function getNavMenuObj($menuid, $menuAutoGroupFile = null, $params = null)
{
if ($params == null) {
$params = array("dbtable" => _dbtable("links"), "requiredTableList" => _db(true)->getTableList(), "requiredModuleList" => null, "sysdb" => false, "site" => SITENAME);
}
if ($menuAutoGroupFile != null) {
if (file_exists($menuAutoGroupFile)) {
$json = file_get_contents($menuAutoGroupFile);
$arrMenu = json_decode($json, true);
if ($arrMenu == null) {
$arrMenu = array();
} else {
foreach ($arrMenu as $a => $b) {
if (isset($b['enabled']) && !$b['enabled'] && !$allGenerators) {
unset($arrMenu[$a]);
}
}
}
}
} else {
$arrMenu = array();
}
$sm = new AutoMenus($arrMenu);
//$sm->printTitle($params['printTitle']);
$sm->requiredTableList($params['requiredTableList']);
$sm->requiredModuleList($params['requiredModuleList']);
$sm->generateSQL($params['site'], $_SESSION["SESS_PRIVILEGE_NAME"], $params['sysdb']);
return $sm;
}
function printAvatarPhoto($method)
{
if (isset($_REQUEST['authorid']) && strlen($_REQUEST['authorid']) > 0) {
$authorid = explode("@", $_REQUEST['authorid']);
$authorid = $authorid[0];
if ($method == "facebook") {
$url = "http://graph.facebook.com/{$authorid}/picture?type=large";
//?redirect=false
$data = file_get_contents($url);
printAvatar($data, "jpeg");
} elseif ($method == "gravatar") {
$url = "http://www.gravatar.com/avatar/" . md5(strtolower(trim($_REQUEST['authorid']))) . "?s=80&d=mm&r=g";
$data = file_get_contents($url);
printAvatar($data, "png");
} elseif ($method == "twitter") {
$url = "http://avatars.io/twitter/{$authorid}?size=large";
$data = file_get_contents($url);
printAvatar($data, "jpeg");
} elseif ($method == "instagram") {
$url = "http://avatars.io/instagram/{$authorid}?size=large";
$data = file_get_contents($url);
printAvatar($data, "jpeg");
} elseif ($method == "email") {
$url = "http://avatars.io/email/{$_REQUEST['authorid']}?size=large";
$data = file_get_contents($url);
printAvatar($data, "jpeg");
} elseif ($method == "logiks") {
$profilePhoto = APPROOT . APPS_USERDATA_FOLDER . "profile_photos/{$_REQUEST['authorid']}";
if (file_exists($profilePhoto . ".png")) {
header("content-type:image/png");
readfile($profilePhoto . ".png");
} elseif (file_exists($profilePhoto . ".gif")) {
header("content-type:image/gif");
readfile($profilePhoto . ".gif");
} elseif (file_exists($profilePhoto . ".jpg")) {
header("content-type:image/jpg");
readfile($profilePhoto . ".jpg");
} elseif (file_exists($profilePhoto . ".jpeg")) {
header("content-type:image/jpeg");
readfile($profilePhoto . ".jpeg");
} else {
printDefaultAvatar();
}
} elseif ($method == "photoid") {
if (!isset($_REQUEST['src'])) {
$_REQUEST['src'] = getConfig("DBTABLE_AVATAR");
if (strlen($_REQUEST['src']) <= 0) {
$_REQUEST['src'] = _dbtable("avatar");
}
}
$lx = _service("viewphoto") . "&type=view&loc=db&dbtbl={$_REQUEST['src']}&image={$_REQUEST['authorid']}";
header("Location:{$lx}");
exit;
}
} else {
printDefaultAvatar();
}
}
function registerSettings($name, $value = "", $scope = "default")
{
$data = array("userid" => $_SESSION['SESS_USER_ID'], "site" => SITENAME, "scope" => $scope, "name" => $name, "settings" => $value);
$q = _db(true)->_insertQ1(_dbtable("settings", true), $data);
$res = _dbQuery($q, true);
if ($res) {
return true;
} else {
return false;
}
}
function createDataSelector($dbLink, $groupID, $allowNone = true, $format = "select", $orderBy = null, $params = array())
{
if (isset($_SESSION['SESS_PRIVILEGE_ID'])) {
$where = "blocked='false' && groupid='{$groupID}' and (privilege='*' OR FIND_IN_SET('{$_SESSION['SESS_PRIVILEGE_NAME']}',privilege))";
} else {
$where = "blocked='false' && groupid='{$groupID}' and privilege='*'";
}
if ($orderBy == null) {
$where .= " ORDER BY title";
} elseif (strlen($orderBy) > 0) {
$where .= " ORDER BY {$orderBy}";
}
return createDataSelectorFromTable(_db(), _dbtable("lists"), "title", "value", "class", null, $where, null, false, $allowNone, $format, $params);
}
function printContent($refID, $category = "", $silent = false, $autoCreate = false)
{
$sql = "SELECT title,category,text,blocked FROM " . _dbtable("contents") . " WHERE (ID='{$refID}' OR reflink='{$refID}')";
if (strlen($category) > 0) {
$sql .= " AND category='{$category}'";
}
$sql .= " AND (site='*' OR site='" . SITENAME . "')";
$rs = _dbQuery($sql);
$data = _dbData($rs);
_dbFree($rs);
$text = "";
if (count($data) > 0) {
if ($data[0]['blocked'] == "false") {
$text = $data[0]['text'];
} else {
if (!$silent) {
echo "<div class=divError>";
dispErrMessage("Page Content Currently Not Available For <i class='text2'>{$refID}</i><br/><br/>Visit Us Again ...", "Not Available!", "400", "notfound/file.png");
echo "</div>";
}
}
if (strlen($text) > 0) {
echo $text;
return $data[0]['title'];
} else {
if (!$silent) {
echo "<div class=divError>";
dispErrMessage("Page Content Not Found For <i class='text2'>{$refID}</i>", "Content Not Found OR Missing !", "404", "notfound/file.png");
echo "</div>";
}
return false;
}
} elseif ($autoCreate) {
$date = date("Y-m-d");
$cols = "id,reflink,title,category,text,blocked,site,userid,doc,doe";
$vals = "0,'{$refID}','" . toTitle($refID) . "','{$category}','','false','" . SITENAME . "','auto','{$date}','{$date}'";
$sql = "INSERT INTO " . _dbtable("contents") . " ({$cols}) VALUES ({$vals})";
_dbQuery($sql);
return true;
}
return false;
}
function changePWD()
{
$userid = $_SESSION["SESS_USER_ID"];
$tbl = _dbtable("users", true);
$sql1 = "SELECT pwd FROM {$tbl} WHERE userid='{$userid}'";
$r = _dbQuery($sql1, true);
$ra = _dbData($r);
if (!isset($ra[0])) {
$q = array("code" => "1", "msg" => "Error In Changing Password (1).");
echo json_encode($q);
exit;
}
$ra = $ra[0];
$_POST["old"] = getPWDHash($_POST["old"]);
$_POST["new"] = getPWDHash($_POST["new"]);
//printArray($ra);
//printArray($_POST);
//exit();
if ($ra["pwd"] != $_POST["old"]) {
$q = array("code" => "0", "msg" => "Old Password Doesn't Match. Please Use Correct Credentials. (2)");
echo json_encode($q);
exit;
}
$oldPwd = $_POST["old"];
$newPwd = $_POST["new"];
$date = date("Y-m-d");
$q = "UPDATE {$tbl} SET pwd = '{$newPwd}', doe = '{$date}' WHERE userid='{$userid}' and pwd='{$oldPwd}'";
_dbQuery($q, true);
if (_db(true)->affected_rows() <= 0) {
$q = array("code" => "0", "msg" => "Old Password Doesn't Match. Please Use Correct Credentials.(3)");
echo json_encode($q);
} else {
$q = array("code" => "1", "msg" => "Successfully Updated Your New Password");
echo json_encode($q);
}
}
printHeader($doc, $type);
printVFile($doc);
exit;
} else {
displayLocalImage("images/forbidden.png", "view");
exit;
}
}
}
displayLocalImage("images/warning.png", "view");
} elseif (strtolower($_REQUEST['loc']) == "dbfile") {
$dbtbl = "";
if (isset($_REQUEST['dbtbl'])) {
$dbtbl = $_REQUEST['dbtbl'];
} else {
$dbtbl = _dbtable("files");
}
$sql = "SELECT file_name,file_type,file_data,file_size FROM {$dbtbl} WHERE ID=" . $_REQUEST['file'];
$result = _db()->executeQuery($sql);
if ($result) {
if (_db()->recordCount($result) > 0) {
$record = _db()->fetchData($result);
$darr = explode(".", $record["file_name"]);
$ext = $darr[sizeOf($darr) - 1];
printHeader($record["file_name"], $type);
echo $record["file_data"];
exit;
}
}
displayLocalImage("images/warning.png", "view");
} else {
function updateUser($attrs = array(), $userID = null, $site = SITENAME)
{
if (!isset($_SESSION['SESS_PRIVILEGE_ID']) || $_SESSION['SESS_PRIVILEGE_ID'] > ROLE_PRIME) {
$site = SITENAME;
$userID = $_SESSION['SESS_USER_ID'];
}
if ($userID == null && isset($_SESSION['SESS_USER_ID'])) {
$userID = $_SESSION['SESS_USER_ID'];
}
if (checkUserID($userID, $site)) {
$dataUser = $attrs;
$reqParams = explode(",", getConfig("USER_CREATE_REQUIRED_FIELDS"));
foreach ($reqParams as $vx) {
if (isset($dataUser[$vx]) && ($dataUser[$vx] == null || strlen($dataUser[$vx]) <= 0)) {
return array("error" => "Missing Field", "field" => $vx);
}
}
//Check PrivilegeID if required
if (isset($dataUser['privilegeid'])) {
$privilegeID = $dataUser['privilegeid'];
$sql = _db(true)->_selectQ(_dbTable("privileges", true), "count(*) as cnt")->_where(array("id" => $privilegeID))->_raw(" AND (site='" . SITENAME . "' OR site='*')");
$res = _dbQuery($sql, true);
if (!$res) {
return array("error" => "PrivilegeID Query Error");
}
$data = _dbData($res, true);
_dbFree($res, true);
if ($data[0]['cnt'] <= 0) {
return array("error" => "PrivilegeID Not Found This Site {$site}");
}
}
//Check AccessID if required
if (isset($dataUser['accessid'])) {
$accessID = $dataUser['accessid'];
$sql = _db(true)->_selectQ(_dbTable("access", true), "count(*) as cnt")->_where(array("blocked" => 'false', "id" => $accessID))->_raw(" AND (FIND_IN_SET('" . SITENAME . "',sites) OR sites='*')");
$res = _dbQuery($sql, true);
if (!$res) {
return array("error" => "AccessID Query Error");
}
$data = _dbData($res, true);
_dbFree($res, true);
if ($data[0]['cnt'] <= 0) {
return array("error" => "AccessID Not Found For This Site {$site}");
}
}
$sql = _db(true)->_updateQ(_dbtable("users", true), $dataUser, array("userid" => "{$userID}"));
$res = _dbQuery($sql, true);
if ($res) {
return true;
}
return array("error" => "Error In User Updating", "details" => _db(true)->get_error());
}
return array("error" => "UserID Not Found");
}
function displayDBImage($imgID, $type = "view")
{
$dbtbl = "";
if (isset($_REQUEST['dbtbl'])) {
$dbtbl = $_REQUEST['dbtbl'];
} else {
$dbtbl = _dbtable("photos");
}
$sql = "SELECT image_type,image_data,image_size FROM {$dbtbl} WHERE ID={$imgID}";
$result = _db()->executeQuery($sql);
if ($result) {
if (_db()->recordCount($result) > 0) {
$record = _db()->fetchData($result);
$ext = str_replace("image/", "", $record["image_type"]);
printHeader("download.{$ext}", $type);
echo $record["image_data"];
exit;
}
}
displayLocalImage("images/warning.png", "view");
}
$rssid = $_REQUEST['rss'];
$tbl = _dbtable($rsstable);
$temp_FULL_MEDIA_PATH = getConfig("FULL_MEDIA_PATH");
setConfig("FULL_MEDIA_PATH", "true");
$rss = RSSGen::generateFromDB($tbl, $rssid);
setConfig("FULL_MEDIA_PATH", $temp_FULL_MEDIA_PATH);
if (strlen($rss) > 0) {
RSSGen::printRSSHeader();
echo $rss;
}
exit;
} elseif (isset($_REQUEST['list'])) {
if (!isset($_REQUEST['format'])) {
$_REQUEST['format'] = "json";
}
$tbl = _dbtable($rsstable);
$list = RSSGen::listFeeds($tbl);
if (count($list) > 0) {
foreach ($list as $a => $b) {
$list[$a]['link'] = SiteLocation . "services/?scmd=rss&rss={$b['rssid']}";
}
if ($_REQUEST['format'] == "json") {
echo json_encode($list);
} elseif ($_REQUEST['format'] == "table") {
$s = "<table width=100% cellpadding=2 cellspacing=0 border=0>";
foreach ($list as $a) {
$s .= "<tr>";
foreach ($a as $m => $n) {
$s .= "<td name='{$m}'>{$n}</td>";
}
$s .= "</tr>";
function moveFile($file)
{
if (strlen($file['name']) == 0 && $file['size'] == 0 && strlen($file['tmp_name']) == 0) {
return array();
}
$lnk = "";
$maxFileSize = $_POST['MAX_FILE_SIZE'];
$ifFileExists = $_POST['IF_FILE_EXISTS'];
//replace,noreplace
$fileAct = $_POST['FILE_ACTION'];
//create,replace,delete
$storeTxtToDB = $_POST['TEXT_EXTRACTION'];
//true,false,yes,no
$storeType = "fs";
$storePath = "attachments/";
if (strlen($file['src']) == 0) {
$file['src'] = "fs#attachments/";
}
if (strpos($file['src'], "fs#") === 0) {
$storePath = substr($file['src'], 3);
$storeType = "fs";
if (strlen($storePath) <= 0) {
$storePath = "attachments/";
}
} elseif (strpos($file['src'], "db#") === 0) {
$storePath = substr($file['src'], 3);
$storeType = "db";
if (strlen($storePath) <= 0) {
$storePath = _dbtable("files");
}
} else {
$file['src'] = "fs#attachments/";
$storePath = substr($file['src'], 3);
$storeType = "fs";
if (strlen($storePath) <= 0) {
$storePath = "attachments/";
}
}
$exts = explode(".", $file['name']);
if (count($exts) > 1) {
$ext = $exts[count($exts) - 1];
} else {
$ext = "";
}
$fname = substr($file['name'], 0, strlen($file['name']) - strlen($ext));
if (strpos($fname, ".") === strlen($fname) - 1) {
$fname = substr($fname, 0, strlen($fname) - 1);
}
if ($storeType == "fs") {
$newName = md5(rand() * time()) . "-" . str_replace(" ", "_", $fname);
$targetPath = APPROOT . APPS_USERDATA_FOLDER . "{$storePath}/{$newName}.{$ext}";
$targetPath = str_replace("//", "/", $targetPath);
if (!file_exists(dirname($targetPath))) {
mkdir(dirname($targetPath), 0777, true);
chmod(dirname($targetPath), 0777);
}
if (!file_exists(dirname($targetPath))) {
return array("Error" => "Failed To Create TargetPath Folder.");
}
if (file_exists($targetPath)) {
if ($ifFileExists == "replace") {
unlink($targetPath);
} elseif ($ifFileExists == "noreplace") {
return array("Error" => "File Exists At The Target.");
}
}
if ($fileSize < $maxFileSize) {
if (@move_uploaded_file($file['tmp_name'], $targetPath)) {
return str_replace("//", "/", "{$storePath}/{$newName}.{$ext}");
} else {
return array("Error" => "Failed To Move File To Destination.");
}
} else {
return array("Error" => "File Size Is More Then Max.");
}
} elseif ($storeType == "db") {
$date = date("Y-m-d");
$usr = getUserInfo();
$defData['date'] = $date;
$defData['time'] = date('H:i:s');
$defData['doc'] = $date;
$defData['doe'] = $date;
$defData['datestamp'] = date('Y-m-d H:i:s');
$defData['username'] = $usr['SESS_USER_NAME'];
$defData['userid'] = $usr['SESS_USER_ID'];
$defData['privilegeid'] = $_SESSION['SESS_PRIVILEGE_ID'];
$defData['scanBy'] = $_SESSION['SESS_USER_ID'];
$defData['site'] = SITENAME;
$fileName = $file['name'];
$fileType = $file['type'];
$fileSize = $file['size'];
$fileData = "";
$meta = "";
$txtData = "";
if (isset($_POST['tags'])) {
$tags = $_POST['tags'];
} else {
$tags = "";
}
if (isset($_POST['remarks'])) {
$remarks = $_POST['remarks'];
} else {
$remarks = "";
}
if ($fileSize < $maxFileSize) {
$fileData = file_get_contents($file['tmp_name']);
$fileData = mysql_real_escape_string($fileData);
if ($storeTxtToDB || $storeTxtToDB == "true") {
$txtData = getTextData($fileData, $fileType);
}
} else {
return array("Error" => "File Size Is More Then Max.");
}
if (strpos("#" . $storePath, $GLOBALS["DBCONFIG"]["DB_SYSTEM"]) == 1) {
$sysDb = true;
} else {
$sysDb = false;
}
$insertQuery = "INSERT INTO {$storePath} ";
$insertQuery .= "(datestamp,title,txt_data,file_name,file_data,file_type,file_size,remarks,tags,meta,site,userid,doc,doe) VALUES ";
$insertQuery .= "('{$defData['datestamp']}','{$fname}',\"{$txtData}\",'{$fileName}',\"{$fileData}\",'{$fileType}','{$fileSize}','{$remarks}','{$tags}',";
$insertQuery .= "'{$meta}','{$defData['site']}','{$defData['userid']}','{$defData['doc']}','{$defData['doe']}')";
//echo $insertQuery;
$a = _dbQuery($insertQuery, $sysDb);
if ($a) {
return _db($sysDb)->insert_id();
}
return array("Error" => "Error In MySQL Query.");
}
return array("Error" => "StorageType Not Supported.");
}
function deleteForm()
{
if (isset($_REQUEST["on_success"])) {
$onSuccess = $_REQUEST["on_success"];
} else {
$onSuccess = "";
}
if (isset($_REQUEST["on_error"])) {
$onFailure = $_REQUEST["on_error"];
} else {
$onFailure = "";
}
$sTable = $_POST["submit_table"];
$sql = "";
if (isset($_POST["delete_id"])) {
$id = clean($_POST["delete_id"]);
$sql = "DELETE FROM {$sTable} WHERE id={$id}";
} elseif (isset($_POST["submit_wherecol"])) {
$whereCol = $_POST["submit_wherecol"];
$whereCol = explode(",", $whereCol);
$w = array();
foreach ($whereCol as $a => $b) {
if (isset($_POST[$b])) {
$x = clean($_POST[$b]);
$sw = "{$b}='{$x}'";
array_push($w, $sw);
}
}
$where = implode("AND ", $w);
$sql = "DELETE FROM {$sTable} WHERE {$where}";
}
//exit("Error:: $sql");
if (strlen($sql) > strlen("DELETE FROM {$sTable} WHERE ")) {
$a = _dbQuery($sql);
if ($a) {
if (function_exists($onSuccess)) {
call_user_func($onSuccess);
} else {
echo $onSuccess;
}
} else {
if (strlen($onFailure) > 0) {
echo $onFailure;
} else {
echo "Error:: " . _db($sysDb)->getErrorNo() . "<br/>";
}
if (MASTER_DEBUG_MODE == 'true') {
echo _db($sysDb)->getError();
}
}
} else {
if (strlen($onFailure) > 0) {
echo $onFailure;
} else {
echo "Error:: " . _db($sysDb)->getErrorNo() . "<br/>";
}
if (MASTER_DEBUG_MODE == 'true') {
echo _db($sysDb)->getError();
}
}
if (function_exists("log_ActivityEvent")) {
if (isset($_POST["delete_id"])) {
log_ActivityEvent("Record Form Deleted From Table {$sTable}, For ID::{$id}", "User", 4, "forms", _dbtable("forms"));
} else {
log_ActivityEvent("Record Form Deleted For Query {$sql}", "User", 4, "forms", _dbtable("forms"));
}
}
}