SQLString PHP Code Examples

Example #1

0

Show file

function process_data($type, $references, $indicators, $validate_only, $data, $logfh)
{
    $rt = array('error' => '');
    // first 3 columns of any type are required.
    $name = $data[0];
    if (in_array(strtolower($name), $indicators)) {
        $rt['error'] .= "Name already exist. ";
    }
    $question = $data[1];
    if ($question == '') {
        $rt['error'] .= "Missing required [Question] field. ";
    }
    $patterns = array('/^\\s+|\\s+$/', '/\\s+/');
    $replace = array('', ' ');
    $reference = preg_replace($patterns, $replace, strtolower($data[2]));
    $reference_id = array_search($reference, $references);
    if (!isset($reference_id) || $reference_id == 0 || $reference_id == FALSE) {
        $rt['error'] .= "Reference [" . $reference . "]" . " is not defined in the database." . " Reference1: [" . $references[0] . "]";
        $rt['status'] = 1;
    }
    $tip = $data[3];
    switch ($type) {
        case 'integer':
            $min = SQLString($data[4], 'int');
            $max = SQLString($data[5], 'int');
            $criteria = $data[6];
            $default = SQLString($data[7], 'int');
            // check min and max, should be integer
            $rt['error'] .= is_integer($min) ? '' : " Min value is required and must be integer [" . $min . "].";
            $rt['error'] .= is_integer($max) ? '' : " Max value is required and must be integer [" . $max . "].";
            $rt['error'] .= $min <= $max ? '' : " Min value [" . $min . "] must be less than or equal to Max value [" . $max . "].";
            // check criteria
            // $rt['error'] .= ! empty($criteria) ? '' : " Criteria is required.";
            // check default value
            $rt['error'] .= isset($default) && $default != "NULL" && (!is_integer($default) || ($default < $min || $default > $max)) ? " Default value [" . $default . "] must be integer and must be between Min value [" . $min . "] and Max value [" . $max . "]." : '';
            if (!empty($rt['error']) || $validate_only) {
                return $rt;
            }
            // finished check. compose sql
            $criteria = SQLString($criteria, 'text');
            $sql = sprintf("INSERT INTO answer_type_integer (min_value, max_value, default_value, criteria)\n\t\t\t\t\t\t\t\tVALUES ( %d, %d, %s, %s)", $min, $max, $default, $criteria);
            $st = mysql_query($sql);
            if (!$st) {
                $rt['error'] .= " Error insert into answer_type_integer: " . mysql_error() . "\n";
                $rt['error'] .= "\tSQL:: [" . $sql . "]\n";
            } else {
                $answer_type_id = mysql_insert_id();
                $sql = sprintf("INSERT INTO survey_indicator ( name, question, answer_type, answer_type_id, reference_id, tip,\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\tcreate_user_id, create_time)\n\t\t\t\t\t\t\t\t\tVALUES (%s, %s, %d, %d, %d, %s, %d, now())", SQLString($name, 'text'), SQLString($question, 'text'), INTEGER, $answer_type_id, $reference_id, SQLString($tip, 'text'), $_SESSION['user_id']);
                $st = mysql_query($sql);
                if (!$st) {
                    $rt['error'] .= " Error inserting into survey_indicator: " . mysql_error() . "\n";
                    $rt['error'] .= "\tSQL:: [" . $sql . "]\n";
                }
            }
            return $rt;
            break;
        case 'float':
            $min = $data[4];
            $max = $data[5];
            $criteria = $data[6];
            $default = $data[7];
            // check min and max, should be float
            $rt['error'] .= is_numeric($min) ? '' : " Min value is required and must be float [" . $min . "].";
            $rt['error'] .= is_numeric($max) ? '' : " Max value is required and must be float [" . $max . "].";
            $rt['error'] .= $min <= $max ? '' : " Min value [" . $min . "] must be less than or equal to Max value [" . $max . "].";
            // check criteria
            // $rt['error'] .= ! empty($criteria) ? '' : " Criteria is required.";
            // check default value
            $rt['error'] .= isset($default) && $default != '' && (!is_numeric($default) || ($default < $min || $default > $max)) ? " Default value [" . $default . "] must be float and must be between Min value [" . $min . "] and Max value [" . $max . "]." : '';
            if (!empty($rt['error']) || $validate_only) {
                return $rt;
            }
            // finished check. compose sql
            $criteria = SQLString($criteria, 'text');
            $default = SQLString($default, 'double');
            $sql = sprintf("INSERT INTO answer_type_float (min_value, max_value, default_value, criteria)\n\t\t\t\t\t\t\t\tVALUES ( %f, %f, %s, %s)", $min, $max, $default, $criteria);
            $st = mysql_query($sql);
            if (!$st) {
                $rt['error'] .= " Error insert into answer_type_float: " . mysql_error() . "\n";
                $rt['error'] .= "\tSQL:: [" . $sql . "]\n";
            } else {
                $answer_type_id = mysql_insert_id();
                $sql = sprintf("INSERT INTO survey_indicator ( name, question, answer_type, answer_type_id, reference_id, tip,\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\tcreate_user_id, create_time)\n\t\t\t\t\t\t\t\t\tVALUES (%s, %s, %d, %d, %d, %s, %d, now())", SQLString($name, 'text'), SQLString($question, 'text'), FLOAT, $answer_type_id, $reference_id, SQLString($tip, 'text'), $_SESSION['user_id']);
                $st = mysql_query($sql);
                if (!$st) {
                    $rt['error'] .= " Error inserting into survey_indicator: " . mysql_error() . "\n";
                    $rt['error'] .= "\tSQL:: [" . $sql . "]\n";
                }
            }
            return $rt;
            break;
        case 'text':
            $min = SQLString($data[4], 'int');
            $max = SQLString($data[5], 'int');
            $criteria = $data[6];
            // check min and max, should be integer
            $rt['error'] .= is_integer($min) ? '' : " Min length is required and must be integer [" . $min . "].";
            $rt['error'] .= is_integer($max) ? '' : " Max length is required and must be integer [" . $max . "].";
            $rt['error'] .= $min <= $max ? '' : " Min length [" . $min . "] must be less than or equal to Max length [" . $max . "].";
            // check criteria
            // $rt['error'] .= ! empty($criteria) ? '' : " Criteria is required.";
            if (!empty($rt['error']) || $validate_only) {
                return $rt;
            }
            // finished check. compose sql
            $criteria = SQLString($criteria, 'text');
            $sql = sprintf("INSERT INTO answer_type_text (min_chars, max_chars, criteria)\n\t\t\t\t\t\t\t\tVALUES ( %d, %d, %s)", $min, $max, $criteria);
            $st = mysql_query($sql);
            if (!$st) {
                $rt['error'] .= " Error insert into answer_type_text: " . mysql_error() . "\n";
                $rt['error'] .= "\tSQL:: [" . $sql . "]\n";
            } else {
                $answer_type_id = mysql_insert_id();
                $sql = sprintf("INSERT INTO survey_indicator ( name, question, answer_type, answer_type_id, reference_id, tip,\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\tcreate_user_id, create_time)\n\t\t\t\t\t\t\t\t\tVALUES (%s, %s, %d, %d, %d, %s, %d, now())", SQLString($name, 'text'), SQLString($question, 'text'), TEXT, $answer_type_id, $reference_id, SQLString($tip, 'text'), $_SESSION['user_id']);
                $st = mysql_query($sql);
                if (!$st) {
                    $rt['error'] .= " Error inserting into survey_indicator: " . mysql_error() . "\n";
                    $rt['error'] .= "\tSQL:: [" . $sql . "]\n";
                }
            }
            return $rt;
            break;
        case $type == 'single' || $type == 'multiple':
            // fields 4-11 are required since at least 2 sets are needed
            // only one set can be default
            $have_default = 0;
            $set = 0;
            $base = 4;
            $size = 4;
            while (1) {
                if (!isset($data[$base]) || $data[$base] == '') {
                    break;
                }
                $label[$set] = $data[$base];
                $score[$set] = $data[$base + 1];
                $criteria[$set] = $data[$base + 2];
                $default[$set] = strtolower($data[$base + 3]);
                if (!isset($score[$set])) {
                    $rt['error'] .= " Score for choice set " . ($set + 1) . " is required. " . " Base label: " . $data[$base] . ", Score: " . $score[$set];
                } elseif (!is_numeric($score[$set])) {
                    $rt['error'] .= " Score for choice set " . ($set + 1) . " must be a number. ";
                }
                // $rt['error'] .= ( ! empty($data[$base + 2]) ) ?
                // 			'' : " Criteria for choice set " . ($set + 1) . " is required. ";
                $rt['error'] .= $default[$set] == 'yes' || $default[$set] == 'no' ? '' : " Is_Default for choice set " . ($set + 1) . " is required and must be a value of 'YES' or 'NO' ";
                if ($default[$set] == 'yes') {
                    if ($have_default == 1 && $type == 'single') {
                        $rt['error'] .= " More than one default answer is specified for single choice type.";
                    } else {
                        $have_default = 1;
                        $default[$set] = 1;
                    }
                }
                $base = $base + $size;
                // move on to next set
                $set++;
            }
            if ($set < 2) {
                $rt['error'] .= " At least 2 sets of choices are required.";
            }
            if (!empty($rt['error']) || $validate_only == 1) {
                // have a problem or just want to validate.
                break;
            }
            // run sql
            // get an id from answer_type_choice first
            $atc_sql = "INSERT INTO answer_type_choice VALUES () ";
            $st = mysql_query($atc_sql);
            if (!$st) {
                $rt['error'] .= "Error inserting into answer_type_choice: " . mysql_error();
                return $rt;
            }
            $atc_id = mysql_insert_id();
            $weight = 1;
            $mask = 1;
            foreach ($label as $ind => $value) {
                //LABEL=>$value  SCORE=> $score[$ind] CRITERIA=>$criteria[$ind] DEFAULT=> $default[$ind]
                $atc_sql = sprintf("INSERT INTO atc_choice (answer_type_choice_id, label, score, criteria, weight, mask, default_selected)\n\t\t\t\t\t\t\t\t\t\tVALUES ( %d, %s, %d, %s, %d, %d, %d)", $atc_id, SQLString($value, 'text'), $score[$ind] * 10000, SQLString($criteria[$ind], 'text'), $weight, $mask, $default[$ind]);
                $st = mysql_query($atc_sql);
                if (!$st) {
                    $rt['error'] .= "Error inserting into atc_choice: " . mysql_error() . "\n";
                    $rt['error'] .= "\tSQL:: [" . $atc_sql . "]\n";
                    return $rt;
                }
                $weight++;
                $mask = $mask * 2;
            }
            // ready to insert survey_indicator
            $si_sql = sprintf("INSERT INTO survey_indicator (name, question, answer_type, answer_type_id, reference_id, tip, \n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\tcreate_user_id, create_time)\n\t\t\t\t\t\t\t\t\tVALUES (%s, %s, %d, %d, %d, %s, %d, now())", SQLString($name, 'text'), SQLString($question, 'text'), SINGLE, $atc_id, $reference_id, SQLString($tip, 'text'), $_SESSION['user_id']);
            $st = mysql_query($si_sql);
            if (!$st) {
                $rt['error'] .= "Error inserting into survey_indicator: " . mysql_error() . "\n";
                $rt['error'] .= "\tSQL:: [" . $si_sql . "]\n";
                return $rt;
            }
            break;
        default:
            $rt['status'] = 1;
            $rt['error'] = 'Unknown type.';
            break;
    }
    return $rt;
}

Example #2

0

Show file

File: s_special.php Project: lyhiving/mini_class

/**
 * 迷你同学录 (http://mini_class.piscdong.com/)
 * (c)PiscDong studio (http://www.piscdong.com/)
 *
 * 程序完全免费，请保留这段代码。
 * 请勿出售本程序或其修改版，请勿利用本程序或其修改版进行任何商业活动。
 */
if ($c_log && $pa == 9) {
    $title .= '特殊功能';
    if ($_SERVER['REQUEST_METHOD'] == 'POST') {
        if (isset($_POST['g_open'])) {
            $g_open = $_POST['g_open'] != 1 ? 0 : 1;
            $g_name = htmlspecialchars(trim($_POST['g_name']), ENT_QUOTES);
            $g_pwd = htmlspecialchars(trim($_POST['g_pwd']), ENT_QUOTES);
            $u_db = sprintf('update %s set g_open=%s, g_name=%s, g_pwd=%s', $dbprefix . 'main', SQLString($g_open, 'int'), SQLString($g_name, 'text'), SQLString($g_pwd, 'text'));
            $result = mysql_query($u_db) or die('');
            $e = 1;
        } elseif (isset($_POST['mgc']) && trim($_POST['mgc']) != '') {
            if (isset($a_mgc) && count($a_mgc) > 0) {
                foreach ($a_mgc as $v) {
                    if (trim($v) != '') {
                        $at_mgc[trim($v)] = trim($v);
                    }
                }
            }
            $nmgc = $g_name = htmlspecialchars(trim($_POST['mgc']), ENT_QUOTES);
            $at_mgc[trim($nmgc)] = trim($nmgc);
            $mgc_c = "<?php";
            foreach ($at_mgc as $v) {
                $mgc_c .= "\r\n\$a_mgc[]='" . $v . "';";

Example #3

0

Show file

File: camp.php Project: lyhiving/mini_class

        }
    } else {
        header('Location:./');
        exit;
    }
    mysql_free_result($q_dbc);
} else {
    if ($_SERVER['REQUEST_METHOD'] == 'POST') {
        if ($c_log) {
            $title = htmlspecialchars(trim($_POST['title']), ENT_QUOTES);
            $cont = htmlspecialchars(trim($_POST['rinfo']), ENT_QUOTES);
            $cdate = htmlspecialchars(trim($_POST['cdate']), ENT_QUOTES);
            $cloc = htmlspecialchars(trim($_POST['cloc']), ENT_QUOTES);
            $cpay = htmlspecialchars(trim($_POST['cpay']), ENT_QUOTES);
            if ($title != '') {
                $i_db = sprintf('insert into %s (title, content, cdate, cloc, cpay, aid, datetime) values (%s, %s, %s, %s, %s, %s, %s)', $dbprefix . 'camp', SQLString($title, 'text'), SQLString($cont, 'text'), SQLString($cdate, 'text'), SQLString($cloc, 'text'), SQLString($cpay, 'text'), $_SESSION[$config['u_hash']], time());
                $result = mysql_query($i_db) or die('');
                $nid = mysql_insert_id();
                setsinfo($pn . ' 发起新活动', $_SESSION[$config['u_hash']], $nid, 3);
            }
        }
        header('Location:./?m=camp');
        exit;
    } else {
        $title .= '班级活动';
        $s_a_dbc = sprintf('select a.*, b.name from %s as a, %s as b where a.aid=b.id and a.disp=0 order by a.closed, a.sticky desc, a.datetime desc', $dbprefix . 'camp', $dbprefix . 'member');
        $q_a_dbc = mysql_query($s_a_dbc) or die('');
        $c_dbc = mysql_num_rows($q_a_dbc);
        if ($c_dbc > 0) {
            $p_dbc = ceil($c_dbc / $config['pagesize']);
            if ($page > $p_dbc) {

Example #4

0

Show file

File: message.php Project: lyhiving/mini_class

 * (c)PiscDong studio (http://www.piscdong.com/)
 *
 * 程序完全免费，请保留这段代码。
 * 请勿出售本程序或其修改版，请勿利用本程序或其修改版进行任何商业活动。
 */
if ($c_log) {
    $title .= '短消息';
    $page = isset($_GET['page']) && intval($_GET['page']) > 0 ? intval($_GET['page']) : 1;
    if (isset($_GET['id']) && intval($_GET['id']) > 0 && intval($_GET['id']) != $_SESSION[$config['u_hash']] && getainfo(intval($_GET['id']), 'id')) {
        $tid = intval($_GET['id']);
        $tn = getainfo($tid, 'name');
        $title .= ' - ' . $tn['name'];
        if ($_SERVER['REQUEST_METHOD'] == 'POST') {
            $cont = htmlspecialchars(trim($_POST['rinfo']), ENT_QUOTES);
            if ($cont != '') {
                $i_db = sprintf('insert into %s (content, aid, tid, datetime, readed) values (%s, %s, %s, %s, 1)', $dbprefix . 'message', SQLString($cont, 'text'), $_SESSION[$config['u_hash']], $tid, time());
                $result = mysql_query($i_db) or die('');
            }
            header('Location:./?m=message&id=' . $tid);
            exit;
        } else {
            $content .= '<div class="title" id="send">发消息 - 收件人：' . $tn['name'] . '</div><div class="lcontent"><form method="post" action="" class="btform" id="lyform"><textarea name="rinfo" id="forminfor0" rows="4" style="width: 95%" class="bt_input" rel="内容"></textarea><br/><input type="submit" value="发消息" /></form></div>';
            $s_a_dbg = sprintf('select * from %s where (aid=%s and tid=%s) or (tid=%s and aid=%s) order by datetime desc', $dbprefix . 'message', $tid, $_SESSION[$config['u_hash']], $tid, $_SESSION[$config['u_hash']]);
            $q_a_dbg = mysql_query($s_a_dbg) or die('');
            $c_dbg = mysql_num_rows($q_a_dbg);
            if ($c_dbg > 0) {
                $content .= '<div class="title">聊天记录</div>';
                $p_dbg = ceil($c_dbg / $config['pagesize']);
                if ($page > $p_dbg) {
                    $page = $p_dbg;
                }

Example #5

0

Show file

File: index.php Project: lyhiving/mini_class

    $q_dbo = mysql_query($s_dbo) or die('');
    $r_dbo = mysql_fetch_assoc($q_dbo);
    if (mysql_num_rows($q_dbo) > 0) {
        if (time() - $r_dbo['datetime'] > 600) {
            $u_db = sprintf('update %s set visit=visit+1, visitdate=%s where id=%s', $dbprefix . 'member', time(), $_SESSION[$config['u_hash']]);
            $result = mysql_query($u_db) or die('');
        }
        $u_db = sprintf('update %s set datetime=%s, online=1, ip_i=inet_aton(%s) where aid=%s', $dbprefix . 'online', time(), SQLString(getIP(), 'text'), $_SESSION[$config['u_hash']]);
        $result = mysql_query($u_db) or die('');
    } else {
        $i_db = sprintf('insert into %s (aid, datetime, ip_i) values (%s, %s, inet_aton(%s))', $dbprefix . 'online', $_SESSION[$config['u_hash']], time(), SQLString(getIP(), 'text'));
        $result = mysql_query($i_db) or die('');
    }
    mysql_free_result($q_dbo);
} elseif (isset($_COOKIE[$config['u_hash'] . '_u']) && $_COOKIE[$config['u_hash'] . '_u'] != '' && isset($_COOKIE[$config['u_hash'] . '_p']) && $_COOKIE[$config['u_hash'] . '_p'] != '') {
    $s_dbu = sprintf('select id, name, status, power from %s where username=%s and password=%s limit 1', $dbprefix . 'member', SQLString($_COOKIE[$config['u_hash'] . '_u'], 'text'), SQLString($_COOKIE[$config['u_hash'] . '_p'], 'text'));
    $q_dbu = mysql_query($s_dbu) or die('');
    $r_dbu = mysql_fetch_assoc($q_dbu);
    if (mysql_num_rows($q_dbu) > 0) {
        if ($r_dbu['status'] == 0 || $config['veri'] > 0) {
            $u_db = sprintf('update %s set visit=visit+1, visitdate=%s where id=%s', $dbprefix . 'member', time(), $r_dbu['id']);
            $result = mysql_query($u_db) or die('');
            session_unset();
            session_start();
            $_SESSION[$config['u_hash']] = $r_dbu['id'];
            $pa = $r_dbu['power'];
            $pn = $r_dbu['name'];
            $c_log = true;
        }
    }
    mysql_free_result($q_dbu);

Example #6

0

Show file

File: list.php Project: lyhiving/mini_class

     $cont = htmlspecialchars(trim($_POST['rinfo']), ENT_QUOTES);
     if ($cont != '') {
         $time = time();
         $rid = isset($_POST['rid']) && intval($_POST['rid']) > 0 ? intval($_POST['rid']) : 0;
         $i_db = sprintf('insert into %s (content, aid, datetime, lasttime, rid) values (%s, %s, %s, %s, %s)', $dbprefix . 'topic', SQLString($cont, 'text'), $_SESSION[$config['u_hash']], $time, $time, $rid);
         $result = mysql_query($i_db) or die('');
         if ($rid > 0) {
             $u_db = sprintf('update %s set lasttime=%s where id=%s', $dbprefix . 'topic', $time, $rid);
             $result = mysql_query($u_db) or die('');
             $jid = $rid;
         } else {
             $jid = mysql_insert_id();
         }
     }
 } elseif (isset($_POST['vote']) && intval($_POST['vote']) > 0) {
     $s_dbt = sprintf('select id, content, datetime from %s where id=%s and tid=0 and mid=1 limit 1', $dbprefix . 'topic', SQLString($_POST['vote'], 'int'));
     $q_dbt = mysql_query($s_dbt) or die('');
     $r_dbt = mysql_fetch_assoc($q_dbt);
     if (mysql_num_rows($q_dbt) > 0) {
         $cont = explode('[/]', $r_dbt['content']);
         if ($cont[1] == 0 || time() < $r_dbt['datetime'] + 86400 * $cont[1]) {
             if ($cont[2] > 0 && count($_POST['vote' . $r_dbt['id']]) > 0 || $_POST['vote' . $r_dbt['id']] != '') {
                 $s_dbv = sprintf('select id from %s where tid=%s and aid=%s limit 1', $dbprefix . 'vote', $r_dbt['id'], $_SESSION[$config['u_hash']]);
                 $q_dbv = mysql_query($s_dbv) or die('');
                 if (mysql_num_rows($q_dbv) == 0) {
                     $time = time();
                     if ($cont[2] > 0) {
                         foreach ($_POST['vote' . $r_dbt['id']] as $v) {
                             $i_db = sprintf('insert into %s (aid, tid, vid, datetime) values (%s, %s, %s, %s)', $dbprefix . 'vote', $_SESSION[$config['u_hash']], $r_dbt['id'], $v, $time);
                             $result = mysql_query($i_db) or die('');
                         }

Example #7

0

Show file

File: edituser.php Project: lyhiving/mini_class

                $title .= '设置头像 - ' . $r_dbu['name'];
                $content .= '<div class="title">设置头像 - ' . $r_dbu['name'] . '</div><div class="lcontent">';
                if (trim($r_dbu['photo']) != '') {
                    $a_pho = explode('|', trim($r_dbu['photo']));
                    $js_c .= '
	$("img[name=\'del_img\']").click(function(){
		if(confirm(\'确认要删除？\'))location.href=\'?m=edituser&id=' . $id . '&t=avator&did=\'+$(this).data(\'id\');
	});';
                    foreach ($a_pho as $k => $v) {
                        if (isset($_GET['did']) && $_GET['did'] == $k) {
                            if (!strstr($a_pho[$k], '://') && file_exists($a_pho[$k])) {
                                unlink($a_pho[$k]);
                            }
                            unset($a_pho[$k]);
                            $u_pho = join('|', $a_pho);
                            $u_db = sprintf('update %s set photo=%s where id=%s', $dbprefix . 'member', SQLString($u_pho, 'text'), $r_dbu['id']);
                            $result = mysql_query($u_db) or die('');
                            header('Location:./?m=edituser&id=' . $id . '&t=avator');
                            exit;
                        }
                        $content .= '<div class="photo_list"><img src="' . $v . '" class="photo" alt="" width="55" height="55"/>&nbsp; <img src="images/o_2.gif" alt="" title="删除" name="del_img" data-id="' . $k . '" class="f_link"/></div>';
                    }
                } else {
                    $content .= '<img src="images/dphoto.jpg" class="photo" alt="" width="55" height="55"/>';
                }
                $content .= '<div class="extr"></div></div>';
            } else {
                $title .= '修改个人资料 - ' . $r_dbu['name'];
                $content .= '<div class="title">修改个人资料 - ' . $r_dbu['name'] . '</div><div class="lcontent"><form method="post" action="" class="btform" id="epform"><table><tr><td>姓名：</td><td><input name="name" size="32" value="' . $r_dbu['name'] . '" class="bt_input" rel="姓名" /></td></tr>';
                if (isset($g_c) && isset($g_a) && count($g_a) > 1) {
                    $content .= '<tr><td>身份：</td><td><select name="gid">';

Example #8

0

Show file

File: profile.php Project: lyhiving/mini_class

         $bir_m = $_POST['bir_m'];
         $bir_d = $_POST['bir_d'];
         $isnl = isset($_POST['isnl']) && $_POST['isnl'] == 1 ? 1 : 0;
         $url = htmlspecialchars(trim($_POST['url']), ENT_QUOTES);
         $email = htmlspecialchars(trim($_POST['email']), ENT_QUOTES);
         $phone = htmlspecialchars(trim($_POST['phone']), ENT_QUOTES);
         $work = htmlspecialchars(trim($_POST['work']), ENT_QUOTES);
         $tel = htmlspecialchars(trim($_POST['tel']), ENT_QUOTES);
         $qq = htmlspecialchars(trim($_POST['qq']), ENT_QUOTES);
         $msn = htmlspecialchars(trim($_POST['msn']), ENT_QUOTES);
         $gtalk = htmlspecialchars(trim($_POST['gtalk']), ENT_QUOTES);
         $address = htmlspecialchars(trim($_POST['address']), ENT_QUOTES);
         $location = htmlspecialchars(trim($_POST['location']), ENT_QUOTES);
         $rela = htmlspecialchars(trim($_POST['rela']), ENT_QUOTES);
         $sylorm = isset($_POST['sylorm']) && $_POST['sylorm'] == 1 ? 1 : 0;
         $u_db = sprintf('update %s set username=%s, name=%s, gender=%s, bir_y=%s, bir_m=%s, bir_d=%s, isnl=%s, url=%s, email=%s, phone=%s, work=%s, tel=%s, qq=%s, msn=%s, gtalk=%s, address=%s, location=%s, rela=%s, sylorm=%s where id=%s', $dbprefix . 'member', SQLString($username, 'text'), SQLString($name, 'text'), SQLString($gender, 'int'), SQLString($bir_y, 'int'), SQLString($bir_m, 'int'), SQLString($bir_d, 'int'), $isnl, SQLString($url, 'text'), SQLString($email, 'text'), SQLString($phone, 'text'), SQLString($work, 'text'), SQLString($tel, 'text'), SQLString($qq, 'text'), SQLString($msn, 'text'), SQLString($gtalk, 'text'), SQLString($address, 'text'), SQLString($location, 'text'), SQLString($rela, 'text'), $sylorm, $r_dbu['id']);
         $result = mysql_query($u_db) or die('');
         setsinfo($name . ' 更新了个人资料', $r_dbu['id']);
     }
     header('Location:./?m=profile' . (isset($e) ? '&e=' . $e : ''));
     exit;
 } else {
     $a_msg = array(1 => '个人资料已修改。', '请使用其他的用户名！');
     $content .= '<script type="text/javascript" src="http://api.map.baidu.com/api?v=1.3"></script>' . (isset($_GET['e']) && isset($a_msg[$_GET['e']]) ? '<div class="msg_v">' . $a_msg[$_GET['e']] . '</div>' : '') . '<div class="title">个人资料</div><div class="lcontent"><form method="post" action="" class="btform" id="pfform"><table><tr><td>用户名：</td><td><input name="username" size="32" value="' . htmlspecialchars($r_dbu['username'], ENT_QUOTES) . '" class="bt_input" rel="用户名" /></td></tr><tr><td>姓名：</td><td><input name="name" size="32" value="' . $r_dbu['name'] . '" class="bt_input" rel="姓名" /></td></tr><tr><td>介绍：</td><td><input name="rela" size="32" value="' . $r_dbu['rela'] . '" /></td></tr><tr><td>性别：</td><td><input type="radio" name="gender" value="0"' . ($r_dbu['gender'] == 0 ? ' checked="checked"' : '') . ' />保密 <input type="radio" name="gender" value="1"' . ($r_dbu['gender'] == 1 ? ' checked="checked"' : '') . ' />男 <input type="radio" name="gender" value="2"' . ($r_dbu['gender'] == 2 ? ' checked="checked"' : '') . ' />女</td></tr><tr><td>生日：</td><td><input name="bir_y" size="5" maxsize="4" value="' . ($r_dbu['bir_y'] > 0 ? $r_dbu['bir_y'] : '') . '" />-<select name="bir_m">';
     for ($i = 0; $i < 13; $i++) {
         $content .= '<option value="' . $i . '"' . ($r_dbu['bir_m'] == $i ? ' selected="selected"' : '') . '>' . ($i > 0 ? $i : '-') . '</option>';
     }
     $content .= '</select>-<select name="bir_d">';
     for ($i = 0; $i < 32; $i++) {
         $content .= '<option value="' . $i . '"' . ($r_dbu['bir_d'] == $i ? ' selected="selected"' : '') . '>' . ($i > 0 ? $i : '-') . '</option>';
     }

Example #9

0

Show file

File: sync_e.php Project: lyhiving/mini_class

        case 'google':
            if ($config['is_google'] > 0 && $config['google_key'] != '' && $config['google_se'] != '') {
                require_once 'lib/google.php';
                $o = new googlePHP($config['google_key'], $config['google_se']);
                $result = $o->access_token_refresh($r_dby['s_r']);
                if (isset($result['access_token']) && $result['access_token'] != '') {
                    $r_dby['s_t'] = $result['access_token'];
                    $r_dby['edate'] = time() + $result['expires_in'];
                }
            }
            break;
        case 'live':
            if ($config['is_live'] > 0 && $config['live_key'] != '' && $config['live_se'] != '') {
                require_once 'lib/live.php';
                $o = new livePHP($config['live_key'], $config['live_se']);
                $result = $o->access_token_refresh($r_dby['s_r']);
                if (isset($result['access_token']) && $result['access_token'] != '') {
                    $r_dby['s_t'] = $result['access_token'];
                    $r_dby['s_r'] = $result['refresh_token'];
                    $r_dby['edate'] = time() + $result['expires_in'];
                }
            }
            break;
        default:
            break;
    }
    $u_db = sprintf('update %s set s_t=%s, s_r=%s, edate=%s, mdate=%s where id=%s', $dbprefix . 'm_sync', SQLString($r_dby['s_t'], 'text'), SQLString($r_dby['s_r'], 'text'), SQLString($r_dby['edate'], 'int'), time(), $r_dby['id']);
    $result = mysql_query($u_db) or die('');
    echo '<script type="text/javascript">location.href=\'' . $f . '\';</script>';
}
mysql_free_result($q_dby);

Example #10

0

Show file

// show the text_item
if (isset($_GET['action']) && $_GET['action'] == 'showTextItem') {
    $sql = sprintf("SELECT * FROM text_item WHERE text_resource_id = %d AND language_id = %d", $_GET['text_resource_id'], $_GET['language_id']);
    $st = mysql_query($sql);
    $rt = mysql_fetch_assoc($st);
    $rt['text_item_id'] = isset($rt['id']) ? $rt['id'] : -1;
    $rt['text'] = isset($rt['text']) ? $rt['text'] : '';
    $rt['sql'] = $sql;
    $rt['query_status'] = mysql_error();
    echo json_encode($rt);
    exit;
}
// update/save text_item
if (isset($_GET['action']) && $_GET['action'] == 'saveTextItem') {
    $text = isset($_GET['text']) ? urldecode($_GET['text']) : "";
    $text = SQLString($text, "text");
    if (isset($_GET['text_item_id']) && $_GET['text_item_id'] > 0) {
        // update
        $sql = sprintf("UPDATE text_item SET text = %s WHERE id = %d", $text, $_GET['text_item_id']);
    } else {
        // insert
        $sql = sprintf("INSERT INTO text_item (text_resource_id, language_id, text) VALUES(%d, %d, %s) ", $_GET['text_resource_id'], $_GET['language_id'], $text);
    }
    $st = mysql_query($sql);
    $rt['text_item_id'] = mysql_insert_id() > 0 ? mysql_insert_id() : $_GET['text_item_id'];
    if ($st) {
        $rt['status_msg'] = "Text item saved successfully";
    } else {
        $rt['status_msg'] = mysql_error();
    }
    echo json_encode($rt);

Example #11

0

Show file

function save_goal($sequence_id, $goal_id, $name, $description, $duration, $entrance_rule_desc, $inflight_rule_desc, $exit_rule_desc, $entrance_rule_file_name, $inflight_rule_file_name, $exit_rule_file_name)
{
    $entrance_rule_desc = SQLString($entrance_rule_desc, "text");
    $inflight_rule_desc = SQLString($inflight_rule_desc, "text");
    $exit_rule_desc = SQLString($exit_rule_desc, "text");
    $entrance_rule_file_name = SQLString($entrance_rule_file_name, "text");
    $inflight_rule_file_name = SQLString($inflight_rule_file_name, "text");
    $exit_rule_file_name = SQLString($exit_rule_file_name, "text");
    if (is_numeric($goal_id) && $goal_id > 0) {
        // update
        $sql = sprintf("UPDATE goal \n\t\t\t\t\t\t\tSET \n\t\t\t\t\t\t\t\tname = %s, description = %s, duration = %d, \n\t\t\t\t\t\t\t\taccess_matrix_id = 0, entrance_rule_desc = %s, inflight_rule_desc = %s, exit_rule_desc = %s,\n\t\t\t\t\t\t\t\tentrance_rule_file_name = %s, inflight_rule_file_name = %s, exit_rule_file_name = %s\n\t\t\t\t\t\t\tWHERE\n\t\t\t\t\t\t\t\tid = %d", $name, $description, $duration, $entrance_rule_desc, $inflight_rule_desc, $exit_rule_desc, $entrance_rule_file_name, $inflight_rule_file_name, $exit_rule_file_name, $goal_id);
    } else {
        // insert
        $sql = sprintf("INSERT INTO goal \n\t\t\t\t\t\t\t\t(workflow_sequence_id, name, description, duration, access_matrix_id, entrance_rule_desc, inflight_rule_desc, exit_rule_desc, entrance_rule_file_name, inflight_rule_file_name, exit_rule_file_name)\n\t\t\t\t\t\t\tVALUES\n\t\t\t\t\t\t\t\t(%d, %s, %s, %d, %d, %s, %s, %s, %s, %s, %s)", $sequence_id, $name, $description, $duration, 0, $entrance_rule_desc, $inflight_rule_desc, $exit_rule_desc, $entrance_rule_file_name, $inflight_rule_file_name, $exit_rule_file_name);
    }
    $st = @mysql_query($sql);
    if ($st) {
        $last_id = mysql_insert_id();
        $goal_id = $last_id == 0 ? $goal_id : $last_id;
        $goal_opt = show_goal_opt($sequence_id, $goal_id);
        $return = array('sequence_id' => $sequence_id, 'goal_id' => $goal_id, 'goal_opt' => $goal_opt, 'sql' => $sql, 'status' => 0, 'msg' => 'Goal ' . $name . ' saved successfully.');
    } else {
        $return = array('sequence_id' => $sequence_id, 'goal_id' => $goal_id, 'msg' => 'Error saving goal: ' . mysql_error(), 'sql' => $sql);
    }
    return $return;
}

Example #12

0

Show file

File: sync_p.php Project: lyhiving/mini_class

                require_once 'lib/SohuOAuth.php';
                $oauth = new SohuOAuth($config['tsohu_key'], $config['tsohu_se'], $r_dby['s_t'], $r_dby['s_s']);
                $url = 'http://api.t.sohu.com/statuses/update.json';
                $oauth->post($url, array('status' => urlencode($a[0][0])));
            }
            mysql_free_result($q_dby);
        }
        if ($config['is_tw'] > 0 && $config['tw_key'] != '' && $config['tw_se'] != '' && in_array('twitter', $am)) {
            $s_dby = sprintf('select s_t, s_s from %s where aid=%s and name=%s limit 1', $dbprefix . 'm_sync', $aid, SQLString('twitter', 'text'));
            $q_dby = mysql_query($s_dby) or die('');
            $r_dby = mysql_fetch_assoc($q_dby);
            if (mysql_num_rows($q_dby) > 0) {
                require_once 'lib/twitterOAuth.php';
                $twitter = new TwitterOAuth($config['tw_key'], $config['tw_se'], $r_dby['s_t'], $r_dby['s_s']);
                $t_c = $twitter->OAuthRequest('https://twitter.com/statuses/update.xml', array('status' => $a[0][0]), 'POST');
            }
            mysql_free_result($q_dby);
        }
        if ($config['is_fb'] > 0 && $config['fb_se'] != '' && $config['fb_app_id'] != '' && in_array('facebook', $am)) {
            $s_dby = sprintf('select s_id from %s where aid=%s and name=%s limit 1', $dbprefix . 'm_sync', $aid, SQLString('facebook', 'text'));
            $q_dby = mysql_query($s_dby) or die('');
            $r_dby = mysql_fetch_assoc($q_dby);
            if (mysql_num_rows($q_dby) > 0) {
                require_once 'lib/facebook.php';
                $fb = new facebookPHP($config['fb_app_id'], $config['fb_se'], $r_dby['s_t']);
                $fb->update($a[0][0]);
            }
            mysql_free_result($q_dby);
        }
    }
}

Example #13

0

Show file

File: s_skin.php Project: lyhiving/mini_class

                $result = mysql_query($d_db) or die('');
                if ($config['skin'] == $r_dbk['id']) {
                    $u_db = sprintf('update %s set skin=0', $dbprefix . 'main');
                    $result = mysql_query($u_db) or die('');
                }
                header('Location:./?m=setting&t=skin');
                exit;
            }
        } else {
            $lp[0] = '<li><img src="images/skin_b.jpg" width="120" height="90" rel="' . $k . '|' . $v[0] . '" class="skin_img"/><br/>青青校园</li>';
        }
    }
    if ($_SERVER['REQUEST_METHOD'] == 'POST') {
        if (isset($_POST['path']) && file_exists('skin/' . $_POST['path'] . '/info.php') && !isset($lp[$_POST['path']])) {
            $path = $_POST['path'];
            require_once 'skin/' . $_POST['path'] . '/info.php';
            $stitle = isset($s_title) ? htmlspecialchars($s_title, ENT_QUOTES) : '';
            $sfile = isset($s_file) ? htmlspecialchars($s_file, ENT_QUOTES) : 'styles.css';
            $i_db = sprintf('insert into %s (path, title, sfile) values (%s, %s, %s)', $dbprefix . 'skin', SQLString($path, 'text'), SQLString($stitle, 'text'), SQLString($sfile, 'text'));
            $result = mysql_query($i_db) or die('');
            $e = 2;
        } else {
            $e = 1;
        }
        header('Location:./?m=setting&t=skin' . (isset($e) ? '&e=' . $e : ''));
        exit;
    } else {
        $a_msg = array(1 => '文件不存在或者样式已经安装过！', '新样式已添加。');
        $content .= '<div class="msg_v" id="skin_msg"' . (isset($_GET['e']) && isset($a_msg[$_GET['e']]) ? '>' . $a_msg[$_GET['e']] : ' style="display: none;">') . '</div>' . (isset($lp) ? '<div class="title">样式管理</div><div class="scontent"><ul id="skinlist">' . join('', $lp) . '</ul><div class="extr"></div></div><br/>' : '') . '<div class="title">添加样式</div><div class="lcontent"><form method="post" action="" class="btform" id="skinform"><div class="formline">skin/<input name="path" size="32" class="bt_input" rel="样式路径" />/info.php</div><div class="formline"><input type="submit" value="添加" class="button" /> <input type="reset" value="取消" class="button" /> <a href="http://www.piscdong.com/mini_class/?m=skin" rel="external">下载更多样式</a></div></form></div>';
    }
}

Example #14

0

Show file

File: function.php Project: lyhiving/mini_class

function getsync_c($ar)
{
    global $config, $dbprefix;
    if ($config['is_sina'] > 0 && $config['sina_key'] != '' && $config['sina_se'] != '') {
        $s_dby = sprintf('select s_n from %s where aid=%s and name=%s limit 1', $dbprefix . 'm_sync', $ar['id'], SQLString('sina', 'text'));
        $q_dby = mysql_query($s_dby) or die('');
        $r_dby = mysql_fetch_assoc($q_dby);
        if (mysql_num_rows($q_dby) > 0) {
            $a_sync_c[] = '<input type="checkbox" name="u_sina" value="1"/><a href="' . $r_dby['s_n'] . '" rel="external"><img src="images/i-sina.gif" alt="" title="新浪微博"/></a>';
        } else {
            $a_sync_c[] = '<input type="checkbox" disabled="disabled" title="您还没有绑定新浪微博账号，点击图标设置"/><a href="?m=profile&amp;t=sync&amp;n=sina"><img src="images/i-sina.gif" alt="" title="新浪微博" title="您还没有绑定新浪微博账号，点击设置"/></a>';
        }
        mysql_free_result($q_dby);
    }
    if ($config['is_tqq'] > 0 && ($config['is_utqq'] > 0 || $config['tqq_key'] != '' && $config['tqq_se'] != '')) {
        $s_dby = sprintf('select s_n from %s where aid=%s and name=%s limit 1', $dbprefix . 'm_sync', $ar['id'], SQLString('tqq', 'text'));
        $q_dby = mysql_query($s_dby) or die('');
        $r_dby = mysql_fetch_assoc($q_dby);
        if (mysql_num_rows($q_dby) > 0) {
            $a_sync_c[] = '<input type="checkbox" name="u_tqq" value="1"/><a href="' . $r_dby['s_n'] . '" rel="external"><img src="images/i-tqq.gif" alt="" title="腾讯微博"/></a>';
        } else {
            $a_sync_c[] = '<input type="checkbox" disabled="disabled" title="您还没有绑定腾讯微博账号，点击图标设置"/><a href="?m=profile&amp;t=sync&amp;n=tqq"><img src="images/i-tqq.gif" alt="" title="腾讯微博" title="您还没有绑定腾讯微博账号，点击设置"/></a>';
        }
        mysql_free_result($q_dby);
    }
    if ($config['is_renren'] > 0 && $config['renren_key'] != '' && $config['renren_se'] != '') {
        $s_dby = sprintf('select s_n from %s where aid=%s and name=%s limit 1', $dbprefix . 'm_sync', $ar['id'], SQLString('renren', 'text'));
        $q_dby = mysql_query($s_dby) or die('');
        $r_dby = mysql_fetch_assoc($q_dby);
        if (mysql_num_rows($q_dby) > 0) {
            $a_sync_c[] = '<input type="checkbox" name="u_renren" value="1"/><a href="' . $r_dby['s_n'] . '" rel="external"><img src="images/i-renren.gif" alt="" title="人人网"/></a>';
        } else {
            $a_sync_c[] = '<input type="checkbox" disabled="disabled" title="您还没有绑定人人网账号，点击图标设置"/><a href="?m=profile&amp;t=sync&amp;n=renren"><img src="images/i-renren.gif" alt="" title="人人网" title="您还没有绑定人人网账号，点击设置"/></a>';
        }
        mysql_free_result($q_dby);
    }
    if ($config['is_kx001'] > 0 && $config['kx001_key'] != '' && $config['kx001_se'] != '') {
        $s_dby = sprintf('select s_n from %s where aid=%s and name=%s limit 1', $dbprefix . 'm_sync', $ar['id'], SQLString('kx001', 'text'));
        $q_dby = mysql_query($s_dby) or die('');
        $r_dby = mysql_fetch_assoc($q_dby);
        if (mysql_num_rows($q_dby) > 0) {
            $a_sync_c[] = '<input type="checkbox" name="u_kx001" value="1"/><a href="' . $r_dby['s_n'] . '" rel="external"><img src="images/i-kx001.gif" alt="" title="开心网"/></a>';
        } else {
            $a_sync_c[] = '<input type="checkbox" disabled="disabled" title="您还没有绑定开心网账号，点击图标设置"/><a href="?m=profile&amp;t=sync&amp;n=kx001"><img src="images/i-kx001.gif" alt="" title="开心网" title="您还没有绑定开心网账号，点击设置"/></a>';
        }
        mysql_free_result($q_dby);
    }
    if ($config['is_tsohu'] > 0 && ($config['is_utsohu'] > 0 || $config['tsohu_key'] != '' && $config['tsohu_se'] != '')) {
        $s_dby = sprintf('select s_n from %s where aid=%s and name=%s limit 1', $dbprefix . 'm_sync', $ar['id'], SQLString('tsohu', 'text'));
        $q_dby = mysql_query($s_dby) or die('');
        $r_dby = mysql_fetch_assoc($q_dby);
        if (mysql_num_rows($q_dby) > 0) {
            $a_sync_c[] = '<input type="checkbox" name="u_tsohu" value="1"/><a href="' . $r_dby['s_n'] . '" rel="external"><img src="images/i-tsohu.gif" alt="" title="搜狐微博"/></a>';
        } else {
            $a_sync_c[] = '<input type="checkbox" disabled="disabled" title="您还没有绑定搜狐微博账号，点击图标设置"/><a href="?m=profile&amp;t=sync&amp;n=tsohu"><img src="images/i-tsohu.gif" alt="" title="搜狐微博" title="您还没有绑定搜狐微博账号，点击设置"/></a>';
        }
        mysql_free_result($q_dby);
    }
    if ($config['is_t163'] > 0 && $config['t163_key'] != '' && $config['t163_se'] != '') {
        $s_dby = sprintf('select s_n from %s where aid=%s and name=%s limit 1', $dbprefix . 'm_sync', $ar['id'], SQLString('t163', 'text'));
        $q_dby = mysql_query($s_dby) or die('');
        $r_dby = mysql_fetch_assoc($q_dby);
        if (mysql_num_rows($q_dby) > 0) {
            $a_sync_c[] = '<input type="checkbox" name="u_t163" value="1"/><a href="' . $r_dby['s_n'] . '" rel="external"><img src="images/i-t163.gif" alt="" title="网易微博"/></a>';
        } else {
            $a_sync_c[] = '<input type="checkbox" disabled="disabled" title="您还没有绑定网易微博账号，点击图标设置"/><a href="?m=profile&amp;t=sync&amp;n=t163"><img src="images/i-t163.gif" alt="" title="网易微博" title="您还没有绑定网易微博账号，点击设置"/></a>';
        }
        mysql_free_result($q_dby);
    }
    if ($config['is_tw'] > 0 && $config['tw_key'] != '' && $config['tw_se'] != '') {
        $s_dby = sprintf('select s_n from %s where aid=%s and name=%s limit 1', $dbprefix . 'm_sync', $ar['id'], SQLString('twitter', 'text'));
        $q_dby = mysql_query($s_dby) or die('');
        $r_dby = mysql_fetch_assoc($q_dby);
        if (mysql_num_rows($q_dby) > 0) {
            $a_sync_c[] = '<input type="checkbox" name="u_twitter" value="1"/><a href="http://twitter.com/' . $r_dby['s_n'] . '" rel="external"><img src="images/i-twitter.gif" alt="" title="Twitter"/></a>';
        } else {
            $a_sync_c[] = '<input type="checkbox" disabled="disabled" title="您还没有绑定Twitter账号，点击图标设置"/><a href="?m=profile&amp;t=sync&amp;n=twitter"><img src="images/i-twitter.gif" alt="" title="Twitter" title="您还没有绑定Twitter账号，点击设置"/></a>';
        }
        mysql_free_result($q_dby);
    }
    if ($config['is_fb'] > 0 && $config['fb_se'] != '' && $config['fb_app_id'] != '') {
        $s_dby = sprintf('select s_id from %s where aid=%s and name=%s limit 1', $dbprefix . 'm_sync', $ar['id'], SQLString('facebook', 'text'));
        $q_dby = mysql_query($s_dby) or die('');
        $r_dby = mysql_fetch_assoc($q_dby);
        if (mysql_num_rows($q_dby) > 0) {
            $a_sync_c[] = '<input type="checkbox" name="u_facebook" value="1"/><a href="http://www.facebook.com/profile.php?id=' . $r_dby['s_id'] . '" rel="external"><img src="images/i-facebook.gif" alt="" title="Facebook"/></a>';
        } else {
            $a_sync_c[] = '<input type="checkbox" disabled="disabled" title="您还没有绑定Facebook账号，点击图标设置"/><a href="?m=profile&amp;t=sync&amp;n=facebook"><img src="images/i-facebook.gif" alt="" title="Facebook" title="您还没有绑定Facebook账号，点击设置"/></a>';
        }
        mysql_free_result($q_dby);
    }
    if (isset($a_sync_c)) {
        return '<br/>发布到：' . join(' ', $a_sync_c);
    }
}

Example #15

0

Show file

File: p_sync.php Project: lyhiving/mini_class

             $q_dby = mysql_query($s_dby) or die('');
             $r_dby = mysql_fetch_assoc($q_dby);
             if (mysql_num_rows($q_dby) > 0) {
                 $io = new instagramPHP($config['instagram_key'], $config['instagram_se'], $r_dby['s_t']);
                 $ia = $io->user($r_dby['s_id']);
                 if (!isset($ia['meta']['error_type']) && isset($ia['data']['id']) && $ia['data']['id'] != '') {
                     $is_sync = 1;
                     $me_url = 'http://instagram.com/' . $ia['data']['username'] . '/';
                     if ($r_dby['s_n'] != $me_url || $r_dby['s_id'] != $ia['data']['id']) {
                         $u_db = sprintf('update %s set s_n=%s, s_id=%s where id=%s', $dbprefix . 'm_sync', SQLString($me_url, 'text'), SQLString($ia['data']['id'], 'text'), $r_dby['id']);
                         $result = mysql_query($u_db) or die('');
                     }
                     $content .= '当前已绑定Instagram账号<table width="200"><tr><td align="center"><img src="' . $ia['data']['profile_picture'] . '" alt=""/><br/><a href="' . $me_url . '" target="_blank">' . $ia['data']['username'] . '</a>（<a href="?m=profile&amp;t=sync&amp;n=' . $nct . '&amp;lt=1">取消绑定</a>）</td></tr></table>';
                     $content .= '<br/><br/><form method="post" action=""><input type="checkbox" name="is_show" value="1"' . ($r_dby['is_show'] > 0 ? ' checked="checked"' : '') . '/>隐藏已绑定Instagram账号相关信息<br/><input type="submit" value="更新" class="button"/><input type="hidden" name="isl_instagram_h" value="' . $r_dby['id'] . '"/></form>';
                 } else {
                     $d_db = sprintf('delete from %s where aid=%s and name=%s', $dbprefix . 'm_sync', $r_dbu['id'], SQLString($nct, 'text'));
                     $result = mysql_query($d_db) or die('');
                 }
             }
             mysql_free_result($q_dby);
             if ($is_sync == 0) {
                 $io = new instagramPHP($config['instagram_key'], $config['instagram_se']);
                 $aurl = $io->login_url($config['site_url'] . 'instagram_callback.php');
                 $content .= '<a href="' . $aurl . '">点击此处和您的Instagram账号建立连接</a>';
             }
             $content .= '<br/><br/>绑定Instagram账号后将实现以下功能：<ol><li>可以选取Instagram图片添加到照片视频</li><li>在<a href="?m=user&amp;id=' . $r_dbu['id'] . '">用户信息</a>页面显示最新的Instagram图片</li</ol>';
             break;
     }
     $content .= '</div>';
 } else {
     $content .= '<div class="formline">管理员还没有' . ($pa == 9 ? '<a href="?m=setting&amp;t=sync">' : '') . '开启绑定功能' . ($pa == 9 ? '</a>' : '') . '。</div>';

Example #16

0

Show file

File: list.php Project: lyhiving/mini_class

         $u_db = sprintf('update %s set sticky=%s where id=%s', $dbprefix . 'topic', SQLString($sticky, 'int'), $r_dbl['id']);
         $result = mysql_query($u_db) or die('');
         if ($r_dbl['mid'] > 0) {
             $coa = explode('[/]', $r_dbl['content']);
             $msg = $coa[0];
         } else {
             $msg = $r_dbl['content'];
         }
         $ac = $pn . ' ' . ($sticky > 0 ? '' : '取消') . "置顶留言\r\r" . $r_dbl['name'] . '：' . $msg;
         setoinfo($ac, $r_dbl['id']);
         header('Location:?page=' . $page);
         exit;
     }
     if (isset($_GET['lid']) && $_GET['lid'] == $r_dbl['id']) {
         $lock = $r_dbl['is_lock'] > 0 ? 0 : 1;
         $u_db = sprintf('update %s set is_lock=%s where id=%s', $dbprefix . 'topic', SQLString($lock, 'int'), $r_dbl['id']);
         $result = mysql_query($u_db) or die('');
         if ($r_dbl['mid'] > 0) {
             $coa = explode('[/]', $r_dbl['content']);
             $msg = $coa[0];
         } else {
             $msg = $r_dbl['content'];
         }
         $ac = $pn . ' ' . ($lock > 0 ? '' : '取消') . "锁定留言\r\r" . $r_dbl['name'] . '：' . $msg;
         setoinfo($ac, $r_dbl['id']);
         header('Location:?page=' . $page);
         exit;
     }
 }
 if ($pa == 9 && $r_dbl['disp'] > 0) {
     $cm[] = '&nbsp;<span class="del_n">已删除</span> <a href="?page=' . $page . '&amp;pid=' . $r_dbl['id'] . '"><img src="images/o_4.gif" alt="" title="恢复"/></a>';

Example #17

0

Show file

                <p>Username: <input id="username" name="username" type="text"
                                    class="input" /></p>
                <p>Password: <input id="password" name="password" type="password"
                                    value="" class="input" /></p>
                <p><input id="submit" name="submit" type="submit" value="Log In" class="btn" />
                <p><input id="authreq" name="authreq" type="hidden" value="false" />
                </p>
            </form>
        </div>
    </body>
</html>
<!-- end of login screen -->
<?php 
} else {
    // trying to authenticate user
    require_once "./include/config.inc";
    $query = sprintf("SELECT * FROM user WHERE username = '******' and password = %s and status = 1 and site_admin = 1 ", mysql_real_escape_string($_POST['username']), SQLString($_POST['password'], "text"));
    $rt = @mysql_query($query, $indaba_dbh);
    if (mysql_num_rows($rt) == 1) {
        $user = mysql_fetch_assoc($rt);
        $_SESSION['authuser'] = $_POST['username'];
        $_SESSION['user_id'] = $user['id'];
        if (isset($_SESSION['ref'])) {
            header('Location: ' . $_SESSION['ref']);
        } else {
            header('Location: index.php');
        }
    } else {
        header('Location: login.php');
    }
}

Example #18

0

Show file

File: mysql.php Project: lyhiving/mini_class

        unset($result);
        $title = htmlspecialchars(trim($_POST['title']), ENT_QUOTES);
        $query = sprintf('insert into %s (title) values (%s)', $dbprefix . 'main', SQLString($title, 'text'));
        $result = mysql_query($query);
        echo '<li>写入新数据 ' . $dbprefix . 'main：<span style="font-weight:bold;color:#' . ($result == true ? '036;">成功' : 'f00;">失败') . '</span></li>';
        unset($query);
        unset($result);
        $username = trim($_POST['username']);
        $password = enc_p(trim($_POST['password']));
        $name = htmlspecialchars(trim($_POST['name']), ENT_QUOTES);
        $query = sprintf('insert into %s (username, password, name, power, regdate) values (%s, %s, %s, 9, %s)', $dbprefix . 'member', SQLString($username, 'text'), SQLString($password, 'text'), SQLString($name, 'text'), time());
        $result = mysql_query($query);
        echo '<li>写入新数据 ' . $dbprefix . 'member：<span style="font-weight:bold;color:#' . ($result == true ? '036;">成功' : 'f00;">失败') . '</span></li>';
        unset($query);
        unset($result);
        $query = sprintf('insert into %s (path, title, sfile) values (%s, %s, %s)', $dbprefix . 'skin', SQLString('blue', 'text'), SQLString('蓝色梦想', 'text'), SQLString('styles.css', 'text'));
        $result = mysql_query($query);
        echo '<li>写入新数据 ' . $dbprefix . 'skin：<span style="font-weight:bold;color:#' . ($result == true ? '036;">成功' : 'f00;">失败') . '</span></li>';
        unset($query);
        unset($result);
        echo '</ul><input type="button" value="完成" class="button" onclick="location.href=\'../\';"/></div>';
        writeText($l_file, time());
    } else {
        ?>
	<div class="title">第2步：配置信息</div>
	<div class="lcontent">
		<form method="post" onsubmit="if(document.form1.title.value=='' || document.form1.username.value=='' || document.form1.password.value=='' || document.form1.name.value==''){alert('请输入配置信息。');return false;}else if(document.form1.password.value!='' && document.form1.password.value!=document.form1.password2.value){alert('请确认密码。');return false;}" name="form1">
			<table>
				<tr><td>标题：</td><td><input name="title" size="32"/></td></tr>
				<tr><td colspan="2">管理员信息</td></tr>
				<tr><td>用户名：</td><td><input name="username" size="32"/></td></tr>

Example #19

0

Show file

File: kx001_callback.php Project: lyhiving/mini_class

    if (isset($_GET['code']) && trim($_GET['code']) != '') {
        require_once 'lib/kaixin.php';
        $db_o = new kaixinPHP($config['kx001_key'], $config['kx001_se']);
        $result = $db_o->access_token($config['site_url'] . 'kx001_callback.php', $_GET['code']);
    }
    if (isset($result['access_token']) && $result['access_token'] != '') {
        $s_t = $result['access_token'];
        $s_r = $result['refresh_token'];
        $edate = time() + $result['expires_in'];
        if ($c_log) {
            $ar = getainfo($_SESSION[$config['u_hash']], 'id, name');
            $s_dby = sprintf('select id from %s where aid=%s and name=%s limit 1', $dbprefix . 'm_sync', $ar['id'], SQLString('kx001', 'text'));
            $q_dby = mysql_query($s_dby) or die('');
            $r_dby = mysql_fetch_assoc($q_dby);
            if (mysql_num_rows($q_dby) > 0) {
                $u_db = sprintf('update %s set s_t=%s, s_r=%s, edate=%s where id=%s', $dbprefix . 'm_sync', SQLString($s_t, 'text'), SQLString($s_r, 'text'), SQLString($edate, 'int'), $r_dby['id']);
                $result = mysql_query($u_db) or die('');
            } else {
                $i_db = sprintf('insert into %s (aid, name, s_t, s_r, edate) values (%s, %s, %s, %s, %s)', $dbprefix . 'm_sync', $ar['id'], SQLString('kx001', 'text'), SQLString($s_t, 'text'), SQLString($s_r, 'text'), SQLString($edate, 'int'));
                $result = mysql_query($i_db) or die('');
            }
            mysql_free_result($q_dby);
            setsinfo($ar['name'] . ' 绑定了开心网', $ar['id']);
        } else {
            $_SESSION['kx001_login_u_t'] = $s_t;
            $_SESSION['kx001_login_u_r'] = $s_r;
            $_SESSION['kx001_login_u_edate'] = $edate;
        }
    }
}
header('Location:' . $u);

Example #20

0

Show file

File: reg.php Project: lyhiving/mini_class

 $jaid = isset($idb) ? $idb['aid'] : 0;
 $rela = isset($_POST['rela']) ? htmlspecialchars(trim($_POST['rela']), ENT_QUOTES) : '';
 $email = htmlspecialchars(trim($_POST['email']), ENT_QUOTES);
 $s_dbu = sprintf('select id from %s where username=%s limit 1', $dbprefix . 'member', SQLString($username, 'text'));
 $q_dbu = mysql_query($s_dbu) or die('');
 if (mysql_num_rows($q_dbu) > 0) {
     $e = 1;
 } else {
     $i_db = sprintf('insert into %s (username, password, name, status, regdate, gid, jaid, rela, email) values (%s, %s, %s, %s, %s, %s, %s, %s, %s)', $dbprefix . 'member', SQLString($username, 'text'), SQLString($password, 'text'), SQLString($name, 'text'), SQLString($status, 'int'), time(), SQLString($gid, 'int'), SQLString($jaid, 'int'), SQLString($rela, 'text'), SQLString($email, 'text'));
     $result = mysql_query($i_db) or die('');
     $nid = mysql_insert_id();
     $i_db = sprintf('insert into %s (aid, datetime, ip_i, online) values (%s, %s, inet_aton(%s), 0)', $dbprefix . 'online', $nid, time(), SQLString(getIP(), 'text'));
     $result = mysql_query($i_db) or die('');
     setsinfo($name . ' 新用户注册' . (isset($g_a[$gid]) ? '，身份：' . $g_a[$gid] : '') . (isset($idb) ? '，邀请人：<a href="?m=user&amp;id=' . $idb['aid'] . '">' . $idb['name'] . '</a>' : '') . ($config['veri'] > 0 ? '' : '，等待审核') . ($rela != '' ? "\r\r" . $rela : ''), $nid);
     if (isset($_SESSION['login_sync_tn']) && $_SESSION['login_sync_tn'] != '' && isset($a_sync[$_SESSION['login_sync_tn']])) {
         $i_db = sprintf('insert into %s (aid, name, s_id, s_t, s_r, s_s, edate) values (%s, %s, %s, %s, %s, %s, %s)', $dbprefix . 'm_sync', $nid, SQLString($_SESSION['login_sync_tn'], 'text'), SQLString($_SESSION['login_sync_id'], 'text'), SQLString($_SESSION['login_sync_t'], 'text'), SQLString($_SESSION['login_sync_r'], 'text'), SQLString($_SESSION['login_sync_s'], 'text'), SQLString($_SESSION['login_sync_edate'], 'int'));
         $result = mysql_query($i_db) or die('');
         $_SESSION['login_sync_tn'] = '';
         $_SESSION['login_sync_id'] = '';
         $_SESSION['login_sync_t'] = '';
         $_SESSION['login_sync_r'] = '';
         $_SESSION['login_sync_s'] = '';
         $_SESSION['login_sync_u'] = '';
         $_SESSION['login_sync_edate'] = 0;
     }
     if (isset($idb)) {
         $u_db = sprintf('update %s set jid=%s where id=%s', $dbprefix . 'invite', $nid, $idb['id']);
         $result = mysql_query($u_db) or die('');
     }
     header('Location:./?m=login&e=3');
     exit;

Example #21

0

Show file

File: j_sync.php Project: lyhiving/mini_class

             $rr_c = new renrenPHP($config['renren_key'], $config['renren_se'], $r_dby['s_t']);
             $st = $rr_c->getStatus($r_dby['s_id'], 5);
             if (is_array($st) && count($st) > 0) {
                 foreach ($st as $v) {
                     if (htmlspecialchars(trim($v['message']), ENT_QUOTES) != '') {
                         echo '<div class="sync_list" style="background-image: url(images/i-renren.gif);">' . htmlspecialchars(trim($v['message']), ENT_QUOTES) . '</div>';
                     }
                 }
             }
         }
         mysql_free_result($q_dby);
     }
     break;
 case 'instagram':
     if ($config['is_instagram'] > 0 && $config['instagram_key'] != '' && $config['instagram_se'] != '') {
         $s_dby = sprintf('select s_id, s_t, is_show from %s where aid=%s and name=%s limit 1', $dbprefix . 'm_sync', $id, SQLString('instagram', 'text'));
         $q_dby = mysql_query($s_dby) or die('');
         $r_dby = mysql_fetch_assoc($q_dby);
         if (mysql_num_rows($q_dby) > 0) {
             $max_id = isset($_GET['max_id']) && trim($_GET['max_id']) != '' ? trim($_GET['max_id']) : '';
             $page = isset($_GET['page']) && intval($_GET['page']) > 0 ? intval($_GET['page']) : 1;
             $isp = isset($_GET['m']) && $_GET['m'] == '1' || $id != $_SESSION[$config['u_hash']] ? 1 : 0;
             $p_page = $isp > 0 ? '5' : '10';
             if ($isp > 0) {
                 $max_id = '';
                 $page = 1;
             }
             if ($r_dby['is_show'] == 0 || $isp == 0) {
                 require_once 'lib/instagram.php';
                 $io = new instagramPHP($config['instagram_key'], $config['instagram_se'], $r_dby['s_t']);
                 $ia = $io->user_media($r_dby['s_id'], $p_page, $max_id);

Example #22

0

Show file

    }
    $project = mysql_fetch_assoc($st);
    $project['logo_path'] = empty($project['logo_path']) ? '' : $project['logo_path'];
    $rt = array('project_owner' => $project['last_name'] . ", " . $project['first_name'], 'code_name' => $project['code_name'], 'description' => $project['description'], 'admin_user_id' => $project['admin_user_id'], 'organization_id' => $project['organization_id'], 'access_matrix_id' => $project['access_matrix_id'], 'view_matrix_id' => $project['view_matrix_id'], 'start_time' => $project['start_time'], 'close_time' => $project['close_time'], 'ready_to_start' => $project['ready_to_start'], 'study_period_id' => $project['study_period_id'], 'logo_path' => $project['logo_path'], 'is_active' => $project['is_active'], 'visibility' => $project['visibility'], 'sql' => $sql, 'query_status' => 0, 'query_msg' => '');
    echo json_encode($rt);
    $_SESSION['current_project_id'] = $id;
    exit;
}
if (isset($_GET['action']) && $_GET['action'] == 'save_project') {
    $code_name = SQLString($_GET['code_name'], 'text');
    $description = SQLString($_GET['description'], 'text');
    $access_matrix_id = $_GET['access_matrix_id'];
    $view_matrix_id = $_GET['view_matrix_id'];
    $study_period_id = $_GET['study_period_id'];
    $start_time = SQLString($_GET['start_time'], 'text');
    $close_time = SQLString($_GET['close_time'], 'text');
    $admin_user_id = $_GET['admin_user_id'];
    $organization_id = $_GET['organization_id'];
    $is_active = $_GET['is_active'];
    $visibility = $_GET['visibility'];
    $id = $_GET['project_id'];
    if ($id == 0) {
        // INSERT
        $sql = sprintf("INSERT INTO project ( code_name, description, owner_user_id, creation_time, access_matrix_id, view_matrix_id, \n\t\t\t\t\t\t\t\t\t\t\t\tstart_time, close_time, study_period_id, status, admin_user_id, is_active, organization_id, visibility)\n\t\t\t\t\t\t\tVALUES (%s, %s, %d, now(), %d, %d, %s, %s, %d, 0, %d, %d, %d, %d)", $code_name, $description, $_SESSION['user_id'], $access_matrix_id, $view_matrix_id, $start_time, $close_time, $study_period_id, $admin_user_id, $is_active, $organization_id, $visibility);
    } else {
        // UPDATE
        $sql = sprintf("UPDATE project\n\t\t\t\t\t\t\tSET code_name = %s, description = %s, access_matrix_id = %d,\n\t\t\t\t\t\t\t\tview_matrix_id = %d, start_time = %s, close_time = %s, study_period_id = %d, \n\t\t\t\t\t\t\t\tadmin_user_id = %d, is_active = %d, organization_id = %d, visibility = %d\n\t\t\t\t\t\t\tWHERE id = %d", $code_name, $description, $access_matrix_id, $view_matrix_id, $start_time, $close_time, $study_period_id, $admin_user_id, $is_active, $organization_id, $visibility, $id);
    }
    $st = mysql_query($sql);
    if (!$st) {
        $rt['sql'] = $sql;

Example #23

0

Show file

File: p_invite.php Project: lyhiving/mini_class

<?php

/**
 * 迷你同学录 (http://mini_class.piscdong.com/)
 * (c)PiscDong studio (http://www.piscdong.com/)
 *
 * 程序完全免费，请保留这段代码。
 * 请勿出售本程序或其修改版，请勿利用本程序或其修改版进行任何商业活动。
 */
if ($c_log && isset($r_dbu) && $config['invnreg'] == 0) {
    $title .= '邀请朋友';
    if ($_SERVER['REQUEST_METHOD'] == 'POST') {
        if (isset($_POST['invite_link']) && $_POST['invite_link'] == 1) {
            $code = md5(time() . $r_dbu['id'] . '|' . rand(1, 1000));
            $i_db = sprintf('insert into %s (aid, datetime, code) values (%s, %s, %s)', $dbprefix . 'invite', $r_dbu['id'], time(), SQLString($code, 'text'));
            $result = mysql_query($i_db) or die('');
        }
        header('Location:./?m=profile&t=invite');
        exit;
    } else {
        $content .= '<div class="title">邀请朋友</div><div class="lcontent">';
        $s_dbi = sprintf('select id, code from %s where aid=%s and jid=0 order by datetime desc', $dbprefix . 'invite', $r_dbu['id']);
        $q_dbi = mysql_query($s_dbi) or die('');
        $r_dbi = mysql_fetch_assoc($q_dbi);
        if (mysql_num_rows($q_dbi) > 0) {
            $js_c .= '
	$("img[name=\'del_img\']").click(function(){
		if(confirm(\'确认要删除？\'))location.href=\'?m=profile&t=invite&did=\'+$(this).data(\'id\');
	});
	$(".invcode").mouseover(function(){
		$(this).select();

Example #24

0

Show file

File: p_security.php Project: lyhiving/mini_class

<?php

/**
 * 迷你同学录 (http://mini_class.piscdong.com/)
 * (c)PiscDong studio (http://www.piscdong.com/)
 *
 * 程序完全免费，请保留这段代码。
 * 请勿出售本程序或其修改版，请勿利用本程序或其修改版进行任何商业活动。
 */
if ($c_log && isset($r_dbu)) {
    $title .= '安全设置';
    if ($_SERVER['REQUEST_METHOD'] == 'POST') {
        if (isset($_POST['question'])) {
            if (enc_p($_POST['password0']) == $r_dbu['password']) {
                $question = htmlspecialchars($_POST['question'], ENT_QUOTES);
                $answer = htmlspecialchars($_POST['answer'], ENT_QUOTES);
                $u_db = sprintf('update %s set question=%s, answer=%s where id=%s', $dbprefix . 'member', SQLString($question, 'text'), SQLString($answer, 'text'), $r_dbu['id']);
                $result = mysql_query($u_db) or die('');
                $e = 1;
            } else {
                $e = 2;
            }
        }
        header('Location:./?m=profile&t=security' . (isset($e) ? '&e=' . $e : ''));
        exit;
    } else {
        $a_msg = array(1 => '个人资料已修改。', '当前密码错误！');
        $content .= (isset($_GET['e']) && isset($a_msg[$_GET['e']]) ? '<div class="msg_v">' . $a_msg[$_GET['e']] . '</div>' : '') . '<div class="title">安全设置</div><div class="lcontent"><form method="post" action="" class="btform" id="seform"><table><tr><td>当前密码：</td><td><input type="password" name="password0" size="32" class="bt_input" rel="当前密码" /></td></tr><tr><td>安全问题：</td><td><input name="question" size="32" value="' . $r_dbu['question'] . '" /></td></tr><tr><td>答案：</td><td><input name="answer" size="32" /></td></tr><tr><td colspan="2"><input type="submit" value="修改" class="button" /></td></tr></table></form></div>';
    }
}

Example #25

0

Show file

File: album.php Project: lyhiving/mini_class

                $a_synl[] = array('instagram', 'Instagram');
                $s_dby = sprintf('select id from %s where aid=%s and name=%s limit 1', $dbprefix . 'm_sync', $ar['id'], SQLString('instagram', 'text'));
                $q_dby = mysql_query($s_dby) or die('');
                $is_syn['instagram'] = mysql_num_rows($q_dby) > 0 ? 1 : 0;
                mysql_free_result($q_dby);
            }
            if ($config['is_babab'] > 0 && ($config['is_ubabab'] > 0 || $config['babab_key'] != '')) {
                $a_synl[] = array('babab', '巴巴变');
                $s_dby = sprintf('select id from %s where aid=%s and name=%s limit 1', $dbprefix . 'm_sync', $ar['id'], SQLString('babab', 'text'));
                $q_dby = mysql_query($s_dby) or die('');
                $is_syn['babab'] = mysql_num_rows($q_dby) > 0 ? 1 : 0;
                mysql_free_result($q_dby);
            }
            if ($config['is_flickr'] > 0 && ($config['is_uflickr'] > 0 || $config['flickr_key'] != '')) {
                $a_synl[] = array('flickr', 'Flickr');
                $s_dby = sprintf('select s_id from %s where aid=%s and name=%s limit 1', $dbprefix . 'm_sync', $ar['id'], SQLString('flickr', 'text'));
                $q_dby = mysql_query($s_dby) or die('');
                $r_dby = mysql_fetch_assoc($q_dby);
                $is_syn['flickr'] = mysql_num_rows($q_dby) > 0 ? 1 : 0;
                if ($is_syn['flickr'] > 0) {
                    $content .= '<input type="hidden" id="flickr_key" value="' . $config['flickr_key'] . '"/><input type="hidden" id="flickr_id" value="' . $r_dby['s_id'] . '"/>';
                }
                mysql_free_result($q_dby);
            }
            if (isset($a_synl)) {
                foreach ($a_synl as $v) {
                    $js_c .= '
	$("#getimg_' . $v[0] . '").click(function(){';
                    foreach ($a_synl as $vv) {
                        $js_c .= '
		$("#' . $vv[0] . '_sdiv").' . ($vv[0] == $v[0] ? 'show' : 'hide') . '();';

Example #26

0

Show file

File: setting.php Project: lyhiving/mini_class

         $thum = $_POST['thum'] != 1 ? 0 : 1;
         $maxsize = intval($_POST['maxsize']) > 0 ? intval($_POST['maxsize']) : 0;
         $filetype = htmlspecialchars(trim($_POST['filetype']), ENT_QUOTES);
         if ($_POST['avator_r'] > 0) {
             $avator = intval($_POST['avator_i']) > 1 ? intval($_POST['avator_i']) : 2;
         } else {
             $avator = 0;
         }
         $slink = $_POST['slink'] != 1 ? 0 : 1;
         $veri = $_POST['veri'] != 1 ? 0 : 1;
         $icp = htmlspecialchars(trim($_POST['icp']), ENT_QUOTES);
         $pagesize = intval($_POST['pagesize']) > 0 ? intval($_POST['pagesize']) : 20;
         $gid = isset($_POST['group']) && count($_POST['group']) ? join('|', $_POST['group']) : '';
         $timefix = intval($_POST['timefix']);
         $ip = trim($_POST['ip']);
         $u_db = sprintf('update %s set title=%s, school=%s, classname=%s, open=%s, openreg=%s, invreg=%s, email=%s, smtp_server=%s, smtp_port=%s, smtp_email=%s, smtp_isa=%s, smtp_user=%s, smtp_pwd=%s, upload=%s, thum=%s, maxsize=%s, filetype=%s, avator=%s, slink=%s, veri=%s, icp=%s, pagesize=%s, gid=%s, timefix=\'%s\', ip=%s', $dbprefix . 'main', SQLString($title, 'text'), SQLString($school, 'text'), SQLString($classname, 'text'), $open, $openreg, $invreg, SQLString($email, 'int'), SQLString($smtp_server, 'text'), SQLString($smtp_port, 'text'), SQLString($smtp_email, 'text'), $smtp_isa, SQLString($smtp_user, 'text'), SQLString($smtp_pwd, 'text'), $upload, $thum, $maxsize, SQLString($filetype, 'text'), $avator, $slink, $veri, SQLString($icp, 'text'), $pagesize, SQLString($gid, 'text'), $timefix, SQLString($ip, 'text'));
         $result = mysql_query($u_db) or die('');
         $e = 1;
     }
     header('Location:./?m=setting' . (isset($e) ? '&e=1' : ''));
     exit;
 } else {
     $a_msg = array(1 => '设置已修改。');
     $content .= (isset($_GET['e']) && isset($a_msg[$_GET['e']]) ? '<div class="msg_v">' . $a_msg[$_GET['e']] . '</div>' : '') . '<div class="title">班级设置</div><div class="lcontent"><form method="post" action="" class="btform" id="stform"><table><tr><td>标题：</td><td><input name="title" size="32" value="' . $config['title'] . '" class="bt_input" rel="标题" /></td></tr><tr><td>学校：</td><td><input name="school" size="32" value="' . $config['school'] . '" /></td></tr><tr><td>班级：</td><td><input name="classname" size="32" value="' . $config['classname'] . '" /></td></tr><tr><td>开放访问：</td><td><input name="open" type="radio" value="0"' . ($config['open'] == 0 ? ' checked="checked"' : '') . ' />是 <input name="open" type="radio" value="1"' . ($config['open'] == 1 ? ' checked="checked"' : '') . ' />否</td></tr><tr><td>开放注册：</td><td><input name="openreg" type="radio" value="0"' . ($config['openreg'] == 0 ? ' checked="checked"' : '') . ' />是 <input name="openreg" type="radio" value="1"' . ($config['openreg'] == 1 ? ' checked="checked"' : '') . ' />否</td></tr><tr><td>邀请注册：</td><td><input name="invreg" type="radio" value="0"' . ($config['invreg'] == 0 ? ' checked="checked"' : '') . ' />是 <input name="invreg" type="radio" value="1"' . ($config['invreg'] == 1 ? ' checked="checked"' : '') . ' />否</td></tr>';
     if (isset($g_a) && count($g_a) > 0) {
         if ($config['gid'] != '') {
             $g_c = explode('|', $config['gid']);
         }
         $content .= '<tr><td>用户组：</td><td>';
         foreach ($g_a as $k => $v) {
             $content .= '<input type="checkbox" name="group[]" value="' . $k . '"' . (isset($g_c) && in_array($k, $g_c) || $k == 0 ? ' checked="checked"' : '') . ($k == 0 ? ' disabled="disabled"' : '') . '/>' . $v . ' ';

Example #27

0

Show file

File: p_password.php Project: lyhiving/mini_class

<?php

/**
 * 迷你同学录 (http://mini_class.piscdong.com/)
 * (c)PiscDong studio (http://www.piscdong.com/)
 *
 * 程序完全免费，请保留这段代码。
 * 请勿出售本程序或其修改版，请勿利用本程序或其修改版进行任何商业活动。
 */
if ($c_log && isset($r_dbu)) {
    $title .= '修改密码';
    if ($_SERVER['REQUEST_METHOD'] == 'POST') {
        if (isset($_POST['password']) && $_POST['password'] != '') {
            if (enc_p($_POST['password0']) == $r_dbu['password']) {
                $u_db = sprintf('update %s set password=%s where id=%s', $dbprefix . 'member', SQLString(enc_p($_POST['password']), 'text'), $r_dbu['id']);
                $result = mysql_query($u_db) or die('');
                $e = 1;
            } else {
                $e = 2;
            }
        }
        header('Location:./?m=profile&t=password' . (isset($e) ? '&e=' . $e : ''));
        exit;
    } else {
        $a_msg = array(1 => '密码已修改。', '当前密码错误！');
        $content .= (isset($_GET['e']) && isset($a_msg[$_GET['e']]) ? '<div class="msg_v">' . $a_msg[$_GET['e']] . '</div>' : '') . '<div class="title">修改密码</div><div class="lcontent"><form method="post" action="" class="btform_p" id="seform"><table><tr><td>当前密码：</td><td><input type="password" name="password0" size="32" class="bt_input" rel="当前密码" /></td></tr><tr><td>新密码：</td><td><input type="password" name="password" id="formpw" size="32" class="bt_input" rel="新密码" /></td></tr><tr><td>确认：</td><td><input type="password" name="password1" id="formpw1" size="32" /></td></tr><tr><td colspan="2"><input type="submit" value="修改" class="button" /></td></tr></table></form></div>';
    }
}

Example #28

0

Show file

File: lostpw.php Project: lyhiving/mini_class

     $s_dbu = sprintf('select id from %s where id=%s limit 1', $dbprefix . 'member', SQLString($_POST['id'], 'int'));
     $q_dbu = mysql_query($s_dbu) or die('');
     $r_dbu = mysql_fetch_assoc($q_dbu);
     if (mysql_num_rows($q_dbu) > 0 && $r_dbu['answer'] == $answer) {
         $u_db = sprintf('update %s set password=%s where id=%s', $dbprefix . 'member', SQLString($password, 'text'), $r_dbu['id']);
         $result = mysql_query($u_db) or die('');
         $e = 1;
     } else {
         $e = 2;
     }
     mysql_free_result($q_dbu);
     header('Location:./?m=lostpwd&e=' . $e);
     exit;
 } elseif (isset($_POST['username']) && trim($_POST['username']) != '') {
     $username = trim($_POST['username']);
     $s_dbu = sprintf('select id, question, answer from %s where username=%s limit 1', $dbprefix . 'member', SQLString($username, 'text'));
     $q_dbu = mysql_query($s_dbu) or die('');
     $r_dbu = mysql_fetch_assoc($q_dbu);
     if (mysql_num_rows($q_dbu) > 0) {
         if ($r_dbu['answer'] != '') {
             $content .= '2步</div><div class="lcontent"><form method="post" action="" class="btform_p" id="lwform"><table><tr><td>安全问题：</td><td>' . $r_dbu['question'] . '</td></tr><tr><td>答案：</td><td><input name="answer" size="32" maxlength="20" class="bt_input" rel="答案" /></td></tr><tr><td>新密码：</td><td><input name="password" id="formpw" size="32" maxlength="20" type="password" class="bt_input" rel="新密码" /></td></tr><tr><td>确认：</td><td><input name="password1" id="formpw1" size="32" maxlength="20" type="password" /><input type="hidden" name="id" value="' . $r_dbu['id'] . '"/></td></tr>';
         } else {
             header('Location:./?m=lostpw&e=3');
             exit;
         }
     } else {
         header('Location:./?m=lostpw&e=4');
         exit;
     }
     mysql_free_result($q_dbu);
 } else {

Example #29

0

Show file

File: instagram_callback.php Project: lyhiving/mini_class

    if (isset($_GET['code']) && trim($_GET['code']) != '') {
        require_once 'lib/instagram.php';
        $io = new instagramPHP($config['instagram_key'], $config['instagram_se']);
        $result = $io->access_token($config['site_url'] . 'instagram_callback.php', $_GET['code']);
    }
    if (isset($result['access_token']) && $result['access_token'] != '') {
        $s_t = $result['access_token'];
        $s_id = $ia['user']['id'];
        if ($c_log) {
            $ar = getainfo($_SESSION[$config['u_hash']], 'id, name');
            $d_db = sprintf('delete from %s where s_id=%s and aid<>%s and name=%s', $dbprefix . 'm_sync', SQLString($s_id, 'text'), $ar['id'], SQLString('instagram', 'text'));
            $result = mysql_query($d_db) or die('');
            $s_dby = sprintf('select id from %s where aid=%s and name=%s limit 1', $dbprefix . 'm_sync', $ar['id'], SQLString('instagram', 'text'));
            $q_dby = mysql_query($s_dby) or die('');
            $r_dby = mysql_fetch_assoc($q_dby);
            if (mysql_num_rows($q_dby) > 0) {
                $u_db = sprintf('update %s set s_id=%s, s_t=%s where id=%s', $dbprefix . 'm_sync', SQLString($s_id, 'text'), SQLString($s_t, 'text'), $r_dby['id']);
                $result = mysql_query($u_db) or die('');
            } else {
                $i_db = sprintf('insert into %s (aid, name, s_id, s_t) values (%s, %s, %s, %s)', $dbprefix . 'm_sync', $ar['id'], SQLString('instagram', 'text'), SQLString($s_id, 'text'), SQLString($s_t, 'text'));
                $result = mysql_query($i_db) or die('');
            }
            mysql_free_result($q_dby);
            setsinfo($ar['name'] . ' 绑定了Instagram', $ar['id']);
        } else {
            $_SESSION['instagram_login_u_id'] = $s_id;
            $_SESSION['instagram_login_u_t'] = $s_t;
        }
    }
}
header('Location:' . $u);

Example #30

0

Show file

File: s_sync.php Project: lyhiving/mini_class

        $is_douban = !isset($_POST['is_douban']) || $_POST['is_douban'] == 0 ? 0 : 1;
        $douban_key = htmlspecialchars($_POST['douban_key'], ENT_QUOTES);
        $douban_se = htmlspecialchars($_POST['douban_se'], ENT_QUOTES);
        $is_baidu = !isset($_POST['is_baidu']) || $_POST['is_baidu'] == 0 ? 0 : 1;
        $baidu_key = htmlspecialchars($_POST['baidu_key'], ENT_QUOTES);
        $baidu_se = htmlspecialchars($_POST['baidu_se'], ENT_QUOTES);
        $is_instagram = !isset($_POST['is_instagram']) || $_POST['is_instagram'] == 0 ? 0 : 1;
        $instagram_key = htmlspecialchars($_POST['instagram_key'], ENT_QUOTES);
        $instagram_se = htmlspecialchars($_POST['instagram_se'], ENT_QUOTES);
        $is_google = !isset($_POST['is_google']) || $_POST['is_google'] == 0 ? 0 : 1;
        $google_key = htmlspecialchars($_POST['google_key'], ENT_QUOTES);
        $google_se = htmlspecialchars($_POST['google_se'], ENT_QUOTES);
        $is_live = !isset($_POST['is_live']) || $_POST['is_live'] == 0 ? 0 : 1;
        $live_key = htmlspecialchars($_POST['live_key'], ENT_QUOTES);
        $live_se = htmlspecialchars($_POST['live_se'], ENT_QUOTES);
        $u_db = sprintf('update %s set is_qq=%s, qq_app_id=%s, qq_app_key=%s, is_tw=%s, tw_key=%s, tw_se=%s, is_fb=%s, fb_se=%s, fb_app_id=%s, is_flickr=%s, is_uflickr=%s, flickr_key=%s, is_sina=%s, sina_key=%s, sina_se=%s, is_tqq=%s, is_utqq=%s, tqq_key=%s, tqq_se=%s, is_t163=%s, t163_key=%s, t163_se=%s, is_tsohu=%s, is_utsohu=%s, tsohu_key=%s, tsohu_se=%s, is_babab=%s, is_ubabab=%s, babab_key=%s, is_kx001=%s, kx001_key=%s, kx001_se=%s, is_renren=%s, renren_key=%s, renren_se=%s, is_douban=%s, douban_key=%s, douban_se=%s, is_baidu=%s, baidu_key=%s, baidu_se=%s, is_instagram=%s, instagram_key=%s, instagram_se=%s, is_google=%s, google_key=%s, google_se=%s, is_live=%s, live_key=%s, live_se=%s', $dbprefix . 'main', $is_qq, SQLString($qq_app_id, 'text'), SQLString($qq_app_key, 'text'), $is_tw, SQLString($tw_key, 'text'), SQLString($tw_se, 'text'), $is_fb, SQLString($fb_se, 'text'), SQLString($fb_app_id, 'text'), $is_flickr, $is_uflickr, SQLString($flickr_key, 'text'), $is_sina, SQLString($sina_key, 'text'), SQLString($sina_se, 'text'), $is_tqq, $is_utqq, SQLString($tqq_key, 'text'), SQLString($tqq_se, 'text'), $is_t163, SQLString($t163_key, 'text'), SQLString($t163_se, 'text'), $is_tsohu, $is_utsohu, SQLString($tsohu_key, 'text'), SQLString($tsohu_se, 'text'), $is_babab, $is_ubabab, SQLString($babab_key, 'text'), $is_kx001, SQLString($kx001_key, 'text'), SQLString($kx001_se, 'text'), $is_renren, SQLString($renren_key, 'text'), SQLString($renren_se, 'text'), $is_douban, SQLString($douban_key, 'text'), SQLString($douban_se, 'text'), $is_baidu, SQLString($baidu_key, 'text'), SQLString($baidu_se, 'text'), $is_instagram, SQLString($instagram_key, 'text'), SQLString($instagram_se, 'text'), $is_google, SQLString($google_key, 'text'), SQLString($google_se, 'text'), $is_live, SQLString($live_key, 'text'), SQLString($live_se, 'text'));
        $result = mysql_query($u_db) or die('');
        $e = 1;
        header('Location:./?m=setting&t=sync' . (isset($e) ? '&e=1' : ''));
        exit;
    } else {
        $phpv = phpversion();
        $is_curl = function_exists('curl_init') ? 1 : 0;
        $is_json = function_exists('json_decode') ? 1 : 0;
        $a_msg = array(1 => '设置已修改。');
        $content .= (isset($_GET['e']) && isset($a_msg[$_GET['e']]) ? '<div class="msg_v">' . $a_msg[$_GET['e']] . '</div>' : '') . '<div class="title">绑定设置</div><div class="lcontent"><form method="post" action="">';
        $content .= '<div class="sync_list" style="font-weight: bold;background-image: url(images/i-qq.gif);">绑定QQ</div>
<div class="formline">
	<span name="hs_cbt" data-id="qq_h|qq_s" class="mlink f_link">功能说明</span> <span name="hs_cbt" data-id="qq_s|qq_h" class="mlink f_link">环境要求</span>
</div>
<div class="formline" id="qq_s" style="display: none;">

PHP SQLString Examples