if (strlen($valore) > 0) {
$sqlinsertfield .= "{$campo},";
$sqlinsertvalues .= "{$valore},";
}
}
$sqlinsertfield = substr($sqlinsertfield, 0, strlen($sqlinsertfield) - 1);
$sqlinsertvalues = substr($sqlinsertvalues, 0, strlen($sqlinsertvalues) - 1);
$sqlinsert = "insert into {$tabelladb} ({$sqlinsertfield}) values ({$sqlinsertvalues})";
$sql = $sqlinsert;
}
//echo "<p>$sql</p>";
print_debug($sql, null, 'savedata');
$result = $db->sql_query($sql);
$retval = "";
$elenco = $db->sql_fetchrowset();
$nrighe = $db->sql_numrows();
if (!$result) {
echo "ERRORE NEL SALVATAGGIO<p>{$sql}</p>";
return;
}
//se ho inserito un nuovo valore ricavo l'ultimo id
if ($_POST["mode"] == "new") {
$sql = $tb->table_list ? "SELECT max(id) FROM {$tabelladb}" : "select currval ('" . trim($tabelladb) . "_id_seq')";
//echo "<p>$sql</p>";
$db->sql_query($sql);
$row = $db->sql_fetchrow();
$lastid = $row[0];
$_SESSION["ADD_NEW"] = $lastid;
//print_debug("sessione ho $lastid");
}
}
}
if ($opt[0] == "w") {
$width = substr($opt, 1);
}
if ($opt[0] == "h") {
$height = substr($opt, 1);
}
}
// DATABASE
$coddb = new sql_db($db_host, $db_user, $db_pass, $db_db, false);
if (!$coddb->db_connect_id) {
die("Could not connect to the database");
}
$query = "SELECT * \n FROM {$t['players']}, {$t['b3_clients']} \n WHERE {$t['b3_clients']}.id = {$t['players']}.client_id \n AND (({$t['players']}.kills > {$minkills})\n OR ({$t['players']}.rounds > {$minrounds}))\n AND ({$t['players']}.hide = 0)\n AND ({$current_time} - {$t['b3_clients']}.time_edit < {$maxdays}*60*60*24)\n ORDER by skill DESC";
$result = $coddb->sql_query($query);
$numrows = $coddb->sql_numrows($result);
if ($numrows < $player_rank) {
die("Rank out of reach!");
}
$count = 1;
while ($count <= $player_rank) {
$player = $coddb->sql_fetchrow($result);
$count += 1;
}
$c = $count - 1;
$player['rank'] = "#" . $c . " - ";
// TEMPLATE
include "render.php";
// OUTPUT
ob_start();
header("Cache-Control: no-cache, must-revalidate");
if (!$db->sql_query($sql)) {
print_debug($sql);
}
//$db->sql_query($sql);
//echo "<p>$sql</p>";
//$db->sql_fetchrow();
}
$oneri = 1;
if ($oneri) {
$sql = "select * from oneri.e_rata_calcolo where tipo='{$tipo}' order by rata";
print_debug($sql);
if (!$db->sql_query($sql)) {
print_debug($sql);
}
$rate = $db->sql_fetchrowset();
$nrec = $db->sql_numrows();
//print_r($rate);
for ($i = 0; $i < $nrec; $i++) {
$nrata = $rate[$i]["rata"];
$titolo = $rate[$i]["titolo"];
$calcolacc = $rate[$i]["calcola_cc"];
$calcolab1 = $rate[$i]["calcola_b1"];
$calcolab2 = $rate[$i]["calcola_b2"];
$scadenza = $rate[$i]["scadenza"];
if ($data_rata1) {
$sql = "insert into oneri.rate (pratica,rata,titolo,cc,b1,b2,data_scadenza) select {$idpratica},{$nrata},'{$titolo}',{$calcolacc},{$calcolab1},{$calcolab2},'{$data_rata1}'::date + INTERVAL '{$scadenza} months' from oneri.totali where oneri.totali.pratica={$idpratica}";
} else {
if ($campo_cc) {
$sql = "insert into oneri.rate (pratica,rata,titolo,cc,b1,b2,data_scadenza) select {$idpratica},{$nrata},'{$titolo}',{$calcolacc},{$calcolab1},{$calcolab2},{$campo_cc} + INTERVAL '{$scadenza} months' from oneri.totali left join pe.titolo on(oneri.totali.pratica=pe.titolo.pratica) where oneri.totali.pratica={$idpratica}";
}
}
//first we need to retrieve the list of all active companies that might have imported data
$db_support = new sql_db( $supportdb, $dbuser, $dbpasswd, 'nizex_support', false );
if ( $db_support->db_connect_id )
{
$query = "select CompanyID, DBName, DBHost, TableVersion from optUserCompany where Active=1 ";
if ( !( $result = $db_support->sql_query( $query ) ) )
{
$lbl_error = $dblang[ "ErrorInSQL" ]."<br>".$db_support->sql_error();
}
while ( $row = $db_support->sql_fetchrow( $result ))
{
$db = new sql_db( $dbhost, $dbuser, $dbpasswd, $row[ 'DBName' ], true );
$query = "select * from conLeadSources where LeadName='Other'";
if ( !( $result2 = $db->sql_query( $query ) ) )
echo "Problem with: ".$query;
if ( $db->sql_numrows( $result2 ) == 0 )
{
$query = "insert into conLeadSources values ( null, 'Other', 1 )";
if ( !( $result2 = $db->sql_query( $query ) ) )
echo "Problem with: ".$query;
}
} //end while looping through companies
}
?>
<?php
include_once "login.php";
$tabpath = "pe";
$titolo = $_SESSION["TITOLO_{$idpratica}"];
$idpratica = $_POST["pratica"];
$db = new sql_db(DB_HOST, DB_USER, DB_PWD, DB_NAME, false);
if (!$db->db_connect_id) {
die("Impossibile connettersi al database");
}
$sql = "select e_vincoli.nome,e_vincoli.descrizione,vincoli.zona from pe.e_vincoli,pe.vincoli where e_vincoli.nome::text=vincoli.vincolo::text \nand e_vincoli.parametri=1 and vincoli.pratica={$idpratica} order by e_vincoli.ordine";
$db->sql_query($sql);
$vincoli = $db->sql_fetchrowset();
$nzone = $db->sql_numrows();
$numcols = $nzone + 3;
for ($i = 0; $i < $nzone; $i++) {
if ($vincolo != $vincoli[$i]["nome"]) {
$vincolo = $vincoli[$i]["nome"];
if ($n) {
$colspan[] = $n;
}
//numero di colonne per lo span del vincolo
$index[] = $i;
//primo indice dove trovo la descrizione del vincolo
$n = 1;
} else {
$n++;
}
// una colonna di parametri per ogni zona ARRAY[vincolo][zona][parametro]
$zona = $vincoli[$i]["zona"];
$sql = "select parametro,valore from pe.e_parametri_zone where vincolo='{$vincolo}' and zona='{$zona}'";
$pratica = $_REQUEST["pratica"];
if ($_POST["azione"] == "Salva") {
// Se necessario inserisco il nuovo riferimento nella tabella
$idref = $_POST["id"];
if ($_POST["id"] == 0) {
$descrizione = addslashes(trim($_POST["riferimento"]));
$sql = "INSERT INTO pe.riferimenti(descrizione) VALUES('{$descrizione}')";
$db->sql_query($sql);
$sql = "select currval ('pe.riferimenti_id_seq')";
$db->sql_query($sql);
$row = $db->sql_fetchrow();
$idref = $row[0];
}
//Modifico i riferimenti della tabella avvioproc
$db->sql_query("SELECT pratica FROM pe.avvioproc,pe.riferimenti WHERE riferimenti.id=" . $_POST["id_prec"] . " AND avvioproc.riferimento=riferimenti.id");
$nrif = $db->sql_numrows();
if ($nrif <= 1) {
$db->sql_query("DELETE FROM pe.riferimenti WHERE id=" . $_POST["id_prec"]);
}
$db->sql_query("update pe.avvioproc set riferimento={$idref} where pratica={$idpratica}");
}
return;
}
//se ho passato una pratica da elenco ho finito
if (isset($_POST["refpratica"])) {
$flagOK = 1;
return;
}
//Modalità di Ricerca
$self = $_SERVER["PHP_SELF"];
$numeroprat = $_POST["numero"];
function UpdateAddConEmail( $oldemail='', $newemail='', $contactid, $addconid = 0 )
{
global $db;
global $lang;
global $dbname;
global $dbhost, $supportdb, $dbuser, $dbpasswd;
$dbsupport = new sql_db( $supportdb, $dbuser, $dbpasswd, 'nizex_support', false, true );
$newemail = trim( $newemail );
$oldemail = trim( $oldemail );
/*****************
//after talking with GHH I am changing this function in the following way
//first check to see if there is a userid on the addcon we are editing, if not then
//we allow them to add, edit or clear, we don't care what they do
//if they have a userid then we make sure that who they are changing the email adress to
//is not in the support tables under a different userid, if so then we error and exit;
//***************/
$query = "select UserID from conAdditionalContacts where UserID > 0 and
EmailAddress = '".$oldemail."' and AdditionalContactID = ".$addconid;
if ( !$result = $db->sql_query( $query ) )
{
LogError( 9255, $query ."<br>".$db->sql_error(), false );
return false;
}
if ( $db->sql_numrows( $result ) == 0 )
{
//first make sure they are not changing the email address to one that already exists on the same contact
$query = "select EmailAddress from conAdditionalContacts where EmailAddress = '".$newemail."' and
ContactID = ".$contactid;
if ( !$result = $db->sql_query( $query ) )
{
LogError( 9141, $query .$dblang[ "ErrorInSQL" ]."<br>".$db->sql_error() );
return false;
}
if ( $db->sql_numrows( $result ) == 0 )
{
$query = "update conAdditionalContacts set EmailAddress = '".$newemail."' where AdditionalContactID = ".$addconid;
if ( !$result = $db->sql_query( $query ) )
{
LogError( 9142, $query .$dblang[ "ErrorInSQL" ]."<br>".$db->sql_error() );
return false;
}
}
}//end of editing for addcon with no userid
else
{
//TKS 06.12.2012 noticed if trying to save an add con without an email on a user
//they no longer set to login, it would enter here becuase of the userid then error
//due to invalid email. So if the email was blank before and blank now, we just return
if ( $oldemail == '' && $newemail == '' )
return true;
//if the current email is hooked to a userid they cannot clear out the email address
//TKS 01.25.2012 I moved this to the top of this else so that if they have a userid
//and trying to clear out the email, we just return
if ( !validEmail( $newemail ) || empty( $newemail ) || $newemail == '' )
{
LogError( $lang[ "ErrEmailValid" ], false );
return false;
}
$temprow = $db->sql_fetchrow( $result );
$userid = $temprow['UserID'];
//I spoke with Noel and he said to add Training DB and Demo and exit if they are editing a record with
//a userid in either of those DBs because we have a bunch of customers and employees editing and messing with data
// and it screwed up people's login ability. SO these 2 dbs, if oldemail has userid, they cannot edit it, they
//will have to login to their individual DB to edit the record
//05.14.2013 naj - added trial databases to the list of databases you cannot edit from.
if ( ( $dbname == 'nizex_training' || $dbname == 'nizex_demo' || preg_match('/nizex_trial/', $dbname)) && ( $newemail != $oldemail ) )
{
LogError( $lang[ "ErrDBEmail" ], false );
return false;
}
//first see if the email addresses are different
if ( $newemail != $oldemail )
{
//first check to see if the new address is in the optUsers table, under a different userid if so we return false
$query = "select UserID from optUsers where EmailAddress = '$newemail' and UserID != $userid";
if ( !$result = $dbsupport->sql_query( $query ) )
{
LogError( 9136, $query ."<br>".$dbsupport->sql_error(), false );
return false;
}
if ( $dbsupport->sql_numrows( $result ) > 0 )
{
LogError( $lang[ "ErrEmailExists" ], false );
return false;
}
//grab all company DBs linked to this user
$query = "select optUserCompany.DBName, DBHost from optUserCompany, optUserLinks where optUserLinks.UserID = $userid
and optUserLinks.CompanyID = optUserCompany.CompanyID";
if ( !$result = $dbsupport->sql_query( $query ) )
{
LogError( 9138, $query ."<br>".$dbsupport->sql_error(), false );
return false;
}
//04.09.2013 naj - changed everything to use a transaction, so we can roll this back if it fails
$dbarray = array();
while ( $dbrow = $dbsupport->sql_fetchrow( $result ) )
{
$tempdb = new sql_db( $dbrow[ "DBHost" ], $dbuser, $dbpasswd, $dbrow[ "DBName" ], false, true );
if ( $tempdb->db_connect_id )
{
//04.09.2013 naj - add the current database to the db array.
$dbarray[] = $tempdb;
if ( !$tempresult = $tempdb->sql_query( '', 'BEGIN'))
{
LogError (12118, $query."<br>".$tempdb->sql_error());
foreach ($dbarray as $tempdb)
{
$tempdb->sql_query('', 'ROLLBACK');
$tempdb->sql_close();
}
return false;
}
$query = "update conAdditionalContacts set EmailAddress = '".$newemail."' where EmailAddress = '".$oldemail."' and UserID = $userid";
if ( !$tempresult = $tempdb->sql_query( $query ) )
{
LogError( 9139, $query."<br>".$tempdb->sql_error() );
foreach ($dbarray as $tempdb)
{
$tempdb->sql_query('', 'ROLLBACK');
$tempdb->sql_close();
}
return false;
}
}
}
//now update the optUsers record
$query = "update optUsers set EmailAddress = '".$newemail."' where UserID = $userid";
if ( !$result = $dbsupport->sql_query( $query ) )
{
LogError( 9140, $query ."<br>".$dbsupport->sql_error(), false );
foreach ($dbarray as $tempdb)
{
$tempdb->sql_query('', 'ROLLBACK');
$tempdb->sql_close();
}
return false;
}
//04.09.2013 naj - if we made it this far, then the update is complete.
foreach ($dbarray as $tempdb)
{
$tempdb->sql_query('', 'COMMIT');
$tempdb->sql_close();
}
//12.09.2013 naj - this is to ensure that the current database gets updated to in the event that the user was allowed to login in the past but now is not.
$query = "update conAdditionalContacts set EmailAddress = '".$newemail."' where EmailAddress = '".$oldemail."' and UserID = $userid";
if ( !$result = $db->sql_query( $query ) )
{
LogError(13858, $query ."<br>".$db->sql_error(), false );
return false;
}
}
}
return true;
}//end of UpdateAddConEmail
$sql_vincoli = "select (coalesce(cdu.mappali.sezione,'') || ','::text || cdu.mappali.foglio || ','::text || cdu.mappali.mappale) as particella,mappali.vincolo,mappali.zona,mappali.perc_area,e_vincoli.descrizione from pe.e_vincoli, cdu.mappali where\nmappali.vincolo=e_vincoli.nome and pe.e_vincoli.cdu=1 and pratica={$idpratica} order by cdu.mappali.perc_area desc, cdu.mappali.sezione,cdu.mappali.foglio,cdu.mappali.mappale;";
print_debug("Vincoli\n" . $sql_vincoli);
//aggiungo i mappali che non risultano legati a vincoli
$sql_mappali = "select (coalesce(cdu.mappali.sezione,'') || ','::text || cdu.mappali.foglio || ','::text || cdu.mappali.mappale) as particella from cdu.mappali where pratica={$idpratica} and vincolo is null;";
print_debug($sql_mappali, "tabella");
//SCHEMA DB NUOVO
//elenco dei piani
$sql_piani2 = "select nome_vincolo,nome_tavola,descrizione from vincoli.tavola where cdu=1 order by ordine;";
print_debug($sql_piani2, "tabella");
//verifico l'esitenza dei vincoli per la pratica corrente
$sql_vincoli2 = "select distinct(coalesce(cdu.mappali.sezione,'') || ','::text || cdu.mappali.foglio || ','::text || cdu.mappali.mappale) as particella,mappali.vincolo,mappali.zona,mappali.tavola,mappali.perc_area,\ncase when coalesce(zona.sigla,'')<>'' then zona.sigla else zona.descrizione end as descrizione from cdu.mappali left join vincoli.zona on (mappali.zona=zona.nome_zona and mappali.vincolo=zona.nome_vincolo) \nleft join vincoli.tavola on (mappali.tavola=zona.nome_tavola) where tavola.cdu=1 and pratica={$idpratica}";
print_debug("Vincoli\n" . $sql_vincoli2);
//echo "<p>$sql_vincoli2</p>";
$db->sql_query($sql_piani2);
$piani = $db->sql_fetchrowset();
$npiani = $db->sql_numrows();
$db->sql_query($sql_vincoli2);
$vincoli = $db->sql_fetchrowset();
$nvincoli = $db->sql_numrows();
$db->sql_query($sql_mappali);
$mappali = $db->sql_fetchrowset();
$nmappali = $db->sql_numrows();
$array_mappali = array();
$array_zone = array();
//verifico se esiste il vincolo nelle tavole
for ($r = 0; $r < $nvincoli; $r++) {
$idparticella = $vincoli[$r]["particella"];
$piano = $vincoli[$r]["tavola"];
$zona = $array_zone[$idparticella][$piano];
if ($zona) {
$zona .= "<br>" . $vincoli[$r]["zona"] . " (" . $vincoli[$r]["perc_area"] . " %)";
$db_config['dbpass'] = $nv_Request->get_string('dbpass', 'post', $db_config['dbpass']);
$db_config['prefix'] = $nv_Request->get_string('prefix', 'post', 'nv3');
$db_config['db_detete'] = $nv_Request->get_int('db_detete', 'post', '0');
$db_config['num_table'] = 0;
$db_config['create_db'] = 1;
if (!empty($db_config['dbhost']) and !empty($db_config['dbname']) and !empty($db_config['dbuname']) and !empty($db_config['prefix'])) {
$db_config['dbuname'] = preg_replace(array("/[^a-z0-9]/", '/[\\_]+/', "/^[\\_]+/", "/[\\_]+\$/"), array("_", "_", "", ""), strtolower($db_config['dbuname']));
$db_config['dbname'] = preg_replace(array("/[^a-z0-9]/", '/[\\_]+/', "/^[\\_]+/", "/[\\_]+\$/"), array("_", "_", "", ""), strtolower($db_config['dbname']));
$db_config['prefix'] = preg_replace(array("/[^a-z0-9]/", '/[\\_]+/', "/^[\\_]+/", "/[\\_]+\$/"), array("_", "_", "", ""), strtolower($db_config['prefix']));
$db = new sql_db($db_config);
if (!empty($db->error)) {
$db_config['error'] = !empty($db->error['user_message']) ? $db->error['user_message'] : $db->error['message'];
} else {
$tables = array();
$result = $db->sql_query("SHOW TABLE STATUS LIKE '" . $db_config['prefix'] . "\\_%'");
$num_table = intval($db->sql_numrows($result));
if ($num_table > 0) {
if ($db_config['db_detete'] == 1) {
while ($item = $db->sql_fetch_assoc($result)) {
$db->sql_query("DROP TABLE `" . $item['Name'] . "`");
}
$num_table = 0;
} else {
$db_config['error'] = $lang_module['db_err_prefix'];
}
}
$db_config['num_table'] = $num_table;
if ($num_table == 0) {
nv_save_file_config();
$db_config['error'] = "";
$sql_create_table = array();
<?php
//Gestione dell'elenco delle pratiche recenti
//quando apro una nuova pratica aggiorno la tabella
//già che ci sono metto in sessione l'informazione legata a titolo della pagina (numero pratica .. del ...)
$userid = $_SESSION["USER_ID"];
$db = new sql_db(DB_HOST, DB_USER, DB_PWD, DB_NAME, false);
if (!$db->db_connect_id) {
die("Impossibile connettersi al dadabase");
}
$sql = "select pratica from pe.recenti where utente={$userid} and pratica={$idpratica}";
$db->sql_query($sql);
$in_recenti = $db->sql_numrows();
if ($in_recenti == 0) {
// se sono minori di 10 aggiungo altimenti aggiorno
$sql = "select pratica from pe.recenti where utente={$userid}";
$db->sql_query($sql);
$row = $db->sql_fetchrow();
$nrec = $db->sql_numrows();
if ($nrec > 11) {
$sql = "update pe.recenti set pratica={$idpratica},data=" . time() . " where utente={$userid} and pratica=" . $row["pratica"];
} else {
$sql = "insert into pe.recenti (pratica,utente,data) values ({$idpratica},{$userid}," . time() . ")";
}
} else {
//aggiorno la data di accesso
$sql = "update pe.recenti set data=" . time() . " where utente={$userid} and pratica={$idpratica}";
}
$db->sql_query($sql);
//Aggiorno titolo della pagina
// Da vedere se mettere tutto su una query
