Exemple #1
0
                 </div>
             ';
     $db->rawData("UPDATE inscripto_curso SET validado=" . $_GET["val"] . "  WHERE inscripto_eliminado=0 AND inscripto_id=" . $_GET["ins"]);
     break;
 case "cambiarEstadoPedido":
     echo '
                 <div class="alert alert-success alert-dismissible fade in" role="alert">
                 <button type="button" class="close" data-dismiss="alert" aria-label="Close"><span aria-hidden="true">x</span></button>
                 <b>Exito:</b> Se ha actualizado el estado del pedido correctamente
                 </div>
             ';
     $db->rawData("UPDATE pedido SET pedido_procesado=" . $_GET["val"] . "  WHERE pedido_eliminado=0 AND pedido_id=" . $_GET["ped"]);
     break;
 case "detallePedido":
     $salida = "";
     $info = $db->consulta("SELECT * FROM pedido p  LEFT JOIN usuario_sitio us ON (p.usw_id=us.usw_id) LEFT JOIN direccion_envio de ON (de.usw_id=us.usw_id) LEFT JOIN paises pa ON (pa.id=de.pais_id)" . "WHERE  pedido_eliminado=0 AND pedido_id=" . $_GET["ped"]);
     $info = $info[0];
     $productos = $db->consulta("SELECT * FROM pedido_producto pp LEFT JOIN producto p ON (pp.prod_id=p.prod_id) WHERE pedido_id=" . $_GET["ped"]);
     $uax_extra;
     if (trim($info["dire_extra"]) != "") {
         $uax_extra = "(" . $info["dire_extra"] . ")";
     }
     $salida = "<b>Datos del Usuario</b><br>" . "" . $info["usw_apellido"] . ", " . $info["usw_nombre"] . " <br>" . "" . $info["usw_email"] . " <br>" . "" . $info["usw_scanycar"] . " <br>" . "<b>Datos para envio</b><br>" . "" . $info["dire_direccion"] . " " . $uax_extra . " <br>" . "" . $info["dire_ciudad"] . ", " . $info["dire_provincia"] . " (" . $info["dire_cp"] . ") <br>" . "" . $info["nombre"] . " <br>" . "" . $info["dire_telefono"] . " " . $info["dire_movil"] . " <br><br>" . "<b>Datos del Pedido #" . $info["pedido_id"] . " " . convertirFechaHora($info["pedido_fecha"]) . "</b><br>" . "<table class='table table-striped'>\n                <thead>\n                        <tr>\n                          <th></th>\n                          <th>Producto</th>\n                          <th>Cantidad</th>\n                          \n                        </tr>\n                      </thead>\n                      <tbody>";
     foreach ($productos as $prod) {
         $img;
         if (file_exists(dirname(dirname(__FILE__)) . "/img/producto/" . $prod["prod_foto"]) && $prod["prod_foto"] != "") {
             $img = '<img src="../img/producto/' . $prod["prod_foto"] . '" width="50"  class="img-responsive img-circle">';
         } else {
             $img = '<i class="fa fa-shopping-cart fa-3x"></i>';
         }
         $salida .= "<tr>\n                          <td>{$img}</td>\n                          <td>" . $prod["prod_nombre"] . "</td>\n                          <td>" . $prod["cantidad"] . "</td>\n                          \n                        </tr>";
<?php

include dirname(dirname(dirname(__FILE__))) . "/functions/inc/util.inc.php";
include dirname(dirname(dirname(__FILE__))) . "/functions/inc/mydb.inc.php";
$db = new mydb();
inicializar($lst_ciudades, dirname(dirname(__FILE__)) . "/tpl/ciudades.html");
$ciudades = $db->consulta("SELECT * FROM ciudad WHERE prov_id=" . $_GET["prov_id"]);
if (count($ciudades)) {
    foreach ($ciudades as $ciudad) {
        $lst_ciudades->setVariable("ciudad_id", $ciudad["ciud_id"]);
        $lst_ciudades->setVariable("ciudad_nombre", htmlentities($ciudad["ciud_nombre"]));
        $lst_ciudades->setVariable("id_provincia", $ciudad["prov_id"]);
        $lst_ciudades->parse("blq_ciudades");
    }
}
$lst_ciudades->show();
Exemple #3
0
include dirname(dirname(dirname(__FILE__))) . "/functions/inc/seguridad.php";
include dirname(dirname(dirname(__FILE__))) . "/functions/conf/conf.php";
$conf = new conf();
$db = new mydb();
$db->rawData("SET NAMES 'utf8'");
$formatos_img = array('image/jpeg', 'image/pjpeg', 'image/png', 'image/jpg');
if (trim($_POST["nombre"]) != "" && trim($_POST["apellido"]) != "" && $_POST["estado"] != 0 && trim($_POST["email"]) != "") {
    if (!validarMail($_POST["email"])) {
        header("Location:../index.php?acc=" . $_POST["acc"] . "&msg=8&id=" . $_POST["id"]);
        die;
    }
    if (!validarPass($_POST["password"]) && $_POST["password"] != "") {
        header("Location:../index.php?acc=" . $_POST["acc"] . "&msg=9&id=" . $_POST["id"]);
        die;
    }
    $existe_mail = $db->consulta("SELECT * FROM usuario_sitio WHERE usw_eliminado=0 AND usw_id!=" . $_POST["id"] . " AND usw_email='" . $_POST["email"] . "'");
    if (count($existe_mail)) {
        header("Location:../index.php?acc=" . $_POST["acc"] . "&msg=6&id=" . $_POST["id"]);
        die;
    }
    if (trim($_POST["scanycar"]) != "") {
        $existe_scanycar = $db->consulta("SELECT * FROM usuario_sitio WHERE usw_eliminado=0 AND usw_id!=" . $_POST["id"] . " AND usw_scanycar='" . trim(addslashes($_POST["scanycar"])) . "'");
        if (count($existe_scanycar)) {
            header("Location:../index.php?acc=" . $_POST["acc"] . "&msg=7&id=" . $_POST["id"]);
            die;
        }
    }
    $password_upd = "";
    if ($_POST["password"] != "") {
        $password_upd = ",usw_password='******'";
    }
<?php

include dirname(dirname(dirname(__FILE__))) . "/functions/inc/util.inc.php";
include dirname(dirname(dirname(__FILE__))) . "/functions/inc/mydb.inc.php";
$db = new mydb();
inicializar($lst_modelos, dirname(dirname(__FILE__)) . "/tpl/modelos.html");
$modelos = $db->consulta("SELECT * FROM modelo WHERE marca_id=" . $_GET["marca_id"] . " AND modelo_eliminado=0 ");
if (count($modelos)) {
    foreach ($modelos as $modelo) {
        $lst_modelos->setVariable("modelo_id", $modelo["modelo_id"]);
        $lst_modelos->setVariable("modelo_nombre", htmlentities($modelo["modelo_nombre"]));
        //$lst_modelos->setVariable("id_marca", $modelo["prov_id"]) ;
        $lst_modelos->parse("blq_modelos");
    }
}
$lst_modelos->show();
Exemple #5
0
<!DOCTYPE html>
<?php 
include_once dirname(__FILE__) . "/functions/inc/mydb.inc.php";
$db = new mydb();
$categorias = $db->consulta("SELECT * FROM categoria_producto WHERE idioma_id=1 AND catp_eliminado=0 AND catp_publicado=1");
?>
<html lang="en">
	<head>
		<meta http-equiv="content-type" content="text/html; charset=UTF-8">
		<meta charset="utf-8">
		<title>Texur</title>
		
		<meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1">
		<link href="global/css/bootstrap.min.css" rel="stylesheet">
<!--		<link href="//netdna.bootstrapcdn.com/font-awesome/3.2.1/css/font-awesome.min.css" rel="stylesheet">
		<!--[if lt IE 9]>
			<script src="//html5shim.googlecode.com/svn/trunk/html5.js"></script>
		<![endif]-->
		<link href="global/css/styles.css" rel="stylesheet">
	</head>
	<body>
<nav class="navbar navbar-fixed-top" style="background-color:#0A376E;color:#b2aa00;">
   <div class="container">
    <div class="navbar-header">
        <a class="navbar-brand " href="index.html" > <b>Home</b> 
      </a>
    </div>
      <div class="navbar-collapse collapse">
        <ul class="nav navbar-nav">  
          <li><a href="#">Cursos/Tutoriales</a></li>
          <li><a href="#">Manuales</a></li>
Exemple #6
0
<?php

session_start();
include dirname(dirname(dirname(__FILE__))) . "/functions/inc/util.inc.php";
include dirname(dirname(dirname(__FILE__))) . "/functions/inc/mydb.inc.php";
include dirname(dirname(dirname(__FILE__))) . "/functions/inc/seguridad.php";
include dirname(dirname(dirname(__FILE__))) . "/functions/conf/conf.php";
$conf = new conf();
$db = new mydb();
$db->rawData("SET NAMES 'utf8'");
$formatos_img = array('image/jpeg', 'image/pjpeg', 'image/png', 'image/jpg');
$_SESSION["campos"] = $_POST;
if (trim($_POST["nombre"]) != "") {
    $db->rawData("INSERT INTO marca (marca_nombre,marca_eliminado) VALUES ('" . addslashes($_POST["nombre"]) . "',0)");
    $id_max = $db->consulta("SELECT * FROM marca WHERE marca_eliminado=0 ORDER BY marca_id DESC LIMIT 1");
    if ($_FILES["imagen"]["size"] > max_upload_file_size()) {
        header("Location:../index.php?acc=" . $_POST["acc"] . "&msg=5");
        die;
    }
    if ($_FILES["imagen"]["name"] != "" && in_array($_FILES["imagen"]["type"], $formatos_img)) {
        $ext = obtenerExtension($_FILES["imagen"]["name"]);
        move_uploaded_file($_FILES["imagen"]["tmp_name"], $conf->getRoot() . "/img/marca/" . $id_max[0]["marca_id"] . "." . $ext);
        $db->rawData("UPDATE marca SET marca_foto='" . $id_max[0]["marca_id"] . "." . $ext . "' WHERE marca_id=" . $id_max[0]["marca_id"]);
    } else {
        if ($_FILES["imagen"]["name"] != "") {
            header("Location:../index.php?acc=" . $_POST["acc"] . "&msg=2");
            die;
        }
    }
    unset($_SESSION["campos"]);
    header("Location:../index.php?acc=" . $_POST["acc"] . "&msg=3");
Exemple #7
0
<?php

session_start();
include dirname(dirname(dirname(__FILE__))) . "/functions/inc/util.inc.php";
include dirname(dirname(dirname(__FILE__))) . "/functions/inc/mydb.inc.php";
include dirname(dirname(dirname(__FILE__))) . "/functions/inc/seguridad.php";
include dirname(dirname(dirname(__FILE__))) . "/functions/conf/conf.php";
$conf = new conf();
$db = new mydb();
$db->rawData("SET NAMES 'utf8'");
$formatos_img = array('image/jpeg', 'image/pjpeg', 'image/png', 'image/jpg');
if (trim($_POST["nombre"]) != "" && $_POST["marca"] != "") {
    $img_del = "";
    if ($_POST["elim_img"] == 1) {
        $img_del = ",modelo_foto='' ";
        $rs = $db->consulta("SELECT * FROM modelo WHERE modelo_id=" . $_POST["id"]);
        if (file_exists(dirname(dirname(dirname(__FILE__))) . "/img/modelo/" . $rs[0]["modelo_foto"])) {
            unlink(dirname(dirname(dirname(__FILE__))) . "/img/modelo/" . $rs[0]["modelo_foto"]);
        }
    }
    $db->rawData("UPDATE modelo SET modelo_nombre='" . addslashes($_POST["nombre"]) . "',marca_id=" . $_POST["marca"] . " " . $img_del . " WHERE modelo_id=" . $_POST["id"]);
    if ($_FILES["imagen"]["size"] > max_upload_file_size()) {
        header("Location:../index.php?acc=" . $_POST["acc"] . "&msg=5");
        die;
    }
    if ($_FILES["imagen"]["name"] != "" && in_array($_FILES["imagen"]["type"], $formatos_img)) {
        $ext = obtenerExtension($_FILES["imagen"]["name"]);
        move_uploaded_file($_FILES["imagen"]["tmp_name"], $conf->getRoot() . "/img/modelo/" . $_POST["id"] . "." . $ext);
        $db->rawData("UPDATE modelo SET modelo_foto='" . $_POST["id"] . "." . $ext . "' WHERE modelo_id=" . $_POST["id"]);
    } else {
        if ($_FILES["imagen"]["name"] != "") {
Exemple #8
0
<?php

session_start();
include dirname(dirname(dirname(__FILE__))) . "/functions/inc/util.inc.php";
include dirname(dirname(dirname(__FILE__))) . "/functions/inc/mydb.inc.php";
include dirname(dirname(dirname(__FILE__))) . "/functions/inc/seguridad.php";
include dirname(dirname(dirname(__FILE__))) . "/functions/conf/conf.php";
$conf = new conf();
$db = new mydb();
$db->rawData("SET NAMES 'utf8'");
$formatos_img = array('image/jpeg', 'image/pjpeg', 'image/png', 'image/jpg');
if (trim($_POST["nombre"]) != "" && trim($_POST["descripcion"]) != "" && $_POST["categoria"] != 0) {
    $img_del = "";
    if ($_POST["elim_img"] == 1) {
        $img_del = ",prod_foto='' ";
        $rs = $db->consulta("SELECT * FROM producto WHERE prod_id=" . $_POST["id"]);
        if (file_exists(dirname(dirname(dirname(__FILE__))) . "/img/producto/" . $rs[0]["prod_foto"])) {
            unlink(dirname(dirname(dirname(__FILE__))) . "/img/producto/" . $rs[0]["prod_foto"]);
        }
    }
    $db->rawData("UPDATE producto SET prod_nombre='" . addslashes($_POST["nombre"]) . "'," . "prod_descripcion='" . addslashes($_POST["descripcion"]) . "'," . "catp_id=" . $_POST["categoria"] . "," . "prod_destacado=" . $_POST["destacada"] . ",prod_keywords='" . addslashes($_POST["palabras_clave"]) . "'" . ",prod_publicado=" . addslashes($_POST["publicada"]) . " " . $img_del . " " . "WHERE prod_id=" . $_POST["id"]);
    if ($_FILES["imagen"]["size"] > max_upload_file_size()) {
        header("Location:../index.php?acc=" . $_POST["acc"] . "&msg=5");
        die;
    }
    if ($_FILES["imagen"]["name"] != "" && in_array($_FILES["imagen"]["type"], $formatos_img)) {
        $ext = obtenerExtension($_FILES["imagen"]["name"]);
        move_uploaded_file($_FILES["imagen"]["tmp_name"], $conf->getRoot() . "/img/producto/" . $_POST["id"] . "." . $ext);
        $db->rawData("UPDATE producto SET prod_foto='" . $_POST["id"] . "." . $ext . "' WHERE prod_id=" . $_POST["id"]);
    } else {
        if ($_FILES["imagen"]["name"] != "") {
Exemple #9
0
<?php

session_start();
include dirname(dirname(dirname(__FILE__))) . "/functions/inc/util.inc.php";
include dirname(dirname(dirname(__FILE__))) . "/functions/inc/mydb.inc.php";
include dirname(dirname(dirname(__FILE__))) . "/functions/inc/seguridad.php";
include dirname(dirname(dirname(__FILE__))) . "/functions/conf/conf.php";
$conf = new conf();
$db = new mydb();
$db->rawData("SET NAMES 'utf8'");
$formatos_img = array('image/jpeg', 'image/pjpeg', 'image/png', 'image/jpg');
$_SESSION["campos"] = $_POST;
if (trim($_POST["nombre"]) != "" && trim($_POST["resumen"]) != "" && trim($_POST["texto"]) != "") {
    $db->rawData("INSERT INTO pagina (pagina_titulo,pagina_resumen,pagina_contenido,idioma_id,pagina_eliminado,pagina_foto,pagina_destacada,pagina_keywords,pagina_publicada)" . " VALUES ('" . addslashes($_POST["nombre"]) . "','" . addslashes($_POST["resumen"]) . "','" . addslashes($_POST["texto"]) . "'," . $_SESSION["idioma_gestor"] . ",0,''," . $_POST["destacada"] . "" . ",'" . addslashes($_POST["palabras_clave"]) . "'," . $_POST["publicada"] . ")");
    $id_max = $db->consulta("SELECT * FROM pagina WHERE pagina_eliminado=0 AND idioma_id=" . $_SESSION["idioma_gestor"] . " ORDER BY pagina_id DESC LIMIT 1");
    if ($_FILES["imagen"]["size"] > max_upload_file_size()) {
        header("Location:../index.php?acc=" . $_POST["acc"] . "&msg=5");
        die;
    }
    if ($_FILES["imagen"]["name"] != "" && in_array($_FILES["imagen"]["type"], $formatos_img)) {
        $ext = obtenerExtension($_FILES["imagen"]["name"]);
        move_uploaded_file($_FILES["imagen"]["tmp_name"], $conf->getRoot() . "/img/pagina/" . $id_max[0]["pagina_id"] . "." . $ext);
        $db->rawData("UPDATE pagina SET pagina_foto='" . $id_max[0]["pagina_id"] . "." . $ext . "' WHERE pagina_id=" . $id_max[0]["pagina_id"]);
    } else {
        if ($_FILES["imagen"]["name"] != "") {
            header("Location:../index.php?acc=" . $_POST["acc"] . "&msg=2");
            die;
        }
    }
    unset($_SESSION["campos"]);
    header("Location:../index.php?acc=" . $_POST["acc"] . "&msg=3");
Exemple #10
0
<?php

session_start();
include dirname(dirname(dirname(__FILE__))) . "/functions/inc/util.inc.php";
include dirname(dirname(dirname(__FILE__))) . "/functions/inc/mydb.inc.php";
$db = new mydb();
$usuario = mysql_real_escape_string($_POST["usuario"]);
$clave = mysql_real_escape_string($_POST["clave"]);
$clave = md5($clave);
$usuario = $db->consulta("SELECT * FROM usuario WHERE us_nick='{$usuario}' AND us_pass='******' AND us_eliminado=0");
if (isset($usuario) && count($usuario)) {
    $_SESSION["usuario_gestor"] = $usuario[0];
} else {
    $_SESSION["mensaje_error"] = "Usuario o contrase&ntilde;a incorretos.";
}
header("Location:../index.php");
die;
Exemple #11
0
<?php

session_start();
include dirname(dirname(dirname(dirname(__FILE__)))) . "/functions/inc/util.inc.php";
include dirname(dirname(dirname(dirname(__FILE__)))) . "/functions/inc/mydb.inc.php";
include dirname(dirname(dirname(dirname(__FILE__)))) . "/functions/inc/seguridad.php";
include dirname(dirname(dirname(dirname(__FILE__)))) . "/functions/conf/conf.php";
$conf = new conf();
$db = new mydb();
$db->rawData("SET NAMES 'utf8'");
$formatos_img = array('image/jpeg', 'image/pjpeg', 'image/png', 'image/jpg');
$_SESSION["campos"] = $_POST;
//die(print_r($_POST));
if (trim($_POST["nombre"]) != "" && trim($_FILES["imagen"]["name"]) != "" && trim($_POST["curso"]) != "") {
    $db->rawData("INSERT INTO imagen_curso (ic_imagen,ic_descripcion,curso_id,ic_titulo)" . " VALUES ('','" . addslashes($_POST["descripcion"]) . "'," . $_POST["curso"] . ",'" . addslashes($_POST["nombre"]) . "')");
    $id_max = $db->consulta("SELECT * FROM imagen_curso WHERE 1 ORDER BY ic_id DESC LIMIT 1");
    if ($_FILES["imagen"]["size"] > max_upload_file_size()) {
        header("Location:../../index.php?acc=" . $_POST["acc"] . "&msg=5");
        die;
    }
    if ($_FILES["imagen"]["name"] != "" && in_array($_FILES["imagen"]["type"], $formatos_img)) {
        $ext = obtenerExtension($_FILES["imagen"]["name"]);
        move_uploaded_file($_FILES["imagen"]["tmp_name"], $conf->getRoot() . "/img/curso/" . $id_max[0]["ic_id"] . "." . $ext);
        $db->rawData("UPDATE imagen_curso SET ic_imagen='" . $id_max[0]["ic_id"] . "." . $ext . "' WHERE ic_id=" . $id_max[0]["ic_id"]);
    } else {
        if ($_FILES["imagen"]["name"] != "") {
            header("Location:../../index.php?acc=" . $_POST["acc"] . "&msg=2");
            die;
        }
    }
    unset($_SESSION["campos"]);
$casual->setconyugue_id($id_cony);
$id_casual = $casual->add();
$cliente = new cliente();
$cliente->setcasual_id($id_casual);
$cliente->setcli_apellido("888888888");
$cliente->setcli_cp("888");
$cliente->setcli_cuil("888888");
$cliente->settipo_dni_id(1);
$cliente->setrevendedor_id(0);
$cliente->setciud_id(123);
$cliente->setcli_dni("8888888");
$cliente->setcli_domicilio("88888888");
$cliente->setcli_eliminado(0);
$cliente->setcli_email("*****@*****.**");
$id_cliente = $cliente->add();
$ventas_casuales = $db->consulta("SELECT * FROM `moto` WHERE est_moto_id=4 AND moto_eliminado=0 AND suc_id<10");
foreach ($ventas_casuales as $vc) {
    $venta = new venta();
    $venta->setcli_id($id_cliente);
    $venta->setest_venta_id(4);
    $venta->setmoto_id($vc["moto_id"]);
    $venta->setsuc_id($vc["suc_id"]);
    $venta->setus_id(2);
    $venta->setus_id_modifica(0);
    $venta->setventa_descripcion("");
    $venta->setventa_eliminado(0);
    $venta->setventa_fecha(date("Y-m-d"));
    $venta->setventa_fecha_entrega(date("Y-m-d H:i:s"));
    $venta->setventa_monto_adicional();
    $venta->setventa_nro_factura();
    $venta->setventa_numero();
Exemple #13
0
<?php

session_start();
include dirname(dirname(dirname(__FILE__))) . "/functions/inc/util.inc.php";
include dirname(dirname(dirname(__FILE__))) . "/functions/inc/mydb.inc.php";
include dirname(dirname(dirname(__FILE__))) . "/functions/inc/seguridad.php";
include dirname(dirname(dirname(__FILE__))) . "/functions/conf/conf.php";
$conf = new conf();
$db = new mydb();
$db->rawData("SET NAMES 'utf8'");
$formatos_img = array('image/jpeg', 'image/pjpeg', 'image/png', 'image/jpg');
$_SESSION["campos"] = $_POST;
if (trim($_POST["nombre"]) != "" && trim($_POST["descripcion"]) != "" && $_POST["categoria"] != 0) {
    $db->rawData("INSERT INTO producto (prod_nombre,prod_descripcion,catp_id,idioma_id,prod_eliminado,prod_foto," . "prod_destacado,prod_keywords,prod_publicado)" . " VALUES ('" . addslashes($_POST["nombre"]) . "','" . addslashes($_POST["descripcion"]) . "'," . $_POST["categoria"] . "," . $_SESSION["idioma_gestor"] . ",0,''," . $_POST["destacada"] . "" . ",'" . addslashes($_POST["palabras_clave"]) . "'," . $_POST["publicada"] . ")");
    $id_max = $db->consulta("SELECT * FROM producto WHERE prod_eliminado=0 AND idioma_id=" . $_SESSION["idioma_gestor"] . " " . "ORDER BY prod_id DESC LIMIT 1");
    if ($_FILES["imagen"]["size"] > max_upload_file_size()) {
        header("Location:../index.php?acc=" . $_POST["acc"] . "&msg=5");
        die;
    }
    if ($_FILES["imagen"]["name"] != "" && in_array($_FILES["imagen"]["type"], $formatos_img)) {
        $ext = obtenerExtension($_FILES["imagen"]["name"]);
        move_uploaded_file($_FILES["imagen"]["tmp_name"], $conf->getRoot() . "/img/producto/" . $id_max[0]["prod_id"] . "." . $ext);
        $db->rawData("UPDATE producto SET prod_foto='" . $id_max[0]["prod_id"] . "." . $ext . "' WHERE prod_id=" . $id_max[0]["prod_id"]);
    } else {
        if ($_FILES["imagen"]["name"] != "") {
            header("Location:../index.php?acc=" . $_POST["acc"] . "&msg=2");
            die;
        }
    }
    unset($_SESSION["campos"]);
    header("Location:../index.php?acc=" . $_POST["acc"] . "&msg=3");
Exemple #14
0
<?php

session_start();
include dirname(dirname(dirname(__FILE__))) . "/functions/inc/util.inc.php";
include dirname(dirname(dirname(__FILE__))) . "/functions/inc/mydb.inc.php";
include dirname(dirname(dirname(__FILE__))) . "/functions/inc/seguridad.php";
include dirname(dirname(dirname(__FILE__))) . "/functions/conf/conf.php";
$conf = new conf();
$db = new mydb();
$db->rawData("SET NAMES 'utf8'");
$formatos_img = array('image/jpeg', 'image/pjpeg', 'image/png', 'image/jpg');
if (trim($_POST["nombre"]) != "") {
    $img_del = "";
    if ($_POST["elim_img"] == 1) {
        $img_del = ",marca_foto='' ";
        $rs = $db->consulta("SELECT * FROM marca WHERE marca_id=" . $_POST["id"]);
        if (file_exists(dirname(dirname(dirname(__FILE__))) . "/img/marca/" . $rs[0]["marca_foto"])) {
            unlink(dirname(dirname(dirname(__FILE__))) . "/img/marca/" . $rs[0]["marca_foto"]);
        }
    }
    $db->rawData("UPDATE marca SET marca_nombre='" . addslashes($_POST["nombre"]) . "' " . $img_del . " WHERE marca_id=" . $_POST["id"]);
    if ($_FILES["imagen"]["size"] > max_upload_file_size()) {
        header("Location:../index.php?acc=" . $_POST["acc"] . "&msg=5");
        die;
    }
    if ($_FILES["imagen"]["name"] != "" && in_array($_FILES["imagen"]["type"], $formatos_img)) {
        $ext = obtenerExtension($_FILES["imagen"]["name"]);
        move_uploaded_file($_FILES["imagen"]["tmp_name"], $conf->getRoot() . "/img/marca/" . $_POST["id"] . "." . $ext);
        $db->rawData("UPDATE marca SET marca_foto='" . $_POST["id"] . "." . $ext . "' WHERE marca_id=" . $_POST["id"]);
    } else {
        if ($_FILES["imagen"]["name"] != "") {
<?php

//die(print_r($_POST));
session_start();
include dirname(dirname(__FILE__)) . "/functions/inc/util.inc.php";
include dirname(dirname(__FILE__)) . "/functions/inc/mydb.inc.php";
include dirname(dirname(__FILE__)) . "/functions/inc/seguridad.php";
include dirname(dirname(__FILE__)) . "/entidades/usuario.class.php";
$db = new mydb();
//die(print_r($_POST));
$_SESSION["campos"] = $_POST;
$usuario = new usuario();
$check = $db->consulta("SELECT * FROM usuario \n        WHERE us_nick='{$_POST["nick"]}' \n         \n        AND us_eliminado=0");
if (trim($_POST["nick"]) != "" && trim($_POST["nombre"]) != "" && $_POST["perfil"] != 0) {
    if (count($check) == 0) {
        $usuario->setus_nombre(addslashes($_POST["nombre"]));
        $usuario->setus_apellido(addslashes($_POST["apellido"]));
        $usuario->setus_email(addslashes($_POST["email"]));
        $usuario->setus_nombre(addslashes($_POST["nombre"]));
        $usuario->setus_telefono(addslashes($_POST["telefono"]));
        $usuario->setus_direccion(addslashes($_POST["domicilio"]));
        $usuario->setus_nick(addslashes($_POST["nick"]));
        $usuario->setperfil_id($_POST["perfil"]);
        if ($_POST["contrasenia"] == $_POST["recontrasenia"] && $_POST["contrasenia"] != "") {
            $usuario->setus_pass(md5($_POST["contrasenia"]));
        } else {
            header("Location:/index.php?acc=" . $_POST["acc"] . "&msg=1");
            die;
        }
        $id = $usuario->add();
        unset($_SESSION["campos"]);
Exemple #16
0
<?php

session_start();
include dirname(dirname(dirname(__FILE__))) . "/functions/inc/mydb.inc.php";
include dirname(dirname(dirname(__FILE__))) . "/functions/inc/seguridad.php";
$db = new mydb();
if (is_numeric($_GET["id"])) {
    $db->rawData("UPDATE pagina SET pagina_eliminado={$_SESSION["usuario_gestor"]["us_id"]} WHERE pagina_id=" . $_GET["id"]);
    $rs = $db->consulta("SELECT * FROM pagina WHERE pagina_id=" . $_GET["id"]);
    if (file_exists(dirname(dirname(dirname(__FILE__))) . "/img/pagina/" . $rs[0]["pagina_foto"])) {
        unlink(dirname(dirname(dirname(__FILE__))) . "/img/pagina/" . $rs[0]["pagina_foto"]);
    }
    header("Location:../index.php?acc=" . $_GET["acc"] . "&msg=1");
}
Exemple #17
0
<?php

session_start();
include dirname(dirname(dirname(__FILE__))) . "/functions/inc/util.inc.php";
include dirname(dirname(dirname(__FILE__))) . "/functions/inc/mydb.inc.php";
include dirname(dirname(dirname(__FILE__))) . "/functions/inc/seguridad.php";
include dirname(dirname(dirname(__FILE__))) . "/functions/conf/conf.php";
$conf = new conf();
$db = new mydb();
$db->rawData("SET NAMES 'utf8'");
$formatos_img = array('image/jpeg', 'image/pjpeg', 'image/png', 'image/jpg');
$_SESSION["campos"] = $_POST;
if (trim($_POST["nombre"]) != "" && $_POST["marca"] != "") {
    $db->rawData("INSERT INTO modelo (modelo_nombre,marca_id,modelo_eliminado) VALUES ('" . addslashes($_POST["nombre"]) . "'," . $_POST["marca"] . ",0)");
    $id_max = $db->consulta("SELECT * FROM modelo WHERE modelo_eliminado=0 ORDER BY modelo_id DESC LIMIT 1");
    if ($_FILES["imagen"]["size"] > max_upload_file_size()) {
        header("Location:../index.php?acc=" . $_POST["acc"] . "&msg=5");
        die;
    }
    if ($_FILES["imagen"]["name"] != "" && in_array($_FILES["imagen"]["type"], $formatos_img)) {
        $ext = obtenerExtension($_FILES["imagen"]["name"]);
        move_uploaded_file($_FILES["imagen"]["tmp_name"], $conf->getRoot() . "/img/modelo/" . $id_max[0]["modelo_id"] . "." . $ext);
        $db->rawData("UPDATE modelo SET modelo_foto='" . $id_max[0]["modelo_id"] . "." . $ext . "' WHERE modelo_id=" . $id_max[0]["modelo_id"]);
    } else {
        if ($_FILES["imagen"]["name"] != "") {
            header("Location:../index.php?acc=" . $_POST["acc"] . "&msg=2");
            die;
        }
    }
    unset($_SESSION["campos"]);
    header("Location:../index.php?acc=" . $_POST["acc"] . "&msg=3");
Exemple #18
0
<?php

session_start();
include dirname(dirname(dirname(dirname(__FILE__)))) . "/functions/inc/mydb.inc.php";
include dirname(dirname(dirname(dirname(__FILE__)))) . "/functions/inc/seguridad.php";
$db = new mydb();
if (is_numeric($_GET["id"])) {
    $rs = $db->consulta("SELECT * FROM imagen_curso WHERE ic_id=" . $_GET["id"]);
    $db->rawData("DELETE FROM imagen_curso WHERE ic_id=" . $_GET["id"]);
    if (file_exists(dirname(dirname(dirname(dirname(__FILE__)))) . "/img/curso/" . $rs[0]["ic_imagen"])) {
        unlink(dirname(dirname(dirname(dirname(__FILE__)))) . "/img/curso/" . $rs[0]["ic_imagen"]);
    }
    header("Location:../../index.php?acc=" . $_GET["acc"] . "&msg=1");
}
Exemple #19
0
include dirname(dirname(dirname(__FILE__))) . "/functions/conf/conf.php";
$conf = new conf();
$db = new mydb();
$db->rawData("SET NAMES 'utf8'");
$formatos_img = array('image/jpeg', 'image/pjpeg', 'image/png', 'image/jpg');
$_SESSION["campos"] = $_POST;
if (trim($_POST["nombre"]) != "" && trim($_POST["apellido"]) != "" && $_POST["estado"] != 0 && trim($_POST["email"]) != "" && trim($_POST["password"]) != "") {
    if (!validarMail($_POST["email"])) {
        header("Location:../index.php?acc=" . $_POST["acc"] . "&msg=8");
        die;
    }
    if (!validarPass($_POST["password"])) {
        header("Location:../index.php?acc=" . $_POST["acc"] . "&msg=9");
        die;
    }
    $existe_mail = $db->consulta("SELECT * FROM usuario_sitio WHERE usw_eliminado=0 AND usw_email='" . $_POST["email"] . "'");
    if (count($existe_mail)) {
        header("Location:../index.php?acc=" . $_POST["acc"] . "&msg=6");
        die;
    }
    if (trim($_POST["scanycar"]) != "") {
        $existe_scanycar = $db->consulta("SELECT * FROM usuario_sitio WHERE usw_eliminado=0 AND usw_scanycar='" . trim(addslashes($_POST["scanycar"])) . "'");
        if (count($existe_scanycar)) {
            header("Location:../index.php?acc=" . $_POST["acc"] . "&msg=7");
            die;
        }
    }
    $db->rawData("INSERT INTO usuario_sitio (usw_apellido,usw_nombre,estado_id,usw_email,usw_password,usw_scanycar,usw_fecha_alta,usw_eliminado) VALUES" . " ('" . addslashes($_POST["apellido"]) . "','" . addslashes($_POST["nombre"]) . "'," . $_POST["estado"] . ",'" . $_POST["email"] . "','" . md5($_POST["password"]) . "'," . "'" . trim(addslashes($_POST["scanycar"])) . "','" . date("Y-m-d H:i:s") . "',0)");
    $id_max = $db->consulta("SELECT * FROM usuario_sitio WHERE usw_eliminado=0 ORDER BY usw_id DESC LIMIT 1");
    $db->rawData("INSERT INTO direccion_envio (dire_direccion,dire_extra,pais_id,dire_provincia,dire_telefono,dire_movil,dire_ciudad,dire_cp,usw_id,dire_eliminado) VALUES" . " ('" . addslashes($_POST["direccion"]) . "','" . addslashes($_POST["extra"]) . "'," . $_POST["pais"] . ",'" . addslashes($_POST["provincia"]) . "','" . addslashes($_POST["telefono"]) . "'," . "'" . addslashes($_POST["movil"]) . "','" . addslashes($_POST["ciudad"]) . "','" . addslashes($_POST["cp"]) . "'," . $id_max[0]["usw_id"] . ",0)");
    unset($_SESSION["campos"]);
Exemple #20
0
<?php

session_start();
include dirname(dirname(dirname(dirname(__FILE__)))) . "/functions/inc/util.inc.php";
include dirname(dirname(dirname(dirname(__FILE__)))) . "/functions/inc/mydb.inc.php";
include dirname(dirname(dirname(dirname(__FILE__)))) . "/functions/inc/seguridad.php";
include dirname(dirname(dirname(dirname(__FILE__)))) . "/functions/conf/conf.php";
$conf = new conf();
$db = new mydb();
$db->rawData("SET NAMES 'utf8'");
$_SESSION["campos"] = $_POST;
if (trim($_POST["nombre"]) != "" && trim($_FILES["archivo"]["name"]) != "" && trim($_POST["curso"]) != "") {
    $db->rawData("INSERT INTO archivo_curso (ac_archivo,ac_descripcion,curso_id,ac_nombre)" . " VALUES ('','" . addslashes($_POST["descripcion"]) . "'," . $_POST["curso"] . ",'" . addslashes($_POST["nombre"]) . "')");
    $id_max = $db->consulta("SELECT * FROM archivo_curso WHERE 1 ORDER BY ac_id DESC LIMIT 1");
    if ($_FILES["archivo"]["size"] > max_upload_file_size()) {
        header("Location:../../index.php?acc=" . $_POST["acc"] . "&msg=5");
        die;
    }
    if ($_FILES["archivo"]["name"] != "") {
        $ext = obtenerExtension($_FILES["archivo"]["name"]);
        move_uploaded_file($_FILES["archivo"]["tmp_name"], $conf->getRoot() . "/archivos/curso/" . $id_max[0]["ac_id"] . "." . $ext);
        $db->rawData("UPDATE archivo_curso SET ac_archivo='" . $id_max[0]["ac_id"] . "." . $ext . "' WHERE ac_id=" . $id_max[0]["ac_id"]);
    } else {
        if ($_FILES["archivo"]["name"] != "") {
            header("Location:../../index.php?acc=" . $_POST["acc"] . "&msg=2");
            die;
        }
    }
    unset($_SESSION["campos"]);
    header("Location:../../index.php?acc=" . $_POST["acc"] . "&msg=3");
    die;
Exemple #21
0
<?php

include_once '/functions/inc/mydb.inc.php';
$nombre_fichero = "ciudades.html";
$fichero_texto = fopen($nombre_fichero, "r");
$contenido_fichero = fread($fichero_texto, filesize($nombre_fichero));
$contenido = explode("<id_prov>", $contenido_fichero);
$db = new mydb();
//die(print_r($contenido)."   ".count($contenido));
for ($i = 0; $i < count($contenido); $i++) {
    if (isset($contenido[$i]) && trim($contenido[$i]) != "") {
        $ciudades = explode("@@", $contenido[$i]);
        $id_provincia = $ciudades[0];
        $ciudades = explode("</option>", $ciudades[1]);
        //die(print_r($contenido[$i]));
        for ($j = 0; $j < count($ciudades); $j++) {
            $nombre = explode(">", $ciudades[$j]);
            //die(print_r($nombre));
            if (isset($nombre[1]) && trim($nombre[1]) != "") {
                $nombre = addslashes($nombre[1]);
                $existe = $db->consulta("SELECT * FROM ciudad WHERE ciud_nombre='{$nombre}'");
                // die(print_r($existe)."   ".count($existe));
                if (count($existe) == 0) {
                    $db->rawData("INSERT INTO ciudad (prov_id,ciud_nombre) VALUES ({$id_provincia},'{$nombre}')");
                }
            }
        }
    }
}