function user_has_page_permissions($page_content_id, $type = "manager") { if (in_array('admin', $_SESSION['access_permissions'])) { return true; } if (in_array('god', $_SESSION['access_permissions'])) { return true; } $results = dbQuery('SELECT * FROM user_access_pages WHERE page_content_id = ' . $page_content_id . ' AND user_id = ' . $_SESSION['user_id'] . ' AND user_access_pages_type = "' . $type . '"'); return dbNumRows($results); }
function getOrderAmount($orderId) { $orderAmount = 0; $sql = "SELECT SUM(pd_price * od_qty)\r\n\t FROM tbl_order_item oi, tbl_product p \r\n\t\t WHERE oi.pd_id = p.pd_id and oi.od_id = {$orderId}\r\n\t\t\t\r\n\t\t\tUNION\r\n\t\t\t\r\n\t\t\tSELECT od_shipping_cost \r\n\t\t\tFROM tbl_order\r\n\t\t\tWHERE od_id = {$orderId}"; $result = dbQuery($sql); if (dbNumRows($result) == 2) { $row = dbFetchRow($result); $totalPurchase = $row[0]; $row = dbFetchRow($result); $shippingCost = $row[0]; $orderAmount = $totalPurchase + $shippingCost; } return $orderAmount; }
function doLogin() { // if we found an error save the error message in this variable $errorMessage = ''; $userName = $_POST['txtUserName']; $password = $_POST['txtPassword']; // $_SESSION['user_id'] = $username; // first, make sure the username & password are not empty if ($userName == '') { $errorMessage = 'You must enter your username'; } else { if ($password == '') { $errorMessage = 'You must enter the password'; } else { // check the database and see if the username and password combo do match $sql = "SELECT user_id,user_name\n\t\t FROM tbl_user \n\t\t\t\tWHERE user_name = '{$userName}' AND user_password = '******'"; $result = dbQuery($sql); if (dbNumRows($result) == 1) { $row = dbFetchAssoc($result); $_SESSION['user_id'] = $row['user_id']; $_SESSION['user_name'] = $row['user_name']; // log the time when the user last login $sql = "UPDATE tbl_user \n\t\t\t SET user_last_login = NOW() \n\t\t\t\t\tWHERE user_id = '{$row['user_id']}'"; dbQuery($sql); // now that the user is verified we move on to the next page // if the user had been in the admin pages before we move to // the last page visited $row = dbFetchAssoc($result); if ($userName == 'admin') { // echo $userName; // echo'1'; header('Location: index.php'); exit; } else { if ($row['user_level'] == 0) { // echo $userName; // echo'2'; header("Location: http://localhost/html/main.php"); exit; } } } else { $errorMessage = 'Wrong username or password'; } } } return $errorMessage; }
function addUser() { $userName = $_POST['txtUserName']; $password = $_POST['txtPassword']; /* // the password must be at least 6 characters long and is // a mix of alphabet & numbers if(strlen($password) < 6 || !preg_match('/[a-z]/i', $password) || !preg_match('/[0-9]/', $password)) { //bad password } */ // check if the username is taken $sql = "SELECT user_name\n\t FROM tbl_user\n\t\t\tWHERE user_name = '{$userName}'"; $result = dbQuery($sql); if (dbNumRows($result) == 1) { header('Location: index.php?view=add&error=' . urlencode('Username already taken. Choose another one')); } else { $sql = "INSERT INTO tbl_user (user_name, user_password, user_regdate)\n\t\t VALUES ('{$userName}', PASSWORD('{$password}'), NOW())"; dbQuery($sql); header('Location: index.php'); } }
function recurse_pages($id = 0, $level = 0) { $level++; $sql = "SELECT * FROM page_content WHERE parent = " . $id . " ORDER BY page_content_title ASC"; $pageResults = dbQuery($sql); $count = 0; while ($pInfo = dbFetchArray($pageResults)) { $padding = 18 * $level; if ($level != 1) { $style = "style=\"padding-left:" . ($padding + 18) . "px; background-repeat:no-repeat; background-position:" . $padding . "px 0px; background-image:url(images/directory_arrow.gif);\""; } else { $class = ""; } //SECURITY CHECK //ONLY SHOW PAGES THAT THE USER HAS ACCESS TOO $row = $count % 2; echo "<tr>\n"; echo "<td nowrap width=\"1\">\n"; if ($pInfo['page_content_member']) { echo "<a href=\"javascript:void(0);\" title=\"Membership Required\"><img src=\"images/icons/lock_16x16.gif\" border=\"0\"><a>"; } echo "</td>\n"; echo "<td nowrap width\"1\">" . date('m/d/Y', $pInfo['page_content_publish_date']) . "</td>\n"; echo "<td " . $style . "><a href=\"" . PAGE_MANAGE . "?action=edit§ion=webpage&id=" . $pInfo['page_content_id'] . "\">" . output($pInfo['page_content_title']) . "</a></td>\n"; echo "<td nowrap width\"1\">"; if ($pInfo['page_content_status'] == 'pending') { echo "<span class=\"textPending\">Pending</span>"; } else { if ($pInfo['page_content_status'] == 'published') { echo "<span class=\"textActive\">Published</span>"; } else { echo "<span class=\"textInactive\">Unpublished</span>"; } } echo "</td>\n"; echo "<td nowrap width\"1\">\n"; echo "<span class=\"smallText\"><abbr title=\"by " . getAuthor($pInfo['page_content_author']) . "\" style=\"margin:2px;\">Created: " . date('m/d/y g:i a', $pInfo['page_content_added']) . " </abbr></span>\n"; //check to see if this page has been edited //display $modifiedResults = dbQuery('SELECT * FROM page_content_log WHERE page_content_id = ' . $pInfo['page_content_id'] . ' LIMIT 1'); if (dbNumRows($modifiedResults)) { $m = dbFetchArray($modifiedResults); echo "<br>"; echo "<span class=\"smallText\" style=\"font-style:italic;\"><abbr style=\"margin:2px;\" title=\"by " . getAuthor($m['user_id']) . "\">Last Modified: " . date('m/d/y g:i a', $m['page_content_log_timestamp']) . "</abbr></span>"; } echo "</td>\n"; echo "<td align=\"right\" >"; if ($level == 1) { echo "<a class=\"table_addsubpage_link\" href=\"" . PAGE_PUBLISH . "?section=webpage&parent=" . $pInfo['page_content_id'] . "\" title=\"Add Sub Page\">Add Subpage</a>"; echo " "; } if (user_has_permission('banners')) { //echo "<a class=\"table_banner_link\" href=\"".PAGE_MANAGE."?action=banners§ion=webpage&id=".$pInfo['page_content_id']."\" title=\"Add Banner\">Advert</a>\n"; //echo " "; } if (user_has_permission('content') && user_has_page_permissions($pInfo['page_content_id'])) { echo "<a class=\"table_edit_link\" href=\"" . PAGE_MANAGE . "?action=edit§ion=webpage&id=" . $pInfo['page_content_id'] . "\" title=\"Edit " . output($pInfo['page_content_title']) . "\">Edit</a>\n"; echo " "; } if (user_has_permission('admin')) { echo "<a class=\"table_delete_link\" href=\"" . PAGE_MANAGE . "?action=delete§ion=webpage&id=" . $pInfo['page_content_id'] . "\" title=\"Delete " . output($pInfo['page_content_title']) . "\" onclick=\"return confirm('Are you sure you want to delete this page? THIS IS NOT UNDOABLE');\">Delete</a>\n"; } echo "</td>\n"; echo "</tr>\n"; recurse_pages($pInfo['page_content_id'], $level); $count++; } }
$q = "UPDATE articulo SET active = 0 WHERE id={$id_art}"; $result = dbQuery($q); if ($result) { echo "exito"; } else { echo "fracaso"; } break; case "buscar_articulo": $b = $_GET['b']; $campo = $_GET['campo']; $fila = ''; $q = "SELECT * FROM articulo WHERE {$b} LIKE '%" . $campo . "%' AND active = '1'"; //echo $q; $q1 = dbQuery($q); $q_tot = dbNumRows($q1); if ($q_tot > 0) { while ($row = dbFetchAssoc($q1)) { if ($row['imagen'] == '' or $row['imagen'] == NULL) { $img_ssc = "noimage.png"; } else { $img_ssc = $row['imagen']; } $retorno = "'" . $row['id'] . '|' . $row['codigo'] . '|' . $row['codant'] . '|' . $row['nombre'] . '|' . $row['marca_id'] . '|'; $retorno .= $row['categoria_id'] . '|' . $row['scategoria_id'] . '|' . $row['sscategoria_id'] . '|' . $row['uni_med'] . '|'; $retorno .= $row['detalle'] . '|' . $row['peso'] . '|' . $row['caja'] . '|' . $row['mayoreo'] . '|' . $row['codigo_barra'] . '|' . $img_ssc; $retorno .= "'"; //$retorno = $row['id'].';'.$row['codigo'].';'.$row['nombre'].';'.$row['marca_id'].';'.$row['categoria_id'].';'.$row['scategoria_id'].';'.$row['detalle']; //$retorno = $row['id'].'#'.$row['codigo'].'#'.$row['nombre'].'#'.$row['marca_id'].'#'.$row['categoria_id'].'#'.$row['scategoria_id'].'#'.$row['detalle']; $fila .= '<tr style="cursor:pointer" onClick="obtener_articulo(' . ps($retorno) . ')">'; $nombre = $row['nombre'];
</div> </div> </div> <div class="container-fluid"> <div class="row"> <div class="col-md-3 col-md-2 sidebar"> <ul class="nav nav-sidebar"> <?php $link = "#"; $m = "SELECT * FROM modulo WHERE active = '1' AND tipo = 1 and padre=" . $_GET['m']; $m1 = dbQuery($m); while ($mrow = dbFetchAssoc($m1)) { $p = "SELECT * from permiso WHERE usuario_id =" . $_SESSION['id_user'] . " AND modulo_id = " . $mrow['id']; $p1 = dbQuery($p); $pfila = dbNumRows($p1); if ($mrow['link'] === NULL) { $link = "#"; } else { $link = $mrow['link'] . '?m=' . $mrow['padre']; } if ($pfila > 0) { ?> <li class="<?php if ($mrow['nombre'] == 'SSCategoria') { echo 'active'; } ?> "><a href="<?php echo $link; ?>
function _deleteImage($catId) { // we will return the status // whether the image deleted successfully $deleted = false; // get the image(s) $sql = "SELECT cat_image \n FROM tbl_category\n WHERE cat_id "; if (is_array($catId)) { $sql .= " IN (" . implode(',', $catId) . ")"; } else { $sql .= " = {$catId}"; } $result = dbQuery($sql); if (dbNumRows($result)) { while ($row = dbFetchAssoc($result)) { // delete the image file $deleted = @unlink(SRV_ROOT . CATEGORY_IMAGE_DIR . $row['cat_image']); } } return $deleted; }
$season_signups = dbNumRows($season_users_ref); // Matches $matches_ref = dbQuery("SELECT * FROM `{$cfg['db_table_prefix']}matches` " . "WHERE `confirmed` <> '0000-00-00 00:00:00' AND `id_season` = {$seasons_row['id']}"); $season_matches = dbNumRows($matches_ref); // Played matches $matches_ref = dbQuery("SELECT * FROM `{$cfg['db_table_prefix']}matches` " . "WHERE `wo` = 0 AND `bye` = 0 AND `out` = 0 AND `confirmed` <> '0000-00-00 00:00:00' " . "AND `id_season` = {$seasons_row['id']}"); $season_played = dbNumRows($matches_ref); // Walkovers $matches_ref = dbQuery("SELECT * FROM `{$cfg['db_table_prefix']}matches` " . "WHERE `wo` <> 0 AND `confirmed` <> '0000-00-00 00:00:00' AND `id_season` = {$seasons_row['id']}"); $season_wos = dbNumRows($matches_ref); // Byes $matches_ref = dbQuery("SELECT * FROM `{$cfg['db_table_prefix']}matches` " . "WHERE `bye` = 1 AND `confirmed` <> '0000-00-00 00:00:00' AND `id_season` = {$seasons_row['id']}"); $season_byes = dbNumRows($matches_ref); // Outs $matches_ref = dbQuery("SELECT * FROM `{$cfg['db_table_prefix']}matches` " . "WHERE `out` = 1 AND `confirmed` <> '0000-00-00 00:00:00' AND `id_season` = {$seasons_row['id']}"); $season_outs = dbNumRows($matches_ref); $content_tpl->set_var("I_SEASON_NAME", htmlspecialchars($seasons_row['name'])); if ($seasons_row['status'] == "") { $content_tpl->parse("I_LED", "B_LED_RED"); } elseif ($seasons_row['status'] == "signups") { $content_tpl->parse("I_LED", "B_LED_ORANGE"); } elseif ($seasons_row['status'] == "running") { $content_tpl->parse("I_LED", "B_LED_GREEN"); } elseif ($seasons_row['status'] == "finished") { $content_tpl->parse("I_LED", "B_LED_DONE"); } $content_tpl->set_var("I_SIGNUPS", $season_signups); $content_tpl->set_var("I_MATCHES", $season_matches); $content_tpl->set_var("I_PLAYED", $season_played); $content_tpl->set_var("I_WOS", $season_wos); $content_tpl->set_var("I_BYES", $season_byes);
<td> <input id="search_loco_nombre" onkeyup="DelayedCallMe(2)" class="typeahead col-sm-12 col-md-12 col-lg-12" type="text" placeholder="Nombre" data-provide="typeahead" autocomplete="off"> </td> <td> <input id="marca_addlinea" type="text" class="form-control input-xs" disabled> </td> <td align="right"> <button onClick="agregar_linea_nueva()" class="btn btn-primary btn-xs" ><span class="glyphicon glyphicon-plus"></span></button> </td> </tr> <?php $pd = "SELECT a.codigo as codigo, pd.cantidad as cantidad, \n (SELECT nombre FROM variados WHERE tipo=2 AND id=a.uni_med) as uni_med, \n a.nombre as nombre,(SELECT nombre FROM marca where id = a.marca_id) as marca, \n pd.id as ingreso_d_id,\n IFNULL((SELECT stock FROM inventario where active = 1 AND articulo_id=pd.articulo_id),0) as stock\n FROM ingreso_d as pd, articulo as a\n WHERE pd.active = 1 AND pd.ingreso_id={$id_ingreso} AND pd.articulo_id = a.id"; $pd1 = dbQuery($pd); $pd_num = dbNumRows($pd1); if ($pd_num > 0) { while ($pd2 = dbFetchAssoc($pd1)) { ?> <tr id= "linea_<?php echo $pd2['ingreso_d_id']; ?> " > <td><?php echo '<small>' . $pd2['codigo'] . '</small>'; ?> </td> <td> <input onMouseover="ver_saldo(<?php
function dashboard() { global $TLD, $domain_expires, $tld_db; show_header(); $username = $_SESSION['username']; $userid = $_SESSION['userid']; // echo "<p align=\"right\"><a href=\"user.php?action=logout\">Logout</a></p>\n"; echo "<center><H2>Welcome to " . $username . "'s Dashboard for ." . $TLD . "</H2>\n"; echo "<b>My ." . $TLD . " domains</b><BR><BR>"; $base = database_open_now($tld_db, 0666); $query = "SELECT domain, registered, expires FROM domains WHERE userid=" . $userid . ""; $results = database_query_now($base, $query); if (dbNumRows($results)) { echo "<table width=\"400\" align=\"center\" border=0 cellspacing=1 cellpadding=0>\n"; echo "<tr><td>Domain Name</td><td>Created</td>"; if ($domain_expires == 1) { echo "<td>Expires</td>"; } echo "</tr>\n"; while ($arr = database_fetch_array_now($results)) { echo "<tr><td><a href=\"domain.php?action=modify&domain=" . $arr['domain'] . "\">" . $arr['domain'] . '.' . $TLD . "</a></td><td>" . $arr['registered'] . "</td>"; if ($domain_expires == 1) { echo "<td>" . $arr['expires'] . "</td>"; } echo "</tr>\n"; } echo "</table>\n"; } else { echo "You do not have any domains registered.\n"; } echo "You can register a new " . $TLD . " <a href=\"domain.php?action=frm_check_domain\">here</a>."; $get_user_details = "SELECT name, email, country FROM users WHERE userid='" . $userid . "' AND username='******' LIMIT 1"; $base = database_open_now($tld_db, 0666); $get_user_details_results = database_query_now($base, $get_user_details); $get_user_details_arr = database_fetch_array_now($get_user_details_results); $name = $get_user_details_arr['name']; $email = $get_user_details_arr['email']; $country = $get_user_details_arr['country']; ?> <BR><BR> <form action="user.php" method="post"> <table width="450" align="center"> <tr><td colspan="2" align="center"><b>.<?php echo $TLD; ?> User Details</b></td></tr> <tr><td>Name</td><td><?php echo $name; ?> </td></tr> <tr><td>Email</td><td><?php echo $email; ?> <sup>*</sup></td></tr> <tr><td>Country</td><td> <select name="country"> <?php if (strlen($country) > 0) { echo "<option value=\"" . $country . "\" selected>Current (" . $country . ")</option>\n"; } else { echo "<option>Select</option>\n"; } ?> <option>------</option> <option value="AU">Australia</option> <option value="CA">Canada</option> <option value="DE">Germany</option> <option value="MX">Mexico</option> <option value="UK">United Kingdom</option> <option value="US">United States</option> </select><sup>**</sup></td></tr> <tr><td>Current Password</td><td><input type="password" name="password"></td></tr> <tr><td valign="top">Password</td><td><input type="password" name="password1"><BR><font size="-1">(Must be at least 5 characters long)</font></td></tr> <tr><td>Password Confirm</td><td><input type="password" name="password2"></td></tr> <tr><td colspan="2" align="center"><input type="submit" name="submit" value="Update"></td></tr> <input type="hidden" name="action" value="update_account"> <tr><td colspan="2"> <font size="-1"> <sup>*</sup>Please contact support to change this.<BR> <sup>**</sup>This is optional and for our statistics only. </font></td></tr> </table> </form> <?php echo "</center>"; }
$fInfo = dbFetchArray($filterResults); $title .= " to " . strtolower($fInfo['subscriber_lists_name']) . ' list'; $contactLists[] = $fInfo['subscriber_lists_id']; } } if($_GET['action'] == 'edit') { $buttonText = "Save contact"; $subscriberResults = dbQuery('SELECT * FROM subscribers WHERE subscriber_id = ' . $_GET['id']); $sInfo = dbFetchArray($subscriberResults); $title = "Edit contact"; $newsletter_agree = $sInfo['subscriber_newsletter_agree']; $sms_agree = $sInfo['subscriber_sms_agree']; $action = 'save'; //get contact lists this user is attached to. $contactListResults = dbQuery('SELECT * FROM subscriber_to_lists WHERE subscriber_id = ' . $_GET['id']); if(dbNumRows($contactListResults)) { while($cl = dbFetchArray($contactListResults)) { $contactLists[] = $cl['subscriber_lists_id']; } } else { $contactLists = array(0); } } ?> <form action="<?=PAGE_COMMUNICATION?>" method="post" id="<?=$action?>subscriber"> <input type="hidden" name="action" value="<?=$action?>subscriber" /> <input type="hidden" name="id" value="<?=$_GET['id']?>" /> <table width="100%" border="0" cellspacing="0" cellpadding="0" > <tr> <td valign="top" class="formBody"> <div class="mb20"></div>
$paginationQuery .= " DATE(StartTime) >= SUBDATE(CURDATE(), INTERVAL 1 MONTH)"; break; case "custom": $query = "SELECT * FROM Events WHERE"; if (isset($chosencameras)) { $query .= " MonitorId IN ('" . implode("','", $chosencameras) . "') AND "; } $query .= " StartTime >= '{$_REQUEST['startdatetime']}' AND StartTime <= '{$_REQUEST['enddatetime']}' {$orderString} LIMIT {$limit}"; $paginationQuery = "SELECT COUNT(Id) AS NUMROWS FROM Events WHERE"; if (isset($chosencameras)) { $paginationQuery .= " MonitorId IN ('" . implode("','", $chosencameras) . "') AND"; } $paginationQuery .= " StartTime >= '{$_REQUEST['startdatetime']}' AND StartTime <= '{$_REQUEST['enddatetime']}'"; break; } if (dbNumRows($query) < 1) { die("<div class=\"alert alert-info\"><p>No events in selected range...</p></div>"); } else { $response = dbFetchAll($query); if (!$response) { die("ERROR: Failed to fetch events!<br>" . $query); } else { $skipColumns = array(0 => "Archived", 1 => "Videoed", 2 => "Uploaded", 3 => "Emailed", 4 => "Messaged", 5 => "Executed", 6 => "Width", 7 => "Height", 8 => "Notes", 9 => "Frames", 10 => "AlarmFrames", 11 => "TotScore", 12 => "AvgScore", 13 => "MaxScore", 14 => "Cause"); echo "<table class=\"table table-striped\">"; echo "<thead><tr><td>Event Id</td><td>Camera</td><td>Name</td><td>Start Time</td><td>End Time</td><td>Length</td><td></td><td></td><td></td><td><input id=\"check-all\" type=\"checkbox\"></td></tr></thead>"; foreach ($response as $event) { echo "<tr>"; foreach ($event as $key => $value) { if (in_array($key, $skipColumns)) { continue; }
</td> </tr> <?php } //fin del while de abonos/recibos ?> </tbody> </table> <?php } //fin del if que verifica si existen recibos/abonos a la factura ?> <?php $nc = "SELECT * , date(fecha_alta) as fa, (SELECT sum(total) FROM nota_credito_d WHERE nota_credito_id=nota_credito.id) as total,\n\t\t\tIF( (SELECT tipo FROM nota_credito_d WHERE nota_credito_id=nota_credito.id group by tipo)='OM','Otro Motivo','Devolucion')\tas tipo\n\t\t\tFROM nota_credito WHERE active = 1 AND factura_id={$id_factura}"; $nc2 = dbQuery($nc); $nc_count = dbNumRows($nc2); if ($nc_count > 0) { ?> Notas De Credito <table class="table table-condensed " > <thead > <th bgcolor="#DAA520">No.</th> <th bgcolor="#DAA520">Fecha</th> <th bgcolor="#DAA520">Tipo</th> <th bgcolor="#DAA520">Total</th> </thead> <tbody> <?php while ($row = dbFetchAssoc($nc2)) { ?>
?> ></div> <span ><i class="icon-folder-open"></i> <?php echo $row['nombre']; ?> </span> <ul> <?php $sc = "SELECT * FROM modulo WHERE active = 1 AND padre = " . $row['id']; $sc1 = dbQuery($sc); while ($sc2 = dbFetchAssoc($sc1)) { $pom = "SELECT * FROM permiso WHERE active = 1 AND usuario_id = {$id_usuario} AND modulo_id=" . $sc2['id']; $pom1 = dbQuery($pom); $pexiste_permiso = dbNumRows($pom1); ?> <li> <div class="badge badge-nocolor"> <input type="checkbox" id="chijo_<?php echo $sc2['id']; ?> " name="modulos" value="<?php echo $sc2['id']; ?> " class="hijo_<?php echo $row['id']; ?> " <?php if ($pexiste_permiso > 0) { echo 'checked'; }
function getPagingLink($sql, $itemPerPage = 10, $strGet = '') { $result = dbQuery($sql); $pagingLink = ''; $totalResults = dbNumRows($result); $totalPages = ceil($totalResults / $itemPerPage); // how many link pages to show $numLinks = 10; // create the paging links only if we have more than one page of results if ($totalPages > 1) { $self = 'http://' . $_SERVER['HTTP_HOST'] . $_SERVER['PHP_SELF']; if (isset($_GET['page']) && (int) $_GET['page'] > 0) { $pageNumber = (int) $_GET['page']; } else { $pageNumber = 1; } // print 'previous' link only if we're not // on page one if ($pageNumber > 1) { $page = $pageNumber - 1; if ($page > 1) { $prev = " <a href=\"{$self}?page={$page}&{$strGet}/\">[Prev]</a> "; } else { $prev = " <a href=\"{$self}?{$strGet}\">[Prev]</a> "; } $first = " <a href=\"{$self}?{$strGet}\">[First]</a> "; } else { $prev = ''; // we're on page one, don't show 'previous' link $first = ''; // nor 'first page' link } // print 'next' link only if we're not // on the last page if ($pageNumber < $totalPages) { $page = $pageNumber + 1; $next = " <a href=\"{$self}?page={$page}&{$strGet}\">[Next]</a> "; $last = " <a href=\"{$self}?page={$totalPages}&{$strGet}\">[Last]</a> "; } else { $next = ''; // we're on the last page, don't show 'next' link $last = ''; // nor 'last page' link } $start = $pageNumber - $pageNumber % $numLinks + 1; $end = $start + $numLinks - 1; $end = min($totalPages, $end); $pagingLink = array(); for ($page = $start; $page <= $end; $page++) { if ($page == $pageNumber) { $pagingLink[] = " {$page} "; // no need to create a link to current page } else { if ($page == 1) { $pagingLink[] = " <a href=\"{$self}?{$strGet}\">{$page}</a> "; } else { $pagingLink[] = " <a href=\"{$self}?page={$page}&{$strGet}\">{$page}</a> "; } } } $pagingLink = implode(' | ', $pagingLink); // return the page navigation link $pagingLink = $first . $prev . $pagingLink . $next . $last; } return $pagingLink; }
)" class="btn btn-primary btn-xs" ><span class="glyphicon glyphicon-floppy-open"></span></button>--> <button onClick="delete_linea(<?php echo $pd2['pedido_d_id']; ?> )" class="btn btn-danger btn-xs" ><span class="glyphicon glyphicon-trash"></span></button> </td> </tr> <?php } //fin del while de el detalle del pedido } //fin del if que checkea si existe detalle en el pedido $servicios = "SELECT a.codigo as codigo, pd.cantidad as cantidad, \n (SELECT inventario FROM articulo WHERE id=pd.articulo_id) as inventario_art,\n \n (SELECT nombre FROM variados WHERE tipo=2 AND id=a.uni_med) as uni_med, \n a.nombre as nombre,(SELECT nombre FROM marca where id = a.marca_id) as marca, \n pd.precio_local as precio_local, pd.total as total,\n (SELECT mayoreo FROM precio WHERE listado_precio_id=1 AND active = 1 AND articulo_id=pd.articulo_id) as mayoreo,\n (SELECT oferta FROM precio WHERE listado_precio_id=1 AND active = 1 AND articulo_id=pd.articulo_id) as oferta,\n (SELECT oferta_mayoreo FROM precio WHERE listado_precio_id=1 AND active = 1 AND articulo_id=pd.articulo_id) as oferta_mayoreo,\n (SELECT precio_local FROM precio WHERE listado_precio_id=1 AND active = 1 AND articulo_id=pd.articulo_id) as pl,\n pd.id as pedido_d_id,\n IFNULL((SELECT stock FROM inventario where active = 1 AND articulo_id=pd.articulo_id),0) as stock\n FROM pedido_d as pd, articulo as a\n WHERE pd.active = 1 AND pd.pedido_id={$id_pedido} AND pd.articulo_id = a.id \n having inventario_art = 0\n "; //echo $servicios; $servicios1 = dbQuery($servicios); $servicios_num = dbNumRows($servicios1); if ($servicios_num > 0) { $cont = 0; while ($pd2 = dbFetchAssoc($servicios1)) { if ($cont == 0) { //primer linea dividada x lineas punteadas para identificarlo del resto del detalle ?> <tr id= "linea_<?php echo $pd2['pedido_d_id']; ?> "> <td class="dashline"><?php echo '<small>' . $pd2['codigo'] . '</small>'; ?> </td>
<?php $content_tpl->set_block("F_CONTENT", "B_WARNING_NO_ACCESS", "H_WARNING_NO_ACCESS"); $content_tpl->set_block("F_CONTENT", "B_WARNING", "H_WARNING"); $content_tpl->set_block("F_CONTENT", "B_NO_PLAYED_MATCHES", "H_NO_PLAYED_MATCHES"); $content_tpl->set_block("F_CONTENT", "B_PLAYED_MATCH", "H_PLAYED_MATCH"); $content_tpl->set_block("F_CONTENT", "B_PLAYED_MATCHES", "H_PLAYED_MATCHES"); $content_tpl->set_block("F_CONTENT", "B_OVERVIEW_PLAYED_MATCHES", "H_OVERVIEW_PLAYED_MATCHES"); // Access for players only if ($user['usertype_player']) { $matches_ref = dbQuery("SELECT * FROM `{$cfg['db_table_prefix']}matches` " . "WHERE `id_season` = {$season['id']} " . "AND (`id_player1` = {$user['uid']} OR `id_player2` = {$user['uid']}) " . "AND `confirmed` <> '0000-00-00 00:00:00' " . "ORDER BY `confirmed` DESC"); if (dbNumRows($matches_ref) <= 0) { $content_tpl->parse("H_NO_PLAYED_MATCHES", "B_NO_PLAYED_MATCHES"); } else { $match_counter = 0; while ($matches_row = dbFetch($matches_ref)) { $content_tpl->set_var("I_MATCH_COUNTER", ++$match_counter); // Match if ($matches_row['id_player1'] > 0) { $users_ref = dbQuery("SELECT * FROM `{$cfg['db_table_prefix']}users` WHERE `id` = {$matches_row['id_player1']}"); $users_row = dbFetch($users_ref); $player1 = $users_row['username']; } else { $player1 = "-"; } $content_tpl->set_var("I_PLAYER1", htmlspecialchars($player1)); if ($matches_row['id_player2'] > 0) { $users_ref = dbQuery("SELECT * FROM `{$cfg['db_table_prefix']}users` WHERE `id` = {$matches_row['id_player2']}"); $users_row = dbFetch($users_ref); $player2 = $users_row['username']; } else {
$i .= "fecha_modifica = now(), "; $i .= "usuario_id = $usuario_id "; $i .= " WHERE articulo_id = $articulo AND active = 1"; //echo $i; $i1 = dbQuery($i); */ //aqui es salida ya que de la bodega "A" se pasa a la bodega "B" //SAL = SALIDA, MBD = Movimiento Bodegas $di = "INSERT INTO inventario_d ("; $di .= "articulo_id, bodega_id, tipo, cantidad, motivo, bodega_origen_id, bodega_destino_id, fecha_alta, usuario_id )"; $di .= " VALUES ({$articulo}, {$bodega},'SAL',{$cantidad},'MBD', {$bodega},{$bodega_destino},now(),{$usuario_id})"; dbQuery($di); //aqui es entrada ya que la bodega "B" recibe producto de la bodega "A" //SAL = SALIDA, MBD = Movimiento Bodegas $di = "INSERT INTO inventario_d ("; $di .= "articulo_id, bodega_id, tipo, cantidad, motivo, bodega_origen_id, bodega_destino_id, fecha_alta, usuario_id )"; $di .= " VALUES ({$articulo}, {$bodega_destino},'ENT',{$cantidad},'MBD', {$bodega},{$bodega_destino},now(),{$usuario_id})"; dbQuery($di); $r = "exito"; } } else { //INSERT $r = "fracaso"; } $q = "SELECT * FROM inventario WHERE articulo_id = {$articulo} AND active = 1"; $q1 = dbQuery($q); $q2 = dbNumRows($q1); $q3 = dbFetchAssoc($q1); echo $r . '|' . $q3['stock']; break; }
$content_tpl->set_block("F_CONTENT", "B_WARNING", "H_WARNING"); $content_tpl->set_block("F_CONTENT", "B_VIEW_NO_NEWS", "H_VIEW_NO_NEWS"); $content_tpl->set_block("F_CONTENT", "B_COMMENTS_LINK", "H_COMMENTS_LINK"); $content_tpl->set_block("F_CONTENT", "B_VIEW_NEWS", "H_VIEW_NEWS"); // Access for admins [private news] // Access for guests [public news] if ($user['usertype_admin'] or $_REQUEST['opt'] == 1) { $id_news_group = intval($_REQUEST['opt']); $news_ref = dbQuery("SELECT * FROM `{$cfg['db_table_prefix']}news` " . "WHERE `id_news_group` = {$id_news_group} " . "AND `id_season` = {$season['id']} AND `deleted` = 0 " . "ORDER BY `submitted` DESC"); if (dbNumRows($news_ref) <= 0) { $content_tpl->parse("H_VIEW_NO_NEWS", "B_VIEW_NO_NEWS"); } else { while ($news_row = dbFetch($news_ref)) { $users_ref = dbQuery("SELECT * FROM `{$cfg['db_table_prefix']}users` WHERE `id` = {$news_row['id_user']}"); $users_row = dbFetch($users_ref); $content_tpl->set_var("I_ID_NEWS", $news_row['id']); $content_tpl->set_var("I_USERNAME", htmlspecialchars($users_row['username'])); $content_tpl->set_var("I_HEADING", htmlspecialchars($news_row['heading'])); $content_tpl->set_var("I_BODY", Parsedown::instance()->text($news_row['body'])); $content_tpl->set_var("I_SUBMITTED", htmlspecialchars($news_row['submitted'])); $comments_ref = dbQuery("SELECT * FROM `{$cfg['db_table_prefix']}news_comments` WHERE `id_news` = {$news_row['id']}"); $content_tpl->set_var("I_NUM_COMMENTS", dbNumRows($comments_ref)); $content_tpl->set_var("I_ID_SEASON", $season['id']); $content_tpl->parse("H_COMMENTS_LINK", "B_COMMENTS_LINK"); $content_tpl->parse("H_VIEW_NEWS", "B_VIEW_NEWS", true); } } } else { $content_tpl->parse("H_WARNING_NO_ACCESS", "B_WARNING_NO_ACCESS"); $content_tpl->parse("H_WARNING", "B_WARNING"); }
for ($i = 0; $i < 5; $i++) { if ($i == 0) { $default = "Default"; } else { $default = ""; } echo "<tr>"; echo "<td class=\"pageTitleSub\">" . $default . " Product Image</td>"; echo "<td class=\"pageTitleSub\"><input name=\"image[" . $i . "]\" type=\"file\" class=\"textField-title\" id=\"image_" . $i . "\" /></td>"; echo "</tr>"; } ?> <? if($_GET['action'] == 'editproduct') { //check to see if an image already exists if so then we want to allow the user to view the image $imgCheck = dbQuery('SELECT * FROM store_products_images WHERE products_id = ' . $_GET['id']); if(dbNumRows($imgCheck)) { while($imgInfo = dbFetchArray($imgCheck)) { echo "<tr>"; echo "<td value=\"top\" class=\"pageTitleSub\">Image: <br /><span style=\"font-size:10px; font-weight:normal\">(click to enlarge)</a></td>"; echo "<td><a href=\"".STORE_IMAGE_URL . $imgInfo['products_images_filename']."\" target=\"_blank\" class=\"title\"><img src=\"".STORE_IMAGE_URL . getThumbnailFilename($imgInfo['products_images_filename'], 'thumb')."\" /><br /><a href=\"store.php?action=deleteproductimage&id=".$imgInfo['products_images_id']."&pid=".$_GET['id']."\">Delete</a></td>"; echo "</tr>"; } } } ?> <tr> <td class="pageTitleSub">Category</td> <td class="pageTitleSub"><select name="c" id="c" class="textField-title"> <?
<th style="width:5%">Cod</th> <th style="width:10%">Uni Med</th> <th style="width:35%">Nombre</th> <th style="width:10%">Marca</th> <th style="width:9%">Precio</th> <th style="width:9%">Mayoreo</th> <th style="width:9%">Oferta</th> <th style="width:13%"><small>Oferta Mayoreo</small></th> </tr> </thead> <tbody> <?php // echo $lp; $articulos_cambiar = ""; $a_tot = dbNumRows($lp1); if ($a_tot > 0) { $c = 0; while ($row = dbFetchAssoc($lp1)) { $costo_dolar = $row['costo_dolar'] == NULL ? '' : number_format($row['costo_dolar'], 4, '.', ''); $costo_local = $row['costo_local'] == NULL ? '' : number_format($row['costo_local'], 2, '.', ''); $precio_local = $row['precio_local'] == NULL ? '' : number_format($row['precio_local'], 2, '.', ''); $mayoreo = $row['mayoreo'] == NULL ? '' : number_format($row['mayoreo'], 2, '.', ''); $oferta = $row['oferta'] == NULL ? '' : number_format($row['oferta'], 2, '.', ''); $oferta_mayoreo = $row['oferta_mayoreo'] == NULL ? '' : number_format($row['oferta_mayoreo'], 2, '.', ''); $articulos_cambiar .= $row['id'] . '|'; ?> <tr id="linea_<?php echo $row['id']; ?>
function print_gallery_image_thumbs($galleryID, $display = "*", $type = "div") { $sql = 'SELECT * FROM gallery_images WHERE gallery_id = ' . $galleryID . ' AND gallery_image_featured = 0 ORDER BY gallery_image_sort_order'; $imgResults = dbQuery($sql); if (dbNumRows($imgResults)) { echo "<h1>Current Images</h1>\n"; if ($type == "ul") { echo "<ul>\n"; while ($img = dbFetchArray($imgResults)) { if ($img['gallery_image_featured'] == 1) { $featured = " featured"; } else { $featured = ""; } echo "<li class=\"sortableitem\"><a href=\"editimage.php?gallery=" . $galleryID . "&image_id=" . $img['gallery_image_id'] . "\" class=\"galleryThumb modal " . $featured . "\" ><img border=\"0\" src=\"" . UPLOAD_DIR_URL . getThumbnailFilename($img['gallery_image_filename'], 'thumb') . "\" class=\"gallery_img\" /></a></li>\n"; } echo "</ul>\n"; } if ($type == "div") { echo "<div id=\"gallery_current_images\" align=\"center\">"; $featuredResults = dbQuery('SELECT * FROM gallery_images WHERE gallery_id = ' . $galleryID . ' AND gallery_image_featured = 1 ORDER BY gallery_image_sort_order'); while ($feature = dbFetchArray($featuredResults)) { if ($feature['gallery_image_featured'] == 1) { $featured = " featured"; } else { $featured = ""; } echo "<div id=\"img_" . $img['gallery_image_id'] . "\" class=\"galeryImg featuredImg\">"; echo "<a href=\"editimage.php?gallery=" . $galleryID . "&image_id=" . $feature['gallery_image_id'] . "\" class=\"galleryThumbFeatured modal " . $featured . "\" title=\"" . $feature['gallery_image_caption'] . "\" ><img border=\"0\" src=\"" . UPLOAD_DIR_URL . getThumbnailFilename($feature['gallery_image_filename'], 'small') . "\" class=\"gallery_img_featured\" /><br><strong>Sort#:</strong>" . $feature['gallery_image_sort_order'] . "</a>"; echo "</div>\n"; } echo "<div class=\"clear\"></div>\n"; while ($img = dbFetchArray($imgResults)) { if ($img['gallery_image_featured'] == 1) { $featured = " featured"; } else { $featured = ""; } echo "<div id=\"img_" . $img['gallery_image_id'] . "\" class=\"galeryImg\">"; echo "<a href=\"editimage.php?gallery=" . $galleryID . "&image_id=" . $img['gallery_image_id'] . "\" class=\"galleryThumb modal " . $featured . "\" title=\"" . $img['gallery_image_caption'] . "\" ><img border=\"0\" src=\"" . UPLOAD_DIR_URL . getThumbnailFilename($img['gallery_image_filename'], 'thumb') . "\" class=\"gallery_img\" /><br><strong>Sort#:</strong>" . $img['gallery_image_sort_order'] . "</a>"; echo "</div>\n"; } echo "<div class=\"clear\"></div>\n"; echo "</div>"; } } }
// of the License, or (at your option) any later version. // // This program is distributed in the hope that it will be useful, // but WITHOUT ANY WARRANTY; without even the implied warranty of // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // GNU General Public License for more details. // // You should have received a copy of the GNU General Public License // along with this program; if not, write to the Free Software // Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. // if (!isset($_SESSION['user']['Username']) || !canEdit('System')) { die("Access denied. <a href=\"?view=login\">Login</a>"); } $query = "SELECT * FROM Groups"; if (dbNumRows($query) > 0) { $response = dbFetchAll($query); if (!$response) { die("ERROR: Failed to fetch preset list"); } foreach ($response as $row) { $presets[$row['Id']] = $row['Name']; } } else { $presets = null; } ?> <div id="user-list-panel" class="panel panel-primary"> <div class="panel-heading"> <h3 class="panel-title">User List</h3> </div>
function _deleteImage($productId) { // we will return the status // whether the image deleted successfully $deleted = false; $sql = "SELECT pd_image, pd_thumbnail \n\t FROM tbl_product\n\t\t\tWHERE pd_id = {$productId}"; $result = dbQuery($sql) or die('Cannot delete product image. ' . mysql_error()); if (dbNumRows($result)) { $row = dbFetchAssoc($result); extract($row); if ($pd_image && $pd_thumbnail) { // remove the image file $deleted = @unlink(SRV_ROOT . "images/product/{$pd_image}"); $deleted = @unlink(SRV_ROOT . "images/product/{$pd_thumbnail}"); } } return $deleted; }
function isCartEmpty() { $isEmpty = false; $sid = session_id(); $sql = "SELECT ct_id\n\t\t\tFROM tbl_cart ct\n\t\t\tWHERE ct_session_id = '{$sid}'"; $result = dbQuery($sql); if (dbNumRows($result) == 0) { $isEmpty = true; } return $isEmpty; }
?> </select></td> </tr> </table> <table width="100%" border="0" align="center" cellpadding="2" cellspacing="1" class="text"> <tr align="center" id="listTableHeader"> <td width="60">Order #</td> <td>Customer Name</td> <td width="60">Amount</td> <td width="150">Order Time</td> <td width="70">Status</td> </tr> <?php $parentId = 0; if (dbNumRows($result) > 0) { $i = 0; while ($row = dbFetchAssoc($result)) { extract($row); $name = $od_shipping_first_name . ' ' . $od_shipping_last_name; if ($i % 2) { $class = 'row1'; } else { $class = 'row2'; } $i += 1; ?> <tr class="<?php echo $class; ?> ">
header("Pragma: no-cache"); header("Content-type: text/html"); // Template files $main_tpl = new Template(); $main_tpl->set_file("F_INDEX", $cfg['index_template_file']); $main_tpl->set_block("F_INDEX", "B_SEASON_SELECTOR_OPTION", "H_SEASON_SELECTOR_OPTION"); $main_tpl->set_block("F_INDEX", "B_SEASON_SELECTOR_OPTION_SELECTED", "H_SEASON_SELECTOR_OPTION_SELECTED"); $main_tpl->set_block("F_INDEX", "B_SEASON_SELECTOR", "H_SEASON_SELECTOR"); $main_tpl->set_block("F_INDEX", "B_SIGNUP", "H_SIGNUP"); $main_tpl->set_block("F_INDEX", "B_ROOT_PANEL", "H_ROOT_PANEL"); $main_tpl->set_block("F_INDEX", "B_HEADADMIN_PANEL", "H_HEADADMIN_PANEL"); $main_tpl->set_block("F_INDEX", "B_ADMIN_PANEL", "H_ADMIN_PANEL"); $main_tpl->set_block("F_INDEX", "B_TOURNAMENT_PANEL", "H_TOURNAMENT_PANEL"); // Season dropdown-list $seasons_ref = dbQuery("SELECT * FROM `{$cfg['db_table_prefix']}seasons` " . "WHERE `deleted` = 0 ORDER BY `submitted` DESC"); if (dbNumRows($seasons_ref) > 0) { while ($seasons_row = dbFetch($seasons_ref)) { $main_tpl->set_var("I_ID_SEASON", $seasons_row['id']); $main_tpl->set_var("I_SEASON_NAME", $seasons_row['name']); if ($seasons_row['id'] != $season['id']) { $main_tpl->parse("H_SEASON_SELECTOR_OPTION", "B_SEASON_SELECTOR_OPTION", true); } else { $main_tpl->parse("H_SEASON_SELECTOR_OPTION", "B_SEASON_SELECTOR_OPTION_SELECTED", true); } } $main_tpl->parse("H_SEASON_SELECTOR", "B_SEASON_SELECTOR"); } // Default action, if none is set if (isset($season)) { if (!$_REQUEST['mod'] or !$_REQUEST['act']) { $_REQUEST['mod'] = "news";
$a = "SELECT id, codigo, codant, nombre,uni_med, \n\t\t\t\t(SELECT costo_local FROM precio WHERE articulo_id=articulo.id AND active = 1 AND listado_precio_id=1) as costo_local, \n\t\t\t\t(SELECT precio_local FROM precio WHERE articulo_id=articulo.id AND active = 1 AND listado_precio_id=1) as precio_local,\n\t\t\t\t(SELECT costo_dolar FROM precio WHERE articulo_id=articulo.id AND active = 1 AND listado_precio_id=1) as costo_dolar,\n\t\t\t\t(SELECT oferta_unidad FROM precio WHERE articulo_id=articulo.id AND active = 1 AND listado_precio_id=1) as oferta_unidad\n\t\t\t\tFROM articulo WHERE active = 1 AND categoria_id={$cat} AND scategoria_id={$scat}\n\t\t\t\t"; } else { if ($sscat == 0 && $scat == 0 && $cat != 0) { //echo "esntro asco 2"; $a = "SELECT id, codigo, codant, nombre,u9ni_med, \n\t\t\t\t(SELECT costo_local FROM precio WHERE articulo_id=articulo.id AND active = 1 AND listado_precio_id=1) as costo_local, \n\t\t\t\t(SELECT precio_local FROM precio WHERE articulo_id=articulo.id AND active = 1 AND listado_precio_id=1) as precio_local,\n\t\t\t\t(SELECT costo_dolar FROM precio WHERE articulo_id=articulo.id AND active = 1 AND listado_precio_id=1) as costo_dolar,\n\t\t\t\t(SELECT oferta_unidad FROM precio WHERE articulo_id=articulo.id AND active = 1 AND listado_precio_id=1) as oferta_unidad\n\t\t\t\tFROM articulo WHERE active = 1 AND categoria_id={$cat}\n\t\t\t\t"; } else { if ($sscat == 0 && $scat == 0 && $cat == 0) { $a = "SELECT id, codigo, codant, nombre,uni_med, \n\t\t\t\t (SELECT if (costo_local = NULL, 0.00, costo_local) FROM precio WHERE articulo_id=articulo.id AND active = 1 AND listado_precio_id=1) as costo_local, \n\t\t\t\t(SELECT precio_local FROM precio WHERE articulo_id=articulo.id AND active = 1 AND listado_precio_id=1) as precio_local,\n\t\t\t\t(SELECT costo_dolar FROM precio WHERE articulo_id=articulo.id AND active = 1 AND listado_precio_id=1) as costo_dolar,\n\t\t\t\t(SELECT oferta_unidad FROM precio WHERE articulo_id=articulo.id AND active = 1 AND listado_precio_id=1) as oferta_unidad\n\t\t\t\tFROM articulo WHERE active = 1\n\t\t\t\t"; } else { $a = ""; } } } echo $a; $a1 = dbQuery($a); $a_tot = dbNumRows($a1); $return = ""; $articulos_cambiar = ""; if ($a_tot > 0) { $c = 0; while ($row = dbFetchAssoc($a1)) { //$var = 5; //$var_is_greater_than_two = ($var > 2 ? true : false); // returns true $costo_local = $row['costo_local'] == NULL ? 0 : $row['costo_local']; $precio_local = $row['precio_local'] == NULL ? 0 : $row['precio_local']; $costo_dolar = $row['costo_dolar'] == NULL ? 0 : $row['costo_dolar']; $oferta_unidad = $row['oferta_unidad'] == NULL ? 0 : $row['oferta_unidad']; //if($row['costo_local']== NULL || $row['costo_local'] ==''){ $c++; $return .= "<tr>"; $return .= "<td class='col-md-0.5'>" . $row['codigo'] . "</td>";
<?php include 'application.php'; //what section switch ($_GET['load']) { case 'header': //get html for header =) $headeResults = dbQuery('SELECT email_templates_header FROM email_templates WHERE email_templates_id = ' . $_GET['id']); if (!dbNumRows($headeResults)) { echo "no Results!"; } $h = dbFetchArray($headeResults); echo html_entity_decode(output($h['email_templates_header'])); break; case 'footer': //get html for header =) $headeResults = dbQuery('SELECT email_templates_footer FROM email_templates WHERE email_templates_id = ' . $_GET['id']); $h = dbFetchArray($headeResults); echo html_entity_decode(output($h['email_templates_footer'])); break; case 'body': //get html for header =) $headeResults = dbQuery('SELECT email_templates_body FROM email_templates WHERE email_templates_id = ' . $_GET['id']); $h = dbFetchArray($headeResults); echo "<textarea name=\"emailTemplateBody\" id=\"mceEditor\">" . output($h['email_templates_body ']), "</textarea>\n"; break; }