function done() { $this->tpl->add('index', db_fetch_all(' SELECT * FROM ' . db_escape($this->table) . ' WHERE is_closed = 1 ORDER BY date_closed ')); }
function cheatsheets() { $this->tpl->add('cheatsheets', db_fetch_all(' SELECT * FROM cs_cheatsheet WHERE user_id = ' . $this->user->id . ' ')); $this->tpl->view('cheatsheet/list'); }
function my() { if ($this->user->logged_in) { $sql = ' SELECT note.*, user.name as author_name FROM note INNER JOIN user ON user.id = note.user_id WHERE user_id = ' . (int) $this->user->id . ' ORDER BY id DESC LIMIT 20 '; $this->tpl->add('index', db_fetch_all($sql)); } $this->tpl->view('note.index'); }
function kfmSession($key = '') { global $kfm; parent::__construct(); $create = 1; if ($GLOBALS['kfm_do_not_save_session']) { $this->key = 'fake'; $this->vars = array(); return; } if ($key == '' && isset($_COOKIE['kfm_cookie']) && strlen($_COOKIE['kfm_cookie']) == 32) { $key = $_COOKIE['kfm_cookie']; } if ($key != '' && strlen($key) == 32) { $res = db_fetch_row("SELECT id FROM " . KFM_DB_PREFIX . "session WHERE cookie='" . $key . "'"); if (is_array($res) && count($res)) { $create = 0; $this->id = $res['id']; $this->isNew = false; $kfm->db->query("UPDATE " . KFM_DB_PREFIX . "session SET last_accessed='" . date('Y-m-d G:i:s') . "' WHERE id='" . $this->id . "'"); // { clean up expired session data $old_sessions = db_fetch_all("SELECT id FROM " . KFM_DB_PREFIX . "session WHERE last_accessed<'" . date('Y-m-d G:i:s', mktime(0, 0, 0, date('m'), date('d') - 1, date('Y'))) . "'"); if ($old_sessions && count($old_sessions)) { $old_done = 0; foreach ($old_sessions as $r) { if ($old_done++ == 10) { break; } $kfm->db->query('DELETE FROM ' . KFM_DB_PREFIX . 'session_vars WHERE session_id=' . $r['id']); $kfm->db->query('DELETE FROM ' . KFM_DB_PREFIX . 'session WHERE id=' . $r['id']); } } // } } } if ($create) { $kfm->db->query("INSERT INTO " . KFM_DB_PREFIX . "session (last_accessed) VALUES ('" . date('Y-m-d G:i:s') . "')"); $this->id = $kfm->db->lastInsertId(KFM_DB_PREFIX . 'session', 'id'); $key = md5($this->id); $kfm->db->query("UPDATE " . KFM_DB_PREFIX . "session SET cookie='" . $key . "' WHERE id=" . $this->id); $this->isNew = true; $this->setMultiple(array('cwd_id' => 1, 'language' => '', 'user_id' => 1, 'username' => '', 'password' => '', 'loggedin' => 0, 'theme' => false)); } $this->key = $key; $this->vars = array(); setcookie('kfm_cookie', $key, 0, '/'); }
} if (CHECK_ADMIN_PERMISSION) { $result = checkAdminPermisson(); if (!$result) { operation_fail("你没有管理员权限"); } } if (GIANT_LOCK) { giant_lock(); } $__script_start_time = microtime(true); if (CHECK_IMEI) { $ban_imeis = apcfetch("BAN_IMEIS"); if (!$ban_imeis) { $ban_imeis = array(); $data = db_fetch_all("select imei from ban_phone"); foreach ($data as $e) { $imei = $e["imei"]; $ban_imeis[$imei] = 1; } } $_imei = imei(); $_ip = getIp(); if (isset($ban_imeis[$_imei]) || isset($ban_imeis[$_ip])) { operation_fail("hello" . $_imei . language_message("ban_imei")); } } if (FORBID_VIRTUAL_MACHINE) { if (!isset($iamgod) && $_imei == "000000000000000") { operation_fail(language_message("forbid_virtual_machine")); }
<?php require_once 'initialise.php'; require_once 'functions.php'; $uid = $kfm->isAdmin() && isset($_POST['uid']) && is_numeric($_POST['uid']) ? $_POST['uid'] : $kfm->user_id; $mysets = db_fetch_all('SELECT name, value FROM ' . KFM_DB_PREFIX . 'settings WHERE user_id=' . $uid); $ismodal = isset($_REQUEST['ismodal']) ? $_REQUEST['ismodal'] : 0; $my_settings = array(); foreach ($mysets as $myset) { $my_settings[$myset['name']] = $myset['value']; } // Convert array to Hash list($settings, $usersettings) = get_settings($uid); // $settings as database values // Needed to hide usersetting combo in modal view for non admin users when setting is usersetting anyway if ($ismodal) { list($default_db_settings, $default_db_usersettings) = get_settings(1); } //foreach($mysets as &$myset)$myset=$myset['name']; $js = ''; $sprefix = 'kfm_setting_'; // Until now a dummy prefix for settings. Maybe needed for future things. Also in index.php $str = '<div id="settings_container_' . $uid . '" class="settings_container ui-widget ui-widget-content"><table class="settings_table"> <tbody>'; $user_is_administrator = $kfm->isAdmin($uid); foreach ($kfm->sdef as $sname => $sdef) { $is_usersetting = in_array($sname, $usersettings); if (!$kfm->isAdmin() && !$is_usersetting) { continue; } // Do not process settings the user has no rights to
<?php require_once 'initialise.php'; require_once 'functions.php'; if ($kfm->user_status != 1) { die('error("No authorization aquired")'); } if (!(isset($_POST['username']) && isset($_POST['password']))) { die('$.prompt("error with new user request");'); } $res = db_fetch_all('SELECT id FROM ' . KFM_DB_PREFIX . 'users WHERE username="******"'); if (count($res)) { die('$.prompt("Name already exists.");'); } $kfm->db->query('INSERT INTO ' . KFM_DB_PREFIX . 'users (username, password,status) VALUES ("' . $_POST['username'] . '", "' . sha1($_POST['password']) . '", 2)'); if (PEAR::isError($kfmdb)) { die('$.prompt("error with database interactions");'); } $uhtml = user_row($kfm->db->lastInsertId(), $_POST['username'], 2); $uhtml = preg_replace('/\\n/', '', $uhtml); $uhtml = str_replace("'", "\\'", $uhtml); echo '$("#kfm_admin_users_table tbody").append(\'' . $uhtml . '\');'; ?> message('user created');
function db_field_data($table) { static $meta = array(); if (!isset($meta[$table])) { $fields = db_fetch_all("SHOW COLUMNS FROM {$table}"); $result = array(); foreach ($fields as $fld) { $row = array(); $row['type'] = preg_replace('/(\\(.*\\))/', '', $fld['Type']); $row['name'] = $fld['Field']; $row['primary'] = $fld['Key'] == 'PRI'; $result[] = $row; } $meta[$table] = $result; } return $meta[$table]; }
function deleteThumbs() { $rs = db_fetch_all("SELECT id FROM " . KFM_DB_PREFIX . "files_images_thumbs WHERE image_id=" . $this->id); foreach ($rs as $r) { $icons = glob(WORKPATH . 'thumbs/' . $r['id'] . '*'); foreach ($icons as $f) { unlink($f); } } $GLOBALS['kfm']->db->exec("DELETE FROM " . KFM_DB_PREFIX . "files_images_thumbs WHERE image_id=" . $this->id); }
/** * Get the tags of the file * @return Array */ function getTags() { $arr = array(); $tags = db_fetch_all("select tag_id from " . KFM_DB_PREFIX . "tagged_files where file_id=" . $this->id); foreach ($tags as $r) { $arr[] = $r['tag_id']; } return $arr; }
function _search($keywords, $tags) { global $kfmdb; $files = array(); $valid_files = array(); if ($tags) { $arr = explode(',', $tags); foreach ($arr as $tag) { $tag = ltrim(rtrim($tag)); if ($tag) { $r = db_fetch_row("select id from " . KFM_DB_PREFIX . "tags where name='" . sql_escape($tag) . "'"); if (count($r)) { $constraints = ''; if (count($valid_files)) { $constraints = ' and (file_id=' . join(' or file_id=', $valid_files) . ')'; } $rs2 = db_fetch_all("select file_id from " . KFM_DB_PREFIX . "tagged_files where tag_id=" . $r['id'] . $constraints); if (count($rs2)) { $valid_files = array(); foreach ($rs2 as $r2) { $valid_files[] = $r2['file_id']; } } else { $valid_files = array(0); } } } } } if ($tags && count($valid_files) || $keywords) { # keywords $constraints = ''; if (count($valid_files)) { $constraints = ' and (id=' . join(' or id=', $valid_files) . ')'; } $fs = db_fetch_all("select id from " . KFM_DB_PREFIX . "files where name like '%" . sql_escape($keywords) . "%'" . $constraints . " order by name"); foreach ($fs as $f) { $file = kfmFile::getInstance($f['id']); if (!$file->checkName()) { continue; } unset($file->db); $files[] = _getFileDetails($f['id']); } } return array('reqdir' => kfm_lang('searchResults'), 'files' => $files, 'uploads_allowed' => 0); }
function irc_search($search, $num_rows) { $sql = "SELECT * FROM " . CHAT_TABLE . " WHERE MATCH(utterance) AGAINST (?) ORDER BY stamp DESC LIMIT {$num_rows}"; return db_fetch_all($sql, array($search)); }
<?php require_once 'initialise.php'; if (isset($_POST['uid'])) { if ($kfm->user_status == 1) { $uid = $_POST['uid']; } else { die('error("Unauthorized attempt to change a users password");'); } } else { $uid = $kfm->user_id; } if (!isset($_POST['npw']) || !isset($_POST['npw2'])) { die('error("Error: no new passwords given.");'); } $sql = 'SELECT id FROM ' . KFM_DB_PREFIX . 'users WHERE id="' . $uid . '" AND password="******"'; if (!count(db_fetch_all($sql))) { die('error("Old password is not correct");'); } if ($_POST['npw'] != $_POST['npw2']) { die('error("The passwords are not equal");'); } $kfmdb->query('UPDATE ' . KFM_DB_PREFIX . 'users SET password="******" WHERE id=' . $uid); if ($uid == $kfm->user_id) { $kfm_session->set('password', $_POST['npw']); } ?> message('Password changed');
function get_all_items_category($category) { return db_fetch_all("SELECT i.* FROM Item AS i INNER JOIN Item_category AS b ON i.id = b.item_id AND b.category_id='{$category}'"); }
<?php require_once 'initialise.php'; require_once 'functions.php'; if (!($kfm->isAdmin() || $kfm->setting('allow_user_file_associations'))) { die('Users are not allowed to create their own file associations'); } //$kfm->requireAdmin(); //if($kfm->user_status!=1)die ('No authorization to view this page'); $uid = $kfm->user_id; $extensions = db_fetch_all('SELECT * FROM ' . KFM_DB_PREFIX . 'plugin_extensions WHERE user_id=' . $uid); ?> <script type="text/javascript"> $(function(){ $('#new_association_blueprint').dialog({ modal: true, autoOpen: false, width: 500, buttons:{ 'Add extension': function(){ var ext = $('#new_association_extension'); var plugin = $('#plugin_selector_0222'); $.post('association_new.php',{extension:ext.val(),plugin:plugin.val()},function(res){eval(res);}); $(this).dialog('close'); } } }); }); function new_association(){ $('#new_association_blueprint').dialog('open'); } function change_association_plugin(id){
$sql = db_fetch_all("SELECT category, name FROM products"); foreach ($sql as $row) { $sel = get_param('name') == $row['name'] ? 'selected' : ''; echo "<option value='" . $row['name'] . "' data-category='" . $row['category'] . "' {$sel}>" . $row['name'] . "</option>"; } ?> </select> </div> </div> <div class="form-group"> <div class="col-sm-12"> <label class="control-label">Slug</label> <select name="slug" id="slug" class="form-control"> <option value="">--Pilih Slug--</option> <?php $sql = db_fetch_all("SELECT category, slug FROM products"); foreach ($sql as $row) { $sel = get_param('slug') == $row['slug'] ? 'selected' : ''; echo "<option value='" . $row['slug'] . "' data-category='" . $row['category'] . "' {$sel}>" . $row['slug'] . "</option>"; } ?> </select> </div> </div> <div class="text-right"> <button type="submit" name="submit" class="btn btn-info" id="cari">Cari Data</button> <a href="<?php echo site_url('search-pag'); ?> " data-push="1" class="btn btn-default">Reset</a> </div>
function checkpid($pid) { $imei = imei(); $pid_e = sqlstr($pid); $login_key = "LOGIN-{$pid}"; $login_imeis = apcfetch($login_key); if ($login_imeis === FALSE) { $login_imeis = array(); $data = db_fetch_all("SELECT imei FROM login WHERE pid={$pid_e}"); foreach ($data as $e) { $imei = $e["imei"]; $login_imeis[$imei] = 1; } apcstore($login_key, $login_imeis); $login_imeis = apcfetch($login_key); //operation_fail($login_imeis); on_apc_miss(); } else { on_apc_hit(); } if (!isset($login_imeis[$imei])) { operation_fail("你的登陆信息已失效,为了保护账号,请退出重新登陆"); } }
} else { if (getModuleConfig('arrival', 'searchAll') || $scope == 'all') { $usersQ = sprintf("SELECT nick, firstName, lastName, ID FROM %s WHERE ID > 1 AND \n\t\t\t\t(nick LIKE '%%%s%%' OR\n\t\t\t\tfirstName LIKE '%%%s%%' OR\n\t\t\t\tlastName LIKE '%%%s%%' OR\n\t\t\t\tCONCAT(firstName, ' ', lastName) LIKE '%%%s%%' OR\n\t\t\t\tEMail LIKE '%%%s%%') ORDER BY ID\n\t\t\t\t", $usertable, $str, $str, $str, $str, $str); $usersR = db_query($usersQ); $usersC = db_num($usersR); } else { $usersQ = sprintf("SELECT DISTINCT u.nick as nick, u.firstName as firstName, u.lastName as lastName, u.ID as ID FROM %s as u, %s as t WHERE t.eventID=%s AND t.user=u.ID AND \n\t\t\t(u.nick LIKE '%%%s%%' OR\n\t\t\tu.firstName LIKE '%%%s%%' OR\n\t\t\tu.lastName LIKE '%%%s%%' OR\n\t\t\tCONCAT(u.firstName, ' ', u.lastName) LIKE '%%%s%%' OR\n\t\t\tEMail LIKE '%%%s%%'\n\t\t\t) ORDER BY u.ID\n\t\t\t", $usertable, $ticketstable, $sessioninfo->eventID, $str, $str, $str, $str, $str); $usersR = db_query($usersQ); $usersC = db_num($usersR); } } // Handle if used query or function if (is_numeric($usersR) && $usersR < 0) { $usersC = count($userResult); } else { $userResult = db_fetch_all($usersR); } if ($usersC) { $content .= "<table style='border: solid 1px black; border-collapse: collapse;'>\n"; $content .= sprintf("<tr><th>%s</th><th>%s</th><th></th></tr>\n", _('Nick'), _('Name')); } foreach ($userResult as $user) { $ticketactions = "<table>\n"; $ticketactions .= sprintf("<tr><td><a href='?module=arrival&action=addTicket&user=%s'>%s</a></td></tr>\n", $user->ID, _('Add new ticket')); $ticketsQ = sprintf("SELECT type.name AS name, tickets.ticketID as ticketID, tickets.paid AS paid, tickets.status AS status FROM %s AS tickets, %s AS type WHERE tickets.user=%s AND tickets.eventID=%s AND tickets.ticketType=type.ticketTypeID", $ticketstable, $tickettypestable, $user->ID, $sessioninfo->eventID); $ticketsR = db_query($ticketsQ); # $ticketsC = db_num ($ticketsQ); while ($ticket = db_fetch($ticketsR)) { $ticketCssClass = ""; if ($ticket->status == 'deleted') { $ticketCssClass = 'ticket-error';
/** * @accept POST * @path /ctl/P00000N/history */ function problem_history() { /* {{{ */ $r = db_fetch_all(' SELECT ' . $problem_rows . ' FROM problem p left join solution s on s.problem_id = p.id left join problem_category c on p.category_id = c.id WHERE owner_id = ' . (int) $_SESSION['user']['id'] . ' AND state_id IN (4, 7) ORDER BY p.priority ASC, s.date ASC '); echo php2js($r); /* }}} */ }
<?php require_once 'initialise.php'; require_once 'functions.php'; if ($kfm->user_status != 1) { die('error("No authorization aquired")'); } if (!(isset($_POST['username']) && isset($_POST['password']))) { die('error("error with new user request");'); } $res = db_fetch_all('SELECT id FROM ' . KFM_DB_PREFIX . 'users WHERE username="******"'); if ($res && count($res)) { die('error("Name already exists.");'); } $kfm->db->query('INSERT INTO ' . KFM_DB_PREFIX . 'users (username, password,status) VALUES ("' . sql_escape($_POST['username']) . '", "' . sha1($_POST['password']) . '", 2)'); if (PEAR::isError($kfmdb)) { die('error("error with database interactions");'); } $uhtml = user_row($kfm->db->lastInsertId(), $_POST['username'], 2); $uhtml = preg_replace('/\\n/', '', $uhtml); $uhtml = str_replace("'", "\\'", $uhtml); echo '$("#kfm_admin_users_table tbody").append(\'' . $uhtml . '\');'; ?> message('user created');
<?php require_once 'initialise.php'; $kfm->requireAdmin(true); //if($kfm->user_status!=1)die ('error("No authorization aquired")'); require_once 'functions.php'; $users = db_fetch_all('SELECT * FROM ' . KFM_DB_PREFIX . 'users WHERE id>1'); if (!is_array($users)) { die('error retrieving user list'); } $lhtml = '<table id="kfm_admin_users_table"> <thead> <tr> <th>Name</th> <th></th> <th>Status</th> </tr> </thead> <tbody> '; foreach ($users as $user) { $lhtml .= user_row($user['id'], $user['username'], $user['status']); } $lhtml .= "</tbody>\n</table>\n"; if (count($users) == 0) { $lhtml = '<span class="message">No users found</span>'; } ?> <script type="text/javascript"> /* User functions */ function new_user(){
$kfm->defaultSetting('user_name', $kfm->username); $kfm->session =& $kfm_session; // } // { Read settings $settings = array(); $admin_settings = db_fetch_all('SELECT name, value, usersetting FROM ' . KFM_DB_PREFIX . 'settings WHERE user_id=1'); if (is_array($admin_settings)) { foreach ($admin_settings as $setting) { $settings[$setting['name']] = $setting['value']; if ($setting['usersetting']) { $kfm->addUserSetting($setting['name']); } } } if ($uid != 1) { $user_settings = db_fetch_all('SELECT name, value FROM ' . KFM_DB_PREFIX . 'settings WHERE user_id=' . $uid . ' AND usersetting=1'); if (is_array($user_settings)) { foreach ($user_settings as $setting) { $settings[$setting['name']] = $setting['value']; } } } if (isset($settings['disabled_plugins'])) { $kfm->defaultSetting('disabled_plugins', setting_array($settings['disabled_plugins'])); unset($settings['disabled_plugins']); // it does not have to be set again } // } // { Setting plugins $h = opendir(KFM_BASE_PATH . 'plugins'); while (false !== ($file = readdir($h))) {
function getSubdirs() { global $kfm; $dir_iterator = new DirectoryIterator($this->path()); $dirsdb = db_fetch_all("select id,name from " . KFM_DB_PREFIX . "directories where parent=" . $this->id); $dirshash = array(); if (is_array($dirsdb)) { foreach ($dirsdb as $r) { $dirshash[$r['name']] = $r['id']; } } $directories = array(); foreach ($dir_iterator as $file) { if ($file->isDot()) { continue; } if (!$file->isDir()) { continue; } $filename = $file->getFilename(); if (is_dir($this->path() . $filename) && $this->checkName($filename)) { if (!array_key_exists($filename, $dirshash)) { $this->addSubdirToDb($filename); $dirshash[$filename] = $kfm->db->lastInsertId(KFM_DB_PREFIX . 'directories', 'id'); } $directories[] = kfmDirectory::getInstance($dirshash[$filename]); unset($dirshash[$filename]); } } return $directories; }
function get_all_categories() { return db_fetch_all("SELECT * FROM Category"); }
/** * Get the tags of the file * @return Array */ function getTags() { global $kfm; $arr = array(); if (!$kfm->isPlugin('tags')) { return $arr; } $tags = db_fetch_all("select tag_id from " . KFM_DB_PREFIX . "tagged_files where file_id=" . $this->id); foreach ($tags as $r) { $arr[] = $r['tag_id']; } return $arr; }
$uid = $_POST['uid']; } else { die('error("Unauthorized attempt to change a users password");'); } } else { $uid = $kfm->user_id; } if (!isset($_POST['npw']) || !isset($_POST['npw2'])) { die('error("Error: no new passwords given.");'); } if (isset($_POST['reset']) && $_POST['reset'] && $kfm->user_status == 1) { // No check required. For admin users only } else { // Check if old password is correct $sql = 'SELECT id FROM ' . KFM_DB_PREFIX . 'users WHERE id="' . $uid . '" AND password="******"'; $r = db_fetch_all($sql); if (!$r || !count($r)) { die('$(\'.npw_field\').removeClass("ui-state-error");$(\'#password_old\').addClass("ui-state-error");error("Old password is not correct");'); } } if ($_POST['npw'] != $_POST['npw2']) { die('$(\'.npw_field\').removeClass("ui-state-error");$(\'#password_new2\').addClass("ui-state-error");error("The passwords are not equal");'); } $kfmdb->query('UPDATE ' . KFM_DB_PREFIX . 'users SET password="******" WHERE id=' . $uid); if ($uid == $kfm->user_id) { $kfm_session->set('password', $_POST['npw']); } ?> $('.npw_field').val('').removeClass('ui-state-error'); message('Password changed');
} $startup_sequence_array[] = $subdir->id; $kfm_startupfolder_id = $subdir->id; } $kfm_session->set('cwd_id', $kfm_startupfolder_id); $startup_sequence = '[' . implode(',', $startup_sequence_array) . ']'; } $kfm->setting('startupfolder_id', $kfm_startupfolder_id); // } // First the user defined file associations if ($kfm->user_id != 1 || $kfm->isAdmin() || !$kfm->setting('allow_user_file_associations')) { $associations = db_fetch_all('SELECT extension, plugin FROM ' . KFM_DB_PREFIX . 'plugin_extensions WHERE user_id=' . $kfm->user_id); $kfm->addAssociations($associations); } // Now overwrite users file associations with the default file associations $associations = db_fetch_all('SELECT extension, plugin FROM ' . KFM_DB_PREFIX . 'plugin_extensions WHERE user_id=1'); $kfm->addAssociations($associations); // To javascript object $ass_str = '{'; if (!isset($kfm->associations['all']) && isset($kfm_default_file_selection_handler)) { $kfm->associations['all'] = $kfm_default_file_selection_handler; } foreach ($kfm->associations as $ext => $plugin) { $ass_str .= '"' . $ext . '":"' . $plugin . '",'; } $ass_str = rtrim($ass_str, ', ') . '}'; // } // { startup selected files if (isset($_GET['fid']) && $_GET['fid']) { /*{*/ $f = kfmFile::getInstance($_GET['fid']);
function get_expired_auctions() { return db_fetch_all("SELECT * FROM Auction WHERE end_date > DATE_SUB(now(), INTERVAL 30 MINUTE) end_date < now()"); }
function get_settings($uid) { $settings = array(); $usersettings = array(); $admin_settings = db_fetch_all('SELECT name, value, usersetting FROM ' . KFM_DB_PREFIX . 'settings WHERE user_id=1'); if (is_array($admin_settings)) { foreach ($admin_settings as $setting) { $settings[$setting['name']] = $setting['value']; if ($setting['usersetting']) { $usersettings[] = $setting['name']; } } } if ($uid != 1) { $user_settings = db_fetch_all('SELECT name, value, usersetting FROM ' . KFM_DB_PREFIX . 'settings WHERE user_id=' . $uid); if (is_array($user_settings)) { foreach ($user_settings as $setting) { $settings[$setting['name']] = $setting['value']; if ($setting['usersetting']) { $usersettings[] = $setting['name']; } } } } return array($settings, array_unique($usersettings)); }
public static function getMyPublishTask($openid, $pageIndex = 1) { $pageSize = PAGE_TABLE_SIZE; $offset = ($pageIndex - 1) * $pageSize; $openid_e = sqlstr($openid); $sql = "SELECT * FROM Task WHERE publisher_openid={$openid_e}\n\t\t\t\torder by create_time DESC limit {$pageSize} \n\t\t\t\toffset {$offset}"; $r = db_fetch_all($sql); return $r; }