public static function search_query($keyword = '', $category = '') { if (isset($_GET)) { $keyword_clean = mysqli_real_escape_string(db_connect(), $keyword); $category_clean = mysqli_real_escape_string(db_connect(), $category); if ($category_clean === 'post') { $search_results = db_select("SELECT * FROM post WHERE title LIKE '%" . $keyword_clean . "%' OR body LIKE '%" . $keyword_clean . "%'"); } elseif ($category_clean === 'category') { $search_results = db_select("SELECT * FROM category WHERE title LIKE '%" . $keyword_clean . "%' OR description LIKE '%" . $keyword_clean . "%'"); } elseif ($category_clean === 'page') { $search_results = db_select("SELECT * FROM page WHERE title LIKE '%" . $keyword_clean . "%' OR body LIKE '%" . $keyword_clean . "%'"); } elseif ($category_clean === 'upload') { $search_results = db_select("SELECT * FROM upload WHERE filename LIKE '%" . $keyword_clean . "%' OR filetype LIKE '%" . $keyword_clean . "%' OR filepath LIKE '%" . $keyword_clean . "%'"); } elseif ($category_clean === 'user') { $search_results = db_select("SELECT * FROM user WHERE username LIKE '%" . $keyword_clean . "%'"); } else { // ALL $search = new Search(); $search_results = $search->searchAllDB($keyword_clean); //print_r($search_results); } } else { $search_results = ''; $flash = new Flash(); $flash->flash('flash_message', 'No keyword entered!', 'danger'); } return $search_results; }
function display_search_result_by_name($search_key) { // query database for the books in a category if (!$search_key || $search_key == '') { return false; } $conn = db_connect(); $query = "select * from food;"; $result = @$conn->query($query); if (!$result) { echo "Error: Can't execute query about food"; return false; } $num = @$result->num_rows; if ($num == 0) { return false; } $is_search_mached = false; while ($row = $result->fetch_assoc()) { if (strpos($row['name'], $search_key) !== false) { echo "<div class=\"col-xs-12 col-sm-6 col-md-4\">\n\t\t\t\t\t <div class=\"thumbnail\">\n\t\t\t\t\t <a href=\"food_details.php?food_id=" . $row['food_id'] . "\"><img src=\"img/" . $row['food_id'] . ".jpg\" alt=\"...\"></a>\n\t\t\t\t\t\t<div class=\"caption\">\n\t\t\t\t\t\t <h3><b>Name: </b>" . $row['name'] . "</h3>\n\t\t\t\t\t\t <p><b>Description: </b>" . $row['description'] . "</p>\n\t\t\t\t\t\t <p>\n\t\t\t\t\t\t <a href=\"food_details.php?food_id=" . $row['food_id'] . "\" class=\"btn btn-primary\" role=\"button\">View Details</a>\t\t\t\t \t\t\t \n\t\t\t\t\t\t </p>\n\t\t\t\t\t </div>\n\t\t\t\t\t </div>\n\t\t\t\t\t</div>"; $is_search_mached = true; } } if (!$is_search_mached) { echo '<div class="form-group" id="success_message"> <div class="col-sm-offset-2 col-sm-8"> <div class="alert alert-danger"> <h3> No results!</h3> </div> </div> </div>'; } }
function getArtist($counter) { global $artistList; $limit_start = $counter; $limit_stop = $counter + 20; $conn = db_connect(); $conn->set_charset("utf8"); // 指定数据库字符编码 $result = $conn->query("select artist.id, artist.name, artist.avatar, company.name as company, artist.comments_number, artist.score from decoration_artist as artist, decoration_company as company WHERE artist.company = company.id LIMIT {$limit_start}, {$limit_stop} "); if (!$result) { throw new Exception('Search user score failed.'); } $num_result = $result->num_rows; $artistList['total'] = $num_result; //数据库查询出来的字段全部是字符串,另外json定义跟数据库定义可能不一致,所以需要做相应地转换 for ($i = 0; $i < $num_result; $i++) { $row_db = $result->fetch_assoc(); $converted_row = array(); //保存转换后的单条记录 $converted_row['id'] = intval(stripslashes($row_db['id'])); $converted_row['name'] = stripslashes($row_db['name']); $converted_row['avatar'] = stripslashes($row_db['avatar']); $converted_row['company'] = stripslashes($row_db['company']); $converted_row['comments'] = intval(stripslashes($row_db['comments_number'])); $converted_row['score'] = intval(stripslashes($row_db['score'])); $artistList["row"][$i] = $converted_row; } $result->free(); $conn->close(); return json_encode($artistList); }
function printGrp() { # Set up table to display in $printGrp = "\r\n <h3>Asset Groups</h3>\r\n <table border=0 cellpadding='" . TMPL_tblCellPadding . "' cellspacing='" . TMPL_tblCellSpacing . "'>\r\n <tr><th>Group</th><th>Cost Account</th><th>Accumulated Depreciation Account</th><th>Depreciation Account</th><th colspan=2>Options</th></tr>"; # connect to database db_connect(); # Query server $i = 0; $sql = "SELECT * FROM assetgrp WHERE div = '" . USER_DIV . "' ORDER BY grpname ASC"; $GrpRslt = db_exec($sql) or errDie("Unable to retrieve Asset Groups from database."); if (pg_numrows($GrpRslt) < 1) { return "\r\n\t\t\t\t<li> There are no Assets Groups in Cubit.</li><br>" . mkQuickLinks(ql("assetgrp-new.php", "Add Asset Group"), ql("assetgrp-view.php", "View Asset Groups")); } while ($Grp = pg_fetch_array($GrpRslt)) { # get ledger account name(cost) core_connect(); $sql = "SELECT accname FROM accounts WHERE accid = '{$Grp['costacc']}' AND div = '" . USER_DIV . "'"; $accRslt = db_exec($sql); $acccost = pg_fetch_array($accRslt); # get ledger account name(accum dep) $sql = "SELECT accname FROM accounts WHERE accid = '{$Grp['accdacc']}' AND div = '" . USER_DIV . "'"; $accRslt = db_exec($sql); $acdacc = pg_fetch_array($accRslt); # get ledger account name(dep) $sql = "SELECT accname FROM accounts WHERE accid = '{$Grp['depacc']}' AND div = '" . USER_DIV . "'"; $accRslt = db_exec($sql); $accdep = pg_fetch_array($accRslt); # alternate bgcolor $printGrp .= "<tr class='" . bg_class() . "'><td>{$Grp['grpname']}</td><td>{$acccost['accname']}</td><td>{$acdacc['accname']}</td><td>{$accdep['accname']}</td><td><a href='assetgrp-edit.php?grpid={$Grp['grpid']}'>Edit</a></td>"; $printGrp .= "<td><a href='assetgrp-rem.php?grpid={$Grp['grpid']}'>Remove</a></td></tr>"; $i++; } $printGrp .= "</table>\r\n <p>\r\n\t<table border=0 cellpadding='" . TMPL_tblCellPadding . "' cellspacing='" . TMPL_tblCellSpacing . "' width=15%>\r\n <tr><td><br></td></tr>\r\n <tr><th>Quick Links</th></tr>\r\n\t\t<tr class='bg-odd'><td><a href='assetgrp-new.php'>Add Asset Group</a></td></tr>\r\n\t\t<script>document.write(getQuicklinkSpecial());</script>\r\n\t</table>"; return $printGrp; }
function write_details($_POST) { extract($_POST); # validate input require_lib("validate"); $v = new validate(); $v->isOk($branch_ip, "url", 1, 50, "Invalid Branch IP."); $v->isOk($branch_company, "url", 4, 4, "Invalid Branch Company Code."); $v->isOk($branch_username, "string", 1, 50, "Invalid Branch Username."); // $v->isOk ($branch_password, "url", 1, 50, "Invalid Branch Password."); // $v->isOk ($branch_passwordconfirm, "url", 1, 50, "Invalid Branch Password."); // $v->isOk ($branch_ip, "url", 1, 50, "Invalid Branch IP."); if ($branch_password != $branch_passwordconfirm) { $v->addError($branch_password, "Passwords do not match."); } # display errors, if any if ($v->isError()) { $confirmCust = ""; $errors = $v->getErrors(); foreach ($errors as $e) { $confirmCust .= "<li class='err'>" . $e["msg"] . "</li>"; } return get_details($_POST, $confirmCust); } db_connect(); $add_sql = "\n\t\tINSERT INTO branches_data (\n\t\t\tbranch_name, branch_desc, branch_contact, branch_ip, \n\t\t\tdate_added, last_online, branch_username, branch_password, \n\t\t\tlast_login_from, branch_localuser, branch_company\n\t\t) VALUES (\n\t\t\t'{$branch_name}', '{$branch_desc}', '{$branch_contact}', '{$branch_ip}', \n\t\t\t'now', '1990-01-01', '{$branch_username}', md5('{$branch_password}'), \n\t\t\t'1990-01-01', '{$branch_localuser}', '{$branch_company}'\n\t\t)"; $run_add = pg_exec($add_sql) or errDie("Unable to add branch information."); $display = "\n\t\t\t\t\t<table " . TMPL_tblDflts . ">\n\t\t\t\t\t\t<tr>\n\t\t\t\t\t\t\t<th>Branch Added</th>\n\t\t\t\t\t\t</tr>\n\t\t\t\t\t\t<tr class='" . bg_class() . "'>\n\t\t\t\t\t\t\t<td>Branch Has Been Added.</td>\n\t\t\t\t\t\t</tr>\n\t\t\t\t\t</table>\n\t\t\t\t"; return $display; }
function create_backup_sql($file) { $line_count = 0; $db_connection = db_connect(); mysql_select_db(db_name()) or exit; $tables = mysql_list_tables(db_name()); $sql_string = NULL; while ($table = mysql_fetch_array($tables)) { $table_name = $table[0]; $sql_string = "DELETE FROM {$table_name}"; $table_query = mysql_query("SELECT * FROM `{$table_name}`"); $num_fields = mysql_num_fields($table_query); while ($fetch_row = mysql_fetch_array($table_query)) { $sql_string .= "INSERT INTO {$table_name} VALUES("; $first = TRUE; for ($field_count = 1; $field_count <= $num_fields; $field_count++) { if (TRUE == $first) { $sql_string .= "'" . mysql_real_escape_string($fetch_row[$field_count - 1]) . "'"; $first = FALSE; } else { $sql_string .= ", '" . mysql_real_escape_string($fetch_row[$field_count - 1]) . "'"; } } $sql_string .= ");"; if ($sql_string != "") { $line_count = write_backup_sql($file, $sql_string, $line_count); } $sql_string = NULL; } } return $line_count; }
function fill_with_random_data() { $gen = new LoremIpsumGenerator('lorem.txt'); $iterations = 10; $rows_per_iteration = 10000; $connection = db_connect(); while ($iterations--) { $query = "INSERT INTO goods (`name`, `description`, `price`, `imgurl`) VALUES "; for ($i = 0; $i < $rows_per_iteration; $i++) { $item = []; $item['name'] = ucfirst(trim($gen->get_sentence())); $item['description'] = trim($gen->get_paragraph()); $item['price'] = rand(1, 10000000) / 100; $item['imgurl'] = get_random_img_name(); $query .= "('{$item['name']}', '{$item['description']}', '{$item['price']}', '{$item['imgurl']}')"; if ($i + 1 != $rows_per_iteration) { $query .= ","; } } $result = mysqli_query($connection, $query); if (!$result) { die('query error: ' . mysqli_error($connection)); } } }
function confirm($catid) { # validate input require_lib("validate"); $v = new validate(); $v->isOk($catid, "num", 1, 50, "Invalid stock category id."); # display errors, if any if ($v->isError()) { $confirm = ""; $errors = $v->getErrors(); foreach ($errors as $e) { $confirm .= "<li class=err>-" . $e["msg"] . "<br>"; } return $confirm; } # Select Stock db_connect(); $sql = "SELECT * FROM stockcat WHERE catid = '{$catid}' AND div = '" . USER_DIV . "'"; $catRslt = db_exec($sql) or errDie("Unable to access databse.", SELF); if (pg_numrows($catRslt) < 1) { return "<li> Invalid Stock ID."; } else { $cat = pg_fetch_array($catRslt); } # get stock vars foreach ($cat as $key => $value) { ${$key} = $value; } // Layout $confirm = "<h3>Stock Category</h3>\n\t\t<table border=0 cellpadding='" . TMPL_tblCellPadding . "' cellspacing='" . TMPL_tblCellSpacing . "'>\n\t\t\t<tr><th width=40%>Field</th><th width=60%>Value</th></tr>\n\t\t\t<tr class='bg-odd'><td>Category Code</td><td>{$catcod}</td></tr>\n\t\t\t<tr class='bg-even'><td>Category Name</td></td><td>{$cat}</td></tr>\n\t\t\t<tr class='bg-odd'><td valign=top>Description</td><td><pre>{$descript}</pre></td></tr>\n\t\t</table>\n\t\t<p>\n\t\t<table border=0 cellpadding='" . TMPL_tblCellPadding . "' cellspacing='" . TMPL_tblCellSpacing . "' width=100>\n\t\t\t<tr><th>Quick Links</th></tr>\n\t\t\t<tr class='bg-odd'><td><a href='stockcat-edit.php?catid={$catid}'>Edit</a></td></tr>\n\t\t\t<tr class='bg-even'><td><a href='stockcat-view.php'>View Stock Category</a></td></tr>\n\t\t\t<script>document.write(getQuicklinkSpecial());</script>\n\t\t</table>"; return $confirm; }
function display_duck_blinds() { $dbinfo = initialize_db_info(); #report_database_settings($dbinfo); try { $db_link = db_connect($dbinfo); db_select($db_link, $dbinfo); } catch (Exception $e) { echo report_exception("Database Connection", $e); echo report_database_settings($dbinfo); } $sql = generate_blind_list_sql(); $result_rows = mysql_query($sql, $db_link); if (!$result_rows) { echo $sql; $message = 'Invalid query: ' . mysql_error() . "\n"; echo $message; throw new Exception('No Results.'); } echo '<table>'; while ($row = mysql_fetch_array($result_rows, MYSQL_ASSOC)) { //echo generate_blind_row($row); } echo '</table>'; }
function get_cate_post($id) { $db = db_connect(); $query = "select * from entries where category=" . $id; $result = $db->query($query); return $result; }
function _valid_db($name, $pass, $admin_auser = 0) { $name = strtolower($name); global $dbhost, $dbuser, $dbpass, $dbdb; db_connect($dbhost, $dbuser, $dbpass, $dbdb); $query = "SELECT * FROM user WHERE user_uname='" . addslashes($name) . "'" . ($admin_auser ? "" : " AND user_pass='******' AND user_authtype='db'"); $r = db_query($query); // $a = db_fetch_assoc($r); // if (db_num_rows($r) && $a['pass'] == $pass) { if (db_num_rows($r)) { $a = db_fetch_assoc($r); $x = array(); // array for returned info $x[fullname] = $a[user_fname]; $x[user] = $name; $x[pass] = $pass; $x[email] = $a[user_email]; $x[type] = $a[user_type]; $x[method] = 'db'; $x[id] = $a[user_id]; return $x; } /*else { $query = "select * from users where email='$name' and pass='******' and status='open'"; $r = db_query($query); if (db_num_rows($r)) { $logmethod = "open"; return $r; } }*/ return 0; }
function show_branches($active_search = FALSE) { db_connect(); $get_branches = "SELECT * FROM branches_data ORDER BY branch_name"; $run_branches = db_exec($get_branches) or errDie("Unable to get branch information."); if (pg_numrows($run_branches) < 1) { $listing = "\n\t\t\t\t\t\t<tr class='" . bg_class() . "'>\n\t\t\t\t\t\t\t<td colspan='7'>No Branches Found.</td>\n\t\t\t\t\t\t</tr>\n\t\t\t\t\t"; } else { $listing = ""; while ($barr = pg_fetch_array($run_branches)) { if ($active_search == FALSE) { $status = "Unknown"; } else { if ($connect_test = @fsockopen("{$barr['branch_ip']}", 80, $errno, $errstr, 4)) { #online ... $status = "Online"; } else { $status = "Offline"; } } $get_username = "******"; $run_username = db_exec($get_username) or errDie("Unable to get user information."); if (pg_numrows($run_username) < 1) { } $listing .= "\n\t\t\t\t\t\t\t<tr class='" . bg_class() . "'>\n\t\t\t\t\t\t\t\t<td>{$barr['branch_name']}</td>\n\t\t\t\t\t\t\t\t<td>" . nl2br($barr['branch_desc']) . "</td>\n\t\t\t\t\t\t\t\t<td>{$barr['branch_username']}</td>\n\t\t\t\t\t\t\t\t<td>{$barr['branch_contact']}</td>\n\t\t\t\t\t\t\t\t<td></td>\n\t\t\t\t\t\t\t\t<td>{$barr['branch_ip']}</td>\n\t\t\t\t\t\t\t\t<td>{$status}</td>\n\t\t\t\t\t\t\t\t<td><a href='branches-rem.php?bid={$barr['id']}'>Remove</a></td>\n\t\t\t\t\t\t\t</tr>\n\t\t\t\t\t\t"; } } $display = "\n\t\t\t\t\t<h3>Current Branches on Cubit</h3>\n\t\t\t\t\t<table " . TMPL_tblDflts . ">\n\t\t\t\t\t<form action='" . SELF . "' method='POST'>\n\t\t\t\t\t\t<input type='hidden' name='key' value='confirm'>\n\t\t\t\t\t\t<tr>\n\t\t\t\t\t\t\t<th>Branch Name</th>\n\t\t\t\t\t\t\t<th>Branch Description</th>\n\t\t\t\t\t\t\t<th>Branch Username</th>\n\t\t\t\t\t\t\t<th>Branch Contact</th>\n\t\t\t\t\t\t\t<th>Local Username</th>\n\t\t\t\t\t\t\t<th>Branch IP</th>\n\t\t\t\t\t\t\t<th>Status</th>\n\t\t\t\t\t\t\t<th>Remove</th>\n\t\t\t\t\t\t</tr>\n\t\t\t\t\t\t{$listing}\n\t\t\t\t\t\t<tr><td><br></td></tr>\n\t\t\t\t\t\t<tr>\n\t\t\t\t\t\t\t<td><input type='submit' value='Update Status'></td>\n\t\t\t\t\t\t</tr>\n\t\t\t\t\t</form>\n\t\t\t\t\t</table>\n\t\t\t\t"; return $display; }
function printDep() { # Set up table to display in $printDep = "\n\t\t<h3>View Employee Departments</h3>\n\t\t<table " . TMPL_tblDflts . ">\n\t\t\t<tr>\n\t\t\t\t<th>Department</th>\n\t\t\t\t<th colspan='2'>Options</th>\n\t\t\t</tr>"; # connect to database db_connect(); # Query server $i = 0; $sql = "SELECT * FROM departments ORDER BY department ASC"; $depRslt = db_exec($sql) or errDie("Unable to retrieve employee departments from database."); if (pg_numrows($depRslt) < 1) { return "<li>There are no employee departments in Cubit.</li>"; } while ($dep = pg_fetch_array($depRslt)) { $printDep .= "\n\t\t\t<tr class='" . bg_class() . "'>\n\t\t\t\t<td align='center'>{$dep['department']}</td>\n\t\t\t\t<td><a href='empdepartment-edit.php?id={$dep['id']}'>Edit</a></td>"; $sql = "SELECT * FROM employees WHERE department='{$dep['id']}'"; $depRslt = db_exec($sql) or ereDie("Unable to retrieve employee departments from database."); if (pg_numrows($depRslt) < 1) { $printDep .= "<td><a href='empdepartment-rem.php?id={$dep['id']}'>Remove</a></td></tr>"; } else { $printDep .= "</tr>"; } $i++; } $printDep .= "\n\t\t</table>\n\t\t<p>\n\t\t<table " . TMPL_tblDflts . " width='15%'>\n\t\t\t<tr><td><br></td></tr>\n\t\t\t<tr>\n\t\t\t\t<th>Quick Links</th>\n\t\t\t</tr>\n\t\t\t<tr class='" . bg_class() . "'>\n\t\t\t\t<td><a href='empdepartment-add.php'>Add Employee Department</a></td>\n\t\t\t</tr>\n\t\t\t<script>document.write(getQuicklinkSpecial());</script>\n\t\t</table>"; return $printDep; }
function transform($x, $y, $oldEPSG, $newEPSG) { if (is_null($x) || !is_numeric($x) || is_null($y) || !is_numeric($y) || is_null($oldEPSG) || !is_numeric($oldEPSG) || is_null($newEPSG) || !is_numeric($newEPSG)) { return null; } if (SYS_DBTYPE == 'pgsql') { $con = db_connect(DBSERVER, OWNER, PW); $sqlMinx = "SELECT X(transform(GeometryFromText('POINT(" . pg_escape_string($x) . " " . pg_escape_string($y) . ")'," . pg_escape_string($oldEPSG) . ")," . pg_escape_string($newEPSG) . ")) as minx"; $resMinx = db_query($sqlMinx); $minx = floatval(db_result($resMinx, 0, "minx")); $sqlMiny = "SELECT Y(transform(GeometryFromText('POINT(" . pg_escape_string($x) . " " . pg_escape_string($y) . ")'," . pg_escape_string($oldEPSG) . ")," . pg_escape_string($newEPSG) . ")) as miny"; $resMiny = db_query($sqlMiny); $miny = floatval(db_result($resMiny, 0, "miny")); } else { $con_string = "host=" . GEOS_DBSERVER . " port=" . GEOS_PORT . " dbname=" . GEOS_DB . "user="******"password="******"Error while connecting database"); /* * @security_patch sqli done */ $sqlMinx = "SELECT X(transform(GeometryFromText('POINT(" . pg_escape_string($x) . " " . pg_escape_string($y) . ")'," . pg_escape_string($oldEPSG) . ")," . pg_escape_string($newEPSG) . ")) as minx"; $resMinx = pg_query($con, $sqlMinx); $minx = floatval(pg_fetch_result($resMinx, 0, "minx")); $sqlMiny = "SELECT Y(transform(GeometryFromText('POINT(" . pg_escape_string($x) . " " . pg_escape_string($y) . ")'," . pg_escape_string($oldEPSG) . ")," . pg_escape_string($newEPSG) . ")) as miny"; $resMiny = pg_query($con, $sqlMiny); $miny = floatval(pg_fetch_result($resMiny, 0, "miny")); } return array("x" => $minx, "y" => $miny); }
function render_tag_page($tag_name, $page) { $start = (intval($page) - 1) * 20; $html = render_header($tag_name, "", true); $html .= "<div class=\"bg_menu_wrapper\">\n" . "<ul class=\"bg_menu\">\n" . "<li><a href=\"/explore/firehose\" title=\"Firehose\">Firehose</a></li>\n" . "<li><a href=\"/explore/popular\" title=\"Popular\">Popular</a></li>\n" . "<li class=\"selected\"><a href=\"/explore/tags\" title=\"Tags\">Tags</a></li>\n" . "<li><a href=\"/explore/directory\" title=\"Directory\">Directory</a></li>\n" . "<li><a href=\"/explore/suggested\" title=\"Suggested Users\">Suggested</a></li>\n" . "<li><a href=\"/explore/search\" title=\"Search\">Search</a></li>\n" . "</ul>\n" . "<div class=\"clear\"></div>\n" . "</div>\n"; $mysqli = db_connect(); $sql = ""; $sql_count = ""; if (isset($_SESSION["user_id"])) { $sql = "SELECT DISTINCT Posts.*,Users.Username,Users.Avatar,Likes.Id AS LikeId FROM Posts" . " INNER JOIN Users ON Posts.UserId=Users.Id" . " INNER JOIN PostTags ON Posts.Id=PostTags.PostId" . " INNER JOIN Tags ON PostTags.TagId=Tags.Id" . " LEFT OUTER JOIN Likes ON Likes.UserId=" . $mysqli->real_escape_string($_SESSION["user_id"]) . " AND Likes.PostId=Posts.Id" . " LEFT OUTER JOIN Friends FriendsA ON Posts.UserId=FriendsA.UserId" . " WHERE" . " ((FriendsA.FriendId=" . $mysqli->real_escape_string($_SESSION["user_id"]) . " AND Posts.Privacy=" . POST_PRIVACY_FRIENDS_ONLY . ")" . " OR" . " (Posts.Privacy=" . POST_PRIVACY_PUBLIC . ")" . " OR" . " (Posts.UserId=" . $mysqli->real_escape_string($_SESSION["user_id"]) . "))" . " AND Posts.Status=" . POST_STATUS_PUBLISHED . " AND Tags.Name='" . $mysqli->real_escape_string($tag_name) . "'" . " ORDER BY Created DESC LIMIT " . $mysqli->real_escape_string($start) . ",20"; $sql_count = "SELECT COUNT(DISTINCT Posts.Id) AS NumPosts FROM Posts" . " INNER JOIN Users ON Posts.UserId=Users.Id" . " INNER JOIN PostTags ON Posts.Id=PostTags.PostId" . " INNER JOIN Tags ON PostTags.TagId=Tags.Id" . " LEFT OUTER JOIN Friends FriendsA ON Posts.UserId=FriendsA.UserId" . " WHERE" . " ((FriendsA.FriendId=" . $mysqli->real_escape_string($_SESSION["user_id"]) . " AND Posts.Privacy=" . POST_PRIVACY_FRIENDS_ONLY . ")" . " OR" . " (Posts.Privacy=" . POST_PRIVACY_PUBLIC . ")" . " OR" . " (Posts.UserId=" . $mysqli->real_escape_string($_SESSION["user_id"]) . "))" . " AND Posts.Status=" . POST_STATUS_PUBLISHED . " AND Tags.Name='" . $mysqli->real_escape_string($tag_name) . "'"; } else { $sql = "SELECT DISTINCT Posts.*,Users.Username,Users.Avatar FROM Posts" . " INNER JOIN Users ON Posts.UserId=Users.Id" . " INNER JOIN PostTags ON Posts.Id=PostTags.PostId" . " INNER JOIN Tags ON PostTags.TagId=Tags.Id" . " WHERE" . " Posts.Privacy=" . POST_PRIVACY_PUBLIC . " AND Posts.Status=" . POST_STATUS_PUBLISHED . " AND Tags.Name='" . $mysqli->real_escape_string($tag_name) . "'" . " ORDER BY Created DESC LIMIT " . $mysqli->real_escape_string($start) . ",20"; $sql_count = "SELECT COUNT(DISTINCT Posts.Id) AS NumPosts FROM Posts" . " INNER JOIN Users ON Posts.UserId=Users.Id" . " INNER JOIN PostTags ON Posts.Id=PostTags.PostId" . " INNER JOIN Tags ON PostTags.TagId=Tags.Id" . " WHERE" . " Posts.Privacy=" . POST_PRIVACY_PUBLIC . " AND Posts.Status=" . POST_STATUS_PUBLISHED . " AND Tags.Name='" . $mysqli->real_escape_string($tag_name) . "'"; } // fetch count for pagination $count_result = $mysqli->query($sql_count); $count_row = $count_result->fetch_assoc(); $count = $count_row["NumPosts"]; $post_result = $mysqli->query($sql); $html .= "<div id=\"header\"><h1>Posts tagged ‘<span>" . $tag_name . "</span>’</h1></div>\n"; $html .= render_posts($mysqli, $post_result); $html .= render_pagination("explore/tag/" . $tag_name, $page, $count, 20); $html .= render_display_controls(); $html .= render_footer(); return $html; }
function printInv() { # Set up table to display in $printQuo = "\n\t\t\t\t\t<h3>View previous POS Quotes</h3>\n\t\t\t\t\t<table " . TMPL_tblDflts . ">\n\t\t\t\t\t<form action='" . SELF . "' method='POST'>\n\t\t\t\t\t\t<tr>\n\t\t\t\t\t\t\t<th>Department</th>\n\t\t\t\t\t\t\t<th>Sales Person</th>\n\t\t\t\t\t\t\t<th>Quote No.</th>\n\t\t\t\t\t\t\t<th>Quote Date</th>\n\t\t\t\t\t\t\t<th>Customer Name</th>\n\t\t\t\t\t\t\t<th>Order No</th>\n\t\t\t\t\t\t\t<th>Grand Total</th>\n\t\t\t\t\t\t\t<th colspan='6'>Options</th>\n\t\t\t\t\t\t\t<th>Email</th>\n\t\t\t\t\t\t</tr>"; # connect to database db_connect(); # Query server $i = 0; $sql = "SELECT * FROM pos_quotes WHERE accepted != 'c' AND done = 'y' AND div = '" . USER_DIV . "' ORDER BY quoid DESC"; $quoRslt = db_exec($sql) or errDie("Unable to retrieve quotes from database."); if (pg_numrows($quoRslt) < 1) { $printQuo = "<li>No previous quotes.</li>"; } else { while ($quo = pg_fetch_array($quoRslt)) { # format date $quo['odate'] = explode("-", $quo['odate']); $quo['odate'] = $quo['odate'][2] . "-" . $quo['odate'][1] . "-" . $quo['odate'][0]; $printQuo .= "\n\t\t\t\t\t\t\t\t<tr class='" . bg_class() . "'>\n\t\t\t\t\t\t\t\t\t<td>{$quo['deptname']}</td>\n\t\t\t\t\t\t\t\t\t<td>{$quo['salespn']}</td>\n\t\t\t\t\t\t\t\t\t<td>{$quo['quoid']}</td>\n\t\t\t\t\t\t\t\t\t<td align='center'>{$quo['odate']}</td>\n\t\t\t\t\t\t\t\t\t<td>{$quo['cusname']} {$quo['surname']}</td>\n\t\t\t\t\t\t\t\t\t<td align=right>{$quo['ordno']}</td>\n\t\t\t\t\t\t\t\t\t<td>" . CUR . " {$quo['total']}</td>\n\t\t\t\t\t\t\t\t\t<td><a href='pos-quote-details.php?quoid={$quo['quoid']}'>Details</a></td>"; if ($quo['accepted'] == 'n') { $printQuo .= "\n\t\t\t\t\t\t\t\t\t<td><a href='pos-quote-new.php?quoid={$quo['quoid']}&cont=true&done='>Edit</a></td>\n\t\t\t\t\t\t\t\t\t<td><a href='pos-quote-cancel.php?quoid={$quo['quoid']}'>Cancel</a></td>\n\t\t\t\t\t\t\t\t\t<td><a href='pos-quote-accept.php?quoid={$quo['quoid']}'>Accept</a></td>\n\t\t\t\t\t\t\t\t\t<td><a href='pos-quote-print.php?quoid={$quo['quoid']}' target='_blank'>Print</a></td>\n\t\t\t\t\t\t\t\t\t<td><a href='pdf/pos-quote-pdf-print.php?quoid={$quo['quoid']}' target='_blank'>Print in PDF</a></td>\n\t\t\t\t\t\t\t\t\t<td><input type='checkbox' name='evs[]' value='{$quo['quoid']}'></td>\n\t\t\t\t\t\t\t\t</tr>"; } else { $printQuo .= "\n\t\t\t\t\t\t\t\t\t<td colspan='3'>Accepted</td>\n\t\t\t\t\t\t\t\t\t<td><a href='pos-quote-print.php?quoid={$quo['quoid']}' target='_blank'>Print</a></td>\n\t\t\t\t\t\t\t\t\t<td><a href='pdf/pos-quote-pdf-print.php?quoid={$quo['quoid']}' target='_blank'>Print in PDF</a></td>\n\t\t\t\t\t\t\t\t\t<td><input type='checkbox' name='evs[]' value='{$quo['quoid']}'></td>\n\t\t\t\t\t\t\t\t</tr>"; } $i++; } $printQuo .= "\n\t\t\t\t\t\t\t<tr>\n\t\t\t\t\t\t\t\t<td colspan='14' align='right'><input type='submit' name='key' value='Send Emails'></td>\n\t\t\t\t\t\t\t</tr>\n\t\t\t\t\t\t"; } // Layout $printQuo .= "\n\t\t\t\t\t\t\t</form>\n\t\t\t\t\t\t\t</table>\n\t\t\t\t\t\t\t<p>\n\t\t\t\t\t\t\t<table " . TMPL_tblDflts . ">\n\t\t\t\t\t\t\t\t<tr><td><br></td></tr>\n\t\t\t\t\t\t\t\t<tr>\n\t\t\t\t\t\t\t\t\t<th>Quick Links</th>\n\t\t\t\t\t\t\t\t</tr>\n\t\t\t\t\t\t\t\t<tr class='datacell'>\n\t\t\t\t\t\t\t\t\t<td align='center'><a href='pos-quote-new.php'>New POS Quote</td>\n\t\t\t\t\t\t\t\t</tr>\n\t\t\t\t\t\t\t\t<tr class='datacell'>\n\t\t\t\t\t\t\t\t\t<td align='center'><a href='main.php'>Main Menu</td>\n\t\t\t\t\t\t\t\t</tr>\n\t\t\t\t\t\t\t</table>"; return $printQuo; }
public function start() { $t1 = microtime(true); $db = db_connect(DBHOST, DBUSER, DBPASS, DBNAME); $sdb = db_connect('localhost:9306', '', '', 'rtindex'); $total_urls = count($this->urls); for ($i = 0; $i < $total_urls; $i++) { unset($res); file_put_contents('status.txt', 'Limetorrents::...' . $this->urls[$i]); $res = gethtml($this->urls[$i]); if (strstr($this->urls[$i], 'Movies')) { $category = 'movies'; } elseif (strstr($this->urls[$i], 'TV')) { $category = 'tv'; } elseif (strstr($this->urls[$i], 'Music')) { $category = 'music'; } elseif (strstr($this->urls[$i], 'Games')) { $category = 'games'; } elseif (strstr($this->urls[$i], 'Applications')) { $category = 'software'; } elseif (strstr($this->urls[$i], 'Anime')) { $category = 'anime'; } else { $category = 'other'; } $type = Rivr::getType($category); $this->index($res, $type, $db, $sdb); } $time = microtime(true) - $t1; $db->query("INSERT INTO crawls SET source_id = '{$this->source_id}', added_torrents = '{$this->added}', updated_torrents = '{$this->updated}', time = '{$time}';"); return array($this->added, $this->updated); }
function show_image($_POST) { extract($_POST); if (!isset($picid)) { return ""; } db_connect(); $get_img = "SELECT type,ident_id FROM display_images WHERE id = '{$picid}' LIMIT 1"; $run_img = db_exec($get_img) or errDie("Unable to get image information."); if (pg_numrows($run_img) < 1) { #image not found ?? $previous = ""; $next = ""; } else { $arr = pg_fetch_array($run_img); $previous = ""; $next = ""; #check for any additional images for this member #get prev button $get_other = "SELECT id FROM display_images WHERE type = '{$arr['type']}' AND ident_id = '{$arr['ident_id']}' AND id < '{$picid}' ORDER BY id desc LIMIT 1"; $run_other = db_exec($get_other) or errDie("Unable to get images information."); if (pg_numrows($run_other) > 0) { $previous = "<input type='button' onCLick=\"document.location='view_image.php?picid=" . pg_fetch_result($run_other, 0, 0) . "'\" value='Previous'>"; } $get_other = "SELECT id FROM display_images WHERE type = '{$arr['type']}' AND ident_id = '{$arr['ident_id']}' AND id > '{$picid}' LIMIT 1"; $run_other = db_exec($get_other) or errDie("Unable to get images information."); if (pg_numrows($run_other) > 0) { $next = "<input type='button' onCLick=\"document.location='view_image.php?picid=" . pg_fetch_result($run_other, 0, 0) . "'\" value='Next'>"; } } $buttons = "<tr height='20%' valign='bottom'><td width='40%' align='right'>{$previous}</td><td>{$next}</td></tr>"; $display = "\n\t\t\t\t\t<table " . TMPL_tblDflts . " height='95%' width='100%'>\n\t\t\t\t\t\t<tr height='80%'>\n\t\t\t\t\t\t\t<td colspan='2'><img src='show_dimg.php?picid={$picid}' width='160' height='185' border='1'></td>\n\t\t\t\t\t\t</tr>\n\t\t\t\t\t\t{$buttons}\n\t\t\t\t\t</table>\n\t\t\t\t"; return $display; }
function select($_POST) { # get vars foreach ($_POST as $key => $value) { ${$key} = $value; } # Set uppercase $ALPHA = strtoupper($alpha); # Connect to database db_connect(); # Query server for customer info $sql = "SELECT * FROM customers WHERE cusname LIKE '{$alpha}%' OR cusname LIKE '{$ALPHA}%' ORDER BY cusname"; $prnCustRslt = db_exec($sql) or errDie("Unable to view customers"); $numrows = pg_numrows($prnCustRslt); if ($numrows < 1) { return "<li class=err>No customer names starting with <b>{$ALPHA}</b> in database."; } $select = "<h4>Select a customer</h4>\r\n\t\t<table border=0 cellpadding='" . TMPL_tblCellPadding . "' cellspacing='" . TMPL_tblCellSpacing . "' width='50%'>\r\n\t\t<tr><th>Customer no.</th><th>Customer name</th></tr>"; // display customers to choose from for ($i = 0; $i < $numrows; $i++) { $myCust = pg_fetch_array($prnCustRslt); $select .= "<tr class='" . bg_class() . "'><td align=center>{$myCust['cusnum']}</td><td align=center><a href='quote-new.php?cusnum={$myCust['cusnum']}'>{$myCust['cusname']}</a></td></tr>"; } $select .= "</table>\r\n\t\t<p>\r\n\t\t<table border=0 cellpadding='" . TMPL_tblCellPadding . "' cellspacing='" . TMPL_tblCellSpacing . "' width=100>\r\n\t\t\t<tr><th>Quick Links</th></tr>\r\n\t\t\t<tr bgcolor='#88BBFF'><td><a href='customers-new.php'>New Customer</a></td></tr>\r\n\t\t\t<script>document.write(getQuicklinkSpecial());</script>\r\n\t\t\t<tr bgcolor='#88BBFF'><td><a href='main.php'>Main Menu</a></td></tr>\r\n\t\t</table>"; return $select; }
function do_search() { global $_POST; extract($_POST); db_connect(); $search_sql = "SELECT * FROM training WHERE course_name LIKE '%{$search_string}%' OR other_details LIKE '%{$search_string}%' LIMIT 25"; $run_search = db_exec($search_sql); if (pg_numrows($run_search) < 1) { $results = ""; } else { $results = ""; $i = 0; while ($tarr = pg_fetch_array($run_search)) { $empval = $tarr['empnum']; $tarr['empnum'] = $empval + 0; #get this employee name $get_emp = "SELECT fnames,sname FROM employees WHERE empnum = '{$tarr['empnum']}' LIMIT 1"; $run_emp = db_exec($get_emp); if (pg_numrows($run_emp) < 1) { $employee_name = "Unknown"; } else { $earr = pg_fetch_array($run_emp); $employee_name = "{$earr['fnames']} {$earr['sname']}"; } $results .= "\n\t\t\t\t\t<tr class='" . bg_class() . "'>\n\t\t\t\t\t\t<td>{$employee_name}</td>\n\t\t\t\t\t\t<td>{$tarr['course_name']}</td>\n\t\t\t\t\t\t<td>{$tarr['date_date']}</td>\n\t\t\t\t\t\t<td>{$tarr['commence_date']}</td>\n\t\t\t\t\t\t<td>{$tarr['completed_date']}</td>\n\t\t\t\t\t\t<td>{$tarr['competent_date']}</td>\n\t\t\t\t\t\t<td>" . nl2br($tarr['other_details']) . "</td>\n\t\t\t\t\t</tr>"; $i++; } } $display = "\n\t\t\t<h2>Search Results</h2>\n\t\t\t<table border=0 cellpadding='" . TMPL_tblCellPadding . "' cellspacing='" . TMPL_tblCellSpacing . "'>\n\t\t\t\t<tr>\n\t\t\t\t\t<th>Employee</th>\n\t\t\t\t\t<th>Course Name</th>\n\t\t\t\t\t<th>Enter Date</th>\n\t\t\t\t\t<th>Start Date</th>\n\t\t\t\t\t<th>End Date</th>\n\t\t\t\t\t<th>Competent Date</th>\n\t\t\t\t\t<th>Other Details</th>\n\t\t\t\t</tr>\n\t\t\t\t{$results}\n\t\t\t</table>\n\t\t"; return $display; }
function submit_reg($id, $table) { db_connect(); $query1 = "UPDATE {$table} SET registr = '1' WHERE id ={$id};"; $result = mysqli_query($query1); return $result; }
function insert_user($added_name, $password, $gradyear, $email, $type, $status = '') { if (!$password) { srand(time()); $password = rand(0, 999999); } if (!$email) { $email = $added_name . "@grinnell.edu"; } $crpassword = User::hashPassword($password); $dbh = db_connect(); $myrow = array("", $added_name, "", $crpassword, $email, "", "", "", "", "", "", $gradyear, "70", "14", "", "", $type, "", "", 0); add_row($dbh, "accounts", $myrow); mysql_query("UPDATE accounts SET created = NOW() WHERE\n\t\t\tusername = '******'"); $added_id = get_item($dbh, "userid", "accounts", "username", $added_name); mysql_query("INSERT INTO plans (user_id) VALUES ({$added_id})"); add_row($dbh, "display", array($added_id, "6", "7")); foreach (array(2, 4, 6, 8, 14, 15, 16) as $opt_link) { $myrow = array($added_id, $opt_link); add_row($dbh, "opt_links", $myrow); } $myrow = array($added_id, $status); add_row($dbh, "perms", $myrow); return array($password, $email); }
function init() { global $HTTP_POST_VARS, $HTTP_GET_VARS, $PARAM; global $debugFP, $dbh, $dbuser, $dbhost, $dbport, $dbpass, $dbname, $debugLogFile; //assume that the variables order is "GP" $PARAM = array_merge($_GET, $_POST); if (defined('DEBUG') && DEBUG == 1) { // If DEBUG is true, try to open log file: if (!($debugFP = @fopen($debugLogFile, "a"))) { // fopen failed, set program status: setLogAndStatus('', '', $debugLogFile, 'init()', 'DEBUG_LOG_OPEN'); return 0; } } if (!($dbh = db_connect("{$dbhost}:{$dbport}", $dbuser, $dbpass))) { // database connection failed, set program status: setLogAndStatus('', db_errno($dbh), db_error($dbh), 'init()', 'DB_CONNECT'); return 0; } if (!db_select_db($dbname, $dbh)) { // database selection failed, set program status: setLogAndStatus('', db_errno($dbh), db_error($dbh), 'init()', 'DB_SELECT'); return 0; } //mysql_query('set names utf8'); session_name('diploma'); session_start(''); return 1; }
function show_form() { db_connect(); #get the db stuff ... $display = "\n\t\t<form action='" . SELF . "' method='POST'>\n\t\t<table " . TMPL_tblDflts . " border='1' width='900'>\n\t\t\t<tr>\n\t\t\t\t<td rowspan='2'>IMAGE</td>\n\t\t\t\t<td>Transaction Year (CCYY)</td>\n\t\t\t\t<td colspan='2'><input type='text' size='5' maxlength='4' name='input_transaction_year' value='{$input_transaction_year}'>\n\t\t\t\tEMPLOYER RECONCILIATION DECLARATION IMAGE</td>\n\t\t\t\t<td align='right'>EMP501 IMAGE</td>\n\t\t\t</tr>\n\t\t\t<tr>\n\t\t\t\t<---IMAGE--->\n\t\t\t\t<td>PAYE Ref No.</td>\n\t\t\t\t<td><input type='text' size='11' maxlength='10' name='input_paye_refno' value='{$input_paye_refno}'></td>\n\t\t\t\t<td>SDL Ref No.</td>\n\t\t\t\t<td><input type='text' size='11' maxlength='10' name='input_sdl_refno' value='{$input_sdl_refno}'></td>\n\t\t\t\t<td>UIF Ref No.</td>\n\t\t\t\t<td><input type='text' size='11' maxlength='10' name='input_uif_refno' value='{$input_uif_refno}'></td>\n\t\t\t</tr>\n\t\t</table>\n\t\t<br>\n\t\t<table " . TMPL_tblDflts . " border='1' width='900'>\n\t\t\t<tr>\n\t\t\t\t<td width='10%'>Trading Name</td>\n\t\t\t\t<td><input type='text' size='46' maxlength='45' name='input_tradingname' value='{$input_tradingname}'></td>\n\t\t\t</tr>\n\t\t</table>\n\t\t<br>\n\t\t<table " . TMPL_tblDflts . " border='1' width='900'>\n\t\t\t<tr>\n\t\t\t\t<td width='150' bgcolor='#8389ff' align='center'><b>Summary of Employer Liability</b></td>\n\t\t\t\t<td width='100' bgcolor='#8389ff' align='center'><b>PAYE</b></td>\n\t\t\t\t<td width='100' bgcolor='#8389ff' align='center'><b>SDL</b></td>\n\t\t\t\t<td width='100' bgcolor='#8389ff' align='center'><b>UIF</b></td>\n\t\t\t\t<td width='130' bgcolor='#8389ff' align='center'><b>Total Monthly Liability</b></td>\n\t\t\t\t<td width='50'> </td>\n\t\t\t\t<td bgcolor='#8389ff' align='center'><b>Total Payments</b></td>\n\t\t\t</tr>\n\t\t\t<tr>\n\t\t\t\t<td width='150'>March</td>\n\t\t\t\t<td><input type='text' size='11' maxlength='10' name='input_paye_march' value='{$input_paye_march}'></td>\n\t\t\t\t<td><input type='text' size='9' maxlength='8' name='input_sdl_march' value='{$input_sdl_march}'></td>\n\t\t\t\t<td><input type='text' size='9' maxlength='8' name='input_uif_march' value='{$input_uif_march}'></td>\n\t\t\t\t<td><input type='text' size='11' maxlength='10' name='input_liability_march' value='{$input_liability_march}'></td>\n\t\t\t\t<td width='50'> </td>\n\t\t\t\t<td><input type='text' size='11' maxlength='10' name='input_payments_march' value='{$input_payments_march}'></td>\n\t\t\t</tr>\n\t\t\t<tr>\n\t\t\t\t<td width='150'>April</td>\n\t\t\t\t<td><input type='text' size='11' maxlength='10' name='input_paye_april' value='{$input_paye_april}'></td>\n\t\t\t\t<td><input type='text' size='9' maxlength='8' name='input_sdl_april' value='{$input_sdl_april}'></td>\n\t\t\t\t<td><input type='text' size='9' maxlength='8' name='input_uif_april' value='{$input_uif_april}'></td>\n\t\t\t\t<td><input type='text' size='11' maxlength='10' name='input_liability_april' value='{$input_liability_april}'></td>\n\t\t\t\t<td width='50'> </td>\n\t\t\t\t<td><input type='text' size='11' maxlength='10' name='input_payments_april' value='{$input_payments_april}'></td>\n\t\t\t</tr>\n\t\t\t<tr>\n\t\t\t\t<td width='150'>May</td>\n\t\t\t\t<td><input type='text' size='11' maxlength='10' name='input_paye_may' value='{$input_paye_may}'></td>\n\t\t\t\t<td><input type='text' size='9' maxlength='8' name='input_sdl_may' value='{$input_sdl_may}'></td>\n\t\t\t\t<td><input type='text' size='9' maxlength='8' name='input_uif_may' value='{$input_uif_may}'></td>\n\t\t\t\t<td><input type='text' size='11' maxlength='10' name='input_liability_may' value='{$input_liability_may}'></td>\n\t\t\t\t<td width='50'> </td>\n\t\t\t\t<td><input type='text' size='11' maxlength='10' name='input_payments_may' value='{$input_payments_may}'></td>\n\t\t\t</tr>\n\t\t\t<tr>\n\t\t\t\t<td width='150'>June</td>\n\t\t\t\t<td><input type='text' size='11' maxlength='10' name='input_paye_june' value='{$input_paye_june}'></td>\n\t\t\t\t<td><input type='text' size='9' maxlength='8' name='input_sdl_june' value='{$input_sdl_june}'></td>\n\t\t\t\t<td><input type='text' size='9' maxlength='8' name='input_uif_june' value='{$input_uif_june}'></td>\n\t\t\t\t<td><input type='text' size='11' maxlength='10' name='input_liability_june' value='{$input_liability_june}'></td>\n\t\t\t\t<td width='50'> </td>\n\t\t\t\t<td><input type='text' size='11' maxlength='10' name='input_payments_june' value='{$input_payments_june}'></td>\n\t\t\t</tr>\n\t\t\t<tr>\n\t\t\t\t<td width='150'>July</td>\n\t\t\t\t<td><input type='text' size='11' maxlength='10' name='input_paye_july' value='{$input_paye_july}'></td>\n\t\t\t\t<td><input type='text' size='9' maxlength='8' name='input_sdl_july' value='{$input_sdl_july}'></td>\n\t\t\t\t<td><input type='text' size='9' maxlength='8' name='input_uif_july' value='{$input_uif_july}'></td>\n\t\t\t\t<td><input type='text' size='11' maxlength='10' name='input_liability_july' value='{$input_liability_july}'></td>\n\t\t\t\t<td width='50'> </td>\n\t\t\t\t<td><input type='text' size='11' maxlength='10' name='input_payments_july' value='{$input_payments_july}'></td>\n\t\t\t</tr>\n\t\t\t<tr>\n\t\t\t\t<td width='150'>August</td>\n\t\t\t\t<td><input type='text' size='11' maxlength='10' name='input_paye_august' value='{$input_paye_august}'></td>\n\t\t\t\t<td><input type='text' size='9' maxlength='8' name='input_sdl_august' value='{$input_sdl_august}'></td>\n\t\t\t\t<td><input type='text' size='9' maxlength='8' name='input_uif_august' value='{$input_uif_august}'></td>\n\t\t\t\t<td><input type='text' size='11' maxlength='10' name='input_liability_august' value='{$input_liability_august}'></td>\n\t\t\t\t<td width='50'> </td>\n\t\t\t\t<td><input type='text' size='11' maxlength='10' name='input_payments_august' value='{$input_payments_august}'></td>\n\t\t\t</tr>\n\t\t\t<tr>\n\t\t\t\t<td width='150'>September</td>\n\t\t\t\t<td><input type='text' size='11' maxlength='10' name='input_paye_september' value='{$input_paye_september}'></td>\n\t\t\t\t<td><input type='text' size='9' maxlength='8' name='input_sdl_september' value='{$input_sdl_september}'></td>\n\t\t\t\t<td><input type='text' size='9' maxlength='8' name='input_uif_september' value='{$input_uif_september}'></td>\n\t\t\t\t<td><input type='text' size='11' maxlength='10' name='input_liability_september' value='{$input_liability_september}'></td>\n\t\t\t\t<td width='50'> </td>\n\t\t\t\t<td><input type='text' size='11' maxlength='10' name='input_payments_september' value='{$input_payments_september}'></td>\n\t\t\t</tr>\n\t\t\t<tr>\n\t\t\t\t<td width='150'>October</td>\n\t\t\t\t<td><input type='text' size='11' maxlength='10' name='input_paye_october' value='{$input_paye_october}'></td>\n\t\t\t\t<td><input type='text' size='9' maxlength='8' name='input_sdl_october' value='{$input_sdl_october}'></td>\n\t\t\t\t<td><input type='text' size='9' maxlength='8' name='input_uif_october' value='{$input_uif_october}'></td>\n\t\t\t\t<td><input type='text' size='11' maxlength='10' name='input_liability_october' value='{$input_liability_october}'></td>\n\t\t\t\t<td width='50'> </td>\n\t\t\t\t<td><input type='text' size='11' maxlength='10' name='input_payments_october' value='{$input_payments_october}'></td>\n\t\t\t</tr>\n\t\t\t<tr>\n\t\t\t\t<td width='150'>November</td>\n\t\t\t\t<td><input type='text' size='11' maxlength='10' name='input_paye_november' value='{$input_paye_november}'></td>\n\t\t\t\t<td><input type='text' size='9' maxlength='8' name='input_sdl_november' value='{$input_sdl_november}'></td>\n\t\t\t\t<td><input type='text' size='9' maxlength='8' name='input_uif_november' value='{$input_uif_november}'></td>\n\t\t\t\t<td><input type='text' size='11' maxlength='10' name='input_liability_november' value='{$input_liability_november}'></td>\n\t\t\t\t<td width='50'> </td>\n\t\t\t\t<td><input type='text' size='11' maxlength='10' name='input_payments_november' value='{$input_payments_november}'></td>\n\t\t\t</tr>\n\t\t\t<tr>\n\t\t\t\t<td width='150'>December</td>\n\t\t\t\t<td><input type='text' size='11' maxlength='10' name='input_paye_december' value='{$input_paye_december}'></td>\n\t\t\t\t<td><input type='text' size='9' maxlength='8' name='input_sdl_december' value='{$input_sdl_december}'></td>\n\t\t\t\t<td><input type='text' size='9' maxlength='8' name='input_uif_december' value='{$input_uif_december}'></td>\n\t\t\t\t<td><input type='text' size='11' maxlength='10' name='input_liability_december' value='{$input_liability_december}'></td>\n\t\t\t\t<td width='50'> </td>\n\t\t\t\t<td><input type='text' size='11' maxlength='10' name='input_payments_december' value='{$input_payments_december}'></td>\n\t\t\t</tr>\n\t\t\t<tr>\n\t\t\t\t<td width='150'>January</td>\n\t\t\t\t<td><input type='text' size='11' maxlength='10' name='input_paye_january' value='{$input_paye_january}'></td>\n\t\t\t\t<td><input type='text' size='9' maxlength='8' name='input_sdl_january' value='{$input_sdl_january}'></td>\n\t\t\t\t<td><input type='text' size='9' maxlength='8' name='input_uif_january' value='{$input_uif_january}'></td>\n\t\t\t\t<td><input type='text' size='11' maxlength='10' name='input_liability_january' value='{$input_liability_january}'></td>\n\t\t\t\t<td width='50'> </td>\n\t\t\t\t<td><input type='text' size='11' maxlength='10' name='input_payments_january' value='{$input_payments_january}'></td>\n\t\t\t</tr>\n\t\t\t<tr>\n\t\t\t\t<td width='150'>February</td>\n\t\t\t\t<td><input type='text' size='11' maxlength='10' name='input_paye_february' value='{$input_paye_february}'></td>\n\t\t\t\t<td><input type='text' size='9' maxlength='8' name='input_sdl_february' value='{$input_sdl_february}'></td>\n\t\t\t\t<td><input type='text' size='9' maxlength='8' name='input_uif_february' value='{$input_uif_february}'></td>\n\t\t\t\t<td><input type='text' size='11' maxlength='10' name='input_liability_february' value='{$input_liability_february}'></td>\n\t\t\t\t<td width='50'> </td>\n\t\t\t\t<td><input type='text' size='11' maxlength='10' name='input_payments_february' value='{$input_payments_february}'></td>\n\t\t\t</tr>\n\t\t</table>\n\t\t<table " . TMPL_tblDflts . " border='1' width='900'>\n\t\t\t<tr>\n\t\t\t\t<td width='150'>Annual Total</td>\n\t\t\t\t<td><input type='text' size='11' maxlength='10' name='input_paye_annual_total' value='{$input_paye_annual_total}'></td>\n\t\t\t\t<td><input type='text' size='11' maxlength='10' name='input_sdl_annual_total' value='{$input_sdl_annual_total}'></td>\n\t\t\t\t<td><input type='text' size='11' maxlength='10' name='input_uif_annual_total' value='{$input_uif_annual_total}'></td>\n\t\t\t\t<td><input type='text' size='11' maxlength='10' name='input_liability_annual_total' value='{$input_liability_annual_total}'></td>\n\t\t\t\t<td><input type='text' size='11' maxlength='10' name='input_payments_annual_total' value='{$input_payments_annual_total}'></td>\n\t\t\t</tr>\n\t\t\t<tr>\n\t\t\t\t<td width='150'>Difference - Liability & Certificate Totals</td>\n\t\t\t\t<td><input type='text' size='11' maxlength='10' name='input_difference' value='{$input_difference}'></td>\n\t\t\t\t<td>INPUT 2</td>\n\t\t\t\t<td>INPUT 3</td>\n\t\t\t\t<td>INPUT 4</td>\n\t\t\t\t<---NOTHING HERE--->\n\t\t\t</tr>\n\t\t\t<tr>\n\t\t\t\t<td width='150'>Total Value of Tax Certificates</td>\n\t\t\t\t<td><input type='text' size='11' maxlength='10' name='input_total_value_tax' value='{$input_total_value_tax}'></td>\n\t\t\t\t<td>INPUT 2</td>\n\t\t\t\t<td>INPUT 3</td>\n\t\t\t\t<td bgcolor='#8389ff' align='center'>DECLARED LIABILITY</td>\n\t\t\t\t<td bgcolor='#8389ff' align='center'>DUE BY/TO YOU</td>\n\t\t\t</tr>\n\t\t\t<tr>\n\t\t\t\t<td width='150'>Total Value of Electronic Tax Certificates</td>\n\t\t\t\t<td><input type='text' size='11' maxlength='10' name='input_total_value_electronic' value='{$input_total_value_electronic}'></td>\n\t\t\t\t<td colspan='2'>SOME MISC TEXT</td>\n\t\t\t\t<td>INPUT</td>\n\t\t\t\t<td>INPUT</td>\n\t\t\t</tr>\n\t\t\t<tr>\n\t\t\t\t<td width='150'>Total Value of Manual Tax Certificates</td>\n\t\t\t\t<td><input type='text' size='11' maxlength='10' name='input_total_value_manual' value='{$input_total_value_manual}'></td>\n\t\t\t\t<td rowspan='2' colspan='2'>TEXTBOX</td>\n\t\t\t\t<td rowspan='2'>DECLARATION</td>\n\t\t\t\t<td rowspan='2'>DECLARATION TEXT</td>\n\t\t\t</tr>\n\t\t\t<tr>\n\t\t\t\t<td width='150'>Date (CCYYMMDD)</td>\n\t\t\t\t<td><input type='text' size='9' maxlength='8' name='' value=''></td>\n\t\t\t</tr>\n\t\t</table>\n\t\t</form>"; return $display; }
function inactive($no) { require_once "../includes/sql.php"; $conexion = db_connect(); $sql = "UPDATE `user` SET `is_active` = '0' WHERE `user_id` = " . $no; $result = $conexion->query($sql) or die("oopsy, error when tryin to delete "); }
public function __construct($postid, $title, $poster, $posted, $children, $expand, $depth, $expanded, $sublist) { // the constructor sets up the member variables, but more // importantly recursively creates lower parts of the tree $this->m_postid = $postid; $this->m_title = $title; $this->m_poster = $poster; $this->m_posted = $posted; $this->m_children = $children; $this->m_childlist = array(); $this->m_depth = $depth; // we only care what is below this node if it // has children and is marked to be expanded // sublists are always expanded if (($sublist || $expand) && $children) { $conn = db_connect(); $query = "select * from header where parent = {$postid} order by posted"; $result = $conn->query($query); for ($count = 0; $row = @$result->fetch_assoc(); $count++) { if ($sublist || $expanded[$row['postid']] == true) { $expand = true; } else { $expand = false; } $this->m_childlist[$count] = new treenode($row['postid'], $row['title'], $row['poster'], $row['posted'], $row['children'], $expand, $depth + 1, $expanded, $sublist); } } }
function allocate_centers($_POST) { extract($_POST); if (!isset($adds) or !is_array($adds)) { return get_allocation($_POST, "<li class='err'>Please select at least one Cost Center to add.</li>"); } if (!isset($project) or strlen($project) < 1) { return "<li class='err'>Invalid Use Of Module. (Invalid Project)</li>"; } if (!isset($subsub) or strlen($subsub) < 1) { return "<li class='err'>Invalid Use Of Module. (Invalid Sub Sub Project)</li>"; } db_connect(); $get_pro2 = "SELECT sub_project_id FROM sub_sub_projects WHERE id = '{$subsub}' LIMIT 1"; $run_pro2 = db_exec($get_pro2) or errDie("Unable to get sub project information."); if (pg_numrows($run_pro2) < 1) { $project2 = ""; } else { $parr = pg_fetch_array($run_pro2); $project2 = $parr['sub_project_id']; } foreach ($adds as $each) { $ins_sql = "DELETE FROM costcenters_links WHERE ccid = '{$each}' AND project1 = '{$project}' AND project3 = '{$subsub}'"; $run_ins = db_exec($ins_sql) or errDie("Unable to add cost center information."); } header("Location: costcenter-allocation-rem.php?project={$project}&subsub={$subsub}"); }
function recommend_urls($valid_user, $popularity = 1) { // We will provide semi intelligent recomendations to people // If they have an URL in common with other users, they may like // other URLs that these people like $conn = db_connect(); // find other matching users // with an url the same as you // as a simple way of excluding people's private pages, and // increasing the chance of recommending appealing URLs, we // specify a minimum popularity level // if $popularity = 1, then more than one person must have // an URL before we will recomend it $query = "select bm_URL\n\t from bookmark\n\t where username in\n\t \t (select distinct(b2.username)\n from bookmark b1, bookmark b2\n\t\t where b1.username='******'\n and b1.username != b2.username\n and b1.bm_URL = b2.bm_URL)\n\t and bm_URL not in\n \t\t (select bm_URL\n\t\t\t\t from bookmark\n\t\t\t\t where username='******')\n group by bm_url\n having count(bm_url)>" . $popularity; if (!($result = $conn->query($query))) { throw new Exception('Could not find any bookmarks to recommend.'); } if (count($result->fetchAll()) == 0) { throw new Exception('Could not find any bookmarks to recommend.'); } $urls = array(); // build an array of the relevant urls for ($count = 0; $row = $result->fetch_object(); $count++) { $urls[$count] = $row->bm_URL; } return $urls; }
function render_firehose_page($numposts = 20, $page = 1) { $start = (intval($page) - 1) * $numposts; $html = render_header("The Firehose"); $html .= "<div class=\"bg_menu_wrapper\">\n" . "<ul class=\"bg_menu\">\n" . "<li class=\"selected\"><a href=\"/explore/firehose\" title=\"Firehose\">Firehose</a></li>\n" . "<li><a href=\"/explore/popular\" title=\"Popular\">Popular</a></li>\n" . "<li><a href=\"/explore/tags\" title=\"Tags\">Tags</a></li>\n" . "<li><a href=\"/explore/directory\" title=\"Directory\">Directory</a></li>\n" . "<li><a href=\"/explore/suggested\" title=\"Suggested Users\">Suggested</a></li>\n" . "<li><a href=\"/explore/search\" title=\"Search\">Search</a></li>\n" . "</ul>\n" . "<div class=\"clear\"></div>\n" . "</div>\n"; $mysqli = db_connect(); $sql = ""; $count_sql = ""; if (isset($_SESSION["user_id"])) { $sql = "SELECT DISTINCT Posts.*,Users.Username,Users.Avatar,Likes.Id AS LikeId FROM Posts" . " INNER JOIN Users ON Posts.UserId=Users.Id" . " LEFT OUTER JOIN Likes ON Likes.UserId=" . $mysqli->real_escape_string($_SESSION["user_id"]) . " AND Likes.PostId=Posts.Id" . " LEFT OUTER JOIN Friends FriendsOfAuthor ON Posts.UserId=FriendsOfAuthor.UserId AND FriendsOfAuthor.FriendId=" . $mysqli->real_escape_string($_SESSION["user_id"]) . " WHERE" . " ((FriendsOfAuthor.FriendId=" . $mysqli->real_escape_string($_SESSION["user_id"]) . " AND Posts.Privacy=" . POST_PRIVACY_FRIENDS_ONLY . ")" . " OR" . " (Posts.Privacy=" . POST_PRIVACY_PUBLIC . ")" . " OR" . " (Posts.UserId=" . $mysqli->real_escape_string($_SESSION["user_id"]) . "))" . " AND Posts.Status=" . POST_STATUS_PUBLISHED . " ORDER BY Created DESC LIMIT " . $mysqli->real_escape_string($start) . "," . $mysqli->real_escape_string($numposts); $sql_count = "SELECT COUNT(DISTINCT Posts.Id) AS NumPosts FROM Posts" . " INNER JOIN Users ON Posts.UserId=Users.Id" . " LEFT OUTER JOIN Friends FriendsOfAuthor ON Posts.UserId=FriendsOfAuthor.UserId AND FriendsOfAuthor.FriendId=" . $mysqli->real_escape_string($_SESSION["user_id"]) . " WHERE" . " ((FriendsOfAuthor.FriendId=" . $mysqli->real_escape_string($_SESSION["user_id"]) . " AND Posts.Privacy=" . POST_PRIVACY_FRIENDS_ONLY . ")" . " OR" . " (Posts.Privacy=" . POST_PRIVACY_PUBLIC . ")" . " OR" . " (Posts.UserId=" . $mysqli->real_escape_string($_SESSION["user_id"]) . "))" . " AND Posts.Status=" . POST_STATUS_PUBLISHED; } else { $sql = "SELECT DISTINCT Posts.*,Users.Username,Users.Avatar, null AS LikeId FROM Posts" . " INNER JOIN Users ON Posts.UserId=Users.Id" . " WHERE" . " Posts.Privacy=" . POST_PRIVACY_PUBLIC . " AND Posts.Status=" . POST_STATUS_PUBLISHED . " ORDER BY Created DESC LIMIT " . $mysqli->real_escape_string($start) . "," . $mysqli->real_escape_string($numposts); $sql_count = "SELECT COUNT(DISTINCT Posts.Id) AS NumPosts FROM Posts" . " INNER JOIN Users ON Posts.UserId=Users.Id" . " WHERE" . " Posts.Privacy=" . POST_PRIVACY_PUBLIC . " AND Posts.Status=" . POST_STATUS_PUBLISHED; } // fetch count for pagination $count_result = $mysqli->query($sql_count); $count_row = $count_result->fetch_assoc(); $count = $count_row["NumPosts"]; $post_result = $mysqli->query($sql); $html .= "<div id=\"header\">\n" . "<h1>The Firehose</h1>\n" . "<p>Everything posted by everybody, across the entire site (well... everything they are choosing to let you see...)</p>\n" . "</div>"; $html .= render_posts($mysqli, $post_result); /* $html .= "<div class=\"tiles\">\n"; while ($post_row =@ $post_result->fetch_assoc()){ $html .= render_tile($mysqli,$post_row,false); } $html .= "</div> <!-- .tiles -->\n"; */ // Pagination $html .= render_pagination("explore/firehose/" . $numposts, $page, $count, $numposts); $html .= render_display_controls(); $html .= render_footer(); return $html; }
function printcheq() { // Set up table to display in $OUTPUT = "<h3>View Cheque Records</h3>\r\n <table border=0 cellpadding='" . TMPL_tblCellPadding . "' cellspacing='" . TMPL_tblCellSpacing . "'>\r\n <form action='../bank/bank-bankall.php' method=post>\r\n <tr><th>Bank Name</th><th>Account Name</th><th>Date</th><th>Paid to/Received from</th><th>Description</th><th>Transaction Type</th><th>Amount</th><th>Account paid<br>/received from</th></tr>"; // Connect to database db_Connect(); $sql = "SELECT * FROM cashbook WHERE cheqnum > 0 and banked='no' AND div = '" . USER_DIV . "' ORDER BY date DESC"; $accntRslt = db_exec($sql) or errDie("ERROR: Unable to retrieve bank cheqque transaction details from database.", SELF); $numrows = pg_numrows($accntRslt); if ($numrows < 1) { $OUTPUT = "<li class=err> There are no outstanding bank cheque Records yet in Cubit."; require "../template.php"; } # display all bank cheques for ($i = 0; $i < $numrows; $i++) { $accnt = pg_fetch_array($accntRslt, $i); # get account name for account involved $accRslt = get("core", "accname", "accounts", "accid", $accnt['accinv']); $acc = pg_fetch_array($accRslt); # get account name for bank account db_connect(); $sql = "SELECT accname,bankname FROM bankacct WHERE bankid= '{$accnt['bankid']}' AND div = '" . USER_DIV . "'"; $bankRslt = db_exec($sql); $bank = pg_fetch_array($bankRslt); $OUTPUT .= "<tr class='" . bg_class() . "'><td>{$bank['bankname']}</td><td align=center>{$bank['accname']}</td><td align=center>{$accnt['date']}</td><td align=center>{$accnt['name']}</td><td>{$accnt['descript']}</td><td align=center>{$accnt['trantype']}</td><td align=center>" . CUR . " {$accnt['amount']}<td align=center>{$acc['accname']}</td></td>"; if ($accnt['banked'] == "no") { $OUTPUT .= "<td><input type=checkbox name='bank[]' value='{$accnt['cashid']}'> <a href='../bank/bank-bank.php?cashid={$accnt['cashid']}'>Bank</td><td><a href='../bank/cheq-cancel.php?cashid={$accnt['cashid']}'>Cancel</td></tr>"; } else { $OUTPUT .= "</tr>"; } } $OUTPUT .= "<tr><td colspan=8><br></td><td colspan=2><input type=submit value='Bank all selected'></td></tr></form></table>"; // all template to display the info and die require "../template.php"; }