function insertAIML()
{
//db globals
global $template, $msg;
$dbconn = db_open();
$aiml = "<category><pattern>[pattern]</pattern>[thatpattern]<template>[template]</template></category>";
$aimltemplate = mysql_real_escape_string(trim($_POST['template']));
$pattern = strtoupper(mysql_real_escape_string(trim($_POST['pattern'])));
$thatpattern = strtoupper(mysql_real_escape_string(trim($_POST['thatpattern'])));
$aiml = str_replace('[pattern]', $pattern, $aiml);
$aiml = empty($thatpattern) ? str_replace('[thatpattern]', "<that>{$thatpattern}</that>", $aiml) : $aiml;
$aiml = str_replace('[template]', $aimltemplate, $aiml);
$topic = strtoupper(mysql_real_escape_string(trim($_POST['topic'])));
$bot_id = isset($_SESSION['poadmin']['bot_id']) ? $_SESSION['poadmin']['bot_id'] : 1;
if ($pattern == "" || $template == "") {
$msg = 'You must enter a user input and bot response.';
} else {
$sql = "INSERT INTO `aiml` (`id`,`bot_id`, `aiml`, `pattern`,`thatpattern`,`template`,`topic`,`filename`, `php_code`) VALUES (NULL,'{$bot_id}', '{$aiml}','{$pattern}','{$thatpattern}','{$aimltemplate}','{$topic}','admin_added.aiml', '')";
$result = mysql_query($sql, $dbconn) or die('You have a SQL error on line ' . __LINE__ . ' of ' . __FILE__ . '. Error message is: ' . mysql_error() . ".<br />\nSQL = {$sql}<br />\n");
if ($result) {
$msg = "AIML added.";
} else {
$msg = "There was a problem adding the AIML - no changes made.";
}
}
mysql_close($dbconn);
return $msg;
}
function db_generate($fname, $db = false)
{
global $dbh;
if (!$db) {
$db = db_open($fname);
if (!$db) {
die('db open failed!');
}
}
$dbh = $db;
$qa[] = "CREATE TABLE users (uid INTEGER PRIMARY KEY ASC, user TEXT, pass TEXT, name TEXT, email TEXT);";
$qa[] = "CREATE TABLE groups (gid INTEGER PRIMARY KEY ASC, name TEXT, belongsto TEXT);";
$qa[] = "CREATE TABLE categories (cid INTEGER PRIMARY KEY ASC, title TEXT, gids TEXT);";
$qa[] = "CREATE TABLE posts (pid INTEGER PRIMARY KEY ASC, title TEXT, text TEXT, cid INTEGER);";
$qa[] = "CREATE TABLE msgs (mid INTEGER PRIMARY KEY ASC, from_id INTEGER, to_id INTEGER, msg TEXT, files TEXT);";
$qa[] = "CREATE TABLE files (fid INTEGER PRIMARY KEY ASC, up_user_id INTEGER, file TEXT);";
$qa[] = "CREATE TABLE news (nid INTEGER PRIMARY KEY ASC, ts INTEGER, content TEXT);";
$qa[] = "CREATE TABLE admin (name TEXT);";
$qa[] = "INSERT INTO users VALUES (NULL,'admin','" . sha1(sha1('KolohMun7p')) . "','Administrator','*****@*****.**')";
$qa[] = "INSERT INTO groups VALUES (NULL,'admin','1')";
$qa[] = "INSERT INTO groups VALUES (NULL,'everyone','1')";
$qa[] = "INSERT INTO categories VALUES (NULL,'carders','1,2')";
$qa[] = "INSERT INTO categories VALUES (NULL,'xploits','1,2')";
$qa[] = "INSERT INTO categories VALUES (NULL,'0days','1,2')";
$qa[] = "INSERT INTO categories VALUES (NULL,'XSS','1,2')";
$qa[] = "INSERT INTO categories VALUES (NULL,'sql injections','1,2')";
$qa[] = "INSERT INTO news VALUES (NULL, '" . time() . "','rwthctf has started, have fun hacking and good luck(-:')";
foreach ($qa as $q) {
db_query($q, $dbh);
}
echo 'Database initialized:-)' . "\n";
return $dbh;
}
function execQuery($query)
{
$conn = db_open();
$rs = mysql_query($query, $conn);
// or die (mysql_error());
db_close($conn);
return $rs;
}
/**
* function db_make_safe()
* Makes a str safe to insert in the db
* @param string $str - the string to make safe
* @return string $str - the safe string
**/
function db_make_safe($str)
{
$dbconn = db_open();
$out = mysql_real_escape_string($str, $dbconn);
// Takes into account the character set of the chosen database
mysql_close($dbconn);
return $out;
}
function return_device($device_id)
{
$con = db_open();
$sql = "\r\n\t\tSELECT owner ,device_id , type_id, type , sensitivity, offset, last_calibrated \r\n\t\tFROM sensors INNER JOIN sensorboards \r\n\t\tON sensor_id=id_co2 OR sensor_id=id_co OR sensor_id=id_pm10 OR sensor_id=id_pm25 \r\n\t\tOR sensor_id=id_no OR sensor_id=id_no2 OR sensor_id=id_so2 OR sensor_id=id_o3\r\n\t\tWHERE `device_id`={$device_id}\r\n\t\t";
$result = mysql_query($sql, $con);
$xml = generate_calibxml($result);
echo $xml;
}
function connect_to_db($query)
{
$con = db_open();
$result = mysql_query($query, $con);
if (!$result) {
die("Invalid query: " . mysql_error());
}
return $result;
}
function sample_group_create($user_id, $comment = NULL)
{
$con = db_open();
$sql = sample_group_insert_SQL($user_id, $comment);
db_table_lock("SampleGroups", $con);
$result = mysql_query($sql, $con);
$id = mysql_insert_id($con);
db_table_unlock($con);
return $id;
}
function getDbTime()
{
$dbase = db_open($dbase);
if (!$dbase) {
echo "<font class='error'>ERROR</font> : cannot open DB<br>";
exit;
}
$sql = "SELECT UNIX_TIMESTAMP( CONVERT_TZ(now(),@@time_zone,'+0:00') )";
$res = mysqli_query($dbase, $sql);
if (!@$res) {
writelog("error.log", "Wrong query : \" {$sql} \"");
echo "<font class='error'>ERROR</font> : Wrong query : {$sql}<br><br>";
exit;
}
list($date) = mysqli_fetch_row($res);
db_close($dbase);
return $date;
}
function stats_get_num_samples(&$samples_today)
{
global $con;
$con = db_open();
$today = strtotime(date('Y-m-d', time()));
$total_count = 0;
$today_count = 0;
$sql = "SELECT `date` FROM `Samples`";
$result = mysql_query($sql, $con);
while ($row = mysql_fetch_assoc($result)) {
$date = strtotime($row['date']);
if ($date >= $today) {
$today_count++;
}
$total_count++;
}
$samples_today = $today_count;
return $total_count;
}
function getChatLines($i, $j)
{
global $bot_id;
$dbconn = db_open();
$sql = <<<endSQL
SELECT AVG(`chatlines`) AS TOT
\t\t\t\tFROM `users`
\t\t\t\tINNER JOIN `conversation_log` ON `users`.`id` = `conversation_log`.`userid`
\t\t\t\tWHERE `conversation_log`.`bot_id` = {$bot_id} AND [endCondition];
endSQL;
if ($i == "average") {
$endCondition = '`chatlines` != 0;';
} else {
$endCondition = "(`chatlines` >= {$i} AND `chatlines` <= {$j})";
}
$sql = str_replace('[endCondition]', $endCondition, $sql);
//get undefined defaults from the db
$result = mysql_query($sql, $dbconn) or die('You have a SQL error on line ' . __LINE__ . ' of ' . __FILE__ . '. Error message is: ' . mysql_error() . ".<br />\nSQL = {$sql}<br />\n");
$row = mysql_fetch_assoc($result);
$res = $row['TOT'];
return $res;
}
function showChatFrame()
{
global $template, $bot_name, $bot_id;
$dbconn = db_open();
$sql = "select `format` from `bots` where `bot_id` = {$bot_id} limit 1;";
$result = mysql_query($sql, $dbconn) or die('You have a SQL error on line ' . __LINE__ . ' of ' . __FILE__ . '. Error message is: ' . mysql_error() . ".<br />\nSQL = {$sql}<br />\n");
$row = mysql_fetch_assoc($result);
$format = strtolower($row['format']);
switch ($format) {
case "html":
$url = '../gui/plain/';
break;
case "json":
$url = '../gui/jquery/';
break;
case "xml":
$url = '../gui/xml/';
break;
}
$out = $template->getSection('ChatDemo');
$out = str_replace('[pageSource]', $url, $out);
$out = str_replace('[format]', strtoupper($format), $out);
return $out;
}
<?php
require_once 'db-config.php';
db_open("pulmofluency");
session_start();
$userid = $_SESSION['user_id'];
$locSelected = $_GET['locSelected'];
$userIsReviewer = $_GET['userIsReviewer'];
// Escape User Input to help prevent SQL Injection
$locSelected = mysql_real_escape_string($locSelected);
$userIsReviewer = mysql_real_escape_string($userIsReviewer);
$location = explode("~", $locSelected);
// Build SQL
// Build SELECT statement
$sqlselect = 'SELECT users.firstname, users.lastname, users.ID';
// Build FROM statement
if ($userIsReviewer != "1") {
$sqlfrom = ' FROM users';
} else {
$sqlfrom = ' FROM peerreview, users';
}
// Build WHERE statement
if ($userIsReviewer != "1") {
$sqlwhere = ' WHERE role="2"';
} else {
$sqlwhere = ' WHERE role="2" AND (peerreview.reviewer = "' . $userid . '") AND (users.ID = peerreview.reviewee)';
}
$sqlwhere2 = "";
if ($location) {
$kv = array();
foreach ($location as $key => $value) {
if (0) {
// quitamos esto del medio de momento - lo de artistas_etc4.php
// son 3 relaciones 1 a N - artistas -> albumes -> canciones -> videos
// PROGRAMA PRINCIPAL
// usa unordered lists, se puede presentar algo mejor con un poco de CSS
// los parametros del script: co(ntinente) pa(is) ci(udad)
param("ar", $ar);
// param() cambia(defina) el valor de la variable(global) 2º argumento
param("al", $al);
// mira lo que hace extract(), todavía no lo uso aquí
param("ca", $ca);
// seria buena idea si son muchos parametros
param("vi", $vi);
// empezamos el query string para pasarlo a hacer_lista()
$qs = "{$yo}?";
$con = db_open($db_name);
echo "KEYS:", br();
foreach (["artistas", "albumes", "canciones", "videos"] as $t) {
echo "{$t} PK: ", db_getPK($db_name, $t), br();
$ka = db_getFK($db_name, $t);
if ($ka[0]) {
echo "{$t} FK: " . $ka[1][0][0] . " ref tabla " . $ka[1][0][1] . " col " . $ka[1][0][2] . br();
}
PC::db($ka, "{$t}");
$rfk = db_getrFK($db_name, $t);
if ($rfk[0]) {
echo "Referencias a {$t}: ", table($rfk[0], $rfk[1]);
}
}
// empezamos por las canciones de momento, luego veremos que hacer con los videos
if ($ca) {
function solusvmcontrol_summary_tab()
{
// Make sure subtab is set
if (!isset($_GET['subtab'])) {
$_GET['subtab'] = "active";
}
// Tab styling
$activestyle = " style=\"background-color: #FFF !important;border-bottom:solid 1px white !important;\"";
$out_inactive = false;
$out_active = false;
$out_all = false;
switch ($_GET['subtab']) {
case "inactive":
$active_in = $activestyle;
$out_inactive = true;
break;
case "all":
$active_al = $activestyle;
$out_all = true;
break;
case "active":
default:
$active_ac = $activestyle;
$out_active = true;
break;
// This looks a bit confusing, but basically case "active" is the default
}
// Init arrays for output
$active = "";
$inactive = "";
$all = "";
// Init query
db_open();
$svmc_servers_query = "SELECT group_concat(DISTINCT relid SEPARATOR ',') AS svmc_servers FROM tblcustomfields WHERE (fieldname = 'solusvm_server' OR fieldname = 'solusvm_api_key' OR fieldname = 'solusvm_api_hash')";
$svmc_servers_result = mysql_query($svmc_servers_query);
// Get the login Credentials into an assoc array
$svmc_servers = mysql_fetch_assoc($svmc_servers_result);
if (empty($svmc_servers["svmc_servers"])) {
$out = "<tr><td colspan=\"3\">SolusVMControl is not currently active on any of your VPS.</td></tr>";
} else {
// Get all VPS
$all_vps_result = mysql_query("SELECT tblhosting.*, tblproducts.name FROM tblhosting, tblproducts WHERE tblhosting.packageid IN ({$svmc_servers["svmc_servers"]}) AND tblhosting.packageid = tblproducts.id");
$all_vps = null;
while ($row = mysql_fetch_assoc($all_vps_result)) {
$all_vps[] = $row;
}
// Itterate through $all_vps
foreach ($all_vps as $vps) {
// Get credentials for $vps
$vps_svmc_settings_result = mysql_query("SELECT tblcustomfieldsvalues.relid,fieldname,value FROM tblcustomfields, tblcustomfieldsvalues WHERE tblcustomfields.id = tblcustomfieldsvalues.fieldid AND fieldname LIKE 'solusvm_%' AND tblcustomfieldsvalues.relid = '" . $vps['id'] . "'");
$vps_svmc_settings = null;
while ($row = mysql_fetch_assoc($vps_svmc_settings_result)) {
$vps_svmc_settings[] = $row;
}
// Pick up VPS with no details logged
if (sizeof($vps_svmc_settings) < 3) {
$inactive[$vps['id']]['name'] = $vps['name'];
$inactive[$vps['id']]['domain'] = rtrim($vps['domain'], '. ');
$inactive[$vps['id']]['id'] = $vps['id'];
}
// Sort the results
foreach ($vps_svmc_settings as $vps_svmc_settings_item) {
// Create output arrays
$active[$vps['id']][$vps_svmc_settings_item['fieldname']] = $vps_svmc_settings_item['value'];
$active[$vps['id']]['name'] = $vps['name'];
$active[$vps['id']]['domain'] = rtrim($vps['domain'], '. ');
$active[$vps['id']]['id'] = $vps['id'];
}
}
}
// Check through the active ones (as some may not actually be active (empty))
if (!empty($active)) {
foreach ($active as $active_item) {
if (empty($active_item['solusvm_api_key']) || empty($active_item['solusvm_api_hash']) || empty($active_item['solusvm_server'])) {
$inactive[] = $active_item;
unset($active[$active_item['id']]);
}
}
}
if ($out_active) {
$outrows = $active;
} else {
if ($out_inactive) {
$outrows = $inactive;
} else {
if ($out_all) {
$outrows = array_merge($active, $inactive);
}
}
}
if (!empty($outrows)) {
$i = 0;
foreach ($outrows as $row) {
if ($i % 2) {
$switch = "";
} else {
$switch = "background-color:#F5F5F5";
}
$out .= "\n\t\t\t<tr style=\"height:50px;{$switch}\">" . "\n\t\t\t\t<td>{$row['name']}</td>" . "\n\t\t\t\t<td><a href=\"clientshosting.php?id={$row['id']}\">{$row['domain']}</a></td>";
if (($out_active || $out_all) && !empty($row['solusvm_server'])) {
$out .= "\n\t\t\t\t<td>Server: {$row['solusvm_server']}<br />API Key: {$row['solusvm_api_key']}<br />API Hash:{$row['solusvm_api_hash']}</td>";
} else {
$out .= "\n\t\t\t\t<td> </td>";
}
$out .= "<td style=\"text-align:rigtht\"><a href=\"clientshosting.php?id={$row['id']}\" style=\"background-color: #339BB9;background-repeat: repeat-x;\n background-image: -webkit-linear-gradient(top, #5bc0de, #339bb9);cursor: pointer;padding: 5px 14px 6px;\n border: 1px solid #CCC;border: 1px solid #CCC;-webkit-transition: 0.1s linear all;-webkit-border-radius: 4px;\n -moz-border-radius: 4px;border-radius: 4px;text-decoration:none;color:#FFF\">Edit Settings</a></td>\n\t\t\t</tr>";
$i++;
}
}
if (empty($active_ac)) {
$active_ac = "";
}
if (empty($active_in)) {
$active_in = "";
}
if (empty($active_al)) {
$active_al = "";
}
return "\n <div id=\"clienttabs\">\n \t<ul>\n \t\t<li class=\"tab\"><a href=\"addonmodules.php?module=solusvmcontrol&tab=summary&subtab=active\"{$active_ac}>Active</a></li>\n \t\t<li class=\"tab\"><a href=\"addonmodules.php?module=solusvmcontrol&tab=summary&subtab=inactive\"{$active_in}>Inactive</a></li>\n \t\t<li class=\"tab\"><a href=\"addonmodules.php?module=solusvmcontrol&tab=summary&subtab=all\"{$active_al}>All</a></li>\n </ul>\n </div>\n\n <div id=\"tab0box\" class=\"tabbox\">\n <div id=\"tab_content\" style=\"text-align:left;\">\n <table id=\"box-table-a\" summary=\"SolsuVMControl\" width=\"100%\" cellspacing=\"0\">\n <thead>\n <tr style=\"height:50px;\">\n <th scope=\"col\" width=\"250\" style=\"border-bottom: solid 3px #333\">SolusVM Package</th>\n <th scope=\"col\" width=\"300\" style=\"border-bottom: solid 3px #333\">Domain</th>\n <th scope=\"col\" style=\"border-bottom: solid 3px #333\">Details</th>\n <th scope=\"col\" style=\"border-bottom: solid 3px #333\">Edit Settings</th>\n </tr>\n </thead>\n <tbody>\n {$out}\n </tbody>\n </table>\n </div>\n </div>\n ";
}
function db_switch($target = false)
{
global $_josh;
db_open();
if (!$target) {
$target = $_josh["db"]["database"];
}
if ($_josh["db"]["language"] == "mssql") {
mssql_select_db($target, $_josh["db"]["pointer"]);
} elseif ($_josh["db"]["language"] == "mysql") {
mysql_select_db($target, $_josh["db"]["pointer"]);
}
$_josh["db"]["switched"] = $target == $_josh["db"]["database"] ? false : true;
}
function addBotPersonality()
{
$dbconn = db_open();
/*
$postVars = print_r($_POST, true);
die ("Post vars:<pre>\n$postVars\n</pre>");
*/
$bot_id = $_POST['bot_id'];
$sql = "Insert into `botpersonality` (`id`, `bot`, `name`, `value`) values\n";
$sql2 = "(null, {$bot_id}, '[key]', '[value]'),\n";
$msg = "";
$newEntryNames = isset($_POST['newEntryName']) ? $_POST['newEntryName'] : '';
$newEntryValues = isset($_POST['newEntryValue']) ? $_POST['newEntryValue'] : '';
if (!empty($newEntryNames)) {
foreach ($newEntryNames as $index => $key) {
$value = $newEntryValues[$index];
if (!empty($value)) {
$tmpSQL = str_replace('[key]', $key, $sql2);
$tmpSQL = str_replace('[value]', $value, $tmpSQL);
$sql .= $tmpSQL;
}
}
}
$skipKeys = array('bot_id', 'action', 'func', 'newEntryName', 'newEntryValue');
foreach ($_POST as $key => $value) {
if (!in_array($key, $skipKeys)) {
if ($value == "") {
continue;
}
if (is_array($value)) {
foreach ($value as $index => $fieldValue) {
$field = $key[$fieldValue];
$fieldValue = mysql_real_escape_string(trim($fieldValue));
$tmpSQL = str_replace('[key]', $field, $sql2);
$tmpSQL = str_replace('[value]', $fieldValue, $tmpSQL);
$sql .= $tmpSQL;
}
continue;
} else {
$value = mysql_real_escape_string(trim($value));
$tmpSQL = str_replace('[key]', $key, $sql2);
$tmpSQL = str_replace('[value]', $value, $tmpSQL);
$sql .= $tmpSQL;
}
}
}
$sql = rtrim($sql, ",\n");
$result = mysql_query($sql, $dbconn) or die('You have a SQL error on line ' . __LINE__ . ' of ' . __FILE__ . '. Error message is: ' . mysql_error() . ".<br />SQL:<br /><pre>\n{$sql}\n<br />\n</pre>\n");
if (!$result) {
$msg = 'Error updating bot personality.';
} elseif ($msg == "") {
$msg = 'Bot personality added!';
}
mysql_close($dbconn);
return $msg;
}
# 'host' => 'localhost',
# 'user' => 'root',
# 'pass' => '',
# 'db' => 'aaa',
# 'networks_table' => 'networks',
# 'networks_uamsecret_field' => 'uamsecret',
# );
#
// initialize globals
$hotspot_ap = false;
$hotspot_network = false;
$hotspot_user = false;
$hotspot_device = false;
$hotspot_code = false;
$hotspot_session = false;
$dblink = db_open();
// Look up access point based on MAC address
$hotspot_ap = get_ap();
if (!is_array($hotspot_ap) || !isset($hotspot_ap['network_id'])) {
echo 'Reply-Message: Access Point not found';
exit;
}
// Load the network that owns the access point to get uamsecret
$hotspot_network = get_network();
if (!is_array($hotspot_network) || !isset($hotspot_network['id'])) {
echo 'Reply-Message: Network is not configured correctly';
exit;
}
// Verify the query string parameters with uamsecret
check_url();
switch ($_GET['stage']) {
function updateSpell()
{
//global vars
global $template, $msg;
$dbconn = db_open();
$missspelling = mysql_real_escape_string(trim($_POST['missspelling']));
$correction = mysql_real_escape_string(trim($_POST['correction']));
$id = trim($_POST['id']);
if ($id == "" || $missspelling == "" || $correction == "") {
$msg = '<div id="errMsg">There was a problem editing the correction - no changes made.</div>';
} else {
$sql = "UPDATE `spellcheck` SET `missspelling` = '{$missspelling}',`correction`='{$correction}' WHERE `id`='{$id}' LIMIT 1";
$result = mysql_query($sql, $dbconn) or die('You have a SQL error on line ' . __LINE__ . ' of ' . __FILE__ . '. Error message is: ' . mysql_error() . ".<br />\nSQL = {$sql}<br />\n");
if ($result) {
$msg = '<div id="successMsg">Correction edited.</div>';
} else {
$msg = '<div id="errMsg">There was a problem editing the correction - no changes made.</div>';
}
}
}
require_once "db.php";
$yo = basename($_SERVER["SCRIPT_NAME"]);
// para enlaces relativos a este mismo script
// son 2 relaciones 1 a N - artistas -> albumes -> canciones
// PROGRAMA PRINCIPAL
// usa unordered lists, se puede presentar algo mejor con un poco de CSS
// los parametros del script: co(ntinente) pa(is) ci(udad)
param("ar", $ar);
// param() cambia(defina) el valor de la variable(global) 2º argumento
param("al", $al);
// mira lo que hace extract(), todavía no lo uso aquí
param("ca", $ca);
// seria buena idea si son muchos parametros
// empezamos el query string para pasarlo a hacer_lista()
$qs = "{$yo}";
$con = db_open("discoteca");
// cojemos los artistas
$artistas = db_query($con, "SELECT id_artista, nombre FROM artistas ORDER BY nombre")[1];
// 0 son headings
// mostrar siempre los artistas
echo hacer_lista("Artistas", "", "?ar", $artistas);
if ($ar) {
// mostrar albumes si se ha selecionado un artista
$qs .= "?ar={$ar}";
// cojemos los albumes
$albumes = db_query($con, "SELECT id_album, titulo_album FROM albumes WHERE id_artista={$ar} ORDER BY titulo_album")[1];
// 0 son headings
echo hacer_lista("Álbumes", " de artista {$ar}", "&al", $albumes);
if ($al) {
// mostrar canciones si se ha selecionado un album
$qs .= "&al={$al}";
echo "</table>\n";
echo "<br><br>";
echo "<center><span class='headingtext'>{$title}</span></center>\n";
echo "<br>";
if (isset($_POST["submit"])) {
if (!isset($_FILES['uploadfile']['tmp_name']) || !is_uploaded_file($_FILES['uploadfile']['tmp_name'])) {
display_error("You must select an SQL script for update");
} else {
include_once $path_to_root . "/config_db.php";
if (!isset($_POST['user']) || !isset($_POST['passwd']) || $_POST['user'] == "") {
display_error("You must select a user name and an optional password");
} else {
foreach ($db_connections as $id => $conn) {
$conn['dbuser'] = $_POST['user'];
$conn['dbpassword'] = $_POST['passwd'];
if (!($db = db_open($conn))) {
display_error("Wrong user name or password - " . mysql_error());
} else {
if (!db_import($_FILES['uploadfile']['tmp_name'], $conn)) {
display_error("Bad SQL file or you have already updated the company: " . $id . " " . $conn['name'] . " - " . mysql_error());
} else {
display_notification("Database has been updated for company: " . $id . " " . $conn['name']);
}
}
}
}
}
}
if (!isset($_POST['passwd'])) {
$_POST['passwd'] = "";
}
<?php
Header('Content-Type: text/html; charset=UTF-8');
setlocale(LC_ALL, 'ru_RU.UTF-8');
include_once 'passwd.php';
include_once 'functions.php';
include_once 'db.php';
$PERSMAP_MAX_POINTS = 1500;
$PERSMAP_MAX_LINE_POINTS = 600;
$pages_menu = array("map" => array("name" => "map", "text" => "Карта Online", "color" => "#99bd1b"), "navigator" => array("name" => "navigator", "text" => "Для навигаторов", "color" => "#f58720"), "about" => array("name" => "about", "text" => "О проекте", "color" => "#db4c39"));
$db_type = "postgresql";
if (function_exists("pg_connect")) {
// чтобы можно было тестировать не поднимая БД
$dbapi = db_open($db_type, $pg_base, $pg_user, $pg_pass, $pg_host);
pg_connect("host='" . $pg_host . "' user='******' password='******' dbname='" . $pg_base . "'");
//mysql_query('SET CHARACTER SET utf8');
//mysql_query('SET NAMES utf8');
//mysql_select_db($mysql_base);
}
session_start();
ob_start();
if ($gfle) {
$parent = db_read(array('table' => $table, 'col' => 'p', 'where' => $where));
db_write(array('table' => $table, 'set' => $set, 'where' => $where));
b('/' . $mod . '/?p=' . $parent);
} else {
//$gfle = db_write(array('table'=>$table, 'set'=>$set));
//b('/'.$mod.'/jne/?id='.$gid.'&fle='.$gfle);
b('/' . $mod . '/');
}
} elseif (!$post && $gfle) {
$parent = db_read(array('table' => $table, 'col' => 'p', 'where' => $where));
$has_children = db_read(array('table' => $table, 'col' => 'id', 'where' => '`p` = ' . $gfle));
if (!$has_children) {
$result = db_write(array('table' => $table, 'where' => $where));
img_delete_fdb($table, $gfle);
db_open('sqlite:thumb.sqlite3');
db_write(array('db' => 'thumb.sqlite3', 'table' => 't', 'where' => 'id = ' . $gfle));
}
b('/' . $mod . '/?p=' . $parent);
}
// end: delete
}
// -------------------------------------------------------------------------------------------------------------------- //
// --------------------------------------------------- AJAX ----------------------------------------------------------- //
// -------------------------------------------------------------------------------------------------------------------- //
// -------------------------------- file upload -------------------------------- //
if ($act == 'fup') {
$ajax = TRUE;
//http_response_code(418);
// [name] => Sol9pbjQC4M.jpg
// [type] => image/jpeg
function getSelOpts()
{
global $dbn, $bot_id, $msg;
$out = " <!-- Start Selectbox Options -->\n";
$dbconn = db_open();
$optionTemplate = " <option value=\"[val]\">[val]</option>\n";
$sql = "SELECT DISTINCT filename FROM `aiml` where `bot_id` = {$bot_id} order by `filename`;";
#return "SQL = $sql";
$result = mysql_query($sql, $dbconn) or die(mysql_error());
if (mysql_num_rows($result) == 0) {
$msg = "This bot has no AIML categories. Please select another bot.";
}
while ($row = mysql_fetch_assoc($result)) {
if (empty($row['filename'])) {
$curOption = " <option value=\"\">{No Filename entry}</option>\n";
} else {
$curOption = str_replace('[val]', $row['filename'], $optionTemplate);
}
$out .= $curOption;
}
mysql_close($dbconn);
$out .= " <!-- End Selectbox Options -->\n";
return $out;
}
$session_cookie_path = str_replace("http://{$server_name}", '', _DEBUG_URL_);
session_set_cookie_params($session_lifetime, $session_cookie_path);
$session_name = 'PGO_DEBUG';
session_name($session_name);
session_start();
$iframeURL = 'about:blank';
$options = array('file' => FILTER_SANITIZE_STRING, 'name' => FILTER_SANITIZE_STRING, 'pass' => FILTER_SANITIZE_STRING, 'logout' => FILTER_SANITIZE_STRING);
$post_vars = filter_input_array(INPUT_POST, $options);
if (isset($post_vars['logout'])) {
$_SESSION['isLoggedIn'] = false;
header('Location: ' . _DEBUG_URL_);
}
if (isset($post_vars['name'])) {
$name = $post_vars['name'];
$pass = md5($post_vars['pass']);
$dbConn = db_open();
$sql = "select `password` from `myprogramo` where `user_name` = '{$name}' limit 1;";
$sth = $dbConn->prepare($sql);
$sth->execute();
$row = $sth->fetch();
if ($row !== false) {
$verify = $row['password'];
if ($pass == $verify) {
$_SESSION['isLoggedIn'] = true;
header('Location: ' . _DEBUG_URL_);
} else {
$iframeURL = _LIB_URL_ . 'accessdenied.htm';
}
} else {
echo 'No results found!';
}
<?php
$host = $_GET['host'];
if (!isset($host) || !strlen($host)) {
$host = false;
$hosts = $_POST['hosts'];
if (!isset($hosts)) {
exit;
}
}
require_once 'mod_file.php';
require_once 'mod_dbase.php';
$dbase = db_open($dbase);
while (true) {
if ($host !== false) {
$host = str_replace("\r", "", $host);
// host is unique?
$sql = "SELECT host FROM hostban WHERE host = '{$host}' LIMIT 1";
$res = mysqli_query($dbase, $sql);
if (!@$res) {
// error
writelog("error.log", "Wrong query : {$sql}");
$content .= "<font class='error'>ERROR</font> : Wrong query : {$sql}<br><br>";
break;
} else {
if (mysqli_num_rows($res) == 1) {
// no
$content .= "<font class='error'>ERROR</font> : Host \"{$host}\" already exists!<br><br>";
} else {
// yep
// insert new
<?php
$site_root = $_SERVER['DOCUMENT_ROOT'];
require_once "{$site_root}/db/db_functions.php";
$location = 'Randwick';
$con = db_open();
$query = "SELECT date, no2, o3 FROM Samples \nWHERE location_name='{$location}' \nAND datediff(date,'2014-05-01')>0";
$result = mysql_query($query, $con);
if (!$result) {
die("invalid query" . mysql_error());
}
$text = array();
while ($temp = mysql_fetch_assoc($result)) {
array_push($text, $temp['date'] . ',' . $temp['no2'] . ',' . $temp['o3']);
}
$output = implode("</br>", $text);
echo 'date,no2,o3</br>' . $output;
<?php
require "common.php";
db_open();
function print_suite_performance($branch, $config_set, $config, $suite, $runs)
{
echo "<!-- START GENERATED CHART FOR SUITE [" . $suite . "] -->\n";
echo "<div id=\"suite_chart_container\">\n";
echo "\t<div>Suite: " . $suite . "</div>\n\n";
$numRuns = count($runs);
$query = "SELECT DISTINCT name FROM results WHERE branch = \"" . $branch . "\" AND suite_name = \"" . $suite . "\"";
$result = mysql_query($query);
while ($row = mysql_fetch_array($result)) {
// need to use "id" for the 3rd element in order to deal with odd suite names
$testId = $config_set . "_" . $config . "_" . str_replace('/', '_', $suite) . "_" . $row["name"];
echo "\t<div id=\"suite_chart_contents\">\n";
echo "\t\t<div id=\"" . $testId . "\" style=\"width: " . $numRuns * 100 . "px\"></div>\n";
echo "\t\t<script type=\"text/javascript\">\n";
echo "\t\t\tvar runIds = [];\n";
echo "\t\t\tvar driverIds = [];\n";
echo "\t\t\tvar chartData = [];\n\n";
$query2 = "SELECT DISTINCT driver_id FROM results WHERE branch = \"" . $branch . "\" AND name = \"" . $row["name"] . "\" AND suite_name = \"" . $suite . "\" ORDER BY driver_id ASC";
$result2 = mysql_query($query2);
while ($row2 = mysql_fetch_array($result2)) {
echo "\t\t\tdriverIds.push(\"" . $row2["driver_id"] . "\");\n\n";
echo "\t\t\tvar driverPerformanceData = [];\n";
for ($i = 0; $i < $numRuns; $i++) {
echo "\t\t\tif (runIds.length < " . ($i + 1) . ") {\n";
echo "\t\t\t\trunIds.push(\"" . date("n-j-Y g:i:s A", $runs[$i]["timestamp"]) . " / " . substr($runs[$i]["git_hash"], 0, 10) . "\");\n";
echo "\t\t\t}\n";
$query3 = "SELECT * FROM results WHERE driver_id = \"" . $row2["driver_id"] . "\" AND run_id = " . $runs[$i]["id"] . " AND name = \"" . $row["name"] . "\" LIMIT 1";
function _clean($max)
{
$old = time() - $max;
// Open the database connection
$db = db_open();
$stmt = $db->prepare("DELETE FROM sessions WHERE access < :old");
$stmt->bindParam(":old", $old, PDO::PARAM_INT, 10);
$return = $stmt->execute();
// Close the database connection
db_close($db);
return $return;
}
<?php
$guid = urldecode($_GET['guid']);
if (strlen($guid) === false) {
$content .= '<b>ERROR</b> : Invalid bot GUID';
}
$pos = strpos($guid, "!");
$guid2 = "SYSTEM" . substr($guid, $pos);
$guid3 = "" . substr($guid, $pos);
require_once 'mod_file.php';
require_once 'mod_time.php';
require_once 'mod_dbase.php';
require_once 'mod_strenc.php';
$dbase = db_open();
$sql = 'SELECT *' . ' FROM rep1' . " WHERE bot_guid = '{$guid}'" . ' LIMIT 1';
$res = mysqli_query($dbase, $sql);
if (!@$res) {
writelog("error.log", "Wrong query : \" {$sql} \"");
db_close($dbase);
exit;
}
if (!mysqli_num_rows($res)) {
$sql = 'SELECT *' . ' FROM rep1' . " WHERE bot_guid = '{$guid2}' OR bot_guid = '{$guid3}'" . ' LIMIT 1';
$res = mysqli_query($dbase, $sql);
if (!@$res) {
writelog("error.log", "Wrong query : \" {$sql} \"");
db_close($dbase);
exit;
}
if (!mysqli_num_rows($res)) {
$content = "<center><font class='error'>ERROR</font> : cannot find info bot this bot : <b>{$guid}</b> or <b>{$guid2}</b> or <b>{$guid3}</b></center>";
function update_last_login($user_id)
{
// Get current datetime for last_update
$current_datetime = date('Y-m-d H:i:s');
// Open the database connection
$db = db_open();
// Update the last login
$stmt = $db->prepare("UPDATE user SET `last_login`=:last_login WHERE `value`=:user_id");
$stmt->bindParam(":last_login", $current_datetime, PDO::PARAM_STR, 20);
$stmt->bindParam(":user_id", $user_id, PDO::PARAM_INT);
$stmt->execute();
// Close the database connection
db_close($db);
return true;
}
