function email_fw_webmail_box($USER_ID) { $EMAIL_FW_WEBMAIL_BOX = ""; $FROM_MAIL_ID = ""; $FROM_WEBMAIL_BOX_DEFAULT = ""; $EMAIL_FW_WEBMAIL_BOX_ARRAY = array(); $query = "select * from webmail where USER_ID='" . $USER_ID . "' and EMAIL_PASS!='' order by IS_DEFAULT desc"; $cursor = exequery(TD::conn(), $query); while ($ROW = mysql_fetch_array($cursor)) { $MAIL_ID = $ROW['MAIL_ID']; $EMAIL = $ROW['EMAIL']; $IS_DEFAULT = $ROW['IS_DEFAULT']; $RECV_FW = $ROW['RECV_FW']; if ($FROM_WEBMAIL_BOX_DEFAULT == "") { $FROM_WEBMAIL_BOX_DEFAULT = $EMAIL; $FROM_MAIL_ID = $MAIL_ID; } if ($RECV_FW == 1) { $EMAIL_FW_WEBMAIL_BOX .= $EMAIL . ","; } } $EMAIL_FW_WEBMAIL_BOX_ARRAY[] = $FROM_WEBMAIL_BOX_DEFAULT; $EMAIL_FW_WEBMAIL_BOX_ARRAY[] = $EMAIL_FW_WEBMAIL_BOX; $EMAIL_FW_WEBMAIL_BOX_ARRAY[] = $FROM_MAIL_ID; return $EMAIL_FW_WEBMAIL_BOX_ARRAY; }
function dept_tree_list($DEPT_ID, $PRIV_OP) { global $DEEP_COUNT; global $connection; $query = "SELECT * from department where DEPT_PARENT='" . $DEPT_ID . "' order by DEPT_NO"; $cursor = exequery($connection, $query); $OPTION_TEXT = ""; $DEEP_COUNT1 = $DEEP_COUNT; $DEEP_COUNT .= " "; while ($ROW = mysql_fetch_array($cursor)) { ++$COUNT; $DEPT_ID = $ROW['DEPT_ID']; $DEPT_NAME = $ROW['DEPT_NAME']; $DEPT_PARENT = $ROW['DEPT_PARENT']; $DEPT_NAME = str_replace("<", "<", $DEPT_NAME); $DEPT_NAME = str_replace(">", ">", $DEPT_NAME); $DEPT_NAME = stripslashes($DEPT_NAME); $DEPT_PRIV = 1; $OPTION_TEXT_CHILD = dept_tree_list($DEPT_ID, $PRIV_OP); if ($DEPT_PRIV == 1) { $OPTION_TEXT .= " <tr class=TableData> <td class='menulines' id='" . $DEPT_ID . "' title='" . $DEPT_NAME . "' onclick=javascript:click_dept('" . $DEPT_ID . "') style=cursor:pointer>" . $DEEP_COUNT1 . "├" . $DEPT_NAME . "</a></td> </tr>"; } if ($OPTION_TEXT_CHILD != "") { $OPTION_TEXT .= $OPTION_TEXT_CHILD; } } $DEEP_COUNT = $DEEP_COUNT1; return $OPTION_TEXT; }
/** @return Le informazioni del sondaggio tramite un array associativo, dove: "choices" => array con le scelte, dove: "id" => id della scelta "descr" => descrizione della scelta (come inserito dall'utente) "votes" => numero di voti per questa scelta "percentage" => percentuale normalizzata (0..1) in relazione al totale dei voti (4 decimali di precisione) "votes_count" => numero di voti totali "user_has_voted" => boolean se l'utente corrente ha gia' votato */ function getPollData() { global $currentUser; // Cache if ($this->poll_data == null) { $poll_info = unserialize($this->getRaw('poll')); $choices = array(); $votes_count = 0; $user_has_voted = false; foreach ($poll_info as $id => $value) { // id = numero, value = stringa descrivente la scelta $choices[] = array("id" => $id, "descr" => $value, "votes" => 0, "percentage" => 0); } // Prende i voti dal database $q = exequery("SELECT user_id, vote FROM forum_poll WHERE topic_id = {$this['id']}"); while ($values = mysqli_fetch_array($q)) { $choices[$values['vote']]['votes']++; // perche' indice == id $votes_count++; if ($values['user_id'] == $currentUser['id']) { $user_has_voted = true; } } // Calcola le percentuali if ($votes_count > 0) { foreach ($choices as $id => &$values) { $values['percentage'] = round((double) $values['votes'] / (double) $votes_count, 4); } } $this->poll_data = array("choices" => $choices, "votes_count" => $votes_count, "user_has_voted" => $user_has_voted); } return $this->poll_data; }
public static function Add($text, $type) { global $currentUser; $user_id = $currentUser->isLogged() ? $currentUser['id'] : null; $ip = get_ip(); $timestamp = time(); $text = db_escape($text); exequery("INSERT INTO logs (ip, `timestamp`, user_id, `text`, type) VALUES ('{$ip}', '{$timestamp}', {$user_id}, '{$text}', {$type})"); }
public static function getPublished() { $query = exequery(Guide::SELECT_SQL . " WHERE published = 1"); $array = array(); while ($g = mysqli_fetch_array($query, MYSQLI_ASSOC)) { $array[] = new Guide($g); } return $array; }
public function getAllChapters() { $qr = exequery(GuideChapter::SELECT_SQL . " WHERE guide_id={$this['id']} AND validated=1 ORDER BY chapter ASC"); $chapters = array(); while ($values = mysqli_fetch_array($qr, MYSQLI_ASSOC)) { $chapters[] = new GuideChapter($values, $this->link); } return $chapters; }
function deptListTree($PARENT_ID) { global $connection; global $LOGIN_USER_ID; global $LOGIN_DEPT_ID; global $LOGIN_USER_PRIV; global $PRIV_NO_FLAG; global $PARA_URL; global $PARA_TARGET; global $PARA_ID; global $PARA_VALUE; global $showButton; $query = "SELECT * from department where DEPT_PARENT='" . $PARENT_ID . "' order by DEPT_NO"; $cursor1 = exequery($connection, $query); while ($ROW = mysql_fetch_array($cursor1)) { $DEPT_ID1 = $ROW['DEPT_ID']; $DEPT_NAME1 = $ROW['DEPT_NAME']; $DEPT_NAME1 = htmlspecialchars($DEPT_NAME1); $DEPT_NAME1 = str_replace("\"", """, $DEPT_NAME1); $DEPT_NAME1 = stripslashes($DEPT_NAME1); $CHILD_COUNT = 0; $query = "SELECT 1 from department where DEPT_PARENT='" . $DEPT_ID1 . "'"; $cursor2 = exequery($connection, $query); if ($ROW1 = mysql_fetch_array($cursor2)) { ++$CHILD_COUNT; } if ($PRIV_NO_FLAG) { $DEPT_PRIV1 = is_dept_priv($DEPT_ID1); } else { $DEPT_PRIV1 = 1; } if ($DEPT_PRIV1 == 1) { $XML_TEXT_DEPT .= "<TreeNode id=\"" . $DEPT_ID1 . "\" text=\"[{$DEPT_NAME1}]\" "; } else { $XML_TEXT_DEPT .= "<TreeNode id=\"" . $DEPT_ID1 . "\" text=\"{$DEPT_NAME1}\" "; } if ($showButton) { $XML_TEXT_DEPT .= "onclick=\"click_node('" . $DEPT_ID1 . "',this.checked,'{$PARA_ID}','" . str_replace(".", "&", $PARA_VALUE) . "');\" "; } if ($PARA_URL != "" && $DEPT_PRIV1 == 1) { if ($PARA_ID == "") { $URL = "{$PARA_URL}?DEPT_ID={$DEPT_ID1}"; } else { $URL = "{$PARA_URL}?DEPT_ID={$DEPT_ID1}&{$PARA_ID}=" . str_replace(".", "&", $PARA_VALUE); } $XML_TEXT_DEPT .= "href=\"" . $URL . "\" target=\"{$PARA_TARGET}\""; } else { $XML_TEXT_DEPT .= "href=\"javascript:;\" target=\"_self\""; } $XML_TEXT_DEPT .= " img_src=\"../../../Framework/images/endnode.gif\" title=\"" . $DEPT_NAME1 . "\""; if (0 < $CHILD_COUNT) { $XML_TEXT_DEPT .= " Xml=\"tree.php?DEPT_ID=" . $DEPT_ID1 . "&PARA_URL={$PARA_URL}&PARA_TARGET={$PARA_TARGET}&PRIV_NO_FLAG={$PRIV_NO_FLAG}&PARA_ID={$PARA_ID}&PARA_VALUE={$PARA_VALUE}&showButton={$showButton}\""; } $XML_TEXT_DEPT .= "/>\n"; } return $XML_TEXT_DEPT; }
function add_task($file, $code) { $qry = "SELECT * FROM office_task WHERE TASK_CODE='{$code}'"; $csr = exequery(TD::conn(), $qry); if ($row = mysql_fetch_array($csr)) { } else { $qry = "INSERT INTO `office_task` (`TASK_TYPE`, `INTERVAL`, `EXEC_TIME`, `LAST_EXEC`,\n\t\t\t\t`EXEC_FLAG`, `EXEC_MSG`, `TASK_URL`, `TASK_NAME`, `TASK_DESC`, `TASK_CODE`, `USE_FLAG`,\n\t\t\t\t`SYS_TASK`, `EXT_DATA`) VALUES(\n\t\t\t\t'0',\n\t\t\t\t1,\n\t\t\t\t'00:00:00',\n\t\t\t\t'0000-00-00 00:00:00',\n\t\t\t\t1,\n\t\t\t\t'0000-00-00 00:00:00',\n\t\t\t\t'{$file}',\n\t\t\t\t'即时通讯离线消息推送',\n\t\t\t\t'定时将OA精灵离线消息推送到微信企业号',\n\t\t\t\t'{$code}',\n\t\t\t\t'1',\n\t\t\t\t'0',\n\t\t\t\t'')"; exequery(TD::conn(), $qry); //Add system parameter include_once "inc/utility_all.php"; add_sys_para(array("WEIXINQY_MSGCHECK_TIME" => "")); } }
function getProdTypeList($DEPT_PARENT) { global $connection; $sql = "select DEPT_ID,DEPT_NAME,DEPT_PARENT from department where DEPT_PARENT='{$DEPT_PARENT}' order by DEPT_PARENT asc ,DEPT_NO asc"; $cursor = exequery($connection, $sql); while ($ROW = mysql_fetch_array($cursor)) { $DEPT_ID = $ROW['DEPT_ID']; $DEPT_NAME = $ROW['DEPT_NAME']; $DEPT_PARENT = $ROW['DEPT_PARENT']; $open = "false"; print "zNodes[zNodes.length]={id:{$DEPT_ID}, pId:{$DEPT_PARENT}, name:'{$DEPT_NAME}', ename:'{$DEPT_NAME}', open:{$open}};"; getProdTypeList($DEPT_ID); } }
public static function Find($name, $num_records = 20) { //Controllo dei parametri validate_num($num_records); db_escape(trim($name)); // Se non c'e' niente da cercare if ($name == "") { return array(); } $q = exequery("SELECT user FROM users WHERE user LIKE'{$name}%' LIMIT {$num_records}"); $array = array(); while ($u = mysqli_fetch_array($q, MYSQLI_ASSOC)) { $array[] = $u['user']; } return $array; }
public function createUser($user_id) { $user_ids = ""; $user_arr = explode(",", $user_id); foreach ($user_arr as $key => $value) { $user_ids .= "'" . $value . "',"; } $user_ids = rtrim($user_ids, ","); $sync = array(); $query = "SELECT USER_ID,USER_NAME,DEPT_ID,DEPT_ID_OTHER,USER_PRIV_NAME,USER_PRIV,MOBIL_NO,SEX,TEL_NO_DEPT,EMAIL FROM USER where USER_ID IN (" . $user_ids . ")"; $cursor = exequery(TD::conn(), $query); while ($ROW = mysql_fetch_array($cursor)) { $USER_ID = $ROW['USER_ID']; $USER_NAME = $ROW['USER_NAME']; $DEPT_ID = $ROW['DEPT_ID']; $DEPT_ID_OTHER = $ROW['DEPT_ID_OTHER']; $USER_PRIV_NAME = $ROW['USER_PRIV_NAME']; $USER_PRIV = $ROW['USER_PRIV']; $MOBIL_NO = $ROW['MOBIL_NO']; $SEX = $ROW['SEX']; $TEL_NO_DEPT = $ROW['TEL_NO_DEPT']; $EMAIL = $ROW['EMAIL']; if ($EMAIL == "" && !preg_match("/^([+-]?)\\d*\\.?\\d+\$/", $MOBIL_NO)) { $sync['failed'][] = sprintf("%s(%s)", $USER_NAME, $this->deptinfo[$DEPT_ID]['dept_name']); } else { $_dept = array(); $_dept[] = $this->deptinfo[$DEPT_ID]['weixin_dept_id']; if ($DEPT_ID_OTHER != "") { $_dept_arr = array_filter(explode(",", $DEPT_ID_OTHER)); foreach ($_dept_arr as $key => $value) { $_dept[] = $this->deptinfo[$value]['weixin_dept_id']; } } $rs = $this->postData($this->url['create'], array("userid" => $USER_ID, "name" => $USER_NAME, "department" => $_dept, "position" => $USER_PRIV_NAME, "mobile" => preg_match("/^([+-]?)\\d*\\.?\\d+\$/", $MOBIL_NO) ? $MOBIL_NO : "", "gender" => $SEX, "tel" => $TEL_NO_DEPT, "email" => $EMAIL)); if ($rs['errcode'] == 0) { $sync['success'][] = sprintf("%s(%s)", $USER_NAME, $this->deptinfo[$DEPT_ID]['dept_name']); } else { if ($rs['errcode'] == 60102) { $sync['exists'][] = sprintf("%s(%s)", $USER_NAME, $this->deptinfo[$DEPT_ID]['dept_name']); } } } } parent::logs("user_import", serialize($sync)); return array("success" => count($sync['success']), "failed" => count($sync['failed']), "exists" => count($sync['exists'])); }
public function getPageNumber() { // Elenca tutti i posts nel thread fino a che non troviamo la nostra posizione... // Ci dev'essere un modo migliore...? $q = exequery("SELECT id FROM forum_posts \n\t\tWHERE root_topic = (SELECT root_topic FROM forum_posts WHERE id = {$this['id']}) ORDER BY id"); $position = 0; $c = 1; while ($res = mysqli_fetch_array($q)) { if ($res['id'] == $this['id']) { $position = $c; break; } $c++; } if ($position == 0) { return 1; } else { return floor(($position - 1) / Forum::POSTS_PER_PAGE + 1); } }
public static function AddReplyNotifications($post_id) { global $currentUser; $post = new ForumPost($post_id); // Lista di utenti che hanno risposto al topic, ma che non // sono all'interno della skip list $q = exequery("SELECT p.user_id as user_id, s.user_id as skip_user_id FROM forum_posts p \n\t\t\t\t\t\t\tLEFT OUTER JOIN forum_notifications_skip_list s ON (s.user_id = p.user_id AND s.topic_id = {$post['root_topic']}) \n\t\t\t\t\t\t\tWHERE p.root_topic = {$post['root_topic']} OR p.id = {$post['root_topic']} GROUP BY user_id\n\t\t\t\t\t\t\tUNION SELECT a.user_id AS user_id, NULL AS skip_user_id\n\t\t\t\t\t\t\tFROM forum_notifications_add_list a WHERE a.topic_id = {$post['root_topic']}\n\t\t\t"); // Una notifica a ciascuno, non fa male a nessuno while ($values = mysqli_fetch_array($q)) { if ($values['user_id'] == $currentUser['id']) { continue; } //Skip noi stessi if ($values['skip_user_id'] != null) { continue; } //Skippa se richiesto exequery("INSERT INTO forum_notifications (topic_id, user_id, notify_tm, post_id, page_num) \n\t\t\t \tVALUES ('{$post['root_topic']}','{$values['user_id']}'," . time() . ", {$post_id}, " . $post->getPageNumber() . ")"); } //Rimuovi dalla lista di skip_notifications l'user che ha postato exequery("DELETE FROM forum_notifications_skip_list \n\t\t\t \t\t\tWHERE user_id = {$currentUser['id']} AND topic_id = {$post['root_topic']}"); }
function get_file_folder_path($sort_id) { if ($sort_id == "0") { return "根目录"; } global $connection; $path = ""; $query = "select SORT_PARENT,SORT_NAME from FILE_SORT where SORT_ID='" . $sort_id . "'"; $cursor = exequery($connection, $query); if ($ROW = mysql_fetch_array($cursor)) { $SORT_PARENT = $ROW['SORT_PARENT']; $SORT_NAME = $ROW['SORT_NAME']; if ($SORT_PARENT != 0) { $path = get_file_folder_path($SORT_PARENT) . "/" . $SORT_NAME; return $path; } $path = $SORT_NAME . $path; } return $path; }
$cursor = exequery(TD::conn(), $query); while ($ROW = mysql_fetch_array($cursor)) { if (!find_id($USER_ID_STR, $ROW['USER_ID'])) { $USER_ID_STR .= $ROW['USER_ID'] . ","; } } } $MY_ARRAY_DEPT = explode(",", $TO_ID); $ARRAY_COUNT_DEPT = sizeof($MY_ARRAY_DEPT); $I = 0; for (; $I < $ARRAY_COUNT_DEPT; ++$I) { if ($MY_ARRAY_DEPT[$I] == "") { continue; } $query_d = "select USER_ID from USER where (NOT_LOGIN = 0 or NOT_MOBILE_LOGIN = 0) and find_in_set('" . $MY_ARRAY_DEPT[$I] . "',DEPT_ID_OTHER)"; $cursor_d = exequery(TD::conn(), $query_d); while ($ROWD = mysql_fetch_array($cursor_d)) { if (!find_id($USER_ID_STR, $ROWD['USER_ID'])) { $USER_ID_STR .= $ROWD['USER_ID'] . ","; } } } $USER_ID_STR_ARRAY = explode(",", $USER_ID_STR); $USER_ID_STR_ARRAY_COUNT = sizeof($USER_ID_STR_ARRAY); $I = 0; for (; $I < $USER_ID_STR_ARRAY_COUNT; ++$I) { if (!($USER_ID_STR_ARRAY[$I] == "")) { $FUNC_ID_STR = getfunmenubyuserid($USER_ID_STR_ARRAY[$I]); if (!find_id($FUNC_ID_STR, 4)) { $USER_ID_STR = str_replace($USER_ID_STR_ARRAY[$I], "", $USER_ID_STR); }
public static function FindOne($sql) { $q = exequery($sql); return mysqli_fetch_array($q, MYSQLI_ASSOC); }
<?php include_once "inc/conn.php"; include_once "inc/utility_all.php"; define("MSGCHECKTIME", "WEIXINQY_MSGCHECK_TIME"); $CUR_TIME = time(); $PARA_ARRAY = get_sys_para(MSGCHECKTIME, FALSE); $MSG_CHK_TIME = intval(trim($PARA_ARRAY[MSGCHECKTIME])); $BEGIN_TIME = $MSG_CHK_TIME <= 0 ? $CUR_TIME : $MSG_CHK_TIME; $query = "SELECT FROM_UID,TO_UID,CONTENT,SEND_TIME FROM MESSAGE where REMIND_FLAG='1' and MSG_TYPE='1' and\n\t\t\t FROM_UID!=0 and TO_UID!=0 and SEND_TIME>'{$BEGIN_TIME}' and SEND_TIME<='{$CUR_TIME}' order by TO_UID,FROM_UID,SEND_TIME asc"; $cursor = exequery(TD::conn(), $query); if (!$cursor) { echo "-ERR "; exit; } while ($ROW = mysql_fetch_array($cursor)) { $FROM_UID = $ROW['FROM_UID']; include_once "inc/utility_cache.php"; $FROM_USER_NAME = getuserinfobyuid($FROM_UID, "USER_NAME"); $TO_UID = $ROW['TO_UID']; $CONTENT = $ROW['CONTENT']; include_once "inc/itask/itask.php"; mobile_push_notification($TO_UID, $FROM_USER_NAME . _(":") . $CONTENT . _("【即时通讯离线消息】"), "msg"); } set_sys_para(array(MSGCHECKTIME => $CUR_TIME)); $CUR_TIME_FORMAT = date("Y-m-d H:i:s", $CUR_TIME); $qry = "UPDATE OFFICE_TASK SET LAST_EXEC='{$CUR_TIME_FORMAT}',EXEC_FLAG='1',EXEC_MSG='{$CUR_TIME_FORMAT}' WHERE TASK_CODE='inst_msg_offl_push'"; exequery(TD::conn(), $qry); echo "+OK";
$message = db_escape(Charset::Utf8ToDB($_POST['message'])); $is_poll = isset($_POST['poll']); // Le domande del sondaggio vengono memorizzate nel campo // "poll" come array serializzato. Se "poll" e' null, allora // vuol dire che il topic non e' un sondaggio if ($is_poll) { $poll_questions = explode("\n", trim(purify(Charset::Utf8ToDB($_POST['poll'])))); if (count($poll_questions) >= 2) { $poll_data = db_escape(serialize($poll_questions)); } else { // Numero di domande nel sondaggio non valido (< 2) $poll_data = null; } } if (!Forum::IsUserFlooding($currentUser)) { exequery(sprintf("INSERT INTO forum_posts (user_id, argument, subject, message, type, post_date, last_post_date, ip, poll, replies) \n VALUES(%d, %d, '%s', '%s', %d, %d, %d, '%s', \"%s\", 0)", $currentUser['id'], $_POST['forum_id'], $subject, $message, Forum::TYPE_TOPIC, time(), time(), get_ip(), $poll_data)); $id = DB::LastId(); $topic = new Topic($id); Forum::IncPostCountForUser($currentUser); $response->set("topic_url", $topic->getUrl()); $response->setSuccess(true); } else { $response->setError("Attendi almeno " . Forum::FLOOD_SECONDS_LIMIT . " secondi tra un post e l'altro."); } } else { $response->setError("Non sei loggato."); } } else { $response->setError($av->getLastError()); } $response->send();
validate_num($_POST['vote']); $topic = new Topic($_POST['topic_id']); if ($topic->isPoll() && $topic->isViewableBy($currentUser)) { $poll_data = $topic->getPollData(); if (!$poll_data['user_has_voted']) { // Voto valido? $valid_vote = false; foreach ($poll_data['choices'] as $choice) { if ($choice['id'] == $_POST['vote']) { $valid_vote = true; break; } } if ($valid_vote) { // OK. Inseriamo il voto exequery("INSERT INTO forum_poll (topic_id, user_id, vote)\n VALUES ({$topic['id']}, {$currentUser['id']}, {$_POST['vote']})"); // Ricarica il topic $topic = new Topic($_POST['topic_id']); $response->set("results_html", $topic->renderPollResults()); $response->setSuccess(true); } else { $response->setError("Voto non valido."); } } else { $response->setError("Hai gia' votato."); } } else { $response->setError("Non hai i permessi per votare questo sondaggio."); } } else { $response->setError("Non sei loggato.");
/* This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ $pagTitle = "Forum"; require_once "__inc__.php"; require_once ROOT_PATH . "header.php"; ?> <ul class="nav-list"> <?php /* pierotofy: chiedo scusa per la confusione root = nome categoria (Programming, Off-Topic, ecc.) title = titolo canale subject = descrizione canale forum */ $q = exequery("SELECT f.id, f.root, f.title, f.subject, f.private, f.priority FROM forum_arguments f\nWHERE root != 'Projects' ORDER BY priority"); $category = ""; while ($values = mysqli_fetch_array($q, MYSQLI_ASSOC)) { // Inserisci i nomi della categoria quando necessario if ($values['root'] != $category) { $category = $values['root']; echo '<li class="nav-title">' . $category . "</li>"; } echo sprintf('<li><a class="nowrap has-children" href="/p/forum/%s/">%s</a></li>', $values['id'], $values['title']); } ?> </ul> <?php require_once ROOT_PATH . "footer.php";
<?php include_once "enable.php"; echo "Aggiorno gli avatars... "; exequery("UPDATE users SET avatar = CONCAT(id, \".png\") WHERE avatar IS NOT NULL"); echo "Fatto!<br/>";
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */ /** Ricava il contenuto raw di un post (o topic) del forum La richiesta dev'essere effettuata da un utente che ha i permessi per editare il post/topic method: GET e POST combinato params: id (GET): id del post/topic value (POST): nuovo contenuto returns: success => true|false value => HTML contenente il nuovo post */ require_once "__inc__.php"; $response = new RestfulResponse("json"); validate_num($_GET['id']); if ($currentUser->isLogged()) { $q = exequery("SELECT argument, user_id FROM forum_posts WHERE id = {$_GET['id']}"); $values = mysqli_fetch_array($q); // Puo' editare? if ($currentUser->isModOfForum($values['argument']) || $currentUser["id"] == $values['user_id']) { $message = db_escape(Charset::Utf8ToDB($_POST['value'])); exequery("UPDATE forum_posts SET message = '{$message}', edit_date = " . time() . ", edit_by = {$currentUser['id']}\n WHERE id = {$_GET['id']}"); $post = new ForumPost($_GET['id']); $response->set("value", $post->getParsedMessage()); $response->setSuccess(true); } else { $response->setError("Non hai i permessi per modificare questo post"); } } else { $response->setError("Non loggato"); } echo $response->send();
*/ require_once "__inc__.php"; $response = new RestfulResponse("json"); $av = new AutoValidator("frm-forum-reply", $_POST); if ($av->validate()) { if ($currentUser->isLogged()) { // Valida i campi di input validate_num($_POST['topic_id']); $topic = new Topic($_POST['topic_id']); $message = db_escape(Charset::Utf8ToDB($_POST['message'])); if (!Forum::IsUserFlooding($currentUser)) { if (!$topic['locked']) { // Trova il forum_id $values = DB::FindOne("SELECT argument FROM forum_posts WHERE id = {$_POST['topic_id']}"); $forum_id = $values['argument']; exequery(sprintf("INSERT INTO forum_posts (user_id, root_topic, argument, message, type, post_date, last_post_date, ip) \n VALUES(%d, %d, %d, '%s', %d, %d, %d, '%s')", $currentUser['id'], $_POST['topic_id'], $forum_id, $message, Forum::TYPE_POST, time(), time(), get_ip())); $id = DB::LastId(); $post = new ForumPost($id); Forum::UpdateTopicAfterReply($_POST['topic_id']); Forum::IncPostCountForUser($currentUser); Forum::AddReplyNotifications($post['id']); $response->set("post_html", $post->render("forum/post.html")); $response->setSuccess(true); } else { $response->setError("Il topic e' stato chiuso dal moderatore."); } } else { $response->setError("Attendi almeno " . Forum::FLOOD_SECONDS_LIMIT . " secondi tra un post e l'altro."); } } else { $response->setError("Non sei loggato.");
private function trashOperation($id_array, $option) { //Controllo che gli id dei messaggi siano numerici foreach ($id_array as $id) { validate_num($id); } //Controllo che i valori di $option siano corretti if ($option != self::DELETE && $option != self::RESTORE) { echo "Input invalido"; die; } //Scansiono l'array e aggiorno il campo di ogni messaggio foreach ($id_array as $message_id) { exequery("UPDATE messages SET deleted=" . ($option == self::DELETE ? 1 : 0) . " WHERE id={$message_id} AND to_id={$this->user_id}"); } }
$response = new RestfulResponse("json"); $av = new AutoValidator("frm-register", $_POST); if ($av->validate()) { if (isset($_POST['question']) && $_POST['question'] == "10") { $email = db_escape(purify(trim(Charset::Utf8ToDB($_POST['email'])))); $creds = LoginUtils::HashToCredentials(db_escape($_POST['hash'])); $username = db_escape(purify(trim(Charset::Utf8ToDB($creds['username'])))); $password = db_escape(purify(trim(Charset::Utf8ToDB($creds['password'])))); // Username libero? if (!DB::FindOne("SELECT 1 FROM users WHERE user = \"{$username}\"")) { // Legacy: Un timestamp sarebbe stato meglio, ma non dobbiamo fare nulla con questo dato, quindi va bene cosi' $data = date("d/m/Y G:i"); $description = "Normal User"; $md5 = LoginUtils::Md5FromCredentials($username, $password); // Tutto a posto exequery(sprintf('INSERT INTO users (user, mail, ip, os_browser, date, description, permission, verified, md5, last_login_timestamp, last_login_ip, newsletter) VALUES ("%s", "%s", "%s", "%s", "%s", "%s", %s, %s, "%s", %s, "%s", %s)', $username, $email, get_ip(), db_escape(purify($_SERVER["HTTP_USER_AGENT"])), $data, $description, User::PERMISSION_USER, 1, $md5, time(), get_ip(), 1)); // Logga l'utente $currentUser = UserFactory::CreateFromCredentials($username, $password); if ($currentUser->isLogged()) { $response->setSuccess(true); // Logga Log::Info(sprintf("%s si e' registrato", $currentUser['username'])); $_SESSION['login_hash'] = $currentUser['md5']; setcookie('login_hash', $currentUser['md5'], time() + 60 * 60 * 24 * 7, '/'); } else { // Questo non dovrebbe succedere $response->setError("E' successo un imprevisto durante la registrazione. Per favore segnala questo incidente ad un amministratore."); } } else { $response->setError("L'username e' stato gia' preso. Scegline un'altro."); }
function getWebhuddleScriptIDs() { if ($this['webhuddle_script_ids'] == null) { // Lazy loading $q = exequery("SELECT webhuddle_script_ids FROM users WHERE id = " . $this['id']); $row = mysqli_fetch_array($q, MYSQLI_ASSOC); $this['webhuddle_script_ids'] = unserialize($row['webhuddle_script_ids']); } return $this['webhuddle_script_ids']; }
<?php /* This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ $pagSection = "Home"; require_once "__inc__.php"; require_once ROOT_PATH . "header.php"; ?> <h3>Ultimi topics</h3> <ul class="nav-list" style="margin: 1em 0;"> <?php // Ultimi topics nel forum $q = exequery(Topic::SELECT_SQL . "WHERE a.private = 0 AND type = " . Forum::TYPE_TOPIC . " \n\t\t\t\tORDER BY last_post_date DESC LIMIT 0,15"); while ($values = mysqli_fetch_array($q)) { $topic = new Topic($values); ?> <li> <a class="nowrap" href="<?php echo $topic->getUrl(); ?> "> <span class="tag pull-right" style="margin-left: 0.5em;"><?php echo $topic['argument_title']; ?> </span> <span class="bubble red pull-right"><?php echo $topic['replies']; ?> </span>
exit; case "updateDept": //( ); $department = new WeiXinQYDepartment(); $rs = $department->updateDept(array("id" => intval($_POST['dept_id']), "name" => td_iconv(addslashes($_POST['dept_name']), "UTF-8", MYOA_CHARSET), "parentid" => intval($_POST['dept_parentid']))); echo json_encode($rs); exit; case "getDept": //( ); $department = new WeiXinQYDepartment(); $rs = $department->getDept(intval($_GET['dept_id'])); } exit; } $query = "SELECT COUNT(DEPT_ID) FROM DEPARTMENT WHERE WEIXIN_DEPT_ID > 0"; $cursor = exequery(TD::conn(), $query, TRUE); $row = mysql_fetch_row($cursor); $HTML_PAGE_TITLE = _("数据导入 - 组织架构初始化"); $HTML_PAGE_BASE_STYLE = FALSE; include_once "inc/header.inc.php"; echo "<body>\r\n<link rel=\"stylesheet\" type=\"text/css\" href=\""; echo MYOA_STATIC_SERVER; echo "/static/js/bootstrap/css/bootstrap.css\">\r\n<link rel=\"stylesheet\" type=\"text/css\" href=\""; echo MYOA_STATIC_SERVER; echo "/static/modules/weixinqy/style.css\">\r\n<script type=\"text/javascript\" src=\""; echo MYOA_JS_SERVER; echo "/static/js/jquery-1.10.2/jquery.min.js"; echo $GZIP_POSTFIX; echo "\"></script>\r\n<script type=\"text/javascript\">\r\n\$(function(){\r\n \$(\".func-item button\").on(\"click\", function(){\r\n \$(\".func-item button\").removeClass(\"btn-primary\");\r\n \$(\".func-item button i\").removeClass(\"icon-white\");\r\n \$(\".mod-func\").hide();\r\n var module = \$(this).attr(\"data-module\");\r\n \$(this).addClass(\"btn-primary\");\r\n \$(this).find(\"i\").addClass(\"icon-white\");\r\n \$(\"#mod-\" + module).show();\r\n });\r\n\r\n \$(\"#btn-init\").click(function(){\r\n \$(\"#dept-iframe\").contents().find(\"#btn-sync-dept\").click();\r\n \$(this).off().html('<i class=\"icon-refresh icon-white\"></i>"; echo _("正在初始化..."); echo "');\r\n });\r\n});\r\n</script>\r\n<div>\r\n <fieldset>\r\n <legend><h5>";
$USER_COUNT = 0; $I = 0; for (; $I < $files_count; ++$I) { $array = explode(".", $files[$I]); if (!($array[2] == "usr") && !(time() - $array[1] <= $ONLINE_REF_SEC + 5)) { $UID_STR .= $array[0] . ","; } } $DEPT_COUNT = 0; $USER_COUNT = 0; $DEPT_ID_PREV = ""; $USER_ID_STR = ""; $USER_NAME_STR = ""; $DEPT_NAME_STR = ""; $query = "SELECT USER_ID,USER_NAME,USER.DEPT_ID,DEPT_NAME from user,department,user_priv where find_in_set(UID,'" . $UID_STR . "') and user.USER_PRIV=user_priv.USER_PRIV and user.DEPT_ID=department.DEPT_ID order by DEPT_NO,department.DEPT_ID,PRIV_NO,USER_NO,USER_NAME"; $cursor = exequery($connection, $query); while ($ROW = mysql_fetch_array($cursor)) { $USER_ID = $ROW['USER_ID']; $USER_NAME = $ROW['USER_NAME']; $DEPT_ID = $ROW['DEPT_ID']; if ($DEPT_ID_PREV != $DEPT_ID) { $DEPT_NAME = $ROW['DEPT_NAME']; ++$DEPT_COUNT; } $DEPT_NAME_STR .= $DEPT_NAME . ","; $DEPT_ID_PREV = $DEPT_ID; $USER_ID_STR .= $USER_ID . ","; $USER_NAME_STR .= $USER_NAME . ","; ++$USER_COUNT; } if (0 < $USER_COUNT) {
function mobile_push_notification($uid_sent, $content, $module, $options = NULL) { $org_content = $content; $PARA_ARRAY = get_sys_para("MOBILE_PUSH_OPTION,PCONLINE_MOBILE_PUSH", FALSE); while (list($PARA_NAME, $PARA_VALUE) = each(&$PARA_ARRAY)) { ${$PARA_NAME} = $PARA_VALUE; } if ($MOBILE_PUSH_OPTION == "1") { if ($uid_sent == "") { return; } if (substr($uid_sent, -1) != ",") { $uid_sent .= ","; } $module = strtolower($module); $mp_to_uids = td_trim($uid_sent); $a_uid_sent = $a_unpush_uid = array(); $a_uid_sent = explode(",", $mp_to_uids); if ($PCONLINE_MOBILE_PUSH == "0") { $query = "select DISTINCT(UID) from user_online where UID in(" . $mp_to_uids . ") and CLIENT!=5 and CLIENT!=6"; $cursor = exequery(TD::conn(), $query); while ($ROW = mysql_fetch_array($cursor)) { $a_unpush_uid[] = $ROW['UID']; } foreach ($a_uid_sent as $k => $v) { if (!($PCONLINE_MOBILE_PUSH == "0") && !is_array($a_unpush_uid) && !in_array($v, $a_unpush_uid)) { unset($a_uid_sent[$k]); } } $a_uid_sent = array_filter($a_uid_sent); $uid_sent = implode(",", $a_uid_sent); $uid_sent .= ","; } if ($module == "message") { include_once "task/message_push/funcs.php"; $C_MOBILE_DEVICES = TD::get_cache("C_MOBILE_DEVICES"); if ($C_MOBILE_DEVICES === FALSE) { rebuildmobilecache(); $C_MOBILE_DEVICES = TD::get_cache("C_MOBILE_DEVICES"); } if ($C_MOBILE_DEVICES && 0 < count($C_MOBILE_DEVICES)) { $M_STA = $M_ENT = array(); foreach ($a_uid_sent as $k => $v) { if ($C_MOBILE_DEVICES[$v]) { if ($C_MOBILE_DEVICES[$v]['client_ver'] == 1) { $M_STA[$v][] = array("content" => $content, "module" => "message"); } else { if ($C_MOBILE_DEVICES[$v]['client_ver'] == 2) { $M_ENT[$v][] = array("content" => $content, "module" => "message"); } } } } } tdmobilepush(array("sta" => $M_STA, "ent" => $M_ENT)); } $content = $org_content = strip_tags($content); if (strtolower(MYOA_CHARSET) != "utf-8") { $content = td_iconv($content, MYOA_CHARSET, "UTF-8"); } imtask("C^m^n^" . $uid_sent . "^" . $module . "^" . $content); if (!$MYOA_WEIXINQY_PUSH_ACTIVE) { $useble_module = array("email", "news", "notify"); if (!in_array($module, $useble_module)) { $uid_sents = td_trim($uid_sent); $query = "SELECT USER_ID FROM USER WHERE UID IN (" . $uid_sents . ")"; $cursor = exequery(TD::conn(), $query); while ($ROW = mysql_fetch_array($cursor)) { $user_id_arr[] = $ROW['USER_ID']; } wxqy_sms(array("user" => $user_id_arr, "module" => $module, "content" => $org_content)); } } } }