function cleanVar($data)
{
if (is_array($data)) {
foreach ($data as $key => $value) {
unset($data[$key]);
$data[$key] = cleanVar($value);
}
} else {
$data = htmlspecialchars($data, ENT_COMPAT, 'UTF-8');
}
return $data;
}
function getVarClean($name, $type = '', $defaultValue = NULL)
{
$var = getVar($name);
$var = cleanVar($var);
if ($var == '' && $defaultValue !== NULL) {
return $defaultValue;
}
if (!isset($type)) {
return $var;
}
switch ($type) {
case 'bool':
if (is_bool($var)) {
return $var;
}
break;
case 'str':
case 'string':
if (is_string($var)) {
return $var;
}
break;
case 'object':
if (is_object($var)) {
return $var;
}
break;
case 'array':
if (is_array($var)) {
return $var;
}
break;
case 'float':
case 'int':
case 'numeric':
if (is_numeric($var)) {
return $var;
}
break;
default:
return $var;
}
if (isset($defaultValue)) {
return $defaultValue;
}
return '';
}
$message = user_generate_token($username, $phoneNum);
} else {
if (isset($_POST['username']) && isset($_POST['password'])) {
$message = user_login($username, $password);
}
}
header("Location: two-factor-voice.php?message=" . urlencode($message));
exit;
}
?>
<html>
<body>
<p>Please enter a username, and a phone number you can be reached at, we will then call you with your one-time password</p>
<span id="message">
<?php
echo cleanVar('message');
$action = isset($_SESSION['password']) ? 'login' : 'token';
?>
</span>
<form id="reset-form" method="POST" class="center">
<input type="hidden" name="action" value="<?php
echo $action;
?>
" />
<p>Username: <input type="text" name="username" id="username" value="<?php
echo $_SESSION['username'];
?>
" /></p>
<?php
if (isset($_SESSION['password'])) {
?>
function reporteCsv($data)
{
global $db, $db2, $hoy, $sesIdOficina;
$sesIdUsuario = $_SESSION[sesIdUsuario];
$fec1 = $data[fec1];
$fec2 = $data[fec2];
$tipoRep = $data[tipoRep];
$sepa = $data[sepa];
$idNaviera = $data[idNaviera];
$idOficina = $data[idOficina];
$oficina = getValueTable("oficina", "OFICINA", "id_oficina", $idOficina);
$oficina = strtoupper($oficina);
$cliente = $data[cliente];
// Se crea el archivo
$archivo = "../files/repGuias.csv";
$fp = fopen("{$archivo}", "w");
// Encabezado
fputs($fp, $enc);
$enc = "REPORTE DE GUIAS DE EMBARQUE \n";
fputs($fp, $enc);
$enc = "OFICINA : {$oficina} \n";
fputs($fp, $enc);
$enc = "MODULO : TRAFICO \n";
fputs($fp, $enc);
$enc = "F.EMISION: {$hoy} \n\n";
fputs($fp, $enc);
// -----------------------------------
// COLUMNAS
// -----------------------------------
$enc = "Fecha" . $sepa . "Status" . $sepa . "No.Pedido" . $sepa . "OS/No.Guia" . $sepa . "No.Consecu" . $sepa . "Ctr" . $sepa . "Tamano" . $sepa;
$enc .= "BKG" . $sepa . "Sello" . $sepa . "Naviera" . $sepa . "Contrato" . $sepa . "Destinatario" . $sepa;
$enc .= "Trayecto Ruta" . $sepa . "Movimiento" . $sepa;
$enc .= "Dir.Destino.Cliente" . $sepa . "A.Aduanal" . $sepa . "Tra.Uni" . $sepa . "Tra.Pla" . $sepa . "Operador" . $sepa;
$enc .= "Viaja x Pistas" . $sepa . "Capturo" . $sepa . "Modifico" . $sepa . "Oficina" . $sepa . "CANCELO USR" . $sepa . "CANCELO_FEC" . $sepa . "CANCELO_MOTIVO" . $sepa . "Notas" . $sepa;
$enc .= "Ref." . $sepa . "Toma de vacios" . $sepa . "IngresoLlego" . $sepa . "SaleLleno" . $sepa . "IngresaVacio" . $sepa . "SaleVacio";
$enc .= "ST.FL.FALSO" . $sepa . "FF.CAPTURO" . $sepa . "FF.FECHA" . $sepa . "FF.MOTIVO" . $sepa . "";
$enc .= "\n";
fputs($fp, $enc);
// -----------------------------------
// DATOS
// -----------------------------------
// Si la consulta es por cliente :
if (!empty($cliente)) {
$sql = "select id_cliente from CLIENTE where cliente like '%{$cliente}%'";
$db->query($sql);
while ($db->next_record()) {
$idCli = $db->f(id_cliente);
$arrIdCliente[] = $idCli;
}
if (is_array($arrIdCliente)) {
$idsCli = implode(",", $arrIdCliente);
}
}
$sql = "SELECT ";
$sql .= "p.mov as MOV,g.cap_fec as CAPFEC, ";
$sql .= "g.folio as FOLIO,g.id_contenedor as IDCONTE, ";
$sql .= "p.bkg as BKG,p.id_naviera as IDNAV,p.id_cliente as IDCLI, ";
$sql .= "g.ruta as RUTA,p.destinatario_dom as DESTDOM, ";
$sql .= "p.aa as AA,g.sello as SELLO, ";
$sql .= "g.operador as OPERA,g.autopista as AUTOPISTA,g.nota as NOTAS, ";
$sql .= "g.tra_uni as TRAUNI,g.tra_pla as TRAPLA, ";
$sql .= "g.cap_id_usr as CAPIDUSR, g.mod_id_usr as MODIDUSR, ";
$sql .= "p.destinatario as DEST, ";
$sql .= "p.id_oficina as IDOFI, ";
$sql .= "g.st_reg as STREG,";
$sql .= "g.serie as FOLIOSER,";
$sql .= "g.folio as FOLIONUM, ";
$sql .= "p.id_pedido as IDPEDIDO, ";
$sql .= "g.baja_id_usr as BAJAIDUSR,";
$sql .= "g.baja_fec as BAJAFEC,";
$sql .= "g.baja_motivo as BAJAMOTIVO,g.referencia as REFE, ";
$sql .= "p.remitente as TOMAVACIO, ";
$sql .= "g.ter_llega as TERLLEGA,";
$sql .= "g.ter_sale as TERSALE,";
$sql .= "g.ter_vac_llega as TERVACLLEGA,";
$sql .= "g.ter_vac_sale as TERVACSALE, ";
$sql .= "g.ff_st as FFST,";
$sql .= "g.ff_fec as FFFEC,";
$sql .= "g.ff_id_usr as FFIDUSR,";
$sql .= "g.ff_motivo as FFMOT ";
$sql .= " from GUIA g,PEDIDO p where ";
$sql .= "p.id_pedido=g.id_pedido and ";
$sql .= "p.id_oficina='{$idOficina}' and ";
if ($idNaviera != '-') {
$sql .= "p.id_naviera='{$idNaviera}' and ";
}
if (!empty($cliente) && !empty($idsCli)) {
$sql .= "p.id_cliente in({$idsCli}) and ";
}
$sql .= "g.cap_fec BETWEEN '{$fec1} 00:00:00' and '{$fec2} 23:59:59' order by g.id_guia,g.id_pedido ";
$db->query($sql);
while ($db->next_record()) {
$stReg = $db->f(STREG);
$ffSt = $db->f(FFST);
$ffSt == 1 ? $ffSt = "FLETE EN FALSO" : ($ffSt = "");
$ffIdUsr = $db->f(FFIDUSR);
$ffUsr = getValueTable("usuario", "USUARIO", "id_usuario", $ffIdUsr);
$ffFec = $db->f(FFFEC);
$ffMot = $db->f(FFMOT);
$bajaIdUsr = $db->f(BAJAIDUSR);
$bajaUsr = getValueTable("usuario", "USUARIO", "id_usuario", $bajaIdUsr);
$bajaFec = $db->f(BAJAFEC);
$bajaMotivo = $db->f(BAJAMOTIVO);
$mov = $db->f(MOV);
$capFec = $db->f(CAPFEC);
$capFec = substr($capFec, 0, 10);
$folio = $db->f(FOLIO);
$folioSer = $db->f(FOLIOSER);
$folioNum = $db->f(FOLIONUM);
$consecu = $folioSer . $folioNum;
/*
if( !empty($folio) ){
$folioA = substr($folio,0,2);
$folioB = substr($folio,2,9);
$folio= "$folioA-$folioB";
}
else{
// Nuevo Folio
$folioSer = $db->f(FOLIOSER);
$folioNum = $db->f(FOLIONUM);
$folio= $folioSer.$folioNum;
}
*/
$idConte = $db->f(IDCONTE);
$conte = getValueTable("numero", "CONTENEDOR", "id_contenedor", $idConte);
$idEq = getValueTable("id_equipo", "CONTENEDOR", "id_contenedor", $idConte);
$equipo = getValueTable("equipo", "EQUIPO", "id_equipo", $idEq);
$bkg = $db->f(BKG);
$idNaviera = $db->f(IDNAV);
$naviera = getValueTable("naviera", "NAVIERA", "id_naviera", $idNaviera);
$idCli = $db->f(IDCLI);
$cliente = getValueTable("cliente", "CLIENTE", "id_cliente", $idCli);
$ruta = $db->f(RUTA);
$destDom = $db->f(DESTDOM);
$aa = $db->f(AA);
$sello = $db->f(SELLO);
$operador = $db->f(OPERA);
$autoPista = $db->f(AUTOPISTA);
$notas = $db->f(NOTAS);
$notas = trim($notas);
$notas = str_replace("\r", "", $notas);
$notas = str_replace("\n", "", $notas);
$traUni = $db->f(TRAUNI);
$traPla = $db->f(TRAPLA);
$capIdUsr = $db->f(CAPIDUSR);
$modIdUsr = $db->f(MODIDUSR);
$capUsr = getValueTable("usuario", "USUARIO", "id_usuario", $capIdUsr);
$modUsr = getValueTable("usuario", "USUARIO", "id_usuario", $modIdUsr);
$dest = $db->f(DEST);
$idPedido = $db->f(IDPEDIDO);
$refer = $db->f(REFE);
$tomaVacio = $db->f(TOMAVACIO);
$terLlega = $db->f(TERLLEGA);
$terSale = $db->f(TERSALE);
$terVacLlega = $db->f(TERVACLLEGA);
$terVacSale = $db->f(TERVACSALE);
$cliente = str_replace(",", "", $cliente);
$dest = str_replace(",", "", $dest);
$ruta = str_replace(",", "", $ruta);
$mov = str_replace(",", "", $mov);
$destDom = str_replace(",", "", $destDom);
$destDom = str_replace(";", "", $destDom);
$destDom = str_replace("\n", "", $destDom);
$destDom = str_replace("\r", "", $destDom);
$destDom = str_replace("'", "", $destDom);
$destDom = trim($destDom);
$sello = str_replace(",", "", $sello);
$aa = str_replace(",", "", $aa);
$traUni = str_replace(",", "", $traUni);
$traPla = str_replace(",", "", $traPla);
$operador = str_replace(",", "", $operador);
$notas = str_replace(",", "", $notas);
$refer = str_replace(",", "", $refer);
$refer = str_replace(";", "", $refer);
$refer = str_replace("\n", "", $refer);
$refer = str_replace("\r", "", $refer);
if ($stReg == "B") {
$stReg = "CANCELADO";
} else {
$stReg = "";
}
$bkg = cleanVar($bkg);
$sello = cleanVar($sello);
$cliente = cleanVar($cliente);
$dest = cleanVar($dest);
$ruta = cleanVar($ruta);
$mov = cleanVar($mov);
$destDom = cleanVar($destDom);
$aa = cleanVar($aa);
$traUni = cleanVar($traUni);
$operador = cleanVar($operador);
$bajaMotivo = cleanVar($bajaMotivo);
// Escribiendo al archivo.
$row = $capFec . $sepa . $stReg . $sepa . $idPedido . $sepa . $folio . $sepa . $consecu . $sepa . $conte . $sepa . $equipo . $sepa;
$row .= $bkg . $sepa . $sello . $sepa . $naviera . $sepa . $cliente . $sepa . $dest . $sepa;
$row .= $ruta . $sepa . $mov . $sepa . $destDom . $sepa . $aa . $sepa . $traUni . $sepa . $traPla . $sepa . $operador . $sepa;
$row .= $autoPista . $sepa . $capUsr . $sepa . $modUsr . $sepa . $oficina . $sepa . $bajaUsr . $sepa . $bajaFec . $sepa . $bajaMotivo . $sepa;
$row .= $notas . $sepa . $refer . $sepa . $tomaVacio . $sepa . $terLlega . $sepa . $terSale . $sepa . $terVacLlega . $sepa . $terVacSale . $sepa;
$row .= $ffSt . $sepa . $ffUsr . $sepa . $ffFec . $sepa . $ffMot;
$row .= "\n";
fputs($fp, $row);
}
fclose($fp);
// -----------------------------
// SALVAR COMO... O ABRIR EN AUTO.
// (No modificar)
// -----------------------------
if (file_exists("{$archivo}")) {
header('Content-Description: File Transfer');
header('Content-Type: application/octet-stream');
header('Content-Disposition: attachment; filename=' . basename($archivo));
header('Content-Transfer-Encoding: binary');
header('Expires: 0');
header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
header('Pragma: public');
header('Content-Length: ' . filesize($archivo));
ob_clean();
flush();
readfile("{$archivo}");
exit;
}
}
<?php
session_start();
include "config.php";
include "functions.php";
if (isset($_POST['phone'])) {
$ph = cleanVar($_POST['phone'], 'phone');
$message = cleanVar($_POST['message'], 'text');
$url = $_POST['himg'];
$tmms = new TwilioMMS($accountsid, $authtoken);
$smsg = $tmms->sendMessage($ph, $fromNumber, $message, $url);
header("Location: index.php");
}
<?php
include "config.php";
include "pdo.class.php";
include "functions.php";
$pdo = Db::singleton();
$body = cleanVar($_POST['Body'], 'text');
$from = cleanVar($_POST['From'], 'phone');
$media = '';
$numMedia = $_POST['NumMedia'];
if ($numMedia > 0) {
for ($i = 1; $i <= $numMedia; $i++) {
$key = 'MediaUrl' . $i;
$media = $_POST[$key];
if (isset($media) && !empty($media)) {
$media = cache_image($media, $id);
$res = $pdo->query("INSERT INTO callog SET msg='{$body}',phonenumber='{$from}',photo='{$media}',type='s'");
}
}
}
<?php
$urlGET = isset($_GET["url"]) ? cleanVar(urldecode($_GET["url"])) : "NONE";
$urlPOST = isset($_POST["url"]) ? cleanVar($_POST["url"]) : "NONE";
$currentHash = null;
$currentUrl = null;
$response = array();
function cleanVar($var)
{
if (!isUrl($var)) {
$var = "NONE";
}
return $var;
}
function isUrl($url)
{
$regex = "((https?|ftp)\\:\\/\\/)?";
// SCHEME
$regex .= "([a-z0-9+!*(),;?&=\$_.-]+(\\:[a-z0-9+!*(),;?&=\$_.-]+)?@)?";
// User and Pass
$regex .= "([a-z0-9-.]*)\\.([a-z]{2,3})";
// Host or IP
$regex .= "(\\:[0-9]{2,5})?";
// Port
$regex .= "(\\/([a-z0-9+\$_-]\\.?)+)*\\/?";
// Path
$regex .= "(\\?[a-z+&\$_.-][a-z0-9;:@&%=+\\/\$_.-]*)?";
// GET Query
$regex .= "(#[a-z_.-][a-z0-9+\$_.-]*)?";
// Anchor
if (preg_match("/^{$regex}\$/", $url)) {
