function getTeacherNames($mysqli) { $teacherNames = array(); $sql = "SELECT teacherName FROM `teachers` WHERE enable = 1"; if ($result = $mysqli->query($sql)) { if (mysqli_num_rows($result) > 0) { while ($sor = $result->fetch_assoc()) { array_push($teacherNames, $sor["teacherName"]); } } else { dblog($mysqli, "Lekérési hiba! Nincs tanár felvéve!"); } $result->free(); } else { echo "Lekérés hiba"; } return $teacherNames; }
function isEmail($login) { if (empty($login)) { $GLOBALS["error_detected"] = _T("empty login"); } else { $req = "SELECT email_adh\n\t\t\t\tFROM " . PREFIX_DB . "adherents\n\t\t\t\tWHERE login_adh=" . txt_sqls($login); $result =& $GLOBALS["DB"]->Execute($req); if ($result->EOF) { $GLOBALS["error_detected"] = _T("this login doesn't exist"); dblog("Nonexistent login sent via the lost password form. Login:"******" \"" . $login . "\""); } else { $email = $result->fields[0]; if (empty($email)) { $GLOBALS["error_detected"] = _T("This account doesn't have a valid email address. Please contact an administrator."); dblog("Someone asked to recover his password but had no email. Login:"******" \"" . $login . "\""); } else { return $email; } } } }
if ($contribution["id_cotis"] == "") { $requete = "INSERT INTO " . PREFIX_DB . "cotisations\n\t\t\t\t(" . substr($insert_string_fields, 1) . ")\n\t\t\t\tVALUES (" . substr($insert_string_values, 1) . ")"; if (db_execute($DB, $requete, $error_detected)) { $contribution['id_cotis'] = get_last_auto_increment($DB, PREFIX_DB . "cotisations", "id_cotis"); // to allow the string to be extracted for translation $foo = _T("Contribution added"); // logging dblog('Contribution added', strtoupper($login), $requete); } } else { $requete = "UPDATE " . PREFIX_DB . "cotisations\n SET " . substr($update_string, 1) . "\n WHERE id_cotis=" . $contribution['id_cotis']; if (db_execute($DB, $requete, $error_detected)) { // to allow the string to be extracted for translation $foo = _T("Contribution updated"); // logging dblog('Contribution updated', strtoupper($login), $requete); } } // dynamic fields set_all_dynamic_fields($DB, 'contrib', $contribution['id_cotis'], $contribution['dyn']); // update deadline if ($cotis_extension) { $date_fin = get_echeance($DB, $contribution['id_adh']); if ($date_fin != "") { $date_fin_update = date_text2db($DB, implode("/", $date_fin)); } else { $date_fin_update = "NULL"; } $requete = "UPDATE " . PREFIX_DB . "adherents\n\t\t\t\t\t\tSET date_echeance=" . $date_fin_update . "\n\t\t\t\t\t\tWHERE id_adh=" . $contribution['id_adh']; $DB->Execute($requete); }
setcookie('token', $token, time() + 2592000, null, null, false, true); // Update the token in SQL $sql = "UPDATE users SET token = :token WHERE userid = :userid"; $req = $pdo->prepare($sql); $req->execute(array('token' => $token, 'userid' => $data['userid'])); if (isset($_COOKIE['redirect'])) { $location = $_COOKIE['redirect']; } else { $location = '../experiments.php'; } header("Location: " . $location); exit; } else { // login failed // log the attempt dblog('Warning', $_SERVER['REMOTE_ADDR'], 'Failed login attempt'); // inform the user $msg_arr = array(); $msg_arr[] = _("Login failed. Either you mistyped your password or your account isn't activated yet."); if (!isset($_SESSION['failed_attempt'])) { $_SESSION['failed_attempt'] = 1; } else { $_SESSION['failed_attempt'] += 1; } $_SESSION['errors'] = $msg_arr; header("location: ../login.php"); exit; } } else { die(sprintf(_("There was an unexpected problem! Please %sopen an issue on GitHub%s if you think this is a bug."), "<a href='https://github.com/elabftw/elabftw/issues/'>", "</a>")); }
// don't send an email if we are commenting on our own XP if ($users['userid'] === $_SESSION['userid']) { exit; } // Create the message $url = 'https://' . $_SERVER['SERVER_NAME'] . ':' . $_SERVER['SERVER_PORT'] . $_SERVER['PHP_SELF']; $url = str_replace('app/editinplace.php', 'experiments.php', $url); $full_url = $url . "?mode=view&id=" . $id; $footer = "\n\n~~~\nSent from eLabFTW http://www.elabftw.net\n"; $message = Swift_Message::newInstance()->setSubject(_('[eLabFTW] New comment posted'))->setFrom(array(get_config('mail_from') => 'eLabFTW'))->setTo(array($users['email'] => 'Admin eLabFTW'))->setBody(sprintf(_('Hi. %s %s left a comment on your experiment. Have a look: %s'), $commenter['firstname'], $commenter['lastname'], $full_url) . $footer); $mailer = getMailer(); // SEND EMAIL try { $mailer->send($message); } catch (Exception $e) { dblog('Error', 'smtp', $e->getMessage()); exit; } } } else { // UPDATE OF EXISTING COMMENT if ($id_arr[0] === 'expcomment' && is_pos_int($id_arr[1])) { $id = $id_arr[1]; // Update comment if ($_POST['expcomment'] != '' && $_POST['expcomment'] != ' ') { // we must first check $expcomment = filter_var($_POST['expcomment'], FILTER_SANITIZE_STRING); // SQL to update single exp comment $sql = "UPDATE experiments_comments SET\n comment = :new_comment,\n datetime = :now\n WHERE id = :id"; $req = $pdo->prepare($sql); $req->execute(array('new_comment' => $expcomment, 'now' => date("Y-m-d H:i:s"), 'id' => $id));
/** * Make a simple query * * @param string $sql The SQL query * @return boolean|string the return value of execute */ function q($sql) { global $pdo; try { $req = $pdo->prepare($sql); $req->execute(); return true; } catch (PDOException $e) { dblog('Error', 'mysql', $e->getMessage()); return $e->getMessage(); } }
$user = $req_email->fetch(); // now let's get the URL so we can have a nice link in the email $url = 'https://' . $_SERVER['SERVER_NAME'] . ':' . $_SERVER['SERVER_PORT'] . $_SERVER['PHP_SELF']; $url = str_replace('app/admin-exec.php', 'login.php', $url); // we send an email to each validated new user $footer = "\n\n~~~\nSent from eLabFTW http://www.elabftw.net\n"; // Create the message $message = Swift_Message::newInstance()->setSubject('[eLabFTW] Account validated')->setFrom(array(get_config('mail_from') => 'eLabFTW'))->setTo(array($user['email'] => 'eLabFTW'))->setBody('Hello. Your account on eLabFTW was validated by an admin. Follow this link to login : '******'Error', $_SESSION['userid'], $e->getMessage()); $errflag = true; } if ($errflag) { $msg_arr[] = _('There was a problem sending the email! Error was logged.'); $_SESSION['errors'] = $msg_arr; header('location: ../admin.php'); exit; } } $_SESSION['infos'] = $msg_arr; header('Location: ../admin.php'); exit; } // END VALIDATE USERS // TAB 1 : TEAM CONFIG
} else { $_SESSION["sort_by"] = $_GET["tri"]; $_SESSION["sort_direction"] = 0; } } if ($_SESSION["admin_status"] == 1) { $trans_id = get_numeric_form_value('sup', ''); if ($trans_id != '') { $DB->StartTrans(); $query = "DELETE FROM " . PREFIX_DB . "cotisations\n\t\t\t\t WHERE trans_id=" . $trans_id; if (db_execute($DB, $query, $error_detected)) { dblog("Transactions deleted", "", $query); } $query = "DELETE FROM " . PREFIX_DB . "transactions\n\t\t\t\t WHERE trans_id=" . $trans_id; if (db_execute($DB, $query, $error_detected)) { dblog("Transaction deleted", "", $query); } $DB->CompleteTrans(); } } $trans_date_format = $DB->SQLDate('d/m/Y', PREFIX_DB . 'transactions.trans_date'); $trans_table = PREFIX_DB . "transactions"; $member_table = PREFIX_DB . "adherents"; $query = "SELECT {$trans_date_format} AS trans_date,\n\t\t\t {$trans_table}.trans_id,\n\t\t\t {$trans_table}.trans_desc,\n\t\t\t {$trans_table}.id_adh,\n\t\t\t {$trans_table}.trans_amount,\n\t\t\t {$member_table}.nom_adh,\n\t\t\t {$member_table}.prenom_adh\n\t\t\t FROM {$trans_table},{$member_table}\n\t\t\t WHERE {$trans_table}.id_adh={$member_table}.id_adh"; $nquery = "SELECT COUNT(trans_id) FROM {$trans_table}"; // Filter if (is_numeric($id_adh)) { $query .= " AND {$trans_table}.id_adh={$id_adh}"; $nquery .= " WHERE id_adh={$id_adh}"; } // phase de tri
// on se contente d'escaper le html et les caracteres speciaux $value = $DB->qstr($post_value, ENT_QUOTES); } // mise à jour des chaines d'insertion/update $update_string .= "," . $fieldname . "=" . $value; $insert_string_fields .= "," . $fieldname; $insert_string_values .= "," . $value; } } } reset($fields); // modif ou ajout if ($error_detected == "") { // ajout $requete = "INSERT INTO " . PREFIX_DB . "cotisations (" . substr($insert_string_fields, 1) . ") VALUES (" . substr($insert_string_values, 1) . ")"; dblog("Add a self-contribution:" . " " . strtoupper($nom_adh) . " " . $prenom_adh, $requete); $DB->Execute($requete); // mise a jour de l'échéance $date_fin = get_echeance($DB, $id_adh); if ($date_fin != "") { $date_fin_update = $DB->DBDate($date_fin[2] . '-' . $date_fin[1] . '-' . $date_fin[0]); } else { $date_fin_update = "'NULL'"; } $requete = "UPDATE " . PREFIX_DB . "adherents SET date_echeance=" . $date_fin_update . " WHERE id_adh='" . $id_adh . "'"; $DB->Execute($requete); // retour à la liste header("location: voir_adherent.php?id_adh=" . $id_adh); } } //
* * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. * */ @ini_set('session.use_trans_sid', '0'); session_start(); if (!isset($_SESSION["logged_status"]) || isset($_POST["logout"]) || isset($_GET["logout"])) { if (isset($_POST["logout"]) || isset($_GET["logout"])) { dblog(_("Log off")); } $_SESSION["admin_status"] = 0; $_SESSION["logged_status"] = 0; $_SESSION["logged_id_adh"] = 0; $_SESSION["logged_nom_adh"] = ""; $_SESSION["filtre_adh_nom"] = ""; $_SESSION["filtre_adh"] = 0; $_SESSION["filtre_adh_2"] = 1; $_SESSION["filtre_date_cotis_1"] = ""; $_SESSION["filtre_date_cotis_2"] = ""; $_SESSION["tri_adh"] = 0; $_SESSION["tri_adh_sens"] = 0; $_SESSION["tri_log"] = 0; $_SESSION["tri_log_sens"] = 0; $_SESSION["filtre_cotis"] = 0;
* SECOND PART * * Update the passwords. */ if (isset($_POST['password']) && isset($_POST['cpassword']) && isset($_POST['key']) && isset($_POST['userid']) && $_POST['password'] === $_POST['cpassword']) { // get email of user $sql = "SELECT email FROM users WHERE userid = :userid"; $req = $pdo->prepare($sql); $req->bindParam(':userid', $_POST['userid'], PDO::PARAM_INT); $req->execute(); // Validate key if ($req->fetchColumn() != $crypto->decrypt($_POST['key'])) { die('Bad key.'); } // Get userid if (filter_var($_POST['userid'], FILTER_VALIDATE_INT)) { $userid = $_POST['userid']; } else { die(_("Userid is not valid.")); } // Replace new password in database if ($user->updatePassword($_POST['password'], $userid)) { dblog('Info', $userid, 'Password was changed for this user.'); $msg_arr[] = _('New password updated. You can now login.'); $_SESSION['infos'] = $msg_arr; } else { $msg_arr[] = sprintf(_("There was an unexpected problem! Please %sopen an issue on GitHub%s if you think this is a bug.") . "<br>E#452A" . $error, "<a href='https://github.com/elabftw/elabftw/issues/'>", "</a>"); $_SESSION['errors'] = $msg_arr; } header("location: ../login.php"); }
//warn user if not switch ($mail_result) { case 2: dblog("Self subscribe - Email sent is disabled in the preferences. Ask galette admin."); $warning_detected[] = _T("Email sent is disabled in the preferences. Ask galette admin."); break; case 3: dblog("Self subscribe - A problem happened while sending password for account:" . " \"" . $adherent["email_adh"] . "\""); $warning_detected[] = _T("A problem happened while sending password for account:" . " \"" . $adherent["email_adh"] . "\"."); break; case 4: dblog("Self subscribe - The mail server filled in the preferences cannot be reached. Ask Galette admin"); $warning_detected[] = _T("The mail server filled in the preferences cannot be reached. Ask Galette admin."); break; default: dblog("A problem happened while sending password for account:" . " \"" . $adherent["email_adh"] . "\""); $warning_detected[] = _T("A problem happened while sending password for account:" . " \"" . $adherent["email_adh"] . "\""); break; } } } $head_redirect = "<meta http-equiv=\"refresh\" content=\"10;url=index.php\" />"; // dynamic fields /*set_all_dynamic_fields($DB, 'adh', $adherent['id_adh'], $adherent['dyn']); // deadline $date_fin = get_echeance($DB, $adherent['id_adh']); if ($date_fin!="") $date_fin_update = $DB->DBDate($date_fin[2].'-'.$date_fin[1].'-'.$date_fin[0]); else $date_fin_update = "NULL";
dblog("Login"); } else { $requete = "SELECT id_adh, bool_admin_adh, nom_adh, prenom_adh, mdp_adh, pref_lang\n\t\t\t\t\tFROM " . PREFIX_DB . "adherents\n\t\t\t\t\tWHERE login_adh=" . txt_sqls($_POST["login"]) . "\n\t\t\t\t\tAND activite_adh='1'"; $resultat =& $DB->Execute($requete); if (!$resultat->EOF && ($resultat->fields[4] == $_POST["password"] || $resultat->fields[4] == md5($_POST["password"]))) { if ($resultat->fields[1] == "1") { $_SESSION["admin_status"] = 1; } $_SESSION["logged_id_adh"] = $resultat->fields[0]; $_SESSION["logged_status"] = 1; $_SESSION["logged_nom_adh"] = strtoupper($resultat->fields[2]) . " " . strtolower($resultat->fields[3]); $pref_lang = $resultat->fields[5]; setcookie("pref_lang", $pref_lang); dblog("Login"); } else { dblog("Authentication failed", $_POST["login"]); } } } if ($_SESSION["logged_status"] != 0) { header("location: gestion_adherents.php"); } else { //check if there's a custom logo $customLogo =& new picture(0); if ($customLogo->HAS_PICTURE) { $_SESSION["customLogo"] = true; $_SESSION["customLogoFormat"] = $customLogo->FORMAT; $_SESSION["customLogoHeight"] = $customLogo->OPTIMAL_HEIGHT; $_SESSION["customLogoWidth"] = $customLogo->OPTIMAL_WIDTH; } else { $_SESSION["customLogo"] = false;
if (strlen($passwd) < 4) { $error_detected[] = _T("- The password must be of at least 4 characters!"); } else { $passwd = md5($passwd); $query = "UPDATE " . PREFIX_DB . "adherents"; $query .= " SET mdp_adh = '{$passwd}'"; $query .= " WHERE id_adh = '{$id_adh}'"; if (!$DB->Execute($query)) { $warning_detected = _T("There was a database error"); } else { //delete temporary password from table $query = "DELETE from " . PREFIX_DB . "tmppasswds where tmp_passwd=" . txt_sqls($hash); if (!$DB->Execute($query)) { $warning_detected = _T("There was a database error"); } else { dblog("**Password changed**. id:" . " \"" . $id_adh . "\""); $warning_detected = _T("Password changed, you will be redirected to login page"); $head_redirect = "<meta http-equiv=\"refresh\" content=\"10;url=index.php\" />"; } } } } } } } else { header('location: index.php'); die; } $tpl->assign("error_detected", $error_detected); $tpl->assign("warning_detected", $warning_detected); $tpl->assign("head_redirect", $head_redirect);
$error_detected[] = _T("Email sent is disabled in the preferences. Ask galette admin"); break; case 3: dblog("A problem happened while sending mail to :" . " \"" . $email_adh . "\""); $error_detected[] = _T("A problem happened while sending mail to :") . " \"" . $email_adh . "\""; break; case 4: dblog("The mail server filled in the preferences cannot be reached. Ask Galette admin"); $error_detected[] = _T("The mail server filled in the preferences cannot be reached. Ask Galette admin"); break; case 5: dblog("**IMPORTANT** There was a probably breaking attempt when sending mail to :" . " \"" . $email_adh . "\""); $error_detected[] = _T("**IMPORTANT** There was a probably breaking attempt when sending mail to :") . " \"" . $email_adh . "\""; break; default: dblog("A problem happened while sending mail to :" . " \"" . $email_adh . "\""); $error_detected[] = _T("A problem happened while sending mail to :") . " \"" . $email_adh . "\""; break; } } $result_members->MoveNext(); } } $_SESSION['galette']['labels'] = $unreachable_members; $nb_reachable_members = count($reachable_members); $nb_unreachable_members = count($unreachable_members); $tpl->assign("warning_detected", $warning_detected); $tpl->assign("error_detected", $error_detected); $tpl->assign("nb_reachable_members", $nb_reachable_members); $tpl->assign("nb_unreachable_members", $nb_unreachable_members); $tpl->assign("data", $data);
if (isset($_POST["member_sel"])) { foreach ($_POST["member_sel"] as $supval) { if (is_numeric($supval)) { $array_sup[] = $supval; } } } } foreach ($array_sup as $supval) { $requetesup = "SELECT nom_adh, prenom_adh FROM " . PREFIX_DB . "adherents WHERE id_adh=" . $DB->qstr($supval, get_magic_quotes_gpc()); $resultat = $DB->Execute($requetesup); if (!$resultat->EOF) { // supression record adhérent $requetesup = "DELETE FROM " . PREFIX_DB . "adherents \n\t\t\t\t\t\tWHERE id_adh=" . $DB->qstr($supval, get_magic_quotes_gpc()); $DB->Execute($requetesup); dblog("Delete the member card (and dues)", strtoupper($resultat->fields[0]) . " " . $resultat->fields[1], $requetesup); // suppression records cotisations $requetesup = "DELETE FROM " . PREFIX_DB . "cotisations \n\t\t\t\t\t\tWHERE id_adh=" . $DB->qstr($supval, get_magic_quotes_gpc()); $DB->Execute($requetesup); // erase custom fields $requetesup = "DELETE FROM " . PREFIX_DB . "adh_info\n\t\t\t\t\t\tWHERE id_adh=" . $DB->qstr($supval, get_magic_quotes_gpc()); $DB->Execute($requetesup); // erase picture $requetesup = "DELETE FROM " . PREFIX_DB . "pictures\n\t\t\t\t\t\tWHERE id_adh=" . $DB->qstr($supval, get_magic_quotes_gpc()); $DB->Execute($requetesup); } $resultat->Close(); header('location: gestion_adherents.php'); } } // selection des adherents et application filtre / tri
} if ($_SESSION["admin_status"] == 0) { header("location: voir_adherent.php"); die; } include WEB_ROOT . "includes/functions.inc.php"; include WEB_ROOT . "includes/i18n.inc.php"; include WEB_ROOT . "includes/smarty.inc.php"; $page = 1; if (isset($_GET["page"])) { $page = $_GET["page"]; } if (isset($_GET["reset"])) { $requete[0] = "DELETE FROM " . PREFIX_DB . "logs"; $DB->Execute($requete[0]); dblog("Logs flushed"); header('location: log.php'); } // Tri if (isset($_GET["tri"])) { if (is_numeric($_GET["tri"])) { if ($_SESSION["tri_log"] == $_GET["tri"]) { $_SESSION["tri_log_sens"] = ($_SESSION["tri_log_sens"] + 1) % 2; } else { $_SESSION["tri_log"] = $_GET["tri"]; $_SESSION["tri_log_sens"] = 0; } } } $requete[0] = "SELECT date_log, adh_log, text_log, ip_log, action_log, sql_log FROM " . PREFIX_DB . "logs "; $requete[1] = "SELECT count(id_log) FROM " . PREFIX_DB . "logs";
$requetesup = "SELECT nom_adh, prenom_adh FROM " . PREFIX_DB . "adherents WHERE id_adh=" . $DB->qstr($id_adh, get_magic_quotes_gpc()); $resultat = $DB->Execute($requetesup); if (!$resultat->EOF) { // supression record cotisation $requetesup = "DELETE FROM " . PREFIX_DB . "cotisations \n\t\t\t\t \t WHERE id_cotis=" . $DB->qstr($_GET["sup"], get_magic_quotes_gpc()); $DB->Execute($requetesup); // mise a jour de l'�ch�ance $date_fin = get_echeance($DB, $id_adh); if ($date_fin != "") { $date_fin_update = "'" . $date_fin[2] . "-" . $date_fin[1] . "-" . $date_fin[0] . "'"; } else { $date_fin_update = "NULL"; } $requeteup = "UPDATE " . PREFIX_DB . "adherents\n\t\t\t\t\t SET date_echeance=" . $date_fin_update . "\n\t\t\t\t\t WHERE id_adh=" . $DB->qstr($id_adh, get_magic_quotes_gpc()); $DB->Execute($requeteup); dblog("Contribution deleted:", strtoupper($resultat->fields[0]) . " " . $resultat->fields[1], $requetesup); } $resultat->Close(); } $result_adh->Close(); } } $date_enreg_format = $DB->SQLDate('d/m/Y', PREFIX_DB . 'cotisations.date_enreg'); $date_debut_cotis_format = $DB->SQLDate('d/m/Y', PREFIX_DB . 'cotisations.date_debut_cotis'); $date_fin_cotis_format = $DB->SQLDate('d/m/Y', PREFIX_DB . 'cotisations.date_fin_cotis'); $requete[0] = "SELECT {$date_enreg_format} AS date_enreg,\n\t\t\t{$date_debut_cotis_format} AS date_debut_cotis,\n\t\t\t{$date_fin_cotis_format} AS date_fin_cotis,\n\t\t\t" . PREFIX_DB . "cotisations.id_cotis, \n\t\t\t" . PREFIX_DB . "cotisations.id_adh, \n\t\t\t" . PREFIX_DB . "cotisations.montant_cotis, \n\t\t\t" . PREFIX_DB . "adherents.nom_adh, \n\t\t\t" . PREFIX_DB . "adherents.prenom_adh,\n\t\t\t" . PREFIX_DB . "types_cotisation.libelle_type_cotis,\n\t\t\t" . PREFIX_DB . "types_cotisation.cotis_extension,\n\t\t\t" . PREFIX_DB . "types_cotisation.id_type_cotis\n\t\t\tFROM " . PREFIX_DB . "cotisations," . PREFIX_DB . "adherents," . PREFIX_DB . "types_cotisation\n\t\t\tWHERE " . PREFIX_DB . "cotisations.id_adh=" . PREFIX_DB . "adherents.id_adh\n\t\t\tAND " . PREFIX_DB . "types_cotisation.id_type_cotis=" . PREFIX_DB . "cotisations.id_type_cotis "; $requete[1] = "SELECT count(id_cotis)\n\t\t\tFROM " . PREFIX_DB . "cotisations\n\t\t\tWHERE 1=1 "; // phase filtre if ($_SESSION["filtre_cotis_adh"] != "") { $requete[0] .= "AND " . PREFIX_DB . "cotisations.id_adh='" . $_SESSION["filtre_cotis_adh"] . "' "; $requete[1] .= "AND " . PREFIX_DB . "cotisations.id_adh='" . $_SESSION["filtre_cotis_adh"] . "' ";
$requete = "INSERT INTO " . PREFIX_DB . "transactions\n\t\t\t(" . substr($insert_string_fields, 1) . ")\n\t\t\tVALUES (" . substr($insert_string_values, 1) . ")"; if (!$DB->Execute($requete)) { print "{$requete}: " . $DB->ErrorMsg(); } $transaction['trans_id'] = get_last_auto_increment($DB, PREFIX_DB . "transactions", "trans_id"); // to allow the string to be extracted for translation $foo = _T("transaction added"); // logging dblog('transaction added', '', $requete); } else { $requete = "UPDATE " . PREFIX_DB . "transactions\n\t\t\t\t SET " . substr($update_string, 1) . "\n\t\t\t\t WHERE trans_id=" . $transaction['trans_id']; $DB->Execute($requete); // to allow the string to be extracted for translation $foo = _T("transaction updated"); // logging dblog('transaction updated', '', $requete); } // dynamic fields set_all_dynamic_fields($DB, 'trans', $transaction['trans_id'], $transaction['dyn']); if ($missing_amount > 0) { $url = 'ajouter_contribution.php?trans_id=' . $transaction['trans_id']; if (isset($transaction['id_adh'])) { $url .= '&id_adh=' . $transaction['id_adh']; } } else { $url = 'gestion_transactions.php'; } header('location: ' . $url); } } else { if ($transaction['trans_id'] == "") {