/** * register, and login * * @return array status */ function Privacy_register() { $password = $_REQUEST['password']; $token = $_REQUEST['token']; $reg = @$_SESSION['privacy']['registration']; $email = @$reg['email']; $custom = @$reg['custom']; if (!is_array($custom)) { $custom = array(); } $sql = 'select id from user_accounts where email="' . addslashes($email) . '"'; if (dbOne($sql, 'id')) { return array('error' => __('already registered')); } if ($token && $token == @$reg['token']) { $latlngsql = ''; if (@$custom['_location']) { $latlng = dbRow('select lat,lng from locations where id=' . (int) $custom['_location']); if ($latlng) { $latlngsql = ',location_lat=' . $latlng['lat'] . ',location_lng=' . $latlng['lng']; } } $sql = 'insert into user_accounts set email="' . addslashes($email) . '",' . 'password=md5("' . addslashes($password) . '"),active=1,date_created=now(),' . 'extras="' . addslashes(json_encode($custom)) . '"' . $latlngsql; dbQuery($sql); return array('ok' => 1); } else { return array('error' => __('token does not match')); } }
/** * check uploaded file to see if it's acceptable * * @param array $vars list of parameters * * @return boolean */ function ThemesApi_filesCheck($vars) { /** * check if this file should be handled * by this plugin */ $file = explode('/', $vars['requested_file']); $dir = $file[1]; if ($file[1] != 'themes_api') { return true; } /** * if you are a moderator, then you can download */ $id = $file[3]; $moderated = dbOne('select moderated from themes_api where id=' . $id, 'moderated'); if ($moderated == 'no') { die(__('This theme is awaiting moderation and has not been deemed as safe yet.')); } // save in database $referrer = @$_SERVER['HTTP_REFERER']; $ip = @$_SERVER['REMOTE_ADDR']; dbQuery('insert into themes_downloads values("",' . $id . ',"' . $referrer . '","' . $ip . '",now())'); return false; }
/** * add a subscriber to an addressbook * * @param int $sid subscriber ID * @param int $aid addressbook ID * * @return null */ function SMS_subscribeToAddressbook($sid, $aid) { $subscribers = json_decode(dbOne('select subscribers from sms_addressbooks where id=' . $aid, 'subscribers')); if (in_array($sid, $subscribers)) { return; } $subscribers[] = $sid; dbQuery('update sms_addressbooks set subscribers="' . addslashes(json_encode($subscribers)) . '" where id=' . $aid); }
/** * DynamicSearch_catags * * @param array $catags categories * @param string $s search string * @param string $cat category to search * @param int $limit how many results to return * * @return array */ function DynamicSearch_catags($catags, $s, $cat, $limit) { if (!in_array($cat, $catags)) { die('Category does not exist.'); } $id = dbOne('select id from pages where name="' . $cat . '"', 'id'); $gd = getDescendants($id); $q = dbAll('select * from pages where (id=' . $id . ' ' . $gd . ') and (body like "%' . $s . '%" or name like "%' . $s . '%") order by edate limit ' . $limit); return $q; }
/** * check for new emails * * @param object $vars config object * * @return array array of results */ function Aggregator_show($vars) { if (!is_array($vars) && isset($vars->id) && $vars->id) { $data = dbOne('select data from messaging_notifier where id=' . $vars->id, 'data', 'messaging_notifier'); if ($data) { return Aggregator_parse(json_decode($data), $vars); } } return ''; }
/** * ImageGallery_adminDetailsGet * get details of a gallery * * @return details of the gallery */ function ImageGallery_adminDetailsGet() { $id = (int) @$_REQUEST['id']; if (!$id) { Core_quit(); } $meta = dbOne('select meta from image_gallery where id=' . $id, 'meta'); $meta = json_decode($meta, true); return $meta; }
/** * delete an ad type * * @return null */ function Ads_adminTypesDelete() { $id = (int) $_REQUEST['id']; $ads = dbOne('select count(id) ids from ads where type_id=' . $id, 'ids'); if ($ads) { return array('error' => 'cannot delete this Ad Type because there are Ads using it'); } dbQuery('delete from ads_types where id=' . $id); return array('ok' => 1); }
function Stats_value($type, $duration) { switch ($type) { case 'unique_visitors': case 'page_loads': break; default: return 'invalid type'; } $duration = (int) $duration; $sql = 'select sum(' . $type . ') as val from logs_archive' . ' where cdate>date_add(now(), interval -' . $duration . ' day)'; return dbOne($sql, 'val'); }
/** * get a list of issue types * * @return array list */ function IssueTracker_adminTypeNew() { $name = $_REQUEST['name']; if (!$name) { return array('error' => 'no name provided'); } $sql = 'select id from issuetracker_types where name="' . addslashes($name) . '"'; if (dbOne($sql, 'id')) { return array('error' => 'an issue type with that name already exists'); } dbQuery('insert into issuetracker_types set name="' . addslashes($name) . '"' . ', fields="[]"'); return array('id' => dbLastInsertId()); }
function Menu_getHtml() { global $DBVARS; require_once SCRIPTBASE . 'ww.incs/menus.php'; require_once SCRIPTBASE . 'ww.incs/common.php'; $vars = null; if (isset($_REQUEST['vars'])) { $vars = json_decode($_REQUEST['vars']); } if ($vars && isset($vars->id) && $vars->id) { $id = $vars->id; $vars = Core_cacheLoad('menus', $id, -1); if ($vars === -1) { $vars = dbRow('select * from menus where id=' . $id); Core_cacheSave('menus', $id, $vars); } if ($vars['cache']) { header('Cache-Control: max-age=' . $vars['cache'] . ', public'); header('Expires: Fri, 1 Jan 2500 01:01:01 GMT'); header('Expires-Active: On'); header('Pragma:'); header('Last-modified: ' . gmdate('D, d M Y H:i:s', time())); } if ($vars['parent'] == '-1') { global $PAGEDATA; $pid = $PAGEDATA->id; if ($pid) { $n = dbOne('select id from pages where parent=' . $pid . ' limit 1', id); if (!$n) { $pid = (int) $PAGEDATA->parent; if (!$pid) { return ''; } } } $vars['parent'] = $pid; } } header('Content-type: text/javascript'); echo 'document.write("' . addslashes(Core_menuShowFg($vars)) . '");'; echo join(';', $GLOBALS['scripts_inline']); $cdn = isset($DBVARS['cdn']) ? '//' . $DBVARS['cdn'] : ''; foreach ($GLOBALS['scripts'] as $r) { echo 'document.write("<script src=\\"' . $cdn . $r . '\\"></script>");'; } foreach ($GLOBALS['css_urls'] as $r) { echo 'document.write("<link rel=\\"stylesheet\\" type=\\"text/css\\" href=\\"' . $cdn . $r . '\\"/>");'; } exit; }
function isInGroup($group) { if (isset($this->groupsByName[$group])) { return $this->groupsByName[$group]; } if (!isset($this->groupsByName)) { $this->groupsByName = array(); } $gid = dbOne('select id from groups where name="' . addslashes($group) . '"', 'id'); if (!$gid) { $this->groupsByName[$group] = 0; return false; } $this->groupsByName[$group] = dbOne('select groups_id from users_groups where groups_id=' . $gid . ' and user_accounts_id=' . $this->id, 'groups_id'); return $this->groupsByName[$group]; }
/** * send a random code to an email address to verify it * * @ return array saying it happened */ function Forms_verificationSend() { if (!isset($_REQUEST['email'])) { return array('error' => 'no email parameter'); } $email = $_REQUEST['email']; if (!filter_var($email, FILTER_VALIDATE_EMAIL)) { return array('error' => 'invalid email address'); } if (!isset($_SESSION['emails'])) { $_SESSION['emails'] = array(); } if (!isset($_SESSION['emails'][$email])) { $pid = (int) @$_REQUEST['page']; if ($pid) { $page = Page::getInstance($pid); if (!$page) { return array('error' => 'page not found'); } $page->initValues(); $prevent = (int) @$page->vars['forms_preventUserFromSubmitting']; if ($prevent) { $id = (int) dbOne('select id from user_accounts where email="' . addslashes($email) . '"', 'id'); if ($id) { if ($prevent == 1) { // don't allow any users to submit return array('error' => $page->vars['forms_preventUserFromSubmittingMessage']); } if ($prevent < 4) { // parse conditions $user = User::getInstance($id); if ($user) { $cond_val = $page->vars['forms_preventUserFromSubmittingCondVal']; $cond_key = $page->vars['forms_preventUserFromSubmittingCondKey']; if ($prevent == 3 && $user->get($cond_key) == $cond_val || $prevent == 2 && $user->get($cond_key) != $cond_val) { return array('error' => $page->vars['forms_preventUserFromSubmittingMessage']); } } } } } } $_SESSION['emails'][$email] = rand(10000, 99999); } mail($email, '[' . $_SERVER['HTTP_HOST'] . '] email verification code', 'The verification code for this email address is: ' . $_SESSION['emails'][$email]); return array('ok' => 1); }
/** * switches the reader to a translation if one exists * * @param object $PAGEDATA page object * * @return void */ function Translate_checkCurrentPage($PAGEDATA) { // { if this is a translation page, and no language is selected, select this one. if ($PAGEDATA->type == 'translate' && !isset($_SESSION['translate-lang'])) { $_SESSION['translate-lang'] = $PAGEDATA->vars['translate_language']; } // } // { if no language is selected, then return if (!isset($_SESSION['translate-lang']) || !$_SESSION['translate-lang']) { return; } // } // { various checks if this page is a translation one $page_to_translate = $PAGEDATA->id; if ($PAGEDATA->type == 'translate') { // { if this page's language is the selected one, return if ($PAGEDATA->vars['translate_language'] == $_SESSION['translate-lang']) { return; } // } $page_to_translate = (int) $PAGEDATA->vars['translate_page_id']; } $trs = dbAll('select page_id from page_vars where name="translate_page_id" and value=' . $page_to_translate, false, 'page_vars'); // { try to find a version of the current page in the selected language if ($trs === false || !count($trs)) { return; } $ids = array(); foreach ($trs as $tr) { $ids[] = $tr['page_id']; } $page_id = dbOne('select page_id from page_vars where name="translate_language" and value="' . addslashes($_SESSION['translate-lang']) . '" limit 1', 'page_id'); // { if none found, return if ($page_id === false) { return; } // } $page = Page::getInstance($page_id); if ($page->id) { redirect($page->getRelativeUrl()); } // } }
/** * show the news in Headline mode * * @param array $PAGEDATA the page object * * @return string HTML of the news */ function News_displayHeadlines($PAGEDATA) { $items_per_page = isset($PAGEDATA->vars['news_items']) ? $PAGEDATA->vars['news_items'] : 5; $p = isset($_REQUEST['news_page']) ? (int) $_REQUEST['news_page'] : 0; if ($p < 0) { $p = 0; } $arr = Core_cacheLoad('pages', 'news-' . $GLOBALS['id'] . '-' . $p . '-' . $items_per_page); if ($arr === false) { $order_by = isset($PAGEDATA->vars['news_order']) ? addslashes($PAGEDATA->vars['news_order']) : 'associated_date desc'; $rs = dbAll('select * from pages where parent=' . $GLOBALS['id'] . ' order by ' . $order_by . ',cdate desc limit ' . $p . ',' . $items_per_page); $num_stories = dbOne('select count(id) as num from pages where parent=' . $GLOBALS['id'], 'num'); Core_cacheSave('pages', 'news-' . $GLOBALS['id'] . '-' . $p . '-' . $items_per_page, array($num_stories, $rs)); } else { $num_stories = $arr[0]; $rs = $arr[1]; unset($arr); } $nextprev = array(); $nextprev[] = '<span class="page_n_of_n">' . __('page %1 of %2', array(1 + floor($p / $items_per_page), ceil($num_stories / $items_per_page)), 'core') . '</span>'; if ($p) { $nextprev[] = '<a class="prev" href="?news_page=' . ($p - $items_per_page) . '">' . __('Previous Page') . '</a>'; } if ($p + $items_per_page < $num_stories) { $nextprev[] = '<a class="next" href="?news_page=' . ($p + $items_per_page) . '">' . __('Next Page') . '</a>'; } $nextprev = '<div class="nextprev">' . join(' | ', $nextprev) . '</div>'; $html = $nextprev; $links = array(); foreach ($rs as $r) { $page = Page::getInstance($r['id'], $r); $content = isset($PAGEDATA->vars['news_display']) && $PAGEDATA->vars['news_display'] == 'full' ? $page->render() : substr(preg_replace('/<[^>]*>/', '', preg_replace('#<h1>[^<]*</h1>#', '', $page->render())), 0, 600); $date = isset($PAGEDATA->vars['news_title']) && $PAGEDATA->vars['news_title'] == 'yes' ? '<h2 class="news-header"><a href="' . $page->getRelativeURL() . '">' . htmlspecialchars($page->name) . '</a></h2>' . '<a class="news-date" href="' . $page->getRelativeURL() . '">' . __('posted on %1', array(Core_dateM2H($page->associated_date)), 'core') . '</a>' : ''; if (!isset($page->associated_date) || !$page->associated_date) { $page->associated_date = $page->cdate; } $links[] = $date . '<p class="news-paragraph">' . $content . '...</p>'; } $html .= join('<div class="news-break"></div>', $links); $html .= $nextprev; return $html; }
/** * returns the amount of money that a issue has * * @return null */ function IssueTracker_getDepositedValue() { $id = $_REQUEST['id']; $amount = 0; $meta = dbOne("select `meta` from `issuetracker_issues` where `id`=" . $id, 'meta'); $meta = json_decode($meta, true); if (array_key_exists('paid_credits', $meta)) { $amount = $meta['paid_credits']; } return $amount; }
$header .= "Content-Type: application/x-www-form-urlencoded\r\n"; $header .= "Content-Length: " . strlen($req) . "\r\n\r\n"; $fp = fsockopen('ssl://www.paypal.com', 443, $errno, $errstr, 30); if (!$fp) { // HTTP ERROR } else { fputs($fp, $header . $req); while (!feof($fp)) { $res = fgets($fp, 1024); if (strcmp($res, "VERIFIED") == 0) { require $_SERVER['DOCUMENT_ROOT'] . '/ww.incs/basics.php'; $gid = (int) $_POST['item_number']; $uid = (int) $_POST['custom']; if ($gid < 1 || $uid < 1) { exit; } $meta = json_decode(dbOne('select meta from groups where id=' . $gid, 'meta'), true); $r = dbOne('select expires from users_groups where user_accounts_id=' . $uid . ' and groups_id=' . $gid, 'expires'); if ($r) { dbQuery('update users_groups set expires=date_add(expires, interval ' . $meta['paid-membership-subscription-period-num'] . ' ' . $meta['paid-membership-subscription-period'] . ') where user_accounts_id=' . $uid . ' and groups_id=' . $gid); } else { // Core_addUserToGroup($uid, $gid); dbQuery('insert into users_groups set expires=date_add(now(), interval ' . $meta['paid-membership-subscription-period-num'] . ' ' . $meta['paid-membership-subscription-period'] . '),user_accounts_id=' . $uid . ',groups_id=' . $gid); } } else { if (strcmp($res, "INVALID") == 0) { } } } fclose($fp); }
$regex = '/https.*api.twitter.com.*statuses/'; if (!preg_match($regex, $r->url)) { $username = preg_replace('#.*/#', '', $r->url); $data[$k]->url = 'https://api.twitter.com/1/statuses/' . 'user_timeline.rss?screen_name=' . $username; } } } $data = addslashes(json_encode($data)); $sql = "messaging_notifier set data='{$data}'"; if ($id) { $sql = "update {$sql} where id={$id}"; dbQuery($sql); } else { $sql = "insert into {$sql}"; dbQuery($sql); $id = dbOne('select last_insert_id() as id', 'id'); } $ret = array('id' => $id, 'id_was' => $id_was, 'datastr' => $_REQUEST['data'], 'dataobj' => $data); echo json_encode($ret); Core_cacheClear('messaging_notifier'); Core_quit(); } if (isset($_REQUEST['id'])) { $id = (int) $_REQUEST['id']; } else { $id = 0; } echo '<a href="javascript:;" id="messaging_notifier_editlink_' . $id . '" class="button messaging_notifier_editlink">view or edit feeds</a><br />'; // { show story title echo '<strong>hide story title</strong><br />' . '<select name="hide_story_title"><option value="0">No</option>' . '<option value="1"'; if (@$_REQUEST['hide_story_title'] == 1) {
// } echo '</table></div>'; // } // { SEO / Metadata echo '<div id="seo"><table>'; // { title echo '<tr><th><span class="help title"></span>' . __('title') . '</th>' . '<td><input name="title" value="' . htmlspecialchars($page['title']) . '"/></td>' . '</tr>'; // } // { keywords echo '<tr><th>' . __('keywords') . '</th><td><input name="keywords" value="' . htmlspecialchars($page['keywords']) . '"/></td></tr>'; // } // { description echo '<tr><th>' . __('description') . '</th><td><textarea class="large" name="d' . 'escription">' . htmlspecialchars($page['description']) . '</textarea></td><' . '/tr>'; // } // { short URL echo '<tr><th>' . __('Short URL') . '</th><td><input name="short_url" value="' . htmlspecialchars(dbOne('select short_url from short_urls where page_id=' . $id, 'short_url')) . '" /></td></tr>'; // } // { sitemap importance $importance = (double) $page['importance']; if ($importance < 0.1) { $importance = 0.5; } echo '<tr title="' . __('used by Google. importance of page relative to other pages on site. valu' . 'es 0.1 to 1.0') . '"><th>' . __('importance') . '</th><td><input name="importance" value="' . $importance . '" /></td></tr>'; if (!isset($page_vars['google-site-verification'])) { $page_vars['google-site-verification'] = ''; } // } // { google site verification echo '<tr><th>' . __('Google Site Verification') . '</th><td><input name="page_' . 'vars[google-site-verification]" value="' . htmlspecialchars($page_vars['google-site-verification']) . '" /></td></tr>'; // } // { other <head> HTML
*/ if (count($themes) == 0) { die(__('Themes database empty!')); } /** * add themes awaiting moderation to the $moderation array */ $moderation = array(); for ($i = 0; $i < count($themes); ++$i) { if ($themes[$i]['moderated'] == 'no') { array_push($moderation, $themes[$i]); } } if (count($moderation) == 0) { die(__('No themes awaiting moderation!')); } /** * write javascript and add it to caching scheme */ $script = '$(".delete").click(function(){var theme_id=$(this).attr("id");var ' . 'user_id=$(this).attr("userid");var hash=Math.floor(Math.random()*1001);' . 'var dataString="theme_id="+theme_id+"&user_id="+user_id;var $this=$(thi' . 's);$.ajax({type:"POST",data:dataString,url:"/ww.plugins/themes-api/admi' . 'n/delete-theme.php?hash="+hash,success:function(html){if(html=="ok")$th' . 'is.parent().parent().fadeOut("slow");else alert("' . addslashes(__('There was an error deleting the file,please try again')) . '");}});});$(".approve").click(function(){var theme_id=$(this).attr("id"' . ');var user_id=$(this).attr("userid");var hash=Math.floor(Math.random()*' . '1001);var dataString="theme_id="+theme_id+"&user_id="+user_id;var $this' . '=$(this);$.ajax({type:"POST",data:dataString,url:"/ww.plugins/themes-ap' . 'i/admin/approve-theme.php?hash="+hash,success:function(html){if(html=="' . 'ok")$this.parent().parent().fadeOut("slow");else alert("' . addslashes(__('There was an error approving the file. Please try again.')) . '");}});});'; WW_addInlineScript($script); echo '<table><tr><th>' . __('Name') . '</th><th>' . __('Version') . '</th><th>' . __('Description') . '</th><th>' . __('Download') . '</th><th>' . __('Submit Date') . '</th><th>' . __('Author') . '</th><th>' . __('Approve') . '</th><th>' . __('Delete') . '</th></tr>'; /** * print themes in table */ foreach ($moderation as $theme) { $author = dbOne('select name from user_accounts where id=' . $theme['author'], 'name'); $d_name = $theme['id'] . '/' . $theme['id'] . '.zip'; echo '<tr>' . '<td>' . $theme['name'] . '</td>' . '<td>' . $theme['version'] . '</td>' . '<td>' . substr($theme['description'], 0, 30) . '...</td>' . '<td><a href="/ww.plugins/themes-api/api.php?download=true&id=' . $theme['id'] . '">' . $d_name . '</a></td>' . '<td>' . $theme['last_updated'] . '</td>' . '<td><a href="' . $theme['author_url'] . '">' . $author . '</a></td>' . '<td><a id="' . $theme['id'] . '" userid="' . $theme['author'] . '" href="#" class="approve">[-]</a></td>' . '<td><a id="' . $theme['id'] . '" userid="' . $theme['author'] . '" href="#" class="delete">[x]</a></td>'; } echo '</table>';
echo '<h3>List Users</h3>'; echo '<a class="button" href="siteoptions.php?page=users&id=-1">' . __('Create User') . '</a>'; $groups = array(); // { list all users $users = dbAll('select active,id,name,email,last_login,last_view from user_accounts ' . 'order by last_view desc,last_login desc,email'); echo '<table id="users-list"><thead><tr><th>User</th><th>Groups</th><th>Last' . ' Login</th><th>Last View</th><th>Actions</th></tr></thead><tbody>'; foreach ($users as $user) { $name = $user['name'] ? $user['name'] : $user['email']; echo '<tr' . ($user['active'] ? '' : ' class="inactive"') . '>' . '<td><a href="siteoptions.php?page=users&id=' . $user['id'] . '">' . htmlspecialchars($name) . '</a></td>'; // { groups echo '<td>'; $grs = dbAll("select * from users_groups where user_accounts_id={$user['id']}"); $garr = array(); foreach ($grs as $gr) { if (!isset($groups[$gr['groups_id']])) { $groups[$gr['groups_id']] = dbOne("select name from groups where id={$gr['groups_id']} limit 1", 'name'); } $garr[] = $groups[$gr['groups_id']]; } echo join(', ', $garr); echo '</td>'; // } // { last login echo '<td><span class="nodisplay">' . $user['last_login'] . '</span>'; if ($user['last_login'] == '0000-00-00 00:00:00') { echo 'never</td>'; } else { echo Core_dateM2H($user['last_login']) . '</td>'; } // } // { last view
* script for showing all items in a gallery * * PHP Version 5 * * @category Whatever * @package None * @subpackage None * @author Kae Verens <*****@*****.**> * @license GPL Version 2 * @link www.kvweb.me */ require $_SERVER['DOCUMENT_ROOT'] . '/ww.incs/basics.php'; if (!Core_isAdmin()) { die(__('access denied')); } $id = (int) @$_POST['id']; if ($id == 0) { Core_quit(); } $image = dbRow('select * from image_gallery where id=' . $id); $meta = json_decode($image['meta'], true); $dir = dbOne('select value from page_vars where name="image_gallery_directory"' . 'and page_id=' . $image['gallery_id'], 'value'); if (!$dir) { $dir = '/image-galleries/imagegallery-' . $image['gallery_id']; dbQuery('insert into page_vars set name="image_gallery_directory",value="' . addslashes($dir) . '",page_id=' . $image['gallery_id']); } echo '<li id="image_' . $id . '">'; echo '<img id="image-gallery-image' . $id . '" src="/a/f=getImg/w=64/h=64/' . $dir . '/' . $meta['name'] . '"/>'; echo '<a href="javascript:;" class="edit-img" id="' . $id . '">' . __('Edit') . '</a> ' . __('or') . ' '; echo '<a href="javascript:;" class="delete-img" id="' . $id . '">' . __('[x]') . '</a>'; echo '</li>';
} $dir = $tmpdir . '/site'; CoreDirectory::delete($dir); mkdir($dir); $ubase = USERBASE; $fdir = USERBASE . '/f'; $tdir = USERBASE . '/themes-personal'; `cd {$ubase} && zip -r {$dir}/files.zip f`; $theme = $DBVARS['theme']; `cd {$ubase} && zip -r {$dir}/theme.zip themes-personal/{$theme}`; $tables = dbAll('show tables'); mkdir($dir . '/db'); foreach ($tables as $table) { foreach ($table as $k => $v) { mkdir($dir . '/db/' . $v); $count = dbOne('select count(*) as cnt from ' . $v, 'cnt'); for ($i = 0; $i < $count; $i += 100) { $data = dbAll('select * from `' . $v . '` limit ' . $i . ', 100'); file_put_contents($dir . '/db/' . $v . '/' . $i / 100 . '.json', json_encode($data)); } } } require CONFIG_FILE; unset($DBVARS['username']); unset($DBVARS['password']); unset($DBVARS['hostname']); unset($DBVARS['db_name']); unset($DBVARS['userbase']); unset($DBVARS['theme_dir']); unset($DBVARS['theme_dir_personal']); file_put_contents($dir . '/config.json', json_encode($DBVARS));
function products_adminFixOrphanedCategories() { $rs = dbAll('select id,name,parent_id from products_categories'); foreach ($rs as $r) { if ($r['parent_id'] == '0') { continue; } $pid = dbOne('select id from products_categories where id=' . $r['parent_id'], 'id'); if (!$pid) { $sql = 'update products_categories set parent_id=0 where id=' . $r['id']; dbQuery($sql); echo $sql . "<br/>"; } else { echo 'product_category ' . $r['name'] . ' is okay.<br/>'; } } Core_cacheClear('products_categories'); exit; }
* @author Kae Verens <*****@*****.**> * @license GPL 2.0 * @link http://kvsites.ie/ */ $theme_id = addslashes(@$_POST['theme_id']); $user_id = addslashes(@$_POST['user_id']); if ($theme_id == 0 || $user_id == 0) { die('error'); } require_once '../../../ww.incs/basics.php'; require_once SCRIPTBASE . 'ww.incs/mail.php'; /** * get data on the theme and the user */ $user = dbRow('select name,email from user_accounts where id=' . $user_id); $theme_name = dbOne('select name from themes_api where id=' . $theme_id, 'name'); /** * delete theme from user-files * and from themes-personal */ shell_exec('rm -rf ' . USERBASE . '/f/themes_api/themes/' . $theme_id); shell_exec('rm -rf ' . USERBASE . '/themes-personal/' . $theme_name); /** * delete the theme from the db */ dbQuery('delete from themes_api where id=' . $theme_id); /** * send the user an email telling them the theme * was deleted */ $cms_name = DistConfig::get('cms-name');
/** * get a list of products in datatables format * * @return array products list */ function ClassifiedAds_adminAdsGetDT() { $start = (int) $_REQUEST['iDisplayStart']; $length = (int) $_REQUEST['iDisplayLength']; $search = $_REQUEST['sSearch']; $orderby = (int) $_REQUEST['iSortCol_0']; $orderdesc = $_REQUEST['sSortDir_0'] == 'desc' ? 'desc' : 'asc'; switch ($orderby) { case 2: $orderby = 'expiry_date'; break; case 3: $orderby = 'user_id'; break; case 4: $orderby = 'cost'; break; default: $orderby = 'expiry_date'; } $filters = array(); if ($search) { $filters[] = 'expiry_date like "%' . addslashes($search) . '%"' . ' or cost like "%' . addslashes($search) . '%"'; } $filter = ''; if (count($filters)) { $filter = 'where ' . join(' and ', $filters); } $rs = dbAll('select id,user_id, creation_date, expiry_date,cost,status' . ' from classifiedads_ad ' . $filter . ' order by ' . $orderby . ' ' . $orderdesc . ' limit ' . $start . ',' . $length); $result = array(); $result['sEcho'] = intval($_GET['sEcho']); $result['iTotalRecords'] = dbOne('select count(id) as ids from classifiedads_ad', 'ids'); $result['iTotalDisplayRecords'] = dbOne('select count(id) as ids from classifiedads_ad ' . $filter, 'ids'); $arr = array(); foreach ($rs as $r) { $row = array($r['id']); $row[] = $r['creation_date']; $row[] = $r['expiry_date']; // { user $user = User::getInstance($r['user_id'], false, false); $row[] = $r['user_id'] . '|' . ($user ? $user->get('name') : 'unknown owner'); // } // { cost $row[] = $r['cost']; // } // { paid $row[] = $r['status'] == '1' ? 'Yes' : 'No'; // } $row[] = ''; $arr[] = $row; } $result['aaData'] = $arr; return $result; }
/** * get the id from the last database insert query * * @return int last insert id */ function dbLastInsertId() { return (int) dbOne('select last_insert_id() as id', 'id'); }
if ($version == 15) { // no longer using page_vars for export variables // { export_dir $val = dbOne('select value from page_vars where name="online_stores_exportdir"', 'value'); dbQuery('insert into online_store_vars set name="export_dir"' . ', val="' . addslashes($val) . '"'); // } // { export_customers $val = dbOne('select value from page_vars where name="online_stores_exportcustomers"', 'value'); dbQuery('insert into online_store_vars set name="export_customers"' . ', val="' . addslashes($val) . '"'); // } // { export_customers_filename $val = dbOne('select value from page_vars' . ' where name="online_stores_exportcustomers_filename"', 'value'); dbQuery('insert into online_store_vars set name="export_customers_filename"' . ', val="' . addslashes($val) . '"'); // } // { export_at_what_point $val = (int) dbOne('select val from online_store_vars where name="invoices_by_email"', 'val'); dbQuery('insert into online_store_vars set name="export_at_what_point"' . ', val="' . addslashes($val) . '"'); // } $version = 16; } if ($version == 16) { // invoice ID dbQuery('alter table online_store_orders add invoice_num int default 0'); $version = 17; } if ($version == 17) { dbQuery('update online_store_orders set invoice_num=id'); $version = 18; } if ($version < 27) { // online_store_sales
$sql .= ',password=md5("' . addslashes($_REQUEST['password']) . '")'; } } if ($id == -1) { dbQuery('insert into user_accounts ' . $sql . ',date_created=now()'); $id = dbOne("select last_insert_id() as id limit 1", 'id'); } else { dbQuery('update user_accounts ' . $sql . ' where id=' . $id); } dbQuery("delete from users_groups where user_accounts_id={$id}"); // { first, create new groups if required if (isset($_REQUEST['new_groups'])) { foreach ($_REQUEST['new_groups'] as $ng) { $n = addslashes($ng); dbQuery("insert into groups set name='{$n}',parent=0"); $_REQUEST['groups'][dbOne('select last_insert_id() as id', 'id')] = true; } } // } if (isset($_REQUEST['groups'])) { foreach ($_REQUEST['groups'] as $k => $n) { dbQuery("insert into users_groups set user_accounts_id={$id},groups_id=" . (int) $k); } } echo '<em>users updated</em>'; if (isset($_REQUEST['email-to-send'])) { $site = preg_replace('/www\\./', '', $_SERVER['HTTP_HOST']); Core_mail($_REQUEST['email'], '[' . $site . '] user status update', $_REQUEST['email-to-send'], 'no-reply@' . $site); } Core_cacheSave('user-session-resets', $id, true); }
/** * update the tags on an image * * @return status */ function ImageGallery_tagsUpdate() { $id = (int) $_REQUEST['id']; $tags = $_REQUEST['tags']; $meta = dbOne('select meta from image_gallery where id=' . $id, 'meta'); if ($meta) { $meta = json_decode($meta, true); } else { $meta = array(); } $meta['tags'] = $tags; dbQuery('update image_gallery set meta="' . addslashes(json_encode($meta)) . '"' . ' where id=' . $id); return array('ok' => 1); }
<?php /** * Contains code to delete a question. It uses quickDelete.js to remove the row * * PHP Version 5 * * @category Quiz_Plugin * @package Webworks_WebME * @subpackage QuizPlugin * @author Belinda Hamilton <*****@*****.**> * @license This software is released under GPL V 2.0 * @link www.kvweb.me */ require $_SERVER['DOCUMENT_ROOT'] . '/ww.incs/basics.php'; if (!Core_isAdmin()) { die('access denied'); } if (!isset($_REQUEST['questionid']) || !is_numeric($_REQUEST['questionid'])) { Core_quit(); } $questionID = $_REQUEST['questionid']; dbQuery("DELETE FROM quiz_questions WHERE id = '{$questionID}'"); if (dbOne("SELECT id FROM quiz_questions where id = '{$questionID}'", 'id')) { echo '{"status":0}'; } else { echo '{"id":' . $questionID . ',"status":1}'; }