function slashes(&$el)
{
if (is_array($el)) {
foreach ($el as $k => $v) {
slashes($el[$k]);
}
} else {
$el = stripslashes($el);
}
}
/**
* 主方法
*@param $json 为NULL输出模板。为1时输出列表数据到前端,格式为Json
*@param $method 为1时,单独输出记录数
*@examlpe
*/
public function index($json = NULL, $pid = NULL, $method = NULL)
{
$Public = A('Index', 'Public');
$Public->check('Log', array('r'));
//main
if (!is_int((int) $json)) {
$json = NULL;
}
$view = C('DATAGRID_VIEW');
$page_row = C('PAGE_ROW');
$groupid = $_SESSION['login']['se_groupID'];
$comyid = $_SESSION['login']['se_comyID'];
$comy = M('User_company_table');
if ($json == 1) {
$userid = $_SESSION['login']['se_id'];
$protype = $comy->where('id=' . $comyid)->getField('type');
if (!$userid) {
echo '';
exit;
}
$notice = D('Log_table');
/*
$data = array(
'user_id'=>1,
'title'=>'测试数据',
'content'=>'测试内容',
'status'=>2,
'addtime'=>'2014-12-09'
);
for($i=0; $i<2000000; $i++){
$notice->add($data);
}
exit;
*/
$result = M();
$Log_table = C('DB_PREFIX') . 'log_table';
$Log_main = C('DB_PREFIX') . 'log_main_table';
$Porject_table = C('DB_PREFIX') . 'project_table';
$Task_table = C('DB_PREFIX') . 'task_table';
$Linkage = C('DB_PREFIX') . 'linkage';
$Reply_main = C('DB_PREFIX') . 'reply_main_table';
$User_table = C('DB_PREFIX') . 'user_table';
$map = array();
if (cookie('aLog')) {
$str_map = slashes(cookie('aLog'));
$map = unserialize($str_map);
unset($str_map);
} else {
$map['id'] = 'id>0 and type=3';
}
if ($pid) {
$map['pro_id'] = ' and pro_id=' . $pid;
}
if ($protype) {
$map['client_id'] = ' and client_id=' . $comyid . ' and views=15';
}
cookie('aTask', serialize($map));
$map = implode(' ', $map);
$get_page = $this->_get('page');
$get_rows = $this->_get('rows');
$page = isset($get_page) ? intval($get_page) : 1;
$rows = isset($get_rows) ? intval($get_rows) : $page_row;
$now_page = $page - 1;
$offset = $now_page * $rows;
$arr_flelds = array('id' => 't1.id as id', 'type' => 't1.type as type', 'user_id' => 't1.user_id as user_id', 'task_id' => 't2.task_id as task_id', 'pro_id' => 't2.pro_id as pro_id', 'title' => 'concat_ws(\'\',t3.username,\' 于 \',t1.workdate,\' 执行了 \',t4.val,\'-\',t5.title) as title', 'usages' => 't1.usage as usages', 'status' => 't6.val as status', 'proname' => 'concat_ws(\'\',\'<a href=javascript:showTab("项目-\',t7.title,\'"\\,\',t7.id,\')>\',t7.title,\'</a>\') as proname', 'client_id' => 't7.client_id as client_id', 'views' => 't7.views as views', 'addtime' => 't1.addtime as addtime', 'workdate' => 't1.workdate as workdate');
$fields = implode(',', $arr_flelds);
unset($arr_flelds);
if (!$view) {
$info = $result->table($Log_table . ' as t1')->field('SQL_CALC_FOUND_ROWS ' . $fields)->join(' ' . $Log_main . ' as t2 on t2.log_id = t1.id')->join(' ' . $User_table . ' as t3 on t3.id = t1.user_id')->join(' right join ' . $Task_table . ' as t5 on t5.id = t2.task_id')->join(' ' . $Linkage . ' as t4 on t4.id = t5.type')->join(' ' . $Linkage . ' as t6 on t6.id = t1.status')->join(' right join ' . $Porject_table . ' as t7 on t7.id = t2.pro_id')->having($map)->order('addtime desc')->limit($offset, $rows)->select();
$count = $result->query('SELECT FOUND_ROWS() as total');
$count = $count[0]['total'];
} else {
$info = $result->table($Log_table . ' as t1')->field($fields)->join(' ' . $Log_main . ' as t2 on t2.log_id = t1.id')->join(' ' . $User_table . ' as t3 on t3.id = t1.user_id')->join(' ' . $Task_table . ' as t5 on t5.id = t2.task_id')->join(' ' . $Linkage . ' as t4 on t4.id = t5.type')->join(' ' . $Linkage . ' as t6 on t6.id = t1.status')->join(' ' . $Porject_table . ' as t7 on t7.id = t2.pro_id')->having($map)->order('addtime desc')->select();
$count = count($info);
}
//dump($info);exit;
$new_info = array();
$items = array();
$new_info['total'] = $count;
if ($method == 'total') {
echo json_encode($new_info);
exit;
} elseif ($method == 'excel') {
if (!$view) {
$info = $result->table($Log_table . ' as t1')->field($fields)->join(' ' . $Log_main . ' as t2 on t2.log_id = t1.id')->join(' ' . $User_table . ' as t3 on t3.id = t1.user_id')->join(' ' . $Task_table . ' as t5 on t5.id = t2.task_id')->join(' ' . $Linkage . ' as t4 on t4.id = t5.type')->join(' ' . $Linkage . ' as t6 on t6.id = t1.status')->join(' ' . $Porject_table . ' as t7 on t7.id = t2.pro_id')->having($map)->order('addtime desc')->select();
}
$char = C('CFG_CHARSET');
$filename = '项目:' . strip_tags($info[0]['proname']) . ' 操作记录';
header("Content-type:application/octet-stream");
header("Accept-Ranges:bytes");
header("Content-type:application/vnd.ms-excel");
header("Content-Disposition:attachment;filename=" . $filename . ".xls");
header("Pragma: no-cache");
header("Expires: 0");
//导出xls 开始
$title = array('动态', '耗时', '状态', '更新于');
$title = array_iconv("UTF-8", NULL, $title);
$title = implode("\t", $title);
echo "{$title}\n";
foreach ($info as $key => $t) {
$item = array("title" => $t['title'], "usages" => $t['usages'], "status" => strip_tags($t['status']), "addtime" => $t['addtime']);
$data[$key] = implode("\t", array_iconv("UTF-8", NULL, $item));
}
echo implode("\n", $data);
exit;
}
$new_info['rows'] = $info ? $info : array();
//dump($new_info);
echo json_encode($new_info);
unset($new_info, $info, $order, $sort, $count, $items);
} else {
$this->assign('page_row', $page_row);
$this->display();
unset($Public);
}
}
echo '</td><td>';
if ($login['user_access_useredit']) {
echo '<a href="admin_group.php?gid=' . $gid . '&group_add_user='******'">' . _h('Add user to group') . '</a>';
}
echo '</td></tr>' . chr(10);
}
echo '</table>' . chr(10);
}
} elseif (isset($_POST['add'])) {
// Adding
if (!$login['user_access_useredit']) {
showAccessDenied($day, $month, $year, $area, true);
exit;
}
// Checking input
$add = slashes(htmlspecialchars(strip_tags($_POST['add']), ENT_QUOTES));
mysql_query("INSERT INTO `groups` ( `group_id` , `user_ids` , `group_name` ) VALUES ('', '', '" . $add . "');");
header("Location: admin_group.php");
exit;
} else {
include "include/admin_middel.php";
echo '<h1>' . __('Usergroups') . '</h1>';
// Add
echo '<form action="admin_group.php" method="post">' . chr(10);
echo '<b>' . __('Add group') . '</b><br>' . chr(10);
if ($login['user_access_useredit']) {
echo '<input type="text" name="add"><br>' . chr(10);
echo '<input type="submit" value="' . __('Add') . '">' . chr(10);
} else {
echo __('You are not allowed to do this.');
}
<?php
}
?>
<div class="okbc_box">
<h3>
<?php
echo $lang['mis_f'];
?>
</h3>
<?php
if (isset($editMoving) && $editMoving == true) {
$mov = mysql_query("SELECT * FROM `{$dData['tablec']}` WHERE `category`='" . slashes($_POST['category']) . "';");
$dData['movSubs'] = unserialize(stripslashes(mysql_result($mov, 0, "subcategory")));
?>
<div class="okbc_block">
<form action="<?php
echo $_SERVER['PHP_SELF'];
?>
" method="post">
<div class="okbc_row">
<strong><?php
echo $lang['mis_g'];
?>
</strong><br />
<?php
echo $lang['mis_h'];
echo " done.<br>Updating repeating entries: ";
$sql = "select id,name,description from mrbs_repeat";
$repeats_res = sql_query($sql);
for ($i = 0; $row = sql_row($repeats_res, $i); $i++) {
$id = $row[0];
$name = slashes(iconv($encoding, "utf-8", $row[1]));
$desc = slashes(iconv($encoding, "utf-8", $row[2]));
$upd_sql = "update mrbs_repeat set name='{$name}',description='{$desc}' where id={$id}";
sql_command($upd_sql);
echo ".";
}
echo " done.<br>Updating normal entries: ";
$sql = "select id,name,description from mrbs_entry";
$entries_res = sql_query($sql);
for ($i = 0; $row = sql_row($entries_res, $i); $i++) {
$id = $row[0];
$name = slashes(iconv($encoding, "utf-8", $row[1]));
$desc = slashes(iconv($encoding, "utf-8", $row[2]));
$upd_sql = "update mrbs_entry set name='{$name}',description='{$desc}' where id={$id}";
sql_command($upd_sql);
echo ".";
}
echo 'done.<p>
Finished everything, byebye!
';
}
?>
</body>
</html>
for ($i = 0; $i < $nfields; $i++) {
if ($field_name[$i] == "id") {
$Field[$i] = $Id;
}
if ($field_name[$i] == "name") {
$Field[$i] = strtolower($Field[$i]);
}
if ($field_name[$i] == "password" && $password0 != "") {
$Field[$i] = md5($password0);
}
/* print "$field_name[$i] = $Field[$i]<br>"; */
if ($i > 0) {
$operation = $operation . ", ";
}
if ($field_istext[$i]) {
$operation .= "'" . slashes($Field[$i]) . "'";
} else {
if ($field_isnum[$i] && $Field[$i] == "") {
$Field[$i] = "0";
}
$operation = $operation . $Field[$i];
}
}
$operation = $operation . ");";
print $operation . "<br>\n";
$r = sql_command($operation);
if ($r == -1) {
print_header(0, 0, 0, "");
// This is unlikely to happen in normal operation. Do not translate.
print "Error updating the {$tbl_users} table.<br>\n";
print sql_error() . "<br>\n";
if (isset($_POST['attachment']) && is_array($_POST['attachment'])) {
foreach ($_POST['attachment'] as $att_id) {
$att_id = (int) $att_id;
$attachment = getAttachment($att_id);
if (count($attachment)) {
$log_data['att' . $att_id] = $att_id;
$attachments[$att_id] = $attachment;
} else {
$log_data['att_faild' . $att_id] = $att_id;
}
}
}
$rev_num = $entry['rev_num'] + 1;
mysql_query("UPDATE `entry` SET `confirm_email` = '1', `time_last_edit` = '" . time() . "', `rev_num` = '{$rev_num}' WHERE `entry_id` = '" . $entry['entry_id'] . "' LIMIT 1 ;");
// Insert to get confirmation ID
mysql_query("INSERT INTO `entry_confirm` (\n\t\t\t\t`confirm_id` ,\n\t\t\t\t`entry_id` ,\n\t\t\t\t`rev_num` ,\n\t\t\t\t`user_id` ,\n\t\t\t\t`confirm_time` ,\n\t\t\t\t`confirm_to` ,\n\t\t\t\t`confirm_txt` ,\n\t\t\t\t`confirm_tpl` ,\n\t\t\t\t`confirm_pdf` ,\n\t\t\t\t`confirm_pdf_tpl` ,\n\t\t\t\t`confirm_pdf_txt` ,\n\t\t\t\t`confirm_pdffile`,\n\t\t\t\t`confirm_comment`\n\t\t\t)\n\t\t\tVALUES (\n\t\t\t\tNULL , \n\t\t\t\t'" . $entry['entry_id'] . "', \n\t\t\t\t'" . $rev_num . "', \n\t\t\t\t'" . $login['user_id'] . "', \n\t\t\t\t'" . time() . "', \n\t\t\t\t'" . serialize($emails) . "', \n\t\t\t\t'" . slashes(htmlspecialchars($confirm_txt, ENT_QUOTES)) . "', \n\t\t\t\t'" . slashes(htmlspecialchars($confirm_tpl, ENT_QUOTES)) . "', \n\t\t\t\t'" . $confirm_pdf . "',\n\t\t\t\t'" . slashes(htmlspecialchars($confirm_pdf_tpl, ENT_QUOTES)) . "', \n\t\t\t\t'" . slashes(htmlspecialchars($confirm_pdf_txt, ENT_QUOTES)) . "', \n\t\t\t\t'" . $confirm_pdffile . "',\n\t\t\t\t'" . $confirm_comment . "'\n\t\t\t);");
if (mysql_errno()) {
echo mysql_error();
exit;
}
// Generating $log_data
$log_data = array();
$log_data['confirm_id'] = mysql_insert_id();
if ($confirm_comment != '') {
$log_data['confirm_comment'] = $confirm_comment;
}
$i = 0;
foreach ($emails as $email) {
// Sending email
if ($confirm_pdf == '1') {
if (emailSendConfirmationPDF($entry, $email, $confirm_pdffile, $attachments, $confirm_txt)) {
$txt = slashes(htmlspecialchars($_POST['template_txt'], ENT_QUOTES));
if ($tpl_db) {
// Work against DB
if (!isset($_POST['template_type']) || !array_key_exists($_POST['template_type'], $template_types)) {
include "include/admin_middel.php";
echo '<h1>' . __('Templates') . '</h1>';
echo __('Error: No template type is defined.');
exit;
}
if (!isset($_POST['template_name']) || $_POST['template_name'] == '') {
include "include/admin_middel.php";
echo '<h1>' . __('Templates') . '</h1>';
echo __('Error: No template name is made.');
exit;
}
$template_name = slashes(htmlspecialchars(strip_tags($_POST['template_name']), ENT_QUOTES));
if ($id == 'new') {
// Insert
mysql_query("INSERT INTO `template` (\n\t\t\t\t\t`template_id` ,\n\t\t\t\t\t`template` ,\n\t\t\t\t\t`template_name` ,\n\t\t\t\t\t`template_type`,\n\t\t\t\t\t`template_time_last_edit`\n\t\t\t\t)\n\t\t\t\tVALUES (\n\t\t\t\t\tNULL , \n\t\t\t\t\t'{$txt}', \n\t\t\t\t\t'{$template_name}', \n\t\t\t\t\t'" . $_POST['template_type'] . "',\n\t\t\t\t\t'" . time() . "'\n\t\t\t\t);");
} else {
// Update
mysql_query("UPDATE `template` SET \n\t\t\t\t\t`template` = '{$txt}',\n\t\t\t\t\t`template_name` = '{$template_name}',\n\t\t\t\t\t`template_type` = '" . $_POST['template_type'] . "',\n\t\t\t\t\t`template_time_last_edit` = '" . time() . "'\n\t\t\t\tWHERE `template_id` ={$id} LIMIT 1 ;");
}
} else {
$fp = @fopen($filename, "w");
if ($fp) {
fwrite($fp, htmlspecialchars_decode($txt, ENT_QUOTES));
fclose($fp);
} else {
include "include/admin_middel.php";
echo '<h1>' . __('Templates') . '</h1>';
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
*/
/*
* JM-booking
* - Edit or add of a customer
*/
include_once "glob_inc.inc.php";
if (!isset($_GET['id']) || !isset($_GET['name'])) {
exit;
}
if ($_GET['id'] == '' || $_GET['name'] == '') {
exit;
}
$id = slashes(htmlspecialchars($_GET['id'], ENT_QUOTES));
$name = slashes(htmlspecialchars($_GET['name'], ENT_QUOTES));
// Form...
echo '<HTML>
<HEAD>
<TITLE>JM-booking</TITLE><LINK REL="stylesheet" href="css/jm-booking.css" type="text/css">
<META HTTP-EQUIV="Content-Type" content="text/html; charset=iso-8859-1">
<script type="text/javascript" src="js/bsn.AutoSuggest_2.1.3_comp-municipal.js"></script>
</HEAD>
<body>
';
echo '<script language="javascript">
function choose_municipal (id, name)
{
}
if (isset($_GET['forgot_pw']) && $_GET['forgot_pw'] == '1' && $forgot_pw_user != '') {
// Forgot password
$user = slashes(htmlspecialchars(strip_tags($forgot_pw_user), ENT_QUOTES));
// Username
$Q_login = mysql_query("\n\t\t\tselect user_id, deactivated, user_newpassword_key, user_newpassword_validto from `users` where \n\t\t\t\tdeactivated = '0' and \n\t\t\t\t(\n\t\t\t\t\tuser_name_short = '" . $user . "' ||\n\t\t\t\t\tuser_email = '" . $user . "'\n\t\t\t\t)\n\t\t\t\tlimit 1");
if (mysql_num_rows($Q_login) > 0) {
$user_id = mysql_result($Q_login, 0, 'user_id');
$forgot_pw_found = true;
if (isset($_GET['key'])) {
$forgot_pw_keyfound = true;
$newpw_failed_msg = '';
$newpw_pw = '';
$newpw_failed = false;
$newpw_user = getUser($user_id);
$newpw_key = slashes(htmlspecialchars(strip_tags($_GET['key']), ENT_QUOTES));
if (!count($newpw_user)) {
echo 'Systemfeil. Arg... Sorry :-(';
exit;
}
if ($newpw_key == mysql_result($Q_login, 0, 'user_newpassword_key') && mysql_result($Q_login, 0, 'user_newpassword_validto') >= time()) {
$forgot_pw_keyokey = true;
if (!isset($_POST['password_new'])) {
// Extend life time of key
$valid_to = time() + 60 * 15;
// 15 min
mysql_query("\n\t\t\t\t\t\t\tupdate `users`\n\t\t\t\t\t\t\tset \n\t\t\t\t\t\t\t\tuser_newpassword_validto = '{$valid_to}'\n\t\t\t\t\t\t\twhere\n\t\t\t\t\t\t\t\tuser_id = '{$user_id}'");
} else {
// Setting the new password
$newpw_user['user_password_lastchanged'] = time();
// All new
case 'infoscreen_txt':
case 'entry_title':
case 'user_assigned2':
case 'contact_person_name':
case 'contact_person_phone':
case 'contact_person_email':
case 'program_description':
case 'service_description':
case 'invoice_ref_your':
case 'invoice_internal_comment':
case 'invoice_email':
// Text data is input. (can contain a lot of shit)
if (!isset($_POST[$field['var']])) {
${$field}['var'] = '';
} else {
${$field}['var'] = slashes(htmlspecialchars($_POST[$field['var']], ENT_QUOTES));
}
addValue($field['var'], ${$field}['var']);
break;
case 'num_person_child':
case 'num_person_adult':
if (!isset($_POST[$field['var']])) {
${$field}['var'] = '';
} elseif ($_POST[$field['var']] != '' && !is_numeric($_POST[$field['var']])) {
${$field}['var'] = '';
if ($field['var'] == 'num_person_child') {
$form_errors[] = __('Number of children must be a number, if anything.');
} elseif ($field['var'] == 'num_person_adult') {
$form_errors[] = __('Number of adults must be a number, if anything.');
}
} else {
<?php
}
?>
<a href="<?php
echo $_SERVER['PHP_SELF'] . ($_GET['start'] > 1 ? "?start=" . $_GET['start'] : "") . searchhold($_GET['start'] == 1);
?>
"><strong><?php
echo $lang['termb'];
?>
</strong></a>
<?php
} else {
$buildQry = ($dData['usercat'] ? "AND `category`='" . slashes($dData['usercat']) . "'" : "") . ($dData['usersub'] ? " AND `subcategory`='" . slashes($dData['usersub']) . "'" : "");
$qTbl = sql_query_read("SELECT * FROM `{$dData['tblquest']}` WHERE `online`='Yes' {$buildQry} ORDER BY `visited` DESC;");
if ($_GET['q']) {
$keys = explode(" ", strtolower($_GET['q']));
}
$qList = array();
for ($i = 0; $i < mysql_numrows($qTbl); $i++) {
$qList[$i]['QID'] = mysql_result($qTbl, $i, "QID");
$qList[$i]['category'] = mysql_result($qTbl, $i, "category");
$qList[$i]['question'] = mysql_result($qTbl, $i, "question");
$qList[$i]['answer'] = mysql_result($qTbl, $i, "answer");
$qList[$i]['keywords'] = mysql_result($qTbl, $i, "keywords");
$qList[$i]['score'] = 0;
if (isset($keys)) {
for ($j = 0; $j < count($keys); $j++) {
if (strpos(strtolower($qList[$i]['question']), $keys[$j]) !== false) {
/**
* 工具栏搜索控制
*@param $act 传入的字段名
*@param $mode 为like时,模糊搜索
*@examlpe
*/
public function change($act, $mode = NULL)
{
if (cookie('Notice')) {
$str_map = slashes(cookie('Notice'));
$map = unserialize($str_map);
}
unset($str_map);
$id = strval(I('val'));
switch ($act) {
case 'user_id':
$map['user_id'] = " and t1_old_user_id='" . $id . "'";
if (!$id) {
unset($map['user_id']);
}
break;
}
cookie('All', 0);
cookie('Notice', serialize($map));
}
$i++;
if ($i != 5) {
$thisone['address_line_' . $i] = trim(slashes(htmlspecialchars($line, ENT_QUOTES)));
} else {
$thisone['address_line_' . $i] = str_replace("\r", '', str_replace("\n", ', ', trim(slashes(htmlspecialchars($line, ENT_QUOTES)))));
}
}
}
if (isset($_POST['address_postalnum'])) {
if (postalNumber($_POST['address_postalnum'])) {
$thisone['address_line_6'] = $_POST['address_postalnum'] . ' ' . slashes(htmlspecialchars(postalNumber($_POST['address_postalnum']), ENT_QUOTES));
$thisone['address_postalnum'] = $_POST['address_postalnum'];
}
}
if (isset($_POST['address_country'])) {
$thisone['address_line_7'] = slashes(htmlspecialchars($_POST['address_country'], ENT_QUOTES));
}
// Generate address_full
$addrline = array();
if ($thisone['address_line_1']) {
$addrline[] = $thisone['address_line_1'];
}
if ($thisone['address_line_2']) {
$addrline[] = $thisone['address_line_2'];
}
if ($thisone['address_line_3']) {
$addrline[] = $thisone['address_line_3'];
}
if ($thisone['address_line_4']) {
$addrline[] = $thisone['address_line_4'];
}
$subsa = mysql_query("SELECT * FROM `{$dData['tblcateg']}` WHERE `category`='" . slashes($dData['usercat']) . "';");
$subsb = unserialize(stripslashes(mysql_result($subsa, 0, "subcategory")));
$dData['usersub'] = in_array($_POST['subcategory'], $subsb) ? $_POST['subcategory'] : "";
} else {
$dData['usersub'] = "";
}
}
}
}
}
}
setcookie("orca_user", base64_encode(serialize(array($dData['usercat'], $dData['usersub']))), time() + 18600, $_SERVER['PHP_SELF']);
/* ***** Unpack Subcategories for Selected Category *********** */
$dData['categories'] = mysql_query("SELECT * FROM `{$dData['tblcateg']}` ORDER BY `category`;");
if ($dData['usercat']) {
$grabSubs = mysql_query("SELECT * FROM `{$dData['tblcateg']}` WHERE `category`='" . slashes($dData['usercat']) . "';");
$dData['subcategories'] = unserialize(stripslashes(mysql_result($grabSubs, 0, "subcategory")));
} else {
$dData['usersub'] = "";
}
/* ***** Get Selected Question ******************************** */
if (isset($_GET['qid'])) {
$aData['action'] = true;
$qQry = mysql_query("SELECT * FROM `{$dData['tblquest']}` WHERE `QID`='{$_GET['qid']}' AND `online`='Yes';");
if (mysql_numrows($qQry) && preg_match("/\\d/", $_GET['qid'])) {
$qIncre = mysql_query("UPDATE `{$dData['tblquest']}` SET `visited`='" . (mysql_result($qQry, 0, "visited") + 1) . "' WHERE `QID`='{$_GET['qid']}';");
$aData['question'] = htmlspecialchars(mysql_result($qQry, 0, "question"));
$aData['date'] = dateStamp(mysql_result($qQry, 0, "date"));
$aData['category'] = htmlspecialchars(mysql_result($qQry, 0, "category"));
$aData['subcategory'] = htmlspecialchars(mysql_result($qQry, 0, "subcategory"));
$aData['answer'] = www_nl2br(mysql_result($qQry, 0, "answer"));
?>
">
<input type=submit name="change_done" value="<?php
echo $vocab["backadmin"];
?>
">
</CENTER>
</form>
<?php
}
?>
<?php
if (!empty($area)) {
if (isset($change_area)) {
$sql = "UPDATE mrbs_area SET area_name='" . slashes($area_name) . "' WHERE id={$area}";
if (sql_command($sql) < 0) {
fatal_error(0, $vocab['update_area_failed'] . sql_error());
}
}
$res = sql_query("SELECT * FROM mrbs_area WHERE id={$area}");
if (!$res) {
fatal_error(0, $vocab['error_area'] . $area . $vocab['not_found']);
}
$row = sql_row_keyed($res, 0);
sql_free($res);
?>
<h3 ALIGN=CENTER><?php
echo $vocab["editarea"];
?>
</h3>
<?php
if (!empty($area)) {
!isset($area_admin_email) ? $area_admin_email = '' : '';
$emails = explode(',', $area_admin_email);
$valid_email = TRUE;
foreach ($emails as $email) {
// if no email address is entered, this is OK, even if isValidInetAddress
// does not return TRUE
if (!get_user_by_email($email) && '' != $area_admin_email) {
$valid_email = FALSE;
notice(get_string('no_user_with_email', 'block_mrbs', $email));
}
}
//
if (isset($change_area) && FALSE != $valid_email) {
$sql = "UPDATE {$tbl_area} SET area_name='" . slashes($area_name) . "', area_admin_email='" . slashes($area_admin_email) . "' WHERE id={$area}";
if (sql_command($sql) < 0) {
fatal_error(0, get_string('update_area_failed', 'block_mrbs') . sql_error());
}
}
$res = sql_query("SELECT * FROM {$tbl_area} WHERE id={$area}");
if (!$res) {
fatal_error(0, get_string('error_area', 'block_mrbs') . $area . get_string('not_found', 'block_mrbs'));
}
$row = sql_row_keyed($res, 0);
sql_free($res);
?>
<h3 ALIGN=CENTER><?php
echo get_string('editarea', 'block_mrbs');
?>
</h3>
}
}
}
} else {
$paytime = time() + Time_tdoa;
$OrdersPayDetails = 'Payment:paypal|' . 'CurrencyCode:' . $mc_currency . '|' . 'amount:' . $payment_gross . '|' . 'REFERENCEID:' . $tx_token . '|' . 'Remarks:' . $Remarks . '|' . 'time:' . $paytime;
$sql = "\tUPDATE `" . TABLE_PREFIX . "orders`\n \t\t\t\t\t\t\t\t\t\tSET `OrdersPay` = ? ,`OrdersPayFeeamt` = ?,`OrdersPayDetails` = ? where OrdersCid= ?";
$sth = $db->Prepare($sql);
$res = $db->Execute($sth, array('1', $payment_fee, $OrdersPayDetails, $invoice));
$sql = "\tUPDATE `" . TABLE_PREFIX . "orders`\n\t\t\t\t\t\t\t\t\tSET `OrdersEstate` = ? where OrdersCid= ? ";
$sth = $db->Prepare($sql);
$res = $db->Execute($sth, array('payConfirm', $invoice));
$sql = "select `OrdersId` from `" . TABLE_PREFIX . "orders` where OrdersCid='{$invoice}'";
$sth = $db->Prepare($sql);
$res = $db->Execute($sth);
$Orders = slashes($res->FetchRow());
$sql = "INSERT INTO `" . TABLE_PREFIX . "admin_records` (`action`,`username`,`userip`,`action_time`,`OrdersId`) VALUES (?,?,?,?,?)";
$sth = $db->Prepare($sql);
$res = $db->Execute($sth, array('支付确认', '系统', '127.0.0.1', time(), $Orders['OrdersId']));
}
}
} else {
if (strcmp($res, "INVALID") == 0) {
//todo
//Fail to virified
//此处可进行错误日志写操作
}
}
}
fclose($fp);
}
function processInput_text($var, $input)
{
return slashes(htmlspecialchars($input, ENT_QUOTES));
}
/** mrbsCreateRepeatEntry()
*
* Creates a repeat entry in the data base
*
* $starttime - Start time of entry
* $endtime - End time of entry
* $rep_type - The repeat type
* $rep_enddate - When the repeating ends
* $rep_opt - Any options associated with the entry
* $room_id - Room ID
* $owner - Owner
* $name - Name
* $type - Type (Internal/External)
* $description - Description
*
* Returns:
* 0 - An error occured while inserting the entry
* non-zero - The entry's ID
*/
function mrbsCreateRepeatEntry($starttime, $endtime, $rep_type, $rep_enddate, $rep_opt, $room_id, $owner, $name, $type, $description, $rep_num_weeks)
{
global $tbl_repeat;
$name = slashes($name);
$description = slashes($description);
$timestamp = time();
// Let's construct the sql statement:
$sql_coln = array();
$sql_val = array();
// Mandatory things:
$sql_coln[] = 'start_time';
$sql_val[] = $starttime;
$sql_coln[] = 'end_time';
$sql_val[] = $endtime;
$sql_coln[] = 'rep_type';
$sql_val[] = $rep_type;
$sql_coln[] = 'end_date';
$sql_val[] = $rep_enddate;
$sql_coln[] = 'room_id';
$sql_val[] = $room_id;
$sql_coln[] = 'create_by';
$sql_val[] = '\'' . $owner . '\'';
$sql_coln[] = 'type';
$sql_val[] = '\'' . $type . '\'';
$sql_coln[] = 'name';
$sql_val[] = '\'' . $name . '\'';
$sql_coln[] = 'timestamp';
$sql_val[] = $timestamp;
// Optional things, pgsql doesn't like empty strings!
if (!empty($rep_opt)) {
$sql_coln[] = 'rep_opt';
$sql_val[] = '\'' . $rep_opt . '\'';
} else {
$sql_coln[] = 'rep_opt';
$sql_val[] = '\'0\'';
}
if (!empty($description)) {
$sql_coln[] = 'description';
$sql_val[] = '\'' . $description . '\'';
}
if (!empty($rep_num_weeks)) {
$sql_coln[] = 'rep_num_weeks';
$sql_val[] = $rep_num_weeks;
}
$sql = 'INSERT INTO ' . $tbl_repeat . ' (' . implode(', ', $sql_coln) . ') ' . 'VALUES (' . implode(', ', $sql_val) . ')';
if (sql_command($sql) < 0) {
return 0;
}
return sql_insert_id("{$tbl_repeat}", "id");
}
}
exit;
}
} else {
// Default values or values from existing customer
$errors = array();
if ($customer_id == 0) {
$data = array();
$data['customer_name'] = '';
$data['customer_type'] = 'firm';
$data['customer_municipal_num'] = '';
$data['customer_phone'] = array();
$data['customer_address'] = array();
$data['customer_municipal'] = '';
if (isset($_GET['customer_name'])) {
$data['customer_name'] = slashes(htmlspecialchars($_GET['customer_name'], ENT_QUOTES));
if (!isset($_GET['customer_add_force'])) {
$Q_customer = mysql_query("select customer_id from `customer` where `customer_name` = '" . $data['customer_name'] . "'");
if (mysql_num_rows($Q_customer)) {
filterMakeAlternatives();
echo '<HTML>
<HEAD>
<TITLE>JM-booking</TITLE><LINK REL="stylesheet" href="default/mrbs.css" type="text/css">
<META HTTP-EQUIV="Content-Type" content="text/html; charset=iso-8859-1">
</HEAD>
<body>';
echo '<h1>Kunde med samme navn eksisterer</h1>';
echo 'Det ble funnet en eller flere kunder i databasen som har samme navn som den du prøver å opprette. Vil du velge en av de?<br><br>';
echo '<script language="javascript">
if (is_array($val) && $val['name'] == 'ReportLine') {
$strike = '';
/*
if(in_array($val[2]['value'], $varer_som_tasmed))
$strike = '';
else
$strike = ' style="text-decoration: line-through;"';
if(array_key_exists($val[2]['value'], $gjorom_vare))
$navn = $gjorom_vare[$val[2]['value']];
else
$navn = $val[1]['value'];
*/
$vare = array();
$vare['vare_nr'] = slashes(htmlspecialchars($val[2]['value'], ENT_QUOTES));
$vare['vare_navn'] = slashes(htmlspecialchars($val[1]['value'], ENT_QUOTES));
$vare['vare_antall'] = (int) $val[5]['value'];
if (strlen($val[4]['value']) != strlen('11.06.2008')) {
die('Problemer med tolking av filen. Dato er ikke i rett format for ' . $vare['vare_nr'] . ' (dato: ' . $val[4]['value'] . ')');
} else {
$vare['dag'] = getTime($val[4]['value'], array('d', 'm', 'y'));
if ($vare['dag'] == 0) {
die('Problemer med tolking av filen. Dato er ikke i rett format for ' . $vare['vare_nr'] . ' (dato: ' . $val[4]['value'] . ')');
}
}
/* Determine import */
if (!isset($varer[$vare['vare_nr']])) {
if (!isset($unknowns[$vare['vare_nr']])) {
$unknowns[$vare['vare_nr']] = $vare;
unset($unknowns[$vare['vare_nr']]['dag']);
$unknowns[$vare['vare_nr']]['vare_dager'] = 1;
} else {
if ($fieldname == "name") {
$value = strtolower(get_form_var('Field_name', 'string'));
} else {
if ($fieldname == "password" && $password0 != "") {
$value = md5($password0);
} else {
$value = get_form_var("Field_{$fieldname}", $field_props[$fieldname]['istext'] ? 'string' : 'int');
}
}
}
if ($i > 0) {
$operation = $operation . ", ";
}
if ($field_props[$fieldname]['istext']) {
$operation .= "'" . slashes($value) . "'";
} else {
if ($field_props[$fieldname]['isnum'] && $value == "") {
$value = "0";
}
$operation = $operation . $value;
}
$i++;
}
$operation = $operation . ");";
// print $operation . "<br>\n";
// exit;
$r = sql_command($operation);
if ($r == -1) {
print_header(0, 0, 0, "", "");
// This is unlikely to happen in normal operation. Do not translate.
<?php
$orderInfo = array();
if (isset($_REQUEST['customerRef']) && !empty($_REQUEST['customerRef'])) {
$cid = $_GET['customerRef'];
$query = "SELECT `OrdersPay`,`OrdersId`,`OrdersMemberId`,`CurrencyCode`,`OrdersAmount`,`OrdersLogisticsCosts` FROM `" . TABLE_PREFIX . "orders` WHERE `OrdersCid`= ?";
$sth = $db->Prepare($query);
$res = $db->Execute($sth, array($cid));
$orderInfo = slashes($res->FetchRow());
$memberid = $orderInfo['OrdersMemberId'];
}
if (isset($_REQUEST['epacsReference']) && !empty($_REQUEST['epacsReference'])) {
$request = new stdClass();
//ENVOY验证信息
$Authentication = new stdClass();
$Authentication->username = '******';
$Authentication->password = '******';
//构造request
$request->auth = $Authentication;
$request->epacsReference = $_REQUEST['epacsReference'];
$client = new SoapClient("MerchantAPI_live.wsdl", array());
$response = $client->payInConfirmation($request);
//引用文件链接数据库--START
session_name("milanooId");
session_start();
define('in_milanoo', true);
require_once '../../extension.inc';
require_once '../../config/config.inc.php';
require_once '../../config/b2cconfig.inc.php';
require_once '../../lib/comm/lib_main.php';
include_once LIB_PATH . 'comm/db.class.' . PHP_EX;
function readFiltersFromGet()
{
global $alternatives;
$filters = array();
if (isset($_GET['rows']) && is_array($_GET['rows']) && isset($_GET['filter']) && is_array($_GET['filter'])) {
foreach ($_GET['rows'] as $id) {
if (isset($_GET['filter'][$id]) && isset($_GET['filtervalue1_' . $id])) {
// Verifing that the type of filter exists:
if (isset($alternatives[$_GET['filter'][$id]])) {
$filter = $_GET['filter'][$id];
$value = $_GET['filtervalue1_' . $id];
$value2 = '';
$dont_set = false;
if (isset($_GET['filtervalue2_' . $id])) {
$value2 = $_GET['filtervalue2_' . $id];
}
switch ($alternatives[$filter]['type']) {
case 'date':
if ($value != 'current') {
$value = getTime($value, array('y', 'm', 'd', 'h', 'i'));
if ($value == 0) {
$value = 'current';
}
}
break;
case 'bool':
// Must be true or false
if ($value == 0) {
$value = false;
} elseif ($value == 1) {
$value = true;
} else {
$dont_set = true;
}
break;
case 'select':
// Need to be one of the alternatives
if (!isset($alternatives[$filter]['choice'][$value])) {
$dont_set = true;
}
// Invalid
break;
case 'id':
case 'id2':
$value = (int) $value;
//if($value == 0)
// $dont_set = true;
// TODO: Make something that checkes against DB
break;
case 'text':
$value = slashes(htmlspecialchars($value, ENT_QUOTES));
break;
case 'num':
if (!is_numeric($value)) {
$value = 0;
}
break;
}
if (!$dont_set) {
$filters[] = array($filter, $value, $value2);
}
}
}
}
}
return $filters;
}
/**
* 显示备份、还原数据库流
*@param $act bak为备份、re为还原
*@param $total 传入表总数
*@param $go 为1时,获取post
*@examlpe
*/
public function show($act, $total = NULL, $go = -1, $page = -1)
{
$Public = A('Index', 'Public');
$Public->check('Backup', array('c'));
$sql = A('Sql', 'Public');
//实例化sql类
//实例化文件系统操作类
import('ORG.Net.FileSystem');
$path = new FileSystem();
$path->root = ITEM;
$path->charset = C('CFG_CHARSET');
set_time_limit(1000);
//main
if ($go >= 0) {
if ($act == 'bak') {
$str_table = $path->getFile(RUNTIME_PATH . '/database.tmp');
$arr_table = unserialize($str_table);
if ($go == count($arr_table['table'])) {
cookie('badate', NULL);
$path->delFile(RUNTIME_PATH . '/database.tmp');
$path->delFile(RUNTIME_PATH . '/backup.tmp');
cookie('info_step', NULL);
cookie('info_page', NULL);
echo '所有表已完成备份!|0|0';
exit;
}
if (cookie('badate')) {
$badate = cookie('badate');
} else {
$badate = date("Y-m-d_His");
cookie('badate', $badate);
}
$bak_dir = ROOT . '/Conf/Backup/' . $badate;
if (!file_exists($bak_dir)) {
$path->putDir($bak_dir, 0777);
}
$strfile = '';
$table = $arr_table['table'][$go];
$tb = str_replace(C('DB_PREFIX'), '#@_', $table);
$result = M();
$str_info = $path->getFile(RUNTIME_PATH . '/backup.tmp');
if ($str_info) {
$str_info = slashes($str_info);
$info = unserialize($str_info);
$page = cookie('info_page') ? cookie('info_page') : 0;
$p = cookie('info_step') ? cookie('info_step') : 1;
} else {
$count = $result->table($table)->count();
$total = ceil($count / 10000);
if (cookie('info_page')) {
$page = cookie('info_page');
} else {
$page = 0;
}
if ($count > 10000) {
$info = $result->table($table)->limit($page * 10000, 10000)->select();
if ($page < $total) {
if ($page == 0) {
$p = 1;
} else {
$p = cookie('info_step') ? cookie('info_step') : 1;
}
$page++;
cookie('info_page', $page);
if ($p == 1) {
$strfile .= "DROP TABLE IF EXISTS `" . $tb . "`;\r\n";
$table_field = $sql->getField($table);
//获取表结构
//替换数据表名
$mysql = mysql_get_server_info();
$get_field = preg_replace("/AUTO_INCREMENT=[0-9]+\\s+/", "", $table_field);
if ($arr_table['version'] == 4.1 && $mysql > 4.1) {
$get_field = preg_replace("/ENGINE=\\b.{2,}\\b DEFAULT CHARSET=\\S+/", 'ENGINE=MyISAM DEFAULT CHARSET=' . $arr_table['charset'], $get_field);
} elseif ($arr_table['version'] == 4.1 && $mysql < 4.1) {
$get_field = preg_replace("TYPE=\\b.{2,}\\b", 'ENGINE=MyISAM DEFAULT CHARSET=' . $arr_table['charset'], $get_field);
} elseif ($arr_table['version'] == 4.0 && $mysql > 4.1) {
$get_field = preg_replace("/ENGINE=\\b.{2,}\\b DEFAULT CHARSET=\\S+/", 'TYPE=MyISAM', $get_field);
}
$strfile .= str_replace('CREATE TABLE `' . C('DB_PREFIX'), 'CREATE TABLE `#@_', $get_field . ";\r\n");
}
} else {
$page = 0;
cookie('info_page', NULL);
$p = cookie('info_step') ? cookie('info_step') : 1;
}
} else {
$strfile .= "DROP TABLE IF EXISTS `" . $tb . "`;\r\n";
$table_field = $sql->getField($table);
//获取表结构
//替换数据表名
$mysql = mysql_get_server_info();
$get_field = preg_replace("/AUTO_INCREMENT=[0-9]+\\s+/", "", $table_field);
if ($arr_table['version'] == 4.1 && $mysql > 4.1) {
$get_field = preg_replace("/ENGINE=\\b.{2,}\\b DEFAULT CHARSET=\\S+/", 'ENGINE=MyISAM DEFAULT CHARSET=' . $arr_table['charset'], $get_field);
} elseif ($arr_table['version'] == 4.1 && $mysql < 4.1) {
$get_field = preg_replace("TYPE=\\b.{2,}\\b", 'ENGINE=MyISAM DEFAULT CHARSET=' . $arr_table['charset'], $get_field);
} elseif ($arr_table['version'] == 4.0 && $mysql > 4.1) {
$get_field = preg_replace("/ENGINE=\\b.{2,}\\b DEFAULT CHARSET=\\S+/", 'TYPE=MyISAM', $get_field);
}
$strfile .= str_replace('CREATE TABLE `' . C('DB_PREFIX'), 'CREATE TABLE `#@_', $get_field . ";\r\n");
$info = $result->table($table)->select();
cookie('info_page', NULL);
cookie('info_step', NULL);
$page = 0;
$p = 1;
}
}
if ($info) {
while (true) {
$t = array_shift($info);
$strfile .= $sql->getData($table, $t);
if (strlen($strfile) >= $arr_table['filesize'] * 1024) {
$filename = $tb . '_' . str_pad($p, 5, "0", STR_PAD_LEFT) . '.bak';
$fie_path = $bak_dir . '/' . $filename;
$path->putFile($fie_path, $strfile);
$p++;
$strfile = '';
cookie('info_step', $p);
$path->putFile(RUNTIME_PATH . '/backup.tmp', serialize($info));
echo '<p>表“' . $table . '_' . str_pad($p - 1, 5, "0", STR_PAD_LEFT) . '”备份成功!</p>|1|' . $page;
exit;
} else {
if (count($info)) {
continue;
} else {
break;
}
}
}
}
if ($p == 1) {
$filename = $tb . '.bak';
$fie_path = $bak_dir . '/' . $filename;
$path->putFile($fie_path, $strfile);
$path->delFile(RUNTIME_PATH . '/backup.tmp');
echo '<p>表“' . $table . '”备份成功!</p>|0|0';
exit;
} else {
if ($strfile) {
$filename = $tb . '_' . str_pad($p, 5, "0", STR_PAD_LEFT) . '.bak';
$fie_path = $bak_dir . '/' . $filename;
$path->putFile($fie_path, $strfile);
}
$path->delFile(RUNTIME_PATH . '/backup.tmp');
if ($page > 0) {
cookie('info_step', $p + 1);
}
echo '<p>表“' . $table . '_' . str_pad($p, 5, "0", STR_PAD_LEFT) . '”备份成功!</p>|0|' . $page;
exit;
}
} elseif ($act == 're') {
$str_table = $path->getFile(RUNTIME_PATH . '/database.tmp');
$arr_table = unserialize($str_table);
if ($go == count($arr_table['table'])) {
$path->delFile(RUNTIME_PATH . '/database.tmp');
echo '所有表已完成还原!|0|0';
exit;
}
$table = str_replace('#@_', C('DB_PREFIX'), $arr_table['table'][$go]);
$tb = str_replace('.bak', '', $table);
$tablefile = $arr_table['path'] . '/' . $arr_table['table'][$go];
$info = $path->getFile($tablefile);
$arr_info = explode(";\r\n", $info);
$result = M();
foreach ($arr_info as $t) {
$t = preg_replace("/`#@_(.+)?`/iu", '`' . C('DB_PREFIX') . '$1`', $t);
$t = str_replace(';', ';', $t);
$char = C('CFG_CHARSET');
if ($char == 'UTF-8') {
$char = 'utf8';
} else {
$char = 'gb2312';
}
$t = preg_replace("/ENGINE=\\b.{2,}\\b DEFAULT CHARSET=\\S+/", 'ENGINE=MyISAM DEFAULT CHARSET=' . $char, $t);
$result->execute($t);
}
echo '<p>表“' . $tb . '”还原成功!</p>|0|0';
exit;
}
} else {
$this->assign('act', $act);
$this->assign('total', $total);
$this->display();
}
}
include "config.inc.php";
include "functions.inc";
include "{$dbsys}.inc";
include "mrbs_auth.inc";
if (!getAuthorised(2)) {
showAccessDenied($day, $month, $year, $area);
exit;
}
# This file is for adding new areas/rooms
# we need to do different things depending on if its a room
# or an area
if ($type == "area") {
$area_name_q = slashes($name);
$sql = "insert into {$tbl_area} (area_name) values ('{$area_name_q}')";
if (sql_command($sql) < 0) {
fatal_error(1, "<p>" . sql_error());
}
$area = sql_insert_id("{$tbl_area}", "id");
}
if ($type == "room") {
$room_name_q = slashes($name);
$description_q = slashes($description);
if (empty($capacity)) {
$capacity = 0;
}
$sql = "insert into {$tbl_room} (room_name, area_id, description, capacity)\n\t values ('{$room_name_q}',{$area}, '{$description_q}',{$capacity})";
if (sql_command($sql) < 0) {
fatal_error(1, "<p>" . sql_error());
}
}
header("Location: admin.php?area={$area}");
function authValidateUser($user, $pass)
{
global $auth, $users;
// Check if we do not have a username/password
if (empty($user) || empty($pass)) {
return FALSE;
}
$user = slashes(htmlspecialchars(strip_tags($user), ENT_QUOTES));
// Username
$pass = md5($pass);
// md5 hash of the password
// Checking against database
$Q_login = mysql_query("select user_id from `users` where user_name_short = '" . $user . "' and user_password = '******' limit 1");
if (mysql_num_rows($Q_login) > '0') {
session_register('WEBAUTH_VALID');
session_register('WEBAUTH_USER');
session_register('WEBAUTH_PW');
$_SESSION['WEBAUTH_VALID'] = true;
$_SESSION['WEBAUTH_USER'] = $user;
$_SESSION['WEBAUTH_PW'] = $pass;
// New variabels (JM-booking)
$_SESSION['user_id'] = mysql_result($Q_login, 0, 'user_id');
$_SESSION['user_password'] = $pass;
return TRUE;
} else {
return FALSE;
}
}
include_once "glob_inc.inc.php";
if (isset($_GET['limit'])) {
$limit = (int) $_GET['limit'];
} else {
$limit = 0;
}
if ($limit > 0) {
$sql_limit = ' limit ' . $limit;
} else {
$sql_limit = '';
}
$aResults = array();
$dynamicPrint = false;
if (isset($_GET['customer_name'])) {
//$customer_name = slashes(preg_replace('/%([0-9a-f]{2})/ie', 'chr(hexdec($1))', (string) $_GET['customer_name']));
$customer_name = slashes(utf8_decode($_GET['customer_name']));
$sql = mysql_query("select customer_id, customer_name from `customer` where customer_name like '{$customer_name}%' and slettet = '0' order by `customer_name`{$sql_limit}");
//$customer_name = unicode_encode($customer_name, 'ISO-8859-1');
//$customer_name = unichr()
//echo strlen($customer_name);
//for ($i = 0; $i < strlen($customer_name); $i++)
// echo $customer_name{$i}.chr(10);
//$aResults[] = array(
// 'id' => 0,
// 'value' => $customer_name,
// 'info' => '');
while ($row = mysql_fetch_assoc($sql)) {
$aResults[] = array('id' => $row['customer_id'], 'value' => htmlentities($row['customer_name']), 'info' => '');
}
//print_r($aResults);
//exit();
/**
* Analyze the Datanova data
*
* Format $data_rows:
* array(
* 'Butikknr' => '3',
* 'Varenavn' => 'ABC',
* 'Varenr' => '123321123',
* 'Antsolgt' => '123',
* 'Transdato' => '12.03.4567'
* )
*
* @param Array Rows of data
* @param Array Shop-area translation (shop_id => area_id)
* @return Array Final analyzed data in different categories
*/
function datanova_analyze_data($data_rows, $shops)
{
$Q_varer = mysql_query("SELECT varereg.*, kat.kat_navn AS kat_navn\r\n\tFROM import_dn_vareregister varereg LEFT JOIN import_dn_kategori kat\r\n\tON varereg.kat_id = kat.kat_id\r\n\t");
//where varereg.area_id = '$area';");
$areavarer = array();
// vare_nr => array()
while ($R_vare = mysql_fetch_assoc($Q_varer)) {
$areavarer[$R_vare['area_id'] . '_' . $R_vare['vare_nr']] = $R_vare;
}
$unknowns = array();
$found = array();
$tall_nye = array();
$tall_update = array();
$tall_ignore = array();
$tall_ignore2 = array();
$tall_allerede = array();
$varer_nye = array();
$varer_update = array();
foreach ($data_rows as $key => $val) {
$vare = array();
$vare['vare_nr'] = slashes(htmlspecialchars($val['Varenr'], ENT_QUOTES));
$vare['vare_navn'] = slashes(htmlspecialchars($val['Varenavn'], ENT_QUOTES));
$vare['vare_antall'] = (int) $val['Antsolgt'];
if (strlen($val['Transdato']) != strlen('11.06.2008')) {
throw new Exception('Problemer med tolking av dato. Dato er ikke i rett format for ' . $vare['vare_nr'] . ' (dato: ' . $val['Transdato'] . '). Vare: ' . print_r($vare, true));
} else {
$vare['dag'] = getTime($val['Transdato'], array('d', 'm', 'y'));
if ($vare['dag'] == 0) {
throw new Exception('Problemer med tolking av dato. Dato er ikke i rett format for ' . $vare['vare_nr'] . ' (dato: ' . $val['Transdato'] . '). Vare: ' . print_r($vare, true));
}
}
$vare['shop_id'] = $val['Butikknr'];
if (isset($shops[$vare['shop_id']])) {
$vare['area_id'] = $shops[$vare['shop_id']];
} else {
$vare['area_id'] = 0;
}
$vare_id_primary = $vare['area_id'] . '_' . $vare['vare_nr'];
/* Determine import */
if (!isset($areavarer[$vare_id_primary])) {
if (!isset($unknowns[$vare_id_primary])) {
$unknowns[$vare_id_primary] = $vare;
unset($unknowns[$vare_id_primary]['dag']);
$unknowns[$vare_id_primary]['vare_dager'] = 1;
} else {
$unknowns[$vare_id_primary]['vare_antall'] += $vare['vare_antall'];
$unknowns[$vare_id_primary]['vare_dager'] += 1;
}
$tall_ignore[] = $vare;
} else {
// Varer funnet
if (!isset($found[$vare_id_primary])) {
$found[$vare_id_primary] = $vare;
unset($found[$vare_id_primary]['dag']);
$found[$vare_id_primary]['vare_dager'] = 1;
} else {
$found[$vare_id_primary]['vare_antall'] += $vare['vare_antall'];
$found[$vare_id_primary]['vare_dager'] += 1;
}
$vare_med_kat = $areavarer[$vare_id_primary];
$vare['kat_id'] = $areavarer[$vare_id_primary]['kat_id'];
if ($areavarer[$vare_id_primary]['barn'] == 0) {
$vare['antall_barn'] = 0;
$vare['antall_voksne'] = $vare['vare_antall'];
} else {
$vare['antall_barn'] = $vare['vare_antall'];
$vare['antall_voksne'] = 0;
}
if ($vare_med_kat['kat_id'] == 0) {
$tall_ignore2[] = $vare;
} else {
// Sjekker mot database
$Q_dbsjekk = mysql_query("SELECT * FROM `import_dn_tall` WHERE\r\n\t\t\t\t\tvare_nr = '" . $vare['vare_nr'] . "' AND\r\n\t\t\t\t\tarea_id = '" . $vare['area_id'] . "' AND\r\n\t\t\t\t\tdag = '" . $vare['dag'] . "'\r\n\t\t\t\t\tLIMIT 1;");
if (!mysql_num_rows($Q_dbsjekk)) {
$tall_nye[] = $vare;
// Nye varer
if (!isset($varer_nye[$vare_id_primary])) {
$varer_nye[$vare_id_primary] = $vare;
unset($varer_nye[$vare_id_primary]['dag']);
$varer_nye[$vare_id_primary]['vare_dager'] = 1;
} else {
$varer_nye[$vare_id_primary]['vare_antall'] += $vare['vare_antall'];
$varer_nye[$vare_id_primary]['vare_dager'] += 1;
}
} else {
$tall = mysql_fetch_assoc($Q_dbsjekk);
if ($tall['kat_id'] != $vare['kat_id'] || $tall['antall_barn'] != $vare['antall_barn'] || $tall['antall_voksne'] != $vare['antall_voksne']) {
$tall_update[] = $vare;
// Update av varer
if (!isset($varer_update[$vare_id_primary])) {
$varer_update[$vare_id_primary] = $vare;
unset($varer_update[$vare_id_primary]['dag']);
$varer_update[$vare_id_primary]['vare_dager'] = 1;
} else {
$varer_update[$vare_id_primary]['vare_antall'] += $vare['vare_antall'];
$varer_update[$vare_id_primary]['vare_dager'] += 1;
}
} else {
$tall_allerede[] = $vare;
}
}
}
}
}
return array('unknowns' => $unknowns, 'numbers_new' => $tall_nye, 'numbers_update' => $tall_update, 'numbers_ignored_notreged' => $tall_ignore, 'numbers_ignored_reged' => $tall_ignore2, 'numbers_alreadyimported' => $tall_allerede);
}
