subscribed"), ( count( $userIdList ) - count( $incompatibleUsersSubs ) ) ) . '</p>'; if ( ( count( $userIdList ) - count( $incompatibleUsersSubs ) ) > 0 ) { $return .= '<p>' . CBPTXT::T("Users subscribed (usernames):") . '</p>'; foreach ( $users as $user ) { if ( ! in_array( $user->id, $incompatibleUsersSubs ) ) { $return .= '<p>' . $user->username . ' ' . CBPTXT::T("to") . ' '; foreach ( $planStateDate[(int) $user->id] as $psd ) { $plan =& $plansMgr->loadPlan( (int) $psd['plan'] ); $status = $psd['status']; $return .= sprintf(CBPTXT::T("plan: %s , with state: %s") . ' ', $plan->get( 'name' ), CBPTXT::T( $this->_states[$status] ) ); } } } $return .= '</p>'; } } if ( count( $incompatibleUsersSubs ) > 0 ) { $return .= '<p>' . CBPTXT::T("Following Users could not be subscribed (usernames) because either: (A) an exclusive active subscription exists that would conflict with the imported user subscription, or: (B) it is a children plan but the parent plan subscription does not exist:") . '</p>'; $return .= '<p>'; foreach ( $incompatibleUsersSubs as $uid ) { if ( isset( $users[$uid] ) ) { $return .= $users[$uid]->username . ' '; } } $return .= '</p>'; } $this->_resultOfStore = $return; return true; }
$query = ""; } // Insert Concomitant $otrMedName = $_POST['otrMedName']; $otrDose = $_POST['otrDose']; $otrStartDate = $_POST['otrStartDate']; $otrEndDate = $_POST['otrEndDate']; $otrReason = $_POST['otrReason']; for ($i = 0; $i < count($otrMedName); $i++) { $medN = $otrMedName[$i]; $medN = mysqli_real_escape_string($con, $medN); $dos = $otrDose[$i]; $stDate = $otrStartDate[$i]; $stDate = dateConverter($stDate); $edDate = $otrEndDate[$i]; $edDate = dateConverter($edDate); $rea = $otrReason[$i]; $query = "INSERT INTO adr_druglist\n\t\t\t\t\tSET\n\t\t\t\t\t\tadrDrugListID=NULL,\n\t\t\t\t\t\tadrFormID={$formID},\n\t\t\t\t\t\tproduct_name='{$medN}',\n\t\t\t\t\t\tdosage='{$dos}',\n\t\t\t\t\t\ttherapy_start='{$stDate}',\n\t\t\t\t\t\ttherapy_stop='{$edDate}',\n\t\t\t\t\t\tsuspected='3',\n\t\t\t\t\t\tindication='{$rea}',\n\t\t\t\t\t\tsubsided={$sbsided},\n\t\t\t\t\t\treappear={$reApp},\n\t\t\t\t\t\tconserf_medType='OTR'"; $medRes = mysqli_query($con, $query) or die(mysqli_error($con)); $query = ""; } // $lol = json_encode($_POST); // echo "<br/><br/><br/> $lol"; $adrDetailQuery = "INSERT INTO adrdetail\n\t SET\n\t\t adrDetailID=NULL,\n\t\t adrFormID={$formID},\n\t\t Adr_onsetDate='{$reactStDate}',\n\t\t Adr_endDate='{$reactEdDate}',\n\t\t Adr_treat='{$treatText}',\n\t\t Adr_rctFirstTime={$rt1stTime},\n\t\t Adr_rctFirstTimeUnit={$rt1stTimeUnit}"; $detailRes = mysqli_query($con, $adrDetailQuery); $adrDataQuery = "INSERT INTO adrdata\n\t\tSET\n\t\t\tadrDataIDAI=NULL,\n\t\t\tadrFormID={$formID},\n\t\t\tage='{$ptAge}',\n\t\t\tsex='{$ptSex}',\n\t\t\tethnic='{$ethnic}',\n\t\t\trace='{$nation}',\n\t\t\toutcome='{$currentOutcome}',\n\t\t\treaction_treatment='{$treatText}',\n\t\t\thistory='{$ptHealthProb}',\n\t\t\t`status`='{$status}',\n\t\t\treport_date='{$reportDate}',\n\t\t\treporter_telno='{$cntctNo}',\n\t\t\treporter_email='{$ptEmail}',\n\t\t\tadr_desc='{$otrSideEff}',\n\t\t\tinitial='{$ptName}',\n\t\t\trt1stTime={$rt1stTime},\n\t\t\trt1stTimeUnit={$rt1stTimeUnit},\n\t\t\tdateRcv=NOW(),\n\t\t\tonset_date='{$reactStDate}',\n\t\t\tdate_end_reaction='{$reactEdDate}',\n\t\t\treaction_subsided='{$sbsided}',\n\t\t\treaction_reappeared='{$reApp}',\n\t\t\tseriousness={$sSD}"; $res = mysqli_query($con, $adrDataQuery); if ($res) { $log = "ConSERF Form Submitted " . PHP_EOL . $query; file_put_contents('log.txt', $log, FILE_APPEND); header("Location: submit_conserf_form_res.php");
<?php include 'connection_pure.php'; include 'function.php'; if (isset($_POST['labIDEd'])) { session_start(); if (isset($_SESSION)) { $staff_id = $_SESSION['staff_id']; } else { $staff_id = "0"; } $labIDEd = $_POST['labIDEd']; $labTestTypeEd = $_POST['labTestTypeEd']; $labResDateEd = $_POST['labResDateEd']; $labResDateEd = dateConverter($labResDateEd); $labResEd = $_POST['labResEd']; $sql = "UPDATE labdatares\n\t\t\t\tSET\n\t\t\t\t\tLDS_TESTTYPE='{$labTestTypeEd}',\n\t\t\t\t\tLDS_RESDATE='{$labResDateEd}',\n\t\t\t\t\tLDS_RES='{$labResEd}',\n\t\t\t\t\tlog_id='{$staff_id}'\n\t\t\t\tWHERE LDS_ID = {$labIDEd}"; $res = mysqli_query($con, $sql); if ($res) { echo "1"; } else { echo "0"; } }
static function manageConnections($connections, $actions, $total, &$connMgmtTabs, &$pagingParams, $perpage, $connecteds = null) { global $_CB_framework, $ueConfig, $_REQUEST; $Itemid = $_CB_framework->itemid(); $ui = 1; outputCbTemplate($ui); initToolTip(1); ob_start(); ?> var tabPanemyCon; function showCBTabPaneMy( sName ) { if (typeof tabPanemyCon != "undefined" ) { switch ( sName.toLowerCase() ) { case "<?php echo strtolower(_UE_MANAGEACTIONS); ?> ": case "manageactions": case "0": tabPanemyCon.setSelectedIndex( 0 ); break; case "<?php echo strtolower(_UE_MANAGECONNECTIONS); ?> ": case "manageconnections": case "1": tabPanemyCon.setSelectedIndex( 1 ); break; case "<?php echo strtolower(_UE_CONNECTEDWITH); ?> ": case "connectedfrom": case "2": tabPanemyCon.setSelectedIndex( 2 ); break; } } } <?php $cbjavascript = ob_get_contents(); ob_end_clean(); $_CB_framework->outputCbJQuery($cbjavascript); ob_start(); ?> function confirmSubmit() { if (confirm("<?php echo _UE_CONFIRMREMOVECONNECTION; ?> ")) return true ; else return false ; } <?php $cbjavascript = ob_get_contents(); ob_end_clean(); $_CB_framework->document->addHeadScriptDeclaration($cbjavascript); $tabs = new cbTabs(0, $ui); $cTypes = explode("\n", $ueConfig['connection_categories']); $connectionTypes = array(); foreach ($cTypes as $cType) { if (trim($cType) != null && trim($cType) != "") { $connectionTypes[] = moscomprofilerHTML::makeOption(trim($cType), getLangDefinition(trim($cType))); } } ?> <div class="contentheading"><?php echo _UE_MANAGECONNECTIONS; ?> </div><br /> <br /> <?php echo $tabs->startPane("myCon"); // Tab 0: Manange Actions: echo $tabs->startTab("myCon", _UE_MANAGEACTIONS . " (" . count($actions) . ")", "action"); if (!count($actions) > 0) { echo "\t\t<div class=\"tab_Description\">" . _UE_NOACTIONREQUIRED . "</div>\n"; } else { echo '<form method="post" action="' . cbSef('index.php?option=com_comprofiler&task=processConnectionActions' . ($Itemid ? "&Itemid=" . (int) $Itemid : "")) . '">'; echo "\t\t<div class=\"tab_Description\">" . _UE_CONNECT_ACTIONREQUIRED . "</div>\n"; // echo "<div style=\"width:100%;text-align:right;\"><input type=\"submit\" class=\"inputbox\" value=\""._UE_UPDATE."\" /></div>"; echo "<table cellpadding=\"5\" cellspacing=\"0\" border=\"0\" width=\"95%\">"; echo "<tr>"; echo "<td>"; foreach ($actions as $action) { $conAvatar = null; $conAvatar = getFieldValue('image', $action->avatar, $action); $onlineIMG = $ueConfig['allow_onlinestatus'] == 1 ? getFieldValue('status', $action->isOnline, $action, null, 1) : ""; $tipField = "<b>" . _UE_CONNECTIONREQUIREDON . "</b> : " . dateConverter($action->membersince, 'Y-m-d', $ueConfig['date_format']); if ($action->reason != null) { $tipField .= "<br /><b>" . _UE_CONNECTIONMESSAGE . "</b> :<br />" . htmlspecialchars($action->reason, ENT_QUOTES); } $tipTitle = _UE_CONNECTIONREQUESTDETAIL; $htmltext = $conAvatar; $style = "style=\"padding:5px;\""; $tooltip = cbFieldTip($ui, $tipField, $tipTitle, '250', '', $htmltext, '', $style, '', false); echo "<div class=\"connectionBox\">"; echo $onlineIMG . ' ' . getNameFormat($action->name, $action->username, $ueConfig['name_format']) . "<br />" . $tooltip . "<br /><img src=\"components/com_comprofiler/images/tick.png\" border=\"0\" alt=\"" . _UE_ACCEPTCONNECTION . "\" title=\"" . _UE_ACCEPTCONNECTION . "\" /><input type=\"radio\" value=\"a\" checked=\"checked\" name=\"" . $action->id . "action\"/> <img src=\"components/com_comprofiler/images/publish_x.png\" border=\"0\" alt=\"" . _UE_DECLINECONNECTION . "\" title=\"" . _UE_DECLINECONNECTION . "\" /><input type=\"radio\" value=\"d\" name=\"" . $action->id . "action\"/><input type=\"hidden\" name=\"uid[]\" value=\"" . $action->id . "\" />"; echo " </div>\n"; } echo "</td>"; echo "</tr>"; echo "</table>"; echo "<div style=\"width:100%;text-align:right;\"><input type=\"submit\" class=\"button\" value=\"" . _UE_UPDATE . "\" /></div>"; echo cbGetSpoofInputTag('manageConnections'); echo "</form>"; } echo $tabs->endTab(); // Tab 1: Manange Connections: echo $tabs->startTab("myCon", _UE_MANAGECONNECTIONS, "connections"); if (!count($connections) > 0) { echo "\t\t<div class=\"tab_Description\">" . _UE_NOCONNECTIONS . "</div>\n"; } else { ?> <form action='<?php echo cbSef('index.php?option=com_comprofiler&task=saveConnections' . ($Itemid ? "&Itemid=" . (int) $Itemid : "")); ?> ' method='post' name='userAdmin'> <div class="tab_Description"><?php echo _UE_CONNECT_MANAGECONNECTIONS; ?> </div> <table cellpadding="5" cellspacing="0" border="0" width="95%"> <thead><tr> <th style='text-align:center;'><?php echo _UE_CONNECTION; ?> </th> <th style='text-align:center;'><?php echo _UE_CONNECTIONTYPE; ?> </th> <th style='text-align:center;'><?php echo _UE_CONNECTIONCOMMENT; ?> </th> </tr></thead> <tbody> <?php $i = 1; foreach ($connections as $connection) { $k = explode('|*|', trim($connection->type)); $list = array(); $list['connectionType'] = moscomprofilerHTML::selectList($connectionTypes, $connection->id . 'connectiontype[]', 'class="inputbox" multiple="multiple" size="5"', 'value', 'text', $k, 0); $conAvatar = null; $conAvatar = getFieldValue('image', $connection->avatar, $connection); $emailIMG = getFieldValue('primaryemailaddress', $connection->email, $connection, null, 1); $pmIMG = getFieldValue('pm', $connection->username, $connection, null, 1); $onlineIMG = $ueConfig['allow_onlinestatus'] == 1 ? getFieldValue('status', $connection->isOnline, $connection, null, 1) : ""; if ($connection->accepted == 1 && $connection->pending == 1) { $actionIMG = "<img src=\"components/com_comprofiler/images/pending.png\" border=\"0\" alt=\"" . _UE_CONNECTIONPENDING . "\" title=\"" . _UE_CONNECTIONPENDING . "\" /> <a href=\"" . cbSef("index.php?option=com_comprofiler&act=connections&task=removeConnection&connectionid=" . $connection->memberid . ($Itemid ? "&Itemid=" . (int) $Itemid : "")) . "\" onclick=\"return confirmSubmit();\" ><img src=\"components/com_comprofiler/images/publish_x.png\" border=\"0\" alt=\"" . _UE_REMOVECONNECTION . "\" title=\"" . _UE_REMOVECONNECTION . "\" /></a>"; } elseif ($connection->accepted == 1 && $connection->pending == 0) { $actionIMG = "<a href=\"" . cbSef("index.php?option=com_comprofiler&act=connections&task=removeConnection&connectionid=" . $connection->memberid . ($Itemid ? "&Itemid=" . (int) $Itemid : "")) . "\" onclick=\"return confirmSubmit();\" ><img src=\"components/com_comprofiler/images/publish_x.png\" border=\"0\" alt=\"" . _UE_REMOVECONNECTION . "\" title=\"" . _UE_REMOVECONNECTION . "\" /></a>"; } elseif ($connection->accepted == 0) { $actionIMG = "<a href=\"" . cbSef("index.php?option=com_comprofiler&act=connections&task=acceptConnection&connectionid=" . $connection->memberid . ($Itemid ? "&Itemid=" . (int) $Itemid : "")) . "\"><img src=\"components/com_comprofiler/images/tick.png\" border=\"0\" alt=\"" . _UE_ACCEPTCONNECTION . "\" title=\"" . _UE_ACCEPTCONNECTION . "\" /></a> <a href=\"" . cbSef("index.php?option=com_comprofiler&act=connections&task=removeConnection&connectionid=" . $connection->memberid . ($Itemid ? "&Itemid=" . (int) $Itemid : "")) . "\"><img src=\"components/com_comprofiler/images/publish_x.png\" border=\"0\" alt=\"" . _UE_REMOVECONNECTION . "\" title=\"" . _UE_DECLINECONNECTION . "\" /></a>"; } $tipField = "<b>" . _UE_CONNECTEDSINCE . "</b> : " . dateConverter($connection->membersince, 'Y-m-d', $ueConfig['date_format']); if ($connection->type != null) { $tipField .= "<br /><b>" . _UE_CONNECTIONTYPE . "</b> : " . getConnectionTypes($connection->type); } if ($connection->description != null) { $tipField .= "<br /><b>" . _UE_CONNECTEDCOMMENT . "</b> : " . htmlspecialchars($connection->description); } $tipTitle = _UE_CONNECTEDDETAIL; $htmltext = $conAvatar; $style = "style=\"padding:5px;\""; $tooltip = cbFieldTip($ui, $tipField, $tipTitle, '200', '', $htmltext, '', $style, '', false); echo "\n<tr style='vertical-align:top;' class='sectiontableentry" . $i . "'>"; echo "\n\t<td style='text-align:center;'>" . $onlineIMG . ' ' . getNameFormat($connection->name, $connection->username, $ueConfig['name_format']) . "<br />" . $tooltip . "<br />" . $actionIMG . " <a href=\"" . cbSef("index.php?option=com_comprofiler&task=userProfile&user="******"&Itemid=" . (int) $Itemid : "")) . "\"><img src=\"components/com_comprofiler/images/profiles.gif\" border=\"0\" alt=\"" . _UE_VIEWPROFILE . "\" title=\"" . _UE_VIEWPROFILE . "\" /></a> " . $emailIMG . " " . $pmIMG . "</td>"; echo "\n\t<td style='text-align:center;'>" . $list['connectionType'] . "</td>"; echo "\n\t<td style='text-align:center;'><textarea cols=\"25\" class=\"inputbox\" rows=\"5\" name=\"" . $connection->id . "description\">" . htmlspecialchars($connection->description) . "</textarea><input type=\"hidden\" name=\"uid[]\" value=\"" . $connection->id . "\" /></td>"; echo "\n</tr>"; $i = $i == 1 ? 2 : 1; } echo "</tbody>"; echo "</table><br />"; if ($perpage < $total) { echo "<div style='width:95%;text-align:center;'>" . $connMgmtTabs->_writePaging($pagingParams, 'connections_', $perpage, $total, 'manageConnections') . "</div>"; } echo "<div style=\"width:100%;text-align:right;\"><input type=\"submit\" class=\"button\" value=\"" . _UE_UPDATE . "\" /></div>"; echo cbGetSpoofInputTag('manageConnections'); echo "</form>"; } echo $tabs->endTab(); // Tab 2: Users connected with me: if ($ueConfig['autoAddConnections'] == 0) { echo $tabs->startTab('myCon', _UE_CONNECTEDWITH, 'connected'); if (!count($connecteds) > 0) { echo _UE_NOCONNECTEDWITH; } else { // tooltip params: $width = '200'; $icon = ''; $href = ''; echo '<table cellpadding="5" cellspacing="0" border="0" width="95%">'; echo '<tr>'; echo '<td>'; foreach ($connecteds as $connected) { $conAvatar = null; $conAvatar = getFieldValue('image', $connected->avatar, $connected); $emailIMG = getFieldValue('primaryemailaddress', $connected->email, $connected, null, 1); $pmIMG = getFieldValue('pm', $connected->username, $connected, null, 1); $onlineIMG = $ueConfig['allow_onlinestatus'] == 1 ? getFieldValue('status', $connected->isOnline, $connected, null, 1) : ''; if ($connected->accepted == 1 && $connected->pending == 1) { $actionIMG = '<img src="components/com_comprofiler/images/pending.png" border="0" alt="' . _UE_CONNECTIONPENDING . '" title="' . _UE_CONNECTIONPENDING . '" /> ' . '<a href="' . cbSef('index.php?option=com_comprofiler&act=connections&task=denyConnection&connectionid=' . $connected->memberid . ($Itemid ? '&Itemid=' . (int) $Itemid : '')) . '" onclick="return confirmSubmit();">' . '<img src="components/com_comprofiler/images/publish_x.png" border="0" alt="' . _UE_REMOVECONNECTION . '" title="' . _UE_REMOVECONNECTION . '" /></a>'; } elseif ($connected->accepted == 1 && $connected->pending == 0) { $actionIMG = '<a href="' . cbSef('index.php?option=com_comprofiler&act=connections&task=denyConnection&connectionid=' . $connected->referenceid . ($Itemid ? '&Itemid=' . (int) $Itemid : '')) . '" onclick="return confirmSubmit();">' . '<img src="components/com_comprofiler/images/publish_x.png" border="0" alt="' . _UE_REMOVECONNECTION . '" title="' . _UE_REMOVECONNECTION . '" /></a>'; } elseif ($connected->accepted == 0) { $actionIMG = '<a href="' . cbSef('index.php?option=com_comprofiler&act=connections&task=acceptConnection&connectionid=' . $connected->referenceid . ($Itemid ? '&Itemid=' . (int) $Itemid : '')) . '">' . '<img src="components/com_comprofiler/images/tick.png" border="0" alt="' . _UE_ACCEPTCONNECTION . '" title="' . _UE_ACCEPTCONNECTION . '" /></a> ' . '<a href="' . cbSef('index.php?option=com_comprofiler&act=connections&task=denyConnection&connectionid=' . $connected->referenceid . ($Itemid ? '&Itemid=' . (int) $Itemid : '')) . '" onclick="return confirmSubmit();">' . '<img src="components/com_comprofiler/images/publish_x.png" border="0" alt="' . _UE_REMOVECONNECTION . '" title="' . _UE_DECLINECONNECTION . '" /></a>'; } $tipField = '<b>' . _UE_CONNECTEDSINCE . '</b> : ' . dateConverter($connected->membersince, 'Y-m-d', $ueConfig['date_format']); if (getLangDefinition($connected->type) != null) { $tipField .= '<br /><b>' . _UE_CONNECTIONTYPE . '</b> : ' . getLangDefinition($connected->type); } if ($connected->description != null) { $tipField .= '<br /><b>' . _UE_CONNECTEDCOMMENT . '</b> : ' . htmlspecialchars($connected->description); } $tipTitle = _UE_CONNECTEDDETAIL; $htmltext = $conAvatar; $style = 'style="padding:5px;"'; $tooltip = cbFieldTip($ui, $tipField, $tipTitle, $width, $icon, $htmltext, $href, $style, '', false); echo '<div class="connectionBox">'; echo $actionIMG . '<br />'; echo $tooltip . '<br />'; echo $onlineIMG . ' ' . getNameFormat($connected->name, $connected->username, $ueConfig['name_format']); echo '<br /><a href="' . cbSef('index.php?option=com_comprofiler&task=userProfile&user='******'&Itemid=' . (int) $Itemid : '')) . '"><img src="components/com_comprofiler/images/profiles.gif" border="0" alt="' . _UE_VIEWPROFILE . '" title="' . _UE_VIEWPROFILE . '" /></a> ' . $emailIMG . ' ' . $pmIMG . "\n"; echo " </div>\n"; } echo '</td>'; echo '</tr>'; echo '</table>'; } echo $tabs->endTab(); } echo $tabs->endPane(); if (isset($_REQUEST['tab'])) { $_CB_framework->outputCbJQuery("showCBTabPaneMy( '" . addslashes(urldecode(stripslashes(cbGetParam($_REQUEST, 'tab')))) . "' );"); } elseif (!(count($actions) > 0)) { $_CB_framework->outputCbJQuery("tabPanemyCon.setSelectedIndex( 1 );"); } echo '<div style="clear:both;padding:5px"><a href="' . cbSef('index.php?option=com_comprofiler' . getCBprofileItemid(true)) . '">' . _UE_BACK_TO_YOUR_PROFILE . '</a></div>'; }
?> <!DOCTYPE html> <html lang="en"> <head> <meta charset="UTF-8"> <title>Document</title> </head> <body> <?php // print_r($_SESSION); // echo "<br/>"; // $str = "adrtestenc"; // echo "$str <br/>"; // $str_enc = q3_encrypt($str); // echo "$str_enc <br/>"; // $str_dec = q3_decrypt($str_enc); // echo "$str_dec <br/>"; $date = "12/08/2016"; echo(dateConverter($date)); echo "<br/>"; echo(adrNoGenerator2('56179694')); ?> </body> </html>
$nation = "NULL"; } $ethnic = mysqli_real_escape_string($con, $_POST['ethnic']); if ($ethnic == "" || $ethnic == NULL || empty($ethnic)) { $ethnic = "NULL"; } $reportDate = mysqli_real_escape_string($con, $_POST['reportDate']); $reportDate = dateConverter($reportDate); $cntctNo = mysqli_real_escape_string($con, $_POST['cntctNo']); $ptEmail = mysqli_real_escape_string($con, $_POST['ptEmail']); $ptHealthProb = mysqli_real_escape_string($con, $_POST['ptHealthProb']); // Part 3 $reactStDate = mysqli_real_escape_string($con, $_POST['reactStDate']); $reactStDate = dateConverter($reactStDate); $reactEdDate = mysqli_real_escape_string($con, $_POST['reactEdDate']); $reactEdDate = dateConverter($reactEdDate); $otrSideEff = mysqli_real_escape_string($con, $_POST['otrSideEff']); $rt1stTime = mysqli_real_escape_string($con, $_POST['rt1stTime']); if ($rt1stTime == "" || $rt1stTime == NULL || empty($rt1stTime)) { $rt1stTime = "NULL"; } $rt1stTimeUnit = mysqli_real_escape_string($con, $_POST['rt1stTimeUnit']); if ($rt1stTimeUnit == "" || $rt1stTimeUnit == NULL || empty($rt1stTimeUnit)) { $rt1stTimeUnit = "NULL"; } $sbsided = mysqli_real_escape_string($con, $_POST['sbsided']); if ($sbsided == "" || $sbsided == NULL || empty($sbsided)) { $sbsided = "NULL"; } $reApp = mysqli_real_escape_string($con, $_POST['reApp']); if ($reApp == "" || $reApp == NULL || empty($reApp)) {
$formID = $_POST['formID']; $drugListID = $_POST['drugListID']; $prdctName = $_POST['prdctName']; $genericName = $_POST['genericName']; $MALnum = $_POST['MALnum']; $labQuantity = $_POST['labQuantity']; $labQuantityUnit = $_POST['labQuantityUnit']; $labPackSize = $_POST['labPackSize']; $labPackSizeUnit = $_POST['labPackSizeUnit']; $labManuDate = $_POST['labManuDate']; $labManuDate = dateConverter($labManuDate); $labExpDate = $_POST['labExpDate']; $labExpDate = dateConverter($labExpDate); $labBatchNo = $_POST['labBatchNo']; $labSendDate = $_POST['labSendDate']; $labSendDate = dateConverter($labSendDate); $labRemarks = $_POST['labRemarks']; $sql = "INSERT INTO adr_sample\n\tSET\n\tadrSampleID=NULL,\n\tadrFormID={$formID},\n\tresult='',\n\tquantity='{$labQuantity}',\n\tbatchno='{$labBatchNo}',\n\tlab_sent_date='{$labSendDate}',\n\tmanf_date='{$labManuDate}',\n\texpiry_date='{$labExpDate}',\n\tremarks='{$labRemarks}',\n\tunit='{$labQuantityUnit}',\n\tpacksize='{$labPackSize}',\n\tpackunit='{$labPackSizeUnit}',\n\tproduct_name='{$prdctName}'"; $uSql = "UPDATE adr_druglist\n\tSET\n\tlab_status='SENTTOLAB'\n\tWHERE adrDrugListID = '{$drugListID}'"; $res = mysqli_query($con, $sql) or die(mysqli_error($con)); if ($res) { $uRes = mysqli_query($con, $uSql) or die(mysqli_error($con)); if ($uRes) { header("Location: adr_list_samples_lab.php"); } else { echo "Update status error"; } } else { echo "An Error Occured"; } }
/** * Generates the HTML to display the user profile tab * @param moscomprofilerTab $tab the tab database entry * @param moscomprofilerUser $user the user being displayed * @param int $ui 1 for front-end, 2 for back-end * @return mixed either string HTML for tab content, or false if ErrorMSG generated */ function getDisplayTab($tab, $user, $ui) { global $_CB_framework, $_CB_database, $ueConfig; $return = null; if (!$ueConfig['allowConnections'] || isset($ueConfig['connectionDisplay']) && $ueConfig['connectionDisplay'] == 1 && $_CB_framework->myId() != $user->id) { return null; } $params = $this->params; $con_ShowTitle = $params->get('con_ShowTitle', '1'); $con_ShowSummary = $params->get('con_ShowSummary', '0'); $con_SummaryEntries = $params->get('con_SummaryEntries', '4'); $con_pagingenabled = $params->get('con_PagingEnabled', '1'); $con_entriesperpage = $params->get('con_EntriesPerPage', '10'); $pagingParams = $this->_getPaging(array(), array("connshow_")); $showall = $this->_getReqParam("showall", false); if ($con_ShowSummary && !$showall && $pagingParams["connshow_limitstart"] === null) { $summaryMode = true; $showpaging = false; $con_entriesperpage = $con_SummaryEntries; } else { $summaryMode = false; $showpaging = $con_pagingenabled; } $isVisitor = null; if ($_CB_framework->myId() != $user->id) { $isVisitor = "\n AND m.pending=0 AND m.accepted=1"; } if ($showpaging || $summaryMode) { //select a count of all applicable entries for pagination if ($isVisitor) { $contotal = $this->_getUserNumberOfConnections($user); } else { $query = "SELECT COUNT(*)" . "\n FROM #__comprofiler_members AS m" . "\n LEFT JOIN #__comprofiler AS c ON m.memberid=c.id" . "\n LEFT JOIN #__users AS u ON m.memberid=u.id" . "\n WHERE m.referenceid=" . (int) $user->id . "\n AND c.approved=1 AND c.confirmed=1 AND c.banned=0 AND u.block=0" . $isVisitor . "\n "; $_CB_database->setQuery($query); $contotal = $_CB_database->loadResult(); if (!is_numeric($contotal)) { $contotal = 0; } } } if (!$showpaging || $pagingParams["connshow_limitstart"] === null || $con_entriesperpage > $contotal) { $pagingParams["connshow_limitstart"] = "0"; } $query = "SELECT m.*,u.name,u.email,u.username,c.avatar,c.avatarapproved, u.id " . "\n FROM #__comprofiler_members AS m" . "\n LEFT JOIN #__comprofiler AS c ON m.memberid=c.id" . "\n LEFT JOIN #__users AS u ON m.memberid=u.id" . "\n WHERE m.referenceid=" . (int) $user->id . "" . "\n AND c.approved=1 AND c.confirmed=1 AND c.banned=0 AND u.block=0" . $isVisitor . "\n ORDER BY m.membersince DESC, m.memberid ASC"; $_CB_database->setQuery($query, (int) ($pagingParams["connshow_limitstart"] ? $pagingParams["connshow_limitstart"] : 0), (int) $con_entriesperpage); $connections = $_CB_database->loadObjectList(); if (!count($connections) > 0) { $return .= _UE_NOCONNECTIONS; return $return; } if ($con_ShowTitle) { if ($_CB_framework->myId() == $user->id) { $return .= "<h3 class=\"cbConTitle\">" . _UE_YOURCONNECTIONS . "</h3>"; } else { $return .= "<h3 class=\"cbConTitle\">" . sprintf(_UE_USERSNCONNECTIONS, getNameFormat($user->name, $user->username, $ueConfig['name_format'])) . "</h3>"; } } $return .= $this->_writeTabDescription($tab, $user); $live_site = $_CB_framework->getCfg('live_site'); $boxHeight = $ueConfig['thumbHeight'] + 46; $boxWidth = $ueConfig['thumbWidth'] + 28; foreach ($connections as $connection) { $conAvatar = getFieldValue('image', $connection->avatar, $connection); $emailIMG = getFieldValue('primaryemailaddress', $connection->email, $connection, null, 1); $pmIMG = getFieldValue('pm', $connection->username, $connection, null, 1); $onlineIMG = $ueConfig['allow_onlinestatus'] == 1 ? getFieldValue('status', null, $connection, null, 1) : ""; if ($connection->accepted == 1 && $connection->pending == 1) { $actionIMG = '<img src="' . $live_site . '/components/com_comprofiler/images/pending.png" border="0" alt="' . _UE_CONNECTIONPENDING . "\" title=\"" . _UE_CONNECTIONPENDING . "\" /> <a href=\"" . cbSef("index.php?option=com_comprofiler&act=connections&task=removeConnection&connectionid=" . $connection->memberid) . "\" onclick=\"return confirmSubmit();\" ><img src=\"" . $live_site . "/components/com_comprofiler/images/publish_x.png\" border=\"0\" alt=\"" . _UE_REMOVECONNECTION . "\" title=\"" . _UE_REMOVECONNECTION . "\" /></a>"; } elseif ($connection->accepted == 1 && $connection->pending == 0) { $actionIMG = "<a href=\"" . cbSef("index.php?option=com_comprofiler&act=connections&task=removeConnection&connectionid=" . $connection->memberid) . "\" onclick=\"return confirmSubmit();\" ><img src=\"" . $live_site . "/components/com_comprofiler/images/publish_x.png\" border=\"0\" alt=\"" . _UE_REMOVECONNECTION . "\" title=\"" . _UE_REMOVECONNECTION . "\" /></a>"; } elseif ($connection->accepted == 0) { $actionIMG = "<a href=\"" . cbSef("index.php?option=com_comprofiler&act=connections&task=acceptConnection&connectionid=" . $connection->memberid) . '"><img src="' . $live_site . "/components/com_comprofiler/images/tick.png\" border=\"0\" alt=\"" . _UE_ACCEPTCONNECTION . "\" title=\"" . _UE_ACCEPTCONNECTION . "\" /></a> <a href=\"" . cbSef("index.php?option=com_comprofiler&act=connections&task=removeConnection&connectionid=" . $connection->memberid) . '"><img src="' . $live_site . "/components/com_comprofiler/images/publish_x.png\" border=\"0\" alt=\"" . _UE_REMOVECONNECTION . "\" title=\"" . _UE_DECLINECONNECTION . "\" /></a>"; } $tipField = "<b>" . _UE_CONNECTEDSINCE . "</b> : " . dateConverter($connection->membersince, 'Y-m-d', $ueConfig['date_format']); if (getLangDefinition($connection->type) != null) { $tipField .= "<br /><b>" . _UE_CONNECTIONTYPE . "</b> : " . getConnectionTypes($connection->type); } if ($connection->description != null) { $tipField .= "<br /><b>" . _UE_CONNECTEDCOMMENT . "</b> : " . htmlspecialchars($connection->description); } $tipTitle = _UE_CONNECTEDDETAIL; $htmltext = $conAvatar; $style = "style=\"padding:5px;\""; $tooltipAvatar = cbFieldTip($ui, $tipField, $tipTitle, '250', '', $htmltext, '', $style, '', false); if ($_CB_framework->myId() == $user->id) { $return .= "<div class=\"connectionBox\" style=\"position:relative;height:" . ($boxHeight + 24) . "px;width:" . $boxWidth . "px;\">" . "<div style=\"position:absolute; top:3px; width:auto;left:5px;right:5px;\">" . $actionIMG . '</div>' . "<div style=\"position:absolute; top:18px; width:auto;left:5px;right:5px;\">" . $tooltipAvatar . '</div>' . "<div style=\"position:absolute; bottom:0px; width:auto;left:5px;right:5px;\">" . $onlineIMG . " " . getNameFormat($connection->name, $connection->username, $ueConfig['name_format']) . "<br /><a href=\"" . cbSef("index.php?option=com_comprofiler&task=userProfile&user="******"><img src="' . $live_site . "/components/com_comprofiler/images/profiles.gif\" border=\"0\" alt=\"" . _UE_VIEWPROFILE . "\" title=\"" . _UE_VIEWPROFILE . "\" /></a> " . $emailIMG . " " . $pmIMG . "\n"; } else { $return .= "<div class=\"connectionBox\" style=\"position:relative;height:" . $boxHeight . "px;width:" . $boxWidth . "px;\">" . "<div style=\"position:absolute; top:10px; width:auto;left:5px;right:5px;\">" . $tooltipAvatar . '</div>' . "<div style=\"position:absolute; bottom:0px; width:auto;left:5px;right:5px;\">" . $onlineIMG . " " . getNameFormat($connection->name, $connection->username, $ueConfig['name_format']) . "\n"; } $return .= "</div></div>\n"; } $return .= "<div style=\"clear:both;\"> </div>"; // Add paging control at end of list if paging enabled if ($showpaging && $con_entriesperpage < $contotal) { $return .= "<div style='width:95%;text-align:center;'>" . $this->_writePaging($pagingParams, "connshow_", $con_entriesperpage, $contotal) . "</div>"; } if ($con_ShowSummary && $_CB_framework->myId() == $user->id || $summaryMode && $con_entriesperpage < $contotal) { $return .= "<div class=\"connSummaryFooter\" style=\"width:100%;clear:both;\">"; if ($_CB_framework->myId() == $user->id) { // Manage connections link: $return .= "<div id=\"connSummaryFooterManage\" style=\"float:left;\">" . "<a href=\"" . cbSef('index.php?option=com_comprofiler&task=manageConnections') . "\" >[" . _UE_MANAGECONNECTIONS . "]</a>" . "</div>"; } if ($summaryMode && $con_entriesperpage < $contotal) { // See all of user's ## connections $return .= "<div id=\"connSummaryFooterSeeConnections\" style=\"float:right;\">" . "<a href=\"" . $this->_getAbsURLwithParam(array("showall" => "1")) . "\">"; if ($_CB_framework->myId() == $user->id) { $return .= sprintf(_UE_SEEALLNCONNECTIONS, $contotal); } else { $return .= sprintf(_UE_SEEALLOFUSERSNCONNECTIONS, getNameFormat($user->name, $user->username, $ueConfig['name_format']), "<strong>" . $contotal . "</strong>"); } $return .= "</a>" . "</div>"; } $return .= " </div>" . "<div style=\"clear:both;\"> </div>"; } return $return; }
/** * OBSOLETE METHOD: Left for backwards compatibility if plugins use even this... * DO NOT USE ANYMORE: will be removed in next CB version. */ function prepareFieldDataSave($fieldId, $fieldType, $fieldName, $value = null, $registration = 0, $field = null) { global $ueConfig, $_POST, $_CB_database, $_PLUGINS; switch ($fieldType) { case 'date': $sqlFormat = "Y-m-d"; $fieldForm = str_replace('y', 'Y', $ueConfig['date_format']); $value = dateConverter(cbGetUnEscaped($value), $fieldForm, $sqlFormat); break; case 'webaddress': if (isset($_POST[$fieldName . "Text"]) && $_POST[$fieldName . "Text"]) { $oValuesArr = array(); $oValuesArr[0] = str_replace(array('mailto:', 'http://', 'https://'), '', cbGetUnEscaped($value)); $oValuesArr[1] = str_replace(array('mailto:', 'http://', 'https://'), '', cbGetUnEscaped(isset($_POST[$fieldName . "Text"]) ? stripslashes(cbGetParam($_POST, $fieldName . "Text", '')) : "")); $value = implode("|*|", $oValuesArr); } else { $value = str_replace(array('mailto:', 'http://', 'https://'), '', cbGetUnEscaped($value)); } break; case 'emailaddress': $value = str_replace(array('mailto:', 'http://', 'https://'), '', cbGetUnEscaped($value)); break; case 'editorta': $value = cbGetUnEscaped($value); $badHtmlFilter =& $this->getInputFilter(array(), array(), 1, 1); if (isset($ueConfig['html_filter_allowed_tags']) && $ueConfig['html_filter_allowed_tags']) { $badHtmlFilter->tagBlacklist = array_diff($badHtmlFilter->tagBlacklist, explode(" ", $ueConfig['html_filter_allowed_tags'])); } $value = $this->clean($badHtmlFilter, $value); break; case 'radio': $value = array($value); // intentionally no break: fall through: // intentionally no break: fall through: case 'multiselect': case 'multicheckbox': case 'select': if ($value === null) { $value = array(); } $_CB_database->setQuery("SELECT fieldtitle AS id FROM #__comprofiler_field_values" . "\n WHERE fieldid = " . (int) $fieldId . "\n ORDER BY ordering"); $Values = $_CB_database->loadResultArray(); if (!is_array($Values)) { $Values = array(); } foreach ($value as $k => $v) { if (!in_array(cbGetUnEscaped($v), $Values)) { unset($value[$k]); } } $value = cbGetUnEscaped(implode("|*|", $value)); break; case 'checkbox': if ($value === null || !in_array($value, array("0", "1"))) { $value = ""; } $value = cbGetUnEscaped($value); break; case 'delimiter': break; case 'textarea': case 'primaryemailaddress': case 'pm': case 'image': case 'status': case 'formatname': case 'predefined': default: $value = cbGetUnEscaped($value); if ($field != null) { $args = array(&$field, null, &$_POST, 'edit'); $value = $_PLUGINS->callField($fieldType, 'prepareFieldDataSave', $args, $field); } break; } return $value; }
// $rptrOrgPub = $_POST['rptrOrgPub']; // // $rptrState = getStateNameByID($rptrStatePub); // $rptrOrg = getPremNameByID($rptrOrgPub); // } // else // { // $rptrOrg = mysqli_real_escape_string($con, $_POST['rptrOrgPri']); // } $rptrState = mysqli_real_escape_string($con, $_POST['rptrState']); $rptrOrg = mysqli_real_escape_string($con, $_POST['rptrOrg']); $rptrAddrs = mysqli_real_escape_string($con, $_POST['rptrAddrs']); $rptrDept = mysqli_real_escape_string($con, $_POST['rptrDept']); $rptrCntct = mysqli_real_escape_string($con, $_POST['rptrCntct']); $rptrEmail = mysqli_real_escape_string($con, $_POST['rptrEmail']); $rptrDateofRpt = mysqli_real_escape_string($con, $_POST['rptrDateofRpt']); $rptrDateofRpt = dateConverter($rptrDateofRpt); $rptVerName = mysqli_real_escape_string($con, $_POST['rptVerName']); $rptrVerDesig = mysqli_real_escape_string($con, $_POST['rptrVerDesig']); $rptrCmt = mysqli_real_escape_string($con, $_POST['rptrCmt']); $delQuery = "DELETE FROM adrdata WHERE adrFormID = {$formID}"; $query = "INSERT INTO adrdata\n\t(adrDataIDAI, adrFormID, Adrno, Madracno, CCIN, Source, \n\t\tState, Inst, report_type, age, age_unit, age_group, \n\t\twt, sex, ethnic, race, onset_date, date_end_reaction, \n\t\tonset_time, onset_time_unit, extent, notes, atccode, outcome, \n\t\treaction_subsided, reaction_reappeared, reaction_treatment, date_of_death, death_code, reaction_relation, \n\t\tlab_data, history, historyCont, `status`, \n\t\treporter_name, reporter_dept, report_date, reporter_faxno, reporter_comment, reporter_org, \n\t\treporter_telno, reporter_email, reporter_address, reporter_state, madrac_action, total_drugs, \n\t\tdechall, rechall, causality1, causality2, pred_code, add_info, \n\t\trep_who, adr_type, icdcode, adr_desc, initial, madrac, \n\t\tweb_hosp, desig, partbody, literature_ref, study_name, lastMenDate, \n\t\tgesPer, gesPerUnit, weight, height, seriousness, seriousnessCrit, \n\t\trt1stTime, rt1stTimeUnit, rtLastTime, rtLastTimeUnit, causeOfDeath, autopsyYesNo, \n\t\tautopsyText, report_comment, ADR_ORIGIN, ADR_CURRENTSTAT, senderIden, dateRcv, \n\t\tstudy_type, study_type_otr, reportInit, pregnancyStat, allergyStat, allergyText,\n\t\tcaseType, ptDOB, rptVerName, rptrVerDesig,\n\t\tchInitial, chAge, chAgeUnit, chAgeGrp, chSex,\n\t\tprimRptrQuali, primRptrName, primRptrDesig, primRptrState, primRptrOrg, primRptrDept, primRptrAddrs,\n\t\tinitRptNum, log_id)\nVALUES (NULL, {$formID}, '{$adrNo}', '{$madracno}', '', {$primSource}, \n\t\t'', '', {$typeOfReport}, {$ptAge}, {$ptageUnit}, {$ptAgeGrp}, \n\t\t'', '{$sex}', '{$ethnic}', '', '', '', \n\t\t0, 0, '', '{$refNo}', '', '', \n\t\t'', '', '', '', '', '', \n\t\t'{$relInves}', '{$history}', {$historyCont}, '{$status}', \n\t\t'{$rptrName}', '{$rptrDept}', '{$rptrDateofRpt}', '', '', '{$rptrOrg}', \n\t\t'{$rptrCntct}', '{$rptrEmail}', '{$rptrAddrs}', '{$rptrState}', '', 0, \n\t\t'', '', '', '', '', '', \n\t\t'', '', '', '{$adrDesc}', '{$ptInitial}', '', \n\t\t'', '{$rptrDesig}', '', '{$litrRef}', '{$stdName}', '{$lastMenDate}', \n\t\t{$gesPer}, {$gesPerUnit}, {$weight}, {$height}, NULL, '', \n\t\t0, 0, 0, 0, '', 0, \n\t\t'', '{$rptrCmt}', '', '', '{$senderIden}', '{$dateRptRcv}', \n\t\t'{$studyType}', '{$studyTypeOtr}', {$reportInit}, {$pregnancyStat}, {$allergyStat}, '{$allergyText}',\n\t\t{$caseType}, '{$ptDOB}', '{$rptVerName}', '{$rptrVerDesig}',\n\t\t'{$chInitial}', {$chAge}, {$chAgeUnit}, {$chAgeGrp}, '{$chSex}',\n\t\t{$primRptrQuali}, '{$primRptrName}', '{$primRptrDesig}', '{$primRptrState}', '{$primRptrOrg}', '{$primRptrDept}', '{$primRptrAddrs}',\n\t\t'{$initRptNum}', '{$staff_id}')"; // $log = " $query ".time().PHP_EOL; // file_put_contents('log.txt', $log, FILE_APPEND); $dupStat = checkDuplicate($formID); $delRes = mysqli_query($con, $delQuery); $res = mysqli_query($con, $query); if ($res) { $log = "Form: {$formID} submitted " . time() . PHP_EOL; file_put_contents('log.txt', $log, FILE_APPEND); header("Location: submit_adr_view_res.php?vtype={$retURLParam}"); } else {
//echo "<center><h2>Hello, " . $r['username'] . "</h2>"; //echo "<a href='logout.php'>Log Out</a></center>"; } } ?> <div align="center" style="border:1px solid red;font-size: 20px;text-decoration: none"> <?php include 'connection.php'; //DB connection file. include 'date.php'; //DB connection file. if (isset($_GET['date']) && isset($_GET['challanName']) && isset($_GET['challanProduct']) && isset($_GET['qty']) && isset($_GET['partyName']) && isset($_GET['actProduct']) && isset($_GET['lorry'])) { $date = dateConverter($_GET['date']); $product = strtoupper($_GET['actProduct']); $qty = $_GET['qty']; $party = strtoupper($_GET['partyName']); $lorry = strtoupper($_GET['lorry']); $cName = $_GET['challanName']; $cProduct = strtoupper($_GET['challanProduct']); if (!empty($date) && !empty($product) && !empty($qty) && !empty($party) && !empty($lorry)) { $str = "INSERT INTO sales(date, product, qty, party, lorry, cName, cProduct) VALUES(:date, :product, :qty, :party, :lorry, :cName, :cProduct);"; $query = $db->prepare($str); $query->bindValue(':date', $date); $query->bindValue(':product', $product); $query->bindValue(':qty', $qty); $query->bindValue(':party', $party); $query->bindValue(':lorry', $lorry); $query->bindValue(':cName', $cName);
} function isValidQuantity($quantity) { return is_numeric($quantity); } function isValidChallanProduct($challanProduct) { if ($challanProduct == '') { return true; } $validChallanProduct = "MS SS1 LMS MTT MTT(P) KSO DIESEL"; return strpos($validChallanProduct, $challanProduct) !== false ? true : false; } if (isset($_POST['csvDate']) && isset($_POST['csv'])) { //getting the date and csv of user into a variable and making all letters uppercase. $date = dateConverter($_POST['csvDate']); // get it from user input & validate $csvString = trim(strtoupper($_POST['csv'])); // get it from user input & validate $queryStr = "INSERT INTO sales (date, party, product, qty, lorry, cName, cProduct) VALUES "; //-----end of user provided data $eachRowData = explode("\n", $csvString); //userinput turned into array $i = 1; foreach ($eachRowData as $key => $value) { //check if the line has exactly 5 comma substr_count($value, ",") == 5 ? 1 : die("wrong data format..! unusual amount of comma (,) found on line " . $i); $arrayOfColumns = explode(",", trim($value)); //each row exploded into columns //each run of outer foreach will create a value set $queryStr .= "(";
<?php include "connection_pure.php"; include 'function.php'; if (isset($_POST['formID'])) { session_start(); if (isset($_SESSION)) { $staff_id = $_SESSION['staff_id']; } else { $staff_id = "0"; } $formID = $_POST['formID']; $labTestType = mysqli_real_escape_string($con, $_POST['labTestType']); $labResDate = mysqli_real_escape_string($con, $_POST['labResDate']); $labResDate = dateConverter($labResDate); $labRes = mysqli_real_escape_string($con, $_POST['labRes']); $query = "INSERT INTO labdatares\n\t\t\t\t\t(LDS_ID, adrFormID, LDS_TESTTYPE, LDS_RESDATE, LDS_RES, log_id)\n\t\t\t\t\tVALUES (NULL, {$formID}, '{$labTestType}', '{$labResDate}', '{$labRes}', '{$staff_id}')"; $res = mysqli_query($con, $query); if ($res) { $log = "{$formID}, {$labTestType}, {$labResDate}, {$labRes} : SUCCESS " . time() . PHP_EOL; file_put_contents('log.txt', $log, FILE_APPEND); echo "Successfully added: \n Test Type: {$labTestType} \n Test Date: {$labResDate} \n Result: {$labRes}"; } else { $log = "{$query}" . time() . PHP_EOL; file_put_contents('log.txt', $log, FILE_APPEND); echo "An Error Occured"; } }