function onSubmit($vals)
{
//echo '<pre>';
//print_r ($vals);
//exit;
$duration = (strtotime($vals['ended']) - strtotime($vals['started'])) / 60 / 60;
$res = db_execute('insert into timetracker_entry
(id, project_id, task_description, started, duration)
values
(null, ?, ?, ?, ?)', $vals['project'], $vals['description'], $vals['started'], $duration);
if (!$res) {
return '<p>Unknown error: ' . db_error() . '</p>';
}
$eid = db_lastid();
if (!is_array($vals['users'])) {
$vals['users'] = preg_split('/, ?/', $vals['users']);
}
foreach ($vals['users'] as $user) {
db_execute('insert into timetracker_user_entry
(id, user_id, entry_id)
values
(null, ?, ?)', $user, $eid);
}
header('Location: ' . site_prefix() . '/index/timetracker-app/added.entry');
exit;
}
function onSubmit($vals)
{
// process the form
db_execute('INSERT INTO digger_comments (story, user, comment_date, comments) VALUES (?, ?, NOW(), ?)', $vals['id'], session_username(), $vals['comments']);
$cid = db_lastid();
// return back to main page
header('Location: /index/digger-comments-action/id.' . $vals['id'] . '#digger-comment-' . $cid);
exit;
}
function onSubmit($vals)
{
$ak = appconf('akismet_key');
if ($ak) {
loader_import('siteblog.Akismet');
$comment = array('author' => $vals['name'], 'email' => $vals['email'], 'website' => $vals['url'], 'body' => $vals['body'], 'permalink' => site_url() . '/index/siteblog-post-action/id.' . $vals['post'] . '/title.' . siteblog_filter_link_title($title), 'user_ip' => $_SERVER['REMOTE_ADDR'], 'user_agent' => $_SERVER['HTTP_USER_AGENT']);
$akismet = new Akismet(site_url(), $ak, $comment);
if (!$akismet->errorsExist()) {
// no errors
if ($akismet->isSpam()) {
// akismet says spam
$title = db_shift('select subject from siteblog_post where id = ?', $vals['post']);
db_execute('insert into siteblog_akismet values (null, ?, now(), ?, ?, ?, ?, ?, ?)', $vals['post'], $comment['author'], $comment['email'], $comment['website'], $comment['user_ip'], $comment['user_agent'], $comment['body']);
header('Location: ' . site_prefix() . '/index/siteblog-post-action/id.' . $vals['post'] . '/title.' . siteblog_filter_link_title($title));
exit;
}
}
}
if (!empty($vals['post'])) {
$res = db_execute('insert into siteblog_comment (id, child_of_post, body, date, author, email, url, ip) values (null, ?, ?, now(), ?, ?, ?, ?)', $vals['post'], $vals['body'], $vals['name'], $vals['email'], $vals['url'], $_SERVER['REMOTE_ADDR']);
if (!$res) {
die(db_error());
}
$id = db_lastid();
} else {
$res = db_execute('update siteblog_comment set body = ?, author = ?, email = ?, url = ? where id = ?', $vals['body'], $vals['name'], $vals['email'], $vals['url'], $vals['_key']);
if (!$res) {
die(db_error());
}
$id = $vals['_key'];
$vals['post'] = db_shift('select child_of_post from siteblog_comment where id = ?', $vals['_key']);
}
$title = db_shift('select subject from siteblog_post where id = ?', $vals['post']);
header('Location: ' . site_prefix() . '/index/siteblog-post-action/id.' . $vals['post'] . '/title.' . siteblog_filter_link_title($title) . '#siteblog-comment-' . $id);
exit;
}
$pdf->Cell(160, 4, $tax, 1, 0, 'R', 1, 0);
$pdf->SetFont('Arial', '', 8);
$pdf->Cell(20, 4, number_format((double) $taxes, 2), 1, 1, 'R');
$total += $taxes;
}
$pdf->SetFont('Arial', 'B', 8);
$pdf->Cell(160, 4, 'AMOUNT DUE', 1, 0, 'R', 1, 0);
$pdf->SetFont('Arial', '', 8);
$pdf->Cell(20, 4, number_format((double) $total, 2), 1, 1, 'R');
$pdf->Ln();
// gst number
//$pdf->Cell (0, 5, , 0, 1, 'R');
$pdf->MultiCell(0, 5, appconf('extra_info'), 0, 1, 'R');
$taxes = $total - $subtotal;
db_execute('insert into siteinvoice_invoice (id, client_id, name, sent_on, status, notice, subtotal, taxes, total, currency) values (null, ?, ?, now(), "unpaid", 0, ?, ?, ?, ?)', $cgi->client, $cgi->name, $subtotal, $taxes, $total, $cgi->currency);
$invoice_id = db_lastid();
$pdf->Output('inc/app/siteinvoice/data/' . $invoice_id . '.pdf');
umask(00);
chmod('inc/app/siteinvoice/data/' . $invoice_id . '.pdf', 0777);
if ($cgi->send_invoice == 'yes') {
// get client info
$client = db_single('select * from siteinvoice_client where id = ?', $cgi->client);
$client->invoice_no = $invoice_id;
$client->total = $total;
$client->currency = $cgi->currency;
// send email to client
loader_import('ext.phpmailer');
$mailer = new PHPMailer();
$mailer->isMail();
$mailer->From = appconf('company_email');
$mailer->FromName = appconf('company_email_name');
}
if (!$cgi->verify('key', 'regex', '/^[a-zA-Z0-9_-]+$/')) {
echo rpc_response(false);
exit;
}
if (session_is_resource($cgi->table) && !session_allowed($cgi->table, 'rw', 'resource')) {
echo rpc_response(false);
exit;
}
$items = preg_split('/, ?/', $cgi->items);
if (!$cgi->title) {
foreach ($items as $item) {
db_execute('insert into ' . $cgi->table . ' (' . $cgi->key . ') values (?)', $item);
}
echo rpc_response(true);
} else {
if (!$cgi->verify('title', 'regex', '/^[a-zA-Z0-9_-]+$/')) {
echo rpc_response(false);
exit;
}
$ids = array();
foreach ($items as $item) {
db_execute('insert into ' . $cgi->table . ' (' . $cgi->key . ', ' . $cgi->title . ') values (null, ?)', $item);
$i = new StdClass();
$i->value = db_lastid();
$i->text = $item;
$ids[] = $i;
}
echo rpc_response($ids);
}
exit;
<?php
if (!$parameters['body']) {
exit;
}
$res = db_execute('insert into sitetemplate_to_be_validated (id, body) values (null, ?)', $parameters['body']);
$id = db_lastid();
//header ('Location: http://www.hermish.com/check_this.cfm?URLtest=' . urlencode (site_domain () . site_prefix () .
//'/index/sitetemplate-viewer-action?id=' . $res) . '&p1=1&viewSource=1');
//exit;
echo template_simple('wai.spt', array('id' => $id));
exit;
function do_register()
{
$network = get_network();
switch ($_GET['status']) {
case 'check':
$user_or_code = get_user();
if (!$user_or_code) {
$user_or_code = get_code();
}
if (!$user_or_code) {
echo 'available';
} else {
echo 'taken';
}
return;
case 'new_code':
$sql = 'INSERT INTO ' . db_table('codes') . ' (network_id, username, password, valid_from, created, ' . access_control_fields() . ') ' . 'VALUES (' . $network['id'] . ',\'' . $_GET['user'] . '\',\'' . $_GET['pass'] . '\', now(), now(), ' . access_control_values($network, 'defcode') . ')';
$resource = 'codes';
break;
case 'new_user':
$sql = 'INSERT INTO ' . db_table('users') . ' (network_id, username, password, valid_from, created, ' . access_control_fields() . ') ' . 'VALUES (' . $network['id'] . ',\'' . $_GET['user'] . '\',\'' . $_GET['pass'] . '\', now(), now(), ' . access_control_values($network, 'defuser') . ')';
$resource = 'users';
break;
}
db_query($sql, false);
$id = db_lastid();
if ($id) {
$input = $_POST;
if (!$input) {
$input = file_get_contents("php://input");
}
$lines = preg_split("/\n+/", $input);
$attrs = array();
foreach ($lines as $line) {
$p = preg_split('/[=: ]+/', $line, 2);
if ($p[0] && $p[1]) {
$attrs[$p[0]] = $p[1];
}
}
save_attributes($id, $resource, $attrs);
}
}
function onSubmit($vals)
{
loader_import('cms.Versioning.Rex');
$rex = new Rex('sitewiki_page');
unset($vals['editing']);
unset($vals['instructions']);
unset($vals['security_test']);
unset($vals['submit_button']);
$vals['id'] = $vals['page'];
unset($vals['page']);
if ($this->new_page) {
$vals['created_on'] = date('Y-m-d H:i:s');
$vals['updated_on'] = date('Y-m-d H:i:s');
$vals['owner'] = session_username();
if (!$vals['owner']) {
$vals['owner'] = 'anonymous';
}
$vals2 = $vals;
unset($vals2['files']);
unset($vals2['file_1']);
unset($vals2['file_2']);
unset($vals2['file_3']);
$res = $rex->create($vals2, 'Page created.');
} else {
$vals['updated_on'] = date('Y-m-d H:i:s');
$vals2 = $vals;
unset($vals2['files']);
unset($vals2['file_1']);
unset($vals2['file_2']);
unset($vals2['file_3']);
$method = $rex->determineAction($vals['id']);
$res = $rex->{$method}($vals['id'], $vals2);
}
if (session_valid()) {
// handle files
$types = preg_split('/, ?/', appconf('allowed_file_types'));
if (is_object($vals['file_1'])) {
$info = pathinfo($vals['file_1']->name);
if (in_array(strtolower($info['extension']), $types)) {
db_execute('insert into sitewiki_file values (null, ?, ?, now(), ?)', $vals['id'], $vals['file_1']->name, session_username());
$file_id = db_lastid();
$vals['file_1']->move('inc/app/sitewiki/data', $vals['id'] . '_' . $file_id);
}
}
if (is_object($vals['file_2'])) {
$info = pathinfo($vals['file_2']->name);
if (in_array(strtolower($info['extension']), $types)) {
db_execute('insert into sitewiki_file values (null, ?, ?, now(), ?)', $vals['id'], $vals['file_2']->name, session_username());
$file_id = db_lastid();
$vals['file_2']->move('inc/app/sitewiki/data', $vals['id'] . '_' . $file_id);
}
}
if (is_object($vals['file_3'])) {
$info = pathinfo($vals['file_3']->name);
if (in_array(strtolower($info['extension']), $types)) {
db_execute('insert into sitewiki_file values (null, ?, ?, now(), ?)', $vals['id'], $vals['file_3']->name, session_username());
$file_id = db_lastid();
$vals['file_3']->move('inc/app/sitewiki/data', $vals['id'] . '_' . $file_id);
}
}
}
lock_remove('sitewiki_page', $vals['id']);
header('Location: ' . site_prefix() . '/index/sitewiki-app/show.' . $vals['id']);
exit;
}
/**
* Saves a message and adds the current subscribers to the queue to
* receive it.
*/
function send_message($subject, $body)
{
// 1. save message
db_execute('insert into messages (subject, date, body) values (%s, datetime("now"), %s)', $subject, $body);
$message_id = db_lastid();
// 2. get subscribers and add them to the queue
$subscribers = $this->list_subscribers();
foreach ($subscribers as $subscriber) {
//$_body = str_replace ('{email_address}', $subscriber->email, $body);
$this->add_to_queue($subscriber->email, $message_id, $subject, $body);
}
}
/**
* Inserts a record into the database with the specified values. If $isAuto
* is set, returns the primary key of the new record.
*
* @access public
* @param array hash or object
* @return boolean
*/
function add($struct)
{
$args = func_get_args();
if (count($args) > 1) {
$struct = $args;
} elseif (is_object($struct)) {
$struct = (array) $struct;
}
$sql = 'INSERT INTO ' . $this->table;
if (is_string(array_shift(array_keys($struct)))) {
$sql .= ' (';
$sql .= join(', ', array_keys($struct));
$sql .= ')';
}
$sql .= ' VALUES (';
$bind = array();
$sep = '';
foreach ($struct as $value) {
$sql .= $sep . '?';
$bind[] = $value;
$sep = ', ';
}
$sql .= ')';
$res = db_execute($sql, $bind);
if (!$res) {
$this->error = db_error();
return false;
}
if ($this->isAuto) {
return db_lastid();
}
return true;
}
