/** * Gets all User data from DB by User ID * * <code> * $user_data = array( * *string 'userid' => 'User ID' * ) * </code> * * @static * @param array $user_data * @return array|boolean User data as array or false if error */ public static function getById($user_data) { $user = get_user_by_userid($user_data['userid']); if ($user) { return $user; } else { self::$error = array('error' => ZBX_API_ERROR_INTERNAL, 'data' => 'User with id: ' . $user_data['userid'] . ' doesn\'t exists.'); return false; } }
function make_acktab_by_eventid($eventid) { $table = new CTableInfo(); $table->SetHeader(array(S_TIME, S_USER, S_COMMENTS)); $acks = get_acknowledges_by_eventid($eventid); while ($ack = DBfetch($acks)) { $user = get_user_by_userid($ack['userid']); $table->AddRow(array(date('d-m-Y h:i:s A', $ack['clock']), $user['alias'], new CCol(zbx_nl2br($ack['message']), 'wraptext'))); } return $table; }
//$orderby="a.`date_posted` DESC"; // default break; case 'views': $tplvars['page_title'] = $GLOBALS['_lang'][105]; $input['acclevel_code'] = 'search_blog'; $orderby = "a.`stat_views` DESC"; break; case 'comm': $tplvars['page_title'] = $GLOBALS['_lang'][106]; $input['acclevel_code'] = 'search_blog'; $orderby = "a.`stat_comments` DESC"; break; case 'uid': $input['acclevel_code'] = 'search_blog'; $input['uid'] = sanitize_and_format_gpc($_GET, 'uid', TYPE_INT, 0, 0); $tplvars['page_title'] = sprintf($GLOBALS['_lang'][108], get_user_by_userid($input['uid'])); $where = "a.`fk_user_id`=" . $input['uid'] . " AND " . $where; $orderby = "a.`post_id` DESC"; break; case 'tag': $tplvars['page_title'] = $GLOBALS['_lang'][107]; $input['acclevel_code'] = 'search_blog'; $input['tags'] = isset($_GET['tags']) ? $_GET['tags'] : ''; // remove extra spaces and words with less than 3 chars $input['tags'] = trim(preg_replace(array("/\\s\\s+/", "/\\b[^\\s]{1,3}\\b/"), array(' ', ''), $input['tags'])); $input['tags'] = sanitize_and_format($input['tags'], TYPE_STRING, $__field2format[FIELD_TEXTFIELD]); if (!empty($input['tags'])) { $select .= ",MATCH (a.`title`,a.`post_content`) AGAINST ('" . $input['tags'] . "' IN BOOLEAN MODE) as `match_score`"; $where .= " AND MATCH (a.`title`,a.`post_content`) AGAINST ('" . $input['tags'] . "' IN BOOLEAN MODE)"; $orderby = "`match_score` DESC"; } else {
$output['pic_width'] = get_site_option('pic_width', 'core_photo'); $loop_comments = array(); if (!empty($photo_id)) { $query = "SELECT `photo_id`,`is_private`,`photo`,`caption`,`fk_user_id`,`_user` as `user`,`status`,`allow_comments`,`allow_rating`,`stat_votes`,`stat_votes_total` FROM `{$dbtable_prefix}user_photos` WHERE `photo_id`={$photo_id}"; if (!($res = @mysql_query($query))) { trigger_error(mysql_error(), E_USER_ERROR); } if (mysql_num_rows($res)) { $output = array_merge($output, mysql_fetch_assoc($res)); $is_friend = false; if (!empty($_SESSION[_LICENSE_KEY_]['user']['user_id'])) { $is_friend = is_network_member($output['fk_user_id'], $_SESSION[_LICENSE_KEY_]['user']['user_id'], NET_FRIENDS); } if (!empty($output['is_private']) && (empty($_SESSION[_LICENSE_KEY_]['user']['user_id']) || $output['fk_user_id'] != $_SESSION[_LICENSE_KEY_]['user']['user_id'] && !$is_friend)) { $topass['message']['type'] = MESSAGE_ERROR; $topass['message']['text'] = sprintf($GLOBALS['_lang'][277], _BASEURL_ . '/profile.php?uid=' . $output['fk_user_id'], get_user_by_userid($output['fk_user_id'])); redirect2page('info.php', $topass); } elseif ($output['status'] == STAT_APPROVED || !empty($_SESSION[_LICENSE_KEY_]['user']['user_id']) && $output['fk_user_id'] == $_SESSION[_LICENSE_KEY_]['user']['user_id']) { $output['caption'] = sanitize_and_format($output['caption'], TYPE_STRING, $__field2format[TEXT_DB2DISPLAY]); if (!empty($output['allow_rating'])) { if ($output['stat_votes'] > 0) { $output['rate_num'] = number_format($output['stat_votes_total'] / $output['stat_votes'], 1); } else { $output['rate_num'] = 0; } $output['rate_percent'] = (int) ($output['rate_num'] * 100 / 5); } else { unset($output['allow_rating']); } if (!empty($_SESSION[_LICENSE_KEY_]['user']['user_id']) && $output['fk_user_id'] == $_SESSION[_LICENSE_KEY_]['user']['user_id']) { $output['photo_owner'] = true;
$query .= " OR (`fk_user_id`=" . $input['uid'] . " AND `fk_net_id`=" . $input['net_id'] . " AND `fk_user_id_other`='" . $_SESSION[_LICENSE_KEY_]['user']['user_id'] . "')"; } if (isset($_on_before_delete)) { for ($i = 0; isset($_on_before_delete[$i]); ++$i) { call_user_func($_on_before_delete[$i]); } } if (!($res = @mysql_query($query))) { trigger_error(mysql_error(), E_USER_ERROR); } if (isset($_on_after_delete)) { for ($i = 0; isset($_on_after_delete[$i]); ++$i) { call_user_func($_on_after_delete[$i]); } } if ($input['net_id'] == NET_BLOCK) { del_message_filter(array('filter_type' => FILTER_SENDER, 'fk_user_id' => $_SESSION[_LICENSE_KEY_]['user']['user_id'], 'field_value' => $input['uid'])); add_member_score($input['uid'], 'unblock_member'); } $topass['message']['type'] = MESSAGE_INFO; $topass['message']['text'] = sprintf($GLOBALS['_lang'][87], get_user_by_userid($input['uid']), get_net_name($input['net_id'])); } } if ($error) { // you must re-read all textareas from $_GET like this: // $input['x']=addslashes_mq($_GET['x']); $input = sanitize_and_format($input, TYPE_STRING, FORMAT_HTML2TEXT_FULL | FORMAT_STRIPSLASH); $topass['input'] = $input; } $nextpage = _BASEURL_ . '/' . $nextpage; redirect2page($nextpage, $topass, '', true);
$amtpls = array(); $i = 0; while ($rsrow = mysql_fetch_assoc($res)) { $rsrow = sanitize_and_format($rsrow, TYPE_STRING, $__field2format[TEXT_DB2EDIT]); $amtpls[$rsrow['amtpl_id']] = $rsrow['amtpl_name']; if ($i == 0 && !$returned) { $output['reason_title'] = $rsrow['subject']; $output['reject_reason'] = $rsrow['message_body']; } $i++; } $output['amtpl_id'] = vector2options($amtpls); switch ($output['t']) { case AMTPL_REJECT_MEMBER: $output['user_id'] = $output['id']; $output['user'] = get_user_by_userid($output['id']); $output['reject_member'] = true; $tplvars['title'] = 'Reject a member profile'; break; case AMTPL_REJECT_PHOTO: $query = "SELECT `fk_user_id` as `user_id`,`_user` as `user`,`photo` FROM `{$dbtable_prefix}user_photos` WHERE `photo_id`=" . $output['id']; if (!($res = @mysql_query($query))) { trigger_error(mysql_error(), E_USER_ERROR); } if (mysql_num_rows($res)) { list($output['user_id'], $output['user'], $output['photo']) = mysql_fetch_row($res); } $output['reject_photo'] = true; $tplvars['title'] = 'Reject a photo'; break; case AMTPL_REJECT_BLOG:
function get_act_new_oper_form($action = null) { $tblOper = new CTableInfo(); if (isset($_REQUEST['actionid']) && empty($action)) { $action = get_action_by_actionid($_REQUEST['actionid']); } $operations = get_request("operations", array()); if (isset($_REQUEST['actionid']) && !isset($_REQUEST['form_refresh'])) { $eventsource = $action['eventsource']; } else { $eventsource = get_request('eventsource'); } $allowed_operations = get_operations_by_eventsource($eventsource); /* init new_operation variable */ $new_operation = get_request('new_operation', array()); if (!is_array($new_operation)) { $new_operation = array(); $new_operation['default_msg'] = 1; } if (!isset($new_operation['operationtype'])) { $new_operation['operationtype'] = OPERATION_TYPE_MESSAGE; } if (!isset($new_operation['object'])) { $new_operation['object'] = OPERATION_OBJECT_GROUP; } if (!isset($new_operation['objectid'])) { $new_operation['objectid'] = 0; } if (!isset($new_operation['shortdata'])) { $new_operation['shortdata'] = '{TRIGGER.NAME}: {STATUS}'; } if (!isset($new_operation['longdata'])) { $new_operation['longdata'] = '{TRIGGER.NAME}: {STATUS}'; } if (!isset($new_operation['esc_step_from'])) { $new_operation['esc_step_from'] = 1; } if (!isset($new_operation['esc_step_to'])) { $new_operation['esc_step_to'] = 1; } if (!isset($new_operation['esc_period'])) { $new_operation['esc_period'] = 0; } if (!isset($new_operation['evaltype'])) { $new_operation['evaltype'] = 0; } if (!isset($new_operation['opconditions'])) { $new_operation['opconditions'] = array(); } if (!isset($new_operation['default_msg'])) { $new_operation['default_msg'] = 0; } unset($update_mode); $evaltype = $new_operation['evaltype']; if (isset($new_operation['id'])) { $tblOper->addItem(new CVar('new_operation[id]', $new_operation['id'])); $update_mode = true; } $tblNewOperation = new CTable(null, 'nowrap'); if (isset($_REQUEST['escalation'])) { $tblStep = new CTable(null, 'nowrap'); $step_from = new CNumericBox('new_operation[esc_step_from]', $new_operation['esc_step_from'], 4); $step_from->addAction('onchange', 'javascript:' . $step_from->GetOption('onchange') . ' if(this.value == 0) this.value=1;'); $tblStep->addRow(array(S_FROM, $step_from)); $tblStep->addRow(array(S_TO, new CCol(array(new CNumericBox('new_operation[esc_step_to]', $new_operation['esc_step_to'], 4), ' [0-' . S_INFINITY . ']')))); $tblStep->addRow(array(S_PERIOD, new CCol(array(new CNumericBox('new_operation[esc_period]', $new_operation['esc_period'], 5), ' [0-' . S_DEFAULT . ']')))); $tblNewOperation->addRow(array(S_STEP, $tblStep)); } else { $tblOper->addItem(new CVar('new_operation[esc_period]', $new_operation['esc_period'])); $tblOper->addItem(new CVar('new_operation[esc_step_from]', $new_operation['esc_step_from'])); $tblOper->addItem(new CVar('new_operation[esc_step_to]', $new_operation['esc_step_to'])); $tblOper->addItem(new CVar('new_operation[evaltype]', $new_operation['evaltype'])); } $cmbOpType = new CComboBox('new_operation[operationtype]', $new_operation['operationtype'], 'submit()'); foreach ($allowed_operations as $oper) { $cmbOpType->addItem($oper, operation_type2str($oper)); } $tblNewOperation->addRow(array(S_OPERATION_TYPE, $cmbOpType)); switch ($new_operation['operationtype']) { case OPERATION_TYPE_MESSAGE: if ($new_operation['object'] == OPERATION_OBJECT_GROUP) { $object_srctbl = 'usrgrp'; $object_srcfld1 = 'usrgrpid'; $object_name = get_group_by_usrgrpid($new_operation['objectid']); $display_name = 'name'; } else { $object_srctbl = 'users'; $object_srcfld1 = 'userid'; $object_name = get_user_by_userid($new_operation['objectid']); $display_name = 'alias'; } $tblOper->addItem(new CVar('new_operation[objectid]', $new_operation['objectid'])); if ($object_name) { $object_name = $object_name[$display_name]; } $cmbObject = new CComboBox('new_operation[object]', $new_operation['object'], 'submit()'); $cmbObject->addItem(OPERATION_OBJECT_USER, S_SINGLE_USER); $cmbObject->addItem(OPERATION_OBJECT_GROUP, S_USER_GROUP); $tblNewOperation->addRow(array(S_SEND_MESSAGE_TO, array($cmbObject, new CTextBox('object_name', $object_name, 40, 'yes'), new CButton('select_object', S_SELECT, 'return PopUp("popup.php?dstfrm=' . S_ACTION . '&dstfld1=new_operation%5Bobjectid%5D&dstfld2=object_name' . '&srctbl=' . $object_srctbl . '&srcfld1=' . $object_srcfld1 . '&srcfld2=' . $display_name . '",450,450)', 'T')))); $tblNewOperation->addRow(array(S_DEFAULT_MESSAGE, new CCheckBox('new_operation[default_msg]', $new_operation['default_msg'], 'javascript: submit();', 1))); if (!$new_operation['default_msg']) { $tblNewOperation->addRow(array(S_SUBJECT, new CTextBox('new_operation[shortdata]', $new_operation['shortdata'], 77))); $tblNewOperation->addRow(array(S_MESSAGE, new CTextArea('new_operation[longdata]', $new_operation['longdata'], 77, 7))); } else { $tblOper->addItem(new CVar('new_operation[shortdata]', $new_operation['shortdata'])); $tblOper->addItem(new CVar('new_operation[longdata]', $new_operation['longdata'])); } break; case OPERATION_TYPE_COMMAND: $tblOper->addItem(new CVar('new_operation[object]', 0)); $tblOper->addItem(new CVar('new_operation[objectid]', 0)); $tblOper->addItem(new CVar('new_operation[shortdata]', '')); $tblNewOperation->addRow(array(S_REMOTE_COMMAND, new CTextArea('new_operation[longdata]', $new_operation['longdata'], 77, 7))); break; case OPERATION_TYPE_HOST_ADD: $tblOper->addItem(new CVar('new_operation[object]', 0)); $tblOper->addItem(new CVar('new_operation[objectid]', 0)); $tblOper->addItem(new CVar('new_operation[shortdata]', '')); $tblOper->addItem(new CVar('new_operation[longdata]', '')); break; case OPERATION_TYPE_HOST_REMOVE: $tblOper->addItem(new CVar('new_operation[object]', 0)); $tblOper->addItem(new CVar('new_operation[objectid]', 0)); $tblOper->addItem(new CVar('new_operation[shortdata]', '')); $tblOper->addItem(new CVar('new_operation[longdata]', '')); break; case OPERATION_TYPE_GROUP_ADD: $tblOper->addItem(new CVar('new_operation[object]', 0)); $tblOper->addItem(new CVar('new_operation[objectid]', $new_operation['objectid'])); $tblOper->addItem(new CVar('new_operation[shortdata]', '')); $tblOper->addItem(new CVar('new_operation[longdata]', '')); if ($object_name = DBfetch(DBselect('select name FROM groups WHERE groupid=' . $new_operation['objectid']))) { $object_name = $object_name['name']; } $tblNewOperation->addRow(array(S_GROUP, array(new CTextBox('object_name', $object_name, 40, 'yes'), new CButton('select_object', S_SELECT, 'return PopUp("popup.php?dstfrm=' . S_ACTION . '&dstfld1=new_operation%5Bobjectid%5D&dstfld2=object_name' . '&srctbl=host_group&srcfld1=groupid&srcfld2=name' . '",450,450)', 'T')))); break; case OPERATION_TYPE_GROUP_REMOVE: $tblOper->addItem(new CVar('new_operation[object]', 0)); $tblOper->addItem(new CVar('new_operation[objectid]', $new_operation['objectid'])); $tblOper->addItem(new CVar('new_operation[shortdata]', '')); $tblOper->addItem(new CVar('new_operation[longdata]', '')); if ($object_name = DBfetch(DBselect('select name FROM groups WHERE groupid=' . $new_operation['objectid']))) { $object_name = $object_name['name']; } $tblNewOperation->addRow(array(S_GROUP, array(new CTextBox('object_name', $object_name, 40, 'yes'), new CButton('select_object', S_SELECT, 'return PopUp("popup.php?dstfrm=' . S_ACTION . '&dstfld1=new_operation%5Bobjectid%5D&dstfld2=object_name' . '&srctbl=host_group&srcfld1=groupid&srcfld2=name' . '",450,450)', 'T')))); break; case OPERATION_TYPE_TEMPLATE_ADD: $tblOper->addItem(new CVar('new_operation[object]', 0)); $tblOper->addItem(new CVar('new_operation[objectid]', $new_operation['objectid'])); $tblOper->addItem(new CVar('new_operation[shortdata]', '')); $tblOper->addItem(new CVar('new_operation[longdata]', '')); if ($object_name = DBfetch(DBselect('SELECT host FROM hosts ' . ' WHERE status=' . HOST_STATUS_TEMPLATE . ' AND hostid=' . $new_operation['objectid']))) { $object_name = $object_name['host']; } $tblNewOperation->addRow(array(S_TEMPLATE, array(new CTextBox('object_name', $object_name, 40, 'yes'), new CButton('select_object', S_SELECT, 'return PopUp("popup.php?dstfrm=' . S_ACTION . '&dstfld1=new_operation%5Bobjectid%5D&dstfld2=object_name' . '&srctbl=host_templates&srcfld1=hostid&srcfld2=host' . '",450,450)', 'T')))); break; case OPERATION_TYPE_TEMPLATE_REMOVE: $tblOper->addItem(new CVar('new_operation[object]', 0)); $tblOper->addItem(new CVar('new_operation[objectid]', $new_operation['objectid'])); $tblOper->addItem(new CVar('new_operation[shortdata]', '')); $tblOper->addItem(new CVar('new_operation[longdata]', '')); if ($object_name = DBfetch(DBselect('SELECT host FROM hosts ' . ' WHERE status=' . HOST_STATUS_TEMPLATE . ' AND hostid=' . $new_operation['objectid']))) { $object_name = $object_name['host']; } $tblNewOperation->addRow(array(S_TEMPLATE, array(new CTextBox('object_name', $object_name, 40, 'yes'), new CButton('select_object', S_SELECT, 'return PopUp("popup.php?dstfrm=' . S_ACTION . '&dstfld1=new_operation%5Bobjectid%5D&dstfld2=object_name' . '&srctbl=host_templates&srcfld1=hostid&srcfld2=host' . '",450,450)', 'T')))); break; } // new Operation conditions if (isset($_REQUEST['escalation'])) { $tblCond = new CTable(); $opconditions = $new_operation['opconditions']; $allowed_opconditions = get_opconditions_by_eventsource($eventsource); // show opcondition LIST zbx_rksort($opconditions); /* group opconditions by type */ $grouped_opconditions = array(); $cond_el = new CTable(S_NO_CONDITIONS_DEFINED); $i = 0; foreach ($opconditions as $val) { if (!isset($val['conditiontype'])) { $val['conditiontype'] = 0; } if (!isset($val['operator'])) { $val['operator'] = 0; } if (!isset($val['value'])) { $val['value'] = 0; } if (!str_in_array($val["conditiontype"], $allowed_opconditions)) { continue; } $label = chr(ord('A') + $i); $cond_el->addRow(array('(' . $label . ')', array(new CCheckBox("g_opconditionid[]", 'no', null, $i), get_condition_desc($val["conditiontype"], $val["operator"], $val["value"])))); $tblCond->addItem(new CVar("new_operation[opconditions][{$i}][conditiontype]", $val["conditiontype"])); $tblCond->addItem(new CVar("new_operation[opconditions][{$i}][operator]", $val["operator"])); $tblCond->addItem(new CVar("new_operation[opconditions][{$i}][value]", $val["value"])); $grouped_opconditions[$val["conditiontype"]][] = $label; $i++; } unset($opconditions); $cond_buttons = array(); if (!isset($_REQUEST['new_opcondition'])) { $cond_buttons[] = new CButton('new_opcondition', S_NEW); } if ($cond_el->ItemsCount() > 0) { if ($cond_el->ItemsCount() > 1) { /* prepare opcondition calcuation type selector */ switch ($evaltype) { case ACTION_EVAL_TYPE_AND: $group_op = $glog_op = S_AND; break; case ACTION_EVAL_TYPE_OR: $group_op = $glog_op = S_OR; break; default: $group_op = S_OR; $glog_op = S_AND; break; } foreach ($grouped_opconditions as $id => $val) { $grouped_opconditions[$id] = '(' . implode(' ' . $group_op . ' ', $val) . ')'; } $grouped_opconditions = implode(' ' . $glog_op . ' ', $grouped_opconditions); $cmb_calc_type = new CComboBox('new_operation[evaltype]', $evaltype, 'submit()'); $cmb_calc_type->addItem(ACTION_EVAL_TYPE_AND_OR, S_AND_OR_BIG); $cmb_calc_type->addItem(ACTION_EVAL_TYPE_AND, S_AND_BIG); $cmb_calc_type->addItem(ACTION_EVAL_TYPE_OR, S_OR_BIG); $tblNewOperation->addRow(array(S_TYPE_OF_CALCULATION, new CCol(array($cmb_calc_type, new CTextBox('preview', $grouped_opconditions, 60, 'yes'))))); unset($cmb_calc_type, $group_op, $glog_op); /* end of calcuation type selector */ } else { $tblCond->addItem(new CVar('new_operation[evaltype]', ACTION_EVAL_TYPE_AND_OR)); } $cond_buttons[] = new CButton('del_opcondition', S_DELETE_SELECTED); } else { $tblCond->addItem(new CVar('new_operation[evaltype]', ACTION_EVAL_TYPE_AND_OR)); } $tblCond->addRow($cond_el); $tblCond->addRow(new CCol($cond_buttons)); // end of opcondition LIST $tblNewOperation->addRow(array(S_CONDITIONS, $tblCond)); unset($grouped_opconditions, $cond_el, $cond_buttons, $tblCond); } $tblOper->addRow($tblNewOperation); $td = new CCol(array(new CButton('add_operation', isset($update_mode) ? S_SAVE : S_ADD), SPACE, new CButton('cancel_new_operation', S_CANCEL))); $td->addOption('colspan', '3'); $td->addOption('style', 'text-align: right;'); $tblOper->SetFooter($td); return $tblOper; }
$last_page['url'] = 'tr_status.php?hostid=' . get_profile('web.tr_status.hostid', 0); } redirect($last_page['url']); exit; } } } $msg = $bulk ? ' BULK ACKNOWLEDGE ' : array('"' . expand_trigger_description_by_data($db_data) . '"', BR(), explode_exp($db_data["expression"], 1)); show_table_header(array(S_ALARM_ACKNOWLEDGES_BIG, ' : ', $msg)); echo SBR; if (!$bulk) { $table = new CTable(NULL, 'ack_msgs'); $table->setAlign('center'); $db_acks = get_acknowledges_by_eventid($db_data['eventid']); while ($db_ack = DBfetch($db_acks)) { $db_user = get_user_by_userid($db_ack['userid']); $table->addRow(array(new CCol($db_user['alias'], 'user'), new CCol(date('d-m-Y h:i:s A', $db_ack['clock']), 'time')), 'title'); $msgCol = new CCol(zbx_nl2br($db_ack['message'])); $msgCol->setColspan(2); $table->addRow($msgCol, 'msg'); } /**/ if ($table->getNumRows() > 0) { $table->Show(); echo SBR; } } insert_new_message_form($events, $bulk); ?> <?php
function Upload_image() { $config['upload_path'] = './new_picture'; $config['max_size'] = 1024 * 10; $config['allowed_types'] = 'gif|png|jpg|jpeg'; $config['encrypt_name'] = TRUE; $this->load->library('upload', $config); if (!empty($new_picture)) { if (($new_picture_type == 'image/gif' || $new_picture_type == 'image/jpeg' || $new_picture_type == 'image/pjpeg' || $new_picture_type == 'image/png') && $new_picture_size > 0 && $new_picture_size <= MM_MAXFILESIZE && $new_picture_width <= MM_MAXIMGWIDTH && $new_picture_height <= MM_MAXIMGHEIGHT) { if ($_FILES['new_picture']['error'] == 0) { // Move the file to the target upload folder $target = MM_UPLOADPATH . basename($new_picture); if (move_uploaded_file($_FILES['new_picture']['tmp_name'], $target)) { // The new picture file move was successful, now make sure any old picture is deleted if (!empty($old_picture) && $old_picture != $new_picture) { @unlink(MM_UPLOADPATH . $old_picture); } } else { // The new picture file move failed, so delete the temporary file and set the error flag @unlink($_FILES['new_picture']['tmp_name']); $error = true; echo '<p class="error">Sorry, there was a problem uploading your picture.</p>'; } } } else { // The new picture file is not valid, so delete the temporary file and set the error flag @unlink($_FILES['new_picture']['tmp_name']); $error = true; echo '<p class="error">Your picture must be a GIF, JPEG, or PNG image file no greater than ' . MM_MAXFILESIZE / 1024 . ' KB and ' . MM_MAXIMGWIDTH . 'x' . MM_MAXIMGHEIGHT . ' pixels in size.</p>'; } } // Update the profile data in the database if (!$error) { if (!empty($first_name) && !empty($last_name) && !empty($gender) && !empty($birthdate) && !empty($city) && !empty($state)) { update_user($first_name, $last_name, $gender, $birthdate, $city, $state, $new_picture, $_SESSION['user_id']); // Confirm success with the user echo '<p>Your profile has been successfully updated. Would you like to <a href="viewprofile.php">view your profile</a>?</p>'; exit; } else { echo '<p class="error">You must enter all of the profile data (the picture is optional).</p>'; } } else { // Grab the profile data from the database $user = get_user_by_userid($_SESSION['user_id']); if ($user != NULL) { $first_name = $user['first_name']; $last_name = $user['last_name']; $gender = $user['gender']; $birthdate = $user['birthdate']; $city = $user['city']; $state = $user['state']; $old_picture = $user['picture']; } else { echo '<p class="error">There was a problem accessing your profile.</p>'; } } }
$last_page['url'] = 'tr_status.php?hostid=' . get_profile('web.tr_status.hostid', 0); } redirect($last_page['url']); exit; } } } $msg = $bulk ? ' BULK ACKNOWLEDGE ' : array('"' . expand_trigger_description_by_data($db_data) . '"', BR(), explode_exp($db_data["expression"], 1)); show_table_header(array(S_ALARM_ACKNOWLEDGES_BIG, ' : ', $msg)); echo SBR; if (!$bulk) { $table = new CTable(NULL, "ack_msgs"); $table->SetAlign("center"); $db_acks = get_acknowledges_by_eventid($db_data["eventid"]); while ($db_ack = DBfetch($db_acks)) { $db_user = get_user_by_userid($db_ack["userid"]); $table->AddRow(array(new CCol($db_user["alias"], "user"), new CCol(date("d-m-Y h:i:s A", $db_ack["clock"]), "time")), "title"); $msgCol = new CCol(zbx_nl2br($db_ack['message'])); $msgCol->SetColspan(2); $table->AddRow($msgCol, "msg"); } /**/ if ($table->GetNumRows() > 0) { $table->Show(); echo SBR; } } insert_new_message_form($events, $bulk); ?> <?php
function get_resource_name($permission, $id) { $res = '-'; if ($permission == 'Graph') { if (isset($id) && $id != 0) { if ($graph = get_graph_by_graphid($id)) { $res = $graph['name']; } } else { if (!isset($id) || $id == 0) { $res = 'All graphs'; } } } else { if ($permission == 'Host') { if (isset($id) && $id != 0) { if ($host = get_host_by_hostid($id)) { $res = $host['host']; } } else { if (!isset($id) || $id == 0) { $res = 'All hosts'; } } } else { if ($permission == 'Screen') { if (isset($id) && $id != 0) { if ($screen = get_screen_by_screenid($id)) { $res = $screen['name']; } } else { if (!isset($id) || $id == 0) { $res = 'All screens'; } } } else { if ($permission == 'Item') { if (isset($id) && $id != 0) { if ($item = get_item_by_itemid($id)) { if ($host = get_host_by_hostid($item['hostid'])) { $res = $host['host'] . ':' . $item['description']; } } } else { if (!isset($id) || $id == 0) { $res = 'All items'; } } } else { if ($permission == 'User') { if (isset($id) && $id != 0) { if ($user = get_user_by_userid($id)) { $res = $user['alias']; } } else { if (!isset($id) || $id == 0) { $res = 'All users'; } } } else { if ($permission == 'Network map') { if (isset($id) && $id != 0) { if ($user = get_sysmap_by_sysmapid($id)) { $res = $user['name']; } } else { if (!isset($id) || $id == 0) { $res = 'All maps'; } } } else { if ($permission == 'Application') { if (isset($id) && $id > 0) { if ($app = get_application_by_applicationid($id)) { $res = $app['name']; } } else { if (!isset($id) || $id == 0) { $res = 'All applications'; } } } else { if ($permission == 'Service') { if (isset($id) && $id > 0) { if ($service = get_service_by_serviceid($id)) { $res = $service['name']; } } else { if (!isset($id) || $id == 0) { $res = 'All services'; } } } } } } } } } } if ($res == '-' && isset($id) && $id > 0) { $res = $id; } return $res; }
$result = DBend($result); show_messages($result, S_USER_UPDATED, S_CANNOT_UPDATE_USER); if ($result) { add_audit(AUDIT_ACTION_DELETE, AUDIT_RESOURCE_USER_GROUP, 'User alias [' . $user['alias'] . '] name [' . $user['name'] . '] surname [' . $user['surname'] . ']'); unset($_REQUEST['usrgrpid']); unset($_REQUEST['userid']); } unset($_REQUEST['grpaction']); unset($_REQUEST['form']); } else { if ($_REQUEST['go'] == 'delete' && isset($_REQUEST['group_userid'])) { $result = false; $group_userid = get_request('group_userid', array()); DBstart(); foreach ($group_userid as $userid) { if (!($user_data = get_user_by_userid($userid))) { continue; } $result |= delete_user($userid); if ($result) { add_audit(AUDIT_ACTION_DELETE, AUDIT_RESOURCE_USER, 'User alias [' . $user_data['alias'] . '] name [' . $user_data['name'] . '] surname [' . $user_data['surname'] . ']'); } } $result = DBend($result); show_messages($result, S_USER_DELETED, S_CANNOT_DELETE_USER); } } } } } }
<?php // Make sure the user is logged in before going any further. if (!isset($_SESSION['user_id'])) { echo anchor('controllers/editprofile/is_loged_in' . $row->user_id, 'is_loged_in'); exit; } else { echo anchor('You are logged in as ' . $_SESSION['username'] . '. <a contorllers/logout">Log out</a>.</p>'); } // Grab the profile data from the database if (!isset($_GET['user_id'])) { $user_id = $_SESSION['user_id']; } else { $user_id = $_GET['user_id']; } $user = get_user_by_userid($user_id); if ($user_id >= 1) { // The user user was found so display the user data echo '<table>'; if (!empty($user['username'])) { echo '<tr><td class="label">Username:</td><td>' . $user['username'] . '</td></tr>'; } if (!empty($user['first_name'])) { echo '<tr><td class="label">First name:</td><td>' . $user['first_name'] . '</td></tr>'; } if (!empty($user['last_name'])) { echo '<tr><td class="label">Last name:</td><td>' . $user['last_name'] . '</td></tr>'; } if (!empty($user['gender'])) { echo '<tr><td class="label">Gender:</td><td>'; if ($user['gender'] == 'M') {
if (!is_network_member($input['fk_user_id'], $_SESSION[_LICENSE_KEY_]['user']['user_id'], NET_BLOCK)) { // sender of the message: me $input['fk_user_id_other'] = $_SESSION[_LICENSE_KEY_]['user']['user_id']; $input['_user_other'] = $_SESSION[_LICENSE_KEY_]['user']['user']; $input['subject'] = remove_banned_words($input['subject']); $input['message_body'] = remove_banned_words($input['message_body']); if (isset($_on_before_insert)) { for ($i = 0; isset($_on_before_insert[$i]); ++$i) { call_user_func($_on_before_insert[$i]); } } queue_or_send_message($input, true); // save the message in my outbox $input['fk_user_id_other'] = $input['fk_user_id']; $input['fk_user_id'] = $_SESSION[_LICENSE_KEY_]['user']['user_id']; $input['_user_other'] = get_user_by_userid($input['fk_user_id_other']); $query = "INSERT INTO `{$dbtable_prefix}user_outbox` SET `date_sent`='" . gmdate('YmdHis') . "'"; foreach ($user_outbox_default['defaults'] as $k => $v) { if (isset($input[$k])) { $query .= ",`{$k}`='" . $input[$k] . "'"; } } if (!($res = @mysql_query($query))) { trigger_error(mysql_error(), E_USER_ERROR); } update_stats($_SESSION[_LICENSE_KEY_]['user']['user_id'], 'mess_sent', 1); $topass['message']['type'] = MESSAGE_INFO; $topass['message']['text'] = $GLOBALS['_lang'][198]; if (isset($_on_after_insert)) { for ($i = 0; isset($_on_after_insert[$i]); ++$i) { call_user_func($_on_after_insert[$i]);
function validate_operation($operation) { global $USER_DETAILS; switch ($operation['operationtype']) { case OPERATION_TYPE_MESSAGE: switch ($operation['object']) { case OPERATION_OBJECT_USER: if (!get_user_by_userid($operation['objectid'])) { error(S_INCORRECT_USER); return false; } break; case OPERATION_OBJECT_GROUP: if (!get_group_by_usrgrpid($operation['objectid'])) { error(S_INCORRECT_GROUP); return false; } break; default: error(S_INCORRECT_OBJECT_TYPE); return false; } break; case OPERATION_TYPE_COMMAND: return validate_commands($operation['longdata']); case OPERATION_TYPE_HOST_ADD: case OPERATION_TYPE_HOST_REMOVE: break; case OPERATION_TYPE_GROUP_ADD: case OPERATION_TYPE_GROUP_REMOVE: if (!uint_in_array($operation['objectid'], get_accessible_groups_by_user($USER_DETAILS, PERM_READ_WRITE, PERM_RES_IDS_ARRAY))) { error(S_INCORRECT_GROUP); return false; } break; case OPERATION_TYPE_TEMPLATE_ADD: case OPERATION_TYPE_TEMPLATE_REMOVE: if (!uint_in_array($operation['objectid'], get_accessible_hosts_by_user($USER_DETAILS, PERM_READ_WRITE, PERM_RES_IDS_ARRAY))) { error(S_INCORRECT_HOST); return false; } break; default: error(S_INCORRECT_OPERATION_TYPE); return false; } return true; }
require _BASEPATH_ . '/includes/tables/user_inbox.inc.php'; require _BASEPATH_ . '/skins_site/' . get_my_skin() . '/lang/mailbox.inc.php'; $tpl = new phemplate(_BASEPATH_ . '/skins_site/' . get_my_skin() . '/', 'remove_nonjs'); $output = $user_inbox_default['defaults']; if (isset($_SESSION['topass']['input'])) { $output = $_SESSION['topass']['input']; $output['_user_other'] = get_user_by_userid($output['fk_user_id']); unset($_SESSION['topass']['input']); $temp = 'message_write'; if (isset($_SESSION[_LICENSE_KEY_]['user'][$output['refnum']])) { $temp = $_SESSION[_LICENSE_KEY_]['user'][$output['refnum']]; } check_login_member($temp); } elseif (!empty($_GET['to_id'])) { $output['fk_user_id'] = (int) $_GET['to_id']; $output['_user_other'] = get_user_by_userid($output['fk_user_id']); check_login_member('message_write'); } elseif (!empty($_GET['mail_id'])) { $output['refnum'] = mt_rand(10000, 99999); $_SESSION[_LICENSE_KEY_]['user'][$output['refnum']] = 'message_reply'; check_login_member('message_reply'); $mail_id = (int) $_GET['mail_id']; $query = "SELECT `mail_id`,`fk_user_id_other` as `fk_user_id`,`subject`,`message_body`,`_user_other`,`message_type` FROM `{$dbtable_prefix}user_inbox` WHERE `mail_id`={$mail_id} AND `fk_user_id`='" . $_SESSION[_LICENSE_KEY_]['user']['user_id'] . "'"; if (!($res = @mysql_query($query))) { trigger_error(mysql_error(), E_USER_ERROR); } if (mysql_num_rows($res)) { $output = array_merge($output, mysql_fetch_assoc($res)); $output['subject'] = substr($output['subject'], 0, 3) == 'Re:' ? $output['subject'] : 'Re: ' . $output['subject']; if ($output['message_type'] == MESS_MESS) { $output['message_body'] = "\n\n[quote]" . $output['message_body'] . '[/quote]';
$user = get_user_by_userid($_REQUEST['userid']); $group = get_group_by_usrgrpid($_REQUEST['usrgrpid']); DBstart(); $result = add_user_to_group($_REQUEST['userid'], $_REQUEST['usrgrpid']); $result = DBend($result); show_messages($result, S_USER_UPDATED, S_CANNOT_UPDATE_USER); if ($result) { add_audit(AUDIT_ACTION_ADD, AUDIT_RESOURCE_USER_GROUP, 'User alias [' . $user['alias'] . '] name [' . $user['name'] . '] surname [' . $user['surname'] . ']'); unset($_REQUEST['usrgrpid']); unset($_REQUEST['userid']); } unset($_REQUEST['grpaction']); unset($_REQUEST['form']); } else { if (isset($_REQUEST['grpaction']) && isset($_REQUEST['usrgrpid']) && isset($_REQUEST['userid']) && $_REQUEST['grpaction'] == 0) { $user = get_user_by_userid($_REQUEST['userid']); $group = get_group_by_usrgrpid($_REQUEST['usrgrpid']); DBstart(); $result = remove_user_from_group($_REQUEST['userid'], $_REQUEST['usrgrpid']); $result = DBend($result); show_messages($result, S_USER_UPDATED, S_CANNOT_UPDATE_USER); if ($result) { add_audit(AUDIT_ACTION_DELETE, AUDIT_RESOURCE_USER_GROUP, 'User alias [' . $user['alias'] . '] name [' . $user['name'] . '] surname [' . $user['surname'] . ']'); unset($_REQUEST['usrgrpid']); unset($_REQUEST['userid']); } unset($_REQUEST['grpaction']); unset($_REQUEST['form']); } } }
// if I am a friend with this gorgeous girl show me the hidden stuff also :) if (empty($_SESSION[_LICENSE_KEY_]['user']['user_id']) || !is_network_member($input['uid'], $_SESSION[_LICENSE_KEY_]['user']['user_id'], NET_FRIENDS)) { $where .= " AND a.`is_private`=0"; } } else { $error = true; } $tplvars['page_title'] = sprintf($GLOBALS['_lang'][143], get_user_by_userid($input['uid'])); break; case 'priv': $input['acclevel_code'] = 'auth'; $input['uid'] = sanitize_and_format_gpc($_GET, 'uid', TYPE_INT, 0, 0); if (!empty($_SESSION[_LICENSE_KEY_]['user']['user_id']) && $input['uid'] == $_SESSION[_LICENSE_KEY_]['user']['user_id']) { redirect2page('my_photos.php'); } $user_name = get_user_by_userid($input['uid']); if (!empty($input['uid'])) { require_once _BASEPATH_ . '/includes/network_functions.inc.php'; // if I am a friend with this gorgeous girl show me the hidden stuff :) if (!empty($_SESSION[_LICENSE_KEY_]['user']['user_id']) && is_network_member($input['uid'], $_SESSION[_LICENSE_KEY_]['user']['user_id'], NET_FRIENDS)) { $where .= " AND a.`fk_user_id`=" . $input['uid'] . " AND `is_private`=1"; } else { $output['no_results'] = sprintf($GLOBALS['_lang'][277], _BASEURL_ . '/profile.php?uid=' . $input['uid'], $user_name); $error = true; } } else { $error = true; } $tplvars['page_title'] = sprintf($GLOBALS['_lang'][279], $user_name); break; case 'field':