/**
* Title
*
* Description
*
* @access public
*/
function getObjectsByClass($class_name)
{
$class_record = SQLSelectOne("SELECT ID FROM classes WHERE TITLE LIKE '" . DBSafe(trim($class_name)) . "'");
if (!$class_record['ID']) {
return 0;
}
$objects = SQLSelect("SELECT ID, TITLE FROM objects WHERE CLASS_ID='" . $class_record['ID'] . "'");
$sub_classes = SQLSelect("SELECT ID, TITLE FROM classes WHERE PARENT_ID='" . $class_record['ID'] . "'");
if ($sub_classes[0]['ID']) {
$total = count($sub_classes);
for ($i = 0; $i < $total; $i++) {
$sub_objects = getObjectsByClass($sub_classes[$i]['TITLE']);
if ($sub_objects[0]['ID']) {
foreach ($sub_objects as $obj) {
$objects[] = $obj;
}
}
}
}
/*
$total=count($objects);
for($i=0;$i<$total;$i++) {
$objects[$i]=getObject($objects[$i]['TITLE'])
}
*/
return $objects;
}
function updateAccess($cmd_id, $users_id)
{
SQLSelect("DELETE from tlg_user_cmd where CMD_ID=" . $cmd_id);
$users = explode(",", $users_id);
foreach ($users as $value) {
$recCU = array();
$recCU['CMD_ID'] = $cmd_id;
$recCU['USER_ID'] = $value;
$recCU['ID'] = SQLInsert('tlg_user_cmd', $recCU);
}
}
function run()
{
global $session;
if (isset($session->data["AUTHORIZED"])) {
$this->authorized = 1;
}
if ($this->print) {
$out['PRINT'] = 1;
}
$out["TODAY"] = date('l, F d, Y');
$out["AUTHORIZED"] = $this->authorized;
if ($this->authorized) {
include_once DIR_MODULES . "control_access/control_access.class.php";
$acc = new control_access();
if (!$acc->checkAccess($this->action, 1)) {
$this->redirect("?");
}
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
clearCache(0);
}
$modules = SQLSelect("SELECT * FROM project_modules WHERE `HIDDEN`='0' ORDER BY CATEGORY, `PRIORITY`, `TITLE`");
$old_cat = 'some_never_should_be_category_name';
for ($i = 0; $i < count($modules); $i++) {
if ($modules[$i]['NAME'] == $this->action) {
$modules[$i]['SELECTED'] = 1;
}
if ($modules[$i]['CATEGORY'] != $old_cat) {
$modules[$i]['NEW_CATEGORY'] = 1;
$old_cat = $modules[$i]['CATEGORY'];
if ($i > 0) {
//echo $last_allow."<br>";
$modules[$last_allow]['LAST_IN_CATEGORY'] = 1;
}
}
if (!$acc->checkAccess($modules[$i]['NAME'])) {
$modules[$i]['DENIED'] = 1;
} else {
$last_allow = $i;
}
if (file_exists(ROOT . 'img/admin/icons/ico_' . $modules[$i]['NAME'] . '_sm.gif')) {
$modules[$i]['ICON_SM'] = ROOTHTML . 'img/admin/icons/ico_' . $modules[$i]['NAME'] . '_sm.gif';
} else {
$modules[$i]['ICON_SM'] = ROOTHTML . 'img/admin/icons/ico_default_sm.gif';
}
}
$modules[$last_allow]['LAST_IN_CATEGORY'] = 1;
$out["SUB_MODULES"] = $modules;
}
$out["ACTION"] = $this->action;
$this->data = $out;
$p = new parser(DIR_TEMPLATES . $this->name . ".html", $this->data, &$this);
return $p->result;
}
/**
* Cette fonction vérifie si le login/passe passés en paramètre sont légaux
* Elle stocke le pseudo de la personne dans des variables de session : session_start doit avoir été appelé...
* Elle enregistre aussi une information permettant de savoir si l'utilisateur qui se connecte est administrateur ou non
* Elle enregistre l'état de la connexion dans une variable de session "connecte" = true
* @pre login et passe ne doivent pas être vides
* @param string $login
* @param string $password
* @return false ou true ; un effet de bord est la création de variables de session
*/
function verifUser($login, $password)
{
// NE PAS ETRE UN LOSER
$sql = "SELECT id, pseudo FROM users WHERE pseudo='{$login}' AND passe='{$password}' ";
$rs = SQLSelect($sql);
if ($rs) {
// connexion acceptee
$tabUsers = parcoursRs($rs);
$dataUser = $tabUsers[0];
$_SESSION["connecte"] = true;
$_SESSION["pseudo"] = $dataUser["pseudo"];
$_SESSION["idUser"] = $dataUser["id"];
$_SESSION["heureConnexion"] = date("H:i:s");
return true;
} else {
session_destroy();
return false;
}
}
function removeMissingSubscribers()
{
$settings = SQLSelect("SELECT * FROM settings WHERE NAME LIKE 'HOOK_EVENT_%' AND TYPE='json'");
$total = count($settings);
for ($i = 0; $i < $total; $i++) {
$data = json_decode($settings[$i]['VALUE'], true);
$changed = 0;
if (is_array($data)) {
foreach ($data as $k => $v) {
$module_name = $k;
if (!file_exists(DIR_MODULES . 'modules/' . $module_name . '/' . $module_name . '.class.php')) {
unset($data[$module_name]);
$changed = 1;
}
}
if ($changed) {
$settings[$i]['VALUE'] = json_encode($data);
SQLUpdate('settings', $settings[$i]);
}
}
}
}
/**
* Summary of checkFromCache
* @param mixed $key Key
* @return mixed
*/
function checkFromCache($key)
{
global $memory_cache;
if (isset($_SERVER['REQUEST_METHOD']) && !is_array($memory_cache)) {
$tmp = SQLSelect("SELECT KEYWORD, DATAVALUE FROM cached_values");
$total = count($tmp);
for ($i = 0; $i < $total; $i++) {
if ($tmp[$i]['DATAVALUE'] != '(too big)') {
$memory_cache[$tmp[$i]['KEYWORD']] = $tmp[$i]['DATAVALUE'];
}
}
}
if (isset($memory_cache[$key])) {
return $memory_cache[$key];
}
$rec = SQLSelectOne("SELECT * FROM cached_values WHERE KEYWORD = '" . DBSafe($key) . "'");
if ($rec['KEYWORD'] && $rec['DATAVALUE'] != '(too big)') {
return $rec['DATAVALUE'];
} else {
return false;
}
}
if (!$qry) {
$qry = "1";
}
// FIELDS ORDER
global $sortby_system_errors;
if (!$sortby_system_errors) {
$sortby_system_errors = $session->data['system_errors_sort'];
} else {
if ($session->data['system_errors_sort'] == $sortby_system_errors) {
if (Is_Integer(strpos($sortby_system_errors, ' DESC'))) {
$sortby_system_errors = str_replace(' DESC', '', $sortby_system_errors);
} else {
$sortby_system_errors = $sortby_system_errors . " DESC";
}
}
$session->data['system_errors_sort'] = $sortby_system_errors;
}
$sortby_system_errors = "ACTIVE DESC, LATEST_UPDATE DESC, CODE";
$out['SORTBY'] = $sortby_system_errors;
// SEARCH RESULTS
$res = SQLSelect("SELECT * FROM system_errors WHERE {$qry} ORDER BY " . $sortby_system_errors);
if ($res[0]['ID']) {
colorizeArray($res);
$total = count($res);
for ($i = 0; $i < $total; $i++) {
// some action for every record if required
$tmp = explode(' ', $res[$i]['LATEST_UPDATE']);
$res[$i]['LATEST_UPDATE'] = fromDBDate($tmp[0]) . " " . $tmp[1];
}
$out['RESULT'] = $res;
}
/**
* FrontEnd
*
* Module frontend
*
* @access public
*/
function usual(&$out)
{
global $session;
if ($this->action == 'addevent') {
global $mode;
$this->mode = $mode;
if ($this->mode == 'update') {
global $type;
global $window;
global $details;
global $terminal_to;
global $user_to;
$event = array();
$event['EVENT_TYPE'] = $type;
$event['WINDOW'] = $window;
$event['DETAILS'] = $details;
$event['TERMINAL_TO'] = $terminal_to;
$event['TERMINAL_FROM'] = $session->data['TERMINAL'];
$event['USER_TO'] = $user_to;
$event['USER_FROM'] = $session->data['USERNAME'];
$event['ADDED'] = date('Y-m-d H:i:s');
$event['EXPIRE'] = date('Y-m-d H:i:s', time() + 5 * 60);
//5 minutes expire
SQLInsert('events', $event);
}
$terminals = SQLSelect("SELECT * FROM terminals ORDER BY TITLE");
$total = count($terminals);
for ($i = 0; $i < $total; $i++) {
if ($terminals[$i]['NAME'] == $session->data['TERMINAL']) {
$terminals[$i]['SELECTED'] = 1;
$out['TERMINAL_TITLE'] = $terminals[$i]['TITLE'];
}
}
$out['TERMINALS'] = $terminals;
$users = SQLSelect("SELECT * FROM users ORDER BY NAME");
$total = count($users);
for ($i = 0; $i < $total; $i++) {
if ($users[$i]['USERNAME'] == $session->data['USERNAME']) {
$users[$i]['SELECTED'] = 1;
$out['USER_TITLE'] = $users[$i]['NAME'];
}
}
$out['USERS'] = $users;
}
if ($this->action == 'getnextevent') {
if (!$session->data['TERMINAL']) {
$session->data['TERMINAL'] = 'temp' . date('YmdHis');
}
//echo "next event for ".$session->data['USERNAME']." on ".$session->data['TERMINAL'];//.date('H:i:s')
SQLExec("DELETE FROM events WHERE EXPIRE<NOW() AND EVENT_TYPE!='system'");
$qry = "1";
//$qry.=" AND TERMINAL_FROM!='".DBSafe($session->data['TERMINAL'])."'";
$qry .= " AND EVENT_TYPE!='system'";
$qry .= " AND PROCESSED=0";
$qry .= " AND (TERMINAL_TO='*' OR TERMINAL_TO='" . DBSafe($session->data['TERMINAL']) . "')";
$qry .= " AND (USER_TO='*' OR USER_TO='" . DBSafe($session->data['USERNAME']) . "')";
$event = SQLSelectOne("SELECT * FROM events WHERE {$qry} ORDER BY ADDED");
if ($event['ID']) {
$res = $event['ID'] . '|' . $event['EVENT_TYPE'] . '|' . $event['WINDOW'] . '|' . str_replace("\n", '\\n', $event['DETAILS']);
echo $res;
$event['PROCESSED'] = 1;
SQLUpdate('events', $event);
}
exit;
}
}
$distance = calculateTheDistance($rec['LAT'], $rec['LON'], $prev_log['LAT'], $prev_log['LON']);
if ($distance > 100) {
//we're moving
$objectIsMoving = $user['LINKED_OBJECT'] . '.isMoving';
setGlobal($objectIsMoving, 1);
clearTimeOut($user['LINKED_OBJECT'] . '_moving');
// stopped after 15 minutes of inactivity
setTimeOut($user['LINKED_OBJECT'] . '_moving', "setGlobal('" . $objectIsMoving . "', 0);", 15 * 60);
}
}
}
}
// checking locations
$lat = (double) $_REQUEST['latitude'];
$lon = (double) $_REQUEST['longitude'];
$locations = SQLSelect("SELECT * FROM gpslocations");
$total = count($locations);
$location_found = 0;
for ($i = 0; $i < $total; $i++) {
if (!$locations[$i]['RANGE']) {
$locations[$i]['RANGE'] = GPS_LOCATION_RANGE_DEFAULT;
}
$distance = calculateTheDistance($lat, $lon, $locations[$i]['LAT'], $locations[$i]['LON']);
//echo ' (' . $locations[$i]['LAT'] . ' : ' . $locations[$i]['LON'] . ') ' . $distance . ' m';
if ($distance <= $locations[$i]['RANGE']) {
//Debmes("Device (" . $device['TITLE'] . ") NEAR location " . $locations[$i]['TITLE']);
$location_found = 1;
if ($user['LINKED_OBJECT']) {
setGlobal($user['LINKED_OBJECT'] . '.seenAt', $locations[$i]['TITLE']);
}
// we are at location
if ($rec['SUB_LIST']!='') {
$parents=SQLSelect("SELECT ID, TITLE FROM $table_name WHERE ID!='".$rec['ID']."' AND ID NOT IN (".$rec['SUB_LIST'].") ORDER BY TITLE");
} else {
$parents=SQLSelect("SELECT ID, TITLE FROM $table_name WHERE ID!='".$rec['ID']."' ORDER BY TITLE");
}
$out['PARENTS']=$parents;
}
if (is_array($rec)) {
foreach($rec as $k=>$v) {
if (!is_array($v)) {
$rec[$k]=htmlspecialchars($v);
}
}
}
outHash($rec, $out);
$out['SCRIPTS']=SQLSelect("SELECT ID, TITLE FROM scripts ORDER BY TITLE");
if ($out['ID']) {
$same_level=SQLSelect("SELECT * FROM commands WHERE PARENT_ID='".$out['PARENT_ID']."' ORDER BY PRIORITY DESC, TITLE");
$out['SAME_LEVEL']=$same_level;
$children=SQLSelect("SELECT * FROM commands WHERE PARENT_ID='".$out['ID']."' ORDER BY PRIORITY DESC, TITLE");
if ($children) {
$out['CHILDREN']=$children;
}
}
?>
if (!$qry) {
$qry = "1";
}
// FIELDS ORDER
global $sortby_elements;
if (!$sortby_elements) {
$sortby_elements = $session->data['elements_sort'];
} else {
if ($session->data['elements_sort'] == $sortby_elements) {
if (Is_Integer(strpos($sortby_elements, ' DESC'))) {
$sortby_elements = str_replace(' DESC', '', $sortby_elements);
} else {
$sortby_elements = $sortby_elements . " DESC";
}
}
$session->data['elements_sort'] = $sortby_elements;
}
if (!$sortby_elements) {
$sortby_elements = "TITLE";
}
$out['SORTBY'] = $sortby_elements;
// SEARCH RESULTS
$res = SQLSelect("SELECT * FROM elements WHERE {$qry} ORDER BY " . $sortby_elements);
if ($res[0]['ID']) {
colorizeArray($res);
$total = count($res);
for ($i = 0; $i < $total; $i++) {
// some action for every record if required
}
$out['RESULT'] = $res;
}
/**
* Title
*
* Description
*
* @access public
*/
function propertySetHandle($object, $property, $value)
{
$commands = SQLSelect("SELECT * FROM commands WHERE LINKED_OBJECT LIKE '" . DBSafe($object) . "' AND LINKED_PROPERTY LIKE '" . DBSafe($property) . "'");
$total = count($commands);
for ($i = 0; $i < $total; $i++) {
$commands[$i]['CUR_VALUE'] = $value;
SQLUpdate('commands', $commands[$i]);
}
}
if (!$sortby) {
$sortby = $session->data['commands_sort'];
} else {
if ($session->data['commands_sort'] == $sortby) {
if (Is_Integer(strpos($sortby, ' DESC'))) {
$sortby = str_replace(' DESC', '', $sortby);
} else {
$sortby = $sortby . " DESC";
}
}
$session->data['commands_sort'] = $sortby;
}
$sortby = "PRIORITY DESC, TITLE";
$out['SORTBY'] = $sortby;
// SEARCH RESULTS
$res = SQLSelect("SELECT * FROM commands WHERE {$qry} ORDER BY {$sortby}");
if ($res[0]['ID']) {
if ($this->action != 'admin') {
$dynamic_res = array();
$total = count($res);
for ($i = 0; $i < $total; $i++) {
if ($res[$i]['SMART_REPEAT'] && $res[$i]['LINKED_OBJECT']) {
$obj = getObject($res[$i]['LINKED_OBJECT']);
$objects = getObjectsByClass($obj->class_id);
$total_o = count($objects);
for ($io = 0; $io < $total_o; $io++) {
$rec = $res[$i];
$rec['ID'] = $res[$i]['ID'] . '_' . $objects[$io]['ID'];
$rec['LINKED_OBJECT'] = $objects[$io]['TITLE'];
$rec['DATA'] = str_replace('%' . $res[$i]['LINKED_OBJECT'] . '.', '%' . $rec['LINKED_OBJECT'] . '.', $rec['DATA']);
$rec['CUR_VALUE'] = getGlobal($rec['LINKED_OBJECT'] . '.' . $rec['LINKED_PROPERTY']);
/**
* btdevices edit/add
*
* @access public
*/
function edit_btdevices(&$out, $id)
{
$rec = SQLSelectOne("SELECT * FROM btdevices WHERE ID='" . (int) $id . "'");
if ($this->mode == 'update') {
global $title;
global $user_id;
$rec['TITLE'] = $title;
$rec['USER_ID'] = $user_id;
SQLUpdate('btdevices', $rec);
$this->redirect("?");
}
$rec['LOG'] = nl2br($rec['LOG']);
outHash($rec, $out);
$out['USERS'] = SQLSelect("SELECT * FROM users ORDER BY NAME");
}
function getConversation($idConv)
{
// Récupère les données de la conversation (theme, active)
$SQL = "SELECT theme, active FROM conversations WHERE id='{$idConv}'";
$listConversations = parcoursRs(SQLSelect($SQL));
// Attention : parcoursRS nous renvoie un tableau contenant potentiellement PLUSIEURS CONVERSATIONS
// Il faut renvoyer uniquement la première case de ce tableau, c'est à dire la case 0
// OU false si la conversation n'existe pas
if (count($listConversations) == 0) {
return false;
} else {
return $listConversations[0];
}
}
$session->data['patterns_qry'] = $qry;
}
if (!$qry) {
$qry = "1";
}
// FIELDS ORDER
global $sortby_patterns;
if (!$sortby_patterns) {
$sortby_patterns = $session->data['patterns_sort'];
} else {
if ($session->data['patterns_sort'] == $sortby_patterns) {
if (Is_Integer(strpos($sortby_patterns, ' DESC'))) {
$sortby_patterns = str_replace(' DESC', '', $sortby_patterns);
} else {
$sortby_patterns = $sortby_patterns . " DESC";
}
}
$session->data['patterns_sort'] = $sortby_patterns;
}
$sortby_patterns = "PRIORITY DESC, TITLE";
// SEARCH RESULTS
$res = SQLSelect("SELECT * FROM patterns WHERE {$qry} ORDER BY " . $sortby_patterns);
if ($res[0]['ID']) {
//colorizeArray($res);
$total = count($res);
for ($i = 0; $i < $total; $i++) {
// some action for every record if required
}
$res = $this->buildTree_patterns($res);
$out['RESULT'] = $res;
}
function run()
{
// running current module
global $session;
if ($this->owner->name != 'panel' && $this->owner->name != 'master') {
echo "Unauthorized Access";
exit;
}
if ($this->id == '1') {
$this->mode = 'edit';
global $id;
global $mode;
$id = $this->id;
$mode = 'edit';
$out['MASTER'] = 1;
}
// LDAP inicial
if (function_exists('ldap_connect') && is_file(ROOT . 'modules/ldap_users/installed')) {
$out['LDAP_ON'] = 1;
}
if ($this->mode == 'logoff') {
unset($session->data['AUTHORIZED']);
unset($session->data['USER_NAME']);
unset($session->data['USERNAME']);
unset($session->data['SITE_USERNAME']);
unset($session->data['SITE_USER_ID']);
unset($session->data["cp_requested_url"]);
$this->owner->redirect("/");
}
if ($this->action == "enter") {
global $md;
global $login;
if (!$session->data["cp_requested_url"] && ($md != 'panel' || $action != '') && !$login) {
$session->data["cp_requested_url"] = $_SERVER['REQUEST_URI'];
}
if ($this->mode == "check") {
global $login;
global $psw;
// $user=SQLSelectOne("SELECT * FROM admin_users WHERE LOGIN='******' AND PASSWORD='******'");
$user = SQLSelectOne("SELECT * FROM admin_users WHERE LOGIN='******' AND PASSWORD='******'");
// $user=SQLSelectOne("SELECT * FROM admin_users WHERE 1");
// LDAP logining
if ($out['LDAP_ON'] != false && ($user == false || $psw == 'this_ldap_admin')) {
include_once ROOT . 'modules/ldap_users/ldap_users.class.php';
$ldap = new ldap_users();
$user = $ldap->ctrl_access();
}
// LDAP loginig
if (!isset($user['ID'])) {
$out["ERRMESS"] = "Wrong username and/or password";
} else {
$session->data['AUTHORIZED'] = 1;
$session->data['USER_NAME'] = $user['LOGIN'];
$session->data['USER_LEVEL'] = $user['PRIVATE'];
$session->data['USER_ID'] = $user['ID'];
if (!$session->data["cp_requested_url"]) {
if (file_exists(DIR_MODULES . 'dashboard/dashboard.class.php')) {
$this->owner->redirect("?action=dashboard");
}
$this->owner->redirect("?");
} else {
$this->owner->redirect($session->data["cp_requested_url"]);
}
}
}
} elseif ($this->action == "logged") {
$out["USER_NAME"] = $session->data["USER_NAME"];
$tmp = SQLSelectOne("SELECT ID FROM admin_users WHERE LOGIN='******' AND PASSWORD='******'admin') . "'");
if ($tmp['ID']) {
$out['WARNING'] = 1;
}
$user = SQLSelectOne("SELECT * FROM admin_users WHERE LOGIN='******'");
if (!$user['ID']) {
unset($session->data['AUTHORIZED']);
unset($session->data['USER_NAME']);
$session->save();
$this->owner->redirect("?");
}
$modules = SQLSelect("SELECT * FROM project_modules WHERE HIDDEN='0' ORDER BY CATEGORY, NAME");
$modulesCnt = count($modules);
for ($i = 0; $i < $modulesCnt; $i++) {
if (preg_match("/," . $modules[$i]['NAME'] . ",/i", @$user["ACCESS"]) || preg_match("/," . $modules[$i]['NAME'] . "\$/i", @$user["ACCESS"]) || preg_match("/^" . $modules[$i]['NAME'] . ",/i", @$user["ACCESS"]) || preg_match("/^" . $modules[$i]['NAME'] . "\$/i", @$user["ACCESS"]) || 0) {
$new[] = $modules[$i];
}
}
$on_row = 0;
$newCnt = count($new);
for ($i = 0; $i < $newCnt; $i++) {
if ($new[$i]['CATEGORY'] != $new_category) {
$new[$i]['NEWCATEGORY'] = 1;
$new_category = $new[$i]['CATEGORY'];
$on_row = 0;
}
$on_row++;
if ($on_row % 6 == 0 && $on_row >= 6) {
$new[$i]['NEWROW'] = 1;
}
if (file_exists(ROOT . 'img/admin/icons/ico_' . $new[$i]['NAME'] . '.gif')) {
$new[$i]['ICON'] = ROOTHTML . 'img/admin/icons/ico_' . $new[$i]['NAME'] . '.gif';
} else {
$new[$i]['ICON'] = ROOTHTML . 'img/admin/icons/ico_default.gif';
}
}
$out["MODULES"] = $new;
if (file_exists(DIR_MODULES . 'saverestore/saverestore.class.php')) {
$out['CHECK_UPDATES'] = 1;
global $check;
if ($check) {
include_once DIR_MODULES . 'saverestore/saverestore.class.php';
$sv = new saverestore();
$sv->checkUpdates($o);
if ($o['NO_UPDATES'] || $o['ERROR_CHECK']) {
echo "no";
} else {
echo "yes";
}
exit;
}
}
} elseif ($this->action == "logoff") {
unset($session->data['AUTHORIZED']);
unset($session->data['USER_NAME']);
unset($session->data['USERNAME']);
$this->owner->redirect("?");
} elseif ($this->action == "admin") {
global $mode;
global $mode2;
global $id;
if (!$session->data['AUTHORIZED']) {
exit;
}
if ($mode == "delete") {
SQLExec("DELETE FROM admin_users WHERE ID='" . $id . "'");
$this->redirect("?");
}
if ($mode == "edit") {
$user = SQLSelectOne("SELECT * FROM admin_users WHERE ID='" . $id . "'");
if ($mode2 == "update") {
$ok = 1;
global $name;
global $login;
global $password;
global $email;
global $comments;
global $sel;
global $private;
global $EMAIL_ORDERS;
global $EMAIL_INVENTORY;
$user['NAME'] = $name;
if (!checkGeneral($user['NAME'])) {
$out["ERR_NAME"] = 1;
$ok = 0;
}
$user['LOGIN'] = $login;
if (!checkGeneral($user['LOGIN'])) {
$out["ERR_LOGIN"] = 1;
$ok = 0;
}
if ($password != '' || !$user['ID']) {
$user['PASSWORD'] = $password;
if (!checkGeneral($user['PASSWORD'])) {
$out["ERR_PASSWORD"] = 1;
$ok = 0;
} else {
$user['PASSWORD'] = md5($user['PASSWORD']);
}
}
$user['EMAIL'] = $email;
$user['COMMENTS'] = $comments;
$user['PRIVATE'] = (int) $private;
$user['EMAIL_ORDERS'] = $EMAIL_ORDERS;
$user['EMAIL_INVENTORY'] = $EMAIL_INVENTORY;
if (count($sel) > 0) {
$user['ACCESS'] = join(",", $sel);
} else {
$user['ACCESS'] = "";
}
if ($ok) {
SQLUpdateInsert("admin_users", $user);
$out["OK"] = 1;
}
}
$modules = SQLSelect("SELECT * FROM project_modules");
$modulesCnt = count($modules);
for ($i = 0; $i < $modulesCnt; $i++) {
if (preg_match("/," . $modules[$i]['NAME'] . ",/i", @$user["ACCESS"]) || preg_match("/," . $modules[$i]['NAME'] . "\$/i", @$user["ACCESS"]) || preg_match("/^" . $modules[$i]['NAME'] . ",/i", @$user["ACCESS"]) || preg_match("/^" . $modules[$i]['NAME'] . "\$/i", @$user["ACCESS"]) || 0) {
$modules[$i]["SELECTED"] = 1;
}
if (($i + 1) % 3 == 0) {
$modules[$i]['NEWR'] = 1;
}
}
$user["MODULES"] = $modules;
outHash($user, $out);
}
$users = SQlSelect("SELECT * FROM admin_users ORDER BY ID DESC");
$out["USERS"] = $users;
}
$out["MODE"] = $mode;
$out["ACTION"] = $this->action;
$this->data = $out;
$p = new parser(DIR_TEMPLATES . $this->name . "/" . $this->name . ".html", $this->data, $this);
$this->result = $p->result;
}
/**
* Getting list of sub-modules
*
* Reserved for future development
*
* @access private
*/
function getSubModules() {
return SQLSelect("SELECT * FROM project_modules WHERE PARENT_NAME='".$this->name."'");
}
$sortby=$session->data['commands_sort'];
} else {
if ($session->data['commands_sort']==$sortby) {
if (Is_Integer(strpos($sortby, ' DESC'))) {
$sortby=str_replace(' DESC', '', $sortby);
} else {
$sortby=$sortby." DESC";
}
}
$session->data['commands_sort']=$sortby;
}
$sortby="PRIORITY DESC, TITLE";
$out['SORTBY']=$sortby;
// SEARCH RESULTS
$res=SQLSelect("SELECT * FROM commands WHERE $qry ORDER BY $sortby");
if ($res[0]['ID']) {
$total=count($res);
for($i=0;$i<$total;$i++) {
// some action for every record if required
$item=$res[$i];
if ($item['LINKED_PROPERTY']!='') {
$lprop=getObject($item['LINKED_OBJECT'])->getProperty($item['LINKED_PROPERTY']);
if ($item['TYPE']=='custom') {
$field='DATA';
} else {
$field='CUR_VALUE';
}
if ($lprop!=$item[$field]) {
if (!$sortby) {
$sortby = "TITLE";
}
$out['SORTBY'] = $sortby;
// SEARCH RESULTS
$res = SQLSelect("SELECT * FROM classes WHERE {$qry} ORDER BY {$sortby}");
if ($res[0]['ID']) {
colorizeArray($res);
$total = count($res);
for ($i = 0; $i < $total; $i++) {
// some action for every record if required
$objects = SQLSelect("SELECT ID, TITLE, CLASS_ID, DESCRIPTION FROM objects WHERE CLASS_ID='" . $res[$i]['ID'] . "'");
if ($objects[0]['ID']) {
$total_o = count($objects);
for ($o = 0; $o < $total_o; $o++) {
$methods = SQLSelect("SELECT ID, TITLE FROM methods WHERE OBJECT_ID='" . $objects[$o]['ID'] . "'");
if ($methods[0]['ID']) {
$total_m = count($methods);
for ($im = 0; $im < $total_m; $im++) {
$parent_method = SQLSelectOne("SELECT ID FROM methods WHERE OBJECT_ID=0 AND CLASS_ID='" . $objects[$o]['CLASS_ID'] . "' AND TITLE='" . DBSafe($methods[$im]['TITLE']) . "'");
if ($methods[$im]['ID'] == 82) {
//echo $objects[$];exit;
}
if ($parent_method['ID']) {
$methods[$im]['ID'] = $parent_method['ID'];
}
}
$objects[$o]['METHODS'] = $methods;
}
}
$res[$i]['OBJECTS'] = $objects;
}
$out['USER_ID_OPTIONS'] = $tmp;
//options for 'LOCATION_ID' (select)
$tmp = SQLSelect("SELECT ID, TITLE FROM gpslocations ORDER BY TITLE");
$gpslocations_total = count($tmp);
for ($gpslocations_i = 0; $gpslocations_i < $gpslocations_total; $gpslocations_i++) {
$location_id_opt[$tmp[$gpslocations_i]['ID']] = $tmp[$gpslocations_i]['TITLE'];
}
for ($i = 0; $i < count($tmp); $i++) {
if ($rec['LOCATION_ID'] == $tmp[$i]['ID']) {
$tmp[$i]['SELECTED'] = 1;
}
}
$out['LOCATION_ID_OPTIONS'] = $tmp;
//options for 'CALENDAR_CATEGORY_ID' (select)
$tmp = SQLSelect("SELECT ID, TITLE FROM calendar_categories ORDER BY TITLE");
$calendar_categories_total = count($tmp);
for ($calendar_categories_i = 0; $calendar_categories_i < $calendar_categories_total; $calendar_categories_i++) {
$calendar_category_id_opt[$tmp[$calendar_categories_i]['ID']] = $tmp[$calendar_categories_i]['TITLE'];
}
for ($i = 0; $i < count($tmp); $i++) {
if ($rec['CALENDAR_CATEGORY_ID'] == $tmp[$i]['ID']) {
$tmp[$i]['SELECTED'] = 1;
}
}
$out['CALENDAR_CATEGORY_ID_OPTIONS'] = $tmp;
if (is_array($rec)) {
foreach ($rec as $k => $v) {
if (!is_array($v)) {
$rec[$k] = htmlspecialchars($v);
}
if (count($elements)) {
/*
$total=count($elements);
for($i=0;$i<$total;$i++) {
if ($elements[$i]['CSS_STYLE']!='default' && $elements[$i]['CSS_STYLE']!='') {
$elements[$i]['CSS_IMAGE']=$this->getCSSImage($elements[$i]['TYPE'], $elements[$i]['CSS_STYLE']);
}
}
*/
$out['ELEMENTS'] = $elements;
}
if ($element['TYPE'] == 'container') {
$sub_elements = SQLSelect("SELECT ID, TITLE FROM elements WHERE CONTAINER_ID=" . (int) $element['ID'] . " ORDER BY PRIORITY DESC, TITLE");
} elseif ($element['ID']) {
$sub_elements = SQLSelect("SELECT ID, TITLE FROM elements WHERE CONTAINER_ID=" . (int) $element['CONTAINER_ID'] . " AND SCENE_ID='" . $rec['ID'] . "' ORDER BY PRIORITY DESC, TITLE");
}
if ($sub_elements[0]['ID']) {
$out['SUB_ELEMENTS'] = $sub_elements;
}
$containers = SQLSelect("SELECT `ID`, `TITLE` FROM elements WHERE SCENE_ID='" . $rec['ID'] . "' AND TYPE='container' ORDER BY PRIORITY DESC, TITLE");
if ($element['CONTAINER_ID']) {
$total = count($containers);
for ($i = 0; $i < $total; $i++) {
if ($containers[$i]['ID'] == $element['CONTAINER_ID']) {
$out['CURRENT_CONTAINER_TITLE'] = $containers[$i]['TITLE'];
}
}
}
$out['CONTAINERS'] = $containers;
$out['SCENES'] = SQLSelect("SELECT * FROM scenes ORDER BY TITLE");
} else {
$new_rec = 1;
$rec['ID'] = SQLInsert($table_name, $rec);
// adding new record
}
$this->updateTree_classes();
$out['OK'] = 1;
} else {
$out['ERR'] = 1;
}
}
if ($this->tab == '') {
if ($rec['SUB_LIST'] != '') {
$parents = SQLSelect("SELECT ID, TITLE FROM {$table_name} WHERE ID!='" . $rec['ID'] . "' AND ID NOT IN (" . $rec['SUB_LIST'] . ") ORDER BY TITLE");
} else {
$parents = SQLSelect("SELECT ID, TITLE FROM {$table_name} WHERE ID!='" . $rec['ID'] . "' ORDER BY TITLE");
}
$out['PARENTS'] = $parents;
}
// step: default
if ($this->tab == '') {
}
// step: properties
if ($this->tab == 'properties') {
}
// step: methods
if ($this->tab == 'methods') {
}
if (is_array($rec)) {
foreach ($rec as $k => $v) {
if (!is_array($v)) {
/**
* product_categories update tree
*
* @access private
*/
function updateTree_product_categories($parent_id = 0, $parent_list = '')
{
$table = 'product_categories';
if (!is_array($parent_list)) {
$parent_list = array();
}
$sub_list = array();
$res = SQLSelect("SELECT * FROM {$table} WHERE PARENT_ID='{$parent_id}'");
$total = count($res);
for ($i = 0; $i < $total; $i++) {
if ($parent_list[0]) {
$res[$i]['PARENT_LIST'] = implode(',', $parent_list);
} else {
$res[$i]['PARENT_LIST'] = '0';
}
$sub_list[] = $res[$i]['ID'];
$tmp_parent = $parent_list;
$tmp_parent[] = $res[$i]['ID'];
$sub_this = $this->updateTree_product_categories($res[$i]['ID'], $tmp_parent);
if ($sub_this[0]) {
$res[$i]['SUB_LIST'] = implode(',', $sub_this);
} else {
$res[$i]['SUB_LIST'] = $res[$i]['ID'];
}
SQLUpdate($table, $res[$i]);
$sub_list = array_merge($sub_list, $sub_this);
}
return $sub_list;
}
$out['LOG'] = nl2br($out['LOG']);
if ($rec['ID']) {
$properties = SQLSelect("SELECT * FROM owproperties WHERE DEVICE_ID='" . $rec['ID'] . "' ORDER BY SYSNAME");
if ($this->mode == 'update') {
$total = count($properties);
for ($i = 0; $i < $total; $i++) {
global ${'linked_object' . $properties[$i]['ID']};
global ${'linked_property' . $properties[$i]['ID']};
if (${'linked_object' . $properties[$i]['ID']} && ${'linked_property' . $properties[$i]['ID']}) {
$properties[$i]['LINKED_OBJECT'] = ${'linked_object' . $properties[$i]['ID']};
$properties[$i]['LINKED_PROPERTY'] = ${'linked_property' . $properties[$i]['ID']};
SQLUpdate('owproperties', $properties[$i]);
} elseif ($properties[$i]['LINKED_OBJECT'] || $properties[$i]['LINKED_PROPERTY']) {
$properties[$i]['LINKED_OBJECT'] = '';
$properties[$i]['LINKED_PROPERTY'] = '';
SQLUpdate('owproperties', $properties[$i]);
}
global ${'starred' . $properties[$i]['ID']};
if (${'starred' . $properties[$i]['ID']}) {
$properties[$i]['STARRED'] = 1;
SQLUpdate('owproperties', $properties[$i]);
} else {
$properties[$i]['STARRED'] = 0;
SQLUpdate('owproperties', $properties[$i]);
}
}
}
$out['PROPERTIES'] = $properties;
}
$out['SCRIPTS'] = SQLSelect("SELECT ID, TITLE FROM scripts ORDER BY TITLE");
}
if (!$qry) {
$qry = "1";
}
// FIELDS ORDER
global $sortby;
if (!$sortby) {
$sortby = $session->data['shopping_list_items_sort'];
} else {
if ($session->data['shopping_list_items_sort'] == $sortby) {
if (Is_Integer(strpos($sortby, ' DESC'))) {
$sortby = str_replace(' DESC', '', $sortby);
} else {
$sortby = $sortby . " DESC";
}
}
$session->data['shopping_list_items_sort'] = $sortby;
}
if (!$sortby) {
$sortby = "ID DESC";
}
$out['SORTBY'] = $sortby;
// SEARCH RESULTS
$res = SQLSelect("SELECT * FROM shopping_list_items WHERE {$qry} ORDER BY {$sortby}");
if ($res[0]['ID']) {
$total = count($res);
for ($i = 0; $i < $total; $i++) {
// some action for every record if required
}
$out['RESULT'] = $res;
}
function checkBadwords($s, $replace = 1)
{
global $badwords;
if (!isset($badwords)) {
$tmp = SQLSelect("SELECT TITLE FROM badwords");
$total = count($tmp);
for ($i = 0; $i < $total; $i++) {
$badwords[] = strtolower($tmp[$i]['TITLE']);
}
}
$total = count($badwords);
for ($i = 0; $i < $total; $i++) {
$badwords[$i] = str_replace('*', '\\w+', $badwords[$i]);
if (preg_match('/\\W' . $badwords[$i] . '\\W/is', $s) || preg_match('/\\W' . $badwords[$i] . '$/is', $s) || preg_match('/^' . $badwords[$i] . '\\W/is', $s) || preg_match('/^' . $badwords[$i] . '$/is', $s)) {
if ($replace) {
$s = preg_replace('/^' . $badwords[$i] . '$/is', ' ... ', $s);
$s = preg_replace('/^' . $badwords[$i] . '\\W/is', ' ... ', $s);
$s = preg_replace('/\\W' . $badwords[$i] . '\\W/is', ' ... ', $s);
$s = preg_replace('/\\W' . $badwords[$i] . '$/is', ' ... ', $s);
} else {
return 1;
}
}
}
if ($replace) {
return $s;
} else {
return 0;
}
}
$ok = 0;
}
global $keep_history;
$rec['KEEP_HISTORY'] = (int) $keep_history;
global $onchange;
$rec['ONCHANGE'] = trim($onchange);
//updating 'Description' (text)
global $description;
$rec['DESCRIPTION'] = $description;
//UPDATING RECORD
if ($ok) {
if ($rec['ID']) {
SQLUpdate($table_name, $rec);
// update
if (!$rec['KEEP_HISTORY']) {
$pvalues = SQLSelect("SELECT * FROM pvalues WHERE PROPERTY_ID='" . $rec['ID'] . "'");
$total = count($pvalues);
for ($i = 0; $i < $total; $i++) {
SQLExec("DELETE FROM phistory WHERE VALUE_ID='" . $pvalues[$i]['ID'] . "'");
}
}
} else {
$new_rec = 1;
$rec['ID'] = SQLInsert($table_name, $rec);
// adding new record
}
$out['OK'] = 1;
} else {
$out['ERR'] = 1;
}
}
if (!$qry) {
$qry = "1";
}
// FIELDS ORDER
global $sortby_veradevices;
if (!$sortby_veradevices) {
$sortby_veradevices = $session->data['veradevices_sort'];
} else {
if ($session->data['veradevices_sort'] == $sortby_veradevices) {
if (Is_Integer(strpos($sortby_veradevices, ' DESC'))) {
$sortby_veradevices = str_replace(' DESC', '', $sortby_veradevices);
} else {
$sortby_veradevices = $sortby_veradevices . " DESC";
}
}
$session->data['veradevices_sort'] = $sortby_veradevices;
}
if (!$sortby_veradevices) {
$sortby_veradevices = "TITLE";
}
$out['SORTBY'] = $sortby_veradevices;
// SEARCH RESULTS
$res = SQLSelect("SELECT * FROM veradevices WHERE {$qry} ORDER BY " . $sortby_veradevices);
if ($res[0]['ID']) {
colorizeArray($res);
$total = count($res);
for ($i = 0; $i < $total; $i++) {
// some action for every record if required
}
$out['RESULT'] = $res;
}
$session->data['objects_qry']=$qry;
}
if (!$qry) $qry="1";
// FIELDS ORDER
global $sortby;
if (!$sortby) {
$sortby=$session->data['objects_sort'];
} else {
if ($session->data['objects_sort']==$sortby) {
if (Is_Integer(strpos($sortby, ' DESC'))) {
$sortby=str_replace(' DESC', '', $sortby);
} else {
$sortby=$sortby." DESC";
}
}
$session->data['objects_sort']=$sortby;
}
if (!$sortby) $sortby="TITLE";
$out['SORTBY']=$sortby;
// SEARCH RESULTS
$res=SQLSelect("SELECT objects.*, classes.TITLE as CLASS_TITLE, locations.TITLE as LOCATION_TITLE FROM objects LEFT JOIN locations ON locations.ID=objects.LOCATION_ID LEFT JOIN classes ON classes.ID=objects.CLASS_ID WHERE $qry ORDER BY $sortby");
if ($res[0]['ID']) {
paging($res, 50, $out); // search result paging
colorizeArray($res);
$total=count($res);
for($i=0;$i<$total;$i++) {
// some action for every record if required
}
$out['RESULT']=$res;
}
?>
