/**
* Connect to the FluxBB database
*
* @param array $db_config
*/
function connect_database($db_config)
{
$this->db_config = $db_config;
$this->db = connect_database($db_config);
$this->db->set_names('utf8');
return $this->db;
}
function delete_app($params)
{
global $user, $module;
$db = connect_database();
$db->delete('app', 'id = ' . $params[0] . ' AND owner = ' . $user['id']);
redirect($module, 'developer');
}
function transaksi()
{
include "config.php";
$conn = connect_database();
if (userCheck($conn, $_POST['id'])) {
$kodealat = mysqli_real_escape_string($conn, $_POST["kode-alat"]);
$tanggal = date("Y-m-d", time());
if (isset($_POST["tanggal-pinjam"])) {
$tanggal = $_POST["tanggal-pinjam"];
}
if (!isAvailable($conn, $kodealat, $tanggal, $_POST["tanggal-kembali"])) {
echo "Maaf, alat pada hari tersebut tidak dapat dipinjam </br>";
} else {
if (strcmp($_POST["jenis"], "peminjaman") == 0) {
$sql = "INSERT INTO `peminjaman` (`id_user`, `id_alat`, `tanggal_rencana_pengembalian`) VALUES ('{$_POST['id']}','{$kodealat}','" . str_replace('T', ' ', $_POST["tanggal-kembali"]) . ":00')";
} else {
//booking
$sql = "INSERT INTO `booking` (`id_user`, `id_alat`, `tanggal_rencana_peminjaman`, `tanggal_rencana_pengembalian`) VALUES ('{$_POST['id']}','{$kodealat}','" . str_replace('T', ' ', $_POST["tanggal-pinjam"]) . ":00','" . str_replace('T', ' ', $_POST["tanggal-kembali"]) . ":00')";
}
if (mysqli_query($conn, $sql)) {
echo "Data anda berhasil disimpan</br>";
} else {
echo mysqli_error($conn);
}
}
} else {
//tidak ada user dengan id tersebut
echo "Maaf, user dengan ID sekian belum terdaftar. Mohon daftarkan diri Anda terlebih dahulu!";
}
echo '<a href="../index.php"> Kembali ke halaman Transaksi</a>';
}
function load_questions()
{
$db = connect_database();
$resp = array();
$results = $db->query("SELECT * FROM Question");
while ($row = $results->fetch_array()) {
$resp[] = array('q' => $row['question'], 'a1' => $row['answer_1'], 'a2' => $row['answer_2'], 'a3' => $row['answer_3'], 'a4' => $row['answer_4']);
}
return $resp;
}
public function addData()
{
$con = connect_database();
$sql = " INSERT INTO sach (IDtheloai, tacgia, tensach, ";
$sql .= " noidungtomtat, giaban, namxuatban) ";
$sql .= " VALUES ({$_POST['theloai']}, {$_POST['tacgia']}, ";
$sql .= " {$_POST['tensach']}, {$_POST['noidung']}, ";
$sql .= " {$_POST['giaban']}, {$_POST['namxuatban']})";
mysqli_query($con, $sql);
}
function index($params)
{
$db = connect_database();
$query = gzuncompress(base64_decode(file_get_contents('php://input')));
$data = $db->query($query);
$dat = array();
while ($row = row_assoc($data)) {
$dat[] = $row;
}
$data = base64_encode(gzcompress(json_encode($dat)));
die($data);
}
function database($params)
{
/*global $table_schema;
write_schema('dbtable', $table_schema);*/
$data = array();
$db = connect_database();
//
if (isset($params['sql']) && is_array($params['sql'])) {
foreach ($params['sql'] as $sql) {
if (trim($sql) != '') {
$db->query($sql);
}
}
}
//
$data['import'] = @unserialize(gzinflate(file_get_contents('data/schema.db')));
if (!$data['import']) {
$data['import'] = array();
}
//print_r($file);
//
$tables = $db->query('SHOW tables');
$data['tables'] = array();
while ($table = row_array($tables)) {
$columns = $db->query('DESCRIBE `' . $table[0] . '`');
$tmp = array();
$cname = '';
while ($column = row_assoc($columns)) {
$field = $column['Field'];
unset($column['Field']);
$size = explode('(', $column['Type']);
$column['Type'] = $size[0];
$column['Size'] = count($size) == 2 ? str_replace(')', '', $size[1]) : '';
$tmp[$field] = $column;
}
$data['tables'][$table[0]] = $tmp;
}
$data['schema'] = load_schema('dbtable');
//
if (isset($params[0]) && $params[0] == 'export') {
// CHECK IF THERE ARE CONFLICTS
$result = file_put_contents('data/schema.db', gzdeflate(serialize($data['tables'])));
if ($result) {
flash_message('Database schema is exported', 'success');
} else {
flash_message('No permission to write to data/schema.db', 'warning');
}
redirect('admin/developer', 'database');
}
//
$data['html_head'] = array('title' => 'Database');
return $data;
}
function add()
{
include "config.php";
$conn = connect_database();
$sql = "INSERT INTO `alat` (`id_alat`, `nama_alat`, `status`, `lokasi`) VALUES ('{$_POST['idalat']}', '{$_POST['namaalat']}','{$_POST['status']}','{$_POST['lokasi']}');";
if (mysqli_query($conn, $sql)) {
echo "Data anda berhasil disimpan";
echo '<a href="../peralatan.php"> Kembali ke halaman Peralatan</a>';
} else {
echo mysqli_error($conn);
echo '<a href="../peralatan.php"> Kembali ke halaman Peralatan</a>';
}
}
function add()
{
include "config.php";
$conn = connect_database();
$sql = "INSERT INTO `user` (`id_user`, `nama_user`, `kategori_civitas`) VALUES ('{$_POST['iduser']}', '{$_POST['namauser']}','{$_POST['kategori']}');";
if (mysqli_query($conn, $sql)) {
echo "Data anda berhasil disimpan";
echo '<a href="../pengguna.php"> Kembali ke halaman Pengguna</a>';
} else {
echo mysqli_error($conn);
echo '<a href="../pengguna.php"> Kembali ke halaman Pengguna</a>';
}
}
function _generic_page($params)
{
global $lex, $lang, $page;
$db = connect_database();
//
$content = $db->query('SELECT title, content FROM content WHERE lang = \'' . $lang . '\' AND slug = \'' . str_replace('_', '-', $page) . '\'');
if ($data = row_assoc($content)) {
} else {
$data = array('title' => $lex['not-found'], 'content' => '<p>' . $lex['translation-not-found'] . '</p>');
}
//
$data['page'] = $page;
$data['html_head'] = array('title' => $data['title'], 'description' => shorten_string($data['title'], 250));
return $data;
}
function draw_graph($month, $year, $permintaan, $user)
{
include "controller/config.php";
$conn = connect_database();
$waktu = $year * 12 + $month;
if ($permintaan == "penggunaan-alat") {
$sql = "select id_alat,nama_alat, tanggal_peminjaman as mulai, tanggal_rencana_pengembalian as selesai from peminjaman NATURAL JOIN alat WHERE (year(tanggal_peminjaman)*12+month(tanggal_peminjaman))<={$waktu} and (year(tanggal_rencana_pengembalian)*12+month(tanggal_rencana_pengembalian))>={$waktu} ORDER BY nama_alat;";
} else {
if ($permintaan == "perbaikan-alat") {
$sql = "select id_alat,nama_alat, tanggal_mulai_perbaikan as mulai, estimasi_selesai_perbaikan as selesai from perbaikan NATURAL JOIN alat WHERE (year(tanggal_mulai_perbaikan)*12+month(tanggal_mulai_perbaikan))<={$waktu} and (year(estimasi_selesai_perbaikan)*12+month(estimasi_selesai_perbaikan))>={$waktu} ORDER BY nama_alat;";
} else {
if ($permintaan == "penggunaan-alat-user") {
$sql = "select id_alat,nama_alat,tanggal_peminjaman as mulai, tanggal_rencana_pengembalian as selesai from peminjaman NATURAL JOIN alat NATURAL JOIN user WHERE kategori_civitas = '{$user}' and(year(tanggal_peminjaman)*12+month(tanggal_peminjaman))<={$waktu} and (year(tanggal_rencana_pengembalian)*12+month(tanggal_rencana_pengembalian))>={$waktu} ORDER BY nama_alat;";
}
}
}
$results = mysqli_query($conn, $sql);
if (mysqli_num_rows($results) > 0) {
$days_in_month = date('t', mktime(0, 0, 0, $month, 1, $year));
$akhir_bulan = $year * 365 + $month * 30 + $days_in_month;
$awal_bulan = $year * 365 + $month * 30 + 1;
$nama = array();
while ($row = $results->fetch_assoc()) {
$waktu_mulai = intval(substr($row['mulai'], 0, 4)) * 365 + intval(substr($row['mulai'], 5, 2)) * 30 + intval(substr($row['mulai'], 8, 2));
$waktu_selesai = intval(substr($row['selesai'], 0, 4)) * 365 + intval(substr($row['selesai'], 5, 2)) * 30 + intval(substr($row['selesai'], 8, 2));
if ($row['nama_alat'] != end($nama)) {
array_push($nama, $row['nama_alat']);
}
}
$arr = array("chart" => array("type" => 'column'), "title" => array("text" => $permintaan . " bulan " . $month . " tahun " . $year), "xAxis" => array("type" => "category"), "yAxis" => array("min" => 0, "title" => 'Jumlah Occasion'), "legend" => array("enabled" => false), "plotOptions" => array("series" => array("borderWidth" => 0, "dataLabels" => array("enabled" => true, "format" => '{point.y:.1f}%'))), "tooltip" => array("headerFormat" => "<span style='font-size:11px'>{series.name}</span><br>", "pointFormat" => "<span style='color:{point.color}'>{point.name}</span>: <b>{point.y:.2f}%</b> of total<br/>"), "series" => array(array("name" => 'kejadian', "colorByPoint" => true, "data" => array(), "drilldown" => array("serries" => array()))));
$stat = json_encode($arr);
echo "<div id='graph' style='min-width: 310px; height: 400px; margin: 0 auto'></div>";
echo "<script type='text/javascript'>drawGraph({$stat})</script>";
} else {
if ($permintaan == "perbaikan-alat") {
echo "Tidak ada Perbaikan pada bulan " . $month . " tahun " . $year;
} else {
echo "Tidak ada Peminjaman pada bulan " . $month . " tahun " . $year;
}
}
mysqli_free_result($results);
}
function blog($params)
{
$data = array();
$db = connect_database();
//
$page = 1;
if (isset($params[0]) && $params[0] > 0) {
$page = $params[0];
}
if (isset($params[1])) {
$data['article'] = mysql_fetch_assoc($db->query('SELECT id, published, title, content FROM blog WHERE id = ' . $params[1]));
} else {
$per_page = 5;
$data['blog'] = $db->query('SELECT id, published, title, content FROM blog ORDER BY published DESC LIMIT ' . $per_page * ($page - 1) . ', ' . $per_page);
$pages = mysql_fetch_array($db->query('SELECT COUNT(*) FROM blog'));
$data['pages'] = ceil($pages[0] / $per_page);
}
$data['page'] = $page;
//
$data['html_head'] = array('title' => 'Blog: Website Title');
return $data;
}
function pengembalian($nama)
{
include "config.php";
$conn = connect_database();
if (!empty($_POST["status"])) {
foreach ($_POST["status"] as $status) {
$pengembalian = explode("|", $status);
//foreach($pengembalian as $a) echo $a."|";
echo "<br>";
$sql = "UPDATE `peminjaman` SET `tanggal_pengembalian` = NOW() WHERE `id_user`=" . $pengembalian[0] . " AND `id_alat`='" . $pengembalian[1] . "' AND `tanggal_peminjaman`='" . $pengembalian[2] . "'";
//echo $sql."<br>";
if (mysqli_query($conn, $sql)) {
echo "Pengembalian peralatan dengan ID " . $pengembalian[1] . " dengan tanggal peminjaman " . $pengembalian[2] . " berhasil dilakukan.<br>";
} else {
echo mysqli_error($conn) . "<br>";
exit;
}
}
} else {
echo "Tidak ada peralatan yang dikembalikan.<br>";
}
echo '<a href="../pengembalian.php"> Kembali ke halaman Pengembalian</a>';
}
function draw_graph($month, $year, $permintaan, $user)
{
include "controller/config.php";
$conn = connect_database();
$waktu = $year * 12 + $month;
if ($permintaan == "penggunaan-alat") {
$sql = "select nama_alat,count(*) as count from peminjaman NATURAL JOIN alat WHERE (year(tanggal_peminjaman)*12+month(tanggal_peminjaman))<={$waktu} and (year(tanggal_rencana_pengembalian)*12+month(tanggal_rencana_pengembalian))>={$waktu} GROUP BY nama_alat";
} else {
if ($permintaan == "perbaikan-alat") {
$sql = "select nama_alat,count(*) as count from perbaikan NATURAL JOIN alat WHERE (year(tanggal_mulai_perbaikan)*12+month(tanggal_mulai_perbaikan))<={$waktu} and (year(estimasi_selesai_perbaikan)*12+month(estimasi_selesai_perbaikan))>={$waktu} GROUP BY nama_alat";
} else {
if ($permintaan == "penggunaan-alat-user") {
$sql = "select nama_alat,count(*) as count from peminjaman NATURAL JOIN alat NATURAL JOIN user WHERE kategori_civitas = '{$user}' and(year(tanggal_peminjaman)*12+month(tanggal_peminjaman))<={$waktu} and (year(tanggal_rencana_pengembalian)*12+month(tanggal_rencana_pengembalian))>={$waktu} GROUP BY nama_alat;";
}
}
}
$results = mysqli_query($conn, $sql);
if (mysqli_num_rows($results) > 0) {
$categories = array();
$jumlah = array();
while ($row = $results->fetch_assoc()) {
$categories[] = $row['nama_alat'];
$jumlah[] = intval($row['count']);
}
$arr = array("chart" => array("type" => 'column'), "title" => array("text" => $permintaan . " bulan " . $month . " tahun " . $year), "xAxis" => array("categories" => $categories, "crosshair" => true), "yAxis" => array("min" => 0, "title" => 'Jumlah Occasion'), "plotOptions" => array("column" => array("pointPadding" => 0.2, "borderWidth" => 0)), "series" => array(array("name" => 'kejadian', "data" => $jumlah)));
$stat = json_encode($arr);
echo "<div id='graph' style='min-width: 310px; height: 400px; margin: 0 auto'></div>";
echo "<script type='text/javascript'>drawGraph({$stat})</script>";
} else {
if ($permintaan == "perbaikan-alat") {
echo "Tidak ada Perbaikan pada bulan " . $month . " tahun " . $year;
} else {
echo "Tidak ada Peminjaman pada bulan " . $month . " tahun " . $year;
}
}
mysqli_free_result($results);
}
function pengembalian()
{
include "config.php";
$conn = connect_database();
if (!empty($_POST["check"])) {
foreach ($_POST["check"] as $check) {
$perbaikan = explode("|", $check);
echo "<br>";
$sql = "UPDATE `perbaikan` SET `tanggal_selesai_perbaikan` = NOW() WHERE `id_alat`='" . $perbaikan[0] . "' AND `nama_institusi`='" . $perbaikan[1] . "' AND `tanggal_mulai_perbaikan`='" . $perbaikan[2] . "'";
$sql1 = "UPDATE `alat` SET `status`='" . 'normal' . "' WHERE `id_alat`='" . $perbaikan[0] . "'";
//echo $sql."<br>";
if (mysqli_query($conn, $sql) && mysqli_query($conn, $sql1)) {
echo "Pengembalian perbaikan alat dengan ID " . $perbaikan[0] . " dengan tanggal mulai perbaikan " . $perbaikan[2] . " berhasil dilakukan.<br>";
} else {
//echo mysqli_query($conn,$sql);
echo mysqli_error($conn) . "<br>";
echo "masuk";
exit;
}
}
} else {
echo "Tidak ada peralatan yang dikembalikan.<br>";
}
echo '<a href="../perbaikan.php"> Kembali ke halaman Perbaikan</a>';
}
function log_in($params)
{
if (isset($params['username'])) {
$db = connect_database();
$user = $db->query('SELECT id, cid, username, `password`, level, timezone FROM `user` WHERE username = \'' . $params['username'] . '\'');
if ($user = mysql_fetch_assoc($user)) {
if ($user['password'] == md5($params['password'] . ':NaCl')) {
unset($user['password']);
$_SESSION['user'] = $user;
redirect('user', 'index');
}
}
flash_message('Wrong username or password.', 'error');
}
$data['html_head'] = array('title' => 'Log In');
}
function check_characters()
{
//Make this function return a json string
header('Content-Type: application/json');
$db = connect_database();
$response = array();
//Get players
$result = mysqli_query($db, "SELECT * FROM Players WHERE charac <> \"\"");
if ($result == false) {
echo json_encode("-1");
die;
}
while ($row = $result->fetch_array()) {
$response[] = array("character" => $row['charac'], "username" => $row['name']);
}
echo json_encode($response);
}
function oauth2($params)
{
global $user;
$data = array();
$db = connect_database();
if (isset($params['code']) && isset($params['redirect'])) {
header('location:' . $params['redirect'] . '?code=' . $params['code']);
} else {
if (isset($params[0])) {
if ($params[0] == 'token') {
global $template_file;
$template_file = 'json';
if (!isset($params['code'])) {
die(json_encode(array('error' => 'Authorization code not defined')));
} else {
if (!isset($params['client_secret'])) {
die(json_encode(array('error' => 'Client Secret not defined')));
} else {
if (!file_exists('data/oauthtokenstmp/' . $params['code'] . '.token')) {
die(json_encode(array('error' => 'Token expired or invalid')));
} else {
$clientid = explode('-', $params['code']);
$app = row_assoc($db->select('*', 'app', 'clientid = \'' . $clientid[0] . '\''));
if ($app['secret'] != $params['client_secret']) {
die(json_encode(array('error' => 'Client Secret is invalid')));
} else {
$token = file_get_contents('data/oauthtokenstmp/' . $params['code'] . '.token');
unlink('data/oauthtokenstmp/' . $params['code'] . '.token');
die(json_encode(array('access_token' => $token)));
}
}
}
}
} else {
if ($user['id'] < 0) {
$_SESSION['REDIRECT_AFTER_SIGNIN'] = $_SERVER['REQUEST_URI'];
redirect('user', 'log-in');
} else {
if ($params[0] == 'authorize') {
if (!isset($params['redirect_uri'])) {
flash_message('Redirect URI not defined', 'error');
} else {
if (!isset($params['client_id'])) {
flash_message('Client ID not defined', 'error');
} else {
if (!($data['app'] = row_assoc($db->select('*', 'app', 'clientid = \'' . $params['client_id'] . '\'')))) {
flash_message('Application with Client ID ' . $params['client_id'] . ' not found', 'error');
} else {
$data['app']['urls'] = explode("\n", $data['app']['urls']);
if (!in_array($params['redirect_uri'], $data['app']['urls'])) {
flash_message('Given redirect URI is not authorized', 'error');
unset($data['app']);
} else {
$data['app']['scopes'] = explode(' ', $params['scope']);
$data['app']['redirect'] = $params['redirect_uri'];
$auth = json_encode(array('clientid' => $params['client_id'], 'userid' => $user['id'], 'scopes' => $data['app']['scopes'], 'timestamp' => time()));
$data['app']['code'] = $params['client_id'] . '-' . str_replace(array('/', '+', '='), '', base64_encode(sha1($auth . ':' . COMMON_SALT)));
$result = file_put_contents('data/oauthtokenstmp/' . $data['app']['code'] . '.token', base64_encode(base64_encode(md5($auth . ':' . COMMON_SALT, true)) . $auth));
$data['html_head'] = array('title' => $data['app']['title']);
if (!$result) {
flash_message('No permission to write temp oauth token', 'error');
}
}
}
}
}
}
}
}
}
}
//
if (!isset($data['html_head'])) {
$data['html_head'] = array('title' => 'Authorize');
}
return $data;
}
function upgrade_domain_databases($continue_r)
{
$continue = $continue_r;
$con = null;
$con = connect_database($continue, "ring");
$continue = $con != null;
global $db_ring_domain;
for ($i = 1; $i <= $db_ring_domain; $i++) {
if ($continue && get_db_version("ring") < $i) {
$continue = update_database_structure($continue, $con, "ring_domain_" . str_pad($i, 5, "0", STR_PAD_LEFT) . ".sql");
$continue = set_db_version($continue, "ring", $i);
}
}
disconnect_database($con, "ring");
return $continue;
}
/**
* Connect to the old forum database
*
* @param array $db_config
*/
function connect_database($db_config)
{
$this->db_config = $db_config;
$this->db = connect_database($db_config);
$this->initialize();
}
function get_users()
{
$results = connect_database()->query("SELECT * FROM User;");
$resp = [];
while ($row = $results->fetch_array()) {
$resp[] = array('username' => $row['username'], 'score' => $row['result']);
}
return $resp;
}
function save_user($params)
{
global $user;
$db = connect_database();
if ($params['password'] != '[encrypted]') {
$params['password'] = md5($params['password'] . ':NaCl');
}
//
if ($params['id'] == 'new') {
unset($params['id']);
$params['cid'] = $user['cid'];
$db->insert('user', $params);
} else {
$db->update('user', $params);
}
redirect('admin', 'users');
}
function check_plugins()
{
$db = connect_database();
$res = $db->query('SELECT id FROM plugin WHERE enabled = 1');
$missing = array();
$need_newer_version = array();
$package_json_parse_error = array();
$missing_dep = array();
$cnt = 0;
$depends = array();
$installed = array();
foreach ($res as $row) {
$package_json = ROOT_PATH . 'plugins/' . $row['id'] . '/package.json';
if (!file_exists($package_json)) {
$missing[] = $row['id'];
} else {
$info = file_get_contents($package_json);
$info = json_decode($info, true);
if (empty($info)) {
$package_json_parse_error[] = $row['id'];
} else {
$installed[$row['id']] = $info['version'];
if (!empty($info['dependencies'])) {
$depends[$row['id']] = $info['dependencies'];
}
}
}
$cnt++;
}
// check dependencies
foreach ($depends as $id => $deps) {
foreach ($deps as $dep_id => $dep_ver) {
if (!isset($installed[$dep_id]) && $dep_id != 'core') {
$missing_dep[] = $dep_id;
} else {
if ($dep_id != 'core') {
if (version_compare($installed[$dep_id], $dep_ver) < 0) {
$need_newer_version[] = $dep_id . ' (>=' . $dep_ver . ')';
}
} else {
if (version_compare(DATAWRAPPER_VERSION, $dep_ver) < 0) {
$need_newer_version[] = $id . ' needs Datawrapper >= ' . $dep_ver;
}
}
}
}
}
if (count($package_json_parse_error) > 0) {
return '<h2>Some plugins have bad package descriptors</h2>' . '<p>For the following plugins the descriptor stored in package.json could ' . 'not be parsed correctly. Please make sure that they are valid JSON files.' . '<ul><li><code>' . join('</li></code><li><code>', $package_json_parse_error) . '</code></li></ul>';
}
if (count($need_newer_version) > 0) {
return '<h2>Some required plugins need to be updated</h2>' . '<p>The following plugins are installed but some plugins need a newer ' . 'version of them:</p>' . '<ul><li><code>' . join('</li></code><li><code>', $need_newer_version) . '</code></li></ul>';
}
$missing = array_unique($missing);
if (count($missing) > 0) {
return '<h2>Some plugins are missing</h2>' . '<p>The following plugins are activated in the database but the corresponding ' . 'files could not be found:</p>' . '<ul><li><code>' . join('</li></code><li><code>', $missing) . '</code></li></ul>';
}
$missing_dep = array_unique($missing_dep);
if (count($missing_dep) > 0) {
return '<h2>Some plugins are missing</h2>' . '<p>The following plugins are declared as dependencies by other plugins:</p>' . '<ul><li><code>' . join('</li></code><li><code>', $missing_dep) . '</code></li></ul>';
}
if ($cnt == 0) {
return '<h2>Please install some plugins</h2>' . '<p>In order to use Datawrapper you need to install some plugins, such as ' . 'the default theme and the core visualizations. To do so you need to utilize ' . 'the plugin install script which can be found in <code>/scripts/plugin.php</code> ' . 'inside the Datawrapper folder. </p><pre><code>' . '$ php scripts/plugin.php install theme-default' . "\n" . '$ php scripts/plugin.php install "visualization*"' . "\n" . ' </code></pre>';
}
}
function delete($params)
{
global $user;
$db = connect_database();
//
$db->delete('content', 'author = ' . $user['id'] . ' AND id = ' . $params[0]);
flash_message('Content is deleted', 'success');
redirect('dashboard');
//
return $data;
}
function save_group($params)
{
global $user;
$db = connect_database();
$params['password'] = '******';
//
$auth = array();
foreach ($params['auth'] as $module => $acl) {
$acl = array_diff($acl, ['full']);
$auth[$module] = array_keys($acl);
}
$params['auth'] = json_encode($auth);
//
if ($params['id'] == 'new') {
unset($params['id']);
$params['organization'] = $user['organization'];
$db->insert('user', $params);
} else {
$db->update('user', $params);
}
redirect('admin', 'groups');
}
// }
// }
// if (obj_l >= pattern.length) {
// obj.value = obj.value.substr(0, pattern.length);
// }
// }
</script>
</head>
<body class="btn-danger">
<!--<div class="container">-->
<div class=" col-sm-10">
<center>
<?php
include '../../helper/db_connect.php';
include '../../helper/helper.php';
connect_database();
$persons = get_person_detial($id);
$person = mysql_fetch_assoc($persons);
// print_r($person);
?>
<div class="row">
<h1>เพิ่มข้อมูลติดต่อ
<?php
//if($person['TITLE_ID'] != 0)
// echo get_person_title_string($person['TITLE_ID']) . ' ' . $person['NAME'] . ' ' . $person['SURNAME'];
// else
// echo $person['NAME'] . ' ' . $person['SURNAME'];
?>
</h1>
</div>
</center>
function accuse($user, $char, $loc, $wep)
{
$db = connect_database();
$result = mysqli_query($db, "SELECT cardOwner FROM Cards WHERE name = '{$char}'");
$Dchar = $result->fetch_array()['cardOwner'];
if ($Dchar == 7) {
$result = mysqli_query($db, "SELECT cardOwner FROM Cards WHERE name = '{$loc}'");
$Dchar = $result->fetch_array()['cardOwner'];
if ($Dchar == 7) {
$result = mysqli_query($db, "SELECT cardOwner FROM Cards WHERE name = '{$wep}'");
$Dchar = $result->fetch_array()['cardOwner'];
if ($Dchar == 7) {
$result = mysqli_query($db, "UPDATE Envelope SET winner = '{$user}' WHERE justForFun = '1'");
echo 'TRUE';
die;
}
}
}
$result = mysqli_query($db, "SELECT numLosers FROM Envelope WHERE justForFun = '1'");
$Dchar = $result->fetch_array()['numLosers'];
$Dchar++;
$result = mysqli_query($db, "UPDATE Envelope SET numLosers = '{$Dchar}' WHERE justForFun = '1'");
echo 'FALSE';
die;
}
