function InsertVk($k, $uk)
{
$con = GetMyConnection();
$query = sprintf("insert into url_query(queried_key,user_key) values('%s','%s')", mysql_real_escape_string($k), mysql_real_escape_string($uk));
$result = mysql_query($query, $con);
CleanUpDB();
}
protected function searchSelect($kwString = '')
{
//----------------------------------------------------------------------------------------
$kwa = split(',', $kwString);
//print_r($kwa);
include_once 'inc/db_link.php';
$sqlplus = '';
foreach ($kwa as $k => $w) {
$w = mysql_real_escape_string($w, GetMyConnection());
if ($k + 1 < count($kwa)) {
$sqlplus .= $w . '%" OR LIKE "%';
} else {
$sqlplus .= $w . '%"';
}
}
//---------------------------------------------------------------------------------------
$query = 'select * from sr_ads WHERE (sr_ads.sr_adtitle LIKE "%' . $sqlplus . ') OR (sr_ads.sr_addescription LIKE "%' . $sqlplus . ')';
$kwString;
$kwAry;
$sqlBaseStr;
$sqlPlusStr;
//$res = mysql_query("SELECT * FROM $this->table WHERE <PUTYOURWHERECLAUSEHERE>" . $this->orderbystr, $this->conn) or die(mysql_error());
$res = mysql_query($query . $this->orderbystr, GetMyConnection()) or die(mysql_error());
return $res;
}
function getRoleUsers($roleId)
{
// $roles=array("General director", "Financial director", "Financial controller", "Financial", "Department leader", "Initiator");
$names = "";
$query = "SELECT fullname FROM employee WHERE role=" . $roleId . "";
$res = mysqli_query(GetMyConnection(), $query);
while ($row = mysqli_fetch_assoc($res)) {
$names .= "<option>" . $row["fullname"] . "</option>";
}
return $names;
}
function sqlDesc($t)
{
$query = sprintf("DESCRIBE %s", mysql_real_escape_string($t, GetMyConnection()));
// Perform Query
$result = mysql_query($query, GetMyConnection());
// Check result
// This shows the actual query sent to MySQL, and the error. Useful for debugging.
if (!$result) {
$message = 'Invalid query: ' . mysql_error() . "\n";
$message .= 'Whole query: ' . $query;
die($message);
} else {
return $result;
}
}
public function get_login_data($login, $password)
{
include_once './php/conn.php';
// include_once './php/auth_ldap.php';
$FISH = 'JHENEK';
if (isset($login) && isset($password)) {
$query = mysqli_query(GetMyConnection(), "SELECT * FROM employee WHERE username='******' AND password='******' LIMIT 1");
if (mysqli_num_rows($query)) {
$row = mysqli_fetch_assoc($query);
return $row;
} else {
//Any auth
}
} else {
return null;
}
}
public function get_user_data($id)
{
include_once './php/conn.php';
// include_once './php/auth_ldap.php';
$FISH = 'JHENEK';
if (isset($id)) {
$query = mysqli_query(GetMyConnection(), "SELECT em.fullname as fullname, em.id as id, dp.name as department, em.position FROM employee as em Left Join departments as dp on em.department_id=dp.id WHERE em.id='" . $id . "'");
if (mysqli_num_rows($query)) {
$row = mysqli_fetch_assoc($query);
return $row;
} else {
//Any auth
}
} else {
return null;
}
}
function build()
{
//build the form
#
# make the elements
#
//$this->codeString = '';
$trads = new tradtool();
$tc = $trads->dbLoadStrings();
$this->count = 0;
//echo('-> devideAt has ' . count($this->devideAt) . ' elements. <br/>');
while ($row = $this->formDesc) {
$showelement = false;
/* echo 'Row ' . $row['Field'];
echo '| ' . $row['Type'];
echo '| ' . $row['Default'] . '<br />';*/
// ok, so make form elements...
$n = $row['Field'];
// test element...
$showelement = $this->displaytest($n);
if ($showelement) {
if ($this->hidetest($n)) {
$f = new formelement();
$this->count++;
if (is_array($this->devideAt) && $this->inblock == 0) {
//echo("-> opening " . $this->devideType . " for " . $n . " at element " . $this->count . ". <br />");
$this->openFormPart();
$this->inblock = true;
}
if ($this->errortest($n) !== NULL) {
$this->codeString .= '<span class="error">' . $this->errortest($n) . '</span><br/>';
}
$rmarker = '';
$rclass = '';
if ($this->requiredtest($n)) {
$rmarker = '*';
$rclasscode = ' class="formrequired"';
}
$this->codeString .= '<label' . $rclasscode . '><!--' . $row['Field'] . '-->' . $trads->popTrad($n) . $rmarker . ': <br/>';
if ($this->selecttest($n) !== NULL) {
if ($this->forceOptsType == 's') {
// make a select object
$this->codeString .= $f->sa($n, $this->selecttest($n));
} else {
// make a menu
$this->codeString .= $f->sm($n, $this->selecttest($n));
}
} else {
// is there something to do?
if (stripos($row['Field'], 'ENUM')) {
// we need to look fo enum select options...
// first we need to define the options set...
$oa = split('_', $row['Field']);
$optstype = array_pop($oa);
$opts = array_pop($oa);
// $opts = array_slice($oa,-2);
// $opts = $opts[0];
$this->codeString .= 'looking for opts : ' . $opts . '.';
// get the options...
$query2 = sprintf('SELECT * FROM %s WHERE %s = "%s"', mysql_real_escape_string($this->optsTable, GetMyConnection()), mysql_real_escape_string($this->optstypecol, GetMyConnection()), mysql_real_escape_string($opts, GetMyConnection()));
$result2 = mysql_query($query2, GetMyConnection());
unset($opts);
// Check result
// This shows the actual query sent to MySQL, and the error. Useful for debugging.
if (!$result2) {
$message = 'Invalid query: ' . mysql_error() . "\n";
$message .= 'Whole query: ' . $query2;
die($message);
}
// build the options set... maybe...
while ($r2 = mysql_fetch_assoc($result2)) {
// make a simple val => lable array...
if ($r2['opts_labelconst'] !== '') {
// get the translated string...
$opts2[$r2['opts_labelconst']] = $r2['opts_val'];
} else {
$opts2[$r2['opts_label']] = $r2['opts_val'];
}
}
$this->codeString .= $f->sa($row['Field'], $opts2);
mysql_free_result($result2);
unset($result2, $opts2);
} elseif (stripos($row['Field'], 'SET')) {
// we need to look fo enum select options...
// first we need to define the options set...
$oa = split('_', $row['Field']);
$optstype = array_pop($oa);
$opts = array_pop($oa);
// $opts = array_slice($oa,-2);
// $opts = $opts[0];
$this->codeString .= 'looking for opts : ' . $opts . '.';
// get the options...
$query2 = sprintf('SELECT * FROM %s WHERE %s = "%s"', mysql_real_escape_string($this->optsTable, GetMyConnection()), mysql_real_escape_string($this->optstypecol, GetMyConnection()), mysql_real_escape_string($opts, GetMyConnection()));
$result2 = mysql_query($query2, GetMyConnection());
unset($opts);
// Check result
// This shows the actual query sent to MySQL, and the error. Useful for debugging.
if (!$result2) {
$message = 'Invalid query: ' . mysql_error() . "\n";
$message .= 'Whole query: ' . $query2;
die($message);
}
// build the options set... maybe...
while ($r2 = mysql_fetch_assoc($result2)) {
// make a simple val => lable array...
if ($r2['opts_labelconst'] !== '') {
// get the translated string...
$opts2[$r2['opts_labelconst']] = $r2['opts_val'];
} else {
$opts2[$r2['opts_label']] = $r2['opts_val'];
}
}
$this->codeString .= $f->sm($row['Field'], $opts2);
mysql_free_result($result2);
unset($result2, $opts2);
} else {
$this->codeString .= $f->r($row['Field'], $row['Type'], $row['Default']);
}
// if($n == $this->devideAt){ // this needs to be a strstr type call...
}
unset($f, $showelement);
$this->codeString .= '</label><br />';
}
// end hide test...
}
//end forbid test
if ($this->devidetest($n) && is_array($this->devideAt)) {
if ($this->inblock) {
//echo('--> closing block for ' . $n . '. <br/>');
$this->closeFormPart();
$this->inblock = false;
}
}
}
if ($this->inblock) {
$this->closeFormPart();
//echo('--> closing last block at ' . $n . '. <br/>');
}
//$this->close();
//$this->codeString = $this->codeString;
return $this->codeString;
}
$event = "";
if (isset($_GET["event_code"])) {
$event = $_GET["event_code"];
}
$event_code = $event;
$event_title = "";
$event_facebook_text = "";
$event_twitter_text = "";
$event_google_text = "";
$event_mail_subject = "";
$event_mail_from = "";
$event_mail_cc = "";
$event_mail_text = "";
if ($event != "") {
$query = "SELECT event_code, \n\t\t\t\t\t\tevent_name, \n\t\t\t\t\t\tevent_facebook_text, \n\t\t\t\t\t\tevent_twitter_text, \n\t\t\t\t\t\tevent_google_text, \n\t\t\t\t\t\tevent_mail_subject, \n\t\t\t\t\t\tevent_mail_from, \n\t\t\t\t\t\tevent_mail_cc, \n\t\t\t\t\t\tevent_mail_text FROM events WHERE event_code = '{$event_code}'";
$res = mysqli_query(GetMyConnection(), $query);
$events = mysqli_fetch_assoc($res);
$event_title = $events['event_name'];
$event_facebook_text = $events['event_facebook_text'];
$event_twitter_text = $events['event_twitter_text'];
$event_google_text = $events['event_google_text'];
$event_mail_subject = $events['event_mail_subject'];
$event_mail_from = $events['event_mail_from'];
$event_mail_cc = $events['event_mail_cc'];
$event_mail_text = $events['event_mail_text'];
}
echo "<form id=\"edit_event_form\">";
if ($event != "") {
echo "<h1>Evenement : {$event_title}</h1>";
} else {
echo "<h1>Nouvel evenement</h1>";
<?php
include "config.php";
include "bencode.php";
include "connection.php";
include "func.php";
$mysq_link = GetMyConnection();
$arr = array();
if (!isset($_GET['info_hash'])) {
$arr[0]['failure reason'] = "Missing info_hash";
$arr[0]['failure code'] = 100;
echo ben_encode($arr);
exit;
}
if (!isset($_GET['peer_id'])) {
$arr[0]['failure reason'] = "Missing peer_id";
$arr[0]['failure code'] = 102;
echo ben_encode($arr);
exit;
}
if (!isset($_GET['port'])) {
$arr[0]['failure reason'] = "Missing port";
$arr[0]['failure code'] = 103;
echo ben_encode($arr);
exit;
}
if (strlen($_GET['info_hash']) != 20) {
$arr[0]['failure reason'] = "Invalid infohash: infohash is not 20 bytes long";
$arr[0]['failure code'] = 150;
echo ben_encode($arr);
exit;
<?php
include 'conn.php';
$query = "SELECT `username` , `fullname`, `position`, `role`, `department` \nFROM `employee`\nORDER BY `employee`.`department` ASC, `employee`.`role` ASC";
$res = mysql_query($query, GetMyConnection());
$rows = array();
while ($row = mysql_fetch_assoc($res)) {
$rows[] = $row;
}
echo json_encode($rows);
function arrayGetUsrInfo($idsr_usrs_login = NULL)
{
$u_sql = sprintf('SELECT * FROM sr_usrs_info WHERE idsr_usrs_login = "******" LIMIT 1', mysql_real_escape_string($idsr_usrs_login, GetMyConnection()));
$u_info = mysql_query($u_sql, GetMyConnection());
while ($row = mysql_fetch_assoc($u_info)) {
$u_ary = $row;
}
//die('<pre>' . print_r($u_ary) . '</pre>');
$i_sql = sprintf('SELECT * FROM sr_usrs_data WHERE idsr_usrs_login = "******" LIMIT 1', mysql_real_escape_string($idsr_usrs_login, GetMyConnection()));
$i_info = mysql_query($i_sql, GetMyConnection());
while ($row = mysql_fetch_assoc($i_info)) {
$i_ary = $row;
}
$userinfoary = array_merge($i_ary, $u_ary);
//die('<pre>' . print_r($i_ary) . '</pre>');
return $userinfoary;
//return $u_ary;
}
function formToDB($table, $exceptions = '', $sql_type = 'insert', $sql_condition = NULL, $passedVals = NULL)
{
CleanUpDB();
GetMyConnection('operators');
// define some vars
$fields = '';
$values = '';
// format input fields into sql
// deal with passed values...
if ($passedVals == NULL) {
// insert the _POST values...
$passedVals = $_POST;
}
//foreach ($_POST as $field => $value) {
foreach ($passedVals as $field => $value) {
if (!preg_match("/{$field}, /", $exceptions)) {
$value = mysql_real_escape_string($value, GetMyConnection());
if ($sql_type == 'insert') {
$fields .= "{$field}, ";
$values .= "'{$value}', ";
} else {
$fields .= "{$field} = '{$value}', ";
}
}
}
// remove trailing ", " from $fields and $values
$fields = preg_replace('/, $/', '', $fields);
$values = preg_replace('/, $/', '', $values);
// create sql statement
if ($sql_type == 'insert') {
$sql = "INSERT INTO {$table} ({$fields}) VALUES ({$values})";
//die($sql);
} elseif ($sql_type == 'update') {
if (!isset($sql_condition)) {
echo 'ERROR: You must enter a sql condition!';
exit;
}
$sql = "UPDATE {$table} SET {$fields} WHERE {$sql_condition}";
} else {
echo 'ERROR: Invalid input for argument $sql_type: must be "insert" or "update"';
exit;
}
// execute sql
// $result = mysql_query($sql, GetMyConnection('operators'));
//die ($sql);
if (mysql_query($sql, GetMyConnection('operators'))) {
$rct = mysql_result(mysql_query('SELECT LAST_INSERT_ID()'), 0);
//if($rct){
//global $g_link;
//die($rct);
return $rct;
} else {
die(mysql_error() . 'SQL : ' . $sql);
//return false;
}
}
function keyword()
{
// keyword search...
global $PAGE, $TRADS;
$kwa = preg_split("/[\\s,]+/", $_REQUEST['keywords']);
//print_r($kwa);
include_once 'inc/db_link.php';
$sqlplus = '';
foreach ($kwa as $k => $w) {
$w = mysql_real_escape_string($w, GetMyConnection());
if ($k + 1 < count($kwa)) {
$sqlplus_ttl .= $w . '%" OR sr_ads.sr_adtitle LIKE "%';
$sqlplus_des .= $w . '%" OR sr_ads.sr_addescription LIKE "%';
} else {
$sqlplus_ttl .= $w . '%"';
$sqlplus_des .= $w . '%"';
}
}
$query = 'select * from sr_ads WHERE ((sr_ads.sr_adtitle LIKE "%' . $sqlplus_ttl . ') OR (sr_ads.sr_addescription LIKE "%' . $sqlplus_des . ')) AND sr_ads.sr_adpubdate IS NOT NULL';
//print $query;
$res = mysql_query($query, GetMyConnection());
$nRows = mysql_num_rows($res);
//print $nRows;
//$javaScript = '';
if ($nRows) {
$PAGE->header_append .= ' <link href="css/sortable_tables.css" rel="stylesheet" type="text/css" />
<script type="text/javascript" src="lib/MochiKit/MochiKit.js"></script>
<script type="text/javascript" src="Scripts/sortable_tables.js"></script>';
$PAGE->body_content .= '
<table id="sortable_table" class="datagrid">
<thead>
<tr>
<th mochi:format="str">Titre</th>
<th mochi:format="isodate">Date de Pub.</th>
<th mochi:format="str">Descriptif</th>
<th mochi:format="istr">Direction</th>
<th>Outils</th>
</tr>
</thead>
<tfoot class="invisible">
<tr>
<td colspan="0"></td>
</tr>
</tfoot>
';
$r = array();
while ($row = mysql_fetch_assoc($res)) {
//if((is_numeric($row['sr_lat']))&&(is_numeric($row['sr_lng']))){
// get stuff for the map...
$r[] = $row;
// stuff to display...
$PAGE->body_content .= '<tr><td>' . $row['sr_adtitle'] . '</td><td>' . $row['sr_adpubdate'] . '</td><td>' . $row['sr_addescription'] . '</td><td>' . $row['sr_addirection'] . '</td><td><a href="?where=ads&what=view&idsr_ads=' . $row['idsr_ads'] . '">view</a></td></tr>';
//$javaScript .= "mArray.push('{$row{'sr_lat'}};{$row{'sr_lng'}};{$row{'sr_addescription'}}')\n";
//}
}
$PAGE->body_content .= '</table>';
//print "Selected $nRows rows\n";
} else {
//print "No points found in database\n";
$PAGE->body_message .= $TRADS->popTrad('no_record_found');
}
}
<?php
include "connection.php";
$data = array();
$res = mysql_query("SELECT * FROM `events`", GetMyConnection());
while ($row = mysql_fetch_object($res)) {
$data[] = $row;
}
echo json_encode($data);
function mtrc_bool_insertUpdate($table, $exceptions = '', $sql_type = 'insert', $sql_condition = NULL)
{
// define some vars
$fields = '';
$values = '';
// format input fields into sql
foreach ($_POST as $field => $value) {
if (!preg_match("/{$field}, /", $exceptions)) {
$value = mysql_real_escape_string($value, GetMyConnection('operators'));
if ($sql_type == 'insert') {
$fields .= "{$field}, ";
$values .= "'{$value}', ";
} else {
$fields .= "{$field} = '{$value}', ";
}
}
}
// remove trailing ", " from $fields and $values
$fields = preg_replace('/, $/', '', $fields);
$values = preg_replace('/, $/', '', $values);
// create sql statement
if ($sql_type == 'insert') {
$sql = "INSERT INTO {$table} ({$fields}) VALUES ({$values})";
//die($sql);
} elseif ($sql_type == 'update') {
if (!isset($sql_condition)) {
echo 'ERROR: You must enter a sql condition!';
exit;
}
$sql = "UPDATE {$table} SET {$fields} WHERE {$sql_condition}";
} else {
echo 'ERROR: Invalid input for argument $sql_type: must be "insert" or "update"';
exit;
}
// execute sql
if (mysql_query($sql, GetMyConnection('operators'))) {
return true;
} else {
//echo mysql_error();
return false;
}
}