/** * calculate creature health, mana and armor * * kinda crappy way, but works * * if $type is used: * 1 -> returns health * 2 -> returns mana * 3 -> returns armor * 0 -> returns array(health,mana,armor) */ function get_additional_data($entryid, $type = 0) { global $world_db, $realm_id; if (!is_numeric($entryid)) { return array(0, 0, 0); } $sqlw = new SQL(); $sqlw->connect($world_db[$realm_id]['addr'], $world_db[$realm_id]['user'], $world_db[$realm_id]['pass'], $world_db[$realm_id]['name']); $q = $sqlw->query("\n\t\tSELECT \n\t\t\t(SELECT unit_class \n\t\t\tFROM creature_template \n\t\t\tWHERE entry = " . $entryid . ") AS class, \n\t\t\t\t(SELECT FLOOR(minlevel + (RAND() * (maxlevel - minlevel + 1))) \n\t\t\t\tFROM creature_template \n\t\t\t\tWHERE entry = " . $entryid . ") AS level, \n\t\t\t\t(SELECT exp \n\t\t\t\tFROM creature_template \n\t\t\t\tWHERE entry = " . $entryid . ") AS exp;"); $data = $sqlw->fetch_assoc($q); if ($sqlw->num_rows($q) == 0) { return array(0, 0, 0); } $q = "\n\t\t\tSELECT \n\t\t\t\t((SELECT Health_Mod \n\t\t\t\tFROM creature_template \n\t\t\t\tWHERE entry = " . $entryid . ")\n\t\t\t\t\t*(SELECT basehp" . $data['exp'] . " \n\t\t\t\t\tFROM creature_classlevelstats \n\t\t\t\t\tWHERE level = " . $data['level'] . " AND class = " . $data['class'] . ")+0.5), \n\t\t\t\t((SELECT Mana_Mod \n\t\t\t\tFROM creature_template \n\t\t\t\tWHERE entry = " . $entryid . ")\n\t\t\t\t\t*(SELECT basemana \n\t\t\t\t\tFROM creature_classlevelstats \n\t\t\t\t\tWHERE level = " . $data['level'] . " AND class = " . $data['class'] . ")+0.5),\n\t\t\t\t((SELECT Armor_Mod \n\t\t\t\tFROM creature_template \n\t\t\t\tWHERE entry = " . $entryid . ")\n\t\t\t\t*(SELECT basearmor \n\t\t\t\tFROM creature_classlevelstats \n\t\t\t\tWHERE level = " . $data['level'] . " AND class = " . $data['class'] . ")+0.5);"; if ($type == 1) { $q = "\n\t\t\tSELECT \n\t\t\t\t((SELECT Health_Mod \n\t\t\t\tFROM creature_template \n\t\t\t\tWHERE entry = " . $entryid . ")\n\t\t\t\t\t*(SELECT basehp" . $data['exp'] . " \n\t\t\t\t\tFROM creature_classlevelstats \n\t\t\t\t\tWHERE level = " . $data['level'] . " AND class = " . $data['class'] . ")+0.5);"; } if ($type == 2) { $q = "\n\t\t\tSELECT \n\t\t\t\t((SELECT Mana_Mod \n\t\t\t\tFROM creature_template \n\t\t\t\tWHERE entry = " . $entryid . ")\n\t\t\t\t\t*(SELECT basemana \n\t\t\t\t\tFROM creature_classlevelstats \n\t\t\t\t\tWHERE level = " . $data['level'] . " AND class = " . $data['class'] . ")+0.5);"; } if ($type == 3) { $q = "\n\t\t\tSELECT \n\t\t\t\t((SELECT Armor_Mod \n\t\t\t\tFROM creature_template \n\t\t\t\tWHERE entry = " . $entryid . ")\n\t\t\t\t\t*(SELECT basearmor \n\t\t\t\t\tFROM creature_classlevelstats \n\t\t\t\t\tWHERE level = " . $data['level'] . " AND class = " . $data['class'] . ")+0.5);"; } $query = $sqlw->query($q); $result = $sqlw->fetch_row($query); $sqlw->close(); unset($sql); if ($type == 2 && $result[0] == 0.5) { return 0; } if ($type == 0 && $result[1] == 0.5) { return array($result[0], 0, $result[2]); } return $type > 0 ? $result[0] : $result; }
function search() { global $lang_global, $output, $itemperpage, $item_datasite, $mangos_db, $characters_db, $realm_id, $sql_search_limit; wowhead_tt(); if (!isset($_GET['search_value']) || !isset($_GET['search_by'])) { redirect("mail_on.php?error=2"); } $sql = new SQL(); $sql->connect($characters_db[$realm_id]['addr'], $characters_db[$realm_id]['user'], $characters_db[$realm_id]['pass'], $characters_db[$realm_id]['name']); $search_value = $sql->quote_smart($_GET['search_value']); $search_by = $sql->quote_smart($_GET['search_by']); $search_menu = array('sender', 'receiver'); // if (!array_key_exists($search_by, $search_menu)) $search_by = 'sender'; $start = isset($_GET['start']) ? $sql->quote_smart($_GET['start']) : 0; $order_by = isset($_GET['order_by']) ? $sql->quote_smart($_GET['order_by']) : "id"; $dir = isset($_GET['dir']) ? $sql->quote_smart($_GET['dir']) : 1; $order_dir = $dir ? "ASC" : "DESC"; $dir = $dir ? 0 : 1; $temp = $sql->query("SELECT guid FROM `characters` WHERE name like '%{$search_value}%'"); $search_value = $sql->result($temp, 0, 'guid'); $query_1 = $sql->query("SELECT count(*) FROM `mail`"); $query = $sql->query("SELECT a.id, a.messageType, a.sender, a.receiver, a.subject, a.itemTextId, a.has_items, a.money, a.cod, a.checked, b.item_template\r\n FROM mail a\r\n INNER JOIN mail_items b ON a.id = b.mail_id\r\n WHERE {$search_by} = {$search_value}\r\n ORDER BY {$order_by} {$order_dir} LIMIT {$start}, {$itemperpage}"); $this_page = $sql->num_rows($query); $all_record = $sql->result($query_1, 0); $total_found = $sql->num_rows($query); //==========================top page navigation starts here======================== $output .= "<center><table class=\"top_hidden\">\r\n <tr><td>\r\n <table class=\"hidden\">\r\n <tr><td>\r\n <form action=\"mail_on.php\" method=\"get\" name=\"form\">\r\n <input type=\"hidden\" name=\"action\" value=\"search\" />\r\n <input type=\"hidden\" name=\"error\" value=\"4\" />\r\n <input type=\"text\" size=\"45\" name=\"search_value\" />\r\n <select name=\"search_by\">\r\n <option value=\"sender\">Sender</option>\r\n <option value=\"receiver\">Receiver</option>\r\n </select></form></td><td>"; makebutton($lang_global['search'], "javascript:do_submit()", 80); $output .= "</td></tr></table>\r\n <td align=\"right\">"; $output .= generate_pagination("mail_on.php?action=search&order_by={$order_by}&dir=" . !$dir, $all_record, $itemperpage, $start); $output .= "</td></tr></table>"; //==========================top page navigation ENDS here ======================== $output .= "<table class=\"lined\">\r\n <tr>\r\n <th width=\"5%\">ID</th>\r\n <th width=\"5%\">Source</th>\r\n <th width=\"10%\">Sender</th>\r\n <th width=\"10%\">Receiver</th>\r\n <th width=\"15%\">Subject</th>\r\n <th width=\"5%\">Has Items</th>\r\n <th width=\"25%\">Text</th>\r\n <th width=\"15%\">Money</th>\r\n <th width=\"5%\">Checked</th>\r\n </tr>"; while ($mail = $sql->fetch_array($query)) { $g = floor($mail[7] / 10000); $mail[7] -= $g * 10000; $s = floor($mail[7] / 100); $mail[7] -= $s * 100; $c = $mail[7]; $money = ""; if ($mail[7] > 0) { $money = $g . "<img src=\"./img/gold.gif\" /> " . $s . "<img src=\"./img/silver.gif\" /> " . $c . "<img src=\"./img/copper.gif\" /> "; } $output .= "<tr valign=top>\r\n <td>{$mail['0']}</td>\r\n <td>" . get_mail_source($mail[1]) . "</td>\r\n <td><a href=\"char.php?id={$mail['2']}\">" . get_char_name($mail[2]) . "</a></td>\r\n <td><a href=\"char.php?id={$mail['3']}\">" . get_char_name($mail[3]) . "</a></td>\r\n <td>{$mail['4']}</td>\r\n "; $output .= "<td>"; $output .= "\r\n <a style=\"padding:2px;\" href=\"{$item_datasite}{$mail[10]}\" target=\"_blank\">\r\n <img class=\"bag_icon\" src=\"" . get_item_icon($mail[10]) . "\" alt=\"\" />\r\n </a>"; //maketooltip("<img src=\"./img/up.gif\" alt=\"\">", $item_datasite{$mail[10]}, $mail[10], "item_tooltip", "target=\"_blank\""); $output .= "</td>"; $output .= "<td>" . get_mail_text($mail[5]) . "</td>\r\n <td>{$money}</td>\r\n <td>" . get_check_state($mail[9]) . "</td>\r\n </tr>"; } /*--------------------------------------------------*/ $output .= "<tr><td colspan=\"6\" class=\"hidden\" align=\"right\">All Mails: {$all_record}</td></tr>\r\n </table></center>"; $sql->close(); }
private function addComment($comment, $OpenIDFields = false) { if (!isset($comment['author']['openid']) || $comment['author']['openid'] == '') { $author = $comment['author']; $author['openid'] = ''; } else { $author = array('name' => $OpenIDFields['nickname'], 'email' => $OpenIDFields['email'], 'website' => $comment['author']['website']); $e = explode('http://', $comment['author']['openid']); $author['openid'] = end($e); if (preg_match('#(.*?)\\/$#s', $author['openid'])) { $author['openid'] = substr($author['openid'], 0, -1); } } if ($author['website'] == 'http://' || $author['website'] == '') { if (trim($comment['author']['openid']) == '') { $author['website'] = ''; } else { $author['website'] = trim($comment['author']['openid']); } } if ($result = !SQL::query("SELECT MAX([comment_number]) AS [max_number] FROM [blog_comments]p WHERE ([post_id] == " . (int) $comment['post_id'] . ")")) { $number = $result->fetchOne(); $number = (int) $number->max_number; } else { $number = 0; } if (!SQL::exec("\r\nINSERT INTO [blog_comments]p\r\n(\r\n[post_id],\r\n[comment_number],\r\n[comment_date],\r\n[comment_content],\r\n[comment_author_openid],\r\n[comment_author_name],\r\n[comment_author_email],\r\n[comment_author_website],\r\n[comment_author_user_agent],\r\n[comment_author_os]\r\n) VALUES (\r\n" . (int) $comment['post_id'] . ",\r\n" . $number . ",\r\n" . time() . ",\r\n'" . SQL::escape(trim($comment['content'])) . "',\r\n'" . SQL::escape(trim($author['openid'])) . "',\r\n'" . SQL::escape(trim($author['name'])) . "',\r\n'" . SQL::escape(strtolower(trim($author['email']))) . "',\r\n'" . SQL::escape(trim($author['website'])) . "',\r\n'" . SQL::escape($_SERVER['HTTP_USER_AGENT']) . "',\r\n'" . '' . "'\r\n)")) { throw new Exception('The comment could not be added.'); } $uri = SITE_ROOT_PATH . str_replace(array('%id', '%slug'), array($comment['post_id'], $comment['post_slug']), CFG_URL_BLOG_POST) . '#comments'; header('Location: ' . $uri); echo '<a href="' . $uri . '">' . $uri . '</a>'; }
/** * cascade to children * * @param string referencing of the changed anchor * @param string rights to be cascaded (e.g., 'Y', 'R' or 'N') */ public static function cascade($reference, $active) { global $context; // only sections may have sub-sections if (strpos($reference, 'section:') === 0) { // cascade to sub-sections if ($items = Sections::list_for_anchor($reference, 'raw')) { // cascade to each section individually foreach ($items as $id => $item) { // limit actual rights $item['active'] = Anchors::ceil_rights($active, $item['active_set']); $query = "UPDATE " . SQL::table_name('sections') . " SET active='" . SQL::escape($item['active']) . "' WHERE id = " . SQL::escape($id); SQL::query($query); // cascade to children Anchors::cascade('section:' . $item['id'], $item['active']); } } } // only categories may have sub-categories if (strpos($reference, 'category:') === 0) { // cascade to sub-categories if ($items = Categories::list_for_anchor($reference, 'raw')) { // cascade to each section individually foreach ($items as $id => $item) { // limit actual rights $item['active'] = Anchors::ceil_rights($active, $item['active_set']); $query = "UPDATE " . SQL::table_name('categories') . " SET active='" . SQL::escape($item['active']) . "' WHERE id = " . SQL::escape($id); SQL::query($query); // cascade to children Anchors::cascade('category:' . $item['id'], $item['active']); } } } // only sections may have articles if (strpos($reference, 'section:') === 0) { // cascade to articles --up to 3000 if ($items =& Articles::list_for_anchor_by('edition', $reference, 0, 3000, 'raw')) { // cascade to each section individually foreach ($items as $id => $item) { // limit actual rights $item['active'] = Anchors::ceil_rights($active, $item['active_set']); $query = "UPDATE " . SQL::table_name('articles') . " SET active='" . SQL::escape($item['active']) . "' WHERE id = " . SQL::escape($id); SQL::query($query); // cascade to children Anchors::cascade('article:' . $item['id'], $item['active']); } } } // cascade to files --up to 3000 if ($items = Files::list_by_date_for_anchor($reference, 0, 3000, 'raw')) { // cascade to each section individually foreach ($items as $id => $item) { // limit actual rights $item['active'] = Anchors::ceil_rights($active, $item['active_set']); $query = "UPDATE " . SQL::table_name('files') . " SET active='" . SQL::escape($item['active']) . "' WHERE id = " . SQL::escape($id); SQL::query($query); } } }
function html_header() { if (!defined('SITE_ROOT')) { define('SITE_ROOT', './'); } require SITE_ROOT . 'portal_config.php'; require_once SITE_ROOT . 'include/database.class.php'; $currentUserID = $_SESSION['current_userID']; $db = new SQL(DB_SERVER, DB_USERNAME, DB_PASSWORD, DB_NAME, false); $db->query("SELECT * FROM forum_users WHERE id='{$currentUserID}'"); if ($row = $db->fetch_array()) { $username = $row['username']; $realname = $row['realname']; } $db->close(); if ($realname !== null) { $displayname = $realname; } else { $displayname = $username; } echo ' <div id="wrap"> <div class="navbar navbar-top"><div class="navbar-inner"><div class="container"> <a class="brand" href="#index.php"><div class="logo-ip"></div></a> <div class="btn-group pull-left"> <a href="../forum" class="btn btn-inverse"><i class="icon-rss"></i> Forum Ishare</a> </div> <div class="btn-group"> <button class="btn dropdown-toggle" data-toggle="dropdown"><i class="icon-list muted"></i> KampusLinks <span class="caret"></span></button> <ul class="dropdown-menu"> <li><a href="http://mpp.eng.usm.my/">MPPUSMKKj Official Blog</a></li> <li><a href="http://hepp.eng.usm.my/">BHEPP USMKKj</a></li> <li><a href="http://infodesk.eng.usm.my/">Infodesk PPKT USMKKj</a></li> <li><a href="http://www.eng.usm.my/php/blockedIP/">Blocked Port List</a></li> <li><a href="http://elearning.usm.my/">e-Learning Portal</a></li> <li><a href="http://campusonline.usm.my/">CampusOnline Portal</a></li> <li><a href="http://www.tcom.usm.my/">Sistem Direktori Telefon USM</a></li> <li><a href="http://www.facebook.com/ppkt.eng.usm">Facebook PPKT USMKKj</a></li> <li class="divider"></li> <li><a href="http://hik3.net/refcode"><i class="icon-bookmark"></i> RefCode (Snippets)</a></li> </ul> </div> <div class="btn-group pull-right"> <a href="index.php" class="btn btn-primary"><i class="icon-home icon-white"></i> Home</a> <a href="profile.php?id=' . $currentUserID . '" class="btn btn-inverse"><i class="icon-user"></i> ' . $displayname . '</a> <button class="btn btn-danger dropdown-toggle" data-toggle="dropdown"><span class="caret"></span></button> <ul class="dropdown-menu"> <li><a href="edit_profile.php"><i class="icon-edit muted"></i> Edit Profile</a></li> <li><a href="edit_sharerlink.php"><i class="icon-hdd muted"></i> Edit Sharerlink</a></li> <li class="divider"></li> <li><a href="../forum/login.php?action=out&id=' . $currentUserID . '"><i class="icon-off muted"></i> Logout</a></li> </ul> </div> </div></div></div> '; }
public function set($data) { $userId = $_SESSION["userId"]; $dailyCalories = filter_var($data["daily_calories"], FILTER_SANITIZE_NUMBER_INT); $query = "UPDATE users SET daily_calories = " . $dailyCalories . " WHERE id = " . $userId . ";"; $result = SQL::query($query); return $result; }
function get_realm_name($realm_id) { global $realm_db; $sqlr = new SQL(); $sqlr->connect($realm_db['addr'], $realm_db['user'], $realm_db['pass'], $realm_db['name']); $result = $sqlr->query("SELECT name FROM `realmlist` WHERE id = '{$realm_id}'"); $realm_name = $sqlr->result($result, 0); return $realm_name; }
/** * @param int $group_id * @return bool|mixed|null */ public static function getUserList($group_id) { $sql = 'SELECT user_id FROM ' . self::getFullTableName() . ' WHERE group_id = :id'; $result = SQL::query(self::getConnection(), $sql, array("id" => $group_id)); if($result !== false) return $result; return false; }
function e1_insert_into_conges_config($DEBUG = FALSE) { $sql_insert_1 = "INSERT INTO `conges_config` VALUES ('calendrier_select_all_groups', 'FALSE', '10_Gestion par groupes', 'boolean', 'config_comment_calendrier_select_all_groups')"; $result_insert_1 = SQL::query($sql_insert_1); $sql_insert_2 = "INSERT INTO `conges_config` VALUES ('consult_calendrier_sans_auth', 'FALSE', '04_Authentification', 'boolean', 'config_comment_consult_calendrier_sans_auth')"; $result_insert_2 = SQL::query($sql_insert_2); $sql_insert_3 = "INSERT INTO `conges_config` VALUES ('resp_ajoute_conges', 'TRUE', '06_Responsable', 'boolean', 'config_comment_resp_ajoute_conges')"; $result_insert_3 = SQL::query($sql_insert_3); }
/** * @param bool|int $limit * @return mixed|null */ public static function getAll($limit = false) { $parms = array(); if($limit) $parms = array("limit" => (int) $limit); $sql = "SELECT * FROM " . self::getFullTableName() . ($limit) ? " LIMIT :limit" : ""; return SQL::query(self::getConnection(), $sql, $parms); }
function populate_requestbox() { $db = new SQL(DB_SERVER, DB_USERNAME, DB_PASSWORD, DB_NAME, false); $db->query("SELECT COUNT(id) FROM ip_requests"); $total_request = implode($db->fetch_assoc()); $db->query("SELECT COUNT(id) FROM ip_reply"); $total_reply = implode($db->fetch_assoc()); $db->close(); echo '<div class="alert alert-info">This is <strong>User\'s Request</strong> section (currently contained <strong>' . $total_request . '</strong> request shouts and <strong>' . $total_reply . '</strong> replies). Just use <code>!request</code> code in your shout to make them appear here. Please note that not all your requests will be replied. Lucky if you have!</div>'; echo '<div id="containerx">'; echo '<div class="data"></div>'; echo '<div class="pagination"></div>'; echo '</div>'; echo ' <script> var replyID; $(document).ready(function () { // START DOCUMENT.READY $(".tip-top").tooltip(); function loadData(page){ $("#containerx").html("<div class=\\"loader\\" style=\\"margin-top:10px\\"></div>").fadeIn("fast"); $.ajax({ type: "GET", url: "subfiles/requestbox_more.php?page="+page, success: function(msg){ $("#containerx").html(msg); } }); } loadData(1); // For first time page load default results $("#containerx .pagination li.enx").live("click",function(e){ e.preventDefault(); var page = $(this).attr("p"); loadData(page); }); }); // END DCOUMENT.READY </script> '; }
/** * @param $id * @return mixed|null */ public static function get_by_id($id) { $sql = 'SELECT * FROM ' . self::getFullTableName() . ' WHERE user_id = :id LIMIT 1;'; return SQL::query( self::getConnection(), $sql, array( "id" => $id ) ); }
public function deleteById($id) { $selectId = filter_var($id, FILTER_SANITIZE_NUMBER_INT); $calories = new Calories(); $foodExistsInCaloriesList = $calories->foodExistsInCaloriesList($selectId); if ($foodExistsInCaloriesList) { return array("success" => false); } else { $result = SQL::query("DELETE FROM foods WHERE id = " . $selectId . ";"); return array("success" => $result); } }
function smarty_resource_style_timestamp($tpl_name, &$tpl_timestamp, &$smarty) { // do database call here to populate $tpl_timestamp. $sql = new SQL(); $sql->query("select tpl_timestamp\n from my_table\n where tpl_name='{$tpl_name}'"); if ($sql->num_rows) { $tpl_timestamp = $sql->record['tpl_timestamp']; return true; } else { return false; } }
/** * list profiles * * @param int the offset from the start of the list; usually, 0 or 1 - default is 0 * @param int the number of items to display - default is 10 */ public static function list_by_hits($offset = 0, $count = 10) { global $context; // the list of profiles $query = "SELECT * FROM " . SQL::table_name('profiles') . " " . "ORDER BY total_hits DESC LIMIT " . $offset . ', ' . $count; if ($result = SQL::query($query)) { while ($row = SQL::fetch($result)) { $rows[] = array('left=' . $row['url'], 'left=' . $row['total_hits'], 'left=' . round($row['total_time'] / $row['total_hits'], 3), 'left=' . $row['minimum_time'], 'left=' . $row['maximum_time'], 'left=' . $row['total_time']); } } return $rows; }
function get_mail_text($id) { global $characters_db, $realm_id; if ($id) { $sqlc = new SQL(); $sqlc->connect($characters_db[$realm_id]['addr'], $characters_db[$realm_id]['user'], $characters_db[$realm_id]['pass'], $characters_db[$realm_id]['name']); $result = $sqlc->query("SELECT `body` FROM `mail` WHERE `id` = '{$id}'"); $text_subject = $sqlc->result($result, 0); return $text_subject; } else { return NULL; } }
function get_char_name($id) { global $characters_db, $realm_id; if ($id) { $sqlc = new SQL(); $sqlc->connect($characters_db[$realm_id]['addr'], $characters_db[$realm_id]['user'], $characters_db[$realm_id]['pass'], $characters_db[$realm_id]['name']); $result = $sqlc->query("SELECT `name` FROM `characters` WHERE `guid` = '{$id}'"); $player_name = $sqlc->result($result, 0); return $player_name; } else { return NULL; } }
function dologin(&$sqlr) { global $mmfpm_db, $require_account_verify; if (empty($_POST['user']) || empty($_POST['pass'])) { redirect('login.php?error=2'); } $user_name = $sqlr->quote_smart($_POST['user']); $user_pass = $sqlr->quote_smart($_POST['pass']); if (255 < strlen($user_name) || 255 < strlen($user_pass)) { redirect('login.php?error=1'); } $result = $sqlr->query('SELECT id, username FROM account WHERE username = \'' . $user_name . '\' AND sha_pass_hash = \'' . $user_pass . '\''); $result2 = $sqlr->query('SELECT id, gmlevel FROM account_access'); if ($require_account_verify) { $sqlm = new SQL(); $sqlm->connect($mmfpm_db['addr'], $mmfpm_db['user'], $mmfpm_db['pass'], $mmfpm_db['name']); $result2 = $sqlm->query("SELECT * \n\t\t\t\t\t\t\t\t\tFROM mm_account_verification \n\t\t\t\t\t\t\t\t\tWHERE username = '******'"); if ($sqlm->num_rows($result2) >= 1) { $sqlm->close; redirect('login.php?error=7'); } } unset($user_name); if (1 == $sqlr->num_rows($result)) { $id = $sqlr->result($result, 0, 'id'); if ($sqlr->result($sqlr->query('SELECT count(*) FROM account_banned WHERE id = ' . $id . ' AND active = \'1\''), 0)) { redirect('login.php?error=3'); } else { $_SESSION['user_id'] = $id; $_SESSION['uname'] = $sqlr->result($result, 0, 'username'); if ($sqlr->result($result2, 0, 'gmlevel') == null) { $_SESSION['user_lvl'] = 0; } else { $_SESSION['user_lvl'] = $sqlr->result($result2, 0, 'gmlevel'); } $_SESSION['realm_id'] = $sqlr->quote_smart($_POST['realm']); $_SESSION['client_ip'] = isset($_SERVER['REMOTE_ADDR']) ? $_SERVER['REMOTE_ADDR'] : getenv('REMOTE_ADDR'); $_SESSION['logged_in'] = true; if (isset($_POST['remember']) && $_POST['remember'] != '') { setcookie('uname', $_SESSION['uname'], time() + 60 * 60 * 24 * 7); setcookie('realm_id', $_SESSION['realm_id'], time() + 60 * 60 * 24 * 7); setcookie('p_hash', $user_pass, time() + 60 * 60 * 24 * 7); } redirect('index.php'); } } else { redirect('login.php?error=1'); } }
function find_plugins_activated() { $list_plugins = array(); if ($_SESSION['config']['php_conges_version'] == "1.7.0") { $plugins_inst_activ_query = "SELECT p_name FROM conges_plugins WHERE p_is_active = 1 AND p_is_install = 1;"; $ReqLog_list_plugins = SQL::query($plugins_inst_activ_query); if ($ReqLog_list_plugins->num_rows != 0) { while ($plugin = $ReqLog_list_plugins->fetch_array()) { array_push($list_plugins, $plugin["p_name"]); } } return $list_plugins; } }
/** * @param int $user_id * @param bool|int $cost_id * @return int */ public static function getNumByUserId($user_id, $cost_id = false) { $params["id"] = $user_id; if($cost_id) $params["cost_id"] = $cost_id; $result = SQL::query( self::getConnection(), 'SELECT COUNT(id) FROM ' . self::getFullTableName() . ' WHERE user_id = :id' . (($cost_id) ? ' AND cost_id = :cost_id' : ''), $params ); if($result !== false) return $result[0]["COUNT(id)"]; return 0; }
function uptime() { global $realm, $realmd_host, $realmd_user, $realmd_pass, $realmd_db; $id = $realm['id']; $sqlr = new SQL(); $sqlr->connect($realmd_host, $realmd_user, $realmd_pass, $realmd_db); $query = $sqlr->query("SELECT uptime FROM uptime WHERE realmid='{$id}'"); $result = mysql_fetch_assoc($query); $up = $result['uptime']; $secs = intval($up % 60); $mins = intval($up / 60 % 60); $hours = intval($up / 3600 % 24); $days = intval($up / 86400); return $days . " days " . $hours . " hours " . $mins . " minutes " . $secs . " seconds"; }
public function filterContent(Comments $comment) { if (!is_string($check_text)) { return $check_text; } $sql = new SQL(); $sql->query("select word from filter where level = 2"); $arr = $sql->fetch_all(); if (!empty($arr)) { foreach ($arr as $v) { if (strstr($check_text, $v['word'])) { $check_text = $this->replaceChar($check_text, $v['word']); } } } return $check_text; }
function get_list_all_users_du_hr($resp_login, $DEBUG = FALSE) { $list_users = ""; $sql1 = "SELECT DISTINCT(u_login) FROM conges_users WHERE u_login!='conges' AND u_login!='admin' ORDER BY u_nom "; $ReqLog1 = SQL::query($sql1); while ($resultat1 = $ReqLog1->fetch_array()) { $current_login = $resultat1["u_login"]; if ($list_users == "") { $list_users = "'{$current_login}'"; } else { $list_users = $list_users . ", '{$current_login}'"; } } if ($DEBUG) { echo "list_users = {$list_users}<br>\n"; } return $list_users; }
function change_passwd($new_passwd1, $new_passwd2, $DEBUG = FALSE) { $PHP_SELF = $_SERVER['PHP_SELF']; $session = session_id(); if (strlen($new_passwd1) == 0 || strlen($new_passwd2) == 0 || $new_passwd1 != $new_passwd2) { echo _('user_passwd_error') . "<br>\n"; } else { $passwd_md5 = md5($new_passwd1); $sql1 = 'UPDATE conges_users SET u_passwd=\'' . $passwd_md5 . '\' WHERE u_login=\'' . $_SESSION['userlogin'] . '\' '; $result = SQL::query($sql1); if ($result) { echo _('form_modif_ok') . " <br><br> \n"; } else { echo _('form_mofif_not_ok') . "<br><br> \n"; } } $comment_log = 'changement Password'; log_action(0, '', $_SESSION['userlogin'], $comment_log, $DEBUG); }
/** * execute query and return all data in a reader * * @return SQLDataReader */ public function execute_reader() { $this->parse_query(); if (empty($this->queryParsed)) { return new SQLDataReader(); } $close = $this->conn->status() == 'closed'; $this->conn->open(); $res = $this->conn->query($this->queryParsed); $data = array(); while ($row = $this->conn->fetch_array($res)) { $data[] = $row; } // SQLite causes 'unknown error' after successful fetch of all data. // Don't have a clue why... $ret = empty($this->conn->error()) || $this->conn->error() == 'unknown error'; if ($close) { $this->conn->close(); } return $ret ? new SQLDataReader($data) : new SQLDataReader(); }
public static function loadModules() { //Debug::dump(self::$cfg); //SQL::exec("INSERT INTO [modules]p ([codename],[core],[active],[order]) VALUES ('blog',0,1,1)"); if ($result = SQL::query("SELECT [codename],[core] FROM [modules]p WHERE ([active] == 1) ORDER BY [core] DESC, [order] ASC")) { foreach ($result->fetch() as $module) { if (defined('IN_ACP')) { $ext = '.acp'; } elseif (defined('IN_ACTION')) { $ext = '.action'; } else { $ext = '.sys'; } if ((bool) $module->core) { $path = './app/modules/' . $module->codename . '.mod.php'; } else { $path = './modules/' . $module->codename . '.mod.php'; } if (file_exists($path)) { if (!(include_once $path)) { Debug::error('The module <strong>' . $module->codename . '</strong> could not be loaded.'); } } if ((bool) $module->core) { $path = './app/modules/' . $module->codename . $ext . '.mod.php'; } else { $path = './modules/' . $module->codename . $ext . '.mod.php'; } if (file_exists($path)) { if (!(include_once $path)) { Debug::error('The module <strong>' . $module->codename . '</strong> could not be loaded.'); } } } } else { throw new Exception('The system modules could not be loaded.'); } }
function get_tableau_jour_feries($year, &$tab_year, $DEBUG = FALSE) { $sql_select = 'SELECT jf_date FROM conges_jours_feries WHERE jf_date LIKE \'' . SQL::quote($year) . '-%\' ;'; $res_select = SQL::query($sql_select); $num_select = $res_select->num_rows; if ($num_select != 0) { while ($result_select = $res_select->fetch_array()) { $tab_year[] = $result_select["jf_date"]; } } }
function commit_modif($tab_new_values, $session, $DEBUG = FALSE) { $PHP_SELF = $_SERVER['PHP_SELF']; if ($session == "") { $URL = "{$PHP_SELF}"; } else { $URL = "{$PHP_SELF}?session={$session}"; } // update de la table foreach ($tab_new_values as $nom_mail => $tab_mail) { $subject = addslashes($tab_mail['subject']); $body = addslashes($tab_mail['body']); $req_update = 'UPDATE conges_mail SET mail_subject=\'' . $subject . '\', mail_body=\'' . $body . '\' WHERE mail_nom=\'' . SQL::quote($nom_mail) . '\' '; $result1 = SQL::query($req_update); } echo "<span class = \"messages\">" . _('form_modif_ok') . "</span><br>"; $comment_log = "configuration des mails d\\'alerte"; log_action(0, "", "", $comment_log, $DEBUG); if ($DEBUG) { echo "<a href=\"{$URL}\" method=\"POST\">" . _('form_retour') . "</a><br>\n"; } else { echo "<META HTTP-EQUIV=REFRESH CONTENT=\"2; URL={$URL}\">"; } }
function delete_motd(&$sqlm) { global $action_permission, $realm_id, $mmfpm_db; // minimum permission to view page valid_login($action_permission['delete']); $sqlm = new SQL(); $sqlm->connect($mmfpm_db['addr'], $mmfpm_db['user'], $mmfpm_db['pass'], $mmfpm_db['name']); if (empty($_GET['id'])) { redirect('index.php'); } $id = $sqlm->quote_smart($_GET['id']); if (is_numeric($id)) { } else { redirect('motd.php?error=1'); } $sqlm->query(' DELETE FROM mm_motd WHERE id =' . $id . ''); unset($id); redirect('index.php'); }
$suffix .= ' <form method="post" action="' . $context['url_to_root'] . 'categories/set_as_thumbnail.php"><div>' . '<input type="hidden" name="anchor" value="' . encode_field($member) . '" />' . '<input type="hidden" name="id" value="' . $category_id . '" />' . Skin::build_submit_button(i18n::s('Use this thumbnail as the thumbnail of the page')) . '</div></form>'; } // list sub-categories to be linked, if any // display active and restricted items $where = "categories.active='Y'"; if (Surfer::is_member()) { $where .= " OR categories.active='R'"; } if (Surfer::is_associate()) { $where .= " OR categories.active='N'"; } // only consider live categories $where = '(' . $where . ')' . ' AND ((categories.expiry_date is NULL)' . "\tOR (categories.expiry_date <= '" . NULL_DATE . "') OR (categories.expiry_date > '" . $context['now'] . "'))"; // limit the query to top level only $query = "SELECT categories.id, categories.title " . " FROM " . SQL::table_name('categories') . " AS categories " . " WHERE (" . $where . ") AND (categories.anchor='category:" . $category_id . "')" . " ORDER BY categories.title"; $result = SQL::query($query); $sub_categories = array(); while ($result && ($option = SQL::fetch($result))) { $sub_categories['category:' . $option['id']] = $option['title']; } if (count($sub_categories)) { $suffix .= '<form method="post" action="' . $context['script_url'] . '"><div>' . i18n::s('More specific:') . ' <select name="anchor">'; foreach ($sub_categories as $option_reference => $option_label) { $suffix .= '<option value="' . $option_reference . '">' . $option_label . "</option>\n"; } $suffix .= '</select>' . ' ' . Skin::build_submit_button(" >> ") . '<input type="hidden" name="member" value="' . $member . '">' . '<input type="hidden" name="father" value="category:' . $category_id . '">' . '</div></form>' . "\n"; } // format the item $new_categories[$url] = array($prefix, $label, $suffix, $type, $icon); } // display attached categories with unlink buttons