コード例 #1
0
 function sanitizeParams(array $lobjParams)
 {
     $lobjFinalParams = array();
     foreach ($lobjParams as $lstrKey => $lstrValue) {
         switch (strtolower($lstrKey)) {
             case 'department':
                 $lobjSplit = explode(',', $lstrValue);
                 foreach ($lobjSplit as &$lstrUnScrubbed) {
                     $lstrUnScrubbed = scrubData($lstrUnScrubbed, 'integer');
                 }
                 $lobjFinalParams['department'] = $lobjSplit;
                 break;
             case 'email':
                 $lobjSplit = explode(',', $lstrValue);
                 foreach ($lobjSplit as &$lstrUnScrubbed) {
                     $lstrUnScrubbed = scrubData($lstrUnScrubbed);
                 }
                 $lobjFinalParams['email'] = $lobjSplit;
                 break;
             case 'max':
                 $lstrValue = scrubData($lstrValue, 'integer');
                 $lobjFinalParams['max'] = $lstrValue;
                 break;
         }
     }
     return $lobjFinalParams;
 }
コード例 #2
0
 /**
  * TalkbackWebService::sanitizeParams() - goes through passed array parameter
  * and sanitizes elements that are valid url parameters
  *
  * @param array $lobjParams
  * @return array
  */
 function sanitizeParams(array $lobjParams)
 {
     $lobjFinalParams = array();
     foreach ($lobjParams as $lstrKey => $lstrValue) {
         switch (strtolower($lstrKey)) {
             case 'tag':
                 $lobjSplit = explode(',', $lstrValue);
                 foreach ($lobjSplit as &$lstrUnScrubbed) {
                     $lstrUnScrubbed = scrubData($lstrUnScrubbed);
                 }
                 $lobjFinalParams['tag'] = $lobjSplit;
                 break;
             case 'startdate':
                 $lstrValue = $lstrValue . ' 00:00:00';
                 $lobjFinalParams['startdate'] = $lstrValue;
                 break;
             case 'enddate':
                 $lstrValue = $lstrValue . ' 23:59:59';
                 $lobjFinalParams['enddate'] = $lstrValue;
                 break;
             case 'max':
                 $lstrValue = scrubData($lstrValue, 'integer');
                 $lobjFinalParams['max'] = $lstrValue;
                 break;
         }
     }
     return $lobjFinalParams;
 }
コード例 #3
0
ファイル: TabData.php プロジェクト: johnwinsor/SubjectsPlus
 public function saveTabOrder($data)
 {
     if (isset($data)) {
         $db = $this->db;
         parse_str($data['data'], $str);
         $tabs = $str['item'];
         foreach ($tabs as $key => $value) {
             $q = "UPDATE tab SET tab_index =" . $db->quote(scrubData($key)) . " WHERE tab_id = " . $value;
             $db->exec($q);
         }
     }
 }
コード例 #4
0
ファイル: Installer.php プロジェクト: kenirwin/SubjectsPlus
 function __construct()
 {
     // Put in a filler email domain to be overwritten later after user provides one
     $lstrEmailDomain = '@sp.edu';
     //set random password and convert to md5 hash to store in database
     $this->setRandomPassword();
     $lstrHashPassword = md5(scrubData($this->lstrRandomPassword));
     //all the table creation queries
     $this->lobjCreateQueries = array("SET SQL_MODE=\"NO_AUTO_VALUE_ON_ZERO\"", "CREATE TABLE `user_type` (\n\t\t\t\t\t  `user_type_id` int(11) NOT NULL AUTO_INCREMENT,\n\t\t\t\t\t  `user_type` varchar(100) NOT NULL,\n\t\t\t\t\t  PRIMARY KEY (`user_type_id`)\n\t\t\t\t\t) ENGINE=InnoDB DEFAULT CHARSET=utf8", "CREATE TABLE `uml_refstats_location` (\n\t\t\t\t\t  `location_id` int(11) NOT NULL AUTO_INCREMENT,\n\t\t\t\t\t  `label` varchar(100) NOT NULL,\n\t\t\t\t\t  PRIMARY KEY (`location_id`)\n\t\t\t\t\t) ENGINE=InnoDB DEFAULT CHARSET=utf8", "CREATE TABLE `uml_refstats_type` (\n\t\t\t\t\t  `type_id` int(11) NOT NULL AUTO_INCREMENT,\n\t\t\t\t\t  `label` varchar(100) NOT NULL,\n\t\t\t\t\t  PRIMARY KEY (`type_id`)\n\t\t\t\t\t) ENGINE=InnoDB DEFAULT CHARSET=utf8", "CREATE TABLE `video` (\n\t\t\t\t\t  `video_id` int(11) NOT NULL AUTO_INCREMENT,\n\t\t\t\t\t  `title` varchar(255) NOT NULL,\n\t\t\t\t\t  `description` text,\n\t\t\t\t\t  `source` varchar(255) NOT NULL,\n\t\t\t\t\t  `foreign_id` varchar(255) NOT NULL,\n\t\t\t\t\t  `duration` varchar(50) DEFAULT NULL,\n\t\t\t\t\t  `date` date NOT NULL,\n\t\t\t\t\t  `display` int(1) NOT NULL DEFAULT '0',\n\t\t\t\t\t  `vtags` varchar(255) DEFAULT NULL,\n\t\t\t\t\t  PRIMARY KEY (`video_id`),\n\t\t\t\t\t  KEY `INDEXSEARCH` (`title`,`description`(200))\n\t\t\t\t\t) ENGINE=InnoDB DEFAULT CHARSET=utf8", "CREATE TABLE `chchchanges` (\n\t\t\t\t\t  `chchchanges_id` bigint(20) NOT NULL AUTO_INCREMENT,\n\t\t\t\t\t  `staff_id` int(11) NOT NULL,\n\t\t\t\t\t  `ourtable` varchar(50) CHARACTER SET latin1 NOT NULL,\n\t\t\t\t\t  `record_id` int(11) NOT NULL,\n\t\t\t\t\t  `record_title` varchar(255) CHARACTER SET latin1 DEFAULT NULL,\n\t\t\t\t\t  `message` varchar(255) CHARACTER SET latin1 DEFAULT NULL,\n\t\t\t\t\t  `date_added` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,\n\t\t\t\t\t  PRIMARY KEY (`chchchanges_id`)\n\t\t\t\t\t) ENGINE=InnoDB DEFAULT CHARSET=utf8", "CREATE TABLE `discipline` (\n\t\t\t\t\t  `discipline_id` int(11) NOT NULL AUTO_INCREMENT,\n\t\t\t\t\t  `discipline` varchar(100) CHARACTER SET latin1 NOT NULL,\n\t\t\t\t\t  `sort` int(11) NOT NULL,\n\t\t\t\t\t  PRIMARY KEY (`discipline_id`),\n\t\t\t\t\t  UNIQUE KEY `discipline` (`discipline`)\n\t\t\t\t\t) ENGINE=InnoDB DEFAULT CHARSET=utf8 COMMENT='added v2'", "CREATE TABLE `faqpage` (\n\t\t\t\t\t  `faqpage_id` int(11) NOT NULL AUTO_INCREMENT,\n\t\t\t\t\t  `name` varchar(255) NOT NULL,\n\t\t\t\t\t  `description` text NOT NULL,\n\t\t\t\t\t  PRIMARY KEY (`faqpage_id`)\n\t\t\t\t\t) ENGINE=InnoDB DEFAULT CHARSET=utf8", "CREATE TABLE `source` (\n\t\t\t\t\t  `source_id` bigint(20) NOT NULL AUTO_INCREMENT,\n\t\t\t\t\t  `source` varchar(255) DEFAULT NULL,\n\t\t\t\t\t  `rs` int(10) DEFAULT NULL,\n\t\t\t\t\t  PRIMARY KEY (`source_id`)\n\t\t\t\t\t) ENGINE=InnoDB DEFAULT CHARSET=utf8", "CREATE TABLE `department` (\n\t\t\t\t\t  `department_id` int(11) NOT NULL AUTO_INCREMENT,\n\t\t\t\t\t  `name` varchar(100) NOT NULL DEFAULT '',\n\t\t\t\t\t  `department_sort` int(11) NOT NULL DEFAULT '0',\n\t\t\t\t\t  `telephone` varchar(20) NOT NULL DEFAULT '0',\n\t\t\t\t\t  `email` varchar(255) DEFAULT NULL,\n\t\t\t\t\t  `url` varchar(255) DEFAULT NULL,\n\t\t\t\t\t  PRIMARY KEY (`department_id`),\n\t\t\t\t\t  KEY `INDEXSEARCHdepart` (`name`)\n\t\t\t\t\t) ENGINE=InnoDB DEFAULT CHARSET=utf8", "CREATE TABLE `subject` (\n\t\t\t\t\t  `subject_id` bigint(20) NOT NULL AUTO_INCREMENT,\n\t\t\t\t\t  `subject` varchar(255) DEFAULT NULL,\n\t\t\t\t\t  `active` int(1) NOT NULL DEFAULT '0',\n\t\t\t\t\t  `shortform` varchar(50) NOT NULL DEFAULT '0',\n\t\t\t\t\t  `redirect_url` varchar(255) DEFAULT NULL,\n\t\t\t\t\t  `header` varchar(45) DEFAULT NULL,\n\t\t\t\t\t  `description` varchar(255) DEFAULT NULL,\n\t\t\t\t\t  `keywords` varchar(255) DEFAULT NULL,\n\t\t\t\t\t  `type` varchar(20) DEFAULT NULL,\n\t\t\t\t\t  `last_modified` timestamp NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,\n\t\t\t\t\t  `background_link` varchar(255) DEFAULT NULL,\n\t\t\t\t\t  `extra` varchar(255) DEFAULT NULL,\n\t\t\t\t\t  PRIMARY KEY (`subject_id`),\n\t\t\t\t\t  KEY `INDEXSEARCHsubject` (`subject`,`shortform`,`description`,`keywords`)\n\t\t\t\t\t) ENGINE=InnoDB DEFAULT CHARSET=utf8", "CREATE TABLE `pluslet` (\n\t\t\t\t\t  `pluslet_id` int(11) NOT NULL AUTO_INCREMENT,\n\t\t\t\t\t  `title` varchar(100) NOT NULL DEFAULT '',\n\t\t\t\t\t  `body` longtext NOT NULL,\n\t\t\t\t\t  `local_file` varchar(100) DEFAULT NULL,\n\t\t\t\t\t  `clone` int(1) NOT NULL DEFAULT '0',\n\t\t\t\t\t  `type` varchar(50) DEFAULT NULL,\n\t\t\t\t\t  `extra` varchar(255) DEFAULT NULL,\n\t\t\t\t\t  `hide_titlebar` int(1) NOT NULL DEFAULT '0',\n\t\t\t\t\t  `collapse_body` int(1) NOT NULL DEFAULT '0',\n\t\t\t\t\t  `titlebar_styling` varchar(100) DEFAULT NULL,\n\t\t\t\t\t  PRIMARY KEY (`pluslet_id`),\n\t\t\t\t\t  KEY `INDEXSEARCHpluslet` (`body`(200))\n\t\t\t\t\t) ENGINE=InnoDB DEFAULT CHARSET=utf8", "CREATE TABLE `uml_refstats` (\n\t\t\t\t\t  `refstats_id` int(11) NOT NULL AUTO_INCREMENT,\n\t\t\t\t\t  `type_id` int(11) NOT NULL,\n\t\t\t\t\t  `location_id` int(11) NOT NULL,\n\t\t\t\t\t  `mode_id` int(11) NOT NULL,\n\t\t\t\t\t  `date` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,\n\t\t\t\t\t  `note` varchar(1000) DEFAULT NULL,\n\t\t\t\t\t  PRIMARY KEY (`refstats_id`)\n\t\t\t\t\t) ENGINE=InnoDB DEFAULT CHARSET=utf8", "CREATE TABLE `format` (\n\t\t\t\t\t  `format_id` bigint(20) NOT NULL AUTO_INCREMENT,\n\t\t\t\t\t  `format` varchar(255) DEFAULT NULL,\n\t\t\t\t\t  PRIMARY KEY (`format_id`)\n\t\t\t\t\t) ENGINE=InnoDB DEFAULT CHARSET=utf8", "CREATE TABLE `faq` (\n\t\t\t\t\t  `faq_id` int(11) NOT NULL AUTO_INCREMENT,\n\t\t\t\t\t  `question` varchar(255) NOT NULL,\n\t\t\t\t\t  `answer` text NOT NULL,\n\t\t\t\t\t  `keywords` varchar(255) NOT NULL,\n\t\t\t\t\t  PRIMARY KEY (`faq_id`)\n\t\t\t\t\t) ENGINE=InnoDB DEFAULT CHARSET=utf8", "CREATE TABLE `restrictions` (\n\t\t\t\t\t  `restrictions_id` int(10) NOT NULL AUTO_INCREMENT,\n\t\t\t\t\t  `restrictions` text,\n\t\t\t\t\t  PRIMARY KEY (`restrictions_id`)\n\t\t\t\t\t) ENGINE=InnoDB DEFAULT CHARSET=utf8", "CREATE TABLE `title` (\n\t\t\t\t\t  `title_id` bigint(20) NOT NULL AUTO_INCREMENT,\n\t\t\t\t\t  `title` varchar(255) DEFAULT NULL,\n\t\t\t\t\t  `alternate_title` varchar(255) DEFAULT NULL,\n\t\t\t\t\t  `description` text,\n\t\t\t\t\t  `pre` varchar(255) DEFAULT NULL,\n\t\t\t\t\t  `last_modified_by` varchar(50) DEFAULT NULL,\n\t\t\t\t\t  `last_modified` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP,\n\t\t\t\t\t  PRIMARY KEY (`title_id`),\n\t\t\t\t\t  KEY `INDEXSEARCHtitle` (`title`,`alternate_title`,`description`(200))\n\t\t\t\t\t) ENGINE=InnoDB DEFAULT CHARSET=utf8", "CREATE TABLE `uml_refstats_mode` (\n\t\t\t\t\t  `mode_id` int(11) NOT NULL AUTO_INCREMENT,\n\t\t\t\t\t  `label` varchar(100) NOT NULL,\n\t\t\t\t\t  PRIMARY KEY (`mode_id`)\n\t\t\t\t\t) ENGINE=InnoDB DEFAULT CHARSET=utf8", "CREATE TABLE `rank` (\n\t\t\t\t\t  `rank_id` int(11) NOT NULL AUTO_INCREMENT,\n\t\t\t\t\t  `rank` int(10) NOT NULL DEFAULT '0',\n\t\t\t\t\t  `subject_id` bigint(20) DEFAULT NULL,\n\t\t\t\t\t  `title_id` bigint(20) DEFAULT NULL,\n\t\t\t\t\t  `source_id` bigint(20) DEFAULT NULL,\n\t\t\t\t\t  `description_override` text,\n\t\t\t\t\t  PRIMARY KEY (`rank_id`),\n\t\t\t\t\t  KEY `fk_rank_subject_id_idx` (`subject_id`),\n\t\t\t\t\t  KEY `fk_rank_title_id_idx` (`title_id`),\n\t\t\t\t\t  KEY `fk_rank_source_id_idx` (`source_id`),\n\t\t\t\t\t  CONSTRAINT `fk_rank_source_id` FOREIGN KEY (`source_id`) REFERENCES `source` (`source_id`) ON DELETE CASCADE ON UPDATE CASCADE,\n\t\t\t\t\t  CONSTRAINT `fk_rank_subject_id` FOREIGN KEY (`subject_id`) REFERENCES `subject` (`subject_id`) ON DELETE CASCADE ON UPDATE CASCADE,\n\t\t\t\t\t  CONSTRAINT `fk_rank_title_id` FOREIGN KEY (`title_id`) REFERENCES `title` (`title_id`) ON DELETE CASCADE ON UPDATE CASCADE\n\t\t\t\t\t) ENGINE=InnoDB DEFAULT CHARSET=utf8", "CREATE TABLE `subject_department` (\n\t\t\t\t\t  `idsubject_department` int(11) NOT NULL AUTO_INCREMENT,\n\t\t\t\t\t  `id_subject` bigint(20) NOT NULL,\n\t\t\t\t\t  `id_department` int(11) NOT NULL,\n\t\t\t\t\t  `date` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,\n\t\t\t\t\t  PRIMARY KEY (`idsubject_department`)\n\t\t\t\t\t) ENGINE=InnoDB DEFAULT CHARSET=utf8", "CREATE TABLE `tab` (\n\t\t\t\t\t  `tab_id` int(11) NOT NULL AUTO_INCREMENT,\n\t\t\t\t\t  `subject_id` bigint(20) NOT NULL DEFAULT '0',\n\t\t\t\t\t  `label` varchar(120) NOT NULL DEFAULT 'Main',\n\t\t\t\t\t  `tab_index` int(11) NOT NULL DEFAULT '0',\n\t\t\t\t\t  `external_url` varchar(500) DEFAULT NULL,\n\t\t\t\t\t  `visibility` int(1) NOT NULL DEFAULT '1',\n\t\t\t\t\t  PRIMARY KEY (`tab_id`),\n\t\t\t\t\t  KEY `fk_t_subject_id_idx` (`subject_id`),\n\t\t\t\t\t  CONSTRAINT `fk_t_subject_id` FOREIGN KEY (`subject_id`) REFERENCES `subject` (`subject_id`) ON DELETE CASCADE ON UPDATE CASCADE\n\t\t\t\t\t) ENGINE=InnoDB DEFAULT CHARSET=utf8", "CREATE TABLE `subject_subject` (\n\t\t\t\t\t  `id_subject_subject` int(11) NOT NULL AUTO_INCREMENT,\n\t\t\t\t\t  `subject_parent` bigint(20) NOT NULL,\n\t\t\t\t\t  `subject_child` bigint(20) NOT NULL,\n\t\t\t\t\t  `date` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,\n\t\t\t\t\t  PRIMARY KEY (`id_subject_subject`),\n\t\t\t\t\t  KEY `fk_subject_parent_idx` (`subject_parent`),\n\t\t\t\t\t  KEY `fk_subject_child_idx` (`subject_child`),\n\t\t\t\t\t  CONSTRAINT `fk_subject_child` FOREIGN KEY (`subject_child`) REFERENCES `subject` (`subject_id`) ON DELETE NO ACTION ON UPDATE NO ACTION,\n\t\t\t\t\t  CONSTRAINT `fk_subject_parent` FOREIGN KEY (`subject_parent`) REFERENCES `subject` (`subject_id`) ON DELETE NO ACTION ON UPDATE NO ACTION\n\t\t\t\t\t) ENGINE=InnoDB DEFAULT CHARSET=utf8", "CREATE TABLE `staff` (\n\t\t\t\t\t  `staff_id` int(11) NOT NULL AUTO_INCREMENT,\n\t\t\t\t\t  `lname` varchar(765) DEFAULT NULL,\n\t\t\t\t\t  `fname` varchar(765) DEFAULT NULL,\n\t\t\t\t\t  `title` varchar(765) DEFAULT NULL,\n\t\t\t\t\t  `tel` varchar(45) DEFAULT NULL,\n\t\t\t\t\t  `department_id` int(11) DEFAULT NULL,\n\t\t\t\t\t  `staff_sort` int(11) DEFAULT NULL,\n\t\t\t\t\t  `email` varchar(765) DEFAULT NULL,\n\t\t\t\t\t  `ip` varchar(300) DEFAULT NULL,\n\t\t\t\t\t  `access_level` int(11) DEFAULT NULL,\n\t\t\t\t\t  `user_type_id` int(11) DEFAULT NULL,\n\t\t\t\t\t  `password` varchar(192) DEFAULT NULL,\n\t\t\t\t\t  `active` int(1) DEFAULT NULL,\n\t\t\t\t\t  `ptags` varchar(765) DEFAULT NULL,\n\t\t\t\t\t  `extra` varchar(765) DEFAULT NULL,\n\t\t\t\t\t  `bio` blob,\n\t\t\t\t\t  `position_number` varchar(30) DEFAULT NULL,\n\t\t\t\t\t  `job_classification` varchar(255) DEFAULT NULL,\n\t\t\t\t\t  `room_number` varchar(60) DEFAULT NULL,\n\t\t\t\t\t  `supervisor_id` int(11) DEFAULT NULL,\n\t\t\t\t\t  `emergency_contact_name` varchar(150) DEFAULT NULL,\n\t\t\t\t\t  `emergency_contact_relation` varchar(150) DEFAULT NULL,\n\t\t\t\t\t  `emergency_contact_phone` varchar(60) DEFAULT NULL,\n\t\t\t\t\t  `street_address` varchar(255) DEFAULT NULL,\n\t\t\t\t\t  `city` varchar(150) DEFAULT NULL,\n\t\t\t\t\t  `state` varchar(60) DEFAULT NULL,\n\t\t\t\t\t  `zip` varchar(30) DEFAULT NULL,\n\t\t\t\t\t  `home_phone` varchar(60) DEFAULT NULL,\n\t\t\t\t\t  `cell_phone` varchar(60) DEFAULT NULL,\n\t\t\t\t\t  `fax` varchar(60) DEFAULT NULL,\n\t\t\t\t\t  `intercom` varchar(30) DEFAULT NULL,\n\t\t\t\t\t  `lat_long` varchar(75) DEFAULT NULL,\n\t\t\t\t\t  PRIMARY KEY (`staff_id`),\n\t\t\t\t\t  KEY `fk_supervisor_staff_id_idx` (`supervisor_id`),\n\t\t\t\t\t  KEY `fk_staff_user_type_id_idx` (`user_type_id`),\n\t\t\t\t\t  KEY `fk_staff_department_id_idx` (`department_id`),\n\t\t\t\t\t  KEY `INDEXSEARCHstaff` (`lname`(255),`fname`(255)),\n\t\t\t\t\t  CONSTRAINT `fk_staff_user_type_id` FOREIGN KEY (`user_type_id`) REFERENCES `user_type` (`user_type_id`) ON DELETE SET NULL ON UPDATE SET NULL\n\t\t\t\t\t) ENGINE=InnoDB DEFAULT CHARSET=utf8", "CREATE TABLE `talkback` (\n\t\t\t\t\t  `talkback_id` int(11) NOT NULL AUTO_INCREMENT,\n\t\t\t\t\t  `question` text NOT NULL,\n\t\t\t\t\t  `q_from` varchar(100) DEFAULT '',\n\t\t\t\t\t  `date_submitted` datetime NOT NULL DEFAULT '0000-00-00 00:00:00',\n\t\t\t\t\t  `answer` text NOT NULL,\n\t\t\t\t\t  `a_from` int(11) DEFAULT NULL,\n\t\t\t\t\t  `display` varchar(11) NOT NULL DEFAULT 'No',\n\t\t\t\t\t  `last_revised_by` varchar(100) NOT NULL DEFAULT '',\n\t\t\t\t\t  `tbtags` varchar(255) DEFAULT 'main',\n\t\t\t\t\t  `cattags` varchar(255) DEFAULT NULL,\n\t\t\t\t\t  PRIMARY KEY (`talkback_id`),\n\t\t\t\t\t  KEY `INDEXSEARCHtalkback` (`question`(200),`answer`(200)),\n\t\t\t\t\t  KEY `fk_talkback_staff_id_idx` (`a_from`),\n\t\t\t\t\t  CONSTRAINT `fk_talkback_staff_id` FOREIGN KEY (`a_from`) REFERENCES `staff` (`staff_id`) ON DELETE SET NULL ON UPDATE SET NULL\n\t\t\t\t\t) ENGINE=InnoDB DEFAULT CHARSET=utf8", "CREATE TABLE `section` (\n\t\t\t\t\t  `section_id` int(11) NOT NULL AUTO_INCREMENT,\n\t\t\t\t\t  `section_index` int(11) NOT NULL DEFAULT '0',\n\t\t\t\t\t  `layout` varchar(255) NOT NULL DEFAULT '4-4-4',\n\t\t\t\t\t  `tab_id` int(11) NOT NULL,\n\t\t\t\t\t  PRIMARY KEY (`section_id`),\n\t\t\t\t\t  KEY `fk_section_tab_idx` (`tab_id`),\n\t\t\t\t\t  CONSTRAINT `fk_section_tab` FOREIGN KEY (`tab_id`) REFERENCES `tab` (`tab_id`) ON DELETE CASCADE ON UPDATE CASCADE\n\t\t\t\t\t) ENGINE=InnoDB DEFAULT CHARSET=utf8", "CREATE TABLE `faq_faqpage` (\n\t\t\t\t\t  `faq_faqpage_id` int(11) NOT NULL AUTO_INCREMENT,\n\t\t\t\t\t  `faq_id` int(11) NOT NULL,\n\t\t\t\t\t  `faqpage_id` int(11) NOT NULL,\n\t\t\t\t\t  PRIMARY KEY (`faq_faqpage_id`),\n\t\t\t\t\t  KEY `fk_ff_faq_id_idx` (`faq_id`),\n\t\t\t\t\t  KEY `fk_ff_faqpage_id_idx` (`faqpage_id`),\n\t\t\t\t\t  CONSTRAINT `fk_ff_faqpage_id` FOREIGN KEY (`faqpage_id`) REFERENCES `faqpage` (`faqpage_id`) ON DELETE CASCADE ON UPDATE CASCADE,\n\t\t\t\t\t  CONSTRAINT `fk_ff_faq_id` FOREIGN KEY (`faq_id`) REFERENCES `faq` (`faq_id`) ON DELETE CASCADE ON UPDATE CASCADE\n\t\t\t\t\t) ENGINE=InnoDB DEFAULT CHARSET=utf8", "CREATE TABLE `location` (\n\t\t\t\t\t  `location_id` bigint(20) NOT NULL AUTO_INCREMENT,\n\t\t\t\t\t  `format` bigint(20) DEFAULT NULL,\n\t\t\t\t\t  `call_number` varchar(255) DEFAULT NULL,\n\t\t\t\t\t  `location` varchar(255) DEFAULT NULL,\n\t\t\t\t\t  `access_restrictions` int(10) DEFAULT NULL,\n\t\t\t\t\t  `eres_display` varchar(1) DEFAULT NULL,\n\t\t\t\t\t  `display_note` text,\n\t\t\t\t\t  `helpguide` varchar(255) DEFAULT NULL,\n\t\t\t\t\t  `citation_guide` varchar(255) DEFAULT NULL,\n\t\t\t\t\t  `ctags` varchar(255) DEFAULT NULL,\n\t\t\t\t\t  PRIMARY KEY (`location_id`),\n\t\t\t\t\t  KEY `fk_location_format_id_idx` (`format`),\n\t\t\t\t\t  KEY `fk_location_restrictions_id_idx` (`access_restrictions`),\n\t\t\t\t\t  CONSTRAINT `fk_location_format_id` FOREIGN KEY (`format`) REFERENCES `format` (`format_id`) ON DELETE SET NULL ON UPDATE SET NULL,\n\t\t\t\t\t  CONSTRAINT `fk_location_restrictions_id` FOREIGN KEY (`access_restrictions`) REFERENCES `restrictions` (`restrictions_id`) ON DELETE SET NULL ON UPDATE SET NULL\n\t\t\t\t\t) ENGINE=InnoDB DEFAULT CHARSET=utf8", "CREATE TABLE `faq_subject` (\n\t\t\t\t\t  `faq_subject_id` int(11) NOT NULL AUTO_INCREMENT,\n\t\t\t\t\t  `faq_id` int(11) NOT NULL,\n\t\t\t\t\t  `subject_id` bigint(20) NOT NULL,\n\t\t\t\t\t  PRIMARY KEY (`faq_subject_id`),\n\t\t\t\t\t  KEY `fk_fs_faq_id_idx` (`faq_id`),\n\t\t\t\t\t  KEY `fk_fs_subject_id_idx` (`subject_id`),\n\t\t\t\t\t  CONSTRAINT `fk_fs_faq_id` FOREIGN KEY (`faq_id`) REFERENCES `faq` (`faq_id`) ON DELETE CASCADE ON UPDATE CASCADE,\n\t\t\t\t\t  CONSTRAINT `fk_fs_subject_id` FOREIGN KEY (`subject_id`) REFERENCES `subject` (`subject_id`) ON DELETE CASCADE ON UPDATE CASCADE\n\t\t\t\t\t) ENGINE=InnoDB DEFAULT CHARSET=utf8", "CREATE TABLE `location_title` (\n\t\t\t\t\t  `location_id` bigint(20) NOT NULL DEFAULT '0',\n\t\t\t\t\t  `title_id` bigint(20) NOT NULL DEFAULT '0',\n\t\t\t\t\t  PRIMARY KEY (`location_id`,`title_id`),\n\t\t\t\t\t  KEY `fk_lt_location_id_idx` (`location_id`),\n\t\t\t\t\t  KEY `fk_lt_title_id_idx` (`title_id`),\n\t\t\t\t\t  CONSTRAINT `fk_lt_location_id` FOREIGN KEY (`location_id`) REFERENCES `location` (`location_id`) ON DELETE CASCADE ON UPDATE CASCADE,\n\t\t\t\t\t  CONSTRAINT `fk_lt_title_id` FOREIGN KEY (`title_id`) REFERENCES `title` (`title_id`) ON DELETE CASCADE ON UPDATE CASCADE\n\t\t\t\t\t) ENGINE=InnoDB DEFAULT CHARSET=utf8", "CREATE TABLE `subject_discipline` (\n\t\t\t\t\t  `subject_id` bigint(20) NOT NULL,\n\t\t\t\t\t  `discipline_id` int(11) NOT NULL,\n\t\t\t\t\t  PRIMARY KEY (`subject_id`,`discipline_id`),\n\t\t\t\t\t  KEY `discipline_id` (`discipline_id`),\n\t\t\t\t\t  KEY `fk_sd_subject_id_idx` (`subject_id`),\n\t\t\t\t\t  KEY `fk_sd_discipline_id_idx` (`discipline_id`),\n\t\t\t\t\t  KEY `fk_sd_subject_id_idx1` (`subject_id`),\n\t\t\t\t\t  KEY `fk_sd_discipline_id_idx1` (`discipline_id`),\n\t\t\t\t\t  CONSTRAINT `fk_sd_discipline_id` FOREIGN KEY (`discipline_id`) REFERENCES `discipline` (`discipline_id`) ON DELETE CASCADE ON UPDATE CASCADE,\n\t\t\t\t\t  CONSTRAINT `fk_sd_subject_id` FOREIGN KEY (`subject_id`) REFERENCES `subject` (`subject_id`) ON DELETE CASCADE ON UPDATE CASCADE\n\t\t\t\t\t) ENGINE=InnoDB DEFAULT CHARSET=utf8 COMMENT='added v2'", "CREATE TABLE `staff_subject` (\n\t\t\t\t\t  `staff_id` int(11) NOT NULL DEFAULT '0',\n\t\t\t\t\t  `subject_id` bigint(20) NOT NULL DEFAULT '0',\n\t\t\t\t\t  PRIMARY KEY (`staff_id`,`subject_id`),\n\t\t\t\t\t  KEY `fk_ss_subject_id_idx` (`subject_id`),\n\t\t\t\t\t  KEY `fk_ss_staff_id_idx` (`staff_id`),\n\t\t\t\t\t  CONSTRAINT `fk_ss_staff_id` FOREIGN KEY (`staff_id`) REFERENCES `staff` (`staff_id`) ON DELETE CASCADE ON UPDATE CASCADE,\n\t\t\t\t\t  CONSTRAINT `fk_ss_subject_id` FOREIGN KEY (`subject_id`) REFERENCES `subject` (`subject_id`) ON DELETE CASCADE ON UPDATE CASCADE\n\t\t\t\t\t) ENGINE=InnoDB DEFAULT CHARSET=utf8", "CREATE TABLE `pluslet_section` (\n\t\t\t\t\t  `pluslet_section_id` int(11) NOT NULL AUTO_INCREMENT,\n\t\t\t\t\t  `pluslet_id` int(11) NOT NULL DEFAULT '0',\n\t\t\t\t\t  `section_id` int(11) NOT NULL,\n\t\t\t\t\t  `pcolumn` int(11) NOT NULL,\n\t\t\t\t\t  `prow` int(11) NOT NULL,\n\t\t\t\t\t  PRIMARY KEY (`pluslet_section_id`),\n\t\t\t\t\t  KEY `fk_pt_pluslet_id_idx` (`pluslet_id`),\n\t\t\t\t\t  KEY `fk_pt_tab_id_idx` (`section_id`),\n\t\t\t\t\t  CONSTRAINT `fk_pt_section_id` FOREIGN KEY (`section_id`) REFERENCES `section` (`section_id`) ON DELETE CASCADE ON UPDATE CASCADE\n\t\t\t\t\t) ENGINE=InnoDB DEFAULT CHARSET=utf8");
     //all the subjectqueries -- default data
     $this->lobjInsertQueries = array("INSERT INTO `chchchanges` VALUES (1,1,'guide',1,'General','insert','2011-03-26 19:16:19'),(2,1,'record',1,'Sample Record','insert','2011-03-26 20:08:54')", "INSERT INTO `subject` VALUES (1,'General',1,'general','',NULL,NULL,NULL,'Subject','2011-03-26 19:16:19',NULL,'{\"maincol\":\"\"}')", "INSERT INTO `tab` VALUES (1,1,'Main',0,NULL,1)", "INSERT INTO `section` VALUES (1,0,'4-6-2',1)", "INSERT INTO `pluslet` VALUES (1,'All Items by Source','','',0,'Special','',0,0,NULL),(2,'Key to Icons','','',0,'Special','',0,0,NULL),(3,'Subject Specialist','','',0,'Special','',0,0,NULL),\n\t\t\t\t\t(4,'FAQs','','',0,'Special','',0,0,NULL),(5,'Books:  Use the Library Catalog','','',0,'Special','',0,0,NULL),(6,'','','',0,'Reserved_for_Special','',0,0,NULL),(7,'','','',0,'Reserved_for_Special','',0,0,NULL),\n\t\t\t\t\t(8,'','','',0,'Reserved_for_Special','',0,0,NULL),(9,'','','',0,'Reserved_for_Special','',0,0,NULL),(10,'','','',0,'Reserved_for_Special','',0,0,NULL),(11,'','','',0,'Reserved_for_Special','',0,0,NULL),\n\t\t\t\t\t(12,'','','',0,'Reserved_for_Special','',0,0,NULL),(13,'','','',0,'Reserved_for_Special','',0,0,NULL),(14,'','','',0,'Reserved_for_Special','',0,0,NULL),(15,'','','',0,'Reserved_for_Special','',0,0,NULL)", "INSERT INTO `format` VALUES (1,'Web'),(2,'Print'),(3,'Print w/ URL')", "INSERT INTO `user_type` VALUES (1,'Staff'),(2,'Machine'),(3,'Student')", "INSERT INTO `discipline` VALUES (1,'agriculture',1),(2,'anatomy &amp; physiology',2),(3,'anthropology',3),(4,'applied sciences',4),(5,'architecture',5),\n\t\t\t\t\t(6,'astronomy &amp; astrophysics',6),(7,'biology',7),(8,'botany',8),(9,'business',9),(10,'chemistry',10),(11,'computer science',11),(12,'dance',12),(13,'dentistry',13),\n\t\t\t\t\t(14,'diet &amp; clinical nutrition',14),(15,'drama',15),(16,'ecology',16),(17,'economics',17),(18,'education',18),(19,'engineering',19),(20,'environmental sciences',20),\n\t\t\t\t\t(21,'film',21),(22,'forestry',22),(23,'geography',23),(24,'geology',24),(25,'government',25),(26,'history &amp; archaeology',26),(27,'human anatomy &amp; physiology',27),\n\t\t\t\t\t(28,'international relations',28),(29,'journalism &amp; communications',29),(30,'languages &amp; literatures',30),(31,'law',31),(32,'library &amp; information science',32),\n\t\t\t\t\t(33,'mathematics',33),(34,'medicine',34),(35,'meteorology &amp; climatology',35),(36,'military &amp; naval science',36),(37,'music',37),(38,'nursing',38),\n\t\t\t\t\t(39,'occupational therapy &amp; rehabilitation',39),(40,'oceanography',40),(41,'parapsychology &amp; occult sciences',41),(42,'pharmacy, therapeutics, &amp; pharmacology',42),\n\t\t\t\t\t(43,'philosophy',43),(44,'physical therapy',44),(45,'physics',45),(46,'political science',46),(47,'psychology',47),(48,'public health',48),(49,'recreation &amp; sports',49),\n\t\t\t\t\t(50,'religion',50),(51,'sciences (general)',51),(52,'social sciences (general)',52),(53,'social welfare &amp; social work',53),(54,'sociology &amp; social history',54),\n\t\t\t\t\t(55,'statistics',55),(56,'veterinary medicine',56),(57,'visual arts',57),(58,'women&#039;s studies',58),(59,'zoology',59)", "INSERT INTO `restrictions` VALUES (1,'None'),(2,'Restricted'),(3,'On Campus Only'),(4,'Rest--No Proxy')", "INSERT INTO `title` VALUES (1,'Sample Record',NULL,'Here you can enter a description of the record.&nbsp; A description may be overwritten for a given subject by clicking the icon next to the desired subject in the Record screen.<br />',\n\t\t\t\t\tNULL,NULL,'2011-03-26 20:08:54')", "INSERT INTO `source` VALUES (1,'Journals/Magazines',1),(2,'Newspapers',5),(3,'Web Sites',10),(4,'FAQs',15),(5,'Almanacs & Yearbooks',100),(6,'Atlases',100),(7,'Bibliographies',100),\n\t\t\t\t\t(8,'Biographical Information',100),(9,'Concordances',100),(10,'Dictionaries',100),(11,'Encyclopedias',100),(12,'Government Information',100),(13,'Grants/Scholarships/Financial Aid',100),\n\t\t\t\t\t(14,'Handbooks & Guides',100),(15,'Images',100),(16,'Local',100),(17,'Primary Sources',100),(18,'Quotations',100),(19,'Regional',100),(20,'Reviews',100),(21,'Statistics/Data',100),\n\t\t\t\t\t(22,'Directories',100),(23,'Dissertations',100),(24,'Newspapers--International',100),(25,'Newswires',100),(26,'TV Stations',100),(27,'Radio Stations',100),(28,'Transcripts',100),\n\t\t\t\t\t(30,'Audio Files',100),(31,'Organizations',100)", "INSERT INTO `location` VALUES (1,1,'','http://www.subjectsplus.com/wiki/',1,'Y','',NULL,NULL,'')", "INSERT INTO `department` VALUES (1,'Library Administration',1,'5555',NULL,NULL)", "INSERT INTO `staff` VALUES (1,'Admin','Super','SubjectsPlus Admin','5555',1,0,'admin{$lstrEmailDomain}','',0,1,'{$lstrHashPassword}',1,'talkback|faq|records|eresource_mgr|videos|admin|librarian|supervisor','{\"css\": \"basic\"}',\n\t\t\t\t\t'This is the default user with a SubjectsPlus install.  You should delete or rename me before you go live!',NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL)", "INSERT INTO `location_title` VALUES (1,1)", "INSERT INTO `rank` VALUES (1,0,1,1,1,'')", "INSERT INTO `staff_subject` VALUES (1,1)", "INSERT INTO `uml_refstats_location` VALUES (1,'Information Desk (Richter)'),(2,'Circulation Desk (Richter)'),(3,'Digital Media Lab'),(4,'Architecture'),(5,'Business'),(6,'CHC'),(7,'Music'),(8,'RSMAS'),(9,'Special Collections'),\n\t\t\t\t\t(10,'Other (include ntoe)')", "INSERT INTO `uml_refstats_type` VALUES (1,'Computer Hardware'),(2,'Computer Software'),(3,'Directional'),(4,'Printers/Copiers'),(5,'Reference')", "INSERT INTO `uml_refstats_mode` VALUES (1,'In Person'),(2,'Phone'),(3,'Email'),(4,'IM')");
 }
コード例 #5
0
 /**
  * DatabaseWebService::sanitizeParams() -  - goes through passed array parameter
  * and sanitizes elements that are valid url parameters
  *
  * @param array $lobjParams
  * @return array
  */
 function sanitizeParams(array $lobjParams)
 {
     $lobjFinalParams = array();
     foreach ($lobjParams as $lstrKey => $lstrValue) {
         switch (strtolower($lstrKey)) {
             case 'letter':
                 $lobjSplit = explode(',', $lstrValue);
                 foreach ($lobjSplit as &$lstrUnScrubbed) {
                     $lstrUnScrubbed = scrubData($lstrUnScrubbed);
                 }
                 $lobjFinalParams['letter'] = $lobjSplit;
                 break;
             case 'search':
                 $lobjSplit = explode(',', $lstrValue);
                 foreach ($lobjSplit as &$lstrUnScrubbed) {
                     $lstrUnScrubbed = scrubData($lstrUnScrubbed);
                 }
                 $lobjFinalParams['search'] = $lobjSplit;
                 break;
             case 'subject_id':
                 $lobjSplit = explode(',', $lstrValue);
                 foreach ($lobjSplit as &$lstrUnScrubbed) {
                     $lstrUnScrubbed = scrubData($lstrUnScrubbed, 'integer');
                 }
                 $lobjFinalParams['subject_id'] = $lobjSplit;
                 break;
             case 'type':
                 $lobjSplit = explode(',', $lstrValue);
                 foreach ($lobjSplit as &$lstrUnScrubbed) {
                     $lstrUnScrubbed = scrubData($lstrUnScrubbed);
                 }
                 $lobjFinalParams['type'] = $lobjSplit;
                 break;
             case 'max':
                 $lstrValue = scrubData($lstrValue, 'integer');
                 $lobjFinalParams['max'] = $lstrValue;
                 break;
         }
     }
     return $lobjFinalParams;
 }
コード例 #6
0
ファイル: WebService.php プロジェクト: kenirwin/SubjectsPlus
 /**
  * sp_WebService::formatOutput() - saves formatted output into property based
  * on format requested in url parameters
  *
  * @return void
  */
 public function formatOutput()
 {
     $lstrFormat = '';
     if (isset($this->mobjUrlParams['output'])) {
         $lstrFormat = $this->mobjUrlParams['output'];
     }
     $this->mstrFormat = scrubData(strtolower($lstrFormat));
     switch ($this->mstrFormat) {
         case "xml":
             $this->mstrOutput = "<{$this->mstrService}>";
             $this->mstrOutput .= $this->getXMLFormat($this->mobjData);
             $this->mstrOutput .= "</{$this->mstrService}>";
             break;
         case "json":
             $this->mstrOutput = $this->getJSONFormat();
             break;
         default:
             $this->mstrOutput = $this->getJSONFormat();
             break;
     }
 }
コード例 #7
0
ファイル: video.php プロジェクト: kenirwin/SubjectsPlus
$intro = "<p>A collection of videos produced by the University of Miami Libraries.</p>";
$display = "<br />";
try {
} catch (Exception $e) {
    echo $e;
}
// Get Tags
// create the option
$vtag_items = "\n  <ul>\n  <li><a href=\"video.php?tag=all\">All</a></li>";
foreach ($all_vtags as $value) {
    $vtag_items .= "<li><a href=\"video.php?tag={$value}\">" . ucfirst($value) . "</a></li>";
}
$vtag_items .= "</ul>";
// Clean up user submission
if (isset($_GET["video_id"])) {
    $extra_sql = "and video_id = '" . scrubData($_GET["video_id"], "integer") . "'";
}
if (isset($_GET["tag"])) {
    if (in_array($_GET["tag"], $all_vtags)) {
        $pretty_tag = ucfirst($_GET["tag"]);
        $extra_sql = "and vtags like '%" . $_GET["tag"] . "%'";
    }
}
$q = "select distinct video_id, title, description, source, foreign_id, duration, date\n        FROM video\n        WHERE display = '1'\n        {$extra_sql}\n        ORDER BY date";
// print $q;
// check row count for 0 returns
$db = new Querier();
$r = $db->query($q);
$num_rows = count($r);
if ($num_rows != 0) {
    foreach ($r as $myrow) {
コード例 #8
0
 function writeTable($qualifier, $subject_id = '')
 {
     global $IconPath;
     global $proxyURL;
     // sanitize submission
     $selected = scrubData($qualifier);
     $subject_id = scrubData($subject_id);
     // determine submission type
     $selected = getTableOptions($selected, $subject_id);
     if (isset($subject_id) && $subject_id != "") {
         $q = "select distinct left(title,1) as initial, title, description, location, access_restrictions, title.title_id as this_record,\neres_display, display_note, pre, citation_guide, ctags\n        FROM title, restrictions, location, location_title, source, rank\n        {$selected}\n        AND title.title_id = location_title.title_id\n        AND location.location_id = location_title.location_id\n        AND restrictions_id = access_restrictions\n       \n        AND rank.title_id = title.title_id AND source.source_id = rank.source_id\n        ORDER BY title ";
     } else {
         $q = "select distinct left(title,1) as initial, title, description, location, access_restrictions, title.title_id as this_record,\neres_display, display_note, pre, citation_guide, ctags\n\t\tFROM title, restrictions, location, location_title, source\n\t\t{$selected}\n\t\tAND title.title_id = location_title.title_id\n\t\tAND location.location_id = location_title.location_id\n\t\tAND restrictions_id = access_restrictions\n\n\t\tORDER BY title";
     }
     //print $q;
     $db = new Querier();
     $r = $db->query($q);
     // check row count for 0 returns
     $num_rows = count($r);
     if ($num_rows == 0) {
         return "<div class=\"no_results\">" . _("Sorry, there are no results at this time.") . "</div>";
     }
     // prepare 	header
     $items = "<table width=\"98%\" class=\"item_listing\">";
     $row_count = 0;
     $colour1 = "oddrow";
     $colour2 = "evenrow";
     foreach ($r as $myrow) {
         $row_colour = $row_count % 2 ? $colour1 : $colour2;
         $patterns = "/'|\"/";
         $replacements = "";
         $item_title = $myrow["title"];
         $safe_title = trim(preg_replace($patterns, $replacements, $item_title));
         $blurb = $myrow["description"];
         $bib_id = $myrow["5"];
         /// CHECK RESTRICTIONS ///
         if ($myrow['4'] == 2 or $myrow['4'] == 3) {
             $url = $proxyURL . $myrow[3];
             $rest_icons = "restricted";
         } else {
             $url = $myrow[3];
             $rest_icons = "";
             // if you want the unlocked icon to show, enter "unrestricted" here
         }
         $current_ctags = explode("|", $myrow["ctags"]);
         // add our $rest_icons info to this array at the beginning
         array_unshift($current_ctags, $rest_icons);
         $icons = showIcons($current_ctags);
         //Check if there is a display note
         if ($myrow["display_note"] == NULL) {
             $display_note_text = "";
         } else {
             $display_note_text = "<strong>" . _("Note:") . " </strong>{$myrow['display_note']}";
         }
         $bonus = "{$blurb}";
         if ($blurb != "") {
             $information = "<img src=\"{$IconPath}/information.png\" border=\"0\" alt=\"" . _("more information") . "\" title=\"" . _("more information") . "\"  id=\"bib-{$bib_id}\" />";
         } else {
             $information = "";
         }
         $items .= "\n\t<tr class=\"zebra {$row_colour}\" valign=\"top\">\n\t\t\n\t\t<td><a href=\"{$url}\" target=\"_blank\"><strong>{$item_title}</strong></a> {$icons}<br/>{$bonus}   {$display_note_text}\n                   \n\t</tr>";
         $row_count++;
     }
     $items .= "</table>";
     return $items;
 }
コード例 #9
0
ファイル: FAQ.php プロジェクト: kenirwin/SubjectsPlus
 function modifyCollections()
 {
     $db = new Querier();
     for ($i = 0; $i < $this->_collection_count; $i++) {
         $qUpColl = "INSERT INTO faq_faqpage (faq_id, faqpage_id) VALUES (\n                " . scrubData($this->_faq_id, "integer") . ",\n                " . scrubData($this->_collection[$i], "integer") . ")";
         $rUpColl = $db->query($qUpColl);
         $this->_debug .= "<p>3. (update faq_faqpage loop) : {$qUpColl}</p>";
         if ($rUpColl === FALSE) {
             echo blunDer("We have a problem with the faq_faqpage query: {$qUpColl}");
         }
     }
 }
コード例 #10
0
ファイル: index.php プロジェクト: johnwinsor/SubjectsPlus
 *   @author adarby
 *   @date march 2011
 */
use SubjectsPlus\Control\Querier;
$subcat = "video";
$page_title = "Video Admin";
include "../includes/header.php";
try {
} catch (Exception $e) {
    echo $e;
}
if (isset($_GET["limit"])) {
    if ($_GET["limit"] == "all") {
        $limit = "";
    } else {
        $limit = "LIMIT 0," . scrubData($_GET["limit"], "int");
    }
} else {
    $limit = "";
}
$querierVid = new Querier();
$qVid = "SELECT video_id, title, description, source, foreign_id, duration, date, display, vtags\n\tFROM video\n\tORDER BY video_id DESC\n\t{$limit}";
$vidArray = $querierVid->query($qVid);
$row_count1 = 0;
$row_count2 = 0;
$colour1 = "evenrow";
$colour2 = "oddrow";
$vid_list = "";
if ($vidArray) {
    foreach ($vidArray as $value) {
        $row_colour1 = $row_count1 % 2 ? $colour1 : $colour2;
コード例 #11
0
ファイル: updatesettings.php プロジェクト: ColBT/php_tut
if ($action == "generate") {
    if ($installationTypeNew == "offline") {
        $updateCheckerNew = "false";
    }
    if (substr($rootNew, -1) == "/") {
        $rootNew = substr($rootNew, 0, -1);
    }
    if (substr($ftpRootNew, -1) == "/") {
        $ftpRootNew = substr($ftpRootNew, 0, -1);
    }
    if (substr($pathMantisNew, -1) != "/") {
        $pathMantisNew = $pathMantisNew . "/";
    }
    // DAB - scrub the data
    require_once dirname(realpath(__FILE__)) . '/../general/data_funcs.inc.php';
    $scrubData = scrubData($_POST);
    extract($scrubData);
    // -- END Paranoia
    $content = <<<STAMP
<?php
#Application name: PhpCollab
#Status page: 2
#Path by root: ../includes/settings.php

# installation type
\$installationType = "{$installationTypeNew}"; //select "offline" or "online"

# select database application
\$databaseType = "{$databaseTypeNew}"; //select "sqlserver", "postgresql" or "mysql"

# database parameters
コード例 #12
0
ファイル: disciplines.php プロジェクト: kenirwin/SubjectsPlus
    }
}
if (isset($_POST["update_disciplines"])) {
    //////////////////////////////////
    // Get the discipline dept data + sort order
    //////////////////////////////////
    //////////////////////
    // Create new array of results
    /////////////////////
    $a = $_POST["discipline_id"];
    $b = $_POST["discipline"];
    $result = array_combine($a, $b);
    // Loop through array, update departments table
    $row_count = 1;
    foreach ($result as $key => $value) {
        $qUpDept = "UPDATE discipline SET\n\t\tdiscipline = " . $db->quote(scrubData($value)) . ", \n\t\tsort = " . $row_count . " \n\t\tWHERE discipline_id = " . scrubData($key, "integer");
        $rUpDept = $db->exec($qUpDept);
        $row_count++;
    }
    $feedback = _("Thy Will Be Done.  discipline list updated.");
}
///////////////
// disciplines
///////////////
$querierDept = new Querier();
$qdiscipline = "select discipline_id, discipline, sort from discipline order by sort, discipline";
$disciplineArray = $querierDept->query($qdiscipline);
foreach ($disciplineArray as $value) {
    $ourlist .= "<li id=\"item-{$value['0']}\" class=\"sortable_item disc-sortable\"><a id=\"delete-{$value['0']}\"><img src=\"{$IconPath}/delete.png\" class=\"pointer\" /></a> &nbsp; <input type=\"text\" size=\"40\" name=\"discipline[]\" value=\"{$value['1']}\" /> <input type=\"hidden\" name=\"discipline_id[]\" value=\"{$value['0']}\" /></li>";
}
$discipline_box = "\n<form id=\"disciplines\" action=\"\" method=\"post\">\n<button class=\"button\" id=\"save_guide\"  class=\"button pure-button pure-button-primary\" style=\"display: block;\" name=\"update_disciplines\" >" . _("SAVE CHANGES") . "</button>\n\n<p>" . _("NOTE:  Disciplines were added to facilitate Serials Solution ingest of data.  This original set was provided by SerSol in Nov 2012. \n    If you are a SerSol customer, you might not want to change these.  Sort may or may not be implemented in your version of SP.") . "</p>\n<p>" . _("Enter discipline type label.") . "</p>\n<br />\n\n<ul id=\"sortable-\" class=\"sortable_list\">\n{$ourlist}\n</ul>\n</form>\n";
コード例 #13
0
ファイル: admin_bits.php プロジェクト: kenirwin/SubjectsPlus
         } else {
             print _("Thy Will Be Done.  Source list updated.");
         }
     }
     return;
     // return early so we don't show the stuff that follows
     break;
 case "delete_discipline":
     // Make sure no one is associated with this discipline
     $qChecker = "SELECT * FROM subject, subject_discipline WHERE subject.subject_id = subject_discipline.subject_id\n    AND subject_discipline.discipline_id = " . scrubData($_POST["delete_id"], "integer");
     $rChecker = $db->query($qChecker);
     //print $qChecker;
     if (count($rChecker) != 0) {
         print _("Your request cannot be completed:  There are one or more records linked to this source");
     } else {
         $qDeleteD = "DELETE FROM discipline WHERE discipline_id = " . scrubData($_POST["delete_id"], "integer");
         $rDeleteD = $db->exec($qDeleteD);
         if (!$rDeleteD) {
             echo blunDer("We have a problem with the delete source query: {$qDeleteD}");
         } else {
             print _("Thy Will Be Done.  Discipline list updated.");
         }
     }
     return;
     // return early so we don't show the stuff that follows
     break;
 case "address_lookup":
     //print urlencode($_REQUEST["address"]);
     $endpoint = "http://maps.googleapis.com/maps/api/geocode/json?address=" . urlencode($_REQUEST["address"]) . "&sensor=false";
     $address = curl_get($endpoint);
     //print $address;
コード例 #14
0
ファイル: guide.php プロジェクト: johnwinsor/SubjectsPlus
}*/
// do we have more than one tab?
if (count($all_tabs) > 1) {
    $multi_tab = TRUE;
} else {
    $multi_tab = FALSE;
}
// Add tracking image
$tracking_image = "<img style=\"display: none;\" src=\"" . $PublicPath . "track.php?subject=" . scrubData($_GET['subject']) . "&page_title=" . $page_title . "\" />";
print $tracking_image;
print $social_and_search;
?>

<div id="tabs" class="hide-tabs-fouc">
	<div id="main-content" data-subject="<?php 
echo scrubData($_GET['subject']);
?>
" data-url="<?php 
echo getSubjectsURL();
?>
" data-subject-id="<?php 
echo $this_id;
?>
">

		<div id="tab-container">
            <?php 
$printer_tabs = '<div class="printer_tabs"><div class="pure-button pure-button-topsearch print-img-tabs"><img src="../assets/images/printer.png" alt="Print" title="Print"></div></div>';
$printer_no_tabs = '<div class="printer_no_tabs"><div class="pure-button pure-button-topsearch print-img-no-tabs"><img src="../assets/images/printer.png" alt="Print" title="Print"></div></div>';
// Only show tabs if there is more than one tab
if ($multi_tab == TRUE) {
コード例 #15
0
ファイル: video_bits.php プロジェクト: kenirwin/SubjectsPlus
 case "ingest":
     $db = new Querier();
     // check if we already have a record like this
     $our_id = scrubData($_REQUEST["foreign_id"]);
     $qcheck = "SELECT video_id FROM video WHERE foreign_id = '" . $our_id . "'";
     //print $qcheck;
     $rcheck = $db->query($qcheck);
     if (count($rcheck) == 0) {
         $qinsert = "INSERT INTO video (title, description, source, foreign_id, duration, date, display)\n        values(\"" . $_POST["title"] . "\", \"" . $_POST["description"] . "\", \"" . $_POST["source"] . "\", \"" . $_POST["foreign_id"] . "\", \"" . $_POST["duration"] . "\", \"" . $_POST["upload_date"] . "\",\n          1                \n        )";
         //   print_r ($qinsert);
         $rinsert = $db->exec($qinsert);
         $video_id = $db->last_id();
     } else {
         // Do an update
         $db = new Querier();
         $qupdate = "UPDATE video \n          SET title = " . $db->quote(scrubData($_POST['title'])) . ",\n          description = " . $db->quote(scrubData($_POST['description'], 'richtext')) . ",\n          source = " . $db->quote(scrubData($_POST['source'])) . " ,\n          foreign_id = " . $db->quote(scrubData($_POST['foreign_id'])) . ",\n          duration = " . $db->quote(scrubData($_POST['duration'])) . " ,\n          date = " . $db->quote(scrubData($_POST['upload_date'])) . " ,\n          WHERE foreign_id = " . $our_id;
         //print_r ($qupdate);
         $rupdate = $db->exec($qupdate);
         $video_id = $rupdate[0];
     }
     // insert/update image
     // get small thumbnail
     $image = curl_get($_POST["thumbnail_small"]);
     //$image = file_get_contents($_POST["thumbnail_small"]);
     $new_image = "../../assets/images/video_thumbs/" . $video_id . "_small.jpg";
     file_put_contents($new_image, $image);
     // get medium thumbnail (actually the youtube one is pretty large)
     $image = curl_get($_POST["thumbnail_medium"]);
     //$image = file_get_contents($_POST["thumbnail_medium"]);
     $new_image = "../../assets/images/video_thumbs/" . $video_id . "_medium.jpg";
     file_put_contents($new_image, $image);
コード例 #16
0
ファイル: DbHandler.php プロジェクト: kenirwin/SubjectsPlus
 function writeTable($qualifier, $subject_id = '', $description_search = 0)
 {
     global $IconPath;
     global $proxyURL;
     $db = new Querier();
     // sanitize submission
     $subject_id = scrubData($subject_id);
     // Prepare conditions
     $condition1 = "";
     $condition2 = "";
     $condition3 = "";
     switch ($qualifier) {
         case "Num":
             $condition1 = "WHERE left(title, 1)  REGEXP '[[:digit:]]+'";
             $condition2 = "WHERE left(alternate_title, 1)  REGEXP '[[:digit:]]+'";
             break;
         case "All":
             $condition1 = "WHERE title != ''";
             $condition2 = "WHERE alternate_title != ''";
             break;
         case "bysub":
             if (isset($subject_id)) {
                 //get title ids in pluslets' resource token connected to subject
                 $lobjGuide = new Guide($subject_id);
                 $lobjTitleIds = $lobjGuide->getRelatedTitles();
                 $condition1 = "WHERE (subject_id = {$subject_id}";
                 $condition1 .= count($lobjTitleIds) > 0 ? "\nOR t.title_id IN (" . implode(',', $lobjTitleIds) . ")" : "";
                 $condition1 .= ")";
                 $condition2 = "WHERE subject_id = {$subject_id}";
             } else {
                 $condition1 = "WHERE title LIKE " . $db->quote("%" . $qualifier . "%");
                 $condition2 = "WHERE alternate_title LIKE " . $db->quote("%" . $qualifier . "%");
             }
             break;
         case "bytype":
             if (isset($_GET["type"])) {
                 $condition1 = "WHERE ctags LIKE " . $db->quote(scrubData($_GET["type"]));
                 $condition2 = "WHERE ctags LIKE " . $db->quote(scrubData($_GET["type"]));
                 $condition3 = "and alternate_title NOT NULL";
             }
             break;
         case "search":
             $condition1 = "WHERE title LIKE " . $db->quote("%" . $qualifier . "%");
             // If you uncomment the next line, it will search description field
             $condition1 = "WHERE (title LIKE " . $db->quote("%" . $qualifier . "%") . " OR description LIKE " . $db->quote("%" . $qualifier . "%");
             $condition2 = "WHERE alternate_title LIKE " . $db->quote("%" + $qualifier + "%");
             break;
         default:
             // This is the simple output by letter and also the search
             if (strlen($qualifier) == 1) {
                 // Is like the first letter
                 $condition1 = "WHERE title LIKE " . $db->quote($qualifier . "%");
             } else {
                 $condition1 = "WHERE title LIKE " . $db->quote("%" . $qualifier . "%");
             }
             if ($description_search == 1) {
                 // If you uncomment the next line, it will search description field
                 $condition1 = "WHERE (title LIKE " . $db->quote("%" . $qualifier . "%") . " OR description LIKE " . $db->quote("%" . $qualifier . "%") . ")";
             }
             $condition2 = "WHERE alternate_title LIKE " . $db->quote("%" + $qualifier + "%");
     }
     $q1 = "SELECT distinct left(t.title,1) as initial, t.title as newtitle, t.description, location, access_restrictions, t.title_id as this_record,eres_display, display_note, pre, citation_guide, ctags, helpguide\n            FROM title as t\n            INNER JOIN location_title as lt\n            ON t.title_id = lt.title_id\n            INNER JOIN location as l\n            ON lt.location_id = l.location_id\n            INNER JOIN restrictions as r\n            ON l.access_restrictions = r.restrictions_id\n            INNER JOIN rank as rk\n            ON rk.title_id = t.title_id\n            INNER JOIN source as s\n            ON rk.source_id = s.source_id\n            {$condition1}\n            AND eres_display = 'Y'\n            ORDER BY newtitle";
     $q2 = "SELECT distinct left(t.alternate_title,1) as initial, t.alternate_title as newtitle, t.description, location, access_restrictions, t.title_id as this_record,eres_display, display_note, pre, citation_guide, ctags, helpguide\n            FROM title as t\n            INNER JOIN location_title as lt\n            ON t.title_id = lt.title_id\n            INNER JOIN location as l\n            ON lt.location_id = l.location_id\n            INNER JOIN restrictions as r\n            ON l.access_restrictions = r.restrictions_id\n            INNER JOIN rank as rk\n            ON rk.title_id = t.title_id\n            INNER JOIN source as s\n            ON rk.source_id = s.source_id\n            {$condition2}\n\t\t        AND eres_display = 'Y'\n            {$condition3}\n\n\t\t        ORDER BY newtitle";
     $r = $db->query($q1);
     $num_rows = count($r);
     if ($num_rows == 0) {
         return "<div class=\"no_results\">" . _("Sorry, there are no results at this time.") . "</div>";
     }
     // prepare 	header
     $items = "<table width=\"98%\" class=\"item_listing\">";
     $row_count = 0;
     $colour1 = "oddrow";
     $colour2 = "evenrow";
     foreach ($r as $myrow) {
         $row_colour = $row_count % 2 ? $colour1 : $colour2;
         $patterns = "/'|\"/";
         $replacements = "";
         $item_title = $myrow[1];
         if ($myrow["pre"] != "") {
             $item_title = $myrow["pre"] . " " . $item_title;
         }
         $safe_title = trim(preg_replace($patterns, $replacements, $item_title));
         $blurb = $myrow["description"];
         $bib_id = $myrow[5];
         /// CHECK RESTRICTIONS ///
         if ($myrow['4'] == 2 or $myrow['4'] == 3) {
             $url = $proxyURL . $myrow[3];
             $rest_icons = "restricted";
         } elseif ($myrow['4'] == 4) {
             $url = $myrow[3];
             $rest_icons = "restricted";
         } else {
             $url = $myrow[3];
             $rest_icons = "";
             // if you want the unlocked icon to show, enter "unrestricted" here
         }
         $current_ctags = explode("|", $myrow["ctags"]);
         // add our $rest_icons info to this array at the beginning
         array_unshift($current_ctags, $rest_icons);
         $icons = showIcons($current_ctags);
         /// Check for Help Guide ///
         if ($myrow["helpguide"] != "") {
             $helpguide = " <a href=\"" . $myrow["helpguide"] . "\"><img src=\"{$IconPath}/help.gif\" border=\"0\" alt=\"" . _("Help Guide") . "\" title=\"" . _("Help Guide") . "\" /></a>";
         } else {
             $helpguide = "";
         }
         //Check if there is a display note
         if ($myrow["display_note"] == NULL) {
             $display_note_text = "";
         } else {
             $display_note_text = "<br /><strong>" . _("Note:") . " </strong>" . $myrow['display_note'];
         }
         $bonus = "{$blurb}<br />";
         if ($blurb != "") {
             $information1 = "<span id=\"bib-{$bib_id}\" class=\"toggleLink curse_me\"><img src=\"{$IconPath}/information.png\" border=\"0\" alt=\"" . _("more information") . "\" title=\"" . _("more information") . "\" /></span>";
             // This is new details link; you can use the one above if you prefer
             $information = "<span id=\"bib-{$bib_id}\" class=\"toggleLink curse_me\">" . _("about") . "</span>";
         } else {
             $information = "";
         }
         $target = targetBlanker();
         $items .= self::generateLayout($row_colour, $url, $target, $item_title, $information, $information1, $icons, $helpguide, $display_note_text, $bonus);
         $row_count++;
     }
     $items .= "</table>";
     return $items;
 }
コード例 #17
0
ファイル: guide_bits.php プロジェクト: kenirwin/SubjectsPlus
     $item_name = scrubData($_POST["our_item_text"]);
     $item_id = scrubData($_POST["our_item_id"], 'integer');
     echo "\n    <div class=\"selected_item_wrapper\">\n        <div class=\"selected_item\">\n            <input name=\"parent_id[]\" value=\"{$item_id}\" type=\"hidden\" />\n            {$item_name}<br />\n        </div>\n        <div class=\"selected_item_options\">\n            <img src=\"{$IconPath}/delete.png\" class=\"delete_item\" alt=\"delete\" title=\"remove\" border=\"0\">\n        </div>\n    </div>";
     break;
 case "add_discipline":
     $item_name = scrubData($_POST["our_item_text"]);
     $item_id = scrubData($_POST["our_item_id"], 'integer');
     echo "\n    <div class=\"selected_item_wrapper\">\n        <div class=\"selected_item\">\n            <input name=\"discipline_id[]\" value=\"{$item_id}\" type=\"hidden\" />\n            {$item_name}<br />\n        </div>\n        <div class=\"selected_item_options\">\n            <img src=\"{$IconPath}/delete.png\" class=\"delete_item\" alt=\"delete\" title=\"remove\" border=\"0\">\n        </div>\n    </div>";
     break;
 case "test_shortform":
     if ($_GET["subject_id"] == "") {
         // INSERT
         $qcheck = "SELECT shortform FROM subject WHERE shortform = '" . $db->quote(scrubData($_GET["value"])) . "'";
     } else {
         // UPDATE
         $qcheck = "SELECT shortform FROM subject WHERE shortform = '" . $db->quote(scrubData($_GET["value"])) . "' AND subject_id != '" . $db->quote(scrubData($_GET["subject_id"])) . "'";
     }
     //print $qcheck;
     $rcheck = $db->query($qcheck);
     if (count($rcheck) == 0) {
         echo "ok";
     } else {
         echo "dupe";
     }
     break;
 case "email_link_report":
     $message_body = stripslashes($_POST["linkresults"]);
     $subject_line = _("LinkChecker Results for ") . $_POST["shortform"];
     if ($_POST["sendto"] == "send_report2all") {
         $q = "SELECT subject, email\n                FROM subject s, staff_subject ss, staff st\n                WHERE s.subject_id = ss.subject_id\n                AND ss.staff_id = st.staff_id\n                AND s.shortform = '" . $_POST["shortform"] . "'";
         //print $q;
コード例 #18
0
ファイル: talkback.php プロジェクト: johnwinsor/SubjectsPlus
    }
    $statement->bindParam(":year", $this_year);
    $statement->bindParam(":tbtags", $filter);
    $statement->bindParam(":ctags", $cat_tags);
    $statement->execute();
    $our_result = $statement->fetchAll();
    $comment_header = "<h2>" . _("Comments from Previous Years") . " <span style=\"font-size: 12px;\"><a href=\"talkback.php?v={$set_filter}\">" . _("See this year") . "</a></span></h2>";
} else {
    // New ones //
    $db = new Querier();
    $connection = $db->getConnection();
    $statement = $connection->prepare("SELECT talkback_id, question, q_from, date_submitted, DATE_FORMAT(date_submitted, '%b %d %Y') as thedate,\n\tanswer, a_from, fname, lname, email, staff.title, YEAR(date_submitted) as theyear\n\tFROM talkback LEFT JOIN staff\n\tON talkback.a_from = staff.staff_id\n\tWHERE (display ='1' OR display ='Yes')\n    AND tbtags LIKE :tbtags\n\tAND cattags LIKE :ctags\n\tAND YEAR(date_submitted) >= :year\n\tORDER BY date_submitted DESC");
    $statement->bindParam(":year", $this_year);
    $filter = '%' . $set_filter . '%';
    if (isset($_GET['c'])) {
        $cat_tags = '%' . scrubData($_GET['c']) . '%';
    } else {
        $cat_tags = "%%";
    }
    //AND tbtags LIKE :tbtags
    $statement->bindParam(":tbtags", $filter);
    $statement->bindParam(":ctags", $cat_tags);
    $statement->execute();
    $our_result = $statement->fetchAll();
    $comment_header = "<h2>" . _("Comments from ") . "{$this_year} <span style=\"font-size: 11px; font-weight: normal;\"><a href=\"talkback.php?t=prev&v={$set_filter}\">" . _("See previous years") . "</a></span></h2>";
}
/* Select all Records, either current or previous year*/
$result_count = count($our_result);
if ($result_count != 0) {
    $row_count = 1;
    $results = "";
コード例 #19
0
ファイル: index_c.php プロジェクト: johnwinsor/SubjectsPlus
    $newlist .= "<li><a href=\"{$db_url}{$myrow['1']}\">{$myrow['0']}</a></li>\n";
}
$newlist .= "</ul>\n";
// Add header now, because we need a value ($v2styles) from it
include "includes/header_med.php";
// put together our main result display
//**************************************
$pills = "";
//init
$layout = "";
//init
$collection_results = "";
//init
// Is this a search?
if (isset($_POST["searchterm"]) && $_POST["searchterm"] != "") {
    $searchterm = scrubData($_POST["searchterm"]);
    $search_param = "%" . $searchterm . "%";
    $pills = "<div class=\"pills-label\">" . _("Start over:") . "</div><div class=\"pills-container\"><a href=\"index.php\">See All Research Guides</a></div>";
    $q_search = "select * from subject \n    WHERE active = '1' \n    AND type != 'Placeholder' \n    AND subject LIKE '{$search_param}'\n    ORDER BY subject";
    $statement = $connection->prepare($q_search);
    $statement->execute();
    $r_search = $statement->fetchAll();
    $col_1 = "<div class=\"pure-u-1 pure-u-md-1-2\"><ul class=\"guide-listing\">";
    foreach ($r_search as $key => $value) {
        $guide_location = $guide_path . $value['shortform'];
        $list_bonus = "";
        if ($value[6] != "") {
            $list_bonus .= $value[6] . "<br /><br />";
        }
        // add description
        if ($value[7] != "") {
コード例 #20
0
ファイル: departments.php プロジェクト: kenirwin/SubjectsPlus
    $values = array($b, $c, $d, $e);
    foreach ($a as $index => $key) {
        $t = array();
        foreach ($values as $value) {
            $t[] = $value[$index];
        }
        $result[$key] = $t;
    }
    /* 	print "<pre>";
        print_r($result);
        print "</pre>"; */
    // Loop through array, update departments table
    $row_count = 1;
    $error = FALSE;
    foreach ($result as $key => $value) {
        $qUpDept = "UPDATE department SET\n        name = " . $db->quote(scrubData($value[0])) . ",\n        telephone = " . $db->quote(scrubData($value[1])) . ",\n        department_sort = " . $row_count . ",\n        email = " . $db->quote(scrubData($value[2])) . ",\n        url = " . $db->quote(scrubData($value[3])) . "\n        WHERE department_id = " . scrubData($key, "integer");
        $rUpDept = $db->exec($qUpDept);
        $row_count++;
    }
    $feedback = _("Thy Will Be Done.  Department list order updated.");
    // Show feedback
    //$feedback = $record->getMessage();
    // See all the queries?
    //$record->deBug();
}
///////////////
// Departments
///////////////
$querierDept = new Querier();
$qDept = "select department_id, name, telephone, department_sort, email, url from department order by department_sort";
$deptArray = $querierDept->query($qDept);
コード例 #21
0
ファイル: login.php プロジェクト: johnwinsor/SubjectsPlus
    }
}
//added in order to redirect to control home if already logged in. Only check if $sessionCheck variable doesn't exists and says no
$sessionCheck = checkSession();
if ($sessionCheck != "failure") {
    global $CpanelPath;
    header("location:{$CpanelPath}");
    exit;
}
// If they have tried too many times, send them away
// Could add some sort of log of this failed attempt . . .
if ($postvar_thecount > 3) {
    header("location:{$PublicPath}");
}
$postvar_username = scrubData($postvar_username);
$postvar_password = scrubData($postvar_password);
// Start the counting after the first $_POST submission
if ($postvar_username == "") {
    $postvar_thecount = 1;
} else {
    $postvar_thecount++;
}
$success = "no";
$introtext = "\n<br />" . _("Please enter your <strong>credentials</strong> to proceed.") . "</p>";
$login_form = "<div align=\"center\">\n\n\n<form action=\"login.php\" method=\"post\" style=\"font-size: 1em;\">\n\n<input type=\"hidden\" name=\"thecount\" value=\"" . $postvar_thecount . "\" />\n<table cellpadding=\"7\" cellspacing=\"0\" border=\"0\" class=\"striped_data\">\n\n<tr>\n\n<td valign=\"top\" class=\"odd\"><strong>" . _("Login") . "</strong></td>\n\n<td valign=\"top\" class=\"odd\" align=\"left\"><input name=\"username\" type=\"text\" value=\"{$postvar_username}\" size=\"20\" /></td>\n\n</tr>\n\n<tr>\n\n<td valign=\"top\" class=\"even\"><strong>" . _("Password") . "</strong></td>\n\n<td valign=\"top\" class=\"even\" align=\"left\"><input name=\"password\" type=\"password\" value=\"{$postvar_password}\" size=\"20\" /></td>\n\n</tr>\n\n<tr>\n\n<td valign=\"top\" class=\"odd\" colspan=\"2\"><div align=\"center\"><input class=\"button\"  type=\"submit\" value=\"login\" /></div></td>\n\n</tr>\n\n<tr>\n\n<td valign=\"top\" class=\"even\" colspan=\"2\"><div align=\"right\"><a href=\"forgotpassword.php\">" . _("Forgot Password") . "</a></div></td>\n\n</tr>\n\n</table>\n\n</form>\n\n</div>\n";
if ($postvar_username != "" and isset($postvar_password)) {
    // just to try to be nice, try appending the defined (in config.php) campus ending (@yourcollege.edu)
    // if the login lacks one
    $pos = strpos($postvar_username, "@");
    if ($pos === false) {
        $postvar_username = $postvar_username . $email_key;
コード例 #22
0
ファイル: staff.php プロジェクト: johnwinsor/SubjectsPlus
    include "themes/{$subjects_theme}/staff.php";
    exit;
}
$page_title = "Library Staff";
$description = "Library contact list.";
$keywords = "staff list, librarians, contacts";
$use_jquery = array("ui", "ui_styles");
//////////
// Generate List
//////////
$intro = "<br />";
$our_cats = array("A-Z", "By Department", "Subject Librarians A-Z", "Librarians by Subject Specialty");
if (!isset($_GET["letter"]) || $_GET["letter"] == "") {
    $_GET["letter"] = "A-Z";
}
$selected_letter = scrubData($_GET["letter"]);
$alphabet = getLetters($our_cats, $selected_letter);
if ($selected_letter == "A-Z") {
    $intro = "<p><img src=\"{$IconPath}/information.png\" alt=\"icon\" /> Click on a name for more information.</p>\n<br />";
}
$staff_data = new StaffDisplay();
$out = $staff_data->writeTable($selected_letter);
// Assemble the content for our main pluslet
$display = $alphabet . $intro . $out;
////////////////////////////
// Now we are finally read to display the page
////////////////////////////
include "includes/header.php";
?>
<div class="pure-g">
<div class="pure-u-1 pure-u-lg-2-3 pure-u-xl-4-5">
コード例 #23
0
ファイル: Guide.php プロジェクト: johnwinsor/SubjectsPlus
 function dupeCheck()
 {
     $db = new Querier();
     // returns TRUE is there is already an item with that subject or shortform
     if ($this->_subject_id == "") {
         // INSERT
         $qcheck = "SELECT shortform FROM subject WHERE shortform = " . $db->quote(scrubData($this->_shortform));
     } else {
         // UPDATE
         $qcheck = "SELECT shortform FROM subject WHERE shortform = " . $db->quote(scrubData($this->_shortform)) . " AND subject_id != " . $this->_subject_id;
     }
     //print $qcheck;
     $db = new Querier();
     $rcheck = $db->query($qcheck);
     $this->_debug .= "<p>Dupe check: {$qcheck}</p>";
     if (count($rcheck) == 0) {
         return FALSE;
     } else {
         return TRUE;
     }
 }
コード例 #24
0
ファイル: Staff.php プロジェクト: johnwinsor/SubjectsPlus
 function isEmailUnique($lstrType = "")
 {
     $db = new Querier();
     switch (strtolower($lstrType)) {
         case "insert":
             $lstrQuery = "SELECT email FROM staff WHERE email = " . $db->quote(scrubData($this->_email, "email"));
             break;
         case "update":
             $lstrQuery = "SELECT email FROM staff WHERE email = " . $db->quote(scrubData($this->_email, "email")) . "AND staff_id <> " . scrubData($this->_staff_id, "integer");
             break;
         default:
             return false;
     }
     $lrscSQL = $db->query($lstrQuery);
     $lintNumberOfRows = count($lrscSQL);
     if ($lintNumberOfRows > 0) {
         return false;
     }
     return true;
 }
コード例 #25
0
ファイル: databases.php プロジェクト: johnwinsor/SubjectsPlus
if ($rnew = $statement->fetchAll()) {
    $newlist = "<ul>\n";
    foreach ($rnew as $myrow) {
        $db_url = "";
        // add proxy string if necessary
        if ($myrow[2] != 1) {
            $db_url = $proxyURL;
        }
        $newlist .= "<li><a href=\"{$db_url}{$myrow['1']}\">{$myrow['0']}</a></li>\n";
    }
    $newlist .= "</ul>\n";
}
// Intro text
$intro = "";
if (isset($_POST["searchterm"])) {
    $selected = scrubData($_POST["searchterm"]);
    $intro .= "<p style=\"background-color: #eee; padding: .3em; border: 1px solid #ccc; width: 75%;\">Search results for <strong>{$selected}</strong></p><br />";
}
$intro .= "<br class=\"clear-both\" />\n<div style=\"float: right; padding: 0 1.5em .5em 0;\"><a id=\"expander\" style=\"cursor: pointer;\">expand all descriptions</a></div>";
// Create our table of databases object
$our_items = new DbHandler();
$out = "";
// if we're showing the subject list, do so
if ($show_subjects == TRUE) {
    $out .= $our_items->displaySubjects();
} elseif ($show_types == TRUE) {
    $out .= $our_items->displayTypes();
} else {
    // if it's the type type, show filter tip
    if (isset($clean_type) && $clean_type != "") {
        $out .= "<div class=\"faq_filter\">displaying databases filtered by {$clean_type} >> <a href=\"databases.php?letter=bytype\">view all types</a></div>";
コード例 #26
0
ファイル: index.php プロジェクト: johnwinsor/SubjectsPlus
} else {
    $set_tag = "";
}
if (isset($_GET["cattag"]) && $_GET["cattag"] != "") {
    $set_cattag = scrubData($_GET["cattag"]);
} else {
    $set_cattag = "";
}
//////////////////////
// LIMITS
// Set up limit for use in page; in sql; and acceptable range of limits
//
//////////////////////
// See if user has submitted limit
if (isset($_GET["show"]) && $_GET["show"] != "") {
    $set_limit = scrubData($_GET["show"]);
    // Now we set things up for use in our query
    switch ($_GET["show"]) {
        case "10":
        case "25":
        case "50":
            $our_sql_limit = "LIMIT 0," . $_GET["show"];
            $set_limit = $_GET["show"];
            break;
        case "all":
            $our_sql_limit = "";
            $set_limit = "all";
            break;
        default:
            $our_sql_limit = "LIMIT 0, 25";
            $set_limit = $default_limit;
コード例 #27
0
 function writeTable($qualifier, $get_assoc_subs = 1, $print_display = 0)
 {
     global $tel_prefix;
     global $mod_rewrite;
     // sanitize submission
     $selected = scrubData($qualifier);
     switch ($qualifier) {
         case "Faculty Profiles":
             $q = "select lname, fname, title, tel, email, staff_id, ptags\n\t\t\tFROM staff\n\t\t\tWHERE active = 1\n            AND ptags like '%librarian%'\n\t\t\torder by lname, fname";
             $r = $db->query($q);
             $items = "<table width=\"98%\" class=\"item_listing\">";
             $row_count = 0;
             $colour1 = "oddrow";
             $colour2 = "evenrow";
             $current_dept = "";
             foreach ($r as $myrow) {
                 $row_colour = $row_count % 2 ? $colour1 : $colour2;
                 $lname = $myrow["0"];
                 $fname = $myrow["1"];
                 $title = $myrow["2"];
                 $tel = $myrow["3"];
                 $email = $myrow["4"];
                 $name_id = explode("@", $email);
                 $staff_id = $myrow["5"];
                 $ptags = $myrow["6"];
                 if ($get_assoc_subs == 1) {
                     // Grab our subjects, if any
                     $assoc_subjects = self::getAssocSubjects($staff_id, $ptags);
                 } else {
                     $assoc_subjects = "";
                 }
                 if ($mod_rewrite == 1) {
                     $link_to_details = "staff/" . $name_id[0];
                 } else {
                     $link_to_details = "staff_details.php?name=" . $name_id[0];
                 }
                 $items .= "<tr class=\"{$row_colour}\">\n\t\t<td style=\"width: 20%\" align=\"left\" class=\"{$row_colour}\"><span class=\"staff_contact\">";
                 if ($print_display != 1) {
                     $items .= "<a href=\"{$link_to_details}\">{$lname}, {$fname}</a>";
                 } else {
                     $items .= "{$lname}, {$fname}";
                 }
                 $items .= "</span></td>\n\t\t\t<td style=\"width: 40%\" align=\"left\" class=\"{$row_colour}\">{$title} {$assoc_subjects}</td>\n\t\t\t<td align=\"left\" class=\"{$row_colour}\">{$tel_prefix}{$tel} </td>\n\t\t\t<td class=\"{$row_colour}\"><a href=\"mailto:{$email}\">{$email}</a></td></tr>";
                 $row_count++;
             }
             $items .= "</table>";
             break;
         case "By Department":
             $q = "select distinct d.department_sort, staff.staff_sort, name, lname, fname, title, staff.tel, staff.email, d.department_id, d.telephone, staff.staff_id, staff.ptags\n\t\t\tFROM department d, staff\n\t\t\tWHERE d.department_id = staff.department_id\n\t\t\tAND user_type_id = '1'\n            AND active = 1\n\t\t\torder by department_sort, d.name,  staff_sort desc, lname";
             $db = new Querier();
             $r = $db->query($q);
             $items = "<table class=\"footable foo2\"><thead><tr><th data-sort-ignore=\"true\">&nbsp;</th><th data-sort-ignore=\"true\">&nbsp;</th><th data-sort-ignore=\"true\" data-hide=\"phone,mid\">&nbsp;</th><th data-sort-ignore=\"true\" data-hide=\"phone\">&nbsp;</th><th data-hide=\"phone,mid\" data-sort-ignore=\"true\">&nbsp;</th></tr></thead>";
             $row_count = 0;
             $colour1 = "oddrow";
             $colour2 = "evenrow";
             $current_dept = "";
             foreach ($r as $myrow) {
                 $row_colour = $row_count % 2 ? $colour1 : $colour2;
                 $dept_name = $myrow["2"];
                 $lname = $myrow["3"];
                 $fname = $myrow["4"];
                 $title = $myrow["5"];
                 $tel = $myrow["6"];
                 $email = $myrow["7"];
                 $dept_id = $myrow["8"];
                 $dept_tel = $myrow["9"];
                 $name_id = explode("@", $email);
                 $staff_id = $myrow["10"];
                 $ptags = $myrow["11"];
                 if ($get_assoc_subs == 1) {
                     // Grab our subjects, if any
                     $assoc_subjects = self::getAssocSubjects($staff_id, $ptags);
                 } else {
                     $assoc_subjects = "";
                 }
                 // end subject listing
                 if ($mod_rewrite == 1) {
                     $link_to_details = "staff/" . $name_id[0];
                 } else {
                     $link_to_details = "staff_details.php?name=" . $name_id[0];
                 }
                 if ($current_dept != $dept_id) {
                     $items .= "<tr><td class=\"dept_label\" colspan=\"5\"><a name=\"{$dept_id}\"></a><h2 class=\"dept_header\">{$dept_name}&nbsp; &nbsp;" . $tel_prefix . $dept_tel . "</h2></td></tr>";
                 }
                 $items .= "<tr class=\"{$row_colour}\">\n          <td class=\"{$row_colour} staffpic\">";
                 // Here we stick in their headshot; comment out if you don't want; maybe later this should be an admin parameter
                 $items .= getHeadshot($email, 'medium');
                 $items .= "</td>\n\t\t      <td class=\"{$row_colour}\"><span class=\"staff_contact\">";
                 if ($print_display != 1) {
                     $items .= "<a href=\"{$link_to_details}\">{$lname}, {$fname}</a>";
                 } else {
                     $items .= "{$lname}, {$fname}";
                 }
                 $items .= "</span></td>\n    \t\t\t<td class=\"{$row_colour}\">{$title} {$assoc_subjects}</td>\n    \t\t\t<td class=\"{$row_colour}\">{$tel_prefix}{$tel} </td>\n    \t\t\t<td class=\"{$row_colour}\"><a href=\"mailto:{$email}\">{$email}</a></td></tr>";
                 $row_count++;
                 $current_dept = $dept_id;
             }
             $items .= "</table>";
             break;
         case "Subject Librarians A-Z":
             $q = "select distinct lname, fname, title, tel, email, staff.staff_id\n                from staff, staff_subject ss, subject su\n                where staff.staff_id = ss.staff_id\n                AND ss.subject_id = su.subject_id\n                AND staff.active = 1\n                AND type = 'Subject'\n                AND su.active = '1'\n                AND user_type_id = '1'\n                AND shortform != 'NewDatabases'\n                order by lname, fname";
             $db = new Querier();
             $r = $db->query($q);
             $items = "<table class=\"footable foo3\" width=\"100%\">\n        <thead><tr class=\"staff-heading\"><th data-sort-ignore=\"true\">&nbsp;</th><th><strong>" . _("Librarian") . "</strong></th><th data-hide=\"phone,mid\" data-sort-ignore=\"true\"><strong>" . _("Subject Responsibilities") . "</strong></th></tr></thead>";
             $row_count = 0;
             $colour1 = "oddrow";
             $colour2 = "evenrow";
             foreach ($r as $myrow) {
                 $row_colour = $row_count % 2 ? $colour1 : $colour2;
                 $items .= "<tr class=\"{$row_colour}\">\n";
                 $items .= showStaff($myrow[4], '', '', 1);
                 $items .= "<td>";
                 $sub_query = "select subject, shortform from subject, staff_subject\n                    WHERE subject.subject_id = staff_subject.subject_id\n                    AND staff_id =  '{$myrow['5']}'\n                    AND type = 'Subject'\n                    AND active = '1'\n                    AND shortform != 'NewDatabases'\n                    ORDER BY subject";
                 /* Select all active records (this is based on a db connection made above) */
                 $sub_result = $db->query($sub_query);
                 $num_rows = count($sub_result) - 1;
                 // Loop through all items, sticking commas in between
                 $subrowcount = 0;
                 foreach ($sub_result as $subrow) {
                     if ($mod_rewrite == 1) {
                         $linky = $subrow[1];
                     } else {
                         $linky = "guide.php?subject=" . $subrow[1];
                     }
                     $items .= "<a href=\"{$linky}\">{$subrow['0']}</a>";
                     if ($subrowcount < $num_rows) {
                         $items .= ", ";
                     }
                     $subrowcount++;
                 }
                 $items .= "</td>\n\n\t\t\t\t\t</tr>";
                 $row_count++;
             }
             $items .= "</table>";
             break;
         case "Librarians by Subject Specialty":
             $q = "select lname, fname, title, tel, email, subject, staff.staff_id, shortform from\n                    staff, staff_subject, subject\n\t\t\twhere staff.staff_id = staff_subject.staff_id\n\t\t\tAND staff_subject.subject_id = subject.subject_id\n\t\t\tAND type = 'Subject'\n            AND staff.active = 1\n            AND subject.active = 1\n            AND shortform != 'NewDatabases'\n\t\t\torder by subject, lname, fname";
             $head_fields = array("Subject", "Library Liaison", "Phone", "Email");
             $db = new Querier();
             $r = $db->query($q);
             $items = prepareTH($head_fields);
             $row_count = 0;
             $colour1 = "oddrow";
             $colour2 = "evenrow";
             $subrowsubject = "";
             foreach ($r as $myrow) {
                 $full_name = $myrow["lname"] . ", " . $myrow["fname"];
                 $title = $myrow["title"];
                 $tel = $tel_prefix . $myrow["tel"];
                 $email = $myrow["email"];
                 $name_id = explode("@", $email);
                 if ($subrowsubject == $myrow["subject"]) {
                     //$psubject = " ";
                     $psubject = $myrow["subject"];
                     $row_count--;
                 } else {
                     $subrowsubject = $myrow["subject"];
                     $psubject = $myrow["subject"];
                     $shortsub = $myrow["shortform"];
                 }
                 $row_colour = $row_count % 2 ? $colour1 : $colour2;
                 $items .= "<tr class=\"{$row_colour}\">\n\n\t\t\t\t\t<td>";
                 if ($mod_rewrite == 1) {
                     $linky = $shortsub;
                 } else {
                     $linky = "guide.php?subject=" . $shortsub;
                 }
                 $items .= "<a href=\"{$linky}\">{$psubject}</a>";
                 $items .= "</td>\n";
                 $items .= "<td>";
                 if ($mod_rewrite == 1) {
                     $linky = "staff_details.php?name=" . $name_id[0];
                 } else {
                     $linky = "staff_details.php?name=" . $name_id[0];
                 }
                 $items .= "<a href=\"{$linky}\">{$full_name}</a></td>";
                 $items .= "<td>";
                 $items .= $tel;
                 $items .= "</td>\n";
                 $items .= "<td>";
                 $items .= "<a href=\"mailto:{$email}\">{$email}</a>";
                 $items .= "</td>\n\n\t\t\t\t\t</tr>";
                 $row_count++;
             }
             $items .= "</table>";
             break;
         case "A-Z":
         default:
             $q = "SELECT s.staff_id, lname, fname, title, tel, s.email, name, ptags\n\t\t\tFROM staff s\n\t\t\tLEFT JOIN department d on s.department_id = d.department_id\n\t\t\tWHERE user_type_id = '1'\n            AND active = 1\n\t\t\tORDER BY s.lname, s.fname";
             $hf1 = array("label" => "Name", "hide" => false, "nosort" => false);
             $hf2 = array("label" => "Title", "hide" => true, "nosort" => false);
             $hf3 = array("label" => "Phone", "hide" => false, "nosort" => true);
             $hf4 = array("label" => "Email", "hide" => true, "nosort" => true);
             $head_fields = array($hf1, $hf2, $hf3, $hf4);
             $db = new Querier();
             $r = $db->query($q, PDO::FETCH_ASSOC);
             $items = prepareTHUM($head_fields);
             $row_count = 0;
             $colour1 = "oddrow";
             $colour2 = "evenrow";
             foreach ($r as $myrow) {
                 $row_colour = $row_count % 2 ? $colour1 : $colour2;
                 $staff_id = $myrow["staff_id"];
                 $full_name = $myrow["lname"] . ", " . $myrow["fname"];
                 $title = $myrow["title"];
                 $tel = $tel_prefix . $myrow["tel"];
                 $email = $myrow["email"];
                 $name_id = explode("@", $email);
                 $department = $myrow["name"];
                 $ptags = $myrow["ptags"];
                 if ($get_assoc_subs == 1) {
                     // Grab our subjects, if any
                     $assoc_subjects = self::getAssocSubjects($staff_id, $ptags);
                 } else {
                     $assoc_subjects = "";
                 }
                 if ($mod_rewrite == 1) {
                     $link_to_details = "staff/" . $name_id[0];
                 } else {
                     $link_to_details = "staff_details.php?name=" . $name_id[0];
                 }
                 //$headshot = getHeadshot($email, "medium");
                 $items .= "\n\t\t<tr class=\"zebra {$row_colour}\">\n\t\t\t<td class=\"staff-name-row\">";
                 if ($print_display != 1) {
                     $items .= "<a href=\"{$link_to_details}\" class=\"no_link\">{$full_name}</a>";
                 } else {
                     $items .= "{$full_name}";
                 }
                 $items .= "</td>\n\t\t\t<td class=\"staff-title-row\">{$title} {$assoc_subjects}</td>\n\t\t\t<td  class=\"staff-tel-row\">{$tel} &nbsp;</td>\n\t\t\t<td  class=\"staff-email-row\"><a href=\"mailto:{$email}\">{$email}</a></td>\n\t\t</tr>";
                 $row_count++;
             }
             $items .= "</table>";
             break;
     }
     return $items;
 }
コード例 #28
0
ファイル: guide.php プロジェクト: kenirwin/SubjectsPlus
        $left_width = 0;
    }
    if (isset($col_widths[1])) {
        $main_width = $col_widths[1] * 8;
    } else {
        $main_width = 0;
    }
    if (isset($col_widths[2]) && $col_widths[2] > 0) {
        $side_width = $col_widths[2] * 8 - 3;
        // we make this a squidgen narrower so it doesn't wrap nastily
    } else {
        $side_width = 0;
    }
    // Is there a selected tab?
    if (isset($_GET["t"]) && $_GET["t"] != "") {
        $selected_tab = scrubData($_GET["t"]);
    } else {
        $selected_tab = 0;
    }
    //create new guide object and set admin view to true
    $lobjGuide = new Guide($this_id);
    $lobjGuide->_isAdmin = TRUE;
    $all_tabs = $lobjGuide->getTabs();
} else {
    print "no guide";
}
////////////////////////////
// Now, get our pluslets //
///////////////////////////
global $pluslets_activated;
$all_boxes = "\n<ul id=\"box_options\">\n<li class=\"box_note box-item\">" . _("Drag selection, then drop to right") . "</li>";
コード例 #29
0
$description = _("The best stuff for your research.  No kidding.");
$keywords = _("research, databases, subjects, search, find");
$noheadersearch = TRUE;
$db = new Querier();
$connection = $db->getConnection();
// let's use our Pretty URLs if mod_rewrite = TRUE or 1
if ($mod_rewrite == 1) {
    $guide_path = "";
} else {
    $guide_path = "guide.php?subject=";
}
///////////////////////
// Have they done a search?
$search = "";
if (isset($_POST["search"])) {
    $search = scrubData($_POST["search"]);
}
// Get the subjects for jquery autocomplete
$suggestibles = "";
// init
$q = "select subject, shortform from subject where active = '1' AND type != 'Placeholder' order by subject";
$statement = $connection->prepare($q);
$statement->execute();
$r = $statement->fetchAll();
//initialize $suggestibles
$suggestibles = '';
foreach ($r as $myrow) {
    $item_title = trim($myrow[0][0]);
    if (!isset($link)) {
        $link = '';
    }
コード例 #30
0
ファイル: manage.php プロジェクト: johnwinsor/SubjectsPlus
 $fckuserfilesPath = "../../assets/fckuserfiles";
 $spuserfilesPath = "../../assets/users";
 $fckFiles = listdir($fckuserfilesPath);
 $userFiles = listdir($spuserfilesPath);
 $files = array_merge($fckFiles, $userFiles);
*/
$use_unix_find = TRUE;
// admin can add parameter to see all
//change dgonzalez v2.0 to use getAssestPath function (dynamic)
if (isset($_GET["view"])) {
    if ($_GET["view"] == "all") {
        //$userPath = $root . "/sp/assets/users";
        $userPath = getAssetPath() . "users";
    } else {
        //$userPath = $root . "/sp/assets/users/" . "_" . scrubData($_GET["view"]);
        $userPath = getAssetPath() . "users" . DIRECTORY_SEPARATOR . "_" . scrubData($_GET["view"]);
    }
} else {
    //$userPath = $root . "/sp/assets/users/" . "_" . $this_user[0];
    $userPath = getAssetPath() . "users" . DIRECTORY_SEPARATOR . "_" . $this_user[0];
}
// Collect the filenames from the following two locations and their subdirectories
if (!isset($use_unix_find)) {
    $userFilesCmd = "find " . $userPath . " -type f";
    $userFiles = shell_exec($userFilesCmd);
    $userFiles = preg_split('/\\n/', $userFiles);
    $disposable = array_pop($userFiles);
} else {
    $userFiles = listdir($userPath);
}
$querier = new Querier();