function login2($user, $pass) { $con = new db(); $conc = $con->c(); $kcook = intval($_POST["remember"]); $q = mysqli_query($conc, "SELECT `id`,`user`,`name`,`email`,`img1`,`img2`,`img3`,`bgcolor` FROM `users` WHERE (`user` = '{$user}' OR `email` ='{$user}') AND pass = '******'"); if (mysqli_num_rows($q) == 1) { $r = mysqli_fetch_array($q); setcookie("u", $r[1], time() + 52 * 60 * 60 * 24 * 7, "/"); $_SESSION["uid"] = $r[0]; $_SESSION["user"] = $r[1]; $_SESSION["name"] = $r[2]; $_SESSION["email"] = $r[3]; $_SESSION["p"] = $pass; $_SESSION["color"] = $r[7]; $_SESSION["img1"] = $r[4]; $_SESSION["img2"] = $r[5]; $_SESSION["img3"] = $r[6]; $_SESSION["ula"] = md5("{$r['1']} {$pass} {$r['0']}"); $con->close_db_con($conc); if (!valid_name($_SESSION["user"])) { $_SESSION["set_user"] = "******"; header("location: ./?settings"); } else { if ($kcook == 1) { setcookie("um", $r[1], time() + 52 * 60 * 60 * 24 * 7, "/"); setcookie("pm", $pass, time() + 52 * 60 * 60 * 24 * 7, "/"); } return true; } } else { return false; } }
function login($user, $pass) { $con = new db(); $conc = $con->c(); $kcook = intval($_POST["remember"]); $q = mysqli_query($conc, "SELECT `id`,`user`,`name`,`email`,`img1`,`img2`,`img3`,`bgcolor` FROM `users` WHERE (`user` = '{$user}' OR `email` ='{$user}') AND pass = '******'"); if (mysqli_num_rows($q) == 1) { $r = mysqli_fetch_array($q); setcookie("u", $r[1], time() + 52 * 60 * 60 * 24 * 7); $_SESSION["uid"] = $r[0]; $_SESSION["user"] = $r[1]; $_SESSION["name"] = $r[2]; $_SESSION["email"] = $r[3]; $_SESSION["p"] = $pass; $_SESSION["color"] = $r[7]; $_SESSION["img1"] = $r[4]; $_SESSION["img2"] = $r[5]; $_SESSION["img3"] = $r[6]; $_SESSION["ula"] = md5("{$r['1']} {$pass} {$r['0']}"); $con->close_db_con($conc); if ($kcook == 1) { setcookie("u", $r[1], time() + 2 * 60 * 60 * 24 * 7); setcookie("p", $pass, time() + 2 * 60 * 60 * 24 * 7); } return true; } else { return false; } }
function __construct($server, $user, $pw, $db) { try { db::$c = new PDO("mysql:host={$server};dbname={$db}", $user, $pw); db::$c->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); //echo "connection is perfect "; } catch (PDOException $e) { echo $e->getMessage(); } }
function getVid($id) { $con = new db(); $conc = $con->c(); $q = mysqli_query($conc, "SELECT videos.id,videos.user,videos.name,videos.info,videos.pict,videos.vid,videos.dl,videos.date,users.user FROM `videos` INNER JOIN users ON users.id = videos.user WHERE videos.id = {$id} "); if (mysqli_num_rows($q) == 0) { echo "({status:false,msg:'Sorry, this video cannot be found'})"; //echo "<div class='m_s_g'>Sorry, this video cannot be found.</div>"; } else { $n = 0; $r = mysqli_fetch_array($q); echo "({status:true,type:3,class:'vid_prev',title:'{$r['3']}',uid:'{$r['1']}',owner:'{$r['8']}',vid:'{$r['0']}',video:'{$r['5']}',prev:'{$r['4']}',vname:'{$r['2']}',vdate:'" . gtime($r[7]) . "'})"; //echo"<table><tr>"; //echo "<a href='#!/video=$r[0]'><div style='background:url(".PTH."/img/load/ml.gif) no-repeat center;' ><div vid='$r[0]' style='background:url(".PTH."/prev/$r[4]) no-repeat center;' class='vid_prev' title='$r[3]' onclick='playvideo(event);$(\"#pwindow\").fadeOut(500);' prev='$r[4]' video='$r[5]' info='$r[3]' vidname='$r[2]' vdate='".gtime($r[7])."' owner='$r[8]' uid='$r[1]'>$r[2]<br/>$r[3]</div></div></a>"; } $con->close_db_con($conc); exit; }
function getVid($uid) { $con = new db(); $conc = $con->c(); $q = mysqli_query($conc, "SELECT videos.id,videos.user,videos.name,videos.info,videos.pict,videos.vid,videos.dl,videos.date,users.user FROM `videos` INNER JOIN users ON users.id = videos.user WHERE videos.user = {$uid} "); if (mysqli_num_rows($q) == 0) { echo "<div class='m_s_g'>No content has been added yet</div>"; } $n = 0; echo "<table><tr>"; while ($r = mysqli_fetch_array($q)) { $n++; echo "<td ><a href='./video-{$r['0']}' onclick='return setURI(\"video\",{$r['0']})' ><div style='background:url(" . PTH . "/img/load/ml.gif) no-repeat center;height:120px;width:120px;padding:10px;'><div style='background:url(" . PTH . "/prev/{$r['4']}) left;' class='vid_prev' title='{$r['3']}' onclick='playvideo(event)' prev='{$r['4']}' vid='{$r['0']}' video='{$r['5']}' info='{$r['3']}' owner='{$r['8']}' uid='{$uid}' vidname='{$r['2']}' vdate='" . gtime($r[7]) . "'>{$r['2']}<br/>{$r['3']}</div></div></a><br/></td>"; echo $n % 4 == 0 ? "</tr><tr>" : ""; } echo "</tr></table>"; $con->close_db_con($conc); exit; }
function post($id, $uid, $userid, $user, $name, $img, $date, $post, $var, $rid, $type, $client) { $rp = ""; if ($type == 1) { $con = new db(); $conc = $con->c(); $q = mysqli_query($conc, "SELECT `post`.`id`,`users`.`user` FROM `post` INNER JOIN `users` ON (`users`.`id` = `post`.`user`) WHERE `post`.`id` = {$rid} "); $r = mysqli_fetch_array($q); $pid = $r[1]; $rp = "<a href='#' class='del' onclick='return _op({$rid},{$type})' >in reply to {$pid}</a>"; $con->close_db_con($conc); } else { if ($type == 2) { $con = new db(); $conc = $con->c(); $q = mysqli_query($conc, "SELECT `post`.`id`,`users`.`user` FROM `post` INNER JOIN `users` ON (`users`.`id` = `post`.`user`) WHERE `post`.`id` = {$rid} "); $r = mysqli_fetch_array($q); $pid = $r[1]; $con->close_db_con($conc); $rp = "<a href='#pwindow' class='del' name='modal' onclick='return _op({$rid},{$type})' >rePosted From {$pid} </a>"; } } $del = $uid == $userid ? "·<a href='#' onclick='return _del(event,\"{$id}\")'><span class='del'>delete</span></a>" : ""; if ($_SESSION["uid"] != 0) { $reply = "·<a href='#' class='del' onclick='return _reply(event)' rid='{$id}' u='{$user}'> reply</a>"; $repost = "·<a href='#' class='del' onclick='return _repost(event)' rid='{$id}' u='{$user}'> repost</a>"; } return "<div class='post' id='post{$id}'>\n\t\t\t\t\t<table><tr><td><a href='../home?i={$userid}' onclick='return _o(event,{$userid})' ><div class='smpdiv' style='background:url({$img}) center no-repeat'></div></a></td>\n\t\t\t\t\t<td>\n\t\t\t\t\t<table><tr><td><a href='../home?i={$userid}' onclick='return _o(event,{$userid})' onmouseover='_pop(event,{$userid});' >{$user}</a> <i style='_pn'>{$name}</i><br/><span class='_post'>{$post}</span><br/>{$rp} <a href='#' target='_blank' class='del'>via {$client}</a> <a class='del' href='#?post={$id}' onclick='return _op({$id},0);'>" . gtime($date) . "</a><Br/>{$del} {$reply} {$repost}</td></tr></table>\n\t\t\t\t\t</td></tr></table>\n\t\t\t\t\t </div> {$var}"; }
session_start(); if ($_SESSION['login'] != true) { header("Location: index.php?message=Log in."); } else { require 'inc/loader.php'; include "inc/funkcije.php"; require 'inc/views/template_head_start.php'; require 'inc/views/template_head_end.php'; require 'inc/views/base_head.php'; ?> <?php //Treba mi id stranice koja se menja, BIO = 1, GALLERY = 2, CONTACT = 3 $id_page = 1; $DB = new db(); $SQL = "SELECT * FROM pages WHERE id_page='" . $DB->c($id_page) . "'"; $DB->query($SQL); $row = $DB->fetch_assoc(); $content = $row['content']; $DB->close(); ?> <!-- Page Header --> <div class="content bg-gray-lighter"> <div class="row items-push"> <div class="col-sm-7"> <h1 class="page-heading"> Content <small>change BIO text.</small> </h1> </div> <div class="col-sm-5 text-right hidden-xs"> <ol class="breadcrumb push-10-t">
<?php session_start(); include "../scripts/db.php"; $style = "style='font:20px verdana;text-align:center;color:#777;'"; $user = $_SESSION["uid"]; if (!isset($_SESSION["user"], $_SESSION["p"]) && $user != 0) { exit("<div class='m_s_g'>Invalid Authentication<div>"); } $con = new db(); $conc = $con->c(); if (isset($_POST["del"])) { list($id, $vid, $img) = explode("____", $_POST["vars"]); $q = mysqli_query($conc, "DELETE FROM videos WHERE id = {$id} AND user = {$user}"); $qq = mysqli_query($conc, "DELETE FROM comment WHERE cid = {$id} AND type = 3"); if ($q) { @unlink("../video/" . $vid); if (!strstr($img, DEF_VID_IMG)) { @unlink("../prev/" . $img); } $con->close_db_con($conc); exit("<div {$style}>Successfully Deleted.</div>"); } else { $con->close_db_con($conc); exit("<div {$style}>Error deleting video.</div>"); } } if (isset($_POST["upd"])) { $id = intval($_POST["id"]); $name = strclean($_POST["name"]); $info = strclean($_POST["info"]);
} if (file_exists($temp_file)) { unlink($temp_file); } // -------------- End Resizing i Croping funkcije za sliku ----------------- // Prikazujemo rezultate da bi smo mogli videti i testirati sta se desilo //echo "The file named <strong>$fileName</strong> uploaded successfuly.<br /><br />"; //echo "It is <strong>$fileSize</strong> bytes in size.<br /><br />"; //echo "It is an <strong>$fileType</strong> type of file.<br /><br />"; //echo "The file extension is <strong>$fileExt</strong><br /><br />"; //echo "The Error Message output for this upload is: $fileErrorMsg"; } else { $photo = 'none'; } // Kraj obrade u uploada slike // Unosimo novu kategoriju u bazu $DB = new db(); $SQL = "INSERT INTO gallery (\n\t\t\t\t ph_name,\n\t\t\t\t ph_info,\n\t\t\t\t\tphoto,\n\t\t\t\t\tph_show,\n\t\t\t\t\tph_datum,\n\t\t\t\t\tph_type\n\t\t\t\t) VALUES( \n\t\t\t\t '" . $DB->c($ph_name) . "', \n\t\t\t\t '" . $DB->c($ph_info) . "', \n\t\t\t\t '" . $DB->c($photo) . "', \n\t\t\t\t '" . $DB->c($ph_show) . "', \n\t\t\t\t '" . $DB->c($ph_date) . "', \n\t\t\t\t '" . $DB->c($ph_type) . "'\n\t\t\t\t)"; $result = $DB->query($SQL); $DB->close(); $result = true; if ($result) { $poruka = "image uploaded successfully!"; } else { $poruka = "Error, Image is not uploaded, please try again"; } } else { $poruka = "Unauthorized direct access to the page!"; } header("Location: gallery2.php?message={$poruka}"); }
<?php session_start(); include "../scripts/db.php"; if (!isset($_SESSION["uid"], $_SESSION["user"])) { exit("<div class='m_s_g'>Invalid Authentication<div>"); } $uid = intval($_SESSION["uid"]); if ($uid != 0 && isset($uid)) { $con = new db(); $conc = $con->c(); $num = 0; $subjres = mysqli_query($conc, "SELECT `id` FROM `msg_subj` WHERE `u1` = {$uid} OR `u2` = {$uid}"); if ($subjres) { while ($sb = mysqli_fetch_array($subjres)) { $msg = mysqli_query($conc, "SELECT `new`,`uid` FROM `msg` WHERE `new` = 1 AND `cid` = " . $sb[0] . " ORDER BY `id` DESC"); if ($msg) { $ltv = mysqli_fetch_array($msg); $numr = mysqli_num_rows($msg); if ($numr > 0 && $ltv[1] != $uid) { $num = $num + $numr; } } } } $num = $num > 0 ? $num : ""; $subjres = NULL; $sb = NULL; echo $num; $_SESSION["msg_num"] = $num; }
<?php include "../scripts/db.php"; $con = new db(); $conc = $con->c(); header("Content-Type: text/xml"); $user = md5($_POST["user"]); echo "<?xml version='1.0' encoding='utf-8' ?><bubble uid='{$user}'>"; $action = $_POST["action"]; $p = sha1($_POST["p"]); $id = $_POST["id"]; $time = $_POST["time"]; $msg = _hstr_(strclean($_POST["msg"]), false); switch ($action) { case 1: $q = mysqli_query($conc, "SELECT * FROM `users` WHERE `em` = '{$user}' AND `pass` = '{$p}' "); $r = mysqli_fetch_assoc($q); if (mysqli_num_rows($q) == 1) { echo "<name>" . $r["fname"] . " " . $r["lname"] . "</name>"; echo "<img>" . str_replace("../", "http://localhost/bubble/", $r["img_m"]) . "</img>"; } else { echo "<error>Invalid Credentials</error>"; } break; case 2: $q = mysqli_query($conc, "SELECT `email`,`femail`,`id` FROM `pals` WHERE `email` = '{$user}' OR `femail` = '{$user}' "); $q2 = mysqli_query($conc, "UPDATE `chat_online` SET `time` = " . date("U") . " WHERE `email` = '{$user}'"); while ($r = mysqli_fetch_array($q)) { $em = $r[0] == $user ? $r[1] : $r[0]; $tm = date("U") - 60 * 10; $q2 = mysqli_query($conc, "SELECT `email` FROM `chat_online` WHERE `email` = '{$em}' AND `time` > {$tm}");
<table cellpadding="5"><tr> <?php include "../scripts/db.php"; $limit = intval($_POST["limit"]); if (isset($limit)) { $con = new db(); $conc = $con->c(); $i = 0; $q = mysqli_query($conc, "SELECT * FROM users ORDER BY id DESC"); while ($r = mysqli_fetch_array($q)) { $i++; $img = substr($r[7], 1, strlen($r[7])); echo "<td><a target='_blank' href='" . PTH . "/{$r['0']}' title='{$r['3']}' style='color:#fff;text-shadow:2px #444;'><div style='background:#000 url(" . PTH . "{$img}) no-repeat center;' class='smpdiv' ></div></a></td>"; if ($i % 15 == 0) { //echo "<tr></tr>"; } if ($i == 30) { break; } } mysqli_close($con->c()); } ?> </tr></table>
function work_list($folder) { ?> <!-- Page Header --> <div class="content bg-gray-lighter"> <div class="row items-push"> <div class="col-sm-7"> <h1 class="page-heading"> Radovi <small>Spisak ilustracija, dizajna, fotografija.</small> </h1> </div> <div class="col-sm-5 text-right hidden-xs"> <ol class="breadcrumb push-10-t"> <li>Radovi</li> <li><a class="link-effect" href="works.php">Lista</a></li> </ol> </div> </div> </div> <!-- END Page Header --> <!-- Page Content --> <div class="content content-boxed"> <!-- <h2 class="content-heading">Your content</h2> --> <!-- Table Sections (.js-table-sections class is initialized in App() -> uiHelperTableToolsSections()) --> <div class="block"> <div class="block-header"> <div class="block-content"> <!-- Separate your table content with multiple tbody sections. Add one row and add the class .js-table-sections-header to a tbody section to make it clickable. It will then toggle the next tbody section which can have multiple rows. Eg: <tbody class="js-table-sections-header">One row</tbody> <tbody>Multiple rows</tbody> <tbody class="js-table-sections-header">One row</tbody> <tbody>Multiple rows</tbody> <tbody class="js-table-sections-header">One row</tbody> <tbody>Multiple rows</tbody> You can also add the class .open in your tbody.js-table-sections-header to make the next tbody section visible by default --> <table class="js-table-sections table table-hover table-vcenter"> <thead> <tr> <th style="width: 30px;"></th> <th class="text-center" style="width: 100px;"><i class="si si-grid"></i></th> <th>Naslov</th> <th style="width: 15%;" class="hidden-xs text-center">Kategorija/boja</th> <th class="hidden-xs" style="width: 15%;">Datum</th> <th class="text-center" style="width: 100px;">Akcija</th> </tr> </thead> <?php $DB = new db(); $SQL = "SELECT \n\t\t\t\tworks.id_work AS id_work,\n\t\t\t\tworks.id_cat AS id_cat,\n\t\t\t\tworks.work_name AS work_name,\n\t\t\t\tworks.work_desc AS work_desc,\n\t\t\t\tworks.work_color AS work_color,\n\t\t\t\tworks.work_date AS work_date,\n\t\t\t\tworks.work_mpic AS work_mpic,\n\t\t\t\tworks.work_show AS work_show,\n\t\t\t\tcategories.cat_name AS cat_name\n\t\t\tFROM works\n\t\t\tLEFT JOIN categories ON(works.id_cat=categories.id_cat)\n\t\t\tORDER BY works.id_work DESC"; $DB->query($SQL); while ($row = $DB->fetch_assoc()) { $id_work = $row['id_work']; $id_cat = $row['id_cat']; $work_name = $row['work_name']; $work_desc = $row['work_desc']; if ($work_desc != "") { $work_desc = '<span class="label label-success">Da</span>'; } else { $work_desc = '<span class="label label-danger">Ne</span>'; } $work_color = $row['work_color']; $work_date = $row['work_date']; $work_mpic = '../images/work/thumb_' . $row['work_mpic']; // Proveravam dal slika postoji ili ne , ako nepostoji ucitavamo onu noimage i menjamo boju reda. if (file_exists($work_mpic)) { $work_mpic = $work_mpic; } else { $work_mpic = $folder . '/img/avatars/avatar3.jpg'; } $work_ipic = $row['work_ipic']; $work_show = $row['work_show']; $cat_name = $row['cat_name']; $DB2 = new db(); $SQL = "SELECT count(*) AS koliko FROM segments WHERE id_work ='" . $DB2->c($id_work) . "' GROUP BY id_work"; $DB2->query($SQL); $koliko = 0; while ($row2 = $DB2->fetch_assoc()) { $koliko = $row2['koliko']; } $DB2->close(); ?> <tbody class="js-table-sections-header"> <tr> <td class="text-center"> <i class="fa fa-angle-right"></i> </td> <td class="text-center"><img class="img-avatar img-avatar48" src="<?php echo $work_mpic; ?> " alt=""></td> <td class="font-w600"><?php echo $work_name; ?> </td> <td class="hidden-xs text-center"> <?php echo $cat_name; ?> <span style="background:<?php echo $work_color; ?> ; color:<?php echo $work_color; ?> ;">00</span> </td> <td class="hidden-xs"> <em class="text-muted"><?php echo $work_date; ?> </em> </td> <td> <div class="btn-group"> <button class="btn btn-xs btn-default" type="button" data-toggle="tooltip" title="Izmeni rad" onclick="location.href='works.php?loc=1&work=<?php echo $id_work; ?> ';"><i class="fa fa-pencil"></i></button> <?php if ($koliko == 0) { ?> <button class="btn btn-xs btn-default" type="button" data-toggle="tooltip" title="Ukloni rad" onclick="sure(<?php echo $id_work; ?> )"><i class="fa fa-times"></i></button> <?php } ?> </div> </td> </tr> </tbody> <tbody> <tr> <td class="text-center"></td> <td class="font-w600">Podnaslov</td> <td> <?php echo $work_desc; ?> </td> <td class="hidden-xs"> </td> <td class="hidden-xs"> </td> <td> </td> </tr> <tr> <td class="text-center"></td> <td class="font-w600">Broj segmenata</td> <td> <span class="badge badge-info"><?php echo $koliko; ?> </span> <div class="btn-group"> <button class="btn btn-xs btn-default" type="button" data-toggle="tooltip" title="Dodaj segment" onclick="location.href='works.php?loc=3&work=<?php echo $id_work; ?> ';"><i class="fa fa-plus-circle"></i></button> <button class="btn btn-xs btn-default" type="button" data-toggle="tooltip" title="Vidi segmente" onclick="location.href='works.php?loc=2&work=<?php echo $id_work; ?> ';"><i class="fa fa-eye"></i></button> </div> </td> <td class="hidden-xs"> </td> <td class="hidden-xs"> </td> <td> </td> </tr> </tbody> <?php } $DB->close(); ?> </table> </div> </div> </div> <!-- END Table Sections --> </div> <!-- END Page Content --> <script> function sure(id) { var agree=confirm("Attention!\nDa li si siguran da želiš da ukloniš ovaj rad?\n (sa komplernim sadržajem)"); if (agree) window.location.href = "works_del.php?id_work="+id; else return false ; } </script> <?php }
function post($id, $uid, $userid, $user, $name, $img, $date, $post, $var, $rid, $type, $client) { $client_apps_array = array("", "web", "mobile", ""); $client_apps_url = array("", "./?force_web=2", "./?force_mobile=2", ""); $rp = ""; $client1 = $client_apps_array[$client]; $clienturl = $client_apps_url[$client]; $client = "<a href='{$clienturl}' class='small' target='_blank'>via {$client1}</a>"; if ($type == 1) { $con = new db(); $conc = $con->c(); $q = mysqli_query($conc, "SELECT `post`.`id`,`users`.`user` FROM `post` INNER JOIN `users` ON (`users`.`id` = `post`.`user`) WHERE `post`.`id` = {$rid} "); $r = mysqli_fetch_array($q); $pid = $r[1]; $rp = "<a href='" . PTH . "/?view={$rid}&t={$type}' class='del' onclick='return _op({$rid},{$type})' title='in reply to {$pid}'><table><tr><td><div class='preply'></div></td><td>to {$pid}</td></tr></table></a>"; $con->close_db_con($conc); } else { if ($type == 2) { $con = new db(); $conc = $con->c(); $q = mysqli_query($conc, "SELECT `post`.`id`,`users`.`user` FROM `post` INNER JOIN `users` ON (`users`.`id` = `post`.`user`) WHERE `post`.`id` = {$rid} "); $r = mysqli_fetch_array($q); $pid = $r[1]; $con->close_db_con($conc); $rp = "<a href='" . PTH . "/?view={$rid}&t={$type}' class='del' onclick='return _op({$rid},{$type})' title='refed from {$pid}'><table><tr><td><div class='prefeed'></div></td><td>from {$pid}</td></tr></table></a>"; } } $bb = "."; $imgclass = "smpdiv"; $post_style = ""; $url = "./{$user}"; if ($_SESSION["mobile"] == 2) { // $bb = ".."; // $url = "./?i=$user"; $imgclass = "ssmpdiv"; } if ($var == "pop") { $style = "style='width:400px;'"; $var = ""; $imgclass = "ssmpdiv"; $post_style = "style='font-size:10px;'"; } if ($_SESSION["uid"] != 0) { $con = new db(); $conc = $con->c(); $del = $uid == $userid ? "<a onclick='return _del(event,\"{$id}\")'><div title='delete' class='delete'></div></a>" : ""; $nl = numlikes($conc, $id); $like = _like($conc, $id, $uid) ? " style='background-image:url(" . PTH . "/img/like.png);' class='like' title='unlike {$nl}'" : " title='like {$nl}' style='background:url(" . PTH . "/img/like_2.png) center no-repeat;' class='like'"; $con->close_db_con($conc); $llike = " <div {$like} onclick='_like(event,{$id},{$userid})' class='like' onmouseover='_textgrow(event)' align='center'>" . $nl . "</div>"; $reply = "<a href='" . PTH . "/?rep={$id}&u={$user}&t=1' class='del' onclick='return _reply(event)' rid='{$id}' u='{$user}'><div class='preply' title='reply {$name}'></div></a>"; $repost = "<a href='" . PTH . "/?rep={$id}&u={$user}&t=2' class='del' onclick='return _repost(event)' rid='{$id}' u='{$user}'><div title='refeed' class='prefeed' ></div></a>"; } $style = stripos($post, "@" . $_SESSION["user"]) !== false ? "style='border-left:2px solid #444;'" : ""; // $style = $userid == $uid?"style='border-right:1px solid #444;'":$style; // $style = ""; //_pop(event,$userid) return "<div class='post' id='post{$id}' {$style} onmouseover='_postOver(event)' >\n\t\t\t\t<table width='100%'><tr><td width='10%'><a href='{$url}' onclick='return _pop(event,\"{$user}\")' ><div class='{$imgclass}' style='background-image:url(" . PTH . "{$img});'></div></a></td>\n\t\t\t\t<td width='90%'>\n\t\t\t\t<table width='100%'><tr><td width='100%'><a href='{$url}' onclick='return _pop(event,\"{$userid}\")' onmouseover='' >{$user}</a> <i style='_pn'>{$name}</i><br/><span class='_post' id='post_span_" . $id . "' {$post_style}>{$post}</span><br/></td></tr></table>\n\t\t\t\t<table style='float:right;'><tr><td valign='middle'><a class='del' style='display:none;' udate='" . date("U", $date) . "' title='" . date("r", $date) . "' href='" . PTH . "/?view={$id}&t=0' onclick='return _op({$id},0);'>" . gtime($date) . "</a></td><td valign='middle'>{$rp}</td><td valign='middle'>{$client}</td><td>{$llike}</td><td>{$reply}</td><td>{$repost}</td><td>{$del}</td><td valign='middle'>{$var}</td></tr></table></td></tr></table>\n\t\t\t\t</div> "; }
</ol> </div> </div> </div> <!-- END Page Header --> <!-- Page Content --> <div class="content"> <!-- <h2 class="content-heading">Your content</h2> --> <div class="col-sm-6 col-sm-offset-3"> <div class="block block-themed"> <?php $workdata = $request->post; $DB = new db(); foreach ($workdata as $name => $value) { $workdata[$name] = $DB->c($value); } $old_pass = md5($workdata['old_pass']); $new_pass = md5($workdata['new_pass']); $cnew_pass = md5($workdata['cnew_pass']); if ($new_pass == $cnew_pass) { // Upisujemo novu sifru na mesto gde je bila stara ako je dobro uneta stara sifra $SQL = "UPDATE korisnik SET pass='******' WHERE (idko='" . $_SESSION['sidko'] . "' AND pass='******')"; $DB = new db(); $DB->query($SQL); // Proveravamo dal je nova sifra upisana , ako jeste onda je stara bila ok. $SQL = "SELECT * FROM korisnik WHERE (idko='" . $_SESSION['sidko'] . "' AND pass='******')"; $DB->query($SQL); $num = $DB->num_rows(); $DB->close(); if ($num != 1) {
<link rel="stylesheet" href="<?php echo $one->assets_folder; ?> /js/plugins/bootstrap-datepicker/bootstrap-datepicker3.min.css"> <?php require 'inc/views/template_head_end.php'; require 'inc/views/base_head.php'; ?> <?php //ako je $_GET['id_show'] setovan, onda je potrebno izvrsiti izmenu nastupa if (isset($_GET['id_show'])) { $id_show = $request->get['id_show']; $DB = new db(); $SQL = "SELECT * FROM shows WHERE id_show='" . $DB->c($id_show) . "'"; $DB->query($SQL); $row = $DB->fetch_assoc(); $place_name = $row['place']; $show_time = $row['show_time']; $start_date = date('d-m-Y', strtotime($show_time)); $start_hour = date('H', strtotime($show_time)); $start_minute = date('i', strtotime($show_time)); $place_loc = $row['gps_loc']; $DB->close(); ?> <!-- Page Header --> <div class="content bg-gray-lighter"> <div class="row items-push"> <div class="col-sm-7"> <h1 class="page-heading">
<?php session_start(); if ($_SESSION['login'] != true) { header("Location: index.php?message=Log in."); } else { include "inc/loader.php"; include "inc/funkcije.php"; //Ucitavamo mysql klasu if ($_GET['id_show'] != "") { $id_show = $request->get['id_show']; $DB = new db(); $SQL = "DELETE FROM shows WHERE id_show='" . $DB->c($id_show) . "' LIMIT 1"; $result = $DB->query($SQL); $DB->close(); if ($result) { $poruka = "Deleted!"; } else { $poruka = "Error, not deleted!"; } } else { $poruka = "Unauthorized direct access to the page!"; } header("Location: shows.php?message={$poruka}"); }
if ($_POST['id_show'] != "" && $_POST['place_name'] != "" && $_POST['show_date'] != "") { //$naslov = mysql_real_escape_string($_POST['naziv']); $id_show = $request->post['id_show']; $place_name = $request->post['place_name']; $place_loc = $request->post['place_loc']; $show_date = $request->post['show_date']; $show_hour = $request->post['show_hour']; $show_mins = $request->post['show_mins']; // Pretvaramo datum iz forme i vreme u format koji nam odgovara za upis u bazu $datum = explode("-", $show_date); "dd-mm-yyyy"; $sDate = $datum[2] . "-" . $datum[1] . "-" . $datum[0]; $s_datetime = $sDate . " " . $show_hour . ":" . $show_mins . ":00"; $idko = $_SESSION['sidko']; $vremec = time(); // Unosimo novu kategoriju u bazu $DB = new db(); $SQL = "UPDATE \n\t\t\t\t\t\t\tshows \n\t\t\t\t\t\tSET\n\t\t\t\t\t\t\tplace = '" . $DB->c($place_name) . "', \n\t\t\t\t\t\t\tgps_loc = '" . $DB->c($place_loc) . "', \n\t\t\t\t\t\t\tshow_time = '" . $DB->c($s_datetime) . "'\n\t\t\t\t\t\tWHERE\n\t\t\t\t\t\t\tid_show = '" . $DB->c($id_show) . "' "; $result = $DB->query($SQL); $DB->close(); $result = true; if ($result) { $poruka = "Place and time successfully update!"; } else { $poruka = "Error, Place and time is not update"; } } else { $poruka = "Unauthorized direct access to the page!"; } header("Location: shows.php?message={$poruka}"); }
<?php session_start(); if ($_SESSION['login'] != true) { header("Location: index.php?message=Log in."); } else { include "inc/loader.php"; include "inc/funkcije.php"; //Ucitavamo mysql klasu if ($_GET['id_ph'] != "") { $id_ph = $request->get['id_ph']; $DB = new db(); $SQL = "SELECT photo FROM gallery WHERE id_ph='" . $DB->c($id_ph) . "' LIMIT 1"; $DB->query($SQL); $row = $DB->fetch_assoc(); $photo = $row['photo']; // Brisanje fajla koji se veze za ponudu $filename = "../img/gallery/{$photo}"; if (file_exists($filename)) { unlink($filename); } $filename = "../img/gallery/thumb_{$photo}"; if (file_exists($filename)) { unlink($filename); } $SQL = "DELETE FROM gallery WHERE id_ph='" . $DB->c($id_ph) . "' LIMIT 1"; $result = $DB->query($SQL); $DB->close(); if ($result) { $poruka = "image deleted!"; } else {
} elseif ($id_page == 2) { $page = 'gallery'; } elseif ($id_page == 3) { $page = 'contact'; } $cms_text = $request->post['cms_text']; $idko = $_SESSION['sidko']; $vremec = time(); if ($_POST['seg_date'] != "") { $middle_d = strtotime($seg_date); $seg_date = date('Y-m-d', $middle_d); } else { $seg_date = date('Y-m-d', $vremec); } $vreme = date('d-m-y-H-i-s', $vremec); //Ispravke u bazi $DB = new db(); $SQL = "UPDATE\n\t\t\t\t\t\t\tpages \n\t\t\t\t\t\tSET\n\t\t\t\t\t\t\tcontent = '" . $DB->c($cms_text) . "'\n\t\t\t\t\t\tWHERE\n\t\t\t\t\t\t\tid_page = '" . $DB->c($id_page) . "' "; $result = $DB->query($SQL); $DB->close(); $result = true; if ($result) { $poruka = "Content changed!"; } else { $poruka = "Error, Content is not changed"; } } else { $poruka = "Unauthorized direct access to the page!"; } header("Location: cms_" . $page . ".php?message=" . $poruka . ""); }
//Ucitavamo mysql klasu if ($_POST['place_name'] != "" && $_POST['show_date'] != "") { //$naslov = mysql_real_escape_string($_POST['naziv']); $place_name = $request->post['place_name']; $place_loc = $request->post['place_loc']; $show_date = $request->post['show_date']; $show_hour = $request->post['show_hour']; $show_mins = $request->post['show_mins']; // Pretvaramo datum iz forme i vreme u format koji nam odgovara za upis u bazu $datum = explode("-", $show_date); "dd-mm-yyyy"; $sDate = $datum[2] . "-" . $datum[1] . "-" . $datum[0]; $s_datetime = $sDate . " " . $show_hour . ":" . $show_mins . ":00"; $idko = $_SESSION['sidko']; $vremec = time(); // Unosimo novu kategoriju u bazu $DB = new db(); $SQL = "INSERT INTO shows (\n\t\t\t\tplace,\n\t\t\t\tgps_loc,\n\t\t\t\tshow_time\n\t\t\t) VALUES( \n\t\t\t\t'" . $DB->c($place_name) . "', \n\t\t\t\t'" . $DB->c($place_loc) . "', \n\t\t\t\t'" . $DB->c($s_datetime) . "'\n\t\t\t)"; $result = $DB->query($SQL); $DB->close(); $result = true; if ($result) { $poruka = "Place and time successfully set!"; } else { $poruka = "Error, Place and time is not set"; } } else { $poruka = "Unauthorized direct access to the page!"; } header("Location: shows.php?message={$poruka}"); }