Exemplo n.º 1
0
if (isset($_REQUEST['from']) && !empty($_REQUEST['from'])) {
    echo check_date($_REQUEST['from']);
}
?>
'/><br />
<br />
            <p class='inline'>and:</p><input name='to' type='text' size='11' class='search_inputs datepicker' value='<?php 
if (isset($_REQUEST['to']) && !empty($_REQUEST['to'])) {
    echo check_date($_REQUEST['to']);
}
?>
'/><br />
<br />
<p class='inline'>And title contains </p><input name='title' type='text' class='search_inputs' value='<?php 
if (isset($_REQUEST['title']) && !empty($_REQUEST['title'])) {
    echo check_title($_REQUEST['title']);
}
?>
'/><br />
<br />
<!--
                <p class='inline'>Tags</p><input name='tags' type='text' class='search_inputs'/><br />
<br />
-->
<p class='inline'>And body contains</p><input name='body' type='text' class='search_inputs' value='<?php 
if (isset($_REQUEST['body']) && !empty($_REQUEST['body'])) {
    echo check_body($_REQUEST['body']);
}
?>
'/><br />
<br />
Exemplo n.º 2
0
$msg_arr = array();
//Validation error flag
$errflag = false;
// CHECKS
// ID
if (is_pos_int($_POST['item_id'])) {
    $id = $_POST['item_id'];
    if (!item_is_in_team($id, $_SESSION['team_id'])) {
        die(_('This section is out of your reach.'));
    }
} else {
    $id = '';
    $msg_arr[] = _("The id parameter is not valid!");
    $errflag = true;
}
$title = check_title($_POST['title']);
$date = check_date($_POST['date']);
$body = check_body($_POST['body']);
if (!$errflag) {
    // SQL for editDB
    $sql = "UPDATE items \n            SET title = :title, \n            date = :date, \n            body = :body, \n            userid = :userid \n            WHERE id = :id";
    $req = $pdo->prepare($sql);
    $result1 = $req->execute(array('title' => $title, 'date' => $date, 'body' => $body, 'userid' => $_SESSION['userid'], 'id' => $id));
    // we add a revision to the revision table
    $sql = "INSERT INTO items_revisions (item_id, body, userid) VALUES(:item_id, :body, :userid)";
    $req = $pdo->prepare($sql);
    $result2 = $req->execute(array('item_id' => $id, 'body' => $body, 'userid' => $_SESSION['userid']));
    // Check if insertion is successful
    if ($result1 && $result2) {
        header("location: ../database.php?mode=view&id=" . $id);
    } else {
Exemplo n.º 3
0
?>
'/>
            </div>
            <!-- END SEARCH DATE -->
        </div>

        <div class='row'>
            <!-- TITLE -->
            <div class='col-md-6'>
            <label for='title'><?php 
echo _('And title contains');
?>
</label>
            <input id='title' name='title' type='text' value='<?php 
if (isset($_GET['title']) && !empty($_GET['title'])) {
    echo check_title($_GET['title']);
}
?>
'/>
            </div>
            <!-- STATUS -->
            <div class='col-md-4'>
                <label for='status'><?php 
echo _('And status is');
?>
</label>
                <select id='status' name="status">
                    <option value=''><?php 
echo _('select status');
?>
</option>
Exemplo n.º 4
0
        $req = $bdd->prepare($sql);
        $result = $req->execute();
        $latestRegNo = $req->fetch();
        $prefix = CPD_PREFIX;
        if (count($latestRegNo) >= 1) {
            if (ctype_alpha(substr($latestRegNo[0], strlen($latestRegNo[0]) - 1))) {
                $number = substr($latestRegNo[0], strlen($prefix), strlen($latestRegNo[0]) - strlen($prefix) - 1);
            } else {
                $number = substr($latestRegNo[0], strlen($prefix), strlen($latestRegNo[0]) - strlen($prefix));
            }
        } else {
            $number = 0;
        }
        $newRegNo = $prefix . strval($number + 1);
    } else {
        $newRegNo = check_title($_POST['cpdParentRegNum']) . $saltSuffix;
    }
    $sql = "UPDATE compound_registry SET cpd_id = :cpdid, validated = :validated, regno = :regno WHERE id = :regid";
    $req = $bdd->prepare($sql);
    $result = $req->execute(array('cpdid' => $cpdid, 'validated' => $validated, 'regno' => $newRegNo, 'regid' => $regid));
} else {
    if (!$validated) {
        $sql = "UPDATE compound_registry SET cpd_id = :cpdid, validated = :validated WHERE id = :regid";
        $req = $bdd->prepare($sql);
        $result = $req->execute(array('cpdid' => $cpdid, 'validated' => $validated, 'regid' => $regid));
    }
}
$result = $bdd->commit();
// Check if insertion is successful
if ($result) {
    unset($_SESSION['new_title']);
Exemplo n.º 5
0
    $tanimoto = floatval($_REQUEST['tanimoto']);
} else {
    $tanimoto = 0.7;
}
if (isset($_REQUEST['validated'])) {
    $getValidated = true;
} else {
    $getValidated = false;
}
if (isset($_REQUEST['pending'])) {
    $getPending = true;
} else {
    $getPending = false;
}
if (isset($_REQUEST['name'])) {
    $name = check_title($_REQUEST['name']);
} else {
    $name = '';
}
$userid = intval($_SESSION['userid']);
// Is there a search ?
if (isset($_REQUEST)) {
    // first do text-based search where necessary
    if (isset($from) || isset($to)) {
        if (!isset($from)) {
            $sql = "SELECT compreg.id FROM compound_registry compreg JOIN compounds comp ON compreg.cpd_id = comp.id\n            JOIN compound_properties compprop ON compreg.cpd_id = compprop.compound_id\n            WHERE compprop.mwt <= :to AND comp.name LIKE :name";
            $sqlArgs = array('to' => $to, 'name' => '%' . $name . '%');
        } else {
            if (!isset($to)) {
                $sql = "SELECT compreg.id FROM compound_registry compreg JOIN compounds comp ON compreg.cpd_id = comp.id\n            JOIN compound_properties compprop ON compreg.cpd_id = compprop.compound_id\n            WHERE compprop.mwt >= :from AND comp.name LIKE :name";
                $sqlArgs = array('from' => $from, 'name' => '%' . $name . '%');
 public function check_title()
 {
     $title = I('param');
     $result = check_title('goods', $title);
     if ($result) {
         $this->ajaxReturn(array('status' => 'n', 'info' => '该产品已经存在'));
     } else {
         $this->ajaxReturn(array('status' => 'y', 'info' => ''));
     }
 }