/**
* Function to test if DOB is stored correctly.
*/
public function testSetDOB()
{
$dob = time() - 10000;
$this->xobj->setDOB($dob);
$result = SQL("SELECT `DOB` FROM XUSER WHERE USERID = ?", array($this->obj->getUserID()));
$this->assertTrue($result[0]['DOB'] == $dob);
}
/**
* Function to write the log messages in DB.
* @param Array $args Array of messages as given by the user to be written in log files.
*/
public function log($args)
{
$logValues = $this->changeTemplate($args);
//change the user given message appropriate to the template of the log files. This is necessary to maintain consistency among all the log files.
$noOfEntries = count($this->template);
//get the how many entries are in the template. This is same as number of columns present in the DB and this helps in preparing the SQL statement.
//Prepare the SQL statement.
$SQLStatement = "INSERT INTO " . $this->dbConfig['TABLENAME'] . " (";
foreach ($this->template as $key => $value) {
$SQLStatement = $SQLStatement . $key . ",";
//Add all the column names.
}
$SQLStatement = substr($SQLStatement, 0, -1) . ") VALUES (";
for ($i = 0; $i < $noOfEntries; $i = $i + 1) {
$SQLStatement = $SQLStatement . "?,";
//Add as many "?" as there are number of columns.
}
$SQLStatement = substr($SQLStatement, 0, -1) . ")";
$values = array();
foreach ($logValues as $k => $v) {
array_push($values, $v);
//create an array that contains values for all columns.
}
SQL($SQLStatement, $values);
//execute the SQL statement.
}
function RepStandard()
{
// First Generate the query
$sq = $this->RepStandardQuery();
if ($this->display == 'SQL') {
echo "<h1>The Generated SQL</h1>";
hprint_r($sq);
return;
}
// Now execute the query and run the report
if ($this->display == 'CSV') {
echo "<pre>";
echo implode(',', $this->Cols) . "\n";
$res = SQL($sq);
while ($row = pg_fetch_row($res)) {
echo implode(',', $row) . "\n";
}
echo "</pre>";
return;
}
// Pull the info on breaking, sums, etc.
$srep = SQLFC($this->report_id);
$s2 = "SELECT rcl.column_id,rcl.reportlevel,rcl.summact\n FROM reportcollevels rcl\n JOIN reportcolumns rc ON rcl.column_id = rc.column_id\n WHERE rc.report = {$srep}\n ORDER BY rcl.reportlevel,rc.uicolseq";
$breaks = SQL_AllRows($s2);
$abreaks = array();
foreach ($breaks as $break) {
if ($break['summact'] == 'BREAK') {
$abreaks[$break['reportlevel']]['breaks'][$break['column_id']] = '';
} else {
$abreaks[$break['reportlevel']]['data'][$break['column_id']] = array('summact' => $break['summact'], 'val' => 0, 'cnt' => 0);
}
}
// There is always some setup, for either PDF or HTML, so do that
// here.
$this->RepHeader();
// Now execute the query and run the report
$res = SQL($sq);
$firstrow = true;
while ($row = SQL_Fetch_Array($res)) {
if ($firstrow) {
$firstrow = false;
$this->RepStandardBreakLevelsInit($abreaks, $row);
} else {
$this->RepStandardBreakLevels($abreaks, $row);
}
$xpos = 0;
foreach ($this->rows_col as $column_id => $colinfo) {
$disp = substr($row[$column_id], 0, $colinfo['dispsize']);
$disp = STR_PAD($disp, $colinfo['dispsize'], ' ');
$this->PlaceCell($xpos, $disp);
$xpos += 2 + $colinfo['dispsize'];
}
$this->ehFlushLine();
$this->RepStandardRowsToLevels($abreaks, $row);
}
$this->RepStandardBreakLevels($abreaks, $row, true);
// There is always some cleanup, either PDF or HTML
$this->RepFooter();
}
function GetAccessToken($appid, $uid)
{
$sql = mysql_fetch_assoc(SQL("SELECT access_token FROM auth_token WHERE app_id='{$appid}' AND user_id={$uid}"));
if ($sql == false) {
throw new IAuthException('access token not exist, maybe user delete ');
}
return $sql['access_token'];
}
/**
* Function to check if the temp password expiry functionality is working.
*/
public function testCheckIfTempPassExpired()
{
//update the temp pass time to current time.
SQL("UPDATE PASSWORD SET TEMP_TIME = ? WHERE USERID = ?", array(time("SYS"), $this->user->getUserID()));
$this->assertFalse(AdvancedPasswordManagement::checkIfTempPassExpired($this->user->getUserID()));
//this check will provide false, since the temp password time has not expired.
time("SET", time() + 1000000);
//Now set the time to some distant future time.
$this->assertTrue(AdvancedPasswordManagement::checkIfTempPassExpired($this->user->getUserID()));
//this check will provide true, since the temp password time has expired.
}
function sendFeedbackMail($title, $content)
{
$res = SQL("SELECT email FROM accounts WHERE id = ?", $_SESSION['accountID']);
$email = $res[0]["email"];
$to = FEEDBACK_EMAIL;
$subject = "#FEEDBACK: " . $title;
$message = $_SESSION['username'] . " sent feedback.\nEmail: {$email}\n\n";
$message .= $content;
$from = "\"Croupier feedback\" <" . NOREPLY_EMAIL . ">";
$headers = "From:" . $from;
mail($to, $subject, $message, $headers);
}
function GetAccessInfo($appid, $accessToken)
{
$sqlTmp = mysql_fetch_assoc(SQL("SELECT user_id,rights,access_secret,faile_t FROM auth_token WHERE app_id='{$appid}' AND access_token='{$accessToken}' "));
if ($sqlTmp == '') {
throw new IAuthException('access token not exist');
}
if ($sqlTmp['faile_t'] < date('Y-m-d H:i:s', time())) {
/* echo $sqlTmp['faile_t'] /\* .' '. date('Y-m-d H:i:s', time()) *\/; */
throw new IAuthException('access token failed');
}
return $sqlTmp;
}
function main()
{
hidden('gp_page', 'x_emailblast');
hidden('gp_table', CleanGet('gp_table', '', false));
hidden('gp_posted', 1);
$table = CleanGet('gp_table', '', false);
if ($table == '') {
ErrorAdd('Incorrect call to x_emailblast, no table parameter.' . 'This is a programming error, please contact your ' . 'technical support department');
return;
}
// Get an object for the page we need. Then
// pull the list of skeys in the current search
// and pull the rows.
//
$obj = DispatchObject($table);
$a_skeys = ContextGet("tables_" . $obj->table_id . "_skeys", array());
$l_skeys = implode(',', $a_skeys);
// get this little detail taken care of
//
$this->PageSubtitle = 'Email blast to ' . $obj->table['description'];
// Get the list of columns of interest, and pull them
// and slot them by skey, so the list of skeys can be
// used to order them
//
$lDisplayColumns = $obj->table['projections']['email'];
$aDisplayColumns = explode(',', $lDisplayColumns);
$EmailColumn = $obj->table['projections']['emailaddr'];
$sql = 'SELECT skey,' . $EmailColumn . ',' . $lDisplayColumns . ' FROM ' . $table . ' WHERE skey IN (' . $l_skeys . ')';
$DBRes = SQL($sql);
$rows = array();
while ($row = SQL_FETCH_Array($DBRes)) {
$rows[$row['skey']] = $row;
}
$okToSend = false;
if (CleanGet('gp_posted', '', false) == 1) {
if (CleanGet('txt_subject', '', false) == '') {
ErrorAdd('Please fill in a subject first');
}
if (trim(CleanGet('txt_email', '', false)) == '') {
ErrorAdd('Please fill in an email body');
}
if (!Errors()) {
$okToSend = true;
}
}
// Now that we have the results, decide whether we
// are sending out the email or
if ($okToSend) {
$this->EmailBlast($rows, $a_skeys, $EmailColumn, $aDisplayColumns);
} else {
$this->EmailHTML($rows, $a_skeys, $aDisplayColumns);
}
}
/**
* Function to test the storage of logs in DB.
*/
public function testCreation()
{
$result1 = SQL("SELECT COUNT(`ID`) FROM `LOGS`");
$this->myLogger->log("This is the first message", "WARNING", "LOW");
//store this log.
$this->myLogger->log("This is the second message");
//store this log.
$result2 = SQL("SELECT COUNT(`ID`) FROM `LOGS`");
//get how many records are there in the log DB.
$this->assertTrue($result2[0]["COUNT(`ID`)"] - $result1[0]["COUNT(`ID`)"] == 2);
// Should have two log entries.
}
function getLeaderboardForUser($lbID)
{
$leaderboard = SQL("SELECT tableName FROM leaderboards WHERE id = ?", $lbID);
if ($leaderboard == null) {
return null;
}
$tableName = $leaderboard[0]["tableName"];
$result = SQL("SELECT name, username, score\n FROM bots\n INNER JOIN {$tableName} on {$tableName}.botID = bots.id\n INNER JOIN accounts on accounts.id = bots.accountID\n ORDER BY {$tableName}.score DESC");
for ($i = 0; $i < count($result); $i++) {
$result[$i]["score"] = number_format(floatval($result[$i]["score"]), 0, '', '');
}
return $result;
}
static function getClientsById($id)
{
openSQLConnection();
$q = "SELECT * FROM client WHERE id = ?;";
$rows = SQL($q, $id);
$clients = [];
if (!empty($rows)) {
foreach ($rows as $name => $value) {
$clients[] = Client::fromJSON(json_encode($value));
}
}
return $clients;
}
static function getAllUsers()
{
openSQLConnection();
$q = "SELECT * FROM user;";
$rows = SQL($q);
$users = [];
if (!empty($rows)) {
foreach ($rows as $name => $value) {
$users[] = User::fromJSON(json_encode($value));
}
}
return $users;
}
function main()
{
if (gpExists('gp_xajax')) {
$sq = "UPDATE variables\n SET variable_value = " . SQLFC(gp('varval')) . "\n WHERE variable = " . SQLFC(gp('variable'));
SQL($sq);
}
if (gpExists('gp_cache')) {
//unlink($GLOBALS['AG']['dirs']['dynamic'].'table_variables.php');
OptionGet('X');
}
if (gpExists('gp_xajax')) {
return;
}
parent::main();
}
function main()
{
echo "<h1>View Build Log</h1>";
?>
<p>Currently viewing the log for application code "
<b><?php
echo gp('application');
?>
</b>". Click any
of the links below to see the logs for the particular application:</p>
<?php
// Run out list of apps they can see
echo "<hr>\n";
$results = SQL("select * from applications");
while ($row = pg_fetch_array($results)) {
echo HTMLE_A_STD($row["application"] . " - " . $row["description"], "a_builder_log", "gp_out=info&application=" . $row["application"]) . "<br>\n";
}
echo "<hr>\n";
// Make up a filename
global $AG;
$t = pathinfo(__FILE__);
$pLogDir = $t["dirname"];
$pLogFile = "AndroDBB." . CleanGet("application") . ".log";
$pLogPath = "{$pLogDir}/{$pLogFile}";
if (!file_exists($pLogPath)) {
echo "<p>There is no build log file for this application at this time. This usually\n\t\t\t\tmeans that the application has not been built yet. Try launching a build process\n\t\t\t\tand then coming back to this page.</p>";
return;
}
//echo "<pre style=\"background-color: silver; color: blue\">";
$fgc = file_get_contents($pLogPath);
$fgc = str_replace("\n", "<br>", $fgc);
echo "<div style=\"font: 10pt courier; color: navy;\">" . $fgc . "</div>";
//echo file_get_contents($pLogPath);
//echo "</pre>";
return "View Build/Update Log for: " . CleanGet("application");
}
$datcadastro = $_REQUEST['datcadastro'];
$datcadastro = FormataData($datcadastro, "en");
$desnoticia = $_REQUEST['desnoticia'];
$flaativo = $_REQUEST['flaativo'];
$desurl = $_REQUEST['desurl'];
$sql2 = "insert into noticia (desnoticia, datcadastro, flaativo, desurl)" . " values " . "('" . $desnoticia . "','" . $datcadastro . "','" . $flaativo . "','" . $desurl . "')";
$result = mysql_query($sql2) or die(mysql_error());
}
if ($bttipoacao == "Editar") {
$datcadastro = $_REQUEST['datcadastro'];
$datcadastro = FormataData($datcadastro, 'en');
$sql = "update noticia set desnoticia = '" . $_REQUEST['desnoticia'] . "',\n \t datcadastro = '" . $datcadastro . "',\n \t desurl = '" . $_REQUEST['desurl'] . "',\n \t flaativo = '" . $_REQUEST['flaativo'] . " '\n \t where codnoticia = " . $_REQUEST['codnoticia'];
$result = mysql_query($sql) or die("Erro na Inserção!");
}
if ($bttipoacao == "Excluir") {
$sql = SQL("noticia", "delete", "", "codnoticia");
mysql_query($sql) or die(mysql_error());
}
?>
<br>
<table width='580' class="table" cellspacing='0' cellpadding='0'>
<tr>
<td width="5"> </td>
<td align='center' class="td3"><strong><b>Mensagem</b></strong></td>
</tr>
<tr>
<td width="5"></td>
<td align='center' ></td>
</tr>
<tr>
<td width="5"> </td>
<?php
require "DBManager.inc";
require "viewer.inc";
getView("HeaderView.inc", null);
$host = "mysql.hostinger.com.ua";
$dbName = "u825515718_bbrat";
$user = "******";
$password = "******";
DBManager::getInstance()->connect($host, $dbName, $user, $password);
echo "<html><body><div id='feed' style='margin-left: 300px;'><div style='text-align:left'>";
$res = SQL("Select Name from Players order by Name DESC")->getAll();
foreach ($res as $player) {
echo "<p>" . $player['Name'] . "</p>";
}
echo "</div></div></body></html>";
function main()
{
// Get top page
$this->PageSubtitle = "Documentation";
//$sq="SELECT pagename FROM docpageshier WHERE pagehier=1";
//$pageroot=SQL_OneValue('pagename',$sq);
$pageroot = 'Data Dictionary';
$pn = gp('gppn');
$pn = $pn == '' ? $pageroot : $pn;
$sq = "SELECT * from docpages \n WHERE pagename = " . sql_format('char', $pn);
$row = SQL_oneRow($sq);
if ($row === false) {
echo "Page does not exist: " . $pn;
return;
}
// Get one parent. We used to get all of them, but now
// we only want one
$hmenu = '';
$attop = false;
$parents = array();
$peers = array();
$kids = array();
$pparent = $pprev = $pnext = '';
$plast = $pn;
while ($plast != $pageroot) {
$sq = "SELECT pagename_par FROM docpages \n WHERE pagename = '{$plast}'";
$rownew = SQL_AllRows($sq);
$plast = $rownew[0]['pagename_par'];
$parents[] = $plast;
//if ($rownew[0]['pagename_par'] == $pageroot) {
// break;
//}
}
if (count($parents) > 0) {
$parents = array_reverse($parents);
//$hmenu=adocs_makemenu($parents,'Parent Topics');
// Grab this page's peers
$pparent = $parents[count($parents) - 1];
$sq = "SELECT pagename FROM docpages \n WHERE pagename_par = '{$pparent}'\n ORDER BY sequence";
$rs = SQL($sq);
while ($rowx = SQL_Fetch_Array($rs)) {
$peers[] = $rowx['pagename'];
}
$peersr = array_flip($peers);
$pprev = $peersr[$pn] == 0 ? '' : $peers[$peersr[$pn] - 1];
$pnext = $peersr[$pn] == count($peers) - 1 ? '' : $peers[$peersr[$pn] + 1];
}
// Now pull out the kids
$sq = "SELECT pagename FROM docpages \n WHERE pagename_par = '{$pn}'\n ORDER BY sequence";
$rs = SQL($sq);
while ($rowx = SQL_Fetch_Array($rs)) {
$kids[] = $rowx['pagename'];
}
// Make and save a menu out of what we've discovered
adocs_makemenu($pageroot, $pn, $parents, $peers);
// Now format the page and save it. No caching for now.
$html = $row['pagetext'];
$html = $this->WikiProcess($html);
/*
// Remove carriage returns, makes things much easier
$html=str_replace("\r",'',$html);
// Convert newlines to double br's, but first don't do doubles
// after headings
$html=str_replace("=\n\n","=\n",$html);
$html=preg_replace("/\n\s*\n/","\n<br><br>\n",$html);
// Convert bold & italitcs
$html=preg_replace(
"/'{4,}(.*)'{4,}/xmsU"
,'<b><i>$1</i></b>'
,$html);
$html=preg_replace(
"/'{3}(.*)'{3}/xmsU"
,'<i>$1</i>'
,$html);
$html=preg_replace(
"/\'{2}(.*)\'{2}/xmsU"
,'<b>$1</b>'
,$html);
// Convert 6 levels of title
$html=preg_replace(
"/={6}(.*)={6}/xsU"
,'<head6>$1</head6>'
,$html);
$html=preg_replace(
"/={5}(.*)={5}/xsU"
,'<head5>$1</head5>'
,$html);
$html=preg_replace(
"/={4}(.*)={4}/xsU"
,'<head4>$1</head4>'
,$html);
$html=preg_replace(
"/={3}(.*)={3}/xsU"
,'<head3>$1</head3>'
,$html);
$html=preg_replace(
"/={2}(.*)={2}/xsU"
,'<head2>$1</head2>'
,$html);
$html=preg_replace(
'/^=(.*)=$/U'
,'<head1>$1</head1>'
,$html);
// convert hyperlinks and images
$matches=array();
while(preg_match('/\[{2,}(.*)\]{2,}/xmsU',$html,$matches)>0) {
$search=$matches[1];
$asearch=explode(':',$search);
if(count($asearch)==2) {
$type=$asearch[0];
$match=$asearch[1];
}
else {
$type='ilink';
$match=$search;
}
switch(strtolower($type)) {
case 'ilink': $this->Linkilink($html,$match); break;
case 'image': $this->LinkImage($html,$match,$type); break;
}
$matches=array();
}
*/
// Prepare a list of parents
if (count($parents) == 0) {
$apars = array($pn);
} else {
$apars = $parents;
$apars[] = $pn;
}
$hpars = '';
foreach ($apars as $apar) {
$hpars .= ($hpars == '' ? '' : ' > ') . '<a href="?gp_page=x_docview&gppn=' . urlencode($apar) . '">' . $apar . '</a>';
}
// Prepare the prev, next stuff
$hpn = '';
if ($pprev . $pnext != '') {
$hp = $pprev == '' ? '' : '<a href="?gp_page=x_docview&gppn=' . urlencode($pprev) . '">PREV: ' . $pprev . '</a>';
$hn = $pnext == '' ? '' : '<a href="?gp_page=x_docview&gppn=' . urlencode($pnext) . '">NEXT: ' . $pnext . '</a>';
$hpn = "\n\t\t\t<div class=\"row\">\n\t\t\t<div class=\"span9\">\n\t\t\t\t<div class=\"pull-left\">{$hp}</div>\n\t\t\t\t<div class=\"pull-right\">{$hn}</div>\n\t\t\t</div>\n\t\t\t</div>";
}
// Pull out and assemble the see-also groups
$hsa = '';
/*
$hsa='';
$sq='SELECT DISTINCT seealso FROM seealsoxpages '
." WHERE pagename='$pn'";
$sas=SQL_AllRows($sq);
foreach($sas as $sa) {
$hsa.="<hr>";
$seealso=$sa['seealso'];
$hsa.="<hr><h2>See Also ($seealso):</h2><p>";
$sq="SELECT pagename FROM seealsoxpages "
." WHERE seealso = '$seealso' "
." AND pagename <> '$pn'"
." ORDER By pagename ";
$sarows=SQL_AllRows($sq);
foreach($sarows as $index=>$sarow) {
$hsa.=($index==0 ? '' : ', ')
.'<a href="?gppn='.urlencode($sarow['pagename']).'">'
.$sarow['pagename'].'</a>';
}
$sarows.='</p>';
}
*/
// Now the actual output and formatting
//
$this->PageSubtitle = $pn;
echo "<div class=\"hero-unit\">Database Specification</div>";
echo $hpars . "<br><br>";
echo $hpn;
echo "\n<hr>";
echo "\n<h2>" . $pn . "</h2>\n";
echo $html;
if (count($kids) > 0 && $pn == 'Data Dictionary') {
echo "\n<hr>";
echo "\n<head2>Child Topics</head2>";
foreach ($kids as $kid) {
echo "\n<div><a href=\"?gp_page=x_docview&gppn=" . urlencode($kid) . "\">{$kid}</a></div>";
}
}
echo $hsa;
echo "<hr>";
echo $hpn;
?>
<hr>
Page last modified <?php
echo date('r', dEnsureTS($row['ts_upd']));
?>
by
<?php
echo $row['uid_upd'];
?>
<br><br>
<?php
}
function recovery($user_login)
{
global $DBCFG;
$ARRAYuser = array();
$ARRAYuser = ARRAYdatosUserXmail($user_login);
//El usuario no existe
if (!$ARRAYuser["user_id"]) {
return array("result" => false, "msg" => t3_messages("no_user"));
}
if (empty($ARRAYuser["user_activation_key"])) {
// Generate something random for a key...
$ARRAYuser["user_activation_key"] = wp_generate_password(20, false);
// Now insert the new md5 key into the db
$sql_update_key = SQL("update", "{$DBCFG['DBprefix']}usuario set user_activation_key='{$ARRAYuser['user_activation_key']}' where id='{$ARRAYuser['user_id']}'");
}
$message = LABEL_mail_recovery_pass1 . "\r\n\r\n";
$message .= $_SESSION["CFGURL"] . "\r\n\r\n";
$message .= sprintf(LABEL_mail_recovery_pass2, $ARRAYuser[mail]) . "\r\n\r\n";
$message .= LABEL_mail_recovery_pass3 . "\r\n\r\n";
$message .= LABEL_mail_recovery_pass4 . "\r\n\r\n";
$message .= currentBasePage($_SESSION["CFGURL"]) . 'login.php?action=rp&key=' . $ARRAYuser["user_activation_key"] . '&login='******'[%s] ' . LABEL_mail_recoveryTitle, $_SESSION[CFGTitulo]);
$sendMail = sendMail($ARRAYuser[mail], $title, $message);
if ($sendMail) {
return array("result" => true, "msg" => t3_messages("mailOK"));
} else {
array("result" => false, "msg" => t3_messages("mailFail"));
}
return;
}
$sqlString = "Select * from nucleo where codnucleo = " . $_REQUEST['codnucleo'];
$rsqry = mysql_query($sqlString);
$rsqry = mysql_num_rows($rsqry);
if ($rsqry != 0) {
$aux1 = 1;
$desnucleo = $_REQUEST['desnucleo'];
echo "<script>history.back('cadastranucleo.php?tipoacao=Incluir&desnucleo=" . $desnucleo . "');alert('Esse código já está Cadastrado');</script>";
} else {
$sql = SQL("nucleo", "insert", "codnucleo,desnucleo");
}
}
if ($bttipoacao == "Editar") {
$sql = SQL("nucleo", "update", "desnucleo", "codnucleo");
}
if ($bttipoacao == "Excluir") {
$sql = SQL("nucleo", "delete", "", "codnucleo");
}
mysql_query($sql) or die(mysql_error());
?>
<br>
<table width='580' class="table" cellspacing='0' cellpadding='0'>
<tr>
<td width="5"> </td>
<td align='center' class="td3"><strong><b>Mensagem</b></strong></td>
</tr>
<tr>
<td width="5"></td>
<td align='center'></td>
</tr>
<tr>
<td width="5"> </td>
function main()
{
# KFD 2/17/09. If installed with Debian package, will
# have username and password of "start".
# Must force a new id now.
#
if (SessionGet('UID') == 'start') {
if (gp('user_id') != '') {
if (gp('user_id') == '') {
ErrorAdd("User Id may not be empty");
}
if (substr(gp('user_id'), 0, 5) == 'andro') {
ErrorAdd("User Id may not begin with 'andro'");
}
if (gp('password1') != gp('password2')) {
ErrorAdd("Passwords do not match");
}
if (strlen(trim(gp('password1'))) == 0) {
ErrorAdd("Password may not be empty");
}
if (!Errors()) {
$row = array('user_id' => gp('user_id'), 'member_password' => gp('password1'));
SQLX_Insert('usersroot', $row);
if (!Errors()) {
scDBConn_Pop();
SessionSet('UID', gp('user_id'));
SessionSet('PWD', gp('password1'));
scDBConn_Push();
SQL("DELETE FROM USERSROOT WHERE user_id='start'");
# Get rid of the form that replaces login
$file = fsDirTop() . 'application/x_login_form.inc.html';
$fileto = $file . '.done';
@rename($file, $fileto);
?>
<h1>New Root User Created</h1>
<p>Your new user is created.</p>
<p><a href="index.php?st2logout=1">
Return to Login Page</a></p>
<?php
return;
}
}
}
?>
<h1>New Install - Must Create User</h1>
<p>You are logged into your Node Manager with the default
username of "start" and password "start". We have to change
this right now so nobody can get into your new system.
</p>
<p>Please provide a new ROOT (superuser) user id and password
below. Andromeda will create the new user, log you in as
that user, and remove the "start" user.
</p>
<table>
<tr><td align="left">User Name
<td><input name = 'user_id' /> (may not begin with 'andro')
<tr><td align="left">Password
<td><input type="password" name = 'password1'/>
<tr><td align="left">Password (verify)
<td><input type="password" name = 'password2'/>
</table>
<input type="submit" value="Create User Now" />
<?php
return;
}
/* FUTURE X6 VERSION OF NODE MANAGER
?>
<h1>Node Manager Upgrade Required</h1>
<p>The new version of the Node Manager uses the "x6"
interface to provide a richer experience. Please click
the link below to upgrade your Node Manager. Once the
upgrade is complete, log out and back in.
</p>
<p><a href="javascript:Popup('index.php?gp_page=a_builder&gp_out=none&x2=1&txt_application=andro','Build')"
>Upgrade Node Manager Now</a>.</p>
<p><a href="?st2logout=1">Logout After Upgrade</a>.</p>
<?php
return;
*/
# <------- EARLY RETURN.
# KFD 1/10/08, The old x_welcome screen is not used anymore,
# we have the new 'cpanel' now in x6.
# ===============================================================
?>
<h1>Welcome to the Andromeda Node Manager</h1>
<?php
// Work out if there is a new release available
//
$apps = svnVersions();
$andro = a($apps, 'andro', array('svn_url' => ''));
if (trim($andro['svn_url']) == '') {
$htmlVersions = '';
} else {
$htmlVersions = @file_get_contents($andro['svn_url']);
}
$matches = array();
preg_match_all('/<li><a href=.*\\>(.*)<\\/a><\\/li>/', $htmlVersions, $matches);
$versions = ArraySafe($matches, 1, array());
if (count($versions) > 0) {
$latest = array_pop($versions);
$latest = str_replace('/', '', $latest);
// Get current latest
$current = $andro['local'];
if ($latest > $current) {
?>
<br/>
<div style="border: 5px solid gray; color: blue
font-weight: bolder; margin: 8px; padding: 0 8px 8px 8px">
<h2>New Version of Andromeda Available</h2>
<p>Version <?php
echo $latest;
?>
is available. <a href="?gp_page=a_pullsvn"
>Click Here </a> to go to the Pull Code From Subversion.
</div>
<?php
}
}
$dirs = SQL_AllRows("select * from webpaths where webpath='DEFAULT'");
?>
<div style="font-size: 120%; line-height: 120%; padding: 10px">
<h2>For First Time Users</h2>
This program is the Andromeda <b>Node Manager</b>. You use this
program to build your applications.
<br/>
<br/>
Our main documentation is <a target="_blank" href=
"http://www.andromeda-project.org/">here</a>.
<br/>
<br/>
If you want to start programming a new application right away,
<a target="_blank" href=
"http://www.andromeda-project.org/creatinganapplication.html"
>The instructions are here</a>, or you can just
<a href="?gp_page=applications&gp_mode=ins">define a new application here.</a>
<br/>
<br/>
After you defined an application, click on the "build this application"
link to create all of the directories and the empty database.</p>
<br/>
<br/>
<h2>Your Application Program Files</h2>
After building the application skeleton you can start working on the
database specification. If your application code is "test", then put
the database specification into the file
<br/>
<br/>
<b><?php
echo $dirs[0]['dir_pub'];
?>
/test/application/test.dd.yaml</b>
<br/>
<br/>
All Andromeda applications start with
a database specification. These specifications are
more powerful than anything else out there,
and you will want learn the Andromeda's
<a target="_blank" href=
"http://www.andromeda-project.org/databaseprogramming.html"
>Database Programming</a> language.
<br/>
<br/>
Once you are ready to try some custom pages, you are ready to look
at <a target="_blank" href=
"http://www.andromeda-project.org/webprogramming.html"
>Web Programming</a>.
</div>
<?php
}
function Login_Process()
{
$arg2 = $this->directlogin == true ? 'direct' : '';
// only process if user hit "post"
if (gp('gp_posted', '', false) == '') {
return;
}
vgfSet('LoginAttemptOK', false);
// Error title
vgfSet('ERROR_TITLE', '*');
// If the user supplied a loginUID, this is a post and we
// must process the request.
$ale = vgaGet('login_errors', array());
$app = $GLOBALS['AG']['application'];
$em000 = isset($ale['000']) ? $ale['000'] : "That username/password combination did not work. Please try again.";
$em001 = isset($ale['001']) ? $ale['001'] : "That username/password combination did not work. Please try again.";
$em002 = isset($ale['002']) ? $ale['002'] : "That username/password combination did not work. Please try again.";
$em099 = isset($ale['099']) ? $ale['099'] : "That username/password combination did not work. Please try again.";
$terror = "";
$uid = gp('loginUID');
$uid = MakeUserID($uid);
//$uid = str_replace('@','_',$uid);
//$uid = str_replace('.','_',$uid);
$pwd = gp("loginPWD", "", false);
// First check, never allow the database server's superuser
// account
//
if ($uid == "postgres") {
ErrorAdd($em000);
if (vgfGet('loglogins', false)) {
sysLog(LOG_WARNING, "Andromeda:{$app}:Bad login attempt as postgres");
fwLogEntry('1011', 'Attempt login as postgres', '', $arg2);
}
return;
}
$app = $GLOBALS['AG']['application'];
if (substr($uid, 0, strlen($app)) == $app) {
ErrorAdd($em001);
if (vgfGet('loglogins', false)) {
sysLog(LOG_WARNING, "Andromeda:{$app}:Bad login attempt as group role");
fwLogEntry('1012', 'Attempt login as group role', $uid, $arg2);
}
return;
}
// Begin with a connection attempt.
// on fail, otherwise continue
$tcs = @SQL_CONN($uid, $pwd);
if ($tcs === false) {
ErrorAdd($em099);
if (vgfGet('loglogins', false)) {
sysLog(LOG_NOTICE, "Andromeda:{$app}:Bad login attempt server rejected");
fwLogEntry('1013', 'Server rejected username/password', $uid, $arg2);
}
return;
} else {
SQL_CONNCLOSE($tcs);
}
// The rest of this routine uses an admin connection. If we
// have an error, we must close the connection before returning!
// ...yes, yes, that's bad form, all complaints to /dev/null
//
if (vgfGet('loglogins', false)) {
fwLogEntry('1010', 'Login OK', $uid, $arg2);
}
scDBConn_Push();
// See if they are a root user. If not, do they have an
// active account?
$root = false;
$admin = false;
$group_id_eff = '';
$results = SQL("\n Select oid\n FROM pg_roles \n WHERE rolname = CAST('{$uid}' as name)\n AND rolsuper= true");
$cr = SQL_NUMROWS($results);
if ($cr != 0) {
$root = true;
} else {
$results = SQL("Select * from users WHERE LOWER(user_id)='{$uid}'" . "AND (user_disabled<>'Y' or user_disabled IS NULL)");
$cr = SQL_NUMROWS($results);
if ($cr == 0) {
scDBConn_Pop();
ErrorAdd($em002);
sysLog(LOG_WARNING, "Andromeda:{$app}:Bad login attempt code 002");
return;
} else {
$userinfo = SQL_Fetch_Array($results);
$group_id_eff = $userinfo['group_id_eff'];
SessionSet('user_name', $userinfo['user_name']);
}
}
// Flag if the user is an administrator
if ($root == true) {
$admin = true;
} else {
$results = SQL("select count(*) as admin from usersxgroups " . "where user_id='{$uid}' and group_id ='{$app}" . "_admin'");
$row = SQL_FETCH_ARRAY($results);
$admin = intval($row["admin"]) > 0 ? true : false;
}
// Get the users' groups
$groups = "";
if ($root) {
$results = SQL("\n select group_id \n from zdd.groups \n where COALESCE(grouplist,'')=''");
} else {
$results = SQL("select group_id from usersxgroups WHERE LOWER(user_id)='{$uid}'");
}
while ($row = SQL_FETCH_ARRAY($results)) {
$agroups[] = "'" . trim($row['group_id']) . "'";
#$groups.=ListDelim($groups)."'".trim($row["group_id"])."'";
}
$groups = array();
if (!empty($agroups)) {
$groups = implode(",", $agroups);
}
//scDBConn_Pop();
// We have a successful login. If somebody else was already
// logged in, we need to wipe out that person's session. But
// don't do this if there was an anonymous login.
if (LoggedIn()) {
$uid_previous = SessionGet('UID');
if ($uid != $uid_previous) {
//Session_Destroy();
SessionReset();
//Index_Hidden_Session_Start(false);
}
}
// We know who they are and that they can connect,
// see if there is any app-specific confirmation required
//
if (function_exists('app_login_process')) {
//echo "Calling the process now";
if (!app_login_process($uid, $pwd, $admin, $groups)) {
return;
}
}
// Protect the session from hijacking, generate a new ID
Session_regenerate_id();
// We now have a successful connection, set some
// flags and lets go
//
vgfSet('LoginAttemptOK', true);
SessionSet("UID", $uid);
SessionSet("PWD", $pwd);
SessionSet("ADMIN", $admin);
SessionSet("ROOT", $root);
SessionSet("GROUP_ID_EFF", $group_id_eff);
SessionSet("groups", $groups);
if (gp('gpz_page') == '') {
# KFD 9/12/08, extra command to not change page
if (gp('st2keep') != 1) {
gpSet('gp_page', '');
}
}
$GLOBALS['session_st'] = 'N';
// for "N"ormal
// -------------------------------------------------------------------
// We are about to make the menu. Before doing so, see if there
// are any variables set for the menu layout. Set defaults and then
// load from database.
//
$this->pmenu = array('MENU_TYPE' => vgaGet('MENU_TYPE', 'div'), 'MENU_CLASS_MODL' => vgaGet('MENU_CLASS_MODL', 'modulename'), 'MENU_CLASS_ITEM' => vgaGet('MENU_CLASS_ITEM', 'menuentry'), 'MENU_TICK' => vgaGET('MENU_TICK', ' - '));
//$sql = "SELECT * from variables WHERE variable like 'MENU%'";
//$dbres = SQL($sql);
//while ($row = SQL_FETCH_ARRAY($dbres)) {
// $this->pmenu[trim($row['variable'])]=trim($row['variable_value']);
//}
// -------------------------------------------------------------------
// KFD 10/28/06, Modified to examine "nomenu" instead of permsel
// pulls all tables user has nomenu='N'. The basic idea is
// to remove from $AGMENU the stuff they don't see
//
// GET AGMENU
$AGMENU = array();
// avoid compiler warning, populated next line
include "ddmodules.php";
// Pull distinct modules person has any menu options in.
$sq = "SELECT DISTINCT module\n FROM zdd.perm_tabs \n WHERE nomenu='N'\n AND group_id iN ({$groups})";
$modules = SQL_AllRows($sq, 'module');
$AGkeys = array_keys($AGMENU);
foreach ($AGkeys as $AGkey) {
if (!isset($modules[$AGkey])) {
unset($AGMENU[$AGkey]);
}
}
// Now recurse the remaining modules and do the same trick
// for each one, removing the tables that don't exist
foreach ($AGMENU as $module => $moduleinfo) {
$sq = "SELECT DISTINCT table_id\n FROM zdd.perm_tabs \n WHERE nomenu='N'\n AND module = '{$module}'\n AND group_id iN ({$groups})";
$tables = SQL_AllRows($sq, 'table_id');
$tkeys = array_keys($moduleinfo['items']);
foreach ($tkeys as $tkey) {
if (!isset($tables[$tkey])) {
unset($AGMENU[$module]['items'][$tkey]);
}
}
}
// KFD 12/18/06. Put all table permissions into session
$table_perms = SQL_AllRows("Select distinct table_id FROM zdd.perm_tabs\n WHERE group_id IN ({$groups})\n AND nomenu='N'", 'table_id');
SessionSet('TABLEPERMSMENU', array_keys($table_perms));
$table_perms = SQL_AllRows("Select distinct table_id FROM zdd.perm_tabs\n WHERE group_id IN ({$groups})\n AND permsel='Y'", 'table_id');
SessionSet('TABLEPERMSSEL', array_keys($table_perms));
$table_perms = SQL_AllRows("Select distinct table_id FROM zdd.perm_tabs\n WHERE group_id IN ({$groups})\n AND permins='Y'", 'table_id');
SessionSet('TABLEPERMSINS', array_keys($table_perms));
$table_perms = SQL_AllRows("Select distinct table_id FROM zdd.perm_tabs\n WHERE group_id IN ({$groups})\n AND permupd='Y'", 'table_id');
SessionSet('TABLEPERMSUPD', array_keys($table_perms));
$table_perms = SQL_AllRows("Select distinct table_id FROM zdd.perm_tabs\n WHERE group_id IN ({$groups})\n AND permdel='Y'", 'table_id');
SessionSet('TABLEPERMSDEL', array_keys($table_perms));
//echo "<div style='background-color:white'>";
//echo "$uid $groups $group_id_eff";
//hprint_r(SessionGet('TABLEPERMSMENU'));
//hprint_r(SessionGet('TABLEPERMSSEL'));
//echo "</div>";
// KFD 7/9/07, we always use joomla templates now, don't need
// options to turn them off
//if(defined('_ANDROMEDA_JOOMLA')) {
// In a hybrid situation, put the menu into the session
SessionSet('AGMENU', $AGMENU);
//}
$HTML_Menu = "";
$WML_Menu = "";
/*
foreach ($AGMENU as $key=>$module) {
//if($key=="datadict") continue;
//if($key=="sysref") continue;
$HTML_Module="";
$WML_Module="";
foreach($module["items"] as $itemname=>$item) {
if (!isset($item["mode"])) { $item["mode"]="normal"; }
switch ($item["mode"]) {
case "normal":
$ins=false;
$extra=array();
if($item['menu_parms']<>'') {
$aextras=explode('&',$item['menu_parms']);
foreach($aextras as $aextra) {
list($var,$value)=explode("=",$aextra);
$extra[$var]=$value;
}
}
$HTML_Module.=$this->_MenuItem(
$item['description'],$itemname,$ins,$extra
);
$WML_Module.="<div>";
$WML_Module.=hLink(
'',$item['description'],'?gp_page='.$itemname
);
$WML_Module.="</div>";
break;
case "ins":
//if ($admin || isset($tables_ins[$item["name"]])) {
$HTML_Module.=$this->_MenuItem(
$item['description'],$itemname,true
);
//}
break;
#$HTML_Module.=
# "\n<font class=\"tablename\">- <a href=\"index.php?gp_page=".$itemname."\">".
# $item["description"]."</a></font><br />";
}
}
// the module is defined AFTER its contents so it can be
// left off if it has no entries
if ($HTML_Module!="") {
$HTML_Menu.=$this->_MenuModule($module['description']);
$HTML_Menu.=$HTML_Module;
}
if ($WML_Module!="") {
$WML_Menu.="<div><b>".$module['description']."</b></div>";
$WML_Menu.=$WML_Module;
}
}
*/
DynamicSave("menu_" . $uid . ".php", $HTML_Menu);
DynamicSave("menu_wml_" . $uid . ".php", $WML_Menu);
// -------------------------------------------------------------------
// Fetch and cache user preferences
if (vgaGet('member_profiles')) {
cacheMember_Profiles();
}
// -------------------------------------------------------------------
// Now find the user's table permissions more precisely table by table
$sql = "select p.table_id,\n\t\t\t\tmax(case when p.permins='Y' then 1 else 0 end) as permins,\n\t\t\t\tmax(case when p.permupd='Y' then 1 else 0 end) as permupd,\n\t\t\t\tmax(case when p.permdel='Y' then 1 else 0 end) as permdel,\n\t\t\t\tmax(case when p.permsel='Y' then 1 else 0 end) as permsel\n\t\t\t\tfrom zdd.perm_tabs P\n\t\t\t\tWHERE group_id in ({$groups})\n\t\t\t\tGROUP BY p.table_id";
//echo $sql;
$results = SQL($sql);
$HTML_Perms = "<?php\n\$table_perms = array();\n";
while ($row = SQL_FETCH_ARRAY($results)) {
$tn = $row["table_id"];
$ti = $row["permins"];
$tu = $row["permupd"];
$td = $row["permdel"];
$ts = $row["permsel"];
$HTML_Perms .= "\$table_perms[\"{$tn}\"]=array(\"ins\"=>{$ti},\"upd\"=>{$tu},\"del\"=>{$td},\"sel\"=>{$ts});\n";
}
$HTML_Perms .= "?>\n";
DynamicSave("perms_" . $uid . ".php", $HTML_Perms);
/* October 28, 2006, KFD. Rem'd this all out, column and row security
made this irrelevant
// -------------------------------------------------------------------
// Find out if this user has any UID Columns, columns that create
// filters on the user's UID
$sql = "Select column_id FROM groupuids WHERE group_id IN ($groups)";
//echo $sql;
$results = SQL($sql);
$groupuids = array();
while ($row = SQL_FETCH_ARRAY($results)) {
//echo "Found this one".$row["column_id"];
$groupuids[$row["column_id"]] = $row["column_id"];
}
SessionSet("groupuids",$groupuids);
*/
scDBConn_Pop();
return;
}
if ($ret === false) {
die("Couldn't write bot to file: " . $id);
}
}
//remove bot from leaderboards
SQL("DELETE FROM compiling_bots_leaderboards WHERE botID = ?", $id);
$leaderBoardTables = SQL("SELECT id, tableName FROM leaderboards");
for ($i = 0; $i < count($leaderBoardTables); $i++) {
$res = SQL("SELECT COUNT(*) FROM " . $leaderBoardTables[$i]["tableName"] . " WHERE botID = ?", $id);
if ($res != null && $res[0]["COUNT(*)"] == 1) {
$res = SQL("DELETE FROM " . $leaderBoardTables[$i]["tableName"] . " WHERE botID = ?", $id);
SQL("INSERT INTO compiling_bots_leaderboards (botID, leaderboardID) VALUES (?, ?)", $id, $leaderBoardTables[$i]["id"]);
}
}
//remove bot from games_by_bots
SQL("DELETE FROM games_by_bots WHERE botID = ?", $id);
header('Location: ../my_bots.php');
}
}
?>
<!DOCTYPE html>
<html>
<head>
<?php
require "php/head.php";
?>
<script type="text/javascript" src="scripts/codemirror-compressed.js"></script>
<link rel="stylesheet" href="style/codemirror.css">
<link rel="stylesheet" href="style/codemirror-neat-modified.css">
<script type="text/javascript">
var editor = null;
return false;
}
}
</script>
<?php
// Grava dados do formulario
if ($bttipoacao != "") {
if ($bttipoacao == "Incluir") {
$sql = SQL("tiposervsolicitacao", "insert", "codtiposol,destiposervsol");
}
if ($bttipoacao == "Editar") {
$sql = SQL("tiposervsolicitacao", "update", "codtiposol,destiposervsol", "codtiposervsol");
}
if ($bttipoacao == "Excluir") {
$sql = SQL("tiposervsolicitacao", "delete", "codtiposervsol");
}
mysql_query($sql) or die(mysql_error());
?>
<br><br>
<table width='580' border='1' cellspacing='0' cellpadding='0'>
<tr>
<td align='center'><strong><b>Mensagem</b></strong></td>
</tr>
<tr>
<td align='center'><br>Operação efetuada com sucesso.<p> </td>
</tr>
</table>
<p>
<table width='580' border='0' cellspacing='0' cellpadding='0'>
<tr>
function MusicOFF()
{
SQL("UPDATE juego SET music = 0");
echo "<script>\n \$(document).ready( \n function(){ \n \$('#auto8').load('php/music.php?z=None');\n });\n </script>";
}
function SQLtargetTermsVocabulary($tvocab_id, $from = "0", $limit = "20")
{
global $DBCFG;
$tvocab_id = secure_data($tvocab_id, "sql");
$from = is_numeric($from) ? $from : "0";
$limit = is_numeric($limit) ? $limit : "20";
$idUser = secure_data($idUser, "sql");
return SQL("select", "tv.tvocab_id,tv.tvocab_label,tv.tvocab_tag,\r\n\t\ttv.tvocab_title,tv.tvocab_url,tv.tvocab_uri_service,tv.cuando,tv.uid,\r\n\t\tt2tt.tterm_id,t2tt.tterm_url,t2tt.tterm_uri,t2tt.tterm_string,t2tt.cuando,t2tt.cuando_last,\r\n\t\tt.tema_id,t.tema\r\n\t\tfrom {$DBCFG['DBprefix']}tvocab tv,{$DBCFG['DBprefix']}term2tterm t2tt,{$DBCFG['DBprefix']}tema t\r\n\t\twhere tv.tvocab_id=t2tt.tvocab_id\r\n\t\tand t2tt.tema_id=t.tema_id\r\n\t\tand tv.tvocab_id='{$tvocab_id}'\r\n\t\torder by tv.tvocab_tag,t2tt.tterm_string\r\n\t\tlimit {$from},{$limit}");
}
function initTranslate()
{
global $tr;
if (!isset($_SESSION["lang"])) {
$_SESSION["lang"] = "en";
}
if ($result = SQL("SELECT identifier, text FROM strings WHERE language = ?", $_SESSION["lang"])) {
foreach ($result as $row) {
$tr[$row["identifier"]] = $row["text"];
}
}
}
/**
* Run the report based on options provided by user.
*
* @param string $yamlP2 A processed YAML page description
* @access private
*/
private function pageReport()
{
// Create the reporting object
require_once 'androPageReport.php';
$oReport = new androPageReport();
// For each section, run the output
foreach ($this->yamlP2['section'] as $secname => $secinfo) {
$dbres = SQL($secinfo['sql']);
if (gp("showsql") == 1) {
hprint_r($secinfo['sql']);
}
if (Errors()) {
hprint_r($secinfo['sql']);
echo hErrors();
}
if (gp("showsql") == 1) {
return;
}
// Now pass the SQL resource to the reporting engine
$oReport->main($dbres, $this->yamlP2, $secinfo);
}
}
}
</script>
<?php
// Grava dados do formulario
if ($bttipoacao != "") {
/* $sqlstring2 = "select nomtecnicoresp, desfuncaoresp from tecnicoresp where codtecnicoresp =".$codtecnicoresp;
$query2 = mysql_query($sqlstring2) or die(mysql_error());
$rstec = mysql_fetch_array($query2);
$desusuario = $rstec['nomtecnicoresp'];
$desfuncao = $rstec['desfuncaoresp'];
echo "nome: ".$desusuario. " - ".$desfuncao;
*/
if ($bttipoacao == "Excluir") {
$sql = SQL("usuario", "delete", "", "codusuario");
$sql2 = "Delete from acessousu where codusuario =" . $codusuario;
mysql_query($sql) or die(mysql_error());
mysql_query($sql2) or die(mysql_error());
}
if ($bttipoacao == "Incluir") {
$sql = "insert into usuario (codtecnicoresp,desusuario,desfuncao,dessenha,flapercadusu,flapercadmenu)" . "values " . "('" . $codtecnicoresp . "', '" . $desusuariologin . "', '" . $desfuncao . "', '" . $dessenha . "', '" . $_REQUEST['flapercadusu'] . "', '" . $_REQUEST['flapercadmenu'] . "')";
mysql_query($sql) or die(mysql_error());
$codusuario = mysql_insert_id();
// Grava o novo acesso do usuario
if ($codmenu != "") {
foreach ($codmenu as $elemento) {
$sqlins1 = "insert into acessousu\n (codusuario, codmenu)\n values\n ({$codusuario}, {$elemento})";
mysql_query($sqlins1) or die(mysql_error());
}
}
/**
* Function to generate and validate a temporary password. To create a new temporary password, call this function without the second argument and the value returned will be the temporary password that will be sent to the user. To validate a temporary password, pass the temporary password to this function and will will return TRUE for valid passwords and FALSE for invalid/non-existent one's.
* @param string $userID The userID of the user
* @param string $tempPass The temporary password that needs to be checked if valid or not
* @return boolean | string Returns True if temporary password provided is valid. False otherwise. Can also return temporary password in case where the temporary password needs to be set
*/
public static function tempPassword($userID, $tempPass = "")
{
//If a temp password has not been provided, then create a temp password.
if ($tempPass == "") {
$tempPass = hash(BasicPasswordManagement::$hashAlgo, randstr(128));
$time = time();
//If record is not present in the DB
if (!AdvancedPasswordManagement::checkIfUserExists($userID)) {
SQL("INSERT INTO PASSWORD (`TEMP_PASS`, `USE_FLAG`, `TEMP_TIME`, USERID) VALUES (?, ?, ?, ?)", array($tempPass, 0, $time, $userID));
} else {
//If record is present in the DB
SQL("UPDATE PASSWORD SET `TEMP_PASS` = ?, `USE_FLAG` = ?, `TEMP_TIME` = ? WHERE USERID = ?", array($tempPass, 0, $time, $userID));
}
return $tempPass;
} else {
$result = SQL("SELECT `TEMP_PASS`, `USE_FLAG` FROM PASSWORD WHERE `USERID` = ?", array($userID));
if (count($result) == 1) {
//temporary password has not expired
if ($result[0]['USE_FLAG'] == 0 && !($a = AdvancedPasswordManagement::checkIfTempPassExpired($userID))) {
if ($result[0]['TEMP_PASS'] === $tempPass) {
SQL("UPDATE PASSWORD SET TEMP_PASS = ?, USE_FLAG = ?, TEMP_TIME = ? WHERE USERID = ?", array(randstr(10), 1, 0, $userID));
return TRUE;
}
} else {
SQL("UPDATE PASSWORD SET TEMP_PASS = ?, USE_FLAG = ?, TEMP_TIME = ? WHERE USERID = ?", array(randstr(10), 1, 0, $userID));
return FALSE;
}
}
//record not found
return FALSE;
}
}
<?php
require_once "php/include.php";
needLogin();
if (!$admin) {
header('Location: /');
exit;
}
if (isset($_GET["id"]) && is_numeric($_GET["id"])) {
$id = $_GET["id"];
$orig = SQL("SELECT name, code_lang, accountID FROM bots WHERE id = ?;", $id);
if ($orig == null) {
die("Invalid Request");
}
$name = $orig[0]["name"];
$code = file_get_contents(_BOT_AI_RELATIVE_PATH_ . $orig[0]["accountID"] . "/" . $id . ".cpp");
$lang = $orig[0]["code_lang"];
} else {
die("Invalid request");
}
?>
<!DOCTYPE html>
<html>
<head>
<?php
require "php/head.php";
?>
<script type="text/javascript" src="scripts/codemirror-compressed.js"></script>
<script type="text/javascript" src="scripts/matchbrackets.js"></script>
<script type="text/javascript" src="scripts/clike.js"></script>
<link rel="stylesheet" href="style/codemirror.css">
