function api_mycss() { $sql = "SELECT `css` FROM `css` WHERE `uid` = '" . intval(uid()) . "' LIMIT 1"; $data = get_var($sql); if (db_errno() != 0) { apiController::send_error(LR_API_DB_ERROR, 'DATABASE ERROR ' . db_error()); } return apiController::send_result($data); }
function db_query($query, $database = "", $conn = "") { global $cfg; if ($conn) { /* connection is provided*/ $response = $database ? mysql_db_query($database, $query, $conn) : mysql_query($query, $conn); } else { $response = $database ? mysql_db_query($database, $query) : mysql_query($query); } if (!$response) { //error reporting $alert = '[' . $query . ']' . "\n\n" . db_error(); Sys::log(LOG_ALERT, 'DB Error #' . db_errno(), $alert, $cfg && $cfg->alertONSQLError()); //echo $msg; #uncomment during debuging or dev. } return $response; }
function db_init() { $password = substr(md5(time() . rand(1, 9999)), rand(1, 20), 12); $sql_contents = preg_replace("/(#.+[\r|\n]*)/", '', file_get_contents(AROOT . 'misc' . DS . 'install.sql')); // 更换变量 $sql_contents = str_replace('{password}', md5($password), $sql_contents); $sqls = split_sql_file($sql_contents); foreach ($sqls as $sql) { run_sql($sql); } if (db_errno() == 0) { info_page('数据库初始化成功,请使用【member@teamtoy.net】和【' . $password . '】<a href="/" target="new">登入并添加用户</a>'); exit; } else { info_page(db_error()); exit; } }
function db_init() { $password = substr(md5(time() . rand(1, 9999)), rand(1, 20), 12); $sql_contents = preg_replace("/(#.+[\r|\n]*)/", '', file_get_contents(AROOT . 'misc' . DS . 'install.sql')); // 更换变量 $sql_contents = str_replace('{password}', md5($password), $sql_contents); $sqls = split_sql_file($sql_contents); foreach ($sqls as $sql) { run_sql($sql); } if (db_errno() == 0) { info_page(__('DATABASE_INIT_FINISHED', $password)); exit; } else { info_page(db_error()); exit; } }
function turn() { if (!is_admin()) { return render(array('code' => LR_API_FORBIDDEN, 'message' => __('API_MESSAGE_ONLY_ADMIN')), 'rest'); } $on = intval(v('on')); $folder_name = z(t(v('folder_name'))); if (strlen($folder_name) < 1) { return render(array('code' => LR_API_ARGS_ERROR, 'message' => 'FOLDER NAME CANNOT BE EMPTY'), 'rest'); } $sql = "REPLACE `plugin` (`folder_name` , `on`) VALUES ( '" . s($folder_name) . "' , '" . intval($on) . "' )"; run_sql($sql); if (db_errno() == 0) { return render(array('code' => 0, 'message' => 'ok'), 'rest'); } else { return render(array('code' => LR_API_DB_ERROR, 'message' => db_error()), 'rest'); } }
function plugin_simple_token() { $do = z(t(v('do'))); switch ($do) { case 'create': case 'refresh': $new_token = substr(md5(uid() . time("Y h j G") . rand(1, 9999)), 0, rand(9, 20)); $new_token = uid() . substr(md5($new_token), 0, 10); $sql = "REPLACE INTO `stoken` ( `uid` , `token` , `on` ) VALUES ( '" . intval(uid()) . "' , '" . s($new_token) . "' , '1' )"; run_sql($sql); if (db_errno() == 0) { return ajax_echo('done'); } else { return ajax_echo('error'); } break; case 'close': $sql = "UPDATE `stoken` SET `on` = '0' WHERE `uid` = '" . intval(uid()) . "' LIMIT 1"; run_sql($sql); if (db_errno() == 0) { return ajax_echo('done'); } else { return ajax_echo('error'); } break; case 'reopen': $sql = "UPDATE `stoken` SET `on` = '1' WHERE `uid` = '" . intval(uid()) . "' LIMIT 1"; run_sql($sql); if (db_errno() == 0) { return ajax_echo('done'); } else { return ajax_echo('error'); } break; default: $data['tinfo'] = get_line("SELECT * FROM `stoken` WHERE `uid` = '" . intval(uid()) . "' LIMIT 1"); render($data, 'ajax', 'plugin', 'simple_token'); } }
$checkin_date = "'" . $_POST["checkin_date"] . "'"; $checkout_date = !empty($_POST["checkout_date"]) ? "'" . $_POST["checkout_date"] . "'" : 'NULL'; $residence_id = $_POST["residence_id"]; $payment_mode = $_POST["payment_mode"]; $agents_ac_no = !empty($_POST["agents_ac_no"]) ? $_POST["agents_ac_no"] : 'NULL'; $roomid = $_POST["roomid"]; $checkedin_by = 1; //$_POST["checkedin_by"]; $invoice_no = !empty($_POST["invoice_no"]) ? $_POST["invoice_no"] : 'NULL'; $results = db_query(' INSERT INTO booking (guestid, booking_type, meal_plan, no_adults, no_child, checkin_date, checkout_date, residence_id, payment_mode, agents_ac_no, roomid, checkedin_by, invoice_no, billed) VALUES(?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, 0)', array($guestid, $booking_type, $meal_plan, $no_adults, $no_child, $checkin_date, $checkout_date, $residence_id, $payment_mode, $agents_ac_no, $roomid, $checkedin_by, $invoice_no)); if (!$results || $results->rowCount() == 0) { //should log mysql errors to a file instead of displaying them to the user echo 'Invalid query: ' . db_errno() . "<br>" . ": " . db_error() . "<br>"; echo "Guests NOT BOOKED."; //return; } else { echo "<div align=\"center\"><h1>Guests successful checked in.</h1></div>"; //create bill - let user creat bill/create bill automatically $results = db_query('INSERT INTO bills (book_id, billno, date_billed) SELECT booking.book_id, booking.book_id, booking.checkin_date FROM booking WHERE booking.billed = 0'); $msg[0] = "Sorry no bill created"; $msg[1] = "Bill successfull created"; AddSuccess($results, $msg); //if bill succesful created update billed to 1 in bookings- todo //get the actual updated book_id, currently this simply updates all bookings $results = db_query('UPDATE booking SET billed = 1 WHERE billed = 0'); $msg[0] = "Sorry Booking not updated"; $msg[1] = "Booking successful updated"; AddSuccess($results, $msg);
function runQuery($query, $function, $label) { global $dbh; if (!($result = db_query($query, $dbh))) { // query execution failed, set the log and status: setLogAndStatus($query, db_errno($dbh), db_error($dbh), $function, $label); return 0; } else { return $result; } }
function plugin_check_mail() { if (intval(kget('mqueue_on')) != 1) { return false; } $sql = "SELECT * FROM `mail_queue` WHERE `timeline` > '" . date("Y-m-d H:i:s", strtotime("-1 hour")) . "' LIMIT 1"; if ($line = get_line($sql)) { session_write_close(); $info = unserialize($line['data']); if (phpmailer_send_mail($info['to'], $info['subject'], $info['body'], kget('mqueue_username'), kget('mqueue_server'), kget('mqueue_port'), kget('mqueue_username'), kget('mqueue_password'))) { $sql = "DELETE FROM `mail_queue` WHERE `id` = '" . intval($line['id']) . "' LIMIT 1"; } else { $sql = "UPDATE `mail_queue` SET `timeline` = '" . date("Y-m-d H:i:s", strtotime("-2 hours")) . "' LIMIT 1 "; } run_sql($sql); } include_once AROOT . 'controller' . DS . 'api.class.php'; if (db_errno() != 0) { apiController::send_error(LR_API_DB_ERROR, 'DATABASE ERROR ' . db_error()); } return apiController::send_result(array('to_send' => get_var("SELECT COUNT(*) FROM `mail_queue` WHERE `timeline` > '" . date("Y-m-d H:i:s", strtotime("-1 hour")) . "' "))); }
function sql($statment, &$o) { /* Supported options that can be passed in $o options array (as array keys): 'silentErrors': If true, errors will be returned in $o['error'] rather than displaying them on screen and exiting. */ global $Translation; static $connected = false, $db_link; $dbServer = config('dbServer'); $dbUsername = config('dbUsername'); $dbPassword = config('dbPassword'); $dbDatabase = config('dbDatabase'); ob_start(); if (!$connected) { /****** Connect to MySQL ******/ if (!extension_loaded('mysql') && !extension_loaded('mysqli')) { echo error_message('PHP is not configured to connect to MySQL on this machine. Please see <a href="http://www.php.net/manual/en/ref.mysql.php">this page</a> for help on how to configure MySQL.'); $e = ob_get_contents(); ob_end_clean(); if ($o['silentErrors']) { $o['error'] = $e; return FALSE; } else { echo $e; exit; } } if (!($db_link = @db_connect($dbServer, $dbUsername, $dbPassword))) { echo error_message(db_error($db_link, true)); $e = ob_get_contents(); ob_end_clean(); if ($o['silentErrors']) { $o['error'] = $e; return FALSE; } else { echo $e; exit; } } /****** Select DB ********/ if (!db_select_db($dbDatabase, $db_link)) { echo error_message(db_error($db_link)); $e = ob_get_contents(); ob_end_clean(); if ($o['silentErrors']) { $o['error'] = $e; return FALSE; } else { echo $e; exit; } } $connected = true; } if (!($result = @db_query($statment, $db_link))) { if (!stristr($statment, "show columns")) { // retrieve error codes $errorNum = db_errno($db_link); $errorMsg = db_error($db_link); echo error_message(htmlspecialchars($errorMsg) . "\n\n<!--\n" . $Translation['query:'] . "\n {$statment}\n-->\n\n"); $e = ob_get_contents(); ob_end_clean(); if ($o['silentErrors']) { $o['error'] = $errorMsg; return false; } else { echo $e; exit; } } } ob_end_clean(); return $result; }
function upload($files, $inline = false) { $i = array(); if (!is_array($files)) { $files = array($files); } foreach ($files as $file) { if (($fileId = is_numeric($file) ? $file : AttachmentFile::upload($file)) && is_numeric($fileId)) { $sql = 'INSERT INTO ' . ATTACHMENT_TABLE . ' SET `type`=' . db_input($this->getType()) . ',object_id=' . db_input($this->getId()) . ',file_id=' . db_input($fileId) . ',inline=' . db_input($inline ? 1 : 0); // File may already be associated with the draft (in the // event it was deleted and re-added) if (db_query($sql, function ($errno) { return $errno != 1062; }) || db_errno() == 1062) { $i[] = $fileId; } } } return $i; }
function db_prepare($stmt) { global $ost, $__db; $res = $__db->prepare($stmt); if (!$res && $ost) { // Include a backtrace in the error email $msg = '[' . $stmt . "]\n\n" . db_error(); $ost->logDBError('DB Error #' . db_errno(), $msg); } return $res; }
function db_query($query, $database = "", $conn = "") { global $ost; if ($conn) { /* connection is provided*/ $res = $database ? mysql_db_query($database, $query, $conn) : mysql_query($query, $conn); } else { $res = $database ? mysql_db_query($database, $query) : mysql_query($query); } if (!$res && $ost) { //error reporting $msg = '[' . $query . ']' . "\n\n" . db_error(); $ost->logDBError('DB Error #' . db_errno(), $msg); //echo $msg; #uncomment during debuging or dev. } return $res; }
function setBackup() { global $dbname, $dbh; global $PARAM, $SUBS, $MSG, $MONTHS; if (!is_dir(getAdmSetting('BACKUP_DIR'))) { MkDir(getAdmSetting('BACKUP_DIR'), 0777); } if ($PARAM['upload'] == 1) { global $bckFile, $bckFile_name; if ($bckFile_name == '') { $SUBS['ERROR'] = $MSG[20108]; $SUBS['BACKUP_ERROR'] = fileParse('_admin_error.htmlt'); } else { if (!($UPLOAD = @file($bckFile))) { setLogAndStatus("Reading", $bckFile, 0, "setBackup()", 'READ_UPLOAD'); } $file = date('d F Y H_i_s'); $filename = getAdmSetting('BACKUP_DIR') . "/{$file}.sql"; $upload = '## ' . $MSG[20109] . date(' d F Y H:i:s') . "\n"; $upload .= "## {$MSG['20110']} {$bckFile_name}\n"; $upload .= join('', $UPLOAD); if (!($fp = fopen($filename, 'w'))) { setLogAndStatus("Opening", $filename, 0, "setBackup()", 'OPEN_FILE'); } fwrite($fp, $upload); fclose($fp); $SUBS['COMMAND'] = $PARAM['cmd'] . "&err=20050"; printPage('_admin_done.htmlt'); return; } } //export database backup if ($PARAM['export'] == 1) { $file = date('d F Y H_i_s'); $filename = getAdmSetting('BACKUP_DIR') . "/{$file}.sql"; if (!($fp = fopen($filename, 'w'))) { setLogAndStatus("Opening", 0, $filename, "setBackup()", 'OPEN_FILE'); } //write comments if any if ($PARAM['bckComments'] != '') { $comments = '##' . ereg_replace("\n", "\n##", $PARAM['bckComments']) . "\n"; fwrite($fp, $comments); } if (!($res = db_list_tables($dbname, $dbh))) { setLogAndStatus("db_list_tables()", 0, $dbname, "setBackup()", 'LIST_TABLES'); } $num_tables = db_num_rows($res); $i = 0; while ($i < $num_tables) { $table = db_tablename($res, $i); $fields = db_list_fields($dbname, $table, $dbh); $columns = db_num_fields($fields); $tablelist = ''; for ($j = 0; $j < $columns; $j++) { if ($columns - $j == 1) { $tablelist .= db_field_name($fields, $j); } else { $tablelist .= db_field_name($fields, $j) . ','; } } $schema = "REPLACE INTO {$table} ({$tablelist}) VALUES ("; $query = "SELECT * FROM {$dbname}.{$table}"; $result = runQuery($query, 'setBackup()', 'SELECT_TABLES'); while ($row = db_fetch_row($result)) { $schema_insert = ''; for ($j = 0; $j < $columns; $j++) { if (!isset($row[$j])) { $schema_insert .= ' NULL,'; } else { $schema_insert .= ' ' . dbQuote($row[$j]) . ','; } } $schema_insert = $schema . ereg_replace(',$', '', $schema_insert); $schema_insert .= ");\r\n"; fwrite($fp, $schema_insert); } $i++; } fclose($fp); // the ZIP thing -------------------- $fp = fopen($filename, "rb"); $data = fread($fp, filesize($filename)); fclose($fp); $name = array(baseName($filename)); $data = array($data); $content = makezip($name, $data); $fp = fopen('./zip/' . basename($filename) . '.ZIP', "wb"); fputs($fp, $content); fclose($fp); // the ZIP thing -------------------- $SUBS['COMMAND'] = $PARAM['cmd'] . "&err=20052"; printPage('_admin_done.htmlt'); return; } //prepare for import or delete $backups = opendir(getAdmSetting('BACKUP_DIR')); while (($file = readdir($backups)) != false) { if (!is_dir($file)) { $BCKUPS[eregi_replace('[^a-z0-9]', '_', $file)] = getAdmSetting('BACKUP_DIR') . "/{$file}"; } } closedir($backups); reset($PARAM); while (list($k, $v) = each($PARAM)) { if (ereg('^bck_(.*)$', $k, $R)) { $BACKUPS[] = $R[1]; } } reset($PARAM); //delete backups if ($PARAM['delete'] == 1) { if (count($BACKUPS) == 0) { $SUBS['COMMAND'] = $PARAM['cmd'] . "&err=20008"; printPage('_admin_done.htmlt'); return; } for ($i = 0; $i < count($BACKUPS); $i++) { if (!@unlink($BCKUPS[$BACKUPS[$i]])) { setLogAndStatus("Deleting", $BCKUPS[$BACKUPS[$i]], "setBackup()", 'DEL_BACKUP'); } } $SUBS['COMMAND'] = $PARAM['cmd'] . "&err=20054"; printPage('_admin_done.htmlt'); return; } //import database backup if ($PARAM['import'] == 1) { if (count($BACKUPS) > 1) { $SUBS['COMMAND'] = $PARAM['cmd'] . "&err=20053"; printPage('_admin_done.htmlt'); return; } if (count($BACKUPS) == 0) { $SUBS['COMMAND'] = $PARAM['cmd'] . "&err=20008"; printPage('_admin_done.htmlt'); return; } //get backup file $file = fread(fopen($BCKUPS[$BACKUPS[0]], 'r'), filesize($BCKUPS[$BACKUPS[0]])); ////---- [Mrasnika's] Edition 21.03.2002 split_sql_file($BACKUP, $file); //reset tables if (!($res = db_list_tables($dbname, $dbh))) { setLogAndStatus("db_list_tables()", 1, $dbname, "databaseBackup()", 'LIST_TABLES_2'); } $num_tables = db_num_rows($res); $i = 0; while ($i < $num_tables) { $table = db_tablename($res, $i); $query = "DELETE FROM {$dbname}.{$table}"; $result = runQuery($query, 'setBackup()', 'RESET_TABLES'); $i++; } //fill tables while (list($k, $query) = each($BACKUP)) { if (!ereg('^#', $query)) { if (!($result = db_query($query, $dbh))) { setLogAndStatus($query, db_errno($dbh), db_error($dbh), "databaseBackup()", 'RESTORE_DB'); $SUBS['COMMAND'] = $PARAM['cmd'] . "&err=20055"; printPage('_admin_done.htmlt'); return; } } } $SUBS['COMMAND'] = $PARAM['cmd'] . "&err=20056"; printPage('_admin_done.htmlt'); return; } $backups = opendir(getAdmSetting('BACKUP_DIR')); $last = 0; while (($file = readdir($backups)) != false) { if (!is_dir($file)) { $date = stat(getAdmSetting('BACKUP_DIR') . "/{$file}"); if ($last < $date[9]) { $month = intval(date('m')); $SUBS['LAST'] = $MSG[20051] . date(' d ', $date[9]) . $MONTHS[$month] . date(' Y H.i.s', $date[9]); } $SUBS['SIZE'] = sprintf('%0.2f KB', $date[7] / 1024); $SUBS['NAME'] = eregi_replace('_', ':', $file); $SUBS['CHECK'] = eregi_replace('[^a-z0-9]', '_', $file); //checkbox name $SUBS['WHERE'] = getAdmSetting('BACKUP_DIR') . "/{$file}"; if (!($BACKUP = @file(getAdmSetting('BACKUP_DIR') . "/{$file}"))) { setLogAndStatus("Reading", 0, getAdmSetting('BACKUP_DIR') . "/{$file}", "setBackup()", 'READ_FILE'); } $comments = ''; //get comments from the beginning of the file for ($i = 0; $i < count($BACKUP); $i++) { if (eregi('^##(.*)$', $BACKUP[$i], $R)) { $comments .= $R[1]; } } if ($comments != '') { $SUBS['COMMENTS'] = ' ' . ereg_replace("\n", '<BR> ', htmlEncode($comments)); $SUBS['COMMENTS'] = ereg_replace('<BR> $', '', $SUBS['COMMENTS']); } else { $SUBS['COMMENTS'] = ''; } $SUBS['BACKUPS'] .= fileParse('_admin_backup_row.htmlt'); } } closedir($backups); if ($PARAM['err'] != '') { $SUBS['ERROR'] = $MSG[$PARAM['err']]; $SUBS['BACKUP_ERROR'] = fileParse('_admin_error.htmlt'); } printPage('_admin_backup.htmlt'); }
if (!$res or !($replyID = db_insert_id())) { $errors['err'] = 'Unable to create the reply. Internal error'; } else { $msg = 'Premade reply created'; } } elseif ($_POST['a'] == 'update') { //update $res = db_query('UPDATE ' . KB_PREMADE_TABLE . ' ' . $sql . ' WHERE premade_id=' . db_input($_POST['id'])); if ($res && db_affected_rows()) { $msg = 'Premade reply updated'; $answer = db_fetch_array(db_query('SELECT * FROM ' . KB_PREMADE_TABLE . ' WHERE premade_id=' . db_input($id))); } else { $errors['err'] = 'Internal update error occured. Try again'; } } if ($errors['err'] && db_errno() == 1062) { $errors['title'] = 'Title already exists!'; } } else { $errors['err'] = $errors['err'] ? $errors['err'] : 'Error(s) occured. Try again'; } break; case 'process': if (!$_POST['canned'] || !is_array($_POST['canned'])) { $errors['err'] = 'You must select at least one item'; } else { $msg = ''; $ids = implode(',', $_POST['canned']); $selected = count($_POST['canned']); if (isset($_POST['enable'])) { if (db_query('UPDATE ' . KB_PREMADE_TABLE . ' SET isenabled=1,updated=NOW() WHERE isenabled=0 AND premade_id IN(' . $ids . ')')) {
function db_halt($message = '', $sql = '') { global $errmsg; $dberror = db_error(); $dberrno = db_errno(); if ($sql) { $errmsg .= "<b>SQL</b>: " . htmlspecialchars($sql) . "<br>"; } $errmsg .= "<b>Error</b>: {$dberror}<br>"; $errmsg .= "<b>Errno. </b>: {$dberrno}<br>"; return false; }
function db_halt($message = '', $sql = '') { global $db_prefix; $timestamp = time(); $errmsg = ''; $dberror = db_error(); $dberrno = db_errno(); $dberror = str_replace($db_prefix, '***', $dberror); $sql = str_replace($db_prefix, '***', $sql); $errmsg = "<b>Bo-Blog Database System Tips</b>: {$message}\n\n"; $errmsg .= "<b>Time</b>: " . gmdate("Y-n-j g:ia", $timestamp + $GLOBALS["timeoffset"] * 3600) . "\n"; $errmsg .= "<b>Script</b>: " . $GLOBALS['PHP_SELF'] . "\n\n"; if ($sql) { $errmsg .= "<b>SQL</b>: " . htmlspecialchars($sql) . "\n"; } $errmsg .= "<b>Error</b>: {$dberror}\n"; $errmsg .= "<b>Errno.</b>: {$dberrno}"; @header("Content-Type: text/html; charset=utf-8"); echo "</table></table></table></table></table>\n"; echo "<p style=\"font-family: Verdana, Tahoma; font-size: 11px; background: #FFFFFF;\">"; echo nl2br($errmsg); echo '</p>'; exit; }
function db_query($query, $logError = true) { global $ost; $res = mysql_query($query); if (!$res && $logError && $ost) { //error reporting $msg = '[' . $query . ']' . "\n\n" . db_error(); $ost->logDBError('DB Error #' . db_errno(), $msg); //echo $msg; #uncomment during debuging or dev. } return $res; }
/** Report errors only @param $sql - if this function is being called from exec_install_sql, assume that the prefix has already been applied if applicable. */ function exec_install_sql_statement($sql, &$error) { $result = db_query($sql); if ($result) { $error = NULL; return TRUE; } else { $errno = db_errno(); $error = array('error' => db_error() . ' (' . $errno . ')', 'detail' => $sql); // Need to keep this up to date, for any errors which are not // strictly errors! if ($errno == 1062) { // row already exists return TRUE; } else { if ($errno == 1060) { // column already exists return TRUE; } else { if ($errno == 1091) { // column cannot be dropped because it no longer exists. return TRUE; } else { if ($errno == 1050) { // table already exists return TRUE; } else { return FALSE; } } } } } }
function api_checklist_add() { $content = z(t(v('text'))); if (!not_empty($content)) { return apiController::send_error(LR_API_ARGS_ERROR, 'TEXT CAN\'T EMPTY'); } $tid = intval(v('tid')); if (intval($tid) < 1) { return apiController::send_error(LR_API_ARGS_ERROR, 'TID NOT EXISTS'); } // check user $tinfo = get_todo_info_by_id($tid); if (intval($tinfo['details']['is_public']) == 0 && uid() != $tinfo['owner_uid']) { return apiController::send_error(LR_API_FORBIDDEN, 'ONLY PUBLIC TODO CAN ADD CHECKLIST BY OTHERS'); } $sql = "INSERT INTO `checklist` ( `tid` , `title` , `content` , `timeline` , `uid` ) VALUES ( '" . intval($tid) . "' , '" . s($content) . "' , '" . s($content) . "' , NOW() , '" . intval(uid()) . "' ) "; run_sql($sql); if (db_errno() != 0) { return apiController::send_error(LR_API_DB_ERROR, 'DATABASE ERROR ' . mysql_error()); } else { return apiController::send_result(get_line("SELECT * FROM `checklist` WHERE `id` = '" . intval(last_id()) . "' LIMIT 1", db())); } }
/** @param $extension - its a hack, but we pass this in, so its easier to filter it out of the alternate extensions list. */ function insert_s_file_type_extensions($content_type, $default_extension, $alt_extensions_r) { $content_type = validate_content_type($content_type); if (is_exists_file_type($content_type)) { $default_extension = strtolower(trim($default_extension)); if (strlen($default_extension) > 0) { if (delete_s_file_type_extensions($content_type)) { if (is_array($alt_extensions_r)) { $extensions_r = array_merge(array($default_extension), $alt_extensions_r); } else { $extensions_r[] = $default_extension; } while (list(, $extension) = each($extensions_r)) { $extension = strtolower(trim($extension)); if (strlen($extension) > 0) { $query = "INSERT INTO s_file_type_extension ( content_type, extension, default_ind )" . "VALUES ('{$content_type}', '" . $extension . "', '" . ($extension == $default_extension ? 'Y' : 'N') . "')"; $insert = db_query($query); $rows_affected = db_affected_rows(); if ($insert && $rows_affected !== -1) { if ($rows_affected > 0) { opendb_logger(OPENDB_LOG_INFO, __FILE__, __FUNCTION__, NULL, array($content_type, $default_extension, $extensions_r)); } } else { $errno = db_errno(); if ($errno != 1062) { // ignore duplicate row exception opendb_logger(OPENDB_LOG_ERROR, __FILE__, __FUNCTION__, db_error(), array($content_type, $default_extension, $extensions_r)); return FALSE; } } } } return TRUE; } else { return FALSE; } } else { return TRUE; } } else { return FALSE; } }
/** * 团队成员列表 * * 不包含密码信息 * * @param string token , 必填 * @return user list array * @author EasyChen */ public function team_members() { $sql = "SELECT * FROM `user` WHERE `is_closed` = 0 LIMIT 500"; if (!($data = get_data($sql))) { if (db_errno() == 0) { return self::send_error(LR_API_DB_EMPTY_RESULT, __('API_MESSAGE_EMPTY_RESULT_DATA')); } else { return self::send_error(LR_API_DB_ERROR, __('API_MESSAGE_DATABASE_ERROR') . mysql_error()); } } // clean password field foreach ($data as $k => $v) { $data[$k]['password'] = null; unset($data[$k]['password']); if (strlen($data[$k]['groups']) > 0) { $data[$k]['groups'] = explode('|', trim($data[$k]['groups'], '|')); } } return self::send_result($data); }
function register($email, $userName, $passwd) { $dsql = array(); $dsql[] = "'" . s($userName) . "'"; $dsql[] = "'" . s(pinyin(strtolower($userName))) . "'"; $dsql[] = "'" . s($email) . "'"; $dsql[] = "'" . s(md5($passwd)) . "'"; $dsql[] = "'" . s(date("Y-m-d H:i:s")) . "'"; $sql = "REPLACE INTO `user` ( `name` , `pinyin` , `email` , `password` , `timeline` ) VALUES ( " . join(' , ', $dsql) . " )"; run_sql($sql); if (db_errno() != 0) { die('DATABASE_ERROR' . db_error()); } }
function publish_feed($content, $uid, $type = 0, $tid = 0) { if (is_mobile_request()) { $device = 'mobile'; } else { $device = 'web'; } $tid = intval($tid); if ($type == 2 && $tid > 0) { $comment_count = get_var("SELECT COUNT(*) FROM `todo_history` WHERE `tid` = '" . intval($tid) . "' AND `type` = 2 ", db()); } else { $comment_count = 0; } $sql = "INSERT INTO `feed` ( `content` , `tid` , `uid` , `type` ,`timeline` , `device` , `comment_count` ) VALUES ( '" . s($content) . "' , '" . intval($tid) . "', '" . intval($uid) . "' , '" . intval($type) . "' , NOW() , '" . s($device) . "' , '" . intval($comment_count) . "' )"; run_sql($sql); $lid = last_id(); if (db_errno() != 0) { return false; } else { if ($comment_count > 0 && $type == 2 && $tid > 0) { $sql = "UPDATE `feed` SET `comment_count` = '" . intval($comment_count) . "' WHERE `tid` = '" . intval($tid) . "' AND `comment_count` != '" . intval($comment_count) . "' "; run_sql($sql); } return $lid; } }
function AddSuccess($results, $msg) { if (!$results || $results->rowCount() == 0) { //should log mysql errors to a file instead of displaying them to the user echo 'Invalid query: ' . db_errno() . "<br>" . ": " . db_error() . "<br>"; echo "<div align=\"center\"><h1>{$msg['0']}</h1></div>"; } else { echo "<div align=\"center\"><h1>{$msg['1']}</h1></div>"; } }