コード例 #1
0
ファイル: login.php プロジェクト: sergioflorencio/toucan
 function login()
 {
     include "config.php";
     if (isset($_POST['usuario']) and isset($_POST['senha']) and $_POST['usuario'] != "" and $_POST['senha'] != "") {
         $select = "SELECT * FROM " . $schema . ".cad_usuario where usuario='" . $_POST['usuario'] . "';";
         $resultado = mysql_query($select, $conexao) or die(mysql_error());
         while ($row = mysql_fetch_array($resultado)) {
             $cod_user = $row['cod_usuario'];
             $senha_usuario = $row['senha'];
         }
         if ($senha_usuario == $_POST['senha'] and (isset($_SESSION['loged']) == false or $_SESSION['loged'] == false)) {
             $_SESSION['cod_usuario'] = $cod_user;
             $_SESSION['user'] = $_POST['usuario'];
             $_SESSION['loged'] = true;
             $_SESSION['session'] = md5(mt_rand(1, 10000));
             $sql = new sql();
             $table = "session";
             $campos = "username,session,ip";
             $values = "'" . $_SESSION['user'] . "','" . $_SESSION['session'] . "','" . $_SERVER['REMOTE_ADDR'] . "'";
             $sql->insert($table, $campos, $values, 'N');
         } else {
             //	$login=new login;
             //	$login->logout();
         }
     }
 }
コード例 #2
0
function rex_opf_sync()
{
    global $REX;
    // abgleich der replacevalue felder..
    $s = new sql();
    // $s->debugsql = 1;
    $s->setQuery("select clang, replacename, name, count(replacename) from rex_opf_lang group by replacename");
    for ($i = 0; $i < $s->getRows(); $i++) {
        if (count($REX['CLANG']) != $s->getValue("count(replacename)")) {
            reset($REX['CLANG']);
            while (list($key, $val) = each($REX['CLANG'])) {
                $lclang = $key;
                $replacename = $s->getValue("replacename");
                $name = $s->getValue("name");
                $gs = new sql();
                $gs->setQuery("select clang from rex_opf_lang where clang={$lclang} and replacename='{$replacename}'");
                if ($gs->getRows() == 0) {
                    // erstelle
                    $us = new sql();
                    $us->setTable("rex_opf_lang");
                    $us->setValue("clang", $lclang);
                    $us->setValue("replacename", $replacename);
                    $us->setValue("name", $name);
                    $us->insert();
                }
            }
        }
        $s->next();
    }
}
コード例 #3
0
 public function setRecord($data)
 {
     $data[blocktype] = $this->blocktype;
     $operation[$data[operation_id]] = array('date' => $data[action_date], 'comment_id' => sqltable_model::getCommentId($data[comment]));
     // если в поле для нового ввели номер сопроводиловки уже существующий в журнале
     // то будем править его
     $sql = "SELECT * FROM {$this->maintable} WHERE lanch_id='{$data[lanch_id]}'";
     $res = sql::fetchOne($sql);
     if (empty($res)) {
         // гадство! тут нужен уникальный, а без коментариев будет получаться один
         sql::insert('coments', array(array("comment" => multibyte::Json_encode($operation))));
         $data[coment_id] = sql::lastId();
     } else {
         $coment = multibyte::Json_decode(sqltable_model::getComment($res[coment_id]));
         $coment[$data[operation_id]] = $operation[$data[operation_id]];
         // заменить старый по ключу
         sql::insertUpdate('coments', array(array("id" => $res[coment_id], "comment" => multibyte::Json_encode($coment))));
         $data[edit] = $res[id];
         // если был такой его и правим
         $data[coment_id] = $res[coment_id];
     }
     $data[lastoperation] = $data[operation_id];
     parent::setRecord($data);
     return true;
 }
コード例 #4
0
 function insertOrder()
 {
     $sql = new sql();
     $sql->debugsql = 0;
     $sql->setTable("rex_4_order");
     $sql->setValue("overallsum", $this->_overallsum);
     $sql->setValue("status", $this->_status);
     $sql->setValue("date", date("Y-m-d H:i:s"));
     $sql->setValue("name", $this->_name);
     $sql->setValue("mailtext", $this->_mailtxt);
     $sql->insert();
     if ($sql->error == "") {
         $order_id = $sql->last_insert_id;
         $sql->flush();
         $counter = 0;
         if (is_array($this->_product)) {
             for ($i = 0; $i < count($this->_product['pid']); $i++) {
                 $sql->setTable("rex_4_order_product");
                 $sql->setValue("order_id", $order_id);
                 $sql->setValue("product_id", $this->_product['pid'][$i]);
                 $sql->setValue("product_name", $this->_product['name'][$i]);
                 $sql->setValue("amount", $this->_product['amount'][$i]);
                 $sql->setValue("price", $this->_product['price'][$i]);
                 $sql->insert();
                 $sql->flush();
                 if ($sql->error == "") {
                     $counter++;
                 }
             }
         }
         if ($counter == count($this->_product['pid'])) {
             return true;
         } else {
             return false;
         }
     } else {
         return false;
     }
 }
コード例 #5
0
                 $NFILENAME = $NFILE_NAME . "_{$cf}" . "{$NFILE_EXT}";
                 if (!file_exists($REX[MEDIAFOLDER] . "/{$NFILENAME}")) {
                     break;
                 }
             }
         }
         if (!move_uploaded_file(${$FILE}, $REX[MEDIAFOLDER] . "/{$NFILENAME}")) {
             $message = " - " . $I18N->msg("moving_file_error", $fi) . " | ";
         } else {
             $FILESQL = new sql();
             $FILESQL->setTable("rex_file");
             $FILESQL->setValue("filetype", ${$FILETYPE});
             $FILESQL->setValue("filename", $NFILENAME);
             $FILESQL->setValue("originalname", ${$FILENAME});
             $FILESQL->setValue("filesize", ${$FILESIZE});
             $FILESQL->insert();
             $meta_sql->setValue("file", $NFILENAME);
         }
     } elseif (${$FILEDEL} == "on") {
         $meta_sql->setValue("file", '');
     }
     // ----------------------------- / FILE UPLOAD
     $meta_sql->update();
     $article->setQuery("select * from rex_article where id='{$article_id}'");
     $err_msg = $I18N->msg("metadata_updated") . $message;
     generateArticle($article_id);
 }
 $typesel = new select();
 $typesel->set_name("type_id");
 $typesel->set_style("width:100%;");
 $typesel->set_size(1);
コード例 #6
0
 function write()
 {
     global $REX, $REX_USER;
     $sql = new sql();
     $sql->setTable($REX['TABLE_PREFIX'] . '51_cache_article');
     foreach ($this->vars as $key => $value) {
         $sql->setValue($key, $value);
     }
     $user = $REX['REDAXO'] ? $REX_USER->getValue('login') : '';
     if ($this->exists()) {
         $sql->where('article_id=' . $this->article_id . ' AND clang=' . $this->clang);
         $sql->setValue('updatedate', time());
         $sql->setValue('updateuser', $user);
         $sql->update();
     } else {
         $sql->setValue('article_id', $this->article_id);
         $sql->setValue('clang', $this->clang);
         $sql->setValue('createdate', time());
         $sql->setValue('createuser', $user);
         $sql->insert();
     }
 }
コード例 #7
0
 function create_file($cssFile, $cssDir, $cssCatId)
 {
     if ($cssFile != "") {
         global $REX_USER;
         $extension = strstr($cssFile, '.');
         if (strlen($extension) == "4") {
             // ----- neuer filename und extension holen
             $NFILENAME = strtolower(preg_replace("/[^a-zA-Z0-9.]/", "_", $cssFile));
             if (strrpos($NFILENAME, ".") != "") {
                 $NFILE_NAME = substr($NFILENAME, 0, strlen($NFILENAME) - (strlen($NFILENAME) - strrpos($NFILENAME, ".")));
                 $NFILE_EXT = substr($NFILENAME, strrpos($NFILENAME, "."), strlen($NFILENAME) - strrpos($NFILENAME, "."));
             } else {
                 $NFILE_NAME = $NFILENAME;
                 $NFILE_EXT = "";
             }
             // ---- ext checken
             $ERROR_EXT = array("php", "php3", "php4", "php5", "phtml", "pl", "asp", "aspx", "cfm");
             if (in_array($NFILE_EXT, $ERROR_EXT)) {
                 $NFILE_NAME .= $NFILE_EXT;
                 $NFILE_EXT = ".txt";
             }
             $NFILENAME = $NFILE_NAME . $NFILE_EXT;
             if ($NFILE_EXT == ".css") {
                 $FILETYPE = "text/css";
             } else {
                 $FILETYPE = "text/plain";
                 return $this->errorMsg .= $this->thisFileIsNoCss;
             }
             // ----- datei schon vorhanden -> warnung ausgeben ->
             if (!file_exists($cssDir . $NFILENAME)) {
                 $openFile = fopen($cssDir . $NFILENAME, "w");
                 fputs($openFile, "");
                 fclose($openFile);
                 $upload = true;
             } else {
                 return $this->errorMsg .= $this->thisFileExists;
             }
             $FILESIZE = filesize($cssDir . $NFILENAME);
             if ($upload) {
                 @chmod($cssDir . "/{$NFILENAME}", 0777);
                 $FILESQL = new sql();
                 //$FILESQL->debugsql=1;
                 $FILESQL->setTable("rex_file");
                 $FILESQL->setValue("filetype", $FILETYPE);
                 $FILESQL->setValue("title", $FILEINFOS[title]);
                 $FILESQL->setValue("description", $FILEINFOS[description]);
                 $FILESQL->setValue("copyright", $FILEINFOS[copyright]);
                 $FILESQL->setValue("filename", $NFILENAME);
                 $FILESQL->setValue("originalname", $NFILENAME);
                 $FILESQL->setValue("filesize", $FILESIZE);
                 $FILESQL->setValue("width", 0);
                 $FILESQL->setValue("height", 0);
                 $FILESQL->setValue("category_id", $cssCatId);
                 $FILESQL->setValue("createdate", time());
                 $FILESQL->setValue("createuser", $REX_USER->getValue("login"));
                 $FILESQL->setValue("updatedate", time());
                 $FILESQL->setValue("updateuser", $REX_USER->getValue("login"));
                 $FILESQL->insert();
                 $ok = 1;
             }
             $this->successMsg .= "Die Datei " . $NFILENAME . " wurde im Medienpool und auf dem Server erfolgeich angelegt.";
         } else {
             $this->errorMsg .= "Falsche Extension. Eine Extension besteht aus 3 Zeichen. <br /> Datei wurde <strong>NICHT</strong> angelegt.";
         }
     } else {
         $this->errorMsg .= "Bitte geben Sie einen Dateinamen ein.";
     }
 }
コード例 #8
0
/**
 * Erstellt eine Clang
 * 
 * @param $id   Id der Clang 
 * @param $name Name der Clang 
 */
function rex_addCLang($id, $name)
{
    global $REX;
    $REX['CLANG'][$id] = $name;
    $content = "// --- DYN\n\r";
    reset($REX['CLANG']);
    for ($i = 0; $i < count($REX['CLANG']); $i++) {
        $cur = key($REX['CLANG']);
        $val = current($REX['CLANG']);
        $content .= "\n\r\$REX['CLANG']['{$cur}'] = \"{$val}\";";
        next($REX['CLANG']);
    }
    $content .= "\n\r// --- /DYN";
    $file = $REX['INCLUDE_PATH'] . "/clang.inc.php";
    $h = fopen($file, "r");
    $fcontent = fread($h, filesize($file));
    $fcontent = ereg_replace("(\\/\\/.---.DYN.*\\/\\/.---.\\/DYN)", $content, $fcontent);
    fclose($h);
    $h = fopen($file, "w+");
    fwrite($h, $fcontent, strlen($fcontent));
    fclose($h);
    @chmod($file, 0777);
    $add = new sql();
    $add->setQuery("select * from " . $REX['TABLE_PREFIX'] . "article where clang='0'");
    $fields = $add->getFieldnames();
    for ($i = 0; $i < $add->getRows(); $i++) {
        $adda = new sql();
        // $adda->debugsql = 1;
        $adda->setTable($REX['TABLE_PREFIX'] . "article");
        reset($fields);
        while (list($key, $value) = each($fields)) {
            if ($value == "pid") {
                echo "";
            } else {
                if ($value == "clang") {
                    $adda->setValue("clang", $id);
                } else {
                    if ($value == "status") {
                        $adda->setValue("status", "0");
                    } else {
                        $adda->setValue($value, rex_addslashes($add->getValue("{$value}")));
                    }
                }
            }
            //  createuser
            //  updateuser
        }
        $adda->insert();
        $add->next();
    }
    $add = new sql();
    $add->query("insert into " . $REX['TABLE_PREFIX'] . "clang set id='{$id}',name='{$name}'");
    // ----- EXTENSION POINT
    rex_register_extension_point('CLANG_ADDED', '', array('id' => $id, 'name' => $name));
    rex_generateAll();
}
コード例 #9
0
ファイル: dao.class.php プロジェクト: jsyinwenjun/zentao
 /**
  * The insert method, call sql::insert().
  * 
  * @param  string $table 
  * @access public
  * @return object the dao object self.
  */
 public function insert($table)
 {
     $this->setMode('raw');
     $this->setMethod('insert');
     $this->sqlobj = sql::insert($table);
     $this->setTable($table);
     return $this;
 }
コード例 #10
0
             }
         }
         // ----- linklist
         $newsql->setValue("linklist{$fi}", $REX_ACTION['LINKLIST'][$fi]);
         // ----- medialist
         $newsql->setValue("filelist{$fi}", $REX_ACTION['MEDIALIST'][$fi]);
     }
     $newsql->setValue("updatedate", time());
     $newsql->setValue("updateuser", $REX_USER->getValue("login"));
     if ($function == "edit") {
         $newsql->update();
         $message .= $I18N->msg('block_updated');
     } elseif ($function == "add") {
         $newsql->setValue("createdate", time());
         $newsql->setValue("createuser", $REX_USER->getValue("login"));
         $newsql->insert();
         $last_id = $newsql->last_insert_id;
         $newsql->query("update " . $REX['TABLE_PREFIX'] . "article_slice set re_article_slice_id='{$last_id}' where re_article_slice_id='{$slice_id}' and id<>'{$last_id}' and article_id='{$article_id}' and clang={$clang}");
         $message .= $I18N->msg('block_added');
         $slice_id = $last_id;
     }
 } else {
     // make delete
     $re_id = $CM->getValue($REX['TABLE_PREFIX'] . "article_slice.re_article_slice_id");
     $newsql = new sql();
     $newsql->setQuery("select * from " . $REX['TABLE_PREFIX'] . "article_slice where re_article_slice_id='{$slice_id}'");
     if ($newsql->getRows() > 0) {
         $newsql->query("update " . $REX['TABLE_PREFIX'] . "article_slice set re_article_slice_id='{$re_id}' where id='" . $newsql->getValue("id") . "'");
     }
     $newsql->query("delete from " . $REX['TABLE_PREFIX'] . "article_slice where id='{$slice_id}'");
     $message = $I18N->msg('block_deleted');
コード例 #11
0
ファイル: user.inc.php プロジェクト: BackupTheBerlios/redaxo
        $adduser->setValue("newsletter", $unewsletter);
        if ($ushowinfo != "") {
            $ushowinfo = 1;
        } else {
            $ushowinfo = 0;
        }
        $adduser->setValue("showinfo", $ushowinfo);
        // unnoetig ?
        /*
        if ($usendmail != "") $usendmail = 1;
        else $usendmail = 0;
        $adduser->setValue("sendmail",$usendmail);
        */
        // Markus => http://forum.redaxo.de/viewtopic.php?t=235
        $adduser->setValue("sendmail", $usendmail);
        $adduser->insert();
        $user_id = 0;
        $function = "";
        $message = "User wurde hinzugefügt !";
        unset($FADD);
    } else {
        $message = "Login existiert schon oder ist nicht korrekt!";
    }
}
$SHOW = true;
if ($FADD != "") {
    // ------------------------------------ USER HINZUFÜGEN
    $SHOW = false;
    echo "\t<table border=0 cellpadding=5 cellspacing=1 width=770>\n\t\t<form action=index.php method=post>\n\t\t<input type=hidden name=page value=community>\n\t\t<input type=hidden name=subpage value=user>\n\t\t<input type=hidden name=save value=1>\n\t\t<tr>\n\t\t\t<th align=left colspan=4 class=dgrey><b>User hinzufügen</b></th>\n\t\t</tr>";
    if ($message != "") {
        echo "<tr><td align=center class=warning><img src=pics/warning.gif width=16 height=16></td><td colspan=3 class=warning>{$message}</td></tr>";
コード例 #12
0
function copyCategory($which, $to_cat)
{
    ## orginal selecten
    $orig = new sql();
    $orig->setQuery("SELECT * FROM rex_category WHERE id={$which}");
    if ($to_cat != 0) {
        ## ziel selecten um den path zu bekomme
        $ziel = new sql();
        $ziel->setQuery("SELECT * FROM rex_category WHERE id={$to_cat}");
        $zielpath = $ziel->getValue("path") . "-" . $to_cat;
    } else {
        ## ziel is top also path
        $zielpath = "";
    }
    ## neue kategorie schreiben
    $add = new sql();
    $add->setTable("rex_category");
    $add->setValue("name", $orig->getValue("name"));
    $add->setValue("re_category_id", $to_cat);
    $add->setValue("prior", $orig->getValue("prior"));
    $add->setValue("path", $zielpath);
    $add->setvalue("status", $orig->getValue("status"));
    $add->insert();
    ## artikel kopieren order by !!! da sonst startartikel falsch
    $articles = new sql();
    $articles->setQuery("SELECT * FROM rex_article WHERE category_id={$which} order by startpage desc");
    for ($i = 0; $i < $articles->rows; $i++, $articles->next()) {
        copyArticle($articles->getValue("id"), $add->last_insert_id);
    }
    ## suchen nach unterkategorien und diese dann natürlich mitkopieren
    ## "rekursier on" hier
    $subcats = new sql();
    $subcats->setQuery("SELECT * FROM rex_category WHERE re_category_id={$which}");
    for ($i = 0; $i < $subcats->rows; $i++, $subcats->next()) {
        copyCategory($subcats->getValue("id"), $add->last_insert_id);
    }
}
コード例 #13
0
ファイル: php.php プロジェクト: sergioflorencio/toucan
 function inserir_arquivo_ofx_lancamentos($tb, $data_inicio, $data_fim, $carteira)
 {
     include "config.php";
     $sql = new sql();
     $table = "arquivo_ofx_lancamentos";
     $where = "cod_carteira='" . $carteira . "' and (DTPOSTED between '" . $data_inicio . "' and '" . $data_fim . "')";
     $sql->delete($table, $where);
     $table = "captacao_cartas_baixas";
     $campos = "cod_conciliacao=0";
     $where = "cod_carteira='" . $carteira . "' and (data_baixa between '" . $data_inicio . "' and '" . $data_fim . "')";
     $sql->update($table, $campos, $where);
     $table = "arquivo_ofx_lancamentos";
     $campos = "`cod_carteira`,`TRNTYPE`,`DTPOSTED`,`TRNAMT`,`FITID`,`CHECKNUM`,`MEMO`";
     $values = $tb;
     $sql->insert($table, $campos, $values);
 }
コード例 #14
0
    print "<tr><td class=grey>Datei:</td><td class=grey><input type=file name=file_new size=30></td></tr>";
    print "<tr><td class=grey>&nbsp;</td><td class=grey><input type=submit value=\"" . $I18N->msg('pool_file_upload') . "\">";
    if ($opener_input_field != "REX_MEDIA_0") {
        echo "<input type=submit name=saveandexit value=\"" . $I18N->msg('pool_file_upload_get') . "\">";
    }
    print "</td></tr>\n";
    print "</form>\n";
    print "</table>\n";
    #######
}
// ------------------------------------- Kategorienverwaltung
if ($media_method == 'add_file_cat') {
    $db = new sql();
    $db->setTable('rex_file_category');
    $db->setValue('name', $cat_name);
    $db->insert();
    $msg = $I18N->msg('pool_kat_saved', $cat_name);
} elseif ($media_method == 'edit_file_cat') {
    $db = new sql();
    //$db->debugsql = true;
    $db->setTable('rex_file_category');
    $db->where("id='{$cat_id}'");
    $db->setValue('name', $cat_name);
    $db->update();
    $msg = $I18N->msg('pool_kat_updated', $cat_name);
    $cat_id = "";
} elseif ($media_method == 'delete_file_cat') {
    $gf = new sql();
    $gf->setQuery("select * from rex_file where category_id='{$cat_id}'");
    if ($gf->getRows() == 0) {
        $gf->setQuery("delete from rex_file_category where id='{$cat_id}'");
コード例 #15
0
 function saveMedia($FILE, $filefolder, $extensions_array, $rex_file_category)
 {
     global $REX;
     $FILENAME = $FILE['name'];
     $FILESIZE = $FILE['size'];
     $FILETYPE = $FILE['type'];
     $NFILENAME = "";
     $message = '';
     // ----- neuer filename und extension holen
     $NFILENAME = strtolower(preg_replace("/[^a-zA-Z0-9.\\-\$\\+]/", "_", $FILENAME));
     if (strrpos($NFILENAME, ".") != "") {
         $NFILE_NAME = substr($NFILENAME, 0, strlen($NFILENAME) - (strlen($NFILENAME) - strrpos($NFILENAME, ".")));
         $NFILE_EXT = substr($NFILENAME, strrpos($NFILENAME, "."), strlen($NFILENAME) - strrpos($NFILENAME, "."));
     } else {
         $NFILE_NAME = $NFILENAME;
         $NFILE_EXT = "";
     }
     // ---- ext checken
     $ERROR_EXT = array(".php", ".php3", ".php4", ".php5", ".phtml", ".pl", ".asp", ".aspx", ".cfm");
     if (in_array($NFILE_EXT, $ERROR_EXT)) {
         $NFILE_NAME .= $NFILE_EXT;
         $NFILE_EXT = ".txt";
     }
     $standard_extensions_array = array(".rtf", ".pdf", ".doc", ".gif", ".jpg", ".jpeg");
     if (count($extensions_array) == 0) {
         $extensions_array = $standard_extensions_array;
     }
     if (!in_array($NFILE_EXT, $extensions_array)) {
         $RETURN = FALSE;
         $RETURN['ok'] = FALSE;
         return $RETURN;
     }
     $NFILENAME = $NFILE_NAME . $NFILE_EXT;
     // ----- datei schon vorhanden -> namen aendern -> _1 ..
     if (file_exists($filefolder . "/{$NFILENAME}")) {
         for ($cf = 1; $cf < 1000; $cf++) {
             $NFILENAME = $NFILE_NAME . "_{$cf}" . "{$NFILE_EXT}";
             if (!file_exists($filefolder . "/{$NFILENAME}")) {
                 break;
             }
         }
     }
     // ----- dateiupload
     $upload = true;
     if (!move_uploaded_file($FILE['tmp_name'], $filefolder . "/{$NFILENAME}")) {
         if (!copy($FILE['tmp_name'], $filefolder . "/{$NFILENAME}")) {
             $message .= "move file {$NFILENAME} failed | ";
             $RETURN = FALSE;
             $RETURN['ok'] = FALSE;
             return $RETURN;
         }
     }
     @chmod($filefolder . "/{$NFILENAME}", $REX['FILEPERM']);
     $RETURN['type'] = $FILETYPE;
     $RETURN['msg'] = $message;
     $RETURN['ok'] = TRUE;
     $RETURN['filename'] = $NFILENAME;
     $FILESQL = new sql();
     // $FILESQL->debugsql=1;
     $FILESQL->setTable($REX['TABLE_PREFIX'] . "file");
     $FILESQL->setValue("filetype", $FILETYPE);
     $FILESQL->setValue("filename", $NFILENAME);
     $FILESQL->setValue("originalname", $FILENAME);
     $FILESQL->setValue("filesize", $FILESIZE);
     $FILESQL->setValue("category_id", $rex_file_category);
     $FILESQL->setValue("createdate", time());
     $FILESQL->setValue("createuser", "system");
     $FILESQL->setValue("updatedate", time());
     $FILESQL->setValue("updateuser", "system");
     $FILESQL->insert();
     return $RETURN;
 }
コード例 #16
0
function media_savefile($FILE, $rex_file_category, $FILEINFOS)
{
    $FILENAME = $FILE[name];
    $FILESIZE = $FILE[size];
    $FILETYPE = $FILE[type];
    $NFILENAME = "";
    $REX = $GLOBALS[REX];
    // generiere neuen dateinamen
    for ($cn = 0; $cn < strlen($FILENAME); $cn++) {
        $char = substr($FILENAME, $cn, 1);
        if (preg_match("([_A-Za-z0-9\\.-])", $char)) {
            $NFILENAME .= strtolower($char);
        } else {
            if ($char == " ") {
                $NFILENAME .= "_";
            }
        }
    }
    if (strrpos($NFILENAME, ".") != "") {
        $NFILE_NAME = substr($NFILENAME, 0, strlen($NFILENAME) - (strlen($NFILENAME) - strrpos($NFILENAME, ".")));
        $NFILE_EXT = substr($NFILENAME, strrpos($NFILENAME, "."), strlen($NFILENAME) - strrpos($NFILENAME, "."));
    } else {
        $NFILE_NAME = $NFILENAME;
        $NFILE_EXT = "";
    }
    if ($NFILE_EXT == ".php" || $NFILE_EXT == ".php3" || $NFILE_EXT == ".php4" || $NFILE_EXT == ".php5" || $NFILE_EXT == ".phtml" || $NFILE_EXT == ".pl" || $NFILE_EXT == ".asp" || $NFILE_EXT == ".aspx" || $NFILE_EXT == ".cfm") {
        $NFILE_EXT .= ".txt";
    }
    $NFILENAME = $NFILE_NAME . $NFILE_EXT;
    if (file_exists($REX[MEDIAFOLDER] . "/{$NFILENAME}")) {
        // datei schon vorhanden ? wenn ja dann _1
        for ($cf = 0; $cf < 1000; $cf++) {
            $NFILENAME = $NFILE_NAME . "_{$cf}" . "{$NFILE_EXT}";
            if (!file_exists($REX[MEDIAFOLDER] . "/{$NFILENAME}")) {
                break;
            }
        }
    }
    if (!move_uploaded_file($FILE[tmp_name], $REX[MEDIAFOLDER] . "/{$NFILENAME}")) {
        if (!copy($FILE[tmp_name], $REX[MEDIAFOLDER] . "/{$NFILENAME}")) {
            $message .= "move file {$FILENAME} failed | ";
            $ok = 0;
            $nocopy = true;
        }
    }
    if (!$nocopy) {
        if ($REX[MEDIAFOLDERPERM] == "") {
            $REX[MEDIAFOLDERPERM] = "0777";
        }
        chmod($REX[MEDIAFOLDER] . "/{$NFILENAME}", 0777);
        // get widht height
        $size = @getimagesize($REX[MEDIAFOLDER] . "/{$NFILENAME}");
        $FILESQL = new sql();
        //$FILESQL->debugsql=1;
        $FILESQL->setTable("rex_file");
        $FILESQL->setValue("filetype", $FILETYPE);
        $FILESQL->setValue("title", $FILEINFOS[title]);
        $FILESQL->setValue("description", $FILEINFOS[description]);
        $FILESQL->setValue("copyright", $FILEINFOS[copyright]);
        $FILESQL->setValue("filename", $NFILENAME);
        $FILESQL->setValue("originalname", $FILENAME);
        $FILESQL->setValue("filesize", $FILESIZE);
        $FILESQL->setValue("width", $size[0]);
        $FILESQL->setValue("height", $size[1]);
        $FILESQL->setValue("category_id", $rex_file_category);
        $FILESQL->setValue("stamp", time());
        $FILESQL->insert();
        $ok = 1;
    }
    $RETURN[msg] = $message;
    $RETURN[ok] = $ok;
    $RETURN[filename] = $NFILENAME;
    return $RETURN;
}
コード例 #17
0
ファイル: index.php プロジェクト: Alex4S/beta
<?php

/**
 * Created by PhpStorm.
 * User: Alex Sandiyarov
 * Date: 13.12.15
 * Time: 12:17
 */
$news = new News();
$a = $news->getAll();
var_dump($a);
//$news->add($data);
//$news->update($title2, $id);
$a = new sql();
$a->get('*', 'news', 'ORDER BY date DESC');
print_r($a->packToArray());
print_r($a->get('*', 'news', 'WHERE  id = 4'));
$a->insert('news', 'id, title', '"34543435434534353453455", "sadsadas"');
$a->update('news', 'title = "KUKU"', '4');
コード例 #18
0
             $sql->setValue("category", $diecats);
             $sql->setValue("description", $article[desc]);
             $sql->setValue("detaildesc", $VALUE[1]);
             $sql->setValue("price", $article[price]);
             $sql->setValue("old_price", $article[oldprice]);
             $sql->setValue("deliver_price", $article[deliverprice]);
             $sql->setValue("mwst", $article[tax]);
             $sql->setValue("picture", $picture);
             $sql->setValue("instock", $article[instock]);
             $sql->setValue("stockinfo", $article[stockinfo]);
             $sql->setValue("relation_1", $article[relation_1]);
             $sql->setValue("relation_2", $article[relation_2]);
             $sql->setValue("relation_3", $article[relation_3]);
             $sql->setValue("thumbnail", $thumbnail);
             $sql->setValue("status", $article[status]);
             $sql->insert();
         }
         $aid = $theid;
         if ($sql->error != "") {
             echo preg_replace("!##msg##!", $I18N_SIMPLE_SHOP->msg("error"), $message_corpus);
         } else {
             echo preg_replace("!##msg##!", $I18N_SIMPLE_SHOP->msg("product_added"), $message_corpus);
             if ($uebernehmen) {
                 $send = 0;
             } else {
                 $send = 1;
                 $function = "";
             }
         }
     }
 }
コード例 #19
0
 function saveMessage($subject, $message, $message_id, $anonymous_user = '')
 {
     global $FORM;
     if ($this->anonymous == true && $anonymous_user == '') {
         $this->errmsg = $this->text[300];
         if ($message_id > 0) {
             return $this->showMessage();
         } else {
             return $this->showAddTopic();
         }
     }
     if ($message_id > 0) {
         // reply
         $r_sql = new sql($this->DB);
         $r_sql->setQuery("select * from {$this->table} where message_id='{$message_id}' and board_id='" . $this->boardname . "' and status='1'");
         if (trim($message) == "" && $r_sql->getRows() == 1) {
             $this->errmsg = $this->text[200];
         } elseif ($r_sql->getRows() == 1) {
             // insert reply
             $r_sql = new sql($this->DB);
             $r_sql->setTable($this->table);
             $r_sql->setValue("user_id", $this->user_id);
             $r_sql->setValue("message", $message);
             $r_sql->setValue("re_message_id", $message_id);
             $r_sql->setValue("stamp", date("YmdHis"));
             $r_sql->setValue("board_id", $this->boardname);
             // vscope anonymous hack
             if ($anonymous_user != '') {
                 $r_sql->setValue("anonymous_user", $anonymous_user);
             }
             $r_sql->insert();
             // update message
             $u_sql = new sql($this->DB);
             $u_sql->setQuery("select * from {$this->table} where re_message_id='{$message_id}' and status='1'");
             $u_sql->setTable($this->table);
             $u_sql->where("message_id='{$message_id}'");
             $u_sql->setValue("last_entry", date("YmdHis"));
             $u_sql->setValue("replies", $u_sql->getRows());
             $u_sql->update();
             $this->errmsg = $this->text[210];
         } else {
             $this->errmsg = $this->text[220];
         }
         $return = $this->showMessage();
     } else {
         // new topic
         if ($subject != "") {
             $r_sql = new sql($this->DB);
             //$r_sql->debugsql = 1;
             $r_sql->setTable($this->table);
             $r_sql->setValue("user_id", $this->user_id);
             $r_sql->setValue("subject", $subject);
             $r_sql->setValue("message", $message);
             $r_sql->setValue("re_message_id", 0);
             $r_sql->setValue("stamp", date("YmdHis"));
             $r_sql->setValue("last_entry", date("YmdHis"));
             $r_sql->setValue("board_id", $this->boardname);
             $r_sql->setValue("replies", 0);
             // vscope anonymous hack
             if ($anonymous_user != '') {
                 $r_sql->setValue("anonymous_user", $anonymous_user);
             }
             $r_sql->insert();
             $this->errmsg = $this->text[230];
             $return = $this->showMessages();
         } else {
             $this->errmsg = $this->text[240];
             $return = $this->showAddTopic();
         }
     }
     return $return;
 }
コード例 #20
0
     $resultado = mysql_query($select, $conexao) or die(mysql_error());
     //if(mysql_num_rows($resultado)>=1){return true;}else{return false;}
     $cod_centro_custo = mysql_fetch_array($resultado);
     //if($cod_centro_custo==false){return 'false';}else{ return 'true';}
     $cod_centro_custo = $cod_centro_custo[0];
     return $cod_centro_custo;
 }
 if (isset($_POST) and isset($_POST['act']) and isset($_POST['mod']) and $_POST['act'] == 'editar' and $_POST['mod'] == 'cad_conta') {
     if (isset($_POST['cod_conta']) and $_POST['cod_conta'] == 0) {
         //novo
         $cod_conta_mae = id_conta($_POST['numero_conta_mae']);
         $cod_plano_conta = cod_plano_conta();
         $tabela = "cad_conta";
         $campos_insert = "`cod_conta_mae`,`numero_conta`,`cod_plano_conta`,`descricao`,`cod_tipo_conta`,`saldo_inicial`,`saldo_atual`,`status`";
         $values = "'" . $cod_conta_mae . "','" . $_POST['numero_conta'] . "','" . $cod_plano_conta . "','" . $_POST['descricao'] . "','" . $_POST['cod_tipo_conta'] . "','" . $_POST['saldo_inicial'] . "','" . $_POST['saldo_atual'] . "','" . $_POST['status'] . "'";
         $sql->insert($tabela, $campos_insert, $values, 'S');
     }
     if (isset($_POST['cod_conta']) and $_POST['cod_conta'] != "") {
         //atualizar
         $cod_conta_mae = id_conta($_POST['numero_conta_mae']);
         $cod_plano_conta = cod_plano_conta();
         $tabela = "cad_conta";
         $campos = "`cod_conta_mae`='" . $cod_conta_mae . "',`numero_conta`='" . $_POST['numero_conta'] . "',`cod_plano_conta`='" . $cod_plano_conta . "',`descricao`='" . $_POST['descricao'] . "',`cod_tipo_conta`='" . $_POST['cod_tipo_conta'] . "',`saldo_inicial`='" . $_POST['saldo_inicial'] . "',`saldo_atual`='" . $_POST['saldo_atual'] . "',`status`='" . $_POST['status'] . "'";
         $where = "`cod_conta`='" . $_POST['cod_conta'] . "'";
         $sql->update($tabela, $campos, $where, 'S');
     }
 }
 if (isset($_POST) and isset($_POST['act']) and isset($_POST['mod']) and $_POST['act'] == 'editar' and $_POST['mod'] == 'cad_centro_custo') {
     if (isset($_POST['cod_centro_custo']) and ($_POST['cod_centro_custo'] == "" or $_POST['cod_centro_custo'] == 0)) {
         //novo
         $cod_centro_custo_mae = id_centro_custo($_POST['numero_centro_custo_mae']);
コード例 #21
0
         $AART->setValue("name", $article_name);
         $AART->setValue("catname", $article_name);
         $AART->setValue("clang", $key);
         $AART->setValue("re_id", $category_id);
         $AART->setValue("prior", $Position_New_Article);
         $AART->setValue("path", $KATPATH);
         $AART->setValue("startpage", 0);
         $AART->setValue("status", 0);
         $AART->setValue("online_from", time());
         $AART->setValue("online_to", mktime(0, 0, 0, 1, 1, 2010));
         $AART->setValue("createdate", time());
         $AART->setValue("createuser", $REX_USER->getValue("login"));
         $AART->setValue("updatedate", time());
         $AART->setValue("updateuser", $REX_USER->getValue("login"));
         $AART->setValue("template_id", $template_id);
         $AART->insert();
         // ----- PRIOR
         rex_newArtPrio($category_id, $key, 0, $Position_New_Article);
     }
     rex_generateArticle($id);
     // ----- EXTENSION POINT
     $message = rex_register_extension_point('ART_ADDED', $message, array("id" => $id, "status" => 0, "name" => $article_name, "re_id" => $category_id, "prior" => $Position_New_Article, "path" => $KATPATH, "template_id" => $template_id));
 } else {
     if (isset($function) and $function == "edit_article" && $article_id != "" && $KATPERM) {
         // --------------------- ARTIKEL EDIT
         $Position_Article = (int) $Position_Article;
         if ($Position_Article == 0) {
             $Position_Article = 1;
         }
         $amessage = $I18N->msg("article_updated");
         $EA = new sql();
コード例 #22
0
             $message .= "<br><br>";
         } else {
             $delete->query("delete from rex_article_type where type_id='{$type_id}'");
             $delete->query("update rex_article set type_id='1' where type_id='{$type_id}'");
             $message = $I18N->msg("article_type_deleted");
         }
     } else {
         $message = $I18N->msg("article_type_could_not_be_deleted");
     }
 } elseif ($function == "add" && $save == 1) {
     $add = new sql();
     $add->setTable("rex_article_type");
     $add->setValue("name", $typname);
     $add->setValue("type_id", $type_id);
     $add->setValue("description", $description);
     $add->insert();
     $type_id = 0;
     $function = "";
     $message = $I18N->msg("article_type_added");
 }
 echo "\t<table class=rex style=table-layout:auto; cellpadding=5 cellspacing=1>\r\n\t\t<tr>\r\n\t\t\t<th class=icon><a href=index.php?page=specials&spage=type&function=add>+</a></th>\r\n\t\t\t<th class=icon>" . $I18N->msg("article_type_list_id") . "</th>\r\n\t\t\t<th width=250>" . $I18N->msg("article_type_list_name") . "</th>\r\n\t\t\t<th colspan=2>" . $I18N->msg("article_type_list_description") . "</th>\r\n\t\t</tr>\r\n\t\t";
 if ($message != "") {
     echo "<tr class=warning><td class=icon><img src=pics/warning.gif width=16 height=16></td><td colspan=5>{$message}</td></tr>";
 }
 $sql = new sql();
 $sql->setQuery("select * from rex_article_type order by type_id");
 if ($function == "add") {
     echo "\t<tr>\r\n\t\t\t<form action=index.php method=post>\r\n\t\t\t<input type=hidden name=page value=specials>\r\n\t\t\t<input type=hidden name=spage value=type>\r\n\t\t\t<input type=hidden name=save value=1>\r\n\t\t\t<td>&nbsp;</td>\r\n\t\t\t<td valign=top><input style='width:30px;' type=text size=5 maxlength=2 name=type_id value=\"" . htmlentities($type_id) . "\"></td>\r\n\t\t\t<td valign=top><input class=inp100 type=text size=20 name=typname value=\"" . htmlentities($typname) . "\"></td>\r\n\t\t\t<td><input style='width:100%' type=text size=20 name=description value=\"" . htmlentities($description) . "\"></td>\r\n\t\t\t<td valign=top><input type=submit name=function value=add></td>\r\n\t\t\t</form>\r\n\t\t\t</tr>";
 }
 for ($i = 0; $i < $sql->getRows(); $i++) {
     if ($type_id == $sql->getValue("type_id")) {
コード例 #23
0
 function saveMessage()
 {
     if ($this->anonymous == true && $this->msg["bb_msg_anouser"] == '') {
         $this->errmsg = $this->text[300];
         if ($this->msg["bb_msg_id"] > 0) {
             return $this->showMessage();
         } else {
             return $this->showAddTopic();
         }
     }
     if ($this->msg["bb_msg_id"] > 0) {
         // reply
         $r_sql = new sql();
         $r_sql->setQuery("select * from rex_5_board where message_id='" . $this->msg["bb_msg_id"] . "' and board_id='" . $this->boardname . "' and status='1'");
         if (trim($this->msg["bb_msg_message"]) == "" && $r_sql->getRows() == 1) {
             $this->errmsg = $this->text[200];
         } elseif ($r_sql->getRows() == 1) {
             // insert reply
             $r_sql = new sql();
             $r_sql->setTable("rex_5_board");
             if ($this->anonymous) {
                 $r_sql->setValue("user_id", $this->msg["bb_msg_anouser"]);
             } else {
                 $r_sql->setValue("user_id", $this->user_id);
             }
             $r_sql->setValue("message", $this->msg["bb_msg_message"]);
             $r_sql->setValue("re_message_id", $this->msg["bb_msg_id"]);
             $r_sql->setValue("stamp", time());
             $r_sql->setValue("board_id", $this->boardname);
             $r_sql->setValue("status", 1);
             $r_sql->insert();
             // update message
             $u_sql = new sql();
             $u_sql->setQuery("select * from rex_5_board where re_message_id='" . $this->msg["bb_msg_id"] . "' and status='1'");
             $u_sql->setTable("rex_5_board");
             $u_sql->where("message_id='" . $this->msg["bb_msg_id"] . "'");
             $u_sql->setValue("last_entry", time());
             $u_sql->setValue("replies", $u_sql->getRows());
             $u_sql->update();
             $this->errmsg = $this->text[210];
             $this->msg["bb_msg_message"] = "";
             $this->msg["bb_msg_subject"] = "";
         } else {
             $this->errmsg = $this->text[220];
         }
         $return = $this->showMessage();
     } else {
         // new topic
         if ($this->msg["bb_msg_subject"] != "") {
             $r_sql = new sql();
             //$r_sql->debugsql = 1;
             $r_sql->setTable("rex_5_board");
             if ($this->anonymous) {
                 $r_sql->setValue("user_id", $this->msg["bb_msg_anouser"]);
             } else {
                 $r_sql->setValue("user_id", $this->user_id);
             }
             $r_sql->setValue("subject", $this->msg["bb_msg_subject"]);
             $r_sql->setValue("message", $this->msg["bb_msg_message"]);
             $r_sql->setValue("re_message_id", 0);
             $r_sql->setValue("stamp", time());
             $r_sql->setValue("last_entry", time());
             $r_sql->setValue("board_id", $this->boardname);
             $r_sql->setValue("replies", 0);
             $r_sql->setValue("status", 1);
             $r_sql->insert();
             $this->errmsg = $this->text[230];
             $return = $this->showMessages();
             $this->msg["bb_msg_message"] = "";
             $this->msg["bb_msg_subject"] = "";
         } else {
             $this->errmsg = $this->text[240];
             $return = $this->showAddTopic();
         }
     }
     return $return;
 }
コード例 #24
0
ファイル: php.php プロジェクト: sergioflorencio/toucan
 function upload($id)
 {
     //move arquivo
     $arquivo = $_FILES['my_uploaded_file'];
     //Salvando o Arquivo
     $nome_arquivo = md5(mt_rand(1, 10000) . $arquivo['name']) . '.jpg';
     $caminho_arquivo = "fotos/";
     if (!file_exists($caminho_arquivo)) {
         mkdir($caminho_arquivo, 0755);
     }
     $caminho = $caminho_arquivo . $nome_arquivo;
     move_uploaded_file($arquivo['tmp_name'], "../" . $caminho);
     $table = "cad_imagens";
     $campos = "`cod_item`, `endereco_imagem`";
     $values = "'" . $id . "','" . $caminho . "'";
     $msg = "N";
     $sql = new sql();
     $sql->insert($table, $campos, $values, $msg);
 }
コード例 #25
0
 function showForm()
 {
     global $FORM, $REX;
     // --------------------------------- EDIT: 1. WERTE AUS DB HOLEN
     for ($i = 0; $i < $this->counter; $i++) {
         if ($this->value_type[$i] != "multipleselectsql") {
             if ($FORM[$this->rfid][submit] != 1 && $this->form_type == "edit") {
                 $FORM[$this->rfid][values][$i] = htmlentities($this->sql->getValue($this->value_tbl[$i]));
             } else {
                 $FORMVAL[$this->rfid][values][$i] = htmlentities($this->sql->getValue($this->value_tbl[$i]));
             }
         } else {
             $selsql = new sql();
             $selsql->setQuery("select * from " . $this->type_value5[$i] . " where " . $this->type_value6[$i]);
             for ($j = 0; $j < $selsql->getRows(); $j++) {
                 if ($FORM[$this->rfid][submit] != 1 && $this->form_type == "edit") {
                     $FORM[$this->rfid][values][$i][] = $selsql->getValue($this->type_value7[$i]);
                 } else {
                     $FORMVAL[$this->rfid][values][$i][] = $selsql->getValue($this->type_value7[$i]);
                 }
                 $selsql->next();
             }
         }
     }
     // --------------------------------- ABGESCHICKTE EINGABEN CHECKEN
     if ($FORM[$this->rfid][submit] == 1) {
         // ----------------------------- eingaben überprüfen
         $this->form_show = false;
         for ($i = 0; $i < $this->counter; $i++) {
             if ($this->value_check[$i] != "") {
                 if ($FORM[$this->rfid][values][$i] == "") {
                     $errmsg .= "Bitte tragen Sie '" . $this->value_form[$i] . "' ein! <br>";
                     $this->form_show = true;
                 }
             }
         }
     }
     // --------------------------------- EDIT: SPEICHERN FALLS MÖGLICH
     if ($FORM[$this->rfid][submit] == 1 && $this->form_type == "edit") {
         if ($errmsg == "") {
             $aa = new sql();
             $aa->debugsql = 0;
             $aa->setTable($this->tbl_name);
             $aa->where($this->form_where);
             for ($i = 0; $i < $this->counter; $i++) {
                 if ($this->value_type[$i] == "picjpg") {
                     $folder = $this->type_value1[$i];
                     $foldertmp = $REX[INCLUDE_PATH] . "/../../ss_pics/";
                     $fname = $_FILES[FORM][name][$this->rfid][values][$i];
                     if ($fname != "") {
                         // neues file
                         $nfname = $this->checkFilename($fname, $folder);
                         if ($nfname[ext] == ".jpg") {
                             $ftmpname = $_FILES[FORM][tmp_name][$this->rfid][values][$i];
                             move_uploaded_file($ftmpname, $foldertmp . $nfname[nname]);
                             $this->resizeJPGImage($foldertmp . $nfname[nname], $folder . $nfname[nname], $this->type_value3[$i], $this->type_value4[$i]);
                             $FORM[$this->rfid][values][$i] = $nfname[nname];
                             $aa->setValue($this->value_tbl[$i], $FORM[$this->rfid][values][$i]);
                         }
                     } elseif ($FORM[$this->rfid][values][$i][delete] != "") {
                         $FORM[$this->rfid][values][$i] = "";
                         $aa->setValue($this->value_tbl[$i], $FORM[$this->rfid][values][$i]);
                     } else {
                         $FORM[$this->rfid][values][$i] = $FORMVAL[$this->rfid][values][$i];
                     }
                 } elseif ($this->value_type[$i] == "file") {
                     $folder = $REX[INCLUDE_PATH] . "/../../ss_pics/";
                     $fname = $_FILES[FORM][name][$this->rfid][values][$i];
                     if ($fname != "") {
                         $nfname = $this->checkFilename($fname, $folder);
                         $ftmpname = $_FILES[FORM][tmp_name][$this->rfid][values][$i];
                         move_uploaded_file($ftmpname, $folder . $nfname[nname]);
                         $FORM[$this->rfid][values][$i] = $nfname[nname];
                         $aa->setValue($this->value_tbl[$i], $FORM[$this->rfid][values][$i]);
                     } elseif ($FORM[$this->rfid][values][$i][delete] != "") {
                         $FORM[$this->rfid][values][$i] = "";
                         $aa->setValue($this->value_tbl[$i], $FORM[$this->rfid][values][$i]);
                     } else {
                         $FORM[$this->rfid][values][$i] = $FORMVAL[$this->rfid][values][$i];
                     }
                 } elseif ($this->value_type[$i] == "multipleselectsql") {
                     // multipleselect
                     $ms = new sql();
                     $ms->query("delete from " . $this->type_value5[$i] . " where " . $this->type_value6[$i]);
                     if (is_Array($FORM[$this->rfid][values][$i])) {
                         reset($FORM[$this->rfid][values][$i]);
                         for ($j = 0; $j < count($FORM[$this->rfid][values][$i]); $j++) {
                             $val = current($FORM[$this->rfid][values][$i]);
                             $sql = "insert into " . $this->type_value5[$i] . " set " . $this->type_value6[$i] . ", " . $this->type_value7[$i] . "={$val}";
                             $ms->query($sql);
                             next($FORM[$this->rfid][values][$i]);
                         }
                     }
                 } elseif ($this->value_type[$i] == "subline" || $this->value_type[$i] == "empty") {
                 } elseif ($this->value_type[$i] == "datum") {
                     $tag = substr($FORM[$this->rfid][values][$i], 0, 2);
                     $monat = substr($FORM[$this->rfid][values][$i], 3, 2);
                     $jahr = substr($FORM[$this->rfid][values][$i], 6, 4);
                     $aa->setValue($this->value_tbl[$i], mktime(0, 0, 0, $monat, $tag, $jahr));
                 } else {
                     $aa->setValue($this->value_tbl[$i], $FORM[$this->rfid][values][$i]);
                 }
             }
             $aa->update();
             $msg = "Daten wurden gespeichert";
         } else {
             for ($i = 0; $i < $this->counter; $i++) {
                 if ($this->value_type[$i] != "multipleselectsql") {
                     $FORM[$this->rfid][values][$i] = htmlentities(stripslashes($FORM[$this->rfid][values][$i]));
                 }
             }
         }
         for ($i = 0; $i < $this->counter; $i++) {
             if ($this->value_type[$i] != "multipleselectsql") {
                 $FORM[$this->rfid][values][$i] = htmlentities(stripslashes($FORM[$this->rfid][values][$i]));
             } else {
                 // multipleselect
                 if (is_Array($FORM[$this->rfid][values][$i])) {
                     reset($FORM[$this->rfid][values][$i]);
                     for ($j = 0; $j < count($FORM[$this->rfid][values][$i]); $j++) {
                         $val = $FORM[$this->rfid][values][$i][j];
                     }
                 }
             }
         }
     }
     // --------------------------------- ADD: SPEICHERN FALLS MÖGLICH
     if ($FORM[$this->rfid][submit] == 1 && $this->form_type == "add") {
         if ($errmsg == "") {
             $aa = new sql();
             $aa->debugsql = 0;
             $aa->setTable($this->tbl_name);
             for ($i = 0; $i < $this->counter; $i++) {
                 if ($this->value_type[$i] == "datum") {
                     $tag = substr($FORM[$this->rfid][values][$i], 0, 2);
                     $monat = substr($FORM[$this->rfid][values][$i], 3, 2);
                     $jahr = substr($FORM[$this->rfid][values][$i], 6, 4);
                     $aa->setValue($this->value_tbl[$i], mktime(0, 0, 0, $monat, $tag, $jahr));
                 } elseif ($this->value_type[$i] != "multipleselectsql" && $this->value_type[$i] != "subline" && $this->value_type[$i] != "empty") {
                     $aa->setValue($this->value_tbl[$i], $FORM[$this->rfid][values][$i]);
                 }
             }
             $aa->insert();
             $msg = "Daten wurden gespeichert";
             for ($i = 0; $i < $this->counter; $i++) {
                 $FORM[$this->rfid][values][$i] = htmlentities(stripslashes($FORM[$this->rfid][values][$i]));
             }
         } else {
             for ($i = 0; $i < $this->counter; $i++) {
                 $FORM[$this->rfid][values][$i] = htmlentities(stripslashes($FORM[$this->rfid][values][$i]));
             }
         }
     }
     // --------------------------------- FORMULAR
     if ($this->form_show || $this->ShowFormAlways) {
         $ausgabe = "<table width=" . $this->width . " cellpadding=6 cellspacing=1 border=0 >";
         $ausgabe .= "<form ENCTYPE='multipart/form-data' action='" . $this->url . "' method='" . $this->method . "' name='" . $this->formname . "'>" . $this->form_header;
         $ausgabe .= "<input type=hidden name=FORM[{$this->rfid}][submit] value=1>";
         // ---------------------- FORM REIHEN
         $colcounter = $this->cols[0];
         for ($i = 0; $i < $this->counter; $i++) {
             if ($this->cols[$i] != "") {
                 $colcounter = $this->cols[$i];
             } else {
                 $this->cols[$i] = $colcounter;
             }
             if ($maxcount < $this->cols[$i]) {
                 $maxcount = $this->cols[$i];
             }
         }
         $colcounter = 0;
         if ($errmsg != "") {
             $ausgabe .= "<tr><td colspan=" . ($maxcount + 2) . " class=warning>{$errmsg}<br>Daten wurden noch nicht gespeichert</td></tr>";
         }
         if ($msg != "") {
             $ausgabe .= "<tr><td colspan=" . ($maxcount + 2) . " class=warning>{$msg}</td></tr>";
         }
         for ($i = 0; $i < $this->counter; $i++) {
             $name = "FORM[{$this->rfid}][values][{$i}]";
             $value = $FORM[$this->rfid][values][$i];
             // echo "<br>$i $maxcounter ".$this->cols[$i]." ".$this->cols[$i-1]." ".$this->value_form[$i];
             $colcounter++;
             if ($this->cols[$i - 1] != $this->cols[$i]) {
                 if ($i != 0) {
                     $ausgabe .= "</tr>\n\n";
                 }
                 $ausgabe .= "\n\n<tr>";
                 $colcounter = 0;
             } else {
                 // anfang
                 // ende
                 if ($colcounter == $this->cols[$i]) {
                     $ausgabe .= "</tr>\n\n";
                     $ausgabe .= "\n\n<tr>";
                     $colcounter = 0;
                 }
             }
             $addcolspawn = 0;
             if ($this->cols[$i] < $maxcount) {
                 $addcolspawn = 2;
             }
             switch ($this->value_type[$i]) {
                 // ---------------------- MULTIPLE SQL SELECT AUSGABE
                 case "multipleselectsql":
                     if ($this->form_type == "add") {
                         $ausgabe .= "<td colspan=2>Multiple Felder nur bei edit möglich\t</td>";
                     } else {
                         $ausgabe .= "\n\n";
                         $ausgabe .= "<td valign=middle class=grey width=" . $this->labelwidth . " >" . $this->value_form[$i] . "</td>";
                         $ssql = new sql();
                         $ssql->setQuery($this->type_value1[$i]);
                         $ssel = new rexselect();
                         $ssel->setName($name . "[]");
                         $ssel->setMultiple(1);
                         $ssel->setSize($this->type_value4[$i]);
                         $ssel->setStyle("width:100%;");
                         for ($j = 0; $j < $ssql->getRows(); $j++) {
                             $ssel->addOption($ssql->getValue($this->type_value3[$i]), $ssql->getValue($this->type_value2[$i]));
                             $ssql->next();
                         }
                         // $selsql = new sql;
                         // $selsql->setQuery("select * from ".$this->type_value5[$i]." where ".$this->type_value6[$i]);
                         if (is_Array($FORM[$this->rfid][values][$i])) {
                             reset($FORM[$this->rfid][values][$i]);
                             for ($j = 0; $j < count($FORM[$this->rfid][values][$i]); $j++) {
                                 $ssel->setSelected(current($FORM[$this->rfid][values][$i]));
                                 next($FORM[$this->rfid][values][$i]);
                             }
                         }
                         $ausgabe .= "<td class=grey colspan=" . (1 + $addcolspawn) . ">" . $ssel->out() . "</td>";
                         $ausgabe .= "";
                     }
                     break;
                     // ---------------------- SINGLE SQL SELECT AUSGABE
                 // ---------------------- SINGLE SQL SELECT AUSGABE
                 case "singleselectsql":
                     $ausgabe .= "\n\n";
                     $ausgabe .= "<td valign=middle class=grey width=" . $this->labelwidth . " >" . $this->value_form[$i] . "</td>";
                     $ssql = new sql();
                     $ssql->setQuery($this->type_value1[$i]);
                     $ssel = new rexselect();
                     $ssel->setName($name);
                     $ssel->setStyle("width:100%;");
                     if ($this->value_check[$i] != 1) {
                         $ssel->addOption("----------------- keine Angabe -----------------", "0");
                     }
                     for ($j = 0; $j < $ssql->getRows(); $j++) {
                         $ssel->addOption($ssql->getValue($this->type_value3[$i]), $ssql->getValue($this->type_value2[$i]));
                         $ssql->next();
                     }
                     $ssel->setSelected($value);
                     $ausgabe .= "<td class=grey colspan=" . (1 + $addcolspawn) . ">" . $ssel->out() . "</td>";
                     $ausgabe .= "";
                     break;
                     // ---------------------- SINGLE SELECT AUSGABE
                 // ---------------------- SINGLE SELECT AUSGABE
                 case "singleselect":
                     $ausgabe .= "\n\n";
                     $ausgabe .= "<td valign=middle class=grey width=" . $this->labelwidth . " >" . $this->value_form[$i] . "</td>";
                     $stype = explode("|", $this->type_value1[$i]);
                     $ssel = new rexselect();
                     $ssel->setName($name);
                     $ssel->setStyle("width:100%;");
                     for ($j = 0; $j < count($stype); $j++) {
                         $svalue = $stype[$j];
                         $j++;
                         $sname = $stype[$j];
                         $ssel->addOption($sname, $svalue);
                     }
                     $ssel->setSelected($value);
                     $ausgabe .= "<td class=grey colspan=" . (1 + $addcolspawn) . ">" . $ssel->out() . "</td>";
                     $ausgabe .= "";
                     break;
                     // ---------------------- Checkbox
                 // ---------------------- Checkbox
                 case "checkbox":
                     $ausgabe .= "\n\n";
                     $ausgabe .= "<td valign=middle class=grey width=" . $this->labelwidth . " >" . $this->value_form[$i] . "</td>";
                     $ausgabe .= "<td class=grey colspan=" . (1 + $addcolspawn) . "><input type=checkbox name={$name} value=1 ";
                     if ($value == 1 || $value == "on") {
                         $ausgabe .= "checked";
                     }
                     $ausgabe .= "></td>";
                     $ausgabe .= "";
                     break;
                     // ---------------------- PIC/JPG
                 // ---------------------- PIC/JPG
                 case "picjpg":
                     if ($value != "") {
                         $ausgabe .= "\n\n";
                         $ausgabe .= "<td valign=middle class=grey width=" . $this->labelwidth . " >" . $this->value_form[$i] . "</td>";
                         $ausgabe .= "<td class=grey colspan=" . (1 + $addcolspawn) . "><table cellpadding=2 cellspacing=0><tr><td><input name={$name} type=file size=10></td><td rowspan=2>&nbsp;&nbsp;&nbsp;</td><td rowspan=2><img src=" . $this->type_value2[$i] . "{$value} width=" . $this->type_value3[$i] . " height=" . $this->type_value4[$i] . "></td></tr>";
                         $ausgabe .= "<tr><td valign=middle align=left class=grey><input type=checkbox name=FORM[{$this->rfid}][values][{$i}][delete]>&nbsp;&nbsp;Datei löschen </td></tr></table>";
                         $ausgabe .= "</td>";
                     } else {
                         $ausgabe .= "\n\n";
                         $ausgabe .= "<td valign=middle class=grey width=" . $this->labelwidth . " >" . $this->value_form[$i] . "</td>";
                         $ausgabe .= "<td class=grey colspan=" . (1 + $addcolspawn) . "><input name={$name} type=file size=10></td>";
                         $ausgabe .= "";
                     }
                     break;
                     // ---------------------- FILE
                 // ---------------------- FILE
                 case "file":
                     $myout = "";
                     if ($value != "") {
                         $myout = "\n\n<table><tr>";
                         $myout .= "<td valign=middle align=right class=grey><input type=checkbox name=FORM[{$this->rfid}][values][{$i}][delete]></td>";
                         $myout .= "<td class=grey>Datei löschen <a href=" . $this->type_value2[$i] . "{$value} target=_blank>{$value}</a></td>";
                         $myout .= "</tr></table>";
                     }
                     $ausgabe .= "\n\n";
                     $ausgabe .= "<td valign=middle class=grey width=" . $this->labelwidth . " >" . $this->value_form[$i] . "<br>{$myout}</td>";
                     $ausgabe .= "<td class=grey><input name={$name} type=file size=10></td>";
                     $ausgabe .= "";
                     break;
                     // ---------------------- HTMLAREA
                 // ---------------------- HTMLAREA
                 case "htmlarea":
                     if ($this->type_value1[$i] == "") {
                         $this->type_value1[$i] = "width:100%; height:100px;";
                     }
                     $ausgabe .= "\n\n";
                     $ausgabe .= "<td valign=top class=grey width=" . $this->labelwidth . " >" . $this->value_form[$i] . "</td>";
                     $ausgabe .= "<td class=grey colspan=" . (1 + $addcolspawn) . ">" . REXHTMLAREA($name, $value) . "</td>";
                     $ausgabe .= "";
                     break;
                     // ---------------------- TEXTAREA
                 // ---------------------- TEXTAREA
                 case "textarea":
                     if ($this->type_value1[$i] == "") {
                         $this->type_value1[$i] = "width:100%; height:100px;";
                     }
                     $ausgabe .= "\n\n";
                     $ausgabe .= "<td valign=top class=grey width=" . $this->labelwidth . " >" . $this->value_form[$i] . "</td>";
                     $ausgabe .= "<td class=grey colspan=" . (1 + $addcolspawn) . "><textarea name={$name} cols=30 rows=5 style='" . $this->type_value1[$i] . "'>{$value}</textarea></td>";
                     $ausgabe .= "";
                     break;
                     // ---------------------- HIDDEN
                 // ---------------------- HIDDEN
                 case "hidden":
                     $ausgabe .= "<input type=hidden name={$name} value=\"" . $this->type_value1[$i] . "\">";
                     break;
                     // ---------------------- TEXT
                 // ---------------------- TEXT
                 case "text":
                     if ($this->type_value1[$i] == "") {
                         $this->type_value1[$i] = "width:100%;";
                     }
                     if ($this->type_value2[$i] != "") {
                         $this->type_value2[$i] = "maxlength=" . $this->type_value2[$i];
                     }
                     $ausgabe .= "\n\n";
                     $ausgabe .= "<td valign=middle class=grey width=" . $this->labelwidth . " >" . $this->value_form[$i] . "</td>";
                     $ausgabe .= "<td class=grey colspan=" . (1 + $addcolspawn) . "><input type=text name={$name} value=\"{$value}\" " . $this->type_value2[$i] . " size=20 style='" . $this->type_value1[$i] . "'></td>";
                     $ausgabe .= "";
                     break;
                     // ---------------------- DATUM
                 // ---------------------- DATUM
                 case "datum":
                     if ($this->type_value1[$i] == "") {
                         $this->type_value1[$i] = "width:100%;";
                     }
                     if ($this->type_value2[$i] != "") {
                         $this->type_value2[$i] = "maxlength=" . $this->type_value2[$i];
                     }
                     if (!preg_match("![0-9]{2}\\.[0-9]{2}\\.[0-9]{4}!", $value)) {
                         $value = date("d.m.Y", $value);
                     }
                     $ausgabe .= "\n\n";
                     $ausgabe .= "<td valign=middle class=grey width=" . $this->labelwidth . " >" . $this->value_form[$i] . "</td>";
                     $ausgabe .= "<td class=grey colspan=" . (1 + $addcolspawn) . "><input type=text name={$name} value=\"{$value}\" " . $this->type_value2[$i] . " size=20 style='" . $this->type_value1[$i] . "'></td>";
                     $ausgabe .= "";
                     break;
                     // ---------------------- Überschrift
                 // ---------------------- Überschrift
                 case "subline":
                     $ausgabe .= "\n\n";
                     $ausgabe .= "<th valign=middle align=" . $this->value_tbl[$i] . " colspan=" . (2 + $addcolspawn) . ">" . $this->value_form[$i] . "</th>\n";
                     $ausgabe .= "\n";
                     break;
                     // ---------------------- Überschrift
                 // ---------------------- Überschrift
                 case "empty":
                     $ausgabe .= "\n\n";
                     $ausgabe .= "<td valign=middle class=grey colspan=" . (2 + $addcolspawn) . ">&nbsp;</td>\n";
                     $ausgabe .= "\n";
                     break;
                     // ---------------------- STANDARD AUSGABE - TEXT
                 // ---------------------- STANDARD AUSGABE - TEXT
                 default:
                     $ausgabe .= "\n\n";
                     $ausgabe .= "<td valign=middle class=grey width=" . $this->labelwidth . " >" . $this->value_form[$i] . "</td>";
                     $ausgabe .= "<td class=grey colspan=" . (1 + $addcolspawn) . "><input type=text name={$name} value=\"{$value}\" size=20 style='width:100%'></td>";
                     $ausgabe .= "";
             }
         }
         $ausgabe .= "</tr>";
         // ---------------------- SUBMIT
         $ausgabe .= "<tr>\n\n";
         $ausgabe .= "<td class=dgrey  width=" . $this->labelwidth . " >&nbsp;</td>\n\n";
         $ausgabe .= "<td align=left class=dgrey colspan=" . ($maxcount + 1) . "><input type=submit value='" . $this->submit_value . "'></td>\n\n";
         $ausgabe .= "</tr>\n\n";
         $ausgabe .= "</form></table>\n\n";
         return $ausgabe;
     } else {
         if ($msg != "") {
             $ausgabe = "<table width=" . $this->width . " cellpadding=6 cellspacing=1 border=0 bgcolor=#ffffff>";
             $ausgabe .= "<tr><td class=warning>{$msg}</td></tr>";
             $ausgabe .= "</table>";
             return $ausgabe;
         }
     }
 }
コード例 #26
0
ファイル: news.php プロジェクト: Alex4S/beta
 public function add($data)
 {
     $sql = new sql();
     $sql->insert('news', 'title, date, image, desc_min, `desc`', '"' . $data['title'] . '", "' . $data['date'] . '", "' . $data['image'] . '", "' . $data['desc_min'] . '", "' . $data['desc'] . '"');
 }
コード例 #27
0
function saveMedia($FILE, $rex_file_category, $FILEINFOS)
{
    global $REX, $REX_USER;
    $FILENAME = $FILE['name'];
    $FILESIZE = $FILE['size'];
    $FILETYPE = $FILE['type'];
    $NFILENAME = "";
    $message = '';
    // ----- neuer filename und extension holen
    $NFILENAME = strtolower(preg_replace("/[^a-zA-Z0-9.\\-\$\\+]/", "_", $FILENAME));
    if (strrpos($NFILENAME, ".") != "") {
        $NFILE_NAME = substr($NFILENAME, 0, strlen($NFILENAME) - (strlen($NFILENAME) - strrpos($NFILENAME, ".")));
        $NFILE_EXT = substr($NFILENAME, strrpos($NFILENAME, "."), strlen($NFILENAME) - strrpos($NFILENAME, "."));
    } else {
        $NFILE_NAME = $NFILENAME;
        $NFILE_EXT = "";
    }
    // ---- ext checken
    $ERROR_EXT = array(".php", ".php3", ".php4", ".php5", ".phtml", ".pl", ".asp", ".aspx", ".cfm");
    if (in_array($NFILE_EXT, $ERROR_EXT)) {
        $NFILE_NAME .= $NFILE_EXT;
        $NFILE_EXT = ".txt";
    }
    $NFILENAME = $NFILE_NAME . $NFILE_EXT;
    // ----- datei schon vorhanden -> namen aendern -> _1 ..
    if (file_exists($REX['MEDIAFOLDER'] . "/{$NFILENAME}")) {
        for ($cf = 1; $cf < 1000; $cf++) {
            $NFILENAME = $NFILE_NAME . "_{$cf}" . "{$NFILE_EXT}";
            if (!file_exists($REX['MEDIAFOLDER'] . "/{$NFILENAME}")) {
                break;
            }
        }
    }
    // ----- dateiupload
    $upload = true;
    if (!@move_uploaded_file($FILE['tmp_name'], $REX['MEDIAFOLDER'] . "/{$NFILENAME}")) {
        if (!@copy($FILE['tmp_name'], $REX['MEDIAFOLDER'] . "/{$NFILENAME}")) {
            $message .= "move file {$FILENAME} failed | ";
            $ok = 0;
            $upload = false;
        }
    }
    if ($upload) {
        chmod($REX['MEDIAFOLDER'] . "/{$NFILENAME}", $REX['FILEPERM']);
        // get widht height
        $size = @getimagesize($REX['MEDIAFOLDER'] . "/{$NFILENAME}");
        $FILESQL = new sql();
        // $FILESQL->debugsql=1;
        $FILESQL->setTable($REX['TABLE_PREFIX'] . "file");
        $FILESQL->setValue("filetype", $FILETYPE);
        $FILESQL->setValue("title", $FILEINFOS['title']);
        $FILESQL->setValue("description", $FILEINFOS['description']);
        $FILESQL->setValue("copyright", $FILEINFOS['copyright']);
        $FILESQL->setValue("filename", $NFILENAME);
        $FILESQL->setValue("originalname", $FILENAME);
        $FILESQL->setValue("filesize", $FILESIZE);
        $FILESQL->setValue("width", $size[0]);
        $FILESQL->setValue("height", $size[1]);
        $FILESQL->setValue("category_id", $rex_file_category);
        $FILESQL->setValue("createdate", time());
        $FILESQL->setValue("createuser", $REX_USER->getValue("login"));
        $FILESQL->setValue("updatedate", time());
        $FILESQL->setValue("updateuser", $REX_USER->getValue("login"));
        $FILESQL->insert();
        $ok = 1;
    }
    $RETURN['title'] = $FILEINFOS['title'];
    $RETURN['width'] = $size[0];
    $RETURN['height'] = $size[1];
    $RETURN['type'] = $FILETYPE;
    $RETURN['msg'] = $message;
    $RETURN['ok'] = $ok;
    $RETURN['filename'] = $NFILENAME;
    return $RETURN;
}
コード例 #28
0
            $del->query("DELETE FROM rex_template WHERE id = '{$template_id}' LIMIT 1");
            // max. ein Datensatz darf loeschbar sein
            $message = $I18N->msg("template_deleted");
            rex_deleteDir($REX['INCLUDE_PATH'] . "/generated/templates/" . $template_id . ".template", 0);
        }
    }
}
if (isset($function) and ($function == "add" or $function == "edit")) {
    if (isset($save) and $save == "ja") {
        if ($function == "add") {
            $ITPL = new sql();
            $ITPL->setTable("rex_template");
            $ITPL->setValue("name", $templatename);
            $ITPL->setValue("active", $active);
            $ITPL->setValue("content", $content);
            $ITPL->insert();
            $template_id = $ITPL->last_insert_id;
            $message = $I18N->msg("template_added");
        } else {
            if (!isset($active)) {
                $active = 0;
            }
            $TMPL = new sql();
            $TMPL->setTable("rex_template");
            $TMPL->where("id='{$template_id}'");
            $TMPL->setValue("name", $templatename);
            $TMPL->setValue("content", $content);
            $TMPL->setValue("active", $active);
            $TMPL->update();
            $message = $I18N->msg("template_added");
        }
コード例 #29
0
<?php 
session_start();
if (isset($_SESSION['loged']) and $_SESSION['loged'] == true) {
    include "php.php";
    include "sql.php";
    //		var_dump($_POST);
    if (isset($_POST)) {
        if ($_POST['act'] == "salvar_usuario") {
            $sql = new sql();
            $table = "cad_usuario";
            if ($_POST['cod_usuario'] == "") {
                $campos = "`email`,`nome`, `status`, `usuario`";
                $values = "'" . $_POST['email'] . "','" . $_POST['nome'] . "','" . $_POST['status'] . "','" . $_POST['usuario'] . "'";
                $msg = "S";
                $sql->insert($table, $campos, $values, $msg);
            } else {
                $campos = "`email`='" . $_POST['email'] . "',`nome`='" . $_POST['nome'] . "', `status`='" . $_POST['status'] . "', `usuario`='" . $_POST['usuario'] . "' ";
                $where = "cod_usuario='" . $_POST['cod_usuario'] . "'";
                $msg = "S";
                $sql->update($table, $campos, $where, $msg);
            }
        }
        if ($_POST['act'] == "enviar_senha") {
            include "config.php";
            $senha = substr(md5(mt_rand(1, 10000) . date("Y-m-d H:i:s")), 0, 6);
            $sql = new sql();
            $table = "cad_usuario";
            $campos = "senha='" . $senha . "'";
            $where = "cod_usuario='" . $_POST['cod_usuario'] . "'";
            $sql->update($table, $campos, $where, 'N');
            $select = "\n\t\t\t\t\tselect \n\t\t\t\t\t\t*\n\t\t\t\t\tfrom \n\t\t\t\t\t\t" . $schema . ".cad_usuario \n\t\t\t\t\t\t\n\t\t\t\t\twhere  \n\t\t\t\t\t\t`cad_usuario`.`cod_usuario` = " . $_POST['cod_usuario'] . ";";
コード例 #30
0
<?php 
session_start();
include "php.php";
if (isset($_SESSION['loged']) and $_SESSION['loged'] == true) {
    var_dump($_POST);
    $sql = new sql();
    //excluir
    $table = 'cad_projeto_centro_custo';
    $where = "cod_projeto=" . $_POST['cod_projeto'] . " and cod_centro_custo=" . $_POST['cod_centro_custo'] . " ";
    $sql->delete($table, $where, 'N');
    //incluir
    $table = 'cad_projeto_centro_custo';
    $campos = "cod_projeto,";
    $campos .= "cod_centro_custo,";
    $campos .= "`check`";
    $values = "'" . $_POST['cod_projeto'] . "', ";
    $values .= "'" . $_POST['cod_centro_custo'] . "', ";
    $values .= "'" . $_POST['status'] . "'";
    $sql->insert($table, $campos, $values, 'N');
}