function SiteCreator_css(&$smarty, $form = false) { $mysql = new MYSQL($smarty); $tabela = $smarty->cfg['prefix'] . 'bilder_site'; $mysql->SqlSelect("SELECT ID_SITE FROM {$tabela} WHERE site_dominio = '{$form['site_dominio']}'", __FILE__, __LINE__); if (mysql_affected_rows() > 0) { return $smarty->getFinishError('sitecreator_erro_01', array("", " - " . htmlspecialchars($this->form['site_dominio']))); } switch ($form['action']) { case "selectcss": $smarty->assign('ID_CSSCLASS', $form['ID_CSSCLASS']); return $smarty->fetch($smarty->modulo_dir . "select_css.tpl"); break; default: $form['ID_MEMBER'] = $smarty->perfil['ID_MEMBER']; $sql = $mysql->SqlInsert($tabela, $form); $mysql->SqlSelect($sql, __FILE__, __LINE__); $idde = mysql_insert_id(); $cam = './sites/' . $idde; //$cam = './sites/21'; $site = new SiteCreator(); $site->CopyDefultSite($cam); $site->createCfgfile($cam, array('ID_SITE' => $idde)); $site->CopyCss($form['ID_CSS'], $cam); $site->createTemplates($cam, $form['site_pages']); unset($_POST); unset($_GET); return $smarty->getFinish('sitecreator_sucesso_01'); break; } }
function SetLogin(&$smarty, $form = false, $pageredir = "index") { $ck = new Check('POST'); $mysql = new MYSQL($smarty); if ($ck->form['cookieleng'] == $smarty->get_config_vars('Login00')) { $cookielength = 0; $cookieneverexp = 'on'; } else { $cookielength = $ck->form['cookieleng']; } $user = $ck->form['login_user']; $pass = $ck->form['login_password']; $request = $mysql->SqlSelect("SELECT * FROM {$smarty->cfg[prefix]}members WHERE member_name='{$user}'", __FILE__, __LINE__); $perfil = mysql_fetch_array($request, MYSQL_ASSOC); $md5_passwrd = $this->md5_hmac($pass, strtolower($user)); switch ($cookielength) { case "1": $cookielength = strtotime("+30 minutes"); break; case "2": $cookielength = strtotime("+1 hour"); break; case "3": $cookielength = strtotime("+1 day"); break; case "4": $cookielength = strtotime("+1 month"); break; case "5": $cookielength = strtotime("+1 year"); break; default: $cookielength = strtotime("+1 year"); } $password = $this->md5_hmac($md5_passwrd, 'ys'); $cookie_url = explode($smarty->cfg["separate"], $this->url_parts($smarty->get_config_vars('http'), $smarty->cfg["separate"])); $cookie = serialize(array($perfil['ID_MEMBER'], $password)); $ctime = $cookielength; //print $smarty->cfg['cookie'].' , ' .$cookie.' , '. $ctime.' , '. $cookie_url[1].' , '. $cookie_url[0]; setcookie($smarty->cfg['cookie'], $cookie, $ctime, $cookie_url[1], $cookie_url[0]); $lastLog = time(); $memIP = $_SERVER[REMOTE_ADDR]; $valores = array('member_lastlogin' => $lastLog, 'member_ip' => $memIP); $sql = $mysql->SqlUpdate($smarty->cfg["prefix"] . 'members', $valores, "member_name='{$user}'"); $result = $mysql->SqlSelect($sql); $identify = INET_ATON(); $sql = $mysql->SqlDelete($smarty->cfg["prefix"] . 'log_online', "identity='{$identify}'"); $result = $mysql->SqlSelect($sql); $redir = $smarty->get_config_vars('http') . $smarty->cfg['index'] . '?page=' . $pageredir; header("location:{$redir}"); }
function myRoles($username, $defult = array(ANONYMOUS_ID_ROLE => 'anonymous user')) { global $cfg; if ($username >= 0) { $mysql = new MYSQL($cfg); $key = key($defult); $valor = array_values($defult); $sql = "\n\t\t\tSELECT r.ID_ROLE, r.name, p.permission, (SELECT permission FROM {permission} WHERE ID_ROLE = '{$key}')as `{$valor[0]}`\n\t\t\tFROM {users_roles} ur\n\t\t\tNATURAL JOIN {role} r\n\t\t\tLEFT JOIN {permission} p ON p.ID_ROLE = ur.ID_ROLE\n\t\t\tWHERE ID_USER = '******' ORDER BY r.weight DESC\n\t\t\t"; $result = $mysql->SqlSelect($sql); $perm['permission'] = array(); while ($row = mysql_fetch_assoc($result)) { $perm['permission'] = explode(",", $row['permission']) + explode(",", $row[$valor[0]]); $perm[$row['ID_ROLE']] = $row['name']; } return $perm; } }
function LoadRules($id, $acesso = 'ALL', &$smarty) { global $cfg; switch ($acesso) { case 'ONLY_GUEST': return $id != 0 ? false : true; break; case 'NOT_GUEST': return $id <= 0 ? false : true; break; case 'ALL': return true; break; default: $mysql = new MYSQL($smarty); $result = $mysql->SqlSelect("SELECT r.name\n\t\t\t\t\t\t\t\t\t\t\tFROM {$cfg[db_prefix]}role r\n\t\t\t\t\t\t\t\t\t\t\tRIGHT JOIN {$cfg[db_prefix]}members_roles m ON r.ID_RULE = m.ID_RULE\n\t\t\t\t\t\t\t\t\t\t\tWHERE m.ID_MEMBER = '{$id}'\n\t\t\t\t\t\t\t\t\t\t\tORDER BY r.weight", __FILE__, __LINE__); if (mysql_affected_rows() > 0) { return $linha = mysql_fetch_assoc($result); } else { return false; } break; } }
function Listmail($email, $nome = false) { if (is_numeric($email)) { $mysql = new MYSQL($this->smarty); $result = $mysql->SqlSelect("SELECT member_real,member_email FROM {$this->smarty->cfg[prefix]}members WHERE ID_MEMBER = '{$email}'"); if (mysql_affected_rows() > 0) { $member = mysql_fetch_array($result, MYSQL_ASSOC); return $member['member_real'] . '<' . $member['member_email'] . '>'; } } elseif ($nome != false) { if (Check::NotEmail($email) != true) { return $nome . '<' . $email . '>'; } } else { if (Check::NotEmail($email) != true) { return $email; } } }
/** * Dado um apelido, retornar a sua URL de sistema, se houver. * Dado um sistema um retorno URL do seu alias, se tal pessoa existe. * Caso contr�rio, retorna FALSE. * * @param $action * um dos seguintes valores: * - wipe: apaga um cache de apelidos. * - alias: retorna um apelido para dar ao URL do sistema de caminhos (se existir). * - source: retorna a URL do sistema para um apelido (se existir) * @param $path * O caminho para investigar o sistema de apelidos ou correspondentes URLs. * @param $path_language * Opcional codigo de linguagem para procurar um caminho nele. O padr�o � a linguagem * da p�gina. * se nenhum caminho for definido pela lingagem ent�o ser� buscado um caminho se a linguagem. * * @return * ou um caminho de sistema, um caminho do apelido, ou FALSE se nenhum caminho for encontrado. */ function lookup_path($action, $path = '', $path_language = '') { global $language, $cfg; // $map é um array com a chave da linguagem, contendo arrays com os apelidos dos caminhos static $map = array(), $no_src = array(), $count = NULL; $path_language = $path_language ? $path_language : $language['language']->language; $mysql = new MYSQL($cfg); // Use $count to avoid looking up paths in subsequent calls if there simply are no aliases if (!isset($count)) { $sql = "SELECT COUNT(ID_PATH) FROM {url_alias}"; $count = $mysql->dbResult($mysql->SqlSelect($sql)); } if ($action == 'wipe') { $map = array(); $no_src = array(); $count = NULL; } elseif ($count > 0 && $path != '') { if ($action == 'alias') { if (isset($map[$path_language][$path])) { return $map[$path_language][$path]; } // Obtenha o resultado mais adequado caindo para tr�s com alias sem linguagem $sql = "SELECT dst FROM {url_alias} WHERE src = '{$path}' AND language IN('{$path_language}', '') ORDER BY language DESC, ID_PATH DESC"; $alias = $mysql->dbResult($mysql->SqlSelect($sql, __FILE__, __LINE__, __CLASS__, __METHOD__, __FUNCTION__)); $map[$path_language][$path] = $alias; return $alias; } elseif ($action == 'source' && !isset($no_src[$path_language][$path])) { // procura no valor de $path sem cachear $map $src = FALSE; if (!isset($map[$path_language]) || !($src = array_search($path, $map[$path_language]))) { // Obtenha o resultado mais adequado caindo para tr�s com alias sem linguagem $sql = "SELECT src FROM {url_alias} WHERE dst = '{$path}' AND language IN('{$path_language}', '') ORDER BY language DESC, ID_PATH DESC"; $src = ""; if ($src = $mysql->dbResult($mysql->SqlSelect($sql, __FILE__, __LINE__, __CLASS__, __METHOD__, __FUNCTION__))) { $map[$path_language][$src] = $path; } else { // We can't record anything into $map because we do not have a valid // index and there is no need because we have not learned anything // about any Drupal path. Thus cache to $no_src. $no_src[$path_language][$path] = TRUE; } } return $src; } } return FALSE; }
<?php $tabela = 'pedidos'; $mysql = new MYSQL($cfg); if ($_POST['add']) { // adicionar registro. array_pop($_POST); print_r($_POST); $sql = $mysql->SqlInsert($tabela, $_POST); $request = $mysql->SqlSelect($sql, __FILE__, __LINE__); if ($request) { print "<h4>Registro Realizado com sucesso!!!</h4>"; } } if ($_POST['del']) { // adicionar registro. print_r($_POST); $idde = trim($_POST['id']); $sql = $mysql->SqlDelete($tabela, "id = '{$idde}'"); $request = $mysql->SqlSelect($sql, __FILE__, __LINE__); if ($request) { print "<h4>Registro Deletado com sucesso!!!</h4>"; } } $result = $mysql->SqlSelect("\r\r\n SELECT B.nome as cliente , C.nome as produto, A.id as id\r\r\n FROM pedidos A INNER JOIN clientes B ON A.id_cliente = B.id INNER JOIN produtos C ON A.id_produto = C.id\r\r\n ORDER BY cliente ASC\r\r\n "); if ($result) { ?> <div class="col-md-6"> <table class="table table-striped"> <thead>
/** * executa um insert no banco de dados de um objeto po * @param unknown_type $entry * @param unknown_type $group * @return Ambigous <Ambigous, resource> * @todo atualizar para que o insert também faça um update */ function insertTranslation(&$entry, $group = 'default') { global $cfg; $mysql = new MYSQL($cfg); $args = po_db($entry, $group); return $mysql->SqlSelect($mysql->SqlInsert($args), __FILE__, __LINE__); }
<?php $tabela = 'pedidos'; $mysql = new MYSQL($cfg); ?> <form action="index.php?p=pedidos&a=list" method="post"> <label for="cliente">Cliente:<br /> <select name="id_cliente"> <?php $result = $mysql->SqlSelect(" SELECT nome, id\r\r\n FROM clientes\r\r\n ORDER BY nome ASC\r\r\n "); while ($item = mysql_fetch_array($result, MYSQL_ASSOC)) { ?> <option value="<?php echo $item['id']; ?> "><?php echo $item['nome']; ?> </option> <?php } ?> </select> </label><br /> <label for="produto">Produtos:<br /> <select name="id_produto"> <?php $result = $mysql->SqlSelect(" SELECT nome, id\r\r\n FROM produtos\r\r\n ORDER BY nome ASC\r\r\n ");
<?php $tabela = 'produtos'; $mysql = new MYSQL($cfg); if ($_POST['add']) { // adicionar registro. array_pop($_POST); $sql = $mysql->SqlInsert($tabela, $_POST); $request = $mysql->SqlSelect($sql, __FILE__, __LINE__); if ($request) { print "<h4>Registro Realizado com sucesso!!!</h4>"; } } if ($_POST['del']) { // adicionar registro. $idde = trim($_POST['id']); $sql = $mysql->SqlDelete($tabela, "id = '{$idde}'"); $request = $mysql->SqlSelect($sql, __FILE__, __LINE__); if ($request) { print "<h4>Registro Deletado com sucesso!!!</h4>"; } } $result = $mysql->SqlSelect("SELECT id, nome, descricao, preco FROM {$tabela}"); if ($result) { ?> <div class="col-md-6"> <table class="table table-striped"> <thead> <tr> <th>#</th>
function sess_gc($lifetime) { global $cfg; $mysql = new MYSQL($cfg); // Be sure to adjust 'php_value session.gc_maxlifetime' to a large enough // value. For example, if you want user sessions to stay in your database // for three weeks before deleting them, you need to set gc_maxlifetime // to '1814400'. At that value, only after a user doesn't log in after // three weeks (1814400 seconds) will his/her session be removed. $mysql->SqlSelect("DELETE FROM {sessions} WHERE timestamp < %d", time() - $lifetime); return TRUE; }
function LoadPages() { $mysql = new MYSQL($this); $nivel = $this->getVars('member_nivel'); $group = explode(";", $this->getVars('member_group')); foreach ($group as $valor) { if ($valor == "") { continue; } $ex .= "OR page_acess like '{$valor}' "; } $result = $mysql->SqlSelect("SELECT * FROM {$this->cfg[prefix]}pages WHERE page_nivel <= '{$nivel}' {$ex} "); while ($page = mysql_fetch_array($result, MYSQL_ASSOC)) { $this->page[$page['page_name']] = $page; } }
/** * Metodo que carrega as configurações extras do banco de dados */ private function LoadConfigDb() { //@todo fazer com que o load config carregue arrays do mysql com serealize, mas para isso precisa serializar so valores que ja estão no BD. $mysql = new MYSQL($this->cfg); if ($mysql->MysqlSelectDb($this->cfg['db_name'], $mysql->conexao)) { $result = $mysql->SqlSelect("SELECT * FROM {config}"); while ($row = mysql_fetch_assoc($result)) { $this->cfg[$row['item']] = $row['valor']; } } else { /* * @TODO Não Existe banco de dados para instalação; **/ install_goto('install.php'); } }
<?php $tabela = 'clientes'; $mysql = new MYSQL($cfg); if ($_POST['add']) { //adicionar registro. array_pop($_POST); $sql = $mysql->SqlInsert($tabela, $_POST); $request = $mysql->SqlSelect($sql, __FILE__, __LINE__); if ($request) { print "<h4>Registro Realizado com sucesso!!!</h4>"; } } if ($_POST['del']) { //adicionar registro. $idde = trim($_POST['id']); $sql = $mysql->SqlDelete($tabela, "id = '{$idde}'"); $request = $mysql->SqlSelect($sql, __FILE__, __LINE__); if ($request) { print "<h4>Registro Deletado com sucesso!!!</h4>"; } } $result = $mysql->SqlSelect("SELECT id, nome, email, telefone FROM {$tabela}"); if ($result) { ?> <div class="col-md-6"> <table class="table table-striped"> <thead> <tr> <th>#</th>
function getFilename($type, $name, $filename = NULL) { global $cfg; static $files = array(); $GLOBALS['files'] &= $files; $mysql = new MYSQL($cfg); if (!isset($files[$type])) { $files[$type] = array(); } if (!empty($filename) && file_exists($filename)) { $files[$type][$name] = $filename; } elseif (isset($files[$type][$name])) { // nothing } elseif ($cfg['db_name'] && (($file = $mysql->dbResult($mysql->SqlSelect("SELECT filename FROM {system} WHERE name = '%s' AND type = '%s'", $name, $type))) && file_exists($file))) { $files[$type][$name] = $file; } else { // Fallback to searching the filesystem if the database connection is // not established or the requested file is not found. $dir = $type == 'theme_engine' ? 'themes/engines' : "{$type}s"; $file = $type == 'theme_engine' ? "{$name}.engine" : "{$name}.{$type}"; $config = SITE_MODULOS; foreach (array("{$config}{$dir}/{$file}", "{$config}{$dir}/{$name}/{$file}", "{$dir}/{$file}", "{$dir}/{$name}/{$file}") as $file) { if (file_exists($file)) { $files[$type][$name] = $file; break; } } } if (isset($files[$type][$name])) { return $files[$type][$name]; } }
<?php $tabela = 'produtos'; $mysql = new MYSQL($cfg); $idde = trim($_POST['id']); if (trim($_POST['edit'])) { array_pop($_POST); $sql = $mysql->SqlUpdate($tabela, $_POST, "id = '{$idde}'"); $request = $mysql->SqlSelect($sql); $request = $mysql->SqlSelect($sql, __FILE__, __LINE__); if (request) { print "<h4>Registro Atualizado com sucesso!!!</h4>"; } } $result = $mysql->SqlSelect("SELECT * FROM {$tabela} WHERE id = '" . $idde . "'"); $item = mysql_fetch_array($result, MYSQL_ASSOC); ?> <form action="index.php?p=produtos&a=edit" method="post"> <label for="nome">Nome:<br /> <input name="nome" type="text" value="<?php echo $item['nome']; ?> " /> </label><br /> <label for="descricao">Descrição:<br /> <textarea name="descricao"><?php echo $item['descricao']; ?> </textarea> </label><br />
<?php $tabela = 'pedidos'; $mysql = new MYSQL($cfg); $idde = trim($_POST['id']); if (trim($_POST['edit'])) { array_pop($_POST); $sql = $mysql->SqlUpdate($tabela, $_POST, "id = '{$idde}'"); $request = $mysql->SqlSelect($sql); $request = $mysql->SqlSelect($sql, __FILE__, __LINE__); if (request) { print "<h4>Registro Atualizado com sucesso!!!</h4>"; } } $result = $mysql->SqlSelect("SELECT * FROM {$tabela} WHERE id = '" . $idde . "'"); $item = mysql_fetch_array($result, MYSQL_ASSOC); ?> <form action="index.php?p=pedidos&a=edit" method="post"> <label for="cliente">Cliente:<br /> <select name="id_cliente"> <?php $result = $mysql->SqlSelect(" SELECT nome, id\r\r\n FROM clientes\r\r\n ORDER BY nome ASC\r\r\n "); while ($itema = mysql_fetch_array($result, MYSQL_ASSOC)) { if ($item['id_cliente'] == $itema['id']) { $det = 'selected="selected"'; } else { $det = ''; } ?>
function RegReservedName(&$smarty) { $mysql = new MYSQL($smarty); $request = $mysql->SqlSelect("SELECT * FROM {$smarty->cfg[prefix]}reserved_names", __FILE__, __LINE__); if (mysql_affected_rows() > 0) { $reserve = array(); while ($row = mysql_fetch_array($request)) { if ($row['setting'] == 'word') { $reserve[] = trim($row['value']); } else { ${$row['setting']} = trim($row['value']); } } $namecheck = $matchcase == '1' ? $this->form['member_name'] : strtolower($this->form['member_name']); foreach ($reserve as $reserved) { $reservecheck = $matchcase == '1' ? $reserved : strtolower($reserved); if ($matchuser == '1') { if ($matchword == '1') { if ($namecheck == $reservecheck) { return $smarty->getFinishError('registro_erro_05', array("", " - " . $reserved)); } } else { if (strstr($namecheck, $reservecheck)) { return $smarty->getFinishError('registro_erro_05', array("", " - " . $reserved)); } } } } } }
public function logMe($ID_MEMBER, $min = '15') { $mysql = new MYSQL($this); $tabela = $this->cfg['db_prefix'] . 'log_online'; $logme['identity'] = $ID_MEMBER; $perfil['member_lastlogin'] = $logme['logTime'] = 'NOW()'; $perfil['member_lestonline'] = $logme['logoutTime'] = "NOW() + INTERVAL " . $min . " MINUTE"; $logme['url'] = $this->actualpage['page_name'] ? $this->actualpage['page_name'] : "index"; $logme['ip'] = $_SERVER['REMOTE_ADDR']; $request = $mysql->SqlSelect("Select identity From {$tabela} where ip = \"{$logme[ip]}\" and identity = \"{$ID_MEMBER}\"", __FILE__, __LINE__); mysql_affected_rows(); if (mysql_affected_rows() > 0) { $sql = $mysql->SqlUpdate($tabela, $logme, "identity = {$ID_MEMBER}"); } else { $sql = $mysql->SqlInsert($tabela, $logme); } $request = $mysql->SqlSelect($sql, __FILE__, __LINE__); $tabela = $this->cfg['db_prefix'] . 'log_online'; $sql = $mysql->SqlUpdate($tabela, $logme, "identity =" . $ID_MEMBER); $request = $mysql->SqlSelect($sql, __FILE__, __LINE__); $sql = $mysql->SqlDelete($tabela, "logoutTime < NOW()"); $request = $mysql->SqlSelect($sql, __FILE__, __LINE__); if ($ID_MEMBER > 0) { $tabela = $this->cfg['db_prefix'] . 'members'; $sql = $mysql->SqlUpdate($tabela, $perfil, "ID_MEMBER =" . $ID_MEMBER); $request = $mysql->SqlSelect($sql, __FILE__, __LINE__); } }