function leaveRun()
{
// Access the globals.
global $DB;
global $TIMEMARK;
global $MySelf;
$runid = $_GET[id];
$userid = $MySelf->getID();
// Are we actually still in this run?
if (userInRun($userid, $runid) == "none") {
makeNotice("You can not leave a run you are currently not a part of.", "warning", "Not you run.", "index.php?action=show&id={$runid}", "[cancel]");
}
// Is $runid truly an integer?
numericCheck($runid);
// Oh yeah?
if (runIsLocked($runid)) {
confirm("Do you really want to leave mining operation #{$runid} ?<br><br>Careful: This operation has been locked by " . runSupervisor($runid, true) . ". You can not rejoin the operation unless its unlocked again.");
} else {
confirm("Do you really want to leave mining operation #{$runid} ?");
}
// Did the run start yet? If not, delete the request.
$runStart = $DB->getCol("SELECT starttime FROM runs WHERE id='{$runid}' LIMIT 1");
if ($TIMEMARK < $runStart[0]) {
// Event not started yet. Delete.
$DB->query("DELETE FROM joinups WHERE run='{$runid}' AND userid='{$userid}'");
} else {
// Event started, just mark inactive.
$DB->query("update joinups set parted = '{$TIMEMARK}' where run = '{$runid}' and userid = '{$userid}' and parted IS NULL");
}
makeNotice("You have left the run.", "notice", "You left the Op.", "index.php?action=show&id={$runid}", "[OK]");
}
function get_products()
{
$query = query("SELECT * FROM products");
confirm($query);
while ($row = fetch_array($query)) {
$product = <<<DELIMITER
<div class="col-sm-4 col-lg-4 col-md-4">
<div class="thumbnail">
<a href="item.php?id={$row['product_id']}"><img src="{$row['product_image']}" alt=""></a>
<div class="caption">
<h4 class="pull-right">${$row['product_price']}</h4>
<h4><a href="item.php?id={$row['product_id']}">{$row['product_title']}</a>
</h4>
<p>See more snippets like this online store item at <a target="_blank" href="http://www.bootsnipp.com">Bootsnipp - http://bootsnipp.com</a>.</p>
<a class="btn btn-primary" target="_blank" href="../resources/cart.php?add={$row['product_id']}">Add to Cart</a>
</div>
</div>
</div>
DELIMITER;
echo $product;
}
}
function write(&$frm)
{
if (isset($_REQUEST["btn_back"])) {
return enter($frm);
}
if ($frm->validate("write")) {
return confirm($frm);
}
$upd = new dbUpdate("suppstock", "cubit");
$del = new dbDelete("suppstock", "cubit");
foreach ($_REQUEST["stkcod"] as $suppid => $stkcod) {
if (empty($stkcod)) {
$del->setOpt("suppid='{$suppid}' AND stkid='{$_REQUEST['id']}'");
$del->run();
continue;
}
$cols = grp(m("suppid", $suppid), m("stkid", $_REQUEST["id"]), m("stkcod", $stkcod));
$upd->setOpt($cols, "suppid='{$suppid}' AND stkid='{$_REQUEST['id']}'");
$upd->run(DB_REPLACE);
}
foreach ($_REQUEST["stkdes"] as $suppid => $stkdes) {
if (empty($stkcod)) {
$del->setOpt("suppid='{$suppid}' AND stkid='{$_REQUEST['id']}'");
$del->run();
continue;
}
$cols = grp(m("suppid", $suppid), m("stkid", $_REQUEST["id"]), m("stkdes", $stkdes));
$upd->setOpt($cols, "suppid='{$suppid}' AND stkid='{$_REQUEST['id']}'");
$upd->run(DB_REPLACE);
}
$OUT = "<script>window.close();</script>";
return $OUT;
}
function deleteEvent()
{
// is the events module active?
if (!getConfig("events")) {
makeNotice("The admin has deactivated the events module.", "warning", "Module not active");
}
// Import the globals, as usual.
global $DB;
global $MySelf;
// Are we allowed to be here?
if (!$MySelf->canDeleteEvents()) {
makeNotice("You are not allowed to do this!", "error", "Forbidden");
}
// Is the ID safe?
if (!is_numeric($_GET[id]) || $_GET[id] < 0) {
makeNotice("Invalid ID given!", "error", "Invalid Data");
}
// Does the user really want this?
confirm("Are you sure you want to delete this event?");
// Ok, then delete it.
$DB->query("DELETE FROM events WHERE id = '{$_GET['id']}' LIMIT 1");
if ($DB->affectedRows() == 1) {
// Inform the people!
// mailUser();
makeNotice("The event has been deleted", "notice", "Event deleted", "index.php?action=showevents", "[OK]");
} else {
makeNotice("Could not delete the event from the database.", "error", "DB Error", "index.php?action=showevents", "[Cancel]");
}
}
function deleteRun()
{
// We need some globals.
global $DB;
global $MySelf;
global $READONLY;
// Are we allowed to delete runs?
if (!$MySelf->canDeleteRun() || $READONLY) {
makeNotice("You are not allowed to delete runs!", "error", "forbidden");
}
// Set the ID.
$ID = sanitize("{$_GET['id']}");
if (!is_numeric($ID) || $ID < 0) {
makeNotice("Invalid ID passed to deleteRun!", "error");
}
// Are we sure?
confirm("Do you really want to delete run #{$ID} ?");
// Get the run in question.
$run = $DB->getRow("SELECT * FROM runs WHERE id = '{$ID}' LIMIT 1");
// is it closed?
if ("{$run['endtime']}" < "0") {
makeNotice("You can only delete closed runs!", "error", "Deletion canceled", "index.php?action=list", "[cancel]");
}
// delete it.
$DB->query("DELETE FROM runs WHERE id ='{$ID}'");
// Also delete all hauls.
$DB->query("DELETE FROM hauled WHERE miningrun='{$ID}'");
// And joinups.
$DB->query("DELETE FROM joinups WHERE runid='{$ID}'");
makeNotice("The Miningrun Nr. #{$ID} has been deleted from the database and all associated hauls as well.", "notice", "Mining Operation deleted", "index.php?action=list", "[OK]");
}
function users_online()
{
if (isset($_GET['onlineusers'])) {
global $connection;
if (!$connection) {
session_start();
include "../includes/db.php";
$session = session_id();
$time = time();
$time_out_in_seconds = 1;
$time_out = $time - $time_out_in_seconds;
$query = "SELECT * FROM users_online WHERE session = '{$session}'";
$send_query = mysqli_query($connection, $query);
confirm($send_query);
$count = mysqli_num_rows($send_query);
if ($count == NULL) {
mysqli_query($connection, "INSERT INTO users_online(session, time) VALUES('{$session}', '{$time}')");
} else {
mysqli_query($connection, "UPDATE users_online SET time = '{$time}' WHERE session = '{$session}'");
}
$users_online_query = mysqli_query($connection, "SELECT * FROM users_online WHERE time > '{$time_out}'");
echo $count_user = mysqli_num_rows($users_online_query);
}
}
// Get request isset()
}
function verify_directory($directory)
{
if (file_exists($directory)) {
return confirm(sprintf("Directory %s exists. Use it?", $directory));
}
mkdir($directory);
return true;
}
function alerta()
{
if (confirm("El usuario y contraseña son incorrectos vuelva a intentarlo ")) {
alert('Pulsaste aceptar!');
} else {
alert('Pulsaste cancelar!');
}
}
function write($frm)
{
extract($_REQUEST);
if ($frm->validate("write")) {
return confirm($frm);
}
pglib_transaction("BEGIN");
db_conn('cubit');
$user = USER_NAME;
$Sql = "SELECT * FROM assets WHERE (dep_month='yes' AND remaction IS NULL)";
$Rslt = db_exec($Sql) or errDie("Unable to access database.");
$cc = "";
$todate = mkdate($date_year, $date_month, $date_day);
$ttime = mktimefd($todate);
$refnum = getrefnum($todate);
while ($led = pg_fetch_array($Rslt)) {
if (empty($led["autodepr_date"])) {
$led["autodepr_date"] = $led["date"];
}
explodeDate($led["autodepr_date"], $date_year, $date_month, $date_day);
$ftime = mktime(0, 0, 0, $date_month, $date_day, $date_year);
$depmonths = 0;
while ($ftime < $ttime) {
++$depmonths;
$ftime = mktime(0, 0, 0, $date_month + $depmonths, $date_day, $date_year);
}
if ($depmonths == 0) {
continue;
}
$depperc = $led["dep_perc"];
$ml_perc = $depperc * ($depmonths % 12 / 12);
$years = ($depmonths - $depmonths % 12) / 12;
$baseamt = $led["amount"] - $led["accdep"];
$depamt = 0;
/* yearly depreciations */
for ($i = 1; $i <= $years; ++$i) {
$depamt += ($baseamt - $depamt) * ($depperc / 100);
}
/* monthly depreciation */
$depamt += ($baseamt - $depamt) * ($ml_perc / 100);
$sql = "SELECT * FROM assetgrp WHERE grpid = '{$led['grpid']}' AND div = '" . USER_DIV . "'";
$grpRslt = db_exec($sql);
$grp = pg_fetch_array($grpRslt);
writetrans($grp['depacc'], $grp['accdacc'], $todate, $refnum, $depamt, "{$led['des']} Depreciation");
db_connect();
$sql = "UPDATE assets SET accdep = (accdep + '{$depamt}'), autodepr_date='{$todate}'\r\n\t\t\t\tWHERE (id='{$led['id']}' AND div = '" . USER_DIV . "')";
db_exec($sql) or errdie("Could not update assets table.");
$snetval = $baseamt - $depamt;
$sdate = date("Y-m-d");
$sql = "INSERT INTO assetledger(assetid, asset, date, depamt, netval, div) \r\n\t\t\t\tVALUES ('{$led['id']}', '{$led['des']}', '{$todate}', '{$depamt}', '{$snetval}', '" . USER_DIV . "')";
db_exec($sql) or errdie("Could not write to asset ledger.");
$cc .= "CostCenter('ct', 'Asset Depreciation', '{$todate}', '{$led['des']} Depreciation', '{$depamt}', '');";
}
pglib_transaction("COMMIT");
$write = "\r\n\t<script> \r\n\t{$cc}\r\n\t</script>\r\n\t<table " . TMPL_tblDflts . " width='50%'>\r\n\t\t<tr>\r\n\t\t\t<th>Auto Asset Depreciation</th>\r\n\t\t</tr>\r\n\t\t<tr class='datacell'>\r\n\t\t\t<td>Asset Depreciation has calculated and recorded.</td>\r\n\t\t</tr>\r\n\t</table>";
return $write;
}
function get_record_json_by_id($id)
{
$query = "SELECT * FROM task WHERE id = {$id}";
$result = mysql_query($query);
confirm($result, "problem in query");
$row = mysql_fetch_array($result);
$record_array = array("id" => $row["id"], "title" => $row["title"], "complete" => $row["complete"]);
$record_json = json_encode($record_array);
return $record_json;
}
function connect_error()
{
global $adminer, $connection, $token, $error, $drivers;
if (DB != "") {
header("HTTP/1.1 404 Not Found");
page_header(lang('Database') . ": " . h(DB), lang('Invalid database.'), true);
} else {
if ($_POST["db"] && !$error) {
queries_redirect(substr(ME, 0, -1), lang('Databases have been dropped.'), drop_databases($_POST["db"]));
}
//Encabezado y botones de la parte superior en la seleccion de bases de datos
page_header(lang('Select database'), $error, false);
echo "<p>\n";
foreach (array('database' => lang('Create new database'), 'privileges' => lang('Privileges'), 'processlist' => lang('Process list'), 'variables' => lang('Variables'), 'status' => lang('Status')) as $key => $val) {
if (support($key)) {
echo "<a class='btn btn-xs btn-primary' href='" . h(ME) . "{$key}='>{$val}</a>\n";
}
}
//Presenta informacion de la conexion
echo "<p><i class='fa fa-exchange fa-fw'></i> " . lang('%s version: %s through PHP extension %s', $drivers[DRIVER], "<b>" . h($connection->server_info) . "</b>", "<b>{$connection->extension}</b>") . "\n";
echo "<p><i class='fa fa-user fa-fw'></i> " . lang('Logged as: %s', "<b>" . h(logged_user()) . "</b>") . "\n";
//Presenta la lista de bases de datos existentes y los encabezados
$databases = $adminer->databases();
if ($databases) {
$scheme = support("scheme");
$collations = collations();
echo "<form action='' method='post'>\n";
echo "<table cellspacing='0' class='checkable table table-condensed table-responsive table-hover' onclick='tableClick(event);' ondblclick='tableClick(event, true);'>\n";
echo "<thead><tr>" . (support("database") ? "<th> " : "") . "<th>" . lang('Database') . " - <a class='btn btn-default btn-xs' href='" . h(ME) . "refresh=1'><i class='fa fa-refresh fa-fw'></i> " . lang('Refresh') . "</a>" . "<th>" . lang('Collation') . "<th>" . lang('Tables') . "<th>" . lang('Size') . " - <a class='btn btn-default btn-xs' href='" . h(ME) . "dbsize=1' onclick=\"return !ajaxSetHtml('" . js_escape(ME) . "script=connect');\">" . lang('Compute') . "</a>" . "</thead>\n";
//Presenta la lista de bases de datos
$databases = $_GET["dbsize"] ? count_tables($databases) : array_flip($databases);
foreach ($databases as $db => $tables) {
$root = h(ME) . "db=" . urlencode($db);
echo "<tr" . odd() . ">" . (support("database") ? "\n\t\t\t\t\t<td align=center>" . checkbox("db[]", $db, in_array($db, (array) $_POST["db"])) : "");
echo "<th><a href='{$root}'>" . h($db) . "</a>";
$collation = nbsp(db_collation($db, $collations));
echo "<td>" . (support("database") ? "<a href='{$root}" . ($scheme ? "&ns=" : "") . "&database=' title='" . lang('Alter database') . "'>{$collation}</a>" : $collation);
echo "<td align='right'><a href='{$root}&schema=' id='tables-" . h($db) . "' title='" . lang('Database schema') . "'>" . ($_GET["dbsize"] ? $tables : "?") . "</a>";
echo "<td align='right' id='size-" . h($db) . "'>" . ($_GET["dbsize"] ? db_size($db) : "?");
echo "\n";
}
echo "</table>\n";
//Agrega boton de eliminar
echo support("database") ? "<fieldset><legend>" . lang('Selected') . " <span id='selected'></span></legend><div>\n" . "<input type='hidden' name='all' value='' onclick=\"selectCount('selected', formChecked(this, /^db/));\">\n" . "<input class='btn btn-xs btn-danger' type='submit' name='drop' value='" . lang('Drop') . "'" . confirm() . ">\n" . "</div></fieldset>\n" : "";
echo "<script type='text/javascript'>tableCheck();</script>\n";
echo "<input type='hidden' name='token' value='{$token}'>\n";
echo "</form>\n";
}
}
page_footer("db");
}
function cart()
{
$total = 0;
$item_quantity = 0;
$item_name = 1;
$item_number = 1;
$amount = 1;
$quantity = 1;
foreach ($_SESSION as $name => $value) {
if ($value > 0) {
if (substr($name, 0, 8) == "product_") {
$length = strlen($name - 8);
$id = substr($name, 8, $length);
$query = query("SELECT * FROM products WHERE product_id = " . escape_string($id) . " ");
confirm($query);
while ($row = fetch_array($query)) {
$sub = $row['product_price'] * $value;
$item_quantity += $value;
$product = <<<DELIMETER
<tr>
<td>{$row['product_title']}</td>
<td>${$row['product_price']}</td>
<td>{$value}</td>
<td>${$sub}</td>
<td>
<a class='btn btn-warning' href="cart.php?remove={$row['product_id']}"><span class='glyphicon glyphicon-minus'></span></a>
<a class='btn btn-success' href="cart.php?add={$row['product_id']}"><span class='glyphicon glyphicon-plus'></span></a>
<a class='btn btn-danger' href="cart.php?delete={$row['product_id']}"><span class='glyphicon glyphicon-remove'></span></a>
</td>
</tr>
<input type="hidden" name="item_name_{$item_name}" value="{$row['product_title']}">
<input type="hidden" name="item_number_{$item_number}" value="{$row['product_id']}">
<input type="hidden" name="amount_{$amount}" value="{$row['product_price']}">
<input type="hidden" name="quantity_{$quantity}" value="{$row['product_quantity']}">
DELIMETER;
echo $product;
$total = 0;
$item_quantity = 0;
$item_name++;
$item_number++;
$amount++;
$quantity++;
}
$_SESSION['item_total'] = $total += $sub;
$_SESSION['item_quantity'] = $item_quantity;
}
}
}
}
function createTransaction()
{
// We need globals.
global $DB;
global $MySelf;
global $TIMEMARK;
// Are we allowed to poke in here?
if (!$MySelf->isAccountant()) {
makeNotice("Umm, you are not allowed to do this. Really. You are not.", "warning", "You are not supposed to be here");
}
// Check the ints.
numericCheck($_POST[wod], 0, 1);
numericCheck($_POST[amount], 0);
numericCheck($_POST[id], 0);
// Its easier on the eyes.
$type = $_POST[wod];
$amount = $_POST[amount];
$id = $_POST[id];
$username = idToUsername($id);
// invert the amount if we have a withdrawal.
if ($_POST[wod] == 1) {
$dir = "withdrawed";
$dir2 = "from";
$hisMoney = getCredits($id);
if ($hisMoney < $amount) {
$ayee = $hisMoney - $amount;
confirm("WARNING:<br>{$username} can NOT afford this withdrawal. If you choose to " . "authorize this transaction anyway his account will be at " . number_format($ayee, 2) . " ISK.");
}
} else {
$amount = $_POST[amount];
$dir = "deposited";
$dir2 = "into";
}
// We use custom reason, if set.
if ($_POST[reason2] != "") {
$reason = sanitize($_POST[reason2]);
} else {
$reason = sanitize($_POST[reason1]);
}
// Create transaction.
$transaction = new transaction($id, $type, $amount);
$transaction->setReason($reason);
// Success?
if (!$transaction->commit()) {
// Nope :(
makeNotice("Unable to create transaction. Danger, Will Robinson, DANGER!", "error", "Internal Error", "index.php?action=edituser&id={$id}", "[Back]");
} else {
// Success !
makeNotice("You successfully {$dir} {$amount} ISK {$dir2} " . $username . "'s account.", "notice", "Transaction complete", "index.php?action=edituser&id={$id}", "[Ok]");
}
}
function connect_error()
{
global $connection, $token, $error, $drivers;
$databases = array();
if (DB != "") {
page_header(lang('Database') . ": " . h(DB), lang('Invalid database.'), true);
} else {
if ($_POST["db"] && !$error) {
queries_redirect(substr(ME, 0, -1), lang('Databases have been dropped.'), drop_databases($_POST["db"]));
}
page_header(lang('Select database'), $error, false);
echo "<p><a href='" . h(ME) . "database='>" . lang('Create new database') . "</a>\n";
foreach (array('privileges' => lang('Privileges'), 'processlist' => lang('Process list'), 'variables' => lang('Variables'), 'status' => lang('Status')) as $key => $val) {
if (support($key)) {
echo "<a href='" . h(ME) . "{$key}='>{$val}</a>\n";
}
}
echo "<p>" . lang('%s version: %s through PHP extension %s', $drivers[DRIVER], "<b>{$connection->server_info}</b>", "<b>{$connection->extension}</b>") . "\n";
echo "<p>" . lang('Logged as: %s', "<b>" . h(logged_user()) . "</b>") . "\n";
if ($_GET["refresh"]) {
set_session("dbs", null);
}
$databases = get_databases();
if ($databases) {
$scheme = support("scheme");
$collations = collations();
echo "<form action='' method='post'>\n";
echo "<table cellspacing='0' class='checkable' onclick='tableClick(event);'>\n";
echo "<thead><tr><td> <th>" . lang('Database') . "<td>" . lang('Collation') . "<td>" . lang('Tables') . "</thead>\n";
foreach ($databases as $db) {
$root = h(ME) . "db=" . urlencode($db);
echo "<tr" . odd() . "><td>" . checkbox("db[]", $db, in_array($db, (array) $_POST["db"]));
echo "<th><a href='{$root}'>" . h($db) . "</a>";
echo "<td><a href='{$root}" . ($scheme ? "&ns=" : "") . "&database=' title='" . lang('Alter database') . "'>" . nbsp(db_collation($db, $collations)) . "</a>";
echo "<td align='right'><a href='{$root}&schema=' id='tables-" . h($db) . "' title='" . lang('Database schema') . "'>?</a>";
echo "\n";
}
echo "</table>\n";
echo "<script type='text/javascript'>tableCheck();</script>\n";
echo "<p><input type='submit' name='drop' value='" . lang('Drop') . "'" . confirm("formChecked(this, /db/)", 1) . ">\n";
// 1 - eventStop
echo "<input type='hidden' name='token' value='{$token}'>\n";
echo "<a href='" . h(ME) . "refresh=1' onclick='eventStop(event);'>" . lang('Refresh') . "</a>\n";
echo "</form>\n";
}
}
page_footer("db");
if ($databases) {
echo "<script type='text/javascript'>ajaxSetHtml('" . js_adminer_escape(ME) . "script=connect');</script>\n";
}
}
function cart()
{
$total = 0;
$item_quantity = 0;
$item_name = 1;
$item_number = 1;
$amount = 1;
$quantity = 1;
foreach ($_SESSION as $name => $value) {
if ($value > 0) {
if (substr($name, 0, 8) == "product_") {
$length = strlen($name - 8);
$id = sanitize(substr($name, 8, $length));
$query = query("SELECT * FROM products WHERE p_id = {$id}");
confirm($query);
while ($row = fetch_array($query)) {
$sub = $row['pprice'] * $value;
$item_quantity += $value;
$srt = strtoupper(str_replace("_", " ", "{$row['pname']}"));
$product = <<<DELIMETER
\t\t\t\t<tr>
\t\t\t\t <td><div class=row><div class=col-md-3><img width='50' src='{$row['pimage']}'>
\t\t\t\t </div><div class=col-sm-9><a href="{$row['pname']}"><strong>{$srt}</strong></a><br>
\t\t\t\t </div>
\t\t\t\t </div>
\t\t\t\t </td>
\t\t\t\t <td>₹ {$row['pprice']}</td>
\t\t\t\t <td>{$value}</td>
\t\t\t\t <td>₹ {$sub}</td>
\t\t\t\t <td><a class='btn btn-success' href="cart?add={$row['p_id']}"><span class='glyphicon glyphicon-plus'></span></a> <a class='btn btn-warning' href="cart?remove={$row['p_id']}"><span class='glyphicon glyphicon-minus'></span></a>
\t\t\t\t<a class='btn btn-danger' href="cart?delete={$row['p_id']}"><span class='glyphicon glyphicon-remove'></span></a></td>
\t\t\t\t </tr>
\t\t\t\t <input type="hidden" name="item_name_{$item_name}" value="{$srt}">
\t\t\t\t <input type="hidden" name="item_number_{$item_number}" value="{$row['p_id']}">
\t\t\t\t <input type="hidden" name="amount_{$amount}" value="{$row['pprice']}">
\t\t\t <input type="hidden" name="quantity_{$quantity}" value="{$value}">
DELIMETER;
echo $product;
$item_name++;
$item_number++;
$amount++;
$quantity++;
}
$_SESSION['item_total'] = $total += $sub;
$_SESSION['item_quantity'] = $item_quantity;
}
}
}
}
function write($frm)
{
if (isset($_REQUEST["btn_back"])) {
return select($frm);
}
/* @var $frm cForm */
if ($frm->validate("confirm")) {
return confirm($frm);
}
$cols = grp(m("value", $_REQUEST["emp_year"]));
$upd = new dbUpdate("settings", "cubit", $cols, "constant='EMP_TAXYEAR'");
$upd->run(DB_UPDATE);
$OUT = "\n\t<h3>Active Tax Year</h3>\n\tSuccessfully updated active Tax Year to {$_REQUEST['emp_year']}";
return $OUT;
}
function login_user()
{
if (isset($_POST['submit'])) {
$username = escape_string($_POST['username']);
$password = escape_string($_POST['password']);
$query = query("SELECT * FROM user WHERE username = '******' AND password = '******'");
confirm($query);
if (mysqli_num_rows($query) == 0) {
set_message("Contrasena y usuario no es valida.");
redirect("index.php");
} else {
redirect("public/main.php");
}
}
}
function get_all_subject_by_id($subject_id)
{
global $connection;
$query = "SELECT * ";
$query .= "FROM subjects ";
$query .= "WHERE id = " . $subject_id . " ";
$query .= "LIMIT 1 ";
$set_result = mysql_query($query, $connection);
confirm($set_result);
$subject = mysql_query($set_result);
if (isset($subject)) {
return $subject;
} else {
return NULL;
}
}
function popCan()
{
// We need the globals, as always,
global $DB;
global $MySelf;
$UserID = $MySelf->getID();
// Is the ID sane?
if ($_GET[id] != "all") {
if (empty($_GET[id]) || !is_numeric($_GET[id]) || $_GET[id] < 1) {
makeNotice("Invalid container selected for popping!", "error");
} else {
$LIMIT = " AND id='{$_GET['id']}' LIMIT 1";
}
} else {
confirm("Are you sure you want to pop all your cans?");
}
// Delete the can from the list.
$DB->query("DELETE FROM cans WHERE pilot='{$UserID}' {$LIMIT}");
// And tell the user what happened.
$canspopped = $DB->affectedRows();
// Do we want to go back to the run or the canpage?
if (isset($_GET[runid])) {
$bl = "index.php?action=show&id=" . $_GET[runid];
} else {
$bl = "index.php?action=cans";
}
if ($canspopped == 1) {
// ONE can has been popped.
makeNotice("The can has been popped.", "notice", "POP!", $bl, "That was fun!");
} elseif ($canspopped > 1) {
// TWO OR MORE cans have been popped.
makeNotice("{$canspopped} cans have been popped.", "notice", "POP!", $bl, "That was fun!");
} else {
// ZERO OR LESS cans have been popped.
$col = $DB->getRow("SELECT id, pilot FROM cans WHERE id='{$_GET['id']}'");
if (userInRun($MySelf->getID(), $col[id])) {
$DB->query("DELETE FROM cans WHERE id='{$col['id']}' LIMIT 1");
if ($DB->affectedRows() == 1) {
makeNotice("You just popped a can belonging to " . idToUsername($col[pilot]) . ".", "notice", "POP!", $bl, "That was fun!");
} else {
makeNotice("The can could not be popped!", "error", "Internal Error", $bl, "[cancel]");
}
} else {
makeNotice("The can could not be popped!", "error", "Internal Error", $bl, "[cancel]");
}
}
}
function del_student($db, $argv)
{
if (sizeof($argv) == 3) {
$login = $argv[2];
if (confirm()) {
$collection = $db->createCollection("students");
if ($collection->find(array("login" => $login))->count() > 0) {
$cursor = $collection->remove(array("login" => $login));
echo "User deleted !\n";
} else {
echo "No student found!\n";
}
}
} else {
echo "[31mError: Invalid number of arguments.\n";
echo "Usage: ./etna_movies.php del_student login.[0m\n";
}
}
function select($err = "")
{
global $_POST;
extract($_POST);
if ($vatreg == "no") {
return confirm();
} else {
if ($vatreg != "yes") {
return vatreg("<li class=err>Invalid vat option selected.</li>");
}
}
db_conn("cubit");
$sql = "SELECT value AS prdcat FROM settings WHERE constant='TAX_PRDCAT'";
$rslt = db_exec($sql) or errDie("Error reading tax period category.");
$fields = array_merge(pg_fetch_array($rslt), array("cate_mon" => date("m")));
foreach ($fields as $k => $v) {
if (!isset(${$k})) {
${$k} = $v;
}
}
// if category e and not split yet (straight from db), cat e form: "e [mon#]"
if (strlen($prdcat) > 1) {
$cate_mon = substr($prdcat, 1);
$prdcat = $prdcat[0];
}
$OUTPUT = "\r\n\t<h3>Tax Period</h3>";
if ($err != "") {
$OUTPUT .= "{$err}";
} else {
$OUTPUT .= "\t<li class=err>When selecting a Tax period you will be reminded to do your Tax \r\n\t\t\ttransactions at the end of each such period. If you do not require, do not change this setting.</li>";
}
$selmon = "<select name=cate_mon>";
for ($i = 1; $i <= 12; ++$i) {
if ($cate_mon == $i) {
$sel = "selected";
} else {
$sel = "";
}
$selmon .= "<option value='{$i}' {$sel}>" . date("F", mktime(0, 0, 0, $i, 1, 2000)) . "</option>";
}
$selmon .= "</select>";
$OUTPUT .= "\r\n\t<form method=post action='" . SELF . "'>\r\n\t<input type=hidden name=key value=confirm>\r\n\t<input type=hidden name=vatreg value='{$vatreg}'>\r\n\t<table cellpadding='" . TMPL_tblCellPadding . "' cellspacing='" . TMPL_tblCellSpacing . "'>\r\n\t<tr>\r\n\t\t<th colspan=2>Select Tax Period Category</th>\r\n\t</tr>\r\n\t<tr class='bg-odd'>\r\n\t\t<td><input type=radio value=none name=prdcat " . ($prdcat == "none" ? "checked" : "") . "></td>\r\n\t\t<td>None</td>\r\n\t</tr>\r\n\t<tr class='bg-even'>\r\n\t\t<td><input type=radio value=a name=prdcat " . ($prdcat == "a" ? "checked" : "") . "></td>\r\n\t\t<td>Category A</td>\r\n\t</tr>\r\n\t<tr class='bg-odd'>\r\n\t\t<td><input type=radio value=b name=prdcat " . ($prdcat == "b" ? "checked" : "") . "></td>\r\n\t\t<td>Category B</td>\r\n\t</tr>\r\n\t<tr class='bg-even'>\r\n\t\t<td><input type=radio value=c name=prdcat " . ($prdcat == "c" ? "checked" : "") . "></td>\r\n\t\t<td>Category C</td>\r\n\t</tr>\r\n\t<tr class='bg-odd'>\r\n\t\t<td><input type=radio value=d name=prdcat " . ($prdcat == "d" ? "checked" : "") . "></td>\r\n\t\t<td>Category D</td>\r\n\t</tr>\r\n\t<tr class='bg-even'>\r\n\t\t<td><input type=radio value=e name=prdcat " . ($prdcat == "e" ? "checked" : "") . "></td>\r\n\t\t<td>Category E</td>\r\n\t\t<td>Select: {$selmon}</td>\r\n\t</tr>\r\n\t<tr class='bg-odd'>\r\n\t\t<td><input type=radio value=f name=prdcat " . ($prdcat == "f" ? "checked" : "") . "></td>\r\n\t\t<td>Category F</td>\r\n\t</tr>\r\n\t<tr>\r\n\t\t<td colspan=2 align=right><input type=submit value='Next >'></td>\r\n\t</tr>\r\n\t</table>\r\n\t</form>";
return $OUTPUT;
}
function transferMoney()
{
// Globals
global $MySelf;
global $DB;
global $TIMEMARK;
$MyCredits = getCredits($MySelf->getID());
// Can we afford even the most basic transactions?
if (!numericCheckBool($MyCredits, 0)) {
makeNotice("You can not afford any transaction.", "warning", "Out of money", "index.php?action=manageWallet", "[cancel]");
}
// Did we supply an isk amount at all?
if ($_POST[amount] == "") {
makeNotice("You did not specify an ISK amount. Please go back, and try again.", "warning", "How much?", "index.php?action=manageWallet", "[cancel]");
}
if (!is_numeric($_POST[amount])) {
makeNotice("The frog looks at you and your cheque with the amount of \"" . $_POST[amount] . "\". The frog is unsure how much ISK that is and instead decides to lick your face in a friendly manner, then it closes the teller and goes for lunch.", "warning", "Huh?");
}
// Check for sanity.
if (!numericCheckBool($_POST[to], 0)) {
makeNotice("The supplied reciver is not valid.", "warning", "Invalid ID", "index.php?action=manageWallet", "[cancel]");
}
if (!numericCheckBool($_POST[amount], 0)) {
makeNotice("You need to specify a positive ISK value.", "error", "Invalid amount", "index.php?action=manageWallet", "[cancel]");
}
if (!numericCheckBool($_POST[amount], 0, $MyCredits)) {
makeNotice("You can not afford this transaction.", "warning", "Out of money", "index.php?action=manageWallet", "[cancel]");
}
// Ok so now we know: The reciver is valid, the sender has enough money.
$from = "<br><br>From: " . ucfirst($MySelf->getUsername());
$to = "<br>To: " . ucfirst(idToUsername($_POST[to]));
$amount = "<br>Amount: " . number_format($_POST[amount], 2) . " ISK";
$reason = "<br>Reason: " . $_POST[reason];
confirm("Please authorize this transaction:" . $from . $to . $amount . $reason);
// Lets do it.
$transaction = new transaction($_POST[to], 0, $_POST[amount]);
$transaction->setReason("Cash transfer from " . ucfirst($MySelf->getUsername()) . " to " . ucfirst(idToUsername($_POST[to])) . ": " . $_POST[reason]);
$transaction->isTransfer(true);
$transaction->commit();
// Send'em back.
makeNotice($amount . " has been transfered from your into " . ucfirst(idToUsername($_POST[to])) . " account.", "notice", "Cash transfered", "index.php?action=manageWallet", "[OK]");
}
function toggleLock()
{
global $MySelf;
// Check the ID for validity.
if (!numericCheckBool($_GET[id], 0)) {
makeNotice("That run ID is invalid.", "error", "Invalid RUN");
} else {
$ID = $_GET[id];
}
// Only the owner of the run can do this.
if (runSupervisor($ID) != $MySelf->getUsername()) {
makeNotice("Only the supervisor of a run can lock and unlock his/her run.", "warning", "Unable to comply", "index.php?action=show&id={$_GET['id']}", "[Cancel]");
}
// Determine what the user wants.
switch ($_GET[state]) {
// User wants to lock.
case "lock":
confirm("You are about to lock Mining Operation #{$ID}. No one will be able to join up until you choose to unlock it. Is that what you want?");
$bool = "1";
break;
// User wants to unlock.
// User wants to unlock.
case "unlock":
confirm("You are about to unlock Mining Operation #{$ID}. Everyone will be able to join up again until you choose to relock it. Is that what you want?");
$bool = "0";
break;
// User wants to screw around.
// User wants to screw around.
default:
makeNotice("I dont know what you want off me. I only know lock and unlock. Sorry.", "warning", "Ehh?");
}
// Update the database!
global $DB;
$DB->query("UPDATE runs SET isLocked='{$bool}' WHERE id='{$ID}' LIMIT 1");
// Success?
if ($DB->affectedRows != 1) {
header("Location: index.php?action=show&id={$ID}");
} else {
makeNotice("Unable to set the new locked status in the database. Be sure to run the correct sql schema!", "warning", "Cannot write to database.");
}
}
function validate()
{
global $MySelf;
global $MB_EMAIL;
// Are we already validated?
if ($MySelf->getEmailvalid()) {
makeNotice("You are already validated.");
}
// Is it what the user wants?
confirm("Do you wish to be sent a confirmation eMail now?");
// We need some variables.
global $DB;
global $MySelf;
global $TIMEMARK;
$CODE = rand(111111111111.0, 9999999999999.0);
// Update the user.
$DB->query("UPDATE users SET emailcode ='{$CODE}' WHERE username='******' LIMIT 1");
if ($DB->affectedRows() == 1) {
$email = $DB->getCol("SELECT email FROM users WHERE username = '******' AND deleted='0' LIMIT 1");
// Load more globals
global $SITENAME;
global $URL;
global $VERSION;
// Assemble the activation url.
$ACTIVATE = $URL . "/index.php?action=activate&code={$CODE}";
// Send a confirmation email
$EMAIL = getTemplate("accountrequest", "email");
$EMAIL = str_replace("{{IP}}", "{$_SERVER['REMOTE_ADDR']}", $EMAIL);
$EMAIL = str_replace("{{URL}}", "{$URL}", $EMAIL);
$EMAIL = str_replace("{{DATE}}", date("r", $TIMEMARK), $EMAIL);
$EMAIL = str_replace("{{ACTIVATE}}", "{$ACTIVATE}", $EMAIL);
$EMAIL = str_replace("{{CORP}}", "{$SITENAME}", $EMAIL);
$to = $email[0];
$DOMAIN = $_SERVER['HTTP_HOST'];
$headers = "From:" . $MB_EMAIL;
mail($to, $VERSION, $EMAIL, $headers);
makeNotice("A confirmation email has been sent to your supplied email address.<br>Please follow the instructions therein.", "notice", "Account created");
} else {
makeNotice("Could not send out the confirmation eMail!", "error");
}
}
function delRank()
{
// Doh, globals!
global $MySelf;
global $DB;
// Are we allowed to do this?
if (!$MySelf->canEditRank()) {
makeNotice("You do not have sufficient rights to access this page.", "warning", "Access denied");
}
// Verify it.
numericCheck($_GET[id], 0);
// Confirm it.
confirm("Do you really want to permanently delete rank #" . str_pad($_GET[id], 3, "0", STR_LEFT_PAD) . "?");
// Insert Rank into Database
$DB->query("DELETE FROM ranks WHERE rankid='" . $_GET[id] . "' LIMIT 1");
// Check for success
if ($DB->affectedRows() == 1) {
header("Location: index.php?action=showranks");
} else {
makeNotice("Unable to add the rank into the database!", "warning", "Database Error!");
}
}
function requestPayout()
{
// Globals
global $MySelf;
global $DB;
global $TIMEMARK;
// How much overdraft are we allowed?
$overdraft = 100 * 1000000;
// 100m
$overdraftlimit = false;
// How much isk we got?
$MyCredits = getCredits($MySelf->getID());
// Is this a number?
if (!is_numeric($_POST[amount])) {
makeNotice("The frog looks at you and your cheque with the amount of \"" . $_POST[amount] . "\". The frog is unsure how much ISK that is and instead decides to lick your face in a friendly manner, then it closes the teller and goes for lunch.", "warning", "Huh?");
}
// We are requesting a POSITIVE amount, right?
if (!numericCheckBool($_POST[amount], 0)) {
makeNotice("You can only request positive amounts of ISK. If you want money, go work for it.", "notice", "This aint no charity", "index.php?action=manageWallet", "But i got women and children to feed...");
}
// So, can we afford it?
if ($overdraft <= 0 && !numericCheckBool($_POST[amount], 1, $MyCredits)) {
makeNotice("You can only request a payment up to " . number_format($MyCredits) . " ISK. You requested " . number_format($_POST[amount]) . " ISK. Thats " . number_format($_POST[amount] - $MyCredits, 2) . " ISK more than you can afford.", "warning", "Too big of a payout.", "index.php?action=manageWallet", "[Cancel]");
}
// Allow an overdraft, but not too much
if ($overdraft > 0 && $overdraftlimit && !numericCheckBool($_POST[amount], 1, $MyCredits + $overdraft)) {
makeNotice("You can only request a payment up to " . number_format($MyCredits + $overdraft) . " ISK. You requested " . number_format($_POST[amount]) . " ISK. Thats " . number_format($_POST[amount] - ($MyCredits + $overdraft), 2) . " ISK more than you are allowed.", "warning", "Too big of a payout.", "index.php?action=manageWallet", "[Cancel]");
}
// We sure?
confirm("Please confirm your payout request of " . number_format($_POST[amount], 2) . " ISK.");
// Ok, do it.
$DB->query("INSERT INTO payoutRequests (time, applicant, amount) VALUES (?,?,?)", array($TIMEMARK, $MySelf->getID(), $_POST[amount]));
if ($DB->affectedRows() == 1) {
mailUser("We are notifying you that " . $MySelf->getUsername() . " has requested a payout of " . number_format($_POST[amount], 2) . " ISK", "WHB Payout Requested", "isAccountant");
makeNotice("You request has been logged. An accountant will soon honor your request.", "notice", "Request logged", "index.php?action=manageWallet", "[OK]");
} else {
makeNotice("Internal Error! Unable to record your request into the database! Inform the admin!", "error", "Internal Error!", "index.php?action=manageWallet", "[cancel]");
}
}
function request($frm)
{
if (isset($_POST["btn_back"])) {
return enter($frm);
}
if ($frm->validate("request")) {
return confirm($frm);
}
$newkey = genkey();
if (isset($_REQUEST["suppid"])) {
$suppid = $_REQUEST["suppid"];
$custid = "0";
} else {
$custid = $_REQUEST["custid"];
$suppid = "0";
}
$cols = grp(m("introtime", raw("CURRENT_TIMESTAMP")), m("introip", "0.0.0.0"), m("email", $_REQUEST["email"]), m("custid", $custid), m("suppid", $suppid), m("key", dbrow("0.0.0.0/0", "", $newkey)), m("userid", USER_ID));
$upd = new dbUpdate("keys", "trh", $cols);
$upd->run(DB_INSERT);
if ($upd->affected() > 0) {
if (isset($_REQUEST["suppid"])) {
if (($r = send_trhmsg("supp", $_REQUEST["suppid"], $_REQUEST["email"], "reqkey", $newkey)) === true) {
$OUT = "Sent request for communication to supplier. On response you will be notified.";
} else {
$OUT = "Error sending request for communication: {$r}";
}
} else {
if (($r = send_trhmsg("cust", $_REQUEST["custid"], $_REQUEST["email"], "reqkey", $newkey)) === true) {
$OUT = "Sent request for communication to customer. On response you will be notified.";
} else {
$OUT = "Error sending request for communication: {$r}";
}
}
} else {
$OUT = "Error sending request for communication: Error updating database.";
}
return $OUT;
}
function write($_POST)
{
extract($_POST);
require_lib("validate");
$v = new validate();
$v->isOk($id, "num", 1, 255, "Invalid group id.");
if ($v->isError()) {
return enter($_POST, $v->genErrors());
}
$get_grp = "SELECT grouptitle FROM egroups WHERE id = '{$id}' LIMIT 1";
$run_grp = db_exec($get_grp) or errDie("Unable to get email group information (0)");
if (pg_numrows($run_grp) < 1) {
#no group found ???
return confirm($_POST, "<li class='err'>Email group not found.</li>");
}
$gtitle = pg_fetch_result($run_grp, 0, 0);
$write_sql = "DELETE FROM egroups WHERE id = '{$id}'";
$run_write = db_exec($write_sql) or errDie("Unable to remove group information.");
$write_sql2 = "DELETE FROM email_groups WHERE email_group = '{$gtitle}'";
$run_write2 = db_exec($write_sql2) or errDie("Unable to remove email group email addresses.");
$OUTPUT = "<h3>Write Group</h3>\n\t<table " . TMPL_tblDflts . ">\n\t\t<tr>\n\t\t\t<th>Write</th>\n\t\t</tr>\n\t\t<tr class='" . bg_class() . "'>\n\t\t\t<td><li>Successfully removed the group.</li></td>\n\t\t</tr>\n\t</table>";
return $OUTPUT;
}
}
if (!empty($_GET['action']) && !empty($_GET['aid'])) {
$aid = $_GET['aid'];
switch ($_GET['action']) {
case 'edit_ads':
$ad = $adsObj->selectOne($aid);
$content = $ad[0]->getContent();
$url = $ad[0]->getUrl();
$image = $ad[0]->getImage();
$prompt = generateAdsEditingForm($aid, $content, $url, $image, $page);
break;
case 'delete_ads':
$tips = '该操作不可恢复,确定要执行吗?';
$request = 'admin.php?v=' . $_GET['v'] . '&action=delete_ads_confirm&aid=' . $aid;
$btnValue = '确定执行';
$prompt = confirm($tips, $request, $btnValue);
break;
case 'set_ads_no_display':
$adsObj->setNoDisplay($aid);
$prompt = success('设置为不可视成功');
break;
case 'set_ads_display':
$adsObj->setDisplay($aid);
$prompt = success('设置为可视成功');
break;
case 'delete_ads_confirm':
$adsObj->delete($aid);
$prompt = success('删除成功');
break;
case 'edit_ads_confirm':
// debug($_POST['content_edit']);
switch ($_POST["key"]) {
case "cancel":
$OUTPUT = write($_POST);
break;
default:
# Display default output
if (isset($_GET['cashid'])) {
$OUTPUT = confirm($_GET['cashid']);
} else {
$OUTPUT = "<li class=err> Invalid use of mudule";
}
}
} else {
# Display default output
if (isset($_GET['cashid'])) {
$OUTPUT = confirm($_GET['cashid']);
} else {
$OUTPUT = "<li class=err> Invalid use of mudule";
}
}
# get template
require "../template.php";
function confirm($cashid)
{
# validate input
require_lib("validate");
$v = new validate();
$v->isOk($cashid, "num", 1, 20, "Invalid Reference number.");
# display errors, if any
if ($v->isError()) {
$confirm = "";
