function DLog($api_call, $securityLevel, $message, $account_id)
{
$database = new database();
$sql = "INSERT INTO Log(Api_call, ReqSecurityLevel, Comment, ID) VALUES ({$api_call}, {$securityLevel}, {$message}, {$account_id})";
mysqli_query($database->getConnection(), $sql);
$database->close();
}
public function get_user_vote()
{
$db = new database($GLOBALS['config']);
$res = $db->query("SELECT * FROM `project` . `vote`\n\t\t\t\t\tWHERE \n\t\t\t\t `v_app_id` = '" . $this->app_id . "' AND `v_u_id` = '" . $this->u_id . "'\n\t\t\t\t\tORDER BY v_time DESC LIMIT 1\n\t\t\t\t\t");
$row = mysql_fetch_assoc($res);
if ($row) {
$this->u_vote = $row['v_score'];
} else {
$this->u_vote = 0;
}
$db->close();
}
public function delete_pm($id)
{
$pm_id = $id;
$db = new database($GLOBALS['config']);
if ($pm_id != '') {
$db = new database($GLOBALS['config']);
$db->query("DELETE FROM `pm` WHERE `pm_id` = '" . $pm_id . "'");
$db->close();
echo "ลบข้อความออกจากระบบสำเร็จ";
} else {
echo "ระบบในการลบข้อความูมีปัญหากรุณาแจ้งผู้ดูแลระบบ";
}
}
<div class="main_content" id="main_content">
<table id="top">
<tr>
<td id="top1"><img src="img/new.png" /></td>
</tr>
<tr>
<td id="top2"><?php
$db = new database($GLOBALS['config']);
$res = $db->query("SELECT * FROM `project` . `application`\n WHERE `app_tag` = 'การศึกษา' \n ORDER BY app_time DESC\n ");
$_SESSION['search3'] = new app_list($res);
print_r($_SESSION['search3']->get_page_index3(1));
$db->close();
?>
</td>
</tr>
</table>
</div>
</div>
</div>
</body>
</html>
<!-- <div class="footer">footer</div> -->
/**
* Check if user is admin
*/
function checkAdmin($die = true, $startSession = true)
{
global $db;
# get variables from config file
/* first get active username */
if (!isset($_SESSION)) {
session_start();
}
$ipamusername = $_SESSION['ipamusername'];
session_write_close();
/* set check query and get result */
$database = new database($db['host'], $db['user'], $db['pass'], $db['name']);
/* Check connection */
if ($database->connect_error) {
if ($_SERVER['SERVER_PORT'] == "443") {
$url = "https://" . $_SERVER['SERVER_NAME'] . BASE;
} elseif ($_SERVER['SERVER_PORT'] != "80") {
$url = "http://" . $_SERVER['SERVER_NAME'] . ":" . $_SERVER['SERVER_PORT'] . BASE;
} else {
$url = "http://" . $_SERVER['SERVER_NAME'] . BASE;
}
# redirect
header("Location:" . $url . "login/");
}
/* set query if database exists! */
$query = 'select role from users where username = "******";';
/* fetch role */
try {
$role = $database->getRow($query);
} catch (Exception $e) {
$error = $e->getMessage();
die("<div class='alert alert-danger'>" . _('Error') . ": {$error}</div>");
}
/* close database connection */
$database->close();
/* return true if admin, else false */
if ($role[0] == "Administrator") {
return true;
} else {
//die
if ($die == true) {
die('<div class="alert alert-danger">' . _('Administrator level privileges required') . '!</div>');
} else {
return false;
}
}
}
/**
* This function will send a query to the table user_stage then, retrieve the
* stages that the user has been assign..
* return the recordset in array()
*/
function query_data($userID)
{
// get this user stages of this user...
$sql = "select * from user_stage us\r\n\t\twhere us.userID = " . intval($userID) . " order by us.stageID ASC ";
// sort the STAGES accordingly..
$db = new database();
if (!($result = $db->query($sql))) {
die('Error:' . $db->error());
}
$user_stages = array();
while ($row = $db->fetcharray()) {
$user_stages[] = $row;
}
$db->freeresult();
// simply free the result..
print 'USERNAME='******'username'];
// ok pepol,, lets chek his user stages..
$sql = " select * from ";
// if the user has been assign with SOME workflows...
$state = 0;
foreach ($user_stages as $field => $user_stage) {
if ($user_stage->stageID) {
switch ($user_stage->stageID) {
case 1:
// if the user is on writing stage, retrieve his articles
$sql .= " articles a ,";
$sql .= " article_author aa ";
$state = 1;
// we assume that there was another stages been assign..
break;
case 2:
// the user is assign on editing stage..
$editing_stage = 1;
break;
case 3:
// ..proofreading stage..
$proofreading_stage = 1;
break;
case 4:
// ..publishinng stage..
$publishing_stage = 1;
break;
}
}
}
// if this user has been assign with these stages..editing, proofreading ..etc...
if ($editing_stage == 1 || $proofreading_stage == 1 || $publishing_stage == 1) {
if (count($user_stages) > 1) {
// this user is assign with SOME WORKFLOWS..
if ($state) {
//
$sql .= " ,article_versions av ";
} else {
// simply, first call of the article versions..
$sql .= " article_versions av ";
}
} else {
// this user has been set with one workflows..
$sql .= " article_versions av ";
}
}
$sql .= " where ";
// WHERE CLAUSE HERE..very important!!!!
$state = 0;
if (count($user_stages) > 1) {
// this user has been assign with SOME WORKFLOWS
foreach ($user_stages as $field => $user_stage) {
if ($user_stage->stageID) {
switch ($user_stage->stageID) {
case 1:
// writer
$sql .= " a.stageID = 1 ";
$sql .= " and aa.userID = {$userID} ";
$state = 1;
break;
case 2:
// editor
// PROBLEM : concatenation of and..ex. editor+chef
if ($state) {
$sql .= " and av.stageID = 2 ";
} else {
$sql .= " av.stageID = 2 ";
}
break;
case 3:
// editor n chief
if ($state) {
$sql .= " and av.stageID = 3 ";
} else {
$sql .= " av.stageID = 3 ";
}
//$sql .= " and av.modified_by = $userID ";
break;
case 4:
// publisher
$sql .= " and av.stageID = 4 ";
break;
}
}
}
} else {
foreach ($user_stages as $field => $user_stage) {
if ($user_stage->stageID) {
switch ($user_stage->stageID) {
case 1:
// writer
$sql .= " a.stageID = 1 ";
//$sql .= " and aa.userID = $userID ";
break;
case 2:
// editor
$sql .= " av.stageID = 2 ";
//$sql .= " and av.modified_by = $userID ";
break;
case 3:
// editor n chief
$sql .= " av.stageID = 3 ";
//$sql .= " or av.modified_by = $userID ";
break;
case 4:
// publisher
$sql .= " av.stageID = 4 ";
break;
}
}
}
}
print '[SQL=' . $sql;
if (!($result = $db->query($sql))) {
die('Error:' . $db->error());
}
$query_data = array();
while ($query_data[] = $db->fetcharray()) {
}
print '[totalrec=' . $db->getnumrows();
//print_r($query_data );
return $query_data;
$db->close();
// close connection
}
/**
* Check if user is admin
*/
function checkAdmin($die = true)
{
global $db;
# get variables from config file
/* first get active username */
session_start();
$ipamusername = $_SESSION['ipamusername'];
session_write_close();
/* set check query and get result */
$database = new database($db['host'], $db['user'], $db['pass'], $db['name']);
$query = 'select role from users where username = "******";';
/* execute */
try {
$role = $database->getRow($query);
} catch (Exception $e) {
$error = $e->getMessage();
print "<div class='alert alert-error'>" . _('Error') . ": {$error}</div>";
return false;
}
/* close database connection */
$database->close();
/* return true if admin, else false */
if ($role[0] == "Administrator") {
return true;
} else {
//die
if ($die == true) {
die('<div class="alert alert-error">' . _('Administrator level privileges are required to access this site') . '!</div>');
} else {
return false;
}
//update log
updateLogTable('User ' . $ipamusername . ' tried to access admin page.', "", 2);
}
}
$dbm4->exec();
$dbm4->close();
}
if ($insert_ab) {
$dbab = new database();
$dbab->debug($abdbdebug);
$dbab->connect($abdbhost, $abdbuser, $abdbpass, $abdbname);
/*** delete du serveur dans adminbot ***/
$dbab->delete("gameserver");
$dbab->where("ServerId = {$id}");
$dbab->exec();
/*** insertion du serveur dans adminbot ***/
$dbab->insert("gameserver (ServerId,GameId,GameGroupId,ServerAddress,ServerPort,ServerIsUp,ServerType,ServerRcon,ServerHostName)");
$dbab->values("'{$id}','','','{$adresse}','{$port}','','cs','{$rcon}','{$nom}'");
$dbab->exec();
$dbab->close();
}
/*** redirection ***/
js_goto("?page=serveurs&op=modify&id={$id}");
}
} elseif ($op == "delete") {
/*** verification securite ***/
if ($grade['a'] != 'a' && $grade['b'] != 'b' && $grade['r'] != 'r') {
js_goto($PHP_SELF);
}
$db->delete("{$dbprefix}serveurs");
$db->where("id = {$id}");
$db->exec();
/*** redirection ***/
js_goto("?page=serveurs&op=admin");
} elseif ($op == "voir") {
public function update_pass($post)
{
$pass_new1 = $post['pass_new1'];
$pass_new2 = $post['pass_new2'];
$id = $post['id'];
$type = $post['type'];
$db = new database($GLOBALS['config']);
$error = "";
if ($pass_new1 == '' || $pass_new2 == '') {
$error = $error . "กรุณากรอกรหัสผ่าน";
}
//Send error if some of password
if ($error != '') {
echo $error;
die;
}
if (strcmp($pass_new1, $pass_new2) != 0) {
$error = $error . "รหัสผ่านใหม่ไม่ตรงกัน กรุณาแก้ไข";
} else {
switch ($type) {
case 'member':
$db->query("UPDATE `member` SET\n\t\t\t\t\t\t\t\t`m_pass` = '" . $pass_new1 . "'\n\t\t\t\t\t\t\t\tWHERE `m_id` = '" . $id . "';");
break;
case 'student':
$db->query("UPDATE `student` SET\n\t\t\t\t\t\t\t\t`s_pass` = '" . $pass_new1 . "'\n\t\t\t\t\t\t\t\tWHERE `s_id` = '" . $id . "';");
break;
case 'aadvisor':
$db->query("UPDATE `advisor` SET\n\t\t\t\t\t\t\t\t`a_pass` = '" . $pass_new1 . "'\n\t\t\t\t\t\t\t\tWHERE `a_id` = '" . $id . "';");
break;
case 'admin':
$db->query("UPDATE `admin` SET\n\t\t\t\t\t\t\t\t`x_pass` = '" . $pass_new1 . "'\n\t\t\t\t\t\t\t\tWHERE `x_id` = '" . $id . "';");
break;
}
echo "แก้ไขเสร็จเรียบร้อย";
}
//Send error if some of password
if ($error != '') {
echo $error;
die;
}
$db->close();
}
$queries = ereg_replace('%show_viewuserlist_in_user_nav%', Yes, $queries);
$queries = ereg_replace('%prefix%', $_POST['databaseprefix'], $queries);
//$queries .= file_get_contents ('kernel/sql/basiccontent.sql');
//$queries .= file_get_contents ('kernel/sql/helpcontent.sql');
$queriesarray = explode(';', $queries);
// FIXME; stupid hack
// unset the last arrayvlue --> it is empty
unset($queriesarray[count($queriesarray) + 1]);
foreach ($queriesarray as $query) {
// if there are too many ';'
// do not execute them
$query = trim($query);
if (!empty($query)) {
echo $query . '<br />';
$database->query($query);
}
}
$database->close();
} catch (exceptionlist $e) {
//echo $e->getMessage ();
echo $e->debuginfo;
}
echo '<b>delete install.php now</b>';
} else {
if ($_POST['submit'] == 'testdbconn') {
echo 'test de connectie';
} else {
die('error in POST');
}
}
}
/**
* Check for duplicates on add
*/
function checkDuplicate($ip, $subnetId)
{
global $db;
# get variables from config file
/* we need to put IP in decimal format */
$ip = Transform2decimal($ip);
/* set query, open db connection and fetch results */
$query = 'select * from `ipaddresses` where `ip_addr` = "' . $ip . '" and subnetId = "' . $subnetId . '" ;';
$database = new database($db['host'], $db['user'], $db['pass'], $db['name']);
/* execute */
try {
$unique = $database->getArray($query);
} catch (Exception $e) {
$error = $e->getMessage();
print "<div class='alert alert-error'>" . _('Error') . ":{$error}</div>";
return false;
}
$database->close();
/* return false if it exists */
if (sizeof($unique) != 0) {
return true;
} else {
return false;
}
}
function processMasterSchemaFile($sSchemaFile)
{
global $DB_ADAPTER;
global $DB_HOST;
global $DB_USER;
global $DB_PASS;
global $DB_NAME;
global $aUpgradeData;
//convert newSchema to array
if (isset($aUpgradeData['aNewSchema'])) {
$aNewSchema = $aUpgradeData['aNewSchema'];
} else {
$aNewSchema = schemaToArray($sSchemaFile);
$aUpgradeData['aNewSchema'] = $aNewSchema;
}
$aOldSchema = processSchemaFile();
if (is_null($aOldSchema)) {
return;
}
$aChanges = obtainChanges($aOldSchema, $aNewSchema);
$oDataBase = new database($DB_ADAPTER, $DB_HOST, $DB_USER, $DB_PASS, $DB_NAME);
if (!$oDataBase->isConnected()) {
return;
}
$oDataBase->iFetchType = MYSQL_NUM;
$oDataBase->logQuery(count($aChanges));
foreach ($aChanges['tablesToAdd'] as $sTable => $aColumns) {
$oDataBase->executeQuery($oDataBase->generateCreateTableSQL($sTable, $aColumns));
if (isset($aChanges['tablesToAdd'][$sTable]['INDEXES'])) {
foreach ($aChanges['tablesToAdd'][$sTable]['INDEXES'] as $indexName => $aIndex) {
$oDataBase->executeQuery($oDataBase->generateAddKeysSQL($sTable, $indexName, $aIndex));
}
}
}
foreach ($aChanges['tablesToAlter'] as $sTable => $aActions) {
foreach ($aActions as $sAction => $aAction) {
foreach ($aAction as $sColumn => $vData) {
switch ($sAction) {
case 'DROP':
$oDataBase->executeQuery($oDataBase->generateDropColumnSQL($sTable, $vData));
break;
case 'ADD':
$oDataBase->executeQuery($oDataBase->generateAddColumnSQL($sTable, $sColumn, $vData));
break;
case 'CHANGE':
$oDataBase->executeQuery($oDataBase->generateChangeColumnSQL($sTable, $sColumn, $vData));
break;
}
}
}
}
foreach ($aChanges['tablesWithNewIndex'] as $sTable => $aIndexes) {
foreach ($aIndexes as $sIndexName => $aIndexFields) {
$oDataBase->executeQuery($oDataBase->generateAddKeysSQL($sTable, $sIndexName, $aIndexFields));
}
}
foreach ($aChanges['tablesToAlterIndex'] as $sTable => $aIndexes) {
foreach ($aIndexes as $sIndexName => $aIndexFields) {
$oDataBase->executeQuery($oDataBase->generateDropKeySQL($sTable, $sIndexName));
$oDataBase->executeQuery($oDataBase->generateAddKeysSQL($sTable, $sIndexName, $aIndexFields));
}
}
$oDataBase->close();
}
public function new_app_slide()
{
$db = new database($GLOBALS['config']);
$res = $db->query("SELECT * FROM `project` . `application`\n\t\t\t\t\t\tWHERE `app_time` \n\t\t\t\t\t\tORDER BY `app_time` ASC\n\t\t\t\t\t\t");
while ($row = mysql_fetch_array($res)) {
$path_new_app = $row["app_scr_1"];
}
$db->close();
echo $path_new_app;
}
define('ADMIN_STYLE_PATH_ABS', PATH . 'admin/' . ADMIN_STYLE_NAME . '/');
#get languge of common
get_lang('common');
#ban system
get_ban();
#install.php exists, raise a message
if (file_exists(PATH . 'install') && !defined('IN_ADMIN') && !defined('IN_LOGIN') && !defined('DEV_STAGE')) {
#Different message for admins! delete install folder
kleeja_info(user_can('enter_acp') ? $lang['DELETE_INSTALL_FOLDER'] : $lang['WE_UPDATING_KLEEJA_NOW'], $lang['SITE_CLOSED']);
}
#site close message if enabled
$login_page = '';
if ($config['siteclose'] == '1' && !user_can('enter_acp') && !defined('IN_LOGIN') && !defined('IN_ADMIN')) {
#if download, images ?
if (defined('IN_DOWNLOAD') && (ig('img') || ig('thmb') || ig('thmbf') || ig('imgf'))) {
@$SQL->close();
$fullname = "images/site_closed.jpg";
$filesize = filesize($fullname);
header("Content-length: {$filesize}");
header("Content-type: image/jpg");
readfile($fullname);
exit;
}
#Send a 503 HTTP response code to prevent search bots from indexing the maintenace message
header('HTTP/1.1 503 Service Temporarily Unavailable');
kleeja_info($config['closemsg'], $lang['SITE_CLOSED']);
}
#exceed total size
if ($stat_sizes >= $config['total_size'] * 1048576 && !defined('IN_LOGIN') && !defined('IN_ADMIN')) {
// Send a 503 HTTP response code to prevent search bots from indexing the maintenace message
header('HTTP/1.1 503 Service Temporarily Unavailable');
