Example #1
0
function searchPhantom($query, $without = '', $pj = false, $pere = 0, $limit = 0, $orderby = "gabarit_id,pere", $where = '', $etat_id = 0, $version_id = 0, $langue_id = 0)
{
    $langue_id = $langue_id == 0 && $_GET["la_langue"] == "" ? __defaultlangueid__ : ($langue_id != "" ? $langue_id : $_GET["la_langue"]);
    $pere = $pere === 0 ? "" : "and a.pere in (" . $pere . ")";
    $limit = $limit == 0 ? "" : "limit " . $limit;
    $orderby = "order by " . $orderby;
    $etat_id = $etat_id == 0 ? $_GET["etat_id"] : $etat_id;
    $version_id = $version_id == 0 ? $_GET["version_id"] : $version_id;
    $query = $without != '' ? $query . " -" . $without : $query;
    $wherepj = "";
    if ($pj) {
        $wherepj = "or c1.content_id in(select content_id from " . __racinebd__ . "fichiers where \r\n    MATCH(titre,abstract,contenu) against('" . addquote($query) . "' IN BOOLEAN MODE) and supprimer=0)";
    }
    $from = "" . __racinebd__ . "content c1 inner join " . __racinebd__ . "contenu c on c1.contenu_id=c.contenu_id  \r\n          inner join " . __racinebd__ . "arbre a on c.arbre_id=a.arbre_id and c.langue_id=" . $langue_id . " \r\n          and a.etat_id in(" . $etat_id . ") and c1.version_id in(" . $version_id . ")\r\n          inner join " . __racinebd__ . "gabarit g on g.gabarit_id=a.gabarit_id and g.search=1 where \r\n          (MATCH(titre1,titre2,contenu,abstract) against('" . addquote($query) . "' IN BOOLEAN MODE)\r\n          or c1.content_id in(select content_id from " . __racinebd__ . "tag_search ts inner join " . __racinebd__ . "tag_search_content tsc on ts.tag_search_id=tsc.tag_search_id where \r\n          MATCH(ts.libelle) against('" . addquote($query) . "' IN BOOLEAN MODE))\r\n          or c1.content_id in(select content_id from " . __racinebd__ . "tag t inner join " . __racinebd__ . "tag_content tsc on t.tag_id=tsc.tag_id where \r\n          MATCH(t.libelle) against('" . addquote($query) . "' IN BOOLEAN MODE))\r\n          {$wherepj}\r\n          ) and a.supprimer=0";
    $sql = "select c1.*,c.arbre_id,a.pere,a.gabarit_id,g.libelle from " . $from . " " . $pere . " " . $where . " " . $orderby . " " . $limit;
    //print $sql;
    $link = query($sql);
    $tbl_result_final = array();
    while ($tbl_result = fetch($link)) {
        $tbl_result_final[] = $tbl_result;
    }
    return $limit == "limit 1" ? $tbl_result_final[0] : $tbl_result_final;
}
Example #2
0
<?php

require "../../admin/require/function.php";
require "../../conf_front.php";
if ($_POST["mdp"] != "" && $_POST["ident"] != "") {
    //$sql="select * from users where username='******' and active=1 and user_template_id is null";
    /*
    $sql="select u.*,c.compte_id,c.raisonsociale from users u 
    inner join ".__racinebd__."compte c on u.original_application_id=c.application_id and  actif=1 and supprimer=0
    where username='******' and active=1 and user_template_id is null";
    */
    $sql = "select u.*,c.compte_id,c.raisonsociale from " . __racinebd__ . "usergps u\r\n  inner join " . __racinebd__ . "compte c on c.compte_id=u.compte_id\r\n  where c.supprimer=0 and u.supprimer=0\r\n  and username='******'";
    //print $sql;
    $link = query($sql);
    if (num_rows($link) > 0) {
        $tbl = fetch($link);
        if ($tbl["password"] == md5($_POST["mdp"])) {
            //verification si elle peut se connecter aujourd'hui
            $indicedujour = dayOfWeek(time());
            /*
            $sql="select mc.* from ".__racinebd__."jour_usersgps mc
            inner join ".__racinebd__."usergps u on u.usergps_id=mc.usergps_id and user_id=".$tbl["user_id"]." and jour_id=".$indicedujour;
            */
            $sql = "select * from " . __racinebd__ . "jour_usersgps where usergps_id=" . $tbl["usergps_id"] . " and jour_id=" . $indicedujour;
            //print $sql;
            $link2 = query($sql);
            if (num_rows($link2) == 0) {
                print "nok2";
                die;
            }
            //creation des sessions
Example #3
0
    //vérification des droit du compte
    $sql = "update " . __racinebd__ . "categorie_compte set supprimer=1 where categorie_compte_id=" . $_POST["id"] . " and compte_id=" . $_SESSION["compte_id"];
    //print $sql."<br>";
    $link = query($sql);
    $msgsave = "Suppression effectuée";
}
if ($_POST["mode"] == "ajout") {
    //vérification des droit du compte
    $sql = "insert into " . __racinebd__ . "categorie_compte (libelle,compte_id) values('" . addquote($_POST["libelle"]) . "'," . $_SESSION["compte_id"] . ")";
    //print $sql."<br>";
    $link = query($sql);
    $msgsave = "ajout";
}
if ($_POST["id"] != "" && $_POST["mode"] == "modif") {
    //vérification des droit du compte
    $sql = "update " . __racinebd__ . "categorie_compte set libelle ='" . addquote($_POST["libelle"]) . "'  where categorie_compte_id=" . $_POST["id"] . " and compte_id=" . $_SESSION["compte_id"];
    //print $sql."<br>";
    $link = query($sql);
    $msgsave = "modif";
}
$sql = "select * from " . __racinebd__ . "categorie_compte where compte_id=" . $_SESSION["compte_id"] . " and supprimer=0 order by libelle";
//$sql="select tlc.*,count(lc.device_id) as nb from ".__racinebd__."categorie_compte tlc left join ".__racinebd__."device lc on tlc.categorie_compte_id=lc.categorie_id and lc.supprimer=0 where tlc.supprimer=0 and lc.compte_id=".$_SESSION["compte_id"]." group by tlc.categorie_compte_id order by libelle";
$link = query($sql);
while ($tbl = fetch($link)) {
    $sql = "select * from " . __racinebd__ . "categorie_compte_device ccd inner join " . __racinebd__ . "device d on d.device_id=ccd.device_id and supprimer=0 and categorie_compte_id=" . $tbl["categorie_compte_id"];
    $link2 = query($sql);
    $tbl["nb"] = num_rows($link2);
    $tbl_list_categorie[] = $tbl;
    //  $key_list_agence[$tbl["categorie_compte_id"]]=$tbl["libelle"];
}
if ($_POST["id"] != "" && $_POST["mode"] == "") {
Example #4
0
File: tag2.php Project: jcmwc/fleet
     */
     require "../../include/template_list.php";
 } else {
     if ($_POST["save"] == "yes") {
         switch ($_GET["mode"]) {
             case "suppr":
                 $txtmsg = "Le tag a &eacute;t&eacute; supprim&eacute;";
                 $szQuery = "update {$table} set supprimer=1 where " . $tablekey . "='" . $_GET["id"] . "'";
                 break;
             case "ajout":
                 $txtmsg = "Le tag a &eacute;t&eacute; ajout&eacute;";
                 $szQuery = "insert into {$table} (libelle)\r\n          values ('" . addquote($_POST["libelle"]) . "')";
                 break;
             case "modif":
                 $txtmsg = "Le tag a &eacute;t&eacute; modifi&eacute;";
                 $szQuery = "update {$table} set \r\n\t\t\t\t\tlibelle='" . addquote($_POST["libelle"]) . "'\r\n          where {$tablekey}=" . $_GET["id"];
                 //print $szQuery;
                 break;
         }
         require "../../include/template_save.php";
     } else {
         $szQuery = "SELECT * FROM {$table} where {$tablekey}=" . $_GET["id"];
         //$query="select newsletter_etat_id,libelle from newsletter_etat order by libelle";
         //libelle=>nom du champ|type|obligatoire|taille (facultatif)
         //les type sont les suivant
         // txt area html media date file email list(nom var requete) listmutiple(nom var requete)
         $tabcolonne = array("Libelle" => "libelle|txt(255)|yes");
         /*
         		$tabcolonne=array(
         		"Login"=>"login|txt(255)|yes",
         		"Password"=>"mdp|txt(255)|yes",
Example #5
0
    //deplacement du fichier
    //move_uploaded_file($_FILES[ext]["tmp_name"],$_SERVER["DOCUMENT_ROOT"].__uploaddir__."u".$_SESSION['users_id']."/".$_FILES["ext"]["name"]);
    $filename = preg_replace('/[^a-z0-9_\\-\\.]/i', '_', $_FILES["ext"]["name"]);
    //if(move_uploaded_file($_FILES["ext"]["tmp_name"],$_SERVER["DOCUMENT_ROOT"].__uploaddir__."u".$_SESSION['users_id']."/".$filename)===false){
    //sauvegarde en base
    $ext = getext($_FILES["ext"]["name"]);
    $sql = "insert into " . __racinebd__ . "prix (montant,quantite,ref) value('" . addquote($_POST["prix"]) . "','" . addquote($_POST["quantite"]) . "','" . addquote($_POST["ref"]) . "')";
    $link = query($sql);
    $prix_id = insert_id();
    $querystring = "select * from " . __racinebd__ . "attribut where supprimer=0 order by libelle";
    $link = query($querystring);
    while ($tbl = fetch($link)) {
        //print "attr_".$tbl["attribut_id"]."<br>";
        //print $_POST["attr_".$tbl["attribut_id"]];
        if ($_POST["attr_" . $tbl["attribut_id"]] != "" && $_POST["attr_" . $tbl["attribut_id"]] != -1) {
            $sql = "insert into " . __racinebd__ . "valeur_prix (valeur_id,prix_id,attribut_id) value('" . addquote($_POST["attr_" . $tbl["attribut_id"]]) . "','" . $prix_id . "','" . $tbl["attribut_id"] . "')";
            query($sql);
        }
    }
    ?>
  <script>
  content='<table width="100%" style="border-bottom:1px solid black" id="table_prix_<?php 
    echo $prix_id;
    ?>
">';
  content+='<input type="hidden" name="listprix[]" value="<?php 
    echo $prix_id;
    ?>
"/>';
  content+='<input type="hidden" id="prix_<?php 
    echo $prix_id;
Example #6
0
<?php

require "../../require/function.php";
require "../../require/back_include.php";
set_time_limit(3600);
if ($_POST["libelle"] != "") {
    $sql = "select max(ordre) as maxordre from " . __racinebd__ . "devisline where supprimer=0 and devis_id=" . $_GET["id"];
    $link = query($sql);
    $tbl = fetch($link);
    $sql = "insert into " . __racinebd__ . "devisline (devis_id,libelle,montant,ordre) \r\n  value('" . addquote($_GET["id"]) . "','" . addquote($_POST["libelle"]) . "','" . str_replace(",", ".", addquote($_POST["montant"])) . "','" . ($tbl["maxordre"] + 1) . "')";
    $link = query($sql);
    $mmontant_id = insert_id();
    ?>
  <script>
  //rafraichissement de la liste
  //alert(top.listidmontantiframelist.location)
  if(top.listidmontantiframelist.contentWindow)
  top.listidmontantiframelist.contentWindow.location.reload(true);
  else
  top.listidmontantiframelist.location.reload(true);
  </script>
  <?php 
}
?>
<html>
<head>
<META http-equiv="Content-Type" Content="text/html; charset=UTF-8">
<script>
function validateForm(obj){
	if(obj.libelle.value==""){
		alert('Veuillez indiquer un libelle');
Example #7
0
<?php

require "../../require/function.php";
require "../../require/back_include.php";
$_GET["nomobj"] = "listval[]";
set_time_limit(3600);
if ($_POST["save"] == "yes") {
    //creation du repertoire tmp
    //@mkdir ($_SERVER["DOCUMENT_ROOT"].__uploaddir__."u".$_SESSION['users_id'], 0775);
    //deplacement du fichier
    //move_uploaded_file($_FILES[ext]["tmp_name"],$_SERVER["DOCUMENT_ROOT"].__uploaddir__."u".$_SESSION['users_id']."/".$_FILES["ext"]["name"]);
    //$filename2=preg_replace('/[^a-z0-9_\-\.]/i', '_', $_FILES["ext2"]["name"]);
    //if(move_uploaded_file($_FILES["ext"]["tmp_name"],$_SERVER["DOCUMENT_ROOT"].__uploaddir__."u".$_SESSION['users_id']."/".$filename)===false){
    //sauvegarde en base
    $sql = "update " . __racinebd__ . "list_val \r\n  set titre='" . addquote($_POST["titre"]) . "',\r\n  val='" . addquote($_POST["val"]) . "'\r\n  where val_id=" . $_POST["val_id"];
    /*
    ext1,nom_fichier1,titre2,ext2,nom_fichier2,lightbox,contenulightbox) 
    value(,'".$ext1."','".$filename1."','".addquote($_POST["titre_fichier2"])."','".$ext2."','".$filename2."','".$_POST["lightbox"]."','".$_POST["contenu"]."')";
    */
    $link = query($sql);
    //$images_id=insert_id();
    $sql = "select * from " . __racinebd__ . "list_val where val_id=" . $_POST["val_id"];
    $link = query($sql);
    $tbl_info = fetch($link);
    ?>
  <script>
  //parent.
  content='<table width="100%" style="border-bottom:1px solid black" id="table_val_<?php 
    echo $_POST["val_id"];
    ?>
">';
Example #8
0
             }
         }
     }
     if ($_FILES["ext5"]["tmp_name"] != "" && $_POST["ext5_chk"] != 1) {
         $myext5 = savefile("ext5", $table . "5_");
     } else {
         if ($_POST["ext5"] != "" && $_POST["ext5_chk"] != 1) {
             $myext5 = ",ext5='" . $_POST["ext5"] . "'";
         } else {
             if ($_POST["ext5_chk"] == 1) {
                 $myext5 = ",ext5=null";
             }
         }
     }
     //si pas de changement d'etat
     $szQuery = "update {$table} set \r\n    \t\t\t\t\ttitre1='" . addquote($_POST["titre1"]) . "',\r\n    \t\t\t\t\ttitre2='" . addquote($_POST["titre2"]) . "',\r\n    \t\t\t\t\ttitre3='" . addquote($_POST["titre3"]) . "',\r\n    \t\t\t\t\ttitre4='" . addquote($_POST["titre4"]) . "',\r\n    \t\t\t\t\ttitre5='" . addquote($_POST["titre5"]) . "',\r\n    \t\t\t\t\tabstract='" . addquote($_POST["abstract"]) . "',\r\n              abstract2='" . addquote($_POST["abstract2"]) . "',\r\n    \t\t\t\t\tabstract3='" . addquote($_POST["abstract3"]) . "',\r\n    \t\t\t\t\tabstract4='" . addquote($_POST["abstract4"]) . "',\r\n    \t\t\t\t\tabstract5='" . addquote($_POST["abstract5"]) . "',\r\n    \t\t\t\t\tcontenu='" . addquote($_POST["contenu"]) . "',\r\n    \t\t\t\t\tdate_actu='" . datetimebdd($_POST["date_actu"]) . "',\r\n    \t\t\t\t\tdate_fin='" . datetimebdd($_POST["date_fin"]) . "',\r\n    \t\t\t\t\tnote='" . $_POST["note"] . "',\r\n    \t\t\t\t\tversion_id='" . $_POST["version_id"] . "',\r\n    \t\t\t\t\ttwitter='" . $_POST["twitter"] . "',\r\n    \t\t\t\t\ttva_id='" . $_POST["tva_id"] . "',\r\n    \t\t\t\t\tfournisseur_id='" . $_POST["fournisseur_id"] . "',\r\n              note1='" . $_POST["note1"] . "',\r\n              note2='" . $_POST["note2"] . "',\r\n              note3='" . $_POST["note3"] . "',\r\n              note4='" . $_POST["note4"] . "',\r\n              archive='" . $_POST["archive"] . "',\r\n              envoye='" . $_POST["envoye"] . "',\r\n              titleseo='" . addquote($_POST["titleseo"]) . "',\r\n              abstractseo='" . addquote($_POST["abstractseo"]) . "',\r\n              robotseo='" . addquote($_POST["robotseo"]) . "'\r\n    \t\t\t\t\t{$myext}\r\n    \t\t\t\t\t{$myext2}\r\n    \t\t\t\t\t{$myext3}\r\n    \t\t\t\t\t{$myext4}\r\n              {$myext5}\r\n              where content_id=" . $content_id;
     majfichier($content_id);
     majval($content_id);
     updateContent($content_id, $_GET["arbre_id"], $_GET["langue_id"]);
     createdefault("ext", $table, $content_id);
     createdefault("ext2", $table . "2_", $content_id);
     createdefault("ext3", $table . "3_", $content_id);
     createdefault("ext4", $table . "4_", $content_id);
     createdefault("ext5", $table . "5_", $content_id);
 }
 if ($_POST["version_id"] == 1) {
     $sql = "update " . __racinebd__ . "contenu set translate=1 where contenu_id=" . $contenu_id;
     query($sql);
 }
 $sql = "delete from " . __racinebd__ . "tag_content where content_id=" . $content_id;
 query($sql);
Example #9
0
    for ($i = 0; $i < count($_POST["jour"]); $i++) {
        $sql = "insert into " . __racinebd__ . "jour_usersgps (usergps_id,jour_id) values(" . $_POST["id"] . "," . $_POST["jour"][$i] . ")";
        query($sql);
    }
    //sauvegarde des rapports
    $sql = "delete from " . __racinebd__ . "rapport_usersgps where usergps_id=" . $_POST["id"];
    query($sql);
    for ($i = 0; $i < count($_POST["rapport"]); $i++) {
        $sql = "insert into " . __racinebd__ . "rapport_usersgps (usergps_id,rapport_id) values(" . $_POST["id"] . "," . $_POST["rapport"][$i] . ")";
        query($sql);
    }
    $msgsave = "Sauvegarde effectuée";
}
//sauvegarde d'ajout
if ($_POST["id"] == "" && $_POST["mode"] == "ajout") {
    $sql = "insert into " . __racinebd__ . "usergps (tel,name,email,password,username,date_creation,compte_id) \r\n    values('" . addquote($_POST["tel"]) . "','" . addquote($_POST["name"]) . "','" . addquote($_POST["email"]) . "','" . md5($_POST["password"]) . "','" . addquote($_POST["username"]) . "',now(),'" . $_GET["pere"] . "')";
    query($sql);
    $usergpd_id = insert_id();
    //sauvegarde des agences
    for ($i = 0; $i < count($_POST["agence"]); $i++) {
        $sql = "insert into " . __racinebd__ . "agence_compte_usergps (usergps_id,agence_compte_id) values(" . $usergpd_id . "," . $_POST["agence"][$i] . ")";
        query($sql);
    }
    //sauvegarde des vehicules
    for ($i = 0; $i < count($_POST["vehicule"]); $i++) {
        $sql = "insert into " . __racinebd__ . "usergps_device (usergps_id,device_id) values(" . $usergpd_id . "," . $_POST["vehicule"][$i] . ")";
        query($sql);
    }
    //sauvegarde des modules
    for ($i = 0; $i < count($_POST["module"]); $i++) {
        $sql = "insert into " . __racinebd__ . "module_usersgps (usergps_id,module_id) values(" . $usergpd_id . "," . $_POST["module"][$i] . ")";
Example #10
0
require "../../require/back_include.php";
set_time_limit(3600);
if ($_POST["titre"] != "") {
    $sql = "select max(ordre) as maxordre from " . __racinebd__ . "newsletterline where supprimer=0 and newsletter_id=" . $_GET["id"];
    $link = query($sql);
    $tbl = fetch($link);
    if ($_FILES["ext"]["tmp_name"] != "") {
        $myext = "'" . getext($_FILES["ext"]["name"]) . "'";
    } else {
        if ($_POST["ext"] != "") {
            $myext = "'" . $_POST["ext"] . "'";
        } else {
            $myext = "null";
        }
    }
    $sql = "insert into " . __racinebd__ . "newsletterline (newsletter_id,titre,contenu,ordre,ext,lien) \r\n  value('" . addquote($_GET["id"]) . "','" . addquote($_POST["titre"]) . "','" . str_replace(",", ".", addquote($_POST["contenu"])) . "','" . ($tbl["maxordre"] + 1) . "',{$myext},'" . addquote($_POST["lien"]) . "')";
    $link = query($sql);
    $mmontant_id = insert_id();
    if ($_FILES["ext"]["tmp_name"] != "") {
        savefile("ext", __racinebd__ . "newsletterline", $mmontant_id);
    }
    ?>
  <script>
  //rafraichissement de la liste
  //alert(top.listidmontantiframelist.location)
  if(top.listidmontantiframelist.contentWindow)
  top.listidmontantiframelist.contentWindow.location.href=top.listidmontantiframelist.contentWindow.location.href.replace('mode=','');
  else
    top.listidmontantiframelist.location.href=top.listidmontantiframelist.location.href.replace('mode=','');

  </script>
Example #11
0
             $szQuery = "insert into " . __racinebd__ . "device (devices_id,type_device_id,IMEI,serialnumber,vieprivee,modepieton,nomvehicule,telboitier,compte_id,date_creation,unitid) \r\n          values('" . $id . "','" . $_POST["type_device_id"] . "','" . addquote($_POST["IMEI"]) . "','" . addquote($_POST["serialnumber"]) . "','" . addquote($_POST["vieprivee"]) . "','" . addquote($_POST["modepieton"]) . "','" . addquote($_POST["nomvehicule"]) . "','" . addquote($_POST["telboitier"]) . "','" . $_GET["pere"] . "',now(),'" . addquote($_POST["unitid"]) . "')";
             //query($sql);
             //$szQuery="";
             break;
         case "modif":
             $txtmsg = "Le boitiers a &eacute;t&eacute; modifi&eacute;";
             //username='******',
             if ($_POST["type_device_id"] == 1) {
                 //orion on stock le serial
                 $uniqueId = $_POST["unitid"];
             } else {
                 $uniqueId = $_POST["IMEI"];
             }
             $sql = "update devices set uniqueId='" . addquote($uniqueId) . "' where id=" . $_POST["devices_id"];
             query($sql);
             $szQuery = "update {$table} set \r\n\t\t\t\t\tIMEI='" . addquote($_POST["IMEI"]) . "',\r\n\t\t\t\t\tserialnumber='" . addquote($_POST["serialnumber"]) . "',\r\n          unitid='" . addquote($_POST["unitid"]) . "',          \r\n          vieprivee='" . addquote($_POST["vieprivee"]) . "',\r\n          modepieton='" . addquote($_POST["modepieton"]) . "',\r\n          nomvehicule='" . addquote($_POST["nomvehicule"]) . "',\r\n          telboitier='" . addquote($_POST["telboitier"]) . "'                     \r\n          where {$tablekey}=" . $_GET["id"];
             //print $szQuery;
             //modification de la table device
             break;
     }
     require "../../include/template_save.php";
 } else {
     //$szQuery = "SELECT * FROM $table where $tablekey=".$_GET["id"];
     /* 
          $szQuery = "select * from $table t 
                 inner join ".__racinebd__."compte c on c.application_id=t.original_application_id 
                 inner join device d on d.owner_id=t.user_id
                 inner join ".__racinebd__."device pd on pd.owner_id=t.user_id
                 inner join user_template ut on ut.user_template_id=t.user_template_id	 and ut.application_id=c.application_id and template_name='Device'
                 where active=1 and  $tablekey=".$_GET["id"];
     */
Example #12
0
                    while ($tbl_result = fetch($link)) {
                        $sql = "insert into " . __racinebd__ . "contenu (arbre_id,langue_id,nom,translate) values (" . $tbl_result["arbre_id"] . "," . $id . ",'" . $tbl_result["nom"] . "',0)";
                        query($sql);
                    }
                    $szQuery = "";
                    break;
                case "modif":
                    if ($_FILES["ext"]["tmp_name"] != "" && $_POST["ext_chk"] != 1) {
                        $myext = savefile("ext", $table);
                        tbl_img($table, $_GET["id"], getext($_FILES["ext"]["name"]), 16, 10);
                    } else {
                        if ($_POST["ext_chk"] == 1) {
                            $myext = ",ext=null ";
                        }
                    }
                    $txtmsg = "La langue a &eacute;t&eacute; modifi&eacute;e";
                    $szQuery = "update {$table} set \r\n\t\t\t\t\tlibelle='" . addquote($_POST["libelle"]) . "',\r\n\t\t\t\t\tshortlib='" . addquote($_POST["shortlib"]) . "',\r\n\t\t\t\t\tactive='" . addquote($_POST["active"]) . "'\r\n\t\t\t\t\t{$myext}\r\n          where {$tablekey}=" . $_GET["id"];
                    break;
            }
            require "../../include/template_save.php";
        } else {
            $szQuery = "SELECT * FROM {$table} where {$tablekey}=" . $_GET["id"];
            //libelle=>nom du champ|type|obligatoire|taille (facultatif)
            //les type sont les suivant
            // txt area html media date file email list(nom var requete) listmutiple(nom var requete)
            $querylist = "select langue_id,libelle from " . __racinebd__ . "langue";
            $tabcolonne = array("Langue" => "libelle|txt(255)|yes", "Code" => "shortlib|txt(255)|yes", "Icon" => "ext|file(gif,jpg,png)|yes", "Active" => "active|chk");
            require "../../include/template_detail.php";
        }
    }
}
Example #13
0
<?php

require "../../require/function.php";
require "../../require/back_include.php";
$sql = "update " . __racinebd__ . "prix set montant='" . addquote($_POST["montant"]) . "',montantremise='" . addquote($_POST["montantremise"]) . "',quantite='" . addquote($_POST["quantite"]) . "',ref='" . addquote($_POST["ref"]) . "' where prix_id=" . $_POST["indice"];
query($sql);
?>
okmodif
Example #14
0
File: news.php Project: jcmwc/fleet
        $delete = true;
        $search = false;
        $notview = true;
        require "../../include/template_list.php";
    } else {
        if ($_POST["save"] == "yes") {
            switch ($_GET["mode"]) {
                case "suppr":
                    $txtmsg = "La nouveauté a &eacute;t&eacute; supprim&eacute;";
                    $szQuery = "update {$table} set supprimer=1 where " . $tablekey . "='" . $_GET["id"] . "'";
                    break;
                case "ajout":
                    $txtmsg = "La nouveauté a &eacute;t&eacute; ajout&eacute;";
                    $szQuery = "insert into {$table} (texte,date_creation)\r\n          values ('" . addquote($_POST["texte"]) . "','" . datetimebdd($_POST["date_creation"]) . "')";
                    break;
                case "modif":
                    $txtmsg = "La nouveauté a &eacute;t&eacute; modifi&eacute;";
                    $szQuery = "update {$table} set \r\n\t\t\t\t\ttexte='" . addquote($_POST["texte"]) . "',\r\n\t\t\t\t\tdate_creation='" . datetimebdd($_POST["date_creation"]) . "'\r\n          where {$tablekey}=" . $_GET["id"];
                    break;
            }
            require "../../include/template_save.php";
        } else {
            $szQuery = "SELECT * FROM {$table} where {$tablekey}=" . $_GET["id"];
            //libelle=>nom du champ|type|obligatoire|taille (facultatif)
            //les type sont les suivant
            // txt area html media date file email list(nom var requete) listmutiple(nom var requete)
            $tabcolonne = array("Texte" => "texte|area|yes", "Date" => "date_creation|date2|yes");
            require "../../include/template_detail.php";
        }
    }
}
Example #15
0
     $sql = "select * from " . __racinebd__ . "device where supprimer=0 and unitid='" . addquote($tablelem[4]) . "'";
     //print $sql;
     $link2 = query($sql);
     //if(num_rows($link2)==0&&$tablelem[5]!=""){
     if (num_rows($link2) == 0) {
         $compte_id = $tbl["compte_id"];
         $sql = "select max(id) as maxid from devices";
         $link = query($sql);
         $tbl = fetch($link);
         $sql = "insert into devices (name,uniqueId) \r\n      values('Device" . ($tbl["maxid"] + 1) . "','" . addslashes($tablelem[4]) . "')";
         //print $sql."<br>";
         query($sql);
         $id = insert_id();
         $sql = "INSERT INTO users_devices (users_id, devices_id) VALUES ('1', {$id})";
         //query($sql);
         $szQuery = "insert into " . __racinebd__ . "device (devices_id,type_device_id,IMEI,serialnumber,nomvehicule,telboitier,compte_id,date_creation,unitid,immatriculation) \r\n      values('" . $id . "',1,'" . addslashes($tablelem[4]) . "','" . addslashes($tablelem[4]) . "','" . addslashes($tablelem[2]) . "','+" . addslashes($tablelem[5]) . "','" . $compte_id . "',now(),'" . addquote($tablelem[4]) . "','" . addquote($tablelem[3]) . "')";
         //query($sql);
         //print $szQuery."<br>";
         query($szQuery);
         $device_id = insert_id();
         //device phantom_usergps_device
         $sql = "select * from " . __racinebd__ . "usergps where compte_id=" . $compte_id;
         $link_device = query($sql);
         while ($tbl_device = fetch($link_device)) {
             $sql = "insert into " . __racinebd__ . "usergps_device (device_id,usergps_id) values('" . $device_id . "','" . $tbl_device["usergps_id"] . "')";
             //print $sql."<br>";
             query($sql);
         }
     }
 } else {
     print "erreur compte '" . addslashes($tablelem[0]) . "' non trouvé<br>";
Example #16
0
             }
             //device phantom_usergps_device
             $sql = "select * from " . __racinebd__ . "device where compte_id=" . $_GET["pere"];
             $link = query($sql);
             while ($tbl = fetch($link)) {
                 $sql = "insert into " . __racinebd__ . "usergps_device (device_id,usergps_id) values('" . $tbl["device_id"] . "','" . $usergpd_id . "')";
                 query($sql);
             }
             $szQuery = "";
             break;
         case "modif":
             $txtmsg = "L'utilisateurs a &eacute;t&eacute; modifi&eacute;";
             if ($_POST["password2"] != "") {
                 $pwd = ",password='******'";
             }
             $szQuery = "update {$table} set \r\n\t\t\t\t\tusername='******',\r\n\t\t\t\t\tname='" . addquote($_POST["name"]) . "',\r\n          email='" . addquote($_POST["email"]) . "',\r\n          tel='" . addquote($_POST["tel"]) . "'\r\n          {$pwd}\r\n          where {$tablekey}=" . $_GET["id"];
             //print $szQuery;
             break;
     }
     require "../../include/template_save.php";
 } else {
     $szQuery = "SELECT * FROM {$table} where {$tablekey}=" . $_GET["id"];
     //libelle=>nom du champ|type|obligatoire|taille (facultatif)
     //les type sont les suivant
     // txt area html media date file email list(nom var requete) listmutiple(nom var requete)
     if ($_GET["mode"] == "ajout") {
         $tabcolonne = array("Username" => "username|txt(255)|yes", "Name" => "name|txt(255)|yes", "Password" => "password|password|yes", "Email" => "email|txt(255)|no", "Téléphone" => "tel|txt(255)|no");
     } else {
         $tabcolonne = array("Username" => "username|txt(255)|yes", "Name" => "name|txt(255)|yes", "Password (for change)" => "password2|password|no", "Email" => "email|txt(255)|no", "Téléphone" => "tel|txt(255)|no");
     }
     require "../../include/template_detail.php";
Example #17
0
<?php

require "../../require/function.php";
require "../../require/back_include.php";
set_time_limit(3600);
if ($_POST["titre"] != "") {
    $sql = "insert into " . __racinebd__ . "list_val (titre,val) \r\n  value('" . addquote($_POST["titre"]) . "','" . addquote($_POST["val"]) . "')";
    $link = query($sql);
    $val_id = insert_id();
    ?>
  <script>
  content='<table width="100%" style="border-bottom:1px solid black" id="table_val_<?php 
    echo $val_id;
    ?>
">';
  content+='<input type="hidden" name="listvals[]" value="<?php 
    echo $val_id;
    ?>
"/>';
  content+='<input type="hidden" name="listtitre[]" value="<?php 
    echo $_POST["titre1"];
    ?>
"/>';
  content+='<input type="hidden" name="listval[]" value="<?php 
    echo $_POST["val"];
    ?>
"/>';
  content+='<input type="hidden" id="val_<?php 
    echo $val_id;
    ?>
" name="val_<?php 
Example #18
0
             break;
         case "ajout":
             $txtmsg = $trad["L'utilisateur a &eacute;t&eacute; ajout&eacute;"];
             $szQuery = "insert into {$table} (login,mdp,email)\r\n          values ('" . addquote($_POST["login"]) . "','" . addquote($_POST["mdp"]) . "','" . addquote($_POST["email"]) . "')";
             $link = query($szQuery);
             $id = insert_id();
             //sauvegarde des droits
             for ($i = 0; $i < count($_POST["groupe_id"]); $i++) {
                 $sql = "insert into " . __racinebd__ . "groupe_users (groupe_id,users_id) values (" . $_POST["groupe_id"][$i] . "," . $id . ")";
                 query($sql);
             }
             $szQuery = "";
             break;
         case "modif":
             $txtmsg = $trad["L'utilisateur a &eacute;t&eacute; modifi&eacute;"];
             $szQuery = "update {$table} set \r\n\t\t\t\t\tlogin='******',\r\n\t\t\t\t\tmdp='" . addquote($_POST["mdp"]) . "',\r\n\t\t\t\t\temail='" . addquote($_POST["email"]) . "'\r\n          where {$tablekey}=" . $_GET["id"];
             //print $szQuery;
             $sql = "delete from " . __racinebd__ . "groupe_users where users_id=" . $_GET["id"];
             query($sql);
             //sauvegarde des droits
             for ($i = 0; $i < count($_POST["groupe_id"]); $i++) {
                 $sql = "insert into " . __racinebd__ . "groupe_users (groupe_id,users_id) values (" . $_POST["groupe_id"][$i] . "," . $_GET["id"] . ")";
                 query($sql);
             }
             break;
     }
     require "../../include/template_save.php";
 } else {
     $szQuery = "SELECT * FROM {$table} where {$tablekey}=" . $_GET["id"];
     //libelle=>nom du champ|type|obligatoire|taille (facultatif)
     //les type sont les suivant
Example #19
0
<?php

if (!verifdroit("AGE")) {
    die;
}
$msgsave = "";
if ($_POST["mode"] == "ajout") {
    //vérification des droit du compte
    $sql = "insert into " . __racinebd__ . "agence_compte (libelle,principal,compte_id) values('" . addquote($_POST["libelle"]) . "','" . $_POST["principal"] . "'," . $_SESSION["compte_id"] . ")";
    //print $sql."<br>";
    $link = query($sql);
    $msgsave = "ajout";
}
if ($_POST["id"] != "" && $_POST["mode"] == "modif") {
    //vérification des droit du compte
    $sql = "update " . __racinebd__ . "agence_compte set libelle ='" . addquote($_POST["libelle"]) . "' , principal='" . $_POST["principal"] . "' where agence_compte_id=" . $_POST["id"] . " and compte_id=" . $_SESSION["compte_id"];
    //print $sql."<br>";
    $link = query($sql);
    $msgsave = "modif";
}
$sql = "select * from " . __racinebd__ . "agence_compte where compte_id=" . $_SESSION["compte_id"] . " and supprimer=0 order by libelle";
$link = query($sql);
while ($tbl = fetch($link)) {
    $tbl_list_agence[] = $tbl;
    //  $key_list_agence[$tbl["agence_compte_id"]]=$tbl["libelle"];
}
if ($_POST["id"] != "" && $_POST["mode"] == "") {
    $sql = "select * from " . __racinebd__ . "agence_compte where compte_id=" . $_SESSION["compte_id"] . " and agence_compte_id=" . $_POST["id"] . " order by libelle";
    $link = query($sql);
    $tbl_modif_agence = fetch($link);
}
Example #20
0
             query($sql);
             //creation d'une agence par defaut
             $sql = "insert into " . __racinebd__ . "agence_compte (libelle,principal,compte_id) values('Agence 1',1," . $id . ")";
             query($sql);
             //creation de type de véhicule
             $sql = "INSERT INTO `phantom_type_compte` (`libelle`, `compte_id`, `icon`) VALUES('Voiture', " . $id . ", 'car_icon.png');";
             query($sql);
             $sql = "INSERT INTO `phantom_type_compte` (`libelle`, `compte_id`, `icon`) VALUES('Camion', " . $id . ", 'supercamion_icon.png');";
             query($sql);
             $sql = "INSERT INTO `phantom_type_compte` (`libelle`, `compte_id`, `icon`) VALUES('Utilitaire', " . $id . ", 'utilitaire-icon.png');";
             query($sql);
             $szQuery = "";
             break;
         case "modif":
             $txtmsg = "Le compte a &eacute;t&eacute; modifi&eacute;";
             $szQuery = "update {$table} set \r\n\t\t\t\t\tcommercial_id='" . addquote($_POST["commercial_id"]) . "',\r\n\t\t\t\t\tnom='" . addquote($_POST["nom"]) . "',\r\n\t\t\t\t\tcodecreation='" . addquote($_POST["codecreation"]) . "',         \r\n          adresse='" . addquote($_POST["adresse"]) . "',\r\n          raisonsociale='" . addquote($_POST["raisonsociale"]) . "',\r\n          cp='" . addquote($_POST["cp"]) . "',\r\n          ville='" . addquote($_POST["ville"]) . "',\r\n          tel='" . addquote($_POST["tel"]) . "',\r\n          email='" . addquote($_POST["email"]) . "',\r\n          actif='" . addquote($_POST["actif"]) . "'\r\n          where {$tablekey}=" . $_GET["id"];
             //print $szQuery;
             $sql = "delete from " . __racinebd__ . "compte_options where compte_id=" . $_GET["id"];
             query($sql);
             //sauvegarde des options
             for ($i = 0; $i < count($_POST["options_id"]); $i++) {
                 $sql = "insert into " . __racinebd__ . "compte_options (compte_id,options_id) values (" . $_GET["id"] . "," . $_POST["options_id"][$i] . ")";
                 query($sql);
             }
             break;
     }
     require "../../include/template_save.php";
 } else {
     $szQuery = "SELECT * FROM {$table} where {$tablekey}=" . $_GET["id"];
     //libelle=>nom du champ|type|obligatoire|taille (facultatif)
     //les type sont les suivant
Example #21
0
    //vérification des droit du compte
    $sql = "update " . __racinebd__ . "type_compte set supprimer=1 where type_compte_id=" . $_POST["id"] . " and compte_id=" . $_SESSION["compte_id"];
    query($sql);
    //print $sql."<br>";
    $msgsave = "Suppression effectuée";
}
if ($_POST["mode"] == "ajout") {
    //vérification des droit du compte
    $sql = "insert into " . __racinebd__ . "type_compte (libelle,consommation,vitesseattente,icon,compte_id) values('" . addquote($_POST["libelle"]) . "','" . addquote($_POST["consommation"]) . "','" . addquote($_POST["vitesseattente"]) . "','" . addquote($_POST["icon"]) . "'," . $_SESSION["compte_id"] . ")";
    //print $sql."<br>";
    $link = query($sql);
    $msgsave = "Sauvegarde effectuée";
}
if ($_POST["id"] != "" && $_POST["mode"] == "modif") {
    //vérification des droit du compte
    $sql = "update " . __racinebd__ . "type_compte set libelle ='" . addquote($_POST["libelle"]) . "',consommation='" . addquote($_POST["consommation"]) . "',vitesseattente='" . addquote($_POST["vitesseattente"]) . "',icon='" . addquote($_POST["icon"]) . "' where type_compte_id=" . $_POST["id"] . " and compte_id=" . $_SESSION["compte_id"];
    //print $sql."<br>";
    $link = query($sql);
    $msgsave = "Sauvegarde effectuée";
}
$sql = "select * from " . __racinebd__ . "type_compte where compte_id=" . $_SESSION["compte_id"] . " and supprimer=0 order by libelle";
$link = query($sql);
while ($tbl = fetch($link)) {
    $tbl_list_type[] = $tbl;
    //  $key_list_agence[$tbl["type_compte_id"]]=$tbl["libelle"];
}
if ($_POST["id"] != "" && $_POST["mode"] == "") {
    $sql = "select * from " . __racinebd__ . "type_compte where compte_id=" . $_SESSION["compte_id"] . " and type_compte_id=" . $_POST["id"] . " order by libelle";
    $link = query($sql);
    $tbl_modif_type = fetch($link);
}
Example #22
0
    //deplacement du fichier
    //move_uploaded_file($_FILES[ext]["tmp_name"],$_SERVER["DOCUMENT_ROOT"].__uploaddir__."u".$_SESSION['users_id']."/".$_FILES["ext"]["name"]);
    $filename1 = preg_replace('/[^a-z0-9_\\-\\.]/i', '_', $_FILES["ext1"]["name"]);
    $filename2 = preg_replace('/[^a-z0-9_\\-\\.]/i', '_', $_FILES["ext2"]["name"]);
    //if(move_uploaded_file($_FILES["ext"]["tmp_name"],$_SERVER["DOCUMENT_ROOT"].__uploaddir__."u".$_SESSION['users_id']."/".$filename)===false){
    //sauvegarde en base
    $ext1 = getext($_FILES["ext1"]["name"]);
    $ext2 = getext($_FILES["ext2"]["name"]);
    /*if(PHANTOM_FULLTEXT==true){
        $contenu1=addslashes(extract2tmpfile($ext1,$_FILES["ext1"]["tmp_name"]));
        $contenu2=addslashes(extract2tmpfile($ext2,$_FILES["ext2"]["tmp_name"]));
      }else{
        $contenu1=addquote($_POST["description_fichier1"]);
        $contenu2=addquote($_POST["description_fichier2"]);
      }*/
    $sql = "insert into " . __racinebd__ . "list_images (titre1,ext1,nom_fichier1,titre2,ext2,nom_fichier2,lightbox,contenulightbox) \r\n  value('" . addquote($_POST["titre_fichier1"]) . "','" . $ext1 . "','" . $filename1 . "','" . addquote($_POST["titre_fichier2"]) . "','" . $ext2 . "','" . $filename2 . "','" . $_POST["lightbox"] . "','" . $_POST["contenu"] . "')";
    $link = query($sql);
    $images_id = insert_id();
    savefile("ext1", __racinebd__ . "list_images", $images_id);
    savefile("ext2", __racinebd__ . "list_images2_", $images_id);
    ?>
  <script>
  content='<table width="100%" style="border-bottom:1px solid black" id="table_images_<?php 
    echo $images_id;
    ?>
">';
  content+='<input type="hidden" name="listimages[]" value="<?php 
    echo $images_id;
    ?>
"/>';
  content+='<textarea name="listimagescontenu[]" style="display:none"><?php 
Example #23
0
       $myext2 = savefile("ext2", __racinebd__ . "list_images2_");
   } else {
       if ($_POST["ext2"] != "" && $_POST["ext2_chk"] != 1) {
           $filename2 = preg_replace('/[^a-z0-9_\\-\\.]/i', '_', $_FILES["ext2"]["name"]);
           $myext2 = ",ext2='" . getext($_FILES["ext2"]["name"]) . "',nom_fichier2='" . $filename2 . "'";
       } else {
           if ($_POST["ext2_chk"] == 1) {
               $myext2 = ",ext1=null";
           }
       }
   }
   //if(move_uploaded_file($_FILES["ext"]["tmp_name"],$_SERVER["DOCUMENT_ROOT"].__uploaddir__."u".$_SESSION['users_id']."/".$filename)===false){
   //sauvegarde en base
   $ext1 = getext($_FILES["ext1"]["name"]);
   $ext2 = getext($_FILES["ext2"]["name"]);
   $sql = "update " . __racinebd__ . "list_images \r\n  set titre1='" . addquote($_POST["titre_fichier1"]) . "',\r\n  titre2='" . addquote($_POST["titre_fichier2"]) . "',\r\n  lightbox='" . addquote($_POST["lightbox"]) . "',\r\n  contenulightbox='" . addquote($_POST["contenu"]) . "'\r\n  {$myext1}\r\n  {$myext2}\r\n  where images_id=" . $_POST["images_id"];
   /*
   ext1,nom_fichier1,titre2,ext2,nom_fichier2,lightbox,contenulightbox) 
   value(,'".$ext1."','".$filename1."','".addquote($_POST["titre_fichier2"])."','".$ext2."','".$filename2."','".$_POST["lightbox"]."','".$_POST["contenu"]."')";
   */
   $link = query($sql);
   //$images_id=insert_id();
   $sql = "select * from " . __racinebd__ . "list_images where images_id=" . $_POST["images_id"];
   $link = query($sql);
   $tbl_info = fetch($link);
   ?>
 <script>
 //parent.
 
 //content='<table width="100%" style="border-bottom:1px solid black" id="table_image_<?php 
   echo $images_id;
Example #24
0
              <h1>Add a quote</h1>
              <form action="/?add" method="POST">
              
              <?php 
if (count($_POST) > 0) {
    // we can at least assume that the submit button was pressed...
    if (check_empty($_POST['quotetext'])) {
        // Do NAHFIN'!
        // Quote box was empty, we'll ignore they pressed submit.
    } else {
        // Do IT!
        $exist = checkquoteexist($_POST['quotetext']);
        if (is_numeric($exist)) {
            print "<br /><center><font color=\"red\">The quote has already been entered as <a href=\"/?" . $exist . "\">Quote #" . $exist . "</a></font></center>";
        } else {
            $newquote = addquote($_POST);
            // printf("<br>NQ: %s", $newquote);
            if (is_numeric($newquote)) {
                print "<br /><center><font color=\"red\">Your quote has been submitted as Quote #" . $newquote . "</font></center><br />";
            }
        }
    }
    //print "<font color=red>post exists</font>";
}
?>
              
                
                <textarea cols="100%" rows="10" name="quotetext"></textarea>
                
                <br /><br />
                <input type="submit" name="cmdSubmit" value="Submit">
Example #25
0
<?php

if ($_POST["id"] != "" && $_POST["mode"] == "modif") {
    //on verifie si il existe un enregistrement dans la table etat_moteur_compte
    $sql = "select * from " . __racinebd__ . "etat_moteur_compte where etat_moteur_id=" . $_POST["id"] . " and compte_id=" . $_SESSION["compte_id"];
    $link = query($sql);
    if (num_rows($link) == 0) {
        $sql = "insert into " . __racinebd__ . "etat_moteur_compte(etat_moteur_id,libelle,couleur,compte_id) values(" . $_POST["id"] . ",'" . addquote($_POST["libelle"]) . "','" . addquote($_POST["couleur"]) . "','" . $_SESSION["compte_id"] . "')";
    } else {
        $sql = "update " . __racinebd__ . "etat_moteur_compte set libelle='" . addquote($_POST["libelle"]) . "',couleur='" . addquote($_POST["couleur"]) . "' where compte_id=" . $_SESSION["compte_id"] . " and etat_moteur_id=" . $_POST["id"];
    }
    query($sql);
    $msgsave = "Sauvegarde effectuée";
}
$sql = "select em.etat,em.etat_moteur_id,em.libelle,emc.libelle as lib2,couleur,defaultcouleur from " . __racinebd__ . "etat_moteur em left join\r\n    " . __racinebd__ . "etat_moteur_compte emc on emc.etat_moteur_id=em.etat_moteur_id and compte_id=" . $_SESSION["compte_id"] . " order by libelle";
$link = query($sql);
while ($tbl = fetch($link)) {
    //$tbl_list_etat[]=array("etat_moteur_id"=>$tbl["etat"],"libelle"=>(($tbl["lib2"]=="")?$tbl["libelle"]:$tbl["lib2"]));
    $tbl_list_etat[] = $tbl;
}
if ($_POST["id"] != "") {
    $sql = "select em.etat,em.etat_moteur_id,em.libelle,emc.libelle as lib2,couleur,defaultcouleur \r\n      from " . __racinebd__ . "etat_moteur em left join\r\n      " . __racinebd__ . "etat_moteur_compte emc on emc.etat_moteur_id=em.etat_moteur_id and compte_id=" . $_SESSION["compte_id"] . " where em.etat_moteur_id=" . $_POST["id"] . " order by libelle";
    //print $sql."<br>";
    $link = query($sql);
    $tbl_modif = fetch($link);
}
Example #26
0
    //vérification des droit du compte
    $sql = "update " . __racinebd__ . "entretien_compte set supprimer=1 where entretien_compte_id=" . $_POST["id"] . " and compte_id=" . $_SESSION["compte_id"];
    query($sql);
    //print $sql."<br>";
    $msgsave = "Suppression effectuée";
}
if ($_POST["mode"] == "ajout") {
    //vérification des droit du compte
    $sql = "insert into " . __racinebd__ . "entretien_compte (libelle,icon,compte_id) values('" . addquote($_POST["libelle"]) . "','" . addquote($_POST["icon"]) . "'," . $_SESSION["compte_id"] . ")";
    //print $sql."<br>";
    $link = query($sql);
    $msgsave = "Sauvegarde effectuée";
}
if ($_POST["id"] != "" && $_POST["mode"] == "modif") {
    //vérification des droit du compte
    $sql = "update " . __racinebd__ . "entretien_compte set libelle ='" . addquote($_POST["libelle"]) . "',icon='" . addquote($_POST["icon"]) . "' where entretien_compte_id=" . $_POST["id"] . " and compte_id=" . $_SESSION["compte_id"];
    //print $sql."<br>";
    $link = query($sql);
    $msgsave = "Sauvegarde effectuée";
}
$sql = "select * from " . __racinebd__ . "entretien_compte where compte_id=" . $_SESSION["compte_id"] . " and supprimer=0 order by libelle";
$link = query($sql);
while ($tbl = fetch($link)) {
    $tbl_list_type[] = $tbl;
    //  $key_list_agence[$tbl["entretien_compte_id"]]=$tbl["libelle"];
}
if ($_POST["id"] != "" && $_POST["mode"] == "") {
    $sql = "select * from " . __racinebd__ . "entretien_compte where compte_id=" . $_SESSION["compte_id"] . " and entretien_compte_id=" . $_POST["id"] . " order by libelle";
    $link = query($sql);
    $tbl_modif_type = fetch($link);
}
Example #27
0
<?php

require "../../require/function.php";
require "../../require/back_include.php";
$_GET["nomobj"] = "listmontant[]";
set_time_limit(3600);
$sql = "select * from " . __racinebd__ . "devisline where devisline_id=" . ($_GET["id"] == "" ? $_POST["devisline_id"] : $_GET["id"]);
$link = query($sql);
$tbl_info = fetch($link);
if ($_POST["save"] == "yes") {
    //sauvegarde en base
    $sql = "update " . __racinebd__ . "devisline \r\n  set libelle='" . addquote($_POST["libelle"]) . "',\r\n  montant='" . str_replace(",", ".", addquote($_POST["montant"])) . "'\r\n  where devisline_id=" . $_POST["devisline_id"];
    $link = query($sql);
    ?>
  <script>
  alert("Modifications prises en compte");
  if(top.listidmontantiframelist.contentWindow)
  top.listidmontantiframelist.contentWindow.location.reload(true);
  else
  top.listidmontantiframelist.location.reload(true);
  
  window.location="insertfile.php?nomobj=listontant[]&id=<?php 
    echo $tbl_info["devis_id"];
    ?>
";
  </script>
  <?php 
    die;
}
?>
<html>
Example #28
0
        $child = true;
        $childtxt[] = "Compte";
        $urlchild[] = __racineadmin__ . "/custom/compte/index.php";
        require "../../include/template_list.php";
    } else {
        if ($_POST["save"] == "yes") {
            switch ($_GET["mode"]) {
                case "suppr":
                    $txtmsg = "Le commercial a &eacute;t&eacute; supprim&eacute;";
                    $szQuery = "update {$table} set supprimer=1 where " . $tablekey . "='" . $_GET["id"] . "'";
                    break;
                case "ajout":
                    $txtmsg = "Le commercial a &eacute;t&eacute; ajout&eacute;";
                    $szQuery = "insert into {$table} (prenom,nom,actif)\r\n          values ('" . addquote($_POST["prenom"]) . "','" . addquote($_POST["nom"]) . "','" . addquote($_POST["actif"]) . "')";
                    break;
                case "modif":
                    $txtmsg = "Le commercial a &eacute;t&eacute; modifi&eacute;";
                    $szQuery = "update {$table} set \r\n\t\t\t\t\tprenom='" . addquote($_POST["prenom"]) . "',\r\n\t\t\t\t\tnom='" . addquote($_POST["nom"]) . "',\r\n\t\t\t\t\tactif='" . addquote($_POST["actif"]) . "'\r\n          where {$tablekey}=" . $_GET["id"];
                    break;
            }
            require "../../include/template_save.php";
        } else {
            $szQuery = "SELECT * FROM {$table} where {$tablekey}=" . $_GET["id"];
            //libelle=>nom du champ|type|obligatoire|taille (facultatif)
            //les type sont les suivant
            // txt area html media date file email list(nom var requete) listmutiple(nom var requete)
            $tabcolonne = array("Nom" => "nom|txt(255)|yes", "Prénom" => "prenom|txt(255)|yes", "Actif" => "actif|chk|no");
            require "../../include/template_detail.php";
        }
    }
}
Example #29
0
<?php

if (!verifdroit("VEH")) {
    die;
}
if ($_GET["mode"] == "delete") {
    $sql = "update " . __racinebd__ . "device set supprimer=1 where device_id=" . $_GET["id"];
    query($sql);
    $msgsave = "Suppression effectuée";
}
//print_r($_POST);
//sauvegarde de modification
if ($_POST["id"] != "" && $_POST["mode"] == "modif") {
    $sql = "update " . __racinebd__ . "device set agence_compte_id='" . $_POST["agence_compte_id"] . "',\r\n  type_compte_id='" . $_POST["type_compte_id"] . "',consommation='" . addquote($_POST["consommation"]) . "',nomvehicule='" . addquote($_POST["nomvehicule"]) . "'\r\n  ,immatriculation='" . addquote($_POST["immatriculation"]) . "',chassis='" . addquote($_POST["chassis"]) . "',marque='" . addquote($_POST["marque"]) . "'\r\n  ,modele='" . addquote($_POST["modele"]) . "',kminit='" . addquote($_POST["kminit"]) . "',correctifkm='" . addquote($_POST["correctifkm"]) . "'\r\n  ,correctifh='" . addquote($_POST["correctifh"]) . "',type_moteur_id='" . $_POST["type_moteur_id"] . "',consommationtype='" . $_POST["consommationtype"] . "',tel='" . $_POST["tel"] . "' where device_id=" . $_POST["pdevice_id"];
    //print $sql."<br>";
    query($sql);
    //sauvegarde des categories
    $sql = "delete from " . __racinebd__ . "categorie_compte_device where device_id=" . $_POST["id"];
    query($sql);
    for ($i = 0; $i < count($_POST["categorie"]); $i++) {
        $sql = "insert into " . __racinebd__ . "categorie_compte_device (device_id,categorie_compte_id) values(" . $_POST["id"] . "," . $_POST["categorie"][$i] . ")";
        query($sql);
    }
    $msgsave = "Sauvegarde effectuée";
}
$sql = "select * from " . __racinebd__ . "categorie_compte where compte_id=" . $_SESSION["compte_id"] . " and supprimer=0 order by libelle";
$link = query($sql);
while ($tbl = fetch($link)) {
    $tbl_list_categorie[] = $tbl;
}
/*
Example #30
0
    $filename = makename($_FILES["ext"]["name"]);
    //if(move_uploaded_file($_FILES["ext"]["tmp_name"],$_SERVER["DOCUMENT_ROOT"].__uploaddir__."u".$_SESSION['users_id']."/".$filename)===false){
    //sauvegarde en base
    $ext = getext($_FILES["ext"]["name"]);
    //$sql="insert into ".__racinebd__."fichiers (titre,abstract,ext,nom_fichier,contenu) value('".addquote($_POST["titre_fichier"])."','".addquote($_POST["description_fichier"])."','".$ext."','".$filename."','".$contenu."')";
    $sql = "insert into " . __racinebd__ . "fichiers (titre,abstract,ext,nom_fichier) value('" . addquote($_POST["titre_fichier"]) . "','" . addquote($_POST["description_fichier"]) . "','" . $ext . "','" . addquote($filename) . "')";
    //print $sql;
    $link = query($sql);
    $fichiers_id = insert_id();
    savefile("ext", __racinebd__ . "fichiers", $fichiers_id);
    //print $_SERVER["DOCUMENT_ROOT"].__uploaddir__.__racinebd__."fichiers".$fichiers_id.".".$ext;
    if (PHANTOM_FULLTEXT == true) {
        $contenu = addslashes(extract2tmpfile($ext, $_SERVER["DOCUMENT_ROOT"] . __uploaddir__ . __racinebd__ . "fichiers" . $fichiers_id . "." . $ext));
    }
    if ($contenu == '') {
        $contenu = addquote($_POST["description_fichier"]);
    }
    $sql = "update " . __racinebd__ . "fichiers set contenu='" . $contenu . "' where fichiers_id=" . $fichiers_id;
    query($sql);
    ?>
  <script>
  content='<table width="100%" style="border-bottom:1px solid black" id="table_fichier_<?php 
    echo $fichiers_id;
    ?>
">';
  content+='<input type="hidden" name="listfichiers[]" value="<?php 
    echo $fichiers_id;
    ?>
"/>';
  content+='<input type="hidden" id="fichiers_<?php 
    echo $fichiers_id;