function view()
{
// TODO: Protect against SQL injections some day
$course_id = $this->params[0];
$this->course = get_first("SELECT * FROM course WHERE course_id = '{$course_id}'");
$this->lessons = get_all("SELECT * FROM lesson WHERE course_id = '{$course_id}'");
}
public function testAddDeleteDVD()
{
$many_all = get_all("dvd");
$this->assertTrue(sizeof($many_all) > 0, "should be at least one dvd in the db");
$it = get_dvd_by_title($this->the_title);
$this->assertEqual($it['title'], $this->the_title);
}
public function is_visible_for(\System\User $user)
{
$is_visible = false;
if ($this->visibility == \Impro\Status\Visibility::ID_PUBLIC) {
$is_visible = true;
} else {
if ($this->visibility == \Impro\Status\Visibility::ID_TEAMS) {
foreach (self::$attrs_team as $attr) {
if ($this->{$attr}) {
$member = get_all('Impro\\Team\\Member')->where(array("user" => $user->id, "team" => $this->team_home->id))->fetch_first();
if ($member) {
$is_visible = true;
break;
}
}
}
} else {
if ($this->visibility == \Impro\Status\Visibility::ID_COMMUNITY) {
$groups = $user->groups->where(array('id' => self::$groups_community))->count();
if ($groups) {
$is_visible = true;
}
} else {
$is_visible = $this->author->id == $user->id;
}
}
}
return $is_visible;
}
function view()
{
$post_id = $this->params[0];
$this->post = get_first("SELECT * FROM post NATURAL JOIN user WHERE post_id='{$post_id}'");
$this->tags = get_all("SELECT * FROM post_tags NATURAL JOIN tag WHERE post_id='{$post_id}'");
$this->comments = get_all("SELECT * FROM comment WHERE post_id ='{$post_id}'");
}
function edit()
{
$broneering_id = $this->params[0];
$this->broneering = get_first("SELECT * FROM broneering WHERE broneering_id = '{$broneering_id}'");
$this->dates = get_all("SELECT * FROM kuupaev");
$this->times = get_all("SELECT * FROM kellaeg");
}
public function getUsers(array $params)
{
$sql = "SELECT * FROM users WHERE deleted=0";
if (isset($params['order']) && isset($params['field'])) {
$sql .= " ORDER BY {$params['field']} {$params['order']}";
}
return get_all($sql);
}
public function spells_end($config, $player)
{
$events = get_all("select * from arena_events where e_type = 1 and e_usr_id = " . $player->usr_id . " and e_done = 0 and e_end <= unix_timestamp()");
if (is_array($events)) {
foreach ($events as $event) {
$this->spell_dispel($config, $player, $event->e_subtype);
}
reload($config, 'spells', '');
}
}
function print_form($db, $smarty, $print_ad = 0)
{
if ($print_ad) {
$print_ad = get_ad($db, $print_ad);
}
$add = get_all($db);
$smarty->assign('add', $add);
$smarty->assign('print_ad', $print_ad);
$smarty->assign('city', get_city($db));
$smarty->assign('category', get_category($db));
$smarty->display('form.tpl');
}
public function town_main($config, $player)
{
$town = (int) $town;
$events = get_all("select * from events where e_t_id = " . $player->actual_town . " and e_done = 0 and e_end <= unix_timestamp()");
require_once 'functions/EventsMgr.php';
$eventMgr = new EventsMgr();
if (is_array($events)) {
foreach ($events as $event) {
$this->build_end($event->e_t_id, $event->e_type, $event->e_subtype, $event->e_count, $event->e_start, $event->e_end);
$eventMgr->event_end($config, $event->e_id, $event->e_t_id);
}
}
}
/**
* Xóa bản ghi có khóa chính là $id
*/
function categories_delete($id)
{
$id = intval($id);
//xóa sản phẩm
require_once 'backend/models/products.php';
$options = array('select' => 'id', 'where' => 'category_id=' . $id);
$products = get_all('products', $options);
foreach ($products as $product) {
products_delete($product['id']);
}
//xóa danh mục
$sql = "DELETE FROM categories WHERE id={$id}";
mysql_query($sql) or die(mysql_error());
}
function print_form($db, $smarty, $print_ad = 0)
{
// функция вывода формы
$add_query = get_ad($db, $print_ad);
$row = mysqli_fetch_assoc($add_query);
$smarty->assign('print_ad', $row);
$add = array();
$add_query = get_all($db);
while ($row = mysqli_fetch_assoc($add_query)) {
$add[$row['id']] = $row;
}
$smarty->assign('add', $add);
$smarty->assign('cities', get_cities($db));
$smarty->assign('category', get_category($db));
$smarty->display('dz9-form.tpl');
}
function public_menu()
{
//funkcija koja sluzi za generisanje menija koji ce se prikazivati javnim korisnicima
$result = get_all('categories');
$output = '<ul class="nav navbar-nav">';
while ($category = mysqli_fetch_assoc($result)) {
$all_news = get_news($category['id']);
if (mysqli_num_rows($all_news) > 0 && $category['visible'] == 1) {
//ako je kategorija vidljiva i ima vidljivih vijesti
$output .= '<li class="dropdown">';
$output .= '<a href="#" class="dropdown-toggle" data-toggle="dropdown" role="button" aria-haspopup="true" aria-expanded="false">' . $category['title'] . '<span class="caret"></span></a>';
$output .= '<ul class="dropdown-menu">';
while ($news = mysqli_fetch_assoc($all_news)) {
$output .= '<li><a href="index.php?id=' . $news['id'] . '">' . $news['title'] . '</a></li>';
}
$output .= '</ul>';
$output .= '</li>';
}
}
$output .= '</ul>';
return $output;
}
foreach ($dvds as $dvd) {
echo "<tr>\n";
echo "<td><a href='view_dvd.php?part_title={$dvd[0]}'>{$dvd[0]}</a></td>";
for ($i = 1; $i < sizeof($dvd); $i++) {
echo "<td>{$dvd[$i]}</td>";
}
echo "</tr>\n";
}
echo "</table><hr />\n";
}
} else {
echo "<h2>No matches were found for {$genre_found}</h2><br /><hr />";
}
} catch (DbException $dbe) {
echo "<h3 class='error'>An error ocurred while feching the dvds for {$genre_found}: {$dbe->getMessage()}</h3>";
}
}
try {
$genres = get_all("genre");
echo "<h2>Genres in the catalogue</h2>";
if (sizeof($genres) > 0) {
echo "<ul>\n";
foreach ($genres as $genre) {
echo "<li><a href='genres?genre={$genre[0]}'>{$genre[0]}</a></li>\n";
}
echo "</ul>\n";
}
} catch (DbException $dbe) {
echo "<h3 class='error'>An error ocurred while feching the list of genres: {$dbe->getMessage()}</h3>";
}
include "../dvd-lib-common/foot.html";
function index()
{
$this->users = get_all("SELECT * FROM user");
}
<?php
session_start();
require_once "config.php";
$smarty = new Smarty();
$smarty->compile_check = true;
require_once "dvd-db.php";
require_once "dvd-util.php";
try {
$all_dvds = get_all("dvd");
$dvd_list = array();
foreach ($all_dvds as $dvd) {
array_push($dvd_list, $dvd['title']);
}
$smarty->assign("dvd_list", $dvd_list);
$smarty->assign("heading", "All DVDs in the Library");
} catch (DbException $dbe) {
display_error_page($smarty, "An error ocurred while feching the list of DVDs: {$dbe->getMessage()}");
}
$smarty->display("list_dvds.tpl");
<?php
$active = "labor";
$lang = get_lang();
if (isset($_POST['submit'])) {
$labor_name = $_POST['laborname'];
$labor = array('labor_name' => $labor_name);
save('labor', $labor);
}
if (isset($_GET['del'])) {
delete('labor', 'labor_id', $_GET['del']);
delete('labor_content', 'labor_id', $_GET['del']);
}
$labor = get_all('labor');
require 'view/labor/add_labor_name.php';
//title website ================================================================
$title = CONTACT_TITLE_INDEX;
//paging =======================================================================
if (isset($_GET['page'])) {
$page = intval($_GET['page']);
} else {
$page = 1;
}
$page = $page > 0 ? $page : 1;
$limit = 10;
$offset = ($page - 1) * $limit;
$options = array('limit' => $limit, 'offset' => $offset, 'order_by' => 'id ASC');
//data of paging ===============================================================
//Search data ==================================================================
$url = 'admin.php?controller=contact';
if (isset($_POST['search'])) {
header('location:admin.php?controller=contact&search=' . $_POST['search']);
}
if (isset($_GET['search'])) {
$search = escape($_GET['search']);
$options['where'] = "LOWER(contact.NAME) LIKE LOWER('%{$search}%') ";
$url = 'admin.php?controller=contact&search=' . $_GET['search'];
}
$total_rows = get_total('contact', $options);
$total = ceil($total_rows / $limit);
$pagination = pagination($url, $page, $total);
//data show ====================================================================
$status = array(0 => CONTACT_STATUS_WAIT, 1 => CONTACT_STATUS_RESPONE);
$contacts = get_all('contact', $options);
//load view ====================================================================
require 'backend/views/contact/index.php';
<?php
if (!empty($_GET['id'])) {
$_GET['id'] = (int) $_GET['id'];
if (empty($_POST['wood'])) {
$_POST['wood'] = 0;
} else {
$_POST['wood'] = (int) $_POST['wood'];
}
if (empty($_POST['iron'])) {
$_POST['iron'] = 0;
} else {
$_POST['iron'] = (int) $_POST['iron'];
}
if (empty($_POST['stone'])) {
$_POST['stone'] = 0;
} else {
$_POST['stone'] = (int) $_POST['stone'];
}
call($q = "update towns set t_wood = t_wood +" . $_POST['wood'] . " , t_stone = t_stone + " . $_POST['stone'] . ", t_iron = t_iron + " . $_POST['iron'] . " where t_id = " . $_GET['id']);
}
$towns = get_all("select * from towns");
if (is_array($towns)) {
echo "<table>\n\t";
foreach ($towns as $town) {
echo "\n\t\t<tr style='border-bottom: solid 1px black'>\n\t\t\t<td style='border-bottom: solid 1px black'>\n\t\t\t\t{$town->t_name}<br/>\n\t\t\t\tdrewno: " . $town->t_wood . " glina: " . $town->t_stone . " żelazo: " . $town->t_iron . "\n\t\t\t</td>\n\t\t\t<td style='border-bottom: solid 1px black'>\n\t\t\t\t<form action='?action=add_res&id=" . $town->t_id . "' method='post'>\n\t\t\t\t\t<table>\n\t\t\t\t\t<tr>\n\t\t\t\t\t\t<td>drewno</td>\n\t\t\t\t\t\t<td>glina</td>\n\t\t\t\t\t\t<td>żelazo</td>\n\t\t\t\t\t</tr>\n\t\t\t\t\t<tr>\n\t\t\t\t\t\t<td><input type='text' name='wood' value='0'/></td>\n\t\t\t\t\t\t<td><input type='text' name='stone' value='0'/></td>\n\t\t\t\t\t\t<td><input type='text' name='iron' value='0'/></td>\n\t\t\t\t\t</tr>\n\t\t\t\t\t</table>\n\t\t\t\t\t<input type='submit' value='dodaj surowce'/>\n\t\t\t\t</form>\n\t\t\t</td>\n\t\t</tr>";
}
} else {
echo "brak miast";
}
?>
</table>
<?php
if (!empty($_GET['spell_cast'])) {
$HeroMgr->spell_cast($config, $player, $_GET['spell_cast']);
reload($config, 'spells', '');
}
if (!empty($_GET['spell_dispel'])) {
$HeroMgr->spell_dispel($config, $player, $_GET['spell_dispel']);
reload($config, 'spells', '');
}
$spells = get_all($q = "select *, e_end - unix_timestamp() as eend from arena_spells_param inner join arena_user_spells on usp_usr_id = " . $player->usr_id . " and spp_id = usp_spp_id left join arena_events on e_usr_id = " . $player->usr_id . " and e_type = 1 and e_subtype = spp_id and e_done = 0");
$echo = '';
if (is_array($spells)) {
$echo = "znane czary<hr/>";
foreach ($spells as $spell) {
$options = '';
if ($spell->usp_active == 0 && $spell->spp_energy <= $player->energy) {
$options .= "<a href='?action=spells&spell_cast=" . $spell->spp_id . "' >[ rzuć zaklęcie ]</a>";
} elseif ($spell->usp_active == 1) {
$options .= "Czar trwać będzie: " . date("H:i:s", $spell->eend - 3600) . " <a href='?action=spells&spell_dispel=" . $spell->spp_id . "' >[ rozprosz zaklęcie ]</a>";
}
$spell->spp_text .= "<br/>";
if ($spell->spp_attack > 0) {
$spell->spp_text .= "Rzucone zaklęcie będzie zwiększać <span class='red'>atak</span> herosa o <span class='red'>" . 1 * $spell->spp_attack . "</span><br/>";
}
if ($spell->spp_defence > 0) {
$spell->spp_text .= "Rzucone zaklęcie będzie zwiększać <span class='red'>obronę</span> herosa o <span class='red'>" . 1 * $spell->spp_defence . "</span><br/>";
}
if ($spell->spp_absorb > 0) {
$spell->spp_text .= "Rzucone zaklęcie będzie zwiększać <span class='red'>absorbcję</span> herosa o <span class='red'>" . 1 * $spell->spp_absorb . "</span><br/>";
}
<?php
$active = "visa";
$lang = get_lang();
$visa_name = get_all('passport_visa');
if (isset($_POST['submit'])) {
if ($_FILES['fileToUpload']['name'] != null) {
$target_dir = ".././asset/image/visa/" . $lang . '/';
$target_file = $target_dir . basename($_FILES["fileToUpload"]["name"]);
$uploadOk = 1;
$imageFileType = pathinfo($target_file, PATHINFO_EXTENSION);
$check = getimagesize($_FILES["fileToUpload"]["tmp_name"]);
if ($check !== false) {
$ok = "File is an image - " . $check["mime"] . ".";
$uploadOk = 1;
} else {
$error = "File is not an image.";
$uploadOk = 0;
}
// Check if file already exists
if (file_exists($target_file)) {
$error = "Sorry, file already exists.";
$uploadOk = 0;
}
// Check file size
if ($_FILES["fileToUpload"]["size"] > 5000000) {
$error = "Sorry, your file is too large.";
$uploadOk = 0;
}
// Allow certain file formats
if ($imageFileType != "jpg" && $imageFileType != "png" && $imageFileType != "jpeg" && $imageFileType != "gif") {
function movies()
{
$movies = get_all("SELECT * FROM movie");
exit(json_encode($movies));
}
<?php
$active = "labor";
$lang = get_lang();
if (isset($_POST['submit'])) {
$labor_name = $_POST['labor_name'];
$title = $_POST['title'];
$content = $_POST['content'];
$labor_id = get_a_record('labor', 'labor_name', $labor_name);
$labor = array('labor_id' => $labor_id['labor_id'], 'title' => $title, 'content' => $content);
save('labor_content', $labor);
$success = "Thêm thành công ! ";
}
$labor_name = get_all('labor');
require 'view/labor/add_labor.php';
<?php
$lang = get_lang();
if (isset($_GET['delete'])) {
delete('ticket_plane_content', 'ticket_plane_content_id', $_GET['delete']);
}
$active = 'ticket_plane';
$ticket_plane = get_all('ticket_plane');
if (isset($_POST['ticket_plane_id'])) {
$ticket_plane_id = $_POST['ticket_plane_id'];
if ($ticket_plane_id == 0) {
$products = get_all('ticket_plane_content');
} else {
$selected = $ticket_plane_id;
$products = get_all_record('ticket_plane_content', 'ticket_plane_id', $ticket_plane_id);
}
} else {
$products = get_all('ticket_plane_content');
}
require 'view/ticket_plane/index.php';
<?php
$echo = '';
$rank = get_all("select login, usr_id, lvl, exp, avatar, hero, signature from arena_users order by lvl desc, exp desc");
foreach ($rank as $user) {
if (empty($user->signature)) {
$user->signature = 'brak opisu...';
}
if ($user->avatar == 0) {
$avatar = "";
} else {
$avatar = "<img src='www/avatars/" . $user->usr_id . ".jpg' alt='' width='64px' height='66px'/>";
}
$echo .= "\n\t\t\t<h2 style='background-color:#5D5D5D'>" . ++$i . ". " . $user->login . " <small style='float:right;;'>[ poziom " . $user->lvl . " ]</small> </h2>\n\t\t\t<div class='messageWrapper' style='overflow:hidden;'>\n\t\t\t\t<div class='userDetails' style=float:left;padding:10px;width:66px;'>\n\t\t\t\t\t<div class='avatar' style=' width:64px; height:66px; margin:0 0 5px;'>\n\t\t\t\t\t\t" . $avatar . "\n\t\t\t\t\t</div>\n\t\t\t\t\t<div class='details' style=' height:40px'></div>\n\t\t\t\t</div>\n\t\t\t\t<div class='box message'>\n\t\t\t\t\t\n\t\t\t\t\t<p style='min-height:100px;'>\n\t\t\t\t\t\t<img src='www/heroes/" . $user->hero . ".gif' alt='' width='64px' height='66px' style='float:left'/>" . $user->signature . "\n\t\t\t\t\t</p>\n\n\t\t\t\t\t<p class='options' style='color:#F39604'>\n\t\t\t\t\t <a href='?action=messages&to=" . $user->login . "'>wyślij wiadomość</a>\n\t\t\t\t </p>\n\t\t\t\t</div>\n\t\t\t</div>\n\t";
}
echo $echo;
?>
<?php
/**
* Created by PhpStorm.
* User: phi314
* Date: 11/17/14
* Time: 1:22 AM
*
* Signature akan berbeda untuk setiap device
*/
require_once '../lib/connection.php';
require_once '../lib/unleashed.lib.php';
$lokasi = get_all('lokasi', 'nama');
$json = FALSE;
if (array_key_exists('submit_type', $_GET)) {
switch ($_GET['submit_type']) {
// cek user login
case 'cek_login':
$id = $_GET['user_id'];
$signature = $_GET['signature'];
$q = "SELECT id FROM users WHERE id='{$id}' AND signature='{$signature}' LIMIT 1";
$r = mysql_query($q);
$d = mysql_fetch_object($r);
// jika user ditemukan berarti user login pada device yang sama dengan sebelumnya
if ($d != FALSE) {
$json = array('status_login' => TRUE);
} else {
$json = array('status_login' => FALSE);
}
break;
// login user
<?php
$active = "ticket_plane";
$lang = get_lang();
if (isset($_POST['submit'])) {
$ticket_plane_name = $_POST['ticket_plane_name'];
$ticket_plane = array('ticket_plane_name' => $ticket_plane_name);
save('ticket_plane', $ticket_plane);
}
if (isset($_GET['del'])) {
delete('ticket_plane', 'ticket_plane_id', $_GET['del']);
delete('ticket_plane_content', 'ticket_plane_id', $_GET['del']);
}
$ticket_plane = get_all('ticket_plane');
require 'view/ticket_plane/add_ticket_plane_name.php';
<?php
$title = "AD Tourist, Go Go Go";
$visa1 = get_all_record('passport_visa_offers', 'passport_visa_code', '1');
$visa2 = get_all_record('passport_visa_offers', 'passport_visa_code', '2');
$visa5 = get_all_record('passport_visa_offers', 'passport_visa_code', '5');
$visa6 = get_all_record('passport_visa_offers', 'passport_visa_code', '6');
$visa7 = get_all_record('passport_visa_offers', 'passport_visa_code', '7');
$visa8 = get_all_record('passport_visa_offers', 'passport_visa_code', '8');
$visa9 = get_all_record('passport_visa_offers', 'passport_visa_code', '9');
$tour_region = get_all('tour_region');
$news = get_all('news_event');
$area = get_all('car_area');
$lang = get_lang();
if (isset($_GET['tour_country_code'])) {
$tour_country_code = $_GET['tour_country_code'];
$tour_country_name = get_a_record('tour_country', 'tour_country_code', $tour_country_code);
$tour_country_name = $tour_country_name['tour_country_name'];
$tour = get_all_record('tour_content', 'tour_country_code', $tour_country_code);
$link = 'index.php?controller=tour&action=country&tour_country_code=' . $tour_country_code . 'lang=' . $lang;
$current_possition = array(array('name' => $tour_country_name, 'link' => $link));
require_once BASEPATH . 'view/tour/show_tour.php';
} else {
header('location: index.php?lang=' . $lang);
}
<?php
$title = "Danh sách Tour";
$active = 'tour';
$lang = get_lang();
$tour_region = get_all('tour_region');
$current_possition = array(array('name' => 'Danh sách các tour', 'link' => 'index.php?lang=' . $lang . '&controller=tour'));
if (isset($_POST['tour_region_code'])) {
$tour_region_code = $_POST['tour_region_code'];
if ($tour_region_code == 0) {
$tour = get_all('tour_content');
} else {
$selected = $tour_region_code;
$tour = get_all_record('tour_content', 'tour_region_code', $tour_region_code);
}
} else {
$tour = get_all('tour_content');
}
require_once 'view/tour/index.php';
<?php
$author_id = !empty($_GET['id']) ? $_GET['id'] : 1;
//Retrieve author data from database
$author = get_first("SELECT *, author.name as name, country.name as country,\n gender.name as gender\n FROM author\n JOIN country on author.country_id = country.country_id\n JOIN gender on author.gender_id = gender.gender_id\n WHERE author_id={$author_id}");
//Retrieve all relationships for the author from database
$relationships = get_all("SELECT link_type.name as type, film.name as film\n FROM l_author_film\n JOIN film ON film.film_id = l_author_film.film_id\n JOIN link_type ON link_type.type_id = l_author_film.type_id\n WHERE author_id={$author_id}");
<?php
require_once 'includes/load.php';
//ucitaj pomocne fajlove
include_once 'includes/header_admin.php';
//ucitaj meni za admina
confirm_logged_in();
//potvrdi da je uogovan
$result = get_all('users');
//vrati sve iz tabele users
//POCETAK - generisanja html tabele sa spiskom korisnika
$output = '<h2>List all users</h2>';
$output .= '<table class="table table-striped">';
$output .= '<tr>';
$output .= '<th>Username</th>';
$output .= '<th>Email</th>';
$output .= '<th>Edit</th>';
$output .= '<th>Delete</th>';
$output .= '</tr>';
while ($user = mysqli_fetch_assoc($result)) {
$output .= '<tr>';
$output .= '<td>' . $user['username'] . '</td>';
$output .= '<td>' . $user['email'] . '</td>';
if ($user['id'] == $_SESSION['user_id']) {
//ako je u pitanju ulogovani korisnik
//svaki korisnik moze sebe editovati ili obrisati
$output .= '<td><a href="edit_user.php?id=' . $user['id'] . '"><span class="glyphicon glyphicon-pencil btn btn-primary"></span></a></td>';
$output .= '<td><a onclick="return deleteUser()" href="delete_user.php?id=' . $user['id'] . '"><span class="glyphicon glyphicon-remove btn btn-danger"></span></a></td>';
} else {
$output .= '<td></td><td></td>';
}
