function leaveRun() { // Access the globals. global $DB; global $TIMEMARK; global $MySelf; $runid = $_GET[id]; $userid = $MySelf->getID(); // Are we actually still in this run? if (userInRun($userid, $runid) == "none") { makeNotice("You can not leave a run you are currently not a part of.", "warning", "Not you run.", "index.php?action=show&id={$runid}", "[cancel]"); } // Is $runid truly an integer? numericCheck($runid); // Oh yeah? if (runIsLocked($runid)) { confirm("Do you really want to leave mining operation #{$runid} ?<br><br>Careful: This operation has been locked by " . runSupervisor($runid, true) . ". You can not rejoin the operation unless its unlocked again."); } else { confirm("Do you really want to leave mining operation #{$runid} ?"); } // Did the run start yet? If not, delete the request. $runStart = $DB->getCol("SELECT starttime FROM runs WHERE id='{$runid}' LIMIT 1"); if ($TIMEMARK < $runStart[0]) { // Event not started yet. Delete. $DB->query("DELETE FROM joinups WHERE run='{$runid}' AND userid='{$userid}'"); } else { // Event started, just mark inactive. $DB->query("update joinups set parted = '{$TIMEMARK}' where run = '{$runid}' and userid = '{$userid}' and parted IS NULL"); } makeNotice("You have left the run.", "notice", "You left the Op.", "index.php?action=show&id={$runid}", "[OK]"); }
function get_products() { $query = query("SELECT * FROM products"); confirm($query); while ($row = fetch_array($query)) { $product = <<<DELIMITER <div class="col-sm-4 col-lg-4 col-md-4"> <div class="thumbnail"> <a href="item.php?id={$row['product_id']}"><img src="{$row['product_image']}" alt=""></a> <div class="caption"> <h4 class="pull-right">${$row['product_price']}</h4> <h4><a href="item.php?id={$row['product_id']}">{$row['product_title']}</a> </h4> <p>See more snippets like this online store item at <a target="_blank" href="http://www.bootsnipp.com">Bootsnipp - http://bootsnipp.com</a>.</p> <a class="btn btn-primary" target="_blank" href="../resources/cart.php?add={$row['product_id']}">Add to Cart</a> </div> </div> </div> DELIMITER; echo $product; } }
function write(&$frm) { if (isset($_REQUEST["btn_back"])) { return enter($frm); } if ($frm->validate("write")) { return confirm($frm); } $upd = new dbUpdate("suppstock", "cubit"); $del = new dbDelete("suppstock", "cubit"); foreach ($_REQUEST["stkcod"] as $suppid => $stkcod) { if (empty($stkcod)) { $del->setOpt("suppid='{$suppid}' AND stkid='{$_REQUEST['id']}'"); $del->run(); continue; } $cols = grp(m("suppid", $suppid), m("stkid", $_REQUEST["id"]), m("stkcod", $stkcod)); $upd->setOpt($cols, "suppid='{$suppid}' AND stkid='{$_REQUEST['id']}'"); $upd->run(DB_REPLACE); } foreach ($_REQUEST["stkdes"] as $suppid => $stkdes) { if (empty($stkcod)) { $del->setOpt("suppid='{$suppid}' AND stkid='{$_REQUEST['id']}'"); $del->run(); continue; } $cols = grp(m("suppid", $suppid), m("stkid", $_REQUEST["id"]), m("stkdes", $stkdes)); $upd->setOpt($cols, "suppid='{$suppid}' AND stkid='{$_REQUEST['id']}'"); $upd->run(DB_REPLACE); } $OUT = "<script>window.close();</script>"; return $OUT; }
function deleteEvent() { // is the events module active? if (!getConfig("events")) { makeNotice("The admin has deactivated the events module.", "warning", "Module not active"); } // Import the globals, as usual. global $DB; global $MySelf; // Are we allowed to be here? if (!$MySelf->canDeleteEvents()) { makeNotice("You are not allowed to do this!", "error", "Forbidden"); } // Is the ID safe? if (!is_numeric($_GET[id]) || $_GET[id] < 0) { makeNotice("Invalid ID given!", "error", "Invalid Data"); } // Does the user really want this? confirm("Are you sure you want to delete this event?"); // Ok, then delete it. $DB->query("DELETE FROM events WHERE id = '{$_GET['id']}' LIMIT 1"); if ($DB->affectedRows() == 1) { // Inform the people! // mailUser(); makeNotice("The event has been deleted", "notice", "Event deleted", "index.php?action=showevents", "[OK]"); } else { makeNotice("Could not delete the event from the database.", "error", "DB Error", "index.php?action=showevents", "[Cancel]"); } }
function deleteRun() { // We need some globals. global $DB; global $MySelf; global $READONLY; // Are we allowed to delete runs? if (!$MySelf->canDeleteRun() || $READONLY) { makeNotice("You are not allowed to delete runs!", "error", "forbidden"); } // Set the ID. $ID = sanitize("{$_GET['id']}"); if (!is_numeric($ID) || $ID < 0) { makeNotice("Invalid ID passed to deleteRun!", "error"); } // Are we sure? confirm("Do you really want to delete run #{$ID} ?"); // Get the run in question. $run = $DB->getRow("SELECT * FROM runs WHERE id = '{$ID}' LIMIT 1"); // is it closed? if ("{$run['endtime']}" < "0") { makeNotice("You can only delete closed runs!", "error", "Deletion canceled", "index.php?action=list", "[cancel]"); } // delete it. $DB->query("DELETE FROM runs WHERE id ='{$ID}'"); // Also delete all hauls. $DB->query("DELETE FROM hauled WHERE miningrun='{$ID}'"); // And joinups. $DB->query("DELETE FROM joinups WHERE runid='{$ID}'"); makeNotice("The Miningrun Nr. #{$ID} has been deleted from the database and all associated hauls as well.", "notice", "Mining Operation deleted", "index.php?action=list", "[OK]"); }
function users_online() { if (isset($_GET['onlineusers'])) { global $connection; if (!$connection) { session_start(); include "../includes/db.php"; $session = session_id(); $time = time(); $time_out_in_seconds = 1; $time_out = $time - $time_out_in_seconds; $query = "SELECT * FROM users_online WHERE session = '{$session}'"; $send_query = mysqli_query($connection, $query); confirm($send_query); $count = mysqli_num_rows($send_query); if ($count == NULL) { mysqli_query($connection, "INSERT INTO users_online(session, time) VALUES('{$session}', '{$time}')"); } else { mysqli_query($connection, "UPDATE users_online SET time = '{$time}' WHERE session = '{$session}'"); } $users_online_query = mysqli_query($connection, "SELECT * FROM users_online WHERE time > '{$time_out}'"); echo $count_user = mysqli_num_rows($users_online_query); } } // Get request isset() }
function verify_directory($directory) { if (file_exists($directory)) { return confirm(sprintf("Directory %s exists. Use it?", $directory)); } mkdir($directory); return true; }
function alerta() { if (confirm("El usuario y contraseña son incorrectos vuelva a intentarlo ")) { alert('Pulsaste aceptar!'); } else { alert('Pulsaste cancelar!'); } }
function write($frm) { extract($_REQUEST); if ($frm->validate("write")) { return confirm($frm); } pglib_transaction("BEGIN"); db_conn('cubit'); $user = USER_NAME; $Sql = "SELECT * FROM assets WHERE (dep_month='yes' AND remaction IS NULL)"; $Rslt = db_exec($Sql) or errDie("Unable to access database."); $cc = ""; $todate = mkdate($date_year, $date_month, $date_day); $ttime = mktimefd($todate); $refnum = getrefnum($todate); while ($led = pg_fetch_array($Rslt)) { if (empty($led["autodepr_date"])) { $led["autodepr_date"] = $led["date"]; } explodeDate($led["autodepr_date"], $date_year, $date_month, $date_day); $ftime = mktime(0, 0, 0, $date_month, $date_day, $date_year); $depmonths = 0; while ($ftime < $ttime) { ++$depmonths; $ftime = mktime(0, 0, 0, $date_month + $depmonths, $date_day, $date_year); } if ($depmonths == 0) { continue; } $depperc = $led["dep_perc"]; $ml_perc = $depperc * ($depmonths % 12 / 12); $years = ($depmonths - $depmonths % 12) / 12; $baseamt = $led["amount"] - $led["accdep"]; $depamt = 0; /* yearly depreciations */ for ($i = 1; $i <= $years; ++$i) { $depamt += ($baseamt - $depamt) * ($depperc / 100); } /* monthly depreciation */ $depamt += ($baseamt - $depamt) * ($ml_perc / 100); $sql = "SELECT * FROM assetgrp WHERE grpid = '{$led['grpid']}' AND div = '" . USER_DIV . "'"; $grpRslt = db_exec($sql); $grp = pg_fetch_array($grpRslt); writetrans($grp['depacc'], $grp['accdacc'], $todate, $refnum, $depamt, "{$led['des']} Depreciation"); db_connect(); $sql = "UPDATE assets SET accdep = (accdep + '{$depamt}'), autodepr_date='{$todate}'\r\n\t\t\t\tWHERE (id='{$led['id']}' AND div = '" . USER_DIV . "')"; db_exec($sql) or errdie("Could not update assets table."); $snetval = $baseamt - $depamt; $sdate = date("Y-m-d"); $sql = "INSERT INTO assetledger(assetid, asset, date, depamt, netval, div) \r\n\t\t\t\tVALUES ('{$led['id']}', '{$led['des']}', '{$todate}', '{$depamt}', '{$snetval}', '" . USER_DIV . "')"; db_exec($sql) or errdie("Could not write to asset ledger."); $cc .= "CostCenter('ct', 'Asset Depreciation', '{$todate}', '{$led['des']} Depreciation', '{$depamt}', '');"; } pglib_transaction("COMMIT"); $write = "\r\n\t<script> \r\n\t{$cc}\r\n\t</script>\r\n\t<table " . TMPL_tblDflts . " width='50%'>\r\n\t\t<tr>\r\n\t\t\t<th>Auto Asset Depreciation</th>\r\n\t\t</tr>\r\n\t\t<tr class='datacell'>\r\n\t\t\t<td>Asset Depreciation has calculated and recorded.</td>\r\n\t\t</tr>\r\n\t</table>"; return $write; }
function get_record_json_by_id($id) { $query = "SELECT * FROM task WHERE id = {$id}"; $result = mysql_query($query); confirm($result, "problem in query"); $row = mysql_fetch_array($result); $record_array = array("id" => $row["id"], "title" => $row["title"], "complete" => $row["complete"]); $record_json = json_encode($record_array); return $record_json; }
function connect_error() { global $adminer, $connection, $token, $error, $drivers; if (DB != "") { header("HTTP/1.1 404 Not Found"); page_header(lang('Database') . ": " . h(DB), lang('Invalid database.'), true); } else { if ($_POST["db"] && !$error) { queries_redirect(substr(ME, 0, -1), lang('Databases have been dropped.'), drop_databases($_POST["db"])); } //Encabezado y botones de la parte superior en la seleccion de bases de datos page_header(lang('Select database'), $error, false); echo "<p>\n"; foreach (array('database' => lang('Create new database'), 'privileges' => lang('Privileges'), 'processlist' => lang('Process list'), 'variables' => lang('Variables'), 'status' => lang('Status')) as $key => $val) { if (support($key)) { echo "<a class='btn btn-xs btn-primary' href='" . h(ME) . "{$key}='>{$val}</a>\n"; } } //Presenta informacion de la conexion echo "<p><i class='fa fa-exchange fa-fw'></i> " . lang('%s version: %s through PHP extension %s', $drivers[DRIVER], "<b>" . h($connection->server_info) . "</b>", "<b>{$connection->extension}</b>") . "\n"; echo "<p><i class='fa fa-user fa-fw'></i> " . lang('Logged as: %s', "<b>" . h(logged_user()) . "</b>") . "\n"; //Presenta la lista de bases de datos existentes y los encabezados $databases = $adminer->databases(); if ($databases) { $scheme = support("scheme"); $collations = collations(); echo "<form action='' method='post'>\n"; echo "<table cellspacing='0' class='checkable table table-condensed table-responsive table-hover' onclick='tableClick(event);' ondblclick='tableClick(event, true);'>\n"; echo "<thead><tr>" . (support("database") ? "<th> " : "") . "<th>" . lang('Database') . " - <a class='btn btn-default btn-xs' href='" . h(ME) . "refresh=1'><i class='fa fa-refresh fa-fw'></i> " . lang('Refresh') . "</a>" . "<th>" . lang('Collation') . "<th>" . lang('Tables') . "<th>" . lang('Size') . " - <a class='btn btn-default btn-xs' href='" . h(ME) . "dbsize=1' onclick=\"return !ajaxSetHtml('" . js_escape(ME) . "script=connect');\">" . lang('Compute') . "</a>" . "</thead>\n"; //Presenta la lista de bases de datos $databases = $_GET["dbsize"] ? count_tables($databases) : array_flip($databases); foreach ($databases as $db => $tables) { $root = h(ME) . "db=" . urlencode($db); echo "<tr" . odd() . ">" . (support("database") ? "\n\t\t\t\t\t<td align=center>" . checkbox("db[]", $db, in_array($db, (array) $_POST["db"])) : ""); echo "<th><a href='{$root}'>" . h($db) . "</a>"; $collation = nbsp(db_collation($db, $collations)); echo "<td>" . (support("database") ? "<a href='{$root}" . ($scheme ? "&ns=" : "") . "&database=' title='" . lang('Alter database') . "'>{$collation}</a>" : $collation); echo "<td align='right'><a href='{$root}&schema=' id='tables-" . h($db) . "' title='" . lang('Database schema') . "'>" . ($_GET["dbsize"] ? $tables : "?") . "</a>"; echo "<td align='right' id='size-" . h($db) . "'>" . ($_GET["dbsize"] ? db_size($db) : "?"); echo "\n"; } echo "</table>\n"; //Agrega boton de eliminar echo support("database") ? "<fieldset><legend>" . lang('Selected') . " <span id='selected'></span></legend><div>\n" . "<input type='hidden' name='all' value='' onclick=\"selectCount('selected', formChecked(this, /^db/));\">\n" . "<input class='btn btn-xs btn-danger' type='submit' name='drop' value='" . lang('Drop') . "'" . confirm() . ">\n" . "</div></fieldset>\n" : ""; echo "<script type='text/javascript'>tableCheck();</script>\n"; echo "<input type='hidden' name='token' value='{$token}'>\n"; echo "</form>\n"; } } page_footer("db"); }
function cart() { $total = 0; $item_quantity = 0; $item_name = 1; $item_number = 1; $amount = 1; $quantity = 1; foreach ($_SESSION as $name => $value) { if ($value > 0) { if (substr($name, 0, 8) == "product_") { $length = strlen($name - 8); $id = substr($name, 8, $length); $query = query("SELECT * FROM products WHERE product_id = " . escape_string($id) . " "); confirm($query); while ($row = fetch_array($query)) { $sub = $row['product_price'] * $value; $item_quantity += $value; $product = <<<DELIMETER <tr> <td>{$row['product_title']}</td> <td>${$row['product_price']}</td> <td>{$value}</td> <td>${$sub}</td> <td> <a class='btn btn-warning' href="cart.php?remove={$row['product_id']}"><span class='glyphicon glyphicon-minus'></span></a> <a class='btn btn-success' href="cart.php?add={$row['product_id']}"><span class='glyphicon glyphicon-plus'></span></a> <a class='btn btn-danger' href="cart.php?delete={$row['product_id']}"><span class='glyphicon glyphicon-remove'></span></a> </td> </tr> <input type="hidden" name="item_name_{$item_name}" value="{$row['product_title']}"> <input type="hidden" name="item_number_{$item_number}" value="{$row['product_id']}"> <input type="hidden" name="amount_{$amount}" value="{$row['product_price']}"> <input type="hidden" name="quantity_{$quantity}" value="{$row['product_quantity']}"> DELIMETER; echo $product; $total = 0; $item_quantity = 0; $item_name++; $item_number++; $amount++; $quantity++; } $_SESSION['item_total'] = $total += $sub; $_SESSION['item_quantity'] = $item_quantity; } } } }
function createTransaction() { // We need globals. global $DB; global $MySelf; global $TIMEMARK; // Are we allowed to poke in here? if (!$MySelf->isAccountant()) { makeNotice("Umm, you are not allowed to do this. Really. You are not.", "warning", "You are not supposed to be here"); } // Check the ints. numericCheck($_POST[wod], 0, 1); numericCheck($_POST[amount], 0); numericCheck($_POST[id], 0); // Its easier on the eyes. $type = $_POST[wod]; $amount = $_POST[amount]; $id = $_POST[id]; $username = idToUsername($id); // invert the amount if we have a withdrawal. if ($_POST[wod] == 1) { $dir = "withdrawed"; $dir2 = "from"; $hisMoney = getCredits($id); if ($hisMoney < $amount) { $ayee = $hisMoney - $amount; confirm("WARNING:<br>{$username} can NOT afford this withdrawal. If you choose to " . "authorize this transaction anyway his account will be at " . number_format($ayee, 2) . " ISK."); } } else { $amount = $_POST[amount]; $dir = "deposited"; $dir2 = "into"; } // We use custom reason, if set. if ($_POST[reason2] != "") { $reason = sanitize($_POST[reason2]); } else { $reason = sanitize($_POST[reason1]); } // Create transaction. $transaction = new transaction($id, $type, $amount); $transaction->setReason($reason); // Success? if (!$transaction->commit()) { // Nope :( makeNotice("Unable to create transaction. Danger, Will Robinson, DANGER!", "error", "Internal Error", "index.php?action=edituser&id={$id}", "[Back]"); } else { // Success ! makeNotice("You successfully {$dir} {$amount} ISK {$dir2} " . $username . "'s account.", "notice", "Transaction complete", "index.php?action=edituser&id={$id}", "[Ok]"); } }
function connect_error() { global $connection, $token, $error, $drivers; $databases = array(); if (DB != "") { page_header(lang('Database') . ": " . h(DB), lang('Invalid database.'), true); } else { if ($_POST["db"] && !$error) { queries_redirect(substr(ME, 0, -1), lang('Databases have been dropped.'), drop_databases($_POST["db"])); } page_header(lang('Select database'), $error, false); echo "<p><a href='" . h(ME) . "database='>" . lang('Create new database') . "</a>\n"; foreach (array('privileges' => lang('Privileges'), 'processlist' => lang('Process list'), 'variables' => lang('Variables'), 'status' => lang('Status')) as $key => $val) { if (support($key)) { echo "<a href='" . h(ME) . "{$key}='>{$val}</a>\n"; } } echo "<p>" . lang('%s version: %s through PHP extension %s', $drivers[DRIVER], "<b>{$connection->server_info}</b>", "<b>{$connection->extension}</b>") . "\n"; echo "<p>" . lang('Logged as: %s', "<b>" . h(logged_user()) . "</b>") . "\n"; if ($_GET["refresh"]) { set_session("dbs", null); } $databases = get_databases(); if ($databases) { $scheme = support("scheme"); $collations = collations(); echo "<form action='' method='post'>\n"; echo "<table cellspacing='0' class='checkable' onclick='tableClick(event);'>\n"; echo "<thead><tr><td> <th>" . lang('Database') . "<td>" . lang('Collation') . "<td>" . lang('Tables') . "</thead>\n"; foreach ($databases as $db) { $root = h(ME) . "db=" . urlencode($db); echo "<tr" . odd() . "><td>" . checkbox("db[]", $db, in_array($db, (array) $_POST["db"])); echo "<th><a href='{$root}'>" . h($db) . "</a>"; echo "<td><a href='{$root}" . ($scheme ? "&ns=" : "") . "&database=' title='" . lang('Alter database') . "'>" . nbsp(db_collation($db, $collations)) . "</a>"; echo "<td align='right'><a href='{$root}&schema=' id='tables-" . h($db) . "' title='" . lang('Database schema') . "'>?</a>"; echo "\n"; } echo "</table>\n"; echo "<script type='text/javascript'>tableCheck();</script>\n"; echo "<p><input type='submit' name='drop' value='" . lang('Drop') . "'" . confirm("formChecked(this, /db/)", 1) . ">\n"; // 1 - eventStop echo "<input type='hidden' name='token' value='{$token}'>\n"; echo "<a href='" . h(ME) . "refresh=1' onclick='eventStop(event);'>" . lang('Refresh') . "</a>\n"; echo "</form>\n"; } } page_footer("db"); if ($databases) { echo "<script type='text/javascript'>ajaxSetHtml('" . js_adminer_escape(ME) . "script=connect');</script>\n"; } }
function cart() { $total = 0; $item_quantity = 0; $item_name = 1; $item_number = 1; $amount = 1; $quantity = 1; foreach ($_SESSION as $name => $value) { if ($value > 0) { if (substr($name, 0, 8) == "product_") { $length = strlen($name - 8); $id = sanitize(substr($name, 8, $length)); $query = query("SELECT * FROM products WHERE p_id = {$id}"); confirm($query); while ($row = fetch_array($query)) { $sub = $row['pprice'] * $value; $item_quantity += $value; $srt = strtoupper(str_replace("_", " ", "{$row['pname']}")); $product = <<<DELIMETER \t\t\t\t<tr> \t\t\t\t <td><div class=row><div class=col-md-3><img width='50' src='{$row['pimage']}'> \t\t\t\t </div><div class=col-sm-9><a href="{$row['pname']}"><strong>{$srt}</strong></a><br> \t\t\t\t </div> \t\t\t\t </div> \t\t\t\t </td> \t\t\t\t <td>₹ {$row['pprice']}</td> \t\t\t\t <td>{$value}</td> \t\t\t\t <td>₹ {$sub}</td> \t\t\t\t <td><a class='btn btn-success' href="cart?add={$row['p_id']}"><span class='glyphicon glyphicon-plus'></span></a> <a class='btn btn-warning' href="cart?remove={$row['p_id']}"><span class='glyphicon glyphicon-minus'></span></a> \t\t\t\t<a class='btn btn-danger' href="cart?delete={$row['p_id']}"><span class='glyphicon glyphicon-remove'></span></a></td> \t\t\t\t </tr> \t\t\t\t <input type="hidden" name="item_name_{$item_name}" value="{$srt}"> \t\t\t\t <input type="hidden" name="item_number_{$item_number}" value="{$row['p_id']}"> \t\t\t\t <input type="hidden" name="amount_{$amount}" value="{$row['pprice']}"> \t\t\t <input type="hidden" name="quantity_{$quantity}" value="{$value}"> DELIMETER; echo $product; $item_name++; $item_number++; $amount++; $quantity++; } $_SESSION['item_total'] = $total += $sub; $_SESSION['item_quantity'] = $item_quantity; } } } }
function write($frm) { if (isset($_REQUEST["btn_back"])) { return select($frm); } /* @var $frm cForm */ if ($frm->validate("confirm")) { return confirm($frm); } $cols = grp(m("value", $_REQUEST["emp_year"])); $upd = new dbUpdate("settings", "cubit", $cols, "constant='EMP_TAXYEAR'"); $upd->run(DB_UPDATE); $OUT = "\n\t<h3>Active Tax Year</h3>\n\tSuccessfully updated active Tax Year to {$_REQUEST['emp_year']}"; return $OUT; }
function login_user() { if (isset($_POST['submit'])) { $username = escape_string($_POST['username']); $password = escape_string($_POST['password']); $query = query("SELECT * FROM user WHERE username = '******' AND password = '******'"); confirm($query); if (mysqli_num_rows($query) == 0) { set_message("Contrasena y usuario no es valida."); redirect("index.php"); } else { redirect("public/main.php"); } } }
function get_all_subject_by_id($subject_id) { global $connection; $query = "SELECT * "; $query .= "FROM subjects "; $query .= "WHERE id = " . $subject_id . " "; $query .= "LIMIT 1 "; $set_result = mysql_query($query, $connection); confirm($set_result); $subject = mysql_query($set_result); if (isset($subject)) { return $subject; } else { return NULL; } }
function popCan() { // We need the globals, as always, global $DB; global $MySelf; $UserID = $MySelf->getID(); // Is the ID sane? if ($_GET[id] != "all") { if (empty($_GET[id]) || !is_numeric($_GET[id]) || $_GET[id] < 1) { makeNotice("Invalid container selected for popping!", "error"); } else { $LIMIT = " AND id='{$_GET['id']}' LIMIT 1"; } } else { confirm("Are you sure you want to pop all your cans?"); } // Delete the can from the list. $DB->query("DELETE FROM cans WHERE pilot='{$UserID}' {$LIMIT}"); // And tell the user what happened. $canspopped = $DB->affectedRows(); // Do we want to go back to the run or the canpage? if (isset($_GET[runid])) { $bl = "index.php?action=show&id=" . $_GET[runid]; } else { $bl = "index.php?action=cans"; } if ($canspopped == 1) { // ONE can has been popped. makeNotice("The can has been popped.", "notice", "POP!", $bl, "That was fun!"); } elseif ($canspopped > 1) { // TWO OR MORE cans have been popped. makeNotice("{$canspopped} cans have been popped.", "notice", "POP!", $bl, "That was fun!"); } else { // ZERO OR LESS cans have been popped. $col = $DB->getRow("SELECT id, pilot FROM cans WHERE id='{$_GET['id']}'"); if (userInRun($MySelf->getID(), $col[id])) { $DB->query("DELETE FROM cans WHERE id='{$col['id']}' LIMIT 1"); if ($DB->affectedRows() == 1) { makeNotice("You just popped a can belonging to " . idToUsername($col[pilot]) . ".", "notice", "POP!", $bl, "That was fun!"); } else { makeNotice("The can could not be popped!", "error", "Internal Error", $bl, "[cancel]"); } } else { makeNotice("The can could not be popped!", "error", "Internal Error", $bl, "[cancel]"); } } }
function del_student($db, $argv) { if (sizeof($argv) == 3) { $login = $argv[2]; if (confirm()) { $collection = $db->createCollection("students"); if ($collection->find(array("login" => $login))->count() > 0) { $cursor = $collection->remove(array("login" => $login)); echo "User deleted !\n"; } else { echo "No student found!\n"; } } } else { echo "[31mError: Invalid number of arguments.\n"; echo "Usage: ./etna_movies.php del_student login.[0m\n"; } }
function select($err = "") { global $_POST; extract($_POST); if ($vatreg == "no") { return confirm(); } else { if ($vatreg != "yes") { return vatreg("<li class=err>Invalid vat option selected.</li>"); } } db_conn("cubit"); $sql = "SELECT value AS prdcat FROM settings WHERE constant='TAX_PRDCAT'"; $rslt = db_exec($sql) or errDie("Error reading tax period category."); $fields = array_merge(pg_fetch_array($rslt), array("cate_mon" => date("m"))); foreach ($fields as $k => $v) { if (!isset(${$k})) { ${$k} = $v; } } // if category e and not split yet (straight from db), cat e form: "e [mon#]" if (strlen($prdcat) > 1) { $cate_mon = substr($prdcat, 1); $prdcat = $prdcat[0]; } $OUTPUT = "\r\n\t<h3>Tax Period</h3>"; if ($err != "") { $OUTPUT .= "{$err}"; } else { $OUTPUT .= "\t<li class=err>When selecting a Tax period you will be reminded to do your Tax \r\n\t\t\ttransactions at the end of each such period. If you do not require, do not change this setting.</li>"; } $selmon = "<select name=cate_mon>"; for ($i = 1; $i <= 12; ++$i) { if ($cate_mon == $i) { $sel = "selected"; } else { $sel = ""; } $selmon .= "<option value='{$i}' {$sel}>" . date("F", mktime(0, 0, 0, $i, 1, 2000)) . "</option>"; } $selmon .= "</select>"; $OUTPUT .= "\r\n\t<form method=post action='" . SELF . "'>\r\n\t<input type=hidden name=key value=confirm>\r\n\t<input type=hidden name=vatreg value='{$vatreg}'>\r\n\t<table cellpadding='" . TMPL_tblCellPadding . "' cellspacing='" . TMPL_tblCellSpacing . "'>\r\n\t<tr>\r\n\t\t<th colspan=2>Select Tax Period Category</th>\r\n\t</tr>\r\n\t<tr class='bg-odd'>\r\n\t\t<td><input type=radio value=none name=prdcat " . ($prdcat == "none" ? "checked" : "") . "></td>\r\n\t\t<td>None</td>\r\n\t</tr>\r\n\t<tr class='bg-even'>\r\n\t\t<td><input type=radio value=a name=prdcat " . ($prdcat == "a" ? "checked" : "") . "></td>\r\n\t\t<td>Category A</td>\r\n\t</tr>\r\n\t<tr class='bg-odd'>\r\n\t\t<td><input type=radio value=b name=prdcat " . ($prdcat == "b" ? "checked" : "") . "></td>\r\n\t\t<td>Category B</td>\r\n\t</tr>\r\n\t<tr class='bg-even'>\r\n\t\t<td><input type=radio value=c name=prdcat " . ($prdcat == "c" ? "checked" : "") . "></td>\r\n\t\t<td>Category C</td>\r\n\t</tr>\r\n\t<tr class='bg-odd'>\r\n\t\t<td><input type=radio value=d name=prdcat " . ($prdcat == "d" ? "checked" : "") . "></td>\r\n\t\t<td>Category D</td>\r\n\t</tr>\r\n\t<tr class='bg-even'>\r\n\t\t<td><input type=radio value=e name=prdcat " . ($prdcat == "e" ? "checked" : "") . "></td>\r\n\t\t<td>Category E</td>\r\n\t\t<td>Select: {$selmon}</td>\r\n\t</tr>\r\n\t<tr class='bg-odd'>\r\n\t\t<td><input type=radio value=f name=prdcat " . ($prdcat == "f" ? "checked" : "") . "></td>\r\n\t\t<td>Category F</td>\r\n\t</tr>\r\n\t<tr>\r\n\t\t<td colspan=2 align=right><input type=submit value='Next >'></td>\r\n\t</tr>\r\n\t</table>\r\n\t</form>"; return $OUTPUT; }
function transferMoney() { // Globals global $MySelf; global $DB; global $TIMEMARK; $MyCredits = getCredits($MySelf->getID()); // Can we afford even the most basic transactions? if (!numericCheckBool($MyCredits, 0)) { makeNotice("You can not afford any transaction.", "warning", "Out of money", "index.php?action=manageWallet", "[cancel]"); } // Did we supply an isk amount at all? if ($_POST[amount] == "") { makeNotice("You did not specify an ISK amount. Please go back, and try again.", "warning", "How much?", "index.php?action=manageWallet", "[cancel]"); } if (!is_numeric($_POST[amount])) { makeNotice("The frog looks at you and your cheque with the amount of \"" . $_POST[amount] . "\". The frog is unsure how much ISK that is and instead decides to lick your face in a friendly manner, then it closes the teller and goes for lunch.", "warning", "Huh?"); } // Check for sanity. if (!numericCheckBool($_POST[to], 0)) { makeNotice("The supplied reciver is not valid.", "warning", "Invalid ID", "index.php?action=manageWallet", "[cancel]"); } if (!numericCheckBool($_POST[amount], 0)) { makeNotice("You need to specify a positive ISK value.", "error", "Invalid amount", "index.php?action=manageWallet", "[cancel]"); } if (!numericCheckBool($_POST[amount], 0, $MyCredits)) { makeNotice("You can not afford this transaction.", "warning", "Out of money", "index.php?action=manageWallet", "[cancel]"); } // Ok so now we know: The reciver is valid, the sender has enough money. $from = "<br><br>From: " . ucfirst($MySelf->getUsername()); $to = "<br>To: " . ucfirst(idToUsername($_POST[to])); $amount = "<br>Amount: " . number_format($_POST[amount], 2) . " ISK"; $reason = "<br>Reason: " . $_POST[reason]; confirm("Please authorize this transaction:" . $from . $to . $amount . $reason); // Lets do it. $transaction = new transaction($_POST[to], 0, $_POST[amount]); $transaction->setReason("Cash transfer from " . ucfirst($MySelf->getUsername()) . " to " . ucfirst(idToUsername($_POST[to])) . ": " . $_POST[reason]); $transaction->isTransfer(true); $transaction->commit(); // Send'em back. makeNotice($amount . " has been transfered from your into " . ucfirst(idToUsername($_POST[to])) . " account.", "notice", "Cash transfered", "index.php?action=manageWallet", "[OK]"); }
function toggleLock() { global $MySelf; // Check the ID for validity. if (!numericCheckBool($_GET[id], 0)) { makeNotice("That run ID is invalid.", "error", "Invalid RUN"); } else { $ID = $_GET[id]; } // Only the owner of the run can do this. if (runSupervisor($ID) != $MySelf->getUsername()) { makeNotice("Only the supervisor of a run can lock and unlock his/her run.", "warning", "Unable to comply", "index.php?action=show&id={$_GET['id']}", "[Cancel]"); } // Determine what the user wants. switch ($_GET[state]) { // User wants to lock. case "lock": confirm("You are about to lock Mining Operation #{$ID}. No one will be able to join up until you choose to unlock it. Is that what you want?"); $bool = "1"; break; // User wants to unlock. // User wants to unlock. case "unlock": confirm("You are about to unlock Mining Operation #{$ID}. Everyone will be able to join up again until you choose to relock it. Is that what you want?"); $bool = "0"; break; // User wants to screw around. // User wants to screw around. default: makeNotice("I dont know what you want off me. I only know lock and unlock. Sorry.", "warning", "Ehh?"); } // Update the database! global $DB; $DB->query("UPDATE runs SET isLocked='{$bool}' WHERE id='{$ID}' LIMIT 1"); // Success? if ($DB->affectedRows != 1) { header("Location: index.php?action=show&id={$ID}"); } else { makeNotice("Unable to set the new locked status in the database. Be sure to run the correct sql schema!", "warning", "Cannot write to database."); } }
function validate() { global $MySelf; global $MB_EMAIL; // Are we already validated? if ($MySelf->getEmailvalid()) { makeNotice("You are already validated."); } // Is it what the user wants? confirm("Do you wish to be sent a confirmation eMail now?"); // We need some variables. global $DB; global $MySelf; global $TIMEMARK; $CODE = rand(111111111111.0, 9999999999999.0); // Update the user. $DB->query("UPDATE users SET emailcode ='{$CODE}' WHERE username='******' LIMIT 1"); if ($DB->affectedRows() == 1) { $email = $DB->getCol("SELECT email FROM users WHERE username = '******' AND deleted='0' LIMIT 1"); // Load more globals global $SITENAME; global $URL; global $VERSION; // Assemble the activation url. $ACTIVATE = $URL . "/index.php?action=activate&code={$CODE}"; // Send a confirmation email $EMAIL = getTemplate("accountrequest", "email"); $EMAIL = str_replace("{{IP}}", "{$_SERVER['REMOTE_ADDR']}", $EMAIL); $EMAIL = str_replace("{{URL}}", "{$URL}", $EMAIL); $EMAIL = str_replace("{{DATE}}", date("r", $TIMEMARK), $EMAIL); $EMAIL = str_replace("{{ACTIVATE}}", "{$ACTIVATE}", $EMAIL); $EMAIL = str_replace("{{CORP}}", "{$SITENAME}", $EMAIL); $to = $email[0]; $DOMAIN = $_SERVER['HTTP_HOST']; $headers = "From:" . $MB_EMAIL; mail($to, $VERSION, $EMAIL, $headers); makeNotice("A confirmation email has been sent to your supplied email address.<br>Please follow the instructions therein.", "notice", "Account created"); } else { makeNotice("Could not send out the confirmation eMail!", "error"); } }
function delRank() { // Doh, globals! global $MySelf; global $DB; // Are we allowed to do this? if (!$MySelf->canEditRank()) { makeNotice("You do not have sufficient rights to access this page.", "warning", "Access denied"); } // Verify it. numericCheck($_GET[id], 0); // Confirm it. confirm("Do you really want to permanently delete rank #" . str_pad($_GET[id], 3, "0", STR_LEFT_PAD) . "?"); // Insert Rank into Database $DB->query("DELETE FROM ranks WHERE rankid='" . $_GET[id] . "' LIMIT 1"); // Check for success if ($DB->affectedRows() == 1) { header("Location: index.php?action=showranks"); } else { makeNotice("Unable to add the rank into the database!", "warning", "Database Error!"); } }
function requestPayout() { // Globals global $MySelf; global $DB; global $TIMEMARK; // How much overdraft are we allowed? $overdraft = 100 * 1000000; // 100m $overdraftlimit = false; // How much isk we got? $MyCredits = getCredits($MySelf->getID()); // Is this a number? if (!is_numeric($_POST[amount])) { makeNotice("The frog looks at you and your cheque with the amount of \"" . $_POST[amount] . "\". The frog is unsure how much ISK that is and instead decides to lick your face in a friendly manner, then it closes the teller and goes for lunch.", "warning", "Huh?"); } // We are requesting a POSITIVE amount, right? if (!numericCheckBool($_POST[amount], 0)) { makeNotice("You can only request positive amounts of ISK. If you want money, go work for it.", "notice", "This aint no charity", "index.php?action=manageWallet", "But i got women and children to feed..."); } // So, can we afford it? if ($overdraft <= 0 && !numericCheckBool($_POST[amount], 1, $MyCredits)) { makeNotice("You can only request a payment up to " . number_format($MyCredits) . " ISK. You requested " . number_format($_POST[amount]) . " ISK. Thats " . number_format($_POST[amount] - $MyCredits, 2) . " ISK more than you can afford.", "warning", "Too big of a payout.", "index.php?action=manageWallet", "[Cancel]"); } // Allow an overdraft, but not too much if ($overdraft > 0 && $overdraftlimit && !numericCheckBool($_POST[amount], 1, $MyCredits + $overdraft)) { makeNotice("You can only request a payment up to " . number_format($MyCredits + $overdraft) . " ISK. You requested " . number_format($_POST[amount]) . " ISK. Thats " . number_format($_POST[amount] - ($MyCredits + $overdraft), 2) . " ISK more than you are allowed.", "warning", "Too big of a payout.", "index.php?action=manageWallet", "[Cancel]"); } // We sure? confirm("Please confirm your payout request of " . number_format($_POST[amount], 2) . " ISK."); // Ok, do it. $DB->query("INSERT INTO payoutRequests (time, applicant, amount) VALUES (?,?,?)", array($TIMEMARK, $MySelf->getID(), $_POST[amount])); if ($DB->affectedRows() == 1) { mailUser("We are notifying you that " . $MySelf->getUsername() . " has requested a payout of " . number_format($_POST[amount], 2) . " ISK", "WHB Payout Requested", "isAccountant"); makeNotice("You request has been logged. An accountant will soon honor your request.", "notice", "Request logged", "index.php?action=manageWallet", "[OK]"); } else { makeNotice("Internal Error! Unable to record your request into the database! Inform the admin!", "error", "Internal Error!", "index.php?action=manageWallet", "[cancel]"); } }
function request($frm) { if (isset($_POST["btn_back"])) { return enter($frm); } if ($frm->validate("request")) { return confirm($frm); } $newkey = genkey(); if (isset($_REQUEST["suppid"])) { $suppid = $_REQUEST["suppid"]; $custid = "0"; } else { $custid = $_REQUEST["custid"]; $suppid = "0"; } $cols = grp(m("introtime", raw("CURRENT_TIMESTAMP")), m("introip", "0.0.0.0"), m("email", $_REQUEST["email"]), m("custid", $custid), m("suppid", $suppid), m("key", dbrow("0.0.0.0/0", "", $newkey)), m("userid", USER_ID)); $upd = new dbUpdate("keys", "trh", $cols); $upd->run(DB_INSERT); if ($upd->affected() > 0) { if (isset($_REQUEST["suppid"])) { if (($r = send_trhmsg("supp", $_REQUEST["suppid"], $_REQUEST["email"], "reqkey", $newkey)) === true) { $OUT = "Sent request for communication to supplier. On response you will be notified."; } else { $OUT = "Error sending request for communication: {$r}"; } } else { if (($r = send_trhmsg("cust", $_REQUEST["custid"], $_REQUEST["email"], "reqkey", $newkey)) === true) { $OUT = "Sent request for communication to customer. On response you will be notified."; } else { $OUT = "Error sending request for communication: {$r}"; } } } else { $OUT = "Error sending request for communication: Error updating database."; } return $OUT; }
function write($_POST) { extract($_POST); require_lib("validate"); $v = new validate(); $v->isOk($id, "num", 1, 255, "Invalid group id."); if ($v->isError()) { return enter($_POST, $v->genErrors()); } $get_grp = "SELECT grouptitle FROM egroups WHERE id = '{$id}' LIMIT 1"; $run_grp = db_exec($get_grp) or errDie("Unable to get email group information (0)"); if (pg_numrows($run_grp) < 1) { #no group found ??? return confirm($_POST, "<li class='err'>Email group not found.</li>"); } $gtitle = pg_fetch_result($run_grp, 0, 0); $write_sql = "DELETE FROM egroups WHERE id = '{$id}'"; $run_write = db_exec($write_sql) or errDie("Unable to remove group information."); $write_sql2 = "DELETE FROM email_groups WHERE email_group = '{$gtitle}'"; $run_write2 = db_exec($write_sql2) or errDie("Unable to remove email group email addresses."); $OUTPUT = "<h3>Write Group</h3>\n\t<table " . TMPL_tblDflts . ">\n\t\t<tr>\n\t\t\t<th>Write</th>\n\t\t</tr>\n\t\t<tr class='" . bg_class() . "'>\n\t\t\t<td><li>Successfully removed the group.</li></td>\n\t\t</tr>\n\t</table>"; return $OUTPUT; }
} if (!empty($_GET['action']) && !empty($_GET['aid'])) { $aid = $_GET['aid']; switch ($_GET['action']) { case 'edit_ads': $ad = $adsObj->selectOne($aid); $content = $ad[0]->getContent(); $url = $ad[0]->getUrl(); $image = $ad[0]->getImage(); $prompt = generateAdsEditingForm($aid, $content, $url, $image, $page); break; case 'delete_ads': $tips = '该操作不可恢复,确定要执行吗?'; $request = 'admin.php?v=' . $_GET['v'] . '&action=delete_ads_confirm&aid=' . $aid; $btnValue = '确定执行'; $prompt = confirm($tips, $request, $btnValue); break; case 'set_ads_no_display': $adsObj->setNoDisplay($aid); $prompt = success('设置为不可视成功'); break; case 'set_ads_display': $adsObj->setDisplay($aid); $prompt = success('设置为可视成功'); break; case 'delete_ads_confirm': $adsObj->delete($aid); $prompt = success('删除成功'); break; case 'edit_ads_confirm': // debug($_POST['content_edit']);
switch ($_POST["key"]) { case "cancel": $OUTPUT = write($_POST); break; default: # Display default output if (isset($_GET['cashid'])) { $OUTPUT = confirm($_GET['cashid']); } else { $OUTPUT = "<li class=err> Invalid use of mudule"; } } } else { # Display default output if (isset($_GET['cashid'])) { $OUTPUT = confirm($_GET['cashid']); } else { $OUTPUT = "<li class=err> Invalid use of mudule"; } } # get template require "../template.php"; function confirm($cashid) { # validate input require_lib("validate"); $v = new validate(); $v->isOk($cashid, "num", 1, 20, "Invalid Reference number."); # display errors, if any if ($v->isError()) { $confirm = "";