function getLocation($status, $data)
{
$DB = new conn();
$DB->connect();
$location = "";
if ($status == 1) {
// Get Office Location
$sql = "select storagelocation_name from storagelocations where storagelocation_id = " . $data;
$location = $DB->query_scalar($sql) . "<br /><br />";
}
if ($status == 2) {
// Get Employee Address
$sql = "select Username from users where user_id = " . $data;
$location = $DB->query_scalar($sql) . "<br /><br />";
}
if ($status == 3) {
$location = "Transferred<br/>";
}
if ($status == 4 || $status == 5) {
// Get customer address
$sql = "select contacts.* from orders join contacts on orders.contact_id = contacts.contact_id where orders.order_id = " . $data;
$result = $DB->query($sql);
if ($result) {
$row = mysql_fetch_assoc($result);
$location = $row["contact_address"] . "<br />" . $row["contact_city"] . " " . $row["contact_state"] . ", " . $row["contact_zipcode"];
}
}
return $location;
}
private function validacao()
{
$conn = new conn();
if ($this->cpf != "" && $this->usuario == "" && $this->senha == "") {
if ($this->cpf == "") {
exit("<script>alert('Preencha algum dos campos para logar'); document.location='index.php';</script>");
} else {
$this->path = $this->path != "" ? $this->path : "painel-validacao.php";
$where = " cpf = '" . $this->cpf . "' AND faz_validacao = 1 AND status = 1";
}
} else {
if ($this->usuario == "" || $this->senha == "") {
exit("<script>alert('Preencha algum dos campos para logar'); document.location='index.php';</script>");
} else {
$this->senha = sha1($this->senha);
$this->path = $this->path != "" ? $this->path : "painel-index.php";
$where = " senha = '" . $this->senha . "' AND status = 1";
}
}
$cliente = $conn->read(array("id", "usuario"), $where, null, "usuario", "fetch");
if ($cliente) {
$_SESSION["login"] = array();
$_SESSION["login"]["logado"] = "sim";
$_SESSION["login"]["id"] = $cliente['id'];
$_SESSION["login"]["usuario"] = $cliente['usuario'];
//print_r($_SESSION["login"]["usuario"]);exit();
if ($_SESSION["pedido_temp"]["usando"]) {
exit("<script>alert('Login efetuado com sucesso.'); document.location='pedido.php?acao=addProd';</script>");
}
exit("<script>alert('Login efetuado com sucesso.'); document.location='" . $this->path . "';</script>");
} else {
unset($_SESSION["login"]);
echo "<script>alert('Usuário ou senha inválida!'); history.back();</script>";
}
}
public function sms_update()
{
$conn = new conn();
$funcionalidades = new funcionalidades();
$conn->update(array('campanha' => $funcionalidades->removeAcentos($this->nome), 'palavra_chave' => $this->palavras_chaves, 'descricao' => $this->descricao, 'validadeIni' => $funcionalidades->ChecaVariavel($this->valiadeDe, "data"), 'validadeFim' => $funcionalidades->ChecaVariavel($this->validadeAte, "data"), 'patrocinador' => $this->patrocinador, 'qtdCupons' => $this->qtd, 'dt_limiteCupom' => $funcionalidades->ChecaVariavel($this->dt_limiteCupom, "data"), 'mensagem_encerrado' => $funcionalidades->removeAcentos($this->mensagem_encerrado), 'contato' => $this->contato, 'mensagem' => $funcionalidades->removeAcentos($this->msg), 'status' => 1), "idSms = " . $this->idSms . "", "campanha_sms");
exit("<script>alert('Campanha atualizado com sucesso!');document.location.href='painel-index.php';</script>");
}
function converteComandosTxt($txt, $campanha, $dtvalidade)
{
//altera variaveis
$conn = new conn();
$codigo = token();
$conn->insert(array('dtCad' => date("Y-m-d"), 'campanha' => $campanha, 'codigo_cupom' => $codigo, 'dtvalidade' => $dtvalidade, 'usuario_acao' => $_SESSION["login"]["usuario"], 'status' => 0), "", "cupom");
$txt = str_replace("&CODE&", $codigo, $txt);
return $txt;
}
public function LoadData()
{
$DB = new conn();
$DB->connect();
$sql = "SELECT * FROM finance_options";
$result = $DB->query($sql);
while ($row = mysql_fetch_assoc($result)) {
$financeDetails[] = $row;
}
$DB->close();
return $financeDetails;
}
private function validacao()
{
$funcoes = new funcionalidades();
$this->usuario = $funcoes->ChecaVariavel($this->usuario, "texto");
$this->senha = $this->senha == "" ? $this->senha : $this->sha_senha($this->senha);
$this->data = $this->data;
$conn = new conn();
if ($this->op != "alterar") {
$conn->insert(array('dtCad' => $this->data, 'dtAlt' => $this->data, 'dtCad' => $this->data, 'usuario' => $this->usuario, 'senha' => $this->senha, 'cpf' => $this->cpf, 'faz_validacao ' => $this->validador, 'status' => $this->status), "", "usuario");
exit("<script>alert('Seu cadastro foi efetuado com sucesso!');document.location.href='painel-index.php';</script>");
} else {
if ($this->senha == "") {
$conn->update(array('dtAlt' => $this->data, 'usuario' => $this->usuario, 'cpf' => $this->cpf, 'faz_validacao ' => $this->validador, 'status' => $this->status), "id=" . $this->idCliente . "", "usuario");
} else {
$conn->update(array('dtAlt' => $this->data, 'usuario' => $this->usuario, 'senha' => $this->senha, 'cpf' => $this->cpf, 'faz_validacao ' => $this->validador, 'status' => $this->status), "id=" . $this->idCliente . "", "usuario");
}
exit("<script>alert('Seu cadastro foi alterado com sucesso!');document.location.href='painel-index.php';</script>");
}
}
/**
* Conecta com o banco de dados com o pattern singleton.
* Retorna um objeto PDO!
*/
private static function Conectar()
{
try {
if (self::$Connect == null) {
$dsn = 'mysql:host=' . self::$Host . ';dbname=' . self::$Dbsa;
$options = [PDO::MYSQL_ATTR_INIT_COMMAND => 'SET NAMES UTF8'];
self::$Connect = new PDO($dsn, self::$User, self::$Pass, $options);
}
} catch (PDOException $e) {
PHPErro($e->getCode(), $e->getMessage(), $e->getFile(), $e->getLine());
die;
}
self::$Connect->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
return self::$Connect;
}
public static function connect()
{
try {
if (self::$pdoConn == null) {
self::$dsn = "mysql:host=" . HOSTNAME . ";dbname=" . DBNAME . "; port=" . MYSQLPORT;
self::$pdoConn = new PDO(self::$dsn, USERNAME, PASSWORD);
self::$pdoConn->exec("set names utf8");
//self::$pdoConn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_WARNING);
self::$pdoConn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
//self::$pdoConn->setAttribute(PDO::MYSQL_ATTR_USE_BUFFERED_QUERY, true);
//parent::__construct(self::$pdoConn);
}
return self::$pdoConn;
//parent::__construct(self::$pdoConn);
} catch (PDOException $e) {
if ($e->getCode() == '1049') {
die('Erro mysql[1049]: O banco ' . strtoupper(DBNAME) . ' não existe');
} else {
if ($e->getCode() == '2002') {
die('Erro mysql[2002]: O host "' . strtoupper(HOSTNAME) . '" não é conhecido ou a porta de conexão está incorreta.
<p><strong>Possíveis soluções: </strong></p>
<ul>
<li>Verifique se o caminho do host está correto.</li>
<li>Verifique se a porta de conexão do mysql está correta (a porta padrão é: 3306).</li>
</ul>
');
} else {
if ($e->getCode() == '1044') {
die('Erro mysql[1044]: Acesso negado para o usuário "' . USERNAME . '@localhost" para banco de dados ' . strtoupper(DBNAME) . '
<p><strong>Possível solução: </strong>Verifique se o nome de usuário da conexão está correta.</p>
<p>' . $e->getMessage() . '
');
} else {
if ($e->getCode() == '1045') {
die('Erro mysql[1044]: Acesso negado para o usuário "' . USERNAME . '@localhost" com senha para banco de dados ' . strtoupper(DBNAME) . '.
<p><strong>Possível solução: </strong>Verifique se o nome de usuário e a senha da conexão estão corretas.</p>
<p>' . $e->getMessage() . '
');
} else {
die('Conexão falhou. Erro: ' . $e->getMessage());
}
}
}
}
}
}
<?php
include "./findconfig.php";
include $_SERVER['DOCUMENT_ROOT'] . "/" . $ROOTPATH . "/Includes/Top.php";
if (!UserMay("Admin_ViewUsers")) {
AccessDenied();
}
$DB = new conn();
?>
<div class="navMenu">
<div class="navHeaderdiv"><h1>Manage Users</h1></div>
<div id="bulletManageInventory" style="height:auto;" class="navContent">
<div id="bullets">
<div class="divFilters">
<div>
<label>Username:</label>
<INPUT style="width:100%" id="tbUsernameV">
</div>
<div>
<label>Status:</label>
<SELECT id="ddlStatusV" style="width:100%;">
<OPTION VALUE="%">Any</OPTION>
<?php
$products = $DB->getUserStatuses();
foreach ($products as $prod) {
<?php
include "./findconfig.php";
include $_SERVER['DOCUMENT_ROOT'] . "/" . $ROOTPATH . "/Includes/Top.php";
?>
<?php
$DB = new conn();
$DB->connect();
$active_user = getLoggedUser($DB);
?>
<SCRIPT TYPE="text/javascript">
var locations = <?php
echo json_encode($locations);
?>
;
<?php
if ($AgencyParams["EnableDTOffices"]) {
?>
var DTOffices = <?php
echo json_encode($AgencyParams["DTOffices"]);
?>
; <?php
}
?>
</SCRIPT>
<?php
require_once './config.php';
require_once './class/conn.class.php';
require_once './class/wechat.class.php';
include './include/function.php';
header('Content-type:text/html;charset=utf-8');
const ALREADY_BINDED = '你已经绑定过了';
const HELP = '支持的命令: 状态 , 查询@关键字 , 最新 , 热门';
$user_ptid = -1;
$operation = 'NULL';
$text = '';
$keyword = '';
$user_openid = '';
$con = new conn();
$weObj = new Wechat($wechat_options);
$weObj->valid();
$msg = $weObj->getRev()->getRevData();
//获取用户发送的消息
$user_openid = $weObj->getRev()->getRevFrom();
//获取用户openid
$user_openid = $con->mres($user_openid);
$msg = trim($msg['Content']);
switch ($msg) {
case '绑定':
$operation = BIND;
break;
case '状态':
$operation = STATUS;
break;
case '热门':
<?php
include "./findconfig.php";
include $_SERVER['DOCUMENT_ROOT'] . "/" . $ROOTPATH . "/Includes/Top.php";
?>
<?php
if (!isset($_REQUEST["product_id"])) {
echo "Product ID not specified";
} else {
$DB = new conn();
$DB->connect();
$product_id = $DB->sanitize($_REQUEST["product_id"]);
if (!is_numeric($product_id)) {
die("Invalid Product_ID");
}
// Make sure product_id is a number
// Actions
if (isset($_REQUEST["Action"])) {
$action = $_REQUEST["Action"];
//echo $action;
if ($action == "edit") {
// ALL FORM INPUTS MUST BE SANITIZED
$ProductName = $DB->sanitize($_REQUEST["ProductName"]);
$ProductModel = $DB->sanitize($_REQUEST["ProductModel"]);
$ProductDescription = $DB->sanitize($_REQUEST["ProductDescription"]);
$sql = "UPDATE PRODUCTS SET product_name = '" . $ProductName . "', product_model = '" . $ProductModel . "', product_description = '" . $ProductDescription . "' where product_id = " . $product_id;
$DB->execute_nonquery($sql);
header("Location: ManageProducts.php");
}
<?php
include "./findconfig.php";
include $_SERVER['DOCUMENT_ROOT'] . "/" . $ROOTPATH . "/Includes/Top.php";
$F = new FormElements();
$db = new conn();
$firephp->log($_REQUEST);
if ($_REQUEST["report"]) {
// Inventory Report
if ($_REQUEST["report"] == "inventory") {
if ($_REQUEST["StartDate"] && $_REQUEST["EndDate"]) {
$db->connect();
$startDate = $db->Sanitize($_REQUEST["StartDate"]);
$endDate = $db->Sanitize($_REQUEST["EndDate"]);
$productType = $db->Sanitize($_REQUEST["ProductType"]);
$db->close();
header("Location: NexusReport_Inventory.php?startDate=" . $startDate . "&endDate=" . $endDate . "&productType=" . $productType);
}
}
$firephp->log($_REQUEST["report"]);
$firephp->log($_REQUEST["generalSalesStartDate"]);
$firephp->log($_REQUEST["generalSalesEndDate"]);
// Individual Sale
if ($_REQUEST["report"] == "IndividualOrder") {
if ($_REQUEST["OrderID"]) {
$db->connect();
$order_id = $DB->sanitize($_REQUEST["OrderID"]);
$db->close();
header("Location: NexusReport_IndividualOrder.php?OrderID=" . $order_id);
}
}
<?php
ini_set('display_errors', 'on');
error_reporting(E_ALL);
require 'msclss/classAd.php';
require 'msclss/classUtilisateur.php';
require 'msclss/classUtilisateurSql.php';
// Nouvelle connexion PDO
$conn = new conn();
$pdo = $conn->newCon('');
$utilisateurSql = new utilisateurSql($pdo);
//Selection d'un utilisateur en base de donnée
$utilisateur = $utilisateurSql->select('15');
// lecture variable utilisateur actif
echo "Statu Actuel:" . $utilisateur->__get('utilisateurActif');
// Changment de la variable utilisateur actif
$utilisateur->setUtilisateurActif(0);
// Enregistrement de la nouvelle valeur utilisateur actif en base
if ($utilisateurSql->updateActivation($utilisateur->__get('idutilisateur'), 1)) {
echo "sauvegarde OK";
} else {
echo "erreur";
list($pdoCode, $internalCode, $msg) = $pdo->errorInfo();
die(sprintf("erreur SQL : %d/%d, %s", $pdoCode, $internalCode, $msg));
//echo $pdo->errorCode();
}
// lecture actif
echo "Statu modifié:" . $utilisateur->__get('utilisateurActif');
// data d'un nouvel utilisateur
$dataNouvelUtilisateur = ['utilisateurNom' => 'Nom', 'utilisateurPrenom' => 'Prenom', 'utilisateurVille' => 'Manosque', 'utilisateurMail' => date('Ymds:s'), 'utilisateurMdp' => 'motDePasse', 'utilisateurAdresse' => '23 rue de truc', 'utilisateurCodePostal' => '04100', 'utilisateurPays' => 'FR', 'utilisateurTel' => '0606060606'];
// Déclaration du nouvel utilisateur
</form>
<button type = 'submit' class = 'btn btn-success btn-block' id = 'bind-button'>绑定!</button>
</div>
</div>
</div>
<script src="//cdn.bootcss.com/jquery/1.11.3/jquery.min.js"></script>
<script src="//cdn.bootcss.com/bootstrap/3.3.5/js/bootstrap.min.js"></script>
<script type="text/javascript" src = './js/ptweixin.js'></script>
<script type="text/javascript">
<?php
require_once './config.php';
require_once './class/conn.class.php';
include './include/function.php';
$user_openid = $_GET['openid'];
$user_ptid = -1;
$con = new conn();
if (bind_check()) {
$sql = "SELECT `username` FROM `users` WHERE `id` = {$user_ptid} ";
$result = $con->query($sql);
$username = $result[0]['username'];
?>
$('#bind-success').html('成功绑定账号:'+<?php
echo "'{$username}'";
?>
);
$('#bind-success').show();
$('#bind-button').attr('disabled','disabled');
<?php
}
?>
<?php
require('./class/conn.class.php');
require_once('./config.php');
include('./include/function.php');
$con = new conn();
if(isset($_GET['openid']) && $_GET['openid']!='') $user_openid = $con->mres( $_GET['openid'] );
else exit;
if(isset($_GET['torrent'])) $torrent = $con->mres( $_GET['torrent'] ) * 1;
else exit;
$url = "download.php?openid=$user_openid&torrent=$torrent";
?>
<!DOCTYPE HTML>
<html>
<head>
<meta http-equiv = "Content-Type" content="text/html; charset=utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1, user-scalable=no">
<title>下载</title>
<link rel="stylesheet" href="//cdn.bootcss.com/bootstrap/3.3.5/css/bootstrap.min.css">
<script type="text/javascript" src = 'http://res.wx.qq.com/open/js/jweixin-1.1.0.js' ></script>
<link rel="stylesheet" type="text/css" href="./css/style.css">
</head>
<body>
<span id = 'openid' style = 'display:none'><?php echo $_GET['openid']; ?></span>
<div class = 'container'>
<div class = "panel panel-success">
<div class = 'panel-heading'>
<h3 class = 'panel-title'>远程下载</h3>
</div>
<div class="alert alert-info" role="alert" id = 'download-success' style ='display:none'>下载成功</div>
</div>
</div>
<?php /** * @author qbuer * 建立依赖表 */ require_once './config.php'; require_once './class/conn.class.php'; $con = new conn(); $sql = "CREATE TABLE IF NOT EXISTS `weixin` (\n\t\t\t`ptid` int(10) \tNOT NULL COMMENT '同users表的id' ,\n\t\t\t`openid` varchar(128) NOT NULL COMMENT '微信用户id' ,\n\t\t\tPRIMARY KEY (`ptid`)\n\t\t) DEFAULT CHARSET=utf8 COMMENT='用户表';"; $con->query($sql); $con->disconnect();
<?php
include "./findconfig.php";
include $_SERVER['DOCUMENT_ROOT'] . "/" . $ROOTPATH . "/Includes/Top.php";
if (!UserMay("Admin_ViewTeams")) {
AccessDenied();
}
$DB = new conn();
?>
<div class="navMenu">
<div class="navHeaderdiv"><h1>Manage Users</h1></div>
<div id="bullets">
<div id="bulletManageInventory" style="height:auto;" class="navContent">
<div class="divFilters">
<div>
<label>Leader Name:</label>
<INPUT style="width:100%" id="tbNameV">
</div>
<div>
<label>Team Name:</label>
<SELECT id="ddlTeamV" style="width:100%">
<OPTION value="%">Any</OPTION>
<?php
$teams = $DB->getTeams();
foreach ($teams as $team) {
?>
<?php
include "./findconfig.php";
include $_SERVER['DOCUMENT_ROOT'] . "/" . $ROOTPATH . "/Includes/Top.php";
?>
<?php
if ($_REQUEST) {
if (isset($_REQUEST["Action"])) {
if ($_REQUEST["Action"] == "insertCustomer") {
$DB = new conn();
$DB->connect();
$firstname = $DB->sanitize($_REQUEST["FirstName"]);
$lastname = $DB->sanitize($_REQUEST["LastName"]);
$displayname = $firstname . " " . $lastname;
$email = $DB->sanitize($_REQUEST["Email"]);
$address = $DB->sanitize($_REQUEST["Address"]);
$city = $DB->sanitize($_REQUEST["City"]);
$state = $DB->sanitize($_REQUEST["State"]);
$zipcode = $DB->sanitize($_REQUEST["ZipCode"]);
$country = $DB->sanitize($_REQUEST["Country"]);
$phone = $DB->sanitize($_REQUEST["Phone"]);
$phonedetails = $DB->sanitize($_REQUEST["PhoneDetails"]);
$notes = $DB->sanitize($_REQUEST["Notes"]);
$contacttype = $DB->sanitize($_REQUEST["ContactType"]);
$county = $DB->sanitize($_REQUEST["County"]);
$newCustomer = $DB->addContact($firstname, $lastname, $displayname, $email, $address, $city, $state, $zipcode, $country, $phone, $phonedetails, $notes, $contacttype, $county);
}
}
}
?>
<?php
include "./findconfig.php";
include $_SERVER['DOCUMENT_ROOT'] . "/" . $ROOTPATH . "/Includes/Top.php";
$DB = new conn();
$DB->connect();
// Get Parameters
if (!$_REQUEST["startDate"] || !$_REQUEST["endDate"] || !$_REQUEST["user_id"]) {
header("Location: /{$ROOTPATH}/reports");
}
$params["endDate"] = date("Y/m/d", strtotime($DB->sanitize($_REQUEST["endDate"])));
$params["startDate"] = date("Y/m/d", strtotime($DB->sanitize($_REQUEST["startDate"])));
$params["user_id"] = $DB->sanitize($_REQUEST["user_id"]);
// End Parameters
// Get all Reports in range
$sql = "SELECT * from orders join contacts on orders.contact_id = contacts.contact_id where order_status_id = 5 AND DateCompleted >= '" . $params["startDate"] . "' AND DateCompleted <= '" . $params["endDate"] . "' ORDER BY order_id";
$result = $DB->query($sql);
if (!$result) {
$DB->close();
echo "No Sales Found in that Date Range";
exit;
}
$orders = array();
while ($orderRow = mysql_fetch_assoc($result)) {
$orders[$orderRow["order_id"]] = $orderRow;
}
// Get All Users
$users = getUserHash($DB);
$orderHash = buildOrdersByUsersHash($DB, $users, $orders);
$user_id = $params["user_id"];
// Build Order Hash by User
<?php
include "./findconfig.php";
include $_SERVER['DOCUMENT_ROOT'] . "/" . $ROOTPATH . "/Includes/Top.php";
if (!UserMay("Admin_EditStorage")) {
AccessDenied();
}
$DB = new conn();
$DB->connect();
// Form Vars
if ($_REQUEST) {
if ($_REQUEST["Action"]) {
$action = $_REQUEST["Action"];
//echo $action;
if ($action == "addNew") {
// ALL FORM INPUTS MUST BE SANITIZED
$StorageLocationName = $DB->sanitize($_REQUEST["LocationName"]);
$description = $DB->sanitize($_REQUEST["Description"]);
$sql = "INSERT INTO storagelocations (storagelocation_name, description ) VALUES ('" . $StorageLocationName . "', '" . $description . "')";
$DB->execute_nonquery($sql);
$DB->addHistory('storagelocations', $_SESSION["user_id"], "insert", "");
header("Location: ManageStorage.php");
}
}
}
$DB->close();
?>
<div class="navMenu" id="navMenu">
<div id="bullets">
<div class="navHeaderdiv"><h1>Locations</h1></div>
<div class="navBulletBorderTop"></div>
public function delete($where, $tabela)
{
/**
*@param deleta registro no banco de dados
*@return retorna 1 caso não ocorra erro
*@throws $e
*/
try {
$con = new conn();
$con->connect();
return $con->mysqli->query("DELETE FROM " . $tabela . " WHERE " . $where . "");
} catch (mysqli_sql_exception $e) {
return $this->errors($e, "delete");
}
}
<?php
include "./findconfig.php";
include $_SERVER['DOCUMENT_ROOT'] . "/" . $ROOTPATH . "/Includes/Top.php";
$DB = new conn();
$DB->connect();
// Get Contact Types
$sql = "select * from contact_types";
$result = $DB->query($sql);
$types = array();
if ($result) {
while ($row = mysql_fetch_assoc($result)) {
$types[] = $row;
}
}
$firephp->log($types);
// Form Vars
if ($_REQUEST) {
if (isset($_REQUEST["Action"])) {
$action = $DB->sanitize($_REQUEST["Action"]);
$firephp->log($action);
if ($action == "addNew") {
$firstname = $DB->sanitize($_REQUEST["FirstName"]);
$lastname = $DB->sanitize($_REQUEST["LastName"]);
$displayname = $firstname . " " . $lastname;
$email = $DB->sanitize($_REQUEST["Email"]);
$address = $DB->sanitize($_REQUEST["Address"]);
$address2 = $DB->sanitize($_REQUEST["Address2"]);
$city = $DB->sanitize($_REQUEST["City"]);
$state = $DB->sanitize($_REQUEST["State"]);
$zipcode = $DB->sanitize($_REQUEST["ZipCode"]);
<?php
if (!$_SESSION) {
session_start();
}
require_once "classes/conexao.php";
require_once "classes/funcionalidades.php";
require_once "header.php";
$funcionalidades = new funcionalidades();
$conn = new conn();
/*
$sqlWhere = " WHERE 1=1";
if ($dataB!="") { $sqlWhere .= " AND b.data LIKE '%".cData2($dataB)."%'"; }
if ($tipoB!="") { $sqlWhere .= " AND b.tipo='".$tipoB."'"; }
if ($nomeB!="") { $sqlWhere .= " AND b.nome LIKE '%".$nomeB."%'"; }
if ($statusB!="" || $statusB=="0") { $sqlWhere .= " AND b.status='".$statusB."'"; }
*/
$produtos = $conn->read(array("*"), "", "status ASC", "usuario", "query");
?>
<div class="container">
<?php
if ($_SESSION["login"]["logado"] == "sim") {
require_once "menu.php";
?>
<!--<h3>The columns titles are merged with the filters inputs thanks to the placeholders attributes</h3>
<hr>
<p>Inspired by this <a href="http://bootsnipp.com/snippets/featured/panel-tables-with-filter">snippet</a></p>-->
<div class="row">
<div class="panel panel-primary filterable">
<div class="panel-heading">
<?php
include "./findconfig.php";
include $_SERVER['DOCUMENT_ROOT'] . "/" . $ROOTPATH . "/Includes/Top.php";
?>
<?php
$DB = new conn();
$DB->connect();
// Form Vars
if ($_REQUEST) {
if ($_REQUEST["Action"]) {
$action = $_REQUEST["Action"];
//echo $action;
if ($action == "addNew") {
// ALL FORM INPUTS MUST BE SANITIZED
$ProductType = $DB->sanitize($_REQUEST["ProductType"]);
$ProductName = $DB->sanitize($_REQUEST["ProductName"]);
$ProductModel = $DB->sanitize($_REQUEST["ProductModel"]);
$ProductDescription = $DB->sanitize($_REQUEST["ProductDescription"]);
$sql = "INSERT INTO PRODUCTS (product_type, product_name, product_model, product_description) VALUES ('" . $ProductType . "', '" . $ProductName . "', '" . $ProductModel . "', '" . $ProductDescription . "')";
$DB->execute_nonquery($sql);
header("Location: ManageProducts.php");
}
}
}
$DB->close();
?>
<?php
include "./findconfig.php";
include $_SERVER['DOCUMENT_ROOT'] . "/" . $ROOTPATH . "/Includes/Top.php";
$DB = new conn();
$DB->connect();
// Get Parameters
if (!$_REQUEST["startDate"] || !$_REQUEST["endDate"]) {
header("Location: /{$ROOTPATH}/reports");
}
$params["endDate"] = date("Y/m/d", strtotime($DB->sanitize($_REQUEST["endDate"])));
$params["startDate"] = date("Y/m/d", strtotime($DB->sanitize($_REQUEST["startDate"])));
//$params["user_id"] = $DB->sanitize($_REQUEST["user_id"]);
// End Parameters
// Get all Reports in range
$sql = "SELECT * from orders join contacts on orders.contact_id = contacts.contact_id where order_status_id = 5 AND DateCompleted >= '" . $params["startDate"] . "' AND DateCompleted <= '" . $params["endDate"] . "' ORDER BY order_id";
$result = $DB->query($sql);
if (!$result) {
$DB->close();
echo "No Sales Found in that Date Range";
exit;
}
$orders = array();
while ($orderRow = mysql_fetch_assoc($result)) {
$orders[$orderRow["order_id"]] = $orderRow;
}
// Get All Users
$sql = "select * from users join teams on users.team_id = teams.team_id";
$result = $DB->query($sql);
$users = array();
while ($userRow = mysql_fetch_assoc($result)) {
<?php
if (!$_SESSION) {
session_start();
}
require_once "classes/conexao.php";
require_once "classes/funcionalidades.php";
require_once "header.php";
$funcionalidades = new funcionalidades();
$conn = new conn();
/*
$sqlWhere = " WHERE 1=1";
if ($dataB!="") { $sqlWhere .= " AND b.data LIKE '%".cData2($dataB)."%'"; }
if ($tipoB!="") { $sqlWhere .= " AND b.tipo='".$tipoB."'"; }
if ($nomeB!="") { $sqlWhere .= " AND b.nome LIKE '%".$nomeB."%'"; }
if ($statusB!="" || $statusB=="0") { $sqlWhere .= " AND b.status='".$statusB."'"; }
*/
$r = $conn->read(array("campanha"), "idSms = " . $_GET['idCamp'] . "", "status DESC", "campanha_sms", "fetch");
$sms = $conn->read(array("*"), "idCampanha = " . $_GET['idCamp'] . "", "status DESC", "sms", "query");
?>
<div class="container">
<?php
if ($_SESSION["login"]["logado"] == "sim") {
require_once "menu.php";
?>
<!--<h3>The columns titles are merged with the filters inputs thanks to the placeholders attributes</h3>
<hr>
<p>Inspired by this <a href="http://bootsnipp.com/snippets/featured/panel-tables-with-filter">snippet</a></p>-->
<div class="row">
<div class="panel panel-primary filterable">
<?php
include "./findconfig.php";
include $_SERVER['DOCUMENT_ROOT'] . "/" . $ROOTPATH . "/Includes/Top.php";
?>
<?php
$DB = new conn();
$DB->connect();
if ($_REQUEST) {
if (isset($_REQUEST["order_id"])) {
$id = $DB->sanitize($_REQUEST["order_id"]);
$sql = "SELECT * FROM orders WHERE order_id = '" . $id . "'";
$firephp->log($sql);
$result = $DB->query($sql);
$firephp->log($result);
if ($result) {
$order = mysql_fetch_assoc($result);
$firephp->log($order);
}
}
}
$F = new FormElements();
?>
<div style="display: none">
<?php
echo $F->ddlDealerRoles(false, "baseDealers");
?>
</div>
<?php
include "./findconfig.php";
include $_SERVER['DOCUMENT_ROOT'] . "/" . $ROOTPATH . "/Includes/Top.php";
$DB = new conn();
$DB->connect();
$sql = "Select * from StorageLocations";
$result = $DB->query($sql);
if ($result) {
?>
<TABLE class="data">
<th>id</th>
<th>Location Name</th>
<th>Commands</th>
<?php
while ($row = mysql_fetch_assoc($result)) {
?>
<TR><TD><?php
echo $row["storagelocation_id"];
?>
</TD>
<TD><?php
echo $row["storagelocation_name"];
?>
</TD>
<TD><a href="#">Edit</a></TD>
</TR>
<?php
}
?>
</TABLE> <?php
<?php
if (!$_SESSION) {
session_start();
}
require_once "classes/conexao.php";
require_once "classes/funcionalidades.php";
require_once "header.php";
$funcionalidades = new funcionalidades();
$conn = new conn();
$sms = $conn->read(array("*"), "idCampanha = " . $_GET['idCamp'] . "", "", "sms", "query");
$sqlWhere = "1=1";
if (isset($_GET['idCampanha']) || $_GET['idCampanha'] != "") {
$sqlWhere .= " AND idCampanha = '" . $_GET['idCampanha'] . "'";
}
?>
<div class="container">
<?php
if ($_SESSION["login"]["logado"] == "sim") {
require_once "menu.php";
?>
<!--<h3>The columns titles are merged with the filters inputs thanks to the placeholders attributes</h3>
<hr>
<p>Inspired by this <a href="http://bootsnipp.com/snippets/featured/panel-tables-with-filter">snippet</a></p>-->
<div class="row" style="padding-left: 350px;padding-right: 350px;">
<div class="panel panel-primary filterable">
<div class="panel-heading">
<h3 class="panel-title">Gerenciador de logs</h3>
</div>
<div class="pull-right">