Пример #1
0
<?php

include './../../../config.php';
include './../../../lib.php';
if (!b_antisqlinjection($_GET['id_kelompok'])) {
    die;
}
if (!empty($_GET['nomor_id'])) {
    $csql = "select * from kegiatan where id_kelompok=" . $_GET['nid'];
    if ($nresult = gcms_query($csql)) {
        $row = gcms_fetch_object($nresult);
        ?>
 			document.getElementById('nid').value="<?php 
        echo $row->id_kelompok;
        ?>
";
			
<?php 
    }
} else {
    ?>
		document.getElementById('nid').value='';
<?php 
}
Пример #2
0
/**
 * Login
 *
 * @param string $cuser
 * @param string $cuser
 * @param boolean $bcookies
 *
 * @return boolean
 *
 */
function b_login($cuser, $cpass)
{
    $breturn = false;
    if (b_antisqlinjection($cuser) and b_antisqlinjection($cpass)) {
        /*
            if(b_cookies_check())
        	   		$csql='select nid from '.PREFIX	.'users where cuser=\''.base64_decode($_COOKIE['b']).'\' and cpass=\''.md5(base64_decode($_COOKIE['a'])).'\'';
        		else
        */
        $csql = 'select nid from ' . PREFIX . 'users where cuser=\'' . $cuser . '\' and cpass=\'' . md5($cpass) . '\'';
        $nid = b_fetch($csql);
        if (trim($nid) != '') {
            if (isset($_SESSION['nid_login'])) {
                unset($_SESSION['nid_login']);
            }
            $_SESSION['nid_login'] = $nid;
            $csql = "insert into " . PREFIX . "history (nid_users, dlogin, cip) " . "values ('{$nid}', " . gcms_now() . ", '" . $_SERVER["REMOTE_ADDR"] . "')";
            gcms_query($csql);
            $breturn = true;
        }
        //		if(REMEMBER) b_cookies_create();
    }
    return $breturn;
}
Пример #3
0
<?php

//experiment
ob_start("ob_gzhandler");
session_start();
session_regenerate_id();
include "./../config.php";
include "./../lib.php";
b_startup();
if (!b_antisqlinjection($_REQUEST['csub'])) {
    die;
}
include 'header-admin.php';
if (!b_logged()) {
    include 'login.php';
} else {
    include 'menu.php';
    if ($_REQUEST['cact'] == 0) {
        include 'dashboard.php';
    } else {
        if ($bdash) {
            include 'extension.php';
        } else {
            if (isset($cpath)) {
                ?>
<div class="judul"><?php 
                echo $ainfo['name'];
                ?>
</div>
<?php 
                $ainfo = b_readinit(str_replace(".php", ".init.php", $cpath));
Пример #4
0
/**
 * Mendapatkan title berdasarkan menu yang dipilih
 *
 * @param string $cpage
 * @return unknown
 */
function menu_get_title($cpage)
{
    if (b_antisqlinjection($cpage) and $cpage != "") {
        if (b_admin(b_getuserlogin())) {
            $csql = "select * from " . PREFIX . "frontmenus where nid='" . $cpage . "'";
        } else {
            $csql = "select a.* from " . PREFIX . "frontmenus as a\r\n\t\t       left join " . PREFIX . "grantedfrontmenus as b on a.nid=b.nid_frontmenus\r\n\t\t       where a.nid='" . $cpage . "' and \r\n\t\t       (b.nid_users='" . b_getuserlogin() . "' or a.bsecure=0)";
        }
        $nresult = gcms_query($csql);
        $opage = gcms_fetch_object($nresult);
        $csql = "select cgroup from " . PREFIX . "groupfrontmenus where nid='" . $opage->nid_groupfrontmenus . "'";
        $creturn = b_fetch($csql) . " - " . $opage->cmenu;
        return $creturn;
    }
}
Пример #5
0
        }
        /* ubah id data yang dihapus ke dalam bentuk array */
        ${$daftar . '_deleted'} = array();
        $ds = explode(",", $_REQUEST[$daftar . '_deleted']);
        foreach ($ds as $d) {
            if ($d) {
                ${$daftar . '_deleted'}[] = $d;
            }
        }
    }
}
/* pada awalnya, untuk konek ke ekstensi disini, yaitu melalui 'page' yang akan menuju ke fungsi terkait di ekstensi
 * ke depan perlu mekanisme baru yang memungkinkan suatu ekstensi diakses tanpa lewat menu seperti terjadi di request data, 
 * buka pilihan dari modul lain, dll
 * 
 * --------------- PERLU DIPIKIRKAN DAN DIBENAHI LAGI ------------------
 */
/* perlu reverse untuk pemanggilan menggunakan nama modul dan fungsi - backward compatibility */
if (!$_REQUEST['page'] && $_REQUEST['mod'] && $_REQUEST['func']) {
    if (b_antisqlinjection($_REQUEST['mod']) && b_antisqlinjection($_REQUEST['func'])) {
        $func = $_REQUEST['func'];
        $csql = "select * from g_frontmenus where cfunction = '" . $func . "'";
        $page = gcms_fetch_object(gcms_query($csql))->nid;
        if (!$page) {
            $func = "m_" . $_REQUEST['mod'] . "_" . $_REQUEST['func'];
            $csql = "select * from g_frontmenus where cfunction = '" . $func . "'";
            $page = gcms_fetch_object(gcms_query($csql))->nid;
        }
        $_REQUEST['page'] = $page;
    }
}