Esempio n. 1
1
 function set_cover_photo($pid, $cid, $myaccount = false)
 {
     global $db, $userquery, $cbphoto;
     if (!$this->collection_exists($cid)) {
         e(lang('collection_not_exists'));
         return false;
     }
     if (!$this->object_exists($pid)) {
         e(lang(sprintf('%s does not exist', $this->objType)));
         return false;
     }
     if (!$this->object_in_collection($pid, $cid)) {
         e(sprintf(lang("object_not_in_collect"), $this->objName));
         return false;
     }
     if (!$this->is_collection_owner($cid) || userid() != $cbphoto->get_photo_owner($pid)) {
         e(lang('cant_perform_action_collect'));
         return false;
     }
     $fields = tbl_fields(array('p' => get_photo_fields(), 'c' => get_collection_fields()));
     $query = ' SELECT ' . $fields . ' FROM ' . tbl('collections') . ' as c';
     $query .= " LEFT JOIN " . tbl('photos') . " as p ON c.collection_id = p.collection_id ";
     start_where();
     add_where(" c.collection_id = '{$cid}' ");
     add_where(" p.photo_id = '{$pid}' ");
     if (get_where()) {
         $query .= ' WHERE ' . get_where();
     }
     end_where();
     $result = db_select($query);
     if ($myaccount) {
         if ($result['is_avatar'] == 'yes' || $result['is_avatar_collection'] == 'yes') {
             return false;
         }
     }
     $cover_photo = json_decode($result['cover_photo'], true);
     if ($pid == $cover_photo['photo_id']) {
         $update = true;
     } else {
         //Create array so we can reduce one query per collection YOSH !!!
         $result = $result[0];
         $cover_photo['photo_id'] = $result['photo_id'];
         $cover_photo['photo_key'] = $result['photo_key'];
         $cover_photo['filename'] = $result['filename'];
         $cover_photo['ext'] = $result['ext'];
         $cover_photo['is_collection_cover'] = true;
         // This flag will help us make a query to get is_mature for cover photo while displaying
         $jecp = json_encode($cover_photo);
         $field = array('cover_photo' => $jecp);
         $update = db_update(tbl('collections'), $field, " collection_id = '" . $result['collection_id'] . "' ");
     }
     if ($update) {
         return $cover_photo;
     } else {
         return false;
     }
 }
Esempio n. 2
0
function get_user_profile_field($userid, $field)
{
    if (user_exists($userid)) {
        $query = "SELECT user_profile." . $field . " FROM " . cb_sql_table('user_profile');
        start_where();
        add_where(" user_profile.userid = '" . $userid . "' ");
        $query .= " WHERE " . get_where();
        end_where();
        $results = db_select($query);
        if ($results) {
            return $results[0][$field];
        } else {
            return false;
        }
    }
}
Esempio n. 3
0
/**
 * myaccount dashboard, recent video comments widget
 * 
 * @global object $userquery
 * @param array $widget
 * @return string
 */
function account_dashboard_recent_video_comments($widget)
{
    global $userquery;
    if (!userid()) {
        return false;
    }
    $configs = get_dashboard_widget_configs($widget['id']);
    $no_of_comments = $configs['number_of_comments'] ? $configs['number_of_comments'] : 15;
    $no_of_days = $configs['number_of_days'] ? $configs['number_of_days'] : 8;
    if ($userquery->udetails['total_videos'] > 0) {
        $fields = array('video' => array('videoid', 'videokey', 'title', 'description', 'views'), 'users' => get_user_fields(), 'comments' => array('comment_id', 'type', 'comment', 'userid', 'type_id', 'type_owner_id', 'date_added'));
        $fields = tbl_fields($fields);
        $query = "SELECT {$fields}  FROM " . tbl('comments') . " AS comments ";
        $query .= "LEFT JOIN " . tbl('video') . " AS video ON " . 'comments.type_id' . " = " . 'video.videoid' . " ";
        $query .= "LEFT JOIN " . tbl('users') . " AS users ON " . 'comments.userid' . " = " . 'users.userid' . " ";
        start_where();
        add_where(" " . 'comments.type_owner_id' . " = " . userid());
        add_where(" " . 'comments.type' . " = 'v' ");
        add_where(" " . 'comments.userid' . " <> " . userid());
        add_where(" " . 'comments.date_added' . " BETWEEN SYSDATE() - INTERVAL {$no_of_days} DAY AND SYSDATE() ");
        if (get_where()) {
            $query .= " WHERE " . get_where();
        }
        end_where();
        $query .= " ORDER BY " . 'comments.date_added' . " DESC LIMIT {$no_of_comments}";
        $comments = db_select($query);
    }
    // Comment Template
    $params['file'] = 'blocks/account/dashboard_comments.html';
    $params['widget'] = $widget;
    $params['comments'] = $comments;
    $params['configs'] = $configs;
    return fetch_template_file($params);
}
$password = generateRandomString('5');
echo $password;
//Hash the password provided
$hash = encryptPassword($password);
//Save new password for user
//If already exists, then update password and if not insert record
$params = array();
$response = null;
$params = add_where('idPerson', $id, $params);
$response = select_from_table('password', 'idPerson', $params);
//echo $response;
if (empty(json_decode($response, true))) {
    //Insert
    $record = array();
    $records = array();
    $record = add_field('idPerson', $id, $record);
    $record = add_field('password', $hash, $record);
    $record = add_field('misses', "0", $record);
    $record = add_field('locked', "0", $record);
    array_push($records, $record);
    insert_into_table('password', $records);
} else {
    //Modify
    $update = array();
    $where = array();
    $update = add_field("password", $hash, $update);
    $update = add_field("misses", "0", $update);
    $update = add_field("locked", "0", $update);
    $where = add_where("idPerson", $id, $where);
    modify_record('password', $update, $where);
}
<?php

require_once '..\\utilities\\functions.php';
header('Access-Control-Allow-Origin: *');
$where = array();
$table = null;
$fields = "all";
while ($value = current($_GET)) {
    $key = key($_GET);
    switch ($key) {
        case 'table':
            $table = $value;
            break;
        case 'fields':
            $fields = $value;
            break;
        default:
            $where = add_where($key, $value, $where);
            break;
    }
    next($_GET);
}
$response = select_from_table($table, $fields, $where);
echo $response;
<?php

require_once '..\\utilities\\functions.php';
header('Access-Control-Allow-Origin: *');
//  Define Table
$table = 'person';
//Build Fields and Values to insert
$update = array();
$where = array();
//Fields with new values
$update = add_field("address1", "1220 Topeka Ice Cream Lane", $update);
//Table selection for the record(s) to be updated
$where = add_where("nameLast", "Lee", $where);
//echo json_encode($update). "<br>";
modify_record($table, $update, $where);
/**
 * Function used to get video being processed
 */
function get_video_being_processed($filename = NULL, $active = 'yes')
{
    global $db;
    $ct = tbl('conversion_queue');
    $vt = tbl("video");
    $fields = $ct . '.*,' . $ct . '.status AS queue_status';
    $fields .= "," . $vt . ".*";
    $query = "SELECT {$fields} FROM " . $ct;
    $query .= " LEFT JOIN " . $vt . " ON ";
    $query .= $vt . ".file_name=" . $ct . ".queue_name";
    start_where();
    if ($filename) {
        add_where(" queue_name='{$filename}'  ");
    }
    if ($active) {
        add_where($ct . ".active='{$active}'  ");
    }
    if (get_where()) {
        $query .= " WHERE " . get_where();
    }
    $results = db_select($query);
    end_where();
    $queues = array();
    if ($results) {
        foreach ($results as $queue) {
            //Get Files of the qeueue...
            $queue['files'] = get_video_files($filename);
            $queues[] = $queue;
        }
    }
    return $queues;
}
Esempio n. 8
0
$email = $_POST["email"];
$namefirst = $_POST["namefirst"];
$namelast = $_POST["namelast"];
$sex = $_POST["sex"];
//First, check if user already exists
$table = 'person';
$where = add_where("email", $email, $where = array());
$fields = array("namelast", "namefirst");
$response = select_from_table($table, $fields, $where);
// Then add the user to the person table with only the e-mail address
if (!empty($response)) {
    $record = array();
    $records = array();
    $record = add_field("email", $email, $record);
    $record = add_field("nameFirst", $namefirst, $record);
    $record = add_field("nameLast", $namelast, $record);
    $record = add_field("sex", $sex, $record);
    array_push($records, $record);
    insert_into_table($table, $records);
    // Then select the unique ID that was created in previous step
    unset($where);
    unset($fields);
    unset($response);
    $where = add_where("email", $email, $where = array());
    $fields = array("namelast", "namefirst");
    $response = select_from_table($table, $fields, $where);
    // Now add the password to the password table with unique ID assigned
} else {
    //only update password
    echo 'user exists' . json_encode($response);
}
Esempio n. 9
0
            break;
        }
    case 'course_page':{
            add_where($where, " keep_alive>'$now_time' and now_playing_type=25 order by id");
            break;
        }
    case 'infoportal':{
            add_where($where, " keep_alive>'$now_time' and now_playing_type>=20 and now_playing_type<=29 order by id");
            break;
        }
    case 'tv_archive':{
            add_where($where, " keep_alive>'$now_time' and now_playing_type=11 order by id");
            break;
        }
    case 'records':{
            add_where($where, " keep_alive>'$now_time' and now_playing_type=12 order by id");
            break;
        }
    case 'none':{
        }
    default:{
        
    }
}
//echo $where;
$query = "select * from users $where";

$rs = $db->executeQuery($query);
$total_items = $rs->getRowCount();

$page_offset=$page*$MAX_PAGE_ITEMS;
if (!isset($password)) {
    echo "No Password";
    return "No Password provided for {$email} try again";
}
//If ID is not set and e-mail is set then get ID
if (!isset($id) and isset($email)) {
    $params = add_where('email', $email, $params = array());
    $response = select_from_table('person', 'idPerson', $params);
    $response = json_decode($response, true);
    if (!empty($response)) {
        $id = $response[0]['idPerson'];
    }
}
//If ID is not set, then exit with message
if (!isset($id)) {
    echo "E-Mail {$email} does not exist";
}
//Get current password
$params = add_where('idPerson', $id, $params = array());
$response = select_from_table('password', 'password', $params);
$response = json_decode($response, true);
if (!empty($response)) {
    $oldPassword = $response[0]['password'];
} else {
    echo "Password was never set";
}
//Validate the password
$valid = validatePassword($oldPassword, $password, $id);
//echo 'The validation is: '.$valid;
return $valid;
//dummy comment
/**
 * This confirms that whether user was previously subscribed to
 * content or not.
 * 
 * If user is subscribing for the first time, call <code>do_subscription_inital_actions</code>
 * 
 * @author Fawaz Tahir <*****@*****.**>
 * @param int $sub_id
 * @param string $type
 * @return boolean
 */
function was_user_subscribed_to_content($sub_id, $type)
{
    $query = " SELECT subscription_content_id FROM " . cb_sql_table('subscriptions_content');
    start_where();
    add_where(" subscriptions_content.subscription_id = '" . $sub_id . "' ");
    add_where(" subscriptions_content.content_type = '" . $type . "' ");
    $query .= " WHERE" . get_where();
    end_where();
    $query .= " ORDER BY subscriptions_content.date_added DESC LIMIT 1";
    $result = db_select($query);
    if ($result) {
        return true;
    } else {
        return false;
    }
}
<?php

require_once '..\\utilities\\functions.php';
//  Define Table
$table = 'person';
$email = $_POST['email'];
//Build Fields and Values to insert
$record = array();
$record = add_where("email", $email, $record);
delete_from_table($table, $record);
Esempio n. 13
0
function get_comments($array = NULL)
{
    $configs = array('order' => 'date_added DESC', 'get_children' => true);
    $configs = array_merge($configs, $array);
    $valid_configs = array('type_id', 'limit', 'type', 'get_children', 'only_parents', 'parent_id', 'order', 'get_children');
    $the_configs = array();
    foreach ($valid_configs as $config) {
        $the_configs[$config] = $configs[$config];
    }
    extract($the_configs);
    $type_id = mysql_clean($type_id);
    $type = mysql_clean($type);
    $limit = mysql_clean($limit);
    $order = mysql_clean($order);
    $parent_id = mysql_clean($parent_id);
    $userid = mysql_clean($userid);
    //List of user fields we need to show with the comment
    $userfields = array('username', 'email', 'userid', 'avatar', 'avatar_url');
    //Applying filters...
    $userfields = apply_filters($userfields, 'comment_user_fields');
    $ufields = '';
    foreach ($userfields as $userfield) {
        $ufields .= ',';
        $ufields .= tbl('users.' . $userfield);
    }
    $query = "SELECT " . tbl('comments.*') . $ufields . " FROM " . tbl('comments');
    $query .= " LEFT JOIN " . tbl('users') . " ON " . tbl('comments.userid');
    $query .= " = " . tbl('users.userid');
    start_where();
    if ($type) {
        add_where("type='" . $type . "'");
    }
    if ($type_id) {
        add_where("type_id='" . $type_id . "'");
    }
    if ($parent_id && !$only_parents) {
        add_where("parent_id='{$parent_id}'");
    }
    if ($userid) {
        add_where("userid='{$userid}' ");
    }
    if ($only_parents) {
        add_where("parent_id='0'");
    }
    if (get_where()) {
        $query .= " WHERE " . get_where();
    }
    end_where();
    if ($order) {
        $query .= " ORDER BY  " . $order;
    }
    if ($limit) {
        $query .= " LIMIT " . $limit;
    }
    $comments = db_select($query);
    $the_comments = array();
    if ($comments) {
        foreach ($comments as $comment) {
            if ($comment['get_children'] && $comment['has_children']) {
                $child_array = array('parent_id' => $comment['comment_id'], 'type' => $array['type'], 'type_id' => $array['type_id']);
                $children = get_comments($child_array);
                if ($children) {
                    $comment['children'] = $children;
                }
            }
            $the_comments[] = $comment;
        }
    }
    return $the_comments;
}
<?php

require_once '..\\utilities\\functions.php';
//Build where statement.  This is an AND
$where = add_where("sex", "M", $where = array());
$where = add_where("namelast", "Smith", $where = array());
// List fields or define field as NULL
$fields = array("namelast", "namefirst", "birthdate");
//$fields = null;
$response = select_from_table('person', $fields, $where);
echo $response;
Esempio n. 15
0
 /**
  * Get thread along with all the details..
  * 
  * @param INT $thread_id
  * @param ARRAY $thread
  */
 function get_thread($tid)
 {
     $tid = mysql_clean($tid);
     $fields_array = array('t' => array('thread_id', 'total_recipients', 'total_messages', 'date_added', 'time_added', 'last_message_date', 'main_recipients', 'last_message', 'subject'), 'r' => array('recipient_id'));
     $the_fields = tbl_fields($fields_array);
     $thread_id = $tid;
     $query = "  SELECT {$the_fields} FROM " . tbl('recipients') . " as r";
     $query .= " INNER JOIN " . tbl('threads') . ' as t ON ';
     $query .= ' t.thread_id=r.thread_id ';
     start_where();
     if ($o['userid']) {
         add_where("r.userid='" . $o['userid'] . "'");
     } elseif (userid()) {
         add_where("r.userid='" . userid() . "'");
     } else {
         return false;
     }
     add_where("r.thread_id='" . $tid . "'");
     if (get_where()) {
         $query .= " WHERE " . get_where();
     }
     end_where();
     $query .= " LIMIT 1 ";
     $results = db_select($query);
     if ($results) {
         return $results[0];
     } else {
         return false;
     }
 }
Esempio n. 16
0
        add_where($where, " keep_alive>'{$now_time}' and now_playing_type=24 order by id");
        break;
    case 'course_page':
        add_where($where, " keep_alive>'{$now_time}' and now_playing_type=25 order by id");
        break;
    case 'infoportal':
        add_where($where, " keep_alive>'{$now_time}' and now_playing_type>=20 and now_playing_type<=29 order by id");
        break;
    case 'tv_archive':
        add_where($where, " keep_alive>'{$now_time}' and now_playing_type=11 order by id");
        break;
    case 'records':
        add_where($where, " keep_alive>'{$now_time}' and now_playing_type=12 order by id");
        break;
    case 'timeshift':
        add_where($where, " keep_alive>'{$now_time}' and now_playing_type=14 order by id");
        break;
    case 'none':
    default:
}
//echo $where;
$query = "select * from users {$where}";
$total_items = Mysql::getInstance()->query($query)->count();
$page_offset = $page * $MAX_PAGE_ITEMS;
$total_pages = (int) ($total_items / $MAX_PAGE_ITEMS + 0.999999);
if (!$where) {
    $where = 'order by id';
}
$query = "select users.*, tariff_plan.name as tariff_plan_name from users left join tariff_plan on tariff_plan.id=tariff_plan_id {$where} LIMIT {$page_offset}, {$MAX_PAGE_ITEMS}";
//echo $query;
$users = Mysql::getInstance()->query($query);
Esempio n. 17
0
checkbox($started, 'started', "Started");
checkbox($fixed, 'fixed', "Fixed");
checkbox($fixreleased, 'fixreleased', "Fix Released");
checkbox($javabug, 'javabug', "Java Bugs");
echo '</div>' . PHP_EOL;
//echo '<input type="submit" value="Submit">'.PHP_EOL;
echo '</form>' . PHP_EOL;
echo "<hr>" . PHP_EOL;
$sql = "SELECT * FROM " . table();
$and = false;
if ($version != 'All' || $java != 'All' || $os != 'All' || $wontfix || $reopened || $new || $accepted || $started || $fixed || $fixreleased || $javabug) {
    $sql = $sql . " WHERE ";
}
add_where($sql, $and, $version, 'version');
add_where($sql, $and, $java, 'java');
add_where($sql, $and, $os, 'os');
checkbox_where($sql, $and, $wontfix, '-2');
checkbox_where($sql, $and, $reopened, '-1');
checkbox_where($sql, $and, $new, '0');
checkbox_where($sql, $and, $accepted, '1');
checkbox_where($sql, $and, $started, '2');
checkbox_where($sql, $and, $fixed, '3');
checkbox_where($sql, $and, $fixreleased, '4');
search_where($sql, $and, $javabug, 'log', 'net.nikr');
$sql = $sql . " ORDER BY {$order} {$desc}";
$statement = $dbh->prepare($sql);
$statement->execute();
$rows = $statement->fetchAll(PDO::FETCH_ASSOC);
foreach ($rows as &$row) {
    echo '<div style="width: 400px; float: left;">' . PHP_EOL;
    switch ($row['status']) {