Ejemplo n.º 1
0
	function salvar($id,$nome, $email,$senha)
	{
	
		$db = new Database();
		
		// inserir
		if($id == 0)
		{
			$senha = md5($senha);
			
			$sql = 'insert into usuario ( nome, email, senha) values ("'.$nome.'","'.$email.'","'.$senha .'")';
			return $db->query_insert($sql);
		}
		else
		{ // atualizar
			
			if($email != '')
			$and = ' ,senha = md5(\''.$senha.'\')  ';
			else
			$and = '';
			
			$sql = ' update usuario set nome = "'.$nome.'", email = "'.$email.'" '. $and . ' where id = ' .$id;
			return $db->query_update($sql);

		}

		
	}
Ejemplo n.º 2
0
 public function add($obj)
 {
     $db = new Database();
     $db->connect();
     $obj = $db->query_insert($this->table_name, $obj);
     $db->close();
     return new response(array('body' => $obj));
 }
Ejemplo n.º 3
0
 public function save($token = false, $data = false, $server = false)
 {
     $database = new Database();
     $date = date('Y-m-d h:m:s');
     $expired_date = date('Y-m-d h:m:s ', strtotime($date . ' + 1 days'));
     $session_saved = $database->query_insert('sessions', array('token' => $token, 'data' => json_encode($data), 'server_data' => json_encode($server), 'expired_date' => $expired_date, 'created' => $date));
     return $session_saved;
 }
Ejemplo n.º 4
0
function UpdateSettings($setting, $val, $type = '')
{
    global $server, $user, $pass, $database, $pre;
    if (empty($type)) {
        $type = 'admin';
    }
    //Connect to database
    require_once "sources/class.database.php";
    $db = new Database($server, $user, $pass, $database, $pre);
    $db->connect();
    //Check if setting is already in DB. If NO then insert, if YES then update.
    $data = $db->fetch_row("SELECT COUNT(*) FROM " . $pre . "misc WHERE type='" . $type . "' AND intitule = '" . $setting . "'");
    if ($data[0] == 0) {
        $db->query_insert("misc", array('valeur' => $val, 'type' => $type, 'intitule' => $setting));
        //in case of stats enabled, add the actual time
        if ($setting == 'send_stats') {
            $db->query_insert("misc", array('valeur' => time(), 'type' => $type, 'intitule' => $setting . '_time'));
        }
    } else {
        $db->query_update("misc", array('valeur' => $val), "type='" . $type . "' AND intitule = '" . $setting . "'");
        //in case of stats enabled, update the actual time
        if ($setting == 'send_stats') {
            //Check if previous time exists, if not them insert this value in DB
            $data_time = $db->fetch_row("SELECT COUNT(*) FROM " . $pre . "misc WHERE type='" . $type . "' AND intitule = '" . $setting . "_time'");
            if ($data_time[0] == 0) {
                $db->query_insert("misc", array('valeur' => 0, 'type' => $type, 'intitule' => $setting . '_time'));
            } else {
                $db->query_update("misc", array('valeur' => 0), "type='" . $type . "' AND intitule = '" . $setting . "_time'");
            }
        }
    }
    //save in variable
    if ($type == "admin") {
        $_SESSION['settings'][$setting] = $val;
    } else {
        if ($type == "settings") {
            $settings[$setting] = $val;
        }
    }
}
Ejemplo n.º 5
0
	function salvar($id,$nome, $email)
	{
	
		$db = new Database();
		
		// inserir
		if($id == 0)
		{
			$sql = 'insert into periodo ( nome ) values ("'.$nome.'")';
			return $db->query_insert($sql);
		}
		else
		{ 
			// atualizar
			$sql = ' update periodo set nome = "'.$nome.'" where id = ' .$id;
			return $db->query_update($sql);

		}
	}
Ejemplo n.º 6
0
function sendSMSAlert($geoAssId, $devDateTime)
{
    $db = new Database(DB_SERVER, DB_USER, DB_PASS, DB_DATABASE);
    $db->connect();
    $getData = "SELECT * FROM tb_assigngeofence,tb_deviceinfo,tb_geofence_info,tb_clientinfo WHERE ci_id = tag_clientId AND tgi_id = tag_geofenceId AND di_id = tag_diId AND tag_id = " . $geoAssId;
    $resData = mysql_query($getData);
    if (@mysql_affected_rows() > 0) {
        $fetData = mysql_fetch_assoc($resData);
        $from = "";
        $to = $fetData[tag_alertSrc];
        if ($fetData[di_deviceName]) {
            $devName = $fetData[di_deviceName];
        } else {
            $devName = $fetData[di_deviceId];
        }
        if ($fetData[tag_inout] == "in") {
            $status = "entered zone";
        } else {
            $status = "left zone";
        }
        $msg = "Dear " . ucfirst($fetData[ci_clientName]) . "! " . $devName . " has " . $status . " " . $fetData[tgi_name] . " at " . date("H:i:s", strtotime($devDateTime)) . " - " . $fetData[ci_weburl];
        //echo $msg;
        $smsres = sendSMS($from, $to, $msg);
        $smsdata['tsi_mobileno'] = $fetData[tag_alertSrc];
        $smsdata['tsi_tgai_id'] = $geoAssId;
        $smsdata['tsi_smsResult'] = $smsres;
        $smsdata['tsi_message'] = urlencode($msg);
        $smsdata['tsi_smsType'] = "GEOALERT";
        //print_r($smsdata);
        //exit;
        if ($db->query_insert("tb_smsinfo", $smsdata)) {
            $res = 1;
        } else {
            $res = 0;
        }
        return $res;
        //print_r($fetData);
    }
}
Ejemplo n.º 7
0
 public function insertNewTransfer($eventId, $offer)
 {
     $insert['mode'] = $_GET['mode'];
     $insert['event_id'] = $eventId;
     $insert['start'] = $_POST['start'];
     $insert['via'] = $_POST['via'];
     $insert['destination'] = $_POST['destination'];
     $insert['email'] = $_POST['email'];
     $insert['name'] = $_POST['name'];
     $insert['message'] = $_POST['message'];
     $insert['centre_fk'] = $_SESSION['centreIdent'];
     #echo "*".$_SESSION['centreIdent'];
     #check for Spamrobots
     if ($_SESSION['centreIdent'] != '') {
         echo "Spam";
         $db = new Database();
         $db->connect();
         $db->query_insert("transfer", $insert);
         $this->debug("NEW TRANSFER ENTRY", "Inserting transfer with the following content:\n" . $this->convert($insert));
         $db->close();
     }
 }
Ejemplo n.º 8
0
include_once 'includes/database.class.php';
require_once 'config.php';
$db = new Database($mysql_db_host, $mysql_db_user, $mysql_db_passwd, $mysql_db_name, $table_prefix);
$db->connect();
switch ($_GET['action']) {
    case "deactivate":
        $data['action'] = 0;
        $db->query_update("plugins", $data, "filename='" . $_GET['filename'] . "'");
        break;
    case "activate":
        $sql = "SELECT * FROM " . $table_prefix . "plugins WHERE filename = '" . $db->escape($_GET['filename']) . "'";
        $count = count($db->fetch_all_array($sql));
        if ($count < 1) {
            $data['filename'] = $_GET['filename'];
            $data['action'] = 1;
            $db->query_insert("plugins", $data);
        } else {
            $data['action'] = 1;
            $db->query_update("plugins", $data, "filename='" . $_GET['filename'] . "'");
        }
        break;
}
$sql = "SELECT filename, action FROM " . $table_prefix . "plugins WHERE action = '" . $db->escape(1) . "'";
$result_rows = $db->fetch_all_array($sql);
$plugin_list = new phphooks();
$plugin_headers = $plugin_list->get_plugins_header();
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
Ejemplo n.º 9
0
function logEvents($type, $label, $who)
{
    global $server, $user, $pass, $database, $pre;
    //include librairies & connect to DB
    require_once "class.database.php";
    $db = new Database($server, $user, $pass, $database, $pre);
    $db->connect();
    $db->query_insert("log_system", array('type' => $type, 'date' => mktime(date('h'), date('i'), date('s'), date('m'), date('d'), date('y')), 'label' => $label, 'qui' => $who));
}
// Photo name : timestamp-random(year,timestamp)-locationid_photoid.jpg
$photo_name = $date[0] . '-' . rand($date[year], $date[0]) . '-' . $subDirImage . "_" . $subPhotoID . ".jpg";
$path = "./../upload/{$dir}/{$subDirImage}/" . $photo_name;
// Write photo
$base = $_POST['photo_upload'];
if ($base != "") {
    $binary = base64_decode($base);
    $file = fopen($path, 'a');
    fwrite($file, $binary);
    fclose($file);
    chmod($path, 0766);
    $UploadImage['LOCATION_CATE_ID'] = $_POST["location_cate_id"];
    $UploadImage['LOCATION_ID'] = $_POST["location_id"];
    $UploadImage['PHOTO_NAME'] = $photo_name;
    $UploadImage['OWNER_NAME'] = $_POST["user_name"];
    $insertPhoto = $db->query_insert("photo", $UploadImage);
} else {
    echo "ไม่มีภาพอัพโหลด";
}
//Find PHOTO_ID
$sql = "SELECT MAX( PHOTO_ID ) as maxPho_ID FROM photo";
$q_maxPhotoID = $db->query($sql);
if ($_maxPhotoID = $db->fetch_array($q_maxPhotoID)) {
    $maxPhoto_ID = $_maxPhotoID['maxPho_ID'];
}
// INSER OWNER
$_user_id = $_REQUEST['user_id'];
$_user_name = $_REQUEST['user_name'];
$_user_username = $_REQUEST['user_username'];
$userInsert['USER_ID'] = $_user_id;
$userInsert['USER_NAME'] = $_user_name;
Ejemplo n.º 11
0
        echo "{$errstr} ({$errno})<br />\n";
    } else {
        $out = "GET /api/v1/xml/" . $user_proj . "/commits/master HTTP/1.1\r\n";
        $out .= "Host: google.com \r\n";
        $out .= "Connection: Close\r\n\r\n";
        fwrite($fp, $out);
        while (!feof($fp)) {
            $results .= fgets($fp, 128);
        }
        fclose($fp);
    }
    $post_results = parseHttpResponse($results);
    $objXML = new xml2Array();
    $arrOutput = $objXML->parse($post_results);
    $github_result = $arrOutput[0]['children'];
    for ($i = 0; $i < count($github_result); $i++) {
        $commit_id = $github_result[$i]['children'][4]['tagData'];
        $message = $github_result[$i]['children'][0]['tagData'];
        $date = str_replace('T', ' T ', $github_result[$i]['children'][5]['tagData']);
        $commiter = $github_result[$i]['children'][3]['children'][0]['tagData'] . "/" . $github_result[$i]['children'][3]['children'][1]['tagData'];
        $unix_stamp = strtotime($date);
        echo "{$message} [{$commit_id}] was commited by {$commiter} on " . $unix_stamp . " \n";
        if (strlen($mydb->first("SELECT `sum` FROM commits WHERE `sum`='{$commit_id}'")) == 0) {
            $ar = array('id' => null, 'user' => $commiter, 'message' => $message, 'sum' => $commit_id, 'project' => $r['id']);
            $mydb->query_insert('commits', $ar);
            $LASTID = $mydb->lastID();
            $s->n($LASTID, '', 'git', $r['id'], $unix_stamp);
        }
        //echo "<a href='#' onclick=\"insertAtCursor(document.reply.report, '[GIT]".$commit_id."[/GIT]');\" title=\".". $date . "\">" .$message . "</a><small>[" . $commit_id . "]</small>";
    }
}
Ejemplo n.º 12
0
    }
    @fclose($file1);
}
if (isset($_GET[add_stop_name]) && $_GET[add_stop_name] != '') {
    //echo $_GET[add_stop_name];
    $getCont = "select * from tb_geofence_info where tgi_name = '" . $_GET[add_stop_name] . "' OR tgi_latLong = '" . $_GET[mapPt] . "' AND tgi_clientId =" . $_SESSION[clientID];
    $resCont = $db->query($getCont);
    if ($db->affected_rows == 0) {
        $cdata["tgi_clientId"] = $_SESSION[clientID];
        $cdata["tgi_name"] = $_GET[add_stop_name];
        $cdata["tgi_isActive"] = 1;
        $cdata["tgi_radius"] = "0.5";
        $cdata["tgi_latLong"] = $_GET[mapPt];
        //print_r($cdata);
        //exit;
        if ($db->query_insert("tb_geofence_info", $cdata)) {
            echo 1;
        } else {
            echo 0;
        }
    } else {
        echo 0;
    }
}
if ($_GET[date_offline] != '' && $_GET[sessionid] != '') {
    if (isset($_GET[date_offline]) && $_GET[date_offline]) {
        $date_offline = $_GET[date_offline];
    } else {
        $date_offline = date('d-m-Y');
    }
    $getUserInfo = "SELECT * FROM tb_userinfo,tb_clientinfo WHERE ui_id  = " . $_SESSION[userID] . " AND ci_id = " . $_SESSION[clientID];
Ejemplo n.º 13
0
     $db->query_update('nested_tree', array('parent_id' => $_POST['newparent_id']), "id=" . $id[1]);
     //Get the title to display it
     $data = $db->fetch_row("SELECT title FROM " . $pre . "nested_tree WHERE id = " . $_POST['newparent_id']);
     //show value
     echo $data[0];
     //rebuild the tree grid
     $tree = new NestedTree($pre . 'nested_tree', 'id', 'parent_id', 'title');
     $tree->rebuild();
 } else {
     if (isset($_POST['changer_complexite'])) {
         $id = explode('_', $_POST['id']);
         //Check if group exists
         $tmp = $db->fetch_row("SELECT COUNT(*) FROM " . $pre . "misc WHERE type = 'complex' AND intitule = '" . $id[1] . "'");
         if ($tmp[0] == 0) {
             //Insert into DB
             $db->query_insert('misc', array('type' => 'complex', 'intitule' => $id[1], 'valeur' => $_POST['changer_complexite']));
         } else {
             //update DB
             $db->query_update('misc', array('valeur' => $_POST['changer_complexite']), "type='complex' AND  intitule = " . $id[1]);
         }
         //Get title to display it
         echo $mdp_complexite[$_POST['changer_complexite']][1];
         //rebuild the tree grid
         $tree = new NestedTree($pre . 'nested_tree', 'id', 'parent_id', 'title');
         $tree->rebuild();
     } else {
         if (isset($_POST['type'])) {
             switch ($_POST['type']) {
                 // CASE where DELETING a group
                 case "supprimer_groupe":
                     // this will delete all sub folders and items associated
Ejemplo n.º 14
0
if (isset($_POST["titlechange"]) && $isadmin == 1) {
    $tickid = $mydb->clean($_POST["tickid"], '', '');
    $mydb->query_update("list", array('title' => $_POST["titlechange"]), "id='{$tickid}'");
    echo "Title changed.";
}
if (isset($_POST["closeticket"]) && $isadmin == 1) {
    $closeticket = $mydb->clean($_POST["tickid"], '', '');
    $mydb->query_update('list', array('status' => 0, 'finished' => time()), "id='{$closeticket}'");
    echo "Ok";
}
if (isset($_POST["openticket"]) && $isadmin == 1) {
    $closeticket = $mydb->clean($_POST["tickid"], '', '');
    $mydb->query_update('list', array('status' => 1, 'finished' => '0'), "id='{$closeticket}'");
    echo "Ok";
}
if (isset($_POST["changepri"]) && $isadmin == 1) {
    $changepri = $mydb->clean($_POST["changepri"], '', '');
    $id = $mydb->clean($_POST["id"], '', '');
    $mydb->query_update('list', array('priority' => $changepri), "id='{$id}'");
    //print_r($_POST);
}
// adds to do items
if (isset($_POST["addtodo"])) {
    $id = $mydb->clean($_POST["id"], '', '');
    $mydb->query_insert('todo_list', array('id' => 'null', 'tid' => $_POST['id'], 'content' => $_POST['item'], 'status' => 0));
    echo $mydb->lastID();
}
if (isset($_POST["markfinish"])) {
    $mydb->query_update('todo_list', array('status' => 1), "id='" . $mydb->clean($_POST["id"], '', '') . "'");
}
//print_r($_POST);
Ejemplo n.º 15
0
	$parent_check = $db->query($parent_rec); 
	//check if parend data exist

	if ($record = $db->fetch_array($parent_check)!=null) {

		// $prnt_code['email_code'] = md5($record['email'] + microtime());//for email ver.
		// $db->query_update("tblparents", $prnt_code, "id='$parent_id'");
		//check slot available
		$checkSlot = "SELECT student_id, student_id2, student_id3 FROM tblparents where id='$parent_id'"; 
		$queryCheck = $db->query($checkSlot);

		while ($record = $db->fetch_array($queryCheck)) {

			if ($record['student_id']=="" && $student0['fname'] != NULL && $student0['lname'] != NULL && $student0['year_level'] != NULL ) {

				$primary_id = $db->query_insert("tblstudents", $student0);//insert new student record in the tblstudents
				$newStdID["student_id"] = $primary_id; 
				$db->query_update("tblparents", $newStdID, "id='$parent_id'");

				if ($record['student_id2']=="" && $student1['fname'] != NULL && $student1['lname'] != NULL && $student1['year_level'] != NULL ){

				$primary_id = $db->query_insert("tblstudents", $student1);//insert new student record in the tblstudents
				$newStdID["student_id2"] = $primary_id; 
				$db->query_update("tblparents", $newStdID, "id='$parent_id'");
				}

				if($record['student_id3']=="" && $student2['fname'] != NULL && $student2['lname'] != NULL && $student2['year_level'] != NULL ){

				$primary_id = $db->query_insert("tblstudents", $student2);//insert new student record in the tblstudents
				$newStdID["student_id3"] = $primary_id; 
				$db->query_update("tblparents", $newStdID, "id='$parent_id'");
Ejemplo n.º 16
0
         echo '[{"error":"no" , "output" : "' . $display . '"}]';
     }
     break;
     //Insert into DB the items the user has selected
 //Insert into DB the items the user has selected
 case "import_items":
     include 'main.functions.php';
     foreach (explode('@_#sep#_@', mysql_real_escape_string(stripslashes($_POST['data']))) as $item) {
         //For each item, insert into DB
         $item = explode('@|@', $item);
         //explode item to get all fields
         //Encryption key
         $random_key = GenerateKey();
         $pw = $random_key . $item[2];
         // Insert new item in table ITEMS
         $new_id = $db->query_insert("items", array('label' => $item[0], 'description' => $item[4], 'pw' => encrypt($pw, mysql_real_escape_string(stripslashes($_SESSION['my_sk']))), 'url' => $item[3], 'id_tree' => $_POST['folder'], 'login' => $item[1], 'anyone_can_modify' => $_POST['import_csv_anyone_can_modify'] == "true" ? 1 : 0));
         //Store generated key
         $db->query_insert('keys', array('table' => 'items', 'id' => $new_id, 'rand_key' => $random_key));
         //if asked, anyone in role can modify
         if (isset($_POST['import_csv_anyone_can_modify_in_role']) && $_POST['import_csv_anyone_can_modify_in_role'] == "true") {
             foreach ($_SESSION['arr_roles'] as $role) {
                 $db->query_insert('restriction_to_roles', array('role_id' => $role['id'], 'item_id' => $new_id));
             }
         }
         // Insert new item in table LOGS_ITEMS
         $db->query_insert('log_items', array('id_item' => $new_id, 'date' => mktime(date('H'), date('i'), date('s'), date('m'), date('d'), date('y')), 'id_user' => $_SESSION['user_id'], 'action' => 'at_creation'));
         //reload Cache table
         UpdateCacheTable("reload", "");
         echo '[{"item":"' . $item[5] . '"}]';
     }
     break;
Ejemplo n.º 17
0
 if (isset($_SESSION['settings']['duplicate_item']) && $_SESSION['settings']['duplicate_item'] == 0 && $item_exists == 0 || isset($_SESSION['settings']['duplicate_item']) && $_SESSION['settings']['duplicate_item'] == 1) {
     //set key if non personal item
     if ($data_received['is_pf'] != 1) {
         //generate random key
         $random_key = GenerateKey();
         $pw = $random_key . $pw;
     }
     //encrypt PW
     if ($data_received['salt_key_set'] == 1 && isset($data_received['salt_key_set']) && $data_received['is_pf'] == 1 && isset($data_received['is_pf'])) {
         $pw = encrypt($pw, mysql_real_escape_string(stripslashes($_SESSION['my_sk'])));
         $resticted_to = $_SESSION['user_id'];
     } else {
         $pw = encrypt($pw);
     }
     //ADD item
     $new_id = $db->query_insert('items', array('label' => $label, 'description' => $data_received['description'], 'pw' => $pw, 'url' => $url, 'id_tree' => $data_received['categorie'], 'login' => $login, 'inactif' => '0', 'restricted_to' => isset($data_received['restricted_to']) ? $data_received['restricted_to'] : '', 'perso' => $data_received['salt_key_set'] == 1 && isset($data_received['salt_key_set']) && $data_received['is_pf'] == 1 && isset($data_received['is_pf']) ? '1' : '0', 'anyone_can_modify' => isset($data_received['anyone_can_modify']) && $data_received['anyone_can_modify'] == "on" ? '1' : '0'));
     //Store generated key
     if ($data_received['is_pf'] != 1) {
         $db->query_insert('keys', array('table' => 'items', 'id' => $new_id, 'rand_key' => $random_key));
     }
     //Manage retriction_to_roles
     if (isset($data_received['restricted_to_roles'])) {
         foreach (array_filter(explode(';', $data_received['restricted_to_roles'])) as $role) {
             $db->query_insert('restriction_to_roles', array('role_id' => $role, 'item_id' => $new_id));
         }
     }
     //log
     $db->query_insert('log_items', array('id_item' => $new_id, 'date' => mktime(date('H'), date('i'), date('s'), date('m'), date('d'), date('y')), 'id_user' => $_SESSION['user_id'], 'action' => 'at_creation'));
     //Add tags
     $tags = explode(' ', $tags);
     foreach ($tags as $tag) {
Ejemplo n.º 18
0
        echo 4;
    } else {
        echo 5;
    }
}
if (isset($_GET[addGeoPoint]) && $_GET[addGeoPoint] != '') {
    $getCont = "select * from tb_geofence_info where tgi_name = '" . $_GET[name] . "' OR tgi_latLong = '" . $_GET[param] . "' AND tgi_clientId =" . $_SESSION[clientID];
    $resCont = $db->query($getCont);
    if ($db->affected_rows == 0) {
        $cdata["tgi_clientId"] = $_SESSION[clientID];
        $cdata["tgi_name"] = $_GET[name];
        $cdata["tgi_isActive"] = 1;
        $cdata["tgi_radius"] = $_GET[radius];
        $cdata["tgi_latLong"] = $_GET[param];
        //print_r($cdata);
        if ($db->query_insert("tb_geofence_info", $cdata)) {
            echo 1;
        } else {
            echo 0;
        }
    } else {
        $fetCont = $db->fetch_array($resCont);
        $cdata["tgi_clientId"] = $_SESSION[clientID];
        $cdata["tgi_name"] = $_GET[name];
        $cdata["tgi_isActive"] = 1;
        $cdata["tgi_radius"] = $_GET[radius];
        $cdata["tgi_latLong"] = $_GET[param];
        //print_r($cdata);
        if ($db->query_update("tb_geofence_info", $cdata, "tgi_id = " . $fetCont[tgi_id])) {
            echo 2;
        } else {
Ejemplo n.º 19
0
	$parent["password"] 		=		 $_POST["password"];
	$parent["phone"] 			=		 $_POST["phone_number"];
	$parent["postcode"] 		=		 $_POST["postcode"];
	$parent["state"] 			=		 $_POST["state"];
	$parent["date_registered"]  =		 "NOW()";

	$emailsession				=		 $_POST["email"];

	$prnt_email = $_POST["email"];
	$prt_email = "SELECT email FROM tblparents where email='$prnt_email'";
	$check_email = $db->query($prt_email);

	//check email if it already exist
	if ($record = $db->fetch_array($check_email)==null) {

		$primary_id = $db->query_insert("tblparents", $parent);
		if (isset($_SESSION['views'])) { //this is for the email verification page
			$_SESSION['views']=$_SESSION['views']+1;
			$_SESSION['parent_id']=$primary_id;
		}else{
			$_SESSION['views']=1;
		}
		header("Location:student_registration.php");
		exit();

	}else{
		echo "<script>
		alert('Email account already exist!'); 
		window.history.go(-1);
		</script>";
	}
Ejemplo n.º 20
0
     $message .= "</table>";
     $message .= "</body></html>";
     //echo $sub;
     //exit;
     if ($mailres = sendMail($t, $sub, $message, $fr)) {
         $data['tdai_status'] = 1;
         $data['tdai_deliveryTime'] = date("Y-m-d H:i:s");
         if ($db->query_update("tb_device_alert_info", $data, "tdai_id=" . $record[tdai_id])) {
             $maildata['tmi_email'] = $t;
             $maildata['tmi_tgai_id'] = $record[tdai_id];
             $maildata['tmi_mailResult'] = $mailres;
             $maildata['tmi_message'] = $message;
             $maildata['tmi_mailType'] = "DATEALERT";
             //print_r($maildata);
             //exit;
             if ($db->query_insert("tb_mail_info", $maildata)) {
                 echo "done";
             } else {
                 echo "no";
             }
         }
     }
 } elseif ($record[tdai_alertType] == "Mobile") {
     $from = "";
     $to = $record[tdai_source];
     $msg = "Dear " . ucfirst($record[ci_clientName]) . "! " . $devName . " has " . $record[tdai_purpose] . ". pls log in for desc- " . $record[ci_weburl];
     //echo $msg;
     //exit;
     if ($smsres = sendSMS($from, $to, $msg)) {
         $data['tdai_status'] = 1;
         $data['tdai_deliveryTime'] = date("Y-m-d H:i:s");
Ejemplo n.º 21
0
     $db->query_update('nested_tree', array('parent_id' => $_POST['newparent_id']), "id=" . $id[1]);
     //Get the title to display it
     $data = $db->fetch_row("SELECT title FROM " . $pre . "nested_tree WHERE id = " . $_POST['newparent_id']);
     //show value
     echo $data[0];
     //rebuild the tree grid
     $tree = new NestedTree($pre . 'nested_tree', 'id', 'parent_id', 'title');
     $tree->rebuild();
 } else {
     if (isset($_POST['changer_complexite'])) {
         $id = explode('_', $_POST['id']);
         //Check if group exists
         $tmp = $db->fetch_row("SELECT COUNT(*) FROM " . $pre . "misc WHERE type = 'complex' AND intitule = '" . $id[1] . "'");
         if ($tmp[0] == 0) {
             //Insert into DB
             $db->query_insert('misc', array('type' => 'complex', 'intitule' => $id[1], 'valeur' => $_POST['changer_complexite']));
         } else {
             //update DB
             $db->query_update('misc', array('valeur' => $_POST['changer_complexite']), "type='complex' AND  intitule = " . $id[1]);
         }
         //Get title to display it
         echo $mdp_complexite[$_POST['changer_complexite']][1];
         //rebuild the tree grid
         $tree = new NestedTree($pre . 'nested_tree', 'id', 'parent_id', 'title');
         $tree->rebuild();
     } else {
         if (isset($_POST['type'])) {
             switch ($_POST['type']) {
                 // CASE where DELETING a group
                 case "delete_folder":
                     $folders_deleted = "";
Ejemplo n.º 22
0
        $error_dat['status'] = "success";
        $error_dat['reason'] = "Registration Complete...";
    }
    sleep(3);
    echo json_encode($error_dat);
} elseif ($_GET['action'] == 'makesim' && !empty($_POST['MSISDN'])) {
    $preMSISDN = $_POST['MSISDN'][0] . $_POST['MSISDN'][1] . $_POST['MSISDN'][2] . $_POST['MSISDN'][3];
    $data['IMSI'] = "91" . $preMSISDN . rand('199999', '999999');
    $data['IMEI'] = "956647" . "894467" . rand('199999', '999999');
    $data['Ki'] = genRandKey(128);
    $data['NSP'] = getNSP($preMSISDN);
    $sql = "SELECT * FROM " . MSCTBL . " WHERE `MSISDN` = '" . $_POST['MSISDN'] . "'";
    $row = $db->query_first($sql);
    if (empty($row)) {
        $data['MSISDN'] = $_POST['MSISDN'];
        $db->query_insert(MSCTBL, $data);
    } else {
        $db->query_update(MSCTBL, $data, " `MSISDN` = '" . $_POST['MSISDN'] . "' ");
        $data['MSISDN'] = $_POST['MSISDN'];
    }
    echo json_encode($data);
} elseif ($_GET['action'] == 'authenticate' && !empty($_POST['MSISDN']) && !empty($_POST['TMSI'])) {
    $sql = "SELECT * FROM " . MSCTBL . " WHERE `MSISDN` = '" . $_POST['MSISDN'] . "' AND `TMSI` = '" . $_POST['TMSI'] . "'";
    $row = $db->query_first($sql);
    if (empty($row)) {
        $error_dat['status'] = "error";
        $error_dat['reason'] = "Device Not Registered...";
    } else {
        $error_dat['RAND'] = genRandKey(128);
        $error_dat['RES'] = resGen($error_dat['RAND'], $row['Ki'], 128);
        $error_dat['status'] = "success";
Ejemplo n.º 23
0
     $db->query_update("users", array('fonction_id' => $new_fonctions), "id = " . $val[0]);
     break;
     ## ADD NEW USER ##
 ## ADD NEW USER ##
 case "add_new_user":
     //Check KEY
     if ($_POST['key'] != $_SESSION['key']) {
         //error
         exit;
     }
     // Check if user already exists
     $db->query("SELECT id, fonction_id, groupes_interdits, groupes_visibles FROM " . $pre . "users WHERE login LIKE '" . mysql_real_escape_string(stripslashes($_POST['login'])) . "'");
     $data = $db->fetch_array();
     if (empty($data['id'])) {
         //Add user in DB
         $new_user_id = $db->query_insert("users", array('login' => htmlspecialchars_decode($_POST['login']), 'pw' => encrypt(string_utf8_decode($_POST['pw'])), 'email' => $_POST['email'], 'admin' => $_POST['admin'] == "true" ? '1' : '0', 'gestionnaire' => $_POST['manager'] == "true" ? '1' : '0', 'read_only' => $_POST['read_only'] == "true" ? '1' : '0', 'personal_folder' => $_POST['personal_folder'] == "true" ? '1' : '0', 'fonction_id' => $_POST['manager'] == "true" ? $_SESSION['fonction_id'] : '0', 'groupes_interdits' => $_POST['manager'] == "true" ? $data['groupes_interdits'] : '0', 'groupes_visibles' => $_POST['manager'] == "true" ? $data['groupes_visibles'] : '0'));
         //Create personnal folder
         if ($_POST['personal_folder'] == "true") {
             $db->query_insert("nested_tree", array('parent_id' => '0', 'title' => $new_user_id, 'bloquer_creation' => '0', 'bloquer_modification' => '0', 'personal_folder' => '1'));
         }
         //Create folder and role for domain
         if ($_POST['new_folder_role_domain'] == "true") {
             //create folder
             $new_folder_id = $db->query_insert("nested_tree", array('parent_id' => 0, 'title' => mysql_real_escape_string(stripslashes($_POST['domain'])), 'personal_folder' => 0, 'renewal_period' => 0, 'bloquer_creation' => '0', 'bloquer_modification' => '0'));
             //Add complexity
             $db->query_insert("misc", array('type' => 'complex', 'intitule' => $new_folder_id, 'valeur' => 50));
             //Create role
             $new_role_id = $db->query_insert("roles_title", array('title' => mysql_real_escape_string(stripslashes($_POST['domain']))));
             //Associate new role to new folder
             $db->query_insert('roles_values', array('folder_id' => $new_folder_id, 'role_id' => $new_role_id));
             //Add the new user to this role
Ejemplo n.º 24
0
     }
     echo '[{"text":"' . $texte . '</table><div style=\'margin-left:5px;\'><input type=\'checkbox\' id=\'item_deleted_select_all\' />&nbsp;<img src=\\"includes/images/arrow-repeat.png\\" title=\\"' . $txt['restore'] . '\\" style=\\"cursor:pointer;\\" onclick=\\"restoreDeletedItems()\\">&nbsp;<img src=\\"includes/images/bin_empty.png\\" title=\\"' . $txt['delete'] . '\\" style=\\"cursor:pointer;\\" onclick=\\"reallyDeleteItems()\\"></div>"}]';
     break;
     #----------------------------------
     #CASE admin want to restaure a list of deleted items
 #----------------------------------
 #CASE admin want to restaure a list of deleted items
 case "restore_deleted__items":
     //restore FOLDERS
     if (count($_POST['list_f']) > 0) {
         foreach (explode(';', $_POST['list_f']) as $id) {
             $data = $db->query_first("\r\n\t\t\t\t\tSELECT valeur\r\n\t\t            FROM " . $pre . "misc\r\n\t\t            WHERE type = 'folder_deleted'\r\n\t\t            AND intitule = '" . $id . "'");
             if ($data['valeur'] != 0) {
                 $folder_data = explode(',', $data['valeur']);
                 //insert deleted folder
                 $db->query_insert('nested_tree', array('id' => $folder_data[0], 'parent_id' => $folder_data[1], 'title' => $folder_data[2], 'nleft' => $folder_data[3], 'nright' => $folder_data[4], 'nlevel' => $folder_data[5], 'bloquer_creation' => $folder_data[6], 'bloquer_modification' => $folder_data[7], 'personal_folder' => $folder_data[8], 'renewal_period' => $folder_data[9]));
                 //delete log
                 $db->query("DELETE FROM " . $pre . "misc WHERE type = 'folder_deleted' AND intitule= '" . $id . "'");
             }
         }
     }
     //restore ITEMS
     if (count($_POST['list_i']) > 0) {
         foreach (explode(';', $_POST['list_i']) as $id) {
             $db->query_update("items", array('inactif' => '0'), 'id = ' . $id);
             //log
             $db->query("INSERT INTO " . $pre . "log_items VALUES ('" . $id . "','" . mktime(date('H'), date('i'), date('s'), date('m'), date('d'), date('y')) . "','" . $_SESSION['user_id'] . "','at_restored','')");
         }
     }
     break;
     #----------------------------------
Ejemplo n.º 25
0
         $ldap_connection = false;
     }
     if ($debug_ldap == 1) {
         fputs($dbg_ldap, "After authenticate : " . $adldap->get_last_error() . "\n\n\n" . "ldap status : " . $ldap_connection . "\n\n\n");
         //Debug
     }
 }
 //Check if user exists in cpassman
 $sql = "SELECT * FROM " . $pre . "users WHERE login = '******'";
 $row = $db->query($sql);
 $proceed_identification = false;
 if (mysql_num_rows($row) > 0) {
     $proceed_identification = true;
 } elseif (mysql_num_rows($row) == 0 && $ldap_connection == true) {
     //If LDAP enabled, create user in CPM if doesn't exist
     $new_user_id = $db->query_insert("users", array('login' => $username, 'pw' => $password, 'email' => "", 'admin' => '0', 'gestionnaire' => '0', 'personal_folder' => $_SESSION['settings']['enable_pf_feature'] == "1" ? '1' : '0', 'fonction_id' => '0', 'groupes_interdits' => '0', 'groupes_visibles' => '0', 'last_pw_change' => mktime(date('h'), date('m'), date('s'), date('m'), date('d'), date('y'))));
     //Create personnal folder
     if ($_SESSION['settings']['enable_pf_feature'] == "1") {
         $db->query_insert("nested_tree", array('parent_id' => '0', 'title' => $new_user_id, 'bloquer_creation' => '0', 'bloquer_modification' => '0', 'personal_folder' => '1'));
     }
     //Get info for user
     $sql = "SELECT * FROM " . $pre . "users WHERE login = '******'";
     $row = $db->query($sql);
     $proceed_identification = true;
 }
 if ($proceed_identification === true) {
     //User exists in the DB
     $data = $db->fetch_array($row);
     // Can connect if
     // 1- no LDAP mode + user enabled + pw ok
     // 2- LDAP mode + user enabled + ldap connection ok + user is not admin
Ejemplo n.º 26
0
<?php

$db = new Database($db_host, $db_username, $db_password, $db_name);
$db->connect();
$err = "";
if (isset($_POST['submit']) && $_POST['submit'] != "") {
    $error = 0;
    if ($_POST['address'] == "") {
        $error++;
    }
    if ($_POST['lat'] == "") {
        $error++;
    }
    if ($_POST['lng'] == "") {
        $error++;
    }
    if ($error == 0) {
        $insert_array['eyo_admin_id'] = $_SESSION['user_id'];
        $insert_array['full_address'] = $_POST['address'];
        $insert_array['lat'] = $_POST['lat'];
        $insert_array['lng'] = $_POST['lng'];
        if ($db->query_insert($TABLE_EYO_MAP, $insert_array)) {
            $err = "Map saved succesfully";
        }
    } else {
        $err = "Please select valid position from the map";
    }
}
$sql = "SELECT * from " . $TABLE_EYO_MAP . " order by id desc";
$map_result = $db->fetch_all_array($sql);
Ejemplo n.º 27
0
            //get full tree dependencies
            require_once "NestedTree.class.php";
            $tree = new NestedTree($pre . 'nested_tree', 'id', 'parent_id', 'title');
            $tree = $tree->getDescendants($_POST['folder'], true);
            if (isset($_POST['allowed']) and $_POST['allowed'] == 1) {
                //case where folder was allowed but not any more
                foreach ($tree as $node) {
                    //Store in DB
                    $db->query_delete('roles_values', array('folder_id' => $node->id, 'role_id' => $_POST['role']));
                }
            } else {
                if ($_POST['allowed'] == 0) {
                    //case where folder was not allowed but allowed now
                    foreach ($tree as $node) {
                        //Store in DB
                        $db->query_insert('roles_values', array('folder_id' => $node->id, 'role_id' => $_POST['role']));
                    }
                }
            }
            echo 'httpRequest("sources/roles.queries.php","type=rafraichir_matrice");';
            echo '$("#div_loading").hide();';
            break;
    }
} else {
    if (!empty($_POST['edit_fonction'])) {
        $id = explode('_', $_POST['id']);
        //Update DB
        $db->query_update('roles_title', array('title' => mysql_real_escape_string(stripslashes(utf8_decode($_POST['edit_fonction'])))), "id = " . $id[1]);
        //Show value
        echo $_POST['edit_fonction'];
    }
Ejemplo n.º 28
0
     break;
     ###########################################################
     #CASE for refreshing all Personal Folders
 ###########################################################
 #CASE for refreshing all Personal Folders
 case "admin_action_check_pf":
     //get through all users
     $rows = $db->fetch_all_array("SELECT id,login,email FROM " . $pre . "users ORDER BY login ASC");
     foreach ($rows as $record) {
         //update PF field for user
         $db->query_update('users', array('personal_folder' => '1'), "id='" . $record['id'] . "'");
         //if folder doesn't exist then create it
         $data = $db->fetch_row("SELECT COUNT(*) FROM " . $pre . "nested_tree WHERE title = '" . $record['id'] . "' AND parent_id = 0");
         if ($data[0] == 0) {
             //If not exist then add it
             $db->query_insert("nested_tree", array('parent_id' => '0', 'title' => $record['id'], 'personal_folder' => '1'));
         } else {
             //If exists then update it
             $db->query_update('nested_tree', array('personal_folder' => '1'), array("title" => $record['id'], 'parent_id' => '0'));
         }
     }
     //Delete PF for deleted users
     $db->query("\r\n\t\t\tDELETE " . $pre . "nested_tree\r\n    \t\tFROM " . $pre . "nested_tree\r\n    \t\tLEFT JOIN " . $pre . "users\r\n    \t\tON " . $pre . "nested_tree.title = " . $pre . "users.id\r\n    \t\tWHERE " . $pre . "users.id IS NULL  AND " . $pre . "nested_tree.parent_id=0 AND " . $pre . "nested_tree.title REGEXP ('[0-9]')\r\n    \t");
     //rebuild fuild tree folder
     require_once 'NestedTree.class.php';
     $tree = new NestedTree($pre . 'nested_tree', 'id', 'parent_id', 'title');
     $tree->rebuild();
     echo '[{"result" : "pf_done"}]';
     break;
     ###########################################################
     #CASE for deleting all items from DB that are linked to a folder that has been deleted
Ejemplo n.º 29
0
 $resAlertImeiInfo = $db->query($getAlertImeiInfo);
 if ($db->affected_rows == 0) {
     $getAlertInfo = "SELECT * FROM tb_geoalertinfo WHERE tgai_geoAssignId = " . $aid;
     $resAlertInfo = $db->query($getAlertInfo);
     if ($db->affected_rows == 0) {
         if ($_GET[inoutFlag] == $_GET[inoutPoint]) {
             $smsStatus = sendSMSAlert($aid);
             if ($smsStatus) {
                 $data['tgai_assignDevId'] = $devImei;
                 $data['tgai_geoAssignId'] = $aid;
                 $data['tgai_inoutStatus'] = 0;
                 $data['tgai_alertCount'] = 1;
                 $data['tgai_alertType'] = $_GET[inoutPoint];
                 $data['tgai_reachdevTime1'] = date("Y-m-d H:i:s", strtotime($_GET[devDateTime]));
                 //print_r($data);
                 if ($db->query_insert("tb_geoalertinfo", $data)) {
                     $res = 1;
                 } else {
                     $res = 0;
                 }
                 echo "SMS";
             }
         }
     }
 } else {
     $fetAlertImeiInfo = $db->fetch_array($resAlertImeiInfo);
     if ($fetAlertImeiInfo[tgai_geoAssignId] == $aid) {
         if ($fetAlertImeiInfo[tgai_inoutStatus] == 0) {
             if ($_GET[inoutFlag] != $_GET[inoutPoint]) {
                 $data['tgai_inoutStatus'] = 1;
                 $data['tgai_reachdevTime2'] = date("Y-m-d H:i:s", strtotime($_GET[devDateTime]));
Ejemplo n.º 30
0
function sendAlert($geoAssId, $devDateTime)
{
    $db = new Database(DB_SERVER, DB_USER, DB_PASS, DB_DATABASE);
    $db->connect();
    $getData = "SELECT * FROM tb_assigngeofence,tb_deviceinfo,tb_geofence_info,tb_clientinfo WHERE ci_id = tag_clientId AND tgi_id = tag_geofenceId AND di_id = tag_diId AND tag_id = " . $geoAssId;
    $resData = mysql_query($getData);
    if (@mysql_affected_rows() > 0) {
        $fetData = mysql_fetch_assoc($resData);
        //print_r($fetData);
        $getReseller = "select * from tb_clientinfo where ci_id = " . $fetData[ci_clientId];
        $resReseller = mysql_query($getReseller);
        $fetReseller = @mysql_fetch_assoc($resReseller);
        //print_r($fetReseller);
        if ($fetData[di_deviceName]) {
            $devName = $fetData[di_deviceName];
        } else {
            $devName = $fetData[di_deviceId];
        }
        if ($fetData[tag_inout] == "in") {
            $status = "entered zone";
        } else {
            $status = "left zone";
        }
        $info = $devName . " has " . $status . " " . $fetData[tgi_name] . " at " . date("d M Y H:i:s", strtotime($devDateTime)) . " " . $fetData[tag_alertType] . " " . $fetData[tag_alertSrc];
        if ($fetData[tag_alertType] == "Email") {
            $to = $fetData[tag_alertSrc];
            $sub = "Geofence Alert - " . $fetReseller[ci_clientName];
            $msg = "<b>Dear " . ucfirst($fetData[ci_clientName]) . "! </b><br><br>Vehicle " . $devName . " has " . $status . " " . $fetData[tgi_name] . " at " . date("d M Y H:i", strtotime($devDateTime)) . "<br><br> - " . $fetReseller[ci_weburl];
            $fr = $fetReseller[ci_clientName];
            //echo $msg;
            //exit;
            $mailres = sendSMTPMail($to, $sub, $msg, $fetReseller[ci_clientName], $fetReseller[ci_smtpHostname], $fetReseller[ci_smtpUsername], $fetReseller[ci_smtpPassword], $fetReseller[ci_smtpUsername]);
            $mailString = $to . "," . $fetReseller[ci_clientName] . "," . $fetReseller[ci_smtpHostname] . "," . $fetReseller[ci_smtpUsername] . "," . $fetReseller[ci_smtpPassword] . "," . $fetReseller[ci_smtpUsername] . "," . $mailres;
            writeGeoData(date("d-m-Y", strtotime($devDateTime)), date("H:i:s", strtotime($devDateTime)), strip_tags($info), $mailString);
            $maildata['tmi_email'] = $to;
            $maildata['tmi_tgai_id'] = $geoAssId;
            $maildata['tmi_mailResult'] = $mailres;
            $maildata['tmi_message'] = urlencode($msg);
            $maildata['tmi_mailType'] = "GEOALERT";
            //print_r($maildata);
            //exit;
            if ($db->query_insert("tb_mail_info", $maildata)) {
                return 1;
            } else {
                return 0;
            }
        } else {
            if ($fetData[tag_alertType] == "Mobile") {
                $from = "";
                $to_nos = explode(',', $fetData[tag_alertSrc]);
                foreach ($to_nos as $to) {
                    if ($to != "") {
                        $msg = "Dear " . ucfirst($fetData[ci_clientName]) . "! " . $devName . " has " . $status . " " . $fetData[tgi_name] . " at " . date("H:i:s", strtotime($devDateTime)) . " - " . $fetData[ci_weburl];
                        $smsres = sendGatewaySMS($from, $to, $msg, $fetReseller[ci_smsGatewayUri], $fetReseller[ci_smsGatewayUsername], $fetReseller[ci_smsGatewayPassword], $fetReseller[ci_smsGatewaySenderId]);
                    }
                }
                $smsString = $fetData[tag_alertSrc] . "," . $fetReseller[ci_smsGatewayUri] . "," . $fetReseller[ci_smsGatewayUsername] . "," . $fetReseller[ci_smsGatewayPassword] . "," . $fetReseller[ci_smsGatewaySenderId] . "," . $smsres;
                writeGeoData(date("d-m-Y", strtotime($devDateTime)), date("H:i:s", strtotime($devDateTime)), strip_tags($info), $smsString);
                $smsdata['tsi_mobileno'] = $fetData[tag_alertSrc];
                $smsdata['tsi_tgai_id'] = $geoAssId;
                $smsdata['tsi_smsResult'] = $smsres;
                $smsdata['tsi_message'] = urlencode($msg);
                $smsdata['tsi_smsType'] = "GEOALERT";
                //print_r($smsdata);
                //exit;
                if ($db->query_insert("tb_smsinfo", $smsdata)) {
                    return 1;
                } else {
                    return 0;
                }
            }
        }
        //exit;
        //return 1;
    }
}