function WT_GetProblem() { global $lid; if (!WT_IPC_CheckLogin()) { return; } if ($lid == '') { return; } $q = db_select('tester_problems', array('*'), '(`uploaded`=FALSE) AND (`lid`=' . $lid . ')', 'ORDER BY `id` LIMIT 1'); if (db_affected() <= 0) { return; } $r = db_row($q); $s = unserialize($r['settings']); $arr = array(); $arr['ID'] = $r['id']; if (isset($s['filename'])) { $arr['FILENAME'] = $s['filename']; } if (preg_match('/[0-9]+/', $s['checker'])) { $arr['CHECKER'] = $s['checker']; } print db_pack($arr); }
function InitInstance($id = -1, $virtual = false) { $this->id = $id; $this->_virtual = $virtual; $q = db_select('service', array('*'), "`id` = {$id}"); if (db_affected() <= 0) { $this->id = 0; } else { $r = db_row($q); $this->UnserializeSettings($r['settings']); } if (!$virtual) { content_url_var_push_global('action'); content_url_var_push_global('id'); editor_add_function('Управление сервисом', 'Editor_RSSManage'); editor_add_function('Разделы', 'Editor_ContentManage'); } if ($this->id > 0) { // Id>0 so the service has been created $url = content_url_get_full(); if (preg_match('/^' . prepare_pattern(config_get('document-root')) . '[(\\/)|(\\/index.php)]?(\\?(.*))?$/si', $url)) { global $CORE; $CORE->PAGE->SetRSS($this->settings['title'], config_get('http-document-root') . '/rss.php'); } } }
function WT_GetTaskList() { if (!WT_IPC_CheckLogin()) { return; } $q = db_query('SELECT `ts`.`id`, `ts`.`lid` ' . 'FROM `tester_solutions` AS `ts`, ' . '`tester_problems` AS `tp` ' . 'WHERE (`ts`.`status`=0) AND ' . '(`ts`.`problem_id`=`tp`.`id`) AND ' . '(`tp`.`uploaded`=2) ORDER BY `timestamp` LIMIT 15'); while ($r = db_row($q)) { println($r['id'] . '@' . $r['lid']); } }
function WT_on_user_delete($user_id) { /* util.php is not included set, so we need this stupid code here */ global $XPFS; $q = db_select('tester_solutions', array('id'), "`user_id`={$user_id}"); while ($r = db_row($q)) { $XPFS->removeItem('/tester/testing/' . $r['id']); } db_delete('tester_solutions', "`user_id`={$user_id}"); }
function InitFields() { $q = db_select('dataset_assoc', array('id'), '`dataset`=' . $this->id, 'ORDER BY `order`'); $this->fields = array(); while ($r = db_row($q)) { $c = new CDataField(); $c->Init($r['id']); $c->UpdateDataSettings($this->settings['fields'][$c->GetField()]); $this->fields[] = $c; } }
function _mysql_field_exists($table, $field) { # $table = table_by_key($table); # _mysql_field_exists is always called with the expanded table name - don't expand it twice $sql = "SHOW COLUMNS FROM {$table} LIKE '{$field}'"; $r = db_query($sql); $row = db_row($r['result']); if ($row) { return true; } return false; }
function WT_GetChecker() { if (!WT_IPC_CheckLogin()) { return; } $r = db_row(db_select('tester_checkers', array('*'), '`uploaded`=FALSE', 'LIMIT 1')); if ($r) { $s = unserialize($r['settings']); $arr = array('ID' => $r['id'], 'SRC' => $s['src'], 'COMPILERID' => $s['compiler_id']); print db_pack($arr); } }
public function one_by_icode($icode, $is_force = false) { $cache_key = $this->CACHE_PREFIX . $this->table_name . '*' . $icode; if (!$is_force) { $row = FwCache::get_value($cache_key); } if ($is_force || is_null($row)) { $row = db_row($this->table_name, array('icode' => $icode)); FwCache::set_value($cache_key, $row); } return $row; }
public function update_att_links($table_name, $id, $form_att) { if (!is_array($form_att)) { return; } $me_id = Utils::me(); #1. set status=1 (under update) $fields = array(); $fields['status'] = 1; $where = array(); $where['table_name'] = $table_name; $where['item_id'] = $id; db_update($this->att_table_link, $fields, $where); #2. add new items or update old to status =0 foreach ($form_att as $att_id => $value) { $att_id += 0; if (!$att_id) { continue; } $where = array(); $where['table_name'] = $table_name; $where['item_id'] = $id; $where['att_id'] = $att_id; $row = db_row($att_table_link, $where); if (count($row)) { #existing link $fields = array(); $fields['status'] = 0; $where = array(); $where['id'] = $row['id']; db_update($att_table_link, $fields, $where); } else { #new link $fields = array(); $fields['att_id'] = $att_id; $fields['table_name'] = $table_name; $fields['item_id'] = $id; $fields['add_user_id'] = $me_id; db_insert($att_table_link, $fields); } } #3. remove not updated atts (i.e. user removed them) $where = array(); $where['table_name'] = $table_name; $where['item_id'] = $id; $where['status'] = 1; db_del($att_table_link, $where); }
function Init($id) { if (($q = db_select('datatypes', array('*'), "`id`={$id}")) && db_affected() > 0) { $this->id = $id; } else { $this->id = -1; } if ($this->id > 0) { $r = db_row($q); $this->name = $r['name']; $this->UnserializeSettings($r['settings']); $this->data = new $r['class'](); $this->data->Init(); $this->data->UnSerializeSettings($this->settings['data']); } }
function Init($id) { if ($q = db_select('dataset_assoc', array('*'), "`id`={$id}")) { $this->id = $id; } else { $this->id = -1; } if ($this->id > 0) { $r = db_row($q); $this->datatype = new CDataType(); $this->datatype->Init($r['datatype']); $this->title = $r['title']; $this->field = $r['field']; $this->UnserializeSettings($r['settings']); $this->datatype->UpdateSettings($this->settings); } }
function i18n_setLanguage($lang) { global $common_language; if ($lang == 'C') { setcookie('synchrotronLanguage', '', 0, $auth_path); unset($GLOBALS['common_language']); unset($common_language); unset($_COOKIE['synchrotronLanguage']); return; } $db = db_connection(); sql_addToWhereClause($where, 'WHERE', 'code', '=', $lang); $query = db_query($db, "select id from languages {$where};"); if (db_numRows($query) > 0) { list($common_language) = db_row($query, 0); $common_language = intval($common_language); } }
function Init($id = -1, $class = '', $virtual = false) { $this->service = null; $this->_virtual = $virtual; if ($q = db_select('service', array('*'), "`id`={$id}")) { $this->id = $id; } else { $this->id = -1; } if ($id == -1) { $this->SetClassName($class); $this->SpawnService(); } else { $r = db_row($q); $this->SetClassName($r['sclass']); $this->SetName($r['name']); $this->SpawnService(); $this->service->UnserializeSettings($r['settings']); } $this->id = $id; }
function WT_GetTask() { global $id, $lid; if (!WT_IPC_CheckLogin()) { return; } if (!isset($id) || !isset($lid)) { print 'Void filename for WT_GetTask()'; return; } $solution = db_row(db_select('tester_solutions', array('*'), "`id`={$id}")); if ($solution['id'] == '') { return; } $contest = db_row(db_select('tester_contests', array('*'), '`id`=' . $solution['contest_id'] . ' AND `lid`=' . $lid)); $problem = db_row(db_select('tester_problems', array('*'), '`id`=' . $solution['problem_id'] . ' AND `lid`=' . $lid)); $contest['settings'] = unserialize($contest['settings']); $solution['parameters'] = unserialize($solution['parameters']); $arr = array(); // Solution's based settings $arr['PROBLEMID'] = $solution['problem_id']; $arr['COMPILERID'] = $solution['parameters']['compiler_id']; $arr['SOURCE'] = $solution['parameters']['src']; if ($contest['settings']['rules'] == 0) { $arr['ACM'] = 'TRUE'; } else { $arr['ACM'] = 'FALSE'; } // Problem's passed settings $prpars = unserialize($problem['settings']); $arr['TIMELIMIT'] = $prpars['timelimit']; $arr['MEMORYLIMIT'] = $prpars['memorylimit']; $arr['INPUTFILE'] = $prpars['input']; $arr['OUTPUTFILE'] = $prpars['output']; $arr['TESTS'] = $prpars['tests']; $arr['BONUS'] = $prpars['bonus']; print db_pack($arr); }
function pacrypt($pw, $pw_db = "") { $ci =& get_instance(); $pw = stripslashes($pw); $password = ""; $salt = ""; if ($ci->config->item('encrypt') == 'md5crypt') { $split_salt = preg_split('/\\$/', $pw_db); if (isset($split_salt[2])) { $salt = $split_salt[2]; } $password = md5crypt($pw, $salt); } elseif ($ci->config->item('encrypt') == 'md5') { $password = md5($pw); } elseif ($ci->config->item('encrypt') == 'system') { if ($pw_db) { $password = crypt($pw, $pw_db); } else { $password = crypt($pw); } } elseif ($ci->config->item('encrypt') == 'cleartext') { $password = $pw; } elseif ($ci->config->item('encrypt') == 'mysql_encrypt') { $pw = escape_string($pw); if ($pw_db != "") { $salt = escape_string(substr($pw_db, 0, 2)); $res = db_query("SELECT ENCRYPT('" . $pw . "','" . $salt . "');"); } else { $res = db_query("SELECT ENCRYPT('" . $pw . "');"); } $l = db_row($res["result"]); $password = $l[0]; } else { show_error('unknown/invalid encrypt settings for pacrypt setting: ' . $ci->config->item("encrypt")); } return $password; }
function _pgsql_field_exists($table, $field) { $sql = ' SELECT a.attname, pg_catalog.format_type(a.atttypid, a.atttypmod) AS "Datatype" FROM pg_catalog.pg_attribute a WHERE a.attnum > 0 AND NOT a.attisdropped AND a.attrelid = ( SELECT c.oid FROM pg_catalog.pg_class c LEFT JOIN pg_catalog.pg_namespace n ON n.oid = c.relnamespace WHERE c.relname ~ ' . "'^({$table})\$' \n AND pg_catalog.pg_table_is_visible(c.oid)\n )\n AND a.attname = '{$field}' "; // echo $sql; $r = db_query($sql); $row = db_row($r['result']); if ($row) { return true; } return false; }
<?php require_once 'config.php'; /* ----------------------- ПАРАМЕТРЫ СТРАНИЦЫ ----------------------- */ $page['title'] = 'Активация'; $page['desc'] = 'Активация аккаунта'; /* ---------------------- КОНТРОЛЛЕР СТРАНИЦЫ ----------------------- */ if (!empty($user_id) && !empty($user_activate)) { $user_info = db_row("SELECT * FROM `users` WHERE `id` = '{$user_id}'"); if (isset($answ_user)) { $user_info = mysql_fetch_assoc($answ_user); } if (!empty($user_info['user_id'])) { if ($user_activate == $user_info['user_activate'] && !empty($user_info['user_activate'])) { $answ_user = mysql_query("UPDATE `lim_users` SET `user_activate`=0 WHERE `user_id` ='{$user_id}'"); if (isset($answ_user)) { $activate_success = "Ваш личный кабинет успешно активирован!"; } else { $activate_error = "Произошла ошибка активации"; } } else { if (empty($user_info['user_activate'])) { $activate_error = "Данный аккаунт уже активирован Вами ранее"; } else { $activate_error = "Ошибка! Неверный код активации"; } } } else { $activate_error = "Ошибка! Не найден пользователь с таким id"; } } else {
function GetAccessibleList($user_id) { $gw = WT_spawn_new_gateway(); if (isset($this->cache['ACCLIST'][$user_id])) { return $this->cache['ACCLIST'][$user_id]; } if ($gw->GetAllowed('CONTEST.MANAGE')) { $arr = $this->data; } else { $q = db_query('SELECT `tcg`.contest_id FROM `tester_contestgroup` ' . 'AS `tcg`, `usergroup` AS `ug`, `tester_contests` ' . 'AS `tc` ' . "WHERE (`ug`.`user_id`={$user_id}) AND " . "(`tcg`.`group_id`=`ug`.`group_id`) " . "AND (`tc`.`id`=`tcg`.`contest_id`) " . 'GROUP BY `tcg`.`contest_id` ' . 'ORDER BY `tc`.`lid`, `tc`.`name`'); // println (db_error ()); $arr = array(); while ($r = db_row($q)) { $arr[] = $this->ContestByID($r['contest_id']); } } $this->cache['ACCLIST'][$user_id] = $arr; return $arr; }
* * This program can be distributed under the terms of the GNU GPL. * See the file COPYING. */ if ($PHP_SELF != '') { print 'HACKERS?'; die; } formo('title=Список существующих типов данных;'); $i = 1; $n = db_affected(); ?> <table class="list smb"> <tr class="h"><th class="n first">№</th><th width="40%">Название</th><th>Базовый класс</th><th width="48" class="last"> </th></tr> <?php while ($r = db_row($q)) { $class = manage_datatype_get_by_name($r['class']); $d = $r['refcount'] == 0; ?> <tr<?php echo $i < $n ? '' : ' class="last"'; ?> ><td class="n"><?php echo $i; ?> .</td><td><a href=".?action=edit&id=<?php echo $r['id']; ?> "><?php echo $r['name']; ?>
/** * Encrypt a password, using the apparopriate hashing mechanism as defined in * config.inc.php ($CONF['encrypt']). * When wanting to compare one pw to another, it's necessary to provide the salt used - hence * the second parameter ($pw_db), which is the existing hash from the DB. * * @param string $pw * @param string $encrypted password * @return string encrypted password. */ function pacrypt($pw, $pw_db = "") { global $CONF; $pw = stripslashes($pw); $password = ""; $salt = ""; if ($CONF['encrypt'] == 'md5crypt') { $split_salt = preg_split('/\\$/', $pw_db); if (isset($split_salt[2])) { $salt = $split_salt[2]; } $password = md5crypt($pw, $salt); } elseif ($CONF['encrypt'] == 'md5') { $password = md5($pw); } elseif ($CONF['encrypt'] == 'system') { if (preg_match("/\\\$1\\\$/", $pw_db)) { $split_salt = preg_split('/\\$/', $pw_db); $salt = "\$1\${$split_salt[2]}\$"; } else { if (strlen($pw_db) == 0) { $salt = substr(md5(mt_rand()), 0, 2); } else { $salt = substr($pw_db, 0, 2); } } $password = crypt($pw, $salt); } elseif ($CONF['encrypt'] == 'cleartext') { $password = $pw; } elseif ($CONF['encrypt'] == 'mysql_encrypt') { if ($pw_db != "") { $salt = substr($pw_db, 0, 2); $res = db_query("SELECT ENCRYPT('" . $pw . "','" . $salt . "');"); } else { $res = db_query("SELECT ENCRYPT('" . $pw . "');"); } $l = db_row($res["result"]); $password = $l[0]; } elseif ($CONF['encrypt'] == 'authlib') { $flavor = $CONF['authlib_default_flavor']; $salt = substr(create_salt(), 0, 2); # courier-authlib supports only two-character salts if (preg_match('/^{.*}/', $pw_db)) { // we have a flavor in the db -> use it instead of default flavor $result = preg_split('/[{}]/', $pw_db, 3); # split at { and/or } $flavor = $result[1]; $salt = substr($result[2], 0, 2); } if (stripos($flavor, 'md5raw') === 0) { $password = '******' . $flavor . '}' . md5($pw); } elseif (stripos($flavor, 'md5') === 0) { $password = '******' . $flavor . '}' . base64_encode(md5($pw, TRUE)); } elseif (stripos($flavor, 'crypt') === 0) { $password = '******' . $flavor . '}' . crypt($pw, $salt); } elseif (stripos($flavor, 'SHA') === 0) { $password = '******' . $flavor . '}' . base64_encode(sha1($pw, TRUE)); } else { die("authlib_default_flavor '" . $flavor . "' unknown. Valid flavors are 'md5raw', 'md5', 'SHA' and 'crypt'"); } } elseif (preg_match("/^dovecot:/", $CONF['encrypt'])) { $split_method = preg_split('/:/', $CONF['encrypt']); $method = strtoupper($split_method[1]); if (!preg_match("/^[A-Z0-9-]+\$/", $method)) { die("invalid dovecot encryption method"); } # TODO: check against a fixed list? if (strtolower($method) == 'md5-crypt') { die("\$CONF['encrypt'] = 'dovecot:md5-crypt' will not work because dovecotpw generates a random salt each time. Please use \$CONF['encrypt'] = 'md5crypt' instead."); } $dovecotpw = "dovecotpw"; if (!empty($CONF['dovecotpw'])) { $dovecotpw = $CONF['dovecotpw']; } # Use proc_open call to avoid safe_mode problems and to prevent showing plain password in process table $spec = array(0 => array("pipe", "r"), 1 => array("pipe", "w"), 2 => array("pipe", "w")); $pipe = proc_open("{$dovecotpw} '-s' {$method}", $spec, $pipes); if (!$pipe) { die("can't proc_open {$dovecotpw}"); } else { // use dovecot's stdin, it uses getpass() twice // Write pass in pipe stdin fwrite($pipes[0], $pw . "\n", 1 + strlen($pw)); usleep(1000); fwrite($pipes[0], $pw . "\n", 1 + strlen($pw)); fclose($pipes[0]); // Read hash from pipe stdout $password = fread($pipes[1], "200"); if (!preg_match('/^\\{' . $method . '\\}/', $password)) { $stderr_output = stream_get_contents($pipes[2]); error_log('dovecotpw password encryption failed.'); error_log('STDERR output: ' . $stderr_output); die("can't encrypt password with dovecotpw, see error log for details"); } fclose($pipes[1]); fclose($pipes[2]); proc_close($pipe); $password = trim(str_replace('{' . $method . '}', '', $password)); } } else { die('unknown/invalid $CONF["encrypt"] setting: ' . $CONF['encrypt']); } $password = escape_string($password); return $password; }
function RefreshCachedData($user_id = -1) { if (isset($this->precompiled[$user_id]['user_group'])) { return; } $user_group = array(); if ($user_id > 0) { $q = db_select('usergroup', array('group_id'), "`user_id`={$user_id}"); while ($r = db_row($q)) { $user_group[$r['group_id']] = true; } } $this->precompiled[$user_id]['user_group'] = $user_group; }
function processProviderAssets($assets, $packageBasePath, $provider, $providerId, $config) { global $verbose; $metadataPath = $config['metadata']; if (empty($metadataPath)) { $metadataPath = 'metadata.desktop'; } $recreateCategoriesFile = false; $categories = array(); $db = db_connection('write'); foreach ($assets as $asset => $path) { if ($verbose) { print "Processing {$providerId} {$asset} at {$path}\n"; } if (!is_file("{$path}/{$metadataPath}")) { if ($verbose) { print "No such thing as {$path}/{$metadataPath}, perhaps it was deleted?\n"; } deleteAsset($providerId, $asset); continue; } $metadata = new INIFile("{$path}/{$metadataPath}"); $plugin = $metadata->getValue('X-KDE-PluginInfo-Name', 'Desktop Entry'); if (empty($plugin)) { print "No X-KDE-PluginInfo-Name entry in {$path}/{$metadataPath}\n"; continue; } $packageFile = $metadata->getValue('X-Synchrotron-ContentUrl', 'Desktop Entry'); $externalPackage = !empty($packageFile); if (!$externalPackage) { $packageFile = createPackage($plugin, $path, $packageBasePath, $config); } if (!$packageFile) { deleteAsset($providerId, $asset); continue; } $category = $metadata->getValue('X-KDE-PluginInfo-Category', 'Desktop Entry'); if (empty($category)) { $category = 'Miscelaneous'; } if (isset($categories[$category])) { $categoryId = $categories[$category]; } else { unset($where); sql_addToWhereClause($where, '', 'provider', '=', $providerId); global $db_type; if ($db_type == 'postgres') { sql_addToWhereClause($where, 'and', 'name', 'ILIKE', $category); } else { sql_addToWhereClause($where, 'and', 'name', 'LIKE', $category); } $query = db_query($db, "SELECT id FROM categories WHERE {$where}"); if (db_numRows($query) < 1) { unset($fields, $values); sql_addIntToInsert($fields, $values, 'provider', $providerId); sql_addScalarToInsert($fields, $values, 'name', $category); db_insert($db, 'categories', $fields, $values); $query = db_query($db, "SELECT id FROM categories WHERE {$where}"); $recreateCategoriesFile = true; } list($categoryId) = db_row($query, 0); $categories[$category] = $categoryId; } unset($where); sql_addToWhereClause($where, '', 'provider', '=', $providerId); sql_addToWhereClause($where, 'and', 'id', '=', $plugin); $query = db_query($db, "select * from content where {$where};"); if (db_numRows($query) > 0) { // just update the field unset($fields); sql_addScalarToUpdate($fields, 'version', $metadata->getValue('X-KDE-PluginInfo-Version', 'Desktop Entry')); sql_addScalarToUpdate($fields, 'author', $metadata->getValue('X-KDE-PluginInfo-Author', 'Desktop Entry')); sql_addScalarToUpdate($fields, 'homepage', $metadata->getValue('X-KDE-PluginInfo-Website', 'Desktop Entry')); //FIXME: get preview image from asset dir! sql_addScalarToUpdate($fields, 'preview', <image path>); sql_addScalarToUpdate($fields, 'name', $metadata->getValue('Name', 'Desktop Entry')); // FIXME: i18n sql_addScalarToUpdate($fields, 'description', $metadata->getValue('Comment', 'Desktop Entry')); sql_addIntToUpdate($fields, 'category', $categoryId); sql_addRawToUpdate($fields, 'updated', 'current_timestamp'); sql_addScalarToUpdate($fields, 'package', $packageFile); sql_addBoolToUpdate($fields, 'externalPackage', $externalPackage); db_update($db, 'content', $fields, $where); } else { // new asset! unset($fields, $values); sql_addIntToInsert($fields, $values, 'provider', $providerId); sql_addScalarToInsert($fields, $values, 'id', $plugin); sql_addScalarToInsert($fields, $values, 'version', $metadata->getValue('X-KDE-PluginInfo-Version', 'Desktop Entry')); sql_addScalarToInsert($fields, $values, 'author', $metadata->getValue('X-KDE-PluginInfo-Author', 'Desktop Entry')); sql_addScalarToInsert($fields, $values, 'homepage', $metadata->getValue('X-KDE-PluginInfo-Website', 'Desktop Entry')); //FIXME: get preview image from asset dir! sql_addScalarToInsert($fields, $values, 'preview', <image path>); sql_addScalarToInsert($fields, $values, 'name', $metadata->getValue('Name', 'Desktop Entry')); // FIXME: i18n sql_addScalarToInsert($fields, $values, 'description', $metadata->getValue('Comment', 'Desktop Entry')); sql_addIntToInsert($fields, $values, 'category', $categoryId); sql_addScalarToInsert($fields, $values, 'package', $packageFile); sql_addBoolToInsert($fields, $values, 'externalPackage', $externalPackage); db_insert($db, 'content', $fields, $values); } } if ($recreateCategoriesFile) { createCategoriesFile($provider); } }
function do_export() { global $DB, $VERSION, $D, $BOM, $ex_isgz; $rt = str_replace('`', '', $_REQUEST['t']); $t = explode(",", $rt); $th = array_flip($t); $ct = count($t); $z = db_row("show variables like 'max_allowed_packet'"); $MAXI = floor($z['Value'] * 0.8); if (!$MAXI) { $MAXI = 838860; } $aext = ''; $ctp = ''; $ex_isgz = $_REQUEST['gz'] ? 1 : 0; if ($ex_isgz) { $aext = '.gz'; $ctp = 'application/x-gzip'; } ex_start(); if ($ct == 1 && $_REQUEST['et'] == 'csv') { ex_hdr($ctp ? $ctp : 'text/csv', "{$t['0']}.csv{$aext}"); if ($DB['chset'] == 'utf8') { ex_w($BOM); } $sth = db_query("select * from `{$t['0']}`"); $fn = mysql_num_fields($sth); for ($i = 0; $i < $fn; $i++) { $m = mysql_fetch_field($sth, $i); ex_w(qstr($m->name) . ($i < $fn - 1 ? "," : "")); } ex_w($D); while ($row = mysql_fetch_row($sth)) { ex_w(to_csv_row($row)); } ex_end(); exit; } ex_hdr($ctp ? $ctp : 'text/plain', "{$DB['db']}" . ($ct == 1 && $t[0] ? ".{$t['0']}" : ($ct > 1 ? '.' . $ct . 'tables' : '')) . ".sql{$aext}"); ex_w("-- phpMiniAdmin dump {$VERSION}{$D}-- Datetime: " . date('Y-m-d H:i:s') . "{$D}-- Host: {$DB['host']}{$D}-- Database: {$DB['db']}{$D}{$D}"); ex_w("/*!40030 SET NAMES {$DB['chset']} */;{$D}/*!40030 SET GLOBAL max_allowed_packet=16777216 */;{$D}{$D}"); $sth = db_query("show tables from `{$DB['db']}`"); while ($row = mysql_fetch_row($sth)) { if (!$rt || array_key_exists($row[0], $th)) { do_export_table($row[0], 1, $MAXI); } } ex_w("{$D}-- phpMiniAdmin dump end{$D}"); ex_end(); exit; }
function IsContestJudge($id = -1) { if ($id < 0) { $id = $_SESSION['WT_contest_id']; } if (isset($this->cache[$id]['IsContestJudge'])) { return $this->cache[$id]['IsContestJudge']; } $this->cache[$id]['IsContestJudge'] = $this->GetAllowed('CONTEST.MANAGE'); if ($this->cache[$id]['IsContestJudge']) { return true; } if ($id == '') { return; } $q = db_query('SELECT COUNT(*) AS `c` FROM `usergroup` AS `ug`, ' . '`tester_judgegroup` AS `tjg` ' . ' WHERE (`ug`.`user_id`=' . user_id() . ') AND (`tjg`.`group_id`=`ug`.`group_id`) ' . 'AND (`tjg`.`contest_id`=' . $id . ')'); $r = db_row($q); $res = $r['c'] > 0; $this->cache[$id]['IsContestJudge'] = $res; return $res; }
public function SaveFacebook() { $item = FormUtils::form2dbhash($_REQUEST, 'access_token id email first_name last_name name username gender link locale timezone verified'); #TODO better validate if (!$item['access_token'] || !$item['id']) { throw new ApplicationException("Wrong facebook data", 1); } /* $fb = new Facebook(array( 'appId' => $GLOBALS['FACEBOOK_APP_ID'], 'secret' => $GLOBALS['FACEBOOK_APP_SECRET'], )); $fb_user_id = $facebook->getUser(); $user_profile = $facebook->api('/me'); */ #check if such user exists $users_id = 0; #first - check by email $hU = $this->model->one_by_email($item['email']); if ($hU['id']) { $users_id = $hU['id']; } if (!$users_id) { #now check by facebook email $hU = db_row("select * from users where fb_email=" . dbq($item['email'])); if ($hU['id']) { $users_id = $hU['id']; } } if (!$users_id) { #now check by facebook id $hU = db_row("select * from users where fb_id=" . dbq($item['id'])); if ($hU['id']) { $users_id = $hU['id']; } } if ($users_id) { #update user's missing data from facebook $vars = array('fb_access_token' => $item['access_token']); if ($hU['sex'] != ($item['gender'] == 'male' ? 1 : 0)) { $vars['sex'] = $item['gender'] == 'male' ? 1 : 0; } if (!$hU['fname']) { $vars['fname'] = $item['first_name']; } if (!$hU['lname']) { $vars['lname'] = $item['last_name']; } if ($hU['fb_email'] != $item['email'] && $item['email']) { $vars['fb_email'] = $item['email']; } if (!$hU['fb_id']) { $vars['fb_id'] = $item['id']; } if (!$hU['fb_link']) { $vars['fb_link'] = $item['link']; } if (!$hU['fb_locale']) { $vars['fb_locale'] = $item['locale']; } if (!$hU['fb_name']) { $vars['fb_name'] = $item['name']; } if (!$hU['fb_timezone']) { $vars['fb_timezone'] = $item['timezone']; } if (!$hU['fb_username']) { $vars['fb_username'] = $item['username']; } if (!$hU['fb_verified']) { $vars['fb_verified'] = $item['verified'] == 'true' ? 1 : 0; } if (!$hU['fb_picture_url']) { $vars['fb_picture_url'] = 'http://graph.facebook.com/' . $item['username'] . '/picture'; } db_update('users', $vars, $users_id); } else { #register user first if new $users_id = $this->model->add(array('email' => $item['email'], 'nick' => $item['name'], 'sex' => $item['gender'] == 'male' ? 1 : 0, 'fname' => $item['first_name'], 'lname' => $item['last_name'], 'fb_id' => $item['id'], 'fb_link' => $item['link'], 'fb_locale' => $item['locale'], 'fb_name' => $item['name'], 'fb_timezone' => $item['timezone'], 'fb_username' => $item['username'], 'fb_verified' => $item['verified'] == 'true' ? 1 : 0, 'fb_picture_url' => 'http://graph.facebook.com/' . $item['username'] . '/picture', 'fb_access_token' => $item['access_token'])); } #automatically login the user $_SESSION['is_just_registered'] = 1; $this->model->do_login($users_id); $ps = array('status' => 0, 'err_msg' => ''); parse_json($ps); }
function getParentNode($node) { if (isset($this->_CACHE['NodeInfo'][$node['pid']])) { return $this->_CACHE['NodeInfo']; } $q = db_select('xpfs_volume_' . $node['vol'], array('*'), '`id`=' . $node['pid']); $arr = db_row($q); $res = $this->nodeDescrFromUnknownArr($node['vol'], $arr); $this->_CACHE['NodeInfo'][$node['pid']] = $res; return $res; }
function Editor_DrawCurrentStructure() { $q = db_select($this->settings['content'], array('*'), '', 'ORDER BY `id`'); if (db_affected() <= 0) { return; } formo('title=Текущая структура каталога'); $interior = 0; $full = content_url_get_full(); while ($r = db_row($q)) { $actions = stencil_ibtnav('edit.gif', $full . '&act=edit&pid=' . $r['id']); $actions .= stencil_ibtnav('cross.gif', $full . '&act=delete&pid=' . $r['id'], 'Удалить', 'Удалить этот подкаталог и все вложенные?'); println('<div style="margin: 2px 0 2px ' . $interion * 24 . 'px;">' . '<table class="list" width="100%"><tr class="h"><th class="first">' . $r['name'] . '</th><th width="80" style="text-align: right;" ' . 'class="last">' . $actions . '</th></tr></table></div>'); $interion++; } formc(); }
function listing($base_query, $md5_get = false) { global $db_driver, $db_link; $md5_i = false; if ($md5_get) { preg_match('#_(\\d+)$#', $md5_get, $match); $md5_i = $match[1]; } $base_query = trim($base_query); $base_query = str_cut_end($base_query, ';'); $query = $base_query; $ret = array('msg' => '', 'error' => '', 'data_html' => false); $limit = 25; $offset = get('offset', 'int'); $page = floor($offset / $limit + 1); if ($query) { if (is_select($query) && !preg_match('#\\s+LIMIT\\s+\\d+#i', $query) && !preg_match('#into\\s+outfile\\s+#', $query)) { $query = db_limit($query, $offset, $limit); } else { $limit = false; } $time = time_start(); if (!db_is_safe($query, true)) { $ret['error'] = 'Detected UPDATE/DELETE without WHERE condition (put WHERE 1=1 if you want to execute this query)'; return $ret; } $rs = @db_query($query); if ($rs) { if ($rs === true) { if ('mysql' == $db_driver) { $affected = mysql_affected_rows($db_link); $time = time_end($time); $ret['data_html'] = '<b>' . $affected . '</b> rows affected.<br>Time: <b>' . $time . '</b> sec'; return $ret; } } else { if ('pgsql' == $db_driver) { $affected = @pg_affected_rows($rs); if ($affected || preg_match('#^\\s*(DELETE|UPDATE)\\s+#i', $query)) { $time = time_end($time); $ret['data_html'] = '<p><b>' . $affected . '</b> rows affected. Time: <b>' . $time . '</b> sec</p>'; return $ret; } } } $rows = array(); while ($row = db_row($rs)) { $rows[] = $row; if ($limit) { if (count($rows) == $limit) { break; } } } db_free($rs); if (is_select($base_query)) { $found = @db_one("SELECT COUNT(*) FROM ({$base_query}) AS sub"); if (!is_numeric($found) || count($rows) && !$found) { global $COUNT_ERROR; $COUNT_ERROR = ' (COUNT ERROR) '; $found = count($rows); } } else { if (count($rows)) { $found = count($rows); } else { $found = false; } } if ($limit) { $pages = ceil($found / $limit); } else { $pages = 1; } $time = time_end($time); } else { $ret['error'] = db_error(); return $ret; } } else { $ret['error'] = 'No query found.'; return $ret; } ob_start(); ?> <?php if (is_numeric($found)) { ?> <p> Found: <b><?php echo $found; ?> </b><?php echo isset($GLOBALS['COUNT_ERROR']) ? $GLOBALS['COUNT_ERROR'] : ''; ?> . Time: <b><?php echo $time; ?> </b> sec. <?php $params = array('md5' => $md5_get, 'offset' => get('offset', 'int')); if (get('only_marked') || post('only_marked')) { $params['only_marked'] = 1; } if (get('only_select') || post('only_select')) { $params['only_select'] = 1; } ?> / <a href="<?php echo url(self(), $params); ?> ">Refetch</a> / Export to CSV: <a href="<?php echo $_SERVER['PHP_SELF']; ?> ?export=csv&separator=<?php echo urlencode('|'); ?> &query=<?php echo base64_encode($base_query); ?> ">pipe</a> - <a href="<?php echo $_SERVER['PHP_SELF']; ?> ?export=csv&separator=<?php echo urlencode("\t"); ?> &query=<?php echo base64_encode($base_query); ?> ">tab</a> - <a href="<?php echo $_SERVER['PHP_SELF']; ?> ?export=csv&separator=<?php echo urlencode(','); ?> &query=<?php echo base64_encode($base_query); ?> ">comma</a> - <a href="<?php echo $_SERVER['PHP_SELF']; ?> ?export=csv&separator=<?php echo urlencode(';'); ?> &query=<?php echo base64_encode($base_query); ?> ">semicolon</a> </p> <?php } else { ?> <p>Result: <b>OK</b>. Time: <b><?php echo $time; ?> </b> sec</p> <?php } ?> <?php if (is_numeric($found)) { ?> <?php if ($pages > 1) { ?> <p> <?php if ($page > 1) { ?> <?php $ofs = ($page - 1) * $limit - $limit; ?> <?php $params = array('md5' => $md5_get, 'offset' => $ofs); if (get('only_marked') || post('only_marked')) { $params['only_marked'] = 1; } if (get('only_select') || post('only_select')) { $params['only_select'] = 1; } ?> <a href="<?php echo url(self(), $params); ?> "><< Prev</a> <?php } ?> Page <b><?php echo $page; ?> </b> of <b><?php echo $pages; ?> </b> <?php if ($pages > $page) { ?> <?php $ofs = $page * $limit; ?> <?php $params = array('md5' => $md5_get, 'offset' => $ofs); if (get('only_marked') || post('only_marked')) { $params['only_marked'] = 1; } if (get('only_select') || post('only_select')) { $params['only_select'] = 1; } ?> <a href="<?php echo url(self(), $params); ?> ">Next >></a> <?php } ?> </p> <?php } ?> <script> function mark_row(tr) { var els = tr.getElementsByTagName('td'); if (tr.marked) { for (var i = 0; i < els.length; i++) { els[i].style.backgroundColor = ''; } tr.marked = false; } else { tr.marked = true; for (var i = 0; i < els.length; i++) { els[i].style.backgroundColor = '#ddd'; } } } </script> <?php if ($found) { ?> <?php $edit_table = table_from_query($base_query); if ($edit_table) { $edit_pk = array_first_key($rows[0]); if (is_numeric($edit_pk)) { $edit_table = false; } } if ($edit_table) { $types = table_types2($edit_table); if ($types && count($types)) { if (in_array($edit_pk, array_keys($types))) { if (!array_col_match_unique($rows, $edit_pk, '#^\\d+$#')) { $edit_pk = guess_pk($rows); if (!$edit_pk) { $edit_table = false; } } } else { $edit_table = false; } } else { $edit_table = false; } } $edit_url = ''; if ($edit_table) { $edit_url = url(self(true), array('action' => 'editrow', 'table' => $edit_table, 'pk' => $edit_pk, 'id' => '%s')); } ?> <table class="ls" cellspacing="1"> <tr> <?php if ($edit_url) { ?> <th>#</th><?php } ?> <?php foreach ($rows[0] as $col => $v) { ?> <th><?php echo $col; ?> </th> <?php } ?> </tr> <?php foreach ($rows as $row) { ?> <tr ondblclick="mark_row(this)"> <?php if ($edit_url) { ?> <td><a href="javascript:void(0)" onclick="popup('<?php echo sprintf($edit_url, $row[$edit_pk]); ?> ', 620, 500)">Edit</a> </td> <?php } ?> <?php $count_cols = 0; foreach ($row as $v) { $count_cols++; } ?> <?php foreach ($row as $k => $v) { ?> <?php if (preg_match('#^\\s*<a[^>]+>[^<]+</a>\\s*$#iU', $v) && strlen(strip_tags($v)) < 50) { $v = strip_tags($v, '<a>'); $v = create_links($v); } else { $v = strip_tags($v); $v = str_replace(' ', ' ', $v); $v = preg_replace('#[ ]+#', ' ', $v); $v = create_links($v); if (!get('full_content') && strlen($v) > 50) { if (1 == $count_cols) { $v = truncate_html($v, 255); } else { $v = truncate_html($v, 50); } } // $v = html_once($v); - create_links() disabling } $nl2br = get('nl2br'); if (get('full_content')) { $v = str_wrap($v, 80, '<br>', true); } if (get('nl2br')) { $v = nl2br($v); } //$v = stripslashes(stripslashes($v)); if (@$types[$k] == 'int' && (preg_match('#time#i', $k) || preg_match('#date#i', $k)) && preg_match('#^\\d+$#', $v)) { $tmp = @date('Y-m-d H:i', $v); if ($tmp) { $v = $tmp; } } global $post; if (str_has($post['sql'], '@gethostbyaddr') && preg_match('#^\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}$#', $v)) { $v = $v . '<br>' . @gethostbyaddr($v); } ?> <td onclick="mark_col(this)" <?php echo $nl2br ? 'valign="top"' : ''; ?> nowrap><?php echo is_null($row[$k]) ? '-' : $v; ?> </td> <?php } ?> </tr> <?php } ?> </table> <?php } ?> <?php if ($pages > 1) { ?> <p> <?php if ($page > 1) { ?> <?php $ofs = ($page - 1) * $limit - $limit; ?> <?php $params = array('md5' => $md5_get, 'offset' => $ofs); if (get('only_marked') || post('only_marked')) { $params['only_marked'] = 1; } if (get('only_select') || post('only_select')) { $params['only_select'] = 1; } ?> <a href="<?php echo url(self(), $params); ?> "><< Prev</a> <?php } ?> Page <b><?php echo $page; ?> </b> of <b><?php echo $pages; ?> </b> <?php if ($pages > $page) { ?> <?php $ofs = $page * $limit; ?> <?php $params = array('md5' => $md5_get, 'offset' => $ofs); if (get('only_marked') || post('only_marked')) { $params['only_marked'] = 1; } if (get('only_select') || post('only_select')) { $params['only_select'] = 1; } ?> <a href="<?php echo url(self(), $params); ?> ">Next >></a> <?php } ?> </p> <?php } ?> <?php } ?> <?php $cont = ob_get_contents(); ob_end_clean(); $ret['data_html'] = $cont; return $ret; }
protected function check_quota($quota) { $rval = false; if (!Config::bool('quota')) { return true; # enforcing quotas is disabled - just allow it } list(, $domain) = explode('@', $this->id); $limit = get_domain_properties($domain); if ($limit['maxquota'] == 0) { $rval = true; # maxquota unlimited -> OK, but domain level quota could still be hit } if ($limit['maxquota'] < 0 and $quota < 0) { return true; # maxquota and $quota are both disabled -> OK, no need for more checks } if ($limit['maxquota'] > 0 and $quota == 0) { return false; # mailbox with unlimited quota on a domain with maxquota restriction -> not allowed, no more checks needed } if ($limit['maxquota'] != 0 && $quota > $limit['maxquota']) { return false; # mailbox bigger than maxquota restriction (and maxquota != unlimited) -> not allowed, no more checks needed } else { $rval = true; # mailbox size looks OK, but domain level quota could still be hit } if (!$rval) { return false; # over quota - no need to check domain_quota } # TODO: detailed error message ("domain quota exceeded", "mailbox quota too big" etc.) via flash_error? Or "available quota: xxx MB"? if (!Config::bool('domain_quota')) { return true; # enforcing domain_quota is disabled - just allow it } elseif ($limit['quota'] <= 0) { # TODO: CHECK - 0 (unlimited) is fine, not sure about <= -1 (disabled)... $rval = true; } elseif ($quota == 0) { # trying to create an unlimited mailbox, but domain quota is set return false; } else { $table_mailbox = table_by_key('mailbox'); $query = "SELECT SUM(quota) FROM {$table_mailbox} WHERE domain = '" . escape_string($domain) . "'"; $query .= " AND username != '" . escape_string($this->id) . "'"; $result = db_query($query); $row = db_row($result['result']); $cur_quota_total = divide_quota($row[0]); # convert to MB if ($quota + $cur_quota_total > $limit['quota']) { $rval = false; } else { $rval = true; } } return $rval; }
function user_delete_from_groups($uid) { $q = db_select('usergroup', array('group_id'), '`user_id`=' . $uid); while ($r = db_row($q)) { user_delete_from_group($uid, $r['group_id']); } }