<?php include "../include/functions.php"; include "../include/db.php"; include "../include/params.php"; include "../include/dictionary2.php"; ?> <?php error_reporting(E_ALL & ~E_NOTICE & ~E_WARNING); opendb(); $id = (int) NNull($_GET['id'], 0); $type = (int) dlookup("select type from pointsofinterest where id=" . $id); if ($type == 1) { $lat = dlookup("select st_y(st_transform(geom,4326)) lat from pointsofinterest where id=" . $id); $lon = dlookup("select st_x(st_transform(geom,4326)) lon from pointsofinterest where id=" . $id); } else { $lon = dlookup("select st_y(st_centroid(geom)) lon from pointsofinterest where id=" . $id); $lat = dlookup("select st_x(st_centroid(geom)) lat from pointsofinterest where id=" . $id); } echo $lon . '@' . $lat; closedb(); ?>
<?php include "../include/functions.php"; include "../include/db.php"; include "../include/params.php"; include "../include/dictionary2.php"; ?> <?php opendb(); $imeMaterijal = str_replace("'", "''", NNull($_GET['materijalIme'], '')); $posledno = dlookup("select Max(id)+1 from route_material"); $proverka = dlookup("SELECT count(*) FROM route_material WHERE name = '" . $imeMaterijal . "' and clientid = " . Session("client_id")); if ($proverka > 0) { echo 1; } else { $vnesi = query("INSERT into route_material(id,name,clientid) values ('" . $posledno . "','" . $imeMaterijal . "'," . Session("client_id") . "); "); echo 0; } closedb();
<div id="div-add" style="display:none" title=""></div> <div id="dialog-message" title="<?php echo dic("Reports.Message"); ?> " style="display:none"> <p> <span class="ui-icon ui-icon-circle-check" style="float:left; margin:0 7px 50px 0;"></span> <div id="div-msgbox" style="font-size:14px"></div> </p> </div> <?php $id = getQUERY('id'); opendb(); $code = NNull(DlookUP("select Code from organisation where id=" . $id), ""); $name = NNull(DlookUP("select Name from organisation where id=" . $id), ""); $desc = NNull(DlookUP("select Description from organisation where id=" . $id), ""); ?> <table style="padding-left:20px;" class="text2_" width=50%> <tr style="height:10px"></tr> <tr > <td width=20% style="font-weight:bold"><?php dic("Fm.Code"); ?> :</td> <td width=30% style="padding-left:10px"><input id="code" value="<?php echo $code; ?> " type="text" size=22 style="color: #2F5185; font-family: Arial,Helvetica,sans-serif; font-size: 11px; height:25px; border: 1px solid #CCCCCC; border-radius: 5px 5px 5px 5px; width:161px; padding-left:5px"/></td> </tr>
} } // 5-TA KOMBINACIJA AKO E ODBRAN ALARM BEZ DOPOLNITELNI POLINJA // if ($tipNaAlarm != 7 && $tipNaAlarm != 8 && $tipNaAlarm != 9 && $tipNaAlarm != 10 && $tipNaAlarm != 17 && $tipNaAlarm != 18 && $tipNaAlarm != 19 && $tipNaAlarm != 20) { if ($vnesiAlertZa == 1) { $ednoVozilo = str_replace("'", "''", NNull($_GET['voziloOdbrano2'], '')); $posledno = dlookup("select Max(id)+1 from alarms"); $brisi = query("delete from alarms where id = " . $id . " and clientid = " . $cid . ""); $ret = query("insert into alarms values('" . $posledno . "','" . $tipNaAlarm . "','','" . $dostapno . "','" . $emails . "','" . $sms . "','" . $zvukot . "',1," . Session("client_id") . " , '" . $ednoVozilo . "', null, null, null, null, null)"); //RunSQL("update alarms set alarmtypeid = '" . $tipNaAlarm . "', available ='" . $dostapno . "', emails ='" . $emails . "', sms = '" .$sms. "',soundid = '" .$zvukot. "',vehicleid = ".$ednoVozilo.",speed = null,poiid = null,timeofpoi = null,uniqid = null where id = '" . $id . "' and clientid =" .$cid); } /////////////// if ($vnesiAlertZa == 2) { $today = getdate(); $q = '' . $today[0]; $orgEdinica = str_replace("'", "''", NNull($_GET['orgEdinica2'], '')); $najdiVozila = query("select * from vehicles where organisationid = " . $orgEdinica . " and clientid = " . $cid); $brisi = query("delete from alarms where id = " . $id . " and clientid = " . $cid . ""); while ($row = pg_fetch_array($najdiVozila)) { $data[] = $row; } foreach ($data as $row) { $posledno = dlookup("select Max(id)+1 from alarms"); $ret = query("insert into alarms values('" . $posledno . "','" . $tipNaAlarm . "','" . $orgEdinica . "','" . $dostapno . "','" . $emails . "','" . $sms . "','" . $zvukot . "',1," . Session("client_id") . " , '" . $row["id"] . "',NULL,NULL,NULL,'" . $q . "', 2)"); //RunSQL("update alarms set alarmtypeid = '" . $tipNaAlarm . "',settings = ".$orgEdinica." , available ='" . $dostapno . "', emails ='" . $emails . "', sms = '" .$sms. "',soundid = '" .$zvukot. "',vehicleid = ".$row["id"].",speed = null,poiid = null,timeofpoi = null,uniqid = ".$q.",typeofgroup = 2 where id = '" . $id . "' and clientid =" .$cid); } } if ($vnesiAlertZa == 3) { $today = getdate(); $q = '' . $today[0]; $najdiVozila = query("select * from vehicles where clientid = " . $cid);
<?php include "../include/functions.php"; include "../include/db.php"; include "../include/params.php"; include "../include/dictionary2.php"; ?> <?php opendb(); $imeKultura = str_replace("'", "''", NNull($_GET['kulturaIme'], '')); $posledno = dlookup("select Max(id)+1 from route_culture"); $proverka = dlookup("SELECT count(*) FROM route_culture WHERE name = '" . $imeKultura . "' and clientid = " . Session("client_id")); if ($proverka > 0) { echo 1; } else { $vnesi = query("INSERT into route_culture(id,name,clientid) values ('" . $posledno . "','" . $imeKultura . "'," . Session("client_id") . "); "); echo 0; } closedb();
function GetCurrentPosition($RoleID, $ClientID, $UserID) { //if($RoleID == "2") $sqlV = ""; if ($RoleID == "2") { $sqlV = "select id from vehicles where clientid=" . $ClientID; } else { $sqlV = "select vehicleid from uservehicles where userid=" . $UserID . ""; } $ClientTypeID = dlookup("select clienttypeid from clients where id=" . $ClientID); $sqlStyles = ""; $sqlStyles .= "SELECT c1.name engineon, c2.name engineoff, c3.name engineoffpassengeron, c4.name satelliteoff, c5.name taximeteron, c6.name taximeteroffpassengeron, c7.name passiveon, c8.name activeoff "; $sqlStyles .= "from users us "; $sqlStyles .= "left outer join statuscolors c1 on c1.id=us.engineon "; $sqlStyles .= "left outer join statuscolors c2 on c2.id=us.engineoff "; $sqlStyles .= "left outer join statuscolors c3 on c3.id=us.engineoffpassengeron "; $sqlStyles .= "left outer join statuscolors c4 on c4.id=us.satelliteoff "; $sqlStyles .= "left outer join statuscolors c5 on c5.id=us.taximeteron "; $sqlStyles .= "left outer join statuscolors c6 on c6.id=us.taximeteroffpassengeron "; $sqlStyles .= "left outer join statuscolors c7 on c7.id=us.passiveon "; $sqlStyles .= "left outer join statuscolors c8 on c8.id=us.activeoff "; $sqlStyles .= "where us.id=" . $UserID; $dsStyles = query($sqlStyles); //$dsStyles = query("SELECT [c1].[name] [EngineON] from [UserSettings] [us] left outer join [Colors] [c1] on [c1].[id] = [us].[EngineON] where [us].[id]=506"); //echo "select * from (SELECT c1.name EngineON from UserSettings us left outer join Colors c1 on c1.id=us.EngineON where us.UserId=506) t"; //echo odbc_field_name($dsStyles, 1) ; //exit; $sql = ""; //$sql .= "select v.numberofvehicle, v.registration, geonet.dbo.fn_seats_goran(seats) sedista, cp.* "; $sql .= "select cast(v.code as integer), v.registration, '1' sedista, cp.* "; $sql .= "from currentposition cp "; $sql .= "left outer join vehicles v on v.id=cp.vehicleid "; $sql .= "where vehicleid in (" . $sqlV . ") order by cast(v.code as integer) asc"; $ds = query($sql); $str = ""; if ($ClientTypeID == 2) { //ako e taksi kompanija while ($row = pg_fetch_array($ds)) { $lon = $row["longitude"]; $lat = $row["latitude"]; //if($row["LongOrientation"] == "W") $lon = "-" . $lon; //if($row["LatOrientation"] == "S") $lat = "-" . $lat; $stil = ""; $row["sedista"] = NNull($row["sedista"], 0); /*if($row["Ignition"]."" == "0" && $row["sedista"]."" == "0")*/ $stil = pg_fetch_result($dsStyles, 0, "EngineOFF"); //if($row["Ignition"]."" == "0" && $row["sedista"]."" <> "0") $stil = pg_fetch_result($dsStyles, 0, "EngineOFFPassengerON"); //if($row["Ignition"]."" == "1" && $row["sedista"]."" <> "0" && $row["Taximeter"]."" == "0") $stil = pg_fetch_result($dsStyles, 0, "TaximeterOFFPassengerON"); //if($row["Ignition"]."" == "1" && $row["Taximeter"]."" == "1") $stil = pg_fetch_result($dsStyles, 0, "TaximeterON"); //if($row["Ignition"]."" == "1" && $row["sedista"]."" == "0" and $row["Taximeter"]."" == "0") $stil = pg_fetch_result($dsStyles, 0, "EngineON"); //if($row["passive"]."" == "1") $stil = pg_fetch_result($dsStyles, 0, "PassiveON"); if ($row["status"] . "" == "0") { $stil = pg_fetch_result($dsStyles, 0, "SatelliteOFF"); } $str .= "#" . $row["code"] . "|" . $lon . "|" . $lat . "|" . "Gray" . "|" . $row["registration"]; } } else { // Ostanati while ($row = pg_fetch_array($ds)) { $lon = $row["longitude"]; $lat = $row["latitude"]; //if($row["LongOrientation"] == "W") $lon = "-" . $lon; //if($row["LatOrientation"] == "S") $lat = "-" . $lat; $stil = ""; /*if($row["Ignition"]."" == "0") */ $stil = pg_fetch_result($dsStyles, 0, "EngineON"); //if($row["Ignition"]."" == "1") $stil = pg_fetch_result($dsStyles, 0, "EngineOFF"); //if($row["status"] == "1") $stil = pg_fetch_result($dsStyles, 0, "SatelliteOFF"); $str .= "#" . $row["code"] . "|" . $lon . "|" . $lat . "|" . "Gray" . "|" . $row["registration"]; } } return $str; }
<?php include "../include/functions.php"; include "../include/db.php"; include "../include/params.php"; include "../include/dictionary2.php"; ?> <?php opendb(); $vehicleid = str_replace("'", "''", NNull($_GET['id'], '')); $km = str_replace("'", "''", NNull($_GET['odometarVrednost'], '')); /*$informacii = query("select * from currkm WHERE vehicleid = ". $vehicleid); $datumVnesenVeke = pg_fetch_result($informacii, 0, "datetime"); $datumVnesenRacno = DateTimeFormat($datum, "Y-m-d 23:59:59"); $datumVnesenRacnoSPOREDBA = DateTimeFormat($datum, "Y-m-d"); $denesSporedba = strstr(now("Y-m-d H:i:s"), ' ', true);*/ $DENES = now("Y-m-d H:i:s"); $updateCurrKm = query("update currkm set km=" . $km . ", datetime = '" . $DENES . "' where vehicleid=" . $vehicleid); $updateOdometer = query("update odometer set datetime = '" . $DENES . "', km=cast((select calculatecurrkm('" . $vehicleid . "', cast(now() as timestamp))) as numeric(19,6)) where vehicleid=" . $vehicleid); closedb();
<?php include "../include/functions.php"; include "../include/db.php"; ?> <?php include "../include/params.php"; include "../include/dictionary2.php"; session_start(); $un = str_replace("'", "''", NNull($_GET['un'], '')); $proverka = query("SELECT * FROM users WHERE username = '******'"); closedb();
<?php include "../include/db.php"; include "../include/functions.php"; include "../include/params.php"; include "../include/dictionary2.php"; session_start(); header("Content-type: text/html; charset=utf-8"); $pocetok = DateTimeFormat(getQUERY("pocetok"), 'Y-m-d'); $kraj = DateTimeFormat(getQUERY("kraj"), 'Y-m-d'); $kopce = str_replace("'", "''", NNull($_GET['input'], '')); $cid = Session("client_id"); opendb(); $zaId = dlookup("select Max(id)+1 from drivers"); $proverka = query("select * from vehicleslicense"); $LicenseCheck = dlookup("SELECT count(*) FROM vehicleslicense WHERE vehicleid = '" . $kopce . "' and userid = " . $zaId . ""); if ($LicenseCheck > 0) { echo 1; } else { if (pg_num_rows($proverka) == 0) { $posledno = 1; RunSQL("INSERT INTO vehicleslicense(id, vehicleid, clientid, begining, ending, userid) VALUES(" . $posledno . ", " . $kopce . "," . $cid . ",\n \t\t'" . DateTimeFormat($pocetok, "Y-m-d") . "',\n \t\t'" . DateTimeFormat($kraj, "Y-m-d") . "' , " . $zaId . ")"); } else { $posledno = dlookup("select Max(id)+1 from vehicleslicense"); RunSQL("INSERT INTO vehicleslicense(id, vehicleid, clientid, begining, ending, userid) VALUES(" . $posledno . ", " . $kopce . "," . $cid . ",\n \t\t'" . DateTimeFormat($pocetok, "Y-m-d") . "',\n \t\t'" . DateTimeFormat($kraj, "Y-m-d") . "' , " . $zaId . ")"); } } closedb();
<?php include "../include/functions.php"; include "../include/db.php"; include "../include/params.php"; include "../include/dictionary2.php"; session_start(); opendb(); $TIMEFROM = str_replace("'", "''", NNull($_GET['WorkTimeFrom'], '')); $TIMEFROM1 = str_replace("'", "''", NNull($_GET['WorkTimeFrom1'], '')); $TIMETO = str_replace("'", "''", NNull($_GET['WorkTimeTo'], '')); $TIMETO1 = str_replace("'", "''", NNull($_GET['WorkTimeTo1'], '')); $TIMESHIFT = str_replace("'", "''", NNull($_GET['WorkTimeShift'], '')); $TIMETYPE = str_replace("'", "''", NNull($_GET['WorkTimeType'], '')); $posledno = dlookup("select Max(id)+1 from worktime"); if ($TIMETYPE == 9) { $workCheck1 = dlookup("SELECT count(*) FROM worktime WHERE daytype = 6 and shift = '" . $TIMESHIFT . "' and clientid = " . Session("client_id")); $workCheck2 = dlookup("SELECT count(*) FROM worktime WHERE daytype = 7 and shift = '" . $TIMESHIFT . "' and clientid = " . Session("client_id")); if ($workCheck1 || $workCheck2 > 0) { echo 1; exit; } else { $vnesi11 = query("INSERT into worktime(clientid,shift,daytype,timefrom,timeto) values (" . Session("client_id") . ",'" . $TIMESHIFT . "',6,'" . $TIMEFROM . "" . $TIMEFROM1 . "' ,'" . $TIMETO . "" . $TIMETO1 . "'); "); $vnesi22 = query("INSERT into worktime(clientid,shift,daytype,timefrom,timeto) values (" . Session("client_id") . ",'" . $TIMESHIFT . "',7,'" . $TIMEFROM . "" . $TIMEFROM1 . "' ,'" . $TIMETO . "" . $TIMETO1 . "'); "); exit; } } if ($TIMETYPE == 10) { $workCheck3 = dlookup("SELECT count(*) FROM worktime WHERE daytype = 1 and shift = '" . $TIMESHIFT . "' and clientid = " . Session("client_id")); $workCheck4 = dlookup("SELECT count(*) FROM worktime WHERE daytype = 2 and shift = '" . $TIMESHIFT . "' and clientid = " . Session("client_id")); $workCheck5 = dlookup("SELECT count(*) FROM worktime WHERE daytype = 3 and shift = '" . $TIMESHIFT . "' and clientid = " . Session("client_id"));
<?php session_start(); header("Content-type: text/html; charset=utf-8"); $ua = getBrowser(); $yourbrowser = (bool) strpos($ua['userAgent'], "iPad"); $yourbrowser1 = (bool) strpos($ua['userAgent'], "Macintosh"); opendb(); $Allow = getPriv("privilegesuser", session("user_id")); if ($Allow == False) { echo header('Location: ../permission/?l=' . $cLang); } if (is_numeric(nnull(session("user_id"))) == false) { echo header("Location: ../sessionexpired/?l=" . $cLang); } $userID = str_replace("'", "''", NNull($_GET['uid'], '')); $dsUsers = query("select id, fullname, roleid from users where id=" . $userID); $ds = query("select allowedrouting, allowedfm from clients where id=" . session("client_id")); $allowedR = pg_fetch_result($ds, 0, "allowedrouting"); $allowedF = pg_fetch_result($ds, 0, "allowedfm"); $reports = "checked='checked'"; $settings = "checked='checked'"; $routes = "checked='checked'"; $insertpoi = "checked='checked'"; $viewpoi = "checked='checked'"; $insertzone = "checked='checked'"; $viewzone = "checked='checked'"; $livetracking = "checked='checked'"; $dashboard = "checked='checked'"; $fleetreport = "checked='checked'"; $overview = "checked='checked'";
<?php include "../include/functions.php"; include "../include/db.php"; ?> <?php include "../include/params.php"; include "../include/dictionary2.php"; session_start(); header("Expires: Mon, 20 Jul 2000 05:00:00 GMT"); header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT"); header("Cache-Control: no-store, no-cache, must-revalidate"); header("Cache-Control: post-check=0, pre-check=0", FALSE); header("Pragma: no-cache"); set_time_limit(0); $name = str_replace("'", "''", NNull($_GET['name'], '')); print SearchLocation($name);
<?php include "../include/functions.php"; include "../include/db.php"; ?> <?php include "../include/params.php"; include "../include/dictionary2.php"; session_start(); header("Expires: Mon, 20 Jul 2000 05:00:00 GMT"); header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT"); header("Cache-Control: no-store, no-cache, must-revalidate"); header("Cache-Control: post-check=0, pre-check=0", FALSE); header("Pragma: no-cache"); set_time_limit(0); $_lon1 = str_replace("'", "''", NNull($_GET['lon1'], '')); $_lat1 = str_replace("'", "''", NNull($_GET['lat1'], '')); $_lon2 = str_replace("'", "''", NNull($_GET['lon2'], '')); $_lat2 = str_replace("'", "''", NNull($_GET['lat2'], '')); /*$_lon1 = "21.424884"; $_lat1 = "41.995976"; $_lon2 = "21.42207"; $_lat2 = "42.002685";*/ $lonlat = getLineCoords($_lon1, $_lat1, $_lon2, $_lat2); print $lonlat; //Response.Write(" ")
<?php include "../include/functions.php"; include "../include/db.php"; ?> <?php include "../include/params.php"; include "../include/dictionary2.php"; ?> <?php opendb(); $id = str_replace("'", "''", NNull($_GET['id1'], '')); $name = str_replace("'", "''", NNull($_GET['GroupName'], '')); $color = str_replace("'", "''", NNull($_GET['ColorName'], '')); $image = str_replace("'", "''", NNull($_GET['image'], '0')); echo "update pointsofinterestgroups set fillcolor = '" . $color . "', name ='" . $name . "', strokecolor = '#000000', image = " . (int) $image . " where id = '" . $id . "' and clientid =" . Session("client_id"); RunSQL("update pointsofinterestgroups set fillcolor = '" . $color . "', name ='" . $name . "', strokecolor = '#000000', image = " . (int) $image . " where id = '" . $id . "' and clientid =" . Session("client_id")); closedb();
<?php include "../include/functions.php"; include "../include/db.php"; ?> <?php include "../include/params.php"; include "../include/dictionary2.php"; ?> <?php header("Expires: Mon, 20 Jul 2000 05:00:00 GMT"); header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT"); header("Cache-Control: no-store, no-cache, must-revalidate"); header("Cache-Control: post-check=0, pre-check=0", FALSE); header("Pragma: no-cache"); set_time_limit(0); opendb(); $_pass = str_replace("'", "''", NNull($_GET['pass'], '')); $ds = query("select password from users where id=" . session("user_id")); $_passServer = pg_fetch_result($ds, 0, "password"); if ($_pass == $_passServer) { echo 1; } else { echo 0; } closedb();
<?php include "../include/functions.php"; include "../include/db.php"; ?> <?php include "../include/params.php"; include "../include/dictionary2.php"; session_start(); $ime = str_replace("'", "''", NNull($_GET['ime'], '')); $prezime = str_replace("'", "''", NNull($_GET['prezime'], '')); $email = str_replace("'", "''", NNull($_GET['email'], '')); $telefon = str_replace("'", "''", NNull($_GET['telefon'], '')); $username = str_replace("'", "''", NNull($_GET['username'], '')); $password = str_replace("'", "''", NNull($_GET['password1'], '')); if ($telefon == "") { $telefon == ""; } $uid = Session("user_id"); $cid = Session("client_id"); opendb(); $userCheck = dlookup("SELECT count(*) FROM users WHERE username = '******'"); $city = dlookup("SELECT cityid FROM clients WHERE id = '" . $cid . "'"); $dsAll = query("select longitude, latitude from cities where id=" . $city); $latC = pg_fetch_result($dsAll, 0, "latitude"); $longC = pg_fetch_result($dsAll, 0, "longitude"); $url = "http://ws.geonames.org/timezone?lat=" . $latC . "&lng=" . $longC . "&username=geonetgps&style=full"; $xml = simplexml_load_file($url); $tzoneUser = $xml->timezone->dstOffset; $url = "http://ws.geonames.org/timezone?lat=41.995900&lng=21.431500&username=geonetgps&style=full"; $xml = simplexml_load_file($url);
include "../include/dictionary2.php"; set_time_limit(0); opendb(); $n = str_replace("'", "''", NNull($_GET['n'], '')); $_avail = str_replace("'", "''", NNull($_GET['avail'], '')); $_ppgid = str_replace("'", "''", NNull($_GET['ppgid'], '')); $em = str_replace("'", "''", NNull($_GET['e'], '')); $ph = str_replace("'", "''", NNull($_GET['ph'], '')); $p = str_replace("'", "''", NNull($_GET['p'], '')); $alvl = str_replace("'", "''", NNull($_GET['alvl'], '')); $aliz = str_replace("'", "''", NNull($_GET['aliz'], '')); $sidx = str_replace("'", "''", NNull($_GET['sidx'], '')); $oeid = str_replace("'", "''", NNull($_GET['oeid'], '')); $selveh = str_replace("'", "''", NNull($_GET['selveh'], '')); $type = str_replace("'", "''", NNull($_GET['type'], '')); $_lang = str_replace("'", "''", NNull($_GET['l'], '')); $cLang = $_lang; $strPoly = "POLYGON(("; if ($p != '0') { $a = explode("^", $p); for ($i = 1; $i < sizeof($a); $i++) { $b = explode("@", $a[$i]); $strPoly .= $b[1] . " " . $b[0] . ","; //RunSQL("insert into AreaPoints(AreaID, Longitude, Latitude) values (" . $ida . ", '" . $b[0] . "', '" . $b[1] . "')"); } $strPoly = substr($strPoly, 0, strlen($strPoly) - 1) . "))"; } else { $strPoly = "POLYGON((42.003263 21.395151,41.04 21.04,42 22,41.04 21.04,42.00 22.00,42.003263 21.395151))"; } $sql1 = "insert into pointsofinterest(clientid, groupid, name, geom, type, radius, available, userid, povrsina) Values ('" . session("client_id") . "', " . $_ppgid . ", N'" . $n . "', ST_PolygonFromText('" . $strPoly . "', 26986), '" . $type . "', '50', '" . $_avail . "', '" . session("user_id") . "', ST_Area(ST_SetSRID(ST_PolygonFromText('" . $strPoly . "'),3035))*1000000000)"; $id = dlookup($sql1 . " RETURNING id");
<?php include "../include/functions.php"; include "../include/db.php"; ?> <?php include "../include/params.php"; include "../include/dictionary2.php"; session_start(); $userID = str_replace("'", "''", NNull($_GET['uid'], '')); $ve = str_replace("'", "''", NNull($_GET['ve'], '')); opendb(); $vehicles = explode(";", $ve); $bris = query("delete from uservehicles where userid = " . $userID); if (sizeof($vehicles) > 1) { for ($i = 1; $i < sizeof($vehicles); $i++) { if ($vehicles[$i] != "undefined") { $vnes = query("insert into uservehicles (userid, vehicleid) values (" . $userID . ", " . intval($vehicles[$i]) . ")"); } } } closedb();
if ($tipNaAlarm == 10) { $vreme = str_replace("'", "''", NNull($_GET['vreme'], '')); $ImeNaTocka = str_replace("'", "''", NNull($_GET['ImeNaTocka'], '')); $posledno = dlookup("select Max(id)+1 from alarms"); $ret = query("insert into alarms values('" . $posledno . "','" . $tipNaAlarm . "','','" . $dostapno . "','" . $email . "','" . $sms . "','" . $zvukot . "',1," . Session("client_id") . " , '" . $vehicleid . "',0,'" . $vreme . "','" . $ImeNaTocka . "')"); } if ($tipNaAlarm == 9) { $tockaIzlez = str_replace("'", "''", NNull($_GET['ImeNaZonaIzlez'], '')); $posledno = dlookup("select Max(id)+1 from alarms"); $ret = query("insert into alarms values('" . $posledno . "','" . $tipNaAlarm . "','','" . $dostapno . "','" . $email . "','" . $sms . "','" . $zvukot . "',1," . Session("client_id") . " , '" . $vehicleid . "',0,0,'" . $tockaIzlez . "')"); } if ($tipNaAlarm == 8) { $tockaVlez = str_replace("'", "''", NNull($_GET['ImeNaZonaVlez'], '')); $posledno = dlookup("select Max(id)+1 from alarms"); $ret = query("insert into alarms values('" . $posledno . "','" . $tipNaAlarm . "','','" . $dostapno . "','" . $email . "','" . $sms . "','" . $zvukot . "',1," . Session("client_id") . " , '" . $vehicleid . "',0,0,'" . $tockaVlez . "')"); } if ($tipNaAlarm == 7) { $NadminataBrzina = str_replace("'", "''", NNull($_GET['NadminataBrzina'], '')); $posledno = dlookup("select Max(id)+1 from alarms"); $ret = query("insert into alarms values('" . $posledno . "','" . $tipNaAlarm . "','','" . $dostapno . "','" . $email . "','" . $sms . "','" . $zvukot . "',1," . Session("client_id") . " , '" . $vehicleid . "', '" . $NadminataBrzina . "')"); } if ($tipNaAlarm == 17 or $tipNaAlarm == 18 or $tipNaAlarm == 19 or $tipNaAlarm == 20) { $remindme = str_replace("'", "''", NNull($_GET['remindme'], '')); $posledno = dlookup("select Max(id)+1 from alarms"); $ret = query("insert into alarms (id, alarmtypeid, available, emails, soundid, snooze, clientid, vehicleid, remindme)\n\t\tvalues('" . $posledno . "','" . $tipNaAlarm . "','" . $dostapno . "','" . $email . "','" . $zvukot . "',1," . Session("client_id") . ",'" . $vehicleid . "','" . $remindme . "')"); } if ($tipNaAlarm != 7 && $tipNaAlarm != 8 && $tipNaAlarm != 9 && $tipNaAlarm != 10 && $tipNaAlarm != 17 && $tipNaAlarm != 18 && $tipNaAlarm != 19 && $tipNaAlarm != 20) { $posledno = dlookup("select Max(id)+1 from alarms"); $ret = query("insert into alarms values('" . $posledno . "','" . $tipNaAlarm . "','','" . $dostapno . "','" . $email . "','" . $sms . "','" . $zvukot . "',1," . Session("client_id") . " , '" . $vehicleid . "')"); } closedb();
include "../include/functions.php"; include "../include/db.php"; ?> <?php include "../include/params.php"; include "../include/dictionary2.php"; session_start(); header("Expires: Mon, 20 Jul 2000 05:00:00 GMT"); header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT"); header("Cache-Control: no-store, no-cache, must-revalidate"); header("Cache-Control: post-check=0, pre-check=0", FALSE); header("Pragma: no-cache"); set_time_limit(0); opendb(); $_ida = str_replace("'", "''", NNull($_GET['ida'], '')); $dsAP = query("select areapoints from addareatemp where pointsofinterestid=" . $_ida . " order by index asc"); $strArrPoints = ""; while ($row = pg_fetch_array($dsAP)) { $strArrPoints .= $row["areapoints"] . ""; } $a = explode("^", $strArrPoints); $strPoly = "POLYGON(("; for ($i = 1; $i < sizeof($a); $i++) { $b = explode("@", $a[$i]); $strPoly .= $b[1] . " " . $b[0] . ","; //RunSQL("insert into AreaPoints(AreaID, Longitude, Latitude) values (" . $_ida . ", '" . $b[0] . "', '" . $b[1] . "')"); } $strPoly = substr($strPoly, 0, strlen($strPoly) - 1) . "))"; //$_id = DlookUP("select ForeignID from Areas where ID=" . $_ida); RunSQL("update pointsofinterest set geom = ST_PolygonFromText('" . $strPoly . "', 26986), povrsina=ST_Area(ST_SetSRID(ST_PolygonFromText('" . $strPoly . "'),3035))*1000000000 where id= " . $_ida);
<?php include "../include/functions.php"; include "../include/db.php"; ?> <?php include "../include/params.php"; include "../include/dictionary2.php"; ?> <?php opendb(); $idTocki = str_replace("'", "''", NNull($_GET['selektiraniActive'], '')); RunSQL("update pointsofinterest set active = B'1' where id in (" . $idTocki . ")"); RunSQL("INSERT INTO poiactivetimestatus(idpoi, active)\n\tSELECT cast(id as integer), '1' active\n\tFROM unnest(string_to_array('" . $idTocki . "',',')) g(id)"); closedb();
<?php include "../include/functions.php"; include "../include/db.php"; ?> <?php include "../include/params.php"; include "../include/dictionary2.php"; session_start(); $veh = str_replace("'", "''", NNull($_GET['veh'], '')); $reg = str_replace("'", "''", NNull($_GET['reg'], '')); $no = str_replace("'", "''", NNull($_GET['no'], '')); opendb(); RunSQL("UPDATE Vehicles SET registration='" . $reg . "', code = " . intval($no) . " WHERE id = " . intval($veh) . ""); closedb();
<?php include "../include/functions.php"; include "../include/db.php"; ?> <?php include "../include/params.php"; include "../include/dictionary2.php"; ?> <?php opendb(); ?> <?php $id = str_replace("'", "''", NNull($_GET['id'], '')); $mehanizacija = str_replace("'", "''", NNull($_GET['mehanizacijaIme'], '')); $mehanizacijaRange = str_replace(",", ".", NNull($_GET['mehanizacijaRange'], '')); if ($mehanizacijaRange == "") { $mehanizacijaRange = 0; } $mehanizacijaCheck = dlookup("SELECT count(*) FROM route_mechanisation WHERE clientid = " . Session("client_id") . " and name = '" . $mehanizacija . "' and name not in (select name from route_mechanisation where id=" . $id . ")"); if ($mehanizacijaCheck > 0) { echo 1; } else { $updt = query("update route_mechanisation set name = '" . $mehanizacija . "', range = " . $mehanizacijaRange . " where id = '" . $id . "' and clientid = " . Session("client_id")); } closedb();
<?php include "../include/functions.php"; include "../include/db.php"; ?> <?php include "../include/params.php"; include "../include/dictionary2.php"; ?> <?php opendb(); $idTocki = str_replace("'", "''", NNull($_GET['selektirani'], '')); $groupid = str_replace("'", "''", NNull($_GET['groupid'], '')); RunSQL("update pointsofinterest set groupid = " . $groupid . " where id in (" . $idTocki . ")"); closedb();
<?php include "../include/functions.php"; include "../include/db.php"; include "../include/params.php"; include "../include/dictionary2.php"; ?> <?php opendb(); $vozacID = str_replace("'", "''", NNull($_GET['id'], '')); $kartickaID = str_replace("'", "''", NNull($_GET['kartickataID'], '')); $posledno = dlookup("select Max(id)+1 from drivercard"); $workCheck = dlookup("SELECT count(*) FROM drivercard WHERE driverid = '" . $vozacID . "' and cardid = " . $kartickaID); if ($workCheck > 0) { echo 1; exit; } else { $vnesi = query("INSERT into drivercard(id,driverid,cardid) values ('" . $posledno . "','" . $vozacID . "'," . $kartickaID . "); "); echo 0; } closedb();
<?php include "../include/params.php"; include "../include/dictionary2.php"; ?> <?php opendb(); ?> <script> lang = '<?php echo $cLang; ?> '; </script> <?php $id = str_replace("'", "''", NNull($_GET['selektirani'], '')); ?> <p><?php echo dic("Settings.SelectPOI"); ?> </p> <br><br> <div align = "left"> <label class="text5"> <?php echo dic("Tracking.Group"); ?> :</label> <?php $find = query("SELECT id,name from pointsofinterestgroups where clientid = " . Session("client_id") . "order by name"); $n = 1;
<?php include "../include/functions.php"; include "../include/db.php"; ?> <?php include "../include/params.php"; include "../include/dictionary2.php"; session_start(); header("Expires: Mon, 20 Jul 2000 05:00:00 GMT"); header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT"); header("Cache-Control: no-store, no-cache, must-revalidate"); header("Cache-Control: post-check=0, pre-check=0", FALSE); header("Pragma: no-cache"); set_time_limit(0); opendb(); $uid = str_replace("'", "''", NNull($_GET['uid'], '')); $order = str_replace("'", "''", NNull($_GET['order'], '')); //echo "select getGeocode(" . $lat . "," . $lon . ") geocode"; $temp = query("update users set menuorder=" . $order . " where id=" . $uid); echo "Ok"; closedb();
<?php include "../include/functions.php"; include "../include/db.php"; ?> <?php include "../include/params.php"; include "../include/dictionary2.php"; session_start(); $id = str_replace("'", "''", NNull($_GET['id'], '')); opendb(); $daliUniqId = dlookup("select uniqid from alarms where id = " . $id . " and clientid =" . Session("client_id")); if ($daliUniqId != "") { $brisi = query("Delete from alarms where uniqid = " . $daliUniqId . " and clientid =" . Session("client_id")); } else { $brisi = query("Delete from alarms where id = " . $id . " and clientid =" . Session("client_id")); } closedb();
* 6 - празник за српската заедница * 7 - празник за ромската заедница * 8 - празник за влашката заедница * 9 - празник за еврејската заедница * 10 - празник за бошњачката заедница * 11 - празник за турската заедница * */ $imePraznik = str_replace("'", "''", NNull($_GET['imePraznik'], '')); $datum = DateTimeFormat(getQUERY("Datum"), 'Y-m-d'); opendb(); $tipDen = str_replace("'", "''", NNull($_GET['tipDen'], '')); //$den = str_replace("'", "''", NNull($_GET['den'], '')); $den = dlookup("select getdayofweek(cast('" . $datum . "' as date))"); $color = str_replace("'", "''", NNull($_GET['boja'], '')); $tipPraznik = str_replace("'", "''", NNull($_GET['tipPraznik'], '')); if ($tipDen == 8) { $proverka = query("select * from companydays"); if (pg_num_rows($proverka) == 0) { $vnes = query("insert into companydays(id,clientid,dayname,typeofday,datum,companyholiday,cellcolor\t,typeofholiday) values(1," . Session("client_id") . ",N'" . $imePraznik . "','" . $den . "','" . DateTimeFormat($datum, "Y-m-d") . "','" . $tipDen . "','#" . $color . "','" . $tipPraznik . "'); "); } else { $posledno = dlookup("select Max(id)+1 from companydays"); $vnes = query("insert into companydays(id,clientid,dayname,typeofday,datum,companyholiday,cellcolor,typeofholiday) values('" . $posledno . "'," . Session("client_id") . ",N'" . $imePraznik . "','" . $den . "','" . DateTimeFormat($datum, "Y-m-d") . "','" . $tipDen . "','#" . $color . "','" . $tipPraznik . "'); "); } } else { $proverka = query("select * from companydays"); if (pg_num_rows($proverka) == 0) { $vnes = query("insert into companydays(id,clientid,dayname,typeofday,datum,companyholiday,cellcolor) values(1," . Session("client_id") . ",N'" . $imePraznik . "','" . $den . "','" . DateTimeFormat($datum, "Y-m-d") . "','" . $tipDen . "','#" . $color . "'); "); } else { $posledno = dlookup("select Max(id)+1 from companydays"); $vnes = query("insert into companydays(id,clientid,dayname,typeofday,datum,companyholiday,cellcolor) values('" . $posledno . "'," . Session("client_id") . ",N'" . $imePraznik . "','" . $den . "','" . DateTimeFormat($datum, "Y-m-d") . "','" . $tipDen . "','#" . $color . "'); ");
<?php include "../include/functions.php"; include "../include/db.php"; ?> <?php include "../include/params.php"; include "../include/dictionary2.php"; session_start(); opendb(); $id = str_replace("'", "''", NNull($_GET['id'], '')); $ime = str_replace("'", "''", NNull($_GET['name'], '')); $prezime = str_replace("'", "''", NNull($_GET['lastname'], '')); $email = str_replace("'", "''", NNull($_GET['email'], '')); $telefon = str_replace("'", "''", NNull($_GET['phone'], '')); $username = str_replace("'", "''", NNull($_GET['username'], '')); $pomosno = str_replace("'", "''", NNull($_GET['pomosno'], '')); $userCheck = dlookup("SELECT count(*) FROM users WHERE username = '******' and username not in (select username from users where id=" . $id . ")"); if ($userCheck > 0) { echo 1; } elseif ($pomosno == 1) { $password = str_replace("'", "''", NNull($_GET['passwordstar'], '')); $updt = query("update users set fullname = '" . $ime . " " . $prezime . "', username='******', password='******', email='" . $email . "', phone = '" . $telefon . "' where id = " . $id . " and clientid = " . Session("client_id")); print $id; } else { $passwordNov = str_replace("'", "''", NNull($_GET['passwordNov'], '')); $updt = query("update users set fullname = '" . $ime . " " . $prezime . "', username='******', password='******', email='" . $email . "', phone = '" . $telefon . "' where id = " . $id . " and clientid = " . Session("client_id")); print $id; } closedb();