function getPage()
{
if (!isset($_REQUEST['page'])) {
$page = 1;
} else {
$page = $_REQUEST['page'];
}
$oid = mysql_query($this->query);
$pagerLength = mysql_affected_rows();
if ($pagerLength > 0) {
$this->template = new Template($this->templateFile);
$min = ($page - 1) * $this->pageLength;
$max = $page * $this->pageLength;
$query = $this->query . " LIMIT {$min}, {$this->pageLength}";
$this->buffer = aux::getResult($query);
foreach ($this->buffer as $data) {
$this->display($data);
}
$this->pageNumber = ceil($pagerLength / $this->pageLength);
$this->template->setContent("pageNumber", $this->pageNumber);
$this->template->setContent("page", $page);
$script = basename($_SERVER['SCRIPT_FILENAME']);
$pars = $_SERVER['QUERY_STRING'];
if ($this->pageNumber == 1) {
$next = "avanti »";
$prev = "« indietro";
} else {
if ($page == $this->pageNumber) {
$next = "avanti »";
$prevPage = $page - 1;
$prev = "<a href=\"{$script}?{$pars}&page={$prevPage}\">« indietro</a>";
} else {
if ($page == 1) {
$prev = "« indietro";
$nextPage = $page + 1;
$next = "<a href=\"{$script}?{$pars}&page={$nextPage}\">avanti »</a>";
} else {
$nextPage = $page + 1;
$next = "<a href=\"{$script}?{$pars}&page={$nextPage}\">avanti »</a>";
$prevPage = $page - 1;
$prev = "<a href=\"{$script}?{$pars}&page={$prevPage}\">« indietro</a>";
}
}
}
$this->template->setContent("next", $next);
$this->template->setContent("prev", $prev);
} else {
$this->template = new Template($this->emptyTemplateFile);
}
return $this->template->get();
}
function emitHTML_post()
{
$allChannel = aux::getResult("SELECT id,title FROM bc_channel");
$count = 0;
$x = 0;
$temp = $allChannel;
while ($x < count($GLOBALS['becontent']->entities)) {
if ($GLOBALS['becontent']->entities[$x]->rss) {
$content = array();
$nameEntity = $GLOBALS['becontent']->entities[$x]->name;
$query = "SELECT id_bc_channel FROM channel_entity WHERE entity=\"{$nameEntity}\"";
$content = aux::getResult($query);
$mod = aux::getResult("SELECT modality FROM bc_rss_mod WHERE entity=\"{$nameEntity}\"");
$mod = $mod[0];
$data = array();
$i = 0;
while ($content[$i]) {
$data[] = $content[$i++]['id_bc_channel'];
}
//print_r($data);
$i = 0;
while ($i < count($allChannel)) {
if (is_array($data)) {
$temp[$i]['checked'] = in_array($temp[$i]['id'], $data);
} else {
$temp[$i]['checked'] = false;
}
$temp[$i]['nameEntity'] = $nameEntity;
$temp[$i]['mod'] = $mod['modality'];
$i++;
//print_r($temp);
}
$buffer[$count] = $temp;
$temp = $allChannel;
$count++;
}
$x++;
}
//print_r($buffer);
$content = formTag::lista("prova", $buffer, aux::parsePars("text=\"title\" name=\"title\" value=\"id\" checked=\"checked\" field=\"nameEntity\" mod=\"mod\""));
return $content;
}
function tags($name, $data, $pars)
{
$data = aux::getResult("select * from tags order by position");
if (count($data) > 0) {
$content = '<div class="widget">';
$content .= '<h4>Tags</h4>';
$content .= '<nav class="tags">';
foreach ($data as $row) {
$content .= "<a href=\"search.php?text={$row['text']}\">{$row['tag']}</a>\n";
}
$content .= "</nav>";
$content .= "</div>";
} else {
$content = "";
}
return $content;
}
function getComments($id)
{
$comments = new Template("dtml/comments.html");
$data = aux::getResult("\n\t\t\tSELECT * \n\t\t FROM comments\n\t\t LEFT JOIN users\n\t\t ON users.username = comments.username\n\t\t WHERE entityname = '{$this->entity->name}'\n\t\t AND itemid = '{$id}'\n\t\t AND comments.active = '*'\n\t\t AND users.active = '*'\n\t\t ORDER BY creation DESC");
if (count($data) > 0) {
foreach ($data as $item) {
foreach ($item as $k => $v) {
switch ($k) {
case "creation":
$comments->setContent($k, aux::formatDate($v, EXTENDED));
break;
default:
$comments->setContent($k, $v);
break;
}
}
}
} else {
$comments->setContent("username", "");
$comments->setContent("creation", "");
$comments->setContent("body", aux::lingual("Non ci sono commenti", "No comments", "Nemo para commentares"));
}
return $comments->get();
}
function lastupdate($name, $data, $pars)
{
$update = aux::getResult("\n\t\t\n\t\t\tSELECT date\n\t\t\t FROM {$GLOBALS['logEntity']->name}\n\t\t\t WHERE entity = '{$GLOBALS['newsEntity']->name}' \n\t\t\t AND (operation = 'ADD' or operation = 'EDIT')\n\t\t ORDER BY date DESC\n\t\t LIMIT 1\n\t\t");
return aux::formatDate($update[0]['date'], EXTENDED);
}
function doLogin()
{
if (!isset($_SESSION['user'])) {
/* User not Logged */
$debug_action = "USER NOT LOGGED";
if (!isset($_POST['username']) and !isset($_POST['password'])) {
if (!isset($_SESSION['HTTP_LOGIN'])) {
unset($GLOBALS['_SERVER']['PHP_AUTH_PW']);
unset($GLOBALS['_SERVER']['PHP_AUTH_USER']);
/*
Some message should be *maybe* emitted here !
*/
}
if (!isset($_SERVER['PHP_AUTH_USER']) and !isset($_SERVER['PHP_AUTH_PW'])) {
Header("WWW-Authenticate: Basic realm=\"Login \"");
Header("HTTP/1.0 401 Unauthorized");
$_SESSION['HTTP_LOGIN'] = true;
exit;
} else {
$_POST['username'] = $_SERVER['PHP_AUTH_USER'];
$_POST['password'] = $_SERVER['PHP_AUTH_PW'];
$_SESSION['HTTP_LOGIN'] = false;
}
}
$name = addcslashes($_POST['username'], "'");
$oid = mysql_query("SELECT * \n\n\t\t \t FROM {$GLOBALS['usersEntity']->name} \n\n\t\t \t WHERE username = '******'\n\n\t\t \t AND password = MD5('{$_POST['password']}')");
if (!$oid) {
echo "Error in database!<hr>";
echo mysql_error();
exit;
}
if (mysql_num_rows($oid) == 0) {
if ($_REQUEST['mode'] == "compact") {
echo "0";
exit;
} else {
/* DISIM-specific: it should be removed ? anyhow it is never activate since
* it will be activated only with mode=ajax as before
*
* */
Header("Location: error.php?id=loginError");
exit;
}
} else {
$userdata = mysql_fetch_assoc($oid);
$_SESSION['user']['username'] = $userdata['username'];
$_SESSION['user']['name'] = $userdata['name'];
$_SESSION['user']['surname'] = $userdata['surname'];
$_SESSION['user']['email'] = $userdata['email'];
$lastlogin = aux::getResult("\n\t\t\t\t SELECT * \n\t\t\t\t FROM {$GLOBALS['logEntity']->name} \n\t\t\t\t WHERE username = '******'user']['username']}'\n\t\t\t\t AND operation = 'LOGIN'\n\t\t\t\t ORDER BY date DESC\n\t\t\t\t LIMIT 1");
if (isset($lastlogin)) {
$_SESSION['user']['lastlogin'] = $lastlogin[0]['date'];
} else {
$_SESSION['user']['lastlogin'] = "";
}
$GLOBALS['logEntity']->insertItem(NULL, 'LOGIN', '', '', basename($_SERVER['SCRIPT_FILENAME']), $_SESSION['user']['username'], date("YmdHi"), $_SERVER['HTTP_HOST']);
}
} else {
//USER HAS ALREADY LOGGED IN
$debug_action = "USER_LOGGED";
}
if (is_array($_SESSION['user']['services'])) {
$debug_action = " services array ";
} else {
$debug_action = " services NOT array, trying to reload it ";
$oid = mysql_query("SELECT DISTINCT {$GLOBALS['usersEntity']->name}.username, \n\n\t\t\t\t {$GLOBALS['servicesEntity']->name}.entry AS serviceName,\n\n\t\t\t\t {$GLOBALS['servicesEntity']->name}.visible,\n\n\t\t\t\t {$GLOBALS['servicesEntity']->name}.id_entities AS entity,\n\n\t\t\t\t {$GLOBALS['servicesEntity']->name}.script,\n\n\t\t\t\t {$GLOBALS['servicesEntity']->name}.superuser_group,\n\n\t\t\t\t {$GLOBALS['servicecategoryEntity']->name}.name AS category,\n\n\t\t\t\t {$GLOBALS['entitiesEntity']->name}.name AS tableName,\n\n\t\t\t\t {$GLOBALS['usersGroupsRelation']->name}.id_groups\n\n FROM {$GLOBALS['usersEntity']->name} \n\n LEFT JOIN {$GLOBALS['usersGroupsRelation']->name} \n\n ON {$GLOBALS['usersGroupsRelation']->name}.username = {$GLOBALS['usersEntity']->name}.username\n\n LEFT JOIN {$GLOBALS['groupsEntity']->name} \n\n ON {$GLOBALS['groupsEntity']->name}.id = {$GLOBALS['usersGroupsRelation']->name}.id_{$GLOBALS['groupsEntity']->name}\n\n LEFT JOIN {$GLOBALS['servicesGroupsRelation']->name} \n\n ON {$GLOBALS['servicesGroupsRelation']->name}.id_{$GLOBALS['groupsEntity']->name} = {$GLOBALS['groupsEntity']->name}.id\n\n LEFT JOIN {$GLOBALS['servicesEntity']->name} \n\n ON {$GLOBALS['servicesEntity']->name}.id = {$GLOBALS['servicesGroupsRelation']->name}.id_{$GLOBALS['servicesEntity']->name}\n\n LEFT JOIN {$GLOBALS['entitiesEntity']->name}\n\n ON {$GLOBALS['entitiesEntity']->name}.name = {$GLOBALS['servicesEntity']->name}.id_{$GLOBALS['entitiesEntity']->name}\n\n LEFT JOIN {$GLOBALS['servicecategoryEntity']->name}\n\n ON {$GLOBALS['servicecategoryEntity']->name}.id = {$GLOBALS['servicesEntity']->name}.servicecategory\n\n \n\n WHERE {$GLOBALS['usersEntity']->name}.username = '******'user']['username']}'\n\n ORDER BY {$GLOBALS['servicecategoryEntity']->name}.position, {$GLOBALS['servicesEntity']->name}.position");
if (!$oid) {
echo "Error in database!<hr>";
echo mysql_error();
exit;
}
do {
$data = mysql_fetch_assoc($oid);
if ($data) {
$_SESSION['user']['services'][] = $data;
$_SESSION['user']['services'][$data['script']] = $data;
$_SESSION['user']['groups'][$data['id_groups']] = $data['id_groups'];
}
} while ($data);
}
#print_r($_SESSION);
$trovato = false;
$error = 212;
if (is_array($_SESSION['user']['services'])) {
foreach ($_SESSION['user']['services'] as $k => $v) {
$error = 217;
if ($v['script'] == basename($_SERVER['SCRIPT_NAME'])) {
$trovato = true;
$currentService = $v;
$error = 223;
}
}
}
if (basename($_SERVER['SCRIPT_NAME']) == "error.php" or basename($_SERVER['SCRIPT_NAME']) == "login.php" or basename($_SERVER['SCRIPT_NAME']) == "logout.php") {
$trovato = true;
}
if (!$trovato) {
#echo $script;
if (basename($_SERVER['SCRIPT_NAME']) != "ajax-manager.php") {
Header("Location: error.php?id=priviledgeError&{$error}&{$debug_action}");
exit;
}
}
///se abilitato il datafiltering///////////////////////////////////////
if (isset($currentService['tableName'])) {
// Data Filtering Check
if (isset($_REQUEST['page']) and $_REQUEST['page'] > 0 and $_REQUEST['action'] == "edit") {
$result = mysql_query("select * from {$currentService['tableName']}");
if (!$result) {
echo "Generic Database Error!";
exit;
}
$meta = mysql_fetch_field($result, 0);
if (!$meta) {
echo "Metadata Error!";
exit;
}
$oid = mysql_query("SELECT username\n\n\t\t\t FROM {$currentService['tableName']}\n\n \t\t\t\t\t WHERE {$meta->name} = '{$_REQUEST['value']}' ");
if (!$oid) {
echo "Error in database!<hr>";
echo mysql_error();
exit;
}
$data = mysql_fetch_assoc($oid);
if ($data['username'] != $_SESSION['user']['username']) {
/* CHECK FOR SUPERUSER_GROUP */
$superuser_group = Auth::getSuperusergroup();
$mygroups = Auth::getGroups();
echo Auth::isSuperuser();
if (!in_array(Auth::getSuperusergroup(), Auth::getGroups()) and !Auth::isAdmin()) {
Header("Location: error.php?id=dataFiltering&289");
exit;
} else {
}
}
}
}
if (!isset($_SESSION['registered-user'])) {
$trovato = false;
if (is_array($_SESSION['user']['services'])) {
foreach ($_SESSION['user']['services'] as $k => $v) {
if ($v['id_groups'] == $GLOBALS['config']['registered_usergroup']) {
$script = $_SERVER['HTTP_REFERER'];
$_SESSION['registered-user'] = true;
Header("Location: {$script}");
exit;
}
}
}
}
////////////////////////////////////////////////////
$_SESSION['user']['admin'] = false;
if (is_array($_SESSION['user']['services'])) {
foreach ($_SESSION['user']['services'] as $k => $v) {
if ($v['id_groups'] == $GLOBALS['config']['admin_usergroup']) {
$_SESSION['user']['admin'] = true;
}
}
}
if ($_REQUEST['mode'] == "compact") {
echo "1";
exit;
}
}
function path($name, $data, $pars)
{
if ($data != "") {
$content = "";
$id_menu = $data;
do {
$item = aux::getResult("SELECT menu.*,\n\t\t\t\t\t \t\t\t\t pages.title,\n\t\t\t\t\t\t\t\t \t pages.id AS pages_id \n\t\t\t\t FROM menu\n\t\t \t\t LEFT JOIN pages\n\t\t \t\t\tON pages.id = menu.page_id\n\t\t\t\t\t WHERE menu.id = {$id_menu}\n\t\t \t\t\t ORDER BY position");
$id_menu = $item[0]['parent_id'];
if ($item[0]['link'] != "") {
$content = "<a href=\"{$item[0]['link']}\">{$item[0]['entry']}</a>" . aux::first_comma("path", " » ") . $content;
} else {
$content = "<a href=\"page/" . aux::seo_url($item[0]['title']) . "/{$item[0]['pages_id']}-{$item[0]['id']}.htm\">{$item[0]['entry']}</a>" . aux::first_comma("path", " > ") . $content;
}
} while ($item[0]['parent_id'] != 0);
return $content;
}
}
<?php
session_start();
require "include/template2.inc.php";
require "include/beContent.inc.php";
require "include/content.inc.php";
$main = new Skin("orange");
if (!isset($_GET['id'])) {
$data = aux::getResult("SELECT id,title,description FROM {$channelEntity->name}");
$body = new Skinlet("rss.html");
$body->setContent("website", $GLOBALS['config']['website']['name']);
$body->setContent("item", $data);
$main->setContent("body", $body->get());
$main->close();
} else {
$rss = new FeedRss($channelEntity);
$data = aux::getResultArray("SELECT title FROM {$channelEntity->name} WHERE id={$_GET['id']}", 'title');
$rss->addChannel("{$data[0]}");
$rss->emitXML();
}
function liveReport2($name, $entityName, $pars)
{
$item = new Template("dtml/liveReport2.html");
$length = $pars['length'];
$index = false;
foreach ($_SESSION['user']['services'] as $k => $v) {
if ($v['script'] == basename($_SERVER['SCRIPT_FILENAME'])) {
$index = $k;
break;
}
}
if (!$index) {
$item->setContent("title", "Report");
} else {
$item->setContent("title", $_SESSION['user']['services'][$index]['serviceName']);
}
$data = aux::getResult("SELECT COUNT(*) AS count FROM {$entityName}");
$item->setContent("length", $length);
$item->setContent("total", $data[0]['count']);
$item->setContent("entity", $entityName);
$item->setContent("script", basename($_SERVER['SCRIPT_FILENAME']));
$item->setContent("query", aux::encrypt($GLOBALS['currentform']->reportQuery));
return $item->get();
}
function getFieldRaw($key, $field)
{
$entity = $GLOBALS['database']->getEntityByName($this->entity_name);
if ($this->limit) {
$limit_clause = "LIMIT {$this->limit}";
} else {
$limit_clause = "";
}
$data = aux::getResult("SELECT " . $this->getEntityFields() . "\n\t\t\t\t\t\t\t\t FROM {$this->entity_name} \n\t\t\t\t WHERE {$this->entity_name}.{$entity->fields[0]['name']} = '{$key}'\n\t\t\t\t {$limit_clause}");
return $data[0][$this->getName($field)];
}
