function login()
{
include "config.php";
if (isset($_POST['usuario']) and isset($_POST['senha']) and $_POST['usuario'] != "" and $_POST['senha'] != "") {
$select = "SELECT * FROM " . $schema . ".cad_usuario where usuario='" . $_POST['usuario'] . "';";
$resultado = mysql_query($select, $conexao) or die(mysql_error());
while ($row = mysql_fetch_array($resultado)) {
$cod_user = $row['cod_usuario'];
$senha_usuario = $row['senha'];
}
if ($senha_usuario == $_POST['senha'] and (isset($_SESSION['loged']) == false or $_SESSION['loged'] == false)) {
$_SESSION['cod_usuario'] = $cod_user;
$_SESSION['user'] = $_POST['usuario'];
$_SESSION['loged'] = true;
$_SESSION['session'] = md5(mt_rand(1, 10000));
$sql = new sql();
$table = "session";
$campos = "username,session,ip";
$values = "'" . $_SESSION['user'] . "','" . $_SESSION['session'] . "','" . $_SERVER['REMOTE_ADDR'] . "'";
$sql->insert($table, $campos, $values, 'N');
} else {
// $login=new login;
// $login->logout();
}
}
}
function rex_opf_sync()
{
global $REX;
// abgleich der replacevalue felder..
$s = new sql();
// $s->debugsql = 1;
$s->setQuery("select clang, replacename, name, count(replacename) from rex_opf_lang group by replacename");
for ($i = 0; $i < $s->getRows(); $i++) {
if (count($REX['CLANG']) != $s->getValue("count(replacename)")) {
reset($REX['CLANG']);
while (list($key, $val) = each($REX['CLANG'])) {
$lclang = $key;
$replacename = $s->getValue("replacename");
$name = $s->getValue("name");
$gs = new sql();
$gs->setQuery("select clang from rex_opf_lang where clang={$lclang} and replacename='{$replacename}'");
if ($gs->getRows() == 0) {
// erstelle
$us = new sql();
$us->setTable("rex_opf_lang");
$us->setValue("clang", $lclang);
$us->setValue("replacename", $replacename);
$us->setValue("name", $name);
$us->insert();
}
}
}
$s->next();
}
}
public function setRecord($data)
{
$data[blocktype] = $this->blocktype;
$operation[$data[operation_id]] = array('date' => $data[action_date], 'comment_id' => sqltable_model::getCommentId($data[comment]));
// если в поле для нового ввели номер сопроводиловки уже существующий в журнале
// то будем править его
$sql = "SELECT * FROM {$this->maintable} WHERE lanch_id='{$data[lanch_id]}'";
$res = sql::fetchOne($sql);
if (empty($res)) {
// гадство! тут нужен уникальный, а без коментариев будет получаться один
sql::insert('coments', array(array("comment" => multibyte::Json_encode($operation))));
$data[coment_id] = sql::lastId();
} else {
$coment = multibyte::Json_decode(sqltable_model::getComment($res[coment_id]));
$coment[$data[operation_id]] = $operation[$data[operation_id]];
// заменить старый по ключу
sql::insertUpdate('coments', array(array("id" => $res[coment_id], "comment" => multibyte::Json_encode($coment))));
$data[edit] = $res[id];
// если был такой его и правим
$data[coment_id] = $res[coment_id];
}
$data[lastoperation] = $data[operation_id];
parent::setRecord($data);
return true;
}
function insertOrder()
{
$sql = new sql();
$sql->debugsql = 0;
$sql->setTable("rex_4_order");
$sql->setValue("overallsum", $this->_overallsum);
$sql->setValue("status", $this->_status);
$sql->setValue("date", date("Y-m-d H:i:s"));
$sql->setValue("name", $this->_name);
$sql->setValue("mailtext", $this->_mailtxt);
$sql->insert();
if ($sql->error == "") {
$order_id = $sql->last_insert_id;
$sql->flush();
$counter = 0;
if (is_array($this->_product)) {
for ($i = 0; $i < count($this->_product['pid']); $i++) {
$sql->setTable("rex_4_order_product");
$sql->setValue("order_id", $order_id);
$sql->setValue("product_id", $this->_product['pid'][$i]);
$sql->setValue("product_name", $this->_product['name'][$i]);
$sql->setValue("amount", $this->_product['amount'][$i]);
$sql->setValue("price", $this->_product['price'][$i]);
$sql->insert();
$sql->flush();
if ($sql->error == "") {
$counter++;
}
}
}
if ($counter == count($this->_product['pid'])) {
return true;
} else {
return false;
}
} else {
return false;
}
}
$NFILENAME = $NFILE_NAME . "_{$cf}" . "{$NFILE_EXT}";
if (!file_exists($REX[MEDIAFOLDER] . "/{$NFILENAME}")) {
break;
}
}
}
if (!move_uploaded_file(${$FILE}, $REX[MEDIAFOLDER] . "/{$NFILENAME}")) {
$message = " - " . $I18N->msg("moving_file_error", $fi) . " | ";
} else {
$FILESQL = new sql();
$FILESQL->setTable("rex_file");
$FILESQL->setValue("filetype", ${$FILETYPE});
$FILESQL->setValue("filename", $NFILENAME);
$FILESQL->setValue("originalname", ${$FILENAME});
$FILESQL->setValue("filesize", ${$FILESIZE});
$FILESQL->insert();
$meta_sql->setValue("file", $NFILENAME);
}
} elseif (${$FILEDEL} == "on") {
$meta_sql->setValue("file", '');
}
// ----------------------------- / FILE UPLOAD
$meta_sql->update();
$article->setQuery("select * from rex_article where id='{$article_id}'");
$err_msg = $I18N->msg("metadata_updated") . $message;
generateArticle($article_id);
}
$typesel = new select();
$typesel->set_name("type_id");
$typesel->set_style("width:100%;");
$typesel->set_size(1);
function write()
{
global $REX, $REX_USER;
$sql = new sql();
$sql->setTable($REX['TABLE_PREFIX'] . '51_cache_article');
foreach ($this->vars as $key => $value) {
$sql->setValue($key, $value);
}
$user = $REX['REDAXO'] ? $REX_USER->getValue('login') : '';
if ($this->exists()) {
$sql->where('article_id=' . $this->article_id . ' AND clang=' . $this->clang);
$sql->setValue('updatedate', time());
$sql->setValue('updateuser', $user);
$sql->update();
} else {
$sql->setValue('article_id', $this->article_id);
$sql->setValue('clang', $this->clang);
$sql->setValue('createdate', time());
$sql->setValue('createuser', $user);
$sql->insert();
}
}
function create_file($cssFile, $cssDir, $cssCatId)
{
if ($cssFile != "") {
global $REX_USER;
$extension = strstr($cssFile, '.');
if (strlen($extension) == "4") {
// ----- neuer filename und extension holen
$NFILENAME = strtolower(preg_replace("/[^a-zA-Z0-9.]/", "_", $cssFile));
if (strrpos($NFILENAME, ".") != "") {
$NFILE_NAME = substr($NFILENAME, 0, strlen($NFILENAME) - (strlen($NFILENAME) - strrpos($NFILENAME, ".")));
$NFILE_EXT = substr($NFILENAME, strrpos($NFILENAME, "."), strlen($NFILENAME) - strrpos($NFILENAME, "."));
} else {
$NFILE_NAME = $NFILENAME;
$NFILE_EXT = "";
}
// ---- ext checken
$ERROR_EXT = array("php", "php3", "php4", "php5", "phtml", "pl", "asp", "aspx", "cfm");
if (in_array($NFILE_EXT, $ERROR_EXT)) {
$NFILE_NAME .= $NFILE_EXT;
$NFILE_EXT = ".txt";
}
$NFILENAME = $NFILE_NAME . $NFILE_EXT;
if ($NFILE_EXT == ".css") {
$FILETYPE = "text/css";
} else {
$FILETYPE = "text/plain";
return $this->errorMsg .= $this->thisFileIsNoCss;
}
// ----- datei schon vorhanden -> warnung ausgeben ->
if (!file_exists($cssDir . $NFILENAME)) {
$openFile = fopen($cssDir . $NFILENAME, "w");
fputs($openFile, "");
fclose($openFile);
$upload = true;
} else {
return $this->errorMsg .= $this->thisFileExists;
}
$FILESIZE = filesize($cssDir . $NFILENAME);
if ($upload) {
@chmod($cssDir . "/{$NFILENAME}", 0777);
$FILESQL = new sql();
//$FILESQL->debugsql=1;
$FILESQL->setTable("rex_file");
$FILESQL->setValue("filetype", $FILETYPE);
$FILESQL->setValue("title", $FILEINFOS[title]);
$FILESQL->setValue("description", $FILEINFOS[description]);
$FILESQL->setValue("copyright", $FILEINFOS[copyright]);
$FILESQL->setValue("filename", $NFILENAME);
$FILESQL->setValue("originalname", $NFILENAME);
$FILESQL->setValue("filesize", $FILESIZE);
$FILESQL->setValue("width", 0);
$FILESQL->setValue("height", 0);
$FILESQL->setValue("category_id", $cssCatId);
$FILESQL->setValue("createdate", time());
$FILESQL->setValue("createuser", $REX_USER->getValue("login"));
$FILESQL->setValue("updatedate", time());
$FILESQL->setValue("updateuser", $REX_USER->getValue("login"));
$FILESQL->insert();
$ok = 1;
}
$this->successMsg .= "Die Datei " . $NFILENAME . " wurde im Medienpool und auf dem Server erfolgeich angelegt.";
} else {
$this->errorMsg .= "Falsche Extension. Eine Extension besteht aus 3 Zeichen. <br /> Datei wurde <strong>NICHT</strong> angelegt.";
}
} else {
$this->errorMsg .= "Bitte geben Sie einen Dateinamen ein.";
}
}
/**
* Erstellt eine Clang
*
* @param $id Id der Clang
* @param $name Name der Clang
*/
function rex_addCLang($id, $name)
{
global $REX;
$REX['CLANG'][$id] = $name;
$content = "// --- DYN\n\r";
reset($REX['CLANG']);
for ($i = 0; $i < count($REX['CLANG']); $i++) {
$cur = key($REX['CLANG']);
$val = current($REX['CLANG']);
$content .= "\n\r\$REX['CLANG']['{$cur}'] = \"{$val}\";";
next($REX['CLANG']);
}
$content .= "\n\r// --- /DYN";
$file = $REX['INCLUDE_PATH'] . "/clang.inc.php";
$h = fopen($file, "r");
$fcontent = fread($h, filesize($file));
$fcontent = ereg_replace("(\\/\\/.---.DYN.*\\/\\/.---.\\/DYN)", $content, $fcontent);
fclose($h);
$h = fopen($file, "w+");
fwrite($h, $fcontent, strlen($fcontent));
fclose($h);
@chmod($file, 0777);
$add = new sql();
$add->setQuery("select * from " . $REX['TABLE_PREFIX'] . "article where clang='0'");
$fields = $add->getFieldnames();
for ($i = 0; $i < $add->getRows(); $i++) {
$adda = new sql();
// $adda->debugsql = 1;
$adda->setTable($REX['TABLE_PREFIX'] . "article");
reset($fields);
while (list($key, $value) = each($fields)) {
if ($value == "pid") {
echo "";
} else {
if ($value == "clang") {
$adda->setValue("clang", $id);
} else {
if ($value == "status") {
$adda->setValue("status", "0");
} else {
$adda->setValue($value, rex_addslashes($add->getValue("{$value}")));
}
}
}
// createuser
// updateuser
}
$adda->insert();
$add->next();
}
$add = new sql();
$add->query("insert into " . $REX['TABLE_PREFIX'] . "clang set id='{$id}',name='{$name}'");
// ----- EXTENSION POINT
rex_register_extension_point('CLANG_ADDED', '', array('id' => $id, 'name' => $name));
rex_generateAll();
}
/**
* The insert method, call sql::insert().
*
* @param string $table
* @access public
* @return object the dao object self.
*/
public function insert($table)
{
$this->setMode('raw');
$this->setMethod('insert');
$this->sqlobj = sql::insert($table);
$this->setTable($table);
return $this;
}
}
}
// ----- linklist
$newsql->setValue("linklist{$fi}", $REX_ACTION['LINKLIST'][$fi]);
// ----- medialist
$newsql->setValue("filelist{$fi}", $REX_ACTION['MEDIALIST'][$fi]);
}
$newsql->setValue("updatedate", time());
$newsql->setValue("updateuser", $REX_USER->getValue("login"));
if ($function == "edit") {
$newsql->update();
$message .= $I18N->msg('block_updated');
} elseif ($function == "add") {
$newsql->setValue("createdate", time());
$newsql->setValue("createuser", $REX_USER->getValue("login"));
$newsql->insert();
$last_id = $newsql->last_insert_id;
$newsql->query("update " . $REX['TABLE_PREFIX'] . "article_slice set re_article_slice_id='{$last_id}' where re_article_slice_id='{$slice_id}' and id<>'{$last_id}' and article_id='{$article_id}' and clang={$clang}");
$message .= $I18N->msg('block_added');
$slice_id = $last_id;
}
} else {
// make delete
$re_id = $CM->getValue($REX['TABLE_PREFIX'] . "article_slice.re_article_slice_id");
$newsql = new sql();
$newsql->setQuery("select * from " . $REX['TABLE_PREFIX'] . "article_slice where re_article_slice_id='{$slice_id}'");
if ($newsql->getRows() > 0) {
$newsql->query("update " . $REX['TABLE_PREFIX'] . "article_slice set re_article_slice_id='{$re_id}' where id='" . $newsql->getValue("id") . "'");
}
$newsql->query("delete from " . $REX['TABLE_PREFIX'] . "article_slice where id='{$slice_id}'");
$message = $I18N->msg('block_deleted');
$adduser->setValue("newsletter", $unewsletter);
if ($ushowinfo != "") {
$ushowinfo = 1;
} else {
$ushowinfo = 0;
}
$adduser->setValue("showinfo", $ushowinfo);
// unnoetig ?
/*
if ($usendmail != "") $usendmail = 1;
else $usendmail = 0;
$adduser->setValue("sendmail",$usendmail);
*/
// Markus => http://forum.redaxo.de/viewtopic.php?t=235
$adduser->setValue("sendmail", $usendmail);
$adduser->insert();
$user_id = 0;
$function = "";
$message = "User wurde hinzugefügt !";
unset($FADD);
} else {
$message = "Login existiert schon oder ist nicht korrekt!";
}
}
$SHOW = true;
if ($FADD != "") {
// ------------------------------------ USER HINZUFÜGEN
$SHOW = false;
echo "\t<table border=0 cellpadding=5 cellspacing=1 width=770>\n\t\t<form action=index.php method=post>\n\t\t<input type=hidden name=page value=community>\n\t\t<input type=hidden name=subpage value=user>\n\t\t<input type=hidden name=save value=1>\n\t\t<tr>\n\t\t\t<th align=left colspan=4 class=dgrey><b>User hinzufügen</b></th>\n\t\t</tr>";
if ($message != "") {
echo "<tr><td align=center class=warning><img src=pics/warning.gif width=16 height=16></td><td colspan=3 class=warning>{$message}</td></tr>";
function copyCategory($which, $to_cat)
{
## orginal selecten
$orig = new sql();
$orig->setQuery("SELECT * FROM rex_category WHERE id={$which}");
if ($to_cat != 0) {
## ziel selecten um den path zu bekomme
$ziel = new sql();
$ziel->setQuery("SELECT * FROM rex_category WHERE id={$to_cat}");
$zielpath = $ziel->getValue("path") . "-" . $to_cat;
} else {
## ziel is top also path
$zielpath = "";
}
## neue kategorie schreiben
$add = new sql();
$add->setTable("rex_category");
$add->setValue("name", $orig->getValue("name"));
$add->setValue("re_category_id", $to_cat);
$add->setValue("prior", $orig->getValue("prior"));
$add->setValue("path", $zielpath);
$add->setvalue("status", $orig->getValue("status"));
$add->insert();
## artikel kopieren order by !!! da sonst startartikel falsch
$articles = new sql();
$articles->setQuery("SELECT * FROM rex_article WHERE category_id={$which} order by startpage desc");
for ($i = 0; $i < $articles->rows; $i++, $articles->next()) {
copyArticle($articles->getValue("id"), $add->last_insert_id);
}
## suchen nach unterkategorien und diese dann natürlich mitkopieren
## "rekursier on" hier
$subcats = new sql();
$subcats->setQuery("SELECT * FROM rex_category WHERE re_category_id={$which}");
for ($i = 0; $i < $subcats->rows; $i++, $subcats->next()) {
copyCategory($subcats->getValue("id"), $add->last_insert_id);
}
}
function inserir_arquivo_ofx_lancamentos($tb, $data_inicio, $data_fim, $carteira)
{
include "config.php";
$sql = new sql();
$table = "arquivo_ofx_lancamentos";
$where = "cod_carteira='" . $carteira . "' and (DTPOSTED between '" . $data_inicio . "' and '" . $data_fim . "')";
$sql->delete($table, $where);
$table = "captacao_cartas_baixas";
$campos = "cod_conciliacao=0";
$where = "cod_carteira='" . $carteira . "' and (data_baixa between '" . $data_inicio . "' and '" . $data_fim . "')";
$sql->update($table, $campos, $where);
$table = "arquivo_ofx_lancamentos";
$campos = "`cod_carteira`,`TRNTYPE`,`DTPOSTED`,`TRNAMT`,`FITID`,`CHECKNUM`,`MEMO`";
$values = $tb;
$sql->insert($table, $campos, $values);
}
print "<tr><td class=grey>Datei:</td><td class=grey><input type=file name=file_new size=30></td></tr>";
print "<tr><td class=grey> </td><td class=grey><input type=submit value=\"" . $I18N->msg('pool_file_upload') . "\">";
if ($opener_input_field != "REX_MEDIA_0") {
echo "<input type=submit name=saveandexit value=\"" . $I18N->msg('pool_file_upload_get') . "\">";
}
print "</td></tr>\n";
print "</form>\n";
print "</table>\n";
#######
}
// ------------------------------------- Kategorienverwaltung
if ($media_method == 'add_file_cat') {
$db = new sql();
$db->setTable('rex_file_category');
$db->setValue('name', $cat_name);
$db->insert();
$msg = $I18N->msg('pool_kat_saved', $cat_name);
} elseif ($media_method == 'edit_file_cat') {
$db = new sql();
//$db->debugsql = true;
$db->setTable('rex_file_category');
$db->where("id='{$cat_id}'");
$db->setValue('name', $cat_name);
$db->update();
$msg = $I18N->msg('pool_kat_updated', $cat_name);
$cat_id = "";
} elseif ($media_method == 'delete_file_cat') {
$gf = new sql();
$gf->setQuery("select * from rex_file where category_id='{$cat_id}'");
if ($gf->getRows() == 0) {
$gf->setQuery("delete from rex_file_category where id='{$cat_id}'");
function saveMedia($FILE, $filefolder, $extensions_array, $rex_file_category)
{
global $REX;
$FILENAME = $FILE['name'];
$FILESIZE = $FILE['size'];
$FILETYPE = $FILE['type'];
$NFILENAME = "";
$message = '';
// ----- neuer filename und extension holen
$NFILENAME = strtolower(preg_replace("/[^a-zA-Z0-9.\\-\$\\+]/", "_", $FILENAME));
if (strrpos($NFILENAME, ".") != "") {
$NFILE_NAME = substr($NFILENAME, 0, strlen($NFILENAME) - (strlen($NFILENAME) - strrpos($NFILENAME, ".")));
$NFILE_EXT = substr($NFILENAME, strrpos($NFILENAME, "."), strlen($NFILENAME) - strrpos($NFILENAME, "."));
} else {
$NFILE_NAME = $NFILENAME;
$NFILE_EXT = "";
}
// ---- ext checken
$ERROR_EXT = array(".php", ".php3", ".php4", ".php5", ".phtml", ".pl", ".asp", ".aspx", ".cfm");
if (in_array($NFILE_EXT, $ERROR_EXT)) {
$NFILE_NAME .= $NFILE_EXT;
$NFILE_EXT = ".txt";
}
$standard_extensions_array = array(".rtf", ".pdf", ".doc", ".gif", ".jpg", ".jpeg");
if (count($extensions_array) == 0) {
$extensions_array = $standard_extensions_array;
}
if (!in_array($NFILE_EXT, $extensions_array)) {
$RETURN = FALSE;
$RETURN['ok'] = FALSE;
return $RETURN;
}
$NFILENAME = $NFILE_NAME . $NFILE_EXT;
// ----- datei schon vorhanden -> namen aendern -> _1 ..
if (file_exists($filefolder . "/{$NFILENAME}")) {
for ($cf = 1; $cf < 1000; $cf++) {
$NFILENAME = $NFILE_NAME . "_{$cf}" . "{$NFILE_EXT}";
if (!file_exists($filefolder . "/{$NFILENAME}")) {
break;
}
}
}
// ----- dateiupload
$upload = true;
if (!move_uploaded_file($FILE['tmp_name'], $filefolder . "/{$NFILENAME}")) {
if (!copy($FILE['tmp_name'], $filefolder . "/{$NFILENAME}")) {
$message .= "move file {$NFILENAME} failed | ";
$RETURN = FALSE;
$RETURN['ok'] = FALSE;
return $RETURN;
}
}
@chmod($filefolder . "/{$NFILENAME}", $REX['FILEPERM']);
$RETURN['type'] = $FILETYPE;
$RETURN['msg'] = $message;
$RETURN['ok'] = TRUE;
$RETURN['filename'] = $NFILENAME;
$FILESQL = new sql();
// $FILESQL->debugsql=1;
$FILESQL->setTable($REX['TABLE_PREFIX'] . "file");
$FILESQL->setValue("filetype", $FILETYPE);
$FILESQL->setValue("filename", $NFILENAME);
$FILESQL->setValue("originalname", $FILENAME);
$FILESQL->setValue("filesize", $FILESIZE);
$FILESQL->setValue("category_id", $rex_file_category);
$FILESQL->setValue("createdate", time());
$FILESQL->setValue("createuser", "system");
$FILESQL->setValue("updatedate", time());
$FILESQL->setValue("updateuser", "system");
$FILESQL->insert();
return $RETURN;
}
function media_savefile($FILE, $rex_file_category, $FILEINFOS)
{
$FILENAME = $FILE[name];
$FILESIZE = $FILE[size];
$FILETYPE = $FILE[type];
$NFILENAME = "";
$REX = $GLOBALS[REX];
// generiere neuen dateinamen
for ($cn = 0; $cn < strlen($FILENAME); $cn++) {
$char = substr($FILENAME, $cn, 1);
if (preg_match("([_A-Za-z0-9\\.-])", $char)) {
$NFILENAME .= strtolower($char);
} else {
if ($char == " ") {
$NFILENAME .= "_";
}
}
}
if (strrpos($NFILENAME, ".") != "") {
$NFILE_NAME = substr($NFILENAME, 0, strlen($NFILENAME) - (strlen($NFILENAME) - strrpos($NFILENAME, ".")));
$NFILE_EXT = substr($NFILENAME, strrpos($NFILENAME, "."), strlen($NFILENAME) - strrpos($NFILENAME, "."));
} else {
$NFILE_NAME = $NFILENAME;
$NFILE_EXT = "";
}
if ($NFILE_EXT == ".php" || $NFILE_EXT == ".php3" || $NFILE_EXT == ".php4" || $NFILE_EXT == ".php5" || $NFILE_EXT == ".phtml" || $NFILE_EXT == ".pl" || $NFILE_EXT == ".asp" || $NFILE_EXT == ".aspx" || $NFILE_EXT == ".cfm") {
$NFILE_EXT .= ".txt";
}
$NFILENAME = $NFILE_NAME . $NFILE_EXT;
if (file_exists($REX[MEDIAFOLDER] . "/{$NFILENAME}")) {
// datei schon vorhanden ? wenn ja dann _1
for ($cf = 0; $cf < 1000; $cf++) {
$NFILENAME = $NFILE_NAME . "_{$cf}" . "{$NFILE_EXT}";
if (!file_exists($REX[MEDIAFOLDER] . "/{$NFILENAME}")) {
break;
}
}
}
if (!move_uploaded_file($FILE[tmp_name], $REX[MEDIAFOLDER] . "/{$NFILENAME}")) {
if (!copy($FILE[tmp_name], $REX[MEDIAFOLDER] . "/{$NFILENAME}")) {
$message .= "move file {$FILENAME} failed | ";
$ok = 0;
$nocopy = true;
}
}
if (!$nocopy) {
if ($REX[MEDIAFOLDERPERM] == "") {
$REX[MEDIAFOLDERPERM] = "0777";
}
chmod($REX[MEDIAFOLDER] . "/{$NFILENAME}", 0777);
// get widht height
$size = @getimagesize($REX[MEDIAFOLDER] . "/{$NFILENAME}");
$FILESQL = new sql();
//$FILESQL->debugsql=1;
$FILESQL->setTable("rex_file");
$FILESQL->setValue("filetype", $FILETYPE);
$FILESQL->setValue("title", $FILEINFOS[title]);
$FILESQL->setValue("description", $FILEINFOS[description]);
$FILESQL->setValue("copyright", $FILEINFOS[copyright]);
$FILESQL->setValue("filename", $NFILENAME);
$FILESQL->setValue("originalname", $FILENAME);
$FILESQL->setValue("filesize", $FILESIZE);
$FILESQL->setValue("width", $size[0]);
$FILESQL->setValue("height", $size[1]);
$FILESQL->setValue("category_id", $rex_file_category);
$FILESQL->setValue("stamp", time());
$FILESQL->insert();
$ok = 1;
}
$RETURN[msg] = $message;
$RETURN[ok] = $ok;
$RETURN[filename] = $NFILENAME;
return $RETURN;
}
<?php
/**
* Created by PhpStorm.
* User: Alex Sandiyarov
* Date: 13.12.15
* Time: 12:17
*/
$news = new News();
$a = $news->getAll();
var_dump($a);
//$news->add($data);
//$news->update($title2, $id);
$a = new sql();
$a->get('*', 'news', 'ORDER BY date DESC');
print_r($a->packToArray());
print_r($a->get('*', 'news', 'WHERE id = 4'));
$a->insert('news', 'id, title', '"34543435434534353453455", "sadsadas"');
$a->update('news', 'title = "KUKU"', '4');
$sql->setValue("category", $diecats);
$sql->setValue("description", $article[desc]);
$sql->setValue("detaildesc", $VALUE[1]);
$sql->setValue("price", $article[price]);
$sql->setValue("old_price", $article[oldprice]);
$sql->setValue("deliver_price", $article[deliverprice]);
$sql->setValue("mwst", $article[tax]);
$sql->setValue("picture", $picture);
$sql->setValue("instock", $article[instock]);
$sql->setValue("stockinfo", $article[stockinfo]);
$sql->setValue("relation_1", $article[relation_1]);
$sql->setValue("relation_2", $article[relation_2]);
$sql->setValue("relation_3", $article[relation_3]);
$sql->setValue("thumbnail", $thumbnail);
$sql->setValue("status", $article[status]);
$sql->insert();
}
$aid = $theid;
if ($sql->error != "") {
echo preg_replace("!##msg##!", $I18N_SIMPLE_SHOP->msg("error"), $message_corpus);
} else {
echo preg_replace("!##msg##!", $I18N_SIMPLE_SHOP->msg("product_added"), $message_corpus);
if ($uebernehmen) {
$send = 0;
} else {
$send = 1;
$function = "";
}
}
}
}
function saveMessage($subject, $message, $message_id, $anonymous_user = '')
{
global $FORM;
if ($this->anonymous == true && $anonymous_user == '') {
$this->errmsg = $this->text[300];
if ($message_id > 0) {
return $this->showMessage();
} else {
return $this->showAddTopic();
}
}
if ($message_id > 0) {
// reply
$r_sql = new sql($this->DB);
$r_sql->setQuery("select * from {$this->table} where message_id='{$message_id}' and board_id='" . $this->boardname . "' and status='1'");
if (trim($message) == "" && $r_sql->getRows() == 1) {
$this->errmsg = $this->text[200];
} elseif ($r_sql->getRows() == 1) {
// insert reply
$r_sql = new sql($this->DB);
$r_sql->setTable($this->table);
$r_sql->setValue("user_id", $this->user_id);
$r_sql->setValue("message", $message);
$r_sql->setValue("re_message_id", $message_id);
$r_sql->setValue("stamp", date("YmdHis"));
$r_sql->setValue("board_id", $this->boardname);
// vscope anonymous hack
if ($anonymous_user != '') {
$r_sql->setValue("anonymous_user", $anonymous_user);
}
$r_sql->insert();
// update message
$u_sql = new sql($this->DB);
$u_sql->setQuery("select * from {$this->table} where re_message_id='{$message_id}' and status='1'");
$u_sql->setTable($this->table);
$u_sql->where("message_id='{$message_id}'");
$u_sql->setValue("last_entry", date("YmdHis"));
$u_sql->setValue("replies", $u_sql->getRows());
$u_sql->update();
$this->errmsg = $this->text[210];
} else {
$this->errmsg = $this->text[220];
}
$return = $this->showMessage();
} else {
// new topic
if ($subject != "") {
$r_sql = new sql($this->DB);
//$r_sql->debugsql = 1;
$r_sql->setTable($this->table);
$r_sql->setValue("user_id", $this->user_id);
$r_sql->setValue("subject", $subject);
$r_sql->setValue("message", $message);
$r_sql->setValue("re_message_id", 0);
$r_sql->setValue("stamp", date("YmdHis"));
$r_sql->setValue("last_entry", date("YmdHis"));
$r_sql->setValue("board_id", $this->boardname);
$r_sql->setValue("replies", 0);
// vscope anonymous hack
if ($anonymous_user != '') {
$r_sql->setValue("anonymous_user", $anonymous_user);
}
$r_sql->insert();
$this->errmsg = $this->text[230];
$return = $this->showMessages();
} else {
$this->errmsg = $this->text[240];
$return = $this->showAddTopic();
}
}
return $return;
}
$resultado = mysql_query($select, $conexao) or die(mysql_error());
//if(mysql_num_rows($resultado)>=1){return true;}else{return false;}
$cod_centro_custo = mysql_fetch_array($resultado);
//if($cod_centro_custo==false){return 'false';}else{ return 'true';}
$cod_centro_custo = $cod_centro_custo[0];
return $cod_centro_custo;
}
if (isset($_POST) and isset($_POST['act']) and isset($_POST['mod']) and $_POST['act'] == 'editar' and $_POST['mod'] == 'cad_conta') {
if (isset($_POST['cod_conta']) and $_POST['cod_conta'] == 0) {
//novo
$cod_conta_mae = id_conta($_POST['numero_conta_mae']);
$cod_plano_conta = cod_plano_conta();
$tabela = "cad_conta";
$campos_insert = "`cod_conta_mae`,`numero_conta`,`cod_plano_conta`,`descricao`,`cod_tipo_conta`,`saldo_inicial`,`saldo_atual`,`status`";
$values = "'" . $cod_conta_mae . "','" . $_POST['numero_conta'] . "','" . $cod_plano_conta . "','" . $_POST['descricao'] . "','" . $_POST['cod_tipo_conta'] . "','" . $_POST['saldo_inicial'] . "','" . $_POST['saldo_atual'] . "','" . $_POST['status'] . "'";
$sql->insert($tabela, $campos_insert, $values, 'S');
}
if (isset($_POST['cod_conta']) and $_POST['cod_conta'] != "") {
//atualizar
$cod_conta_mae = id_conta($_POST['numero_conta_mae']);
$cod_plano_conta = cod_plano_conta();
$tabela = "cad_conta";
$campos = "`cod_conta_mae`='" . $cod_conta_mae . "',`numero_conta`='" . $_POST['numero_conta'] . "',`cod_plano_conta`='" . $cod_plano_conta . "',`descricao`='" . $_POST['descricao'] . "',`cod_tipo_conta`='" . $_POST['cod_tipo_conta'] . "',`saldo_inicial`='" . $_POST['saldo_inicial'] . "',`saldo_atual`='" . $_POST['saldo_atual'] . "',`status`='" . $_POST['status'] . "'";
$where = "`cod_conta`='" . $_POST['cod_conta'] . "'";
$sql->update($tabela, $campos, $where, 'S');
}
}
if (isset($_POST) and isset($_POST['act']) and isset($_POST['mod']) and $_POST['act'] == 'editar' and $_POST['mod'] == 'cad_centro_custo') {
if (isset($_POST['cod_centro_custo']) and ($_POST['cod_centro_custo'] == "" or $_POST['cod_centro_custo'] == 0)) {
//novo
$cod_centro_custo_mae = id_centro_custo($_POST['numero_centro_custo_mae']);
$AART->setValue("name", $article_name);
$AART->setValue("catname", $article_name);
$AART->setValue("clang", $key);
$AART->setValue("re_id", $category_id);
$AART->setValue("prior", $Position_New_Article);
$AART->setValue("path", $KATPATH);
$AART->setValue("startpage", 0);
$AART->setValue("status", 0);
$AART->setValue("online_from", time());
$AART->setValue("online_to", mktime(0, 0, 0, 1, 1, 2010));
$AART->setValue("createdate", time());
$AART->setValue("createuser", $REX_USER->getValue("login"));
$AART->setValue("updatedate", time());
$AART->setValue("updateuser", $REX_USER->getValue("login"));
$AART->setValue("template_id", $template_id);
$AART->insert();
// ----- PRIOR
rex_newArtPrio($category_id, $key, 0, $Position_New_Article);
}
rex_generateArticle($id);
// ----- EXTENSION POINT
$message = rex_register_extension_point('ART_ADDED', $message, array("id" => $id, "status" => 0, "name" => $article_name, "re_id" => $category_id, "prior" => $Position_New_Article, "path" => $KATPATH, "template_id" => $template_id));
} else {
if (isset($function) and $function == "edit_article" && $article_id != "" && $KATPERM) {
// --------------------- ARTIKEL EDIT
$Position_Article = (int) $Position_Article;
if ($Position_Article == 0) {
$Position_Article = 1;
}
$amessage = $I18N->msg("article_updated");
$EA = new sql();
$message .= "<br><br>";
} else {
$delete->query("delete from rex_article_type where type_id='{$type_id}'");
$delete->query("update rex_article set type_id='1' where type_id='{$type_id}'");
$message = $I18N->msg("article_type_deleted");
}
} else {
$message = $I18N->msg("article_type_could_not_be_deleted");
}
} elseif ($function == "add" && $save == 1) {
$add = new sql();
$add->setTable("rex_article_type");
$add->setValue("name", $typname);
$add->setValue("type_id", $type_id);
$add->setValue("description", $description);
$add->insert();
$type_id = 0;
$function = "";
$message = $I18N->msg("article_type_added");
}
echo "\t<table class=rex style=table-layout:auto; cellpadding=5 cellspacing=1>\r\n\t\t<tr>\r\n\t\t\t<th class=icon><a href=index.php?page=specials&spage=type&function=add>+</a></th>\r\n\t\t\t<th class=icon>" . $I18N->msg("article_type_list_id") . "</th>\r\n\t\t\t<th width=250>" . $I18N->msg("article_type_list_name") . "</th>\r\n\t\t\t<th colspan=2>" . $I18N->msg("article_type_list_description") . "</th>\r\n\t\t</tr>\r\n\t\t";
if ($message != "") {
echo "<tr class=warning><td class=icon><img src=pics/warning.gif width=16 height=16></td><td colspan=5>{$message}</td></tr>";
}
$sql = new sql();
$sql->setQuery("select * from rex_article_type order by type_id");
if ($function == "add") {
echo "\t<tr>\r\n\t\t\t<form action=index.php method=post>\r\n\t\t\t<input type=hidden name=page value=specials>\r\n\t\t\t<input type=hidden name=spage value=type>\r\n\t\t\t<input type=hidden name=save value=1>\r\n\t\t\t<td> </td>\r\n\t\t\t<td valign=top><input style='width:30px;' type=text size=5 maxlength=2 name=type_id value=\"" . htmlentities($type_id) . "\"></td>\r\n\t\t\t<td valign=top><input class=inp100 type=text size=20 name=typname value=\"" . htmlentities($typname) . "\"></td>\r\n\t\t\t<td><input style='width:100%' type=text size=20 name=description value=\"" . htmlentities($description) . "\"></td>\r\n\t\t\t<td valign=top><input type=submit name=function value=add></td>\r\n\t\t\t</form>\r\n\t\t\t</tr>";
}
for ($i = 0; $i < $sql->getRows(); $i++) {
if ($type_id == $sql->getValue("type_id")) {
function saveMessage()
{
if ($this->anonymous == true && $this->msg["bb_msg_anouser"] == '') {
$this->errmsg = $this->text[300];
if ($this->msg["bb_msg_id"] > 0) {
return $this->showMessage();
} else {
return $this->showAddTopic();
}
}
if ($this->msg["bb_msg_id"] > 0) {
// reply
$r_sql = new sql();
$r_sql->setQuery("select * from rex_5_board where message_id='" . $this->msg["bb_msg_id"] . "' and board_id='" . $this->boardname . "' and status='1'");
if (trim($this->msg["bb_msg_message"]) == "" && $r_sql->getRows() == 1) {
$this->errmsg = $this->text[200];
} elseif ($r_sql->getRows() == 1) {
// insert reply
$r_sql = new sql();
$r_sql->setTable("rex_5_board");
if ($this->anonymous) {
$r_sql->setValue("user_id", $this->msg["bb_msg_anouser"]);
} else {
$r_sql->setValue("user_id", $this->user_id);
}
$r_sql->setValue("message", $this->msg["bb_msg_message"]);
$r_sql->setValue("re_message_id", $this->msg["bb_msg_id"]);
$r_sql->setValue("stamp", time());
$r_sql->setValue("board_id", $this->boardname);
$r_sql->setValue("status", 1);
$r_sql->insert();
// update message
$u_sql = new sql();
$u_sql->setQuery("select * from rex_5_board where re_message_id='" . $this->msg["bb_msg_id"] . "' and status='1'");
$u_sql->setTable("rex_5_board");
$u_sql->where("message_id='" . $this->msg["bb_msg_id"] . "'");
$u_sql->setValue("last_entry", time());
$u_sql->setValue("replies", $u_sql->getRows());
$u_sql->update();
$this->errmsg = $this->text[210];
$this->msg["bb_msg_message"] = "";
$this->msg["bb_msg_subject"] = "";
} else {
$this->errmsg = $this->text[220];
}
$return = $this->showMessage();
} else {
// new topic
if ($this->msg["bb_msg_subject"] != "") {
$r_sql = new sql();
//$r_sql->debugsql = 1;
$r_sql->setTable("rex_5_board");
if ($this->anonymous) {
$r_sql->setValue("user_id", $this->msg["bb_msg_anouser"]);
} else {
$r_sql->setValue("user_id", $this->user_id);
}
$r_sql->setValue("subject", $this->msg["bb_msg_subject"]);
$r_sql->setValue("message", $this->msg["bb_msg_message"]);
$r_sql->setValue("re_message_id", 0);
$r_sql->setValue("stamp", time());
$r_sql->setValue("last_entry", time());
$r_sql->setValue("board_id", $this->boardname);
$r_sql->setValue("replies", 0);
$r_sql->setValue("status", 1);
$r_sql->insert();
$this->errmsg = $this->text[230];
$return = $this->showMessages();
$this->msg["bb_msg_message"] = "";
$this->msg["bb_msg_subject"] = "";
} else {
$this->errmsg = $this->text[240];
$return = $this->showAddTopic();
}
}
return $return;
}
function upload($id)
{
//move arquivo
$arquivo = $_FILES['my_uploaded_file'];
//Salvando o Arquivo
$nome_arquivo = md5(mt_rand(1, 10000) . $arquivo['name']) . '.jpg';
$caminho_arquivo = "fotos/";
if (!file_exists($caminho_arquivo)) {
mkdir($caminho_arquivo, 0755);
}
$caminho = $caminho_arquivo . $nome_arquivo;
move_uploaded_file($arquivo['tmp_name'], "../" . $caminho);
$table = "cad_imagens";
$campos = "`cod_item`, `endereco_imagem`";
$values = "'" . $id . "','" . $caminho . "'";
$msg = "N";
$sql = new sql();
$sql->insert($table, $campos, $values, $msg);
}
function showForm()
{
global $FORM, $REX;
// --------------------------------- EDIT: 1. WERTE AUS DB HOLEN
for ($i = 0; $i < $this->counter; $i++) {
if ($this->value_type[$i] != "multipleselectsql") {
if ($FORM[$this->rfid][submit] != 1 && $this->form_type == "edit") {
$FORM[$this->rfid][values][$i] = htmlentities($this->sql->getValue($this->value_tbl[$i]));
} else {
$FORMVAL[$this->rfid][values][$i] = htmlentities($this->sql->getValue($this->value_tbl[$i]));
}
} else {
$selsql = new sql();
$selsql->setQuery("select * from " . $this->type_value5[$i] . " where " . $this->type_value6[$i]);
for ($j = 0; $j < $selsql->getRows(); $j++) {
if ($FORM[$this->rfid][submit] != 1 && $this->form_type == "edit") {
$FORM[$this->rfid][values][$i][] = $selsql->getValue($this->type_value7[$i]);
} else {
$FORMVAL[$this->rfid][values][$i][] = $selsql->getValue($this->type_value7[$i]);
}
$selsql->next();
}
}
}
// --------------------------------- ABGESCHICKTE EINGABEN CHECKEN
if ($FORM[$this->rfid][submit] == 1) {
// ----------------------------- eingaben überprüfen
$this->form_show = false;
for ($i = 0; $i < $this->counter; $i++) {
if ($this->value_check[$i] != "") {
if ($FORM[$this->rfid][values][$i] == "") {
$errmsg .= "Bitte tragen Sie '" . $this->value_form[$i] . "' ein! <br>";
$this->form_show = true;
}
}
}
}
// --------------------------------- EDIT: SPEICHERN FALLS MÖGLICH
if ($FORM[$this->rfid][submit] == 1 && $this->form_type == "edit") {
if ($errmsg == "") {
$aa = new sql();
$aa->debugsql = 0;
$aa->setTable($this->tbl_name);
$aa->where($this->form_where);
for ($i = 0; $i < $this->counter; $i++) {
if ($this->value_type[$i] == "picjpg") {
$folder = $this->type_value1[$i];
$foldertmp = $REX[INCLUDE_PATH] . "/../../ss_pics/";
$fname = $_FILES[FORM][name][$this->rfid][values][$i];
if ($fname != "") {
// neues file
$nfname = $this->checkFilename($fname, $folder);
if ($nfname[ext] == ".jpg") {
$ftmpname = $_FILES[FORM][tmp_name][$this->rfid][values][$i];
move_uploaded_file($ftmpname, $foldertmp . $nfname[nname]);
$this->resizeJPGImage($foldertmp . $nfname[nname], $folder . $nfname[nname], $this->type_value3[$i], $this->type_value4[$i]);
$FORM[$this->rfid][values][$i] = $nfname[nname];
$aa->setValue($this->value_tbl[$i], $FORM[$this->rfid][values][$i]);
}
} elseif ($FORM[$this->rfid][values][$i][delete] != "") {
$FORM[$this->rfid][values][$i] = "";
$aa->setValue($this->value_tbl[$i], $FORM[$this->rfid][values][$i]);
} else {
$FORM[$this->rfid][values][$i] = $FORMVAL[$this->rfid][values][$i];
}
} elseif ($this->value_type[$i] == "file") {
$folder = $REX[INCLUDE_PATH] . "/../../ss_pics/";
$fname = $_FILES[FORM][name][$this->rfid][values][$i];
if ($fname != "") {
$nfname = $this->checkFilename($fname, $folder);
$ftmpname = $_FILES[FORM][tmp_name][$this->rfid][values][$i];
move_uploaded_file($ftmpname, $folder . $nfname[nname]);
$FORM[$this->rfid][values][$i] = $nfname[nname];
$aa->setValue($this->value_tbl[$i], $FORM[$this->rfid][values][$i]);
} elseif ($FORM[$this->rfid][values][$i][delete] != "") {
$FORM[$this->rfid][values][$i] = "";
$aa->setValue($this->value_tbl[$i], $FORM[$this->rfid][values][$i]);
} else {
$FORM[$this->rfid][values][$i] = $FORMVAL[$this->rfid][values][$i];
}
} elseif ($this->value_type[$i] == "multipleselectsql") {
// multipleselect
$ms = new sql();
$ms->query("delete from " . $this->type_value5[$i] . " where " . $this->type_value6[$i]);
if (is_Array($FORM[$this->rfid][values][$i])) {
reset($FORM[$this->rfid][values][$i]);
for ($j = 0; $j < count($FORM[$this->rfid][values][$i]); $j++) {
$val = current($FORM[$this->rfid][values][$i]);
$sql = "insert into " . $this->type_value5[$i] . " set " . $this->type_value6[$i] . ", " . $this->type_value7[$i] . "={$val}";
$ms->query($sql);
next($FORM[$this->rfid][values][$i]);
}
}
} elseif ($this->value_type[$i] == "subline" || $this->value_type[$i] == "empty") {
} elseif ($this->value_type[$i] == "datum") {
$tag = substr($FORM[$this->rfid][values][$i], 0, 2);
$monat = substr($FORM[$this->rfid][values][$i], 3, 2);
$jahr = substr($FORM[$this->rfid][values][$i], 6, 4);
$aa->setValue($this->value_tbl[$i], mktime(0, 0, 0, $monat, $tag, $jahr));
} else {
$aa->setValue($this->value_tbl[$i], $FORM[$this->rfid][values][$i]);
}
}
$aa->update();
$msg = "Daten wurden gespeichert";
} else {
for ($i = 0; $i < $this->counter; $i++) {
if ($this->value_type[$i] != "multipleselectsql") {
$FORM[$this->rfid][values][$i] = htmlentities(stripslashes($FORM[$this->rfid][values][$i]));
}
}
}
for ($i = 0; $i < $this->counter; $i++) {
if ($this->value_type[$i] != "multipleselectsql") {
$FORM[$this->rfid][values][$i] = htmlentities(stripslashes($FORM[$this->rfid][values][$i]));
} else {
// multipleselect
if (is_Array($FORM[$this->rfid][values][$i])) {
reset($FORM[$this->rfid][values][$i]);
for ($j = 0; $j < count($FORM[$this->rfid][values][$i]); $j++) {
$val = $FORM[$this->rfid][values][$i][j];
}
}
}
}
}
// --------------------------------- ADD: SPEICHERN FALLS MÖGLICH
if ($FORM[$this->rfid][submit] == 1 && $this->form_type == "add") {
if ($errmsg == "") {
$aa = new sql();
$aa->debugsql = 0;
$aa->setTable($this->tbl_name);
for ($i = 0; $i < $this->counter; $i++) {
if ($this->value_type[$i] == "datum") {
$tag = substr($FORM[$this->rfid][values][$i], 0, 2);
$monat = substr($FORM[$this->rfid][values][$i], 3, 2);
$jahr = substr($FORM[$this->rfid][values][$i], 6, 4);
$aa->setValue($this->value_tbl[$i], mktime(0, 0, 0, $monat, $tag, $jahr));
} elseif ($this->value_type[$i] != "multipleselectsql" && $this->value_type[$i] != "subline" && $this->value_type[$i] != "empty") {
$aa->setValue($this->value_tbl[$i], $FORM[$this->rfid][values][$i]);
}
}
$aa->insert();
$msg = "Daten wurden gespeichert";
for ($i = 0; $i < $this->counter; $i++) {
$FORM[$this->rfid][values][$i] = htmlentities(stripslashes($FORM[$this->rfid][values][$i]));
}
} else {
for ($i = 0; $i < $this->counter; $i++) {
$FORM[$this->rfid][values][$i] = htmlentities(stripslashes($FORM[$this->rfid][values][$i]));
}
}
}
// --------------------------------- FORMULAR
if ($this->form_show || $this->ShowFormAlways) {
$ausgabe = "<table width=" . $this->width . " cellpadding=6 cellspacing=1 border=0 >";
$ausgabe .= "<form ENCTYPE='multipart/form-data' action='" . $this->url . "' method='" . $this->method . "' name='" . $this->formname . "'>" . $this->form_header;
$ausgabe .= "<input type=hidden name=FORM[{$this->rfid}][submit] value=1>";
// ---------------------- FORM REIHEN
$colcounter = $this->cols[0];
for ($i = 0; $i < $this->counter; $i++) {
if ($this->cols[$i] != "") {
$colcounter = $this->cols[$i];
} else {
$this->cols[$i] = $colcounter;
}
if ($maxcount < $this->cols[$i]) {
$maxcount = $this->cols[$i];
}
}
$colcounter = 0;
if ($errmsg != "") {
$ausgabe .= "<tr><td colspan=" . ($maxcount + 2) . " class=warning>{$errmsg}<br>Daten wurden noch nicht gespeichert</td></tr>";
}
if ($msg != "") {
$ausgabe .= "<tr><td colspan=" . ($maxcount + 2) . " class=warning>{$msg}</td></tr>";
}
for ($i = 0; $i < $this->counter; $i++) {
$name = "FORM[{$this->rfid}][values][{$i}]";
$value = $FORM[$this->rfid][values][$i];
// echo "<br>$i $maxcounter ".$this->cols[$i]." ".$this->cols[$i-1]." ".$this->value_form[$i];
$colcounter++;
if ($this->cols[$i - 1] != $this->cols[$i]) {
if ($i != 0) {
$ausgabe .= "</tr>\n\n";
}
$ausgabe .= "\n\n<tr>";
$colcounter = 0;
} else {
// anfang
// ende
if ($colcounter == $this->cols[$i]) {
$ausgabe .= "</tr>\n\n";
$ausgabe .= "\n\n<tr>";
$colcounter = 0;
}
}
$addcolspawn = 0;
if ($this->cols[$i] < $maxcount) {
$addcolspawn = 2;
}
switch ($this->value_type[$i]) {
// ---------------------- MULTIPLE SQL SELECT AUSGABE
case "multipleselectsql":
if ($this->form_type == "add") {
$ausgabe .= "<td colspan=2>Multiple Felder nur bei edit möglich\t</td>";
} else {
$ausgabe .= "\n\n";
$ausgabe .= "<td valign=middle class=grey width=" . $this->labelwidth . " >" . $this->value_form[$i] . "</td>";
$ssql = new sql();
$ssql->setQuery($this->type_value1[$i]);
$ssel = new rexselect();
$ssel->setName($name . "[]");
$ssel->setMultiple(1);
$ssel->setSize($this->type_value4[$i]);
$ssel->setStyle("width:100%;");
for ($j = 0; $j < $ssql->getRows(); $j++) {
$ssel->addOption($ssql->getValue($this->type_value3[$i]), $ssql->getValue($this->type_value2[$i]));
$ssql->next();
}
// $selsql = new sql;
// $selsql->setQuery("select * from ".$this->type_value5[$i]." where ".$this->type_value6[$i]);
if (is_Array($FORM[$this->rfid][values][$i])) {
reset($FORM[$this->rfid][values][$i]);
for ($j = 0; $j < count($FORM[$this->rfid][values][$i]); $j++) {
$ssel->setSelected(current($FORM[$this->rfid][values][$i]));
next($FORM[$this->rfid][values][$i]);
}
}
$ausgabe .= "<td class=grey colspan=" . (1 + $addcolspawn) . ">" . $ssel->out() . "</td>";
$ausgabe .= "";
}
break;
// ---------------------- SINGLE SQL SELECT AUSGABE
// ---------------------- SINGLE SQL SELECT AUSGABE
case "singleselectsql":
$ausgabe .= "\n\n";
$ausgabe .= "<td valign=middle class=grey width=" . $this->labelwidth . " >" . $this->value_form[$i] . "</td>";
$ssql = new sql();
$ssql->setQuery($this->type_value1[$i]);
$ssel = new rexselect();
$ssel->setName($name);
$ssel->setStyle("width:100%;");
if ($this->value_check[$i] != 1) {
$ssel->addOption("----------------- keine Angabe -----------------", "0");
}
for ($j = 0; $j < $ssql->getRows(); $j++) {
$ssel->addOption($ssql->getValue($this->type_value3[$i]), $ssql->getValue($this->type_value2[$i]));
$ssql->next();
}
$ssel->setSelected($value);
$ausgabe .= "<td class=grey colspan=" . (1 + $addcolspawn) . ">" . $ssel->out() . "</td>";
$ausgabe .= "";
break;
// ---------------------- SINGLE SELECT AUSGABE
// ---------------------- SINGLE SELECT AUSGABE
case "singleselect":
$ausgabe .= "\n\n";
$ausgabe .= "<td valign=middle class=grey width=" . $this->labelwidth . " >" . $this->value_form[$i] . "</td>";
$stype = explode("|", $this->type_value1[$i]);
$ssel = new rexselect();
$ssel->setName($name);
$ssel->setStyle("width:100%;");
for ($j = 0; $j < count($stype); $j++) {
$svalue = $stype[$j];
$j++;
$sname = $stype[$j];
$ssel->addOption($sname, $svalue);
}
$ssel->setSelected($value);
$ausgabe .= "<td class=grey colspan=" . (1 + $addcolspawn) . ">" . $ssel->out() . "</td>";
$ausgabe .= "";
break;
// ---------------------- Checkbox
// ---------------------- Checkbox
case "checkbox":
$ausgabe .= "\n\n";
$ausgabe .= "<td valign=middle class=grey width=" . $this->labelwidth . " >" . $this->value_form[$i] . "</td>";
$ausgabe .= "<td class=grey colspan=" . (1 + $addcolspawn) . "><input type=checkbox name={$name} value=1 ";
if ($value == 1 || $value == "on") {
$ausgabe .= "checked";
}
$ausgabe .= "></td>";
$ausgabe .= "";
break;
// ---------------------- PIC/JPG
// ---------------------- PIC/JPG
case "picjpg":
if ($value != "") {
$ausgabe .= "\n\n";
$ausgabe .= "<td valign=middle class=grey width=" . $this->labelwidth . " >" . $this->value_form[$i] . "</td>";
$ausgabe .= "<td class=grey colspan=" . (1 + $addcolspawn) . "><table cellpadding=2 cellspacing=0><tr><td><input name={$name} type=file size=10></td><td rowspan=2> </td><td rowspan=2><img src=" . $this->type_value2[$i] . "{$value} width=" . $this->type_value3[$i] . " height=" . $this->type_value4[$i] . "></td></tr>";
$ausgabe .= "<tr><td valign=middle align=left class=grey><input type=checkbox name=FORM[{$this->rfid}][values][{$i}][delete]> Datei löschen </td></tr></table>";
$ausgabe .= "</td>";
} else {
$ausgabe .= "\n\n";
$ausgabe .= "<td valign=middle class=grey width=" . $this->labelwidth . " >" . $this->value_form[$i] . "</td>";
$ausgabe .= "<td class=grey colspan=" . (1 + $addcolspawn) . "><input name={$name} type=file size=10></td>";
$ausgabe .= "";
}
break;
// ---------------------- FILE
// ---------------------- FILE
case "file":
$myout = "";
if ($value != "") {
$myout = "\n\n<table><tr>";
$myout .= "<td valign=middle align=right class=grey><input type=checkbox name=FORM[{$this->rfid}][values][{$i}][delete]></td>";
$myout .= "<td class=grey>Datei löschen <a href=" . $this->type_value2[$i] . "{$value} target=_blank>{$value}</a></td>";
$myout .= "</tr></table>";
}
$ausgabe .= "\n\n";
$ausgabe .= "<td valign=middle class=grey width=" . $this->labelwidth . " >" . $this->value_form[$i] . "<br>{$myout}</td>";
$ausgabe .= "<td class=grey><input name={$name} type=file size=10></td>";
$ausgabe .= "";
break;
// ---------------------- HTMLAREA
// ---------------------- HTMLAREA
case "htmlarea":
if ($this->type_value1[$i] == "") {
$this->type_value1[$i] = "width:100%; height:100px;";
}
$ausgabe .= "\n\n";
$ausgabe .= "<td valign=top class=grey width=" . $this->labelwidth . " >" . $this->value_form[$i] . "</td>";
$ausgabe .= "<td class=grey colspan=" . (1 + $addcolspawn) . ">" . REXHTMLAREA($name, $value) . "</td>";
$ausgabe .= "";
break;
// ---------------------- TEXTAREA
// ---------------------- TEXTAREA
case "textarea":
if ($this->type_value1[$i] == "") {
$this->type_value1[$i] = "width:100%; height:100px;";
}
$ausgabe .= "\n\n";
$ausgabe .= "<td valign=top class=grey width=" . $this->labelwidth . " >" . $this->value_form[$i] . "</td>";
$ausgabe .= "<td class=grey colspan=" . (1 + $addcolspawn) . "><textarea name={$name} cols=30 rows=5 style='" . $this->type_value1[$i] . "'>{$value}</textarea></td>";
$ausgabe .= "";
break;
// ---------------------- HIDDEN
// ---------------------- HIDDEN
case "hidden":
$ausgabe .= "<input type=hidden name={$name} value=\"" . $this->type_value1[$i] . "\">";
break;
// ---------------------- TEXT
// ---------------------- TEXT
case "text":
if ($this->type_value1[$i] == "") {
$this->type_value1[$i] = "width:100%;";
}
if ($this->type_value2[$i] != "") {
$this->type_value2[$i] = "maxlength=" . $this->type_value2[$i];
}
$ausgabe .= "\n\n";
$ausgabe .= "<td valign=middle class=grey width=" . $this->labelwidth . " >" . $this->value_form[$i] . "</td>";
$ausgabe .= "<td class=grey colspan=" . (1 + $addcolspawn) . "><input type=text name={$name} value=\"{$value}\" " . $this->type_value2[$i] . " size=20 style='" . $this->type_value1[$i] . "'></td>";
$ausgabe .= "";
break;
// ---------------------- DATUM
// ---------------------- DATUM
case "datum":
if ($this->type_value1[$i] == "") {
$this->type_value1[$i] = "width:100%;";
}
if ($this->type_value2[$i] != "") {
$this->type_value2[$i] = "maxlength=" . $this->type_value2[$i];
}
if (!preg_match("![0-9]{2}\\.[0-9]{2}\\.[0-9]{4}!", $value)) {
$value = date("d.m.Y", $value);
}
$ausgabe .= "\n\n";
$ausgabe .= "<td valign=middle class=grey width=" . $this->labelwidth . " >" . $this->value_form[$i] . "</td>";
$ausgabe .= "<td class=grey colspan=" . (1 + $addcolspawn) . "><input type=text name={$name} value=\"{$value}\" " . $this->type_value2[$i] . " size=20 style='" . $this->type_value1[$i] . "'></td>";
$ausgabe .= "";
break;
// ---------------------- Überschrift
// ---------------------- Überschrift
case "subline":
$ausgabe .= "\n\n";
$ausgabe .= "<th valign=middle align=" . $this->value_tbl[$i] . " colspan=" . (2 + $addcolspawn) . ">" . $this->value_form[$i] . "</th>\n";
$ausgabe .= "\n";
break;
// ---------------------- Überschrift
// ---------------------- Überschrift
case "empty":
$ausgabe .= "\n\n";
$ausgabe .= "<td valign=middle class=grey colspan=" . (2 + $addcolspawn) . "> </td>\n";
$ausgabe .= "\n";
break;
// ---------------------- STANDARD AUSGABE - TEXT
// ---------------------- STANDARD AUSGABE - TEXT
default:
$ausgabe .= "\n\n";
$ausgabe .= "<td valign=middle class=grey width=" . $this->labelwidth . " >" . $this->value_form[$i] . "</td>";
$ausgabe .= "<td class=grey colspan=" . (1 + $addcolspawn) . "><input type=text name={$name} value=\"{$value}\" size=20 style='width:100%'></td>";
$ausgabe .= "";
}
}
$ausgabe .= "</tr>";
// ---------------------- SUBMIT
$ausgabe .= "<tr>\n\n";
$ausgabe .= "<td class=dgrey width=" . $this->labelwidth . " > </td>\n\n";
$ausgabe .= "<td align=left class=dgrey colspan=" . ($maxcount + 1) . "><input type=submit value='" . $this->submit_value . "'></td>\n\n";
$ausgabe .= "</tr>\n\n";
$ausgabe .= "</form></table>\n\n";
return $ausgabe;
} else {
if ($msg != "") {
$ausgabe = "<table width=" . $this->width . " cellpadding=6 cellspacing=1 border=0 bgcolor=#ffffff>";
$ausgabe .= "<tr><td class=warning>{$msg}</td></tr>";
$ausgabe .= "</table>";
return $ausgabe;
}
}
}
public function add($data)
{
$sql = new sql();
$sql->insert('news', 'title, date, image, desc_min, `desc`', '"' . $data['title'] . '", "' . $data['date'] . '", "' . $data['image'] . '", "' . $data['desc_min'] . '", "' . $data['desc'] . '"');
}
function saveMedia($FILE, $rex_file_category, $FILEINFOS)
{
global $REX, $REX_USER;
$FILENAME = $FILE['name'];
$FILESIZE = $FILE['size'];
$FILETYPE = $FILE['type'];
$NFILENAME = "";
$message = '';
// ----- neuer filename und extension holen
$NFILENAME = strtolower(preg_replace("/[^a-zA-Z0-9.\\-\$\\+]/", "_", $FILENAME));
if (strrpos($NFILENAME, ".") != "") {
$NFILE_NAME = substr($NFILENAME, 0, strlen($NFILENAME) - (strlen($NFILENAME) - strrpos($NFILENAME, ".")));
$NFILE_EXT = substr($NFILENAME, strrpos($NFILENAME, "."), strlen($NFILENAME) - strrpos($NFILENAME, "."));
} else {
$NFILE_NAME = $NFILENAME;
$NFILE_EXT = "";
}
// ---- ext checken
$ERROR_EXT = array(".php", ".php3", ".php4", ".php5", ".phtml", ".pl", ".asp", ".aspx", ".cfm");
if (in_array($NFILE_EXT, $ERROR_EXT)) {
$NFILE_NAME .= $NFILE_EXT;
$NFILE_EXT = ".txt";
}
$NFILENAME = $NFILE_NAME . $NFILE_EXT;
// ----- datei schon vorhanden -> namen aendern -> _1 ..
if (file_exists($REX['MEDIAFOLDER'] . "/{$NFILENAME}")) {
for ($cf = 1; $cf < 1000; $cf++) {
$NFILENAME = $NFILE_NAME . "_{$cf}" . "{$NFILE_EXT}";
if (!file_exists($REX['MEDIAFOLDER'] . "/{$NFILENAME}")) {
break;
}
}
}
// ----- dateiupload
$upload = true;
if (!@move_uploaded_file($FILE['tmp_name'], $REX['MEDIAFOLDER'] . "/{$NFILENAME}")) {
if (!@copy($FILE['tmp_name'], $REX['MEDIAFOLDER'] . "/{$NFILENAME}")) {
$message .= "move file {$FILENAME} failed | ";
$ok = 0;
$upload = false;
}
}
if ($upload) {
chmod($REX['MEDIAFOLDER'] . "/{$NFILENAME}", $REX['FILEPERM']);
// get widht height
$size = @getimagesize($REX['MEDIAFOLDER'] . "/{$NFILENAME}");
$FILESQL = new sql();
// $FILESQL->debugsql=1;
$FILESQL->setTable($REX['TABLE_PREFIX'] . "file");
$FILESQL->setValue("filetype", $FILETYPE);
$FILESQL->setValue("title", $FILEINFOS['title']);
$FILESQL->setValue("description", $FILEINFOS['description']);
$FILESQL->setValue("copyright", $FILEINFOS['copyright']);
$FILESQL->setValue("filename", $NFILENAME);
$FILESQL->setValue("originalname", $FILENAME);
$FILESQL->setValue("filesize", $FILESIZE);
$FILESQL->setValue("width", $size[0]);
$FILESQL->setValue("height", $size[1]);
$FILESQL->setValue("category_id", $rex_file_category);
$FILESQL->setValue("createdate", time());
$FILESQL->setValue("createuser", $REX_USER->getValue("login"));
$FILESQL->setValue("updatedate", time());
$FILESQL->setValue("updateuser", $REX_USER->getValue("login"));
$FILESQL->insert();
$ok = 1;
}
$RETURN['title'] = $FILEINFOS['title'];
$RETURN['width'] = $size[0];
$RETURN['height'] = $size[1];
$RETURN['type'] = $FILETYPE;
$RETURN['msg'] = $message;
$RETURN['ok'] = $ok;
$RETURN['filename'] = $NFILENAME;
return $RETURN;
}
$del->query("DELETE FROM rex_template WHERE id = '{$template_id}' LIMIT 1");
// max. ein Datensatz darf loeschbar sein
$message = $I18N->msg("template_deleted");
rex_deleteDir($REX['INCLUDE_PATH'] . "/generated/templates/" . $template_id . ".template", 0);
}
}
}
if (isset($function) and ($function == "add" or $function == "edit")) {
if (isset($save) and $save == "ja") {
if ($function == "add") {
$ITPL = new sql();
$ITPL->setTable("rex_template");
$ITPL->setValue("name", $templatename);
$ITPL->setValue("active", $active);
$ITPL->setValue("content", $content);
$ITPL->insert();
$template_id = $ITPL->last_insert_id;
$message = $I18N->msg("template_added");
} else {
if (!isset($active)) {
$active = 0;
}
$TMPL = new sql();
$TMPL->setTable("rex_template");
$TMPL->where("id='{$template_id}'");
$TMPL->setValue("name", $templatename);
$TMPL->setValue("content", $content);
$TMPL->setValue("active", $active);
$TMPL->update();
$message = $I18N->msg("template_added");
}
<?php
session_start();
if (isset($_SESSION['loged']) and $_SESSION['loged'] == true) {
include "php.php";
include "sql.php";
// var_dump($_POST);
if (isset($_POST)) {
if ($_POST['act'] == "salvar_usuario") {
$sql = new sql();
$table = "cad_usuario";
if ($_POST['cod_usuario'] == "") {
$campos = "`email`,`nome`, `status`, `usuario`";
$values = "'" . $_POST['email'] . "','" . $_POST['nome'] . "','" . $_POST['status'] . "','" . $_POST['usuario'] . "'";
$msg = "S";
$sql->insert($table, $campos, $values, $msg);
} else {
$campos = "`email`='" . $_POST['email'] . "',`nome`='" . $_POST['nome'] . "', `status`='" . $_POST['status'] . "', `usuario`='" . $_POST['usuario'] . "' ";
$where = "cod_usuario='" . $_POST['cod_usuario'] . "'";
$msg = "S";
$sql->update($table, $campos, $where, $msg);
}
}
if ($_POST['act'] == "enviar_senha") {
include "config.php";
$senha = substr(md5(mt_rand(1, 10000) . date("Y-m-d H:i:s")), 0, 6);
$sql = new sql();
$table = "cad_usuario";
$campos = "senha='" . $senha . "'";
$where = "cod_usuario='" . $_POST['cod_usuario'] . "'";
$sql->update($table, $campos, $where, 'N');
$select = "\n\t\t\t\t\tselect \n\t\t\t\t\t\t*\n\t\t\t\t\tfrom \n\t\t\t\t\t\t" . $schema . ".cad_usuario \n\t\t\t\t\t\t\n\t\t\t\t\twhere \n\t\t\t\t\t\t`cad_usuario`.`cod_usuario` = " . $_POST['cod_usuario'] . ";";
<?php
session_start();
include "php.php";
if (isset($_SESSION['loged']) and $_SESSION['loged'] == true) {
var_dump($_POST);
$sql = new sql();
//excluir
$table = 'cad_projeto_centro_custo';
$where = "cod_projeto=" . $_POST['cod_projeto'] . " and cod_centro_custo=" . $_POST['cod_centro_custo'] . " ";
$sql->delete($table, $where, 'N');
//incluir
$table = 'cad_projeto_centro_custo';
$campos = "cod_projeto,";
$campos .= "cod_centro_custo,";
$campos .= "`check`";
$values = "'" . $_POST['cod_projeto'] . "', ";
$values .= "'" . $_POST['cod_centro_custo'] . "', ";
$values .= "'" . $_POST['status'] . "'";
$sql->insert($table, $campos, $values, 'N');
}