function DLog($api_call, $securityLevel, $message, $account_id) { $database = new database(); $sql = "INSERT INTO Log(Api_call, ReqSecurityLevel, Comment, ID) VALUES ({$api_call}, {$securityLevel}, {$message}, {$account_id})"; mysqli_query($database->getConnection(), $sql); $database->close(); }
public function get_user_vote() { $db = new database($GLOBALS['config']); $res = $db->query("SELECT * FROM `project` . `vote`\n\t\t\t\t\tWHERE \n\t\t\t\t `v_app_id` = '" . $this->app_id . "' AND `v_u_id` = '" . $this->u_id . "'\n\t\t\t\t\tORDER BY v_time DESC LIMIT 1\n\t\t\t\t\t"); $row = mysql_fetch_assoc($res); if ($row) { $this->u_vote = $row['v_score']; } else { $this->u_vote = 0; } $db->close(); }
public function delete_pm($id) { $pm_id = $id; $db = new database($GLOBALS['config']); if ($pm_id != '') { $db = new database($GLOBALS['config']); $db->query("DELETE FROM `pm` WHERE `pm_id` = '" . $pm_id . "'"); $db->close(); echo "ลบข้อความออกจากระบบสำเร็จ"; } else { echo "ระบบในการลบข้อความูมีปัญหากรุณาแจ้งผู้ดูแลระบบ"; } }
<div class="main_content" id="main_content"> <table id="top"> <tr> <td id="top1"><img src="img/new.png" /></td> </tr> <tr> <td id="top2"><?php $db = new database($GLOBALS['config']); $res = $db->query("SELECT * FROM `project` . `application`\n WHERE `app_tag` = 'การศึกษา' \n ORDER BY app_time DESC\n "); $_SESSION['search3'] = new app_list($res); print_r($_SESSION['search3']->get_page_index3(1)); $db->close(); ?> </td> </tr> </table> </div> </div> </div> </body> </html> <!-- <div class="footer">footer</div> -->
/** * Check if user is admin */ function checkAdmin($die = true, $startSession = true) { global $db; # get variables from config file /* first get active username */ if (!isset($_SESSION)) { session_start(); } $ipamusername = $_SESSION['ipamusername']; session_write_close(); /* set check query and get result */ $database = new database($db['host'], $db['user'], $db['pass'], $db['name']); /* Check connection */ if ($database->connect_error) { if ($_SERVER['SERVER_PORT'] == "443") { $url = "https://" . $_SERVER['SERVER_NAME'] . BASE; } elseif ($_SERVER['SERVER_PORT'] != "80") { $url = "http://" . $_SERVER['SERVER_NAME'] . ":" . $_SERVER['SERVER_PORT'] . BASE; } else { $url = "http://" . $_SERVER['SERVER_NAME'] . BASE; } # redirect header("Location:" . $url . "login/"); } /* set query if database exists! */ $query = 'select role from users where username = "******";'; /* fetch role */ try { $role = $database->getRow($query); } catch (Exception $e) { $error = $e->getMessage(); die("<div class='alert alert-danger'>" . _('Error') . ": {$error}</div>"); } /* close database connection */ $database->close(); /* return true if admin, else false */ if ($role[0] == "Administrator") { return true; } else { //die if ($die == true) { die('<div class="alert alert-danger">' . _('Administrator level privileges required') . '!</div>'); } else { return false; } } }
/** * This function will send a query to the table user_stage then, retrieve the * stages that the user has been assign.. * return the recordset in array() */ function query_data($userID) { // get this user stages of this user... $sql = "select * from user_stage us\r\n\t\twhere us.userID = " . intval($userID) . " order by us.stageID ASC "; // sort the STAGES accordingly.. $db = new database(); if (!($result = $db->query($sql))) { die('Error:' . $db->error()); } $user_stages = array(); while ($row = $db->fetcharray()) { $user_stages[] = $row; } $db->freeresult(); // simply free the result.. print 'USERNAME='******'username']; // ok pepol,, lets chek his user stages.. $sql = " select * from "; // if the user has been assign with SOME workflows... $state = 0; foreach ($user_stages as $field => $user_stage) { if ($user_stage->stageID) { switch ($user_stage->stageID) { case 1: // if the user is on writing stage, retrieve his articles $sql .= " articles a ,"; $sql .= " article_author aa "; $state = 1; // we assume that there was another stages been assign.. break; case 2: // the user is assign on editing stage.. $editing_stage = 1; break; case 3: // ..proofreading stage.. $proofreading_stage = 1; break; case 4: // ..publishinng stage.. $publishing_stage = 1; break; } } } // if this user has been assign with these stages..editing, proofreading ..etc... if ($editing_stage == 1 || $proofreading_stage == 1 || $publishing_stage == 1) { if (count($user_stages) > 1) { // this user is assign with SOME WORKFLOWS.. if ($state) { // $sql .= " ,article_versions av "; } else { // simply, first call of the article versions.. $sql .= " article_versions av "; } } else { // this user has been set with one workflows.. $sql .= " article_versions av "; } } $sql .= " where "; // WHERE CLAUSE HERE..very important!!!! $state = 0; if (count($user_stages) > 1) { // this user has been assign with SOME WORKFLOWS foreach ($user_stages as $field => $user_stage) { if ($user_stage->stageID) { switch ($user_stage->stageID) { case 1: // writer $sql .= " a.stageID = 1 "; $sql .= " and aa.userID = {$userID} "; $state = 1; break; case 2: // editor // PROBLEM : concatenation of and..ex. editor+chef if ($state) { $sql .= " and av.stageID = 2 "; } else { $sql .= " av.stageID = 2 "; } break; case 3: // editor n chief if ($state) { $sql .= " and av.stageID = 3 "; } else { $sql .= " av.stageID = 3 "; } //$sql .= " and av.modified_by = $userID "; break; case 4: // publisher $sql .= " and av.stageID = 4 "; break; } } } } else { foreach ($user_stages as $field => $user_stage) { if ($user_stage->stageID) { switch ($user_stage->stageID) { case 1: // writer $sql .= " a.stageID = 1 "; //$sql .= " and aa.userID = $userID "; break; case 2: // editor $sql .= " av.stageID = 2 "; //$sql .= " and av.modified_by = $userID "; break; case 3: // editor n chief $sql .= " av.stageID = 3 "; //$sql .= " or av.modified_by = $userID "; break; case 4: // publisher $sql .= " av.stageID = 4 "; break; } } } } print '[SQL=' . $sql; if (!($result = $db->query($sql))) { die('Error:' . $db->error()); } $query_data = array(); while ($query_data[] = $db->fetcharray()) { } print '[totalrec=' . $db->getnumrows(); //print_r($query_data ); return $query_data; $db->close(); // close connection }
/** * Check if user is admin */ function checkAdmin($die = true) { global $db; # get variables from config file /* first get active username */ session_start(); $ipamusername = $_SESSION['ipamusername']; session_write_close(); /* set check query and get result */ $database = new database($db['host'], $db['user'], $db['pass'], $db['name']); $query = 'select role from users where username = "******";'; /* execute */ try { $role = $database->getRow($query); } catch (Exception $e) { $error = $e->getMessage(); print "<div class='alert alert-error'>" . _('Error') . ": {$error}</div>"; return false; } /* close database connection */ $database->close(); /* return true if admin, else false */ if ($role[0] == "Administrator") { return true; } else { //die if ($die == true) { die('<div class="alert alert-error">' . _('Administrator level privileges are required to access this site') . '!</div>'); } else { return false; } //update log updateLogTable('User ' . $ipamusername . ' tried to access admin page.', "", 2); } }
$dbm4->exec(); $dbm4->close(); } if ($insert_ab) { $dbab = new database(); $dbab->debug($abdbdebug); $dbab->connect($abdbhost, $abdbuser, $abdbpass, $abdbname); /*** delete du serveur dans adminbot ***/ $dbab->delete("gameserver"); $dbab->where("ServerId = {$id}"); $dbab->exec(); /*** insertion du serveur dans adminbot ***/ $dbab->insert("gameserver (ServerId,GameId,GameGroupId,ServerAddress,ServerPort,ServerIsUp,ServerType,ServerRcon,ServerHostName)"); $dbab->values("'{$id}','','','{$adresse}','{$port}','','cs','{$rcon}','{$nom}'"); $dbab->exec(); $dbab->close(); } /*** redirection ***/ js_goto("?page=serveurs&op=modify&id={$id}"); } } elseif ($op == "delete") { /*** verification securite ***/ if ($grade['a'] != 'a' && $grade['b'] != 'b' && $grade['r'] != 'r') { js_goto($PHP_SELF); } $db->delete("{$dbprefix}serveurs"); $db->where("id = {$id}"); $db->exec(); /*** redirection ***/ js_goto("?page=serveurs&op=admin"); } elseif ($op == "voir") {
public function update_pass($post) { $pass_new1 = $post['pass_new1']; $pass_new2 = $post['pass_new2']; $id = $post['id']; $type = $post['type']; $db = new database($GLOBALS['config']); $error = ""; if ($pass_new1 == '' || $pass_new2 == '') { $error = $error . "กรุณากรอกรหัสผ่าน"; } //Send error if some of password if ($error != '') { echo $error; die; } if (strcmp($pass_new1, $pass_new2) != 0) { $error = $error . "รหัสผ่านใหม่ไม่ตรงกัน กรุณาแก้ไข"; } else { switch ($type) { case 'member': $db->query("UPDATE `member` SET\n\t\t\t\t\t\t\t\t`m_pass` = '" . $pass_new1 . "'\n\t\t\t\t\t\t\t\tWHERE `m_id` = '" . $id . "';"); break; case 'student': $db->query("UPDATE `student` SET\n\t\t\t\t\t\t\t\t`s_pass` = '" . $pass_new1 . "'\n\t\t\t\t\t\t\t\tWHERE `s_id` = '" . $id . "';"); break; case 'aadvisor': $db->query("UPDATE `advisor` SET\n\t\t\t\t\t\t\t\t`a_pass` = '" . $pass_new1 . "'\n\t\t\t\t\t\t\t\tWHERE `a_id` = '" . $id . "';"); break; case 'admin': $db->query("UPDATE `admin` SET\n\t\t\t\t\t\t\t\t`x_pass` = '" . $pass_new1 . "'\n\t\t\t\t\t\t\t\tWHERE `x_id` = '" . $id . "';"); break; } echo "แก้ไขเสร็จเรียบร้อย"; } //Send error if some of password if ($error != '') { echo $error; die; } $db->close(); }
$queries = ereg_replace('%show_viewuserlist_in_user_nav%', Yes, $queries); $queries = ereg_replace('%prefix%', $_POST['databaseprefix'], $queries); //$queries .= file_get_contents ('kernel/sql/basiccontent.sql'); //$queries .= file_get_contents ('kernel/sql/helpcontent.sql'); $queriesarray = explode(';', $queries); // FIXME; stupid hack // unset the last arrayvlue --> it is empty unset($queriesarray[count($queriesarray) + 1]); foreach ($queriesarray as $query) { // if there are too many ';' // do not execute them $query = trim($query); if (!empty($query)) { echo $query . '<br />'; $database->query($query); } } $database->close(); } catch (exceptionlist $e) { //echo $e->getMessage (); echo $e->debuginfo; } echo '<b>delete install.php now</b>'; } else { if ($_POST['submit'] == 'testdbconn') { echo 'test de connectie'; } else { die('error in POST'); } } }
/** * Check for duplicates on add */ function checkDuplicate($ip, $subnetId) { global $db; # get variables from config file /* we need to put IP in decimal format */ $ip = Transform2decimal($ip); /* set query, open db connection and fetch results */ $query = 'select * from `ipaddresses` where `ip_addr` = "' . $ip . '" and subnetId = "' . $subnetId . '" ;'; $database = new database($db['host'], $db['user'], $db['pass'], $db['name']); /* execute */ try { $unique = $database->getArray($query); } catch (Exception $e) { $error = $e->getMessage(); print "<div class='alert alert-error'>" . _('Error') . ":{$error}</div>"; return false; } $database->close(); /* return false if it exists */ if (sizeof($unique) != 0) { return true; } else { return false; } }
function processMasterSchemaFile($sSchemaFile) { global $DB_ADAPTER; global $DB_HOST; global $DB_USER; global $DB_PASS; global $DB_NAME; global $aUpgradeData; //convert newSchema to array if (isset($aUpgradeData['aNewSchema'])) { $aNewSchema = $aUpgradeData['aNewSchema']; } else { $aNewSchema = schemaToArray($sSchemaFile); $aUpgradeData['aNewSchema'] = $aNewSchema; } $aOldSchema = processSchemaFile(); if (is_null($aOldSchema)) { return; } $aChanges = obtainChanges($aOldSchema, $aNewSchema); $oDataBase = new database($DB_ADAPTER, $DB_HOST, $DB_USER, $DB_PASS, $DB_NAME); if (!$oDataBase->isConnected()) { return; } $oDataBase->iFetchType = MYSQL_NUM; $oDataBase->logQuery(count($aChanges)); foreach ($aChanges['tablesToAdd'] as $sTable => $aColumns) { $oDataBase->executeQuery($oDataBase->generateCreateTableSQL($sTable, $aColumns)); if (isset($aChanges['tablesToAdd'][$sTable]['INDEXES'])) { foreach ($aChanges['tablesToAdd'][$sTable]['INDEXES'] as $indexName => $aIndex) { $oDataBase->executeQuery($oDataBase->generateAddKeysSQL($sTable, $indexName, $aIndex)); } } } foreach ($aChanges['tablesToAlter'] as $sTable => $aActions) { foreach ($aActions as $sAction => $aAction) { foreach ($aAction as $sColumn => $vData) { switch ($sAction) { case 'DROP': $oDataBase->executeQuery($oDataBase->generateDropColumnSQL($sTable, $vData)); break; case 'ADD': $oDataBase->executeQuery($oDataBase->generateAddColumnSQL($sTable, $sColumn, $vData)); break; case 'CHANGE': $oDataBase->executeQuery($oDataBase->generateChangeColumnSQL($sTable, $sColumn, $vData)); break; } } } } foreach ($aChanges['tablesWithNewIndex'] as $sTable => $aIndexes) { foreach ($aIndexes as $sIndexName => $aIndexFields) { $oDataBase->executeQuery($oDataBase->generateAddKeysSQL($sTable, $sIndexName, $aIndexFields)); } } foreach ($aChanges['tablesToAlterIndex'] as $sTable => $aIndexes) { foreach ($aIndexes as $sIndexName => $aIndexFields) { $oDataBase->executeQuery($oDataBase->generateDropKeySQL($sTable, $sIndexName)); $oDataBase->executeQuery($oDataBase->generateAddKeysSQL($sTable, $sIndexName, $aIndexFields)); } } $oDataBase->close(); }
public function new_app_slide() { $db = new database($GLOBALS['config']); $res = $db->query("SELECT * FROM `project` . `application`\n\t\t\t\t\t\tWHERE `app_time` \n\t\t\t\t\t\tORDER BY `app_time` ASC\n\t\t\t\t\t\t"); while ($row = mysql_fetch_array($res)) { $path_new_app = $row["app_scr_1"]; } $db->close(); echo $path_new_app; }
define('ADMIN_STYLE_PATH_ABS', PATH . 'admin/' . ADMIN_STYLE_NAME . '/'); #get languge of common get_lang('common'); #ban system get_ban(); #install.php exists, raise a message if (file_exists(PATH . 'install') && !defined('IN_ADMIN') && !defined('IN_LOGIN') && !defined('DEV_STAGE')) { #Different message for admins! delete install folder kleeja_info(user_can('enter_acp') ? $lang['DELETE_INSTALL_FOLDER'] : $lang['WE_UPDATING_KLEEJA_NOW'], $lang['SITE_CLOSED']); } #site close message if enabled $login_page = ''; if ($config['siteclose'] == '1' && !user_can('enter_acp') && !defined('IN_LOGIN') && !defined('IN_ADMIN')) { #if download, images ? if (defined('IN_DOWNLOAD') && (ig('img') || ig('thmb') || ig('thmbf') || ig('imgf'))) { @$SQL->close(); $fullname = "images/site_closed.jpg"; $filesize = filesize($fullname); header("Content-length: {$filesize}"); header("Content-type: image/jpg"); readfile($fullname); exit; } #Send a 503 HTTP response code to prevent search bots from indexing the maintenace message header('HTTP/1.1 503 Service Temporarily Unavailable'); kleeja_info($config['closemsg'], $lang['SITE_CLOSED']); } #exceed total size if ($stat_sizes >= $config['total_size'] * 1048576 && !defined('IN_LOGIN') && !defined('IN_ADMIN')) { // Send a 503 HTTP response code to prevent search bots from indexing the maintenace message header('HTTP/1.1 503 Service Temporarily Unavailable');