function email_fw_webmail_box($USER_ID)
{
$EMAIL_FW_WEBMAIL_BOX = "";
$FROM_MAIL_ID = "";
$FROM_WEBMAIL_BOX_DEFAULT = "";
$EMAIL_FW_WEBMAIL_BOX_ARRAY = array();
$query = "select * from webmail where USER_ID='" . $USER_ID . "' and EMAIL_PASS!='' order by IS_DEFAULT desc";
$cursor = exequery(TD::conn(), $query);
while ($ROW = mysql_fetch_array($cursor)) {
$MAIL_ID = $ROW['MAIL_ID'];
$EMAIL = $ROW['EMAIL'];
$IS_DEFAULT = $ROW['IS_DEFAULT'];
$RECV_FW = $ROW['RECV_FW'];
if ($FROM_WEBMAIL_BOX_DEFAULT == "") {
$FROM_WEBMAIL_BOX_DEFAULT = $EMAIL;
$FROM_MAIL_ID = $MAIL_ID;
}
if ($RECV_FW == 1) {
$EMAIL_FW_WEBMAIL_BOX .= $EMAIL . ",";
}
}
$EMAIL_FW_WEBMAIL_BOX_ARRAY[] = $FROM_WEBMAIL_BOX_DEFAULT;
$EMAIL_FW_WEBMAIL_BOX_ARRAY[] = $EMAIL_FW_WEBMAIL_BOX;
$EMAIL_FW_WEBMAIL_BOX_ARRAY[] = $FROM_MAIL_ID;
return $EMAIL_FW_WEBMAIL_BOX_ARRAY;
}
function dept_tree_list($DEPT_ID, $PRIV_OP)
{
global $DEEP_COUNT;
global $connection;
$query = "SELECT * from department where DEPT_PARENT='" . $DEPT_ID . "' order by DEPT_NO";
$cursor = exequery($connection, $query);
$OPTION_TEXT = "";
$DEEP_COUNT1 = $DEEP_COUNT;
$DEEP_COUNT .= " ";
while ($ROW = mysql_fetch_array($cursor)) {
++$COUNT;
$DEPT_ID = $ROW['DEPT_ID'];
$DEPT_NAME = $ROW['DEPT_NAME'];
$DEPT_PARENT = $ROW['DEPT_PARENT'];
$DEPT_NAME = str_replace("<", "<", $DEPT_NAME);
$DEPT_NAME = str_replace(">", ">", $DEPT_NAME);
$DEPT_NAME = stripslashes($DEPT_NAME);
$DEPT_PRIV = 1;
$OPTION_TEXT_CHILD = dept_tree_list($DEPT_ID, $PRIV_OP);
if ($DEPT_PRIV == 1) {
$OPTION_TEXT .= " <tr class=TableData> <td class='menulines' id='" . $DEPT_ID . "' title='" . $DEPT_NAME . "' onclick=javascript:click_dept('" . $DEPT_ID . "') style=cursor:pointer>" . $DEEP_COUNT1 . "├" . $DEPT_NAME . "</a></td> </tr>";
}
if ($OPTION_TEXT_CHILD != "") {
$OPTION_TEXT .= $OPTION_TEXT_CHILD;
}
}
$DEEP_COUNT = $DEEP_COUNT1;
return $OPTION_TEXT;
}
/** @return Le informazioni del sondaggio tramite un array associativo, dove:
"choices" => array con le scelte, dove:
"id" => id della scelta
"descr" => descrizione della scelta (come inserito dall'utente)
"votes" => numero di voti per questa scelta
"percentage" => percentuale normalizzata (0..1) in relazione al totale dei voti (4 decimali di precisione)
"votes_count" => numero di voti totali
"user_has_voted" => boolean se l'utente corrente ha gia' votato */
function getPollData()
{
global $currentUser;
// Cache
if ($this->poll_data == null) {
$poll_info = unserialize($this->getRaw('poll'));
$choices = array();
$votes_count = 0;
$user_has_voted = false;
foreach ($poll_info as $id => $value) {
// id = numero, value = stringa descrivente la scelta
$choices[] = array("id" => $id, "descr" => $value, "votes" => 0, "percentage" => 0);
}
// Prende i voti dal database
$q = exequery("SELECT user_id, vote FROM forum_poll WHERE topic_id = {$this['id']}");
while ($values = mysqli_fetch_array($q)) {
$choices[$values['vote']]['votes']++;
// perche' indice == id
$votes_count++;
if ($values['user_id'] == $currentUser['id']) {
$user_has_voted = true;
}
}
// Calcola le percentuali
if ($votes_count > 0) {
foreach ($choices as $id => &$values) {
$values['percentage'] = round((double) $values['votes'] / (double) $votes_count, 4);
}
}
$this->poll_data = array("choices" => $choices, "votes_count" => $votes_count, "user_has_voted" => $user_has_voted);
}
return $this->poll_data;
}
public static function Add($text, $type)
{
global $currentUser;
$user_id = $currentUser->isLogged() ? $currentUser['id'] : null;
$ip = get_ip();
$timestamp = time();
$text = db_escape($text);
exequery("INSERT INTO logs (ip, `timestamp`, user_id, `text`, type) VALUES ('{$ip}', '{$timestamp}', {$user_id}, '{$text}', {$type})");
}
public static function getPublished()
{
$query = exequery(Guide::SELECT_SQL . " WHERE published = 1");
$array = array();
while ($g = mysqli_fetch_array($query, MYSQLI_ASSOC)) {
$array[] = new Guide($g);
}
return $array;
}
public function getAllChapters()
{
$qr = exequery(GuideChapter::SELECT_SQL . " WHERE guide_id={$this['id']} AND validated=1 ORDER BY chapter ASC");
$chapters = array();
while ($values = mysqli_fetch_array($qr, MYSQLI_ASSOC)) {
$chapters[] = new GuideChapter($values, $this->link);
}
return $chapters;
}
function deptListTree($PARENT_ID)
{
global $connection;
global $LOGIN_USER_ID;
global $LOGIN_DEPT_ID;
global $LOGIN_USER_PRIV;
global $PRIV_NO_FLAG;
global $PARA_URL;
global $PARA_TARGET;
global $PARA_ID;
global $PARA_VALUE;
global $showButton;
$query = "SELECT * from department where DEPT_PARENT='" . $PARENT_ID . "' order by DEPT_NO";
$cursor1 = exequery($connection, $query);
while ($ROW = mysql_fetch_array($cursor1)) {
$DEPT_ID1 = $ROW['DEPT_ID'];
$DEPT_NAME1 = $ROW['DEPT_NAME'];
$DEPT_NAME1 = htmlspecialchars($DEPT_NAME1);
$DEPT_NAME1 = str_replace("\"", """, $DEPT_NAME1);
$DEPT_NAME1 = stripslashes($DEPT_NAME1);
$CHILD_COUNT = 0;
$query = "SELECT 1 from department where DEPT_PARENT='" . $DEPT_ID1 . "'";
$cursor2 = exequery($connection, $query);
if ($ROW1 = mysql_fetch_array($cursor2)) {
++$CHILD_COUNT;
}
if ($PRIV_NO_FLAG) {
$DEPT_PRIV1 = is_dept_priv($DEPT_ID1);
} else {
$DEPT_PRIV1 = 1;
}
if ($DEPT_PRIV1 == 1) {
$XML_TEXT_DEPT .= "<TreeNode id=\"" . $DEPT_ID1 . "\" text=\"[{$DEPT_NAME1}]\" ";
} else {
$XML_TEXT_DEPT .= "<TreeNode id=\"" . $DEPT_ID1 . "\" text=\"{$DEPT_NAME1}\" ";
}
if ($showButton) {
$XML_TEXT_DEPT .= "onclick=\"click_node('" . $DEPT_ID1 . "',this.checked,'{$PARA_ID}','" . str_replace(".", "&", $PARA_VALUE) . "');\" ";
}
if ($PARA_URL != "" && $DEPT_PRIV1 == 1) {
if ($PARA_ID == "") {
$URL = "{$PARA_URL}?DEPT_ID={$DEPT_ID1}";
} else {
$URL = "{$PARA_URL}?DEPT_ID={$DEPT_ID1}&{$PARA_ID}=" . str_replace(".", "&", $PARA_VALUE);
}
$XML_TEXT_DEPT .= "href=\"" . $URL . "\" target=\"{$PARA_TARGET}\"";
} else {
$XML_TEXT_DEPT .= "href=\"javascript:;\" target=\"_self\"";
}
$XML_TEXT_DEPT .= " img_src=\"../../../Framework/images/endnode.gif\" title=\"" . $DEPT_NAME1 . "\"";
if (0 < $CHILD_COUNT) {
$XML_TEXT_DEPT .= " Xml=\"tree.php?DEPT_ID=" . $DEPT_ID1 . "&PARA_URL={$PARA_URL}&PARA_TARGET={$PARA_TARGET}&PRIV_NO_FLAG={$PRIV_NO_FLAG}&PARA_ID={$PARA_ID}&PARA_VALUE={$PARA_VALUE}&showButton={$showButton}\"";
}
$XML_TEXT_DEPT .= "/>\n";
}
return $XML_TEXT_DEPT;
}
function add_task($file, $code)
{
$qry = "SELECT * FROM office_task WHERE TASK_CODE='{$code}'";
$csr = exequery(TD::conn(), $qry);
if ($row = mysql_fetch_array($csr)) {
} else {
$qry = "INSERT INTO `office_task` (`TASK_TYPE`, `INTERVAL`, `EXEC_TIME`, `LAST_EXEC`,\n\t\t\t\t`EXEC_FLAG`, `EXEC_MSG`, `TASK_URL`, `TASK_NAME`, `TASK_DESC`, `TASK_CODE`, `USE_FLAG`,\n\t\t\t\t`SYS_TASK`, `EXT_DATA`) VALUES(\n\t\t\t\t'0',\n\t\t\t\t1,\n\t\t\t\t'00:00:00',\n\t\t\t\t'0000-00-00 00:00:00',\n\t\t\t\t1,\n\t\t\t\t'0000-00-00 00:00:00',\n\t\t\t\t'{$file}',\n\t\t\t\t'即时通讯离线消息推送',\n\t\t\t\t'定时将OA精灵离线消息推送到微信企业号',\n\t\t\t\t'{$code}',\n\t\t\t\t'1',\n\t\t\t\t'0',\n\t\t\t\t'')";
exequery(TD::conn(), $qry);
//Add system parameter
include_once "inc/utility_all.php";
add_sys_para(array("WEIXINQY_MSGCHECK_TIME" => ""));
}
}
function getProdTypeList($DEPT_PARENT)
{
global $connection;
$sql = "select DEPT_ID,DEPT_NAME,DEPT_PARENT from department where DEPT_PARENT='{$DEPT_PARENT}' order by DEPT_PARENT asc ,DEPT_NO asc";
$cursor = exequery($connection, $sql);
while ($ROW = mysql_fetch_array($cursor)) {
$DEPT_ID = $ROW['DEPT_ID'];
$DEPT_NAME = $ROW['DEPT_NAME'];
$DEPT_PARENT = $ROW['DEPT_PARENT'];
$open = "false";
print "zNodes[zNodes.length]={id:{$DEPT_ID}, pId:{$DEPT_PARENT}, name:'{$DEPT_NAME}', ename:'{$DEPT_NAME}', open:{$open}};";
getProdTypeList($DEPT_ID);
}
}
public static function Find($name, $num_records = 20)
{
//Controllo dei parametri
validate_num($num_records);
db_escape(trim($name));
// Se non c'e' niente da cercare
if ($name == "") {
return array();
}
$q = exequery("SELECT user FROM users WHERE user LIKE'{$name}%' LIMIT {$num_records}");
$array = array();
while ($u = mysqli_fetch_array($q, MYSQLI_ASSOC)) {
$array[] = $u['user'];
}
return $array;
}
public function createUser($user_id)
{
$user_ids = "";
$user_arr = explode(",", $user_id);
foreach ($user_arr as $key => $value) {
$user_ids .= "'" . $value . "',";
}
$user_ids = rtrim($user_ids, ",");
$sync = array();
$query = "SELECT USER_ID,USER_NAME,DEPT_ID,DEPT_ID_OTHER,USER_PRIV_NAME,USER_PRIV,MOBIL_NO,SEX,TEL_NO_DEPT,EMAIL FROM USER where USER_ID IN (" . $user_ids . ")";
$cursor = exequery(TD::conn(), $query);
while ($ROW = mysql_fetch_array($cursor)) {
$USER_ID = $ROW['USER_ID'];
$USER_NAME = $ROW['USER_NAME'];
$DEPT_ID = $ROW['DEPT_ID'];
$DEPT_ID_OTHER = $ROW['DEPT_ID_OTHER'];
$USER_PRIV_NAME = $ROW['USER_PRIV_NAME'];
$USER_PRIV = $ROW['USER_PRIV'];
$MOBIL_NO = $ROW['MOBIL_NO'];
$SEX = $ROW['SEX'];
$TEL_NO_DEPT = $ROW['TEL_NO_DEPT'];
$EMAIL = $ROW['EMAIL'];
if ($EMAIL == "" && !preg_match("/^([+-]?)\\d*\\.?\\d+\$/", $MOBIL_NO)) {
$sync['failed'][] = sprintf("%s(%s)", $USER_NAME, $this->deptinfo[$DEPT_ID]['dept_name']);
} else {
$_dept = array();
$_dept[] = $this->deptinfo[$DEPT_ID]['weixin_dept_id'];
if ($DEPT_ID_OTHER != "") {
$_dept_arr = array_filter(explode(",", $DEPT_ID_OTHER));
foreach ($_dept_arr as $key => $value) {
$_dept[] = $this->deptinfo[$value]['weixin_dept_id'];
}
}
$rs = $this->postData($this->url['create'], array("userid" => $USER_ID, "name" => $USER_NAME, "department" => $_dept, "position" => $USER_PRIV_NAME, "mobile" => preg_match("/^([+-]?)\\d*\\.?\\d+\$/", $MOBIL_NO) ? $MOBIL_NO : "", "gender" => $SEX, "tel" => $TEL_NO_DEPT, "email" => $EMAIL));
if ($rs['errcode'] == 0) {
$sync['success'][] = sprintf("%s(%s)", $USER_NAME, $this->deptinfo[$DEPT_ID]['dept_name']);
} else {
if ($rs['errcode'] == 60102) {
$sync['exists'][] = sprintf("%s(%s)", $USER_NAME, $this->deptinfo[$DEPT_ID]['dept_name']);
}
}
}
}
parent::logs("user_import", serialize($sync));
return array("success" => count($sync['success']), "failed" => count($sync['failed']), "exists" => count($sync['exists']));
}
public function getPageNumber()
{
// Elenca tutti i posts nel thread fino a che non troviamo la nostra posizione...
// Ci dev'essere un modo migliore...?
$q = exequery("SELECT id FROM forum_posts \n\t\tWHERE root_topic = (SELECT root_topic FROM forum_posts WHERE id = {$this['id']}) ORDER BY id");
$position = 0;
$c = 1;
while ($res = mysqli_fetch_array($q)) {
if ($res['id'] == $this['id']) {
$position = $c;
break;
}
$c++;
}
if ($position == 0) {
return 1;
} else {
return floor(($position - 1) / Forum::POSTS_PER_PAGE + 1);
}
}
public static function AddReplyNotifications($post_id)
{
global $currentUser;
$post = new ForumPost($post_id);
// Lista di utenti che hanno risposto al topic, ma che non
// sono all'interno della skip list
$q = exequery("SELECT p.user_id as user_id, s.user_id as skip_user_id FROM forum_posts p \n\t\t\t\t\t\t\tLEFT OUTER JOIN forum_notifications_skip_list s ON (s.user_id = p.user_id AND s.topic_id = {$post['root_topic']}) \n\t\t\t\t\t\t\tWHERE p.root_topic = {$post['root_topic']} OR p.id = {$post['root_topic']} GROUP BY user_id\n\t\t\t\t\t\t\tUNION SELECT a.user_id AS user_id, NULL AS skip_user_id\n\t\t\t\t\t\t\tFROM forum_notifications_add_list a WHERE a.topic_id = {$post['root_topic']}\n\t\t\t");
// Una notifica a ciascuno, non fa male a nessuno
while ($values = mysqli_fetch_array($q)) {
if ($values['user_id'] == $currentUser['id']) {
continue;
}
//Skip noi stessi
if ($values['skip_user_id'] != null) {
continue;
}
//Skippa se richiesto
exequery("INSERT INTO forum_notifications (topic_id, user_id, notify_tm, post_id, page_num) \n\t\t\t \tVALUES ('{$post['root_topic']}','{$values['user_id']}'," . time() . ", {$post_id}, " . $post->getPageNumber() . ")");
}
//Rimuovi dalla lista di skip_notifications l'user che ha postato
exequery("DELETE FROM forum_notifications_skip_list \n\t\t\t \t\t\tWHERE user_id = {$currentUser['id']} AND topic_id = {$post['root_topic']}");
}
function get_file_folder_path($sort_id)
{
if ($sort_id == "0") {
return "根目录";
}
global $connection;
$path = "";
$query = "select SORT_PARENT,SORT_NAME from FILE_SORT where SORT_ID='" . $sort_id . "'";
$cursor = exequery($connection, $query);
if ($ROW = mysql_fetch_array($cursor)) {
$SORT_PARENT = $ROW['SORT_PARENT'];
$SORT_NAME = $ROW['SORT_NAME'];
if ($SORT_PARENT != 0) {
$path = get_file_folder_path($SORT_PARENT) . "/" . $SORT_NAME;
return $path;
}
$path = $SORT_NAME . $path;
}
return $path;
}
$cursor = exequery(TD::conn(), $query);
while ($ROW = mysql_fetch_array($cursor)) {
if (!find_id($USER_ID_STR, $ROW['USER_ID'])) {
$USER_ID_STR .= $ROW['USER_ID'] . ",";
}
}
}
$MY_ARRAY_DEPT = explode(",", $TO_ID);
$ARRAY_COUNT_DEPT = sizeof($MY_ARRAY_DEPT);
$I = 0;
for (; $I < $ARRAY_COUNT_DEPT; ++$I) {
if ($MY_ARRAY_DEPT[$I] == "") {
continue;
}
$query_d = "select USER_ID from USER where (NOT_LOGIN = 0 or NOT_MOBILE_LOGIN = 0) and find_in_set('" . $MY_ARRAY_DEPT[$I] . "',DEPT_ID_OTHER)";
$cursor_d = exequery(TD::conn(), $query_d);
while ($ROWD = mysql_fetch_array($cursor_d)) {
if (!find_id($USER_ID_STR, $ROWD['USER_ID'])) {
$USER_ID_STR .= $ROWD['USER_ID'] . ",";
}
}
}
$USER_ID_STR_ARRAY = explode(",", $USER_ID_STR);
$USER_ID_STR_ARRAY_COUNT = sizeof($USER_ID_STR_ARRAY);
$I = 0;
for (; $I < $USER_ID_STR_ARRAY_COUNT; ++$I) {
if (!($USER_ID_STR_ARRAY[$I] == "")) {
$FUNC_ID_STR = getfunmenubyuserid($USER_ID_STR_ARRAY[$I]);
if (!find_id($FUNC_ID_STR, 4)) {
$USER_ID_STR = str_replace($USER_ID_STR_ARRAY[$I], "", $USER_ID_STR);
}
public static function FindOne($sql)
{
$q = exequery($sql);
return mysqli_fetch_array($q, MYSQLI_ASSOC);
}
<?php
include_once "inc/conn.php";
include_once "inc/utility_all.php";
define("MSGCHECKTIME", "WEIXINQY_MSGCHECK_TIME");
$CUR_TIME = time();
$PARA_ARRAY = get_sys_para(MSGCHECKTIME, FALSE);
$MSG_CHK_TIME = intval(trim($PARA_ARRAY[MSGCHECKTIME]));
$BEGIN_TIME = $MSG_CHK_TIME <= 0 ? $CUR_TIME : $MSG_CHK_TIME;
$query = "SELECT FROM_UID,TO_UID,CONTENT,SEND_TIME FROM MESSAGE where REMIND_FLAG='1' and MSG_TYPE='1' and\n\t\t\t FROM_UID!=0 and TO_UID!=0 and SEND_TIME>'{$BEGIN_TIME}' and SEND_TIME<='{$CUR_TIME}' order by TO_UID,FROM_UID,SEND_TIME asc";
$cursor = exequery(TD::conn(), $query);
if (!$cursor) {
echo "-ERR ";
exit;
}
while ($ROW = mysql_fetch_array($cursor)) {
$FROM_UID = $ROW['FROM_UID'];
include_once "inc/utility_cache.php";
$FROM_USER_NAME = getuserinfobyuid($FROM_UID, "USER_NAME");
$TO_UID = $ROW['TO_UID'];
$CONTENT = $ROW['CONTENT'];
include_once "inc/itask/itask.php";
mobile_push_notification($TO_UID, $FROM_USER_NAME . _(":") . $CONTENT . _("【即时通讯离线消息】"), "msg");
}
set_sys_para(array(MSGCHECKTIME => $CUR_TIME));
$CUR_TIME_FORMAT = date("Y-m-d H:i:s", $CUR_TIME);
$qry = "UPDATE OFFICE_TASK SET LAST_EXEC='{$CUR_TIME_FORMAT}',EXEC_FLAG='1',EXEC_MSG='{$CUR_TIME_FORMAT}' WHERE TASK_CODE='inst_msg_offl_push'";
exequery(TD::conn(), $qry);
echo "+OK";
$message = db_escape(Charset::Utf8ToDB($_POST['message']));
$is_poll = isset($_POST['poll']);
// Le domande del sondaggio vengono memorizzate nel campo
// "poll" come array serializzato. Se "poll" e' null, allora
// vuol dire che il topic non e' un sondaggio
if ($is_poll) {
$poll_questions = explode("\n", trim(purify(Charset::Utf8ToDB($_POST['poll']))));
if (count($poll_questions) >= 2) {
$poll_data = db_escape(serialize($poll_questions));
} else {
// Numero di domande nel sondaggio non valido (< 2)
$poll_data = null;
}
}
if (!Forum::IsUserFlooding($currentUser)) {
exequery(sprintf("INSERT INTO forum_posts (user_id, argument, subject, message, type, post_date, last_post_date, ip, poll, replies) \n VALUES(%d, %d, '%s', '%s', %d, %d, %d, '%s', \"%s\", 0)", $currentUser['id'], $_POST['forum_id'], $subject, $message, Forum::TYPE_TOPIC, time(), time(), get_ip(), $poll_data));
$id = DB::LastId();
$topic = new Topic($id);
Forum::IncPostCountForUser($currentUser);
$response->set("topic_url", $topic->getUrl());
$response->setSuccess(true);
} else {
$response->setError("Attendi almeno " . Forum::FLOOD_SECONDS_LIMIT . " secondi tra un post e l'altro.");
}
} else {
$response->setError("Non sei loggato.");
}
} else {
$response->setError($av->getLastError());
}
$response->send();
validate_num($_POST['vote']);
$topic = new Topic($_POST['topic_id']);
if ($topic->isPoll() && $topic->isViewableBy($currentUser)) {
$poll_data = $topic->getPollData();
if (!$poll_data['user_has_voted']) {
// Voto valido?
$valid_vote = false;
foreach ($poll_data['choices'] as $choice) {
if ($choice['id'] == $_POST['vote']) {
$valid_vote = true;
break;
}
}
if ($valid_vote) {
// OK. Inseriamo il voto
exequery("INSERT INTO forum_poll (topic_id, user_id, vote)\n VALUES ({$topic['id']}, {$currentUser['id']}, {$_POST['vote']})");
// Ricarica il topic
$topic = new Topic($_POST['topic_id']);
$response->set("results_html", $topic->renderPollResults());
$response->setSuccess(true);
} else {
$response->setError("Voto non valido.");
}
} else {
$response->setError("Hai gia' votato.");
}
} else {
$response->setError("Non hai i permessi per votare questo sondaggio.");
}
} else {
$response->setError("Non sei loggato.");
/* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
$pagTitle = "Forum";
require_once "__inc__.php";
require_once ROOT_PATH . "header.php";
?>
<ul class="nav-list">
<?php
/* pierotofy: chiedo scusa per la confusione
root = nome categoria (Programming, Off-Topic, ecc.)
title = titolo canale
subject = descrizione canale forum
*/
$q = exequery("SELECT f.id, f.root, f.title, f.subject, f.private, f.priority FROM forum_arguments f\nWHERE root != 'Projects' ORDER BY priority");
$category = "";
while ($values = mysqli_fetch_array($q, MYSQLI_ASSOC)) {
// Inserisci i nomi della categoria quando necessario
if ($values['root'] != $category) {
$category = $values['root'];
echo '<li class="nav-title">' . $category . "</li>";
}
echo sprintf('<li><a class="nowrap has-children" href="/p/forum/%s/">%s</a></li>', $values['id'], $values['title']);
}
?>
</ul>
<?php
require_once ROOT_PATH . "footer.php";
<?php
include_once "enable.php";
echo "Aggiorno gli avatars... ";
exequery("UPDATE users SET avatar = CONCAT(id, \".png\") WHERE avatar IS NOT NULL");
echo "Fatto!<br/>";
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
/** Ricava il contenuto raw di un post (o topic) del forum
La richiesta dev'essere effettuata da un utente che ha i permessi per editare il post/topic
method: GET e POST combinato
params:
id (GET): id del post/topic
value (POST): nuovo contenuto
returns:
success => true|false
value => HTML contenente il nuovo post
*/
require_once "__inc__.php";
$response = new RestfulResponse("json");
validate_num($_GET['id']);
if ($currentUser->isLogged()) {
$q = exequery("SELECT argument, user_id FROM forum_posts WHERE id = {$_GET['id']}");
$values = mysqli_fetch_array($q);
// Puo' editare?
if ($currentUser->isModOfForum($values['argument']) || $currentUser["id"] == $values['user_id']) {
$message = db_escape(Charset::Utf8ToDB($_POST['value']));
exequery("UPDATE forum_posts SET message = '{$message}', edit_date = " . time() . ", edit_by = {$currentUser['id']}\n WHERE id = {$_GET['id']}");
$post = new ForumPost($_GET['id']);
$response->set("value", $post->getParsedMessage());
$response->setSuccess(true);
} else {
$response->setError("Non hai i permessi per modificare questo post");
}
} else {
$response->setError("Non loggato");
}
echo $response->send();
*/
require_once "__inc__.php";
$response = new RestfulResponse("json");
$av = new AutoValidator("frm-forum-reply", $_POST);
if ($av->validate()) {
if ($currentUser->isLogged()) {
// Valida i campi di input
validate_num($_POST['topic_id']);
$topic = new Topic($_POST['topic_id']);
$message = db_escape(Charset::Utf8ToDB($_POST['message']));
if (!Forum::IsUserFlooding($currentUser)) {
if (!$topic['locked']) {
// Trova il forum_id
$values = DB::FindOne("SELECT argument FROM forum_posts WHERE id = {$_POST['topic_id']}");
$forum_id = $values['argument'];
exequery(sprintf("INSERT INTO forum_posts (user_id, root_topic, argument, message, type, post_date, last_post_date, ip) \n VALUES(%d, %d, %d, '%s', %d, %d, %d, '%s')", $currentUser['id'], $_POST['topic_id'], $forum_id, $message, Forum::TYPE_POST, time(), time(), get_ip()));
$id = DB::LastId();
$post = new ForumPost($id);
Forum::UpdateTopicAfterReply($_POST['topic_id']);
Forum::IncPostCountForUser($currentUser);
Forum::AddReplyNotifications($post['id']);
$response->set("post_html", $post->render("forum/post.html"));
$response->setSuccess(true);
} else {
$response->setError("Il topic e' stato chiuso dal moderatore.");
}
} else {
$response->setError("Attendi almeno " . Forum::FLOOD_SECONDS_LIMIT . " secondi tra un post e l'altro.");
}
} else {
$response->setError("Non sei loggato.");
private function trashOperation($id_array, $option)
{
//Controllo che gli id dei messaggi siano numerici
foreach ($id_array as $id) {
validate_num($id);
}
//Controllo che i valori di $option siano corretti
if ($option != self::DELETE && $option != self::RESTORE) {
echo "Input invalido";
die;
}
//Scansiono l'array e aggiorno il campo di ogni messaggio
foreach ($id_array as $message_id) {
exequery("UPDATE messages SET deleted=" . ($option == self::DELETE ? 1 : 0) . " WHERE id={$message_id} AND to_id={$this->user_id}");
}
}
$response = new RestfulResponse("json");
$av = new AutoValidator("frm-register", $_POST);
if ($av->validate()) {
if (isset($_POST['question']) && $_POST['question'] == "10") {
$email = db_escape(purify(trim(Charset::Utf8ToDB($_POST['email']))));
$creds = LoginUtils::HashToCredentials(db_escape($_POST['hash']));
$username = db_escape(purify(trim(Charset::Utf8ToDB($creds['username']))));
$password = db_escape(purify(trim(Charset::Utf8ToDB($creds['password']))));
// Username libero?
if (!DB::FindOne("SELECT 1 FROM users WHERE user = \"{$username}\"")) {
// Legacy: Un timestamp sarebbe stato meglio, ma non dobbiamo fare nulla con questo dato, quindi va bene cosi'
$data = date("d/m/Y G:i");
$description = "Normal User";
$md5 = LoginUtils::Md5FromCredentials($username, $password);
// Tutto a posto
exequery(sprintf('INSERT INTO users (user, mail, ip, os_browser, date, description, permission, verified, md5, last_login_timestamp, last_login_ip, newsletter)
VALUES ("%s", "%s", "%s", "%s", "%s", "%s", %s, %s, "%s", %s, "%s", %s)', $username, $email, get_ip(), db_escape(purify($_SERVER["HTTP_USER_AGENT"])), $data, $description, User::PERMISSION_USER, 1, $md5, time(), get_ip(), 1));
// Logga l'utente
$currentUser = UserFactory::CreateFromCredentials($username, $password);
if ($currentUser->isLogged()) {
$response->setSuccess(true);
// Logga
Log::Info(sprintf("%s si e' registrato", $currentUser['username']));
$_SESSION['login_hash'] = $currentUser['md5'];
setcookie('login_hash', $currentUser['md5'], time() + 60 * 60 * 24 * 7, '/');
} else {
// Questo non dovrebbe succedere
$response->setError("E' successo un imprevisto durante la registrazione. Per favore segnala questo incidente ad un amministratore.");
}
} else {
$response->setError("L'username e' stato gia' preso. Scegline un'altro.");
}
function getWebhuddleScriptIDs()
{
if ($this['webhuddle_script_ids'] == null) {
// Lazy loading
$q = exequery("SELECT webhuddle_script_ids FROM users WHERE id = " . $this['id']);
$row = mysqli_fetch_array($q, MYSQLI_ASSOC);
$this['webhuddle_script_ids'] = unserialize($row['webhuddle_script_ids']);
}
return $this['webhuddle_script_ids'];
}
<?php
/* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
$pagSection = "Home";
require_once "__inc__.php";
require_once ROOT_PATH . "header.php";
?>
<h3>Ultimi topics</h3>
<ul class="nav-list" style="margin: 1em 0;">
<?php
// Ultimi topics nel forum
$q = exequery(Topic::SELECT_SQL . "WHERE a.private = 0 AND type = " . Forum::TYPE_TOPIC . " \n\t\t\t\tORDER BY last_post_date DESC LIMIT 0,15");
while ($values = mysqli_fetch_array($q)) {
$topic = new Topic($values);
?>
<li>
<a class="nowrap" href="<?php
echo $topic->getUrl();
?>
">
<span class="tag pull-right" style="margin-left: 0.5em;"><?php
echo $topic['argument_title'];
?>
</span>
<span class="bubble red pull-right"><?php
echo $topic['replies'];
?>
</span>
exit;
case "updateDept":
//( );
$department = new WeiXinQYDepartment();
$rs = $department->updateDept(array("id" => intval($_POST['dept_id']), "name" => td_iconv(addslashes($_POST['dept_name']), "UTF-8", MYOA_CHARSET), "parentid" => intval($_POST['dept_parentid'])));
echo json_encode($rs);
exit;
case "getDept":
//( );
$department = new WeiXinQYDepartment();
$rs = $department->getDept(intval($_GET['dept_id']));
}
exit;
}
$query = "SELECT COUNT(DEPT_ID) FROM DEPARTMENT WHERE WEIXIN_DEPT_ID > 0";
$cursor = exequery(TD::conn(), $query, TRUE);
$row = mysql_fetch_row($cursor);
$HTML_PAGE_TITLE = _("数据导入 - 组织架构初始化");
$HTML_PAGE_BASE_STYLE = FALSE;
include_once "inc/header.inc.php";
echo "<body>\r\n<link rel=\"stylesheet\" type=\"text/css\" href=\"";
echo MYOA_STATIC_SERVER;
echo "/static/js/bootstrap/css/bootstrap.css\">\r\n<link rel=\"stylesheet\" type=\"text/css\" href=\"";
echo MYOA_STATIC_SERVER;
echo "/static/modules/weixinqy/style.css\">\r\n<script type=\"text/javascript\" src=\"";
echo MYOA_JS_SERVER;
echo "/static/js/jquery-1.10.2/jquery.min.js";
echo $GZIP_POSTFIX;
echo "\"></script>\r\n<script type=\"text/javascript\">\r\n\$(function(){\r\n \$(\".func-item button\").on(\"click\", function(){\r\n \$(\".func-item button\").removeClass(\"btn-primary\");\r\n \$(\".func-item button i\").removeClass(\"icon-white\");\r\n \$(\".mod-func\").hide();\r\n var module = \$(this).attr(\"data-module\");\r\n \$(this).addClass(\"btn-primary\");\r\n \$(this).find(\"i\").addClass(\"icon-white\");\r\n \$(\"#mod-\" + module).show();\r\n });\r\n\r\n \$(\"#btn-init\").click(function(){\r\n \$(\"#dept-iframe\").contents().find(\"#btn-sync-dept\").click();\r\n \$(this).off().html('<i class=\"icon-refresh icon-white\"></i>";
echo _("正在初始化...");
echo "');\r\n });\r\n});\r\n</script>\r\n<div>\r\n <fieldset>\r\n <legend><h5>";
$USER_COUNT = 0;
$I = 0;
for (; $I < $files_count; ++$I) {
$array = explode(".", $files[$I]);
if (!($array[2] == "usr") && !(time() - $array[1] <= $ONLINE_REF_SEC + 5)) {
$UID_STR .= $array[0] . ",";
}
}
$DEPT_COUNT = 0;
$USER_COUNT = 0;
$DEPT_ID_PREV = "";
$USER_ID_STR = "";
$USER_NAME_STR = "";
$DEPT_NAME_STR = "";
$query = "SELECT USER_ID,USER_NAME,USER.DEPT_ID,DEPT_NAME from user,department,user_priv where find_in_set(UID,'" . $UID_STR . "') and user.USER_PRIV=user_priv.USER_PRIV and user.DEPT_ID=department.DEPT_ID order by DEPT_NO,department.DEPT_ID,PRIV_NO,USER_NO,USER_NAME";
$cursor = exequery($connection, $query);
while ($ROW = mysql_fetch_array($cursor)) {
$USER_ID = $ROW['USER_ID'];
$USER_NAME = $ROW['USER_NAME'];
$DEPT_ID = $ROW['DEPT_ID'];
if ($DEPT_ID_PREV != $DEPT_ID) {
$DEPT_NAME = $ROW['DEPT_NAME'];
++$DEPT_COUNT;
}
$DEPT_NAME_STR .= $DEPT_NAME . ",";
$DEPT_ID_PREV = $DEPT_ID;
$USER_ID_STR .= $USER_ID . ",";
$USER_NAME_STR .= $USER_NAME . ",";
++$USER_COUNT;
}
if (0 < $USER_COUNT) {
function mobile_push_notification($uid_sent, $content, $module, $options = NULL)
{
$org_content = $content;
$PARA_ARRAY = get_sys_para("MOBILE_PUSH_OPTION,PCONLINE_MOBILE_PUSH", FALSE);
while (list($PARA_NAME, $PARA_VALUE) = each(&$PARA_ARRAY)) {
${$PARA_NAME} = $PARA_VALUE;
}
if ($MOBILE_PUSH_OPTION == "1") {
if ($uid_sent == "") {
return;
}
if (substr($uid_sent, -1) != ",") {
$uid_sent .= ",";
}
$module = strtolower($module);
$mp_to_uids = td_trim($uid_sent);
$a_uid_sent = $a_unpush_uid = array();
$a_uid_sent = explode(",", $mp_to_uids);
if ($PCONLINE_MOBILE_PUSH == "0") {
$query = "select DISTINCT(UID) from user_online where UID in(" . $mp_to_uids . ") and CLIENT!=5 and CLIENT!=6";
$cursor = exequery(TD::conn(), $query);
while ($ROW = mysql_fetch_array($cursor)) {
$a_unpush_uid[] = $ROW['UID'];
}
foreach ($a_uid_sent as $k => $v) {
if (!($PCONLINE_MOBILE_PUSH == "0") && !is_array($a_unpush_uid) && !in_array($v, $a_unpush_uid)) {
unset($a_uid_sent[$k]);
}
}
$a_uid_sent = array_filter($a_uid_sent);
$uid_sent = implode(",", $a_uid_sent);
$uid_sent .= ",";
}
if ($module == "message") {
include_once "task/message_push/funcs.php";
$C_MOBILE_DEVICES = TD::get_cache("C_MOBILE_DEVICES");
if ($C_MOBILE_DEVICES === FALSE) {
rebuildmobilecache();
$C_MOBILE_DEVICES = TD::get_cache("C_MOBILE_DEVICES");
}
if ($C_MOBILE_DEVICES && 0 < count($C_MOBILE_DEVICES)) {
$M_STA = $M_ENT = array();
foreach ($a_uid_sent as $k => $v) {
if ($C_MOBILE_DEVICES[$v]) {
if ($C_MOBILE_DEVICES[$v]['client_ver'] == 1) {
$M_STA[$v][] = array("content" => $content, "module" => "message");
} else {
if ($C_MOBILE_DEVICES[$v]['client_ver'] == 2) {
$M_ENT[$v][] = array("content" => $content, "module" => "message");
}
}
}
}
}
tdmobilepush(array("sta" => $M_STA, "ent" => $M_ENT));
}
$content = $org_content = strip_tags($content);
if (strtolower(MYOA_CHARSET) != "utf-8") {
$content = td_iconv($content, MYOA_CHARSET, "UTF-8");
}
imtask("C^m^n^" . $uid_sent . "^" . $module . "^" . $content);
if (!$MYOA_WEIXINQY_PUSH_ACTIVE) {
$useble_module = array("email", "news", "notify");
if (!in_array($module, $useble_module)) {
$uid_sents = td_trim($uid_sent);
$query = "SELECT USER_ID FROM USER WHERE UID IN (" . $uid_sents . ")";
$cursor = exequery(TD::conn(), $query);
while ($ROW = mysql_fetch_array($cursor)) {
$user_id_arr[] = $ROW['USER_ID'];
}
wxqy_sms(array("user" => $user_id_arr, "module" => $module, "content" => $org_content));
}
}
}
}
