function salvar($id,$nome, $email,$senha) { $db = new Database(); // inserir if($id == 0) { $senha = md5($senha); $sql = 'insert into usuario ( nome, email, senha) values ("'.$nome.'","'.$email.'","'.$senha .'")'; return $db->query_insert($sql); } else { // atualizar if($email != '') $and = ' ,senha = md5(\''.$senha.'\') '; else $and = ''; $sql = ' update usuario set nome = "'.$nome.'", email = "'.$email.'" '. $and . ' where id = ' .$id; return $db->query_update($sql); } }
public function add($obj) { $db = new Database(); $db->connect(); $obj = $db->query_insert($this->table_name, $obj); $db->close(); return new response(array('body' => $obj)); }
public function save($token = false, $data = false, $server = false) { $database = new Database(); $date = date('Y-m-d h:m:s'); $expired_date = date('Y-m-d h:m:s ', strtotime($date . ' + 1 days')); $session_saved = $database->query_insert('sessions', array('token' => $token, 'data' => json_encode($data), 'server_data' => json_encode($server), 'expired_date' => $expired_date, 'created' => $date)); return $session_saved; }
function UpdateSettings($setting, $val, $type = '') { global $server, $user, $pass, $database, $pre; if (empty($type)) { $type = 'admin'; } //Connect to database require_once "sources/class.database.php"; $db = new Database($server, $user, $pass, $database, $pre); $db->connect(); //Check if setting is already in DB. If NO then insert, if YES then update. $data = $db->fetch_row("SELECT COUNT(*) FROM " . $pre . "misc WHERE type='" . $type . "' AND intitule = '" . $setting . "'"); if ($data[0] == 0) { $db->query_insert("misc", array('valeur' => $val, 'type' => $type, 'intitule' => $setting)); //in case of stats enabled, add the actual time if ($setting == 'send_stats') { $db->query_insert("misc", array('valeur' => time(), 'type' => $type, 'intitule' => $setting . '_time')); } } else { $db->query_update("misc", array('valeur' => $val), "type='" . $type . "' AND intitule = '" . $setting . "'"); //in case of stats enabled, update the actual time if ($setting == 'send_stats') { //Check if previous time exists, if not them insert this value in DB $data_time = $db->fetch_row("SELECT COUNT(*) FROM " . $pre . "misc WHERE type='" . $type . "' AND intitule = '" . $setting . "_time'"); if ($data_time[0] == 0) { $db->query_insert("misc", array('valeur' => 0, 'type' => $type, 'intitule' => $setting . '_time')); } else { $db->query_update("misc", array('valeur' => 0), "type='" . $type . "' AND intitule = '" . $setting . "_time'"); } } } //save in variable if ($type == "admin") { $_SESSION['settings'][$setting] = $val; } else { if ($type == "settings") { $settings[$setting] = $val; } } }
function salvar($id,$nome, $email) { $db = new Database(); // inserir if($id == 0) { $sql = 'insert into periodo ( nome ) values ("'.$nome.'")'; return $db->query_insert($sql); } else { // atualizar $sql = ' update periodo set nome = "'.$nome.'" where id = ' .$id; return $db->query_update($sql); } }
function sendSMSAlert($geoAssId, $devDateTime) { $db = new Database(DB_SERVER, DB_USER, DB_PASS, DB_DATABASE); $db->connect(); $getData = "SELECT * FROM tb_assigngeofence,tb_deviceinfo,tb_geofence_info,tb_clientinfo WHERE ci_id = tag_clientId AND tgi_id = tag_geofenceId AND di_id = tag_diId AND tag_id = " . $geoAssId; $resData = mysql_query($getData); if (@mysql_affected_rows() > 0) { $fetData = mysql_fetch_assoc($resData); $from = ""; $to = $fetData[tag_alertSrc]; if ($fetData[di_deviceName]) { $devName = $fetData[di_deviceName]; } else { $devName = $fetData[di_deviceId]; } if ($fetData[tag_inout] == "in") { $status = "entered zone"; } else { $status = "left zone"; } $msg = "Dear " . ucfirst($fetData[ci_clientName]) . "! " . $devName . " has " . $status . " " . $fetData[tgi_name] . " at " . date("H:i:s", strtotime($devDateTime)) . " - " . $fetData[ci_weburl]; //echo $msg; $smsres = sendSMS($from, $to, $msg); $smsdata['tsi_mobileno'] = $fetData[tag_alertSrc]; $smsdata['tsi_tgai_id'] = $geoAssId; $smsdata['tsi_smsResult'] = $smsres; $smsdata['tsi_message'] = urlencode($msg); $smsdata['tsi_smsType'] = "GEOALERT"; //print_r($smsdata); //exit; if ($db->query_insert("tb_smsinfo", $smsdata)) { $res = 1; } else { $res = 0; } return $res; //print_r($fetData); } }
public function insertNewTransfer($eventId, $offer) { $insert['mode'] = $_GET['mode']; $insert['event_id'] = $eventId; $insert['start'] = $_POST['start']; $insert['via'] = $_POST['via']; $insert['destination'] = $_POST['destination']; $insert['email'] = $_POST['email']; $insert['name'] = $_POST['name']; $insert['message'] = $_POST['message']; $insert['centre_fk'] = $_SESSION['centreIdent']; #echo "*".$_SESSION['centreIdent']; #check for Spamrobots if ($_SESSION['centreIdent'] != '') { echo "Spam"; $db = new Database(); $db->connect(); $db->query_insert("transfer", $insert); $this->debug("NEW TRANSFER ENTRY", "Inserting transfer with the following content:\n" . $this->convert($insert)); $db->close(); } }
include_once 'includes/database.class.php'; require_once 'config.php'; $db = new Database($mysql_db_host, $mysql_db_user, $mysql_db_passwd, $mysql_db_name, $table_prefix); $db->connect(); switch ($_GET['action']) { case "deactivate": $data['action'] = 0; $db->query_update("plugins", $data, "filename='" . $_GET['filename'] . "'"); break; case "activate": $sql = "SELECT * FROM " . $table_prefix . "plugins WHERE filename = '" . $db->escape($_GET['filename']) . "'"; $count = count($db->fetch_all_array($sql)); if ($count < 1) { $data['filename'] = $_GET['filename']; $data['action'] = 1; $db->query_insert("plugins", $data); } else { $data['action'] = 1; $db->query_update("plugins", $data, "filename='" . $_GET['filename'] . "'"); } break; } $sql = "SELECT filename, action FROM " . $table_prefix . "plugins WHERE action = '" . $db->escape(1) . "'"; $result_rows = $db->fetch_all_array($sql); $plugin_list = new phphooks(); $plugin_headers = $plugin_list->get_plugins_header(); ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
function logEvents($type, $label, $who) { global $server, $user, $pass, $database, $pre; //include librairies & connect to DB require_once "class.database.php"; $db = new Database($server, $user, $pass, $database, $pre); $db->connect(); $db->query_insert("log_system", array('type' => $type, 'date' => mktime(date('h'), date('i'), date('s'), date('m'), date('d'), date('y')), 'label' => $label, 'qui' => $who)); }
// Photo name : timestamp-random(year,timestamp)-locationid_photoid.jpg $photo_name = $date[0] . '-' . rand($date[year], $date[0]) . '-' . $subDirImage . "_" . $subPhotoID . ".jpg"; $path = "./../upload/{$dir}/{$subDirImage}/" . $photo_name; // Write photo $base = $_POST['photo_upload']; if ($base != "") { $binary = base64_decode($base); $file = fopen($path, 'a'); fwrite($file, $binary); fclose($file); chmod($path, 0766); $UploadImage['LOCATION_CATE_ID'] = $_POST["location_cate_id"]; $UploadImage['LOCATION_ID'] = $_POST["location_id"]; $UploadImage['PHOTO_NAME'] = $photo_name; $UploadImage['OWNER_NAME'] = $_POST["user_name"]; $insertPhoto = $db->query_insert("photo", $UploadImage); } else { echo "ไม่มีภาพอัพโหลด"; } //Find PHOTO_ID $sql = "SELECT MAX( PHOTO_ID ) as maxPho_ID FROM photo"; $q_maxPhotoID = $db->query($sql); if ($_maxPhotoID = $db->fetch_array($q_maxPhotoID)) { $maxPhoto_ID = $_maxPhotoID['maxPho_ID']; } // INSER OWNER $_user_id = $_REQUEST['user_id']; $_user_name = $_REQUEST['user_name']; $_user_username = $_REQUEST['user_username']; $userInsert['USER_ID'] = $_user_id; $userInsert['USER_NAME'] = $_user_name;
echo "{$errstr} ({$errno})<br />\n"; } else { $out = "GET /api/v1/xml/" . $user_proj . "/commits/master HTTP/1.1\r\n"; $out .= "Host: google.com \r\n"; $out .= "Connection: Close\r\n\r\n"; fwrite($fp, $out); while (!feof($fp)) { $results .= fgets($fp, 128); } fclose($fp); } $post_results = parseHttpResponse($results); $objXML = new xml2Array(); $arrOutput = $objXML->parse($post_results); $github_result = $arrOutput[0]['children']; for ($i = 0; $i < count($github_result); $i++) { $commit_id = $github_result[$i]['children'][4]['tagData']; $message = $github_result[$i]['children'][0]['tagData']; $date = str_replace('T', ' T ', $github_result[$i]['children'][5]['tagData']); $commiter = $github_result[$i]['children'][3]['children'][0]['tagData'] . "/" . $github_result[$i]['children'][3]['children'][1]['tagData']; $unix_stamp = strtotime($date); echo "{$message} [{$commit_id}] was commited by {$commiter} on " . $unix_stamp . " \n"; if (strlen($mydb->first("SELECT `sum` FROM commits WHERE `sum`='{$commit_id}'")) == 0) { $ar = array('id' => null, 'user' => $commiter, 'message' => $message, 'sum' => $commit_id, 'project' => $r['id']); $mydb->query_insert('commits', $ar); $LASTID = $mydb->lastID(); $s->n($LASTID, '', 'git', $r['id'], $unix_stamp); } //echo "<a href='#' onclick=\"insertAtCursor(document.reply.report, '[GIT]".$commit_id."[/GIT]');\" title=\".". $date . "\">" .$message . "</a><small>[" . $commit_id . "]</small>"; } }
} @fclose($file1); } if (isset($_GET[add_stop_name]) && $_GET[add_stop_name] != '') { //echo $_GET[add_stop_name]; $getCont = "select * from tb_geofence_info where tgi_name = '" . $_GET[add_stop_name] . "' OR tgi_latLong = '" . $_GET[mapPt] . "' AND tgi_clientId =" . $_SESSION[clientID]; $resCont = $db->query($getCont); if ($db->affected_rows == 0) { $cdata["tgi_clientId"] = $_SESSION[clientID]; $cdata["tgi_name"] = $_GET[add_stop_name]; $cdata["tgi_isActive"] = 1; $cdata["tgi_radius"] = "0.5"; $cdata["tgi_latLong"] = $_GET[mapPt]; //print_r($cdata); //exit; if ($db->query_insert("tb_geofence_info", $cdata)) { echo 1; } else { echo 0; } } else { echo 0; } } if ($_GET[date_offline] != '' && $_GET[sessionid] != '') { if (isset($_GET[date_offline]) && $_GET[date_offline]) { $date_offline = $_GET[date_offline]; } else { $date_offline = date('d-m-Y'); } $getUserInfo = "SELECT * FROM tb_userinfo,tb_clientinfo WHERE ui_id = " . $_SESSION[userID] . " AND ci_id = " . $_SESSION[clientID];
$db->query_update('nested_tree', array('parent_id' => $_POST['newparent_id']), "id=" . $id[1]); //Get the title to display it $data = $db->fetch_row("SELECT title FROM " . $pre . "nested_tree WHERE id = " . $_POST['newparent_id']); //show value echo $data[0]; //rebuild the tree grid $tree = new NestedTree($pre . 'nested_tree', 'id', 'parent_id', 'title'); $tree->rebuild(); } else { if (isset($_POST['changer_complexite'])) { $id = explode('_', $_POST['id']); //Check if group exists $tmp = $db->fetch_row("SELECT COUNT(*) FROM " . $pre . "misc WHERE type = 'complex' AND intitule = '" . $id[1] . "'"); if ($tmp[0] == 0) { //Insert into DB $db->query_insert('misc', array('type' => 'complex', 'intitule' => $id[1], 'valeur' => $_POST['changer_complexite'])); } else { //update DB $db->query_update('misc', array('valeur' => $_POST['changer_complexite']), "type='complex' AND intitule = " . $id[1]); } //Get title to display it echo $mdp_complexite[$_POST['changer_complexite']][1]; //rebuild the tree grid $tree = new NestedTree($pre . 'nested_tree', 'id', 'parent_id', 'title'); $tree->rebuild(); } else { if (isset($_POST['type'])) { switch ($_POST['type']) { // CASE where DELETING a group case "supprimer_groupe": // this will delete all sub folders and items associated
if (isset($_POST["titlechange"]) && $isadmin == 1) { $tickid = $mydb->clean($_POST["tickid"], '', ''); $mydb->query_update("list", array('title' => $_POST["titlechange"]), "id='{$tickid}'"); echo "Title changed."; } if (isset($_POST["closeticket"]) && $isadmin == 1) { $closeticket = $mydb->clean($_POST["tickid"], '', ''); $mydb->query_update('list', array('status' => 0, 'finished' => time()), "id='{$closeticket}'"); echo "Ok"; } if (isset($_POST["openticket"]) && $isadmin == 1) { $closeticket = $mydb->clean($_POST["tickid"], '', ''); $mydb->query_update('list', array('status' => 1, 'finished' => '0'), "id='{$closeticket}'"); echo "Ok"; } if (isset($_POST["changepri"]) && $isadmin == 1) { $changepri = $mydb->clean($_POST["changepri"], '', ''); $id = $mydb->clean($_POST["id"], '', ''); $mydb->query_update('list', array('priority' => $changepri), "id='{$id}'"); //print_r($_POST); } // adds to do items if (isset($_POST["addtodo"])) { $id = $mydb->clean($_POST["id"], '', ''); $mydb->query_insert('todo_list', array('id' => 'null', 'tid' => $_POST['id'], 'content' => $_POST['item'], 'status' => 0)); echo $mydb->lastID(); } if (isset($_POST["markfinish"])) { $mydb->query_update('todo_list', array('status' => 1), "id='" . $mydb->clean($_POST["id"], '', '') . "'"); } //print_r($_POST);
$parent_check = $db->query($parent_rec); //check if parend data exist if ($record = $db->fetch_array($parent_check)!=null) { // $prnt_code['email_code'] = md5($record['email'] + microtime());//for email ver. // $db->query_update("tblparents", $prnt_code, "id='$parent_id'"); //check slot available $checkSlot = "SELECT student_id, student_id2, student_id3 FROM tblparents where id='$parent_id'"; $queryCheck = $db->query($checkSlot); while ($record = $db->fetch_array($queryCheck)) { if ($record['student_id']=="" && $student0['fname'] != NULL && $student0['lname'] != NULL && $student0['year_level'] != NULL ) { $primary_id = $db->query_insert("tblstudents", $student0);//insert new student record in the tblstudents $newStdID["student_id"] = $primary_id; $db->query_update("tblparents", $newStdID, "id='$parent_id'"); if ($record['student_id2']=="" && $student1['fname'] != NULL && $student1['lname'] != NULL && $student1['year_level'] != NULL ){ $primary_id = $db->query_insert("tblstudents", $student1);//insert new student record in the tblstudents $newStdID["student_id2"] = $primary_id; $db->query_update("tblparents", $newStdID, "id='$parent_id'"); } if($record['student_id3']=="" && $student2['fname'] != NULL && $student2['lname'] != NULL && $student2['year_level'] != NULL ){ $primary_id = $db->query_insert("tblstudents", $student2);//insert new student record in the tblstudents $newStdID["student_id3"] = $primary_id; $db->query_update("tblparents", $newStdID, "id='$parent_id'");
echo '[{"error":"no" , "output" : "' . $display . '"}]'; } break; //Insert into DB the items the user has selected //Insert into DB the items the user has selected case "import_items": include 'main.functions.php'; foreach (explode('@_#sep#_@', mysql_real_escape_string(stripslashes($_POST['data']))) as $item) { //For each item, insert into DB $item = explode('@|@', $item); //explode item to get all fields //Encryption key $random_key = GenerateKey(); $pw = $random_key . $item[2]; // Insert new item in table ITEMS $new_id = $db->query_insert("items", array('label' => $item[0], 'description' => $item[4], 'pw' => encrypt($pw, mysql_real_escape_string(stripslashes($_SESSION['my_sk']))), 'url' => $item[3], 'id_tree' => $_POST['folder'], 'login' => $item[1], 'anyone_can_modify' => $_POST['import_csv_anyone_can_modify'] == "true" ? 1 : 0)); //Store generated key $db->query_insert('keys', array('table' => 'items', 'id' => $new_id, 'rand_key' => $random_key)); //if asked, anyone in role can modify if (isset($_POST['import_csv_anyone_can_modify_in_role']) && $_POST['import_csv_anyone_can_modify_in_role'] == "true") { foreach ($_SESSION['arr_roles'] as $role) { $db->query_insert('restriction_to_roles', array('role_id' => $role['id'], 'item_id' => $new_id)); } } // Insert new item in table LOGS_ITEMS $db->query_insert('log_items', array('id_item' => $new_id, 'date' => mktime(date('H'), date('i'), date('s'), date('m'), date('d'), date('y')), 'id_user' => $_SESSION['user_id'], 'action' => 'at_creation')); //reload Cache table UpdateCacheTable("reload", ""); echo '[{"item":"' . $item[5] . '"}]'; } break;
if (isset($_SESSION['settings']['duplicate_item']) && $_SESSION['settings']['duplicate_item'] == 0 && $item_exists == 0 || isset($_SESSION['settings']['duplicate_item']) && $_SESSION['settings']['duplicate_item'] == 1) { //set key if non personal item if ($data_received['is_pf'] != 1) { //generate random key $random_key = GenerateKey(); $pw = $random_key . $pw; } //encrypt PW if ($data_received['salt_key_set'] == 1 && isset($data_received['salt_key_set']) && $data_received['is_pf'] == 1 && isset($data_received['is_pf'])) { $pw = encrypt($pw, mysql_real_escape_string(stripslashes($_SESSION['my_sk']))); $resticted_to = $_SESSION['user_id']; } else { $pw = encrypt($pw); } //ADD item $new_id = $db->query_insert('items', array('label' => $label, 'description' => $data_received['description'], 'pw' => $pw, 'url' => $url, 'id_tree' => $data_received['categorie'], 'login' => $login, 'inactif' => '0', 'restricted_to' => isset($data_received['restricted_to']) ? $data_received['restricted_to'] : '', 'perso' => $data_received['salt_key_set'] == 1 && isset($data_received['salt_key_set']) && $data_received['is_pf'] == 1 && isset($data_received['is_pf']) ? '1' : '0', 'anyone_can_modify' => isset($data_received['anyone_can_modify']) && $data_received['anyone_can_modify'] == "on" ? '1' : '0')); //Store generated key if ($data_received['is_pf'] != 1) { $db->query_insert('keys', array('table' => 'items', 'id' => $new_id, 'rand_key' => $random_key)); } //Manage retriction_to_roles if (isset($data_received['restricted_to_roles'])) { foreach (array_filter(explode(';', $data_received['restricted_to_roles'])) as $role) { $db->query_insert('restriction_to_roles', array('role_id' => $role, 'item_id' => $new_id)); } } //log $db->query_insert('log_items', array('id_item' => $new_id, 'date' => mktime(date('H'), date('i'), date('s'), date('m'), date('d'), date('y')), 'id_user' => $_SESSION['user_id'], 'action' => 'at_creation')); //Add tags $tags = explode(' ', $tags); foreach ($tags as $tag) {
echo 4; } else { echo 5; } } if (isset($_GET[addGeoPoint]) && $_GET[addGeoPoint] != '') { $getCont = "select * from tb_geofence_info where tgi_name = '" . $_GET[name] . "' OR tgi_latLong = '" . $_GET[param] . "' AND tgi_clientId =" . $_SESSION[clientID]; $resCont = $db->query($getCont); if ($db->affected_rows == 0) { $cdata["tgi_clientId"] = $_SESSION[clientID]; $cdata["tgi_name"] = $_GET[name]; $cdata["tgi_isActive"] = 1; $cdata["tgi_radius"] = $_GET[radius]; $cdata["tgi_latLong"] = $_GET[param]; //print_r($cdata); if ($db->query_insert("tb_geofence_info", $cdata)) { echo 1; } else { echo 0; } } else { $fetCont = $db->fetch_array($resCont); $cdata["tgi_clientId"] = $_SESSION[clientID]; $cdata["tgi_name"] = $_GET[name]; $cdata["tgi_isActive"] = 1; $cdata["tgi_radius"] = $_GET[radius]; $cdata["tgi_latLong"] = $_GET[param]; //print_r($cdata); if ($db->query_update("tb_geofence_info", $cdata, "tgi_id = " . $fetCont[tgi_id])) { echo 2; } else {
$parent["password"] = $_POST["password"]; $parent["phone"] = $_POST["phone_number"]; $parent["postcode"] = $_POST["postcode"]; $parent["state"] = $_POST["state"]; $parent["date_registered"] = "NOW()"; $emailsession = $_POST["email"]; $prnt_email = $_POST["email"]; $prt_email = "SELECT email FROM tblparents where email='$prnt_email'"; $check_email = $db->query($prt_email); //check email if it already exist if ($record = $db->fetch_array($check_email)==null) { $primary_id = $db->query_insert("tblparents", $parent); if (isset($_SESSION['views'])) { //this is for the email verification page $_SESSION['views']=$_SESSION['views']+1; $_SESSION['parent_id']=$primary_id; }else{ $_SESSION['views']=1; } header("Location:student_registration.php"); exit(); }else{ echo "<script> alert('Email account already exist!'); window.history.go(-1); </script>"; }
$message .= "</table>"; $message .= "</body></html>"; //echo $sub; //exit; if ($mailres = sendMail($t, $sub, $message, $fr)) { $data['tdai_status'] = 1; $data['tdai_deliveryTime'] = date("Y-m-d H:i:s"); if ($db->query_update("tb_device_alert_info", $data, "tdai_id=" . $record[tdai_id])) { $maildata['tmi_email'] = $t; $maildata['tmi_tgai_id'] = $record[tdai_id]; $maildata['tmi_mailResult'] = $mailres; $maildata['tmi_message'] = $message; $maildata['tmi_mailType'] = "DATEALERT"; //print_r($maildata); //exit; if ($db->query_insert("tb_mail_info", $maildata)) { echo "done"; } else { echo "no"; } } } } elseif ($record[tdai_alertType] == "Mobile") { $from = ""; $to = $record[tdai_source]; $msg = "Dear " . ucfirst($record[ci_clientName]) . "! " . $devName . " has " . $record[tdai_purpose] . ". pls log in for desc- " . $record[ci_weburl]; //echo $msg; //exit; if ($smsres = sendSMS($from, $to, $msg)) { $data['tdai_status'] = 1; $data['tdai_deliveryTime'] = date("Y-m-d H:i:s");
$db->query_update('nested_tree', array('parent_id' => $_POST['newparent_id']), "id=" . $id[1]); //Get the title to display it $data = $db->fetch_row("SELECT title FROM " . $pre . "nested_tree WHERE id = " . $_POST['newparent_id']); //show value echo $data[0]; //rebuild the tree grid $tree = new NestedTree($pre . 'nested_tree', 'id', 'parent_id', 'title'); $tree->rebuild(); } else { if (isset($_POST['changer_complexite'])) { $id = explode('_', $_POST['id']); //Check if group exists $tmp = $db->fetch_row("SELECT COUNT(*) FROM " . $pre . "misc WHERE type = 'complex' AND intitule = '" . $id[1] . "'"); if ($tmp[0] == 0) { //Insert into DB $db->query_insert('misc', array('type' => 'complex', 'intitule' => $id[1], 'valeur' => $_POST['changer_complexite'])); } else { //update DB $db->query_update('misc', array('valeur' => $_POST['changer_complexite']), "type='complex' AND intitule = " . $id[1]); } //Get title to display it echo $mdp_complexite[$_POST['changer_complexite']][1]; //rebuild the tree grid $tree = new NestedTree($pre . 'nested_tree', 'id', 'parent_id', 'title'); $tree->rebuild(); } else { if (isset($_POST['type'])) { switch ($_POST['type']) { // CASE where DELETING a group case "delete_folder": $folders_deleted = "";
$error_dat['status'] = "success"; $error_dat['reason'] = "Registration Complete..."; } sleep(3); echo json_encode($error_dat); } elseif ($_GET['action'] == 'makesim' && !empty($_POST['MSISDN'])) { $preMSISDN = $_POST['MSISDN'][0] . $_POST['MSISDN'][1] . $_POST['MSISDN'][2] . $_POST['MSISDN'][3]; $data['IMSI'] = "91" . $preMSISDN . rand('199999', '999999'); $data['IMEI'] = "956647" . "894467" . rand('199999', '999999'); $data['Ki'] = genRandKey(128); $data['NSP'] = getNSP($preMSISDN); $sql = "SELECT * FROM " . MSCTBL . " WHERE `MSISDN` = '" . $_POST['MSISDN'] . "'"; $row = $db->query_first($sql); if (empty($row)) { $data['MSISDN'] = $_POST['MSISDN']; $db->query_insert(MSCTBL, $data); } else { $db->query_update(MSCTBL, $data, " `MSISDN` = '" . $_POST['MSISDN'] . "' "); $data['MSISDN'] = $_POST['MSISDN']; } echo json_encode($data); } elseif ($_GET['action'] == 'authenticate' && !empty($_POST['MSISDN']) && !empty($_POST['TMSI'])) { $sql = "SELECT * FROM " . MSCTBL . " WHERE `MSISDN` = '" . $_POST['MSISDN'] . "' AND `TMSI` = '" . $_POST['TMSI'] . "'"; $row = $db->query_first($sql); if (empty($row)) { $error_dat['status'] = "error"; $error_dat['reason'] = "Device Not Registered..."; } else { $error_dat['RAND'] = genRandKey(128); $error_dat['RES'] = resGen($error_dat['RAND'], $row['Ki'], 128); $error_dat['status'] = "success";
$db->query_update("users", array('fonction_id' => $new_fonctions), "id = " . $val[0]); break; ## ADD NEW USER ## ## ADD NEW USER ## case "add_new_user": //Check KEY if ($_POST['key'] != $_SESSION['key']) { //error exit; } // Check if user already exists $db->query("SELECT id, fonction_id, groupes_interdits, groupes_visibles FROM " . $pre . "users WHERE login LIKE '" . mysql_real_escape_string(stripslashes($_POST['login'])) . "'"); $data = $db->fetch_array(); if (empty($data['id'])) { //Add user in DB $new_user_id = $db->query_insert("users", array('login' => htmlspecialchars_decode($_POST['login']), 'pw' => encrypt(string_utf8_decode($_POST['pw'])), 'email' => $_POST['email'], 'admin' => $_POST['admin'] == "true" ? '1' : '0', 'gestionnaire' => $_POST['manager'] == "true" ? '1' : '0', 'read_only' => $_POST['read_only'] == "true" ? '1' : '0', 'personal_folder' => $_POST['personal_folder'] == "true" ? '1' : '0', 'fonction_id' => $_POST['manager'] == "true" ? $_SESSION['fonction_id'] : '0', 'groupes_interdits' => $_POST['manager'] == "true" ? $data['groupes_interdits'] : '0', 'groupes_visibles' => $_POST['manager'] == "true" ? $data['groupes_visibles'] : '0')); //Create personnal folder if ($_POST['personal_folder'] == "true") { $db->query_insert("nested_tree", array('parent_id' => '0', 'title' => $new_user_id, 'bloquer_creation' => '0', 'bloquer_modification' => '0', 'personal_folder' => '1')); } //Create folder and role for domain if ($_POST['new_folder_role_domain'] == "true") { //create folder $new_folder_id = $db->query_insert("nested_tree", array('parent_id' => 0, 'title' => mysql_real_escape_string(stripslashes($_POST['domain'])), 'personal_folder' => 0, 'renewal_period' => 0, 'bloquer_creation' => '0', 'bloquer_modification' => '0')); //Add complexity $db->query_insert("misc", array('type' => 'complex', 'intitule' => $new_folder_id, 'valeur' => 50)); //Create role $new_role_id = $db->query_insert("roles_title", array('title' => mysql_real_escape_string(stripslashes($_POST['domain'])))); //Associate new role to new folder $db->query_insert('roles_values', array('folder_id' => $new_folder_id, 'role_id' => $new_role_id)); //Add the new user to this role
} echo '[{"text":"' . $texte . '</table><div style=\'margin-left:5px;\'><input type=\'checkbox\' id=\'item_deleted_select_all\' /> <img src=\\"includes/images/arrow-repeat.png\\" title=\\"' . $txt['restore'] . '\\" style=\\"cursor:pointer;\\" onclick=\\"restoreDeletedItems()\\"> <img src=\\"includes/images/bin_empty.png\\" title=\\"' . $txt['delete'] . '\\" style=\\"cursor:pointer;\\" onclick=\\"reallyDeleteItems()\\"></div>"}]'; break; #---------------------------------- #CASE admin want to restaure a list of deleted items #---------------------------------- #CASE admin want to restaure a list of deleted items case "restore_deleted__items": //restore FOLDERS if (count($_POST['list_f']) > 0) { foreach (explode(';', $_POST['list_f']) as $id) { $data = $db->query_first("\r\n\t\t\t\t\tSELECT valeur\r\n\t\t FROM " . $pre . "misc\r\n\t\t WHERE type = 'folder_deleted'\r\n\t\t AND intitule = '" . $id . "'"); if ($data['valeur'] != 0) { $folder_data = explode(',', $data['valeur']); //insert deleted folder $db->query_insert('nested_tree', array('id' => $folder_data[0], 'parent_id' => $folder_data[1], 'title' => $folder_data[2], 'nleft' => $folder_data[3], 'nright' => $folder_data[4], 'nlevel' => $folder_data[5], 'bloquer_creation' => $folder_data[6], 'bloquer_modification' => $folder_data[7], 'personal_folder' => $folder_data[8], 'renewal_period' => $folder_data[9])); //delete log $db->query("DELETE FROM " . $pre . "misc WHERE type = 'folder_deleted' AND intitule= '" . $id . "'"); } } } //restore ITEMS if (count($_POST['list_i']) > 0) { foreach (explode(';', $_POST['list_i']) as $id) { $db->query_update("items", array('inactif' => '0'), 'id = ' . $id); //log $db->query("INSERT INTO " . $pre . "log_items VALUES ('" . $id . "','" . mktime(date('H'), date('i'), date('s'), date('m'), date('d'), date('y')) . "','" . $_SESSION['user_id'] . "','at_restored','')"); } } break; #----------------------------------
$ldap_connection = false; } if ($debug_ldap == 1) { fputs($dbg_ldap, "After authenticate : " . $adldap->get_last_error() . "\n\n\n" . "ldap status : " . $ldap_connection . "\n\n\n"); //Debug } } //Check if user exists in cpassman $sql = "SELECT * FROM " . $pre . "users WHERE login = '******'"; $row = $db->query($sql); $proceed_identification = false; if (mysql_num_rows($row) > 0) { $proceed_identification = true; } elseif (mysql_num_rows($row) == 0 && $ldap_connection == true) { //If LDAP enabled, create user in CPM if doesn't exist $new_user_id = $db->query_insert("users", array('login' => $username, 'pw' => $password, 'email' => "", 'admin' => '0', 'gestionnaire' => '0', 'personal_folder' => $_SESSION['settings']['enable_pf_feature'] == "1" ? '1' : '0', 'fonction_id' => '0', 'groupes_interdits' => '0', 'groupes_visibles' => '0', 'last_pw_change' => mktime(date('h'), date('m'), date('s'), date('m'), date('d'), date('y')))); //Create personnal folder if ($_SESSION['settings']['enable_pf_feature'] == "1") { $db->query_insert("nested_tree", array('parent_id' => '0', 'title' => $new_user_id, 'bloquer_creation' => '0', 'bloquer_modification' => '0', 'personal_folder' => '1')); } //Get info for user $sql = "SELECT * FROM " . $pre . "users WHERE login = '******'"; $row = $db->query($sql); $proceed_identification = true; } if ($proceed_identification === true) { //User exists in the DB $data = $db->fetch_array($row); // Can connect if // 1- no LDAP mode + user enabled + pw ok // 2- LDAP mode + user enabled + ldap connection ok + user is not admin
<?php $db = new Database($db_host, $db_username, $db_password, $db_name); $db->connect(); $err = ""; if (isset($_POST['submit']) && $_POST['submit'] != "") { $error = 0; if ($_POST['address'] == "") { $error++; } if ($_POST['lat'] == "") { $error++; } if ($_POST['lng'] == "") { $error++; } if ($error == 0) { $insert_array['eyo_admin_id'] = $_SESSION['user_id']; $insert_array['full_address'] = $_POST['address']; $insert_array['lat'] = $_POST['lat']; $insert_array['lng'] = $_POST['lng']; if ($db->query_insert($TABLE_EYO_MAP, $insert_array)) { $err = "Map saved succesfully"; } } else { $err = "Please select valid position from the map"; } } $sql = "SELECT * from " . $TABLE_EYO_MAP . " order by id desc"; $map_result = $db->fetch_all_array($sql);
//get full tree dependencies require_once "NestedTree.class.php"; $tree = new NestedTree($pre . 'nested_tree', 'id', 'parent_id', 'title'); $tree = $tree->getDescendants($_POST['folder'], true); if (isset($_POST['allowed']) and $_POST['allowed'] == 1) { //case where folder was allowed but not any more foreach ($tree as $node) { //Store in DB $db->query_delete('roles_values', array('folder_id' => $node->id, 'role_id' => $_POST['role'])); } } else { if ($_POST['allowed'] == 0) { //case where folder was not allowed but allowed now foreach ($tree as $node) { //Store in DB $db->query_insert('roles_values', array('folder_id' => $node->id, 'role_id' => $_POST['role'])); } } } echo 'httpRequest("sources/roles.queries.php","type=rafraichir_matrice");'; echo '$("#div_loading").hide();'; break; } } else { if (!empty($_POST['edit_fonction'])) { $id = explode('_', $_POST['id']); //Update DB $db->query_update('roles_title', array('title' => mysql_real_escape_string(stripslashes(utf8_decode($_POST['edit_fonction'])))), "id = " . $id[1]); //Show value echo $_POST['edit_fonction']; }
break; ########################################################### #CASE for refreshing all Personal Folders ########################################################### #CASE for refreshing all Personal Folders case "admin_action_check_pf": //get through all users $rows = $db->fetch_all_array("SELECT id,login,email FROM " . $pre . "users ORDER BY login ASC"); foreach ($rows as $record) { //update PF field for user $db->query_update('users', array('personal_folder' => '1'), "id='" . $record['id'] . "'"); //if folder doesn't exist then create it $data = $db->fetch_row("SELECT COUNT(*) FROM " . $pre . "nested_tree WHERE title = '" . $record['id'] . "' AND parent_id = 0"); if ($data[0] == 0) { //If not exist then add it $db->query_insert("nested_tree", array('parent_id' => '0', 'title' => $record['id'], 'personal_folder' => '1')); } else { //If exists then update it $db->query_update('nested_tree', array('personal_folder' => '1'), array("title" => $record['id'], 'parent_id' => '0')); } } //Delete PF for deleted users $db->query("\r\n\t\t\tDELETE " . $pre . "nested_tree\r\n \t\tFROM " . $pre . "nested_tree\r\n \t\tLEFT JOIN " . $pre . "users\r\n \t\tON " . $pre . "nested_tree.title = " . $pre . "users.id\r\n \t\tWHERE " . $pre . "users.id IS NULL AND " . $pre . "nested_tree.parent_id=0 AND " . $pre . "nested_tree.title REGEXP ('[0-9]')\r\n \t"); //rebuild fuild tree folder require_once 'NestedTree.class.php'; $tree = new NestedTree($pre . 'nested_tree', 'id', 'parent_id', 'title'); $tree->rebuild(); echo '[{"result" : "pf_done"}]'; break; ########################################################### #CASE for deleting all items from DB that are linked to a folder that has been deleted
$resAlertImeiInfo = $db->query($getAlertImeiInfo); if ($db->affected_rows == 0) { $getAlertInfo = "SELECT * FROM tb_geoalertinfo WHERE tgai_geoAssignId = " . $aid; $resAlertInfo = $db->query($getAlertInfo); if ($db->affected_rows == 0) { if ($_GET[inoutFlag] == $_GET[inoutPoint]) { $smsStatus = sendSMSAlert($aid); if ($smsStatus) { $data['tgai_assignDevId'] = $devImei; $data['tgai_geoAssignId'] = $aid; $data['tgai_inoutStatus'] = 0; $data['tgai_alertCount'] = 1; $data['tgai_alertType'] = $_GET[inoutPoint]; $data['tgai_reachdevTime1'] = date("Y-m-d H:i:s", strtotime($_GET[devDateTime])); //print_r($data); if ($db->query_insert("tb_geoalertinfo", $data)) { $res = 1; } else { $res = 0; } echo "SMS"; } } } } else { $fetAlertImeiInfo = $db->fetch_array($resAlertImeiInfo); if ($fetAlertImeiInfo[tgai_geoAssignId] == $aid) { if ($fetAlertImeiInfo[tgai_inoutStatus] == 0) { if ($_GET[inoutFlag] != $_GET[inoutPoint]) { $data['tgai_inoutStatus'] = 1; $data['tgai_reachdevTime2'] = date("Y-m-d H:i:s", strtotime($_GET[devDateTime]));
function sendAlert($geoAssId, $devDateTime) { $db = new Database(DB_SERVER, DB_USER, DB_PASS, DB_DATABASE); $db->connect(); $getData = "SELECT * FROM tb_assigngeofence,tb_deviceinfo,tb_geofence_info,tb_clientinfo WHERE ci_id = tag_clientId AND tgi_id = tag_geofenceId AND di_id = tag_diId AND tag_id = " . $geoAssId; $resData = mysql_query($getData); if (@mysql_affected_rows() > 0) { $fetData = mysql_fetch_assoc($resData); //print_r($fetData); $getReseller = "select * from tb_clientinfo where ci_id = " . $fetData[ci_clientId]; $resReseller = mysql_query($getReseller); $fetReseller = @mysql_fetch_assoc($resReseller); //print_r($fetReseller); if ($fetData[di_deviceName]) { $devName = $fetData[di_deviceName]; } else { $devName = $fetData[di_deviceId]; } if ($fetData[tag_inout] == "in") { $status = "entered zone"; } else { $status = "left zone"; } $info = $devName . " has " . $status . " " . $fetData[tgi_name] . " at " . date("d M Y H:i:s", strtotime($devDateTime)) . " " . $fetData[tag_alertType] . " " . $fetData[tag_alertSrc]; if ($fetData[tag_alertType] == "Email") { $to = $fetData[tag_alertSrc]; $sub = "Geofence Alert - " . $fetReseller[ci_clientName]; $msg = "<b>Dear " . ucfirst($fetData[ci_clientName]) . "! </b><br><br>Vehicle " . $devName . " has " . $status . " " . $fetData[tgi_name] . " at " . date("d M Y H:i", strtotime($devDateTime)) . "<br><br> - " . $fetReseller[ci_weburl]; $fr = $fetReseller[ci_clientName]; //echo $msg; //exit; $mailres = sendSMTPMail($to, $sub, $msg, $fetReseller[ci_clientName], $fetReseller[ci_smtpHostname], $fetReseller[ci_smtpUsername], $fetReseller[ci_smtpPassword], $fetReseller[ci_smtpUsername]); $mailString = $to . "," . $fetReseller[ci_clientName] . "," . $fetReseller[ci_smtpHostname] . "," . $fetReseller[ci_smtpUsername] . "," . $fetReseller[ci_smtpPassword] . "," . $fetReseller[ci_smtpUsername] . "," . $mailres; writeGeoData(date("d-m-Y", strtotime($devDateTime)), date("H:i:s", strtotime($devDateTime)), strip_tags($info), $mailString); $maildata['tmi_email'] = $to; $maildata['tmi_tgai_id'] = $geoAssId; $maildata['tmi_mailResult'] = $mailres; $maildata['tmi_message'] = urlencode($msg); $maildata['tmi_mailType'] = "GEOALERT"; //print_r($maildata); //exit; if ($db->query_insert("tb_mail_info", $maildata)) { return 1; } else { return 0; } } else { if ($fetData[tag_alertType] == "Mobile") { $from = ""; $to_nos = explode(',', $fetData[tag_alertSrc]); foreach ($to_nos as $to) { if ($to != "") { $msg = "Dear " . ucfirst($fetData[ci_clientName]) . "! " . $devName . " has " . $status . " " . $fetData[tgi_name] . " at " . date("H:i:s", strtotime($devDateTime)) . " - " . $fetData[ci_weburl]; $smsres = sendGatewaySMS($from, $to, $msg, $fetReseller[ci_smsGatewayUri], $fetReseller[ci_smsGatewayUsername], $fetReseller[ci_smsGatewayPassword], $fetReseller[ci_smsGatewaySenderId]); } } $smsString = $fetData[tag_alertSrc] . "," . $fetReseller[ci_smsGatewayUri] . "," . $fetReseller[ci_smsGatewayUsername] . "," . $fetReseller[ci_smsGatewayPassword] . "," . $fetReseller[ci_smsGatewaySenderId] . "," . $smsres; writeGeoData(date("d-m-Y", strtotime($devDateTime)), date("H:i:s", strtotime($devDateTime)), strip_tags($info), $smsString); $smsdata['tsi_mobileno'] = $fetData[tag_alertSrc]; $smsdata['tsi_tgai_id'] = $geoAssId; $smsdata['tsi_smsResult'] = $smsres; $smsdata['tsi_message'] = urlencode($msg); $smsdata['tsi_smsType'] = "GEOALERT"; //print_r($smsdata); //exit; if ($db->query_insert("tb_smsinfo", $smsdata)) { return 1; } else { return 0; } } } //exit; //return 1; } }