public function view_album()
{
$this->_checkPermission();
$paths = func_get_args();
$id = urldecode(join('/', $paths));
$albums = Record::query('select * from ' . TABLE_PREFIX . 'album where id="' . $id . '"');
$album = $albums->fetchObject();
/* Pagination */
if (isset($_GET['page'])) {
$CurPage = $_GET['page'];
} else {
$CurPage = 0;
}
$rowspage = 20;
$start = $CurPage * $rowspage;
$totalrecords = Record::countFrom('Gallery', 'album_id="' . $id . '"');
$galleries = Record::query('select * from ' . TABLE_PREFIX . 'gallery g where g.album_id = "' . $id . '" ORDER BY g.sequence LIMIT ' . $start . ',' . $rowspage);
$lastpage = ceil($totalrecords / $rowspage);
if ($totalrecords <= $rowspage) {
$lastpage = 0;
} else {
$lastpage = abs($lastpage - 1);
}
/* End Pagination */
$this->display('gallery/view_album', array('album' => $album, 'CurPage' => $CurPage, 'lastpage' => $lastpage, 'galleries' => $galleries, 'pages' => Record::findAllFrom('Page', 'parent_id=1 order by parent_id,position')));
}
public function isUsed()
{
/* TODO: This should use Page::count() */
return Record::countFrom('Page', 'layout_id=?', array($this->id));
}
public function isUsed()
{
return Record::countFrom('Page', 'layout_id = :layout_id', array(':layout_id' => $this->id));
}
case "employee_login":
$success = false;
$login_nric = addslashes($_POST['login_nric']);
$login_password = addslashes($_POST['login_password']);
$encrypt_password = md5($login_password);
if (empty($login_nric)) {
$error = "nonric";
// } else if(!preg_match("/^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$/i", $login_nric)){
// $error = "invalidemail";
} else {
if (empty($login_password)) {
$error = "nopass";
} else {
$employee = new Employee();
$valid_employee = $employee->findOneFrom('Employee', 'NRIC = "' . $login_nric . '" AND password="******"');
if (Record::countFrom('Employee', 'NRIC = "' . $login_nric . '" AND password="******"') > 0) {
$employee = $valid_employee;
$today = date("Y-m-d");
$expire = $employee->validate_date;
$today_time = strtotime($today);
$expire_time = strtotime($expire);
if ($employee->suspended) {
$error = "suspended";
} else {
if (!$employee->validate) {
$error = "notvalidate";
} else {
if ($expire_time < $today_time) {
$error = "expired";
} else {
$value = $employee->employee_id;
<?php
$employee_id = $_COOKIE['cookie_employee_id'];
if ($employee_id != "") {
$oEmployee = new Employee();
$employee = $oEmployee->findOneFrom("Employee", "employee_id=" . $employee_id);
}
if (isset($_POST['pageaction'])) {
if ($_POST['pageaction'] == 'updateprofile') {
$email = $_POST['email'];
$mobiletel = $_POST['mobiletel'];
$email_count = Record::countFrom("Employee", "email='" . addslashes($email) . "' AND employee_id<>'" . $employee_id . "'");
if ($email_count == 0) {
Record::query('UPDATE ' . TABLE_PREFIX . 'employee set email = "' . addslashes($email) . '",mobiletel = "' . addslashes($mobiletel) . '" where employee_id="' . $employee_id . '"');
$status = "success";
} else {
$status = "failed";
$msg1 = 'Email Exists.';
}
redirect(get_url('employee/setting?status1=' . $status . '&msg1=' . $msg1));
}
if ($_POST['pageaction'] == 'changepass') {
if ($employee_id != "") {
if ($employee) {
$email = $employee->email;
$old_password = $employee->password;
$nric = $employee->NRIC;
}
}
$current_password = $_POST["current_password"];
$new_password = $_POST["new_password"];
function downloadSearch($terms,$limit=10,$offset=0,$order='name',$expired=false,$inactive=false) {
$where = '1';
// show expired downloads?
if ($expired === false) $where .= " AND ( `downloads`.`expires` > NOW() || `downloads`.`expires` IS NULL )";
// show inactive downloads?
if ($inactive === false) $where .= " AND `downloads`.`active` = '1'";
$order = strtolower($order);
$order = in_array($order,explode(',','id,name,filename,active,downloads,expires,created,updated')) && !empty($order) ? $order : 'name' ;
$order = $order == 'downloads' ? 'downloads.'.$order.' DESC' : 'downloads.'.$order.' ASC';
if (! empty($terms)) {
$querys = preg_replace('/[^a-z0-9 %]/i',' ',$terms);
$querys = strstr($querys,' ') !== false ? explode(' ',$querys) : array($querys);
$querys = preg_replace(array('/ing$/i','/ed$/i','/s$/i'),'',$querys);
foreach ($querys as $query) {
if (strstr($query,'%') === false && !empty($query)) $query = "%{$query}%";
if (!empty($query)) $where .= " AND ( downloads.name LIKE ".Record::escape($query)." OR downloads.description LIKE ".Record::escape($query)." OR downloads.keywords LIKE ".Record::escape($query)." ) ";
}
}
if (!$results = Download::findAll(array('where'=>$where,'limit'=>$limit,'offset'=>$offset,'order'=>$order))) return false;
$count = Record::countFrom('Download',$where);
return array('downloads'=>$results,'count'=>$count);
}
