function setSettings($name, $value = "", $scope = "system")
{
if (is_file($value)) {
$value = json_decode(file_get_contents($value), true);
}
if (strlen($name) <= 0 || !isset($_SESSION['SESS_USER_ID'])) {
return $value;
}
$sql = _db(true)->_selectQ(_dbTable("settings", true), "name,settings")->_where(array("guid" => $_SESSION['SESS_GUID'], "userid" => $_SESSION['SESS_USER_ID'], "site" => SITENAME, "scope" => $scope, "name" => $name));
$res = _dbQuery($sql, true);
if ($res) {
$data = _dbData($res, true);
_dbFree($res, true);
if (isset($data[0])) {
$data = array("settings" => $value);
$q = _db(true)->_updateQ(_dbTable("settings", true), $data, array("guid" => $_SESSION['SESS_GUID'], "userid" => $_SESSION['SESS_USER_ID'], "site" => SITENAME, "scope" => strtolower($scope), "name" => $name));
_dbQuery($q, true);
return $value;
}
}
if (registerSettings($name, $value, $scope)) {
return $value;
}
return false;
}
function saveFeedback()
{
$feedback = array('name' => '', 'email' => '', 'subject' => '', 'message' => '', 'userid' => $_SESSION['SESS_USER_ID'], 'blocked' => 'false', 'dtoc' => date('Y-m-d H:i:s'), 'dtoe' => date('Y-m-d H:i:s'));
foreach ($feedback as $k => $v) {
if (isset($_POST[$k])) {
$feedback[$k] = trim($_POST[$k]);
}
}
$sql = _db()->_insertQ1('feedbacks', $feedback);
$res = _dbQuery($sql);
$id = _db()->insert_id();
if ($res) {
_dbFree($res);
//send email to admin
$mailto = "*****@*****.**";
$mailfrom = "*****@*****.**";
$feedback_content = array("name" => $_REQUEST['name'], "email" => $_REQUEST['email'], "subject" => $_REQUEST['subject'], "message" => $_REQUEST['message']);
$template = _template("feedback_admin", $profile);
loadHelpers('email');
sendMail($mailto, " Feedback", $template, $mailfrom);
return "success";
} else {
return "error";
}
}
function printContent($refID, $category = "", $silent = false, $autoCreate = false)
{
$sql = "SELECT title,category,text,blocked FROM " . _dbtable("contents") . " WHERE (ID='{$refID}' OR reflink='{$refID}')";
if (strlen($category) > 0) {
$sql .= " AND category='{$category}'";
}
$sql .= " AND (site='*' OR site='" . SITENAME . "')";
$rs = _dbQuery($sql);
$data = _dbData($rs);
_dbFree($rs);
$text = "";
if (count($data) > 0) {
if ($data[0]['blocked'] == "false") {
$text = $data[0]['text'];
} else {
if (!$silent) {
echo "<div class=divError>";
dispErrMessage("Page Content Currently Not Available For <i class='text2'>{$refID}</i><br/><br/>Visit Us Again ...", "Not Available!", "400", "notfound/file.png");
echo "</div>";
}
}
if (strlen($text) > 0) {
echo $text;
return $data[0]['title'];
} else {
if (!$silent) {
echo "<div class=divError>";
dispErrMessage("Page Content Not Found For <i class='text2'>{$refID}</i>", "Content Not Found OR Missing !", "404", "notfound/file.png");
echo "</div>";
}
return false;
}
} elseif ($autoCreate) {
$date = date("Y-m-d");
$cols = "id,reflink,title,category,text,blocked,site,userid,doc,doe";
$vals = "0,'{$refID}','" . toTitle($refID) . "','{$category}','','false','" . SITENAME . "','auto','{$date}','{$date}'";
$sql = "INSERT INTO " . _dbtable("contents") . " ({$cols}) VALUES ({$vals})";
_dbQuery($sql);
return true;
}
return false;
}
function setSettings($name, $value = "", $scope = "default")
{
if (strlen($name) <= 0 || !isset($_SESSION['SESS_USER_ID'])) {
return $defaultValue;
}
$sql = _db(true)->_selectQ(_dbTable("settings", true), "name,settings")->_where(array("userid" => $_SESSION['SESS_USER_ID'], "site" => SITENAME, "scope" => $scope, "name" => $name));
$res = _dbQuery($sql, true);
if ($res) {
$data = _dbData($res, true);
_dbFree($res, true);
if (isset($data[0])) {
$data = array("settings" => $value);
$q = _db(true)->_updateQ(_dbtable("settings", true), $data, array("userid" => $_SESSION['SESS_USER_ID'], "site" => SITENAME, "scope" => $scope, "name" => $name));
_dbQuery($q, true);
return $value;
}
}
if (registerSettings($name, $value, $scope)) {
return $value;
}
return false;
}
function updateUser($attrs = array(), $userID = null, $site = SITENAME)
{
if (!isset($_SESSION['SESS_PRIVILEGE_ID']) || $_SESSION['SESS_PRIVILEGE_ID'] > ROLE_PRIME) {
$site = SITENAME;
$userID = $_SESSION['SESS_USER_ID'];
}
if ($userID == null && isset($_SESSION['SESS_USER_ID'])) {
$userID = $_SESSION['SESS_USER_ID'];
}
if (checkUserID($userID, $site)) {
$dataUser = $attrs;
$reqParams = explode(",", getConfig("USER_CREATE_REQUIRED_FIELDS"));
foreach ($reqParams as $vx) {
if (isset($dataUser[$vx]) && ($dataUser[$vx] == null || strlen($dataUser[$vx]) <= 0)) {
return array("error" => "Missing Field", "field" => $vx);
}
}
//Check PrivilegeID if required
if (isset($dataUser['privilegeid'])) {
$privilegeID = $dataUser['privilegeid'];
$sql = _db(true)->_selectQ(_dbTable("privileges", true), "count(*) as cnt")->_where(array("id" => $privilegeID))->_raw(" AND (site='" . SITENAME . "' OR site='*')");
$res = _dbQuery($sql, true);
if (!$res) {
return array("error" => "PrivilegeID Query Error");
}
$data = _dbData($res, true);
_dbFree($res, true);
if ($data[0]['cnt'] <= 0) {
return array("error" => "PrivilegeID Not Found This Site {$site}");
}
}
//Check AccessID if required
if (isset($dataUser['accessid'])) {
$accessID = $dataUser['accessid'];
$sql = _db(true)->_selectQ(_dbTable("access", true), "count(*) as cnt")->_where(array("blocked" => 'false', "id" => $accessID))->_raw(" AND (FIND_IN_SET('" . SITENAME . "',sites) OR sites='*')");
$res = _dbQuery($sql, true);
if (!$res) {
return array("error" => "AccessID Query Error");
}
$data = _dbData($res, true);
_dbFree($res, true);
if ($data[0]['cnt'] <= 0) {
return array("error" => "AccessID Not Found For This Site {$site}");
}
}
$sql = _db(true)->_updateQ(_dbtable("users", true), $dataUser, array("userid" => "{$userID}"));
$res = _dbQuery($sql, true);
if ($res) {
return true;
}
return array("error" => "Error In User Updating", "details" => _db(true)->get_error());
}
return array("error" => "UserID Not Found");
}
/**
* function saveGuide insert/update guide into guides_tbl
* @param null
* @return success/error
**/
function saveGuide()
{
if ($_REQUEST['id'] == '0') {
$guide = array('title' => '', 'guide_group' => '', 'tags' => '', 'type' => '', 'summary' => '', 'guide_parser' => 'markitup', 'guide_txt' => '', 'author' => "{$_SESSION['SESS_USER_NAME']} [{$_SESSION['SESS_USER_ID']}]", 'creator' => "{$_SESSION['SESS_USER_NAME']} [{$_SESSION['SESS_USER_ID']}]", 'userid' => $_SESSION['SESS_USER_ID'], 'approved' => 'false', 'blocked' => 'false', 'dtoc' => date('Y-m-d H:i:s'), 'dtoe' => date('Y-m-d H:i:s'));
foreach ($guide as $k => $v) {
if (isset($_POST[$k])) {
$guide[$k] = trim($_POST[$k]);
}
}
$sql = _db()->_insertQ1('guides_tbl', $guide);
$res = _dbQuery($sql);
$id = _db()->insert_id();
_dbFree($res);
if ($res) {
$subcategory = str_replace(" ", "-", $_REQUEST[getConfig("SUBCATEGORY_GUIDES")]);
$title = str_replace(" ", "-", $_REQUEST['title']);
$guideLink = _link("guides/") . $_REQUEST[getConfig("CATEGORY_GUIDES")] . "/" . $subcategory . "." . $title . "-" . $id;
return $guideLink;
return "success";
} else {
return "error";
}
} else {
$guide = array('title' => '', 'guide_group' => '', 'tags' => '', 'type' => '', 'status' => 'draft', 'summary' => '', 'guide_parser' => 'markitup', 'guide_txt' => '', 'author' => "{$_SESSION['SESS_USER_NAME']} [{$_SESSION['SESS_USER_ID']}]", 'approved' => 'false', 'userid' => $_SESSION['SESS_USER_ID'], 'dtoe' => date('Y-m-d H:i:s'));
foreach ($guide as $k => $v) {
if (isset($_POST[$k])) {
$guide[$k] = trim($_POST[$k]);
}
}
$whr = "md5(id)='" . $_REQUEST['id'] . "'";
$sql = _db()->_updateQ('guides_tbl', $guide, $whr);
$res = _dbQuery($sql);
_dbFree($res);
if ($res) {
$cols = "id";
$whr = "md5(id)='" . $_REQUEST['id'] . "'";
$sql = _db()->_selectQ('api_toc', $cols, $whr);
$res = _dbQuery($sql);
$data = _dbFetch($res);
$subcategory = str_replace(" ", "-", $_REQUEST[getConfig("SUBCATEGORY_GUIDES")]);
$title = str_replace(" ", "-", $_REQUEST['title']);
$guideLink = _link("guides/") . $_REQUEST[getConfig("CATEGORY_GUIDES")] . "/" . $subcategory . "." . $title . "-" . $data['id'];
return $guideLink;
} else {
return "error";
}
}
}
<?php
if (!defined('ROOT')) {
exit('No direct script access allowed');
}
$sql = "SELECT * FROM " . _dbTable("links") . " WHERE menuid='header' AND (site='" . SITENAME . "' OR site='*') AND blocked='false' AND onmenu='true' AND (device='*')";
$res = _dbQuery($sql);
if ($res) {
$menuData = _dbData($res);
_dbFree($res);
} else {
$menuData = array();
}
?>
<style>
.hea-navbar .dropdown-menu {
margin-left: -150px;
padding-top: 5px;padding-bottom: 5px;
right: 0px;left: auto;
}
.hea-navbar .dropdown-menu li {
display: block !important;
float:none !important;
}
.hea-navbar .dropdown-menu a {
padding-bottom: 0px;
padding-top: 0px;
width: 100%;
line-height: 30px;
}
#header .toggle {display: none;}
/**
* function saveExample insert/update api example into api_examples
* @param null
* @return success/error
**/
function saveExample()
{
$eg_php = str_replace(PHP_EOL, '<br>', $_REQUEST['eg_php']);
$eg_php = stripslashes($eg_php);
if (isset($_REQUEST['api_id']) && $_REQUEST['api_id'] != 0) {
$example = array("api_id" => $_REQUEST['api_id'], "tags" => $_REQUEST['tags'], "eg_descs" => stripslashes($_REQUEST['eg_descs']), "eg_php" => $eg_php, "eg_author" => "{$_SESSION['SESS_USER_NAME']} [{$_SESSION['SESS_USER_ID']}]", 'userid' => $_SESSION['SESS_USER_ID'], 'locked' => 'true', 'blocked' => 'false', 'dtoc' => date('Y-m-d H:i:s'), 'dtoe' => date('Y-m-d H:i:s'));
$sql = _db()->_insertQ1('api_examples', $example);
} elseif (isset($_REQUEST['eg_id'])) {
$example = array("tags" => $_REQUEST['tags'], "eg_descs" => stripslashes($_REQUEST['eg_descs']), "eg_php" => $eg_php, "eg_author" => "{$_SESSION['SESS_USER_NAME']} [{$_SESSION['SESS_USER_ID']}]", 'userid' => $_SESSION['SESS_USER_ID'], 'locked' => 'true', 'blocked' => 'false', 'dtoe' => date('Y-m-d H:i:s'));
$whr = "md5(id)='" . $_REQUEST['eg_id'] . "'";
$sql = _db()->_updateQ('api_examples', $example, $whr);
}
$res = _dbQuery($sql);
_dbFree($res);
if ($res) {
return "success";
} else {
return "error in query";
}
}
function deleteAttachments()
{
//printArray($_POST);
$error = array();
if (strlen($_POST['src']) == 0) {
$_POST['src'] = "fs#attachments/";
}
if (isset($_POST['forTable'])) {
$forTable = $_POST['forTable'];
} else {
$forTable = "";
}
if (isset($_POST['forIDCol'])) {
$forIDCol = $_POST['forIDCol'];
} else {
$forIDCol = "id";
}
if (isset($_POST['forIDVal'])) {
$forIDVal = $_POST['forIDVal'];
} else {
$forIDVal = "";
}
if (isset($_POST['name'])) {
$targetCol = $_POST['name'];
} else {
$targetCol = "";
}
if (isset($_POST['path'])) {
$path = $_POST['path'];
} else {
$error["Error:FilePath"] = "FilePath Not Found.";
return $error;
}
if (strpos("#" . $forTable, $GLOBALS["DBCONFIG"]["DB_SYSTEM"]) == 1) {
$sysDb = true;
} else {
$sysDb = false;
}
if (strpos($_POST['src'], "fs#") === 0) {
$storePath = substr($_POST['src'], 3);
$storeType = "fs";
if (strlen($storePath) <= 0) {
$storePath = "attachments/";
}
} elseif (strpos($_POST['src'], "db#") === 0) {
$storePath = substr($_POST['src'], 3);
$storeType = "db";
if (strlen($storePath) <= 0) {
$storePath = _dbtable("files");
}
} else {
$file['src'] = "fs#attachments/";
$storePath = substr($_POST['src'], 3);
$storeType = "fs";
if (strlen($storePath) <= 0) {
$storePath = "attachments/";
}
}
if ($storeType == "fs") {
$targetPath = APPROOT . APPS_USERDATA_FOLDER . "{$path}";
if (file_exists($targetPath)) {
$a = unlink($targetPath);
if (!$a) {
$error["Error:PhysicalDelete"] = "Target File Failed To Delete.";
}
}
} elseif ($storeType == "db") {
if (strpos("#" . $storePath, $GLOBALS["DBCONFIG"]["DB_SYSTEM"]) == 1) {
$sysDb1 = true;
} else {
$sysDb1 = false;
}
$deleteQuery = "DELETE FROM {$storePath} WHERE id={$_POST['path']}";
_dbQuery($deleteQuery, $sysDb1);
$cnt = _db($sysDb1)->affected_rows();
if ($cnt <= 0) {
$sql = "SELECT count(*) as cnt FROM {$storePath} WHERE id='{$_POST['path']}'";
$res = _dbQuery($sql, $sysDb1);
if ($res) {
$des = _dbData($res);
_dbFree($res, $sysDb1);
if (isset($des[0]['cnt']) && $des[0]['cnt'] > 0) {
$error["Error:DataDelete"] = "Source DBTable Failed To Update.";
}
} else {
$error["Error:DataDelete"] = "Source DBTable Error Link.";
}
}
} else {
$error["Error:StorageType"] = "StorageType Not Supported.";
}
if (count($error) > 0) {
if (isset($error["Error:PhysicalDelete"]) || isset($error["Error:DataDelete"])) {
return $error;
}
}
if (strlen($forTable) > 0 && strlen($forIDCol) > 0 && strlen($forIDVal) > 0 && strlen($targetCol) > 0) {
$sqlUpdate = "UPDATE {$forTable} SET {$targetCol}=replace(replace({$targetCol},'{$path}',''),',,',',') WHERE {$forIDCol}='{$forIDVal}'";
//echo $sqlUpdate;
_dbQuery($sqlUpdate, $sysDb);
$cnt = _db($sysDb)->affected_rows();
if ($cnt <= 0) {
$error["Error:UpdateTarget"] = "Target DBTable Failed To Update";
}
}
return $error;
}
function updateUserEnv($userid)
{
clearUserEnv();
$sql = _db()->_selectQ("lgks_users", "userid as 'mailto-userid',name as 'mailto-name',email as 'mailto-email',mobile as 'mailto-mobile'") . " WHERE email='{$userid}'";
$res = _dbQuery($sql, true);
$userInfo = _dbData($res);
_dbFree($res);
if (isset($userInfo[0])) {
foreach ($userInfo[0] as $key => $value) {
$_REQUEST[$key] = $value;
}
}
}
function checkUserID($userid, $site = SITENAME)
{
if ($userid == "root") {
return true;
}
if (!isset($_SESSION['SESS_PRIVILEGE_ID']) || $_SESSION['SESS_PRIVILEGE_ID'] > 2) {
$site = SITENAME;
}
$sql = _db(true)->_selectQ(_dbTable("users", true), "count(*) as cnt")->_where(array("blocked" => 'false', "userid" => $userid));
$sql1 = _db(true)->_selectQ(_dbTable("access", true), "id")->_where(array("blocked" => 'false'))->_whereRAW(' (FIND_IN_SET("' . SITENAME . '",sites) OR sites="*")');
$sql = $sql->_query("accessid", $sql1);
$res = _dbQuery($sql, true);
if ($res) {
$data = _dbData($res, true);
_dbFree($res, true);
return $data[0]['cnt'] > 0 ? true : false;
}
return false;
}
