function _help($params) { $user = $params['user']; $channel = $params['channel']; $helpid = intval($params['helpid']); $helpsearch = $params['helpsearch']; $server = Option::get('projectsdot', 'server'); $pduser = Option::get('projectsdot', 'user'); $pdpass = Option::get('projectsdot', 'pass'); $database = Option::get('projectsdot', 'database'); $site = Option::get('projectsdot', 'site'); $db = new DB("mysql:host={$server->value};dbname={$database->value}", $pduser->value, $pdpass->value, 'projectsdot'); if ($helpid == 0) { $helplinks = $db->results("select n.nid, n.title, b.weight from node n, node_revisions r, book b where n.vid = r.vid and b.vid = n.vid and n.type = 'book' and b.parent = 0 order by b.weight;"); $title = 'Help Index'; $body = 'Select a topic on the left to learn more.'; } else { $helplinks = $db->results("select n.nid, n.title, b.weight from node n, node_revisions r, book b where n.vid = r.vid and b.vid = n.vid and n.type = 'book' and b.parent = :helpid order by b.weight;", array('helpid' => $helpid)); $node = $db->row("select r.title, r.body, n.nid, b.parent from node n, node_revisions r, book b where n.vid = r.vid and b.vid = n.vid and n.type = 'book' and n.nid = :helpid;", array('helpid' => $helpid)); $parentnode = $db->row("select n.nid, n.title, b.weight from node n, node_revisions r, book b where n.vid = r.vid and b.vid = n.vid and n.type = 'book' and n.nid = :helpid;", array('helpid' => $node->parent)); if ($parentnode) { $parentnode->title = '↑ ' . $parentnode->title; } else { $parentnode = new stdClass(); $parentnode->title = '↑ Top'; $parentnode->nid = 0; $parentnode->weight = -10; } array_unshift($helplinks, $parentnode); $body = nl2br($node->body); $title = $node->title . ' <a href="' . $site->value . '/node/' . $node->nid . '" target="_blank">→</a>'; } $links = ''; if ($helpsearch != '') { $links .= '<li><a href="#' . $link->nid . '" onclick="send(\'/help ' . htmlspecialchars($helpsearch) . '\');return false;">↑ Search: ' . htmlspecialchars($helpsearch) . '</a></li>'; } foreach ($helplinks as $link) { $links .= '<li><a href="#' . $link->nid . '" onclick="send(\'/help ::' . $link->nid; if ($helpsearch != '') { $links .= ' ' . htmlspecialchars($helpsearch); } $links .= '\');return false;">' . $link->title . '</a></li>'; } $msg = '<a href="#" class="close" onclick="return closedrawer({$drawer_id});">close this drawer</a> <div id="helplinks" style="width:30%;float:left;height:200px;overflow-y:auto;overflow-x:hidden;"><ul>' . $links . '</ul></div> <div id="helpbody" style="width:70%;height:200px;overflow:auto;float:left;"><h3>' . $title . '</h3>' . $body . '</div>'; DB::get()->query("DELETE FROM drawers WHERE indexed = 'help' and user_id = :user_id;", array('user_id' => $user->id)); DB::get()->query("INSERT INTO drawers (user_id, message, indexed, cssclass) VALUES (:user_id, :msg, 'help', 'help');", array('user_id' => $user->id, 'msg' => $msg)); $msg = 'Removed the "' . htmlspecialchars($name) . '" calendar.'; $obj = new StdClass(); $obj->laststatus = 0; $obj->js = "refreshDrawers();"; echo json_encode($obj); die; return true; }
public function getStatAdvices($filter = false) { // оптимизирован временно (год-два, пока рекомендаций не очень много; основная проблема в джойнах с users): 0018602 $sql = "SET join_collapse_limit = 1;\n SELECT COUNT(*) as cnt, status, mod_status \n FROM paid_advices\n INNER JOIN users f ON f.uid = paid_advices.user_from AND f.is_banned = B'0'\n INNER JOIN users t ON t.uid = paid_advices.user_to AND t.is_banned = B'0'\n WHERE mod_status <> 0 GROUP by status, mod_status"; $res = $this->_db->cache(60)->rows($sql); $counter = array('all' => 0, 'new' => 0, 'accepted' => 0, 'declined' => 0, 'deleted' => 0, 'filter' => 0); foreach ($res as $k => $val) { $counter['all'] += $val['cnt']; if ($val['status'] == self::STATUS_ACCEPTED && $val['mod_status'] == self::MOD_STATUS_PENDING) { $counter['new'] += $val['cnt']; } if ($val['mod_status'] == self::MOD_STATUS_ACCEPTED) { $counter['accepted'] += $val['cnt']; } if ($val['mod_status'] == self::MOD_STATUS_DECLINED) { $counter['declined'] += $val['cnt']; } if ($val['mod_status'] == self::MOD_STATUS_USER_DECLINED) { $counter['deleted'] += $val['cnt']; } } if ($filter !== false) { list($type_sql, $order) = $this->getTypeSQL($filter['type']); $filter_sql = ' AND ' . $this->getFilterSQL($filter); $sql = "SELECT COUNT(pa.*) as cnt, SUM(pa.cost_sum) as cost_sum_filter, SUM(pa.comm_sum) as comm_sum_filter FROM paid_advices as pa \n INNER JOIN users e ON e.uid = pa.user_from AND e.is_banned = B'0'\n INNER JOIN users f ON f.uid = pa.user_to AND f.is_banned = B'0'\n WHERE {$type_sql} {$filter_sql}"; $res = $this->_db->row($sql); $counter['filter'] = (int) $res['cnt']; $counter['cost_sum_filter'] = round($res['cost_sum_filter'], 2); $counter['comm_sum_filter'] = round($res['comm_sum_filter'], 2); } return $counter; }
function _HCM_linkuser($jmeno = "") { $name = DB::esc(_anchorStr($jmeno, false)); $query = DB::query("SELECT id FROM `" . _mysql_prefix . "-users` WHERE username='******'"); if (DB::size($query) != 0) { $query = DB::row($query); return _linkUser($query['id']); } }
function _HCM_recentposts($limit = null, $stranky = "", $typ = null) { // priprava $result = ""; if (isset($limit) and intval($limit) >= 1) { $limit = abs(intval($limit)); } else { $limit = 10; } // filtr cisel sekci, knih nebo clanku if (isset($stranky) and isset($typ)) { $rtype = intval($typ); if ($rtype < 1 or $rtype > 3) { $rtype = 1; } $rroots = "(" . _sqlWhereColumn("home", $stranky) . ") AND type=" . $rtype; } else { $rroots = "type!=4 AND type!=6 AND type!=7"; } $query = DB::query("SELECT id,type,home,xhome,subject,author,guest,time,text FROM `" . _mysql_prefix . "-posts` WHERE " . $rroots . " ORDER BY id DESC LIMIT " . $limit); while ($item = DB::row($query)) { // nacteni titulku a odkazu na stranku switch ($item['type']) { case 1: case 3: $hometitle = DB::query_row("SELECT title,title_seo FROM `" . _mysql_prefix . "-root` WHERE id=" . $item['home']); $homelink = _linkRoot($item['home'], $hometitle['title_seo']); break; case 2: $hometitle = DB::query_row("SELECT art.title,art.title_seo,cat.title_seo AS cat_title_seo FROM `" . _mysql_prefix . "-articles` AS art JOIN `" . _mysql_prefix . "-root` AS cat ON(cat.id=art.home1) WHERE art.id=" . $item['home']); $homelink = _linkArticle($item['home'], $hometitle['title_seo'], $hometitle['cat_title_seo']); break; case 5: if ($item['xhome'] == -1) { $tid = $item['id']; $hometitle = array("title" => $item['subject']); } else { $tid = $item['xhome']; $hometitle = DB::query_row("SELECT subject FROM `" . _mysql_prefix . "-posts` WHERE id=" . $item['xhome']); $hometitle = array("title" => $hometitle['subject']); } $homelink = "index.php?m=topic&id=" . $tid; break; } // nacteni jmena autora if ($item['author'] != -1) { $authorname = _linkUser($item['author'], null, true, true); } else { $authorname = $item['guest']; } $hometitle = $hometitle['title']; $result .= "\n<h2 class='list-title'><a href='" . $homelink . "'>" . $hometitle . "</a></h2>\n<p class='list-perex'>" . _cutStr(strip_tags(_parsePost($item['text'])), 256) . "</p>\n<div class='list-info'>\n<span>" . $GLOBALS['_lang']['global.postauthor'] . ":</span> " . $authorname . _template_listinfoseparator . "\n<span>" . $GLOBALS['_lang']['global.time'] . ":</span> " . _formatTime($item['time']) . "\n</div>\n\n"; } return $result; }
/** * Переименовать папку * * @return string пустая строка - успех, или сообщение об ошибке */ public function Rename() { $DB = new DB(); if (!($r = $DB->row("SELECT * FROM messages_folders(?i) WHERE id = ?", $this->from_id, $this->id))) { return 'Указанной папки не существует'; } if ($DB->val("SELECT COUNT(*) FROM messages_folders(?i) WHERE fname = ? AND id <> ?", $this->from_id, $this->fname, $this->id)) { return 'Папка с таким именем уже существует'; } $DB->query("SELECT messages_folders_rename(?, ?, ?)", $this->id, $this->from_id, $this->fname); return ''; }
/** * Export database data * @param array|null $tables array of table names (with prefix) or null (= all) * @return array temporary file array(handle, path) containing the data */ public function exportData($tables = null) { // find all tables if (!isset($tables)) { $tables = $this->_get_tables(); } // get temporary file $file = _tmpFile(); // vars $null = chr(0); $nullv = chr(1); $prefix_len = strlen(_mysql_prefix) + 1; // headers $ver = _checkVersion('database', null, true); $ver = end($ver); fwrite($file[0], $ver . $null); // data for ($i = 0; isset($tables[$i]); ++$i) { // query $q = DB::query('SELECT * FROM `' . $tables[$i] . '`'); if (DB::size($q) === 0) { // skip empty tables DB::free($q); continue; } // table header $collist = true; fwrite($file[0], substr($tables[$i], $prefix_len) . $null); while ($r = DB::row($q)) { // column list for table header (once) if ($collist) { $collist = false; fwrite($file[0], implode($null, array_keys($r)) . $null . $null); } // row data foreach ($r as $c) { fwrite($file[0], (isset($c) ? DB::esc($c) : $nullv) . $null); } } fwrite($file[0], $null); DB::free($q); $r = null; } // return return $file; }
function _HCM_galimg($galerie = "", $typ = 1, $rozmery = null, $limit = null) { // nacteni parametru $result = ""; $galerie = _sqlWhereColumn("home", $galerie); if (isset($limit)) { $limit = abs(intval($limit)); } else { $limit = 1; } // rozmery if (isset($rozmery)) { $rozmery = explode('/', $rozmery, 2); if (sizeof($rozmery) === 2) { // sirka i vyska $x = intval($rozmery[0]); $y = intval($rozmery[1]); } else { // pouze vyska $x = null; $y = intval($rozmery[0]); } } else { // neuvedeno $x = null; $y = 128; } // urceni razeni switch ($typ) { case 2: $razeni = "RAND()"; break; default: $razeni = "id DESC"; } // vypis obrazku $rimgs = DB::query("SELECT id,title,prev,full FROM `" . _mysql_prefix . "-images` WHERE " . $galerie . " ORDER BY " . $razeni . " LIMIT " . $limit); while ($rimg = DB::row($rimgs)) { $result .= _galleryImage($rimg, "hcm" . SL::$hcmUid, $x, $y); } return $result; }
public function DB($t_name, $f_name, $values) { $DB = new DB($this->master_alias); if (!$this->_helper[$t_name][$f_name]) { return $DB; } $rh = $DB->row("SELECT *, f_mod + (f_lag||' seconds')::interval <= now() as expired FROM londiste_helper__inkeys WHERE t_name = ? AND f_name = ?", $t_name, $f_name); $db_alias = $this->master_alias . " {$rh['slave_1']} {$rh['slave_2']} {$rh['slave_3']} {$rh['slave_4']}"; if ($rh && $rh['expired'] != 't') { // expired означает, что записи добавлялись очень давно и можно спокойно брать из слейвов. foreach ($values as $v) { if ($v >= $rh['v_min']) { $db_alias = $this->master_alias; break; } } } //echo '[==========='.$db_alias.'=========] '; return new DB($db_alias); }
function _HCM_linkroot($id = null, $text = null, $nove_okno = false) { $is_id = is_numeric($id); if ($is_id) { $id = intval($id); } else { $id = DB::val($id); } $query = DB::query("SELECT title,title_seo FROM `" . _mysql_prefix . "-root` WHERE " . ($is_id ? 'id' : 'title_seo') . "=" . $id); if (isset($nove_okno) and _boolean($nove_okno)) { $target = " target='_blank'"; } else { $target = ""; } if (DB::size($query) != 0) { $query = DB::row($query); if (isset($text) and $text != "") { $query['title'] = $text; } return "<a href='" . _linkRoot($id, $query['title_seo']) . "'" . $target . ">" . $query['title'] . "</a>"; } }
/** * Сохраняем данные кошелька (для сохранения должны быть определены данные в перменной $this->data * согласно таблице bill_wallet. * * @return int Возвращает ИД записи в таблице */ public function saveWallet() { if (empty($this->data)) { return false; // Данные для сохранения не определены } if ($this->data['access_token'] === null) { $this->data['validity'] = null; $this->data['access_time'] = null; $this->data['active'] = false; } else { // Деактивируем кошелек который активирован в настоящий момент у пользователя self::clearActiveWallet($this->uid); if (!$this->isNotNewAcessToken) { $this->initValidity(); $this->data['access_time'] = 'now'; } $this->data['active'] = true; } foreach ($this->data as $name => $value) { if ($name == 'validity_time') { continue; } $fields[] = $this->_db->parse("{$name} = ?", $value); } $fields_sql = implode(', ', $fields); $sql = "UPDATE bill_wallet SET {$fields_sql} WHERE type = ?i AND uid = ?i RETURNING id"; $res = $this->_db->row($sql, $this->_type, $this->uid); // Кошелька еще нет совсем тогда создаем по данным которые у нас есть if (empty($res)) { $data = $this->data; unset($data['validity_time']); return $this->_db->insert('bill_wallet', $data, 'id'); } return $res['id']; }
case 3: $artorder = "art.title"; break; case 4: $artorder = "art.title DESC"; break; } // titulek kategorie $output .= "<h2>" . $catdata['title'] . " <a href='index.php?p=content-articles-edit&new_cat=" . $cid . "'><img src='images/icons/new.png' alt='new' class='icon' />" . $_lang['admin.content.articles.create'] . "</a></h2>\n"; // vypis clanku // zprava $message = ""; if (isset($_GET['artdeleted'])) { $message = _formMessage(1, $_lang['admin.content.articles.delete.done']); } $cond = "(art.home1=" . $cid . " OR art.home2=" . $cid . " OR art.home3=" . $cid . ")" . _admin_artAccess('art'); $paging = _resultPaging("index.php?p=content-articles-list&cat=" . $cid, $catdata['var2'], "articles:art", $cond); $s = $paging[2]; $output .= $paging[0] . "<div class='hr'><hr /></div>\n" . $message . "\n<table class='list'>\n<thead><tr><td>" . $_lang['global.article'] . "</td><td>" . $_lang['article.author'] . "</td><td>" . $_lang['article.posted'] . "</td><td>" . $_lang['global.action'] . "</td></tr></thead>\n<tbody>"; $arts = DB::query("SELECT art.id,art.title,art.title_seo,art.time,art.author,art.confirmed,art.visible,art.public,cat.title_seo AS cat_title_seo FROM `" . _mysql_prefix . "-articles` AS art JOIN `" . _mysql_prefix . "-root` AS cat ON(cat.id=art.home1) WHERE " . $cond . " ORDER BY " . $artorder . " " . $paging[1]); if (DB::size($arts) != 0) { while ($art = DB::row($arts)) { $output .= "<tr><td>" . _admin_articleEditLink($art) . "</td><td>" . _linkUser($art['author']) . "</td><td>" . _formatTime($art['time']) . "</td><td><a href='index.php?p=content-articles-edit&id=" . $art['id'] . "&returnid=" . $cid . "&returnpage=" . $s . "'><img src='images/icons/edit.png' alt='edit' class='icon' />" . $_lang['global.edit'] . "</a> <a href='index.php?p=content-articles-delete&id=" . $art['id'] . "&returnid=" . $cid . "&returnpage=" . $s . "'><img src='images/icons/delete.png' alt='del' class='icon' />" . $_lang['global.delete'] . "</a></td></tr>\n"; } } else { $output .= "<tr><td colspan='4'>" . $_lang['global.nokit'] . "</td></tr>"; } $output .= "</tbody></table>"; } else { $output .= _formMessage(3, $_lang['global.badinput']); }
/** * Выборка заметки * * @param integer $from_id ИД пользователя чья заметка * @param string $to_login Кому заметка (логин) * @param string $error Возвращает сообщение об ошибке * @return array данные выборки */ function GetNoteInt($from_id, $to_id, &$error = false) { $DB = new DB(); $rows = $DB->row("SELECT * FROM notes_get(?i, ?i)", $from_id, $to_id); return $rows; }
</center> </td> </tr> </tbody></table> </body> </html> <?php $eMessage = ob_get_clean(); // ---------------------------------------------------------------------------------------------------------------- // -- Рассылка ---------------------------------------------------------------------------------------------------- // ---------------------------------------------------------------------------------------------------------------- $DB = new DB('master'); $cnt = 0; $sender = $DB->row("SELECT * FROM users WHERE login = ?", $sender); if (empty($sender)) { die("Unknown Sender\n"); } echo "Send email messages\n"; $mail->subject = $eSubject; // заголовок письма $mail->message = $eMessage; // текст письма $mail->recipient = ''; // свойство 'получатель' оставляем пустым $spamid = $mail->masssend(); //if (!$spamid) die('Failed!'); // с этого момента рассылка создана, но еще никому не отправлена! // допустим нам нужно получить список получателей с какого-либо запроса $i = 0;
</td> </tr> </table> '; // tabulka // priprava strankovani if (!$search) { $paging = _resultPaging("index.php?p=users-list&group=" . $group, 50, "users", $grouplimit2); $output .= $paging[0]; } // tabulka $output .= "<br />\n <table class='list'>\n <thead><tr><td>ID</td><td>" . $_lang['login.username'] . "</td><td>" . $_lang['global.email'] . "</td><td>" . $_lang['mod.settings.publicname'] . "</td><td colspan='2'>" . $_lang['global.group'] . "</td></tr></thead>\n <tbody>\n "; // dotaz na db if (!$search) { $query = DB::query("SELECT `" . _mysql_prefix . "-users`.id, `" . _mysql_prefix . "-users`.username, `" . _mysql_prefix . "-users`.publicname, `" . _mysql_prefix . "-users`.levelshift, `" . _mysql_prefix . "-users`.email, `" . _mysql_prefix . "-groups`.title, `" . _mysql_prefix . "-groups`.icon, `" . _mysql_prefix . "-users`.id FROM `" . _mysql_prefix . "-users`, `" . _mysql_prefix . "-groups` WHERE `" . _mysql_prefix . "-users`.`group`=`" . _mysql_prefix . "-groups`.id" . $grouplimit . " ORDER BY `" . _mysql_prefix . "-groups`.level DESC,`" . _mysql_prefix . "-users`.id " . $paging[1]); } else { $query = DB::query("SELECT `" . _mysql_prefix . "-users`.username, `" . _mysql_prefix . "-users`.publicname, `" . _mysql_prefix . "-users`.levelshift, `" . _mysql_prefix . "-users`.email, `" . _mysql_prefix . "-groups`.title, `" . _mysql_prefix . "-groups`.icon, `" . _mysql_prefix . "-users`.id FROM `" . _mysql_prefix . "-users`, `" . _mysql_prefix . "-groups` WHERE `" . _mysql_prefix . "-users`.`group`=`" . _mysql_prefix . "-groups`.id AND (`" . _mysql_prefix . "-users`.username LIKE '%" . $searchword . "%' OR `" . _mysql_prefix . "-users`.publicname LIKE '%" . $searchword . "%' OR `" . _mysql_prefix . "-users`.email LIKE '%" . $searchword . "%' OR `" . _mysql_prefix . "-users`.ip LIKE '%" . $searchword . "%')" . $grouplimit . " ORDER BY `" . _mysql_prefix . "-groups`.level DESC,`" . _mysql_prefix . "-users`.id LIMIT 100"); } // vypis if (DB::size($query) != 0) { while ($item = DB::row($query)) { $output .= "<tr><td>" . $item['id'] . "</td><td>" . ($item['icon'] != "" ? "<img src='" . _indexroot . "pictures/groupicons/" . $item['icon'] . "' alt='icon' class='groupicon' /> " : '') . "<a href='index.php?p=users-edit&id=" . $item['username'] . "'>" . ($item['levelshift'] == 1 ? "<strong>" : '') . $item['username'] . ($item['levelshift'] == 1 ? "</strong>" : '') . "</a></td><td>" . $item['email'] . "</td><td>" . ($item['publicname'] != "" ? $item['publicname'] : "-") . "</td><td>" . $item['title'] . "</td><td><a href='" . _xsrfLink("index.php?p=users-delete&id=" . $item['username']) . "' onclick='return _sysConfirm();'><img src='images/icons/delete.png' alt='del' class='icon' />" . $_lang['global.delete'] . "</a></td></tr>\n"; } } else { $output .= "<tr><td colspan='5'>" . $_lang['global.nokit'] . "</td></tr>\n"; } $output .= "</tbody></table>"; // pocet uzivatelu $totalusers = DB::result(DB::query("SELECT COUNT(id) FROM `" . _mysql_prefix . "-users`"), 0); $output .= "\n<br />" . $_lang['admin.users.list.totalusers'] . ": " . $totalusers;
break; default: $module .= "<p class='bborder'>" . $_lang['mod.lostpass.p'] . "</p>"; // kontrola promennych, odeslani emailu $sent = false; if (isset($_POST['username'])) { if (_iplogCheck(7)) { // nacteni promennych $username = _anchorStr($_POST['username'], false); $email = DB::esc($_POST['email']); // kontrola promennych if (_captchaCheck()) { $userdata = DB::query("SELECT email,password,salt,username FROM `" . _mysql_prefix . "-users` WHERE username='******' AND email='" . $email . "'"); if (DB::size($userdata) != 0) { // odeslani emailu $userdata = DB::row($userdata); $link = _url . "/index.php?m=lostpass&link&user="******"&hash=" . md5($userdata['email'] . $userdata['salt'] . $userdata['password']); $text_tags = array("*domain*", "*username*", "*link*", "*date*", "*ip*"); $text_contents = array(_getDomain(), $userdata['username'], $link, _formatTime(time()), _userip); if (_mail($userdata['email'], str_replace('*domain*', _getDomain(), $_lang['mod.lostpass.mail.subject']), str_replace($text_tags, $text_contents, $_lang['mod.lostpass.mail.text']), "Content-Type: text/plain; charset=UTF-8\n" . _sysMailHeader())) { $module .= _formMessage(1, $_lang['mod.lostpass.cmailsent']); _iplogUpdate(7); $sent = true; } else { $module .= _formMessage(3, $_lang['hcm.mailform.msg.failure2']); } } else { $module .= _formMessage(2, $_lang['mod.lostpass.notfound']); } } else { $module .= _formMessage(2, $_lang['captcha.failure2']);
/* --- nacteni argumentu --- */ if (!isset($_GET['redir_id'], $_GET['redir_type'])) { die; } $id = intval($_GET['redir_id']); $type = intval($_GET['redir_type']); if ($type !== 1) { $type = 0; } /* --- test existence --- */ if (0 === $type) { $query = DB::query('SELECT `id`,`title_seo` FROM `' . _mysql_prefix . '-root` WHERE `id`=' . $id); } else { $query = DB::query('SELECT art.`id`,art.`title_seo`,cat.`title_seo` AS cat_title_seo FROM `' . _mysql_prefix . '-articles` AS art JOIN `' . _mysql_prefix . '-root` AS cat ON(cat.id=art.home1) WHERE art.`id`=' . $id); } $query = DB::row($query); if ($query === false) { // neexistuje $_GET = array('m' => '404'); define('_index_noinit', true); require _indexroot . 'index.php'; die; } /* --- presmerovani --- */ // sestavit adresu $redir = $type === 0 ? _linkRoot($query['id'], $query['title_seo']) : _linkArticle($query['id'], $query['title_seo'], $query['cat_title_seo']); unset($_GET['redir_id'], $_GET['redir_type']); if (!empty($_GET)) { $redir = _addGetToLink($redir, _buildQuery($_GET), false); } // poslat hlavicky
} $message = _formMessage(1, $_lang['global.saved']); } /* --- vystup --- */ if ($continue) { $output .= "<p class='bborder'>" . $_lang['admin.content.titles.p'] . "</p>" . $message . "\n\n<form action='index.php?p=content-titles' method='post'>\n<input type='hidden' name='do' value='1' />\n\n<table>\n<tr><td><strong>" . $_lang['global.item'] . "</strong></td><td class='lpad'><strong>" . $_lang['global.type'] . "</strong></td></tr>\n"; // funkce function _admin_titleListItem($item, $ipad = false) { global $_lang; $type_array = _admin_getTypeArray(); if ($ipad == true) { $ipad = " class='intersecpad'"; } else { $ipad = ""; } return "<tr><td" . $ipad . "><input class='inputmedium' type='text' maxlength='96' name='" . $item['id'] . "' value='" . $item['title'] . "' /></td><td class='lpad'>" . $_lang['admin.content.' . $type_array[$item['type']]] . "</td></tr>\n"; } // vypis $query = DB::query("SELECT id,title,type FROM `" . _mysql_prefix . "-root` WHERE intersection=-1 ORDER BY ord"); while ($item = DB::row($query)) { $output .= _admin_titleListItem($item); if ($item['type'] == 7) { $iquery = DB::query("SELECT id,title,type FROM `" . _mysql_prefix . "-root` WHERE intersection=" . $item['id'] . " ORDER BY ord"); while ($iitem = DB::row($iquery)) { $output .= _admin_titleListItem($iitem, true); } } } $output .= "\n<tr>\n<td><br /><input type='submit' value='" . $_lang['global.save'] . "' /> <input type='reset' value='" . $_lang['global.reset'] . "' onclick='return _sysConfirm();' /></td>\n<td></td>\n</tr>\n\n</table>\n\n" . _xsrfProtect() . "</form>"; }
/** * Sestavit vystup pro toolbar * * @return string */ protected function toolbarOutput() { $now = microtime(true); // ziskat sql log $sqlLog = $this->logger->getLog(); // zjistit neoptimalizovane query $sqlLogSlow = array(); $explainExtraSlowIndicators = array('Using temporary' => 0); foreach ($sqlLog as $sqlIndex => $sql) { if (1 !== preg_match('/^(?!\\s*EXPLAIN)(\\s*[a-z_]+)*\\s*SELECT/i', $sql)) { continue; } $explainQuery = DB::query('EXPLAIN ' . $sql, true, false); if ($explainQuery) { while ($explainRow = DB::row($explainQuery)) { $explainExtra = preg_split('/\\s*;\\s*/', $explainRow['Extra']); for ($i = 0; isset($explainExtra[$i]); ++$i) { if (isset($explainExtraSlowIndicators[$explainExtra[$i]])) { $sqlLogSlow[$sqlIndex] = $explainRow['Extra']; break 2; } } } DB::free($explainQuery); } } $sqlLogSlowCount = sizeof($sqlLogSlow); // vystup $out = '<div id="devkit-toolbar">'; // info $out .= '<div class="devkit-section devkit-info">' . _systemversion . ' ' . SL::$states[_systemstate] . _systemstate_revision . '</div>'; // cas $out .= '<div class="devkit-section devkit-time">' . round(($now - SL::$start) * 1000) . 'ms</div>'; // pamet $out .= '<div class="devkit-section devkit-memory">' . number_format(round(memory_get_peak_usage() / 1048576), 1, '.', ',') . 'MB</div>'; // databaze $out .= '<div class="devkit-section devkit-database devkit-toggleable">' . sizeof($sqlLog) . (0 !== $sqlLogSlowCount ? ' <span class="devkit-blood">(' . $sqlLogSlowCount . ' slow)</span>' : '') . '</div>'; $out .= '<div class="devkit-content"><div><div class="devkit-heading">SQL log</div><ol>'; foreach ($sqlLog as $sqlIndex => $sql) { if (isset($sqlLogSlow[$sqlIndex])) { $out .= '<li class="devkit-slow-query" title="' . _htmlStr($sqlLogSlow[$sqlIndex]) . '"'; } else { $out .= '<li'; } $out .= '><input type="text" size="' . strlen($sql) . '" class="devkit-selectable" value="' . _htmlStr($sql) . "\" readonly></li>\n"; } $out .= '</ol></div></div>'; // request $out .= '<div class="devkit-section devkit-request devkit-toggleable">' . '$_GET(' . sizeof($_GET) . ') $_POST(' . sizeof($_POST) . ') $_COOKIE(' . sizeof($_COOKIE) . ') $_SESSION(' . sizeof($_SESSION) . ')</div>'; $out .= '<div class="devkit-content"><div>'; foreach (array('_GET', '_POST', '_COOKIE', '_SESSION') as $globalVarName) { $globalVarSize = sizeof($GLOBALS[$globalVarName]); if (0 === $globalVarSize) { continue; } $out .= '<div class="devkit-heading devkit-hideshow">$' . $globalVarName . ' (' . $globalVarSize . ')</div>'; if ($globalVarSize > 0) { $out .= '<div class="devkit-request-dump devkit-hideshow-target">' . $this->dump($GLOBALS[$globalVarName]) . '</div>'; } } $out .= '</div></div>'; // login $out .= '<a href="' . _indexroot . 'index.php?m=login"><div class="devkit-section devkit-login">' . (_loginindicator ? _loginname : '---') . '</div></a>'; // close $out .= '<div class="devkit-close">×</div>'; $out .= '</div>'; return $out; }
?> <?php if ($s_project[0]['cnt'] == 0) { echo '0'; } else { echo round($s_project_offers[0]['cnt'] / $s_project[0]['cnt'], 2); } ?> </td> </tr> <tr> <td width=200><strong>Кол-во проектов для верифицированных:</strong></td> <td> <?php $sql = "select count(1) as cnt from projects where verify_only = true AND post_date >= ? AND post_date - '1 day'::interval < ?"; $s_project_only_verify = $DB->row($sql, $fdate, $tdate, $fdate, $tdate); ?> <?php echo $s_project_only_verify['cnt']; ?> </td> </tr> <tr> <td width=200><strong>Среднее кол-во ответов на проект для верифицированных:</strong></td> <td> <?php $sql = "SELECT count(1) as cnt FROM projects p\n INNER JOIN projects_offers po ON p.id = po.project_id\n WHERE p.verify_only = true AND p.post_date >= ? AND p.post_date - '1 day'::interval < ?"; $s_project_offers_only_verify = $DB->row($sql, $fdate, $tdate, $fdate, $tdate); ?> <?php if ($s_project_only_verify['cnt'] == 0) {
/** * Парсит файл выгрузки из 1С, для последующей загрузки документов. * * @param type $file * * @return bool */ public static function parseInvoiceData($file) { $db = new DB('master'); if (!file_exists($file)) { return false; } $list = array(); $f = fopen($file, 'r'); $c = 0; while (!feof($f)) { $row = fgets($f); $data = explode(';', $row); $data = array_map('trim', $data); if (!$data[0]) { continue; } $data[6] = preg_replace('/[\\s\\xc2\\xa0]/si', '', $data[6]); $data[6] = str_replace(',', '.', $data[6]); $data[6] = floatval($data[6]); $sql = 'SELECT s.id, CASE WHEN u.uid = s.frl_id THEN lc."namePerf" ELSE lc."nameCust" END as name, CASE WHEN u.uid = s.frl_id THEN lc."innPerf" ELSE lc."innCust" END as inn, CASE WHEN u.uid = s.frl_id AND lc."alienPerf" = 1 THEN r._2_address_fct WHEN u.uid = s.emp_id AND lc."alienCust" = 1 THEN r._2_address_fct ELSE r._2_address_jry END as addr, r._2_kpp kpp, (u.uid = s.emp_id)::int is_emp, i.lc_id is_exists, CASE WHEN u.uid = s.frl_id THEN lc."tagPerf" ELSE lc."tagCust" END as tag FROM pskb_lc lc INNER JOIN sbr s ON s.id = lc.sbr_id INNER JOIN users u ON u.login = ? AND u.uid IN (s.frl_id, s.emp_id) LEFT JOIN sbr_reqv r ON r.user_id = u.uid LEFT JOIN pskb_invoice_raw i ON i.lc_id = lc.lc_id AND i.login = u.login AND i.actnum = ? AND i.invnum = ? WHERE lc.lc_id = ?'; $row = $db->row($sql, $data[0], $data[2], $data[3], $data[1]); $params = array('login' => $data[0], 'lc_id' => $data[1], 'actnum' => $data[2], 'invnum' => $data[3], 'actdate' => date('c', strtotime($data[4])), 'invdate' => date('c', strtotime($data[5])), 'sum' => $data[6], 'name' => $row['name'], 'addr' => $row['addr'], 'inn' => $row['inn'], 'kpp' => $row['kpp'], 'status' => 0, 'err' => ''); if (!$row) { if ($db->row('SELECT * FROM pskb_invoice_raw WHERE lc_id = ? AND login = ? AND actnum = ? AND invnum = ?', $params['lc_id'], $params['login'], $params['actnum'], $params['invnum'])) { continue; } $params['status'] = 2; $params['err'] = 'Не найден аккредитив'; $res = $db->insert('pskb_invoice_raw', $params); continue; } if ($row['tag'] != 1) { continue; } if (!$row['is_exists']) { $res = $db->insert('pskb_invoice_raw', $params); } else { $res = $db->update('pskb_invoice_raw', $params, 'lc_id = ? AND login = ? AND status != ? AND status != ? AND actnum = ? AND invnum = ?', $params['lc_id'], $params['login'], 1, 99, $params['actnum'], $params['invnum']); } } }
/** * Добавление Комментария/Сообщения * */ function addComment() { $DB = new DB('master'); if ($_SESSION['last_comment_add'] + 5 > time()) { return false; } $_SESSION['last_comment_add'] = time(); /* Данные комментария */ $blog = $_POST['blogID']; $user = get_uid(); $parent = $_POST['parent']; $alert = array(); if (strlen($_POST['msg']) > blogs::MAX_DESC_CHARS) { $error_flag = 1; $alert[2] = "Максимальный размер сообщения " . blogs::MAX_DESC_CHARS . " символов!"; $msg =& $_POST['msg']; } else { $msg = $_POST['msg']; $msg = preg_replace("/<ul.*>/Ui", "<ul>", $msg); $msg = preg_replace("/<li.*>/Ui", "<li>", $msg); $msg = change_q_x_a(antispam($msg), false, false); } $msg_name = substr(change_q_x(antispam($_POST['title']), true), 0, 96); $yt_link = substr(change_q_x(antispam(str_replace('watch?v=', 'v/', $_POST['yt_link'])), true), 0, 128); if ($yt_link != '') { if (strpos($yt_link, 'http://ru.youtube.com/v/') !== 0 && strpos($yt_link, 'http://youtube.com/v/') !== 0 && strpos($yt_link, 'http://www.youtube.com/v/') !== 0) { $error_flag = 1; $alert[4] = "Неверная ссылка."; } } if (is_empty_html($msg)) { $msg = ''; } // загрузка файлов $attach = $_FILES['attach']; if (is_array($attach) && sizeof($attach) <= 10) { if (is_array($attach) && !empty($attach['name'])) { foreach ($attach['name'] as $key => $v) { if (!$attach['name'][$key]) { continue; } $files[] = new CFile(array('name' => $attach['name'][$key], 'type' => $attach['type'][$key], 'tmp_name' => $attach['tmp_name'][$key], 'error' => $attach['error'][$key], 'size' => $attach['size'][$key])); } } if ($group == 7) { $max_image_size = array('width' => 400, 'height' => 600, 'less' => 0); } else { $max_image_size = array('width' => 470, 'height' => 1000, 'less' => 0); } list($files, $alert_, $error_flag___) = self::uploadFile($files, $max_image_size); $error_flag = max($error_flag___, $error_flag); if (is_array($alert_)) { $alert = array_merge($alert, $alert_); } } else { if (is_array($attach) && !empty($attach['name'])) { $error_flag = 1; $alert[2] = "Файлов не должно быть больше 10"; } } if (!$msg && !count($files)) { $error_flag = 1; $alert[2] = "Поле заполнено некорректно"; } if (($msg || $files['f_name'][0]) && get_uid() && !$error_flag) { //if($files['f_name'][0]) //error_reporting(E_ALL); $eUser = $DB->row("SELECT email, uid FROM corporative_blog LEFT JOIN users ON users.uid = corporative_blog.id_user WHERE corporative_blog.id = ?", $parent); $e_user = new users(); $e_user->GetUser($e_user->GetField($eUser['uid'], $ee, 'login')); $sql = "INSERT INTO corporative_blog (title, yt_link, msg, id_blog, id_user, id_reply) VALUES(?, ?, ?, ?, ?, ?) RETURNING id;"; $res = $DB->row($sql, $msg_name, $yt_link, $msg, $blog, $user, $parent); $idCom = $res['id']; // $idCom = front::og("db")->select("SELECT id FROM corporative_blog WHERE title = ? AND msg = ? AND id_blog = ? AND id_user = ?", $msg_name, $msg, $blog, $user)->fetchOne(); if (substr($e_user->subscr, 2, 1) == '1' && $idCom && $eUser['uid'] != $user) { $p_user = new users(); $p_user->GetUser($p_user->GetField($user, $ee, 'login')); $smail = new smail(); $link = "http://free-lance.ru/about/corporative/post/{$blog}/link/{$idCom}/#c{$idCom}"; $smail->CorporativeBlogNewComment(array("title" => $msg_name, "msgtext" => $msg), $p_user, $e_user, $link); } if (is_array($files)) { $asql = ''; for ($i = 0; $i < count($files['f_name']); $i++) { if ($files['f_name'][$i]) { $asql .= ", (currval('corporative_blog_id_seq'), '{$files['f_name'][$i]}', '{$files['tn'][$i]}')"; } } if ($asql) { $asql = substr($asql, 2); } } if ($asql) { $DB->squery("INSERT INTO corporative_blog_attach(msg_id, \"name\", small) VALUES {$asql}"); } $tags = $_POST['tags']; if ($tags) { $tags_arr = $tags; //explode(",", $tags); array_unique($tags_arr); $this->tagsDelete($idCom); $tg = tags::Add($tags_arr); $this->tagsAdd($idCom, $tg); } //Уведомление о комментарии //list($alert1, $error_flag, $error) = $sql_error; //list($alert1, $error_flag, $error) = $blog_obj->NewThread(get_uid(), $gr, $base, $name, $msg, $files, getRemoteIP(), $mod, 0, $tags, $yt_link, $ontop); } //if ($alert1) $alert = $alert + $alert1; //vardump($alert); front::og("tpl")->error_flag = $error_flag; // front::og("tpl")->alert = $alert; front::og("tpl")->post = array("blog" => $blog, "user" => $user, "parent" => $parent, "msg" => $msg, "title" => $msg_name, "yt_link" => $yt_link, "tags" => $_POST['tags']); return array($error_flag, $error, $idCom); }
/** * @desc Проверка превышения лимита в SMS_ON_NUMBER_PER_24_HOURS SMS на номер $msisdn * Возвращает true если предел превышен * * @param $msisdn - номер * @param int &$recordId - записывает номер записи или 0, в зависимости от существования записи в таблице sms_log * @param int &$count - сколько раз уже отправлено * @param string &$message - сообщение "Осталось N попыток" * * @return bool **/ public function limitSmsOnNumberIsExceed($msisdn, &$recordId, &$count, &$message) { $msisdn = str_replace('+', '', $msisdn); $db = new DB('stat'); $limit = sms_gate::SMS_ON_NUMBER_PER_24_HOURS; $row = $db->row('SELECT id, count, last_send, NOW() AS _now FROM sms_log WHERE msisdn = ? LIMIT 1', $msisdn); $recordId = intval($row['id']); $count = intval($row['count']); $message = $this->getSmsLimitMessage($count); if ($row['id']) { $diff = strtotime($row['_now']) - strtotime($row['last_send']); if ($diff >= 24 * 3600) { $count = 0; $message = $this->getSmsLimitMessage($count); } if ($row['count'] >= $limit && $diff < 24 * 3600) { return true; } } return false; }
/* --- kontrola jadra --- */ if (!defined('_core')) { exit; } /* --- ulozeni --- */ $message = ""; if (isset($_POST['sourcegroup'])) { $source = intval($_POST['sourcegroup']); $target = intval($_POST['targetgroup']); $source_data = DB::query("SELECT level FROM `" . _mysql_prefix . "-groups` WHERE id=" . $source); $target_data = DB::query("SELECT level FROM `" . _mysql_prefix . "-groups` WHERE id=" . $target); if (DB::size($source_data) != 0 and DB::size($target_data) != 0 and $source != 2 and $target != 2) { if ($source != $target) { $source_data = DB::row($source_data); $target_data = DB::row($target_data); if (_loginright_level > $source_data['level'] and _loginright_level > $target_data['level']) { DB::query("UPDATE `" . _mysql_prefix . "-users` SET `group`=" . $target . " WHERE `group`=" . $source . " AND id!=0"); $message = _formMessage(1, $_lang['global.done']); } else { $message = _formMessage(2, $_lang['admin.users.move.failed']); } } else { $message = _formMessage(2, $_lang['admin.users.move.same']); } } else { $message = _formMessage(3, $_lang['global.badinput']); } } /* --- vystup --- */ $output .= "<p class='bborder'>" . $_lang['admin.users.move.p'] . "</p>\n" . $message . "\n<form class='cform' action='index.php?p=users-move' method='post'>\n" . $_lang['admin.users.move.text1'] . " " . _admin_authorSelect("sourcegroup", -1, "id!=2", null, null, true) . " " . $_lang['admin.users.move.text2'] . " " . _admin_authorSelect("targetgroup", -1, "id!=2", null, null, true) . " <input type='submit' value='" . $_lang['global.do'] . "' onclick='return _sysConfirm();' />\n" . _xsrfProtect() . "</form>\n";
} if ($continue) { /* --- odstraneni --- */ $done = false; if (isset($_POST['doit'])) { // smazani skupiny if (!$systemgroup) { DB::query("DELETE FROM `" . _mysql_prefix . "-groups` WHERE id=" . $id); } // zmena vychozi skupiny if (!$systemgroup and $id == _defaultgroup) { DB::query("UPDATE `" . _mysql_prefix . "-settings` SET val='3' WHERE var='defaultgroup'"); } // smazani uzivatelu $users = DB::query("SELECT id FROM `" . _mysql_prefix . "-users` WHERE `group`=" . $id . " AND id!=0"); while ($user = DB::row($users)) { _deleteUser($user['id']); } $done = true; } /* --- vystup --- */ if ($done != true) { $output .= "\n <p class='bborder'>" . $_lang['admin.users.groups.delp'] . "</p>\n " . ($systemgroup ? _admin_smallNote($_lang['admin.users.groups.specialgroup.delnotice']) : '') . "\n <form class='cform' action='index.php?p=users-delgroup&id=" . $id . "' method='post'>\n <input type='hidden' name='doit' value='1' />\n <input type='submit' value='" . $_lang['global.do'] . "' onclick='return _sysConfirm();' />\n " . _xsrfProtect() . "</form>\n "; } else { $output .= _formMessage(1, $_lang['global.done']); } } else { if ($levelconflict == false) { $output .= _formMessage(3, $_lang['global.badinput']); } else { $output .= _formMessage(3, $_lang['global.disallowed']);
$images = DB::query("SELECT * FROM `" . _mysql_prefix . "-images` WHERE home=" . $id . " ORDER BY ord " . $paging[1]); $images_number = DB::size($images); if ($images_number != 0) { $usetable = $query['var1'] != -1; if (_pagingmode == 1 or _pagingmode == 2) { $content .= $paging[0]; } if ($usetable) { $content .= "<table class='gallery'>\n"; } else { $content .= "<div class='gallery'>\n"; } // obrazky $counter = 0; $cell_counter = 0; while ($img = DB::row($images)) { if ($usetable and $cell_counter == 0) { $content .= "<tr>\n"; } // bunka if ($usetable) { $content .= "<td>"; } $content .= _galleryImage($img, $id, $query['var4'], $query['var3']); if ($usetable) { $content .= "</td>"; } $cell_counter++; if ($usetable and ($cell_counter == $query['var1'] or $counter == $images_number - 1)) { $cell_counter = 0; $content .= "\n</tr>";
/** * Возвращает автоматическую папку пользователя по ID. * * @param string $sUid UID пользователя * @param string $sFolderId ID папки * * @return array */ public function pmAutoFolderGetById($sUid = '', $sFolderId = '') { $DBproxy = new DB(); return $DBproxy->row('SELECT * FROM mess_pm_folder_get(?i, ?i)', $sUid, $sFolderId); }
* NULL - без файлов */ $eFiles = NULL; /** * Через какое количество отосланных сообщений выводить статистику о них * (для адресной рассылки и email рассылки) * */ $printStatus = 200; // ---------------------------------------------------------------------------------------------------------------- // -- Рассылка ---------------------------------------------------------------------------------------------------- // ---------------------------------------------------------------------------------------------------------------- $master = new DB('master'); $plproxy = new DB('plproxy'); $count = NULL; $sender = $master->row("SELECT * FROM users WHERE login = ?", $sender); if (empty($sender)) { die("Unknown Sender\n"); } echo "Send personal messages\n"; if ($mass) { $count = 0; switch ($recipients) { case 'all': $message_id = $plproxy->val("SELECT messages_masssend_all(?, ?, ?, ?a)", $sender['uid'], $pro, $pMessage, $pFiles); break; case 'freelancers': $message_id = $plproxy->val("SELECT messages_masssend_freelancers(?, ?, ?, ?a)", $sender['uid'], $pro, $pMessage, $pFiles); break; case 'employers': $message_id = $plproxy->val("SELECT messages_masssend_employers(?, ?, ?, ?a)", $sender['uid'], $pro, $pMessage, $pFiles);
/** * Информация по отправке сообщения на соответствующий номер. * * @return array */ public function getInfoSend() { return $this->_db->row('SELECT id, data, dlr_status, date_send, is_auth FROM sms_gate WHERE msisdn = ? AND user_id = ? ORDER by date_send DESC', $this->getCell(), $_SESSION['uid']); }
</center> </td> </tr> </tbody></table> </body> </html> <?php $eMessage = ob_get_clean(); // ---------------------------------------------------------------------------------------------------------------- // -- Рассылка ---------------------------------------------------------------------------------------------------- // ---------------------------------------------------------------------------------------------------------------- $DB = new DB('master'); $cnt = 0; $sender = $DB->row('SELECT * FROM users WHERE login = ?', $sender); if (empty($sender)) { die("Unknown Sender\n"); } echo "Send email messages\n"; $mail->subject = $eSubject; // заголовок письма $mail->message = $eMessage; // текст письма $mail->recipient = ''; // свойство 'получатель' оставляем пустым $spamid = $mail->masssend(); //if (!$spamid) die('Failed!'); // с этого момента рассылка создана, но еще никому не отправлена! // допустим нам нужно получить список получателей с какого-либо запроса $i = 0;
} // vyhledani obrazku if ($image) { // zaklad dotazu $sql = 'SELECT img.id,img.prev,img.full,img.ord,img.home,img.title,gal.title AS gal_title,gal.title_seo,gal.var2 FROM `' . _mysql_prefix . '-images` AS img'; // join na galerii $sql .= ' JOIN `' . _mysql_prefix . '-root` AS gal ON(gal.id=img.home)'; // podminky $sql .= ' WHERE gal.visible=1'; if ($public) { $sql .= ' AND gal.public=1'; } $sql .= ' AND ' . _tmpSearchQuery('img', array('title')); // vykonani a nacteni vysledku $q = DB::query($sql . ' LIMIT 20'); while ($r = DB::row($q)) { $link = _addGetToLink(_linkRoot($r['home'], $r['title_seo']), 'page=' . _resultPagingGetItemPage($r['var2'], "images", "ord<" . $r['ord'] . " AND home=" . $r['home'])); $results[] = array($link, $r['gal_title'], ($r['title'] !== '' ? $r['title'] . '<br />' : '') . _galleryImage($r, 'search', 128, 128)); } DB::free($q); } // extend _extend('call', 'mod.search.results', array('results' => &$results, 'query' => $search_query, 'query_sql' => $search_query_sql)); // vypis vysledku if (count($results) != 0) { foreach ($results as $item) { $module .= "\n<h2 class='list-title'><a href='" . $item[0] . "'>" . $item[1] . "</a></h2>\n<p class='list-perex'>" . $item[2] . "</p>\n"; if (isset($item[3])) { $module .= "<div class='list-info'>" . $item[3] . "</div>\n"; } }