function show_results($dbh, $user_input, $nbr_lignes = 0, $page = 0, $id = 0)
{
global $nb_per_page;
global $base_url;
global $caller;
global $callback;
global $msg;
global $charset;
global $no_display;
// on récupére le nombre de lignes qui vont bien
if (!$id) {
if ($user_input == "") {
$requete = "SELECT COUNT(1) FROM publishers where ed_id!='{$no_display}'";
} else {
$aq = new analyse_query(stripslashes($user_input));
if ($aq->error) {
error_message($msg["searcher_syntax_error"], sprintf($msg["searcher_syntax_error_desc"], $aq->current_car, $aq->input_html, $aq->error_message));
exit;
}
$requete = $aq->get_query_count("publishers", "ed_name", "index_publisher", "ed_id", "ed_id!='{$no_display}'");
}
$res = mysql_query($requete, $dbh);
$nbr_lignes = @mysql_result($res, 0, 0);
} else {
$nbr_lignes = 1;
}
if (!$page) {
$page = 1;
}
$debut = ($page - 1) * $nb_per_page;
if ($nbr_lignes) {
// on construit la vraie requête
if (!$id) {
if ($user_input == "") {
$requete = "SELECT * FROM publishers where ed_id!='{$no_display}' ORDER BY index_publisher LIMIT {$debut},{$nb_per_page} ";
} else {
$members = $aq->get_query_members("publishers", "ed_name", "index_publisher", "ed_id");
$requete = "select *," . $members["select"] . " as pert from publishers where " . $members["where"] . " and ed_id!='{$no_display}' group by ed_id order by pert desc,index_publisher limit {$debut},{$nb_per_page}";
}
} else {
$requete = "select * from publishers where ed_id='" . $id . "'";
}
$res = @mysql_query($requete, $dbh);
while ($ed = mysql_fetch_object($res)) {
$editeur = new editeur($ed->ed_id);
print pmb_bidi("\n \t\t\t\t<a href='#' onclick=\"set_parent('{$caller}', '{$ed->ed_id}', '" . htmlentities(addslashes($editeur->display), ENT_QUOTES, $charset) . "','{$callback}')\">" . htmlentities($editeur->display, ENT_QUOTES, $charset) . "</a><br />");
}
mysql_free_result($res);
// constitution des liens
$nbepages = ceil($nbr_lignes / $nb_per_page);
$suivante = $page + 1;
$precedente = $page - 1;
// affichage pagination
print "<div class='row'> <hr /></div><div align='center'>";
$url_base = $base_url . "&user_input=" . rawurlencode(stripslashes($user_input));
$nav_bar = aff_pagination($url_base, $nbr_lignes, $nb_per_page, $page, 10, false, true);
print $nav_bar;
print "</div>";
}
}
public function github()
{
//this function needs to be called wherever your redirect_uri goes to
$is_authorized = $this->github->authorize();
//Login failed!
if (!$is_authorized) {
$this->session->set_flashdata('message', error_message($this->github->get_error()));
redirect(base_url(), 'location');
} else {
//show how to get access token from session here
$github_user = $this->github->user();
$user = array('github_id' => $github_user->id, 'name' => $github_user->name, 'email' => $github_user->email, 'login' => $github_user->login, 'type' => $github_user->type, 'company' => $github_user->company, 'avatar_url' => $github_user->avatar_url, 'hireable' => $github_user->hireable, 'blog' => $github_user->blog, 'bio' => $github_user->bio, 'gravatar_id' => $github_user->gravatar_id, 'location' => $github_user->location, 'access_token' => $this->github->get_access_token());
// Checks to see if the user exists already
// $this->load->model('users_model');
// $db_user = $this->users_model->get_user_by('github_id', $github_user->id);
// If User exists update otherwise create a new record
// if ($db_user)
// {
// $this->users_model->update($db_user->id, $user);
// }
// else
// {
// $this->users_model->create($user);
// }
// For the purpose of example, we store everything in the session instead of the database
$this->session->set_userdata($user);
$this->session->set_flashdata('message', 'Boom! You\'re logged in! Welcome.');
redirect('secure', 'location');
}
}
/**
* Get XML file object from hashed project file name
* @param $fileHash: md5 hashed project name
* $projectFile: project file name ( empty var passed by reference )
* @return XML project file object
*/
function get_XML_file($fileHash, &$projectFile)
{
try {
$projects = scandir("../projects");
$projects = array_diff($projects, array('.', '..'));
$userProject = $fileHash;
$projectFile = null;
foreach ($projects as $project) {
if ($userProject == md5($project)) {
$projectFile = $project;
break;
}
}
if (!$projectFile) {
throw new RuntimeException('Project file not found.');
}
// validate simpleXML extension enabled
if (!function_exists(simpleXML_load_file)) {
throw new RuntimeException('Please, enable simplexml extention in your php.ini configuration file.');
}
// validate that the file is not corrupted
@($xmlFile = simpleXML_load_file("../projects/{$projectFile}"));
if (!$xmlFile) {
throw new RuntimeException('Invalid axp file.');
}
return $xmlFile;
} catch (RuntimeException $e) {
echo "<br>" . error_message($e->getMessage());
exit;
}
}
function show_results($dbh, $user_input, $nbr_lignes = 0, $page = 0, $id = 0)
{
global $nb_per_page;
global $base_url;
global $caller;
global $msg;
global $no_display;
global $charset;
// on récupére le nombre de lignes qui vont bien
if ($user_input == "") {
$requete = "SELECT COUNT(1) FROM notices where notice_id!='" . $no_display . "' and niveau_biblio='s' and niveau_hierar='1' ";
} else {
$aq = new analyse_query(stripslashes($user_input));
if ($aq->error) {
error_message($msg["searcher_syntax_error"], sprintf($msg["searcher_syntax_error_desc"], $aq->current_car, $aq->input_html, $aq->error_message));
exit;
}
$members = $aq->get_query_members("notices", "index_wew", "index_sew", "notice_id");
$requete = "select count(notice_id) from notices where (" . $members["where"] . " or code like '" . stripslashes($user_input) . "') and notice_id!='" . $no_display . "' and niveau_biblio='s' and niveau_hierar='1'";
}
$res = pmb_mysql_query($requete, $dbh);
$nbr_lignes = @pmb_mysql_result($res, 0, 0);
if (!$page) {
$page = 1;
}
$debut = ($page - 1) * $nb_per_page;
if ($nbr_lignes) {
// on lance la vraie requête
if ($user_input == "") {
$requete = "SELECT notice_id, tit1, code FROM notices where notice_id!='" . $no_display . "' and niveau_biblio='s' and niveau_hierar='1' ORDER BY tit1, code LIMIT {$debut},{$nb_per_page} ";
} else {
$requete = "select notice_id, tit1, code, " . $members["select"] . " as pert from notices where (" . $members["where"] . " or code like '" . stripslashes($user_input) . "') and notice_id!='" . $no_display . "' and niveau_biblio='s' and niveau_hierar='1' group by notice_id order by pert desc, index_serie, tnvol, index_sew, code limit {$debut},{$nb_per_page}";
}
$res = @pmb_mysql_query($requete, $dbh);
print "<table><tr>";
while ($notice = pmb_mysql_fetch_object($res)) {
$notice_entry = $notice->tit1 . " " . $notice->code;
print "\n\t\t\t\t<tr>\n\t\t\t\t\t<td>\n\t\t\t\t\t\t<a href='#' onclick=\"set_parent('{$caller}', '{$notice->notice_id}', '" . htmlentities(addslashes($notice->tit1), ENT_QUOTES, $charset) . " ({$notice->code})')\">" . htmlentities($notice->tit1, ENT_QUOTES, $charset) . "</a></td>\n\t\t\t\t\t<td>{$notice->code}</td>";
print "</tr>";
}
print "</table>";
pmb_mysql_free_result($res);
// constitution des liens
$nbepages = ceil($nbr_lignes / $nb_per_page);
$suivante = $page + 1;
$precedente = $page - 1;
}
// affichage de la pagination
print "<div class='row'> <hr /></div><div align='center'>";
$url_base = $base_url . "&user_input=" . rawurlencode(stripslashes($user_input));
$nav_bar = aff_pagination($url_base, $nbr_lignes, $nb_per_page, $page, 10, false, true);
print $nav_bar;
print "</div>";
}
function open_file($dir, $fileName)
{
if (!$fileName) {
error_message("Файл не выбран");
}
$dirW = iconv('UTF-8', 'CP1251', $dir);
$fileW = iconv('UTF-8', 'CP1251', $fileName);
if (!is_file("{$dirW}/{$fileW}")) {
error_message("Невозможно открыть файл {$fileName}");
}
return htmlspecialchars(file_get_contents("{$dirW}/{$fileW}"));
}
function gettemplate($template, $replace, $endung, $folder)
{
return;
if (file_exists($folder . "/" . $template . "." . $endung)) {
// Tag anpassen
$replace = add_tag($replace);
$templatecontent = strtr(implode("", file($folder . "/" . $template . "." . $endung)), $replace);
} else {
error_message("Template nicht gefunden: " . $folder . "/" . $template . "." . $endung);
}
return $templatecontent;
}
function familyValues($arg)
{
$result = mysql_query("select familyvalues.description, toname,\n\t\tcharacterinfo.name \n\t\tfrom family, familyvalues, characterinfo \n\t\twhere family.name =\n\t\t'" . quote_smart($_REQUEST["name"]) . "' and \n\t\tfamily.description = familyvalues.id and\n\t\tcharacterinfo.name = family.toname", $arg) or error_message("Query failed : " . mysql_error());
printf("<B>Family Relations:</B><BR><UL>");
while ($myrow = mysql_fetch_array($result)) {
if ($myrow[2] == null) {
printf("<LI>%s of %s<BR>", $myrow[0], $myrow[1]);
} else {
printf("<LI>%s of <A\nHREF=\"/scripts/charactersheet.php?name=%s\">%s</A><BR>", $myrow[0], $myrow[1], $myrow[1]);
}
}
printf("</UL>");
}
function pageAccess($roles, $allowed = array())
{
foreach ($allowed as $key => $val) {
if (in_array($val, $roles)) {
$access_allowed = 1;
}
}
if ($access_allowed != 1) {
$errors[] = "You do not have sufficient permissions to access this page";
echo error_message($errors);
exit;
}
}
public function get_data()
{
$ObjDb = new connect_db();
$ObjDb->db_connect();
$query = "SELECT site FROM {$this->site_tablename} WHERE user_id = '{$this->user_id}' GROUP BY site";
$result = mysql_query($query);
if (!$result) {
error_message(mysql_error());
}
for ($i = 0; $i < mysql_num_rows($result); $i++) {
$query_data = mysql_fetch_array($result);
$site = $query_data['site'];
//$SiteArray[] = iconv('windows-1251', 'utf-8', $site);
$SiteArray[] = $site;
}
if (count($SiteArray) != 0) {
$SiteArray = array_unique($SiteArray);
$temp = $SiteArray;
$SiteArray = array();
foreach ($temp as $value) {
$SiteArray[] = $value;
}
unset($temp);
}
//----------------------поиск сайтов с неуказаными запросами в таблице
if (count($SiteArray) != 0) {
foreach ($SiteArray as $site) {
//$site = iconv('utf-8', 'windows-1251', $site);
$query = "SELECT keyword FROM {$this->site_tablename} WHERE user_id = '{$this->user_id}' AND site = '{$site}'";
$result = mysql_query($query);
if (!$result) {
error_message(mysql_error());
}
for ($i = 0; $i < mysql_num_rows($result); $i++) {
$query_data = mysql_fetch_array($result);
$keyword = $query_data['keyword'];
if ($keyword == null) {
$keywordBool[] = 0;
break;
} else {
$keywordBool[] = 1;
$bool = 1;
break;
}
}
}
}
$data = array('sitearray' => $SiteArray, 'bool' => $bool, 'keywordbool' => $keywordBool, 'seacher' => $this->seacher);
$ObjDb->db_close();
return $data;
}
public function update($id, $cpm_quota)
{
try {
$data = array("cpm_quota" => $cpm_quota, "update_user" => $this->session->userdata("username"));
$this->db->where("id", $id);
$query = $this->db->update("tbl_cpm", $data);
if (!$query) {
throw new Exception();
}
return true;
} catch (Exception $e) {
$errNo = $this->db->_error_number();
//$errMsg = $this->db->_error_message();
return error_message($errNo);
}
}
function show_list_biblio()
{
global $dbh;
global $msg;
global $charset;
//Récupération de l'utilisateur
$requete_user = "******" . SESSlogin . "' limit 1 ";
$res_user = pmb_mysql_query($requete_user, $dbh);
$row_user = pmb_mysql_fetch_row($res_user);
$user_userid = $row_user[0];
//Affichage de la liste des etablissements auxquels a acces l'utilisateur
$aff = "<table>";
$q = entites::list_biblio($user_userid);
$res = pmb_mysql_query($q, $dbh);
$nbr = pmb_mysql_num_rows($res);
if (!$nbr) {
//Pas d'etablissements définis pour l'utilisateur
$error = true;
$error_msg .= htmlentities($msg["acquisition_err_coord"], ENT_QUOTES, $charset) . "<div class='row'></div>";
}
if ($error) {
error_message($msg[321], $error_msg . htmlentities($msg["acquisition_err_par"], ENT_QUOTES, $charset), '1', './admin.php?categ=acquisition');
die;
}
if ($nbr == '1') {
$row = pmb_mysql_fetch_object($res);
show_list_exer($row->id_entite);
} else {
$parity = 1;
while ($row = pmb_mysql_fetch_object($res)) {
if ($parity % 2) {
$pair_impair = "even";
} else {
$pair_impair = "odd";
}
$parity += 1;
$tr_javascript = " onmouseover=\"this.className='surbrillance'\" onmouseout=\"this.className='{$pair_impair}'\" onmousedown=\"document.location='./admin.php?categ=acquisition&sub=compta&action=list&ent={$row->id_entite}';\" ";
$aff .= "<tr class='{$pair_impair}' {$tr_javascript} style='cursor: pointer'><td><i>{$row->raison_sociale}</i></td></tr>";
}
$aff .= "</table>";
print $aff;
}
}
public function getAccess($level_id)
{
try {
$this->db->select("a.access_data, b.menu, b.create, b.read, b.update, b.delete, b.progress");
$this->db->from("tbl_level a");
$this->db->join("tbl_level_access b", "a.id = b.level_id");
$this->db->where("a.id", $level_id);
$this->db->where("a.active_status", "Y");
$query = $this->db->get();
if (!$query) {
throw new Exception();
}
$result = $query->result();
return $result;
} catch (Exception $e) {
$errNo = $this->db->_error_number();
//$errMsg = $this->db->_error_message();
return error_message($errNo);
}
}
public function update($username, $password, $name, $email)
{
try {
if ($password == "false") {
$data = array("name" => $name, "email" => $email, "update_user" => $this->session->userdata("username"));
} else {
$data = array("password" => md5($password), "name" => $name, "email" => $email, "update_user" => $this->session->userdata("username"));
}
$this->db->where("username", $username);
$query = $this->db->update("tbl_user", $data);
if (!$query) {
throw new Exception();
}
return true;
} catch (Exception $e) {
$errNo = $this->db->_error_number();
//$errMsg = $this->db->_error_message();
return error_message($errNo);
}
}
function Render()
{
global $Translation;
$eo['silentErrors'] = true;
$result = sql($this->Query . ' limit ' . datalist_auto_complete_size, $eo);
if ($eo['error'] != '') {
$this->HTML = error_message(htmlspecialchars($eo['error']) . "\n\n<!--\n{$Translation['query:']}\n {$this->Query}\n-->\n\n");
return;
}
$this->ItemCount = db_num_rows($result);
$combo = new Combo();
$combo->Class = $this->Class;
$combo->Style = $this->Style;
$combo->SelectName = $this->SelectName;
$combo->SelectedData = $this->SelectedData;
$combo->SelectedText = $this->SelectedText;
$combo->SelectedClass = 'SelectedOption';
$combo->ListType = $this->ListType;
$combo->ListBoxHeight = $this->ListBoxHeight;
$combo->RadiosPerLine = $this->RadiosPerLine;
$combo->AllowNull = $this->ListType == 2 ? 0 : $this->AllowNull;
while ($row = db_fetch_row($result)) {
$combo->ListData[] = htmlspecialchars($row[0], ENT_QUOTES, 'iso-8859-1');
$combo->ListItem[] = $row[1];
}
$combo->Render();
$this->MatchText = $combo->MatchText;
$this->SelectedText = $combo->SelectedText;
$this->SelectedData = $combo->SelectedData;
if ($this->ListType == 2) {
$rnd = rand(100, 999);
$SelectedID = htmlspecialchars(urlencode($this->SelectedData));
$pt_perm = getTablePermissions($this->parent_table);
if ($pt_perm['view'] || $pt_perm['edit']) {
$this->HTML = str_replace(">{$this->MatchText}</label>", ">{$this->MatchText}</label> <button type=\"button\" class=\"btn btn-default view_parent hspacer-lg\" id=\"{$this->parent_table}_view_parent\" title=" . htmlspecialchars($Translation['View']) . "><i class=\"glyphicon glyphicon-eye-open\"></i></button>", $combo->HTML);
}
$this->HTML = str_replace(' type="radio" ', ' type="radio" onclick="' . $this->SelectName . '_changed();" ', $this->HTML);
} else {
$this->HTML = $combo->HTML;
}
}
function register($username, $password, $confirm)
{
if (empty($username)) {
return error_message(E_REGISTER, E_NO_USERNAME);
}
if (empty($password)) {
return error_message(E_REGISTER, E_NO_PASSWORD);
}
if (empty($confirm)) {
return error_message(E_REGISTER, E_NO_CONFIRM);
}
if ($password !== $confirm) {
return error_message(E_REGISTER, 'Mismatch');
}
$user = look_up_key_value($username, USER_ACCOUNT_FILE);
if (!empty($user)) {
return error_message(E_REGISTER, E_ACCOUNT_EXISTS);
}
add_key_value($username, [$username, password_hash($password, PASSWORD_DEFAULT)], USER_ACCOUNT_FILE);
set_user($username);
return '';
}
function Render()
{
global $Translation;
$eo['silentErrors'] = true;
$result = sql($this->Query . ' limit ' . datalist_auto_complete_size, $eo);
if ($eo['error'] != '') {
$this->HTML = error_message(htmlspecialchars($eo['error']) . "\n\n<!--\n{$Translation['query:']}\n {$this->Query}\n-->\n\n");
return;
}
$this->ItemCount = db_num_rows($result);
$combo = new Combo();
$combo->Class = $this->Class;
$combo->Style = $this->Style;
$combo->SelectName = $this->SelectName;
$combo->SelectedData = $this->SelectedData;
$combo->SelectedText = $this->SelectedText;
$combo->SelectedClass = 'SelectedOption';
$combo->ListType = $this->ListType;
$combo->ListBoxHeight = $this->ListBoxHeight;
$combo->RadiosPerLine = $this->RadiosPerLine;
$combo->AllowNull = $this->ListType == 2 ? 0 : $this->AllowNull;
while ($row = db_fetch_row($result)) {
$combo->ListData[] = htmlspecialchars($row[0], ENT_QUOTES);
$combo->ListItem[] = $row[1];
}
$combo->Render();
$this->MatchText = $combo->MatchText;
$this->SelectedText = $combo->SelectedText;
$this->SelectedData = $combo->SelectedData;
if ($this->ListType == 2) {
$rnd = rand(100, 999);
$SelectedID = htmlspecialchars(urlencode($this->SelectedData));
$this->HTML = str_replace(">{$this->MatchText}</label>", ">{$this->MatchText}</label> <span id=\"{$this->parent_table}_plink{$rnd}\"><a href=\"{$this->parent_table}_view.php?SelectedID={$SelectedID}\" class=\"btn btn-default btn-sm\"><i class=\"glyphicon glyphicon-search\"></i></a></span>", $combo->HTML);
$this->HTML = str_replace(' type="radio" ', ' type="radio" onclick="' . $this->SelectName . '_changed();" ', $this->HTML);
} else {
$this->HTML = $combo->HTML;
}
}
function my_mail($mail_parts)
{
$mail_to = $mail_parts["mail_to"];
$mail_from = $mail_parts["mail_from"];
$mail_reply_to = $mail_parts["mail_reply_to"];
$mail_cc = $mail_parts["mail_cc"];
$mail_bcc = $mail_parts["mail_bcc"];
$mail_subject = $mail_parts["mail_subject"];
$mail_body = $mail_parts["mail_body"];
if (empty($mail_to)) {
error_message("Empty To field!");
}
if (empty($mail_subject)) {
error_message("Empty Subject field!");
}
if (empty($mail_body)) {
error_message("Empty Body!");
}
$mail_to = str_replace(";", ",", $mail_to);
$mail_headers = ' ';
if (!empty($mail_from)) {
$mail_headers .= "From: {$mail_from}\n";
}
if (!empty($mail_reply_to)) {
$mail_headers .= "Reply_to: {$mail_reply_to}\n";
}
if (!empty($mail_cc)) {
$mail_headers .= "Cc: " . str_replace(";", ",", $mail_cc) . "\n";
}
if (!empty($mail_bcc)) {
$mail_headers .= "Bcc: " . str_replace(";", ",", $mail_bcc) . "\n";
}
$mail_subject = stripslashes($mail_subject);
$mail_body = stripslashes($mail_body);
return mail($mail_to, $mail_subject, $mail_body);
}
case 'modif':
if ($id != "") {
$requete = "SELECT archempla_libelle FROM arch_emplacement WHERE archempla_id={$id} ";
$res = mysql_query($requete, $dbh);
if (mysql_num_rows($res)) {
$row = mysql_fetch_object($res);
emplacement_form($row->archempla_libelle, $id);
} else {
show_emplacement($dbh);
}
} else {
show_emplacement($dbh);
}
break;
case 'del':
if ($id != "") {
$total = 0;
$total = mysql_num_rows(mysql_query("select 1 from collections_state where collstate_emplacement='" . $id . "' limit 0,1", $dbh));
if ($total == 0) {
$requete = "DELETE FROM arch_emplacement WHERE archempla_id={$id} ";
$res = mysql_query($requete, $dbh);
show_emplacement($dbh);
} else {
error_message($msg[294], $msg["collstate_emplacement_used"], 1, 'admin.php?categ=collstate&sub=emplacement&action=');
}
}
break;
default:
show_emplacement($dbh);
break;
}
function customers_form($selected_id = '', $AllowUpdate = 1, $AllowInsert = 1, $AllowDelete = 1, $ShowCancel = 0)
{
// function to return an editable form for a table records
// and fill it with data of record whose ID is $selected_id. If $selected_id
// is empty, an empty form is shown, with only an 'Add New'
// button displayed.
global $Translation;
// mm: get table permissions
$arrPerm = getTablePermissions('customers');
if (!$arrPerm[1] && $selected_id == '') {
return '';
}
$AllowInsert = $arrPerm[1] ? true : false;
// print preview?
$dvprint = false;
if ($selected_id && $_REQUEST['dvprint_x'] != '') {
$dvprint = true;
}
// populate filterers, starting from children to grand-parents
// unique random identifier
$rnd1 = $dvprint ? rand(1000000, 9999999) : '';
// combobox: Country
$combo_Country = new Combo();
$combo_Country->ListType = 0;
$combo_Country->MultipleSeparator = ', ';
$combo_Country->ListBoxHeight = 10;
$combo_Country->RadiosPerLine = 1;
if (is_file(dirname(__FILE__) . '/hooks/customers.Country.csv')) {
$Country_data = addslashes(implode('', @file(dirname(__FILE__) . '/hooks/customers.Country.csv')));
$combo_Country->ListItem = explode('||', entitiesToUTF8(convertLegacyOptions($Country_data)));
$combo_Country->ListData = $combo_Country->ListItem;
} else {
$combo_Country->ListItem = explode('||', entitiesToUTF8(convertLegacyOptions("Afghanistan;;Albania;;Algeria;;American Samoa;;Andorra;;Angola;;Anguilla;;Antarctica;;Antigua, Barbuda;;Argentina;;Armenia;;Aruba;;Australia;;Austria;;Azerbaijan;;Bahamas;;Bahrain;;Bangladesh;;Barbados;;Belarus;;Belgium;;Belize;;Benin;;Bermuda;;Bhutan;;Bolivia;;Bosnia, Herzegovina;;Botswana;;Bouvet Is.;;Brazil;;Brunei Darussalam;;Bulgaria;;Burkina Faso;;Burundi;;Cambodia;;Cameroon;;Canada;;Canary Is.;;Cape Verde;;Cayman Is.;;Central African Rep.;;Chad;;Channel Islands;;Chile;;China;;Christmas Is.;;Cocos Is.;;Colombia;;Comoros;;Congo, D.R. Of;;Congo;;Cook Is.;;Costa Rica;;Croatia;;Cuba;;Cyprus;;Czech Republic;;Denmark;;Djibouti;;Dominica;;Dominican Republic;;Ecuador;;Egypt;;El Salvador;;Equatorial Guinea;;Eritrea;;Estonia;;Ethiopia;;Falkland Is.;;Faroe Is.;;Fiji;;Finland;;France;;French Guiana;;French Polynesia;;French Territories;;Gabon;;Gambia;;Georgia;;Germany;;Ghana;;Gibraltar;;Greece;;Greenland;;Grenada;;Guadeloupe;;Guam;;Guatemala;;Guernsey;;Guinea-bissau;;Guinea;;Guyana;;Haiti;;Heard, Mcdonald Is.;;Honduras;;Hong Kong;;Hungary;;Iceland;;India;;Indonesia;;Iran;;Iraq;;Ireland;;Israel;;Italy;;Ivory Coast;;Jamaica;;Japan;;Jersey;;Jordan;;Kazakhstan;;Kenya;;Kiribati;;Korea, D.P.R Of;;Korea, Rep. Of;;Kuwait;;Kyrgyzstan;;Lao Peoples D.R.;;Latvia;;Lebanon;;Lesotho;;Liberia;;Libyan Arab Jamahiriya;;Liechtenstein;;Lithuania;;Luxembourg;;Macao;;Macedonia, F.Y.R Of;;Madagascar;;Malawi;;Malaysia;;Maldives;;Mali;;Malta;;Mariana Islands;;Marshall Islands;;Martinique;;Mauritania;;Mauritius;;Mayotte;;Mexico;;Micronesia;;Moldova;;Monaco;;Mongolia;;Montserrat;;Morocco;;Mozambique;;Myanmar;;Namibia;;Nauru;;Nepal;;Netherlands Antilles;;Netherlands;;New Caledonia;;New Zealand;;Nicaragua;;Niger;;Nigeria;;Niue;;Norfolk Island;;Norway;;Oman;;Pakistan;;Palau;;Palestinian Terr.;;Panama;;Papua New Guinea;;Paraguay;;Peru;;Philippines;;Pitcairn;;Poland;;Portugal;;Puerto Rico;;Qatar;;Reunion;;Romania;;Russian Federation;;Rwanda;;Samoa;;San Marino;;Sao Tome, Principe;;Saudi Arabia;;Senegal;;Seychelles;;Sierra Leone;;Singapore;;Slovakia;;Slovenia;;Solomon Is.;;Somalia;;South Africa;;South Georgia;;South Sandwich Is.;;Spain;;Sri Lanka;;St. Helena;;St. Kitts, Nevis;;St. Lucia;;St. Pierre, Miquelon;;St. Vincent, Grenadines;;Sudan;;Suriname;;Svalbard, Jan Mayen;;Swaziland;;Sweden;;Switzerland;;Syrian Arab Republic;;Taiwan;;Tajikistan;;Tanzania;;Thailand;;Timor-leste;;Togo;;Tokelau;;Tonga;;Trinidad, Tobago;;Tunisia;;Turkey;;Turkmenistan;;Turks, Caicoss;;Tuvalu;;Uganda;;Ukraine;;United Arab Emirates;;United Kingdom;;United States;;Uruguay;;Uzbekistan;;Vanuatu;;Vatican City;;Venezuela;;Viet Nam;;Virgin Is. British;;Virgin Is. U.S.;;Wallis, Futuna;;Western Sahara;;Yemen;;Yugoslavia;;Zambia;;Zimbabwe")));
$combo_Country->ListData = $combo_Country->ListItem;
}
$combo_Country->SelectName = 'Country';
if ($selected_id) {
// mm: check member permissions
if (!$arrPerm[2]) {
return "";
}
// mm: who is the owner?
$ownerGroupID = sqlValue("select groupID from membership_userrecords where tableName='customers' and pkValue='" . makeSafe($selected_id) . "'");
$ownerMemberID = sqlValue("select lcase(memberID) from membership_userrecords where tableName='customers' and pkValue='" . makeSafe($selected_id) . "'");
if ($arrPerm[2] == 1 && getLoggedMemberID() != $ownerMemberID) {
return "";
}
if ($arrPerm[2] == 2 && getLoggedGroupID() != $ownerGroupID) {
return "";
}
// can edit?
if ($arrPerm[3] == 1 && $ownerMemberID == getLoggedMemberID() || $arrPerm[3] == 2 && $ownerGroupID == getLoggedGroupID() || $arrPerm[3] == 3) {
$AllowUpdate = 1;
} else {
$AllowUpdate = 0;
}
$res = sql("select * from `customers` where `CustomerID`='" . makeSafe($selected_id) . "'", $eo);
if (!($row = db_fetch_array($res))) {
return error_message($Translation['No records found']);
}
$urow = $row;
/* unsanitized data */
$hc = new CI_Input();
$row = $hc->xss_clean($row);
/* sanitize data */
$combo_Country->SelectedData = $row['Country'];
} else {
$combo_Country->SelectedText = $_REQUEST['FilterField'][1] == '9' && $_REQUEST['FilterOperator'][1] == '<=>' ? get_magic_quotes_gpc() ? stripslashes($_REQUEST['FilterValue'][1]) : $_REQUEST['FilterValue'][1] : "";
}
$combo_Country->Render();
// code for template based detail view forms
// open the detail view template
if ($dvprint) {
$templateCode = @file_get_contents('./templates/customers_templateDVP.html');
} else {
$templateCode = @file_get_contents('./templates/customers_templateDV.html');
}
// process form title
$templateCode = str_replace('<%%DETAIL_VIEW_TITLE%%>', 'Detail View', $templateCode);
$templateCode = str_replace('<%%RND1%%>', $rnd1, $templateCode);
$templateCode = str_replace('<%%EMBEDDED%%>', $_REQUEST['Embedded'] ? 'Embedded=1' : '', $templateCode);
// process buttons
if ($arrPerm[1] && !$selected_id) {
// allow insert and no record selected?
if (!$selected_id) {
$templateCode = str_replace('<%%INSERT_BUTTON%%>', '<button type="submit" class="btn btn-success" id="insert" name="insert_x" value="1" onclick="return customers_validateData();"><i class="glyphicon glyphicon-plus-sign"></i> ' . $Translation['Save New'] . '</button>', $templateCode);
}
$templateCode = str_replace('<%%INSERT_BUTTON%%>', '<button type="submit" class="btn btn-default" id="insert" name="insert_x" value="1" onclick="return customers_validateData();"><i class="glyphicon glyphicon-plus-sign"></i> ' . $Translation['Save As Copy'] . '</button>', $templateCode);
} else {
$templateCode = str_replace('<%%INSERT_BUTTON%%>', '', $templateCode);
}
// 'Back' button action
if ($_REQUEST['Embedded']) {
$backAction = 'window.parent.jQuery(\'.modal\').modal(\'hide\'); return false;';
} else {
$backAction = '$$(\'form\')[0].writeAttribute(\'novalidate\', \'novalidate\'); document.myform.reset(); return true;';
}
if ($selected_id) {
if (!$_REQUEST['Embedded']) {
$templateCode = str_replace('<%%DVPRINT_BUTTON%%>', '<button type="submit" class="btn btn-default" id="dvprint" name="dvprint_x" value="1" onclick="$$(\'form\')[0].writeAttribute(\'novalidate\', \'novalidate\'); document.myform.reset(); return true;"><i class="glyphicon glyphicon-print"></i> ' . $Translation['Print Preview'] . '</button>', $templateCode);
}
if ($AllowUpdate) {
$templateCode = str_replace('<%%UPDATE_BUTTON%%>', '<button type="submit" class="btn btn-success btn-lg" id="update" name="update_x" value="1" onclick="return customers_validateData();"><i class="glyphicon glyphicon-ok"></i> ' . $Translation['Save Changes'] . '</button>', $templateCode);
} else {
$templateCode = str_replace('<%%UPDATE_BUTTON%%>', '', $templateCode);
}
if ($arrPerm[4] == 1 && $ownerMemberID == getLoggedMemberID() || $arrPerm[4] == 2 && $ownerGroupID == getLoggedGroupID() || $arrPerm[4] == 3) {
// allow delete?
$templateCode = str_replace('<%%DELETE_BUTTON%%>', '<button type="submit" class="btn btn-danger" id="delete" name="delete_x" value="1" onclick="return confirm(\'' . $Translation['are you sure?'] . '\');"><i class="glyphicon glyphicon-trash"></i> ' . $Translation['Delete'] . '</button>', $templateCode);
} else {
$templateCode = str_replace('<%%DELETE_BUTTON%%>', '', $templateCode);
}
$templateCode = str_replace('<%%DESELECT_BUTTON%%>', '<button type="submit" class="btn btn-default" id="deselect" name="deselect_x" value="1" onclick="' . $backAction . '"><i class="glyphicon glyphicon-chevron-left"></i> ' . $Translation['Back'] . '</button>', $templateCode);
} else {
$templateCode = str_replace('<%%UPDATE_BUTTON%%>', '', $templateCode);
$templateCode = str_replace('<%%DELETE_BUTTON%%>', '', $templateCode);
$templateCode = str_replace('<%%DESELECT_BUTTON%%>', $ShowCancel ? '<button type="submit" class="btn btn-default" id="deselect" name="deselect_x" value="1" onclick="' . $backAction . '"><i class="glyphicon glyphicon-chevron-left"></i> ' . $Translation['Back'] . '</button>' : '', $templateCode);
}
// set records to read only if user can't insert new records and can't edit current record
if ($selected_id && !$AllowUpdate || !$selected_id && !$AllowInsert) {
$jsReadOnly .= "\tjQuery('#CustomerID').replaceWith('<div class=\"form-control-static\" id=\"CustomerID\">' + (jQuery('#CustomerID').val() || '') + '</div>');\n";
$jsReadOnly .= "\tjQuery('#CompanyName').replaceWith('<div class=\"form-control-static\" id=\"CompanyName\">' + (jQuery('#CompanyName').val() || '') + '</div>');\n";
$jsReadOnly .= "\tjQuery('#ContactName').replaceWith('<div class=\"form-control-static\" id=\"ContactName\">' + (jQuery('#ContactName').val() || '') + '</div>');\n";
$jsReadOnly .= "\tjQuery('#ContactTitle').replaceWith('<div class=\"form-control-static\" id=\"ContactTitle\">' + (jQuery('#ContactTitle').val() || '') + '</div>');\n";
$jsReadOnly .= "\tjQuery('#Address').replaceWith('<div class=\"form-control-static\" id=\"Address\">' + (jQuery('#Address').val() || '') + '</div>');\n";
$jsReadOnly .= "\tjQuery('#City').replaceWith('<div class=\"form-control-static\" id=\"City\">' + (jQuery('#City').val() || '') + '</div>');\n";
$jsReadOnly .= "\tjQuery('#Region').replaceWith('<div class=\"form-control-static\" id=\"Region\">' + (jQuery('#Region').val() || '') + '</div>');\n";
$jsReadOnly .= "\tjQuery('#PostalCode').replaceWith('<div class=\"form-control-static\" id=\"PostalCode\">' + (jQuery('#PostalCode').val() || '') + '</div>');\n";
$jsReadOnly .= "\tjQuery('#Country').replaceWith('<div class=\"form-control-static\" id=\"Country\">' + (jQuery('#Country').val() || '') + '</div>'); jQuery('#Country-multi-selection-help').hide();\n";
$jsReadOnly .= "\tjQuery('#Phone').replaceWith('<div class=\"form-control-static\" id=\"Phone\">' + (jQuery('#Phone').val() || '') + '</div>');\n";
$jsReadOnly .= "\tjQuery('#Fax').replaceWith('<div class=\"form-control-static\" id=\"Fax\">' + (jQuery('#Fax').val() || '') + '</div>');\n";
$jsReadOnly .= "\tjQuery('.select2-container').hide();\n";
$noUploads = true;
} elseif ($AllowInsert && !$selected_id || $AllowUpdate && $selected_id) {
$jsEditable .= "\tjQuery('form').eq(0).data('already_changed', true);";
// temporarily disable form change handler
$jsEditable .= "\tjQuery('form').eq(0).data('already_changed', false);";
// re-enable form change handler
}
// process combos
$templateCode = str_replace('<%%COMBO(Country)%%>', $combo_Country->HTML, $templateCode);
$templateCode = str_replace('<%%COMBOTEXT(Country)%%>', $combo_Country->SelectedData, $templateCode);
/* lookup fields array: 'lookup field name' => array('parent table name', 'lookup field caption') */
$lookup_fields = array();
foreach ($lookup_fields as $luf => $ptfc) {
$pt_perm = getTablePermissions($ptfc[0]);
// process foreign key links
if ($pt_perm['view'] || $pt_perm['edit']) {
$templateCode = str_replace("<%%PLINK({$luf})%%>", '<button type="button" class="btn btn-default view_parent hspacer-lg" id="' . $ptfc[0] . '_view_parent" title="' . htmlspecialchars($Translation['View'] . ' ' . $ptfc[1], ENT_QUOTES, 'iso-8859-1') . '"><i class="glyphicon glyphicon-eye-open"></i></button>', $templateCode);
}
// if user has insert permission to parent table of a lookup field, put an add new button
if ($pt_perm['insert'] && !$_REQUEST['Embedded']) {
$templateCode = str_replace("<%%ADDNEW({$ptfc[0]})%%>", '<button type="button" class="btn btn-success add_new_parent" id="' . $ptfc[0] . '_add_new" title="' . htmlspecialchars($Translation['Add New'] . ' ' . $ptfc[1], ENT_QUOTES, 'iso-8859-1') . '"><i class="glyphicon glyphicon-plus-sign"></i></button>', $templateCode);
}
}
// process images
$templateCode = str_replace('<%%UPLOADFILE(CustomerID)%%>', '', $templateCode);
$templateCode = str_replace('<%%UPLOADFILE(CompanyName)%%>', '', $templateCode);
$templateCode = str_replace('<%%UPLOADFILE(ContactName)%%>', '', $templateCode);
$templateCode = str_replace('<%%UPLOADFILE(ContactTitle)%%>', '', $templateCode);
$templateCode = str_replace('<%%UPLOADFILE(Address)%%>', '', $templateCode);
$templateCode = str_replace('<%%UPLOADFILE(City)%%>', '', $templateCode);
$templateCode = str_replace('<%%UPLOADFILE(Region)%%>', '', $templateCode);
$templateCode = str_replace('<%%UPLOADFILE(PostalCode)%%>', '', $templateCode);
$templateCode = str_replace('<%%UPLOADFILE(Country)%%>', '', $templateCode);
$templateCode = str_replace('<%%UPLOADFILE(Phone)%%>', '', $templateCode);
$templateCode = str_replace('<%%UPLOADFILE(Fax)%%>', '', $templateCode);
// process values
if ($selected_id) {
$templateCode = str_replace('<%%VALUE(CustomerID)%%>', htmlspecialchars($row['CustomerID'], ENT_QUOTES, 'iso-8859-1'), $templateCode);
$templateCode = str_replace('<%%URLVALUE(CustomerID)%%>', urlencode($urow['CustomerID']), $templateCode);
$templateCode = str_replace('<%%VALUE(CompanyName)%%>', htmlspecialchars($row['CompanyName'], ENT_QUOTES, 'iso-8859-1'), $templateCode);
$templateCode = str_replace('<%%URLVALUE(CompanyName)%%>', urlencode($urow['CompanyName']), $templateCode);
$templateCode = str_replace('<%%VALUE(ContactName)%%>', htmlspecialchars($row['ContactName'], ENT_QUOTES, 'iso-8859-1'), $templateCode);
$templateCode = str_replace('<%%URLVALUE(ContactName)%%>', urlencode($urow['ContactName']), $templateCode);
$templateCode = str_replace('<%%VALUE(ContactTitle)%%>', htmlspecialchars($row['ContactTitle'], ENT_QUOTES, 'iso-8859-1'), $templateCode);
$templateCode = str_replace('<%%URLVALUE(ContactTitle)%%>', urlencode($urow['ContactTitle']), $templateCode);
if ($dvprint) {
$templateCode = str_replace('<%%VALUE(Address)%%>', nl2br(htmlspecialchars($row['Address'], ENT_QUOTES, 'iso-8859-1')), $templateCode);
} else {
$templateCode = str_replace('<%%VALUE(Address)%%>', htmlspecialchars($row['Address'], ENT_QUOTES, 'iso-8859-1'), $templateCode);
}
$templateCode = str_replace('<%%URLVALUE(Address)%%>', urlencode($urow['Address']), $templateCode);
$templateCode = str_replace('<%%VALUE(City)%%>', htmlspecialchars($row['City'], ENT_QUOTES, 'iso-8859-1'), $templateCode);
$templateCode = str_replace('<%%URLVALUE(City)%%>', urlencode($urow['City']), $templateCode);
$templateCode = str_replace('<%%VALUE(Region)%%>', htmlspecialchars($row['Region'], ENT_QUOTES, 'iso-8859-1'), $templateCode);
$templateCode = str_replace('<%%URLVALUE(Region)%%>', urlencode($urow['Region']), $templateCode);
$templateCode = str_replace('<%%VALUE(PostalCode)%%>', htmlspecialchars($row['PostalCode'], ENT_QUOTES, 'iso-8859-1'), $templateCode);
$templateCode = str_replace('<%%URLVALUE(PostalCode)%%>', urlencode($urow['PostalCode']), $templateCode);
$templateCode = str_replace('<%%VALUE(Country)%%>', htmlspecialchars($row['Country'], ENT_QUOTES, 'iso-8859-1'), $templateCode);
$templateCode = str_replace('<%%URLVALUE(Country)%%>', urlencode($urow['Country']), $templateCode);
$templateCode = str_replace('<%%VALUE(Phone)%%>', htmlspecialchars($row['Phone'], ENT_QUOTES, 'iso-8859-1'), $templateCode);
$templateCode = str_replace('<%%URLVALUE(Phone)%%>', urlencode($urow['Phone']), $templateCode);
$templateCode = str_replace('<%%VALUE(Fax)%%>', htmlspecialchars($row['Fax'], ENT_QUOTES, 'iso-8859-1'), $templateCode);
$templateCode = str_replace('<%%URLVALUE(Fax)%%>', urlencode($urow['Fax']), $templateCode);
} else {
$templateCode = str_replace('<%%VALUE(CustomerID)%%>', '', $templateCode);
$templateCode = str_replace('<%%URLVALUE(CustomerID)%%>', urlencode(''), $templateCode);
$templateCode = str_replace('<%%VALUE(CompanyName)%%>', '', $templateCode);
$templateCode = str_replace('<%%URLVALUE(CompanyName)%%>', urlencode(''), $templateCode);
$templateCode = str_replace('<%%VALUE(ContactName)%%>', '', $templateCode);
$templateCode = str_replace('<%%URLVALUE(ContactName)%%>', urlencode(''), $templateCode);
$templateCode = str_replace('<%%VALUE(ContactTitle)%%>', '', $templateCode);
$templateCode = str_replace('<%%URLVALUE(ContactTitle)%%>', urlencode(''), $templateCode);
$templateCode = str_replace('<%%VALUE(Address)%%>', '', $templateCode);
$templateCode = str_replace('<%%URLVALUE(Address)%%>', urlencode(''), $templateCode);
$templateCode = str_replace('<%%VALUE(City)%%>', '', $templateCode);
$templateCode = str_replace('<%%URLVALUE(City)%%>', urlencode(''), $templateCode);
$templateCode = str_replace('<%%VALUE(Region)%%>', '', $templateCode);
$templateCode = str_replace('<%%URLVALUE(Region)%%>', urlencode(''), $templateCode);
$templateCode = str_replace('<%%VALUE(PostalCode)%%>', '', $templateCode);
$templateCode = str_replace('<%%URLVALUE(PostalCode)%%>', urlencode(''), $templateCode);
$templateCode = str_replace('<%%VALUE(Country)%%>', '', $templateCode);
$templateCode = str_replace('<%%URLVALUE(Country)%%>', urlencode(''), $templateCode);
$templateCode = str_replace('<%%VALUE(Phone)%%>', '', $templateCode);
$templateCode = str_replace('<%%URLVALUE(Phone)%%>', urlencode(''), $templateCode);
$templateCode = str_replace('<%%VALUE(Fax)%%>', '', $templateCode);
$templateCode = str_replace('<%%URLVALUE(Fax)%%>', urlencode(''), $templateCode);
}
// process translations
foreach ($Translation as $symbol => $trans) {
$templateCode = str_replace("<%%TRANSLATION({$symbol})%%>", $trans, $templateCode);
}
// clear scrap
$templateCode = str_replace('<%%', '<!-- ', $templateCode);
$templateCode = str_replace('%%>', ' -->', $templateCode);
// hide links to inaccessible tables
if ($_POST['dvprint_x'] == '') {
$templateCode .= "\n\n<script>\$j(function(){\n";
$arrTables = getTableList();
foreach ($arrTables as $name => $caption) {
$templateCode .= "\t\$j('#{$name}_link').removeClass('hidden');\n";
$templateCode .= "\t\$j('#xs_{$name}_link').removeClass('hidden');\n";
}
$templateCode .= $jsReadOnly;
$templateCode .= $jsEditable;
if (!$selected_id) {
}
$templateCode .= "\n});</script>\n";
}
// ajaxed auto-fill fields
$templateCode .= '<script>';
$templateCode .= '$j(function() {';
$templateCode .= "});";
$templateCode .= "</script>";
$templateCode .= $lookups;
// handle enforced parent values for read-only lookup fields
// don't include blank images in lightbox gallery
$templateCode = preg_replace('/blank.gif" rel="lightbox\\[.*?\\]"/', 'blank.gif"', $templateCode);
// don't display empty email links
$templateCode = preg_replace('/<a .*?href="mailto:".*?<\\/a>/', '', $templateCode);
// hook: customers_dv
if (function_exists('customers_dv')) {
$args = array();
customers_dv($selected_id ? $selected_id : FALSE, getMemberInfo(), $templateCode, $args);
}
return $templateCode;
}
if (!$res) {
die(mysql_error());
}
}
}
$guestbook = Guestbook::get_all_guestbooks();
?>
<?php
our_header("guestbook");
?>
<div class="column prepend-1 span-24 first last">
<h2>Guestbook</h2>
<?php
error_message();
?>
<h4>See what people are saying about us!</h4>
<?php
if ($guestbook) {
foreach ($guestbook as $guest) {
?>
<p class="comment"><?php
echo $guest["comment"];
?>
</p>
<p> - by <?php
echo h($guest["name"]);
?>
</p>
function replace_form()
{
global $indexint_replace;
global $msg;
global $include_path;
global $charset;
global $dbh;
if (!$this->indexint_id || !$this->name) {
require_once "{$include_path}/user_error.inc.php";
error_message($msg[indexint_replace], $msg[indexint_unable], 1, './autorites.php?categ=indexint&sub=&id=');
return false;
}
$notin = "{$this->indexint_id}";
$liste_remplacantes = "";
$lenremplacee = strlen($this->name) - 1;
while ($lenremplacee > 0) {
$recherchee = substr($this->name, 0, $lenremplacee);
$requete = "SELECT indexint_id,indexint_name,indexint_comment FROM indexint WHERE num_pclass='" . $this->id_pclass . "' and indexint_name='" . addslashes($recherchee) . "' and indexint_id not in (" . $notin . ") order by indexint_name ";
$result = pmb_mysql_query($requete, $dbh) or die($requete . "<br />" . pmb_mysql_error());
while ($lue = pmb_mysql_fetch_object($result)) {
$notin .= "," . $lue->indexint_id;
$liste_remplacantes .= "<tr><td><a href='./autorites.php?categ=indexint&sub=replace&id=" . $this->indexint_id . "&n_indexint_id=" . $lue->indexint_id . "'>" . htmlentities($lue->indexint_name, ENT_QUOTES, $charset) . "</a></td><td>" . htmlentities($lue->indexint_comment, ENT_QUOTES, $charset) . "</tr>";
$trouvees = 1;
}
if ($trouvees) {
$liste_remplacantes .= "<tr><td> </td><td> </td></tr>";
}
$trouvees = 0;
$lenremplacee = $lenremplacee - 1;
}
if ($liste_remplacantes) {
$liste_remplacantes = "<table>" . $liste_remplacantes . "</table>";
}
$indexint_replace = str_replace('!!id!!', $this->indexint_id, $indexint_replace);
$indexint_replace = str_replace('!!id_pclass!!', $this->id_pclass, $indexint_replace);
$indexint_replace = str_replace('!!indexint_name!!', htmlentities($this->name, ENT_QUOTES, $charset), $indexint_replace);
$indexint_replace = str_replace('!!liste_remplacantes!!', $liste_remplacantes, $indexint_replace);
print $indexint_replace;
}
function replace_form($id)
{
global $authperso_replace;
global $msg;
global $include_path;
if (!$id) {
require_once "{$include_path}/user_error.inc.php";
error_message($msg[161], $msg[162], 1, './autorites.php?categ=authperso&sub=&id=');
return;
}
$authperso_replace = str_replace('!!old_authperso_libelle!!', $this->get_isbd($id), $authperso_replace);
$authperso_replace = str_replace('!!id!!', $id, $authperso_replace);
$authperso_replace = str_replace('!!id_authperso!!', $this->id, $authperso_replace);
return $authperso_replace;
}
$results = $result->process($fields, $_POST);
$db_data = $results['Results'];
}
// build return link
$redirect = $_SERVER['SCRIPT_NAME'] . '?';
if ($con_id) {
$redirect .= 'con_id=' . $con_id;
}
if ($viewForm) {
$redirect .= '&viewForm=' . $viewForm;
}
if ($searchLink) {
$redirect .= '&searchLink=' . urlencode($searchLink);
}
if ($results['Errors'] || $errors) {
if (is_array($results['Results'])) {
$redirect .= '&' . http_build_query($results['Results']);
}
echo error_message(join_arrays(array($results['Errors'], $errors)), urlencode($redirect));
exit;
}
if ($viewForm !== 2 && $viewForm !== 7) {
db_query($db_data, "UPDATE", "contact", "con_id", $con_id);
}
if ($forward_company) {
header("Location:company.php?com_title=" . $_POST["con_company"]);
}
$msg = urlencode('Update Successful');
header("Location:{$redirect}&msg={$msg}");
exit;
}
if (mysql_num_rows($res)) {
$row = mysql_fetch_row($res);
abts_form($row[1], $id, $row[2], $row[3], $row[4], $row[5], $row[6], $row[7]);
} else {
show_abts($dbh);
}
} else {
show_abts($dbh);
}
break;
case 'del':
if ($id) {
$total = 0;
$total = mysql_result(mysql_query("select count(1) from empr where type_abt ='" . $id . "' ", $dbh), 0, 0);
if ($total == 0) {
$requete = "DELETE FROM type_abts WHERE id_type_abt={$id} ;";
$res = mysql_query($requete, $dbh);
$requete = "OPTIMIZE TABLE type_abts ";
$res = mysql_query($requete, $dbh);
show_abts($dbh);
} else {
error_message($msg["type_abts_type"], $msg["type_abts_del_error"], 1, 'admin.php?categ=finance&sub=abts&action=');
}
} else {
show_abts($dbh);
}
break;
default:
show_abts($dbh);
break;
}
<BODY>
<BODY BGCOLOR=#FFFFFF BACKGROUND="/images/gif/webpic/back4.gif">
<H1>
<IMG SRC="/images/gif/dragon.gif">
Admin User <?php
echo $_REQUEST["char"];
?>
</H1>
<?php
include $_SERVER['DOCUMENT_ROOT'] . "/scripts/admin_authorize.php";
if ($_COOKIE["karchanadminname"] != "Karn") {
error_message("This administration option is only available to Karn.");
}
$result = mysql_query("update mm_admin set validuntil = date_add(validuntil,\n\tinterval 1 month) where name = \"" . quote_smart($_REQUEST["char"]) . "\" and \n\tvaliduntil >= now()", $dbhandle) or error_message("Query failed : " . mysql_error());
$result = mysql_query("update mm_admin set validuntil = date_add(now(),\n\tinterval 1 month) where name = \"" . quote_smart($_REQUEST["char"]) . "\" and \n\tvaliduntil < now()", $dbhandle) or error_message("Query failed : " . mysql_error());
$result = mysql_query("select validuntil from mm_admin \n\twhere name = \"" . quote_smart($_REQUEST["char"]) . "\"", $dbhandle) or error_message("Query failed : " . mysql_error());
while ($myrow = mysql_fetch_array($result)) {
writeLog($dbhandle, "Expiration date for " . $_REQUEST["char"] . " changed to " . $myrow["validuntil"] . ".");
printf("Expiration date for " . $_REQUEST["char"] . " changed to " . $myrow["validuntil"] . ".<P>\r\n");
}
mysql_close($dbhandle);
?>
<a HREF="/karchan/admin/extend_period.html">
<img SRC="/images/gif/webpic/buttono.gif"
BORDER="0"></a><p>
</BODY>
</HTML>
$nb = 0;
while ($n = pmb_mysql_fetch_object($myQuery)) {
//Access au cataloguage
$cart_link_non = false;
require_once "{$include_path}/bull_info.inc.php";
require_once "{$class_path}/serials.class.php";
$n->isbd = show_bulletinage_info($n->bulletin_id);
print pmb_bidi($n->isbd);
if (++$nb >= $nb_per_page_search) {
break;
}
}
print $end_result_liste;
} else {
// Pas de résultat
error_message($msg[235], $msg[307] . " {$ex_query}", 1, "./circ.php?categ=visu_rech");
die;
}
}
//Gestion de la pagination
if ($nb_results) {
$nav_bar .= "\n\t\t<form name='search_form' action='./circ.php?categ=visu_rech' method='post' style='display:none'>\n\t\t\t<input type='hidden' name='page' value='{$page}'/>\n\t\t\t<input type='hidden' name='nb_results' value='{$nb_results}'/>\n\t\t\t<input type='hidden' name='ex_query' value='{$ex_query}'/>\n\t\t\t<input type='hidden' name='typdoc_query' value=''/>\n\t\t\t<input type='hidden' name='statut_query' value=''/>\n\t\t</form>";
$n_max_page = ceil($nb_results / $nb_per_page_search);
if (!$page) {
$page_en_cours = 0;
} else {
$page_en_cours = $page;
}
// affichage du lien precedent si necessaire
if ($page > 0) {
$nav_bar .= "<a href='#' onClick='document.search_form.page.value-=1; ";
$cart_click_noti = "onClick=\"openPopUp('./cart.php?object_type=NOTI&item=" . $myPerio->notice_id . "', 'cart', 600, 700, -2, -2, '" . $selector_prop . "')\"";
$affichage_final .= "<tr class='{$class_entete}' {$tr_javascript} >";
$affichage_final .= "<td><img src='./images/basket_small_20x20.gif' align='middle' alt='basket' title='" . $msg[400] . "' " . $cart_click_noti . "></td>";
$affichage_final .= "<td colspan='6'><a href='" . $url . "'>" . $isbd->isbd . "</a></td></tr>";
// affichage des bulletinages associés
$myQueryBull = pmb_mysql_query("SELECT bulletin_id FROM bulletins WHERE bulletin_notice='{$myPerio->notice_id}' ORDER BY date_date DESC, bulletin_id DESC ", $dbh);
$bulletins = "";
while ($bul = pmb_mysql_fetch_object($myQueryBull)) {
$class_suite = "odd";
$tr_javascript = " onmouseover=\"this.className='surbrillance'\" onmouseout=\"this.className='{$class_suite}'\"";
$bulletin = new bulletinage($bul->bulletin_id);
$url = "./catalog.php?categ=serials&sub=bulletinage&action=view&bul_id=" . $bul->bulletin_id;
// gestion des paniers de bulletins
$selector_prop = "toolbar=no, dependent=yes, resizable=yes, scrollbars=yes";
$cart_click_bull = "onClick=\"openPopUp('./cart.php?object_type=BULL&item=" . $bul->bulletin_id . "', 'cart', 600, 700, -2, -2, '{$selector_prop}')\"";
$bulletins .= "<tr class='{$class_suite}' {$tr_javascript}>\n\t\t\t\t<td> </td>\n\t\t\t\t<td><img src='./images/basket_small_20x20.gif' align='middle' alt='basket' title='" . $msg[400] . "' " . $cart_click_bull . "></td>\n\t\t\t\t<td><a href='" . $url . "'>" . $bulletin->bulletin_numero . "</a></td>\n\t\t\t\t<td>" . $bulletin->mention_date . "</td>\n\t\t\t\t<td>" . $bulletin->aff_date_date . "</td>\n\t\t\t\t<td>" . $bulletin->bulletin_titre . "</td>";
if (sizeof($bulletin->expl)) {
$bulletins .= "<td>" . sizeof($bulletin->expl) . " " . $msg['bulletin_nb_exemplaires'] . "</td>";
} else {
$bulletins .= "<td> </td>";
}
$bulletins .= "</tr>";
}
$affichage_final .= $bulletins;
}
$affichage_final .= "</table>";
print pmb_bidi($affichage_final);
} else {
// la requête n'a produit aucun résultat
error_message($msg[46], str_replace('!!user_query!!', stripslashes($user_query), $msg[1153]), 1, './edit.php?categ=serials&sub=collect');
}
function error($s)
{
error_message($s);
page();
}
function show_results($dbh, $user_input, $nbr_lignes = 0, $page = 0, $id = 0)
{
global $nb_per_page;
global $base_url;
global $caller;
global $charset;
global $msg;
global $expl_list_id;
// on récupére le nombre de lignes qui vont bien
if (!$id) {
if ($user_input == "") {
$requete = "SELECT COUNT(1) FROM groupexpl";
} else {
$aq = new analyse_query(stripslashes($user_input));
if ($aq->error) {
error_message($msg["searcher_syntax_error"], sprintf($msg["searcher_syntax_error_desc"], $aq->current_car, $aq->input_html, $aq->error_message));
exit;
}
$requete = "select count(distinct id_groupexpl) from groupexpl where groupexpl_name like '%" . $user_input . "%'";
}
$res = pmb_mysql_query($requete, $dbh);
$nbr_lignes = @pmb_mysql_result($res, 0, 0);
} else {
$nbr_lignes = 1;
}
if (!$page) {
$page = 1;
}
$debut = ($page - 1) * $nb_per_page;
if ($nbr_lignes) {
$expl_list = explode(",", $expl_list_id);
$expl_list_cb = array();
foreach ($expl_list as $id_expl) {
$query = "SELECT expl_cb FROM exemplaires WHERE expl_id='" . $id_expl . "'";
$result = pmb_mysql_query($query);
if ($result && pmb_mysql_num_rows($result)) {
$cb = pmb_mysql_result($result, 0, 0);
$expl_list_cb[] = $cb;
}
}
$last_id_used = session::get_last_used("groupexpl");
if ($last_id_used) {
print "<div class='selector_last_used'>\n \t\t\t\t<div class='row'>\n \t\t\t\t\t<b>" . $msg["selector_last_groupexpl_used"] . "</b>\n \t\t\t\t</div>\n \t\t\t\t<div class='row'>";
$query = "select id_groupexpl, groupexpl_name from groupexpl where id_groupexpl=" . $last_id_used;
$result = pmb_mysql_query($query);
while ($group = pmb_mysql_fetch_object($result)) {
print pmb_bidi("\n\t\t\t\t\t\t<a href=\"{$base_url}&action=add_expl&id_groupexpl=" . $group->id_groupexpl . "&expl_list=" . implode(",", $expl_list_cb) . "\">\n\t\t\t\t\t\t{$group->groupexpl_name}</a><br />");
}
print "</div></div>";
}
// on lance la vraie requête
if (!$id) {
if ($user_input == "") {
$requete = "SELECT groupexpl.* FROM groupexpl";
$requete .= " ORDER BY groupexpl_name LIMIT {$debut},{$nb_per_page} ";
} else {
$requete = "select groupexpl.* from groupexpl where groupexpl_name like '%" . $user_input . "%' order by groupexpl_name LIMIT {$debut},{$nb_per_page}";
}
} else {
$requete = "select groupexpl.* FROM groupexpl where id_groupexpl='" . $id . "'";
}
$res = @pmb_mysql_query($requete, $dbh);
while ($group = pmb_mysql_fetch_object($res)) {
print pmb_bidi("\n \t\t\t<a href=\"{$base_url}&action=add_expl&id_groupexpl=" . $group->id_groupexpl . "&expl_list=" . implode(",", $expl_list_cb) . "\">\n\t\t\t\t\t{$group->groupexpl_name}</a><br />");
}
pmb_mysql_free_result($res);
// constitution des liens
$nbepages = ceil($nbr_lignes / $nb_per_page);
$suivante = $page + 1;
$precedente = $page - 1;
// affichage pagination
print "<div class='row'> <hr /></div><div align='center'>";
$url_base = $base_url . "&user_input=" . rawurlencode(stripslashes($user_input));
$nav_bar = aff_pagination($url_base, $nbr_lignes, $nb_per_page, $page, 10, false, true);
print $nav_bar;
print "</div>";
}
}
// +-------------------------------------------------+
// $Id: harvest.inc.php,v 1.1 2012-01-25 15:20:35 ngantier Exp $
if (stristr($_SERVER['REQUEST_URI'], ".inc.php")) {
die("no access");
}
require_once $class_path . "/harvest_notice.class.php";
// functions particulières à ce module
$acces_m = 1;
if ($gestion_acces_active == 1 && $gestion_acces_user_notice == 1) {
require_once "{$class_path}/acces.class.php";
$ac = new acces();
$dom_1 = $ac->setDomain(1);
$acces_m = $dom_1->getRights($PMBuserid, $id, 8);
}
if ($acces_m == 0) {
error_message('', htmlentities($dom_1->getComment('mod_noti_error'), ENT_QUOTES, $charset), 1, '');
} else {
$harv = new harvest_notice($notice_id, $harvest_id, $profil_id);
switch ($action) {
case 'build':
print "<h1>" . $msg[harvest_notice_replace_title] . "</h1>";
$harv->get_notice_externe($notice_id);
break;
case 'record':
$harv->record_notice($notice_id);
break;
default:
print "<h1>" . $msg[harvest_notice_replace_title] . "</h1>";
print $harv->get_form_sel();
break;
}
