/**
* 
* Function create folder loop
* This function creates folders needed when duplicating a template
* @param string $folder_name_id - the id of the new template
* @param number $id_to_copy - the id of the old template
* @param string $tutorial_id_from_post - The name of this tutorial type i.e Nottingham
* @version 1.0
* @author Patrick Lockley
*/
function duplicate_template($folder_name_id, $id_to_copy, $tutorial_id_from_post)
{
    global $dir_path, $new_path, $temp_dir_path, $temp_new_path, $xerte_toolkits_site;
    $database_id = database_connect("file_library database connect success", "file_library database connect fail");
    $query_for_framework = "select template_framework from " . $xerte_toolkits_site->database_table_prefix . "originaltemplatesdetails where template_name =\"" . $tutorial_id_from_post . "\"";
    $query_for_framework_response = mysql_query($query_for_framework);
    $row_framework = mysql_fetch_array($query_for_framework_response);
    $dir_path = $xerte_toolkits_site->users_file_area_full . $id_to_copy . "-" . $_SESSION['toolkits_logon_username'] . "-" . $tutorial_id_from_post . "/";
    /*
     * Get the id of the folder we are looking to copy into
     */
    $new_path = $xerte_toolkits_site->users_file_area_full . $folder_name_id . "-" . $_SESSION['toolkits_logon_username'] . "-" . $tutorial_id_from_post . "/";
    $path = $xerte_toolkits_site->users_file_area_full . $folder_name_id . "-" . $_SESSION['toolkits_logon_username'] . "-" . $tutorial_id_from_post . "/";
    if (mkdir($path)) {
        if (@chmod($path, 0777)) {
            $d = opendir($dir_path);
            if (create_folder_loop($d, -1)) {
                if (file_exists($new_path = $xerte_toolkits_site->users_file_area_full . $folder_name_id . "-" . $_SESSION['toolkits_logon_username'] . "-" . $tutorial_id_from_post . "/lockfile.txt")) {
                    unlink($new_path = $xerte_toolkits_site->users_file_area_full . $folder_name_id . "-" . $_SESSION['toolkits_logon_username'] . "-" . $tutorial_id_from_post . "/lockfile.txt");
                }
                return true;
            } else {
                return false;
            }
        } else {
            receive_message($_SESSION['toolkits_logon_username'], "FILE_SYSTEM", "MAJOR", "Failed to set rights on parent folder for template", "Failed to set rights on parent folder " . $path);
            return false;
        }
    } else {
        receive_message($_SESSION['toolkits_logon_username'], "FILE_SYSTEM", "CRITICAL", "Failed to create parent folder for template", "Failed to create parent folder " . $path);
        return false;
    }
}
function search_info_GO_terms($GO_terms)
{
    if (!database_connect()) {
        return "DB_CONNECT_FAILURE";
    }
    if (empty($GO_terms)) {
        return array();
    }
    # Set up parameters
    $search = "*";
    $table = $GLOBALS['TABLE_GO_NAMES'];
    #Build the where statement
    $where = "0 = 1";
    if (!empty($GO_terms)) {
        $where = "pid IN " . build_IN_LIST($GO_terms);
    }
    #Do the search
    $result = database_select_distinct_search($search, $table, $where);
    # Throw the results into an array
    $resultArray = array();
    while ($row = mysql_fetch_assoc($result)) {
        $row["searchType"] = "GO";
        array_push($resultArray, $row);
    }
    #database dc
    database_disconnect();
    #return the results array
    if (count($resultArray) == 0) {
        return "EMPTY";
    }
    # Is the array empty?
    return $resultArray;
}
function outputStudents()
{
    $conn = database_connect();
    //$conn = mysqli_connect(DATABASE_HOST, DATABASE_USER, DATABASE_PASS, DATABASE_HOME);
    $query = "SELECT seatNumber,name,md5hash FROM students";
    $result = mysqli_query($conn, $query);
    if (mysqli_errno($conn)) {
        echo mysqli_error($conn);
    }
    echo '<pre>';
    while ($row = mysqli_fetch_array($result)) {
        // print_r($row);
        if ($row['seatNumber'] == $_SESSION['runCounter']) {
            echo "CURRENT:\t";
        } else {
            if ($row['seatNumber'] % 2 == 1) {
                echo "ODD:\t";
            } else {
                echo "EVEN:\t";
            }
        }
        echo $row['seatNumber'] . "\t" . $row['name'] . '<br>';
    }
    echo '</pre>';
    $numRows = mysqli_num_rows($result);
    if ($_SESSION['runCounter'] > $numRows) {
        $_SESSION['runCounter'] = 1;
    }
    database_disconnect($conn);
}
/**
 * 
 * Function move file
 * This function is used to move files and folders
 * @param array $files_to_move = an array of files and folders to move
 * @param string $destination = Name of the new folder
 * @version 1.0
 * @author Patrick Lockley
 */
function move_file($files_to_move, $destination)
{
    global $xerte_toolkits_site;
    $mysql_id = database_connect("Move file database connect success", "Move file database connect failure");
    $new_files_array = explode(",", $files_to_move);
    /*
     * Files array can be complicated, and this thread can lock the system, so limit max files to 50
     */
    if (count($new_files_array) != 0 && count($new_files_array) <= 50) {
        /*
         * check their is a destination
         */
        if ($destination != "") {
            for ($x = 0; $x != count($new_files_array); $x++) {
                // check there are files
                if ($new_files_array[$x] != "") {
                    if ($new_files_array[$x + 1] == "file") {
                        if ($new_files_array[$x + 2] == "folder_workspace") {
                            $parent = get_user_root_folder();
                        }
                        if ($destination == "folder_workspace") {
                            $destination = get_user_root_folder();
                        }
                        if ($destination == "recyclebin") {
                            $destination = get_recycle_bin();
                        }
                        /*
                         * Move files in the database
                         */
                        $query_file = "UPDATE " . $xerte_toolkits_site->database_table_prefix . "templaterights SET folder = \"" . $destination . "\" where (template_id=\"" . $new_files_array[$x] . "\" AND user_id =\"" . $_SESSION['toolkits_logon_id'] . "\")";
                        if (mysql_query($query_file)) {
                            receive_message($_SESSION['toolkits_logon_username'], "USER", "SUCCESS", "File " . $new_files_array[$x] . " moved into " . $destination . " for " . $_SESSION['toolkits_logon_username'], "File " . $new_files_array[$x] . " moved into " . $destination . " for " . $_SESSION['toolkits_logon_username']);
                        } else {
                            receive_message($_SESSION['toolkits_logon_username'], "USER", "SUCCESS", "File " . $new_files_array[$x] . " failed to move into " . $destination . " for " . $_SESSION['toolkits_logon_username'], "File " . $new_files_array[$x] . " failed to move into " . $destination . " for " . $_SESSION['toolkits_logon_username']);
                        }
                    } else {
                        /*
                         * destination is the root folder
                         */
                        if ($destination == "folder_workspace") {
                            $destination = get_user_root_folder();
                        }
                        $query_folder = "UPDATE " . $xerte_toolkits_site->database_table_prefix . "folderdetails SET folder_parent = \"" . $destination . "\" where (folder_id=\"" . $new_files_array[$x] . "\")";
                        if (mysql_query($query_folder)) {
                            receive_message($_SESSION['toolkits_logon_username'], "USER", "SUCCESS", "Folder " . $new_files_array[$x] . " moved into " . $destination . " for " . $_SESSION['toolkits_logon_username'], "File " . $new_files_array[$x] . " moved into " . $destination . " for " . $_SESSION['toolkits_logon_username']);
                        } else {
                            receive_message($_SESSION['toolkits_logon_username'], "USER", "SUCCESS", "File " . $new_files_array[$x] . " failed to move into " . $destination . " for " . $_SESSION['toolkits_logon_username'], "Folder " . $new_files_array[$x] . " failed to move into " . $destination . " for " . $_SESSION['toolkits_logon_username']);
                        }
                    }
                    $x += 2;
                }
            }
        }
    }
    mysql_close($mysql_id);
}
function licence_list()
{
    global $xerte_toolkits_site;
    $database_id = database_connect("licence list connected", "licence list failed");
    echo "<p>" . MANAGEMENT_LIBRARY_NEW_LICENCE . "</p>";
    echo "<p>" . MANAGEMENT_LIBRARY_NEW_LICENCE_DETAILS . "<form><textarea cols=\"100\" rows=\"2\" id=\"newlicense\">" . MANAGEMENT_LIBRARY_NEW_LICENCE_NAME . "</textarea></form></p>";
    echo "<p><form action=\"javascript:new_license();\"><button type=\"submit\" class=\"xerte_button\" ><i class=\"fa fa-plus-circle\"></i> " . MANAGEMENT_LIBRARY_NEW_LABEL . "</button></form></p>";
    echo "<p>" . MANAGEMENT_LIBRARY_MANAGE_LICENCES . "</p>";
    $query = "select * from " . $xerte_toolkits_site->database_table_prefix . "syndicationlicenses";
    $query_response = db_query($query);
    foreach ($query_response as $row) {
        echo "<p>" . $row['license_name'] . " - <button type=\"button\" class=\"xerte_button\" onclick=\"javascript:remove_licenses('" . $row['license_id'] . "')\"><i class=\"fa fa-minus-circle\"></i> " . MANAGEMENT_LIBRARY_REMOVE . " </button></p>";
    }
}
/**
 * Poorman's prepared statement emulation. Does not cope with named parameters - only ?'s.
 * @param string $sql - e.g. "SELECT * FROM users WHERE name = ? OR name = ?"
 * @param array $params - e.g. array('bob', "david's");
 * @return mysql resultset.
 */
function db_query($sql, $params = array())
{
    $connection = database_connect('db_query ok', 'db_query fail');
    foreach ($params as $key => $value) {
        if (isset($value)) {
            if (get_magic_quotes_gpc()) {
                $value = stripslashes($value);
            }
            $value = "'" . mysql_real_escape_string($value) . "'";
        } else {
            $value = 'NULL';
        }
        // overwrite the $params data with the santised stuff.
        $params[$key] = $value;
    }
    // following code taken from php.net/mysql_query - axiak at mit dot edu - 24th october 2006
    $curpos = 0;
    $curph = count($params) - 1;
    // start at the end of the string and replace things backwards; this avoids us replacing a replacement
    for ($i = strlen($sql) - 1; $i > 0; $i--) {
        if ($sql[$i] !== '?') {
            continue;
        }
        if ($curph < 0) {
            $sql = substr_replace($sql, 'NULL', $i, 1);
        } else {
            $sql = substr_replace($sql, $params[$curph], $i, 1);
        }
        $curph--;
    }
    _debug("Running : {$sql}", 1);
    $result = mysql_query($sql, $connection);
    if (!$result) {
        _debug("Failed to execute query : {$sql} : " . mysql_error());
        return false;
    }
    if (preg_match("/^select/i", $sql)) {
        $rows = array();
        while ($row = mysql_fetch_assoc($result)) {
            $rows[] = $row;
        }
        return $rows;
    }
    return $result;
}
Example #7
0
 public static function init()
 {
     global $config;
     require_once "core/config.php";
     // Libraries
     $libs = scandir("core/lib");
     foreach ($libs as $file) {
         if (pathinfo($file, PATHINFO_EXTENSION) == "php") {
             require_once "core/lib/{$file}";
         }
     }
     // Classes
     $classes = scandir("core/classes");
     foreach ($classes as $file) {
         if (pathinfo($file, PATHINFO_EXTENSION) == "php") {
             require_once "core/classes/{$file}";
         }
     }
     database_connect();
     Site::init();
     global $site;
 }
function search_infoTable($chemicals)
{
    if (!database_connect()) {
        return "DB_CONNECT_FAILURE";
    }
    if (empty($chemicals)) {
        return "NO_SEARCH";
    }
    # Set up parameters of a basic chemicalSGA search
    $search = "chemicalConditions.*, chemicals.structure_pic";
    $table = "chemicalConditions, chemicals";
    #Build the where statement
    $andQueryArray = array();
    if (!empty($chemicals)) {
        array_push($andQueryArray, "chemicalConditions.chemical_name IN " . build_IN_LIST($chemicals));
    }
    //array_push($andQueryArray, build_OR($chemicals, "chemicalConditions.chemical_name='", "'"));}
    array_push($andQueryArray, 'chemicalConditions.chemical_name = chemicals.name');
    $where = build_AND($andQueryArray);
    //echo($where);
    //print $where;
    #Do the search
    $result = database_select_distinct_search($search, $table, $where);
    # Throw the results into an array
    $resultArray = array();
    while ($row = mysql_fetch_assoc($result)) {
        array_push($resultArray, $row);
    }
    #database dc
    database_disconnect();
    #return the results array
    if (count($resultArray) == 0) {
        return "EMPTY";
    }
    # Is the array empty?
    return $resultArray;
}
/**
 * 
 * duplicate_template, allows the template to be duplicated
 *
 * @author Patrick Lockley
 * @version 1.0
 * @copyright Copyright (c) 2008,2009 University of Nottingham
 * @package
 */
require_once "../../../config.php";
include "../user_library.php";
include "../template_library.php";
include "../template_status.php";
_load_language_file("/website_code/php/templates/duplicate_template.inc");
$database_connect_id = database_connect("new_template database connect success", "new_template database connect fail");
/*
 * get the root folder for this user
 */
if (is_numeric($_POST['template_id'])) {
    if (is_user_creator(mysql_real_escape_string($_POST['template_id']))) {
        if ($_POST['folder_id'] == "workspace") {
            $folder_id = get_user_root_folder();
        } else {
            $folder_id = $_POST['folder_id'];
        }
        /*
         * get the maximum id number from templates, as the id for this template
         */
        $maximum_template_id = get_maximum_template_number();
        //$query_for_root_folder = "select folder_id from " . $xerte_toolkits_site->database_table_prefix . "folderdetails where login_id = '" .  $_SESSION['toolkits_logon_id'] . "' and folder_parent='0'";
Example #10
0
    trigger_error("You are running an unsupported version of PHP/XerteOnlineToolkits. Please run PHP v5.1 or above");
}
require_once dirname(__FILE__) . '/functions.php';
require_once dirname(__FILE__) . '/library/autoloader.php';
if (!isset($xerte_toolkits_site)) {
    // create new generic object to hold all our config stuff in....
    $xerte_toolkits_site = new StdClass();
    /**
     * Access the database to get the variables
     */
    if (!is_file(dirname(__FILE__) . '/database.php')) {
        header("Location: " . $_SERVER['REQUEST_URI'] . "setup/");
    }
    require_once dirname(__FILE__) . '/database.php';
    require_once dirname(__FILE__) . '/website_code/php/database_library.php';
    if (!database_connect("", "")) {
        die("database.php isn't correctly configured; cannot connect to database; have you run /setup?");
    }
    $row = db_query_one("SELECT * FROM {$xerte_toolkits_site->database_table_prefix}sitedetails");
    /**
     * Access the database to get the variables
     * @version 1.0
     * @author Patrick Lockley
     * @copyright 2008,2009 University of Nottingham
     */
    /**
     * Include any script that is used for configuration - for moodle this might be e.g. '/xampp/htdocs/moodle/config.php'.
     */
    if ($row['integration_config_path'] != "") {
        require_once $row['integration_config_path'];
    }
/**
 * 
 * template close, code that runs when an editor window is closed to remove the lock file
 *
 * @author Patrick Lockley
 * @version 1.0
 * @package
 */
require_once '../../../config.php';
if (empty($_SESSION) || !isset($_SESSION['toolkits_logon_id'])) {
    die("Session expired; please login again.");
}
_load_language_file("/website_code/php/versioncontrol/template_close.inc");
require '../template_status.php';
$temp_array = explode("-", $_POST['file_path']);
database_connect("template close success", "template close fail");
if (file_exists($xerte_toolkits_site->users_file_area_full . $_POST['file_path'] . "lockfile.txt")) {
    /*
     *  Code to delete the lock file
     */
    $lock_file_data = file_get_contents($xerte_toolkits_site->users_file_area_full . $temp_array[0] . "-" . $temp_array[1] . "-" . $temp_array[2] . "/lockfile.txt");
    $temp = explode("*", $lock_file_data);
    $lock_file_creator = $temp[0];
    $template_id = explode("-", $_POST['file_path']);
    $row_template_name = db_query_one("Select template_name from {$xerte_toolkits_site->database_table_prefix}templatedetails WHERE template_id = ?", array($template_id[0]));
    $user_list = $temp[1];
    $users = explode(" ", $user_list);
    /*
     * Email users in the lock file
     */
    for ($x = 0; $x != count($users) - 1; $x++) {
Example #12
0
<?php

include "config/config.php";
include "functions/database.fn.php";
$link = database_connect($db);
$sql = 'SELECT * FROM poney WHERE id=' . $_GET['id'];
$result = mysql_query($sql);
if (!$result) {
    die('erreur dans la requete : ' . mysql_error());
}
while ($row = mysql_fetch_array($result, MYSQL_ASSOC)) {
    include "templates/html-opening.php";
    $rate = $row["rate"];
    echo '<img src="images/' . $row["image"] . '" alt="poney" class="imgprofile" /><br />';
    if ($rate == 1) {
        echo '<img src="images/1star.gif" alt="stars" class="starsprofile" />';
    } elseif ($rate == 2) {
        echo '<img src="images/2stars.gif" alt="stars" class="starsprofile" />';
    } elseif ($rate == 3) {
        echo '<img src="images/3stars.gif" alt="stars" class="starsprofile" />';
    } elseif ($rate == 4) {
        echo '<img src="images/4stars.gif" alt="stars" class="starsprofile" />';
    } elseif ($rate == 5) {
        echo '<img src="images/5stars.gif" alt="stars" class="starsprofile" />';
    }
    echo '<div id="details">';
    echo '<h3>' . $row["nom"] . '</h3>';
    echo '<ul>';
    echo '<li>Age: ' . $row["age"] . '</li>';
    echo '<li>Sex: ' . $row["sex"] . '</li>';
    echo '<li>Color: ' . $row["color"] . '</li>';
                $_SESSION['user_id'] = $user['userID'];
                $_SESSION['user'] = $_POST['user'];
                $_SESSION['permissions'] = $user['permissions'];
                $_SESSION['auth'] = true;
            }
        } else {
            sendError('Bad username or password.');
        }
    }
    $dbHandle = null;
}
/**
 * If user is authorized, read settings and create user-specific temp dirs.
 */
if (isset($_SESSION['auth']) && isset($_POST['form'])) {
    database_connect(IL_USER_DATABASE_PATH, 'users');
    $user_id_q = $dbHandle->quote($_SESSION['user_id']);
    // Session management.
    if ($ini_array['autosign'] == 0) {
        $session_id_q = $dbHandle->quote(session_id());
        // Save this signin in db.
        $dbHandle->exec("DELETE FROM logins" . " WHERE sessionID={$session_id_q} AND userID={$user_id_q}");
        $dbHandle->exec("INSERT INTO logins (userID, sessionID, logintime)" . " VALUES ({$user_id_q}, {$session_id_q},'" . time() . "')");
        // Delete all other signed in devices for this user.
        $result = $dbHandle->query("SELECT sessionID FROM logins" . " WHERE sessionID!={$session_id_q} AND userID={$user_id_q}");
        while ($oldsession = $result->fetch(PDO::FETCH_ASSOC)) {
            // Delete session file.
            @unlink(IL_TEMP_PATH . DIRECTORY_SEPARATOR . 'I,_Librarian_sessions' . DIRECTORY_SEPARATOR . 'sess_' . $oldsession['sessionID']);
            // Clen session temp dir.
            $clean_files = array();
            $clean_files = glob(IL_TEMP_PATH . DIRECTORY_SEPARATOR . 'lib_' . $oldsession['sessionID'] . DIRECTORY_SEPARATOR . '*', GLOB_NOSORT);
Example #14
0
 protected function getSettingsPage()
 {
     if ($this->login->getUsername() == $this->settings->admin_username && $this->login->getPassword() == $this->settings->admin_password) {
         $_SESSION['toolkits_logon_id'] = "site_administrator";
         $mysql_id = database_connect("management.php database connect success", "management.php database connect fail");
         $this->page['isAdmin'] = true;
     } else {
         $this->getLoginPage();
         return;
     }
     return $this->pageDisplayHelper();
 }
<?php

include_once 'data.php';
if (isset($_SESSION['auth']) && isset($_SESSION['permissions']) && ($_SESSION['permissions'] == 'A' || $_SESSION['permissions'] == 'U')) {
    include_once 'functions.php';
    database_connect(IL_DATABASE_PATH, 'library');
    if (!empty($_GET['details'])) {
        $dbHandle->sqliteCreateFunction('levenshtein', 'sqlite_levenshtein', 2);
        if (!empty($_GET['journal'])) {
            $journal_query = $dbHandle->quote($_GET['journal']);
            $result = $dbHandle->query("SELECT journal,count(*) FROM library WHERE levenshtein(upper(journal), upper({$journal_query})) < 4 GROUP BY journal");
            print '<b>Possible variants:</b>';
            while ($jour = $result->fetch(PDO::FETCH_ASSOC)) {
                if (!empty($jour['journal'])) {
                    print '<br><button class="rename-journal-button" style="margin:1px"><i class="fa fa-pencil"></i></button> ';
                    print '<span>' . htmlspecialchars($jour['journal']) . '</span> (' . $jour['count(*)'] . ')';
                }
            }
            $result = null;
            $result = $dbHandle->query("SELECT secondary_title,count(*) FROM library WHERE journal={$journal_query} GROUP BY secondary_title");
            print '<br><b>Associated secondary titles:</b>';
            while ($jour = $result->fetch(PDO::FETCH_ASSOC)) {
                if (!empty($jour['secondary_title'])) {
                    print '<br><button class="rename-secondary-title-button" style="margin:1px"><i class="fa fa-pencil"></i></button> ';
                    print '<span>' . htmlspecialchars($jour['secondary_title']) . '</span> (' . $jour['count(*)'] . ')';
                }
            }
        }
        if (!empty($_GET['secondary_title'])) {
            $journal_query = $dbHandle->quote($_GET['secondary_title']);
            $result = $dbHandle->query("SELECT secondary_title,count(*) FROM library WHERE levenshtein(upper(secondary_title), upper({$journal_query})) < 4 GROUP BY secondary_title");
<?php

require_once '../mysql.php';
#Connect to the database
if (!database_connect()) {
    echo "DB_CONNECT_FAILURE";
    return false;
}
#Process the input
$drug = safe($_POST['drug']);
$gene = safe($_POST['gene']);
$needAnd = false;
$search = "*";
$table = "interactions";
$sortedBy = "chemgen_score";
$where = "";
if ($drug != "") {
    $where .= ($needAnd ? "AND " : "") . "drug_name = '{$drug}' ";
    $needAnd = true;
}
if ($gene != "") {
    $where .= ($needAnd ? "AND " : "") . "(orf_name = '{$gene}' OR common_name = '{$gene}') ";
    $needAnd = true;
}
//$where = "drug_name = '$drug' AND (orf_name = '$gene' OR common_name = '$gene')";
if ($drug != "" || $gene != "") {
    #Do a database search
    $result = database_select_search($search, $table, $where, $sortedBy);
    # Throw the results into an array
    $resultArray = array();
    while ($row = mysql_fetch_assoc($result)) {
function move_folder($folder_id, $destination)
{
    global $xerte_toolkits_site;
    $mysql_id = database_connect("Move file database connect success", "Move file database connect failure");
    if ($destination != "") {
        /*
         * Move folder in database
         */
        $prefix = $xerte_toolkits_site->database_table_prefix;
        $query_folder = "UPDATE {$prefix}folderdetails SET folder_parent = ? WHERE (folder_id = ?  )";
        $params = array($destination, $folder_id);
        $ok = db_query($query_folder, $params);
        if ($ok) {
            receive_message($_SESSION['toolkits_logon_username'], "USER", "SUCCESS", "Folder " . $folder_id . " moved into " . $destination . " for " . $_SESSION['toolkits_logon_username'], "File " . $new_files_array[$x] . " moved into " . $destination . " for " . $_SESSION['toolkits_logon_username']);
        } else {
            receive_message($_SESSION['toolkits_logon_username'], "USER", "SUCCESS", "File " . $folder_id . " failed to move into " . $destination . " for " . $_SESSION['toolkits_logon_username'], "Folder " . $new_files_array[$x] . " failed to move into " . $destination . " for " . $_SESSION['toolkits_logon_username']);
        }
    }
}
Example #18
0
<?php

//results.php
require_once 'functions.php';
require_once 'header.php';
database_connect($dbhost, $dbuser, $dbpass, $dbname);
$query = 'SELECT * FROM nyitevents WHERE Event="' . sanitizeString($_GET['category']) . '"';
$result = queryMysql($query);
if (!$result) {
    die('Database access failed: ' . mysql_error());
}
$rows = mysql_num_rows($result);
echo "<div class='container-fluid table-responsive'>";
echo "<table class='table table-striped table-hover table-bordered'>";
echo "<tr><th>Name</th><th>Description</th><th>Date</th><th>Time</th><th>Location</th></tr>";
for ($j = 0; $j < $rows; ++$j) {
    $row = mysql_fetch_row($result);
    echo "<tr>";
    echo "<td>" . $row[0] . "</td>";
    echo "<td>" . $row[1] . "</td>";
    echo "<td>" . $row[2] . "</td>";
    echo "<td>" . $row[3] . "</td>";
    echo "<td>" . $row[4] . "</td></tr>";
}
if ($rows == 0) {
    echo "<tr><td colspan='5'><img src='img/noFlexZone.png' />\n    <h2>It ha no events dawg</h2></td></tr>";
}
echo "</table></div>";
mysql_close(mysql_connect($dbhost, $dbuser, $dbpass));
?>
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */
/**
 * 
 * public templates template page, used displays the User created
 *
 * @author Patrick Lockley
 * @version 1.0
 * @package
 */
require_once "../../../config.php";
include "../display_library.php";
include "workspace_library.php";
/**
 * connect to the database
 */
workspace_templates_menu();
$prefix = $xerte_toolkits_site->database_table_prefix;
$database_connect_id = database_connect("Folder_content_template.php connect success", "Folder_content_template.php connect failed");
$query_for_public_templates = "select * from {$prefix}templatedetails, {$prefix}templaterights where " . "access_to_whom = ? AND " . "user_id = ? and " . " {$prefix}templaterights.template_id = {$prefix}templatedetails.template_id ORDER BY template_name DESC";
$params = array('public', $_SESSION['toolkits_logon_id']);
$query_public_response = db_query($query_for_public_templates, $params);
workspace_menu_create(100);
foreach ($query_public_response as $row_template_name) {
    echo "<div style=\"float:left; width:100%;\">" . str_replace("_", "", $row_template_name['template_name']) . "</div>";
}
echo "</div>";
<?php

/**
 * Licensed to The Apereo Foundation under one or more contributor license
 * agreements. See the NOTICE file distributed with this work for
 * additional information regarding copyright ownership.
 * The Apereo Foundation licenses this file to you under the Apache License,
 * Version 2.0 (the "License"); you may not use this file except in
 * compliance with the License. You may obtain a copy of the License at:
 *
 * http://www.apache.org/licenses/LICENSE-2.0
 * 
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */
require_once "../../../config.php";
require "../user_library.php";
require "management_library.php";
if (is_user_admin()) {
    $database_id = database_connect("templates list connected", "template list failed");
    $query = "delete from " . $xerte_toolkits_site->database_table_prefix . "syndicationlicenses where license_id=?";
    db_query($query, array($_POST['remove']));
    licence_list();
} else {
    management_fail();
}
/**
 * 
 * name select template, displays usernames so people can choose to share a template
 *
 * @author Patrick Lockley
 * @version 1.0
 * @copyright Copyright (c) 2008,2009 University of Nottingham
 * @package
 */
require_once "../../../config.php";
_load_language_file("/website_code/php/properties/name_select_template.inc");
if (is_numeric($_POST['template_id'])) {
    $search = mysql_real_escape_string($_POST['search_string']);
    $tutorial_id = mysql_real_escape_string($_POST['template_id']);
    $database_id = database_connect("Template name select share access database connect success", "Template name select share database connect failed");
    /**
     * Search the list of user logins for user with that name
     */
    if (strlen($search) != 0) {
        $query_for_names = "select login_id, firstname, surname from " . $xerte_toolkits_site->database_table_prefix . "logindetails WHERE ((firstname like \"" . $search . "%\") or (surname like \"" . $search . "%\")) and login_id not in( SELECT user_id from " . $xerte_toolkits_site->database_table_prefix . "templaterights where template_id=\"" . $tutorial_id . "\" ) ORDER BY firstname ASC";
        $query_names_response = mysql_query($query_for_names);
        if (mysql_num_rows($query_names_response) != 0) {
            while ($row = mysql_fetch_array($query_names_response)) {
                echo "<p>" . $row['firstname'] . " " . $row['surname'] . " (" . $row['login_id'] . ") - <button type=\"button\" class=\"xerte_button\" onclick=\"share_this_template('" . $tutorial_id . "', '" . $row['login_id'] . "')\">" . NAME_SELECT_CLICK . "</button></p>";
            }
        } else {
            echo "<p>" . NAME_SELECT_DETAILS_FAIL . "</p>";
        }
    }
}
/**
 * 
 * folder rss page, used by the site to display a folder's rss settings
 *
 * @author Patrick Lockley
 * @version 1.0
 * @package
 */
require_once "../../../config.php";
_load_language_file("/website_code/php/folderproperties/folder_rss_template.inc");
include "../url_library.php";
//connect to the database
$parameters = explode("_", $_POST['folder_id']);
if (count($parameters) != 1) {
    if (is_numeric($parameters[0]) && is_string($parameters[1])) {
        $database_connect_id = database_connect("Folder_rss_template.php database connect success", "Folder_rss_template.php database connect failed");
        $prefix = $xerte_toolkits_site->database_table_prefix;
        $query_for_folder_name = "select folder_name from {$prefix}folderdetails where folder_id=?";
        $params = array($_POST['folder_id']);
        $row_template_name = db_query_one($query_for_folder_name, $params);
        echo "<p class=\"header\"><span>" . FOLDER_RSS_FEEDS . "</span></p>";
        echo "<p>" . FOLDER_RSS_PUBLIC . "</p>";
        $query_for_name = "select firstname, surname from {$prefix}logindetails where login_id=?";
        $params = array($_SESSION['toolkits_logon_id']);
        $row_name = db_query_one($query_for_name, $params);
        if ($xerte_toolkits_site->apache == "true") {
            echo "<p><a target=\"new\" href=\"" . $xerte_toolkits_site->site_url . "RSS/" . $row_name['firstname'] . "_" . $row_name['surname'] . "/" . str_replace(" ", "_", $row_template_name['folder_name']) . "/\">" . $xerte_toolkits_site->site_url . "RSS/" . $row_name['firstname'] . "_" . $row_name['surname'] . "/" . str_replace(" ", "_", $row_template_name['folder_name']) . "/</a></p>";
        } else {
            echo "<p><a target=\"new\" href=\"" . $xerte_toolkits_site->site_url . "rss.php?username="******"_" . $row_name['surname'] . "&folder_name=" . str_replace(" ", "_", $row_template_name['folder_name']) . "\">" . $xerte_toolkits_site->site_url . "rss.php?username="******"_" . $row_name['surname'] . "&folder_name=" . str_replace(" ", "_", $row_template_name['folder_name']) . "</a></p>";
        }
    }
Example #23
0
 $microtime = sprintf("%01.1f seconds", $microtime);
 print '<table class="top" style="margin-bottom:1px"><tr><td style="width: 13em">';
 print '<div class="ui-state-highlight ui-corner-top' . ($from == 1 ? ' ui-state-disabled' : '') . '" style="float:left;margin-left:2px;width:26px">' . ($from == 1 ? '' : '<a class="navigation" href="' . htmlspecialchars('download_springer.php?' . $url_string . '&from=1') . '" style="display:block;width:26px">') . '&nbsp;<i class="fa fa-caret-left"></i> <i class="fa fa-caret-left"></i>&nbsp;' . ($from == 1 ? '' : '</a>') . '</div>';
 print '<div class="ui-state-highlight ui-corner-top' . ($from == 1 ? ' ui-state-disabled' : '') . '" style="float:left;margin-left:2px;width:4em">' . ($from == 1 ? '' : '<a class="navigation" href="' . htmlspecialchars('download_springer.php?' . $url_string . '&from=' . ($from - 10)) . '" style="color:black;display:block;width:100%">') . '<i class="fa fa-caret-left"></i>&nbsp;Back' . ($from == 1 ? '' : '</a>') . '</div>';
 print '</td><td class="top" style="text-align: center">';
 print "Items " . $from . " - " . min($from + 9, $count) . " of " . $count . " in " . $microtime;
 print '</td><td class="top" style="width: 14em">';
 $count % 10 == 0 ? $lastpage = $count - 9 : ($lastpage = $count - $count % 10 + 1);
 print '<div class="ui-state-highlight ui-corner-top' . ($count > $from + 9 ? '' : ' ui-state-disabled') . '" style="float:right;margin-right:2px;width:26px">' . ($count > $from + 9 ? '<a class="navigation" href="' . htmlspecialchars('download_springer.php?' . $url_string . '&from=' . $lastpage) . '" style="display:block;width:26px">' : '') . '<i class="fa fa-caret-right"></i>&nbsp;<i class="fa fa-caret-right"></i>' . ($count > $from + 9 ? '</a>' : '') . '</div>';
 print '<div class="ui-state-highlight ui-corner-top' . ($count > $from + 9 ? '' : ' ui-state-disabled') . '" style="float:right;margin-right:2px;width:4em">' . ($count > $from + 9 ? '<a class="navigation" href="' . htmlspecialchars("download_springer.php?{$url_string}&from=" . ($from + 10)) . '" style="color:black;display:block;width:100%">' : '') . '&nbsp;Next <i class="fa fa-caret-right"></i>&nbsp;' . ($count > $from + 9 ? '</a>' : '') . '</div>';
 print '<div class="ui-state-highlight ui-corner-top pgdown" style="float: right;width: 4em;margin-right:2px">PgDn</div>';
 print '</td></tr></table>';
 print '<div class="alternating_row">';
 $id_range = join(',', range($from, $from + 9));
 $result = $dbHandle2->query("SELECT * FROM items WHERE id IN (" . $id_range . ")");
 database_connect($database_path, 'library');
 while ($row = $result->fetch(PDO::FETCH_ASSOC)) {
     extract($row);
     if (!empty($title)) {
         ########## gray out existing records ##############
         $existing_id = '';
         $doi_query = $dbHandle->quote($doi);
         $result_query = $dbHandle->query("SELECT id FROM library WHERE doi=" . $doi_query);
         $existing_id = $result_query->fetchColumn();
         print '<div class="items" data-doi="' . htmlspecialchars($doi) . '" data-pdf="' . htmlspecialchars('http://link.springer.com/content/pdf/' . urlencode($doi) . '.pdf') . '" style="padding:0">';
         print '<div class="ui-widget-header" style="border-left:0;border-right:0">';
         print '<div class="titles brief" style="overflow:hidden;margin-right:10px';
         if (is_numeric($existing_id)) {
             print ';color: #777';
         }
         print '">' . $title . '</div>';
Example #24
0
<?php

include_once 'data.php';
include_once 'functions.php';
session_write_close();
// ONLY ADMIN CAN DO THIS
if (!isset($_SESSION['auth']) || $_SESSION['permissions'] !== 'A') {
    die;
}
$allowed_databases = array('library', 'fulltext', 'users', 'discussions', 'history');
if (!empty($_GET['db']) && in_array($_GET['db'], $allowed_databases)) {
    if ($_GET['db'] == 'users') {
        database_connect($usersdatabase_path, 'users');
    } else {
        database_connect($database_path, $_GET['db']);
    }
    $dbHandle->exec('VACUUM');
    $dbHandle = null;
    if ($_GET['db'] == 'users') {
        $dbsize = filesize($usersdatabase_path . DIRECTORY_SEPARATOR . 'users.sq3');
    } else {
        $dbsize = filesize($database_path . DIRECTORY_SEPARATOR . $_GET['db'] . '.sq3');
    }
    if ($dbsize < 1048576) {
        $size = round($dbsize / 1024, 1) . ' kB';
    }
    if ($dbsize >= 1048576) {
        $size = round($dbsize / 1048576, 1) . ' MB';
    }
    if ($dbsize >= 1073741824) {
        $size = round($dbsize / 1073741824, 1) . ' GB';
Example #25
0
include 'funzioni.php';
include "../mpdf60/mpdf.php";
global $_CONFIG;
$utente = check_login();
if ($utente == -1) {
    die("LOGINPROBLEM");
} else {
    $user_level = get_user_level($utente);
    if ($user_level == 0) {
        die("LOGINPROBLEM");
    }
    if ($user_level == 1) {
        die('LOGINPROBLEM');
    }
    $ora = $_POST["ora"];
    $db = database_connect();
    $result = $db->query("SELECT utenti.nome, utenti.cognome from utenti where level = '0' and (SELECT COUNT(*) from iscrizioni where iscrizioni.idUtente = utenti.id and iscrizioni.ora = '{$ora}') = 0 ORDER by cognome, nome asc") or die($db->error);
    $file = array();
    $code = "\n<style>td, th{border:1px solid; padding: 5px 30px;}</style> <h3 style='text-align:center; margin-bottom:0px;'>L. S. \"G. Galilei\" - \"Finestra tecnica\"</h3><h1 style='text-align:center;margin-bottom: 5px; margin-top:15px;'>" . getStringaOra($ora) . "</h1>";
    $code .= "<table style='border-collapse:collapse; margin-top:20px;'><tbody><tr>\n  <td style='width:230px;'><b>Cognome</b></td>\n  <td style='width:230px;'><b>Nome</b>  </td>\n  <td style='width:250px; text-align:center;'><b>Firma</b>  </td>\n</tr>";
    while ($utente = $result->fetch_assoc()) {
        $code .= "<tr>\n              <td>" . $utente["cognome"] . "</td>\n              <td>" . $utente["nome"] . "</td>\n              <td></td>\n            </tr>";
    }
    $code .= "</tbody></table>";
    $mpdf = new mPDF('utf-8', "A4");
    // , '' , '' , 50 , 1 , 1 , 1 , 1 , 1);
    $mpdf->SetDisplayMode('fullpage');
    $mpdf->list_indent_first_level = 0;
    // 1 or 0 - whether to indent the first level of a list
    $mpdf->WriteHTML($code);
    chdir("./tmp/orebuche/");
Example #26
0
     * Password left empty
     */
} else {
    if (empty($_POST["password"])) {
        mgt_page($xerte_toolkits_site, MANAGEMENT_PASSWORD_EMPTY);
        /*
         * Password and username provided, so try to authenticate
         */
    } else {
        global $authmech;
        if (!isset($authmech)) {
            $authmech = Xerte_Authentication_Factory::create($xerte_toolkits_site->authentication_method);
        }
        if ($_POST["login"] == $xerte_toolkits_site->admin_username && $_POST["password"] == $xerte_toolkits_site->admin_password) {
            $_SESSION['toolkits_logon_id'] = "site_administrator";
            $mysql_id = database_connect("management.php database connect success", "management.php database connect fail");
            /*
             * Password and username provided, so try to authenticate
             */
            ?>
        <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
        <html xmlns="http://www.w3.org/1999/xhtml">
            <head>
                <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
                <title><?php 
            echo $xerte_toolkits_site->site_title;
            ?>
</title>

                <link href="website_code/styles/frontpage.css" media="screen" type="text/css" rel="stylesheet" />
                <link href="website_code/styles/xerte_buttons.css" media="screen" type="text/css" rel="stylesheet" />
Example #27
0
<?php

include 'Base.php';
$dbhandle = database_connect();
mysqli_query($dbhandle, "USE u907917272_cs307");
//choose the database you want to use or you can ignore this line and do DATABASE.table inside the mysqli_query();
$username_ = $_POST["username"];
$SQLString = "SELECT * FROM account WHERE Username='******'";
//$hash = password_hash($passwod, PASSWORD_DEFAULT);
//$SQLString = "SELECT * FROM account WHERE Username='******' AND Password='******'";
$result = mysqli_query($dbhandle, $SQLString);
$count = mysqli_num_rows($result);
if ($count == 0) {
    echo "No such User";
} else {
    echo $username_;
    $context = hash('md5', $username_);
    echo $context;
    $myfile = fopen('../' . $context . '.php', "w");
    fwrite($myfile, "<?php \$");
    fwrite($myfile, "username="******"username"]);
    fwrite($myfile, "?>");
    $file = file_get_contents('../lostpwd.php', true);
    fwrite($myfile, $file);
    $file_email1 = file_get_contents('../htmlemail/lost_password_email1.html', true);
    $file_email2 = file_get_contents('../htmlemail/lost_password_email2.html', true);
    $to = '*****@*****.**';
    $subject = 'Reset your password';
    $message = $file_email1 . "<a href=" . '"' . "http://ticketvault.cu.cc/" . $context . ".php" . $file_email2;
    $headers = 'MIME-Version: 1.0' . "\r\n";
Example #28
0
        }
    }
    return $result;
}
//ADD TERTIARY_TITLE COLUMN TO TABLE LIBRARY AND UPGRADE EDITORS
database_connect($database_path, 'library');
$dbHandle->sqliteCreateFunction('migrateauthors', 'migrate_authors', 1);
$dbHandle->exec("BEGIN EXCLUSIVE TRANSACTION");
$dbHandle->exec("ALTER TABLE library ADD COLUMN tertiary_title TEXT NOT NULL DEFAULT ''");
$dbHandle->exec("ALTER TABLE library ADD COLUMN filehash TEXT NOT NULL DEFAULT ''");
$dbHandle->exec("ALTER TABLE projects ADD COLUMN active TEXT NOT NULL DEFAULT '1'");
$dbHandle->exec("UPDATE library SET editor=migrateauthors(editor) WHERE editor NOT LIKE '%L:\"%'");
$dbHandle->exec("COMMIT");
$dbHandle = null;
//CONSOLIDATE DISCUSSIONS INTO ONE DATABASE
database_connect($database_path, 'filediscussion');
$dbHandle->exec("BEGIN EXCLUSIVE TRANSACTION");
$dbHandle->exec("CREATE TABLE IF NOT EXISTS discussion (id INTEGER PRIMARY KEY," . " fileID INTEGER NOT NULL," . " user TEXT NOT NULL DEFAULT ''," . " timestamp TEXT NOT NULL DEFAULT ''," . " message TEXT NOT NULL DEFAULT '')");
$dbHandle->exec("ALTER TABLE discussion RENAME TO filediscussion");
$dbHandle->exec("CREATE TABLE projectdiscussion (id integer PRIMARY KEY," . " projectID integer NOT NULL," . " user text NOT NULL DEFAULT ''," . " timestamp text NOT NULL DEFAULT ''," . " message text NOT NULL DEFAULT '')");
$dbHandle->exec("COMMIT");
$dbs = glob($database_path . 'project*.sq3', GLOB_NOSORT);
if (is_array($dbs)) {
    foreach ($dbs as $db) {
        $projID = substr(basename($db, '.sq3'), 7);
        $database_query = $dbHandle->quote($db);
        $dbHandle->exec("ATTACH DATABASE " . $database_query . " AS db2");
        $dbHandle->exec("BEGIN EXCLUSIVE TRANSACTION");
        $result = $dbHandle->query("SELECT user,timestamp,message FROM db2.discussion");
        while ($row = $result->fetch(PDO::FETCH_NAMED)) {
            $projectID = intval($projID);
 */
/**
 * 
 * share this template, gives a new user rights to a template
 *
 * @author Patrick Lockley
 * @version 1.0
 * @package
 */
require_once "../../../config.php";
_load_language_file("/website_code/php/properties/share_this_template.inc");
$prefix = $xerte_toolkits_site->database_table_prefix;
if (is_numeric($_POST['user_id']) && is_numeric($_POST['template_id'])) {
    $user_id = $_POST['user_id'];
    $tutorial_id = $_POST['template_id'];
    $database_id = database_connect("Share this template database connect success", "Share this template database connect success");
    /**
     * find the user you are sharing with's root folder to add this template to
     */
    $query_to_find_out_root_folder = "select folder_id from {$prefix}folderdetails where login_id = ? and folder_parent=? and folder_name!=?";
    $params = array($user_id, '0', 'recyclebin');
    $row_query_root = db_query_one($query_to_find_out_root_folder, $params);
    $query_to_insert_share = "INSERT INTO {$prefix}templaterights (template_id, user_id, role, folder) VALUES (?,?,?,?)";
    $params = array($tutorial_id, $user_id, "editor", $row_query_root['folder_id']);
    if (db_query($query_to_insert_share, $params)) {
        /**
         * sort ouf the html to return to the screen
         */
        $query_for_name = "select firstname, surname from {$prefix}logindetails WHERE login_id=?";
        $params = array($user_id);
        $row = db_query_one($query_for_name, $params);
Example #30
0
<?php

include_once 'data.php';
include_once 'functions.php';
$text = '';
$filename = sprintf('%05d', intval($_GET['file'])) . '.pdf';
if (!empty($_GET['file'])) {
    database_connect(IL_DATABASE_PATH, 'fulltext');
    $query = $dbHandle->quote($_GET['file']);
    $result = $dbHandle->query("SELECT full_text FROM full_text WHERE fileID={$query}");
    $dbHandle = null;
    $text = $result->fetchColumn();
}
if (!empty($text)) {
    $text_size = round(strlen(utf8_decode($text)) / 1024, 1);
    $pdf_size = round(filesize(IL_PDF_PATH . DIRECTORY_SEPARATOR . get_subfolder($filename) . DIRECTORY_SEPARATOR . $filename) / 1024, 1);
} else {
    print '<h3>No text found.</h3>';
    die;
}
include_once 'index.inc.php';
?>
<body style="padding:20px">
    <h3>Extracted text from the file <?php 
print $filename;
?>
:</h3>
    <div class="ui-corner-all alternating_row" style="float:left;width:75%;text-align:justify;padding:10px;text-shadow:none">
        <?php 
print htmlspecialchars($text);
?>