function lista($user) { global $dateformat; $user = protect($user); requirelogin(); $title = "Mensagens de {$user}"; include "libs/accounts.php"; // listar todas as mensagens de $user onde hidden = 'n' (para outro user ver) $output = menu($user) . url("message/send/{$user}", "[enviar mensagem]") . "<br>\n"; $usr = resolveuser($user); $qry = mysql_query("SELECT `from`,`content`,`data` FROM messages WHERE `to`='{$usr}' AND `hidden`='n' ORDER BY id DESC LIMIT 30"); if (mysql_numrows($qry) == 0) { $output .= 'Nenhuma mensagem!'; } else { while ($row = mysql_fetch_array($qry)) { $user = mysql_query("SELECT login,foto FROM accounts WHERE id='{$row['from']}'"); $user = mysql_fetch_array($user); $output .= '<p class="row">' . t("De") . ': ' . url("user/profile/{$user['login']}", $user['login']) . '<br/>'; $output .= '<blockquote> ' . bbcode($row['content']) . ' </blockquote> <hr size="1"><i>' . date($dateformat, $row['data']) . '</i> </p>'; } } section($output, $title); }
public function __construct() { parent::__construct(); requirelogin(); updateLastActive(); $this->load->model('mdb'); }
public function task($pid = 0) { requirelogin(); updateLastActive(); $keyword = $this->input->get('q'); $tid = (int) $this->input->get('folder'); $page = (int) $this->input->get('page'); $page = $page > 1 ? $page : 1; $pageOrig = $page > 1 ? $page - 1 : 0; $itemsPerPage = 10; $sqStart = $pageOrig * $itemsPerPage; if ($tid > 0) { $query = $this->fdb->get_task_files($pid, $tid, 0, $keyword, $sqStart, $itemsPerPage); $items = $this->processItems($query); $qAllItems = $this->fdb->get_task_files($pid, $tid, 0, $keyword, 0, 0); $allItems = (int) $qAllItems->num_rows(); $total_page = $allItems > 0 ? ceil($allItems / $itemsPerPage) : 1; generate_json(array('status' => 1, 'items' => $items, 'total_page' => number_format($total_page), 'current_page' => $page, 'previous_page' => $page > 1 ? $page - 1 : '', 'next_page' => $page < $total_page ? $page + 1 : '', 'total_items' => number_format($allItems))); } else { $query = $this->fdb->get_tasks($pid, $keyword, $sqStart, $itemsPerPage); $items = array(); foreach ($query->result() as $row) { $items[] = array('id' => $row->id, 'attachment_type' => 'folder', 'uploader_id' => 0, 'uploader_name' => '', 'filename' => $row->title, 'filesize' => '', 'uploaded' => '', 'icon' => 'folder'); } $qAllItems = $this->fdb->get_tasks($pid, $keyword, 0, 0); $allItems = (int) $qAllItems->num_rows(); $total_page = $allItems > 0 ? ceil($allItems / $itemsPerPage) : 1; generate_json(array('status' => 1, 'items' => $items, 'total_page' => number_format($total_page), 'current_page' => $page, 'previous_page' => $page > 1 ? $page - 1 : '', 'next_page' => $page < $total_page ? $page + 1 : '', 'total_items' => number_format($allItems))); } }
public function __construct() { parent::__construct(); requirelogin('400'); $this->load->helper('project'); $this->load->model('mdb'); }
public function do_update() { requirelogin(); updateLastActive(); $myID = getUserID(); $pid = (int) jsonInput('id'); $myRole = (int) get_project_roles($pid, $myID); $query = $this->mdb->project_get($pid); if ($query->num_rows()) { $row = $query->row(); if ($myRole > 0 || $myID == $row->creator_id) { $title = trim(jsonInput('title')); $description = jsonInput('description'); $status = (int) jsonInput('status'); $privacy = (int) jsonInput('privacy'); $task_approval = jsonInput('task_approval') ? 1 : 0; $project_approval = jsonInput('project_approval') ? 1 : 0; if (empty($title)) { generate_json(array('status' => 0, 'message' => 'Project title is required.')); } elseif ($status < 0 || $status > 1) { generate_json(array('status' => 0, 'message' => 'Invalid status.')); } elseif ($privacy < 0 || $privacy > 2) { generate_json(array('status' => 0, 'message' => 'Invalid privacy settings.')); } else { $sql = $this->mdb->project_update($pid, array('project_name' => $title, 'description' => $description, 'completed' => $status, 'privacy' => $privacy)); $this->mdb->projSettings_update(array('project_id' => $pid), array('task_approval' => $task_approval, 'project_approval' => $project_approval)); generate_json(array('status' => 1)); } } else { generate_json(array('status' => 0, 'message' => 'You are not allowed here.')); } } else { generate_json(array('status' => 0, 'message' => 'Project not found.')); } }
public function __construct() { parent::__construct(); requirelogin(); $this->load->config('config'); $this->load->model('mdb'); }
function remove($id) { requirelogin(); $id = protect($id); $owner = $_SESSION['id']; mysql_query("DELETE FROM videos WHERE `id`='{$id}' AND `owner`='{$owner}'"); infobox("Vídeo excluído com sucesso!"); }
function escrevepost() { requirelogin(); $owner = $_SESSION['id']; $text = protect($_POST['message']); $time = time(); mysql_query("INSERT INTO shoutbox (`owner`, `text`, `time`) VALUES ('{$owner}', '{$text}', '{$time}')"); redir("shoutbox"); }
function falar() { requirelogin(); $room = protect($_POST['sala']); $text = protect($_POST['text']); $owner = $_SESSION['id']; mysql_query("INSERT INTO chat (`owner`, `room`, `text`) VALUES ('{$owner}', '{$room}', '{$text}');"); redir("chat/sala/{$room}"); }
public function __construct() { parent::__construct(); $this->load->model('mdb'); requirelogin(); $this->load->config('config'); $this->load->helper('google'); updateLastActive(); }
function commentpost() { requirelogin(); $_POST = array_map('protect', $_POST); $id_recebe = is_numeric($_POST['stream']) ? $_POST['stream'] : die; $owner = $_SESSION['id']; $text = $_POST['text']; mysql_query("INSERT INTO comments VALUES ('', '{$id_recebe}', '{$owner}', '{$text}');"); redir("dashboard#note_{$id_recebe}"); }
public function data($pid = 0) { requirelogin(); updateLastActive(); $page = (int) $this->input->get('page'); $page = $page > 1 ? $page : 1; $pageOrig = $page > 1 ? $page - 1 : 0; $itemsPerPage = 10; $sqStart = $pageOrig * $itemsPerPage; $sql = $this->ldb->get_data($pid, $sqStart, $itemsPerPage); $items = array(); foreach ($sql->result() as $row) { $timestamp = convert_datetime($row->date_added); $items[] = array('activity' => projectlogs_read($row->type, $row->tag_data), 'actor_id' => $row->actor_id, 'actor_name' => $row->display_name, 'timestamp' => relativedate(strtotime($timestamp)), 'redirect' => $row->redirect); } $qAllItems = $this->ldb->get_data($pid, 0, 0); $allItems = (int) $qAllItems->num_rows(); $total_page = $allItems > 0 ? ceil($allItems / $itemsPerPage) : 1; generate_json(array('status' => 1, 'items' => $items, 'total_page' => number_format($total_page), 'current_page' => $page, 'previous_page' => $page > 1 ? $page - 1 : '', 'next_page' => $page < $total_page ? $page + 1 : '', 'total_items' => number_format($allItems))); }
function post() { global $url; requirelogin(); $me = $_SESSION['id']; $query = substr(protect($_POST['query']), 0, 16); if (strlen($query) < 3) { # isso não é um coração... infobox(t("Termos de busca muito pequenos.", true, true)); } if ($_POST['usuarios']) { $qry = mysql_query("SELECT `foto`,`login` FROM accounts WHERE `login` LIKE '%{$query}%' OR `nome` LIKE '%{$query}%'"); if (mysql_numrows($qry) == 0) { $usuarios = t("Nenhum resultado!"); } else { $usuarios = null; while ($row = mysql_fetch_array($qry)) { $usuarios .= "\n" . '<p><div class="row"> <img src="' . $url . '/upload/' . thumb($row['foto']) . '"><br> ' . url("user/profile/{$row['login']}", $row['login']) . ' </div></p>'; } } section($usuarios, t("Buscando usuários.")); } if ($_POST['grupos']) { $qry = mysql_query("SELECT `title`,`url` FROM groups WHERE `title` LIKE '%{$query}%' OR `desc` LIKE '%{$query}%'"); if (mysql_numrows($qry) == 0) { $grupos = t("Nenhum resultado!"); } else { $grupos = null; while ($row = mysql_fetch_array($qry)) { $grupos .= "\n" . '<p><div class="row"> ' . url("groups/view/{$row['url']}", $row['title']) . ' </div></p>'; } } section($grupos, t("Buscando grupos.")); } }
public function image($id = 0, $type = 'thumb') { $checkLogin = requirelogin('return'); $this->load->library('image'); $noPreview = 'static/img/no-preview.png'; if (isset($checkLogin['status']) && $checkLogin['status'] == 0) { $this->image->view($noPreview); } else { $myID = getUserID(); $query = $this->mdb->get_attachment($id); if ($query->num_rows()) { $row = $query->row(); $defaultPath = 'uploads/files/' . $row->uploader . '/'; if (validate_access('valid_member', array('project_id' => $row->project_id, 'user_id' => $myID)) || $myID == $row->uploader) { switch ($type) { case 'full': if (is_file($defaultPath . $row->filepath)) { $this->image->view($defaultPath . $row->filepath); } else { $this->image->view($noPreview); } break; default: $thumbPath = $defaultPath . 'thumbs/'; if (is_file($thumbPath . $row->filepath)) { $this->image->view($thumbPath . $row->filepath); } else { $this->image->view($noPreview); } } } else { $this->image->view($noPreview); } } else { $this->image->view($noPreview); } } }
public function lists($page = 1) { requirelogin(); updateLastActive(); $myID = getUserID(); $page = (int) $page; $page = $page > 1 ? $page : 1; $pageOrig = $page > 1 ? $page - 1 : 0; $itemsPerPage = 6; $sqStart = $pageOrig * $itemsPerPage; $query = $this->mdb->projects_get($myID, $sqStart, $itemsPerPage); $items = array(); foreach ($query->result() as $row) { $allTasks = (int) $row->active_tasks + (int) $row->completed_tasks; $tActive_percent = (int) $row->active_tasks > 0 ? $row->active_tasks / $allTasks * 100 : 0; $tCompleted_percent = (int) $row->completed_tasks > 0 ? $row->completed_tasks / $allTasks * 100 : 0; $tPending_percent = (int) $row->pending_tasks > 0 ? $row->pending_tasks / ($allTasks + $row->pending_tasks) * 100 : 0; $items[] = array('id' => $row->id, 'name' => $row->project_name, 'active_tasks' => array('count' => $row->active_tasks, 'percentage' => $tActive_percent), 'completed_tasks' => array('count' => $row->completed_tasks, 'percentage' => $tCompleted_percent), 'pending_tasks' => array('count' => $row->pending_tasks, 'percentage' => $tPending_percent), 'creator' => $row->display_name, 'description' => empty($row->description) ? '[No description]' : $row->description, 'last_update' => relativedate(strtotime($row->last_update), false), 'created_month' => date("M", strtotime($row->date_created)), 'created_year' => date("Y", strtotime($row->date_created)), 'avatar' => 'pictures/avatar/' . $row->creator_id . '/thumb'); } $qAllItems = $this->mdb->projects_get($myID, 0, 0); $allItems = (int) $qAllItems->num_rows(); $total_page = $allItems > 0 ? ceil($allItems / $itemsPerPage) : 1; generate_json(array('status' => 1, 'items' => $items, 'total_page' => number_format($total_page), 'current_page' => $page, 'previous_page' => $page > 1 ? $page - 1 : '', 'next_page' => $page < $total_page ? $page + 1 : '', 'total_items' => number_format($allItems))); }
public function get_data($id = 0) { requirelogin(); updateLastActive(); $id = (int) $id; $cp = (int) $this->input->get('p'); $type = strtolower($this->input->get('type')); $itemsPerPage = 5; $myID = getUserID(); if (!validate_access('valid_member', array('project_id' => $id, 'user_id' => $myID))) { generate_json(array('status' => 0, 'message' => 'You dont have enough permission to do this.')); } else { $priorities = $this->config->item('priorities'); $priorityColors = array('bg-light', 'bg-warning dker', 'bg-danger'); $page = $cp > 1 ? $cp : 1; $pageOrig = $page > 1 ? $page - 1 : 0; $sqStart = $pageOrig * $itemsPerPage; $qPendingItems = $this->mdb->tasks_get_pending($id, 0, 0); switch ($type) { case 'upcoming': $query = $this->mdb->tasks_get_upcoming($id, $sqStart, $itemsPerPage); $qAllItems = $this->mdb->tasks_get_upcoming($id, 0, 0); break; case 'completed': $query = $this->mdb->tasks_get_completed($id, $sqStart, $itemsPerPage); $qAllItems = $this->mdb->tasks_get_completed($id, 0, 0); break; case 'pending': $query = $this->mdb->tasks_get_pending($id, $sqStart, $itemsPerPage); $qAllItems = $qPendingItems; break; default: $query = $this->mdb->tasks_get_current($id, $sqStart, $itemsPerPage); $qAllItems = $this->mdb->tasks_get_current($id, 0, 0); } $items = array(); foreach ($query->result() as $row) { $qMembers = $this->mdb->task_members_get($row->id, 3); $members = array(); foreach ($qMembers->result() as $member) { $members[] = array('id' => $member->user_id, 'display_name' => $member->display_name); } $items[] = array('id' => $row->id, 'title' => $row->title, 'description' => empty($row->description) ? "<no description>" : $row->description, 'priority_id' => $row->priority, 'priority' => isset($priorities[$row->priority]) ? $priorities[$row->priority] : '', 'priority_class' => isset($priorityColors[$row->priority]) ? $priorityColors[$row->priority] : $priorityColors[0], 'creator_id' => $row->creator_id, 'creator_name' => $row->creator_name, 'date_created' => date("m/d/Y", strtotime($row->date_created)), 'date_start' => $row->date_start ? date("m/d/Y", strtotime($row->date_start)) : 'TBA', 'date_end' => $row->date_end ? date("m/d/Y", strtotime($row->date_end)) : 'TBA', 'date_completed' => $row->date_completed ? date("m/d/Y", strtotime($row->date_completed)) : 'n/a', 'remarks' => empty($row->remarks) ? "No remarks." : $row->remarks, 'random_members' => $members); } $allItems = $qAllItems->num_rows(); $pendingTasks = $qPendingItems->num_rows(); $total_page = $allItems > 0 ? ceil($allItems / $itemsPerPage) : 1; generate_json(array('status' => 1, 'items' => $items, 'total_page' => number_format($total_page), 'current_page' => $page, 'previous_page' => $page > 1 ? $page - 1 : '', 'next_page' => $page < $total_page ? $page + 1 : '', 'total_items' => number_format($allItems), 'pending' => $pendingTasks > 0 ? $pendingTasks : '', 'type' => ucfirst($type))); } }
<?php /* * Question Bank */ /*------------------------------------------------------------------------------ (c) 2010 JISC-funded EASiHE project, University of Southampton Licensed under the Creative Commons 'Attribution non-commercial share alike' licence -- see the LICENCE file for more details ------------------------------------------------------------------------------*/ requirelogin(); if (!isset($_REQUEST["qtiid"])) { redirect("eqiat/"); } $ai = QTIAssessmentItem::fromQTIID($_REQUEST["qtiid"]); if (!$ai) { badrequest("No QTI found in session data for specified QTI ID"); } if (!$ai->getQTI() || count($ai->getErrors())) { badrequest("Specified QTI item is unfinished or has errors"); } if (($exists = itemexists($ai->getQTIID())) && itemowner($ai->getQTIID()) != username()) { badrequest("The item you are trying to deposit was already uploaded by a different user. You should clone it so it gets a new identifier and then try again."); } deposititem($ai); // remove from session memory to remove from Eqiat view $ai->sessionRemove(); $title = "Item " . ($exists ? "updated" : "deposited"); include "htmlheader.php"; ?> <h2><?php
function resppost() { // post a response requirelogin(); $topic = protect($_POST['topic']); $owner = $_SESSION['id']; $text = protect($_POST['text']); mysql_query("INSERT INTO forum_respostas (`topic`, `owner`, `text`) VALUES ('{$topic}', '{$owner}', '{$text}');"); redir("forum/view/{$topic}"); }
function createpost() { requirelogin(); $_POST = array_map('protect', $_POST); $owner = $_SESSION['id']; $title = $_POST['title']; $url = cleanstring($title); $desc = $_POST['desc']; $qry = mysql_query("SELECT `id` FROM groups WHERE `url`='{$url}'"); if (mysql_numrows($qry) == 1) { infobox(t("Um grupo com este nome já existe."), true, true); } mysql_query("INSERT INTO groups (`owner`, `title`, `url`, `desc`) VALUES ('{$owner}', '{$title}', '{$url}', '{$desc}');"); $group_id = resolvegroup($url); mysql_query("INSERT INTO groups_join (`account`, `group`) VALUES ('{$owner}', '{$group_id}');"); note(t("criou um grupo."), $_SESSION['id']); redir("groups/view/{$url}"); }
public function download() { requirelogin(true); $this->load->helper('dompdf'); $data = $this->session->userdata('project_report'); $type = isset($data['type']) ? $data['type'] : ''; $pID = isset($data['project_id']) ? $data['project_id'] : 0; if ($pID > 0) { $qProjectDetails = $this->rdb->project($pID); if ($qProjectDetails->num_rows()) { $row = $qProjectDetails->row(); $dateCreated = convert_datetime($row->date_created); switch ($type) { case 'project': //Leaders $qPL = $this->rdb->get_proj_leaders($pID); $qCL = $this->rdb->get_proj_coleaders($pID); $vData = array('project_id' => $row->id, 'project_title' => htmlentities($row->project_name), 'project_description' => empty($row->description) ? 'None' : htmlentities($row->description), 'project_creator' => empty($row->display_name) ? 'User not available' : $row->display_name, 'date_created' => date("M d, Y", strtotime($dateCreated)), 'project_status' => 'asasdasd' == 1 ? 'Archived' : 'On Going', 'project_leaders' => $qPL->result(), 'project_coleaders' => $qCL->result(), 'members_count' => number_format($row->count_members), 'files_count' => number_format($row->count_files), 'completed_tasks' => number_format($row->count_tasks_completed), 'all_tasks' => number_format($row->count_tasks), 'feeds_count' => number_format($row->count_feeds), 'storage_used' => format_filesize($row->disk_usage)); $content = $this->load->view('reports/header', null, true); $content .= $this->load->view('reports/project', $vData, true); $content .= $this->load->view('reports/footer', null, true); $pdfName = $this->siteinfo->config('site_name') . '-' . strtotime('now') . '.pdf'; pdf_create($content, $pdfName); break; case 'member': $dateFrom = strtotime($data['date_from']) ? $data['date_from'] : '0000-00-00 00:00:00'; $dateFrom = date("Y-m-d 00:00:00", strtotime($dateFrom)); $dateTo = strtotime($data['date_to']) ? $data['date_to'] : date("Y-m-d 23:59:59"); $dateTo = date("Y-m-d 23:59:59", strtotime($dateTo)); $query = $this->rdb->get_proj_members($row->id, $dateFrom, $dateTo); $vData = array('project_id' => $row->id, 'members_query' => $query, 'project_title' => htmlentities($row->project_name), 'date_from' => empty($data['date_from']) ? 'old' : $data['date_from'], 'date_to' => empty($data['date_to']) ? 'latest' : $data['date_to']); $content = $this->load->view('reports/header', null, true); $content .= $this->load->view('reports/members', $vData, true); $content .= $this->load->view('reports/footer', null, true); $pdfName = $this->siteinfo->config('site_name') . '-' . strtotime('now') . '.pdf'; pdf_create($content, $pdfName); break; case 'task': $dateFrom = strtotime($data['date_from']) ? $data['date_from'] : '0000-00-00 00:00:00'; $dateFrom = date("Y-m-d 00:00:00", strtotime($dateFrom)); $dateTo = strtotime($data['date_to']) ? $data['date_to'] : date("Y-m-d 23:59:59"); $dateTo = date("Y-m-d 23:59:59", strtotime($dateTo)); switch ($data['status']) { case "active": $query = $this->rdb->get_tasks($row->id, 0, 1, $dateFrom, $dateTo); break; case "completed": $query = $this->rdb->get_tasks($row->id, 1, 1, $dateFrom, $dateTo); break; case "pending": $query = $this->rdb->get_tasks($row->id, "", 0, $dateFrom, $dateTo); break; case "active_complete": $query = $this->rdb->get_tasks($row->id, "", 1, $dateFrom, $dateTo); break; default: $query = $this->rdb->get_tasks($row->id, "", "", $dateFrom, $dateTo); break; } $vData = array('project_id' => $row->id, 'project_title' => htmlentities($row->project_name), 'query' => $query, 'date_from' => empty($data['date_from']) ? 'old' : $data['date_from'], 'date_to' => empty($data['date_to']) ? 'latest' : $data['date_to']); $content = $this->load->view('reports/header', null, true); $content .= $this->load->view('reports/tasks', $vData, true); $content .= $this->load->view('reports/footer', null, true); $pdfName = $this->siteinfo->config('site_name') . '-' . strtotime('now') . '.pdf'; pdf_create($content, $pdfName); break; case 'personel': $query = $this->rdb->member_info($row->id, $data['member']); if ($query->num_rows()) { $member = $query->row(); $ownedtasks_query = $this->rdb->get_owned_tasks($row->id, $member->id); $task_query = $this->rdb->get_usertasks2($row->id, $member->id); $vData = array('project_id' => $row->id, 'project_title' => htmlentities($row->project_name), 'member_name' => $member->display_name, 'active_tasks' => number_format($member->active_tasks), 'completed_tasks' => number_format($member->completed_tasks), 'owned_tasks' => number_format($member->owned_tasks), 'posts' => number_format($member->posts), 'files' => number_format($member->files), 'storage_used' => format_filesize($member->files_size), 'ownedtasks_query' => $ownedtasks_query, 'task_query' => $task_query); $content = $this->load->view('reports/header', null, true); $content .= $this->load->view('reports/personel', $vData, true); $content .= $this->load->view('reports/footer', null, true); $pdfName = $this->siteinfo->config('site_name') . '-' . strtotime('now') . '.pdf'; pdf_create($content, $pdfName); } else { echo 'Cannot find member.'; } break; default: echo 'Error! No report type selected.'; } } else { echo 'Project not found.'; } } else { echo 'No project selected.'; } }
function newmodulepost() { requirelogin(); $_POST = array_map('protect', $_POST); $nome = $_POST['nome']; $descricao = nl2br($_POST['descricao']); $imagem = imageupload($_FILES['imagem']); $imagem = $imagem['full']; $link = $_POST['link']; if (!preg_match("/^(htt|ft)(p|ps):\\/\\/(.*)\\.(zip|tar\\.gz)\$/", $link) and !preg_match("/(rapidshare|masteruploading|easy-share|sourceforge|uploading|megaupload|share|upload)/", $link)) { infobox("Erro: O link de download apresentou erros.<br/>\n Ele deve ter as extensões \".zip\" ou \".tar.gz\" e estar nos seguintes protocolos:\n <br/>HTTP ou FTP, com ou sem SSL.<br/>\n <a href=\"#\" onClick=\"javascript:history.back();\">Voltar</a>", true, true); } $user = mysql_fetch_array(mysql_query("SELECT login FROM accounts WHERE `id`='{$_SESSION['id']}'")); $user = $user['login']; mysql_query("INSERT INTO comunidade VALUES ('', 'm', '{$nome}', '{$descricao}', '{$imagem}', '{$link}', '{$user}')"); redir("comu/modules"); }
public function projList() { requirelogin(); updateLastActive(); $myID = getUserID(); $query = $this->mdb->projects_get($myID, 0, 0); $items = array(); foreach ($query->result() as $row) { $items[] = array('id' => $row->id, 'name' => $row->project_name); } generate_json(array('status' => 1, 'items' => $items)); }
public function add_member() { requirelogin(); updateLastActive(); $id = (int) jsonInput('id'); $members = jsonInput('members'); $myID = getUserID(); $query = $this->mdb->task_get($id); if ($query->num_rows()) { $row = $query->row(); $isModerator = validate_access('is_moderator', array('project_id' => $row->project_id, 'user_id' => $myID)); $qMember = $this->mdb->taskMembers_get(array('task_id' => $row->id, 'user_id' => $myID, 'is_accepted' => 1)); if ($isModerator || $qMember->num_rows() || $myID == $row->creator_id) { if (is_array($members) && count($members)) { foreach ($members as $member) { $qChkUser = $this->model->getUserInfo(array('email_address' => $member)); if ($qChkUser->num_rows()) { $memberRow = $qChkUser->row(); $qChkIfMember = $this->mdb->taskMembers_get(array('task_id' => $row->id, 'user_id' => $memberRow->id)); if ($qChkIfMember->num_rows()) { generate_json(array('status' => 0, 'message' => $member . ' is already assigned to this task.')); exit; } else { if (!validate_access('valid_member', array('project_id' => $row->project_id, 'user_id' => $memberRow->id))) { generate_json(array('status' => 0, 'message' => $member . ' is not a member of this project.')); exit; } } } else { generate_json(array('status' => 0, 'message' => $member . ' does not exists.')); exit; } } foreach ($members as $member) { $qChkUser = $this->model->getUserInfo(array('email_address' => $member)); if ($qChkUser->num_rows()) { $memberRow = $qChkUser->row(); $this->mdb->taskMembers_add(array('task_id' => $row->id, 'user_id' => $memberRow->id, 'assigned_by' => $myID, 'is_accepted' => $memberRow->id == $myID ? 1 : 0, 'date_joined' => today())); //notification notify('task_invite', $memberRow->id, array('project_id' => $row->project_id, 'task_id' => $row->id)); $qProj = $this->db->get_where('projects', array('id' => $row->project_id)); if ($qProj->num_rows()) { $qProjRow = $qProj->row(); $myName = $this->session->userdata('display_name'); $redirectLink = base_url('#/app/projects/' . $row->project_id . '/task/' . $row->id); do_sendmail($memberRow->id, $qProjRow->project_name, "{$myName} assigned a task for you in <a href='{$redirectLink}'>" . $qProjRow->project_name . "</a>"); } } } generate_json(array('status' => 1, 'message' => 'Member(s) was invited to this task.')); } else { generate_json(array('status' => 0, 'message' => 'No people(s) to add.')); } } else { generate_json(array('status' => 0, 'message' => 'You are not allowed to do this.')); } } else { generate_json(array('status' => 0, 'message' => 'Task does not exists.')); } }
public function update($id = 0) { requirelogin(); updateLastActive(); $myID = getUserID(); $query = $this->mdb->feed_details($id); $content = trim(jsonInput('post')); if ($query->num_rows()) { $row = $query->row(); if ($row->poster_id == $myID) { if (!empty($content)) { $this->mdb->feed_update(array('id' => $row->id), array('post_message' => $content)); generate_json(array('status' => 1)); } else { generate_json(array('status' => 0, 'message' => 'Please type a post.')); } } else { generate_json(array('status' => 0, 'message' => 'You cannot edit this post! maybe its not yours')); } } else { generate_json(array('status' => 0, 'message' => 'Post not found.')); } }
function remove($id) { requirelogin(); $id = protect($id); $owner = $_SESSION['id']; $qry = mysql_query("SELECT `foto` FROM photos WHERE `id`='{$id}' AND `owner`='{$owner}'"); if (mysql_numrows($qry) == 1) { $qry = mysql_fetch_array($qry); unlink("upload/" . $qry['foto']); mysql_query("DELETE FROM photos WHERE `id`='{$id}'"); } infobox(t("Foto excluída com sucesso.")); }
function alterarcontapost() { global $site_id; requirelogin(); // begin bug fix $pegalogin = mysql_query("SELECT login FROM accounts WHERE id='{$_SESSION['id']}'"); $pegalogin = mysql_fetch_array($pegalogin); $pegalogin = $pegalogin['login']; // pause bug fix $_POST = array_map('protect', $_POST); $err = array(); $email = $_POST['email']; $id = $_SESSION['id']; mysql_query("UPDATE accounts SET `email`='{$email}' WHERE `id`='{$id}'"); if ($_POST['mudarsenha']) { $novasenha = md5($_POST['novasenha'] . $site_id); $novasenha2 = md5($_POST['novasenha2'] . $site_id); if ($novasenha != $novasenha2) { $err[] = "A confirmação da nova senha está incorreta."; } else { $senhaatual = md5($_POST['senhaatual'] . $site_id); $qry = mysql_fetch_array(mysql_query("SELECT count(*) AS num FROM accounts WHERE senha='{$senhaatual}' AND id='{$id}'")); if ($qry['num'] != 1) { $err[] = "A senha atual está incorreta."; } else { mysql_query("UPDATE accounts SET senha='{$novasenha}' WHERE id='{$id}'"); } } } $email = $_POST['email']; if (!filter_var($email, FILTER_VALIDATE_EMAIL)) { $err[] = "E-mail inválido!"; } else { mysql_query("UPDATE accounts SET `email`='{$login}' WHERE `id`='{$id}'"); email($email, "Configurações atualizadas", "Você atualizou com sucesso algumas informações de sua conta do {$site['site_name']}."); } if (sizeof($err) != 0) { $erros = null; $i = 0; $j = count($err); while ($i <= $j) { $erros .= "\n<br>" . t($err[$i]); $i++; } } if (!is_null($erros)) { infobox($erros . '<br><a href="javascript:history.back();">' . t('Voltar') . '</a>'); } else { infobox(t("Configurações atualizadas com sucesso.")); } // continue bug fix mysql_query("UPDATE accounts SET login='******' WHERE id='{$_SESSION['id']}'"); // end bug fix }
function editapost() { requirelogin(); $_POST = array_map('protect', $_POST); $title = is_null($_POST['title']) ? t("Sem título") : $_POST['title']; $content = $_POST['text']; $post = $_POST['post']; $post = protect($post); $qry = mysql_query("SELECT * FROM blog WHERE `id`='{$post}' AND `owner`='{$_SESSION['id']}'"); if (mysql_numrows($qry) == 0) { redir("error"); } mysql_query("UPDATE blog SET `title`='{$title}', `text`='{$content}' WHERE `id`='{$post}'"); if ($_POST['modifydate']) { $now = time(); mysql_query("UPDATE blog SET `date`='{$now}' WHERE `id`='{$post}'"); } infobox(t("Atualizado com sucesso.")); }