function show_results($dbh, $user_input, $nbr_lignes = 0, $page = 0, $id = 0) { global $nb_per_page; global $base_url; global $caller; global $callback; global $msg; global $charset; global $no_display; // on récupére le nombre de lignes qui vont bien if (!$id) { if ($user_input == "") { $requete = "SELECT COUNT(1) FROM publishers where ed_id!='{$no_display}'"; } else { $aq = new analyse_query(stripslashes($user_input)); if ($aq->error) { error_message($msg["searcher_syntax_error"], sprintf($msg["searcher_syntax_error_desc"], $aq->current_car, $aq->input_html, $aq->error_message)); exit; } $requete = $aq->get_query_count("publishers", "ed_name", "index_publisher", "ed_id", "ed_id!='{$no_display}'"); } $res = mysql_query($requete, $dbh); $nbr_lignes = @mysql_result($res, 0, 0); } else { $nbr_lignes = 1; } if (!$page) { $page = 1; } $debut = ($page - 1) * $nb_per_page; if ($nbr_lignes) { // on construit la vraie requête if (!$id) { if ($user_input == "") { $requete = "SELECT * FROM publishers where ed_id!='{$no_display}' ORDER BY index_publisher LIMIT {$debut},{$nb_per_page} "; } else { $members = $aq->get_query_members("publishers", "ed_name", "index_publisher", "ed_id"); $requete = "select *," . $members["select"] . " as pert from publishers where " . $members["where"] . " and ed_id!='{$no_display}' group by ed_id order by pert desc,index_publisher limit {$debut},{$nb_per_page}"; } } else { $requete = "select * from publishers where ed_id='" . $id . "'"; } $res = @mysql_query($requete, $dbh); while ($ed = mysql_fetch_object($res)) { $editeur = new editeur($ed->ed_id); print pmb_bidi("\n \t\t\t\t<a href='#' onclick=\"set_parent('{$caller}', '{$ed->ed_id}', '" . htmlentities(addslashes($editeur->display), ENT_QUOTES, $charset) . "','{$callback}')\">" . htmlentities($editeur->display, ENT_QUOTES, $charset) . "</a><br />"); } mysql_free_result($res); // constitution des liens $nbepages = ceil($nbr_lignes / $nb_per_page); $suivante = $page + 1; $precedente = $page - 1; // affichage pagination print "<div class='row'> <hr /></div><div align='center'>"; $url_base = $base_url . "&user_input=" . rawurlencode(stripslashes($user_input)); $nav_bar = aff_pagination($url_base, $nbr_lignes, $nb_per_page, $page, 10, false, true); print $nav_bar; print "</div>"; } }
public function github() { //this function needs to be called wherever your redirect_uri goes to $is_authorized = $this->github->authorize(); //Login failed! if (!$is_authorized) { $this->session->set_flashdata('message', error_message($this->github->get_error())); redirect(base_url(), 'location'); } else { //show how to get access token from session here $github_user = $this->github->user(); $user = array('github_id' => $github_user->id, 'name' => $github_user->name, 'email' => $github_user->email, 'login' => $github_user->login, 'type' => $github_user->type, 'company' => $github_user->company, 'avatar_url' => $github_user->avatar_url, 'hireable' => $github_user->hireable, 'blog' => $github_user->blog, 'bio' => $github_user->bio, 'gravatar_id' => $github_user->gravatar_id, 'location' => $github_user->location, 'access_token' => $this->github->get_access_token()); // Checks to see if the user exists already // $this->load->model('users_model'); // $db_user = $this->users_model->get_user_by('github_id', $github_user->id); // If User exists update otherwise create a new record // if ($db_user) // { // $this->users_model->update($db_user->id, $user); // } // else // { // $this->users_model->create($user); // } // For the purpose of example, we store everything in the session instead of the database $this->session->set_userdata($user); $this->session->set_flashdata('message', 'Boom! You\'re logged in! Welcome.'); redirect('secure', 'location'); } }
/** * Get XML file object from hashed project file name * @param $fileHash: md5 hashed project name * $projectFile: project file name ( empty var passed by reference ) * @return XML project file object */ function get_XML_file($fileHash, &$projectFile) { try { $projects = scandir("../projects"); $projects = array_diff($projects, array('.', '..')); $userProject = $fileHash; $projectFile = null; foreach ($projects as $project) { if ($userProject == md5($project)) { $projectFile = $project; break; } } if (!$projectFile) { throw new RuntimeException('Project file not found.'); } // validate simpleXML extension enabled if (!function_exists(simpleXML_load_file)) { throw new RuntimeException('Please, enable simplexml extention in your php.ini configuration file.'); } // validate that the file is not corrupted @($xmlFile = simpleXML_load_file("../projects/{$projectFile}")); if (!$xmlFile) { throw new RuntimeException('Invalid axp file.'); } return $xmlFile; } catch (RuntimeException $e) { echo "<br>" . error_message($e->getMessage()); exit; } }
function show_results($dbh, $user_input, $nbr_lignes = 0, $page = 0, $id = 0) { global $nb_per_page; global $base_url; global $caller; global $msg; global $no_display; global $charset; // on récupére le nombre de lignes qui vont bien if ($user_input == "") { $requete = "SELECT COUNT(1) FROM notices where notice_id!='" . $no_display . "' and niveau_biblio='s' and niveau_hierar='1' "; } else { $aq = new analyse_query(stripslashes($user_input)); if ($aq->error) { error_message($msg["searcher_syntax_error"], sprintf($msg["searcher_syntax_error_desc"], $aq->current_car, $aq->input_html, $aq->error_message)); exit; } $members = $aq->get_query_members("notices", "index_wew", "index_sew", "notice_id"); $requete = "select count(notice_id) from notices where (" . $members["where"] . " or code like '" . stripslashes($user_input) . "') and notice_id!='" . $no_display . "' and niveau_biblio='s' and niveau_hierar='1'"; } $res = pmb_mysql_query($requete, $dbh); $nbr_lignes = @pmb_mysql_result($res, 0, 0); if (!$page) { $page = 1; } $debut = ($page - 1) * $nb_per_page; if ($nbr_lignes) { // on lance la vraie requête if ($user_input == "") { $requete = "SELECT notice_id, tit1, code FROM notices where notice_id!='" . $no_display . "' and niveau_biblio='s' and niveau_hierar='1' ORDER BY tit1, code LIMIT {$debut},{$nb_per_page} "; } else { $requete = "select notice_id, tit1, code, " . $members["select"] . " as pert from notices where (" . $members["where"] . " or code like '" . stripslashes($user_input) . "') and notice_id!='" . $no_display . "' and niveau_biblio='s' and niveau_hierar='1' group by notice_id order by pert desc, index_serie, tnvol, index_sew, code limit {$debut},{$nb_per_page}"; } $res = @pmb_mysql_query($requete, $dbh); print "<table><tr>"; while ($notice = pmb_mysql_fetch_object($res)) { $notice_entry = $notice->tit1 . " " . $notice->code; print "\n\t\t\t\t<tr>\n\t\t\t\t\t<td>\n\t\t\t\t\t\t<a href='#' onclick=\"set_parent('{$caller}', '{$notice->notice_id}', '" . htmlentities(addslashes($notice->tit1), ENT_QUOTES, $charset) . " ({$notice->code})')\">" . htmlentities($notice->tit1, ENT_QUOTES, $charset) . "</a></td>\n\t\t\t\t\t<td>{$notice->code}</td>"; print "</tr>"; } print "</table>"; pmb_mysql_free_result($res); // constitution des liens $nbepages = ceil($nbr_lignes / $nb_per_page); $suivante = $page + 1; $precedente = $page - 1; } // affichage de la pagination print "<div class='row'> <hr /></div><div align='center'>"; $url_base = $base_url . "&user_input=" . rawurlencode(stripslashes($user_input)); $nav_bar = aff_pagination($url_base, $nbr_lignes, $nb_per_page, $page, 10, false, true); print $nav_bar; print "</div>"; }
function open_file($dir, $fileName) { if (!$fileName) { error_message("Файл не выбран"); } $dirW = iconv('UTF-8', 'CP1251', $dir); $fileW = iconv('UTF-8', 'CP1251', $fileName); if (!is_file("{$dirW}/{$fileW}")) { error_message("Невозможно открыть файл {$fileName}"); } return htmlspecialchars(file_get_contents("{$dirW}/{$fileW}")); }
function gettemplate($template, $replace, $endung, $folder) { return; if (file_exists($folder . "/" . $template . "." . $endung)) { // Tag anpassen $replace = add_tag($replace); $templatecontent = strtr(implode("", file($folder . "/" . $template . "." . $endung)), $replace); } else { error_message("Template nicht gefunden: " . $folder . "/" . $template . "." . $endung); } return $templatecontent; }
function familyValues($arg) { $result = mysql_query("select familyvalues.description, toname,\n\t\tcharacterinfo.name \n\t\tfrom family, familyvalues, characterinfo \n\t\twhere family.name =\n\t\t'" . quote_smart($_REQUEST["name"]) . "' and \n\t\tfamily.description = familyvalues.id and\n\t\tcharacterinfo.name = family.toname", $arg) or error_message("Query failed : " . mysql_error()); printf("<B>Family Relations:</B><BR><UL>"); while ($myrow = mysql_fetch_array($result)) { if ($myrow[2] == null) { printf("<LI>%s of %s<BR>", $myrow[0], $myrow[1]); } else { printf("<LI>%s of <A\nHREF=\"/scripts/charactersheet.php?name=%s\">%s</A><BR>", $myrow[0], $myrow[1], $myrow[1]); } } printf("</UL>"); }
function pageAccess($roles, $allowed = array()) { foreach ($allowed as $key => $val) { if (in_array($val, $roles)) { $access_allowed = 1; } } if ($access_allowed != 1) { $errors[] = "You do not have sufficient permissions to access this page"; echo error_message($errors); exit; } }
public function get_data() { $ObjDb = new connect_db(); $ObjDb->db_connect(); $query = "SELECT site FROM {$this->site_tablename} WHERE user_id = '{$this->user_id}' GROUP BY site"; $result = mysql_query($query); if (!$result) { error_message(mysql_error()); } for ($i = 0; $i < mysql_num_rows($result); $i++) { $query_data = mysql_fetch_array($result); $site = $query_data['site']; //$SiteArray[] = iconv('windows-1251', 'utf-8', $site); $SiteArray[] = $site; } if (count($SiteArray) != 0) { $SiteArray = array_unique($SiteArray); $temp = $SiteArray; $SiteArray = array(); foreach ($temp as $value) { $SiteArray[] = $value; } unset($temp); } //----------------------поиск сайтов с неуказаными запросами в таблице if (count($SiteArray) != 0) { foreach ($SiteArray as $site) { //$site = iconv('utf-8', 'windows-1251', $site); $query = "SELECT keyword FROM {$this->site_tablename} WHERE user_id = '{$this->user_id}' AND site = '{$site}'"; $result = mysql_query($query); if (!$result) { error_message(mysql_error()); } for ($i = 0; $i < mysql_num_rows($result); $i++) { $query_data = mysql_fetch_array($result); $keyword = $query_data['keyword']; if ($keyword == null) { $keywordBool[] = 0; break; } else { $keywordBool[] = 1; $bool = 1; break; } } } } $data = array('sitearray' => $SiteArray, 'bool' => $bool, 'keywordbool' => $keywordBool, 'seacher' => $this->seacher); $ObjDb->db_close(); return $data; }
public function update($id, $cpm_quota) { try { $data = array("cpm_quota" => $cpm_quota, "update_user" => $this->session->userdata("username")); $this->db->where("id", $id); $query = $this->db->update("tbl_cpm", $data); if (!$query) { throw new Exception(); } return true; } catch (Exception $e) { $errNo = $this->db->_error_number(); //$errMsg = $this->db->_error_message(); return error_message($errNo); } }
function show_list_biblio() { global $dbh; global $msg; global $charset; //Récupération de l'utilisateur $requete_user = "******" . SESSlogin . "' limit 1 "; $res_user = pmb_mysql_query($requete_user, $dbh); $row_user = pmb_mysql_fetch_row($res_user); $user_userid = $row_user[0]; //Affichage de la liste des etablissements auxquels a acces l'utilisateur $aff = "<table>"; $q = entites::list_biblio($user_userid); $res = pmb_mysql_query($q, $dbh); $nbr = pmb_mysql_num_rows($res); if (!$nbr) { //Pas d'etablissements définis pour l'utilisateur $error = true; $error_msg .= htmlentities($msg["acquisition_err_coord"], ENT_QUOTES, $charset) . "<div class='row'></div>"; } if ($error) { error_message($msg[321], $error_msg . htmlentities($msg["acquisition_err_par"], ENT_QUOTES, $charset), '1', './admin.php?categ=acquisition'); die; } if ($nbr == '1') { $row = pmb_mysql_fetch_object($res); show_list_exer($row->id_entite); } else { $parity = 1; while ($row = pmb_mysql_fetch_object($res)) { if ($parity % 2) { $pair_impair = "even"; } else { $pair_impair = "odd"; } $parity += 1; $tr_javascript = " onmouseover=\"this.className='surbrillance'\" onmouseout=\"this.className='{$pair_impair}'\" onmousedown=\"document.location='./admin.php?categ=acquisition&sub=compta&action=list&ent={$row->id_entite}';\" "; $aff .= "<tr class='{$pair_impair}' {$tr_javascript} style='cursor: pointer'><td><i>{$row->raison_sociale}</i></td></tr>"; } $aff .= "</table>"; print $aff; } }
public function getAccess($level_id) { try { $this->db->select("a.access_data, b.menu, b.create, b.read, b.update, b.delete, b.progress"); $this->db->from("tbl_level a"); $this->db->join("tbl_level_access b", "a.id = b.level_id"); $this->db->where("a.id", $level_id); $this->db->where("a.active_status", "Y"); $query = $this->db->get(); if (!$query) { throw new Exception(); } $result = $query->result(); return $result; } catch (Exception $e) { $errNo = $this->db->_error_number(); //$errMsg = $this->db->_error_message(); return error_message($errNo); } }
public function update($username, $password, $name, $email) { try { if ($password == "false") { $data = array("name" => $name, "email" => $email, "update_user" => $this->session->userdata("username")); } else { $data = array("password" => md5($password), "name" => $name, "email" => $email, "update_user" => $this->session->userdata("username")); } $this->db->where("username", $username); $query = $this->db->update("tbl_user", $data); if (!$query) { throw new Exception(); } return true; } catch (Exception $e) { $errNo = $this->db->_error_number(); //$errMsg = $this->db->_error_message(); return error_message($errNo); } }
function Render() { global $Translation; $eo['silentErrors'] = true; $result = sql($this->Query . ' limit ' . datalist_auto_complete_size, $eo); if ($eo['error'] != '') { $this->HTML = error_message(htmlspecialchars($eo['error']) . "\n\n<!--\n{$Translation['query:']}\n {$this->Query}\n-->\n\n"); return; } $this->ItemCount = db_num_rows($result); $combo = new Combo(); $combo->Class = $this->Class; $combo->Style = $this->Style; $combo->SelectName = $this->SelectName; $combo->SelectedData = $this->SelectedData; $combo->SelectedText = $this->SelectedText; $combo->SelectedClass = 'SelectedOption'; $combo->ListType = $this->ListType; $combo->ListBoxHeight = $this->ListBoxHeight; $combo->RadiosPerLine = $this->RadiosPerLine; $combo->AllowNull = $this->ListType == 2 ? 0 : $this->AllowNull; while ($row = db_fetch_row($result)) { $combo->ListData[] = htmlspecialchars($row[0], ENT_QUOTES, 'iso-8859-1'); $combo->ListItem[] = $row[1]; } $combo->Render(); $this->MatchText = $combo->MatchText; $this->SelectedText = $combo->SelectedText; $this->SelectedData = $combo->SelectedData; if ($this->ListType == 2) { $rnd = rand(100, 999); $SelectedID = htmlspecialchars(urlencode($this->SelectedData)); $pt_perm = getTablePermissions($this->parent_table); if ($pt_perm['view'] || $pt_perm['edit']) { $this->HTML = str_replace(">{$this->MatchText}</label>", ">{$this->MatchText}</label> <button type=\"button\" class=\"btn btn-default view_parent hspacer-lg\" id=\"{$this->parent_table}_view_parent\" title=" . htmlspecialchars($Translation['View']) . "><i class=\"glyphicon glyphicon-eye-open\"></i></button>", $combo->HTML); } $this->HTML = str_replace(' type="radio" ', ' type="radio" onclick="' . $this->SelectName . '_changed();" ', $this->HTML); } else { $this->HTML = $combo->HTML; } }
function register($username, $password, $confirm) { if (empty($username)) { return error_message(E_REGISTER, E_NO_USERNAME); } if (empty($password)) { return error_message(E_REGISTER, E_NO_PASSWORD); } if (empty($confirm)) { return error_message(E_REGISTER, E_NO_CONFIRM); } if ($password !== $confirm) { return error_message(E_REGISTER, 'Mismatch'); } $user = look_up_key_value($username, USER_ACCOUNT_FILE); if (!empty($user)) { return error_message(E_REGISTER, E_ACCOUNT_EXISTS); } add_key_value($username, [$username, password_hash($password, PASSWORD_DEFAULT)], USER_ACCOUNT_FILE); set_user($username); return ''; }
function Render() { global $Translation; $eo['silentErrors'] = true; $result = sql($this->Query . ' limit ' . datalist_auto_complete_size, $eo); if ($eo['error'] != '') { $this->HTML = error_message(htmlspecialchars($eo['error']) . "\n\n<!--\n{$Translation['query:']}\n {$this->Query}\n-->\n\n"); return; } $this->ItemCount = db_num_rows($result); $combo = new Combo(); $combo->Class = $this->Class; $combo->Style = $this->Style; $combo->SelectName = $this->SelectName; $combo->SelectedData = $this->SelectedData; $combo->SelectedText = $this->SelectedText; $combo->SelectedClass = 'SelectedOption'; $combo->ListType = $this->ListType; $combo->ListBoxHeight = $this->ListBoxHeight; $combo->RadiosPerLine = $this->RadiosPerLine; $combo->AllowNull = $this->ListType == 2 ? 0 : $this->AllowNull; while ($row = db_fetch_row($result)) { $combo->ListData[] = htmlspecialchars($row[0], ENT_QUOTES); $combo->ListItem[] = $row[1]; } $combo->Render(); $this->MatchText = $combo->MatchText; $this->SelectedText = $combo->SelectedText; $this->SelectedData = $combo->SelectedData; if ($this->ListType == 2) { $rnd = rand(100, 999); $SelectedID = htmlspecialchars(urlencode($this->SelectedData)); $this->HTML = str_replace(">{$this->MatchText}</label>", ">{$this->MatchText}</label> <span id=\"{$this->parent_table}_plink{$rnd}\"><a href=\"{$this->parent_table}_view.php?SelectedID={$SelectedID}\" class=\"btn btn-default btn-sm\"><i class=\"glyphicon glyphicon-search\"></i></a></span>", $combo->HTML); $this->HTML = str_replace(' type="radio" ', ' type="radio" onclick="' . $this->SelectName . '_changed();" ', $this->HTML); } else { $this->HTML = $combo->HTML; } }
function my_mail($mail_parts) { $mail_to = $mail_parts["mail_to"]; $mail_from = $mail_parts["mail_from"]; $mail_reply_to = $mail_parts["mail_reply_to"]; $mail_cc = $mail_parts["mail_cc"]; $mail_bcc = $mail_parts["mail_bcc"]; $mail_subject = $mail_parts["mail_subject"]; $mail_body = $mail_parts["mail_body"]; if (empty($mail_to)) { error_message("Empty To field!"); } if (empty($mail_subject)) { error_message("Empty Subject field!"); } if (empty($mail_body)) { error_message("Empty Body!"); } $mail_to = str_replace(";", ",", $mail_to); $mail_headers = ' '; if (!empty($mail_from)) { $mail_headers .= "From: {$mail_from}\n"; } if (!empty($mail_reply_to)) { $mail_headers .= "Reply_to: {$mail_reply_to}\n"; } if (!empty($mail_cc)) { $mail_headers .= "Cc: " . str_replace(";", ",", $mail_cc) . "\n"; } if (!empty($mail_bcc)) { $mail_headers .= "Bcc: " . str_replace(";", ",", $mail_bcc) . "\n"; } $mail_subject = stripslashes($mail_subject); $mail_body = stripslashes($mail_body); return mail($mail_to, $mail_subject, $mail_body); }
case 'modif': if ($id != "") { $requete = "SELECT archempla_libelle FROM arch_emplacement WHERE archempla_id={$id} "; $res = mysql_query($requete, $dbh); if (mysql_num_rows($res)) { $row = mysql_fetch_object($res); emplacement_form($row->archempla_libelle, $id); } else { show_emplacement($dbh); } } else { show_emplacement($dbh); } break; case 'del': if ($id != "") { $total = 0; $total = mysql_num_rows(mysql_query("select 1 from collections_state where collstate_emplacement='" . $id . "' limit 0,1", $dbh)); if ($total == 0) { $requete = "DELETE FROM arch_emplacement WHERE archempla_id={$id} "; $res = mysql_query($requete, $dbh); show_emplacement($dbh); } else { error_message($msg[294], $msg["collstate_emplacement_used"], 1, 'admin.php?categ=collstate&sub=emplacement&action='); } } break; default: show_emplacement($dbh); break; }
function customers_form($selected_id = '', $AllowUpdate = 1, $AllowInsert = 1, $AllowDelete = 1, $ShowCancel = 0) { // function to return an editable form for a table records // and fill it with data of record whose ID is $selected_id. If $selected_id // is empty, an empty form is shown, with only an 'Add New' // button displayed. global $Translation; // mm: get table permissions $arrPerm = getTablePermissions('customers'); if (!$arrPerm[1] && $selected_id == '') { return ''; } $AllowInsert = $arrPerm[1] ? true : false; // print preview? $dvprint = false; if ($selected_id && $_REQUEST['dvprint_x'] != '') { $dvprint = true; } // populate filterers, starting from children to grand-parents // unique random identifier $rnd1 = $dvprint ? rand(1000000, 9999999) : ''; // combobox: Country $combo_Country = new Combo(); $combo_Country->ListType = 0; $combo_Country->MultipleSeparator = ', '; $combo_Country->ListBoxHeight = 10; $combo_Country->RadiosPerLine = 1; if (is_file(dirname(__FILE__) . '/hooks/customers.Country.csv')) { $Country_data = addslashes(implode('', @file(dirname(__FILE__) . '/hooks/customers.Country.csv'))); $combo_Country->ListItem = explode('||', entitiesToUTF8(convertLegacyOptions($Country_data))); $combo_Country->ListData = $combo_Country->ListItem; } else { $combo_Country->ListItem = explode('||', entitiesToUTF8(convertLegacyOptions("Afghanistan;;Albania;;Algeria;;American Samoa;;Andorra;;Angola;;Anguilla;;Antarctica;;Antigua, Barbuda;;Argentina;;Armenia;;Aruba;;Australia;;Austria;;Azerbaijan;;Bahamas;;Bahrain;;Bangladesh;;Barbados;;Belarus;;Belgium;;Belize;;Benin;;Bermuda;;Bhutan;;Bolivia;;Bosnia, Herzegovina;;Botswana;;Bouvet Is.;;Brazil;;Brunei Darussalam;;Bulgaria;;Burkina Faso;;Burundi;;Cambodia;;Cameroon;;Canada;;Canary Is.;;Cape Verde;;Cayman Is.;;Central African Rep.;;Chad;;Channel Islands;;Chile;;China;;Christmas Is.;;Cocos Is.;;Colombia;;Comoros;;Congo, D.R. Of;;Congo;;Cook Is.;;Costa Rica;;Croatia;;Cuba;;Cyprus;;Czech Republic;;Denmark;;Djibouti;;Dominica;;Dominican Republic;;Ecuador;;Egypt;;El Salvador;;Equatorial Guinea;;Eritrea;;Estonia;;Ethiopia;;Falkland Is.;;Faroe Is.;;Fiji;;Finland;;France;;French Guiana;;French Polynesia;;French Territories;;Gabon;;Gambia;;Georgia;;Germany;;Ghana;;Gibraltar;;Greece;;Greenland;;Grenada;;Guadeloupe;;Guam;;Guatemala;;Guernsey;;Guinea-bissau;;Guinea;;Guyana;;Haiti;;Heard, Mcdonald Is.;;Honduras;;Hong Kong;;Hungary;;Iceland;;India;;Indonesia;;Iran;;Iraq;;Ireland;;Israel;;Italy;;Ivory Coast;;Jamaica;;Japan;;Jersey;;Jordan;;Kazakhstan;;Kenya;;Kiribati;;Korea, D.P.R Of;;Korea, Rep. Of;;Kuwait;;Kyrgyzstan;;Lao Peoples D.R.;;Latvia;;Lebanon;;Lesotho;;Liberia;;Libyan Arab Jamahiriya;;Liechtenstein;;Lithuania;;Luxembourg;;Macao;;Macedonia, F.Y.R Of;;Madagascar;;Malawi;;Malaysia;;Maldives;;Mali;;Malta;;Mariana Islands;;Marshall Islands;;Martinique;;Mauritania;;Mauritius;;Mayotte;;Mexico;;Micronesia;;Moldova;;Monaco;;Mongolia;;Montserrat;;Morocco;;Mozambique;;Myanmar;;Namibia;;Nauru;;Nepal;;Netherlands Antilles;;Netherlands;;New Caledonia;;New Zealand;;Nicaragua;;Niger;;Nigeria;;Niue;;Norfolk Island;;Norway;;Oman;;Pakistan;;Palau;;Palestinian Terr.;;Panama;;Papua New Guinea;;Paraguay;;Peru;;Philippines;;Pitcairn;;Poland;;Portugal;;Puerto Rico;;Qatar;;Reunion;;Romania;;Russian Federation;;Rwanda;;Samoa;;San Marino;;Sao Tome, Principe;;Saudi Arabia;;Senegal;;Seychelles;;Sierra Leone;;Singapore;;Slovakia;;Slovenia;;Solomon Is.;;Somalia;;South Africa;;South Georgia;;South Sandwich Is.;;Spain;;Sri Lanka;;St. Helena;;St. Kitts, Nevis;;St. Lucia;;St. Pierre, Miquelon;;St. Vincent, Grenadines;;Sudan;;Suriname;;Svalbard, Jan Mayen;;Swaziland;;Sweden;;Switzerland;;Syrian Arab Republic;;Taiwan;;Tajikistan;;Tanzania;;Thailand;;Timor-leste;;Togo;;Tokelau;;Tonga;;Trinidad, Tobago;;Tunisia;;Turkey;;Turkmenistan;;Turks, Caicoss;;Tuvalu;;Uganda;;Ukraine;;United Arab Emirates;;United Kingdom;;United States;;Uruguay;;Uzbekistan;;Vanuatu;;Vatican City;;Venezuela;;Viet Nam;;Virgin Is. British;;Virgin Is. U.S.;;Wallis, Futuna;;Western Sahara;;Yemen;;Yugoslavia;;Zambia;;Zimbabwe"))); $combo_Country->ListData = $combo_Country->ListItem; } $combo_Country->SelectName = 'Country'; if ($selected_id) { // mm: check member permissions if (!$arrPerm[2]) { return ""; } // mm: who is the owner? $ownerGroupID = sqlValue("select groupID from membership_userrecords where tableName='customers' and pkValue='" . makeSafe($selected_id) . "'"); $ownerMemberID = sqlValue("select lcase(memberID) from membership_userrecords where tableName='customers' and pkValue='" . makeSafe($selected_id) . "'"); if ($arrPerm[2] == 1 && getLoggedMemberID() != $ownerMemberID) { return ""; } if ($arrPerm[2] == 2 && getLoggedGroupID() != $ownerGroupID) { return ""; } // can edit? if ($arrPerm[3] == 1 && $ownerMemberID == getLoggedMemberID() || $arrPerm[3] == 2 && $ownerGroupID == getLoggedGroupID() || $arrPerm[3] == 3) { $AllowUpdate = 1; } else { $AllowUpdate = 0; } $res = sql("select * from `customers` where `CustomerID`='" . makeSafe($selected_id) . "'", $eo); if (!($row = db_fetch_array($res))) { return error_message($Translation['No records found']); } $urow = $row; /* unsanitized data */ $hc = new CI_Input(); $row = $hc->xss_clean($row); /* sanitize data */ $combo_Country->SelectedData = $row['Country']; } else { $combo_Country->SelectedText = $_REQUEST['FilterField'][1] == '9' && $_REQUEST['FilterOperator'][1] == '<=>' ? get_magic_quotes_gpc() ? stripslashes($_REQUEST['FilterValue'][1]) : $_REQUEST['FilterValue'][1] : ""; } $combo_Country->Render(); // code for template based detail view forms // open the detail view template if ($dvprint) { $templateCode = @file_get_contents('./templates/customers_templateDVP.html'); } else { $templateCode = @file_get_contents('./templates/customers_templateDV.html'); } // process form title $templateCode = str_replace('<%%DETAIL_VIEW_TITLE%%>', 'Detail View', $templateCode); $templateCode = str_replace('<%%RND1%%>', $rnd1, $templateCode); $templateCode = str_replace('<%%EMBEDDED%%>', $_REQUEST['Embedded'] ? 'Embedded=1' : '', $templateCode); // process buttons if ($arrPerm[1] && !$selected_id) { // allow insert and no record selected? if (!$selected_id) { $templateCode = str_replace('<%%INSERT_BUTTON%%>', '<button type="submit" class="btn btn-success" id="insert" name="insert_x" value="1" onclick="return customers_validateData();"><i class="glyphicon glyphicon-plus-sign"></i> ' . $Translation['Save New'] . '</button>', $templateCode); } $templateCode = str_replace('<%%INSERT_BUTTON%%>', '<button type="submit" class="btn btn-default" id="insert" name="insert_x" value="1" onclick="return customers_validateData();"><i class="glyphicon glyphicon-plus-sign"></i> ' . $Translation['Save As Copy'] . '</button>', $templateCode); } else { $templateCode = str_replace('<%%INSERT_BUTTON%%>', '', $templateCode); } // 'Back' button action if ($_REQUEST['Embedded']) { $backAction = 'window.parent.jQuery(\'.modal\').modal(\'hide\'); return false;'; } else { $backAction = '$$(\'form\')[0].writeAttribute(\'novalidate\', \'novalidate\'); document.myform.reset(); return true;'; } if ($selected_id) { if (!$_REQUEST['Embedded']) { $templateCode = str_replace('<%%DVPRINT_BUTTON%%>', '<button type="submit" class="btn btn-default" id="dvprint" name="dvprint_x" value="1" onclick="$$(\'form\')[0].writeAttribute(\'novalidate\', \'novalidate\'); document.myform.reset(); return true;"><i class="glyphicon glyphicon-print"></i> ' . $Translation['Print Preview'] . '</button>', $templateCode); } if ($AllowUpdate) { $templateCode = str_replace('<%%UPDATE_BUTTON%%>', '<button type="submit" class="btn btn-success btn-lg" id="update" name="update_x" value="1" onclick="return customers_validateData();"><i class="glyphicon glyphicon-ok"></i> ' . $Translation['Save Changes'] . '</button>', $templateCode); } else { $templateCode = str_replace('<%%UPDATE_BUTTON%%>', '', $templateCode); } if ($arrPerm[4] == 1 && $ownerMemberID == getLoggedMemberID() || $arrPerm[4] == 2 && $ownerGroupID == getLoggedGroupID() || $arrPerm[4] == 3) { // allow delete? $templateCode = str_replace('<%%DELETE_BUTTON%%>', '<button type="submit" class="btn btn-danger" id="delete" name="delete_x" value="1" onclick="return confirm(\'' . $Translation['are you sure?'] . '\');"><i class="glyphicon glyphicon-trash"></i> ' . $Translation['Delete'] . '</button>', $templateCode); } else { $templateCode = str_replace('<%%DELETE_BUTTON%%>', '', $templateCode); } $templateCode = str_replace('<%%DESELECT_BUTTON%%>', '<button type="submit" class="btn btn-default" id="deselect" name="deselect_x" value="1" onclick="' . $backAction . '"><i class="glyphicon glyphicon-chevron-left"></i> ' . $Translation['Back'] . '</button>', $templateCode); } else { $templateCode = str_replace('<%%UPDATE_BUTTON%%>', '', $templateCode); $templateCode = str_replace('<%%DELETE_BUTTON%%>', '', $templateCode); $templateCode = str_replace('<%%DESELECT_BUTTON%%>', $ShowCancel ? '<button type="submit" class="btn btn-default" id="deselect" name="deselect_x" value="1" onclick="' . $backAction . '"><i class="glyphicon glyphicon-chevron-left"></i> ' . $Translation['Back'] . '</button>' : '', $templateCode); } // set records to read only if user can't insert new records and can't edit current record if ($selected_id && !$AllowUpdate || !$selected_id && !$AllowInsert) { $jsReadOnly .= "\tjQuery('#CustomerID').replaceWith('<div class=\"form-control-static\" id=\"CustomerID\">' + (jQuery('#CustomerID').val() || '') + '</div>');\n"; $jsReadOnly .= "\tjQuery('#CompanyName').replaceWith('<div class=\"form-control-static\" id=\"CompanyName\">' + (jQuery('#CompanyName').val() || '') + '</div>');\n"; $jsReadOnly .= "\tjQuery('#ContactName').replaceWith('<div class=\"form-control-static\" id=\"ContactName\">' + (jQuery('#ContactName').val() || '') + '</div>');\n"; $jsReadOnly .= "\tjQuery('#ContactTitle').replaceWith('<div class=\"form-control-static\" id=\"ContactTitle\">' + (jQuery('#ContactTitle').val() || '') + '</div>');\n"; $jsReadOnly .= "\tjQuery('#Address').replaceWith('<div class=\"form-control-static\" id=\"Address\">' + (jQuery('#Address').val() || '') + '</div>');\n"; $jsReadOnly .= "\tjQuery('#City').replaceWith('<div class=\"form-control-static\" id=\"City\">' + (jQuery('#City').val() || '') + '</div>');\n"; $jsReadOnly .= "\tjQuery('#Region').replaceWith('<div class=\"form-control-static\" id=\"Region\">' + (jQuery('#Region').val() || '') + '</div>');\n"; $jsReadOnly .= "\tjQuery('#PostalCode').replaceWith('<div class=\"form-control-static\" id=\"PostalCode\">' + (jQuery('#PostalCode').val() || '') + '</div>');\n"; $jsReadOnly .= "\tjQuery('#Country').replaceWith('<div class=\"form-control-static\" id=\"Country\">' + (jQuery('#Country').val() || '') + '</div>'); jQuery('#Country-multi-selection-help').hide();\n"; $jsReadOnly .= "\tjQuery('#Phone').replaceWith('<div class=\"form-control-static\" id=\"Phone\">' + (jQuery('#Phone').val() || '') + '</div>');\n"; $jsReadOnly .= "\tjQuery('#Fax').replaceWith('<div class=\"form-control-static\" id=\"Fax\">' + (jQuery('#Fax').val() || '') + '</div>');\n"; $jsReadOnly .= "\tjQuery('.select2-container').hide();\n"; $noUploads = true; } elseif ($AllowInsert && !$selected_id || $AllowUpdate && $selected_id) { $jsEditable .= "\tjQuery('form').eq(0).data('already_changed', true);"; // temporarily disable form change handler $jsEditable .= "\tjQuery('form').eq(0).data('already_changed', false);"; // re-enable form change handler } // process combos $templateCode = str_replace('<%%COMBO(Country)%%>', $combo_Country->HTML, $templateCode); $templateCode = str_replace('<%%COMBOTEXT(Country)%%>', $combo_Country->SelectedData, $templateCode); /* lookup fields array: 'lookup field name' => array('parent table name', 'lookup field caption') */ $lookup_fields = array(); foreach ($lookup_fields as $luf => $ptfc) { $pt_perm = getTablePermissions($ptfc[0]); // process foreign key links if ($pt_perm['view'] || $pt_perm['edit']) { $templateCode = str_replace("<%%PLINK({$luf})%%>", '<button type="button" class="btn btn-default view_parent hspacer-lg" id="' . $ptfc[0] . '_view_parent" title="' . htmlspecialchars($Translation['View'] . ' ' . $ptfc[1], ENT_QUOTES, 'iso-8859-1') . '"><i class="glyphicon glyphicon-eye-open"></i></button>', $templateCode); } // if user has insert permission to parent table of a lookup field, put an add new button if ($pt_perm['insert'] && !$_REQUEST['Embedded']) { $templateCode = str_replace("<%%ADDNEW({$ptfc[0]})%%>", '<button type="button" class="btn btn-success add_new_parent" id="' . $ptfc[0] . '_add_new" title="' . htmlspecialchars($Translation['Add New'] . ' ' . $ptfc[1], ENT_QUOTES, 'iso-8859-1') . '"><i class="glyphicon glyphicon-plus-sign"></i></button>', $templateCode); } } // process images $templateCode = str_replace('<%%UPLOADFILE(CustomerID)%%>', '', $templateCode); $templateCode = str_replace('<%%UPLOADFILE(CompanyName)%%>', '', $templateCode); $templateCode = str_replace('<%%UPLOADFILE(ContactName)%%>', '', $templateCode); $templateCode = str_replace('<%%UPLOADFILE(ContactTitle)%%>', '', $templateCode); $templateCode = str_replace('<%%UPLOADFILE(Address)%%>', '', $templateCode); $templateCode = str_replace('<%%UPLOADFILE(City)%%>', '', $templateCode); $templateCode = str_replace('<%%UPLOADFILE(Region)%%>', '', $templateCode); $templateCode = str_replace('<%%UPLOADFILE(PostalCode)%%>', '', $templateCode); $templateCode = str_replace('<%%UPLOADFILE(Country)%%>', '', $templateCode); $templateCode = str_replace('<%%UPLOADFILE(Phone)%%>', '', $templateCode); $templateCode = str_replace('<%%UPLOADFILE(Fax)%%>', '', $templateCode); // process values if ($selected_id) { $templateCode = str_replace('<%%VALUE(CustomerID)%%>', htmlspecialchars($row['CustomerID'], ENT_QUOTES, 'iso-8859-1'), $templateCode); $templateCode = str_replace('<%%URLVALUE(CustomerID)%%>', urlencode($urow['CustomerID']), $templateCode); $templateCode = str_replace('<%%VALUE(CompanyName)%%>', htmlspecialchars($row['CompanyName'], ENT_QUOTES, 'iso-8859-1'), $templateCode); $templateCode = str_replace('<%%URLVALUE(CompanyName)%%>', urlencode($urow['CompanyName']), $templateCode); $templateCode = str_replace('<%%VALUE(ContactName)%%>', htmlspecialchars($row['ContactName'], ENT_QUOTES, 'iso-8859-1'), $templateCode); $templateCode = str_replace('<%%URLVALUE(ContactName)%%>', urlencode($urow['ContactName']), $templateCode); $templateCode = str_replace('<%%VALUE(ContactTitle)%%>', htmlspecialchars($row['ContactTitle'], ENT_QUOTES, 'iso-8859-1'), $templateCode); $templateCode = str_replace('<%%URLVALUE(ContactTitle)%%>', urlencode($urow['ContactTitle']), $templateCode); if ($dvprint) { $templateCode = str_replace('<%%VALUE(Address)%%>', nl2br(htmlspecialchars($row['Address'], ENT_QUOTES, 'iso-8859-1')), $templateCode); } else { $templateCode = str_replace('<%%VALUE(Address)%%>', htmlspecialchars($row['Address'], ENT_QUOTES, 'iso-8859-1'), $templateCode); } $templateCode = str_replace('<%%URLVALUE(Address)%%>', urlencode($urow['Address']), $templateCode); $templateCode = str_replace('<%%VALUE(City)%%>', htmlspecialchars($row['City'], ENT_QUOTES, 'iso-8859-1'), $templateCode); $templateCode = str_replace('<%%URLVALUE(City)%%>', urlencode($urow['City']), $templateCode); $templateCode = str_replace('<%%VALUE(Region)%%>', htmlspecialchars($row['Region'], ENT_QUOTES, 'iso-8859-1'), $templateCode); $templateCode = str_replace('<%%URLVALUE(Region)%%>', urlencode($urow['Region']), $templateCode); $templateCode = str_replace('<%%VALUE(PostalCode)%%>', htmlspecialchars($row['PostalCode'], ENT_QUOTES, 'iso-8859-1'), $templateCode); $templateCode = str_replace('<%%URLVALUE(PostalCode)%%>', urlencode($urow['PostalCode']), $templateCode); $templateCode = str_replace('<%%VALUE(Country)%%>', htmlspecialchars($row['Country'], ENT_QUOTES, 'iso-8859-1'), $templateCode); $templateCode = str_replace('<%%URLVALUE(Country)%%>', urlencode($urow['Country']), $templateCode); $templateCode = str_replace('<%%VALUE(Phone)%%>', htmlspecialchars($row['Phone'], ENT_QUOTES, 'iso-8859-1'), $templateCode); $templateCode = str_replace('<%%URLVALUE(Phone)%%>', urlencode($urow['Phone']), $templateCode); $templateCode = str_replace('<%%VALUE(Fax)%%>', htmlspecialchars($row['Fax'], ENT_QUOTES, 'iso-8859-1'), $templateCode); $templateCode = str_replace('<%%URLVALUE(Fax)%%>', urlencode($urow['Fax']), $templateCode); } else { $templateCode = str_replace('<%%VALUE(CustomerID)%%>', '', $templateCode); $templateCode = str_replace('<%%URLVALUE(CustomerID)%%>', urlencode(''), $templateCode); $templateCode = str_replace('<%%VALUE(CompanyName)%%>', '', $templateCode); $templateCode = str_replace('<%%URLVALUE(CompanyName)%%>', urlencode(''), $templateCode); $templateCode = str_replace('<%%VALUE(ContactName)%%>', '', $templateCode); $templateCode = str_replace('<%%URLVALUE(ContactName)%%>', urlencode(''), $templateCode); $templateCode = str_replace('<%%VALUE(ContactTitle)%%>', '', $templateCode); $templateCode = str_replace('<%%URLVALUE(ContactTitle)%%>', urlencode(''), $templateCode); $templateCode = str_replace('<%%VALUE(Address)%%>', '', $templateCode); $templateCode = str_replace('<%%URLVALUE(Address)%%>', urlencode(''), $templateCode); $templateCode = str_replace('<%%VALUE(City)%%>', '', $templateCode); $templateCode = str_replace('<%%URLVALUE(City)%%>', urlencode(''), $templateCode); $templateCode = str_replace('<%%VALUE(Region)%%>', '', $templateCode); $templateCode = str_replace('<%%URLVALUE(Region)%%>', urlencode(''), $templateCode); $templateCode = str_replace('<%%VALUE(PostalCode)%%>', '', $templateCode); $templateCode = str_replace('<%%URLVALUE(PostalCode)%%>', urlencode(''), $templateCode); $templateCode = str_replace('<%%VALUE(Country)%%>', '', $templateCode); $templateCode = str_replace('<%%URLVALUE(Country)%%>', urlencode(''), $templateCode); $templateCode = str_replace('<%%VALUE(Phone)%%>', '', $templateCode); $templateCode = str_replace('<%%URLVALUE(Phone)%%>', urlencode(''), $templateCode); $templateCode = str_replace('<%%VALUE(Fax)%%>', '', $templateCode); $templateCode = str_replace('<%%URLVALUE(Fax)%%>', urlencode(''), $templateCode); } // process translations foreach ($Translation as $symbol => $trans) { $templateCode = str_replace("<%%TRANSLATION({$symbol})%%>", $trans, $templateCode); } // clear scrap $templateCode = str_replace('<%%', '<!-- ', $templateCode); $templateCode = str_replace('%%>', ' -->', $templateCode); // hide links to inaccessible tables if ($_POST['dvprint_x'] == '') { $templateCode .= "\n\n<script>\$j(function(){\n"; $arrTables = getTableList(); foreach ($arrTables as $name => $caption) { $templateCode .= "\t\$j('#{$name}_link').removeClass('hidden');\n"; $templateCode .= "\t\$j('#xs_{$name}_link').removeClass('hidden');\n"; } $templateCode .= $jsReadOnly; $templateCode .= $jsEditable; if (!$selected_id) { } $templateCode .= "\n});</script>\n"; } // ajaxed auto-fill fields $templateCode .= '<script>'; $templateCode .= '$j(function() {'; $templateCode .= "});"; $templateCode .= "</script>"; $templateCode .= $lookups; // handle enforced parent values for read-only lookup fields // don't include blank images in lightbox gallery $templateCode = preg_replace('/blank.gif" rel="lightbox\\[.*?\\]"/', 'blank.gif"', $templateCode); // don't display empty email links $templateCode = preg_replace('/<a .*?href="mailto:".*?<\\/a>/', '', $templateCode); // hook: customers_dv if (function_exists('customers_dv')) { $args = array(); customers_dv($selected_id ? $selected_id : FALSE, getMemberInfo(), $templateCode, $args); } return $templateCode; }
if (!$res) { die(mysql_error()); } } } $guestbook = Guestbook::get_all_guestbooks(); ?> <?php our_header("guestbook"); ?> <div class="column prepend-1 span-24 first last"> <h2>Guestbook</h2> <?php error_message(); ?> <h4>See what people are saying about us!</h4> <?php if ($guestbook) { foreach ($guestbook as $guest) { ?> <p class="comment"><?php echo $guest["comment"]; ?> </p> <p> - by <?php echo h($guest["name"]); ?> </p>
function replace_form() { global $indexint_replace; global $msg; global $include_path; global $charset; global $dbh; if (!$this->indexint_id || !$this->name) { require_once "{$include_path}/user_error.inc.php"; error_message($msg[indexint_replace], $msg[indexint_unable], 1, './autorites.php?categ=indexint&sub=&id='); return false; } $notin = "{$this->indexint_id}"; $liste_remplacantes = ""; $lenremplacee = strlen($this->name) - 1; while ($lenremplacee > 0) { $recherchee = substr($this->name, 0, $lenremplacee); $requete = "SELECT indexint_id,indexint_name,indexint_comment FROM indexint WHERE num_pclass='" . $this->id_pclass . "' and indexint_name='" . addslashes($recherchee) . "' and indexint_id not in (" . $notin . ") order by indexint_name "; $result = pmb_mysql_query($requete, $dbh) or die($requete . "<br />" . pmb_mysql_error()); while ($lue = pmb_mysql_fetch_object($result)) { $notin .= "," . $lue->indexint_id; $liste_remplacantes .= "<tr><td><a href='./autorites.php?categ=indexint&sub=replace&id=" . $this->indexint_id . "&n_indexint_id=" . $lue->indexint_id . "'>" . htmlentities($lue->indexint_name, ENT_QUOTES, $charset) . "</a></td><td>" . htmlentities($lue->indexint_comment, ENT_QUOTES, $charset) . "</tr>"; $trouvees = 1; } if ($trouvees) { $liste_remplacantes .= "<tr><td> </td><td> </td></tr>"; } $trouvees = 0; $lenremplacee = $lenremplacee - 1; } if ($liste_remplacantes) { $liste_remplacantes = "<table>" . $liste_remplacantes . "</table>"; } $indexint_replace = str_replace('!!id!!', $this->indexint_id, $indexint_replace); $indexint_replace = str_replace('!!id_pclass!!', $this->id_pclass, $indexint_replace); $indexint_replace = str_replace('!!indexint_name!!', htmlentities($this->name, ENT_QUOTES, $charset), $indexint_replace); $indexint_replace = str_replace('!!liste_remplacantes!!', $liste_remplacantes, $indexint_replace); print $indexint_replace; }
function replace_form($id) { global $authperso_replace; global $msg; global $include_path; if (!$id) { require_once "{$include_path}/user_error.inc.php"; error_message($msg[161], $msg[162], 1, './autorites.php?categ=authperso&sub=&id='); return; } $authperso_replace = str_replace('!!old_authperso_libelle!!', $this->get_isbd($id), $authperso_replace); $authperso_replace = str_replace('!!id!!', $id, $authperso_replace); $authperso_replace = str_replace('!!id_authperso!!', $this->id, $authperso_replace); return $authperso_replace; }
$results = $result->process($fields, $_POST); $db_data = $results['Results']; } // build return link $redirect = $_SERVER['SCRIPT_NAME'] . '?'; if ($con_id) { $redirect .= 'con_id=' . $con_id; } if ($viewForm) { $redirect .= '&viewForm=' . $viewForm; } if ($searchLink) { $redirect .= '&searchLink=' . urlencode($searchLink); } if ($results['Errors'] || $errors) { if (is_array($results['Results'])) { $redirect .= '&' . http_build_query($results['Results']); } echo error_message(join_arrays(array($results['Errors'], $errors)), urlencode($redirect)); exit; } if ($viewForm !== 2 && $viewForm !== 7) { db_query($db_data, "UPDATE", "contact", "con_id", $con_id); } if ($forward_company) { header("Location:company.php?com_title=" . $_POST["con_company"]); } $msg = urlencode('Update Successful'); header("Location:{$redirect}&msg={$msg}"); exit; }
if (mysql_num_rows($res)) { $row = mysql_fetch_row($res); abts_form($row[1], $id, $row[2], $row[3], $row[4], $row[5], $row[6], $row[7]); } else { show_abts($dbh); } } else { show_abts($dbh); } break; case 'del': if ($id) { $total = 0; $total = mysql_result(mysql_query("select count(1) from empr where type_abt ='" . $id . "' ", $dbh), 0, 0); if ($total == 0) { $requete = "DELETE FROM type_abts WHERE id_type_abt={$id} ;"; $res = mysql_query($requete, $dbh); $requete = "OPTIMIZE TABLE type_abts "; $res = mysql_query($requete, $dbh); show_abts($dbh); } else { error_message($msg["type_abts_type"], $msg["type_abts_del_error"], 1, 'admin.php?categ=finance&sub=abts&action='); } } else { show_abts($dbh); } break; default: show_abts($dbh); break; }
<BODY> <BODY BGCOLOR=#FFFFFF BACKGROUND="/images/gif/webpic/back4.gif"> <H1> <IMG SRC="/images/gif/dragon.gif"> Admin User <?php echo $_REQUEST["char"]; ?> </H1> <?php include $_SERVER['DOCUMENT_ROOT'] . "/scripts/admin_authorize.php"; if ($_COOKIE["karchanadminname"] != "Karn") { error_message("This administration option is only available to Karn."); } $result = mysql_query("update mm_admin set validuntil = date_add(validuntil,\n\tinterval 1 month) where name = \"" . quote_smart($_REQUEST["char"]) . "\" and \n\tvaliduntil >= now()", $dbhandle) or error_message("Query failed : " . mysql_error()); $result = mysql_query("update mm_admin set validuntil = date_add(now(),\n\tinterval 1 month) where name = \"" . quote_smart($_REQUEST["char"]) . "\" and \n\tvaliduntil < now()", $dbhandle) or error_message("Query failed : " . mysql_error()); $result = mysql_query("select validuntil from mm_admin \n\twhere name = \"" . quote_smart($_REQUEST["char"]) . "\"", $dbhandle) or error_message("Query failed : " . mysql_error()); while ($myrow = mysql_fetch_array($result)) { writeLog($dbhandle, "Expiration date for " . $_REQUEST["char"] . " changed to " . $myrow["validuntil"] . "."); printf("Expiration date for " . $_REQUEST["char"] . " changed to " . $myrow["validuntil"] . ".<P>\r\n"); } mysql_close($dbhandle); ?> <a HREF="/karchan/admin/extend_period.html"> <img SRC="/images/gif/webpic/buttono.gif" BORDER="0"></a><p> </BODY> </HTML>
$nb = 0; while ($n = pmb_mysql_fetch_object($myQuery)) { //Access au cataloguage $cart_link_non = false; require_once "{$include_path}/bull_info.inc.php"; require_once "{$class_path}/serials.class.php"; $n->isbd = show_bulletinage_info($n->bulletin_id); print pmb_bidi($n->isbd); if (++$nb >= $nb_per_page_search) { break; } } print $end_result_liste; } else { // Pas de résultat error_message($msg[235], $msg[307] . " {$ex_query}", 1, "./circ.php?categ=visu_rech"); die; } } //Gestion de la pagination if ($nb_results) { $nav_bar .= "\n\t\t<form name='search_form' action='./circ.php?categ=visu_rech' method='post' style='display:none'>\n\t\t\t<input type='hidden' name='page' value='{$page}'/>\n\t\t\t<input type='hidden' name='nb_results' value='{$nb_results}'/>\n\t\t\t<input type='hidden' name='ex_query' value='{$ex_query}'/>\n\t\t\t<input type='hidden' name='typdoc_query' value=''/>\n\t\t\t<input type='hidden' name='statut_query' value=''/>\n\t\t</form>"; $n_max_page = ceil($nb_results / $nb_per_page_search); if (!$page) { $page_en_cours = 0; } else { $page_en_cours = $page; } // affichage du lien precedent si necessaire if ($page > 0) { $nav_bar .= "<a href='#' onClick='document.search_form.page.value-=1; ";
$cart_click_noti = "onClick=\"openPopUp('./cart.php?object_type=NOTI&item=" . $myPerio->notice_id . "', 'cart', 600, 700, -2, -2, '" . $selector_prop . "')\""; $affichage_final .= "<tr class='{$class_entete}' {$tr_javascript} >"; $affichage_final .= "<td><img src='./images/basket_small_20x20.gif' align='middle' alt='basket' title='" . $msg[400] . "' " . $cart_click_noti . "></td>"; $affichage_final .= "<td colspan='6'><a href='" . $url . "'>" . $isbd->isbd . "</a></td></tr>"; // affichage des bulletinages associés $myQueryBull = pmb_mysql_query("SELECT bulletin_id FROM bulletins WHERE bulletin_notice='{$myPerio->notice_id}' ORDER BY date_date DESC, bulletin_id DESC ", $dbh); $bulletins = ""; while ($bul = pmb_mysql_fetch_object($myQueryBull)) { $class_suite = "odd"; $tr_javascript = " onmouseover=\"this.className='surbrillance'\" onmouseout=\"this.className='{$class_suite}'\""; $bulletin = new bulletinage($bul->bulletin_id); $url = "./catalog.php?categ=serials&sub=bulletinage&action=view&bul_id=" . $bul->bulletin_id; // gestion des paniers de bulletins $selector_prop = "toolbar=no, dependent=yes, resizable=yes, scrollbars=yes"; $cart_click_bull = "onClick=\"openPopUp('./cart.php?object_type=BULL&item=" . $bul->bulletin_id . "', 'cart', 600, 700, -2, -2, '{$selector_prop}')\""; $bulletins .= "<tr class='{$class_suite}' {$tr_javascript}>\n\t\t\t\t<td> </td>\n\t\t\t\t<td><img src='./images/basket_small_20x20.gif' align='middle' alt='basket' title='" . $msg[400] . "' " . $cart_click_bull . "></td>\n\t\t\t\t<td><a href='" . $url . "'>" . $bulletin->bulletin_numero . "</a></td>\n\t\t\t\t<td>" . $bulletin->mention_date . "</td>\n\t\t\t\t<td>" . $bulletin->aff_date_date . "</td>\n\t\t\t\t<td>" . $bulletin->bulletin_titre . "</td>"; if (sizeof($bulletin->expl)) { $bulletins .= "<td>" . sizeof($bulletin->expl) . " " . $msg['bulletin_nb_exemplaires'] . "</td>"; } else { $bulletins .= "<td> </td>"; } $bulletins .= "</tr>"; } $affichage_final .= $bulletins; } $affichage_final .= "</table>"; print pmb_bidi($affichage_final); } else { // la requête n'a produit aucun résultat error_message($msg[46], str_replace('!!user_query!!', stripslashes($user_query), $msg[1153]), 1, './edit.php?categ=serials&sub=collect'); }
function error($s) { error_message($s); page(); }
function show_results($dbh, $user_input, $nbr_lignes = 0, $page = 0, $id = 0) { global $nb_per_page; global $base_url; global $caller; global $charset; global $msg; global $expl_list_id; // on récupére le nombre de lignes qui vont bien if (!$id) { if ($user_input == "") { $requete = "SELECT COUNT(1) FROM groupexpl"; } else { $aq = new analyse_query(stripslashes($user_input)); if ($aq->error) { error_message($msg["searcher_syntax_error"], sprintf($msg["searcher_syntax_error_desc"], $aq->current_car, $aq->input_html, $aq->error_message)); exit; } $requete = "select count(distinct id_groupexpl) from groupexpl where groupexpl_name like '%" . $user_input . "%'"; } $res = pmb_mysql_query($requete, $dbh); $nbr_lignes = @pmb_mysql_result($res, 0, 0); } else { $nbr_lignes = 1; } if (!$page) { $page = 1; } $debut = ($page - 1) * $nb_per_page; if ($nbr_lignes) { $expl_list = explode(",", $expl_list_id); $expl_list_cb = array(); foreach ($expl_list as $id_expl) { $query = "SELECT expl_cb FROM exemplaires WHERE expl_id='" . $id_expl . "'"; $result = pmb_mysql_query($query); if ($result && pmb_mysql_num_rows($result)) { $cb = pmb_mysql_result($result, 0, 0); $expl_list_cb[] = $cb; } } $last_id_used = session::get_last_used("groupexpl"); if ($last_id_used) { print "<div class='selector_last_used'>\n \t\t\t\t<div class='row'>\n \t\t\t\t\t<b>" . $msg["selector_last_groupexpl_used"] . "</b>\n \t\t\t\t</div>\n \t\t\t\t<div class='row'>"; $query = "select id_groupexpl, groupexpl_name from groupexpl where id_groupexpl=" . $last_id_used; $result = pmb_mysql_query($query); while ($group = pmb_mysql_fetch_object($result)) { print pmb_bidi("\n\t\t\t\t\t\t<a href=\"{$base_url}&action=add_expl&id_groupexpl=" . $group->id_groupexpl . "&expl_list=" . implode(",", $expl_list_cb) . "\">\n\t\t\t\t\t\t{$group->groupexpl_name}</a><br />"); } print "</div></div>"; } // on lance la vraie requête if (!$id) { if ($user_input == "") { $requete = "SELECT groupexpl.* FROM groupexpl"; $requete .= " ORDER BY groupexpl_name LIMIT {$debut},{$nb_per_page} "; } else { $requete = "select groupexpl.* from groupexpl where groupexpl_name like '%" . $user_input . "%' order by groupexpl_name LIMIT {$debut},{$nb_per_page}"; } } else { $requete = "select groupexpl.* FROM groupexpl where id_groupexpl='" . $id . "'"; } $res = @pmb_mysql_query($requete, $dbh); while ($group = pmb_mysql_fetch_object($res)) { print pmb_bidi("\n \t\t\t<a href=\"{$base_url}&action=add_expl&id_groupexpl=" . $group->id_groupexpl . "&expl_list=" . implode(",", $expl_list_cb) . "\">\n\t\t\t\t\t{$group->groupexpl_name}</a><br />"); } pmb_mysql_free_result($res); // constitution des liens $nbepages = ceil($nbr_lignes / $nb_per_page); $suivante = $page + 1; $precedente = $page - 1; // affichage pagination print "<div class='row'> <hr /></div><div align='center'>"; $url_base = $base_url . "&user_input=" . rawurlencode(stripslashes($user_input)); $nav_bar = aff_pagination($url_base, $nbr_lignes, $nb_per_page, $page, 10, false, true); print $nav_bar; print "</div>"; } }
// +-------------------------------------------------+ // $Id: harvest.inc.php,v 1.1 2012-01-25 15:20:35 ngantier Exp $ if (stristr($_SERVER['REQUEST_URI'], ".inc.php")) { die("no access"); } require_once $class_path . "/harvest_notice.class.php"; // functions particulières à ce module $acces_m = 1; if ($gestion_acces_active == 1 && $gestion_acces_user_notice == 1) { require_once "{$class_path}/acces.class.php"; $ac = new acces(); $dom_1 = $ac->setDomain(1); $acces_m = $dom_1->getRights($PMBuserid, $id, 8); } if ($acces_m == 0) { error_message('', htmlentities($dom_1->getComment('mod_noti_error'), ENT_QUOTES, $charset), 1, ''); } else { $harv = new harvest_notice($notice_id, $harvest_id, $profil_id); switch ($action) { case 'build': print "<h1>" . $msg[harvest_notice_replace_title] . "</h1>"; $harv->get_notice_externe($notice_id); break; case 'record': $harv->record_notice($notice_id); break; default: print "<h1>" . $msg[harvest_notice_replace_title] . "</h1>"; print $harv->get_form_sel(); break; }