function admin_delete_photo($user_id, $image_id) { global $hp_includepath; require_once $hp_includepath . 'message-functions.php'; deletePhoto($user_id, $image_id); $title = 'En bild i ditt fotoalbum har tagits bort'; $message = 'Bild nummer ' . intval($image_id + 1) . ' i ditt fotoalbum har raderats av en administratör.' . "\n"; $message .= 'Det kan finnas många anledningar till att en bild tas bort, men oftast beror det på något av följande:' . "\n"; $message .= '* Bilden innehöll rasistisk eller nazistisk propaganda.' . "\n"; $message .= '* Bilden var pornografisk.' . "\n"; $message .= '* Bilden var rent ut sagt äcklig eller vidrig, och kunde verka obehaglig för våra yngre medlemmar.' . "\n"; $message .= '* Bilden var kränkande.' . "\n"; $message .= "\n\n"; $message .= 'Vi som arbetar med hamsterpaj vill göra siten till en så trevlig webbplats som möjligt, därför är behöver vi'; $message .= ' ibland ta bort bilder. Vi hoppas att du förstår varför bilden togs bort och önskar dig en trevlig tid här på hamsterpaj.'; $message .= "\n\n\n" . 'Med vänliga hälsningar, hamsterpaj.net administrations-team.'; messages_send(2348, $user_id, $title, $message); //log_admin_event('deleted photo', $message , $_SESSION['login']['id'], $user_id, $image_id); //loggning görs i deletePhoto() }
$photo_album->setValue('pho_quantity', $photo_album->getValue('pho_quantity') - 1); $photo_album->save(); } } // Foto um 90° drehen if ($getJob === 'rotate') { // nur bei gueltigen Uebergaben weiterarbeiten if ($getDirection !== '') { // Aufruf des ggf. uebergebenen Albums $photo_album = new TablePhotos($gDb, $getPhotoId); // Thumbnail loeschen deleteThumbnail($photo_album, $getPhotoNr); // Ordnerpfad zusammensetzen $photo_path = SERVER_PATH . '/adm_my_files/photos/' . $photo_album->getValue('pho_begin', 'Y-m-d') . '_' . $photo_album->getValue('pho_id') . '/' . $getPhotoNr . '.jpg'; // Bild drehen $image = new Image($photo_path); $image->rotate($getDirection); $image->delete(); } } elseif ($getJob === 'delete') { // das entsprechende Bild wird physikalisch und in der DB geloescht deletePhoto($getPhotoId, $getPhotoNr); // Neu laden der Albumdaten $photo_album = new TablePhotos($gDb); if ($getPhotoId > 0) { $photo_album->readDataById($getPhotoId); } $_SESSION['photo_album'] = $photo_album; // Loeschen erfolgreich -> Rueckgabe fuer XMLHttpRequest echo 'done'; }
} $json = file_get_contents('php://input'); $data = json_decode($json); $headers = apache_request_headers(); $header = str_replace("Bearer ", "", $headers['Authorization']); $contentHeaders = explode(';', $headers['Content-Type'], 2); $JWT = new JWT(); try { $decoded_token = $JWT->decode($header, $key, array($alg)); if ($contentHeaders[0] != 'multipart/form-data') { if ($data->location === 'fetch_photos') { fetchPhotos($data, $db); } elseif ($data->location === 'update_caption') { updateCaption($data, $db); } elseif ($data->location === 'delete_photo') { deletePhoto($data, $db); } } elseif ($contentHeaders[0] == 'multipart/form-data') { $data = json_decode($_POST['data']); if ($data->location === 'insert_photos') { insertPhotos($data, $db); } } } catch (DomainException $e) { header_status(401); $response['status'] = 'Error'; $response['message'] = $e->getMessage(); echo json_encode($response); die; } function insertPhotos($data, $db)
public function loadProfil() { $pseudouser = str_replace(' ', '-', $_SESSION['user']['pseudo']); $succes = ""; $error = ""; $nomville = ""; if (!empty($_POST)) { if (!empty($_POST['modifyProfil'])) { $verification = new Verification($_POST); $verificationPhoto = new Verification($_FILES); $verification->notEmpty('email', "Veuillez compléter le champ email."); $verification->notEmpty('nom', "Spécifiez votre nom de famille."); $verification->notEmpty('prenom', "Spécifiez votre prénom."); $verification->notEmpty('sexe', "Êtes-vous un homme ou une femme?"); $verification->notEmpty('ville', "Choississez une ville."); $error .= $verification->error; if ($verification->isValid()) { if (!empty($_FILES['photo']['name'])) { $verificationPhoto->PhotoOk('photo', $pseudouser . '.jpg', 'Users/Profil', false); } if (!empty($_FILES['couverture']['name'])) { $verificationPhoto->PhotoOk('couverture', $pseudouser . '.jpg', 'Users/Bannière', false); } if (!$verificationPhoto->isValid()) { $error .= "Un problème s'est produit lors de l'ajout des photos."; } else { if (!empty($_FILES['photo']['name'])) { deletePhoto($pseudouser . '.jpg', 'Users/Profil', 'photo'); } if (!empty($_FILES['couverture']['name'])) { deletePhoto($pseudouser . '.jpg', 'Users/Bannière', 'couverture'); } /*upload images*/ // $error .= uploadPhoto($pseudouser . '.jpg', 'Users/Profil', 'photo'); $error .= uploadPhoto($pseudouser . '.jpg', 'Users/Bannière', 'couverture'); } if (empty($error)) { $ville = $this->groupe->getVilleByName($_POST['ville'])->fetch(); $id_ville = $ville['id']; $this->user->modifierProfil($_SESSION['user']['pseudo'], $id_ville); $succes = "Profil modifié avec succès!"; } } } if (!empty($_POST['changePw'])) { $verification = new Verification($_POST); $verificationPhoto = new Verification($_FILES); $verification->notEmpty('ex_mot_de_passe', "Veuillez spécifier votre ancien mot de passer."); $verification->notEmpty('mot_de_passe', "Spécifiez votre nouveau mot de passe."); $verification->notEmpty('mot_de_passe_confirmation', "Retapez votre nouveau mot de passe."); $error .= $verification->error; if ($verification->isValid()) { if ($this->user->CheckPasswordUser()) { if ($_POST['mot_de_passe'] == $_POST['mot_de_passe_confirmation']) { if (passwordOk($_POST['mot_de_passe'])) { $this->user->updatePw(); $data = $this->user->CheckUser()->fetch(); $_SESSION['user'] = $data; $succes = "Mot de passe modifié avec succès."; } else { $error .= 'Le mot de passe ne possède pas les bons critères'; } } else { $error .= 'Les deux nouveaux mots de passent ne correspondent pas.'; } } else { $error .= "L'ancien mot de passe fourni n'est pas correcte."; } } } } $id_ville = $_SESSION['user']['id_ville']; if (!empty($_SESSION['user']['id_ville'])) { $ville = $this->groupe->getVilleById($id_ville)->fetch(); $nomville = $ville['name']; } $_SESSION['user'] = $this->user->getDataUser($_SESSION['user']['pseudo'])->fetch(); //refresh la session. $vue = new Vue("Profil", "User", ['stylesheet.css'], ['calendrier.js', 'modifier_profil.js', 'showphoto.js', 'RechercheGroupe.js', 'Verification.js']); $vue->loadpage(['nomville' => $nomville, 'pseudouser' => $pseudouser, 'error' => $error, 'succes' => $succes]); }
/** * Lists the reports. * * @param int $page */ public function index($page = 1) { // If user doesn't have access, redirect to dashboard if (!admin::permissions($this->user, "reports_view")) { url::redirect(url::site() . 'admin/dashboard'); } $this->template->content = new View('admin/reports'); $this->template->content->title = Kohana::lang('ui_admin.reports'); //hook into the event for the reports::fetch_incidents() method Event::add('ushahidi_filter.fetch_incidents_set_params', array($this, '_add_incident_filters')); $status = "0"; if (!empty($_GET['status'])) { $status = $_GET['status']; if (strtolower($status) == 'a') { array_push($this->params, 'i.incident_active = 0'); } elseif (strtolower($status) == 'v') { array_push($this->params, 'i.incident_verified = 0'); } else { $status = "0"; } } // Get Search Keywords (If Any) if (isset($_GET['k'])) { // Brute force input sanitization // Phase 1 - Strip the search string of all non-word characters $keyword_raw = isset($_GET['k']) ? preg_replace('#/\\w+/#', '', $_GET['k']) : ""; // Strip any HTML tags that may have been missed in Phase 1 $keyword_raw = strip_tags($keyword_raw); // Phase 3 - Invoke Kohana's XSS cleaning mechanism just incase an outlier wasn't caught // in the first 2 steps $keyword_raw = $this->input->xss_clean($keyword_raw); $filter = " (" . $this->_get_searchstring($keyword_raw) . ")"; array_push($this->params, $filter); } else { $keyword_raw = ""; } // Check, has the form been submitted? $form_error = FALSE; $form_saved = FALSE; $form_action = ""; if ($_POST) { $post = Validation::factory($_POST); // Add some filters $post->pre_filter('trim', TRUE); // Add some rules, the input field, followed by a list of checks, carried out in order $post->add_rules('action', 'required', 'alpha', 'length[1,1]'); $post->add_rules('incident_id.*', 'required', 'numeric'); if ($post->validate()) { // Approve Action if ($post->action == 'a') { foreach ($post->incident_id as $item) { $update = new Incident_Model($item); if ($update->loaded == TRUE) { $update->incident_active = $update->incident_active == 0 ? '1' : '0'; // Tag this as a report that needs to be sent out as an alert if ($update->incident_alert_status != '2') { // 2 = report that has had an alert sent $update->incident_alert_status = '1'; } $update->save(); $verify = new Verify_Model(); $verify->incident_id = $item; $verify->verified_status = '1'; // Record 'Verified By' Action $verify->user_id = $_SESSION['auth_user']->id; $verify->verified_date = date("Y-m-d H:i:s", time()); $verify->save(); // Action::report_approve - Approve a Report Event::run('ushahidi_action.report_approve', $update); } } $form_action = strtoupper(Kohana::lang('ui_admin.approved')); } elseif ($post->action == 'u') { foreach ($post->incident_id as $item) { $update = new Incident_Model($item); if ($update->loaded == TRUE) { $update->incident_active = '0'; // If Alert hasn't been sent yet, disable it if ($update->incident_alert_status == '1') { $update->incident_alert_status = '0'; } $update->save(); $verify = new Verify_Model(); $verify->incident_id = $item; $verify->verified_status = '0'; // Record 'Verified By' Action $verify->user_id = $_SESSION['auth_user']->id; $verify->verified_date = date("Y-m-d H:i:s", time()); $verify->save(); // Action::report_unapprove - Unapprove a Report Event::run('ushahidi_action.report_unapprove', $update); } } $form_action = strtoupper(Kohana::lang('ui_admin.unapproved')); } elseif ($post->action == 'v') { foreach ($post->incident_id as $item) { $update = new Incident_Model($item); $verify = new Verify_Model(); if ($update->loaded == TRUE) { if ($update->incident_verified == '1') { $update->incident_verified = '0'; $verify->verified_status = '0'; } else { $update->incident_verified = '1'; $verify->verified_status = '2'; } $update->save(); $verify->incident_id = $item; // Record 'Verified By' Action $verify->user_id = $_SESSION['auth_user']->id; $verify->verified_date = date("Y-m-d H:i:s", time()); $verify->save(); } } // Set the form action $form_action = strtoupper(Kohana::lang('ui_admin.verified_unverified')); } elseif ($post->action == 'd') { foreach ($post->incident_id as $item) { $update = new Incident_Model($item); if ($update->loaded == TRUE) { $incident_id = $update->id; $location_id = $update->location_id; $update->delete(); // Delete Location ORM::factory('location')->where('id', $location_id)->delete_all(); // Delete Categories ORM::factory('incident_category')->where('incident_id', $incident_id)->delete_all(); // Delete Translations ORM::factory('incident_lang')->where('incident_id', $incident_id)->delete_all(); // Delete Photos From Directory foreach (ORM::factory('media')->where('incident_id', $incident_id)->where('media_type', 1) as $photo) { deletePhoto($photo->id); } // Delete Media ORM::factory('media')->where('incident_id', $incident_id)->delete_all(); // Delete Sender ORM::factory('incident_person')->where('incident_id', $incident_id)->delete_all(); // Delete relationship to SMS message $updatemessage = ORM::factory('message')->where('incident_id', $incident_id)->find(); if ($updatemessage->loaded == TRUE) { $updatemessage->incident_id = 0; $updatemessage->save(); } // Delete Comments ORM::factory('comment')->where('incident_id', $incident_id)->delete_all(); // Delete form responses ORM::factory('form_response')->where('incident_id', $incident_id)->delete_all(); // Action::report_delete - Deleted a Report Event::run('ushahidi_action.report_delete', $incident_id); } } $form_action = strtoupper(Kohana::lang('ui_admin.deleted')); } $form_saved = TRUE; } else { $form_error = TRUE; } } // Fetch all incidents $all_incidents = reports::fetch_incidents(); // Pagination $pagination = new Pagination(array('style' => 'front-end-reports', 'query_string' => 'page', 'items_per_page' => (int) Kohana::config('settings.items_per_page'), 'total_items' => $all_incidents->count())); Event::run('ushahidi_filter.pagination', $pagination); // Reports $incidents = Incident_Model::get_incidents(reports::$params, $pagination); Event::run('ushahidi_filter.filter_incidents', $incidents); $this->template->content->countries = Country_Model::get_countries_list(); $this->template->content->incidents = $incidents; $this->template->content->pagination = $pagination; $this->template->content->form_error = $form_error; $this->template->content->form_saved = $form_saved; $this->template->content->form_action = $form_action; // Total Reports $this->template->content->total_items = $pagination->total_items; // Status Tab $this->template->content->status = $status; // Javascript Header $this->template->js = new View('admin/reports_js'); }
<?php include "connect/database.php"; validaSession(); securityValidation($_COOKIE['id'], "14"); if (isset($_GET['i'])) { $rs_banDel = mysql_fetch_object(listAll("banners", "WHERE id = {$_GET['i']}")); deletePhoto($rs_banDel->img, "../../www/beta/fototea/banners/"); eliminarRegistro('banners', 'id', $_GET['i']); } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <meta name="viewport" content="width=device-width, initial-scale=1.0" /> <title>Banner</title> <link rel="stylesheet" href="css/style.css" type="text/css" /> <!--[if IE 9]> <link rel="stylesheet" media="screen" href="css/ie9.css"/> <![endif]--> <!--[if IE 8]> <link rel="stylesheet" media="screen" href="css/ie8.css"/> <![endif]--> <!--[if IE 7]> <link rel="stylesheet" media="screen" href="css/ie7.css"/> <![endif]--> <script type="text/javascript" src="js/plugins/jquery-1.7.min.js"></script> <script type="text/javascript" src="js/plugins/jquery.flot.min.js"></script>
/** * Processes loading of this sample code through a web browser. Uses AuthSub * authentication and outputs a list of a user's albums if succesfully * authenticated. * * @return void */ function processPageLoad() { global $_SESSION, $_GET; if (!isset($_SESSION['sessionToken']) && !isset($_GET['token'])) { requestUserLogin('Please login to your Google Account.'); } else { $client = getAuthSubHttpClient(); if (!empty($_REQUEST['command'])) { switch ($_REQUEST['command']) { case 'retrieveSelf': outputUserFeed($client, "default"); break; case 'retrieveUser': outputUserFeed($client, $_REQUEST['user']); break; case 'retrieveAlbumFeed': outputAlbumFeed($client, $_REQUEST['user'], $_REQUEST['album']); break; case 'retrievePhotoFeed': outputPhotoFeed($client, $_REQUEST['user'], $_REQUEST['album'], $_REQUEST['photo']); break; } } // Now we handle the potentially destructive commands, which have to // be submitted by POST only. if (!empty($_POST['command'])) { switch ($_POST['command']) { case 'addPhoto': addPhoto($client, $_POST['user'], $_POST['album'], $_FILES['photo']); break; case 'deletePhoto': deletePhoto($client, $_POST['user'], $_POST['album'], $_POST['photo']); break; case 'addAlbum': addAlbum($client, $_POST['user'], $_POST['name']); break; case 'deleteAlbum': deleteAlbum($client, $_POST['user'], $_POST['album']); break; case 'addComment': addComment($client, $_POST['user'], $_POST['album'], $_POST['photo'], $_POST['comment']); break; case 'addTag': addTag($client, $_POST['user'], $_POST['album'], $_POST['photo'], $_POST['tag']); break; case 'deleteComment': deleteComment($client, $_POST['user'], $_POST['album'], $_POST['photo'], $_POST['comment']); break; case 'deleteTag': deleteTag($client, $_POST['user'], $_POST['album'], $_POST['photo'], $_POST['tag']); break; default: break; } } // If a menu parameter is available, display a submenu. if (!empty($_REQUEST['menu'])) { switch ($_REQUEST['menu']) { case 'user': displayUserMenu(); break; case 'photo': displayPhotoMenu(); break; case 'album': displayAlbumMenu(); break; case 'logout': logout(); break; default: header('HTTP/1.1 400 Bad Request'); echo "<h2>Invalid menu selection.</h2>\n"; echo "<p>Please check your request and try again.</p>"; } } if (empty($_REQUEST['menu']) && empty($_REQUEST['command'])) { displayMenu(); } } }
/** * Lists the reports. * @param int $page */ function index($page = 1) { $this->template->content = new View('admin/reports'); $this->template->content->title = Kohana::lang('ui_admin.reports'); if (!empty($_GET['status'])) { $status = $_GET['status']; if (strtolower($status) == 'a') { $filter = 'incident_active = 0'; } elseif (strtolower($status) == 'v') { $filter = 'incident_verified = 0'; } else { $status = "0"; $filter = '1=1'; } } else { $status = "0"; $filter = "1=1"; } // Get Search Keywords (If Any) if (isset($_GET['k'])) { $keyword_raw = $_GET['k']; $filter .= " AND (" . $this->_get_searchstring($keyword_raw) . ")"; } else { $keyword_raw = ""; } // check, has the form been submitted? $form_error = FALSE; $form_saved = FALSE; $form_action = ""; if ($_POST) { $post = Validation::factory($_POST); // Add some filters $post->pre_filter('trim', TRUE); // Add some rules, the input field, followed by a list of checks, carried out in order $post->add_rules('action', 'required', 'alpha', 'length[1,1]'); $post->add_rules('incident_id.*', 'required', 'numeric'); if ($post->validate()) { if ($post->action == 'a') { foreach ($post->incident_id as $item) { $update = new Incident_Model($item); if ($update->loaded == true) { $update->incident_active = '1'; // Tag this as a report that needs to be sent out as an alert $update->incident_alert_status = '1'; $update->save(); $verify = new Verify_Model(); $verify->incident_id = $item; $verify->verified_status = '1'; $verify->user_id = $_SESSION['auth_user']->id; // Record 'Verified By' Action $verify->verified_date = date("Y-m-d H:i:s", time()); $verify->save(); } } $form_action = strtoupper(Kohana::lang('ui_admin.approved')); } elseif ($post->action == 'u') { foreach ($post->incident_id as $item) { $update = new Incident_Model($item); if ($update->loaded == true) { $update->incident_active = '0'; $update->save(); $verify = new Verify_Model(); $verify->incident_id = $item; $verify->verified_status = '0'; $verify->user_id = $_SESSION['auth_user']->id; // Record 'Verified By' Action $verify->verified_date = date("Y-m-d H:i:s", time()); $verify->save(); } } $form_action = strtoupper(Kohana::lang('ui_admin.unapproved')); } elseif ($post->action == 'v') { foreach ($post->incident_id as $item) { $update = new Incident_Model($item); $verify = new Verify_Model(); if ($update->loaded == true) { if ($update->incident_verified == '1') { $update->incident_verified = '0'; $verify->verified_status = '0'; } else { $update->incident_verified = '1'; $verify->verified_status = '2'; } $update->save(); $verify->incident_id = $item; $verify->user_id = $_SESSION['auth_user']->id; // Record 'Verified By' Action $verify->verified_date = date("Y-m-d H:i:s", time()); $verify->save(); } } $form_action = "VERIFIED"; } elseif ($post->action == 'd') { foreach ($post->incident_id as $item) { $update = new Incident_Model($item); if ($update->loaded == true) { $incident_id = $update->id; $location_id = $update->location_id; $update->delete(); // Delete Location ORM::factory('location')->where('id', $location_id)->delete_all(); // Delete Categories ORM::factory('incident_category')->where('incident_id', $incident_id)->delete_all(); // Delete Translations ORM::factory('incident_lang')->where('incident_id', $incident_id)->delete_all(); // Delete Photos From Directory foreach (ORM::factory('media')->where('incident_id', $incident_id)->where('media_type', 1) as $photo) { deletePhoto($photo->id); } // Delete Media ORM::factory('media')->where('incident_id', $incident_id)->delete_all(); // Delete Sender ORM::factory('incident_person')->where('incident_id', $incident_id)->delete_all(); // Delete relationship to SMS message $updatemessage = ORM::factory('message')->where('incident_id', $incident_id)->find(); if ($updatemessage->loaded == true) { $updatemessage->incident_id = 0; $updatemessage->save(); } // Delete relationship to Twitter message $updatemessage = ORM::factory('twitter')->where('incident_id', $incident_id)->find(); if ($updatemessage->loaded == true) { $updatemessage->incident_id = 0; $updatemessage->save(); } // Delete Comments ORM::factory('comment')->where('incident_id', $incident_id)->delete_all(); } } $form_action = strtoupper(Kohana::lang('ui_admin.deleted')); } $form_saved = TRUE; } else { $form_error = TRUE; } } // Pagination $pagination = new Pagination(array('query_string' => 'page', 'items_per_page' => (int) Kohana::config('settings.items_per_page_admin'), 'total_items' => ORM::factory('incident')->where($filter)->join('location', 'incident.location_id', 'location.id', 'INNER')->count_all())); $incidents = ORM::factory('incident')->where($filter)->orderby('incident_dateadd', 'desc')->join('location', 'incident.location_id', 'location.id', 'INNER')->find_all((int) Kohana::config('settings.items_per_page_admin'), $pagination->sql_offset); //GET countries $countries = array(); foreach (ORM::factory('country')->orderby('country')->find_all() as $country) { // Create a list of all categories $this_country = $country->country; if (strlen($this_country) > 35) { $this_country = substr($this_country, 0, 35) . "..."; } $countries[$country->id] = $this_country; } $this->template->content->countries = $countries; $this->template->content->incidents = $incidents; $this->template->content->pagination = $pagination; $this->template->content->form_error = $form_error; $this->template->content->form_saved = $form_saved; $this->template->content->form_action = $form_action; // Total Reports $this->template->content->total_items = $pagination->total_items; // Status Tab $this->template->content->status = $status; // Javascript Header $this->template->js = new View('admin/reports_js'); }
$category = []; } foreach ($category as $value) { bindPhotoCategory($photo['id'], $value); } $update_photo = updatePhoto($photo['id'], $letitre, $ladesc); if ($update_photo == false) { $editerror = 'La modification a échoué !'; } // errors ? stack in a variable and show them } else { header('Location: ./?page=deconnect'); } } elseif ($action == 'delete') { unbindPhotoCategory($photo['id']); deletePhoto($photo['id']); unlink(CHEMIN_RACINE . $dossier_ori . $photo['lenom'] . '.' . $photo['lextension']); unlink(CHEMIN_RACINE . $dossier_gd . $photo['lenom'] . '.jpg'); unlink(CHEMIN_RACINE . $dossier_mini . $photo['lenom'] . '.jpg'); } } else { header('Location: ./?page=deconnect'); } } else { header('Location: ./?page=deconnect'); } } else { header('Location: ./?page=deconnect'); } } // photo upload
<?php include "connect/database.php"; validaSession(); securityValidation($_COOKIE['id'], "14"); $ban = listAll("banners", "WHERE\tid = {$_GET['i']}"); $rs_ban = mysql_fetch_object($ban); if ($_POST) { $img_del = deletePhoto($rs_ban->img, "../../www/beta/fototea/banners/"); $imagen = uploadFile("imagen", "../../www/beta/fototea/banners/", "50"); $values = "titulo = '" . $_POST['titulo'] . "',texto = '" . $_POST['texto'] . "',orden = '" . $_POST['orden'] . "',img = '" . $imagen . "'"; $bannerIn = updateTable("banners", $values, "id = {$_GET['i']}"); if ($bannerIn != false) { ?> <script> alert("Se ha modificado el banner correctamente."); window.location="banner.php"; </script> <?php } else { ?> <script> alert("No se ha podido modificar el banner correctamente."); window.history.back(); </script> <?php } } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml">
/** * Lists the reports. * @param int $page */ function index($page = 1) { // If user doesn't have access, redirect to dashboard if (!admin::permissions($this->user, "reports_view")) { url::redirect(url::site() . 'admin/dashboard'); } $this->template->content = new View('adminmap/adminmap_reports'); $this->template->content->title = Kohana::lang('ui_admin.reports'); if (!empty($_GET['status'])) { $status = $_GET['status']; if (strtolower($status) == 'a') { $filter = 'incident.incident_active = 0'; } elseif (strtolower($status) == 'v') { $filter = 'incident.incident_verified = 0'; } else { $status = "0"; $filter = '1=1'; } } else { $status = "0"; $filter = "1=1"; } // check, has the form been submitted? $form_error = FALSE; $form_saved = FALSE; $form_action = ""; if ($_POST) { $post = Validation::factory($_POST); // Add some filters $post->pre_filter('trim', TRUE); // Add some rules, the input field, followed by a list of checks, carried out in order $post->add_rules('action', 'required', 'alpha', 'length[1,1]'); $post->add_rules('incident_id.*', 'required', 'numeric'); if ($post->validate()) { if ($post->action == 'a') { foreach ($post->incident_id as $item) { $update = new Incident_Model($item); if ($update->loaded == true) { if ($update->incident_active == 0) { $update->incident_active = '1'; } else { $update->incident_active = '0'; } // Tag this as a report that needs to be sent out as an alert if ($update->incident_alert_status != '2') { // 2 = report that has had an alert sent $update->incident_alert_status = '1'; } $update->save(); $verify = new Verify_Model(); $verify->incident_id = $item; $verify->verified_status = '1'; $verify->user_id = $_SESSION['auth_user']->id; // Record 'Verified By' Action $verify->verified_date = date("Y-m-d H:i:s", time()); $verify->save(); // Action::report_approve - Approve a Report Event::run('ushahidi_action.report_approve', $update); } } $form_action = strtoupper(Kohana::lang('ui_admin.approved')); } elseif ($post->action == 'u') { foreach ($post->incident_id as $item) { $update = new Incident_Model($item); if ($update->loaded == true) { $update->incident_active = '0'; // If Alert hasn't been sent yet, disable it if ($update->incident_alert_status == '1') { $update->incident_alert_status = '0'; } $update->save(); $verify = new Verify_Model(); $verify->incident_id = $item; $verify->verified_status = '0'; $verify->user_id = $_SESSION['auth_user']->id; // Record 'Verified By' Action $verify->verified_date = date("Y-m-d H:i:s", time()); $verify->save(); // Action::report_unapprove - Unapprove a Report Event::run('ushahidi_action.report_unapprove', $update); } } $form_action = strtoupper(Kohana::lang('ui_admin.unapproved')); } elseif ($post->action == 'v') { foreach ($post->incident_id as $item) { $update = new Incident_Model($item); $verify = new Verify_Model(); if ($update->loaded == true) { if ($update->incident_verified == '1') { $update->incident_verified = '0'; $verify->verified_status = '0'; } else { $update->incident_verified = '1'; $verify->verified_status = '2'; } $update->save(); $verify->incident_id = $item; $verify->user_id = $_SESSION['auth_user']->id; // Record 'Verified By' Action $verify->verified_date = date("Y-m-d H:i:s", time()); $verify->save(); } } $form_action = "VERIFIED"; } elseif ($post->action == 'd') { foreach ($post->incident_id as $item) { $update = new Incident_Model($item); if ($update->loaded == true) { $incident_id = $update->id; $location_id = $update->location_id; $update->delete(); // Delete Location ORM::factory('location')->where('id', $location_id)->delete_all(); // Delete Categories ORM::factory('incident_category')->where('incident_id', $incident_id)->delete_all(); // Delete Translations ORM::factory('incident_lang')->where('incident_id', $incident_id)->delete_all(); // Delete Photos From Directory foreach (ORM::factory('media')->where('incident_id', $incident_id)->where('media_type', 1) as $photo) { deletePhoto($photo->id); } // Delete Media ORM::factory('media')->where('incident_id', $incident_id)->delete_all(); // Delete Sender ORM::factory('incident_person')->where('incident_id', $incident_id)->delete_all(); // Delete relationship to SMS message $updatemessage = ORM::factory('message')->where('incident_id', $incident_id)->find(); if ($updatemessage->loaded == true) { $updatemessage->incident_id = 0; $updatemessage->save(); } // Delete Comments ORM::factory('comment')->where('incident_id', $incident_id)->delete_all(); // Action::report_delete - Deleted a Report Event::run('ushahidi_action.report_delete', $update); } } $form_action = strtoupper(Kohana::lang('ui_admin.deleted')); } $form_saved = TRUE; } else { $form_error = TRUE; } } $db = new Database(); // Category ID $category_ids = array(); if (isset($_GET['c']) and !empty($_GET['c'])) { $category_ids = explode(",", $_GET['c']); //get rid of that trailing "," } else { $category_ids = array("0"); } // logical operator $logical_operator = "or"; if (isset($_GET['lo']) and !empty($_GET['lo'])) { $logical_operator = $_GET['lo']; } $show_unapproved = "3"; //1 show only approved, 2 show only unapproved, 3 show all //figure out if we're showing unapproved stuff or what. if (isset($_GET['u']) and !empty($_GET['u'])) { $show_unapproved = (int) $_GET['u']; } $approved_text = ""; if ($show_unapproved == 1) { $approved_text = "incident.incident_active = 1 "; } else { if ($show_unapproved == 2) { $approved_text = "incident.incident_active = 0 "; } else { if ($show_unapproved == 3) { $approved_text = " (incident.incident_active = 0 OR incident.incident_active = 1) "; } } } // Start Date $start_date = (isset($_GET['s']) and !empty($_GET['s'])) ? (int) $_GET['s'] : "0"; // End Date $end_date = (isset($_GET['e']) and !empty($_GET['e'])) ? (int) $_GET['e'] : "0"; $filter .= $start_date ? " AND incident.incident_date >= '" . date("Y-m-d H:i:s", $start_date) . "'" : ""; $filter .= $end_date ? " AND incident.incident_date <= '" . date("Y-m-d H:i:s", $end_date) . "'" : ""; $location_where = ""; // Break apart location variables, if necessary $southwest = array(); if (isset($_GET['sw'])) { $southwest = explode(",", $_GET['sw']); } $northeast = array(); if (isset($_GET['ne'])) { $northeast = explode(",", $_GET['ne']); } if (count($southwest) == 2 and count($northeast) == 2) { $lon_min = (double) $southwest[0]; $lon_max = (double) $northeast[0]; $lat_min = (double) $southwest[1]; $lat_max = (double) $northeast[1]; $location_where = ' AND (location.latitude >=' . $lat_min . ' AND location.latitude <=' . $lat_max . ' AND location.longitude >=' . $lon_min . ' AND location.longitude <=' . $lon_max . ') '; } $reports_count = adminmap_reports::get_reports_count($category_ids, $approved_text, $location_where . " AND " . $filter, $logical_operator); // Pagination $pagination = new Pagination(array('query_string' => 'page', 'items_per_page' => (int) Kohana::config('settings.items_per_page'), 'total_items' => $reports_count)); $incidents = adminmap_reports::get_reports($category_ids, $approved_text, $location_where . " AND " . $filter, $logical_operator, "incident.incident_date", "asc", (int) Kohana::config('settings.items_per_page_admin'), $pagination->sql_offset); //GET countries $countries = array(); foreach (ORM::factory('country')->orderby('country')->find_all() as $country) { // Create a list of all categories $this_country = $country->country; if (strlen($this_country) > 35) { $this_country = substr($this_country, 0, 35) . "..."; } $countries[$country->id] = $this_country; } $this->template->content->countries = $countries; $this->template->content->incidents = $incidents; $this->template->content->pagination = $pagination; $this->template->content->form_error = $form_error; $this->template->content->form_saved = $form_saved; $this->template->content->form_action = $form_action; // Total Reports $this->template->content->total_items = $pagination->total_items; // Status Tab $this->template->content->status = $status; // Javascript Header $this->template->js = new View('admin/reports_js'); }
public function loadEvenementsGroupe($id_groupe) { $vue = new Vue("EvenementsGroupe", "Groupe", ['stylesheet.css']); $succes = ""; $error = ""; if (!empty($_POST)) { if (!empty($_POST['abonnement'])) { $this->groupe->joinGroupe($_SESSION['user']['id'], $id_groupe); $this->groupe->quitInvit($_SESSION['user']['id'], $id_groupe); $succes = 'Vous avez rejoint le groupe avec succès!'; } if (!empty($_POST['desabonnement'])) { $this->groupe->quitGroupe($_SESSION['user']['id'], $id_groupe); $succes = "Vous avez quitté le groupe avec succès."; } if (!empty($_POST['desiste'])) { $this->groupe->quitInvit($_SESSION['user']['id'], $id_groupe); $succes = "Vous avez refusé l'invitation"; } if (!empty($_POST['deleteEve'])) { $this->groupe->deleteEvenement($id_groupe); $nom_evenement = str_replace(' ', '-', $_POST['nom']); $error .= deletePhoto($nom_evenement . '.jpg', 'Groupes/Evenements', 'Erreur lors de la suppression de la photo.'); if (empty($error)) { $succes = "Evenement effacé avec succès!"; } } } $isMembre = $this->groupe->isMembre($_SESSION['user']['id'], $id_groupe); $isLeader = $this->groupe->isleader($_SESSION['user']['id'], $id_groupe); $datagroupe = $this->groupe->getInfoGroup($id_groupe)->fetch(); $ville = $this->groupe->getVilleById($datagroupe['id_ville'])->fetch(); $NBmembres = $this->groupe->countmembres($id_groupe)->fetchAll(); $isInvit = $this->groupe->isInvit($id_groupe, $_SESSION['user']['id']); $sport = $this->groupe->getSport($datagroupe['id_sport'])->fetch(); $evenement = $this->groupe->getEvenements($id_groupe)->fetchAll(); $vue->loadpage(['datagroupe' => $datagroupe, 'isInvit' => $isInvit, 'NBmembres' => $NBmembres, 'ville' => $ville, 'sport' => $sport, 'isLeader' => $isLeader, 'evenement' => $evenement, 'isMembre' => $isMembre, 'error' => $error, 'succes' => $succes]); }
public function loadBackOfficeClub() { if (!empty($_POST)) { if (isset($_POST['modifierclub'])) { $verification = new Verification($_POST); $verificationPhoto = new Verification($_FILES); if (!empty($_FILES['photo']['name'])) { $verificationPhoto->PhotoOk('photo', $_POST['nomclub'] . '.jpg', 'Clubs/Bannière/', false); } $verification->notEmpty('informations', "Veuillez remplir la description du club."); $verification->notEmpty('telephone', "Veuillez remplir le numéro de téléphone du club."); $verification->notEmpty('email', "Veuillez remplir l'adresse email du club."); $verification->notEmpty('lien', "Veuillez ajouter le lien du site du club."); $verification->notEmpty('adresse', "Veuillez remplir l'adresse du club."); $error = $verification->error; if ($verification->isValid() && $verificationPhoto->isValid()) { if (!empty($_FILES['photo']['name'])) { deletePhoto($_POST['nomclub'] . '.jpg', 'Clubs/Bannière', 'photo'); } /*upload images*/ $error .= uploadPhoto($_POST['nomclub'] . '.jpg', 'Clubs/Bannière', 'photo'); if (empty($error)) { $this->admin->updateClub($_POST['id_club']); $succes = "Club modifié avec succès!"; } } } if (isset($_POST['addclub'])) { if (!empty($_FILES['photo']['name'])) { $error .= "Veuillez selectionner une icone pour le club."; } $verification = new Verification($_POST); $verificationPhoto = new Verification($_FILES); $verification->notEmpty('informations', "Veuillez remplir la description du club."); $verification->notEmpty('telephone', "Veuillez remplir le numéro de téléphone du club."); $verification->notEmpty('email', "Veuillez remplir l'adresse email du club."); $verification->notEmpty('lien', "Veuillez ajouter le lien du site du club."); $verification->notEmpty('nom', "Veuillez remplir le nom du club."); $verification->notEmpty('adresse', "Veuillez remplir l'adresse du club."); $nomclub = str_replace(' ', '-', $_POST['nom']); $verificationPhoto->PhotoOk('photo', $nomclub . '.jpg', 'Clubs/Bannière'); $error = $verification->error; if ($verification->isValid() && $verificationPhoto->isValid()) { $error .= uploadPhoto($nomclub . '.jpg', 'Clubs/Bannière/', 'photo'); if (empty($error)) { $this->admin->addClub(); $succes = "Club ajouté avec succès!"; } } } if (isset($_POST['Suppr'])) { //supprimer club ici. $this->admin->deleteClub(); $succes = "Suppression réussie!"; } } $clubs = $this->groupe->getClubs()->fetchAll(); $vue = new Vue("BackOfficeClub", "Admin", ['font-awesome.css', 'admin.css'], ['Admin/admin.js']); $vue->loadbackoffice(['clubs' => $clubs, 'error' => $error, 'succes' => $succes]); }
$lefteye_x = $mysqli->real_escape_string(filter_input(INPUT_POST, "lefteyeX")); $lefteye_y = $mysqli->real_escape_string(filter_input(INPUT_POST, "lefteyeY")); $righteye_x = $mysqli->real_escape_string(filter_input(INPUT_POST, "righteyeX")); $righteye_y = $mysqli->real_escape_string(filter_input(INPUT_POST, "righteyeY")); if ($method == "newuser") { $answer = newUser($firstname, $lastname, $nickname, $sex, $birthday); } elseif ($method == "getallusers") { $answer = getAllUsers(); } elseif ($method == "getuserdata") { $answer = getUserData($id); } elseif ($method == "updateuser") { $answer = updateUser($id, $firstname, $lastname, $nickname, $sex, $birthday); } elseif ($method == "deleteuser") { $answer = deleteuser($id); } elseif ($method == "getuserimageids") { $answer = getUserImageIds($id); } elseif ($method == "newphoto") { $answer = uploadNewPhoto($id); } elseif ($method == "deletephoto") { $answer = deletePhoto($id); } elseif ($method == "updateeyes") { $answer = updateEyes($id, $lefteye_x, $lefteye_y, $righteye_x, $righteye_y); } else { echo "\"{$method}\" is an unknown method"; } echo $answer; return; } header($_SERVER["SERVER_PROTOCOL"] . " 400 Bad Request"); echo "no method"; return;
/** * Lists the reports. * @param int $page */ function index($page = 1) { $auth = new auth(); if (!($auth and $auth->logged_in('superadmin'))) { url::redirect('admin/dashboard'); } $this->template->content = new View('simplegroups/reportssuper'); $this->template->content->title = Kohana::lang('ui_admin.reports'); if (!empty($_GET['status'])) { $status = $_GET['status']; if (strtolower($status) == 'a') { $filter = 'incident_active = 0'; } elseif (strtolower($status) == 'v') { $filter = 'incident_verified = 0'; } else { $status = "0"; $filter = '1=1'; } } else { $status = "0"; $filter = "1=1"; } // Get Search Keywords (If Any) if (isset($_GET['k'])) { // Brute force input sanitization // Phase 1 - Strip the search string of all non-word characters $keyword_raw = preg_replace('/[^\\w+]\\w*/', '', $_GET['k']); // Strip any HTML tags that may have been missed in Phase 1 $keyword_raw = strip_tags($keyword_raw); // Phase 3 - Invoke Kohana's XSS cleaning mechanism just incase an outlier wasn't caught // in the first 2 steps $keyword_raw = $this->input->xss_clean($keyword_raw); $filter .= " AND (" . $this->_get_searchstring($keyword_raw) . ")"; } else { $keyword_raw = ""; } // check, has the form been submitted? $form_error = FALSE; $form_saved = FALSE; $form_action = ""; if ($_POST) { $post = Validation::factory($_POST); // Add some filters $post->pre_filter('trim', TRUE); // Add some rules, the input field, followed by a list of checks, carried out in order $post->add_rules('action', 'required', 'alpha', 'length[1,1]'); $post->add_rules('incident_id.*', 'required', 'numeric'); if ($post->validate()) { if ($post->action == 'a') { foreach ($post->incident_id as $item) { $update = new Incident_Model($item); if ($update->loaded == true) { if ($update->incident_active == 0) { $update->incident_active = '1'; } else { $update->incident_active = '0'; } // Tag this as a report that needs to be sent out as an alert if ($update->incident_alert_status != '2') { // 2 = report that has had an alert sent $update->incident_alert_status = '1'; } $update->save(); $verify = new Verify_Model(); $verify->incident_id = $item; $verify->verified_status = '1'; $verify->user_id = $_SESSION['auth_user']->id; // Record 'Verified By' Action $verify->verified_date = date("Y-m-d H:i:s", time()); $verify->save(); // Action::report_approve - Approve a Report Event::run('ushahidi_action.report_approve', $update); } } $form_action = strtoupper(Kohana::lang('ui_admin.approved')); } elseif ($post->action == 'u') { foreach ($post->incident_id as $item) { $update = new Incident_Model($item); if ($update->loaded == true) { $update->incident_active = '0'; // If Alert hasn't been sent yet, disable it if ($update->incident_alert_status == '1') { $update->incident_alert_status = '0'; } $update->save(); $verify = new Verify_Model(); $verify->incident_id = $item; $verify->verified_status = '0'; $verify->user_id = $_SESSION['auth_user']->id; // Record 'Verified By' Action $verify->verified_date = date("Y-m-d H:i:s", time()); $verify->save(); // Action::report_unapprove - Unapprove a Report Event::run('ushahidi_action.report_unapprove', $update); } } $form_action = strtoupper(Kohana::lang('ui_admin.unapproved')); } elseif ($post->action == 'v') { foreach ($post->incident_id as $item) { $update = new Incident_Model($item); $verify = new Verify_Model(); if ($update->loaded == true) { if ($update->incident_verified == '1') { $update->incident_verified = '0'; $verify->verified_status = '0'; } else { $update->incident_verified = '1'; $verify->verified_status = '2'; } $update->save(); $verify->incident_id = $item; $verify->user_id = $_SESSION['auth_user']->id; // Record 'Verified By' Action $verify->verified_date = date("Y-m-d H:i:s", time()); $verify->save(); } } $form_action = "VERIFIED"; } elseif ($post->action == 'd') { foreach ($post->incident_id as $item) { $update = new Incident_Model($item); if ($update->loaded == true) { $incident_id = $update->id; $location_id = $update->location_id; $update->delete(); // Delete Location ORM::factory('location')->where('id', $location_id)->delete_all(); // Delete Categories ORM::factory('incident_category')->where('incident_id', $incident_id)->delete_all(); // Delete Translations ORM::factory('incident_lang')->where('incident_id', $incident_id)->delete_all(); // Delete Photos From Directory foreach (ORM::factory('media')->where('incident_id', $incident_id)->where('media_type', 1) as $photo) { deletePhoto($photo->id); } // Delete Media ORM::factory('media')->where('incident_id', $incident_id)->delete_all(); // Delete Sender ORM::factory('incident_person')->where('incident_id', $incident_id)->delete_all(); // Delete relationship to SMS message $updatemessage = ORM::factory('message')->where('incident_id', $incident_id)->find(); if ($updatemessage->loaded == true) { $updatemessage->incident_id = 0; $updatemessage->save(); } // Delete Comments ORM::factory('comment')->where('incident_id', $incident_id)->delete_all(); //Delete Group ORM::factory("simplegroups_groups_incident")->where('incident_id', $incident_id)->delete_all(); } } $form_action = strtoupper(Kohana::lang('ui_admin.deleted')); } $form_saved = TRUE; } else { $form_error = TRUE; } } $db = new Database(); // Category ID $category_ids = array(); if (isset($_GET['c']) and !empty($_GET['c'])) { $category_ids = explode(",", $_GET['c']); //get rid of that trailing "," } else { $category_ids = array("0"); } // logical operator $logical_operator = "or"; if (isset($_GET['lo']) and !empty($_GET['lo'])) { $logical_operator = $_GET['lo']; } $show_unapproved = "3"; //1 show only approved, 2 show only unapproved, 3 show all //figure out if we're showing unapproved stuff or what. if (isset($_GET['u']) and !empty($_GET['u'])) { $show_unapproved = (int) $_GET['u']; } $approved_text = ""; if ($show_unapproved == 1) { $approved_text = "incident.incident_active = 1 "; } else { if ($show_unapproved == 2) { $approved_text = "incident.incident_active = 0 "; } else { if ($show_unapproved == 3) { $approved_text = " (incident.incident_active = 0 OR incident.incident_active = 1) "; } } } $location_where = ""; // Break apart location variables, if necessary $southwest = array(); if (isset($_GET['sw'])) { $southwest = explode(",", $_GET['sw']); } $northeast = array(); if (isset($_GET['ne'])) { $northeast = explode(",", $_GET['ne']); } if (count($southwest) == 2 and count($northeast) == 2) { $lon_min = (double) $southwest[0]; $lon_max = (double) $northeast[0]; $lat_min = (double) $southwest[1]; $lat_max = (double) $northeast[1]; $location_where = ' AND (location.latitude >=' . $lat_min . ' AND location.latitude <=' . $lat_max . ' AND location.longitude >=' . $lon_min . ' AND location.longitude <=' . $lon_max . ') '; } $group = 0; //figure out if we're showing unapproved stuff or what. if (isset($_GET['sg']) and !empty($_GET['sg'])) { $group = (int) $_GET['sg']; } $group_where = " (1=1) "; if ($group != 0) { $group_where = " (simplegroups_groups_incident.simplegroups_groups_id = " . $group . ") "; } $reports_count = groups::get_reports_count($category_ids, $approved_text, $location_where . " AND " . $filter . " AND " . $group_where, $logical_operator); // Pagination $pagination = new Pagination(array('query_string' => 'page', 'items_per_page' => (int) Kohana::config('settings.items_per_page'), 'total_items' => $reports_count)); $incidents = groups::get_reports($category_ids, $approved_text, $location_where . " AND " . $filter . " AND " . $group_where, $logical_operator, "incident.incident_date", "asc", (int) Kohana::config('settings.items_per_page_admin'), $pagination->sql_offset); $location_ids = array(); foreach ($incidents as $incident) { $location_ids[] = $incident->location_id; } //check if location_ids is not empty if (count($location_ids) > 0) { $locations_result = ORM::factory('location')->in('id', implode(',', $location_ids))->find_all(); $locations = array(); foreach ($locations_result as $loc) { $locations[$loc->id] = $loc->location_name; } } else { $locations = array(); } $this->template->content->locations = $locations; //GET countries $countries = array(); foreach (ORM::factory('country')->orderby('country')->find_all() as $country) { // Create a list of all categories $this_country = $country->country; if (strlen($this_country) > 35) { $this_country = substr($this_country, 0, 35) . "..."; } $countries[$country->id] = $this_country; } $this->template->content->countries = $countries; $this->template->content->incidents = $incidents; $this->template->content->pagination = $pagination; $this->template->content->form_error = $form_error; $this->template->content->form_saved = $form_saved; $this->template->content->form_action = $form_action; // Total Reports $this->template->content->total_items = $pagination->total_items; // Status Tab $this->template->content->status = $status; // Javascript Header $this->template->js = new View('simplegroups/reports_js'); }
/** * Lists the reports. * @param int $page */ function index($page = 1) { $this->template->content = new View('members/reports'); $this->template->content->title = Kohana::lang('ui_admin.reports'); if (!empty($_GET['status'])) { $status = $_GET['status']; if (strtolower($status) == 'a') { $filter = 'incident_active = 0'; } elseif (strtolower($status) == 'v') { $filter = 'incident_verified = 0'; } else { $status = "0"; $filter = '1=1'; } } else { $status = "0"; $filter = "1=1"; } // Get Search Keywords (If Any) if (isset($_GET['k'])) { // Brute force input sanitization // Phase 1 - Strip the search string of all non-word characters $keyword_raw = preg_replace('/[^\\w+]\\w*/', '', $_GET['k']); // Strip any HTML tags that may have been missed in Phase 1 $keyword_raw = strip_tags($keyword_raw); // Phase 3 - Invoke Kohana's XSS cleaning mechanism just incase an outlier wasn't caught // in the first 2 steps $keyword_raw = $this->input->xss_clean($keyword_raw); $filter .= " AND (" . $this->_get_searchstring($keyword_raw) . ")"; } else { $keyword_raw = ""; } // check, has the form been submitted? $form_error = FALSE; $form_saved = FALSE; $form_action = ""; if ($_POST) { // Setup validation $post = Validation::factory($_POST); // Add some filters $post->pre_filter('trim', TRUE); // Add some rules, the input field, followed by a list of checks, carried out in order $post->add_rules('action', 'required', 'alpha', 'length[1,1]'); $post->add_rules('incident_id.*', 'required', 'numeric'); if ($post->validate()) { if ($post->action == 'd') { foreach ($post->incident_id as $item) { $update = ORM::factory('incident')->where('user_id', $this->user->id)->find($item); if ($update->loaded == true) { $incident_id = $update->id; $location_id = $update->location_id; $update->delete(); // Delete Location ORM::factory('location')->where('id', $location_id)->delete_all(); // Delete Categories ORM::factory('incident_category')->where('incident_id', $incident_id)->delete_all(); // Delete Translations ORM::factory('incident_lang')->where('incident_id', $incident_id)->delete_all(); // Delete Photos From Directory foreach (ORM::factory('media')->where('incident_id', $incident_id)->where('media_type', 1) as $photo) { deletePhoto($photo->id); } // Delete Media ORM::factory('media')->where('incident_id', $incident_id)->delete_all(); // Delete Sender ORM::factory('incident_person')->where('incident_id', $incident_id)->delete_all(); // Delete relationship to SMS message $updatemessage = ORM::factory('message')->where('incident_id', $incident_id)->find(); if ($updatemessage->loaded) { $updatemessage->incident_id = 0; $updatemessage->save(); } // Delete Comments ORM::factory('comment')->where('incident_id', $incident_id)->delete_all(); // Action::report_delete - Deleted a Report Event::run('ushahidi_action.report_delete', $update); } } $form_action = strtoupper(Kohana::lang('ui_admin.deleted')); } $form_saved = TRUE; } else { $form_error = TRUE; } } // Pagination $pagination = new Pagination(array('query_string' => 'page', 'items_per_page' => (int) Kohana::config('settings.items_per_page_admin'), 'total_items' => ORM::factory('incident')->join('location', 'incident.location_id', 'location.id', 'INNER')->where($filter)->where('user_id', $this->user->id)->count_all())); $incidents = ORM::factory('incident')->join('location', 'incident.location_id', 'location.id', 'INNER')->where($filter)->where('user_id', $this->user->id)->orderby('incident_dateadd', 'desc')->find_all((int) Kohana::config('settings.items_per_page_admin'), $pagination->sql_offset); $location_ids = array(); $country_ids = array(); foreach ($incidents as $incident) { $location_ids[] = $incident->location_id; } //check if location_ids is not empty if (count($location_ids) > 0) { $locations_result = ORM::factory('location')->in('id', implode(',', $location_ids))->find_all(); $locations = array(); foreach ($locations_result as $loc) { $locations[$loc->id] = $loc->location_name; $country_ids[$loc->id]['country_id'] = $loc->country_id; } } else { $locations = array(); } $this->template->content->locations = $locations; $this->template->content->country_ids = $country_ids; //GET countries $countries = array(); foreach (ORM::factory('country')->orderby('country')->find_all() as $country) { // Create a list of all categories $this_country = $country->country; if (strlen($this_country) > 35) { $this_country = substr($this_country, 0, 35) . "..."; } $countries[$country->id] = $this_country; } $this->template->content->countries = $countries; $this->template->content->incidents = $incidents; $this->template->content->pagination = $pagination; $this->template->content->form_error = $form_error; $this->template->content->form_saved = $form_saved; $this->template->content->form_action = $form_action; // Total Reports $this->template->content->total_items = $pagination->total_items; // Status Tab $this->template->content->status = $status; // Javascript Header $this->template->js = new View('admin/reports_js'); }
$smarty->assign('photoInfoArr', $photoInfoArr); } $smarty->assign('userId', $userId); $smarty->assign('userName', $userName); $smarty->assign('albumId', $albumId); $smarty->assign('albumCover', $albumCover); $smarty->assign('cssFileName', 'photoList'); $smarty->display('photoList.tpl'); } if (!empty($_POST['albumId']) && !empty($_POST['act']) && $_POST['act'] == 'delAlbum') { $albumId = $_POST['albumId']; $result = selectSql('photos', 'photo_id', 'album_id=' . $albumId); if ($result['state'] == 1) { //删除文件夹里的图片 while ($rows = mysql_fetch_array($result['msg'])) { deletePhoto($rows['photo_id']); } } //删除照片数据表中数据 $result = deleteSql('photos', 'album_id=' . $albumId); if ($result['state'] == 0) { echo json_encode(array('state' => 0, 'msg' => '删除失败')); return false; } //删除相册数据表中数据 $result = deleteSql('albums', 'album_id=' . $albumId); if ($result['state'] == 0) { echo json_encode(array('state' => 0, 'msg' => '删除失败')); return false; } echo json_encode(array('state' => 1, 'msg' => '删除成功'));
/** * Lists the reports. * @param int $page */ function index($page = 1) { // If user doesn't have access, redirect to dashboard if (!admin::permissions($this->user, "reports_view")) { url::redirect(url::site() . 'admin/dashboard'); } $this->template->content = new View('admin/reports'); $this->template->content->title = Kohana::lang('ui_admin.reports'); if (!empty($_GET['status'])) { $status = $_GET['status']; if (strtolower($status) == 'a') { $filter = 'incident_active = 0'; } elseif (strtolower($status) == 'v') { $filter = 'incident_verified = 0'; } else { $status = "0"; $filter = '1=1'; } } else { $status = "0"; $filter = "1=1"; } // Get Search Keywords (If Any) if (isset($_GET['k'])) { // Brute force input sanitization // Phase 1 - Strip the search string of all non-word characters $keyword_raw = preg_replace('/[^\\w+]\\w*/', '', $_GET['k']); // Strip any HTML tags that may have been missed in Phase 1 $keyword_raw = strip_tags($keyword_raw); // Phase 3 - Invoke Kohana's XSS cleaning mechanism just incase an outlier wasn't caught // in the first 2 steps $keyword_raw = $this->input->xss_clean($keyword_raw); $filter .= " AND (" . $this->_get_searchstring($keyword_raw) . ")"; } else { $keyword_raw = ""; } // check, has the form been submitted? $form_error = FALSE; $form_saved = FALSE; $form_action = ""; if ($_POST) { $post = Validation::factory($_POST); // Add some filters $post->pre_filter('trim', TRUE); // Add some rules, the input field, followed by a list of checks, carried out in order $post->add_rules('action', 'required', 'alpha', 'length[1,1]'); $post->add_rules('incident_id.*', 'required', 'numeric'); if ($post->validate()) { if ($post->action == 'a') { foreach ($post->incident_id as $item) { $update = new Incident_Model($item); if ($update->loaded == true) { if ($update->incident_active == 0) { $update->incident_active = '1'; } else { $update->incident_active = '0'; } // Tag this as a report that needs to be sent out as an alert if ($update->incident_alert_status != '2') { // 2 = report that has had an alert sent $update->incident_alert_status = '1'; } $update->save(); $verify = new Verify_Model(); $verify->incident_id = $item; $verify->verified_status = '1'; $verify->user_id = $_SESSION['auth_user']->id; // Record 'Verified By' Action $verify->verified_date = date("Y-m-d H:i:s", time()); $verify->save(); // Action::report_approve - Approve a Report Event::run('ushahidi_action.report_approve', $update); // XXX notify user that incident has been approved if (!empty($update->incident_person->person_email)) { $to = $update->incident_person->person_email; $from = Kohana::lang('ui_admin.incident_approved_from'); $subject = Kohana::lang('ui_admin.incident_approved_subject'); $message = "Yay! Your entry has been approved.\n\n"; $message .= "See it now: " . url::site('reports/view/' . $update->id) . "\n"; email::send($to, $from, $subject, $message); } } } $form_action = strtoupper(Kohana::lang('ui_admin.approved')); } elseif ($post->action == 'u') { foreach ($post->incident_id as $item) { $update = new Incident_Model($item); if ($update->loaded == true) { $update->incident_active = '0'; // If Alert hasn't been sent yet, disable it if ($update->incident_alert_status == '1') { $update->incident_alert_status = '0'; } $update->save(); $verify = new Verify_Model(); $verify->incident_id = $item; $verify->verified_status = '0'; $verify->user_id = $_SESSION['auth_user']->id; // Record 'Verified By' Action $verify->verified_date = date("Y-m-d H:i:s", time()); $verify->save(); // Action::report_unapprove - Unapprove a Report Event::run('ushahidi_action.report_unapprove', $update); } } $form_action = strtoupper(Kohana::lang('ui_admin.unapproved')); } elseif ($post->action == 'v') { foreach ($post->incident_id as $item) { $update = new Incident_Model($item); $verify = new Verify_Model(); if ($update->loaded == true) { if ($update->incident_verified == '1') { $update->incident_verified = '0'; $verify->verified_status = '0'; } else { $update->incident_verified = '1'; $verify->verified_status = '2'; } $update->save(); $verify->incident_id = $item; $verify->user_id = $_SESSION['auth_user']->id; // Record 'Verified By' Action $verify->verified_date = date("Y-m-d H:i:s", time()); $verify->save(); } } $form_action = "VERIFIED"; } elseif ($post->action == 'd') { foreach ($post->incident_id as $item) { $update = new Incident_Model($item); if ($update->loaded == true) { $incident_id = $update->id; $location_id = $update->location_id; $update->delete(); // Delete Location ORM::factory('location')->where('id', $location_id)->delete_all(); // Delete Categories ORM::factory('incident_category')->where('incident_id', $incident_id)->delete_all(); // Delete Translations ORM::factory('incident_lang')->where('incident_id', $incident_id)->delete_all(); // Delete Photos From Directory foreach (ORM::factory('media')->where('incident_id', $incident_id)->where('media_type', 1) as $photo) { deletePhoto($photo->id); } // Delete Media ORM::factory('media')->where('incident_id', $incident_id)->delete_all(); // Delete Sender ORM::factory('incident_person')->where('incident_id', $incident_id)->delete_all(); // Delete relationship to SMS message $updatemessage = ORM::factory('message')->where('incident_id', $incident_id)->find(); if ($updatemessage->loaded == true) { $updatemessage->incident_id = 0; $updatemessage->save(); } // Delete Comments ORM::factory('comment')->where('incident_id', $incident_id)->delete_all(); // Action::report_delete - Deleted a Report Event::run('ushahidi_action.report_delete', $update); } } $form_action = strtoupper(Kohana::lang('ui_admin.deleted')); } $form_saved = TRUE; } else { $form_error = TRUE; } } // Pagination $pagination = new Pagination(array('query_string' => 'page', 'items_per_page' => (int) Kohana::config('settings.items_per_page_admin'), 'total_items' => ORM::factory('incident')->join('location', 'incident.location_id', 'location.id', 'INNER')->where($filter)->count_all())); $incidents = ORM::factory('incident')->join('location', 'incident.location_id', 'location.id', 'INNER')->where($filter)->orderby('incident_dateadd', 'desc')->find_all((int) Kohana::config('settings.items_per_page_admin'), $pagination->sql_offset); $location_ids = array(); foreach ($incidents as $incident) { $location_ids[] = $incident->location_id; } //check if location_ids is not empty if (count($location_ids) > 0) { $locations_result = ORM::factory('location')->in('id', implode(',', $location_ids))->find_all(); $locations = array(); foreach ($locations_result as $loc) { $locations[$loc->id] = $loc->location_name; } } else { $locations = array(); } $this->template->content->locations = $locations; //GET countries $countries = array(); foreach (ORM::factory('country')->orderby('country')->find_all() as $country) { // Create a list of all categories $this_country = $country->country; if (strlen($this_country) > 35) { $this_country = substr($this_country, 0, 35) . "..."; } $countries[$country->id] = $this_country; } $this->template->content->countries = $countries; $this->template->content->incidents = $incidents; $this->template->content->pagination = $pagination; $this->template->content->form_error = $form_error; $this->template->content->form_saved = $form_saved; $this->template->content->form_action = $form_action; // Total Reports $this->template->content->total_items = $pagination->total_items; // Status Tab $this->template->content->status = $status; // Javascript Header $this->template->js = new View('admin/reports_js'); }
$nick = $_SESSION['nick']; $email = $_SESSION['email']; $albumName = $_GET['albumName']; $path = $_GET['path']; $role = getRole($nick); if (strcmp($role, "admin") == 0) { $targetNick = $_GET['nick']; } else { $targetNick = $nick; } if (strcmp($role, "partner") == 0) { if (isAlbum($nick, $albumName)) { if (deletePhoto($albumName, $path, $email, $ip)) { echo "Se ha borrado la foto correctamente."; } } else { echo "No se ha podido borrar foto, no existe."; } } else { if (deletePhoto($albumName, $path, $email, $ip)) { echo "Se ha borrado la foto correctamente."; } else { echo "No se ha podido borrar foto, no existe."; } } //En eliminar album deberia contemplarse la opcion de eliminar todas las fotos. //Si el mismo usuario borra y crea el mismo album recupera todas las fotos. //Hay que eliminar path y album, el nick va implícito en el path ?>
<?php if (isset($_POST["envoyer"]) and isset($_POST['etape2Valide']) and isset($_POST['nomAlbum']) and isset($_POST['idAlbum'])) { deletePhoto($_POST['nomPhoto'], $_POST['idAlbum']); unlink("vues/images/album/" . $_POST['nomAlbum'] . "/" . $_POST['nomPhoto']); unlink("vues/images/album/" . $_POST['nomAlbum'] . "/min/" . $_POST['nomPhoto']); //--------- //echo "vues/images/album/".$_POST['nomAlbum']."/".$_POST['nomPhoto']; //--------- if (photoExistInTableVote("../vues/images/album/" . $_POST['nomAlbum'] . "/" . $_POST['nomPhoto']) == true) { deletePhotoInTableVote("../vues/images/album/" . $_POST['nomAlbum'] . "/" . $_POST['nomPhoto']); } ?> <section class="slice bg-3"> <div class="w-section inverse"> <div class="container"> <div class="row"> <div class="col-md-7"> <p>Information :</p> <ul class="list-check"> <li><i class="fa fa-check"></i> La photo <?php echo $_POST['nomPhoto']; ?> a bien été supprimée !</li> </ul> </div> </div> </div> </div> </section>
<? // Manages PhotoGallery Operations //include("validaterequest.php"); require("../db.php"); extract($_POST); if ($_GET['method'] == "ADD") { addNewPhoto(); } else if ($_GET['method'] == "UPDATE") { editExistingPhoto(); } else if ($_GET['method'] == "DELETE") { deletePhoto(); } function addNewPhoto() { $id = generateUniqueId("jos_photo"); $fileName = rand(1000, 100000000) . $_FILES['photo']['name']; $path = "./images/" . $fileName; $title = $_POST['title']; $descr = $_POST['desc']; $landing_url = $_POST['landing_url']; $query = "INSERT INTO review_pic (review_id, review_header, review_content, landing_url, pic_url, is_deleted) VALUES ($id, '$title', '$descr', '$landing_url', '$path', 0)"; $path = dirname(__FILE__) . "\\images\\" . $fileName; move_uploaded_file($_FILES['photo']['tmp_name'], $path); mysql_query($query) or die("Couldn't execute query"); header("Location: ../index.php?msg=Added Successfully"); } function editExistingPhoto() {
//读取照片评论 $commentInfoArr = getComments($photoId, $defaultAvatar, $avatarPath); } $smarty->assign('photoId', $photoId); $smarty->assign('userId', $userId); $smarty->assign('userName', $userName); $smarty->assign('photoInfoArr', $photoInfoArr); $smarty->assign('commentInfoArr', $commentInfoArr); $smarty->assign('allPhotoInfoArr', $allPhotoInfoArr); $smarty->assign('cssFileName', 'photoBrowser'); $smarty->display('photoBrowser.tpl'); } if (!empty($_POST['photoId']) && !empty($_POST['act']) && $_POST['act'] == 'delPh') { $photoId = $_POST['photoId']; //删除文件夹里的图片 deletePhoto($photoId); $result = deleteSql('photos', 'photo_id=' . $photoId); if ($result['state'] == 1) { echo json_encode(array('state' => 1, 'msg' => '删除成功.')); } else { echo json_encode(array('state' => 0, 'msg' => '删除失败.')); } return false; } if (isset($_POST['editName']) && !empty($_POST['photoId']) && !empty($_POST['act']) && $_POST['act'] == 'editPh') { $photoId = $_POST['photoId']; $editName = $_POST['editName']; $photoDesc = $_POST['photoDesc']; $result = updateSql('photos', "edit_name='{$editName}',photo_desc='{$photoDesc}'", 'photo_id=' . $photoId); if ($result['state'] == 1) { echo json_encode(array('state' => 1, 'msg' => '编辑成功.'));