public function removerTerreno($id_personagem, $id_cidade, $terreno)
{
$query = "\n UPDATE personagem_terreno SET\n terreno = terreno - " . do_escape($terreno) . "\n WHERE id_personagem = '" . do_escape($id_personagem) . "'\n AND id_cidade = '" . do_escape($id_cidade) . "'\n ";
do_update($query);
$query = "\n DELETE FROM personagem_terreno \n WHERE id_personagem = '" . do_escape($id_personagem) . "'\n AND id_cidade = '" . do_escape($id_cidade) . "'\n AND terreno <= 0\n ";
do_update($query);
}
function save_customerwork()
{
//cmd/save_customerwork.html
$customerdata = get_session('customerdata');
//customer data
if (!$customerdata) {
//not login
json_output('requireLogin');
return '';
}
//history
preg_match('#[^-]+$#', $_POST['history'], $r);
//final result
$history = array('customer_id' => $customerdata->id, 'company' => $_POST['company'], 'salary' => $_POST['sal'], 'save_history' => $_POST['history'], 'result' => $r[0], 'post_date' => date("Y-m-d"), 'post_time' => date('H:i:s a'), 'loan' => preg_replace('#\\.#', '', $_POST['loan']), 'note' => 'Mục đích sử dụng:' . PHP_EOL . $_POST['usedfor'] . PHP_EOL . ',Thời gian chúng tôi liên hệ:' . $_POST['contacttime']);
if (isset($_POST['modify'])) {
//update history
do_update($history, array('id' => $_POST['modify']), 'vcn_histories');
$hid = $_POST['modify'];
} else {
do_insert($history, 'vcn_histories');
$hid = mysql_insert_id();
//history id
}
//update histories1 that save answer text
$history_text = array();
//multi rows
$historyt = json_decode($_POST['historyt']);
//decode answers_text
foreach ($historyt as $answer_id => $text) {
$history_t = array('answer_id' => $answer_id, 'answer_text' => $text, 'hid' => $hid);
$history_text[] = $history_t;
if (isset($_POST['modify'])) {
//update single answer text
do_update($history_t, array('hid' => $_POST['modify']), 'vcn_histories1');
}
}
if (!isset($_POST['modify'])) {
do_insert($history_text, 'vcn_histories1');
}
json_output($hid);
//return new history
}
function show_level()
{
$title = "User Reputation Manager - Overview";
$html = "<p>On this page you can modify the minimum amount required for each reputation level. Make sure you press Update Minimum Levels to save your changes. You cannot set the same minimum amount to more than one level.<br />From here you can also choose to edit or remove any single level. Click the Edit link to modify the Level description (see Editing a Reputation Level) or click Remove to delete a level. If you remove a level or modify the minimum reputation needed to be at a level, all users will be updated to reflect their new level if necessary.</p><br />";
$query = sql_query('SELECT * FROM reputationlevel ORDER BY minimumreputation ASC');
if (!mysql_num_rows($query)) {
do_update('new');
return;
}
$css = "style='font-weight: bold;color: #ffffff;background-color: #0055A4;padding: 5px;'";
$html .= "<h2>User Reputation Manager</h2>";
$html .= "<p><span class='btn'><a href='reputation_ad.php?mode=list'>View comments</a></span></p><br />";
$html .= "<form action='reputation_ad.php' name='show_rep_form' method='post'>\r\n\t\t\t\t<input name='mode' value='doupdate' type='hidden' />";
$html .= "<table cellpadding='3px'><tr>\r\n\t\t<td width='5%' {$css}>ID</td>\r\n\t\t<td width='60%'{$css}>Reputation Level</td>\r\n\t\t<td width='20%' {$css}>Minimum Reputation Level</td>\r\n\t\t<td width='15%' {$css}>Controls</td></tr>";
while ($res = mysql_fetch_assoc($query)) {
$html .= "<tr>\n" . "\t<td>#" . $res['reputationlevelid'] . "</td>\n" . "\t<td>User <b>" . htmlentities($res['level']) . "</b></td>\n" . "\t<td align='center'><input type='text' name='reputation[" . $res['reputationlevelid'] . "]' value='" . $res['minimumreputation'] . "' size='12' /></td>\n" . "\t<td align='center'><span class='btn'><a href='reputation_ad.php?mode=edit&reputationlevelid=" . $res['reputationlevelid'] . "'>Edit</a></span> <span class='btn'><a href='reputation_ad.php?mode=dodelete&reputationlevelid=" . $res['reputationlevelid'] . "'>Delete</a></span></td>\n" . "</tr>\n";
}
$html .= "<tr><td colspan='3' align='center'>\r\n\t\t\t\t\t<input type='submit' value='Update' accesskey='s' class='btn' /> \r\n\t\t\t\t\t<input type='reset' value='Reset' accesskey='r' class='btn' /></td>\r\n\t\t\t\t\t<td align='center'><span class='btn'><a href='reputation_ad.php?mode=add'>Add New</a></span>\r\n\t\t\t\t\t</td></tr>";
$html .= "</table>";
$html .= "</form>";
html_out($html, $title);
}
private function falha($quest, $grupo, &$mensagem)
{
$regraPersonagem = new Personagem();
foreach ($grupo as $personagem) {
$regraPersonagem->gastarTurno($personagem->id_personagem, $quest->turno);
}
$query = "\n UPDATE quest SET\n cod_situacao = '" . QUEST_FALHA . "'\n WHERE id_quest = '" . do_escape($quest->id_quest) . "'\n ";
do_update($query);
}
public function setImagemBase64($imagem)
{
$query = "\n UPDATE jogador SET\n imagem = '" . do_escape($imagem) . "'\n WHERE id_jogador = '" . do_escape($this->id_jogador) . "'\n ";
do_update($query);
}
public static function inserir($feed)
{
$query = "\n INSERT INTO feed (\n id_jogador,\n cod_tipo,\n id_pai,\n id_arte,\n id_campanha,\n id_mapa,\n id_personagem,\n data_inclusao,\n ultima_alteracao,\n id_sessao,\n url,\n comentario\n ) VALUES (\n '" . do_escape(ID_JOGADOR) . "',\n '" . do_escape($feed->cod_tipo) . "',\n " . do_full_escape($feed->id_pai) . ",\n " . do_full_escape($feed->id_arte) . ",\n " . do_full_escape($feed->id_campanha) . ",\n " . do_full_escape($feed->id_mapa) . ",\n " . do_full_escape($feed->id_personagem) . ",\n NOW(),\n NOW(),\n " . do_full_escape($feed->id_sessao) . ",\n " . do_full_escape($feed->url) . ",\n " . do_full_escape($feed->comentario) . "\n )\n ";
$id_feed = do_insert($query);
if (!is_null($feed->id_pai) && $feed->id_pai > 0) {
$query = "\n UPDATE feed SET \n ultima_alteracao = NOW()\n WHERE id_feed = " . do_escape($feed->id_pai) . "\n ";
do_update($query);
}
return $id_feed;
}
$message .= "<form action='{$_CONF['site_admin_url']}/plugins.php' method='GET'><div>";
$message .= "<input type='hidden' name='pi_name' value='" . $pi_name . "'" . XHTML . ">";
$message .= "<input type='hidden' name='mode' value='delete'" . XHTML . ">";
$message .= "<input type='hidden' name='confirmed' value='1'" . XHTML . ">";
$message .= "<input type='hidden' name='" . CSRF_TOKEN . "' value='" . $token . "'" . XHTML . ">";
$message .= "<input type='submit' value='{$LANG32[25]}'" . XHTML . ">";
$message .= "</div></form><p>";
$display = plugin_main($message, $token);
}
} else {
$display = COM_refresh($_CONF['site_admin_url'] . '/plugins.php');
}
} elseif ($mode == 'updatethisplugin' && SEC_checkToken()) {
// update
$pi_name = COM_applyFilter($_GET['pi_name']);
$display .= do_update($pi_name);
} elseif ($mode == 'info_installed') {
$display .= COM_siteHeader('menu', $LANG32[13]);
$display .= plugin_info_installed(COM_applyFilter($_GET['pi_name']));
$display .= COM_siteFooter();
} elseif ($mode == 'info_uninstalled') {
$display .= COM_siteHeader('menu', $LANG32[13]);
$display .= plugin_info_uninstalled(COM_applyFilter($_GET['pi_name']));
$display .= COM_siteFooter();
} elseif ($mode == 'toggle') {
SEC_checkToken();
$pi_name = '';
if (!empty($_GET['pi_name'])) {
$pi_name = COM_applyFilter($_GET['pi_name']);
}
changePluginStatus($pi_name);
public function excluir($id_comentario)
{
$query = "\n UPDATE comentario SET\n cod_situacao = 0\n WHERE id_comentario = '" . do_escape($id_comentario) . "'\n ";
//echo $query;
//exit();
do_update($query);
}
function execute($vars, $auto_vars)
{
global $not_found;
$vars[$this->name . '-submitted'] = @$_REQUEST['_' . $this->name . '_submit'];
$updates = array();
if ($this->versioned) {
// check to see if any of the specified fields have actually changed
$new_vars = $vars;
$this->add_vars($vars, $new_vars);
if ($not_found) {
return false;
}
$changed = false;
foreach ($this->children as $child) {
if (is_a($child, 'File') and $child->size > 0) {
$changed = true;
//print "<!-- updating because FILE has changed -->\n";
} else {
if (is_a($child, 'Radio') and $child->value($vars) and $child->value($vars) != $new_vars[$child->name]) {
$changed = true;
//print "<!-- updating because radio " . $child->name . " has changed -->\n";
} else {
if (is_a($child, 'InputComponent') and $child->value($vars) != $new_vars[$child->name]) {
$changed = true;
//print "<!-- updating because " . $child->name . " has changed -->\n";
} else {
if (is_a($child, 'Auto') and $child->value($vars) != $new_vars[$child->name]) {
$changed = true;
//print "<!-- updating because " . $child->name . " has changed -->\n";
}
}
}
}
}
} else {
$dummy = array();
$this->add_vars($vars, $dummy);
if ($not_found) {
return false;
}
}
foreach ($this->children as $child) {
if (is_a($child, 'Auto')) {
$updates[$child->name] = $child->value($vars, $auto_vars);
} else {
if (is_a($child, 'File')) {
if (!$child->execute($vars, $auto_vars)) {
if ($child->required) {
return false;
}
} else {
$updates['-file'] = array('filename' => $child->filename, 'size' => $child->size, 'filetype' => $child->filetype, 'localpath' => $child->localpath);
}
} else {
if (is_a($child, 'Password')) {
$value = $child->value($vars);
if (!$value and $child->required) {
return false;
}
if ($value) {
$updates[$child->name] = $value;
}
// don't update the password if it isn't set
} else {
if (is_a($child, 'Radio')) {
$value = $child->value($vars);
if ($value !== NULL) {
$updates[$child->name] = $value;
}
// nb: we don't enforce required radio button here, only in input_check()
} else {
if (is_a($child, 'InputComponent')) {
$value = $child->value($vars);
if (!$value and $child->required) {
return false;
}
$updates[$child->name] = $value;
}
}
}
}
}
}
if (!$this->versioned or $changed) {
if (!do_update($updates, $this->name, $this->type, $vars)) {
return false;
}
// remove values from the $_REQUEST once they've been successfully updated
foreach ($this->children as $child) {
if (is_a($child, 'InputComponent')) {
$param_name = $this->name . '_' . $child->name;
unset($_REQUEST[$param_name]);
}
}
}
$this->add_vars($vars, $vars);
$rval = true;
foreach ($this->children as $child) {
if (is_a($child, 'Scope')) {
$rval = $rval and $child->execute($vars, $auto_vars);
}
}
return $rval;
}
public function alterar($usuario)
{
$usuario = $this->validar($usuario);
$query = "\n UPDATE usuario SET\n ultima_alteracao = NOW(),\n email = '" . do_escape($usuario->email) . "',\n nome = '" . do_escape($usuario->nome) . "',\n senha = '" . do_escape($usuario->senha) . "',\n WHERE id_usuario = '" . do_escape($usuario->id_usuario) . "',\n ";
do_update($query);
}
if (mysql_insert_id()) {
$answer['question'] = mysql_insert_id();
}
$answer['answer'] = _POST('answer-' . $i);
$answer['answer_link_question'] = _POST('link2q-answer-' . $i);
$answer['text2next_question'] = _POST('text2nextq-' . $i);
$answer['answer_object_type'] = _POST('answer-obj-type-' . $i) ? 1 : 0;
$answer['link_object_type'] = _POST('link-obj-type-' . $i) ? 1 : 0;
$answers[] = $answer;
//add to answers data
//update answer
if (_POST('modify') && is_numeric(_POST('modify'))) {
$answer['question'] = _POST('modify');
//qid
if (isset($answer_ids[$i])) {
do_update($answer, array('id' => $answer_ids[$i]), 'vcn_answers');
} else {
//new answer to be added
$new_answers[] = $answer;
}
}
}
if (count($new_answers) && _POST('modify') && is_numeric(_POST('modify'))) {
//new answers to be added
do_insert($new_answers, 'vcn_answers');
}
//add answers to question
if (!_POST('modify') || !is_numeric(_POST('modify'))) {
do_insert($answers, 'vcn_answers');
}
//delete answers
public function setSessao($id_sessao)
{
$query = "\n UPDATE personagem SET\n id_sessao = '" . do_escape($id_sessao) . "'\n WHERE id_personagem = '" . do_escape($this->id_personagem) . "'\n ";
do_update($query);
}
//case "add_new":
//do_insert_update(1);
//break;
case "add_item":
add_item();
break;
case "do_add_item":
do_update(1);
break;
case "del_item":
do_update(2);
break;
case "do_update":
do_update();
break;
case "do_rest_update":
do_update(3);
break;
case "edit":
do_insert_update(0);
break;
case "delete":
delete();
break;
case "do_delete":
do_delete();
break;
default:
search();
}
require_once "footer.php";
public function alterar($usuario)
{
$usuario = $this->validar($usuario);
$query = "\n UPDATE usuario SET\n ultima_alteracao = NOW(),\n email = '" . do_escape($usuario->email) . "',\n nome = '" . do_escape($usuario->nome) . "',\n cod_tipo = '" . do_escape($usuario->cod_tipo) . "',\n cod_situacao = '" . do_escape($usuario->cod_situacao) . "'\n ";
if (!isNullOrEmpty($usuario->senha)) {
$query .= ", senha = '" . do_escape($usuario->senha) . "' ";
}
$query .= " WHERE id_usuario = '" . do_escape($usuario->id_usuario) . "'";
do_update($query);
}
function update_customer($data)
{
if (!get_session('customerdata')) {
return;
}
//not login
$user = get_session('customerdata');
//customer
do_update($data, array('id' => $user->id), 'vcn_customers');
//update user
foreach ($data as $k => $v) {
$user->{$k} = $v;
//update item
}
set_session('customerdata', $user);
//update customer session
}
public static function alterarEstrutura()
{
static::regerarMapa();
$data = serialize(static::$mapa);
$query = "\n UPDATE mapa SET \n ultima_alteracao = NOW(),\n id_campanha = " . do_full_escape(static::$id_campanha) . ",\n nome = '" . do_escape(static::$nome) . "',\n margem_topo = '" . do_escape(static::getMarginTop()) . "',\n margem_esquerda = '" . do_escape(static::getMarginLeft()) . "',\n mapa_largura = '" . do_escape(static::getMapWidth()) . "',\n mapa_altura = '" . do_escape(static::getMapHeight()) . "',\n hex_largura = '" . do_escape(static::getHexWidth()) . "',\n hex_altura = '" . do_escape(static::getHexHeight()) . "',\n hex_lado = '" . do_escape(static::getHexSide()) . "',\n data = '" . do_escape($data) . "'\n WHERE id_mapa = '" . do_escape(static::getId()) . "'\n ";
do_update($query);
}
}
}
// Request : CREATE DIR
if (isset($_POST['mkdir']) && !empty($_POST['mkdir_name'])) {
mkdir($_POST['mkdirSelect'] . "/" . $_POST['mkdir_name'], 0777);
}
// Request : DO UPDATE
if (isset($_GET['do_update'])) {
// Force the MAJ with ?do_update&force_update
if (isset($_GET['force_update'])) {
$force = true;
} else {
$force = false;
}
// Execute update
do_update($force);
}
// Request : IGNORE UPDATE
if (isset($_GET['ignore_update'])) {
ignore_update($_GET['number']);
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta name="robots" content="noindex"/>
<title>CakeBox - <?php
echo $lang[LOCAL_LANG]['index_title'];
?>
</title>
public function excluir($id_pessoa)
{
$query = "\n UPDATE pessoa SET\n cod_situacao = '" . PESSOA_INATIVO . "'\n WHERE id_pessoa = '" . do_escape($id_pessoa) . "'\n ";
do_update($query);
}
private function removerMaterial($personagem, $materiais)
{
foreach ($materiais as $material => $quantidade) {
for ($i = 0; $i < $quantidade; $i++) {
$query = "\n UPDATE item SET\n quantidade = quantidade - " . do_escape($quantidade) . "\n WHERE id_personagem = '" . do_escape($personagem->id_personagem) . "'\n AND slug = '" . do_escape($material) . "'\n ";
do_update($query);
$query = "\n DELETE FROM item\n WHERE id_personagem = '" . do_escape($personagem->id_personagem) . "'\n AND slug = '" . do_escape($material) . "'\n AND quantidade <= 0\n ";
do_delete($query);
$query = "\n UPDATE item SET\n quantidade_venda = quantidade\n WHERE id_personagem = '" . do_escape($personagem->id_personagem) . "'\n AND slug = '" . do_escape($material) . "'\n AND quantidade >= quantidade_venda\n ";
do_update($query);
}
}
}
function show_level()
{
global $lang;
$title = $lang['rep_ad_show_title'];
$html = "<p>{$lang['rep_ad_show_html1']}<br />{$lang['rep_ad_show_html2']}</p><br />";
$query = sql_query('SELECT * FROM reputationlevel ORDER BY minimumreputation ASC');
if (!mysqli_num_rows($query)) {
do_update('new');
return;
}
$css = "style='font-weight: bold;color: #ffffff;background-color: #1E1E1E; padding: 5px;'";
$html .= "<div class='row'><div class='col-md-12'>";
$html .= "<h2>{$lang['rep_ad_show_head']}</h2>";
$html .= "<p><span class='btn'><a href='staffpanel.php?tool=reputation_ad&mode=list'>{$lang['rep_ad_show_comments']}</a></span></p><br />";
$html .= "<form action='staffpanel.php?tool=reputation_ad' name='show_rep_form' method='post'>\n\t\t\t\t<input name='mode' value='doupdate' type='hidden' />";
$html .= "<table class='table table-bordered'><tr>\n\t\t<td width='5%' {$css}>{$lang['rep_ad_show_id']}</td>\n\t\t<td width='60%'{$css}>{$lang['rep_ad_show_level']}</td>\n\t\t<td width='20%' {$css}>{$lang['rep_ad_show_min']}</td>\n\t\t<td width='15%' {$css}>{$lang['rep_ad_show_controls']}</td></tr>";
while ($res = mysqli_fetch_assoc($query)) {
$html .= "<tr>\n" . "\t<td>#" . $res['reputationlevelid'] . "</td>\n" . "\t<td>{$lang['rep_ad_show_user']} <b>" . htmlsafechars($res['level']) . "</b></td>\n" . "\t<td align='center'><input type='text' name='reputation[" . $res['reputationlevelid'] . "]' value='" . $res['minimumreputation'] . "' size='12' /></td>\n" . "\t<td align='center'><span class='btn'><a href='staffpanel.php?tool=reputation_ad&mode=edit&reputationlevelid=" . $res['reputationlevelid'] . "'>{$lang['rep_ad_show_edit']}</a></span> <span class='btn'><a href='staffpanel.php?tool=reputation_ad&mode=dodelete&reputationlevelid=" . $res['reputationlevelid'] . "'>{$lang['rep_ad_show_del']}</a></span></td>\n" . "</tr>\n";
}
$html .= "<tr><td colspan='3' align='center'>\n\t\t\t\t\t<input type='submit' value='{$lang['rep_ad_show_update']}' accesskey='s' class='btn' /> \n\t\t\t\t\t<input type='reset' value='{$lang['rep_ad_show_reset']}' accesskey='r' class='btn' /></td>\n\t\t\t\t\t<td align='center'><span class='btn'><a href='staffpanel.php?tool=reputation_ad&mode=add'>{$lang['rep_ad_show_add']}</a></span>\n\t\t\t\t\t</td></tr>";
$html .= "</table>";
$html .= "</form>";
$html .= "</div></div>";
html_out($html, $title);
}
public function alterar()
{
$query = "\n UPDATE arte SET \n cod_tipo = '" . do_escape($this->cod_tipo) . "',\n ultima_alteracao = NOW(),\n nome = '" . do_escape($this->nome) . "',\n autor = '" . do_escape($this->autor) . "',\n descricao = '" . do_escape($this->descricao) . "'\n WHERE id_arte = '" . do_escape($this->id_arte) . "'\n ";
do_update($query);
}
function __ac_desc_Update($object)
{
global $gbl, $sgbl, $login, $ghtml;
$subaction = $ghtml->frm_subaction;
$class = $ghtml->frm_o_cname;
$list = null;
if ($ghtml->frm_accountselect) {
$list = explode(",", $ghtml->frm_accountselect);
}
if (strtolower($ghtml->frm_change) === 'updateall') {
$selflist = $object->getSelfList();
foreach ($selflist as $l) {
do_update($l, $subaction, null);
}
}
if (!$class) {
$ret = do_update($object, $subaction, $list);
} else {
$desc = get_classvar_description($class);
if (csa($desc[0], "P")) {
//Special object... UPdation Happens only to the parent and not to the select ed children. Example is the ffile class...
$subaction = "{$class}_{$subaction}";
$ret = do_update($object, $subaction, $list);
} else {
if (!$list) {
print "List not set for Multiple Update <br> ";
exit;
}
foreach ($list as $l) {
$ob = $object->getFromList($class, $l);
$ret = do_update($ob, $subaction, null);
}
}
}
if (!isset($gbl->__this_redirect)) {
if ($ret) {
$gbl->__this_redirect = get_return_url("update") . "&frm_smessage=[b]{$subaction}[/b]+successfully+updated+for+{$object->nname}";
} else {
$gbl->__this_redirect = get_return_url("update");
}
}
return $ret;
}
public function viajar($id_personagem, $id_cidade)
{
$query = "\n SELECT\n id_cidade\n FROM personagem\n WHERE id_personagem = '" . do_escape($id_personagem) . "'\n ";
$cidadeAtual = get_value($query, 'id_cidade');
if ($cidadeAtual == $id_cidade) {
throw new Exception(_('You cant trip to the same feud.'));
}
$this->gastarTurno($id_personagem, 20);
$query = "\n UPDATE personagem SET\n id_cidade = '" . do_escape($id_cidade) . "'\n WHERE id_personagem = '" . do_escape($id_personagem) . "'\n ";
do_update($query);
}
private function verificar($id_construcao)
{
$construcao = $this->pegar($id_construcao);
$concluido = true;
foreach ($construcao->teste as $pericia) {
if (!($pericia->progresso >= 100)) {
$concluido = false;
break;
}
}
if ($concluido === true) {
foreach ($construcao->material as $material) {
if (!($pericia->progresso > 100)) {
$concluido = false;
break;
}
}
}
if ($concluido === true) {
$query = "\n UPDATE construcao SET\n cod_situacao = '" . do_escape(CONSTRUCAO_ATIVA) . "'\n WHERE id_construcao = '" . do_escape($id_construcao) . "'\n ";
do_update($query);
$query = "\n DELETE FROM construcao_material\n WHERE id_construcao = '" . do_escape($id_construcao) . "'\n ";
do_delete($query);
$query = "\n DELETE FROM construcao_pericia\n WHERE id_construcao = '" . do_escape($id_construcao) . "'\n ";
do_delete($query);
}
}
public function alterar($curso)
{
$curso = $this->validar($curso);
$query = "\n UPDATE curso SET\n ultima_alteracao = NOW(),\n nome = '" . do_escape($curso->nome) . "'\n WHERE id_curso = '" . do_escape($curso->id_curso) . "'\n ";
do_update($query);
}
public function finalizarTurno()
{
foreach (Mapa::listarPessoa() as $personagem) {
$personagem->executarGolpePendente();
}
$query = "\n UPDATE sessao SET\n ultimo_turno = NOW()\n WHERE id_sessao = '" . do_escape(static::idSessao()) . "'\n ";
do_update($query);
Mapa::escreverlog('Turno terminado!');
foreach (Mapa::listarPessoa() as $personagem) {
$personagem->continuarAcordado();
$personagem->ativarTurno();
if ($personagem->getAutomatico() && $personagem->getCodSituacao() == ATIVO) {
$personagem->autoplay();
}
}
//exit();
}
//no error
$output .= "\n <h1>{$lang_item_edit['search_items']}</h1>";
}
$output .= "\n </div>";
$action = isset($_GET['action']) ? $_GET['action'] : NULL;
switch ($action) {
case "search":
search();
break;
case "do_search":
do_search();
break;
case "add_new":
add_new();
break;
case "do_update":
do_update();
break;
case "edit":
edit();
break;
case "delete":
delete();
break;
case "do_delete":
do_delete();
break;
default:
search();
}
require_once "footer.php";
public function cancelar($id_movimento, $observacao)
{
$query = " \n UPDATE movimento SET\n ultima_alteracao = NOW(),\n data_pagamento = NULL,\n observacao = '" . do_escape($observacao) . "',\n cod_situacao = '" . do_escape(MOVIMENTO_CANCELADO) . "'\n WHERE id_movimento = '" . do_escape($id_movimento) . "'\n ";
do_update($query);
}
public function alterar()
{
$query = "\n UPDATE campanha SET \n ultima_alteracao = NOW(),\n nome = '" . do_escape($this->nome) . "',\n descricao = '" . do_escape($this->descricao) . "',\n limite_jogador = '" . do_escape($this->limite_jogador) . "',\n cod_situacao = '" . do_escape($this->cod_situacao) . "',\n aberta = '" . do_escape($this->aberta) . "'\n WHERE id_campanha = '" . do_escape($this->id_campanha) . "'\n ";
do_update($query);
}
$faq['answer'] = _POST('faq-answer-' . $i);
$faq['group_'] = _POST('group');
$faqs[] = $faq;
//add to faqs data
//update faq
if (_POST('modify') && is_numeric(_POST('modify'))) {
$faq['group_'] = _POST('modify');
if (isset($faq_ids[$i])) {
do_update($faq, array('id' => $faq_ids[$i]), 'vcn_faq');
} else {
//new faq to be added
$new_faqs[] = $faq;
}
}
}
do_update(array('has_faq' => '1'), array('id' => _POST('group')), 'vcn_data');
//turn on faq for this question
if (count($new_faqs) && _POST('modify') && is_numeric(_POST('modify'))) {
//new faq to be added when update
do_insert($new_faqs, 'vcn_faq');
}
//add faq
if (!_POST('modify') || !is_numeric(_POST('modify'))) {
do_insert($faqs, 'vcn_faq');
push_messages('Thêm faq thành công.');
} else {
push_messages('Cập nhật faq thành công.');
}
//delete answers
if (_POST('deletes')) {
do_delete(explode(',', trim(_POST('deletes'), ',')), 'vcn_faq', 'id');