function getDispInfo($mid, $uid)
{
$userInfo = $this->where("uid={$uid}")->find();
$no = array("id", "uid");
foreach ($userInfo as $k => $v) {
if (!in_array($k, $no)) {
if (getPrivacy($v, $mid, $uid)) {
$k = getFieldName($k);
$userInfo_out[$k] = getValue($v);
}
}
}
return $userInfo_out;
}
function getDispInfo($mid, $uid)
{
$userInfo_o = $this->find($uid);
$no = array("id", "email", "passwd", "handle", "baseinfoprivacy", "admin_level", "active", "current_city", "current_area", "company", "school", "name");
foreach ($userInfo_o as $k => $v) {
if (!in_array($k, $no)) {
if ($v && $v != "null") {
if ($k == "current_province") {
$province_arr = explode("-", $v);
$privacy = getPrivNum($province_arr);
$v = $province_arr[0] . " " . $userInfo_o["current_city"] . " " . $userInfo_o["current_area"] . $privacy;
$k = "current";
}
if ($k == "sex") {
$sex_arr = explode("-", $v);
$privacy = getPrivnum($sex_arr);
$v = $sex_arr[0] == "1" ? "男" : "女";
$v .= $privacy;
}
if ($k == "status") {
$status_arr = explode("-", $v);
$privacy = getPrivNum($status_arr);
switch ($status_arr[0]) {
case "0":
$v = "其他" . $privacy;
break;
case "1":
$v = $userInfo_o["school"] . $privacy;
$k = "school";
break;
case "2":
$v = $userInfo_o["company"] . $privacy;
$k = "company";
break;
}
}
$userInfo[$k] = $v;
}
}
}
foreach ($userInfo as $k => $v) {
if (getPrivacy($v, $mid, $uid)) {
$k = getFieldName($k);
$userInfo_out[$k] = getValue($v);
}
}
return $userInfo_out;
}
<?php
//出力をUTF-8に設定
// mb_http_output ( 'UTF-8' );
require_once "_common.php";
//選択されたテーブル名の取得
$sTableName = $_GET['sTableName'];
//フィールド名の一覧取得
$iFieldCnt = 0;
if (!empty($sTableName)) {
$arsFieldName = getFieldName($sDbHostName, $sDbUserName, $sDbPassword, $sDbName, $sTableName);
$iFieldCnt = count($arsFieldName);
}
//フィールド情報が取得できた時だけ表示
if ($iFieldCnt > 0) {
print "<table border=\"0\" cellpadding=\"1\" cellspacing=\"1\">\n";
print "<tr>\n";
print "<td valign=\"bottom\" nowrap>\n";
//管理者権限のみ表示
if (isAdminAct($sActCd)) {
print "<span class=\"style1\">SELECT&<br>INSERT&<br>UPDATE項目</span></td>\n";
} else {
print "<span class=\"style1\">SELECT項目</span></td>\n";
}
print "<td valign=\"bottom\" nowrap>\n";
print "<span class=\"style1\">WHERE項目</span></td>";
print "<td valign=\"bottom\" nowrap>\n";
print "<span class=\"style1\">GROUP BY項目</span></td>";
print "<td valign=\"bottom\" nowrap>\n";
print "<span class=\"style1\">ORDER BY項目</span></td>";
print "</tr>\n";
<?php
require_once 'master_validation.php';
include_once 'lib/nangkoelib.php';
include_once 'lib/zLib.php';
# Get POST
$IDs = $_POST;
$namaKeg = $_POST['namakegiatan'];
$uom = $_POST['satuan'];
unset($IDs['namakegiatan']);
unset($IDs['satuan']);
# Get Header
$tmpField = getFieldName('setup_kegiatannorma', 'array');
$tmpPrim = getPrimary($dbname, 'setup_kegiatannorma');
$fieldNew = $field = array();
$fieldStr = "";
foreach ($tmpField as $row) {
if ($row != 'kodeorg' and $row != 'kodekegiatan' and $row != 'kelompok') {
$fieldNew[] = $field[] = $row;
$fieldStr .= "##" . $row;
if ($row == 'kodebarang') {
$fieldNew[] = 'namabarang';
$fieldStr .= "##namabarang";
}
}
}
$primaryStr = "";
foreach ($tmpPrim as $row) {
$primaryStr .= "##" . $row;
}
#======== Get Data
function _addInfoFeed($posts)
{
return false;
if (isset($posts['ts_hometown'])) {
$posts['ts_hometown'] = getAreaInfo($posts['ts_hometown'], $posts['ts_hometown']);
}
if (isset($posts['ts_areaval'])) {
$posts['ts_areaval'] = getAreaInfo($posts['ts_areaval'], $posts['ts_areaval']);
}
unset($posts['extra']);
foreach ($posts as $name => $v) {
if (strpos($name, "__") !== 0 && strpos($name, "old_") !== 0) {
//if(strcmp($posts["old_".$name],$post[$name]))
$update[$name] = $v;
}
}
if ($update["name"]) {
//更新session
$user["id"] = $this->mid;
$user["name"] = $update["name"];
$_SESSION["userInfo"] = serialize($user);
}
foreach ($update as $name => $v) {
if ($name == "sex") {
$v = $v ? "男" : "女";
}
if (getFieldName($name)) {
$feed_title .= "将" . getFieldName($name) . "改为 \"" . $v . "\",";
}
}
$feed_title = rtrim($feed_title, ",");
if ($feed_title) {
$title_data["content"] = $feed_title;
$feedId = $this->api->feed_publish("info", $title_data, $body_data);
}
}
function handleConfig($plugin)
{
global $service, $typeSchema, $pluginURL, $pluginPath, $pluginName, $configMappings, $configVal, $adminSkinSetting;
$context = Model_Context::getInstance();
$typeSchema = array('text', 'textarea', 'select', 'checkbox', 'radio');
$manifest = @file_get_contents(ROOT . "/plugins/{$plugin}/index.xml");
$xmls = new XMLStruct();
$CDSPval = '';
$i = 0;
$dfVal = Setting::fetchConfigVal(getCurrentSetting($plugin));
$name = '';
$clientData = '[';
$title = $plugin;
if ($manifest && $xmls->open($manifest)) {
$title = $xmls->getValue('/plugin/title[lang()]');
//설정 핸들러가 존재시 바꿈
$config = $xmls->selectNode('/plugin/binding/config[lang()]');
unset($xmls);
if (!empty($config['.attributes']['manifestHandler'])) {
$handler = $config['.attributes']['manifestHandler'];
$oldconfig = $config;
$context->setProperty('plugin.uri', $context->getProperty('service.path') . "/plugins/{$plugin}");
$context->setProperty('plugin.path', ROOT . "/plugins/{$plugin}");
$context->setProperty('plugin.name', $plugin);
$pluginURL = $context->getProperty('plugin.uri');
// Legacy plugin support.
$pluginPath = $context->getProperty('plugin.path');
$pluginName = $context->getProperty('plugin.name');
include_once ROOT . "/plugins/{$plugin}/index.php";
if (function_exists($handler)) {
if (!empty($configMappings[$plugin]['config'])) {
$configVal = getCurrentSetting($plugin);
$context->setProperty('plugin.config', Setting::fetchConfigVal($configVal));
} else {
$configVal = '';
$context->setProperty('plugin.config', array());
}
$manifest = call_user_func($handler, $plugin);
if (!is_null($languageDomain)) {
$locale->domain = $languageDomain;
}
}
$newXmls = new XMLStruct();
if ($newXmls->open($manifest)) {
unset($config);
$config = $newXmls->selectNode('/config[lang()]');
}
unset($newXmls);
}
if (is_null($config['fieldset'])) {
return array('code' => _t('설정 값이 없습니다.'), 'script' => '[]');
}
foreach ($config['fieldset'] as $fieldset) {
$legend = !empty($fieldset['.attributes']['legend']) ? htmlspecialchars($fieldset['.attributes']['legend']) : '';
$CDSPval .= CRLF . TAB . "<fieldset>" . CRLF . TAB . TAB . "<legend><span class=\"text\">{$legend}</span></legend>" . CRLF;
if (!empty($fieldset['field'])) {
foreach ($fieldset['field'] as $field) {
if (empty($field['.attributes']['name'])) {
continue;
}
$name = $field['.attributes']['name'];
$clientData .= getFieldName($field, $name);
$CDSPval .= TreatType($field, $dfVal, $name);
}
}
$CDSPval .= TAB . "</fieldset>" . CRLF;
}
} else {
$CDSPval = _t('설정 값이 없습니다.');
}
$clientData .= ']';
return array('code' => $CDSPval, 'script' => $clientData, 'title' => $title);
}
<?
function printSearchOnTable($TABLENAME, $fieldname, $texttofind, $order = '', $curpage = 0, $MAX_ROW = 1000)
{
//$MAX_ROW plese change this if required
global $dbname;
global $conn;
$offset = $curpage * $MAX_ROW;
//
$disp_page = $curpage + 1;
$field = getFieldName($TABLENAME, 'array');
if ($texttofind != '') {
$where = " where " . $fieldname . " like '%" . $texttofind . "%'";
} else {
$where = '';
}
$strXu = "select * from " . $dbname . "." . $TABLENAME . " " . $where . " order by " . $order . " limit " . $offset . "," . $MAX_ROW;
$resXu = mysql_query($strXu);
//get num rows of the query
//and create page navigator
$strXur = "select * from " . $dbname . "." . $TABLENAME . " " . $where;
$resXur = mysql_query($strXur);
$numrows = mysql_num_rows($resXur);
if ($numrows > $MAX_ROW) {
if ($numrows % $MAX_ROW != 0) {
$page = floor($numrows / $MAX_ROW) + 1;
} else {
$page = $numrows / $MAX_ROW;
}
} else {
$page = 1;
}
echo $_SESSION['lang']['page'] . " " . $disp_page . " " . $_SESSION['lang']['of'] . " " . $page . " (Max." . $MAX_ROW . "/" . $_SESSION['lang']['page'] . ")";
echo " [ " . $_SESSION['lang']['gotopage'] . ":<select id=page>";
for ($y = 0; $y < $page; $y++) {
echo "<option value=" . $y . ">" . ($y + 1) . "</option>";
}
echo "</select> <button onclick=\"navigatepage('" . $TABLENAME . "');\" class=mybutton>Go</button> ]";
echo "<table class=sortable cellspacing=1 border=0>\n\t <thead><tr class=rowheader>";
for ($x = 0; $x < count($field); $x++) {
echo "<td>" . $field[$x] . "</td>";
}
echo "</tr></thead><tbody>";
$num = 0;
while ($barXu = mysql_fetch_array($resXu)) {
echo "<tr class=rowcontent>";
for ($x = 0; $x < count($field); $x++) {
echo "<td>" . $barXu[$x] . "</td>";
}
echo "</tr>";
}
echo "</tbody><tfoot></tfoot></table>";
//echo "This function no longer available";
}
function showPost($res, $page = 0)
{
global $PTE;
$tmp_page = 0;
$p = 0;
$pte_vals = array();
$tree = file(TREEFILE);
$counttree = count($tree);
$find = false;
if ($res) {
for ($i = 0; $i < $counttree; $i++) {
list($artno, ) = explode(",", rtrim($tree[$i]));
if ($artno == $res) {
$st = $i;
$find = true;
break;
}
// 先搜尋欲回應之原文章
}
if (!$find) {
error("欲回應之文章並不存在!");
}
}
$line = file(DATAFILE);
$countline = count($line);
for ($i = 0; $i < $countline; $i++) {
list($no, ) = explode(",", $line[$i]);
$lineindex[$no] = $i + 1;
// 作成逆轉換標籤
}
if (!$res) {
// php動態生成討論串用
if ($page < 0 || $counttree && $page * PAGE_AMOUNT >= $counttree) {
error("對不起,您所要求的頁數並不存在");
}
// $page 超過範圍則顯示錯誤畫面,與MySQL版不同 (但預設值0不必擋)
$tmp_page = $page;
// 進行跳頁所用
}
$dat = '';
$tmprno = 0;
$pte_vals += array('{$TITLE}' => TITLE, '{$SELF}' => $_SERVER['PHP_SELF'], '{$FORM_NAME_FIELD}' => '<input class="hide" type="text" name="name" value="spammer" /><input type="text" name="' . getFieldName(true) . '" id="fname" size="28" />', '{$FORM_EMAIL_FIELD}' => '<input type="text" name="' . getFieldName() . '" id="femail" size="28" /><input type="text" class="hide" name="email" value="*****@*****.**" />', '{$FORM_TOPIC_FIELD}' => '<input class="hide" value="DO NOT FIX THIS" type="text" name="sub" /><input type="text" name="' . getFieldName() . '" id="fsub" size="28" />', '{$FORM_COMMENT_FIELD}' => '<textarea name="' . getFieldName() . '" id="fcom" cols="48" rows="4" style="width: 400px; height: 80px;"></textarea><textarea name="com" class="hide" cols="48" rows="4">EID OG SMAPS</textarea>');
$pte_vals['{$POSTS}'] = array();
if (!$res) {
$st = $tmp_page * PAGE_AMOUNT;
}
if ($res) {
$pte_vals['{$RESTO}'] = $res;
}
for ($i = $st; $i < $st + PAGE_AMOUNT; $i++) {
$fil = '';
$alert = '';
if (empty($tree[$i])) {
continue;
}
$treeline = explode(",", rtrim($tree[$i]));
$disptree = $treeline[0];
$j = $lineindex[$disptree] - 1;
// 在$j陣列搜尋該本文
if (empty($line[$j])) {
continue;
}
// 在$j之範圍外
list($no, $now, $name, $email, $sub, $com, $url, $host, $pwd, $ext, $w, $h, $time, $chk) = explode(",", $line[$j]);
if ($email) {
$name = "<a href=\"mailto:{$email}\">{$name}</a>";
}
$com = auto_link(quoteLight($com));
// 討論串所有回應生成
if (!$res) {
$s = count($treeline) - PAGE_AMOUNT;
if ($s < 1) {
$s = 1;
} elseif ($s > 1) {
$alert .= "<font color=\"#707070\">有回應 " . ($s - 1) . " 篇被省略。要閱讀所有回應請按下回應連結。</font><br>\n";
}
$RES_start = $s;
// 分頁開始回應指標
$RES_end = count($treeline);
// 分頁結束回應指標
} else {
// 回應模式
$RES_start = 1;
// 分頁開始回應指標
$RES_end = count($treeline);
// 分頁結束回應指標
if (PAGE_AMOUNT > 0) {
// PAGE_AMOUNT有設定 (開啟分頁)
$countresALL = count($treeline) - 1;
// 總回應數
if ($countresALL > 0) {
// 有回應才做分頁動作
if ($page == "RE_PAGE_MAX" && is_string($page)) {
// 特殊值:最末頁
$page = intval($countresALL / PAGE_AMOUNT);
// 最末頁資料指標位置
if (!($countresALL % PAGE_AMOUNT)) {
$page--;
}
// 如果回應數和一頁顯示取餘數=0,則-1
$RES_end = $countresALL + 1;
// 分頁結束回應指標
} elseif ($page == "all" && is_string($page)) {
// 特殊值:全部
$page = 0;
$RES_end = $countresALL + 1;
// 分頁結束回應指標
} else {
if ($page < 0) {
$page = 0;
}
// 負數要求惡搞合理化
if ($page * PAGE_AMOUNT >= $countresALL) {
error("對不起,您所要求的頁數並不存在");
}
// 超過最大筆數,顯示錯誤
$RES_end = ($page + 1) * PAGE_AMOUNT + 1;
// 分頁結束回應指標
}
$RES_start = $page * PAGE_AMOUNT + 1;
// 分頁開始回應指標
} else {
// 沒有回應的情況只允許page = 0 或負數(惡搞合理化)
if ($page > 0) {
error("對不起,您所要求的頁數並不存在");
}
}
}
}
$pte_vals['{$POSTS}'][$i] = array('{$NO}' => $no, '{$SUB}' => $sub, '{$NAME}' => $name, '{$NOW}' => $now, '{$COM}' => $com, '{$ALERT}' => $alert);
if (!$res) {
$pte_vals['{$POSTS}'][$i] += array('{$REPLYBTN}' => "[<a href=\"{$_SERVER['PHP_SELF']}?res={$no}\">回應</a>]");
}
$pte_vals['{$POSTS}'][$i]['{$RES}'] = array();
for ($k = $RES_start; $k < $RES_end; $k++) {
if ($k < 0 || $k > count($treeline) - 1) {
continue;
}
$disptree = $treeline[$k];
$j = $lineindex[$disptree] - 1;
if ($line[$j] == "") {
continue;
}
list($no, $now, $name, $email, $sub, $com, $url, $host, $pwd, $ext, $w, $h, $time, $chk) = explode(",", $line[$j]);
if ($email) {
$name = "<a href=\"mailto:{$email}\">{$name}</a>";
}
$com = auto_link(quoteLight($com));
$pte_vals['{$POSTS}'][$i]['{$RES}'][$k] = array('{$NO}' => $no, '{$SUB}' => $sub, '{$NAME}' => $name, '{$NOW}' => $now, '{$COM}' => $com);
}
$p++;
if ($res) {
break;
}
// 為回應模式時僅輸出單一討論串
}
$prev = $res ? ($page - 1) * PAGE_AMOUNT : $st - PAGE_AMOUNT;
$next = $res ? ($page + 1) * PAGE_AMOUNT : $st + PAGE_AMOUNT;
// 換頁判斷
if ($res) {
// 回應分頁
if (PAGE_AMOUNT > 0) {
// 回應分頁開啟
$dat .= "<table align='left' class='navi'><tr>";
if ($prev >= 0) {
$dat .= "<td><form action=\"{$_SERVER['PHP_SELF']}?res={$res}&page=" . $prev / PAGE_AMOUNT . "\" method=post><input type=submit value=\"上一頁\"></form></td><td>";
} else {
$dat .= "<td nowrap>第一頁</td><td>";
}
if ($countresALL == 0) {
// 無回應
$dat .= "[<b>0</b>] ";
} else {
$AllRes = isset($_GET['page']) && $_GET['page'] == "all";
for ($i = 0; $i < $countresALL; $i += PAGE_AMOUNT) {
if ($page == $i / PAGE_AMOUNT && !$AllRes) {
$dat .= "[<b>" . $i / PAGE_AMOUNT . "</b>] ";
} else {
$dat .= "[<a href=\"{$_SERVER['PHP_SELF']}?res={$res}&page=" . $i / PAGE_AMOUNT . "\">" . $i / PAGE_AMOUNT . "</a>] ";
}
}
$dat .= $AllRes ? "<span style='white-space: nowrap;'>[<b>全部</b>]</span> " : "<span style='white-space: nowrap;'>[<a href=\"{$_SERVER['PHP_SELF']}?res={$res}&page=all\">全部</a>]</span> ";
}
$dat .= "</td>";
if ($countresALL > $next && !$AllRes) {
$dat .= "<td><form action=\"{$_SERVER['PHP_SELF']}?res={$res}&page=" . $next / PAGE_AMOUNT . "\" method=post><input type=submit value=\"下一頁\"></form></td><td>";
} else {
$dat .= "<td nowrap>最後一頁</td>";
}
$dat .= "</tr></table><br clear='all'>\n";
}
} else {
// 一般分頁
$dat .= "<table align='left' class=\"navi\"><tr>";
if ($prev >= 0) {
if ($prev == 0) {
$dat .= "<td><form action=\"{$_SERVER['PHP_SELF']}\" method='get'>";
} else {
$dat .= "<td><form action=\"{$_SERVER['PHP_SELF']}?page=" . $prev / PAGE_AMOUNT . "\" method=post>";
}
// 直接用php生成
$dat .= "<input type=submit value=\"上一頁\">";
$dat .= "</form></td>";
} else {
$dat .= "<td nowrap>第一頁</td>";
}
$dat .= "<td>";
for ($i = 0; $i < $counttree; $i += PAGE_AMOUNT) {
if ($st == $i) {
$dat .= "[<b>" . $i / PAGE_AMOUNT . "</b>] ";
} else {
$dat .= "[<a href=\"{$_SERVER['PHP_SELF']}?page=" . $i / PAGE_AMOUNT . "\">" . $i / PAGE_AMOUNT . "</a>] ";
}
// 直接用php生成
}
$dat .= "</td>";
if ($p >= PAGE_AMOUNT && $counttree > $next) {
$dat .= "<td><form action=\"{$_SERVER['PHP_SELF']}?page=" . $next / PAGE_AMOUNT . "\" method=post>";
$dat .= "<input type=submit value=\"下一頁\">";
$dat .= "</form></td>";
} else {
$dat .= "<td nowrap>最後一頁</td>";
}
$dat .= "</tr></table><br clear=all>\n";
}
$pte_vals['{$PAGENAV}'] = $dat;
$pte_vals['{$FOOTER}'] = 'Rev: 1.1.2';
echo $PTE->ParseBlock('main', $pte_vals);
exit;
}
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
$commands = array("create", "alter", "drop", "insert", "update", "delete", "set", "show", "help", "grant", "revoke", "start", "transaction", "savepoint", "commit", "rollback");
$sql = $_POST['query'];
$matches = array();
$match_found = preg_match_all("/\\b(" . implode($commands, "|") . ")\\b/i", $sql, $matches);
if ($match_found) {
echo "denied";
} else {
$result = $conn->query($sql);
if ($result) {
if ($result->num_rows > 0) {
$fields = array();
while ($field_info = mysqli_fetch_field($result)) {
array_push($fields, getFieldName($field_info->name));
}
echo "<div class='col-lg-12 nova_consulta mostrar_todos'>\n\t\t\t\t\t<button type='button' id='nova_consulta' class='btn btn-primary'>\n\t\t\t\t\t\t<span>Realizar Nova Consulta</span>\n\t\t\t\t\t</button>\n\t\t\t\t</div>\n\t\t\t\t<table class='table table-striped consulta'> \n\t\t\t\t<thead> \n\t\t\t\t\t<tr>";
for ($index = 0; $index < mysqli_num_fields($result); $index++) {
echo "<th>" . $fields[$index] . "</th>";
}
echo "</tr>\n\t\t\t\t</thead>\n\t\t\t\t<tbody>\n\t\t\t\t\t<tr>";
for ($index = 0; $index < mysqli_num_fields($result); $index++) {
echo "<td><input class='form-control consulta_search' type='text' placeholder='" . $fields[$index] . "'></td>";
}
echo "</tr>";
// output data of each row
$index = 0;
while ($row = $result->fetch_array(MYSQLI_NUM)) {
echo "<tr>";
for ($index = 0; $index < mysqli_num_fields($result); $index++) {
