function setSettings($name, $value = "", $scope = "system") { if (is_file($value)) { $value = json_decode(file_get_contents($value), true); } if (strlen($name) <= 0 || !isset($_SESSION['SESS_USER_ID'])) { return $value; } $sql = _db(true)->_selectQ(_dbTable("settings", true), "name,settings")->_where(array("guid" => $_SESSION['SESS_GUID'], "userid" => $_SESSION['SESS_USER_ID'], "site" => SITENAME, "scope" => $scope, "name" => $name)); $res = _dbQuery($sql, true); if ($res) { $data = _dbData($res, true); _dbFree($res, true); if (isset($data[0])) { $data = array("settings" => $value); $q = _db(true)->_updateQ(_dbTable("settings", true), $data, array("guid" => $_SESSION['SESS_GUID'], "userid" => $_SESSION['SESS_USER_ID'], "site" => SITENAME, "scope" => strtolower($scope), "name" => $name)); _dbQuery($q, true); return $value; } } if (registerSettings($name, $value, $scope)) { return $value; } return false; }
function saveFeedback() { $feedback = array('name' => '', 'email' => '', 'subject' => '', 'message' => '', 'userid' => $_SESSION['SESS_USER_ID'], 'blocked' => 'false', 'dtoc' => date('Y-m-d H:i:s'), 'dtoe' => date('Y-m-d H:i:s')); foreach ($feedback as $k => $v) { if (isset($_POST[$k])) { $feedback[$k] = trim($_POST[$k]); } } $sql = _db()->_insertQ1('feedbacks', $feedback); $res = _dbQuery($sql); $id = _db()->insert_id(); if ($res) { _dbFree($res); //send email to admin $mailto = "*****@*****.**"; $mailfrom = "*****@*****.**"; $feedback_content = array("name" => $_REQUEST['name'], "email" => $_REQUEST['email'], "subject" => $_REQUEST['subject'], "message" => $_REQUEST['message']); $template = _template("feedback_admin", $profile); loadHelpers('email'); sendMail($mailto, " Feedback", $template, $mailfrom); return "success"; } else { return "error"; } }
function printContent($refID, $category = "", $silent = false, $autoCreate = false) { $sql = "SELECT title,category,text,blocked FROM " . _dbtable("contents") . " WHERE (ID='{$refID}' OR reflink='{$refID}')"; if (strlen($category) > 0) { $sql .= " AND category='{$category}'"; } $sql .= " AND (site='*' OR site='" . SITENAME . "')"; $rs = _dbQuery($sql); $data = _dbData($rs); _dbFree($rs); $text = ""; if (count($data) > 0) { if ($data[0]['blocked'] == "false") { $text = $data[0]['text']; } else { if (!$silent) { echo "<div class=divError>"; dispErrMessage("Page Content Currently Not Available For <i class='text2'>{$refID}</i><br/><br/>Visit Us Again ...", "Not Available!", "400", "notfound/file.png"); echo "</div>"; } } if (strlen($text) > 0) { echo $text; return $data[0]['title']; } else { if (!$silent) { echo "<div class=divError>"; dispErrMessage("Page Content Not Found For <i class='text2'>{$refID}</i>", "Content Not Found OR Missing !", "404", "notfound/file.png"); echo "</div>"; } return false; } } elseif ($autoCreate) { $date = date("Y-m-d"); $cols = "id,reflink,title,category,text,blocked,site,userid,doc,doe"; $vals = "0,'{$refID}','" . toTitle($refID) . "','{$category}','','false','" . SITENAME . "','auto','{$date}','{$date}'"; $sql = "INSERT INTO " . _dbtable("contents") . " ({$cols}) VALUES ({$vals})"; _dbQuery($sql); return true; } return false; }
function setSettings($name, $value = "", $scope = "default") { if (strlen($name) <= 0 || !isset($_SESSION['SESS_USER_ID'])) { return $defaultValue; } $sql = _db(true)->_selectQ(_dbTable("settings", true), "name,settings")->_where(array("userid" => $_SESSION['SESS_USER_ID'], "site" => SITENAME, "scope" => $scope, "name" => $name)); $res = _dbQuery($sql, true); if ($res) { $data = _dbData($res, true); _dbFree($res, true); if (isset($data[0])) { $data = array("settings" => $value); $q = _db(true)->_updateQ(_dbtable("settings", true), $data, array("userid" => $_SESSION['SESS_USER_ID'], "site" => SITENAME, "scope" => $scope, "name" => $name)); _dbQuery($q, true); return $value; } } if (registerSettings($name, $value, $scope)) { return $value; } return false; }
function updateUser($attrs = array(), $userID = null, $site = SITENAME) { if (!isset($_SESSION['SESS_PRIVILEGE_ID']) || $_SESSION['SESS_PRIVILEGE_ID'] > ROLE_PRIME) { $site = SITENAME; $userID = $_SESSION['SESS_USER_ID']; } if ($userID == null && isset($_SESSION['SESS_USER_ID'])) { $userID = $_SESSION['SESS_USER_ID']; } if (checkUserID($userID, $site)) { $dataUser = $attrs; $reqParams = explode(",", getConfig("USER_CREATE_REQUIRED_FIELDS")); foreach ($reqParams as $vx) { if (isset($dataUser[$vx]) && ($dataUser[$vx] == null || strlen($dataUser[$vx]) <= 0)) { return array("error" => "Missing Field", "field" => $vx); } } //Check PrivilegeID if required if (isset($dataUser['privilegeid'])) { $privilegeID = $dataUser['privilegeid']; $sql = _db(true)->_selectQ(_dbTable("privileges", true), "count(*) as cnt")->_where(array("id" => $privilegeID))->_raw(" AND (site='" . SITENAME . "' OR site='*')"); $res = _dbQuery($sql, true); if (!$res) { return array("error" => "PrivilegeID Query Error"); } $data = _dbData($res, true); _dbFree($res, true); if ($data[0]['cnt'] <= 0) { return array("error" => "PrivilegeID Not Found This Site {$site}"); } } //Check AccessID if required if (isset($dataUser['accessid'])) { $accessID = $dataUser['accessid']; $sql = _db(true)->_selectQ(_dbTable("access", true), "count(*) as cnt")->_where(array("blocked" => 'false', "id" => $accessID))->_raw(" AND (FIND_IN_SET('" . SITENAME . "',sites) OR sites='*')"); $res = _dbQuery($sql, true); if (!$res) { return array("error" => "AccessID Query Error"); } $data = _dbData($res, true); _dbFree($res, true); if ($data[0]['cnt'] <= 0) { return array("error" => "AccessID Not Found For This Site {$site}"); } } $sql = _db(true)->_updateQ(_dbtable("users", true), $dataUser, array("userid" => "{$userID}")); $res = _dbQuery($sql, true); if ($res) { return true; } return array("error" => "Error In User Updating", "details" => _db(true)->get_error()); } return array("error" => "UserID Not Found"); }
/** * function saveGuide insert/update guide into guides_tbl * @param null * @return success/error **/ function saveGuide() { if ($_REQUEST['id'] == '0') { $guide = array('title' => '', 'guide_group' => '', 'tags' => '', 'type' => '', 'summary' => '', 'guide_parser' => 'markitup', 'guide_txt' => '', 'author' => "{$_SESSION['SESS_USER_NAME']} [{$_SESSION['SESS_USER_ID']}]", 'creator' => "{$_SESSION['SESS_USER_NAME']} [{$_SESSION['SESS_USER_ID']}]", 'userid' => $_SESSION['SESS_USER_ID'], 'approved' => 'false', 'blocked' => 'false', 'dtoc' => date('Y-m-d H:i:s'), 'dtoe' => date('Y-m-d H:i:s')); foreach ($guide as $k => $v) { if (isset($_POST[$k])) { $guide[$k] = trim($_POST[$k]); } } $sql = _db()->_insertQ1('guides_tbl', $guide); $res = _dbQuery($sql); $id = _db()->insert_id(); _dbFree($res); if ($res) { $subcategory = str_replace(" ", "-", $_REQUEST[getConfig("SUBCATEGORY_GUIDES")]); $title = str_replace(" ", "-", $_REQUEST['title']); $guideLink = _link("guides/") . $_REQUEST[getConfig("CATEGORY_GUIDES")] . "/" . $subcategory . "." . $title . "-" . $id; return $guideLink; return "success"; } else { return "error"; } } else { $guide = array('title' => '', 'guide_group' => '', 'tags' => '', 'type' => '', 'status' => 'draft', 'summary' => '', 'guide_parser' => 'markitup', 'guide_txt' => '', 'author' => "{$_SESSION['SESS_USER_NAME']} [{$_SESSION['SESS_USER_ID']}]", 'approved' => 'false', 'userid' => $_SESSION['SESS_USER_ID'], 'dtoe' => date('Y-m-d H:i:s')); foreach ($guide as $k => $v) { if (isset($_POST[$k])) { $guide[$k] = trim($_POST[$k]); } } $whr = "md5(id)='" . $_REQUEST['id'] . "'"; $sql = _db()->_updateQ('guides_tbl', $guide, $whr); $res = _dbQuery($sql); _dbFree($res); if ($res) { $cols = "id"; $whr = "md5(id)='" . $_REQUEST['id'] . "'"; $sql = _db()->_selectQ('api_toc', $cols, $whr); $res = _dbQuery($sql); $data = _dbFetch($res); $subcategory = str_replace(" ", "-", $_REQUEST[getConfig("SUBCATEGORY_GUIDES")]); $title = str_replace(" ", "-", $_REQUEST['title']); $guideLink = _link("guides/") . $_REQUEST[getConfig("CATEGORY_GUIDES")] . "/" . $subcategory . "." . $title . "-" . $data['id']; return $guideLink; } else { return "error"; } } }
<?php if (!defined('ROOT')) { exit('No direct script access allowed'); } $sql = "SELECT * FROM " . _dbTable("links") . " WHERE menuid='header' AND (site='" . SITENAME . "' OR site='*') AND blocked='false' AND onmenu='true' AND (device='*')"; $res = _dbQuery($sql); if ($res) { $menuData = _dbData($res); _dbFree($res); } else { $menuData = array(); } ?> <style> .hea-navbar .dropdown-menu { margin-left: -150px; padding-top: 5px;padding-bottom: 5px; right: 0px;left: auto; } .hea-navbar .dropdown-menu li { display: block !important; float:none !important; } .hea-navbar .dropdown-menu a { padding-bottom: 0px; padding-top: 0px; width: 100%; line-height: 30px; } #header .toggle {display: none;}
/** * function saveExample insert/update api example into api_examples * @param null * @return success/error **/ function saveExample() { $eg_php = str_replace(PHP_EOL, '<br>', $_REQUEST['eg_php']); $eg_php = stripslashes($eg_php); if (isset($_REQUEST['api_id']) && $_REQUEST['api_id'] != 0) { $example = array("api_id" => $_REQUEST['api_id'], "tags" => $_REQUEST['tags'], "eg_descs" => stripslashes($_REQUEST['eg_descs']), "eg_php" => $eg_php, "eg_author" => "{$_SESSION['SESS_USER_NAME']} [{$_SESSION['SESS_USER_ID']}]", 'userid' => $_SESSION['SESS_USER_ID'], 'locked' => 'true', 'blocked' => 'false', 'dtoc' => date('Y-m-d H:i:s'), 'dtoe' => date('Y-m-d H:i:s')); $sql = _db()->_insertQ1('api_examples', $example); } elseif (isset($_REQUEST['eg_id'])) { $example = array("tags" => $_REQUEST['tags'], "eg_descs" => stripslashes($_REQUEST['eg_descs']), "eg_php" => $eg_php, "eg_author" => "{$_SESSION['SESS_USER_NAME']} [{$_SESSION['SESS_USER_ID']}]", 'userid' => $_SESSION['SESS_USER_ID'], 'locked' => 'true', 'blocked' => 'false', 'dtoe' => date('Y-m-d H:i:s')); $whr = "md5(id)='" . $_REQUEST['eg_id'] . "'"; $sql = _db()->_updateQ('api_examples', $example, $whr); } $res = _dbQuery($sql); _dbFree($res); if ($res) { return "success"; } else { return "error in query"; } }
function deleteAttachments() { //printArray($_POST); $error = array(); if (strlen($_POST['src']) == 0) { $_POST['src'] = "fs#attachments/"; } if (isset($_POST['forTable'])) { $forTable = $_POST['forTable']; } else { $forTable = ""; } if (isset($_POST['forIDCol'])) { $forIDCol = $_POST['forIDCol']; } else { $forIDCol = "id"; } if (isset($_POST['forIDVal'])) { $forIDVal = $_POST['forIDVal']; } else { $forIDVal = ""; } if (isset($_POST['name'])) { $targetCol = $_POST['name']; } else { $targetCol = ""; } if (isset($_POST['path'])) { $path = $_POST['path']; } else { $error["Error:FilePath"] = "FilePath Not Found."; return $error; } if (strpos("#" . $forTable, $GLOBALS["DBCONFIG"]["DB_SYSTEM"]) == 1) { $sysDb = true; } else { $sysDb = false; } if (strpos($_POST['src'], "fs#") === 0) { $storePath = substr($_POST['src'], 3); $storeType = "fs"; if (strlen($storePath) <= 0) { $storePath = "attachments/"; } } elseif (strpos($_POST['src'], "db#") === 0) { $storePath = substr($_POST['src'], 3); $storeType = "db"; if (strlen($storePath) <= 0) { $storePath = _dbtable("files"); } } else { $file['src'] = "fs#attachments/"; $storePath = substr($_POST['src'], 3); $storeType = "fs"; if (strlen($storePath) <= 0) { $storePath = "attachments/"; } } if ($storeType == "fs") { $targetPath = APPROOT . APPS_USERDATA_FOLDER . "{$path}"; if (file_exists($targetPath)) { $a = unlink($targetPath); if (!$a) { $error["Error:PhysicalDelete"] = "Target File Failed To Delete."; } } } elseif ($storeType == "db") { if (strpos("#" . $storePath, $GLOBALS["DBCONFIG"]["DB_SYSTEM"]) == 1) { $sysDb1 = true; } else { $sysDb1 = false; } $deleteQuery = "DELETE FROM {$storePath} WHERE id={$_POST['path']}"; _dbQuery($deleteQuery, $sysDb1); $cnt = _db($sysDb1)->affected_rows(); if ($cnt <= 0) { $sql = "SELECT count(*) as cnt FROM {$storePath} WHERE id='{$_POST['path']}'"; $res = _dbQuery($sql, $sysDb1); if ($res) { $des = _dbData($res); _dbFree($res, $sysDb1); if (isset($des[0]['cnt']) && $des[0]['cnt'] > 0) { $error["Error:DataDelete"] = "Source DBTable Failed To Update."; } } else { $error["Error:DataDelete"] = "Source DBTable Error Link."; } } } else { $error["Error:StorageType"] = "StorageType Not Supported."; } if (count($error) > 0) { if (isset($error["Error:PhysicalDelete"]) || isset($error["Error:DataDelete"])) { return $error; } } if (strlen($forTable) > 0 && strlen($forIDCol) > 0 && strlen($forIDVal) > 0 && strlen($targetCol) > 0) { $sqlUpdate = "UPDATE {$forTable} SET {$targetCol}=replace(replace({$targetCol},'{$path}',''),',,',',') WHERE {$forIDCol}='{$forIDVal}'"; //echo $sqlUpdate; _dbQuery($sqlUpdate, $sysDb); $cnt = _db($sysDb)->affected_rows(); if ($cnt <= 0) { $error["Error:UpdateTarget"] = "Target DBTable Failed To Update"; } } return $error; }
function updateUserEnv($userid) { clearUserEnv(); $sql = _db()->_selectQ("lgks_users", "userid as 'mailto-userid',name as 'mailto-name',email as 'mailto-email',mobile as 'mailto-mobile'") . " WHERE email='{$userid}'"; $res = _dbQuery($sql, true); $userInfo = _dbData($res); _dbFree($res); if (isset($userInfo[0])) { foreach ($userInfo[0] as $key => $value) { $_REQUEST[$key] = $value; } } }
function checkUserID($userid, $site = SITENAME) { if ($userid == "root") { return true; } if (!isset($_SESSION['SESS_PRIVILEGE_ID']) || $_SESSION['SESS_PRIVILEGE_ID'] > 2) { $site = SITENAME; } $sql = _db(true)->_selectQ(_dbTable("users", true), "count(*) as cnt")->_where(array("blocked" => 'false', "userid" => $userid)); $sql1 = _db(true)->_selectQ(_dbTable("access", true), "id")->_where(array("blocked" => 'false'))->_whereRAW(' (FIND_IN_SET("' . SITENAME . '",sites) OR sites="*")'); $sql = $sql->_query("accessid", $sql1); $res = _dbQuery($sql, true); if ($res) { $data = _dbData($res, true); _dbFree($res, true); return $data[0]['cnt'] > 0 ? true : false; } return false; }