/** * sp_Installer::displayInstallationCompletePage() - this method displays the * installation complete page * * @return void */ public function displayInstallationCompletePage() { global $administrator_email; $db = new Querier(); $db->exec("UPDATE staff SET staff.email=" . $db->quote($administrator_email) . " WHERE staff.staff_id = 1"); ?> <div id="maincontent" style="max-width: 800px; margin-right: auto; margin-left: auto;"> <div class="install-pluslet" name="error_page" align="center"> <h2 class="bw_head"><?php echo _("Installation Complete"); ?> </h2> <p><?php echo _("SubjectsPlus installation complete. Please log in."); ?> </p> <p><?php echo _("<strong>Username: </strong> ") . "{$administrator_email}"; ?> </p> <p><?php echo _("<strong>Password: </strong> "); echo htmlentities($this->lstrRandomPassword); ?> </p> <p><a href="login.php" target="_blank"><?php echo _("Log In"); ?> </a></p> </div> </div> <?php }
function isEmailUnique($lstrType = "") { $db = new Querier(); switch (strtolower($lstrType)) { case "insert": $lstrQuery = "SELECT email FROM staff WHERE email = " . $db->quote(scrubData($this->_email, "email")); break; case "update": $lstrQuery = "SELECT email FROM staff WHERE email = " . $db->quote(scrubData($this->_email, "email")) . "AND staff_id <> " . scrubData($this->_staff_id, "integer"); break; default: return false; } $lrscSQL = $db->query($lstrQuery); $lintNumberOfRows = count($lrscSQL); if ($lintNumberOfRows > 0) { return false; } return true; }
public function updateRecord() { ///////////////////// // update faq table ///////////////////// $db = new Querier(); $qUpFAQ = "UPDATE faq SET question = " . $db->quote(scrubData($this->_question, "text")) . ",\n\t answer = " . $db->quote(scrubData($this->_answer, 'richtext')) . ",\n\t keywords = " . $db->quote(scrubData($this->_keywords, 'text')) . "\n WHERE faq_id = " . scrubData($this->_faq_id, 'integer'); $rUpFAQ = $db->query($qUpFAQ); $this->_debug = "<p>1. update faq: {$qUpFAQ}</p>"; ///////////////////// // clear faq_subject ///////////////////// $qClearSubs = "DELETE FROM faq_subject WHERE faq_id = " . $this->_faq_id; $rClearSubs = $db->query($qClearSubs); $this->_debug .= "<p>2. clear rank: {$qClearSubs}</p>"; if ($rClearSubs === FALSE) { echo blunDer("We have a problem with the clear faq-subs query: {$qClearSubs}"); } ///////////////////// // insert into subject //////////////////// self::modifySubjects(); // wipe entry from intervening table $qClearColls = "DELETE FROM faq_faqpage WHERE faq_id = " . scrubData($this->_faq_id, "integer"); $rClearColls = $db->query($qClearColls); $this->_debug .= "<p>4. wipe faq_faqpage: {$qClearColls}</p>"; if ($rClearColls === FALSE) { echo blunDer("We have a problem with the clear locations query: {$qClearColls}"); } ///////////////////// // insert/update collections //////////////////// self::modifyCollections(); // ///////////////////// // Alter chchchanges table // table, flag, item_id, title, staff_id //////////////////// $updateChangeTable = changeMe("faq", "update", $this->_faq_id, $this->_question, $_SESSION['staff_id']); // message $this->_message = _("Thy Will Be Done. Updated."); }
public function import_libguides($subject_values) { $db = new Querier(); $subject_id = $subject_values[0][1]->__toString(); if ($this->guide_imported()[0][0] != 0) { exit; } foreach ($subject_values as $subject) { // Remove the apostrophes and spaces from the shortform $shortform = preg_replace('/\\s+/', '_', str_replace("'", "", $subject[0])); // Escape the apostrophes in the guide name $guide_name = str_replace("'", "''", $subject[0]); $guide_check = $this->guide_dupe($guide_name); if ($guide_check[0][0] != 0) { $dupe_message = "It looks like this guide has already been imported."; return $dupe_message; } if ($subject[0] != null) { if ($db->exec("INSERT INTO subject (subject, subject_id, shortform, description, keywords) VALUES ('{$guide_name}', '{$subject['1']}', '{$shortform}' , '{$subject['3']}', '{$subject['7']}')")) { echo $subject[1]; } else { echo $subject[1][0]; $query = "INSERT INTO subject (subject, subject_id, shortform, last_modified, description, keywords) VALUES ('{$guide_name}', '{$subject['1']}', '{$shortform}' , '{$subject['2']}', '{$subject['3']}', '{$subject['7']}')"; //error_log( "Error inserting subject:"); //error_log ($query); //error_log ( $db->errorInfo() ); } if ($this->getGuideOwner() != null) { $staff_id = $this->getStaffID($this->getGuideOwner()); //error_log ("Staff ID: " . $staff_id ); if ($db->exec("INSERT INTO staff_subject (subject_id, staff_id) VALUES ({$subject['1']}, {$staff_id})")) { //error_log ("Inserted staff: '$staff_id'"); } else { //error_log("Error inserting staff. "); } } } else { } $subject_page = $subject[4]; $tab_index = 0; foreach ($subject_page->PAGE as $tab) { // LibGuide's pages are tabs so make a new tab $tab_index++; $clean_tab_name = $db->quote($tab->NAME); if ($db->exec("INSERT INTO tab (tab_id, subject_id, label, tab_index) VALUES ('{$tab->PAGE_ID}', '{$subject['1']}', {$clean_tab_name}, {$tab_index} - 1)")) { //error_log ("Inserted tab '$tab->NAME'"); } else { //error_log( "Problem inserting the tab, '$tab->NAME'. This tab may already exist in the database." ); //error_log ("Error inserting tab:"); //error_log ($db->errorInfo()); } $row = 0; $column = 0; $section_index = null; foreach ($tab->BOXES as $section) { // LibGuide's box parents into sections $section_uniqid = $section_index . rand(); $section_index++; if ($db->exec("INSERT INTO section (tab_id, section_id, section_index) VALUES ('{$tab->PAGE_ID}', {$section_uniqid} , {$section_index})")) { //error_log("Inserted section"); } else { //error_log("Problem inserting this section. This section may already exist in the database."); //error_log("Error inserting section:"); //error_log($db->errorInfo() ); } } foreach ($tab->BOXES->BOX as $pluslet) { // This imports each LibGuide's boxes as pluslets $description = null; // Import images and replace the old urls with new urls $doc = new \DOMDocument(); $doc->loadHTML(mb_convert_encoding($pluslet->DESCRIPTION, 'UTF-8')); $nodes = $doc->getElementsByTagName("img"); foreach ($nodes as $node) { foreach ($node->attributes as $attr) { $test = strpos($attr->value, "http://"); if ($test !== false) { //error_log( $attr->value); $attr->value = $this->download_images($attr->value); } } $description .= "<div class=\"description\">" . htmlspecialchars($doc->saveHTML()) . "</div>"; } foreach ($pluslet->LINKS->LINK as $link) { $db = new Querier(); $record = $db->query("SELECT * FROM location WHERE location = " . $db->quote($link->URL), NULL, TRUE); $record_title = $db->query("SELECT title.title,title.title_id, location.location FROM \nlocation_title \nJOIN title ON title.title_id = location_title.title_id\nJOIN location on location.location_id = location_title.location_id\nWHERE location.location_id = " . $record[0]['location_id']); if ($record_title[0]["title"] == "") { $description .= "<div class=\"links\">" . "<span class=\"link_title\"> {$link->NAME} </span>" . "<div class=\"link-description\">{$link->DESCRIPTION_SHORT}</div>" . "</div>"; } if ($record_title[0][title]) { $description .= "<div class=\"links\">" . "{{dab},{" . $record[0]['location_id'] . "}," . "{" . $record_title[0]["title"] . "},{01}}" . "<div class=\"link-description\">{$link->DESCRIPTION_SHORT}</div>" . "</div>"; } //error_log ("REEECCCCCORRDDD!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"); //error_log($record_title); //error_log("SELECT * FROM location WHERE location = " . $db->quote($link->URL)); } foreach ($pluslet->BOOKS->BOOK as $book) { $description .= "<div class=\"books\">" . "<a href=\"{$book->URL}\">{$book->TITLE}</a>" . "<div class=\"book-description\">{$link->DESCRIPTION}</div>" . "</div>"; } $description .= "<div class=\"media\">" . $pluslet->DESCRIPTION . "</div>"; $clean_description = $db->quote($description); if ($db->exec("INSERT INTO pluslet (pluslet_id, title, body, type) VALUES ({$pluslet->BOX_ID}, '{$pluslet->NAME}', {$clean_description}, 'Basic')")) { //error_log("Inserted pluslet '$pluslet->NAME'"); $clean_description = null; } else { //error_log("Error inserting pluslet:"); //error_log($db->errorInfo()); } if ($db->exec("INSERT INTO pluslet_section (pluslet_id, section_id, pcolumn, prow) VALUES ('{$pluslet->BOX_ID}', '{$section_uniqid}', {$column}, {$row})")) { //error_log("Inserted pluslet section relationship"); // This sticks the newly created pluslet into a section } else { //error_log("Error inserting pluslet_section:"); //error_log( $db->errorInfo()); } } } } }
public function updateRecord() { ///////////////////// // update talkback table ///////////////////// $db = new Querier(); $qUpTB = "UPDATE talkback SET question = " . $db->quote(scrubData($this->_question, 'text')) . ",\n\t q_from = " . $db->quote(scrubData($this->_q_from, 'text')) . ",\n\t answer = " . $db->quote(scrubData($this->_answer, 'richtext')) . ","; if ($this->_a_from == '') { $qUpTB .= "a_from = NULL,"; } else { $qUpTB .= "a_from = " . $db->quote(scrubData($this->_a_from, 'text')) . ","; } $qUpTB .= "display = " . $db->quote(scrubData($this->_display, 'integer')) . ",\n \n tbtags = " . $db->quote(scrubData($this->_tbtags, 'text')) . ",\n cattags = " . $db->quote(scrubData($this->_cattags, 'text')) . "\n \n WHERE talkback_id = " . scrubData($this->_talkback_id, 'integer'); //print $qUpTB; $rUpTB = $db->exec($qUpTB); // ///////////////////// // Alter chchchanges table // table, flag, item_id, title, staff_id //////////////////// $updateChangeTable = changeMe("talkback", "update", $this->_talkback_id, $this->_question, $_SESSION['staff_id']); // message $this->_message = _("Thy Will Be Done. Updated."); }
public function insertRecord() { ///////////////////// // update refstats table ///////////////////// $db = new Querier(); $qInsert = "INSERT INTO uml_refstats (type_id, location_id, mode_id, date, note) VALUES (\n\t " . $db->quote(scrubData($this->_type_id, "integer")) . ",\n\t " . $db->quote(scrubData($this->_location_id, "integer")) . ",\n " . $db->quote(scrubData($this->_mode_id, "integer")) . ",\n " . $db->quote(scrubData($this->_date, "text")) . ",\n " . $db->quote(scrubData($this->_note, "text")) . "\n )"; //print $qInsert; // if we're doing multiple identicals. we loop $x = 0; while ($x < $this->_submit_times_x) { $rInsert = $db->query($qInsert); $x++; } $this->_refstat_id = $db->last_id(); $this->_debug = "<p>1. insert: {$qInsert}</p>"; if (!$rInsert) { echo blunDer("We have a problem with the tb query: {$qInsert}"); } // message $this->_message = _("Thy Will Be Done."); }
public function insertRecord() { //////////////// // hash password //////////////// $db = new Querier(); $this->_password = md5($this->_password); //////////////// // Insert staff //////////////// $qInsertStaff = "INSERT INTO staff (fname, lname, title, tel, department_id, staff_sort, email, user_type_id, password, ptags, active, bio) VALUES (\n\t\t'" . $db->quote(scrubData($this->_fname)) . "',\n\t\t'" . $db->quote(scrubData($this->_lname)) . "',\n\t\t'" . $db->quote(scrubData($this->_title)) . "',\n\t\t'" . $db->quote(scrubData($this->_tel)) . "',\n\t\t'" . $db->quote(scrubData($this->_department_id, "integer")) . "',\n\t\t'" . $db->quote(scrubData($this->_staff_sort, "integer")) . "',\n\t\t'" . $db->quote(scrubData($this->_email, "email")) . "',\n\t\t'" . $db->quote(scrubData($this->_user_type_id, "integer")) . "',\n\t\t'" . $db->quote(scrubData($this->_password)) . "',\n\t\t'" . $db->quote(scrubData($this->_ptags)) . "',\n '" . $db->quote(scrubData($this->_active, "integer")) . "',\n '" . $db->quote(scrubData($this->_bio, "richtext")) . "'\n\t\t)"; $rInsertStaff = $db->query($qInsertStaff); $this->_debug .= "<p class=\"debug\">Insert query: {$qInsertStaff}</p>"; if (!$rInsertStaff) { echo blunDer("We have a problem with the insert staff query: {$qInsertStaff}"); } $this->_staff_id = $db->last_id(); // create folder if ($this->_staff_id) { $user_folder = explode("@", $this->_email); $path = "../../assets/users/_" . $user_folder[0]; mkdir($path); // And copy over the generic headshot image and headshot_large.jpg $nufile = $path . "/headshot.jpg"; $copier = copy("../../assets/images/headshot.jpg", $nufile); $copier = copy("../../assets/images/headshot.jpg", $path . "/headshot_large.jpg"); } // ///////////////////// // Alter chchchanges table // table, flag, item_id, title, staff_id //////////////////// $updateChangeTable = changeMe("staff", "insert", $this->_staff_id, $this->_email, $_SESSION['staff_id']); // message $this->_message = _("Thy Will Be Done. Added."); }
public function updateRecord() { $db = new Querier(); ///////////////////// // update video table ///////////////////// // print "UPDATE RECORD!!!"; $qUpVid = "UPDATE video SET title = " . $db->quote($this->_title) . ", description = " . $db->quote(scrubData($this->_description, 'text')) . "," . "source = " . $db->quote($this->_source) . "," . "foreign_id = " . $db->quote($this->_foreign_id) . "," . "duration = " . $db->quote($this->_duration) . "," . "date = " . $db->quote($this->_date) . "," . "display = " . $db->quote($this->_display) . "," . "vtags = " . $db->quote($this->_vtags) . "WHERE video_id = " . $db->quote($this->_video_id); //print $qUpVid; $rUpVid = $db->exec($qUpVid); // ///////////////////// // Alter chchchanges table // table, flag, item_id, title, staff_id //////////////////// $updateChangeTable = changeMe("video", "update", $this->_video_id, $this->_title, $_SESSION['staff_id']); // message $this->_message = _("Thy Will Be Done. Updated."); }
function dupeCheck() { $db = new Querier(); // returns TRUE is there is already an item with that subject or shortform if ($this->_subject_id == "") { // INSERT $qcheck = "SELECT shortform FROM subject WHERE shortform = " . $db->quote(scrubData($this->_shortform)); } else { // UPDATE $qcheck = "SELECT shortform FROM subject WHERE shortform = " . $db->quote(scrubData($this->_shortform)) . " AND subject_id != " . $this->_subject_id; } //print $qcheck; $db = new Querier(); $rcheck = $db->query($qcheck); $this->_debug .= "<p>Dupe check: {$qcheck}</p>"; if (count($rcheck) == 0) { return FALSE; } else { return TRUE; } }