/**
 * Replace {:=key} in $text with $map.key value.
 * Replace {:=key.subkey} with $map.key.subkey value.
 * Use "(array)$obj" for objects. Use 'prefix' as 
 * shortcut for ['{:=', '}', 'prefix' ] ({:=prefix.tag} replace).
 *
 * @author Roland Kujundzic <*****@*****.**>
 * @param string $text
 * @param map $map use "(array)$obj" for objects
 * @param array $conf (default = [ '{:=', '}', '' ])
 * @return string
 */
function replace_tags($text, $map, $conf = array('{:=', '}', ''))
{
    if (is_string($conf)) {
        $conf = ['{:=', '}', $conf];
    }
    foreach ($map as $key => $value) {
        if (is_array($value)) {
            $sub_conf = $conf;
            $sub_conf[2] = empty($conf[2]) ? $key : $conf[2] . '.' . $key;
            $text = replace_tags($text, $value, $sub_conf);
        } else {
            $prefix = empty($conf[2]) ? '' : $conf[2] . '.';
            $text = str_replace($conf[0] . $prefix . $key . $conf[1], $value, $text);
        }
    }
    return $text;
}
Example #2
0
        $_SESSION['formerrors']['add_software']['name'] = user_alert(sprintf($strFieldMustNotBeBlank, "'{$strName}'"), E_USER_ERROR);
    }
    // Check this is not a duplicate
    $sql = "SELECT id FROM `{$dbSoftware}` WHERE LCASE(name)=LCASE('{$name}') LIMIT 1";
    $result = mysql_query($sql);
    if (mysql_num_rows($result) >= 1) {
        $errors++;
        $_SESSION['formerrors']['add_software']['duplicate'] .= $strARecordAlreadyExistsWithTheSameName;
    }
    // add product if no errors
    if ($errors == 0) {
        $sql = "INSERT INTO `{$dbSoftware}` (name, vendorid, lifetime_start, lifetime_end) VALUES ('{$name}','{$vendor}','{$lifetime_start}','{$lifetime_end}')";
        $result = mysql_query($sql);
        if (mysql_error()) {
            trigger_error("MySQL Query Error " . mysql_error(), E_USER_ERROR);
        }
        if (!$result) {
            echo "<p class='error'>{$strAdditionFail}</p>";
        } else {
            $id = mysql_insert_id();
            replace_tags(TAG_SKILL, $id, $tags);
            journal(CFG_LOGGING_DEBUG, 'Skill Added', "Skill {$id} was added", CFG_JOURNAL_DEBUG, $id);
            html_redirect("products.php");
            //clear form data
            $_SESSION['formdata']['add_software'] = NULL;
        }
    } else {
        include APPLICATION_INCPATH . 'htmlheader.inc.php';
        html_redirect($_SERVER['PHP_SELF'], FALSE);
    }
}
 echo '<input type="text" class="odd" id="deauthtimes' . $i . '" size="3" value="5" onFocus="if(this.value == \'5\') {this.value = \'\';}" onBlur="if (this.value == \'\') {this.value = \'5\';}">';
 echo '&nbsp;<a href="javascript:deauth(\'' . $p[$interface][$i]["Address"] . '\', \'\', $(\'#deauthtimes' . $i . '\').val());">Run</a>';
 echo '</td>';
 echo '<td align="center">';
 if ($is_capture_running) {
     if (exec("cat " . $module_path . "captures/lock") == $p[$interface][$i]["Address"]) {
         echo '<a class="cap_link" href="javascript:cancel_capture();">Stop</a>';
     } else {
         echo '<a class="cap_link" href="javascript:void(0);">-</a>';
     }
 } else {
     echo '<a class="cap_link" href="javascript:capture(\'' . $p[$interface][$i]["Address"] . '\', \'' . $p[$interface][$i]["Channel"] . '\');">Capture</a>';
 }
 echo '</td>';
 $tags = array("SSID" => $p[$interface][$i]["ESSID"], "BSSID" => $p[$interface][$i]["Address"], "CHANNEL" => $p[$interface][$i]["Channel"]);
 $custom_command = addslashes(replace_tags($tags, $custom_commands[0]));
 echo '<td align="center">';
 if ($is_custom_running) {
     echo '<a href="javascript:cancel_custom_script();">Cancel</a>';
 } else {
     echo '<a href="javascript:execute_custom_script(\'' . base64_encode($custom_command) . '\');">Execute</a>';
 }
 echo '</td>';
 echo '</tr>';
 for ($j = 0; $j < count($clients); $j++) {
     echo '<tr class="even">';
     if ($clients[$j][5] == $p[$interface][$i]["Address"]) {
         echo '<td class="clients" align="center">Client ' . $clientN . '</td>';
         $MAC_address = explode(":", $clients[$j][0]);
         echo '<td class="clients"><a target="_new" title="OUI search" href="http://standards.ieee.org/cgi-bin/ouisearch?' . $MAC_address[0] . '-' . $MAC_address[1] . '-' . $MAC_address[2] . '">' . $clients[$j][0] . '</a></td>';
         echo '<td>&nbsp;</td>';
Example #4
0
    }
    return $tag;
}
function grv_get_post_comments($id)
{
    $comments = get_comments(array('post_id' => $id, 'status' => 'approve'));
    $data = array();
    foreach ($comments as $comment) {
        $data = array('author' => $comment->comment_author, 'content' => $comment->comment_content);
    }
    return $data;
}
Example #5
0
 $errors = 0;
 if ($name == '') {
     $errors = 1;
     $errors_string .= user_alert(sprintf($strFieldMustNotBeBlank, "'{$strName}'"), E_USER_ERROR);
 }
 if ($email == '') {
     $errors = 1;
     $errors_string .= user_alert(sprintf($strFieldMustNotBeBlank, "'{$strEmail}'"), E_USER_ERROR);
 }
 if ($telephone == '') {
     $errors = 1;
     $errors_string .= user_alert(sprintf($strFieldMustNotBeBlank, "'{$strTelephone}'"), E_USER_ERROR);
 }
 // edit site if no errors
 if ($errors == 0) {
     replace_tags(3, $site, $tags);
     if (isset($licenserx)) {
         $licenserx = '1';
     } else {
         $licenserx = '0';
     }
     // update site
     if ($active == 'true') {
         $activeStr = 'true';
     } else {
         $activeStr = 'false';
     }
     $sql = "UPDATE `{$dbSites}` SET name='{$name}', department='{$department}', address1='{$address1}', address2='{$address2}', city='{$city}', ";
     $sql .= "county='{$county}', postcode='{$postcode}', country='{$country}', telephone='{$telephone}', fax='{$fax}', email='{$email}', ";
     $sql .= "websiteurl='{$websiteurl}', notes='{$notes}', typeid='{$typeid}', owner='{$owner}', freesupport='{$incident_quantity}', active='{$activeStr}' WHERE id='{$site}' LIMIT 1";
     // licenserx='$licenserx'
Example #6
0
     $error[] = sprintf($strFieldMustNotBeBlank, $strName);
 }
 if ($startdate > $duedate and $duedate != '' and $duedate > 0) {
     $startdate = $duedate;
 }
 if (count($error) >= 1) {
     include APPLICATION_INCPATH . 'htmlheader.inc.php';
     echo "<p class='error'>{$strPleaseCheckData}</p>";
     echo "<ul class='error'>";
     foreach ($error as $err) {
         echo "<li>{$err}</li>";
     }
     echo "</ul>";
     include APPLICATION_INCPATH . 'htmlfooter.inc.php';
 } else {
     replace_tags(4, $id, $tags);
     if ($startdate > 0) {
         $startdate = date('Y-m-d', $startdate);
     } else {
         $startdate = '';
     }
     if ($duedate > 0) {
         $duedate = date('Y-m-d', $duedate);
     } else {
         $duedate = '';
     }
     if ($enddate > 0) {
         $enddate = date('Y-m-d', $enddate);
     } else {
         $enddate = '';
     }
Example #7
0
require 'core.php';
require APPLICATION_LIBPATH . 'functions.inc.php';
// This page requires authentication
require APPLICATION_LIBPATH . 'auth.inc.php';
// External variables
$id = cleanvar($_REQUEST['id']);
$name = $_REQUEST['name'];
$action = $_POST['action'];
if ($action == 'save') {
    // External variables
    $vendor = cleanvar($_POST['vendor']);
    $name = cleanvar($_POST['name']);
    $description = cleanvar($_POST['description']);
    $productid = cleanvar($_POST['productid']);
    $tags = cleanvar($_POST['tags']);
    replace_tags(TAG_PRODUCT, $productid, $tags);
    // update database
    $sql = "UPDATE `{$dbProducts}` SET vendorid='{$vendor}', name='{$name}', description='{$description}' WHERE id='{$productid}' LIMIT 1 ";
    $result = mysql_query($sql);
    if (mysql_error()) {
        trigger_error("MySQL Query Error " . mysql_error(), E_USER_ERROR);
    }
    if (!$result) {
        trigger_error("Update of product failed: {$sql}", E_USER_WARNING);
    } else {
        journal(CFG_LOGGING_NORMAL, 'Product Edited', "Product {$productid} was edited", CFG_JOURNAL_PRODUCTS, $productid);
        html_redirect("products.php");
    }
} else {
    $title = $strEditProduct;
    include APPLICATION_INCPATH . 'htmlheader.inc.php';
 // check for blank contact
 if ($contact == 0) {
     $errors += 1;
     $error_string .= "<p class='error'>You must select a contact</p>\n";
 }
 // check for blank title
 if ($title == '') {
     $errors += 1;
     $error_string .= "<p class='error'>You must enter a title</p>\n";
 }
 if ($errors > 0) {
     echo "<div>{$bodytext}</div>";
 }
 if ($errors == 0) {
     $addition_errors = 0;
     replace_tags(2, $id, $tags);
     // update support incident
     $sql = "UPDATE `{$dbIncidents}` ";
     $sql .= "SET externalid='{$externalid}', ccemail='{$ccemail}', ";
     $sql .= "escalationpath='{$escalationpath}', externalengineer='{$externalengineer}', externalemail='{$externalemail}', title='{$title}', ";
     $sql .= "contact='{$contact}', softwareid='{$software}', productversion='{$productversion}', ";
     $sql .= "productservicepacks='{$productservicepacks}', lastupdated='{$now}' WHERE id='{$id}'";
     $result = mysql_query($sql);
     if (mysql_error()) {
         trigger_error("MySQL Query Error " . mysql_error(), E_USER_ERROR);
     }
     if (!$result) {
         $addition_errors = 1;
         $addition_errors_string .= "<p class='error'>Update of incident failed</p>\n";
     }
     if ($addition_errors == 0) {
             $liked = "Like";
             if (mysqli_num_rows(mysqli_query($connection, "SELECT * FROM likes WHERE userid='" . $_SESSION['id'] . "' AND postid='" . $row[0] . "'"))) {
                 $liked = "Unlike";
             }
             if ($likes == 1) {
                 $like_t = "Like";
             }
             draw_small_avatar($user[1]);
             echo "<div class='post'><div class='post_header'>";
             echo "<b><a class='profile_a' href='?view=" . $user[0] . "'>" . $user[1] . "</a></b> - " . date("M jS y g:ia", $row[1]);
             if ($_SESSION['id'] == $row[2] || $_SESSION['id'] == 1) {
                 echo "<a class='erase' href='?erase=" . $row[0] . "'></a>";
                 echo "<a class='edit' href='?editpost=" . $row[0] . "'></a>";
             }
             echo "</div><pre>";
             echo markdown(replace_tags($row[3]));
             echo "</pre><div class='post_footer'>";
             if ($_SESSION['id'] != $row[2]) {
                 echo "<a href='?like={$row['0']}' class='like_a'>{$liked}</a> · <a href='#comment={$row['0']}' class='comm_a'>Comment</a>";
             }
             echo "<span class='likes'>{$likes} {$like_t}</span>";
             if ($_SESSION['id'] != $row[2]) {
                 echo "<form method='post' class='add_comment'><textarea class='comment' placeholder='Comment ...'></textarea></form>";
             }
             echo "<div style='clear: both;'></div></div></div><br/>";
         }
         if (!$num) {
             echo "There is no messages yet. <br/>";
         }
     }
 }
Example #10
0
     $dataprotection_phone = 'No';
 }
 if ($dataprotection_address != '') {
     $dataprotection_address = 'Yes';
 } else {
     $dataprotection_address = 'No';
 }
 if ($active == 'true') {
     $activeStr = 'true';
 } else {
     $activeStr = 'false';
 }
 /*
     TAGS
 */
 replace_tags(1, $contact, $tags);
 $sql = "UPDATE `{$dbContacts}` SET courtesytitle='{$courtesytitle}', surname='{$surname}', forenames='{$forenames}', siteid='{$siteid}', email='{$email}', phone='{$phone}', mobile='{$mobile}', fax='{$fax}', ";
 $sql .= "address1='{$address1}', address2='{$address2}', city='{$city}', county='{$county}', postcode='{$postcode}', ";
 $sql .= "country='{$country}', dataprotection_email='{$dataprotection_email}', dataprotection_phone='{$dataprotection_phone}', ";
 $sql .= "notes='{$notes}', dataprotection_address='{$dataprotection_address}' , department='{$department}' , jobtitle='{$jobtitle}', ";
 $sql .= "notify_contactid='{$notify_contactid}', ";
 $sql .= "active = '{$activeStr}', ";
 $sql .= "timestamp_modified={$now} WHERE id='{$contact}'";
 $result = mysql_query($sql);
 if (mysql_error()) {
     trigger_error("MySQL Query Error " . mysql_error(), E_USER_ERROR);
 }
 if (!$result) {
     trigger_error("Update of contact failed: {$sql}", E_USER_WARNING);
 } else {
     plugin_do('save_contact_form');