function GetSort() { if ($this->DrillDown) { return ""; } // Check for a resetsort command if (strlen(@$_GET["cmd"]) > 0) { $sCmd = @$_GET["cmd"]; if ($sCmd == "resetsort") { $this->setOrderBy(""); $this->setStartGroup(1); $this->University->setSort(""); } // Check for an Order parameter } elseif (@$_GET["order"] != "") { $this->CurrentOrder = ewr_StripSlashes(@$_GET["order"]); $this->CurrentOrderType = @$_GET["ordertype"]; $sSortSql = $this->SortSql(); $this->setOrderBy($sSortSql); $this->setStartGroup(1); } return $this->getOrderBy(); }
ServerError($e->getMessage()); } } elseif (function_exists("curl_init")) { // Use export.api3.fusioncharts.com and curl $postdata = file_get_contents("php://input"); // Get POST data $img = ewr_ClientUrl("export.api3.fusioncharts.com", $postdata, "POST"); // Get the chart from fusioncharts.com if ($img === FALSE) { ServerError("Failed to get chart image from export server. Make sure your web server is online."); } } else { ServerError("Both Imagick and cURL not installed on this server."); } // Save the file $params = ewr_StripSlashes(@$_POST["parameters"]); $filename = ""; if (preg_match('/exportfilename=(\\w+\\.png)\\|/', $params, $matches)) { // Must be .png for security $filename = $matches[1]; } if ($filename == "") { ServerError("Missing file name."); } $path = ewr_ServerMapPath(EWR_UPLOAD_DEST_PATH); $realpath = realpath($path); if (!file_exists($realpath)) { ServerError("Upload folder does not exist."); } if (!is_writable($realpath)) { ServerError("Upload folder is not writable.");
} // Initialize Session data ob_start(); include_once "phprptinc/ewrcfg8.php"; include_once "phprptinc/ewmysql.php"; include_once "phprptinc/ewrfn8.php"; // Get resize parameters $resize = @$_GET["resize"] != ""; $width = @$_GET["width"] != "" ? $_GET["width"] : 0; $height = @$_GET["height"] != "" ? $_GET["height"] : 0; if (@$_GET["width"] == "" && @$_GET["height"] == "") { $width = EWR_THUMBNAIL_DEFAULT_WIDTH; $height = EWR_THUMBNAIL_DEFAULT_HEIGHT; } $quality = @$_GET["quality"] != "" ? $_GET["quality"] : EWR_THUMBNAIL_DEFAULT_QUALITY; // Resize image from physical file if (@$_GET["fn"] != "") { $fn = ewr_StripSlashes($_GET["fn"]); $fn = str_replace("", "", $fn); $fn = ewr_PathCombine(ewr_AppRoot(), $fn, TRUE); if (file_exists($fn)) { $pathinfo = pathinfo($fn); $ext = strtolower($pathinfo['extension']); $size = getimagesize($fn); if ($size) { header("Content-type: {$size['mime']}"); } echo ewr_ResizeFileToBinary($fn, $width, $height, $quality); } exit; }
function GetChartSort() { // Check for a resetsort command if (strlen(@$_GET["cmd"]) > 0) { $sCmd = @$_GET["cmd"]; if ($sCmd == "resetsort") { $this->C_job_position_vs_job_offered->setSort(0); } // Check for chartorder parameter } elseif (@$_GET["chartorder"] != "") { $chartorder = ewr_StripSlashes(@$_GET["chartorder"]); $chartordertype = ewr_StripSlashes(@$_GET["chartordertype"]); if ($chartorder == "C_job_position_vs_job_offered") { $this->C_job_position_vs_job_offered->setSort($chartordertype); } } // Restore chart sort type from Session $this->C_job_position_vs_job_offered->ChartSortType = $this->C_job_position_vs_job_offered->getSort(); }
function Page_Main() { global $ReportLanguage; $GLOBALS["Page"] =& $this; $post = ewr_StripSlashes($_POST); if (count($post) == 0) { die("Missing post data."); } //$sql = $qs->getValue("s"); $sql = @$post["s"]; $sql = ewr_Decrypt($sql); if ($sql == "") { die("Missing SQL."); } // Field delimiter $dlm = @$post["dlm"]; $dlm = ewr_Decrypt($dlm); // Language object $ReportLanguage = new crLanguage(); if (strpos($sql, "{filter}") > 0) { $filters = ""; for ($i = 0; $i < 5; $i++) { // Get the filter values (for "IN") $filter = ewr_Decrypt(@$post["f" . $i]); if ($filter != "") { $value = @$post["v" . $i]; if ($value == "") { if ($i > 0) { // Empty parent field //continue; // Allow ewr_AddFilter($filters, "1=0"); } // Disallow continue; } $arValue = explode(",", $value); $fldtype = intval(@$post["t" . $i]); $wrkfilter = ""; for ($j = 0, $cnt = count($arValue); $j < $cnt; $j++) { if ($wrkfilter != "") { $wrkfilter .= " OR "; } $val = $arValue[$j]; if ($val == EWR_NULL_VALUE) { $wrkfilter .= str_replace(" = {filter_value}", " IS NULL", $filter); } elseif ($val == EWR_NOT_NULL_VALUE) { $wrkfilter .= str_replace(" = {filter_value}", " IS NOT NULL", $filter); } elseif ($val == EWR_EMPTY_VALUE) { $wrkfilter .= str_replace(" = {filter_value}", " = ''", $filter); } else { $wrkfilter .= str_replace("{filter_value}", ewr_QuotedValue($val, ewr_FieldDataType($fldtype)), $filter); } } ewr_AddFilter($filters, $wrkfilter); } } $sql = str_replace("{filter}", $filters != "" ? $filters : "1=1", $sql); } // Get the query value (for "LIKE" or "=") $value = ewr_AdjustSql(@$_GET["q"]); // Get the query value from querystring if ($value == "") { $value = ewr_AdjustSql(@$post["q"]); } // Get the value from post if ($value != "") { $sql = preg_replace('/LIKE \'(%)?\\{query_value\\}%\'/', ewr_Like('\'$1{query_value}%\''), $sql); $sql = str_replace("{query_value}", $value, $sql); } // Replace {query_value_n} preg_match_all('/\\{query_value_(\\d+)\\}/', $sql, $out); $cnt = count($out[0]); for ($i = 0; $i < $cnt; $i++) { $j = $out[1][$i]; $v = ewr_AdjustSql(@$post["q" . $j]); $sql = str_replace("{query_value_" . $j . "}", $v, $sql); } $ds = @$post["ds"]; // Date search type $df = @$post["df"]; // Date format $this->GetLookupValues($sql, $ds, $df, $dlm); }
function setQueryStringValue($v) { $this->QueryStringValue = ewr_StripSlashes($v); $this->CurrentValue = $this->QueryStringValue; }