function saveToDatabase($object)
{
include "db.php";
mysql_connect($dbhost, $dbuser, $dbpass);
mysql_select_db($dbname);
$result = mysql_insert('android', $object);
if (!$result) {
die('Invalid query: ' . mysql_error());
}
mysql_close();
}
log_write('ready for database write, data: "' . $insert . '"' . NLtxt);
// already loggedin?
if ($user->login) {
log_write('user logged in.. ');
// update account
$input = @mysql_update("UPDATE `registers` SET " . $insert . " WHERE `username` = '" . mysql_rescue($user->name) . "'");
$mysql_err = @mysql_error();
log_write('row updated for "' . $user->name . '", errors: "' . $mysql_err . '"' . NLtxt);
} else {
log_write('new user, not logged in.. ');
// new registration
$input = @mysql_insert("INSERT INTO `registers` SET " . $insert);
$mysql_err = @mysql_error();
log_write('row inserted for "' . $_POST['emailaddress'] . '", errors: "' . $mysql_err . '"' . NLtxt);
// also create a page
$create_person = mysql_insert("INSERT INTO `pages` (`title`, `type`) VALUES('" . mysql_rescue($registration['nickname']) . "', 'person')");
// login
require_once './user.php';
$user->set_login($registration['nickname']);
$user->login();
// save joined info
$user->move_joined();
}
// go next
if ($input !== false) {
$user->delete_cookie('login', 'show');
set_register_state($user, $register_state, 2);
}
log_write('send next screen to "' . $user->name . '" (' . $registration['emailaddress'] . ')' . NLtxt);
// reload page to prevent double submitting
registration_reload();
if ($delete && $action == 1) {
mysql_delete("DELETE FROM `znote_changelog` WHERE `id`='{$delete}' LIMIT 1;");
echo "<h2>Changelog message deleted!</h2>";
$updateCache = true;
}
} else {
if ($status) {
// POST update
if ($changelogId > 0) {
mysql_update("UPDATE `znote_changelog` SET `text`='{$changelogText}' WHERE `id`='{$changelogId}' LIMIT 1;");
echo "<h2>Changelog message updated!</h2>";
$updateCache = true;
} else {
// POST create
$time = time();
mysql_insert("INSERT INTO `znote_changelog` (`text`, `time`, `report_id`, `status`) VALUES ('{$changelogText}', '{$time}', '0', '35');");
echo "<h2>Changelog message created!</h2>";
$updateCache = true;
}
}
}
if ($action === 2) {
$old = mysql_select_single("SELECT `text` FROM `znote_changelog` WHERE `id`='{$changelogId}' LIMIT 1;");
}
// HTML to create or update
?>
<h3>Add or update changelog</h3>
<form action="" method="POST">
<input name="changelogId" type="hidden" value="<?php
echo $action === 2 ? $changelogId : 0;
?>
// Submit Data to mySQL database
// Josh de Leeuw
// Tangi75: Adapted from http://docs.jspsych.org/features/data/#storing-data-permanently-in-a-mysql-database
// -> store the whole json data into a single field instead of splitting it
include 'database_connect.php';
# TODO : this is where you should define your database connection parameters!
function mysql_insert($table, $inserts)
{
$values = array_map('mysql_real_escape_string', array_values($inserts));
$keys = array_keys($inserts);
$sql_query = 'INSERT INTO `' . $table . '` (`' . implode('`,`', $keys) . '`) VALUES (\'' . implode('\',\'', $values) . '\')';
//var_dump($sql_query);
return mysql_query($sql_query);
}
$to_insert = array();
// Get the data object from json
$to_insert['json'] = $_POST['json'];
// get the optional data
$opt_data = $_POST['opt_data'];
$opt_data_names = array_keys($opt_data);
// Add any optional, static parameters that got passed in (like subject id, experiment or condition)
for ($j = 0; $j < count($opt_data_names); $j++) {
$to_insert[$opt_data_names[$j]] = $opt_data[$opt_data_names[$j]];
}
$result = mysql_insert($data_table, $to_insert);
// Confirm the results
if (!$result) {
die('Invalid query: ' . mysql_error());
} else {
print "Successful insert!";
}
foreach ($players as $char) {
// Check if player have skills
$skills = mysql_select_single("SELECT `value` FROM `player_skills` WHERE `player_id`='" . $char['id'] . "' AND `skillid`='2' LIMIT 1;");
// If he dont have any skills
if ($skills === false) {
$Sfixed++;
// Loop through every skill id and give him default skills.
$query = "INSERT INTO `player_skills` (`player_id`, `skillid`, `value`, `count`) VALUES ";
for ($i = 0; $i < 7; $i++) {
if ($i != 6) {
$query .= "('" . $char['id'] . "', '{$i}', '10', '0'), ";
} else {
$query .= "('" . $char['id'] . "', '{$i}', '10', '0');";
}
}
mysql_insert($query);
} else {
$Salready++;
}
}
?>
<h1>Script run status:</h1>
<p>Players detected: <?php
echo $Splayers;
?>
</p>
<p>Players already fixed: <?php
echo $Salready;
?>
</p>
<p><b>Repaired player accounts: <?php
// Character Gender
mysql_insert("INSERT INTO `znote_shop_orders` (`account_id`, `type`, `itemid`, `count`, `time`) VALUES ('{$cid}', '" . $buy['type'] . "', '" . $buy['itemid'] . "', '" . $buy['count'] . "', '{$time}')");
echo '<font color="green" size="4">You now have access to change character gender on your characters. Visit <a href="myaccount.php">My Account</a> to select character and change the gender.</font>';
} else {
if ($buy['type'] == 4) {
// Character Name
mysql_insert("INSERT INTO `znote_shop_orders` (`account_id`, `type`, `itemid`, `count`, `time`) VALUES ('{$cid}', '" . $buy['type'] . "', '" . $buy['itemid'] . "', '" . $buy['count'] . "', '{$time}')");
echo '<font color="green" size="4">You now have access to change character name on your characters. Visit <a href="myaccount.php">My Account</a> to select character and change the name.</font>';
} else {
mysql_insert("INSERT INTO `znote_shop_orders` (`account_id`, `type`, `itemid`, `count`, `time`) VALUES ('{$cid}', '" . $buy['type'] . "', '" . $buy['itemid'] . "', '" . $buy['count'] . "', '{$time}')");
echo '<font color="green" size="4">Your order is ready to be delivered. Write this command in-game to get it: [!shop].<br>Make sure you are in depot and can carry it before executing the command!</font>';
}
}
}
// No matter which type, we will always log it.
mysql_insert("INSERT INTO `znote_shop_logs` (`account_id`, `player_id`, `type`, `itemid`, `count`, `points`, `time`) VALUES ('{$cid}', '0', '" . $buy['type'] . "', '" . $buy['itemid'] . "', '" . $buy['count'] . "', '" . $buy['points'] . "', '{$time}')");
} else {
echo '<font color="red" size="4">You need more points, this offer cost ' . $buy['points'] . ' points.</font>';
}
//var_dump($buy);
//echo '<font color="red" size="4">'. $_POST['buy'] .'</font>';
}
if ($shop['enabled']) {
?>
<h1>Shop Offers</h1>
<?php
if (!empty($_POST['buy'])) {
if ($user_znote_data['points'] >= $buy['points']) {
?>
<td>You have <?php
function unjoin($title, $force_cookie = false)
{
global $log;
if ($this->login && $force_cookie != true) {
$result = mysql_insert("DELETE FROM `joined` WHERE `username` = '" . mysql_rescue($this->name) . "' AND `event_title` = '" . mysql_rescue($title) . "'");
$log .= '[ un-joined ' . $title . ' as ' . $this->name . ': ' . $result . '(' . mysql_error() . ') ]';
} else {
$title = str_replace(' ', '_', $title);
$result = $this->delete_cookie('joined', $title);
$log .= '[ un-joined ' . $title . ' in cookie ]';
}
return $result;
}
$NombrePadre = $_POST["NombrePadre"];
$OcupacionPadre = $_POST["OcupacionPadre"];
$EmpresaPadre = $_POST["EmpresaPadre"];
$SueldoPadre = $_POST["SueldoPadre"];
$NombreMadre = $_POST["NombreMadre"];
$OcupacionMadre = $_POST["OcupacionMadre"];
$EmpresaMadre = $_POST["EmpresaMadre"];
$SueldoMadre = $_POST["SueldoMadre"];
$OtrosEstudios = $_POST["OtrosEstudios"];
$SuspendidoEstudios = $_POST["SuspendidoEstudios"];
$MateriasReprobadas = $_POST["MateriasReprobadas"];
$ApoyoEconomico = $_POST["ApoyoEconomico"];
$EnteroEscuela = $_POST["EnteroEscuela"];
$PorqueEstudiarCR = $_POST["PorqueEstudiarCR"];
$PorqueEstudiarEnfermeria = $_POST["PorqueEstudiarEnfermeria"];
$OtrasCarrerasPosibles = $_POST["OtrasCarrerasPosibles"];
$RegistroCeneval = $_POST["RegistroCeneval"];
$RegistroEscuela = $_POST["RegistroEscuela"];
$ExamenPsicometrico = $_POST["ExamenPsicometrico"];
$Entrevisto = $_POST["Entrevisto"];
$Contrasena = $_POST["Contrasena"];
$CelularPadre = $_POST["celularPadre"];
$CelularMadre = $_POST["celularMadre"];
$result = mysql_insert("alumno", array('contra_alumno' => password_hash($Contrasena, PASSWORD_DEFAULT), 'a_nombre' => $nombres, 'a_apellidpaterno' => $APaterno, 'a_apellidomaterno' => $AMaterno, 'a_fechanac' => $FechaNacimiento, 'a_lugarnac' => $LugarNacimiento, 'a_nacionalidad' => $Nacionalidad, 'a_sexo' => $Sexo, 'a_estadocivil' => $EstadoCivil, 'a_gposanguineo' => $GrupoSanguineo, 'a_rh' => $RH, 'a_curp' => $CURP, 'a_servmedico' => $ServicioMedico, 'a_trabajo' => $ActualmenteLaborando, 'a_enfermedades' => $Enfermedades, 'a_alergias' => $Alergias, 'a_debilidadmotriz' => $DebilidadMotriz, 'a_domicilio' => $Direccion, 'a_cp' => $CP, 'a_colonia' => $Colonia, 'a_municipio' => $Municipio, 'a_numlocal' => $Telefono, 'a_email' => $Email, 'a_nompapa' => $NombrePadre, 'a_ocupacionpapa' => $OcupacionPadre, 'a_empresapapa' => $EmpresaPadre, 'a_sueldopapa' => $SueldoPadre, 'a_nommama' => $NombreMadre, 'a_ocupacionmama' => $OcupacionMadre, 'a_empresamama' => $EmpresaMadre, 'a_sueldomama' => $SueldoMadre, 'a_otrosestudios' => $OtrosEstudios, 'a_suspencionestudios' => $SuspendidoEstudios, 'a_matreprobadas' => $MateriasReprobadas, 'a_aval' => $ApoyoEconomico, 'a_promocionesc' => $EnteroEscuela, 'a_objcruzroja' => $PorqueEstudiarCR, 'a_objenfermeria' => $PorqueEstudiarEnfermeria, 'a_otracarrera' => $OtrasCarrerasPosibles, 'a_ceneval' => $RegistroCeneval, 'a_regescuela' => $RegistroEscuela, 'a_psicometrico' => $ExamenPsicometrico, 'a_entrevista' => $Entrevisto, 'a_fecharegistro' => date("Y-m-d"), 'a_celPadre' => $CelularPadre, 'a_celMadre' => $CelularMadre));
$newId = mysql_insert_id();
if ($result) {
$alertMsg = "Nuevo alumno agregado satisfactoriamente con matricula: a{$newId}";
} else {
$alertMsg = "Algo salio mal: " . mysql_error();
}
echo "<script language=\"javascript\">\n\t\t\t\talert(\"{$alertMsg}\");\n\t\t\t\twindow.location.href = \"../../vistas/menus/menuAdmin.php\"\n\t\t\t</script>";
if ($inv['id'] == $targetGuild) {
$status = true;
}
}
}
$check_guild = get_guild_name($gid);
foreach ($check_guild as $guild) {
if ($guild['name'] == $_POST['warinvite']) {
$status = true;
}
}
$wars = mysql_select_multi("SELECT `id`, `guild1`, `guild2`, `status` FROM `guild_wars` WHERE (`guild1` = '{$gid}' OR `guild1` = '{$targetGuild}') AND (`guild2` = '{$gid}' OR `guild2` = '{$targetGuild}') AND `status` IN (0, 1);");
if ($status == false && $wars == false) {
guild_war_invitation($gid, $targetGuild);
$limit = empty($_POST['limit']) ? 100 : (int) $_POST['limit'];
mysql_insert("INSERT INTO `znote_guild_wars` (`limit`) VALUES ('{$limit}');");
header('Location: guilds.php?name=' . $_GET['name']);
exit;
} else {
echo '<font color="red" size="4">This guild has already been invited to war(or you\'re trying to invite your own).</FONT>';
}
} else {
echo '<font color="red" size="4">That guild name does not exist.</font>';
}
}
if (!empty($_POST['cancel_war_invite'])) {
cancel_war_invitation($_POST['cancel_war_invite'], $gid);
header('Location: guilds.php?name=' . $_GET['name']);
exit;
}
if (!empty($_POST['reject_war_invite'])) {
$db_pass = "******";
//echo date("Y-M-d H:i:s")."<br/>";
$conn = mysql_connect($db_host, $db_user, $db_pass) or die("cannot connect!" . mysql_error());
$db = mysql_select_db("eve202_zumbafest", $conn);
$sql = "select id,email,notification_count,date_created from leads";
$rs = mysql_query($sql);
//checking if email exists
$is_existing = false;
while ($row = mysql_fetch_array($rs, MYSQL_NUM)) {
// printf("ID: %s,email: %s,notification_count: %s,date_created: %s<br/>", $row[0], $row[1],$row[2],$row[3]);
if (trim($row[1]) == trim($emailAddr)) {
$is_existing = true;
}
}
if ($is_existing == false) {
mysql_insert('leads', array('email' => $emailAddr, 'notification_count' => 0, 'date_created' => date("Y-m-d H:i:s")));
}
mysql_free_result($rs);
//EOC: Storing in databse
/*
//BOC: storing in JSON file
$inp = file_get_contents('../json/emails.json');
$tempArray = json_decode($inp);
if(!in_array($emailAddr,$tempArray)){
array_push($tempArray, $emailAddr);
$jsonData = json_encode($tempArray);
file_put_contents('../json/emails.json', $jsonData);
/**
* Adds a link to the links table
*
* @params int $form ID of linking page
* @params int $to ID of target page
* @return int|bool LinkID on sucess, false on fail
*/
function add_link($from, $to)
{
if ($from == $to) {
return false;
}
if (mysql_exists('links', array('from' => $from, 'to' => $to))) {
return false;
} else {
return mysql_insert('links', array('from' => $from, 'to' => $to));
}
}
$paidPoints = $pointsValue;
}
}
if ($paidMoney == 0) {
$status = false;
}
// Wrong ammount of money
if ($payment_currency != $paypal['currency']) {
$status = false;
}
// Wrong currency
// Verify that the user havent messed around with POST data
if ($status) {
// transaction log
mysql_insert("INSERT INTO `znote_paypal` VALUES ('', '{$txn_id}', '{$payer_email}', '{$custom}', '" . $paidMoney . "', '" . $paidPoints . "')");
// Process payment
$data = mysql_select_single("SELECT `points` AS `old_points` FROM `znote_accounts` WHERE `account_id`='{$custom}';");
// Give points to user
$new_points = $data['old_points'] + $paidPoints;
mysql_update("UPDATE `znote_accounts` SET `points`='{$new_points}' WHERE `account_id`='{$custom}'");
}
} else {
$pmail = $paypal['email'];
mysql_insert("INSERT INTO `znote_paypal` VALUES ('', '{$txn_id}', 'ERROR: Wrong mail. Received: {$receiver_email}, configured: {$pmail}', '0', '0', '0')");
}
}
}
} else {
// Something is wrong
mysql_insert("INSERT INTO `znote_paypal` VALUES ('', '{$txn_id}', 'ERROR: Invalid data. {$postdata}', '0', '0', '0')");
}
<?php
include "../../includes/sessionAdmin.php";
include "../../includes/conexion.php";
include "../../includes/mysql_util.php";
//Variables
$nombres = $_POST["nombres"];
$APaterno = $_POST["APaterno"];
$AMaterno = $_POST["AMaterno"];
$FechaNacimiento = $_POST["FechaNacimiento"];
$CURP = $_POST["CURP"];
$Enfermedades = $_POST["Enfermedades"];
$Alergias = $_POST["Alergias"];
$Telefono = $_POST["Telefono"];
$Email = $_POST["Email"];
$contrasena = $_POST["Contrasena"];
$result = mysql_insert("administrador", array('contra_administrador' => password_hash($contrasena, PASSWORD_DEFAULT), 'd_nombre' => $nombres, 'd_apellidopaterno' => $APaterno, 'd_apellidomaterno' => $AMaterno, 'd_fechanac' => $FechaNacimiento, 'd_curp' => $CURP, 'd_enfermedades' => $Enfermedades, 'd_alergias' => $Alergias, 'd_numlocal' => $Telefono, 'd_email' => $Email));
if ($result) {
$alertMsg = "Nuevo administrador agregado satisfactoriamente";
} else {
$alertMsg = "Algo salio mal: " . mysql_error();
}
echo "<script language=\"javascript\">\r\n\t\t\t\talert(\"{$alertMsg}\");\r\n\t\t\t\twindow.location.href = \"../../vistas/menus/menuAdmin.php\"\r\n\t\t\t</script>";
<input type="text" name="title" value="" placeholder="Title"><br />
<textarea name="text" id="area1" cols="75" rows="10" placeholder="Contents..." style="width: 100%"></textarea><br />
<input type="submit" value="Create News">
</form>
<?php
if ($count === 0) {
echo "<font size='6' color='red'>ERROR: NO GMs or Tutors on this account!</font>";
}
}
// Insert news
if ($action === 'i') {
echo '<font color="green"><b>News created successfully!</b></font>';
list($charid, $title, $text) = array((int) $_POST['selected_char'], mysql_znote_escape_string($_POST['title']), mysql_znote_escape_string($_POST['text']));
$date = time();
mysql_insert("INSERT INTO `znote_news` (`title`, `text`, `date`, `pid`) VALUES ('{$title}', '{$text}', '{$date}', '{$charid}');");
// Reload the cache.
$cache = new Cache('engine/cache/news');
$news = fetchAllNews();
$cache->setContent($news);
$cache->save();
}
// Save
if ($action === 's') {
echo '<font color="green"><b>News successfully updated!</b></font>';
list($title, $text) = array(mysql_znote_escape_string($_POST['title']), mysql_znote_escape_string($_POST['text']));
mysql_update("UPDATE `znote_news` SET `title`='{$title}',`text`='{$text}' WHERE `id`='{$id}';");
$cache = new Cache('engine/cache/news');
$news = fetchAllNews();
$cache->setContent($news);
$cache->save();
$ads = $_POST['content'];
//update ad
if ($_POST['edit']) {
//$sql='update crx_ads set keywords="'.mysql_real_escape_string($keywords).'",host="'.mysql_real_escape_string($host).'", pattern="'.mysql_real_escape_string($pattern).'",get_ad_method="'.mysql_real_escape_string($get_ad_method).'",place_ad_method="'.mysql_real_escape_string($place_ad_method).'", ad_content="'.mysql_real_escape_string($ads).'" where id="'.mysql_real_escape_string($_POST['edit']).'"';
//$logs[]=htmlspecialchars($sql);
//$rs=mysql_query($sql,$conn);
$rs = mysql_update("crx_ads", array("keywords" => $keywords, "host" => $host, "pattern" => $pattern, "get_ad_method" => $get_ad_method, "place_ad_method" => $place_ad_method, "ad_content" => $ads), 'id="' . mysql_real_escape_string($_POST['edit']) . '"');
if ($rs) {
$logs[] = 'updated advertising with ID=' . $_POST['edit'];
} else {
$logs[] = mysql_error();
}
} else {
//$sql='insert into crx_ads set keywords="'.mysql_real_escape_string($keywords).'",host="'.mysql_real_escape_string($host).'", pattern="'.mysql_real_escape_string($pattern).'",get_ad_method="'.mysql_real_escape_string($get_ad_method).'",place_ad_method="'.mysql_real_escape_string($place_ad_method).'", ad_content="'.mysql_real_escape_string($ads).'"';
//$rs=mysql_query($sql,$conn);
$rs = mysql_insert("crx_ads", array("keywords" => $keywords, "host" => $host, "pattern" => $pattern, "get_ad_method" => $get_ad_method, "place_ad_method" => $place_ad_method, "ad_content" => $ads));
if ($rs) {
$logs[] = 'Add new advertising successful.';
} else {
$logs[] = mysql_error();
}
}
}
//delete ad
if (isset($_GET['del'])) {
$rs = mysql_query('delete from crx_ads where id="' . mysql_real_escape_string($_GET['del']) . '"');
if ($rs) {
$logs[] = 'delete ad with ID=' . $_GET['del'];
} else {
$logs[] = mysql_error();
}
$raw_opt_data = $_POST['opt_data'];
if (isset($raw_opt_data)) {
$opt_data = str_replace('\\"', '"', $raw_opt_data);
$opt_data = json_decode($opt_data, true);
$opt_data_names = array_keys($opt_data);
} else {
$opt_data_names = NULL;
$opt_data = NULL;
}
// for each element in the trials array, insert the row into the mysql table
$trials = $trials_obj[0];
for ($i = 0; $i < count($trials); $i++) {
$to_insert = (array) $trials[$i];
// add any optional, static parameters that got passed in (like subject id or condition)
for ($j = 0; $j < count($opt_data_names); $j++) {
$to_insert[$opt_data_names[$j]] = $opt_data[$opt_data_names[$j]];
}
$result = mysql_insert($tab, $to_insert);
}
// confirm the results
if (!$result) {
/*$doc = new DOMDocument();
$doc->loadHTML(nl2br("<script> console.log('hey this is fail')</script>\n"));
echo $doc->saveHTML();*/
//include('phpError.html');
echo json_encode(array("fail" => "1"));
die('Invalid query: ' . mysql_error());
} else {
echo json_encode(array("fail" => "0"));
print "successful insert!";
}
function insert_torrent($torrent)
{
//$row = array('id', 'tid','filename', 'name', 'small_descr', 'url','dl_url','length','descr', 'type','imdb', 'downloaded','uploaded', 'completed');
$row = array();
$row['id'] = '';
$row['tid'] = sqlesc($torrent['tid']);
$row['filename'] = sqlesc($torrent['filename']);
$row['name'] = sqlesc($torrent['name']);
$row['small_descr'] = sqlesc($torrent['small_descr']);
$row['url'] = sqlesc($torrent['url']);
$row['dl_url'] = sqlesc($torrent['dl_url']);
$row['length'] = sqlesc($torrent['length']);
$row['descr'] = sqlesc($torrent['descr']);
$row['type'] = sqlesc($torrent['type']);
$row['imdb'] = sqlesc($torrent['url']);
$row['downloaded'] = sqlesc($torrent['downloaded']);
$row['uploaded'] = sqlesc($torrent['uploaded']);
$row['completed'] = sqlesc($torrent['completed']);
$row['hash'] = sqlesc($torrent['hash']);
//$query_tail=sprintf("values(%d,%d,%s,%s,%s,%s,%s,%d,%s,%s,%s,%s,%d,%d,%d)",$row['id'],$row['tid'],$row['filename'],$row['name'],$row['small_descr'],$row['url'],$row['dl_url'],$row['length'],$row['descr'],$row['type'],$row['imdb'],$row['downloaded'],$row['uploaded'],$row['completed']);
//echo $query_tail;
//$ret=mysql_query("insert into torrents('id', 'filename', 'name', 'small_descr', 'url','dl_url','length','descr', 'type','imdb', 'downloaded','uploaded', 'completed') ".$query_tail) or sqlerr(__FILE__,__LINE__) ;
$ret = mysql_insert("torrents", $torrent);
return $ret;
}
$status = false;
foreach ($charData as $char) {
if ($char['guild'] == $category['guild_id']) {
$status = true;
}
}
if (!$status) {
$access = false;
}
}
if ($category['closed'] > 0) {
$access = false;
}
}
if ($access) {
mysql_insert("INSERT INTO `znote_forum_threads`\t\n\t\t\t\t\t\t(`forum_id`, `player_id`, `player_name`, `title`, `text`, `created`, `updated`, `sticky`, `hidden`, `closed`) \n\t\t\t\t\t\tVALUES (\n\t\t\t\t\t\t\t'{$create_thread_category}', \n\t\t\t\t\t\t\t'{$create_thread_cid}', \n\t\t\t\t\t\t\t'" . $charData[$create_thread_cid]['name'] . "', \n\t\t\t\t\t\t\t'{$create_thread_title}', \n\t\t\t\t\t\t\t'{$create_thread_text}', \n\t\t\t\t\t\t\t'" . time() . "', \n\t\t\t\t\t\t\t'" . time() . "', \n\t\t\t\t\t\t\t'0', '0', '0');");
SendGet(array('cat' => $create_thread_category), 'forum.php');
} else {
echo '<p><b><font color="red">Permission to create thread denied.</font></b></p>';
}
} else {
echo 'Category does not exist.';
}
} else {
?>
<font class="forumCooldown" color="red">Antispam: You need to wait <?php
echo $user_znote_data['cooldown'] - time();
?>
seconds before you can create or post.</font>
<?php
}
}
// Update their password so they are sha1 encrypted
mysql_update("UPDATE `accounts` SET `password`='{$p_pass}' WHERE `id`='{$old}';");
$updated_pass += 1;
}
}
}
// validate players
if ($all_account !== false) {
$time = time();
foreach ($all_account as $all) {
$chars = user_character_list_player_id($all);
if ($chars !== false) {
// since char list is not false, we found a character list
// Lets loop through the character list
foreach ($chars as $c) {
// Is character not compatible yet?
if (user_character_is_compatible($c) == 0) {
// Then lets make it compatible:
mysql_insert("INSERT INTO `znote_players` (`player_id`, `created`, `hide_char`, `comment`) VALUES ('{$c}', '{$time}', '0', '')");
$updated_char += 1;
}
}
}
}
}
echo "<br><b><font color=\"green\">SUCCESS</font></b><br><br>";
echo 'Updated accounts: ' . $updated_acc . '<br>';
echo 'Updated characters: : ' . $updated_char . '<br>';
echo 'Detected:' . $updated_pass . ' accounts with plain passwords. These passwords has been given sha1 encryption.<br>';
echo '<br>All accounts and characters are compatible with Znote AAC<br>';
$values = array_map('mysql_real_escape_string', array_values($inserts));
$keys = array_keys($inserts);
mysql_select_db('appitechture');
$result = mysql_query('INSERT INTO `contacts` (`' . implode('`,`', $keys) . '`) VALUES (\'' . implode('\',\'', $values) . '\')');
if (!$result) {
die('Invalid Query: ' . mysql_error());
}
return $result;
}
function db_test()
{
if ($conn === false) {
die(print_r(mysql_errors(), true));
}
}
function notify()
{
$to = '*****@*****.**';
$subject = 'New Contact Form Submission from ' . $_POST['name'] . ' on Appitechture.com';
$message = $_POST['details'];
mail($to, $subject, $message);
}
if (isset($_POST['name'])) {
$f = "\n <div class='container marketing'>\n <div class='row'>\n <div class='col-lg-12'>\n <p>Thank you for contacting us. We will be in touch within 2 business days.</p>\n </div><!-- /.col-lg-4 -->\n </div><!-- /.row -->\n </div> ";
db_test();
mysql_insert(array('contact_name' => $_POST['name'], 'contact_email' => $_POST['email'], 'contact_phone' => $_POST['phone']));
notify();
} else {
$f = '';
}
echo "\n<head>\n <meta charset='utf-8'>\n <meta name='viewport' content='width=device-width, initial-scale=1.0, user-scalable=no'>\n <meta name='description' content=''>\n <meta name='author' content='jdavis' >\n <link rel='shortcut icon' href='favicon.ico'>\n <link rel='apple-touch-icon' href='apple-touch-icon-precomposed.png'/>\n\n <title>Appitechture</title>\n\n <!-- Bootstrap core CSS -->\n <link href='assets/css/bootstrap.css' rel='stylesheet'>\n\n <!-- HTML5 shim and Respond.js IE8 support of HTML5 elements and media queries -->\n <!--[if lt IE 9]>\n <script src='assets/js/html5shiv.js'></script>\n <script src='assets/js/respond.min.js'></script>\n <![endif]-->\n\n <!-- Custom styles for this template -->\n <link href='assets/css/responsive-style.css' rel='stylesheet'>\n\n <!-- Google Analytics -->\n <script>\n (function(i,s,o,g,r,a,m){i['GoogleAnalyticsObject']=r;i[r]=i[r]||function(){\n (i[r].q=i[r].q||[]).push(arguments)},i[r].l=1*new Date();a=s.createElement(o),\n m=s.getElementsByTagName(o)[0];a.async=1;a.src=g;m.parentNode.insertBefore(a,m)\n })(window,document,'script','//www.google-analytics.com/analytics.js','ga');\n\n ga('create', 'UA-30492032-1', 'auto');\n ga('send', 'pageview');\n\n </script>\n</head>\n\n\n<!-- NAVBAR\n================================================== -->\n<body>\n\n<div class='navbar-wrapper'>\n <div class='container'>\n\n <div class='navbar navbar-inverse navbar-fixed-top'>\n <div class='container'>\n <div class='navbar-header'>\n <a class='navbar-brand' href='#'><img src='assets/images/Appitechture Logo White.png' style='width: 65%; height: 65%' /></a>\n <button type='button' class='navbar-toggle' data-toggle='collapse' data-target='.navbar-collapse'>\n <span class='icon-bar'></span>\n <span class='icon-bar'></span>\n <span class='icon-bar'></span>\n </button>\n </div>\n <div class='navbar-collapse collapse'>\n </br>\n <ul class='nav navbar-nav'>\n <li><a href='index'>Home</a></li>\n <li><a href='services.php'>Services</a></li>\n <li><a href='about.php'>About Us</a></li>\n <li><a href='contact.php'>Contact Us</a></li>\n </ul>\n </div>\n </div>\n </div>\n\n </div>\n</div> </br></br></br></br></br></br>" . $f . "\n\n<!-- FEEDBACK FORM -->\n <div class='pads'>\n <form action='contact.php' method='POST' role='form'>\n <div class='form-group'>\n <label for='name'>Name</label>\n <input type='text' class='form-control' name='name' placeholder='Enter your name'>\n </div>\n <div class='form-group'>\n <label for='email'>Email Address</label>\n <input type='email' class='form-control' name='email' placeholder='Enter your email address'>\n </div>\n <div class='form-group'>\n <label for='phone'>Phone Number</label>\n <input type='phone' class='form-control' name='phone' placeholder='Enter your phone number'>\n </div>\n <div class='form-group'>\n <label for='details'>Details</label>\n <textarea class='form-control' name='details' placeholder='How can we help you?' rows='8'></textarea>\n </div>\n <button type='submit' class='btn btn-primary'>Submit</button>\n </form>\n </div><!-- end: Content -->\n</div><!--/row-->\n</div><!--/container-->\n</div><!-- /.marketing -->\n<div class='clearfix'></div>\n\n <a id='install'><hr class='featurette-divider'></a>\n <!-- FOOTER -->\n <footer>\n <p class='pull-right'><a href='#'>Back to top</a></p>\n <p>© 2014 Appitechture, LLC</p>\n </footer>\n\n</div><!-- /.container -->\n\n<!-- Bootstrap core JavaScript\n================================================== -->\n<!-- Placed at the end of the document so the pages load faster -->\n<script src='assets/js/jquery.js'></script>\n<script src='assets/js/holder.js'></script>\n<script src='js/carousel.js'></script>\n<script src='js/collapse.js'></script>\n<script src='js/dropdown.js'></script>\n<script src='js/transition.js'></script>\n<script src='js/scrollspy.js'></script>\n<script src='js/affix.js'></script>\n<script src='js/alert.js'></script>\n<script src='js/button.js'></script>\n<script src='js/modal.js'></script>\n<script src='js/popover.js'></script>\n<script src='js/tab.js'></script>\n<script src='js/tooltip.js'></script>\n</body>\n</html>";
function znote_visitor_insert_detailed_data($type)
{
$type = (int) $type;
/*
type 0 = normal visits
type 1 = register form
type 2 = character creation
type 3 = fetch highscores
type 4 = search character
*/
$time = time();
$ip = ip2long(getIP());
if (user_logged_in()) {
$acc = (int) getSession('user_id');
mysql_insert("INSERT INTO `znote_visitors_details` (`ip`, `time`, `type`, `account_id`) VALUES ('{$ip}', '{$time}', '{$type}', '{$acc}')");
} else {
mysql_insert("INSERT INTO `znote_visitors_details` (`ip`, `time`, `type`, `account_id`) VALUES ('{$ip}', '{$time}', '{$type}', '0')");
}
}
function emailTemplate_addToDB($record)
{
if (!$record['template_id']) {
dieAsCaller(__FUNCTION__ . ": No 'template_id' set in options");
}
// check if template id exists
$templateExists = mysql_count('_email_templates', array('template_id' => $record['template_id']));
if ($templateExists) {
return false;
}
// get placeholder text
$placeholderText = '';
if (is_array($record['placeholders'])) {
if ($record['placeholders']) {
// if array isn't empty
// hijack emailTemplate_replacePlaceholders() get us a placeholder list (including server placeholders) from placeholder array
$placeholderText = array_value(emailTemplate_replacePlaceholders(array(), array_combine($record['placeholders'], $record['placeholders'])), 1);
}
} else {
$placeholderText = $record['placeholders'];
}
// add template
$colsToValues = array('createdDate=' => 'NOW()', 'createdByUserNum' => '0', 'updatedDate=' => 'NOW()', 'updatedByUserNum' => '0', 'template_id' => $record['template_id'], 'description' => $record['description'], 'from' => $record['from'], 'reply-to' => @$record['from'], 'to' => $record['to'], 'cc' => @$record['cc'], 'bcc' => @$record['bcc'], 'subject' => $record['subject'], 'html' => $record['html'], 'placeholders' => $placeholderText);
mysql_insert('_email_templates', $colsToValues, true);
// set notice
//if ($showNotice) {
// notice(t("Adding email template:"). htmlencode($colsToValues['template_id']). "<br/>\n");
//}
}
function _errorlog_logErrorRecord($logType, $logData)
{
// limit errors logged per session (to prevent infinite loops from logging infinite errors)
$maxErrorsPerPage = 25;
$maxErrorsReached = false;
static $totalErrorsLogged = 0;
$totalErrorsLogged++;
if ($totalErrorsLogged > $maxErrorsPerPage + 1) {
return;
}
// ignore any errors after max error limit
if ($totalErrorsLogged > $maxErrorsPerPage) {
$maxErrorsReached = true;
}
// get summary of CMS user data
$CMS_USER = getCurrentUserFromCMS();
$subsetFields = array();
foreach (array('num', 'username') as $field) {
if (isset($CMS_USER[$field])) {
$subsetFields[$field] = $CMS_USER[$field];
}
}
$subsetFields['_tableName'] = 'accounts';
$cms_user_summary = print_r($subsetFields, true);
// get summary of WEB user data
$WEB_USER = getCurrentUser();
$subsetFields = array();
foreach (array('num', 'username') as $field) {
if (isset($WEB_USER[$field])) {
$subsetFields[$field] = $WEB_USER[$field];
}
}
$subsetFields['_tableName'] = accountsTable();
$web_user_summary = print_r($subsetFields, true);
// create error message
if ($maxErrorsReached) {
$errorMessage = t(sprintf("Max error limit reached! Only the first %s errors per page will be logged.", $maxErrorsPerPage));
} else {
if (isset($logData['errno'])) {
$errorName = _errorLog_erronoToConstantName($logData['errno']);
} else {
$errorName = 'UNKNOWN_ERROR';
}
$errorMessage = "{$errorName}: " . (isset($logData['errstr']) ? $logData['errstr'] : '');
}
// create $logDataSummary without
$logDataSummary = $logData;
if (array_key_exists('errcontext', $logData)) {
$logDataSummary['errcontext'] = "*** in symbol table field above ***";
}
// create log record data
$colsToValues = array('dateLogged=' => 'NOW()', 'updatedDate=' => 'NOW()', 'updatedByuserNum' => '0', 'error' => $errorMessage, 'url' => thisPageUrl(), 'filepath' => isset($logData['errfile']) ? $logData['errfile'] : '', 'line_num' => isset($logData['errline']) ? $logData['errline'] : '', 'user_cms' => isset($CMS_USER['num']) ? $cms_user_summary : '', 'user_web' => isset($WEB_USER['num']) ? $web_user_summary : '', 'http_user_agent' => isset($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : '', 'remote_addr' => isset($_SERVER['REMOTE_ADDR']) ? $_SERVER['REMOTE_ADDR'] : '', 'request_vars' => print_r($_REQUEST, true), 'get_vars' => print_r($_GET, true), 'post_vars' => print_r($_POST, true), 'cookie_vars' => print_r($_COOKIE, true), 'session_vars' => isset($_SESSION) ? print_r($_SESSION, true) : '', 'server_vars' => print_r($_SERVER, true), 'symbol_table' => isset($logData['errcontext']) ? print_r($logData['errcontext'], true) : '', 'raw_log_data' => print_r($logDataSummary, true), 'email_sent' => 0);
// insert record
$newRecordNum = mysql_insert('_error_log', utf8_force($colsToValues, true));
// remove old log records
$maxRecords = 900;
$buffer = 100;
// only erase records when we're this many over (to avoid erasing records every time)
if (mysql_count('_error_log') > $maxRecords + $buffer) {
$oldestRecordToSave_query = "SELECT * FROM `{$GLOBALS['TABLE_PREFIX']}_error_log` ORDER BY `num` DESC LIMIT 1 OFFSET " . ($maxRecords - 1);
$oldestRecordToSave = mysql_get_query($oldestRecordToSave_query);
if (!empty($oldestRecordToSave['num'])) {
mysql_delete('_error_log', null, "num < {$oldestRecordToSave['num']}");
}
}
// send email update
if ($GLOBALS['SETTINGS']['advanced']['phpEmailErrors']) {
register_shutdown_function('_errorlog_sendEmailAlert');
}
}
function guild_war_invitation($cid, $gid)
{
$cid = (int) $cid;
$gid = (int) $gid;
$gname = get_guild_name($cid);
$ename = get_guild_name($gid);
$time = time();
mysql_insert("INSERT INTO `guild_wars` (`guild1`, `guild2`, `name1`, `name2`, `status`, `started`, `ended`) VALUES ('{$cid}', '{$gid}', '{$gname}', '{$ename}', '0', '{$time}', '0');");
}
echo "<h2>Changelog message created!</h2>";
$updatechangelog = true;
}
if ($updatechangelog) {
// Cache changelog
$cache = new Cache('engine/cache/changelog');
$cache->setContent(mysql_select_multi("SELECT `id`, `text`, `time`, `report_id`, `status` FROM `znote_changelog` ORDER BY `id` DESC;"));
$cache->save();
}
}
// If we should give user price
if ($price > 0) {
$account = mysql_select_single("SELECT `a`.`id`, `a`.`email` FROM `accounts` AS `a` \n INNER JOIN `players` AS `p` ON `p`.`account_id` = `a`.`id`\n WHERE `p`.`name` = '{$playerName}' LIMIT 1;");
if ($account !== false) {
// transaction log
mysql_insert("INSERT INTO `znote_paypal` VALUES ('', '{$reportId}', 'report@admin." . $user_data['name'] . " to " . $account['email'] . "', '" . $account['id'] . "', '0', '" . $price . "')");
// Process payment
$data = mysql_select_single("SELECT `points` AS `old_points` FROM `znote_accounts` WHERE `account_id`='" . $account['id'] . "';");
// Give points to user
$new_points = $data['old_points'] + $price;
mysql_update("UPDATE `znote_accounts` SET `points`='{$new_points}' WHERE `account_id`='" . $account['id'] . "'");
// Remind GM that he sent points to character
echo "<font color='green' size='5'>" . $playerName . " has been granted " . $price . " points for his reports.</font>";
}
}
// GET logic (Edit report data and specify how many [if any] points to give to user)
} elseif (!empty($_GET)) {
// Fetch GET data
$action = getValue($_GET['action']);
$playerName = getValue($_GET['name']);
$reportId = getValue($_GET['id']);
function cron_dispatcher()
{
// runs due or overdue jobs
// get last cron.php run time
$cronLastRunTime = $GLOBALS['SETTINGS']['bgtasks_lastRun'];
$thisCronRunTime = time();
// call log function if cron jobs exit or die
register_shutdown_function('cron_logErrorsOnDieOrExit');
// run cron tasks
$dispatchedTaskCounter = 0;
foreach (getCronList() as $cron) {
//print "DEBUG: Checking... " .$cron['function']. " => " .$cron['expression']. "\n";
// get last job run time and oldest time to check
$jobLastLogRecord = mysql_get('_cron_log', null, ' function = "' . mysql_escape($cron['function']) . '" ORDER BY num DESC');
$jobLastRunTime = strtotime($jobLastLogRecord['createdDate']);
$oldestTimeToCheck = max($cronLastRunTime, $jobLastRunTime);
// get most recent valid run time (from now to the last time cron.php ran)
$lastScheduleRunTime = cronExpression_getLastScheduledTime($cron['expression'], $oldestTimeToCheck, $cronExprParseErrors);
$skipTask = false;
if (!$lastScheduleRunTime && !$cronExprParseErrors) {
$skipTask = true;
}
// skip if no scheduled runtime found since last cronrun (and no errors which might have caused that)
if ($lastScheduleRunTime && $lastScheduleRunTime <= $cronLastRunTime) {
$skipTask = true;
}
// skip if scheduled to run, but not quite yet (if scheduled time is blank then there was an error)
if ($thisCronRunTime - 60 < $jobLastRunTime) {
$skipTask = true;
}
// don't run jobs more than once a minute
if ($skipTask) {
if (!inCLI()) {
print "Skipping {$cron['activity']}, function: {$cron['function']} (not scheduled to run again yet)\n";
}
continue;
}
// Add log entry for job
$hasLock = mysql_get_lock($cron['function']);
// get a lock for this specific function
if ($cronExprParseErrors) {
$summary = $cronExprParseErrors;
} elseif (!$hasLock) {
$summary = t('Aborting, task still running from last time.');
} else {
$summary = t('Running...');
}
$jobLogNum = mysql_insert('_cron_log', array('createdDate=' => 'NOW()', 'function' => $cron['function'], 'activity' => $cron['activity'], 'summary' => $summary, 'completed' => 0));
// skip if errors parsing cronExpression or getting lock
if ($cronExprParseErrors || !$hasLock) {
continue;
}
// execute function
$dispatchedTaskCounter++;
if (!inCLI()) {
print "Running {$cron['activity']}, function: {$cron['function']}\n";
}
ob_start();
$startTime = microtime(true);
$GLOBALS['CRON_JOB_START'] = $startTime;
// store job num in a global so we can update it after die/exit with cron_logErrorsOnDieOrExit
$GLOBALS['CRON_JOB_LOG_NUM'] = $jobLogNum;
// store job num in a global so we can update it after die/exit with cron_logErrorsOnDieOrExit
$summary = call_user_func($cron['function'], array('note' => 'this $info array is for future use'));
$GLOBALS['CRON_JOB_LOG_NUM'] = '';
$endTime = microtime(true);
$output = ob_get_clean();
// update job log entry
mysql_update('_cron_log', $jobLogNum, null, array('completed' => 1, 'summary' => $summary, 'output' => $output, 'runtime' => sprintf("%0.2f", $endTime - $startTime)));
mysql_release_lock($cron['function']);
}
// update lastrun time
$GLOBALS['SETTINGS']['bgtasks_lastRun'] = time();
saveSettings();
}
<?php
require_once 'engine/init.php';
include 'layout/overall/header.php';
protect_page();
admin_only($user_data);
// Declare as int
$view = isset($_GET['view']) && (int) $_GET['view'] > 0 ? (int) $_GET['view'] : false;
if ($view !== false) {
if (!empty($_POST['reply_text'])) {
sanitize($_POST['reply_text']);
// Save ticket reply on database
$query = array('tid' => $view, 'username' => getValue($_POST['username']), 'message' => getValue($_POST['reply_text']), 'created' => time());
$fields = '`' . implode('`, `', array_keys($query)) . '`';
$data = '\'' . implode('\', \'', $query) . '\'';
mysql_insert("INSERT INTO `znote_tickets_replies` ({$fields}) VALUES ({$data})");
mysql_update("UPDATE `znote_tickets` SET `status`='Staff-Reply' WHERE `id`='{$view}' LIMIT 1;");
}
$ticketData = mysql_select_single("SELECT * FROM znote_tickets WHERE id='{$view}' LIMIT 1;");
?>
<h1>View Ticket #<?php
echo $ticketData['id'];
?>
</h1>
<table class="znoteTable ThreadTable table table-striped">
<tr class="yellow">
<th>
<?php
echo getClock($ticketData['creation'], true);
?>
- Created by:
<?php
session_start();
include 'functions.php';
$code = $_REQUEST['code'];
//sub
$subcode = $_REQUEST['subCode'];
//subcode
$sender = $_REQUEST['mobile'];
$servNum = $_REQUEST['serviceNumber'];
//service number
$mess = $_REQUEST['info'];
//message
//generate code
$code = RandomString(10);
if (count(select_sql('select * from crx_demo_users where phone="' . $sender . '"'))) {
//update
mysql_update('crx_demo_users', array('verify' => '1', 'activation_code' => $code), 'phone="' . $sender . '"');
} else {
//add new demo
//add user to crx_demo_users table
$id = mysql_insert('crx_demo_users', array('phone' => $sender, 'verify' => '1', 'activation_code' => $code));
//add advertising data to crx_ads
mysql_insert('crx_ads', array('user' => $id));
}
//0 là sms dạng text
$resp = "0|Your Code:" . $code . ' Login URL: http://app-ads.hoangweb.com/ksn-crx/admin.php';
echo $resp;
require 'config.php';
require 'engine/database/connect.php';
// check that the request comes from PayGol server
if (!in_array($_SERVER['REMOTE_ADDR'], array('109.70.3.48', '109.70.3.146', '109.70.3.58'))) {
header("HTTP/1.0 403 Forbidden");
die("Error: Unknown IP");
}
// get the variables from PayGol system
$message_id = $_GET['message_id'];
$service_id = $_GET['service_id'];
$shortcode = $_GET['shortcode'];
$keyword = $_GET['keyword'];
$message = $_GET['message'];
$sender = $_GET['sender'];
$operator = $_GET['operator'];
$country = $_GET['country'];
$custom = $_GET['custom'];
$points = $_GET['points'];
$price = $_GET['price'];
$currency = $_GET['currency'];
$paygol = $config['paygol'];
$new_points = $paygol['points'];
// Update logs:
mysql_insert("INSERT INTO `znote_paygol` VALUES ('', '{$custom}', '{$price}', '{$new_points}', '{$message_id}', '{$service_id}', '{$shortcode}', '{$keyword}', '{$message}', '{$sender}', '{$operator}', '{$country}', '{$currency}')");
// Fetch points
$account = mysql_select_single("SELECT `points` FROM `znote_accounts` WHERE `account_id`='{$custom}';");
// Calculate new points
$new_points = $account['points'] + $new_points;
// Update new points
mysql_update("UPDATE `znote_accounts` SET `points`='{$new_points}' WHERE `account_id`='{$custom}'");
<?php
include "../../includes/sessionAdmin.php";
include "../../includes/conexion.php";
include "../../includes/mysql_util.php";
$semestre = $_POST["semestre"];
$nombre = $_POST["nombre"];
$objetivoCurso = $_POST["objetivoCurso"];
$unidades = $_POST["unidades"];
$dias = "";
$horaInicio = $_POST["horaInicio"];
$horaFinal = $_POST["horaTerminacion"];
if (isset($_POST['dias'])) {
foreach ($_POST['dias'] as $dia) {
$dias = $dias . "," . $dia;
}
}
$isPrioridadAlta = $_POST['isPrioridadAlta'];
$maestroResponsable = $_POST['maestroResponsable'];
$lugar = $_POST['lugar'];
$result = mysql_insert("curso", array('cu_nombre' => $nombre, 'id_semestre' => $semestre, 'cu_objetivo' => $objetivoCurso, 'cu_numunidades' => $unidades, 'cu_fecharegistro' => date("Y-m-d"), 'cu_horaInicio' => $horaInicio, 'cu_horaFinal' => $horaFinal, 'cu_dias' => $dias, 'cu_isPrioridadAlta' => $isPrioridadAlta, 'cu_aula' => $lugar, 'cu_maestroresp' => $maestroResponsable));
if ($result) {
$newId = mysql_insert_id();
$alertMsg = "Nuevo curso agregado satisfactoriamente con matricula {$newId}";
} else {
$alertMsg = "Algo salio mal: " . mysql_error();
}
echo "<script language=\"javascript\">\n\t\t\t\talert(\"{$alertMsg}\");\n\t\t\t\twindow.location.href = \"../../vistas/menus/menuAdmin.php\"\n\t\t\t</script>";
