function set_cover_photo($pid, $cid, $myaccount = false)
{
global $db, $userquery, $cbphoto;
if (!$this->collection_exists($cid)) {
e(lang('collection_not_exists'));
return false;
}
if (!$this->object_exists($pid)) {
e(lang(sprintf('%s does not exist', $this->objType)));
return false;
}
if (!$this->object_in_collection($pid, $cid)) {
e(sprintf(lang("object_not_in_collect"), $this->objName));
return false;
}
if (!$this->is_collection_owner($cid) || userid() != $cbphoto->get_photo_owner($pid)) {
e(lang('cant_perform_action_collect'));
return false;
}
$fields = tbl_fields(array('p' => get_photo_fields(), 'c' => get_collection_fields()));
$query = ' SELECT ' . $fields . ' FROM ' . tbl('collections') . ' as c';
$query .= " LEFT JOIN " . tbl('photos') . " as p ON c.collection_id = p.collection_id ";
start_where();
add_where(" c.collection_id = '{$cid}' ");
add_where(" p.photo_id = '{$pid}' ");
if (get_where()) {
$query .= ' WHERE ' . get_where();
}
end_where();
$result = db_select($query);
if ($myaccount) {
if ($result['is_avatar'] == 'yes' || $result['is_avatar_collection'] == 'yes') {
return false;
}
}
$cover_photo = json_decode($result['cover_photo'], true);
if ($pid == $cover_photo['photo_id']) {
$update = true;
} else {
//Create array so we can reduce one query per collection YOSH !!!
$result = $result[0];
$cover_photo['photo_id'] = $result['photo_id'];
$cover_photo['photo_key'] = $result['photo_key'];
$cover_photo['filename'] = $result['filename'];
$cover_photo['ext'] = $result['ext'];
$cover_photo['is_collection_cover'] = true;
// This flag will help us make a query to get is_mature for cover photo while displaying
$jecp = json_encode($cover_photo);
$field = array('cover_photo' => $jecp);
$update = db_update(tbl('collections'), $field, " collection_id = '" . $result['collection_id'] . "' ");
}
if ($update) {
return $cover_photo;
} else {
return false;
}
}
function get_user_profile_field($userid, $field)
{
if (user_exists($userid)) {
$query = "SELECT user_profile." . $field . " FROM " . cb_sql_table('user_profile');
start_where();
add_where(" user_profile.userid = '" . $userid . "' ");
$query .= " WHERE " . get_where();
end_where();
$results = db_select($query);
if ($results) {
return $results[0][$field];
} else {
return false;
}
}
}
/**
* myaccount dashboard, recent video comments widget
*
* @global object $userquery
* @param array $widget
* @return string
*/
function account_dashboard_recent_video_comments($widget)
{
global $userquery;
if (!userid()) {
return false;
}
$configs = get_dashboard_widget_configs($widget['id']);
$no_of_comments = $configs['number_of_comments'] ? $configs['number_of_comments'] : 15;
$no_of_days = $configs['number_of_days'] ? $configs['number_of_days'] : 8;
if ($userquery->udetails['total_videos'] > 0) {
$fields = array('video' => array('videoid', 'videokey', 'title', 'description', 'views'), 'users' => get_user_fields(), 'comments' => array('comment_id', 'type', 'comment', 'userid', 'type_id', 'type_owner_id', 'date_added'));
$fields = tbl_fields($fields);
$query = "SELECT {$fields} FROM " . tbl('comments') . " AS comments ";
$query .= "LEFT JOIN " . tbl('video') . " AS video ON " . 'comments.type_id' . " = " . 'video.videoid' . " ";
$query .= "LEFT JOIN " . tbl('users') . " AS users ON " . 'comments.userid' . " = " . 'users.userid' . " ";
start_where();
add_where(" " . 'comments.type_owner_id' . " = " . userid());
add_where(" " . 'comments.type' . " = 'v' ");
add_where(" " . 'comments.userid' . " <> " . userid());
add_where(" " . 'comments.date_added' . " BETWEEN SYSDATE() - INTERVAL {$no_of_days} DAY AND SYSDATE() ");
if (get_where()) {
$query .= " WHERE " . get_where();
}
end_where();
$query .= " ORDER BY " . 'comments.date_added' . " DESC LIMIT {$no_of_comments}";
$comments = db_select($query);
}
// Comment Template
$params['file'] = 'blocks/account/dashboard_comments.html';
$params['widget'] = $widget;
$params['comments'] = $comments;
$params['configs'] = $configs;
return fetch_template_file($params);
}
$password = generateRandomString('5');
echo $password;
//Hash the password provided
$hash = encryptPassword($password);
//Save new password for user
//If already exists, then update password and if not insert record
$params = array();
$response = null;
$params = add_where('idPerson', $id, $params);
$response = select_from_table('password', 'idPerson', $params);
//echo $response;
if (empty(json_decode($response, true))) {
//Insert
$record = array();
$records = array();
$record = add_field('idPerson', $id, $record);
$record = add_field('password', $hash, $record);
$record = add_field('misses', "0", $record);
$record = add_field('locked', "0", $record);
array_push($records, $record);
insert_into_table('password', $records);
} else {
//Modify
$update = array();
$where = array();
$update = add_field("password", $hash, $update);
$update = add_field("misses", "0", $update);
$update = add_field("locked", "0", $update);
$where = add_where("idPerson", $id, $where);
modify_record('password', $update, $where);
}
<?php
require_once '..\\utilities\\functions.php';
header('Access-Control-Allow-Origin: *');
$where = array();
$table = null;
$fields = "all";
while ($value = current($_GET)) {
$key = key($_GET);
switch ($key) {
case 'table':
$table = $value;
break;
case 'fields':
$fields = $value;
break;
default:
$where = add_where($key, $value, $where);
break;
}
next($_GET);
}
$response = select_from_table($table, $fields, $where);
echo $response;
<?php
require_once '..\\utilities\\functions.php';
header('Access-Control-Allow-Origin: *');
// Define Table
$table = 'person';
//Build Fields and Values to insert
$update = array();
$where = array();
//Fields with new values
$update = add_field("address1", "1220 Topeka Ice Cream Lane", $update);
//Table selection for the record(s) to be updated
$where = add_where("nameLast", "Lee", $where);
//echo json_encode($update). "<br>";
modify_record($table, $update, $where);
/**
* Function used to get video being processed
*/
function get_video_being_processed($filename = NULL, $active = 'yes')
{
global $db;
$ct = tbl('conversion_queue');
$vt = tbl("video");
$fields = $ct . '.*,' . $ct . '.status AS queue_status';
$fields .= "," . $vt . ".*";
$query = "SELECT {$fields} FROM " . $ct;
$query .= " LEFT JOIN " . $vt . " ON ";
$query .= $vt . ".file_name=" . $ct . ".queue_name";
start_where();
if ($filename) {
add_where(" queue_name='{$filename}' ");
}
if ($active) {
add_where($ct . ".active='{$active}' ");
}
if (get_where()) {
$query .= " WHERE " . get_where();
}
$results = db_select($query);
end_where();
$queues = array();
if ($results) {
foreach ($results as $queue) {
//Get Files of the qeueue...
$queue['files'] = get_video_files($filename);
$queues[] = $queue;
}
}
return $queues;
}
$email = $_POST["email"];
$namefirst = $_POST["namefirst"];
$namelast = $_POST["namelast"];
$sex = $_POST["sex"];
//First, check if user already exists
$table = 'person';
$where = add_where("email", $email, $where = array());
$fields = array("namelast", "namefirst");
$response = select_from_table($table, $fields, $where);
// Then add the user to the person table with only the e-mail address
if (!empty($response)) {
$record = array();
$records = array();
$record = add_field("email", $email, $record);
$record = add_field("nameFirst", $namefirst, $record);
$record = add_field("nameLast", $namelast, $record);
$record = add_field("sex", $sex, $record);
array_push($records, $record);
insert_into_table($table, $records);
// Then select the unique ID that was created in previous step
unset($where);
unset($fields);
unset($response);
$where = add_where("email", $email, $where = array());
$fields = array("namelast", "namefirst");
$response = select_from_table($table, $fields, $where);
// Now add the password to the password table with unique ID assigned
} else {
//only update password
echo 'user exists' . json_encode($response);
}
break;
}
case 'course_page':{
add_where($where, " keep_alive>'$now_time' and now_playing_type=25 order by id");
break;
}
case 'infoportal':{
add_where($where, " keep_alive>'$now_time' and now_playing_type>=20 and now_playing_type<=29 order by id");
break;
}
case 'tv_archive':{
add_where($where, " keep_alive>'$now_time' and now_playing_type=11 order by id");
break;
}
case 'records':{
add_where($where, " keep_alive>'$now_time' and now_playing_type=12 order by id");
break;
}
case 'none':{
}
default:{
}
}
//echo $where;
$query = "select * from users $where";
$rs = $db->executeQuery($query);
$total_items = $rs->getRowCount();
$page_offset=$page*$MAX_PAGE_ITEMS;
if (!isset($password)) {
echo "No Password";
return "No Password provided for {$email} try again";
}
//If ID is not set and e-mail is set then get ID
if (!isset($id) and isset($email)) {
$params = add_where('email', $email, $params = array());
$response = select_from_table('person', 'idPerson', $params);
$response = json_decode($response, true);
if (!empty($response)) {
$id = $response[0]['idPerson'];
}
}
//If ID is not set, then exit with message
if (!isset($id)) {
echo "E-Mail {$email} does not exist";
}
//Get current password
$params = add_where('idPerson', $id, $params = array());
$response = select_from_table('password', 'password', $params);
$response = json_decode($response, true);
if (!empty($response)) {
$oldPassword = $response[0]['password'];
} else {
echo "Password was never set";
}
//Validate the password
$valid = validatePassword($oldPassword, $password, $id);
//echo 'The validation is: '.$valid;
return $valid;
//dummy comment
/**
* This confirms that whether user was previously subscribed to
* content or not.
*
* If user is subscribing for the first time, call <code>do_subscription_inital_actions</code>
*
* @author Fawaz Tahir <*****@*****.**>
* @param int $sub_id
* @param string $type
* @return boolean
*/
function was_user_subscribed_to_content($sub_id, $type)
{
$query = " SELECT subscription_content_id FROM " . cb_sql_table('subscriptions_content');
start_where();
add_where(" subscriptions_content.subscription_id = '" . $sub_id . "' ");
add_where(" subscriptions_content.content_type = '" . $type . "' ");
$query .= " WHERE" . get_where();
end_where();
$query .= " ORDER BY subscriptions_content.date_added DESC LIMIT 1";
$result = db_select($query);
if ($result) {
return true;
} else {
return false;
}
}
<?php
require_once '..\\utilities\\functions.php';
// Define Table
$table = 'person';
$email = $_POST['email'];
//Build Fields and Values to insert
$record = array();
$record = add_where("email", $email, $record);
delete_from_table($table, $record);
function get_comments($array = NULL)
{
$configs = array('order' => 'date_added DESC', 'get_children' => true);
$configs = array_merge($configs, $array);
$valid_configs = array('type_id', 'limit', 'type', 'get_children', 'only_parents', 'parent_id', 'order', 'get_children');
$the_configs = array();
foreach ($valid_configs as $config) {
$the_configs[$config] = $configs[$config];
}
extract($the_configs);
$type_id = mysql_clean($type_id);
$type = mysql_clean($type);
$limit = mysql_clean($limit);
$order = mysql_clean($order);
$parent_id = mysql_clean($parent_id);
$userid = mysql_clean($userid);
//List of user fields we need to show with the comment
$userfields = array('username', 'email', 'userid', 'avatar', 'avatar_url');
//Applying filters...
$userfields = apply_filters($userfields, 'comment_user_fields');
$ufields = '';
foreach ($userfields as $userfield) {
$ufields .= ',';
$ufields .= tbl('users.' . $userfield);
}
$query = "SELECT " . tbl('comments.*') . $ufields . " FROM " . tbl('comments');
$query .= " LEFT JOIN " . tbl('users') . " ON " . tbl('comments.userid');
$query .= " = " . tbl('users.userid');
start_where();
if ($type) {
add_where("type='" . $type . "'");
}
if ($type_id) {
add_where("type_id='" . $type_id . "'");
}
if ($parent_id && !$only_parents) {
add_where("parent_id='{$parent_id}'");
}
if ($userid) {
add_where("userid='{$userid}' ");
}
if ($only_parents) {
add_where("parent_id='0'");
}
if (get_where()) {
$query .= " WHERE " . get_where();
}
end_where();
if ($order) {
$query .= " ORDER BY " . $order;
}
if ($limit) {
$query .= " LIMIT " . $limit;
}
$comments = db_select($query);
$the_comments = array();
if ($comments) {
foreach ($comments as $comment) {
if ($comment['get_children'] && $comment['has_children']) {
$child_array = array('parent_id' => $comment['comment_id'], 'type' => $array['type'], 'type_id' => $array['type_id']);
$children = get_comments($child_array);
if ($children) {
$comment['children'] = $children;
}
}
$the_comments[] = $comment;
}
}
return $the_comments;
}
<?php
require_once '..\\utilities\\functions.php';
//Build where statement. This is an AND
$where = add_where("sex", "M", $where = array());
$where = add_where("namelast", "Smith", $where = array());
// List fields or define field as NULL
$fields = array("namelast", "namefirst", "birthdate");
//$fields = null;
$response = select_from_table('person', $fields, $where);
echo $response;
/**
* Get thread along with all the details..
*
* @param INT $thread_id
* @param ARRAY $thread
*/
function get_thread($tid)
{
$tid = mysql_clean($tid);
$fields_array = array('t' => array('thread_id', 'total_recipients', 'total_messages', 'date_added', 'time_added', 'last_message_date', 'main_recipients', 'last_message', 'subject'), 'r' => array('recipient_id'));
$the_fields = tbl_fields($fields_array);
$thread_id = $tid;
$query = " SELECT {$the_fields} FROM " . tbl('recipients') . " as r";
$query .= " INNER JOIN " . tbl('threads') . ' as t ON ';
$query .= ' t.thread_id=r.thread_id ';
start_where();
if ($o['userid']) {
add_where("r.userid='" . $o['userid'] . "'");
} elseif (userid()) {
add_where("r.userid='" . userid() . "'");
} else {
return false;
}
add_where("r.thread_id='" . $tid . "'");
if (get_where()) {
$query .= " WHERE " . get_where();
}
end_where();
$query .= " LIMIT 1 ";
$results = db_select($query);
if ($results) {
return $results[0];
} else {
return false;
}
}
add_where($where, " keep_alive>'{$now_time}' and now_playing_type=24 order by id");
break;
case 'course_page':
add_where($where, " keep_alive>'{$now_time}' and now_playing_type=25 order by id");
break;
case 'infoportal':
add_where($where, " keep_alive>'{$now_time}' and now_playing_type>=20 and now_playing_type<=29 order by id");
break;
case 'tv_archive':
add_where($where, " keep_alive>'{$now_time}' and now_playing_type=11 order by id");
break;
case 'records':
add_where($where, " keep_alive>'{$now_time}' and now_playing_type=12 order by id");
break;
case 'timeshift':
add_where($where, " keep_alive>'{$now_time}' and now_playing_type=14 order by id");
break;
case 'none':
default:
}
//echo $where;
$query = "select * from users {$where}";
$total_items = Mysql::getInstance()->query($query)->count();
$page_offset = $page * $MAX_PAGE_ITEMS;
$total_pages = (int) ($total_items / $MAX_PAGE_ITEMS + 0.999999);
if (!$where) {
$where = 'order by id';
}
$query = "select users.*, tariff_plan.name as tariff_plan_name from users left join tariff_plan on tariff_plan.id=tariff_plan_id {$where} LIMIT {$page_offset}, {$MAX_PAGE_ITEMS}";
//echo $query;
$users = Mysql::getInstance()->query($query);
checkbox($started, 'started', "Started");
checkbox($fixed, 'fixed', "Fixed");
checkbox($fixreleased, 'fixreleased', "Fix Released");
checkbox($javabug, 'javabug', "Java Bugs");
echo '</div>' . PHP_EOL;
//echo '<input type="submit" value="Submit">'.PHP_EOL;
echo '</form>' . PHP_EOL;
echo "<hr>" . PHP_EOL;
$sql = "SELECT * FROM " . table();
$and = false;
if ($version != 'All' || $java != 'All' || $os != 'All' || $wontfix || $reopened || $new || $accepted || $started || $fixed || $fixreleased || $javabug) {
$sql = $sql . " WHERE ";
}
add_where($sql, $and, $version, 'version');
add_where($sql, $and, $java, 'java');
add_where($sql, $and, $os, 'os');
checkbox_where($sql, $and, $wontfix, '-2');
checkbox_where($sql, $and, $reopened, '-1');
checkbox_where($sql, $and, $new, '0');
checkbox_where($sql, $and, $accepted, '1');
checkbox_where($sql, $and, $started, '2');
checkbox_where($sql, $and, $fixed, '3');
checkbox_where($sql, $and, $fixreleased, '4');
search_where($sql, $and, $javabug, 'log', 'net.nikr');
$sql = $sql . " ORDER BY {$order} {$desc}";
$statement = $dbh->prepare($sql);
$statement->execute();
$rows = $statement->fetchAll(PDO::FETCH_ASSOC);
foreach ($rows as &$row) {
echo '<div style="width: 400px; float: left;">' . PHP_EOL;
switch ($row['status']) {
