function setSettings($name, $value = "", $scope = "system") { if (is_file($value)) { $value = json_decode(file_get_contents($value), true); } if (strlen($name) <= 0 || !isset($_SESSION['SESS_USER_ID'])) { return $value; } $sql = _db(true)->_selectQ(_dbTable("settings", true), "name,settings")->_where(array("guid" => $_SESSION['SESS_GUID'], "userid" => $_SESSION['SESS_USER_ID'], "site" => SITENAME, "scope" => $scope, "name" => $name)); $res = _dbQuery($sql, true); if ($res) { $data = _dbData($res, true); _dbFree($res, true); if (isset($data[0])) { $data = array("settings" => $value); $q = _db(true)->_updateQ(_dbTable("settings", true), $data, array("guid" => $_SESSION['SESS_GUID'], "userid" => $_SESSION['SESS_USER_ID'], "site" => SITENAME, "scope" => strtolower($scope), "name" => $name)); _dbQuery($q, true); return $value; } } if (registerSettings($name, $value, $scope)) { return $value; } return false; }
/** * function getCategory returns the category of given $type * @param $type |string * @return array of guide **/ function getCategory() { $cols = " DISTINCT(" . getConfig("CATEGORY_GUIDES") . ") as category "; $whr = "blocked='false' "; $whr .= getAPIListWhere("api"); $sql = _db()->_selectQ('guides_tbl', $cols, $whr); $res = _dbQuery($sql); $data = _dbData($res); $categoryArray = array(); $i = 0; foreach ($data as $d) { $categoryArray[$i] = $d['category']; $i++; } return $categoryArray; }
function printContent($refID, $category = "", $silent = false, $autoCreate = false) { $sql = "SELECT title,category,text,blocked FROM " . _dbtable("contents") . " WHERE (ID='{$refID}' OR reflink='{$refID}')"; if (strlen($category) > 0) { $sql .= " AND category='{$category}'"; } $sql .= " AND (site='*' OR site='" . SITENAME . "')"; $rs = _dbQuery($sql); $data = _dbData($rs); _dbFree($rs); $text = ""; if (count($data) > 0) { if ($data[0]['blocked'] == "false") { $text = $data[0]['text']; } else { if (!$silent) { echo "<div class=divError>"; dispErrMessage("Page Content Currently Not Available For <i class='text2'>{$refID}</i><br/><br/>Visit Us Again ...", "Not Available!", "400", "notfound/file.png"); echo "</div>"; } } if (strlen($text) > 0) { echo $text; return $data[0]['title']; } else { if (!$silent) { echo "<div class=divError>"; dispErrMessage("Page Content Not Found For <i class='text2'>{$refID}</i>", "Content Not Found OR Missing !", "404", "notfound/file.png"); echo "</div>"; } return false; } } elseif ($autoCreate) { $date = date("Y-m-d"); $cols = "id,reflink,title,category,text,blocked,site,userid,doc,doe"; $vals = "0,'{$refID}','" . toTitle($refID) . "','{$category}','','false','" . SITENAME . "','auto','{$date}','{$date}'"; $sql = "INSERT INTO " . _dbtable("contents") . " ({$cols}) VALUES ({$vals})"; _dbQuery($sql); return true; } return false; }
function setSettings($name, $value = "", $scope = "default") { if (strlen($name) <= 0 || !isset($_SESSION['SESS_USER_ID'])) { return $defaultValue; } $sql = _db(true)->_selectQ(_dbTable("settings", true), "name,settings")->_where(array("userid" => $_SESSION['SESS_USER_ID'], "site" => SITENAME, "scope" => $scope, "name" => $name)); $res = _dbQuery($sql, true); if ($res) { $data = _dbData($res, true); _dbFree($res, true); if (isset($data[0])) { $data = array("settings" => $value); $q = _db(true)->_updateQ(_dbtable("settings", true), $data, array("userid" => $_SESSION['SESS_USER_ID'], "site" => SITENAME, "scope" => $scope, "name" => $name)); _dbQuery($q, true); return $value; } } if (registerSettings($name, $value, $scope)) { return $value; } return false; }
function changePWD() { $userid = $_SESSION["SESS_USER_ID"]; $tbl = _dbtable("users", true); $sql1 = "SELECT pwd FROM {$tbl} WHERE userid='{$userid}'"; $r = _dbQuery($sql1, true); $ra = _dbData($r); if (!isset($ra[0])) { $q = array("code" => "1", "msg" => "Error In Changing Password (1)."); echo json_encode($q); exit; } $ra = $ra[0]; $_POST["old"] = getPWDHash($_POST["old"]); $_POST["new"] = getPWDHash($_POST["new"]); //printArray($ra); //printArray($_POST); //exit(); if ($ra["pwd"] != $_POST["old"]) { $q = array("code" => "0", "msg" => "Old Password Doesn't Match. Please Use Correct Credentials. (2)"); echo json_encode($q); exit; } $oldPwd = $_POST["old"]; $newPwd = $_POST["new"]; $date = date("Y-m-d"); $q = "UPDATE {$tbl} SET pwd = '{$newPwd}', doe = '{$date}' WHERE userid='{$userid}' and pwd='{$oldPwd}'"; _dbQuery($q, true); if (_db(true)->affected_rows() <= 0) { $q = array("code" => "0", "msg" => "Old Password Doesn't Match. Please Use Correct Credentials.(3)"); echo json_encode($q); } else { $q = array("code" => "1", "msg" => "Successfully Updated Your New Password"); echo json_encode($q); } }
function updateUser($attrs = array(), $userID = null, $site = SITENAME) { if (!isset($_SESSION['SESS_PRIVILEGE_ID']) || $_SESSION['SESS_PRIVILEGE_ID'] > ROLE_PRIME) { $site = SITENAME; $userID = $_SESSION['SESS_USER_ID']; } if ($userID == null && isset($_SESSION['SESS_USER_ID'])) { $userID = $_SESSION['SESS_USER_ID']; } if (checkUserID($userID, $site)) { $dataUser = $attrs; $reqParams = explode(",", getConfig("USER_CREATE_REQUIRED_FIELDS")); foreach ($reqParams as $vx) { if (isset($dataUser[$vx]) && ($dataUser[$vx] == null || strlen($dataUser[$vx]) <= 0)) { return array("error" => "Missing Field", "field" => $vx); } } //Check PrivilegeID if required if (isset($dataUser['privilegeid'])) { $privilegeID = $dataUser['privilegeid']; $sql = _db(true)->_selectQ(_dbTable("privileges", true), "count(*) as cnt")->_where(array("id" => $privilegeID))->_raw(" AND (site='" . SITENAME . "' OR site='*')"); $res = _dbQuery($sql, true); if (!$res) { return array("error" => "PrivilegeID Query Error"); } $data = _dbData($res, true); _dbFree($res, true); if ($data[0]['cnt'] <= 0) { return array("error" => "PrivilegeID Not Found This Site {$site}"); } } //Check AccessID if required if (isset($dataUser['accessid'])) { $accessID = $dataUser['accessid']; $sql = _db(true)->_selectQ(_dbTable("access", true), "count(*) as cnt")->_where(array("blocked" => 'false', "id" => $accessID))->_raw(" AND (FIND_IN_SET('" . SITENAME . "',sites) OR sites='*')"); $res = _dbQuery($sql, true); if (!$res) { return array("error" => "AccessID Query Error"); } $data = _dbData($res, true); _dbFree($res, true); if ($data[0]['cnt'] <= 0) { return array("error" => "AccessID Not Found For This Site {$site}"); } } $sql = _db(true)->_updateQ(_dbtable("users", true), $dataUser, array("userid" => "{$userID}")); $res = _dbQuery($sql, true); if ($res) { return true; } return array("error" => "Error In User Updating", "details" => _db(true)->get_error()); } return array("error" => "UserID Not Found"); }
<?php if (!defined('ROOT')) { exit('No direct script access allowed'); } $sql = "SELECT * FROM " . _dbTable("links") . " WHERE menuid='header' AND (site='" . SITENAME . "' OR site='*') AND blocked='false' AND onmenu='true' AND (device='*')"; $res = _dbQuery($sql); if ($res) { $menuData = _dbData($res); _dbFree($res); } else { $menuData = array(); } ?> <style> .hea-navbar .dropdown-menu { margin-left: -150px; padding-top: 5px;padding-bottom: 5px; right: 0px;left: auto; } .hea-navbar .dropdown-menu li { display: block !important; float:none !important; } .hea-navbar .dropdown-menu a { padding-bottom: 0px; padding-top: 0px; width: 100%; line-height: 30px; } #header .toggle {display: none;}
function getTags() { $cols = " tags"; $whr = "blocked='false'"; $sql = _db()->_selectQ('api_toc', $cols, $whr); $res = _dbQuery($sql); $data = _dbData($res); $tags = array(); foreach ($data as $d) { $tagarray = explode(',', $d['tags']); foreach ($tagarray as $tg) { $tags[] = $tg; } $tags = array_unique($tags); //array_push($tags,$tagarray); } return $tags; }
function deleteAttachments() { //printArray($_POST); $error = array(); if (strlen($_POST['src']) == 0) { $_POST['src'] = "fs#attachments/"; } if (isset($_POST['forTable'])) { $forTable = $_POST['forTable']; } else { $forTable = ""; } if (isset($_POST['forIDCol'])) { $forIDCol = $_POST['forIDCol']; } else { $forIDCol = "id"; } if (isset($_POST['forIDVal'])) { $forIDVal = $_POST['forIDVal']; } else { $forIDVal = ""; } if (isset($_POST['name'])) { $targetCol = $_POST['name']; } else { $targetCol = ""; } if (isset($_POST['path'])) { $path = $_POST['path']; } else { $error["Error:FilePath"] = "FilePath Not Found."; return $error; } if (strpos("#" . $forTable, $GLOBALS["DBCONFIG"]["DB_SYSTEM"]) == 1) { $sysDb = true; } else { $sysDb = false; } if (strpos($_POST['src'], "fs#") === 0) { $storePath = substr($_POST['src'], 3); $storeType = "fs"; if (strlen($storePath) <= 0) { $storePath = "attachments/"; } } elseif (strpos($_POST['src'], "db#") === 0) { $storePath = substr($_POST['src'], 3); $storeType = "db"; if (strlen($storePath) <= 0) { $storePath = _dbtable("files"); } } else { $file['src'] = "fs#attachments/"; $storePath = substr($_POST['src'], 3); $storeType = "fs"; if (strlen($storePath) <= 0) { $storePath = "attachments/"; } } if ($storeType == "fs") { $targetPath = APPROOT . APPS_USERDATA_FOLDER . "{$path}"; if (file_exists($targetPath)) { $a = unlink($targetPath); if (!$a) { $error["Error:PhysicalDelete"] = "Target File Failed To Delete."; } } } elseif ($storeType == "db") { if (strpos("#" . $storePath, $GLOBALS["DBCONFIG"]["DB_SYSTEM"]) == 1) { $sysDb1 = true; } else { $sysDb1 = false; } $deleteQuery = "DELETE FROM {$storePath} WHERE id={$_POST['path']}"; _dbQuery($deleteQuery, $sysDb1); $cnt = _db($sysDb1)->affected_rows(); if ($cnt <= 0) { $sql = "SELECT count(*) as cnt FROM {$storePath} WHERE id='{$_POST['path']}'"; $res = _dbQuery($sql, $sysDb1); if ($res) { $des = _dbData($res); _dbFree($res, $sysDb1); if (isset($des[0]['cnt']) && $des[0]['cnt'] > 0) { $error["Error:DataDelete"] = "Source DBTable Failed To Update."; } } else { $error["Error:DataDelete"] = "Source DBTable Error Link."; } } } else { $error["Error:StorageType"] = "StorageType Not Supported."; } if (count($error) > 0) { if (isset($error["Error:PhysicalDelete"]) || isset($error["Error:DataDelete"])) { return $error; } } if (strlen($forTable) > 0 && strlen($forIDCol) > 0 && strlen($forIDVal) > 0 && strlen($targetCol) > 0) { $sqlUpdate = "UPDATE {$forTable} SET {$targetCol}=replace(replace({$targetCol},'{$path}',''),',,',',') WHERE {$forIDCol}='{$forIDVal}'"; //echo $sqlUpdate; _dbQuery($sqlUpdate, $sysDb); $cnt = _db($sysDb)->affected_rows(); if ($cnt <= 0) { $error["Error:UpdateTarget"] = "Target DBTable Failed To Update"; } } return $error; }
function updateUserEnv($userid) { clearUserEnv(); $sql = _db()->_selectQ("lgks_users", "userid as 'mailto-userid',name as 'mailto-name',email as 'mailto-email',mobile as 'mailto-mobile'") . " WHERE email='{$userid}'"; $res = _dbQuery($sql, true); $userInfo = _dbData($res); _dbFree($res); if (isset($userInfo[0])) { foreach ($userInfo[0] as $key => $value) { $_REQUEST[$key] = $value; } } }
function getNavigationList() { $arr = array(); $sql = "SELECT menuid,count(*) as cnt FROM lgks_admin_links WHERE (SITE='" . SITENAME . "' OR SITE='*') GROUP BY menuid"; $result = _dbQuery($sql, true); if ($result) { $data = _dbData($result); foreach ($data as $a) { if (strlen($a['menuid']) > 0) { $arr[toTitle($a['menuid']) . " [{$a['cnt']}]"] = $a['menuid']; } } } return $arr; }
function checkUserID($userid, $site = SITENAME) { if ($userid == "root") { return true; } if (!isset($_SESSION['SESS_PRIVILEGE_ID']) || $_SESSION['SESS_PRIVILEGE_ID'] > 2) { $site = SITENAME; } $sql = _db(true)->_selectQ(_dbTable("users", true), "count(*) as cnt")->_where(array("blocked" => 'false', "userid" => $userid)); $sql1 = _db(true)->_selectQ(_dbTable("access", true), "id")->_where(array("blocked" => 'false'))->_whereRAW(' (FIND_IN_SET("' . SITENAME . '",sites) OR sites="*")'); $sql = $sql->_query("accessid", $sql1); $res = _dbQuery($sql, true); if ($res) { $data = _dbData($res, true); _dbFree($res, true); return $data[0]['cnt'] > 0 ? true : false; } return false; }
function checkUnique() { $tbl = $_REQUEST["tbl"]; $col = $_REQUEST["col"]; $term = clean($_REQUEST["term"]); $sql = "SELECT count(*) FROM {$tbl} where {$col}='{$term}'"; $sysDb = false; if (strpos("#" . $tbl, $GLOBALS["DBCONFIG"]["DB_SYSTEM"]) == 1) { $sysDb = true; } $a = _dbQuery($sql, $sysDb); if ($a) { $b = _dbData($a); if ($b[0]["count(*)"] < 1) { echo "unique"; } else { echo "not unique"; } _db($sysDb)->freeResult($a); } else { echo "error"; } }