function GenMapMenu($table, $field, $order)
{
global $defined;
$db = new dbConn();
$val = new ValidateStrings();
if (empty($table) || empty($field)) {
return -1;
}
$conn = $db->dbConnect($defined['dbhost'], $defined['username'], $defined['password'], $defined['dbname']);
if (empty($order)) {
$query = "SELECT {$field} FROM `{$table}`";
} else {
$query = "SELECT {$field} FROM `{$table}` ORDER BY `{$order}`";
}
$query = $val->ValidateSQL($query, $conn);
if (($value = $db->dbQuery($query, $conn)) === -1) {
return -1;
}
if ($db->dbNumRows($value) === -1 || $db->dbNumRows($value) === 0) {
return -1;
} else {
$list = "<form method=\"get\" action=\"{$_SERVER['PHP_SELF']}\"><b>Existing rides:</b> <select name=\"mapper\" onChange=\"jumpMenu('parent',this,0)\"><option value=\"NULL\">Select Map / Route...</option>";
$list .= "<option>------------------------------</option>";
foreach ($db->dbArrayResultsAssoc($value) as $key => $val) {
$url = $_SERVER['PHP_SELF'] . "?lat=" . $val['lat'] . "&lon=" . $val['lon'] . "&z=" . $val['zoom'] . "&mType=" . $val['type'] . "&driveFrom=" . $val['from'] . "&driveTo=" . $val['to'] . "&driveVia=" . $val['via'] . "&locale=en";
$list .= "<option name=\"{$url}\" value=\"{$url}\">" . $val['name'] . "</option>";
}
$list .= "</select></form>";
$data = $list;
}
$db->dbFreeData($conn);
$db->dbCloseConn($conn);
return $data;
}
function deleteStudent($cne)
{
$mysql = dbConn::getConnection();
$q = $mysql->prepare("DELETE FROM etudiant WHERE cne = ?");
$q->execute(array($cne));
$mysql = dbConn::disconnect();
}
public function addStatement()
{
$argsCount = func_num_args();
$par = array();
// array with parameters; will be used later for prepare/exec
// no query as parameter given
if ($argsCount < 1) {
throw new Exception("No Sql-Query given");
}
// insert table prefix
$query = func_get_arg(0);
$query = str_replace(":prefix:", dbConn::getTablePrefix(), $query);
// if there are parameters, insert in
if ($argsCount > 1) {
// create array with parameters for pdo usage
for ($i = 1; $i < $argsCount; $i++) {
$key = ":" . ($i - 1);
$par[$key] = func_get_arg($i);
}
}
try {
// prepare statement
$statement = $this->connection->prepare($query);
$statement->execute($par);
} catch (Exception $ex) {
throw new Exception($ex->getMessage());
}
// return current object for reusage
return $this;
}
function resolveRequest($req)
{
$result = array();
foreach (dbConn::query("SELECT class " . "FROM :prefix:module AS m " . "INNER JOIN :prefix:request AS r " . "ON m.moduleId = r.moduleId " . "WHERE r.url = :0", $req) as $r) {
$result = array("file" => $r['class'], "module" => $r['class']);
}
return $result;
}
/**
* Writes a log entry into the database.
*
* @param int $module The moduleId of the module.
* @param actionType $action The type of action the user did.
* @param array $data Data before and after the action.
*/
public static function write($module, $action, $data)
{
if (!isset($_SESSION['user']) || $_SESSION['user'] == "") {
die;
}
if (actionlogger::$loggingEnabled) {
dbConn::execute("INSERT INTO :prefix:admin_action (sessionId, moduleId, action, data, ipaddress) VALUES (:0, :1, :2, :3, :4);", $_SESSION['sessionId'], $module, $action, json_encode($data), $_SERVER['REMOTE_ADDR']);
}
}
public function getOutput()
{
$tpl = new \template("mypatients/container");
// user data
$user = \dbConn::queryRow("SELECT userid, firstname, lastname, rfid, email, state \n FROM :prefix:user WHERE userId = :0", $_SESSION['userId']);
$tpl->insert("firstname", $user['firstname']);
$tpl->insert("lastname", $user['lastname']);
$tpl->insert("userid", $user['userid']);
$tpl->insert("rfid", $user['rfid']);
$tpl->insert("email", $user['email']);
foreach (\dbConn::query("SELECT * FROM :prefix:user_state") as $r) {
$tpl->insert("states", $r['name'] == $user['state'] ? "<option value=\"{$r['name']}\" selected>{$r['display']}</option>" : "<option value=\"{$r['name']}\">{$r['display']}</option>");
}
// insert patients
$hasPatients = false;
$visit = null;
foreach (\dbConn::query("\n SELECT firstname, lastname, patientId\n FROM :prefix:visit AS v\n INNER JOIN :prefix:patient AS p\n ON v.patient = p.patientId\n WHERE user = :0\n ORDER BY firstname", $_SESSION['userId']) as $r) {
$tpl->insert("patients", "<option value=\"{$r['patientId']}\">{$r['firstname']} {$r['lastname']}</option>");
if (!$hasPatients) {
$visit = \dbConn::queryRow("SELECT * FROM :prefix:visit WHERE user = :0 AND patient = :1", $_SESSION['userId'], $r['patientId']);
}
$hasPatients = true;
}
$visitTpl = new \template("visitors/edit.visit");
// relation
foreach (\dbConn::query("SELECT * FROM :prefix:relation ORDER BY name ASC") as $r) {
$visitTpl->insert("relations", "<option value=\"{$r['name']}\"" . ($r['name'] == $visit['relation'] ? " selected" : "") . ">{$r['name']}</option>");
}
// description
$visitTpl->insert("description", $visit['description']);
// scent
foreach (\dbConn::query("SELECT * FROM :prefix:scent ORDER BY name ASC") as $r) {
$visitTpl->insert("scents", "<option value=\"{$r['name']}\"" . ($r['name'] == $visit['scent'] ? " selected" : "") . ">{$r['name']}</option>");
}
// images
$imgCount = 0;
foreach (\dbConn::query("SELECT * FROM :prefix:visit_media WHERE visitId = :0 AND type = :1", $visit['visitId'], 'Image') as $img) {
$visitTpl->insert("image" . ($imgCount + 1), ROOT . "media/image/" . $img['path']);
$imgCount++;
}
for ($i = $imgCount + 1; $i <= 3; $i++) {
$visitTpl->insert("image" . $i, ROOT . "images/icons/image.png");
}
// audios
$audioCount = 0;
foreach (\dbConn::query("SELECT * FROM :prefix:visit_media WHERE visitId = :0 AND type = :1", $visit['visitId'], 'Audio') as $audio) {
$visitTpl->insert("audio" . ($audioCount + 1), ROOT . "images/icons/audio.png");
$audioCount++;
}
for ($i = $audioCount + 1; $i <= 3; $i++) {
$visitTpl->insert("audio" . $i, ROOT . "images/icons/plus.png");
}
$tpl->insert("visit", $visitTpl->getOutput());
return $tpl->getOutput();
}
function __construct()
{
parent::__construct();
$creds = $this->getCreds();
$this->scCredentials = array('appKey' => $creds['appKey'], 'securityKey' => $creds['securityKey'], 'xslUri' => '');
$this->scWarehouse = $creds['warehouse'];
//$this->scWarehouse = "wookies main";
$this->trakCredentials = array('user' => $creds['trakUser'], 'password' => $creds['trakPassword'], 'trakURL' => $creds['trakURL'], 'trakPort' => $creds['trakPort']);
$this->emailCredentials = array('email' => $creds['email'], 'password' => $creds['emailPassword'], 'oversoldEmail' => json_decode($creds['oversoldEmail'], TRUE), 'storeEmail' => json_decode($creds['storeEmail'], TRUE));
$this->password = $creds['appPassword'];
}
/**
* Loads all (unloaded) frontend modules and returns an array with all loaded module names.
*
* @return array All loaded module names.
* @static
* @since Version 1.0
*/
public static function loadAllModules()
{
$modules = array();
foreach (dbConn::query("SELECT class FROM :prefix:module WHERE backendOnly = 0") as $r) {
if (!file_exists(BASEDIR . "modules/" . $r['class'] . "/" . $r['class'] . ".php")) {
throw new Exception("Failed while loading installed module as the module file was not found: " . BASEDIR . "modules/" . $r['class'] . "/" . $r['class'] . ".php");
}
require_once BASEDIR . "modules/" . $r['class'] . "/" . $r['class'] . ".php";
array_push($modules, "\\frontend\\" . $r['class']);
}
return $modules;
}
function error()
{
$app = Slim\Slim::getInstance();
dbConn::close_connection();
// Close the connection to the MySQL database
mongoConn::close_connection();
// Close the connection to the NoSQL database
// remove all session variables
session_unset();
// destroy the session
session_destroy();
// Show the error
$error = array("error" => "Unauthorised Access. Please Login to use this site.");
$app->render('../api/resources/error.php', array('myerror' => $error));
}
function getHistory($limit)
{
if (!isset($limit) || $limit == 0 || $limit == null || !is_numeric($limit)) {
$limit = 9999999;
}
$changes = new template("admin/lastchanges.container");
foreach (dbConn::query("SELECT\n action, \n nameBefore, \n nameAfter, \n emailBefore, \n emailAfter, \n production, \n fromDate,\n toDate,\n mvoe_plan.name AS plan, \n mvoe_worker_history.created\n FROM :prefix:worker_history \n INNER JOIN :prefix:shift ON :prefix:shift.shiftId = :prefix:worker_history.shift\n INNER JOIN :prefix:plan ON :prefix:shift.plan = :prefix:plan.name\n ORDER BY :prefix:worker_history.created DESC LIMIT 0, " . $limit) as $r) {
$change = new template("admin/lastchanges.entry");
switch ($r['action']) {
case "insert":
$change->insert("action", "<span style=\"color:green;\"><small>\n <i class=\"fa fa-plus-square\"></i>\n </small></span> Hinzugefügt");
break;
case "update":
$change->insert("action", "<span style=\"color:orange;\"><small>\n <i class=\"fa fa-minus-square\"></i>\n </small></span> Bearbeitet");
break;
case "delete":
$change->insert("action", "<span style=\"color:red;\">\n <small><i class=\"fa fa-trash\"></i>\n </small></span> Gelöscht");
break;
default:
$change->insert("action", "Unbekannt");
break;
}
$change->insert("shift", "<small>{$r['plan']}, {$r['production']}</small><br />" . substr($r['fromDate'], 0, 5) . " - " . substr($r['toDate'], 0, 5));
if ($r['nameBefore'] == $r['nameAfter']) {
$change->insert("user", $r['nameAfter']);
} else {
$change->insert("user", "<small><span style=\"text-decoration:line-through;\">{$r['nameBefore']}</span></small>\n <br /><strong>{$r['nameAfter']}</strong>");
}
if ($r['emailBefore'] == $r['emailAfter']) {
$change->insert("email", $r['emailAfter']);
} else {
$change->insert("email", "<small><span style=\"text-decoration:line-through;\">{$r['emailBefore']}</span></small>\n <br /><strong>{$r['emailAfter']}</strong>");
}
$change->insert("date", (new DateTime($r['created']))->format("d.m.y H:i"));
$changes->insert("content", $change->getOutput());
}
$changes->removeVariables();
return $changes->getOutput();
}
public static function getOutput($par)
{
$nav = new template("navigation/container");
$public = !isset($_SESSION['user']);
foreach (dbConn::query("SELECT * FROM :prefix:navigation WHERE parent IS NULL AND public = :0 ORDER BY position", $public) as $r) {
if ($r['admin'] && !$_SESSION['isAdmin']) {
continue;
}
$link = new template("navigation/layer1");
$link->insert("caption", htmlspecialchars($r['caption']));
$link->insert("destination", ROOT . $r['destination'] . "/");
$requestUri = $_SERVER['REQUEST_URI'];
if (navigation::startsWith($_SERVER['REQUEST_URI'], ROOT)) {
$requestUri = urldecode(substr($_SERVER['REQUEST_URI'], strlen(ROOT)));
}
// check active
//$link->insert("active", $requestUri == $r['destination'] ? "active" : "");
$link->insert("active", navigation::startsWith($requestUri, $r['destination']) ? "active" : "");
foreach (dbConn::query("SELECT * FROM :prefix:navigation WHERE parent = :0 ORDER BY position", $r['linkId']) as $s) {
$sublink = new template("navigation/layer2");
$sublink->insert("caption", htmlspecialchars($s['caption']));
$sublink->insert("destination", ROOT . $s['destination'] . "/");
$requestUri = $_SERVER['REQUEST_URI'];
if ($requestUri[strlen($requestUri) - 1] == "/") {
$requestUri = substr($requestUri, 0, strlen($requestUri) - 1);
}
if (navigation::startsWith($requestUri, ROOT)) {
$requestUri = substr($requestUri, strlen(ROOT), strlen($requestUri) - strlen(ROOT));
}
$sublink->insert("active", $requestUri == $s['destination'] ? "active" : "");
$link->insert("links", $sublink->getOutput());
}
$nav->insert("links", $link->getOutput());
}
return $nav->getOutput();
}
function ChkLevel($token)
{
global $defined;
if (empty($token)) {
$level->value = -1;
} else {
$auth = new Encryption();
$db = new dbConn();
$val = new ValidateStrings();
$array = $auth->DecodeAuthToken($token);
$data = $db->dbConnect($defined['dbhost'], $defined['username'], $defined['password'], $defined['dbname']);
$query = "SELECT `level` FROM `auth_users` WHERE `level` = \"" . base64_decode($array[2]) . "\"";
$value = $db->dbQuery($val->ValidateSQL($query, $data), $data);
$array = $db->dbArrayResults($value);
$level->value = $array[0]['level'];
$db->dbFreeData($query);
$db->dbCloseConn($data);
}
return $level->value;
}
<?php
session_start();
require_once '../lib/class.dbConnect.php';
require_once '../lib/class.contents.php';
require_once '../lib/class.favorites.php';
$DB = new dbConn();
$Favorite = new clsFavorites($DB->getConnection());
$idx = $_POST['idx'];
$m_idx = $_SESSION['USER_IDX'];
$arr = array("tags" => trim($_POST['tags']));
$result = $Favorite->modify($idx, $m_idx, $arr);
echo json_encode($result);
<?php
session_start();
define('DOCROOT', realpath(dirname(__FILE__)) . '/');
require DOCROOT . 'dbConn.php';
$con = new dbConn();
$password = $_POST['password'];
$email = $_SESSION['email'];
require DOCROOT . 'activationAndNotifications.php';
$stm = "select pwcr from users where email = '" . $email . "';";
$res = $con->execute($stm);
if ($res->num_rows > 0) {
while ($row = $res->fetch_assoc()) {
if ($row['pwcr'] == 1) {
$stm = "update users set password = '******' where email='" . $email . "';";
if ($con->execute($stm) === true) {
$not = new notification();
$body = "Password changed successfully.";
$not->email("*****@*****.**", "Administration", "*****@*****.**", "mailstodeliver", $email, "Password Changed Successfully", $body);
$stm = "update users set pcwr = 0 where email = '" . $email . "';";
$con->execute($stm);
$stm = "update users set activationCode = 0 where email = '" . $email . "';";
$con->execute($stm);
$_SESSION['homeMessage'] = "Password has been changed successfully.";
echo "<meta http-equiv='refresh' content='0; url=http://32.208.103.211/chatRegistration/index.php'>";
} else {
$_SESSION['homeMessage'] = "Link has been expired.";
echo "<meta http-equiv='refresh' content='0; url=http://32.208.103.211/chatRegistration/index.php'>";
}
}
}
public static function disconnect()
{
self::$db = null;
}
<?php
/*
* phpDHCPAdmin
* Jason Gerfen [jason.gerfen@gmail.com]
*
* config.replication.php - DHCPD Replication configuration
*/
// load our config data
if (file_exists("scripts/inc.config.php")) {
require 'scripts/inc.config.php';
// ensure we are being called from our configured host
if ($defined['hostname'] === $_SERVER['SERVER_NAME']) {
// Initialize classes
$db = new dbConn();
$err = new GenerateErrors();
$tpl = new Template();
$skin = new PageSkinner();
$val = new ValidateStrings();
$menu = new GenerateNavMenu();
$auth = new Authenticate();
$level = new AccessLevels();
$misc = new MiscFunctions();
$debug = new DebugData();
// initialize a db connection handle
$dbconn = $db->dbConnect($defined['dbhost'], $defined['username'], $defined['password'], $defined['dbname']);
// ensure our sessions are present
if (empty($_SESSION['token'])) {
$sessions = new dbSession();
}
//define the template and cache directories
<?php
/*
* phpDHCPAdmin
* Jason Gerfen [jason.gerfen@gmail.com]
*
* admin.import.hosts.php - DHCPD Import static hosts using xml or csv files
*/
// load our config data
if (file_exists("scripts/inc.config.php")) {
require 'scripts/inc.config.php';
// ensure we are being called from our configured host
if ($defined['hostname'] === $_SERVER['SERVER_NAME']) {
// Initialize classes
$db = new dbConn();
$err = new GenerateErrors();
$tpl = new Template();
$skin = new PageSkinner();
$val = new ValidateStrings();
$menu = new GenerateNavMenu();
$auth = new Authenticate();
$level = new AccessLevels();
$misc = new MiscFunctions();
$debug = new DebugData();
// initialize a db connection handle
$dbconn = $db->dbConnect($defined['dbhost'], $defined['username'], $defined['password'], $defined['dbname']);
// ensure our sessions are present
if (empty($_SESSION['token'])) {
$sessions = new dbSession();
}
//define the template and cache directories
<?php
/*
* phpDHCPAdmin
* Jason Gerfen [jason.gerfen@gmail.com]
*
* config.pxe.php - DHCPD Global PXE/BOOTP configuration options
*/
// load our config data
if (file_exists("scripts/inc.config.php")) {
require 'scripts/inc.config.php';
// ensure we are being called from our configured host
if ($defined['hostname'] === $_SERVER['SERVER_NAME']) {
// Initialize classes
$db = new dbConn();
$err = new GenerateErrors();
$tpl = new Template();
$skin = new PageSkinner();
$val = new ValidateStrings();
$menu = new GenerateNavMenu();
$auth = new Authenticate();
$level = new AccessLevels();
$misc = new MiscFunctions();
$debug = new DebugData();
// initialize a db connection handle
$dbconn = $db->dbConnect($defined['dbhost'], $defined['username'], $defined['password'], $defined['dbname']);
// ensure our sessions are present
if (empty($_SESSION['token'])) {
$sessions = new dbSession();
}
//define the template and cache directories
<?php
session_start();
require_once '../lib/class.dbConnect.php';
require_once '../lib/class.contents.php';
require_once '../lib/class.favorites.php';
$DB = new dbConn();
$Content = new clsContents($DB->getConnection());
$Favorite = new clsFavorites($DB->getConnection());
$result = array();
if ($_SESSION['USER_IDX'] == "") {
$result = array("r" => "error", "msg" => "Available after sign in.");
echo json_encode($result);
return;
}
if (trim($_POST['cidx']) == "") {
$arr = array("c_id" => trim($_POST['id']), "c_type" => trim($_POST['c_type']), "s_name" => trim($_POST['s_name']), "c_info" => trim($_POST['info']));
$result = $Content->save($arr);
if ($result['r'] == "success" || $result['r'] == "exist") {
$c_idx = $result['idx'];
}
} else {
$c_idx = trim($_POST['cidx']);
}
$arr = array("m_idx" => $_SESSION['USER_IDX'], "c_idx" => $c_idx, "search_word" => trim($_POST['keyword']), "tags" => trim($_POST['tags']));
$result = $Favorite->save($arr);
if ($result['r'] == "success") {
$result['f_cnt'] = $Content->incrementFavorite($result['c_idx']);
}
echo json_encode($result);
header("location: " . ROOT . "login");
die;
}
function generateRandomString($length = 10)
{
$characters = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
$charactersLength = strlen($characters);
$randomString = '';
for ($i = 0; $i < $length; $i++) {
$randomString .= $characters[rand(0, $charactersLength - 1)];
}
return $randomString;
}
$required = array("firstname", "lastname", "email", "password", "passwordre", "rfid", "isAdmin", "state");
foreach ($required as $r) {
if (!isset($_POST[$r]) || $_POST[$r] == "") {
die("Bitte füllen Sie alle Felder aus.");
}
}
if ($_POST['password'] != $_POST['passwordre']) {
die("Passwörter stimmen nicht überein.");
}
if (strlen($_POST['password']) < 6) {
die("Passwort muss mindestens 6 Zeichen enthalten");
}
try {
$salt = generateRandomString(50);
\dbConn::execute("INSERT INTO :prefix:user (firstname, \n lastname, \n email, \n password,\n salt,\n rfid,\n isAdmin,\n state) \n VALUES (:0, :1, :2, :3, :4, :5, :6, :7);", htmlentities($_POST['firstname']), htmlentities($_POST['lastname']), htmlentities($_POST['email']), hash("sha512", $_POST['password'] . $salt), $salt, htmlentities($_POST['rfid']), $_POST['isAdmin'], $_POST['state']);
} catch (\Exception $ex) {
echo $ex->getMessage();
}
/**
* Checks if the user is an admin.
*
* @return boolean True if the user is administrator.
*/
private function isAdmin()
{
return \dbConn::querySingle("SELECT isAdmin FROM :prefix:user WHERE email = :0", $_POST['username']);
}
$has = false;
$required = 0;
foreach (dbConn::query("SELECT * FROM :prefix:production_shift WHERE production = :0 AND shift = :1", $prod, $shiftId) as $r) {
$required = $r['required'];
$has = true;
}
$prodShift = new template("production_shift");
$prodShift->insert("shiftId", $shiftId);
$prodShift->insert("disabled", $has ? "" : "shift-disabled");
$prodShift->insert("unique", seoUrl("{$plan}-{$prod}-" . substr(str_replace(":00-", " - ", $sh), 0, 13)));
if ($has) {
// fill required number of workers, name
$prodShift->insert("required", $required);
$prodShift->insert("name", $prod);
// get workers of one shift in one production
foreach (dbConn::query("SELECT * FROM :prefix:worker WHERE production = :0 AND shift = :1", $prod, $shiftId) as $r) {
$worker = new template("worker");
$worker->insert("name", $r['name']);
$worker->insert("email", $r['email']);
$prodShift->insert("workers", $worker->getOutput());
}
}
$t->insert("shift_productions", $prodShift->getOutput());
}
$planTpl->insert("shifts", $t->getOutput());
}
$tabContent->insert("desktop", $planTpl->getOutput());
}
$tpl->insert("plansContent", $tabContent->getOutput());
}
// insert page request duration
public static function close_connection()
{
self::$db = null;
}
<?php
/*
* phpDHCPAdmin
* Jason Gerfen [jason.gerfen@gmail.com]
*
* hosts.search.php - DHCPD Search for static host
*/
// load our config data
if (file_exists("scripts/inc.config.php")) {
require 'scripts/inc.config.php';
// ensure we are being called from our configured host
if ($defined['hostname'] === $_SERVER['SERVER_NAME']) {
// Initialize classes
$db = new dbConn();
$err = new GenerateErrors();
$tpl = new Template();
$skin = new PageSkinner();
$val = new ValidateStrings();
$menu = new GenerateNavMenu();
$auth = new Authenticate();
$encrypt = new Encryption();
$level = new AccessLevels();
$misc = new MiscFunctions();
$debug = new DebugData();
// initialize a db connection handle
$dbconn = $db->dbConnect($defined['dbhost'], $defined['username'], $defined['password'], $defined['dbname']);
// ensure our sessions are present
if (empty($_SESSION['token'])) {
$sessions = new dbSession();
}
<?php
/*
* phpDHCPAdmin
* Jason Gerfen [jason.gerfen@gmail.com]
*
* manage.pools.php - Manage custom pools
*/
// load our config data
if (file_exists("scripts/inc.config.php")) {
require 'scripts/inc.config.php';
// ensure we are being called from our configured host
if ($defined['hostname'] === $_SERVER['SERVER_NAME']) {
// Initialize classes
$db = new dbConn();
$err = new GenerateErrors();
$tpl = new Template();
$skin = new PageSkinner();
$val = new ValidateStrings();
$menu = new GenerateNavMenu();
$auth = new Authenticate();
$encrypt = new Encryption();
$level = new AccessLevels();
$misc = new MiscFunctions();
$debug = new DebugData();
// initialize a db connection handle
$dbconn = $db->dbConnect($defined['dbhost'], $defined['username'], $defined['password'], $defined['dbname']);
// ensure our sessions are present
if (empty($_SESSION['token'])) {
$sessions = new dbSession();
}
<?php
require "../config.php";
function validateDate($date)
{
$d = DateTime::createFromFormat('d.m.Y', $date);
return $d && $d->format('d.m.Y') == $date;
}
if (!isset($_POST['name']) || strlen($_POST['name']) < 1) {
die("Bitte geben Sie einen gültigen Namen ein.");
}
if (!isset($_POST['public']) || !validateDate($_POST['public']) || !isset($_POST['editable']) || !validateDate($_POST['editable'])) {
die("Bitte geben Sie ein gültiges Datum ein.");
}
dbConn::execute("UPDATE :prefix:plan SET name = :0, public = :1, editable = :2 WHERE name = :3", htmlspecialchars($_POST['name']), DateTime::createFromFormat("d.m.Y", $_POST['public'])->format("Y-m-d H:i:s"), DateTime::createFromFormat("d.m.Y", $_POST['editable'])->format("Y-m-d H:i:s"), htmlspecialchars($_POST['originalName']));
dbConn::execute("DELETE FROM :prefix:email_subscriber WHERE plan = :0", htmlspecialchars($_POST['originalName']));
foreach ($_POST['subscribers'] as $r) {
dbConn::execute("INSERT INTO :prefix:email_subscriber (email, plan) VALUES (:0, :1);", $r, htmlspecialchars($_POST['name']));
}
echo "SUCCESS";
<?php
require "../config.php";
function validateDate($date)
{
$d = DateTime::createFromFormat('d.m.Y', $date);
return $d && $d->format('d.m.Y') == $date;
}
if (!isset($_POST['name']) || strlen($_POST['name']) < 1) {
die("Bitte geben Sie einen gültigen Namen ein.");
}
if (dbConn::querySingle("SELECT COUNT(*) FROM :prefix:plan WHERE name = :0", $_POST['name']) > 0) {
die("Der eingegebene Name ist schon vergeben.");
}
if (!isset($_POST['public']) || !validateDate($_POST['public']) || !isset($_POST['editable']) || !validateDate($_POST['editable'])) {
die("Bitte geben Sie ein gültiges Datum ein.");
}
dbConn::execute("INSERT INTO :prefix:plan (name, public, editable) VALUES (:0, :1, :2);", htmlspecialchars($_POST['name']), $_POST['public'], $_POST['editable']);
$tpl = new template("admin/nav.plan");
$tpl->insert("active", "");
$tpl->insert("name", htmlspecialchars($_POST['name']));
echo "SUCCESS" . $tpl->getOutput();
<?php
session_start();
require_once '../lib/class.dbConnect.php';
require_once '../lib/class.members.php';
$DB = new dbConn();
$Member = new clsMembers($DB->getConnection());
if ($Member->confirmPasswd(trim($_POST['email']), trim($_POST['currentPasswd'])) === true) {
echo "true";
} else {
echo "false";
}
<?php
require "../config.php";
dbConn::execute("UPDATE :prefix:plan SET deleted = 1, name = CONCAT(name, '_', CURRENT_TIMESTAMP) WHERE name = :0", $_POST['plan']);
echo "SUCCESS";
/**
* Saves changes into database from POST data.
*
* @param string &$error Error variable for error text.
* @return bool True if changes been done without errors.
*/
private function saveChanges(&$error)
{
try {
\dbConn::execute("UPDATE :prefix:patient SET \n firstname = :0,\n lastname = :1,\n birth = :2,\n room = :3\n WHERE patientId = :4\n ", htmlentities($_POST['firstname']), htmlentities($_POST['lastname']), (new \DateTime($_POST['birthday']))->format("Y-m-d"), $_POST['room'], $_GET['par2']);
return true;
} catch (\Exception $ex) {
$error = $ex->getMessage();
return false;
}
}
