function handle_submit()
{
global $selected_id, $Mode;
$ok = true;
if ($selected_id != -1) {
// make from_date start of month and to_date a year minus one day later
$_POST['from_date'] = start_month($_POST['from_date']);
$_POST['to_date'] = end_month(add_months($_POST['from_date'], 11));
if ($_POST['closed'] == 1) {
if (check_years_before($_POST['from_date'], false)) {
display_error(_("Cannot CLOSE this year because there are open fiscal years before"));
set_focus('closed');
return false;
}
$ok = close_year($selected_id);
} else {
open_year($selected_id);
}
if ($ok) {
update_fiscalyear($selected_id, $_POST['from_date'], $_POST['to_date'], $_POST['closed']);
display_notification(_('Selected fiscal year has been updated'));
}
} else {
if (!check_data()) {
return false;
}
add_fiscalyear($_POST['from_date'], $_POST['to_date'], $_POST['closed']);
display_notification(_('New fiscal year has been added'));
}
$Mode = 'RESET';
}
function stampa($cf, $scoid)
{
$query = "SELECT *\n\t\t\tFROM jos_comprofiler_2011\n\t\t\tWHERE cb_codicefiscale='" . $cf . "'\n\t\t\tLIMIT 1\n\t\t\t";
$db_query = mysql_query($query) or die(mysql_error());
$riga = mysql_fetch_array($db_query);
//$riga=$riga[0];
$firstname = $riga['firstname'];
$lastname = $riga['lastname'];
$nome = $lastname . " " . $firstname;
$professione = $riga['cb_professionedisciplina'];
$datanascita = substr($riga['cb_datadinascita'], 8, 2) . "-" . substr($riga['cb_datadinascita'], 5, 2) . "-" . substr($riga['cb_datadinascita'], 0, 4);
$luogonascita = $riga['cb_luogodinascita'];
$pdf =& new Cezpdf('a4');
$pdf->ezImage("header.jpg", -3, 500, 20, 'left');
$pdf->selectFont('./fonts/Helvetica.afm');
$pdf->ezSetCmMargins(2, 2, 2, 2);
//stampo il titolo
$text = "\n <b>Programma nazionale per la formazione continua degli operatori della Sanita'</b> \n \n";
$pdf->ezText($text, 12, array('justification' => 'center', 'spacing' => '1.5'));
//stampo l'introduzione
$text = "Premesso che la <b>Commissione Nazionale per la Formazione Continua</b> ha accreditato provvisoriamente il Provider <b>GGALLERY SRL</b> accreditamento n. <b>39</b> valido fino al 22/04/2012 Premesso che il Provider ha organizzato l'evento formativo n. <b>39-1012</b>, edizione n. 0 denominato \n <b>LA COMUNICAZIONE EFFICACE IN FARMACIA PER UN CORRETTO APPROCCIO RELAZIONALE CON IL PAZIENTE</b> e tenutosi dal <b>15/01/2011</b> al <b>31/12/2011</b>, avente come obiettivi didattico/formativo generali: <i>ASPETTI RELAZIONALI (COMUNICAZIONE INTERNA, ESTERNA, CON PAZIENTE) E UMANIZZAZIONE CURE</i>, assegnando all'evento stesso N.<b> 10</b> (dieci) Crediti Formativi E.C.M.";
$pdf->ezText($text, 11, array('justification' => 'centre', 'spacing' => '1.5'));
$text = "\n \n \n\tIl sottoscritto <b>PAOLO MACRI'</b> \n \n\tRappresentate Legale dell'organizzatore \n\n\tVerificato l'apprendimento del partecipante \n\n\t<b> ATTESTA CHE </b> \n\n\til Dott./la Dott.ssa \n\n\t<b> {$nome} </b> \n\n\tin qualita' di {$professione} \n \n\tnato a {$luogonascita} \n\n\til {$datanascita} \n\n\tha conseguito \n \n\tN. 10 (dieci) Crediti formativi per l'anno 2011\n\t\n ";
$pdf->ezText($text, 11, array('justification' => 'centre', 'spacing' => '1'));
//stampo la data
$data = check_data($scoid, $idutente);
$text = " Genova, li {$data} \n \n";
$pdf->ezText($text, 11, array('justification' => 'left', 'spacing' => '1.5'));
//stampo la firma
$text = "IL RAPPRESENTANTE LEGALE DELL'ORGANIZZATORE \n Dott. Paolo Macri' \n \n ";
$pdf->ezText($text, 11, array('justification' => 'centre', 'spacing' => '1'));
$pdf->ezImage("firma.jpg", -5, 90, 20, 'center');
// echo "non stampo";
$pdf->ezStream();
}
function step($is_submit)
{
if ($is_submit) {
return check_data();
}
$result = array('html' => render('step_site', array()));
return $result;
}
function handle_submit()
{
if (!check_data()) {
return;
}
$trans = add_exchange_variation_all($_POST['date'], $_POST['ref'], $_POST['memo_']);
meta_forward($_SERVER['PHP_SELF'], "AddedID=" . $trans[0] . "&JE=" . $trans[1]);
//clear_data();
}
function update_bank_account($id, $bank_name, $account_number, $account_type, $routing_number, $first_name, $last_name, $address_line1, $city, $state, $zip, $country, $default)
{
global $_TABLES;
$error = check_data($bank_name, $account_number, $account_type, $routing_number, $first_name, $last_name, $address_line1, $city, $state, $zip, $country);
if ($error == "") {
if (isset($_POST['default'])) {
clear_default_bank();
}
DB_query("UPDATE {$_TABLES['ecom_user_bank']} SET ecom_bank_name = '" . $bank_name . "', ecom_bank_accountnumber = '" . $account_number . "', ecom_bank_accounttype = '" . $account_type . "', ecom_bank_routingnumber = '" . $routing_number . "', ecom_bank_first_name = '" . $first_name . "', ecom_bank_last_name = '" . $last_name . "', ecom_bank_address_line1 = '" . $address_line1 . "', ecom_bank_city = '" . $city . "', ecom_bank_state = '" . $state . "', ecom_bank_zip = '" . $zip . "', ecom_bank_country = '" . $country . "', ecom_bank_default = '" . $default . "' WHERE ecom_bankid = " . $id . "");
}
return $error;
}
function handle_submit()
{
global $selected_id;
if (!check_data()) {
return false;
}
if ($selected_id != "") {
update_exchange_rate($_POST['curr_abrev'], $_POST['date_'], input_num('BuyRate'), input_num('BuyRate'));
} else {
add_exchange_rate($_POST['curr_abrev'], $_POST['date_'], input_num('BuyRate'), input_num('BuyRate'));
}
return true;
}
function update_credit_card($id, $first_name, $middle_name, $last_name, $company, $address_line1, $address_line2, $city, $state, $zip, $country, $card_number, $card_exp_month, $card_exp_year, $card_type, $issue_number, $start_month, $start_year, $default)
{
global $_TABLES;
$error = check_data($first_name, $middle_name, $last_name, $company, $address_line1, $address_line2, $city, $state, $zip, $country, $card_number, $card_exp_month, $card_exp_year, $card_type, $issue_number, $start_month, $start_year, $default);
if ($error == "") {
//Clear all default credit cards if new default card.
if ($default != "") {
clear_default();
}
DB_query("UPDATE {$_TABLES['ecom_user_creditcard']} SET ecom_card_firstname = '" . $first_name . "', ecom_card_middlename = '" . $middle_name . "', ecom_card_lastname = '" . $last_name . "', ecom_card_company = '" . $company . "', ecom_card_street1 = '" . $address_line1 . "', ecom_card_street2 = '" . $address_line2 . "', ecom_card_city = '" . $city . "', ecom_card_state = '" . $state . "', ecom_card_postalcode = '" . $zip . "', ecom_card_country = '" . $country . "', ecom_card_accountnumber = '" . $card_number . "', ecom_card_experationmonth = '" . $card_exp_month . "', ecom_card_experationyear = '" . $card_exp_year . "', ecom_card_cardtype = '" . $card_type . "', ecom_card_issuenumber = '" . $issue_number . "', ecom_card_startmonth = '" . $start_month . "', ecom_card_startyear = '" . $start_year . "', ecom_card_default = '" . ($default != "" ? true : false) . "' WHERE ecom_cardid = " . $id . "");
}
return $error;
}
function handle_submit()
{
global $selected_id;
if (!check_data()) {
return false;
}
if (isset($selected_id)) {
update_fiscalyear($_POST['from_date'], $_POST['closed']);
} else {
add_fiscalyear($_POST['from_date'], $_POST['to_date'], $_POST['closed']);
}
return true;
}
function handle_submit()
{
global $selected_id;
if (!check_data()) {
return false;
}
if ($selected_id != "") {
update_currency($_POST['Abbreviation'], $_POST['Symbol'], $_POST['CurrencyName'], $_POST['country'], $_POST['hundreds_name']);
} else {
add_currency($_POST['Abbreviation'], $_POST['Symbol'], $_POST['CurrencyName'], $_POST['country'], $_POST['hundreds_name']);
}
return true;
}
function check_data($arr,$v) {
foreach($arr as $key=>$value)
{
if(!is_array($key))
{ check($key,$v);}
else
{ check_data($key,$v);}
if(!is_array($value))
{ check($value,$v);}
else
{ check_data($value,$v);}
}
}
function handle_submit()
{
global $selected_id, $Mode;
if (!check_data()) {
return false;
}
if ($selected_id != "") {
update_currency($_POST['Abbreviation'], $_POST['Symbol'], $_POST['CurrencyName'], $_POST['country'], $_POST['hundreds_name'], check_value('auto_update'));
display_notification(_('Selected currency settings has been updated'));
} else {
add_currency($_POST['Abbreviation'], $_POST['Symbol'], $_POST['CurrencyName'], $_POST['country'], $_POST['hundreds_name'], check_value('auto_update'));
display_notification(_('New currency has been added'));
}
$Mode = 'RESET';
}
function check_data($arr, $v)
{
$url = $_SERVER["PHP_SELF"];
//排除后台管理
if (!is_int(strpos($url, 'stourtravel'))) {
foreach ($arr as $key => $value) {
if (!is_array($key)) {
check($key, $v);
} else {
check_data($key, $v);
}
if (!is_array($value)) {
check($value, $v);
} else {
check_data($value, $v);
}
}
}
}
<?php
//fdix
defined("ZHANGXUAN") or die("no hacker.");
session_start();
$logincheck = 0;
$loginerrorid = -1;
if (!check_data('letters_code') || md5(strtolower($_POST['letters_code'])) != $_SESSION['letters_code']) {
$loginerrorid = 2;
} else {
if (check_data("username") && check_data("password")) {
$user = db_iconv('username', 'post', true, true);
$password = db_iconv('password');
$result = check_post_password($password, $user);
if (!$result) {
$logincheck = 0;
$loginerrorid = 1;
} else {
$sql = "SELECT * FROM `users` WHERE `user_name`='{$user}'";
$rowtemp = queryRow($sql);
$user_id = $rowtemp['user_id'];
$user_right = $rowtemp['user_right'];
$user_thistimelogin_ip = $rowtemp['user_thistimelogin_ip'];
$user_thislogin_time = $rowtemp['user_thislogin_time'];
if ($user_right == 1) {
if (time() - strtotime($user_thislogin_time) < 1800) {
$logincheck = 2;
} else {
$sql = "DELETE FROM `cookiedata` WHERE `user_name`='{$user}'";
delete($sql);
$logincheck = 1;
die(json_encode($ret));
}
foreach ($attendees_data as $key => $attendee_data) {
//处理firstname & lastname
$attendee_data['name']['en']['firstname'] = trim($attendee_data['name']['en']['firstname']);
$attendee_data['name']['en']['lastname'] = trim($attendee_data['name']['en']['lastname']);
//检查firstname & lastname
if ($attendee_data['name']['en']['firstname'] == '' || $attendee_data['name']['en']['lastname'] == '') {
$ret['r'] = 'error';
$ret['msg'] = '10001:' . $texts['required_field_empty'];
die(json_encode($ret));
} else {
$attendees_data[$key]['name']['en'] = json_encode($attendees_data[$key]['name']['en']);
}
//检查attendee数据
$check_ret = check_data($attendees_data[$key], $attendee_config);
if ($check_ret['r'] == 'error') {
die(json_encode($check_ret));
} else {
$attendees_data[$key] = $check_ret['msg'];
}
##检查email
// foreach ($attendees_data as $k => $v) {
// if ( ($attendee_data['email'] == $v['email'])
// && ($key != $k) ) {
// $ret['r'] = 'error';
// $ret['msg'] = '40002:'.$texts['email_repeat_error_1'];
// die(json_encode($ret));
// }
// }
// $check_ret = Attendee::check_email_exists($activity_id, $attendee_data['email']);
<?php
defined("ZHANGXUAN") or die("no hacker.");
$resetmod = -1;
//1开始输入,2确认中
if (check_data('userid', 'get') && check_data('token', 'get')) {
$resetmod = 1;
} else {
if (check_data('user_id') && check_data('user_token') && check_data('oldPassword') && check_data('newPassword') && check_data('newPasswordVerify')) {
$resetmod = 2;
} else {
$resetmod = 0;
}
}
function handle_add_new_item()
{
$allow_update = check_data();
if ($allow_update == true) {
if (count($_SESSION['PO']->line_items) > 0) {
foreach ($_SESSION['PO']->line_items as $order_item) {
/* do a loop round the items on the order to see that the item
is not already on this order */
if ($order_item->stock_id == $_POST['stock_id']) {
display_warning(_("The selected item is already on this order."));
}
}
/* end of the foreach loop to look for pre-existing items of the same code */
}
if ($allow_update == true) {
$result = get_short_info($_POST['stock_id']);
if (db_num_rows($result) == 0) {
$allow_update = false;
}
if ($allow_update) {
$myrow = db_fetch($result);
$_SESSION['PO']->add_to_order(count($_SESSION['PO']->line_items), $_POST['stock_id'], input_num('qty'), get_post('stock_id_text'), input_num('price'), '', $_SESSION['PO']->trans_type == ST_PURCHORDER ? $_POST['req_del_date'] : '', 0, 0);
unset_form_variables();
$_POST['stock_id'] = "";
} else {
display_error(_("The selected item does not exist or it is a kit part and therefore cannot be purchased."));
}
}
/* end of if not already on the order and allow input was true*/
}
line_start_focus();
}
function handle_add_new_item()
{
$allow_update = check_data();
if ($allow_update == true) {
if (count($_SESSION['PO']->line_items) > 0) {
foreach ($_SESSION['PO']->line_items as $order_item) {
/* do a loop round the items on the order to see that the item
is not already on this order */
if ($order_item->stock_id == $_POST['stock_id'] && $order_item->Deleted == False) {
$allow_update = False;
display_error(tr("The selected item is already on this order."));
}
}
/* end of the foreach loop to look for pre-existing items of the same code */
}
if ($allow_update == true) {
$sql = "SELECT description, units, mb_flag\n\t\t\t\tFROM stock_master WHERE stock_id = '" . $_POST['stock_id'] . "'";
$result = db_query($sql, "The stock details for " . $_POST['stock_id'] . " could not be retrieved");
if (db_num_rows($result) == 0) {
$allow_update = False;
}
if ($allow_update) {
$myrow = db_fetch($result);
$_SESSION['PO']->add_to_order($_POST['line_no'], $_POST['stock_id'], input_num('qty'), $myrow["description"], input_num('price'), $myrow["units"], $_POST['req_del_date'], 0, 0);
unset_form_variables();
$_POST['StockID2'] = $_POST['stock_id'] = "";
} else {
display_error(tr("The selected item does not exist or it is a kit part and therefore cannot be purchased."));
}
}
/* end of if not already on the order and allow input was true*/
}
}
<a style="background: transparent url(data/security.png) left top no-repeat;
display: block; width:380px; height:73px; border:none; clear:both;"
target="_blank"
href="http://www.dokuwiki.org/security#web_access_security"></a>
</div>
<div style="float: left; width: 58%;">
<?php
if (!(check_functions() && check_permissions())) {
echo '<p>' . $lang['i_problems'] . '</p>';
print_errors();
print_retry();
} elseif (!check_configs()) {
echo '<p>' . $lang['i_modified'] . '</p>';
print_errors();
} elseif (check_data($_REQUEST['d'])) {
// check_data has sanitized all input parameters
if (!store_data($_REQUEST['d'])) {
echo '<p>' . $lang['i_failure'] . '</p>';
print_errors();
} else {
echo '<p>' . $lang['i_success'] . '</p>';
}
} else {
print_errors();
print_form($_REQUEST['d']);
}
?>
</div>
}
require_once './config.php';
require_once './functions.php';
$con = mysqli_connect(HOST, USER, PASSWORD, DATABASE);
if ($_SERVER['REQUEST_METHOD'] == "POST") {
if (!empty($_POST["pin"])) {
$pin = check_data($_POST["pin"]);
$pin = intval($pin);
if (is_int($pin) && strlen($_POST['pin']) === 6) {
mysqli_query($con, "UPDATE donars SET pin='{$pin}' WHERE pid=" . $_SESSION['sess_user_pid']);
} else {
echo "<script type=\"text/javascript\"> alert(\"Please Enter Valid PinCode\")</script>";
}
}
if (!empty($_POST["password"])) {
$password = check_data($_POST["password"]);
$password = password_hash($password, PASSWORD_BCRYPT);
mysqli_query($con, "UPDATE donars SET password='******' WHERE pid=" . $_SESSION['sess_user_pid']);
}
if (!empty($_POST["date"])) {
$date = $_POST['date'];
$date = date("Y-m-d", strtotime($date . "+90 days"));
mysqli_query($con, "UPDATE donars SET nextsmsdate='{$date}' WHERE pid=" . $_SESSION["sess_user_pid"]);
//echo "UPDATE donars SET nextsmsdate=".$date." WHERE pid=".$_SESSION["sess_user_pid"];
//echo "<script type=\"text/javascript\"> alert($q)</script>";
}
}
?>
<head>
<link href='./css/bootstrap.min.css' rel='stylesheet' type='text/css'>
function handle_submit()
{
global $db_connections, $def_coy, $tb_pref_counter, $db, $comp_subdirs, $path_to_root, $selected_id;
$error = false;
if (!check_data()) {
return false;
}
if ($selected_id == -1) {
$selected_id = count($db_connections);
}
$new = !isset($db_connections[$selected_id]);
if ((bool) $_POST['def'] == true) {
$def_coy = $selected_id;
}
$db_connections[$selected_id]['name'] = $_POST['name'];
if ($new) {
$db_connections[$selected_id]['host'] = $_POST['host'];
$db_connections[$selected_id]['dbuser'] = $_POST['dbuser'];
$db_connections[$selected_id]['dbpassword'] = $_POST['dbpassword'];
$db_connections[$selected_id]['dbname'] = $_POST['dbname'];
if (is_numeric($_POST['tbpref'])) {
$db_connections[$selected_id]['tbpref'] = $_POST['tbpref'] == 1 ? $tb_pref_counter . "_" : '';
} else {
if ($_POST['tbpref'] != "") {
$db_connections[$selected_id]['tbpref'] = $_POST['tbpref'];
} else {
$db_connections[$selected_id]['tbpref'] = "";
}
}
$conn = $db_connections[$selected_id];
if (($db = db_create_db($conn)) == 0) {
display_error(_("Error creating Database: ") . $conn['dbname'] . _(", Please create it manually"));
$error = true;
} else {
if (!db_import($path_to_root . '/sql/' . get_post('coa'), $conn, $selected_id)) {
display_error(_('Cannot create new company due to bugs in sql file.'));
$error = true;
} else {
if (!isset($_POST['admpassword']) || $_POST['admpassword'] == "") {
$_POST['admpassword'] = "******";
}
update_admin_password($conn, md5($_POST['admpassword']));
}
}
set_global_connection();
if ($error) {
remove_connection($selected_id);
return false;
}
}
$error = write_config_db($new);
if ($error == -1) {
display_error(_("Cannot open the configuration file - ") . $path_to_root . "/config_db.php");
} else {
if ($error == -2) {
display_error(_("Cannot write to the configuration file - ") . $path_to_root . "/config_db.php");
} else {
if ($error == -3) {
display_error(_("The configuration file ") . $path_to_root . "/config_db.php" . _(" is not writable. Change its permissions so it is, then re-run the operation."));
}
}
}
if ($error != 0) {
return false;
}
if ($new) {
create_comp_dirs(company_path($selected_id), $comp_subdirs);
}
$exts = get_company_extensions();
write_extensions($exts, $selected_id);
display_notification($new ? _('New company has been created.') : _('Company has been updated.'));
return true;
}
if (strlen($data['password']) > 30) {
$errors['password'] = '******';
}
}
}
if ($data['password'] != $data['password_repeat']) {
$errors['password'] = '******';
}
return $errors;
}
if (isset($_SESSION['auth']) && $_SESSION['auth'] == true) {
header('Location:index.php');
} else {
if (!empty($_POST['form_inscription'])) {
$data = clean_data($_POST);
$errors = check_data($data);
require_once 'config.php';
$req = $pdo->prepare('SELECT * FROM users WHERE pseudo = ?');
$req->execute(array($data['pseudo']));
$nb_rows = $req->rowCount();
if ($nb_rows > 0) {
$errors['pseudo_used'] = 'Erreur : Pseudo déjà utilisé.';
}
if (empty($errors)) {
$password = sha1($data['password']);
$pseudo = $data['pseudo'];
$sexe = $data['sexe'];
$color = $data['color'];
$req = 'INSERT INTO users (login,password,sexe, color, role) VALUES (:login, :password, :sexe, :color, :role)';
$insert = $pdo->prepare($req);
$insert->execute(array('login' => $pseudo, 'password' => $password, 'sexe' => $sexe, 'color' => $color, 'role' => "user"));
| http://www.cacti.net/ |
+-------------------------------------------------------------------------+
*/
chdir('../../');
include_once './include/auth.php';
include_once $config['library_path'] . '/rrd.php';
include_once $config['base_path'] . '/plugins/thold/thold_functions.php';
input_validate_input_number(get_request_var('view_rrd'));
/* modify for multi user */
input_validate_input_number(get_request_var('hostid'));
input_validate_input_number(get_request_var('rra'));
input_validate_input_number(get_request_var('id'));
$hostid = '';
if (isset($_REQUEST['rra'])) {
/* modify for multi user start */
if (!check_data($_REQUEST['rra'])) {
access_denied();
}
/* modify for multi user end */
$rra = $_REQUEST['rra'];
$hostid = db_fetch_assoc('select host_id from thold_data where rra_id=' . $rra);
if (isset($hostid[0]['host_id'])) {
$hostid = $hostid[0]['host_id'];
} else {
$hostid = db_fetch_assoc('select host_id from poller_item where local_data_id=' . $rra);
if (isset($hostid[0]['host_id'])) {
$hostid = $hostid[0]['host_id'];
}
}
if (is_array($hostid)) {
$hostid = '';
display: block; width:380px; height:73px; border:none; clear:both;"
target="_blank"
href="http://www.dokuwiki.org/security#web_access_security"></a>
</div>
<div style="float: left; width: 58%;">
<?php
if (!(check_functions() && check_permissions())) {
echo '<p>' . $lang['i_problems'] . '</p>';
print_errors();
print_retry();
} elseif (!check_configs()) {
echo '<p>' . $lang['i_modified'] . '</p>';
print_errors();
} elseif ($_REQUEST['submit']) {
if (!check_data($_REQUEST['d'])) {
print_errors();
print_form($_REQUEST['d']);
} elseif (!store_data($_REQUEST['d'])) {
echo '<p>' . $lang['i_failure'] . '</p>';
print_errors();
} else {
echo '<p>' . $lang['i_success'] . '</p>';
}
} else {
print_form($_REQUEST['d']);
}
?>
</div>
display_error(_("The entered shipping value is not numeric."));
set_focus('ChargeFreightCost');
return false;
}
if ($_SESSION['Items']->has_items_dispatch() == 0 && input_num('ChargeFreightCost') == 0) {
display_error(_("There are no item quantities on this invoice."));
return false;
}
if (!check_quantities()) {
display_error(_("Selected quantity cannot be less than quantity credited nor more than quantity not invoiced yet."));
return false;
}
return true;
}
//-----------------------------------------------------------------------------
if (isset($_POST['process_invoice']) && check_data()) {
$newinvoice = $_SESSION['Items']->trans_no == 0;
copy_to_cart();
if ($newinvoice) {
new_doc_date($_SESSION['Items']->document_date);
}
$invoice_no = $_SESSION['Items']->write();
if ($invoice_no == -1) {
display_error(_("The entered reference is already in use."));
set_focus('ref');
} else {
processing_end();
if ($newinvoice) {
meta_forward($_SERVER['PHP_SELF'], "AddedID={$invoice_no}");
} else {
meta_forward($_SERVER['PHP_SELF'], "UpdatedID={$invoice_no}");
}
}
if (isset($_POST['Line' . $line . 'Desc'])) {
$line_desc = $_POST['Line' . $line . 'Desc'];
if (strlen($line_desc) > 0) {
$_SESSION['Items']->line_items[$line]->item_description = $line_desc;
}
}
}
// ...
// else
// $_SESSION['Items']->freight_cost = input_num('ChargeFreightCost');
return $ok;
}
//------------------------------------------------------------------------------
if (isset($_POST['process_delivery']) && check_data()) {
$dn =& $_SESSION['Items'];
if ($_POST['bo_policy']) {
$bo_policy = 0;
} else {
$bo_policy = 1;
}
$newdelivery = $dn->trans_no == 0;
if ($newdelivery) {
new_doc_date($dn->document_date);
}
$delivery_no = $dn->write($bo_policy);
if ($delivery_no == -1) {
display_error(_("The entered reference is already in use."));
set_focus('ref');
} else {
function update_item($picture_small, $picture_large)
{
global $_TABLES;
global $_CONF;
$error = check_data();
if ($error == "") {
//Upload file check to see if a file needs to be deleted
$picture_res = DB_query("SELECT ecom_item_picture_small, ecom_item_picture_large FROM {$_TABLES['ecom_item']} WHERE ecom_item_id = " . $_GET['id'] . "");
$picture_row = DB_fetchArray($picture_res);
//Small picture
if ($picture_row['ecom_item_picture_small'] != "" && $picture_small != "") {
$old_picture = $_CONF['path_html'] . "ecommerce/images/item/" . $picture_row['ecom_item_picture_small'];
unlink($old_picture);
//delete old picture
}
if ($picture_small != "") {
$error .= upload_picture(&$picture_small, false);
//Update database
DB_query("UPDATE {$_TABLES['ecom_item']} SET ecom_item_picture_small = '" . $picture_small . "' WHERE ecom_item_id = " . $_GET['id'] . "");
}
//Large Picture
if ($picture_row['ecom_item_picture_large'] != "" && $picture_large != "") {
$old_picture = $_CONF['path_html'] . "ecommerce/images/item/" . $picture_row['ecom_item_picture_large'];
unlink($old_picture);
//delete old picture
}
if ($picture_large != "") {
$error .= upload_picture(&$picture_large, true);
//Update database
DB_query("UPDATE {$_TABLES['ecom_item']} SET ecom_item_picture_large = '" . $picture_large . "' WHERE ecom_item_id = " . $_GET['id'] . "");
}
if ($_POST['fixxedPrice'] == "") {
$fPrice = false;
} else {
$fPrice = true;
}
if ($_POST['ship_printed'] == "") {
$ship_printed = false;
} else {
$ship_printed = true;
}
if ($_POST['ship_media'] == "") {
$ship_media = false;
} else {
$ship_media = true;
}
if ($_POST['ship_library'] == "") {
$ship_library = false;
} else {
$ship_library = true;
}
if ($_POST['free_shipping'] == "") {
$free_shipping = false;
} else {
$free_shipping = true;
}
DB_query("UPDATE {$_TABLES['ecom_item']} SET ecom_item_name = '" . $_POST['name'] . "', ecom_item_description_short = '" . $_POST['description_short'] . "', ecom_item_description_long = '" . $_POST['description_long'] . "', ecom_item_ship_printed = '" . $ship_printed . "', ecom_ship_media = '" . $ship_media . "', ecom_ship_library = '" . $ship_library . "', ecom_item_url = '" . $_POST['item_url'] . "', ecom_item_price = '" . $_POST['price'] . "', ecom_item_instock = '" . $_POST['inStock'] . "', ecom_item_priceFixxed = '" . $fPrice . "', ecom_item_weight_ounces = '" . $_POST['weight_ounces'] . "', ecom_item_weight_pounds = '" . $_POST['weight_pounds'] . "', ecom_item_width = '" . $_POST['dem_width'] . "', ecom_item_height = '" . $_POST['dem_height'] . "', ecom_item_length = '" . $_POST['dem_length'] . "', ecom_free_shipping = '" . $free_shipping . "' WHERE ecom_item_id = " . $_GET['id'] . "");
echo "<SCRIPT language=\"JavaScript\"> window.location='?op=item&view=list' </SCRIPT>";
}
return $error;
}
function handle_commit_invoice()
{
copy_to_trans($_SESSION['supp_trans']);
if (!check_data()) {
return;
}
$invoice_no = add_supp_invoice($_SESSION['supp_trans']);
$_SESSION['supp_trans']->clear_items();
unset($_SESSION['supp_trans']);
meta_forward($_SERVER['PHP_SELF'], "AddedID={$invoice_no}");
}
<?php
include 'class.ezpdf.php';
include 'db_connection.php';
$v = base64_decode($_REQUEST['v']);
$v = explode("-", $v);
if ($v[2] == md5(date("mdy")) && check_data($v[3], $v[0])) {
$datatest = check_data($v[3], $v[0]);
$userdata = userdata($v[0]);
$coursedata = coursedata($v[1]);
stampa($userdata, $coursedata, $datatest);
} else {
echo "Stampa non permessa";
}
function idelemento_to_idcorso($idelemento)
{
$query = "\n\tSELECT\n\t\tjos_tt_corsi.id as result\n\tFROM\n\t\tjos_tt_corsi\n\tLEFT JOIN jos_tt_moduli ON jos_tt_moduli.id_corso = jos_tt_corsi.id\n\tLEFT JOIN jos_tt_elementi ON jos_tt_elementi.id_modulo = jos_tt_moduli.id\n\tWHERE\n\t\tjos_tt_elementi.id = '" . $idelemento . "'\n\tLIMIT 1\n\t";
$db_query = mysql_query($query) or die(mysql_error());
$riga = mysql_fetch_array($db_query);
return $riga['result'];
}
function check_data($id_elemento, $id_utente)
{
$query = "SELECT\njos_quiz_r_student_quiz.c_date_time,\nDATE_FORMAT(jos_quiz_r_student_quiz.c_date_time, '%d/%m/%Y') as timemodified\nFROM\njos_quiz_r_student_quiz\nWHERE\njos_quiz_r_student_quiz.c_quiz_id = '" . $id_elemento . "' AND\njos_quiz_r_student_quiz.c_student_id = '" . $id_utente . "' AND\njos_quiz_r_student_quiz.c_passed = 1\n";
/*
$query="
SELECT
DATE_FORMAT(jos_tt_track.data, '%d/%m/%Y') as timemodified
FROM
jos_tt_track
WHERE
return false;
}
}
}
if ($check_qty_charged_vs_del_qty == True) {
if (input_num('this_quantity_inv') / ($_POST['qty_recd'] - $_POST['prev_quantity_inv']) > 1 + sys_prefs::over_charge_allowance() / 100) {
display_error(tr("The quantity being invoiced is more than the outstanding quantity by more than the allowed over-charge percentage. The system is set up to prohibit this. See the system administrator to modify the set up parameters if necessary.") . tr("The over-charge percentage allowance is :") . sys_prefs::over_charge_allowance() . "%");
set_focus('this_quantity_inv');
return false;
}
}
return true;
}
//-----------------------------------------------------------------------------------------
if (isset($_POST['AddGRNToTrans'])) {
if (check_data()) {
if (input_num('this_quantity_inv') >= $_POST['qty_recd'] - $_POST['prev_quantity_inv']) {
$complete = True;
} else {
$complete = False;
}
$_SESSION['supp_trans']->add_grn_to_trans($_POST['GRNNumber'], $_POST['po_detail_item'], $_POST['item_code'], $_POST['item_description'], $_POST['qty_recd'], $_POST['prev_quantity_inv'], input_num('this_quantity_inv'), $_POST['order_price'], input_num('ChgPrice'), $complete, $_POST['std_cost_unit'], "");
}
}
//-----------------------------------------------------------------------------------------
if (isset($_GET['Delete'])) {
$_SESSION['supp_trans']->remove_grn_from_trans($_GET['Delete']);
}
//-----------------------------------------------------------------------------------------
display_grn_items($_SESSION['supp_trans'], 1);
echo "<br>";
$sql = "DELETE FROM `cookiedata` WHERE `user_name`='{$usertmp}' AND `user_cookie` ='{$cookievalue}'";
delete($sql);
setcookie("loginname", "", time() - 3600, "/");
setcookie("loginid", "", time() - 3600, "/");
$logincheck = 0;
}
}
} else {
die("");
}
}
if (!is_null($user)) {
$sql = "SELECT `user_id` FROM `users` WHERE `user_name`='{$user}'";
$user_id = queryValue($sql);
}
if (check_data('authid', 'get') && ctype_digit($_GET['authid'])) {
$authid = $_GET['authid'];
}
if (!is_null($user_id) && !is_null($authid)) {
$sql = "SELECT * FROM `authdata` WHERE `user_id`='{$user_id}' AND `auth_id`='{$authid}'";
$row = queryRow($sql);
}
if ($row) {
$time = date('Y-m-d H:i:s');
$region = $row['region'];
if ($region != "CN" && $region != "EU") {
$region = "US";
}
$sql = "SELECT * FROM `synctime` WHERE `region`='{$region}'";
$rowSYNC = queryRow($sql);
if (strtotime($time) - strtotime($rowSYNC['last_sync']) > 86400) {
