function addBook($query) { $db = new Database(); if ($db->error()) { echo $db->error(); } else { $db->query($query); } }
/** * @param $query * @param $h Database * @param int $resultless * @throws Exception */ function __construct($query, &$h, $resultless = 0) { $this->parent = $h; $this->query = $query; $this->q = mysql_query($query, $this->parent->dbh); if (!$this->q) { throw new Exception($this->parent->error()); } }
private function getUserValues($arrayUser) { $uname = $arrayUser["username"]; $upass = $arrayUser["password"]; $email = $arrayUser["email"]; $time = time(); $db = new Database(); $query = "INSERT INTO users(user_name,user_password_hash,user_email,user_registration_datetime) VALUES('{$uname}','{$upass}','{$email}',{$time})"; $db->query($query); if ($db->error()) { echo $db->error(); } else { header("Location: /"); } }
public function set_new_two_way($accountId, $secret) { /* Controleren of de gebruiker rechten heeft. */ if (Permission::has('panel_account_two_way')) { /* Update query uitvoeren om de secret in te stellen. */ $update = Database::query("UPDATE customer SET secret = '" . Database::escape($secret) . "' WHERE id = " . Database::escape($accountId)); /* Kijken of de query is gelukt. */ if ($update) { /* Secret instellen zodat de two-way geactiveerd is in de huidige sessie. */ $_SESSION['login']['secret'] = true; } else { /* Query ging fout, geef foutmelding terug. */ throw new Exception(Database::error()); } } }
/** * Get recent posts * * Returns an array of all recent posts, given a certain posts amount. * * @param int $amount Number of posts to get (defaults to 10). * @param int $offset How many posts to skip. * @return array Array of {@link Post} instances of all recent posts. */ function getRecentPosts($amount = '%', $offset = 0) { // default amount from setting if ($amount == '%') { $amount = $this->getSetting('recent_count'); } // db query $sql = 'SELECT `postid`, `time`, `content`, `comments_count` ' . 'FROM `+posts` ' . 'WHERE 1 ' . 'ORDER BY `postid` DESC ' . 'LIMIT ' . ($offset + 0) . ',' . ($amount + 0); $q = $this->db->query($sql) or $this->displayError('site->getRecentPosts', $this->db->error()); $recent = array(); while ($postdata = $this->db->fetch_assoc($q)) { $post = new Post($this); $post->fetch_from_array($postdata); $recent[] = $post; } // while return $recent; }
$stmt = "SELECT Title, Contents FROM _posts WHERE Post_ID = ?"; $types = "i"; $array_of_binds = array($post_id); $result = $db->fetch($stmt, $types, $array_of_binds); if ($result !== false) { $title = $result[0]['Title']; $contents = $result[0]['Contents']; $something_wrong = false; } // Form the site, according to whether one is logged or not $navbar = "<a class='blog-nav-item' href='index.php'>Home</a>"; $navbar .= "<a class='blog-nav-item' href='addpost.php'>Add Post</a>"; $navbar .= "<a class='blog-nav-item' href='logout.php'>Logout</a>"; // Form main content if ($something_wrong) { $main = $db->error(); } else { $main = ' <div class="col-sm-8 blog-main"> <form id="form-addpost" class="form-signin" action="editpost_submit.php" method="post"> <h2 class="form-signin-heading">Edit Post</h2> <label for="title" class="sr-only">Title</label> <input value=' . $title . ' id="title" class="form-control" name="title" placeholder="Title of the post" maxlength="255" required autofocus> <p>The title can only contain a maximum of 255 characters.</p> <label for="contents" class="sr-only">Contents</label> <textarea id="contents" class="form-control" name="contents" placeholder="Contents of the post" required>' . $contents . '</textarea> <p>Github Markdown formatting is supported. Check this <a href="https://guides.github.com/features/mastering-markdown/">link</a> for details.</p> <input type="hidden" name="form_token" value="<?php echo $form_token; ?>" /> <input type="hidden" name="post_id" value="<?php echo $post_id; ?>" /> <button id="form-submit" class="btn btn-lg btn-primary btn-block" type="submit">Edit Post</button> </form>
$message = "An error has occured. Please try again."; } else { $user_id = $_SESSION['user_id']; $title = $_POST['title']; $contents = $_POST['contents']; $db = new Database(); $stmt = "INSERT INTO _posts (User_ID, Title, Contents) VALUES (?, ?, ?)"; $types = "sss"; $array_of_binds = array($user_id, $title, $contents); if ($db->query($stmt, $types, $array_of_binds)) { $something_wrong = false; header('refresh: 3; url = index.php'); $message = "Post has been successfully added!"; $message .= "<br /> <a href='index.php'>Click here if you are not redirected.</a>"; } else { $message = $db->error(); } } if ($something_wrong) { $message .= "<br /> <a href='addpost.php'>Re-add post</a>"; } // Form the navbar $navbar = "<a class='blog-nav-item' href='index.php'>Home</a>"; $navbar .= "<a class='blog-nav-item active' href='addpost.php'>Add Post</a>"; $navbar .= "<a class='blog-nav-item' href='logout.php'>Logout</a>"; ?> <!DOCTYPE html> <html lang='en'> <head> <meta charset='utf-8'>
public static function pay_subscription($subscription_id, $month, $account_from, $finish_month = false) { /* Pak de rekeningnummer van CityPark. */ $account_to = Config::$bank_account; /* Haal de maand prijs op en vermenigvuldig dit met $month. */ $amount = $month * Settings::get('citypark_subscription_month_cost'); /* Kijken of we de laatste paar dagen moeten berekenen. */ if ($finish_month) { /* Haal totaal aantal dagen op van deze maand. */ $days_in_month = Date('t'); /* Bereken het resterende aantal dagen op van deze maand. */ $days = $days_in_month - Date('j'); /* Bereken de kosten van 1 dag deze maand. */ $amount_one_day = $amount / $days_in_month; /* Bereken de kosten van de overgebleven dagen. */ $amount_left = $amount_one_day * $days; /* Rond het getal af omhoog, en replace een eventuele komma met een punt. */ $amount = str_replace(',', '.', round($amount_left, 2, PHP_ROUND_HALF_UP)); } /* Kijken of de transactie is gelukt. */ if (Bank_api::transfer($amount, $account_from, $account_to)) { /* Succesvol overgemaakt, update query maken. */ $update = Database::query("UPDATE subscription SET last_paid = NOW() WHERE sub_number = " . Database::escape($subscription_id)); /* Kijken of de query is gelukt. */ if ($update) { /* Customer ID ophalen. */ $select = Database::query("SELECT customer_id FROM subscription WHERE sub_number = " . Database::escape($subscription_id) . " LIMIT 1"); /* Kijken of de select query gelukt is. */ if ($select) { /* Haal de customer ID op. */ $cid = $select->fetch_object()->customer_id; /* Probeer onderstaande. */ try { /* Nieuw invoice object aanmaken. */ $invoice = new Invoice(); /* Nieuw factuur aanmaken. */ $invoice_id = $invoice->new_invoice($cid); /* Factuur regel aanmaken. */ /* $amount bevat in dit geval de prijs wat er betaald is. */ $invoice->add_item('Abonnement kosten', 'Van ' . Date('d-m-Y') . ' tot ' . Date('t-m-Y') . '.', '1', $amount); /* Factuur als betaald instellen. */ $invoice->set_paid(); } catch (Exception $e) { /* Er ging wat fout bij het aanmaken van het factuur. */ throw new Exception($e->getMessage()); } /* Return een true. */ return true; } else { /* Foutmelding. */ throw new Exception('Er ging wat fout bij het ophalen van uw gegevens voor het factuur.<br />' . Database::error()); } } else { /* Query is gefaalt, gooi foutmelding. */ throw new Exception('Er ging wat fout bij het updaten van de betaling in de database.<br />' . Database::error()); } } else { /* Kon niet overmaken. */ return false; } }
function error($message) { if ($this->debug) { $message = $this->error(pg_last_error($this->link_id)); } parent::error($message); }
public static function remove_solo($id, $pid) { /* Permissie check. */ if (Permission::has('operator_permission_edit')) { /* Escape ID. */ $id = Database::escape($id); /* Escape permission id. */ $pid = Database::escape($pid); /* Select query. */ $select = Database::query("SELECT id FROM permission_customer_has WHERE customer_id = " . $id . " AND permission_id = " . $pid . " LIMIT 1"); /* Kijken of query gelukt is. */ if ($select) { /* Kijken of het item bestaat. */ if ($select->num_rows != 0) { /* Delete query */ $delete = Database::query("DELETE FROM permission_customer_has WHERE customer_id = " . $id . " AND permission_id = " . $pid . " LIMIT 1"); /* Delete check */ if (!$delete) { /* Foutmelding. */ throw new Exception('Er ging wat fout bij het verwijderen van de recht.<Br />' . Database::error()); } } else { /* Bestaat niet. */ throw new Exception('De recht die u wenst te verijderen bestaat niet.'); } } else { /* Foutmelding. */ throw new Exception('Er ging wat fout bij de controle.<br />' . Database::error()); } } else { /* Geen rechten. */ throw new Exception('U heeft niet de bevoegdheden om rechten toe te mogen voegen,'); } }
/** * Import the aicc object (as a result from the parse_config_files function) into the database structure * @param string Unique course code * @return bool Returns -1 on error */ function import_aicc($course_code) { $course_id = api_get_course_int_id(); if ($this->debug > 0) { error_log('New LP - In aicc::import_aicc('.$course_code.')', 0); } // Get table names. $new_lp = 'lp'; $new_lp_item = 'lp_item'; // The previous method wasn't safe to get the database name, so do it manually with the course_code. $sql = "SELECT * FROM ".Database::get_main_table(TABLE_MAIN_COURSE)." WHERE code='$course_code'"; $res = Database::query($sql); if (Database::num_rows($res) < 1) { error_log('New LP - Database for '.$course_code.' not found '.__FILE__.' '.__LINE__, 0); return -1; } $row = Database::fetch_array($res); $new_lp = Database::get_course_table(TABLE_LP_MAIN); $new_lp_item = Database::get_course_table(TABLE_LP_ITEM); $get_max = "SELECT MAX(display_order) FROM $new_lp WHERE c_id = $course_id"; $res_max = Database::query($get_max); if (Database::num_rows($res_max) < 1) { $dsp = 1; } else { $row = Database::fetch_array($res_max); $dsp = $row[0] + 1; } $this->config_encoding = "ISO-8859-1"; // TODO: We may apply detection for this value, see the function api_detect_encoding(). $sql = "INSERT INTO $new_lp (c_id, lp_type, name, ref, description, path, force_commit, default_view_mod, default_encoding, js_lib, content_maker,display_order)" . "VALUES " . "($course_id, 3, '".$this->course_title."', '".$this->course_id."','".$this->course_description."'," . "'".$this->subdir."', 0, 'embedded', '".$this->config_encoding."'," . "'aicc_api.php','".$this->course_creator."',$dsp)"; if ($this->debug > 2) { error_log('New LP - In import_aicc(), inserting path: '. $sql, 0); } $res = Database::query($sql); $lp_id = Database::insert_id(); $this->lp_id = $lp_id; api_item_property_update(api_get_course_info($course_code), TOOL_LEARNPATH, $this->lp_id, 'LearnpathAdded', api_get_user_id()); api_item_property_update(api_get_course_info($course_code), TOOL_LEARNPATH, $this->lp_id, 'visible', api_get_user_id()); $previous = 0; foreach ($this->aulist as $identifier => $dummy) { $oAu =& $this->aulist[$identifier]; //echo "Item ".$oAu->identifier; $field_add = ''; $value_add = ''; if (!empty($oAu->masteryscore)) { $field_add = 'mastery_score, '; $value_add = $oAu->masteryscore.','; } $title = $oAu->identifier; if (is_object($this->deslist[$identifier])) { $title = $this->deslist[$identifier]->title; } $path = $oAu->path; //$max_score = $oAu->max_score // TODO: Check if special constraint exists for this item. //$min_score = $oAu->min_score // TODO: Check if special constraint exists for this item. $parent = 0; // TODO: Deal with the parent. $previous = 0; $prereq = $oAu->prereq_string; //$previous = (!empty($this->au_order_list_new_id[x]) ? $this->au_order_list_new_id[x] : 0); // TODO: Deal with the previous. $sql_item = "INSERT INTO $new_lp_item (c_id, lp_id,item_type,ref,title, path,min_score,max_score, $field_add parent_item_id,previous_item_id,next_item_id, prerequisite,display_order) " . "VALUES " . "($course_id, $lp_id, 'au','".$oAu->identifier."','".$title."'," . "'$path',0,100, $value_add" . "$parent, $previous, 0, " . "'$prereq', 0" . ")"; $res_item = Database::query($sql_item); if ($this->debug > 1) { error_log('New LP - In aicc::import_aicc() - inserting item : '.$sql_item.' : '.Database::error(), 0); } $item_id = Database::insert_id(); // Now update previous item to change next_item_id. if ($previous != 0) { $upd = "UPDATE $new_lp_item SET next_item_id = $item_id WHERE c_id = $course_id AND id = $previous"; $upd_res = Database::query($upd); // Update the previous item id. } $previous = $item_id; } }
/** * Displays step 3 - a form where the user can enter the installation settings * regarding the databases - login and password, names, prefixes, single * or multiple databases, tracking or not... */ function display_database_settings_form($installType, $dbHostForm, $dbUsernameForm, $dbPassForm, $dbPrefixForm, $enableTrackingForm, $singleDbForm, $dbNameForm, $dbStatsForm, $dbScormForm, $dbUserForm) { if ($installType == 'update') { global $_configuration, $update_from_version_6; if (in_array($_POST['old_version'], $update_from_version_6)) { $dbHostForm = get_config_param('dbHost'); $dbUsernameForm = get_config_param('dbLogin'); $dbPassForm = get_config_param('dbPass'); $dbPrefixForm = get_config_param('dbNamePrefix'); $enableTrackingForm = get_config_param('is_trackingEnabled'); $singleDbForm = get_config_param('singleDbEnabled'); $dbHostForm = get_config_param('mainDbName'); $dbStatsForm = get_config_param('statsDbName'); $dbScormForm = get_config_param('scormDbName'); $dbUserForm = get_config_param('user_personal_database'); $dbScormExists = true; } else { $dbHostForm = $_configuration['db_host']; $dbUsernameForm = $_configuration['db_user']; $dbPassForm = $_configuration['db_password']; $dbPrefixForm = $_configuration['db_prefix']; $enableTrackingForm = $_configuration['tracking_enabled']; $singleDbForm = $_configuration['single_database']; $dbNameForm = $_configuration['main_database']; $dbStatsForm = $_configuration['statistics_database']; $dbScormForm = $_configuration['scorm_database']; $dbUserForm = $_configuration['user_personal_database']; $dbScormExists = true; } if (empty($dbScormForm)) { if ($singleDbForm) { $dbScormForm = $dbNameForm; } else { $dbScormForm = $dbPrefixForm.'scorm'; $dbScormExists = false; } } if (empty($dbUserForm)) { $dbUserForm = $singleDbForm ? $dbNameForm : $dbPrefixForm.'chamilo_user'; } echo '<div class="RequirementHeading"><h2>' . display_step_sequence() .get_lang('DBSetting') . '</h2></div>'; echo '<div class="RequirementContent">'; echo get_lang('DBSettingUpgradeIntro'); echo '</div>'; } else { if (empty($dbPrefixForm)) { //make sure there is a default value for db prefix $dbPrefixForm = ''; } echo '<div class="RequirementHeading"><h2>' . display_step_sequence() .get_lang('DBSetting') . '</h2></div>'; echo '<div class="RequirementContent">'; echo get_lang('DBSettingIntro'); echo '</div>'; } ?> </td> </tr> <tr> <td> <table class="data_table_no_border"> <tr> <td width="40%"><?php echo get_lang('DBHost'); ?> </td> <?php if ($installType == 'update'): ?> <td width="30%"><input type="hidden" name="dbHostForm" value="<?php echo htmlentities($dbHostForm); ?>" /><?php echo $dbHostForm; ?></td> <td width="30%"> </td> <?php else: ?> <td width="30%"><input type="text" size="25" maxlength="50" name="dbHostForm" value="<?php echo htmlentities($dbHostForm); ?>" /></td> <td width="30%"><?php echo get_lang('EG').' localhost'; ?></td> <?php endif; ?> </tr> <tr> <?php //database user username $example_login = get_lang('EG').' root'; display_database_parameter($installType, get_lang('DBLogin'), 'dbUsernameForm', $dbUsernameForm, $example_login); //database user password $example_password = get_lang('EG').' '.api_generate_password(); display_database_parameter($installType, get_lang('DBPassword'), 'dbPassForm', $dbPassForm, $example_password); echo '<input type="hidden" name="enableTrackingForm" value="1" />'; $style = ''; if ($installType == INSTALL_TYPE_UPDATE) { $style = ''; } //Database Name fix replace weird chars if ($installType != INSTALL_TYPE_UPDATE) { $dbNameForm = str_replace(array('-','*', '$', ' ', '.'), '', $dbNameForm); $dbNameForm = replace_dangerous_char($dbNameForm); } display_database_parameter($installType, get_lang('MainDB'), 'dbNameForm', $dbNameForm, ' ', null, 'id="optional_param1" '.$style); //Only for updates we show this options if ($installType == INSTALL_TYPE_UPDATE) { display_database_parameter($installType, get_lang('StatDB'), 'dbStatsForm', $dbStatsForm, ' ', null, 'id="optional_param2" '.$style); if ($installType == INSTALL_TYPE_UPDATE && in_array($_POST['old_version'], $update_from_version_6)) { display_database_parameter($installType, get_lang('ScormDB'), 'dbScormForm', $dbScormForm, ' ', null, 'id="optional_param3" '.$style); } display_database_parameter($installType, get_lang('UserDB'), 'dbUserForm', $dbUserForm, ' ', null, 'id="optional_param4" '.$style); } ?> <tr> <td></td> <td> <button type="submit" class="btn" name="step3" value="<?php echo get_lang('CheckDatabaseConnection'); ?>" > <?php echo get_lang('CheckDatabaseConnection'); ?></button> </td> </tr> <tr> <td> <?php $dbConnect = test_db_connect($dbHostForm, $dbUsernameForm, $dbPassForm, $singleDbForm, $dbPrefixForm, $dbNameForm); $database_exists_text = ''; if (database_exists($dbNameForm)) { $database_exists_text = '<div class="warning-message">'.get_lang('ADatabaseWithTheSameNameAlreadyExists').'</div>'; } else { if ($dbConnect == -1) { $database_exists_text = '<div class="warning-message">'.sprintf(get_lang('UserXCantHaveAccessInTheDatabaseX'), $dbUsernameForm, $dbNameForm).'</div>'; } else { //Try to create the database $user_can_create_databases = false; $multipleDbCheck = @Database::query("CREATE DATABASE ".mysql_real_escape_string($dbNameForm)); if ($multipleDbCheck !== false) { $multipleDbCheck = @Database::query("DROP DATABASE IF EXISTS ".mysql_real_escape_string($dbNameForm)); $user_can_create_databases = true; } if ($user_can_create_databases) { $database_exists_text = '<div class="normal-message">'.sprintf(get_lang('DatabaseXWillBeCreated'), $dbNameForm, $dbUsernameForm).'</div>'; } else { $dbConnect = 0; $database_exists_text = '<div class="warning-message">'.sprintf(get_lang('DatabaseXCantBeCreatedUserXDoestHaveEnoughPermissions'), $dbNameForm, $dbUsernameForm).'</div>'; } } } if ($dbConnect == 1): ?> <td colspan="2"> <?php echo $database_exists_text ?> <div id="db_status" class="confirmation-message"> Database host: <strong><?php echo Database::get_host_info(); ?></strong><br /> Database server version: <strong><?php echo Database::get_server_info(); ?></strong><br /> Database client version: <strong><?php echo Database::get_client_info(); ?></strong><br /> Database protocol version: <strong><?php echo Database::get_proto_info(); ?></strong> <div style="clear:both;"></div> </div> </td> <?php else: ?> <td colspan="2"> <?php echo $database_exists_text ?> <div id="db_status" style="float:left;" class="error-message"> <div style="float:left;"> <strong><?php echo get_lang('FailedConectionDatabase'); ?></strong><br /> <strong>Database error: <?php echo Database::errno(); ?></strong><br /> <?php echo Database::error().'<br />'; ?> </div> </div> </td> <?php endif; ?> </tr> <tr> <td> <button type="submit" name="step2" class="back" value="< <?php echo get_lang('Previous'); ?>" ><?php echo get_lang('Previous'); ?></button> </td> <td> </td> <td align="right"> <input type="hidden" name="is_executable" id="is_executable" value="-" /> <?php if ($dbConnect == 1) { ?> <button type="submit" class="btn next" name="step4" value="<?php echo get_lang('Next'); ?> >" /><?php echo get_lang('Next'); ?></button> <?php } else { ?> <button disabled="disabled" type="submit" class="btn next disabled" name="step4" value="<?php echo get_lang('Next'); ?> >" /><?php echo get_lang('Next'); ?></button> <?php } ?> </td> </tr> </table> <?php }
public static function operator_show($id) { /* Permission check. */ if (Permission::has('operator_subscription_list')) { /* ID Escapen. */ $id = Database::escape($id); /* Select query. */ $select = Database::query("SELECT c.username, c.email, c.secret, c.active, UNIX_TIMESTAMP(c.register_date) AS register_date, ci.* FROM customer AS c INNER JOIN customer_info AS ci ON ci.customer_id = c.id WHERE c.id = " . $id); /* Query controle. */ if ($select) { /* Kijken of er een result is. */ if ($select->num_rows != 0) { /* Return het object. */ return $select->fetch_object(); } else { /* Geen rows. */ throw new Exception('De geselecteerde abonnee bestaat niet (meer).'); } } else { /* Foutmelding. */ throw new Exception('Er ging wat fout bij het ophalen van de abonnee gegevens.' . Database::error()); } } else { /* Geen rechten. */ throw new Exception('U heeft geen rechten om alle abonnees te mogen bekijken.'); } }
function WSCreateUserPasswordCrypted($params) { global $_user, $_configuration, $debug; if ($debug) { error_log('WSCreateUserPasswordCrypted'); } if ($debug) { error_log(print_r($params, 1)); } if (!WSHelperVerifyKey($params)) { return return_error(WS_ERROR_SECRET_KEY); } // Database table definition. $table_user = Database::get_main_table(TABLE_MAIN_USER); $result = array(); $orig_user_id_value = array(); $password = $params['password']; $encrypt_method = $params['encrypt_method']; $firstName = $params['firstname']; $lastName = $params['lastname']; $status = $params['status']; $email = $params['email']; $loginName = $params['loginname']; $official_code = $params['official_code']; $language = ''; $phone = ''; $picture_uri = ''; $auth_source = PLATFORM_AUTH_SOURCE; $expiration_date = '0000-00-00 00:00:00'; $active = 1; $hr_dept_id = 0; $extra = null; $original_user_id_name = $params['original_user_id_name']; $original_user_id_value = $params['original_user_id_value']; $orig_user_id_value[] = $params['original_user_id_value']; $extra_list = $params['extra']; if (!empty($_configuration['password_encryption'])) { if ($_configuration['password_encryption'] === $encrypt_method) { if ($encrypt_method == 'md5' && !preg_match('/^[A-Fa-f0-9]{32}$/', $password)) { $msg = "Encryption {$encrypt_method} is invalid"; if ($debug) { error_log($msg); } return $msg; } else { if ($encrypt_method == 'sha1' && !preg_match('/^[A-Fa-f0-9]{40}$/', $password)) { $msg = "Encryption {$encrypt_method} is invalid"; if ($debug) { error_log($msg); } return $msg; } } } else { $msg = "This encryption {$encrypt_method} is not configured"; if ($debug) { error_log($msg); } return $msg; } } else { $msg = 'The chamilo setting $_configuration["password_encryption"] is not configured'; if ($debug) { error_log($msg); } return $msg; } if (!empty($params['language'])) { $language = $params['language']; } if (!empty($params['phone'])) { $phone = $params['phone']; } if (!empty($params['expiration_date'])) { $expiration_date = $params['expiration_date']; } // Check whether x_user_id exists into user_field_values table. $user_id = UserManager::get_user_id_from_original_id($original_user_id_value, $original_user_id_name); if ($debug) { error_log('Ready to create user'); } if ($user_id > 0) { if ($debug) { error_log('User found with id: ' . $user_id); } // Check whether user is not active //@todo why this condition exists?? $sql = "SELECT user_id FROM {$table_user} WHERE user_id ='" . $user_id . "' AND active= '0' "; $resu = Database::query($sql); $r_check_user = Database::fetch_row($resu); $count_check_user = Database::num_rows($resu); if ($count_check_user > 0) { if ($debug) { error_log('User id: ' . $user_id . ' exists and is NOT active. Updating user and setting setting active = 1'); } $sql = "UPDATE {$table_user} SET\n lastname='" . Database::escape_string($lastName) . "',\n firstname='" . Database::escape_string($firstName) . "',\n username='******',"; if (!is_null($auth_source)) { $sql .= " auth_source='" . Database::escape_string($auth_source) . "',"; } $sql .= "\n password='******',\n email='" . Database::escape_string($email) . "',\n status='" . Database::escape_string($status) . "',\n official_code='" . Database::escape_string($official_code) . "',\n phone='" . Database::escape_string($phone) . "',\n expiration_date='" . Database::escape_string($expiration_date) . "',\n active='1',\n hr_dept_id=" . intval($hr_dept_id); $sql .= " WHERE user_id='" . $r_check_user[0] . "'"; if ($debug) { error_log($sql); } Database::query($sql); if (is_array($extra_list) && count($extra_list) > 0) { foreach ($extra_list as $extra) { $extra_field_name = $extra['field_name']; $extra_field_value = $extra['field_value']; // Save the external system's id into user_field_value table. $res = UserManager::update_extra_field_value($r_check_user[0], $extra_field_name, $extra_field_value); } } return $r_check_user[0]; } else { if ($debug) { error_log('User exists but is active. Cant be updated'); } return 0; } } else { if ($debug) { error_log("User not found with original_id = {$original_user_id_value} and original_name = {$original_user_id_name}"); } } // Default language. if (empty($language)) { $language = api_get_setting('platformLanguage'); } if (!empty($_user['user_id'])) { $creator_id = $_user['user_id']; } else { $creator_id = ''; } // First check wether the login already exists if (!UserManager::is_username_available($loginName)) { if ($debug) { error_log("Username {$loginName} is not available"); } return 0; } $sql = "INSERT INTO {$table_user} SET\n lastname = '" . Database::escape_string(trim($lastName)) . "',\n firstname = '" . Database::escape_string(trim($firstName)) . "',\n username = '******',\n status = '" . Database::escape_string($status) . "',\n password = '******',\n email = '" . Database::escape_string($email) . "',\n official_code\t = '" . Database::escape_string($official_code) . "',\n picture_uri \t = '" . Database::escape_string($picture_uri) . "',\n creator_id \t = '" . Database::escape_string($creator_id) . "',\n auth_source = '" . Database::escape_string($auth_source) . "',\n phone = '" . Database::escape_string($phone) . "',\n language = '" . Database::escape_string($language) . "',\n registration_date = '" . api_get_utc_datetime() . "',\n expiration_date = '" . Database::escape_string($expiration_date) . "',\n hr_dept_id = '" . Database::escape_string($hr_dept_id) . "',\n active = '" . Database::escape_string($active) . "'"; if ($debug) { error_log($sql); } $result = Database::query($sql); if ($result) { $return = Database::insert_id(); //Multiple URL $url_id = api_get_current_access_url_id(); UrlManager::add_user_to_url($return, $url_id); if ($debug) { error_log("Adding user_id = {$return} to URL id {$url_id} "); } // Save new fieldlabel into user_field table. $field_id = UserManager::create_extra_field($original_user_id_name, 1, $original_user_id_name, ''); // Save the remote system's id into user_field_value table. $res = UserManager::update_extra_field_value($return, $original_user_id_name, $original_user_id_value); if (is_array($extra_list) && count($extra_list) > 0) { foreach ($extra_list as $extra) { $extra_field_name = $extra['field_name']; $extra_field_value = $extra['field_value']; // save new fieldlabel into user_field table $field_id = UserManager::create_extra_field($extra_field_name, 1, $extra_field_name, ''); // save the external system's id into user_field_value table' $res = UserManager::update_extra_field_value($return, $extra_field_name, $extra_field_value); } } } else { $error = Database::error(); if ($debug) { error_log($error); } return 0; } return $return; }
public static function get_invoice_data() { /* Permission check. */ if (Permission::has('operator_chart_invoice')) { /* Selecteer alle invoice items vanaf nu en 1 jaar terug. */ $select = Database::query("SELECT UNIX_TIMESTAMP(i.create_date) AS create_date, i.type_customer, (SELECT SUM(price) FROM invoice_data WHERE invoice_id = i.id AND price IS NOT NULL) AS price FROM invoice AS i WHERE create_date >= DATE_SUB(NOW(), INTERVAL 1 YEAR)"); /* Kijken of query is gelukt. */ if ($select) { /* Kijken of er minimaal één result is. */ if ($select->num_rows != 0) { /* Return array .*/ $return = array(); /* Database array aanmaken. */ $db_array = array(); /* Doorloop alle items uit DB. */ while ($obj = $select->fetch_object()) { /* Sla object in array op. */ $db_array[] = $obj; } /* Tel aantal items in db_array. */ $db_array_count = count($db_array); /* Loop 13x (12 maanden in 1 jaar, plus 1 erbij om het huidige maand te bekijken). */ for ($i = 12; $i > -1; $i--) { /* d-m-Y van huidige maand uit de loop. */ $time = Date('m-Y', strtotime("-" . $i . " month")); /* Sla time op in de return array, en maak er een array van. */ $return[$time] = array('ad-hoc' => 0, 'subscription' => 0); /* Doorloop de database array. */ for ($j = 0; $j < $db_array_count; $j++) { /* Obj var aanmaken. */ $obj = $db_array[$j]; /* Kijken of het huidige factuur bij de huidige datum hoort. */ if (Date('m-Y', $obj->create_date) == $time) { /* Kijken wat het type customer is. */ if ($obj->type_customer == 'subscription') { /* Voeg het prijs toe aan de array. */ $return[$time]['subscription'] = $return[$time]['subscription'] + $obj->price; } else { /* Voeg het prijs toe aan de array. */ $return[$time]['ad-hoc'] = $return[$time]['ad-hoc'] + $obj->price; } } } } /* Geef de array terug. */ return $return; } } else { /* Foutmelding. */ throw new Exception('Er ging wat fout bij het opzoeken van de facturen het laatste jaar.<br />' . Database::error()); } } else { /* Geen permissies. */ throw new Exception('U heeft geen rechten om deze chart te mogen zien.'); } }
public static function search_card() { /* Permission check. */ if (Permission::has('operator_card_search')) { /* Kijken of de zoek gegevens ingevuld zijn. */ if (!empty($_POST['zoek_veld']) && !empty($_POST['zoek_type'])) { /* Kijken of het zoek type ondersteund wordt. */ if (in_array($_POST['zoek_type'], array('abonnee_naam', 'abonnee_nummer', 'rfid_id'))) { /* Escape het zoek term. */ $zoek = Database::escape($_POST['zoek_veld']); /* Kijken of type abonnee_naam is. */ if ($_POST['zoek_type'] == 'abonnee_naam') { /* Maak zoek query die de customer ID ophaalt van het resultaat. */ $select = Database::query("SELECT rfid.*, UNIX_TIMESTAMP(rfid.blocked_date) AS blocked_date FROM customer_info AS ci INNER JOIN subscription AS s ON s.customer_id = ci.customer_id INNER JOIN rfid_card AS rfid ON rfid.subscription_id = s.id WHERE ci.firstname LIKE '%" . $zoek . "%' OR ci.inserts LIKE '%" . $zoek . "%' OR ci.lastname LIKE '%" . $zoek . "%'"); } else { /* Zoeken op abonneenummer. */ if ($_POST['zoek_type'] == 'abonnee_nummer') { /* Maak zoek query die de customer ID ophaalt van het resultaat. */ $select = Database::query("SELECT rfid.*, UNIX_TIMESTAMP(rfid.blocked_date) AS blocked_date FROM subscription AS s INNER JOIN rfid_card AS rfid ON s.id = rfid.subscription_id WHERE s.sub_number LIKE '%" . $zoek . "%'"); } else { /* Zoeken op RFID id. */ if ($_POST['zoek_type'] == 'rfid_id') { /* Maak zoek query die de customer ID ophaalt van het resultaat. */ $select = Database::query("SELECT *, UNIX_TIMESTAMP(blocked_date) AS blocked_date FROM rfid_card WHERE id LIKE '%" . $zoek . "%'"); } } } /* Controleren of de select query gelukt is. */ if ($select) { /* Return het mysql object. */ return $select; } else { /* Foutmelding. */ throw new Exception('Er ging wat fout bij het zoeken.<br />' . Database::error()); } } else { /* Type niet ondersteund. */ throw new Exception('Het zoek type wordt niet ondersteund.'); } } else { /* Gooi foutmelding. */ throw new Exception('Niet alle zoek velden zijn ingevuld.<br />' . Database::error()); } } else { /* Geen rechten. */ throw new Exception('U heeft geen rechten om de parkeer passen te mogen verwijderen.'); } }
public function escalate() { /* Permission check. */ if (Permission::has('operator_request_reply')) { /* Selecteer het type uit de ticket. */ $select = Database::query("SELECT type_ticket FROM support_ticket WHERE id = " . $this->ticket_id); /* Kijken of de query gelukt is. */ if ($select) { /* Kijken of het verzoek bestaat. */ if ($select->num_rows != 0) { /* Haal type ticket op. */ $type = $select->fetch_object()->type_ticket; /* Controleren of de type wel een verzoek is. */ if ($type == 1) { /* Update het verzoek naar ticket. */ $update = Database::query("UPDATE support_ticket SET type_ticket = 0 WHERE id = " . $this->ticket_id); /* Kijken of update gelukt is. */ if ($update) { /* Insert query om te laten zien dat het verzoek geëcaleert is. */ $insert = Database::query("INSERT INTO support_ticket_message (ticket_id, customer_id, new_msg, type_msg, create_date, message) VALUES (" . $this->ticket_id . ", " . $_SESSION['login']['id'] . ", 1, 1, NOW(), 'Het verzoek is geescaleerd tot ticket.')"); /* Controleren of het bericht is geplaatst. */ if (!$insert) { /* Foutmelding. */ throw new Exception('Verzoek is geescaleerd, maar er kon geen bericht aan toegevoegd worden.<br />' . Database::error()); } } else { /* Update gefaald. */ throw new Exception('Er ging wat fout bij het escaleren van het verzoek.<br />' . Database::error()); } } else { /* Geen verzoek. */ throw new Exception('Het geselecteerde ticket is geen verzoek.'); } } else { /* Dit verzoek bestaat niet. */ throw new Exception('Het geselecteerde verzoek bestaat niet.'); } } else { /* Query mislukt. */ throw new Exception('Er ging wat fout bij het controleren van het verzoek.<br />' . Database::error()); } } else { /* Geen permissies. */ throw new Exception('U heeft geen rechten om dit verzoek te mogen aan passen.'); } }
private function rate_time_insert($obj, $json) { /* Escape alle items. */ $days = Database::escape($json->days); $time_from = Database::escape($json->time_from); $time_till = Database::escape($json->time_till); $cat = Database::escape($json->category); /* Selecteer cat. */ $select = Database::query("SELECT id FROM rate_category WHERE category = " . $cat); /* Kijken of query gelukt is. */ if ($select) { /* Kijken of item bestaat. */ if ($select->num_rows != 0) { /* Insert query. */ $insert = Database::query("INSERT INTO rate_time (category_id, days, time_from, time_till) VALUES (" . $cat . ", '" . $days . "', " . $time_from . ", " . $time_till . ")"); /* Kijken of insert gelukt is. */ if ($insert) { /* Return een true. */ return true; } else { /* Voeg foutmelding toe. */ Queue_manager::add_error($obj->id, 'Database foutmelding: ' . Database::error()); } } else { /* Category bestaat niet, dus voer het item niet uit en stel een foutmelding in. */ Queue_manager::add_error($obj->id, 'De gekoze category \'' . $cat . '\' bestaat niet (meer).'); } } /* Geef false terug. */ return false; }
<?php require_once 'config.php'; require_once 'database.php'; $db = new Database(DB_HOST, DB_USERNAME, DB_PASSWORD, DB_NAME); $db->insert('name', array('my_first_name', 'arp19690', 'my_last_name'), array('first', 'middle', 'last')); $db->insert('name', array('f', 'arp19690', 'l'), array('first', 'middle', 'last')); echo $db->error(); echo $db->error(); $db->update('name', array('middle' => 'my_middle_name'), array('first', 'my_first_name')); echo $db->error(); $db->select('name', true, '*', 'middle = "my_middle_name"'); echo $db->error(); echo "result " . $db->getResult();
public static function nonQuery($queryStr = '', $objectStr = '') { switch (self::$dbType) { case "mysqli": $queryDB = self::$dbConnect->send_query($queryStr); // echo self::$dbConnect->error; self::$error = self::$dbConnect->error; if (is_object($objectStr)) { $objectStr($queryDB); } return $queryDB; break; } }
public static function get_category_time() { /* Permission check. */ if (Permission::has('operator_price')) { /* Select query. */ $select = Database::query("SELECT rc.*, rt.* FROM rate_time AS rt INNER JOIN rate_category AS rc ON rc.id = rt.category_id ORDER BY rt.days, rt.time_from"); /* Kijken of query is gelukt. */ if ($select) { /* Geef het mysqli object terug. */ return $select; } else { /* Foutmelding. */ throw new Exception('Er ging wat fout tijdens het ophalen van de categorie periode gegevens.<br />' . Database::error()); } } else { /* Geen rechten. */ throw new Exception('U heeft geen rechten om de tijd periode te mogen bekijken.'); } }
public static function save($name, $value) { /* Permission check. */ if (Permission::has('operator_settings_edit')) { /* Kijken of de setting bestaat. */ if (Self::get($name) != null) { /* Update query aanmaken. */ $update = Database::query("UPDATE citypark_setting SET setting_value = '" . Database::escape($value) . "' WHERE setting_name = '" . Database::escape($name) . "'"); /* Controleren of de query is mislukt. */ if (!$update) { /* Foutmelding. */ throw new Exception('Er ging wat fout bij het aanpassen van de instelling.<br />' . Database::error()); } } else { /* Setting bestaat niet. */ throw new Exception('De permissie \'' . $name . '\' bestaat niet.'); } } else { /* Geen rechten. */ throw new Exception('U heeft geen rechten om een instellingen te wijzigen.'); } }
/** * Connects to the database server. */ function database_server_connect() { global $dbHostForm, $dbUsernameForm, $dbPassForm; if (($res = @Database::connect(array('server' => $dbHostForm, 'username' => $dbUsernameForm, 'password' => $dbPassForm))) === false) { $no = Database::errno(); $msg = Database::error(); echo '<hr />#' . $no . ': ' . $msg . '<hr />'; echo translate('DBServerDoesntWorkOrLoginPassIsWrong') . '.<br /><br />' . translate('PleaseCheckTheseValues') . ' :<br /><br />' . '<strong>' . translate('DBHost') . '</strong> : ' . $dbHostForm . '<br />' . '<strong>' . translate('DBLogin') . '</strong> : ' . $dbUsernameForm . '<br />' . '<strong>' . translate('DBPassword') . '</strong> : ' . $dbPassForm . '<br /><br />' . translate('PleaseGoBackToStep') . ' ' . (defined('SYSTEM_INSTALLATION') ? '3' : '1') . '.' . '<p><button type="submit" class="back" name="step' . (defined('SYSTEM_INSTALLATION') ? '3' : '1') . '" value="< ' . translate('Back') . '">' . translate('Back') . '</button></p>' . '</td></tr></table></form></body></html>'; exit; } @Database::query("set session sql_mode='';"); // Disabling special SQL modes (MySQL 5) }
$lp_ordered_items = array(); $parent_lps = array(); //keeps a track of chapter's learnpath ids $my_new_lp = $db.$new_lp; $my_new_lp_item = $db.$new_lp_item; $my_new_lp_view = $db.$new_lp_view; $my_new_lp_item_view = $db.$new_lp_item_view; // Migrate learnpaths $sql_test = "SELECT * FROM $my_new_lp"; $res_test = Database::query($sql_test); $sql_lp = "SELECT * FROM $lp_main"; if ($loglevel > 1) { Log::notice("$sql_lp"); } $res_lp = Database::query($sql_lp); if (!$res_lp or !$res_test) { if ($loglevel > 1) { Log::error("+++Problem querying DB $lp_main+++ skipping (".Database::error().")"); if (!$res_test) { Log::error("This might be due to no existing table in the destination course"); } } continue; } $dsp_ord = 1; while ($row = Database::fetch_array($res_lp)) { //echo "Treating lp id : ".$row['learnpath_id']."<br />\n"; $ins_lp_sql = "INSERT INTO $my_new_lp (lp_type,name,description,display_order,content_maker) " . "VALUES (1," . "'".Database::escape_string($row['learnpath_name'])."'," . "'".Database::escape_string($row['learnpath_description'])."',$dsp_ord,'Dokeos')"; $ins_lp_res = Database::query($ins_lp_sql); $in_id = Database::insert_id();
/** * Import the scorm object (as a result from the parse_manifest function) into the database structure * @param string Unique course code * @return bool Returns -1 on error */ function import_manifest($course_code, $use_max_score = 1) { if ($this->debug > 0) { error_log('New LP - Entered import_manifest(' . $course_code . ')', 0); } $course_info = api_get_course_info($course_code); $course_id = $course_info['real_id']; // Get table names. $new_lp = Database::get_course_table(TABLE_LP_MAIN); $new_lp_item = Database::get_course_table(TABLE_LP_ITEM); $use_max_score = intval($use_max_score); foreach ($this->organizations as $id => $dummy) { $is_session = api_get_session_id(); $is_session != 0 ? $session_id = $is_session : ($session_id = 0); $oOrganization =& $this->organizations[$id]; // Prepare and execute insert queries: // -for learnpath // -for items // -for views? $get_max = "SELECT MAX(display_order) FROM {$new_lp} WHERE c_id = {$course_id} "; $res_max = Database::query($get_max); $dsp = 1; if (Database::num_rows($res_max) > 0) { $row = Database::fetch_array($res_max); $dsp = $row[0] + 1; } $myname = $oOrganization->get_name(); $myname = api_utf8_decode($myname); $sql = "INSERT INTO {$new_lp} (c_id, lp_type, name, ref, description, path, force_commit, default_view_mod, default_encoding, js_lib,display_order, session_id, use_max_score)" . "VALUES ({$course_id} , 2,'" . $myname . "', '" . $oOrganization->get_ref() . "','','" . $this->subdir . "', 0, 'embedded', '" . $this->manifest_encoding . "', 'scorm_api.php', {$dsp}, {$session_id}, {$use_max_score})"; if ($this->debug > 1) { error_log('New LP - In import_manifest(), inserting path: ' . $sql, 0); } $res = Database::query($sql); $lp_id = Database::insert_id(); $this->lp_id = $lp_id; // Insert into item_property. api_item_property_update(api_get_course_info($course_code), TOOL_LEARNPATH, $this->lp_id, 'LearnpathAdded', api_get_user_id()); api_item_property_update(api_get_course_info($course_code), TOOL_LEARNPATH, $this->lp_id, 'visible', api_get_user_id()); // Now insert all elements from inside that learning path. // Make sure we also get the href and sco/asset from the resources. $list = $oOrganization->get_flat_items_list(); $parents_stack = array(0); $parent = 0; $previous = 0; $level = 0; foreach ($list as $item) { if ($item['level'] > $level) { // Push something into the parents array. array_push($parents_stack, $previous); $parent = $previous; } elseif ($item['level'] < $level) { $diff = $level - $item['level']; // Pop something out of the parents array. for ($j = 1; $j <= $diff; $j++) { $outdated_parent = array_pop($parents_stack); } $parent = array_pop($parents_stack); // Just save that value, then add it back. array_push($parents_stack, $parent); } $path = ''; $type = 'dir'; if (isset($this->resources[$item['identifierref']])) { $oRes =& $this->resources[$item['identifierref']]; $path = @$oRes->get_path(); if (!empty($path)) { $temptype = $oRes->get_scorm_type(); if (!empty($temptype)) { $type = $temptype; } } } $level = $item['level']; $field_add = ''; $value_add = ''; if (!empty($item['masteryscore'])) { $field_add .= 'mastery_score, '; $value_add .= $item['masteryscore'] . ','; } if (!empty($item['maxtimeallowed'])) { $field_add .= 'max_time_allowed, '; $value_add .= "'" . $item['maxtimeallowed'] . "',"; } $title = Database::escape_string($item['title']); $title = api_utf8_decode($title); $max_score = Database::escape_string($item['max_score']); if ($max_score == 0 || is_null($max_score) || $max_score == '') { //If max score is not set The use_max_score parameter is check in order to use 100 (chamilo style) or '' (strict scorm) if ($use_max_score) { $max_score = "'100'"; } else { $max_score = "NULL"; } } else { //Otherwise save the max score $max_score = "'{$max_score}'"; } $identifier = Database::escape_string($item['identifier']); if (empty($title)) { $title = get_lang('Untitled'); } $prereq = Database::escape_string($item['prerequisites']); $sql_item = "INSERT INTO {$new_lp_item} (c_id, lp_id,item_type,ref,title, path,min_score,max_score, {$field_add} parent_item_id,previous_item_id,next_item_id, prerequisite,display_order,launch_data, parameters) VALUES " . "({$course_id}, {$lp_id}, '{$type}','{$identifier}', '{$title}', '{$path}' , 0, {$max_score}, {$value_add}" . "{$parent}, {$previous}, 0, " . "'{$prereq}', " . $item['rel_order'] . ", '" . $item['datafromlms'] . "'," . "'" . $item['parameters'] . "'" . ")"; $res_item = Database::query($sql_item); if ($this->debug > 1) { error_log('New LP - In import_manifest(), inserting item : ' . $sql_item . ' : ' . Database::error(), 0); } $item_id = Database::insert_id(); // Now update previous item to change next_item_id. $upd = "UPDATE {$new_lp_item} SET next_item_id = {$item_id} WHERE c_id = {$course_id} AND id = {$previous}"; $upd_res = Database::query($upd); // Update previous item id. $previous = $item_id; // Code for indexing, now only index specific fields like terms and the title. if (!empty($_POST['index_document'])) { require_once api_get_path(LIBRARY_PATH) . 'search/ChamiloIndexer.class.php'; require_once api_get_path(LIBRARY_PATH) . 'search/IndexableChunk.class.php'; require_once api_get_path(LIBRARY_PATH) . 'specific_fields_manager.lib.php'; $di = new ChamiloIndexer(); isset($_POST['language']) ? $lang = Database::escape_string($_POST['language']) : ($lang = 'english'); $di->connectDb(null, null, $lang); $ic_slide = new IndexableChunk(); $ic_slide->addValue('title', $title); $specific_fields = get_specific_field_list(); $all_specific_terms = ''; foreach ($specific_fields as $specific_field) { if (isset($_REQUEST[$specific_field['code']])) { $sterms = trim($_REQUEST[$specific_field['code']]); $all_specific_terms .= ' ' . $sterms; if (!empty($sterms)) { $sterms = explode(',', $sterms); foreach ($sterms as $sterm) { $ic_slide->addTerm(trim($sterm), $specific_field['code']); } } } } $body_to_index = $all_specific_terms . ' ' . $title; $ic_slide->addValue("content", $body_to_index); // TODO: Add a comment to say terms separated by commas. $courseid = api_get_course_id(); $ic_slide->addCourseId($courseid); $ic_slide->addToolId(TOOL_LEARNPATH); $xapian_data = array(SE_COURSE_ID => $courseid, SE_TOOL_ID => TOOL_LEARNPATH, SE_DATA => array('lp_id' => $lp_id, 'lp_item' => $previous, 'document_id' => ''), SE_USER => (int) api_get_user_id()); $ic_slide->xapian_data = serialize($xapian_data); $di->addChunk($ic_slide); // Index and return search engine document id. $did = $di->index(); if ($did) { // Save it to db. $tbl_se_ref = Database::get_main_table(TABLE_MAIN_SEARCH_ENGINE_REF); $sql = 'INSERT INTO %s (id, course_code, tool_id, ref_id_high_level, ref_id_second_level, search_did) VALUES (NULL , \'%s\', \'%s\', %s, %s, %s)'; $sql = sprintf($sql, $tbl_se_ref, api_get_course_id(), TOOL_LEARNPATH, $lp_id, $previous, $did); Database::query($sql); } } } } }
public function set_paid() { /* Controleren of er een ID geset is van een factuur om mee te werken. */ if ($this->id != null) { /* Query uitvoeren. */ $update = Database::query("UPDATE invoice SET paid = 1, paid_date = NOW() WHERE id = " . $this->id); /* Controleren of query is gelukt. */ if (!$update) { /* Foutmelding. */ throw new Exception('Er ging wat fout bij het op betaald zetten van het factuur.<br />' . Database::error()); } /* Return een true. */ return true; } else { /* Er is geen factuur geselecteerd. */ throw new Exception('Er is geprobeerd een factuur regel aan te maken terwijl er geen factuur ingesteld is.'); } }
<?php require_once "Question.php"; require_once "db.php"; @Database::connect(); if (!Database::$link) { Database::error(); } if (!isset($_POST["text"]) || !isset($_POST["trueAnswer"]) || !isset($_POST["falseAnswer1"]) || !isset($_POST["falseAnswer2"])) { die; } $text = $_POST["text"]; $trueAnswer = $_POST["trueAnswer"]; $falseAnswer1 = $_POST["falseAnswer1"]; $falseAnswer2 = $_POST["falseAnswer2"]; $question = new Question($text, $trueAnswer, $falseAnswer1, $falseAnswer2); $question->add(); header("Location: ../front-end/moviesChallenge.html");
/** * Displays the form to register users in a blog (in a course) * The listed users are users subcribed in the course. * @author Toon Keppens * * @param Integer $blog_id * * @return Html Form with sortable table with users to unsubcribe from a blog. */ public static function display_form_user_unsubscribe($blog_id) { global $_user; $is_western_name_order = api_is_western_name_order(); // Init $tbl_users = Database::get_main_table(TABLE_MAIN_USER); $tbl_blogs_rel_user = Database::get_course_table(TABLE_BLOGS_REL_USER); echo '<legend>' . get_lang('UnsubscribeMembers') . '</legend>'; $properties["width"] = "100%"; //table column titles $column_header[] = array('', false, ''); if ($is_western_name_order) { $column_header[] = array(get_lang('FirstName'), true, ''); $column_header[] = array(get_lang('LastName'), true, ''); } else { $column_header[] = array(get_lang('LastName'), true, ''); $column_header[] = array(get_lang('FirstName'), true, ''); } $column_header[] = array(get_lang('Email'), false, ''); $column_header[] = array(get_lang('TaskManager'), true, ''); $column_header[] = array(get_lang('UnRegister'), false, ''); $course_id = api_get_course_int_id(); $sql_query = "SELECT user.user_id, user.lastname, user.firstname, user.email, user.username\n\t\t\tFROM {$tbl_users} user INNER JOIN {$tbl_blogs_rel_user} blogs_rel_user\n\t\t\tON user.user_id = blogs_rel_user.user_id\n\t\t\tWHERE blogs_rel_user.c_id = {$course_id} AND blogs_rel_user.blog_id = '" . (int) $blog_id . "'"; if (!($sql_result = Database::query($sql_query))) { return false; } $user_data = array(); while ($myrow = Database::fetch_array($sql_result)) { $row = array(); $row[] = '<input type="checkbox" name="user[]" value="' . $myrow['user_id'] . '" ' . ($_GET['selectall'] == "unsubscribe" ? ' checked="checked" ' : '') . '/>'; $username = api_htmlentities(sprintf(get_lang('LoginX'), $myrow["username"]), ENT_QUOTES); if ($is_western_name_order) { $row[] = $myrow["firstname"]; $row[] = Display::tag('span', $myrow["lastname"], array('title' => $username)); } else { $row[] = Display::tag('span', $myrow["lastname"], array('title' => $username)); $row[] = $myrow["firstname"]; } $row[] = Display::icon_mailto_link($myrow["email"]); $sql = "SELECT bt.title task\n\t\t\tFROM " . Database::get_course_table(TABLE_BLOGS_TASKS_REL_USER) . " btu\n\t\t\tINNER JOIN " . Database::get_course_table(TABLE_BLOGS_TASKS) . " bt ON btu.task_id = bt.task_id\n\t\t\tWHERE \tbtu.c_id \t= {$course_id} AND\n\t\t\t\t\tbt.c_id \t= {$course_id} AND\n\t\t\t\t\tbtu.blog_id = {$blog_id} AND\n\t\t\t\t\tbtu.user_id = " . $myrow['user_id']; if (!($sql_res = Database::query($sql))) { die(Database::error()); } $task = ''; while ($r = Database::fetch_array($sql_res)) { $task .= stripslashes($r['task']) . ', '; } //echo $task; $task = api_strlen(trim($task)) != 0 ? api_substr($task, 0, api_strlen($task) - 2) : get_lang('Reader'); $row[] = $task; //Link to register users if ($myrow["user_id"] != $_user['user_id']) { $row[] = "<a class=\"btn\" href=\"" . api_get_self() . "?action=manage_members&blog_id={$blog_id}&unregister=yes&user_id=" . $myrow[user_id] . "\">" . get_lang('UnRegister') . "</a>"; } else { $row[] = ''; } $user_data[] = $row; } $query_vars['action'] = 'manage_members'; $query_vars['blog_id'] = $blog_id; echo '<form method="post" action="blog.php?action=manage_members&blog_id=' . $blog_id . '">'; Display::display_sortable_table($column_header, $user_data, null, null, $query_vars); $link = ''; $link .= isset($_GET['action']) ? 'action=' . Security::remove_XSS($_GET['action']) . '&' : ''; $link .= "blog_id={$blog_id}&"; echo '<a href="blog.php?' . $link . 'selectall=unsubscribe">' . get_lang('SelectAll') . '</a> - '; echo '<a href="blog.php?' . $link . '">' . get_lang('UnSelectAll') . '</a> '; echo get_lang('WithSelected') . ' : '; echo '<select name="action">'; echo '<option value="select_unsubscribe">' . get_lang('UnRegister') . '</option>'; echo '</select>'; echo '<input type="hidden" name="unregister" value="true" />'; echo '<button class="save" type="submit">' . get_lang('Ok') . '</button>'; echo '</form>'; }
public function save_information() { /* Controleren of alle vereiste velden ingevuld zijn. */ if (!empty($_POST['firstname']) && !empty($_POST['lastname']) && !empty($_POST['street']) && !empty($_POST['house_nr']) && !empty($_POST['zipcode']) && !empty($_POST['city']) && !empty($_POST['bank_account']) && !empty($_POST['email'])) { /* Kijken of minimaal een van de twee telefoonnummers ingevuld is. */ if (!empty($_POST['phone_home']) || !empty($_POST['phone_mob'])) { /* Controleren of het bank rekening nummer een getal is. */ if (is_numeric($_POST['bank_account'])) { /* Controleren of het huis nummer een getal is. */ if (is_numeric($_POST['house_nr'])) { /* Controleren of het e-mailadres klopt. */ if (filter_var($_POST['email'], FILTER_VALIDATE_EMAIL)) { /* Escape de heel $_POST array, en plaats het resultaat terug in $_POST. */ $_POST = Database::escape_array($_POST); /* Update de customer information. */ $update_ci = Database::query("UPDATE customer_info SET firstname = '" . $_POST['firstname'] . "', inserts = '" . $_POST['inserts'] . "', lastname = '" . $_POST['lastname'] . "', street = '" . $_POST['street'] . "', house_nr = " . $_POST['house_nr'] . ", house_nr_add = '" . $_POST['house_nr_add'] . "', city = '" . $_POST['city'] . "', zipcode = '" . $_POST['zipcode'] . "', phone_home = '" . $_POST['phone_home'] . "', phone_mob = '" . $_POST['phone_mob'] . "', bank_account = " . $_POST['bank_account'] . " WHERE customer_id = " . $_SESSION['login']['id']); if ($update_ci) { /* Update de customer email. */ $update_c = Database::query("UPDATE customer SET email = '" . $_POST['email'] . "' WHERE id = " . $_SESSION['login']['id']); if (!$update_c) { /* Aanpassen van email is mislukt. */ throw new Exception('Er ging wat fout tijdens het opslaan van de wijzigingen.<br />' . Database::error()); } } else { /* Customer info aanpassen is mislukt. */ throw new Exception('Er ging wat fout tijdens het opslaan van de wijzigingen.<br />' . Database::error()); } } else { /* E-mailadres is ongeldig. */ throw new Exception('Het ingevulde e-mailadres is ongeldig.'); } } else { /* Huisnummer is geen getal. */ throw new Exception('Het ingevulde huisnummer is ongeldig.'); } } else { /* Banknummer is geen getal. */ throw new Exception('Het ingevulde rekeningnummer is ongeldig.'); } } else { /* Beide telefoonnummers missen. */ throw new Exception('Minimaal een van de telefoonnummers dient ingevuld te worden.'); } } else { /* Niet alle verplichte velden zijn ingevuld. */ throw new Exception('Niet alle verplichte velden zijn ingevuld.'); } }
} } $mysqlStatsDb = $mysqlMainDb; $mysqlUserDb = $mysqlMainDb; // This parameter is needed to run a command line install of Chamilo (needed for Phing) if (!defined('CLI_INSTALLATION')) { include api_get_path(SYS_LANG_PATH).'english/create_course.inc.php'; if ($languageForm != 'english') { include api_get_path(SYS_LANG_PATH).$languageForm.'/create_course.inc.php'; } } Database::select_db($mysqlMainDb) or die(Database::error()); $installation_settings = array(); $installation_settings['{ORGANISATIONNAME}'] = $institutionForm; $installation_settings['{ORGANISATIONURL}'] = $institutionUrlForm; $installation_settings['{CAMPUSNAME}'] = $campusForm; $installation_settings['{PLATFORMLANGUAGE}'] = $languageForm; $installation_settings['{ALLOWSELFREGISTRATION}'] = true_false($allowSelfReg); $installation_settings['{ALLOWTEACHERSELFREGISTRATION}'] = true_false($allowSelfRegProf); $installation_settings['{ADMINLASTNAME}'] = $adminLastName; $installation_settings['{ADMINFIRSTNAME}'] = $adminFirstName; $installation_settings['{ADMINLOGIN}'] = $loginForm; $installation_settings['{ADMINPASSWORD}'] = $passToStore; $installation_settings['{ADMINEMAIL}'] = $emailForm; $installation_settings['{ADMINPHONE}'] = $adminPhoneForm; $installation_settings['{PLATFORM_AUTH_SOURCE}'] = PLATFORM_AUTH_SOURCE;