public function getTransferById($transferId)
{
$sql = "select * from transfer where id=" . $transferId;
$db = new Database();
$db->connect();
$transfer = $db->query_first($sql);
$db->close();
return $transfer;
}
public function getEventById($id)
{
$sql = "select * from event where id='{$id}'";
$db = new Database();
$db->connect();
$eventInfo = $db->query_first($sql);
$db->close();
return $eventInfo;
}
public function getNameById($id)
{
$sql = "select name from centre where id='{$id}'";
$db = new Database();
$db->connect();
$name = $db->query_first($sql);
$db->close();
return $name['name'];
}
public function getSession($token)
{
$database = new Database();
if ($data = $database->query_first("SELECT * FROM sessions where token = '{$token}' ")) {
$session = json_decode($data['data']);
return $session;
} else {
return null;
}
}
public function find_one($conditions)
{
$where = "where 1=1";
foreach ($conditions as $key => $value) {
$where .= " and {$key}=" . (is_numeric($value) ? $value : "'{$value}' ");
}
$db = new Database();
$db->connect();
$obj = $db->query_first("select * from " . $this->table_name_full . " {$where}");
$db->close();
return new response(array('body' => $obj));
}
$_SESSION['views'] = 1;
require "dbase/config.inc.php";
require "dbase/Database.class.php";
$db = new Database(DB_SERVER, DB_USER, DB_PASS, DB_DATABASE);
$db->connect();
$email = $_POST["email"];
$password = $_POST["password"];
//If a parent login
$parent = "SELECT * FROM tblparents WHERE email = '{$email}' AND password = '******'";
//If a tutor login
$tutor = "SELECT * FROM tbltutor WHERE email = '{$email}' AND password = '******'";
$parent_query = $db->query($parent);
$tutor_query = $db->query($tutor);
if ($record = $db->fetch_array($parent_query)) {
$user_id = "SELECT id FROM tblparents WHERE email = '{$email}' AND password = '******'";
$record = $db->query_first($user_id);
$id = $record['id'];
if (isset($_SESSION['views'])) {
$_SESSION['views'] = $_SESSION['views'] + 1;
$_SESSION['type'] = "p";
$_SESSION['id'] = $id;
$_SESSION['log'] = true;
} else {
$_SESSION['views'] = 1;
}
header("Location:index.php");
} elseif ($record = $db->fetch_array($tutor_query)) {
$user_id = "SELECT id FROM tbltutor WHERE email = '{$email}' AND password = '******'";
$record = $db->query_first($user_id);
$id = $record['id'];
if (isset($_SESSION['views'])) {
} else {
$this_folder = "";
}
$texte .= '<tr><td><input type=\'checkbox\' class=\'cb_deleted_item\' value=\'' . $reccord['id'] . '\' id=\'item_deleted_' . $reccord['id'] . '\' /> <b>' . $reccord['label'] . '</b></td><td width=\\"100px\\" align=\\"center\\">' . date($_SESSION['settings']['date_format'], $reccord['date']) . '</td><td width=\\"70px\\" align=\\"center\\">' . $reccord['login'] . '</td>' . $this_folder . '</tr>';
}
echo '[{"text":"' . $texte . '</table><div style=\'margin-left:5px;\'><input type=\'checkbox\' id=\'item_deleted_select_all\' /> <img src=\\"includes/images/arrow-repeat.png\\" title=\\"' . $txt['restore'] . '\\" style=\\"cursor:pointer;\\" onclick=\\"restoreDeletedItems()\\"> <img src=\\"includes/images/bin_empty.png\\" title=\\"' . $txt['delete'] . '\\" style=\\"cursor:pointer;\\" onclick=\\"reallyDeleteItems()\\"></div>"}]';
break;
#----------------------------------
#CASE admin want to restaure a list of deleted items
#----------------------------------
#CASE admin want to restaure a list of deleted items
case "restore_deleted__items":
//restore FOLDERS
if (count($_POST['list_f']) > 0) {
foreach (explode(';', $_POST['list_f']) as $id) {
$data = $db->query_first("\r\n\t\t\t\t\tSELECT valeur\r\n\t\t FROM " . $pre . "misc\r\n\t\t WHERE type = 'folder_deleted'\r\n\t\t AND intitule = '" . $id . "'");
if ($data['valeur'] != 0) {
$folder_data = explode(',', $data['valeur']);
//insert deleted folder
$db->query_insert('nested_tree', array('id' => $folder_data[0], 'parent_id' => $folder_data[1], 'title' => $folder_data[2], 'nleft' => $folder_data[3], 'nright' => $folder_data[4], 'nlevel' => $folder_data[5], 'bloquer_creation' => $folder_data[6], 'bloquer_modification' => $folder_data[7], 'personal_folder' => $folder_data[8], 'renewal_period' => $folder_data[9]));
//delete log
$db->query("DELETE FROM " . $pre . "misc WHERE type = 'folder_deleted' AND intitule= '" . $id . "'");
}
}
}
//restore ITEMS
if (count($_POST['list_i']) > 0) {
foreach (explode(';', $_POST['list_i']) as $id) {
$db->query_update("items", array('inactif' => '0'), 'id = ' . $id);
//log
$db->query("INSERT INTO " . $pre . "log_items VALUES ('" . $id . "','" . mktime(date('H'), date('i'), date('s'), date('m'), date('d'), date('y')) . "','" . $_SESSION['user_id'] . "','at_restored','')");
$return_values = array();
//decrypt and retreive data in JSON format
require_once '../includes/libraries/crypt/aes.class.php';
// AES PHP implementation
require_once '../includes/libraries/crypt/aesctr.class.php';
// AES Counter Mode implementation
$data_received = json_decode(AesCtr::decrypt($_POST['data'], $_SESSION['key'], 256), true);
if (count($data_received) > 0) {
//Prepare variables
$label = htmlspecialchars_decode($data_received['label']);
$url = htmlspecialchars_decode($data_received['url']);
$pw = $original_pw = htmlspecialchars_decode($data_received['pw']);
$login = htmlspecialchars_decode($data_received['login']);
$tags = htmlspecialchars_decode($data_received['tags']);
//Get existing values
$data = $db->query_first("\r\n\t\t\t\t\tSELECT *\r\n\t\t\t\t\tFROM " . $pre . "items\r\n\t\t\t\t\tWHERE id=" . $data_received['id']);
//Manage salt key
if ($data['perso'] != 1) {
//Get orginal key
$original_key = $db->query_first("\r\n\t\t\t\t\t\tSELECT `rand_key`\r\n\t\t\t\t\t\tFROM `" . $pre . "keys`\r\n\t\t\t\t\t\tWHERE `table` LIKE 'items' AND `id`=" . $data_received['id']);
$pw = $original_key['rand_key'] . $pw;
}
//encrypt PW
if ($data_received['salt_key_set'] == 1 && isset($data_received['salt_key_set']) && $data_received['is_pf'] == 1 && isset($data_received['is_pf'])) {
$pw = encrypt($pw, mysql_real_escape_string(stripslashes($_SESSION['my_sk'])));
$resticted_to = $_SESSION['user_id'];
} else {
$pw = encrypt($pw);
}
//---Manage tags
//deleting existing tags for this item
***************************************************************/
/* Designed & Developed by
/* - Shiburaj Pappu
/* ************ S.P.I.T *************************************
/* ********** M.E (EXTC) Sem-II *****************************
*/
include_once 'Database.class.php';
define("MSCTBL", "msc");
$db = new Database('localhost', 'root', 'trdc123', 'mscsim');
//connect to the server
$db->connect();
if ($_GET['action'] == 'register' && !empty($_POST['MSISDN']) && !empty($_POST['IMSI'])) {
$preMSISDN = $_POST['MSISDN'][0] . $_POST['MSISDN'][1] . $_POST['MSISDN'][2] . $_POST['MSISDN'][3];
$data['TMSI'] = "91" . $preMSISDN . rand('199999', '999999');
$sql = "SELECT * FROM " . MSCTBL . " WHERE `MSISDN` = '" . $_POST['MSISDN'] . "'";
$row = $db->query_first($sql);
if (empty($row)) {
$error_dat['status'] = "error";
$error_dat['reason'] = "Registration Failed...";
} else {
$db->query_update(MSCTBL, $data, " `MSISDN` = '" . $_POST['MSISDN'] . "' ");
$error_dat['regdata'] = $row;
$error_dat['regdata']['TMSI'] = $data['TMSI'];
$error_dat['status'] = "success";
$error_dat['reason'] = "Registration Complete...";
}
sleep(3);
echo json_encode($error_dat);
} elseif ($_GET['action'] == 'makesim' && !empty($_POST['MSISDN'])) {
$preMSISDN = $_POST['MSISDN'][0] . $_POST['MSISDN'][1] . $_POST['MSISDN'][2] . $_POST['MSISDN'][3];
$data['IMSI'] = "91" . $preMSISDN . rand('199999', '999999');
<div class="row">
<div class="col-md-12">
<div class="widget-box">
<div class="widget-title">
<h2><i class="glyphicon glyphicon-book"></i>Library:</h2>
</div>
<div class="widget-container table-responsive">
<div class="content noPad clearfix">
<p class="text-center">Welcome
<?php
if ($sessionType == 'p') {
$parentUsername = "******";
$record = $db->query_first($parentUsername);
echo $record['fname'].",";
}else{
$studentUsername = "******";
$record = $db->query_first($studentUsername);
echo $record['fname'].",";
}
?>
to the Resources page, just click the name of the resource title to know more.
</p>
<table class="responsive dynamicTable display table table-hover table-bordered">
<thead>
<tr>
$request_body = file_get_contents('php://input');
$_POST = json_decode($request_body, true);
$user_token = null;
if (isset($_POST['user_token'])) {
$user_token = $_POST['user_token'];
}
$app_privacy = "public";
if (isset($_POST['privacy'])) {
$app_privacy = $_POST['privacy'];
}
$token = $_POST["token"];
$name = $_POST["name"];
$state = $_POST["state"];
$version = $_POST["version"];
$db->connect();
$app = $db->query_first("SELECT * FROM app_tokens WHERE token = '{$token}'");
if ($app) {
$db->query_update("apps", array("state" => $state), "id = " . $app["appid"]);
$response = array("success" => "true", "results" => array(array("id" => $app["appid"], "token" => $token)));
echo json_encode($response);
} else {
$touch_lib = $db->query_first("SELECT version FROM touch_libs ORDER BY version DESC");
$app_id = $db->query_insert("apps", array("name" => $name, "state" => $state, "version" => $touch_lib['version']));
if (!$app_id) {
$error = array("success" => "false", "message" => "Internal server error.");
echo json_encode($error);
} else {
$token = "";
do {
$token = getRandomCode(5);
$tokened = $db->query_insert("app_tokens", array("token" => $token, "appid" => $app_id, "lastused" => "CURRENT_TIMESTAMP"));
<?php
/*
* Created on Jan 12, 2010
*
*/
session_start();
if (!isset($_SESSION['auth_name'])) {
if (isset($_POST['OK'])) {
$DB = new Database(DB_HOST, DB_USER, DB_PASS, DB_DATABASE);
$DB->connect();
$login = $_POST['login'];
$password = $_POST['password'];
$result = $DB->query_first("SELECT * FROM users WHERE login='******' AND password='******'");
$_SESSION['auth_username'] = $result['id'];
$_SESSION['auth_user'] = $result['login'];
$_SESSION['auth_name'] = $result['name'];
$_SESSION['auth_surname'] = $result['surname'];
$DB->close();
exit;
header("Location: http://" . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']);
} else {
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<meta name="title" content="<?php
echo SITE_NAME;
?>
" />
}
if (!empty($data['groupes_visibles'])) {
$_SESSION['groupes_visibles'] = @implode(';', $data['groupes_visibles']);
} else {
$_SESSION['groupes_visibles'] = array();
}
if (!empty($data['groupes_interdits'])) {
$_SESSION['groupes_interdits'] = @implode(';', $data['groupes_interdits']);
} else {
$_SESSION['groupes_interdits'] = array();
}
$_SESSION['fonction_id'] = $data['fonction_id'];
//build array of roles
$_SESSION['arr_roles'] = array();
foreach (array_filter(explode(';', $_SESSION['fonction_id'])) as $role) {
$res_roles = $db->query_first("SELECT title FROM " . $pre . "roles_title WHERE id = " . $role);
$_SESSION['arr_roles'][$role] = array('id' => $role, 'title' => $res_roles['title']);
}
$_SESSION['user']['find_cookie'] = false;
$_SESSION['settings']['update_needed'] = "";
// Update table
$db->query_update("users", array('key_tempo' => $_SESSION['cle_session'], 'last_connexion' => mktime(date("h"), date("i"), date("s"), date("m"), date("d"), date("Y")), 'disabled' => 0, 'no_bad_attempts' => 0), "id=" . $data['id']);
//récupérer les droits de l'utilisateur
IdentificationDesDroits($data['groupes_visibles'], $_SESSION['groupes_interdits'], $data['admin'], $data['fonction_id'], false);
//Get some more elements
$_SESSION['hauteur_ecran'] = $_POST['hauteur_ecran'];
//Get last seen items
$_SESSION['latest_items_tab'][] = "";
foreach ($_SESSION['latest_items'] as $item) {
if (!empty($item)) {
$data = $db->query_first("SELECT label,id_tree FROM " . $pre . "items WHERE id = " . $item);
$sqlLearningCategoryResult = "select GROUP_CONCAT(A.learning SEPARATOR ',') as 'learning_category_results' from (
Select concat(D.learning_categories_id,' - ',round(sum(if(A.status='correct',1,0))/count(A.question_id)*100,2),'%') as 'learning' from tbltemporarygenexam as A left outer join tblquestions as B on A.`question_id`=B.id left outer join tblminoroutcome as C on B.minor_outcome_id=C.id left outer join tblmajoroutcome as D on C.major_outcome_id=D.id where A.student_id='$studenId' and A.assessment_type_id='$assType' and question_type='primary' group by D.`learning_categories_id`) as A";
$row = $db->query($sqlLearningCategoryResult);
$result = $db->fetch_array($row);
$data["learning_category_results"] =$result['learning_category_results'];
$majorResult = explode(",", $data["major_outcome_results"]);
//Check if the student has supplementary already
$sqlLookSupp = "Select * from tbltemporarygenexam where student_id='$studenId' and question_type='supplementary' and assessment_type_id='$assType' limit 1";
$rowHasSupp = $db->query_first($sqlLookSupp);
//echo "-----".$rowHasSupp["question_type"];
$json = array();
$isCalculateSupp = true;
if($rowHasSupp["question_type"] == "")
{
for($i = 0; $i < count($majorResult); $i++)
{
$arrExpMajorResult = explode(" - ", $majorResult[$i]);
//echo "Major Result Cat".$arrExpMajorResult[0];
if($arrExpMajorResult[1] < 50){
/**
* IdentifyUserRights()
*
* @return
*/
function IdentifyUserRights($groupes_visibles_user, $groupes_interdits_user, $is_admin, $id_fonctions, $refresh)
{
global $server, $user, $pass, $database, $pre;
//include librairies
require_once "NestedTree.class.php";
require_once "class.database.php";
$db = new Database($server, $user, $pass, $database, $pre);
$db->connect();
//Check if user is ADMINISTRATOR
if ($is_admin == 1) {
$groupes_visibles = array();
$_SESSION['groupes_visibles'] = array();
$_SESSION['groupes_interdits'] = array();
$_SESSION['personal_visible_groups'] = array();
$_SESSION['groupes_visibles_list'] = "";
$rows = $db->fetch_all_array("SELECT id FROM " . $pre . "nested_tree WHERE personal_folder = '0'");
foreach ($rows as $record) {
array_push($groupes_visibles, $record['id']);
}
$_SESSION['groupes_visibles'] = $groupes_visibles;
$_SESSION['all_non_personal_folders'] = $groupes_visibles;
//Exclude all PF
$_SESSION['forbiden_pfs'] = array();
$sql = "SELECT id FROM " . $pre . "nested_tree WHERE personal_folder = 1";
if (isset($_SESSION['settings']['enable_pf_feature']) && $_SESSION['settings']['enable_pf_feature'] == 1) {
$sql .= " AND title != '" . $_SESSION['user_id'] . "'";
}
//Get ID of personal folder
$pf = $db->fetch_row("SELECT id FROM " . $pre . "nested_tree WHERE title = '" . $_SESSION['user_id'] . "'");
if (!empty($pf[0])) {
if (!in_array($pf[0], $_SESSION['groupes_visibles'])) {
array_push($_SESSION['groupes_visibles'], $pf[0]);
array_push($_SESSION['personal_visible_groups'], $pf[0]);
//get all descendants
$tree = new NestedTree($pre . 'nested_tree', 'id', 'parent_id', 'title', 'personal_folder');
$tree->rebuild();
$tst = $tree->getDescendants($pf[0]);
foreach ($tst as $t) {
array_push($_SESSION['groupes_visibles'], $t->id);
array_push($_SESSION['personal_visible_groups'], $t->id);
}
}
}
$_SESSION['groupes_visibles_list'] = implode(',', $_SESSION['groupes_visibles']);
$_SESSION['is_admin'] = $is_admin;
//Check if admin has creating Folders and Roles
$ret = $db->fetch_row("SELECT COUNT(*) FROM " . $pre . "nested_tree");
$_SESSION['nb_folders'] = $ret[0];
$ret = $db->fetch_row("SELECT COUNT(*) FROM " . $pre . "roles_title");
$_SESSION['nb_roles'] = $ret[0];
} else {
//init
$_SESSION['groupes_visibles'] = array();
$_SESSION['groupes_interdits'] = array();
$_SESSION['personal_visible_groups'] = array();
$groupes_visibles = array();
$groupes_interdits = array();
$groupes_interdits_user = explode(';', TrimElement($groupes_interdits_user, ";"));
if (!empty($groupes_interdits_user) && count($groupes_interdits_user) > 0) {
$groupes_interdits = $groupes_interdits_user;
}
$_SESSION['is_admin'] = $is_admin;
$fonctions_associees = explode(';', TrimElement($id_fonctions, ";"));
$new_liste_gp_visibles = array();
$liste_gp_interdits = array();
$list_allowed_folders = $list_forbiden_folders = $list_folders_limited = $list_folders_editable_by_role = array();
//build Tree
require_once "NestedTree.class.php";
$tree = new NestedTree($pre . 'nested_tree', 'id', 'parent_id', 'title');
//rechercher tous les groupes visibles en fonction des roles de l'utilisateur
foreach ($fonctions_associees as $role_id) {
if (!empty($role_id)) {
//Get allowed folders for each Role
$rows = $db->fetch_all_array("\r\n\t\t\t\t\tSELECT folder_id\r\n\t\t\t\t\tFROM " . $pre . "roles_values\r\n\t\t\t\t\tWHERE role_id=" . $role_id);
if (count($rows) > 0) {
foreach ($rows as $reccord) {
if (isset($reccord['folder_id']) && !in_array($reccord['folder_id'], $list_allowed_folders)) {
array_push($list_allowed_folders, $reccord['folder_id']);
}
//Check if this group is allowed to modify any pw in allowed folders
$tmp = $db->query_first("\r\n \t\t\t\tSELECT allow_pw_change\r\n\t\t \t\tFROM " . $pre . "roles_title\r\n\t\t \t\tWHERE id = " . $role_id);
if ($tmp['allow_pw_change'] == 1 && !in_array($tmp['allow_pw_change'], $list_folders_editable_by_role)) {
array_push($list_folders_editable_by_role, $reccord['folder_id']);
}
}
//Check for the users roles if some specific rights exist on items
$rows = $db->fetch_all_array("\r\n\t\t\t\t\t\tSELECT i.id_tree, r.item_id\r\n\t\t\t\t\t\tFROM " . $pre . "items AS i\r\n\t\t\t\t\t\tINNER JOIN " . $pre . "restriction_to_roles AS r ON (r.item_id=i.id)\r\n\t\t\t\t\t\tWHERE r.role_id=" . $role_id . "\r\n\t\t\t\t\t\tORDER BY i.id_tree ASC\r\n\t\t\t\t\t");
$x = 0;
foreach ($rows as $reccord) {
if (isset($reccord['id_tree'])) {
$list_folders_limited[$reccord['id_tree']][$x] = $reccord['item_id'];
$x++;
}
}
}
}
}
// => Build final lists
//Clean arrays
$allowed_folders_tmp = array();
$list_allowed_folders = array_unique($list_allowed_folders);
//Add user allowed folders
$allowed_folders_tmp = array_unique(array_merge($list_allowed_folders, explode(';', TrimElement($groupes_visibles_user, ";"))));
//Exclude from allowed folders all the specific user forbidden folders
$allowed_folders = array();
foreach ($allowed_folders_tmp as $id) {
if (!in_array($id, $groupes_interdits_user)) {
array_push($allowed_folders, $id);
}
}
//Clean array
$list_allowed_folders = array_filter(array_unique(array_merge($list_allowed_folders, $allowed_folders)));
//Exclude all PF
$_SESSION['forbiden_pfs'] = array();
$sql = "SELECT id FROM " . $pre . "nested_tree WHERE personal_folder = 1";
if (isset($_SESSION['settings']['enable_pf_feature']) && $_SESSION['settings']['enable_pf_feature'] == 1 && isset($_SESSION['personal_folder']) && $_SESSION['personal_folder'] == 1) {
$sql .= " AND title != '" . $_SESSION['user_id'] . "'";
}
$pfs = $db->fetch_all_array($sql);
foreach ($pfs as $pf_id) {
array_push($_SESSION['forbiden_pfs'], $pf_id['id']);
}
//Get ID of personal folder
if (isset($_SESSION['settings']['enable_pf_feature']) && $_SESSION['settings']['enable_pf_feature'] == 1 && isset($_SESSION['personal_folder']) && $_SESSION['personal_folder'] == 1) {
$pf = $db->fetch_row("SELECT id FROM " . $pre . "nested_tree WHERE title = '" . $_SESSION['user_id'] . "'");
if (!empty($pf[0])) {
if (!in_array($pf[0], $list_allowed_folders)) {
//get all descendants
$ids = $tree->getDescendants($pf[0], true);
foreach ($ids as $id) {
array_push($list_allowed_folders, $id->id);
array_push($_SESSION['personal_visible_groups'], $id->id);
}
}
}
}
$_SESSION['groupes_visibles'] = $list_allowed_folders;
$_SESSION['groupes_visibles_list'] = implode(',', $list_allowed_folders);
$_SESSION['list_folders_limited'] = $list_folders_limited;
$_SESSION['list_folders_editable_by_role'] = $list_folders_editable_by_role;
}
}
//Refresh page
echo '$("#random_id").val("");';
echo 'window.location.href = "index.php?page=items&group=' . $_POST['categorie'] . '&id=' . $new_id . '";';
}
break;
#############
### CASE ####
### update an ITEM
#############
### CASE ####
### update an ITEM
case "update_item":
//init
$reload_page = false;
//Get existing values
$data = $db->query_first("SELECT * FROM " . $pre . "items WHERE id=" . $_POST['id']);
/*
//decrypt
require_once '../includes/libraries/crypt/aes.class.php'; // AES PHP implementation
require_once '../includes/libraries/crypt/aesctr.class.php'; // AES Counter Mode implementation
$pw = urldecode(AesCtr::decrypt($_POST['pw'], $_SESSION['cle_session'], 256));
$login = urldecode(AesCtr::decrypt($_POST['login'], $_SESSION['cle_session'], 256));
$label = urldecode(AesCtr::decrypt($_POST['label'], $_SESSION['cle_session'], 256));
*/
$pw = string_utf8_decode($_POST['pw']);
$resticted_to = $_POST['restricted_to'];
//encrypt PW
if ($_POST['salt_key_set'] == 1 && isset($_POST['salt_key_set']) && $_POST['if_pf'] == 1 && isset($_POST['if_pf'])) {
$pw = encrypt($pw, mysql_real_escape_string(stripslashes($_SESSION['my_sk'])));
$resticted_to = $_SESSION['user_id'];
} else {
$_SESSION['groupes_visibles'] = @implode(';', $data['groupes_visibles']);
} else {
$_SESSION['groupes_visibles'] = array();
}
if (!empty($data['groupes_interdits'])) {
$_SESSION['groupes_interdits'] = @implode(';', $data['groupes_interdits']);
} else {
$_SESSION['groupes_interdits'] = array();
}
//User's roles
$_SESSION['fonction_id'] = $data['fonction_id'];
$_SESSION['user_roles'] = explode(";", $data['fonction_id']);
//build array of roles
$_SESSION['arr_roles'] = array();
foreach (array_filter(explode(';', $_SESSION['fonction_id'])) as $role) {
$res_roles = $db->query_first("SELECT title FROM " . $pre . "roles_title WHERE id = " . $role);
$_SESSION['arr_roles'][$role] = array('id' => $role, 'title' => $res_roles['title']);
}
//build complete array of roles
$_SESSION['arr_roles_full'] = array();
$rows = $db->fetch_all_array("\r\n\t\t\t\t\t\t\t\tSELECT id, title\r\n\t\t\t\t\t\t\t\tFROM " . $pre . "roles_title A\r\n\t\t\t\t\t\t\t\tORDER BY title ASC");
foreach ($rows as $reccord) {
$_SESSION['arr_roles_full'][$reccord['id']] = array('id' => $reccord['id'], 'title' => $reccord['title']);
}
//Set some settings
$_SESSION['user']['find_cookie'] = false;
$_SESSION['settings']['update_needed'] = "";
// Update table
$db->query_update("users", array('key_tempo' => $_SESSION['key'], 'last_connexion' => mktime(date("h"), date("i"), date("s"), date("m"), date("d"), date("Y")), 'timestamp' => mktime(date("h"), date("i"), date("s"), date("m"), date("d"), date("Y")), 'disabled' => 0, 'no_bad_attempts' => 0), "id=" . $data['id']);
//Get user's rights
IdentifyUserRights($data['groupes_visibles'], $_SESSION['groupes_interdits'], $data['admin'], $data['fonction_id'], false);
require "common/config.inc.php";
require "common/Database.php";
require "common/utility.php";
$db = new Database(DB_SERVER, DB_USER, DB_PASS, DB_DATABASE);
if (strlen($app_token) <= 0) {
echo '<html>';
echo '<body>';
echo 'App token is required.';
echo '</body>';
echo '</html>';
exit(0);
}
$app = null;
$app_files = null;
$db->connect();
$tokens = $db->query_first("SELECT appid FROM app_tokens WHERE token = '{$app_token}'");
if ($tokens && isset($tokens["appid"])) {
$app_id = $tokens["appid"];
$user_app = $db->fetch_all_array("SELECT * FROM user_app WHERE privacy = 'private' AND appid = {$app_id}");
if ($user_app && count($user_app)) {
if (!$user_token) {
// not authorized error
$error = array("senchafiddle" => array("error" => "Unauthorized access. User token is required."));
echo json_encode($error);
$db->close();
exit(0);
}
//take uid from token
$user = $db->query_first("SELECT uid FROM user_tokens WHERE token = '{$user_token}'");
if (!$user || !isset($user["uid"])) {
// not authorized error
//Get Correct Answer
$cntCorrectAnswer = strlen($json["correct_answer"]) ? count(explode(',', $json["correct_answer"])) : 0;
$cntsupplementary_correct = strlen($json["supplementary_correct"]) ? count(explode(',', $json["supplementary_correct"])) : 0;
$totalCorrect = $cntsupplementary_correct + $cntsupplementary_correct;
//$cntInCorrectAnswer = count(explode(",", $json["incorrect_answer"]));
$cntQuestion_id = strlen($json["question_id"]) ? count(explode(',', $json["question_id"])) : 0;
$cntSupplementary_question_id = strlen($json["supplementary_question_id"]) ? count(explode(',', $json["supplementary_question_id"])) : 0;
$totalQuestions = $cntQuestion_id;
$primaryScore = $cntCorrectAnswer . " / " . $totalQuestions;
$supplementaryScore = $cntsupplementary_correct . " / " . $cntSupplementary_question_id;
$arrLearningCategory = explode(",", $json["learning_category_results"]);
$learningCat = "";
for ($i = 0; $i < count($arrLearningCategory); $i++) {
$arrLearnResult = explode(" - ", $arrLearningCategory[$i]);
$sql = "Select * from tbllearningcategories as A left outer join tbllearningtopics as B on A.learning_topic_id=B.id where A.id='" . $arrLearnResult[0] . "'";
$rows = $db->query_first($sql);
$learningCat .= "<h3> " . $rows["name"] . " - " . $arrLearnResult[1] . "</h3>";
}
$arrMajorOutcome = explode(",", $json["major_outcome_results"]);
$arrmajor_outcome_supplementary = explode(",", $json["major_outcome_supplementary"]);
function findMatchSupplementary($MajorResult)
{
$suppResult = "0%";
for ($i = 0; $i < count($arrmajor_outcome_supplementary); $i++) {
$arrmajor_outcome_supplementaryResult = explode(" - ", $arrmajor_outcome_supplementary[$i]);
if ($MajorResult == $arrmajor_outcome_supplementaryResult[0]) {
$suppResult = ${$arrmajor_outcome_supplementaryResult}[1];
}
}
return $suppResult;
}
header('Cache-Control: no-cache, must-revalidate');
header('Content-type: application/json');
$user_token = null;
if (isset($_GET['user_token'])) {
$user_token = $_GET['user_token'];
}
if (!isset($_GET['app_token'])) {
$response = array("success" => "false", "message" => "App token is required.");
echo json_encode($response);
exit(0);
}
$app_token = $_GET['app_token'];
$app = null;
$app_files = null;
$db->connect();
$tokens = $db->query_first("SELECT appid FROM app_tokens WHERE token = '{$app_token}'");
if ($tokens && isset($tokens["appid"])) {
$app_id = $tokens["appid"];
$user_app = $app = $db->query("SELECT COUNT(*) AS total FROM user_app WHERE privacy = 'private' AND appid = {$app_id}");
if ($user_app && $user_app["total"]) {
if (!$user_token) {
// not authorized error
$error = array("success" => "false", "message" => "Unauthorized access. User token is required.");
echo json_encode($error);
exit(0);
}
//take uid from token
$user = $db->query_first("SELECT uid FROM user_tokens WHERE token = '{$user_token}'");
if (!$user || !isset($user["uid"])) {
// not authorized error
$error = array("success" => "false", "message" => "Unauthorized access. User token is invalid.");
