function content()
{
$db = new sql();
$db->connect();
if (time() < 1098388800) {
$res = $db->query("select projects.id, name, company, category, sum(IF(grade is null,0, grade))/count(IF(grade is null,0, grade)) as gsum, count(grade) as gcount FROM projects left join votes on projects.id=votes.id group by projects.id, name, company, category order by gsum desc");
} else {
$res = $db->query("select projects.id, name, company, category, sum(IF(grade is null,0, grade))/count(IF(grade is null,0, grade)) as gsum, count(grade) as gcount FROM projects left join votes on projects.id=votes.id where grade>0 group by projects.id, name, company, category order by gsum desc");
}
$cats = array(1 => "A", "C", "Y");
$tr = "";
while ($data = $db->fetch_array($res)) {
$res1 = $db->query("select * from categories where category_id={$data['category']}");
$data1 = $db->fetch_array($res1);
$url = "/projects/" . $cats[$data1["category_id"]] . "/";
eval('$tr.="' . page::template("modules/resultTR") . '";');
}
if (!$tr) {
$tr = "<p style=\"font-size: 0.85em;\">В настоящее время в данной номинации заявок не подано.</p><p style=\"font-size: 0.85em;\"><a href=\"/request/\">Заявки</a> принимаются до 15 октября 2004 года</p>";
}
$resultTr .= $tr;
if ($resultTr) {
eval('$projectsMain.="' . page::template("modules/resultMain") . '";');
}
$resultTr = "";
if (time() < 1098388800) {
$text = "<p>Здесь размещены текущие результаты голосования, обновляющиеся в режиме реального времени.</p><p>Для того, чтобы проголосовать за проект надо перейти на его страницу.</p><p>Вы можете поставить свою оценку каждому из 22 представленных проектов, но можете сделать это только 1 раз за весь период голосования.</p><p>Голосование открыто до 0:00 22 октября 2004 года.</p>";
} else {
$text = "<h3>Голование закрыто в 0:00 22 октября 2004 года.</h3><p><i>При анализе хода голосования за проекты в интернете, Оргкомитет конкурса М2. Новый Дом 2004. обнаружил многочисленные случаи злоупотребления при выставлении оценки 0 баллов. В целях повышения релевантности итогов голосования, Оргкомитет принял решение не учитывать оценки 0 баллов, выставленные за весь период голосования в интернете.</i></p>";
}
$this->elements["content"] = $text . $projectsMain;
}
function regKunde()
{
$fornavn = $this->fornavn;
$etternavn = $this->etternavn;
$adresse = $this->adresse;
$postnr = $this->postnr;
$telefonnr = $this->telefonnr;
$epost = $this->epost;
$db = new sql();
$resultat = $db->query("INSERT INTO webprosjekt_kunde (Fornavn,Etternavn,Adresse,PostNr,Telefonnr,Epost,Passord)" . " VALUES('{$fornavn}','{$etternavn}','{$adresse}','{$postnr}','{$telefonnr}','{$epost}','temporary')");
$KNr = $db->insert_id;
if ($db->affected_rows < 1) {
return "<p class=\"feilmelding\">Databasefeil ved registrering av ny bruker. Vennligst forsøk på nytt eller ta kontakt med supporten. (Errno NK01)</p>";
}
$passord = genPassord();
$dbPassord = cryptPass($passord, $KNr . $epost);
$resultat = $db->query("UPDATE webprosjekt_kunde SET Passord='{$dbPassord}' WHERE KNr='{$KNr}'");
if ($db->affected_rows < 1) {
return "<p class=\"feilmelding\">Databasefeil ved registrering av ny bruker. Vennligst forsøk på nytt eller ta kontakt med supporten. (Errno NK02)</p>";
}
$db->close();
$emne = "Registrering i Nettbutikken";
$tekst = "Hei\r\n\r\n" . "Din nye bruker i HBHL nettbutikk er nå registrert.\r\n\r\n" . "Her er din innloggingsinformasjon:\r\n" . "Brukernavn: {$epost} \r\n" . "Passord: {$passord} \r\n\r\n" . "For å logge inn, gå til http://nettbutikk.henrikh.net/ \r\n" . "Du kan selvsagt bytte passord når du har logget inn.\r\n\r\n" . "Hilsen,\r\nHiranBårdHenrikLars.";
$hode = 'From: nettbutikk@henrikh.net' . "\r\n" . 'Reply-To: nettbutikk@henrikh.net' . "\r\n" . 'Content-type: text/plain; charset=iso-8859-1' . "\r\n" . 'X-Mailer: PHP/' . phpversion();
$resultat = @mail($epost, $emne, $tekst, $hode);
if ($resultat) {
return "<p class=\"okmelding\">Brukeren din har nå blitt opprettet. Brukernavn og passord er sendt på e-post til {$epost}.</p>" . "<p>Du kan nå <a href=\"index.php?side=logginn\">logge inn</a>.</p>";
} else {
return "<p class=\"okmelding\">Brukeren din har nå blitt opprettet.</p>" . "<p>Her er din innloggingsinformasjon:<br>" . "Brukernavn: {$epost} <br>" . "Passord: {$passord} </p>" . "<p>Du kan nå <a href=\"index.php?side=logginn\">logge inn</a>.</p>";
}
}
function defaultAction()
{
global $HTTP_SERVER_VARS;
include "./lib/config.inc.php";
$db = new sql();
$db->connect();
$result = $db->query('SELECT VERSION() AS version');
if ($result != FALSE && $db->num_rows($result) > 0) {
$row = $db->fetch_array($result);
$match = $row['version'];
} else {
$result = $db->query('SHOW VARIABLES LIKE \'version\'');
if ($result != FALSE && $db->num_rows($result) > 0) {
$row = $db->fetch_array($result);
$match = $row[1];
}
}
$this->MYSQL_VER = $match;
$this->PHP_OS = PHP_OS;
$this->PHP_VERSION = PHP_VERSION;
$this->CMS = $admin_config["name"] . " " . $admin_config["version"];
$this->AUTHOR = $admin_config["author"];
$this->HOME_PAGE = $admin_config["home_page"];
$content = admin::template("info", $this);
$this->elements["content"] = $content;
}
public function setRecord($data)
{
extract($data);
if ($action == "users") {
if (!empty($edit)) {
// редактирование
$sql = "UPDATE users\n SET nik='{$nik}',\n fullname='{$fullname}',\n position='{$position}',\n password='******'\n WHERE id='{$edit}'";
} else {
// добавление
$sql = "INSERT INTO users (nik,fullname,position,password)\n VALUES ('{$nik}','{$fullname}','{$position}','{$password1}')";
}
sql::query($sql);
} else {
$sql = "DELETE FROM rights WHERE u_id='{$userid}'";
sql::query($sql);
if (!empty($r)) {
foreach ($r as $key => $val) {
foreach ($val as $k => $V) {
$sql = "INSERT INTO rights (u_id,type_id,rtype_id,rights.right) VALUES ('{$userid}','{$key}','{$k}','1')";
sql::query($sql);
}
}
}
// почистить сессию для того чтоб вступили права пользователь должен перезайти
//$sql = "DELETE FROM session WHERE u_id='{$userid}'";
//sql::query($sql);
}
return sql::affected();
}
function delete($key)
{
if (isset($this->data[$key])) {
unset($this->data[$key]);
sql::query('DELETE FROM ' . _TABLE_PREFIX_ . 'config WHERE name="' . addslashes($key) . '"');
}
}
protected static function loginPost()
{
$email = type::post('email', 'string');
$password = type::post('password', 'string');
$remember = type::post('remember', 'int');
if (is_null($email) || is_null($password) || $email == '' || $password == '') {
echo message::info(lang::get('fill_out_both'));
return;
}
$sql = new sql();
$sql->query('SELECT password, salt, id FROM ' . sql::table('user') . ' WHERE `email` = "' . $sql->escape($email) . '"');
if (!$sql->num()) {
echo message::danger(sprintf(lang::get('email_not_found'), htmlspecialchars($email)), true);
$shake = 1;
return;
}
$sql->result();
if (!self::checkPassword($password, $sql->get('salt'), $sql->get('password'))) {
echo message::danger(lang::get('wrong_pw'));
$shake = 1;
return;
}
self::loginSession();
self::$userID = $sql->get('id');
$_SESSION['login'] = $sql->get('id');
if ($remember) {
setcookie("remember", $sql->get('id'), time() + 3600 * 24 * 7);
}
}
public function delete($delete)
{
$affected = 0;
$sql = "DELETE FROM orders WHERE id='{$delete}'";
sql::query($sql);
$affected += sql::affected();
// удаление связей
$sql = "DELETE FROM files WHERE `table`='orders' AND rec_id='{$delete}'";
sql::query($sql);
$affected += sql::affected();
$sql = "SELECT * FROM tz WHERE order_id='{$delete}'";
$res = sql::fetchAll($sql);
foreach ($res as $rs) {
// удаление
$delete = $rs["id"];
$sql = "DELETE FROM tz WHERE id='{$delete}'";
sql::query($sql);
$affected += sql::affected();
// удаление связей
$sql = "SELECT * FROM posintz WHERE tz_id='{$delete}'";
$res1 = sql::fetchAll($sql);
foreach ($res1 as $rs1) {
$delete = $rs1["id"];
$sql = "DELETE FROM posintz WHERE id='{$delete}'";
sql::query($sql);
$affected += sql::affected();
}
}
return $affected;
}
function language($language, $site, $load = false)
{
$res = sql::query("\r\n\t\t \tSELECT \r\n\t\t\t\t *\r\n\t\t\t FROM\r\n \t\t\t\t" . _TABLE_PREFIX_ . "language\r\n\t\t\t\tWHERE\r\n\t\t\t\t\tid = '" . addslashes($language) . "' AND\r\n\t\t\t\t\tsite = '" . addslashes($site) . "'\r\n\t\t ");
if ($row = sql::fetch_array($res)) {
$this->id = $row['id'];
$this->name = $row['name'];
$this->public = !!$row['public'];
} else {
$this->id = 'en';
$this->name = 'English';
$this->public = false;
}
@(include _BASE_LIBRARIES_ . 'resources/iso639to3166.php');
$this->flag = strtolower($iso639to3166[$this->id]);
if ($load) {
// Load english strings first...
$res = @mysql_query("\r\n\t\t\t\t\tSELECT \r\n\t\t\t\t\t\t* \r\n\t\t\t\t\tFROM\r\n\t\t\t\t\t\t" . _TABLE_PREFIX_ . "strings\r\n\t\t\t\t\tWHERE\r\n\t\t\t\t\t\tlanguage = 'en'\r\n\t\t\t\t");
while ($row = sql::fetch_array($res, MYSQL_ASSOC)) {
$this->strings[$row['id']] = $row['value'];
}
if ($language != 'en') {
$res = sql::query("\r\n\t\t\t\t\t\tSELECT \r\n\t\t\t\t\t\t\t* \r\n\t\t\t\t\t\tFROM\r\n\t\t\t\t\t\t\t" . _TABLE_PREFIX_ . "strings\r\n\t\t\t\t\t\tWHERE\r\n\t\t\t\t\t\t\tlanguage = '" . addslashes($language) . "'\r\n\t\t\t\t\t");
while ($row = sql::fetch_array($res, MYSQL_ASSOC)) {
$this->strings[$row['id']] = $row['value'];
}
}
}
}
function event_CreateRevision(&$data)
{
$res = sql::query("\r\n\t\t\t\tSELECT \r\n\t\t\t\t\t*\r\n\t\t\t\tFROM \r\n\t\t\t\t\t" . _TABLE_PREFIX_ . "contents_seo\r\n\t\t\t\tWHERE \r\n\t\t\t\t\tID = '" . $data['id'] . "' AND\r\n\t\t\t\t\trevision = '" . $data['from'] . "'\r\n\t\t\t");
while ($row = sql::fetch_array($res, MYSQL_ASSOC)) {
sql::query("\r\n\t\t\t\t\tINSERT INTO \r\n\t\t\t\t\t\t" . _TABLE_PREFIX_ . "contents_seo \r\n\t\t\t\t\tSET \r\n\t\t\t\t\t\tID='" . $data['id'] . "', \r\n\t\t\t\t\t\trevision='" . $data['to'] . "',\r\n\t\t\t\t\t\tkeywords='" . addslashes($row['keywords']) . "',\r\n\t\t\t\t\t\tdescription='" . addslashes($row['description']) . "'\r\n\t\t\t\t");
}
}
function defaultAction()
{
$db = new sql();
$db->connect();
$chid = $this->chid;
include "lib/pagination.class.php";
include "lib/orderby.class.php";
$adminConfig = admin::adminConfig();
for ($i = 1; $i < 4; $i++) {
$voteTR = "";
$orderBy = new orderBy("?chid=" . $this->chid . "&", array("id" => "№", "time" => "Дата", "name" => "Заголовок", "company" => "Компания", "gsum" => "Средний бал", "gcount" => "Проголосовало"), array("gsum" => "desc"), $this->field[$i], $this->order[$i], array("field[{$i}]", "order[{$i}]"));
$pagination = new pagination($orderBy->urlForPage(), $this->page, $adminConfig["recPerPage"], '', "projects", "id");
$res = $db->query("select projects.id, name, company, category_name, date, sum(IF(grade is null,0, grade))/count(IF(grade is null,0, grade)) as gsum, count(grade) as gcount FROM (projects LEFT JOIN categories ON projects.category = categories.category_id) left join votes on projects.id=votes.id where category={$i} group by projects.id, name, company, category_name, date " . $orderBy->orderByQuery() . " " . $pagination->limit());
$page = $this->page ? "&page=" . $this->page : "";
while ($data = $db->fetch_array($res)) {
$data["date"] = date("d.m.Y", $data["date"]);
eval('$voteTR.="' . admin::template("voteTR") . '";');
}
$pageBar = $pagination->bar();
$th = $orderBy->bar();
eval('$content.="' . admin::template("voteMain") . '";');
$content .= "<br>";
}
$this->elements["content"] = $content;
}
function _changeLanguage($id, $language)
{
$res = sql::query("\r\n\t\t\t\tUPDATE \r\n\t\t\t\t\t" . _TABLE_PREFIX_ . "contents\r\n\t\t\t\tSET \r\n\t\t\t\t\tlanguage = '" . addslashes($language) . "'\r\n\t\t\t\tWHERE \r\n\t\t\t\t\tID='" . $id . "'\r\n\t\t\t");
$res = sql::query("\r\n\t\t\t\tSELECT \r\n\t\t\t\t\t*\r\n\t\t\t\tFROM \r\n\t\t\t\t\t" . _TABLE_PREFIX_ . "contents\r\n\t\t\t\tWHERE \r\n\t\t\t\t\tparent = '" . $id . "'\r\n\t\t\t");
while ($row = sql::fetch_array($res, MYSQL_ASSOC)) {
$this->_changeLanguage($row['ID'], $language);
}
}
public function delete($delete)
{
$affected = 0;
$sql = "DELETE FROM posintz WHERE id='{$delete}'";
sql::query($sql);
$affected += sql::affected();
return $affected;
}
public function setRecord($data)
{
extract($data);
$sql = "INSERT INTO {$this->maintable} (`key`,`description`) VALUES ('{$key}','{$description}')";
sql::query($sql);
$ret[affected] = true;
return $ret;
}
public function delete($delete)
{
$sql = "DELETE FROM blocks WHERE id='{$delete}'";
sql::query($sql);
$sql = "DELETE FROM blockpos WHERE block_id='{$delete}'";
sql::query($sql);
return sql::affected();
}
public function __construct($id)
{
if ($id) {
$sql = new sql();
$sql->query('SELECT * FROM ' . sql::table('user') . ' WHERE id=' . $id)->result();
$this->entrys = $sql->result;
$this->entrys['perms'] = explode('|', $this->get('perms'));
}
}
public function run()
{
/* execute queries */
if (sql::query("SELECT * FROM mysql.user")) {
printf("...\n");
if (sql::query("SELECT * FROM mysql.user")) {
printf("...\n");
}
}
}
function rightBar()
{
$db = new sql();
$db->connect();
$res = $db->query(" select * from news order by time desc limit 0, 3");
while ($data = $db->fetch_array($res)) {
$this->elements["rightBar"] .= '<table><tr><th>' . $data["title"] . ':</th></tr><tr><td>' . $data["text"] . '</td></tr></table>';
}
$this->elements["rightBar"] = '<td valign="top" style="padding-left: 1em;">' . $this->elements["rightBar"] . '<p align="right"><a href="/news/">¬се новости →</a></p><br><i>¬ принципе, вы можете зайти и ознакомитьс¤ с <a href="/timeline/" target="_self">хронологией моих работ</a> (благо, их пока не так уж много).</i><p align="right"><a href="/card/" target="_self"> арта сайта →</a></p></td>';
}
function slettKategori()
{
$katnr = $this->katnr;
$katnavn = $this->katnavn;
if ($katnr == "") {
return "<p class=\"feilmelding\">Databasefeil ved sletting av kategori (KS01).</p>";
}
$db = new sql();
$resultat = $db->query("SELECT * FROM webprosjekt_vare WHERE KatNr='{$katnr}'");
if ($db->affected_rows > 0) {
return "<p class=\"feilmelding\">Kan ikke slette: det finnes en eller flere varer i denne kategorien.</p>";
}
$resultat = $db->query("DELETE FROM webprosjekt_kategori WHERE KatNr='{$katnr}'");
if (!$resultat || $db->affected_rows < 1) {
return "<p class=\"feilmelding\">Databasefeil ved sletting av kategori (KS02).</p>";
}
$db->close();
return "<p class=\"okmelding\">Kategorien {$katnavn} er nå slettet.</p>";
}
function exists($name)
{
$res = sql::query("SHOW TABLES");
while ($row = @mysql_fetch_array($res)) {
if ($row[0] == _TABLE_PREFIX_ . $name) {
return true;
}
}
return false;
}
function getAllProjects()
{
global $TABLE_PREFIX;
$sql = new sql();
$sql->query("SELECT * FROM " . $TABLE_PREFIX . "projects;");
$ret = array();
while ($row = $sql->getNextRow()) {
array_push($ret, $row);
}
return $ret;
}
function getAllBugs()
{
global $TABLE_PREFIX;
$sql = new sql();
$sql->query("SELECT * FROM " . $TABLE_PREFIX . "bugs ORDER BY bID DESC;");
$ret = array();
while ($row = $sql->getNextRow()) {
array_push($ret, $row);
}
return $ret;
}
public function setRecord($data)
{
extract($data);
if (!empty($edit)) {
$sql = "UPDATE conductors SET pib='{$pib}', side='{$side}', lays='{$lays}', user_id='" . Auth::getInstance()->getUser('userid') . "', ts=NOW() WHERE id='{$edit}'";
} else {
$sql = "INSERT INTO conductors (board_id,pib,side,lays,user_id,ts) VALUES('{$board_id}','{$pib}','{$side}','{$lays}','" . Auth::getInstance()->getUser('userid') . "',NOW())";
}
sql::query($sql);
return sql::affected();
}
public function setRecord($data)
{
extract($data);
if (!empty($edit)) {
$sql = "UPDATE todo SET what='" . addslashes($what) . "', cts=NOW(), rts='0', u_id='" . Auth::getInstance()->getUser('userid') . "' WHERE id='{$edit}'";
} else {
$sql = "INSERT INTO todo (what,cts,rts,u_id) VALUES ('" . addslashes($what) . "',NOW(),'0'," . Auth::getInstance()->getUser('userid') . ")";
}
sql::query($sql);
return sql::affected();
}
public function setRecord($data)
{
extract($data);
if (!empty($edit)) {
$sql = "UPDATE rtypes SET type='{$type}' WHERE id='{$edit}'";
} else {
$sql = "INSERT INTO `rtypes` (`type`) VALUES ('{$type}')";
}
sql::query($sql);
return sql::affected();
}
public static function getAll()
{
if (!count(self::$all)) {
$sql = new sql();
$sql->query('SELECT name FROM ' . sql::table('addons') . ' WHERE `install` = 1 AND `active` = 1')->result();
while ($sql->isNext()) {
self::$all[] = $sql->get('name');
$sql->next();
}
}
return self::$all;
}
public function setRecord($data)
{
extract($data);
if (!empty($edit)) {
$sql = "UPDATE zadel SET number = '{$number}', ldate='{$ldate}', niz='{$niz}' WHERE id='{$edit}'";
} else {
$sql = "INSERT INTO zadel (board_id,ldate,number,niz) VALUES('{$board_id}','{$ldate}','{$number}','{$niz}')";
}
sql::query($sql);
return true;
//sql::affected();
}
function appendEdit()
{
$this->fields["time"] = mktime(0, 0, 0, $this->date["month"], $this->date["day"], $this->date["year"]);
foreach ($this->fields as $key => $value) {
$query .= "{$key}='{$value}', ";
}
$query = substr($query, 0, strlen($s) - 2);
$db = new sql();
$db->connect();
$db->query("update news set {$query} where id=" . $this->fields["id"]);
header("Location: ?chid=" . $this->chid . "&m=3");
}
function got_child($id)
{
$db = new sql();
$db->connect();
$res = $db->query(_QUERY . " where pid={$id}");
if ($db->num_rows($res) > 0) {
return true;
exit;
} else {
return false;
exit;
}
}
function getVarer($kategori = 0)
{
$db = new sql();
if ($kategori == 0) {
$resultat = $db->query("SELECT * FROM webprosjekt_vare;");
} else {
$resultat = $db->query("SELECT * FROM webprosjekt_vare WHERE KatNr = '{$kategori}';");
}
if (!$resultat) {
die("Feil - finner ikke vare i databasen (B02)");
}
if ($db->affected_rows == 0) {
return false;
}
$db->close();
$returarray;
while ($rad = $resultat->fetch_assoc()) {
$varelinje = array($rad['Bilde'], $rad['VNr'], $rad['Varenavn'], $rad['Beskrivelse'], $rad['Pris'], $rad['Antall']);
$returarray[] = $varelinje;
}
return $returarray;
}
public function delete($id)
{
$sql = "SELECT pos_in_tz_id FROM lanch WHERE id='{$id}'";
// уберем признак запуска
$rs = sql::fetchOne($sql);
$sql = "UPDATE posintz SET ldate='0000-00-00' WHERE id='{$rs["pos_in_tz_id"]}'";
sql::query($sql);
// удаление
//$sql = "DELETE FROM lanch WHERE id='{$id}'";
// не хочу удалять. пусть все остаются
$sql = "UPDATE lanch SET part='0' WHERE id='{$id}'";
// todo: воссстановление задела
sql::query($sql);
}