$Name = strval($_GET['n']);
$State = strval($_GET['s']);
$StartDate = strval($_GET['sd']);
$EndDate = strval($_GET['ed']);
$Hashtag = strval($_GET['h']);
$TW_Account = strval($_GET['ta']);
$OwnerID = strval($_GET['o']);
// If is New/Old Influencer
if ($Talk_ID == 'new') {
$sql = 'INSERT INTO talks(name, owner_id, state_id, start_date, end_date, event_id, hashtag, twitter_account)
VALUES ("' . $Name . '", "' . $OwnerID . '", "' . $State . '", "' . $StartDate . '", "' . $EndDate . '", "' . "0" . '", "' . $Hashtag . '", "' . $TW_Account . '")';
$returnMessage = "Nueva charla/encuesta creada. Para ver los cambios, refresca la pagina.";
// To send an email notification.
// $msg = htmlentities($_SESSION['login_user']) . " acaba de crear una charla.";
$msg = "Se acaba de crear la encuesta:\n" . $Name . "\n\nCon el hashtag:\n#" . $Hashtag;
$sendTo = "*****@*****.**";
$subject = "Encuesta creada en DecideNow";
sendEmail($msg, $sendTo, $subject);
//Insert log Create Talk
insertLog($OwnerID, 6, "No IP captured.");
} else {
$sql = 'UPDATE talks SET name="' . $Name . '", state_id = "' . $State . '", start_date = "' . $StartDate . '", end_date = "' . $EndDate . '", hashtag = "' . $Hashtag . '", twitter_account = "' . $TW_Account . '" WHERE id=' . $Talk_ID;
$returnMessage = "Charla/Encuesta actualizada. Para ver los cambios, refresca la pagina.";
}
// Execute query
if ($con->query($sql) === TRUE) {
echo $returnMessage;
} else {
echo "Error: " . $sql . "--->" . $con->error;
}
$con->close();
if ($_REQUEST['frm_send_copy'] == "yes") {
$strLog .= ' and a copy also sent to "' . strtolower($strEmailFrom) . '"';
}
insertLog($strLog);
} else {
echo "Failed to send email!";
}
} elseif ($_REQUEST['action'] == 'upload' && $_REQUEST['booking_id']) {
// get supplier ID
$intSupplierID = $db->dbIDToField('mbs_bookings', 'booking_id', intval($_REQUEST['booking_id']), 'supplier_id');
// get supplier name
$strSupplierName = $db->dbIDToField('mbs_suppliers', 'supplier_id', intval($intSupplierID), 'supplier_name');
// get booking code
$strBookingCode = $db->dbIDToField('mbs_bookings', 'booking_id', intval($_REQUEST['booking_id']), 'booking_code');
// get file path
$strFilePath = "uploads/" . date('Y') . "/" . date('m') . "/";
// get file name
//$strFileName = $db->dbIDToField('mbs_bookings', 'booking_id', $_REQUEST['booking_id'], 'booking_file_name');
$strFileName = str_replace("C:\\fakepath\\", "", $_REQUEST['frm_file']);
$query = "UPDATE `mbs_bookings` SET `booking_file_path` = '" . $strFilePath . "', `booking_file_name` = '" . $strFileName . "' WHERE `booking_id` = '" . mysql_real_escape_string($_REQUEST['booking_id']) . "' LIMIT 1";
$result = mysql_query($query);
if ($result) {
echo 'File "' . $strFileName . '" is successfully uploaded as attachment for Booking "' . $strBookingCode . '"';
$strLog = 'Upload file for Booking "' . $strBookingCode . '" is successful.';
insertLog($strLog);
}
}
//--> Upload
} else {
echo "<p>The form was not submitted correctly!</p>";
}
//$platform = $_POST['platform'];
$ip = $_SERVER['REMOTE_ADDR'];
$expires = date("Y-m-d H:i:s", time() + 60 * 30);
//30分钟
$now = date("Y-m-d H:i:s");
$date = date("Y-m-d");
$_SESSION['cus_id'] = $cus_id;
$_SESSION['sessid'] = session_id();
$sessid = session_id();
$log = findLog($cus_id, $ip, $sessid, $db);
//var_dump($_SESSION);
//查找日志是否存在
if (empty($log)) {
//如果不存在添加
$dataLog = array('cus_id' => $cus_id, 'ip' => $ip, 'expires' => $expires, 'sessid' => $sessid, 'platform' => $platform);
$insertLog = insertLog($dataLog, $db);
} else {
$dataLog = array('expires' => $expires, 'ip' => $ip, 'sessid' => $sessid);
$updateLog = updateLog($cus_id, $dataLog, $db);
}
//查看是否存在统计记录
$counter = findCount($cus_id, $db);
if (empty($counter)) {
//不存在,添加
$dataCount = array('cus_id' => $cus_id, 'record_date' => $date);
$insertCount = insertCount($dataCount, $db);
}
if (isset($insertLog)) {
$updateCount = updateCount($cus_id, $platform, $counter, $db);
echo 'update statis succeed';
} else {
/*Load the information*/
$tipo = $_POST['tipo'];
$information = $_POST['information'];
$lang = $_POST['lang'];
/* AFILIADO
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
*/
if ($tipo === 'Afiliado') {
// load the contact and the url information from afiliado
//echo "loading information of Afiliado y el id es:".$information;
if ($result = $mysqli->query("SELECT * FROM afiliado WHERE id = '" . $information . "' && active=1")) {
$row = $result->fetch_assoc();
$nameZona = getZonaName($row["zona"]);
$arr = array("nombre" => $row["nombre"], "tipo_afiliado" => $row["tipo"], "zona" => $nameZona, "contacto" => $row["contacto"], "telefono" => $row["telefono"], "fax" => $row["fax"], "correo" => $row["correo"], "web" => $row["web"], "url_logo" => "" . $row["url_logo"], "url_qr" => "" . $row["url_qr"], "url_slide1" => "/admin/assets/uploads/files/" . $row["url_slide1"], "url_slide2" => "/admin/assets/uploads/files/" . $row["url_slide2"], "url_slide3" => "/admin/assets/uploads/files/" . $row["url_slide3"], "url_slide4" => "/admin/assets/uploads/files/" . $row["url_slide4"], "url_video" => "/admin/assets/uploads/videos/" . $row["url_video"], "video_active" => $row["video_active"]);
$hora_Actual = new DateTime(date('Y-m-d H:i:s', strtotime("now")));
$insertResult = insertLog($information, $hora_Actual->format('Y-m-d H:i:s'));
echo json_encode($arr);
$result->close();
}
} else {
if ($tipo === 'Provincia') {
$rows = array();
$zonaid = getZonaID($information);
if ($result = $mysqli->query("SELECT id,nombre FROM afiliado WHERE zona = '" . $zonaid . "' && active=1 && tipo <=10")) {
while ($row = $result->fetch_assoc()) {
$rows[] = $row;
}
$result->close();
}
echo json_encode($rows);
} else {
$rData = array();
if (!isLoggedIn()) {
$jsonData = array('success' => false, 'root' => array(), 'error' => array('title' => 'Login Required', 'reason' => 'You have to login for this operation.'));
} else {
if (empty($_GET['serverID']) || intval($_GET['serverID']) < 1) {
$jsonData = array('success' => false, 'root' => array(), 'error' => array('title' => 'Error!', 'reason' => 'Unable to load server ID.'));
} else {
if (!isset($_GET['account'])) {
$jsonData = array('success' => false, 'root' => array(), 'error' => array('title' => 'Error!', 'reason' => 'Unable to load account'));
} else {
if (!DB_GetRow($srv, DB_TABLE_RPC_SERVER, $rDbStruct[DB_TABLE_RPC_SERVER], array('WHERE' => "`id`='" . intval($_GET['serverID']) . "'"))) {
$jsonData = array('success' => false, 'root' => array(), 'error' => array('title' => 'Error!', 'reason' => 'Unable to load server information.'));
} else {
if (!rpc_request($rpcOut, $srv, array('method' => 'getaddressesbyaccount', 'params' => array(FixJsonDecodeBug($_GET['account']))))) {
$jsonData = array('success' => false, 'root' => array(), 'error' => array('title' => 'Error!', 'reason' => 'unable to list accounts!<br />Reason:' . $rpcOut->error->message));
insertLog("ERROR", "getaddressesbyaccount", "unable to get account address!", sprintf("code:#%d,message:%s", $rpcOut->error->code, $rpcOut->error->message));
} else {
$n = count($rpcOut->result);
for ($i = 0; $i < $n; $i++) {
$rData[] = array('address' => $rpcOut->result[$i]);
}
$jsonData = array('success' => true, 'root' => $rData, 'message' => sprintf("Total: %d address(es) found. ", count($rData)), 'error' => array());
}
}
}
}
}
} else {
if ($currentAction == "getbrutes") {
$rData = array();
if (!isLoggedIn()) {
}
}
} else {
if ($currentAction == "FlushLogs") {
$rpcOut;
if (!isLoggedIn()) {
$jsonData = array('success' => false, 'root' => array(), 'error' => array('title' => 'Login Required', 'reason' => 'You have to login for this operation.'));
} else {
if (defined("DEMO_MODE") && DEMO_MODE) {
$jsonData = array('success' => false, 'root' => array(), 'error' => array('title' => 'Demo Mode Enabled', 'reason' => 'Change is not allowed in demo mode!'));
} else {
if (!DB_delete(DB_TABLE_LOGS, array('WHERE' => '1'))) {
$jsonData = array('success' => false, 'root' => array(), 'error' => array('title' => 'Error!', 'reason' => 'Unable to flush log table.'));
} else {
$jsonData = array('success' => true, 'root' => array(), 'error' => array());
insertLog("OK", "FlushLogs", "log records successfully flushed!", "");
}
}
}
}
}
}
}
}
}
}
}
}
}
header("content type: application/json");
echo json_encode($jsonData);
$rec = mysql_query("SELECT idTM FROM tm WHERE Rut = '{$user}' AND Password = '******'") or die(mysql_error());
if (mysql_affected_rows() == 1) {
insertLog('login', dirname(__FILE__) . '?&user='******'&IP=' . $_SERVER['REMOTE_ADDR']);
$resultado = getTMRut($user);
//var_dump($resultado34);
$_SESSION['idusuario'] = $resultado['idTM'];
$_SESSION["usuario"] = $resultado['Nombre'];
$_SESSION["context"] = "tm";
//header("location:index.php");
//var_dump($user1);
echo "Tm";
}
$rec2 = mysql_query("SELECT * FROM empresa WHERE Rut = '{$user}' AND Password = '******'") or die(mysql_error());
if (mysql_affected_rows() == 1) {
//se inserta log de ingreso
insertLog('login', dirname(__FILE__) . '?&user='******'&IP=' . $_SERVER['REMOTE_ADDR']);
//se buscan los datos del a empresa
$resultado34 = getEmpresaRut($user);
if ($resultado34) {
$_SESSION['idusuario'] = $resultado34['idEmpresa'];
$_SESSION["usuario"] = $resultado34['Nombre'];
$_SESSION["context"] = "empresa";
//header("location:centros/index.php");
echo "Empresa";
} else {
echo 0;
}
}
} else {
echo 0;
}
function updateData($id, $showForm = TRUE, $logDesc = NULL)
{
$data = $_REQUEST;
if (isset($data['save'])) {
$i = 0;
foreach ($this->tableSchema as $field => $attrs) {
if ($attrs['type'] != "foo") {
$simpleData = $data[str_replace('.', '_', $field)];
if ($attrs['type'] == 'date' && $simpleData == '') {
} elseif ($this->formObjectChanges[$field]['type'] == "file" && $_FILES[str_replace('.', '_', $field)]['name'] == '') {
} else {
if ($this->formObjectChanges[$field]['type'] == "file") {
global $filesPathDirectory;
if (is_uploaded_file($_FILES[str_replace('.', '_', $field)]['tmp_name'])) {
copy($_FILES[str_replace('.', '_', $field)]['tmp_name'], $filesPathDirectory . $_FILES[str_replace('.', '_', $field)]['name']);
$simpleData = $_FILES[str_replace('.', '_', $field)]['name'];
$upload = true;
}
if (!$upload) {
echo "El archivo no cumple con las reglas establecidas";
}
}
if ($i == 0) {
$comma = "";
} else {
$comma = ", ";
}
if ($this->formObjectChanges[$field]['enc'] == 'md5') {
$simpleData = md5($simpleData);
} elseif ($this->formObjectChanges[$field]['type'] == "checkbox") {
$simpleData = implode(',', $simpleData);
}
if ($attrs['type'] == 'timestamp') {
$attrs['type'] = 'date';
}
if ($attrs['type'] == 'text') {
$attrs['type'] = 'varchar';
}
if ($attrs['type'] == 'varchar') {
$dataWithType = "'" . $simpleData . "'";
} elseif ($attrs['type'] == 'date') {
$dataWithType = "'" . $simpleData . "'";
} elseif (($attrs['type'] == 'numeric' || $attrs['type'] == 'int4' || $attrs['type'] == 'int8') && $simpleData == '') {
$dataWithType = 'null';
} else {
$dataWithType = $simpleData;
}
if ($attrs['type'] == 'date') {
$simpleData = date('d-m-Y', strtotime($simpleData));
}
$simpleField = explode(".", $field);
if ($simpleField[1] == "user" || $simpleField[1] == "order") {
$simpleField[1] = '"' . $simpleField[1] . '"';
}
$datas = $datas . $comma . $simpleField[1] . '=' . $dataWithType;
if ($this->itemTemp) {
$arrayForItemTemp[$simpleField[1]] = $dataWithType;
}
$i += 1;
}
}
}
if ($this->itemTemp) {
$arrayForItemTemp = array_reverse($arrayForItemTemp, TRUE);
$arrayForItemTemp[$this->idField] = "{$id}";
$arrayForItemTemp = array_reverse($arrayForItemTemp, TRUE);
$_SESSION[$this->tableName][$id] = $arrayForItemTemp;
$flag = TRUE;
$state = TRUE;
} else {
$sql = 'UPDATE ' . $this->tableName . ' SET ' . $datas . ' WHERE ' . $this->idField . '=' . $id;
$conn = $this->connection();
$state = pg_query($conn, $sql);
$flag = TRUE;
$this->lastId = $id;
include "insertLog.php";
insertLog($this->tableName, $_SESSION['UserId'], $this->lastId, "u", $logDesc);
}
//echo $sql;
}
if ($showForm or !isset($data['save'])) {
if ($this->itemTemp) {
$select = $_SESSION[$this->tableName][$id];
} else {
$dataForForm = new DB($this->tableName, $this->idField);
$select = $dataForForm->select(array($this->idField => $id));
}
$this->showForm($select);
$flag = FALSE;
} else {
if ($state != FALSE) {
echo '<p align="center" id="ok" style="background:#FAFFCF url(' . $this->myPathForm . 'images/ok.png) no-repeat 40px 7px;margin:40px auto; width:300px; height:25px; font-size:11px; font-weight:bold; padding-top:10px; border:2px solid #0d6f1c; -moz-border-radius:5px; text-align:center;">Item modificado on exito</p><br>';
} else {
echo '<h1>Error al Modificar el item: <br>' . pg_last_error() . '</h1><br>';
}
}
return $flag;
}
$password = strval($_GET['p']);
$country = strval($_GET['c']);
$ip = strval($_GET['ad']);
// If is New/Old Influencer
//if ($userID == 'new') {
$sql = 'INSERT INTO members(username, email, password, state, country)
VALUES ("' . $name . '", "' . $email . '", "' . $password . '", "1' . '", "' . $country . '")';
$returnMessage = "Tu usuario fue creado.";
// } else {
// $sql = 'UPDATE events SET name="' . $Name
// . '", state_id = "'. $State
// . '", start_date = "' . $StartDate
// . '", end_date = "' . $EndDate
// . '", owner_id = "' . $OwnerID
// . '", hashtag = "' . $Hashtag
// . '" WHERE id=' . $Event_ID;
// $returnMessage = "Evento actualizado. Para ver los cambios, refresca la pagina.";
// }
// Execute query
if ($con->query($sql) === TRUE) {
// To send an email notification.
$msg = "Se acaba de registrar el usuario:\n" . $name . "\n\nDe:\n" . $country;
$sendTo = "*****@*****.**";
$subject = "Nuevo usuario registrado en DecideNow";
sendEmail($msg, $sendTo, $subject);
insertLog(0, 5, $ip);
echo $returnMessage;
} else {
echo "Error: " . $sql . "--->" . $con->error;
}
$con->close();
if (isset($_SESSION['login_user'])) {
// To send an email notification.
$msg = htmlentities($_SESSION['login_user']) . " acaba de iniciar sesión.";
$sendTo = '*****@*****.**';
$subject = "Inicio de Sesion en DecideNow";
sendEmail($msg, $sendTo, $subject);
// Get the IP Address
$ip = "No IP captured";
if (!empty($_SERVER['HTTP_CLIENT_IP'])) {
$ip = $_SERVER['HTTP_CLIENT_IP'];
} elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) {
$ip = $_SERVER['HTTP_X_FORWARDED_FOR'];
} else {
$ip = $_SERVER['REMOTE_ADDR'];
}
insertLog(htmlentities($_SESSION['id_user']), 1, $ip);
header("location: mySurveys.php");
//echo $_SESSION['login_user'];
}
// function sendEmail($msg, $sendTo, $subject){
// // use wordwrap() if lines are longer than 70 characters
// $msg = wordwrap($msg,70);
// // send email
// mail($sendTo,$subject,$msg);
// }
?>
<!DOCTYPE html>
<html>
<head>
<head>
<link rel="stylesheet" href = "http://maxcdn.bootstrapcdn.com/bootstrap/3.2.0/css/bootstrap.min.css">