function index()
{
$this->data['title'] = ucfirst($this->title);
$this->data['page_title'] = $this->page_title;
permission();
$this->_render_page($this->filename, $this->data);
}
function fvote($id, $ajax = false)
{
global $db, $balken_vote_menu, $prev;
if (!permission("votes")) {
$intern = ' AND intern = 0';
}
$qry = db("SELECT * FROM " . $db['votes'] . " WHERE id = '" . $id . "' " . $intern . "");
$get = _fetch($qry);
if (_rows($qry)) {
$qryv = db("SELECT * FROM " . $db['vote_results'] . " WHERE vid = '" . $get['id'] . "' ORDER BY id ASC");
while ($getv = _fetch($qryv)) {
$stimmen = sum($db['vote_results'], " WHERE vid = '" . $get['id'] . "'", "stimmen");
if ($stimmen != 0) {
if (ipcheck("vid_" . $get['id']) || isset($_COOKIE[$prev . "vid_" . $get['id']]) || $get['closed'] == 1) {
$percent = round($getv['stimmen'] / $stimmen * 100, 1);
$rawpercent = round($getv['stimmen'] / $stimmen * 100, 0);
$balken = show(_votes_balken, array("width" => $rawpercent));
$votebutton = "";
$results .= show("forum/vote_results", array("answer" => re($getv['sel']), "percent" => $percent, "stimmen" => $getv['stimmen'], "balken" => $balken));
} else {
$votebutton = '<input id="contentSubmitFVote" type="submit" value="' . _button_value_vote . '" class="voteSubmit" />';
$results .= show("forum/vote_vote", array("id" => $getv['id'], "answer" => re($getv['sel'])));
}
} else {
$votebutton = '<input id="contentSubmitFVote" type="submit" value="' . _button_value_vote . '" class="voteSubmit" />';
$results .= show("forum/vote_vote", array("id" => $getv['id'], "answer" => re($getv['sel'])));
}
}
$qryf = db("SELECT id,kid FROM " . $db['f_threads'] . " WHERE vote = '" . $get['id'] . "'");
$getf = _fetch($qryf);
$vote = show("forum/vote", array("titel" => re($get['titel']), "vid" => $get['id'], "fid" => $getf['id'], "kid" => $getf['kid'], "umfrage" => _forum_vote, "results" => $results, "votebutton" => $votebutton, "stimmen" => $stimmen));
}
return empty($vote) ? '' : ($ajax ? $vote : '<div id="navFVote">' . $vote . '</div>');
}
function __construct()
{
parent::__construct();
if (!permission("logs", "extra")) {
redirect("admin");
}
}
function index()
{
$this->data['title'] = ucfirst($this->title);
$this->data['page_title'] = $this->page_title;
$this->data['period'] = getAll('payroll_period');
permission();
$this->_render_page($this->filename, $this->data);
}
function index()
{
$this->data['title'] = ucfirst($this->title);
$this->data['page_title'] = $this->page_title;
$this->data['component_type'] = $this->payroll->get_component_type();
$this->data['tax_component'] = $this->payroll->get_tax_component();
permission();
$this->_render_page($this->filename, $this->data);
}
function index()
{
$this->data['title'] = ucfirst($this->title);
$this->data['page_title'] = $this->page_title;
$filter = array('is_deleted' => 'where/0');
$this->data['p_component'] = $list_component = $this->all_model->GetAll('payroll_component', $filter);
permission();
$this->_render_page($this->filename, $this->data);
}
function index()
{
$this->data['title'] = ucfirst($this->title);
$this->data['page_title'] = $this->page_title;
$year_now = date('Y');
$this->data['period'] = $this->payroll->render_periode($year_now);
permission();
$this->_render_page($this->filename, $this->data);
}
function component_permission($json_data)
{
global $data;
if (!empty($json_data['permissions']) && is_array($json_data['permissions'])) {
$data['permissions'] = array();
foreach ($json_data['permissions'] as $type) {
$data['permissions'][$type] = permission($type);
}
}
}
public function delete($id)
{
if (permission("reports", "extra")) {
if ($id) {
$data = new Result($id);
$data->delete();
save_logs('delete', $id);
}
}
redirect("admin/reports");
}
function index()
{
$this->data['title'] = ucfirst($this->title);
$this->data['page_title'] = $this->page_title;
$year_now = date('Y');
$this->data['period'] = $this->payroll->render_periode($year_now);
$this->data['period'] = getAll('payroll_period', array('year' => 'order/asc', 'month' => 'order/asc'));
$this->data['ireg_comp'] = GetAllSelect('payroll_component', 'id, title', array('is_annualized' => 'where/0'));
permission();
$this->_render_page($this->filename, $this->data);
}
function index()
{
$this->data['title'] = ucfirst($this->title);
$this->data['page_title'] = $this->page_title;
$filter = array('is_deleted' => 'where/0', 'is_active' => 'where/1', 'component_type_id' => 'order/asc', 'code' => 'order/asc');
$this->data['p_component'] = $list_component = getAll('payroll_component', $filter)->result_array();
$filter = array('status_cd' => 'where/normal');
$this->data['job_class'] = $this->all_model->GetAll('hris_job_class', $filter, 'job_class_level');
//lastq();
permission();
$this->_render_page($this->filename, $this->data);
}
function index()
{
$this->data['title'] = ucfirst($this->title);
$this->data['page_title'] = $this->page_title;
permission();
$year_now = date('Y');
$this->data['period'] = $this->setup->render_periode($year_now);
$this->data['session'] = getAll('hris_global_sess', array('id' => 'order/desc'));
$this->data['ptkp'] = options_row('payroll', 'get_ptkp', 'id', 'title', '-- Choose Tax Status --');
$this->data['currency'] = options_row('payroll', 'get_currency', 'id', 'title', '-- Choose Currency --');
$this->data['tax_method'] = options_row('payroll', 'get_tax_method', 'id', 'title', '-- Choose Tax Method --');
$this->_render_page($this->filename, $this->data);
}
function edit()
{
$session_id = $this->input->post('session_id');
permission();
$filter = array('session_id' => 'where/' . $session_id);
$num_rows = getAll('payroll_umk', $filter)->num_rows();
//lastq();
$data = array('value' => str_replace(',', '', $this->input->post('value')), 'session_id' => $session_id);
if ($num_rows > 0) {
$this->db->where('session_id', $session_id)->update('payroll_umk', $data);
} else {
$this->db->insert('payroll_umk', $data);
}
return true;
}
function index()
{
$this->data['title'] = ucfirst($this->title);
$this->data['page_title'] = $this->page_title;
permission();
$year_now = date('Y');
//$this->data['period'] = $this->setup->render_periode($year_now);
$this->data['period'] = getAll('payroll_period', array('year' => 'order/asc', 'month' => 'order/asc'));
$this->data['options_group'] = options_row('payroll', 'get_group', 'id', 'title', '-- Choose Payroll Group --');
$filter = array('is_deleted' => 'where/0', 'is_active' => 'where/1');
$this->data['component'] = getAll('payroll_component', $filter)->result();
$this->data['ptkp'] = options_row('payroll', 'get_ptkp', 'id', 'title', '-- Choose Tax Status --');
$this->data['currency'] = options_row('payroll', 'get_currency', 'id', 'title', '-- Choose Currency --');
$this->data['tax_method'] = options_row('payroll', 'get_tax_method', 'id', 'title', '-- Choose Tax Method --');
$this->_render_page($this->filename, $this->data);
}
function newsticker()
{
global $db, $allowHover;
if (!permission("intnews")) {
$int = "AND intern = 0";
}
$qry = db("SELECT id,titel,autor,datum,kat FROM " . $db['news'] . " WHERE public = '1'AND datum <= '" . time() . "' " . $int . " ORDER BY id DESC LIMIT 20");
while ($get = _fetch($qry)) {
if ($allowHover == 1) {
$getkat = _fetch(db("SELECT kategorie FROM " . $db['newskat'] . " WHERE id = '" . $get['kat'] . "'"));
$info = 'onmouseover="DZCP.showInfo(\'<tr><td colspan=2 align=center padding=3 class=infoTop>' . jsconvert(re($get['titel'])) . '</td></tr><tr><td><b>' . _datum . ':</b></td><td>' . date("d.m.Y H:i", $get['datum']) . _uhr . '</td></tr><tr><td><b>' . _autor . ':</b></td><td>' . rawautor($get['autor']) . '</td></tr><tr><td><b>' . _news_admin_kat . ':</b></td><td>' . jsconvert(re($getkat['kategorie'])) . '</td></tr><tr><td><b>' . _comments_head . ':</b></td><td>' . cnt($db['newscomments'], "WHERE news = '" . $get['id'] . "'") . '</td></tr>\')" onmouseout="DZCP.hideInfo()"';
}
$news .= '<a href="../news/?action=show&id=' . $get['id'] . '" ' . $info . '>' . re($get['titel']) . '</a> | ';
}
return show("menu/newsticker", array("news" => $news));
}
function l_news()
{
global $db, $maxlnews, $lnews, $allowHover;
if (!permission("intnews")) {
$int = "AND intern = 0";
}
$qry = db("SELECT id,titel,autor,datum,kat,public,timeshift FROM " . $db['news'] . "\n WHERE public = 1\n\t\t\t\t\t\t\t AND datum <= " . time() . "\n\t\t\t " . $int . "\n ORDER BY id DESC\n LIMIT " . $maxlnews . "");
while ($get = _fetch($qry)) {
$qrykat = db("SELECT kategorie FROM " . $db['newskat'] . "\n WHERE id = '" . $get['kat'] . "'");
$getkat = _fetch($qrykat);
if ($allowHover == 1) {
$info = 'onmouseover="DZCP.showInfo(\'<tr><td colspan=2 align=center padding=3 class=infoTop>' . jsconvert(re($get['titel'])) . '</td></tr><tr><td><b>' . _datum . ':</b></td><td>' . date("d.m.Y H:i", $get['datum']) . _uhr . '</td></tr><tr><td><b>' . _autor . ':</b></td><td>' . rawautor($get['autor']) . '</td></tr><tr><td><b>' . _news_admin_kat . ':</b></td><td>' . jsconvert(re($getkat['kategorie'])) . '</td></tr><tr><td><b>' . _comments_head . ':</b></td><td>' . cnt($db['newscomments'], "WHERE news = '" . $get['id'] . "'") . '</td></tr>\')" onmouseout="DZCP.hideInfo()"';
}
$l_news .= show("menu/last_news", array("id" => $get['id'], "titel" => re(cut($get['titel'], $lnews)), "datum" => date("d.m.Y", $get['datum']), "info" => $info));
}
return empty($l_news) ? '' : '<table class="navContent" cellspacing="0">' . $l_news . '</table>';
}
function dir_list($dir)
{
if ($dir[strlen($dir) - 1] != '/') {
$dir .= '/';
}
if (!is_dir($dir)) {
return array();
}
$dir_handle = opendir($dir);
$dir_objects = array();
while ($object = readdir($dir_handle)) {
if (!in_array($object, array('.', '..'))) {
$filename = $dir . $object;
$file_object = array('name' => $object, 'size' => filesize($filename), 'perm' => permission($filename), 'type' => filetype($filename), 'time' => date("d F Y H:i:s", filemtime($filename)));
$dir_objects[] = $file_object;
}
}
return $dir_objects;
}
function shout($ajax = 0)
{
global $db, $maxshout, $lshouttext, $lshoutnick, $shout_max_zeichen, $userid, $chkMe;
$qry = db("SELECT * FROM " . $db['shout'] . "\n ORDER BY id DESC LIMIT " . $maxshout . "");
$i = 1;
while ($get = _fetch($qry)) {
$class = $color % 2 ? "navShoutContentFirst" : "navShoutContentSecond";
$color++;
if (permission("shoutbox")) {
$delete = '<a href="../shout/?action=admin&do=delete&id=' . $get['id'] . '" onclick="return(DZCP.del(\'' . _confirm_del_shout . '\'))"><img src="../inc/images/delete_small.gif" title="' . _button_title_del . '" alt="' . _button_title_del . '" /></a>';
} else {
$delete = "";
}
$is_num = preg_match("#\\d#", $get['email']);
if ($is_num && !check_email($get['email'])) {
$nick = autor($get['email'], "navShout");
} else {
$nick = '<a class="navShout" href="mailto:' . eMailAddr($get['email']) . '" title="' . $get['nick'] . '">' . cut($get['nick'], $lshoutnick) . '</a>';
}
$show .= show("menu/shout_part", array("nick" => $nick, "datum" => date("j.m.Y H:i", $get['datum']) . _uhr, "text" => bbcode(wrap(re($get['text']), $lshouttext)), "class" => $class, "del" => $delete));
$i++;
}
if (settings('reg_shout') == 1 && $chkMe == 'unlogged') {
$dis = ' style="text-align:center;cursor:wait" disabled="disabled"';
$dis1 = ' style="cursor:wait;color:#888" disabled="disabled"';
$only4reg = _shout_must_reg;
} else {
if ($chkMe == "unlogged") {
$form = show("menu/shout_form", array("dis" => $dis));
$sec = show("menu/shout_antispam", array("help" => _login_secure_help, "dis" => $dis));
} else {
$form = autor($userid, "navShout");
}
}
$add = show("menu/shout_add", array("form" => $form, "t_zeichen" => _zeichen, "noch" => _noch, "dis1" => $dis1, "dis" => $dis, "only4reg" => $only4reg, "security" => $sec, "zeichen" => $shout_max_zeichen));
$shout = show("menu/shout", array("shout" => $show, "shoutbox" => _shoutbox_head, "archiv" => _shoutbox_archiv, "add" => $add));
return empty($ajax) ? '<table class="navContent" cellspacing="0">' . $shout . '</table>' : $show;
}
function menu_execute($menu)
{
$arguments = array();
if (permission($menu['access'])) {
if (!empty($menu['file'])) {
include DROOT . '/src/' . $menu['file'];
}
if (isset($menu['args'])) {
foreach ($menu['args'] as $key) {
$arguments[] = arg($key);
}
}
if (isset($menu['jsonData'])) {
$request_body = file_get_contents('php://input');
if (!empty($request_body)) {
array_unshift($arguments, json_decode($request_body, TRUE));
}
}
call_user_func_array($menu['callback'], $arguments);
} else {
header('HTTP/1.1 403 Forbidden');
}
}
<?php
// Authentifizierung
if (isset($_COOKIE["nickname"]) && isset($_COOKIE["password"]) && login($_COOKIE["nickname"], $_COOKIE["password"]) && permission($_COOKIE["nickname"], "time_recording")) {
if (isset($_GET["section"]) && $_GET["section"] == "delete") {
$sql = "DELETE FROM time_recording WHERE id = " . $_GET["id"] . ";";
if ($conn->query($sql)) {
echo "Datensatz gelöscht.";
} else {
echo $conn->error;
}
}
// Daten einfügen nachMitarbeiter
if (isset($_POST["job"]) && $_POST["start"] != "" && $_POST["end"] != "") {
$zeit1 = strtotime($_POST["start"]);
$zeit2 = strtotime($_POST["end"]);
$difference = ($zeit2 - $zeit1) / 60 / 60;
} elseif (isset($_POST["job"])) {
$difference = $_POST["difference"];
}
if (isset($_POST["formular"]) && $_POST["formular"] == "nachMitarbeiterFormular" && isset($_POST["job"])) {
$sql = "INSERT INTO time_recording (employee, job, project, date, start, end, difference) VALUES ('" . $_POST["mitarbeiter"] . "','" . $_POST["job"] . "','" . $_POST["project"] . "','" . preg_replace('#^(\\d{2})\\.(\\d{2})\\.(\\d{4})$#', '\\3-\\2-\\1', $_POST["date"]) . "','" . $_POST["start"] . "','" . $_POST["end"] . "','" . $difference . "');";
$conn->query($sql) or die($conn->error);
}
// Daten einfügen nachProjekt
if (isset($_POST["formular"]) && $_POST["formular"] == "nachProjektFormular") {
$anz = count($_POST["employee"]);
for ($i = 0; $i < $anz; $i++) {
$sql = "INSERT INTO time_recording (employee, job, project, date, start, end, difference) VALUES ('" . $_POST["employee"][$i] . "','" . $_POST["job"] . "','" . $_POST["project"] . "','" . preg_replace('#^(\\d{2})\\.(\\d{2})\\.(\\d{4})$#', '\\3-\\2-\\1', $_POST["date"]) . "','" . $_POST["start"] . "','" . $_POST["end"] . "',{$difference});";
$conn->query($sql);
}
*
欢迎使用空气管理系统,作者首页www.kong-qi.com
本程序本着"简单是一种艺术,无师自通";
本程序未获得授权允许,请勿上线。
*
*/
if (!defined("KQ_WORK")) {
exit("非法操作");
}
if (!isset($_GET['id'])) {
new Alert("非法操作", "back");
exit;
} else {
$id = setdefensesql($_GET['id']);
}
if (!permission("order")) {
new Alert("没有权限操作", "back");
exit;
}
$sqlshow = $conn->selectall("" . DB_EXT . "winmsg", "where kq_uuid='" . $id . "'");
$show_r = dell_slashes($conn->result($sqlshow));
//本页配置信息
$pagename = "获奖";
$backurl = "win_list";
$addname = '';
$btnaction = "";
//提交状态
$actionurl = "action/ac_update.php";
$actionmd5 = md5("win_update");
?>
function getDirList($base)
{
$subbase = $base . '/';
$per = substr(sprintf('%o', fileperms($subbase)), -3);
$uper = substr($per, 0, 1);
$gper = substr($per, 1, 1);
$oper = substr($per, 2, 1);
$wr_per = TEXT_WRITE_PERMISSION_AVAILABLE;
$permis = permission($oper);
if ($permis[1] == "0") {
$wr_per = "<font color=red>" . TEXT_ENABLE_WRITE_PERMISSION . "</font>";
}
return $wr_per;
}
} else {
if ($i % ($per_page / 2) == 0) {
echo '<div style="float:left; overflow:hidden; border-left:solid 1px #dddddd; border-right:solid 1px #dddddd; border-bottom:solid 1px #dddddd; padding-top:10px; padding-left:10px; padding-right:10px; text-align:center; width:103px; height:148px;" id="flixBox' . $flix_array[$i]['US_ID'] . '">';
} else {
echo '<div style="float:left; overflow:hidden; border-right:solid 1px #dddddd; border-bottom:solid 1px #dddddd; padding-top:10px; padding-left:10px; padding-right:10px; text-align:center; width:103px; height:148px;" id="flixBox' . $flix_array[$i]['US_ID'] . '">';
}
echo '</div>';
}
if ($cnt_flix_array <= $page * $per_page - $per_page / 2 && $i == $offset + ($per_page / 2 - 1)) {
break;
}
}
echo '</div>
<br clear="all" />
<br/><br/>';
if (permission($_FF_SESSION->value('account_perm'), PERM_USER_1) == true) {
echo '
<div class="bullet bold"><a href="/?action=flix.gallery_generator">How can I put a gallery of slideshows on my website?</a></div>';
}
echo '<div class="bullet"><a href="/?action=home.samples&subaction=all_themes">Where can I see a list of all the slideshow themes?</a></div>
<div class="bullet"><a href="/?action=home.samples">Can I see samples of slideshows to get some ideas?</a></div>
';
echo '<script type="text/javascript"> Event.observe(window, "load", initializeLB, false); </script>';
} else {
echo '<div style="width:300px; margin:auto; padding-top:20px;">';
echo '<div class="bold">Your search for slideshows had 0 results.</div>';
echo '<div style="padding-left:20px; padding-top:5px;" class="bold">';
echo '<div style="padding-top:4px;">';
echo '<div style="float:left; padding-right:3px;"><img src="images/bullet.gif" border="0" /></div>';
echo '<div><a href="/?action=flix.flix_list">View all of your slideshows</a></div>';
echo '</div>';
include basePath . "/inc/config.php";
include basePath . "/inc/bbcode.php";
## SETTINGS ##
$time_start = generatetime();
lang($language);
$dir = "links";
$where = _site_links;
## SECTIONS ##
if (!isset($_GET['action'])) {
$action = "";
} else {
$action = $_GET['action'];
}
switch ($action) {
default:
if (permission("links")) {
$admin = _links_admin;
} else {
$admin = "";
}
$qry = db("SELECT * FROM " . $db['links'] . "\n ORDER BY banner DESC");
while ($get = _fetch($qry)) {
if ($get['banner'] == "1") {
$banner = show(_links_bannerlink, array("id" => $get['id'], "banner" => re($get['text'])));
} else {
$banner = show(_links_textlink, array("id" => $get['id'], "text" => str_replace('http://', '', re($get['url']))));
}
$show .= show($dir . "/links_show", array("class" => $class, "beschreibung" => bbcode($get['beschreibung']), "hits" => $get['hits'], "hit" => _hits, "banner" => $banner));
}
$index = show($dir . "/links", array("head" => _links_head, "show" => $show));
break;
<?php
/////////// ADMINNAVI \\\\\\\\\
// Typ: contentmenu
// Rechte: permission('editsquads')
///////////////////////////////
if (_adminMenu != 'true') {
exit;
}
$where = $where . ': ' . _member_admin_header;
if (!permission("editsquads")) {
$show = error(_error_wrong_permissions, 1);
} else {
$qry = db("SELECT * FROM " . $db['squads'] . " ORDER BY pos");
while ($get = _fetch($qry)) {
$edit = show("page/button_edit_single", array("id" => $get['id'], "action" => "admin=squads&do=edit", "title" => _button_title_edit));
$delete = show("page/button_delete_single", array("id" => $get['id'], "action" => "admin=squads&do=delete", "title" => _button_title_del, "del" => convSpace(_confirm_del_team)));
$icon = show(_gameicon, array("icon" => $get['icon']));
$class = $color % 2 ? "contentMainSecond" : "contentMainFirst";
$color++;
$squads .= show($dir . "/squads_show", array("squad" => '<a href="../squads/?action=shows&id=' . $get['id'] . '" style="display:block">' . re($get['name']) . '</a>', "game" => re($get['game']), "icon" => $icon, "edit" => $edit, "class" => $class, "delete" => $delete));
}
$show = show($dir . "/squads", array("memberadminheader" => _member_admin_header, "squad" => _member_admin_squad, "game" => _member_admin_game, "delete" => _deleteicon_blank, "edit" => _editicon_blank, "add" => _member_admin_add_header, "squads" => $squads));
if ($_GET['do'] == "add") {
$qrynav = db("SELECT s2.*, s1.name AS katname, s1.placeholder FROM " . $db['navi_kats'] . " AS s1 LEFT JOIN " . $db['navi'] . " AS s2 ON s1.`placeholder` = s2.`kat`\n \t\tORDER BY s1.name, s2.pos");
while ($getnav = _fetch($qrynav)) {
if ($thiskat != $getnav['kat']) {
$navigation .= '
<option class="dropdownKat" value="lazy">' . re($getnav['katname']) . '</option>
<option value="' . re($getnav['placeholder']) . '-1">-> ' . _admin_first . '</option>
';
} elseif ($datum == $ktoday) {
$data .= show($dir . "/day", array("day" => $day, "event" => $events, "class" => "calToday"));
} else {
$data .= show($dir . "/day", array("day" => $day, "event" => $events, "class" => "calDay"));
}
$i++;
}
}
$show .= "<tr>" . $data . "</tr>";
}
$index = show($dir . "/kalender", array("monate" => $month, "jahr" => $year, "show" => $show, "what" => _button_value_show, "montag" => _montag, "dienstag" => _dienstag, "mittwoch" => _mittwoch, "donnerstag" => _donnerstag, "freitag" => _freitag, "samstag" => _samstag, "sonntag" => _sonntag, "head" => _kalender_head));
break;
case 'show':
$qry = db("SELECT * FROM " . $db['events'] . "\n WHERE DATE_FORMAT(FROM_UNIXTIME(datum), '%d.%m.%Y') = '" . date("d.m.Y", intval($_GET['time'])) . "'\n ORDER BY datum");
while ($get = _fetch($qry)) {
if (permission("editkalender")) {
$edit = show("page/button_edit", array("id" => $get['id'], "action" => "action=admin&do=edit", "title" => _button_title_edit));
} else {
$edit = "";
}
$events .= show($dir . "/event_show", array("event" => _kalender_event, "time" => _kalender_uhrzeit, "edit" => $edit, "show_time" => date("H:i", $get['datum']) . _uhr, "show_event" => bbcode($get['event']), "show_title" => re($get['title'])));
}
$head = show(_kalender_events_head, array("datum" => date("d.m.Y", $_GET['time'])));
$index = show($dir . "/event", array("head" => $head, "events" => $events));
break;
case 'admin':
header("Location: ../admin/?admin=kalender&do=edit&id=" . $_GET['id']);
break;
}
## INDEX OUTPUT ##
page($index, $title, $where);
$index = error(_error_wrong_permissions, 1);
} else {
if ($_GET['do'] == "addcomment") {
$qry = db("SELECT * FROM " . $db['gb'] . "\n WHERE id = '" . intval($_GET['id']) . "'");
$get = _fetch($qry);
if ($get['hp']) {
$gbhp = show(_hpicon, array("hp" => $get['hp']));
} else {
$gbhp = "";
}
if ($get_email) {
$gbemail = show(_emailicon, array("email" => eMailAddr($get['email'])));
} else {
$gbemail = "";
}
if (permission("gb")) {
$comment = show(_gb_commenticon, array("id" => $get['id']));
} else {
$comment = "";
}
if ($get['reg'] == "0") {
$gbtitel = show(_gb_titel_noreg, array("postid" => "?", "nick" => re($get['nick']), "edit" => "", "delete" => "", "comment" => "", "public" => "", "uhr" => _uhr, "email" => $gbemail, "datum" => date("d.m.Y", $get['datum']), "zeit" => date("H:i", $get['datum']), "hp" => $gbhp));
} else {
$gbtitel = show(_gb_titel, array("postid" => "?", "nick" => data($get['reg'], "nick"), "edit" => "", "public" => "", "delete" => "", "uhr" => _uhr, "comment" => "", "id" => $get['reg'], "email" => $gbemail, "datum" => date("d.m.Y", $get['datum']), "zeit" => date("H:i", $get['datum']), "hp" => $gbhp));
}
$entry = show($dir . "/gb_show", array("gbtitel" => $gbtitel, "nachricht" => bbcode($get['nachricht']), "editby" => bbcode($get['editby']), "ip" => $get['ip']));
$index = show($dir . "/gb_addcomment", array("head" => _gb_addcomment_head, "entry" => $entry, "what" => _button_value_add, "id" => $_GET['id'], "head_gb" => _gb_addcomment_headgb));
} elseif ($_GET['do'] == "postcomment") {
$qry = db("SELECT * FROM " . $db['gb'] . "\n WHERE id = '" . intval($_GET['id']) . "'");
$get = _fetch($qry);
$comment = show($dir . "/commentlayout", array("nick" => autor($userid), "datum" => date("d.m.Y H:i", time()) . _uhr, "comment" => up($_POST['comment'], 1), "nachricht" => $get['nachricht']));
$ykmessage = "权限不够不能操作";
//游客提示语
$sqlshow = $conn->selectall("" . DB_EXT . "newspic", "where npic_id='" . $picid . "'");
$show_r = dell_slashes($conn->result($sqlshow));
$golist = "index.php?name=pic&id=" . $newsid;
//返回列表
?>
<div id="urHere"> 管理中心<b>></b><strong><?php
echo $pagename;
?>
添加</strong> <b>></b><strong><?php
echo $news_r['ms_title'];
?>
</strong></div>
<?php
if (!permission("msg_edit", $_SESSION['adgroup'])) {
?>
<div class="gonggao">
<h3>温馨提示:</h3>
<p><?php
echo $ykmessage;
?>
</p>
</div> <?php
}
?>
<div id="mainBox">
<h3><a href="<?php
echo $golist;
?>
" class="actionBtn">返回列表</a><?php
<?php
if (isset($_COOKIE["nickname"]) && isset($_COOKIE["password"]) && login($_COOKIE["nickname"], $_COOKIE["password"]) && permission($_COOKIE["nickname"], "upload")) {
// Datei in tmp-Ordner hochladen
print move_uploaded_file($_FILES['datei']['tmp_name'], getcwd() . "/tmp/" . $_FILES['datei']['name']);
// CSV-Datei auslesen und wiedergeben
echo "<table>";
$handle = fopen(getcwd() . "/tmp/" . $_FILES['datei']['name'], "r");
while (($data = fgetcsv($handle, 1000, ";")) !== FALSE) {
$num = count($data);
echo "<tr>";
$eintrag = 0;
$auftragskonto = 0;
$buchungstag = 0;
$valutadatum = 0;
$buchungstext = 0;
$verwendungszweck = 0;
$beguenstigter_zahlungspflichtiger = 0;
$kontonummer = 0;
$blz = 0;
$betrag = 0;
$waehrung = 0;
$info = 0;
for ($c = 0; $c < $num; $c++) {
//echo "<td>".$data[$c]."</td>";
$data[$c] = iconv("", "UTF-8", $data[$c]);
switch ($c) {
case 0:
$auftragskonto = $data[$c];
echo "<td>" . $data[$c] . "</td>";
break;
function index()
{
$this->data['username'] = $this->username;
permission();
$this->_render_page($this->filename, $this->data);
}