?>
<html>
<head>
</head>
<body>
<?php
include "../settings.php";
include "../language/{$cfg_language}";
include "../classes/db_functions.php";
include "../classes/security_functions.php";
include "../classes/display.php";
$lang = new language();
$dbf = new db_functions($cfg_server, $cfg_username, $cfg_password, $cfg_database, $cfg_tableprefix, $cfg_theme, $lang);
$sec = new security_functions($dbf, 'Sales Clerk', $lang);
$display = new display($dbf->conn, $cfg_theme, $cfg_currency_symbol, $lang);
if (!$sec->isLoggedIn()) {
header("location: ../login.php");
exit;
}
$table_bg = $display->sale_bg;
$num_items = count($_SESSION['items_in_sale']);
if ($num_items == 0) {
echo "<b>{$lang->youMustSelectAtLeastOneItem}</b><br>";
echo "<a href=javascript:history.go(-1)>{$lang->refreshAndTryAgain}</a>";
exit;
}
$customers_table = $cfg_tableprefix . 'customers';
$items_table = $cfg_tableprefix . 'items';
session_start();
?>
<html>
<head>
</head>
<body>
<?php
include "../settings.php";
include "../language/{$cfg_language}";
include "../classes/db_functions.php";
include "../classes/security_functions.php";
//creates 3 objects needed for this script.
$lang = new language();
$dbf = new db_functions($cfg_server, $cfg_username, $cfg_password, $cfg_database, $cfg_tableprefix, $cfg_theme, $lang);
$sec = new security_functions($dbf, 'Admin', $lang);
//checks if user is logged in.
if (!$sec->isLoggedIn()) {
header("location: ../login.php");
exit;
}
if (isset($_GET['item_id']) and isset($_GET['sale_id']) and isset($_GET['row_id'])) {
$item_id = $_GET['item_id'];
$sale_id = $_GET['sale_id'];
$row_id = $_GET['row_id'];
}
$returned_quantity = $dbf->idToField($cfg_tableprefix . 'sales_items', 'quantity_purchased', $row_id);
$newQuantity = $dbf->idToField($cfg_tableprefix . 'items', 'quantity', $item_id) + $returned_quantity;
$dbf->deleteRow($cfg_tableprefix . 'sales_items', $row_id);
$dbf->updateItemQuantity($item_id, $newQuantity);
?>
<html>
<head>
</head>
<body>
<?php
include "../../settings.php";
include "../../language/{$cfg_language}";
include "../../classes/db_functions.php";
include "../../classes/security_functions.php";
//creates 2 objects needed for this script.
$lang = new language();
$dbf = new db_functions($cfg_server, $cfg_username, $cfg_password, $cfg_database, $cfg_tableprefix, $cfg_theme, $lang);
$sec = new security_functions($dbf, 'Admin', $lang);
//checks if user is logged in.
if (!$sec->isLoggedIn()) {
header("location: ../../login.php");
exit;
}
//variables needed globably in this file.
$tablename = "{$cfg_tableprefix}" . 'discounts';
$field_names = null;
$field_data = null;
$id = -1;
//checks to see if action is delete and an ID is specified. (only delete uses $_GET.)
if (isset($_GET['action']) and isset($_GET['id'])) {
$action = $_GET['action'];
$id = $_GET['id'];
session_start();
?>
<html>
<head>
</head>
<body>
<?php
include "../settings.php";
include "../language/{$cfg_language}";
include "../classes/db_functions.php";
include "../classes/security_functions.php";
include "../classes/display.php";
include "../classes/form.php";
$lang = new language();
$dbf = new db_functions($cfg_server, $cfg_username, $cfg_password, $cfg_database, $cfg_tableprefix, $cfg_theme, $lang);
$sec = new security_functions($dbf, 'Report Viewer', $lang);
if (!$sec->isLoggedIn()) {
header("location: ../login.php");
exit;
}
if (isset($_POST['date_range'])) {
$date_range = $_POST['date_range'];
$dates = explode(':', $date_range);
$date1 = $dates[0];
$date2 = $dates[1];
$categories_name = array();
$categories_id = array();
$categories_total = array();
$categories_subtotal = array();
}
<?php
include 'header.php';
?>
<?php
session_start();
if (!isset($_SESSION["session_name"])) {
header("Location:../index.php");
exit;
}
if (isset($_GET["course_id"])) {
$id = $_SESSION["session_name"];
$course_id = $_GET["course_id"];
require_once 'db_functions.php';
$db = new db_functions();
$enrolled = $db->getEnrollmentData($id, $course_id);
if (!$enrolled["id"] == $course_id) {
$course_info = $db->getCourseInfo($course_id);
$db->enrollStudent($course_info["course_id"], $course_info["course_name"], $id);
?>
<div class="container">
<div class="row">
<div class="col-sm-7 col-sm-offset-2">
<h1>Congratulations, you're enrolled!</h1>
<h4 style="line-height:140%">
<br>
Welcome to Drixel, and welcome to your new course! We look forward to providing you with an extraordinary learning experience. If you have any questions at any time, please don’t hesitate to contact us at support@drixel-NUST.com. Your classroom is waiting!
</h4>
<br>
<html>
<head>
</head>
<body>
<?php
include "../settings.php";
include "../language/{$cfg_language}";
include "../classes/db_functions.php";
include "../classes/security_functions.php";
include "../classes/form.php";
include "../classes/display.php";
$lang = new language();
$dbf = new db_functions($cfg_server, $cfg_username, $cfg_password, $cfg_database, $cfg_tableprefix, $cfg_theme, $lang);
$sec = new security_functions($dbf, 'Admin', $lang);
$display = new display($dbf->conn, $cfg_theme, $cfg_currency_symbol, $lang);
if (!$sec->isLoggedIn()) {
header("location: ../login.php");
exit;
}
$brandtable = $cfg_tableprefix . 'brands';
$categorytable = $cfg_tableprefix . 'categories';
$suppliertable = $cfg_tableprefix . 'suppliers';
$tb1 = mysql_query("SELECT id FROM {$brandtable}", $dbf->conn);
$tb2 = mysql_query("SELECT id FROM {$categorytable}", $dbf->conn);
$tb3 = mysql_query("SELECT id FROM {$suppliertable}", $dbf->conn);
if (mysql_num_rows($tb1) == 0 or mysql_num_rows($tb2) == 0 or mysql_num_rows($tb3) == 0) {
echo "{$lang->brandsCategoriesSupplierError}";
exit;
// **************************************************
// *** Privacy person ***
// **************************************************
define("CMS_ROOTPATH", '');
include_once CMS_ROOTPATH . "include/db_login.php";
//Inloggen database.
include_once CMS_ROOTPATH . "include/safe.php";
//Variabelen
// *** Needed for privacy filter ***
include_once CMS_ROOTPATH . "include/settings_global.php";
//Variables
include_once CMS_ROOTPATH . "include/settings_user.php";
// USER variables
include_once CMS_ROOTPATH . "include/person_cls.php";
include_once CMS_ROOTPATH . "include/db_functions_cls.php";
$db_functions = new db_functions();
// *** Database ***
$datasql = $db_functions->get_trees();
//$num_rows=count($datasql);
foreach ($datasql as $dataDb) {
// *** Check is family tree is shown or hidden for user group ***
$hide_tree_array = explode(";", $user['group_hide_trees']);
$hide_tree = false;
for ($x = 0; $x <= count($hide_tree_array) - 1; $x++) {
if ($hide_tree_array[$x] == $dataDb->tree_id) {
$hide_tree = true;
}
}
if ($hide_tree == false) {
//$person_qry = $dbh->query("SELECT * FROM ".safe_text($dataDb->tree_prefix)."person ORDER BY pers_lastname");
$person_qry = $dbh->query("SELECT * FROM humo_persons\r\n\t\t\tWHERE pers_tree_id='" . $dataDb->tree_id . "' ORDER BY pers_lastname");
function send_mail($params)
{
require_once dirname(__FILE__) . '/../../services/class.servicelocator.php';
require_once dirname(__FILE__) . '/../../prototype/api/controller.php';
$mailService = ServiceLocator::getService('mail');
include_once "class.db_functions.inc.php";
$db = new db_functions();
$fromaddress = $params['input_from'] ? explode(';', $params['input_from']) : "";
$message_attachments_contents = isset($params['message_attachments_content']) ? $params['message_attachments_content'] : false;
##
# @AUTHOR Rodrigo Souza dos Santos
# @DATE 2008/09/17$fileName
# @BRIEF Checks if the user has permission to send an email with the email address used.
##
if (is_array($fromaddress) && $fromaddress[1] != $_SESSION['phpgw_info']['expressomail']['user']['email']) {
$deny = true;
foreach ($_SESSION['phpgw_info']['expressomail']['user']['shared_mailboxes'] as $key => $val) {
if (array_key_exists('mail', $val) && $val['mail'][0] == $fromaddress[1]) {
$deny = false and end($_SESSION['phpgw_info']['expressomail']['user']['shared_mailboxes']);
}
}
if ($deny) {
return "The server denied your request to send a mail, you cannot use this mail address.";
}
}
$params['input_to'] = mb_convert_encoding($params['input_to'], "ISO-8859-1", "UTF-8, ISO-8859-1");
$params['input_cc'] = mb_convert_encoding($params['input_cc'], "ISO-8859-1", "UTF-8, ISO-8859-1");
$params['input_cco'] = mb_convert_encoding($params['input_cco'], "ISO-8859-1", "UTF-8, ISO-8859-1");
if (substr($params['input_to'], -1) == ',') {
$params['input_to'] = substr($params['input_to'], 0, -1);
}
if (substr($params['input_cc'], -1) == ',') {
$params['input_cc'] = substr($params['input_cc'], 0, -1);
}
if (substr($params['input_cco'], -1) == ',') {
$params['input_cco'] = substr($params['input_cco'], 0, -1);
}
/*Wraps the text dividing the emails as from ">,"*/
$toaddress = $db->getAddrs(preg_split('/>,/', preg_replace('/>,/', '>>,', $params['input_to'])));
$ccaddress = $db->getAddrs(preg_split('/>,/', preg_replace('/>,/', '>>,', $params['input_cc'])));
$ccoaddress = $db->getAddrs(preg_split('/>,/', preg_replace('/>,/', '>>,', $params['input_cco'])));
if ($toaddress["False"] || $ccaddress["False"] || $ccoaddress["False"]) {
return $this->parse_error("Invalid Mail:", $toaddress["False"] ? $toaddress["False"] : ($ccaddress["False"] ? $ccaddress["False"] : $ccoaddress["False"]));
}
$toaddress = implode(',', $toaddress);
$ccaddress = implode(',', $ccaddress);
$ccoaddress = implode(',', $ccoaddress);
if ($toaddress == "" && $ccaddress == "" && $ccoaddress == "") {
return $this->parse_error("Invalid Mail:", $params['input_to'] ? $params['input_to'] : ($params['input_cc'] ? $params['input_cc'] : $params['input_cco']));
}
$toaddress = preg_replace('/<\\s+/', '<', $toaddress);
$toaddress = preg_replace('/\\s+>/', '>', $toaddress);
$ccaddress = preg_replace('/<\\s+/', '<', $ccaddress);
$ccaddress = preg_replace('/\\s+>/', '>', $ccaddress);
$ccoaddress = preg_replace('/<\\s+/', '<', $ccoaddress);
$ccoaddress = preg_replace('/\\s+>/', '>', $ccoaddress);
$replytoaddress = $params['input_reply_to'];
$subject = mb_convert_encoding($params['input_subject'], "ISO-8859-1", "UTF-8, ISO-8859-1");
$return_receipt = $params['input_return_receipt'];
$is_important = $params['input_important_message'];
$encrypt = $params['input_return_cripto'];
$signed = $params['input_return_digital'];
$params['attachments'] = mb_convert_encoding($params['attachments'], "UTF7-IMAP", "UTF-8, ISO-8859-1, UTF7-IMAP");
$message_attachments = $params['message_attachments'];
$user_info = $_SESSION['phpgw_info']['expressomail']['user'];
$sent_from = '"' . $user_info['fullname'] . '" <' . $user_info['email'] . '>';
if ($fromaddress) {
$sent_from = $fromaddress;
if (is_array($sent_from)) {
$sent_from = '"' . $sent_from[0] . '" <' . $sent_from[1] . '>';
}
}
$loginfo = "|# Subject: {$subject} #|# FROM: {$sent_from} #|# TO: {$toaddress} #|# CC: {$ccaddress} #|# BCC: {$ccoaddress} #|# REPLY_TO: {$replytoaddress}";
// Valida numero Maximo de Destinatarios
if ($_SESSION['phpgw_info']['expresso']['expressoMail']['expressoAdmin_maximum_recipients'] > 0) {
$sendersNumber = count(explode(',', $params['input_to']));
if ($params['input_cc']) {
$sendersNumber += count(explode(',', $params['input_cc']));
}
if ($params['input_cco']) {
$sendersNumber += count(explode(',', $params['input_cco']));
}
$userMaxmimumSenders = $db->getMaximumRecipientsUser($this->username);
if ($userMaxmimumSenders) {
if ($sendersNumber > $userMaxmimumSenders) {
return $this->functions->getLang('Number of recipients greater than allowed');
}
} else {
$ldap = new ldap_functions();
$groupsToUser = $ldap->get_user_groups($this->username);
$groupMaxmimumSenders = $db->getMaximumRecipientsGroup($groupsToUser);
if ($groupMaxmimumSenders > 0) {
if ($sendersNumber > $groupMaxmimumSenders) {
return $this->functions->getLang('Number of recipients greater than allowed');
}
} else {
if ($sendersNumber > $_SESSION['phpgw_info']['expresso']['expressoMail']['expressoAdmin_maximum_recipients']) {
return $this->functions->getLang('Number of recipients greater than allowed');
}
}
}
}
//Fim Valida numero maximo de destinatarios
//Valida envio de email para shared accounts
if ($_SESSION['phpgw_info']['expresso']['expressoMail']['expressoMail_block_institutional_comunication'] == 'true') {
$ldap = new ldap_functions();
$arrayF = explode(';', $params['input_from']);
/*
* Verifica se o remetente n?o ? uma conta compartilhada
*/
if (!$ldap->isSharedAccountByMail($arrayF[1])) {
$groupsToUser = $ldap->get_user_groups($this->username);
$sharedAccounts = $ldap->returnSharedsAccounts($toaddress, $ccaddress, $ccoaddress);
/*
* Pega o UID do remetente
*/
$uidFrom = $ldap->mail2uid($arrayF[1]);
/*
* Remove a conta compartilhada caso o uid do remetente exista na conta compartilhada
*/
foreach ($sharedAccounts as $key => $value) {
if ($value) {
$acl = $this->getaclfrombox($value);
}
if (array_key_exists($uidFrom, $acl)) {
unset($sharedAccounts[$key]);
}
}
/*
* Caso ainda exista contas compartilhadas, verifica se existe alguma exce??o para estas contas
*/
if (count($sharedAccounts) > 0) {
$accountsBlockeds = $db->validadeSharedAccounts($this->username, $groupsToUser, $sharedAccounts);
}
/*
* Retorna as contas compartilhadas bloqueadas
*/
if (count($accountsBlockeds) > 0) {
$return = '';
foreach ($accountsBlockeds as $accountBlocked) {
$return .= $accountBlocked . ', ';
}
$return = substr($return, 0, -2);
return $this->functions->getLang('you are blocked from sending mail to the following addresses') . ': ' . $return;
}
}
}
// Fim Valida envio de email para shared accounts
// TODO - implementar tratamento SMIME no novo serviço de envio de emails e retirar o AND false abaixo
if ($params['smime'] and false) {
$body = $params['smime'];
$mail->SMIME = true;
// A MSG assinada deve ser testada neste ponto.
// Testar o certificado e a integridade da msg....
include_once dirname(__FILE__) . "/../../security/classes/CertificadoB.php";
$erros_acumulados = '';
$certificado = new certificadoB();
$validade = $certificado->verificar($body);
if (!$validade) {
foreach ($certificado->erros_ssl as $linha_erro) {
$erros_acumulados .= $linha_erro;
}
} else {
// Testa o CERTIFICADO: se o CPF he o do usuario logado, se pode assinar msgs e se nao esta expirado...
if ($certificado->apresentado) {
if ($certificado->dados['EXPIRADO']) {
$erros_acumulados .= 'Certificado expirado.';
}
$this->cpf = isset($GLOBALS['phpgw_info']['server']['certificado_atributo_cpf']) && $GLOBALS['phpgw_info']['server']['certificado_atributo_cpf'] != '' ? $_SESSION['phpgw_info']['expressomail']['user'][$GLOBALS['phpgw_info']['server']['certificado_atributo_cpf']] : $this->username;
if ($certificado->dados['CPF'] != $this->cpf) {
$erros_acumulados .= ' CPF no certificado diferente do logado no expresso.';
}
if (!($certificado->dados['KEYUSAGE']['digitalSignature'] && $certificado->dados['EXTKEYUSAGE']['emailProtection'])) {
$erros_acumulados .= ' Certificado nao permite assinar mensagens.';
}
} else {
${$erros_acumulados} .= 'Nao foi possivel usar o certificado para assinar a msg';
}
}
if (!$erros_acumulados == '') {
return $erros_acumulados;
}
} else {
//Compatibilização com Outlook, ao encaminhar a mensagem
$body = mb_ereg_replace('<!--\\[', '<!-- [', base64_decode($params['body']));
$body = str_replace("<", "&yzwkx;", $body);
//Alterar as Entities padrão das tags < > para compatibilizar com o Expresso
$body = str_replace(">", "&xzwky;", $body);
$body = str_replace("%nbsp;", " ", $body);
//$body = preg_replace("/\n/"," ",$body);
//$body = preg_replace("/\r/","" ,$body);
$body = html_entity_decode($body, ENT_QUOTES, 'ISO-8859-1');
$body = str_replace("&yzwkx;", "<", $body);
$body = str_replace("&xzwky;", ">", $body);
}
$attachments = $_FILES;
$forwarding_attachments = $params['forwarding_attachments'];
$local_attachments = $params['local_attachments'];
//Test if must be saved in shared folder and change if necessary
if ($fromaddress[2] == 'y') {
//build shared folder path
$newfolder = "user" . $this->imap_delimiter . $fromaddress[3] . $this->imap_delimiter . $this->imap_sentfolder;
if ($this->folder_exists($newfolder)) {
$has_new_folder = false;
$folder = $newfolder;
} else {
$name_folder = $this->imap_sentfolder;
$base_path = "user" . $this->imap_delimiter . $fromaddress[3];
$arr_new_folder['newp'] = $name_folder;
$arr_new_folder['base_path'] = $base_path;
$this->create_mailbox($arr_new_folder);
$has_new_folder = true;
$folder = $newfolder;
}
} else {
$has_new_folder = false;
$folder = $params['folder'];
}
$folder = mb_convert_encoding($folder, 'UTF7-IMAP', 'ISO-8859-1');
$folder = preg_replace('/INBOX[\\/.]/i', 'INBOX' . $this->imap_delimiter, $folder);
$folder_name = $params['folder_name'];
// TODO - tratar assinatura e remover o AND false
if ($signed && !$params['smime'] and false) {
$mail->Mailer = "smime";
$mail->SignedBody = true;
}
$from = $fromaddress ? '"' . $fromaddress[0] . '" <' . $fromaddress[1] . '>' : '"' . $_SESSION['phpgw_info']['expressomail']['user']['fullname'] . '" <' . $_SESSION['phpgw_info']['expressomail']['user']['email'] . '>';
$mailService->setFrom(mb_convert_encoding($from, "ISO-8859-1", "UTF-8, ISO-8859-1"));
$mailService->addHeaderField('Reply-To', !!$replytoaddress ? $replytoaddress : $from);
$bol = $this->add_recipients('to', $toaddress, $mailService);
if (!$bol) {
return $this->parse_error("Invalid Mail:", $toaddress);
}
$bol = $this->add_recipients('cc', $ccaddress, $mailService);
if (!$bol) {
return $this->parse_error("Invalid Mail:", $ccaddress);
}
$allow = $_SESSION['phpgw_info']['server']['expressomail']['allow_hidden_copy'];
if ($allow) {
//$mailService->addBcc($ccoaddress);
$bol = $this->add_recipients('cco', $ccoaddress, $mailService);
if (!$bol) {
return $this->parse_error("Invalid Mail:", $ccoaddress);
}
}
//Implementação para o In-Reply-To e References
$msg_numb = $params['messageNum'];
$msg_folder = $params['messageFolder'];
$this->mbox = $this->open_mbox($msg_folder);
$header = $this->get_header($msg_numb);
$header_ = imap_fetchheader($this->mbox, $msg_numb, FT_UID);
$pattern = '/^[ \\t]*Disposition-Notification-To:.*/mi';
if (preg_match($pattern, $header_, $fields)) {
$return['DispositionNotificationTo'] = base64_encode(trim(str_ireplace('Disposition-Notification-To:', '', $fields[0])));
}
$message_id = $header->message_id;
$references = array();
if ($message_id != "") {
$mailService->addHeaderField('In-Reply-To', $message_id);
if (isset($header->references)) {
array_push($references, $header->references);
}
array_push($references, $message_id);
$mailService->addHeaderField('References', $references);
}
$mailService->setSubject($subject);
$isHTML = isset($params['type']) && $params['type'] == 'html' ? true : false;
// TODO - tratar mensagem criptografada e remover o AND false abaixo
if ($encrypt && $signed && $params['smime'] || $encrypt && !$signed and false) {
// a msg deve ser enviada cifrada...
$email = $this->add_recipients_cert($toaddress . ',' . $ccaddress . ',' . $ccoaddress);
$email = explode(",", $email);
// Deve ser testado se foram obtidos os certificados de todos os destinatarios.
// Deve ser verificado um numero limite de destinatarios.
// Deve ser verificado se os certificados sao validos.
// Se uma das verificacoes falhar, nao enviar o e-mail e avisar o usuario.
// O array $mail->Certs_crypt soh deve ser preenchido se os certificados passarem nas verificacoes.
$numero_maximo = $_SESSION['phpgw_info']['user']['preferences']['expressoMail']['num_max_certs_to_cipher'];
// Este valor dever ser configurado pelo administrador do site ....
$erros_acumulados = "";
$aux_mails = array();
$mail_list = array();
if (count($email) > $numero_maximo) {
$erros_acumulados .= "Excedido o numero maximo (" . $numero_maximo . ") de destinatarios para uma msg cifrada...." . chr(0xa);
return $erros_acumulados;
}
// adiciona o email do remetente. eh para cifrar a msg para ele tambem. Assim vai poder visualizar a msg na pasta enviados..
$email[] = $_SESSION['phpgw_info']['expressomail']['user']['email'];
foreach ($email as $item) {
$certificate = $db->get_certificate(strtolower($item));
if (!$certificate) {
$erros_acumulados .= "Chamada com parametro invalido. e-Mail nao pode ser vazio." . chr(0xa);
return $erros_acumulados;
}
if (array_key_exists("dberr1", $certificate)) {
$erros_acumulados .= "Ocorreu um erro quando pesquisava certificados dos destinatarios para cifrar a msg." . chr(0xa);
return $erros_acumulados;
}
if (array_key_exists("dberr2", $certificate)) {
$erros_acumulados .= $item . ' : Nao pode cifrar a msg. Certificado nao localizado.' . chr(0xa);
//continue;
}
/* Retirado este teste para evitar mensagem de erro duplicada.
if (!array_key_exists("certs", $certificate))
{
$erros_acumulados .= $item . ' : Nao pode cifrar a msg. Certificado nao localizado.' . chr(0x0A);
continue;
}
*/
include_once dirname(__FILE__) . "/../../security/classes/CertificadoB.php";
foreach ($certificate['certs'] as $registro) {
$c1 = new certificadoB();
$c1->certificado($registro['chave_publica']);
if ($c1->apresentado) {
$c2 = new Verifica_Certificado($c1->dados, $registro['chave_publica']);
if (!$c1->dados['EXPIRADO'] && !$c2->revogado && $c2->status) {
$aux_mails[] = $registro['chave_publica'];
$mail_list[] = strtolower($item);
} else {
if ($c1->dados['EXPIRADO'] || $c2->revogado) {
$db->update_certificate($c1->dados['SERIALNUMBER'], $c1->dados['EMAIL'], $c1->dados['AUTHORITYKEYIDENTIFIER'], $c1->dados['EXPIRADO'], $c2->revogado);
}
$erros_acumulados .= $item . ': ' . $c2->msgerro . chr(0xa);
foreach ($c2->erros_ssl as $linha) {
$erros_acumulados .= $linha . chr(0xa);
}
$erros_acumulados .= 'Emissor: ' . $c1->dados['EMISSOR'] . chr(0xa);
$erros_acumulados .= $c1->dados['CRLDISTRIBUTIONPOINTS'] . chr(0xa);
}
} else {
$erros_acumulados .= $item . ' : Nao pode cifrar a msg. Certificado invalido.' . chr(0xa);
}
}
if (!in_array(strtolower($item), $mail_list) && !empty($erros_acumulados)) {
return $erros_acumulados;
}
}
$mail->Certs_crypt = $aux_mails;
}
$attachment = json_decode($params['attachments'], TRUE);
$message_size_total = 0;
// se possui anexos, inserir informação no log
if (count($attachment) > 0) {
$loginfo .= "#|# ATTACH: ";
}
foreach ($attachment as &$value) {
if ((int) $value > 0) {
$att = Controller::read(array('id' => $value, 'concept' => 'mailAttachment'));
if ($att['disposition'] == 'embedded' && $isHTML) {
$body = str_replace('"../prototype/getArchive.php?mailAttachment=' . $att['id'] . '"', '"' . mb_convert_encoding($att['name'], 'ISO-8859-1', 'UTF-8,ISO-8859-1') . '"', $body);
$mailService->addStringImage(base64_decode($att['source']), $att['type'], mb_convert_encoding($att['name'], 'ISO-8859-1', 'UTF-8,ISO-8859-1'));
$loginfo .= "[" . $att['name'] . ":" . $att['size'] . "]";
} else {
$mailService->addStringAttachment(base64_decode($att['source']), mb_convert_encoding($att['name'], 'ISO-8859-1', 'UTF-8,ISO-8859-1'), $att['type'], 'base64', isset($att['disposition']) ? $att['disposition'] : 'attachment');
$loginfo .= "[" . $att['name'] . ":" . $att['size'] . "]";
}
$message_size_total += $att['size'];
unset($att);
} else {
$value = json_decode($value, true);
if ($value["folder"] == "archiver") {
$value['folder'] = "INBOX/Trash";
}
switch ($value['type']) {
case 'imapPart':
$att = $this->getForwardingAttachment(mb_convert_encoding($value['folder'], 'ISO-8859-1', 'UTF7-IMAP'), $value['uid'], $value['part']);
if (strstr($body, 'src="./inc/get_archive.php?msgFolder=' . $value['folder'] . '&msgNumber=' . $value['uid'] . '&indexPart=' . $value['part'] . '"') !== false) {
$body = str_ireplace('src="./inc/get_archive.php?msgFolder=' . $value['folder'] . '&msgNumber=' . $value['uid'] . '&indexPart=' . $value['part'] . '"', 'src="' . $att['name'] . '"', $body);
$mailService->addStringImage($att['source'], $att['type'], mb_convert_encoding($att['name'], 'ISO-8859-1', 'UTF-8,ISO-8859-1'));
} else {
$mailService->addStringAttachment($att['source'], mb_convert_encoding($att['name'], 'ISO-8859-1', 'UTF-8,ISO-8859-1'), $att['type'], 'base64', isset($att['disposition']) ? $att['disposition'] : 'attachment');
$loginfo .= "[" . $att['name'] . ":" . $att['fsize'] . "]";
}
$message_size_total += $att['fsize'];
//Adiciona o tamanho do anexo a variavel que controlao tamanho da msg.
unset($att);
break;
case 'imapMSG':
$mbox_stream = $this->open_mbox(mb_convert_encoding($value['folder'], 'ISO-8859-1', 'UTF7-IMAP'));
$rawmsg = $this->getRawHeader($value['uid']) . "\r\n\r\n" . $this->getRawBody($value['uid']);
$mailService->addStringAttachment($rawmsg, mb_convert_encoding(base64_decode($value['name']), 'ISO-8859-1', 'UTF-8,ISO-8859-1'), 'message/rfc822', '7bit', 'attachment');
/*envia o anexo para o email*/
$message_size_total += mb_strlen($rawmsg);
//Adiciona o tamanho do anexo a variavel que controlao tamanho da msg.
unset($rawmsg);
//TODO: tem como fazer log deste tipo de anexo?
break;
default:
break;
}
}
}
$message_size_total += strlen($params['body']);
/* Tamanho do corpo da mensagem. */
////////////////////////////////////////////////////////////////////////////////////////////////////
/**
* Faz a validação pelo tamanho máximo de mensagem permitido para o usuário. Se o usuário não estiver em nenhuma regra, usa o tamanho padrão.
*/
$default_max_size_rule = $db->get_default_max_size_rule();
if (!$default_max_size_rule) {
$default_max_size_rule = str_replace("M", "", ini_get('upload_max_filesize')) * 1024 * 1024;
/* hack para não bloquear o envio de email quando não for configurado um tamanho padrão */
} else {
foreach ($default_max_size_rule as $i => $value) {
$default_max_size_rule = $value['config_value'];
}
}
$default_max_size_rule = $default_max_size_rule * 1024 * 1024;
/* Tamanho da regra padrão, em bytes */
$id_user = $_SESSION['phpgw_info']['expressomail']['user']['userid'];
$ldap = new ldap_functions();
$groups_user = $ldap->get_user_groups($id_user);
$size_rule_by_group = array();
foreach ($groups_user as $k => $value_) {
$rule_in_group = $db->get_rule_by_user_in_groups($k);
if ($rule_in_group != "") {
array_push($size_rule_by_group, $rule_in_group);
}
}
$n_rule_groups = 0;
$maior_valor_regra_grupo = 0;
foreach ($size_rule_by_group as $i => $value) {
if (is_array($value[0])) {
++$n_rule_groups;
if ($value[0]['email_max_recipient'] > $maior_valor_regra_grupo) {
$maior_valor_regra_grupo = $value[0]['email_max_recipient'];
}
}
}
if ($default_max_size_rule) {
$size_rule = $db->get_rule_by_user($_SESSION['phpgw_info']['expressomail']['user']['userid']);
if (!$size_rule && $n_rule_groups == 0) {
if ($message_size_total > $default_max_size_rule) {
return $this->functions->getLang("Message size greateruler than allowed (Default rule)") . " (" . $default_max_size_rule / 1024 / 1024 . " Mb)";
}
} else {
if (count($size_rule) > 0) {
$regra_mais_permissiva = 0;
foreach ($size_rule as $i => $value) {
if ($regra_mais_permissiva < $value['email_max_recipient']) {
$regra_mais_permissiva = $value['email_max_recipient'];
}
}
$regra_mais_permissiva = $regra_mais_permissiva * 1024 * 1024;
if ($message_size_total > $regra_mais_permissiva) {
return $this->functions->getLang("Message size greater than allowed (Rule By User)");
}
} else {
$maior_valor_regra_grupo = $maior_valor_regra_grupo * 1024 * 1024;
if ($message_size_total > $maior_valor_regra_grupo) {
return $this->functions->getLang("Message size greater than allowed (Rule By Group)");
}
}
}
}
/**
* Fim da validação do tamanho da regra do tamanho de mensagem.
*/
////////////////////////////////////////////////////////////////////////////////////////////////////
if ($isHTML) {
$this->rfc2397ToEmbeddedAttachment($mailService, $body);
$defaultStyle = '';
if (isset($_SESSION['phpgw_info']['user']['preferences']['expressoMail']['font_family_editor']) && $_SESSION['phpgw_info']['user']['preferences']['expressoMail']['font_family_editor']) {
$defaultStyle .= ' font-family:' . $_SESSION['phpgw_info']['user']['preferences']['expressoMail']['font_family_editor'] . ';';
}
if (isset($_SESSION['phpgw_info']['user']['preferences']['expressoMail']['font_size_editor']) && $_SESSION['phpgw_info']['user']['preferences']['expressoMail']['font_size_editor']) {
$defaultStyle .= ' font-size:' . $_SESSION['phpgw_info']['user']['preferences']['expressoMail']['font_size_editor'] . ';';
}
$body = '<span class="' . $defaultStyle . '">' . $body . '</span>';
$mailService->setBodyHtml($body);
} else {
$mailService->setBodyText(mb_convert_encoding($body, 'ISO-8859-1', 'UTF-8,ISO-8859-1'));
}
$mailService->addHeaderField('Message-ID', "<" . md5(uniqid(time())) . "@" . $_SERVER['SERVER_NAME'] . ">\n");
if ($is_important) {
$mailService->addHeaderField('Importance', 'High');
}
if ($return_receipt) {
$mailService->addHeaderField('Disposition-Notification-To', $_SESSION['phpgw_info']['expressomail']['user']['email']);
}
$mailService->addHeaderField('Date', date("r"));
if ($folder != 'null') {
$mbox_stream = $this->open_mbox($folder);
@imap_append($mbox_stream, "{" . $this->imap_server . ":" . $this->imap_port . "}" . $folder, $mailService->getMessage(), "\\Seen");
}
$sent = $mailService->send();
if ($sent !== true) {
return $this->parse_error($sent);
} else {
if ($signed && !$params['smime']) {
return $sent;
}
if ($_SESSION['phpgw_info']['server']['expressomail']['expressoMail_enable_log_messages'] == "True") {
$userid = $_SESSION['phpgw_info']['expressomail']['user']['userid'];
$userip = $_SESSION['phpgw_info']['expressomail']['user']['session_ip'];
$now = date("d/m/y H:i:s");
$addrs = $toaddress . $ccaddress . $ccoaddress;
$sent = trim($sent);
error_log("{$now} - {$userip} - {$sent} [{$subject}] - {$userid} => {$addrs}\r\n", 3, "/home/expressolivre/mail_senders.log");
}
if ($params['uids_save']) {
$this->delete_msgs(array('folder' => $params['save_folder'], 'msgs_number' => $params['uids_save']));
}
//return array("success" => true, "folder" => $folder_list);
Logger::info('expressomail', 'sendmsg', $loginfo);
return array("success" => true, "load" => $has_new_folder);
}
}
?>
<html>
<head>
</head>
<body>
<?php
include "../settings.php";
include "../language/{$cfg_language}";
include "../classes/db_functions.php";
include "../classes/security_functions.php";
//creates 3 objects needed for this script.
$lang = new language();
$dbf = new db_functions($cfg_server, $cfg_username, $cfg_password, $cfg_database, $cfg_tableprefix, $cfg_theme, $lang);
$sec = new security_functions($dbf, 'Admin', $lang);
//checks if user is logged in.
if (!$sec->isLoggedIn()) {
header("location: ../login.php");
exit;
}
//variables needed globably in this file.
$tablename = "{$cfg_tableprefix}" . 'sales_items';
$field_names = null;
$field_data = null;
$id = -1;
if (isset($_POST['quantity_purchased']) and isset($_POST['item_unit_price']) and isset($_POST['item_tax_percent']) and isset($_POST['item_id']) and isset($_POST['sale_id']) and isset($_POST['row_id']) and isset($_POST['old_quantity'])) {
if (!is_numeric($_POST['quantity_purchased']) or !is_numeric($_POST['item_unit_price']) or !is_numeric($_POST['item_tax_percent'])) {
echo 'You must enter a numeric value for quantity purchased, Unit Price, and Tax.';
exit;
<?php
include 'head.php';
include 'header.php';
?>
<body>
<?php
session_start();
if (!isset($_SESSION["session_name"])) {
header("Location:../index.php");
exit;
} else {
$id = $_SESSION["session_name"];
require_once 'db_functions.php';
$db = new db_functions();
$user_profile = $db->FindUser($id);
}
?>
<div id="pre-div-main">
<img src="images\sideimage3.png" class="sideimage3">
<img src="images\sideimage4.png" class="sideimage4">
<img src="images\Drixel.png" style="position: absolute; top:10%;left:38%; width:300px; ">
<p id="loader-text11" >Lecture Videos </p>
<div id="loader-main"> </div>
<h2 id="loader-text3" >Hold On</h2>
<h2 id="loader-text2" >We are Loading Your Course content</h2>
echo '<script type="text/javascript" src="' . CMS_ROOTPATH . 'fontsize.js"></script>';
// *** Style sheet select ***
include_once CMS_ROOTPATH . "styles/sss1.php";
// *** Pop-up menu ***
echo '<script type="text/javascript" src="' . CMS_ROOTPATH . 'include/popup_menu/popup_menu.js"></script>';
if (CMS_SPECIFIC == 'Joomla') {
JHTML::stylesheet('popup_menu.css', CMS_ROOTPATH . 'include/popup_menu/');
} elseif (CMS_SPECIFIC == 'CMSMS') {
// Do nothing. stylesheet links outside header won't validate. styling will be managed in CMS
} else {
echo '<link rel="stylesheet" type="text/css" href="' . CMS_ROOTPATH . 'include/popup_menu/popup_menu.css">';
}
// *** Photo lightbox effect ***
if ($user['group_pictures'] == 'j') {
//echo '<script type="text/javascript" src="'.CMS_ROOTPATH.'include/lightbox/js/jquery.min.js"></script>';
echo '<script type="text/javascript" src="' . CMS_ROOTPATH . 'include/lightbox/js/slimbox2.js"></script>';
echo '<link rel="stylesheet" href="' . CMS_ROOTPATH . 'include/lightbox/css/slimbox2.css" type="text/css" media="screen">';
}
// *** CSS changes for mobile devices ***
echo '<link rel="stylesheet" media="(max-width: 640px)" href="gedcom_mobile.css">';
if (!CMS_SPECIFIC) {
print "</head>\n";
print "<body onload='checkCookie()'>\n";
}
include_once CMS_ROOTPATH . "include/db_functions_cls.php";
$db_functions = new db_functions();
$db_functions->set_tree_prefix($tree_prefix_quoted);
$db_functions->set_tree_id($_SESSION['tree_id']);
echo '<div class="silverbody">';
}
// *** End of PDF export check ***
<?php
//include '../skglfunction/db_connector.php';
require_once 'db_functions.php';
require_once 'config.php';
$db = new db_functions();
$name = htmlspecialchars($_POST['name']);
$username = htmlspecialchars($_POST['username']);
$pass = htmlspecialchars($_POST['password']);
$mobile_no = htmlspecialchars($_POST['mobileno']);
$password = hash('sha256', USER_SALT . hash('sha256', $pass));
$response = array("error" => FALSE);
if ($db->isUserExisted($username)) {
$response["error"] = TRUE;
$response["error_msg"] = "User already existed with " . $username;
echo json_encode($response);
} else {
$sql = "insert into tbl_register(fname,username,password,mobileno) values('{$name}','{$username}','{$password}','{$mobile_no}')";
$result = @mysql_query($sql);
$response["error"] = FALSE;
echo json_encode($response);
}
<?php
session_start();
include "settings.php";
if (empty($cfg_language) or empty($cfg_database)) {
echo "It appears that you have not installed PHP Point Of Sale, please\r\n\tgo to the <a href='install/index.php'>install page</a>.";
exit;
}
include "language/{$cfg_language}";
include "classes/db_functions.php";
include "classes/security_functions.php";
//create 3 objects that are needed in this script.
$lang = new language();
$dbf = new db_functions($cfg_server, $cfg_username, $cfg_password, $cfg_database, $cfg_tableprefix, $cfg_theme, $lang);
$sec = new security_functions($dbf, 'Public', $lang);
if (!$sec->isLoggedIn()) {
header("location: login.php");
exit;
}
$dbf->optimizeTables();
$dbf->closeDBlink();
?>
<HTML>
<head>
<title><?php
echo $cfg_company;
?>
-- <?php
echo $lang->poweredBy;
$last_visited = $_SERVER['SERVER_NAME'] . $_SERVER['REQUEST_URI'];
$_SESSION['save_last_visitid'] = $last_visited;
@set_time_limit(300);
$menu = 0;
if (isset($_GET['menu']) and $_GET['menu'] == "1") {
$menu = 1;
}
// called from fanchart iframe with &menu=1-> no menu!
if ($screen_mode != 'PDF' and $menu != 1) {
//we can't have a menu in pdf... and don't want it when called in an iframe
include_once CMS_ROOTPATH . "menu.php";
}
if ($screen_mode == 'PDF') {
// if PDF: necessary parts from menu.php
include_once CMS_ROOTPATH . "include/db_functions_cls.php";
$db_functions = new db_functions();
$db_functions->set_tree_prefix($tree_prefix_quoted);
if (isset($_SESSION['tree_prefix'])) {
$dataqry = "SELECT * FROM humo_trees LEFT JOIN humo_tree_texts\n\t\tON humo_trees.tree_id=humo_tree_texts.treetext_tree_id\n\t\tAND humo_tree_texts.treetext_language='" . $selected_language . "'\n\t\tWHERE tree_prefix='" . $tree_prefix_quoted . "'";
@($datasql = $dbh->query($dataqry));
@($dataDb = $datasql->fetch(PDO::FETCH_OBJ));
}
$tree_id = $dataDb->tree_id;
$db_functions->set_tree_id($tree_id);
}
include_once CMS_ROOTPATH . "include/language_date.php";
include_once CMS_ROOTPATH . "include/language_event.php";
include_once CMS_ROOTPATH . "include/date_place.php";
include_once CMS_ROOTPATH . "include/process_text.php";
include_once CMS_ROOTPATH . "include/calculate_age_cls.php";
include_once CMS_ROOTPATH . "include/person_cls.php";
session_start();
?>
<html>
<head>
</head>
<body>
<?php
include "../settings.php";
include "../language/{$cfg_language}";
include "../classes/db_functions.php";
include "../classes/security_functions.php";
include "../classes/display.php";
include "../classes/form.php";
$lang = new language();
$dbf = new db_functions($cfg_server, $cfg_username, $cfg_password, $cfg_database, $cfg_tableprefix, $cfg_theme, $lang);
$sec = new security_functions($dbf, 'Report Viewer', $lang);
if (!$sec->isLoggedIn()) {
header("location: ../login.php");
exit;
}
if (isset($_POST['selected_category'])) {
$selected_category = $_POST['selected_category'];
$date_range = $_POST['date_range'];
$dates = explode(':', $date_range);
$date1 = $dates[0];
$date2 = $dates[1];
}
$sales_table = $cfg_tableprefix . 'sales';
$sales_items_table = $cfg_tableprefix . 'sales_items';
$display_name = $dbf->idToField($cfg_tableprefix . 'categories', 'category', $selected_category);
function save_telephoneNumber($params)
{
$return = array();
if ($_SESSION['phpgw_info']['user']['preferences']['expressoMail']['blockpersonaldata']) {
$return['error'] = $this->functions->getLang("You can't modify your Commercial Telephone.");
return $return;
}
$old_telephone = 0;
$pattern = '/\\([0-9]{2,3}\\)[0-9]{4}-[0-9]{4}$/';
if (strlen($params['number']) != 0 && !preg_match($pattern, $params['number'])) {
$return['error'] = $this->functions->getLang('The format of telephone number is invalid');
return $return;
}
if ($params['number'] != $_SESSION['phpgw_info']['user']['preferences']['expressoMail']['telephone_number']) {
$old_telephone = $_SESSION['phpgw_info']['user']['preferences']['expressoMail']['telephone_number'];
$this->ldapRootConnect(false);
if (strlen($_SESSION['phpgw_info']['user']['preferences']['expressoMail']['telephone_number']) == 0) {
$info['telephonenumber'] = $params['number'];
$result = @ldap_mod_add($this->ds, $_SESSION['phpgw_info']['expressomail']['user']['account_dn'], $info);
} else {
$info['telephonenumber'] = $params['number'];
$result = @ldap_mod_replace($this->ds, $_SESSION['phpgw_info']['expressomail']['user']['account_dn'], $info);
}
$_SESSION['phpgw_info']['user']['preferences']['expressoMail']['telephone_number'] = $info['telephonenumber'];
// Log updated telephone number by user action
include_once 'class.db_functions.inc.php';
$db_functions = new db_functions();
$db_functions->write_log('modified user telephone', "User changed its own telephone number in preferences {$old_telephone} => " . $info['telephonenumber']);
unset($info['telephonenumber']);
}
return $return['ok'] = true;
}
<?php
include_once 'functions.php';
$f = new db_functions();
// echo $f->select("users", array("id","username"), 5)."<br>";
// echo $f->select("users", array("id","username"), false,array("username","ASC"),4)."<br>";
// $input['username']='******';
// $input['password']='******';
// echo $f->insert("users", $input)."<br>";
// $input2['username']='******';
// echo $f->insert("users", $input2)."<br>";
// $update['username']='******';
// $update['password']='******';
// $update['firstname']='ellol';
// echo $f->update("users", $update, 5);
// $update2['firstname']='ellol';
// echo $f->update("users", $update2, 5);
// include_once 'users.php';
// $users=new users();
// $user['username']='******';
// $user['password']='******';
// echo $users->register($user);
$input['username'] = '******';
$input['password'] = '******';
$input['OR'] = array('email' => '*****@*****.**', 'username' => 'lol');
$relation[] = 'AND';
$relation[] = 'OR';
echo $f->check("users", $input, $relation, array("id", "username", "password", "email"));
session_start();
?>
<html>
<head>
</head>
<body>
<?php
include "../settings.php";
include "../language/{$cfg_language}";
include "../classes/db_functions.php";
include "../classes/security_functions.php";
include "../classes/display.php";
include "../classes/form.php";
$lang = new language();
$dbf = new db_functions($cfg_server, $cfg_username, $cfg_password, $cfg_database, $cfg_tableprefix, $cfg_theme, $lang);
$sec = new security_functions($dbf, 'Report Viewer', $lang);
if (!$sec->isLoggedIn()) {
header("location: ../login.php");
exit;
}
if (isset($_POST['selected_brand'])) {
$selected_brand = $_POST['selected_brand'];
$date_range = $_POST['date_range'];
$dates = explode(':', $date_range);
$date1 = $dates[0];
$date2 = $dates[1];
}
$sales_table = $cfg_tableprefix . 'sales';
$sales_items_table = $cfg_tableprefix . 'sales_items';
$display_name = $dbf->idToField($cfg_tableprefix . 'brands', 'brand', $selected_brand);
session_start();
?>
<html>
<head>
</head>
<body>
<?php
include "../settings.php";
include "../language/{$cfg_language}";
include "../classes/db_functions.php";
include "../classes/security_functions.php";
//creates 3 objects needed for this script.
$lang = new language();
$dbf = new db_functions($cfg_server, $cfg_username, $cfg_password, $cfg_database, $cfg_tableprefix, $cfg_theme, $lang);
$sec = new security_functions($dbf, 'Admin', $lang);
//checks if user is logged in.
if (!$sec->isLoggedIn()) {
header("location: ../login.php");
exit;
}
//variables needed globably in this file.
$tablename = "{$cfg_tableprefix}" . 'sales';
if (isset($_GET['id'])) {
$id = $_GET['id'];
}
$dbf->deleteRow($tablename, $id);
$dbf->closeDBlink();
?>
<br>
include_once CMS_ROOTPATH . "include/db_login.php";
//Inloggen database.
// *** Use UTF-8 database connection ***
//$dbh->query("SET NAMES 'utf8'");
include_once CMS_ROOTPATH . "include/safe.php";
include_once CMS_ROOTPATH . "include/settings_global.php";
//Variables
include_once CMS_ROOTPATH . "include/settings_user.php";
// USER variables
include_once CMS_ROOTPATH . "include/person_cls.php";
// for privacy
include_once CMS_ROOTPATH . "include/language_date.php";
include_once CMS_ROOTPATH . "include/date_place.php";
$tree_id = $_SESSION['tree_id'];
include_once CMS_ROOTPATH . "include/db_functions_cls.php";
$db_functions = new db_functions();
$db_functions->set_tree_id($tree_id);
$language_folder = opendir(CMS_ROOTPATH . 'languages/');
while (false !== ($file = readdir($language_folder))) {
if (strlen($file) < 5 and $file != '.' and $file != '..') {
$language_file[] = $file;
// *** Save choice of language ***
$language_choice = '';
if (isset($_GET["language"])) {
$language_choice = $_GET["language"];
}
if ($language_choice != '') {
// Check if file exists (IMPORTANT DO NOT REMOVE THESE LINES)
// ONLY save an existing language file.
if ($language_choice == $file) {
$_SESSION['language'] = $file;
$item_info = explode(' ', $_SESSION['items_in_sale'][$k]);
$item_id = $item_info[0];
$new_price = $item_info[1] * (1 - $discount / 100);
$tax = $item_info[2];
$quantity = $item_info[3];
$percentOff = $item_info[4];
$new_price = number_format($new_price, 2, '.', '');
$_SESSION['items_in_sale'][$k] = $item_id . ' ' . $new_price . ' ' . $tax . ' ' . $quantity . ' ' . $percentOff;
}
header("location: sale_ui.php?global_sale_discount={$discount}");
}
}
include "../classes/db_functions.php";
include "../classes/security_functions.php";
include "../classes/display.php";
$dbf = new db_functions($cfg_server, $cfg_username, $cfg_password, $cfg_database, $cfg_tableprefix, $cfg_theme, $lang);
$sec = new security_functions($dbf, 'Sales Clerk', $lang);
$display = new display($dbf->conn, $cfg_theme, $cfg_currency_symbol, $lang);
if (isset($_POST['customer'])) {
if ($cfg_numberForBarcode == "Row ID") {
if ($dbf->isValidCustomer($_POST['customer'])) {
$_SESSION['current_sale_customer_id'] = $_POST['customer'];
}
} else {
$id = $dbf->fieldToid($cfg_tableprefix . 'customers', 'account_number', $_POST['customer']);
if ($dbf->isValidCustomer($id)) {
$_SESSION['current_sale_customer_id'] = $id;
} else {
echo "{$lang->customerWithID}/{$lang->accountNumber} " . $_POST['customer'] . ', ' . "{$lang->isNotValid}";
}
}
<?php
require_once 'db_functions.php';
require_once 'config.php';
$db = new db_functions();
$username = htmlspecialchars($_POST['username']);
$pass = htmlspecialchars($_POST['password']);
$response = array("error" => FALSE);
$password = hash('sha256', USER_SALT . hash('sha256', $pass));
if ($db->CheckLogin($username, $password)) {
$response["error"] = FALSE;
echo json_encode($response);
} else {
$response["error"] = TRUE;
$response["error_msg"] = "Login credentials are wrong. Please try again!";
echo json_encode($response);
}
eval("page" + id + " = window.open(URL, '" + id + "', 'toolbar=0,scrollbars=1,location=0,statusbar=0,menubar=0,resizable=1,width=600,height=300,left = 362,top = 234');");
}
</script>
</head>
<body>
<?php
include "../settings.php";
include "../language/{$cfg_language}";
include "../classes/db_functions.php";
include "../classes/security_functions.php";
include "../classes/display.php";
include "../classes/form.php";
$lang = new language();
$dbf = new db_functions($cfg_server, $cfg_username, $cfg_password, $cfg_database, $cfg_tableprefix, $cfg_theme, $lang);
$sec = new security_functions($dbf, 'Report Viewer', $lang);
if (!$sec->isLoggedIn()) {
header("location: ../login.php");
exit;
}
if (isset($_POST['selected_employee'])) {
$selected_employee = $_POST['selected_employee'];
$date_range = $_POST['date_range'];
$dates = explode(':', $date_range);
$date1 = $dates[0];
$date2 = $dates[1];
}
$first_name = $dbf->idToField($cfg_tableprefix . 'users', 'first_name', $selected_employee);
$last_name = $dbf->idToField($cfg_tableprefix . 'users', 'last_name', $selected_employee);
$display_name = $first_name . ' ' . $last_name;
<?php
session_start();
include "settings.php";
include "language/{$cfg_language}";
include "classes/db_functions.php";
include "classes/security_functions.php";
$lang = new language();
$dbf = new db_functions($cfg_server, $cfg_username, $cfg_password, $cfg_database, $cfg_tableprefix, $cfg_theme, $lang);
$sec = new security_functions($dbf, 'Public', $lang);
if (!$sec->isLoggedIn()) {
header("location: login.php");
exit;
}
$tablename = $cfg_tableprefix . 'users';
$auth = $dbf->idToField($tablename, 'type', $_SESSION['session_user_id']);
$first_name = $dbf->idToField($tablename, 'first_name', $_SESSION['session_user_id']);
$last_name = $dbf->idToField($tablename, 'last_name', $_SESSION['session_user_id']);
$name = $first_name . ' ' . $last_name;
$dbf->optimizeTables();
?>
<HTML>
<head>
</head>
<body>
<?php
if ($auth == "Admin") {
?>
<p>
<img border="0" src="images/home_print.gif" width="33" height="29" valign="top"><font color="#005B7F" size="4"> <b><?php
<body>
<?php
include 'header.php';
?>
<?php
session_start();
if (!isset($_SESSION["session_name"])) {
header("Location:../index.php");
exit;
} else {
$id = $_SESSION["session_name"];
require_once 'db_functions.php';
$db = new db_functions();
$user_profile = $db->FindUser($id);
}
?>
<div class="row">
<div class="col-sm-5 col-sm-offset-1">
<div class="flip">
<div class="card" >
<div class="face front"
style=" background-image: url('images/androids.jpg'); background-size: 100% 100%; background-repeat: no-repeat;" > </div>
<div class="face back" style="border-bottom: 13px solid #283848">
<span style="font-family:Arial, Helvetica, sans-serif">
<h2 style="font-family: Gill Sans , Gill Sans MT, sans-serif;color: #283848">Introduction to Android Development</h2>
<h4 style=" font-family:Arial, Helvetica, sans-serif;; color:#404040; align:left;">   Learn the basics of Android and Java programming, and take the first step on your journey to becoming an Android developer!</h4>
<span style="position: absolute; margin-top:-5vw;margin-left:5vw;"><a class="btn btn-warning " href="<?php
<!doctype html>
<html>
<?php
include 'head.php';
?>
<body>
<?php
include 'header.php';
?>
<?php
if (isset($_GET["course_id"])) {
require_once 'db_functions.php';
$db = new db_functions();
$course = $db->getCourseInfo($_GET["course_id"]);
}
?>
<br>
<br>
<div class="container">
<div class="row">
<div class="col-sm-12 course_image_Enroll" id=""> <img src= <?php
echo $course["image_logo"];
?>
class="img-responsive" alt="Responsive image"> </div>
</div>
</div>
<div class="row top-buffer"> <a href="./enrollment_confirm.php?course_id=<?php
session_start();
?>
<html>
<head>
</head>
<body>
<?php
include "../settings.php";
include "../language/{$cfg_language}";
include "../classes/db_functions.php";
include "../classes/security_functions.php";
include "../classes/display.php";
$lang = new language();
$dbf = new db_functions($cfg_server, $cfg_username, $cfg_password, $cfg_database, $cfg_tableprefix, $cfg_theme, $lang);
$sec = new security_functions($dbf, 'Report Viewer', $lang);
if (!$sec->isLoggedIn()) {
header("location: ../login.php");
exit;
}
if (isset($_GET['sale_id'])) {
$sale_id = $_GET['sale_id'];
$customer_id = $_GET['sale_customer_id'];
$sale_date = $_GET['sale_date'];
$temp_first_name = $dbf->idToField("{$cfg_tableprefix}" . 'customers', 'first_name', $customer_id);
$temp_last_name = $dbf->idToField("{$cfg_tableprefix}" . 'customers', 'last_name', $customer_id);
$sale_customer_name = $temp_first_name . ' ' . $temp_last_name;
}
$display = new display($dbf->conn, $cfg_theme, $cfg_currency_symbol, $lang);
$display->displayTitle("{$lang->saleDetails}");
?>
<html>
<head>
</head>
<body>
<?php
include "../settings.php";
include "../language/{$cfg_language}";
include "../classes/db_functions.php";
include "../classes/security_functions.php";
//creates 3 objects needed for this script.
$lang = new language();
$dbf = new db_functions($cfg_server, $cfg_username, $cfg_password, $cfg_database, $cfg_tableprefix, $cfg_theme, $lang);
$sec = new security_functions($dbf, 'Admin', $lang);
//checks if user is logged in.
if (!$sec->isLoggedIn()) {
header("location: ../login.php");
exit;
}
//variables needed globably in this file.
$tablename = "{$cfg_tableprefix}" . 'sales';
$field_names = null;
$field_data = null;
$id = -1;
if (isset($_POST['paid_with']) and isset($_POST['id'])) {
$id = $_POST['id'];
//gets variables entered by user.
$paid_with = $_POST['paid_with'];
<html>
<head>
</head>
<body>
<?php
include "../settings.php";
include "../language/{$cfg_language}";
include "../classes/db_functions.php";
include "../classes/security_functions.php";
include "../classes/form.php";
include "../classes/display.php";
$lang = new language();
$dbf = new db_functions($cfg_server, $cfg_username, $cfg_password, $cfg_database, $cfg_tableprefix, $cfg_theme, $lang);
$sec = new security_functions($dbf, 'Sales Clerk', $lang);
$display = new display($dbf->conn, $cfg_theme, $cfg_currency_symbol, $lang);
if (!$sec->isLoggedIn()) {
header("location: ../login.php");
exit;
}
//set default values, these will change if $action==update.
$first_name_value = '';
$last_name_value = '';
$account_number_value = '';
$phone_number_value = '';
$email_value = '';
$street_address_value = '';
$comments_value = '';
$id = -1;
/**
* File to handle all API requests
* Accepts GET and POST
*
* Each request will be identified by TAG
* Response will be JSON data
/**
* check for POST request
*/
if (isset($_POST['tag']) && $_POST['tag'] != '') {
// get tag
$tag = $_POST['tag'];
// include db handler
require_once 'include/db_functions.php';
$db = new db_functions();
// response Array
$response = array("tag" => $tag, "error" => FALSE);
// check for tag type
if ($tag == 'login') {
// Request type is check Login
$email = $_POST['email'];
$password = $_POST['password'];
// check for user
$user = $db->getUserByEmailAndPassword($email, $password);
if ($user != false) {
// user found
$response["error"] = FALSE;
$response["uid"] = $user["unique_id"];
$response["user"]["name"] = $user["name"];
$response["user"]["email"] = $user["email"];
