function collectData() { global $statusData; if (isset($_REQUEST['MainFrameID']) && $_REQUEST['MainFrameID'] == "1") { $statusData["event"]["elements"]["MainFrameID"] = array("sql" => "(select FrameID from Frames where EventId=Events.id order by Score desc,FrameId limit 1)"); $statusData["events"]["elements"]["MainFrameID"] = array("sql" => "(select FrameID from Frames where EventId=Events.id order by Score desc,FrameId limit 1)"); } $entitySpec =& $statusData[strtolower(validJsStr($_REQUEST['entity']))]; #print_r( $entitySpec ); if (!canView($entitySpec['permission'])) { ajaxError('Unrecognised action or insufficient permissions'); } if (!empty($entitySpec['func'])) { $data = eval("return( " . $entitySpec['func'] . " );"); } else { $data = array(); $postFuncs = array(); $fieldSql = array(); $joinSql = array(); $groupSql = array(); $elements =& $entitySpec['elements']; $lc_elements = array_change_key_case($elements); $id = false; if (isset($_REQUEST['id'])) { if (!is_array($_REQUEST['id'])) { $id = array(validJsStr($_REQUEST['id'])); } else { $id = array_values($_REQUEST['id']); } } if (!isset($_REQUEST['element'])) { $_REQUEST['element'] = array_keys($elements); } else { if (!is_array($_REQUEST['element'])) { $_REQUEST['element'] = array(validJsStr($_REQUEST['element'])); } } if (isset($entitySpec['selector'])) { if (!is_array($entitySpec['selector'])) { $entitySpec['selector'] = array($entitySpec['selector']); } foreach ($entitySpec['selector'] as $selector) { if (is_array($selector) && isset($selector['table']) && isset($selector['join'])) { $joinSql[] = "left join " . $selector['table'] . " on " . $selector['join']; } } } foreach ($_REQUEST['element'] as $element) { if (!($elementData = $lc_elements[strtolower($element)])) { ajaxError("Bad " . validJsStr($_REQUEST['entity']) . " element " . $element); } if (isset($elementData['func'])) { $data[$element] = eval("return( " . $elementData['func'] . " );"); } else { if (isset($elementData['postFunc'])) { $postFuncs[$element] = $elementData['postFunc']; } else { if (isset($elementData['zmu'])) { $data[$element] = exec(escapeshellcmd(getZmuCommand(" " . $elementData['zmu']))); } else { if (isset($elementData['sql'])) { $fieldSql[] = $elementData['sql'] . " as " . $element; } else { $fieldSql[] = $element; } if (isset($elementData['table']) && isset($elementData['join'])) { $joinSql[] = "left join " . $elementData['table'] . " on " . $elementData['join']; } if (isset($elementData['group'])) { $groupSql[] = $elementData['group']; } } } } } if (count($fieldSql)) { $sql = "select " . join(", ", $fieldSql) . " from " . $entitySpec['table']; if ($joinSql) { $sql .= " " . join(" ", array_unique($joinSql)); } if ($id && !empty($entitySpec['selector'])) { $index = 0; $where = array(); $values = array(); foreach ($entitySpec['selector'] as $selector) { if (is_array($selector)) { $where[] = $selector['selector'] . ' = ?'; $values[] = validInt($id[$index]); } else { $where[] = $selector . ' = ?'; $values[] = validInt($id[$index]); } $index++; } $sql .= " where " . join(" and ", $where); } if ($groupSql) { $sql .= " group by " . join(",", array_unique($groupSql)); } if (!empty($_REQUEST['sort'])) { $arr = explode(' ', $_REQUEST['sort']); $col = validCol($arr[0]); $dir = ""; if (count($arr) == 2) { if ($arr[1] == "desc") { $dir = $arr[1]; } } $sql .= " order by {$col} {$dir}"; } if (!empty($entitySpec['limit'])) { $limit = $entitySpec['limit']; } elseif (!empty($_REQUEST['count'])) { $limit = validInt($_REQUEST['count']); } $limit_offset = ""; if (!empty($_REQUEST['offset'])) { $limit_offset = validInt($_REQUEST['offset']) . ", "; } if (!empty($limit)) { $sql .= " limit " . $limit_offset . $limit; } if (isset($limit) && $limit == 1) { if ($sqlData = dbFetchOne($sql, NULL, $values)) { foreach ($postFuncs as $element => $func) { $sqlData[$element] = eval('return( ' . $func . '( $sqlData ) );'); } $data = array_merge($data, $sqlData); } } else { $count = 0; foreach (dbFetchAll($sql, NULL, $values) as $sqlData) { foreach ($postFuncs as $element => $func) { $sqlData[$element] = eval('return( ' . $func . '( $sqlData ) );'); } $data[] = $sqlData; if (isset($limi) && ++$count >= $limit) { break; } } } } } #print_r( $data ); return $data; }
$monitor_str = ""; $monitor_str .= make_tag("id", $monitor['Id']); $monitor_str .= make_tag("name", $monitor['Name']); $monitor_str .= make_tag("method", $monitor['Function']); $monitor_str .= make_tag("enabled", $monitor['Enabled']); $monitor_str .= make_tag("width", $monitor['Width']); $monitor_str .= make_tag("height", $monitor['Height']); print make_tag("monitor", $monitor_str); } } else { if ($_REQUEST['action'] == "get_connkey") { print make_tag("connkey", generateConnKey()); } else { if ($_REQUEST['action'] == "event_stats") { if (!canView("Events")) { ajaxError('Unrecognised action or insufficient permissions'); } $eid = validInt($_REQUEST['eid']); $stats = dbFetchAll("select S.*,E.*,Z.Name as ZoneName,Z.Units,Z.Area,M.Name as MonitorName,M.Width,M.Height from Stats as S left join Events as E on S.EventId = E.Id left join Zones as Z on S.ZoneId = Z.Id left join Monitors as M on E.MonitorId = M.Id where S.EventId = '" . $eid . "' order by S.FrameId, S.ZoneId"); for ($i = 0; $i < count($stats); $i++) { $stat = $stats[$i]; $stat_str = ""; $stat_str .= make_tag("FrameId", $stat["FrameId"]); $stat_str .= make_tag("PixelDiff", $stat["PixelDiff"]); $stat_str .= make_tag("AlarmPixels", $stat["AlarmPixels"]); $stat_str .= make_tag("FilterPixels", $stat["FilterPixels"]); $stat_str .= make_tag("BlobPixels", $stat["BlobPixels"]); $stat_str .= make_tag("Blobs", $stat["Blobs"]); $stat_str .= make_tag("ZoneName", $stat["ZoneName"]); $stat_str .= make_tag("Score", $stat["Score"]); print make_tag("stat", $stat_str);
//Now add the suggestion if (!$member->edit($_POST['name'], $_POST['gender'], $_POST['relationship'], $_POST['dob'], $_POST['alive'], TRUE)) { trigger_error("Cannot Edit Member. Some error occured"); } else { ajaxSuccess(); } } break; case "feedback": $name = $_POST['name']; $email = $_POST['email']; $message = $_POST['message']; if (!$db->query("insert into feedback (user_name,user_emailid,feedback_text) \n values ('{$name}','{$email}','{$message}')")) { trigger_error("Some error occured"); } else { ajaxSuccess(); } break; case "checkregistered": global $db, $vanshavali; $res = $vanshavali->getmember($_POST['id']); if (empty($res->data['username']) && empty($res->data['password'])) { ajaxSuccess(); } else { ajaxError(); } break; default: //when nothing matches break; }
function collectData() { global $statusData; $entitySpec =& $statusData[strtolower(validJsStr($_REQUEST['entity']))]; #print_r( $entitySpec ); if (!canView($entitySpec['permission'])) { ajaxError('Unrecognised action or insufficient permissions'); } if (!empty($entitySpec['func'])) { $data = eval("return( " . $entitySpec['func'] . " );"); } else { $data = array(); $postFuncs = array(); $fieldSql = array(); $joinSql = array(); $groupSql = array(); $elements =& $entitySpec['elements']; $lc_elements = array_change_key_case($elements); $id = false; if (isset($_REQUEST['id'])) { if (!is_array($_REQUEST['id'])) { $id = array(validJsStr($_REQUEST['id'])); } else { $id = array_values($_REQUEST['id']); } } if (!isset($_REQUEST['element'])) { $_REQUEST['element'] = array_keys($elements); } else { if (!is_array($_REQUEST['element'])) { $_REQUEST['element'] = array(validJsStr($_REQUEST['element'])); } } if (isset($entitySpec['selector'])) { if (!is_array($entitySpec['selector'])) { $entitySpec['selector'] = array($entitySpec['selector']); } foreach ($entitySpec['selector'] as $selector) { if (is_array($selector) && isset($selector['table']) && isset($selector['join'])) { $joinSql[] = "left join " . $selector['table'] . " on " . $selector['join']; } } } foreach ($_REQUEST['element'] as $element) { if (!($elementData = $lc_elements[strtolower($element)])) { ajaxError("Bad " . validJsStr($_REQUEST['entity']) . " element " . $element); } if (isset($elementData['func'])) { $data[$element] = eval("return( " . $elementData['func'] . " );"); } else { if (isset($elementData['postFunc'])) { $postFuncs[$element] = $elementData['postFunc']; } else { if (isset($elementData['zmu'])) { $data[$element] = exec(escapeshellcmd(getZmuCommand(" " . $elementData['zmu']))); } else { if (isset($elementData['sql'])) { $fieldSql[] = $elementData['sql'] . " as " . $element; } else { $fieldSql[] = $element; } if (isset($elementData['table']) && isset($elementData['join'])) { $joinSql[] = "left join " . $elementData['table'] . " on " . $elementData['join']; } if (isset($elementData['group'])) { $groupSql[] = $elementData['group']; } } } } } if (count($fieldSql)) { $sql = "select " . join(", ", $fieldSql) . " from " . $entitySpec['table']; if ($joinSql) { $sql .= " " . join(" ", array_unique($joinSql)); } if ($id && !empty($entitySpec['selector'])) { $index = 0; $where = array(); foreach ($entitySpec['selector'] as $selector) { if (is_array($selector)) { $where[] = $selector['selector'] . " = " . dbEscape($id[$index]); } else { $where[] = $selector . " = " . dbEscape($id[$index]); } $index++; } $sql .= " where " . join(" and ", $where); } if ($groupSql) { $sql .= " group by " . join(",", array_unique($groupSql)); } if (!empty($_REQUEST['sort'])) { $sql .= " order by " . dbEscape($_REQUEST['sort']); } if (!empty($entitySpec['limit'])) { $limit = $entitySpec['limit']; } elseif (!empty($_REQUEST['count'])) { $limit = dbEscape($_REQUEST['count']); } if (!empty($limit)) { $sql .= " limit " . $limit; } if (isset($limit) && $limit == 1) { if ($sqlData = dbFetchOne($sql)) { foreach ($postFuncs as $element => $func) { $sqlData[$element] = eval('return( ' . $func . '( $sqlData ) );'); } $data = array_merge($data, $sqlData); } } else { $count = 0; foreach (dbFetchAll($sql) as $sqlData) { foreach ($postFuncs as $element => $func) { $sqlData[$element] = eval('return( ' . $func . '( $sqlData ) );'); } $data[] = $sqlData; if (isset($limi) && ++$count >= $limit) { break; } } } } } #print_r( $data ); return $data; }
break; case 'load_states_disabled': load_states_disabled($vars['country']); break; case 'get_country': get_country($vars['country']); break; case 'get_state': get_state($vars['state']); break; case 'save_country': save_country($vars['country'], $vars['title'], $vars['tag'], $vars['act']); break; case 'save_state': save_state($vars['country'], $vars['state'], $vars['title'], $vars['tag'], $vars['act']); break; case 'get_expire': get_expire($vars['product_id'], $vars['begin_date']); break; case 'calculate_tax': calculate_tax($vars['product_id'], $vars['member_id'], $vars['amount'], $vars['incl_tax']); break; case 'affiliate_search': affiliate_search($vars['search']); break; case 'change_affiliate': change_affiliate($vars['member_id'], $vars['aff_id']); break; default: ajaxError('Unknown Request'); }
} // Connect to avariceDB try { $avarice_dbh = new PDO("sqlite:" . $config['avariceDataFile']['path']); } catch (PDOException $e) { ajaxError("Database", $e->getMessage()); } // Creates module DB connection based on 'section' parametor if (empty($formData['section'])) { ajaxError("Syntax", "'section' is a required parameter"); } else { if ($formData['section'] == "eventLog") { try { $dbh = new PDO("sqlite:" . $config['module']['eventLog']['path'] . "/eventLog.sqlite3"); } catch (PDOException $e) { ajaxError("Database", $e->getMessage()); } } } // Actions $return = array(); if ($formData['section'] == "eventLog") { if ($formData['action'] == "getUser") { $query = "\r\n\t\t\tselect\r\n\t\t\t\tUserID,\r\n\t\t\t\tUser\r\n\t\t\tfrom user\r\n\t\t\torder by\r\n\t\t\t\tUser;"; $sth = $dbh->prepare($query); $sth->execute(); $result = $sth->fetchAll(PDO::FETCH_ASSOC); $return[1410065407] = "All"; foreach ($result as $row) { $return[$row['UserID']] = $row['User']; }
} while (false); return ajaxResponse($res); } function ajaxCheckCoupon($vars) { global $db, $config; $coupon = htmlentities($vars['coupon']); $res = array('msg' => '', 'errorCode' => 0); $ret = $db->coupon_get($vars['coupon']); if (!is_array($ret) || !$ret['coupon_id']) { $res['msg'] = $ret; $res['errorCode'] = 1; } return ajaxResponse($res); } header("Content-type: text/plain; charset=UTF-8"); $vars = get_input_vars(); $vars['do'] = preg_replace('/[^a-zA-Z0-9_.,-]/', '', $vars['do']); switch ($vars['do']) { case 'get_states': ajaxGetStates($vars); break; case 'check_uniq_login': ajaxCheckUniqLogin($vars); break; case 'check_coupon': ajaxCheckCoupon($vars); break; default: ajaxError('Unknown Request: ' . $vars['do']); }