function check_answer_exist($user_id, $survey_id, $question_id, $option_id)
{
$connection = connect_db();
$sql = "SELECT *\n \t\t\tFROM user_answers\n \t\t\tWHERE user_id=" . $user_id . " AND survey_id=" . $survey_id . " AND question_id=" . $question_id . " AND option_id=" . $option_id;
$query_results = mysqli_query($connection, $sql) or die(mysql_error());
$answer_exists = mysqli_num_rows($query_results) > 0 ? true : false;
return $answer_exists;
close_db($connection);
}
function getDirectors()
{
connect_db();
$directors = array();
foreach ($this->director_order as $uid) {
$directors[] = get_object('Director', $uid);
}
close_db();
return $directors;
}
function updatePlugins()
{
connect_db();
$list = $this->getPluginsList();
// Delete anything lingering in the database
mysql_query("TRUNCATE TABLE plugins");
foreach (array_slice($list, 0, 999) as $fileNames) {
$this->parseFilename($fileNames);
}
close_db();
echo 'Success!';
}
/**
* Update one item in the table
* @param VOTimeline to be updated
* @return NULL
*/
public function updateData($obj)
{
if ($obj == NULL) {
return NULL;
}
//connect to the database.
$DB = connect_db(false);
//save changes
$sql = "UPDATE btk_user_info SET ts_username='******', ts_password='******',reg_username='******', reg_password='******'";
$DB->execute($sql);
close_db($DB);
return NULL;
}
public function deleteData($obj)
{
if ($obj == NULL) {
return NULL;
}
//connect to the database.
$DB = connect_db(false);
//save changes
$sql = "DELETE FROM mime_type_cross WHERE id=?";
$DB->execute($sql, array($obj->id));
close_db($DB);
return NULL;
}
function genpassword()
{
echo "new password list...<br>\n";
connect_db();
// $res = mysql_query("SELECT * FROM user_info WHERE NOT(type='A')");
$res = mysql_query("SELECT * FROM user_info WHERE (type='C')");
$row = mysql_num_rows($res);
for ($i = 0; $i < $row; $i++) {
echo mysql_result($res, $i, 'user_id') . ':';
echo mysql_result($res, $i, 'name') . ':';
$pass = randpass();
echo $pass . "<br>\n";
setpassword(mysql_result($res, $i, 'user_id'), $pass);
}
close_db();
}
function listuser()
{
echo '<table border=1>';
echo '<tr><td width="10%"><b>username</b></td>';
echo '<td width="40%"><b>name</b></td><td><b>password</b></td></tr>';
connect_db();
$res = mysql_query("SELECT * FROM user_info WHERE NOT(type='A')");
$row = mysql_num_rows($res);
for ($i = 0; $i < $row; $i++) {
echo '<tr><td>' . mysql_result($res, $i, 'user_id') . '</td>';
echo '<td>' . mysql_result($res, $i, 'name') . '</td>';
echo '<td>' . mysql_result($res, $i, 'passwd') . "</td></tr>\n";
}
close_db();
echo '</table>';
}
/**
* @author Tuan Anh
* @copyright 2011
*/
function toFile($result, $id, $bd, $fn)
{
require_once '../src/db.php';
$con = connect_db();
$fh = fopen($fn, 'a') or die('cant open file');
//check if $result empty
if ($result == '') {
return;
}
//insert name and student_id to student table
$str = '';
$str .= " /*" . $stt . "====================================' .{$id}.'-'.{$result['0']}.'===============================*/" . "\n";
$str .= 'INSERT INTO student VALUES ("' . $id . '", "' . $result[0] . '","' . $bd . '");' . "\n";
//insert each term
for ($i = 1; $i < count($result); $i++) {
$str .= '/*======================' . $result[$i]['hk'] . '======================*/' . "\n";
$j = 0;
$count = count($result[$i]) - 7;
while ($j < $count) {
//check if subject_id exits
$subject_id = $result[$i][$j];
$subject_name = $result[$i][$j + 1];
$subject_credit = $result[$i][$j + 3];
if (!check_exits($subject_id, 'subject', 'subject_id')) {
//insert subject_id, subject_name, credit
$str .= 'INSERT INTO subject VALUES ("' . $subject_id . '","' . $subject_name . '",' . $subject_credit . ');' . "\n";
}
//insert mid_term, end_term, avg
$group = $result[$i][$j + 2];
$mid_grade = $result[$i][$j + 4] == '---' ? 'NULL' : $result[$i][$j + 4];
$end_grade = $result[$i][$j + 5] == '---' ? 'NULL' : $result[$i][$j + 5];
$avg_grade = $result[$i][$j + 6] == '---' ? 'NULL' : $result[$i][$j + 6];
$str .= 'INSERT INTO score_term VALUES ("' . $id . '", "' . $result[$i]['hk'] . '","' . $result[$i][$j] . '",' . $mid_grade . ',' . $end_grade . ',' . $avg_grade . ',"' . $group . '");' . "\n";
$j += 7;
}
//insert into term_stat
$sum_credit_reg_term = $result[$i]['sum_credit_reg_term'] == '' ? 'NULL' : $result[$i]['sum_credit_reg_term'];
$sum_credit_all_term = $result[$i]['sum_credit_all_term'] == '' ? 'NULL' : $result[$i]['sum_credit_all_term'];
$avg_term = $result[$i]['avg_term'] == '' ? 'NULL' : $result[$i]['avg_term'];
$sum_credit = $result[$i]['sum_credit'] == '' ? 'NULL' : $result[$i]['sum_credit'];
$avg_all = $result[$i]['avg_all'] == '' ? 'NULL' : $result[$i]['avg_all'];
$str .= 'INSERT INTO term_stat VALUES ("' . $result[$i]['hk'] . '" ,"' . $id . '" ,' . $sum_credit_reg_term . ' ,' . $sum_credit_all_term . ' ,' . $avg_term . ' ,' . $sum_credit . ' ,' . $avg_all . ');' . "\n";
}
fwrite($fh, $str . "\n");
fclose($fh);
close_db($con);
}
public function books_get()
{
$book_id = isset($this->_params[0]) ? $this->_params['0'] : '';
if (!is_numeric($this->_params[0])) {
throw new Exception("invalid parameters in request", 400);
}
require_once 'include/connect_db.php';
$conn = connect_db();
$book_id = $conn->real_escape_string($book_id);
$sql_query = "SELECT COUNT(*) FROM `books` WHERE";
$sql_query .= "`id`='{$book_id}'";
if ($result = $conn->query($sql_query)) {
$row = mysqli_fetch_row($result);
$count = $row[0];
} else {
close_db($conn);
throw new Exception("db error", 500);
}
if ($count == 0) {
close_db($conn);
throw new Exception("no book found", 404);
} else {
$sql_query = "SELECT b.*, p.`name` as publisher, s.`name` as subject FROM `books`b, `publishers`p, `subjects`s WHERE ";
$sql_query .= "b.`id`='{$book_id}' AND p.`id`=b.`publisher_id` AND s.`id`=b.`subject_id` LIMIT 1";
if ($result = $conn->query($sql_query)) {
$row = mysqli_fetch_assoc($result);
unset($row['publisher_id']);
if ($row['img'] === '1') {
$row['img_url'] = "http://www.campusbookie.net/img/book/" . $row['isbn'] . ".jpg";
} else {
$row['img_url'] = "http://www.campusbookie.net/img/book/" . "no-image.jpg";
}
$row['_links']['self']['href'] = "/books/" . $book_id;
$retData = array();
$retData['staus'] = "success";
$retData['message'] = null;
$retData['data'] = $row;
close_db($conn);
return array('data' => $retData, 'status' => 200);
} else {
close_db($conn);
throw new Exception("db error", 500);
}
}
}
/**
* Retrieve all the records from the table
* @return an array of VOUser
*/
public function getData($searchKey = null)
{
//connect to the database.
$DB = connect_db(false);
//retrieve all rows
$rs = $DB->Execute("SELECT * FROM users ORDER BY username");
$ret = array();
while (!$rs->EOF) {
$tmp = new VOUser();
$tmp->id = $rs->fields["id"];
$tmp->username = $rs->fields["username"];
$tmp->password = $rs->fields["password"];
$ret[] = $tmp;
$rs->MoveNext();
}
return $ret;
close_db($DB);
}
/**
* Retrieve all the records from the table
* @return an array of VOTimeline
*/
public function getData($searchKey = null)
{
//connect to the database.
$DB = connect_db(false);
//retrieve all rows
$rs = $DB->Execute("SELECT * FROM btk_db_update ORDER BY update_date DESC LIMIT 1");
$ret = array();
while (!$rs->EOF) {
$tmp = new VOBTKGeneralInfo();
$tmp->updateName = $rs->fields["update_id"];
$tmp->updateDate = $rs->fields["update_date"];
$tmp->currentClient = 10;
$ret[] = $tmp;
$rs->MoveNext();
}
return $ret;
close_db($DB);
}
/**
* Retrieve all the records from the table
* @return an array of VOTimeline
*/
public function getData($searchKey = null)
{
//connect to the database.
$DB = connect_db(false);
//retrieve all rows
$rs = $DB->Execute("SELECT * FROM btk_timestamp_history ORDER BY id");
$ret = array();
while (!$rs->EOF) {
$tmp = new VOBTKTimestampHistory();
$tmp->id = $rs->fields["id"];
$tmp->name = $rs->fields["name"];
$tmp->logSize = $rs->fields["log_size"];
$ret[] = $tmp;
$rs->MoveNext();
}
return $ret;
close_db($DB);
}
/**
* Retrieve all the records from the table
* @return an array of VOTimeline
*/
public function getData($searchKey = null)
{
//connect to the database.
$DB = connect_db(false);
//retrieve all rows
$rs = $DB->Execute("SELECT * FROM btk_db_update ORDER BY id desc");
$ret = array();
while (!$rs->EOF) {
$tmp = new VOBTKDbUpdate();
$tmp->id = $rs->fields["id"];
$tmp->updateId = $rs->fields["update_id"];
$tmp->updateDate = $rs->fields["update_date"];
$tmp->newRecordCount = $rs->fields["new_record_count"];
$tmp->deletedRecordCount = $rs->fields["deleted_record_count"];
$ret[] = $tmp;
$rs->MoveNext();
}
return $ret;
close_db($DB);
}
/**
* Retrieve all the records from the table
* @return an array of VOTimeline
*/
public function getData($searchKey = null)
{
//connect to the database.
$DB = connect_db(false);
//retrieve all rows
$rs = $DB->Execute("SELECT * FROM btk_service_status ORDER BY id");
$ret = array();
while (!$rs->EOF) {
$tmp = new VOTimeline();
$tmp->id = $rs->fields["id"];
$tmp->startDate = $rs->fields["start_date"];
$tmp->endDate = $rs->fields["end_date"];
$tmp->status = $rs->fields["status"];
$tmp->label = $rs->fields["status"];
$ret[] = $tmp;
$rs->MoveNext();
}
return $ret;
close_db($DB);
}
echo $val["id"];
?>
"><img src="img/del.png" alt="удалить">удалить</a></a></li>
</ul>
<h1><?php
echo $val["name"];
?>
</h1>
<div class="article">
<div>
<span>Автор: <?php
echo mysqli_fetch_assoc(mysqli_query($link, "SELECT name FROM `author` WHERE `id`=" . $val["author_id"]))["name"];
?>
</span>
<span> Дата: <?php
echo $val["date"];
?>
</span>
</div>
<div class="article-body">
<?php
echo $val["article"];
?>
</div>
</div>
</body>
</html>
<?php
close_db($link);
function province_update($table, $is_city, $value, $p_id = 0)
{
if ($table == 'hoau_company') {
$type = 'is_company';
} elseif ($table == 'hoau_drdnetstate') {
$type = 'is_drd';
} elseif ($table == 'hoau_drd_price') {
$type = 'is_drd_price';
}
$type = 'is_drd_price';
$db = get_db();
if ($is_city == 0) {
$sql = "select is_drd_price,id from hoau_province where parent_id=0 and name='{$value}'";
} else {
$sql = "select is_drd_price,id from hoau_province where parent_id>0 and name='{$value}'";
}
$record = $db->query($sql);
if (count($record) > 0) {
if ($record[0]->is_drd_price == '0') {
$sql = "update hoau_province set is_drd_price=1 where id={$record[0]->id}";
$db->execute($sql);
}
return $record[0]->id;
} else {
$sql2 = "insert into hoau_province (name,parent_id,priority,is_drd_price) values ('{$value}','{$p_id}','100','1')";
$db->execute($sql2);
$record = $db->query($sql);
return $record[0]->id;
}
close_db();
}
public function cart_delete()
{
$book_id = isset($this->_params['book_id']) ? $this->_params['book_id'] : null;
if (!($book_id && is_numeric($book_id))) {
throw new Exception("invalid parameters in request", 400);
}
try {
$cart_id = $this->authenticate_cart();
} catch (Exception $e) {
throw new Exception($e->getMessage(), $e->getCode());
}
$conn = connect_db();
if ($this->_user_id) {
$sql_query = "SELECT `cart_id` FROM `users` WHERE `id`={$this->_user_id} LIMIT 1";
if (!($result = $conn->query($sql_query))) {
throw new Exception("db error", 500);
}
$row = mysqli_fetch_assoc($result);
$user_cart_id = $row['cart_id'];
if (!$user_cart_id) {
throw new Exception("invalid request: no cart exists for the user", 404);
}
if ($cart_id) {
if ($cart_id !== $user_cart_id) {
throw new Exception("insufficient permissions", 401);
}
}
$cart_id = $user_cart_id;
try {
$conn->autocommit(false);
$sql_query = "DELETE FROM `cart` WHERE `id`='{$cart_id}' AND `book_id`='{$book_id}'";
if (!($result = $conn->query($sql_query))) {
throw new Exception("db error", 500);
}
$conn->commit();
$sql_query = "SELECT COUNT(*) FROM `cart` WHERE `id`={$cart_id}";
if (!($result = $conn->query($sql_query))) {
close_db($conn);
throw new Exception("db error", 500);
}
$row2 = mysqli_fetch_row($result);
$count = $row2[0];
if ($count == 0) {
$sql_query = "UPDATE `users` SET `cart_id`= null WHERE `id`={$this->_user_id}";
if (!($result = $conn->query($sql_query))) {
throw new Exception("db error", 500);
}
}
$conn->commit();
$conn->autocommit(true);
} catch (Exception $e) {
$conn->rollback();
close_db($conn);
throw new Exception($e->getMessage(), $e->getCode());
}
} else {
$sql_query = "DELETE FROM `cart` WHERE `id`='{$cart_id}' AND `book_id`='{$book_id}'";
if (!($result = $conn->query($sql_query))) {
echo $conn->error;
throw new Exception("db error", 500);
}
}
close_db($conn);
$data = array("cart_id" => $cart_id, "book_id" => $book_id);
$retData = array();
$retData['staus'] = "success";
$retData['message'] = "cart item deleted";
$retData['data'] = $data;
return array('data' => $retData, 'status' => 200);
}
public function orders_post()
{
if (!$this->_user_id) {
throw new Exception("no token sent", 400);
}
$total = 0;
$time = time();
$status = 'Order Recieved';
$conn = connect_db();
$sql_query = "SELECT `cart_id` FROM `users` WHERE `id`={$this->_user_id}";
if (!($result = $conn->query($sql_query))) {
throw new Exception("db error", 500);
}
$row = mysqli_fetch_row($result);
$cart_id = $row[0];
if (!$cart_id) {
throw new Exception("order can't be placed: cart empty", 400);
}
try {
$conn->autocommit(false);
$sql_query = "INSERT INTO `orders` ";
$sql_query .= "(`id`,`user_id`,`total`,`placed_at_time`,`status`) VALUES ";
$sql_query .= "(null,'{$this->_user_id}','{$total}','{$time}','{$status}')";
if (!($result = $conn->query($sql_query))) {
throw new Exception("db error", 500);
}
$order_id = $conn->insert_id;
$sql_query = "SELECT * FROM `cart` WHERE `id`={$cart_id}";
if (!($result = $conn->query($sql_query))) {
throw new Exception("db error", 500);
}
while ($row = mysqli_fetch_assoc($result)) {
$book_id = $row['book_id'];
$quantity = $row['quantity'];
$sql_query = "SELECT `price` FROM `books` WHERE `id`={$book_id}";
if (!($book_result = $conn->query($sql_query))) {
throw new Exception("db error", 500);
}
$book_row = mysqli_fetch_assoc($book_result);
$price = $book_row['price'] * 0.35;
$total += $quantity * $price;
$sql_query = "INSERT INTO `order_details`";
$sql_query .= "(`order_id`,`book_id`,`quantity`,`price`) VALUES";
$sql_query .= "('{$order_id}','{$book_id}','{$quantity}','{$price}')";
if (!($order_result = $conn->query($sql_query))) {
throw new Exception("db error", 500);
}
}
$sql_query = "UPDATE `users` SET `cart_id`= null WHERE `id`={$this->_user_id}";
if (!($result = $conn->query($sql_query))) {
throw new Exception("db error", 500);
}
$sql_query = "UPDATE `orders` SET `total`={$total} WHERE `id`={$order_id}";
if (!($result = $conn->query($sql_query))) {
throw new Exception("db error", 500);
}
$sql_query = "DELETE FROM `cart` WHERE `id`={$cart_id}";
if (!($result = $conn->query($sql_query))) {
throw new Exception("db error", 500);
}
$conn->commit();
$conn->autocommit(true);
close_db($conn);
} catch (Exception $e) {
$conn->rollback();
close_db($conn);
throw new Exception($e->getMessage(), $e->getCode());
}
$retData = array();
$retData['staus'] = "success";
$retData['message'] = "order placed successfully";
$data = array();
$data['order_id'] = $order_id;
$data['_links']['self']['href'] = "/orders/" . $order_id;
$retData['data'] = $data;
return array('data' => $retData, 'status' => 200);
}
function display($string, $current)
{
global $inHead;
global $config;
$tabs = array();
$tabs['upload'] = array('url' => 'plog-upload.php', 'caption' => plog_tr('<em>U</em>pload'));
$tabs['import'] = array('url' => 'plog-import.php?nojs=1', 'caption' => plog_tr('<em>I</em>mport'), 'onclick' => "window.location='plog-import.php'; return false;");
$tabs['manage'] = array('url' => 'plog-manage.php', 'caption' => plog_tr('<em>M</em>anage'));
$tabs['feedback'] = array('url' => 'plog-feedback.php', 'caption' => plog_tr('<em>F</em>eedback'));
$tabs['options'] = array('url' => 'plog-options.php', 'caption' => plog_tr('<em>O</em>ptions'));
$tabs['themes'] = array('url' => 'plog-themes.php', 'caption' => plog_tr('<em>T</em>hemes'));
$tabs['plugins'] = array('url' => 'plog-plugins.php', 'caption' => plog_tr('<em>P</em>lugins'));
$tabs['view'] = array('url' => $config['gallery_url'], 'caption' => plog_tr('<em>V</em>iew'), 'onclick' => "window.open('" . $config['gallery_url'] . "'); return false;");
$tabs['support'] = array('url' => 'http://www.plogger.org/forum/', 'caption' => plog_tr('<em>S</em>upport'), 'onclick' => "window.open('http://www.plogger.org/forum/'); return false;");
$tabs['logout'] = array('url' => $_SERVER['PHP_SELF'] . '?action=log_out', 'caption' => plog_tr('<em>L</em>og out'));
// Get the accesskey from the localization - it should be surrounded by <em> tags
foreach ($tabs as $key => $data) {
if (preg_match('|<em>(.*)</em>|', $data['caption'], $matches)) {
$tabs[$key]['accesskey'] = $matches[1];
}
}
$output = '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>Plogger ' . plog_tr('Gallery Admin') . '</title>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<link rel="stylesheet" href="' . $config['gallery_url'] . 'plog-admin/css/admin.css" type="text/css" media="all" />
<link rel="stylesheet" href="' . $config['gallery_url'] . 'plog-admin/css/lightbox.css" type="text/css" media="all" />
<script type="text/javascript" src="' . $config['gallery_url'] . 'plog-admin/js/prototype.js"></script>
<script type="text/javascript" src="' . $config['gallery_url'] . 'plog-admin/js/plogger.js"></script>
<script type="text/javascript" src="' . $config['gallery_url'] . 'plog-admin/js/lightbox.js"></script>
' . $inHead . '
</head>
<body onload="initLightbox();">
<div id="header">
<div id="logo">
<img src="' . $config['gallery_url'] . 'plog-admin/images/plogger.gif" width="393" height="90" alt="Plogger" />
</div><!-- /logo -->
<div id="plogger-version">
<div class="align-right">
' . $config['version'] . ' [' . plogger_show_server_info_link() . ']
</div><!-- /align-right -->
' . plogger_generate_server_info() . '
</div><!-- /plogger-version -->
<div style="clear: both; height: 15px;"> </div>
<div id="tab-nav">
<ul>';
foreach ($tabs as $tab => $data) {
$output .= '
<li';
if ($current == $tab) {
$output .= ' id="current"';
}
$output .= '><a';
if (!empty($data['onclick'])) {
$output .= ' onclick="' . $data['onclick'] . '"';
}
if (!empty($data['accesskey'])) {
$output .= ' accesskey="' . $data['accesskey'] . '"';
}
$output .= ' href="' . $data['url'] . '">' . $data['caption'] . '</a></li>';
}
$output .= '
</ul>
</div><!-- /tab-nav -->
</div><!-- /header -->
<div id="content">
' . $string . '
</div><!-- /content -->';
if (defined('PLOGGER_DEBUG') && PLOGGER_DEBUG == '1') {
$output .= trace('Queries: ' . $GLOBALS['query_count'], false);
foreach ($GLOBALS['queries'] as $q) {
$output .= trace($q, false);
}
$output .= trace(plog_timer('end'), false);
}
$output .= "\n\n" . '</body>
</html>';
echo $output;
close_db();
close_ftp();
exit;
}
function get_write_db()
{
close_db();
open_db_write();
}
</a>
</div>
</div>
<?php
/*
if(isset($_GET['ud'])) {
//$userdev = $_GET['ud'];
getUserDevices($_GET['ud'], $dbconn);
}
if(isset($_GET['uh'])) {
getUserHistory($_GET['uh'], $dbconn);
}
*/
close_db($dbconn);
} else {
session_unset();
session_destroy();
session_write_close();
setcookie(session_name(), '', 0, '/');
session_regenerate_id(true);
header("Location: login.php");
echo "<h4>No user defined</h4>";
}
} else {
session_unset();
session_destroy();
session_write_close();
setcookie(session_name(), '', 0, '/');
session_regenerate_id(true);
function outputPlugins()
{
connect_db();
$ordervar = @$_GET["order"] ? quote_db(@$_GET["order"]) : "moddate";
$asc_desc = @$_GET["sort"] ? quote_db(@$_GET["sort"]) : "DESC";
$result = query_db("SELECT * FROM plugins ORDER BY {$ordervar} {$asc_desc}");
$now = time();
$i = 0;
while ($row = mysql_fetch_array($result)) {
$moddate_unix = strtotime($row['moddate']);
$odd = $i % 2 == 1;
$image_file = file_exists($row['image']) ? $row['image'] : "images/noicon.png";
echo '<div class="box name' . ($odd ? ' odd' : '') . '" >';
echo ' <img src="' . $image_file . '" alt="plugin icon" />';
echo ' <a href="http://qsapp.com/plugins/plugins/' . $row['fullpath'] . '">' . $row['name'] . '</a>';
if ($now - $moddate_unix <= 5184000) {
echo ' <sup><span style="color:#ff0000;" >new!</span></sup>';
}
echo '</div>';
echo '<div class="box version' . ($odd ? ' odd' : '') . '" >' . $row['version'] . ' </div>';
echo '<div class="box updated' . ($odd ? ' odd' : '') . '" >' . $row['moddate'] . ' </div>';
// <div class="box" id="dl"><a href="'.$row['fullpath'].'"><img src="images/download.gif" /></a></div>';
$i++;
}
echo '<p> </p>';
close_db();
}
<?php
include_once "include/db_mysql.php";
include_once "include/common.php";
$conn = db_connect($h, $p, $u, $db);
if ($conn) {
$sql = "select id,board_name,board_desc from boards order by id asc";
$result = mysql_query($sql) or die("ERROR: " . mysql_error() . " <br/>SQL=" . $sql);
if ($num = mysql_num_rows($result)) {
$board_list = "";
while ($row = mysql_fetch_array($result)) {
$bid = $row['id'];
$board_list .= "<div id=\"b_name\"> > <a href=\"list.php?bid={$bid}\">" . $row['board_name'] . "</a></div>";
$board_list .= "<div id=\"b_desc\">" . $row['board_desc'] . "</div><br/>";
}
} else {
$board_list = "<div id=\"b_name\">" . $ERR['NO_BOARD'] . "</div>";
}
close_db($conn);
}
$html_title = $HTML_TITLE['board'];
include_once "template/board.htm";
<?php
include 'config.php';
include 'db-functions.php';
$connection = connect_to_db();
select_db();
if (isset($_GET["notificationid"])) {
$query = "SELECT * FROM notification WHERE notificationid = " . $_GET["notificationid"];
} else {
$query = "SELECT * FROM notification";
}
$result = run_query($query);
// Pushes each entry of result into an array and converts it to JSON.
$array = array();
while ($row = mysql_fetch_assoc($result)) {
array_push($array, $row);
}
echo json_encode($array);
close_db($connection);
$prev = "";
$dbh = open_db($database);
$query = "select title,url,stamp,id from bag order by stamp";
$result = $dbh->query($query);
while ($row = $result->fetchArray()) {
$title = preg_replace('/[^A-za-z0-9\'\\"\\?\\.\\&\\!\\$\\:\\;\\/\\- ]/', ' ', $row['title']);
$url = $row['url'];
$stamp = $row['stamp'];
$id = $row['id'];
if ($stamp == $prev) {
} else {
echo "<p style='font-size:medium'>{$stamp}</p><p>";
}
echo "- <a href='{$url}' target='_NEW{$id}'>{$title}</a><br/>\n";
$prev = $stamp;
}
echo "\n<p style='font-size:x-small'>Above was generated by a homegrown bolt-on script for <a href='https://www.wallabag.org/' target='_NEWWALLA'>Wallabag</a>, which is a free utility for capturing web content so that it can be read later.</p>";
close_db($dbh);
}
function open_db($database)
{
$dbh = new SQLite3($database);
if (!$dbh) {
die($error);
}
return $dbh;
}
function close_db($dbh)
{
$dbh->close();
}
function clean_session()
{
$_SESSION['filler'] = null;
$_SESSION['tipo'] = null;
$_SESSION['paroleFiller'] = array();
$_SESSION['primePh1'] = null;
$_SESSION['primePh2'] = null;
$_SESSION['parola1'] = array();
$_SESSION['parola2'] = array();
$_SESSION['interp1'] = array();
$_SESSION['interp2'] = array();
close_db();
}
/** main page */
include 'includes/wc.main.inc.php';
$db = connect_to_db();
if ($signed_in) {
$who_you_want = select_p($db, "select crushee_id, (select name from wes_users where username = (select username from user where user_id = crushee_id)) as name from crushes where crusher_id = ?", array($signed_in_id), 'getAll');
$who_want_you = select_p($db, "select crusher_id, crusher_alias from crushes where crushee_id = ?", array($signed_in_id), 'getAll');
for ($i = 0; $i < count($who_you_want); $i++) {
$crushee_id = $who_you_want[$i]['crushee_id'];
$match = select_p($db, "select count(*) from crushes where crusher_id = ? and crushee_id = ?", array($crushee_id, $signed_in_id), 'getOne');
$who_you_want[$i]['match'] = $match;
}
for ($i = 0; $i < count($who_want_you); $i++) {
$crusher_id = $who_want_you[$i]['crusher_id'];
$match = select_p($db, "select count(*) from crushes where crusher_id = ? and crushee_id = ?", array($signed_in_id, $crusher_id), 'getOne');
// the big reveal... don't f**k up this code
if ($match) {
$name = select_p($db, "select name from wes_users where username = (select username from user where user_id = ?)", array($crusher_id), 'getOne');
$who_want_you[$i]['name'] = $name;
}
$who_want_you[$i]['match'] = $match;
}
$smarty->assign('who_you_want', $who_you_want);
$smarty->assign('who_want_you', $who_want_you);
$quote = select_p($db, "select * from quotes order by rand() limit 1", array(), 'getRow');
$smarty->assign('quote', $quote['quote']);
$smarty->assign('quoted', $quote['quoted']);
}
$smarty->display('index.tpl');
close_db($db);
function list_room_types()
{
global $dsn, $dbConn;
open_db();
$sql = "select room_type_id, desc_en from room_types order by desc_en";
$dbResult = odbc_exec($dbConn, $sql);
while (odbc_fetch_row($dbResult)) {
echo '<option label="' . odbc_result($dbResult, "desc_en") . '">' . odbc_result($dbResult, "room_type_id") . '</option>';
}
close_db();
return true;
}
$user_type = mysql_result($res, 0, "type");
$user_group = mysql_result($res, 0, "grp");
return TRUE;
} else {
return FALSE;
}
} else {
return FALSE;
}
}
session_start();
$p_id = $_POST['id'];
$p_pass = $_POST['pass'];
connect_db();
$check = checkpassword($p_id, $p_pass, $user_type, $user_group);
close_db();
if ($check) {
$_SESSION['id'] = $p_id;
$_SESSION['type'] = $user_type;
$_SESSION['group'] = $user_group;
echo '<html>';
echo '<META HTTP-EQUIV="Refresh" CONTENT="0; URL=main.php">';
echo '</html>';
} else {
session_destroy();
echo '<html>';
echo '<META HTTP-EQUIV="Refresh" CONTENT="0; URL=login.php?error=1">';
echo '</html>';
}
?>
function processsubmission()
{
$id = $_POST['id'];
$fsize = $_FILES['code']['size'];
// echo 'id = ' . $id;
if ($fsize > 0 && $fsize <= 100000) {
connect_db();
$res = savesubmission($_POST['id'], $_POST['probid'], $_FILES['code']['tmp_name']);
close_db();
if ($res != NULL) {
$_SESSION['msg'] = $res;
}
} else {
$_SESSION['msg'] = 'ERROR: File too large';
}
}
