Example #1
0
function db_enter($table, $fields, $index = "id")
{
    global $editing, $language, $user;
    $fields = explode(" ", $fields);
    foreach ($fields as $field) {
        if ($field == "password") {
            //binary password
            if ($editing) {
                $query1[] = $field . " = PWDENCRYPT('" . $_POST[$field] . "')";
            } else {
                $query1[] = $field;
                $query2[] = $field . " = PWDENCRYPT('" . $_POST[$field] . "')";
            }
        } elseif (substr($field, 0, 1) == "#") {
            //numeric
            $field = substr($field, 1);
            if (empty($_POST[$field])) {
                $_POST[$field] = "NULL";
            }
            if ($editing) {
                $query1[] = $field . " = " . $_POST[$field];
            } else {
                $query1[] = $field;
                $query2[] = $_POST[$field];
            }
        } elseif (substr($field, 0, 1) == "*") {
            //date
            $field = substr($field, 1);
            if (isset($_POST["no" . $field])) {
                if ($editing) {
                    $query1[] = $field . " = NULL";
                } else {
                    $query1[] = $field;
                    $query2[] = "NULL";
                }
            } else {
                if ($editing) {
                    $query1[] = $field . " = " . format_post_date($field);
                } else {
                    $query1[] = $field;
                    $query2[] = format_post_date($field);
                }
            }
        } elseif (substr($field, 0, 1) == "@") {
            //file
            $field = substr($field, 1);
            if (isset($_POST[$field])) {
                //file posting is optional, from a php point of view
                if ($editing) {
                    $query1[] = $field . " = " . format_binary($_POST[$field]);
                } else {
                    $query1[] = $field;
                    $query2[] = format_binary($_POST[$field]);
                }
            }
        } elseif (substr($field, 0, 1) == "|") {
            //html
            $field = substr($field, 1);
            if (isset($_POST[$field])) {
                if ($editing) {
                    $query1[] = $field . " = " . format_html($_POST[$field]);
                } else {
                    $query1[] = $field;
                    $query2[] = "'" . format_html($_POST[$field]) . "'";
                }
            }
        } else {
            //text
            $_POST[$field] = trim($_POST[$field]);
            $_POST[$field] = empty($_POST[$field]) ? "NULL" : "'" . $_POST[$field] . "'";
            if ($editing) {
                $query1[] = $table . '.' . $field . " = " . $_POST[$field];
            } else {
                $query1[] = $table . '.' . $field;
                $query2[] = $_POST[$field];
            }
        }
    }
    if ($editing) {
        $query1[] = "updatedOn = GETDATE()";
        if (isset($_POST["updatedBy"])) {
            $query1[] = "updatedBy = " . $_POST["updatedBy"];
        } else {
            $query1[] = "updatedBy = " . $user["id"];
        }
        db_query("UPDATE " . $table . " SET " . implode(", ", $query1) . " WHERE " . $index . " = " . $_GET["id"]);
        return $_GET["id"];
    } else {
        $query1[] = "createdOn";
        $query2[] = "GETDATE()";
        $query1[] = "createdBy";
        $query2[] = isset($_POST["createdBy"]) ? $_POST["createdBy"] : $user["id"];
        $query1[] = "isActive";
        $query2[] = 1;
        $r = db_query("INSERT INTO " . $table . " ( " . implode(", ", $query1) . " ) VALUES ( " . implode(", ", $query2) . ")");
        return $r;
    }
}
Example #2
0
<?php

include "../../include.php";
if (url_action("delete")) {
    db_query("UPDATE press_releases SET \n\t\t\t\tdeleted_date = GETDATE(),\n\t\t\t\tdeleted_user = {$_SESSION["user_id"]},\n\t\t\t\tis_active = 0\n\t\t\tWHERE id = " . $_GET["id"]);
    url_drop();
} elseif ($posting) {
    $theuser_id = $page['is_admin'] ? $_POST["created_user"] : $_SESSION["user_id"];
    db_query("INSERT INTO press_releases (\n\t\theadline,\n\t\tdetail,\n\t\tlocation,\n\t\treleaseDate,\n\t\ttext,\n\t\tcorporationID,\n\t\tcreated_date,\n\t\tcreated_user,\n\t\tis_active\n\t) VALUES (\n\t\t'" . $_POST["headline"] . "',\n\t\t'" . $_POST["detail"] . "',\n\t\t'" . $_POST["location"] . "',\n\t\t" . format_post_date("releaseDate") . ",\n\t\t'" . format_html($_POST["text"]) . "',\n\t\t" . $_POST["corporationID"] . ",\n\t\tGETDATE(),\n\t\t" . $theuser_id . ",\n\t\t1\n\t)");
    url_change();
}
echo drawTop();
if (url_id()) {
    $r = db_grab("SELECT\n\t\t\theadline,\n\t\t\tdetail,\n\t\t\tlocation,\n\t\t\ttext,\n\t\t\treleaseDate\n\t\tFROM press_releases\n\t\tWHERE id = " . $_GET["id"]);
    ?>
	<table class="left" cellspacing="1">
		<?php 
    if ($page['is_admin']) {
        echo drawHeaderRow("Press Release", 1, "edit", "edit/?id=" . $_GET["id"]);
    } else {
        echo drawHeaderRow("Press Release", 1);
    }
    ?>
		<tr>
			<td style="padding:20px;" class="text">
				<h1><?php 
    echo $r["headline"];
    ?>
</h1>
				<b><?php 
    echo $r["detail"];
Example #3
0
function get_newsletter($multipart_boundary = null)
{
    require_once __DIR__ . '/../vendor/autoload.php';
    $loader = new Twig_Loader_Filesystem(get_template_directory() . '/inc/newsletter');
    $twig = new Twig_Environment($loader, array());
    $twig->addExtension(new Twig_Extensions_Extension_Intl());
    $twig->addExtension(new Twig_Extensions_Extension_Text());
    $twig->getExtension('Twig_Extension_Core')->setTimezone('Europe/Paris');
    if (have_rows('tb_newsletter_sections', 'option')) {
        $categories = [];
        $subcategories = [];
        $posts = [];
        while (have_rows('tb_newsletter_sections', 'option')) {
            the_row();
            foreach (get_sub_field('tb_newsletter_sections_items') as $post) {
                $category = get_post_top_category($post->ID);
                if ($category) {
                    $subcategory = get_sub_field('tb_newsletter_sections_title');
                    $categories[$category->term_id] = ['slug' => $category->slug, 'name' => $category->name, 'url' => get_category_link($category)];
                    $subcategories[$category->term_id][$subcategory->term_id] = $subcategory->name;
                    $posts[$category->term_id][$subcategory->term_id][] = ['post' => $post, 'author' => get_the_author_meta('display_name', $post->post_author), 'link' => get_post_permalink($post->ID), 'thumbnail' => wp_get_attachment_url(get_post_thumbnail_id($post->ID)), 'date_post' => format_post_date($post->post_date), 'event' => get_event_date($post->ID), 'place' => get_event_place($post->ID)];
                }
            }
        }
    }
    $params = ['intro' => get_field('tb_newsletter_introduction', 'option'), 'categories' => $categories, 'subcategories' => $subcategories, 'posts' => $posts, 'outro' => get_field('tb_newsletter_footer', 'option')];
    if ($multipart_boundary) {
        $params['boundary'] = $multipart_boundary;
        return $twig->render('newsletter-multipart.html', $params);
    } else {
        return $twig->render('newsletter-html.html', $params);
    }
}
Example #4
0
<?php

include "include.php";
if ($posting) {
    $checkoutStart = format_post_date("checkoutStart");
    $checkoutEnd = isset($_POST["noEndDate"]) ? "NULL" : format_post_date("checkoutEnd");
    $id = db_query("INSERT INTO it_laptops_checkouts ( \r\n\t\t\tcheckoutUser, \r\n\t\t\tcheckoutStart, \r\n\t\t\tcheckoutEnd, \r\n\t\t\tcheckoutNotes,\r\n\t\t\tcheckoutLaptopID\r\n\t\t) VALUES (\r\n\t\t\t{$_POST["checkoutUser"]},\r\n\t\t\t{$checkoutStart},\r\n\t\t\t{$checkoutEnd},\r\n\t\t\t'{$_POST["checkoutNotes"]}',\r\n\t\t\t{$_GET["id"]})");
    db_query("UPDATE it_laptops SET checkoutID = {$id}, laptopStatusID = 1 WHERE laptopID = " . $_GET["id"]);
    url_change("laptops.php");
}
echo drawTop();
?>
<table class="left" cellspacing="1">
	<?php 
echo drawHeaderRow("Check Laptop Out", 2);
?>
	
	<form method="post" action="<?php 
echo $request["path_query"];
?>
">
	<tr>
		<td class="left">Laptop</td>
		<td><b><a href="laptop.php?id=<?php 
echo $_GET["id"];
?>
"><?php 
echo db_grab("SELECT laptopName FROM it_laptops WHERE laptopID = " . $_GET["id"]);
?>
</a></b></td>
	</tr>