function updateDBNo($NewNumber, $db)
{
global $SQLFile;
if (!isset($SQLFile)) {
$sql = "UPDATE config SET confvalue='" . $NewNumber . "' WHERE confname='DBUpdateNumber'";
executeSQL($sql, $db);
$_SESSION['DBUpdateNumber'] = $NewNumber;
}
}
function createUser($user, $pwd)
{
$insertSQL = "INSERT INTO user(email, passwd) VALUES(\"{$user}\", \"{$psw}\")";
$result = executeSQL($insertSQL);
if (!$result) {
echo "<script>alert('创建用户失败,请稍候再试!'); history.go(-1);</script>";
return false;
}
return true;
}
include "includes/function.php";
//Get the query string and complete the SQL query
$user_id = $user_info_id = "";
if (isset($_POST['person_id'])) {
$user_id = $_POST['person_id'];
}
if (isset($_POST['address_id'])) {
$user_info_id = $_POST['address_id'];
}
// Generate the query
if ($user_id != "" && $user_info_id != "") {
//if default address, update with default empty no_address
$default_address = isAddressDefault($user_info_id);
if (!$default_address) {
// Delete the customer's information
$req_delete = "DELETE FROM " . constant('_VM_TABLE_PREFIX_') . "_user_info WHERE user_id=" . $user_id . "";
echo executeSQL($req_delete);
} else {
// Update the default address
$address = "no_adress";
$zip = "no_zip";
$city = "no_city";
$country = "no_country";
$street = "no_street";
$addressUpdateQuery1 = sprintf("UPDATE " . constant('_VM_TABLE_PREFIX_') . "_user_info SET\n " . $_PERS_PARAMS_MAPPING['address'] . "=%s, \n " . $_PERS_PARAMS_MAPPING['zip'] . "=%s,\n " . $_PERS_PARAMS_MAPPING['city'] . "=%s, \n " . $_PERS_PARAMS_MAPPING['country'] . "=%s\n WHERE user_info_id=%s ", GetSQLValueString($address, "text"), GetSQLValueString($zip, "text"), GetSQLValueString($city, "text"), GetSQLValueString($country, "text"), GetSQLValueString($user_info_id, "int"));
echo executeSQL($addressUpdateQuery1);
}
} else {
echo '\\nInvalid query: No parameter given!';
}
mysql_close();
function ms_gc($sesslt)
{
$tStamp = time() - $sesslt;
return executeSQL("DELETE FROM currentsession WHERE laccess < '{$tStamp}'");
}
exit;
}
if ($_POST['includedata'] == "include") {
executeSQL("insert ws_rate_" . $_POST['newtable'] . " select * from " . $_POST['source'] . " order by areacode;");
}
}
if ($_POST['action'] == "newcost") {
$resultado = mysql_query("show tables like ws_cost_'" . $_POST['newtable'] . "';");
if (mysql_num_rows($resultado) > 0) {
echo "<font size=4>Ya existe una tabla con ese nombre (" . $_POST['newtable'] . "), por favor retroceda y cambie el nombre.";
exit;
}
$resultado = mysql_query("create table ws_cost_" . $_POST['newtable'] . " like " . $_POST['source'] . ";");
if (!$resultado) {
echo "<font size=6 color='red'>Ha habido un error creando la nueva tabla, por favor dirígase al administrador del sistema";
exit;
}
if ($_POST['includedata'] == "include") {
executeSQL("insert ws_cost_" . $_POST['newtable'] . " select * from " . $_POST['source'] . " order by areacode;");
}
}
function executeSQL($sql)
{
$resultado = mysql_query($sql) or die("\n <html>\n <head>\n <meta http-equiv=\"refresh\" content=\"5; url = create_ratetable.php\" />\n </head>\n <body bgcolor=\"#1C2D67\">\n <br>\n <font face=\"Verdana\" color=\"#FF0000\" size=\"12\">\n <center>\n There was an error executing your request. <br>\n Please contact the system administrator\n </center>\n </font>\n <br>\n " . mysql_error() . "</body>");
if ($resultado) {
print "\n <html>\n <head>\n <meta http-equiv=\"refresh\" content=\"5; url = create_ratetable.php\" />\n </head>\n <body bgcolor=\"#1C2D67\">\n <br>\n <font face=\"Verdana\" color=\"White\" size=\"4\">\n <center>\n Your request has been executed successfully. <br>\n You are being redirected to the main page.\n </center>\n </font>\n <br>\n </body>";
}
}
?>
</body>
</html>
$userid = getQueryData('userid');
$sql = "select id from tbl_user a where a.userid= '" . $userid . "'";
$userid = executeScalar($db, $sql);
$data = getQueryData('data');
$data = json_decode($data, true);
$servicename = executeScalar($db, "select servicename from tbl_service where delete_flag=0 and id=" . correctSQL($data["service"]));
$sql = "insert into tbl_user_status (userid, serviceid, servicename, unitprice, unittype, start_date, end_date, charge, balance, payment, memo, create_id, create_date, update_id, update_date) values (" . correctSQL($userid) . "," . correctSQL($data["service"]) . "," . correctSQL($servicename) . "," . correctSQL($data["unitprice"], 1) . "," . correctSQL($data["unittype"], 1) . "," . correctSQL(substr($data["start_date"], 0, 10)) . "," . correctSQL(substr($data["end_date"], 0, 10)) . "," . correctSQL($data["charge"], 1) . "," . correctSQL($data["balance"], 1) . "," . correctSQL($data["payment"], 1) . "," . correctSQL($data["memo"]) . "," . correctSQL($login_id) . "," . "now() ," . correctSQL($login_id) . "," . "now());";
executeSQL($db, $sql);
responseData(true, null);
break;
case 'userstatus_update':
$data = getQueryData('data');
$data = json_decode($data, true);
$return = array();
$sql = "update tbl_user_status set memo=" . correctSQL($data["memo"]) . " where delete_flag=0 and id=" . correctSQL($data["id"]);
executeSQL($db, $sql);
responseData(true, null);
break;
case 'viewhistory_list':
$userid = getQueryData('userid');
$sql = "select b.name as channelname, a.start_time, a.end_time from tbl_user_history a, tbl_channel b\r\n\t\t\t\t\t\t\twhere a.userid='" . $userid . "' and a.channelid = b.id and a.delete_flag=0\r\n\t\t\t\t\t\t\torder by start_time desc limit 100";
$result = querySQL($db, $sql);
$data = array();
while ($row = mysql_fetch_assoc($result)) {
$data[] = $row;
}
responseData(true, null, $data);
break;
case 'user_csvdownload':
$sql = "\r\n\t\t\t\t\tselect \r\n\t\t\t\t\t\ta.userid,\r\n\t\t\t\t\t\ta.fullname as name,\r\n\t\t\t\t\t\ta.password,\r\n\t\t\t\t\t\tcase a.type\t when 1 then 'BOX' when 2 then 'MINI' else 'PBOX' end as type,\r\n\t\t\t\t\t\tcase substr(a.flag, 1, 1) when '1' then 'ON' else 'OFF' end as vodflag,\r\n\t\t\t\t\t\ta.tel,\r\n\t\t\t\t\t\ta.email,\r\n\t\t\t\t\t\ta.identitycard,\r\n\t\t\t\t\t\ta.address,\r\n\t\t\t\t\t\tcase a.status when 1 then 'ON' else 'OFF' end as status,\r\n\t\t\t\t\t\tcase a.money_status when 1 then 'ON' else 'OFF' end as money_status,\r\n\t\t\t\t\t\ta.memo,\r\n\t\t\t\t\t\te.meetingcount,\r\n\t\t\t\t\t\ta.macid,\r\n\t\t\t\t\t\td.servicename,\r\n\t\t\t\t\t\td.point as balance,\r\n\t\t\t\t\t\tdate_format(d.start_date, '%Y-%m-%d') as start_date,\r\n\t\t\t\t\t\td.expire_time as end_date,\r\n\t\t\t\t\t\t(case when d.expire_time is null then 0 when d.expire_time = 'free' then null else datediff(d.expire_time, now()) + 1 end) as remain_day,\r\n\t\t\t\t\t\td.payment,\r\n\t\t\t\t\t\tb.name as store_name,\r\n\t\t\t\t\t\tc.name as emp_name,\r\n\t\t\t\t\t\ta.create_id,\r\n\t\t\t\t\t\ta.create_date\r\n\t\t\t\t\tfrom tbl_user a left outer join\r\n\t\t\t\t\t\ttbl_agent_store b on a.agentstoreid=b.id left outer join\r\n\t\t\t\t\t\ttbl_agent_emp c on a.agentempid=c.id left outer join\r\n\t\t\t\t\t\t(\r\n\t\t\t\t\t\t\tselect \r\n\t\t\t\t\t\t\t\t*,\r\n\t\t\t\t\t\t\t\tfn_balance_param(serviceid, unitprice, unittype, balance, start_date) as point,\r\n\t\t\t\t\t\t\t\tfn_expiretime_param(serviceid, unitprice, unittype, end_date) as expire_time\r\n\t\t\t\t\t\t\tfrom \r\n\t\t\t\t\t\t\t(\r\n\t\t\t\t\t\t\t\tselect * from tbl_user_status where delete_flag=0 order by update_date desc\r\n\t\t\t\t\t\t\t) a group by userid\r\n\t\t\t\t\t\t) d on a.id=d.userid left outer join\r\n\t\t\t\t\t\t(\r\n\t\t\t\t\t\t\tselect userid, count(*) as meetingcount from tbl_user_meeting where delete_flag=0 group by userid \r\n\t\t\t\t\t\t) e on a.id=e.userid\r\n\t\t\t\t\twhere a.delete_flag=0 and a.userid != 'anonymous'\r\n\t\t\t\t";
$where = "";
$result = querySQL($conn, $sql);
$row = mysql_fetch_array($result);
$start_date = $row["start_date"];
$now = date("Y-m-d");
$end_date = $row["end_date"];
$days = ceil((strtotime($now) - strtotime($start_date)) / (60 * 60 * 24));
$y = intval(substr($start_date, 0, 4));
$m = intval(substr($start_date, 5, 2));
$d = intval(substr($start_date, 8, 2));
$start_date = date('Y-m-d', mktime(0, 0, 0, $m, $d + $days, $y));
$y = intval(substr($end_date, 0, 4));
$m = intval(substr($end_date, 5, 2));
$d = intval(substr($end_date, 8, 2));
$end_date = date('Y-m-d', mktime(0, 0, 0, $m, $d + $days, $y));
$sql = 'update tbl_user_status' . ' set start_date=' . correctSQL(substr($start_date, 0, 10)) . ' , end_date=' . correctSQL(substr($end_date, 0, 10)) . ' where userid=' . $uid . ' and delete_flag=0';
executeSQL($conn, $sql);
}
}
// set session data
saveLoginInfo($userid, $macid);
}
// get serviceid, expiretime
$row = getUserServiceInfo($conn, $uid);
if ($row == null) {
invalidUser();
}
if ($row["expiretime"] == null || $row["serviceid"] == null) {
expiredUser($userid);
}
$expiretime = $row["expiretime"];
$remainday = intval($row["remainday"]);
/**
*
*Restaure depuis un fichier texte la base de donnees courante.
*
** @param repertoire string
* <p>Nom du repertoire dans lequel le fichier dump sera sauvagarde
* si NULL on sauvegarde dans le repertoire courant</p>
*/
function import()
{
global $modeacces, $connexion;
//desactive les cle etrangere pour pouvoir effacer les tables de la base
$sql = "SET FOREIGN_KEY_CHECKS = 0";
echo "SQL : {$sql}<br/>";
$result = executeSQL($sql);
//quelques informations importantes
$ipsrv = $_SERVER['SERVER_ADDR'];
$versionPHP = getenv("SERVER_SOFTWARE");
$namesrv = $_SERVER['SERVER_NAME'];
$dbname = nomBase();
//si la base existe on supprime les tables
if ($connexion) {
$sql = "SHOW tables";
$results = tableSQL($sql);
foreach ($results as $ligne) {
//on extrait chaque valeur de la ligne courante
$nomTable = $ligne[0];
$sql = "DROP TABLE `{$nomTable}`";
echo "SQL : {$sql}<br/>";
$result = executeSQL($sql);
}
} else {
//sinon on cree la base
$sql = "CREATE DATABASE `{$dbname}` DEFAULT CHARACTER SET utf8 COLLATE utf8_general_ci;";
echo "SQL : {$sql}<br/>";
$result = executeSQL($sql);
}
//on utilise la base de donnees
$sql = "USE `{$dbname}`";
echo "SQL : {$sql}<br/>";
$result = executeSQL($sql);
$versionMySQL = versionMYSQL();
echo "Version : " . $versionMySQL;
//restaure la base en fonction du fichier creer par le dump (V2)
//Lit le fichier et renvoie le résultat dans un tableau
$lines = file($dbname . ".sql");
$versionBase = $lines[1];
$sql = "";
//execute toutes les requetes du fichier de dump
for ($i = 0; $i < count($lines); $i++) {
$line = $lines[$i];
if ($line[0] != '-' && $line[0] != '/' && strlen($line) > 2) {
$sql = $sql . $line;
$test = strrev($line);
$pospv = strpos($test, ";");
if ($pospv > 0 && $pospv < 5) {
echo "SQL : {$sql}<br/>";
$result = executeSQL($sql);
$sql = "";
}
}
}
//reactive les cle etrangere la base
$sql = "SET FOREIGN_KEY_CHECKS = 1";
echo "SQL : {$sql}<br/>";
$result = executeSQL($sql);
$versionBase = substr($versionBase, 23 + strlen($dbname), strlen($versionBase) - 23 - strlen($dbname));
$versionBase = str_replace("à", "<br />", $versionBase);
echo "<font color=green> Version base {$dbname} <br /> {$versionBase} <br />{$namesrv}(IP : {$ipsrv})<br />{$versionPHP}<br />MySQL : {$versionMySQL}</font>";
}
<?php
/* sql script pricing end dates per Ricard
*/
ChangeColumnDefault('enddate', 'prices', 'Date', 'NOT NULL', '0000-00-00', $db);
$sql = "DESC prices enddate";
$result = DB_query($sql, $db);
if (DB_num_rows($result) > 0) {
$sql = "SELECT price FROM prices WHERE enddate='9999-12-31'";
$result = DB_query($sql, $db);
if (DB_num_rows($result) > 0) {
$response = executeSQL("UPDATE prices SET startdate='1999-01-01', enddate='0000-00-00' WHERE enddate='9999-12-31'", $db, False);
if ($response == 0) {
OutputResult(_('The enddate column in the prices table has been updated'), 'success');
} else {
OutputResult(_('The enddate column in the prices table cannot be updated'), 'error');
}
} else {
OutputResult(_('The enddate column in the prices table is already correct'), 'info');
}
} else {
$response = executeSQL("UPDATE prices SET startdate='1999-01-01', enddate='0000-00-00' WHERE enddate='9999-12-31'", $db, False);
}
UpdateDBNo(49, $db);
<?php
/* Ensure the correct conversion factor is stored in the purchase
* order line record
*/
if (!isset($SQLFile)) {
$sql = "SELECT podetailitem,\n\t\t\titemcode,\n\t\t\tpurchorders.supplierno\n\t\tFROM purchorderdetails\n\t\tLEFT JOIN purchorders\n\t\t\tON purchorders.orderno=purchorderdetails.orderno\n\t\tWHERE conversionfactor=0";
$result = DB_query($sql, $db);
while ($myrow = DB_fetch_array($result)) {
$ConversionFactorSQL = "SELECT conversionfactor\n\t\t\t\t\t\t\tFROM purchdata\n\t\t\t\t\t\t\tWHERE supplierno='" . $myrow['supplierno'] . "'\n\t\t\t\t\t\t\t\tAND stockid='" . $myrow['itemcode'] . "'";
$ConversionFactorResult = DB_query($ConversionFactorSQL, $db);
if (DB_num_rows($ConversionFactorResult) > 0) {
$ConversionFactorRow = DB_fetch_array($ConversionFactorResult);
$ConversionFactor = $ConversionFactorRow['conversionfactor'];
} else {
$ConversionFactor = 1;
}
$UpdateSQL = "UPDATE purchorderdetails\n\t\t\t\tSET conversionfactor='" . $ConversionFactor . "'\n\t\t\t\tWHERE podetailitem='" . $myrow['podetailitem'] . "'";
$UpdateResult = executeSQL($UpdateSQL, $db);
}
OutputResult(_('Purchase order details have been correctly updated'), 'success');
}
UpdateDBNo(57, $db);
<?php
include 'tiosafe_config.php';
if (postNotEmpty('address_id')) {
$address_id = zen_db_prepare_input($_POST['address_id']);
$query = 'DELETE FROM ' . TABLE_ADDRESS_BOOK . ' WHERE address_book_id = ' . $address_id;
echo executeSQL($query, $db);
} else {
echo '\\nInvalid query: the parameter address_id is required!';
}
$db->close();
$username = strtolower(str_replace(" ", "_", trim($username)));
$password = md5('AzertyuioP');
// Default password
$usertype = 'Registered';
$gid = "18";
//Firstname, Lastname and Email address are required
if ($first_name != "" && $last_name != "" && $user_email != "" && $street != "" && $zip != "" && $city != "" && $country != "") {
if (!emailExists($user_email)) {
// create the users in default Jomla!1.5 users
// XXX test if username doesn't exists before adding
$personCreateQuery1 = sprintf("INSERT INTO " . constant('_JOOMLA_TABLE_PREFIX_') . "users\n (name, username, email, password, usertype, gid) \n Values (%s, %s, %s, %s, %s, %s)", GetSQLValueString($name, "text"), GetSQLValueString($username, "text"), GetSQLValueString($user_email, "text"), GetSQLValueString($password, "text"), GetSQLValueString($usertype, "text"), GetSQLValueString($gid, "int"));
//echo $personCreateQuery1;
$msg_1 = executeSQL($personCreateQuery1);
// get the id of the inserted user
$user_id = emailExists($user_email);
// If we want the user to log in the virtuemart site
$section_value = "users";
$personCreateQuery1bis = sprintf("INSERT INTO " . constant('_JOOMLA_TABLE_PREFIX_') . "core_acl_aro \n ( section_value, value, name) \n Values ( %s, %s, %s)", GetSQLValueString($section_value, "text"), GetSQLValueString($user_id, "text"), GetSQLValueString($name, "text"));
$msg_1bis = executeSQL($personCreateQuery1bis);
// Create Virtuemart user
$personCreateQuery2 = sprintf("INSERT INTO " . constant('_VM_TABLE_PREFIX_') . "_user_info \n (first_name, last_name, user_email, address_1, zip, city, country,\n address_type, address_type_name, cdate, mdate, user_id, user_info_id) \n Values ( %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s)", GetSQLValueString($first_name, "text"), GetSQLValueString($last_name, "text"), GetSQLValueString($user_email, "text"), GetSQLValueString($street, "text"), GetSQLValueString($zip, "text"), GetSQLValueString($city, "text"), GetSQLValueString($country, "text"), GetSQLValueString($address_type, "text"), GetSQLValueString($address_type_name, "text"), GetSQLValueString($cdate, "text"), GetSQLValueString($mdate, "text"), GetSQLValueString($user_id, "int"), GetSQLValueString($user_info_id, "text"));
//echo $personCreateQuery2;
$msg_2 = executeSQL($personCreateQuery2);
echo $msg_2;
} else {
echo '\\nVirtueMart Error: A user with the email \'' . $user_email . '\' already exists!';
}
} else {
echo '\\nInvalid query: firstname, lastname, email are required!';
}
mysql_close();
$hash_secret = "VirtueMartIsCool";
$user_info_id = md5(uniqid($hash_secret));
$address_type = 'ST';
$address_type_name = '-default-';
$cdate = $timestamp;
// creation date
$mdate = $timestamp;
// modification date
if ($user_id != "" && $street != "" && $zip != "" && $city != "" && $country != "") {
//XXX How to idenify the default address
//$default_address_set = isDefaultAddressSet($user_id);
if (!isDefaultAddressSet($user_id)) {
// Update the person's default address
$address_type = 'BT';
$addressUpdateQuery1 = sprintf("UPDATE " . constant('_VM_TABLE_PREFIX_') . "_user_info SET\n address_1=%s, \n zip=%s,\n city=%s, \n country=%s\n WHERE user_id=%s AND address_type=%s", GetSQLValueString($street, "text"), GetSQLValueString($zip, "text"), GetSQLValueString($city, "text"), GetSQLValueString($country, "text"), GetSQLValueString($user_id, "int"), GetSQLValueString($address_type, "text"));
//echo $addressUpdateQuery1;
$msg_2 = executeSQL($addressUpdateQuery1);
echo $msg_2;
//user_id is required
} else {
// Create a new address
// Create Virtuemart user
$addressCreateQuery2 = sprintf("INSERT INTO " . constant('_VM_TABLE_PREFIX_') . "_user_info \n ( address_1, zip, city, country,\n address_type, address_type_name, cdate, mdate, user_id, user_info_id) \n Values (%s, %s, %s, %s, %s, %s, %s, %s, %s, %s)", GetSQLValueString($street, "text"), GetSQLValueString($zip, "text"), GetSQLValueString($city, "text"), GetSQLValueString($country, "text"), GetSQLValueString($address_type, "text"), GetSQLValueString($address_type_name, "text"), GetSQLValueString($cdate, "text"), GetSQLValueString($mdate, "text"), GetSQLValueString($user_id, "int"), GetSQLValueString($user_info_id, "text"));
echo $addressCreateQuery2;
//$msg_1 = executeSQL($addressCreateQuery2);
echo $msg_1;
}
} else {
echo '\\nInvalid query: address, zip, city and country are required!';
}
mysql_close();
function getUserServiceInfo($conn, $uid)
{
// update start_date for empty
executeSQL($conn, "select fn_update_startdate(" . $uid . ")");
// get serviceid, expiretime
$sql = "\n\t\t\tselect \n\t\t\t\tcase a.expiretime when 'free' then '0000-00-00' else a.expiretime end as expiretime,\n\t\t\t\tcase a.expiretime when 'free' then 0 \telse datediff(a.expiretime, now())+1 end as remainday,\n\t\t\t\tfn_serviceid(" . $uid . ") as serviceid\n\t\t\tfrom \n\t\t\t\t(select fn_expiretime(" . $uid . ") as expiretime) a\n\t\t";
$result = querySQL($conn, $sql);
$row = mysql_fetch_array($result);
return $row;
}
fputs($fp, "\nCreate Product"); // on va a la ligne
fputs($fp, $now."\n"); // on va a la ligne
fputs($fp, $product_reference." - ".$product_name." - ".$product_category); // on écrit le nom et email dans le fichier
fputs($fp, "\n\n"); // on va a la ligne
fclose($fp);*/
//Title and reference are required
if ($product_reference != "" && $product_name != "") {
// if ref doesn't exists create, reference is unique
if (!referenceExists($product_reference)) {
// Create
$productCreateQuery1 = sprintf("INSERT INTO " . constant('_VM_TABLE_PREFIX_') . "_product \n (" . $_PROD_PARAMS_MAPPING['reference'] . ", " . $_PROD_PARAMS_MAPPING['title'] . ",\n product_publish, vendor_id) \n Values (%s, %s, %s, %s)", GetSQLValueString($product_reference, "text"), GetSQLValueString($product_name, "text"), GetSQLValueString('Y', "text"), GetSQLValueString('1', "text"));
$msg_1 = executeSQL($productCreateQuery1);
$product_id = referenceExists($product_reference);
if ($product_price != "") {
$productCreateQuery2 = sprintf("INSERT INTO " . constant('_VM_TABLE_PREFIX_') . "_product_price \n (" . $_PROD_PARAMS_MAPPING['id'] . ", " . $_PROD_PARAMS_MAPPING['sale_price'] . ") \n Values (%s, %s)", GetSQLValueString($product_id, "int"), GetSQLValueString($product_price, "double"));
$msg_2 = executeSQL($productCreateQuery2);
}
/*
if($product_category !="") {
//XXX category parameter can be a list
$parent_categ_id = 0;
$product_category_list = split('/', $product_category);
//take off the erp5 base_category name
unset($product_category_list[array_search(constant('_CATEGORY_INTEGRATION_MAPPING_ID_'),$product_category_list)]);
//$product_category_list = $product_category_list
foreach($product_category_list as $categ_key => $categ_item) {
$categ_id=categoryExists($categ_item);
if(!$categ_id)
{ $productCreateQuery3 = sprintf("INSERT INTO ".constant('_VM_TABLE_PREFIX_')."_category (".$_PROD_PARAMS_MAPPING['category'].", category_publish, vendor_id) Values (%s, %s, %s)",
GetSQLValueString($categ_item, "text"),
<?php
require "../snippets/dbConn.php";
require "../snippets/SQLTools.php";
require "../snippets/utils.php";
session_start();
$com = "SELECT DHR.serviceID, DHR.firstName, DHR.lastName, DHR.address, DHR.phoneNumber, DHR.email, DHR.computerModel, DHR.serviceRequested, DHR.extraParts, DHR.serviceProvided, DHR.serviceProvided, DHR.complete, Du1.firstName as CreatorF, Du1.lastName as CreatorL, Du2.firstName as OpenerF, Du2.lastName as OpenerL, Du3.firstName as CloserF, Du3.lastName as CloserL, Du4.firstName as DelegatedToF, Du4.lastName as DelegatedToL, DHR.delegatedToId, DHR.requestTime, DHR.openTime, DHR.closeTime\n\t\t\tFROM DOC_Hardware_Records DHR\n\t\t\t\tJoin DOC_Users Du1 on DHR.creatorId = Du1.userId\n\t\t\t\tJoin DOC_Users Du2 on DHR.openerId = Du2.userId\n\t\t\t\tJoin DOC_Users Du3 on DHR.closerId = Du3.userId \n\t\t\t\tJoin DOC_Users Du4 on DHR.delegatedToId = Du4.userId\n\t\t\tWHERE DHR.delegatedToId = :id AND DHR.complete = 1 ORDER BY DHR.requestTime DESC";
$ret = executeSQL_Safe($com, $dbConn, ":id", $_SESSION['userID']);
$getUsers = "SELECT * FROM DOC_Users";
$extraInfo = executeSQL($getUsers, $dbConn);
foreach ($ret as $row) {
drawTicket2($row, $extraInfo, $_SESSION['userID']);
}
<?php
require "connectAD.php";
//recupération des variables
$trnNum = $_GET['TRNNUM'];
$lieu = $_GET['lieu'];
$hreMin = $_GET['hreMin'] . ":00.000000";
//Permet la convertion au format datetime de la BDD
$hreMax = $_GET['hreMax'] . ":00.000000";
//Permet la convertion au format datetime de la BDD
$etpFin = $_GET['etpFin'] . ":00.000000";
//Permet la convertion au format datetime de la BDD
$commentaire = $_GET['commentaire'];
if (verificationHorraire($hreMin, $hreMax, $etpFin, "ac13", $trnNum) == false) {
/*echo "<meta http-equiv='refresh' content='0;url=ac13.php?message=<font color=red>Formulaire rempli de manière incorrecte.</font>'>";*/
} else {
//recuperation du plus grand ETPID pour la tournée en question :
$sql = "select ETPID from etape where TRNNUM = " . $trnNum . "; ";
echo $sql . "<br/>";
$etpid = compteSQL($sql);
echo "etpid = {$etpid}<br />";
$etpid += 1;
echo "<br/>" . $etpid . "<br/>";
//requete de remplissage de la table etape (partie AC13, donc incomplete) :
$sql = "INSERT INTO etape(`TRNNUM`, `ETPID`, `LIEUID`, `ETPHREMIN`, `ETPHREMAX`, `ETPHREFIN`, `ETPCOMMENTAIRE`) \n\t\t\t\tVALUES ({$trnNum}, {$etpid} , {$lieu} ,' {$hreMin} ',' {$hreMax} ', ' {$etpFin} ', ' {$commentaire} ');";
$result = executeSQL($sql);
//redirection vers la page de creation de tournée :
echo "<meta http-equiv='refresh' content='0;url=ac12.php?TRNNUM=" . $trnNum . "'>";
}
if (isset($_POST['email'])) {
$email = $_POST['email'];
}
// Generate the query
$req_select = "SELECT user_info_id AS id, ";
$req_select .= "company AS title, ";
$req_select .= "phone_1 AS phone, ";
$req_select .= "fax AS fax, ";
$req_select .= "user_email AS email, ";
$req_select .= "IF (address_1='no_street', '', address_1) AS street, ";
$req_select .= "IF (zip='no_zip', '', zip) AS zip, ";
$req_select .= "IF (city='no_city', '', city) AS city, ";
$req_select .= "IF (country_name='no_country', '', country_name) AS country, ";
$req_select .= "'type/organisation' AS category ";
$req_select .= "FROM " . constant('_VM_TABLE_PREFIX_') . "_user_info usr ";
$req_select .= "LEFT JOIN " . constant('_VM_TABLE_PREFIX_') . "_country ctr ";
$req_select .= "ON usr.country=ctr.country_3_code ";
$req_select .= "WHERE company is not NULL and company != '' ";
if ($organisation_id != "") {
$req_select .= "AND user_info_id = '" . $organisation_id . "' ";
}
if ($title != "") {
$req_select .= "AND company = '" . $title . "' ";
}
if ($email != "") {
$req_select .= "AND email = '" . $email . "' ";
}
$req_select .= "ORDER BY user_info_id ASC";
header('Content-type: text/xml');
echo executeSQL($req_select);
mysql_close();
<?php
/* Ensure that all tablse use the utf8_general_cli
* character set
*/
$sql = 'SHOW TABLES';
$result = DB_Query($sql, $db);
while ($table = DB_fetch_array($result)) {
if (CharacterSet($table[0], $db) != 'utf8_general_ci') {
$response = executeSQL('ALTER TABLE ' . $table[0] . ' CONVERT TO CHARACTER SET utf8', $db);
if ($response == 0) {
OutputResult(_('The character set of') . ' ' . $table[0] . ' ' . _('has been changed to utf8_general_ci'), 'success');
} else {
OutputResult(_('The character set of') . ' ' . $table[0] . ' ' . _('could not be changed to utf8_general_ci'), 'error');
}
} else {
OutputResult(_('The character set of') . ' ' . $table[0] . ' ' . _('is already utf8_general_ci'), 'info');
}
}
UpdateDBNo(1, $db);
/**
* Returns the ID of the last inserted element in a table
* We don't use this WSR because the way the ID is retrieved is not efficient
* and we manage to retrieve directly the after the insertion of the element
* @see createPerson.php
* @see createProduct.php
*/
include_once 'database.php';
include_once 'functions.php';
include_once '../includes/configure.php';
include_once '../includes/database_tables.php';
include_once '../includes/functions/database.php';
if (!postNotEmpty('type')) {
die('Type not given');
}
tep_db_connect() or die('Unable to connect to database');
$type = $_POST['type'];
$query = "";
switch ($type) {
case 'Person':
$query = 'select max(customers_id) as id from ' . TABLE_CUSTOMERS;
break;
case 'Product':
$query = 'select max(products_id) as id from ' . TABLE_PRODUCTS;
break;
default:
die('Unknown type');
}
$xml = executeSQL($query);
header('Content-type: text/xml');
echo $xml;
function query($encode, $conf, $sql)
{
$columnsep = "\t|\t";
// general
$rowsep = "\r\n";
return executeSQL($encode, $conf, $sql, $columnsep, $rowsep, true);
}
function do_import($filename, $option)
{
global $mainframe;
$reader = PHPExcel_IOFactory::createReader('Excel5');
$excelFile = $reader->load($filename);
$sheet = $excelFile->getSheet(0);
$sheet_name = $sheet->getTitle();
$highestRow = $sheet->getHighestRow();
$highestCol = PHPExcel_Cell::columnIndexFromString($sheet->getHighestColumn());
//echo $sheet_name;
//echo '<br/>';
//echo $highestRow;
//echo '<br/>';
//fetch header(field)
$fields_key = '';
for ($column = 1; $column < $highestCol; $column++) {
$val = $sheet->getCellByColumnAndRow($column, 1)->getValue();
$fields_key .= ',' . $val;
}
$fields_key = substr($fields_key, 1);
//echo "<br />";
//get type array
$has_type_row = false;
$typeVal = $sheet->getCellByColumnAndRow(0, 2)->getValue();
if (strcasecmp($typeVal, "type") == 0) {
$has_type_row = true;
}
$succ_count = 0;
$fail_to_import = '';
for ($row = 3; $row <= $highestRow; $row++) {
$values = '';
for ($column = 1; $column < $highestCol; $column++) {
$cell = $sheet->getCellByColumnAndRow($column, $row);
$val = $cell->getValue() instanceof PHPExcel_RichText ? $cell->getValue()->getPlainText() : $cell->getValue();
//echo 'val='.$val.'<br/>';
if (!isset($val) && $val == '') {
$val = 'NULL';
}
$val = str_replace("\\'", " ", $val);
$val = str_replace("\n", "<br/>", $val);
if ($has_type_row) {
$typeVal = $sheet->getCellByColumnAndRow($column, 2)->getValue() instanceof PHPExcel_RichText ? $sheet->getCellByColumnAndRow($column, 2)->getValue()->getPlainText() : $sheet->getCellByColumnAndRow($column, 2)->getValue();
if (strcasecmp($typeVal, "string") == 0 && strcasecmp($val, "null") == 0) {
$val = '';
}
if ((strcasecmp($typeVal, "string") != 0 || strcasecmp($typeVal, "char") != 0) && strcasecmp($val, "null") == 0) {
$values .= ',' . $val;
} else {
$values .= ',\'' . $val . '\'';
}
} else {
$values .= ',\'' . $val . '\'';
}
}
$values = substr($values, 1);
$sql = "insert into {$sheet_name} ({$fields_key}) values ({$values})";
//echo $sql . ';<br/>';
$sql_err = executeSQL($sql);
if ($sql_err == "success") {
$succ_count++;
} else {
$fail_to_import .= '[row=' . $row . ':' . $sql_err . ']<br/>';
}
}
$mainframe->redirect('index.php?option=' . $option, 'Imported ' . $succ_count . ' rows' . (empty($fail_to_import) ? '' : ' reason: ' . $fail_to_import));
}
<?php
AddColumn('authorizerexpenses', 'pctabs', 'VARCHAR(20)', 'NOT NULL', '""', 'authorizer');
$SQL = "UPDATE pctabs SET authorizerexpenses=authorizer";
executeSQL($SQL, $db);
UpdateDBNo(basename(__FILE__, '.php'));
<?php
/* Database updates for latest version
*/
$response = executeSQL("UPDATE config SET confvalue = '4.0' WHERE confname='VersionNumber'", $db, false);
UpdateDBNo(61, $db);
/**
*
*Retourne le type d'une colonne MySQL spécifique
* @param sql string
* <p>Requete SQL.</p>
* @param field_offset integer
* <p>La position numérique du champ. field_offset commence à 0. Si field_offset
* n'existe pas, une alerte E_WARNING sera également générée.</p>
*
*
* @return Retourne le type du champ retourné peut être : "int", "real", "string", "blob"
* ou d'autres, comme détaillé » dans la documentation MySQL.
*/
function typechamp($sql, $field_offset)
{
global $modeacces, $connexion, $mysql_data_type_hash;
$result = executeSQL($sql);
if ($modeacces == "mysql") {
return mysql_field_type($result, $field_offset);
}
if ($modeacces == "mysqli") {
return $mysql_data_type_hash[$result->fetch_field_direct($field_offset)->type];
}
}
case 'saveRobots':
saveRobots();
break;
//保存robots.txt
//保存robots.txt
case 'deleteAllMakeHtml':
deleteAllMakeHtml();
//删除全部生成的html文件
break;
case 'isOpenTemplate':
isOpenTemplate();
break;
//更换模板
//更换模板
case 'executeSQL':
executeSQL();
//执行SQL
break;
case 'function':
callFunction();
break;
//调用function文件函数
//调用function文件函数
case 'function2':
callFunction2();
break;
//调用function2文件函数
//调用function2文件函数
case 'function_cai':
callFunction_cai();
break;
/**
* Create an attribute of a product
*
* @return int, parameter erp5_variation like size/L, size/XL, color/blue,
*/
function deleteProductAttribute($product_id, $product_base_categ, $product_variation)
{
if (!($result = mysql_query("SELECT attribute FROM " . constant('_VM_TABLE_PREFIX_') . "_product \n WHERE product_id='{$product_id}'"))) {
return false;
}
$row = mysql_fetch_array($result);
$vm_category_list = "";
//Get the attributes
$attribute_list = explode(';', $row['attribute']);
// test if the attribute already exists
$pos = strpos(strtolower($row['attribute']), "," . strtolower($product_variation));
if ($pos > 0) {
//attribute already exists
foreach ($attribute_list as $attribute) {
$attribute_value_list = explode(',', $attribute);
$attribute_name = $attribute_value_list[0];
$updated_attibute = "";
if (strtolower($attribute_name) === strtolower($product_base_categ)) {
$updated_attibute = $attribute_name;
for ($i = 1; $i < count($attribute_value_list); $i++) {
$vm_variation = $attribute_value_list[$i];
if (!StartsWith($vm_variation, $product_variation)) {
$updated_attibute .= "," . $vm_variation;
//echo $updated_attibute."<br>";
}
}
$vm_category_list .= $updated_attibute . ";";
} else {
$vm_category_list .= $attribute . ";";
}
}
}
if ($vm_category_list != "") {
$vm_category_list = substr($vm_category_list, 0, strlen($vm_category_list) - 1);
$attributeUpdateQuery = sprintf("UPDATE " . constant('_VM_TABLE_PREFIX_') . "_product \n SET attribute=%s\n WHERE product_id=%s", GetSQLValueString($vm_category_list, "text"), GetSQLValueString($product_id, "int"));
//echo $attributeUpdateQuery;
$msg = executeSQL($attributeUpdateQuery);
return $msg;
} else {
return "<xml><error>Query not executed</error></xml>";
}
}
<?php
/**
* Retrieves all the lines (products linked with an order) of an order
*/
include_once 'database.php';
include_once 'functions.php';
include_once '../includes/configure.php';
include_once '../includes/functions/database.php';
include_once '../includes/database_tables.php';
include_once '../includes/functions/general.php';
tep_db_connect() or die('Unable to connect to database');
if (!postOK('sale_order_id') or !verifyExistence(TABLE_ORDERS_PRODUCTS, 'orders_id', $_POST['sale_order_id'])) {
header('Content-type: text/xml');
echo '<xml></xml>';
die;
}
$query = 'select orders_products_id as id, products_name as title, concat_ws(" ", "", products_name) as reference, products_price as price, products_quantity as quantity, products_tax as vat from ' . TABLE_ORDERS_PRODUCTS . ' where orders_id = ' . $_POST['sale_order_id'];
header('Content-type: text/xml');
echo executeSQL($query);
tep_db_close();
<?php
$path = explode('/modules', dirname(__FILE__));
$config = $path[0] . '/config/settings.inc.php';
include $config;
include 'database.php';
header('Content-Type: text/plain; charset=utf-8');
# build the date
$date = date('y-m-d H:i:s');
# build the sql which create a person
$sql = "INSERT INTO " . constant('_DB_PREFIX_') . "address ( ";
$sql .= "id_country, id_customer, address1, postcode, city, active, deleted, date_add ";
$sql .= " ) VALUES ( ";
# first find the country in the tables and set the corresponding id
if (isset($_POST['country'])) {
$sql .= "(SELECT id_country FROM " . constant('_DB_PREFIX_') . "country_lang ";
$sql .= "WHERE name='" . $_POST['country'] . "' AND id_lang=" . $_POST['language'] . "), ";
} else {
$sql .= "'NULL', ";
}
# finnaly set the other element of the address
$sql .= $_POST['person_id'] . ", ";
$sql .= (isset($_POST['street']) ? "'" . $_POST['street'] . "'" : 'NULL') . ", ";
$sql .= (isset($_POST['zip']) ? "'" . $_POST['zip'] . "'" : 'NULL') . ", ";
$sql .= (isset($_POST['city']) ? "'" . $_POST['city'] . "'" : 'NULL') . ", ";
$sql .= "1, 0, '" . $date . "')";
echo executeSQL($sql);
}
$req_select = "SELECT customers_id AS id, ";
$req_select .= "CONCAT(customers_firstname, ' ', customers_lastname) AS title, ";
$req_select .= "customers_firstname AS firstname, ";
$req_select .= "customers_lastname AS lastname, ";
$req_select .= "customers_email_address AS email, ";
$req_select .= "customers_dob AS birthday ";
$req_select .= "FROM " . TABLE_CUSTOMERS;
$req_select .= " WHERE customers_firstname != '' AND customers_lastname != '' AND customers_email_address != ''";
if ($customers_id != "") {
$req_select .= "AND customers_id='" . $customers_id . "' ";
}
$req_select .= "ORDER BY firstname ASC, lastname ASC, email ASC";
//$person_list = $db->Execute($req_select);
//print_r($person_list);
echo executeSQL($req_select, $db);
/*
$xml = '<xml>';
while (!$person_list->EOF) {
$xml .= '<object>';
$xml .= '<id>' . $person_list->fields['customers_id'] . '</id>';
$xml .= '<title>' . $person_list->fields['customers_gender'] . '</title>';
$xml .= '<firstname>' . $person_list->fields['customers_firstname'] . '</firstname>';
$xml .= '<lastname>' . $person_list->fields['customers_lastname'] . '</lastname>';
$xml .= '<email>' . $person_list->fields['customers_email_address'] . '</email>';
$xml .= '<birthday>' . $person_list->fields['customers_dob'] . '</birthday>';
$xml .= '</object>';
$person_list->MoveNext();
}
