function SiteCreator_css(&$smarty, $form = false)
{
$mysql = new MYSQL($smarty);
$tabela = $smarty->cfg['prefix'] . 'bilder_site';
$mysql->SqlSelect("SELECT ID_SITE FROM {$tabela} WHERE site_dominio = '{$form['site_dominio']}'", __FILE__, __LINE__);
if (mysql_affected_rows() > 0) {
return $smarty->getFinishError('sitecreator_erro_01', array("", " - " . htmlspecialchars($this->form['site_dominio'])));
}
switch ($form['action']) {
case "selectcss":
$smarty->assign('ID_CSSCLASS', $form['ID_CSSCLASS']);
return $smarty->fetch($smarty->modulo_dir . "select_css.tpl");
break;
default:
$form['ID_MEMBER'] = $smarty->perfil['ID_MEMBER'];
$sql = $mysql->SqlInsert($tabela, $form);
$mysql->SqlSelect($sql, __FILE__, __LINE__);
$idde = mysql_insert_id();
$cam = './sites/' . $idde;
//$cam = './sites/21';
$site = new SiteCreator();
$site->CopyDefultSite($cam);
$site->createCfgfile($cam, array('ID_SITE' => $idde));
$site->CopyCss($form['ID_CSS'], $cam);
$site->createTemplates($cam, $form['site_pages']);
unset($_POST);
unset($_GET);
return $smarty->getFinish('sitecreator_sucesso_01');
break;
}
}
function SetLogin(&$smarty, $form = false, $pageredir = "index")
{
$ck = new Check('POST');
$mysql = new MYSQL($smarty);
if ($ck->form['cookieleng'] == $smarty->get_config_vars('Login00')) {
$cookielength = 0;
$cookieneverexp = 'on';
} else {
$cookielength = $ck->form['cookieleng'];
}
$user = $ck->form['login_user'];
$pass = $ck->form['login_password'];
$request = $mysql->SqlSelect("SELECT * FROM {$smarty->cfg[prefix]}members WHERE member_name='{$user}'", __FILE__, __LINE__);
$perfil = mysql_fetch_array($request, MYSQL_ASSOC);
$md5_passwrd = $this->md5_hmac($pass, strtolower($user));
switch ($cookielength) {
case "1":
$cookielength = strtotime("+30 minutes");
break;
case "2":
$cookielength = strtotime("+1 hour");
break;
case "3":
$cookielength = strtotime("+1 day");
break;
case "4":
$cookielength = strtotime("+1 month");
break;
case "5":
$cookielength = strtotime("+1 year");
break;
default:
$cookielength = strtotime("+1 year");
}
$password = $this->md5_hmac($md5_passwrd, 'ys');
$cookie_url = explode($smarty->cfg["separate"], $this->url_parts($smarty->get_config_vars('http'), $smarty->cfg["separate"]));
$cookie = serialize(array($perfil['ID_MEMBER'], $password));
$ctime = $cookielength;
//print $smarty->cfg['cookie'].' , ' .$cookie.' , '. $ctime.' , '. $cookie_url[1].' , '. $cookie_url[0];
setcookie($smarty->cfg['cookie'], $cookie, $ctime, $cookie_url[1], $cookie_url[0]);
$lastLog = time();
$memIP = $_SERVER[REMOTE_ADDR];
$valores = array('member_lastlogin' => $lastLog, 'member_ip' => $memIP);
$sql = $mysql->SqlUpdate($smarty->cfg["prefix"] . 'members', $valores, "member_name='{$user}'");
$result = $mysql->SqlSelect($sql);
$identify = INET_ATON();
$sql = $mysql->SqlDelete($smarty->cfg["prefix"] . 'log_online', "identity='{$identify}'");
$result = $mysql->SqlSelect($sql);
$redir = $smarty->get_config_vars('http') . $smarty->cfg['index'] . '?page=' . $pageredir;
header("location:{$redir}");
}
function myRoles($username, $defult = array(ANONYMOUS_ID_ROLE => 'anonymous user'))
{
global $cfg;
if ($username >= 0) {
$mysql = new MYSQL($cfg);
$key = key($defult);
$valor = array_values($defult);
$sql = "\n\t\t\tSELECT r.ID_ROLE, r.name, p.permission, (SELECT permission FROM {permission} WHERE ID_ROLE = '{$key}')as `{$valor[0]}`\n\t\t\tFROM {users_roles} ur\n\t\t\tNATURAL JOIN {role} r\n\t\t\tLEFT JOIN {permission} p ON p.ID_ROLE = ur.ID_ROLE\n\t\t\tWHERE ID_USER = '******' ORDER BY r.weight DESC\n\t\t\t";
$result = $mysql->SqlSelect($sql);
$perm['permission'] = array();
while ($row = mysql_fetch_assoc($result)) {
$perm['permission'] = explode(",", $row['permission']) + explode(",", $row[$valor[0]]);
$perm[$row['ID_ROLE']] = $row['name'];
}
return $perm;
}
}
function LoadRules($id, $acesso = 'ALL', &$smarty)
{
global $cfg;
switch ($acesso) {
case 'ONLY_GUEST':
return $id != 0 ? false : true;
break;
case 'NOT_GUEST':
return $id <= 0 ? false : true;
break;
case 'ALL':
return true;
break;
default:
$mysql = new MYSQL($smarty);
$result = $mysql->SqlSelect("SELECT r.name\n\t\t\t\t\t\t\t\t\t\t\tFROM {$cfg[db_prefix]}role r\n\t\t\t\t\t\t\t\t\t\t\tRIGHT JOIN {$cfg[db_prefix]}members_roles m ON r.ID_RULE = m.ID_RULE\n\t\t\t\t\t\t\t\t\t\t\tWHERE m.ID_MEMBER = '{$id}'\n\t\t\t\t\t\t\t\t\t\t\tORDER BY r.weight", __FILE__, __LINE__);
if (mysql_affected_rows() > 0) {
return $linha = mysql_fetch_assoc($result);
} else {
return false;
}
break;
}
}
function Listmail($email, $nome = false)
{
if (is_numeric($email)) {
$mysql = new MYSQL($this->smarty);
$result = $mysql->SqlSelect("SELECT member_real,member_email FROM {$this->smarty->cfg[prefix]}members WHERE ID_MEMBER = '{$email}'");
if (mysql_affected_rows() > 0) {
$member = mysql_fetch_array($result, MYSQL_ASSOC);
return $member['member_real'] . '<' . $member['member_email'] . '>';
}
} elseif ($nome != false) {
if (Check::NotEmail($email) != true) {
return $nome . '<' . $email . '>';
}
} else {
if (Check::NotEmail($email) != true) {
return $email;
}
}
}
/**
* Dado um apelido, retornar a sua URL de sistema, se houver.
* Dado um sistema um retorno URL do seu alias, se tal pessoa existe.
* Caso contr�rio, retorna FALSE.
*
* @param $action
* um dos seguintes valores:
* - wipe: apaga um cache de apelidos.
* - alias: retorna um apelido para dar ao URL do sistema de caminhos (se existir).
* - source: retorna a URL do sistema para um apelido (se existir)
* @param $path
* O caminho para investigar o sistema de apelidos ou correspondentes URLs.
* @param $path_language
* Opcional codigo de linguagem para procurar um caminho nele. O padr�o � a linguagem
* da p�gina.
* se nenhum caminho for definido pela lingagem ent�o ser� buscado um caminho se a linguagem.
*
* @return
* ou um caminho de sistema, um caminho do apelido, ou FALSE se nenhum caminho for encontrado.
*/
function lookup_path($action, $path = '', $path_language = '')
{
global $language, $cfg;
// $map é um array com a chave da linguagem, contendo arrays com os apelidos dos caminhos
static $map = array(), $no_src = array(), $count = NULL;
$path_language = $path_language ? $path_language : $language['language']->language;
$mysql = new MYSQL($cfg);
// Use $count to avoid looking up paths in subsequent calls if there simply are no aliases
if (!isset($count)) {
$sql = "SELECT COUNT(ID_PATH) FROM {url_alias}";
$count = $mysql->dbResult($mysql->SqlSelect($sql));
}
if ($action == 'wipe') {
$map = array();
$no_src = array();
$count = NULL;
} elseif ($count > 0 && $path != '') {
if ($action == 'alias') {
if (isset($map[$path_language][$path])) {
return $map[$path_language][$path];
}
// Obtenha o resultado mais adequado caindo para tr�s com alias sem linguagem
$sql = "SELECT dst FROM {url_alias} WHERE src = '{$path}' AND language IN('{$path_language}', '') ORDER BY language DESC, ID_PATH DESC";
$alias = $mysql->dbResult($mysql->SqlSelect($sql, __FILE__, __LINE__, __CLASS__, __METHOD__, __FUNCTION__));
$map[$path_language][$path] = $alias;
return $alias;
} elseif ($action == 'source' && !isset($no_src[$path_language][$path])) {
// procura no valor de $path sem cachear $map
$src = FALSE;
if (!isset($map[$path_language]) || !($src = array_search($path, $map[$path_language]))) {
// Obtenha o resultado mais adequado caindo para tr�s com alias sem linguagem
$sql = "SELECT src FROM {url_alias} WHERE dst = '{$path}' AND language IN('{$path_language}', '') ORDER BY language DESC, ID_PATH DESC";
$src = "";
if ($src = $mysql->dbResult($mysql->SqlSelect($sql, __FILE__, __LINE__, __CLASS__, __METHOD__, __FUNCTION__))) {
$map[$path_language][$src] = $path;
} else {
// We can't record anything into $map because we do not have a valid
// index and there is no need because we have not learned anything
// about any Drupal path. Thus cache to $no_src.
$no_src[$path_language][$path] = TRUE;
}
}
return $src;
}
}
return FALSE;
}
<?php
$tabela = 'pedidos';
$mysql = new MYSQL($cfg);
if ($_POST['add']) {
// adicionar registro.
array_pop($_POST);
print_r($_POST);
$sql = $mysql->SqlInsert($tabela, $_POST);
$request = $mysql->SqlSelect($sql, __FILE__, __LINE__);
if ($request) {
print "<h4>Registro Realizado com sucesso!!!</h4>";
}
}
if ($_POST['del']) {
// adicionar registro.
print_r($_POST);
$idde = trim($_POST['id']);
$sql = $mysql->SqlDelete($tabela, "id = '{$idde}'");
$request = $mysql->SqlSelect($sql, __FILE__, __LINE__);
if ($request) {
print "<h4>Registro Deletado com sucesso!!!</h4>";
}
}
$result = $mysql->SqlSelect("\r\r\n SELECT B.nome as cliente , C.nome as produto, A.id as id\r\r\n FROM pedidos A INNER JOIN clientes B ON A.id_cliente = B.id INNER JOIN produtos C ON A.id_produto = C.id\r\r\n ORDER BY cliente ASC\r\r\n ");
if ($result) {
?>
<div class="col-md-6">
<table class="table table-striped">
<thead>
/**
* executa um insert no banco de dados de um objeto po
* @param unknown_type $entry
* @param unknown_type $group
* @return Ambigous <Ambigous, resource>
* @todo atualizar para que o insert também faça um update
*/
function insertTranslation(&$entry, $group = 'default')
{
global $cfg;
$mysql = new MYSQL($cfg);
$args = po_db($entry, $group);
return $mysql->SqlSelect($mysql->SqlInsert($args), __FILE__, __LINE__);
}
<?php
$tabela = 'pedidos';
$mysql = new MYSQL($cfg);
?>
<form action="index.php?p=pedidos&a=list" method="post">
<label for="cliente">Cliente:<br />
<select name="id_cliente">
<?php
$result = $mysql->SqlSelect(" SELECT nome, id\r\r\n FROM clientes\r\r\n ORDER BY nome ASC\r\r\n ");
while ($item = mysql_fetch_array($result, MYSQL_ASSOC)) {
?>
<option value="<?php
echo $item['id'];
?>
"><?php
echo $item['nome'];
?>
</option>
<?php
}
?>
</select>
</label><br />
<label for="produto">Produtos:<br />
<select name="id_produto">
<?php
$result = $mysql->SqlSelect(" SELECT nome, id\r\r\n FROM produtos\r\r\n ORDER BY nome ASC\r\r\n ");
<?php
$tabela = 'produtos';
$mysql = new MYSQL($cfg);
if ($_POST['add']) {
// adicionar registro.
array_pop($_POST);
$sql = $mysql->SqlInsert($tabela, $_POST);
$request = $mysql->SqlSelect($sql, __FILE__, __LINE__);
if ($request) {
print "<h4>Registro Realizado com sucesso!!!</h4>";
}
}
if ($_POST['del']) {
// adicionar registro.
$idde = trim($_POST['id']);
$sql = $mysql->SqlDelete($tabela, "id = '{$idde}'");
$request = $mysql->SqlSelect($sql, __FILE__, __LINE__);
if ($request) {
print "<h4>Registro Deletado com sucesso!!!</h4>";
}
}
$result = $mysql->SqlSelect("SELECT id, nome, descricao, preco FROM {$tabela}");
if ($result) {
?>
<div class="col-md-6">
<table class="table table-striped">
<thead>
<tr>
<th>#</th>
function sess_gc($lifetime)
{
global $cfg;
$mysql = new MYSQL($cfg);
// Be sure to adjust 'php_value session.gc_maxlifetime' to a large enough
// value. For example, if you want user sessions to stay in your database
// for three weeks before deleting them, you need to set gc_maxlifetime
// to '1814400'. At that value, only after a user doesn't log in after
// three weeks (1814400 seconds) will his/her session be removed.
$mysql->SqlSelect("DELETE FROM {sessions} WHERE timestamp < %d", time() - $lifetime);
return TRUE;
}
function LoadPages()
{
$mysql = new MYSQL($this);
$nivel = $this->getVars('member_nivel');
$group = explode(";", $this->getVars('member_group'));
foreach ($group as $valor) {
if ($valor == "") {
continue;
}
$ex .= "OR page_acess like '{$valor}' ";
}
$result = $mysql->SqlSelect("SELECT * FROM {$this->cfg[prefix]}pages WHERE page_nivel <= '{$nivel}' {$ex} ");
while ($page = mysql_fetch_array($result, MYSQL_ASSOC)) {
$this->page[$page['page_name']] = $page;
}
}
/**
* Metodo que carrega as configurações extras do banco de dados
*/
private function LoadConfigDb()
{
//@todo fazer com que o load config carregue arrays do mysql com serealize, mas para isso precisa serializar so valores que ja estão no BD.
$mysql = new MYSQL($this->cfg);
if ($mysql->MysqlSelectDb($this->cfg['db_name'], $mysql->conexao)) {
$result = $mysql->SqlSelect("SELECT * FROM {config}");
while ($row = mysql_fetch_assoc($result)) {
$this->cfg[$row['item']] = $row['valor'];
}
} else {
/*
* @TODO Não Existe banco de dados para instalação;
**/
install_goto('install.php');
}
}
<?php
$tabela = 'clientes';
$mysql = new MYSQL($cfg);
if ($_POST['add']) {
//adicionar registro.
array_pop($_POST);
$sql = $mysql->SqlInsert($tabela, $_POST);
$request = $mysql->SqlSelect($sql, __FILE__, __LINE__);
if ($request) {
print "<h4>Registro Realizado com sucesso!!!</h4>";
}
}
if ($_POST['del']) {
//adicionar registro.
$idde = trim($_POST['id']);
$sql = $mysql->SqlDelete($tabela, "id = '{$idde}'");
$request = $mysql->SqlSelect($sql, __FILE__, __LINE__);
if ($request) {
print "<h4>Registro Deletado com sucesso!!!</h4>";
}
}
$result = $mysql->SqlSelect("SELECT id, nome, email, telefone FROM {$tabela}");
if ($result) {
?>
<div class="col-md-6">
<table class="table table-striped">
<thead>
<tr>
<th>#</th>
function getFilename($type, $name, $filename = NULL)
{
global $cfg;
static $files = array();
$GLOBALS['files'] &= $files;
$mysql = new MYSQL($cfg);
if (!isset($files[$type])) {
$files[$type] = array();
}
if (!empty($filename) && file_exists($filename)) {
$files[$type][$name] = $filename;
} elseif (isset($files[$type][$name])) {
// nothing
} elseif ($cfg['db_name'] && (($file = $mysql->dbResult($mysql->SqlSelect("SELECT filename FROM {system} WHERE name = '%s' AND type = '%s'", $name, $type))) && file_exists($file))) {
$files[$type][$name] = $file;
} else {
// Fallback to searching the filesystem if the database connection is
// not established or the requested file is not found.
$dir = $type == 'theme_engine' ? 'themes/engines' : "{$type}s";
$file = $type == 'theme_engine' ? "{$name}.engine" : "{$name}.{$type}";
$config = SITE_MODULOS;
foreach (array("{$config}{$dir}/{$file}", "{$config}{$dir}/{$name}/{$file}", "{$dir}/{$file}", "{$dir}/{$name}/{$file}") as $file) {
if (file_exists($file)) {
$files[$type][$name] = $file;
break;
}
}
}
if (isset($files[$type][$name])) {
return $files[$type][$name];
}
}
<?php
$tabela = 'produtos';
$mysql = new MYSQL($cfg);
$idde = trim($_POST['id']);
if (trim($_POST['edit'])) {
array_pop($_POST);
$sql = $mysql->SqlUpdate($tabela, $_POST, "id = '{$idde}'");
$request = $mysql->SqlSelect($sql);
$request = $mysql->SqlSelect($sql, __FILE__, __LINE__);
if (request) {
print "<h4>Registro Atualizado com sucesso!!!</h4>";
}
}
$result = $mysql->SqlSelect("SELECT * FROM {$tabela} WHERE id = '" . $idde . "'");
$item = mysql_fetch_array($result, MYSQL_ASSOC);
?>
<form action="index.php?p=produtos&a=edit" method="post">
<label for="nome">Nome:<br />
<input name="nome" type="text" value="<?php
echo $item['nome'];
?>
" />
</label><br />
<label for="descricao">Descrição:<br />
<textarea name="descricao"><?php
echo $item['descricao'];
?>
</textarea>
</label><br />
<?php
$tabela = 'pedidos';
$mysql = new MYSQL($cfg);
$idde = trim($_POST['id']);
if (trim($_POST['edit'])) {
array_pop($_POST);
$sql = $mysql->SqlUpdate($tabela, $_POST, "id = '{$idde}'");
$request = $mysql->SqlSelect($sql);
$request = $mysql->SqlSelect($sql, __FILE__, __LINE__);
if (request) {
print "<h4>Registro Atualizado com sucesso!!!</h4>";
}
}
$result = $mysql->SqlSelect("SELECT * FROM {$tabela} WHERE id = '" . $idde . "'");
$item = mysql_fetch_array($result, MYSQL_ASSOC);
?>
<form action="index.php?p=pedidos&a=edit" method="post">
<label for="cliente">Cliente:<br />
<select name="id_cliente">
<?php
$result = $mysql->SqlSelect(" SELECT nome, id\r\r\n FROM clientes\r\r\n ORDER BY nome ASC\r\r\n ");
while ($itema = mysql_fetch_array($result, MYSQL_ASSOC)) {
if ($item['id_cliente'] == $itema['id']) {
$det = 'selected="selected"';
} else {
$det = '';
}
?>
function RegReservedName(&$smarty)
{
$mysql = new MYSQL($smarty);
$request = $mysql->SqlSelect("SELECT * FROM {$smarty->cfg[prefix]}reserved_names", __FILE__, __LINE__);
if (mysql_affected_rows() > 0) {
$reserve = array();
while ($row = mysql_fetch_array($request)) {
if ($row['setting'] == 'word') {
$reserve[] = trim($row['value']);
} else {
${$row['setting']} = trim($row['value']);
}
}
$namecheck = $matchcase == '1' ? $this->form['member_name'] : strtolower($this->form['member_name']);
foreach ($reserve as $reserved) {
$reservecheck = $matchcase == '1' ? $reserved : strtolower($reserved);
if ($matchuser == '1') {
if ($matchword == '1') {
if ($namecheck == $reservecheck) {
return $smarty->getFinishError('registro_erro_05', array("", " - " . $reserved));
}
} else {
if (strstr($namecheck, $reservecheck)) {
return $smarty->getFinishError('registro_erro_05', array("", " - " . $reserved));
}
}
}
}
}
}
public function logMe($ID_MEMBER, $min = '15')
{
$mysql = new MYSQL($this);
$tabela = $this->cfg['db_prefix'] . 'log_online';
$logme['identity'] = $ID_MEMBER;
$perfil['member_lastlogin'] = $logme['logTime'] = 'NOW()';
$perfil['member_lestonline'] = $logme['logoutTime'] = "NOW() + INTERVAL " . $min . " MINUTE";
$logme['url'] = $this->actualpage['page_name'] ? $this->actualpage['page_name'] : "index";
$logme['ip'] = $_SERVER['REMOTE_ADDR'];
$request = $mysql->SqlSelect("Select identity From {$tabela} where ip = \"{$logme[ip]}\" and identity = \"{$ID_MEMBER}\"", __FILE__, __LINE__);
mysql_affected_rows();
if (mysql_affected_rows() > 0) {
$sql = $mysql->SqlUpdate($tabela, $logme, "identity = {$ID_MEMBER}");
} else {
$sql = $mysql->SqlInsert($tabela, $logme);
}
$request = $mysql->SqlSelect($sql, __FILE__, __LINE__);
$tabela = $this->cfg['db_prefix'] . 'log_online';
$sql = $mysql->SqlUpdate($tabela, $logme, "identity =" . $ID_MEMBER);
$request = $mysql->SqlSelect($sql, __FILE__, __LINE__);
$sql = $mysql->SqlDelete($tabela, "logoutTime < NOW()");
$request = $mysql->SqlSelect($sql, __FILE__, __LINE__);
if ($ID_MEMBER > 0) {
$tabela = $this->cfg['db_prefix'] . 'members';
$sql = $mysql->SqlUpdate($tabela, $perfil, "ID_MEMBER =" . $ID_MEMBER);
$request = $mysql->SqlSelect($sql, __FILE__, __LINE__);
}
}
