public static function CreateForActualLink($link)
{
$ob = new self();
$ob->SetAuthorID(GetUserID());
$ob->SetActualLink($link);
$random_link = SecretLink::GenerateRandomLink();
do {
$old = SecretLink::FetchBy(['select_list' => 'id', 'eq_conds' => ['public_link' => $random_link]]);
if (count($old) != 0) {
$random_link = SecretLink::GenerateRandomLink();
} else {
break;
}
} while (1);
$ob->SetPublicLink($random_link);
$res = SecretLink::InsertToDB($ob);
if (Error::IsError($res)) {
return $res;
}
return $ob;
}
global $link_to_img_browse;
clear_tmp_images_dir(Report::$type, $id);
clear_tmp_files_dir(Report::$type, $id);
$head_addition .= '<script type="text/javascript" src="js/files_upload.js"></script>';
$ob_id = $_POST['id'];
$ob = Report::FetchBy(['eq_conds' => ['id' => $ob_id], 'is_unique' => true]);
$receivers = User::FetchBy(['select_list' => 'id, name, surname', 'where_addition' => '(received_reports LIKE ("%\\"' . $ob_id . '\\"%"))']);
$users = '';
foreach ($receivers as $key => $user) {
$users .= '<div class="row">';
$users .= '<div class="' . ColAllTypes(12) . '">';
$users .= $user->LinkToThis();
$users .= '</div>';
$users .= '</div>';
}
if (Error::IsError($ob)) {
$content = AlertMessage('alert-danger', 'Error occured during fetching: ' . Error::ToString($ob));
} else {
$path_to_file = $ob->GetPathToFile();
$author_id = GetUserID();
$head_addition .= MakeScript('files_type = "' . Report::$type . '"; files_action = "edit"; owner_id = ' . $ob->GetID() . '; max_files = 1; author_id = ' . $author_id . ';');
$content .= '<form method="post" action="' . $link_to_utility_sql_worker . '" enctype="multipart/form-data">';
$content .= PairLabelAndPanel(4, 5, Language::Word('current receivers'), $users);
$content .= '<div class="row">';
$content .= '<div class="' . ColAllTypes(4) . ' vcenter" align="right">';
$content .= '<b>' . Language::Word('change receivers') . '</b>';
$content .= '</div>';
$content .= '<div class="' . ColAllTypes(5) . ' vcenter" align="center">';
$content .= '<div class="dropdown">';
$content .= '<input onkeyup="showUsers(this);" placeholder="' . Language::Word('start to insert name') . '" class="form-control margin-sm dropdown-toggle" type="text" id="recipient_input" name="recipient_input" aria-haspopup="true" value="">';
$content .= '<ul class="dropdown-menu" id="users_list">';
public static function Delete($id)
{
global $db_connection;
global $link_to_report_images;
global $link_to_report_files;
global $link_to_logo;
$ob = Report::FetchBy(['select_list' => 'id, author_id', 'eq_conds' => ['id' => $id], 'is_unique' => true]);
if (Error::IsError($ob)) {
return $ob;
}
if (!$db_connection->query("DELETE FROM `" . self::$table . "` WHERE `id` = " . $id)) {
echo $db_connection->error;
return 0;
} else {
removeDirectory($link_to_report_images . $id);
removeDirectory($link_to_report_files . $id);
$sended = User::FetchBy(['select_list' => 'sended_reports', 'eq_conds' => ['id' => $ob->GetAuthorID()], 'is_unique' => true]);
$new_sended = [];
foreach ($sended->GetSendedReports() as $key => $repid) {
if ($repid != $id) {
array_push($new_sended, $repid);
}
}
$rc = $db_connection->query('UPDATE ' . User::$table . ' SET sended_reports = "' . $db_connection->real_escape_string(json_encode($new_sended)) . '" WHERE id = ' . $ob->GetAuthorID());
if (!$rc) {
return new Error($db_connection->error, Error::db_error);
}
$received = User::FetchBy(['select_list' => 'received_reports, id', 'where_addition' => '(received_reports LIKE ("%\\"' . $id . '\\"%"))']);
if (Error::IsError($received)) {
return $received;
}
foreach ($received as $key => $user) {
$new_received = [];
foreach ($user->GetReceivedReports() as $key => $repid) {
if ($repid != $id) {
array_push($new_received, $repid);
}
}
$rc = $db_connection->query('UPDATE ' . User::$table . ' SET received_reports = "' . $db_connection->real_escape_string(json_encode($new_received)) . '" WHERE id = ' . $user->GetID());
if (!$rc) {
return new Error($db_connection->error, Error::db_error);
}
}
return 0;
}
}
<?php
require_once 'utility_lgmis_lib.php';
include_once $link_to_utility_authorization;
if (isset($_GET['public_link'])) {
SecretLink::ClearOldLinks();
$link = SecretLink::FetchBy(['select_list' => 'actual_link', 'eq_conds' => ['public_link' => $_GET['public_link']], 'is_unique' => true]);
if (Error::IsError($link)) {
echo 'Ссылка не найдена';
exit;
}
global $link_prefix;
header('Location: ' . $link_prefix . $link->GetActualLink());
exit;
}
$file_path = $_SERVER['DOCUMENT_ROOT'] . $link_prefix;
if (isset($_GET['file_path'])) {
$file_path .= $_GET['file_path'];
} else {
if (isset($_POST['file_path'])) {
$file_path .= $_POST['file_path'];
} else {
echo 'exit';
exit;
}
}
if (file_exists($file_path)) {
if (!is_dir($file_path)) {
header('Content-Description: File Transfer');
header('Content-Type: application/octet-stream');
header('Content-Disposition: attachment; filename="' . urldecode(basename($file_path)) . '"');
public static function FetchLike($what, $kwargs = [])
{
extract($kwargs, EXTR_PREFIX_ALL, 't');
if (!isset($t_text)) {
return Error::arg_not_valid;
}
$text = $t_text;
$select_list = '*';
$where_addition = 'LOWER(' . $what . ') LIKE LOWER("%' . $text . '%")';
$special = array();
$limit = '';
$is_assoc = false;
if (isset($t_limit)) {
$limit = $t_limit;
}
if (isset($t_special)) {
if (is_string($t_special)) {
$special = array($t_special);
} else {
$special = $t_special;
}
}
if (isset($t_select_list)) {
$select_list = $t_select_list;
}
if (isset($t_is_assoc)) {
$is_assoc = $t_is_assoc;
}
$obs = self::FetchBy(['select_list' => $select_list, 'where_addition' => $where_addition, 'order_by' => 'id DESC', 'limit' => $limit, 'is_assoc' => $is_assoc, 'special' => array('link_to_full')]);
if (Error::IsError($obs)) {
return $obs;
}
return $obs;
}
public function InsertToDB()
{
global $db_connection;
$res = User::FetchBy(['eq_conds' => ['login' => $this->login], 'select_list' => 'id', 'is_unique' => true]);
if (!Error::IsError($res)) {
self::$last_error = Language::Word('user with such login already exists');
return false;
}
$name_tmp = $db_connection->real_escape_string($this->name);
$surname_tmp = $db_connection->real_escape_string($this->surname);
$fathername_tmp = $db_connection->real_escape_string($this->fathername);
$login_tmp = $db_connection->real_escape_string($this->login);
$email_tmp = $db_connection->real_escape_string($this->email);
$telephone_tmp = $db_connection->real_escape_string($this->telephone);
$text_tmp = $db_connection->real_escape_string($this->text);
$res = $db_connection->query("INSERT INTO `register_requests`\r\n\t\t\t\t(`name`, `surname`, `fathername`, `login`, `password`, `request_time`, `email`, `telephone`, `text`)\r\n\t\t\t\tVALUES\r\n\t\t\t\t('" . $name_tmp . "', '" . $surname_tmp . "', '" . $fathername_tmp . "',\r\n\t\t\t\t\t'" . $login_tmp . "', '" . password_hash($this->password, PASSWORD_DEFAULT) . "', CURRENT_TIMESTAMP, '" . $email_tmp . "', '" . $telephone_tmp . "',\r\n\t\t\t\t\t'" . $text_tmp . "')");
if (!$res) {
self::$last_error = $db_connection->error;
return false;
}
return true;
}
public static function GetIDByLogin($login)
{
$user = self::FetchBy(['select_list' => 'id', 'eq_conds' => ['login' => $login], 'is_unique' => true]);
if (Error::IsError($user)) {
echo Error::ToString($user);
return NULL;
}
return $user->id;
}
<?php
require_once 'utility_lgmis_lib.php';
require_once $link_to_utility_authorization;
if (isset($_POST['id']) && isset($_GET['id']) && $_POST['id'] !== $_GET['id']) {
$content = AlertMessage('alert-danger', 'Неоднозначные id');
} else {
$user = User::FetchBy(['eq_conds' => ['id' => $_REQUEST['id']], 'is_unique' => true]);
if (Error::IsError($user)) {
echo Error::ToString($user);
exit;
}
$prev_page = '';
if (isset($_REQUEST['edit'])) {
$title = Language::Word('profile edit');
$header = $title;
$content = $user->ToHTMLEditing();
} else {
$title = $user->GetName();
$header = htmlspecialchars(Language::Translit($user->GetName() . ' ' . $user->GetSurname() . ' ' . $user->GetFathername()));
$content = $user->ToHTMLAutoFull(GetUserPrivileges());
$no_content_center = true;
}
}
require_once $link_to_admin_template;
if ($name === $myfiles[$i]->GetName()) {
$is_error = true;
$content = json_encode(['error' => 'File with name ' . $name . ' already exists']);
break;
}
}
if ($is_error) {
break;
}
$new_dir_it->next();
}
if ($is_error) {
break;
}
for ($i = 0; $i < $size; ++$i) {
if ($rc = Error::IsError(MyFile::InsertToDB($myfiles[$i]))) {
$content = json_encode(['error' => Error::ToString($rc)]);
$is_error = true;
break;
}
}
if ($is_error) {
break;
}
simple_copy($dir, $new_dir);
clear_tmp_files_dir(MyFile::$type, 0);
$content = json_encode(['ok' => true]);
break;
default:
break;
}