public function getImagesCount()
{
if ($this->images_count === null) {
$this->images_count = Database::getValue("\n SELECT COUNT(*)\n FROM `products_image`\n WHERE `id_product` = {$this->id}\n ");
}
return $this->images_count;
}
protected static function actionNewImage()
{
$file = self::processImage($_FILES['image']['tmp_name'], isset($_POST['product']) ? ROOT_DIR . '/assets/images/products' : ROOT_DIR . '/assets/images/temp', array('110x110', '255x237', '184x162', '255x128', '329x380', '85x84'));
if (isset($_POST['product'])) {
$image = new ProductImageModel();
$image->file = $file;
$image->id_product = $_POST['product'];
$image->position = 1 + Database::getValue("\n SELECT MAX(`position`)\n FROM `product_image`\n WHERE `id_product` = {$_POST['product']}\n ");
$image->save();
$product = new ProductModel($_POST['product']);
$list = new TemplateList();
$list->fields = array('file' => array('type' => 'image', 'title' => '', 'directory' => 'products', 'size' => '85x84'));
$list->itemActions = array('down-image' => array('hint' => 'Опустить', 'icon' => 'down', 'controller' => 'AdminProducts'), 'up-image' => array('hint' => 'Поднять', 'icon' => 'up', 'controller' => 'AdminProducts'), 'delete-image' => array('hint' => 'Удалить', 'icon' => 'delete', 'controller' => 'AdminProducts'));
$list->items = $product->images;
return $list->display();
} else {
$images = array();
$_POST['images'] = isset($_POST['images']) ? explode(',', $_POST['images']) : array();
$_POST['images'][] = $file;
foreach ($_POST['images'] as $image) {
$images[] = array('id' => $image);
}
$list = new TemplateList();
$list->fields = array('id' => array('type' => 'image', 'title' => '', 'directory' => 'temp', 'size' => '85x84'));
$list->items = $images;
return $list->display() . '<input type="hidden" id="image_post_params" name="image_post_params" value=\'' . json_encode(array('images' => implode(',', $_POST['images']))) . '\' />';
}
}
public function get_avatar()
{
if (!($fid = Database::getValue("SELECT fid FROM " . CONFIG_DB_PREFIX . "user_avatar WHERE uid = {$this->uid}"))) {
return false;
} else {
return Page::url("/file/{$fid}");
}
}
<?php
include_once "../config.php";
include_once "../lib/Database.php";
session_start();
if (!(isset($_SESSION['student']) && isset($_SESSION['test']))) {
echo "Invalid session";
return;
}
$student = $_SESSION['student'];
$test = $_SESSION['test'];
$db = new Database(DB_HOST, DB_USER, DB_PASS);
$db->selectDatabase(DB_NAME);
$ts = $db->getValue("select TimeSpent from oes_Test where ID = {$test}");
if ($ts == null) {
$ts = 0;
}
if (isset($_SESSION['duration'])) {
$duration = $_SESSION['duration'];
} else {
$duration = $db->getValue("select Duration from oes_Exam where ID = (select Exam from oes_Test where ID = {$test})");
$_SESSION['duration'] = $duration;
}
if ($ts < $duration) {
echo "<div class=title>Thời gian</div>";
$db->query("update oes_Test set TimeSpent = " . ($ts + 1) . " where ID = {$test}");
} else {
echo '<script>parent.onTimeOut()</script>';
echo "<div class=timeout>Hết giờ</div>";
$_SESSION['TIME_OUT'] = true;
}
<?php
include_once "../config.php";
include_once "../lib/Database.php";
session_start();
unset($_SESSION['user']);
if (isset($_POST['submit'])) {
$id = str_value($_POST['id']);
$pass = str_value($_POST['pass']);
$db = new Database(DB_HOST, DB_USER, DB_PASS);
$db->selectDatabase(DB_NAME);
$user = $db->getValue("select ID from oes_User where ID = {$id} and Pass = sha1({$pass})");
if ($user != null) {
$_SESSION['user'] = $user;
if (isset($_SESSION['page'])) {
$page = $_SESSION['page'];
} else {
$page = 'exam.php';
}
header("Location: {$page}");
} else {
?>
<head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"/></head>
<center>Đăng nhập thất bại!</center>
<center>Xin hãy kiểm tra thông tin đã nhập.</center>
<center><button onClick='history.back()'>Trở lại</button></center>
<?php
}
return;
}
?>
return;
}
$action = $_GET['action'];
if (isset($_GET['exam'])) {
$exam = $_GET['exam'];
} else {
$exam = null;
}
$db = new Database(DB_HOST, DB_USER, DB_PASS);
$db->selectDatabase(DB_NAME);
switch ($action) {
case 'init':
$update['list'] = true;
break;
case 'detail':
$running = $db->getValue("select (EndTime is null and StartTime is not null)\n\t\t\t\t\tfrom oes_Exam where ID = {$exam}");
if ($running) {
echo "<script>parent.setStatInterval({$exam});</script>";
} else {
echo "<script>parent.clearStatInterval();</script>";
}
$update['detail'] = $update['list'] = $update['stat'] = true;
break;
case 'start':
$db->query("update oes_Exam set StartTime = now() where ID = {$exam}");
echo "<script>parent.setStatInterval({$exam});</script>";
$update['detail'] = $update['list'] = true;
break;
case 'stop':
$db->query("update oes_Exam set EndTime = now() where ID = {$exam}");
echo "<script>parent.clearStatInterval();</script>";
public function groupIsAllowed($gid)
{
return Database::getValue("select 1 from " . CONFIG_DB_PREFIX . "permission_group where pid=" . $this->pid . " AND gid={$gid}");
}
echo $e->getMessage();
return -1;
}
}
$_SESSION['test'] = $test;
header('Location: question.php');
return;
}
?>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
<script type="text/javascript" src="../ptajax/module.js"></script>
<link href="test.css" rel="stylesheet" type="text/css">
</head>
<?php
$class = $db->getValue("select Class from oes_Student where ID={$student}");
$class = num_value($class);
$result = $db->query("select\n\t\t\t\tE.ID as ID,\n\t\t\t\tE.Name as Name,\n\t\t\t\toes_Subject.Name as Subject,\n\t\t\t\tTime,\n\t\t\t\t(select TimeSpent from oes_Test where Exam = E.ID and Student = {$student}) as TimeSpent,\n\t\t\t\tDuration,\n\t\t\t\t(select count(distinct ID) from oes_Answer join oes_TQ on ID = TQ\n\t\t\t\t\t\twhere Test =\n\t\t\t\t\t\t(select ID from oes_Test where Exam = E.ID and Student = {$student}))\n\t\t\t\t\t\tas Done,\n\t\t\t\tNoQ\n\t\t\tfrom (select * from oes_Exam where Class = {$class}\n\t\t\t\t\tand StartTime is not null and EndTime is null) as E\n\t\t\t\tjoin oes_Subject on E.Subject = oes_Subject.ID");
if (mysql_num_rows($result) == 0) {
echo '<center>Không có buổi thi nào cho bạn.</center>';
mysql_free_result($result);
return;
}
echo '<h2>Chọn môn thi</h2>';
echo '<table class=examtable cellspacing="0"><tr>';
echo '<th>Tên<th>Môn<th>Lần<th>Đã dùng<th>Đã làm';
$c = 0;
while ($row = mysql_fetch_array($result)) {
$ex = $row['ID'];
$style = $c++ & 1 ? 'class=alt' : null;
echo "<tr {$style} onClick='window.location=\"test.php?eid={$ex}\"'>";
public static function getUnreadMessages($uid, $uid2 = null)
{
$tbl = CONFIG_DB_PREFIX . "messages";
$t = " ";
if ($uid2 != null) {
$t = "and sid={$uid2}";
}
$s = "select count(*) from {$tbl} where rid={$uid} {$t} and `read`=0";
$e = Database::getValue($s);
return $e != false ? $e : 0;
}
$shuffleable = $question_assoc[0]['Shuffleable'];
$result = $db->query("select * from oes_Choice where Question = {$q}");
$choice = fetch_assoc($result);
mysql_free_result($result);
}
?>
<BODY>
<div align=center>
<h1>Sửa câu hỏi</h1>
<form action=# method=POST>
<table>
<tr><td align=center><label for=subject>Môn</label>
<?php
echo $db->getValue("select Name from oes_Subject where ID = {$subject}");
echo "<input type=hidden name=subject value={$subject}>";
?>
<tr><td>
<table>
<tr><td>Câu hỏi
<tr><td><textarea cols=60 rows=6 id=question name=question><?php
echo $question;
?>
</textarea>
<tr><td>Lựa chọn <label><input type=checkbox name=shuffleable <?php
if ($shuffleable) {
echo 'checked';
}
?>
private function update()
{
$query = 'UPDATE `' . static::TABLE . '` SET ';
foreach (static::$fields as $field) {
$query .= "`{$field}` = '{$this->values[$field]}', ";
}
$query = rtrim($query, ', ');
$query .= " WHERE `id` = {$this->id}";
Database::query($query);
if (!empty(static::$fieldsLang) && is_numeric($this->id_lang)) {
if ($this->id_lang) {
if (Database::getValue("SELECT `id` FROM `" . static::TABLE . "_lang` WHERE `id_lang` = {$this->id_lang} AND `id_object` = {$this->id}")) {
$query = 'UPDATE `' . static::TABLE . '_lang` SET ';
foreach (static::$fieldsLang as $field) {
$query .= "`{$field}` = '{$this->values_lang[$field]}', ";
}
$query = rtrim($query, ', ');
$query .= " WHERE `id_lang` = {$this->id_lang} AND `id_object` = {$this->id}";
} else {
$query = "INSERT INTO `" . static::TABLE . "_lang` (`id_object`, `id_lang`, `";
$query .= implode(`, `, static::$fieldsLang);
$query .= "`) VALUES ({$this->id}, {$this->id_lang}, '";
$query .= implode("', '", $this->valuesLang);
$query .= "')";
}
Database::query($query);
} else {
foreach (App::getLangs() as $lang) {
$lang = $lang->getId();
if (Database::getValue("SELECT `id` FROM `" . static::TABLE . "_lang` WHERE `id_lang` = {$lang} AND `id_object` = {$this->id}")) {
$query = 'UPDATE `' . static::TABLE . '_lang` SET ';
foreach (static::$fieldsLang as $field) {
$query .= "`{$field}` = '{$this->values_lang[$field][$lang]}', ";
}
$query = rtrim($query, ', ');
$query .= " WHERE `id_lang` = {$lang} AND `id_object` = {$this->id}";
} else {
$query = "INSERT INTO `" . static::TABLE . "_lang` (`id_object`, `id_lang`, `";
$query .= implode(`, `, static::$fieldsLang);
$query .= "`) VALUES ({$this->id}, {$lang}, ";
foreach (static::$fieldsLang as $field) {
$query .= "'{$this->values_lang[$field][$lang]}', ";
}
$query = rtrim($query, ', ');
$query .= "')";
}
Database::query($query);
}
}
}
}
