function scan($dir)
{
$accessableFiles = dbClass::getAccessableFiles($_COOKIE['userId']);
$folder = [];
foreach ($accessableFiles as $index => $code) {
if (strpos($code['file'], '/') !== false) {
$code['file'] = explode('/', $code['file'])[1];
}
$folder[] = $code['file'];
}
$files = array();
// Is there actually such a folder/file?
if (file_exists($dir)) {
$allowedFolder = $accessableFiles[0]['file'];
foreach (scandir($dir) as $f) {
if (!$f || $f[0] == '.') {
continue;
// Ignore hidden files
}
if (is_dir($dir . '/' . $f)) {
// The path is a folder
for ($i = 0; $i < count($folder); $i++) {
if ($f == $folder[$i]) {
$files[] = array("name" => $f, "type" => "folder", 'checked' => false, "path" => $dir . '/' . $f, "items" => scan($dir . '/' . $f));
}
}
} else {
// It is a file
$files[] = array("name" => $f, "type" => "file", 'checked' => false, "path" => $dir . '/' . $f, "size" => filesize($dir . '/' . $f));
}
}
}
return $files;
}
function create_tree()
{
if (count($this->files) > 2) {
/* First 2 entries are . and .. -skip them */
natcasesort($this->files);
$list = '<ul class="filetree" style="display: none;">';
if (isset(explode('=', $_SERVER['HTTP_REFERER'])[1])) {
$id = explode('=', $_SERVER['HTTP_REFERER'])[1];
$files = dbClass::getAccessableFiles($id);
$filesNeedsToBeChecked = [];
foreach ($files as $fl) {
$filesNeedsToBeChecked[] .= $fl['file'];
}
foreach ($this->files as $file) {
if (file_exists($this->folder . $file) && $file != '.' && $file != '..' && is_dir($this->folder . $file)) {
$fls = str_replace('/', '', explode('../../files/', $this->folder)[1]);
if (in_array($file, $filesNeedsToBeChecked)) {
$list .= '<li class="folder collapsed checkAll"><input type="checkbox" checked name="file[]" value="' . $this->folder . $file . '" class="left"><a href="#" rel="' . htmlentities($this->folder . $file) . '/">' . htmlentities($file) . '</a></li>';
} else {
$list .= '<li class="folder collapsed checkAll"><input type="checkbox" name="file[]" value="' . $this->folder . $file . '" class="left"><a href="#" rel="' . htmlentities($this->folder . $file) . '/">' . htmlentities($file) . '</a></li>';
}
}
}
// Group all files
foreach ($this->files as $file) {
if (file_exists($this->folder . $file) && $file != '.' && $file != '..' && !is_dir($this->folder . $file)) {
$ext = preg_replace('/^.*\\./', '', $file);
$fls = $this->folder . $file;
$fls = explode('../../files/', $fls)[1];
if (in_array($fls, $filesNeedsToBeChecked)) {
$list .= '<li class="file ext_' . $ext . '"><a for="' . $file . '" rel="' . htmlentities($this->folder . $file) . '">' . htmlentities($file) . '</a></li>';
} else {
$list .= '<li class="file ext_' . $ext . '"><a for="' . $file . '" rel="' . htmlentities($this->folder . $file) . '">' . htmlentities($file) . '</a></li>';
}
}
}
} else {
// Group folders first
foreach ($this->files as $file) {
if (file_exists($this->folder . $file) && $file != '.' && $file != '..' && is_dir($this->folder . $file)) {
$list .= '<li class="folder collapsed checkAll"><input type="checkbox" name="file[]" value="' . $this->folder . $file . '" class="left"><a href="#" rel="' . htmlentities($this->folder . $file) . '/">' . htmlentities($file) . '</a></li>';
}
}
// Group all files
foreach ($this->files as $file) {
if (file_exists($this->folder . $file) && $file != '.' && $file != '..' && !is_dir($this->folder . $file)) {
$ext = preg_replace('/^.*\\./', '', $file);
$list .= '<li class="file ext_' . $ext . '"><a for="' . $file . '" rel="' . htmlentities($this->folder . $file) . '">' . htmlentities($file) . '</a></li>';
}
}
}
$list .= '</ul>';
return $list;
}
}
public function __construct($handle = null)
{
$this->connection = $handle;
$this->query = $this->result = null;
$this->parameters = array();
//$this->numberRecords = 0; // probably no longer needed
$this->fields = array();
$this->fieldNames = array();
$this->primaryKeys = array();
$this->foreignKeys = array();
$this->reverseForeignKeys = null;
$this->logFile = null;
$this->schema = null;
dbClass::$instance = $this;
// construct new dbClass::$instances element using host and database name?
}
<?php
include_once '../gears/config.php';
include_once $cfg['realpath'] . '/gears/headers.php';
include_once $cfg['realpath'] . '/gears/bootstrap.php';
include_once $cfg['realpath'] . '/gears/functions.php';
include_once $cfg['realpath'] . '/gears/l18n.php';
include_once $cfg['realpath'] . '/gears/db.php';
$_ts = microtime_float();
// смотрим язык пользователя
$cfg['ln'] = getClientLang();
// создаем инстанс подключения к базе
$db = new dbClass($cfg['db']);
// забираем из базы опции и кладем их в конфиг
$options = $db->query("SELECT * FROM options");
// кладем в конфиг все что забрали из базы (все опции)
if (isset($options[0])) {
foreach ($options as $k => $v) {
$cfg['options'][$v->option] = $v->value;
}
}
unset($options);
// смотрим на авторизацию
include $cfg['realpath'] . '/gears/auth_init.php';
$country = addslashes(strip_tags(filter_input(INPUT_POST, 'country', FILTER_UNSAFE_RAW)));
$state = addslashes(strip_tags(filter_input(INPUT_POST, 'state', FILTER_UNSAFE_RAW)));
// если просят только чистых
$clear = addslashes(strip_tags(filter_input(INPUT_POST, 'isclear', FILTER_VALIDATE_BOOLEAN)));
$shop_id = addslashes(strip_tags(filter_input(INPUT_POST, 'shop_id', FILTER_VALIDATE_INT)));
//debug($clear);exit();
if ($clear == 1) {
<a href='create.php' class='btn'>New folder permission</a>
<table class='table' width='100%' cellpadding='5' cellspacing='0'>
<tr>
<th>ID</th>
<th>Group</th>
<th>Password</th>
<th>Set up By</th>
<th>Created</th>
<th> </th>
</tr>
<?php
$passwords = dbClass::fetchAllPasswords();
foreach ($passwords as $password) {
$adminName = dbClass::getUserById($password['admin_id'])['username'];
?>
<tr>
<td><?php
echo $password['id'];
?>
</td>
<td><?php
echo $password['name'];
?>
</td>
<td><?php
echo $password['password'];
?>
</td>
<td><?php
<?php
///////////////////////////////////
// Example to Show How to get 2D
// Array AKA Recordset from a
// Database and output to screen
///////////////////////////////////
include "dbclass.php";
$a = new dbClass('localhost', 'test', 'root', 'password');
$rowOut = array();
$tblList = array();
$dbList = array();
// Set connection variables and open database connection ------------------------------------
$a->openConnection();
// Execute Single Row Query and display results ---------------------------------------------
$sql = "SELECT * FROM `test1`";
$rowOut = $a->query2DArray($sql);
$nr_rows = $a->queryNumRows();
// Number of rows in dataset
$nr_cols = $a->queryNumCols();
// Number of columns in dataset
echo "<table border=1 bordercolor=black>";
for ($i = 0; $i < $nr_rows; $i++) {
echo "<tr>";
for ($j = 0; $j < $nr_cols; $j++) {
echo "<td>" . $rowOut[$i][$j] . "</td>";
}
echo "</tr>";
}
echo "</table><br><br>";
echo "<b>Number of Columns in Query is:</b> " . $nr_cols . "<br>";
<?php
require_once "../../lib/config.php";
require_once "../../lib/dbclass.php";
$owner_id = 1;
$dir_id = $_POST['dirID'];
$ntime = time();
$filename = $_FILES['Filedata']["name"];
//檔案原始名稱
//$filename_fix = str_replace(" ","_",$filename);
$explodestr = explode(".", $filename);
//主、副檔案名稱分割
$x = $explodestr[count($explodestr) - 1];
//x = 副檔名
$randnum = rand();
$uploadname = $ntime . $randnum . "." . $x;
//伺服器上檔案名稱
$filesize = $_FILES['Filedata']["size"];
//取得檔案大小
$filetype = $x;
//取得檔案型態 = 副檔名
$tempfile = $_FILES['Filedata']["tmp_name"];
$filepath = $file_real_path . $uploadname;
//上傳路徑
copy($tempfile, $filepath);
$db = new dbClass($db_username, $db_password, $db_database, $db_hostname);
$db->start();
$sql = "INSERT INTO file_data (`file_owner_id`,\t `file_name`, `file_size`, `file_type`, `file_upname`, `file_dir`, `upload_time`) \n\t\tVALUES \t\t\t\t ('" . $owner_id . "','" . $filename . "','" . $filesize . "','" . $filetype . "','" . $uploadname . "','" . $dir_id . "', NOW())";
$db->query($sql);
$db->close();
<div class='panel'>
<h2>Users</h2>
<a href='create.php' class='btn'>New User</a>
<table class='table' width='100%' cellpadding='3' cellspacing='3'>
<tr>
<th>ID</th>
<th>Username</th>
<th>Email</th>
<th>Last Login</th>
<th>Login IP</th>
<th> </th>
</tr>
<?php
$users = dbClass::fetchAllUsers();
foreach ($users as $user) {
?>
<tr>
<td><?php
echo $user['id'];
?>
</td>
<td><?php
echo $user['username'];
?>
</td>
<td><?php
echo $user['email'];
?>
</td>
<?php
/////////////////////////////////////
// Example to show how to obtain
// a resultset from a database table
/////////////////////////////////////
include "dbclass.php";
// Set connection variables and open database connection ------------------------------------
$db = new dbClass('localhost', 'database', 'root', 'password');
$db->openConnection();
// Execute Single Row Query and display results ---------------------------------------------
$sql = "SELECT * FROM `test1`;";
$result = $db->queryResultset($sql);
$i = 0;
$num = mysql_numrows($result);
while ($i < $num) {
$c1 = mysql_result($result, $i, "column1");
$c2 = mysql_result($result, $i, "column2");
echo "{$c1} - {$c2} <br>";
$i++;
}
$db->closeConnection();
<?php
include_once '../gears/config.php';
include_once $cfg['realpath'] . '/gears/headers.php';
include_once $cfg['realpath'] . '/gears/bootstrap.php';
include_once $cfg['realpath'] . '/gears/functions.php';
include_once $cfg['realpath'] . '/gears/l18n.php';
include_once $cfg['realpath'] . '/gears/db.php';
$_ts = microtime_float();
// смотрим язык пользователя
$cfg['ln'] = getClientLang();
// создаем инстанс подключения к базе
$db = new dbClass($cfg['db']);
// забираем из базы опции и кладем их в конфиг
$options = $db->query("SELECT * FROM options");
// кладем в конфиг все что забрали из базы (все опции)
if (isset($options[0])) {
foreach ($options as $k => $v) {
$cfg['options'][$v->option] = $v->value;
}
}
unset($options);
// смотрим на авторизацию
include $cfg['realpath'] . '/gears/auth_init.php';
// фильтруем входящие данные
$id = filter_input(INPUT_POST, 'id', FILTER_VALIDATE_INT);
$text = addslashes(strip_tags(filter_input(INPUT_POST, 'text', FILTER_UNSAFE_RAW)));
$type = filter_input(INPUT_POST, 'type', FILTER_UNSAFE_RAW);
if ($type != 'private' && $type != 'public') {
$type = 'private';
}
<?php
include '../../includes/conf.ini.php';
include '../../includes/DBConn.php';
include '../../includes/function.php';
include '../../includes/dateClass.php';
$data = new dbClass();
$birth = date_format(date_create($_REQUEST['birth']), 'Y-m-d');
$sql = "update person set \nprename='" . $_REQUEST['prename'] . "', \nfname='" . $_REQUEST['fname'] . "', \nlname='" . $_REQUEST['lname'] . "', \nbirth='" . $birth . "', \nsex='" . $_REQUEST['sex'] . "', \nidcard='" . $_REQUEST['cid'] . "', \nbloodgroup='" . $_REQUEST['bloodgroup'] . "', \nbloodrh='" . $_REQUEST['bloodrh'] . "', \nmarystatus='" . $_REQUEST['marystatus'] . "', \neducate='" . $_REQUEST['educate'] . "', \noccupa='" . $_REQUEST['occupa'] . "', \nnation='" . $_REQUEST['nation'] . "', \norigin='" . $_REQUEST['origin'] . "', \nreligion='" . $_REQUEST['religion'] . "', \nfamilyposition='" . $_REQUEST['familyposition'] . "', \ntypelive='" . $_REQUEST['typelive'] . "', \ndischargetype='" . $_REQUEST['dischargetype'] . "' where pid='" . $_REQUEST['pid'] . "'";
$db->exec($sql);
echo "บันทึก/ปรับปรุงข้อมูล";
echo "<br>";
echo $data->GetStringData("select concat('คุณ',fname,' ',lname) as cc from person where idcard=" . $_REQUEST['cid']);
echo "<br>";
echo "เสร็จสมบูรณ์";
?>
<?php
///////////////////////////////////////
// Example to show how to Obtain the
// insert ID of the Last Record
// inserted into the database table
///////////////////////////////////////
include "dbclass.php";
$a = new dbClass('localhost', 'test', 'root', 'password');
// Open database connection -------------------------------------------------------------------------
$a->openConnection();
// Execute an SQL command like INSERT or UPDATE ----------------------------------------------
$a->execCommand("INSERT INTO `test1` (column1,column2,column3,column4) VALUES ('1','2','3','4');");
$LastInsertID = $a->getLastInsertID();
echo "The Last Record ID you Inserted was: " . $LastInsertID;
$a->closeConnection();
?>
<?php
require_once "./lib/config.php";
require_once "./lib/dbclass.php";
require_once "./lib/JSON.php";
$json = new Services_JSON();
$node = isset($_POST['node']) && $_POST['node'] != 0 ? $_POST['node'] : 0;
$sql = "select dir.*, user.user_name \n\t\tfrom `dir_data` dir, `user_data` user\n\t\twhere dir.dir_parent = " . $node . "\n\t\tand dir.dir_owner_id = user.user_id";
$db = new dbClass($db_username, $db_password, $db_database, $db_hostname);
$db->start();
$result = $db->query($sql);
while ($arr = $db->getarray($result)) {
$qtip = '擁有者:' . $arr['user_name'] . "<br>\n\t\t\t 建立日期:" . $arr['dir_creat_time'];
$nodes[] = array('text' => $arr['dir_name'], 'id' => $arr['dir_id'], 'qtip' => $qtip, 'cls' => 'folder');
}
echo $json->encode($nodes);
/*
// from php manual page
function formatBytes($val, $digits = 3, $mode = "SI", $bB = "B"){ //$mode == "SI"|"IEC", $bB == "b"|"B"
$si = array("", "K", "M", "G", "T", "P", "E", "Z", "Y");
$iec = array("", "Ki", "Mi", "Gi", "Ti", "Pi", "Ei", "Zi", "Yi");
switch(strtoupper($mode)) {
case "SI" : $factor = 1000; $symbols = $si; break;
case "IEC" : $factor = 1024; $symbols = $iec; break;
default : $factor = 1000; $symbols = $si; break;
}
switch($bB) {
case "b" : $val *= 8; break;
default : $bB = "B"; break;
}
for($i=0;$i<count($symbols)-1 && $val>=$factor;$i++)
<?php
require_once '../../classes/dbClass.php';
if (isset($_GET['id'])) {
$id = $_GET['id'];
if (dbClass::getPasswordById($id)) {
if (dbClass::deletePassword($id)) {
header('location: index.php');
} else {
header('location: index.php');
}
} else {
header('location: index.php');
}
} else {
header('location: index.php');
}
<?php
/////////////////////////////////////
// Example to show how to obtain
// a single record from database
// table, how to get the number
// of rows returned for a query
// and how to Insert a new record
// into an existing database table
/////////////////////////////////////
include "dbclass.php";
$a = new dbClass('localhost', 'test', 'root', 'password');
$rowOut = array();
$tblList = array();
$dbList = array();
$numRows = 0;
// Set connection variables and open database connection ------------------------------------
$a->openConnection();
// Execute Single Row Query and display results ---------------------------------------------
$sql = "SELECT * FROM `test1`;";
$rowOut = $a->queryRowArray($sql);
// Count the number of rows returned in a query ----------------------------------------------
$numRows = $a->queryNumRows();
$numCols = $a->queryNumCols();
echo "<table border=1 bordercolor=black>";
for ($i = 0; $i < $numCols; $i++) {
echo "<tr><td><b>Column {$i}:</b></td><td>" . $rowOut[$i] . "</td></tr>";
}
echo "</table><br><br>";
echo "<b>Number of Columns in Query is:</b> " . $numCols . "<br>";
echo "<b>Number of Rows in Query is:</b> " . $numRows . "<br>";
<?php
include_once '../gears/config.php';
include_once $cfg['realpath'] . '/gears/headers.php';
include_once $cfg['realpath'] . '/gears/bootstrap.php';
include_once $cfg['realpath'] . '/gears/functions.php';
include_once $cfg['realpath'] . '/gears/l18n.php';
include_once $cfg['realpath'] . '/gears/db.php';
$_ts = microtime_float();
// смотрим язык пользователя
$cfg['ln'] = getClientLang();
// создаем инстанс подключения к базе
$db = new dbClass($cfg['db']);
// забираем из базы опции и кладем их в конфиг
$options = $db->query("SELECT * FROM options");
// кладем в конфиг все что забрали из базы (все опции)
if (isset($options[0])) {
foreach ($options as $k => $v) {
$cfg['options'][$v->option] = $v->value;
}
}
unset($options);
// смотрим на авторизацию
include $cfg['realpath'] . '/gears/auth_init.php';
if ($user['rankname'] != 'admin' && $user['rankname'] != 'support') {
exit;
}
$shop_id = filter_input(INPUT_POST, 'shop_id', FILTER_VALIDATE_INT);
$drop_id = filter_input(INPUT_POST, 'drop_id', FILTER_VALIDATE_INT);
$shipper_id = filter_input(INPUT_POST, 'shipper_id', FILTER_VALIDATE_INT);
if (!isset($shop_id) || empty($shop_id) || $shop_id == '' || $shop_id === false) {
background:-webkit-gradient( linear, left top, left bottom, color-stop(0.05, #8C8C8C), color-stop(1, #7D7D7D) );
background:-moz-linear-gradient( center top, #8C8C8C 5%, #7D7D7D 100% );
filter:progid:DXImageTransform.Microsoft.gradient(startColorstr='#8C8C8C', endColorstr='#7D7D7D');
background-color:#8C8C8C; }
.datagrid table tfoot ul.active,
.datagrid table tfoot ul a:hover { text-decoration: none;border-color: #7D7D7D; color: #F5F5F5; background: none; background-color:#8C8C8C;}
div.dhtmlx_window_active, div.dhx_modal_cover_dv { position: fixed !important; }
</style>
<?php
include '../../includes/conf.ini.php';
include '../../includes/DBConn.php';
include '../../includes/function.php';
include '../../includes/dateClass.php';
include '../../includes/encode.php';
$encode = new encriptStrClass();
$data = new dbClass();
?>
<div class="datagrid">
<table>
<thead>
<tr>
<th align="center">CID
</th>
<th align="center">ชื่อ - สกุล
</th>
<th align="center">อายุ
</th>
<th align="center" >ที่อยู่
</th>
<th align="center" width="10px">
function displayGrid($tablename, $begin)
{
parent::openConnection();
if ($begin < strval($this->start) + strval($this->perPage)) {
$this->start = 0;
$this->end = strval($this->start) + strval($this->perPage);
} else {
$this->start = $begin;
$this->end = strval($this->start) + strval($this->perPage);
}
$this->sql = "SELECT * FROM `{$tablename}` Limit {$this->start},{$this->perPage}";
$this->rowOut = parent::query2DArray($this->sql);
$this->nr_rows = parent::queryNumRows();
$this->nr_cols = parent::queryNumCols();
echo "<center><table border=1 width={$this->tableWidth} bordercolor={$this->borderColor} cellpadding={$this->cellPadding} cellspacing={$this->cellSpacing}>\n";
// Get Column Headers ---------------
if ($this->showHeader == 1 && $this->customHeader == "") {
$this->sql = "SHOW COLUMNS FROM `{$tablename}`";
$this->colOut = parent::query2DArray($this->sql);
$this->nr_rows2 = count($this->colOut);
echo "<tr>";
for ($i = 0; $i < $this->nr_rows2; $i++) {
echo "<td><center><b>" . $this->colOut[$i][0] . "</b></center></td>";
}
echo "</tr>\n";
} elseif ($this->showHeader == 1 && $this->customHeader != "") {
$cHeader = explode("|", $this->customHeader);
$this->nr_rows2 = count($cHeader);
echo "<tr>";
for ($i = 0; $i < $this->nr_rows2; $i++) {
echo "<td><center><b>" . $cHeader[$i] . "</b></center></td>";
}
echo "</tr>\n";
}
// Show Detail ----------------------
for ($i = 0; $i < $this->nr_rows; $i++) {
echo "<tr>";
for ($j = 0; $j < $this->nr_cols; $j++) {
echo "<td> " . $this->rowOut[$i][$j] . "</td>\n";
}
echo "</tr>\n";
}
echo "<br><br><tr><td colspan={$this->nr_cols}><center>\n";
if ($this->start > 0) {
echo "<a href=\"" . $_SERVER['PHP_SELF'] . "?st=" . ($this->start - $this->perPage) . "\"><b><<</b></a>";
}
echo " <b> | </b> <a href=\"" . $_SERVER['PHP_SELF'] . "?st=" . (strval($this->start) + strval($this->perPage)) . "\"><b>>></b></a>";
echo "</center></tr>\n";
echo "</table></center>\n<br><br>\n";
parent::closeConnection();
}
$password = $security->makeSafe($_POST['password']);
if (empty($name) || empty($password)) {
$response['status'] = '403';
$response['message'] = 'Name and password cannot be blank.';
echo json_encode($response);
return;
}
if (dbClass::editPassword($id, $name, $password)) {
$response['status'] = '200';
$response['message'] = 'Password has been successfully updated for ' . $name . '.';
if (isset($_POST['file'])) {
$file = $_POST['file'];
if (dbClass::query('DELETE FROM files WHERE password_id="' . $id . '"')) {
foreach ($file as $fl) {
$filename = array_pop(explode('/', $fl));
if (dbClass::query('INSERT INTO files (password_id, file) VALUES ("' . $id . '", "' . $filename . '")')) {
$response['status'] = '200';
$response['message'] = 'Password has been successfully updated for ' . $name . '.';
} else {
$response['status'] = '500';
$response['message'] = 'Could not save the password.';
}
}
} else {
$response['status'] = '500';
$response['message'] = 'Could not edit files.';
echo json_encode($response);
return;
}
}
} else {
<?php
$data = new dbClass();
$fdate = new dateClass();
/*$firstName = $_POST[firstName];
$lastName = $_POST[lastName];
*/
if (@isset($_REQUEST[member_status])) {
@($status = $_REQUEST[member_status]);
$memberstatus = $data->GetArrData($status);
} else {
$memberstatus = "'3'";
}
if (@isset($_REQUEST[discharge])) {
@($discharge = $_REQUEST[discharge]);
} else {
$discharge = "N";
}
$countmember = $data->GetStringData("select count(distinct p.person_id) as cc\r\n from person p\r\n join clinicmember c on c.hn=p.patient_hn\r\n join clinic_member_status cs on cs.clinic_member_status_id=c.clinic_member_status_id\r\n where c.clinic='" . $_REQUEST['clinic'] . "' and c.clinic_member_status_id in ({$memberstatus}) and c.discharge='" . $discharge . "' ");
?>
<form id='fdmlist' name='fdmlist' method="POST" action="#">
<input name="clinic" type="hidden" value="<?php
echo $_REQUEST['clinic'];
<?php
include '../../includes/conf.ini.php';
include '../../includes/DBConn.php';
include '../../includes/function.php';
include '../../includes/dateClass.php';
$data = new dbClass();
$pcucode = $_POST['pcucode'];
$visitno = $_POST['visitno'];
$diagnote = $_POST['diagnote'];
$doctor = $_POST['doctor'];
$flagservice = $data->GetStringData("select flagservice as cc from visit where visitno='{$visitno}' ");
if ($flagservice == '00') {
$sqlflag = "update visit set flagservice='02' where visitno='" . $_POST['visitno'] . "'";
$db->exec($sqlflag);
}
$sql = "update visit set diagnote='" . $diagnote . "',username='******' where visitno='" . $visitno . "'";
$db->exec($sql);
$json_status = array("status" => 'OK');
echo json_encode($json_status);
<h2>Permissions created by <?php
echo $query['username'];
?>
</h2>
<table class='table' style='width: 100%;margin:auto' align='center'>
<tr>
<th style='text-align:center'>ID</th>
<th style='text-align:center'>Name</th>
<th style='text-align:center'>Password</th>
<th style='text-align:center'>Created</th>
<th> </th>
</tr>
<?php
foreach (dbClass::getPasswordsByAdminId($id) as $password) {
?>
<tr>
<td style='text-align:center'><?php
echo $password['id'];
?>
</td>
<td style='text-align:center'><?php
echo $password['name'];
?>
</td>
<td style='text-align:center'><?php
echo $password['password'];
?>
</td>
<td style='text-align:center'><?php
<?php
/*
* Fallback handler (archaic browsers with no File API will send requests here by default form submitting)
*/
include_once '../gears/config.php';
include_once $cfg['realpath'] . '/gears/headers.php';
include_once $cfg['realpath'] . '/gears/bootstrap.php';
include_once $cfg['realpath'] . '/gears/functions.php';
include_once $cfg['realpath'] . '/gears/l18n.php';
include_once $cfg['realpath'] . '/gears/db.php';
$_ts = microtime_float();
// смотрим язык пользователя
$cfg['ln'] = getClientLang();
// создаем инстанс подключения к базе
$db = new dbClass($cfg['db']);
// забираем из базы опции и кладем их в конфиг
$options = $db->query("SELECT * FROM options");
// кладем в конфиг все что забрали из базы (все опции)
if (isset($options[0])) {
foreach ($options as $k => $v) {
$cfg['options'][$v->option] = $v->value;
}
}
unset($options);
// смотрим на авторизацию
include $cfg['realpath'] . '/gears/auth_init.php';
if (!empty($_FILES) && !empty($_FILES['my-file'])) {
$fileMeta = $_FILES['my-file'];
// Key was defined in 'fieldName' option
if ($fileMeta['type'] == 'image/png') {
<?php
require_once '../../classes/dbClass.php';
if (isset($_GET['id'])) {
$id = $_GET['id'];
if (dbClass::getUserById($id)) {
if (dbClass::deleteUser($id)) {
header('location: index.php');
} else {
header('location: index.php');
}
} else {
header('location: index.php');
}
} else {
header('location: index.php');
}
{
$difference = time() - $timestamp;
//echo "<br>".$difference."<br>";
return $difference;
}
include "whoisonline_config.php";
include "dbclass.php";
$count = 0;
if ($_SESSION['entrytime'] == "") {
$_SESSION['entrytime'] = time();
}
if (file_exists("install.php")) {
echo "Who Is Online Security:<br>Please Remve <b>install.php</b>.";
exit;
}
$db1 = new dbClass();
$db1->setDBVars($dbhost, $dbname, $dbuser, $dbpass);
$db1->openConnection();
$ip = $_SERVER['REMOTE_ADDR'];
$sql = "SELECT COUNT(*) FROM `{$dbname}`.`{$dbtable}` WHERE `ip`='{$ip}';";
$rowOut = $db1->queryRowArray($sql);
$ip_exists = $rowOut[0];
if ($ip_exists > 0) {
$sql = "SELECT COUNT(*) FROM `{$dbname}`.`{$dbtable}`";
$rowOut = $db1->queryRowArray($sql);
$count = $rowOut[0];
} else {
$db1->execCommand("INSERT INTO `{$dbname}`.`{$dbtable}` (`ip`) VALUES ('{$ip}');");
$sql = "SELECT COUNT(*) FROM `{$dbname}`.`{$dbtable}`;";
$rowOut = $db1->queryRowArray($sql);
$count = $rowOut[0];
<?php
include '../../includes/conf.ini.php';
include '../../includes/DBConn.php';
include '../../includes/function.php';
include '../../includes/dateClass.php';
$data = new dbClass();
$pcucode = $_POST['pcucode'];
$visitno = $_POST['visitno'];
$icd10 = strtoupper($_POST['icd10']);
$icd_check = $data->GetStringData("select count(diseasecode) as cc from cdisease where diseasecode='" . $icd10 . "' and validscore='y' ");
$icd2 = $data->GetStringData("select count(diagcode) as cc from visitdiag where visitno='" . $_POST['visitno'] . "' and diagcode='" . $icd10 . "' ");
if ($icd_check < 1) {
$status = "ICD10";
} elseif ($icd2 > 0) {
$status = "ICD102";
} else {
$status = "OK";
}
$flagservice = $data->GetStringData("select flagservice as cc from visit where visitno='{$visitno}' ");
if ($flagservice == '00') {
$sqlflag = "update visit set flagservice='02' where visitno='" . $_POST['visitno'] . "'";
$db->exec($sqlflag);
}
if ($data->GetStringData("select count(diagcode) as cc from visitdiag where visitno='" . $_POST['visitno'] . "' and dxtype='01' ") < 1) {
$diag = "insert into visitdiag(pcucode,visitno,diagcode,conti,clinic,dxtype,dateupdate,doctordiag) \r\n values('" . $pcucode . "','" . $_POST['visitno'] . "','" . $icd10 . "','0','00','01',DATE_FORMAT(NOW(),'%Y-%m-%d %H:%i:%s'),'" . $_POST['doctor'] . "')";
} else {
$diag = "insert into visitdiag(pcucode,visitno,diagcode,conti,clinic,dxtype,dateupdate,doctordiag) \r\n values('" . $pcucode . "','" . $_POST['visitno'] . "','" . $icd10 . "','0','00','04',DATE_FORMAT(NOW(),'%Y-%m-%d %H:%i:%s'),'" . $_POST['doctor'] . "')";
}
$db->exec($diag);
$json_status = array("status" => $status);
<?php
if (isset($_COOKIE['loggedIn']) && $_COOKIE['loggedIn'] == true) {
require_once 'backend/classes/dbClass.php';
$userId = $_COOKIE['userId'];
$loggedIn = $_COOKIE['loggedIn'];
if (!dbClass::getPasswordById($userId)) {
header('Location: index.html');
}
} else {
header('Location: index.html');
}
$url = 'http://' . $_SERVER['SERVER_NAME'];
?>
<!DOCTYPE html>
<html>
<head lang="en">
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1">
<title>Exertis Library</title>
<!-- Include our stylesheet -->
<link href="assets/css/styles.css" rel="stylesheet"/>
</head>
<body>
<div class="overlay"></div>
$response['message'] = 'Invalid email address';
echo json_encode($response);
return;
}
if (!empty($password) && strlen($password) < 4) {
$response['status'] = '403';
$response['message'] = 'Password should be at least 4 characters.';
echo json_encode($response);
return;
}
if (empty($password)) {
if (dbClass::editUser($id, $username, $email)) {
$response['status'] = '200';
$response['message'] = 'User has been successfully ' . $username . '.';
} else {
$response['status'] = '500';
$response['message'] = 'Could not edit the user.';
}
} else {
$password = $security->hashPwd($password);
if (dbClass::editUserWithPwd($id, $username, $email, $password)) {
$response['status'] = '200';
$response['message'] = 'User has been successfully ' . $username . '.';
} else {
$response['status'] = '500';
$response['message'] = 'Could not edit the user.';
}
}
echo json_encode($response);
return;
}
<?php
include_once '../gears/config.php';
include_once $cfg['realpath'] . '/gears/headers.php';
include_once $cfg['realpath'] . '/gears/bootstrap.php';
include_once $cfg['realpath'] . '/gears/functions.php';
include_once $cfg['realpath'] . '/gears/l18n.php';
include_once $cfg['realpath'] . '/gears/db.php';
//header('Content-type: application/json');
$_ts = microtime_float();
// смотрим язык пользователя
$cfg['ln'] = getClientLang();
// создаем инстанс подключения к базе
$db = new dbClass($cfg['db']);
// забираем из базы опции и кладем их в конфиг
$options = $db->query("SELECT * FROM options");
// кладем в конфиг все что забрали из базы (все опции)
if (isset($options[0])) {
foreach ($options as $k => $v) {
$cfg['options'][$v->option] = $v->value;
}
}
unset($options);
// смотрим на авторизацию
include $cfg['realpath'] . '/gears/auth_init.php';
if ($user['rankname'] != 'support' && $user['rankname'] != 'admin' && $user['rankname'] != 'shipper') {
exit('Запрещено!');
}
// фильтруем входящие данные
$idItem = filter_input(INPUT_POST, 'idItem', FILTER_VALIDATE_INT);
$parentId = filter_input(INPUT_POST, 'parentMenuId', FILTER_VALIDATE_INT);
<?php
require_once "../../lib/config.php";
require_once "../../lib/dbclass.php";
$fileID = $_GET['fileId'];
$file_upname = $_GET['fileUpName'];
if (@unlink($file_real_path . $file_upname)) {
$sql = "delete from file_data\n\t\t\twhere file_id = " . $fileID;
$db = new dbClass($db_username, $db_password, $db_database, $db_hostname);
$db->start();
if ($db->query($sql)) {
echo "ok";
} else {
echo "no";
}
} else {
echo "no";
}
$db->close();