$return['errorText'][$db_name] = 'does not exist'; } else { if (!underPath($file)) { $return['error'] = true; $return['errorText'][$db_name] = 'is not in your image path'; } else { if (!rename($file, $destination)) { $return['error'] = true; $return['errorText'][$db_name] = 'could not be deleted'; } else { if ($ext == 'jpg') { // delete database entry if it is an image //$q = new myQuery("SELECT id FROM img WHERE name='{$db_name}'"); //$id = $q->get_one(); $q = new myQuery("DELETE FROM img WHERE name='{$db_name}'"); if ($q->get_affected_rows() != 1) { //$return['error'] = true; $return['errorText'][$db_name] = 'deleted (not from db)'; } else { $return['errorText'][$db_name] = 'deleted'; } //$q = new myQuery("DELETE FROM tag WHERE id='{$id}'"); } } } } } } } } scriptReturn($return);
// remove trailing slash $basedir = preg_replace('@[^?;:{}/]+$@', '', $olddir); // remove last dir name $olddir = preg_replace('@^' . $basedir . '@', '', $olddir); if ($newdir == '') { $return['errorText'] .= 'You cannot change the directory name to “' . $_POST['newdir'] . '”'; } else { if (!is_dir(IMAGEBASEDIR . $basedir) || !chdir(IMAGEBASEDIR . $basedir)) { $return['errorText'] .= 'Could not change directory to ' . $basedir; } else { if (is_dir($newdir)) { $return['errorText'] .= $basedir . $newdir . ' already exists'; } else { if (!rename($olddir, $newdir)) { $return['errorText'] .= "Could not rename {$olddir} to {$newdir}"; } else { chmod($newdir, DIRPERMS); $return['error'] = false; $return['newdir'] = $basedir . $newdir; $old = '/' . $basedir . '/' . $olddir . '/'; $new = '/' . $basedir . '/' . $newdir . '/'; $old = str_replace('//', '/', $old); $new = str_replace('//', '/', $new); $q = new myQuery("UPDATE img SET name = REPLACE(name, '{$old}', '{$new}') WHERE LOCATE('{$old}', name) = 1"); $return['images_updated'] = $q->get_affected_rows(); } } } } scriptReturn($return); exit;
<?php // add a user's facialmetric equation to the database require_once $_SERVER['DOCUMENT_ROOT'] . '/include/main_func.php'; auth(); $return = array('error' => false, 'errorText' => ''); // clean the equation // Remove whitespaces $eq = preg_replace('/\\s+/', '', $_POST['eq']); $blank_eq = str_replace(array('abs(', 'min(', 'max(', 'atan(', 'asin(', 'acos(', 'tan(', 'sin(', 'cos(', 'sqrt(', 'pow(', 'rad2deg(', 'x[', 'y[', ']', '(', ')', '.', ',', '0', '1', '2', '3', '4', '5', '6', '7', '8', '9', '+', '-', '*', '/'), '', $eq); if (!empty($blank_eq)) { $return['error'] = true; $return['errorText'] .= 'The equation was not valid. These characters need to be removed: ' . $blank_eq; } else { $user = $_SESSION['user_id']; $name = my_clean($_POST['name']); $desc = my_clean($_POST['desc']); $q = new myQuery("REPLACE INTO fm (user_id, name, description, equation) \n VALUES ('{$user}', '{$name}', '{$desc}', '{$_POST['eq']}')"); if ($q->get_affected_rows() == 1) { $return['name'] = $name; $return['desc'] = $desc; $return['eq'] = $_POST['eq']; } else { $return['name'] = $q->get_affected_rows(); } } scriptReturn($return); exit; ?>
<?php // remove an owner from a project require_once $_SERVER['DOCUMENT_ROOT'] . '/include/main_func.php'; auth(); $return = array('error' => false, 'errorText' => ''); $user = $_SESSION['user_id']; $project = $_POST['project']; $deluser = $_POST['owner']; $q = new myQuery("SELECT 1 FROM project_user WHERE project_id='{$project}' AND user_id='{$user}'"); if ($q->get_affected_rows() > 0) { $q = new myQuery("SELECT COUNT(*) as c FROM project_user WHERE project_id='{$project}' GROUP BY project_id"); if ($q->get_one() < 2) { $return['error'] = true; $return['errorText'] = "This project only has one user. Please add more before deleting users to avoid abandoning projects."; } else { $q = new myQuery("DELETE FROM project_user WHERE project_id='{$project}' AND user_id='{$deluser}'"); if ($q->get_affected_rows() == 0) { $return['error'] = true; $return['errorText'] = "This user could not be deleted from this project"; } } } else { $return['error'] = true; $return['errorText'] = "You do not have permission to delete users from this project"; } scriptReturn($return); exit; ?>
function duplicateTable($table, $type, $old_id, $new_id) { $q = new myQuery("SELECT * FROM {$table} WHERE {$type}_id={$old_id}"); $old_data = $q->get_assoc(); if (count($old_data) > 0) { unset($old_data[0]["{$type}_id"]); $fields = array_keys($old_data[0]); $query = sprintf("INSERT INTO {$table} ({$type}_id, %s) SELECT {$new_id}, %s FROM {$table} WHERE {$type}_id={$old_id}", implode(", ", $fields), implode(", ", $fields)); $q = new myQuery($query); } return $q->get_affected_rows(); }
<?php require_once $_SERVER['DOCUMENT_ROOT'] . '/include/main_func.php'; date_default_timezone_set('Europe/London'); include DOC_ROOT . '/include/classes/PHPMailer/PHPMailerAutoload.php'; $return = array('error' => false, 'errorText' => ''); $id = my_clean($_POST['id']); $auth = cleanData($_POST, 'auth', array("user", "disabled"), $default = 'disabled'); $q = new myQuery("UPDATE user SET status='{$auth}' WHERE id={$id}"); if ($auth == "user" && $q->get_affected_rows() == 1) { // create a new password $chars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNPQRSTUVWXYZ123456789123456789"; $password = substr(str_shuffle($chars), 0, 10); $salt = '$2y$10$' . substr(md5(microtime()), 0, 21) . '$'; $hash = crypt($password, $salt); $q = new myQuery(array("UPDATE user SET password='******' WHERE id='{$id}'", "SELECT email FROM user WHERE id='{$id}'")); $email = $q->get_one(); $return['email'] = $email; if (DEBUG) { $return['newpass'] = $password; } // only for debugging!!!! // email new password to the user $to = $email; $subject = 'WebMorph.org Account Authorized'; $headers = "From: lisa.debruine@glasgow.ac.uk\r\n"; $headers .= "Reply-To: lisa.debruine@glasgow.ac.uk\r\n"; $headers .= "MIME-Version: 1.0\r\n"; $headers .= "Content-Type: text/html; charset=ISO-8859-1\r\n"; $message = "<html><body style='color: rgb(50,50,50); font-family:\"Lucida Grande\"';>" . "<p>Hi {$email},</p>\n" . "<p>Your requested <a href='http://webmorph.org'>WebMorph</a> account has been authorized.</p>\n" . "<p>Remember, WebMorph is in beta testing, so there are likely to be problems sometimes. \n WebMorph should work with Chrome and Safari, but I develop in FireFox, so errors are usually \n caught there first.</p>\n" . "<div style='border: 3px solid hsl(200,100%,20%); " . " box-shadow: 2px 2px 4px rgba(0,0,0,0.5);border-radius: 1em; padding: 1em; " . " text-align: center; width: 18em; margin: auto;'>\n" . " Your new password:\n" . " <div style='font-size: 200%; margin-top: 0.5em;'>{$password}</div>\n" . "</div>\n" . "<p>You can reset your password after logging in by going to the Preferences menu option.</p>\n" . "<p>Kind regards,</p>\n" . "<p>Lisa DeBruine</p>\n" . "</body></html>\n."; $text_message = "Hi {$email},\n" . "Your requested <a href='http://webmorph.org'>WebMorph</a> account has been authorized.\n\n" . "Remember, WebMorph is in beta testing, so there are likely to be problems sometimes. \n WebMorph should work with Chrome and Safari, but I develop in FireFox, so errors are usually \n caught there first. \n\n" . "Your new password: {$password} \n\n" . "You can reset your password after logging in by going to the Preferences menu option.</p>\n\n" . "Kind regards,\n" . "Lisa DeBruine\n.";
<?php // delete a default template from the database require_once $_SERVER['DOCUMENT_ROOT'] . '/include/main_func.php'; auth(); $return = array('error' => false, 'errorText' => ''); $user = $_SESSION['user_id']; // check if user has permission to delete this template $tem_id = intval($_POST['id']); $q = new myQuery("SELECT COUNT(*) as c FROM tem WHERE user_id={$user} AND id={$tem_id} AND id>1"); if ($q->get_one() == 0) { $return['error'] = true; $return['errorText'] = 'You do not have permission to delete this template.'; header('Content-Type: application/json'); echo json_encode($return); exit; } $q = new myQuery("DELETE FROM tem WHERE id={$tem_id};"); $return['tem_deleted'] = $q->get_affected_rows(); if ($return['tem_deleted'] == 0) { $return['error'] = true; $return['errorText'] = "Template {$tem_id} was not deleted."; } else { $q->set_query("DELETE FROM point WHERE tem_id={$tem_id};"); $return['points_deleted'] = $q->get_affected_rows(); $q->set_query("DELETE FROM line WHERE tem_id={$tem_id};"); $return['lines_deleted'] = $q->get_affected_rows(); } scriptReturn($return); exit;
<?php // delete a user's facialmetric equation from the database require_once $_SERVER['DOCUMENT_ROOT'] . '/include/main_func.php'; auth(); $return = array('error' => false, 'errorText' => ''); $user = $_SESSION['user_id']; $name = my_clean($_POST['name']); $q = new myQuery("DELETE FROM fm WHERE user_id='{$user}' AND name='{$name}'"); if ($q->get_affected_rows() !== 1) { $return['error'] = true; $return['errorText'] = $q->get_affected_rows() . ' equations were deleted'; } scriptReturn($return); exit; ?>