Esempio n. 1
0
function snippet_data_get_license_from_id($license_id)
{
    $license_id = (int) $license_id;
    $sql = "SELECT license_name FROM snippet_license WHERE license_id=" . db_ei($license_id);
    $result = db_query($sql);
    return db_result($result, 0, 0);
}
Esempio n. 2
0
function forum_show_nested_messages($thread_id, $msg_id)
{
    global $total_rows, $Language;
    $sql = "SELECT user.user_name,forum.has_followups,user.realname,user.user_id,forum.msg_id,forum.group_forum_id,forum.subject,forum.thread_id,forum.body,forum.date,forum.is_followup_to, forum_group_list.group_id " . "FROM forum,user,forum_group_list WHERE forum.thread_id=" . db_ei($thread_id) . " AND user.user_id=forum.posted_by AND forum.is_followup_to=" . db_ei($msg_id) . " AND forum_group_list.group_forum_id = forum.group_forum_id " . "ORDER BY forum.date ASC;";
    $result = db_query($sql);
    $rows = db_numrows($result);
    $ret_val = '';
    if ($result && $rows > 0) {
        $ret_val .= '
			<UL>';
        /*
        	iterate and show the messages in this result
        	for each message, recurse to show any submessages
        */
        for ($i = 0; $i < $rows; $i++) {
            //	increment the global total count
            $total_rows++;
            //	show the actual nested message
            $ret_val .= forum_show_a_nested_message($result, $i) . '<P>';
            if (db_result($result, $i, 'has_followups') > 0) {
                //	Call yourself if there are followups
                $ret_val .= forum_show_nested_messages($thread_id, db_result($result, $i, 'msg_id'));
            }
        }
        $ret_val .= '
			</UL>';
    }
    return $ret_val;
}
Esempio n. 3
0
 function display($data)
 {
     echo '<fieldset><legend style="font-size:1.2em;">Choose the template of the project</legend>';
     include $GLOBALS['Language']->getContent('project/template');
     $rows = db_numrows($this->db_templates);
     if ($rows > 0) {
         //echo '<h3>From templates</h3><blockquote>';
         $GLOBALS['HTML']->box1_top($GLOBALS['Language']->getText('register_template', 'choose'));
         print '
       <TABLE width="100%">';
         for ($i = 0; $i < $rows; $i++) {
             $this->_displayProject(db_result($this->db_templates, $i, 'group_id'), db_result($this->db_templates, $i, 'group_name'), db_result($this->db_templates, $i, 'register_time'), db_result($this->db_templates, $i, 'unix_group_name'), db_result($this->db_templates, $i, 'short_description'));
         }
         print '</TABLE>';
         $GLOBALS['HTML']->box1_bottom();
         //echo '</blockquote>';
     }
     //{{{ Projects where current user is admin
     $result = db_query("SELECT groups.group_name AS group_name, " . "groups.group_id AS group_id, " . "groups.unix_group_name AS unix_group_name, " . "groups.register_time AS register_time, " . "groups.short_description AS short_description " . "FROM groups, user_group " . "WHERE groups.group_id = user_group.group_id " . "AND user_group.user_id = '" . user_getid() . "' " . "AND user_group.admin_flags = 'A' " . "AND groups.status='A' ORDER BY group_name");
     echo db_error($result);
     $rows = db_numrows($result);
     if ($result && $rows) {
         include $GLOBALS['Language']->getContent('project/template_my');
         echo '<br />';
         $GLOBALS['HTML']->box1_top($GLOBALS['Language']->getText('register_template', 'choose_admin'));
         print '<TABLE width="100%">';
         for ($i = 0; $i < $rows; $i++) {
             $this->_displayProject(db_result($result, $i, 'group_id'), db_result($result, $i, 'group_name'), db_result($result, $i, 'register_time'), db_result($result, $i, 'unix_group_name'), db_result($result, $i, 'short_description'));
         }
         print '</TABLE>';
         $GLOBALS['HTML']->box1_bottom();
     }
     //}}}
     echo '</fieldset>';
 }
Esempio n. 4
0
function display($label, $date)
{
    echo "<td>{$label}</td>";
    $datestr = date('j/m/y H:i', $date);
    echo "<td>{$datestr}</td>";
    $res = db_query("SELECT count(*) access FROM user WHERE last_access_date >= {$date}");
    if (db_numrows($res)) {
        $cntlast = db_result($res, 0, 'access');
    }
    echo "<td>{$cntlast}</td>";
    $res = db_query("SELECT count(*) access FROM user WHERE last_access_date >= {$date} AND email LIKE '*****@*****.**'");
    if (db_numrows($res)) {
        $cntft = db_result($res, 0, 'access');
    }
    $percentft = round($cntft * 100 / $cntlast, 2);
    echo "<td>{$cntft} en @orange.com [{$percentft} %]</td>";
    $res = db_query("SELECT count(*) access FROM user WHERE last_access_date >= {$date} AND email LIKE '*****@*****.**'");
    if (db_numrows($res)) {
        $cntext = db_result($res, 0, 'access');
    }
    $percentext = round($cntext * 100 / $cntlast, 2);
    echo "<td>dont {$cntext} en .ext@orange.com [{$percentext} %]</td>";
    $cntother = $cntlast - $cntft;
    $percentother = round($cntother * 100 / $cntlast, 2);
    echo "<td>et autres {$cntother} [{$percentother} %]</td>";
}
Esempio n. 5
0
 private function __mergeWithExisting(&$edit)
 {
     if (1 != db_result(db_query("SELECT COUNT(*) FROM {vocabulary} WHERE name = '%s'", $edit['name']))) {
         return;
     }
     $edit['vid'] = db_result(db_query("SELECT vid FROM {vocabulary} WHERE name = '%s'", $edit['name']));
 }
Esempio n. 6
0
function faq_count_query($p_project_id)
{
    global $g_mantis_faq_table;
    $query = "SELECT COUNT(*)\n\t\t\t\tFROM {$g_mantis_faq_table}\n\t\t\t\tWHERE project_id='{$p_project_id}' OR project_id='0000000'";
    $result = db_query_bound($query);
    return db_result($result, 0, 0);
}
Esempio n. 7
0
    function run($max_time) {
        foreach (array(
                'registration-staff', 'pwreset-staff', 'banner-staff',
                'registration-client', 'pwreset-client', 'banner-client',
                'registration-confirm', 'registration-thanks',
                'access-link') as $type) {
            $i18n = new Internationalization();
            $tpl = $i18n->getTemplate("templates/page/{$type}.yaml");
            if (!($page = $tpl->getData()))
                // No such template on disk
                continue;

            if ($id = db_result(db_query('select id from '.PAGE_TABLE
                    .' where `type`='.db_input($type))))
                // Already have a template for the content type
                continue;

            $sql = 'INSERT INTO '.PAGE_TABLE.' SET type='.db_input($type)
                .', name='.db_input($page['name'])
                .', body='.db_input($page['body'])
                .', lang='.db_input($tpl->getLang())
                .', notes='.db_input($page['notes'])
                .', created=NOW(), updated=NOW(), isactive=1';
            db_query($sql);
        }
        // Set the content_id for all the new items
        db_query('UPDATE '.PAGE_TABLE
            .' SET `content_id` = `id` WHERE `content_id` = 0');
    }
Esempio n. 8
0
function get_themename($theme_id = 0)
{
    global $THEME_NAME;
    // use current theme if one is not passed in
    if (!$theme_id) {
        return $THEME_NAME ? $THEME_NAME["theme_{$theme_id}"] : $GLOBALS['sys_theme'];
    } else {
        if ($THEME_NAME["theme_{$theme_id}"]) {
            //theme name was fetched previously
            return $THEME_NAME["theme_{$theme_id}"];
        } else {
            //fetch the theme name and store it for future reference
            $result = db_query("SELECT theme_id,fullname FROM themes WHERE theme_id='{$theme_id}'");
            if ($result && db_numrows($result) > 0) {
                //valid theme - store and return
                $THEME_NAME["theme_{$theme_id}"] = db_result($result, 0, "fullname");
                return $THEME_NAME["theme_{$theme_id}"];
            } else {
                //invalid theme - store and return
                $THEME_NAME["theme_{$theme_id}"] = "<B>Invalid Theme ID</B>";
                return $THEME_NAME["theme_{$theme_id}"];
            }
        }
    }
}
Esempio n. 9
0
 function Widget_MySurveys()
 {
     $this->Widget('mysurveys');
     $no_survey = true;
     // Get id and title of the survey that will be promoted to user page. default = survey whose id=1
     if ($GLOBALS['sys_my_page_survey']) {
         $developer_survey_id = $GLOBALS['sys_my_page_survey'];
     } else {
         $developer_survey_id = "1";
     }
     $survey = SurveySingleton::instance();
     $sql = "SELECT * from surveys WHERE survey_id=" . db_ei($developer_survey_id);
     $result = db_query($sql);
     $group_id = db_result($result, 0, 'group_id');
     $purifier = Codendi_HTMLPurifier::instance();
     $survey_title = $purifier->purify($survey->getSurveyTitle(db_result($result, 0, 'survey_title')));
     // Check that the survey is active
     $devsurvey_is_active = db_result($result, 0, 'is_active');
     if ($devsurvey_is_active == 1) {
         $sql = "SELECT * FROM survey_responses " . "WHERE survey_id='" . db_ei($developer_survey_id) . "' AND user_id='" . db_ei(user_getid()) . "'";
         $result = db_query($sql);
         if (db_numrows($result) < 1) {
             $no_survey = false;
             $this->content .= '<a href="/survey/survey.php?group_id=' . $group_id . '&survey_id=' . $developer_survey_id . '">' . $survey_title . '</a>';
         }
     }
     if ($no_survey) {
         $this->content .= $GLOBALS['Language']->getText('my_index', 'no_survey');
     }
 }
Esempio n. 10
0
    /**
     * getRows - get the html output for result rows
     *
     * @return string html output
     */
    function getRows()
    {
        $rowsCount = $this->searchQuery->getRowsCount();
        $result =& $this->searchQuery->getResult();
        $monthArray = array();
        for ($i = 1; $i <= 12; $i++) {
            array_push($monthArray, date('M', mktime(0, 0, 0, $i, 10, 1980)));
        }
        $return = '';
        for ($i = 0; $i < $rowsCount; $i++) {
            $start = db_result($result, $i, 'start');
            $startYear = substr($start, 0, 4);
            $startMonth = substr($start, 4, 2);
            $finish = db_result($result, $i, 'finish');
            $finishYear = substr($finish, 0, 4);
            $finishMonth = substr($finish, 4, 2);
            $return .= '
			<tr ' . $GLOBALS['HTML']->boxGetAltRowStyle($i) . '>
				<td>' . util_make_link_u(db_result($result, $i, 'user_name'), db_result($result, $i, 'user_id'), db_result($result, $i, 'realname')) . '</td>
				<td>' . db_result($result, $i, 'type_name') . '</td>
				<td>' . db_result($result, $i, 'title') . '</td>
				<td>' . db_result($result, $i, 'keywords') . '</td>
				<td>' . $monthArray[$startMonth - 1] . ' ' . $startYear . '</td>
				<td>' . $monthArray[$finishMonth - 1] . ' ' . $finishYear . '</td>
			<tr>';
        }
        return $return;
    }
Esempio n. 11
0
function sigControl()
{
    global $pref, $board_time;
    $r_log = db_query("SELECT\n         user_ismod,\n         user_isadmin,\n         ad_sig,\n         ad_time\n     FROM " . $pref . "user WHERE user_id='{$_SESSION['userid']}'");
    if (db_rows($r_log) != 1) {
        return 0;
    } else {
        $a_log = db_result($r_log);
        $ismod = 0;
        if ($a_log['user_ismod'] == 1 || $a_log['user_isadmin'] == 1) {
            $ismod = 1;
        }
        $sigok = 0;
        if ($a_log['ad_sig'] == $_SESSION['adsig']) {
            $sigok = 1;
        }
        $timeok = 0;
        if ($a_log['ad_time'] > $board_time - 600) {
            $timeok = 1;
        }
        if ($ismod == 1 && $sigok == 1 && $timeok == 1) {
            return 1;
        } else {
            return 0;
        }
    }
}
Esempio n. 12
0
function gbook_content()
{
    global $p;
    $result = db_result("SELECT * FROM " . DB_PREFIX . "guestbook ORDER BY date DESC LIMIT " . @$p * 10 . ",10");
    $text = "<a name=\"content\" ></a>\r\n";
    $o = 1;
    while ($row = mysql_fetch_object($result)) {
        $text .= "<div class=\"gb_content\">\r\n\t<div class=\"gb_content_info\">\r\n\t\t<span class=\"gb_content_info_name\">";
        if ($row->mail != "") {
            $text .= "<a href=\"mailto:" . $row->mail . "\">" . $row->name . "</a>";
        } else {
            $text .= $row->name;
        }
        $text .= "</span>\r\n";
        if ($row->icq != '') {
            $text .= "\t\t<span class=\"gb_content_info_icq\">\r\n\t\t\t<a href=\"http://wwp.icq.com/scripts/search.dll?to=" . $row->icq . "\" target=\"_blank\">\r\n\t\t\t\t<img width=\"18\"  height=\"18\" class=\"gb_content_info_icq\" src=\"http://status.icq.com/online.gif?icq=" . $row->icq . "&amp;img=5\" alt=\"ICQ-Status\"/>\r\n\t\t\t</a>\r\n\t\t</span>\r\n";
        }
        if ($row->homepage != '') {
            $text .= "\t\t<span class=\"gb_content_info_homepage\">\r\n\t\t\t<a href=\"http://" . $row->homepage . "\">Homepage</a>\r\n\t\t</span>\r\n";
        }
        $text .= "\t</div>\r\n";
        $time = date('H:i:s', $row->date);
        if ($time == '00:00:00') {
            $time = '';
        }
        $text .= "\t<div class=\"gb_content_text\">" . replace_smilies(nl2br(htmlspecialchars($row->message))) . "\r\n\t\t<div class=\"gb_content_date\">" . date('d.m.Y', $row->date) . "&nbsp;" . $time . "</div>\r\n\t</div>\r\n</div>\r\n\r\n";
        $o++;
    }
    return $text;
}
Esempio n. 13
0
function actual_online()
{
    global $internal_counter_online_text, $internal_counter_online;
    $sql = "SELECT * \n\t\t\tFROM " . DB_PREFIX . "online";
    $result = db_result($sql);
    $internal_counter_online = mysql_num_rows($result);
    //
    // FIX ME: no language
    //
    $lang = 'de';
    $temp = $lang . '_count';
    global ${$temp}, ${$lang};
    $text_array = ${$temp};
    $plural_array = ${$lang};
    if (count($text_array) - 1 > $internal_counter_online) {
        $text = $text_array[$internal_counter_online];
    } else {
        $text = $internal_counter_online;
    }
    if ($internal_counter_online > 1) {
        $internal_counter_online_text = $plural_array[1] . ' ' . $text;
    } else {
        $internal_counter_online_text = $plural_array[0] . ' ' . $text;
    }
}
Esempio n. 14
0
function del_same_editor_rights()
{
    /*Проверка прав на выполнение действия*/
    if (!check_rights('add_same_editor_rights')) {
        return "У вас нет соответствующих прав";
    }
    /*Получаем и проверяем данные от пользователя*/
    $editor_id = (int) $_GET['editor'];
    /*Получаем и проверяем данные от пользователя*/
    $user_id = (int) $_GET['user'];
    /*Проверка входных данных*/
    if (db_easy_count("SELECT * FROM `phpbb_users` WHERE `user_id`={$editor_id} AND `timetable_editor`=1") == 0) {
        return "Ошибка в формате входных данных (editor)";
    }
    /*Проверка входных данных*/
    if (db_easy_count("SELECT * FROM `phpbb_users` WHERE `user_id`={$user_id}") == 0) {
        return "Ошибка в формате входных данных (user)";
    }
    //Запрос к базе
    if (db_easy_count("SELECT * FROM `phpbb_timetable_editors_rights` WHERE `user_id`={$user_id} AND `editor_id`={$editor_id}") > 0) {
        $insertRES = db_query("DELETE FROM `phpbb_timetable_editors_rights` WHERE `user_id`={$user_id} AND `editor_id`={$editor_id}");
    }
    /*Проверка правильности выполнения запроса к БД*/
    if (!db_result($insertRES)) {
        return "Ошибка при выполнении (DELETE)";
    }
    //Выполняем HTTP запрос
    header("location: /manager.php?action=show_timetable_rights");
}
Esempio n. 15
0
function page_admin_edit($table, $field, $id)
{
    use_template("admin");
    requires_admin();
    global $tables;
    if (!isset($tables[$table]['liveedit'])) {
        die("can't edit this table tables[{$table}]['liveedit'] not set");
    }
    if (form_post("editor1")) {
        $html = form_post("editor1");
        $html = str_replace('\\"', '"', $html);
        $html = str_replace("\\'", "'", $html);
        $f = "on_{$table}_{$field}_update";
        if (function_exists($f)) {
            $f($id, $html);
        }
        db_query("UPDATE %s SET %s='%s' WHERE id=%d", $table, $field, $html, $id);
        if (CLOSE_ON_SAVE) {
            die("<script> window.close();</script>");
        }
    }
    $content = db_result(db_query("SELECT %s FROM %s WHERE id=%d", $field, $table, $id));
    $o = template("tinymce", "content", $content);
    return $o;
}
Esempio n. 16
0
function delete_right()
{
    /*Проверка прав на выполнение действия*/
    if (!check_rights('delete_right')) {
        return "У вас нет соответствующих прав";
    }
    //Определяем переменную
    $user_id = (int) $_GET['user'];
    /*Получаем и проверяем данные от пользвователя*/
    $right_id = (int) $_GET['right'];
    /*Проверка входных данных*/
    if (db_easy_count("SELECT * FROM `phpbb_users` WHERE `user_id`={$user_id}") == 0) {
        return "Ошибка входных данных (user)";
    }
    /*Проверка входных данных*/
    if (db_easy_count("SELECT * FROM `phpbb_rights` WHERE `id`='{$right_id}'") == 0) {
        return "Ошибка в формате входных данных (right)";
    }
    //Запрос к базе
    $delRES = db_query("DELETE FROM `phpbb_rights_users` WHERE `user_id`={$user_id} AND `right_id`={$right_id}");
    /*Проверка правильности выполнения запроса к БД*/
    if (!db_result($delRES)) {
        return "Ошибка при выполнении (delete)";
    }
    //Выполняем HTTP запрос
    header("location: /manager.php?action=show_rights");
}
Esempio n. 17
0
/**
return data:

	$array[success]=true;
	$array[session_hash]=jkjkjkjkjkjkjkj;
	$array[subprojects]=array(
						55=>'Subproject 1', 
						77=>'Subproject2'
						);

**OR**

	$array[success]=false;
	$array[errormessage]='Bad Password';
*/
function &MSPLogin($username, $password)
{
    global $feedback, $session_ser, $sys_database_type;
    $success = session_login_valid(strtolower($username), $password);
    if ($success) {
        $array['success'] = true;
        $array['session_hash'] = $session_ser;
        if ($sys_database_type == "mysql") {
            $sql = "SELECT pgl.group_project_id, CONCAT(g.group_name, ': ', pgl.project_name) AS name";
        } else {
            $sql = "SELECT pgl.group_project_id, g.group_name || ': ' || pgl.project_name AS name";
        }
        $sql .= "\n\t\t\tFROM groups g, project_group_list pgl, role_setting rs, user_group ug\n\t\t\tWHERE ug.user_id='" . user_getid() . "' \n\t\t\tAND g.group_id=pgl.group_id\n\t\t\tAND rs.value::integer > 0\n\t\t\tAND rs.group_project_id = pgl.group_project_id\n                        AND ug.role_id = rs.role_id\n                        AND rs.section_name='pm'";
        $res = db_query($sql);
        $rows = db_numrows($res);
        if (!$res || $rows < 1) {
            $array['success'] = false;
            $array['errormessage'] = 'No Subprojects Found';
        } else {
            for ($i = 0; $i < $rows; $i++) {
                $array['subprojects'][db_result($res, $i, 'group_project_id')] = db_result($res, $i, 'name');
            }
        }
    } else {
        $array['success'] = false;
        $array['errormessage'] = $feedback;
    }
    printr($array, 'MSPLogin::return-array');
    return $array;
}
Esempio n. 18
0
function transform($x, $y, $oldEPSG, $newEPSG)
{
    if (is_null($x) || !is_numeric($x) || is_null($y) || !is_numeric($y) || is_null($oldEPSG) || !is_numeric($oldEPSG) || is_null($newEPSG) || !is_numeric($newEPSG)) {
        return null;
    }
    if (SYS_DBTYPE == 'pgsql') {
        $con = db_connect(DBSERVER, OWNER, PW);
        $sqlMinx = "SELECT X(transform(GeometryFromText('POINT(" . pg_escape_string($x) . " " . pg_escape_string($y) . ")'," . pg_escape_string($oldEPSG) . ")," . pg_escape_string($newEPSG) . ")) as minx";
        $resMinx = db_query($sqlMinx);
        $minx = floatval(db_result($resMinx, 0, "minx"));
        $sqlMiny = "SELECT Y(transform(GeometryFromText('POINT(" . pg_escape_string($x) . " " . pg_escape_string($y) . ")'," . pg_escape_string($oldEPSG) . ")," . pg_escape_string($newEPSG) . ")) as miny";
        $resMiny = db_query($sqlMiny);
        $miny = floatval(db_result($resMiny, 0, "miny"));
    } else {
        $con_string = "host=" . GEOS_DBSERVER . " port=" . GEOS_PORT . " dbname=" . GEOS_DB . "user="******"password="******"Error while connecting database");
        /*
         * @security_patch sqli done
         */
        $sqlMinx = "SELECT X(transform(GeometryFromText('POINT(" . pg_escape_string($x) . " " . pg_escape_string($y) . ")'," . pg_escape_string($oldEPSG) . ")," . pg_escape_string($newEPSG) . ")) as minx";
        $resMinx = pg_query($con, $sqlMinx);
        $minx = floatval(pg_fetch_result($resMinx, 0, "minx"));
        $sqlMiny = "SELECT Y(transform(GeometryFromText('POINT(" . pg_escape_string($x) . " " . pg_escape_string($y) . ")'," . pg_escape_string($oldEPSG) . ")," . pg_escape_string($newEPSG) . ")) as miny";
        $resMiny = pg_query($con, $sqlMiny);
        $miny = floatval(pg_fetch_result($resMiny, 0, "miny"));
    }
    return array("x" => $minx, "y" => $miny);
}
Esempio n. 19
0
/**
 * Convert project repository data.
 */
function cvs_to_versioncontrol_project_update_2()
{
    // This determines how many projects will be processed in each batch run. A reasonable
    // default has been chosen, but you may want to tweak depending on your setup.
    $limit = 100;
    // Multi-part update
    if (!isset($_SESSION['cvs_to_versioncontrol_project_update_2'])) {
        $_SESSION['cvs_to_versioncontrol_project_update_2'] = 0;
        $_SESSION['cvs_to_versioncontrol_project_update_2_max'] = db_result(db_query("SELECT COUNT(*) FROM {cvs_projects}"));
    }
    // Pull the next batch of users.
    $projects = db_query_range("SELECT p.nid, p.rid, p.directory, r.modules FROM {cvs_projects} p INNER JOIN {cvs_repositories} r ON p.rid = r.rid ORDER BY p.nid", $_SESSION['cvs_to_versioncontrol_project_update_2'], $limit);
    // Loop through each project.
    while ($project = db_fetch_object($projects)) {
        // Add the repo module, and chop off the trailing slash.
        $directory = '/' . trim($project->modules) . drupal_substr($project->directory, 0, drupal_strlen($project->directory) - 1);
        db_query("INSERT INTO {versioncontrol_project_projects} (nid, repo_id, directory) VALUES (%d, %d, '%s')", $project->nid, $project->rid, $directory);
        $_SESSION['cvs_to_versioncontrol_project_update_2']++;
    }
    if ($_SESSION['cvs_to_versioncontrol_project_update_2'] >= $_SESSION['cvs_to_versioncontrol_project_update_2_max']) {
        $count = $_SESSION['cvs_to_versioncontrol_project_update_2_max'];
        unset($_SESSION['cvs_to_versioncontrol_project_update_2']);
        unset($_SESSION['cvs_to_versioncontrol_project_update_2_max']);
        return array(array('success' => TRUE, 'query' => t('Converted @count project repository entries.', array('@count' => $count))));
    }
    return array('#finished' => $_SESSION['cvs_to_versioncontrol_project_update_2'] / $_SESSION['cvs_to_versioncontrol_project_update_2_max']);
}
Esempio n. 20
0
function profilefields_show($uid)
{
    $l = '';
    $a = array();
    $q = db_query("SHOW COLUMNS FROM prefix_user");
    while ($r = db_fetch_assoc($q)) {
        $a[$r['Field']] = $r['Field'];
    }
    $q = db_query("SELECT id, `show`, func FROM prefix_profilefields WHERE func < 4 ORDER BY pos");
    while ($r = db_fetch_assoc($q)) {
        if ($r['func'] == 1) {
            $str = @db_result(db_query("SELECT val FROM prefix_userfields WHERE uid = " . $uid . " AND fid = " . $r['id']), 0);
            $l .= '<tr><td class="Cmite">' . $r['show'] . '</td><td class="Cnorm">' . $str . '</td></tr>';
        } elseif ($r['func'] == 2) {
            $l .= '<tr><td class="Cdark" colspan="2"><b>' . $r['show'] . '</b></td></tr>';
        } elseif ($r['func'] == 3) {
            $str = '';
            if (isset($a[$r['show']])) {
                $str = @db_result(db_query("SELECT `" . $r['show'] . "` FROM prefix_user WHERE id = " . $uid), 0);
            }
            if (function_exists('profilefields_show_spez_' . $r['show'])) {
                $l .= call_user_func('profilefields_show_spez_' . $r['show'], $str, $uid);
            } elseif ($r['show'] != 'opt_pm_popup') {
                $l .= '<tr><td class="Cmite">' . ucfirst($r['show']) . '</td><td class="Cnorm">' . $str . '</td></tr>';
            }
        }
    }
    return $l;
}
Esempio n. 21
0
/**
 * GForge Survey Facility
 *
 * Portions Copyright 1999-2001 (c) VA Linux Systems
 * The rest Copyright 2002-2004 (c) GForge Team
 * http://gforge.org/
 *
 * @version   $Id$
 *
 * This file is part of GForge.
 *
 * GForge is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation; either version 2 of the License, or
 * (at your option) any later version.
 *
 * GForge is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with GForge; if not, write to the Free Software
 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
 */
function ShowResultsEditSurvey($result)
{
    global $group_id;
    $rows = db_NumRows($result);
    $cols = db_NumFields($result);
    echo "<h3>" . sprintf(ngettext('%1$s survey found', '%1$s surveys found', $rows), $rows) . "</h3>";
    if ($rows > 0) {
        echo "<table border=\"0\">\n";
        /*  Create  the  headers  */
        echo "<tr class=\"tableheading\">\n";
        for ($i = 0; $i < $cols; $i++) {
            echo "<th>" . db_fieldname($result, $i) . "</th>\n";
        }
        echo "</tr>";
        for ($j = 0; $j < $rows; $j++) {
            echo "<tr class=\".{$HTML->boxGetAltRowStyle}({$j})\">\n";
            echo "<td><a href=\"edit_survey.php?group_id={$group_id}&amp;survey_id=" . db_result($result, $j, 0) . "\">" . db_result($result, $j, 0) . "</a></td>";
            for ($i = 1; $i < $cols; $i++) {
                echo "<td>" . db_result($result, $j, $i) . "</td>\n";
            }
            echo "</tr>";
        }
        echo "</table>";
    }
}
Esempio n. 22
0
function delete_hr_manager_right()
{
    /*Проверка прав на выполнение действия*/
    if (!check_rights('delete_hr_manager_right')) {
        return "У вас нет соответствующих прав";
    }
    /*Проверка входных данных*/
    if (!isset($_GET['user'])) {
        return "Ошибка входных данных (1)";
    }
    /*Проверка входных данных*/
    if (!preg_match("/^[0-9]{1,8}\$/", $_GET['user'])) {
        return "Ошибка в формате входных данных (2)";
    }
    //Определяем переменную
    $user_id = (int) $_GET['user'];
    /*Проверка входных данных*/
    if (db_easy_count("SELECT * FROM `phpbb_users` WHERE `user_id`={$user_id} AND `hrmanager`=1") == 0) {
        return "Ошибка в формате входных данных (3)";
    }
    //Запрос к базе
    db_query("UPDATE `phpbb_users` SET `hrmanager`=0 WHERE `user_id`={$user_id}");
    /*Проверка правильности выполнения запроса к БД*/
    if (!db_result()) {
        return "Ошибка при выполнении (4)";
    }
    //Выполняем HTTP запрос
    header("location: /manager.php?action=show_rights");
}
Esempio n. 23
0
function page_admin_edit($table, $field, $id)
{
    use_layout("admin");
    requires_admin();
    global $tables;
    if (!isset($tables[$table]['liveedit'])) {
        die("can't edit this table tables[{$table}]['liveedit'] not set");
    }
    if (isset($_POST['editor1'])) {
        $html = form_post("editor1");
        $html = str_replace('\\"', '"', $html);
        $html = str_replace("\\'", "'", $html);
        $html = str_replace("\\\\", "\\", $html);
        $f = "on_{$table}_{$field}_update";
        if (function_exists($f)) {
            $f($id, $html);
        }
        db_query("UPDATE %s SET %s='%s' WHERE id=%d", $table, $field, $html, $id);
        if (CLOSE_ON_SAVE) {
            die("<script> window.close();</script>");
        }
        flash("message", "Изменения сохранены");
    }
    $content = db_result(db_query("SELECT %s FROM %s WHERE id=%d", $field, $table, $id));
    $o = "";
    if (form_post("back")) {
        $back = form_post("back");
        $o .= "<a href={$back}><<Назад</a>";
    }
    $o .= template("tinymce", "content", $content);
    return $o;
}
Esempio n. 24
0
 function getContent()
 {
     $html_my_bookmarks = '';
     $result = db_query("SELECT bookmark_url, bookmark_title, bookmark_id from user_bookmarks where " . "user_id='" . user_getid() . "' ORDER BY bookmark_title");
     $rows = db_numrows($result);
     if (!$result || $rows < 1) {
         $html_my_bookmarks .= $GLOBALS['Language']->getText('my_index', 'no_bookmark');
         $html_my_bookmarks .= db_error();
     } else {
         $purifier = Codendi_HTMLPurifier::instance();
         $html_my_bookmarks .= '<table style="width:100%">';
         for ($i = 0; $i < $rows; $i++) {
             $bookmark_url = $purifier->purify(db_result($result, $i, 'bookmark_url'), CODENDI_PURIFIER_CONVERT_HTML);
             if (my_has_URL_invalid_content($bookmark_url)) {
                 $bookmark_url = '';
             }
             $bookmark_title = $purifier->purify(db_result($result, $i, 'bookmark_title'), CODENDI_PURIFIER_CONVERT_HTML);
             $html_my_bookmarks .= '<TR class="' . util_get_alt_row_color($i) . '"><TD>';
             $html_my_bookmarks .= '<A HREF="' . $bookmark_url . '">' . $bookmark_title . '</A> ';
             $html_my_bookmarks .= '<small><A HREF="/my/bookmark_edit.php?bookmark_id=' . db_result($result, $i, 'bookmark_id') . '">[' . $GLOBALS['Language']->getText('my_index', 'edit_link') . ']</A></SMALL></TD>';
             $html_my_bookmarks .= '<td style="text-align:right"><A HREF="/my/bookmark_delete.php?bookmark_id=' . db_result($result, $i, 'bookmark_id') . '">';
             $html_my_bookmarks .= '<IMG SRC="' . util_get_image_theme("ic/trash.png") . '" HEIGHT="16" WIDTH="16" BORDER="0" ALT="DELETE"></A></td></tr>';
         }
         $html_my_bookmarks .= '</table>';
     }
     $html_my_bookmarks .= '<div style="text-align:center; font-size:0.8em;"><a href="/my/bookmark_add.php">[' . $GLOBALS['Language']->getText('my_index', 'add_bookmark') . ']</a></div>';
     return $html_my_bookmarks;
 }
Esempio n. 25
0
/**
 * Function to get row count for a given table
 *
 * @param string $p_table Table name.
 * @return integer row count
 */
function helper_table_row_count($p_table)
{
    $t_table = $p_table;
    $t_query = 'SELECT COUNT(*) FROM ' . $t_table;
    $t_result = db_query($t_query);
    $t_count = db_result($t_result);
    return $t_count;
}
Esempio n. 26
0
function helper_table_row_count($p_table)
{
    $t_table = $p_table;
    $query = "SELECT COUNT(*) FROM {$t_table}";
    $result = db_query_bound($query);
    $t_users = db_result($result);
    return $t_users;
}
Esempio n. 27
0
function db_easy_result($question)
{
    if ($a = db_query($question)) {
        return db_result($a);
    } else {
        return false;
    }
}
Esempio n. 28
0
function db_insert($table, $data)
{
    $query = "INSERT INTO %s (%s) VALUES ('%s')";
    $fields = implode(",", array_keys($data));
    $values = implode("','", $data);
    $query = sprintf($query, $table, $fields, $values);
    db_result($query);
}
Esempio n. 29
0
 /**
  *	get the unix time that this install was setup.
  */
 function getMinDate()
 {
     if (!$this->site_start_date) {
         $res = db_query("select min(add_date) AS start_date from users where add_date > 0;");
         $this->site_start_date = db_result($res, 0, 'start_date');
     }
     return $this->site_start_date;
 }
Esempio n. 30
0
function note_queue_count()
{
    # the reason of including the page is to avoid counting orphan
    # notes.
    $query = "SELECT COUNT(*)\r\n\t\t\t\tFROM " . config_get('phpWN_note_table') . " n, \r\n\t\t\t\t\t" . config_get('phpWN_page_table') . " p\r\n\t\t\t\tWHERE n.page_id = p.id AND \r\n\t\t\t\tvisible=" . NOTE_VISIBLE_PENDING;
    $result = db_query($query);
    return db_result($result, 0, 0);
}