function addUser($baseURL, $database, $user, $email, $department, $role) { $guid = getGUID(); $statement = $database->prepare('INSERT INTO users ' . '(user, email, department, role) ' . 'VALUES (:user, :email, :department, :role)'); $statement->bindValue(':user', $user, PDO::PARAM_STR); $statement->bindValue(':email', $email, PDO::PARAM_STR); $statement->bindValue(':department', $department, PDO::PARAM_INT); $statement->bindValue(':role', $role, PDO::PARAM_STR); $statement->execute(); $uid = $database->lastInsertId(); $statement = $database->prepare("INSERT INTO pwresets (token, users_id) " . "VALUES (:token, :users_id)"); $statement->bindValue(':token', $guid, PDO::PARAM_STR); $statement->bindValue(':users_id', $uid, PDO::PARAM_INT); $result = $statement->execute(); if ($result === false) { return $statement->errorInfo()[2]; } $message = Swift_Message::newInstance(); $message->setSender('noreply@' . $_SERVER['SERVER_NAME']); $message->setReturnPath('noreply@' . $_SERVER['SERVER_NAME']); $message->setFrom(array('noreply@' . $_SERVER['SERVER_NAME'] => 'noreply@' . $_SERVER['SERVER_NAME'])); $message->setSubject('Holiday Management Registration - ' . $_SERVER['SERVER_NAME']); $message->setTo(array($email => $user)); $message->setBody('You have been signed up for the holiday management system by your administrator. ' . 'To complete your registration you must set a password on this system, this will also server to verify your ' . 'email address. Please visit ' . $baseURL . 'pwreset/' . $guid . ' to verify this and setup the password.\\r\\n' . 'If this email was sent in error please visit ' . $baseURL . 'unsubscribe/' . $guid . ' to unsubscribe and we won\'t send' . ' you any more emails'); $message->addPart('<html><head></head><body><p>You have been signed up for the holiday management system by your ' . 'administrator. To complete your registration you must set a password on this system, this will also server to ' . 'verify your email address. Please visit <a href="' . $baseURL . 'pwreset/' . $guid . '">here</a> to verify this and ' . 'setup the password.</p><p>If this email was sent in error please <a href="' . $baseURL . 'unsubscribe/' . $guid . '">' . 'unsubscribe and we won\'t send you any more emails</a></p></body></html>', 'text/html'); $mailer = Swift_Mailer::newInstance(Swift_SmtpTransport::newInstance('localhost', 25)); $mailer->send($message); return ""; }
public function getRequest(&$post) { $strSOAPheader = '<SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/">' . '<SOAP-ENV:Header xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/">' . '<wsse:Security soap:mustUnderstand="1" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">' . '<wsse:UsernameToken>' . '<wsse:Username>' . $post['Username'] . '</wsse:Username>' . '<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">' . $post['Password'] . '</wsse:Password>' . '</wsse:UsernameToken>' . '</wsse:Security>' . '</SOAP-ENV:Header>' . '<SOAP-ENV:Body xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/">' . '{SOAPBODY}' . '</SOAP-ENV:Body>' . '</SOAP-ENV:Envelope>'; list($agentId) = explode('#', $post['AgentId']); $strSOAPBody = '<OTA_HotelResNotifRQ xmlns="http://www.opentravel.org/OTA/2003/05" Version="1.0" EchoToken="' . getGUID() . '" ResStatus="' . $this->book_state . '" TimeStamp="' . $this->date_stamp . '">' . '<POS>' . '<Source>' . '<RequestorID Type="' . $this->request_type_id . '" ID="' . $agentId . '"/>' . '</Source>' . '</POS>' . '<HotelReservations>' . '<HotelReservation LastModifyDateTime="' . $this->date_stamp . '">' . '<UniqueID Type="14" ID="' . $post['ResID'] . '"/>' . $this->getRoomStay($post) . $this->getResGuests() . $this->getResGlobalInfo($post) . '</HotelReservation>' . '</HotelReservations>' . '</OTA_HotelResNotifRQ>'; //FINAL REQUEST BUILDING. $post['request'] = array(str_replace('{SOAPBODY}', $strSOAPBody, $strSOAPheader)); }
function saveData($location) { global $_FILE, $_POST; // Get connection to the DB $link = getConnection(); // Generate global unique Game ID $guid = getGUID(); // Insert Game Data for the Player $query = "INSERT INTO Uploads VALUES('" . (string) $guid . "', '" . (string) $_POST['name'] . "', '" . (string) $_POST['description'] . "', 'Aspect', '" . (string) $location . "');"; $res = mysqli_query($link, $query); echo (string) mysqli_error($link); }
function nsf_parser($username, $password, $xml_url) { $ch = curl_init(); $timeout = 3600; curl_setopt($ch, CURLOPT_URL, $xml_url); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); // curl_setopt($ch, CURLOPT_CUSTOMREQUEST, 'GET'); curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, $timeout); $data = curl_exec($ch); // $response = curl_getinfo($ch); curl_close($ch); $xml = simplexml_load_string($data); if ($xml) { $trustDetail = $xml->applicantDetails->trust->trustDetail; $trustee = $xml->applicantDetails->trust->trustee; global $wpdb; $wp_hasher = new PasswordHash(8, TRUE); $sql = "SELECT * FROM wp_users WHERE user_login = '******' "; $resultuser = $wpdb->get_results($sql); if ($resultuser) { function getGUID() { if (function_exists('com_create_guid')) { return com_create_guid(); } else { mt_srand((double) microtime() * 10000); //optional for php 4.2.0 and up. $charid = strtoupper(md5(uniqid(rand(), true))); $hyphen = chr(45); // "-" $uuid = chr(123) . substr($charid, 0, 8) . $hyphen . substr($charid, 8, 4) . $hyphen . substr($charid, 12, 4) . $hyphen . substr($charid, 16, 4) . $hyphen . substr($charid, 20, 12) . chr(125); // "}" return $uuid; } } foreach ($resultuser as $results) { if ($wp_hasher->CheckPassword($password, $results->user_pass)) { $unique = trim(getGUID(), '{}'); $result = $wpdb->insert('service_nsf', array('unique_code' => $unique, 'user_email' => "", 'fundName' => $trustDetail->name, 'numMembers' => '', 'stateLaw' => '', 'fundAddressCareOf' => '', 'fundAddressLevel' => '', 'fundAddressStreet' => $trustDetail->contactDetails->addressDetails[0]->addressLine1, 'fundAddressSuburb' => $trustDetail->contactDetails->addressDetails[0]->city, 'fundAddressState' => $trustDetail->contactDetails->addressDetails[0]->state, 'fundAddressPostcode' => $trustDetail->contactDetails->addressDetails[0]->postcode, 'teeMtgAddressLevel' => '', 'teeMtgAddressStreet' => '', 'teeMtgAddressSuburb' => '', 'teeMtgAddressState' => '', 'teeMtgAddressPostcode' => '', 'm1MemberNamePrefix' => $trustee->business->officeBearer[0]->persone->title, 'm1MemberGivenNames' => $trustee->business->officeBearer[0]->persone->givenNames, 'm1MemberFamilyName' => $trustee->business->officeBearer[0]->persone->surname, 'm1MemberDOB' => $trustee->business->officeBearer[0]->persone->dateOfBirth, 'm1MemberTFN' => '', 'm1AddressLevel' => '', 'm1AddressStreet' => $trustee->business->officeBearer[0]->contactDetails->addressDetails->addressLine1, 'm1AddressSuburb' => $trustee->business->officeBearer[0]->contactDetails->addressDetails->city, 'm1AddressState' => $trustee->business->officeBearer[0]->contactDetails->addressDetails->state, 'm1AddressPostcode' => $trustee->business->officeBearer[0]->contactDetails->addressDetails->postcode, 'm2MemberNamePrefix' => $trustee->business->officeBearer[1]->persone->title, 'm2MemberGivenNames' => $trustee->business->officeBearer[1]->persone->givenNames, 'm2MemberFamilyName' => $trustee->business->officeBearer[1]->persone->surname, 'm2MemberDOB' => $trustee->business->officeBearer[1]->persone->dateOfBirth, 'm2MemberTFN' => '', 'm2AddressLevel' => '', 'm2AddressStreet' => $trustee->business->officeBearer[1]->contactDetails->addressDetails->addressLine1, 'm2AddressSuburb' => $trustee->business->officeBearer[1]->contactDetails->addressDetails->city, 'm2AddressState' => $trustee->business->officeBearer[1]->contactDetails->addressDetails->state, 'm2AddressPostcode' => $trustee->business->officeBearer[1]->contactDetails->addressDetails->postcode, 'm3MemberNamePrefix' => $trustee->business->officeBearer[2]->persone->title, 'm3MemberGivenNames' => $trustee->business->officeBearer[2]->persone->givenNames, 'm3MemberFamilyName' => $trustee->business->officeBearer[2]->persone->surname, 'm3MemberDOB' => $trustee->business->officeBearer[2]->persone->dateOfBirth, 'm3MemberTFN' => '', 'm3AddressLevel' => '', 'm3AddressStreet' => $trustee->business->officeBearer[2]->contactDetails->addressDetails->addressLine1, 'm3AddressSuburb' => $trustee->business->officeBearer[2]->contactDetails->addressDetails->city, 'm3AddressState' => $trustee->business->officeBearer[2]->contactDetails->addressDetails->state, 'm3AddressPostcode' => $trustee->business->officeBearer[2]->contactDetails->addressDetails->postcode, 'm4MemberNamePrefix' => $trustee->business->officeBearer[3]->persone->title, 'm4MemberGivenNames' => $trustee->business->officeBearer[3]->persone->givenNames, 'm4MemberFamilyName' => $trustee->business->officeBearer[3]->persone->surname, 'm4MemberDOB' => $trustee->business->officeBearer[3]->persone->dateOfBirth, 'm4MemberTFN' => '', 'm4AddressLevel' => '', 'm4AddressStreet' => $trustee->business->officeBearer[3]->contactDetails->addressDetails->addressLine1, 'm4AddressSuburb' => $trustee->business->officeBearer[3]->contactDetails->addressDetails->city, 'm4AddressState' => $trustee->business->officeBearer[3]->contactDetails->addressDetails->state, 'm4AddressPostcode' => $trustee->business->officeBearer[3]->contactDetails->addressDetails->postcode, 't2NonMemberNamePrefix' => '', 't2NonMemberGivenNames' => '', 't2NonMemberFamilyName' => '', 't2NonMemberAddressLevel' => '', 't2NonMemberAddressStreet' => '', 't2NonMemberAddressSuburb' => '', 't2NonMemberAddressState' => '', 't2NonMemberAddressPostcode' => '', 'corpTeeName' => $trustee->business->businessDetail->businessName, 'corpTeeACN' => '', 'corpTeeAddressCareOf' => '', 'corpTeeAddressLevel' => '', 'corpTeeAddressStreet' => $trustee->business->contactDetails->addressDetails[1]->addressLine1, 'corpTeeAddressSuburb' => $trustee->business->contactDetails->addressDetails[1]->city, 'corpTeeAddressState' => $trustee->business->contactDetails->addressDetails[1]->state, 'corpTeeAddressPostcode' => $trustee->business->contactDetails->addressDetails[1]->postcode, 'd2NonMemberNamePrefix' => '', 'd2NonMemberGivenNames' => '', 'd2NonMemberFamilyName' => '', 'd2NonMemberAddressLevel' => '', 'd2NonMemberAddressStreet' => '', 'd2NonMemberAddressSuburb' => '', 'd2NonMemberAddressState' => '', 'd2NonMemberAddressPostcode' => '', 'chairmanTrustee' => '')); return array('unique_code' => $unique); } else { return array('username' => 'Invalid username or password1'); } } } else { return array('username' => 'Invalid username or password ' . $result); } } else { return array('error' => 'no data found'); } }
function generateToken() { /***************************************************************************************** * Create and set a new token for CSRF protection * on initial entry or after form errors and we are going to redisplay the form. ******************************************************************************************/ $salt = ""; $tokenStr = ""; $salt = sha1($_SERVER["HTTP_HOST"]); setcookie("token", "", time() - 42000); $_SESSION["salt"] = $salt; $_SESSION["guid"] = getGUID(); $_SESSION["ip"] = $_SERVER["REMOTE_ADDR"]; $_SESSION["time"] = time(); $tokenStr = "IP:" . $_SESSION["ip"] . ",SESSIONID:" . session_id() . ",GUID:" . $_SESSION["guid"]; $_SESSION["token"] = sha1($tokenStr . $_SESSION["salt"] . $_SESSION["salt"]); if (setcookie("token", $_SESSION["token"], time() + 86400)) { $_SESSION["usecookie"] = True; } }
/** * Created by PhpStorm. * User: root * Date: 21/11/15 * Time: 5:42 PM */ function AddToken($Data) { include '../common/Models/Database.php'; include '../common/helpers/QueryGenrator.php'; $table = 'userinfo'; $QueryGen = new QueryGenrator(); $DB = new DatabaseModel(); $data = array("AccessToken" => getGUID()); $Email = $Data['Email']; $Password = $Data['Password']; $condition = "WHERE Email = '{$Email}' AND Password = '******'"; $QueryCheck = $Query = $QueryGen->select($table, $DATA = "None", $condition); $CheckInfo = $DB->select($QueryCheck); if ($CheckInfo == ERROR_DATA_NOT_FOUND) { return ERROR_DATA_NOT_FOUND; } $Query = $QueryGen->update($table, $data, $condition); $DBEntry = $DB->update($Query); return $data['AccessToken']; }
/** * This method is used to store the ionformation about a Tweety game session. This information can later be * used to find the top 10 scores, find game info about a particular session etc. * * @param player_name :: Name of the Player * @param time_remaining :: Total time remaining in seconds * @param score :: Total score at the end of the game * @param num_correct :: Number of correct pairs selected * @param num_incorrect :: Number of incorrect pairs selected * @param profile_pic :: Profile Picture link of the player */ function storeGameInfo($player_name, $time_remaining, $score, $num_correct, $num_incorrect, $profile_pic) { // Get connection to the DB $link = getConnection(); // Generate global unique Game ID $guid = getGUID(); // Insert Game Data for the Player $query = "INSERT INTO Scores(Game_ID, Player, Score, Time_Remaining, Num_Correct, Num_Incorrect, Profile_Pic) VALUES('" . (string) $guid . "'," . $player_name . ", " . $score . ", " . $time_remaining . ", " . $num_correct . ", " . $num_incorrect . ", " . $profile_pic . ");"; $res = mysqli_query($link, $query); $affectedRows = mysqli_affected_rows($link); // log information based on result if ($affectedRows == 1) { if ($player_name == NULL) { $player_name = 'NOT_SPECIFIED'; } logSuccess('gameSelectionLogs.html', 'Player <b>' . $player_name . '</b>\'s game data has been stored. Game ID: <b>' . $guid . '</b>.'); } else { if ($player_name == NULL) { $player_name = 'NOT_SPECIFIED'; } logError('gameSelectionLogs.html', 'Unable to store game data for Player <b>' . $player_name . '</b>. <b> ERROR: </b>' . (string) mysqli_error($link)); } }
/** * Generate a unique guid * * @param int $length length of guid * @return string generated guid */ function getGUID($length = 8) { $str = generateRandomString($length); $r = select_sql('SELECT * FROM allguids WHERE guid = ?', 's', $str); if ($r == array()) { insert_sql("INSERT INTO allguids(guid) VALUES(?)", 's', array($str)); return $str; } else { return getGUID($length); } }
include "funciones.php"; $conn = conexion(); //Variables Alumno @($id_alumno = getGUID()); @($id_alumno = substr($id_alumno, 1, length - 1)); @($nombre_alumno = $_POST['alumno_nombre']); @($apellidos_alumno = $_POST['alumno_apellidos']); @($edad_alumno = $_POST['alumno_edad']); @($mail_alumno = $_POST['alumno_mail']); @($grupo_alumno = $_POST['alumno_grupo']); @($carrera_alumno = $_POST['alumno_carrera']); @($tipo_usuario = 'Alumno'); @($contraseña_alumno = $_POST['alumno_contraseña']); // //Variables Maestro @($id_maestro = getGUID()); @($id_maestro = substr($id_maestro, 1, length - 1)); @($nombre_maestro = $_POST['maestro_nombre']); @($apellidos_maestro = $_POST['maestro_apellidos']); @($edad_maestro = $_POST['maestro_edad']); @($correo_maestro = $_POST['maestro_correo']); @($estado_maestro = 'Activo'); @($materia_maestro = $_POST['maestro_materia']); // if ($nombre_alumno != '') { $Insert_Alumno = mysql_query("INSERT INTO alumno VALUES ('{$id_alumno}',\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t'{$nombre_alumno}',\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t'{$apellidos_alumno}',\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t{$edad_alumno},\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t'{$mail_alumno}',\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t'{$contraseña_alumno}',\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t'{$grupo_alumno}',\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t'{$carrera_alumno}',\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t'{$tipo_usuario}')", $conn); if ($Insert_Alumno) { session_start(); $_SESSION["Alumno"] = "Alumno"; header('Location: ../indexAlumno.php'); } else {
public function registrationAction() { $ErrorMessage = ''; $vEmail = ''; $vFirstName = ''; $vLastName = ''; if (filter_input(INPUT_POST, 'registration_btn') !== NULL) { $vEmail = POSTStrAsSQLStr('email'); $vFirstName = POSTStrAsSQLStr('firstname'); $vLastName = POSTStrAsSQLStr('lastname'); if (empty($ErrorMessage)) { if (!preg_match("/[\\x{0400}-\\x{04FF}\\x]{1,32}/u", $vFirstName)) { $ErrorMessage = 'Имя пользователя должно содержать только символы кириллицы.'; } } if (empty($ErrorMessage)) { if ($_POST['password'] != $_POST['password2']) { //return AddAlertMessage('danger', 'Пароли не совпадают', '/auth/registration'); $ErrorMessage = 'Пароль и подтверждение пароля не совпадают.'; } } if (empty($ErrorMessage)) { $vSecurimage = new Securimage(); if (!$vSecurimage->check($_POST['CaptchaCodeEdt']) == true) { $ErrorMessage = 'Вам нужно решить пример правильно.'; } } if (empty($ErrorMessage)) { $sql = "select ID from Users where (Email = '{$vEmail}');"; $user = $this->db->query($sql)->fetch(); if (!empty($user['ID'])) { //return AddAlertMessage('danger', 'Такой e-mail уже зарегистрирован', '/auth/registration'); $ErrorMessage = "Пользователь с такой эл. почтой уже существует."; $vEmail = ''; } else { $vUniversalID = getGUID(); /*$this->db->prepare('INSERT INTO Users (PasswordHash, UserName, PhoneNumber, Email, EmailConfirmed, UniversalType, UniversalID) ' . 'VALUES (:ph, :un, :pn, :e, 1, 1, :uid)')-> execute(array('ph' => EncryptPassword(Tools::getValue('password')), 'un' => Tools::getValue('email'), 'pn' => Tools::getValue('phone'), 'e' => Tools::getValue('email'), 'uid' => $vUniversalID)); $id = $this->db->lastInsertId(); $this->db->prepare('INSERT INTO UserData (UserID, FirstName, LastName) VALUES (:ui, :fn, :ln)')->execute(array('ui' => $id, 'fn' => Tools::getValue('firstname'), 'ln' => Tools::getValue('lastname'))); */ $sql = "insert into Users(UniversalType, UniversalID, UserName, Email, EmailConfirmed, PasswordHash) " . "values(1, '{$vUniversalID}', '{$vEmail}', '{$vEmail}', 1, '" . EncryptPassword($_POST['password']) . "') " . "on duplicate key update " . "UniversalID = '{$vUniversalID}';"; $this->db->exec($sql); $UserID = $this->db->lastInsertId(); $sql = "insert into UserData(UserID, FirstName, LastName) " . "values({$UserID}, '{$vFirstName}', '{$vLastName}') " . "on duplicate key update " . "UserID = {$UserID};"; $this->db->exec($sql); if (LoginUsingUniversalID($vUniversalID)) { return AddAlertMessage('success', 'Добро пожаловать!', '/'); } else { return AddAlertMessage('danger', 'Ошибка при регистрации!', '/'); } } } } if (!empty($ErrorMessage)) { AddAlertMessage('danger', $ErrorMessage); } $this->view->setVars(array('Email' => $vEmail, 'FirstName' => $vFirstName, 'LastName' => $vLastName)); $this->view->breadcrumbs = array(array('url' => '/auth/registration', 'title' => 'Регистрация')); $this->view->meta = array('meta_title' => 'Регистрация пользователя', 'meta_description' => 'Регистрация пользователя', 'meta_keywords' => ''); $this->view->generate(); }
?> </tbody> </table> </div> </div> <div class="tab-pane" id="condensed"> <div class="box-content"> <form action="index.php?page=addoffer&mID=<?php echo $_REQUEST['mID']; ?> " class='validate form-horizontal' method="post" name="addmerchant" enctype="multipart/form-data"> <div class="control-group"> <label for="title" class="control-label">Code</label> <div class="controls"> <input type="text" name="code" value="<?php echo getGUID(6); ?> " class='{required:true} span8'> </div> </div> <div class="control-group"> <label for="title" class="control-label">Title</label> <div class="controls"> <input type="text" name="title" value="<?php echo $_REQUEST['title']; ?> " class='{required:true} span8'> </div> </div> <div class="control-group"> <label for="title" class="control-label">Description</label>
<?php require_once 'php/db.php'; insert_sql("INSERT INTO category(guid, name, description) VALUES(?,?,?)", 'sss', array(getGUID(8), $_GET['name'], $_GET['desc']));
function getGUID() { if (function_exists('com_create_guid')) { return com_create_guid(); } else { mt_srand((double) microtime() * 10000); //optional for php 4.2.0 and up. $charid = strtoupper(md5(uniqid(rand(), true))); $hyphen = chr(45); // "-" $uuid = chr(123) . substr($charid, 0, 8) . $hyphen . substr($charid, 8, 4) . $hyphen . substr($charid, 12, 4) . $hyphen . substr($charid, 16, 4) . $hyphen . substr($charid, 20, 12) . chr(125); // "}" return $uuid; } } $appguid = getGUID(); echo "<?xml version=\"1.0\" encoding=\"utf-8\"?>" . PHP_EOL; ?> <Project ToolsVersion="12.0" DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003"> <Import Project="$(MSBuildExtensionsPath)\$(MSBuildToolsVersion)\Microsoft.Common.props" Condition="Exists('$(MSBuildExtensionsPath)\$(MSBuildToolsVersion)\Microsoft.Common.props')" /> <PropertyGroup> <Configuration Condition=" '$(Configuration)' == '' ">Release</Configuration> <Platform Condition=" '$(Platform)' == '' ">AnyCPU</Platform> <ProjectGuid><?php echo $appguid; ?> </ProjectGuid> <OutputType>Exe</OutputType> <AppDesignerFolder>Properties</AppDesignerFolder> <RootNamespace><?php echo $_PROG->name;
function insertObject($userId, $tableName, $values) { global $con; global $systemColumns; $values_array = json_decode($values, true); foreach ($systemColumns as $systemColumn) { unset($values_array[$systemColumn]); } foreach ($values_array as $key => $value) { $sql[] = is_numeric($value) ? "{$key} = {$value}" : "{$key} = '" . $con->real_escape_string($value) . "'"; } $guid = getGUID(); $lastModifiedDatetime = time(); $lastModifiedById = $userId; $isDeleted = "false"; array_push($sql, "guid = '{$guid}'", "lastModifiedDatetime = '{$lastModifiedDatetime}'", "lastModifiedById = '{$lastModifiedById}'", "isDeleted = '{$isDeleted}'"); $sqlclause = implode(",", $sql); $query = "INSERT INTO {$tableName} SET {$sqlclause};"; if (runQuery($query)) { fetchObjectWithClause($tableName, "guid = '" . $guid . "'"); } }
die("Not valid information!"); } // combine the OMOP required vocab ids with the user selected vocab ids $allvocabids = $vocabids + $OMOPTypes; $allvocabids = array_unique($allvocabids); if ($CDMVersion == 4.5) { $Cred = $database_prodv4_credentials; } else { $Cred = $database_prodv5_credentials; } $VocIds = implode(",", $allvocabids); //$FName = implode("_", $vocabids).".zip"; if ($CDMVersion == 4.5) { $FName = "vocab_download_v4_5_" . getGUID() . ".zip"; } else { $FName = "vocab_download_v5_" . getGUID() . ".zip"; } $shell_exec_string = 'nohup ' . $perl_dump_script_dir . 'dump.pl ' . $Cred . ' ' . $CDMVersion . ' ' . $zip_file_output_dir . $FName . ' ' . $VocIds . ' > /dev/null & echo $!'; $PID = shell_exec($shell_exec_string); if (!$PID) { $e = oci_error($stid); sendErrorEmail("downloads.php shell_exec failed, exec_string=" . $shell_exec_string); header("Location:error.php?errorMessage=" . urlencode("Error: unable to generate export file")); die; } $insert_user_process_sql = "INSERT INTO VOCAB_DOWNLOAD.VOCABULARY_USER (\n EMAIL_ADDRESS,\n NAME,\n ORGANIZATION,\n ADDRESS,\n CITY_NAME,\n COUNTRY_NAME,\n PHONE_NUMBER,\n VOCABULARY_LIST,\n PROCESS_ID,\n TITLE,\n STATE,\n ZIP_CODE,\n\tFILE_NAME,\n FILE_CREATION_JOB_RUNNING_FLAG\n ) VALUES (\n '" . $email . "',\n '" . $name . "',\n '" . $Organization . "',\n '" . $Address . "',\n '" . $City . "',\n '" . $Country . "',\n '" . $Phone . "',\n '" . $VocIds . "',\n " . $PID . ",\n '" . $Title . "',\n '" . $State . "',\n '" . $Zip . "',\n '" . $FName . "',\n 'Y'\n )"; $stid_add_user_process = oci_parse($conn, $insert_user_process_sql); if (!$stid_add_user_process) { $e = oci_error($conn); sendErrorEmail("downloads.php: oci_parse INSERT INTO VOCAB_DOWNLOAD.VOCABULARY_USER table failed, sql=" . $insert_user_process_sql . ", error message=" . $e['message']); header("Location:error.php?errorMessage=" . urlencode("Error: unable to log export file request"));
} if (lg_debug) { $dbMsg .= "city = " . $city . "<br />\n"; } /****************************************************************************************************************** * Set $locked, $dateLocked and unlock $token ******************************************************************************************************************/ $locked = "1"; if (lg_debug) { $dbMsg .= "locked = 1<br />\n"; } $dateLocked = dbNow(); if (lg_debug) { $dbMsg .= "dateLocked = " . $dateLocked . "<br />\n"; } $token = strtoupper(sha1(getGUID())); if (lg_debug) { $dbMsg .= "token = " . $token . "<br />\n"; } /****************************************************************************************************************** * Write new account to user's table in database ******************************************************************************************************************/ addUser($dateRegistered, $userid, $passhash, $name, $email, $ip, $region, $city, $country, $useragent, $website, $news, $locked, $dateLocked, $token); if (lg_debug) { $dbMsg .= "Database insert occurred. Result = " . $numAffected . "<br />\n"; } if ($numAffected == 1) { /****************************************************************************************************************** * On success, $email user the unlock $token. Copy the webmaster ******************************************************************************************************************/ if (lg_debug) {
function AddTaskForSendEmail_UseTemplate($AFromEmail, $AFromName, $AToEmail, $AToName, $ASubject, $AUseTemplate, $ATemplateParamsArray, $APriority = 50, $ABlindCopyToEmail = '', $ACopyToEmail = '') { if (isset($ATemplateParamsArray)) { $vTemplateParamsArray = base64_encode(serialize($ATemplateParamsArray)); } else { $vTemplateParamsArray = ''; } $sql = "insert into Emails_ToSend(RecordGUID, CreateDate, FromEmail, FromName, ToEmail, ToName, CopyToEmail, BlindCopyToEmail, Subject, Body, UseTemplate, Priority) " . "values('" . getGUID() . "', '" . GetLocalDateTimeAsSQLStr() . "', '{$AFromEmail}', '{$AFromName}', '{$AToEmail}', '{$AToName}', '{$ACopyToEmail}', '{$ABlindCopyToEmail}', '{$ASubject}', '{$vTemplateParamsArray}', '{$AUseTemplate}', {$APriority});"; GetMainConnection()->exec($sql); $vTemplateParamsArray = ''; CURL_SpeedUp_SendEmail(); //$YourSerializedData = base64_encode(serialize($theHTML)); //$theHTML = unserialize(base64_decode($YourSerializedData)); }
function getGUID() { if (function_exists('com_create_guid')) { return com_create_guid(); } else { mt_srand((double) microtime() * 10000); //optional for php 4.2.0 and up. $charid = strtoupper(md5(uniqid(rand(), true))); $hyphen = chr(45); // "-" $uuid = chr(123) . substr($charid, 0, 8) . $hyphen . substr($charid, 8, 4) . $hyphen . substr($charid, 12, 4) . $hyphen . substr($charid, 16, 4) . $hyphen . substr($charid, 20, 12) . chr(125); // "}" return $uuid; } } $guidString = getGUID(); $GUID = substr($guidString, 1, -1); $guid = isset($_SESSION["step2-guid"]) ? $_SESSION["step2-guid"] : $GUID; ?> <div class="full-registration" ng-app="listpp" ng-controller="PhoneListCtrl"> <div class="container"> <div class="f-space15"></div> <div class="row"> <div class="heading">CRUD Application using AngularJS, PHP and MySQL</div> </div> <hr /> <div class="full-step3"> <div class="row"> <div class="col-sm-6 form-box"> <div class="step3form-heading">Add a person</div>
function get_skin($user, $skinData) { $tmp = tempnam("/tmp", "skin_"); if (!file_put_contents($tmp, base64_decode($skinData))) { return FALSE; } $info = getimagesize($tmp); if ($info[0] != 64 || $info[1] != 32 && $info[1] != 64 || $info['mime'] != 'image/png') { error_log(print_r(getimagesize($tmp), true)); return FALSE; } $link = newdb(); $stmt = $link->prepare("SELECT skin FROM players WHERE player=?"); $stmt->bind_param('s', $user); $stmt->execute(); $stmt->bind_result($oldskin); $stmt->fetch(); $stmt->free_result(); if ($oldskin and is_readable("./Skins/" . $oldskin)) { unlink("./Skins/" . $oldskin); } $newskin = getGUID(false) . getGUID(false); $stmt = $link->prepare("UPDATE players SET skin=? WHERE player=?"); $stmt->bind_param('ss', $newskin, $user); $stmt->execute(); if (!rename($tmp, "./Skins/" . $newskin)) { return FALSE; } return TRUE; }
} $cIngred5 = $cIngred5 - $rIngred5; $numValid++; } if ($numValid < 1) { returnFailedAllocate(); } // echo "got past ingred compares\n"; $query = "UPDATE orderTable SET ing0=" . $cIngred0 . ", ing1=" . $cIngred1 . ", ing2=" . $cIngred2 . ", ing3=" . $cIngred3 . ", ing4=" . $cIngred4 . ", ing5=" . $cIngred5 . " WHERE orderID=\"0\""; $result = mysqli_query($dbCon, $query); if (!$result) { // echo "Error updating reserved ingredients\n"; // echo mysqli_error($dbCon); returnFailedAllocate(); } date_default_timezone_set("America/New_York"); $date = date_create(); $time = date_timestamp_get($date); $barcode = getGUID(); $query = 'INSERT INTO orderTable (orderID, ing0, ing1, ing2, ing3, ing4, ing5, orderTime) VALUES ("' . $barcode . '", ' . $rIngred0 . ', ' . $rIngred1 . ', ' . $rIngred2 . ', ' . $rIngred3 . ', ' . $rIngred4 . ', ' . $rIngred5 . ', ' . $time . ')'; $result = mysqli_query($dbCon, $query); if (!$result) { // echo "Error inserting new drink order\n"; // echo mysqli_error($dbCon); returnFailedAllocate(); } $createBarcodeImage = '/usr/local/bin/zint -b 92 --scale=10 -o /srv/http/barcodeImages/' . $barcode . '.png --data=' . $barcode; exec($createBarcodeImage); $expireTime = $time + 600; $arr = array('barcode' => $barcode, 'expireTime' => $expireTime); echo json_encode($arr);
<?php // DB connection include_once 'database.php'; $user = $_POST['email']; $pass = $_POST['userkey']; $md5password = md5($pass); $GUID = getGUID(); $GUID = substr($GUID, 1, -1); //echo $password; $callback = isset($_GET['callback']) ? preg_replace('/[^a-z0-9$_]/si', '', $_GET['callback']) : false; header('Content-Type: ' . ($callback ? 'application/javascript' : 'application/json') . ';charset=UTF-8'); $conn = mysql_connect($server, $username, $password) or die("Couldn't connect to MySQL" . mysql_error()); mysql_select_db($database, $conn) or die("Couldn't open {$test}: " . mysql_error()); $rows = array(); $update = mysql_query("UPDATE users SET accesstoken ='" . $GUID . "' WHERE email='" . $user . "'"); $rows["token"] = $GUID; $result = mysql_query("SELECT users.id as userid, users.firstname, users.lastname, users.email, users.handle, users.profileimg, users.companyid, \n companies.name AS companyname, companies.img AS companyimg\n FROM users \n INNER JOIN companies \n ON companies.id=users.companyid WHERE users.email = '" . $user . "' AND users.userkey = '" . $md5password . "'"); while ($p = mysql_fetch_assoc($result)) { $rows["user"][] = $p; } echo ($callback ? $callback . '(' : '') . json_encode($rows) . ($callback ? ')' : ''); mysql_close($conn); function getGUID() { if (function_exists('com_create_guid')) { return com_create_guid(); } else { mt_srand((double) microtime() * 10000); //optional for php 4.2.0 and up. $charid = strtoupper(md5(uniqid(rand(), true)));
// If the username, the password, and the validation password POST variables exist if (isset($_POST["username"]) || isset($_POST["password"]) || isset($_POST["vpassword"])) { // Getting the username, the password, and the validation password $username = $_POST["username"]; $password = $_POST["password"]; $vpassword = $_POST["vpassword"]; // If no one is empty if (!empty($username) && !empty($password) && !empty($vpassword)) { // Sending a request to the database to get a user with the same name as the given name $req = Core\Queries::execute('SELECT * FROM openauth_users WHERE username=:username', ['username' => $username]); // If the request is null, or is empty (so the user doesn't already exist) if (is_null($req) || empty($req)) { // If the password and the validation password are the same if ($password == $vpassword) { // Generating a new GUID $guid = getGUID(); // Generating a new UUID $uuid = md5(uniqid(rand(), true)); // Hashing the given password $password = hash('sha256', $password); // Sending a request to the database to add the user Core\Queries::execute('INSERT INTO openauth_users (guid, uuid, username, password) VALUES (:guid, :uuid, :username, :password)', ['username' => $username, 'uuid' => $uuid, "password" => $password, 'guid' => $guid]); // Setting the 'You are now suscribed' message $notif = "Vous êtes bien inscrits !"; } else { // Setting the 'Different passwords' message $notif = 'Les mots de passe sont different !'; } } else { // Setting the 'User already exists' message $notif = 'Le pseudo est déjà utilise !';
public function syncToDatabase() { $url = getGUID(40); $sql = insert_sql("INSERT INTO ra_mail(user_guid, url, action) VALUES(?,?,?)", 'ssi', array($this->guid, $url, ACTIONRESETPASSWORD)); if ($sql) { svMail($this->data['email'], "Registratie spullenverloten.nl", array(MAILUSERNAME => $this->username, MAILCODE => $url), 'reset'); $this->message = "Er zijn instructies verstuurd naar uw emailadres."; $this->state = STATE_SUCCESS; } else { $this->message = "Er ging onverwacht iets mis. Probeer het later nog eens."; } }
$message = lg_phrase_no_matching_registration; if (lg_debug) { $dbMsg .= "Message: " . $message . "<br />\n"; } } } if ($message == "") { /******************************************************************************************************************* * We have a valid, locked account, issue a new token and update the user table *******************************************************************************************************************/ if (lg_debug) { $dbMsg .= "Valid, locked account: Issue Token<br />\n"; } $locked = "1"; $dateLocked = dbNow(); $token = sha1(getGUID()); if (lg_debug) { $dbMsg .= "Locked = " . $locked . "<br />\n"; } if (lg_debug) { $dbMsg .= "dateLocked = " . $dateLocked . "<br />\n"; } if (lg_debug) { $dbMsg .= "Token = " . $token . "<br />\n"; } ivt_issueToken($token, $locked, $dateLocked, $id); if (lg_debug) { $dbMsg = "numAffected = " . $numAffected . "<br />\n"; } if ($numAffected == 1) { /*******************************************************************************************************************
/** * Do Upgrade */ function do_upgrade($h, $old_version) { $h->messages['Updating from ' . $old_version . ' <i class="fa fa-arrows-h"></i> ' . $h->version] = 'blue'; // can't upgrade from pre-1.0 versions of Hotaru. // 1.0.0 to 1.3.0 updates all removed (check github for old code) // 1.3.0 to 1.4.0 if ($old_version == "1.3.0") { // Drop token_id column from the tokens table if ($h->db->column_exists('tokens', 'token_id')) { $h->db->query("ALTER TABLE " . DB_PREFIX . "tokens DROP token_id"); } // update "old version" for next set of upgrades $old_version = "1.4.0"; } // 1.4.0 to 1.4.1 if ($old_version == "1.4.0") { // update "old version" for next set of upgrades $old_version = "1.4.1"; } // 1.4.1 to 1.4.2 if ($old_version == "1.4.1") { $h->messages['Updated from 1.4.1'] = 'green'; // Change post_title column from `post_title` varchar(255) NULL, to `post_title` text NULL, $exists = $h->db->column_exists('posts', 'post_title'); if ($exists) { $sql = "ALTER TABLE " . TABLE_POSTS . " MODIFY post_title text NULL"; $h->db->query($h->db->prepare($sql)); } // remove multi-site option from settings $sql = "DELETE FROM " . TABLE_SETTINGS . " WHERE settings_name = %s"; $h->db->query($h->db->prepare($sql, 'MULTI_SITE')); //tables to remove site_id from: $tables = array('blocked' => 'blocked', 'categories' => 'category', 'comments' => 'comment', 'plugins' => 'plugin', 'miscdata' => 'miscdata', 'pluginsettings' => 'pluginsetting', 'posts' => 'post', 'settings' => 'settings', 'tags' => 'tag', 'users' => 'user', 'widgets' => 'widget'); // Remove site_id columns foreach ($tables as $table => $column) { if ($exists = $h->db->column_exists($table, $column . '_siteid')) { // Remove column $sql = "ALTER TABLE " . DB_PREFIX . $table . " DROP " . $column . "_siteid"; $h->db->query($sql); } // Remove site_id indices $sql = "SHOW INDEX FROM `" . DB_PREFIX . $table . "` WHERE KEY_NAME = '" . $column . "_siteid'"; $result = $h->db->query($sql); if ($result) { $sql = "DROP INDEX " . $column . "_siteid ON " . DB_PREFIX . $table; $h->db->query($sql); } } // Drop unique site_id keys $sql = "ALTER TABLE `" . TABLE_CATEGORIES . "` DROP INDEX `key`"; $h->db->query($sql); $sql = "ALTER TABLE `" . TABLE_CATEGORIES . "` ADD UNIQUE KEY `key` (`category_name`)"; $h->db->query($sql); $sql = "ALTER TABLE `" . TABLE_PLUGINS . "` DROP INDEX `key`"; $h->db->query($sql); $sql = "ALTER TABLE `" . TABLE_PLUGINS . "` ADD UNIQUE KEY `key` (`plugin_folder`)"; $h->db->query($sql); $sql = "ALTER TABLE `" . TABLE_SETTINGS . "` DROP INDEX `key`"; $h->db->query($sql); $sql = "ALTER TABLE `" . TABLE_SETTINGS . "` ADD UNIQUE KEY `key` (`settings_name`)"; $h->db->query($sql); $sql = "ALTER TABLE `" . TABLE_TAGS . "` DROP INDEX `key`"; $h->db->query($sql); $sql = "ALTER TABLE `" . TABLE_TAGS . "` ADD UNIQUE KEY `key` (`tags_post_id`, `tags_word`)"; $h->db->query($sql); $sql = "ALTER TABLE `" . TABLE_USERS . "` DROP INDEX `key`"; $h->db->query($sql); $sql = "ALTER TABLE `" . TABLE_USERS . "` ADD UNIQUE KEY `key` (`user_username`)"; $h->db->query($sql); // Drop Site table $sql = 'DROP TABLE IF EXISTS `' . DB_PREFIX . 'site`;'; $h->db->query($sql); // Drop Relates table $sql = 'DROP TABLE IF EXISTS `' . DB_PREFIX . 'relates`;'; $h->db->query($sql); // remove the "1" cache folder if permissions allow, otherwise error messages supressed. if (is_dir(CACHE . '1')) { if (is_dir(CACHE . '1/db_cache')) { $h->deleteFiles(CACHE . '1/db_cache'); @rmdir(CACHE . '1/db_cache'); } if (is_dir(CACHE . '1/css_js_cache')) { $h->deleteFiles(CACHE . '1/css_js_cache'); @rmdir(CACHE . '1/css_js_cache'); } if (is_dir(CACHE . '1/rss_cache')) { $h->deleteFiles(CACHE . '1/rss_cache'); @rmdir(CACHE . '1/rss_cache'); } if (is_dir(CACHE . '1/lang_cache')) { $h->deleteFiles(CACHE . '1/lang_cache'); @rmdir(CACHE . '1/lang_cache'); } if (is_dir(CACHE . '1/html_cache')) { $h->deleteFiles(CACHE . '1/html_cache'); @rmdir(CACHE . '1/html_cache'); } if (is_dir(CACHE . '1/debug_logs')) { $h->deleteFiles(CACHE . '1/debug_logs'); @rmdir(CACHE . '1/debug_logs'); } if (file_exists(CACHE . '1/smartloader_cache.php')) { @unlink(CACHE . '1/smartloader_cache.php'); } @rmdir(CACHE . '1'); } // update "old version" for next set of upgrades $old_version = "1.4.2"; } // 1.4.2 to 1.5.0 if ($old_version == "1.4.2") { $h->messages['Updated from 1.4.2'] = 'green'; // update "old version" for next set of upgrades $old_version = "1.5.0"; } // 1.5.0 to 1.5.1 if (version_compare($old_version, "1.4.2") < '<=') { // should set an upper limit here later // Need to cover all of the 1.5.0.RCx verson as well // Add a few new settings $exists = $h->db->column_exists('settings', 'settings_id'); if ($exists) { $newSettings = array('FTP_SITE', 'FTP_USERNAME', 'FTP_PASSWORD'); foreach ($newSettings as $setting) { $sql = "SELECT settings_name FROM " . TABLE_SETTINGS . " WHERE settings_name = %s"; $result = $h->db->get_var($h->db->prepare($sql, $setting)); if (!$result) { $sql = "INSERT INTO " . TABLE_SETTINGS . " (settings_name, settings_value, settings_default, settings_note, settings_show) VALUES(%s, %s, %s, %s, %s)"; $h->db->query($h->db->prepare($sql, $setting, ' ', ' ', ' ', 1)); } } } // drop joint primary key to postvotes table if exists // should not be there $sql = "SHOW INDEX FROM " . TABLE_POSTVOTES . " WHERE KEY_NAME = %s"; $result = $h->db->get_row($h->db->prepare($sql, 'PRIMARY')); if ($result) { $sql = "ALTER TABLE " . TABLE_POSTVOTES . " DROP PRIMARY KEY"; $h->db->query($h->db->prepare($sql)); } $h->messages['Updated from 1.5.0, 1.5.1'] = 'green'; // update "old version" for next set of upgrades $old_version = "1.5.1"; } // 1.5.1 to 1.5.2 if (version_compare($old_version, "1.5.2", '<=') > 0) { // this will also cover 1.5.2.b1 etc but need an upper limit $sql = "SHOW INDEX FROM `" . TABLE_POSTS . "` WHERE KEY_NAME = %s"; $result = $h->db->get_row($h->db->prepare($sql, 'post_author')); if (!$result) { $sql = "ALTER TABLE `" . TABLE_POSTS . "` ADD INDEX (`post_author`)"; $h->db->query($sql); } $sql = "SHOW INDEX FROM " . TABLE_COMMENTS . " WHERE KEY_NAME = %s"; $result = $h->db->get_row($h->db->prepare($sql, 'comment_user_id')); if (!$result) { $sql = "ALTER TABLE `" . TABLE_COMMENTS . "` ADD INDEX (`comment_user_id`)"; $h->db->query($sql); } $sql = "SHOW INDEX FROM " . TABLE_COMMENTS . " WHERE KEY_NAME = %s"; $result = $h->db->get_row($h->db->prepare($sql, 'comment_parent')); if (!$result) { $sql = "ALTER TABLE `" . TABLE_COMMENTS . "` ADD INDEX (`comment_parent`)"; $h->db->query($sql); } $sql = "SHOW INDEX FROM " . TABLE_MESSAGING . " WHERE KEY_NAME = %s"; $result = $h->db->get_row($h->db->prepare($sql, 'message_to')); if (!$result) { $sql = "ALTER TABLE `" . TABLE_MESSAGING . "` ADD INDEX (`message_to`)"; $h->db->query($sql); } // change NULL value setings in settings table $sql = "ALTER TABLE " . TABLE_SETTINGS . " MODIFY `settings_name` varchar(64) NOT NULL"; $h->db->query($sql); $sql = "ALTER TABLE " . TABLE_SETTINGS . " MODIFY `settings_value` text NULL"; $h->db->query($sql); $sql = "ALTER TABLE " . TABLE_SETTINGS . " MODIFY `settings_default` text NULL"; $h->db->query($sql); $sql = "ALTER TABLE " . TABLE_SETTINGS . " MODIFY `settings_note` text NULL"; $h->db->query($sql); // should we hash the settings table on this version // should we urldecode the cats and save them back $h->messages['Updated from 1.5.2.b/rc'] = 'green'; // update "old version" for next set of upgrades $old_version = "1.5.2"; } // 1.5.2 to 1.6.0 if (version_compare($old_version, "1.5.2", '<=') > 0) { // this will also cover 1.5.2.b1 etc but need an upper limit // Add a few new settings $exists = $h->db->column_exists('settings', 'settings_id'); if ($exists) { $newSettings = array('REST_API'); // add more to array as requird foreach ($newSettings as $setting) { $sql = "SELECT settings_name FROM " . TABLE_SETTINGS . " WHERE settings_name = %s"; $result = $h->db->get_var($h->db->prepare($sql, $setting)); if (!$result) { $sql = "INSERT INTO " . TABLE_SETTINGS . " (settings_name, settings_value, settings_default, settings_note, settings_show) VALUES(%s, %s, %s, %s, %s)"; $h->db->query($h->db->prepare($sql, $setting, 'false', 'false', ' ', 1)); } } } $h->messages['Updated from 1.5.2'] = 'green'; // update "old version" for next set of upgrades $old_version = "1.6.0"; } // 1.6.0 to 1.6.6 if (version_compare($old_version, "1.6.0", '<=') > 0) { // Add columns to plugins table for resources from forum to plugin into $exists = $h->db->column_exists('plugins', 'plugin_resourceId'); if (!$exists) { $sql = "ALTER TABLE " . TABLE_PLUGINS . " ADD Column `plugin_resourceId` int(11) NOT NULL DEFAULT 0"; $h->db->query($sql); } $exists = $h->db->column_exists('plugins', 'plugin_resourceVersionId'); if (!$exists) { $sql = "ALTER TABLE " . TABLE_PLUGINS . " ADD Column `plugin_resourceVersionId` int(11) NOT NULL DEFAULT 0"; $h->db->query($sql); } $exists = $h->db->column_exists('plugins', 'plugin_rating'); if (!$exists) { $sql = "ALTER TABLE " . TABLE_PLUGINS . " ADD Column `plugin_rating` varchar(8) NOT NULL DEFAULT '0.0'"; $h->db->query($sql); } // Add a few new settings $exists = $h->db->column_exists('settings', 'settings_id'); if ($exists) { $newSettings = array('FORUM_USERNAME', 'FORUM_PASSWORD'); // add more to array as requird foreach ($newSettings as $setting) { $sql = "SELECT settings_name FROM " . TABLE_SETTINGS . " WHERE settings_name = %s"; $result = $h->db->get_var($h->db->prepare($sql, $setting)); if (!$result) { $sql = "INSERT INTO " . TABLE_SETTINGS . " (settings_name, settings_value, settings_default, settings_note, settings_show) VALUES(%s, %s, %s, %s, %s)"; $h->db->query($h->db->prepare($sql, $setting, '', '', 'Need for auto updates', 1)); } } } $h->messages['Updated from 1.6.*'] = 'green'; // update "old version" for next set of upgrades } // 1.6.6 to 1.7.0 if (version_compare($old_version, "1.7.0", '<=') > 0) { $sql = "SHOW INDEX FROM " . TABLE_POSTS . " WHERE Key_name = %s"; $result = $h->db->get_row($h->db->prepare($sql, 'post_category')); if (!$result) { $sql = "ALTER TABLE `" . TABLE_POSTS . "` ADD INDEX (`post_category`)"; $h->db->query($sql); } // delete out any surplus indices from Post table $sql = "SHOW INDEX FROM " . TABLE_POSTS . " WHERE KEY_NAME like %s"; $result = $h->db->get_results($h->db->prepare($sql, 'post_category_%')); if ($result) { foreach ($result as $item) { $sql = "DROP INDEX `" . $item->Key_name . "` ON " . TABLE_POSTS; $h->db->query($sql); } } // delete out any surplus indices from Messaging table $sql = "SHOW INDEX FROM " . TABLE_MESSAGING . " WHERE KEY_NAME like %s"; $result = $h->db->get_results($h->db->prepare($sql, 'message_to_%')); if ($result) { foreach ($result as $item) { $sql = "DROP INDEX `" . $item->Key_name . "` ON " . TABLE_MESSAGING; $h->db->query($sql); } } // delete out any surplus indices from Comments table $sql = "SHOW INDEX FROM " . TABLE_COMMENTS . " WHERE KEY_NAME like %s"; $result = $h->db->get_results($h->db->prepare($sql, 'comment_user_id_%')); if ($result) { foreach ($result as $item) { $sql = "DROP INDEX `" . $item->Key_name . "` ON " . TABLE_COMMENTS; $h->db->query($sql); } } // delete out any surplus indices from Comments table $sql = "SHOW INDEX FROM " . TABLE_COMMENTS . " WHERE KEY_NAME like %s"; $result = $h->db->get_results($h->db->prepare($sql, 'comment_parent_%')); if ($result) { foreach ($result as $item) { $sql = "DROP INDEX `" . $item->Key_name . "` ON " . TABLE_COMMENTS; $h->db->query($sql); } } // Add userlogin table $table_name = "userlogin"; $exists = $h->db->table_exists($table_name); if (!$exists) { $sql = "CREATE TABLE `" . DB_PREFIX . $table_name . "` (\n `user_id` int(20) NOT NULL,\n `login_provider` varchar(128) NULL,\n `provider_key` varchar(128) NULL,\n `created_at` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,\n INDEX (`user_id`)\n ) ENGINE=" . DB_ENGINE_INNODB . " DEFAULT CHARSET=" . DB_CHARSET . " COLLATE=" . DB_COLLATE . " COMMENT='3rd Party UserLogin Providers';"; $h->db->query($sql); } // Add user_claim table $table_name = "userclaim"; $exists = $h->db->table_exists($table_name); if (!$exists) { $sql = "CREATE TABLE `" . DB_PREFIX . $table_name . "` (\n `claim_id` int(20) NOT NULL AUTO_INCREMENT PRIMARY KEY,\n `user_id` int(20) NOT NULL,\n `claim_type` TEXT NULL,\n `claim_value` TEXT NULL,\n INDEX (`user_id`)\n ) ENGINE=" . DB_ENGINE_INNODB . " DEFAULT CHARSET=" . DB_CHARSET . " COLLATE=" . DB_COLLATE . " COMMENT='UserClaim for login';"; $h->db->query($sql); } // Add or change type in Posts table for post_img $exists = $h->db->column_exists('posts', 'post_img'); if (!$exists) { $sql = "ALTER TABLE " . TABLE_POSTS . " ADD Column `post_img` varchar(255) NULL"; $h->db->query($sql); } else { // make sure it is a varchar not a text field $sql = "ALTER TABLE " . TABLE_POSTS . " MODIFY `post_img` varchar(255) NULL"; $h->db->query($sql); } // Add column to POSTS table for comment_count $exists = $h->db->column_exists('posts', 'post_comments_count'); if (!$exists) { $sql = "ALTER TABLE " . TABLE_POSTS . " ADD Column `post_comments_count` smallint(11) NOT NULL DEFAULT '0'"; $h->db->query($sql); } // Add column to SETTINGS table for setting_type $exists = $h->db->column_exists('settings', 'settings_type'); if (!$exists) { $sql = "ALTER TABLE " . TABLE_SETTINGS . " ADD Column `settings_type` varchar(32) NULL"; $h->db->query($sql); } // Add column to SETTINGS table for setting_subType $exists = $h->db->column_exists('settings', 'settings_subType'); if (!$exists) { $sql = "ALTER TABLE " . TABLE_SETTINGS . " ADD Column `settings_subType` varchar(32) NULL"; $h->db->query($sql); } // Add column to USERS table for `user_is_locked_out` $exists = $h->db->column_exists('users', 'user_is_locked_out'); if (!$exists) { $sql = "ALTER TABLE " . TABLE_USERS . " ADD Column `user_is_locked_out` tinyint(1) NOT NULL DEFAULT 0 AFTER `user_email_conf`"; $h->db->query($sql); } // Add column to USERS table for `user_access_failed_count` $exists = $h->db->column_exists('users', 'user_access_failed_count'); if (!$exists) { $sql = "ALTER TABLE " . TABLE_USERS . " ADD Column `user_access_failed_count` tinyint(1) NOT NULL DEFAULT 0"; $h->db->query($sql); } // Add column to USERS table for `user_last_password_changed_date` $exists = $h->db->column_exists('users', 'user_last_password_changed_date'); if (!$exists) { $sql = "ALTER TABLE " . TABLE_USERS . " ADD Column `user_last_password_changed_date` timestamp NULL"; $h->db->query($sql); } // Add column to USERS table for `user_lockout_date` $exists = $h->db->column_exists('users', 'user_lockout_date'); if (!$exists) { $sql = "ALTER TABLE " . TABLE_USERS . " ADD Column `user_lockout_date` timestamp NULL"; $h->db->query($sql); } // Add column to USERS table for `password_version`. set default as 1 to populate all current data as version 1 $exists = $h->db->column_exists('users', 'password_version'); if (!$exists) { $sql = "ALTER TABLE " . TABLE_USERS . " ADD Column `password_version` tinyint(1) NOT NULL DEFAULT 1 AFTER `user_email_conf`"; $h->db->query($sql); } // modify default value to 2 for new paswords from now on $exists = $h->db->column_exists('users', 'password_version'); if ($exists) { $sql = "ALTER TABLE " . TABLE_USERS . " MODIFY Column `password_version` tinyint(1) NOT NULL DEFAULT 2"; $h->db->query($sql); } // Add a few new settings $exists = $h->db->column_exists('settings', 'settings_id'); if ($exists) { $newSettings = array('JQUERY_PATH', 'BOOTSTRAP_PATH'); // add more to array as requird foreach ($newSettings as $setting) { $sql = "SELECT settings_name FROM " . TABLE_SETTINGS . " WHERE settings_name = %s"; $result = $h->db->get_var($h->db->prepare($sql, $setting)); if (!$result) { $sql = "INSERT INTO " . TABLE_SETTINGS . " (settings_name, settings_type, settings_subType, settings_value, settings_default, settings_note, settings_show) VALUES(%s, %s, %s, %s, %s, %s, %s)"; $h->db->query($h->db->prepare($sql, $setting, 'Perf', 'Files', 'local', 'local', 'Local/CDN', 1)); } } $newSettings = array('MINIFY_CSS', 'MINIFY_JS'); // add more to array as requird foreach ($newSettings as $setting) { $sql = "SELECT settings_name FROM " . TABLE_SETTINGS . " WHERE settings_name = %s"; $result = $h->db->get_var($h->db->prepare($sql, $setting)); if (!$result) { $sql = "INSERT INTO " . TABLE_SETTINGS . " (settings_name, settings_type, settings_subType, settings_value, settings_default, settings_note, settings_show) VALUES(%s, %s, %s, %s, %s, %s, %s)"; $h->db->query($h->db->prepare($sql, $setting, 'Perf', 'Scripts', 'false', 'false', '', 1)); } } } $sql = "SHOW INDEX FROM " . TABLE_COMMENTS . " WHERE KEY_NAME = %s"; $result = $h->db->get_row($h->db->prepare($sql, 'comment_post_id')); if (!$result) { $sql = "ALTER TABLE `" . TABLE_COMMENTS . "` ADD INDEX (`comment_post_id`)"; $h->db->query($sql); } // Change all tabels to have their updatedts named as just updated_at $tablesChangeNameUpdatedCol = array('blocked' => 'blocked', 'categories' => 'category', 'comments' => 'comment', 'commentvotes' => 'cvote', 'friends' => 'friends', 'posts' => 'post', 'messaging' => 'message', 'miscdata' => 'miscdata', 'plugins' => 'plugin', 'pluginhooks' => 'plugin', 'pluginsettings' => 'plugin', 'postmeta' => 'postmeta', 'postvotes' => 'vote', 'settings' => 'settings', 'tags' => 'tags', 'tempdata' => 'tempdata', 'users' => 'user', 'usermeta' => 'usermeta', 'useractivity' => 'useract', 'widgets' => 'widget'); foreach ($tablesChangeNameUpdatedCol as $table => $col) { $newCol = $col . '_updatedts'; $exists = $h->db->column_exists($table, 'updated_at'); if ($exists) { $sql = "ALTER TABLE " . DB_PREFIX . $table . " CHANGE `updated_at` `" . $newCol . "` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP"; $h->db->query($sql); } } $sql = "UPDATE " . TABLE_SETTINGS . " SET settings_type = 'Mail' WHERE settings_name like 'SMTP%'"; $h->db->query($sql); $sql = "UPDATE " . TABLE_SETTINGS . " SET settings_type = 'Security' WHERE settings_name like 'FTP%' OR settings_name like 'FORUM%'"; $h->db->query($sql); $sql = "UPDATE " . TABLE_SETTINGS . " SET settings_type = 'Perf' WHERE settings_name like '%CACHE%'"; $h->db->query($sql); // REMOVE TOKENS TABLE $exists = $h->db->table_exists('tokens'); if ($exists) { $sql = "DROP TABLE " . DB_PREFIX . 'tokens'; $h->db->query($sql); } $h->messages['Updated from 1.6.6'] = 'green'; } // 1.7.0 to 1.7.1 if (version_compare($old_version, "1.7.1", '<=') > 0) { // this will also cover other versions in between but need an upper limit $setting = 'HOTARU_API_KEY'; $sql = "SELECT settings_name FROM " . TABLE_SETTINGS . " WHERE settings_name = %s"; $result = $h->db->get_var($h->db->prepare($sql, $setting)); if (!$result) { $sql = "INSERT INTO " . TABLE_SETTINGS . " (settings_name, settings_type, settings_subType, settings_value, settings_default, settings_note, settings_show) VALUES(%s, %s, %s, %s, %s, %s, %s)"; $h->db->query($h->db->prepare($sql, $setting, 'Security', '', getGUID(), '', '', 1)); } $setting = 'HOTARUCMS_COM_CONNECTED'; $sql = "SELECT settings_name FROM " . TABLE_SETTINGS . " WHERE settings_name = %s"; $result = $h->db->get_var($h->db->prepare($sql, $setting)); if (!$result) { $sql = "INSERT INTO " . TABLE_SETTINGS . " (settings_name, settings_type, settings_subType, settings_value, settings_default, settings_note, settings_show) VALUES(%s, %s, %s, %s, %s, %s, %s)"; $h->db->query($h->db->prepare($sql, $setting, 'Security', '', 'false', 'false', '', 1)); } // SPAM LOG - spamlog $exists = $h->db->table_exists('spamlog'); if (!$exists) { $sql = "CREATE TABLE `" . DB_PREFIX . "spamlog` (\n `spamlog_id` int(20) NOT NULL AUTO_INCREMENT PRIMARY KEY,\n `spamlog_email` varchar(64) NULL,\n `spamlog_pluginfolder` varchar(64) NULL,\n `spamlog_type` tinyint(1) NOT NULL DEFAULT 0,\n `spamlog_updatedts` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,\n INDEX (`spamlog_pluginfolder`),\n INDEX (`spamlog_type`)\n ) ENGINE=" . DB_ENGINE_INNODB . " DEFAULT CHARSET=" . DB_CHARSET . " COLLATE=" . DB_COLLATE . " COMMENT='SpamLog';"; $h->db->query($sql); } $h->messages['Updated from 1.7.0'] = 'green'; // TODO add column for settings_disabled (default is false) // which indicates whether user can change setting manually on settings page } /* * * Update Hotaru version number to the database (referred to when upgrading) * This is always the final step of the upgrade * */ $sql = "UPDATE " . TABLE_MISCDATA . " SET miscdata_key = %s, miscdata_value = %s, miscdata_default = %s WHERE miscdata_key = %s"; $h->db->query($h->db->prepare($sql, 'hotaru_version', $h->version, $h->version, 'hotaru_version')); }
/** * Admin Pages */ public function pages($h, $page = 'admin_login') { $h->vars['admin_sidebar_layout'] = 'vertical'; $h->sidebars = true; $h->pluginHook('admin_pages'); switch ($page) { case "admin_login": $h->sidebars = false; $h->adminLoginLogout('login'); break; case "admin_logout": $h->adminLoginLogout('logout'); break; case "admin_news": echo $h->adminNews(10, 3, 300); die; case "systeminfo_feedback": $sysInfo = SystemInfo::instance(); $sysInfo->hotaru_feedback($h); die; case "admin_account": $h->vars['admin_account'] = $this->adminAccount($h); break; case "settings": $h->vars['admin_settings'] = $this->settings($h); break; case "maintenance": $this->maintenanceAction($h); $h->vars['admin_plugin_settings'] = $this->listPluginSettings($h); $h->vars['admin_plugin_tables'] = $this->listDbTables($h, true); break; case "blocked": $h->vars['admin_blocked_list'] = $this->blocked($h); break; case "pages_management": $h->vars['admin_pages_array'] = $this->getPages($h); break; case "pages_management_edit": $h->vars['admin_edit_page'] = $h->cage->get->testAlnumLines('filename'); break; case "plugin_management": $h->vars['admin_settings'] = $this->settings($h); $this->adminPlugins($h); break; case "plugin_management_beta_search": break; case "theme_management": break; case "spam_management": break; case "ajax_stats": $this->ajaxStats($h); die; break; case "stats_users": break; case "media": $h->vars['media_folder'] = $h->cage->get->testAlnumLines('folder'); break; case "ajax_loginforum": $ch = $h->loginForum(FORUM_USERNAME, FORUM_PASSWORD); $statusCode = curl_getinfo($ch, CURLINFO_HTTP_CODE); if ($statusCode == 303) { $error = false; $message = 'Success'; } else { $error = true; $message = 'Password Failed'; } print json_encode(array('error' => $error, 'message' => $message)); die; case "ajax_getHotaruApiKey": // call api on api.hotarucms.org with site details $newApiKey = getGUID(); \Hotaru\Models2\Setting::makeUpdate($h, 'HOTARU_API_KEY', $newApiKey); $error = false; $message = "API Key Reset"; print json_encode(array('error' => $error, 'message' => $message, 'apiKey' => $newApiKey)); die; case "plugin_search": $h->vars['admin_sidebar_layout'] = 'horizontal'; //$this->adminPluginSearch($h); break; case "plugin_settings": $h->vars['settings_plugin'] = $h->cage->get->testAlnumLines('plugin'); // get plugin name from url if (!$h->vars['settings_plugin']) { $h->vars['settings_plugin'] = $h->cage->post->testAlnumLines('plugin'); // get plugin name from form } $h->vars['plugin_settings_csrf_error'] = ''; if ($h->cage->post->testAlpha('submitted') == 'true') { $h->vars['plugin_settings_csrf_error'] = !$h->csrf() ? true : false; } $alt_template = $h->cage->get->testPage('alt_template'); if ($alt_template) { $h->template($alt_template, $h->vars['settings_plugin']); exit; } break; case "theme_settings": $h->vars['settings_theme'] = $h->cage->get->testAlnumLines('theme'); // get plugin name from url if (!$h->vars['settings_theme']) { $h->vars['settings_theme'] = $h->cage->post->testAlnumLines('theme'); // get plugin name from form } $h->vars['theme_settings_csrf_error'] = ''; if ($h->cage->post->testAlpha('submitted') == 'true') { $h->vars['theme_settings_csrf_error'] = !$h->csrf() ? true : false; } break; default: // we need this because it's not specified in the url: $h->pageName = 'admin_home'; break; } // Display the main theme's index.php template $h->template('admin_index'); }
//rowkey를 위해 guid 생성 function getGUID() { if (function_exists('com_create_guid')) { return com_create_guid(); } else { mt_srand((double) microtime() * 10000); //optional for php 4.2.0 and up. $charid = strtoupper(md5(uniqid(rand(), true))); $hyphen = chr(45); // "-" $uuid = chr(123) . substr($charid, 0, 8) . $hyphen . substr($charid, 8, 4) . $hyphen . substr($charid, 12, 4) . $hyphen . substr($charid, 16, 4) . $hyphen . substr($charid, 20, 12) . chr(125); // "}" return $uuid; } } $dwguid = getGUID(); //guid 처리 $entity = new Entity(); $entity->setPartitionKey("VSTechUp"); $entity->setRowKey($dwguid); $entity->addProperty("Description", null, "VS가 쵝오에요~"); $entity->addProperty("DueDate", EdmType::DATETIME, new DateTime("2015-11-14T08:15:00-08:00")); $entity->addProperty("Location", EdmType::STRING, "광화문"); try { $tableRestProxy->insertEntity("phptable", $entity); //테이블명 } catch (ServiceException $e) { $code = $e->getCode(); $error_message = $e->getMessage(); }
function getPhysicalDevices() { $physical_devices_request = "<BaseRequest xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\" xsi:type=\"GetAllPhysicalDeviceStatesRequest\" Version=\"1.70\" RequestId=\"" . $this->uuid . "\" SessionId=\"" . $this->session_id . "\" />"; $request = Request::post('https://' . $this->host . '/cmd')->body($physical_devices_request); $request->addHeader('clientId', getGUID()); $request->sendsType('text/xml'); $response = $request->send(); error_log($response->raw_body); }
// обрабатываем пачками, чтобы не перегрузить сервер $sql = "update Emails_Notify " . "set InProcess = 1 " . "order by CreateDate " . "limit 100;"; GetMainConnection()->exec($sql); // создаем задания на рассылку по списку рассылки (только для акти) $sql = "insert into Emails_ToSend(RecordGUID, CreateDate, Priority, FromEmail, FromName, ToEmail, Subject, Body) " . "select UUID(), N.CreateDate, 120, '*****@*****.**', 'Карапуз', NR.Email, N.Subject, N.Body " . "from Emails_Notify as N " . "left outer join Emails_NotifyRecipients as NR on ((N.DocumentType = NR.DocumentType) and (N.DocumentID = NR.DocumentID)) " . "where (N.InProcess = 1) " . "and (lower(N.OwnerEmail) <> lower(NR.Email)) " . "and (coalesce(NR.Email, '') <> '');"; GetMainConnection()->exec($sql); // удаление обработанной пачки записей из Emails_Notify $sql = "delete from Emails_Notify where InProcess = 1;"; GetMainConnection()->exec($sql); usleep(50); // in msec } } $vContinueProcessing = true; while ($vContinueProcessing) { $vProcessingGUID = getGUID(); $sql = "update Emails_ToSend " . "set ProcessingDate = '" . GetLocalDateTimeAsSQLStr() . "', " . "ProcessingGUID = '{$vProcessingGUID}', " . "CountAttempts = CountAttempts+1 " . "where ((ProcessingGUID is null) or ((ProcessingDate is not null) and (ProcessingDate < '" . GetLocalDateTime()->modify('-5 minutes')->format('Y-m-d H:i:s') . "'))) " . "and (CountAttempts < 3) " . "order by Priority, CreateDate " . "limit 1;"; GetMainConnection()->exec($sql); $sql = "select RecordGUID, CreateDate, CountAttempts, FromEmail, FromName, ToEmail, ToName, CopyToEmail, BlindCopyToEmail, Subject, Body, UseTemplate " . "from Emails_ToSend " . "where (ProcessingGUID = '{$vProcessingGUID}') " . "limit 1;"; $rec = GetMainConnection()->query($sql)->fetch(); if (empty($rec['RecordGUID'])) { $vContinueProcessing = false; } else { if (!isset($mail)) { $mail = new PHPMailer(); $mail->setLanguage('ru'); $mail->CharSet = 'utf-8'; //$mail->SMTPDebug = 3; // Enable verbose debug output $mail->isSMTP(); // Set mailer to use SMTP //$mail->Timeout = 10;
?> </tbody> </table> </div> </div> <div class="tab-pane" id="condensed"> <div class="box-content"> <form action="index.php?page=addbeacon&mID=<?php echo $_REQUEST['mID']; ?> " class='validate form-horizontal' method="post" name="addbeacon" enctype="multipart/form-data"> <div class="control-group"> <label for="title" class="control-label">UUID</label> <div class="controls"> <input type="text" name="uuid" value="<?php echo getGUID(); ?> " class='{required:true} span8'> </div> </div> <div class="control-group"> <label for="title" class="control-label">Offer</label> <div class="controls"> <select name='offer_id' class='span8'> <option value='0'> </option> <?php $sql = "SELECT offer.id, offer.title FROM offer LEFT JOIN beacon ON offer.id = beacon.`offer_id` WHERE beacon.id IS NULL AND offer.`merchant_id` = {$_REQUEST['mID']}"; $res = mysql_query($sql); while ($row = mysql_fetch_assoc($res)) { printf("<option value='%s'>%s</option>", $row['id'], $row['title']); }