function nuRunQuery($s, $a = array(), $isInsert = false) { global $DBHost; global $DBName; global $DBUser; global $DBPassword; global $nuDB; if ($s == '') { $a = array(); $a[0] = $DBHost; $a[1] = $DBName; $a[2] = $DBUser; $a[3] = $DBPassword; return $a; } $object = $nuDB->prepare($s); try { $object->execute($a); } catch (PDOException $ex) { $user = nuV('nu_user_name'); $message = $ex->getMessage(); $array = debug_backtrace(); $trace = ''; for ($i = 0; $i < count($array); $i++) { $trace .= $array[$i]['file'] . ' - line ' . $array[$i]['line'] . ' (' . $array[$i]['function'] . ")\n\n"; } $debug = "\n===USER==========\n\n{$user}\n\n===PDO MESSAGE=== \n\n{$message}\n\n===SQL=========== \n\n{$s}\n\n===BACK TRACE====\n\n{$trace}\n\n"; nuDebug($debug); $id = $nuDB->lastInsertId(); if (nuV('nu_user_name') == 'globeadmin') { $GLOBALS['ERRORS'][] = $debug; } else { $GLOBALS['ERRORS'][] = "There has been an error on this page.\n Please contact your system administrator and quote the following number: {$id} "; } return -1; } if ($isInsert) { return $nuDB->lastInsertId(); } else { return $object; } }
function nuEmail($pPDForPHP, $pEmailTo, $pSubject, $pMessage, $hashData) { //-- Emails a PDF,PHP generated file or plain email (Requires hashdata of form to generate file from) if ($hashData == '') { $hashData = nuHashData(); } $session = $hashData['session_id']; $sql = "SELECT * FROM zzzsys_session INNER JOIN zzzsys_user ON sss_zzzsys_user_id = zzzsys_user_id WHERE zzzsys_session_id = '{$session}'"; $t = nuRunQuery($sql); $r = db_fetch_object($t); if ($r != null) { $fromname = $r->sus_name; $fromaddress = $r->sus_email; } else { $setup = $GLOBALS['nuSetup']; //-- Read SMTP AUTH Settings from zzsys_setup table $fromname = trim($setup->set_smtp_from_name); $fromaddress = trim($setup->set_smtp_from_address); } $filelist = array(); if ($hashData['nu_pdf_code'] != '') { nuV('code', $pPDForPHP); nuV('call_type', 'printpdf'); nuV('filename', $hashData['nu_email_file_name']); $hashData['parent_record_id'] = $hashData['nu_pdf_code']; $tmp_nu_file = nuPDForPHPParameters($hashData); $finfo = finfo_open(FILEINFO_MIME_TYPE); //-- check to see if the file being sent is a PDF file if (finfo_file($finfo, $tmp_nu_file) != 'application/pdf') { nuDisplayError(file_get_contents($tmp_nu_file, true)); finfo_close($finfo); return; } } else { if ($hashData['nu_php_code'] != '') { //-- Run PHP Code $s = "SELECT zzzsys_php_id, slp_php FROM zzzsys_php WHERE slp_code = '{$pPDForPHP}'"; $t = nuRunQuery($s); $r = db_fetch_object($t); $r->slp_php = nuGetSafePHP('slp_php', $r->zzzsys_php_id, $r->slp_php); $php = nuReplaceHashes($r->slp_php, $hashData); eval($php); return; } } if ($hashData['nu_pdf_code'] != '') { //-- File to attach, send with file $filelist[$hashData['nu_email_file_name']] = $tmp_nu_file; } /* if(!nuEmailValidateAddress($pEmailTo)) { //-- check to see if to field email is valid nuDisplayError("To Email validation failed"); return; } */ return nuSendEmail($pEmailTo, $fromaddress, $fromname, $pMessage, $pSubject, $filelist); }
function nuObjectJSON() { if (nuV('nu_user_name') != 'globeadmin') { return '[]'; } $j['object'] = array(); $j['form'] = array(); $j['report'] = array(); $j['php'] = array(); $i = nuV('form_id'); $s = "\tSELECT * \n\t\t\tFROM zzzsys_object \n\t\t\tWHERE sob_zzzsys_form_id = '{$i}'\n\t\t"; $t = nuRunQuery($s); while ($r = db_fetch_object($t)) { $j['object'][] = $r; } $s = "\tSELECT \n\t\t\tzzzsys_form_id AS id,\n\t\t\tsfo_name AS code,\n\t\t\tsfo_title AS description\n\t\t\tFROM zzzsys_form\n\t\t\tWHERE zzzsys_form_id NOT LIKE 'nu%'\n\t\t\tORDER BY sfo_name\n\t\t"; $t = nuRunQuery($s); while ($r = db_fetch_object($t)) { $j['form'][] = $r; } $s = "\tSELECT \n\t\t\tzzzsys_report_id AS id,\n\t\t\tsre_code AS code,\n\t\t\tsre_description AS description\n\t\t\tFROM zzzsys_report\n\t\t\tWHERE zzzsys_report_id NOT LIKE 'nu%'\n\t\t\tORDER BY sre_code\n\t\t"; $t = nuRunQuery($s); while ($r = db_fetch_object($t)) { $j['report'][] = $r; } $s = "\tSELECT \n\t\t\tzzzsys_php_id AS id,\n\t\t\tslp_code AS code,\n\t\t\tslp_description AS description\n\t\t\tFROM zzzsys_php\n\t\t\tWHERE zzzsys_php_id NOT LIKE 'nu%'\n\t\t\tORDER BY slp_code\n\t\t"; $t = nuRunQuery($s); while ($r = db_fetch_object($t)) { $j['php'][] = $r; } return json_encode($j); }