PHP getLoggedOnMemberID Exemples

Exemple #1

Fichier : confirmswap.php Projet : prodigyworks/Service-Call

function reject()
{
    global $message;
    $id = $_POST['pk1'];
    $messageid = $_POST['pk2'];
    $sql = "SELECT A.weeknumber, A.memberid, A.swapmemberid  " . "FROM {$_SESSION['DB_PREFIX']}oncallswap A " . "WHERE A.id = {$id}";
    $result = mysql_query($sql);
    if ($result) {
        /* Show children. */
        while ($member = mysql_fetch_assoc($result)) {
            $qry = "UPDATE {$_SESSION['DB_PREFIX']}oncallswap " . "SET agreed = 'X', metamodifieddate = NOW(), metamodifieduserid = " . getLoggedOnMemberID() . " " . "WHERE id = {$id}";
            $itemresult = mysql_query($qry);
            if (!$itemresult) {
                logError($qry . " = " . mysql_error());
            }
            $qry = "UPDATE {$_SESSION['DB_PREFIX']}messages " . "SET status = 'R', metamodifieddate = NOW(), metamodifieduserid = " . getLoggedOnMemberID() . " " . "WHERE id = {$messageid}";
            $itemresult = mysql_query($qry);
            if (!$itemresult) {
                logError($qry . " = " . mysql_error());
            }
            sendInternalUserMessage($member['memberid'], "On Call Swap Request", "Your request for on call cover for week " . $member['weeknumber'] . " has been rejected by " . GetUserName($member['swapmemberid']));
            $message = "Request has been rejected";
        }
    }
}

Exemple #2

Fichier : managegrids.php Projet : prodigyworks/Service-Call

function showColumn()
{
    $id = $_POST['gridid'];
    $qry = "UPDATE {$_SESSION['DB_PREFIX']}applicationtablecolumns SET hidecolumn = 0, metamodifieddate = NOW(), metamodifieduserid = " . getLoggedOnMemberID() . " WHERE id = {$id}";
    $result = mysql_query($qry);
    if (!$result) {
        logError($qry . " - " . mysql_error());
    }
}

Exemple #3

Fichier : holidays.php Projet : prodigyworks/Trianik

    public function postAddScriptEvent()
    {
        ?>
			var myDate = new Date(); 
			var prettyDate =
					padZero(myDate.getDate()) + '/' +         
				    padZero((myDate.getMonth() + 1)) + '/' + 
					myDate.getFullYear(); 
					 
			$("#memberid").val("<?php 
        echo getLoggedOnMemberID();
        ?>
").trigger("change");
			$("#requesteddate").val(prettyDate).trigger("change");
			$("#startdate").val(prettyDate).trigger("change");
			$("#enddate").val(prettyDate).trigger("change");
			$("#startdate_half").attr("checked", true).trigger("change");
			$("#enddate_half").attr("checked", true).trigger("change");
			<?php 
    }

Exemple #4

Fichier : users.php Projet : prodigyworks/schokolat

 public function preCommandEvent()
 {
     if (isset($_POST['rolecmd'])) {
         if (isset($_POST['roles'])) {
             $counter = count($_POST['roles']);
         } else {
             $counter = 0;
         }
         $memberid = $_POST['memberid'];
         $qry = "DELETE FROM {$_SESSION['DB_PREFIX']}userroles WHERE memberid = {$memberid}";
         $result = mysql_query($qry);
         if (!$result) {
             logError(mysql_error());
         }
         for ($i = 0; $i < $counter; $i++) {
             $roleid = $_POST['roles'][$i];
             $qry = "INSERT INTO {$_SESSION['DB_PREFIX']}userroles (memberid, roleid, metacreateddate, metacreateduserid, metamodifieddate, metamodifieduserid) VALUES ({$memberid}, '{$roleid}', NOW(), " . getLoggedOnMemberID() . ", NOW(), " . getLoggedOnMemberID() . ")";
             $result = mysql_query($qry);
         }
     }
 }

Exemple #5

Fichier : system-db.php Projet : prodigyworks/schokolat

function logout()
{
    start_db();
    if (isAuthenticated()) {
        $qry = "UPDATE {$_SESSION['DB_PREFIX']}loginaudit SET " . "timeoff = NOW(), metamodifieddate = NOW(), metamodifieduserid = " . getLoggedOnMemberID() . " " . "WHERE id = " . $_SESSION['SESS_LOGIN_AUDIT'] . "";
        $result = mysql_query($qry);
    }
    session_unset();
    $_SESSION['ROLES'][] = 'PUBLIC';
}

Exemple #6

Fichier : siteconfig.php Projet : prodigyworks/FA

require_once "tinymce.php";
?>

<!--  Start of content -->
<?php 
if (isset($_POST['domainurl'])) {
    $runscheduledays = mysql_escape_string($_POST['runscheduledays']);
    $domainurl = mysql_escape_string($_POST['domainurl']);
    $emailfooter = mysql_escape_string($_POST['emailfooter']);
    $address = mysql_escape_string($_POST['address']);
    $bookingprefix = $_POST['bookingprefix'];
    $refereereportemail = $_POST['refereereportemail'];
    $invoiceprefix = $_POST['invoiceprefix'];
    $maintenancemode = $_POST['maintenancemode'];
    $vatrate = $_POST['vatrate'];
    $qry = "UPDATE {$_SESSION['DB_PREFIX']}siteconfig SET " . "domainurl = '{$domainurl}', " . "vatrate = {$vatrate}, " . "address = '{$address}', " . "bookingprefix = '{$bookingprefix}', " . "refereereportemail = '{$refereereportemail}', " . "invoiceprefix = '{$invoiceprefix}', " . "maintenancemode = '{$maintenancemode}', " . "runscheduledays = '{$runscheduledays}', " . "emailfooter = '{$emailfooter}', metamodifieddate = NOW(), metamodifieduserid = " . getLoggedOnMemberID() . "";
    $result = mysql_query($qry);
    if (!$result) {
        logError("UPDATE {$_SESSION['DB_PREFIX']}siteconfig:" . $qry . " - " . mysql_error());
    }
    unset($_SESSION['SITE_CONFIG']);
}
$qry = "SELECT *, DATE_FORMAT(lastschedulerun, '%d/%m/%Y') AS lastschedulerun FROM {$_SESSION['DB_PREFIX']}siteconfig";
$result = mysql_query($qry);
if ($result) {
    while ($member = mysql_fetch_assoc($result)) {
        ?>
<form id="contentForm" name="contentForm" method="post" class="entryform">
	<label>Domain URL</label>
	<input required="true" type="text" class="textbox90" id="domainurl" name="domainurl" value="<?php 
        echo $member['domainurl'];

Exemple #7

Fichier : system-register-exec.php Projet : prodigyworks/FA

        $qry = "UPDATE {$_SESSION['DB_PREFIX']}team SET \n\t\t\t\t\tfirstname = '{$fname}', \n\t\t\t\t\tlastname = '{$lname}',\n\t\t\t\t\ttelephone = '{$landline}',\n\t\t\t\t\temail = '{$email}'\n\t\t\t\t\tWHERE id = {$clubid}";
        $result = mysql_query($qry);
        if (!$result) {
            logError("UPDATE team failed ({$qry}):" . mysql_error());
        }
    }
    mysql_query("COMMIT");
    sendUserMessage(getLoggedOnMemberID(), "User Registration", "User " . $_POST['login'] . " has been registered as a user.<br>Password : "******"User Registration", "<h3>Welcome " . $_POST['fname'] . " " . $_POST['lname'] . ".</h3><br>You have been invited to become a member of 'Harrow Youth Football League'.<br>Please click on the <a href='" . getSiteConfigData()->domainurl . "/index.php'>link</a> to activate your account.<br><br><h4>Login details</h4>User ID : " . $_POST['login'] . "<br>Password : "******"location: system-register-success.php");
    } else {
        logError("1 Query failed:" . mysql_error());
    }
} else {
    $memberid = $_GET['id'];
    $qry = "UPDATE {$_SESSION['DB_PREFIX']}members \n\t\t\t\tSET email = '{$email}', \n\t\t\t\tlandline = '{$landline}', \n\t\t\t\tfirstname = '{$fname}', \n\t\t\t\tlastname = '{$lname}', \n\t\t\t\tlastaccessdate = NOW() ";
    if ($password != "") {
        $qry .= ", passwd = '" . md5($password) . "' ";
    }
    $qry .= "WHERE member_id = {$memberid}";
    $result = mysql_query($qry);
    if (!$result) {
        logError("UPDATE members failed:" . mysql_error());
    }
    $_SESSION['SESS_FIRST_NAME'] = $fname;
    $_SESSION['SESS_LAST_NAME'] = $lname;
    sendUserMessage(getLoggedOnMemberID(), "User Amendment", "<h3>User amendment.</h3><br>Your details have been amended.<br>");
    header("location: system-register-amend.php");
}
//Check whether the query was successful or not

Exemple #8

Fichier : system-register-exec.php Projet : prodigyworks/schokolat

    $fullname = $fname . " " . $lname;
    //Create INSERT query
    $qry = "INSERT INTO {$_SESSION['DB_PREFIX']}members \n\t\t\t\t(\n\t\t\t\tfirstname, lastname, fullname, login, passwd, mobile,\n\t\t\t\temail, holidayentitlement, accepted, guid, status, \n\t\t\t\tmetacreateddate, metacreateduserid, metamodifieddate, metamodifieduserid\n\t\t\t\t) \n\t\t\t\tVALUES\n\t\t\t\t(\n\t\t\t\t'{$fname}','{$lname}', '{$fullname}', '{$login}', '{$pwd}', '{$mobile}',\n\t\t\t\t'{$email}', {$entitlement}, 'Y', '{$guid}', 'Y', \n\t\t\t\tNOW(), {$loggedon}, NOW(), {$loggedon}\n\t\t\t\t)";
    $result = @mysql_query($qry);
    $memberid = mysql_insert_id();
    if (!$result) {
        logError("{$qry} - " . mysql_error());
    }
    //Create INSERT query
    $qry = "INSERT INTO {$_SESSION['DB_PREFIX']}userroles(memberid, roleid, metacreateddate, metacreateduserid, metamodifieddate, metamodifieduserid) VALUES({$memberid}, 'PUBLIC', NOW(), " . getLoggedOnMemberID() . ", NOW(), " . getLoggedOnMemberID() . ")";
    $result = @mysql_query($qry);
    $qry = "INSERT INTO {$_SESSION['DB_PREFIX']}userroles(memberid, roleid, metacreateddate, metacreateduserid, metamodifieddate, metamodifieduserid) VALUES({$memberid}, 'USER', NOW(), " . getLoggedOnMemberID() . ", NOW(), " . getLoggedOnMemberID() . ")";
    $result = @mysql_query($qry);
    if (isset($_POST['accounttype'])) {
        $accountrole = $_POST['accounttype'];
        $qry = "INSERT INTO {$_SESSION['DB_PREFIX']}userroles(memberid, roleid, metacreateddate, metacreateduserid, metamodifieddate, metamodifieduserid) VALUES({$memberid}, '{$accountrole}', NOW(), " . getLoggedOnMemberID() . ", NOW(), " . getLoggedOnMemberID() . ")";
        $result = @mysql_query($qry);
    }
    sendRoleMessage("ADMIN", "User Registration", "User " . $login . " has been registered as a user.<br>Password : "******"User Registration", "<h3>Welcome {$fname} {$lname}.</h3><br>You have been invited to become a member of 'Schokolat'.<br><br><h4>Login details</h4>User ID : {$login}<br>Password : "******"location: system-register-success.php");
    } else {
        logError("1 Query failed:" . mysql_error());
    }
} else {
    $memberid = $_GET['id'];
    $qry = "UPDATE {$_SESSION['DB_PREFIX']}members \n\t\t\t\tSET email = '{$email}', \n\t\t\t\tfirstname = '{$fname}', \n\t\t\t\tlastname = '{$lname}', \n\t\t\t\tmobile = '{$mobile}',\n\t\t\t\tlastaccessdate = NOW(),\n\t\t\t\tpasswd = '{$pwd}', \n\t\t\t\tmetamodifieddate = NOW(), \n\t\t\t\tmetamodifieduserid = {$loggedon}\n\t\t\t\tWHERE member_id = {$memberid}";
    $result = mysql_query($qry);
    if (!$result) {
        logError("UPDATE members failed:" . mysql_error());

Exemple #9

Fichier : messages.php Projet : prodigyworks/Service-Call

		$("#frmpost").submit();
	}
	
</SCRIPT>
<form method="POST" id="frmpost" name="frmpost">
	<input type="hidden" name="mailcommand" id="mailcommand" />
	<table width='100%' cellspacing=4>
	<?php 
if (!isset($_GET['mode']) || $_GET['mode'] == "I") {
    $qry = "SELECT A.id, A.replied, A.status, A.subject, A.message, A.from_member_id, A.to_member_id, " . "DATE_FORMAT(A.createddate, '%m/%d/%Y') AS createddate, A.action, " . "B.firstname AS fromfirstname, B.lastname AS fromlastname, B.imageid AS fromimageid,  " . "C.firstname AS tofirstname, C.lastname AS tolastname, C.imageid AS toimageid  " . "FROM  {$_SESSION['DB_PREFIX']}messages A " . "LEFT OUTER JOIN {$_SESSION['DB_PREFIX']}members C " . "ON C.member_id = A.to_member_id " . "LEFT OUTER JOIN {$_SESSION['DB_PREFIX']}members B " . "ON B.member_id = A.from_member_id " . "WHERE A.to_member_id = " . getLoggedOnMemberID() . " " . "AND (A.deleted != 'Y' OR A.deleted IS NULL) " . "ORDER BY A.createddate DESC";
} else {
    if (isset($_GET['mode']) && $_GET['mode'] == "S") {
        $qry = "SELECT A.id, A.replied, A.status, A.subject, A.message, A.from_member_id, A.to_member_id, " . "DATE_FORMAT(A.createddate, '%m/%d/%Y') AS createddate, A.action, " . "B.firstname AS fromfirstname, B.lastname AS fromlastname, B.imageid AS fromimageid,  " . "C.firstname AS tofirstname, C.lastname AS tolastname, C.imageid AS toimageid  " . "FROM  {$_SESSION['DB_PREFIX']}messages A " . "LEFT OUTER JOIN {$_SESSION['DB_PREFIX']}members C " . "ON C.member_id = A.to_member_id " . "LEFT OUTER JOIN {$_SESSION['DB_PREFIX']}members B " . "ON B.member_id = A.from_member_id " . "WHERE A.from_member_id = " . getLoggedOnMemberID() . " " . "AND (A.deleted != 'Y' OR A.deleted IS NULL) " . "ORDER BY A.createddate DESC";
    } else {
        if (isset($_GET['mode']) && $_GET['mode'] == "D") {
            $qry = "SELECT A.id, A.replied, A.status, A.subject, A.message, A.from_member_id, A.to_member_id, " . "DATE_FORMAT(A.createddate, '%m/%d/%Y') AS createddate, A.action, " . "B.firstname AS fromfirstname, B.lastname AS fromlastname, B.imageid AS fromimageid,  " . "C.firstname AS tofirstname, C.lastname AS tolastname, C.imageid AS toimageid  " . "FROM  {$_SESSION['DB_PREFIX']}messages A " . "LEFT OUTER JOIN {$_SESSION['DB_PREFIX']}members C " . "ON C.member_id = A.to_member_id " . "LEFT OUTER JOIN {$_SESSION['DB_PREFIX']}members B " . "ON B.member_id = A.from_member_id " . "WHERE A.to_member_id = " . getLoggedOnMemberID() . " " . "AND A.deleted = 'Y' " . "ORDER BY A.createddate DESC";
        }
    }
}
$result = mysql_query($qry);
if (!$result) {
    logError("Error: " . mysql_error());
}
//Check whether the query was successful or not
if ($result) {
    while ($member = mysql_fetch_assoc($result)) {
        ?>
		<tr class='mailtable' status='<?php 
        echo $member['status'];
        ?>
'>

Exemple #10

Fichier : system-header.php Projet : prodigyworks/Service-Call

			<TABLE style="BORDER-COLLAPSE: collapse" cellSpacing=0 cellPadding=0 width=1014 align=left >
				<TR>
					<TD style="BACKGROUND: url(images/shadow_lft.png)" width=17>
						&nbsp;
					</TD>
					<TD>
						<div class="tail-top">
						<!-- header -->
						<?php 
if (isAuthenticated()) {
    ?>
							<div id="header" class='header1'>
								<?php 
    $qry = "UPDATE {$_SESSION['DB_PREFIX']}members SET " . "lastaccessdate = NOW(), metamodifieddate = NOW(), metamodifieduserid = " . getLoggedOnMemberID() . " " . "WHERE member_id = " . $_SESSION['SESS_MEMBER_ID'] . "";
    $result = mysql_query($qry);
    $qry = "UPDATE {$_SESSION['DB_PREFIX']}loginaudit SET " . "timeoff = NOW(), metamodifieddate = NOW(), metamodifieduserid = " . getLoggedOnMemberID() . " " . "WHERE id = " . $_SESSION['SESS_LOGIN_AUDIT'] . "";
    $result = mysql_query($qry);
    ?>
								<div id="toppanel">
									<label class="prefix">logged on: </label>
									<label>
									<a href='profile.php'>
										<?php 
    echo getUserName();
    ?>
									</a>
									<span>
									&nbsp;|&nbsp;<a href='system-logout.php'>logout</a>
									</span> 
									</label>
								</div>

Exemple #11

Fichier : crud.php Projet : prodigyworks/schokolat

 public function insert()
 {
     try {
         $qry = "INSERT INTO " . $this->table . " (";
         $first = true;
         foreach ($this->columns as $col) {
             if ($col['bind']) {
                 if ($first) {
                     $first = false;
                 } else {
                     $qry = $qry . ", ";
                 }
                 $qry = $qry . $col['name'];
             }
         }
         $qry = $qry . ", metacreateddate, metacreateduserid, metamodifieddate, metamodifieduserid) VALUES (";
         $first = true;
         foreach ($this->columns as $col) {
             if ($col['bind']) {
                 if ($first) {
                     $first = false;
                 } else {
                     $qry = $qry . ", ";
                 }
                 if ($col['type'] == "IMAGE") {
                     $qry = $qry . "'" . getImageData($col['name']) . "'";
                 } else {
                     if ($col['type'] == "FILE") {
                         $qry = $qry . "'" . getFileData($col['name']) . "'";
                     } else {
                         if ($col['type'] == "PASSWORD") {
                             $qry = $qry . "'" . md5($_POST[$col['name']]) . "'";
                         } else {
                             if ($col['type'] == "CHECKBOX") {
                                 $qry = $qry . (isset($_POST[$col['name']]) ? $_POST[$col['name']] == "on" ? 1 : 0 : 0);
                             } else {
                                 if (isset($_POST[$col['name']])) {
                                     if ($col['datatype'] == "timestamp" || $col['datatype'] == "") {
                                         $mysql_date = convertStringToDate($_POST[$col['name']]);
                                         $mysql_time = $_POST[$col['name'] . "_time"];
                                         $qry = $qry . "'" . mysql_escape_string($mysql_date) . " {$mysql_time}'";
                                     } else {
                                         if ($col['datatype'] == "date") {
                                             $mysql_date = convertStringToDate($_POST[$col['name']]);
                                             $qry = $qry . "'" . mysql_escape_string($mysql_date) . "'";
                                         } else {
                                             $qry = $qry . "'" . mysql_escape_string($_POST[$col['name']]) . "'";
                                         }
                                     }
                                 } else {
                                     if ($col['default'] == "TODAY") {
                                         $qry = $qry . "NOW()";
                                     } else {
                                         if ($col['default'] == "USER") {
                                             $qry = $qry . getLoggedOnMemberID();
                                         } else {
                                             $qry = $qry . "'" . mysql_escape_string($col['default']) . "'";
                                         }
                                     }
                                 }
                             }
                         }
                     }
                 }
             }
         }
         $memberid = getLoggedOnMemberID();
         $qry = $qry . ", NOW(), {$memberid}, NOW(), {$memberid})";
         $result = mysql_query($qry);
         if (!$result) {
             logError($qry . " = " . mysql_error());
         }
         $this->postInsertEvent();
     } catch (Exception $e) {
         $this->errorDescriptions[] = $e->getMessage();
     }
 }

Exemple #12

Fichier : scheduleplanner.php Projet : prodigyworks/Coast-Guard

									$("#notes").val(node.notes);

									$("#detaildialog").dialog("open");
								}
							}
						);
				
				}
		    },
		    
		    dayClick: function(date, element, view) {
<?php 
?>
				$("#eventid").val("");
				$("#userid").val("<?php 
echo getLoggedOnMemberID();
?>
");
				$("#startdate").val(formatDate(date));
				$("#enddate").val(formatDate(date));
				tinyMCE.get("notes").setContent("");
				
				$("#detaildialog").dialog("open");
<?php 
?>
		    },
		    
		    events: function(start, end, callback) {
		    	var startYear = start.getYear();
		    	var endYear = end.getYear();
		    	

Exemple #13

Fichier : runalerts.php Projet : prodigyworks/Service-Call

<?php

require_once "system-db.php";
start_db();
sendRoleMessage("ALERT", "Daily alert task schedule", "Information: Alerts task schedule run at " . date("d/m/Y"));
/********************************************************************* END OF SCHEDULE **************************************/
$qry = "UPDATE {$_SESSION['DB_PREFIX']}siteconfig SET lastschedulerun = CURDATE(), metamodifieddate = NOW(), metamodifieduserid = " . getLoggedOnMemberID() . "";
$result = mysql_query($qry);
if (!$result) {
    logError("Error: " . mysql_error(), false);
}

Exemple #14

Fichier : system-register-exec.php Projet : prodigyworks/FA

        }
    }
    if ($clubid != 0) {
        $qry = "UPDATE {$_SESSION['DB_PREFIX']}team SET \n\t\t\t\t\tfirstname = '{$fname}', \n\t\t\t\t\tlastname = '{$lname}',\n\t\t\t\t\ttelephone = '{$landline}',\n\t\t\t\t\temail = '{$email}'\n\t\t\t\t\tWHERE id = {$clubid}";
        $result = mysql_query($qry);
        if (!$result) {
            logError("UPDATE team failed ({$qry}):" . mysql_error());
        }
    }
    mysql_query("COMMIT");
    sendUserMessage(getLoggedOnMemberID(), "User Registration", "User " . $_POST['login'] . " has been registered as a user.<br>Password : "******"User Registration", "<h3>Welcome " . $_POST['fname'] . " " . $_POST['lname'] . ".</h3><br>You have been invited to become a member of 'Harrow Youth Football League'.<br>Please click on the <a href='" . getSiteConfigData()->domainurl . "/index.php'>link</a> to activate your account.<br><br><h4>Login details</h4>User ID : " . $_POST['login'] . "<br>Password : "******"location: system-register-success.php");
    } else {
        logError("1 Query failed:" . mysql_error());
    }
} else {
    $memberid = $_GET['id'];
    $qry = "UPDATE {$_SESSION['DB_PREFIX']}members \n\t\t\t\tSET email = '{$email}', \n\t\t\t\tfirstname = '{$fname}', \n\t\t\t\tlastname = '{$lname}', \n\t\t\t\tlastaccessdate = NOW(),\n\t\t\t\tpasswd = '" . md5($password) . "'\n\t\t\t\tWHERE member_id = {$memberid}";
    $result = mysql_query($qry);
    if (!$result) {
        logError("UPDATE members failed:" . mysql_error());
    }
    $_SESSION['SESS_FIRST_NAME'] = $fname;
    $_SESSION['SESS_LAST_NAME'] = $lname;
    sendUserMessage(getLoggedOnMemberID(), "User Amendment", "<h3>User amendment.</h3><br>Your details have been amended by the System Administration.<br>Your password has been changed to: <i>{$password}</i>.");
    sendUserMessage($memberid, "User Amendment", "<h3>User amendment.</h3><br>Your details have been amended by the System Administration.<br>Your password has been changed to: <i>{$password}</i>.");
    header("location: system-register-amend.php");
}
//Check whether the query was successful or not

Exemple #15

Fichier : rotacalendar.php Projet : prodigyworks/Coast-Guard

function showCalendar($currentRota)
{
    ?>
<script>
	var rotaid = 0;
	
	$(document).ready(function() {
		$("#detaildialog").dialog({
				modal: true,
				width: 400,
				autoOpen: false,
				title: "Details",
				buttons: {
					Ok: function() {
						callAjax(
								"saverotadata.php", 
								{ 
									rotaid: rotaid,
									eventid: $("#eventid").val(),
									userid: $("#userid").val(),
									notes: "",
									startdate: $("#startdate").val(),
									enddate: $("#enddate").val(),
									watch: $("#watch").val()
								},
								function(items) {
									$("#calendar").fullCalendar('refetchEvents');
								},
								false
							);
			
						$(this).dialog("close");
					},
					"Remove": function() {
						callAjax(
								"removerotadata.php", 
								{ 
									eventid: $("#eventid").val()
								},
								function(items) {
									$("#calendar").fullCalendar('refetchEvents');
								},
								false
							);
			
						$(this).dialog("close");
					},
					Cancel: function() {
						$(this).dialog("close");
					}
				}
			});

		$("#bidbutton").click(
				function() {
					callAjax(
							"savebid.php", 
							{ 
								bid: $("#bid").val()
							},
							function(data) {
							}
						);
				}
			);

		$('#calendar').fullCalendar({
			editable: true,
			aspectRatio: 2.1,
			allDayDefault: false, 
			header: {
				left: 'prev,next today',
				center: 'title',
				right: ''
			},

			eventRender: function(event, element) {
			   element.attr('title', "Click to view " + event.title);
			},
			
			eventClick: function(calEvent, jsEvent, view) {
				if (calEvent.id != 0) {
					callAjax(
							"finddata.php", 
							{ 
								sql: "SELECT A.id, A.userid, A.watch, " +
									 "DATE_FORMAT(A.startdate, '%d/%m/%Y') AS startdate, " +
									 "DATE_FORMAT(A.enddate, '%d/%m/%Y') AS enddate " +
									 "FROM <?php 
    echo $_SESSION['DB_PREFIX'];
    ?>
rotaitem A " + 
									 "WHERE A.id = " + calEvent.id
							},
							function(data) {
								if (data.length > 0) {
									var node = data[0];
								
									$("#eventid").val(node.id);
									$("#userid").val(node.userid);
									$("#startdate").val(node.startdate);
									$("#enddate").val(node.enddate);
									$("#watch").val(node.watch);

									$("#detaildialog").dialog("open");
								}
							}
						);
				
				}
		    },
		    
		    dayClick: function(date, element, view) {
<?php 
    ?>
				$("#eventid").val("");
				$("#userid").val("<?php 
    echo getLoggedOnMemberID();
    ?>
");
				$("#startdate").val(formatDate(date));
				$("#enddate").val(formatDate(date));
				$("#watch").val("B");
				
				$("#detaildialog").dialog("open");
<?php 
    ?>
		    },
		    
		    events: function(start, end, callback) {
		    	var startYear = start.getYear();
		    	var endYear = end.getYear();
		    	
		    	if (startYear < 2000) {
		    	    startYear += 1900;
		    	}
		    	
		    	if (endYear < 2000) {
		    	    endYear += 1900;
		    	}

		    	var startDate = startYear + "-" + padZero(start.getMonth() + 1) + "-" + padZero(start.getDate());
		    	var endDate = endYear + "-" + padZero(end.getMonth() + 1) + "-" + padZero(end.getDate());

				callAjax(
						"findrotaid.php", 
						{ 
							startdate: startDate,
							enddate: endDate
						},
						function(data) {
							if (data.length > 0) {
								rotaid = data[0].id;
							}
						},
						false
					);
		    	
			    $.ajax({
	                type: 'POST',
	                url: 'currentrotadata.php',
	                async: false,
	                dataType:'json',
			        data: {
	                    rotaid: rotaid
			        },
			        error: function(error) {
			            alert('there was an error while fetching events');
			        },
			        success: function(msg) {
						var events = [];
						 
                        for(var c = 0; c < msg.length; c++){
                        	var item = msg[c];

                            events.push({
	                                id: item.id,                                
	                                title: item.title,
	                                allDay: item.allDay == "true" ? true : false,
	                                start: item.start,
	                                end: item.end,
	                                editable: true,
	                                className: item.className
	                            });
                        }
                        
                        callback(events);
                        
                        var found = false;
                        var days = 0;

                        $(".fc-widget-content").each(function() {
                            	var dayn = $(this).find(".fc-day-number").html();

                            	if (! found && dayn == 6) {
                                	found = true;
                            	}

                            	if (found && dayn == 6 && days > 1) {
                                	found = false;
                            	}

                            	if (found) {
                                	$(this).css("background-color", "yellow");
                                	
                            	} else {
                                	$(this).css("background-color", "red");
                            	}

                            	if (found) {
                                	days++;
                            	}
	                        });
			        }
			     });
		    }
		});
		
	});
	
	
	
</script>
<?php 
}

Exemple #16

Fichier : datafilter.php Projet : prodigyworks/Service-Call

function getFilteredData($sql)
{
    if (!isset($_SESSION['SITE_CONFIG'])) {
        return $sql;
    }
    $parser = new PHPSQLParser($sql);
    $tablealias = null;
    $data = getSiteConfigData();
    foreach ($parser->parsed['FROM'] as $table) {
        if ($table['table'] == "horizon_members") {
            if ($table['alias'] != "") {
                $tablealias = $table['alias']['name'];
            } else {
                $tablealias = $table['table'];
            }
        }
    }
    //	echo $sql . "\n";
    //	print_r($parser->parsed);
    if (!isset($parser->parsed['WHERE'])) {
        /* Create where clause. */
        $parser->parsed['WHERE'] = array();
    } else {
        /* Add to the where clause. */
        $parser->parsed['WHERE'][] = array("expr_type" => "operator", "base_expr" => "AND", "sub_tree" => "");
    }
    if (isUserInRole($data->adminrole) || isUserInRole($data->managementrole)) {
        /* Do nothing, access rights to all. */
        return $sql;
    }
    if (isUserInRole($data->trainingmanagementrole)) {
        /* Not restricted by anything training related. 
         * Page roles will prevent access to parts of the system
         * that are not appropriate to training management.
         */
        return $sql;
    }
    if (isUserInRole($data->officeadminrole)) {
        /* Restricted to.
         * Personal details for APPRAISALS only.
         */
        foreach ($parser->parsed['FROM'] as $table) {
            if ($table['table'] != "horizon_appraisal") {
                $parser->parsed['WHERE'][] = array("expr_type" => "colref", "base_expr" => $tablealias . ".member_id", "sub_tree" => "");
                $parser->parsed['WHERE'][] = array("expr_type" => "operator", "base_expr" => "=", "sub_tree" => "");
                $parser->parsed['WHERE'][] = array("expr_type" => "const", "base_expr" => getLoggedOnMemberID(), "sub_tree" => "");
            }
        }
    }
    if (isUserInRole($data->compliancerole)) {
        foreach ($parser->parsed['FROM'] as $table) {
            if ($table['table'] == "horizon_holiday") {
                /* Compliance don't restrict holidays */
                return $sql;
            }
        }
        /* Restricted to.
         * All technicians and team leaders.
         */
        $parser->parsed['WHERE'][] = array("expr_type" => "bracket_expression", "sub_tree" => array(array("expr_type" => "colref", "base_expr" => $tablealias . ".position", "sub_tree" => ""), array("expr_type" => "operator", "base_expr" => "=", "sub_tree" => ""), array("expr_type" => "const", "base_expr" => "'" . $data->technicianposition . "'", "sub_tree" => ""), array("expr_type" => "operator", "base_expr" => "OR", "sub_tree" => ""), array("expr_type" => "colref", "base_expr" => $tablealias . ".position", "sub_tree" => ""), array("expr_type" => "operator", "base_expr" => "=", "sub_tree" => ""), array("expr_type" => "const", "base_expr" => "'" . $data->teamleaderposition . "'", "sub_tree" => ""), array("expr_type" => "operator", "base_expr" => "OR", "sub_tree" => ""), array("expr_type" => "colref", "base_expr" => $tablealias . ".member_id", "sub_tree" => ""), array("expr_type" => "operator", "base_expr" => "=", "sub_tree" => ""), array("expr_type" => "const", "base_expr" => getLoggedOnMemberID(), "sub_tree" => "")));
    } else {
        if (isUserInRole($data->regionalservicemanagerrole)) {
            /* Restricted to.
             * All personnel and team leaders.
             */
            $parser->parsed['OPTIONS'][] = "DISTINCT";
            $parser->parsed['FROM'][] = array("expr_type" => "table", "table" => "horizon_userteams", "alias" => array("as" => "", "name" => "horizon_userteams", "base_expr" => "horizon_userteams"), "join_type" => "JOIN", "ref_type" => "ON", "ref_clause" => array(array("expr_type" => "colref", "base_expr" => "horizon_userteams.memberid", "sub_tree" => ""), array("expr_type" => "operator", "base_expr" => "=", "sub_tree" => ""), array("expr_type" => "colref", "base_expr" => getLoggedOnMemberID(), "sub_tree" => ""), array("expr_type" => "operator", "base_expr" => "OR", "sub_tree" => ""), array("expr_type" => "colref", "base_expr" => $tablealias . ".member_id", "sub_tree" => ""), array("expr_type" => "operator", "base_expr" => "=", "sub_tree" => ""), array("expr_type" => "const", "base_expr" => getLoggedOnMemberID(), "sub_tree" => "")));
            $parser->parsed['WHERE'][] = array("expr_type" => "bracket_expression", "sub_tree" => array(array("expr_type" => "colref", "base_expr" => "horizon_userteams.teamid", "sub_tree" => ""), array("expr_type" => "operator", "base_expr" => "=", "sub_tree" => ""), array("expr_type" => "const", "base_expr" => $tablealias . ".teamid", "sub_tree" => "")));
        } else {
            if (isUserInRole($data->officerole)) {
                $appraisal = false;
                foreach ($parser->parsed['FROM'] as $table) {
                    if ($table['table'] == "horizon_appraisal") {
                        /* Compliance don't restrict holidays */
                        $appraisal = true;
                    }
                }
                if (!$appraisal) {
                    return $sql;
                }
                /* Restricted to.
                 * All technicians and team leaders.
                 */
                $parser->parsed['WHERE'][] = array("expr_type" => "bracket_expression", "sub_tree" => array(array("expr_type" => "colref", "base_expr" => $tablealias . ".position", "sub_tree" => ""), array("expr_type" => "operator", "base_expr" => "=", "sub_tree" => ""), array("expr_type" => "const", "base_expr" => "'" . $data->technicianposition . "'", "sub_tree" => ""), array("expr_type" => "operator", "base_expr" => "OR", "sub_tree" => ""), array("expr_type" => "colref", "base_expr" => $tablealias . ".position", "sub_tree" => ""), array("expr_type" => "operator", "base_expr" => "=", "sub_tree" => ""), array("expr_type" => "const", "base_expr" => "'" . $data->teamleaderposition . "'", "sub_tree" => ""), array("expr_type" => "operator", "base_expr" => "OR", "sub_tree" => ""), array("expr_type" => "colref", "base_expr" => $tablealias . ".member_id", "sub_tree" => ""), array("expr_type" => "operator", "base_expr" => "=", "sub_tree" => ""), array("expr_type" => "const", "base_expr" => getLoggedOnMemberID(), "sub_tree" => "")));
            } else {
                if (isUserInRole($data->officemanagerrole)) {
                    /* Restricted to.
                     * All personnel and team leaders.
                     */
                    $parser->parsed['OPTIONS'][] = "DISTINCT";
                    $parser->parsed['FROM'][] = array("expr_type" => "table", "table" => "horizon_userroles", "alias" => array("as" => "", "name" => "horizon_userroles", "base_expr" => "horizon_userroles"), "join_type" => "JOIN", "ref_type" => "ON", "ref_clause" => array(array("expr_type" => "colref", "base_expr" => "horizon_userroles.memberid", "sub_tree" => ""), array("expr_type" => "operator", "base_expr" => "=", "sub_tree" => ""), array("expr_type" => "colref", "base_expr" => $tablealias . ".member_id", "sub_tree" => "")));
                    $parser->parsed['WHERE'][] = array("expr_type" => "bracket_expression", "sub_tree" => array(array("expr_type" => "colref", "base_expr" => "horizon_userroles.roleid", "sub_tree" => ""), array("expr_type" => "operator", "base_expr" => "=", "sub_tree" => ""), array("expr_type" => "const", "base_expr" => "'" . $data->officepersonnelrole . "'", "sub_tree" => "")));
                } else {
                    if (isUserInRole($data->teamleaderrole)) {
                        /* Restricted to.
                         * Team personnel and themselves.
                         */
                        $parser->parsed['WHERE'][] = array("expr_type" => "colref", "base_expr" => $tablealias . ".teamid", "sub_tree" => "");
                        $parser->parsed['WHERE'][] = array("expr_type" => "operator", "base_expr" => "=", "sub_tree" => "");
                        $parser->parsed['WHERE'][] = array("expr_type" => "const", "base_expr" => getLoggedOnTeamID(), "sub_tree" => "");
                    } else {
                        if (isUserInRole($data->areacoordinatorrole)) {
                            /* Restricted to.
                             * Team personnel and themselves.
                             */
                            $parser->parsed['WHERE'][] = array("expr_type" => "colref", "base_expr" => $tablealias . ".teamid", "sub_tree" => "");
                            $parser->parsed['WHERE'][] = array("expr_type" => "operator", "base_expr" => "=", "sub_tree" => "");
                            $parser->parsed['WHERE'][] = array("expr_type" => "const", "base_expr" => getLoggedOnTeamID(), "sub_tree" => "");
                        } else {
                            /* Restricted to.
                             * Technician Level 1 – Personal details.
                             */
                            $parser->parsed['WHERE'][] = array("expr_type" => "colref", "base_expr" => $tablealias . ".member_id", "sub_tree" => "");
                            $parser->parsed['WHERE'][] = array("expr_type" => "operator", "base_expr" => "=", "sub_tree" => "");
                            $parser->parsed['WHERE'][] = array("expr_type" => "const", "base_expr" => getLoggedOnMemberID(), "sub_tree" => "");
                        }
                    }
                }
            }
        }
    }
    $creator = new PHPSQLCreator($parser->parsed);
    $created = $creator->created;
    return $created;
}

Exemple #17

Fichier : activateaccount.php Projet : prodigyworks/Service-Call

<?php

include "system-header.php";
if (isset($_POST['user'])) {
    $guid = $_GET['key'];
    $login = $_POST['user'];
    $passwd = md5($_POST['password']);
    $qry = "SELECT * " . "FROM {$_SESSION['DB_PREFIX']}members " . "WHERE accepted = 'N' " . "AND login = '******' " . "AND passwd = '{$passwd}' " . "AND guid = '{$guid}'";
    $result = mysql_query($qry);
    if ($result) {
        while ($member = mysql_fetch_assoc($result)) {
            $memberid = $member['member_id'];
            $qry = "UPDATE {$_SESSION['DB_PREFIX']}members " . "SET accepted = 'Y', metamodifieddate = NOW(), metamodifieduserid = " . getLoggedOnMemberID() . " " . "WHERE member_id = {$memberid}";
            $itemresult = mysql_query($qry);
            if (!$itemresult) {
                logError($qry . " = " . mysql_error());
            }
            sendUserMessage($memberid, "User Registration", "Welcome to Oracle logs.<br>Your user registration has been accepted.");
            echo "<h4>Welcome to Oracle logs.<br>Your user registration has been accepted.</h4>";
        }
    }
} else {
    ?>
<form method="POST" id="activateform" name="activateform" class="entryform">
	<table>
		<tr>
			<td>Login</td>
			<td>
				<input required="true" type="text" id="user" name="user" />
			</td>
		</tr>

Exemple #18

Fichier : forgotpassword.php Projet : prodigyworks/Service-Call

    $result = mysql_query($qry);
    //Check whether the query was successful or not
    if ($result) {
        if (mysql_num_rows($result) == 1) {
            $member = mysql_fetch_assoc($result);
            $memberid = $member['member_id'];
            srand(time());
            for ($i = 0; $i < 10; $i++) {
                $random = rand() % 52;
                if ($random > 26) {
                    $random = $random - 26;
                    $random = $random + 32;
                }
                $word = $word . chr($random + 65);
            }
            $qry = "UPDATE {$_SESSION['DB_PREFIX']}members " . "SET passwd = '" . md5($word) . "', metamodifieddate = NOW(), metamodifieduserid = " . getLoggedOnMemberID() . " " . "WHERE member_id = {$memberid}";
            $result = mysql_query($qry);
            if (!$result) {
                logError("Error RESET PASSWORD:"******" - " . mysql_error());
            }
            $errmsg_arr[] = "An email has been sent with a reset password.";
            sendUserMessage($memberid, "Password reset", "Your password has been reset to {$word}.<br>Please contact your system administrator if you have any problems.");
            sendRoleMessage("ADMIN", "Password reset", "User {$login} has had the password reset to {$word}.");
        } else {
            $errmsg_arr[] = "Invalid user.";
        }
    } else {
        $errmsg_arr[] = "Invalid user.";
    }
}
$_SESSION['ERRMSG_ARR'] = $errmsg_arr;

Exemple #19

Fichier : manageorders.php Projet : prodigyworks/Coast-Guard

    public function postAddScriptEvent()
    {
        ?>
			$("#customerid").val("").trigger("change");
			$("#clientid").val("").trigger("change");
			$("#crudaddbutton").show();
			$("#revision").val("1");
			$("#deliverycharge").val("0.00");
			$("#discount").val("0.00");
			$("#total").val("0.00");
			$("#orderdate").val("<?php 
        echo date("d/m/Y");
        ?>
");
			$("#takenbyid").val("<?php 
        echo getLoggedOnMemberID();
        ?>
");
			$("#invoiceitemdialog input, #invoiceitemdialog select").removeAttr("disabled");
			itemArray = [];
			
			populateTable();
<?php 
    }

Exemple #20

Fichier : savepages.php Projet : prodigyworks/Service-Call

        $j33number = "";
        $casenumber = "";
        $parties = "";
        if (!$result) {
            logError("Error: " . mysql_error());
        }
        //Check whether the query was successful or not
        while ($member = mysql_fetch_assoc($result)) {
            $j33number = $member['j33number'];
            $casenumber = $member['casenumber'];
            $parties = $member['plaintiff'];
        }
        for ($ix = 0; $ix < count($_POST["notificationid"]); $ix++) {
            $description = "<h3>Typist Invoice Upload.</h3><table>";
            $description .= "<tr><td><b>J33 Number : </b></td><td>{$j33number}</td></tr>";
            $description .= "<tr><td><b>Case Number : </b></td><td>{$casenumber}</td></tr>";
            $description .= "<tr><td><b>Parties : </b></td><td>{$parties}</td></tr>";
            $description .= "<tr><td><b>Pages : </b></td><td>{$page}</td></tr>";
            $description .= "</table><h4>Invoice has been uploaded by " . GetUserName() . "</h4>";
            sendInternalUserMessage($_POST["notificationid"][$ix], "Typist Invoice", $description);
        }
    } else {
        $qry = "UPDATE {$_SESSION['DB_PREFIX']}typistinvoices SET " . "pages = {$page}, metamodifieddate = NOW(), metamodifieduserid = " . getLoggedOnMemberID() . " " . "WHERE id = {$pageid}";
        $result = mysql_query($qry);
        if (!$result) {
            logError($qry);
        }
    }
}
array_push($json, array("pages" => $totalpage));
echo json_encode($json);

Exemple #21

Fichier : match3.php Projet : prodigyworks/Coast-Guard

$ratepitchcondition = $_POST['ratepitchcondition'];
$rategoalsize = $_POST['rategoalsize'];
$ratechangingrooms = $_POST['ratechangingrooms'];
$complycodes = isset($_POST['complycodes']) && $_POST['complycodes'] == "on" ? 1 : 0;
$pitchsize = isset($_POST['pitchsize']) && $_POST['pitchsize'] == "on" ? 1 : 0;
$requiredbarriers = isset($_POST['requiredbarriers']) && $_POST['requiredbarriers'] == "on" ? 1 : 0;
$opponentids = isset($_POST['opponentids']) && $_POST['opponentids'] == "on" ? 1 : 0;
$refappointedbyleague = $_POST['refappointedbyleague'];
$refereeid = $_POST['refereeid'];
$referee = mysql_escape_string($_POST['refereeid_lazy']);
$division = mysql_escape_string($_POST['division']);
$refereescore = $_POST['refereescore'];
$remarks = mysql_escape_string($_POST['remarks']);
$refereeremarks = mysql_escape_string($_POST['refereeremarks']);
$teamid = getLoggedOnTeamID();
$memberid = getLoggedOnMemberID();
if ($refereeid == "") {
    $refereeid = 0;
}
if ($division == "") {
    $division = "X";
}
if ($oppositionid == "") {
    $oppositionid = 0;
}
if ($hometeamid == "") {
    $hometeamid = 0;
}
if ($leaguecup == "") {
    $leaguecup = "L";
}

Exemple #22

Fichier : savequoteitem.php Projet : prodigyworks/Coast-Guard

$quoteid = $_POST['quoteid'];
$id = $_POST['id'];
$qty = $_POST['qty'];
$unitprice = $_POST['unitprice'];
$vatrate = $_POST['vatrate'];
$vat = $_POST['vat'];
$total = $_POST['total'];
$productid = $_POST['productid'];
if ($id == "") {
    $qry = "INSERT INTO {$_SESSION['DB_PREFIX']}quoteitem " . "(quoteid, quantity, priceeach, vatrate, vat, linetotal, " . "productid, metacreateddate, metacreateduserid, metamodifieddate, metamodifieduserid) " . "VALUES " . "({$quoteid}, '{$qty}', '{$unitprice}', {$vatrate}, '{$vat}', {$total}, " . "'{$productid}', NOW(), " . getLoggedOnMemberID() . ", NOW(), " . getLoggedOnMemberID() . ")";
    $result = mysql_query($qry);
    if (!$result) {
        logError($qry . " - " . mysql_error());
    }
} else {
    $qry = "UPDATE {$_SESSION['DB_PREFIX']}quoteitems SET " . "quantity = '{$qty}', " . "priceeach = '{$unitprice}', " . "vatrate = '{$vatrate}', " . "vat = '{$vat}', " . "linetotal = {$total}, " . "productid = '{$productid}', metamodifieddate = NOW(), metamodifieduserid = " . getLoggedOnMemberID() . " " . "WHERE id = {$id}";
    $result = mysql_query($qry);
    if (!$result) {
        logError($qry . " - " . mysql_error());
    }
}
//	$qry = "UPDATE {$_SESSION['DB_PREFIX']}quotes SET " .
//			"total = (SELECT SUM(B.total) FROM {$_SESSION['DB_PREFIX']}quoteitems B WHERE B.quoteid = $quoteid), " .
//			"depositrequired = ((SELECT SUM(B.total) FROM {$_SESSION['DB_PREFIX']}quoteitems B WHERE B.quoteid = $quoteid)), metamodifieddate = NOW(), metamodifieduserid = " . getLoggedOnMemberID() . " " .
//			"WHERE id = $quoteid";
//	$result = mysql_query($qry);
//
//	if (! $result) {
//		logError($qry . " - " . mysql_error());
//	}
$qry = "SELECT A.*, B.description  " . "FROM {$_SESSION['DB_PREFIX']}quoteitems A " . "LEFT OUTER JOIN {$_SESSION['DB_PREFIX']}product B " . "ON B.id = A.productid " . "WHERE A.quoteid = {$quoteid} " . "ORDER BY A.id";

Exemple #23

Fichier : savequote.php Projet : prodigyworks/Coast-Guard

$total = $_POST['total'];
$paid = $_POST['paid'];
$toaddress = mysql_escape_string($_POST['toaddress']);
$deladdress = mysql_escape_string($_POST['deladdress']);
$ourref = mysql_escape_string($_POST['ourref']);
$yourref = mysql_escape_string($_POST['yourref']);
$termsid = $_POST['termsid'];
$contactid = $_POST['contactid'];
$officeid = $_POST['officeid'];
$depositamount = $_POST['depositamount'];
$na = $_POST['na'];
$qry = "INSERT INTO {$_SESSION['DB_PREFIX']}quotes " . "(caseid, quotenumber, paymentnumber, paid, shippinghandling, paymentdate, total, " . "toaddress, deladdress, termsid, contactid, createddate, officeid, ourref, yourref, depositrequired," . "description, na, metacreateddate, metacreateduserid, metamodifieddate, metamodifieduserid) " . "VALUES " . "({$caseid}, '{$quotenumber}', '{$paymentnumber}', '{$paid}', {$shippinghandling}, '{$paymentdate}', {$total}, " . "'{$toaddress}', '{$deladdress}', '{$termsid}', {$contactid}, '{$quotedate}', {$officeid}, '{$ourref}', '{$yourref}', {$depositamount}," . "'{$description}', '{$na}', NOW(), " . getLoggedOnMemberID() . ", NOW(), " . getLoggedOnMemberID() . ")";
$result = mysql_query($qry);
if (!$result) {
    if (mysql_errno() == 1062) {
        $qry = "UPDATE {$_SESSION['DB_PREFIX']}quotes SET " . "quotenumber = '{$quotenumber}', " . "paymentnumber = '{$paymentnumber}', " . "ourref = '{$ourref}', " . "yourref = '{$yourref}', " . "shippinghandling = '{$shippinghandling}', " . "paymentdate = '{$paymentdate}', " . "depositrequired = {$depositamount}, " . "createddate = '{$quotedate}', " . "paid = '{$paid}', " . "total = {$total}, " . "toaddress = '{$toaddress}', " . "description = '{$description}', " . "deladdress = '{$deladdress}', " . "na = '{$na}', " . "termsid = {$termsid}, " . "contactid = {$contactid}, " . "officeid = {$officeid}, metamodifieddate = NOW(), metamodifieduserid = " . getLoggedOnMemberID() . " " . "WHERE caseid = {$caseid}";
        $result = mysql_query($qry);
        if (!$result) {
            logError($qry . " - " . mysql_error());
        }
        addAuditLog("Q", "U", $caseid);
    } else {
        logError($qry . " - " . mysql_error());
    }
} else {
    $id = mysql_insert_id();
    addAuditLog("Q", "I", $caseid);
}
$qry = "SELECT id  " . "FROM {$_SESSION['DB_PREFIX']}quotes " . "WHERE caseid = {$caseid}";
$json = new SQLProcessToArray();
echo json_encode($json->fetch($qry));

Exemple #24

Fichier : crudcolumnsave.php Projet : prodigyworks/Service-Call

$result = mysql_query($qry);
if ($result) {
    while ($member = mysql_fetch_assoc($result)) {
        $headerid = $member['id'];
    }
}
if ($headerid == 0) {
    $result = mysql_query("INSERT INTO {$_SESSION['DB_PREFIX']}applicationtables " . "(pageid, memberid, metacreateddate, metacreateduserid, metamodifieddate, metamodifieduserid) " . "VALUES " . "({$pageid}, {$memberid}, NOW(), " . getLoggedOnMemberID() . ", NOW(), " . getLoggedOnMemberID() . ")");
    $headerid = mysql_insert_id();
    if (!$result) {
        logError("insert applicationtables:" . mysql_error());
    }
}
$qry = "SELECT A.id " . "FROM {$_SESSION['DB_PREFIX']}applicationtablecolumns A " . "WHERE A.headerid = {$headerid} " . "AND A.columnindex = {$column} ";
$result = mysql_query($qry);
if ($result) {
    while ($member = mysql_fetch_assoc($result)) {
        $itemid = $member['id'];
    }
}
if ($itemid == 0) {
    $result = mysql_query("INSERT INTO {$_SESSION['DB_PREFIX']}applicationtablecolumns " . "(headerid, columnindex, width, label, metacreateddate, metacreateduserid, metamodifieddate, metamodifieduserid) " . "VALUES " . "({$headerid}, {$column}, {$width}, '{$label}', NOW(), " . getLoggedOnMemberID() . ", NOW(), " . getLoggedOnMemberID() . ")");
    if (!$result) {
        logError("insert applicationtablecolumns:" . mysql_error());
    }
} else {
    $result = mysql_query("UPDATE {$_SESSION['DB_PREFIX']}applicationtablecolumns " . "SET width = {$width}, " . "label = '{$label}', metamodifieddate = NOW(), metamodifieduserid = " . getLoggedOnMemberID() . " " . "WHERE id = {$itemid}");
    if (!$result) {
        logError("insert applicationtablecolumns:" . mysql_error());
    }
}

Exemple #25

Fichier : addquotationdocument.php Projet : prodigyworks/Coast-Guard

<?php

//Include database connection details
require_once 'system-db.php';
start_db();
initialise_db();
$quotationid = $_GET['id'];
$memberid = getLoggedOnMemberID();
$qry = "SELECT A.id FROM {$_SESSION['DB_PREFIX']}documents A " . "WHERE A.sessionid = '" . session_id() . "' " . "AND A.id NOT IN (SELECT documentid FROM {$_SESSION['DB_PREFIX']}quotationdocs WHERE documentid = A.id) " . "ORDER BY A.id";
$result = mysql_query($qry);
if (!$result) {
    logError($qry . " = " . mysql_error());
}
while ($member = mysql_fetch_assoc($result)) {
    $qry = "INSERT INTO {$_SESSION['DB_PREFIX']}quotationdocs " . "(quoteid, documentid, createddate, metacreateddate, metacreateduserid, metamodifieddate, metamodifieduserid) " . "VALUES " . "({$quotationid}, " . $member['id'] . ", NOW(), NOW(), {$memberid}, NOW(), {$memberid})";
    $itemresult = mysql_query($qry);
    if (!$itemresult) {
        logError($qry . " = " . mysql_error());
    }
}
$qry = "UPDATE {$_SESSION['DB_PREFIX']}documents " . "SET sessionid = NULL, metamodifieddate = NOW(), metamodifieduserid = " . getLoggedOnMemberID() . " " . "WHERE sessionid = '" . session_id() . "'";
$result = mysql_query($qry);
if (!$result) {
    logError($qry . " = " . mysql_error());
}
if (isset($_GET['refer'])) {
    header("location: " . base64_decode($_GET['refer']));
} else {
    header("location: " . $_SERVER['HTTP_REFERER']);
}

Exemple #26

Fichier : removequoteitem.php Projet : prodigyworks/Coast-Guard

<?php

//Include database connection details
require_once 'system-db.php';
require_once "sqlprocesstoarray.php";
start_db();
$quoteid = $_POST['quoteid'];
$id = $_POST['id'];
$qry = "SELECT caseid " . "FROM {$_SESSION['DB_PREFIX']}quotes B " . "WHERE B.id = {$quoteid}";
$result = mysql_query($qry);
if ($result) {
    while ($member = mysql_fetch_assoc($result)) {
        $caseid = $member['caseid'];
        addAuditLog("Q", "U", $caseid);
    }
}
$qry = "DELETE FROM {$_SESSION['DB_PREFIX']}quoteitems " . "WHERE id = {$id}";
$result = mysql_query($qry);
if (!$result) {
    logError($qry . " - " . mysql_error());
}
$qry = "UPDATE {$_SESSION['DB_PREFIX']}quotes SET " . "total = (SELECT SUM(B.total) FROM {$_SESSION['DB_PREFIX']}quoteitems B WHERE B.quoteid = {$quoteid}), metamodifieddate = NOW(), metamodifieduserid = " . getLoggedOnMemberID() . " " . "WHERE id = {$quoteid}";
$result = mysql_query($qry);
if (!$result) {
    logError($qry . " - " . mysql_error());
}
$qry = "SELECT A.*, C.total AS headertotal, B.name  " . "FROM {$_SESSION['DB_PREFIX']}quoteitems A " . "INNER JOIN {$_SESSION['DB_PREFIX']}quotes C " . "ON C.id = A.quoteid " . "LEFT OUTER JOIN {$_SESSION['DB_PREFIX']}invoiceitemtemplates B " . "ON B.id = A.templateid " . "WHERE A.quoteid = {$quoteid} " . "ORDER BY A.id";
$json = new SQLProcessToArray();
echo json_encode($json->fetch($qry));

Exemple #27

Fichier : processorder.php Projet : prodigyworks/Coast-Guard

<?php

include "system-db.php";
start_db();
$siteid = getLoggedOnSiteID();
$takenbyid = getLoggedOnMemberID();
$sql = "INSERT INTO {$_SESSION['DB_PREFIX']}order \n\t\t\t(\n\t\t\t\tsiteid, orderdate, status, revision, takenbyid\n\t\t\t)\n\t\t\tVALUES\n\t\t\t(\n\t\t\t\t{$siteid}, CURDATE(), 0, 1, {$takenbyid}\n\t\t\t)";
$result = mysql_query($sql);
if (!$result) {
    logError($sql . " = " . mysql_error());
}
$orderid = mysql_insert_id();
for ($row = 0; $row < count($_POST['productid']); $row++) {
    $productid = $_POST['productid'][$row];
    $qty = $_POST['qty'][$row];
    if ($qty <= 0 || $productid == "" || $productid == "0") {
        continue;
    }
    $sql = "INSERT INTO {$_SESSION['DB_PREFIX']}frequentproducts \n\t\t\t\t(\n\t\t\t\t\tsiteid, productid, frequency\n\t\t\t\t)\n\t\t\t\tVALUES\n\t\t\t\t(\n\t\t\t\t\t{$siteid}, {$productid}, {$qty}\n\t\t\t\t)";
    $result = mysql_query($sql);
    if (mysql_errno() == 1062) {
        $sql = "UPDATE {$_SESSION['DB_PREFIX']}frequentproducts SET\n\t\t\t\t\tfrequency = frequency + {$qty}\n\t\t\t\t\tWHERE siteid = {$siteid}\n\t\t\t\t\tAND productid = {$productid}";
        $result = mysql_query($sql);
        if (!$result) {
            logError($sql . " = " . mysql_error());
        }
    } else {
        if (!$result) {
            logError($sql . " = " . mysql_error());
        }
    }

Exemple #28

Fichier : system-imageupload.php Projet : prodigyworks/Service-Call

     $tmpName = $_FILES['image']['tmp_name'];
     // Read the file
     $fp = fopen($tmpName, 'r');
     $image = fread($fp, filesize($tmpName));
     fclose($fp);
     // get the width and height
     $size = getimagesize($_FILES['image']['tmp_name']);
     $width = $size[0];
     $height = $size[1];
     $binimage = file_get_contents($_FILES['image']['tmp_name']);
     $image = mysql_real_escape_string($binimage);
     $filename = $_FILES['image']['name'];
     $description = $_POST['description'];
     $callback = $_POST['callback'];
     //	       mysql_real_escape_string
     $stmt = mysqli_prepare($link, "INSERT INTO {$_SESSION['DB_PREFIX']}images " . "(description, name, mimetype, image, imgwidth, imgheight, metacreateddate, metacreateduserid, metamodifieddate, metamodifieduserid) " . "VALUES " . "(?, ?, ?, ?, ?, ?, NOW(), " . getLoggedOnMemberID() . ", NOW(), " . getLoggedOnMemberID() . ")");
     if (!$stmt) {
         logError('mysqli error: ' . mysqli_error($link));
     }
     mysqli_stmt_bind_param($stmt, "ssssss", $description, $filename, $mimetype, $binimage, $width, $height);
     mysqli_stmt_execute($stmt);
     $imageid = $link->insert_id;
     header("location: " . $callback . "?imageid=" . $imageid);
     break;
 case 3:
 case 6:
 case 7:
 case 8:
     $result = "Error uploading {$filename}. Please try again.";
     break;
 case 4:

Exemple #29

Fichier : system-register-exec.php Projet : prodigyworks/Service-Call

    }
    $_SESSION['SESS_FIRST_NAME'] = $fname;
    $_SESSION['SESS_LAST_NAME'] = $lname;
    $_SESSION['SESS_IMAGE_ID'] = $imageid;
    $_SESSION['SESS_CUSTOMER_ID'] = $customerid;
    sendRoleMessage("ADMIN", "User Registration", "User " . $login . " has been registered as a user.<br>Password : "******"User Registration", "<h3>Welcome {$fname} {$lname}.</h3><br>You have been invited to become a member of 'iAfrica Database'.<br>Please click on the <a href='" . getSiteConfigData()->domainurl . "/index.php'>link</a> to activate your account.<br><br><h4>Login details</h4>User ID : {$login}<br>Password : "******"location: system-register-success.php");
    } else {
        logError("1 Query failed:" . mysql_error());
    }
} else {
    $memberid = $_GET['id'];
    $qry = "UPDATE {$_SESSION['DB_PREFIX']}members " . "SET email = '{$email}', " . "firstname = '{$fname}', " . "lastname = '{$lname}', " . "customerid = {$customerid}, " . "imageid = {$imageid}, " . "lastaccessdate = NOW(), ";
    if (isset($_POST['postcode'])) {
        $qry .= "postcode = '{$postcode}', ";
    }
    $qry .= "passwd = '" . md5($password) . "', metamodifieddate = NOW(), metamodifieduserid = " . getLoggedOnMemberID() . " " . "WHERE member_id = " . $_GET['id'];
    $result = mysql_query($qry);
    if (!$result) {
        logError("UPDATE members failed:" . mysql_error());
    }
    $_SESSION['SESS_FIRST_NAME'] = $fname;
    $_SESSION['SESS_LAST_NAME'] = $lname;
    $_SESSION['SESS_IMAGE_ID'] = $imageid;
    sendRoleMessage("ADMIN", "User Amendment", "<h3>User amendment.</h3><br>Your details have been amended by the System Administration.<br>Your password has been changed to: <i>{$password}</i>.");
    sendUserMessage($memberid, "User Amendment", "<h3>User amendment.</h3><br>Your details have been amended by the System Administration.<br>Your password has been changed to: <i>{$password}</i>.");
    header("location: system-register-amend.php");
}
//Check whether the query was successful or not

Exemple #30

Fichier : viewmessage.php Projet : prodigyworks/Service-Call

<?php

//Include database connection details
require_once "sqlprocesstoarray.php";
$json = new SQLProcessToArray();
$id = $_POST['id'];
$qry = "UPDATE {$_SESSION['DB_PREFIX']}messages SET status = 'R', metamodifieddate = NOW(), metamodifieduserid = " . getLoggedOnMemberID() . " WHERE id = {$id}";
$result = mysql_query($qry);
$qry = "SELECT COUNT(*) AS messages " . "FROM {$_SESSION['DB_PREFIX']}messages A " . "WHERE A.to_member_id = " . getLoggedOnMemberID() . " " . "AND status = 'N'";
echo json_encode($json->fetch($qry));