</div>
';
$db->rawData("UPDATE inscripto_curso SET validado=" . $_GET["val"] . " WHERE inscripto_eliminado=0 AND inscripto_id=" . $_GET["ins"]);
break;
case "cambiarEstadoPedido":
echo '
<div class="alert alert-success alert-dismissible fade in" role="alert">
<button type="button" class="close" data-dismiss="alert" aria-label="Close"><span aria-hidden="true">x</span></button>
<b>Exito:</b> Se ha actualizado el estado del pedido correctamente
</div>
';
$db->rawData("UPDATE pedido SET pedido_procesado=" . $_GET["val"] . " WHERE pedido_eliminado=0 AND pedido_id=" . $_GET["ped"]);
break;
case "detallePedido":
$salida = "";
$info = $db->consulta("SELECT * FROM pedido p LEFT JOIN usuario_sitio us ON (p.usw_id=us.usw_id) LEFT JOIN direccion_envio de ON (de.usw_id=us.usw_id) LEFT JOIN paises pa ON (pa.id=de.pais_id)" . "WHERE pedido_eliminado=0 AND pedido_id=" . $_GET["ped"]);
$info = $info[0];
$productos = $db->consulta("SELECT * FROM pedido_producto pp LEFT JOIN producto p ON (pp.prod_id=p.prod_id) WHERE pedido_id=" . $_GET["ped"]);
$uax_extra;
if (trim($info["dire_extra"]) != "") {
$uax_extra = "(" . $info["dire_extra"] . ")";
}
$salida = "<b>Datos del Usuario</b><br>" . "" . $info["usw_apellido"] . ", " . $info["usw_nombre"] . " <br>" . "" . $info["usw_email"] . " <br>" . "" . $info["usw_scanycar"] . " <br>" . "<b>Datos para envio</b><br>" . "" . $info["dire_direccion"] . " " . $uax_extra . " <br>" . "" . $info["dire_ciudad"] . ", " . $info["dire_provincia"] . " (" . $info["dire_cp"] . ") <br>" . "" . $info["nombre"] . " <br>" . "" . $info["dire_telefono"] . " " . $info["dire_movil"] . " <br><br>" . "<b>Datos del Pedido #" . $info["pedido_id"] . " " . convertirFechaHora($info["pedido_fecha"]) . "</b><br>" . "<table class='table table-striped'>\n <thead>\n <tr>\n <th></th>\n <th>Producto</th>\n <th>Cantidad</th>\n \n </tr>\n </thead>\n <tbody>";
foreach ($productos as $prod) {
$img;
if (file_exists(dirname(dirname(__FILE__)) . "/img/producto/" . $prod["prod_foto"]) && $prod["prod_foto"] != "") {
$img = '<img src="../img/producto/' . $prod["prod_foto"] . '" width="50" class="img-responsive img-circle">';
} else {
$img = '<i class="fa fa-shopping-cart fa-3x"></i>';
}
$salida .= "<tr>\n <td>{$img}</td>\n <td>" . $prod["prod_nombre"] . "</td>\n <td>" . $prod["cantidad"] . "</td>\n \n </tr>";
<?php
include dirname(dirname(dirname(__FILE__))) . "/functions/inc/util.inc.php";
include dirname(dirname(dirname(__FILE__))) . "/functions/inc/mydb.inc.php";
$db = new mydb();
inicializar($lst_ciudades, dirname(dirname(__FILE__)) . "/tpl/ciudades.html");
$ciudades = $db->consulta("SELECT * FROM ciudad WHERE prov_id=" . $_GET["prov_id"]);
if (count($ciudades)) {
foreach ($ciudades as $ciudad) {
$lst_ciudades->setVariable("ciudad_id", $ciudad["ciud_id"]);
$lst_ciudades->setVariable("ciudad_nombre", htmlentities($ciudad["ciud_nombre"]));
$lst_ciudades->setVariable("id_provincia", $ciudad["prov_id"]);
$lst_ciudades->parse("blq_ciudades");
}
}
$lst_ciudades->show();
include dirname(dirname(dirname(__FILE__))) . "/functions/inc/seguridad.php";
include dirname(dirname(dirname(__FILE__))) . "/functions/conf/conf.php";
$conf = new conf();
$db = new mydb();
$db->rawData("SET NAMES 'utf8'");
$formatos_img = array('image/jpeg', 'image/pjpeg', 'image/png', 'image/jpg');
if (trim($_POST["nombre"]) != "" && trim($_POST["apellido"]) != "" && $_POST["estado"] != 0 && trim($_POST["email"]) != "") {
if (!validarMail($_POST["email"])) {
header("Location:../index.php?acc=" . $_POST["acc"] . "&msg=8&id=" . $_POST["id"]);
die;
}
if (!validarPass($_POST["password"]) && $_POST["password"] != "") {
header("Location:../index.php?acc=" . $_POST["acc"] . "&msg=9&id=" . $_POST["id"]);
die;
}
$existe_mail = $db->consulta("SELECT * FROM usuario_sitio WHERE usw_eliminado=0 AND usw_id!=" . $_POST["id"] . " AND usw_email='" . $_POST["email"] . "'");
if (count($existe_mail)) {
header("Location:../index.php?acc=" . $_POST["acc"] . "&msg=6&id=" . $_POST["id"]);
die;
}
if (trim($_POST["scanycar"]) != "") {
$existe_scanycar = $db->consulta("SELECT * FROM usuario_sitio WHERE usw_eliminado=0 AND usw_id!=" . $_POST["id"] . " AND usw_scanycar='" . trim(addslashes($_POST["scanycar"])) . "'");
if (count($existe_scanycar)) {
header("Location:../index.php?acc=" . $_POST["acc"] . "&msg=7&id=" . $_POST["id"]);
die;
}
}
$password_upd = "";
if ($_POST["password"] != "") {
$password_upd = ",usw_password='******'";
}
<?php
include dirname(dirname(dirname(__FILE__))) . "/functions/inc/util.inc.php";
include dirname(dirname(dirname(__FILE__))) . "/functions/inc/mydb.inc.php";
$db = new mydb();
inicializar($lst_modelos, dirname(dirname(__FILE__)) . "/tpl/modelos.html");
$modelos = $db->consulta("SELECT * FROM modelo WHERE marca_id=" . $_GET["marca_id"] . " AND modelo_eliminado=0 ");
if (count($modelos)) {
foreach ($modelos as $modelo) {
$lst_modelos->setVariable("modelo_id", $modelo["modelo_id"]);
$lst_modelos->setVariable("modelo_nombre", htmlentities($modelo["modelo_nombre"]));
//$lst_modelos->setVariable("id_marca", $modelo["prov_id"]) ;
$lst_modelos->parse("blq_modelos");
}
}
$lst_modelos->show();
<!DOCTYPE html>
<?php
include_once dirname(__FILE__) . "/functions/inc/mydb.inc.php";
$db = new mydb();
$categorias = $db->consulta("SELECT * FROM categoria_producto WHERE idioma_id=1 AND catp_eliminado=0 AND catp_publicado=1");
?>
<html lang="en">
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<meta charset="utf-8">
<title>Texur</title>
<meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1">
<link href="global/css/bootstrap.min.css" rel="stylesheet">
<!-- <link href="//netdna.bootstrapcdn.com/font-awesome/3.2.1/css/font-awesome.min.css" rel="stylesheet">
<!--[if lt IE 9]>
<script src="//html5shim.googlecode.com/svn/trunk/html5.js"></script>
<![endif]-->
<link href="global/css/styles.css" rel="stylesheet">
</head>
<body>
<nav class="navbar navbar-fixed-top" style="background-color:#0A376E;color:#b2aa00;">
<div class="container">
<div class="navbar-header">
<a class="navbar-brand " href="index.html" > <b>Home</b>
</a>
</div>
<div class="navbar-collapse collapse">
<ul class="nav navbar-nav">
<li><a href="#">Cursos/Tutoriales</a></li>
<li><a href="#">Manuales</a></li>
<?php
session_start();
include dirname(dirname(dirname(__FILE__))) . "/functions/inc/util.inc.php";
include dirname(dirname(dirname(__FILE__))) . "/functions/inc/mydb.inc.php";
include dirname(dirname(dirname(__FILE__))) . "/functions/inc/seguridad.php";
include dirname(dirname(dirname(__FILE__))) . "/functions/conf/conf.php";
$conf = new conf();
$db = new mydb();
$db->rawData("SET NAMES 'utf8'");
$formatos_img = array('image/jpeg', 'image/pjpeg', 'image/png', 'image/jpg');
$_SESSION["campos"] = $_POST;
if (trim($_POST["nombre"]) != "") {
$db->rawData("INSERT INTO marca (marca_nombre,marca_eliminado) VALUES ('" . addslashes($_POST["nombre"]) . "',0)");
$id_max = $db->consulta("SELECT * FROM marca WHERE marca_eliminado=0 ORDER BY marca_id DESC LIMIT 1");
if ($_FILES["imagen"]["size"] > max_upload_file_size()) {
header("Location:../index.php?acc=" . $_POST["acc"] . "&msg=5");
die;
}
if ($_FILES["imagen"]["name"] != "" && in_array($_FILES["imagen"]["type"], $formatos_img)) {
$ext = obtenerExtension($_FILES["imagen"]["name"]);
move_uploaded_file($_FILES["imagen"]["tmp_name"], $conf->getRoot() . "/img/marca/" . $id_max[0]["marca_id"] . "." . $ext);
$db->rawData("UPDATE marca SET marca_foto='" . $id_max[0]["marca_id"] . "." . $ext . "' WHERE marca_id=" . $id_max[0]["marca_id"]);
} else {
if ($_FILES["imagen"]["name"] != "") {
header("Location:../index.php?acc=" . $_POST["acc"] . "&msg=2");
die;
}
}
unset($_SESSION["campos"]);
header("Location:../index.php?acc=" . $_POST["acc"] . "&msg=3");
<?php
session_start();
include dirname(dirname(dirname(__FILE__))) . "/functions/inc/util.inc.php";
include dirname(dirname(dirname(__FILE__))) . "/functions/inc/mydb.inc.php";
include dirname(dirname(dirname(__FILE__))) . "/functions/inc/seguridad.php";
include dirname(dirname(dirname(__FILE__))) . "/functions/conf/conf.php";
$conf = new conf();
$db = new mydb();
$db->rawData("SET NAMES 'utf8'");
$formatos_img = array('image/jpeg', 'image/pjpeg', 'image/png', 'image/jpg');
if (trim($_POST["nombre"]) != "" && $_POST["marca"] != "") {
$img_del = "";
if ($_POST["elim_img"] == 1) {
$img_del = ",modelo_foto='' ";
$rs = $db->consulta("SELECT * FROM modelo WHERE modelo_id=" . $_POST["id"]);
if (file_exists(dirname(dirname(dirname(__FILE__))) . "/img/modelo/" . $rs[0]["modelo_foto"])) {
unlink(dirname(dirname(dirname(__FILE__))) . "/img/modelo/" . $rs[0]["modelo_foto"]);
}
}
$db->rawData("UPDATE modelo SET modelo_nombre='" . addslashes($_POST["nombre"]) . "',marca_id=" . $_POST["marca"] . " " . $img_del . " WHERE modelo_id=" . $_POST["id"]);
if ($_FILES["imagen"]["size"] > max_upload_file_size()) {
header("Location:../index.php?acc=" . $_POST["acc"] . "&msg=5");
die;
}
if ($_FILES["imagen"]["name"] != "" && in_array($_FILES["imagen"]["type"], $formatos_img)) {
$ext = obtenerExtension($_FILES["imagen"]["name"]);
move_uploaded_file($_FILES["imagen"]["tmp_name"], $conf->getRoot() . "/img/modelo/" . $_POST["id"] . "." . $ext);
$db->rawData("UPDATE modelo SET modelo_foto='" . $_POST["id"] . "." . $ext . "' WHERE modelo_id=" . $_POST["id"]);
} else {
if ($_FILES["imagen"]["name"] != "") {
<?php
session_start();
include dirname(dirname(dirname(__FILE__))) . "/functions/inc/util.inc.php";
include dirname(dirname(dirname(__FILE__))) . "/functions/inc/mydb.inc.php";
include dirname(dirname(dirname(__FILE__))) . "/functions/inc/seguridad.php";
include dirname(dirname(dirname(__FILE__))) . "/functions/conf/conf.php";
$conf = new conf();
$db = new mydb();
$db->rawData("SET NAMES 'utf8'");
$formatos_img = array('image/jpeg', 'image/pjpeg', 'image/png', 'image/jpg');
if (trim($_POST["nombre"]) != "" && trim($_POST["descripcion"]) != "" && $_POST["categoria"] != 0) {
$img_del = "";
if ($_POST["elim_img"] == 1) {
$img_del = ",prod_foto='' ";
$rs = $db->consulta("SELECT * FROM producto WHERE prod_id=" . $_POST["id"]);
if (file_exists(dirname(dirname(dirname(__FILE__))) . "/img/producto/" . $rs[0]["prod_foto"])) {
unlink(dirname(dirname(dirname(__FILE__))) . "/img/producto/" . $rs[0]["prod_foto"]);
}
}
$db->rawData("UPDATE producto SET prod_nombre='" . addslashes($_POST["nombre"]) . "'," . "prod_descripcion='" . addslashes($_POST["descripcion"]) . "'," . "catp_id=" . $_POST["categoria"] . "," . "prod_destacado=" . $_POST["destacada"] . ",prod_keywords='" . addslashes($_POST["palabras_clave"]) . "'" . ",prod_publicado=" . addslashes($_POST["publicada"]) . " " . $img_del . " " . "WHERE prod_id=" . $_POST["id"]);
if ($_FILES["imagen"]["size"] > max_upload_file_size()) {
header("Location:../index.php?acc=" . $_POST["acc"] . "&msg=5");
die;
}
if ($_FILES["imagen"]["name"] != "" && in_array($_FILES["imagen"]["type"], $formatos_img)) {
$ext = obtenerExtension($_FILES["imagen"]["name"]);
move_uploaded_file($_FILES["imagen"]["tmp_name"], $conf->getRoot() . "/img/producto/" . $_POST["id"] . "." . $ext);
$db->rawData("UPDATE producto SET prod_foto='" . $_POST["id"] . "." . $ext . "' WHERE prod_id=" . $_POST["id"]);
} else {
if ($_FILES["imagen"]["name"] != "") {
<?php
session_start();
include dirname(dirname(dirname(__FILE__))) . "/functions/inc/util.inc.php";
include dirname(dirname(dirname(__FILE__))) . "/functions/inc/mydb.inc.php";
include dirname(dirname(dirname(__FILE__))) . "/functions/inc/seguridad.php";
include dirname(dirname(dirname(__FILE__))) . "/functions/conf/conf.php";
$conf = new conf();
$db = new mydb();
$db->rawData("SET NAMES 'utf8'");
$formatos_img = array('image/jpeg', 'image/pjpeg', 'image/png', 'image/jpg');
$_SESSION["campos"] = $_POST;
if (trim($_POST["nombre"]) != "" && trim($_POST["resumen"]) != "" && trim($_POST["texto"]) != "") {
$db->rawData("INSERT INTO pagina (pagina_titulo,pagina_resumen,pagina_contenido,idioma_id,pagina_eliminado,pagina_foto,pagina_destacada,pagina_keywords,pagina_publicada)" . " VALUES ('" . addslashes($_POST["nombre"]) . "','" . addslashes($_POST["resumen"]) . "','" . addslashes($_POST["texto"]) . "'," . $_SESSION["idioma_gestor"] . ",0,''," . $_POST["destacada"] . "" . ",'" . addslashes($_POST["palabras_clave"]) . "'," . $_POST["publicada"] . ")");
$id_max = $db->consulta("SELECT * FROM pagina WHERE pagina_eliminado=0 AND idioma_id=" . $_SESSION["idioma_gestor"] . " ORDER BY pagina_id DESC LIMIT 1");
if ($_FILES["imagen"]["size"] > max_upload_file_size()) {
header("Location:../index.php?acc=" . $_POST["acc"] . "&msg=5");
die;
}
if ($_FILES["imagen"]["name"] != "" && in_array($_FILES["imagen"]["type"], $formatos_img)) {
$ext = obtenerExtension($_FILES["imagen"]["name"]);
move_uploaded_file($_FILES["imagen"]["tmp_name"], $conf->getRoot() . "/img/pagina/" . $id_max[0]["pagina_id"] . "." . $ext);
$db->rawData("UPDATE pagina SET pagina_foto='" . $id_max[0]["pagina_id"] . "." . $ext . "' WHERE pagina_id=" . $id_max[0]["pagina_id"]);
} else {
if ($_FILES["imagen"]["name"] != "") {
header("Location:../index.php?acc=" . $_POST["acc"] . "&msg=2");
die;
}
}
unset($_SESSION["campos"]);
header("Location:../index.php?acc=" . $_POST["acc"] . "&msg=3");
<?php
session_start();
include dirname(dirname(dirname(__FILE__))) . "/functions/inc/util.inc.php";
include dirname(dirname(dirname(__FILE__))) . "/functions/inc/mydb.inc.php";
$db = new mydb();
$usuario = mysql_real_escape_string($_POST["usuario"]);
$clave = mysql_real_escape_string($_POST["clave"]);
$clave = md5($clave);
$usuario = $db->consulta("SELECT * FROM usuario WHERE us_nick='{$usuario}' AND us_pass='******' AND us_eliminado=0");
if (isset($usuario) && count($usuario)) {
$_SESSION["usuario_gestor"] = $usuario[0];
} else {
$_SESSION["mensaje_error"] = "Usuario o contraseña incorretos.";
}
header("Location:../index.php");
die;
<?php
session_start();
include dirname(dirname(dirname(dirname(__FILE__)))) . "/functions/inc/util.inc.php";
include dirname(dirname(dirname(dirname(__FILE__)))) . "/functions/inc/mydb.inc.php";
include dirname(dirname(dirname(dirname(__FILE__)))) . "/functions/inc/seguridad.php";
include dirname(dirname(dirname(dirname(__FILE__)))) . "/functions/conf/conf.php";
$conf = new conf();
$db = new mydb();
$db->rawData("SET NAMES 'utf8'");
$formatos_img = array('image/jpeg', 'image/pjpeg', 'image/png', 'image/jpg');
$_SESSION["campos"] = $_POST;
//die(print_r($_POST));
if (trim($_POST["nombre"]) != "" && trim($_FILES["imagen"]["name"]) != "" && trim($_POST["curso"]) != "") {
$db->rawData("INSERT INTO imagen_curso (ic_imagen,ic_descripcion,curso_id,ic_titulo)" . " VALUES ('','" . addslashes($_POST["descripcion"]) . "'," . $_POST["curso"] . ",'" . addslashes($_POST["nombre"]) . "')");
$id_max = $db->consulta("SELECT * FROM imagen_curso WHERE 1 ORDER BY ic_id DESC LIMIT 1");
if ($_FILES["imagen"]["size"] > max_upload_file_size()) {
header("Location:../../index.php?acc=" . $_POST["acc"] . "&msg=5");
die;
}
if ($_FILES["imagen"]["name"] != "" && in_array($_FILES["imagen"]["type"], $formatos_img)) {
$ext = obtenerExtension($_FILES["imagen"]["name"]);
move_uploaded_file($_FILES["imagen"]["tmp_name"], $conf->getRoot() . "/img/curso/" . $id_max[0]["ic_id"] . "." . $ext);
$db->rawData("UPDATE imagen_curso SET ic_imagen='" . $id_max[0]["ic_id"] . "." . $ext . "' WHERE ic_id=" . $id_max[0]["ic_id"]);
} else {
if ($_FILES["imagen"]["name"] != "") {
header("Location:../../index.php?acc=" . $_POST["acc"] . "&msg=2");
die;
}
}
unset($_SESSION["campos"]);
$casual->setconyugue_id($id_cony);
$id_casual = $casual->add();
$cliente = new cliente();
$cliente->setcasual_id($id_casual);
$cliente->setcli_apellido("888888888");
$cliente->setcli_cp("888");
$cliente->setcli_cuil("888888");
$cliente->settipo_dni_id(1);
$cliente->setrevendedor_id(0);
$cliente->setciud_id(123);
$cliente->setcli_dni("8888888");
$cliente->setcli_domicilio("88888888");
$cliente->setcli_eliminado(0);
$cliente->setcli_email("*****@*****.**");
$id_cliente = $cliente->add();
$ventas_casuales = $db->consulta("SELECT * FROM `moto` WHERE est_moto_id=4 AND moto_eliminado=0 AND suc_id<10");
foreach ($ventas_casuales as $vc) {
$venta = new venta();
$venta->setcli_id($id_cliente);
$venta->setest_venta_id(4);
$venta->setmoto_id($vc["moto_id"]);
$venta->setsuc_id($vc["suc_id"]);
$venta->setus_id(2);
$venta->setus_id_modifica(0);
$venta->setventa_descripcion("");
$venta->setventa_eliminado(0);
$venta->setventa_fecha(date("Y-m-d"));
$venta->setventa_fecha_entrega(date("Y-m-d H:i:s"));
$venta->setventa_monto_adicional();
$venta->setventa_nro_factura();
$venta->setventa_numero();
<?php
session_start();
include dirname(dirname(dirname(__FILE__))) . "/functions/inc/util.inc.php";
include dirname(dirname(dirname(__FILE__))) . "/functions/inc/mydb.inc.php";
include dirname(dirname(dirname(__FILE__))) . "/functions/inc/seguridad.php";
include dirname(dirname(dirname(__FILE__))) . "/functions/conf/conf.php";
$conf = new conf();
$db = new mydb();
$db->rawData("SET NAMES 'utf8'");
$formatos_img = array('image/jpeg', 'image/pjpeg', 'image/png', 'image/jpg');
$_SESSION["campos"] = $_POST;
if (trim($_POST["nombre"]) != "" && trim($_POST["descripcion"]) != "" && $_POST["categoria"] != 0) {
$db->rawData("INSERT INTO producto (prod_nombre,prod_descripcion,catp_id,idioma_id,prod_eliminado,prod_foto," . "prod_destacado,prod_keywords,prod_publicado)" . " VALUES ('" . addslashes($_POST["nombre"]) . "','" . addslashes($_POST["descripcion"]) . "'," . $_POST["categoria"] . "," . $_SESSION["idioma_gestor"] . ",0,''," . $_POST["destacada"] . "" . ",'" . addslashes($_POST["palabras_clave"]) . "'," . $_POST["publicada"] . ")");
$id_max = $db->consulta("SELECT * FROM producto WHERE prod_eliminado=0 AND idioma_id=" . $_SESSION["idioma_gestor"] . " " . "ORDER BY prod_id DESC LIMIT 1");
if ($_FILES["imagen"]["size"] > max_upload_file_size()) {
header("Location:../index.php?acc=" . $_POST["acc"] . "&msg=5");
die;
}
if ($_FILES["imagen"]["name"] != "" && in_array($_FILES["imagen"]["type"], $formatos_img)) {
$ext = obtenerExtension($_FILES["imagen"]["name"]);
move_uploaded_file($_FILES["imagen"]["tmp_name"], $conf->getRoot() . "/img/producto/" . $id_max[0]["prod_id"] . "." . $ext);
$db->rawData("UPDATE producto SET prod_foto='" . $id_max[0]["prod_id"] . "." . $ext . "' WHERE prod_id=" . $id_max[0]["prod_id"]);
} else {
if ($_FILES["imagen"]["name"] != "") {
header("Location:../index.php?acc=" . $_POST["acc"] . "&msg=2");
die;
}
}
unset($_SESSION["campos"]);
header("Location:../index.php?acc=" . $_POST["acc"] . "&msg=3");
<?php
session_start();
include dirname(dirname(dirname(__FILE__))) . "/functions/inc/util.inc.php";
include dirname(dirname(dirname(__FILE__))) . "/functions/inc/mydb.inc.php";
include dirname(dirname(dirname(__FILE__))) . "/functions/inc/seguridad.php";
include dirname(dirname(dirname(__FILE__))) . "/functions/conf/conf.php";
$conf = new conf();
$db = new mydb();
$db->rawData("SET NAMES 'utf8'");
$formatos_img = array('image/jpeg', 'image/pjpeg', 'image/png', 'image/jpg');
if (trim($_POST["nombre"]) != "") {
$img_del = "";
if ($_POST["elim_img"] == 1) {
$img_del = ",marca_foto='' ";
$rs = $db->consulta("SELECT * FROM marca WHERE marca_id=" . $_POST["id"]);
if (file_exists(dirname(dirname(dirname(__FILE__))) . "/img/marca/" . $rs[0]["marca_foto"])) {
unlink(dirname(dirname(dirname(__FILE__))) . "/img/marca/" . $rs[0]["marca_foto"]);
}
}
$db->rawData("UPDATE marca SET marca_nombre='" . addslashes($_POST["nombre"]) . "' " . $img_del . " WHERE marca_id=" . $_POST["id"]);
if ($_FILES["imagen"]["size"] > max_upload_file_size()) {
header("Location:../index.php?acc=" . $_POST["acc"] . "&msg=5");
die;
}
if ($_FILES["imagen"]["name"] != "" && in_array($_FILES["imagen"]["type"], $formatos_img)) {
$ext = obtenerExtension($_FILES["imagen"]["name"]);
move_uploaded_file($_FILES["imagen"]["tmp_name"], $conf->getRoot() . "/img/marca/" . $_POST["id"] . "." . $ext);
$db->rawData("UPDATE marca SET marca_foto='" . $_POST["id"] . "." . $ext . "' WHERE marca_id=" . $_POST["id"]);
} else {
if ($_FILES["imagen"]["name"] != "") {
<?php
//die(print_r($_POST));
session_start();
include dirname(dirname(__FILE__)) . "/functions/inc/util.inc.php";
include dirname(dirname(__FILE__)) . "/functions/inc/mydb.inc.php";
include dirname(dirname(__FILE__)) . "/functions/inc/seguridad.php";
include dirname(dirname(__FILE__)) . "/entidades/usuario.class.php";
$db = new mydb();
//die(print_r($_POST));
$_SESSION["campos"] = $_POST;
$usuario = new usuario();
$check = $db->consulta("SELECT * FROM usuario \n WHERE us_nick='{$_POST["nick"]}' \n \n AND us_eliminado=0");
if (trim($_POST["nick"]) != "" && trim($_POST["nombre"]) != "" && $_POST["perfil"] != 0) {
if (count($check) == 0) {
$usuario->setus_nombre(addslashes($_POST["nombre"]));
$usuario->setus_apellido(addslashes($_POST["apellido"]));
$usuario->setus_email(addslashes($_POST["email"]));
$usuario->setus_nombre(addslashes($_POST["nombre"]));
$usuario->setus_telefono(addslashes($_POST["telefono"]));
$usuario->setus_direccion(addslashes($_POST["domicilio"]));
$usuario->setus_nick(addslashes($_POST["nick"]));
$usuario->setperfil_id($_POST["perfil"]);
if ($_POST["contrasenia"] == $_POST["recontrasenia"] && $_POST["contrasenia"] != "") {
$usuario->setus_pass(md5($_POST["contrasenia"]));
} else {
header("Location:/index.php?acc=" . $_POST["acc"] . "&msg=1");
die;
}
$id = $usuario->add();
unset($_SESSION["campos"]);
<?php
session_start();
include dirname(dirname(dirname(__FILE__))) . "/functions/inc/mydb.inc.php";
include dirname(dirname(dirname(__FILE__))) . "/functions/inc/seguridad.php";
$db = new mydb();
if (is_numeric($_GET["id"])) {
$db->rawData("UPDATE pagina SET pagina_eliminado={$_SESSION["usuario_gestor"]["us_id"]} WHERE pagina_id=" . $_GET["id"]);
$rs = $db->consulta("SELECT * FROM pagina WHERE pagina_id=" . $_GET["id"]);
if (file_exists(dirname(dirname(dirname(__FILE__))) . "/img/pagina/" . $rs[0]["pagina_foto"])) {
unlink(dirname(dirname(dirname(__FILE__))) . "/img/pagina/" . $rs[0]["pagina_foto"]);
}
header("Location:../index.php?acc=" . $_GET["acc"] . "&msg=1");
}
<?php
session_start();
include dirname(dirname(dirname(__FILE__))) . "/functions/inc/util.inc.php";
include dirname(dirname(dirname(__FILE__))) . "/functions/inc/mydb.inc.php";
include dirname(dirname(dirname(__FILE__))) . "/functions/inc/seguridad.php";
include dirname(dirname(dirname(__FILE__))) . "/functions/conf/conf.php";
$conf = new conf();
$db = new mydb();
$db->rawData("SET NAMES 'utf8'");
$formatos_img = array('image/jpeg', 'image/pjpeg', 'image/png', 'image/jpg');
$_SESSION["campos"] = $_POST;
if (trim($_POST["nombre"]) != "" && $_POST["marca"] != "") {
$db->rawData("INSERT INTO modelo (modelo_nombre,marca_id,modelo_eliminado) VALUES ('" . addslashes($_POST["nombre"]) . "'," . $_POST["marca"] . ",0)");
$id_max = $db->consulta("SELECT * FROM modelo WHERE modelo_eliminado=0 ORDER BY modelo_id DESC LIMIT 1");
if ($_FILES["imagen"]["size"] > max_upload_file_size()) {
header("Location:../index.php?acc=" . $_POST["acc"] . "&msg=5");
die;
}
if ($_FILES["imagen"]["name"] != "" && in_array($_FILES["imagen"]["type"], $formatos_img)) {
$ext = obtenerExtension($_FILES["imagen"]["name"]);
move_uploaded_file($_FILES["imagen"]["tmp_name"], $conf->getRoot() . "/img/modelo/" . $id_max[0]["modelo_id"] . "." . $ext);
$db->rawData("UPDATE modelo SET modelo_foto='" . $id_max[0]["modelo_id"] . "." . $ext . "' WHERE modelo_id=" . $id_max[0]["modelo_id"]);
} else {
if ($_FILES["imagen"]["name"] != "") {
header("Location:../index.php?acc=" . $_POST["acc"] . "&msg=2");
die;
}
}
unset($_SESSION["campos"]);
header("Location:../index.php?acc=" . $_POST["acc"] . "&msg=3");
<?php
session_start();
include dirname(dirname(dirname(dirname(__FILE__)))) . "/functions/inc/mydb.inc.php";
include dirname(dirname(dirname(dirname(__FILE__)))) . "/functions/inc/seguridad.php";
$db = new mydb();
if (is_numeric($_GET["id"])) {
$rs = $db->consulta("SELECT * FROM imagen_curso WHERE ic_id=" . $_GET["id"]);
$db->rawData("DELETE FROM imagen_curso WHERE ic_id=" . $_GET["id"]);
if (file_exists(dirname(dirname(dirname(dirname(__FILE__)))) . "/img/curso/" . $rs[0]["ic_imagen"])) {
unlink(dirname(dirname(dirname(dirname(__FILE__)))) . "/img/curso/" . $rs[0]["ic_imagen"]);
}
header("Location:../../index.php?acc=" . $_GET["acc"] . "&msg=1");
}
include dirname(dirname(dirname(__FILE__))) . "/functions/conf/conf.php";
$conf = new conf();
$db = new mydb();
$db->rawData("SET NAMES 'utf8'");
$formatos_img = array('image/jpeg', 'image/pjpeg', 'image/png', 'image/jpg');
$_SESSION["campos"] = $_POST;
if (trim($_POST["nombre"]) != "" && trim($_POST["apellido"]) != "" && $_POST["estado"] != 0 && trim($_POST["email"]) != "" && trim($_POST["password"]) != "") {
if (!validarMail($_POST["email"])) {
header("Location:../index.php?acc=" . $_POST["acc"] . "&msg=8");
die;
}
if (!validarPass($_POST["password"])) {
header("Location:../index.php?acc=" . $_POST["acc"] . "&msg=9");
die;
}
$existe_mail = $db->consulta("SELECT * FROM usuario_sitio WHERE usw_eliminado=0 AND usw_email='" . $_POST["email"] . "'");
if (count($existe_mail)) {
header("Location:../index.php?acc=" . $_POST["acc"] . "&msg=6");
die;
}
if (trim($_POST["scanycar"]) != "") {
$existe_scanycar = $db->consulta("SELECT * FROM usuario_sitio WHERE usw_eliminado=0 AND usw_scanycar='" . trim(addslashes($_POST["scanycar"])) . "'");
if (count($existe_scanycar)) {
header("Location:../index.php?acc=" . $_POST["acc"] . "&msg=7");
die;
}
}
$db->rawData("INSERT INTO usuario_sitio (usw_apellido,usw_nombre,estado_id,usw_email,usw_password,usw_scanycar,usw_fecha_alta,usw_eliminado) VALUES" . " ('" . addslashes($_POST["apellido"]) . "','" . addslashes($_POST["nombre"]) . "'," . $_POST["estado"] . ",'" . $_POST["email"] . "','" . md5($_POST["password"]) . "'," . "'" . trim(addslashes($_POST["scanycar"])) . "','" . date("Y-m-d H:i:s") . "',0)");
$id_max = $db->consulta("SELECT * FROM usuario_sitio WHERE usw_eliminado=0 ORDER BY usw_id DESC LIMIT 1");
$db->rawData("INSERT INTO direccion_envio (dire_direccion,dire_extra,pais_id,dire_provincia,dire_telefono,dire_movil,dire_ciudad,dire_cp,usw_id,dire_eliminado) VALUES" . " ('" . addslashes($_POST["direccion"]) . "','" . addslashes($_POST["extra"]) . "'," . $_POST["pais"] . ",'" . addslashes($_POST["provincia"]) . "','" . addslashes($_POST["telefono"]) . "'," . "'" . addslashes($_POST["movil"]) . "','" . addslashes($_POST["ciudad"]) . "','" . addslashes($_POST["cp"]) . "'," . $id_max[0]["usw_id"] . ",0)");
unset($_SESSION["campos"]);
<?php
session_start();
include dirname(dirname(dirname(dirname(__FILE__)))) . "/functions/inc/util.inc.php";
include dirname(dirname(dirname(dirname(__FILE__)))) . "/functions/inc/mydb.inc.php";
include dirname(dirname(dirname(dirname(__FILE__)))) . "/functions/inc/seguridad.php";
include dirname(dirname(dirname(dirname(__FILE__)))) . "/functions/conf/conf.php";
$conf = new conf();
$db = new mydb();
$db->rawData("SET NAMES 'utf8'");
$_SESSION["campos"] = $_POST;
if (trim($_POST["nombre"]) != "" && trim($_FILES["archivo"]["name"]) != "" && trim($_POST["curso"]) != "") {
$db->rawData("INSERT INTO archivo_curso (ac_archivo,ac_descripcion,curso_id,ac_nombre)" . " VALUES ('','" . addslashes($_POST["descripcion"]) . "'," . $_POST["curso"] . ",'" . addslashes($_POST["nombre"]) . "')");
$id_max = $db->consulta("SELECT * FROM archivo_curso WHERE 1 ORDER BY ac_id DESC LIMIT 1");
if ($_FILES["archivo"]["size"] > max_upload_file_size()) {
header("Location:../../index.php?acc=" . $_POST["acc"] . "&msg=5");
die;
}
if ($_FILES["archivo"]["name"] != "") {
$ext = obtenerExtension($_FILES["archivo"]["name"]);
move_uploaded_file($_FILES["archivo"]["tmp_name"], $conf->getRoot() . "/archivos/curso/" . $id_max[0]["ac_id"] . "." . $ext);
$db->rawData("UPDATE archivo_curso SET ac_archivo='" . $id_max[0]["ac_id"] . "." . $ext . "' WHERE ac_id=" . $id_max[0]["ac_id"]);
} else {
if ($_FILES["archivo"]["name"] != "") {
header("Location:../../index.php?acc=" . $_POST["acc"] . "&msg=2");
die;
}
}
unset($_SESSION["campos"]);
header("Location:../../index.php?acc=" . $_POST["acc"] . "&msg=3");
die;
<?php
include_once '/functions/inc/mydb.inc.php';
$nombre_fichero = "ciudades.html";
$fichero_texto = fopen($nombre_fichero, "r");
$contenido_fichero = fread($fichero_texto, filesize($nombre_fichero));
$contenido = explode("<id_prov>", $contenido_fichero);
$db = new mydb();
//die(print_r($contenido)." ".count($contenido));
for ($i = 0; $i < count($contenido); $i++) {
if (isset($contenido[$i]) && trim($contenido[$i]) != "") {
$ciudades = explode("@@", $contenido[$i]);
$id_provincia = $ciudades[0];
$ciudades = explode("</option>", $ciudades[1]);
//die(print_r($contenido[$i]));
for ($j = 0; $j < count($ciudades); $j++) {
$nombre = explode(">", $ciudades[$j]);
//die(print_r($nombre));
if (isset($nombre[1]) && trim($nombre[1]) != "") {
$nombre = addslashes($nombre[1]);
$existe = $db->consulta("SELECT * FROM ciudad WHERE ciud_nombre='{$nombre}'");
// die(print_r($existe)." ".count($existe));
if (count($existe) == 0) {
$db->rawData("INSERT INTO ciudad (prov_id,ciud_nombre) VALUES ({$id_provincia},'{$nombre}')");
}
}
}
}
}