static function ListAll() { $results = database_query("SELECT name,prof FROM courses ORDER BY timestamp"); $ret = array(); while ($row = mysql_fetch_row($results)) { array_push($ret, array("name" => $row[0], "prof" => $row[1])); } mysql_free_result($results); return $ret; }
function action_delete($param = null) { $data = $this->request->getParsedBody(); $selection = get($data, 'sel'); if ($selection) { $ids = implode(',', $selection); database_query("DELETE FROM " . NewsModel::table() . " WHERE id IN ({$ids})"); $this->session->flashMessage('$ADMIN_MSG_DELETED'); } }
/** * Returns all categories of a specific listing * @param $listing_id */ public static function GetCategoriesForListing($listing_id) { $output = array(); $sql = 'SELECT lc.id, lc.category_id, cd.name, cd.description FROM ' . TABLE_LISTINGS_CATEGORIES . ' lc INNER JOIN ' . TABLE_CATEGORIES_DESCRIPTION . ' cd ON lc.category_id = cd.category_id INNER JOIN ' . TABLE_LISTINGS . ' l ON lc.listing_id = l.id WHERE cd.language_id = \'' . Application::Get('lang') . '\' AND lc.listing_id = ' . $listing_id; if ($result = database_query($sql, DATA_AND_ROWS, ALL_ROWS)) { $output = $result; } return $output; }
/** * Draws the login links and logout form */ public function DrawLoginLinks() { if (Application::Get('preview') == 'yes') { return ''; } $menu_index = '0'; $text_align = Application::Get('lang_dir') == 'ltr' ? 'text-align:left;' : 'text-align:right;padding-right:15px;'; // --------------------------------------------------------------------- // MAIN ADMIN LINKS if ($this->IsLoggedInAsAdmin()) { draw_block_top(_MENUS . ': [ <a id="lnk_all_open" href="javascript:void(0);" onclick="javascript:toggle_menus(1)">' . _OPEN . '</a> | <a id="lnk_all_close" href="javascript:void(0);" onclick="javascript:toggle_menus(0)">' . _CLOSE . '</a> ]'); draw_block_bottom(); draw_block_top(_GENERAL, $menu_index++, 'maximized'); echo '<ul>'; echo '<li>' . $this->PrepareLink('home', _HOME) . '</li>'; if ($this->IsLoggedInAs('owner', 'mainadmin')) { echo '<li>' . $this->PrepareLink('settings', _SETTINGS) . '</li>'; } echo '<li>' . $this->PrepareLink('ban_list', _BAN_LIST) . '</li>'; if ($this->IsLoggedInAs('owner', 'mainadmin')) { echo '<li>' . $this->PrepareLink('countries_management', _COUNTRIES) . '</li>'; } echo '<li>' . prepare_permanent_link('index.php?preview=yes', _PREVIEW . ' <img src="images/external_link.gif" alt="" />') . '</li>'; echo '</ul>'; draw_block_bottom(); draw_block_top(_ACCOUNTS_MANAGEMENT, $menu_index++); echo '<div class="menu_category">'; echo '<ul>'; echo '<li>' . $this->PrepareLink('my_account', _MY_ACCOUNT) . '</li>'; if (Modules::IsModuleInstalled('customers') && $this->IsLoggedInAs('owner', 'mainadmin')) { echo '<li>' . $this->PrepareLink('statistics', _STATISTICS) . '</li>'; } if ($this->IsLoggedInAs('owner')) { echo '<li>' . $this->PrepareLink('roles_management', _ROLES_AND_PRIVILEGES, '', '', array('role_privileges_management')) . '</li>'; } echo '</ul>'; if ($this->IsLoggedInAs('owner', 'mainadmin')) { echo '<label>' . _ADMINS_MANAGEMENT . '</label>'; echo '<ul>'; echo '<li>' . $this->PrepareLink('admins_management', _ADMINS) . '</li>'; echo '</ul>'; } if (Modules::IsModuleInstalled('customers') && $this->IsLoggedInAs('owner', 'mainadmin')) { echo '<label>' . _CUSTOMERS_MANAGEMENT . '</label>'; echo '<ul>'; echo '<li>' . $this->PrepareLink('mod_customers_groups', _CUSTOMER_GROUPS) . '</li>'; echo '<li>' . $this->PrepareLink('mod_customers_management', _CUSTOMERS) . '</li>'; echo '</ul>'; } echo '</div>'; draw_block_bottom(); if ($this->IsLoggedInAs('owner', 'mainadmin')) { draw_block_top(_LISTINGS_MANAGEMENT, $menu_index++); echo '<div class="menu_category">'; if ($this->IsLoggedInAs('owner', 'mainadmin')) { echo '<label>' . _SETTINGS . '</label>'; echo '<ul>'; echo '<li>' . $this->PrepareLink('mod_listings_settings', _LISTINGS_SETTINGS) . '</li>'; echo '<li>' . $this->PrepareLink('mod_listings_locations', _LOCATIONS, '', '', array('mod_listings_sub_locations')) . '</li>'; if (Modules::IsModuleInstalled('inquiries')) { echo '<li>' . $this->PrepareLink('mod_listings_integration', _INTEGRATION) . '</li>'; } echo '</ul>'; } echo '<label>' . _LISTINGS . '</label>'; echo '<ul>'; echo '<li>' . $this->PrepareLink('mod_categories', _CATEGORIES) . '</li>'; echo '<li>' . $this->PrepareLink('mod_listings_management', _LISTINGS, '', '', array('mod_listings_categories')) . '</li>'; echo '</ul>'; echo '</div>'; draw_block_bottom(); } if (Modules::IsModuleInstalled('payments')) { draw_block_top(_PAYMENTS, $menu_index++); echo '<ul>'; if ($this->IsLoggedInAs('owner', 'mainadmin')) { echo '<li>' . $this->PrepareLink('mod_payments_currencies', _CURRENCIES) . '</li>'; echo '<li>' . $this->PrepareLink('mod_payments_advertise_plans', _ADVERTISE_PLANS) . '</li>'; echo '<li>' . $this->PrepareLink('mod_payments_orders', _ORDERS) . '</li>'; } echo '<li>' . $this->PrepareLink('mod_payments_statistics', _STATISTICS) . '</li>'; echo '</ul>'; draw_block_bottom(); } if ($this->HasPrivileges('add_menus') || $this->HasPrivileges('edit_menus') || $this->HasPrivileges('add_pages') || $this->HasPrivileges('edit_pages')) { draw_block_top(_MENUS_AND_PAGES, $menu_index++); echo '<div class="menu_category">'; if ($this->HasPrivileges('add_menus') || $this->HasPrivileges('edit_menus')) { echo '<label>' . _MENU_MANAGEMENT . '</label>'; echo '<ul>'; if ($this->HasPrivileges('add_menus')) { echo '<li>' . $this->PrepareLink('menus_add', _ADD_NEW_MENU) . '</li>'; } echo '<li>' . $this->PrepareLink('menus', _EDIT_MENUS, '', '', array('menus_edit')) . '</li>'; echo '</ul>'; } if ($this->HasPrivileges('add_pages') || $this->HasPrivileges('edit_pages')) { echo '<label>' . _PAGE_MANAGEMENT . '</label>'; echo '<ul>'; if ($this->HasPrivileges('add_pages')) { echo '<li>' . $this->PrepareLink('pages_add', _PAGE_ADD_NEW) . '</li>'; } if ($this->HasPrivileges('edit_pages')) { echo '<li>' . $this->PrepareLink('pages_edit', _PAGE_EDIT_HOME, 'type=home') . '</li>'; } echo '<li>' . $this->PrepareLink('pages', _PAGE_EDIT_PAGES, 'type=general') . '</li>'; if ($this->HasPrivileges('edit_pages')) { echo '<li>' . $this->PrepareLink('pages', _PAGE_EDIT_SYS_PAGES, 'type=system') . '</li>'; } if ($this->HasPrivileges('edit_pages')) { echo '<li>' . $this->PrepareLink('pages_trash', _TRASH) . '</li>'; } echo '</ul>'; } echo '</div>'; draw_block_bottom(); } draw_block_top(_LANGUAGES_SETTINGS, $menu_index++); echo '<ul>'; if ($this->IsLoggedInAs('owner', 'mainadmin')) { echo '<li>' . $this->PrepareLink('languages', _LANGUAGES, '', '', array('languages_add', 'languages_edit')) . '</li>'; } echo '<li>' . $this->PrepareLink('vocabulary', _VOCABULARY, 'filter_by=A') . '</li>'; echo '</ul>'; draw_block_bottom(); if ($this->IsLoggedInAs('owner', 'mainadmin')) { draw_block_top(_MASS_MAIL_AND_TEMPLATES, $menu_index++); echo '<ul>'; if ($this->IsLoggedInAs('owner', 'mainadmin')) { echo '<li>' . $this->PrepareLink('email_templates', _EMAIL_TEMPLATES) . '</li>'; } if ($this->IsLoggedInAs('owner', 'mainadmin')) { echo '<li>' . $this->PrepareLink('mass_mail', _MASS_MAIL) . '</li>'; } echo '</ul>'; draw_block_bottom(); } // MODULES $sql = 'SELECT * FROM ' . TABLE_MODULES . ' WHERE is_installed = 1 AND is_system = 0 ORDER BY priority_order ASC'; $modules = database_query($sql, DATA_AND_ROWS, ALL_ROWS); $modules_output = ''; for ($i = 0; $i < $modules[1]; $i++) { $output = ''; if ($modules[0][$i]['settings_access_by'] == '' || $modules[0][$i]['settings_access_by'] != '' && $this->IsLoggedInAs($modules[0][$i]['settings_access_by'])) { if ($modules[0][$i]['settings_const'] != '') { $output .= '<li>' . $this->PrepareLink($modules[0][$i]['settings_page'], constant($modules[0][$i]['settings_const'])) . '</li>'; } } if ($modules[0][$i]['management_access_by'] == '' || $modules[0][$i]['management_access_by'] != '' && $this->IsLoggedInAs($modules[0][$i]['management_access_by'])) { $management_pages = explode(',', $modules[0][$i]['management_page']); $management_consts = explode(',', $modules[0][$i]['management_const']); $management_pages_total = count($management_pages); for ($j = 0; $j < $management_pages_total; $j++) { if (isset($management_pages[$j]) && isset($management_consts[$j]) && $management_consts[$j] != '') { $output .= '<li>' . $this->PrepareLink($management_pages[$j], constant($management_consts[$j])) . '</li>'; } } } if ($output) { $modules_output .= '<label>' . constant($modules[0][$i]['name_const']) . '</label>'; $modules_output .= '<ul>' . $output . '</ul>'; } } if (!empty($modules_output)) { draw_block_top(_MODULES, $menu_index++); if ($this->IsLoggedInAs('owner', 'mainadmin')) { echo '<ul>'; echo '<li>' . $this->PrepareLink('modules', _MODULES_MANAGEMENT) . '</li>'; echo '</ul>'; } echo '<div class="menu_category">' . $modules_output . '</div>'; draw_block_bottom(); } } // --------------------------------------------------------------------- // CUSTOMER LINKS if ($this->IsLoggedInAsCustomer()) { draw_block_top(_MY_ACCOUNT); echo '<ul>'; echo '<li>' . prepare_permanent_link('index.php?page=home', _HOME, '', Application::Get('page') == 'home' && Application::Get('customer') == '' ? 'active' : '') . '</li>'; echo '<li>' . $this->PrepareLink('home', _DASHBOARD) . '</li>'; echo '<li>' . $this->PrepareLink('my_account', _EDIT_MY_ACCOUNT) . '</li>'; echo '<li>' . $this->PrepareLink('my_listings', _MY_LISTINGS, '', '', array('listings_categories')) . '</li>'; if (Modules::IsModuleInstalled('payments') && ModulesSettings::Get('payments', 'is_active') == 'yes') { echo '<li>' . $this->PrepareLink('advertise', _ADVERTISE, '', '', array('advertise_prepayment', 'order_proccess')) . '</li>'; echo '<li>' . $this->PrepareLink('my_orders', _MY_ORDERS) . '</li>'; } if (Modules::IsModuleInstalled('inquiries')) { echo '<li>' . $this->PrepareLink('inquiries', _INQUIRIES) . '</li>'; } echo '</ul>'; draw_block_bottom(); } // Logout if ($this->IsLoggedIn()) { draw_block_top_empty(); echo '<form action="index.php" method="post"> ' . draw_hidden_field('submit_logout', 'logout', false) . ' ' . draw_token_field(false) . ' <input class="form_button" type="submit" name="btnLogout" value="' . _BUTTON_LOGOUT . '" /> </form>'; draw_block_bottom(); echo '<br />'; } $this->activeMenuCount = $menu_index; }
/** * Returns a number of inquiry replies for customer * @param $inquiry_id * @param $customer_id */ public static function GetInquiryRepliesForCustomer($inquiry_id, $customer_id) { $sql = 'SELECT ir.* FROM ' . TABLE_INQUIRIES_REPLIES . ' ir INNER JOIN ' . TABLE_CUSTOMERS . ' c ON ir.customer_id = c.id WHERE ir.inquiry_id = ' . (int) $inquiry_id . ' AND ir.customer_id = ' . (int) $customer_id . ' '; $result = database_query($sql, DATA_AND_ROWS, ALL_ROWS); return $result[1]; }
/** * Get maximum order value */ public function GetMaxOrder($field_name, $max_order = 0) { $sql = 'SELECT MAX(' . $field_name . ') as max_order FROM ' . $this->tableName; $result = database_query($sql, DATA_ONLY, FIRST_ROW_ONLY); return isset($result['max_order']) && $result['max_order'] < $max_order ? $result['max_order'] + 1 : $max_order; }
/** * Prepare pagination part #1 * @param $page_size * @param $from_sql * @param &$start_row * @param &$total_pages */ function pagination_prepare($page_size, $from_sql, &$start_row, &$total_pages) { $total_products = 0; $current_page = isset($_REQUEST['p']) ? abs((int) $_REQUEST['p']) : '1'; $sql = 'SELECT COUNT(*) as cnt FROM ' . $from_sql; $pages_result = database_query($sql, DATA_ONLY, FIRST_ROW_ONLY); $total_products = isset($pages_result['cnt']) ? $pages_result['cnt'] : 0; $total_pages = (int) ($total_products / $page_size); if (!is_numeric($current_page) || (int) $current_page <= 0) { $current_page = 1; } if ($current_page > $total_pages + 1) { $current_page = 1; } if ($total_products % $page_size != 0) { $total_pages++; } $start_row = ($current_page - 1) * $page_size; }
/** * After-Deleting - delete album descriptions from description table */ public function AfterDeleteRecord() { $sql = 'DELETE FROM ' . TABLE_GALLERY_ALBUMS_DESCRIPTION . ' WHERE gallery_album_id = ' . (int) $this->curRecordId; database_void_query($sql); if ($this->curAlbumCode != '') { $sql = 'SELECT id, album_code, item_file, item_file_thumb, priority_order, is_active FROM ' . TABLE_GALLERY_ALBUM_ITEMS . ' WHERE album_code = \'' . $this->curAlbumCode . '\''; $result = database_query($sql, DATA_AND_ROWS, ALL_ROWS); if ($result[1] > 0) { for ($i = 0; $i < $result[1]; $i++) { if ($this->curAlbumType == 'images') { unlink('images/gallery/' . $result[0][$i]['item_file']); unlink('images/gallery/' . $result[0][$i]['item_file_thumb']); } $sql = 'DELETE FROM ' . TABLE_GALLERY_ALBUM_ITEMS_DESCRIPTION . ' WHERE gallery_album_item_id = ' . (int) $result[0][$i]['id']; database_void_query($sql); } $sql = 'DELETE FROM ' . TABLE_GALLERY_ALBUM_ITEMS . ' WHERE album_code = \'' . $this->curAlbumCode . '\''; database_void_query($sql); return true; } } return false; }
/** * Updates listings count for all categories * @param $parent_id */ public static function RecalculateListingsCount($parent_id = 0) { if (strtolower(SITE_MODE) == 'demo') { self::$static_error = _OPERATION_BLOCKED; return false; } $sql = 'SELECT id, parent_id FROM ' . TABLE_CATEGORIES . ' WHERE parent_id = ' . (int) $parent_id; $result = database_query($sql, DATA_AND_ROWS, ALL_ROWS); $count = 0; $count_public = 0; $total_listings = array('count' => 0, 'count_public' => 0); $current_listings = array('count' => 0, 'count_public' => 0); $child_listings = array('count' => 0, 'count_public' => 0); for ($i = 0; $i < $result[1]; $i++) { $child_listings = self::RecalculateListingsCount($result[0][$i]['id']); $sql = 'SELECT COUNT(*) as cnt, SUM(IF(' . TABLE_LISTINGS . '.access_level = "public", 1, 0)) as cnt_public FROM ' . TABLE_LISTINGS . ' INNER JOIN ' . TABLE_LISTINGS_CATEGORIES . ' ON ' . TABLE_LISTINGS . '.id = ' . TABLE_LISTINGS_CATEGORIES . '.listing_id WHERE ' . TABLE_LISTINGS . '.is_published = 1 AND (' . TABLE_LISTINGS . '.finish_publishing = "0000-00-00 00:00:00" OR ' . TABLE_LISTINGS . '.finish_publishing > "' . date('Y-m-d H:i:s') . '") AND ' . TABLE_LISTINGS_CATEGORIES . '.category_id = ' . (int) $result[0][$i]['id']; $res = database_query($sql, DATA_ONLY, FIRST_ROW_ONLY); $current_listings['count'] = isset($res['cnt']) ? $res['cnt'] : 0; $current_listings['count_public'] = isset($res['cnt_public']) ? $res['cnt_public'] : 0; $count = $current_listings['count'] + $child_listings['count']; $count_public = $current_listings['count_public'] + $child_listings['count_public']; $sql = 'UPDATE ' . TABLE_CATEGORIES . ' SET listings_count = ' . (int) $count . ', listings_count_public = ' . (int) $count_public . ' WHERE id = ' . (int) $result[0][$i]['id']; database_void_query($sql); $total_listings['count'] += $count; $total_listings['count_public'] += $count_public; } if (mysql_error() != '') { self::$static_error = _TRY_LATER; return 0; } else { return $total_listings; /// ($total_listings['count'] > 0 || $total_listings['count_public'] > 0) /// return true; } }
/** * Returns customers info * @param $where */ public static function GetAllCustomers($where = '') { $sql = 'SELECT * FROM ' . TABLE_CUSTOMERS . ' WHERE 1 = 1 ' . (!empty($where) ? ' AND ' . $where : ''); return database_query($sql, DATA_AND_ROWS, ALL_ROWS); }
/** * Send forgotten password * @param $email */ public function SendPassword($email) { global $objSettings; $lang = Application::Get('lang'); // deny all operations in demo version if (strtolower(SITE_MODE) == 'demo') { $this->error = _OPERATION_BLOCKED; return false; } if (!empty($email)) { if (check_email_address($email)) { if (!PASSWORDS_ENCRYPTION) { $sql = 'SELECT id, first_name, last_name, user_name, password, preferred_language FROM ' . TABLE_ACCOUNTS . ' WHERE email = ' . quote_text(encode_text($email)) . ' AND is_active = 1'; } else { if (strtolower(PASSWORDS_ENCRYPTION_TYPE) == 'aes') { $sql = 'SELECT id, first_name, last_name, user_name, AES_DECRYPT(password, ' . quote_text(PASSWORDS_ENCRYPT_KEY) . ') as password, preferred_language FROM ' . TABLE_ACCOUNTS . ' WHERE email = ' . quote_text(encode_text($email)) . ' AND is_active = 1'; } else { if (strtolower(PASSWORDS_ENCRYPTION_TYPE) == 'md5') { $sql = 'SELECT id, first_name, last_name, user_name, \'\' as password, preferred_language FROM ' . TABLE_ACCOUNTS . ' WHERE email = ' . quote_text($email) . ' AND is_active = 1'; } } } $temp = database_query($sql, DATA_ONLY, FIRST_ROW_ONLY); if (is_array($temp) && count($temp) > 0) { ////////////////////////////////////////////////////////////////// if (!PASSWORDS_ENCRYPTION) { $password = $temp['password']; } else { if (strtolower(PASSWORDS_ENCRYPTION_TYPE) == 'aes') { $password = $temp['password']; } else { if (strtolower(PASSWORDS_ENCRYPTION_TYPE) == 'md5') { $password = get_random_string(8); $sql = 'UPDATE ' . TABLE_ACCOUNTS . ' SET password = '******' WHERE id = ' . (int) $temp['id']; database_void_query($sql); } } } send_email($email, $objSettings->GetParameter('admin_email'), 'password_forgotten', array('{FIRST NAME}' => $temp['first_name'], '{LAST NAME}' => $temp['last_name'], '{USER NAME}' => $temp['user_name'], '{USER PASSWORD}' => $password, '{BASE URL}' => APPHP_BASE, '{WEB SITE}' => $_SERVER['SERVER_NAME'], '{YEAR}' => date('Y')), $temp['preferred_language']); ////////////////////////////////////////////////////////////////// return true; } else { $this->error = _EMAIL_NOT_EXISTS; return false; } } else { $this->error = _EMAIL_IS_WRONG; return false; } } else { $this->error = _EMAIL_EMPTY_ALERT; return false; } return true; }
/** * Place order * @param $order_number * @param $cc_params */ public static function PlaceOrder($order_number, $cc_params = array()) { global $objLogin; if (SITE_MODE == 'demo') { self::$message = draw_important_message(_OPERATION_BLOCKED, false); return false; } $sql = 'SELECT id, order_number FROM ' . TABLE_ORDERS . ' WHERE order_number = \'' . $order_number . '\' AND customer_id = ' . (int) $objLogin->GetLoggedID() . ' AND status = 0 ORDER BY id DESC'; $result = database_query($sql, DATA_AND_ROWS, FIRST_ROW_ONLY); if ($result[1] > 0) { $sql = 'UPDATE ' . TABLE_ORDERS . ' SET created_date = \'' . date('Y-m-d H:i:s') . '\', status_changed = \'' . date('Y-m-d H:i:s') . '\', cc_type = \'' . $cc_params['cc_type'] . '\', cc_holder_name = \'' . $cc_params['cc_holder_name'] . '\', cc_number = AES_ENCRYPT(\'' . $cc_params['cc_number'] . '\', \'' . PASSWORDS_ENCRYPT_KEY . '\'), cc_expires_month = \'' . $cc_params['cc_expires_month'] . '\', cc_expires_year = \'' . $cc_params['cc_expires_year'] . '\', cc_cvv_code = \'' . $cc_params['cc_cvv_code'] . '\', status = \'1\' WHERE order_number = \'' . $order_number . '\''; database_void_query($sql); if (Orders::SendOrderEmail($order_number, 'accepted', $objLogin->GetLoggedID())) { // OK } else { //$this->message = draw_success_message(_ORDER_SEND_MAIL_ERROR, false); } return true; } else { self::$message = _ORDER_ERROR; return false; } }
$sql = 'SELECT (SELECT ' . $selStatType . ' FROM ' . TABLE_CUSTOMERS . ' c ' . $join_clause . ' WHERE SUBSTRING(c.date_lastlogin, 6, 2) = \'01\' AND SUBSTRING(c.date_lastlogin, 1, 4) = ' . (int) $year . ' ' . $where_clause . ') as month1, (SELECT ' . $selStatType . ' FROM ' . TABLE_CUSTOMERS . ' c ' . $join_clause . ' WHERE SUBSTRING(c.date_lastlogin, 6, 2) = \'02\' AND SUBSTRING(c.date_lastlogin, 1, 4) = ' . (int) $year . ' ' . $where_clause . ') as month2, (SELECT ' . $selStatType . ' FROM ' . TABLE_CUSTOMERS . ' c ' . $join_clause . ' WHERE SUBSTRING(c.date_lastlogin, 6, 2) = \'03\' AND SUBSTRING(c.date_lastlogin, 1, 4) = ' . (int) $year . ' ' . $where_clause . ') as month3, (SELECT ' . $selStatType . ' FROM ' . TABLE_CUSTOMERS . ' c ' . $join_clause . ' WHERE SUBSTRING(c.date_lastlogin, 6, 2) = \'04\' AND SUBSTRING(c.date_lastlogin, 1, 4) = ' . (int) $year . ' ' . $where_clause . ') as month4, (SELECT ' . $selStatType . ' FROM ' . TABLE_CUSTOMERS . ' c ' . $join_clause . ' WHERE SUBSTRING(c.date_lastlogin, 6, 2) = \'05\' AND SUBSTRING(c.date_lastlogin, 1, 4) = ' . (int) $year . ' ' . $where_clause . ') as month5, (SELECT ' . $selStatType . ' FROM ' . TABLE_CUSTOMERS . ' c ' . $join_clause . ' WHERE SUBSTRING(c.date_lastlogin, 6, 2) = \'06\' AND SUBSTRING(c.date_lastlogin, 1, 4) = ' . (int) $year . ' ' . $where_clause . ') as month6, (SELECT ' . $selStatType . ' FROM ' . TABLE_CUSTOMERS . ' c ' . $join_clause . ' WHERE SUBSTRING(c.date_lastlogin, 6, 2) = \'07\' AND SUBSTRING(c.date_lastlogin, 1, 4) = ' . (int) $year . ' ' . $where_clause . ') as month7, (SELECT ' . $selStatType . ' FROM ' . TABLE_CUSTOMERS . ' c ' . $join_clause . ' WHERE SUBSTRING(c.date_lastlogin, 6, 2) = \'08\' AND SUBSTRING(c.date_lastlogin, 1, 4) = ' . (int) $year . ' ' . $where_clause . ') as month8, (SELECT ' . $selStatType . ' FROM ' . TABLE_CUSTOMERS . ' c ' . $join_clause . ' WHERE SUBSTRING(c.date_lastlogin, 6, 2) = \'09\' AND SUBSTRING(c.date_lastlogin, 1, 4) = ' . (int) $year . ' ' . $where_clause . ') as month9, (SELECT ' . $selStatType . ' FROM ' . TABLE_CUSTOMERS . ' c ' . $join_clause . ' WHERE SUBSTRING(c.date_lastlogin, 6, 2) = \'10\' AND SUBSTRING(c.date_lastlogin, 1, 4) = ' . (int) $year . ' ' . $where_clause . ') as month10, (SELECT ' . $selStatType . ' FROM ' . TABLE_CUSTOMERS . ' c ' . $join_clause . ' WHERE SUBSTRING(c.date_lastlogin, 6, 2) = \'11\' AND SUBSTRING(c.date_lastlogin, 1, 4) = ' . (int) $year . ' ' . $where_clause . ') as month11, (SELECT ' . $selStatType . ' FROM ' . TABLE_CUSTOMERS . ' c ' . $join_clause . ' WHERE SUBSTRING(c.date_lastlogin, 6, 2) = \'12\' AND SUBSTRING(c.date_lastlogin, 1, 4) = ' . (int) $year . ' ' . $where_clause . ') as month12 FROM ' . TABLE_CUSTOMERS . ' GROUP BY month1'; $result = database_query($sql, DATA_AND_ROWS, FIRST_ROW_ONLY, FETCH_ASSOC); $third_tab_content .= $nl . ' data.addRows(12);'; if ($result[1] >= 0) { $third_tab_content .= draw_set_values($result[0], $chart_type, _LOGINS); } $third_tab_content .= ' } </script>'; $third_tab_content .= '<script type="text/javascript">'; $third_tab_content .= $nl . ' google.load(\'visualization\', \'1\', {packages: [\'' . $chart_type . '\']});'; $third_tab_content .= $nl . ' google.setOnLoadCallback(drawVisualization);'; $third_tab_content .= $nl . ' function frmStatistics_Submit() { document.frmStatistics.submit(); }'; $third_tab_content .= '</script>'; $third_tab_content .= get_chart_changer('1_3', $chart_type, $year); $third_tab_content .= '<div id="div_visualization" style="width:600px;height:310px;"> <img src="images/loading.gif" style="margin:100px auto;" alt="" /></div>'; } }
/** * Before-Updating function */ public function BeforeUpdateRecord() { $sql = 'SELECT name, is_installed, is_system FROM ' . $this->tableName . ' WHERE ' . $this->primaryKey . ' = ' . $this->curRecordId; $result = database_query($sql, DATA_ONLY, FIRST_ROW_ONLY); if (isset($result['is_installed'])) { $this->is_installed = $result['is_installed']; $this->module_name = $result['name']; if ($result['is_system'] == '1') { $this->error = _SYSTEM_MODULE_ACTIONS_BLOCKED; return false; } } return true; }
function accounting_query($query, $file, $line, $silent = false) { $db = $_SESSION['common_db']; $res = database_query($query, $file, $line, $db, $silent); return $res; }
/** * Checks whether customer is related to inquiry * @param $inquiry_id */ public function CustomerRelatedToInquire($inquiry_id = 0) { $sql = $this->VIEW_MODE_SQL . ' ' . $this->WHERE_CLAUSE . ' AND i.id = ' . (int) $inquiry_id; $result = database_query($sql, DATA_AND_ROWS, ALL_ROWS); return $result[1] > 0 ? true : false; }
/** * Sends order mail * @param $order_number * @param $order_type * @param $customer_id */ public static function SendOrderEmail($order_number, $order_type = 'accepted', $customer_id = '') { global $objSettings; $currencyFormat = get_currency_format(); $order_details = ''; // send email to customer $sql = 'SELECT o.*, CASE WHEN o.payment_type = 0 THEN "' . _ONLINE_ORDER . '" WHEN o.payment_type = 1 THEN "' . _PAYPAL . '" WHEN o.payment_type = 2 THEN "2CO" WHEN o.payment_type = 3 THEN "Authorize.Net" ELSE "' . _UNKNOWN . '" END as m_payment_type, CASE WHEN o.payment_method = 0 THEN "' . _PAYMENT_COMPANY_ACCOUNT . '" WHEN o.payment_method = 1 THEN "' . _CREDIT_CARD . '" WHEN o.payment_method = 2 THEN "E-Check" ELSE "' . _UNKNOWN . '" END as m_payment_method, CASE WHEN o.status = 0 THEN "<span style=color:#960000>' . _PREPARING . '</span>" WHEN o.status = 1 THEN "<span style=color:#FF9966>' . _PENDING . '</span>" WHEN o.status = 2 THEN "<span style=color:#336699>' . _PAID . '</span>" WHEN o.status = 3 THEN "<span style=color:#009600>' . _COMPLETED . '</span>" WHEN o.status = 4 THEN "<span style=color:#969600>' . _REFUNDED . '</span>" ELSE "' . _UNKNOWN . '" END as m_status, c.first_name, c.last_name, c.user_name as customer_name, c.preferred_language, c.email, c.b_address, c.b_address_2, c.b_city, c.b_state, count.name as b_country, c.b_zipcode, c.phone, c.fax, cur.symbol, cur.symbol_placement FROM ' . TABLE_ORDERS . ' o LEFT OUTER JOIN ' . TABLE_CURRENCIES . ' cur ON o.currency = cur.code LEFT OUTER JOIN ' . TABLE_CUSTOMERS . ' c ON o.customer_id = c.id LEFT OUTER JOIN ' . TABLE_COUNTRIES . ' count ON c.b_country = count.abbrv WHERE o.customer_id = ' . (int) $customer_id . ' AND o.order_number = "' . $order_number . '"'; $result = database_query($sql, DATA_AND_ROWS, FIRST_ROW_ONLY); if ($result[1] > 0) { $plan_info = AdvertisePlans::GetPlanInfo($result[0]['advertise_plan_id']); if (ModulesSettings::Get('payments', 'mode') == 'TEST MODE') { $order_details .= '<div style="text-align:center;padding:10px;color:#a60000;border:1px dashed #a60000;width:100px">TEST MODE!</div><br />'; } // Personal Info $order_details .= '<b>' . _PERSONAL_INFORMATION . ':</b><br />'; $order_details .= _FIRST_NAME . ' : ' . $result[0]['first_name'] . '<br />'; $order_details .= _LAST_NAME . ' : ' . $result[0]['last_name'] . '<br />'; $order_details .= _EMAIL_ADDRESS . ' : ' . $result[0]['email'] . '<br />'; $order_details .= '<br />'; // Billing Info $order_details .= '<b>' . _BILLING_INFORMATION . ':</b><br />'; $order_details .= _ADDRESS . ': ' . $result[0]['b_address'] . '<br />'; $order_details .= _ADDRESS_2 . ': ' . $result[0]['b_address_2'] . '<br />'; $order_details .= _CITY . ': ' . $result[0]['b_city'] . '<br />'; $order_details .= _STATE_PROVINCE . ': ' . $result[0]['b_state'] . '<br />'; $order_details .= _COUNTRY . ': ' . $result[0]['b_country'] . '<br />'; $order_details .= _ZIP_CODE . ': ' . $result[0]['b_zipcode'] . '<br />'; if (!empty($result[0]['phone'])) { $order_details .= _PHONE . ' : ' . $result[0]['phone'] . '<br />'; } if (!empty($result[0]['fax'])) { $order_details .= _FAX . ' : ' . $result[0]['fax'] . '<br />'; } $order_details .= '<br />'; // Order Details $order_details .= '<b>' . _ORDER_DETAILS . ':</b><br />'; $order_details .= _ORDER_DESCRIPTION . ': ' . $result[0]['order_description'] . '<br />'; $order_details .= _ADVERTISE_PLAN . ': ' . (isset($plan_info[0]['plan_name']) ? $plan_info[0]['plan_name'] : '') . '<br />'; $order_details .= _LISTINGS_COUNT . ': ' . $result[0]['listings_amount'] . '<br />'; $order_details .= _CURRENCY . ': ' . $result[0]['currency'] . '<br />'; $order_details .= _CREATED_DATE . ': ' . format_datetime($result[0]['created_date']) . '<br />'; $order_details .= _PAYMENT_DATE . ': ' . format_datetime($result[0]['payment_date']) . '<br />'; $order_details .= _PAYMENT_TYPE . ': ' . $result[0]['m_payment_type'] . '<br />'; $order_details .= _PAYMENT_METHOD . ': ' . $result[0]['m_payment_method'] . '<br />'; //$order_details .= (($result[0]['campaign_name'] != '') ? _DISCOUNT_CAMPAIGN.': '.$result[0]['campaign_name'].' ('.$result[0]['discount_percent'].'%)' : '').'<br />'; $order_details .= _ORDER_PRICE . ': ' . Currencies::PriceFormat($result[0]['order_price'], $result[0]['symbol'], $result[0]['symbol_placement'], $currencyFormat) . '<br />'; $order_details .= _VAT . ': ' . Currencies::PriceFormat($result[0]['vat_fee'], $result[0]['symbol'], $result[0]['symbol_placement'], $currencyFormat) . ' (' . $result[0]['vat_percent'] . '%)' . '<br />'; $order_details .= _TOTAL_PRICE . ': ' . Currencies::PriceFormat($result[0]['total_price'], $result[0]['symbol'], $result[0]['symbol_placement'], $currencyFormat) . '<br />'; //$order_details .= _ADDITIONAL_INFO.': '.nl2br($result[0]['additional_info']).'<br /><br />'; $send_order_copy_to_admin = ModulesSettings::Get('payments', 'send_order_copy_to_admin'); //////////////////////////////////////////////////////////// $sender = $objSettings->GetParameter('admin_email'); $recipient = $result[0]['email']; if ($order_type == 'completed') { // exit if email was already sent if ($result[0]['email_sent'] == '1') { return true; } $email_template = 'order_paid'; $admin_copy_subject = 'Client order has been paid (admin copy)'; } else { $email_template = 'order_accepted_online'; $admin_copy_subject = 'Client has placed online order (admin copy)'; } //////////////////////////////////////////////////////////// send_email($recipient, $sender, $email_template, array('{FIRST NAME}' => $result[0]['first_name'], '{LAST NAME}' => $result[0]['last_name'], '{ORDER NUMBER}' => $order_number, '{ORDER DETAILS}' => $order_details), $result[0]['preferred_language'], $send_order_copy_to_admin == 'yes' ? $sender : '', $send_order_copy_to_admin == 'yes' ? $admin_copy_subject : ''); //////////////////////////////////////////////////////////// if ($order_type == 'completed') { $sql = 'UPDATE ' . TABLE_ORDERS . ' SET email_sent = 1 WHERE order_number = \'' . $order_number . '\''; database_void_query($sql); } //////////////////////////////////////////////////////////// return true; } else { ///echo $sql; ///echo mysql_error(); } return false; }
/** * Draws FAQ list * @param $draw */ public static function DrawFaqList($draw = true) { $output = ''; $page_url = get_page_url(); if (Modules::IsModuleInstalled('faq')) { if (ModulesSettings::Get('faq', 'is_active') == 'yes') { $sql = 'SELECT fc.id as category_id, fc.name as category_name, fci.id as item_id, fci.faq_question, fci.faq_answer, fci.priority_order FROM ' . TABLE_FAQ_CATEGORY_ITEMS . ' fci INNER JOIN ' . TABLE_FAQ_CATEGORIES . ' fc ON fci.category_id = fc.id WHERE fc.is_active = 1 AND fci.is_active = 1 ORDER BY fc.priority_order ASC, fci.priority_order ASC '; $result = database_query($sql, DATA_AND_ROWS, ALL_ROWS); $count = 1; $current_category = ''; $output .= '<a name="up"></a>'; $output .= '<div class="faq_questions">'; for ($i = 0; $i < $result[1]; $i++) { if ($current_category == '') { $current_category = $result[0][$i]['category_name']; $output .= ($i > 0 ? '<br>' : '') . '<h3>' . $current_category . '</h3>'; } else { if ($current_category != $result[0][$i]['category_name']) { $current_category = $result[0][$i]['category_name']; $output .= ($i > 0 ? '<br>' : '') . '<h3>' . $current_category . '</h3>'; } } $output .= '<span> • </span><a href="' . $page_url . '#faq_' . $result[0][$i]['category_id'] . '_' . $result[0][$i]['item_id'] . '">' . str_replace('\\', '', $result[0][$i]['faq_question']) . '</a><br>'; } $output .= '</div>'; $current_category = ''; $draw_hr = true; $count = 1; for ($i = 0; $i < $result[1]; $i++) { if ($current_category == '') { $current_category = $result[0][$i]['category_name']; $draw_hr = false; $output .= '<br />' . draw_sub_title_bar($current_category, false); } else { if ($current_category != $result[0][$i]['category_name']) { $current_category = $result[0][$i]['category_name']; $draw_hr = false; $output .= '<br />' . draw_sub_title_bar($current_category, false); } else { $draw_hr = true; } } $output .= '<table width="100%" border="0" cellpadding="1" cellspacing="2"> ' . ($draw_hr ? '<tr align="left" valign="top"><td colspan="2"><hr size="1" style="color:#cccccc" noshade></td></tr>' : '') . ' <tr> <td><a name="faq_' . $result[0][$i]['category_id'] . '_' . $result[0][$i]['item_id'] . '"></a><strong>' . str_replace('\\', '', $result[0][$i]['faq_question']) . '</strong></td> </tr> <tr> <td>' . str_replace('\\', '', $result[0][$i]['faq_answer']) . '</td> </tr> <tr><td colspan="2" align="' . Application::Get('defined_right') . '"><a href="' . $page_url . '#up">top ^</a></td></tr> </table>'; } } } if ($draw) { echo $output; } else { return $output; } }
/** * Returns banners array */ public static function GetBannersArray() { $output = array(); $sql = 'SELECT b.id, b.image_file, b.link_url, b.priority_order, bd.image_text FROM ' . TABLE_BANNERS . ' b LEFT OUTER JOIN ' . TABLE_BANNERS_DESCRIPTION . ' bd ON b.id = bd.banner_id WHERE b.is_active = 1 AND b.image_file != \'\' AND bd.language_id = \'' . encode_text(Application::Get('lang')) . '\' ORDER BY priority_order ASC'; $result = database_query($sql, DATA_AND_ROWS, ALL_ROWS); if ($result[1] > 0) { $output = $result[0]; } return $output; }
$lat = mysql_fetch_array($getLat); $el = mysql_fetch_array($getEl); //Store GPS if ($long['longitude'] != NULL && $lat['latitude'] != NULL) { $wifi_gps_vals[] = array('longitude' => $long['longitude'], 'latitude' => $lat['latitude'], 'RSSI' => $vars[$i][1]); if ($el['elevation'] != NULL) { $wifi_gps_vals[] = array('elevation' => $el['elevation']); $el_count++; } } } echo mysql_error(); mysql_close($mysql_handle); return $wifi_gps_vals; } $wifi_gps_vals = database_query($mysql_handle); trilaterate($wifi_gps_vals, $el_count); /* * Checks if the wifi_gps_vals has data. * Data are sorted on strongest RSSI by default * Calculates GPS based on top 4, 3, 2, or 1 coordinates, based on RSSI * Trilaterlates based on weighted average of RSSI * Rounds coords to nearest 6th decimal, reducing accuracy by 0.0247 meters, or 0.0008% */ function trilaterate($wifi_gps_vals, $el_count) { if (isset($wifi_gps_vals)) { $sum_rssi = 0; //Used to calculate RSSI weighted average $user_lat = 0; $user_long = 0;
/** * Get all sub locations array * @param $location_id * @param $order - order clause */ public static function GetAllSubLocations($location_id = 0, $order = 'name ASC') { // Build ORDER BY clause $order_clause = !empty($order) ? 'ORDER BY ' . $order : ''; $sql = 'SELECT id, location_id, name FROM ' . TABLE_LISTINGS_SUB_LOCATIONS . ' WHERE location_id = ' . (int) $location_id . ' ' . $order_clause; return database_query($sql, DATA_AND_ROWS); }
/** * Execute backup the db OR just a table * @param $backup_file - backup file name * @param $tables - teables to backup */ public function ExecuteBackup($backup_file = '', $tables = '*') { $return = ''; $nl = "\n"; // block all operations on demo version if (strtolower(SITE_MODE) == 'demo') { $this->error = _OPERATION_BLOCKED; return false; } if ($backup_file == '') { $this->error = _BACKUP_EMPTY_NAME_ALERT; return false; } // save all tables if ($tables == '*') { $tables = array(); $result = database_query('SHOW TABLES', DATA_ONLY, ALL_ROWS, FETCH_ARRAY); foreach ($result as $key) { if (preg_match('/' . DB_PREFIX . '/', $key[0])) { $tables[] = $key[0]; } } } else { $tables = is_array($tables) ? $tables : explode(',', $tables); } // run cycle through foreach ($tables as $table) { $num_fields = database_query('SELECT * FROM ' . $table, FIELDS_ONLY); $result = database_query('SELECT * FROM ' . $table, DATA_ONLY, ALL_ROWS, FETCH_ARRAY); $return .= 'DROP TABLE IF EXISTS ' . $table . ';'; $row2 = database_query('SHOW CREATE TABLE ' . $table, DATA_ONLY, FIRST_ROW_ONLY, FETCH_ARRAY); $return .= $nl . $nl . $row2[1] . ';' . $nl . $nl; foreach ($result as $row) { $return .= 'INSERT INTO ' . $table . ' VALUES('; for ($j = 0; $j < $num_fields; $j++) { $row[$j] = addslashes($row[$j]); $row[$j] = preg_replace('/\\n/', '\\n', $row[$j]); if (isset($row[$j])) { $return .= '"' . $row[$j] . '"'; } else { $return .= '""'; } if ($j < $num_fields - 1) { $return .= ','; } } $return .= ');' . $nl; } $return .= $nl . $nl . $nl; } $backup_file_name = $backup_file == '' ? date('M-d-Y') : $backup_file; $backup_file_path = $this->backupDirectory . $this->backupFilePrefix . $backup_file_name . $this->backupFileExt; //save file @chmod($backup_file_path, 0755); $handle = @fopen($backup_file_path, 'w+'); if ($handle) { @fwrite($handle, $return); @fclose($handle); $result = true; } else { $this->error = _BACKUP_EXECUTING_ERROR; $result = false; } @chmod($backup_file_path, 0644); return $result; }
/** * Returns all email templates * @param @where_clause */ private function GetAllTemplates($where_clause = '') { $sql = 'SELECT language_id, template_code, template_name, template_subject, template_content, is_system_template FROM ' . $this->tableName . ' WHERE language_id = \'' . Application::Get('lang') . '\' ' . ($where_clause != '' ? ' AND ' . $where_clause : '') . ' ORDER BY is_system_template ASC'; $result = database_query($sql, DATA_AND_ROWS, ALL_ROWS); return $result; }
/** * Get menu pages * @param $menu_id * @param $lang_id */ public static function GetMenuPages($menu_id = '0', $lang_id = '') { global $objLogin; $where_clause = $lang_id != '' ? ' AND ' . TABLE_PAGES . '.language_id = \'' . $lang_id . '\' ' : ''; // Get all top menus $sql = 'SELECT ' . TABLE_PAGES . '.* FROM ' . TABLE_PAGES . ' INNER JOIN ' . TABLE_MENUS . ' ON ' . TABLE_PAGES . '.menu_id = ' . TABLE_MENUS . '.id WHERE ' . TABLE_MENUS . '.id = \'' . $menu_id . '\' AND ' . TABLE_PAGES . '.is_published = 1 AND (' . TABLE_PAGES . '.finish_publishing = \'0000-00-00\' OR ' . TABLE_PAGES . '.finish_publishing >= \'' . @date('Y-m-d') . '\') ' . (!$objLogin->IsLoggedIn() ? ' AND (' . TABLE_MENUS . '.access_level = \'public\' AND ' . TABLE_PAGES . '.access_level = \'public\')' : '') . ' ' . $where_clause . ' ORDER BY ' . TABLE_PAGES . '.priority_order ASC'; return database_query($sql, DATA_AND_ROWS); }
/** * After-Deleting Record */ public function AfterDeleteRecord() { $sql = 'SELECT id, is_active FROM ' . TABLE_CURRENCIES; if ($result = database_query($sql, DATA_AND_ROWS, ALL_ROWS)) { if ((int) $result[1] == 1) { // make last currency always $sql = 'UPDATE ' . TABLE_CURRENCIES . ' SET rate= \'1\', is_default = \'1\', is_active = \'1\' WHERE id= ' . (int) $result[0][0]['id']; database_void_query($sql); return true; } } return true; }
/** * Returns customer info by listing id * @param $where_clause */ public static function GetCustomerInfoByListing($where_clause = '') { $sql = 'SELECT l.id, c.id as customer_id, c.first_name, c.last_name, c.email, (SELECT COUNT(*) FROM ' . TABLE_INQUIRIES_HISTORY . ' ih WHERE ih.customer_id = l.customer_id AND DATEDIFF(\'' . date('Y-m-d H:i:s') . '\', ih.date_added) < 31) as inquiries_sent, ap.inquiries_count as inquiries_allowed FROM ' . TABLE_LISTINGS . ' l INNER JOIN ' . TABLE_CUSTOMERS . ' c ON l.customer_id = c.id INNER JOIN ' . TABLE_ADVERTISE_PLANS . ' ap ON l.advertise_plan_id = ap.id WHERE 1 = 1 ' . (!empty($where_clause) ? ' AND ' . $where_clause : ''); return database_query($sql, DATA_AND_ROWS, ALL_ROWS); }
function password_update($username, $password) { global $db; $hash = password_encrypt($password); $query = "UPDATE logins "; $query .= "SET password_change = 0, "; $query .= "password='******' "; $query .= "WHERE username = '******'"; $update_result = database_query($query); }
/** * Get number of comments awaiting moderation */ public static function AwaitingModerationCount() { $sql = 'SELECT COUNT(*) as cnt FROM ' . TABLE_COMMENTS . ' WHERE is_published = 0'; $result = database_query($sql, DATA_AND_ROWS, FIRST_ROW_ONLY); if ($result[1] > 0) { return $result[0]['cnt']; } return '0'; }
an estimated clearing date for the transaction. Once the transaction is cleared, the purchased products will be credited to your account in a few minutes.<br /><br /> If you don\'t see any changes on your account during 72 hours, please contact us to: ' . $sender; //////////////////////////////////////////////////////////// send_email_wo_template($recipient, $sender, 'Order placed (eCheck payment in progress - ' . $objSiteDescription->GetParameter('header_text') . ')', $email_text); //////////////////////////////////////////////////////////// } break; case 'Completed': // 2 order completed $sql = 'SELECT id, order_number, currency, customer_id, advertise_plan_id, listings_amount, order_price, vat_fee, total_price FROM ' . TABLE_ORDERS . ' WHERE order_number = \'' . $order_number . '\' AND status = 0'; $result = database_query($sql, DATA_AND_ROWS, FIRST_ROW_ONLY); if ($result[1] > 0) { write_log($sql); // check for possible problem or hack attack if ($total <= 1 || abs($total - $result[0]['total_price']) > 1) { $ip_address = isset($_SERVER['HTTP_X_FORWARD_FOR']) && $_SERVER['HTTP_X_FORWARD_FOR'] ? $_SERVER['HTTP_X_FORWARD_FOR'] : $_SERVER['REMOTE_ADDR']; $message = 'From IP: ' . $ip_address . "<br />\n"; $message .= 'Status: ' . $status . "<br />\n"; $message .= 'Possible Attempt of Hack Attack? ' . "<br />\n"; $message .= 'Please check this order: ' . "<br />\n"; $message .= 'Order Price: ' . $result[0]['total_price'] . "<br />\n"; $message .= 'Payment Processing Gross Price: ' . $total . "<br />\n"; write_log($message); break; } $sql = 'UPDATE ' . TABLE_ORDERS . ' SET
/** * Get all locations array * @param $order - order clause */ public static function GetAllLocations($order = 'name ASC') { // Build ORDER BY clause $order_clause = !empty($order) ? 'ORDER BY ' . $order : ''; $sql = 'SELECT id, name, is_active FROM ' . TABLE_LISTINGS_LOCATIONS . ' WHERE is_active = 1 ' . $order_clause; return database_query($sql, DATA_AND_ROWS); }