/**
* insert $campaigns orders data to database
* @param array $campaigns
* @param int $order_id
*/
function insert_campaign_data(&$campaigns, $order_id, $type)
{
foreach ($campaigns as $key => $campaign) {
$campaign_id = insert_to_db('campaign_orders', array('order_id' => $order_id, 'type' => $type));
$insert_data = array();
foreach ($campaign as $store_id => $data) {
$insert_data[] = array('parent_id' => $campaign_id, 'store_id' => abs((int) $store_id), 'type_1' => isset($data['0']) ? $data['0'] : 0, 'type_2' => isset($data['1']) ? $data['1'] : 0, 'type_3' => isset($data['2']) ? $data['2'] : 0, 'type_4' => isset($data['3']) ? $data['3'] : 0, 'material_id' => isset($data['4']) ? $data['4'] : 0, 'ophaeng_id' => isset($data['5']) ? $data['5'] : 0);
}
insert_multi_to_db('campaign_orders_items', $insert_data);
}
}
function createEvent($params)
{
$event_name = $params['eventName'];
$user_id = $_SESSION['user_id'];
$event_info = select_from_db(array('name'), array('events'), array("name='{$event_name}'"));
if (isset($event_info[0]['name'])) {
echo '{"added":"none"}';
} else {
$membershipRules = $params['membershipRules'];
// $groupId = isset($params['groupId'])?$params['groupId']:'0';
$event_id = insert_to_db(array('access' => $membershipRules, 'name' => $event_name), 'events');
insert_to_db(array('user_id' => $user_id, 'event_id' => $event_id), 'user__has__event');
echo '{"added":"event"}';
}
}
function process_file()
{
global $_POST;
global $global_error_message;
$result = 0;
printdebug("!!! START !!!");
$filename = $_FILES['uploadedfile']['name'];
$error_message = "";
printdebug("name: {$filename}");
printdebug("type: " . $_FILES['uploadedfile']['type']);
printdebug("size: " . $_FILES['uploadedfile']['size']);
printdebug("tmp: " . $_FILES['uploadedfile']['tmp_name']);
printdebug("error: " . $_FILES['uploadedfile']['error']);
$lat = $_POST['lat'];
$lon = $_POST['lon'];
$author = $_POST['author'];
if (isset($_POST['ref'])) {
$ref = $_POST['ref'];
} else {
$ref = "none";
}
$note = $_POST['note'];
printdebug("ref: " . $ref);
printdebug("note: " . $note);
printdebug("before lat:lon:author - {$lat}:{$lon}:{$author}");
$author = preg_replace('/[^-a-zA-Z0-9_ěščřžýáíéĚŠČŘŽÁÍÉúůÚľĽ .]/', '', $author);
$note = preg_replace('/[^-a-zA-Z0-9_ěščřžýáíéĚŠČŘŽÁÍÉúůÚľĽ .]/', '', $note);
$lat = preg_replace('/[^0-9.]/', '', $lat);
$lon = preg_replace('/[^0-9.]/', '', $lon);
$ref = preg_replace('/[^a-zA-Z0-9.]/', '', $ref);
printdebug("after lat:lon:author - {$lat}:{$lon}:{$author}");
$file = basename($filename);
$target_path = "uploads/" . $file;
$final_path = "img/guidepost/" . $file;
printdebug("target: {$target_path}");
$error_message = "OK";
if ($_FILES['uploadedfile']['error'] == "1") {
$error_message = "soubor je prilis velky";
$result = 0;
}
if (file_exists($_FILES['uploadedfile']['tmp_name'])) {
printdebug("soubor byl uspesne uploadnut do tmp\n");
$result = 1;
} else {
printdebug("cannot upload file\n");
$error_message = "nepodarilo se uploadnout soubor";
$result = 0;
}
if ($author == "") {
$error_message = "author nezadan";
$result = 0;
}
if ($author === "android" or $author === "autor") {
$error_message = "zmente vase jmeno";
$result = 0;
}
#sanitize filename
if (strpos($filename, ';') !== FALSE) {
$error_message = "spatny soubor strednik";
$result = 0;
}
if (strpos($filename, '&') !== FALSE) {
$error_message = "spatny soubor divnaosmicka";
$result = 0;
}
$file_parts = pathinfo($filename);
$ext = $file_parts['extension'];
if ($ext !== "jpg" && $ext !== "JPG") {
$error_message = "spatny soubor, pouzijte jpeg " . $file_parts['extension'];
$result = 0;
}
if (file_exists("img/guidepost/{$file}")) {
$error_message = "file already exists ({$file}), please rename your copy";
$result = 0;
}
if ($result) {
if (move_uploaded_file($_FILES['uploadedfile']['tmp_name'], $target_path)) {
printdebug("File '{$file}' has been moved from tmp to {$target_path}");
if (!$lat && !$lon) {
printdebug("soubor byl poslan se souradnicemi 0,0 -> exifme");
$command = "/var/www/mapy/exifme.pl '{$target_path}' '{$author}' img/guidepost/ '{$ref}' '{$note}'";
$out = system($command, $errlvl);
printdebug("command:output(exit code) - {$command}:{$out}({$errlvl})");
if (!$errlvl) {
$result = 1;
} else {
$result = 0;
$error_message = "poslano latlon 0,0 a nepodarilo se zjistit souradnice z exif" . $out;
printdebug("exifme error {$error_message}");
}
} else {
printdebug("soubor byl poslan se souradnicemi ve formulari");
if (!copy("uploads/{$file}", "img/guidepost/{$file}")) {
$error_message = "failed to copy {$file} to destination ... ";
$result = 0;
} else {
$ret_db = insert_to_db($lat, $lon, $final_path, $file, $author, $ref, $note);
if ($ret_db) {
if (!unlink("uploads/{$file}")) {
printdebug("{$file} cannot be deleted from upload, inserted successfuly");
}
} else {
$error_message = "failed to insert to db" . $global_error_message;
$result = 0;
}
}
}
printdebug("error message:" . $error_message);
} else {
$error_message = "Chyba pri otevirani souboru, mozna je prilis velky";
$result = 0;
}
} else {
printdebug("Upload refused: " . $error_message);
}
if ($result == 0 and $error_message == "") {
$error_message = "Divna chyba";
}
if (get_param("source") == "mobile") {
print "{$result}-{$error_message}";
} else {
print " </head>\n";
print " <body>\n";
print "\n <div id='x'></div>\n <script language='javascript' type='text/javascript'>\n \$('#x').text('*** OK ***');\n \$('#x').hide();\n \$('#x').show('highlight',{color: 'lightgreen'},'2000');\n\n parent.stop_upload(" . $result . ",'" . $error_message . "', '" . $filename . "');\n </script>\n";
}
printdebug("!!! END !!!");
return $result;
}
function register($values)
{
$first_name = $values['first_name']['value'];
$last_name = $values['last_name']['value'];
$email = $values['email']['value'];
$password = $values['password']['value'];
$alias = $values['alias']['value'];
$country = $values['country']['value'];
$city = $values['city']['value'];
$birthdate = $values['birthdate']['value'];
$userinfo = select_from_db(array('alias', 'email'), array('users'), array("alias='{$alias}'"));
if (isset($userinfo[0]['alias'])) {
header('Location: ../index.php?p=1');
//Användarnamnet upptaget.
} else {
$user_id = insert_to_db(array('first_name' => $first_name, 'last_name' => $last_name, 'email' => $email, 'password' => $password, 'alias' => $alias, 'birth_city' => $city, 'birth_country' => $country, 'birth_date' => $birthdate), 'users');
$_SESSION['user_id'] = $user_id;
//Sätter anändarid i en session
$_SESSION['user_name'] = $alias;
header('Location: ../index.php?p=startpage');
//Inloggad användare
}
}
echo $title . " processing " . $char . "(" . $count . "/94)(" . $count1 . "/94) Time: " . (time() - $startTime) / 60 . "mins \n";
$count1++;
$count2 = 0;
foreach ($list as $third) {
echo $title . " processing " . $char . "(" . $count . "/94)(" . $count1 . "/94)(" . $count2 . "/94) Time: " . (time() - $startTime) / 60 . "mins \n";
$count2++;
$count3 = 0;
foreach ($list as $forth) {
echo $title . " processing " . $char . "(" . $count . "/94)(" . $count1 . "/94)(" . $count2 . "/94)(" . $count3 . "/94) Time: " . (time() - $startTime) / 60 . "mins \n";
$count3++;
$count4 = 0;
foreach ($list as $fifth) {
echo $title . " processing " . $char . "(" . $count . "/94)(" . $count1 . "/94)(" . $count2 . "/94)(" . $count3 . "/94)(" . $count4 . "/94) Time: " . (time() - $startTime) / 60 . "mins \n";
$count4++;
foreach ($list as $sixth) {
insert_to_db(6, chr($first) . chr($second) . chr($third) . chr($forth) . chr($fifth) . chr($sixth), md5(chr($first) . chr($second) . chr($third) . chr($forth) . chr($fifth), chr($sixth)), $link);
}
}
}
}
}
}
$finishTime = time();
$timeUse = $finishTime - $overallStartTime;
echo "total time used: " . $timeUse . " sec";
function insert_to_db($digits, $word, $md5, $link)
{
$md5 = mysqli_real_escape_string($link, $md5);
$word = mysqli_real_escape_string($link, $word);
mysqli_query($link, "insert into md5 values ('{$digits}', '{$word}', '{$md5}')");
}
if ($var = abs((int) $_POST['material'][$i])) {
$insert['material_id'] = $var;
}
$valid_count = 7;
} else {
$valid_count = 6;
}
if (count($insert) == $valid_count) {
$insert_array[] = $insert;
}
}
//inserting order details to db
insert_multi_to_db('additional_orders_items', $insert_array);
$week_number = isset($_POST['week_number']) ? esc(htmlspecialchars(strip_tags(trim($_POST['week_number'])))) : 1;
if (empty($weeks)) {
insert_to_db('orders_weeks', array('order_id' => $order_id, 'week_number' => $week_number, 'type' => $type_key));
} else {
update_in_db('orders_weeks', array('week_number' => $week_number), 'id = ' . $weeks['id']);
}
$_SESSION['order_id'] = $order_id;
header('location: /test/checkout');
exit;
}
import('store');
import('checkout');
$template_name = 'additional_' . $type;
// if user clicked last button getting last order details and showing last order template
if ('last' == get_url_param(3)) {
$additional_orders = get_last_additional_banner_order($_SESSION['user']['id'], $type_key);
if ($additional_orders) {
$template_name .= '_last';
}
if (isset($_POST['rollups']) && is_array($_POST['rollups']) && !empty($_POST['rollups'])) {
$rollups =& $_POST['rollups'];
clear_campaign_data($rollups, 1);
if (!empty($rollups)) {
if (!isset($order_id)) {
$order_id = insert_to_db('orders', array('user_id' => $_SESSION['user']['id']));
}
insert_campaign_data($rollups, $order_id, 3);
$inserted = true;
}
}
if ($inserted) {
$week_number = isset($_POST['week_number']) ? esc(htmlspecialchars(strip_tags(trim($_POST['week_number'])))) : 1;
if (empty($weeks)) {
insert_to_db('orders_weeks', array('order_id' => $order_id, 'week_number' => $week_number));
} else {
update_in_db('orders_weeks', array('week_number' => $week_number), 'id = ' . $weeks['id']);
}
}
if (isset($order_id)) {
$_SESSION['order_id'] = $order_id;
header('location: /test/checkout');
exit;
}
}
$template_name = 'add';
$url = explode('/', $_GET['url']);
if (isset($url[2]) && $url[2] == 'last') {
$weeks = array();
$campaign_orders = get_campaign_last_order($_SESSION['user']['id']);
function exit_room($params)
{
$chat_room_id = $params['chat_room_id'];
$user_id = $_SESSION['user_id'];
insert_to_db(array('user_id' => $user_id, 'message' => "*** has left the chat ***", 'chat_room_id' => $chat_room_id), 'chat_messages');
$statement = "user_id = " . $user_id . " AND chat_room_id = " . $chat_room_id;
delete_from_db("chat_rooms__got__users", $statement);
}
<?php
import('store');
if (isset($_POST['shop_name'])) {
$insert = array();
if (!store_validate($insert)) {
$error_msg = 'All fields must be filled';
} else {
$hanging_methods = $insert['hanging_methods'];
unset($insert['hanging_methods']);
$id = insert_to_db('stores', $insert);
if ($id) {
$store_hanging_methods = array();
foreach ($hanging_methods as $value) {
$store_hanging_methods[] = array('store_id' => $id, 'hanging_method_id' => $value);
}
insert_multi_to_db('stores_hanging_methods', $store_hanging_methods);
$_SESSION['edit_store_msg'] = 'Store Successfully Created';
header('location: /store/edit/' . $id);
die;
}
}
}
$hanging_methods = get_hanging_methods();
$template = set_template('store', 'index');
$link = THEME . 'template2.php';
require_once $link;
function add_user($values)
{
$first_name = $values['first_name']['value'];
$last_name = $values['last_name']['value'];
$email = $values['email']['value'];
$password = $values['password']['value'];
//Validering escapa å kontrollera rättigheter här
insert_to_db(array('first_name' => $first_name, 'last_name' => $last_name, 'email' => $email, 'password' => $password), 'users');
header('Location: ../index.php');
}