function getPage()
{
if (!isset($_REQUEST['page'])) {
$page = 1;
} else {
$page = $_REQUEST['page'];
}
$oid = mysql_query($this->query);
$pagerLength = mysql_affected_rows();
if ($pagerLength > 0) {
$this->template = new Template($this->templateFile);
$min = ($page - 1) * $this->pageLength;
$max = $page * $this->pageLength;
$query = $this->query . " LIMIT {$min}, {$this->pageLength}";
$this->buffer = Parser::getResult($query);
foreach ($this->buffer as $data) {
$this->display($data);
}
$this->pageNumber = ceil($pagerLength / $this->pageLength);
$this->template->setContent("pageNumber", $this->pageNumber);
$this->template->setContent("page", $page);
$script = basename($_SERVER['SCRIPT_FILENAME']);
$pars = $_SERVER['QUERY_STRING'];
if ($this->pageNumber == 1) {
$next = "avanti »";
$prev = "« indietro";
} else {
if ($page == $this->pageNumber) {
$next = "avanti »";
$prevPage = $page - 1;
$prev = "<a href=\"{$script}?{$pars}&page={$prevPage}\">« indietro</a>";
} else {
if ($page == 1) {
$prev = "« indietro";
$nextPage = $page + 1;
$next = "<a href=\"{$script}?{$pars}&page={$nextPage}\">avanti »</a>";
} else {
$nextPage = $page + 1;
$next = "<a href=\"{$script}?{$pars}&page={$nextPage}\">avanti »</a>";
$prevPage = $page - 1;
$prev = "<a href=\"{$script}?{$pars}&page={$prevPage}\">« indietro</a>";
}
}
}
$this->template->setContent("next", $next);
$this->template->setContent("prev", $prev);
} else {
$this->template = new Template($this->emptyTemplateFile);
}
return $this->template->get();
}
function getResultArray($query, $field)
{
$data = Parser::getResult($query);
$i = 0;
while ($data[$i]) {
$result[] = $data[$i][$field];
$i++;
}
return $result;
}
static function doLogin()
{
$sys_users_Entity = $GLOBALS["sys_user"];
$sys_service_Entity = $GLOBALS["sys_service"];
$sys_servicecategory_Entity = $GLOBALS["sys_servicecategory"];
$sys_group_Entity = $GLOBALS["sys_group"];
$sys_user_group_Relation = $GLOBALS["sys_user_sys_group"];
$sys_service_group_Relation = $GLOBALS["sys_service_sys_group"];
$join_entities = array();
$join_entities[] = $sys_user_group_Relation;
$join_entities[] = $sys_group_Entity;
$join_entities[] = $sys_service_group_Relation;
$join_entities[] = $sys_service_Entity;
$where_conditions = array();
if (isset($_POST['username']) && isset($_POST['password'])) {
$where_conditions["username"] = $_POST['username'];
$where_conditions["password"] = md5($_POST['password']);
}
if (!isset($_SESSION['user'])) {
$debug_action = "USER NOT LOGGED";
if (!isset($_POST['username']) and !isset($_POST['password'])) {
if (!isset($_SESSION['HTTP_LOGIN'])) {
unset($GLOBALS['_SERVER']['PHP_AUTH_PW']);
unset($GLOBALS['_SERVER']['PHP_AUTH_USER']);
}
if (!isset($_SERVER['PHP_AUTH_USER']) and !isset($_SERVER['PHP_AUTH_PW'])) {
Header("Location: admin.php");
exit;
} else {
$_POST['username'] = $_SERVER['PHP_AUTH_USER'];
$_POST['password'] = $_SERVER['PHP_AUTH_PW'];
$_SESSION['HTTP_LOGIN'] = false;
}
}
$name = addcslashes($_POST['username'], "'");
$oid = mysql_query("SELECT * \r\n\t\t \t FROM {$GLOBALS['usersEntity']->name} \r\n\t\t \t WHERE username = '******'\r\n\t\t \t AND password = MD5('{$_POST['password']}')");
if (!$oid) {
echo "Error in database!<hr>";
echo mysql_error();
exit;
}
//if (mysql_num_rows($oid) == 0)
if (!self::doAuth($_POST['username'], md5($_POST['password']))) {
Header("Location: error.php?id=loginError");
exit;
} else {
$userdata = mysql_fetch_assoc($oid);
$_SESSION['user']['username'] = $userdata['username'];
$_SESSION['user']['name'] = $userdata['name'];
$_SESSION['user']['surname'] = $userdata['surname'];
$_SESSION['user']['email'] = $userdata['email'];
$oid = mysql_query("SELECT DISTINCT {$GLOBALS['usersEntity']->name}.username, \r\n\t\t\t\t {$GLOBALS['servicesEntity']->name}.entry AS serviceName,\r\n\t\t\t\t {$GLOBALS['servicesEntity']->name}.visible,\r\n\t\t\t\t {$GLOBALS['servicesEntity']->name}.entities AS entity,\r\n\t\t\t\t {$GLOBALS['servicesEntity']->name}.script,\r\n\t\t\t\t {$GLOBALS['servicesEntity']->name}.superuser_group,\r\n\t\t\t\t {$GLOBALS['servicecategoryEntity']->name}.name AS category,\r\n\t\t\t\t {$GLOBALS['entitiesEntity']->name}.name AS tableName,\r\n\t\t\t\t {$GLOBALS['usersGroupsRelation']->name}.id_sys_group\r\n\t\t\t\t \r\n FROM {$GLOBALS['usersEntity']->name} \r\n LEFT JOIN {$GLOBALS['usersGroupsRelation']->name} \r\n ON {$GLOBALS['usersGroupsRelation']->name}.username_sys_user = {$GLOBALS['usersEntity']->name}.username\r\n LEFT JOIN {$GLOBALS['groupsEntity']->name} \r\n ON {$GLOBALS['groupsEntity']->name}.id = {$GLOBALS['usersGroupsRelation']->name}.id_{$GLOBALS['groupsEntity']->name}\r\n LEFT JOIN {$GLOBALS['servicesGroupsRelation']->name} \r\n ON {$GLOBALS['servicesGroupsRelation']->name}.id_{$GLOBALS['groupsEntity']->name} = {$GLOBALS['groupsEntity']->name}.id\r\n LEFT JOIN {$GLOBALS['servicesEntity']->name} \r\n ON {$GLOBALS['servicesEntity']->name}.id = {$GLOBALS['servicesGroupsRelation']->name}.id_{$GLOBALS['servicesEntity']->name}\r\n LEFT JOIN {$GLOBALS['entitiesEntity']->name}\r\n ON {$GLOBALS['entitiesEntity']->name}.name = {$GLOBALS['servicesEntity']->name}.entities\r\n LEFT JOIN {$GLOBALS['servicecategoryEntity']->name}\r\n ON {$GLOBALS['servicecategoryEntity']->name}.id = {$GLOBALS['servicesEntity']->name}.servicecategory\r\n \r\n WHERE {$GLOBALS['usersEntity']->name}.username = '******'user']['username']}'\r\n ORDER BY {$GLOBALS['servicecategoryEntity']->name}.position, {$GLOBALS['servicesEntity']->name}.position");
if (!$oid) {
echo "Error in database!<hr>";
echo mysql_error();
exit;
}
while ($data = $data = mysql_fetch_assoc($oid)) {
$_SESSION['user']['services'][] = $data;
$_SESSION['user']['services'][$data['script']] = $data;
$_SESSION['user']['groups'][$data['id_sys_group']] = $data['id_sys_group'];
}
$lastlogin = Parser::getResult("\r\n\t\t\t\t SELECT * \r\n\t\t\t\t FROM {$GLOBALS['logEntity']->name} \r\n\t\t\t\t WHERE username = '******'user']['username']}'\r\n\t\t\t\t AND operation = 'LOGIN'\r\n\t\t\t\t ORDER BY date DESC\r\n\t\t\t\t LIMIT 1");
if (isset($lastlogin)) {
$lastLogin = $lastlogin[0];
$_SESSION['user']['lastlogin'] = $lastLogin['date'];
} else {
$_SESSION['user']['lastlogin'] = "";
}
$GLOBALS['logEntity']->insertItem(NULL, 'LOGIN', '', '', basename($_SERVER['SCRIPT_FILENAME']), $_SESSION['user']['username'], date("YmdHi"), $_SERVER['HTTP_HOST']);
}
} else {
$debug_action = "USER_LOGGED";
}
if (is_array($_SESSION['user']['services'])) {
$debug_action = " services array ";
} else {
$debug_action = " services NOT array ";
}
$trovato = false;
$error = 212;
if (is_array($_SESSION['user']['services'])) {
foreach ($_SESSION['user']['services'] as $k => $v) {
$error = 217;
if ($v['script'] == basename($_SERVER['SCRIPT_NAME'])) {
$trovato = true;
$currentService = $v;
$error = 223;
}
}
}
if (basename($_SERVER['SCRIPT_NAME']) == "error.php" or basename($_SERVER['SCRIPT_NAME']) == "login.php" or basename($_SERVER['SCRIPT_NAME']) == "logout.php") {
$trovato = true;
}
if (!$trovato) {
#echo $script;
if (basename($_SERVER['SCRIPT_NAME']) != "ajax-manager.php") {
Header("Location: error.php?id=priviledgeError&{$error}&{$debug_action}");
exit;
}
}
///se abilitato il datafiltering///////////////////////////////////////
if (isset($currentService['tableName'])) {
// Data Filtering Check
if (isset($_REQUEST['page']) and $_REQUEST['page'] > 0 and $_REQUEST['action'] == "edit") {
$result = mysql_query("select * from {$currentService['tableName']}");
if (!$result) {
echo "Generic Database Error!";
exit;
}
$meta = mysql_fetch_field($result, 0);
if (!$meta) {
echo "Metadata Error!";
exit;
}
$oid = mysql_query("SELECT username\r\n\t\t\t FROM {$currentService['tableName']}\r\n \t\t\t\t\t WHERE {$meta->name} = '{$_REQUEST['value']}' ");
if (!$oid) {
echo "Error in database!<hr>";
echo mysql_error();
exit;
}
$data = mysql_fetch_assoc($oid);
if ($data['username'] != $_SESSION['user']['username']) {
/* CHECK FOR SUPERUSER_GROUP */
$superuser_group = Auth::getSuperusergroup();
$mygroups = Auth::getGroups();
echo Auth::isSuperuser();
if (!in_array(Auth::getSuperusergroup(), Auth::getGroups()) and !Auth::isAdmin()) {
Header("Location: error.php?id=dataFiltering&289");
exit;
} else {
}
}
}
}
$config = Config::getInstance()->getConfigurations();
if (!isset($_SESSION['registered-user'])) {
$trovato = false;
if (is_array($_SESSION['user']['services'])) {
foreach ($_SESSION['user']['services'] as $k => $v) {
if ($v['id_sys_group'] == $config['registered_usergroup']) {
$script = $_SERVER['HTTP_REFERER'];
$_SESSION['registered-user'] = true;
Header("Location: {$script}");
exit;
}
}
}
}
////////////////////////////////////////////////////
$_SESSION['user']['admin'] = false;
if (is_array($_SESSION['user']['services'])) {
foreach ($_SESSION['user']['services'] as $k => $v) {
if ($v['id_sys_group'] == $config['admin_usergroup']) {
$_SESSION['user']['admin'] = true;
}
}
}
}
function lastupdate($name, $data, $pars)
{
$update = Parser::getResult("\r\n\t\t\r\n\t\t\tSELECT date\r\n\t\t\t FROM {$GLOBALS['logEntity']->name}\r\n\t\t\t WHERE entity = '{$GLOBALS['newsEntity']->name}' \r\n\t\t\t AND (operation = 'ADD' or operation = 'EDIT')\r\n\t\t ORDER BY date DESC\r\n\t\t LIMIT 1\r\n\t\t");
return Parser::formatDate($update[0]['date'], EXTENDED);
}
/**
* Bid on yahoo lot with seted price
* @param int $price Price for bid
* @param string $auc_url URL with auction ID
* @return bool Reurn true if bid successful
*/
public function bid($price = null, $auc_url = null)
{
$body = $this->getBody($auc_url);
$values = Parser::getHiddenInputValues($body);
$options = $this->createRequstOptions($values, $price);
Log::debug('------ Browser start ------');
Arrlog::arr_to_log($options);
Log::debug('------- Browser end -------');
$body = $this->getBody(static::$BID_PREVIEW, null, $options, Requests::POST);
$values = Parser::getHiddenInputValues($body);
$options = $this->createRequstOptions($values, $price);
Log::debug('------ Browser start ------');
Arrlog::arr_to_log($options);
Log::debug('------- Browser end -------');
if (\Config::get('my.test_mode.enabled')) {
$body = $this->getResultPage();
} else {
$body = $this->getBody(static::$PLACE_BID, null, $options, Requests::POST);
}
$result = Parser::getResult($body);
return $result;
}
function path($name, $data, $pars)
{
if ($data != "") {
$content = "";
$id_menu = $data;
do {
$item = Parser::getResult("SELECT menu.*,\r\n\t\t\t\t\t\tpages.title,\r\n\t\t\t\t\t\tpages.id AS pages_id\r\n\t\t\t\t\t\tFROM menu\r\n\t\t\t\t\t\tLEFT JOIN pages\r\n\t\t\t\t\t\tON pages.id = menu.page_id\r\n\t\t\t\t\t\tWHERE menu.id = {$id_menu}\r\n\t\t\t\tORDER BY position");
$id_menu = $item[0]['parent_id'];
if ($item[0]['link'] != "") {
$content = "<a href=\"{$item[0]['link']}\">{$item[0]['entry']}</a>" . Parser::first_comma("path", " » ") . $content;
} else {
$content = "<a href=\"page/" . Parser::seo_url($item[0]['title']) . "/{$item[0]['pages_id']}-{$item[0]['id']}.htm\">{$item[0]['entry']}</a>" . Parser::first_comma("path", " > ") . $content;
}
} while ($item[0]['parent_id'] != 0);
return $content;
}
}
function liveReport2($name, $entityName, $pars)
{
$item = new Template(Settings::getSkin() . "/liveReport2.html");
$length = $pars['length'];
$index = false;
foreach ($_SESSION['user']['services'] as $k => $v) {
if ($v['script'] == basename($_SERVER['SCRIPT_FILENAME'])) {
$index = $k;
break;
}
}
if (!$index) {
$item->setContent("title", "Report");
} else {
$item->setContent("title", $_SESSION['user']['services'][$index]['serviceName']);
}
$data = Parser::getResult("SELECT COUNT(*) AS count FROM {$entityName}");
$item->setContent("length", $length);
$item->setContent("total", $data[0]['count']);
$item->setContent("entity", $entityName);
$item->setContent("script", basename($_SERVER['SCRIPT_FILENAME']));
$item->setContent("query", Parser::encrypt($GLOBALS['currentform']->reportQuery));
return $item->get();
}
