escape_output PHP 코드 예제들

예제 #1

0

파일 보기

파일: misc.php 프로젝트: medikalfizikci/linac-ct-qa-management

function stream_large_file($filename, $mimeType = 'text/plain; charset="UTF-8"', $chunkSize = 1048576, $retbytes = TRUE)
{
    // Read a file and display its content chunk by chunk
    header('Content-Type: ' . $mimeType);
    header('Content-Disposition: attachment; filename=' . escape_output(basename($filename)));
    header('Content-Length: ' . filesize($filename));
    $buffer = '';
    $cnt = 0;
    // $handle = fopen($filename, 'rb');
    $handle = fopen($filename, 'rb');
    if ($handle === false) {
        return false;
    }
    while (!feof($handle)) {
        $buffer = fread($handle, $chunkSize);
        echo $buffer;
        ob_flush();
        flush();
        if ($retbytes) {
            $cnt += strlen($buffer);
        }
    }
    $status = fclose($handle);
    if ($retbytes && $status) {
        return $cnt;
        // return num. bytes delivered like readfile() does.
    }
    return $status;
}

예제 #2

0

파일 보기

파일: rss.php 프로젝트: bgarrels/textpattern

function rss()
{
    global $prefs, $thisarticle;
    set_error_handler('tagErrorHandler');
    extract($prefs);
    extract(doSlash(gpsa(array('category', 'section', 'limit', 'area'))));
    $sitename .= $section ? ' - ' . fetch_section_title($section) : '';
    $sitename .= $category ? ' - ' . fetch_category_title($category) : '';
    $dn = explode('/', $siteurl);
    $mail_or_domain = $use_mail_on_feeds_id ? eE($blog_mail_uid) : $dn[0];
    $out[] = tag('http://textpattern.com/?v=' . $version, 'generator');
    $out[] = tag(doSpecial($sitename), 'title');
    $out[] = tag(hu, 'link');
    $out[] = tag(doSpecial($site_slogan), 'description');
    $last = fetch('unix_timestamp(val)', 'txp_prefs', 'name', 'lastmod');
    $out[] = tag(safe_strftime('rfc822', $last), 'pubDate');
    $articles = array();
    if (!$area or $area == 'article') {
        $sfilter = $section ? "and Section = '" . $section . "'" : '';
        $cfilter = $category ? "and (Category1='" . $category . "' or Category2='" . $category . "')" : '';
        $limit = $limit ? $limit : $rss_how_many;
        $limit = intval(min($limit, max(100, $rss_how_many)));
        $frs = safe_column("name", "txp_section", "in_rss != '1'");
        if ($frs) {
            foreach ($frs as $f) {
                $query[] = "and Section != '" . doSlash($f) . "'";
            }
        }
        $query[] = $sfilter;
        $query[] = $cfilter;
        $rs = safe_rows_start("*, unix_timestamp(Posted) as uPosted, ID as thisid", "textpattern", "Status = 4 " . join(' ', $query) . "and Posted < now() order by Posted desc limit {$limit}");
        if ($rs) {
            while ($a = nextRow($rs)) {
                extract($a);
                populateArticleData($a);
                $cb = callback_event('rss_entry');
                $a['posted'] = $uPosted;
                $permlink = permlinkurl($a);
                $summary = trim(replace_relative_urls(parse($thisarticle['excerpt']), $permlink));
                $content = trim(replace_relative_urls(parse($thisarticle['body']), $permlink));
                if ($syndicate_body_or_excerpt) {
                    # short feed: use body as summary if there's no excerpt
                    if (!trim($summary)) {
                        $summary = $content;
                    }
                    $content = '';
                }
                if ($show_comment_count_in_feed) {
                    $count = $comments_count > 0 ? ' [' . $comments_count . ']' : '';
                } else {
                    $count = '';
                }
                $Title = escape_output(strip_tags($Title)) . $count;
                $thisauthor = get_author_name($AuthorID);
                $item = tag($Title, 'title') . n . (trim($summary) ? tag(n . escape_cdata($summary) . n, 'description') . n : '') . (trim($content) ? tag(n . escape_cdata($content) . n, 'content:encoded') . n : '') . tag($permlink, 'link') . n . tag(safe_strftime('rfc822', $a['posted']), 'pubDate') . n . tag(htmlspecialchars($thisauthor), 'dc:creator') . n . tag('tag:' . $mail_or_domain . ',' . $feed_time . ':' . $blog_uid . '/' . $uid, 'guid', ' isPermaLink="false"') . n . $cb;
                $articles[$ID] = tag($item, 'item');
                $etags[$ID] = strtoupper(dechex(crc32($articles[$ID])));
                $dates[$ID] = $uPosted;
            }
        }
    } elseif ($area == 'link') {
        $cfilter = $category ? "category='{$category}'" : '1';
        $limit = $limit ? $limit : $rss_how_many;
        $limit = intval(min($limit, max(100, $rss_how_many)));
        $rs = safe_rows_start("*, unix_timestamp(date) as uDate", "txp_link", "{$cfilter} order by date desc limit {$limit}");
        if ($rs) {
            while ($a = nextRow($rs)) {
                extract($a);
                $item = tag(doSpecial($linkname), 'title') . n . tag(doSpecial($description), 'description') . n . tag(doSpecial($url), 'link') . n . tag(safe_strftime('rfc822', $uDate), 'pubDate');
                $articles[$id] = tag($item, 'item');
                $etags[$id] = strtoupper(dechex(crc32($articles[$id])));
                $dates[$id] = $date;
            }
        }
    }
    if (!$articles) {
        if ($section) {
            if (safe_field('name', 'txp_section', "name = '{$section}'") == false) {
                txp_die(gTxt('404_not_found'), '404');
            }
        } elseif ($category) {
            switch ($area) {
                case 'link':
                    if (safe_field('id', 'txp_category', "name = '{$category}' and type = 'link'") == false) {
                        txp_die(gTxt('404_not_found'), '404');
                    }
                    break;
                case 'article':
                default:
                    if (safe_field('id', 'txp_category', "name = '{$category}' and type = 'article'") == false) {
                        txp_die(gTxt('404_not_found'), '404');
                    }
                    break;
            }
        }
    } else {
        //turn on compression if we aren't using it already
        if (extension_loaded('zlib') && ini_get("zlib.output_compression") == 0 && ini_get('output_handler') != 'ob_gzhandler' && !headers_sent()) {
            // make sure notices/warnings/errors don't fudge up the feed
            // when compression is used
            $buf = '';
            while ($b = @ob_get_clean()) {
                $buf .= $b;
            }
            @ob_start('ob_gzhandler');
            echo $buf;
        }
        handle_lastmod();
        $hims = serverset('HTTP_IF_MODIFIED_SINCE');
        $imsd = $hims ? strtotime($hims) : 0;
        if (is_callable('apache_request_headers')) {
            $headers = apache_request_headers();
            if (isset($headers["A-IM"])) {
                $canaim = strpos($headers["A-IM"], "feed");
            } else {
                $canaim = false;
            }
        } else {
            $canaim = false;
        }
        $hinm = stripslashes(serverset('HTTP_IF_NONE_MATCH'));
        $cutarticles = false;
        if ($canaim !== false) {
            foreach ($articles as $id => $thing) {
                if (strpos($hinm, $etags[$id]) !== false) {
                    unset($articles[$id]);
                    $cutarticles = true;
                    $cut_etag = true;
                }
                if ($dates[$id] < $imsd) {
                    unset($articles[$id]);
                    $cutarticles = true;
                    $cut_time = true;
                }
            }
        }
        if (isset($cut_etag) && isset($cut_time)) {
            header("Vary: If-None-Match, If-Modified-Since");
        } else {
            if (isset($cut_etag)) {
                header("Vary: If-None-Match");
            } else {
                if (isset($cut_time)) {
                    header("Vary: If-Modified-Since");
                }
            }
        }
        $etag = @join("-", $etags);
        if (strstr($hinm, $etag)) {
            if ($_SERVER['SERVER_PROTOCOL'] == 'HTTP/1.0') {
                header("HTTP/1.0 304 Not Modified");
            } else {
                header("HTTP/1.1 304 Not Modified");
            }
            exit;
        }
        if ($cutarticles) {
            //header("HTTP/1.1 226 IM Used");
            //This should be used as opposed to 200, but Apache doesn't like it.
            //http://intertwingly.net/blog/2004/09/11/Vary-ETag/ says that the status code should be 200.
            header("Cache-Control: no-store, im");
            header("IM: feed");
        }
    }
    $out = array_merge($out, $articles);
    header("Content-Type: application/rss+xml; charset=utf-8");
    if ($etag) {
        header('ETag: "' . $etag . '"');
    }
    return '<?xml version="1.0" encoding="utf-8"?>' . n . '<rss version="2.0" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:content="http://purl.org/rss/1.0/modules/content/">' . n . tag(join(n, $out), 'channel') . n . '</rss>';
}

예제 #3

0

파일 보기

파일: txplib_misc.php 프로젝트: bgarrels/textpattern

function assert_int($myvar)
{
    global $production_status;
    if (is_numeric($myvar) and $myvar == intval($myvar)) {
        return (int) $myvar;
    }
    if ($production_status == 'debug' || txpinterface == 'admin') {
        trigger_error("<pre>Error: '" . htmlspecialchars($myvar) . "' is not an integer</pre>" . "\n" . '<pre style="padding-left: 2em;" class="backtrace"><code>' . escape_output(join("\n", get_caller(5, 1))) . '</code></pre>', E_USER_WARNING);
    } else {
        trigger_error("'" . htmlspecialchars($myvar) . "' is not an integer.", E_USER_WARNING);
    }
    return false;
}

예제 #4

0

파일 보기

파일: Workout.php 프로젝트: Ryan8765/ripped

						        			<option value="3">3</option>
						        			<option value="4">4</option>
						        			<option value="5">5</option>
						        		</select>
						        	</div>
						        	<!-- hidden inputs to send to php -->
						        	<input type="hidden" name="exerciseID" value="<?php 
    echo escape_output($exercise->id);
    ?>
">
						        	<input type="hidden" name="workoutsID" value="<?php 
    echo escape_output($workoutID);
    ?>
">
						        	<input type="hidden" name="workout-log-id" value="<?php 
    echo escape_output($workout_log_id);
    ?>
" >
						        
						        	
						        	<div class="centered">
						        		<input type="submit" class="enter-set-btn button small secondary" value="Enter Item" name="submit-set-btn">
						        	</div>
						        	<!-- success box -->
						        	<!-- <div class="row success-alert-box centered">
						        		<div class="centered alert-box success radius">
										 Set Added!
										</div>
						        	</div> -->
						        	<!-- success box -->
						        </div>

예제 #5

0

파일 보기

파일: zem_event.php 프로젝트: gbp/zem_event

function zem_data_field(&$obj, $atts)
{
    extract(lAtts(array('type' => '', 'field' => '', 'wraptag' => '', 'class' => 'zem_data_field', 'format' => '', 'title' => '', 'title_format' => '', 'label' => '', 'sep' => ': ', 'escape' => '1', 'linktext' => NULL, 'default' => ''), $atts, 0));
    $attr = '';
    if (!$obj) {
        return;
    }
    if (!array_key_exists($field, $obj)) {
        trigger_error(gTxt('unknown_field', array('{field}' => $field)));
    }
    if (empty($obj[$field])) {
        if ($default) {
            $out = $default;
        } else {
            return '';
        }
    } else {
        $out = $obj[$field];
    }
    if ($type == 'date' and $format) {
        $out = zem_strftime($format, strtotime($out));
    }
    if ($type == 'date' and $title_format) {
        $attr = ' title="' . zem_strftime($title_format, strtotime($out)) . '"';
    }
    if ($escape) {
        $out = escape_output($out);
    }
    if ($type == 'permlink') {
        $out = permlink(array('class' => $class, 'id' => $out), $linktext);
    } elseif ($type == 'link') {
        $out = href($linktext, $out);
    } elseif ($type == 'email') {
        $out = eE($out);
    } elseif ($type == 'emaillink') {
        $out = href($linktext, 'mailto:' . eE($out));
    }
    $pre = '';
    if ($label) {
        $pre = $label . $sep;
    }
    return doTag($pre . $out, $wraptag, $class, $attr);
}

예제 #6

0

파일 보기

파일: txp_tag.php 프로젝트: bgarrels/textpattern

function tag_file_download_link()
{
    global $step, $endform, $tag_name, $permlink_mode;
    $atts = gpsa(array('filename', 'id'));
    extract($atts);
    $thing = gps('thing');
    $type = gps('type');
    $description = gps('description');
    $types = array('textile' => 'Textile', 'textpattern' => 'Textpattern', 'xhtml' => 'XHTML');
    $out = form(startTable('tagbuilder') . tr(tdcs(hed(gTxt('tag_' . $tag_name), 3), 2)) . tagRow('type', '' . selectInput('type', $types, $type ? $type : 'textpattern', true)) . tagRow('id', input_id($id)) . tagRow('filename', fInput('text', 'filename', $filename, 'edit', '', '', 25)) . tagRow('link_text', fInput('text', 'thing', $thing ? $thing : $filename, 'edit', '', '', 25)) . tagRow('description', '<textarea name="description" cols="22" rows="3">' . $description . '</textarea>') . $endform);
    if ($step == 'build') {
        $description = str_replace('&', '&#38;', escape_output($description));
        $url = $permlink_mode == 'messy' ? hu . 'index.php?s=file_download' . a . 'id=' . $id : hu . gTxt('file_download') . '/' . $id . ($filename ? '/' . $filename : '');
        switch ($type) {
            case 'textile':
                $thing = $thing ? $thing : $filename;
                $description = $description ? ' (' . $description . ')' : '';
                $out .= tdb('"' . $thing . $description . '":' . $url);
                break;
            case 'xhtml':
                $thing = $thing ? $thing : $filename;
                $description = $description ? ' title="' . $description . '"' : '';
                $out .= tdb('<a href="' . $url . '"' . $description . '>' . $thing . '</a>');
                break;
            case 'textpattern':
            default:
                $atts = array('id' => $id);
                $thing = $thing ? $thing : '<txp:file_download_name />';
                $out .= tdb(tb($tag_name, $atts, $thing));
                break;
        }
    }
    return $out;
}

예제 #7

0

파일 보기

파일: form.php 프로젝트: medikalfizikci/linac-ct-qa-management

            display_error("Error: Insufficient privileges", "You must be an administrator to create forms.");
            break;
        }
        echo "<h1>Create a form</h1>\r\n";
        display_form_edit_form($user);
        break;
    case 'edit':
        if (!$user->isAdmin()) {
            display_error("Error: Insufficient privileges", "You must be an administrator to modify forms.");
            break;
        }
        echo "<h1>Modify a form</h1>\r\n";
        display_form_edit_form($user, intval($_REQUEST['id']));
        break;
    case 'show':
        $formTitle = $database->queryFirstValue("SELECT `name` FROM `forms` WHERE `id` = " . intval($_REQUEST['id']) . " LIMIT 1");
        if (!$formTitle) {
            echo "This form was not found. Please select another form and try again.";
        } else {
            echo "<h1>" . escape_output($formTitle) . " - History</h1>\r\n";
            display_form_history($user, intval($_REQUEST['id']));
        }
        break;
    default:
    case 'index':
        echo "<h1>Forms</h1>\r\n";
        display_forms($user);
        echo "<a href='form.php?action=new'>Add a new form</a><br />\r\n";
        break;
}
display_footer();

예제 #8

0

파일 보기

파일: publish.php 프로젝트: bgarrels/textpattern

function processTags($matches)
{
    global $pretext, $production_status, $txptrace, $txptracelevel, $txp_current_tag;
    $tag = $matches[1];
    $trouble_makers = array('link');
    if (in_array($tag, $trouble_makers)) {
        $tag = 'tpt_' . $tag;
    }
    $atts = isset($matches[2]) ? splat($matches[2]) : '';
    $thing = isset($matches[4]) ? $matches[4] : null;
    $old_tag = @$txp_current_tag;
    $txp_current_tag = '<txp:' . $tag . ($atts ? $matches[2] : '') . ($thing ? '>' : '/>');
    trace_add($txp_current_tag);
    @++$txptracelevel;
    if ($production_status == 'debug') {
        maxMemUsage(trim($matches[0]));
    }
    $out = '';
    if (function_exists($tag)) {
        $out = $tag($atts, $thing, $matches[0]);
    } elseif (isset($pretext[$tag])) {
        $out = escape_output($pretext[$tag]);
    } else {
        trigger_error(gTxt('unknown_tag', array('{tag}' => $tag)), E_USER_WARNING);
    }
    @--$txptracelevel;
    if (isset($matches[4])) {
        trace_add('</txp:' . $tag . '>');
    }
    $txp_current_tag = $old_tag;
    return $out;
}

예제 #9

0

파일 보기

파일: Workouts.php 프로젝트: Ryan8765/ripped

      <div class="medium-4 medium-offset-4 columns centered">
          <form action="<?php 
base_url();
?>
workouts" method="post">  
            <h5 class="margin-top">Select Existing Exercise</h5>
            <select name="add_existing_exercise_selection">
              <!-- begin all exercises selection - value is the exercise id number-->
              <?php 
foreach ($allExercises as $exercise) {
    ?>
                <option value="<?php 
    echo escape_output($exercise->id);
    ?>
"><?php 
    echo escape_output($exercise->name);
    ?>
</option>
              <?php 
}
?>
              <!-- begin all exercises selection -->
            </select>
            <div class="centered">
              <!-- takes workout id and sends to the server -->
              <input id="existing-exercise-workoutID" type="hidden" name="existing-exercise-workoutID">
              <input type="submit" class="button success small" value="Submit" name="add-existing-exercise">
            </div>
          </form>
          <h4>OR</h4>
          <h5 class="margin-top">Create and Add New Exercise</h5>

예제 #10

0

파일 보기

파일: txp_plugin.php 프로젝트: bgarrels/textpattern

function plugin_install()
{
    $plugin = ps('plugin64');
    $plugin = preg_replace('@.*\\$plugin=\'([\\w=+/]+)\'.*@s', '$1', $plugin);
    $plugin = preg_replace('/^#.*$/m', '', $plugin);
    if (trim($plugin)) {
        $plugin = base64_decode($plugin);
        if (strncmp($plugin, "‹", 2) === 0) {
            $plugin = gzinflate(substr($plugin, 10));
        }
        if ($plugin = unserialize($plugin)) {
            if (is_array($plugin)) {
                extract($plugin);
                if (empty($type)) {
                    $type = 0;
                }
                $type = assert_int($type);
                $exists = fetch('name', 'txp_plugin', 'name', $name);
                if (isset($help_raw) && empty($plugin['allow_html_help'])) {
                    // default: help is in Textile format
                    include_once txpath . '/lib/classTextile.php';
                    $textile = new Textile();
                    $help = $textile->TextileRestricted($help_raw, 0, 0);
                }
                if ($exists) {
                    $rs = safe_update("txp_plugin", "status      = 0,\n\t\t\t\t\t\t\ttype         = {$type},\n\t\t\t\t\t\t\tauthor       = '" . doSlash($author) . "',\n\t\t\t\t\t\t\tauthor_uri   = '" . doSlash($author_uri) . "',\n\t\t\t\t\t\t\tversion      = '" . doSlash($version) . "',\n\t\t\t\t\t\t\tdescription  = '" . doSlash($description) . "',\n\t\t\t\t\t\t\thelp         = '" . doSlash($help) . "',\n\t\t\t\t\t\t\tcode         = '" . doSlash($code) . "',\n\t\t\t\t\t\t\tcode_restore = '" . doSlash($code) . "',\n\t\t\t\t\t\t\tcode_md5     = '" . doSlash($md5) . "'", "name        = '" . doSlash($name) . "'");
                } else {
                    $rs = safe_insert("txp_plugin", "name         = '" . doSlash($name) . "',\n\t\t\t\t\t\t\tstatus       = 0,\n\t\t\t\t\t\t\ttype         = {$type},\n\t\t\t\t\t\t\tauthor       = '" . doSlash($author) . "',\n\t\t\t\t\t\t\tauthor_uri   = '" . doSlash($author_uri) . "',\n\t\t\t\t\t\t\tversion      = '" . doSlash($version) . "',\n\t\t\t\t\t\t\tdescription  = '" . doSlash($description) . "',\n\t\t\t\t\t\t\thelp         = '" . doSlash($help) . "',\n\t\t\t\t\t\t\tcode         = '" . doSlash($code) . "',\n\t\t\t\t\t\t\tcode_restore = '" . doSlash($code) . "',\n\t\t\t\t\t\t\tcode_md5     = '" . doSlash($md5) . "'");
                }
                if ($rs and $code) {
                    $message = gTxt('plugin_installed', array('{name}' => escape_output($name)));
                    plugin_list($message);
                } else {
                    $message = gTxt('plugin_install_failed', array('{name}' => escape_output($name)));
                    plugin_list($message);
                }
            }
        } else {
            plugin_list(gTxt('bad_plugin_code'));
        }
    }
}

예제 #11

0

파일 보기

파일: form_entry.php 프로젝트: medikalfizikci/linac-ct-qa-management

        //ensure that id is set.
        if (!isset($_REQUEST['id']) || !is_numeric($_REQUEST['id'])) {
            display_error("Error: Invalid entry ID", "Please check the ID and try again.");
            break;
        }
        //ensure that this user has permissions to edit this form entry.
        $facility_id = intval($database->queryFirstValue("SELECT `machines`.`facility_id` FROM `form_entries` LEFT OUTER JOIN `machines` ON `machines`.`id` = `form_entries`.`machine_id` WHERE `form_entries`.`id` = " . intval($_REQUEST['id']) . " LIMIT 1"));
        if (!$facility_id) {
            display_error("Error: Invalid entry ID", "Please check the ID and try again.");
            break;
        } elseif (intval($facility_id) != $user->facility['id']) {
            display_error("Error: Insufficient privileges", "You may only view and edit forms belonging to your facility.");
            break;
        }
        echo "<div class='row-fluid'>\r\n  <div class='span12'>\r\n    <h1>QA Record<a href='form_entry.php?action=print&form_id=" . intval($_REQUEST['form_id']) . "&id=" . intval($_REQUEST['id']) . "' class='btn btn-info pull-right'>Print to PDF</a></h1>\r\n  </div>\n</div>\n";
        display_form_entry_edit_form($user, intval($_REQUEST['id']), false);
        break;
    default:
    case 'index':
        start_html($user, "UC Medicine QA", "Manage Form Entries", $_REQUEST['status'], $_REQUEST['class']);
        $form_name = $database->queryFirstValue("SELECT `name` FROM `forms` WHERE `id` = " . intval($_REQUEST['form_id']) . " LIMIT 1");
        if (!$form_name) {
            display_error("Error: Invalid form ID", "That form ID is invalid. Please go back and try again.");
            break;
        }
        echo "<h1>History for: " . escape_output($form_name) . "</h1>\r\n";
        display_form_entries($user, intval($_REQUEST['form_id']));
        echo "<a href='form_entry.php?action=new&form_id=" . intval($_REQUEST['form_id']) . "'>Submit a record</a><br />\r\n";
        break;
}
display_footer();

예제 #12

0

파일 보기

파일: ct_form.php 프로젝트: medikalfizikci/linac-ct-qa-management

display_machine_dropdown($user, "form_entry[machine_id]", $id === false ? 0 : intval($formEntry->machine['id']), intval($form->machineType['id']));
echo "          </div>\r\n        </div>\r\n        <div class='control-group'>\n";
if ($user->isAdmin()) {
    echo "          <label class='control-label' for='form_entry[machine_id]'>Performed by</label>\r\n          <div class='controls'>\n";
    display_user_dropdown($user, "form_entry[user_id]", $id === false ? $user->id : intval($formEntry->user['id']));
    echo "          </div>\n";
} else {
    echo "            <input type='hidden' name='form_entry[user_id]' value='" . ($id === false ? intval($user->id) : intval($formEntry->user['id'])) . "' />\n";
}
echo "        </div>\r\n      </div>\r\n      <div class='span6'>\r\n        <div class='control-group'>\r\n          <label class='control-label' for='form_entry[qa_month]'>QA Month</label>\r\n          <div class='controls'>\r\n    ";
display_month_year_dropdown("form_entry[qa_month]", "form_entry", $id === false ? False : array(intval($formEntry->qaMonth), intval($formEntry->qaYear)));
echo "\r\n          </div>\r\n        </div>\r\n        <div class='control-group'>\r\n          <label class='control-label' for='form_entry[created_at]'>Inspection Date</label>\r\n          <div class='controls'>\r\n            <input name='form_entry[created_at]' type='datetime-local' readonly='true' class='input-xlarge enabled' id='form_entry_created_at'" . ($id === false ? "" : " value='" . escape_output($formEntry->createdAt) . "'") . ">\r\n          </div>\r\n        </div>\r\n      </div>\r\n    </div>\r\n    <div class='row-fluid'>\r\n      <div class='span4'>\r\n        <h3 class='center-horizontal'>Contrast Scale</h3>\r\n        <h4 class='center-horizontal'>Slice 1-5 (-511 mm)</h4>\r\n        <table class='table table-bordered table-striped'>\r\n          <thead>\r\n            <tr>\r\n              <th>Plug</th>\r\n              <th>CT #</th>\r\n              <th>Nom.</th>\r\n            </tr>\r\n          </thead>\r\n          <tbody>\r\n            <tr>\r\n              <td>1</td>\r\n              <td class='control-group'><input type='number' step='0.01' name='form_entry[form_values][contrast_scale_1_value]' class='form_entry_form_values_contrast_scale_1_value span5' id='form_entry_form_values_contrast_scale_1_value' " . (!$formEntry->formValues ? "" : " value='" . escape_output($formEntry->formValues['contrast_scale_1_value']->value) . "'") . "/> &plusmn; <input type='number' step='0.01' name='form_entry[form_values][contrast_scale_1_plusmin]' class='form_entry_form_values_contrast_scale_1_plusmin span5' id='form_entry_form_values_contrast_scale_1_plusmin' " . (!$formEntry->formValues ? "" : " value='" . escape_output($formEntry->formValues['contrast_scale_1_plusmin']->value) . "'") . "/></td>\r\n              <td>-95&plusmn;15</td>\r\n            </tr>\r\n            <tr>\r\n              <td>2</td>\r\n              <td class='control-group'><input type='number' step='0.01' name='form_entry[form_values][contrast_scale_2_value]' class='form_entry_form_values_contrast_scale_2_value span5' id='form_entry_form_values_contrast_scale_2_value' " . (!$formEntry->formValues ? "" : " value='" . escape_output($formEntry->formValues['contrast_scale_2_value']->value) . "'") . "/> &plusmn; <input type='number' step='0.01' name='form_entry[form_values][contrast_scale_2_plusmin]' class='form_entry_form_values_contrast_scale_2_plusmin span5' id='form_entry_form_values_contrast_scale_2_plusmin' " . (!$formEntry->formValues ? "" : " value='" . escape_output($formEntry->formValues['contrast_scale_2_plusmin']->value) . "'") . "/></td>\r\n              <td>913&plusmn;50</td>\r\n            </tr>\r\n            <tr>\r\n              <td>3</td>\r\n              <td class='control-group'><input type='number' step='0.01' name='form_entry[form_values][contrast_scale_3_value]' class='form_entry_form_values_contrast_scale_3_value span5' id='form_entry_form_values_contrast_scale_3_value' " . (!$formEntry->formValues ? "" : " value='" . escape_output($formEntry->formValues['contrast_scale_3_value']->value) . "'") . "/>  &plusmn;  <input type='number' step='0.01' name='form_entry[form_values][contrast_scale_3_plusmin]' class='form_entry_form_values_contrast_scale_3_plusmin span5' id='form_entry_form_values_contrast_scale_3_plusmin' " . (!$formEntry->formValues ? "" : " value='" . escape_output($formEntry->formValues['contrast_scale_3_plusmin']->value) . "'") . "/></td>\r\n              <td>-988&plusmn;5</td>\r\n            </tr>\r\n            <tr>\r\n              <td>4</td>\r\n              <td class='control-group'><input type='number' step='0.01' name='form_entry[form_values][contrast_scale_4_value]' class='form_entry_form_values_contrast_scale_4_value span5' id='form_entry_form_values_contrast_scale_4_value' " . (!$formEntry->formValues ? "" : " value='" . escape_output($formEntry->formValues['contrast_scale_4_value']->value) . "'") . "/> &plusmn; <input type='number' step='0.01' name='form_entry[form_values][contrast_scale_4_plusmin]' class='form_entry_form_values_contrast_scale_4_plusmin span5' id='form_entry_form_values_contrast_scale_4_plusmin' " . (!$formEntry->formValues ? "" : " value='" . escape_output($formEntry->formValues['contrast_scale_4_plusmin']->value) . "'") . "/></td>\r\n              <td>120&plusmn;15</td>\r\n            </tr>\r\n            <tr>\r\n              <td>5</td>\r\n              <td class='control-group'><input type='number' step='0.01' name='form_entry[form_values][contrast_scale_5_value]' class='form_entry_form_values_contrast_scale_5_value span5' id='form_entry_form_values_contrast_scale_5_value' " . (!$formEntry->formValues ? "" : " value='" . escape_output($formEntry->formValues['contrast_scale_5_value']->value) . "'") . "/> &plusmn; <input type='number' step='0.01' name='form_entry[form_values][contrast_scale_5_plusmin]' class='form_entry_form_values_contrast_scale_5_plusmin span5' id='form_entry_form_values_contrast_scale_5_plusmin' " . (!$formEntry->formValues ? "" : " value='" . escape_output($formEntry->formValues['contrast_scale_5_plusmin']->value) . "'") . "/></td>\r\n              <td>0&plusmn;4</td>\r\n            </tr>\r\n          </tbody>\r\n        </table>\r\n      </div>\r\n      <div class='span4'>\r\n        <h3 class='center-horizontal'>Low Contrast Detectability</h3>\r\n        <h4 class='center-horizontal'>Slice 2-5 (-471mm) (W/L=100/100)</h4>\r\n        <table class='table table-bordered table-striped'>\r\n          <thead>\r\n          </thead>\r\n          <tbody>\r\n            <tr>\r\n              <td>See 6mm row?</td>\r\n              <td class='control-group'><input name='form_entry[form_values][low_contrast_detect_6mm_row]' class='form_entry_form_values_low_contrast_detect_6mm_row span12' id='form_entry_form_values_low_contrast_detect_6mm_row' " . (!$formEntry->formValues ? "" : " value='" . escape_output($formEntry->formValues['low_contrast_detect_6mm_row']->value) . "'") . "/></td>\r\n              <td>5</td>\r\n            </tr>\r\n          </tbody>\r\n        </table>\r\n        <h3 class='center-horizontal'>Spatial Integrity</h3>\r\n        <h4 class='center-horizontal'>Slice 3-5 (-431mm)</h4>\r\n        <table class='table table-bordered table-striped'>\r\n          <thead>\r\n            <tr>\r\n              <th>BB to BB</th>\r\n              <th>Nominal</th>\r\n            </tr>\r\n          </thead>\r\n          <tbody>\r\n            <tr>\r\n              <td class='control-group'><input type='number' step='0.01' name='form_entry[form_values][spatial_integrity_bb_to_bb]' class='form_entry_form_values_spatial_integrity_bb_to_bb span12' id='form_entry_form_values_spatial_integrity_bb_to_bb' " . (!$formEntry->formValues ? "" : " value='" . escape_output($formEntry->formValues['spatial_integrity_bb_to_bb']->value) . "'") . "/></td>\r\n              <td>100&plusmn;1</td>\r\n            </tr>\r\n          </tbody>\r\n        </table>\r\n        <h3 class='center-horizontal'>High Contrast Resolution</h3>\r\n        <h4 class='center-horizontal'>Slice 4-5 (-391mm) (W/L=100/1100)</h4>\r\n        <table class='table table-bordered table-striped'>\r\n          <thead>\r\n          </thead>\r\n          <tbody>\r\n            <tr>\r\n              <td>highest lp/cm block</td>\r\n              <td class='control-group'><input type='number' step='0.01' name='form_entry[form_values][high_contrast_resolution_max_lp_cm_block]' class='form_entry_form_values_high_contrast_resolution_max_lp_cm_block span12' id='form_entry_form_values_high_contrast_resolution_max_lp_cm_block' " . (!$formEntry->formValues ? "" : " value='" . escape_output($formEntry->formValues['high_contrast_resolution_max_lp_cm_block']->value) . "'") . "/></td>\r\n              <td>8</td>\r\n            </tr>\r\n          </tbody>\r\n        </table>\r\n      </div>\r\n      <div class='span4'>\r\n        <h3 class='center-horizontal'>Laser Position</h3>\r\n        <h4 class='center-horizontal'>Wilke Phantom</h4>\r\n        <table class='table table-bordered table-striped'>\r\n          <thead>\r\n            <tr>\r\n              <th>Laser</th>\r\n              <th>Measurement</th>\r\n              <th>Nom.</th>\r\n            </tr>\r\n          </thead>\r\n          <tbody>\r\n            <tr>\r\n              <td>Cor</td>\r\n              <td class='control-group'><input type='number' step='0.01' name='form_entry[form_values][laser_position_cor]' class='form_entry_form_values_laser_position_cor span12' id='form_entry_form_values_laser_position_cor' " . (!$formEntry->formValues ? "" : " value='" . escape_output($formEntry->formValues['laser_position_cor']->value) . "'") . "/></td>\r\n              <td>0&plusmn;2</td>\r\n            </tr>\r\n            <tr>\r\n              <td>Sag</td>\r\n              <td class='control-group'><input type='number' step='0.01' name='form_entry[form_values][laser_position_sag]' class='form_entry_form_values_laser_position_sag span12' id='form_entry_form_values_laser_position_sag' " . (!$formEntry->formValues ? "" : " value='" . escape_output($formEntry->formValues['laser_position_sag']->value) . "'") . "/></td>\r\n              <td>0&plusmn;2</td>\r\n            </tr>\r\n            <tr>\r\n              <td>Axial</td>\r\n              <td class='control-group'><input type='number' step='0.01' name='form_entry[form_values][laser_position_axial]' class='form_entry_form_values_laser_position_axial span12' id='form_entry_form_values_laser_position_axial' " . (!$formEntry->formValues ? "" : " value='" . escape_output($formEntry->formValues['laser_position_axial']->value) . "'") . "/></td>\r\n              <td>0&plusmn;2</td>\r\n            </tr>\r\n          </tbody>\r\n        </table>\r\n        <h3 class='center-horizontal'>Laser Localization</h3>\r\n        <h4 class='center-horizontal'>Pinnacle</h4>\r\n        <table class='table table-bordered table-striped'>\r\n          <thead>\r\n          </thead>\r\n          <tbody>\r\n            <tr>\r\n              <td>BB&plusmn;1mm?</td>\r\n              <td class='control-group'><select id='form_entry_form_values_laser_localization' name='form_entry[form_values][laser_localization]'>\r\n                    <option value='NULL'" . ($id != false && $formEntry->formValues['laser_localization']->value == 'NULL' ? " selected='selected'" : "") . "></option>\r\n                    <option value='Y'" . ($id != false && $formEntry->formValues['laser_localization']->value == 'Y' ? " selected='selected'" : "") . ">Y</option>\r\n                    <option value='N'" . ($id != false && $formEntry->formValues['laser_localization']->value == 'N' ? " selected='selected'" : "") . ">N</option>\r\n                  </select></td>\r\n              <td>8</td>\r\n            </tr>\r\n          </tbody>\r\n        </table>\r\n      </div>\r\n    </div>\r\n    <div class='row-fluid'>\r\n      <div class='span4'>\r\n        <h3 class='center-horizontal'>Review Daily QA Logs</h3>\r\n        <h4 class='center-horizontal'>&nbsp;</h4>\r\n        <table class='table table-bordered table-striped'>\r\n          <thead>\r\n          </thead>\r\n          <tbody>\r\n            <tr>\r\n              <td>Performed</td>\r\n              <td class='control-group'><select id='form_entry_form_values_daily_qa_logs_reviewed' name='form_entry[form_values][daily_qa_logs_reviewed]'>\r\n                    <option value='NULL'" . ($id != false && $formEntry->formValues['daily_qa_logs_reviewed']->value == 'NULL' ? " selected='selected'" : "") . "></option>\r\n                    <option value='Y'" . ($id != false && $formEntry->formValues['daily_qa_logs_reviewed']->value == 'Y' ? " selected='selected'" : "") . ">Y</option>\r\n                    <option value='N'" . ($id != false && $formEntry->formValues['daily_qa_logs_reviewed']->value == 'N' ? " selected='selected'" : "") . ">N</option>\r\n                  </select></td>\r\n            </tr>\r\n          </tbody>\r\n        </table>\r\n      </div>\r\n      <div class='span4'>\r\n        <h3 class='center-horizontal'>Table Incrementation</h3>\r\n        <h4 class='center-horizontal'>Ruler</h4>\r\n        <table class='table table-bordered table-striped'>\r\n          <thead>\r\n          </thead>\r\n          <tbody>\r\n            <tr>\r\n              <td>&plusmn;1mm?</td>\r\n              <td class='control-group'><select id='form_entry_form_values_table_incrementation' name='form_entry[form_values][table_incrementation]'>\r\n                    <option value='NULL'" . ($id != false && $formEntry->formValues['table_incrementation']->value == 'NULL' ? " selected='selected'" : "") . "></option>\r\n                    <option value='Y'" . ($id != false && $formEntry->formValues['table_incrementation']->value == 'Y' ? " selected='selected'" : "") . ">Y</option>\r\n                    <option value='N'" . ($id != false && $formEntry->formValues['table_incrementation']->value == 'N' ? " selected='selected'" : "") . ">N</option>\r\n                  </select></td>\r\n            </tr>\r\n          </tbody>\r\n        </table>\r\n      </div>\r\n      <div class='span4'>\r\n        <h3 class='center-horizontal'>Slice Thickness</h3>\r\n        <h4 class='center-horizontal'>Slice 1-5</h4>\r\n        <table class='table table-bordered table-striped'>\r\n          <thead>\r\n          </thead>\r\n          <tbody>\r\n            <tr>\r\n              <td>Slice Thickness (mm)</td>\r\n              <td class='control-group'><input type='number' step='0.01' name='form_entry[form_values][slice_thickness]' class='form_entry_form_values_slice_thickness span12' id='form_entry_form_values_slice_thickness' " . (!$formEntry->formValues ? "" : " value='" . escape_output($formEntry->formValues['slice_thickness']->value) . "'") . "/></td>\r\n              <td>3</td>\r\n            </tr>\r\n          </tbody>\r\n        </table>\r\n      </div>\r\n    </div>\r\n    <div class='row-fluid'>\r\n      <div class='span6'>\r\n        <h3 class='center-horizontal'>Field Uniformity (head)</h3>\r\n        <h4 class='center-horizontal'>Slice 3-5 (-431 mm)</h4>\r\n        <table class='table table-bordered table-striped'>\r\n          <thead>\r\n            <tr>\r\n              <th>ROI</th>\r\n              <th>CT #</th>\r\n              <th>Nominal</th>\r\n            </tr>\r\n          </thead>\r\n          <tbody>\r\n            <tr>\r\n              <td>1</td>\r\n              <td class='control-group'><input type='number' step='0.01' name='form_entry[form_values][field_uniformity_1_value]' class='form_entry_form_values_field_uniformity_1_value span12' id='form_entry_form_values_field_uniformity_1_value' " . (!$formEntry->formValues ? "" : " value='" . escape_output($formEntry->formValues['field_uniformity_1_value']->value) . "'") . "/></td>\r\n              <td>0&plusmn;5</td>\r\n            </tr>\r\n            <tr>\r\n              <td>2</td>\r\n              <td class='control-group'><input type='number' step='0.01' name='form_entry[form_values][field_uniformity_2_value]' class='form_entry_form_values_field_uniformity_2_value span12' id='form_entry_form_values_field_uniformity_2_value' " . (!$formEntry->formValues ? "" : " value='" . escape_output($formEntry->formValues['field_uniformity_2_value']->value) . "'") . "/></td>\r\n              <td>0&plusmn;5</td>\r\n            </tr>\r\n            <tr>\r\n              <td>3</td>\r\n              <td class='control-group'><input type='number' step='0.01' name='form_entry[form_values][field_uniformity_3_value]' class='form_entry_form_values_field_uniformity_3_value span12' id='form_entry_form_values_field_uniformity_3_value' " . (!$formEntry->formValues ? "" : " value='" . escape_output($formEntry->formValues['field_uniformity_3_value']->value) . "'") . "/></td>\r\n              <td>0&plusmn;5</td>\r\n            </tr>\r\n            <tr>\r\n              <td>4</td>\r\n              <td class='control-group'><input type='number' step='0.01' name='form_entry[form_values][field_uniformity_4_value]' class='form_entry_form_values_field_uniformity_4_value span12' id='form_entry_form_values_field_uniformity_4_value' " . (!$formEntry->formValues ? "" : " value='" . escape_output($formEntry->formValues['field_uniformity_4_value']->value) . "'") . "/></td>\r\n              <td>0&plusmn;5</td>\r\n            </tr>\r\n            <tr>\r\n              <td>5</td>\r\n              <td class='control-group'><input type='number' step='0.01' name='form_entry[form_values][field_uniformity_5_value]' class='form_entry_form_values_field_uniformity_5_value span12' id='form_entry_form_values_field_uniformity_5_value' " . (!$formEntry->formValues ? "" : " value='" . escape_output($formEntry->formValues['field_uniformity_5_value']->value) . "'") . "/></td>\r\n              <td>0&plusmn;5</td>\r\n            </tr>\r\n          </tbody>\r\n        </table>\r\n      </div>\r\n      <div class='span6'>\r\n        <h3 class='center-horizontal'>Noise (head)</h3>\r\n        <h4 class='center-horizontal'>Slice 3-5 (-431 mm)</h4>\r\n        <table class='table table-bordered table-striped'>\r\n          <thead>\r\n            <tr>\r\n              <th>ROI</th>\r\n              <th>Standard Deviation</th>\r\n              <th>Nominal</th>\r\n            </tr>\r\n          </thead>\r\n          <tbody>\r\n            <tr>\r\n              <td>1</td>\r\n              <td class='control-group'><input type='number' step='0.01' name='form_entry[form_values][noise_1_stddev]' class='form_entry_form_values_noise_1_stddev span12' id='form_entry_form_values_noise_1_stddev' " . (!$formEntry->formValues ? "" : " value='" . escape_output($formEntry->formValues['noise_1_stddev']->value) . "'") . "/></td>\r\n              <td>11&plusmn;2</td>\r\n            </tr>\r\n            <tr>\r\n              <td>2</td>\r\n              <td class='control-group'><input type='number' step='0.01' name='form_entry[form_values][noise_2_stddev]' class='form_entry_form_values_noise_2_stddev span12' id='form_entry_form_values_noise_2_stddev' " . (!$formEntry->formValues ? "" : " value='" . escape_output($formEntry->formValues['noise_2_stddev']->value) . "'") . "/></td>\r\n              <td>9&plusmn;2</td>\r\n            </tr>\r\n            <tr>\r\n              <td>3</td>\r\n              <td class='control-group'><input type='number' step='0.01' name='form_entry[form_values][noise_3_stddev]' class='form_entry_form_values_noise_3_stddev span12' id='form_entry_form_values_noise_3_stddev' " . (!$formEntry->formValues ? "" : " value='" . escape_output($formEntry->formValues['noise_3_stddev']->value) . "'") . "/></td>\r\n              <td>9&plusmn;2</td>\r\n            </tr>\r\n            <tr>\r\n              <td>4</td>\r\n              <td class='control-group'><input type='number' step='0.01' name='form_entry[form_values][noise_4_stddev]' class='form_entry_form_values_noise_4_stddev span12' id='form_entry_form_values_noise_4_stddev' " . (!$formEntry->formValues ? "" : " value='" . escape_output($formEntry->formValues['noise_4_stddev']->value) . "'") . "/></td>\r\n              <td>9&plusmn;2</td>\r\n            </tr>\r\n            <tr>\r\n              <td>5</td>\r\n              <td class='control-group'><input type='number' step='0.01' name='form_entry[form_values][noise_5_stddev]' class='form_entry_form_values_noise_5_stddev span12' id='form_entry_form_values_noise_5_stddev' " . (!$formEntry->formValues ? "" : " value='" . escape_output($formEntry->formValues['noise_5_stddev']->value) . "'") . "/></td>\r\n              <td>9&plusmn;2</td>\r\n            </tr>\r\n          </tbody>\r\n        </table>\r\n      </div>\r\n    </div>\r\n    <h3>Image</h3>\r\n";
if ($id != false && $formEntry->imagePath != '') {
    echo "<img src='" . joinPaths(ROOT_URL, escape_output($formEntry->imagePath)) . "' /><br />\r\n";
}
echo "    <div id='image_preview' class='row-fluid'></div>\r\n    <p>Supported formats: JPEG, PNG, GIF, WBMP, GD2</p>\r\n    <input name='form_image' class='input-file' type='file' onChange='displayImagePreview(this.files);' />\r\n    <h3>Comments</h3>\r\n    <textarea name='form_entry[comments]' id='form_entry_comments' rows='10' class='span12' placeholder='Comments go here.'>" . ($id === false ? "" : escape_output($formEntry->comments)) . "</textarea><br />\r\n    <div class='form-actions'>\r\n";
if ($id != false && $formEntry->approvedOn != '') {
    echo "      <button type='submit' class='btn btn-primary disabled' disabled='disabled'>Approved</button>\r\n";
} else {
    echo "      <button type='submit' class='btn btn-primary'>" . ($id === false ? "Save" : "Save changes") . "</button>\r\n";
}
echo "      <a class='btn' href='#' onClick='window.location.replace(document.referrer);' >" . ($id === false ? "Go back" : "Discard changes") . "</a>\r\n";
if ($id != false && $user->isPhysicist()) {
    if ($formEntry->approvedOn == '') {
        echo "      <a class='btn btn-success' href='form_entry.php?action=approve&id=" . intval($id) . "'>Approve</a>\r\n";
    } else {
        echo "      <a class='btn btn-warning' href='form_entry.php?action=unapprove&id=" . intval($id) . "'>Unapprove</a>\r\n";
    }
}
if ($id != false && $user->isAdmin()) {
    echo "<button class='btn btn-danger delete-button' data-id='" . intval($id) . "'>Delete</button>\n";

예제 #13

0

파일 보기

파일: txp_discuss.php 프로젝트: bgarrels/textpattern

function discuss_edit()
{
    pagetop(gTxt('edit_comment'));
    extract(gpsa(array('discussid', 'sort', 'dir', 'page', 'crit', 'search_method')));
    $discussid = assert_int($discussid);
    $rs = safe_row('*, unix_timestamp(posted) as uPosted', 'txp_discuss', "discussid = {$discussid}");
    if ($rs) {
        extract($rs);
        $message = escape_output($message);
        if (fetch('ip', 'txp_discuss_ipban', 'ip', $ip)) {
            $ban_step = 'ipban_unban';
            $ban_text = gTxt('unban');
        } else {
            $ban_step = 'ipban_add';
            $ban_text = gTxt('ban');
        }
        $ban_link = '[<a href="?event=discuss' . a . 'step=' . $ban_step . a . 'ip=' . $ip . a . 'name=' . urlencode($name) . a . 'discussid=' . $discussid . '">' . $ban_text . '</a>]';
        echo form(startTable('edit') . stackRows(fLabelCell('name') . fInputCell('name', $name), fLabelCell('IP') . td("{$ip} {$ban_link}"), fLabelCell('email') . fInputCell('email', $email), fLabelCell('website') . fInputCell('web', $web), fLabelCell('date') . td(safe_strftime('%d %b %Y %X', $uPosted)), tda(gTxt('message')) . td('<textarea name="message" cols="60" rows="15">' . $message . '</textarea>'), fLabelCell('status') . td(selectInput('visible', array(VISIBLE => gTxt('visible'), SPAM => gTxt('spam'), MODERATE => gTxt('unmoderated')), $visible, false)), td() . td(fInput('submit', 'step', gTxt('save'), 'publish')), hInput('sort', $sort) . hInput('dir', $dir) . hInput('page', $page) . hInput('crit', $crit) . hInput('search_method', $search_method) . hInput('discussid', $discussid) . hInput('parentid', $parentid) . hInput('ip', $ip) . eInput('discuss') . sInput('discuss_save')) . endTable());
    } else {
        echo graf(gTxt('comment_not_found'), ' style="text-align: center;"');
    }
}

예제 #14

0

파일 보기

파일: Start_workout.php 프로젝트: Ryan8765/ripped

base_url();
?>
workout" method="post">
            <select id="selected-workout" name="workoutID">
              <option value="">Select Workout</option>

              <!-- post all workouts from database -->
              <!-- value is the workout-id from database -->
              <?php 
foreach ($workouts as $workout) {
    ?>
                <option value="<?php 
    echo escape_output($workout->id);
    ?>
"><?php 
    echo escape_output($workout->name);
    ?>
</option>
              <?php 
}
?>
              <!-- end post all workouts from database -->
            </select>
          </form>
        </div>
        <?php 
if (isset($_SESSION['workout_log_id'])) {
    ?>
          <h4 class="centered ripped">You currently have a workout in progress!! <br>  If you select another one - the current workout will end.</h4>    
        <?php 
}

예제 #15

0

파일 보기

파일: main.php 프로젝트: medikalfizikci/linac-ct-qa-management

            $entry['machine_name'] = "Unknown machine";
        }
        echo "<li><a href='form_entry.php?action=edit&id=" . intval($entry['id']) . "'>" . escape_output($entry['machine_name']) . " for " . escape_output(intval($entry['qa_month']) . "/" . intval($entry['qa_year'])) . "</a></li>\r\n";
    }
}
?>
    </div>
  </div>
  <div class="span4">
    <div class="row-fluid">
      <h2>Latest updates</h2>
<?php 
// get a list of all form entries for machines within this user's facility.
$entries = $database->stdQuery("SELECT `machines`.`name` AS `machine_name`, `form_entries`.`id`, `form_entries`.`qa_month`, `form_entries`.`qa_year`, `form_entries`.`approved_on` FROM `form_entries` LEFT OUTER JOIN `machines` ON `machines`.`id` = `form_entries`.`machine_id` WHERE `machines`.`facility_id` = " . intval($user->facility['id']) . " ORDER BY `form_entries`.`updated_at` DESC LIMIT 20");
if (!$entries) {
    echo "None!";
} else {
    echo "<ul>\r\n";
    while ($entry = mysqli_fetch_assoc($entries)) {
        if ($entry['machine_name'] == '') {
            $entry['machine_name'] = "Unknown machine";
        }
        echo "<li><a href='form_entry.php?action=edit&id=" . intval($entry['id']) . "'>" . escape_output($entry['machine_name']) . " for " . escape_output(intval($entry['qa_month']) . "/" . intval($entry['qa_year'])) . ($entry['approved_on'] != '' ? "(approved)" : "") . "</a></li>\r\n";
    }
}
?>
    </div>
  </div>
</div>
<?php 
display_footer();

예제 #16

0

파일 보기

파일: machine_type.php 프로젝트: medikalfizikci/linac-ct-qa-management

            display_error("Error: Insufficient privileges", "You must be an administrator to add machine types.");
            break;
        }
        echo "<h1>Add a machine type</h1>\n";
        display_machine_type_edit_form($user);
        break;
    case 'edit':
        if (!$user->isAdmin()) {
            display_error("Error: Insufficient privileges", "You must be an administrator to modify machine types.");
            break;
        }
        echo "<h1>Modify a machine type</h1>\n";
        display_machine_type_edit_form($user, intval($_REQUEST['id']));
        break;
    case 'show':
        $machineTypeName = $database->queryFirstValue("SELECT `name` FROM `machine_types` WHERE `id` = " . intval($_REQUEST['id']) . " LIMIT 1");
        if (!$machineTypeName) {
            echo "This machine type was not found. Please select another machine type and try again.";
        } else {
            echo "<h1>" . escape_output($machineTypeName) . " - History <small>(<a href='machine_type.php?action=edit&id=" . intval($_REQUEST['id']) . "'>edit</a>)</small></h1>\n";
            display_machine_type_info($user, intval($_REQUEST['id']));
        }
        break;
    default:
    case 'index':
        echo "<h1>Machine Types</h1>\n";
        display_machine_types($user);
        echo "<a href='machine_type.php?action=new'>Add a new machine type</a><br />\n";
        break;
}
display_footer();

예제 #17

0

파일 보기

파일: machine.php 프로젝트: medikalfizikci/linac-ct-qa-management

            display_error("Error: Insufficient privileges", "You may only modify your own facility's machines.");
            break;
        }
        echo "<h1>Modify a machine</h1>\r\n";
        display_machine_edit_form($user, intval($_REQUEST['id']));
        break;
    case 'show':
        if (!isset($_REQUEST['id']) || !is_numeric($_REQUEST['id'])) {
            display_error("Error: Invalid machine ID", "Please check your ID and try again.");
            break;
        }
        //ensure that user has sufficient privileges to view this machine.
        $machineObject = $database->queryFirstRow("SELECT * FROM `machines` WHERE `id` = " . intval($_REQUEST['id']) . " LIMIT 1");
        if (!$machineObject) {
            display_error("Error: Invalid machine ID", "Please check your ID and try again.");
            break;
        } elseif (intval($machineObject['facility_id']) != $user->facility['id']) {
            display_error("Error: Insufficient privileges", "You may only view your own facility's machines.");
            break;
        }
        echo "<h1>" . escape_output($machineObject['name']) . " - History <small>(<a href='machine.php?action=edit&id=" . intval($_REQUEST['id']) . "'>edit</a>)</small></h1>\r\n";
        display_machine_info($user, intval($_REQUEST['id']));
        break;
    default:
    case 'index':
        echo "<h1>Machines</h1>\r\n";
        display_machines($user);
        echo "<a href='machine.php?action=new'>Add a new machine</a><br />\r\n";
        break;
}
display_footer();

예제 #18

0

파일 보기

파일: user.php 프로젝트: medikalfizikci/linac-ct-qa-management

 public function register($name, $email, $password, $password_confirmation, $facility_id)
 {
     //registration is closed to all non-admin users.
     if (!$this->loggedIn() || !$this->isAdmin()) {
         $returnArray = array("location" => "register.php", "status" => "Registration is closed to all non-admin users. Please contact your facility administrator for access.");
     } else {
         //check if user's passwords match.
         if ($password != $password_confirmation) {
             $returnArray = array("location" => "register.php", "status" => "Your passwords do not match. Please try again.");
         } else {
             //check if email is well-formed.
             $email_regex = "/[0-9A-Za-z\\+\\-\\%\\.]+@[0-9A-Za-z\\.\\-]+\\.[A-Za-z]{2,4}/";
             if (!preg_match($email_regex, $email)) {
                 $returnArray = array("location" => "register.php", "status" => "The email address you have entered is malformed. Please check it and try again.");
             } else {
                 //check if user is already registered.
                 $checkNameEmail = intval($this->dbConn->queryCount("SELECT COUNT(*) FROM `users` WHERE (`name` = " . $this->dbConn->quoteSmart($name) . " || `email` = " . $this->dbConn->quoteSmart($email) . ")"));
                 if ($checkNameEmail > 0) {
                     $returnArray = array("location" => "register.php", "status" => "Your name or email has previously been registered. Please try logging in.");
                 } else {
                     //check if this facility exists.
                     $checkFacilityExists = intval($this->dbConn->queryCount("SELECT COUNT(*) FROM `facilities` WHERE `id` = " . intval($facility_id)));
                     if ($checkFacilityExists < 1) {
                         $returnArray = array("location" => "register.php", "status" => "That facility does not exist. Please try again.", 'class' => 'error');
                     } else {
                         //register this user.
                         $bcrypt = new Bcrypt();
                         $registerUser = $this->dbConn->stdQuery("INSERT INTO `users` SET `name` = " . $this->dbConn->quoteSmart($name) . ", `email` = " . $this->dbConn->quoteSmart($email) . ", `password_hash` = " . $this->dbConn->quoteSmart($bcrypt->hash($password)) . ", `usermask` = 1, `last_ip` = " . $this->dbConn->quoteSmart($_SERVER['REMOTE_ADDR']) . ", `facility_id` = " . intval($facility_id));
                         if (!$registerUser) {
                             $returnArray = array("location" => "register.php", "status" => "Database errors were encountered during registration. Please try again later.", 'class' => 'error');
                         } else {
                             $returnArray = array("location" => "register.php", "status" => "Registration successful. " . escape_output($name) . " can now log in.", 'class' => 'success');
                         }
                     }
                 }
             }
         }
     }
     return $returnArray;
 }

예제 #19

0

파일 보기

파일: taghandlers.php 프로젝트: bgarrels/textpattern

function file_download_description($atts)
{
    global $thisfile;
    extract(lAtts(array('class' => '', 'escape' => '', 'wraptag' => ''), $atts));
    if ($thisfile['description']) {
        $description = $escape == 'html' ? escape_output($thisfile['description']) : $thisfile['description'];
        return $wraptag ? doTag($description, $wraptag, $class) : $description;
    }
}

예제 #20

0

파일 보기

파일: facility.php 프로젝트: medikalfizikci/linac-ct-qa-management

 public function displayProfile($user)
 {
     echo "    <h1>" . escape_output($this->name) . ($user->isAdmin() && $this->id == $user->facility['id'] ? "<small><a href='facility.php?action=edit&id=" . intval($this->id) . "'>(edit)</a></small>" : "") . "</h1>\r\n    <h3>People</h3>\r\n    <table class='table table-striped table-bordered dataTable'>\r\n      <thead>\r\n        <tr>\r\n          <th>Name</th>\r\n          <th>Email</th>\r\n          <th>Role</th>\r\n          <th>QA Entries</th>\r\n        </tr>\r\n      </thead>\r\n      <tbody>\n";
     foreach ($this->users as $thisUser) {
         $thisUser = new User($this->dbConn, $thisUser['id']);
         echo "        <tr>\r\n          <td><a href='user.php?action=show&id=" . intval($thisUser->id) . "'>" . escape_output($thisUser->name) . "</a></td>\r\n          <td>" . escape_output($thisUser->email) . "</td>\r\n          <td>" . escape_output(convert_usermask_to_text($thisUser->usermask)) . "</td>\r\n          <td>" . escape_output(count($thisUser->formEntries)) . "</td>\r\n        </tr>\n";
     }
     echo "      </tbody>\r\n    </table>\n";
     echo "    <h3>Machines</h3>\r\n    <table class='table table-striped table-bordered dataTable'>\r\n      <thead>\r\n        <tr>\r\n          <th>Name</th>\r\n          <th>Type</th>\r\n          <th>QA Entries</th>\r\n          <th>Last Entry</th>\r\n        </tr>\r\n      </thead>\r\n      <tbody>\n";
     foreach ($this->machines as $machine) {
         $machine = new Machine($this->dbConn, $machine['id']);
         $lastEntry = new FormEntry($machine->dbConn, count($machine->formEntries) > 0 ? $machine->formEntries[0]['id'] : 0);
         echo "      <tr>\r\n        <td><a href='machine.php?action=show&id=" . intval($machine->id) . "'>" . escape_output($machine->name) . "</a></td>\r\n        <td>" . escape_output($machine->machineType['name']) . "</td>\r\n        <td>" . escape_output(count($machine->formEntries)) . "</td>\r\n        <td>" . escape_output($lastEntry->updatedAt == '' ? "N/A" : format_mysql_timestamp($lastEntry->updatedAt)) . "</td>\r\n      </tr>\n";
     }
     echo "      </tbody>\r\n    </table>\n";
 }

예제 #21

0

파일 보기

파일: display.php 프로젝트: medikalfizikci/linac-ct-qa-management

function display_history_plot($user, $form_id)
{
    //displays plot for a particular form.
    try {
        $form = new Form($user->dbConn, $form_id);
    } catch (Exception $e) {
        echo "The form ID you provided was invalid. Please try again.\n";
        return;
    }
    echo "<div id='vis'></div>\r\n  <form action='#'>\r\n    <input type='hidden' id='form_id' name='form_id' value='" . intval($form_id) . "' />\r\n    <div class='row-fluid'>\r\n      <div class='span4'>\r\n        <div class='row-fluid'><h3 class='span12' style='text-align:center;'>Machines</h3></div>\r\n        <div class='row-fluid'>\r\n          <select multiple='multiple' id='machines' class='span12' size='10' name='machines[]'>\n";
    foreach ($form->machines as $machine) {
        echo "           <option value='" . intval($machine['id']) . "'>" . escape_output($machine['name']) . "</option>\n";
    }
    echo "         </select>\r\n        </div>\r\n      </div>\r\n      <div class='span4'>\r\n        <div class='row-fluid'><h3 class='span12' style='text-align:center;'>Fields</h3></div>\r\n        <div class='row-fluid'>\r\n          <select multiple='multiple' id='form_fields' class='span12' size='10' name='form_fields[]'>\n";
    foreach ($form->formFields as $field) {
        echo "            <option value='" . intval($field['id']) . "'>" . escape_output($field['name']) . "</option>\n";
    }
    echo "          </select>\r\n        </div>\r\n      </div>\r\n      <div class='span4'>\r\n        <div class='row-fluid'><h3 class='span12' style='text-align:center;'>Time Range</h3></div>\r\n        <div class='row-fluid'>\r\n          <div class='span12' style='text-align:center;'>(Coming soon)</div>\r\n        </div>\r\n      </div>\r\n    </div>\r\n    <div class='row-fluid'>\r\n      <div class='span12' style='text-align:center;'>As a reminder, you can highlight multiple fields by either clicking and dragging, or holding down Control and clicking on the fields you want.</div>\r\n    </div>\r\n    <div class='form-actions'>\r\n      <a class='btn btn-xlarge btn-primary' href='#' onClick='drawLargeD3Plot();'>Redraw Plot</a>\r\n    </div>\r\n  </form>\n";
}

예제 #22

0

파일 보기

파일: atom.php 프로젝트: bgarrels/textpattern

function atom()
{
    global $thisarticle;
    extract($GLOBALS['prefs']);
    define("t_texthtml", ' type="text/html"');
    define("t_text", ' type="text"');
    define("t_html", ' type="html"');
    define("t_xhtml", ' type="xhtml"');
    define('t_appxhtml', ' type="xhtml"');
    define("r_relalt", ' rel="alternate"');
    define("r_relself", ' rel="self"');
    $area = doSlash(gps('area'));
    extract(doSlash(gpsa(array('category', 'section', 'limit'))));
    $last = fetch('unix_timestamp(val)', 'txp_prefs', 'name', 'lastmod');
    $sitename .= $section ? ' - ' . $section : '';
    $sitename .= $category ? ' - ' . $category : '';
    $pub = safe_row("RealName, email", "txp_users", "privs=1");
    $out[] = tag(escape_output($sitename), 'title', t_text);
    $out[] = tag(escape_output($site_slogan), 'subtitle', t_text);
    $out[] = '<link' . r_relself . ' href="' . pagelinkurl(array('atom' => 1, 'area' => $area, 'section' => $section, 'category' => $category, 'limit' => $limit)) . '" />';
    $out[] = '<link' . r_relalt . t_texthtml . ' href="' . hu . '" />';
    $articles = array();
    //Atom feeds with mail or domain name
    $dn = explode('/', $siteurl);
    $mail_or_domain = $use_mail_on_feeds_id ? eE($blog_mail_uid) : $dn[0];
    $out[] = tag('tag:' . $mail_or_domain . ',' . $blog_time_uid . ':' . $blog_uid . ($section ? '/' . $section : '') . ($category ? '/' . $category : ''), 'id');
    $out[] = tag('Textpattern', 'generator', ' uri="http://textpattern.com/" version="' . $version . '"');
    $out[] = tag(safe_strftime("w3cdtf", $last), 'updated');
    $auth[] = tag($pub['RealName'], 'name');
    $auth[] = $include_email_atom ? tag(eE($pub['email']), 'email') : '';
    $auth[] = tag(hu, 'uri');
    $out[] = tag(n . t . t . join(n . t . t, $auth) . n, 'author');
    if (!$area or $area == 'article') {
        $sfilter = $section ? "and Section = '" . $section . "'" : '';
        $cfilter = $category ? "and (Category1='" . $category . "' or Category2='" . $category . "')" : '';
        $limit = $limit ? $limit : $rss_how_many;
        $limit = intval(min($limit, max(100, $rss_how_many)));
        $frs = safe_column("name", "txp_section", "in_rss != '1'");
        $query = array();
        foreach ($frs as $f) {
            $query[] = "and Section != '" . doSlash($f) . "'";
        }
        $query[] = $sfilter;
        $query[] = $cfilter;
        $rs = safe_rows_start("*, \n\t\t\t\tID as thisid, \n\t\t\t\tunix_timestamp(Posted) as uPosted,\n\t\t\t\tunix_timestamp(LastMod) as uLastMod", "textpattern", "Status=4 and Posted <= now() " . join(' ', $query) . "order by Posted desc limit {$limit}");
        if ($rs) {
            while ($a = nextRow($rs)) {
                extract($a);
                populateArticleData($a);
                $cb = callback_event('atom_entry');
                $e = array();
                $a['posted'] = $uPosted;
                if ($show_comment_count_in_feed) {
                    $count = $comments_count > 0 ? ' [' . $comments_count . ']' : '';
                } else {
                    $count = '';
                }
                $thisauthor = get_author_name($AuthorID);
                $e['thisauthor'] = tag(n . t . t . t . tag(htmlspecialchars($thisauthor), 'name') . n . t . t, 'author');
                $e['issued'] = tag(safe_strftime('w3cdtf', $uPosted), 'published');
                $e['modified'] = tag(safe_strftime('w3cdtf', $uLastMod), 'updated');
                $escaped_title = escape_output($Title);
                $e['title'] = tag($escaped_title . $count, 'title', t_html);
                $permlink = permlinkurl($a);
                $e['link'] = '<link' . r_relalt . t_texthtml . ' href="' . $permlink . '" />';
                $e['id'] = tag('tag:' . $mail_or_domain . ',' . $feed_time . ':' . $blog_uid . '/' . $uid, 'id');
                $e['category1'] = trim($Category1) ? '<category term="' . htmlspecialchars($Category1) . '" />' : '';
                $e['category2'] = trim($Category2) ? '<category term="' . htmlspecialchars($Category2) . '" />' : '';
                $summary = trim(replace_relative_urls(parse($thisarticle['excerpt']), $permlink));
                $content = trim(replace_relative_urls(parse($thisarticle['body']), $permlink));
                if ($syndicate_body_or_excerpt) {
                    # short feed: use body as summary if there's no excerpt
                    if (!trim($summary)) {
                        $summary = $content;
                    }
                    $content = '';
                }
                if (trim($content)) {
                    $e['content'] = tag(n . escape_cdata($content) . n, 'content', t_html);
                }
                if (trim($summary)) {
                    $e['summary'] = tag(n . escape_cdata($summary) . n, 'summary', t_html);
                }
                $articles[$ID] = tag(n . t . t . join(n . t . t, $e) . n . $cb, 'entry');
                $etags[$ID] = strtoupper(dechex(crc32($articles[$ID])));
                $dates[$ID] = $uLastMod;
            }
        }
    } elseif ($area == 'link') {
        $cfilter = $category ? "category='" . $category . "'" : '1';
        $limit = $limit ? $limit : $rss_how_many;
        $limit = intval(min($limit, max(100, $rss_how_many)));
        $rs = safe_rows_start("*", "txp_link", "{$cfilter} order by date desc, id desc limit {$limit}");
        if ($rs) {
            while ($a = nextRow($rs)) {
                extract($a);
                $e['title'] = tag(htmlspecialchars($linkname), 'title', t_html);
                $e['content'] = tag(n . htmlspecialchars($description) . n, 'content', t_html);
                $url = preg_replace("/^\\/(.*)/", "https?://{$siteurl}/\$1", $url);
                $url = preg_replace("/&((?U).*)=/", "&amp;\\1=", $url);
                $e['link'] = '<link' . r_relalt . t_texthtml . ' href="' . $url . '" />';
                $e['issued'] = tag(safe_strftime('w3cdtf', strtotime($date)), 'published');
                $e['modified'] = tag(gmdate('Y-m-d\\TH:i:s\\Z', strtotime($date)), 'updated');
                $e['id'] = tag('tag:' . $mail_or_domain . ',' . $feed_time . ':' . $id, 'id');
                $articles[$id] = tag(n . t . t . join(n . t . t, $e) . n, 'entry');
                $etags[$id] = strtoupper(dechex(crc32($articles[$id])));
                $dates[$id] = $date;
            }
        }
    }
    if (!empty($articles)) {
        //turn on compression if we aren't using it already
        if (extension_loaded('zlib') && ini_get("zlib.output_compression") == 0 && ini_get('output_handler') != 'ob_gzhandler' && !headers_sent()) {
            @ob_start("ob_gzhandler");
        }
        handle_lastmod();
        $hims = serverset('HTTP_IF_MODIFIED_SINCE');
        $imsd = $hims ? strtotime($hims) : 0;
        if ($imsd >= $last) {
            txp_status_header("304 Not Modified");
            exit;
        }
        header("Last-Modified: " . gmdate('D, d M Y H:i:s \\G\\M\\T', $last));
        if (is_callable('apache_request_headers')) {
            $headers = apache_request_headers();
            if (isset($headers["A-IM"])) {
                $canaim = strpos($headers["A-IM"], "feed");
            } else {
                $canaim = false;
            }
        } else {
            $canaim = false;
        }
        $hinm = stripslashes(serverset('HTTP_IF_NONE_MATCH'));
        $cutarticles = false;
        if ($canaim !== false) {
            foreach ($articles as $id => $thing) {
                if (strpos($hinm, $etags[$id])) {
                    unset($articles[$id]);
                    $cutarticles = true;
                    $cut_etag = true;
                }
                if ($dates[$id] < $imsd) {
                    unset($articles[$id]);
                    $cutarticles = true;
                    $cut_time = true;
                }
            }
        }
        if (isset($cut_etag) && isset($cut_time)) {
            header("Vary: If-None-Match, If-Modified-Since");
        } else {
            if (isset($cut_etag)) {
                header("Vary: If-None-Match");
            } else {
                if (isset($cut_time)) {
                    header("Vary: If-Modified-Since");
                }
            }
        }
        $etag = @join("-", $etags);
        if (strstr($hinm, $etag)) {
            header("HTTP/1.1 304 Not Modified");
            exit;
        }
        if ($etag) {
            header('ETag: "' . $etag . '"');
        }
        if ($cutarticles) {
            //header("HTTP/1.1 226 IM Used");
            //This should be used as opposed to 200, but Apache doesn't like it.
            //http://intertwingly.net/blog/2004/09/11/Vary-ETag/ says that the status code should be 200.
            header("Cache-Control: no-store, im");
            header("IM: feed");
        }
        $out = array_merge($out, $articles);
        header('Content-type: application/atom+xml; charset=utf-8');
        return chr(60) . '?xml version="1.0" encoding="UTF-8"?' . chr(62) . n . '<feed xml:lang="' . $language . '" xmlns="http://www.w3.org/2005/Atom">' . join(n, $out) . '</feed>';
    }
}

예제 #23

0

파일 보기

파일: user.php 프로젝트: medikalfizikci/linac-ct-qa-management

        }
        if ($user->isAdmin()) {
            $facility_id = $database->queryFirstValue("SELECT `facility_id` FROM `users` WHERE `id` = " . intval($_REQUEST['id']) . " LIMIT 1");
            if (!$facility_id) {
                display_error("Error: Invalid user ID", "Please check your ID and try again.");
                break;
            } elseif (intval($facility_id) != $user->facility['id']) {
                display_error("Error: Insufficient privileges", "You may only view your own facility's users.");
                break;
            }
        }
        echo "<h1>Modify a user</h1>\r\n";
        display_user_edit_form($user, intval($_REQUEST['id']));
        break;
    case 'show':
        $userName = $database->queryFirstValue("SELECT `name` FROM `users` WHERE `id` = " . intval($_REQUEST['id']) . " LIMIT 1");
        if (!$userName) {
            echo "This user was not found. Please select another user and try again.";
        } else {
            echo "<h1>" . escape_output($userName) . "</h1>\r\n";
            display_user_profile($user, intval($_REQUEST['id']));
        }
        break;
    default:
    case 'index':
        echo "<h1>Users</h1>\r\n";
        display_users($user);
        echo "<a href='user.php?action=new'>Add a new user</a><br />\r\n";
        break;
}
display_footer();

PHP escape_output 예제들