コード例 #1
0
function option_html($selected = '', $arr = array())
{
    $selected = trim($selected);
    foreach ($arr as $k => $v) {
        $k = secure_data($k);
        $is_selected = $k === $selected ? 'selected="selected"' : '';
        echo '<option value="' . $k . '" ' . $is_selected . '>' . $v . '</option>';
    }
}
コード例 #2
0
ファイル: lib.php プロジェクト: 0-php/AI
function understanding($input, $db)
{
    $output = '';
    $action = '';
    //Initial check (mainly for size)
    $input_params = text_parameters($input);
    //If input is correct, eval hardcoded commands
    $hard = hardcoded($input, $db);
    if ($hard != FALSE) {
        $type = 'Hardcoded';
        $output .= addslashes($hard['output']);
        if ($hard['out_type'] == 'append') {
            $method = 'append';
        } else {
            $method = 'html';
        }
        $action = "\$('#" . $hard['element'] . "')." . $method . "('" . $output . "')";
    } else {
        $output .= 'Input: <b>' . $input . '</b><br>';
        //In case we're done work already and cached it
        $meaning = check_cache_for_input($input);
        //Sanitize from common errors of transmitting data in computer systems
        $meaning = sanitize($meaning);
        //Make sure nothing in input will threaten system in any way. Output is code, ready to execute
        $input_secured = secure_data($meaning);
        //Determining data type, content type
        $input_types = typification($meaning);
        //Create simplified version in case of too complex input can slow down understanding
        $input_simplified = simplify($meaning, $input_types);
        $types = get_main_types($input_types);
        if ($types === FALSE) {
            //Can't be
            die("Unknown type of input. Something really wrong");
        }
        $results = array();
        foreach ($types as $type) {
            //echo $type;
            $results[] = output_mapping($input, $type);
        }
        $best_result = best_result($results);
        $output .= 'Input type: ' . $best_result['type'] . '<br><br>Output:<br><br>';
        $output .= "<b>" . $best_result['output'] . "</b><br><br>";
        $action = "\$('#output').append('" . $output . "');";
    }
    return array('output' => $output, 'action' => $action);
}
コード例 #3
0
<?php

require_once 'config.php';
$id = secure_data($_GET['id']);
$uk = secure_data($_GET['uk']);
$payment_data = mysql_get_rows('payments', array('where' => "md5(id)='{$id}' AND md5(unique_key)='{$uk}'"), 1);
if (!$payment_data) {
    header("Location: " . SITE_URL . "admin/");
    die;
}
$user_data = mysql_get_rows('users', array('where' => "id='{$payment_data['user_id']}'"), 1);
$messages = array();
$overdue = 0;
if ($payment_data['info_updated'] == 1) {
    $msg_types = implode(',', array(0, 1, 2, 3, 4, 5, 6));
    $info_data = mysql_get_rows('messages', array('where' => "payment_id='{$payment_data['id']}' AND msg_type='1'"), 1);
    $messages = mysql_get_rows('messages', array('where' => "payment_id='{$payment_data['id']}' AND msg_type IN ({$msg_types})"));
    $time = time();
    $deliver_time = strtotime($payment_data['order_start_date']) + $info_data['days'] * 86400;
    if (in_array($payment_data['job_status'], array(2, 4)) && $time > $deliver_time) {
        $overdue = 1;
    }
}
if (!is_array($messages)) {
    $messages = array();
}
?>
			<div id="page-wrapper">
				<div class="loader-parent clearfix mb20">
					<h1 class="page-header">Outsource Info</h1>
					<div class="well well-msg clearfix">
コード例 #4
0
<?php

checkAjax();
$error = 0;
$message = '';
$fields = array('name', 'content', 'parent');
$required_fields = array('name', 'content', 'parent');
$insert_data = array();
$return_data = array('status' => 0);
foreach ($fields as $field) {
    if ($field === 'content') {
        $val = addslashes(trim($_POST[$field]));
    } else {
        $val = secure_data($_POST[$field]);
    }
    if (in_array($field, $required_fields) && $val === '') {
        $error = 1;
        $message .= $message !== '' ? '<br>Please fill up all data' : 'Please fill up all data';
        break;
    }
    $insert_data[$field] = $val;
}
if ($error == 0) {
    $parent = $insert_data['parent'];
    $course_id = selectDB(" WHERE id='{$parent}'", 'course_sections', 'course_id');
    $insert_data['created_at'] = date('Y-m-d H:i:s', time());
    $insert_data['type'] = 2;
    $insert_data['course_id'] = $course_id;
    insertDB($insert_data, 'course_sections');
    $_SESSION['msg_selector'] = 'success';
    $_SESSION['msg_message'] = 'step added succesfully.';
コード例 #5
0
function evalArg($type, $arg)
{
    switch ($type) {
        case 'string':
            $arg = is_string($arg) ? $arg : '';
            break;
        case 'int':
            $arg = secure_data($arg, "int");
            break;
        case 'array_int':
            $arg = string2array4ID($arg);
            break;
        default:
            $arg = "";
            break;
    }
    return $arg;
}
コード例 #6
0
ファイル: login_box.php プロジェクト: runnaway90/Clearview
		(check?)remember me
*/
if (!isLoggedIn()) {
    //validation variables
    $username_not_empty = TRUE;
    // $username_valid is set by check_in.php
    $password_not_empty = TRUE;
    $passwords_match = TRUE;
    $username = '';
    //check if wants to login
    if (isset($_POST['username']) && isset($_POST['password'])) {
        $username = $_POST['username'];
        $password = $_POST['password'];
        //secure data agains code injection
        $username = secure_data($username);
        $password = secure_data($password);
        //check if username is not empty
        if (empty($username)) {
            $username_not_empty = FALSE;
        }
        $query = "SELECT password, salt\n\t\t\t\t\t\tFROM {$usertable}\n\t\t\t\t\t\tWHERE username = '******';";
        $query2 = "SELECT password, salt, username\n\t\t\t\t\t\tFROM {$usertable}\n\t\t\t\t\t\tWHERE email = '{$username}';";
        $result = mysql_query($query);
        $result2 = mysql_query($query2);
        //check if username exists
        if (mysql_num_rows($result) < 1 && mysql_num_rows($result2) < 1) {
            $username_valid = FALSE;
        }
        //check if password is not empty
        if (empty($password)) {
            $password_not_empty = FALSE;
コード例 #7
0
ファイル: validateContact.php プロジェクト: EffieChantzi/LIMS
<?php

session_start();
$id_testResult = $_SESSION["id_testResult"];
$username_patient = $_SESSION["username"];
$genderm = $_SESSION["gender"];
$id_riskTest = $_SESSION["id_riskTest"];
$score_value = $_SESSION["test_score"];
$message_patient = $DoctorErr = $success_medCase = "";
$docOptions = $problem = $id_profileDoctor = $checkbox_count = 0;
if (isset($_POST["toDoctorButton"])) {
    if (!empty($_POST["patientMessage"])) {
        $message_patient = secure_data($_POST["patientMessage"]);
    }
    if (empty($_POST['doctor_list'])) {
        $DoctorErr = "Select 1 doctor";
        $problem = $problem + 1;
    } else {
        $checkbox_count = count($_POST['doctor_list']);
        if ($checkbox_count > 1) {
            $DoctorErr = "Select exactly 1 doctor";
            $problem = $problem + 1;
        } else {
            foreach ($_POST['doctor_list'] as $value) {
                $str = $value;
            }
            if ($str == 1) {
                $id_profileDoctor = 1;
            } elseif ($str == 2) {
                $id_profileDoctor = 2;
            } elseif ($str == 3) {
コード例 #8
0
<?php

$header = 0;
require_once '../config.php';
$return_data = array('status' => 0);
$allowed_types = array('image/png', 'image/jpg', 'image/jpeg', 'image/bmp');
$allowed_ext = array('png', 'jpg', 'jpeg', 'bmp');
//$filename = trim($_POST['filename']);
//print_r($_FILES); exit;
$path = secure_data($_POST['path']);
$file = $_FILES['Filedata'];
$filetype = $file['type'];
$fileext = substr(strrchr($file['name'], '.'), 1);
if (in_array($fileext, $allowed_ext) && in_array($filetype, $allowed_types)) {
    $newname = rand() . '_' . time() . '_' . rand() . '.' . $fileext;
    $destination = UPLOAD_ROOT . $path . '/' . $newname;
    $action = copy($file['tmp_name'], $destination);
    if ($action) {
        $return_data['status'] = 1;
        $return_data['filename'] = $newname;
        $return_data['filepath'] = UPLOAD_URL . $path . '/' . $newname;
    } else {
        $return_data['message'] = 'An error occured.';
    }
} else {
    $return_data['message'] = 'Please upload valid image.';
}
echo json_encode($return_data);
exit;
コード例 #9
0
<?php

include 'config.php';
checkAjax();
$return_data = array('status' => 0);
$section_id = secure_data($_POST['sectionId']);
$step_id = secure_data($_POST['stepId']);
$enable = secure_data($_POST['changeEnable']);
$user_id = $_SESSION['agent'];
// Check if record exists or not
$is_exists = mysql_get_rows('user_completed_couse', array('where' => "section_id='{$section_id}' AND user_id='{$user_id}'"), 1);
if ($is_exists === '') {
    $section_data = mysql_get_rows('course_sections', array('where' => "id='{$section_id}'"), 1);
    $insert_values = array('user_id' => $user_id, 'course_id' => $section_data['course_id'], 'section_id' => $section_id);
    $id = insertDB($insert_values, 'user_completed_couse');
    $completed = array();
} else {
    $id = $is_exists['id'];
    if (trim($is_exists['completed']) === '') {
        $completed = array();
    } else {
        $completed = explode(',', trim($is_exists['completed']));
    }
}
if ($enable == 1) {
    $completed[] = $step_id;
    array_unique($completed);
    $str_completed = implode(',', $completed);
    updateDB("completed = '{$str_completed}'", "WHERE id='{$id}'", 'user_completed_couse');
    $return_data['status'] = 1;
    $return_data['enable'] = 1;
コード例 #10
0
ファイル: register.php プロジェクト: runnaway90/Clearview
if (isLoggedIn()) {
    header('Location: ../index.php');
}
//check if username and password fields are not empty
if (isset($_POST['username']) && isset($_POST['pass1']) && isset($_POST['pass2'])) {
    //connect to the DB
    $conn = mysql_connect($dbhost, $dbuser, $dbpass);
    mysql_select_db($dbname, $conn);
    //secure data agains code injection
    $username = secure_data($_POST['username']);
    $pass1 = secure_data($_POST['pass1']);
    $pass2 = secure_data($_POST['pass2']);
    $email1 = secure_data($_POST['email1']);
    $email2 = secure_data($_POST['email2']);
    $fname = secure_data($_POST['fname']);
    $lname = secure_data($_POST['lname']);
    //check if username is not empty
    if (empty($username)) {
        $username_not_empty = FALSE;
    }
    //check if username is valid
    if (!ctype_alnum($username) || strlen($username) > 15) {
        $username_valid = FALSE;
    }
    //check if user exists
    $query = "SELECT username\r\t\t\t\t\tFROM {$usertable}\r\t\t\t\t\tWHERE username = '******';";
    $result = mysql_query($query);
    // user exists
    if (mysql_num_rows($result) > 0) {
        $username_not_duplicate = FALSE;
    }
コード例 #11
0
<?php

require_once '../config.php';
checkAjax();
$section_id = secure_data($_POST['section_id']);
$return_data = array('status' => 0);
if ($section_id > 0) {
    $qry = "SELECT * FROM course_sections WHERE id = '{$section_id}' AND type=1";
    $result = mysql_query($qry);
    if (mysql_num_rows($result) > 0) {
        $row = mysql_fetch_assoc($result);
        $return_data['status'] = 1;
        $return_data['name'] = $row['name'];
    }
}
echo json_encode($return_data);
exit;
コード例 #12
0
<?php

require_once '../config.php';
checkAjax();
$return_data = array('status' => 0);
$service = secure_data($_POST['service']);
$html = '<option value="">-- Add new Job --</option>';
if ($service !== '') {
    $qry = "SELECT * FROM service_packages WHERE service_id = '{$service}'";
    $result = mysql_query($qry);
    if (mysql_num_rows($result) > 0) {
        while ($row = mysql_fetch_assoc($result)) {
            $html .= '<option value="' . $row['id'] . '">' . $row['job'] . '</option>';
        }
    }
    $return_data['status'] = 1;
    $return_data['html'] = $html;
    $return_data['messge'] = 'Jobs fetched successfully';
} else {
    $return_data['message'] = 'An error occured';
}
echo json_encode($return_data);
exit;
コード例 #13
0
<?php

include 'config.php';
include 'includes/paypalconfig.php';
$settings = json_decode(file_get_contents('admin/data/settings.txt'));
$custom = explode('||', secure_data($_POST['custom']));
$payment_data = mysql_get_rows('payments', array('where' => "unique_key = '{$custom['0']}' AND user_id = '{$custom['1']}'"), 1);
if ($payment_data) {
    header("Location: " . SITE_URL . 'updateinfo.php?uk=' . md5($custom[0]) . '&id=' . md5($payment_data['id']));
} else {
    header("Location: " . SITE_URL);
}
コード例 #14
0
    curl_setopt_array($request, array(CURLOPT_URL => $url, CURLOPT_POST => TRUE, CURLOPT_POSTFIELDS => http_build_query(array('cmd' => '_notify-validate') + $ipn_post_data), CURLOPT_RETURNTRANSFER => TRUE, CURLOPT_HEADER => FALSE, CURLOPT_SSL_VERIFYPEER => FALSE, CURLOPT_SSL_VERIFYHOST => FALSE, CURLOPT_CAINFO => 'cacert.pem'));
    // Execute request and get response and status code
    $response = curl_exec($request);
    $status = curl_getinfo($request, CURLINFO_HTTP_CODE);
    // Close connection
    curl_close($request);
    if ($status == 200 && $response == 'VERIFIED') {
        // TODO : Check condition for unique txn_id
        $service_data = array();
        $package_data = array();
        $qry = "SELECT * FROM service_packages WHERE id = '{$ipn_post_data['option_selection1']}'";
        $result = mysql_query($qry);
        if (mysql_num_rows($result) > 0) {
            $package_data = mysql_fetch_assoc($result);
            $service_data = mysql_get_rows('services', array('where' => "id = '{$package_data['service_id']}'"), 1);
            if (!is_array($service_data)) {
                $service_data = array();
            }
        }
        $custom = explode('||', $ipn_post_data['custom']);
        $insert_data = array('user_id' => $custom[1], 'client_id' => $ipn_post_data['option_selection2'], 'item_name' => count($service_data) > 0 ? $service_data['name'] : '', 'quantity' => $ipn_post_data['quantity'], 'amount' => $ipn_post_data['mc_gross'], 'txn_id' => $ipn_post_data['txn_id'], 'date' => date('Y-m-d H:i:s', strtotime($ipn_post_data['payment_date'])), 'payment_status' => $ipn_post_data['payment_status'], 'info_updated' => 1, 'package' => $ipn_post_data['item_name'], 'test_ipn' => $ipn_post_data['test_ipn'], 'unique_key' => $custom[0], 'package_id' => $ipn_post_data['option_selection1'], 'post_data' => json_encode($ipn_post_data), 'job_status' => 1);
        $payment_id = insertDB($insert_data, 'payments');
        // TODO : Insert in message
        if (count($package_data) > 0) {
            $message_data = array('receiver_id' => $custom[1], 'payment_id' => $payment_id, 'message' => secure_data($package_data['required_data']), 'deliverable' => secure_data($package_data['deliverable']), 'days' => secure_data($package_data['days_to_complete']), 'msg_type' => 1);
            insertDB($message_data, 'messages');
        }
        // TODO : Send email + save proper data in db
    }
    exit;
}
コード例 #15
0
    $message = secure_data($_POST['message']);
    $days = secure_data($_POST['days']);
    $insert_data = array('message' => $message, 'days' => $days);
    $attachment_update = secure_data($_POST['attachment_update']);
    if ($attachment_update == 1) {
        $attachment = secure_data($_POST['attachment']);
        $insert_data['attachment'] = $attachment;
        if ($attachment) {
            $src = UPLOAD_ROOT . 'temp/' . $attachment;
            $des = UPLOAD_ROOT . 'attachment/' . $attachment;
            rename($src, $des);
        }
    }
    $insert_data['sender_id'] = $_SESSION['agent'];
    $insert_data['msg_type'] = 1;
    $insert_data['payment_id'] = secure_data($_POST['pi']);
    // Insert
    insertDB($insert_data, 'messages');
    // Update
    updateDB("info_updated = '1'", 'WHERE id = ' . $insert_data['payment_id'], 'payments');
    ob_start();
    include "info_display.php";
    $html = ob_get_contents();
    ob_end_clean();
    $return_data['html'] = $html;
    $return_data['status'] = 1;
    $return_data['message'] = 'Info updated successfully';
} else {
    $messages = '';
    foreach ($v->errors() as $k => $msgs) {
        foreach ($msgs as $msg) {
コード例 #16
0
<?php

set_time_limit(0);
include '../config.php';
$data = json_decode(file_get_contents('../admin/data/home.txt'));
$bkid = secure_data($_GET['id']);
$dmuk = secure_data($_GET['dmuk']);
if ($bkid !== '' && $dmuk !== '') {
    $properties = array('where' => "md5(bkid) = '{$bkid}' AND md5(unique_key) = '{$dmuk}'");
    $payment_data = mysql_get_rows('payments', $properties, 1);
    if ($payment_data && !is_null($payment_data['user_id'])) {
        $user_data = mysql_get_rows('users', array('where' => "id = '{$payment_data['user_id']}'"), 1);
        $_SESSION['agent'] = $user_data['id'];
        $url = SITE_URL . "updateinfo.php?uk=" . md5($payment_data['unique_key']) . "&id=" . md5($payment_data['id']);
        header("Location: " . $url);
        exit;
    } else {
        header("Location: " . SITE_URL);
        die;
    }
} else {
    header("Location: " . SITE_URL);
    die;
}
コード例 #17
0
if ($service && in_array($service_type, array(1, 2))) {
    $v = new Validator($_POST, array(), 'en', DOC_ORG_ROOT . 'lang/');
    $v->rule('required', 'job')->message('{field} is required')->label('Job Name');
    $v->rule('required', ['days_to_complete', 'price']);
    $v->rule('numeric', ['price']);
    if ($v->validate()) {
        $job_id = secure_data($_POST['package']);
        $fields = array('job', 'required_data', 'deliverable', 'days_to_complete', 'price');
        $fields_enc = array('required_data', 'deliverable');
        $insert_data = array();
        $update_data = '';
        foreach ($fields as $field) {
            if (in_array($field, $fields_enc)) {
                $insert_data[$field] = secure_data(htmlspecialchars($_POST[$field]));
            } else {
                $insert_data[$field] = secure_data($_POST[$field]);
            }
            $update_data .= $update_data !== '' ? ", " : "";
            $update_data .= "`{$field}` = '{$insert_data[$field]}'";
        }
        if ($job_id) {
            // Update
            $where = " WHERE id = '{$job_id}' AND service_id = '{$service}'";
            updateDB($update_data, $where, 'service_packages');
            $return_data['type'] = 'update';
        } else {
            // Insert
            $insert_data['service_id'] = $service;
            $job_id = insertDB($insert_data, 'service_packages');
            $return_data['type'] = 'insert';
        }
コード例 #18
0
function ARRAYuserData4term($term_id, $user_id = 0)
{
    global $DBCFG;
    $term_id = secure_data($term_id, "int");
    $sql = SQL("select", "c.id as c_id,c.apellido as c_apellido,c.nombres as c_nombres,\r\n\t\t\t\tm.id as m_id,m.apellido as m_apellido,m.nombres as m_nombres\r\n\t\t\t\tfrom {$DBCFG['DBprefix']}usuario c ,{$DBCFG['DBprefix']}tema t\r\n\t\t\t\tleft join {$DBCFG['DBprefix']}usuario m on t.uid_final=m.id\r\n\t\t\t\twhere t.tema_id={$term_id}\r\n\t\t\t\tand c.id=t.uid\r\n\t\t\t\tgroup by t.tema_id");
    return is_object($sql) ? $sql->FetchRow() : array();
}
コード例 #19
0
ファイル: index.php プロジェクト: rupali22/Social
<?php

//including the necessary files
include 'Core/connection.php';
include 'Core/Functions/functions.php';
include 'Core/init.php';
//code to process data from register form
if (empty($_POST) === false and $_POST['form_type'] === 'register') {
    $first_name = secure_data($_POST['first_name']);
    $last_name = secure_data($_POST['last_name']);
    $user_name = secure_data($_POST['user_name']);
    $email = secure_data($_POST['email']);
    $password = secure_data($_POST['password']);
    if (strlen($first_name) > 100) {
        $errors[] = 'First Name must be less than 100 characters';
    }
    if (strlen($last_name) > 100) {
        $errors[] = 'Last Name must be less than 100 characters';
    }
    if (strlen($user_name) > 100) {
        $errors[] = 'User Name must be less than 100 characters';
    }
    if (strlen($password) > 100) {
        $errors[] = 'Password must be less than 100 characters';
    }
    if (email_exists($database_handler, $email)) {
        $errors[] = 'The given Email already exists';
    }
    if (user_exists($database_handler, $user_name)) {
        $errors[] = 'The given User Name already exists';
    } else {
コード例 #20
0
<?php

require_once 'config.php';
checkAjax();
$return_data = array('status' => 0);
$id = secure_data($_POST['id']);
if ($id) {
    deleteDB('users', $id);
    $return_data['status'] = 1;
    $return_data['message'] = 'User deleted successfully.';
}
echo json_encode($return_data);
exit;
コード例 #21
0
<?php

include 'config.php';
$id = secure_data($_GET['id']);
$qry = "SELECT * FROM courses WHERE md5(id)='{$id}'";
$resultData = mysql_query($qry);
if (mysql_num_rows($resultData) == 0) {
    header("Location: " . SITE_URL);
    die;
}
$courseData = mysql_fetch_assoc($resultData);
$data = json_decode(file_get_contents('admin/data/training.txt'));
$data->seo_title = $courseData['name'];
$data->seo_des = strip_tags($courseData['description']);
include 'includes/header.php';
$user_id = $_SESSION['agent'];
$user_completed = array();
$qry_complele = "SELECT * FROM user_completed_couse WHERE user_id='{$user_id}' AND course_id='{$courseData['id']}'";
$result_complete = mysql_query($qry_complele);
while ($row = mysql_fetch_assoc($result_complete)) {
    $user_completed[$row['section_id']] = $row;
}
?>


		<!-- Page Title -->
        <div class="page-title course-page-title">
            <div class="container">
                <div class="row">
                    <div class="span12">
                        <h3><?php 
コード例 #22
0
ファイル: step.php プロジェクト: ArpanTanna/outsourceplatform
<?php

require_once '../config.php';
checkAjax();
$section_id = secure_data($_GET['section_id']);
$columns = array('course_sections.id', 'course_sections.name', '');
$index = 'course_sections.id';
// Total records
$resultTotal = mysql_query("SELECT * FROM course_sections WHERE type=2 AND parent = '{$section_id}'");
$total_records = mysql_num_rows($resultTotal);
// Get actual records
$record_qry = 'SELECT * FROM course_sections';
$query = array();
$query = array_merge(_data_table($_GET, $columns), $query);
$query['where'] = isset($query['where']) && $query['where'] !== '' ? $query['where'] . " AND type=2 AND parent = '{$section_id}'" : "type=2 AND parent = '{$section_id}'";
$where = '';
if (array_key_exists('where', $query) && $query['where'] !== '') {
    $record_qry .= ' WHERE ' . $query['where'];
    $where = ' WHERE ' . $query['where'];
}
if (array_key_exists('order', $query) && $query['order'] !== '') {
    $record_qry .= $query['order'];
}
if (array_key_exists('limit', $query) && $query['limit'] !== '') {
    $record_qry .= $query['limit'];
}
$resultRecords = mysql_query($record_qry);
// Number of filtered records
$resultFiltered = mysql_query("SELECT * FROM course_sections" . $where);
$filtered_records = mysql_num_rows($resultFiltered);
$output = array("sEcho" => intval($_GET['sEcho']), "iTotalRecords" => "{$total_records}", "iTotalDisplayRecords" => "{$filtered_records}", "aaData" => array());
コード例 #23
0
<?php

include 'config.php';
$allowed_domains = array('localhost', 'basekit-staging.digibuzz24.net');
$settings = json_decode(file_get_contents('admin/data/settings.txt'));
$email = secure_data($_GET['e']);
//echo "<pre>"; print_r($_SERVER); exit;
$ref_domain = '';
$referrer = @$_SERVER['HTTP_REFERER'];
if ($referrer) {
    $parse = parse_url($referrer);
    $ref_domain = preg_replace('#^www\\.(.+\\.)#i', '$1', $parse['host']);
}
if ($email && filter_var($email, FILTER_VALIDATE_EMAIL) && $ref_domain && in_array($ref_domain, $allowed_domains)) {
    $user_data = mysql_get_rows('users', array('where' => 'email = "' . $email . '"'), 1);
    if (!$user_data) {
        $email_arr = explode('@', $email);
        $username = $email_arr[0];
        $insert_data = array('email' => $email, 'username' => $username, 'password' => md5(rand(5, 6)), 'type' => 2, 'status' => 1, 'created_at' => date('Y-m-d H:i:s'));
        $id = insertDB($insert_data, 'users');
    } else {
        $id = $user_data['id'];
    }
    $_SESSION['agent'] = $id;
    header("Location: dashboard.php");
    exit;
} else {
    header("Location: login.php");
    exit;
}
コード例 #24
0
<?php

require_once 'config.php';
if (isset($_POST['save'])) {
    require_once 'ajax/addstep.php';
}
$data = array();
$sections = array();
$course_id = secure_data($_GET['cid']);
$cqry = "SELECT * FROM course_sections WHERE course_id = '{$course_id}' AND type=1";
$cresult = mysql_query($cqry);
while ($row = mysql_fetch_assoc($cresult)) {
    $sections[$row['id']] = $row['name'];
}
?>
			<div id="page-wrapper">
				<div class="row">
					<div class="col-lg-12">
						<div class="clearfix">
							<h1 class="page-header">Add new step</h1>
						</div>
						<div class="clearfix loader-parent">
							<form id="form-add-step" class="form-horizontal" enctype="multipart/form-data" action="" method="post" role="form">
								<div class="message-container"></div>
								<div class="form-group clearfix">
									<label class="col-sm-2 control-label" for="name">Name</label>
									<div class="col-lg-6 col-sm-10">
										<input type="text" name="name" id="name" class="form-control" value="<?php 
echo form_field('name', $data);
?>
">
コード例 #25
0
    }
    // dmexpert id available
    if ($dmid) {
        $service_data = mysql_get_rows('services', array('where' => "id = '{$package_data['service_id']}'"), 1);
        if (!is_array($service_data)) {
            $service_data = array();
        }
        $insert_data['item_name'] = count($service_data) > 0 ? $service_data['name'] : '';
        $insert_data['package'] = $package_data['job'];
        $insert_data['package_id'] = $dmid;
        $msg_insert_data['message'] = secure_data($package_data['required_data']);
        $msg_insert_data['deliverable'] = secure_data($package_data['deliverable']);
        $msg_insert_data['days'] = secure_data($package_data['days_to_complete']);
    } else {
        if (is_array($def_data)) {
            $msg_insert_data['message'] = secure_data($def_data['required_data']);
            $msg_insert_data['deliverable'] = secure_data($def_data['deliverable']);
            $msg_insert_data['days'] = secure_data($def_data['days_to_complete']);
        } else {
            $msg_insert_data['days'] = secure_data($outsource_data['days_complete']);
        }
    }
    // Insert in payment table
    $payment_id = insertDB($insert_data, 'payments');
    $msg_insert_data['payment_id'] = $payment_id;
    // Insert in message table
    insertDB($msg_insert_data, 'messages');
    $return_data['status'] = 1;
    $return_data['payment_id'] = $payment_id;
}
echo json_encode($return_data);
コード例 #26
0
function do_meta_tag($arrayTermino = "")
{
    global $CFG;
    //Si hay algún tema de proveniente de algún proceso
    global $tema;
    //Si hay cambio de idioma... para que no dé duplicado
    $labelChangeLang = $_GET[setLang] ? '. ' . ucfirst($_SESSION[$_SESSION["CFGURL"]][lang][0]) : '';
    $ARRAYfetchValues = ARRAYfetchValues('METADATA');
    $_SESSION["CFGContributor"] = $ARRAYfetchValues["dc:contributor"]["value"];
    $_SESSION["CFGRights"] = $ARRAYfetchValues["dc:rights"]["value"];
    $_SESSION["CFGPublisher"] = $ARRAYfetchValues["dc:publisher"]["value"];
    $_SESSION["CFGlastMod"] = fetchlastMod();
    if (secure_data($tema, "digit")) {
        //Si hay tema_id desde GET o POST
        $tema_id = $_POST[tema] ? secure_data($_POST[tema], "digit") : secure_data($_GET[tema], "digit");
        //Si hay tema_id desde algún proceso
        $tema_id = $tema ? $tema : $tema_id;
    }
    $letra = isValidLetter($_GET[letra]);
    if (secure_data($tema_id, "digit")) {
        $ARRAYdatosTermino = ARRAYverDatosTermino(secure_data($tema_id, "digit"));
        $sub_title = '; ' . xmlentities($ARRAYdatosTermino[titTema]);
        $ver_sub_title = xmlentities($ARRAYdatosTermino[titTema]) . ' - ';
        $relMeta = '<link rel="Dublin Core metadata" type="application/xml" href="xml.php?dcTema=' . $ARRAYdatosTermino[idTema] . '" title="Dublin Core ' . xmlentities($datosTermino[titTema]) . '" />';
        $relMeta .= '<link rel="MADS metadata" type="application/xml" href="xml.php?madsTema=' . $ARRAYdatosTermino[idTema] . '" title="MADS ' . xmlentities($datosTermino[titTema]) . '" />';
        $relMeta .= '<link rel="Zthes metadata" type="application/xml" href="xml.php?zthesTema=' . $ARRAYdatosTermino[idTema] . '" title="Zthes ' . xmlentities($datosTermino[titTema]) . '" />';
        $relMeta .= '<link rel="Skos metadata" type="application/rdf+xml" href="xml.php?skosTema=' . $ARRAYdatosTermino[idTema] . '" title="Skos Core ' . xmlentities($datosTermino[titTema]) . '" />';
        $relMeta .= '<link rel="TopicMap metadata" type="application/xml" href="xml.php?xtmTema=' . $ARRAYdatosTermino[idTema] . '" title="TopicMap ' . xmlentities($datosTermino[titTema]) . '" />';
    } elseif (strlen($letra) > 0) {
        $sub_title = '; ' . MSG_ResultLetra . ' ' . xmlentities($letra);
        $ver_sub_title = ' :: ' . MENU_ListaAbc . ': ' . xmlentities($letra);
    }
    $meta_tag = '<title>' . xmlentities($ver_sub_title . ' ' . $_SESSION[CFGTitulo] . $labelChangeLang) . '</title>';
    /*
    * Error en verificación
    $meta_tag.='<meta http-equiv="content-language" content="'.LANG.'" />';
    */
    $page_encode = in_array($CFG["_CHAR_ENCODE"], array('utf-8', 'iso-8859-1')) ? $CFG["_CHAR_ENCODE"] : 'utf-8';
    header('Content-type: text/html; charset=' . $page_encode . '');
    $meta_tag .= '<meta http-equiv="content-type" content="application/xhtml+xml; charset=' . $page_encode . '" />';
    $meta_tag .= '<meta name="generator" content="' . xmlentities($_SESSION[CFGVersion]) . '" />';
    $meta_tag .= '<meta name="description" content="' . html2txt($ver_sub_title . $_SESSION[CFGCobertura] . $labelChangeLang) . '" />';
    $meta_tag .= '<meta name="keywords" content="' . xmlentities($_SESSION[CFGKeywords] . $sub_title . $labelChangeLang) . '" />';
    $meta_tag .= '<meta name="author" content="' . xmlentities($_SESSION[CFGAutor]) . '" />';
    $meta_tag .= '<meta name="Creation_Date" content="' . $_SESSION[CFGCreacion] . '" />';
    $meta_tag .= '<meta http-equiv="last-modified" content="' . $_SESSION["CFGlastMod"] . '" />';
    $meta_tag .= '<meta name="robots" content="index, follow" />';
    $meta_tag .= '<meta name="revisit-after" content="15 days" />';
    //$meta_tag.='<!-- Dublin Core -->';
    $meta_tag .= '<meta name="DC.Title"        content="' . xmlentities($ver_sub_title . ' ' . $_SESSION[CFGTitulo]) . '" />';
    $meta_tag .= '<meta name="DC.Creator"      content="' . xmlentities($_SESSION[CFGAutor]) . '" />';
    $meta_tag .= '<meta name="DC.Subject"      content="' . xmlentities($_SESSION[CFGKeywords] . $sub_title) . '" />';
    $meta_tag .= '<meta name="DC.Description"  content="' . html2txt($ver_sub_title . $_SESSION[CFGCobertura], true) . '" />';
    $meta_tag .= '<meta name="DC.Publisher"    content="' . xmlentities($_SESSION[CFGPublisher]) . '" />';
    $meta_tag .= '<meta name="DC.Contributor"    content="' . xmlentities($_SESSION[CFGContributor]) . '" />';
    $meta_tag .= '<meta name="DC.Rights"    content="' . xmlentities($_SESSION[CFGRights]) . '" />';
    $meta_tag .= '<meta name="DC.Date"         content="' . $_SESSION[CFGCreacion] . '" />';
    $meta_tag .= '<meta name="DC.Language"     content="' . LANG . '" />';
    $meta_tag .= '<link rel="' . MENU_Inicio . '" href="' . $_SESSION[CFGURL] . 'index.php" title="' . MENU_Inicio . '" />';
    $meta_tag .= '<link rel="' . MENU_ListaSis . '" href="' . $_SESSION[CFGURL] . 'index.php" title="' . MENU_ListaSis . '" />';
    $meta_tag .= '<link rel="' . MENU_ListaAbc . '" href="' . $_SESSION[CFGURL] . 'index.php?letra=?" title="' . MENU_ListaAbc . '" />';
    $meta_tag .= '<link rel="' . MENU_Sobre . '" href="' . $_SESSION[CFGURL] . 'sobre.php" title="' . MENU_Sobre . '" />';
    $meta_tag .= '<link rel="help" href="' . $_SESSION[CFGURL] . 'sobre.php" title="' . MENU_Sobre . '" />';
    $meta_tag .= '<link rel="login" href="' . $_SESSION[CFGURL] . 'login.php" title="' . LABEL_login . '" />';
    $meta_tag .= '<link rel="service" href="' . $_SESSION[CFGURL] . 'services.php" title="terminogical web services" />';
    $meta_tag .= '<link rel="bookmark" href="' . $_SESSION[CFGURL] . '"/>';
    $meta_tag .= '<link rel="rss" type="application/rss+xml" href="xml.php?rss=true" title="RSS ' . xmlentities($_SESSION[CFGTitulo]) . '" />';
    $meta_tag .= '<link rel="alternate" type="application/rss+xml" href="xml.php?rss=true" title="RSS ' . xmlentities($_SESSION[CFGTitulo]) . '" />';
    $meta_tag .= $relMeta;
    return array("metadata" => $meta_tag, "arraydata" => $ARRAYdatosTermino);
}
コード例 #27
0
$id = secure_data($_POST['id']);
$return_data = array('status' => 0);
foreach ($fields as $field) {
    $val = secure_data($_POST[$field]);
    if (in_array($field, $required_fields) && $val === '') {
        $error = 1;
        $message .= $message !== '' ? '<br>Please fill up all data' : 'Please fill up all data';
        break;
    }
    $update_data .= $update_data !== '' ? ", " : "";
    $update_data .= "`{$field}` = '{$val}'";
    $post_data[$field] = $val;
}
$file_change = secure_data($_POST['file_change']);
if ($file_change == 1) {
    $image = secure_data($_POST['image']);
    if ($image !== '') {
        $src = UPLOAD_ROOT . 'temp/' . $image;
        $destination = UPLOAD_ROOT . 'course/' . $image;
        $destination_thumb = UPLOAD_ROOT . 'course/thumb/' . $image;
        if (file_exists($src)) {
            copy($src, $destination);
            generatethumb($src, $destination_thumb, 580, 367);
            unlink($src);
        }
    }
    $post_data['image'] = $image;
    $update_data .= $update_data !== '' ? ", " : "";
    $update_data .= "`image` = '" . $image . "'";
}
if ($error == 0) {
コード例 #28
0
ファイル: fun.sql.php プロジェクト: jpgil/tematres-mirror
function SQLtargetTermsVocabulary($tvocab_id, $from = "0", $limit = "20")
{
    global $DBCFG;
    $tvocab_id = secure_data($tvocab_id, "sql");
    $from = is_numeric($from) ? $from : "0";
    $limit = is_numeric($limit) ? $limit : "20";
    $idUser = secure_data($idUser, "sql");
    return SQL("select", "tv.tvocab_id,tv.tvocab_label,tv.tvocab_tag,\r\n\t\ttv.tvocab_title,tv.tvocab_url,tv.tvocab_uri_service,tv.cuando,tv.uid,\r\n\t\tt2tt.tterm_id,t2tt.tterm_url,t2tt.tterm_uri,t2tt.tterm_string,t2tt.cuando,t2tt.cuando_last,\r\n\t\tt.tema_id,t.tema\r\n\t\tfrom {$DBCFG['DBprefix']}tvocab tv,{$DBCFG['DBprefix']}term2tterm t2tt,{$DBCFG['DBprefix']}tema t\r\n\t\twhere tv.tvocab_id=t2tt.tvocab_id\r\n\t\tand t2tt.tema_id=t.tema_id\r\n\t\tand tv.tvocab_id='{$tvocab_id}'\r\n\t\torder by tv.tvocab_tag,t2tt.tterm_string\r\n\t\tlimit {$from},{$limit}");
}
コード例 #29
0
<?php

require_once '../config.php';
checkAjax();
$return_data = array('status' => 0);
$id = secure_data($_POST['id']);
$table = secure_data($_POST['tbl']);
$allowed_tables = array('courses', 'course_sections');
if ($id && $table && in_array($table, $allowed_tables)) {
    deleteDB($table, $id);
    $return_data['status'] = 1;
    $return_data['message'] = 'Record deleted successfully.';
}
echo json_encode($return_data);
exit;
コード例 #30
0
ファイル: fun.html.php プロジェクト: jpgil/tematres-mirror
function HTMLadvancedSearchResult($array)
{
    //Ctrol lenght string
    $array[xstring] = secure_data(trim($array[xstring]), "sql");
    if (strlen(trim($array[xstring])) >= CFG_MIN_SEARCH_SIZE) {
        $sql = SQLadvancedSearch($array);
        $classMensaje = $sql[cant] ? 'information' : 'warning';
        $resumeResult = '<p id="adsearch" class=' . $classMensaje . '><strong>' . $sql[cant] . '</strong> ' . MSG_ResultBusca . ' <strong> "<em>' . stripslashes($array[xstring]) . '</em>"</strong></p>';
    } else {
        $sql[cant] = '0';
        $resumeResult = '<p id="adsearch" class="error">' . sprintf(MSG_minCharSerarch, stripslashes($array[xstring]), strlen($array[xstring]), CFG_MIN_SEARCH_SIZE - 1) . '</p>';
    }
    $body .= $resumeResult;
    if ($sql[cant] > 0) {
        $row_result .= '<div id="listaBusca"><ul>';
        while ($resulta_busca = mysqli_fetch_array($sql[datos])) {
            $ibusca = ++$ibusca;
            //Si no es un término preferido
            if ($resulta_busca[uf_tema_id]) {
                switch ($resulta_busca[t_relacion]) {
                    case '4':
                        //UF
                        $leyendaConector = USE_termino;
                        break;
                    case '5':
                        //Tipo relacion término equivalente parcialmente
                        $leyendaConector = '<acronym title="' . LABEL_termino_parcial_equivalente . '" lang="' . LANG . '">' . EQP_acronimo . '</acronym>';
                        break;
                    case '6':
                        //Tipo relacion término equivalente
                        $leyendaConector = '<acronym title="' . LABEL_termino_equivalente . '" lang="' . LANG . '">' . EQ_acronimo . '</acronym>';
                        break;
                    case '7':
                        //Tipo relacion término no equivalente
                        $leyendaConector = '<acronym title="' . LABEL_termino_no_equivalente . '" lang="' . LANG . '">' . NEQ_acronimo . '</acronym>';
                        break;
                    case '8':
                        //Tipo relacion término equivalente inexacta
                        $leyendaConector = '<acronym title="' . LABEL_termino_parcial_equivalente . '" lang="' . LANG . '">' . EQP_acronimo . '</acronym>';
                        break;
                }
                $row_result .= '<li><em><a title="' . LABEL_verDetalle . $resulta_busca[tema] . '" href="index.php?tema=' . $resulta_busca[uf_tema_id] . '&amp;/' . string2url($resulta_busca[uf_tema]) . '">' . $resulta_busca[uf_tema] . '</a></em> ' . $leyendaConector . ' <a title="' . LABEL_verDetalle . $resulta_busca[tema] . '" href="index.php?tema=' . $resulta_busca[tema_id] . '">' . $resulta_busca[tema] . '</a> </li>' . "\r\n";
            } else {
                $row_result .= '<li><a title="' . LABEL_verDetalle . $resulta_busca[tema] . '" href="index.php?tema=' . $resulta_busca[tema_id] . '&amp;/' . string2url($resulta_busca[tema]) . '">' . $resulta_busca[tema] . '</a></li>' . "\r\n";
            }
        }
        //fin del while
        $row_result .= '</ul>';
        $row_result .= '</div>';
    }
    // fin de if result
    return $body . $row_result;
}