/**
* Returns the status of the update
*
* @return boolean True if update does not need to be run.
*/
function hasRun()
{
// check for template4
$query = "\n\t\t\tSELECT\n\t\t\t\tsite_id\n\t\t\tFROM\n\t\t\t\tslot\n\t\t\t\t\tINNER JOIN\n\t\t\t\tsite\n\t\t\t\t\tON\n\t\t\t\t\t\tFK_site = site_id\n\t\t\tWHERE\n\t\t\t\tslot_name = 'template4'\n\t\t";
$r = db_query($query);
if (db_num_rows($r)) {
$this->fourExists = TRUE;
} else {
print "\nTemplate 4 doesn't exist<br />";
}
// check for template5
$query = "\n\t\t\tSELECT\n\t\t\t\tsite_id\n\t\t\tFROM\n\t\t\t\tslot\n\t\t\t\t\tINNER JOIN\n\t\t\t\tsite\n\t\t\t\t\tON\n\t\t\t\t\t\tFK_site = site_id\n\t\t\tWHERE\n\t\t\t\tslot_name = 'template5'\n\t\t";
$r = db_query($query);
if (db_num_rows($r)) {
$this->fiveExists = TRUE;
} else {
print "\nTemplate 5 doesn't exist<br />";
}
// return results
if ($this->fourExists && $this->fiveExists) {
return TRUE;
} else {
return FALSE;
}
}
function monsterkills_run()
{
page_header("Most Monster Kills");
$acc = db_prefix("accounts");
$mp = db_prefix("module_userprefs");
$sql = "SELECT {$acc}.name AS name,\r\n\t\t{$acc}.acctid AS acctid,\r\n\t\t{$mp}.value AS kills,\r\n\t\t{$mp}.userid FROM {$mp} INNER JOIN {$acc}\r\n\t\tON {$acc}.acctid = {$mp}.userid \r\n\t\tWHERE {$mp}.modulename = 'monsterkills' \r\n\t\tAND {$mp}.setting = 'kills' \r\n\t\tAND {$mp}.value > 0 ORDER BY ({$mp}.value+0)\t\r\n\t\tDESC limit " . get_module_setting("list") . "";
$result = db_query($sql);
$rank = translate_inline("Kills");
$name = translate_inline("Name");
output("`n`b`c`@Most`\$ Monster `@Kills`n`n`c`b");
rawoutput("<table border='0' cellpadding='2' cellspacing='1' align='center'>");
rawoutput("<tr class='trhead'><td align=center>{$name}</td><td align=center>{$rank}</td></tr>");
for ($i = 0; $i < db_num_rows($result); $i++) {
$row = db_fetch_assoc($result);
if ($row['name'] == $session['user']['name']) {
rawoutput("<tr class='trhilight'><td>");
} else {
rawoutput("<tr class='" . ($i % 2 ? "trdark" : "trlight") . "'><td align=left>");
}
output_notl("%s", $row['name']);
rawoutput("</td><td align=right>");
output_notl("%s", $row['kills']);
rawoutput("</td></tr>");
}
rawoutput("</table>");
addnav("Back to HoF", "hof.php");
villagenav();
page_footer();
}
function importOpml()
{
header("Content-Type: text/html");
# required for iframe
print __("If you have imported labels and/or filters, you might need to reload preferences to see your new data.") . "</p>";
print "<div class=\"prefFeedOPMLHolder\">";
$owner_uid = $_SESSION["uid"];
db_query($this->link, "BEGIN");
/* create Imported feeds category just in case */
$result = db_query($this->link, "SELECT id FROM\n\t\t\tttrss_feed_categories WHERE title = 'Imported feeds' AND\n\t\t\towner_uid = '{$owner_uid}' LIMIT 1");
if (db_num_rows($result) == 0) {
db_query($this->link, "INSERT INTO ttrss_feed_categories\n\t\t\t\t(title,owner_uid)\n\t\t\t\t\tVALUES ('Imported feeds', '{$owner_uid}')");
}
db_query($this->link, "COMMIT");
/* Handle OPML import by DOMXML/DOMDocument */
print "<ul class='nomarks'>";
require_once "opml.php";
opml_import_domdoc($this->link, $owner_uid);
print "</ul>";
print "</div>";
print "<div align='center'>";
print "<button dojoType=\"dijit.form.Button\"\n\t\t\tonclick=\"dijit.byId('opmlImportDlg').execute()\">" . __('Close this window') . "</button>";
print "</div>";
print "</div>";
//return;
}
function scrapbots_get_armies($defenderid, $attackerid)
{
global $session;
//get attackers
$sql = "SELECT id,owner,name,activated,hitpoints,brains,brawn,briskness,junglefighter,retreathp FROM " . db_prefix("scrapbots") . " WHERE owner = {$attackerid}";
$result = db_query($sql);
$attacker = array();
for ($i = 0; $i < db_num_rows($result); $i++) {
$attacker[$i] = db_fetch_assoc($result);
}
$sql = "SELECT id,owner,name,activated,hitpoints,brains,brawn,briskness,junglefighter,retreathp FROM " . db_prefix("scrapbots") . " WHERE owner = {$defenderid}";
$result = db_query($sql);
$defender = array();
for ($i = 0; $i < db_num_rows($result); $i++) {
$defender[$i] = db_fetch_assoc($result);
}
debug("Debugging Attacker");
debug($attacker);
debug("Debugging Defender");
debug($defender);
$armies = array("attacker" => $attacker, "defender" => $defender);
//Set starting vals
$armies['attacker']['retreatpct'] = get_module_pref("retreatpct", "scrapbots", $attackerid);
$armies['defender']['retreat'] = get_module_pref("retreatpct", "scrapbots", $defenderid);
debug("Debugging Armies");
debug($armies);
return $armies;
}
function payment_main()
{
$user = user_isonline();
if ($user === false) {
payment_die(_('Please login before checkout'));
}
$sid = @$_GET['serviceid'];
$sid = (int) $sid;
$sql = "SELECT * FROM service WHERE id={$sid}";
$res = db_query($sql);
if ($res == false || db_num_rows($res) == 0) {
payment_die(_('We have no this service'));
}
$arr = db_fetch_array($res);
$orderarr = order_new($sid);
if ($orderarr == false) {
payment_die(_('Checkout fail, please contact us for help'));
}
/// 使用 PayPal 进行支付
$ret = paypal_new_payment($orderarr['orderid'], $amount);
if ($ret == false) {
payment_die(_('Checkout fail, please contact us for help'));
}
payment_redirect(PAYPAL_REDIRECTURL . '?token=' . $ret['token']);
}
function tents_dohook($hookname, $args)
{
global $session;
switch ($hookname) {
case "worldnav":
$ploc = get_module_pref("worldXYZ", "worldmapen");
$sql = "SELECT owner,type,data FROM " . db_prefix("structures") . " WHERE location = {$ploc}";
$result = db_query($sql);
for ($i = 0; $i < db_num_rows($result); $i++) {
//send structure through module hooks
}
// $chats = unserialize(get_module_setting("placedchats"));
// $ploc = get_module_pref("worldXYZ","worldmapen");
// $chatarea = 0;
// if (!is_array($chats)) {
// $chats = array();
// }
// foreach($chats AS $key => $vals){
// if ($ploc == $vals['loc']['x'].",".$vals['loc']['y'].",1"){
// output("`0There's a little tent here.`n");
// addnav("Investigate Tent","runmodule.php?module=tents&xyz=".$ploc);
// $chatarea = 1;
// break;
// }
// }
// if (!$chatarea){
// }
break;
}
return $args;
}
function modules()
{
global $list_prefix;
$MAIN = loadtmplate("main");
//lets get our module list from the DB.
$sql = "SELECT * FROM " . $list_prefix . "config WHERE `key` = 'indexmodule' ORDER BY `order`;";
$result = db_query($sql);
if ($result) {
//lets see how many modules we have and initialize our variables.
$rows = db_num_rows($result);
$i = 0;
$CONTENT = "";
$perpage = 3;
//lets read our modules, load them, add their content to our main content.
while ($i < $rows) {
$row = db_fetch_array($result);
include_once $row['value'] . ".mod.php";
$CONTENT .= "<H2>" . $MOD['title'] . "</H2><BR>\r\n";
$CONTENT .= $MOD['content'];
$i++;
}
//lets insert our content into the template.
$WORK = insert_into_template($MAIN, "{CONTENT}", $CONTENT);
$WORK = filltemplate($WORK, "{SITENAME}");
//this is an ugly hack but it works.
//when we output this lets make sure that the output is stripped of any template elements that are not used.
printf("%s", striptemplate($WORK));
}
}
function sql_emailExists($email)
{
/* returns 1 if the email address exists otherwise 0 */
global $CFG;
$qid = db_query("SELECT 1 FROM {$CFG->tbl_person} WHERE PersonEmail = '{$email}'");
return db_num_rows($qid);
}
function friendlist_search()
{
global $session;
$n = httppost("n");
rawoutput("<form action='runmodule.php?module=friendlist&op=search' method='POST'>");
addnav("", "runmodule.php?module=friendlist&op=search");
if ($n != "") {
$string = "%";
for ($x = 0; $x < strlen($n); $x++) {
$string .= substr($n, $x, 1) . "%";
}
$sql = "SELECT name,dragonkills,acctid FROM " . db_prefix("accounts") . " WHERE name LIKE '%{$string}%' AND acctid<>" . $session['user']['acctid'] . " AND locked=0 ORDER BY level,dragonkills";
$result = db_query($sql);
if (db_num_rows($result) > 0) {
$ignored = rexplode(get_module_pref('ignored'));
$friends = rexplode(get_module_pref('friends'));
$request = rexplode(get_module_pref('request'));
$iveignored = rexplode(get_module_pref('iveignored'));
output("`@These users were found:`n");
rawoutput("<table style='width:60%;text-align:center;' cellpadding='3' cellspacing='0' border='0'>");
rawoutput("<tr class='trhead'><td>" . translate_inline("Name") . "</td><td>" . translate_inline("Operations") . "</td></tr>");
for ($i = 0; $i < db_num_rows($result); $i++) {
$row = db_fetch_assoc($result);
rawoutput("<tr class='" . ($i % 2 ? "trlight" : "trdark") . "'><td>");
output_notl($row['name']);
rawoutput("</td><td>");
if (in_array($row['acctid'], $ignored)) {
$info = translate_inline("This user has ignored you.");
$info .= " [<a href='runmodule.php?module=friendlist&op=ignore&ac=" . $row['acctid'] . "' class='colDkGreen'>" . translate_inline("Ignore") . "</a>]";
addnav("", "runmodule.php?module=friendlist&op=ignore&ac=" . $row['acctid']);
} elseif (in_array($row['acctid'], $friends)) {
$info = translate_inline("This user is already in your list.");
} elseif (in_array($row['acctid'], $request)) {
$info = translate_inline("This user has already requested to you.");
} else {
if (in_array($row['acctid'], $iveignored)) {
$info = "[<a href='runmodule.php?module=friendlist&op=unignore&ac=" . $row['acctid'] . "' class='colLtRed'>" . translate_inline("Unignore") . "</a>]";
addnav("", "runmodule.php?module=friendlist&op=unignore&ac=" . $row['acctid']);
} else {
$info = "[<a href='runmodule.php?module=friendlist&op=ignore&ac=" . $row['acctid'] . "' class='colDkGreen'>" . translate_inline("Ignore") . "</a>]";
addnav("", "runmodule.php?module=friendlist&op=ignore&ac=" . $row['acctid']);
$info .= " - [<a href='runmodule.php?module=friendlist&op=request&ac=" . $row['acctid'] . "' class='colDkGreen'>" . translate_inline("Request") . "</a>]";
addnav("", "runmodule.php?module=friendlist&op=request&ac=" . $row['acctid']);
}
}
rawoutput("{$info}</td></tr>");
}
rawoutput("</table>");
} else {
output("`c`@`bA user was not found with that name.`b`c");
}
output_notl("`n");
}
output("`^`b`cFriend Search...`c`b");
output("`n`nWho do you want to search for?");
output("`n`nName of user: "******"<input name='n' maxlength='50' value=\"" . htmlentities(stripslashes(httppost('n'))) . "\">");
$apply = translate_inline("Search");
rawoutput("<input type='submit' class='button' value='{$apply}'></form>");
}
function dod_show()
{
global $available_fields, $optional_fields, $tables, $smarty, $top_message, $target;
$generators = array();
$fields = $from_tbls = $query_joins = $where = $groupbys = $having = $orderbys = array();
$from_tbls[] = 'dod_generators';
$fields = array_keys($available_fields);
$where[] = 1;
$orderbys[] = 'position';
$orderbys[] = 'generator_id';
$search_query_count = cw_db_generate_query('count(generator_id)', $from_tbls, $query_joins, $where, $groupbys, $having, array(), 0);
$search_query = cw_db_generate_query($fields, $from_tbls, $query_joins, $where, $groupbys, $having, $orderbys);
$total_items_res_id = db_query($search_query_count);
$number_generators = db_num_rows($total_items_res_id);
if (empty($number_generators)) {
return null;
}
global $navigation, $page;
$navigation = cw_core_get_navigation($target, $number_generators, $page);
$limit_str = " LIMIT {$navigation['first_page']}, {$navigation['objects_per_page']}";
$generators = cw_query($search_query . $limit_str);
if (empty($generators)) {
return null;
}
$generators = array_map(create_function('$elm', '$elm["description"] = strip_tags($elm["description"]); return $elm;'), $generators);
$smarty->assign('dod_generators', cw_stripslashes($generators));
$navigation['script'] = 'index.php?target=' . $target;
$smarty->assign('navigation', $navigation);
}
function shareArticle()
{
$param = db_escape_string($_REQUEST['param']);
$result = db_query($this->link, "SELECT uuid, ref_id FROM ttrss_user_entries WHERE int_id = '{$param}'\n\t\t\tAND owner_uid = " . $_SESSION['uid']);
if (db_num_rows($result) == 0) {
print "Article not found.";
} else {
$uuid = db_fetch_result($result, 0, "uuid");
$ref_id = db_fetch_result($result, 0, "ref_id");
if (!$uuid) {
$uuid = db_escape_string(sha1(uniqid(rand(), true)));
db_query($this->link, "UPDATE ttrss_user_entries SET uuid = '{$uuid}' WHERE int_id = '{$param}'\n\t\t\t\t\tAND owner_uid = " . $_SESSION['uid']);
}
print __("You can share this article by the following unique URL:");
$url_path = get_self_url_prefix();
$url_path .= "/public.php?op=share&key={$uuid}";
print "<div class=\"tagCloudContainer\">";
print "<a id='pub_opml_url' href='{$url_path}' target='_blank'>{$url_path}</a>";
print "</div>";
/* if (!label_find_id($this->link, __('Shared'), $_SESSION["uid"]))
label_create($this->link, __('Shared'), $_SESSION["uid"]);
label_add_article($this->link, $ref_id, __('Shared'), $_SESSION['uid']); */
}
print "<div align='center'>";
print "<button dojoType=\"dijit.form.Button\" onclick=\"return dijit.byId('shareArticleDlg').hide()\">" . __('Close this window') . "</button>";
print "</div>";
}
function search($params)
{
$input = db_input(strtolower($params['input']), false);
$len = strlen($input);
$limit = isset($params['limit']) ? (int) $params['limit'] : 25;
$items = array();
$ticketid = false;
if (is_numeric($input)) {
$WHERE = ' WHERE ticketID LIKE \'' . $input . '%\'';
$ticketid = true;
} else {
$WHERE = ' WHERE email LIKE \'' . $input . '%\'';
}
$sql = 'SELECT DISTINCT ticketID,email FROM ' . TICKET_TABLE . ' ' . $WHERE . ' ORDER BY created LIMIT ' . $limit;
$resp = db_query($sql);
if ($resp && db_num_rows($resp)) {
while (list($id, $email) = db_fetch_row($resp)) {
$info = $ticketid ? $email : $id;
$id = $ticketid ? $id : $email;
$items[] = '{"id": "' . $id . '", "value": "' . $id . '", "info": "' . $info . '"}';
}
}
$result = '{"results": [' . implode(", ", $items) . ']}';
return $result;
}
function shownews($id)
{
global $list_prefix, $NEWS, $MAIN;
$sql = "SELECT * FROM " . $list_prefix . "news WHERE id = '" . $id . "';";
$result = db_query($sql);
$rows = db_num_rows($result);
if ($rows != 0) {
$row = db_fetch_array($result);
$postedby = getuser($row['posted_by']);
//lets insert the prayerrequest into our working copy of this template.
$WORK = insert_into_template($NEWS, "{NEWSTITLE}", stripslashes($row['news_title']));
$WORK = insert_into_template($WORK, "{TEASER}", stripslashes($row['teaser']));
$WORK = insert_into_template($WORK, "{NEWSID}", $row['id']);
$WORK = insert_into_template($WORK, "{POSTEDBY}", $postedby);
$WORK = insert_into_template($WORK, "{BYLINE}", $row['byline']);
$WORK = insert_into_template($WORK, "{DATE}", date("m/d/Y", $row['date']));
$WORK = insert_into_template($WORK, "{CATEGORY}", getcatname($row['category']));
$WORK = insert_into_template($WORK, "{NEWS}", stripslashes($row['news']));
$i++;
//now lets add this request to the CONTENT.
$WORK = insert_into_template($MAIN, "{CONTENT}", $WORK);
$WORK = filltemplate($WORK, striphtml($row['news_title']));
printf("%s", striptemplate($WORK));
}
}
function display_wo_issue_details($issue_no)
{
$result = get_work_order_issue_details($issue_no);
if (db_num_rows($result) == 0) {
display_note(_("There are no items for this issue."));
} else {
start_table(TABLESTYLE);
$th = array(_("Component"), _("Quantity"), _("Units"));
table_header($th);
$j = 1;
$k = 0;
//row colour counter
$total_cost = 0;
while ($myrow = db_fetch($result)) {
alt_table_row_color($k);
label_cell($myrow["stock_id"] . " - " . $myrow["description"]);
qty_cell($myrow["qty_issued"], false, get_qty_dec($myrow["stock_id"]));
label_cell($myrow["units"]);
end_row();
$j++;
if ($j == 12) {
$j = 1;
table_header($th);
}
//end of page full new headings if
}
//end of while
end_table();
}
}
function checkban(string $login, bool $connect = false) : bool
{
global $session;
$accounts = db_prefix('accounts');
$bans = db_prefix('accounts');
$today = date('Y-m-d');
$sql = db_query("SELECT lastip, uniquid, banoverride, superuser FROM {$accounts}\n WHERE login = '******'");
$row = db_fetch_assoc($sql);
if ($row['banoverride'] || $row['superuser'] & ~SU_DOESNT_GIVE_GROTTO) {
return false;
}
db_free_result($sql);
$sql = db_query("SELECT * FROM {$bans}\n WHERE (\n (ipfilter = '{$row['lastip']}' OR ipfilter = '{$_SERVER['REMOTE_ADDR']}')\n OR (uniqueid = '{$row['uniqueid']}' OR uniqueid = '{$_COOKIE['lgi']}')\n )\n AND (banexpire = '000-00-00' OR banexpire >= '{$today}')");
if (db_num_rows($sql) > 0) {
if ($connect) {
$session = [];
tlschema('ban');
$session['message'] .= translate_inline('`n`4You fall under a ban currently in place on this website:');
while ($row = db_fetch_assoc($sql)) {
$session['message'] .= "`n{$row['banreason']}`n";
if ($row['banexpire'] == '0000-00-00') {
$session['message'] .= translate_inline("`\$This ban is permanent!`0");
} else {
$session['message'] .= sprintf_translate("`^This ban will be removed `\$after`^ %s.`0", date("M d, Y", strtotime($row['banexpire'])));
}
db_query("UPDATE {$bans}\n SET lasthit = '{$today} 00:00:00'\n WHERE ipfilter = '{$row['ipfilter']}'\n AND uniqueid = '{$row['uniqueid']}'\n ");
}
$session['message'] .= translate_inline("`n`4If you wish, you may appeal your ban with the petition link.");
tlschema();
header('Location: home.php');
}
return true;
}
return false;
}
function user_pref_cache_row($p_user_id, $p_project_id = ALL_PROJECTS, $p_trigger_errors = true)
{
global $g_cache_user_pref;
$c_user_id = db_prepare_int($p_user_id);
$c_project_id = db_prepare_int($p_project_id);
if (isset($g_cache_user_pref[$c_user_id][$c_project_id])) {
return $g_cache_user_pref[$c_user_id][$c_project_id];
}
$t_user_pref_table = config_get('mantis_user_pref_table');
$query = "SELECT *\n\t\t\t\t FROM {$t_user_pref_table}\n\t\t\t\t WHERE user_id='{$c_user_id}' AND project_id='{$c_project_id}'";
$result = db_query($query);
if (0 == db_num_rows($result)) {
if ($p_trigger_errors) {
trigger_error(ERROR_USER_PREFS_NOT_FOUND, ERROR);
} else {
$g_cache_user_pref[$c_user_id][$c_project_id] = false;
return false;
}
}
$row = db_fetch_array($result);
if (!isset($g_cache_user_pref[$c_user_id])) {
$g_cache_user_pref[$c_user_id] = array();
}
$g_cache_user_pref[$c_user_id][$c_project_id] = $row;
return $row;
}
function search()
{
$limit = isset($_GET['limit']) ? (int) $_GET['limit'] : 25;
$items = array();
$ticketid = false;
if (isset($_GET['id'])) {
$WHERE = ' WHERE ticketID LIKE \'' . db_input($_GET['id'], false) . '%\'';
$ticketid = true;
} elseif (isset($_GET['email'])) {
$WHERE = ' WHERE email LIKE \'' . db_input(strtolower($_GET['email']), false) . '%\'';
} else {
Http::response(400, "id or email argument is required");
}
$sql = 'SELECT DISTINCT ticketID,email,name FROM ' . TICKET_TABLE . ' ' . $WHERE . ' ORDER BY created LIMIT ' . $limit;
$res = db_query($sql);
if ($res && db_num_rows($res)) {
while (list($id, $email, $name) = db_fetch_row($res)) {
$info = $ticketid ? $email : $id;
$id = $ticketid ? $id : $email;
# TODO: Return 'name' from email address if 'email' argument
# specified?
$items[] = array('id' => $id, 'value' => $id, 'info' => $info, 'name' => $name);
}
}
return $this->encode(array('results' => $items));
}
/**
* Determine if a tag exists with the given ID.
* @param int $p_tag_id Tag ID
* @return boolean True if tag exists
*/
function tag_exists($p_tag_id)
{
$t_tag_table = db_get_table('tag');
$query = "SELECT * FROM {$t_tag_table} WHERE id=" . db_param();
$result = db_query_bound($query, array($p_tag_id));
return db_num_rows($result) > 0;
}
function renderIssues($status)
{
$content = array();
$t_project_id = helper_get_current_project();
$t_bug_table = db_get_table('mantis_bug_table');
$t_user_id = auth_get_current_user_id();
$specific_where = helper_project_specific_where($t_project_id, $t_user_id);
if ($this->severity) {
$severityCond = '= ' . $this->severity;
} else {
$severityCond = '> -1';
}
$query = "SELECT *\n\t\t\tFROM {$t_bug_table}\n\t\t\tWHERE {$specific_where}\n\t\t\tAND status = {$status}\n\t\t\tAND severity {$severityCond}\n\t\t\tORDER BY last_updated DESC\n\t\t\tLIMIT 20";
$result = db_query_bound($query);
$category_count = db_num_rows($result);
for ($i = 0; $i < $category_count; $i++) {
$row = db_fetch_array($result);
//pre_var_dump($row);
$content[] = '<div class="portlet ui-helper-clearfix" id="' . $row['id'] . '">
<div class="portlet-header">' . string_get_bug_view_link($row['id']) . ': ' . $row['summary'] . '</div>
<div class="portlet-content">' . ($row['reporter_id'] ? 'Reporter: ' . user_get_name($row['reporter_id']) . BR : '') . ($row['handler_id'] ? 'Assigned: ' . user_get_name($row['handler_id']) . BR : '') . '</div></div>';
}
if ($row) {
//pre_var_dump(array_keys($row));
}
return $content;
}
function friendlist_unignore()
{
global $session;
$ac = httpget('ac');
$ignored = rexplode(get_module_pref('ignored', 'friendlist', $ac));
$iveignored = rexplode(get_module_pref('iveignored'));
if (in_array($ac, $iveignored)) {
$sql = "SELECT name FROM " . db_prefix("accounts") . " WHERE acctid={$ac} AND locked=0";
$result = db_query($sql);
if (db_num_rows($result) > 0) {
$row = db_fetch_assoc($result);
$info = sprintf_translate("%s`Q has been removed from your list.", $row['name']);
require_once "lib/systemmail.php";
$t = array("`\$Ignore List Removal");
$mailmessage = array("%s`0`@ has removed you from %s ignore list.", $session['user']['name'], $session['user']['sex'] ? translate_inline("her") : translate_inline("his"));
systemmail($ac, $t, $mailmessage);
} else {
$info = translate_inline("That user no longer exists...");
}
}
$ignored = array_diff($ignored, array($session['user']['acctid']));
$ignored = rimplode($ignored);
set_module_pref('ignored', $ignored, 'friendlist', $ac);
if (in_array($ac, $iveignored)) {
$iveignored = array_diff($iveignored, array($ac));
$iveignored = rimplode($iveignored);
set_module_pref('iveignored', $iveignored);
}
output_notl($info);
}
function _valid_db($name, $pass, $admin_auser = 0)
{
$name = strtolower($name);
global $dbhost, $dbuser, $dbpass, $dbdb;
db_connect($dbhost, $dbuser, $dbpass, $dbdb);
$query = "SELECT * FROM user WHERE user_uname='" . addslashes($name) . "'" . ($admin_auser ? "" : " AND user_pass='******' AND user_authtype='db'");
$r = db_query($query);
// $a = db_fetch_assoc($r);
// if (db_num_rows($r) && $a['pass'] == $pass) {
if (db_num_rows($r)) {
$a = db_fetch_assoc($r);
$x = array();
// array for returned info
$x[fullname] = $a[user_fname];
$x[user] = $name;
$x[pass] = $pass;
$x[email] = $a[user_email];
$x[type] = $a[user_type];
$x[method] = 'db';
$x[id] = $a[user_id];
return $x;
}
/*else {
$query = "select * from users where email='$name' and pass='******' and status='open'";
$r = db_query($query);
if (db_num_rows($r)) {
$logmethod = "open";
return $r;
}
}*/
return 0;
}
function fu_slug_exists($slug, $itemType = 'cat')
{
if ($slug = mysql_real_escape_string($slug)) {
switch ($itemType) {
case 'cat':
case 'prod':
$sql = "SELECT productID AS 'itemID'\n FROM " . PRODUCTS_TABLE . "\n WHERE uri = '{$slug}'\n \n UNION\n \n SELECT categoryID AS 'itemID'\n FROM " . CATEGORIES_TABLE . "\n WHERE uri = '{$slug}'";
$result = db_query($sql);
return db_num_rows($result["resource"]) > 0;
break;
case 'news':
$sql = "SELECT NID\n\t\t\t\t\t FROM " . NEWS_TABLE . "\n\t\t\t\t\t WHERE uri = '{$slug}'\n\t\t\t\t\t LIMIT 1";
$result = db_query($sql);
return db_num_rows($result["resource"]) > 0;
break;
case 'page':
$sql = "SELECT aux_page_ID\n\t\t\t\t\t FROM " . AUX_PAGES_TABLE . "\n\t\t\t\t\t WHERE uri = '{$slug}'\n\t\t\t\t\t LIMIT 1";
$result = db_query($sql);
return db_num_rows($result["resource"]) > 0;
break;
}
// END switch
} else {
return 0;
}
}
/**
* Returns the status of the update
*
* @return boolean True if update does not need to be run.
*/
function hasRun()
{
// check for fields
$query = "\n\t\tDESCRIBE\n\t\t\tstory story_discussdisplay\n\t\t";
$r = db_query($query);
if (db_num_rows($r)) {
$this->field01Exists = TRUE;
}
$query = "\n\t\tDESCRIBE\n\t\t\tstory story_discussauthor\n\t\t";
$r = db_query($query);
if (db_num_rows($r)) {
$this->field02Exists = TRUE;
}
$query = "\n\t\tDESCRIBE\n\t\t\tstory story_discussemail\n\t\t";
$r = db_query($query);
if (db_num_rows($r)) {
$this->field03Exists = TRUE;
}
$query = "\n\t\tDESCRIBE\n\t\t\tdiscussion FK_media\n\t\t";
$r = db_query($query);
if (db_num_rows($r)) {
$this->field04Exists = TRUE;
}
$query = "\n\t\tDESCRIBE\n\t\t\tdiscussion discussion_rate\n\t\t";
$r = db_query($query);
if (db_num_rows($r)) {
$this->field05Exists = TRUE;
}
if ($this->field01Exists && $this->field02Exists && $this->field03Exists && $this->field04Exists && $this->field05Exists) {
return TRUE;
} else {
return FALSE;
}
}
function prayerlist_mod($perpage)
{
global $list_prefix;
//this is a module so we should already know if the user is logged in.
//start main code here.
//lets search for request that expire prior to right now.
$sql = "SELECT * FROM " . $list_prefix . "prayer_list WHERE `expired` = '0' AND `expiredate` < '" . time() . "';";
$result = db_query($sql);
@($rows = db_num_rows($result));
$j = 0;
while ($j < $rows) {
$row = db_fetch_array($result);
//mail the user here if they are not anonymous
if (0 != strcmp($row['requested_by'], 'anonymous')) {
mailuser($row['requested_by'], $row);
}
//We need to change this to make the request historical rather than deleting it.
$sql = "UPDATE " . $list_prefix . "prayer_list SET `expired` = '1' WHERE `id`='" . $row['id'] . "';";
//end of change.
$result2 = db_query($sql);
$j++;
}
$MOD['title'] = "Prayer Request";
$MOD['content'] = showlist($perpage);
return $MOD;
}
function can_process()
{
if (!check_num('po_over_receive', 0, 100)) {
display_error(_("The delivery over-receive allowance must be between 0 and 100."));
set_focus('po_over_receive');
return false;
}
if (!check_num('po_over_charge', 0, 100)) {
display_error(_("The invoice over-charge allowance must be between 0 and 100."));
set_focus('po_over_charge');
return false;
}
if (!check_num('past_due_days', 0, 100)) {
display_error(_("The past due days interval allowance must be between 0 and 100."));
set_focus('past_due_days');
return false;
}
$grn_act = get_company_pref('grn_clearing_act');
if (get_post('grn_clearing_act') != $grn_act && db_num_rows(get_grn_items(0, '', true))) {
display_error(_("Before GRN Clearing Account can be changed all GRNs have to be invoiced"));
$_POST['grn_clearing_act'] = $grn_act;
set_focus('grn_clearing_account');
return false;
}
if (!is_account_balancesheet(get_post('retained_earnings_act')) || is_account_balancesheet(get_post('profit_loss_year_act'))) {
display_error(_("The Retained Earnings Account should be a Balance Account or the Profit and Loss Year Account should be an Expense Account (preferred the last one in the Expense Class)"));
return false;
}
return true;
}
function getInfo()
{
//retrieve Data from the DB
$id = db_escape_string($_REQUEST['id']);
$result = db_query("SELECT title, link\n\t\t\t\tFROM ttrss_entries, ttrss_user_entries\n\t\t\t\tWHERE id = '{$id}' AND ref_id = id AND owner_uid = " . $_SESSION['uid']);
if (db_num_rows($result) != 0) {
$title = truncate_string(strip_tags(db_fetch_result($result, 0, 'title')), 100, '...');
$article_link = db_fetch_result($result, 0, 'link');
}
$consumer_key = $this->host->get($this, "pocket_consumer_key");
$pocket_access_token = $this->host->get($this, "pocket_access_token");
//Call Pocket API
if (function_exists('curl_init')) {
$postfields = array('consumer_key' => $consumer_key, 'access_token' => $pocket_access_token, 'url' => $article_link, 'title' => $title);
$cURL = curl_init();
curl_setopt($cURL, CURLOPT_URL, 'https://getpocket.com/v3/add');
curl_setopt($cURL, CURLOPT_HEADER, 1);
curl_setopt($cURL, CURLOPT_HTTPHEADER, array('Content-type: application/x-www-form-urlencoded;charset=UTF-8'));
curl_setopt($cURL, CURLOPT_RETURNTRANSFER, true);
curl_setopt($cURL, CURLOPT_TIMEOUT, 5);
curl_setopt($cURL, CURLOPT_POST, 4);
curl_setopt($cURL, CURLOPT_POSTFIELDS, http_build_query($postfields));
$apicall = curl_exec($cURL);
curl_close($cURL);
//Store error code in $status
$status = preg_match('/^X-Error: .*$/m', $apicall, $matches) ? $matches[0] : 1;
} else {
$status = 'For the plugin to work you need to <strong>enable PHP extension CURL</strong>!';
}
//Return information on article and status
print json_encode(array("title" => $title, "link" => $article_link, "id" => $id, "status" => $status));
}
function serverloadperpage_run()
{
global $session;
page_header("Server Load by Page Execution Times");
//Show player number table
$sql = "SELECT * FROM " . db_prefix("performancepage") . " ORDER BY totalpages DESC";
$result = db_query($sql);
output("`bAverage Page Generation Times by script request`b`n");
rawoutput("<table border='0' cellpadding='2' cellspacing='1' align='center' width='100%'>");
rawoutput("<tr class='trhead'><td>URL</td><td>Total Count</td><td>Total Time</td><td>Average Time / Page</td></tr>");
for ($i = 0; $i < db_num_rows($result); $i++) {
$row = db_fetch_assoc($result);
if ($row['totalpages'] >= 1) {
$avg = $row['totaltime'] / $row['totalpages'];
$max = 100;
$bwidth = round($avg * 100);
$bnonwidth = $max - $bwidth;
if ($bnonwidth > 0) {
$bar = "<table style='border: solid 1px #000000' width='{$max}' height='7' bgcolor='#333333' cellpadding=0 cellspacing=0><tr><td width='{$bwidth}' bgcolor='#00ff00'></td><td width='{$bnonwidth}'></td></tr></table>";
} else {
$over = $bwidth - $max;
$total = $max + $over;
$bar = "<table style='border: solid 1px #000000' height='7' width='{$total}' cellpadding=0 cellspacing=0><tr><td width='{$max}' bgcolor='#990000'></td><td width='{$over}' bgcolor='#ff0000'></td></tr></table>";
}
rawoutput("<tr class='" . ($i % 2 ? "trdark" : "trlight") . "'>");
rawoutput("<td>" . $row['page'] . "</td><td>" . number_format($row['totalpages']) . "</td><td>" . $row['totaltime'] . "</td><td>" . $bar . round($row['totaltime'] / $row['totalpages'], 4) . "</td></tr>");
}
}
rawoutput("</table>");
page_footer();
}
/**
* Cache a user row if necessary and return the cached copy
* If the second parameter is true (default), trigger an error
* if the user can't be found. If the second parameter is
* false, return false if the user can't be found.
*
* @param integer $p_user_id A valid user identifier.
* @param boolean $p_trigger_errors Trigger an error is the user does not exist.
* @return array|boolean array of database data or false if not found
*/
function user_cache_row( $p_user_id, $p_trigger_errors = true ) {
global $g_cache_user;
if( isset( $g_cache_user[$p_user_id] ) ) {
return $g_cache_user[$p_user_id];
}
$t_query = 'SELECT * FROM {user} WHERE id=' . db_param();
$t_result = db_query( $t_query, array( $p_user_id ) );
if( 0 == db_num_rows( $t_result ) ) {
$g_cache_user[$p_user_id] = false;
if( $p_trigger_errors ) {
error_parameters( (integer)$p_user_id );
trigger_error( ERROR_USER_BY_ID_NOT_FOUND, ERROR );
}
return false;
}
$t_row = db_fetch_array( $t_result );
$g_cache_user[$p_user_id] = $t_row;
return $t_row;
}
function processsubmission()
{
global $logged_in, $user, $HTTP_POST_VARS, $list_prefix, $HTTP_GET_VARS, $MAIN;
//lets make sure anonymous requests are accepted as "logged in".
if (isset($HTTP_POST_VARS['anonymous'])) {
$logged_in = 1;
$email = 'anonymous';
$username = '******';
} else {
$email = $user['email'];
$username = $user['username'];
}
//lets accept request from users who are not cookied but are logging in.
if (!$logged_in && isset($HTTP_POST_VARS['user'])) {
$user = userlogin($HTTP_POST_VARS['user'], $HTTP_POST_VARS['pass'], $HTTP_POST_VARS['automatic']);
if (0 != strcmp($user['email'], "anonymous")) {
$logged_in = 1;
$email = $user['email'];
$username = $user['username'];
}
}
//lets see if our user is logged in
if (!$logged_in) {
//if our user is not logged in we will redo the form for them with the data pre-entered.
submissionform_redo();
} else {
//if they are logged in we will process the request.
$req_date = time();
if (!is_numeric($HTTP_GET_VARS['request'])) {
die("HACKING ATTEMPT");
}
//we need to find out what the next id number is, add one to it, and then add it to the sql insert.
$sql = "SELECT * FROM " . $list_prefix . "praise_list ORDER BY `id` DESC;";
$result = db_query($sql);
if ($result) {
$rows = db_num_rows($result);
} else {
$rows = 0;
}
if ($rows > 0) {
$row = db_fetch_array($result);
$idval = $row['id'] + 1;
} else {
$idval = 1;
}
//lets do the sql insert
$sql = "INSERT INTO " . $list_prefix . "praise_list (id, request, praise, postdate, left_by, username) VALUES ('" . $idval . "', '" . $HTTP_GET_VARS['request'] . "', '" . $HTTP_POST_VARS['praise'] . "', '" . $req_date . "', '" . addslashes($email) . "', '" . $username . "');";
$result = db_query($sql);
if ($result) {
$CONTENT = "Your praise been processed.<BR>\r\n";
} else {
$CONTENT = "ERROR: the server was unable to process your praise at this time.<BR>\r\n";
$CONTENT .= "The SQL query was: " . $sql . "<BR>\r\n";
}
$WORK = insert_into_template($MAIN, "{CONTENT}", $CONTENT);
$WORK = filltemplate($WORK, "Leave Praise");
printf("%s", striptemplate($WORK));
}
}
function cannedResp($params)
{
$sql = 'SELECT answer FROM ' . KB_PREMADE_TABLE . ' WHERE isenabled=1 AND premade_id=' . db_input($params['id']);
if (($res = db_query($sql)) && db_num_rows($res)) {
list($response) = db_fetch_row($res);
}
return $response;
}