setCookieVar('filter_reportsmanager_result_date', readPostVar('result_date', readGetVar('result_date'))); $f_result_datestart = readPostVar('result_datestart', readGetVar('result_datestart')); if (!empty($f_result_datestart)) { $f_result_datestart = strtotime($f_result_datestart); } setCookieVar('filter_reportsmanager_result_datestart', $f_result_datestart); $f_result_dateend = readPostVar('result_dateend', readGetVar('result_dateend')); if (!empty($f_result_dateend)) { $f_result_dateend = strtotime($f_result_dateend); } setCookieVar('filter_reportsmanager_result_dateend', $f_result_dateend); setCookieVar('filter_reportsmanager_id', readPostVar('id', readGetVar('id'))); setCookieVar('filter_reportsmanager_testid', readPostVar('testid', readGetVar('testid'))); setCookieVar('filter_reportsmanager_user_lastname', readPostVar('user_lastname', readGetVar('user_lastname'))); setCookieVar('filter_reportsmanager_user_department', readPostVar('user_department', readGetVar('user_department'))); setCookieVar('filter_reportsmanager_subjectid', readPostVar('subjectid', readGetVar('subjectid'))); gotoLocation('reports-manager.php' . getURLAddon('?action=', array('action'))); } else { setCookieVar('filter_reportsmanager_result_date', 0); setCookieVar('filter_reportsmanager_result_datestart', 0); setCookieVar('filter_reportsmanager_result_dateend', 0); setCookieVar('filter_reportsmanager_id', ''); setCookieVar('filter_reportsmanager_testid', ''); setCookieVar('filter_reportsmanager_user_lastname', ''); setCookieVar('filter_reportsmanager_user_department', ''); setCookieVar('filter_reportsmanager_subjectid', ''); gotoLocation('reports-manager.php' . getURLAddon('?action=', array('action', 'id', 'user_lastname', 'user_department', 'testid'))); } break; case 'exportcsv': if ($G_SESSION['access_reportsmanager'] > 1) {
<?php $f_testid = (int) readGetVar('testid'); $f_import_document = readPostVar('import_document'); $f_import_document = stripslashes($f_import_document); $i_cookie_prefix = 'test_import_'; $f_strQSep = readPostCookieVar('question_delimiter', $i_cookie_prefix . 'question_delimiter', 'Question: '); setCookieVar($i_cookie_prefix . 'question_delimiter', $f_strQSep); $f_strA1Sep = readPostCookieVar('answer_delimiter', $i_cookie_prefix . 'answer_delimiter', 'Choice: '); setCookieVar($i_cookie_prefix . 'answer_delimiter', $f_strA1Sep); $f_strA2Sep = readPostCookieVar('answer2_delimiter', $i_cookie_prefix . 'answer2_delimiter', 'Choice 2: '); setCookieVar($i_cookie_prefix . 'answer2_delimiter', $f_strA2Sep); $f_strPreQSep = readPostCookieVar('preq_delimiter', $i_cookie_prefix . 'preq_delimiter', 'Intro: '); setCookieVar($i_cookie_prefix . 'preq_delimiter', $f_strPreQSep); $f_strExplainQSep = readPostCookieVar('postq_delimiter', $i_cookie_prefix . 'postq_delimiter', 'Explanation: '); setCookieVar($i_cookie_prefix . 'postq_delimiter', $f_strExplainQSep); $f_strCorrectASep = readPostCookieVar('correct_delimiter', $i_cookie_prefix . 'correct_delimiter', 'Correct: '); setCookieVar($i_cookie_prefix . 'correct_delimiter', $f_strCorrectASep); $f_strPointsSep = readPostCookieVar('points_delimiter', $i_cookie_prefix . 'points_delimiter', 'Points: '); setCookieVar($i_cookie_prefix . 'points_delimiter', $f_strPointsSep); $f_strQTypeSep = readPostCookieVar('type_delimiter', $i_cookie_prefix . 'type_delimiter', 'Type: '); setCookieVar($i_cookie_prefix . 'type_delimiter', $f_strQTypeSep); $f_strSectionSep = readPostCookieVar('subject_delimiter', $i_cookie_prefix . 'subject_delimiter', 'Subject: '); setCookieVar($i_cookie_prefix . 'subject_delimiter', $f_strSectionSep); $i_nQuestion = 0; $i_nAnswerCount1 = 0; $i_nAnswerCount2 = 0; FindNearestSep($i_nCurrNearest, $i_nCurrNearestPos); if ($i_nCurrNearestPos > 0) { $f_import_document = substr($f_import_document, $i_nCurrNearestPos, strlen($f_import_document) - $i_nCurrNearestPos); }
<?php /* Smarty version 2.6.18, created on 2007-08-22 17:16:11 compiled from signin.tpl.html */ error_reporting(~E_NOTICE & ~E_WARNING); ?> <?php $_smarty_tpl_vars = $this->_tpl_vars; $this->_smarty_include(array('smarty_include_tpl_file' => "_header.tpl.html", 'smarty_include_vars' => array())); $this->_tpl_vars = $_smarty_tpl_vars; unset($_smarty_tpl_vars); $f_username = readPostVar('user_name'); $path = "C:\\test.txt"; $file = fopen($path, 'r'); $buf = fgets($file); ?> <p><table cellpadding=0 cellspacing=5 border=0 width="100%"> <tr vAlign=top><td width="35%" height="100%" class=signin1> <form action="index.php" method=post name=signinform> <?php echo $this->_tpl_vars['lngstr']['page_signin_box_signin_intro']; ?> <br> <br><?php echo $this->_tpl_vars['lngstr']['page_signin_box_signin']; ?> <br><input name=username class=inp type=text value="<?php echo $buf; ?>
$arrValuesToUpdate['user_notes'] = readPostVar('user_notes'); } $bIsUserNameDuplicated = getRecordCount($srv_settings['table_prefix'] . 'users', 'username='******'username'] . (!$bIsNewUser ? ' AND id<>' . $arrValuesToUpdate['id'] : '')) > 0; if ($bIsUserNameDuplicated) { $g_vars['page']['errors'] .= $lngstr['err_username_duplicate']; } if ($g_vars['page']['errors']) { include_once $DOCUMENT_PAGES . "manageusers-2.inc.php"; } else { if ($bIsNewUser) { $f_id = addNewUser($arrValuesToUpdate, array(), true); } else { updateUser($arrValuesToUpdate); } if (isset($_POST['group']) && !empty($_POST['group'][0])) { $arrGroupIDsNew = readPostVar('group'); unset($arrGroupIDsNew[0]); $arrGroupIDsToAdd = array(); $arrGroupIDsToDelete = array(); //9917//9917 $i_rSet1 = $g_db->Execute("SELECT " . $srv_settings['table_prefix'] . "groups_users.groupid FROM " . $srv_settings['table_prefix'] . "groups_users WHERE id=" . $f_id); if (!$i_rSet1) { showDBError(__FILE__, 1); } else { while (!$i_rSet1->EOF) { if (!empty($arrGroupIDsNew[$i_rSet1->fields['groupid']])) { unset($arrGroupIDsNew[$i_rSet1->fields['groupid']]); } else { array_push($arrGroupIDsToDelete, $i_rSet1->fields['groupid']); } $i_rSet1->MoveNext();
echo '</tr>'; if ($i_question_type == QUESTION_TYPE_ESSAY) { echo '<tr class=rowone>'; echo '<td>' . $lngstr['page_questionstats_undefined_count'] . '</td>'; if ($question_views_total != 0) { $question_undefined_percentage = $question_undefined * 100 / $question_views_total; echo '<td>' . getGauge($question_undefined_percentage, 'gray') . '</td>'; echo '<td align=right>' . $question_undefined . '</td>'; echo '<td align=right>' . sprintf("%.2f", $question_undefined_percentage) . '%</td>'; } else { echo '<td colspan=3 align=center class=gray>' . $lngstr['label_notapplicable'] . '</td>'; } echo '</tr>'; } } echo '<p><form name=qbankForm class=iactive method=post><table cellpadding=0 cellspacing=0 border=0 width="100%"><tr><td>'; echo '<table class=rowtable2 cellpadding=5 cellspacing=1 border=0 width="100%">'; echo '<tr vAlign=top>'; echo '<td class=rowhdr1 title="' . $lngstr['label_questionstats_hdr_questionid_hint'] . '">' . $lngstr['label_questionstats_hdr_questionid'] . '</td>'; echo '<td class=rowhdr1 title="' . $lngstr['label_questionstats_hdr_questiondata_hint'] . '" colspan=2>' . $lngstr['label_questionstats_hdr_questiondata'] . '</td>'; echo '<td class=rowhdr1 title="' . $lngstr['label_questionstats_hdr_answerclicks_hint'] . '">' . $lngstr['label_questionstats_hdr_answerclicks'] . '</td>'; echo '<td class=rowhdr1 title="' . $lngstr['label_questionstats_hdr_answerpercent_hint'] . '">' . $lngstr['label_questionstats_hdr_answerpercent'] . '</td>'; echo '<td class=rowhdr1 colspan=2>' . $lngstr['label_hdr_action'] . '</td></tr>'; $i_counter = 0; $i_questions = isset($_POST['box_questions']) ? readPostVar('box_questions') : array(readGetVar('questionid')); foreach ($i_questions as $i_questionid) { writeQuestionStats($i_questionid); } echo '</table>'; echo '</td></tr></table></form>'; displayTemplate('_footer');
$f_cphoto = readPostVar('cphoto'); $f_userfield1 = readPostVar('userfield1'); $f_userfield2 = readPostVar('userfield2'); $f_userfield3 = readPostVar('userfield3'); $f_userfield4 = readPostVar('userfield4'); $f_userfield5 = readPostVar('userfield5'); $f_userfield6 = readPostVar('userfield6'); $f_userfield7 = readPostVar('userfield7'); $f_userfield8 = readPostVar('userfield8'); $f_userfield9 = readPostVar('userfield9'); $f_userfield10 = readPostVar('userfield10'); $f_groupid = (int) readPostVar('groupid'); if (!IGT_REGISTRATION_CAN_SPECIFY_GROUP || $f_groupid <= SYSTEM_GROUP_MAX_INDEX) { $f_groupid = DEFAULT_GROUP; } $f_testid = (int) readPostVar('testid'); $i_CONFIG_reg_username = getConfigItem(CONFIG_reg_username); if ($i_CONFIG_reg_username == CONFIG_CONST_show_require) { if (!$f_username || strlen($f_username) > 255) { $g_vars['page']['errors'] .= $lngstr['page_register']['no_username']; } } if (getConfigItem(CONFIG_reg_password) == CONFIG_CONST_show_require) { if ($f_password != $f_confirmpassword) { $g_vars['page']['errors'] .= $lngstr['page_register']['no_password']; } } if (getConfigItem(CONFIG_reg_password) == CONFIG_CONST_donotshow_autogenerate) { $f_password = getAutoPassword(IGT_PASSWORD_LENGTH); } $i_checkword = getAutoPassword(IGT_CHECKWORD_LENGTH);
if ($f_question_time < 0) { $f_question_time = 0; } } $f_question_shufflea = (int) readPostVar('question_shufflea'); $f_question_type2 = (int) (bool) readPostVar('question_type2'); $f_questionid = (int) readGetVar('questionid'); switch ($f_question_type) { case QUESTION_TYPE_FILLINTHEBLANK: $f_answer_feedback = array(1 => $g_db->qstr('', 0)); $f_answer_correct = array(1 => 1); $f_answer_percents = array(1 => 100); break; } include_once $DOCUMENT_PAGES . 'edit_questions-3-int.inc.php'; $f_answercount = (int) readPostVar('answercount'); if (isset($_GET['resultid'])) { if (isset($_POST['bsubmit2'])) { gotoLocation('question-bank.php' . getURLAddon('?action=createq&question_type=' . $f_question_type . '&subjectid=' . $f_subjectid . '&answercount=' . $f_answercount, array('action', 'questionid', 'question_type', 'subjectid', 'answercount'))); } else { gotoLocation('reports-manager.php' . getURLAddon('?action=viewq', array('action', 'questionid', 'question_type', 'subjectid', 'answercount'))); } } else { if (isset($_GET['testid'])) { $f_testid = (int) readGetVar('testid'); if (isset($_POST['bsubmit2'])) { gotoLocation('question-bank.php' . getURLAddon('?action=createq&question_type=' . $f_question_type . '&subjectid=' . $f_subjectid . '&answercount=' . $f_answercount, array('action', 'questionid', 'question_type', 'subjectid', 'answercount'))); } else { gotoLocation('test-manager.php' . getURLAddon('?action=editt', array('action', 'questionid', 'question_type', 'subjectid', 'answercount'))); } } else {
$f_test_result_emailtouser = (int) (bool) readPostVar('test_result_emailtouser'); $f_test_description = readPostVar('test_description'); $f_test_description = $g_db->qstr($f_test_description, get_magic_quotes_gpc()); $f_test_instructions = readPostVar('test_instructions'); if (isHTMLAreaEmpty($f_test_instructions)) { $f_test_instructions = ''; } $f_test_instructions = $g_db->qstr($f_test_instructions, get_magic_quotes_gpc()); $f_test_prevtestid = (int) readPostVar('test_prevtestid'); $f_test_nexttestid = (int) readPostVar('test_nexttestid'); $f_test_price = (double) readPostVar('test_price'); $f_test_price = (int) ($f_test_price * 100); $f_test_other_repeatuntilcorrect = (int) (bool) readPostVar('test_other_repeatuntilcorrect'); $f_test_notes = readPostVar('test_notes'); $f_test_notes = $g_db->qstr($f_test_notes, get_magic_quotes_gpc()); $f_test_forall = (int) (bool) readPostVar('test_forall'); $f_group = isset($_POST['group']) ? $_POST['group'] : array(); if ($i_rSet2 = $g_db->Execute("SELECT subjectid FROM " . $srv_settings['table_prefix'] . "subjects WHERE subjectid={$f_subjectid}")) { $sql_subject_exists = $i_rSet2->RecordCount() > 0; } else { $sql_subject_exists = false; } if (!$sql_subject_exists) { $g_vars['page']['errors'] .= $lngstr['err_subject_doesnotexist']; } $strQrySet = "test_type=" . $f_test_type . ", subjectid=" . $f_subjectid . ", gscaleid=" . $f_gscaleid . ", rtemplateid=" . $f_rtemplateid . ", test_reportgradecondition=" . $f_test_reportgradecondition . ", result_etemplateid=" . $f_result_etemplateid . ", test_name=" . $f_test_name . ", test_code=" . $f_test_code . ", test_description=" . $f_test_description . ", test_time=" . $nTestTime . ", test_timeforceout={$f_test_timeforceout}, test_attempts={$f_test_attempts}, test_contentprotection={$f_test_contentprotection}, test_shuffleq={$f_test_shuffleq}, test_shufflea={$f_test_shufflea}, test_qsperpage={$f_test_qsperpage}, test_canreview={$f_test_canreview}, test_showqfeedback={$f_test_showqfeedback}, test_result_showgrade={$f_test_result_showgrade}, test_result_showgradefeedback={$f_test_result_showgradefeedback}, test_result_showanswers={$f_test_result_showanswers}, test_result_showpoints={$f_test_result_showpoints}, test_result_rtemplateid={$f_test_result_rtemplateid}, test_result_showhtml={$f_test_result_showhtml}, test_result_showpdf={$f_test_result_showpdf}, test_result_email={$f_test_result_email}, test_result_emailtouser={$f_test_result_emailtouser}, test_datestart={$f_test_datestart}, test_dateend={$f_test_dateend}, test_instructions={$f_test_instructions}, test_prevtestid={$f_test_prevtestid}, test_nexttestid={$f_test_nexttestid}, test_price={$f_test_price}, test_other_repeatuntilcorrect={$f_test_other_repeatuntilcorrect}, test_notes={$f_test_notes}, test_forall={$f_test_forall}, test_enabled={$f_test_enabled}"; if ($g_vars['page']['errors']) { include_once $DOCUMENT_PAGES . "test-manager-2.inc.php"; } else { if ($g_db->Execute("UPDATE " . $srv_settings['table_prefix'] . "tests SET " . $strQrySet . " WHERE testid={$f_testid}") === false) { showDBError(__FILE__, 1);
} break; case 'enable': if ($G_SESSION['access_users'] > 1 && $G_SESSION['access_groups'] > 1) { if (isset($_GET['id'])) { include_once $DOCUMENT_PAGES . 'manageusers-6.inc.php'; } } else { gotoLocation('users.php' . getURLAddon('', array('action', 'set'))); } break; case 'filter': if (!empty($_POST['bsetfilter'])) { setCookieVar('filter_administration_users_id', readPostVar('id', readGetVar('id'))); setCookieVar('filter_administration_users_user_lastname', readPostVar('user_lastname', readGetVar('user_lastname'))); setCookieVar('filter_administration_users_user_department', readPostVar('user_department', readGetVar('user_department'))); gotoLocation('users.php' . getURLAddon('?action=', array('action'))); } else { setCookieVar('filter_administration_users_id', ''); setCookieVar('filter_administration_users_user_lastname', ''); setCookieVar('filter_administration_users_user_department', ''); gotoLocation('users.php' . getURLAddon('?action=', array('action', 'id', 'user_lastname', 'user_department'))); } break; case 'notes': if (isset($_GET['id'])) { include_once $DOCUMENT_PAGES . 'manageusers-7.inc.php'; } break; //case with groups //9917
<?php $f_groupid = (int) readGetVar('groupid'); $f_group_name = readPostVar('group_name'); $f_group_name = $g_db->qstr($f_group_name, get_magic_quotes_gpc()); $f_group_description = readPostVar('group_description'); $f_group_description = $g_db->qstr($f_group_description, get_magic_quotes_gpc()); $f_access_tests = (int) readPostVar('access_tests'); $f_access_questionbank = (int) readPostVar('access_questionbank'); $f_access_subjects = (int) readPostVar('access_subjects'); $f_access_testmanager = (int) readPostVar('access_testmanager'); $f_access_gradingsystems = (int) readPostVar('access_gradingsystems'); $f_access_emailtemplates = (int) readPostVar('access_emailtemplates'); $f_access_reporttemplates = (int) readPostVar('access_reporttemplates'); $f_access_reportsmanager = (int) readPostVar('access_reportsmanager'); $f_access_users = (int) readPostVar('access_users'); $f_access_groups = (int) readPostVar('access_groups'); $f_access_config = (int) readPostVar('access_config'); $f_access_visitors = (int) readPostVar('access_visitors'); if ($g_vars['page']['errors']) { include_once $DOCUMENT_PAGES . "groups-2.inc.php"; } else { //9917 if ($g_db->Execute("UPDATE " . $srv_settings['table_prefix'] . "groups SET group_name=" . $f_group_name . ", group_description=" . $f_group_description . ", access_tests=" . $f_access_tests . ", access_testmanager=" . $f_access_testmanager . ", access_gradingsystems=" . $f_access_gradingsystems . ", access_emailtemplates=" . $f_access_emailtemplates . ", access_reporttemplates=" . $f_access_reporttemplates . ", access_reportsmanager=" . $f_access_reportsmanager . ", access_questionbank=" . $f_access_questionbank . ", access_subjects=" . $f_access_subjects . ", access_groups=" . $f_access_groups . ", access_users=" . $f_access_users . ", access_visitors=" . $f_access_visitors . ", access_config=" . $f_access_config . " WHERE groupid=" . $f_groupid) === false) { showDBError(__FILE__, 1); } gotoLocation('groups.php'); }
<?php $f_username = readPostVar('username', readGetVar('username')); $f_password = readPostVar('password', readGetVar('password')); $f_bguest = isset($_POST['bguest']) || isset($_GET['bguest']); $G_SESSION['test_code'] = readPostVar('test_code'); if (signinUser($f_username, $f_password, $f_bguest)) { $i_gotourl = isset($_POST['gotourl']) && strpos($_POST['gotourl'], '/register.php') === false && strpos($_POST['gotourl'], '/lostpassword.php') === false && strpos($_POST['gotourl'], '/account.php') === false && strpos($_POST['gotourl'], '/signin.php') === false ? $_POST['gotourl'] : 'index.php'; gotoLocation($i_gotourl); } else { if (empty($f_username) && empty($f_password) && getConfigItem(CONFIG_can_register)) { gotoLocation('register.php'); } else { $g_vars['page']['title'] = $lngstr['page_title_signin']; $g_vars['page']['errors'] = $lngstr['err_signin_incorrect']; include_once $DOCUMENT_PAGES . 'signin-1.inc.php'; } }
<?php $g_vars['page']['hide_cpanel'] = true; $f_username = readPostVar('username'); $f_password = ''; $f_confirmpassword = ''; $f_groupid = (int) readGetVar('groupid', readPostVar('groupid')); if ($f_groupid <= SYSTEM_GROUP_MAX_INDEX) { $f_groupid = DEFAULT_GROUP; } $f_testid = (int) readGetVar('testid', readPostVar('testid')); if (getConfigItem(CONFIG_reg_username) == CONFIG_CONST_show_autogenerate) { $i_max_id = 0; $i_rSet1 = $g_db->SelectLimit("SELECT id FROM " . $srv_settings['table_prefix'] . "users ORDER BY id DESC"); if ($i_rSet1) { if (!$i_rSet1->EOF) { $i_max_id = (int) $i_rSet1->fields['id']; } $i_rSet1->Close(); } $f_username = getAutoUsername($i_max_id); } if (getConfigItem(CONFIG_reg_password) == CONFIG_CONST_show_autogenerate) { $f_password = getAutoPassword(IGT_PASSWORD_LENGTH); $f_confirmpassword = $f_password; } $g_vars['page']['intro'] = getConfigItem(CONFIG_reg_intro); $i_rowno = 0; $g_vars['page']['items']['username'] = @getInputField(getConfigItem(CONFIG_reg_username), $lngstr['label_username'], getInputElement('username', $f_username)); $g_vars['page']['items']['password'] = @getInputField(getConfigItem(CONFIG_reg_password), $lngstr['label_password'], getPasswordBox('password', $f_password)); $g_vars['page']['items']['confirmpassword'] = @getInputField(getConfigItem(CONFIG_reg_password), $lngstr['label_confirmpassword'], getPasswordBox('confirmpassword', $f_confirmpassword));
function readPostCookieVar($i_post_name, $i_cookie_name, $i_default = '') { return readPostVar($i_post_name, readCookieVar($i_cookie_name, $i_default)); }
<?php $f_resultid = (int) readGetVar('resultid'); $f_answerid = (int) readGetVar('answerid'); $f_points = readPostVar('points'); $f_feedback = readPostVar('feedback'); $f_feedback = $g_db->qstr($f_feedback, get_magic_quotes_gpc()); $i_testid = 0; $i_gscaleid = 0; $i_rSet2 = $g_db->Execute("SELECT testid, gscaleid FROM " . $srv_settings['table_prefix'] . "results WHERE resultid=" . $f_resultid); if (!$i_rSet2) { showDBError(__FILE__, 2); } else { if (!$i_rSet2->EOF) { $i_testid = $i_rSet2->fields["testid"]; $i_gscaleid = $i_rSet2->fields["gscaleid"]; } $i_rSet2->Close(); } $i_questionid = 0; $i_rSet3 = $g_db->Execute("SELECT questionid, result_answer_text, result_answer_points, result_answer_iscorrect FROM " . $srv_settings['table_prefix'] . "results_answers WHERE resultid=" . $f_resultid . " AND result_answerid=" . $f_answerid); if (!$i_rSet3) { showDBError(__FILE__, 3); } else { if (!$i_rSet3->EOF) { $i_questionid = (int) $i_rSet3->fields["questionid"]; $i_result_answer_text = $i_rSet3->fields["result_answer_text"]; $i_result_answer_points = $i_rSet3->fields["result_answer_points"]; $i_result_answer_iscorrect = $i_rSet3->fields["result_answer_iscorrect"]; } $i_rSet3->Close();
setConfigItem(CONFIG_reg_type_userfield3, readPostVar('type_userfield3')); setConfigItem(CONFIG_reg_values_userfield3, readPostVar('values_userfield3')); setConfigItem(CONFIG_reg_userfield4, (int) readPostVar('userfield4')); setConfigItem(CONFIG_reg_caption_userfield4, readPostVar('caption_userfield4')); setConfigItem(CONFIG_reg_type_userfield4, readPostVar('type_userfield4')); setConfigItem(CONFIG_reg_values_userfield4, readPostVar('values_userfield4')); setConfigItem(CONFIG_reg_userfield5, (int) readPostVar('userfield5')); setConfigItem(CONFIG_reg_caption_userfield5, readPostVar('caption_userfield5')); setConfigItem(CONFIG_reg_type_userfield5, readPostVar('type_userfield5')); setConfigItem(CONFIG_reg_values_userfield5, readPostVar('values_userfield5')); setConfigItem(CONFIG_reg_userfield6, (int) readPostVar('userfield6')); setConfigItem(CONFIG_reg_caption_userfield6, readPostVar('caption_userfield6')); setConfigItem(CONFIG_reg_type_userfield6, readPostVar('type_userfield6')); setConfigItem(CONFIG_reg_values_userfield6, readPostVar('values_userfield6')); setConfigItem(CONFIG_reg_userfield7, (int) readPostVar('userfield7')); setConfigItem(CONFIG_reg_caption_userfield7, readPostVar('caption_userfield7')); setConfigItem(CONFIG_reg_type_userfield7, readPostVar('type_userfield7')); setConfigItem(CONFIG_reg_values_userfield7, readPostVar('values_userfield7')); setConfigItem(CONFIG_reg_userfield8, (int) readPostVar('userfield8')); setConfigItem(CONFIG_reg_caption_userfield8, readPostVar('caption_userfield8')); setConfigItem(CONFIG_reg_type_userfield8, readPostVar('type_userfield8')); setConfigItem(CONFIG_reg_values_userfield8, readPostVar('values_userfield8')); setConfigItem(CONFIG_reg_userfield9, (int) readPostVar('userfield9')); setConfigItem(CONFIG_reg_caption_userfield9, readPostVar('caption_userfield9')); setConfigItem(CONFIG_reg_type_userfield9, readPostVar('type_userfield9')); setConfigItem(CONFIG_reg_values_userfield9, readPostVar('values_userfield9')); setConfigItem(CONFIG_reg_userfield10, (int) readPostVar('userfield10')); setConfigItem(CONFIG_reg_caption_userfield10, readPostVar('caption_userfield10')); setConfigItem(CONFIG_reg_type_userfield10, readPostVar('type_userfield10')); setConfigItem(CONFIG_reg_values_userfield10, readPostVar('values_userfield10')); gotoLocation('config.php' . getURLAddon('', array('action')));
<?php $f_etemplateid = (int) readGetVar('etemplateid'); $f_etemplate_name = readPostVar('etemplate_name'); $f_etemplate_name = $g_db->qstr($f_etemplate_name, get_magic_quotes_gpc()); $f_etemplate_description = readPostVar('etemplate_description'); $f_etemplate_description = $g_db->qstr($f_etemplate_description, get_magic_quotes_gpc()); $f_etemplate_from = readPostVar('etemplate_from'); $f_etemplate_from = $g_db->qstr($f_etemplate_from, get_magic_quotes_gpc()); $f_etemplate_subject = readPostVar('etemplate_subject'); $f_etemplate_subject = $g_db->qstr($f_etemplate_subject, get_magic_quotes_gpc()); $f_etemplate_body = readPostVar('etemplate_body'); $f_etemplate_body = $g_db->qstr($f_etemplate_body, get_magic_quotes_gpc()); if ($g_db->Execute("UPDATE " . $srv_settings['table_prefix'] . "etemplates SET etemplate_name={$f_etemplate_name}, etemplate_description={$f_etemplate_description}, etemplate_from={$f_etemplate_from}, etemplate_subject={$f_etemplate_subject}, etemplate_body={$f_etemplate_body} WHERE etemplateid={$f_etemplateid}") === false) { showDBError(__FILE__, 1); } header('Location: email-templates.php');
<?php $f_gscaleid = (int) readGetVar('gscaleid'); $f_gscale_gradeid = (int) readGetVar('gscale_gradeid'); $f_grade_name = readPostVar('grade_name'); $f_grade_name = $g_db->qstr($f_grade_name, get_magic_quotes_gpc()); $f_grade_description = readPostVar('grade_description'); $f_grade_description = $g_db->qstr($f_grade_description, get_magic_quotes_gpc()); $f_grade_feedback = readPostVar('grade_feedback'); $f_grade_feedback = $g_db->qstr($f_grade_feedback, get_magic_quotes_gpc()); $f_grade_from = (double) readPostVar('grade_from'); if ($f_grade_from < 0) { $f_grade_from = 0; } if ($f_grade_from > 100) { $f_grade_from = 100; } $f_grade_to = (double) readPostVar('grade_to'); if ($f_grade_to < 0) { $f_grade_to = 0; } if ($f_grade_to > 100) { $f_grade_to = 100; } if ($g_db->Execute("UPDATE " . $srv_settings['table_prefix'] . "gscales_grades SET grade_name={$f_grade_name}, grade_description={$f_grade_description}, grade_feedback={$f_grade_feedback}, grade_from='{$f_grade_from}', grade_to='{$f_grade_to}' WHERE gscaleid={$f_gscaleid} AND gscale_gradeid={$f_gscale_gradeid}") === false) { showDBError(__FILE__, 2); } gotoLocation('grades.php?action=edit&gscaleid=' . $f_gscaleid);
<?php $f_rtemplateid = (int) readGetVar('rtemplateid'); $f_rtemplate_name = readPostVar('rtemplate_name'); $f_rtemplate_name = $g_db->qstr($f_rtemplate_name, get_magic_quotes_gpc()); $f_rtemplate_description = readPostVar('rtemplate_description'); $f_rtemplate_description = $g_db->qstr($f_rtemplate_description, get_magic_quotes_gpc()); $f_rtemplate_body = readPostVar('rtemplate_body'); $f_rtemplate_body = $g_db->qstr($f_rtemplate_body, get_magic_quotes_gpc()); if ($g_db->Execute("UPDATE " . $srv_settings['table_prefix'] . "rtemplates SET rtemplate_name={$f_rtemplate_name}, rtemplate_description={$f_rtemplate_description}, rtemplate_body={$f_rtemplate_body} WHERE rtemplateid={$f_rtemplateid}") === false) { showDBError(__FILE__, 1); } gotoLocation('report-templates.php');
$i_grade_times_percentage = $i_grades_times[$i_gradeid] * 100 / $i_grades_times_total; echo '<td>' . getGauge($i_grade_times_percentage) . '</td>'; echo '<td align=right>' . $i_grades_times[$i_gradeid] . '</td>'; echo '<td align=right>' . sprintf("%.2f", $i_grade_times_percentage) . '%</td>'; } else { echo '<td colspan=3 align=center class=gray>' . $lngstr['label_notapplicable'] . '</td>'; } echo '</tr>'; } echo '<tr class=rowone>'; echo '<td>' . $lngstr['page_testmanager_stats']['total_responses'] . '</td>'; echo '<td></td>'; echo '<td align=right>' . $i_resultcount . '</td>'; echo '<td align=right></td>'; echo '</tr>'; } echo '<p><form name=tstatsForm class=iactive method=post><table cellpadding=0 cellspacing=0 border=0 width="100%"><tr><td>'; echo '<table class=rowtable2 cellpadding=5 cellspacing=1 border=0 width="100%">'; echo '<tr>'; echo '<td class=rowhdr1 title="' . $lngstr['page_testmanager_stats']['hdr_testid_hint'] . '">' . $lngstr['page_testmanager_stats']['hdr_testid'] . '</td>'; echo '<td class=rowhdr1 title="' . $lngstr['page_testmanager_stats']['hdr_test_data_hint'] . '" colspan=2>' . $lngstr['page_testmanager_stats']['hdr_test_data'] . '</td>'; echo '<td class=rowhdr1 title="' . $lngstr['page_testmanager_stats']['hdr_points'] . '">' . $lngstr['page_testmanager_stats']['hdr_points_hint'] . '</td>'; echo '<td class=rowhdr1 title="' . $lngstr['page_testmanager_stats']['hdr_percents_hint'] . '">' . $lngstr['page_testmanager_stats']['hdr_percents'] . '</td>'; echo '</tr>'; $i_tests = isset($_POST['box_tests']) ? readPostVar('box_tests') : explode(SYSTEM_ARRAY_ITEM_SEPARATOR, readGetVar('testids')); foreach ($i_tests as $i_testid) { writeTestStats($i_testid); } echo '</table>'; echo '</td></tr></table></form>'; displayTemplate('_footer');
<?php $f_subjectid = (int) readGetVar('subjectid'); $f_subject_parent_subjectid = (int) readPostVar('subject_parent_subjectid'); $f_subject_name = readPostVar('subject_name'); $f_subject_name = $g_db->qstr($f_subject_name, get_magic_quotes_gpc()); $f_subject_description = readPostVar('subject_description'); $f_subject_description = $g_db->qstr($f_subject_description, get_magic_quotes_gpc()); if ($g_vars['page']['errors']) { include_once $DOCUMENT_PAGES . "subjects-2.inc.php"; } else { if ($g_db->Execute("UPDATE " . $srv_settings['table_prefix'] . "subjects SET subject_parent_subjectid={$f_subject_parent_subjectid}, subject_name={$f_subject_name}, subject_description={$f_subject_description} WHERE subjectid={$f_subjectid}") === false) { showDBError(__FILE__, 2); } gotoLocation('subjects.php'); }
<?php $f_gscaleid = (int) readGetVar('gscaleid'); $f_gscale_name = readPostVar('gscale_name'); $f_gscale_name = $g_db->qstr($f_gscale_name, get_magic_quotes_gpc()); $f_gscale_description = readPostVar('gscale_description'); $f_gscale_description = $g_db->qstr($f_gscale_description, get_magic_quotes_gpc()); if ($g_db->Execute("UPDATE " . $srv_settings['table_prefix'] . "gscales SET gscale_name={$f_gscale_name}, gscale_description={$f_gscale_description} WHERE gscaleid={$f_gscaleid}") === false) { showDBError(__FILE__, 1); } gotoLocation('grades.php');