function setSettings($name, $value = "", $scope = "system")
{
if (is_file($value)) {
$value = json_decode(file_get_contents($value), true);
}
if (strlen($name) <= 0 || !isset($_SESSION['SESS_USER_ID'])) {
return $value;
}
$sql = _db(true)->_selectQ(_dbTable("settings", true), "name,settings")->_where(array("guid" => $_SESSION['SESS_GUID'], "userid" => $_SESSION['SESS_USER_ID'], "site" => SITENAME, "scope" => $scope, "name" => $name));
$res = _dbQuery($sql, true);
if ($res) {
$data = _dbData($res, true);
_dbFree($res, true);
if (isset($data[0])) {
$data = array("settings" => $value);
$q = _db(true)->_updateQ(_dbTable("settings", true), $data, array("guid" => $_SESSION['SESS_GUID'], "userid" => $_SESSION['SESS_USER_ID'], "site" => SITENAME, "scope" => strtolower($scope), "name" => $name));
_dbQuery($q, true);
return $value;
}
}
if (registerSettings($name, $value, $scope)) {
return $value;
}
return false;
}
/**
* function getCategory returns the category of given $type
* @param $type |string
* @return array of guide
**/
function getCategory()
{
$cols = " DISTINCT(" . getConfig("CATEGORY_GUIDES") . ") as category ";
$whr = "blocked='false' ";
$whr .= getAPIListWhere("api");
$sql = _db()->_selectQ('guides_tbl', $cols, $whr);
$res = _dbQuery($sql);
$data = _dbData($res);
$categoryArray = array();
$i = 0;
foreach ($data as $d) {
$categoryArray[$i] = $d['category'];
$i++;
}
return $categoryArray;
}
function printContent($refID, $category = "", $silent = false, $autoCreate = false)
{
$sql = "SELECT title,category,text,blocked FROM " . _dbtable("contents") . " WHERE (ID='{$refID}' OR reflink='{$refID}')";
if (strlen($category) > 0) {
$sql .= " AND category='{$category}'";
}
$sql .= " AND (site='*' OR site='" . SITENAME . "')";
$rs = _dbQuery($sql);
$data = _dbData($rs);
_dbFree($rs);
$text = "";
if (count($data) > 0) {
if ($data[0]['blocked'] == "false") {
$text = $data[0]['text'];
} else {
if (!$silent) {
echo "<div class=divError>";
dispErrMessage("Page Content Currently Not Available For <i class='text2'>{$refID}</i><br/><br/>Visit Us Again ...", "Not Available!", "400", "notfound/file.png");
echo "</div>";
}
}
if (strlen($text) > 0) {
echo $text;
return $data[0]['title'];
} else {
if (!$silent) {
echo "<div class=divError>";
dispErrMessage("Page Content Not Found For <i class='text2'>{$refID}</i>", "Content Not Found OR Missing !", "404", "notfound/file.png");
echo "</div>";
}
return false;
}
} elseif ($autoCreate) {
$date = date("Y-m-d");
$cols = "id,reflink,title,category,text,blocked,site,userid,doc,doe";
$vals = "0,'{$refID}','" . toTitle($refID) . "','{$category}','','false','" . SITENAME . "','auto','{$date}','{$date}'";
$sql = "INSERT INTO " . _dbtable("contents") . " ({$cols}) VALUES ({$vals})";
_dbQuery($sql);
return true;
}
return false;
}
function setSettings($name, $value = "", $scope = "default")
{
if (strlen($name) <= 0 || !isset($_SESSION['SESS_USER_ID'])) {
return $defaultValue;
}
$sql = _db(true)->_selectQ(_dbTable("settings", true), "name,settings")->_where(array("userid" => $_SESSION['SESS_USER_ID'], "site" => SITENAME, "scope" => $scope, "name" => $name));
$res = _dbQuery($sql, true);
if ($res) {
$data = _dbData($res, true);
_dbFree($res, true);
if (isset($data[0])) {
$data = array("settings" => $value);
$q = _db(true)->_updateQ(_dbtable("settings", true), $data, array("userid" => $_SESSION['SESS_USER_ID'], "site" => SITENAME, "scope" => $scope, "name" => $name));
_dbQuery($q, true);
return $value;
}
}
if (registerSettings($name, $value, $scope)) {
return $value;
}
return false;
}
function changePWD()
{
$userid = $_SESSION["SESS_USER_ID"];
$tbl = _dbtable("users", true);
$sql1 = "SELECT pwd FROM {$tbl} WHERE userid='{$userid}'";
$r = _dbQuery($sql1, true);
$ra = _dbData($r);
if (!isset($ra[0])) {
$q = array("code" => "1", "msg" => "Error In Changing Password (1).");
echo json_encode($q);
exit;
}
$ra = $ra[0];
$_POST["old"] = getPWDHash($_POST["old"]);
$_POST["new"] = getPWDHash($_POST["new"]);
//printArray($ra);
//printArray($_POST);
//exit();
if ($ra["pwd"] != $_POST["old"]) {
$q = array("code" => "0", "msg" => "Old Password Doesn't Match. Please Use Correct Credentials. (2)");
echo json_encode($q);
exit;
}
$oldPwd = $_POST["old"];
$newPwd = $_POST["new"];
$date = date("Y-m-d");
$q = "UPDATE {$tbl} SET pwd = '{$newPwd}', doe = '{$date}' WHERE userid='{$userid}' and pwd='{$oldPwd}'";
_dbQuery($q, true);
if (_db(true)->affected_rows() <= 0) {
$q = array("code" => "0", "msg" => "Old Password Doesn't Match. Please Use Correct Credentials.(3)");
echo json_encode($q);
} else {
$q = array("code" => "1", "msg" => "Successfully Updated Your New Password");
echo json_encode($q);
}
}
function updateUser($attrs = array(), $userID = null, $site = SITENAME)
{
if (!isset($_SESSION['SESS_PRIVILEGE_ID']) || $_SESSION['SESS_PRIVILEGE_ID'] > ROLE_PRIME) {
$site = SITENAME;
$userID = $_SESSION['SESS_USER_ID'];
}
if ($userID == null && isset($_SESSION['SESS_USER_ID'])) {
$userID = $_SESSION['SESS_USER_ID'];
}
if (checkUserID($userID, $site)) {
$dataUser = $attrs;
$reqParams = explode(",", getConfig("USER_CREATE_REQUIRED_FIELDS"));
foreach ($reqParams as $vx) {
if (isset($dataUser[$vx]) && ($dataUser[$vx] == null || strlen($dataUser[$vx]) <= 0)) {
return array("error" => "Missing Field", "field" => $vx);
}
}
//Check PrivilegeID if required
if (isset($dataUser['privilegeid'])) {
$privilegeID = $dataUser['privilegeid'];
$sql = _db(true)->_selectQ(_dbTable("privileges", true), "count(*) as cnt")->_where(array("id" => $privilegeID))->_raw(" AND (site='" . SITENAME . "' OR site='*')");
$res = _dbQuery($sql, true);
if (!$res) {
return array("error" => "PrivilegeID Query Error");
}
$data = _dbData($res, true);
_dbFree($res, true);
if ($data[0]['cnt'] <= 0) {
return array("error" => "PrivilegeID Not Found This Site {$site}");
}
}
//Check AccessID if required
if (isset($dataUser['accessid'])) {
$accessID = $dataUser['accessid'];
$sql = _db(true)->_selectQ(_dbTable("access", true), "count(*) as cnt")->_where(array("blocked" => 'false', "id" => $accessID))->_raw(" AND (FIND_IN_SET('" . SITENAME . "',sites) OR sites='*')");
$res = _dbQuery($sql, true);
if (!$res) {
return array("error" => "AccessID Query Error");
}
$data = _dbData($res, true);
_dbFree($res, true);
if ($data[0]['cnt'] <= 0) {
return array("error" => "AccessID Not Found For This Site {$site}");
}
}
$sql = _db(true)->_updateQ(_dbtable("users", true), $dataUser, array("userid" => "{$userID}"));
$res = _dbQuery($sql, true);
if ($res) {
return true;
}
return array("error" => "Error In User Updating", "details" => _db(true)->get_error());
}
return array("error" => "UserID Not Found");
}
<?php
if (!defined('ROOT')) {
exit('No direct script access allowed');
}
$sql = "SELECT * FROM " . _dbTable("links") . " WHERE menuid='header' AND (site='" . SITENAME . "' OR site='*') AND blocked='false' AND onmenu='true' AND (device='*')";
$res = _dbQuery($sql);
if ($res) {
$menuData = _dbData($res);
_dbFree($res);
} else {
$menuData = array();
}
?>
<style>
.hea-navbar .dropdown-menu {
margin-left: -150px;
padding-top: 5px;padding-bottom: 5px;
right: 0px;left: auto;
}
.hea-navbar .dropdown-menu li {
display: block !important;
float:none !important;
}
.hea-navbar .dropdown-menu a {
padding-bottom: 0px;
padding-top: 0px;
width: 100%;
line-height: 30px;
}
#header .toggle {display: none;}
function getTags()
{
$cols = " tags";
$whr = "blocked='false'";
$sql = _db()->_selectQ('api_toc', $cols, $whr);
$res = _dbQuery($sql);
$data = _dbData($res);
$tags = array();
foreach ($data as $d) {
$tagarray = explode(',', $d['tags']);
foreach ($tagarray as $tg) {
$tags[] = $tg;
}
$tags = array_unique($tags);
//array_push($tags,$tagarray);
}
return $tags;
}
function deleteAttachments()
{
//printArray($_POST);
$error = array();
if (strlen($_POST['src']) == 0) {
$_POST['src'] = "fs#attachments/";
}
if (isset($_POST['forTable'])) {
$forTable = $_POST['forTable'];
} else {
$forTable = "";
}
if (isset($_POST['forIDCol'])) {
$forIDCol = $_POST['forIDCol'];
} else {
$forIDCol = "id";
}
if (isset($_POST['forIDVal'])) {
$forIDVal = $_POST['forIDVal'];
} else {
$forIDVal = "";
}
if (isset($_POST['name'])) {
$targetCol = $_POST['name'];
} else {
$targetCol = "";
}
if (isset($_POST['path'])) {
$path = $_POST['path'];
} else {
$error["Error:FilePath"] = "FilePath Not Found.";
return $error;
}
if (strpos("#" . $forTable, $GLOBALS["DBCONFIG"]["DB_SYSTEM"]) == 1) {
$sysDb = true;
} else {
$sysDb = false;
}
if (strpos($_POST['src'], "fs#") === 0) {
$storePath = substr($_POST['src'], 3);
$storeType = "fs";
if (strlen($storePath) <= 0) {
$storePath = "attachments/";
}
} elseif (strpos($_POST['src'], "db#") === 0) {
$storePath = substr($_POST['src'], 3);
$storeType = "db";
if (strlen($storePath) <= 0) {
$storePath = _dbtable("files");
}
} else {
$file['src'] = "fs#attachments/";
$storePath = substr($_POST['src'], 3);
$storeType = "fs";
if (strlen($storePath) <= 0) {
$storePath = "attachments/";
}
}
if ($storeType == "fs") {
$targetPath = APPROOT . APPS_USERDATA_FOLDER . "{$path}";
if (file_exists($targetPath)) {
$a = unlink($targetPath);
if (!$a) {
$error["Error:PhysicalDelete"] = "Target File Failed To Delete.";
}
}
} elseif ($storeType == "db") {
if (strpos("#" . $storePath, $GLOBALS["DBCONFIG"]["DB_SYSTEM"]) == 1) {
$sysDb1 = true;
} else {
$sysDb1 = false;
}
$deleteQuery = "DELETE FROM {$storePath} WHERE id={$_POST['path']}";
_dbQuery($deleteQuery, $sysDb1);
$cnt = _db($sysDb1)->affected_rows();
if ($cnt <= 0) {
$sql = "SELECT count(*) as cnt FROM {$storePath} WHERE id='{$_POST['path']}'";
$res = _dbQuery($sql, $sysDb1);
if ($res) {
$des = _dbData($res);
_dbFree($res, $sysDb1);
if (isset($des[0]['cnt']) && $des[0]['cnt'] > 0) {
$error["Error:DataDelete"] = "Source DBTable Failed To Update.";
}
} else {
$error["Error:DataDelete"] = "Source DBTable Error Link.";
}
}
} else {
$error["Error:StorageType"] = "StorageType Not Supported.";
}
if (count($error) > 0) {
if (isset($error["Error:PhysicalDelete"]) || isset($error["Error:DataDelete"])) {
return $error;
}
}
if (strlen($forTable) > 0 && strlen($forIDCol) > 0 && strlen($forIDVal) > 0 && strlen($targetCol) > 0) {
$sqlUpdate = "UPDATE {$forTable} SET {$targetCol}=replace(replace({$targetCol},'{$path}',''),',,',',') WHERE {$forIDCol}='{$forIDVal}'";
//echo $sqlUpdate;
_dbQuery($sqlUpdate, $sysDb);
$cnt = _db($sysDb)->affected_rows();
if ($cnt <= 0) {
$error["Error:UpdateTarget"] = "Target DBTable Failed To Update";
}
}
return $error;
}
function updateUserEnv($userid)
{
clearUserEnv();
$sql = _db()->_selectQ("lgks_users", "userid as 'mailto-userid',name as 'mailto-name',email as 'mailto-email',mobile as 'mailto-mobile'") . " WHERE email='{$userid}'";
$res = _dbQuery($sql, true);
$userInfo = _dbData($res);
_dbFree($res);
if (isset($userInfo[0])) {
foreach ($userInfo[0] as $key => $value) {
$_REQUEST[$key] = $value;
}
}
}
function getNavigationList()
{
$arr = array();
$sql = "SELECT menuid,count(*) as cnt FROM lgks_admin_links WHERE (SITE='" . SITENAME . "' OR SITE='*') GROUP BY menuid";
$result = _dbQuery($sql, true);
if ($result) {
$data = _dbData($result);
foreach ($data as $a) {
if (strlen($a['menuid']) > 0) {
$arr[toTitle($a['menuid']) . " [{$a['cnt']}]"] = $a['menuid'];
}
}
}
return $arr;
}
function checkUserID($userid, $site = SITENAME)
{
if ($userid == "root") {
return true;
}
if (!isset($_SESSION['SESS_PRIVILEGE_ID']) || $_SESSION['SESS_PRIVILEGE_ID'] > 2) {
$site = SITENAME;
}
$sql = _db(true)->_selectQ(_dbTable("users", true), "count(*) as cnt")->_where(array("blocked" => 'false', "userid" => $userid));
$sql1 = _db(true)->_selectQ(_dbTable("access", true), "id")->_where(array("blocked" => 'false'))->_whereRAW(' (FIND_IN_SET("' . SITENAME . '",sites) OR sites="*")');
$sql = $sql->_query("accessid", $sql1);
$res = _dbQuery($sql, true);
if ($res) {
$data = _dbData($res, true);
_dbFree($res, true);
return $data[0]['cnt'] > 0 ? true : false;
}
return false;
}
function checkUnique()
{
$tbl = $_REQUEST["tbl"];
$col = $_REQUEST["col"];
$term = clean($_REQUEST["term"]);
$sql = "SELECT count(*) FROM {$tbl} where {$col}='{$term}'";
$sysDb = false;
if (strpos("#" . $tbl, $GLOBALS["DBCONFIG"]["DB_SYSTEM"]) == 1) {
$sysDb = true;
}
$a = _dbQuery($sql, $sysDb);
if ($a) {
$b = _dbData($a);
if ($b[0]["count(*)"] < 1) {
echo "unique";
} else {
echo "not unique";
}
_db($sysDb)->freeResult($a);
} else {
echo "error";
}
}
