} $db = mysql_connect($dbInfo['server'], $dbInfo['username'], $dbInfo['password']); mysql_select_db($dbInfo['database_name'], $db); mysql_query("SET NAMES 'utf8'", $db); //mysql_query("SET lc_time_names = 'cs_CZ'", $db); /** * Ziskani vysledku z MySQL resultu primo do asociativniho pole * * @param reference $sql - result z mysql * @param string $key - priradi jako klic hodnotu daneho sloupce, pokud neni, pole se cisluje [optional] */ function fetch_array($sql, $key = "") { if (!$sql) { return false; } else { $c = 0; while ($data = fetch_assoc($sql)) {
<?php $id = intval($_SESSION['user']['id']); $user = fetch_assoc(query("SELECT `id`, `login`, `jmeno`, `prijmeni`, `nick`, `email`, `password` FROM `uzivatel` WHERE `id`='{$id}'")); $smarty->assign("user", $user); if ($_POST['edit']) { if ($_POST['email'] != '' and check_email($_POST['email'])) { $err['info'][] = "Email má nesprávný formát."; } if ($err) { $smarty->assign("err", $err); } else { $inp[] = "`email`='" . addslashes($_POST['email']) . "'"; if (query("UPDATE `uzivatel` SET " . implode(",", $inp) . " WHERE `id`='{$id}'")) { go($setup['adm']['www'] . "profil/nastaveni.html?msgOk=info"); } } } if ($_POST['change_pass']) { $oldPass = sha1($id . $_POST['password_old']); $newPass = $_POST['password']; if ($oldPass != $user['password'] and $user['password'] != '') { $err['pass'][] = "Špatné původní heslo."; } if (!$newPass) { $err['pass'][] = "Není vyplněno heslo."; } if ($newPass != $_POST['password_again']) { $err['pass'][] = "Hesla se neshodují."; } if (strlen($newPass) < "4") {
$user = fetch_assoc(query("SELECT `id`, `login`, `jmeno`, `prijmeni`, `email`, `uzivatelOpravneni_id`, `blokace` FROM `uzivatel_vw` WHERE `id`='{$id}'")); $smarty->assign("user", $user); if ($_POST['edit']) { if (!$_POST['login']) { $err['info'][] = "Není vyplněno přihlašovací jméno."; } if ($option['opravneni'][$_POST['uzivatelOpravneni_id']]['domena'] != 2) { if (!$_POST['jmeno']) { $err['info'][] = "Není vyplněno jméno."; } if (!$_POST['prijmeni']) { $err['info'][] = "Není vyplněno příjmení."; } } if ($_POST['login']) { $db_user = fetch_assoc(query("SELECT `login` FROM `uzivatel` WHERE `login` = '{$_POST['login']}' AND `id`!='{$id}'")); if ($db_user) { $err['info'][] = "Uživatelské jméno - „" . $_POST['login'] . "” je již použito, zvolte jiné !"; } } if (!$err) { $inp[] = "`login`='" . addslashes($_POST['login']) . "'"; $inp[] = "`jmeno`='" . addslashes($_POST['jmeno']) . "'"; $inp[] = "`prijmeni`='" . addslashes($_POST['prijmeni']) . "'"; if ($_POST['jmeno'] or $_POST['prijmeni']) { $inp[] = "`nick`='" . addslashes($_POST['jmeno']) . " " . addslashes($_POST['prijmeni']) . "'"; } $inp[] = "`email`='" . addslashes($_POST['email']) . "'"; $inp[] = "`uzivatelOpravneni_id`='" . addslashes($_POST['uzivatelOpravneni_id']) . "'"; if ($_POST['blokace'] == 2) { $inp[] = "`blokace`='2'";
$list[] = $a['user_id']; } $admin_list = implode(',', $list); $sql_select = 'SELECT final_amount FROM ' . $GLOBALS['ecs']->table('order_info') . " WHERE order_id={$order_id}"; $order_amount = $GLOBALS['db']->getOne($sql_select); if ($order_amount < 800) { $sql_update = 'UPDATE ' . $ecs->table('users') . ' u,' . $GLOBALS['ecs']->table('admin_user') . " a SET u.admin_id={$admin_id},u.order_time={$order_time},u.admin_name=a.user_name,u.role_id=a.role_id," . 'u.group_id=a.group_id,u.assign_time=UNIX_TIMESTAMP(),a.counter=a.counter+1 WHERE u.admin_id IN (' . "{$admin_list}) AND u.user_id={$res['user_id']} AND a.user_id={$admin_id}"; } else { $sql_update = 'UPDATE ' . $ecs->table('users') . ' u,' . $GLOBALS['ecs']->table('admin_user') . ' a SET u.admin_id=4,u.admin_name=a.user_name,u.assign_time=UNIX_TIMESTAMP(),u.group_id=a.group_id,' . "u.role_id=a.role_id, u.order_time={$order_time}, a.counter=a.counter+1 WHERE u.admin_id IN (" . "{$admin_list}) AND u.user_id={$res['user_id']} AND a.user_id=4"; } $db->query($sql_update); update_taking_time($order_id); unset($admin_list); $sql_select = 'SELECT rec_id,is_package FROM `crm_order_goods`' . " WHERE order_id={$val['order_id']}"; $goods_list = $db->query($sql_select); $goods_list = fetch_assoc($goods_list); foreach ($goods_list as $v) { if ($v['is_package']) { $sql_update = 'UPDATE `crm_packing` p,`crm_order_goods` o SET ' . "o.taking_time=o.goods_number*p.take_days*24*3600 WHERE o.rec_id={$v['rec_id']}"; $db->query($sql_update); } else { $sql_update = 'UPDATE `crm_goods` g,`crm_order_goods` o SET ' . "o.taking_time=o.goods_number*g.take_days WHERE o.rec_id={$v['rec_id']}"; $db->query($sql_update); } } } } /** * 将查询结果以数组形式返回 */ function fetch_assoc($res)
<?php $include['js'][] = "./nastaveni/js-seznam.tpl"; $smarty->assign("include", $include); $list_sql = query("SELECT `id`, `nazev`, `page`, `icon`, `zobraz` FROM `modul` WHERE `druh`='main' ORDER BY `poradi`"); while ($it = fetch_assoc($list_sql)) { $list[$it['id']] = $it; $submodul_sql = query("SELECT `id`, `nazev`, `page`, `icon`, `url`, `zobraz` FROM `modul` WHERE `modul_id`='{$it['id']}' ORDER BY `poradi`"); while ($item = fetch_assoc($submodul_sql)) { $list[$it['id']]['submodul'][$item['id']] = $item; $listPage[$item['id']] = $item['page']; } $listPage[$it['id']] = $it['page']; } $smarty->assign("list", $list); $smarty->assign("listPage", $listPage); //trizeni polozek if ($_POST['function'] == 'sort') { $data = json_decode($_POST['data'], true); if ($data) { foreach ($data as $key => $value) { $value['id'] = intval($value['id']); query("UPDATE `modul` SET `poradi`='{$key}', `druh`='main', `url`='', `modul_id`= NULL WHERE `id`='{$value['id']}'"); if ($value['children']) { foreach ($value['children'] as $k => $v) { $v['id'] = intval($v['id']); query("UPDATE `modul` SET `poradi`='{$k}', `druh`='sub', `url`='{$listPage[$value['id']]}/{$listPage[$v['id']]}.html', `modul_id`='{$value['id']}' WHERE `id`='{$v['id']}'"); } } } die('ok');
} else { $inp = poster($_POST['def'], "db_set"); if (!is_null($edit['modul_id'])) { $inp['db_set'][] = "`url`='{$edit['modul_page']}/{$_POST['def']['page']}.html'"; } if ($_POST['zobraz']) { $inp['db_set'][] = "`zobraz`='2'"; } else { $inp['db_set'][] = "`zobraz`='0'"; } query("START TRANSACTION"); if (!query("UPDATE `modul` SET " . implode(",", $inp['db_set']) . " WHERE `id`='{$edit_id}'")) { $db_err[] = "Chyba pri ukladani modulu"; } if ($edit['druh'] == 'main') { $subModul_sql = query("SELECT `id`, `page` FROM `modul` WHERE `modul_id`='{$edit_id}' AND `druh`='sub'"); while ($it = fetch_assoc($subModul_sql)) { if (!query("UPDATE `modul` SET `url`='{$_POST['def']['page']}/{$it['page']}.html' WHERE `id`='{$it['id']}'")) { $db_err[] = "Chyba pri prepisu submodulu"; } } } if ($db_err) { query("ROLLBACK"); $smarty->assign("err", "Při ukládání se vyskytla chyba."); } else { query("COMMIT"); go($setup['adm']['www'] . "nastaveni/seznamModul.html"); } } }
<?php include_once '../includes/start_administrace.php'; // // BOF - smaz - smazani uzivatele /*if ($_GET['del']) { $id = intval($_GET['del']); $res = query("UPDATE `uzivatel` SET `smazano`='2' WHERE `id` = '$id'"); if (!$res) { echo "<p>Nepodařilo se SMAZAT zápis, prosím, zkuste to znovu.</p>"; } else { $go = $setup_adm['www'] . "uzivatele/seznam.html"; go($go); } }*/ // EOF - smaz // // BOF - blok - zmenit stav blokace if ($_GET['blok']) { $id = intval($_GET['blok']); $aktualni_blok = fetch_assoc(query("SELECT `blokace` FROM `uzivatel` WHERE `id`='{$id}'")); if ($aktualni_blok['blokace'] == "0") { $set = "`blokace`='2'"; } elseif ($aktualni_blok['blokace'] == "2") { $set = "`blokace`='0'"; } if (query("UPDATE `uzivatel` SET {$set}, `pokusu_prihlasit`='0' WHERE `id`='{$id}'")) { $go = $setup['adm']['www'] . "uzivatele/seznam.html"; go($go); } }
<?php include "include/config.php"; $post_get = new GetVarClass("_GET"); $email = $post_get->getemail("email"); $justUpdated = $post_get->getvar("justUpdated"); if (!$email) { die("Редактирование заявки невозможно: введите корректный e-mail. "); } $editorid = loginbycookie(); if (!canEdit($editorid, $email)) { die("У вас недостаточно прав доступа, чтобы редактировать заявку {$email}. "); } $sql = "SELECT *\n\tFROM " . PREF . "users\n\tWHERE email='{$email}'\n\tLIMIT 1"; $result = query($sql); $userData = fetch_assoc($result); $photoname = photoFileName($email); $userid = (int) emailToId($email); if (isAdmin($editorid)) { unmarkUpdated($userid); unmarkUnread($userid); } $sql = "SELECT m.id, u.name, m.message\n\tFROM " . PREF . "messages AS m\n\tLEFT JOIN " . PREF . "users AS u ON m.authorid=u.id\n\tWHERE m.userid={$userid}\n\tORDER BY m.id"; $result = query($sql); $messages = fetch_assocs($result); $render_data = $userData + ["justUpdated" => (bool) $justUpdated, "isAdmin" => (bool) isAdmin($editorid), "publicities" => $langPublicities, "countries" => $langCountries, "birthes" => $langBirthes, "ranks" => $langRanks, "quotas" => $langQuotas, "goRoyalWeddings" => $langYesNo, "photo" => file_exists("photos/{$photoname}.jpg") ? "{$photoname}.jpg" : "", "messages" => $messages]; $ret = constructTwig()->render("edit.twig", $render_data); echo $ret;
if ($pass == $user['password']) { $_SESSION['user']['id'] = $user['id']; $_SESSION['user']['login'] = $user['login']; $_SESSION['user']['nick'] = $user['nick']; $_SESSION['user']['admin'] = $user['admin']; $_SESSION['user']['ip'] = $uzivatel_ip; query("\r UPDATE `uzivatel` \r SET `ip`='{$uzivatel_ip}',`posledniPrihlaseni`=NOW(), `pokusuPrihlasit`='0', `pocetPrihlaseni`=`pocetPrihlaseni`+1, `session`='{$_SESSION['id']}'\r WHERE `id`='{$user['id']}'"); // //BOF-presmerovani if ($_GET['token']) { $token_url = fetch_assoc(query("SELECT `url` FROM `urlRequest` WHERE `token`='{$_GET['token']}'")); if ($token_url) { go($token_url['url']); } } $def = fetch_assoc(query("\r SELECT m.`url`\r FROM `uzivatelOpravneni` AS uo\r LEFT JOIN `modul` AS m ON(m.`id` = uo.`vychoziModul`)\r WHERE uo.`id`='{$user['uzivatelOpravneni_id']}'")); if ($_GET['request']) { go($_GET['request']); } elseif ($def['url']) { go($setup['adm']['www'] . $def['url']); } else { go($setup['adm']['www'] . "prazdnaStranka.html"); } //EOF-presmerovani } else { $pokusu_prihlasit = $user['pokusuPrihlasit'] + 1; if ($pokusu_prihlasit >= 5) { $set = "`pokusuPrihlasit`='{$pokusu_prihlasit}', `blokace`='2', `duvodBlokace`='Překročený počet pokusů o přihlášení'"; } else { $set = "`pokusuPrihlasit`='{$pokusu_prihlasit}'"; }
function fetch_assocs($result) { $ret = []; while ($row = fetch_assoc($result)) { $ret[] = $row; } return $ret; }
$include['js'][] = "./nastaveni/js-opravneni.tpl"; $smarty->assign("include", $include); $list_sql = query("SELECT `id`, `nazev`, `icon`, `url`, `zobraz` FROM `modul` WHERE `druh`='main' ORDER BY `poradi`"); while ($it = fetch_assoc($list_sql)) { $list[$it['id']] = $it; $list[$it['id']]['submodul'] = fetch_array(query("SELECT `id`, `nazev`, `icon`, `url`, `zobraz` FROM `modul` WHERE `modul_id`='{$it['id']}' ORDER BY `poradi`")); } $smarty->assign("list", $list); $opravneni = fetch_array(query("SELECT `id`, `nazev`, `vychoziModul` FROM `uzivatelOpravneni` ORDER BY `nazev`"), "id"); $smarty->assign("opravneni", $opravneni); if ($_GET['perm']) { $perm_id = intval($_GET['perm']); $perm = fetch_assoc(query("SELECT `id`, `domena`, `admin` FROM `uzivatelOpravneni` WHERE `id`='{$perm_id}'")); $smarty->assign("perm", $perm); $checked_sql = query("SELECT `modul_id` FROM `uzivatelOpravneni_modul` WHERE `uzivatelOpravneni_id`='{$perm_id}'"); while ($it = fetch_assoc($checked_sql)) { $checked[] = $it['modul_id']; } $smarty->assign("checked", $checked); } //nastaveni modulu pro vybrane opravneni if ($_POST['function'] == 'check' and $_POST['perm'] != '') { $perm = intval($_POST['perm']); $modul_id = $_POST['id']; $typ = $_POST['typ']; if ($typ == 'opravneni') { if (strtolower($_POST['checked']) == 'true') { $check = "ano"; query("UPDATE `uzivatelOpravneni` SET `{$modul_id}`='2' WHERE `id`='{$perm}'"); } else { $check = "ne";
$servername = " 159.203.104.66 "; $username = "******"; $password = "******"; $dbname = "rambler"; // Create connection $conn = new mysqli($servername, $username, $password, $dbname); // Check connection if ($conn->connect_error) { die("Connection failed: " . $conn->connect_error); } $sql = "SELECT epochKey, busNumber, nextStop, timeToNextStop FROM rambler"; $result = $conn->query($sql); if ($result->num_rows > 0) { echo "<table><tr><th>ID</th><th>Name</th></tr>"; // output data of each row while ($row = $result = fetch_assoc()) { echo "<tr><td>" . $row["epochKey"] . "</td><td>" . $row["busNumber"] . "</td></tr>" . $row["nextStop"] . "</td></tr>" . $row["timeToNextStop"] . "</td></tr>"; } echo "</table>"; } else { echo "0 results"; } $conn->close(); ?> </div> <!-- /.box-body --> </div> <!-- /.box --> </div> </div>
<center>Không thể sửa <b>Câu hỏi</b> mới.</center> <center>Xin hãy kiểm tra thông tin đã nhập.</center> <center><button onClick='history.back()'>Trở lại</button></center> <?php echo $e->getMessage(); return -1; } } else { $result = $db->query("select * from oes_Question where ID = {$q}"); $question_assoc = fetch_assoc($result); mysql_free_result($result); $question = $question_assoc[0]['Text']; $subject = $question_assoc[0]['Subject']; $shuffleable = $question_assoc[0]['Shuffleable']; $result = $db->query("select * from oes_Choice where Question = {$q}"); $choice = fetch_assoc($result); mysql_free_result($result); } ?> <BODY> <div align=center> <h1>Sửa câu hỏi</h1> <form action=# method=POST> <table> <tr><td align=center><label for=subject>Môn</label> <?php echo $db->getValue("select Name from oes_Subject where ID = {$subject}"); echo "<input type=hidden name=subject value={$subject}>"; ?>
<?php include "../include/config.php"; function sendCsvHeaders($filename) { sendDownloadHeaders("text/csv", $filename); } $editorid = loginbycookie(); if (!isAdmin($editorid)) { die("У вас недостаточно прав доступа, чтобы скачать CSV. "); } $hiddenFields = ["pwhash", "pw", "active", "activecode", "added", "is_admin", "photo_src", "updated", "unread", "quenta"]; sendCsvHeaders(PROJECT_NAME . ".csv"); $out = fopen('php://output', 'w'); $sql = "SELECT *\n\tFROM " . PREF . "users AS u\n\tORDER BY u.id"; $result = query($sql); while ($row = fetch_assoc($result)) { foreach ($hiddenFields as $hiddenField) { unset($row[$hiddenField]); } fputcsv($out, $row); } fclose($out);
//header("Location:../Logout.php"); //} $classroom_query = "select * from timetable_classrooms"; $classroom_ans = $mysqli->query($classroom_query); if (isset($_POST['buildingt'])) { $numofrooms = $_POST['numberofrooms']; for ($i = 1; i <= $numofrooms; $i++) { $sql = "insert into timetable_classrooms('building','room','capacity') Values('" . $_POST['buildingt'] . "','" . $i . "','" . $_POST['capacity'] . "')"; $sql_ans = $mysqli->query($sql); } drawNotification("Added", "The entered building (" . $_POST['buildingt'] . ") has been added successfully for rooms from 1 to " . $numofrooms, "success"); } else { if (isset($_POST['buildingd'])) { $max_room_query = "select MAX(room) as max,capacity from timetable_classrooms where building='" . $_POST['buildingd'] . "'"; $max_room_ans = $mysqli->query($max_room_query); $max_room = $max_room_ans - fetch_assoc(); $max = $max_room['max']; $capacity = $max_room['capacity']; for ($i = $max + 1; $i <= $max + $_POST['numberofrooms']; $i++) { $sql = "insert into timetable_classrooms('building','room','capacity') Values('" . $_POST['buildingd'] . "','" . $i . "','" . $_POST['capacity'] . "')"; $sql_ans = $mysqli->query($sql); } drawNotification("Added", "The entered building (" . $_POST['buildingd'] . ") has been added successfully for rooms from " . ($max + 1) . " to " . ($max + $_POST['numberofrooms']), "success"); } } ?> <form name="form" action="" method="post"> <table> <tr> <td>
$modul_tmp[$it['modul_id']]['sub'][$it['page']] = $it; } $allowModul[] = $it['id']; } if ($modul_tmp) { foreach ($modul_tmp as $k => $v) { $modul[$v['page']] = $v; } unset($modul_tmp); } $smarty->assign("modul", $modul); //EOF-moduly|info // //BOF-povolene moduly if ($_GET['page'] and $_GET['subpage']) { $urlModul = $_GET['page'] . "/" . $_GET['subpage'] . ".html"; $activeModul = fetch_assoc(query("SELECT `id`, `modul_id` FROM `modul` WHERE `url`='{$urlModul}'")); if (!in_array($activeModul['id'], (array) $allowModul) or !in_array($activeModul['modul_id'], (array) $allowModul)) { go($setup['adm']['www'] . "prazdnaStranka.html"); } } //EOF-povolene moduly // //BOF-variable $variable['boolean'] = array("0" => "NE", "2" => "ANO"); $variable['booleanBadge'] = array("0" => '<span class="badge badge-danger">NE</span>', "2" => '<span class="badge badge-success">ANO</span>'); $variable['booleanBadgeInverse'] = array("0" => '<span class="badge badge-success">NE</span>', "2" => '<span class="badge badge-danger">ANO</span>'); $variable['flag'] = array("1" => '', "2" => '<i class="icon-flag bigger-130 red" title="Vysoká priorita"></i>'); //EOF-variable $smarty->assign("variable", $variable); //EOF-variable