while ($row = mysql_fetch_array($result)) {
$users[$i] = $row[0];
$i++;
}
$sql = "SELECT prim_manager,sec_manager from agency_manager where agency_index='{$agency}'";
$result = mysql_query($sql);
while ($row = mysql_fetch_array($result)) {
$users[$i] = $row[0];
$i++;
$users[$i] = $row[1];
$i++;
}
$sql = "select b.username from agency_groups a,ops_user_group b where a.group_id=b.group_id and a.agency_index='{$agency}'";
$result = mysql_query($sql);
while ($row = mysql_fetch_array($result)) {
$users[$i] = $row[0];
$i++;
}
$sql = "select username from ops_user_group where group_id='1'";
$result = mysql_query($sql);
while ($row = mysql_fetch_array($result)) {
$users[$i] = $row[0];
$i++;
}
$users[$i] = "administrator";
$user_list = implode("','", $users);
$sql = "SELECT first_name,last_name,official_email,password,account_expiry,username from user_master where account_status='Active' and username in ('{$user_list}')";
$result = mysql_query($sql);
$num_rows = mysql_num_rows($result);
showxml($result, $num_rows, $agency);
}
$year = substr($last_seen,0,4);
$month = substr($last_seen,5,2);
$day = substr($last_seen,6,2);
$last_seen=mktime(0,0,0,$month,$day,$year);
*/
echo "<host>";
echo "<hostname>" . $hostname . "</hostname>";
echo "<last_audited>" . $last_seen . "</last_audited>";
echo "</host>";
}
echo "</node>";
} else {
$nodata = 0;
success($nodata);
}
}
// include config file, also contains the API KEY
require_once '../include/config.php';
require_once '../include/dboa.php';
$api_key = strip_tags($_REQUEST['key']);
$hostname = strip_tags($_REQUEST['hostname']);
$num_rows = '';
// validate api key
if ($api_key != $API_KEY || $api_key == '') {
invalid();
} else {
$sql = "SELECT hostname,UNIX_TIMESTAMP(last_seen) FROM system WHERE hostname='{$hostname}'";
$result = mysql_query($sql);
$num_rows = mysql_num_rows($result);
showxml($result, $num_rows);
}
$dateline = empty($dateline) ? '' : $_SGLOBAL['timestamp'] - $dateline;
if ($type == 'news') {
if (empty($var)) {
$query = $_SGLOBAL['db']->query("SELECT * FROM " . tname('spaceitems') . " WHERE type='news' AND dateline >='{$dateline}' ORDER BY viewnum DESC LIMIT 0,9");
} else {
$query = $_SGLOBAL['db']->query("SELECT * FROM " . tname('spaceitems') . " WHERE catid = '{$var}' AND type='news' AND dateline >='{$dateline}' ORDER BY viewnum DESC LIMIT 0,16");
}
while ($value = $_SGLOBAL['db']->fetch_array($query)) {
$value['subject'] = cutstr($value['subject'], 40, 1);
$value['url'] = geturl('action/viewnews/itemid/' . $value['itemid']);
$listvalue .= '<li><span class="box_r">' . sgmdate($value['dateline'], 'm.d') . '</span><a href="' . $value['url'] . '">' . $value['subject'] . '</a></li>';
}
showxml($listvalue);
} elseif ($type == 'bbs') {
dbconnect(1);
@(include_once S_ROOT . './data/system/bbsforums.cache.php');
$fidarr = array();
foreach ($_SGLOBAL['bbsforumarr'] as $value) {
if (!empty($value['allowshare'])) {
$fidarr[] = $value['fid'];
}
}
$fids = simplode($fidarr);
$query = $_SGLOBAL['db_bbs']->query("SELECT * FROM " . tname('threads', 1) . " WHERE fid IN ({$fids}) AND dateline>='{$dateline}' AND displayorder >= 0 ORDER BY views DESC LIMIT 0,9");
while ($value = $_SGLOBAL['db_bbs']->fetch_array($query)) {
$value['subject'] = cutstr($value['subject'], 40, 1);
$value['url'] = B_URL . '/viewthread.php?tid=' . $value['tid'];
$listvalue .= '<li><span class="box_r">' . sgmdate($value['dateline'], 'm.d') . '</span><a href="' . $value['url'] . '" target="_blank">' . $value['subject'] . '</a></li>';
}
showxml($listvalue);
}
<?php
/*
[SupeSite] (C) 2007-2009 Comsenz Inc.
$Id: batch.tagshow.php 13470 2009-11-04 07:19:53Z zhaofei $
*/
include_once './common.php';
include_once S_ROOT . './language/batch.lang.php';
$tagname = empty($_GET['tagname']) ? '' : trim($_GET['tagname']);
if (empty($tagname)) {
showxml($blang['parameter_error']);
}
$html = '<h5><a href="javascript:taghide();" target="_self">' . $blang['close'] . '</a>TAG: ' . $tagname . '</h5>
<div class="xspace-ajaxcontent">
<ul style="margin: 0.5em; padding-left: 2.7em; text-indent: -2.7em; list-style: none; line-height: 1.8em;">';
$query = $_SGLOBAL['db']->query('SELECT tagid FROM ' . tname('tags') . ' WHERE tagname=\'' . $tagname . '\'');
if ($tag = $_SGLOBAL['db']->fetch_array($query)) {
$query = $_SGLOBAL['db']->query('SELECT st.tagid, i.uid, i.type, i.itemid, i.subject FROM ' . tname('spacetags') . ' st INNER JOIN ' . tname('spaceitems') . ' i ON i.itemid=st.itemid WHERE st.tagid=\'' . $tag['tagid'] . '\' ORDER BY st.dateline DESC LIMIT 0,10');
while ($item = $_SGLOBAL['db']->fetch_array($query)) {
$item['url'] = geturl('action/viewnews/itemid/' . $item['itemid'], 2);
$html .= '<li>[' . $channels[menus][$item['type']][name] . '] <a href="' . $item['url'] . '" target="_blank">' . $item['subject'] . '</a></li>';
}
$html .= '
</ul>
<p style="margin: 0; padding: 0.5em; border-top: 1px dotted #EEE; text-align: right;"><a href="' . geturl('action/tag/tagid/' . $tag['tagid']) . '" target="_blank">' . $blang['see_more'] . '</a></p>';
} else {
$html .= '<li>' . $blang['not_found_the_tag'] . '</li></ul>';
}
$html .= '</div>';
showxml($html);
foreach ($values as $valuearray) {
if ($valuearray['tag'] == 'kw' || $valuearray['tag'] == 'ekw') {
if (PHP_VERSION > '5' && $charset != 'utf-8') {
$valuearray['value'] = encodeconvert("UTF-8", $valuearray['value']);
} else {
$valuearray['value'] = trim($valuearray['value']);
}
$kws[] = $valuearray['value'];
}
}
if ($kws) {
foreach ($kws as $kw) {
$kw = htmlspecialchars($kw);
$return .= $kw . ' ';
}
$return = htmlspecialchars($return);
}
}
showxml($return);
}
function cuthtml($string, $length, $havedot = 0)
{
$searcharr = array("/\\<img(.+?)\\>/is", "/\\<br.*?\\>/is", "/\\<p\\>(.*?)\\<\\/p\\>/is");
$replacearr = array("[img\\1]", "[br]", "[p]\\1[/p]");
$string = preg_replace($searcharr, $replacearr, $string);
$string = strip_tags($string);
$searcharr = array("/\\[img(.+?)\\]/s", "/\\[br\\]/", "/\\[p\\](.+?)\\[\\/p\\]/s");
$replacearr = array("<img\\1>", "<br />", "<p>\\1</p>");
$string = preg_replace($searcharr, $replacearr, $string);
return trim(cutstr($string, $length, $havedot));
}
if ($file3->isDot()) {
continue;
}
$name3 = $file3->getFilename();
echo "<h5 style='color:grey'>";
echo $name3;
echo "</h5>";
if (substr($name3, -4) == ".rng") {
echo "<h4>RelaxNG Check</h4><br/>";
validate($name . "/" . $name2 . "/" . $name3);
}
if (substr($name3, -4) == ".ng2") {
echo "<h4>RelaxNG Check including data types</h4><br/>";
validate($name . "/" . $name2 . "/" . $name3);
}
showxml($name . "/" . $name2 . "/" . $name3);
}
}
}
}
}
function validate($path)
{
echo "<div style='border:1px solid gray;width:300px'>";
echo $path . "<br/>";
$xml = substr($path, 0, -4) . ".xml";
echo $xml . "<br/>";
ob_start();
$dom = domDocument::load($xml);
$erfolg = $dom->relaxNGValidate($path);
$fehler = ob_get_contents();
$visible = $point < 1 ? '0' : '1';
} else {
// 防范弱:最终分数少于0分才CUT!
$visible = $point < 0 ? '0' : '1';
}
} else {
$visible = '1';
}
// 检查Spam完毕
$DB->query("INSERT INTO {$db_prefix}comments (articleid, author, url, dateline, content, ipaddress, type, visible) VALUES ('{$articleid}', '{$blog_name}', '{$url}', '{$timestamp}', '{$title}\n{$excerpt}', '{$onlineip}', 'trackback', '{$visible}')");
//更新文章Trackback数量
if ($visible) {
$DB->unbuffered_query("UPDATE {$db_prefix}articles SET comments=comments+1 WHERE articleid='{$articleid}'");
$DB->unbuffered_query("UPDATE {$db_prefix}statistics SET comment_count=comment_count+1");
}
showxml('Trackback 成功接收', 0);
//发送消息页面
function showxml($message, $error = 1)
{
echo "<?xml version=\"1.0\" encoding=\"utf-8\"?>\n";
echo "<response>\n";
echo "\t<error>" . $error . "</error>\n";
echo "\t<message>" . $message . "</message>\n";
echo "</response>\n";
exit;
}
//获取远程页面的内容
function fopen_url($url)
{
if (function_exists('file_get_contents')) {
$file_content = @file_get_contents($url);
}
}
// include config file, also contains the API KEY
require_once '../include/config.php';
require_once '../include/db.php';
$api_key = $_REQUEST['key'];
$num_rows = '';
$staff = $_REQUEST['staff'];
$start_date = $_REQUEST["start_date"];
$end_date = $_REQUEST["end_date"];
$status = $_REQUEST["status"];
if (strlen($start_date) > 0 && strlen($end_date) > 0) {
$start_date = strip_tags($_REQUEST['start_date']);
$end_date = strip_tags($_REQUEST['end_date']);
$end_date += 86399;
if ($status == "closed") {
$query = "AND UNIX_TIMESTAMP(t.closed) >= {$start_date} and UNIX_TIMESTAMP(t.closed) <= {$end_date}";
} else {
$query = "AND UNIX_TIMESTAMP(t.created) >= {$start_date} and UNIX_TIMESTAMP(t.created) <= {$end_date}";
}
} else {
$query = "";
}
if ($api_key != $API_KEY || $api_key == '') {
invalid();
} else {
$sql = "SELECT staff_id,firstname,lastname from isost_staff where email = '{$staff}'";
$result = mysql_query($sql);
$num_rows = mysql_num_rows($result);
showxml($result, $num_rows, $query, $status);
}
$qstatus = "SELECT t.ticket_id,t.subject,t.helptopic,t.status from isost_ticket t where t.staff_id='{$staffid}' ";
$strStatus = "created";
if ($status == 'open') {
$qstatus .= "and t.status='open'";
} elseif ($status == 'transfered') {
$qstatus = "select t.ticket_id,t.subject,t.helptopic,t.status from isost_ticket t inner join isost_ticket_note tn on t.ticket_id=tn.ticket_id where t.status='open' and tn.title like 'Dept. Transfer %' and tn.staff_id='{$staffid}'";
} elseif ($status == 'closed') {
$qstatus .= "and t.status='closed'";
$strStatus = "closed";
} elseif ($status == 'overdue') {
$qstatus .= "and t.isoverdue=1 and t.status='open'";
}
if (strlen($start_date) > 0 && strlen($end_date) > 0) {
$start_date = strip_tags($_REQUEST['start_date']);
$end_date = strip_tags($_REQUEST['end_date']);
$end_date += 86399;
$query = "AND UNIX_TIMESTAMP(t." . $strStatus . ") >= {$start_date} and UNIX_TIMESTAMP(t." . $strStatus . ") <= {$end_date}";
} else {
$query = "";
}
if ($api_key != $API_KEY || $api_key == '') {
invalid();
} else {
$sql1 = mysql_query("select firstname,lastname from isost_staff where staff_id='{$staffid}'");
$row1 = mysql_fetch_row($sql1);
$staffname = $row1[0] . ' ' . $row1[1];
$sql = "{$qstatus} {$query}";
$result = mysql_query($sql);
$num_rows = mysql_num_rows($result);
showxml($result, $num_rows, $staffname);
}
$author = 'Guest';
$query = $_SGLOBAL['db']->query('SELECT COUNT(*) FROM ' . tname($_GET['name'] . 'rates') . ' WHERE itemid=\'' . $item['itemid'] . '\' AND ip=\'' . $_SGLOBAL['onlineip'] . '\'');
} else {
$author = $_SGLOBAL['supe_username'];
$query = $_SGLOBAL['db']->query('SELECT COUNT(*) FROM ' . tname($_GET['name'] . 'rates') . ' WHERE itemid=\'' . $item['itemid'] . '\' AND authorid=\'' . $_SGLOBAL['supe_uid'] . '\'');
}
$ratenum = $_SGLOBAL['db']->result($query, 0);
if ($ratenum > 0) {
showxml($blang['have_too_much_commentary_model']);
}
//添加记录
$setsqlarr = array('itemid' => $item['itemid'], 'authorid' => $_SGLOBAL['supe_uid'], 'author' => $author, 'ip' => $_SGLOBAL['onlineip'], 'dateline' => $_SGLOBAL['timestamp']);
inserttable($_GET['name'] . 'rates', $setsqlarr);
$_SGLOBAL['db']->query('UPDATE ' . tname($_GET['name'] . 'items') . ' SET lastpost=\'' . $_SGLOBAL['timestamp'] . '\', rates=rates+1 WHERE itemid=\'' . $item['itemid'] . '\'');
//评分完成
showxml('rates_succeed');
}
function jsmessage($type, $message, $url = '')
{
include_once S_ROOT . './language/message.lang.php';
if (!empty($mlang[$message])) {
$message = $mlang[$message];
}
$message = addslashes($message);
$siteurl = S_URL;
$jumpjs = '';
if ($url) {
$jumpjs = 'OpenWindow("' . $url . '", "login", 800, 400);';
}
print <<<EOF
\t<script language="javascript">
} else {
$nodata = 0;
success($nodata);
}
}
// include config file, also contains the API KEY
require_once '../include/config.php';
require_once '../include/db.php';
$api_key = $_REQUEST['key'];
$ticketid = $_REQUEST['ticketid'];
$num_rows = '';
if ($api_key != $API_KEY || $api_key == '') {
invalid();
} else {
$sql1 = "select staff_id from isost_ticket where ticket_id='{$ticketid}'";
$result1 = mysql_query($sql1);
$row1 = mysql_fetch_array($result1);
$staffid = $row1[0];
if ($staffid > 0) {
$sql1 = "select firstname,lastname from isost_staff where staff_id='{$staffid}'";
$result1 = mysql_query($sql1);
$row1 = mysql_fetch_array($result1);
$username = $row1[0] . ' ' . $row1[1];
} else {
$username = "******";
}
$sql = "select itp.priority,t.name,t.subject,t.helptopic,t.source,t.status,t.created,t.lastresponse from isost_ticket t,isost_ticket_priority itp where t.priority_id=itp.priority_id and t.ticket_id='{$ticketid}'";
$result = mysql_query($sql);
$num_rows = mysql_num_rows($result);
showxml($result, $num_rows, $username);
}
$row2 = mysql_fetch_row($sql2);
$noofslabreached = $row2[0];
$sql3 = mysql_query("select count(t.ticket_id) from isost_ticket t inner join isost_ticket_note tn on t.ticket_id=tn.ticket_id where t.status='open' and tn.title like 'Dept. Transfer %' and tn.staff_id=0 AND UNIX_TIMESTAMP(t.created) <= {$timestamp}");
$row3 = mysql_fetch_row($sql3);
$nooftransfered = $row3[0];
$sql4 = mysql_query("select count(t.ticket_id) from isost_ticket t where t.status='closed' and t.staff_id=0 AND UNIX_TIMESTAMP(t.created) <= {$timestamp}");
$row4 = mysql_fetch_row($sql4);
$noofclosedtickets = $row4[0];
$sql5 = mysql_query("select count(t.ticket_id) from isost_ticket t where t.status='open' AND UNIX_TIMESTAMP(t.created) <= {$timestamp}");
$row5 = mysql_fetch_row($sql5);
$noofopentickets = $row5[0];
echo "<staff>";
echo "<firstname>Unassigned</firstname>";
echo "<unassigned>" . $noofunassignedtickets . "</unassigned>";
echo "<openticket>" . $noofopentickets . "</openticket>";
echo "<closedticket>" . $noofclosedtickets . "</closedticket>";
echo "<transferedticket>" . $nooftransfered . "</transferedticket>";
echo "<slabreached>" . $noofslabreached . "</slabreached>";
echo "</staff>";
echo "</node>";
}
// include config file, also contains the API KEY
require_once '../include/config.php';
require_once '../include/db.php';
$api_key = $_REQUEST['key'];
$timestamp = $_REQUEST['currtimestamp'];
if ($api_key != $API_KEY || $api_key == '') {
invalid();
} else {
showxml($timestamp);
}
$maxclicknum = $value['clicknum'];
}
//最大点击数
if ($value['clicknum'] < $minclicknum) {
$minclicknum = $value['clicknum'];
}
//最小点击数
$clicks[$k][$key] = $value;
}
$average = $clicknum ? round($total / $clicknum, 2) : 0;
//平均分
$clickcounts[$k]['clicknum'] = $clicknum;
$clickcounts[$k]['total'] = $total;
$clickcounts[$k]['average'] = $average;
$clickcounts[$k]['maxclicknum'] = $maxclicknum;
$clickcounts[$k]['minclicknum'] = $minclicknum;
}
}
} elseif ($_GET['op'] == 'num') {
showxml($item['click_' . $clickid]);
}
include_once template('do_click');
ob_out();
//热点
function hot_update($tablename, $id)
{
global $_SGLOBAL;
$idname = $tablename == 'spacecomments' ? 'cid' : 'itemid';
@$_SGLOBAL['db']->query("UPDATE {$tablename} SET hot=hot+1 WHERE {$idname}='{$id}'");
return true;
}
if ($asset == "Server-Tower") {
$asset_category = "19";
}
if ($asset == "Server-RackMount") {
$asset_category = "20";
}
$num_rows = '';
// validate api key
if ($api_key != $API_KEY || $api_key == '') {
invalid();
} else {
$result = mysql_query("SELECT count(*) as count FROM asset WHERE assetcategoryid='{$asset_category}' AND statusid='1'");
$row = mysql_fetch_array($result);
$active = $row['count'];
$result = mysql_query("SELECT count(*) as count FROM asset WHERE assetcategoryid='{$asset_category}' AND statusid='2'");
$row = mysql_fetch_array($result);
$inactive = $row['count'];
$result = mysql_query("SELECT count(*) as count FROM asset WHERE assetcategoryid='{$asset_category}' AND statusid='3'");
$row = mysql_fetch_array($result);
$lost = $row['count'];
$result = mysql_query("SELECT count(*) as count FROM asset WHERE assetcategoryid='{$asset_category}' AND statusid='4'");
$row = mysql_fetch_array($result);
$damaged = $row['count'];
$result = mysql_query("SELECT count(*) as count FROM asset WHERE assetcategoryid='{$asset_category}' AND statusid='6'");
$row = mysql_fetch_array($result);
$obsolete = $row['count'];
$result = mysql_query("SELECT count(*) as count FROM asset WHERE assetcategoryid='{$asset_category}' AND statusid='5'");
$row = mysql_fetch_array($result);
$others = $row['count'];
showxml($asset_category, $active, $inactive, $lost, $damaged, $obsolete, $others);
}
echo '<uid>' . $info[$i]["uid"][0] . '</uid>';
echo '<first_name>' . $info[$i]["givenname"][0] . '</first_name>';
echo '<last_name>' . $info[$i]["sn"][0] . '</last_name>';
echo '<email>' . $info[$i]["mail"][0] . '</email>';
echo "</users>";
}
echo "</node>";
} else {
$nodata = 0;
success($nodata);
}
}
// include config file, also contains the API KEY
include_once '../include/config.php';
include_once '../include/db.php';
include_once "../include/config_ldap.php";
include_once "../include/ldap.php";
$api_key = strip_tags($_REQUEST['key']);
if ($api_key != $API_KEY || $api_key == '') {
showerror("Invalid API Key");
} else {
if ($ldap_conn) {
$info = ldap_search($ldap_conn, $BASE_DN, $LDAP_FILTER);
$result = ldap_get_entries($ldap_conn, $info);
$count = ldap_count_entries($ldap_conn, $info);
showxml($result, $count);
ldap_close($ldap_conn);
} else {
showerror("Unable to connect to LDAP server");
}
}
