function storeData($sql, $eMore)
{
$eMore = "";
$hn = 'localhost';
$user = '******';
$pw = 'password123';
$cn = MySQL_connect($hn, $user, $pw);
if ($cn) {
$dbname = 'advocacy_db';
$connect = MySQL_select_db($dbname);
if ($connect) {
$return = MySQL_query($sql, $cn);
if ($return == TRUE) {
//success...
} else {
$eMore .= "Query (return) was not successful.\n";
//error...
}
MySQL_close($cn);
} else {
$eMore .= "DB selection was not successful.\n";
}
} else {
$eMore .= "Connection to db was not successful.\n";
}
return $eMore;
}
function show_search_results()
{
global $user, $config, $keyword, $search_mode, $page_name;
#santize sql keyword in case anyone reads xkcd...
$keyword = mysql_real_escape_string($keyword);
#perform the search
#full text search in boolean mode
#$sql = "SELECT * from files where MATCH(path, file) AGAINST('$keyword' in boolean mode)"; #<<----- orignal search command
$sql = 'SELECT DISTINCT ' . $config[dbfiles] . '.ip, ' . $config[dbhosts] . '.name, ' . $config[dbhosts] . '.online, path, file, size, MATCH(path, file) AGAINST("' . $keyword . '") AS relevance
FROM ' . $config[dbfiles] . '
JOIN ' . $config[dbhosts] . ' ON ' . $config[dbhosts] . '.ip = ' . $config[dbfiles] . '.ip
WHERE MATCH(path, file) AGAINST("' . $keyword . '" IN BOOLEAN MODE)';
#add file type filters if requested
#video needs to be bigger than 1MB, this eliminates most spurious results. I don't think a filesize filter can be applied to music though without
#adverse effects
if ($search_mode == 'video') {
$sql = $sql . ' AND (file LIKE "%.avi" OR file LIKE "%.mpg" OR file LIKE "%.mpeg" OR file LIKE "%.ogm" OR file LIKE "%.wmv" OR file LIKE "%.mkv" OR file LIKE "%.mp4" OR file LIKE "%.ogg" OR file LIKE "%.ogv") AND (size > 1000000)';
}
if ($search_mode == 'music') {
$sql = $sql . ' AND (file LIKE "%.mp3" OR file LIKE "%.ogg" OR file LIKE "%.aac" OR file LIKE "%.mp4" OR file LIKE "%.wav" OR file LIKE "%.flac" OR file LIKE "%.m4a" OR file LIKE "%.oga")';
}
if ($search_mode == 'documents') {
$sql = $sql . ' AND (file LIKE "%.doc" OR file LIKE "%.xls" OR file LIKE "%.ppt" OR file LIKE "%.pdf" OR file LIKE "%.odt" OR file LIKE "%.txt" OR file LIKE "%.rtf" OR file LIKE "%.ods" OR file LIKE "%.odp")';
}
if ($search_mode == 'disk_images') {
$sql = $sql . ' AND (file LIKE "%.iso" OR file LIKE "%.bin" OR file LIKE "%.cue" OR file LIKE "%.vdi" OR file LIKE "%.vhd" OR file LIKE "%.wim" OR file LIKE "%.ima" OR file LIKE "%.img")';
}
#remove nuisance files (thumbs.db, .lnk files, etc.)
#I doubt anyone wants to look for these
#add another condition if theres a type of usless file that's spoiling search results
#we have to be careful not to make this too strict though as there is no intuitive option to disable it yet
if ($_GET['spamfilter']) {
$sql = $sql . ' AND (file NOT LIKE "%.db" AND file NOT LIKE "%.ini" AND file NOT LIKE "%.dll" AND file NOT LIKE "%.lnk" AND file NOT LIKE "%.scf" AND file NOT LIKE "%.DS_Store%" AND file NOT LIKE ".directory" AND file NOT LIKE "folder.jpg" AND file NOT LIKE "AlbumArt_%" AND file NOT LIKE "AlbumArtSmall.jpg" )';
}
#order the results with preferance for online hosts
#then by relevance
$sql = $sql . ' ORDER BY (' . $config[dbhosts] . '.online = 1) DESC, relevance DESC';
#dispaly all films on network if this is requested. have moved this after the order by line as having it before causes errors (relevance DESC is
#meaningless as this query string doesn't have a relevance variable)
if ($search_mode == 'all_films') {
$sql = 'SELECT DISTINCT ' . $config[dbfiles] . '.ip, ' . $config[dbhosts] . '.name, ' . $config[dbhosts] . '.online, path, file, size
FROM ' . $config[dbfiles] . '
JOIN ' . $config[dbhosts] . ' ON ' . $config[dbhosts] . '.ip = ' . $config[dbfiles] . '.ip
WHERE (size > 600000000) AND (file LIKE "%.avi" OR file LIKE "%.mpg" OR file LIKE "%.mpeg" OR file LIKE "%.ogm" OR file LIKE "%.wmv" OR file LIKE "%.mkv" OR file LIKE "%.mp4" OR file LIKE "%.ogg" OR file LIKE "%.ogv") ORDER BY (' . $config[dbhosts] . '.online = 0), (' . $config[dbfiles] . '.file)
';
#online then offline, each alphabetical
}
if ($search_mode == 'extension') {
$sql = 'SELECT DISTINCT ' . $config[dbfiles] . '.ip, ' . $config[dbhosts] . '.name, ' . $config[dbhosts] . '.online, path, file, size
FROM ' . $config[dbfiles] . '
JOIN ' . $config[dbhosts] . ' ON ' . $config[dbhosts] . '.ip = ' . $config[dbfiles] . '.ip
WHERE (file LIKE "%.' . $keyword . '") ORDER BY (' . $config[dbhosts] . '.online = 0), (' . $config[dbfiles] . '.file)
';
#online then offline, each alphabetical
}
if ($search_mode == 'show_my_files') {
$sql = 'SELECT DISTINCT ' . $config[dbfiles] . '.ip, ' . $config[dbhosts] . '.name, ' . $config[dbhosts] . '.online, path, file, size
FROM ' . $config[dbfiles] . '
JOIN ' . $config[dbhosts] . ' ON ' . $config[dbhosts] . '.ip = ' . $config[dbfiles] . '.ip
WHERE ' . $config[dbfiles] . '.ip like "' . $user->info[ip] . '"';
}
#send query to mysql
$res = MySQL_query($sql);
?>
<?php
if (mysql_num_rows($res) > 0) {
if ($search_mode != 'show_my_files') {
if ($user->can_use_site == false) {
echo '<a href="wiki/index.php?title=Sharing">Share</a> your files to activate these links<br><br>';
}
if ($user->can_use_site == true and $user->can_see_computers == false) {
echo '<a href="wiki/index.php?title=Sharing">Share</a> your files to see the computer names<br><br>';
}
}
}
?>
<table>
<tr>
<td align="left"><b>File</b></td>
<td align="center"><b>Computer</b></td>
<td align="center"><b>Size (MB)</b></td>
</tr>
<?php
#put the results into a table, with clickable links for each file
$table_row_number = 0;
while ($row = MySQL_fetch_array($res)) {
#colour the table rows alternately, and grey out offline computers
$online_status = $row['online'] ? 'online' : 'offline';
$even_or_odd = $table_row_number % 2 ? 'even' : 'odd';
$class = 'class = "' . $online_status . '_' . $even_or_odd . '"';
if (eregi("windows", $_SERVER['HTTP_USER_AGENT'])) {
$file_link = 'file://///' . $row['ip'] . '\\' . str_replace('/', '\\', $row['path']) . '\\';
$computer_link = 'file://///' . $row['ip'] . '/';
} else {
$file_link = 'smb://' . $row['ip'] . '/' . $row['path'] . '/';
$computer_link = 'smb://' . $row['ip'] . '/';
}
echo "<tr {$class} >";
#link to file
echo '<td>';
if ($user->can_use_site or $search_mode == 'show_my_files') {
echo '<a class=' . $online_status . ' href="' . $file_link . '">' . $row['file'] . '</a>';
} else {
echo $row['file'];
}
echo '</td>';
#link to computer
echo '<td align="center">';
if ($user->can_use_site and $user->can_see_computers or $search_mode == 'show_my_files') {
echo '<a class=' . $online_status . ' href="' . $computer_link . '">' . $row['name'] . '</a>';
} else {
echo '?';
}
echo '</td>';
#size of file
echo '<td align="center">';
echo round($row['size'] / 1000000, 2);
echo '</td>';
echo '</tr>';
#produce readable HTML by having a new line here
echo "\r\n";
#increment row count
$table_row_number++;
}
echo '</table>';
#show the number of files
if (mysql_num_rows($res) == 0) {
echo '<h3 align="center">';
echo '0 files found';
echo '</h3>';
}
}
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU Affero General Public License for more details.
#
# You should have received a copy of the GNU Affero General Public License
# along with Trufflepig. If not, see <http://www.gnu.org/licenses/>.
?>
<?php
echo '<?xml version="1.0" encoding="ISO-8859-1"?>';
?>
<?php
include 'common.php';
$sql = 'SELECT author, message, time, ip FROM ' . $config[dbwall] . ' ORDER BY time DESC LIMIT 40';
$wall = MySQL_query($sql);
?>
<rss version="2.0">
<channel>
<?php
echo "\r\n";
echo '<title>' . $config[website_name] . '</title>';
echo '<link>' . $config[web_address] . '</link>';
echo '<description>Feed for comments on the ' . $config[website_name] . ' wall</description>';
echo "\r\n";
while ($row = MySQL_fetch_array($wall)) {
echo '<item>';
echo '<title>' . safe_html($row['author']) . '</title>';
private function connect()
{
$this->conn = mysql_connect($this->db_host, $this->db_user, $this->db_pass) or die("数据库连接错误");
MySQL_query("SET NAMES 'UTF8'");
mysql_select_db($this->db_database, $this->conn) or die("没有找到" . $this->db_database . "这个数据库");
}
<?php
require 'config/config.php';
require_once CORE_DIR . '/kernel.php';
mysql_connect(DB_HOST, DB_USER, DB_PASSWORD);
MySQL_query("SET NAMES 'utf8'");
mysql_select_db(DB_NAME);
class tools extends kernel
{
var $system;
var $db;
function tools()
{
parent::kernel();
$this->system =& $GLOBALS['system'];
$this->db =& $this->system->database();
}
function updateGoodsIntro($newURL, $oldURL)
{
$table = DB_PREFIX . 'goods';
$sql = "update " . $table . " set intro=replace(intro,'" . $oldURL . "','" . $newURL . "')";
mysql_query($sql);
}
}
$do = new tools();
if ($_POST['submit']) {
$newURL = trim($_POST['newURL']);
$oldURL = trim($_POST['oldURL']);
$do->updateGoodsIntro($newURL, $oldURL);
echo '修改成功!';
} else {
public function getConn()
{
//建立数据库的连接
$this->conn = MySQL_query($this->username, $this->username, $this->userpwd);
return $this->conn;
}
function blog_visit_fnc($blog_id, $visit_id, $cookie_val, $connect)
{
$n_date = date('Ymd');
//하루 동안 부여하는 쿠키가 없을 때, 즉 오늘 처음 올 때
if (!$cookie_val) {
$chk = "select vnum from blog_visit_count where user_id = '{$blog_id}' And visit_date='{$n_date}'";
$cres = mysql_query($chk, $connect);
$crows = mysql_fetch_array($cres);
//온ㄹ ㅏ운터가 있으면 업데이트
if ($crows) {
$qry2 = "update blog_visit_count set visit_count = visit_count+1\r\n\t\t\t where user_id = '{$blog_id}'And visit_date = '{$n_date}'";
$res2 = MySQL_query($qry2, $connect);
} else {
//데이터가 없으면 INSERT
$qry2 = "insert into blog_visit_count(user_id,visit_date, visit_count)values('{$blog_id}','{$n_date}',1)";
$res2 = mysql_query($qry2, $connect);
}
}
//새로 쿠키를 부여
SetCookie("v_id", $n_date, time() + 3600 * 24, "/");
//자신이 아닌 로그인된 사용자가 접속했을 때
if ($visit_id && $visit_id != $blog_id) {
//오늘 ㅓㅂ속한 사용자가 있는지 확인
$chk = "select mnum from blog_visit_member where user_id = '{$blog_id}'And\r\n\t\tvisit_date='{$n_date}'And\r\n\t\tvisit_id = '{$visit_id}";
$cres = MySQL_query($chk, $connect);
$crows = mysql_fetch_array($cres);
//오늘 방문 기록이 없을 경우에만 저장
if (!$crows) {
$qry2 = "insert into blog_visit_member(user_id,visit_date,visit_id)\r\n\t\t\tvalues('{$blog_id}','{$n_date}','{$visit_id}')";
$res2 = MySQL_query($qry2, $connect);
}
}
}
//for each user get contacts
$q = "select contact from " . $config->table_location . " where username='******'";
$res2 = mySQL_query($q);
if (!$res2) {
echo "error in SQL query, line: " . __LINE__ . "\n";
continue;
}
$send_na = true;
unset($user_icao_cache);
$user_icao_cache = array();
//for each contact get meter data and send it
while ($row2 = MySQL_Fetch_Object($res2)) {
$domain = $reg->get_domainname($row2->contact);
//get icao for domain
$q = "select icao from " . $config->table_netgeo_cache . " where domainname='{$domain}'";
$res3 = MySQL_query($q);
if (!$res3) {
echo "error in SQL query, line: " . __LINE__ . "\n";
continue;
}
$row3 = MySQL_Fetch_Object($res3);
if (!$row3) {
continue;
}
$icao = $row3->icao;
// if domain isn't in cache, continue with next contact
if (!$icao) {
continue;
}
// if icao for this domain isn't in cache, continue with next contact
if (in_array($icao, $user_icao_cache)) {
function change_hitcount()
{
global $config;
if ($this->info[hit_count] != -1) {
if ($this->info[total_size] <= $config[cut_off]) {
if ($config[encourage] == true) {
$sql = 'update ' . $config[dbhosts] . ' set hit_count = hit_count + 1 where ip like "' . $this->info[ip] . '"';
$res = MySQL_query($sql);
$this->info[hit_count] = $this->info[hit_count] + 1;
}
} else {
if ($this->info[hit_count] > round($config[max_hit] / 2, 0)) {
$this->info[hit_count] = round($config[max_hit] / 2, 0);
$sql = 'update ' . $config[dbhosts] . ' set hit_count = ' . $this->info[hit_count] . ' where ip like "' . $this->info[ip] . '"';
$res = MySQL_query($sql);
}
}
}
}
function zobrazdielo($subor, $nazov, $autor, $koment, $id)
{
echo '<table class="hra-galerydetail"><tr>';
echo '<td width="40%"><a href="diela/', $subor, '"><img src="diela/', $subor, '" style="border: 1px solid black; max-width:500px;" alt="' . htmlspecialchars($nazov) . '" /></a></td><td valign="top">';
echo '<h2>', $nazov, '</h2>';
echo '<strong>autor:</strong> ', $autor, '<br />';
echo '<strong>komentár:</strong> ', $koment;
$q = MySQL_query("SELECT COUNT(*) FROM hra_galeria_hlasy WHERE reg='" . mysql_escape_string($_SESSION['logname']) . "';");
$pocet = MySQL_result($q, 0);
$q = MySQL_query("SELECT COUNT(*) FROM hra_galeria_hlasy WHERE galid={$id} AND reg='" . mysql_escape_string($_SESSION['logname']) . "';");
$uzsom = MySQL_result($q, 0);
if ($uzsom == 1) {
echo '<br /><br />Za toto dielo si už hlasoval';
} elseif ($autor == 'zenitova_sestra' or $autor == 'Zenit') {
echo '';
} elseif ($_SESSION['logged'] == 0) {
echo '';
} elseif ($pocet < 2) {
echo '<br /><br /><a href="hra.php?action=hlasujw&hlas=' . $id . '">hlasuj za toto dielo</a> (máš ešte ' . (2 - $pocet) . ' hlasy)';
} else {
echo '<br /><br />už si hlasoval 2x';
}
echo '</td></tr></table>';
}
<?php
$userid = $_GET['userid'];
$btype = $_GET['btype'];
$dbs = MySQL_connect("192.168.234.129", "toryzen", "q1w2e3r4");
MySQL_select_db("qqnotic", $dbs);
mysql_query("set names utf8");
$now = time();
if ($userid && $btype) {
$sql1 = "INSERT INTO qqnotic VALUES ('NULL','{$btype}','{$userid}','',0,'{$now}',0)";
$result = MySQL_query($sql1);
echo "ok";
} else {
echo "erro";
}
mysql_close($dbs);
