function write_req($_POST)
{
global $_SESSION;
# get vars
foreach ($_POST as $key => $value) {
${$key} = $value;
}
$user = $_SESSION["USER_NAME"];
# validate input
require_lib("validate");
$v = new validate();
if (!isset($to)) {
$v->addError("", "No user specified");
} else {
foreach ($to as $arr => $arrval) {
$v->isOk($arrval, "string", 1, 200, "Invalid recipient: {$arrval}");
}
}
$v->isOk($des, "string", 1, 200, "Invalid description.");
$v->isOk($user, "string", 1, 200, "Invalid user.");
# display errors, if any
if ($v->isError()) {
$confirmCust = "";
$errors = $v->getErrors();
foreach ($errors as $e) {
$confirmCust .= "<li class=err>" . $e["msg"];
}
return "{$confirmCust}</li></li>" . get_req();
}
$id += 0;
$date = date("Y-m-d");
$time = date("H:i:s");
db_conn('cubit');
if (in_array("_ALL_", $to)) {
$to = "";
$rslt = db_exec("SELECT username FROM users");
// if users found
if (pg_num_rows($rslt) > 0) {
while ($row = pg_fetch_array($rslt)) {
$to[] = $row["username"];
}
}
}
# write to db
// create the list of users the messages should get sent to
$msg_results = "";
foreach ($to as $arr => $arrval) {
db_conn('cubit');
$Sql = "INSERT INTO req (sender, recipient, message, timesent, viewed)\r\n\t\t\tVALUES ('{$user}','{$arrval}','{$des}',CURRENT_TIMESTAMP, 0)";
$Rslt = db_exec($Sql) or errDie("Unable to add to database.", SELF);
if (pg_cmdtuples($Rslt) < 1) {
return "Unable to access database.";
} else {
// if it isn't noticed that person has new messages, notify him
$rslt = db_exec("SELECT * from req_new WHERE for_user='******' ");
if (pg_num_rows($rslt) == 0) {
db_exec("INSERT INTO req_new VALUES('{$arrval}')");
}
$msg_results .= "<tr class=datacell><td>Your message has been sent to {$arrval}</td></tr>";
}
db_conn('crm');
$Sl = "INSERT INTO token_actions (token,action,donedate,donetime,doneby,donebyid)\r\n\t\tVALUES ('{$id}','Sent message to {$arrval}','{$date}','{$time}','" . USER_NAME . "','" . USER_ID . "')";
$Ry = db_exec($Sl) or errDie("Unable to insert query action.");
}
$OUTPUT .= "<script> window.opener.parent.mainframe.location.reload(); window.close(); </script>";
return $OUTPUT;
$write_req = "\r\n\t<table border=0 cellpadding='" . TMPL_tblCellPadding . "' cellspacing='" . TMPL_tblCellSpacing . "' width='50%'>\r\n\t<tr><th>Message proccessed</th></tr>\r\n\t{$msg_results}\r\n\t</table>";
return $write_req;
}
function write_req($_POST)
{
global $_SESSION;
# get vars
extract($_POST);
$user = $_SESSION["USER_NAME"];
# validate input
require_lib("validate");
$v = new validate();
if (!isset($to)) {
$v->addError("", "No user specified");
} else {
foreach ($to as $arr => $arrval) {
$v->isOk($arrval, "string", 1, 200, "Invalid recipient: {$arrval}");
}
}
// $v->isOk ($des,"string", 1,200, "Invalid message.");
$v->isOk($des, "text", 1, 200, "Invalid message.");
$v->isOk($user, "string", 1, 200, "Invalid user.");
# display errors, if any
if ($v->isError()) {
$confirmCust = "";
$errors = $v->getErrors();
foreach ($errors as $e) {
$confirmCust .= "<li class='err'>" . $e["msg"] . "</li>";
}
return $confirmCust . get_req();
}
db_conn('cubit');
// if should send to all, clear the $to list, and add all users
// it is cleared just incase sum1 selected All option together with another one
// since this could cause the same message sent to the same users twice!!!!
if (in_array("_ALL_", $to)) {
$to = "";
$rslt = db_exec("SELECT username FROM users");
// if users found
if (pg_num_rows($rslt) > 0) {
while ($row = pg_fetch_array($rslt)) {
$to[] = $row["username"];
}
}
}
# write to db
// create the list of users the messages should get sent to
$msg_results = "";
foreach ($to as $arr => $arrval) {
$Sql = "\n\t\t\tINSERT INTO req (\n\t\t\t\tsender, recipient, message, timesent, viewed\n\t\t\t) VALUES (\n\t\t\t\t'{$user}', '{$arrval}', '{$des}', CURRENT_TIMESTAMP, 0\n\t\t\t)";
$Rslt = db_exec($Sql) or errDie("Unable to add to database.", SELF);
if (pg_cmdtuples($Rslt) < 1) {
return "Unable to access database.";
} else {
// if it isn't noticed that person has new messages, notify him
$rslt = db_exec("SELECT * from req_new WHERE for_user='******' ");
if (pg_num_rows($rslt) == 0) {
db_exec("INSERT INTO req_new VALUES('{$arrval}')");
}
$msg_results .= "<tr class='datacell'><td>Your message has been sent to {$arrval}</td></tr>";
}
}
$write_req = "\n\t\t<table cellpadding='2' cellspacing='0' class='shtable'>\n\t\t\t<tr>\n\t\t\t\t<th>Message proccessed</th>\n\t\t\t</tr>\n\t\t\t<tr class='even'>\n\t\t\t\t<td>{$msg_results}</td>\n\t\t\t</tr>\n\t\t</table>\n\t\t<p>\n\t\t<table cellpadding='2' cellspacing='0' class='shtable'>\n\t\t\t<tr>\n\t\t\t\t<th>Quick Links</th>\n\t\t\t</tr>\n\t\t\t<tr class='odd'>\n\t\t\t\t<td><a href='" . SELF . "'>Send another message</a></td>\n\t\t\t</tr>\n\t\t\t<tr class='odd'>\n\t\t\t\t<td><a href='view_req.php'>View Messages</a></td>\n\t\t\t</tr>\n\t\t</table>";
return $write_req;
}
<?php
include 'PolicyManage/Public.php';
$arr_req = get_req();
if (!array_key_exists("Action", $arr_req) || $arr_req["Action"] != "Login") {
echo "1|错误号:20001,no action!";
} else {
#req: Action=Login&Account=ggg&Password=jj&Remember=1&_=
#rsp: 1|错误号:20005,登录名不存在或密码错误!。
#
if ($_SESSION["user_name"]) {
echo "1|OK";
#header("Location:NewMain.php");
} else {
if (!array_key_exists("Account", $arr_req) || !array_key_exists("Password", $arr_req)) {
echo "1|错误号:20002,没有登录名或密码!";
exit;
}
$mysqli = sql_connect();
$sql = "select u.id id, user, company_id, comname from user u left join company c on u.company_id=c.id where u.user='******' and u.password='******'";
$result = $mysqli->query("{$sql}");
if (!$result) {
echo "1|错误号:20003,系统异常!";
exit;
}
if ($row = $result->fetch_array()) {
$_SESSION["user_id"] = $row["id"];
$_SESSION["user_name"] = $row["user"];
#$_SESSION["company_id"] = $row["company_id"];
$_SESSION["user_company"] = $row["comname"];
#echo $_SESSION["user_id"]." j: ".$_SESSION["user_name"]." ".$_SESSION["user_company"];
function get_req($id, $level = 1, $end = false)
{
global $requeriments, $lang, $user, $planetrow, $resource;
$get_req = '';
if (is_array($requeriments[$id])) {
$n = 0;
$t = sizeof($requeriments[$id]);
foreach ($requeriments[$id] as $id1 => $level1) {
$n++;
if (!$end) {
$get_req .= "<div style=\"background-image:url('./img/techtree/tree_miss.png');width:" . ($level - 1) * 32 . "px;height:19px;left:0px;position:absolute;\"></div>\n";
} else {
$get_req .= "<div style=\"width:" . ($level - 1) * 32 . "px;height:19px;left:0px;position:absolute;\"></div>\n";
}
if ($n == $t) {
$get_req .= "<div style=\"background-image:url('./img/techtree/tree_bot.png');width:32px;height:19px;left:" . ($level - 1) * 32 . "px;position:absolute;\"></div>\n";
$end = true;
} else {
$get_req .= "<div style=\"background-image:url('./img/techtree/tree_branch.png');width:32px;height:19px;left:" . ($level - 1) * 32 . "px;position:absolute;\"></div>\n";
}
if ($user[$resource[$id1]] > 0) {
$clevel = $user[$resource[$id1]] * 1;
} else {
$clevel = $planetrow[$resource[$id1]] * 1;
}
$get_req .= "<div style=\"background:none;width:auto;height:19px;left:" . $level * 32 . "px;position:absolute;\">";
$get_req .= colourNumber(1 + $clevel - $level1, $clevel . " / " . $level1 . " - " . $lang['tech'][$id1]);
$get_req .= "</div><br />\n";
$get_req .= "\n\n";
$get_req .= get_req($id1, $level + 1, $end);
}
}
return $get_req;
}
