function show_page() { $query = 'SELECT * FROM users WHERE id="' . $_SESSION['user_id'] . '" LIMIT 1'; $result = DB::queryRaw($query); $row = mysqli_fetch_assoc($result); $cell = format_phone_number($row['cell']); if ($cell == '') { $cell = 'None'; } page_title('Approve'); ?> <h1>Account Approval</h1> Your account has been verified, but it must be approved by a captain. Please print this page and bring it to practice.<br /> <br /> <div class="scrhide"> <span class="b">ID: </span><?php echo $row['id']; ?> <br /> <span class="b">Name: </span><?php echo $row['name']; ?> <br /> <span class="b">Cell: </span><?php echo $cell; ?> <br /> <span class="b">Email: </span><?php echo $row['email']; ?> <br /> <span class="b">YOG: </span><?php echo $row['yog']; ?> <br /> <span class="b">Account Type: </span><?php echo $row['permissions']; ?> </div> <?php }
function show_page_for_members() { // Make certain links open in a new tab/window global $use_rel_external_script, $CAPTAIN_EMAIL, $WEBMASTER_EMAIL; $use_rel_external_script = true; page_header('Contact'); echo <<<HEREDOC <h1>Contact</h1> <ul> <li> <span class="b">All Captains</span><br /> <a href="mailto:{$CAPTAIN_EMAIL}" rel="external">{$CAPTAIN_EMAIL}</a><br /> <br /> \t\t <br /> </li> HEREDOC; // Fetch Data $query = 'SELECT name, email, cell FROM users WHERE permissions="C"'; $result = DB::queryRaw($query); $row = mysqli_fetch_assoc($result); while ($row) { echo " <li>\n" . " <span class=\"b\">{$row['name']}</span><br />\n" . " <a href=\"mailto:{$row['email']}\" rel=\"external\">{$row['email']}</a><br />\n"; $cell = format_phone_number($row['cell']); if ($cell != 'None') { echo " {$cell}<br />\n"; } echo " </li>\n"; $row = mysqli_fetch_assoc($result); } echo <<<HEREDOC <br><li> If you experience difficulty using this site, please <a href="mailto:{$WEBMASTER_EMAIL}" rel="external"> email the Webmaster</a> </li> </ul> <br /> HEREDOC; }
/** * Get the formatted value of a field * * This is used for HTML and non-HTML output so HTML should not be added * - see printFieldValue below for that. */ public function getFormattedValue($name, $value = null) { if (!isset($this->fields[$name])) { trigger_error('Cannot get value for field ' . ents($name) . ' - field does not exist', E_USER_WARNING); return NULL; } if (is_null($value)) { $value = array_get($this->values, $name, NULL); } $field = $this->fields[$name]; if (!empty($field['references'])) { $obj =& $GLOBALS['system']->getDBObject($field['references'], $value); if (!is_null($obj)) { if (!array_get($field, 'show_id', true)) { return $obj->toString(); } else { return $obj->toString() . ' (#' . $value . ')'; } } else { if ($value != 0) { return $value; } } return ''; } switch ($field['type']) { case 'select': return array_get($field['options'], $value, '(Invalid Value)'); break; case 'datetime': if (empty($value) && array_get($field, 'allow_empty')) { return ''; } return format_datetime($value); break; case 'date': if (empty($value) && array_get($field, 'allow_empty')) { return ''; } return format_date($value); break; case 'bibleref': require_once 'bible_ref.class.php'; $br = new bible_ref($value); return $br->toShortString(); break; case 'phone': return format_phone_number($value, $field['formats']); break; default: if (is_array($value)) { return '<pre>' . print_r($value, 1) . '</pre>'; } else { return $value; } } }
function format_value($value, $params) { if (!empty($params['references'])) { $obj =& $GLOBALS['system']->getDBObject($params['references'], $value); if (!is_null($obj)) { if (!array_get($params, 'show_id', true)) { return $obj->toString(); } else { return $obj->toString() . ' (#' . $value . ')'; } } else { if ($value != 0) { return $value; } } return ''; } switch ($params['type']) { case 'select': return array_get($params['options'], $value, '(Invalid Value)'); break; case 'datetime': if (empty($value) && array_get($params, 'allow_empty')) { return ''; } return format_datetime($value); break; case 'date': if (empty($value) && array_get($params, 'allow_empty')) { return ''; } return format_date($value); break; case 'bibleref': require_once 'bible_ref.class.php'; $br = new bible_ref($value); return $br->toShortString(); break; case 'phone': return format_phone_number($value, $params['formats']); break; default: if (is_array($value)) { return '<pre>' . print_r($value, 1) . '</pre>'; } else { return $value; } } }
$result = $db->Execute('SELECT * FROM ' . DB::$calls . ' ORDER BY ' . DB::$calls_start_time . ' DESC'); $total_call_duration = 0; $total_call_count = $result->RecordCount(); // This data is used by the JS charting library to display a dot chart // showing the calls received each hour. Each slot in the array // corresponds to an hour in the day. $call_volume_chart_data = array(0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0); while ($row = $result->FetchRow()) { $from = $row[DB::$calls_from]; $location = $row[DB::$calls_location]; $start_time = new DateTime($row[DB::$calls_start_time], $server_timezone); $duration = ceil($row[DB::$calls_duration] / 60); $total_call_duration += $duration; $call_volume_chart_data[$start_time->format('G')] += 1; $start_time->setTimezone($local_timezone); $call['from'] = format_phone_number($from); $call['location'] = $location; $call['start_time'] = $start_time->format('F j, Y \\a\\t g:i A'); $call['duration'] = $duration; $calls[] = $call; } } catch (ADODB_Exception $e) { $error = 'An error occurred while connecting to the database. Please try again later.'; } $data->assign('total_call_count', $total_call_count); $data->assign('total_call_duration', $total_call_duration); $data->assign('total_spent', money_format('%i', $total_call_duration * CALL_COST)); $data->assign('call_volume_chart_data', implode(', ', $call_volume_chart_data)); $data->assign('calls', $calls); $data->assign('error', $error); $dwoo->output($tpl, $data);
function show_page() { // Get data about user $query = 'SELECT *, DATE_FORMAT(creation_date, "%M %e, %Y") AS formatted_creation FROM users WHERE id="' . mysqli_real_escape_string(DB::get(), $_GET['ID']) . '" LIMIT 1'; $result = DB::queryRaw($query); // have MySQL format the date for us if (mysqli_num_rows($result) != 1) { trigger_error('User not found', E_USER_ERROR); } // ** User Found, info valid at this point ** $row = mysqli_fetch_assoc($result); // Page header global $use_rel_external_script; // direct page_header to include some javascript that will make links $use_rel_external_script = true; // marked as rel="external" open in a new tab while remaining XHTML-valid page_header($row['name']); // the title of the page is the user's name; helpful if you open multiple users in different tabs echo <<<HEREDOC <h1>View User</h1> HEREDOC; // Format Data $email_verified = 'No'; if ($row['email_verification'] == '1') { $email_verified = 'Yes'; } $cell = format_phone_number($row['cell']); $permissions = $row['permissions']; $account_type = 'Regular'; if ($permissions == 'C') { $account_type = 'Captain'; } else { if ($permissions == 'A') { $account_type = 'Non-Captain Admin'; } else { if ($permissions == 'L') { $account_type = 'Alumnus'; } else { if ($permissions == 'T') { $account_type = 'Temporary'; } } } } // mailing list status $mailings = 'No'; if ($row['mailings'] == '1') { $mailings = 'Yes'; } // Format Approval Status line // // depending on whether the user is approved, banned, or in limbo, the link next to that // information needs to un-approve, un-ban, or approve/ban the user // eg. "Approval Status: Approved (to un-approve, click here)" if ($row['approved'] == '-1') { $approval_status = 'Banned'; $approval_line = " <span class=\"small\">(<a href=\"Edit_User?Approve&ID={$row['id']}&xsrf_token={$_SESSION['xsrf_token']}&Return=View\">approve</a> | <a href=\"Edit_User?Unapprove&ID={$row['id']}&xsrf_token={$_SESSION['xsrf_token']}&Return=View\">make pending</a>)</span>"; } else { if ($row['approved'] == '0') { $approval_status = 'Pending'; $approval_line = " <span class=\"small\">(<a href=\"Edit_User?Approve&ID={$row['id']}&xsrf_token={$_SESSION['xsrf_token']}&Return=View\">approve</a> | <a href=\"Edit_User?Ban&ID={$row['id']}&xsrf_token={$_SESSION['xsrf_token']}&Return=View\">ban</a>)</span>"; } else { if ($row['approved'] == '1') { $approval_status = 'Approved'; $approval_line = " <span class=\"small\">(<a href=\"Edit_User?Ban&ID={$row['id']}&xsrf_token={$_SESSION['xsrf_token']}&Return=View\">ban</a>)</span>"; } } } echo <<<HEREDOC <table class="spacious"> <tr> <td>Name:</td> <td> <span class="b">{$row['name']}</span> <span class="small">(<a href="Edit_User?Change_Name&ID={$row['id']}&Return=View">change</a>)</span> </td> </tr><tr> <td>Email Address:</td> <td class="b"><a href="mailto:{$row['email']}" rel="external">{$row['email']}</a></td> </tr><tr> <td>Cell Phone Number: </td> <td class="b">{$cell}</td> </tr><tr> <td>Year of Graduation:</td> <td> <span class="b">{$row['yog']}</span> <span class="small">(<a href="Edit_User?Change_YOG&ID={$row['id']}&Return=View">change</a>)</span> <br /><br /> </td> </tr><tr> <td>ID:</td> <td><span class="b">{$row['id']}</span></td> </tr><tr> <td>Account Type:</td> <td> <span class="b">{$account_type}</span> <span class="small">(<a href="Edit_User?Change_Permissions&ID={$row['id']}&Return=View">change</a>)</span> </td> </tr><tr> <td>Mailing List:</td> <td><span class="b">{$mailings}</span></td> </tr><tr> <td>Approval Status:</td> <td> <span class="b">{$approval_status}</span> {$approval_line} </td> </tr><tr> <td>Email Verified:</td> <td class="b">{$email_verified}</td> </tr><tr> <td>Creation Date:</td> <td><span class="b">{$row['formatted_creation']}</span></td> </tr><tr> <td>Registered From:</td> <td class="b">{$row['registration_ip']}</td> </tr> </table> <br /> <span class="small i">Only users are able to edit their email address and cell phone number.</span> HEREDOC; // Show test scores $query = 'SELECT test_scores.score AS score, tests.name AS name, tests.total_points AS total, DATE_FORMAT(tests.date, "%M %e, %Y") AS formatted_date, test_scores.score_id AS score_id' . ' FROM test_scores' . ' INNER JOIN tests ON tests.test_id=test_scores.test_id' . ' WHERE test_scores.user_id="' . mysqli_real_escape_string(DB::get(), $_GET['ID']) . '" AND archived="0"' . ' ORDER BY tests.date DESC'; $result = DB::queryRaw($query); if (mysqli_num_rows($result) > 0) { echo <<<HEREDOC <br /><br /><br /><br /><br /> <h4>Recent Test Scores</h4> <table class="contrasting"> <tr> <th>Test</th> <th>Score</th> <th>Maximum</th> <th>Date</th> <th></th> </tr> HEREDOC; $row = mysqli_fetch_assoc($result); while ($row) { echo <<<HEREDOC <tr> <td>{$row['name']}</td> <td class="text-centered">{$row['score']}</td> <td class="text-centered">{$row['total']}</td> <td>{$row['formatted_date']}</td> <td><a href="Delete_Score?ID={$row['score_id']}&xsrf_token={$_SESSION['xsrf_token']}">Delete</a></td> </tr> HEREDOC; $row = mysqli_fetch_assoc($result); } echo <<<HEREDOC </table> HEREDOC; } $query = 'SELECT test_scores.score AS score, tests.name AS name, tests.total_points AS total, DATE_FORMAT(tests.date, "%M %e, %Y") AS formatted_date, test_scores.score_id AS score_id' . ' FROM test_scores' . ' INNER JOIN tests ON tests.test_id=test_scores.test_id' . ' WHERE test_scores.user_id="' . mysqli_real_escape_string(DB::get(), $_GET['ID']) . '" AND archived="1"' . ' ORDER BY tests.date DESC'; $result = DB::queryRaw($query); if (mysqli_num_rows($result) > 0) { echo <<<HEREDOC <br /><br /> <h4>Old Test Scores</h4> <table class="contrasting"> <tr> <th>Test</th> <th>Score</th> <th>Maximum</th> <th>Date</th> <th></th> </tr> HEREDOC; $row = mysqli_fetch_assoc($result); while ($row) { echo <<<HEREDOC <tr> <td>{$row['name']}</td> <td class="text-centered">{$row['score']}</td> <td class="text-centered">{$row['total']}</td> <td>{$row['formatted_date']}</td> <td><a href="Delete_Score?ID={$row['score_id']}&xsrf_token={$_SESSION['xsrf_token']}">Delete</a></td> </tr> HEREDOC; $row = mysqli_fetch_assoc($result); } echo <<<HEREDOC </table> HEREDOC; } }
$excel .= '<table border="1" cellspacing="0" width="100%" style="font-family:arial; font-size:14px;" cellpadding="5"> <tr> <th>First Name</th> <th>Last Name</th> <th>Phone</th> <th>Email</th> <th>Source</th> <th>Date</th> </tr> '; foreach ($result as $rows) { $date = new DateTime($rows->date); $excel .= '<tr> <td>' . $rows->first_name . '</td> <td>' . $rows->last_name . '</td> <td>' . format_phone_number($rows->phone) . '</td> <td>' . $rows->email . '</td> <td>' . $rows->source . '</td> <td>' . $date->format('m/d/Y') . '</td> </tr>'; } $excel .= '</table>'; $filename1 = 'patients_' . date('Y-m-d') . '.doc'; $filename2 = 'patients_' . date('Y-m-d') . '.xls'; $pdf_output = 'patients_' . date('Y-m-d') . '.pdf'; if ($etype == 'word') { header("Content-type: application/msword"); header("Content-Disposition: attachment; filename={$filename1}"); header("Pragma: no-cache"); header("Expires: 0"); print $excel;
function print_widget($name, $params, $value) { $classes = array_get($params, 'class', ''); if (!array_get($params, 'allow_empty', 1)) { $classes .= ' compulsory'; } $attrs = array(); foreach (array_get($params, 'attrs', array()) as $attr => $val) { $attrs[] = $attr . '="' . ents($val) . '"'; } $attrs = implode(' ', $attrs); switch ($params['type']) { case 'phone': $lengths = get_valid_phone_number_lengths($params['formats']); $width = max(get_phone_format_lengths($params['formats'])); ?> <input name="<?php echo $name; ?> " type="tel" size="<?php echo $width; ?> " value="<?php echo format_phone_number($value, $params['formats']); ?> " class="phone-number" validlengths="<?php echo implode(',', $lengths); ?> " <?php echo $attrs; ?> /> <?php break; case 'bibleref': require_once 'bible_ref.class.php'; $br = new bible_ref($value); $value = $br->toShortString(); $params['class'] = 'bible-ref'; // fall through // fall through case 'text': case 'email': $maxlength_exp = empty($params['maxlength']) ? '' : 'maxlength="' . $params['maxlength'] . '"'; if (array_get($params, 'height', 1) > 1) { $cols_exp = empty($params['width']) ? '' : 'cols="' . $params['width'] . '"'; ?> <textarea name="<?php echo $name; ?> " rows="<?php echo $params['height']; ?> " <?php echo $cols_exp; ?> class="<?php echo trim($classes); ?> " <?php echo $maxlength_exp; ?> ><?php echo ents($value); ?> </textarea> <?php } else { $width_exp = empty($params['width']) ? '' : 'size="' . $params['width'] . '"'; $regex_exp = empty($params['regex']) ? '' : 'regex="' . trim($params['regex'], '/ ') . '"'; $autocomplete_exp = isset($params['autocomplete']) ? 'autocomplete=' . ($params['autocomplete'] ? 'on' : 'off') . '"' : ''; ?> <input type="<?php echo $params['type']; ?> " name="<?php echo $name; ?> " value="<?php echo ents($value); ?> " class="<?php echo trim($classes); ?> " <?php echo implode(' ', array($maxlength_exp, $width_exp, $regex_exp, $autocomplete_exp)); ?> <?php echo $attrs; ?> /> <?php } break; case 'html': static $includedCK = false; if (!$includedCK) { ?> <script src="<?php echo BASE_URL . 'resources/ckeditor/ckeditor.js'; ?> "></script> <?php } ?> <textarea class="ckeditor" name="<?php echo $name; ?> " <?php echo $attrs; ?> ><?php echo $value; ?> </textarea> <?php break; case 'int': $classes .= ' int-box'; $width_exp = ''; if (!empty($params['width'])) { $width_exp = 'size="' . $params['width'] . '" '; } else { $width_exp = 'size="3" '; } ?> <input type="text" name="<?php echo $name; ?> " value="<?php echo $value; ?> " class="<?php echo trim($classes); ?> " <?php echo $width_exp; ?> <?php echo $attrs; ?> /> <?php break; case 'select': $our_val = is_array($value) ? $value : ($value === '' ? array() : array("{$value}")); foreach ($our_val as $k => $v) { $our_val[$k] = "{$v}"; } if (array_get($params, 'style', 'dropbox') == 'colour-buttons') { ?> <div class="radio-button-group <?php echo array_get($params, 'class', ''); ?> " <?php if (!SizeDetector::isNarrow()) { echo ' tabindex="1"'; } ?> > <input type="hidden" name="<?php echo $name; ?> " value="<?php echo reset($our_val); ?> " /> <?php foreach ($params['options'] as $k => $v) { $classes = 'btn value-' . $k; if (in_array("{$k}", $our_val, true)) { $classes .= ' active'; } ?> <div class="<?php echo $classes; ?> " title="<?php echo $v; ?> " data-val="<?php echo $k; ?> " > <?php echo strtoupper($v[0]); ?> </div> <?php } ?> </div> <?php } else { if (array_get($params, 'allow_multiple')) { $height = array_get($params, 'height', min(count($params['options']), 4)); if (substr($name, -2) != '[]') { $name .= '[]'; } $style = 'height: ' . $height * 1.8 . 'em'; $classes .= ' multi-select'; // the empty onclick below is to make labels work on iOS // see http://stackoverflow.com/questions/5421659/html-label-command-doesnt-work-in-iphone-browser ?> <div class="<?php echo $classes; ?> " style="<?php echo $style; ?> " tabindex="0" onclick="" <?php echo $attrs; ?> > <?php foreach ($params['options'] as $k => $v) { $checked_exp = in_array("{$k}", $our_val, true) ? ' checked="checked"' : ''; $disabled_exp = !empty($params['disabled_prefix']) && strpos($k, $params['disabled_prefix']) === 0 ? ' disabled="disabled" ' : ''; ?> <label class="checkbox" title="<?php echo ents($v); ?> "> <input type="checkbox" name="<?php echo $name; ?> " value="<?php echo $k; ?> " <?php echo $checked_exp . $disabled_exp; ?> > <?php echo ents($v); ?> </label> <?php } ?> </div> <?php } else { ?> <select name="<?php echo $name; ?> " class="<?php echo $classes; ?> " <?php echo $attrs; ?> > <?php if (array_get($params, 'allow_empty') && !array_get($params, 'allow_multiple')) { ?> <option value=""><?php echo array_get($params, 'empty_text', '(None)'); ?> </option> <?php } foreach (array_get($params, 'options', array()) as $k => $v) { $selected_exp = in_array("{$k}", $our_val, true) ? ' selected="selected"' : ''; $disabled_exp = !empty($params['disabled_prefix']) && strpos($k, $params['disabled_prefix']) === 0 ? ' disabled="disabled" ' : ''; ?> <option value="<?php echo $k; ?> "<?php echo $selected_exp . $disabled_exp; ?> ><?php echo ents($v); ?> </option> <?php } ?> </select> <?php } } break; case 'date': $day_year_classes = trim($classes . ' int-box'); if (FALSE === strpos($name, '[')) { $name_template = $name . '%s'; } else { $name_template = substr($name, 0, strpos($name, '[')) . '%s' . substr($name, strpos($name, '[')); } $months = array(); if (array_get($params, 'allow_empty', false)) { $months[''] = '(Month)'; } for ($i = 1; $i < 13; $i++) { $months[$i] = date(array_get($params, 'month_format', 'F'), strtotime("2007-{$i}-01")); } if (empty($value)) { $value = date('Y-m-d'); } // blank dates not allowed list($year_val, $month_val, $day_val) = explode('-', substr($value, 0, 10)); ?> <span class="nowrap" <?php echo $attrs; ?> > <input type="text" name="<?php printf($name_template, '_d'); ?> " class="day-box <?php echo $day_year_classes; ?> " size="2" maxlength="2" value="<?php echo $day_val; ?> " placeholder="DD" /><select name="<?php printf($name_template, '_m'); ?> " class="month-box <?php echo $classes; ?> "> <?php foreach ($months as $i => $month_name) { $selected = $i == $month_val ? ' selected="selected"' : ''; ?> <option value="<?php echo $i; ?> "<?php echo $selected; ?> ><?php echo $month_name; ?> </option> <?php } ?> </select><input type="text" name="<?php printf($name_template, '_y'); ?> " class="year-box <?php echo $day_year_classes; ?> " size="4" maxlength="4" value="<?php echo $year_val; ?> " placeholder="YYYY"/> </span> <?php break; case 'reference': if (!empty($params['references'])) { $where = array(); if (!empty($params['filter']) && is_array($params['filter'])) { $where = $params['filter']; } $where_logic = array_get($params, 'filter_logic', 'AND'); $options = $GLOBALS['system']->getDBObjectData($params['references'], $where, $where_logic, array_get($params, 'order_by')); $dummy = new $params['references'](); $our_val = is_array($value) ? $value : (empty($value) ? array() : array($value)); if (!empty($params['filter']) && is_callable($params['filter'])) { foreach ($options as $i => $o) { $dummy->populate($i, $o); if (!in_array($i, $our_val) && !$params['filter']($dummy)) { unset($options[$i]); } } } $params['options'] = array(); foreach ($options as $k => $details) { $dummy->populate($k, $details); $params['options'][$k] = $dummy->toString(); } $params['type'] = 'select'; print_widget($name, $params, $value); } break; case 'bitmask': $value = (int) $value; ?> <div class="bitmask-boxes"> <?php $percol = false; $cols = 3; require_once 'include/size_detector.class.php'; if (SizeDetector::getWidth()) { if (SizeDetector::isNarrow()) { $cols = 1; } else { if (SizeDetector::isMedium()) { $cols = 2; } } } if ($cols > 1) { $percol = ceil(count($params['options']) / $cols); ?> <div class="bitmask-column" <?php echo $attrs; ?> > <?php } $i = 0; foreach ($params['options'] as $k => $v) { $checked_exp = ($value & (int) $k) == $k ? 'checked="checked"' : ''; // the empty onclick below is to make labels work on iOS // see http://stackoverflow.com/questions/5421659/html-label-command-doesnt-work-in-iphone-browser ?> <label class="checkbox" onclick=""> <input type="checkbox" name="<?php echo ents($name); ?> []" value="<?php echo ents($k); ?> " <?php echo $checked_exp; ?> > <?php echo nbsp(ents($v)); ?> </label> <?php if ($percol && ++$i % $percol == 0) { ?> </div> <div> <?php } } if ($percol) { ?> </div> <?php } ?> </div> <?php break; } }
function show_change_cell_page($err, $selected_field) { // Put cursor in first field global $body_onload; $body_onload = 'document.forms[\'changeCell\'].' . $selected_field . '.focus()'; page_header('Change Cell'); // Get data $query = 'SELECT cell FROM users WHERE id="' . $_SESSION['user_id'] . '" LIMIT 1'; $result = DB::queryRaw($query); $row = mysqli_fetch_assoc($result); $old_cell = format_phone_number($row['cell']); // If an error message is given, put it inside this div and echo, later if ($err != '') { $err = "\n <div class=\"error\">{$err}</div><br />\n"; } // If there was an error, put the last thing the user typed back in the box global $cell; // Assemble body of page echo <<<HEREDOC <h1>Change Cell Phone Number</h1> <span class="i">Optional. You may leave your cell phone number blank.</span><br /> <br /> <br />{$err} <form id="changeCell" method="post" action="{$_SERVER['REQUEST_URI']}"> <table class="spacious"> <tr> <td>Current Cell Phone Number: </td> <td><span class="b">{$old_cell}</span></td> </tr><tr> <td>New Cell Phone Number:</td> <td><input type="text" name="cell" size="25" value="{$cell}"/></td> </tr><tr> <td>Current Password:</td> <td><input type="password" name="pass" size="25"/></td> </tr><tr> <td></td> <td> <input type="hidden" name="xsrf_token" value="{$_SESSION['xsrf_token']}"/> <input type="submit" name="do_change_cell" value="Change Cell Phone Number"/> <a href="My_Profile">Cancel</a> </td> </tr> </table> </form> HEREDOC; }
<table border="1" style="header"> <tr font weight="bold"> <TD colspan="2">Name</TD> <TD colspan="4">Address</TD> <TD>Type</TD> <TD>Last Recall</TD> <TD>Last Exam</TD> <TD colspan="3">Phone Numbers</TD> <TD>Email</TD> </TR> <?php foreach($query as $row):?> <tr> <td><?=$row->FirstName?></TD> <td><?=$row->LastName?></TD> <td><?=$row->Address?></TD> <td><?=$row->Address2?></TD> <td><?=$row->City?>, <?=$row->State?> <?=$row->Zip?></TD> <td><?=$row->Email?></TD> <td><?=$row->Type?></TD> <td><?=$row->LastRecall?></TD> <td><?=$row->LastExam?></TD> <td><? echo format_phone_number($row->Phone);?></TD> <td><?=$row->Phone2?></TD> <td><?=$row->Phone3?></TD> <td><?=$row->Email?></TD> </TR> <?php endforeach;?> </table>
<td><?php echo form_input('state', $caller->state); ?> </td> </tr> <tr> <th>Zip:</th> <td><?php echo form_input('zip', $caller->zip); ?> </td> </tr> <tr> <th>Phone #:</th> <td><?php echo form_input('phone', format_phone_number($caller->phone)); ?> </td> </tr> <tr> <th>E-Mail Address:</th> <td><?php echo form_input('email', $caller->email); ?> </td> </tr> <tr> <th>Gender:</th> <td><?php echo form_dropdown('gender', $gender, $caller->gender); ?>
?> <div class="thin_90perc_box"> <table class="sample2" width="100%"> <?php echo '<tr>'; echo '<th>Contact Date/Time</th>'; echo '<th>Phone Number</th>'; echo '<th>Username</th>'; echo '<th>Customer Name</th>'; echo '</tr>'; $number = 0; while ($row = mysqli_fetch_assoc($result)) { if ($row['cleaned_number'] != $number) { $number = $row['cleaned_number']; echo '<tr>'; echo '<td>' . $row['question_datetime'] . '</td>'; echo '<td><a href="script_results.php?show_lead=1&job=' . $_POST['job'] . '&search=1&from_date=' . $_POST['from_date'] . '&to_date=' . $_POST['to_date'] . '&customer_id=' . $row['customer_id'] . '&' . $disps . '"><img src="images/magnifier.png"> ' . format_phone_number($row['cleaned_number']) . '</a></td>'; echo '<td>' . $row['username'] . '</td>'; echo '<td>' . $row['first_name'] . " " . $row['last_name'] . '</td>'; echo '</tr>'; } } echo '</table></div>'; } } } } ?> <?php require "footer.php";
/** * @param $value * @return string */ protected function formatPhoneAttribute($value) { return format_phone_number($value); }
if (!XDB::execute($request, $row['pid'], $row['entrid'], 2, 'fax', $fmt_fax, $disp_fax, $row['tel_pub'])) { echo 'WARNING: insert of professional fax number failed for profile ' . $row['pid'] . ' and entreprise ' . $row['entrid'] . ".\n"; $warnings++; } } } //import from tels echo "\nImporting personnal phone numbers from tels...\n"; $phones = XDB::iterator('SELECT ap.pid, t.adrid, t.telid, t.tel_type, t.tel_pub, t.tel FROM #x4dat#.tels AS t INNER JOIN account_profiles AS ap ON (t.uid = ap.uid AND FIND_IN_SET(\'owner\', ap.perms))'); $conversions = array(); $other_count = 0; while ($row = $phones->next()) { $row['tel_pub'] = $row['tel_pub'] == '' ? 'private' : $row['tel_pub']; $fmt_phone = format_phone_number($row['tel']); if ($fmt_phone != '') { $display = format_display_number($fmt_phone, $error); $guess_type = guess_phone_type($row['tel_type'], $fmt_phone); switch ($guess_type) { case 'fixed': case 'fax': case 'mobile': if (!XDB::execute('INSERT INTO profile_phones (pid, link_type, link_id, tel_id, tel_type, search_tel, display_tel, pub) VALUES ({?}, \'address\', {?}, {?}, {?}, {?}, {?}, {?})', $row['pid'], $row['adrid'], $row['telid'], $guess_type, $fmt_phone, $display, $row['tel_pub'])) { echo 'WARNING: insert of address phone number failed for profile ' . $row['pid'] . ', address ' . $row['adrid'] . ' and telephone id ' . $row['telid'] . ".\n"; ++$warnings; } else { if ($row['tel_type'] == 'Autre') { ++$other_count; } else {
function view_scl($id) { $scl = select_dbSCL($id); $shift = select_dbShifts($id); if (!$scl instanceof SCL) { return null; } $persons = $scl->get_persons(); $status = $scl->get_status(); $venue = substr($id, 9); // $venue = substr($venue,strlen($venue)-3); if (array_key_exists('_shiftid', $_POST)) { show_back_navigation($_POST['_shiftid'], 692, $venue); } // show_back_navigation($id,692); echo "<table width=\"700\" align=\"center\" border=\"1px\">\n\t\t\t\t<tr><td colspan=\"5\" align=\"center\"><b>Sub Call List for " . get_shift_name_from_id($id) . "</b></td></tr>"; echo "<tr><td colspan=\"5\"><br>"; $v = $shift->num_vacancies(); if ($v == 1) { echo " 1 sub"; } else { echo " " . $v . " subs"; } echo " needed for this shift.<br><br></td></tr>\n\t\t\t\t<br><br><tr><td> Name</td><td>Phone</td><td>Date Called</td><td>Notes</td><td>Accepted</td></tr>"; /* if($status=="closed") { for($i=0;$i<count($persons);++$i) { echo "<tr><td> <a href=\"personEdit.php?id=".$persons[$i][0]."\">".$persons[$i][1]." ".$persons[$i][2]."</a></td> <td>".format_phone_number($persons[$i][3])."<br>".format_phone_number($persons[$i][4])."</td> <td>".$persons[$i][5]."</td> <td>".$persons[$i][6]."</td> <td>".$persons[$i][7]."</td></tr>"; } } else { */ echo "<form method=\"POST\" style=\"margin-bottom:0;\">"; for ($i = 0; $i < count($persons); ++$i) { if ($_SESSION['access_level'] >= 2) { echo "<tr><td> <a href=\"personEdit.php?id=" . $persons[$i][0] . "\">" . $persons[$i][1] . " " . $persons[$i][2] . "</a></td><td>"; } else { echo "<tr><td> " . $persons[$i][1] . " " . $persons[$i][2] . "</td><td>"; } echo format_phone_number($persons[$i][3]) . "<br>" . format_phone_number($persons[$i][4]) . "</td>\n\t\t\t\t\t\t\t<td><textarea rows=\"2\" cols=\"20\" name=\"datecalled_" . $i . "\">" . $persons[$i][5] . "</textarea></td>\n\t\t\t\t\t\t\t<td><textarea rows=\"2\" cols=\"20\" name=\"notes_" . $i . "\">" . $persons[$i][6] . "</textarea></td>\n\t\t\t\t\t\t\t<td valign=\"top\">"; if ($persons[$i][7] == "Yes") { echo "<br>Yes<input type=\"hidden\" name=\"accepted_" . $i . "\" value=\"Yes\">"; } else { if ($persons[$i][7] == "No") { echo "<br>No<input type=\"hidden\" name=\"accepted_" . $i . "\" value=\"No\">"; } else { echo "<select name=\"accepted_" . $i . "\">\n\t\t\t\t\t\t\t\t\t\t<option value=\"-\" selected=\"selected\">-</option>\n\t\t\t\t\t\t\t\t\t\t<option value=\"Yes\">Yes</option>\n\t\t\t\t\t\t\t\t\t\t<option value=\"No\">No</option></select>"; } } echo "</td></tr>"; } echo "<tr><td align=\"right\" colspan=\"5\"><br>\n\t\t\t\t\t\t<input type=\"hidden\" name=\"_submit_save_scl_changes\" value=\"1\">\n\t\t\t\t\t\t<input type=\"hidden\" name=\"_shiftid\" value=\"" . $id . "\">\n\t\t\t\t\t\t<input type=\"submit\" value=\"Assign Subs / Save Changes\" name=\"submit\" style=\"width: 200px\"> \n\t\t\t\t\t\t</td></tr>"; // } echo "</table>"; return $id; }
<th>First Name</th><td><?php echo $rows->first_name; ?> </td> </tr> <tr> <th>Last Name</th><td><?php echo $rows->last_name; ?> </td> </tr> <tr> <th>Phone</th><td><?php echo format_phone_number($rows->phone); ?> </td> </tr> <tr> <th>Email</th><td><a href="mailto:<?php echo $rows->email; ?> "><?php echo $rows->email; ?> </a></td> </tr> <tr>
function process_form() { // INITIAL DATA FETCHING global $name, $email, $cell, $yog, $mailings; // so that the show_form function can use these values later $name = htmlentities(ucwords(trim(strtolower($_POST['name']), ' \\-\''))); foreach (array('-', '\'') as $delimiter) { if (strpos($name, $delimiter) !== false) { $name = implode($delimiter, array_map('ucfirst', explode($delimiter, $name))); } } // forces characters after spaces, hyphens and apostrophes to be capitalized $name = preg_replace('/[\\s\']*\\-+[\\s\']*/', '-', $name); // removes hyphens not between two characters $name = preg_replace('/[\\s\\-]*\'+[\\s\\-]*/', '\'', $name); // removes apostrophes not between two characters $name = preg_replace('/\\s+/', ' ', $name); // removes multiple consecutive spaces $name = preg_replace('/\\-+/', '-', $name); // removes multiple consecutive hyphens $name = preg_replace('/\'+/', '\'', $name); // removes multiple consecutive apostrophes $email = htmlentities(strtolower($_POST['email'])); $cell = htmlentities($_POST['cell']); $yog = $_POST['yog']; $pass = $_POST['pass1']; $mailings = '0'; if ($_POST['mailings'] == 'Yes') { $mailings = '1'; } // CHECK THAT THE NAME IS VALID if (($name = sanitize_username($name)) === false) { alert('Your name must have only letters, hyphens, apostrophes, and spaces, and be between 3 and 30 characters long', -1); show_form(); return; } if (strpos($name, ' ') == false) { alert('Please enter both your first <span class="i">and</span> last name', -1); show_form(); return; } // CHECK THAT THE EMAIL ADDRESS IS VALID if (!val('e', $email)) { alert('That\'s not a valid email address', -1); show_form(); return; } // CHECK AND FORMAT CELL PHONE NUMBER if ($cell != '' && ($cell = format_phone_number($cell)) === false) { //Validate the format of the cell phone number (if it's not left blank) alert('That\'s not a valid cell phone number', -1); show_form(); return; } // CHECK THAT THE YOG IS VALID $grade = intval(getGradeFromYOG($yog)); if ($grade < 9 || $grade > 12) { alert('That is not a valid YOG (' . $grade . 'you have to be in high school)', -1); show_form(); return; } // CHECK THAT THE PASSWORDS MATCH, MEET MINIMUM LENGTH if ($pass != $_POST['pass2']) { alert('The passwords that you entered do not match', -1); show_form(); return; } if (strlen($pass) < 6) { alert('Please choose a password that has at least 6 characters', -1); show_form(); return; } // CHECK THAT THEY ENTERED THE RECAPTCHA CORRECTLY // CURRENTLY BROKEN: NEED TO UPDATE RECAPTCHA /* $recaptcha_msg = validate_recaptcha(); if ($recaptcha_msg !== true) { alert($recaptcha_msg, -1); show_form(); return; } */ // CHECK THAT AN ACCOUNT WITH THAT EMAIL DOES NOT ALREADY EXIST // this is done *after* checking the reCaptcha to prevent bots from harvesting our email // addresses via a brute-force attack. if (DBExt::queryCount('users', 'LOWER(email)=LOWER(%s)', $email) != 0) { alert('An account with that email address already exists', -1); show_form(); return; } // CHECK THAT AN ACCOUNT WITH THE SAME NAME IN THE SAME GRADE DOES NOT EXIST // - with the exception that if it's permissions = 'E', they probably mistyped their email and are redoing it. if (DBExt::queryCount('users', 'LOWER(name)=%s AND yog=%i AND permissions!="E"', strtolower($name), $yog) != 0) { alert('An account in your grade with that name already exists', -1); show_form(); return; } // ** All information has been validated at this point ** $verification_code = generate_code(5); // for verifying ownership of the email address // Check if email address has been pre-approved if (isset($_SESSION['PREAPPROVED']) && $email === $_SESSION['PREAPPROVED']) { $approved = '1'; // skip Captain approval $verification_code = '1'; // skip email verification (already done) } else { $approved = '0'; } // Create database entry $passhash = hash_pass($email, $pass); if ($cell == '') { $cell = 'None'; } else { $cell = preg_replace('#[^\\d]#', '', $_POST['cell']); } // remove non-numbers from cell phone # again DB::insert('users', array('name' => $name, 'email' => $email, 'passhash' => $passhash, 'cell' => $cell, 'yog' => $yog, 'mailings' => $mailings, 'approved' => $approved, 'email_verification' => $verification_code, 'registration_ip' => htmlentities(strtolower($_SERVER['REMOTE_ADDR'])))); set_login_data(DB::insertId()); // LOG THEM IN // For pre-approved members: if ($approved == '1') { global $WEBMASTER_EMAIL; $to = array($email => $name); $subject = 'Account Created'; $body = <<<HEREDOC Welcome to the LHS Math Club website, {$name}! Your account has been created. If you have any questions about the site, please email the webmaster at {$WEBMASTER_EMAIL} HEREDOC; send_email($to, $subject, $body, $WEBMASTER_EMAIL); $_SESSION['HOME_welcome'] = 'Welcome to the LHS Math Club website, ' . $name . '!'; header('Location: Home'); } $_SESSION['ACCOUNT_do_send_verification_email'] = true; header('Location: Verify_Email'); }
<?php if ($phones) { foreach ($phones as $phone) { $phone_data = json_decode($phone->value); ?> <li class="item_data" id="item_data_<?php echo $phone->user_meta_id; ?> "> <span class="actions action_<?php echo $phone_data->phone_type; ?> "></span> <span class="item_data"> +1 <?php echo format_phone_number($phone_data->phone_number); ?> </span> <ul class="item_actions"> <li><a href="<?php echo base_url() . 'api/users/mobile_modify/id/' . $phone->user_meta_id; ?> " class="mobile_edit_data"><span class="actions action_edit"></span> Edit</a></li> <li><a href="<?php echo base_url() . 'api/users/mobile_destroy/id/' . $phone->user_meta_id; ?> " class="mobile_delete_data" rel="<?php echo $phone_data->phone_number; ?> "><span class="actions action_delete"></span> Delete</a></li> </ul>
<th>Reason For Call</th> <th>Ethnicity</th> </tr> </thead> <tbody> <?php if (isset($callers)) { foreach ($callers as $caller) { ?> <tr class="ui-helper-reset"> <td><?php echo anchor(site_url('helpline/profile/' . $caller->ID), $caller->first_name . ' ' . $caller->last_name); ?> </td> <td><?php echo format_phone_number($caller->phone); ?> </td> <td><?php echo $caller->reason; ?> </td> <td><?php echo $caller->ethnicity; ?> </td> </tr> <?php } } else { ?>
<?php if ($phones) { foreach ($phones as $phone) { $phone_data = json_decode($phone->value); ?> <li class="item_data" id="item_data_<?php echo $phone->user_meta_id; ?> "> <span class="actions action_<?php echo $phone_data->phone_type; ?> "></span> <span class="item_data"> +1 <?php echo format_phone_number($phone->meta); ?> </span> <ul class="item_actions"> <li><a href="<?php echo base_url() . 'api/users/mobile_modify/id/' . $phone->user_meta_id; ?> " class="mobile_edit_data"><span class="actions action_edit"></span> Edit</a></li> <li><a href="<?php echo base_url() . 'api/users/mobile_destroy/id/' . $phone->user_meta_id; ?> " class="mobile_delete_data" rel="<?php echo $phone->meta; ?> "><span class="actions action_delete"></span> Delete</a></li> </ul>