function getNavMenuObj($menuid, $menuAutoGroupFile = null, $params = null)
{
if ($params == null) {
$params = array("dbtable" => _dbtable("links"), "requiredTableList" => _db(true)->getTableList(), "requiredModuleList" => null, "sysdb" => false, "site" => SITENAME);
}
if ($menuAutoGroupFile != null) {
if (file_exists($menuAutoGroupFile)) {
$json = file_get_contents($menuAutoGroupFile);
$arrMenu = json_decode($json, true);
if ($arrMenu == null) {
$arrMenu = array();
} else {
foreach ($arrMenu as $a => $b) {
if (isset($b['enabled']) && !$b['enabled'] && !$allGenerators) {
unset($arrMenu[$a]);
}
}
}
}
} else {
$arrMenu = array();
}
$sm = new AutoMenus($arrMenu);
//$sm->printTitle($params['printTitle']);
$sm->requiredTableList($params['requiredTableList']);
$sm->requiredModuleList($params['requiredModuleList']);
$sm->generateSQL($params['site'], $_SESSION["SESS_PRIVILEGE_NAME"], $params['sysdb']);
return $sm;
}
function order_matching_user_hase()
{
global $fromDate, $toDate, $tmpFromDate, $tmpToDate, $maxTradingDate, $func;
//HOSE
$db = _db('eps');
$db->query('call sp_getStockSymbolList("' . $maxTradingDate . '",2)');
$objs = $db->fetchAll();
$db->connect();
//Kiem tra symbol truyen vao ton tai hay khong
$hasSymbol = false;
$symbol = '';
if (!empty($_GET['symbol'])) {
$symbol = $_GET['symbol'];
}
foreach ($objs as $item) {
$data['StockSymbols'][] = $item['StockSymbol'];
if ($symbol == $item['StockSymbol']) {
$hasSymbol = true;
$data['StockSymbol'] = $symbol;
$data['SecurityName'] = $item['SecurityName'];
}
}
if (!empty($data['StockSymbols'])) {
$data['StockSymbols'] = json_encode($data['StockSymbols']);
}
//Neu co symbol thi filter theo symbol
if ($hasSymbol) {
$data['hase_current_security'] = get_hn_security_filter($symbol, $fromDate, $toDate);
$func = 'hase.filter';
$data['symbol'] = $symbol;
} else {
$db->connect();
$data['maxtradingdate'] = $maxTradingDate;
$db->query('call sp_HN_getCurrentMarketInfo("' . $maxTradingDate . '")');
if ($obj = $db->fetch()) {
$data['hase_total_market'] = $obj;
}
$db->connect();
$db->query('call sp_getTopUp("' . $maxTradingDate . '",2)');
if ($objs = $db->fetchAll()) {
$data['hase_top_gainers'] = $objs;
}
$db->connect();
$db->query('call sp_getTopDown("' . $maxTradingDate . '", 2)');
if ($objs = $db->fetchAll()) {
$data['hase_top_losers'] = $objs;
}
$db->connect();
$db->query('call sp_getTopActive("' . $maxTradingDate . '",2)');
if ($objs = $db->fetchAll()) {
$data['hase_top_last_vol'] = $objs;
}
$data['hase_current_security'] = get_hn_security($maxTradingDate);
}
$data['from_date'] = $fromDate;
$data['to_date'] = $toDate;
$data['chart_startdate'] = date("Y-m-d", mktime(0, 0, 0, date("m", strtotime($maxTradingDate)) - 6, date("d", strtotime($maxTradingDate)), date("Y", strtotime($maxTradingDate))));
$data['chart_today'] = $maxTradingDate;
return $data;
}
function saveFeedback()
{
$feedback = array('name' => '', 'email' => '', 'subject' => '', 'message' => '', 'userid' => $_SESSION['SESS_USER_ID'], 'blocked' => 'false', 'dtoc' => date('Y-m-d H:i:s'), 'dtoe' => date('Y-m-d H:i:s'));
foreach ($feedback as $k => $v) {
if (isset($_POST[$k])) {
$feedback[$k] = trim($_POST[$k]);
}
}
$sql = _db()->_insertQ1('feedbacks', $feedback);
$res = _dbQuery($sql);
$id = _db()->insert_id();
if ($res) {
_dbFree($res);
//send email to admin
$mailto = "*****@*****.**";
$mailfrom = "*****@*****.**";
$feedback_content = array("name" => $_REQUEST['name'], "email" => $_REQUEST['email'], "subject" => $_REQUEST['subject'], "message" => $_REQUEST['message']);
$template = _template("feedback_admin", $profile);
loadHelpers('email');
sendMail($mailto, " Feedback", $template, $mailfrom);
return "success";
} else {
return "error";
}
}
function feedindustry_feed_main()
{
$db = _db('stockbiz');
$db->query('SELECT SectorId FROM _prefix_sector');
$objs = $db->fetchAll();
for ($i = 0; $i < count($objs); $i++) {
feedIndustryBySector($objs[$i]['SectorId']);
}
}
function db_ping($name = "default")
{
$i = _db($name);
if (mysql_ping($i) == False) {
mysql_close($i);
unset($GLOBALS["_db_instance_{$name}"]);
}
return _db($name);
}
function feedlastestfinalratios_feed_symbol()
{
$db = _db('stockbiz');
$db->query('SELECT Symbol FROM symbol');
$objs = $db->fetchAll();
for ($i = 0; $i < count($objs); $i++) {
feedLastestFinalRatiosBySymbol($objs[$i]['Symbol']);
}
}
function registerSettings($name, $value = "", $scope = "default")
{
$data = array("userid" => $_SESSION['SESS_USER_ID'], "site" => SITENAME, "scope" => $scope, "name" => $name, "settings" => $value);
$q = _db(true)->_insertQ1(_dbtable("settings", true), $data);
$res = _dbQuery($q, true);
if ($res) {
return true;
} else {
return false;
}
}
function get_hn_security($date)
{
$db = _db('eps');
$db->connect();
$db->query('call sp_HN_getCurrentStockInfo("' . $date . '")');
$ret = $db->fetchAll();
for ($i = 0; $i < count($ret); $i++) {
$result[$i]["StockSymbol"] = $ret[$i]["StockCode"];
$result[$i]["PriorClosePrice"] = $ret[$i]["BasicPrice"] / 1000;
$result[$i]["ceiling"] = $ret[$i]["CeilingPrice"] / 1000;
$result[$i]["floor"] = $ret[$i]["FloorPrice"] / 1000;
$result[$i]["best3bid"] = $ret[$i]["BOrdPrice3"] / 1000;
$result[$i]["best3bidvolume"] = $ret[$i]["BOrdQtty3"];
$result[$i]["best2bid"] = $ret[$i]["BOrdPrice2"] / 1000;
$result[$i]["best2bidvolume"] = $ret[$i]["BOrdQtty2"];
$result[$i]["best1bid"] = $ret[$i]["BOrdPrice1"] / 1000;
$result[$i]["best1bidvolume"] = $ret[$i]["BOrdQtty1"];
$result[$i]["best3offer"] = $ret[$i]["SOrdPrice3"] / 1000;
$result[$i]["best3offervolume"] = $ret[$i]["SOrdQtty3"];
$result[$i]["best3offer"] = $ret[$i]["SOrdPrice3"] / 1000;
$result[$i]["best3offervolume"] = $ret[$i]["SOrdQtty3"];
$result[$i]["best3offer"] = $ret[$i]["SOrdPrice3"] / 1000;
$result[$i]["best3offervolume"] = $ret[$i]["SOrdQtty3"];
$result[$i]["best2offer"] = $ret[$i]["SOrdPrice2"] / 1000;
$result[$i]["best2offervolume"] = $ret[$i]["SOrdQtty2"];
$result[$i]["best1offer"] = $ret[$i]["SOrdPrice1"] / 1000;
$result[$i]["best1offervolume"] = $ret[$i]["SOrdQtty1"];
$result[$i]["last_price"] = $ret[$i]["MatchPrice"] / 1000;
$result[$i]["last_volume"] = $ret[$i]["TotalTradingQtty"];
$result[$i]["LastVal"] = $ret[$i]["TotalTradingValue"];
$result[$i]["unmatch_bid"] = $result[$i]["best3bidvolume"] + $result[$i]["best2bidvolume"] + $result[$i]["best1bidvolume"];
$result[$i]["unmatch_offer"] = $result[$i]["best3offervolume"] + $result[$i]["best2offervolume"] + $result[$i]["best1offervolume"];
if ($result[$i]["last_price"] == 0) {
$result[$i]["last_change"] = $result[$i]["change"] = 0;
} else {
$result[$i]["last_change"] = $result[$i]["change"] = ($ret[$i]["MatchPrice"] - $ret[$i]["BasicPrice"]) / 1000;
}
$result[$i]["fbuy"] = $ret[$i]["FBuy"];
$result[$i]["fsell"] = $ret[$i]["FSell"];
$result[$i]["currentroom"] = $ret[$i]["RemainForeignQtty"];
$result[$i]["securityname"] = $ret[$i]["SecurityName"];
$result[$i]["totaltradingquantity"] = $ret[$i]["NmTotalTradedQtty"];
$result[$i]["highestprice"] = $ret[$i]["HighestPrice"] / 1000;
$result[$i]["lowestprice"] = $ret[$i]["LowestPrice"] / 1000;
if ($ret[$i]["ClosePrice"] != 0) {
$result[$i]["percentage_change"] = $ret[$i]["BasicPrice"] / $ret[$i]["ClosePrice"];
} else {
$result[$i]["percentage_change"] = 0;
}
}
$db->connect();
return $result;
}
function news_admin_main()
{
$paging = new Paging('p', _result_per_page(), 1, 9);
$paging->sCurrentPageClass = 'current';
$paging->sPageNextClass = 'next';
$sqlOrder = 'news_id desc';
if (!empty($_GET['sortby'])) {
$sortby = $_GET['sortby'];
$sort = $_GET['sort'];
if ($sort == 'asc') {
$sqlOrder = $sortby . ' asc';
} else {
if ($sort == 'desc') {
$sqlOrder = $sortby . ' desc';
}
}
}
$sqlOrder = 'ordering DESC,is_category desc,' . $sqlOrder;
$data = array();
$db = _db();
$pid = 0;
$parent = null;
if (!empty($_GET['pid'])) {
$pid = $_GET['pid'];
if ($pid != 0) {
$db->prepare('SELECT news_id, parent_id FROM `_prefix_news` WHERE news_id=:ID');
$db->bindValue(':ID', $pid, PARAM_INT);
$db->execute();
if ($parent = $db->fetch()) {
$data['parent'] = $parent;
} else {
$pid = 0;
}
}
}
$cats[0] = '-- Không thuộc nhóm --';
getCategoryList($cats);
$data['category'] = $cats;
$db->prepare('SELECT SQL_CALC_FOUND_ROWS ordering ,is_quantam, is_tieudiem,news_id, news_created, news_title, is_category, is_enabled, is_showintroimage,introimage FROM `_prefix_news` WHERE parent_id=:PARENT_ID ORDER BY :ORDER LIMIT :OFFSET, :TOTAL');
$db->bindValue(':PARENT_ID', $pid, PARAM_INT);
$db->bindValue(':ORDER', $sqlOrder, PARAM_NONE);
$db->bindValue(':OFFSET', $paging->getResultRowStart(), PARAM_INT);
$db->bindValue(':TOTAL', _result_per_page(), PARAM_INT);
$db->execute();
die('xyz');
if ($items = $db->fetchAll()) {
$data['items'] = $items;
}
//Lay tong cong so record
$paging->nTotalRow = $db->total_last_limit_query();
$data['paging'] = $paging;
return $data;
}
function push_user_upcom()
{
$db = _db('eps');
$db->query('call sp_upcom_getCurrentMarketInfo("' . maxTradingDate() . '")');
if ($data = $db->fetch()) {
$obj['MarketIndex'] = _num_format($data['MarketIndex']);
$obj['CHGIndex'] = _num_format($data['CHGIndex']);
$obj['PCTIndex'] = _num_format($data['PCTIndex']);
echo json_encode($obj);
}
exit(0);
}
function companyrank_user_main()
{
$db = _db('stockbiz');
$data = array();
$view = 0;
if (!empty($_GET['view'])) {
$view = intval($_GET['view']);
}
if (!empty($_GET['sectorid'])) {
$sectorId = intval($_GET['sectorid']);
//{Lay thong tin nganh
$db->query('SELECT * FROM _prefix_sector WHERE SectorId=' . $sectorId);
if ($result = $db->fetch()) {
//{Lay cac linh vuc thuoc nganh
$db->query('SELECT * FROM _prefix_industry WHERE SectorId=' . $sectorId);
$result['Industries'] = $db->fetchAll();
//}
$data['sector'] = $result;
}
//}
//{Lay cac cong ty thuoc linh vuc
$db->query('SELECT c.Symbol,CompanyName,LFY,Quarter,Year,MarketCapitalization/1000000000 AS MarketCapitalization,DilutedPE_LFY,DilutedPE_TTM FROM _prefix_companyinfo c, _prefix_lastestfinancialratios f
WHERE c.Symbol=f.Symbol AND c.IndustryID IN (SELECT IndustryID FROM _prefix_industry WHERE SectorId=' . $sectorId . ')');
if ($result = $db->fetchAll()) {
$data['company'] = $result;
}
//}
$data['display'] = 'sector';
} elseif (!empty($_GET['industryid'])) {
$industryId = intval($_GET['industryid']);
//{Lay thong tin nganh
$db->query('SELECT * FROM _prefix_industry WHERE IndustryId=' . $industryId);
if ($result = $db->fetch()) {
//{Lay cac linh vuc thuoc nganh
$db->query('SELECT * FROM _prefix_sector WHERE SectorId=' . $result['SectorId']);
$data['sector'] = $db->fetch();
//}
$data['industry'] = $result;
}
//}
//{Lay cac cong ty thuoc nganh
$db->query('SELECT c.Symbol,CompanyName,LFY,Quarter,Year,MarketCapitalization/1000000000 AS MarketCapitalization,DilutedPE_LFY,DilutedPE_TTM FROM _prefix_companyinfo c, _prefix_lastestfinancialratios f
WHERE c.Symbol=f.Symbol AND c.IndustryID=' . $industryId);
if ($result = $db->fetchAll()) {
$data['company'] = $result;
}
//}
$data['display'] = 'industry';
}
$data['view'] = $view;
return $data;
}
function getGroupInfo($groupid)
{
$sql = _db(true)->_selectQ(_dbTable("users_group", true), "*")->_where(array("id" => $groupid));
if (!isset($_SESSION['SESS_PRIVILEGE_ID']) || $_SESSION['SESS_PRIVILEGE_ID'] > ROLE_PRIME) {
$sql->_where(["guid" => $data['SESS_GUID']]);
}
$data = $sql->_GET();
if ($data) {
return $data[0];
} else {
return false;
}
}
function currentSession($date)
{
global $_session;
if ($_session == -1) {
$db = _db('eps');
$db->query('call sp_getSession_MarketStat(' . maxTradingDate($date) . ');');
$result = $db->fetch();
$_session = $result['Session'];
//reset lai de o ngoai khong phai connect
$db->connect();
}
return $_session;
}
function new_warning_post($post_or_userid, $subject, $message, $points, $KIND)
{
global $userdata, $settings, $locale;
if ($KIND == "Forum") {
$new_warning_sql = dbquery("SELECT post_id, thread_id, forum_id, post_author FROM " . DB_POSTS . " WHERE post_id='" . $post_or_userid . "'");
}
if ($KIND == "Other" || dbrows($new_warning_sql) != 0) {
if ($KIND == "Forum") {
$post_warn_data = dbarray($new_warning_sql);
$warnuser_id = $post_warn_data['post_author'];
$post = $post_or_userid;
$threadid = $post_warn_data['thread_id'];
$forumid = $post_warn_data['forum_id'];
} else {
$warnuser_id = $post_or_userid;
$post = "0";
$threadid = "0";
$forumid = "0";
}
$insertdate = date("U");
$sql = dbquery("INSERT INTO " . DB_WARNING . "\r\n\t\t(warn_kind, user_id, post_id, thread_id, forum_id, warn_subject, warn_message, warn_point, warn_admin, warn_datestamp)\r\n\t\tVALUES\r\n\t\t(" . _db($KIND) . ", " . _db($warnuser_id) . ", " . _db($post) . ", " . _db($threadid) . ", " . _db($forumid) . ", " . _db($subject) . ", " . _db($message) . ",\r\n\t\t" . _db($points) . ", " . _db($userdata['user_id']) . ", " . _db($insertdate) . ");");
// We need to send a PM to the warned user
if ($settings['warning_set_send_pm'] == 1) {
$pn_subject = stripinput(trim($locale['WARN210']));
if ($KIND == "Forum") {
$in = $locale['WARN211'] . " [url=" . $settings['siteurl'] . "forum/viewthread.php?thread_id=" . $post_warn_data['thread_id'] . "&pid=" . $post_warn_data['post_id'] . "#post_" . $post_warn_data['post_id'] . "]" . GetPostTitle($post_warn_data['thread_id']) . "[/url]\n";
} else {
$in = '';
}
$warning_subject = dbarray(dbquery("SELECT warn_subject FROM " . DB_WARNING_CATALOG . " WHERE warn_id='" . $subject . "'"));
$data_w = dbarray(dbquery("SELECT warn_length FROM " . DB_WARNING_CATALOG . " WHERE warn_id='" . (int) $subject . "'"));
$warning_length = $insertdate + $data_w['warn_length'] * 86400;
$pn_messages = stripinput(trim($in . $locale['WARN212'] . " " . $warning_subject['warn_subject'] . "\r\n\t\t\t\t\t\t\t\t\t" . $locale['WARN213'] . " " . $message . "\r\n\t\t\t\t\t\t\t\t\t" . $locale['WARN214'] . date($locale['WARN215'], $warning_length) . $locale['WARN216']));
if ($settings['warning_set_pm_from'] == 0) {
$pn_from = $userdata['user_id'];
} else {
$pn_from = $settings['warning_set_pm_from'];
}
$result = dbquery("INSERT INTO " . DB_MESSAGES . " (message_to, message_from, message_subject, message_message, message_smileys, message_read, message_datestamp, message_folder) VALUES ('" . $warnuser_id . "','" . $pn_from . "','" . $pn_subject . "','" . $pn_messages . "','y','0','" . $insertdate . "','0')");
}
// We need to send a PM to an Admin if User has more than 100 points
if (show_warning_points($warnuser_id) >= 100) {
$pn_subject = stripinput(trim($locale['WARN217']));
$pn_messages = stripinput(trim("The member reached the limit:\n [url=" . $settings['siteurl'] . "warning.php?lookup=" . $warnuser_id . "]" . $locale['WARN218'] . "[/url]\n You should take some actions and suspend/bann this member!"));
$result = dbquery("INSERT INTO " . DB_MESSAGES . " (message_to, message_from, message_subject, message_message, message_smileys, message_read, message_datestamp, message_folder) VALUES ('" . $settings['warning_set_pm_to'] . "','" . "0" . "','" . $pn_subject . "','" . $pn_messages . "','y','0','" . $insertdate . "','0')");
}
return true;
} else {
return false;
}
}
function createDataSelector($dbLink, $groupID, $allowNone = true, $format = "select", $orderBy = null, $params = array())
{
if (isset($_SESSION['SESS_PRIVILEGE_ID'])) {
$where = "blocked='false' && groupid='{$groupID}' and (privilege='*' OR FIND_IN_SET('{$_SESSION['SESS_PRIVILEGE_NAME']}',privilege))";
} else {
$where = "blocked='false' && groupid='{$groupID}' and privilege='*'";
}
if ($orderBy == null) {
$where .= " ORDER BY title";
} elseif (strlen($orderBy) > 0) {
$where .= " ORDER BY {$orderBy}";
}
return createDataSelectorFromTable(_db(), _dbtable("lists"), "title", "value", "class", null, $where, null, false, $allowNone, $format, $params);
}
function registerSettings($name, $value = "", $scope = "system")
{
if (is_file($value)) {
$value = json_decode(file_get_contents($value), true);
}
$data = array("guid" => $_SESSION['SESS_GUID'], "userid" => $_SESSION['SESS_USER_ID'], "site" => SITENAME, "scope" => strtolower($scope), "name" => $name, "settings" => $value);
$q = _db(true)->_insertQ1(_dbTable("settings", true), $data);
$res = _dbQuery($q, true);
if ($res) {
return true;
} else {
return false;
}
}
public static function online()
{
$db = _db();
$sql = 'SELECT COUNT(*) as user_online FROM session';
$db->query($sql);
$db->execute();
$useronline = $db->fetch();
$useronline = $useronline['user_online'];
$min = _db_option_value('default_visitor_online');
if ($min > $useronline) {
$useronline = $min;
}
return $useronline;
}
function feedsector_feed_main()
{
global $_configs;
$url = 'http://datafeed.stockbiz.vn/CompanyService.asmx?WSDL';
$params = array('userName' => $_configs['stockbiz_user'], 'password' => $_configs['stockbiz_pass']);
if ($objs = _feed_stockbiz('GetSectors', $url, $params)) {
$db = _db('stockbiz');
$objs = $objs['GetSectorsResult']['Sector'];
$db->query('TRUNCATE TABLE _prefix_sector');
for ($i = 0; $i < count($objs); $i++) {
$sql = buildInsertSQL('_prefix_sector', $objs[$i]);
$db->query($sql);
}
}
}
function checkUserID($userid, $site = SITENAME)
{
if ($userid == "root") {
return true;
}
if (!isset($_SESSION['SESS_PRIVILEGE_ID']) || $_SESSION['SESS_PRIVILEGE_ID'] > 2) {
$site = SITENAME;
}
$sql = _db(true)->_selectQ(_dbTable("users", true), "count(*) as cnt")->_where(array("blocked" => 'false', "userid" => $userid));
$sql1 = _db(true)->_selectQ(_dbTable("access", true), "id")->_where(array("blocked" => 'false'))->_whereRAW(' (FIND_IN_SET("' . SITENAME . '",sites) OR sites="*")');
$sql = $sql->_query("accessid", $sql1);
$res = _dbQuery($sql, true);
if ($res) {
$data = _dbData($res, true);
_dbFree($res, true);
return $data[0]['cnt'] > 0 ? true : false;
}
return false;
}
global $settings;
if ($settings['enable_tags']) {
$result = dbquery("SELECT tag_name FROM " . DB_TAGS . " WHERE tag_item_id='" . (int) $item_id . "' AND tag_type=" . _db($type) . "");
if (dbrows($result)) {
$result = dbquery("UPDATE " . DB_TAGS . " SET tag_name=" . _db($name) . " WHERE tag_item_id='" . (int) $item_id . "' AND tag_type=" . _db($type) . "");
} else {
$result = dbquery("INSERT INTO " . DB_TAGS . " (tag_item_id, tag_type, tag_name) VALUES ('" . (int) $item_id . "', " . _db($type) . ", " . _db($name) . ")");
}
}
}
function delete_tags($item_id, $type)
{
$result = dbquery("DELETE FROM " . DB_TAGS . " WHERE tag_item_id='" . (int) $item_id . "' AND tag_type=" . _db($type) . "");
return $result ? true : false;
}
function show_tags($item_id, $type)
{
global $settings, $locale;
if ($settings['enable_tags']) {
$result = dbquery("SELECT tag_name FROM " . DB_TAGS . " WHERE tag_item_id='" . (int) $item_id . "' AND tag_type=" . _db($type));
if (dbrows($result)) {
$data = dbarray($result);
if ($data['tag_name'] != "") {
switch ($type) {
case "N":
$title = $locale['tag_news'];
break;
case "A":
$title = $locale['tag_articles'];
break;
case "C":
$title = $locale['tag_custom'];
break;
case "F":
$title = $locale['tag_thread'];
break;
default:
$title = $locale['tag_custom'];
}
opentable($title);
$tag_a = explode(",", $data['tag_name']);
$tag_r = "";
function createDataSelectorFromTable($table, $columns, $where = null, $groupBy = null, $orderBy = null, $dbKey = "app")
{
$sqlObj = _db($dbKey)->_selectQ($table, $columns)->_where(array("blocked" => "false"));
if ($where != null) {
$sqlObj = $sqlObj->_where($where);
}
// if(isset($_SESSION['SESS_PRIVILEGE_ID'])) {
// $sqlObj=$sqlObj->_where(array("privilege"=>"*"))
// ->where("(privilege='*' OR FIND_IN_SET('{$_SESSION['SESS_PRIVILEGE_NAME']}',privilege))");
// } else {
// $sqlObj=$sqlObj->_where(array("privilege"=>"*"));
// }
if (strlen($groupBy) > 0) {
$sqlObj = $sqlObj->_groupby($groupBy);
}
if (strlen($orderBy) > 0) {
$sqlObj = $sqlObj->_orderby($orderBy);
}
return generateSelect(_dataSQL($sqlObj));
}
function companydata_ajax_getsymbol()
{
if (!empty($_GET['q'])) {
$sql = 'SELECT Symbol, CompanyName FROM _prefix_companyinfo WHERE Symbol LIKE ":SYMBOL%"';
if (!empty($_GET['se'])) {
$se = intval($_GET['se']);
$seName = '';
switch ($se) {
case 1:
$seName = 'HOSE';
break;
case 2:
$seName = 'HASTC';
break;
case 3:
$seName = 'UPCOM';
break;
}
if ($seName != '') {
$sql .= ' AND Bourse="' . $seName . '"';
}
}
if (!empty($_GET['industry'])) {
$sql .= ' AND IndustryID=' . intval($_GET['industry']);
}
$db = _db('stockbiz');
$db->prepare($sql);
$db->bindValue(':SYMBOL', $_GET['q'], PARAM_NONE);
$db->execute();
if ($symbols = $db->fetchAll()) {
for ($i = 0; $i < count($symbols); $i++) {
echo $symbols[$i]['Symbol'] . '|' . $symbols[$i]['CompanyName'] . "\n";
}
}
}
}
function changePWD()
{
$userid = $_SESSION["SESS_USER_ID"];
$tbl = _dbtable("users", true);
$sql1 = "SELECT pwd FROM {$tbl} WHERE userid='{$userid}'";
$r = _dbQuery($sql1, true);
$ra = _dbData($r);
if (!isset($ra[0])) {
$q = array("code" => "1", "msg" => "Error In Changing Password (1).");
echo json_encode($q);
exit;
}
$ra = $ra[0];
$_POST["old"] = getPWDHash($_POST["old"]);
$_POST["new"] = getPWDHash($_POST["new"]);
//printArray($ra);
//printArray($_POST);
//exit();
if ($ra["pwd"] != $_POST["old"]) {
$q = array("code" => "0", "msg" => "Old Password Doesn't Match. Please Use Correct Credentials. (2)");
echo json_encode($q);
exit;
}
$oldPwd = $_POST["old"];
$newPwd = $_POST["new"];
$date = date("Y-m-d");
$q = "UPDATE {$tbl} SET pwd = '{$newPwd}', doe = '{$date}' WHERE userid='{$userid}' and pwd='{$oldPwd}'";
_dbQuery($q, true);
if (_db(true)->affected_rows() <= 0) {
$q = array("code" => "0", "msg" => "Old Password Doesn't Match. Please Use Correct Credentials.(3)");
echo json_encode($q);
} else {
$q = array("code" => "1", "msg" => "Successfully Updated Your New Password");
echo json_encode($q);
}
}
}
}
}
displayLocalImage("images/warning.png", "view");
} elseif (strtolower($_REQUEST['loc']) == "dbfile") {
$dbtbl = "";
if (isset($_REQUEST['dbtbl'])) {
$dbtbl = $_REQUEST['dbtbl'];
} else {
$dbtbl = _dbtable("files");
}
$sql = "SELECT file_name,file_type,file_data,file_size FROM {$dbtbl} WHERE ID=" . $_REQUEST['file'];
$result = _db()->executeQuery($sql);
if ($result) {
if (_db()->recordCount($result) > 0) {
$record = _db()->fetchData($result);
$darr = explode(".", $record["file_name"]);
$ext = $darr[sizeOf($darr) - 1];
printHeader($record["file_name"], $type);
echo $record["file_data"];
exit;
}
}
displayLocalImage("images/warning.png", "view");
} else {
displayLocalImage("images/forbidden.png", "view");
}
} else {
displayLocalImage("images/warning.png", "view");
}
exit;
function updateUser($attrs = array(), $userID = null, $site = SITENAME)
{
if (!isset($_SESSION['SESS_PRIVILEGE_ID']) || $_SESSION['SESS_PRIVILEGE_ID'] > ROLE_PRIME) {
$site = SITENAME;
$userID = $_SESSION['SESS_USER_ID'];
}
if ($userID == null && isset($_SESSION['SESS_USER_ID'])) {
$userID = $_SESSION['SESS_USER_ID'];
}
if (checkUserID($userID, $site)) {
$dataUser = $attrs;
$reqParams = explode(",", getConfig("USER_CREATE_REQUIRED_FIELDS"));
foreach ($reqParams as $vx) {
if (isset($dataUser[$vx]) && ($dataUser[$vx] == null || strlen($dataUser[$vx]) <= 0)) {
return array("error" => "Missing Field", "field" => $vx);
}
}
//Check PrivilegeID if required
if (isset($dataUser['privilegeid'])) {
$privilegeID = $dataUser['privilegeid'];
$sql = _db(true)->_selectQ(_dbTable("privileges", true), "count(*) as cnt")->_where(array("id" => $privilegeID))->_raw(" AND (site='" . SITENAME . "' OR site='*')");
$res = _dbQuery($sql, true);
if (!$res) {
return array("error" => "PrivilegeID Query Error");
}
$data = _dbData($res, true);
_dbFree($res, true);
if ($data[0]['cnt'] <= 0) {
return array("error" => "PrivilegeID Not Found This Site {$site}");
}
}
//Check AccessID if required
if (isset($dataUser['accessid'])) {
$accessID = $dataUser['accessid'];
$sql = _db(true)->_selectQ(_dbTable("access", true), "count(*) as cnt")->_where(array("blocked" => 'false', "id" => $accessID))->_raw(" AND (FIND_IN_SET('" . SITENAME . "',sites) OR sites='*')");
$res = _dbQuery($sql, true);
if (!$res) {
return array("error" => "AccessID Query Error");
}
$data = _dbData($res, true);
_dbFree($res, true);
if ($data[0]['cnt'] <= 0) {
return array("error" => "AccessID Not Found For This Site {$site}");
}
}
$sql = _db(true)->_updateQ(_dbtable("users", true), $dataUser, array("userid" => "{$userID}"));
$res = _dbQuery($sql, true);
if ($res) {
return true;
}
return array("error" => "Error In User Updating", "details" => _db(true)->get_error());
}
return array("error" => "UserID Not Found");
}
function get_hcm_security($date)
{
$session = currentSession($date);
$db = _db('eps');
$db->connect();
$db->query('call sp_current_security("' . $date . '")');
if ($result = $db->fetchAll()) {
$total_value = 0;
for ($i = 0; $i < count($result); $i++) {
$total_value += $result[$i]["session_one_price"] * $result[$i]["session_one_vol"] + $result[$i]["session_two_price"] * $result[$i]["session_two_vol"] + $result[$i]["Last"] * ($result[$i]["LastVol"] * 10 - $result[$i]["session_one_vol"] - $result[$i]["session_two_vol"]);
}
/*echo '3146795997.795688<br/>';
echo $total_value;
die();
$total_value /=10;*/
for ($i = 0; $i < count($result); $i++) {
$result[$i]["session_one_price"] = $result[$i]["session_one_price"];
$result[$i]["session_one_vol"] = $result[$i]["session_one_vol"] * 10;
$result[$i]["session_two_price"] = $result[$i]["session_two_price"];
$result[$i]["session_two_vol"] = $result[$i]["session_two_vol"] * 10;
$result[$i]["session_three_vol"] = $result[$i]["LastVol"] * 10 - $result[$i]["session_one_vol"] - $result[$i]["session_two_vol"];
$result[$i]["LastVal"] = $result[$i]["session_one_price"] * $result[$i]["session_one_vol"] * 10 + $result[$i]["session_two_price"] * $result[$i]["session_two_vol"] * 10 + $result[$i]["Last"] * $result[$i]["session_three_vol"] * 10;
if ($result[$i]["PriorClosePrice"] != 0) {
$result[$i]["percentage_change"] = round(($result[$i]["Last"] - $result[$i]["PriorClosePrice"]) / $result[$i]["PriorClosePrice"] * 100, 2);
} else {
$result[$i]["percentage_change"] = 0;
}
$result[$i]["PriorClosePrice"] = $result[$i]["PriorClosePrice"];
$result[$i]["last_change"] = "";
switch ($session) {
case "1":
// pre open price
$result[$i]["last_price"] = $result[$i]["ProjectOpen"];
if ($result[$i]["last_price"] != NULL && $result[$i]["last_price"] != "" && $result[$i]["last_price"] != 0) {
$result[$i]["last_change"] = $result[$i]["ProjectOpen"] - $result[$i]["PriorClosePrice"];
}
$result[$i]["last_volume"] = "";
break;
case "2":
// open price + last price
$result[$i]["last_price"] = $result[$i]["last"];
if ($result[$i]["last_price"] != NULL && $result[$i]["last_price"] != "" && $result[$i]["last_price"] != 0) {
$result[$i]["last_change"] = $result[$i]["Last"] - $result[$i]["PriorClosePrice"];
}
$result[$i]["last_volume"] = $result[$i]["LastVol"] * 10;
break;
case "3":
// pre close price
$result[$i]["last_price"] = $result[$i]["ProjectOpen"];
if ($result[$i]["last_price"] != NULL && $result[$i]["last_price"] != "" && $result[$i]["last_price"] != 0) {
$result[$i]["last_change"] = $result[$i]["ProjectOpen"] - $result[$i]["PriorClosePrice"];
}
$result[$i]["last_volume"] = "";
break;
case "0":
case "4":
case "5":
default:
// close price
$result[$i]["last_price"] = $result[$i]["Last"];
if ($result[$i]["last_price"] != NULL && $result[$i]["last_price"] != "" && $result[$i]["last_price"] != 0) {
$result[$i]["last_change"] = $result[$i]["Last"] - $result[$i]["PriorClosePrice"];
}
$result[$i]["last_volume"] = $result[$i]["LastVol"] * 10;
break;
}
if ($total_value != 0) {
$result[$i]["ratio"] = round($result[$i]["LastVal"] / $total_value * 10000, 2);
}
$result[$i]["LastVol"] = $result[$i]["LastVol"] * 10;
$result[$i]["change"] = $result[$i]["last_change"];
$result[$i]["unmatch_bid"] = ($result[$i]["Best1BidVolume"] + $result[$i]["Best2BidVolume"] + $result[$i]["Best3BidVolume"]) * 10;
$result[$i]["unmatch_offer"] = ($result[$i]["Best1OfferVolume"] + $result[$i]["Best2OfferVolume"] + $result[$i]["Best3OfferVolume"]) * 10;
}
$db->connect();
return $result;
}
$db->connect();
}
</div>
</div>
<br/>
<div class="form-inline">
<div class="form-group">
<label>Logiks Package</label>
<select class="form-control" name="package_id" id="package_id" value="<?php
if (isset($apiDetails['package_id'])) {
echo $apiDetails['package_id'];
}
?>
">
<?php
echo createDataSelector(_db(), "packages");
?>
</select>
</div>
</div>
<div id='form-buttons-bar' class="form-group form-buttons">
<button type="reset" class="btn btn-danger" id="cancel">Cancel</button>
<button type="submit" class="btn btn-default" id="submitApi">Submit</button>
</div>
</form>
<div style="display:none">
<form id='api_upload_form' method="post" enctype="multipart/form-data" action="<?php
echo SiteLocation;
?>
services/?scmd=api&site=<?php
/**
* function getGuideDetails returns the array of guide details of given id
* @param $id |md5()
* @return success/error
**/
function getGuideDetails($id)
{
$cols = " *,guides_tbl.type as category,guides_tbl.guide_group as subcategory";
$whr = "blocked='false' AND md5(id)='" . $id . "'";
$sql = _db()->_selectQ('guides_tbl', $cols, $whr);
$res = _dbQuery($sql);
$data = _dbFetch($res);
if (isset($data['author'])) {
$data['authorid'] = extractUserID($data['author']);
} else {
$data['authorid'] = "";
}
if (isset($data['creator'])) {
$data['creatorid'] = extractUserID($data['creator']);
} else {
$data['creatorid'] = "";
}
if ($data['authorid'] == $_SESSION['SESS_USER_ID'] || $data['creatorid'] == $_SESSION['SESS_USER_ID']) {
$data['editable'] = "true";
$data['edit_url'] = _link("guides") . "/edit/" . md5($data['id']);
} elseif (checkUserRoles("guides", "Allow Editing All Guides")) {
$data['editable'] = "true";
$data['edit_url'] = _link("guides") . "/edit/" . md5($data['id']);
} else {
$data['editable'] = "false";
}
if (checkUserRoles("guides", "Allow Editing All Guides")) {
$data['viewable'] = true;
} elseif ($data['status'] == "draft") {
if ($data['authorid'] == $_SESSION['SESS_USER_ID'] || $data['creatorid'] == $_SESSION['SESS_USER_ID']) {
$data['viewable'] = true;
} else {
$data['viewable'] = false;
}
} else {
$data['viewable'] = true;
}
return $data;
}
function belongToEPS($parent_id)
{
$db = _db();
$db->query('SELECT parent_id, news_alias FROM _prefix_news WHERE is_category=1 AND news_id=' . $parent_id);
if ($obj = $db->fetch()) {
if ($obj['news_alias'] == 'TINEPS') {
return true;
}
return belongToEPS($obj['parent_id']);
}
return false;
}
echo "<br/>\n<textarea name='notes_content' id='notes_content' class='textbox' cols='20' rows='4' style='width:140px'></textarea><br />\n";
echo "" . display_bbcodes("150px;", "notes_content", "notes_form", "smiley|b|u|url") . "";
echo "<input type='submit' id='notes_submit' name='notes_submit' class='button' value='" . $locale['note_02'] . "' />\n";
echo "</form>\n";
echo "</div><br />\n";
$result = dbquery("SELECT note_id, note_name, note_text, note_datestamp FROM " . DB_ADMIN_NOTES . " ORDER BY note_id DESC");
echo "<div class='admin_notes' id='notes_q'>";
echo "<div id='note_loading'></div>\n";
while ($data = dbarray($result)) {
echo "<div style='float:left' class='admin_note'>";
echo "<strong>" . $data['note_name'] . "</strong> ";
echo "<a id='" . $data['note_id'] . "' href='" . FUSION_SELF . "?id=" . $data['note_id'] . "'>";
echo "<img class='loding' src='" . get_image("cancel") . "' title='" . $locale['note_03'] . "?' alt='" . $locale['note_03'] . "?' style='border:0;margin:0;vertical-align:bottom;' />";
echo "</a><img src='' alt='' style='height:16px;width:0px;' /><br />";
echo "<div class='shoutboxdate'>" . showdate("%d %b %H:%M", $data['note_datestamp']) . "</div>";
echo "<div class='notify'>" . parseubb(parsesmileys($data['note_text']), "b|i|u|url") . "</div>";
echo "</div>";
}
echo "</div>";
closeside();
if (isset($_POST['submit']) && @$_SERVER['HTTP_X_REQUESTED_WITH'] === 'XMLHttpRequest') {
$content = trim(stripinput($_POST['content']));
$name = trim(stripinput($_POST['name']));
$ins = dbquery("INSERT INTO " . DB_ADMIN_NOTES . " (note_text, note_name, note_datestamp) VALUES (" . _db($content) . ", " . _db($name) . ", '" . time() . "')");
} elseif (isset($_GET['id']) && @$_SERVER['HTTP_X_REQUESTED_WITH'] === 'XMLHttpRequest') {
$id = trim(stripinput($_GET['id']));
$delete = dbquery("DELETE FROM " . DB_ADMIN_NOTES . " WHERE note_id=" . _db($id));
return $locale['note_04'];
}
}
require_once TEMPLATES . "footer.php";
