function onSubmit($vals) { //echo '<pre>'; //print_r ($vals); //exit; $duration = (strtotime($vals['ended']) - strtotime($vals['started'])) / 60 / 60; $res = db_execute('insert into timetracker_entry (id, project_id, task_description, started, duration) values (null, ?, ?, ?, ?)', $vals['project'], $vals['description'], $vals['started'], $duration); if (!$res) { return '<p>Unknown error: ' . db_error() . '</p>'; } $eid = db_lastid(); if (!is_array($vals['users'])) { $vals['users'] = preg_split('/, ?/', $vals['users']); } foreach ($vals['users'] as $user) { db_execute('insert into timetracker_user_entry (id, user_id, entry_id) values (null, ?, ?)', $user, $eid); } header('Location: ' . site_prefix() . '/index/timetracker-app/added.entry'); exit; }
function onSubmit($vals) { // process the form db_execute('INSERT INTO digger_comments (story, user, comment_date, comments) VALUES (?, ?, NOW(), ?)', $vals['id'], session_username(), $vals['comments']); $cid = db_lastid(); // return back to main page header('Location: /index/digger-comments-action/id.' . $vals['id'] . '#digger-comment-' . $cid); exit; }
function onSubmit($vals) { $ak = appconf('akismet_key'); if ($ak) { loader_import('siteblog.Akismet'); $comment = array('author' => $vals['name'], 'email' => $vals['email'], 'website' => $vals['url'], 'body' => $vals['body'], 'permalink' => site_url() . '/index/siteblog-post-action/id.' . $vals['post'] . '/title.' . siteblog_filter_link_title($title), 'user_ip' => $_SERVER['REMOTE_ADDR'], 'user_agent' => $_SERVER['HTTP_USER_AGENT']); $akismet = new Akismet(site_url(), $ak, $comment); if (!$akismet->errorsExist()) { // no errors if ($akismet->isSpam()) { // akismet says spam $title = db_shift('select subject from siteblog_post where id = ?', $vals['post']); db_execute('insert into siteblog_akismet values (null, ?, now(), ?, ?, ?, ?, ?, ?)', $vals['post'], $comment['author'], $comment['email'], $comment['website'], $comment['user_ip'], $comment['user_agent'], $comment['body']); header('Location: ' . site_prefix() . '/index/siteblog-post-action/id.' . $vals['post'] . '/title.' . siteblog_filter_link_title($title)); exit; } } } if (!empty($vals['post'])) { $res = db_execute('insert into siteblog_comment (id, child_of_post, body, date, author, email, url, ip) values (null, ?, ?, now(), ?, ?, ?, ?)', $vals['post'], $vals['body'], $vals['name'], $vals['email'], $vals['url'], $_SERVER['REMOTE_ADDR']); if (!$res) { die(db_error()); } $id = db_lastid(); } else { $res = db_execute('update siteblog_comment set body = ?, author = ?, email = ?, url = ? where id = ?', $vals['body'], $vals['name'], $vals['email'], $vals['url'], $vals['_key']); if (!$res) { die(db_error()); } $id = $vals['_key']; $vals['post'] = db_shift('select child_of_post from siteblog_comment where id = ?', $vals['_key']); } $title = db_shift('select subject from siteblog_post where id = ?', $vals['post']); header('Location: ' . site_prefix() . '/index/siteblog-post-action/id.' . $vals['post'] . '/title.' . siteblog_filter_link_title($title) . '#siteblog-comment-' . $id); exit; }
$pdf->Cell(160, 4, $tax, 1, 0, 'R', 1, 0); $pdf->SetFont('Arial', '', 8); $pdf->Cell(20, 4, number_format((double) $taxes, 2), 1, 1, 'R'); $total += $taxes; } $pdf->SetFont('Arial', 'B', 8); $pdf->Cell(160, 4, 'AMOUNT DUE', 1, 0, 'R', 1, 0); $pdf->SetFont('Arial', '', 8); $pdf->Cell(20, 4, number_format((double) $total, 2), 1, 1, 'R'); $pdf->Ln(); // gst number //$pdf->Cell (0, 5, , 0, 1, 'R'); $pdf->MultiCell(0, 5, appconf('extra_info'), 0, 1, 'R'); $taxes = $total - $subtotal; db_execute('insert into siteinvoice_invoice (id, client_id, name, sent_on, status, notice, subtotal, taxes, total, currency) values (null, ?, ?, now(), "unpaid", 0, ?, ?, ?, ?)', $cgi->client, $cgi->name, $subtotal, $taxes, $total, $cgi->currency); $invoice_id = db_lastid(); $pdf->Output('inc/app/siteinvoice/data/' . $invoice_id . '.pdf'); umask(00); chmod('inc/app/siteinvoice/data/' . $invoice_id . '.pdf', 0777); if ($cgi->send_invoice == 'yes') { // get client info $client = db_single('select * from siteinvoice_client where id = ?', $cgi->client); $client->invoice_no = $invoice_id; $client->total = $total; $client->currency = $cgi->currency; // send email to client loader_import('ext.phpmailer'); $mailer = new PHPMailer(); $mailer->isMail(); $mailer->From = appconf('company_email'); $mailer->FromName = appconf('company_email_name');
} if (!$cgi->verify('key', 'regex', '/^[a-zA-Z0-9_-]+$/')) { echo rpc_response(false); exit; } if (session_is_resource($cgi->table) && !session_allowed($cgi->table, 'rw', 'resource')) { echo rpc_response(false); exit; } $items = preg_split('/, ?/', $cgi->items); if (!$cgi->title) { foreach ($items as $item) { db_execute('insert into ' . $cgi->table . ' (' . $cgi->key . ') values (?)', $item); } echo rpc_response(true); } else { if (!$cgi->verify('title', 'regex', '/^[a-zA-Z0-9_-]+$/')) { echo rpc_response(false); exit; } $ids = array(); foreach ($items as $item) { db_execute('insert into ' . $cgi->table . ' (' . $cgi->key . ', ' . $cgi->title . ') values (null, ?)', $item); $i = new StdClass(); $i->value = db_lastid(); $i->text = $item; $ids[] = $i; } echo rpc_response($ids); } exit;
<?php if (!$parameters['body']) { exit; } $res = db_execute('insert into sitetemplate_to_be_validated (id, body) values (null, ?)', $parameters['body']); $id = db_lastid(); //header ('Location: http://www.hermish.com/check_this.cfm?URLtest=' . urlencode (site_domain () . site_prefix () . //'/index/sitetemplate-viewer-action?id=' . $res) . '&p1=1&viewSource=1'); //exit; echo template_simple('wai.spt', array('id' => $id)); exit;
function do_register() { $network = get_network(); switch ($_GET['status']) { case 'check': $user_or_code = get_user(); if (!$user_or_code) { $user_or_code = get_code(); } if (!$user_or_code) { echo 'available'; } else { echo 'taken'; } return; case 'new_code': $sql = 'INSERT INTO ' . db_table('codes') . ' (network_id, username, password, valid_from, created, ' . access_control_fields() . ') ' . 'VALUES (' . $network['id'] . ',\'' . $_GET['user'] . '\',\'' . $_GET['pass'] . '\', now(), now(), ' . access_control_values($network, 'defcode') . ')'; $resource = 'codes'; break; case 'new_user': $sql = 'INSERT INTO ' . db_table('users') . ' (network_id, username, password, valid_from, created, ' . access_control_fields() . ') ' . 'VALUES (' . $network['id'] . ',\'' . $_GET['user'] . '\',\'' . $_GET['pass'] . '\', now(), now(), ' . access_control_values($network, 'defuser') . ')'; $resource = 'users'; break; } db_query($sql, false); $id = db_lastid(); if ($id) { $input = $_POST; if (!$input) { $input = file_get_contents("php://input"); } $lines = preg_split("/\n+/", $input); $attrs = array(); foreach ($lines as $line) { $p = preg_split('/[=: ]+/', $line, 2); if ($p[0] && $p[1]) { $attrs[$p[0]] = $p[1]; } } save_attributes($id, $resource, $attrs); } }
function onSubmit($vals) { loader_import('cms.Versioning.Rex'); $rex = new Rex('sitewiki_page'); unset($vals['editing']); unset($vals['instructions']); unset($vals['security_test']); unset($vals['submit_button']); $vals['id'] = $vals['page']; unset($vals['page']); if ($this->new_page) { $vals['created_on'] = date('Y-m-d H:i:s'); $vals['updated_on'] = date('Y-m-d H:i:s'); $vals['owner'] = session_username(); if (!$vals['owner']) { $vals['owner'] = 'anonymous'; } $vals2 = $vals; unset($vals2['files']); unset($vals2['file_1']); unset($vals2['file_2']); unset($vals2['file_3']); $res = $rex->create($vals2, 'Page created.'); } else { $vals['updated_on'] = date('Y-m-d H:i:s'); $vals2 = $vals; unset($vals2['files']); unset($vals2['file_1']); unset($vals2['file_2']); unset($vals2['file_3']); $method = $rex->determineAction($vals['id']); $res = $rex->{$method}($vals['id'], $vals2); } if (session_valid()) { // handle files $types = preg_split('/, ?/', appconf('allowed_file_types')); if (is_object($vals['file_1'])) { $info = pathinfo($vals['file_1']->name); if (in_array(strtolower($info['extension']), $types)) { db_execute('insert into sitewiki_file values (null, ?, ?, now(), ?)', $vals['id'], $vals['file_1']->name, session_username()); $file_id = db_lastid(); $vals['file_1']->move('inc/app/sitewiki/data', $vals['id'] . '_' . $file_id); } } if (is_object($vals['file_2'])) { $info = pathinfo($vals['file_2']->name); if (in_array(strtolower($info['extension']), $types)) { db_execute('insert into sitewiki_file values (null, ?, ?, now(), ?)', $vals['id'], $vals['file_2']->name, session_username()); $file_id = db_lastid(); $vals['file_2']->move('inc/app/sitewiki/data', $vals['id'] . '_' . $file_id); } } if (is_object($vals['file_3'])) { $info = pathinfo($vals['file_3']->name); if (in_array(strtolower($info['extension']), $types)) { db_execute('insert into sitewiki_file values (null, ?, ?, now(), ?)', $vals['id'], $vals['file_3']->name, session_username()); $file_id = db_lastid(); $vals['file_3']->move('inc/app/sitewiki/data', $vals['id'] . '_' . $file_id); } } } lock_remove('sitewiki_page', $vals['id']); header('Location: ' . site_prefix() . '/index/sitewiki-app/show.' . $vals['id']); exit; }
/** * Saves a message and adds the current subscribers to the queue to * receive it. */ function send_message($subject, $body) { // 1. save message db_execute('insert into messages (subject, date, body) values (%s, datetime("now"), %s)', $subject, $body); $message_id = db_lastid(); // 2. get subscribers and add them to the queue $subscribers = $this->list_subscribers(); foreach ($subscribers as $subscriber) { //$_body = str_replace ('{email_address}', $subscriber->email, $body); $this->add_to_queue($subscriber->email, $message_id, $subject, $body); } }
/** * Inserts a record into the database with the specified values. If $isAuto * is set, returns the primary key of the new record. * * @access public * @param array hash or object * @return boolean */ function add($struct) { $args = func_get_args(); if (count($args) > 1) { $struct = $args; } elseif (is_object($struct)) { $struct = (array) $struct; } $sql = 'INSERT INTO ' . $this->table; if (is_string(array_shift(array_keys($struct)))) { $sql .= ' ('; $sql .= join(', ', array_keys($struct)); $sql .= ')'; } $sql .= ' VALUES ('; $bind = array(); $sep = ''; foreach ($struct as $value) { $sql .= $sep . '?'; $bind[] = $value; $sep = ', '; } $sql .= ')'; $res = db_execute($sql, $bind); if (!$res) { $this->error = db_error(); return false; } if ($this->isAuto) { return db_lastid(); } return true; }