function create_usage_graph($from_date, $end_date)
{
//create an instance of class database here
$con = new database();
//set up query string
$query_members = "SELECT * FROM people_online WHERE people_online.member = 'y' \r\n\t\t\t\t\t AND people_online.log_date BETWEEN '{$from_date}' AND '{$end_date}'";
$query_visitors = "SELECT * FROM people_online WHERE people_online.member = 'n' \r\n\t\t\t\t\t AND people_online.log_date BETWEEN '{$from_date}' AND '{$end_date}'";
$rs_members = $con->query($query_members) or die($con->error());
$rs_visitors = $con->query($query_visitors) or die($con->error());
// COMMENT : must use OOP style ( use the $con object uve created ) not a procedural one...-mh
$data_member = mysql_fetch_assoc($rs_members);
// this is wrong...
$data_visitors = mysql_fetch_assoc($rs_visitors);
$data_member = $con->getnumrows($rs_members);
$data_visitors = $con->getnumrows($rs_visitors);
$data = $data_member + $data_visitors;
if ($data == 0) {
echo '<script>alert("Sorry, no usage results found.");window.close();</script>';
exit;
}
//echo 'm='.$data_member;
//echo 'v='.$data_visitors;
$arr_label = array("Members", "Visitors");
//$arr_data = array($data_member['MEMBERS'], $data_visitors['VISITORS']);
$arr_data = array($data_member, $data_visitors);
//start displaying the graph
$from_date = explode('-', $from_date);
$from_date = strdate($from_date[1], '', '') . ' ' . $from_date[2] . ',' . $from_date[0];
$end_date = explode('-', $end_date);
$end_date = strdate($end_date[1], '', '') . ' ' . $end_date[2] . ',' . $end_date[0];
$graph = new graph_creator(320, 600, "People Online As of {$from_date} to {$end_date}", $arr_label, $arr_data, $center_value = 0.45);
$graph->create_pie_graph();
}
/**
* Layout Page Logic
* @return
* @param $db Object
*/
function __construct(database $db, user $user)
{
$this->db =& $db;
$this->user =& $user;
$this->sub_page = Kit::GetParam('sp', _GET, _WORD, 'view');
$this->layoutid = Kit::GetParam('layoutid', _REQUEST, _INT);
// If we have modify selected then we need to get some info
if ($this->layoutid != '') {
// get the permissions
Debug::LogEntry('audit', 'Loading permissions for layoutid ' . $this->layoutid);
$this->auth = $user->LayoutAuth($this->layoutid, true);
if (!$this->auth->edit) {
trigger_error(__("You do not have permissions to edit this layout"), E_USER_ERROR);
}
$this->sub_page = "edit";
$sql = " SELECT layout, description, userid, retired, xml FROM layout ";
$sql .= sprintf(" WHERE layoutID = %d ", $this->layoutid);
if (!($results = $db->query($sql))) {
trigger_error($db->error());
trigger_error(__("Cannot retrieve the Information relating to this layout. The layout may be corrupt."), E_USER_ERROR);
}
if ($db->num_rows($results) == 0) {
$this->has_permissions = false;
}
while ($aRow = $db->get_row($results)) {
$this->layout = Kit::ValidateParam($aRow[0], _STRING);
$this->description = Kit::ValidateParam($aRow[1], _STRING);
$this->retired = Kit::ValidateParam($aRow[3], _INT);
$this->xml = $aRow[4];
}
}
}
function __construct(database $db, user $user)
{
$this->db =& $db;
$this->user =& $user;
$usertype = Kit::GetParam('usertype', _SESSION, _INT, 0);
$this->groupid = Kit::GetParam('groupid', _REQUEST, _INT, 0);
// Do we have a user group selected?
if ($this->groupid != 0) {
// If so then we will need to get some information about it
$SQL = <<<END
\t\t\tSELECT \tgroup.GroupID,
\t\t\t\t\tgroup.Group
\t\t\tFROM `group`
\t\t\tWHERE groupID = %d
END;
$SQL = sprintf($SQL, $this->groupid);
if (!($results = $db->query($SQL))) {
trigger_error($db->error());
trigger_error(__("Can not get Group information."), E_USER_ERROR);
}
$aRow = $db->get_assoc_row($results);
$this->group = $aRow['Group'];
}
// Include the group data classes
include_once 'lib/data/usergroup.data.class.php';
}
function save_segment($segmentTitle, $segmentTopic, $segmentAnchor, $segmentSchedule, $segmentContent, $segmentDate)
{
#$segmentTitle the title of the segment
#$segmentTopic the topic being tockled on the segment
#$segmentAnchor the anchorman of the segment
#$segmentSchedule the schedule of the segment on air
#$segmentContent the content of the segment
#$segmentDate the date when the segment was written
$query = "INSERT INTO news_segments VALUES('', '{$segmentTitle}', '{$segmentTopic}', '{$segmentContent}', '{$segmentAnchor}', '{$segmentSchedule}', '{$segmentDate}')";
$db = new database();
if (!$db->query($query)) {
echo $db->error();
exit;
}
}
<?php
include 'coreclass.php';
$response = $_POST['response'];
//the user response
$topic_id = $_POST['topic_id'];
//the topic
$response_date = date('Y-m-d');
//the date when the user responded
//these codes are for debugging purpose only
echo '<br>Date Today: ' . $response_date;
echo '<br>Topic ID: ' . $topic_id;
echo '<br>User Response: ' . $response;
//define query string here
$query = "INSERT INTO poll_data VALUES('', '{$topic_id}', '{$response}', '{$response_date}')";
//instantiate new object of class database
$con = new database();
if (!$con->query($query)) {
echo $con->error();
} else {
//this line is just temporary
echo '<br><a href="display_poll.php">Back To Main</a>';
}
/**
* Get current active quota
*/
function getActiveQuota()
{
$sql = "select * from quota where isdefault=1 ";
$db = new database();
if (!($result = $db->query($sql))) {
die('Error:' . $db->error());
}
$quota = array();
if ($quota[] = $db->fetcharray()) {
}
return $quota[0]->quota;
}
} else {
$emailAlerts = FALSE;
}
if ($alwaysAlert == "On") {
$alwaysAlert = TRUE;
} else {
$alwaysAlert = FALSE;
}
// The time in the past that the last connection must be later than globally.
$globalTimeout = time() - 60 * Kit::ValidateParam(Config::GetSetting("MAINTENANCE_ALERT_TOUT"), _INT);
$msgTo = Kit::ValidateParam(Config::GetSetting("mail_to"), _PASSWORD);
$msgFrom = Kit::ValidateParam(Config::GetSetting("mail_from"), _PASSWORD);
// Get a list of all licensed displays
$SQL = "SELECT `displayid`, `lastaccessed`, `email_alert`, `alert_timeout`, `display`, `loggedin` FROM `display` WHERE licensed = 1";
if (!($result = $db->query($SQL))) {
trigger_error($db->error());
trigger_error(__('Unable to access displays'), E_USER_ERROR);
}
// Loop over the licensed displays
while ($row = $db->get_row($result)) {
$displayid = Kit::ValidateParam($row[0], _INT);
$lastAccessed = Kit::ValidateParam($row[1], _INT);
$email_alert = Kit::ValidateParam($row[2], _INT);
$alert_timeout = Kit::ValidateParam($row[3], _INT);
$display_name = Kit::ValidateParam($row[4], _STRING);
$loggedin = Kit::ValidateParam($row[5], _INT);
$final_timeout = $globalTimeout;
$last_seen = date("Y-m-d H:i:s", $lastAccessed);
if ($alert_timeout != 0) {
$final_timeout = time() - 60 * $alert_timeout;
}
}
if (!file_exists("settings.php")) {
// Xibo has not been configured. Just quit since we can't
// raise a SOAP error because we don't know where
// nuSOAP is yet.
die("Not configured. Visit " . Kit::GetURL() . " to configure.");
}
if (file_exists("upgrade.php")) {
// An upgrade is in progress. Just quit since the server
// won't be in a servicable state
die("An upgrade is pending. Visit " . Kit::GetURL() . ".");
}
//parse and init the settings.xml
Config::Load();
//create a DB
$db = new database();
if (!$db->connect_db($dbhost, $dbuser, $dbpass)) {
trigger_error($db->error(), E_USER_ERROR);
}
if (!$db->select_db($dbname)) {
trigger_error($db->error(), E_USER_ERROR);
}
// Error Handling (our error handler requires a DB connection
set_error_handler(array(new Debug(), "ErrorHandler"));
date_default_timezone_set(Config::GetSetting('defaultTimezone'));
// Work out the location of this service
$serviceLocation = Kit::GetXiboRoot();
// OAuth
require_once 'lib/oauth.inc.php';
// Setup the translations for gettext
TranslationEngine::InitLocale();
//
// Check to see if we've passed that point, and if so look at what was posted
// to include those classes.
if (Kit::GetParam("includes", _POST, _BOOL)) {
for ($i = $_POST['upgradeFrom'] + 1; $i <= $_POST['upgradeTo']; $i++) {
if (file_exists('install/database/' . $i . '.php')) {
include_once 'install/database/' . $i . '.php';
}
}
}
session_start();
Config::Load();
// create a database class instance
$db = new database();
if (!$db->connect_db($dbhost, $dbuser, $dbpass)) {
reportError(0, __("Unable to connect to the MySQL database using the settings stored in settings.php.") . "<br /><br />" . __("MySQL Error:") . "<br />" . $db->error());
}
if (!$db->select_db($dbname)) {
reportError(0, __("Unable to select the MySQL database using the settings stored in settings.php.") . "<br /><br />" . __("MySQL Error:") . "<br />" . $db->error());
}
// Initialise the Translations
set_error_handler(array(new Debug(), "ErrorHandler"));
TranslationEngine::InitLocale($db);
include 'install/header_upgrade.inc';
if (!isset($_SESSION['step'])) {
$_SESSION['step'] = 0;
}
if (Kit::GetParam('skipstep', _POST, _INT) == 1) {
// Cheat the $_SESSION['step'] variable if required
// Used if there are environment warnings and we want to retest.
$_SESSION['step'] = 1;
function __construct(database $db, user $user)
{
$this->db =& $db;
$this->user =& $user;
include_once 'lib/data/display.data.class.php';
$this->sub_page = Kit::GetParam('sp', _GET, _WORD, 'view');
$this->ajax = Kit::GetParam('ajax', _REQUEST, _WORD, 'false');
$displayid = Kit::GetParam('displayid', _REQUEST, _INT, 0);
// validate displays so we get a realistic view of the table
$this->validateDisplays();
if (isset($_GET['modify']) || $displayid != 0) {
$this->sub_page = 'edit';
if (!$this->has_permissions && $this->ajax == 'true') {
trigger_error(__("You do not have permissions to edit this display"), E_USER_ERROR);
}
$SQL = <<<SQL
SELECT display.displayid,
display.display,
display.defaultlayoutid,
display.license,
display.licensed,
display.inc_schedule,
display.isAuditing,
display.email_alert,
display.alert_timeout,
display.MediaInventoryStatus,
display.MediaInventoryXml,
display.MacAddress,
display.WakeOnLan,
display.WakeOnLanTime,
display.BroadCastAddress,
display.SecureOn,
display.Cidr,
display.ClientAddress,
X(display.GeoLocation) AS Latitude,
Y(display.GeoLocation) AS Longitude
FROM display
WHERE display.displayid = %d
SQL;
$SQL = sprintf($SQL, $displayid);
Debug::LogEntry('audit', $SQL);
if (!($results = $db->query($SQL))) {
trigger_error($db->error());
trigger_error(__("Can not get the display information for display") . '[$this->displayid]', E_USER_ERROR);
}
while ($row = $db->get_row($results)) {
$this->displayid = Kit::ValidateParam($row[0], _INT);
$this->display = Kit::ValidateParam($row[1], _STRING);
$this->layoutid = Kit::ValidateParam($row[2], _INT);
$this->license = Kit::ValidateParam($row[3], _STRING);
$this->licensed = Kit::ValidateParam($row[4], _INT);
$this->inc_schedule = Kit::ValidateParam($row[5], _INT);
$this->auditing = Kit::ValidateParam($row[6], _INT);
$this->email_alert = Kit::ValidateParam($row[7], _INT);
$this->alert_timeout = Kit::ValidateParam($row[8], _INT);
$this->mediaInventoryStatus = Kit::ValidateParam($row[9], _INT);
$this->mediaInventoryXml = Kit::ValidateParam($row[10], _HTMLSTRING);
$this->macAddress = Kit::ValidateParam($row[11], _STRING);
$this->wakeOnLan = Kit::ValidateParam($row[12], _INT);
$this->wakeOnLanTime = Kit::ValidateParam($row[13], _STRING);
$this->broadCastAddress = Kit::ValidateParam($row[14], _STRING);
$this->secureOn = Kit::ValidateParam($row[15], _STRING);
$this->cidr = Kit::ValidateParam($row[16], _INT);
$this->clientIpAddress = Kit::ValidateParam($row[17], _STRING);
$this->latitude = Kit::ValidateParam($row[18], _DOUBLE);
$this->longitude = Kit::ValidateParam($row[19], _DOUBLE);
// Make cidr null if its a 0
$this->cidr = $this->cidr == 0 ? '' : $this->cidr;
}
}
return true;
}
$dateline = $_POST['dateline'];
$article_title = $_POST['title'];
$article_body = $_POST['editor_content'];
//print_r ($_POST);
$userID = $_SESSION['userID'];
//$created = date("F d, Y h:i:s A");
$created = time();
$query = " insert into articles ( stageID, created, dateline, title, article_body) ";
$query .= " values( '{$stageID}', {$created}, '{$dateline}', '{$article_title}', '{$article_body}' )";
print $query;
$db = new database();
$result = $db->query($query);
if ($result) {
// ok ..
} else {
print $db->error();
}
// cge nash, a2 kuhaon ang id sa bag-o nga na-insert nga record ha..
// TODO: must use the accessor methods here, but not
// directly accessing the variable..ex. $db->getInsertID()
$insertID = $db->insertID;
if ($insertID) {
// now lets insert the article with corresponding author
$query = " insert into article_author ( articleID , userID ) ";
$query .= " values( '{$insertID}' , '{$userID}') ";
$result = $db->query($query);
$query = " insert into article_category ( articleID , categoryID ) ";
$query .= " values( '{$insertID}' , '{$categoryID}' ) ";
$result = $db->query($query);
}
if ($result) {
#the actual content.
$con = new database();
#echo "<br>Name: ".$source_name;
#echo "<br>Email: ".$emailAddress;
#echo "<br>Contact: ".$contactNumber;
#echo "<br>Report: ".$report;
#echo "<br>Date: ".$reportDate;
if ($name = "" || ($report = "")) {
#this the name field or the report field is empty, prompt the
#user and redirect back to the form...
header('Location: ' . $_SERVER['HTTP_REFERRER']);
} else {
#define the query
$query = "INSERT INTO external_source VALUES('', '{$source_name}', '{$emailAddress}', '{$contactNumber}', '{$reportDate}', '{$report}')";
if (!$con->query($query)) {
$con->error();
}
$_SESSION['message'] = "Thank you for the information you have given to us. <br>";
#header('Location: external_source_form_f.php');
}
#################################################################################################################################
/*
* Get the default stylesheets
*/
include 'admin/template.configuration.php';
$stylesheet = ' themes/' . $default_template_name . '/' . $default_template_stylesheet;
// Generate the page now
$tpl = new template_parser('themes/templates/submit_external_source_tpl.php');
$tags = array('{DATELINE}' => niceDate($headline[0]->dateline), '{ARTICLEID}' => $headline[0]->articleID, '{HEADLINE}' => $headline[0]->title, '{AUTHOR}' => 'By ' . getArticle_authors_info($headline[0]->articleID, 'fullname') . ' / BR</p>', '{ARTICLE_BODY}' => makeAShortIntro(strip_tags($headline[0]->article_body)), '{PHOTO}' => $photo, '{VIEW_ARTICLE_URL}' => $my_profile[0]->homeaddress, '{OTHER_HEADLINES}' => $other_headlines, '{OTHER_TOPSTORIES}' => $other_topstories, '{QUOTE_OF_THE_DAY}' => $quote, '{SUBSECTIONS}' => $subsections, '{MESSAGE}' => $message, '{PAGE_GENERATED}' => ' ' . $pagegenerated, '{SPONSORED_LINKS}' => $sponsoredlinks, '{SUBSECTIONS}' => $subsections, '{CATEGORY}' => $categorylist, '{FOOTER}' => 'themes/templates/footer.tpl.php', '{STYLESHEET}' => $stylesheet);
$tpl->parse_template($tags);
print $tpl->display();
<?php
require_once "debugger.php";
require_once "database.php";
$db = new database();
$con = $db->connect("localhost", "root", "revive", "mysql");
mysqli_set_charset($con, "utf8");
$result = $db->query("SELECT * FROM user");
if ($result) {
while ($row = mysqli_fetch_array($result)) {
echo $row['Host'] . " - " . $row['User'] . "\n";
}
} else {
echo $db->error();
}
$con2 = $db->getConnection();
print_r($con2);
/**
* This function will send a query to the table user_stage then, retrieve the
* stages that the user has been assign..
* return the recordset in array()
*/
function query_data($userID)
{
// get this user stages of this user...
$sql = "select * from user_stage us\r\n\t\twhere us.userID = " . intval($userID) . " order by us.stageID ASC ";
// sort the STAGES accordingly..
$db = new database();
if (!($result = $db->query($sql))) {
die('Error:' . $db->error());
}
$user_stages = array();
while ($row = $db->fetcharray()) {
$user_stages[] = $row;
}
$db->freeresult();
// simply free the result..
print 'USERNAME='******'username'];
// ok pepol,, lets chek his user stages..
$sql = " select * from ";
// if the user has been assign with SOME workflows...
$state = 0;
foreach ($user_stages as $field => $user_stage) {
if ($user_stage->stageID) {
switch ($user_stage->stageID) {
case 1:
// if the user is on writing stage, retrieve his articles
$sql .= " articles a ,";
$sql .= " article_author aa ";
$state = 1;
// we assume that there was another stages been assign..
break;
case 2:
// the user is assign on editing stage..
$editing_stage = 1;
break;
case 3:
// ..proofreading stage..
$proofreading_stage = 1;
break;
case 4:
// ..publishinng stage..
$publishing_stage = 1;
break;
}
}
}
// if this user has been assign with these stages..editing, proofreading ..etc...
if ($editing_stage == 1 || $proofreading_stage == 1 || $publishing_stage == 1) {
if (count($user_stages) > 1) {
// this user is assign with SOME WORKFLOWS..
if ($state) {
//
$sql .= " ,article_versions av ";
} else {
// simply, first call of the article versions..
$sql .= " article_versions av ";
}
} else {
// this user has been set with one workflows..
$sql .= " article_versions av ";
}
}
$sql .= " where ";
// WHERE CLAUSE HERE..very important!!!!
$state = 0;
if (count($user_stages) > 1) {
// this user has been assign with SOME WORKFLOWS
foreach ($user_stages as $field => $user_stage) {
if ($user_stage->stageID) {
switch ($user_stage->stageID) {
case 1:
// writer
$sql .= " a.stageID = 1 ";
$sql .= " and aa.userID = {$userID} ";
$state = 1;
break;
case 2:
// editor
// PROBLEM : concatenation of and..ex. editor+chef
if ($state) {
$sql .= " and av.stageID = 2 ";
} else {
$sql .= " av.stageID = 2 ";
}
break;
case 3:
// editor n chief
if ($state) {
$sql .= " and av.stageID = 3 ";
} else {
$sql .= " av.stageID = 3 ";
}
//$sql .= " and av.modified_by = $userID ";
break;
case 4:
// publisher
$sql .= " and av.stageID = 4 ";
break;
}
}
}
} else {
foreach ($user_stages as $field => $user_stage) {
if ($user_stage->stageID) {
switch ($user_stage->stageID) {
case 1:
// writer
$sql .= " a.stageID = 1 ";
//$sql .= " and aa.userID = $userID ";
break;
case 2:
// editor
$sql .= " av.stageID = 2 ";
//$sql .= " and av.modified_by = $userID ";
break;
case 3:
// editor n chief
$sql .= " av.stageID = 3 ";
//$sql .= " or av.modified_by = $userID ";
break;
case 4:
// publisher
$sql .= " av.stageID = 4 ";
break;
}
}
}
}
print '[SQL=' . $sql;
if (!($result = $db->query($sql))) {
die('Error:' . $db->error());
}
$query_data = array();
while ($query_data[] = $db->fetcharray()) {
}
print '[totalrec=' . $db->getnumrows();
//print_r($query_data );
return $query_data;
$db->close();
// close connection
}
}
// UPGRADE TO VERSION 3.1.1
// ************************
$result = 0;
if ($module_version < $new_module_version) {
// Title: Upgrading to
echo '<h3>SITEMAP - Upgrading to version ' . $new_module_version . ':</h3>';
// Get ITEMS table to see what needs to be created or modified
$itemstable = $database->query("SELECT * FROM `" . $dbtable . "`");
$items = $itemstable->fetchRow();
echo "<BR><B>Trying to rename database field '<i>loop</i>' to '<i>sitemaploop</i>'...</B><BR>";
if (!array_key_exists('sitemaploop', $items)) {
if ($database->query("ALTER TABLE `" . $dbtable . "` CHANGE `loop` `sitemaploop` TEXT NOT NULL")) {
echo '<span class="good">Database field <i>loop</i> renamed to <i>sitemaploop</i> successfully</span><br />';
} else {
echo '<span class="bad">' . $database->error() . '</span><br />';
$result = 1;
}
} else {
echo '<span class="ok">Database field <i>sitemaploop</i> already exists, update not needed.</span><br />';
}
echo "<BR><B>Trying to add database field '<i>show_hidden</i>'...</B><BR>";
if (!array_key_exists('show_hidden', $items)) {
if ($database->query("ALTER TABLE `" . $dbtable . "` ADD `show_hidden` INT NOT NULL")) {
echo '<span class="good">Database field <i>show_hidden</i> added successfully</span><br />';
} else {
echo '<span class="bad">' . $database->error() . '</span><br />';
$result = 1;
}
} else {
echo '<span class="ok">Database field <i>show_hidden</i> already exists, update not needed.</span><br />';
}
// Again, let's also check in the article versions if it exists..
$sql = " select * from article_versions av ";
$sql .= " where av.articleID=" . intval($articleID);
$db->query($sql);
$db->fetcharray();
if ($db->getNumrows() > 0) {
// yes weve found it,,then lets just update it ok
$sql = " update article_versions ";
$sql .= " set article_versions.stageID= '2' , ";
$sql .= " article_versions.title= '{$title}' , ";
$sql .= " article_versions.edited_by = " . intval($userID);
$sql .= " , article_versions.article_body = '{$article_body}' , ";
$sql .= " article_versions.created= '{$created}' , ";
$sql .= " article_versions.status = '--' ";
$sql .= " where article_versions.articleID=" . intval($articleID);
if (!($result = $db->query($sql))) {
die('Error:' . $db->error());
}
} else {
// else, we hav to make a separate copy frm the original article..
$sql = " insert into article_versions ( articleID, stageID, status, created, created_day, created_month, created_year, title, article_body )";
$sql .= " values ( {$articleID}, 2, '--', {$created}, {$d}, {$m}, {$y}, '{$title}', '{$article_body}' ) ";
if (!($result = $db->query($sql))) {
die('Error:' . $db->error());
}
}
$_SESSION['task'] = 'submit';
$_SESSION['title'] = $article_title;
$_SESSION['to'] = 'News Editor';
header('Location: ../admin/my_articles2.php');
$update_msgs_arr = array();
if ($config['db_version'] >= DB_VERSION && !defined('DEV_STAGE')) {
$update_msgs_arr[] = '<span style="color:green;">' . $lang['INST_UPDATE_CUR_VER_IS_UP'] . '</span>';
$complete_upate = false;
}
//
//is there any sqls
//
if ($complete_upate && !defined('C_U_F')) {
$SQL->show_errors = false;
if (isset($update_sqls) && sizeof($update_sqls) > 0) {
$err = '';
foreach ($update_sqls as $name => $sql_content) {
$err = '';
$SQL->query($sql_content);
$err = $SQL->error();
if (strpos($err[1], 'Duplicate') !== false || $err[0] == '1062' || $err[0] == '1060') {
$sql = "UPDATE `{$dbprefix}config` SET `value` = '" . DB_VERSION . "' WHERE `name` = 'db_version'";
$SQL->query($sql);
$update_msgs_arr[] = '<span style="color:green;">' . $lang['INST_UPDATE_CUR_VER_IS_UP'] . '</span>';
$complete_upate = false;
}
}
}
}
//
//is there any functions
//
if ($complete_upate || defined('C_U_F')) {
if (isset($update_functions) && sizeof($update_functions) > 0) {
foreach ($update_functions as $n) {
