Example #1
0
function InsertVk($k, $uk)
{
    $con = GetMyConnection();
    $query = sprintf("insert into url_query(queried_key,user_key) values('%s','%s')", mysql_real_escape_string($k), mysql_real_escape_string($uk));
    $result = mysql_query($query, $con);
    CleanUpDB();
}
 protected function searchSelect($kwString = '')
 {
     //----------------------------------------------------------------------------------------
     $kwa = split(',', $kwString);
     //print_r($kwa);
     include_once 'inc/db_link.php';
     $sqlplus = '';
     foreach ($kwa as $k => $w) {
         $w = mysql_real_escape_string($w, GetMyConnection());
         if ($k + 1 < count($kwa)) {
             $sqlplus .= $w . '%" OR LIKE "%';
         } else {
             $sqlplus .= $w . '%"';
         }
     }
     //---------------------------------------------------------------------------------------
     $query = 'select * from sr_ads WHERE (sr_ads.sr_adtitle LIKE "%' . $sqlplus . ') OR (sr_ads.sr_addescription LIKE "%' . $sqlplus . ')';
     $kwString;
     $kwAry;
     $sqlBaseStr;
     $sqlPlusStr;
     //$res = mysql_query("SELECT * FROM $this->table WHERE <PUTYOURWHERECLAUSEHERE>" . $this->orderbystr, $this->conn) or die(mysql_error());
     $res = mysql_query($query . $this->orderbystr, GetMyConnection()) or die(mysql_error());
     return $res;
 }
Example #3
0
function getRoleUsers($roleId)
{
    //    $roles=array("General director", "Financial director", "Financial controller", "Financial", "Department leader", "Initiator");
    $names = "";
    $query = "SELECT fullname FROM employee WHERE role=" . $roleId . "";
    $res = mysqli_query(GetMyConnection(), $query);
    while ($row = mysqli_fetch_assoc($res)) {
        $names .= "<option>" . $row["fullname"] . "</option>";
    }
    return $names;
}
 function sqlDesc($t)
 {
     $query = sprintf("DESCRIBE %s", mysql_real_escape_string($t, GetMyConnection()));
     // Perform Query
     $result = mysql_query($query, GetMyConnection());
     // Check result
     // This shows the actual query sent to MySQL, and the error. Useful for debugging.
     if (!$result) {
         $message = 'Invalid query: ' . mysql_error() . "\n";
         $message .= 'Whole query: ' . $query;
         die($message);
     } else {
         return $result;
     }
 }
Example #5
0
 public function get_login_data($login, $password)
 {
     include_once './php/conn.php';
     //        include_once './php/auth_ldap.php';
     $FISH = 'JHENEK';
     if (isset($login) && isset($password)) {
         $query = mysqli_query(GetMyConnection(), "SELECT * FROM employee WHERE username='******' AND  password='******' LIMIT 1");
         if (mysqli_num_rows($query)) {
             $row = mysqli_fetch_assoc($query);
             return $row;
         } else {
             //Any auth
         }
     } else {
         return null;
     }
 }
Example #6
0
 public function get_user_data($id)
 {
     include_once './php/conn.php';
     //        include_once './php/auth_ldap.php';
     $FISH = 'JHENEK';
     if (isset($id)) {
         $query = mysqli_query(GetMyConnection(), "SELECT em.fullname as fullname, em.id as id, dp.name as department, em.position FROM employee as em Left Join departments as dp on em.department_id=dp.id WHERE em.id='" . $id . "'");
         if (mysqli_num_rows($query)) {
             $row = mysqli_fetch_assoc($query);
             return $row;
         } else {
             //Any auth
         }
     } else {
         return null;
     }
 }
Example #7
0
 function build()
 {
     //build the form
     #
     # make the elements
     #
     //$this->codeString = '';
     $trads = new tradtool();
     $tc = $trads->dbLoadStrings();
     $this->count = 0;
     //echo('-> devideAt has ' . count($this->devideAt) . ' elements. <br/>');
     while ($row = $this->formDesc) {
         $showelement = false;
         /* echo 'Row ' . $row['Field'];
            echo '| ' . $row['Type'];
            echo '| ' . $row['Default'] . '<br />';*/
         // ok, so make form elements...
         $n = $row['Field'];
         // test element...
         $showelement = $this->displaytest($n);
         if ($showelement) {
             if ($this->hidetest($n)) {
                 $f = new formelement();
                 $this->count++;
                 if (is_array($this->devideAt) && $this->inblock == 0) {
                     //echo("-> opening " . $this->devideType . " for " . $n . " at element " . $this->count . ". <br />");
                     $this->openFormPart();
                     $this->inblock = true;
                 }
                 if ($this->errortest($n) !== NULL) {
                     $this->codeString .= '<span class="error">' . $this->errortest($n) . '</span><br/>';
                 }
                 $rmarker = '';
                 $rclass = '';
                 if ($this->requiredtest($n)) {
                     $rmarker = '*';
                     $rclasscode = ' class="formrequired"';
                 }
                 $this->codeString .= '<label' . $rclasscode . '><!--' . $row['Field'] . '-->' . $trads->popTrad($n) . $rmarker . ': <br/>';
                 if ($this->selecttest($n) !== NULL) {
                     if ($this->forceOptsType == 's') {
                         // make a select object
                         $this->codeString .= $f->sa($n, $this->selecttest($n));
                     } else {
                         // make a menu
                         $this->codeString .= $f->sm($n, $this->selecttest($n));
                     }
                 } else {
                     // is there something to do?
                     if (stripos($row['Field'], 'ENUM')) {
                         // we need to look fo enum select options...
                         // first we need to define the options set...
                         $oa = split('_', $row['Field']);
                         $optstype = array_pop($oa);
                         $opts = array_pop($oa);
                         // $opts = array_slice($oa,-2);
                         // $opts = $opts[0];
                         $this->codeString .= 'looking for opts : ' . $opts . '.';
                         // get the options...
                         $query2 = sprintf('SELECT * FROM %s WHERE %s = "%s"', mysql_real_escape_string($this->optsTable, GetMyConnection()), mysql_real_escape_string($this->optstypecol, GetMyConnection()), mysql_real_escape_string($opts, GetMyConnection()));
                         $result2 = mysql_query($query2, GetMyConnection());
                         unset($opts);
                         // Check result
                         // This shows the actual query sent to MySQL, and the error. Useful for debugging.
                         if (!$result2) {
                             $message = 'Invalid query: ' . mysql_error() . "\n";
                             $message .= 'Whole query: ' . $query2;
                             die($message);
                         }
                         // build the options set... maybe...
                         while ($r2 = mysql_fetch_assoc($result2)) {
                             // make a simple val => lable array...
                             if ($r2['opts_labelconst'] !== '') {
                                 // get the translated string...
                                 $opts2[$r2['opts_labelconst']] = $r2['opts_val'];
                             } else {
                                 $opts2[$r2['opts_label']] = $r2['opts_val'];
                             }
                         }
                         $this->codeString .= $f->sa($row['Field'], $opts2);
                         mysql_free_result($result2);
                         unset($result2, $opts2);
                     } elseif (stripos($row['Field'], 'SET')) {
                         // we need to look fo enum select options...
                         // first we need to define the options set...
                         $oa = split('_', $row['Field']);
                         $optstype = array_pop($oa);
                         $opts = array_pop($oa);
                         // $opts = array_slice($oa,-2);
                         // $opts = $opts[0];
                         $this->codeString .= 'looking for opts : ' . $opts . '.';
                         // get the options...
                         $query2 = sprintf('SELECT * FROM %s WHERE %s = "%s"', mysql_real_escape_string($this->optsTable, GetMyConnection()), mysql_real_escape_string($this->optstypecol, GetMyConnection()), mysql_real_escape_string($opts, GetMyConnection()));
                         $result2 = mysql_query($query2, GetMyConnection());
                         unset($opts);
                         // Check result
                         // This shows the actual query sent to MySQL, and the error. Useful for debugging.
                         if (!$result2) {
                             $message = 'Invalid query: ' . mysql_error() . "\n";
                             $message .= 'Whole query: ' . $query2;
                             die($message);
                         }
                         // build the options set... maybe...
                         while ($r2 = mysql_fetch_assoc($result2)) {
                             // make a simple val => lable array...
                             if ($r2['opts_labelconst'] !== '') {
                                 // get the translated string...
                                 $opts2[$r2['opts_labelconst']] = $r2['opts_val'];
                             } else {
                                 $opts2[$r2['opts_label']] = $r2['opts_val'];
                             }
                         }
                         $this->codeString .= $f->sm($row['Field'], $opts2);
                         mysql_free_result($result2);
                         unset($result2, $opts2);
                     } else {
                         $this->codeString .= $f->r($row['Field'], $row['Type'], $row['Default']);
                     }
                     // if($n == $this->devideAt){ // this needs to be a strstr type call...
                 }
                 unset($f, $showelement);
                 $this->codeString .= '</label><br />';
             }
             // end hide test...
         }
         //end forbid test
         if ($this->devidetest($n) && is_array($this->devideAt)) {
             if ($this->inblock) {
                 //echo('--> closing block for ' . $n . '. <br/>');
                 $this->closeFormPart();
                 $this->inblock = false;
             }
         }
     }
     if ($this->inblock) {
         $this->closeFormPart();
         //echo('--> closing last block at ' . $n . '. <br/>');
     }
     //$this->close();
     //$this->codeString = $this->codeString;
     return $this->codeString;
 }
Example #8
0
$event = "";
if (isset($_GET["event_code"])) {
    $event = $_GET["event_code"];
}
$event_code = $event;
$event_title = "";
$event_facebook_text = "";
$event_twitter_text = "";
$event_google_text = "";
$event_mail_subject = "";
$event_mail_from = "";
$event_mail_cc = "";
$event_mail_text = "";
if ($event != "") {
    $query = "SELECT event_code, \n\t\t\t\t\t\tevent_name, \n\t\t\t\t\t\tevent_facebook_text, \n\t\t\t\t\t\tevent_twitter_text, \n\t\t\t\t\t\tevent_google_text, \n\t\t\t\t\t\tevent_mail_subject, \n\t\t\t\t\t\tevent_mail_from, \n\t\t\t\t\t\tevent_mail_cc, \n\t\t\t\t\t\tevent_mail_text FROM events WHERE event_code = '{$event_code}'";
    $res = mysqli_query(GetMyConnection(), $query);
    $events = mysqli_fetch_assoc($res);
    $event_title = $events['event_name'];
    $event_facebook_text = $events['event_facebook_text'];
    $event_twitter_text = $events['event_twitter_text'];
    $event_google_text = $events['event_google_text'];
    $event_mail_subject = $events['event_mail_subject'];
    $event_mail_from = $events['event_mail_from'];
    $event_mail_cc = $events['event_mail_cc'];
    $event_mail_text = $events['event_mail_text'];
}
echo "<form id=\"edit_event_form\">";
if ($event != "") {
    echo "<h1>Evenement : {$event_title}</h1>";
} else {
    echo "<h1>Nouvel evenement</h1>";
Example #9
0
<?php

include "config.php";
include "bencode.php";
include "connection.php";
include "func.php";
$mysq_link = GetMyConnection();
$arr = array();
if (!isset($_GET['info_hash'])) {
    $arr[0]['failure reason'] = "Missing info_hash";
    $arr[0]['failure code'] = 100;
    echo ben_encode($arr);
    exit;
}
if (!isset($_GET['peer_id'])) {
    $arr[0]['failure reason'] = "Missing peer_id";
    $arr[0]['failure code'] = 102;
    echo ben_encode($arr);
    exit;
}
if (!isset($_GET['port'])) {
    $arr[0]['failure reason'] = "Missing port";
    $arr[0]['failure code'] = 103;
    echo ben_encode($arr);
    exit;
}
if (strlen($_GET['info_hash']) != 20) {
    $arr[0]['failure reason'] = "Invalid infohash: infohash is not 20 bytes long";
    $arr[0]['failure code'] = 150;
    echo ben_encode($arr);
    exit;
Example #10
0
<?php

include 'conn.php';
$query = "SELECT `username` , `fullname`, `position`, `role`, `department` \nFROM `employee`\nORDER BY `employee`.`department` ASC, `employee`.`role` ASC";
$res = mysql_query($query, GetMyConnection());
$rows = array();
while ($row = mysql_fetch_assoc($res)) {
    $rows[] = $row;
}
echo json_encode($rows);
Example #11
0
 function arrayGetUsrInfo($idsr_usrs_login = NULL)
 {
     $u_sql = sprintf('SELECT * FROM sr_usrs_info WHERE idsr_usrs_login = "******" LIMIT 1', mysql_real_escape_string($idsr_usrs_login, GetMyConnection()));
     $u_info = mysql_query($u_sql, GetMyConnection());
     while ($row = mysql_fetch_assoc($u_info)) {
         $u_ary = $row;
     }
     //die('<pre>' . print_r($u_ary) . '</pre>');
     $i_sql = sprintf('SELECT * FROM sr_usrs_data WHERE idsr_usrs_login = "******" LIMIT 1', mysql_real_escape_string($idsr_usrs_login, GetMyConnection()));
     $i_info = mysql_query($i_sql, GetMyConnection());
     while ($row = mysql_fetch_assoc($i_info)) {
         $i_ary = $row;
     }
     $userinfoary = array_merge($i_ary, $u_ary);
     //die('<pre>' . print_r($i_ary) . '</pre>');
     return $userinfoary;
     //return $u_ary;
 }
Example #12
0
 function formToDB($table, $exceptions = '', $sql_type = 'insert', $sql_condition = NULL, $passedVals = NULL)
 {
     CleanUpDB();
     GetMyConnection('operators');
     // define some vars
     $fields = '';
     $values = '';
     // format input fields into sql
     // deal with passed values...
     if ($passedVals == NULL) {
         // insert the _POST values...
         $passedVals = $_POST;
     }
     //foreach ($_POST as $field => $value) {
     foreach ($passedVals as $field => $value) {
         if (!preg_match("/{$field}, /", $exceptions)) {
             $value = mysql_real_escape_string($value, GetMyConnection());
             if ($sql_type == 'insert') {
                 $fields .= "{$field}, ";
                 $values .= "'{$value}', ";
             } else {
                 $fields .= "{$field} = '{$value}', ";
             }
         }
     }
     // remove trailing ", " from $fields and $values
     $fields = preg_replace('/, $/', '', $fields);
     $values = preg_replace('/, $/', '', $values);
     // create sql statement
     if ($sql_type == 'insert') {
         $sql = "INSERT INTO {$table} ({$fields}) VALUES ({$values})";
         //die($sql);
     } elseif ($sql_type == 'update') {
         if (!isset($sql_condition)) {
             echo 'ERROR: You must enter a sql condition!';
             exit;
         }
         $sql = "UPDATE {$table} SET {$fields} WHERE {$sql_condition}";
     } else {
         echo 'ERROR: Invalid input for argument $sql_type: must be "insert" or "update"';
         exit;
     }
     // execute sql
     // $result = mysql_query($sql, GetMyConnection('operators'));
     //die ($sql);
     if (mysql_query($sql, GetMyConnection('operators'))) {
         $rct = mysql_result(mysql_query('SELECT LAST_INSERT_ID()'), 0);
         //if($rct){
         //global $g_link;
         //die($rct);
         return $rct;
     } else {
         die(mysql_error() . 'SQL : ' . $sql);
         //return false;
     }
 }
Example #13
0
    function keyword()
    {
        // keyword search...
        global $PAGE, $TRADS;
        $kwa = preg_split("/[\\s,]+/", $_REQUEST['keywords']);
        //print_r($kwa);
        include_once 'inc/db_link.php';
        $sqlplus = '';
        foreach ($kwa as $k => $w) {
            $w = mysql_real_escape_string($w, GetMyConnection());
            if ($k + 1 < count($kwa)) {
                $sqlplus_ttl .= $w . '%" OR sr_ads.sr_adtitle LIKE "%';
                $sqlplus_des .= $w . '%" OR sr_ads.sr_addescription LIKE "%';
            } else {
                $sqlplus_ttl .= $w . '%"';
                $sqlplus_des .= $w . '%"';
            }
        }
        $query = 'select * from sr_ads WHERE ((sr_ads.sr_adtitle LIKE "%' . $sqlplus_ttl . ') OR (sr_ads.sr_addescription LIKE "%' . $sqlplus_des . ')) AND sr_ads.sr_adpubdate IS NOT NULL';
        //print $query;
        $res = mysql_query($query, GetMyConnection());
        $nRows = mysql_num_rows($res);
        //print $nRows;
        //$javaScript = '';
        if ($nRows) {
            $PAGE->header_append .= ' <link href="css/sortable_tables.css" rel="stylesheet" type="text/css" />
        <script type="text/javascript" src="lib/MochiKit/MochiKit.js"></script>
        <script type="text/javascript" src="Scripts/sortable_tables.js"></script>';
            $PAGE->body_content .= '
		
		<table id="sortable_table" class="datagrid">
		            <thead>
                <tr>
                    <th mochi:format="str">Titre</th>
                    <th mochi:format="isodate">Date de Pub.</th>
                    <th mochi:format="str">Descriptif</th>
                    <th mochi:format="istr">Direction</th>
					<th>Outils</th>
                </tr>
            </thead>
            <tfoot class="invisible">
                <tr>
                    <td colspan="0"></td>
                </tr>
            </tfoot>
			
			';
            $r = array();
            while ($row = mysql_fetch_assoc($res)) {
                //if((is_numeric($row['sr_lat']))&&(is_numeric($row['sr_lng']))){
                // get stuff for the map...
                $r[] = $row;
                // stuff to display...
                $PAGE->body_content .= '<tr><td>' . $row['sr_adtitle'] . '</td><td>' . $row['sr_adpubdate'] . '</td><td>' . $row['sr_addescription'] . '</td><td>' . $row['sr_addirection'] . '</td><td><a href="?where=ads&what=view&idsr_ads=' . $row['idsr_ads'] . '">view</a></td></tr>';
                //$javaScript .= "mArray.push('{$row{'sr_lat'}};{$row{'sr_lng'}};{$row{'sr_addescription'}}')\n";
                //}
            }
            $PAGE->body_content .= '</table>';
            //print "Selected $nRows rows\n";
        } else {
            //print "No points found in database\n";
            $PAGE->body_message .= $TRADS->popTrad('no_record_found');
        }
    }
Example #14
0
<?php

include "connection.php";
$data = array();
$res = mysql_query("SELECT * FROM `events`", GetMyConnection());
while ($row = mysql_fetch_object($res)) {
    $data[] = $row;
}
echo json_encode($data);
 function mtrc_bool_insertUpdate($table, $exceptions = '', $sql_type = 'insert', $sql_condition = NULL)
 {
     // define some vars
     $fields = '';
     $values = '';
     // format input fields into sql
     foreach ($_POST as $field => $value) {
         if (!preg_match("/{$field}, /", $exceptions)) {
             $value = mysql_real_escape_string($value, GetMyConnection('operators'));
             if ($sql_type == 'insert') {
                 $fields .= "{$field}, ";
                 $values .= "'{$value}', ";
             } else {
                 $fields .= "{$field} = '{$value}', ";
             }
         }
     }
     // remove trailing ", " from $fields and $values
     $fields = preg_replace('/, $/', '', $fields);
     $values = preg_replace('/, $/', '', $values);
     // create sql statement
     if ($sql_type == 'insert') {
         $sql = "INSERT INTO {$table} ({$fields}) VALUES ({$values})";
         //die($sql);
     } elseif ($sql_type == 'update') {
         if (!isset($sql_condition)) {
             echo 'ERROR: You must enter a sql condition!';
             exit;
         }
         $sql = "UPDATE {$table} SET {$fields} WHERE {$sql_condition}";
     } else {
         echo 'ERROR: Invalid input for argument $sql_type: must be "insert" or "update"';
         exit;
     }
     // execute sql
     if (mysql_query($sql, GetMyConnection('operators'))) {
         return true;
     } else {
         //echo mysql_error();
         return false;
     }
 }