public function getTransferById($transferId) { $sql = "select * from transfer where id=" . $transferId; $db = new Database(); $db->connect(); $transfer = $db->query_first($sql); $db->close(); return $transfer; }
public function getEventById($id) { $sql = "select * from event where id='{$id}'"; $db = new Database(); $db->connect(); $eventInfo = $db->query_first($sql); $db->close(); return $eventInfo; }
public function getNameById($id) { $sql = "select name from centre where id='{$id}'"; $db = new Database(); $db->connect(); $name = $db->query_first($sql); $db->close(); return $name['name']; }
public function getSession($token) { $database = new Database(); if ($data = $database->query_first("SELECT * FROM sessions where token = '{$token}' ")) { $session = json_decode($data['data']); return $session; } else { return null; } }
public function find_one($conditions) { $where = "where 1=1"; foreach ($conditions as $key => $value) { $where .= " and {$key}=" . (is_numeric($value) ? $value : "'{$value}' "); } $db = new Database(); $db->connect(); $obj = $db->query_first("select * from " . $this->table_name_full . " {$where}"); $db->close(); return new response(array('body' => $obj)); }
$_SESSION['views'] = 1; require "dbase/config.inc.php"; require "dbase/Database.class.php"; $db = new Database(DB_SERVER, DB_USER, DB_PASS, DB_DATABASE); $db->connect(); $email = $_POST["email"]; $password = $_POST["password"]; //If a parent login $parent = "SELECT * FROM tblparents WHERE email = '{$email}' AND password = '******'"; //If a tutor login $tutor = "SELECT * FROM tbltutor WHERE email = '{$email}' AND password = '******'"; $parent_query = $db->query($parent); $tutor_query = $db->query($tutor); if ($record = $db->fetch_array($parent_query)) { $user_id = "SELECT id FROM tblparents WHERE email = '{$email}' AND password = '******'"; $record = $db->query_first($user_id); $id = $record['id']; if (isset($_SESSION['views'])) { $_SESSION['views'] = $_SESSION['views'] + 1; $_SESSION['type'] = "p"; $_SESSION['id'] = $id; $_SESSION['log'] = true; } else { $_SESSION['views'] = 1; } header("Location:index.php"); } elseif ($record = $db->fetch_array($tutor_query)) { $user_id = "SELECT id FROM tbltutor WHERE email = '{$email}' AND password = '******'"; $record = $db->query_first($user_id); $id = $record['id']; if (isset($_SESSION['views'])) {
} else { $this_folder = ""; } $texte .= '<tr><td><input type=\'checkbox\' class=\'cb_deleted_item\' value=\'' . $reccord['id'] . '\' id=\'item_deleted_' . $reccord['id'] . '\' /> <b>' . $reccord['label'] . '</b></td><td width=\\"100px\\" align=\\"center\\">' . date($_SESSION['settings']['date_format'], $reccord['date']) . '</td><td width=\\"70px\\" align=\\"center\\">' . $reccord['login'] . '</td>' . $this_folder . '</tr>'; } echo '[{"text":"' . $texte . '</table><div style=\'margin-left:5px;\'><input type=\'checkbox\' id=\'item_deleted_select_all\' /> <img src=\\"includes/images/arrow-repeat.png\\" title=\\"' . $txt['restore'] . '\\" style=\\"cursor:pointer;\\" onclick=\\"restoreDeletedItems()\\"> <img src=\\"includes/images/bin_empty.png\\" title=\\"' . $txt['delete'] . '\\" style=\\"cursor:pointer;\\" onclick=\\"reallyDeleteItems()\\"></div>"}]'; break; #---------------------------------- #CASE admin want to restaure a list of deleted items #---------------------------------- #CASE admin want to restaure a list of deleted items case "restore_deleted__items": //restore FOLDERS if (count($_POST['list_f']) > 0) { foreach (explode(';', $_POST['list_f']) as $id) { $data = $db->query_first("\r\n\t\t\t\t\tSELECT valeur\r\n\t\t FROM " . $pre . "misc\r\n\t\t WHERE type = 'folder_deleted'\r\n\t\t AND intitule = '" . $id . "'"); if ($data['valeur'] != 0) { $folder_data = explode(',', $data['valeur']); //insert deleted folder $db->query_insert('nested_tree', array('id' => $folder_data[0], 'parent_id' => $folder_data[1], 'title' => $folder_data[2], 'nleft' => $folder_data[3], 'nright' => $folder_data[4], 'nlevel' => $folder_data[5], 'bloquer_creation' => $folder_data[6], 'bloquer_modification' => $folder_data[7], 'personal_folder' => $folder_data[8], 'renewal_period' => $folder_data[9])); //delete log $db->query("DELETE FROM " . $pre . "misc WHERE type = 'folder_deleted' AND intitule= '" . $id . "'"); } } } //restore ITEMS if (count($_POST['list_i']) > 0) { foreach (explode(';', $_POST['list_i']) as $id) { $db->query_update("items", array('inactif' => '0'), 'id = ' . $id); //log $db->query("INSERT INTO " . $pre . "log_items VALUES ('" . $id . "','" . mktime(date('H'), date('i'), date('s'), date('m'), date('d'), date('y')) . "','" . $_SESSION['user_id'] . "','at_restored','')");
$return_values = array(); //decrypt and retreive data in JSON format require_once '../includes/libraries/crypt/aes.class.php'; // AES PHP implementation require_once '../includes/libraries/crypt/aesctr.class.php'; // AES Counter Mode implementation $data_received = json_decode(AesCtr::decrypt($_POST['data'], $_SESSION['key'], 256), true); if (count($data_received) > 0) { //Prepare variables $label = htmlspecialchars_decode($data_received['label']); $url = htmlspecialchars_decode($data_received['url']); $pw = $original_pw = htmlspecialchars_decode($data_received['pw']); $login = htmlspecialchars_decode($data_received['login']); $tags = htmlspecialchars_decode($data_received['tags']); //Get existing values $data = $db->query_first("\r\n\t\t\t\t\tSELECT *\r\n\t\t\t\t\tFROM " . $pre . "items\r\n\t\t\t\t\tWHERE id=" . $data_received['id']); //Manage salt key if ($data['perso'] != 1) { //Get orginal key $original_key = $db->query_first("\r\n\t\t\t\t\t\tSELECT `rand_key`\r\n\t\t\t\t\t\tFROM `" . $pre . "keys`\r\n\t\t\t\t\t\tWHERE `table` LIKE 'items' AND `id`=" . $data_received['id']); $pw = $original_key['rand_key'] . $pw; } //encrypt PW if ($data_received['salt_key_set'] == 1 && isset($data_received['salt_key_set']) && $data_received['is_pf'] == 1 && isset($data_received['is_pf'])) { $pw = encrypt($pw, mysql_real_escape_string(stripslashes($_SESSION['my_sk']))); $resticted_to = $_SESSION['user_id']; } else { $pw = encrypt($pw); } //---Manage tags //deleting existing tags for this item
***************************************************************/ /* Designed & Developed by /* - Shiburaj Pappu /* ************ S.P.I.T ************************************* /* ********** M.E (EXTC) Sem-II ***************************** */ include_once 'Database.class.php'; define("MSCTBL", "msc"); $db = new Database('localhost', 'root', 'trdc123', 'mscsim'); //connect to the server $db->connect(); if ($_GET['action'] == 'register' && !empty($_POST['MSISDN']) && !empty($_POST['IMSI'])) { $preMSISDN = $_POST['MSISDN'][0] . $_POST['MSISDN'][1] . $_POST['MSISDN'][2] . $_POST['MSISDN'][3]; $data['TMSI'] = "91" . $preMSISDN . rand('199999', '999999'); $sql = "SELECT * FROM " . MSCTBL . " WHERE `MSISDN` = '" . $_POST['MSISDN'] . "'"; $row = $db->query_first($sql); if (empty($row)) { $error_dat['status'] = "error"; $error_dat['reason'] = "Registration Failed..."; } else { $db->query_update(MSCTBL, $data, " `MSISDN` = '" . $_POST['MSISDN'] . "' "); $error_dat['regdata'] = $row; $error_dat['regdata']['TMSI'] = $data['TMSI']; $error_dat['status'] = "success"; $error_dat['reason'] = "Registration Complete..."; } sleep(3); echo json_encode($error_dat); } elseif ($_GET['action'] == 'makesim' && !empty($_POST['MSISDN'])) { $preMSISDN = $_POST['MSISDN'][0] . $_POST['MSISDN'][1] . $_POST['MSISDN'][2] . $_POST['MSISDN'][3]; $data['IMSI'] = "91" . $preMSISDN . rand('199999', '999999');
<div class="row"> <div class="col-md-12"> <div class="widget-box"> <div class="widget-title"> <h2><i class="glyphicon glyphicon-book"></i>Library:</h2> </div> <div class="widget-container table-responsive"> <div class="content noPad clearfix"> <p class="text-center">Welcome <?php if ($sessionType == 'p') { $parentUsername = "******"; $record = $db->query_first($parentUsername); echo $record['fname'].","; }else{ $studentUsername = "******"; $record = $db->query_first($studentUsername); echo $record['fname'].","; } ?> to the Resources page, just click the name of the resource title to know more. </p> <table class="responsive dynamicTable display table table-hover table-bordered"> <thead> <tr>
$request_body = file_get_contents('php://input'); $_POST = json_decode($request_body, true); $user_token = null; if (isset($_POST['user_token'])) { $user_token = $_POST['user_token']; } $app_privacy = "public"; if (isset($_POST['privacy'])) { $app_privacy = $_POST['privacy']; } $token = $_POST["token"]; $name = $_POST["name"]; $state = $_POST["state"]; $version = $_POST["version"]; $db->connect(); $app = $db->query_first("SELECT * FROM app_tokens WHERE token = '{$token}'"); if ($app) { $db->query_update("apps", array("state" => $state), "id = " . $app["appid"]); $response = array("success" => "true", "results" => array(array("id" => $app["appid"], "token" => $token))); echo json_encode($response); } else { $touch_lib = $db->query_first("SELECT version FROM touch_libs ORDER BY version DESC"); $app_id = $db->query_insert("apps", array("name" => $name, "state" => $state, "version" => $touch_lib['version'])); if (!$app_id) { $error = array("success" => "false", "message" => "Internal server error."); echo json_encode($error); } else { $token = ""; do { $token = getRandomCode(5); $tokened = $db->query_insert("app_tokens", array("token" => $token, "appid" => $app_id, "lastused" => "CURRENT_TIMESTAMP"));
<?php /* * Created on Jan 12, 2010 * */ session_start(); if (!isset($_SESSION['auth_name'])) { if (isset($_POST['OK'])) { $DB = new Database(DB_HOST, DB_USER, DB_PASS, DB_DATABASE); $DB->connect(); $login = $_POST['login']; $password = $_POST['password']; $result = $DB->query_first("SELECT * FROM users WHERE login='******' AND password='******'"); $_SESSION['auth_username'] = $result['id']; $_SESSION['auth_user'] = $result['login']; $_SESSION['auth_name'] = $result['name']; $_SESSION['auth_surname'] = $result['surname']; $DB->close(); exit; header("Location: http://" . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']); } else { ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="content-type" content="text/html; charset=utf-8" /> <meta name="title" content="<?php echo SITE_NAME; ?> " />
} if (!empty($data['groupes_visibles'])) { $_SESSION['groupes_visibles'] = @implode(';', $data['groupes_visibles']); } else { $_SESSION['groupes_visibles'] = array(); } if (!empty($data['groupes_interdits'])) { $_SESSION['groupes_interdits'] = @implode(';', $data['groupes_interdits']); } else { $_SESSION['groupes_interdits'] = array(); } $_SESSION['fonction_id'] = $data['fonction_id']; //build array of roles $_SESSION['arr_roles'] = array(); foreach (array_filter(explode(';', $_SESSION['fonction_id'])) as $role) { $res_roles = $db->query_first("SELECT title FROM " . $pre . "roles_title WHERE id = " . $role); $_SESSION['arr_roles'][$role] = array('id' => $role, 'title' => $res_roles['title']); } $_SESSION['user']['find_cookie'] = false; $_SESSION['settings']['update_needed'] = ""; // Update table $db->query_update("users", array('key_tempo' => $_SESSION['cle_session'], 'last_connexion' => mktime(date("h"), date("i"), date("s"), date("m"), date("d"), date("Y")), 'disabled' => 0, 'no_bad_attempts' => 0), "id=" . $data['id']); //récupérer les droits de l'utilisateur IdentificationDesDroits($data['groupes_visibles'], $_SESSION['groupes_interdits'], $data['admin'], $data['fonction_id'], false); //Get some more elements $_SESSION['hauteur_ecran'] = $_POST['hauteur_ecran']; //Get last seen items $_SESSION['latest_items_tab'][] = ""; foreach ($_SESSION['latest_items'] as $item) { if (!empty($item)) { $data = $db->query_first("SELECT label,id_tree FROM " . $pre . "items WHERE id = " . $item);
$sqlLearningCategoryResult = "select GROUP_CONCAT(A.learning SEPARATOR ',') as 'learning_category_results' from ( Select concat(D.learning_categories_id,' - ',round(sum(if(A.status='correct',1,0))/count(A.question_id)*100,2),'%') as 'learning' from tbltemporarygenexam as A left outer join tblquestions as B on A.`question_id`=B.id left outer join tblminoroutcome as C on B.minor_outcome_id=C.id left outer join tblmajoroutcome as D on C.major_outcome_id=D.id where A.student_id='$studenId' and A.assessment_type_id='$assType' and question_type='primary' group by D.`learning_categories_id`) as A"; $row = $db->query($sqlLearningCategoryResult); $result = $db->fetch_array($row); $data["learning_category_results"] =$result['learning_category_results']; $majorResult = explode(",", $data["major_outcome_results"]); //Check if the student has supplementary already $sqlLookSupp = "Select * from tbltemporarygenexam where student_id='$studenId' and question_type='supplementary' and assessment_type_id='$assType' limit 1"; $rowHasSupp = $db->query_first($sqlLookSupp); //echo "-----".$rowHasSupp["question_type"]; $json = array(); $isCalculateSupp = true; if($rowHasSupp["question_type"] == "") { for($i = 0; $i < count($majorResult); $i++) { $arrExpMajorResult = explode(" - ", $majorResult[$i]); //echo "Major Result Cat".$arrExpMajorResult[0]; if($arrExpMajorResult[1] < 50){
/** * IdentifyUserRights() * * @return */ function IdentifyUserRights($groupes_visibles_user, $groupes_interdits_user, $is_admin, $id_fonctions, $refresh) { global $server, $user, $pass, $database, $pre; //include librairies require_once "NestedTree.class.php"; require_once "class.database.php"; $db = new Database($server, $user, $pass, $database, $pre); $db->connect(); //Check if user is ADMINISTRATOR if ($is_admin == 1) { $groupes_visibles = array(); $_SESSION['groupes_visibles'] = array(); $_SESSION['groupes_interdits'] = array(); $_SESSION['personal_visible_groups'] = array(); $_SESSION['groupes_visibles_list'] = ""; $rows = $db->fetch_all_array("SELECT id FROM " . $pre . "nested_tree WHERE personal_folder = '0'"); foreach ($rows as $record) { array_push($groupes_visibles, $record['id']); } $_SESSION['groupes_visibles'] = $groupes_visibles; $_SESSION['all_non_personal_folders'] = $groupes_visibles; //Exclude all PF $_SESSION['forbiden_pfs'] = array(); $sql = "SELECT id FROM " . $pre . "nested_tree WHERE personal_folder = 1"; if (isset($_SESSION['settings']['enable_pf_feature']) && $_SESSION['settings']['enable_pf_feature'] == 1) { $sql .= " AND title != '" . $_SESSION['user_id'] . "'"; } //Get ID of personal folder $pf = $db->fetch_row("SELECT id FROM " . $pre . "nested_tree WHERE title = '" . $_SESSION['user_id'] . "'"); if (!empty($pf[0])) { if (!in_array($pf[0], $_SESSION['groupes_visibles'])) { array_push($_SESSION['groupes_visibles'], $pf[0]); array_push($_SESSION['personal_visible_groups'], $pf[0]); //get all descendants $tree = new NestedTree($pre . 'nested_tree', 'id', 'parent_id', 'title', 'personal_folder'); $tree->rebuild(); $tst = $tree->getDescendants($pf[0]); foreach ($tst as $t) { array_push($_SESSION['groupes_visibles'], $t->id); array_push($_SESSION['personal_visible_groups'], $t->id); } } } $_SESSION['groupes_visibles_list'] = implode(',', $_SESSION['groupes_visibles']); $_SESSION['is_admin'] = $is_admin; //Check if admin has creating Folders and Roles $ret = $db->fetch_row("SELECT COUNT(*) FROM " . $pre . "nested_tree"); $_SESSION['nb_folders'] = $ret[0]; $ret = $db->fetch_row("SELECT COUNT(*) FROM " . $pre . "roles_title"); $_SESSION['nb_roles'] = $ret[0]; } else { //init $_SESSION['groupes_visibles'] = array(); $_SESSION['groupes_interdits'] = array(); $_SESSION['personal_visible_groups'] = array(); $groupes_visibles = array(); $groupes_interdits = array(); $groupes_interdits_user = explode(';', TrimElement($groupes_interdits_user, ";")); if (!empty($groupes_interdits_user) && count($groupes_interdits_user) > 0) { $groupes_interdits = $groupes_interdits_user; } $_SESSION['is_admin'] = $is_admin; $fonctions_associees = explode(';', TrimElement($id_fonctions, ";")); $new_liste_gp_visibles = array(); $liste_gp_interdits = array(); $list_allowed_folders = $list_forbiden_folders = $list_folders_limited = $list_folders_editable_by_role = array(); //build Tree require_once "NestedTree.class.php"; $tree = new NestedTree($pre . 'nested_tree', 'id', 'parent_id', 'title'); //rechercher tous les groupes visibles en fonction des roles de l'utilisateur foreach ($fonctions_associees as $role_id) { if (!empty($role_id)) { //Get allowed folders for each Role $rows = $db->fetch_all_array("\r\n\t\t\t\t\tSELECT folder_id\r\n\t\t\t\t\tFROM " . $pre . "roles_values\r\n\t\t\t\t\tWHERE role_id=" . $role_id); if (count($rows) > 0) { foreach ($rows as $reccord) { if (isset($reccord['folder_id']) && !in_array($reccord['folder_id'], $list_allowed_folders)) { array_push($list_allowed_folders, $reccord['folder_id']); } //Check if this group is allowed to modify any pw in allowed folders $tmp = $db->query_first("\r\n \t\t\t\tSELECT allow_pw_change\r\n\t\t \t\tFROM " . $pre . "roles_title\r\n\t\t \t\tWHERE id = " . $role_id); if ($tmp['allow_pw_change'] == 1 && !in_array($tmp['allow_pw_change'], $list_folders_editable_by_role)) { array_push($list_folders_editable_by_role, $reccord['folder_id']); } } //Check for the users roles if some specific rights exist on items $rows = $db->fetch_all_array("\r\n\t\t\t\t\t\tSELECT i.id_tree, r.item_id\r\n\t\t\t\t\t\tFROM " . $pre . "items AS i\r\n\t\t\t\t\t\tINNER JOIN " . $pre . "restriction_to_roles AS r ON (r.item_id=i.id)\r\n\t\t\t\t\t\tWHERE r.role_id=" . $role_id . "\r\n\t\t\t\t\t\tORDER BY i.id_tree ASC\r\n\t\t\t\t\t"); $x = 0; foreach ($rows as $reccord) { if (isset($reccord['id_tree'])) { $list_folders_limited[$reccord['id_tree']][$x] = $reccord['item_id']; $x++; } } } } } // => Build final lists //Clean arrays $allowed_folders_tmp = array(); $list_allowed_folders = array_unique($list_allowed_folders); //Add user allowed folders $allowed_folders_tmp = array_unique(array_merge($list_allowed_folders, explode(';', TrimElement($groupes_visibles_user, ";")))); //Exclude from allowed folders all the specific user forbidden folders $allowed_folders = array(); foreach ($allowed_folders_tmp as $id) { if (!in_array($id, $groupes_interdits_user)) { array_push($allowed_folders, $id); } } //Clean array $list_allowed_folders = array_filter(array_unique(array_merge($list_allowed_folders, $allowed_folders))); //Exclude all PF $_SESSION['forbiden_pfs'] = array(); $sql = "SELECT id FROM " . $pre . "nested_tree WHERE personal_folder = 1"; if (isset($_SESSION['settings']['enable_pf_feature']) && $_SESSION['settings']['enable_pf_feature'] == 1 && isset($_SESSION['personal_folder']) && $_SESSION['personal_folder'] == 1) { $sql .= " AND title != '" . $_SESSION['user_id'] . "'"; } $pfs = $db->fetch_all_array($sql); foreach ($pfs as $pf_id) { array_push($_SESSION['forbiden_pfs'], $pf_id['id']); } //Get ID of personal folder if (isset($_SESSION['settings']['enable_pf_feature']) && $_SESSION['settings']['enable_pf_feature'] == 1 && isset($_SESSION['personal_folder']) && $_SESSION['personal_folder'] == 1) { $pf = $db->fetch_row("SELECT id FROM " . $pre . "nested_tree WHERE title = '" . $_SESSION['user_id'] . "'"); if (!empty($pf[0])) { if (!in_array($pf[0], $list_allowed_folders)) { //get all descendants $ids = $tree->getDescendants($pf[0], true); foreach ($ids as $id) { array_push($list_allowed_folders, $id->id); array_push($_SESSION['personal_visible_groups'], $id->id); } } } } $_SESSION['groupes_visibles'] = $list_allowed_folders; $_SESSION['groupes_visibles_list'] = implode(',', $list_allowed_folders); $_SESSION['list_folders_limited'] = $list_folders_limited; $_SESSION['list_folders_editable_by_role'] = $list_folders_editable_by_role; } }
//Refresh page echo '$("#random_id").val("");'; echo 'window.location.href = "index.php?page=items&group=' . $_POST['categorie'] . '&id=' . $new_id . '";'; } break; ############# ### CASE #### ### update an ITEM ############# ### CASE #### ### update an ITEM case "update_item": //init $reload_page = false; //Get existing values $data = $db->query_first("SELECT * FROM " . $pre . "items WHERE id=" . $_POST['id']); /* //decrypt require_once '../includes/libraries/crypt/aes.class.php'; // AES PHP implementation require_once '../includes/libraries/crypt/aesctr.class.php'; // AES Counter Mode implementation $pw = urldecode(AesCtr::decrypt($_POST['pw'], $_SESSION['cle_session'], 256)); $login = urldecode(AesCtr::decrypt($_POST['login'], $_SESSION['cle_session'], 256)); $label = urldecode(AesCtr::decrypt($_POST['label'], $_SESSION['cle_session'], 256)); */ $pw = string_utf8_decode($_POST['pw']); $resticted_to = $_POST['restricted_to']; //encrypt PW if ($_POST['salt_key_set'] == 1 && isset($_POST['salt_key_set']) && $_POST['if_pf'] == 1 && isset($_POST['if_pf'])) { $pw = encrypt($pw, mysql_real_escape_string(stripslashes($_SESSION['my_sk']))); $resticted_to = $_SESSION['user_id']; } else {
$_SESSION['groupes_visibles'] = @implode(';', $data['groupes_visibles']); } else { $_SESSION['groupes_visibles'] = array(); } if (!empty($data['groupes_interdits'])) { $_SESSION['groupes_interdits'] = @implode(';', $data['groupes_interdits']); } else { $_SESSION['groupes_interdits'] = array(); } //User's roles $_SESSION['fonction_id'] = $data['fonction_id']; $_SESSION['user_roles'] = explode(";", $data['fonction_id']); //build array of roles $_SESSION['arr_roles'] = array(); foreach (array_filter(explode(';', $_SESSION['fonction_id'])) as $role) { $res_roles = $db->query_first("SELECT title FROM " . $pre . "roles_title WHERE id = " . $role); $_SESSION['arr_roles'][$role] = array('id' => $role, 'title' => $res_roles['title']); } //build complete array of roles $_SESSION['arr_roles_full'] = array(); $rows = $db->fetch_all_array("\r\n\t\t\t\t\t\t\t\tSELECT id, title\r\n\t\t\t\t\t\t\t\tFROM " . $pre . "roles_title A\r\n\t\t\t\t\t\t\t\tORDER BY title ASC"); foreach ($rows as $reccord) { $_SESSION['arr_roles_full'][$reccord['id']] = array('id' => $reccord['id'], 'title' => $reccord['title']); } //Set some settings $_SESSION['user']['find_cookie'] = false; $_SESSION['settings']['update_needed'] = ""; // Update table $db->query_update("users", array('key_tempo' => $_SESSION['key'], 'last_connexion' => mktime(date("h"), date("i"), date("s"), date("m"), date("d"), date("Y")), 'timestamp' => mktime(date("h"), date("i"), date("s"), date("m"), date("d"), date("Y")), 'disabled' => 0, 'no_bad_attempts' => 0), "id=" . $data['id']); //Get user's rights IdentifyUserRights($data['groupes_visibles'], $_SESSION['groupes_interdits'], $data['admin'], $data['fonction_id'], false);
require "common/config.inc.php"; require "common/Database.php"; require "common/utility.php"; $db = new Database(DB_SERVER, DB_USER, DB_PASS, DB_DATABASE); if (strlen($app_token) <= 0) { echo '<html>'; echo '<body>'; echo 'App token is required.'; echo '</body>'; echo '</html>'; exit(0); } $app = null; $app_files = null; $db->connect(); $tokens = $db->query_first("SELECT appid FROM app_tokens WHERE token = '{$app_token}'"); if ($tokens && isset($tokens["appid"])) { $app_id = $tokens["appid"]; $user_app = $db->fetch_all_array("SELECT * FROM user_app WHERE privacy = 'private' AND appid = {$app_id}"); if ($user_app && count($user_app)) { if (!$user_token) { // not authorized error $error = array("senchafiddle" => array("error" => "Unauthorized access. User token is required.")); echo json_encode($error); $db->close(); exit(0); } //take uid from token $user = $db->query_first("SELECT uid FROM user_tokens WHERE token = '{$user_token}'"); if (!$user || !isset($user["uid"])) { // not authorized error
//Get Correct Answer $cntCorrectAnswer = strlen($json["correct_answer"]) ? count(explode(',', $json["correct_answer"])) : 0; $cntsupplementary_correct = strlen($json["supplementary_correct"]) ? count(explode(',', $json["supplementary_correct"])) : 0; $totalCorrect = $cntsupplementary_correct + $cntsupplementary_correct; //$cntInCorrectAnswer = count(explode(",", $json["incorrect_answer"])); $cntQuestion_id = strlen($json["question_id"]) ? count(explode(',', $json["question_id"])) : 0; $cntSupplementary_question_id = strlen($json["supplementary_question_id"]) ? count(explode(',', $json["supplementary_question_id"])) : 0; $totalQuestions = $cntQuestion_id; $primaryScore = $cntCorrectAnswer . " / " . $totalQuestions; $supplementaryScore = $cntsupplementary_correct . " / " . $cntSupplementary_question_id; $arrLearningCategory = explode(",", $json["learning_category_results"]); $learningCat = ""; for ($i = 0; $i < count($arrLearningCategory); $i++) { $arrLearnResult = explode(" - ", $arrLearningCategory[$i]); $sql = "Select * from tbllearningcategories as A left outer join tbllearningtopics as B on A.learning_topic_id=B.id where A.id='" . $arrLearnResult[0] . "'"; $rows = $db->query_first($sql); $learningCat .= "<h3> " . $rows["name"] . " - " . $arrLearnResult[1] . "</h3>"; } $arrMajorOutcome = explode(",", $json["major_outcome_results"]); $arrmajor_outcome_supplementary = explode(",", $json["major_outcome_supplementary"]); function findMatchSupplementary($MajorResult) { $suppResult = "0%"; for ($i = 0; $i < count($arrmajor_outcome_supplementary); $i++) { $arrmajor_outcome_supplementaryResult = explode(" - ", $arrmajor_outcome_supplementary[$i]); if ($MajorResult == $arrmajor_outcome_supplementaryResult[0]) { $suppResult = ${$arrmajor_outcome_supplementaryResult}[1]; } } return $suppResult; }
header('Cache-Control: no-cache, must-revalidate'); header('Content-type: application/json'); $user_token = null; if (isset($_GET['user_token'])) { $user_token = $_GET['user_token']; } if (!isset($_GET['app_token'])) { $response = array("success" => "false", "message" => "App token is required."); echo json_encode($response); exit(0); } $app_token = $_GET['app_token']; $app = null; $app_files = null; $db->connect(); $tokens = $db->query_first("SELECT appid FROM app_tokens WHERE token = '{$app_token}'"); if ($tokens && isset($tokens["appid"])) { $app_id = $tokens["appid"]; $user_app = $app = $db->query("SELECT COUNT(*) AS total FROM user_app WHERE privacy = 'private' AND appid = {$app_id}"); if ($user_app && $user_app["total"]) { if (!$user_token) { // not authorized error $error = array("success" => "false", "message" => "Unauthorized access. User token is required."); echo json_encode($error); exit(0); } //take uid from token $user = $db->query_first("SELECT uid FROM user_tokens WHERE token = '{$user_token}'"); if (!$user || !isset($user["uid"])) { // not authorized error $error = array("success" => "false", "message" => "Unauthorized access. User token is invalid.");