function find_news($start, $end) { global $tpl; global $lang; global $znalezione; $wp = XDb::xEscape($_GET['wp']); $query = "select id,type,user_id,date,text,deleted from cache_logs where cache_id = (select cache_id from caches where wp_oc = '" . $wp . "') order by date desc limit " . $start . "," . $end; $wynik = XDb::xSql($query); $query = "select name,cache_id from caches where cache_id = (select cache_id from caches where wp_oc = '" . $wp . "');"; $wynik2 = XDb::xSql($query); $caches = XDb::xFetchArray($wynik2); $tpl->assign("name", $caches['name']); // detailed cache access logging global $enable_cache_access_logs; if (@$enable_cache_access_logs) { $dbc = OcDb::instance(); $cache_id = $caches['cache_id']; $user_id = @$_SESSION['user_id'] > 0 ? $_SESSION['user_id'] : null; $access_log = @$_SESSION['CACHE_ACCESS_LOG_VL_' . $user_id]; if ($access_log === null) { $_SESSION['CACHE_ACCESS_LOG_VL_' . $user_id] = array(); $access_log = $_SESSION['CACHE_ACCESS_LOG_VL_' . $user_id]; } if (@$access_log[$cache_id] !== true) { $dbc->multiVariableQuery('INSERT INTO CACHE_ACCESS_LOGS (event_date, cache_id, user_id, source, event, ip_addr, user_agent, forwarded_for) VALUES (NOW(), :1, :2, \'M\', \'view_logs\', :3, :4, :5)', $cache_id, $user_id, $_SERVER['REMOTE_ADDR'], $_SERVER['HTTP_USER_AGENT'], $_SERVER['HTTP_X_FORWARDED_FOR']); $access_log[$cache_id] = true; $_SESSION['CACHE_ACCESS_LOG_VL_' . $user_id] = $access_log; } } $znalezione = array(); while ($logs = XDb::xFetchArray($wynik)) { if ($logs['deleted'] == 0) { $query = "select username from user where user_id = '" . $logs['user_id'] . "';"; $wynik3 = XDb::xSql($query); $user = XDb::xFetchArray($wynik3); $logs2['id'] = $logs['id']; $logs2['user_id'] = $logs['user_id']; $logs2['newtype'] = $logs['type']; $logs2['newdate'] = date('j.m.Y', strtotime($logs['date'])); $logs2['username'] = $user[0]; $logs2['newtext'] = html2log($logs['text']); $znalezione[] = $logs2; } } $tpl->assign("wp_oc", $wp); $tpl->assign("logs", $znalezione); }
function genStatPieUrl() { $startDate = mktime(0, 0, 0, 1, 1, 2006); global $lang; if (checkField('cache_type', $lang)) { $lang_db = XDb::xEscape($lang); } else { $lang_db = "en"; } // Get data $rsTypes = XDb::xSql("SELECT COUNT(`caches`.`type`) `count`, `cache_type`.`{$lang_db}` AS `type`, `cache_type`.`color`\n FROM `caches` INNER JOIN `cache_type` ON (`caches`.`type`=`cache_type`.`id`)\n WHERE `status`=1\n GROUP BY `caches`.`type`\n ORDER BY `count` DESC"); $yData = array(); $xData = array(); $colors = array(); $url = "http://chart.apis.google.com/chart?chs=550x200&chd=t:"; $sum = 0; while ($rTypes = XDb::xFetchArray($rsTypes)) { $yData[] = ' (' . $rTypes['count'] . ') ' . $rTypes['type']; $xData[] = $rTypes['count']; $colors[] = substr($rTypes['color'], 1); $sum += $rTypes['count']; } XDb::xFreeResults($rsTypes); foreach ($xData as $count) { $url .= normTo100($count, $sum) . ","; } $url = substr($url, 0, -1); $url .= "&cht=p3&chl="; foreach ($yData as $label) { $url .= urlencode($label) . "|"; } $url = substr($url, 0, -1); $url .= "&chco="; foreach ($colors as $color) { $url .= urlencode($color) . ","; } return $url = substr($url, 0, -1); }
function try_login($user, $password, $remember) { $this->pClear(); $query = "select user_id,username from user where username = '******';"; $wynik = XDb::xSql($query); $wiersz = XDb::xFetchArray($wynik); $user_id = $wiersz['user_id']; if ($user_id) { /* User exists. Is the password correct? */ $pm = new PasswordManager($user_id); if (!$pm->verify($password)) { $user_id = null; } } if (!empty($user_id)) { $_SESSION['username'] = $wiersz['username']; $_SESSION['user_id'] = $user_id; $query = "SELECT now() as now, uuid() as uuid"; $wynik = XDb::xSql($query); $rekord = XDb::xFetchArray($wynik); $dzis = $rekord['now']; $uuid = $rekord['uuid']; $query = "update user set last_login_mobile = '" . $dzis . "' where user_id='" . $user_id . "';"; XDb::xSql($query); $this->userid = $user_id; $this->username = $user; $this->lastlogin = $dzis; $this->sessionid = $uuid; $this->verified = true; if ($remember == 1) { $this->pStoreCookie(); } $query = "update user set uuid_mobile ='" . $uuid . "', last_login_mobile='" . $dzis . "' where user_id='" . $user_id . "';"; XDb::xSql($query); } return; }
function event_notify_new_cache($cache_id) { global $rootpath; //prepare the templates and include all neccessary require_once $rootpath . 'lib/search.inc.php'; $rs = XDb::xSql('SELECT `caches`.`latitude`, `caches`.`longitude` FROM `caches` WHERE `caches`.`cache_id`= ? ', $cache_id); $r = XDb::xFetchArray($rs); $latFrom = $r['latitude']; $lonFrom = $r['longitude']; XDb::xFreeResults($rs); $distanceMultiplier = 1; // TODO: Seeking pre-select `user`. `latitude` like with max_lon / min_lon / max_lat / min_lat XDb::xSql('INSERT INTO `notify_waiting` (`id`, `cache_id`, `user_id`, `type`) SELECT NULL, ' . XDb::xEscape($cache_id) . ', `user`.`user_id`, ' . NOTIFY_NEW_CACHES . ' FROM `user` WHERE NOT ISNULL(`user`.`latitude`) AND NOT ISNULL(`user`.`longitude`) AND `user`.`notify_radius` > 0 AND (acos(cos((90- ? ) * 3.14159 / 180) * cos((90-`user`.`latitude`) * 3.14159 / 180) + sin((90-?) * 3.14159 / 180) * sin((90-`user`.`latitude`) * 3.14159 / 180) * cos(( ? -`user`.`longitude`) * 3.14159 / 180)) * 6370 * ?) <= `user`.`notify_radius`', $latFrom, $latFrom, $lonFrom, $distanceMultiplier); }
$thislog = str_replace('{username}', xmlentities($rLog['username']), $thislog); $thislog = str_replace('{finder_id}', xmlentities($rLog['userid']), $thislog); if (isset($gpxLogType[$rLog['type']])) { $logtype = $gpxLogType[$rLog['type']]; } else { $logtype = $gpxLogType[0]; } $thislog = str_replace('{type}', $logtype, $thislog); $thislog = str_replace('{text}', cleanup_text($rLog['text']), $thislog); $logentries .= $thislog . "\n"; } $thisline = str_replace('{logs}', $logentries, $thisline); // Travel Bug GeoKrety $waypoint = $r['waypoint']; $geokrety = ''; $geokret_query = XDb::xSql("SELECT gk_item.id AS id, gk_item.name AS name\n FROM gk_item, gk_item_waypoint\n WHERE gk_item.id = gk_item_waypoint.id\n AND gk_item_waypoint.wp = '" . XDb::xEscape($waypoint) . "'\n AND gk_item.stateid<>1 AND gk_item.stateid<>4\n AND gk_item.stateid <>5 AND gk_item.typeid<>2"); while ($geokret = XDb::xFetchArray($geokret_query)) { $thisGeoKret = $gpxGeoKrety; $gk_wp = strtoupper(dechex($geokret['id'])); while (mb_strlen($gk_wp) < 4) { $gk_wp = '0' . $gk_wp; } $gkWP = 'GK' . mb_strtoupper($gk_wp); $thisGeoKret = str_replace('{geokret_id}', xmlentities($geokret['id']), $thisGeoKret); $thisGeoKret = str_replace('{geokret_ref}', $gkWP, $thisGeoKret); $thisGeoKret = str_replace('{geokret_name}', xmlentities($geokret['name']), $thisGeoKret); $geokrety .= $thisGeoKret; // . "\n"; } $thisline = str_replace('{geokrety}', $geokrety, $thisline); // Waypoints
public function DisplayAllOpensprawdzaczCaches($OpensprawdzaczSetup, $opt) { /** * Displays initial form for cache waypoint (OPXXXX) input * * and * * display list of caches in Opensprawdzacz. */ /** * if isset $_GET['op_keszynki'] means that user entered cache OP, and want search for this * cache through Opensprawdzacz. * This part get cache waypoint from url, check if cache owner allow specified cahe for check by * OpenSprawdzacz * */ if (isset($_GET['op_keszynki'])) { $this->cache_wp = XDb::xEscape($_GET['op_keszynki']); $this->cache_wp = strtoupper($this->cache_wp); } else { $formularz = ' <form action="' . $OpensprawdzaczSetup->scriptname . '" method="get"> ' . tr('os_podaj_waypoint') . ': <input type="text" name="op_keszynki" maxlength="6"/> <button type="submit" name="przeslanie_waypointa" value="' . tr('submit') . '" style="font-size:14px;width:160px"><b>' . tr('submit') . '</b></button> </form> '; if (isset($_GET['sort'])) { $sort_tmp = XDb::xEscape($_GET['sort']); switch ($sort_tmp) { case 'autor': $sortowanie = '`user`.`username`'; break; case 'nazwa': $sortowanie = '`caches`.`name`'; break; case 'wpt': $sortowanie = '`caches`.`wp_oc`'; break; case 'szczaly': $sortowanie = '`opensprawdzacz`.`proby`'; break; case 'sukcesy': $sortowanie = '`opensprawdzacz`.`sukcesy`'; break; default: $sortowanie = '`caches`.`name`'; break; } } else { $sortowanie = '`caches`.`name`'; } $zapytajka = "\n\n SELECT `waypoints`.`cache_id`,\n `waypoints`.`type`,\n `waypoints`.`stage`,\n `waypoints`.`desc`,\n `caches`.`name`,\n `caches`.`wp_oc`,\n `caches`.`user_id`,\n `caches`.`type`,\n `caches`.`status`,\n `user`.`username`,\n `cache_type`.`sort`,\n `cache_type`.`icon_small`,\n `opensprawdzacz`.`proby`,\n `opensprawdzacz`.`sukcesy`\n FROM `waypoints`\n LEFT JOIN `opensprawdzacz`\n ON `waypoints`.`cache_id` = `opensprawdzacz`.`cache_id`,\n `caches`, `user`, `cache_type`\n WHERE `waypoints`.`opensprawdzacz` = 1\n AND `waypoints`.`type` = 3\n AND `caches`.`type` = `cache_type`.`id`\n AND `caches`.`user_id` = `user`.`user_id`\n AND `waypoints`.`cache_id` = `caches`.`cache_id`\n ORDER BY {$sortowanie}\n LIMIT 0, 1000\n\n "; $status = array('1' => '<img src="tpl/stdstyle/images/log/16x16-found.png" border="0" alt="Gotowa do szukania">', '2' => '<img src="tpl/stdstyle/images/log/16x16-temporary.png" border="0" alt="Tymczasowo niedost�pna">', '3' => '<img src="tpl/stdstyle/images/log/16x16-dnf.png" border="0" alt="zarchiwizowana">', '4' => '<img src="tpl/stdstyle/images/log/16x16-temporary.png" border="0" alt="Ukryta do czasu weryfikacji">', '5' => '<img src="tpl/stdstyle/images/log/16x16-temporary.png" border="0" alt="jeszcze niedost�pna">', '6' => '<img src="tpl/stdstyle/images/log/16x16-dnf.png" border="0" alt="Zablokowana przez COG">'); $conn = XDb::instance(); $conn->query('SET CHARSET utf8'); $keszynki_opensprawdzacza = $conn->query($zapytajka)->fetchAll(); $ile_keszynek = count($keszynki_opensprawdzacza); $pag = new Pagination(); // $dane = array("hej","dupa","laska", "scierwo"); $numbers = $pag->Paginate($keszynki_opensprawdzacza, $OpensprawdzaczSetup->caches_on_page); $result = $pag->fetchResult(); /* foreach ($result as $r) { echo "<div>aa$r</div>"; } */ $paginacja = ' '; if (isset($_GET["sort"])) { $sort = '&sort=' . $_GET["sort"]; } else { $sort = ''; } if (isset($_GET["page"])) { $tPage = XDb::xEscape($_GET["page"]); } else { $tPage = 1; } if ($tPage > 1) { $paginacja .= '<a href="' . $OpensprawdzaczSetup->scriptname . '?page=' . ($num - 1) . $sort . '">[<' . tr('os_f02') . ']</a> '; } foreach ($numbers as $num) { if ($num == $tPage) { $paginacja .= '<b>[' . $num . ']</b>'; } else { $paginacja .= '<a href="' . $OpensprawdzaczSetup->scriptname . '?page=' . $num . $sort . '">[' . $num . ']</a> '; } } if ($tPage < count($numbers)) { $paginacja .= '<a href="' . $OpensprawdzaczSetup->scriptname . '?page=' . ($tPage + 1) . $sort . '">[' . tr('os_f01') . ' >]</a> '; } $tabelka_keszynek = ''; $proby = 0; $trafienia = 0; foreach ($result as $dane_keszynek) { $proby = $proby + $dane_keszynek['proby']; $trafienia = $trafienia + $dane_keszynek['sukcesy']; if ($dane_keszynek['status'] == 1 || $dane_keszynek['status'] == 2) { $tabelka_keszynek .= ' <tr> <td><a class="links" href="viewcache.php?wp=' . $dane_keszynek['wp_oc'] . '">' . $dane_keszynek['wp_oc'] . '</a></td> <td><a class="links" href="' . $OpensprawdzaczSetup->scriptname . '?op_keszynki=' . $dane_keszynek['wp_oc'] . '"> ' . $dane_keszynek['name'] . '</a> </td> <td><a href="viewcache.php?wp=' . $dane_keszynek['wp_oc'] . '"><img src="tpl/stdstyle/images/' . $dane_keszynek['icon_small'] . '" /></a></td> <td align="center">' . $status[$dane_keszynek['status']] . '</td> <td><a href="viewprofile.php?userid=' . $dane_keszynek['user_id'] . '">' . $dane_keszynek['username'] . '</td> <td align="center">' . $dane_keszynek['proby'] . '</td> <td align="center">' . $dane_keszynek['sukcesy'] . '</td> </tr>'; } } $tabelka_keszynek .= ' <tr><td colspan="7"><img src="tpl/stdstyle/images/blue/dot_blue.png" height="1" width="100%"/></td></tr><tr> <td><img src="/tpl/stdstyle/images/misc/16x16-info.png" /></td> <td>' . tr('os_f00') . ': </td> <td>' . $ile_keszynek . '</td> <td align="center"> ' . $status[1] . '<br />' . $status[2] . ' </td> <td> (' . tr('log_type_available') . ')<br /> (' . tr('temp_unavailables') . ') </td> <td align="center">' . $proby . '</td> <td align="center">' . $trafienia . '</td> </tr> </table>'; $tabelka_keszynek .= '<br /><p align="center">' . $paginacja . '</p>'; tpl_set_var("sekcja_1_start", ''); tpl_set_var("sekcja_1_stop", ''); tpl_set_var("sekcja_2_start", '<!--'); tpl_set_var("sekcja_2_stop", '-->'); tpl_set_var("sekcja_3_start", '<!--'); tpl_set_var("sekcja_3_stop", '-->'); tpl_set_var("sekcja_4_start", '<!--'); tpl_set_var("sekcja_4_stop", '-->'); tpl_set_var("sekcja_formularz_opensprawdzacza_start", '<!--'); tpl_set_var("sekcja_formularz_opensprawdzacza_stop", ''); tpl_set_var("formularz", $formularz); tpl_set_var("keszynki", $tabelka_keszynek); $this->endzik(); } }
function check_wp($wpts) { foreach ($wpts as &$wp) { if (!preg_match("/^O((\\d)|([A-Z])){5}\$/", $wp)) { return false; } } return true; } if (isset($_GET['wp']) && !empty($_GET['wp']) && isset($_GET['output']) && !empty($_GET['output'])) { if (!$show_coords) { header('Location: ./viewcache.php?wp=' . $_GET['wp']); exit; } $wpts = explode("|", XDb::xEscape($_GET['wp'])); $output = XDb::xEscape($_GET['output']); if (preg_match("/^((gpx)|(gpxgc)|(loc)|(wpt)|(uam)){1}\$/", $output)) { if (check_wp($wpts)) { $znalezione = array(); $i = 0; foreach ($wpts as &$wp) { $query = "select difficulty,terrain,size,status,user_id,type,cache_id,date_hidden,name,latitude,longitude from caches where wp_oc='" . $wp . "'"; //print $query; $wynik = XDb::xSql($query); $wiersz = XDb::xFetchArray($wynik); $query = "select user_id,username from user where user_id=" . $wiersz['user_id']; $wynik = XDb::xSql($query); $wiersz2 = XDb::xFetchArray($wynik); $query = "select en from cache_type where id=" . $wiersz['type']; $wynik = XDb::xSql($query); $wiersz3 = XDb::xFetchArray($wynik);
<?php use Utils\Database\XDb; require_once "./lib/common.inc.php"; if (isset($_SESSION['user_id'])) { if (isset($_GET['wp']) && !empty($_GET['wp'])) { $wp = XDb::xEscape($_GET['wp']); $query = "select cache_id from caches where wp_oc = '" . $wp . "'"; $wynik = XDb::xSql($query); $wiersz = XDb::xFetchArray($wynik); $wiersz = $wiersz[0]; if (!empty($wiersz)) { $query = "insert into cache_watches (cache_id,user_id) values ('" . $wiersz . "','" . $_SESSION['user_id'] . "')"; $wynik = XDb::xSql($query); header('Location: ./viewcache.php?wp=' . $wp); exit; } } } header('Location: ./index.php');
`PowerTrail`.`id` AS PT_ID, `PowerTrail`.`name` AS PT_name, `PowerTrail`.`type` As PT_type, `PowerTrail`.`image` AS PT_image FROM `caches` LEFT JOIN `powerTrail_caches` ON `caches`.`cache_id` = `powerTrail_caches`.`cacheId` LEFT JOIN `PowerTrail` ON ( `PowerTrail`.`id` = `powerTrail_caches`.`PowerTrailId` AND `PowerTrail`.`status` = 1), `user`, `cache_type`, `cache_rating` WHERE `caches`.`user_id`=`user`.`user_id` AND `cache_rating`.`cache_id`=`caches`.`cache_id` AND `caches`.`status`=1 AND `caches`.`type` <> 6 AND `caches`.`type`=`cache_type`.`id` GROUP BY `user`.`user_id`, `user`.`username`, `caches`.`cache_id`, `caches`.`name`, `cache_type`.`icon_large` ORDER BY `anzahl` DESC, `caches`.`name` ASC LIMIT ' . XDb::xEscape($startat) . ',' . XDb::xEscape($perpage)); $tr_myn_click_to_view_cache = tr('myn_click_to_view_cache'); $cacheline = '<tr><td> </td><td><span class="content-title-noshade txt-blue08" >{rating_absolute}</span></td><td>{GPicon}</td><td><a class="links" href="viewcache.php?cacheid={cacheid}"><img src="{cacheicon}" class="icon16" alt="' . $tr_myn_click_to_view_cache . '" title="' . $tr_myn_click_to_view_cache . '" /></a></td><td><strong><a class="links" href="viewcache.php?cacheid={cacheid}">{cachename}</a></strong></td><td><strong><a class="links" href="viewprofile.php?userid={userid}">{username}</a></strong></td></tr>'; if (XDb::xNumRows($rs) == 0) { $file_content = '<tr><td colspan="5"><strong>' . tr('recommendation_rating_none') . '</strong></td></tr>'; } else { //powertrail vel geopath variables $pt_cache_intro_tr = tr('pt_cache'); $pt_icon_title_tr = tr('pt139'); $file_content = ''; $rows = 0; while ($record = XDb::xFetchArray($rs)) { $rows++; //$cacheicon = 'tpl/stdstyle/images/'.getSmallCacheIcon($record['icon_large']); $thisline = $cacheline; $thisline = mb_ereg_replace('{cacheid}', urlencode($record['cache_id']), $thisline);
tpl_set_var('lastcaches', $no_hiddens); } else { $caches = ''; while ($record_logs = XDb::xFetchArray($rs_caches)) { $tmp_cache = $cache_line; $tmp_cache = mb_ereg_replace('{cacheimage}', icon_cache_status($record_logs['status'], $record_logs['cache_status_text']), $tmp_cache); $tmp_cache = mb_ereg_replace('{cachestatus}', htmlspecialchars($record_logs['cache_status_text'], ENT_COMPAT, 'UTF-8'), $tmp_cache); $tmp_cache = mb_ereg_replace('{cacheid}', htmlspecialchars(urlencode($record_logs['cache_id']), ENT_COMPAT, 'UTF-8'), $tmp_cache); $tmp_cache = mb_ereg_replace('{date}', fixPlMonth(strftime($dateformat, strtotime($record_logs['date_hidden']))), $tmp_cache); $tmp_cache = mb_ereg_replace('{cachename}', htmlspecialchars($record_logs['name'], ENT_COMPAT, 'UTF-8'), $tmp_cache); $caches .= "\n" . $tmp_cache; } tpl_set_var('lastcaches', $caches); } //get not published caches $rs_caches = XDb::xSql("\n SELECT `caches`.`cache_id`, `caches`.`name`,\n `caches`.`date_hidden`, `caches`.`date_activate`,\n `caches`.`status`,\n `cache_status`.`" . XDb::xEscape($lang_db) . "` AS `cache_status_text`\n FROM `caches`, `cache_status`\n WHERE `user_id`= ?\n AND `cache_status`.`id`=`caches`.`status`\n AND `caches`.`status` = 5\n ORDER BY `date_activate` DESC,\n `caches`.`date_created` DESC ", $usr['userid']); if (XDb::xNumRows($rs_caches) == 0) { tpl_set_var('notpublishedcaches', $no_notpublished); } else { $caches = ''; while ($record_caches = XDb::xFetchArray($rs_caches)) { $tmp_cache = $cache_notpublished_line; $tmp_cache = mb_ereg_replace('{cacheimage}', icon_cache_status($record_caches['status'], $record_caches['cache_status_text']), $tmp_cache); $tmp_cache = mb_ereg_replace('{cachestatus}', htmlspecialchars($record_caches['cache_status_text'], ENT_COMPAT, 'UTF-8'), $tmp_cache); $tmp_cache = mb_ereg_replace('{cacheid}', htmlspecialchars(urlencode($record_caches['cache_id']), ENT_COMPAT, 'UTF-8'), $tmp_cache); if (is_null($record_caches['date_activate'])) { $tmp_cache = mb_ereg_replace('{date}', $no_time_set, $tmp_cache); } else { $tmp_cache = mb_ereg_replace('{date}', fixPlMonth(strftime($datetimeformat, strtotime($record_caches['date_activate']))), $tmp_cache); } $tmp_cache = mb_ereg_replace('{cachename}', htmlspecialchars($record_caches['name'], ENT_COMPAT, 'UTF-8'), $tmp_cache);
} .bgcolorM1 {background-color: rgb(170,187,182);} </style> <?php $dane = array(); if (isset($_SESSION['log_cache_multi_filteredData'])) { $dane = $_SESSION['log_cache_multi_filteredData']; $cacheIdList = array(); foreach ($dane as $k => $v) { $cacheIdList[] = $v['cache_id']; } // dociagam info o ostatniej aktywnosci dla kazdej skrzynki if (count($cacheIdList) > 0) { $rs = XDb::xSql("SELECT c.* FROM\n (\n SELECT cache_id, MAX(date) date FROM `cache_logs`\n WHERE user_id= ? AND cache_id IN (" . XDb::xEscape(implode(',', $cacheIdList)) . ")\n GROUP BY cache_id\n ) as x INNER JOIN `cache_logs` as c ON c.cache_id = x.cache_id\n AND c.date = x.date", $usr['userid']); while ($record = XDb::xFetchArray($rs)) { foreach ($dane as $k => $v) { if ($v['cache_id'] == $record['cache_id']) { $v['got_last_activity'] = true; $v['last_date'] = substr($record['date'], 0, strlen($record['date']) - 3); $v['last_status'] = $record['type']; $dane[$k] = $v; } } } //while } foreach ($dane as $k => $v) { ?> <form method="POST" name="logCacheForm" action="log.php?cacheid=<?php
tpl_set_var('bulletin', ""); if (isset($_POST['bulletin']) && $_POST['bulletin'] != "" && $_SESSION['submitted'] != true) { // podgląd $bulletin = addslashes($_POST['bulletin']); $_SESSION['bulletin'] = $bulletin; tpl_set_var('bulletin', stripslashes(nl2br($bulletin))); $tplname = 'admin_bulletin_preview'; tpl_BuildTemplate(); } else { if (isset($_POST['bulletin_final']) && $_POST['bulletin_final'] != "" && $_SESSION['submitted'] != true) { // wysłanie $email_headers = "Content-Type: text/plain; charset=utf-8\r\n"; $email_headers .= "From: " . $site_name . " <" . $mail_rr . ">\r\n"; $email_headers .= "Reply-To: " . $mail_rr . "\r\n"; $bulletin = $_SESSION['bulletin']; $q = "INSERT INTO bulletins (content, user_id)\n VALUES ('" . XDb::xEscape($bulletin) . "', " . XDb::xEscape(intval($usr['userid'])) . ")"; XDb::xQuery($q); $tr_newsletter_removal = tr('newsletter_removal'); $bulletin .= "\r\n\r\n" . $tr_newsletter_removal . " " . $absolute_server_URI . "myprofile.php?action=change."; //get emails $q = "SELECT `email` FROM `user` WHERE `is_active_flag`=1 AND get_bulletin=1 AND rules_confirmed=1"; $rs = XDb::xQuery($q); $tr_newsletter = $short_sitename . " " . tr('newsletter'); while ($email = XDb::xFetchArray($rs)) { mb_send_mail($email['email'], $tr_newsletter . " " . date("Y-m-d"), stripslashes($bulletin), $email_headers); } $_SESSION['submitted'] = true; tpl_set_var('bulletin', stripslashes($_SESSION['bulletin'])); unset($_SESSION['bulletin']); $tplname = 'admin_bulletin_sent'; tpl_BuildTemplate();
$q_where[] = '((`caches`.`score` BETWEEN \'' . XDb::xEscape($options['cachevote_1']) . '\' AND \'' . XDb::xEscape($options['cachevote_2']) . '\' AND `caches`.`votes` > 3) OR (`caches`.`votes` < 4))'; } } if (!isset($options['cachedifficulty_1']) && !isset($options['cachedifficulty_2'])) { $options['cachedifficulty_1'] = ''; $options['cachedifficulty_2'] = ''; } if ($options['cachedifficulty_1'] != '' && $options['cachedifficulty_2'] != '' && ($options['cachedifficulty_1'] != '1' || $options['cachedifficulty_2'] != '5')) { $q_where[] = '`caches`.`difficulty` BETWEEN \'' . XDb::xEscape($options['cachedifficulty_1'] * 2) . '\' AND \'' . XDb::xEscape($options['cachedifficulty_2'] * 2) . '\''; } if (!isset($options['cacheterrain_1']) && !isset($options['cacheterrain_2'])) { $options['cacheterrain_1'] = ''; $options['cacheterrain_2'] = ''; } if ($options['cacheterrain_1'] != '' && $options['cacheterrain_2'] != '' && ($options['cacheterrain_1'] != '1' || $options['cacheterrain_2'] != '5')) { $q_where[] = '`caches`.`terrain` BETWEEN \'' . XDb::xEscape($options['cacheterrain_1'] * 2) . '\' AND \'' . XDb::xEscape($options['cacheterrain_2'] * 2) . '\''; } if ($options['cacherating'] > 0) { $q_where[] = '`caches`.`topratings` >= \'' . $options['cacherating'] . '\''; } // show only published caches // HIDDEN_FOR_APPROVAL $q_where[] = '`caches`.`status` != 4'; // NOT_YET_AVAILABLE $q_where[] = '`caches`.`status` != 5'; // BLOCKED $q_where[] = '`caches`.`status` != 6'; // search byname $q_select[] = '`caches`.`cache_id` `cache_id`'; $q_from[] = '`caches`'; //do the search
<?php use Utils\Database\XDb; //prepare the templates and include all neccessary require_once './lib/common.inc.php'; //Preprocessing if ($error == false) { $target = isset($_REQUEST['target']) ? $_REQUEST['target'] : 'myignores.php'; $cache_id = isset($_REQUEST['cacheid']) ? $_REQUEST['cacheid'] : ''; if ($usr['userid']) { //remove watch XDb::xSql('DELETE FROM cache_ignore WHERE cache_id=\'' . XDb::xEscape($cache_id) . '\' AND user_id=\'' . XDb::xEscape($usr['userid']) . '\''); //remove from caches $rs = XDb::xSql('SELECT ignorer_count FROM caches WHERE cache_id=\'' . XDb::xEscape($cache_id) . '\''); if (XDb::xNumRows($rs) > 0) { $record = XDb::xFetchArray($rs); XDb::xSql('UPDATE caches SET ignorer_count=\'' . ($record['ignorer_count'] - 1) . '\' WHERE cache_id=\'' . XDb::xEscape($cache_id) . '\''); //remove from user $rs = XDb::xSql('SELECT cache_ignores FROM user WHERE user_id=\'' . XDb::xEscape($usr['userid']) . '\''); $record = XDb::xFetchArray($rs); XDb::xSql('UPDATE user SET cache_ignores=\'' . ($record['cache_ignores'] - 1) . '\' WHERE user_id=\'' . XDb::xEscape($usr['userid']) . '\''); } } tpl_redirect($target); } tpl_BuildTemplate();
$region = new GetRegions(); $regiony = $region->GetRegion($wspolrzedneNS, $wspolrzedneWE); XDb::xSql("UPDATE `cache_location` SET adm1 = ?, adm3 = ?, code1= ?, code3= ? WHERE cache_id = ? ", $regiony['adm1'], $regiony['adm3'], $regiony['code1'], $regiony['code3'], $cache_id); } } // mobilne by Łza - koniec //inc cache stat and "last found" $rs = XDb::xSql("SELECT `founds`, `notfounds`, `notes`, `last_found` FROM `caches`\n WHERE `cache_id`= ? ", $cache_id); $record = XDb::xFetchArray($rs); $last_found = ''; if ($log_type == 1 || $log_type == 7) { $dlog_date = mktime($log_date_hour, $log_date_min, 0, $log_date_month, $log_date_day, $log_date_year); if ($record['last_found'] == NULL) { $last_found = ', `last_found`=\'' . XDb::xEscape(date('Y-m-d H:i:s', $dlog_date)) . '\''; } elseif (strtotime($record['last_found']) < $dlog_date) { $last_found = ', `last_found`=\'' . XDb::xEscape(date('Y-m-d H:i:s', $dlog_date)) . '\''; } } if ($log_type == 1 || $log_type == 2 || $log_type == 3 || $log_type == 7 || $log_type == 8) { recalculateCacheStats($cache_id, $cache_type, $last_found); } //inc user stat $rs = XDb::xSql("SELECT `log_notes_count`, `founds_count`, `notfounds_count` FROM `user`\n WHERE `user_id`= ? ", $usr['userid']); $record = XDb::xFetchArray($rs); if ($log_type == 1 || $log_type == 7) { XDb::xSql("UPDATE `user` SET founds_count=founds_count+1 WHERE `user_id`= ? ", $usr['userid']); } elseif ($log_type == 2) { XDb::xSql("UPDATE `user` SET notfounds_count=notfounds_count+1 WHERE `user_id`= ? ", $usr['userid']); } elseif ($log_type == 3) { XDb::xSql("UPDATE `user` SET log_notes_count=log_notes_count+1 WHERE `user_id`= ? ", $usr['userid']); }
//$file_content .= '<td width="22"> <img src="tpl/stdstyle/images/' .getSmallCacheIcon($r['icon_large']) . '" border="0" alt=""/></td>'; // PowerTrail vel GeoPath icon if (isset($r['PT_ID'])) { $PT_icon = icon_geopath_small($r['PT_ID'], $r['PT_image'], $r['PT_name'], $r['PT_type'], $pt_cache_intro_tr, $pt_icon_title_tr); } else { $PT_icon = '<img src="images/rating-star-empty.png" class="icon16" alt="" title="" />'; } $file_content .= '<td width="22">' . $PT_icon . '</td>'; $file_content .= '<td width="22"> <a class="links" href="viewcache.php?cacheid=' . htmlspecialchars($r['cacheid'], ENT_COMPAT, 'UTF-8') . '"><img src="' . $cacheicon . '" border="0" alt="' . $tr_myn_click_to_view_cache . '" title="' . $tr_myn_click_to_view_cache . '" /></a></td>'; $file_content .= '<td><b><a class="links" href="viewcache.php?cacheid=' . htmlspecialchars($r['cacheid'], ENT_COMPAT, 'UTF-8') . '">' . htmlspecialchars($r['cachename'], ENT_COMPAT, 'UTF-8') . '</a></b></td>'; $file_content .= '<td width="32"><b><a class="links" href="viewprofile.php?userid=' . htmlspecialchars($r['userid'], ENT_COMPAT, 'UTF-8') . '">' . htmlspecialchars($r['username'], ENT_COMPAT, 'UTF-8') . '</a></b></td>'; $file_content .= "</tr>"; } XDb::xFreeResults($rs); tpl_set_var('file_content', $file_content); $count = XDb::xSimpleQueryValue('SELECT COUNT(*) `count` FROM (local_caches' . XDb::xEscape($user_id) . ' caches)', 0); $frompage = $startat / 100 - 3; if ($frompage < 1) { $frompage = 1; } $topage = $frompage + 8; if (($topage - 1) * $perpage > $count) { $topage = ceil($count / $perpage); } $thissite = $startat / 100 + 1; $pages = ''; if ($startat > 0) { $pages .= '<a href="myn_ftf.php?startat=0">{first_img}</a> <a href="myn_ftf.php?startat=' . ($startat - 100) . '">{prev_img}</a> '; } else { $pages .= '{first_img_inactive} {prev_img_inactive} '; }
$thisGeoKret = $gpxGeoKrety; $gk_wp = strtoupper(dechex($geokret['id'])); while (mb_strlen($gk_wp) < 4) { $gk_wp = '0' . $gk_wp; } $gkWP = 'GK' . mb_strtoupper($gk_wp); $thisGeoKret = str_replace('{geokret_id}', xmlentities($geokret['id']), $thisGeoKret); $thisGeoKret = str_replace('{geokret_ref}', $gkWP, $thisGeoKret); $thisGeoKret = str_replace('{geokret_name}', cleanup_text(xmlentities($geokret['name'])), $thisGeoKret); $geokrety .= $thisGeoKret; // . "\n"; } $thisline = str_replace('{geokrety}', $geokrety, $thisline); // Waypoints $waypoints = ''; $lang = XDb::xEscape($lang); $rswp = XDb::xSql("SELECT `longitude`, `cache_id`, `latitude`,`desc`,`stage`, `type`, `status`,`waypoint_type`." . $lang . " `wp_type_name`\n FROM `waypoints`\n INNER JOIN waypoint_type ON (waypoints.type = waypoint_type.id)\n WHERE `waypoints`.`cache_id`=?\n ORDER BY `waypoints`.`stage`", $r['cacheid']); while ($rwp = XDb::xFetchArray($rswp)) { if ($rwp['status'] == 1) { $thiswp = $gpxWaypoints; $lat = sprintf('%01.5f', $rwp['latitude']); $thiswp = str_replace('{wp_lat}', $lat, $thiswp); $lon = sprintf('%01.5f', $rwp['longitude']); $thiswp = str_replace('{wp_lon}', $lon, $thiswp); $thiswp = str_replace('{waypoint}', $waypoint, $thiswp); $thiswp = str_replace('{cacheid}', $rwp['cache_id'], $thiswp); $thiswp = str_replace('{{time}}', $time, $thiswp); $thiswp = str_replace('{wp_type_name}', $rwp['wp_type_name'], $thiswp); if ($rwp['stage'] != 0) { $thiswp = str_replace('{wp_stage}', " Etap" . $rwp['stage'], $thiswp); } else {
use Utils\Database\XDb; require_once "./lib/common.inc.php"; if (!isset($_SESSION['user_id'])) { if (!isset($_SESSION['target'])) { $_SESSION['target'] = $_SERVER['HTTP_REFERER']; } if (empty($_SESSION['target'])) { $_SESSION['target'] = "./index.php"; } $cookie->set('test', '1'); $cookie->header(); if (isset($_POST['username']) && !empty($_POST['username']) && isset($_POST['pass']) && !empty($_POST['pass'])) { if ($cookie->is_set_cookie() && $cookie->is_set('test') && $cookie->get('test') == '1') { $cookie->un_set('test'); $username = XDb::xEscape($_POST['username']); $pass = XDb::xEscape($_POST['pass']); $remember = isset($_POST['remember']) ? 1 : 0; $login->try_login($username, $pass, $remember); if ($login->userid == '0') { $tpl->assign("error", "1"); } else { $temp_target = $_SESSION['target']; unset($_SESSION['target']); header('Location: ' . $temp_target); exit; } } else { $tpl->assign("error", "2"); } } } else {
$adm3 = XDb::xMultiVariableQueryValue("SELECT `name` FROM `nuts_codes` WHERE `code`= :1", 0, $sCode); $sCode = mb_substr($sCode, 0, 3); } if (mb_strlen($sCode) == 3) { $code2 = $sCode; $adm2 = XDb::xMultiVariableQueryValue("SELECT `name` FROM `nuts_codes` WHERE `code`= :1", 0, $sCode); $sCode = mb_substr($sCode, 0, 2); } if (mb_strlen($sCode) == 2) { $code1 = $sCode; if (checkField('countries', 'list_default_' . $lang)) { $lang_db = $lang; } else { $lang_db = "en"; } $eLang = XDb::xEscape($lang_db); // try to get localised name first $adm1 = XDb::xMultiVariableQueryValue("SELECT `countries`.`{$eLang}` FROM `countries`\n WHERE `countries`.`short`= :1 ", 0, $sCode); if ($adm1 == null) { $adm1 = XDb::xMultiVariableQueryValue("SELECT `name` FROM `nuts_codes` WHERE `code`= :1 ", 0, $sCode); } } tpl_set_var('country', $adm1); tpl_set_var('region', $adm3); } else { tpl_set_var('country', ""); tpl_set_var('region', ""); } //From Google $url = '//maps.googleapis.com/maps/api/geocode/json?latlng=' . $lat . ',' . $lon . '&sensor=false&language=' . $lang; $data = @file_get_contents($url);
$lang_db = "en"; } //Country in defaults ? if ($show_all_countries == 0 && $country != 'XX') { $stmt = $db->multiVariableQuery("SELECT `list_default_" . XDb::xEscape($lang_db) . "`\n FROM `countries` WHERE `short`=:1 LIMIT 1", $country); $record2 = $db->dbResultFetchOneRowOnly($stmt); if ($record2['list_default_' . $lang_db] == 0) { $show_all_countries = 1; } else { $show_all_countries = 0; } } if ($show_all_countries == 1) { $rs2 = XDb::xSql("SELECT `" . XDb::xEscape($lang_db) . "`, `list_default_" . XDb::xEscape($lang_db) . "`, `short`, `sort_" . XDb::xEscape($lang_db) . "` FROM `countries` ORDER BY `sort_" . XDb::xEscape($lang_db) . '` ASC', $lang_db); } else { $rs2 = XDb::xSql("SELECT `" . XDb::xEscape($lang_db) . "`, `list_default_" . XDb::xEscape($lang_db) . "`, `short`, `sort_" . XDb::xEscape($lang_db) . "` FROM `countries` WHERE `list_default_" . XDb::xEscape($lang_db) . "`=1 ORDER BY `sort_" . XDb::xEscape($lang_db) . '` ASC', $lang_db); } while ($record2 = XDb::xFetchArray($rs2)) { if ($record2['short'] == $country) { $stmp .= '<option value="' . $record2['short'] . '" selected="selected">' . htmlspecialchars($record2[$lang_db], ENT_COMPAT, 'UTF-8') . "</option>\n"; } else { $stmp .= '<option value="' . $record2['short'] . '">' . htmlspecialchars($record2[$lang_db], ENT_COMPAT, 'UTF-8') . "</option>\n"; } } XDb::xFreeResults($rs2); tpl_set_var('countrylist', $stmp); unset($stmp); tpl_set_var('show_all_countries', $show_all_countries); if ($show_all_countries == 0) { tpl_set_var('allcountriesbutton', '<input type="submit" class="formbuttons" name="submit_all_countries" value="' . $allcountries . '" />'); } else {
if ($i == 14 && $filter[$i] == 0) { // N $filter_by_type_string .= " AND caches.cache_id IN (SELECT cache_id FROM caches WHERE wp_oc IN (SELECT wp FROM gk_item_waypoint WHERE id IN (SELECT id FROM gk_item WHERE stateid<>1 AND stateid<>4 AND typeid<>2)) OR (wp_gc IN (SELECT wp FROM gk_item_waypoint WHERE id IN (SELECT id FROM gk_item WHERE stateid<>1 AND stateid<> 4 AND typeid<>2)) AND wp_gc <> '') OR (wp_nc IN (SELECT wp FROM gk_item_waypoint WHERE id IN (SELECT id FROM gk_item WHERE stateid<>1 AND stateid<>4 AND typeid<>2)) AND wp_nc <> '')) "; } // 15 - RESERVED - DO NOT USE !!! if ($i == 16 && $filter[$i] == 0) { // T $only_active .= " AND caches.status = 1"; } if ($i == 17 && $filter[$i] == 0) { // Y $only_active .= " AND caches.status = 2"; } } } $result = XDb::xSql("SELECT caches.cache_id, caches.name, user.username, caches.wp_oc as wp, caches.votes, caches.score,\n caches.topratings, caches.latitude, caches.longitude, caches.type, caches.status as status,\n datediff(now(), caches.date_hidden) as old, caches.user_id,\n IF(cache_id IN\n (\n SELECT cache_id\n FROM cache_logs\n WHERE deleted=0 AND user_id= ?\n AND (type=1 OR type=8)\n ), 1, 0\n ) as found\n FROM user, caches\n WHERE (caches.user_id = user.user_id)\n AND caches.latitude > ? AND caches.latitude < ?\n AND caches.longitude > ? AND caches.longitude < ?\n " . XDb::xEscape($only_active) . " " . $filter_by_type_string . "\n ORDER BY " . XDb::xEscape($ORDERBY) . "\n LIMIT " . XDb::xEscape($page) . ", " . XDb::xEscape($PER_PAGE), $user_id, $latSW, $latNE, $lonSW, $lonNE); echo "<?xml version=\"1.0\" encoding=\"" . $ENCODING . "\"?>\n"; echo "<markers>\n"; while ($res = XDb::xFetchArray($result)) { if (!isset($_REQUEST['print_list']) || onTheList($_SESSION['print_list'], $res['cache_id']) == -1) { $druk = "druk=\"y\""; } else { $druk = "druk=\"n\""; } $founds = XDb::xMultiVariableQueryValue("SELECT count(*) FROM cache_logs\n WHERE deleted=0 AND cache_id = :1\n AND (type=1 OR type=8)", 0, $res['cache_id']); $notfounds = XDb::xMultiVariableQueryValue("SELECT count(*) FROM cache_logs\n WHERE deleted=0 AND cache_id = :1 AND type=2", 0, $res['cache_id']); if ($res['votes'] > 2) { $score = $res['score']; } else { $score = ""; }
require_once './lib/common.inc.php'; //Preprocessing if ($error == false) { //user logged in? if ($usr == false) { $target = urlencode(tpl_get_current_page()); tpl_redirect('login.php?target=' . $target); } else { $tplname = 'searchuser'; $options['username'] = isset($_REQUEST['username']) ? $_REQUEST['username'] : ''; if (!isset($options['username'])) { $options['username'] = ''; } if ($options['username'] != '') { $query = "SELECT user_id, username, date_created FROM user WHERE username LIKE :username ORDER BY username ASC"; $params = array("username" => array("value" => '%' . XDb::xEscape($options['username']) . '%', "data_type" => "string")); $dbc = OcDb::instance(); $s = $dbc->paramQuery($query, $params); $bgcolor1 = '#eeeeee'; $bgcolor2 = '#ffffff'; $line = '<tr bgcolor={bgcolor}><td><a href=viewprofile.php?userid={user_id}>{username}</a></td><td> </td><td nowrap style="text-align:center;">{date_created}</td><td nowrap style="text-align:center;"></td></tr>'; $lines = ""; $ilosc = $dbc->rowCount($s); if ($ilosc != 0) { if ($ilosc == 1) { $record = $dbc->dbResultFetch($s); tpl_redirect("viewprofile.php?userid=" . $record['user_id']); } else { $i = 0; while ($record = $dbc->dbResultFetch($s)) { $tmp_line = $line;
<?php use Utils\Database\XDb; require_once "./lib/common.inc.php"; if (isset($_SESSION['user_id'])) { if (isset($_GET['id']) && !empty($_GET['id']) && preg_match("/^\\d+\$/", $_GET['id'])) { $id = XDb::xEscape($_GET['id']); $query = "select user_id,deleted,cache_id,type from cache_logs where id = '" . $id . "'"; $wynik = XDb::xSql($query); $wiersz = XDb::xFetchArray($wynik); $user_id2 = $wiersz['user_id']; if (empty($user_id2)) { $tpl->assign("error", "1"); } elseif ($user_id2 != $_SESSION['user_id']) { $tpl->assign("error", "2"); } elseif ($wiersz['deleted'] == '1') { $tpl->assign("error", "1"); } elseif (isset($_POST['confirm']) && $_POST['confirm'] == "true") { $cahce_id = $wiersz['cache_id']; $user_id = $wiersz['user_id']; $type = $wiersz['type']; $query = "update cache_logs set deleted=1 where id=" . $id; XDb::xSql($query); switch ($type) { case 1: $query = "update user set founds_count=founds_count-1 where user_id = " . $_SESSION['user_id']; XDb::xSql($query); $query = "update caches set founds=founds-1 where cache_id = " . $cahce_id; XDb::xSql($query); $query = "SELECT 1 FROM `cache_rating` where user_id=" . $_SESSION['user_id'] . " and cache_id=" . $cahce_id; $wynik = XDb::xSql($query);
function find_news($start, $end) { global $lang; global $ile; global $url; global $tpl; global $znalezione; if (isset($_GET['nazwa'])) { $nazwa = XDb::xEscape($_GET['nazwa']); $query = "select votes,cache_id,name, status, score, latitude, longitude, wp_oc, user_id, type from caches where name like '%" . $nazwa . "%' and caches.status in ('1','2','3') order by name limit " . $start . "," . $end; $czykilka = 1; $url = "./find.php?nazwa=" . $nazwa; } if (isset($_GET['wp'])) { $wp = XDb::xEscape($_GET['wp']); $query = "select votes,cache_id,name, status, score, latitude, longitude, wp_oc, user_id, type from caches where wp_oc = '" . $wp . "' and caches.status in ('1','2','3') order by name limit " . $start . "," . $end; $czykilka = 0; $url = "./find.php?wp=" . $wp; } if (isset($_GET['owner'])) { $owner = XDb::xEscape($_GET['owner']); $query = "select votes,cache_id,name, status, score, latitude, longitude, wp_oc, user_id, type from caches where user_id = (select user_id from user where username ='******') and caches.status in ('1','2','3') order by name limit " . $start . "," . $end; $czykilka = 1; $url = "./find.php?owner=" . $owner; } if (isset($_GET['finder'])) { $finder = XDb::xEscape($_GET['finder']); $query = "select caches.votes,caches.cache_id,name, status, score, latitude, longitude, wp_oc, caches.user_id, caches.type from caches inner join cache_logs on caches.cache_id=cache_logs.cache_id where cache_logs.user_id = (select user.user_id from user where username ='******') and cache_logs.type = '1' and cache_logs.deleted=0 and caches.status in ('1','2','3') order by cache_logs.id desc limit " . $start . "," . $end; $czykilka = 1; $url = "./find.php?finder=" . $finder; } $wynik = XDb::xSql($query); $ilewyn = XDb::xNumRows($wynik); if ($czykilka == 0) { if ($ilewyn > 0) { global $address; $wiersz = XDb::xFetchArray($wynik); $adres = "./" . $address . ".php?wp=" . $wiersz['wp_oc']; header('Location: ' . $adres); exit; } else { $tpl->assign("error", "1"); } } if ($czykilka == 1) { $znalezione = array(); while ($rekord = XDb::xFetchArray($wynik)) { if (isset($_SESSION['user_id'])) { $query2 = "select 1 from cache_logs where user_id = '" . $_SESSION['user_id'] . "' and type = '1' and deleted='0' and cache_id ='" . $rekord['cache_id'] . "';"; $wynik2 = XDb::xSql($query2); $if_found = XDb::xFetchArray($wynik2); if ($if_found[0] != '1') { $query2 = "select 2 from cache_logs where user_id = '" . $_SESSION['user_id'] . "' and type = '2' and deleted='0' and cache_id ='" . $rekord['cache_id'] . "';"; $wynik2 = XDb::xSql($query2); $if_found = XDb::xFetchArray($wynik2); } $if_found = $if_found[0]; } $query = "select username from user where user_id = " . $rekord['user_id'] . ";"; $wynik2 = XDb::xSql($query); $wiersz = XDb::xFetchArray($wynik2); $query = "select " . $lang . " from cache_type where id = " . $rekord['type'] . ";"; $wynik2 = XDb::xSql($query); $wiersz2 = XDb::xFetchArray($wynik2); if ($rekord['votes'] > 3) { $rekord['score'] = score2ratingnum($rekord['score']); } else { $rekord['score'] = 5; } $rekord['username'] = $wiersz['username']; $rekord['if_found'] = $if_found; $rekord['N'] = cords($rekord['latitude']); $rekord['E'] = cords($rekord['longitude']); $rekord['typetext'] = $wiersz2[0]; $znalezione[] = $rekord; } } }
$rootpath = '../'; require '../lib/common.inc.php'; global $lang; //Preprocessing if ($error == false) { require "../lib/jpgraph/src/jpgraph.php"; require "../lib/jpgraph/src/jpgraph_pie.php"; require "../lib/jpgraph/src/jpgraph_pie3d.php"; // check for old-style parameters if (isset($_REQUEST['cacheid'])) { $cache_id = $_REQUEST['cacheid']; } $y = array(); $x = array(); if (checkField('log_types', $lang)) { $lang_db = XDb::xEscape($lang); } else { $lang_db = "en"; } // Ustawic sprawdzanie jezyka w cache_type.pl !!!! $rsCSF = XDb::xSql("SELECT COUNT(`cache_logs`.`type`) `count`, `log_types`.`{$lang_db}` AS `type`\n FROM `cache_logs` INNER JOIN `log_types` ON (`cache_logs`.`type`=`log_types`.`id`)\n WHERE type=1 AND cache_logs.deleted=0 AND cache_logs.cache_id= ?\n GROUP BY `cache_logs`.`type`\n ORDER BY `log_types`.`pl` ASC", $cache_id); if ($rsCSF !== false) { $xtitle = ""; $ry = XDb::xFetchArray($rsCSF); $y[] = $ry['count']; $x[] = $ry['type']; } else { $x[] = tr("found"); } $rsCSNF = XDb::xSql("SELECT COUNT(`cache_logs`.`type`) `count`, `log_types`.`{$lang_db}` AS `type`\n FROM `cache_logs` INNER JOIN `log_types` ON (`cache_logs`.`type`=`log_types`.`id`)\n WHERE type=2 AND cache_logs.deleted=0 AND cache_logs.cache_id= ?\n GROUP BY `cache_logs`.`type`\n ORDER BY `log_types`.`pl` ASC", $cache_id); if ($rsCSNF !== false) {
tpl_set_var('pictures', viewcache_getpicturestable($cache_id, true, true, $spoiler_only, true, $cache_record['picturescount'], $disable_spoiler_view)); } elseif (isset($_REQUEST['pictures']) && $_REQUEST['pictures'] == 'no') { tpl_set_var('pictures', ""); } else { tpl_set_var('pictures', viewcache_getpicturestable($cache_id, true, true, false, false, $geocache->getPicturesCount(), $disable_spoiler_view)); } tpl_set_var('hidepictures_start', ''); tpl_set_var('hidepictures_end', ''); } // add OC Team comment if ($usr['admin'] && isset($_POST['rr_comment']) && $_POST['rr_comment'] != "" && $_SESSION['submitted'] != true) { $sender_name = $usr['username']; $comment = nl2br($_POST['rr_comment']); $date = date("d-m-Y H:i:s"); $octeam_comment = '<b><span class="content-title-noshade txt-blue08">' . tr('date') . ': ' . $date . ', ' . tr('add_by') . ' ' . $sender_name . '</span></b><br/>' . $comment; XDb::xSql("UPDATE cache_desc\n SET rr_comment = CONCAT('" . XDb::xEscape($octeam_comment) . "<br/><br/>', rr_comment),\n last_modified = NOW()\n WHERE cache_id= ? ", $cache_id); $_SESSION['submitted'] = true; // send notify to owner cache and copy to OC Team $query1 = "SELECT `email` FROM `user` WHERE `user_id`=:1"; $owner_email = $dbc->multiVariableQuery($query1, $geocache->getOwner()->getUserId()); $sender_email = $usr['email']; $email_content = file_get_contents($stylepath . '/email/octeam_comment.email'); $email_content = mb_ereg_replace('{server}', $absolute_server_URI, $email_content); $email_content = mb_ereg_replace('{cachename}', $cache_record['name'], $email_content); $email_content = mb_ereg_replace('{cacheid}', $cache_record['cache_id'], $email_content); $email_content = mb_ereg_replace('{octeam_comment}', $_POST['rr_comment'], $email_content); $email_content = mb_ereg_replace('{sender}', $sender_name, $email_content); $email_content = mb_ereg_replace('{ocTeamComment_01}', tr('ocTeamComment_01'), $email_content); $email_content = mb_ereg_replace('{ocTeamComment_02}', tr('ocTeamComment_02'), $email_content); $email_content = mb_ereg_replace('{ocTeamComment_03}', tr('ocTeamComment_03'), $email_content); $email_content = mb_ereg_replace('{ocTeamComment_04}', tr('ocTeamComment_04'), $email_content);
$tplname = 'viewreports'; $content = ''; // tylko dla członków Rady if ($error == false && $usr['admin']) { if (isset($_GET['archiwum']) && $_GET['archiwum'] == 1) { tpl_set_var('arch_curr', tr("cache_reports_34")); tpl_set_var('archiwum', 0); $show_archive = " reports.status = 2 AND "; $sorting_order = "DESC"; } else { tpl_set_var('arch_curr', tr("cache_reports_35")); tpl_set_var('archiwum', 1); $show_archive = " reports.status <> 2 AND "; $sorting_order = "DESC"; } $query = XDb::xSql("SELECT cache_status.id AS cs_id, caches.last_modified AS lastmodified,\n caches.user_id AS cache_ownerid,cache_status.{$lang} AS cache_status, reports.id as report_id,\n reports.user_id as user_id, reports.changed_by as changed_by, reports.changed_date as changed_date,\n reports.cache_id as cache_id, reports.type as type, reports.text as text,\n reports.submit_date as submit_date, reports.responsible_id as responsible_id,\n reports.status as status, user.username as username, user.user_id as user_id,\n caches.name as cachename,IFNULL(`cache_location`.`adm3`, '') AS `adm3`, caches.status AS c_status\n FROM cache_status, reports, user, (\n `caches` LEFT JOIN `cache_location` ON `caches`.`cache_id` = `cache_location`.`cache_id`\n )\n WHERE cache_status.id = caches.status\n AND " . XDb::xEscape($show_archive) . " user.user_id = reports.user_id\n AND caches.cache_id = reports.cache_id\n ORDER BY submit_date " . XDb::xEscape($sorting_order)); $row_num = 0; while ($report = XDb::xFetchArray($query)) { if ($row_num % 2) { $bgcolor = "bgcolor1"; } else { $bgcolor = "bgcolor2"; } $content .= "<tr>\n"; $userLastLogin = XDb::xMultiVariableQueryValue("SELECT last_login FROM user WHERE user_id=:1 ", 0, $report['cache_ownerid']); if ($userLastLogin == "0000-00-00 00:00:00") { $userlogin = "******"; } else { $userlogin = strftime("%Y-%m-%d", strtotime($userLastLogin)); } if ($usr['userid'] == $report['responsible_id']) {
if ($error == false) { //user logged in? if ($usr == false) { $target = urlencode(tpl_get_current_page()); tpl_redirect('login.php?target=' . $target); } else { include $stylepath . '/mylist.inc.php'; $tplname = 'mylist'; $bml_id = 0; tpl_set_var('title_text', $standard_title); if (!isset($_SESSION['print_list']) || !is_array($_SESSION['print_list']) || empty($_SESSION['print_list'])) { tpl_set_var('list', $no_list); tpl_set_var('print_delete_list', ''); tpl_set_var('export_list', ''); } else { $cache_list = XDb::xEscape(implode(",", $_SESSION['print_list'])); $rs = XDb::xSql("SELECT `cache_id`, `name`, `type`,`last_found`\n FROM `caches` WHERE `cache_id` IN ( {$cache_list} )\n ORDER BY `name`"); $list = ''; $i = 0; while ($record = XDb::xFetchArray($rs)) { $tmp_list = $i++ % 2 == 0 ? $list_e : $list_o; //modified coords if (($record['type'] == '7' || $record['type'] == '1' || $record['type'] == '3') && $usr != false) { //check if quiz (7) or other(1) or multi (3) and user is logged if (!isset($dbc)) { $dbc = OcDb::instance(); } $mod_coord_q = 'SELECT cache_id FROM cache_mod_cords WHERE cache_id = :v1 AND user_id =:v2'; $params['v1']['value'] = (int) $record['cache_id']; $params['v1']['data_type'] = 'integer';
<?php use Utils\Database\XDb; //prepare the templates and include all neccessary require_once './lib/common.inc.php'; //Preprocessing if ($error == false) { $cache_id = isset($_REQUEST['cacheid']) ? $_REQUEST['cacheid'] : ''; $target = isset($_REQUEST['target']) ? $_REQUEST['target'] : 'myignores.php'; if ($usr !== false) { //add to caches $rs = XDb::xQuery('SELECT ignorer_count FROM caches WHERE cache_id=\'' . XDb::xEscape($cache_id) . '\''); if ($record = Xdb::xFetchArray($rs)) { XDb::xSql('UPDATE caches SET ignorer_count=\'' . ($record['ignorer_count'] + 1) . '\' WHERE cache_id=\'' . XDb::xEscape($cache_id) . '\''); //add watch XDb::xSql('INSERT INTO `cache_ignore` (`cache_id`, `user_id`) VALUES (\'' . XDb::xEscape($cache_id) . '\', \'' . XDb::xEscape($usr['userid']) . '\')'); //add to user $rs = XDb::xSql('SELECT cache_ignores FROM user WHERE user_id=\'' . XDb::xEscape($usr['userid']) . '\''); $record = XDb::xFetchArray($rs); XDb::xSql('UPDATE user SET cache_ignores=\'' . ($record['cache_ignores'] + 1) . '\' WHERE user_id=\'' . XDb::xEscape($usr['userid']) . '\''); tpl_redirect($target); } } } tpl_BuildTemplate();
$targeturl = 'index.php'; $searchfor = mb_trim($searchfor); $target = mb_strtolower(mb_substr($searchfor, 0, 2)); if (mb_substr($target, 0, 1) == 'n') { $target = 'nc'; } if (mb_ereg_match('([a-f0-9]){4,4}$', mb_strtolower($searchfor))) { $target = $ocWP; $searchfor = $target . '' . $searchfor; } if (($target == 'oc' || $target == $ocWP || $target == 'nc' || $target == 'gc') && mb_ereg_match('((' . $ocWP . '|oc)([a-z0-9]){4,4}|gc([a-z0-9]){4,5}|n([a-f0-9]){5,5})$', mb_strtolower($searchfor))) { // get cache_id from DB if ($target == $ocWP) { $target = 'oc'; } $rs = XDb::xSql("SELECT `cache_id`, `latitude`, `longitude` FROM `caches`\n WHERE `wp_" . XDb::xEscape($target) . "`= ? ", $searchfor); $count = XDb::xNumRows($rs); if ($count == 1) { $record = XDb::xFetchArray($rs); if (isset($_POST['namapie'])) { $targeturl = 'cachemap2.php?lat=' . $record['latitude'] . '&lon=' . $record['longitude'] . '&cacheid=' . $record['cache_id']; } else { $targeturl = 'viewcache.php?cacheid=' . $record['cache_id']; } unset($record); } else { if ($count == 0) { $tplname = 'searchplugin'; tpl_set_var('error_msg', mb_ereg_replace('{wp}', $searchfor, $errmsg_no_cache_found)); tpl_BuildTemplate(); exit;