// Seitennamen: (Admin-Modus) define('P_Home', 'home'); define('P_Param', 'param'); define('P_Forum', 'forum'); define('P_Backup', 'backup'); define('P_ExportPages', 'exportpages'); define('P_Options', 'options'); define('P_PHPInfo', 'info'); define('P_Rename', 'rename'); // Dateinamen define('FN_PageExport', 'exp_pages.sql'); include "config.php"; include "classes.php"; $session = new Session($start_time); // All requests require the database dbOpen($session); $rc = dbCheckSession($session); if (!empty($rc)) { // p ("Keine Session gefunden: $session_id / $session_user ($rc)"); if (!empty($login_user)) { guiLoginAnswer($session); } else { guiLogin($session, ''); } } else { switch ($session->fPageName) { case P_Param: admParam($session, ''); break; case P_Home: admHome($session, '');
/** * Main zTag functions selector * * <code> * zdb_zexecute($tagId, $tagFunction, $arrayTag, $arrayTagId, $arrayOrder); * </code> * * @param integer $tagId array id of current zTag of $arrayTag array * @param string $tagFunction name of zTag function * @param array $arrayTag array with all compiled zTags * @param array $arrayTagId array with all Ids values * @param array $arrayOrder array with zTag executing order * * @since 1.0 */ function zdb_zexecute($tagId, $tagFunction, &$arrayTag, &$arrayTagId, $arrayOrder) { global $dbHandleDefault; $arrParam = $arrayTag[$tagId][ztagParam]; $strId = $arrParam["id"]; $strUpdate = $arrParam["update"]; $strDriver = $arrParam["driver"]; $strHost = $arrParam["host"]; $strDatabase = $arrParam["database"]; $strUser = $arrParam["user"]; $strPassword = $arrParam["password"]; $strFilename = $arrParam["filename"]; $strMode = $arrParam["mode"]; $strUse = $arrParam["use"]; $strName = $arrParam["name"]; $strTransform = $arrParam["transform"]; $errorMessage = ""; switch (strtolower($tagFunction)) { /*+ * Open a database connection to defined driver and parameters * * <code> * <zdb:open id="mysqlConn" driver="mysql" host="#mysqlHost" database="#mysqlDatabase" user="******" password="******" charset="utf8"/> * * <zdb:open id="sqliteConn" driver="sqlite" filename="/ZTag/SQLite.db" /> * </code> * * @param string id="MySQL Handle Id" * @param string driver="mssql|mysql|pgsql|sqlite|firebird" * @param string host="Host" * @param string database="Database name" * @param string user="******" * @param string password="******" * @param string charset="utf8" */ case "open": $strCharset = $arrParam["charset"]; $strDriver = constant("db{$strDriver}"); switch ($strDriver) { case dbOCI: $blnDatabase = 0; break; default: $blnDatabase = 1; } if (strlen($strHost)) { ztagReturnConstant($strHost); } if (strlen($strDatabase)) { ztagReturnConstant($strDatabase); } if (strlen($strUser)) { ztagReturnConstant($strUser); } if (strlen($strPassword)) { ztagReturnConstant($strPassword); } switch ($strDriver) { case dbSQLite: if (strlen($strFilename)) { ztagReturnConstant($strFilename); } if (strlen($strMode)) { ztagReturnConstant($strMode); } if (!$strMode) { $strMode = 0666; } $errorMessage .= ztagParamCheck($arrParam, "id,driver,filename"); $dbHandle = dbOpenFile($strDriver, $strFilename, $strMode); if ($arrParam["name"]) { $dbHandleDefault = $dbHandle; } break; case dbFirebird: // @TODO melhorar o esquema de retornar as variáveis, podemos usar o @@ para todas as variáveis, inclusive as constantes $errorMessage .= ztagParamCheck($arrParam, "id,driver,user,password,database"); $dbHandle = dbOpen($strDriver, $strHost, $strDatabase, $strUser, $strPassword); break; case dbMySQL: // @TODO melhorar o esquema de retornar as variáveis, podemos usar o @@ para todas as variáveis, inclusive as constantes if (!$strDatabase && $blnDatabase) { $checkParam .= ",database"; } $errorMessage .= ztagParamCheck($arrParam, "id,driver,host,user,password{$checkParam}"); $dbHandle = dbOpen($strDriver, $strHost, $strDatabase, $strUser, $strPassword, $strCharset); default: // @TODO melhorar o esquema de retornar as variáveis, podemos usar o @@ para todas as variáveis, inclusive as constantes if (!$strDatabase && $blnDatabase) { $checkParam .= ",database"; } $errorMessage .= ztagParamCheck($arrParam, "id,driver,host,user,password{$checkParam}"); $dbHandle = dbOpen($strDriver, $strHost, $strDatabase, $strUser, $strPassword); } if ($errorMessage) { $errorMessage .= "<br />{$strDriver}{$errorMessage}"; } $arrayTagId[$strId][ztagIdHandle] = $dbHandle; $arrayTagId[$strId][ztagIdType] = idTypeDB; $arrayTagId[$strId][ztagIdState] = idStateOpened; break; /*+ * Close the Database connection openned with Id. * * <code> * <zdb:close use="mysqlConn" /> * </code> * * @param string use="mysqlConn" */ /*+ * Close the Database connection openned with Id. * * <code> * <zdb:close use="mysqlConn" /> * </code> * * @param string use="mysqlConn" */ case "close": $errorMessage .= ztagParamCheck($arrParam, "use"); dbClose($arrayTagId[$strUse][ztagIdHandle]); $arrayTagId[$strUse][ztagIdState] = idStateClosed; break; /*+ * Set a SQL query to use with another zDB Tag. * * <code> * <zdb:query use="ociConn" id="ociQuery"> * SELECT US.NM_USUARIO userLogin * , P.NM_PESSOA userName * , P.CD_PESSOA userId * , US.CD_SESSAO_LOGIN userLoginLast * , US.CD_SESSAO_LOGIN_ERRO userLoginError * , US.NU_LOGIN_ERROS userLoginErrors * , to_char(US.DT_LOGIN_BLOQUEIO,'yyyy/mm/dd hh24:mi:ss') userLoginBlocked * FROM TB_USUARIO_SISTEMA US * LEFT JOIN TB_PESSOA P ON US.CD_PESSOA_USUARIO = P.CD_PESSOA * AND FL_ATIVO = 'S' * </zdb:query> * </code> * * @param string use="ociConn" The Id Handle from a Open zDB tag * @param string id="ociQuery" Id where the Query will be saved * @param string update="ociQuery" Id to be updated */ /*+ * Set a SQL query to use with another zDB Tag. * * <code> * <zdb:query use="ociConn" id="ociQuery"> * SELECT US.NM_USUARIO userLogin * , P.NM_PESSOA userName * , P.CD_PESSOA userId * , US.CD_SESSAO_LOGIN userLoginLast * , US.CD_SESSAO_LOGIN_ERRO userLoginError * , US.NU_LOGIN_ERROS userLoginErrors * , to_char(US.DT_LOGIN_BLOQUEIO,'yyyy/mm/dd hh24:mi:ss') userLoginBlocked * FROM TB_USUARIO_SISTEMA US * LEFT JOIN TB_PESSOA P ON US.CD_PESSOA_USUARIO = P.CD_PESSOA * AND FL_ATIVO = 'S' * </zdb:query> * </code> * * @param string use="ociConn" The Id Handle from a Open zDB tag * @param string id="ociQuery" Id where the Query will be saved * @param string update="ociQuery" Id to be updated */ case "query": $errorMessage .= ztagParamCheck($arrParam, "use"); if ($arrayTag[$tagId][ztagContentWidth]) { $strContent = ztagVars($arrayTag[$tagId][ztagContent], $arrayTagId); if (!strlen($strId)) { $errorMessage .= ztagParamCheck($arrParam, "update"); $strId = $strUpdate; } else { $errorMessage .= ztagParamCheck($arrParam, "id"); } if ($strId) { $arrayTagId[$strId][ztagIdValue] = $strContent; $arrayTagId[$strId][ztagIdLength] = strlen($strContent); $arrayTagId[$strId][ztagIdType] = idTypeQuery; $arrayTagId[$strId][ztagIdHandle] = $arrayTagId[$strUse][ztagIdHandle]; } dbQuery($arrayTagId[$strId][ztagIdHandle], $strContent); } else { $errorMessage .= "<br />Tag Query cannot be empty!"; } break; /*+ * Return TRUE if the current record is at the first * * <code> * <zdb:bof use="mysqlConn" /> * </code> * * @param string use="mysqlConn" - The Id Handle from a Open zDB tag */ /*+ * Return TRUE if the current record is at the first * * <code> * <zdb:bof use="mysqlConn" /> * </code> * * @param string use="mysqlConn" - The Id Handle from a Open zDB tag */ case "bof": $errorMessage .= ztagParamCheck($arrParam, "use"); $arrayTag[$tagId][ztagResult] = dbBOF($arrayTagId[$strUse][ztagIdHandle]); break; /*+ * Return TRUE if the current record is at the first * * <code> * <zdb:eof use="mysqlConn" /> * </code> * * use="mysqlConn" - The Id Handle from a Open zDB tag */ /*+ * Return TRUE if the current record is at the first * * <code> * <zdb:eof use="mysqlConn" /> * </code> * * use="mysqlConn" - The Id Handle from a Open zDB tag */ case "eof": $errorMessage .= ztagParamCheck($arrParam, "use"); $arrayTag[$tagId][ztagResult] = dbEOF($arrayTagId[$strUse][ztagIdHandle]); break; /*+ * Return TRUE if the current record is at the first * * <code> * <zdb:field use="mysqlConn" name="NM_NOME" /> * * Or * * <zdb:field name="NM_NOME" /> * </code> * * @param string use="mysqlConn" - The Id Handle from a Open zDB tag */ /*+ * Return TRUE if the current record is at the first * * <code> * <zdb:field use="mysqlConn" name="NM_NOME" /> * * Or * * <zdb:field name="NM_NOME" /> * </code> * * @param string use="mysqlConn" - The Id Handle from a Open zDB tag */ case "field": if ($intFather = $arrayTag[$tagId][ztagFather]) { $arrParam["use"] = "Field_{$intFather}"; } // echo "<br />intFather=$intFather"; $strVar = $arrParam["var"]; $errorMessage .= ztagParamCheck($arrParam, "use,name"); $dbHandle = $arrayTagId[$strUse][ztagIdHandle]; $dbHandleValue = $dbHandle[dbHandleFetch][$strName]; if ($strTransform) { $dbHandleValue = ztagTransform($dbHandleValue, $strTransform); } if ($strVar) { $arrayTagId["\$" . $strVar][ztagIdValue] = $dbHandleValue; $arrayTagId["\$" . $strVar][ztagIdType] = idTypeField; } $arrayTag[$tagId][ztagResult] = $dbHandleValue; break; /*+ * FieldVar * * <code> * <zdb:fieldvar use="mysqlConn" name="NM_NOME" var="$NM_NOME" /> * </code> * * @param string use="mysqlConn" The Id Handle from a Open zDB tag * @param string name="NM_NOME" * @param string var="$NM_NOME" */ /*+ * FieldVar * * <code> * <zdb:fieldvar use="mysqlConn" name="NM_NOME" var="$NM_NOME" /> * </code> * * @param string use="mysqlConn" The Id Handle from a Open zDB tag * @param string name="NM_NOME" * @param string var="$NM_NOME" */ case "fieldvar": $strVar = $arrParam["var"]; $errorMessage .= ztagParamCheck($arrParam, "use,name,var"); $dbHandle = $arrayTagId[$strUse][ztagIdHandle]; $dbHandleValue = $dbHandle[dbHandleFetch][$strName]; if ($strTransform) { $dbHandleValue = ztagTransform($dbHandleValue, $strTransform); } if ($strVar) { $arrayTagId["\$" . $strVar][ztagIdValue] = $dbHandleValue; $arrayTagId["\$" . $strVar][ztagIdType] = idTypeField; } break; /*+ * Prepare * * <code> * <zdb:prepare conn="oracleConn" use="oracleQuery" /> * </code> * * @param string conn="oracleConn" * @param string use="oracleQuery" */ /*+ * Prepare * * <code> * <zdb:prepare conn="oracleConn" use="oracleQuery" /> * </code> * * @param string conn="oracleConn" * @param string use="oracleQuery" */ case "prepare": $errorMessage .= ztagParamCheck($arrParam, "use,conn"); $dbHandle = $arrayTagId[$strConn][ztagIdHandle]; $dbQuery = $arrayTagId[$strUse][ztagIdValue]; dbPrepare($dbHandle, $dbQuery); break; /*+ * Prepare * * <code> * <zdb:param use="query002" param="P_CD_PESSOA_USUARIO" var="" type="PARAM_INT" /> * </code> * * @param string use="query002" * @param string param="P_CD_PESSOA_USUARIO" * @param string var="" * @param string type="PARAM_INT" */ /*+ * Prepare * * <code> * <zdb:param use="query002" param="P_CD_PESSOA_USUARIO" var="" type="PARAM_INT" /> * </code> * * @param string use="query002" * @param string param="P_CD_PESSOA_USUARIO" * @param string var="" * @param string type="PARAM_INT" */ case "param": $errorMessage .= ztagParamCheck($arrParam, "id,value"); $arrayTagId[$strId][ztagIdValue] = $strValue; $arrayTagId[$strId][ztagIdLength] = strlen($strValue); $arrayTagId[$strId][ztagIdType] = idTypeFVar; break; /*+ * Create * * <code> * <zdb:create use="query002" /> * </code> * * @param string use="query002" */ /*+ * Create * * <code> * <zdb:create use="query002" /> * </code> * * @param string use="query002" */ case "create": $errorMessage .= ztagParamCheck($arrParam, "id"); if ($arrayTag[$tagId][ztagContentWidth]) { $strContent = $arrayTag[$tagId][ztagContent]; $arrayTagId[$strId][ztagIdValue] = $strContent; $arrayTagId[$strId][ztagIdLength] = strlen($strContent); } break; /*+ * Show * * <code> * <zdb:show use="query002" /> * </code> * * @param string use="query002" */ /*+ * Show * * <code> * <zdb:show use="query002" /> * </code> * * @param string use="query002" */ case "show": $errorMessage .= ztagParamCheck($arrParam, "use"); $arrayTag[$tagId][ztagResult] = $arrayTagId[$strUse][ztagIdValue]; break; default: $errorMessage .= "<br />Undefined function \"{$tagFunction}\""; } ztagError($errorMessage, $arrayTag, $tagId); }
function successfullLogin(&$session) { dbOpen($session); if (empty($session_user) && getLoginCookie($session, $user, $code) && dbCheckUser($session, $user, $code) == '') { $session->trace(TC_Init, 'index.php: Cookie erfolgreich gelesen'); } $rc = dbCheckSession($session); $do_login = false; #$session->dumpVars ("Init"); if ($rc != null) { $session->trace(TC_Init, 'keine Session gefunden: ' . $rc . ' ' . (empty($_POST['login_user']) ? "-" : '>' . $_POST['login_user'])); $do_login = true; } else { $session->trace(TC_Init, 'login_user: '******'login_user')); if (isset($_POST['login_user'])) { $do_login = guiLoginAnswer($session, $rc); } else { $known_user = $session->fSessionUser != null && $session->fSessionUser > 0; $do_login = $session->fPageURL == P_Login || !$known_user; $session->trace(TC_Init, 'known_user: '******'t' : 'f')); } } $session->trace(TC_Init, "session_no: do_login: "******"t" : "f")); if ($do_login) { clearLoginCookie($session); guiLogin($session, $rc); } else { $session->storeSession(); } return !$do_login; }
<?php require_once 'includes/db_Config.php'; $FieldType = explode(',', $strFieldType); // This code needs to be converted to MeekroDB include 'MySQLConnect.php'; dbOpen(); dbInfo(); $Fields = ''; $Values = ''; $intFieldCount = $_SESSION['db_FieldCount']; $field_name = $_SESSION['db_FieldNames']; $field_type = $_SESSION['db_FieldTypes']; for ($i = 0; $i <= $intFieldCount - 1; $i++) { if (!empty($_POST[$field_name[$i]])) { $Insert[$i] = $_POST[$field_name[$i]]; } else { if ($field_type[$i] == 7) { $Insert[$i] = null; } else { $Insert[$i] = ''; } } if (!empty($Insert[$i])) { $Fields .= $field_name[$i] . ","; $Values .= "'" . mysql_escape_string($Insert[$i]) . "',"; } } $Fields = substr($Fields, 0, strlen($Fields) - 1); $Values = substr($Values, 0, strlen($Values) - 1); echo "Fields = " . $Fields . "<br>";