public function view_album() { $this->_checkPermission(); $paths = func_get_args(); $id = urldecode(join('/', $paths)); $albums = Record::query('select * from ' . TABLE_PREFIX . 'album where id="' . $id . '"'); $album = $albums->fetchObject(); /* Pagination */ if (isset($_GET['page'])) { $CurPage = $_GET['page']; } else { $CurPage = 0; } $rowspage = 20; $start = $CurPage * $rowspage; $totalrecords = Record::countFrom('Gallery', 'album_id="' . $id . '"'); $galleries = Record::query('select * from ' . TABLE_PREFIX . 'gallery g where g.album_id = "' . $id . '" ORDER BY g.sequence LIMIT ' . $start . ',' . $rowspage); $lastpage = ceil($totalrecords / $rowspage); if ($totalrecords <= $rowspage) { $lastpage = 0; } else { $lastpage = abs($lastpage - 1); } /* End Pagination */ $this->display('gallery/view_album', array('album' => $album, 'CurPage' => $CurPage, 'lastpage' => $lastpage, 'galleries' => $galleries, 'pages' => Record::findAllFrom('Page', 'parent_id=1 order by parent_id,position'))); }
public function isUsed() { /* TODO: This should use Page::count() */ return Record::countFrom('Page', 'layout_id=?', array($this->id)); }
public function isUsed() { return Record::countFrom('Page', 'layout_id = :layout_id', array(':layout_id' => $this->id)); }
case "employee_login": $success = false; $login_nric = addslashes($_POST['login_nric']); $login_password = addslashes($_POST['login_password']); $encrypt_password = md5($login_password); if (empty($login_nric)) { $error = "nonric"; // } else if(!preg_match("/^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$/i", $login_nric)){ // $error = "invalidemail"; } else { if (empty($login_password)) { $error = "nopass"; } else { $employee = new Employee(); $valid_employee = $employee->findOneFrom('Employee', 'NRIC = "' . $login_nric . '" AND password="******"'); if (Record::countFrom('Employee', 'NRIC = "' . $login_nric . '" AND password="******"') > 0) { $employee = $valid_employee; $today = date("Y-m-d"); $expire = $employee->validate_date; $today_time = strtotime($today); $expire_time = strtotime($expire); if ($employee->suspended) { $error = "suspended"; } else { if (!$employee->validate) { $error = "notvalidate"; } else { if ($expire_time < $today_time) { $error = "expired"; } else { $value = $employee->employee_id;
<?php $employee_id = $_COOKIE['cookie_employee_id']; if ($employee_id != "") { $oEmployee = new Employee(); $employee = $oEmployee->findOneFrom("Employee", "employee_id=" . $employee_id); } if (isset($_POST['pageaction'])) { if ($_POST['pageaction'] == 'updateprofile') { $email = $_POST['email']; $mobiletel = $_POST['mobiletel']; $email_count = Record::countFrom("Employee", "email='" . addslashes($email) . "' AND employee_id<>'" . $employee_id . "'"); if ($email_count == 0) { Record::query('UPDATE ' . TABLE_PREFIX . 'employee set email = "' . addslashes($email) . '",mobiletel = "' . addslashes($mobiletel) . '" where employee_id="' . $employee_id . '"'); $status = "success"; } else { $status = "failed"; $msg1 = 'Email Exists.'; } redirect(get_url('employee/setting?status1=' . $status . '&msg1=' . $msg1)); } if ($_POST['pageaction'] == 'changepass') { if ($employee_id != "") { if ($employee) { $email = $employee->email; $old_password = $employee->password; $nric = $employee->NRIC; } } $current_password = $_POST["current_password"]; $new_password = $_POST["new_password"];
function downloadSearch($terms,$limit=10,$offset=0,$order='name',$expired=false,$inactive=false) { $where = '1'; // show expired downloads? if ($expired === false) $where .= " AND ( `downloads`.`expires` > NOW() || `downloads`.`expires` IS NULL )"; // show inactive downloads? if ($inactive === false) $where .= " AND `downloads`.`active` = '1'"; $order = strtolower($order); $order = in_array($order,explode(',','id,name,filename,active,downloads,expires,created,updated')) && !empty($order) ? $order : 'name' ; $order = $order == 'downloads' ? 'downloads.'.$order.' DESC' : 'downloads.'.$order.' ASC'; if (! empty($terms)) { $querys = preg_replace('/[^a-z0-9 %]/i',' ',$terms); $querys = strstr($querys,' ') !== false ? explode(' ',$querys) : array($querys); $querys = preg_replace(array('/ing$/i','/ed$/i','/s$/i'),'',$querys); foreach ($querys as $query) { if (strstr($query,'%') === false && !empty($query)) $query = "%{$query}%"; if (!empty($query)) $where .= " AND ( downloads.name LIKE ".Record::escape($query)." OR downloads.description LIKE ".Record::escape($query)." OR downloads.keywords LIKE ".Record::escape($query)." ) "; } } if (!$results = Download::findAll(array('where'=>$where,'limit'=>$limit,'offset'=>$offset,'order'=>$order))) return false; $count = Record::countFrom('Download',$where); return array('downloads'=>$results,'count'=>$count); }