function insert($table, $params)
{
try {
$values = array();
foreach ($params as $k => $V) {
$values[] = ":" . $k;
}
$con = connect();
$strValues = implode(",", $values);
$stmt = $con->prepare("INSERT INTO {$table} VALUES({$strValues})");
foreach ($params as $k => $v) {
$stmt->bindValue($k, $v);
}
$stmt->execute();
} catch (Exception $e) {
dbLog($e->getMessage());
}
}
function dbQuery($sql, $params = NULL)
{
global $dbConn;
if (dbLog($sql, true)) {
return;
}
$result = NULL;
try {
if (isset($params)) {
$result = $dbConn->prepare($sql);
$result->execute($params);
} else {
$result = $dbConn->query($sql);
}
} catch (PDOException $e) {
Fatal("SQL-ERR '" . $e . getMessage() . "', statement was '" . $sql . "'");
}
return $result;
}
function dbNumRows($sql)
{
dbLog($sql);
if (!($result = mysql_query($sql))) {
dbError($sql);
}
return mysql_num_rows($result);
}
// exclusive lock
if (flock($file, LOCK_EX)) {
fwrite($file, '<?xml version="1.0" encoding="iso-8859-7"?>' . "\n");
fwrite($file, "<Records>\n");
foreach ($events as $event) {
fwrite($file, "\t<Event>\n");
fwrite($file, "\t\t<Year>" . substr($event['date'], 0, 4) . "</Year>\n");
fwrite($file, "\t\t<Month>" . getMonth(substr($event['date'], 5, 2)) . "</Month>\n");
fwrite($file, "\t\t<Day>" . sprintf("%d", substr($event['date'], 8, 2)) . "</Day>\n");
fwrite($file, "\t\t<Desc_en>" . htmlspecialchars($event['msg_en'], ENT_QUOTES) . "</Desc_en>\n");
fwrite($file, "\t\t<Desc_gr>" . htmlspecialchars($event['msg_gr'], ENT_QUOTES) . "</Desc_gr>\n");
fwrite($file, "\t\t<Link>" . htmlspecialchars($event['link'], ENT_QUOTES) . "</Link>\n");
fwrite($file, "\t</Event>\n");
}
fwrite($file, "</Records>\n");
flock($file, LOCK_UN);
$connection = dbConnect();
dbLog('update XML event file', $connection);
} else {
echo 'Error locking file!';
}
fclose($file);
header('Location: manageevents.php');
}
}
}
}
$title = 'Foss UoA - Κοινότητα Ανοιχτού Λογισμικού Καποδιστριακού Πανεπιστημίου Αθηνών - Manage Events';
$bodyfile = 'dot_body/manageevents.body';
$lang = 'gr';
require '../template.txt';
$verif = 0;
} else {
if ($ModUltimoEstado == 4) {
while ($i < count($ModRightValues)) {
$sentenciaInsertObs = "INSERT INTO AM.ALLT_OBSERVACIONES (ALOS_NU_ID, ALOS_ALES_NU_OBS, ALOS_ALTR_NU_COD_RECHAZO, ALOS_CD_MOTIVO_RECHAZO, ALOS_CD_TIPO_RECHAZO, ALOS_CD_RESPONSABLE) VALUES (AM.ALLQ_ALOS_SEQ.NEXTVAL, AM.ALLQ_ALES_SEQ.CURRVAL, '{$ModRightValues[$i]}', NULL, NULL, NULL)";
$sentenciaInsertObsExec = oci_parse($c, $sentenciaInsertObs);
$errorInsert = @oci_execute($sentenciaInsertObsExec);
if (!$errorInsert) {
$e = oci_error($sentenciaInsertObsExec);
$message = $e['message'];
$error = "Error. {$message}";
} else {
$resultLog = dbLog("AM", "ALLT_OBSERVACIONES", "INSERT", "{$sentenciaInsertObs}");
}
$i++;
}
$resultLog = dbLog("AM", "ALLT_ESTADOS", "INSERT", "Registro {$ModID} ingresado por {$user} ({$apellido}, {$nombre}).");
oci_free_statement($sentenciaInsertExec);
oci_free_statement($sentenciaInsertObsExec);
} else {
$resultLog = dbLog("AM", "ALLT_ESTADOS", "INSERT", "Registro {$ModID} ingresado por {$user} ({$apellido}, {$nombre}).");
oci_free_statement($sentenciaInsertExec);
}
}
if ($verif == 0) {
$respuesta->estado = false;
$respuesta->mensaje = $error;
} else {
$respuesta->estado = true;
}
echo json_encode($respuesta);
$user = $_SESSION["username"];
$apellido = $_SESSION["APELLIDO"];
$nombre = $_SESSION["NOMBRE"];
$ModID = $_REQUEST['ModID'];
$ModIDObservacion = $_REQUEST['ModIDObservacion'];
$ModObservacion = $_REQUEST['ModObservacion'];
$ModTipo = $_REQUEST['ModTipo'];
$ModResponsable = $_REQUEST['ModResponsable'];
$respuesta = new stdClass();
$verif = 1;
/*Actualizo la observacion*/
$sentenciaUpdate = "UPDATE AM.ALLT_OBSERVACIONES SET ALOS_CD_MOTIVO_RECHAZO = UPPER(TRIM('{$ModObservacion}')), ALOS_CD_TIPO_RECHAZO = {$ModTipo}, ALOS_CD_RESPONSABLE = {$ModResponsable} WHERE ALOS_NU_ID = {$ModIDObservacion}";
$sentenciaUpdateExec = oci_parse($c, $sentenciaUpdate);
$errorUpdate = @oci_execute($sentenciaUpdateExec);
if (!$errorUpdate) {
$e = oci_error($sentenciaUpdateExec);
$message = $e['message'];
$error = "Error al actualizar la observacion {$ModID}. Ver Logs.";
$resultLog = dbLog("AM", "ALLT_OBSERVACIONES", "UPDATE", "Error {$ModID}: {$message}.");
$verif = 0;
} else {
$resultLog = dbLog("AM", "ALLT_OBSERVACIONES", "UPDATE", "Observacion {$ModID} actualizado por {$user} ({$apellido}, {$nombre}).");
oci_free_statement($sentenciaUpdateExec);
}
if ($verif == 0) {
$respuesta->estado = false;
$respuesta->mensaje = $error;
} else {
$respuesta->estado = true;
}
echo json_encode($respuesta);
$emptyPass = false;
$valid_err = false;
// LOGIN
if (isset($_POST['loginForm'])) {
if (empty($_POST['username'])) {
$emptyName = true;
}
if (empty($_POST['pass'])) {
$emptyPass = true;
}
if (!$emptyName && !$emptyPass) {
$connection = dbConnect();
$query = sprintf("SELECT * FROM web_admins WHERE username='******'", dbEsc($_POST['username']));
$res = dbQuery($query, $connection);
if (crypt($_POST['pass'], $res[0]['pass']) == $res[0]['pass']) {
$_SESSION['loggedIn'] = true;
$_SESSION['username'] = $res[0]['username'];
$_SESSION['postLang'] = 'gr';
$_SESSION['feedLang'] = 'gr';
dbLog('login', $connection);
header('Location: admincp.php');
} else {
dbLog('failed login', $connection);
$valid_err = true;
}
}
}
$title = 'Foss UoA - Κοινότητα Ανοιχτού Λογισμικού Καποδιστριακού Πανεπιστημίου Αθηνών - Admin Login';
$bodyfile = 'dot_body/adminlogin.body';
$lang = 'gr';
require '../template.txt';
fwrite($file, "\t<title>Foss UoA RSS Feed" . ($type == 'General RSS' ? '' : ' - Meetings\' RSS') . "</title>\n");
fwrite($file, "\t<description>Foss UoA RSS Feed" . ($type == 'General RSS' ? '' : ' - Meetings\' RSS') . "</description>\n");
fwrite($file, "\t<copyright>2008-2009 Refsnes Data as. All rights reserved.</copyright>\n");
foreach ($entries as $entry) {
fwrite($file, "\t<item>\n");
fwrite($file, "\t\t<title>" . htmlspecialchars($entry['title'], ENT_QUOTES) . "</title>\n");
fwrite($file, "\t\t<link>" . htmlspecialchars($entry['link'], ENT_QUOTES) . "</link>\n");
fwrite($file, "\t\t<description>" . htmlspecialchars($entry['description'], ENT_QUOTES) . "</description>\n");
fwrite($file, "\t\t<guid isPermaLink=\"false\">foss-uoa/gr/rss/item_" . $entry['id'] . "</guid>\n");
fwrite($file, "\t\t<author>foss.uoa@gmail.com</author>\n");
fwrite($file, "\t\t<pubDate>" . substr($entry['date'], 8, 2) . " " . substr($entry['date'], 5, 2) . " " . substr($entry['date'], 0, 4) . "</pubDate>\n");
fwrite($file, "\t</item>\n");
}
fwrite($file, "</channel>\n");
fwrite($file, "</rss>\n");
flock($file, LOCK_UN);
$connection = dbConnect();
dbLog('update ' . $_SESSION['feedLang'] . ' ' . $type . ' RSS file', $connection);
} else {
die('Error locking file!');
}
fclose($file);
header('Location: managefeeds.php');
}
}
}
}
$title = 'Foss UoA - Κοινότητα Ανοιχτού Λογισμικού Καποδιστριακού Πανεπιστημίου Αθηνών - Manage Feeds';
$bodyfile = 'dot_body/managefeeds.body';
$lang = 'gr';
require '../template.txt';
if (isset($_POST['editPostForm'])) {
if (empty($_POST['title'])) {
$emptyTitle = true;
}
if (empty($_POST['body'])) {
$emptyBody = true;
}
$errors = $emptyTitle || $emptyBody;
if (!$errors && !isset($_POST['preview'])) {
$mid = preg_replace("/[^0-9]/", "", htmlentities($_GET['mid'], ENT_QUOTES));
$connection = dbConnect();
$query = sprintf("UPDATE posts SET web_admins_username='******', title='%s', edit_date='%s', body='%s', lang='%s' WHERE id=%s", $_SESSION['username'], dbEsc($_POST['title']), date("Y-m-d"), dbEsc($_POST['body']), $_SESSION['postLang'], $mid);
dbUpdate($query, $connection);
dbLog('edit post ' . $mid, $connection);
header('Location: manageposts.php');
}
} else {
if (isset($_GET['action']) && $_GET['action'] === "delete") {
$mid = preg_replace("/[^0-9]/", "", htmlentities($_GET['mid'], ENT_QUOTES));
$connection = dbConnect();
$query = sprintf("UPDATE posts SET deleted=true WHERE id=%s", $mid);
dbUpdate($query, $connection);
dbLog('delete post ' . $mid, $connection);
header('Location: manageposts.php');
}
}
}
$title = 'Foss UoA - Κοινότητα Ανοιχτού Λογισμικού Καποδιστριακού Πανεπιστημίου Αθηνών - Manage Posts';
$bodyfile = 'dot_body/manageposts.body';
$lang = 'gr';
require '../template.txt';
if (empty($_POST['pass2'])) {
$emptyPassword2 = true;
}
if (!$emptyPassword1 && !$emptyPassword2 && $_POST['pass1'] !== $_POST['pass2']) {
$passMismatch = true;
}
$errors = $emptyCurrent || $emptyName || $emptyPassword1 || $emptyPassword2;
if (!$errors) {
$connection = dbConnect();
$query = sprintf("SELECT pass FROM web_admins WHERE username='******'", $_SESSION['username']);
$res = dbQuery($query, $connection);
if (crypt($_POST['current'], $res[0]['pass']) != $res[0]['pass']) {
$valid_err = true;
}
}
$errors = $errors || $valid_err || $passMismatch;
if (!$errors) {
$newpass = crypt($_POST['pass1']);
$query = sprintf("INSERT INTO web_admins (username, pass) VALUES('%s', '%s')", $_POST['username'], $newpass);
dbUpdate($query, $connection);
dbLog('add site admin ' . $_POST['username'], $connection);
header('Location: admincp.php');
}
}
} else {
$title .= 'Admin Control Panel';
$bodyfile = 'dot_body/admincp.body';
}
}
$lang = 'gr';
require '../template.txt';
