public static function getStatusUser($user_id)
{
if (DB::query_row("SELECT * FROM `online_tb` WHERE `user_id` = '" . $user_id . "' && `date` >= '" . date("Y-m-d H:i:s", time() - 60 * 10) . "'")) {
return true;
}
return false;
}
function getCount($aResultSQL)
{
$ex = explode("FROM ", $aResultSQL);
unset($ex['0']);
$count = DB::query_row("SELECT COUNT(DISTINCT(" . $this->count_field . ")) as count FROM " . implode(" ", $ex));
return $count['count'];
}
public static function getMeta($parentID, $table)
{
if ($meta = DB::query_row("SELECT * FROM `meta_tb` WHERE `parentID` = '" . DB::escape($parentID) . "' && `table` = '" . DB::escape($table) . "'")) {
return $meta;
}
return false;
}
function actionEdit()
{
$obj = DB::query_row("SELECT * FROM `" . $_GET['table'] . "` WHERE `id` = '" . $_GET['id'] . "'");
$class = new $_GET['class']();
$oForm = call_user_func(array($class, "form"), $obj);
$oForm->setFunctionPostBack($this, "editForm");
//echo $oForm->getForm("", "");die();
return $this->InIndex("Редактирование " . $oForm->getFormName(), $oForm->getForm("", ""), 1);
}
function _HCM_recentposts($limit = null, $stranky = "", $typ = null)
{
// priprava
$result = "";
if (isset($limit) and intval($limit) >= 1) {
$limit = abs(intval($limit));
} else {
$limit = 10;
}
// filtr cisel sekci, knih nebo clanku
if (isset($stranky) and isset($typ)) {
$rtype = intval($typ);
if ($rtype < 1 or $rtype > 3) {
$rtype = 1;
}
$rroots = "(" . _sqlWhereColumn("home", $stranky) . ") AND type=" . $rtype;
} else {
$rroots = "type!=4 AND type!=6 AND type!=7";
}
$query = DB::query("SELECT id,type,home,xhome,subject,author,guest,time,text FROM `" . _mysql_prefix . "-posts` WHERE " . $rroots . " ORDER BY id DESC LIMIT " . $limit);
while ($item = DB::row($query)) {
// nacteni titulku a odkazu na stranku
switch ($item['type']) {
case 1:
case 3:
$hometitle = DB::query_row("SELECT title,title_seo FROM `" . _mysql_prefix . "-root` WHERE id=" . $item['home']);
$homelink = _linkRoot($item['home'], $hometitle['title_seo']);
break;
case 2:
$hometitle = DB::query_row("SELECT art.title,art.title_seo,cat.title_seo AS cat_title_seo FROM `" . _mysql_prefix . "-articles` AS art JOIN `" . _mysql_prefix . "-root` AS cat ON(cat.id=art.home1) WHERE art.id=" . $item['home']);
$homelink = _linkArticle($item['home'], $hometitle['title_seo'], $hometitle['cat_title_seo']);
break;
case 5:
if ($item['xhome'] == -1) {
$tid = $item['id'];
$hometitle = array("title" => $item['subject']);
} else {
$tid = $item['xhome'];
$hometitle = DB::query_row("SELECT subject FROM `" . _mysql_prefix . "-posts` WHERE id=" . $item['xhome']);
$hometitle = array("title" => $hometitle['subject']);
}
$homelink = "index.php?m=topic&id=" . $tid;
break;
}
// nacteni jmena autora
if ($item['author'] != -1) {
$authorname = _linkUser($item['author'], null, true, true);
} else {
$authorname = $item['guest'];
}
$hometitle = $hometitle['title'];
$result .= "\n<h2 class='list-title'><a href='" . $homelink . "'>" . $hometitle . "</a></h2>\n<p class='list-perex'>" . _cutStr(strip_tags(_parsePost($item['text'])), 256) . "</p>\n<div class='list-info'>\n<span>" . $GLOBALS['_lang']['global.postauthor'] . ":</span> " . $authorname . _template_listinfoseparator . "\n<span>" . $GLOBALS['_lang']['global.time'] . ":</span> " . _formatTime($item['time']) . "\n</div>\n\n";
}
return $result;
}
function table($aRow)
{
$photo = Photo::getPhotoById($aRow['main']);
$aRow['main'] = "<img src='" . $photo['path'] . "/thumb/" . $photo['name'] . "'>";
if ($parent = DB::query_row("SELECT * FROM `category_tb` WHERE `id` = '" . DB::escape($aRow['categoryID']) . "'")) {
$aRow['categoryID'] = $parent['name'];
} else {
$aRow['categoryID'] = "нет";
}
return $aRow;
}
public static function authorized($email, $password)
{
self::$user = DB::query_row('SELECT * FROM `user_tb` WHERE `email`="' . mysqli_real_escape_string(DB::$desc, $email) . '" && `passwd` = "' . mysqli_real_escape_string(DB::$desc, $password) . '" ');
if (!self::$user) {
return FALSE;
}
if (self::$user['isactive'] == 1) {
return FALSE;
}
$_SESSION['session_id'] = self::$user['id'];
return TRUE;
}
function table($aRow)
{
if ($parent = DB::query_row("SELECT * FROM `category_tb` WHERE `id` = '" . DB::escape($aRow['categoryID']) . "'")) {
$aRow['categoryID'] = $parent['name'];
} else {
$aRow['categoryID'] = "нет";
}
if (DB::query_row("SELECT * FROM `category_tb` WHERE `categoryID` = '" . $aRow['id'] . "'")) {
$aRow['name'] = '<a href="/admin/ru/Category/Show/?categoryID=' . $aRow['id'] . '">' . $aRow['name'] . '</a>';
}
return $aRow;
}
function _HCM_linkart($id = null, $text = null, $nove_okno = false)
{
if (null === $text) {
$query = DB::query_row('SELECT art.title,art.title_seo,cat.title_seo AS cat_title_seo FROM `' . _mysql_prefix . '-articles` AS art JOIN `' . _mysql_prefix . '-root` AS cat ON(cat.id=art.home1) WHERE art.' . (is_numeric($id) ? 'id' : 'title_seo') . '=' . DB::val($id));
if (false === $query) {
return '{' . _htmlStr($id) . '}';
}
$text = $query['title'];
} else {
$query = array('title_seo' => null, 'cat_title_seo' => null);
}
return "<a href='" . _linkArticle($id, $query['title_seo'], $query['cat_title_seo']) . "'" . ($nove_okno ? ' target="_blank"' : '') . ">" . $text . "</a>";
}
function actionNews()
{
if (isset($_GET['all'])) {
DB::query("UPDATE `user_tb` SET `news` = '0' WHERE `id` = '" . $_SESSION['session_id'] . "'");
$this->redirectTo("/news/");
}
$limit = ($_GET['page'] - 1) * $this->count . ", " . $this->count;
$news = DB::query_array("SELECT * FROM `news_tb` ORDER BY `id` DESC LIMIT " . $limit);
$cpartners = DB::query_row("SELECT COUNT(id) as count FROM `news_tb` ");
if (ceil($cpartners['count'] / $this->count) > 1) {
$this->oSmarty->assign("pagination", $this->getNavigationIndex($cpartners['count'], $this->count, "/news/", $_GET['page'], 10));
}
return $this->oSmarty->assign("news", $news)->fetch($_GET['region'] . "/Body/News.tpl");
}
$message = "<br /><ul>\n";
foreach ($prev_count as $key => $val) {
$message .= "<li><strong>" . $_lang[$key] . ":</strong> <code>" . $val . "</code></li>\n";
}
$message .= "</ul>";
} else {
$message = _formMessage(1, $_lang['global.done']);
}
break;
// deinstalace
// deinstalace
case 2:
$pass = $_POST['pass'];
$confirm = _checkboxLoad("confirm");
if ($confirm) {
$right_pass = DB::query_row("SELECT password,salt FROM `" . _mysql_prefix . "-users` WHERE id=0");
if (_md5Salt($pass, $right_pass['salt']) == $right_pass['password']) {
// ziskani tabulek
$tables = array();
$q = DB::query('SHOW TABLES LIKE \'' . _mysql_prefix . '-%\'');
while ($r = DB::rown($q)) {
$tables[] = $r[0];
}
// odstraneni tabulek
foreach ($tables as $table) {
DB::query("DROP TABLE `" . $table . "`");
}
// zprava
_userLogout();
echo "<h1>" . $_lang['global.done'] . "</h1>\n<p>" . $_lang['admin.other.cleanup.uninstall.done'] . "</p>";
exit;
$oBaseModule->oSmarty->assign("user", Auth::getUser());
}
if (!isset($menu['class'])) {
$oBaseModule->redirectTo("/404/");
}
$oProcess = new $menu['class']();
$action = $menu['method'] == "" ? "action" : "action" . $menu['method'];
call_user_func(array($oProcess, "init"), &$oBaseModule->oSmarty);
$CONTENT = call_user_func(array($oProcess, $action));
//echo $_SERVER['HTTP_ACCEPT'];die();
if (mb_strpos($_SERVER['HTTP_ACCEPT'], "json")) {
echo json_encode(array('result' => $CONTENT));
die;
} else {
if ($CONTENT == null) {
$oBaseModule->redirectTo("/404/");
}
$oBaseModule->oSmarty->assign("text", $CONTENT);
header('Content-type: text/html; charset=utf-8');
header("HTTP/1.1 200 OK", TRUE, 200);
if (isset($_SESSION['session_id']) && is_file("i/profile/" . $_SESSION['session_id'] . ".jpg")) {
$oBaseModule->oSmarty->assign("photo_profile", "/i/profile/" . $_SESSION['session_id'] . ".jpg");
}
$active = call_user_func(array($oProcess, "getActive"), &$oBaseModule->oSmarty);
$oBaseModule->oSmarty->assign("active", $active);
if (isset($_SESSION['session_id']) && $_SESSION['session_id'] != '') {
echo $oBaseModule->oSmarty->assign("user_amount", number_format(Config::userAmount($_SESSION['session_id']), 0, ',', ' '))->assign("count_message", DB::query_row("SELECT COUNT(id) as count FROM `pmessage_tb` WHERE `status` = '1' && `user_id` = '" . $_SESSION['session_id'] . "'"))->assign("count_news", Auth::getUser("news"))->fetch($_GET['region'] . "/IndexFrontend.tpl");
} else {
echo $oBaseModule->oSmarty->fetch($_GET['region'] . "/IndexAuth.tpl");
}
}
/**
* Delete action
* @param array $params
* @param array $action
* @param AdminBread $bread
* @return array
*/
public static function deleteAction(array $params, array $action, AdminBread $bread)
{
$messages = array();
$trigger = "_del_{$bread->uid}";
/* ----- load data ----- */
// verify ID
if (!isset($params[1])) {
return array(array('msg' => 'Missing parameter 1 for ' . __METHOD__), self::ACTION_ERR);
}
// process ID
$id = (int) $params[1];
// load data
$sql = $bread->formatSql("SELECT %columns% FROM `" . $bread->formatTable($bread->table) . "` {$bread->tableAlias} WHERE {$bread->tableAlias}.{$bread->primary}=@id@", array('columns' => array_merge(array($bread->primary), $action['extra_columns']), 'id' => $id));
$data = DB::query_row($sql);
if (false === $data) {
return array(null, self::ACTION_NOT_FOUND);
}
/* ----- delete ----- */
if (isset($_POST[$trigger])) {
// handler or simple delete
if (null !== $action['handler']) {
// use handler
$success = call_user_func($action['handler'], array('data' => $data, 'params' => $params, 'action' => $action, 'bread' => $bread, 'messages' => &$messages));
} else {
// simple delete
$success = DB::query($bread->formatSql("DELETE FROM `" . $bread->formatTable($bread->table) . "` WHERE {$bread->primary}=@id@ LIMIT 1", array('id' => $id)));
}
// handle result
if ($success) {
return array(array('messages' => $messages), self::ACTION_DONE);
} else {
$messages[] = array(2, $GLOBALS['_lang']['global.error']);
}
}
/* ----- render ----- */
return array(array('messages' => $messages), $bread->render($action['template'], array('data' => $data, 'self' => $params['action'], 'submit_text' => $GLOBALS['_lang']['admin.content.redir.act.wipe.submit'], 'submit_trigger' => $trigger)));
}
// forum
// forum
case 5:
$tdata = DB::query("SELECT public,var2,var3,level FROM `" . _mysql_prefix . "-root` WHERE id=" . $posttarget . " AND type=8");
if (DB::size($tdata) != 0) {
$tdata = DB::row($tdata);
if (_publicAccess($tdata['public'], $tdata['level']) and _publicAccess($tdata['var3']) and $tdata['var2'] != 1) {
$continue = true;
}
}
break;
// zprava
// zprava
case 6:
if (_messages && _loginindicator) {
$tdata = DB::query_row('SELECT sender,receiver FROM `' . _mysql_prefix . '-pm` WHERE id=' . $posttarget . ' AND (sender=' . _loginid . ' OR receiver=' . _loginid . ') AND sender_deleted=0 AND receiver_deleted=0');
if ($tdata !== false) {
$continue = true;
$xhome = $posttarget;
}
}
break;
// plugin post
// plugin post
case 7:
_extend('call', 'posts.' . $pluginflag . '.validate', array('home' => $posttarget, 'valid' => &$continue));
break;
// blbost
// blbost
default:
die;
<?php
/* --- kontrola jadra --- */
if (!defined('_core')) {
exit;
}
/* --- nacteni promennych --- */
$continue = false;
if (isset($_GET['cat'])) {
$cid = intval($_GET['cat']);
if (DB::result(DB::query("SELECT COUNT(id) FROM `" . _mysql_prefix . "-root` WHERE id=" . $cid . " AND type=2"), 0) != 0) {
$catdata = DB::query_row("SELECT title,var1,var2 FROM `" . _mysql_prefix . "-root` WHERE id=" . $cid);
$continue = true;
}
}
/* --- vystup --- */
if ($continue) {
$output .= "\n<p class='bborder'>" . $_lang['admin.content.articles.list.p'] . "</p>\n";
// nastaveni strankovani podle kategorie
$artsperpage = $catdata['var2'];
switch ($catdata['var1']) {
case 1:
$artorder = "art.time DESC";
break;
case 2:
$artorder = "art.id DESC";
break;
case 3:
$artorder = "art.title";
break;
case 4:
define('LOCAL_SERVER', TRUE);
} else {
$db_host = "jgiven79.mydomaincommysql.com";
$db_name = "ezonsync";
$db_username = "******";
$db_pass = "******";
define('LOCAL_SERVER', FALSE);
}
foreach (glob('lib/autoload/*.php') as $lib) {
require_once $lib;
}
$db = new DB($db_name, $db_host, $db_username, $db_pass);
if (isset($_SESSION['user_id'])) {
$active_user = $_SESSION['user_id'];
$sql = "SELECT * FROM ebay_users WHERE user_id = {$active_user}";
$user = array_map('trim', DB::query_row($sql));
$DEVNAME = $user['dev_name'];
$APPNAME = $user['app_name'];
$CERTNAME = $user['cert_name'];
//$token = encrypt('AgAAAA**AQAAAA**aAAAAA**G+62VA**nY+sHZ2PrBmdj6wVnY+sEZ2PrA2dj6AFmYKiAZODqAidj6x9nY+seQ**D5kCAA**AAMAAA**hBTDbwVBZQzRd1eWo+Q6GpIKHswi1M0LpELsFw3mMBz1rTRu6YbK++5EW9jfeOEaP47160L+pM3DonYI+9x0IRUrCGa5A+KARGCZsAtv9ahZO/SNw0zdKEqGQjU2gDbEtniyRYGhRXmyNBadHTQjnl21gsCGRyIO3IJDiMkdm8pxl/lTax4XaNr2lvrCD4zzBSFVScyKxnJAIFnFhuhMij3vagg452WSHApVajCe4STr9yatb9VX1Rleo2jVHQdWX5XrAV3HXvAP3MsVVu4LXAvtXvmbOAmM6c/FS6yqrC1k1dS7ODqTFxSgaDPwJxJxJ/FVmpKlkgOyRC2n9MMXqY2GCe+3uPa4CsosCnKduTryU1BSsw2wmizaG/uDoX7w8ci6D17ot3OJbhQQUFfO0RaGFQuSHTq1T0qSnhRzpHQrdHuX6iHWYTYt9/aP/rONApXk7Y5zGx9AKjwxyfPPWztyrG1Xo8v+WVySrQ6DN6yY4KYFDzjR/ENhy2Hnd/gxIMkQXmLrq4gzgJ9RPG3V6kBxoGrqOJ5tT45SBNp3gvxe9lpeTSRrwr8LGKTLHc/ukq3eTdLiQoXTyCBOp8EyU9J/7oz9/+b1mRLNq2zkCZkTyicST0TB+TmyEgnvzxtIqWv5Ho3ULbKYd0UcQo43CMpEuU88OA+uAZCCBGsY77YKnA3lKl7G7p+HOM7nAoWd20eVCsACmNhSDhRkVn+l4m+48gPxGTGJh107N7GqM+ExG1nXYS/cqFo0EXpgVyGr');
//xd(encrypt("AgAAAA**AQAAAA**aAAAAA**JPnJVA**nY+sHZ2PrBmdj6wVnY+sEZ2PrA2dj6wFk4GhDZGLpwudj6x9nY+seQ**TzUDAA**AAMAAA**vKXXPTO6jEoyGt+tEaOoay7uhUawF5n7YMuRajXR2Oq3NtXE2aFumryVj0iOkFogNf/0DxW2iffHyLUv93eRc/AMZFXyGBJb470GEGm6hh9ou7gUsIPN4Q7frHQgtl7yqrJ6RMBsYw4xuVVrqaTJ0Ud4gIaKFpxwV7KxJE20H2/MVUOFv4d/OhG8Y9pJJFITFQguWiMHB1amGPBugHADrYc97/wF/i3f5AZ+/6pjFGNAR2nmRA0NunJrqCHT4z0ckjB/aE0eRFOtFv35MIKyCSGMhVNzuv94p4OUFUAfEv2ojjf1/Qla8ufpnPigmfSjLVWaSGMqNu2nOPZL0Ul8j9MTCKI0MMxk5USC+gduMCKu2AIvLzd089heFPCwGH7MeNSlRdFEq0BshHNdzBXS+sGgvfHArIg0TIXzqq7Kn85F90F2HL9rFgfDaywZmk5lvMv0W7DjpbsoSsSQv9H8AmivtBsQN7J0KovenEKmOF1AK7U7MIC/evDRFzWyu2B6B3I7ylkMd+P9nygw3/a/eQMVGtt5kIJVByoLjVY5KMlrBZ1xSqALsvmaS2xG5PWAq8077oB5U3y1iUZwH1941wkMgE2tB3NQVBGuLe5drIvt5ODvCkNxewP6aLmMInGOqwvgWE20+uWZQhiqWtcqMSScHGxIO5poyIAARlwlmsiqcBwwCHPJoo4+1y9C34nSFvvcDSMNJCP3of4j4EsrMNcVsMv0OtywBIR1y1VQ54N7MPRvInqXwCYZKpQuyDOq")); // TESTUSER_seeker1983
//xd(encrypt("AgAAAA**AQAAAA**aAAAAA**bajSVA**nY+sHZ2PrBmdj6wVnY+sEZ2PrA2dj6wFk4GhDZKKpwydj6x9nY+seQ**zjgDAA**AAMAAA**xN7nAFSZwy0OULgz4hYVevvVk4DmgZp38S0PkqCtN0v2eNAviRrZuoYFbNWzXuyGc+ebcPkWaL1hY7IKm0BUCiFShZQo+p70ZObH0cotvF9xu9jg8Oj8M/Tr7ocaRf3JYqwL9igtJb6RXM7F0r69OcN3G/mu4iOSSIWjMeDmG7WbkjzVlQwidWAJlne8nMviZpTakBXweGIX3AdpfM9MSVO2mPpJZwQZiIqqEOIvHnTn1lFgKIkPU66jFCeeFv1ykWmkad1rKCJjOzpMKSB3gpf2wr3CG6voueYvt6gYzJ/+6Xb0vuYLV34cr8bX7QQPfQx/xdIFuCW1ZLrXaEvsMsojBgHwvIdUYZDMf3cK0P+XQN8yIALKYKnRDMXCuGtskYhNcswtDKu1kCtx9RAEt+JN28nj7dv2VfMsrt2E4OoZeZ29eQdT/mCXEFAyDz9HlUU5TtiVtRh/3N6wIgLT7/J169iLpDmEDKAp6W6F6MiQ82jeNxq/khUEdfOAZnkR73CyZ4ZatY1JvKJeo5XIgOuB6DkT7frMJltKIedqzSeDz+nBL/kRdNzyW5asaR0H1qg02C+3jaYRHURLiReBGN7YnGBxgVsiBzilMuz2D3m6n3veQAZWXf92QIBR2XVqcR2Ie/qw4L2eJtmFxUc75ZwQSOZgsyuHb1I+XBpdhHY0IDxrpBhnujlizZ3D0FUJWsACK1F9hte28XzlvSirWlmEPiK8T6YbWNz2SHU7C+ap+0PXSs7xgZ0JTLI706/2")); // TESTUSER_jgiven
//mysql_query("UPDATE ebay_users set `token`='$token' WHERE user_id = $active_user");
$token = decrypt($user['token']);
$ebayusername = $user['ebay_name'];
if ($user['sandbox']) {
$eBayAPIURL = "https://api.sandbox.ebay.com/ws/api.dll";
} else {
$eBayAPIURL = "https://api.ebay.com/ws/api.dll";
}
}
<?php
/* --- kontrola jadra --- */
if (!defined('_core')) {
exit;
}
/* --- priprava --- */
$form = false;
$message = "";
$id = null;
if (isset($_GET['id'])) {
$id = DB::esc($_GET['id']);
$query = DB::query("SELECT * FROM `" . _mysql_prefix . "-users` WHERE username='******'");
if (DB::size($query) != 0) {
$query = DB::row($query);
$groupdata = DB::query_row("SELECT title,descr,icon,color,blocked FROM `" . _mysql_prefix . "-groups` WHERE id=" . $query['group']);
$form = true;
// promenne
if ($query['note'] == "") {
$note = "";
} else {
$note = "<tr class='valign-top'><td><strong>" . $_lang['global.note'] . "</strong></td><td><div class='note'>" . _parsePost($query['note']) . "</div></td></tr>";
}
// cesta k avataru
$query['avatar'] = _getAvatar($query['id'], true, false, true);
// clanky autora
$arts = DB::result(DB::query("SELECT COUNT(*) FROM `" . _mysql_prefix . "-articles` AS art WHERE author=" . $query['id'] . " AND " . _sqlArticleFilter()), 0);
if ($arts != 0) {
// zjisteni prumerneho hodnoceni
$avgrate = DB::result(DB::query("SELECT ROUND(SUM(ratesum)/SUM(ratenum)) FROM `" . _mysql_prefix . "-articles` WHERE rateon=1 AND ratenum!=0 AND confirmed=1 AND author=" . $query['id']), 0);
if ($avgrate === null) {
$oProcess = new Admin();
call_user_func(array($oProcess, "init"), &$oBaseModule->oSmarty);
$CONTENT = call_user_func(array($oProcess, $sAct));
if (isset($_GET['class'])) {
if (is_file("assets/backend/js/" . $_GET['class'] . ".js")) {
$oBaseModule->oSmarty->assign("jsfile", "/assets/backend/js/" . $_GET['class'] . ".js");
}
if (is_file("assets/backend/css/" . $_GET['class'] . ".css")) {
$oBaseModule->oSmarty->assign("cssfile", "/assets/backend/css/" . $_GET['class'] . ".css");
}
}
if (isset($_SERVER['PHP_AUTH_USER']) && isset($_SERVER['PHP_AUTH_PW'])) {
$usr = $_SERVER['PHP_AUTH_USER'];
$pwd = $_SERVER['PHP_AUTH_PW'];
//echo $usr."|".$pwd;die();
if (DB::query_row("SELECT * FROM `user_tb` WHERE `email` = '" . DB::escape($usr) . "' AND `passwd` = '" . DB::escape($pwd) . "' && `status` = '2'")) {
$login_successful = true;
}
}
if (!$login_successful) {
header('WWW-Authenticate: Basic realm="My Realm"');
header('HTTP/1.0 401 Unauthorized');
print "Login failed!n";
} else {
$oMenu = new Menu();
$oMenu->setMenuParent("Информация", '/admin/' . $_GET['region'] . '/');
$oMenu->setMenuParent("Пользователи", "/admin/" . $_GET['region'] . "/Users/Show/", null);
$oMenu->setMenuParent("Товары", "/admin/" . $_GET['region'] . "/Product/Show/", null);
$oMenu->setMenuParent("Категории", "/admin/" . $_GET['region'] . "/Category/Show/", null);
$parent_id = $oMenu->setMenuParent("Тех поддержка", "/admin/" . $_GET['region'] . "/Support/Show/", null);
$oBaseModule->oSmarty->assign("menu", $oMenu->getMenu());
switch ($post['type']) {
case 1:
case 3:
$hometitle = DB::query_row("SELECT title,title_seo FROM `" . _mysql_prefix . "-root` WHERE id=" . $post['home']);
$homelink = _linkRoot($post['home'], $hometitle['title_seo']);
$hometitle = $hometitle['title'];
break;
case 2:
$hometitle = DB::query_row("SELECT art.title,art.title_seo,cat.title_seo AS cat_title_seo FROM `" . _mysql_prefix . "-articles` AS art JOIN `" . _mysql_prefix . "-root` AS cat ON(cat.id=art.home1) WHERE art.id=" . $post['home']);
$homelink = _linkArticle($post['home'], $hometitle['title_seo']);
$hometitle = $hometitle['title'];
break;
case 5:
$homelink = 'index.php?m=topic&id=' . $post[$post['xhome'] == '-1' ? 'id' : 'xhome'];
if ($post['xhome'] == '-1') {
$hometitle = $post['subject'];
} else {
$hometitle = DB::query_row("SELECT subject FROM `" . _mysql_prefix . "-posts` WHERE id=" . $post['xhome']);
$hometitle = $hometitle['subject'];
}
break;
}
$module .= "<div class='post-head'><a href='" . $homelink . "#post-" . $post['id'] . "' class='post-author'>" . $hometitle . "</a> <span class='post-info'>(" . _formatTime($post['time']) . ")</span></div><p class='post-body'>" . _parsePost($post['text']) . "</p>\n";
}
if (_pagingmode == 2 or _pagingmode == 3) {
$module .= '<br />' . $paging[0];
}
} else {
$module .= $_lang['global.nokit'];
}
}
public function revise($options)
{
$sql = "UPDATE `user_products` SET `VendorPrice` = '{$options['vendor-price']}',\n `VendorQty` = '{$options['vendor_quantity']}',\n `ProfitRatio` = '" . $options['profit-pc'] * 100 . "',\n `Qty` = '{$options['ebay_quantity']}',\n `price` = '{$options['price']}',\n `max_quantity` = '{$options['max_quantity']}'\n WHERE `user_products`.`ItemID` ='{$this->item_id}'";
$this->query($sql);
if ($options['price'] != $this->local_data['Price'] || $options['max_quantity'] != $options['ebay_quantity']) {
$response = Ebay::revise_item($this->item_id, array('quantity' => $options['max_quantity'], 'price' => $options['price']));
$this->log("Updated: price: {$options['price']}, quantity: {$options['max_quantity']}");
}
$this->local_data = DB::query_row("SELECT * from `user_products` where ItemID='{$this->item_id}'");
}
<?php
set_time_limit(0);
$start_time = time("now");
require_once 'lib/config.php';
if ($user['group'] !== 'admin') {
$user_info = $user;
} else {
if (!empty($_GET['add'])) {
$user_info = array('user_id' => 'NULL', 'first_name' => '', 'name' => 'John Doe', 'username' => 'new_user', 'password' => '', 'email' => '', 'paypal_address' => '', 'ebay_name' => '', 'dev_name' => '', 'app_name' => '', 'cert_name' => '', 'token' => '', 'sandbox' => '0', 'postal_code' => '00000', 'location' => 'New york', 'payment_methods' => 'PayPal');
$user_info = array('user_id' => '', 'first_name' => '', 'name' => 'Justin Given', 'username' => 'jgiven', 'password' => '332532dcfaa1cbf61e2a266bd723612c', 'email' => '*****@*****.**', 'paypal_address' => '*****@*****.**', 'ebay_name' => 'mnmerchant2014', 'dev_name' => '47d6fc1b-0e74-4627-b281-be45b8a2191f', 'app_name' => 'MnMercha-6e1f-4d7e-88b9-9954f3aab846', 'cert_name' => 'd5d6cf0c-f5c2-4baa-9196-4cb3db9e0f5d', 'eBayReady' => 'Yes', 'token' => decrypt('+D9KBgPFHvVdaH5I3o1HixlIfEANKhJT7Ti9kyBFwUqIW7ZN3zrBGBVL2javkhM1uxPb9HNz639EiuVfeWoAFdHWx0tuFk8ZGWqbrTFcFueKHLnYr31rUt07AzEoHI7qIDnURm+dwqdm1GEF7tGQ50nHemh1yQ9JkyW6i9UsvRC4v4AVYATzFahcKRFfzkKChwYJ9OlmbklwRvze/9hskWyHLv0eLsVzNhP8mm4n34V6p1iBuzasnHeP6Ipj+n7jAHYhCcs4q5+rJvAD37Cs9mOgUfjCRnWXezhGYM7PzSom68p7dmWGPpOSbBWDScTKp9jlkbDtCFuWrxiyK9SqWIS7SjK7fFb+cX+cGpxm2zfFHz3TnU0p7+J0eXyQFl0Z1H1ScHBZS6yFqcJKI3xfgrPtWG93AuBAYCBpGrCxdXo/PTz4b+dUru1HGUkSAgtS18Fjoef2sTS2MhJIufkmZgrRVV1UaGriuifFM45trj9D2UKFDuT50Y7ssEL8JrRO+1WaUyUrYSgFxW9CmOaCUcOTIIsHa47OmYrq0KdHCLpvEgeLhxvbsyq0clA6d0OksUxhzEbdxAyTXB3n+iA+xeRuz6NtbsREGYy8jTl6PuSr9AAPNuYxhlU2Eg5M8ECxVLwN3LKUdtsviZ0ai8iJKZd6sFWdKEGYEyhbJmfg0j5B+AmNNTRKyFSFKl53UFvKtQkkLolit90ZAxO1dxHWUGOWFjThgQhQUEu8XkrRkIN2RDbRSkOOP3rwNAa9JBXhbo6sbE0uvlE981Uk12WZ7Km9Sx+KFtxpjuk5h2+kQfCMmYpZJJHF6YzObZBfRHyj7m+5/RkYf5LTMzdAptkPwWl+zLiUrw/syDX3px7k+/D3gmde29G/MgI99xCvIFE00iHL40VnU29HdX1R4MpSeRCXB404wJDJ91Y9UXC3m7nWSC7jCpZPkuTatX86xDUpUgezDIMu5OdDTqze3STS+z2VL51fSi75qSvEgXYMMyQPhEt/eY8cg4BGQsVrC8FsZsZNMfD5aWv91yisap/Qg7AJNsxl0HV4jIlsTNWdCNZUENp3ifmEdhnYNw/weeV9Kt2LZKLAfVJOt5XlWj/n87GmtJz8DJWH7SW7Conu9vYVy/LHbWe0vlc0Y1x1KFfRq9UA5DOLEPo='), 'Token_exp_date' => '', 'amazon_username' => '', 'amazon_publickey' => '', 'amazon_privatekey' => '', 'sandbox' => '0', 'postal_code' => '55317', 'location' => 'Mines Chanhassen', 'payment_methods' => 'PayPal', 'footer' => '0');
} else {
$user_id = empty($_GET['user_id']) ? $user['user_id'] : intval($_GET['user_id']);
$user_info = DB::query_row("SELECT * from ebay_users where `user_id` = '{$user_id}'");
}
}
if (isset($_POST['do'])) {
$data = array('first_name' => mysql_real_escape_string(isset($_POST['first_name']) ? $_POST['first_name'] : ''), 'name' => mysql_real_escape_string(isset($_POST['name']) ? $_POST['name'] : ''), 'username' => mysql_real_escape_string(isset($_POST['username']) ? $_POST['username'] : ''), 'email' => mysql_real_escape_string(isset($_POST['email']) ? $_POST['email'] : ''), 'paypal_address' => mysql_real_escape_string(isset($_POST['paypal_address']) ? $_POST['paypal_address'] : ''), 'ebay_name' => mysql_real_escape_string(isset($_POST['ebay_name']) ? $_POST['ebay_name'] : ''), 'dev_name' => mysql_real_escape_string(isset($_POST['dev_name']) ? $_POST['dev_name'] : ''), 'app_name' => mysql_real_escape_string(isset($_POST['app_name']) ? $_POST['app_name'] : ''), 'cert_name' => mysql_real_escape_string(isset($_POST['cert_name']) ? $_POST['cert_name'] : ''), 'token' => encrypt($_POST['token']), 'sandbox' => empty($_POST['sandbox']) ? 0 : 1, 'postal_code' => mysql_real_escape_string(isset($_POST['postal_code']) ? $_POST['postal_code'] : ''), 'location' => mysql_real_escape_string(isset($_POST['location']) ? $_POST['location'] : ''), 'payment_methods' => mysql_real_escape_string(isset($_POST['payment_methods']) ? $_POST['payment_methods'] : ''));
if ($user['group'] == 'admin') {
if (!empty($_POST['add']) || isset($_GET['add'])) {
$data['user_id'] = '';
} else {
if (!empty($_POST['user_id'])) {
$data['user_id'] = intval($_POST['user_id']);
} elseif (!empty($_GET['user_id'])) {
$data['user_id'] = intval($_GET['user_id']);
}
}
} else {
$data['user_id'] = $user['user_id'];
}
<?php
/* --- kontrola jadra --- */
if (!defined('_core')) {
exit;
}
/* --- pripava promennych --- */
$message = "";
$query = DB::query_row("SELECT * FROM `" . _mysql_prefix . "-users` WHERE id=" . _loginid);
if ($query['icq'] == 0) {
$query['icq'] = "";
}
// cesta k avataru
$avatar_path = _getAvatar(_loginid, true, false, true, true);
/* --- ulozeni --- */
if (isset($_POST['username'])) {
$errors = array();
/* -- nacteni a kontrola promennych -- */
// sebedestrukce
if (_loginright_selfdestruction and _checkboxLoad("selfremove")) {
$selfremove_confirm = _md5Salt($_POST['selfremove-confirm'], $query['salt']);
if ($selfremove_confirm == $query['password']) {
if (_loginid != 0) {
_deleteUser(_loginid);
$_SESSION = array();
session_destroy();
define('_redirect_to', 'index.php?m=login&_mlr=4');
return;
} else {
$errors[] = $_lang['mod.settings.selfremove.denied'];
}
$query = DB::row($query);
if (_postAccess($query)) {
$continue = true;
$nobbcode = false;
$backlink = null;
_extend('call', 'mod.editpost.backlink', array('backlink' => &$backlink, 'query' => $query));
if (null === $backlink) {
switch ($query['type']) {
case 1:
$backlink = _addGetToLink(_linkRoot($query['home']), "page=" . _resultPagingGetItemPage(_commentsperpage, "posts", "id>" . $query['id'] . " AND type=1 AND xhome=-1 AND home=" . $query['home'])) . "#post-" . $query['id'];
break;
case 2:
$backlink = _addGetToLink(_linkArticle($query['home']), "page=" . _resultPagingGetItemPage(_commentsperpage, "posts", "id>" . $query['id'] . " AND type=2 AND xhome=-1 AND home=" . $query['home'])) . "#post-" . $query['id'];
break;
case 3:
$postsperpage = DB::query_row("SELECT var2 FROM `" . _mysql_prefix . "-root` WHERE id=" . $query['home']);
$backlink = _addGetToLink(_linkRoot($query['home']), "page=" . _resultPagingGetItemPage($postsperpage['var2'], "posts", "id>" . $query['id'] . " AND type=3 AND xhome=-1 AND home=" . $query['home'])) . "#post-" . $query['id'];
break;
case 4:
$nobbcode = true;
break;
case 5:
if ($query['xhome'] == -1) {
if (!_checkboxLoad("delete")) {
$backlink = "index.php?m=topic&id=" . $query['id'];
} else {
$backlink = _linkRoot($query['home']);
}
} else {
$backlink = _addGetToLink("index.php?m=topic&id=" . $query['xhome'], "page=" . _resultPagingGetItemPage(_commentsperpage, "posts", "id<" . $query['id'] . " AND type=5 AND xhome=" . $query['xhome'] . " AND home=" . $query['home'])) . "#post-" . $query['id'];
}
$gquery['level'] += 1;
}
// konstanty opravneni
foreach ($rights_array as $item) {
define('_loginright_' . $item, $gquery[$item]);
}
// zaznamenani casu aktivity (max 1x za 30 sekund)
if (time() - $uquery['activitytime'] > 30) {
DB::query("UPDATE `" . _mysql_prefix . "-users` SET activitytime='" . time() . "', ip='" . _userip . "' WHERE id=" . _loginid);
}
}
}
if (1 !== $result) {
// konstanty hosta
define('_loginid', -1);
define('_loginname', '');
define('_loginpublicname', '');
define('_loginemail', '');
define('_loginwysiwyg', 0);
define('_loginlanguage', '');
define('_logincounter', 0);
// konstanty skupiny
$gquery = DB::query_row("SELECT * FROM `" . _mysql_prefix . "-groups` WHERE id=2");
define('_loginright_group', $gquery['id']);
define('_loginright_groupname', $gquery['title']);
foreach ($rights_array as $item) {
define('_loginright_' . $item, $gquery[$item]);
}
}
// konstanta pro indikaci prihlaseni
define('_loginindicator', $result);
$message = _formMessage(1, $_lang['global.created']);
break;
} else {
// ulozeni
DB::query('UPDATE `' . _mysql_prefix . '-redir` SET old=\'' . DB::esc($q['old']) . '\',new=\'' . DB::esc($q['new']) . '\',active=' . $q['active'] . ' WHERE id=' . $edit_id);
$message = _formMessage(1, $_lang['global.saved']);
}
}
// nacteni dat
if ($new) {
if (!isset($q)) {
$q = array();
}
$q += array('id' => null, 'old' => '', 'new' => '', 'active' => '1');
} else {
$q = DB::query_row('SELECT * FROM `' . _mysql_prefix . '-redir` WHERE id=' . $edit_id);
if ($q === false) {
break;
}
}
// formular
$output .= $message . "\n<form action='' method='post'>\n<table class='formtable'>\n\n<tr>\n <td class='rpad'><strong>" . $_lang['admin.content.redir.old'] . "</strong></td>\n <td><input type='text' name='old' value='" . $q['old'] . "' class='inputmedium' maxlength='255' /></td>\n</tr>\n\n<tr>\n <td class='rpad'><strong>" . $_lang['admin.content.redir.new'] . "</strong></td>\n <td><input type='text' name='new' value='" . $q['new'] . "' class='inputmedium' maxlength='255' /></td>\n</tr>\n\n<tr>\n <td class='rpad'><strong>" . $_lang['admin.content.redir.act'] . "</strong></td>\n <td><input type='checkbox' name='act' value='1'" . _checkboxActivate($q['active']) . " /></td>\n</tr>\n\n<tr>\n <td></td>\n <td><input type='submit' value='" . $_lang['global.' . ($new ? 'create' : 'save')] . "' /></td>\n</tr>\n\n</table>\n" . _xsrfProtect() . "</form>";
} while (false);
} elseif (isset($_GET['del']) && _xsrfCheck(true)) {
// smazani
DB::query('DELETE FROM `' . _mysql_prefix . '-redir` WHERE id=' . intval($_GET['del']));
$output .= _formMessage(1, $_lang['global.done']);
} elseif (isset($_GET['wipe'])) {
// smazani vsech
if (isset($_POST['wipe_confirm'])) {
DB::query('TRUNCATE TABLE `' . _mysql_prefix . '-redir`');
}
// formular
if (isset($message)) {
$module .= $message . "\n";
}
$module .= "<form action='' method='post' name='newmsg'" . _jsCheckForm('newmsg', array('receiver')) . ">\n<table>\n\n<tr>\n <td><strong>" . $_lang['mod.messages.receiver'] . "</strong></td>\n <td><input type='text' name='receiver' class='inputsmall' maxlength='24'" . _restorePostValue("receiver", _get('receiver')) . " /></td>\n</tr>\n\n<tr>\n <td><strong>" . $_lang['posts.subject'] . "</strong></td>\n <td><input type='text' name='subject' class='inputsmall' maxlength='22'" . _restorePostValue("subject", _get('subject')) . " /></td>\n</tr>\n\n<tr class='valign-top'>\n <td><strong>" . $_lang['mod.messages.message'] . "</strong></td>\n <td><textarea name='text' class='areamedium' rows='5' cols='33'>" . _restorePostValue("text", null, true) . "</textarea></td>\n</tr>\n\n<tr>\n <td></td>\n <td><input type='submit' value='" . $_lang['global.send'] . "' />" . _getPostFormControls('newmsg', 'text') . "</td>\n</tr>\n\n</table>\n\n" . _jsLimitLength(16384, 'newmsg', 'text') . "\n\n" . _xsrfProtect() . "</form>\n";
break;
/* --- vypis --- */
/* --- vypis --- */
default:
// cteni vzkazu
if (isset($_GET['read'])) {
// promenne
$id = intval($_GET['read']);
// nacist data
$q = DB::query_row('SELECT pm.*,post.subject,post.time FROM `' . _mysql_prefix . '-pm` AS pm JOIN `' . _mysql_prefix . '-posts` AS post ON (post.type=6 AND post.home=pm.id AND post.xhome=-1) WHERE pm.id=' . $id . ' AND (sender=' . _loginid . ' AND sender_deleted=0 OR receiver=' . _loginid . ' AND receiver_deleted=0)');
if ($q === false) {
$module .= _formMessage(3, $_lang['global.badinput']);
break;
}
// titulek
$mod_title = 'mod.messages.read';
// stavy
$locked = $q['sender_deleted'] || $q['receiver_deleted'];
list($role, $role_other) = $q['sender'] == _loginid ? array('sender', 'receiver') : array('receiver', 'sender');
// citace neprectenych zprav
$counter = DB::result(DB::query('SELECT COUNT(*) FROM `' . _mysql_prefix . '-posts` WHERE home=' . $q['id'] . ' AND type=6 AND time>' . $q[$role_other . '_readtime']), 0);
$counter_s = array('', '');
$counter_s[$role === 'sender' ? 1 : 0] = ' (' . $counter . ')';
// vystup
require_once _indexroot . 'require/functions-posts.php';
if (!_loginindicator) {
if (_xsrfCheck()) {
if (_iplogCheck(1)) {
// nacteni promennych
$username = DB::esc($_POST['username']);
$email = strpos($_POST['username'], '@') !== false;
$password = $_POST['password'];
$persistent = _checkboxLoad('persistent');
// nalezeni uzivatele
$query = DB::query("SELECT * FROM `" . _mysql_prefix . "-users` WHERE `" . ($email ? 'email' : 'username') . "`='" . $username . "'" . (!$email && $username !== '' ? ' OR publicname=\'' . $username . '\'' : ''));
if (DB::size($query) != 0) {
$query = DB::row($query);
if (empty($username)) {
$username = $query['username'];
}
$groupblock = DB::query_row("SELECT blocked FROM `" . _mysql_prefix . "-groups` WHERE id=" . $query['group']);
if ($query['blocked'] == 0 and $groupblock['blocked'] == 0) {
if (_md5Salt($password, $query['salt']) == $query['password']) {
// navyseni poctu prihlaseni
DB::query("UPDATE `" . _mysql_prefix . "-users` SET logincounter=logincounter+1 WHERE id=" . $query['id']);
// zaslani cookie pro stale prihlaseni
if ($persistent) {
$persistent_cookie_data = array();
$persistent_cookie_data[] = $query['id'];
$persistent_cookie_data[] = $ipbound ? '1' : '0';
$persistent_cookie_data[] = _md5HMAC($query['password'] . '$' . $query['email'], $ipbound ? _userip : _sessionprefix);
setcookie(_sessionprefix . "persistent_key", implode('$', $persistent_cookie_data), time() + 2592000, "/");
}
// ulozeni dat pro session
$_SESSION[_sessionprefix . "user"] = $query['id'];
$_SESSION[_sessionprefix . "password"] = $query['password'];
if (!defined('_core')) {
exit;
}
// vystup
$title = $query['title'];
// odkazani podle ID
if ($query['content'] !== '') {
if (mb_substr($query['content'], 0, 1) == "*") {
// stranka
$lid = intval(mb_substr($query['content'], 1));
$query['content'] = "";
$rootdata = DB::query_row("SELECT id,title_seo FROM `" . _mysql_prefix . "-root` WHERE id=" . $lid);
if ($rootdata !== false) {
$query['content'] = _linkRoot($rootdata['id'], $rootdata['title_seo']);
}
} else {
// clanek
if (mb_substr($query['content'], 0, 1) == "%") {
$lid = intval(mb_substr($query['content'], 1));
$query['content'] = "";
$artdata = DB::query_row("SELECT art.id,art.title_seo,cat.title_seo AS cat_title_seo FROM `" . _mysql_prefix . "-articles` AS art JOIN `" . _mysql_prefix . "-root` AS cat ON(cat.id=art.home1) WHERE art.id=" . $lid);
if ($artdata !== false) {
$query['content'] = _linkArticle($artdata['id'], $artdata['title_seo']);
}
}
}
}
// aktivace presmerovani
if ($query['content'] != "") {
define('_redirect_to', $query['content']);
}
<?php
/*
* FIO invoices - API
* Automatizace zaplacenych faktur
* Author <smetka.net>
*/
$ip = "IP ADRESS SERVER";
$fio_token = "FIO TOKEN API";
if ($_SERVER["REMOTE_ADDR"] === $ip) {
$xml = simplexml_load_file("https://www.fio.cz/ib_api/rest/periods/{$fio_token}/" . date("Y-m-d", strtotime("-2 month")) . "/" . date("Y-m-d") . "/transactions.xml");
$items = $xml->TransactionList->Transaction;
foreach ($items as $key => $value) {
$final_price = $value->column_1;
$vs = $value->column_5;
$update = DB::query_row("SELECT vs, final_price, confirm FROM table WHERE confirm='0' AND vs='{$vs}' AND final_price='{$final_price}'");
if ($update) {
// E.g. sending a notification email
}
}
}
/**
* Sestavit a provest dotaz na cestu
* @param array $columns
* @param int $nodeId
* @param int|null $nodeLevel
* @return array
*/
public function loadPath(array $columns, $nodeId, $nodeLevel = null)
{
// zjistit uroven uzlu
if (null === $nodeLevel) {
$nodeLevel = DB::query_row('SELECT ' . $this->levelColumn . ' FROM `' . $this->table . '` WHERE ' . $this->idColumn . '=' . DB::val($nodeId));
if (false === $nodeLevel) {
throw new RuntimeException(sprintf('Neexistujici uzel "%s"', $nodeId));
}
$nodeLevel = $nodeLevel[$this->levelColumn];
}
// pripravit sloupce
$columns = array_merge(array($this->idColumn, $this->parentColumn, $this->levelColumn, $this->depthColumn), $columns);
$columnCount = sizeof($columns);
// sestavit dotaz
$sql = 'SELECT ';
for ($i = 0; $i <= $nodeLevel; ++$i) {
for ($j = 0; $j < $columnCount; ++$j) {
if (0 !== $i || 0 !== $j) {
$sql .= ',';
}
$sql .= 'n' . $i . '.' . $columns[$j];
}
}
$sql .= ' FROM `' . $this->table . '` n0';
for ($i = 1; $i <= $nodeLevel; ++$i) {
$sql .= sprintf(_nl . ' JOIN `%s` n%s ON(n%2$s.%s=n%s.%s)', $this->table, $i, $this->idColumn, $i - 1, $this->parentColumn);
}
$sql .= ' WHERE n0.' . $this->idColumn . '=' . DB::val($nodeId);
// nacist uzly
$nodes = array();
$nodeIndex = 0;
$query = DB::query($sql);
$row = DB::rown($query);
for ($i = $nodeLevel * $columnCount; isset($row[$i]); $i -= $columnCount) {
for ($j = 0; $j < $columnCount; ++$j) {
$nodes[$nodeIndex][$columns[$j]] = $row[$i + $j];
}
++$nodeIndex;
}
DB::free($query);
return $nodes;
}
