Exemple #1
 private function create_n_populate_tables()
     $sql = null;
     $result = null;
     // Create states table
     $sql = "CREATE TABLE states (STATE varchar(36), CODE varchar(2))";
     $result = sql_result($sql);
     echo "\"states\" table is created...<br />";
     // Populate states table
     $sql = "LOAD DATA\n                    LOCAL INFILE 'database/states.csv'\n                    INTO TABLE states\n                    FIELDS TERMINATED BY \",\" OPTIONALLY ENCLOSED BY '\"'\n                    LINES TERMINATED BY '\r\n'\n                    IGNORE 1 LINES";
     $result = sql_result($sql);
     echo "\"states\" table is populated...<br />";
     // Create country table
     $sql = "CREATE TABLE country (CODE varchar(3), NAME varchar(25))";
     $result = sql_result($sql);
     echo "\"country\" table is created...<br />";
     // Populate country table
     $sql = "LOAD DATA\n                    LOCAL INFILE 'database/country.csv'\n                    INTO TABLE country\n                    FIELDS TERMINATED BY \",\" OPTIONALLY ENCLOSED BY '\"'\n                    LINES TERMINATED BY '\r\n'\n                    IGNORE 1 LINES";
     $result = sql_result($sql);
     echo "\"country\" table is populated...<br />";
     // Create airports table
     $sql = "CREATE TABLE airports (CODE varchar(3), NAME varchar(32), CITY varchar(32), STATE varchar(2), COUNTRY varchar(2), X float, Y float)";
     $result = sql_result($sql);
     echo "\"airports\" table is created...<br />";
     // Populate airports table
     $sql = "LOAD DATA\n                    LOCAL INFILE 'database/airports.csv'\n                    INTO TABLE airports\n                    FIELDS TERMINATED BY \",\" OPTIONALLY ENCLOSED BY '\"'\n                    LINES TERMINATED BY '\r\n'\n                    IGNORE 1 LINES";
     $result = sql_result($sql);
     echo "\"airports\" table is populated...<br /><br />";
Exemple #2
function rr_delete()
    global $rr_table_name, $auto_update_ptr, $rr_active_types, $allow_ixfr;
    /* Load the SOA for this zone */
    $soa = sql_result(soa_select() . "WHERE id=" . (int) $_POST['zone'], "SOA record for zone {$_POST['zone']}");
    /* Get form vars */
    $rr = rr_post_vars($soa);
    if ($allow_ixfr) {
        sql_query("UPDATE {$rr_table_name} SET active='" . $rr_active_types[2] . "',serial=" . (int) next_serial($soa['serial']) . " WHERE id=" . (int) $rr['id']) or ErrSQL("Error marking record deleted " . (int) $rr['id'] . " from zone " . (int) $soa['id'] . ".");
    } else {
        /* Delete the resource record */
        sql_query("DELETE FROM {$rr_table_name} WHERE id=" . (int) $rr['id']) or ErrSQL("Error deleting record " . (int) $rr['id'] . " from zone " . (int) $soa['id'] . ".");
    /* Update serial number for zone if configured to do so */
    /* Do PTR record update if configured to do so */
    if ($auto_update_ptr) {
        if ($rr['type'] == "A") {
            $arpazone = ptr_create_soa($rr['data'], $name);
            ptr_delete_rr($arpazone, $name, $rr['name'], $soa['origin']);
Exemple #3
 $name_check = 0;
 $prequery = sql_pre_query("SELECT * FROM \"" . $Settings['sqltable'] . "groups\" WHERE \"id\"=%i LIMIT 1", array($_POST['id']));
 $preresult = sql_query($prequery, $SQLStat);
 $prenum = sql_num_rows($preresult);
 if ($prenum == 0) {
     redirect("location", $rbasedir . url_maker($exfile['admin'], $Settings['file_ext'], "act=view", $Settings['qstr'], $Settings['qsep'], $prexqstr['admin'], $exqstr['admin'], false));
     header("Content-Type: text/plain; charset=" . $Settings['charset']);
     $urlstatus = 302;
     gzip_page($Settings['use_gzip'], $GZipEncode['Type']);
 if ($prenum >= 1) {
     $OldGroupName = sql_result($preresult, 0, "Name");
     if ($_POST['GroupName'] != $OldGroupName) {
         $sql_name_check = sql_query(sql_pre_query("SELECT \"Name\" FROM \"" . $Settings['sqltable'] . "groups\" WHERE \"Name\"='%s'", array($_POST['GroupName'])), $SQLStat);
         $name_check = sql_num_rows($sql_name_check);
     $errorstr = "";
     if (!isset($_POST['PromotePosts'])) {
         $_POST['PromotePosts'] = 0;
     if ($_POST['PromotePosts'] == null || !is_numeric($_POST['PromotePosts'])) {
         $_POST['PromotePosts'] = 0;
     if (!isset($_POST['PromoteKarma'])) {
         $_POST['PromoteKarma'] = 0;
Exemple #4
 $bdresult = sql_query($bdquery, $SQLStat);
 $bdmembers = sql_num_rows($bdresult);
 $bdi = 0;
 if ($bdmembers > 0) {
     $bdstring = $bdmembers . " member(s) have a birthday today";
 if ($bdmembers <= 0) {
     $bdstring = "<div>&nbsp;</div>&nbsp;No members have a birthday today<div>&nbsp;</div>";
 while ($bdi < $bdmembers) {
     $bdmemberz = $bdmembers - 1;
     $birthday['ID'] = sql_result($bdresult, $bdi, "id");
     $birthday['Name'] = sql_result($bdresult, $bdi, "Name");
     $birthday['IP'] = sql_result($bdresult, $bdi, "IP");
     $birthday['BirthYear'] = sql_result($bdresult, $bdi, "BirthYear");
     $bdThisYear = GMTimeGet("Y", $_SESSION['UserTimeZone'], 0, $_SESSION['UserDST']);
     $birthday['Age'] = $bdThisYear - $birthday['BirthYear'];
     $bdMemTitle = null;
     if ($GroupInfo['HasAdminCP'] == "yes") {
         $bdMemTitle = " title=\"" . $birthday['IP'] . "\"";
     if ($bdi === 0) {
         $bdstring = $bdstring . "\n<br />&nbsp;";
     $bdMemURL = "<a" . $bdMemTitle . " href=\"" . url_maker($exfile['member'], $Settings['file_ext'], "act=view&id=" . $birthday['ID'], $Settings['qstr'], $Settings['qsep'], $prexqstr['member'], $exqstr['member']) . "\">" . $birthday['Name'] . "</a>";
     if ($bdi < $bdmemberz) {
         $bdstring = $bdstring . $bdMemURL . " (<span style=\"font-weight: bold;\">" . $birthday['Age'] . "</span>), ";
     if ($bdi == $bdmemberz) {
         $bdstring = $bdstring . $bdMemURL . " (<span style=\"font-weight: bold;\">" . $birthday['Age'] . "</span>)";
Exemple #5
    $EventsID[$EventDay] = $EventID;
$bdquery = sql_pre_query("SELECT * FROM \"" . $Settings['sqltable'] . "members\" WHERE \"BirthMonth\"=%i", array($MyMonth));
$bdresult = sql_query($bdquery, $SQLStat);
$bdnum = sql_num_rows($bdresult);
$bdi = 0;
while ($bdi < $bdnum) {
    $UserNamebd = sql_result($bdresult, $bdi, "Name");
    $BirthDay = sql_result($bdresult, $bdi, "BirthDay");
    $BirthMonth = sql_result($bdresult, $bdi, "BirthMonth");
    $BirthYear = sql_result($bdresult, $bdi, "BirthYear");
    $oldusername = $UserNamebd;
    $UserNamebd1 = pre_substr($UserNamebd, 0, 20);
    if (pre_strlen($UserNamebd) > 20) {
        $UserNamebd1 = $UserNamebd1 . "...";
    $UserNamebd = $UserNamebd1;
    if (!isset($EventsName[$BirthDay])) {
        $EventsName[$BirthDay] = null;
    if ($EventsName[$BirthDay] != null) {
        $EventsName[$BirthDay] .= ", <span title=\"" . $oldusername . "'s birthday.\">" . $UserNamebd1 . "</span>";
    if ($EventsName[$BirthDay] == null) {
        $EventsName[$BirthDay] = "<span title=\"" . $oldusername . "'s birthday.\">" . $UserNamebd1 . "</span>";
 if ($ForumType == "subforum") {
     $apcquery = sql_pre_query("SELECT * FROM \"" . $Settings['sqltable'] . "forums\" WHERE \"ShowForum\"='yes' AND \"InSubForum\"=%i" . $ForumIgnoreList2 . " ORDER BY \"OrderID\" ASC, \"id\" ASC", array($ForumID));
     $apcresult = sql_query($apcquery, $SQLStat);
     $apcnum = sql_num_rows($apcresult);
     $apci = 0;
     $apcl = 1;
     if ($apcnum >= 1) {
         while ($apci < $apcnum) {
             $NumsTopics = sql_result($apcresult, $apci, "NumTopics");
             $NumTopics = $NumsTopics + $NumTopics;
             $NumsPosts = sql_result($apcresult, $apci, "NumPosts");
             $NumPosts = $NumsPosts + $NumPosts;
             $SubsForumID = sql_result($apcresult, $apci, "id");
             $SubsForumName = sql_result($apcresult, $apci, "Name");
             $SubsForumType = sql_result($apcresult, $apci, "ForumType");
             $SubsForumShowTopics = sql_result($result, $i, "CanHaveTopics");
             if (isset($PermissionInfo['CanViewForum'][$SubsForumID]) && $PermissionInfo['CanViewForum'][$SubsForumID] == "yes") {
                 $ExStr = "";
                 if ($SubsForumType != "redirect" && $SubsForumShowTopics != "no") {
                     $ExStr = "&page=1";
                 $shownum = null;
                 if ($SubsForumType == "redirect") {
                     $shownum = "(" . $NumRedirects . " redirects)";
                 if ($SubsForumType != "redirect") {
                     $shownum = "(" . $NumsPosts . " posts)";
                 $sfurl = "<a href=\"";
                 $sfurl = url_maker($exfile[$SubsForumType], $Settings['file_ext'], "act=lowview&id=" . $SubsForumID . $ExStr, $Settings['qstr'], $Settings['qsep'], $prexqstr[$SubsForumType], $exqstr[$SubsForumType]);
                 $sfurl = "<li><ul style=\"list-style-type: none;\"><li><a href=\"" . $sfurl . "\">" . $SubsForumName . "</a><span style=\"color: gray; font-size: 10px;\">" . $shownum . "</span></li></ul></li>";
Exemple #7
     $Per2Error = true;
 $CatPermissionInfo['ID'][$PerCatID] = sql_result($per2esult, $per2i, "id");
 if (!is_numeric($CatPermissionInfo['ID'][$PerCatID])) {
     $Per2Error = true;
 $CatPermissionInfo['PermissionID'][$PerCatID] = sql_result($per2esult, $per2i, "PermissionID");
 if (!is_numeric($CatPermissionInfo['PermissionID'][$PerCatID])) {
     $Per2Error = true;
 $CatPermissionInfo['Name'][$PerCatID] = sql_result($per2esult, $per2i, "Name");
 $CatPermissionInfo['CategoryID'][$PerCatID] = sql_result($per2esult, $per2i, "CategoryID");
 if (!is_numeric($CatPermissionInfo['CategoryID'][$PerCatID])) {
     $Per2Error = true;
 $CatPermissionInfo['CanViewCategory'][$PerCatID] = sql_result($per2esult, $per2i, "CanViewCategory");
 if ($CatPermissionInfo['CanViewCategory'][$PerCatID] != "yes" && $CatPermissionInfo['CanViewCategory'][$PerCatID] != "no") {
     $Per2Error = true;
 if ($CatPermissionInfo['CanViewCategory'][$PerCatID] == "no") {
     if (strlen($CatIgnoreList1) > 1) {
         $CatIgnoreList1 .= " AND \"id\"<>" . $PerCatID;
     if (strlen($CatIgnoreList1) < 1) {
         $CatIgnoreList1 = " \"id\"<>" . $PerCatID;
     if (strlen($CatIgnoreList2) > 1) {
         $CatIgnoreList2 .= " AND \"id\"<>" . $PerCatID;
     if (strlen($CatIgnoreList2) < 1) {
         $CatIgnoreList2 = " AND \"id\"<>" . $PerCatID;
Exemple #8
            $themenum = count($themelist);
            $themei = 0;
            while ($themei < $themenum) {
                echo $themelist[$themei] . "\n";
    if ($Settings['SQLThemes'] == "on") {
        $sknquery = sql_pre_query("SELECT * FROM \"" . $Settings['sqltable'] . "themes\" ORDER BY \"id\" ASC, \"Name\" ASC", array(null));
        $sknresult = sql_query($sknquery, $SQLStat);
        $sknum = sql_num_rows($sknresult);
        $skni = 0;
        while ($skni < $sknum) {
            $ThemeInfo['Name'] = sql_result($sknresult, $skni, "Name");
            $ThemeInfo['ThemeName'] = sql_result($sknresult, $skni, "ThemeName");
            if ($Settings['DefaultTheme'] == $ThemeInfo['Name']) {
                echo "<option selected=\"selected\" value=\"" . $ThemeInfo['Name'] . "\">" . $ThemeInfo['ThemeName'] . "</option>\n";
            if ($Settings['DefaultTheme'] != $ThemeInfo['Name']) {
                echo "<option value=\"" . $ThemeInfo['Name'] . "\">" . $ThemeInfo['ThemeName'] . "</option>\n";
    if ($_GET['board'] == $Settings['root_board']) {
</tr><tr style="text-align: left;">
Exemple #9
<tr class="TableMenuRow4">
<td class="TableMenuColumn4">&nbsp;</td>
if ($_POST['act'] == "editmember" && $_POST['update'] == "now" && $_GET['act'] == "editmember" && ($_POST['id'] != "0" || $_POST['id'] != "-1")) {
    $ggidquery = sql_pre_query("SELECT * FROM \"" . $Settings['sqltable'] . "groups\" WHERE \"Name\"='%s' LIMIT 1", array($Settings['GuestGroup']));
    $ggidresult = sql_query($ggidquery, $SQLStat);
    $GuestGroupID = sql_result($ggidresult, 0, "id");
    $vgidquery = sql_pre_query("SELECT * FROM \"" . $Settings['sqltable'] . "groups\" WHERE \"Name\"='%s' LIMIT 1", array($Settings['ValidateGroup']));
    $vgidresult = sql_query($vgidquery, $SQLStat);
    $ValidateGroupID = sql_result($vgidresult, 0, "id");
    $DMemName = GetUserName($_POST['id'], $Settings['sqltable']);
    $DMemName = $DMemName['Name'];
    $_POST['MemName'] = stripcslashes(htmlspecialchars($_POST['MemName'], ENT_QUOTES, $Settings['charset']));
    //$_POST['MemName'] = preg_replace("/&amp;#(x[a-f0-9]+|[0-9]+);/i", "&#$1;", $_POST['MemName']);
    $_POST['MemName'] = remove_spaces($_POST['MemName']);
    $_POST['MemEmail'] = remove_spaces($_POST['MemEmail']);
    $username_check = null;
    if ($_POST['MemName'] != $DMemName) {
        $tquery = sql_pre_query("UPDATE \"" . $Settings['sqltable'] . "topics\" SET \"GuestName\"='%s' WHERE \"UserID\"=%i", array($_POST['MemName'], $_POST['id']));
        sql_query($tquery, $SQLStat);
        $r1query = sql_pre_query("UPDATE \"" . $Settings['sqltable'] . "posts\" SET \"GuestName\"='%s' WHERE \"UserID\"=%i", array($_POST['MemName'], $_POST['id']));
        sql_query($r1query, $SQLStat);
        $r2query = sql_pre_query("UPDATE \"" . $Settings['sqltable'] . "posts\" SET \"EditUserName\"='%s' WHERE \"EditUser\"=%i", array($_POST['MemName'], $_POST['id']));
        sql_query($r2query, $SQLStat);
Exemple #10
if ($numlog2 == 1) {
    $YourIDAM = sql_result($resultlog2, 0, "id");
    $YourNameAM = sql_result($resultlog2, 0, "Name");
    $YourGroupAM = sql_result($resultlog2, 0, "GroupID");
    $YourGroupIDAM = $YourGroupAM;
    $YourPassAM = sql_result($resultlog2, 0, "UserPassword");
    $gquery = sql_pre_query("SELECT * FROM \"" . $Settings['sqltable'] . "groups\" WHERE \"id\"=%i LIMIT 1", array($YourGroupAM));
    $gresult = sql_query($gquery, $SQLStat);
    $YourGroupAM = sql_result($gresult, 0, "Name");
    $BanError = null;
    $YourTimeZoneAM = sql_result($resultlog2, 0, "TimeZone");
    $UseThemeAM = sql_result($resultlog2, 0, "UseTheme");
    $YourDSTAM = sql_result($resultlog2, 0, "DST");
    $YourLastPostTime = sql_result($resultlog2, 0, "LastPostTime");
    $YourBanTime = sql_result($resultlog2, 0, "BanTime");
    $CGMTime = GMTimeStamp();
    if ($YourBanTime != 0 && $YourBanTime != null) {
        if ($YourBanTime >= $CGMTime) {
            $BanError = "yes";
        if ($YourBanTime < 0) {
            $BanError = "yes";
    $NewDay = GMTimeStamp();
    if ($BanError != "yes") {
        $queryup = sql_pre_query("UPDATE \"" . $Settings['sqltable'] . "members\" SET \"LastActive\"=%i,\"IP\"='%s' WHERE \"id\"=%i", array($NewDay, $NewIP, $YourIDAM));
        $_SESSION['Theme'] = $UseThemeAM;
Exemple #11
		<td><b>Avg time</b></td>
		<td><b>Total time</b></td>
		<td><b>W/M Requests</b></td>
		<td><b>W/M Avg time</b></td>
		<td><b>W/M Total time</b></td>
		<td><b>W/M %</b></td>
$prfResult = sql_query("SELECT SUM(`prfTime`) FROM `profiler`");
$totalTime = sql_result($prfResult);
if ($totalTime == 0) {
    $totalTime = 1;
$prfResult = sql_query("SELECT SUM(`prfWMTime`) FROM `profiler`");
$totalTimeWM = sql_result($prfResult);
if ($totalTimeWM == 0) {
    $totalTimeWM = 1;
$prfResult = sql_query("SELECT * FROM `profiler` ORDER BY `prfTime` DESC");
while ($prfData = sql_next($prfResult)) {
    if ($prfData["prfCount"] == 0) {
        $prfData["prfCount"] = 1;
    if ($prfData["prfWMCount"] == 0) {
        $prfData["prfWMCount"] = 1;
    if (strpos($prfData["prfPage"], "(bot)") !== false) {
        $prfData["prfPage"] = '<span class="error">' . $prfData["prfPage"] . '</span>';
Exemple #12
<div style="width: 100%; height: 160px; overflow: auto;">
<table style="width: 100%; text-align: center;"><?php 
    $renee_query = sql_pre_query("SELECT * FROM \"" . $Settings['sqltable'] . "smileys\" WHERE \"Display\"='yes'", array(null));
    $renee_result = sql_query($renee_query, $SQLStat);
    $renee_num = sql_num_rows($renee_result);
    $renee_s = 0;
    $SmileRow = 0;
    $SmileCRow = 0;
    while ($renee_s < $renee_num) {
        $FileName = sql_result($renee_result, $renee_s, "FileName");
        $SmileName = sql_result($renee_result, $renee_s, "SmileName");
        $SmileText = sql_result($renee_result, $renee_s, "SmileText");
        $SmileDirectory = sql_result($renee_result, $renee_s, "Directory");
        $ShowSmile = sql_result($renee_result, $renee_s, "Display");
        $ReplaceType = sql_result($renee_result, $renee_s, "ReplaceCI");
        if ($SmileRow == 1) {
        if ($SmileRow < 5) {
	<td><img src="<?php 
            echo $SmileDirectory . "" . $FileName;
" style="vertical-align: middle; border: 0px; cursor: pointer;" title="<?php 
            echo $SmileName;
" alt="<?php 
Exemple #13
if (!isset($SetupDir['setup'])) {
    $SetupDir['setup'] = "setup/";
if (!isset($SetupDir['convert'])) {
    $SetupDir['convert'] = "setup/convert/";
$query = sql_pre_query("ALTER DATABASE \"" . $_POST['DatabaseName'] . "\" DEFAULT CHARACTER SET " . $Settings['sql_charset'] . " COLLATE " . $Settings['sql_collate'] . ";", array(null));
sql_query($query, $SQLStat);
if (isset($Settings['sql_storage_engine'])) {
    $result = sql_query(sql_pre_query("SHOW ENGINES;", array(null)), $SQLStat);
    $num = sql_num_rows($result);
    $i = 0;
    $SQLEngines = null;
    while ($i < $num) {
        $SQLEngines[$i] = sql_result($result, $i, "Engine");
    if (!in_array($Settings['sql_storage_engine'], $SQLEngines)) {
        $Settings['sql_storage_engine'] = "MyISAM";
if (!isset($Settings['sql_storage_engine'])) {
    $Settings['sql_storage_engine'] = "MyISAM";
// You can set this to MyISAM or Maria/Aria
if ($Settings['sql_storage_engine'] == "CSV") {
    $SQLStorageEngine = "CSV";
if ($Settings['sql_storage_engine'] == "Maria") {
    $SQLStorageEngine = "Maria";
Exemple #14
function load_danhmuc_option()
    $sql_load_cat = "select * from danh_muc ORDER BY cat_id";
    $kq_load_cat = sql_result($sql_load_cat);
    //echo $sql_load_cat;
    while ($row = mysql_fetch_array($kq_load_cat, MYSQL_ASSOC)) {
        if ($row['cat_id_cha'] == 0) {
            echo "<option value='" . $row['cat_id'] . "'>" . $row['cat_name'] . "</option>";
        } else {
            echo "<option style='background-color:yellow;' disabled value='" . $row['cat_id'] . "'>" . $row['cat_name'] . "</option>";
Exemple #15
    //echo $kt_kichhoat;
    if (isset($kt_validate) && $status == "NO") {
        if ($time_ex < $time_current) {
            $sql_update_status = "update xacnhan set Status='YES' where ID='{$id_kh}'";
            $kq_update_status = sql_result($sql_update_status);
            echo "<br/>Kích hoạt thành công. Sẽ quay lại trang chủ trong 5 giây.";
            //Set Cookie
            $username = get_value_dk('thanhvien', 'ID', $id_kh, 'Username');
            setcookie("name", $username, time() + 86400);
            echo "<meta http-equiv='refresh' content='5;url=index.php'>";
        } else {
            echo "\t\t<br/>KÍCH HOẠT THẤT BẠI vì:<br/>\n\t\t\t- Link kích hoạt đã hết hạn. !<br/>";
            echo "<br/>Sẽ quay lại trang chủ trong 5 giây.";
            $sql_delete_thanhvien = "delete from thanhvien where ID='{$id_kh}'";
            $kq_delete_thanhvien = sql_result($sql_delete_thanhvien);
            echo "<meta http-equiv='refresh' content='5;url=index.php'>";
    } else {
        echo "\t\t<br/>KHÔNG THỂ XÁC NHẬN EMAIL NÀY VÌ:<br/>\n\t\t- Email này đã được kích hoạt!<br/>\n\t\t- Email và mã kích hoạt không trùng khớp!<br/>";
} else {


include "right.php";
include "footer.php";
Exemple #16
     $RWholeWord = "no";
 if ($RWholeWord != "yes" || $RWholeWord != "no") {
     $RWholeWord = "no";
 $RestrictedEventName = sql_result($lonewolfrt, $lonewolfs, "RestrictedEventName");
 if ($RestrictedEventName == "on") {
     $RestrictedEventName = "yes";
 if ($RestrictedEventName == "off") {
     $RestrictedEventName = "no";
 if ($RestrictedEventName != "yes" || $RestrictedEventName != "no") {
     $RestrictedEventName = "no";
 $RestrictedUserName = sql_result($lonewolfrt, $lonewolfs, "RestrictedUserName");
 if ($RestrictedUserName == "on") {
     $RestrictedUserName = "******";
 if ($RestrictedUserName == "off") {
     $RestrictedUserName = "******";
 if ($RestrictedUserName != "yes" || $RestrictedUserName != "no") {
     $RestrictedUserName = "******";
 $RWord = preg_quote($RWord, "/");
 if ($RCaseInsensitive != "yes" && $RWholeWord == "yes") {
     if ($RestrictedEventName == "yes") {
         $RMatches = preg_match("/\\b(" . $RWord . ")\\b/", $_POST['EventName']);
         if ($RMatches == true) {
             break 1;
Exemple #17
 function getContent($type)
     $query = 'SELECT scontent FROM ' . sql_table('skin') . " WHERE sdesc={$this->id} and stype='" . sql_real_escape_string($type) . "'";
     $res = sql_query($query);
     if (sql_num_rows($res) == 0) {
         return '';
     } else {
         return sql_result($res, 0, 0);
Exemple #18
 $MyDescription = text2icons($MyDescription, $Settings['sqltable'], $SQLStat);
 $MyDescription = preg_replace("/\\<br\\>/", "<br />", nl2br($MyDescription));
 $MyDescription = url2link($MyDescription);
 if (isset($GroupNamePrefix) && $GroupNamePrefix != null) {
     $UsersName = $GroupNamePrefix . $UsersName;
 if (isset($GroupNameSuffix) && $GroupNameSuffix != null) {
     $UsersName = $UsersName . $GroupNameSuffix;
 $TheTime = sql_result($result, $i, "TimeStamp");
 $AtomTime = GMTimeChange("Y-m-d\\TH:i:s\\Z", $TheTime, 0);
 $OldRSSTime = $AtomTime;
 $TheTime = GMTimeChange("D, j M Y G:i:s \\G\\M\\T", $TheTime, 0);
 $TopicName = sql_result($result, $i, "TopicName");
 $ForumDescription = sql_result($result, $i, "Description");
 if (isset($PermissionInfo['CanViewForum'][$ForumID]) && $PermissionInfo['CanViewForum'][$ForumID] == "yes" && isset($CatPermissionInfo['CanViewCategory'][$CategoryID]) && $CatPermissionInfo['CanViewCategory'][$CategoryID] == "yes") {
     if ($_GET['feedtype'] == "atom") {
         $CDataDescription = "<![CDATA[\n" . $MyDescription . "\n]]>";
         $Atom .= '<entry>' . "\n" . '<title>' . $TopicName . '</title>' . "\n" . '<summary>' . $CDataDescription . '</summary>' . "\n" . '<link rel="alternate" href="' . $BoardURL . url_maker($exfilerss['topic'], $Settings['file_ext'], "act=view&id=" . $TopicID . "&page=1", $Settings['qstr'], $Settings['qsep'], $prexqstrrss['topic'], $exqstrrss['topic']) . '" />' . "\n" . '<id>' . $BoardURL . url_maker($exfilerss['topic'], $Settings['file_ext'], "act=view&id=" . $TopicID . "&page=1", $Settings['qstr'], $Settings['qsep'], $prexqstrrss['topic'], $exqstrrss['topic']) . '</id>' . "\n" . '<author>' . "\n" . '<name>' . $UsersName . '</name>' . "\n" . '</author>' . "\n" . '<updated>' . $AtomTime . '</updated>' . "\n" . '</entry>' . "\n";
     if ($_GET['feedtype'] == "oldrss") {
         $CDataDescription = "<![CDATA[\n" . $MyDescription . "\n]]>";
         $PreRSS .= '      <rdf:li rdf:resource="' . $BoardURL . url_maker($exfilerss['topic'], $Settings['file_ext'], "act=view&id=" . $TopicID . "&page=1", $Settings['qstr'], $Settings['qsep'], $prexqstrrss['topic'], $exqstrrss['topic']) . '" />' . "\n";
         $RSS .= '<item rdf:about="' . $BoardURL . url_maker($exfilerss['topic'], $Settings['file_ext'], "act=view&id=" . $TopicID . "&page=1", $Settings['qstr'], $Settings['qsep'], $prexqstrrss['topic'], $exqstrrss['topic']) . '">' . "\n" . '<title>' . $TopicName . '</title>' . "\n" . '<description>' . $CDataDescription . '</description>' . "\n" . '<dc:publisher>' . $UsersName . '</dc:publisher>' . "\n" . '<dc:creator>' . $UsersName . '</dc:creator>' . "\n" . '<dc:date>' . $OldRSSTime . '</dc:date>' . "\n" . '</item>' . "\n";
     if ($_GET['feedtype'] == "rss") {
         $CDataDescription = "<![CDATA[\n" . $MyDescription . "\n]]>";
         $RSS .= '<item>' . "\n" . '<pubDate>' . $TheTime . '</pubDate>' . "\n" . '<author>' . $UsersName . '</author>' . "\n" . '<title>' . $TopicName . '</title>' . "\n" . '<description>' . $CDataDescription . '</description>' . "\n" . '<link>' . $BoardURL . url_maker($exfilerss['topic'], $Settings['file_ext'], "act=view&id=" . $TopicID . "&page=1", $Settings['qstr'], $Settings['qsep'], $prexqstrrss['topic'], $exqstrrss['topic']) . '</link>' . "\n" . '<guid>' . $BoardURL . url_maker($exfilerss['topic'], $Settings['file_ext'], "act=view&id=" . $TopicID . "&page=1", $Settings['qstr'], $Settings['qsep'], $prexqstrrss['topic'], $exqstrrss['topic']) . '</guid>' . "\n" . '</item>' . "\n";
Exemple #19
                echo "</td></tr>";
                echo "<tr>";
                echo "<td><p>Tựa đề: </p></td><td>" . $title_rv;
                echo "</td></tr>";
                echo "<tr>";
                //		echo "<td><p>Nội dung tin: </p></td><td>".$content_rv."</td>";
                echo "</tr>";
                echo "<tr>";
                echo "<td><p>Khoản giá: </p></td><td>" . $price_range_name;
                echo "</td></tr>";
                echo "</table>";
                echo "</div>";
                $sql_insert_duyet = "insert into duyet_rv values('{$id_rv}','','{$date_rv}','pending')";
                //echo $sql_insert_duyet;
                $kq_insert_duyet = sql_result($sql_insert_duyet);
            } else {
                echo "<br/>ĐĂNG TIN RAO VẶT THẤT BẠI!";
                echo "<a href='dangtin_raovat.php'>Trở lại</a>";
            //IF KIEM TRA THUC THI SQL
    } else {
Exemple #20
        redirect("refresh", $rbasedir . url_maker($exfile['admin'], $Settings['file_ext'], "act=view&menu=categories", $Settings['qstr'], $Settings['qsep'], $prexqstr['admin'], $exqstr['admin'], FALSE), "4");
        $prequery = sql_pre_query("SELECT * FROM \"" . $Settings['sqltable'] . "catpermissions\" WHERE \"id\"=%i LIMIT 1", array($_POST['permid']));
        $preresult = sql_query($prequery, $SQLStat);
        $prenum = sql_num_rows($preresult);
        if ($prenum == 0) {
            redirect("location", $rbasedir . url_maker($exfile['admin'], $Settings['file_ext'], "act=view", $Settings['qstr'], $Settings['qsep'], $prexqstr['admin'], $exqstr['admin'], false));
            header("Content-Type: text/plain; charset=" . $Settings['charset']);
            $urlstatus = 302;
            gzip_page($Settings['use_gzip'], $GZipEncode['Type']);
        if ($prenum >= 1) {
            $PermissionName = sql_result($preresult, 0, "Name");
        //$nextidnum = sql_get_next_id($Settings['sqltable'],"catpermissions",$SQLStat);
        $query = sql_pre_query("INSERT INTO \"" . $Settings['sqltable'] . "catpermissions\" (\"PermissionID\", \"Name\", \"CategoryID\", \"CanViewCategory\") VALUES\n" . "(%i, '%s', %i, '%s')", array($_POST['permid'], $PermissionName, $_POST['id'], $_POST['CanViewCategory']));
        sql_query($query, $SQLStat);
$doupdate = false;
if (isset($_POST['id']) && $_POST['subact'] == "editnow") {
    $doupdate = true;
if (isset($_POST['id']) && isset($_POST['permid']) && $_POST['subact'] == "makenow") {
    $doupdate = true;
if ($_POST['act'] == "addcategory" && $_POST['update'] == "now" && $_GET['act'] == "addcategory") {
Exemple #21
 function getSkinContent($pageType, $skinID)
     $skinID = intval($skinID);
     $pageType = addslashes($pageType);
     $query = 'SELECT scontent ' . 'FROM %s ' . 'WHERE sdesc = %d ' . 'AND   stype = %d';
     $query = sprintf($query, sql_table('skin'), $skinID, $pageType);
     $res = sql_query($query);
     if (sql_num_rows($res) == 0) {
         return '';
     } else {
         return sql_result($res, 0, 0);
 $TForumID = sql_result($result, $i, "ForumID");
 $OldForumID = sql_result($result, $i, "OldForumID");
 $UsersID = sql_result($result, $i, "UserID");
 $GuestsName = sql_result($result, $i, "GuestName");
 $TheTime = sql_result($result, $i, "TimeStamp");
 $TheTime = GMTimeChange($_SESSION['iDBDateFormat'] . ", " . $_SESSION['iDBTimeFormat'], $TheTime, $_SESSION['UserTimeZone'], 0, $_SESSION['UserDST']);
 $NumReply = sql_result($result, $i, "NumReply");
 $NumberPosts = $NumReply + 1;
 $prepagelist = null;
 if (!isset($Settings['max_posts'])) {
     $Settings['max_posts'] = 10;
 $TopicName = sql_result($result, $i, "TopicName");
 $TopicDescription = sql_result($result, $i, "Description");
 $PinnedTopic = sql_result($result, $i, "Pinned");
 $TopicStat = sql_result($result, $i, "Closed");
 $PreTopic = null;
 if ($PinnedTopic > 2) {
     $PinnedTopic = 1;
 if ($PinnedTopic < 0) {
     $PinnedTopic = 0;
 if (!is_numeric($PinnedTopic)) {
     $PinnedTopic = 0;
 if ($TopicStat > 3) {
     $TopicStat = 1;
 if ($TopicStat < 0) {
     $TopicStat = 0;
Exemple #23
  * Returns true if member is an admin for the given blog
  * (returns false if not a team member)
 function isBlogAdmin($blogid)
     $query = 'SELECT tadmin FROM ' . sql_table('team') . ' WHERE' . ' tblog=' . intval($blogid) . ' and tmember=' . $this->getID();
     $res = sql_query($query);
     if (sql_num_rows($res) == 0) {
         return 0;
     } else {
         return sql_result($res, 0, 0) == 1;
Exemple #24
    $requery = sql_pre_query("SELECT * FROM \"" . $Settings['sqltable'] . "members\" WHERE \"Name\"='%s'", array($_POST['SendMessageTo']));
    $reresult = sql_query($requery, $SQLStat);
    $renum = sql_num_rows($reresult);
    $rei = 0;
    while ($rei < $renum) {
        $SendMessageToID = sql_result($reresult, $rei, "id");
        $SendToGroupID = sql_result($reresult, $rei, "GroupID");
        $gquery = sql_pre_query("SELECT * FROM \"" . $Settings['sqltable'] . "groups\" WHERE \"id\"=%i", array($SendToGroupID));
        $gresult = sql_query($gquery, $SQLStat);
        $SendUserCanPM = sql_result($gresult, 0, "CanPM");
        $SendUserCanPM = strtolower($SendUserCanPM);
        if ($SendUserCanPM != "yes" && $SendUserCanPM != "no") {
            $SendUserCanPM = "no";
    if ($renum == 0) {
        $Error = "Yes";
	<td><span class="TableMessage">
	<br />Cound not find users name.<br />
Exemple #25
     $User1Name = sql_result($reresult, $rei, "Name");
     $User1IP = sql_result($reresult, $rei, "IP");
     if ($User1IP == $MyPostIP) {
         $ipshow = "one";
     $User1Email = sql_result($reresult, $rei, "Email");
     $User1Title = sql_result($reresult, $rei, "Title");
     $User1Joined = sql_result($reresult, $rei, "Joined");
     $User1Joined = GMTimeChange($_SESSION['iDBDateFormat'], $User1Joined, $_SESSION['UserTimeZone'], 0, $_SESSION['UserDST']);
     $User1Hidden = sql_result($reresult, $rei, "HiddenMember");
     $User1GroupID = sql_result($reresult, $rei, "GroupID");
     $gquery = sql_pre_query("SELECT * FROM \"" . $Settings['sqltable'] . "groups\" WHERE \"id\"=%i LIMIT 1", array($User1GroupID));
     $gresult = sql_query($gquery, $SQLStat);
     $User1Group = sql_result($gresult, 0, "Name");
     $GroupNamePrefix = sql_result($gresult, 0, "NamePrefix");
     $GroupNameSuffix = sql_result($gresult, 0, "NameSuffix");
 if ($User1CanUseBBags1 == "yes") {
     $MyPost = bbcode_parser($MyPost);
 if ($User1CanExecPHP == "no") {
     $MyPost = preg_replace("/\\[ExecPHP\\](.*?)\\[\\/ExecPHP\\]/is", "<span style=\"color: red; font-weight: bold;\">ERROR:</span> cannot execute php code.", $MyPost);
 if ($User1CanExecPHP == "yes") {
     $MyPost = php_execute($MyPost);
 if ($User1CanDoHTML1 == "no") {
     $MyPost = preg_replace("/\\[DoHTML\\](.*?)\\[\\/DoHTML\\]/is", "<span style=\"color: red; font-weight: bold;\">ERROR:</span> cannot execute html.", $MyPost);
 if ($User1CanDoHTML1 == "yes") {
Exemple #26
$telephone = $_POST['dk_tel'];
$address = $_POST['dk_address'];
$join = date("Y-m-d");
if (isset($_POST['dk_username'])) {
    $sql_insert_thanhvien = "Insert into thanhvien (ID, Ten, Username, Password, Email, Sex, Telephone, Address, Join_date) values('{$id}', '{$ten}','{$username}','{$pw}','{$email}','{$sex}','{$telephone}','{$address}','{$join}')";
    //echo $sql_insert_thanhvien;
    $kq_insert_thanhvien = sql_result($sql_insert_thanhvien);
    if ($kq_insert_thanhvien) {
        echo "<div style='margin-left:50px;margin-top:30px;text-align:center;float:left;'>";
        echo "Một email có chứa liên kết xác nhận đã được gửi đến email: <b>{$email}</b>,\n\t\t\t\t<br>Bạn vui lòng truy cập hộp thư để hoàn tất thủ tục đăng ký trở thành thành viên của CẦN THƠ NEW";
        echo "</div>";
        $validate_code = tao_ma_validate();
        $ex_time = strtotime($join . "+1 day");
        $sql_insert_validate = "Insert into xacnhan (ID,Code,Ex_time,Status) values ('{$id}','{$validate_code}','{$ex_time}','NO')";
        //echo $sql_insert_validate;
        $kq_insert_validate = sql_result($sql_insert_validate);
        gui_mail_validate($email, $validate_code);
    } else {
        echo "THẤT BẠI!";

include "right.php";
include "footer.php";
Exemple #27
    if ($_POST['update'] == "now") {
        if ($_POST['act'] == "userinfo" && $_SESSION['UserGroup'] != $Settings['GuestGroup']) {
            $query = sql_pre_query("SELECT * FROM \"" . $Settings['sqltable'] . "members\" WHERE \"id\"=%i LIMIT 1", array($_SESSION['UserID']));
            $result = sql_query($query, $SQLStat);
            $num = sql_num_rows($result);
            $i = 0;
            $OldPassword = sql_result($result, $i, "UserPassword");
            $OldHashType = sql_result($result, $i, "HashType");
            $OldJoined = sql_result($result, $i, "Joined");
            $OldSalt = sql_result($result, $i, "Salt");
            $UpdateHash = false;
            if ($OldHashType == "ODFH") {
                $YourPassword = PassHash2x($_POST['OldPass']);
            if ($OldHashType == "IPB2") {
                $YourPassword = hash2xkey($_POST['OldPass'], $OldSalt);
            if ($OldHashType == "DF4H") {
                $YourPassword = b64e_hmac($_POST['OldPass'], $OldJoined, $OldSalt, "sha1");
            if ($OldHashType == "iDBH2") {
                $YourPassword = b64e_hmac($_POST['OldPass'], $OldJoined, $OldSalt, "md2");
            if ($OldHashType == "iDBH4") {
                $YourPassword = b64e_hmac($_POST['OldPass'], $OldJoined, $OldSalt, "md4");
Exemple #28
     if ($_SESSION['UserGroup'] == $Settings['GuestGroup']) {
         $User1Name = $_POST['GuestName'];
     $User1Email = sql_result($reresult, $rei, "Email");
     $User1Title = sql_result($reresult, $rei, "Title");
     $User1GroupID = sql_result($reresult, $rei, "GroupID");
     $PostCount = sql_result($reresult, $rei, "PostCount");
     if ($PostCountAdd == "on") {
         $NewPostCount = $PostCount + 1;
     if (!isset($NewPostCount)) {
         $NewPostCount = $PostCount;
     $gquery = sql_pre_query("SELECT * FROM \"" . $Settings['sqltable'] . "groups\" WHERE \"id\"=%i LIMIT 1", array($User1GroupID));
     $gresult = sql_query($gquery, $SQLStat);
     $User1Group = sql_result($gresult, 0, "Name");
     $User1IP = $_SERVER['REMOTE_ADDR'];
 $query = sql_pre_query("INSERT INTO \"" . $Settings['sqltable'] . "topics\" (\"PollID\", \"ForumID\", \"CategoryID\", \"OldForumID\", \"OldCategoryID\", \"UserID\", \"GuestName\", \"TimeStamp\", \"LastUpdate\", \"TopicName\", \"Description\", \"NumReply\", \"NumViews\", \"Pinned\", \"Closed\") VALUES\n" . "(0, %i, %i, %i, %i, %i, '%s', %i, %i, '%s', '%s', 0, 0, 0, 0)", array($ForumID, $ForumCatID, $ForumID, $ForumCatID, $User1ID, $User1Name, $LastActive, $LastActive, $_POST['TopicName'], $_POST['TopicDesc']));
 sql_query($query, $SQLStat);
 $topicid = sql_get_next_id($Settings['sqltable'], "topics", $SQLStat);
 $query = sql_pre_query("INSERT INTO \"" . $Settings['sqltable'] . "posts\" (\"TopicID\", \"ForumID\", \"CategoryID\", \"UserID\", \"GuestName\", \"TimeStamp\", \"LastUpdate\", \"EditUser\", \"EditUserName\", \"Post\", \"Description\", \"IP\", \"EditIP\") VALUES\n" . "(" . $topicid . ", %i, %i, %i, '%s', %i, %i, 0, '', '%s', '%s', '%s', '0')", array($ForumID, $ForumCatID, $User1ID, $User1Name, $LastActive, $LastActive, $_POST['TopicPost'], $_POST['TopicDesc'], $User1IP));
 sql_query($query, $SQLStat);
 $postid = sql_get_next_id($Settings['sqltable'], "posts", $SQLStat);
 $_SESSION['LastPostTime'] = GMTimeStamp() + $GroupInfo['FloodControl'];
 if ($User1ID != 0 && $User1ID != -1) {
     $queryupd = sql_pre_query("UPDATE \"" . $Settings['sqltable'] . "members\" SET \"LastActive\"=%i,\"IP\"='%s',\"PostCount\"=%i,\"LastPostTime\"=%i WHERE \"id\"=%i", array($LastActive, $User1IP, $NewPostCount, $_SESSION['LastPostTime'], $User1ID));
     sql_query($queryupd, $SQLStat);
Exemple #29
 if ($UsersName == "Guest") {
     $UsersName = $GuestsName;
     if ($UsersName == null) {
         $UsersName = "Guest";
 if ($PermissionInfo['CanViewForum'][$ForumID] == "yes" && $CatPermissionInfo['CanViewCategory'][$CategoryID] == "yes" && $TopicStat >= 0 && $TopicStat < 3 || $PermissionInfo['CanViewForum'][$ForumID] == "yes" && $CatPermissionInfo['CanViewCategory'][$CategoryID] == "yes" && $PermissionInfo['CanModForum'][$ForumID] == "yes" && $TopicStat == 3) {
     $LastReply = "&nbsp;<br />&nbsp;";
     $glrquery = sql_pre_query("SELECT * FROM \"" . $Settings['sqltable'] . "posts\" WHERE \"TopicID\"=%i ORDER BY \"TimeStamp\" DESC LIMIT 1", array($TopicID));
     $glrresult = sql_query($glrquery, $SQLStat);
     $glrnum = sql_num_rows($glrresult);
     if ($glrnum > 0) {
         $ReplyID1 = sql_result($glrresult, 0, "id");
         $UsersID1 = sql_result($glrresult, 0, "UserID");
         $GuestsName1 = sql_result($glrresult, 0, "GuestName");
         $TimeStamp1 = sql_result($glrresult, 0, "TimeStamp");
         $TimeStamp1 = GMTimeChange($_SESSION['iDBDateFormat'] . ", " . $_SESSION['iDBTimeFormat'], $TimeStamp1, $_SESSION['UserTimeZone'], 0, $_SESSION['UserDST']);
         $PreUsersName1 = GetUserName($UsersID1, $Settings['sqltable'], $SQLStat);
         if ($PreUsersName1['Name'] === null) {
             $UsersID1 = -1;
             $PreUsersName1 = GetUserName($UsersID1, $Settings['sqltable'], $SQLStat);
         $UsersName1 = $PreUsersName1['Name'];
         $UsersHidden1 = $PreUsersName1['Hidden'];
     $NumPages = null;
     $NumRPosts = $NumReply + 1;
     if (!isset($Settings['max_posts'])) {
         $Settings['max_posts'] = 10;
     if ($NumRPosts > $Settings['max_posts']) {
Exemple #30
 $gltnum = count($gltf);
 $glti = 0;
 $OldUpdateTime = 0;
 $UseThisFonum = null;
 if ($ForumType == "subforum") {
     while ($glti < $gltnum) {
         $ExtraIgnores = null;
         if ($PermissionInfo['CanModForum'][$gltf[$glti]] == "no") {
             $ExtraIgnores = " AND \"Closed\"<>3";
         $gltfoquery = sql_pre_query("SELECT * FROM \"" . $Settings['sqltable'] . "topics\" WHERE \"ForumID\"=%i" . $ExtraIgnores . " ORDER BY \"LastUpdate\" DESC LIMIT 1", array($gltf[$glti]));
         $gltforesult = sql_query($gltfoquery, $SQLStat);
         $gltfonum = sql_num_rows($gltforesult);
         if ($gltfonum > 0) {
             $NewUpdateTime = sql_result($gltforesult, 0, "LastUpdate");
             if ($NewUpdateTime > $OldUpdateTime) {
                 $UseThisFonum = $gltf[$glti];
                 $OldUpdateTime = $NewUpdateTime;
 $shownum = null;
 if ($ForumType == "redirect") {
     $shownum = "(" . $NumRedirects . " redirects)";
 if ($ForumType != "redirect") {
     $shownum = "(" . $NumPosts . " posts)";