function insertAIML() { //db globals global $template, $msg; $dbconn = db_open(); $aiml = "<category><pattern>[pattern]</pattern>[thatpattern]<template>[template]</template></category>"; $aimltemplate = mysql_real_escape_string(trim($_POST['template'])); $pattern = strtoupper(mysql_real_escape_string(trim($_POST['pattern']))); $thatpattern = strtoupper(mysql_real_escape_string(trim($_POST['thatpattern']))); $aiml = str_replace('[pattern]', $pattern, $aiml); $aiml = empty($thatpattern) ? str_replace('[thatpattern]', "<that>{$thatpattern}</that>", $aiml) : $aiml; $aiml = str_replace('[template]', $aimltemplate, $aiml); $topic = strtoupper(mysql_real_escape_string(trim($_POST['topic']))); $bot_id = isset($_SESSION['poadmin']['bot_id']) ? $_SESSION['poadmin']['bot_id'] : 1; if ($pattern == "" || $template == "") { $msg = 'You must enter a user input and bot response.'; } else { $sql = "INSERT INTO `aiml` (`id`,`bot_id`, `aiml`, `pattern`,`thatpattern`,`template`,`topic`,`filename`, `php_code`) VALUES (NULL,'{$bot_id}', '{$aiml}','{$pattern}','{$thatpattern}','{$aimltemplate}','{$topic}','admin_added.aiml', '')"; $result = mysql_query($sql, $dbconn) or die('You have a SQL error on line ' . __LINE__ . ' of ' . __FILE__ . '. Error message is: ' . mysql_error() . ".<br />\nSQL = {$sql}<br />\n"); if ($result) { $msg = "AIML added."; } else { $msg = "There was a problem adding the AIML - no changes made."; } } mysql_close($dbconn); return $msg; }
function db_generate($fname, $db = false) { global $dbh; if (!$db) { $db = db_open($fname); if (!$db) { die('db open failed!'); } } $dbh = $db; $qa[] = "CREATE TABLE users (uid INTEGER PRIMARY KEY ASC, user TEXT, pass TEXT, name TEXT, email TEXT);"; $qa[] = "CREATE TABLE groups (gid INTEGER PRIMARY KEY ASC, name TEXT, belongsto TEXT);"; $qa[] = "CREATE TABLE categories (cid INTEGER PRIMARY KEY ASC, title TEXT, gids TEXT);"; $qa[] = "CREATE TABLE posts (pid INTEGER PRIMARY KEY ASC, title TEXT, text TEXT, cid INTEGER);"; $qa[] = "CREATE TABLE msgs (mid INTEGER PRIMARY KEY ASC, from_id INTEGER, to_id INTEGER, msg TEXT, files TEXT);"; $qa[] = "CREATE TABLE files (fid INTEGER PRIMARY KEY ASC, up_user_id INTEGER, file TEXT);"; $qa[] = "CREATE TABLE news (nid INTEGER PRIMARY KEY ASC, ts INTEGER, content TEXT);"; $qa[] = "CREATE TABLE admin (name TEXT);"; $qa[] = "INSERT INTO users VALUES (NULL,'admin','" . sha1(sha1('KolohMun7p')) . "','Administrator','*****@*****.**')"; $qa[] = "INSERT INTO groups VALUES (NULL,'admin','1')"; $qa[] = "INSERT INTO groups VALUES (NULL,'everyone','1')"; $qa[] = "INSERT INTO categories VALUES (NULL,'carders','1,2')"; $qa[] = "INSERT INTO categories VALUES (NULL,'xploits','1,2')"; $qa[] = "INSERT INTO categories VALUES (NULL,'0days','1,2')"; $qa[] = "INSERT INTO categories VALUES (NULL,'XSS','1,2')"; $qa[] = "INSERT INTO categories VALUES (NULL,'sql injections','1,2')"; $qa[] = "INSERT INTO news VALUES (NULL, '" . time() . "','rwthctf has started, have fun hacking and good luck(-:')"; foreach ($qa as $q) { db_query($q, $dbh); } echo 'Database initialized:-)' . "\n"; return $dbh; }
function execQuery($query) { $conn = db_open(); $rs = mysql_query($query, $conn); // or die (mysql_error()); db_close($conn); return $rs; }
/** * function db_make_safe() * Makes a str safe to insert in the db * @param string $str - the string to make safe * @return string $str - the safe string **/ function db_make_safe($str) { $dbconn = db_open(); $out = mysql_real_escape_string($str, $dbconn); // Takes into account the character set of the chosen database mysql_close($dbconn); return $out; }
function return_device($device_id) { $con = db_open(); $sql = "\r\n\t\tSELECT owner ,device_id , type_id, type , sensitivity, offset, last_calibrated \r\n\t\tFROM sensors INNER JOIN sensorboards \r\n\t\tON sensor_id=id_co2 OR sensor_id=id_co OR sensor_id=id_pm10 OR sensor_id=id_pm25 \r\n\t\tOR sensor_id=id_no OR sensor_id=id_no2 OR sensor_id=id_so2 OR sensor_id=id_o3\r\n\t\tWHERE `device_id`={$device_id}\r\n\t\t"; $result = mysql_query($sql, $con); $xml = generate_calibxml($result); echo $xml; }
function connect_to_db($query) { $con = db_open(); $result = mysql_query($query, $con); if (!$result) { die("Invalid query: " . mysql_error()); } return $result; }
function sample_group_create($user_id, $comment = NULL) { $con = db_open(); $sql = sample_group_insert_SQL($user_id, $comment); db_table_lock("SampleGroups", $con); $result = mysql_query($sql, $con); $id = mysql_insert_id($con); db_table_unlock($con); return $id; }
function getDbTime() { $dbase = db_open($dbase); if (!$dbase) { echo "<font class='error'>ERROR</font> : cannot open DB<br>"; exit; } $sql = "SELECT UNIX_TIMESTAMP( CONVERT_TZ(now(),@@time_zone,'+0:00') )"; $res = mysqli_query($dbase, $sql); if (!@$res) { writelog("error.log", "Wrong query : \" {$sql} \""); echo "<font class='error'>ERROR</font> : Wrong query : {$sql}<br><br>"; exit; } list($date) = mysqli_fetch_row($res); db_close($dbase); return $date; }
function stats_get_num_samples(&$samples_today) { global $con; $con = db_open(); $today = strtotime(date('Y-m-d', time())); $total_count = 0; $today_count = 0; $sql = "SELECT `date` FROM `Samples`"; $result = mysql_query($sql, $con); while ($row = mysql_fetch_assoc($result)) { $date = strtotime($row['date']); if ($date >= $today) { $today_count++; } $total_count++; } $samples_today = $today_count; return $total_count; }
function getChatLines($i, $j) { global $bot_id; $dbconn = db_open(); $sql = <<<endSQL SELECT AVG(`chatlines`) AS TOT \t\t\t\tFROM `users` \t\t\t\tINNER JOIN `conversation_log` ON `users`.`id` = `conversation_log`.`userid` \t\t\t\tWHERE `conversation_log`.`bot_id` = {$bot_id} AND [endCondition]; endSQL; if ($i == "average") { $endCondition = '`chatlines` != 0;'; } else { $endCondition = "(`chatlines` >= {$i} AND `chatlines` <= {$j})"; } $sql = str_replace('[endCondition]', $endCondition, $sql); //get undefined defaults from the db $result = mysql_query($sql, $dbconn) or die('You have a SQL error on line ' . __LINE__ . ' of ' . __FILE__ . '. Error message is: ' . mysql_error() . ".<br />\nSQL = {$sql}<br />\n"); $row = mysql_fetch_assoc($result); $res = $row['TOT']; return $res; }
function showChatFrame() { global $template, $bot_name, $bot_id; $dbconn = db_open(); $sql = "select `format` from `bots` where `bot_id` = {$bot_id} limit 1;"; $result = mysql_query($sql, $dbconn) or die('You have a SQL error on line ' . __LINE__ . ' of ' . __FILE__ . '. Error message is: ' . mysql_error() . ".<br />\nSQL = {$sql}<br />\n"); $row = mysql_fetch_assoc($result); $format = strtolower($row['format']); switch ($format) { case "html": $url = '../gui/plain/'; break; case "json": $url = '../gui/jquery/'; break; case "xml": $url = '../gui/xml/'; break; } $out = $template->getSection('ChatDemo'); $out = str_replace('[pageSource]', $url, $out); $out = str_replace('[format]', strtoupper($format), $out); return $out; }
<?php require_once 'db-config.php'; db_open("pulmofluency"); session_start(); $userid = $_SESSION['user_id']; $locSelected = $_GET['locSelected']; $userIsReviewer = $_GET['userIsReviewer']; // Escape User Input to help prevent SQL Injection $locSelected = mysql_real_escape_string($locSelected); $userIsReviewer = mysql_real_escape_string($userIsReviewer); $location = explode("~", $locSelected); // Build SQL // Build SELECT statement $sqlselect = 'SELECT users.firstname, users.lastname, users.ID'; // Build FROM statement if ($userIsReviewer != "1") { $sqlfrom = ' FROM users'; } else { $sqlfrom = ' FROM peerreview, users'; } // Build WHERE statement if ($userIsReviewer != "1") { $sqlwhere = ' WHERE role="2"'; } else { $sqlwhere = ' WHERE role="2" AND (peerreview.reviewer = "' . $userid . '") AND (users.ID = peerreview.reviewee)'; } $sqlwhere2 = ""; if ($location) { $kv = array(); foreach ($location as $key => $value) {
if (0) { // quitamos esto del medio de momento - lo de artistas_etc4.php // son 3 relaciones 1 a N - artistas -> albumes -> canciones -> videos // PROGRAMA PRINCIPAL // usa unordered lists, se puede presentar algo mejor con un poco de CSS // los parametros del script: co(ntinente) pa(is) ci(udad) param("ar", $ar); // param() cambia(defina) el valor de la variable(global) 2º argumento param("al", $al); // mira lo que hace extract(), todavía no lo uso aquí param("ca", $ca); // seria buena idea si son muchos parametros param("vi", $vi); // empezamos el query string para pasarlo a hacer_lista() $qs = "{$yo}?"; $con = db_open($db_name); echo "KEYS:", br(); foreach (["artistas", "albumes", "canciones", "videos"] as $t) { echo "{$t} PK: ", db_getPK($db_name, $t), br(); $ka = db_getFK($db_name, $t); if ($ka[0]) { echo "{$t} FK: " . $ka[1][0][0] . " ref tabla " . $ka[1][0][1] . " col " . $ka[1][0][2] . br(); } PC::db($ka, "{$t}"); $rfk = db_getrFK($db_name, $t); if ($rfk[0]) { echo "Referencias a {$t}: ", table($rfk[0], $rfk[1]); } } // empezamos por las canciones de momento, luego veremos que hacer con los videos if ($ca) {
function solusvmcontrol_summary_tab() { // Make sure subtab is set if (!isset($_GET['subtab'])) { $_GET['subtab'] = "active"; } // Tab styling $activestyle = " style=\"background-color: #FFF !important;border-bottom:solid 1px white !important;\""; $out_inactive = false; $out_active = false; $out_all = false; switch ($_GET['subtab']) { case "inactive": $active_in = $activestyle; $out_inactive = true; break; case "all": $active_al = $activestyle; $out_all = true; break; case "active": default: $active_ac = $activestyle; $out_active = true; break; // This looks a bit confusing, but basically case "active" is the default } // Init arrays for output $active = ""; $inactive = ""; $all = ""; // Init query db_open(); $svmc_servers_query = "SELECT group_concat(DISTINCT relid SEPARATOR ',') AS svmc_servers FROM tblcustomfields WHERE (fieldname = 'solusvm_server' OR fieldname = 'solusvm_api_key' OR fieldname = 'solusvm_api_hash')"; $svmc_servers_result = mysql_query($svmc_servers_query); // Get the login Credentials into an assoc array $svmc_servers = mysql_fetch_assoc($svmc_servers_result); if (empty($svmc_servers["svmc_servers"])) { $out = "<tr><td colspan=\"3\">SolusVMControl is not currently active on any of your VPS.</td></tr>"; } else { // Get all VPS $all_vps_result = mysql_query("SELECT tblhosting.*, tblproducts.name FROM tblhosting, tblproducts WHERE tblhosting.packageid IN ({$svmc_servers["svmc_servers"]}) AND tblhosting.packageid = tblproducts.id"); $all_vps = null; while ($row = mysql_fetch_assoc($all_vps_result)) { $all_vps[] = $row; } // Itterate through $all_vps foreach ($all_vps as $vps) { // Get credentials for $vps $vps_svmc_settings_result = mysql_query("SELECT tblcustomfieldsvalues.relid,fieldname,value FROM tblcustomfields, tblcustomfieldsvalues WHERE tblcustomfields.id = tblcustomfieldsvalues.fieldid AND fieldname LIKE 'solusvm_%' AND tblcustomfieldsvalues.relid = '" . $vps['id'] . "'"); $vps_svmc_settings = null; while ($row = mysql_fetch_assoc($vps_svmc_settings_result)) { $vps_svmc_settings[] = $row; } // Pick up VPS with no details logged if (sizeof($vps_svmc_settings) < 3) { $inactive[$vps['id']]['name'] = $vps['name']; $inactive[$vps['id']]['domain'] = rtrim($vps['domain'], '. '); $inactive[$vps['id']]['id'] = $vps['id']; } // Sort the results foreach ($vps_svmc_settings as $vps_svmc_settings_item) { // Create output arrays $active[$vps['id']][$vps_svmc_settings_item['fieldname']] = $vps_svmc_settings_item['value']; $active[$vps['id']]['name'] = $vps['name']; $active[$vps['id']]['domain'] = rtrim($vps['domain'], '. '); $active[$vps['id']]['id'] = $vps['id']; } } } // Check through the active ones (as some may not actually be active (empty)) if (!empty($active)) { foreach ($active as $active_item) { if (empty($active_item['solusvm_api_key']) || empty($active_item['solusvm_api_hash']) || empty($active_item['solusvm_server'])) { $inactive[] = $active_item; unset($active[$active_item['id']]); } } } if ($out_active) { $outrows = $active; } else { if ($out_inactive) { $outrows = $inactive; } else { if ($out_all) { $outrows = array_merge($active, $inactive); } } } if (!empty($outrows)) { $i = 0; foreach ($outrows as $row) { if ($i % 2) { $switch = ""; } else { $switch = "background-color:#F5F5F5"; } $out .= "\n\t\t\t<tr style=\"height:50px;{$switch}\">" . "\n\t\t\t\t<td>{$row['name']}</td>" . "\n\t\t\t\t<td><a href=\"clientshosting.php?id={$row['id']}\">{$row['domain']}</a></td>"; if (($out_active || $out_all) && !empty($row['solusvm_server'])) { $out .= "\n\t\t\t\t<td>Server: {$row['solusvm_server']}<br />API Key: {$row['solusvm_api_key']}<br />API Hash:{$row['solusvm_api_hash']}</td>"; } else { $out .= "\n\t\t\t\t<td> </td>"; } $out .= "<td style=\"text-align:rigtht\"><a href=\"clientshosting.php?id={$row['id']}\" style=\"background-color: #339BB9;background-repeat: repeat-x;\n background-image: -webkit-linear-gradient(top, #5bc0de, #339bb9);cursor: pointer;padding: 5px 14px 6px;\n border: 1px solid #CCC;border: 1px solid #CCC;-webkit-transition: 0.1s linear all;-webkit-border-radius: 4px;\n -moz-border-radius: 4px;border-radius: 4px;text-decoration:none;color:#FFF\">Edit Settings</a></td>\n\t\t\t</tr>"; $i++; } } if (empty($active_ac)) { $active_ac = ""; } if (empty($active_in)) { $active_in = ""; } if (empty($active_al)) { $active_al = ""; } return "\n <div id=\"clienttabs\">\n \t<ul>\n \t\t<li class=\"tab\"><a href=\"addonmodules.php?module=solusvmcontrol&tab=summary&subtab=active\"{$active_ac}>Active</a></li>\n \t\t<li class=\"tab\"><a href=\"addonmodules.php?module=solusvmcontrol&tab=summary&subtab=inactive\"{$active_in}>Inactive</a></li>\n \t\t<li class=\"tab\"><a href=\"addonmodules.php?module=solusvmcontrol&tab=summary&subtab=all\"{$active_al}>All</a></li>\n </ul>\n </div>\n\n <div id=\"tab0box\" class=\"tabbox\">\n <div id=\"tab_content\" style=\"text-align:left;\">\n <table id=\"box-table-a\" summary=\"SolsuVMControl\" width=\"100%\" cellspacing=\"0\">\n <thead>\n <tr style=\"height:50px;\">\n <th scope=\"col\" width=\"250\" style=\"border-bottom: solid 3px #333\">SolusVM Package</th>\n <th scope=\"col\" width=\"300\" style=\"border-bottom: solid 3px #333\">Domain</th>\n <th scope=\"col\" style=\"border-bottom: solid 3px #333\">Details</th>\n <th scope=\"col\" style=\"border-bottom: solid 3px #333\">Edit Settings</th>\n </tr>\n </thead>\n <tbody>\n {$out}\n </tbody>\n </table>\n </div>\n </div>\n "; }
function db_switch($target = false) { global $_josh; db_open(); if (!$target) { $target = $_josh["db"]["database"]; } if ($_josh["db"]["language"] == "mssql") { mssql_select_db($target, $_josh["db"]["pointer"]); } elseif ($_josh["db"]["language"] == "mysql") { mysql_select_db($target, $_josh["db"]["pointer"]); } $_josh["db"]["switched"] = $target == $_josh["db"]["database"] ? false : true; }
function addBotPersonality() { $dbconn = db_open(); /* $postVars = print_r($_POST, true); die ("Post vars:<pre>\n$postVars\n</pre>"); */ $bot_id = $_POST['bot_id']; $sql = "Insert into `botpersonality` (`id`, `bot`, `name`, `value`) values\n"; $sql2 = "(null, {$bot_id}, '[key]', '[value]'),\n"; $msg = ""; $newEntryNames = isset($_POST['newEntryName']) ? $_POST['newEntryName'] : ''; $newEntryValues = isset($_POST['newEntryValue']) ? $_POST['newEntryValue'] : ''; if (!empty($newEntryNames)) { foreach ($newEntryNames as $index => $key) { $value = $newEntryValues[$index]; if (!empty($value)) { $tmpSQL = str_replace('[key]', $key, $sql2); $tmpSQL = str_replace('[value]', $value, $tmpSQL); $sql .= $tmpSQL; } } } $skipKeys = array('bot_id', 'action', 'func', 'newEntryName', 'newEntryValue'); foreach ($_POST as $key => $value) { if (!in_array($key, $skipKeys)) { if ($value == "") { continue; } if (is_array($value)) { foreach ($value as $index => $fieldValue) { $field = $key[$fieldValue]; $fieldValue = mysql_real_escape_string(trim($fieldValue)); $tmpSQL = str_replace('[key]', $field, $sql2); $tmpSQL = str_replace('[value]', $fieldValue, $tmpSQL); $sql .= $tmpSQL; } continue; } else { $value = mysql_real_escape_string(trim($value)); $tmpSQL = str_replace('[key]', $key, $sql2); $tmpSQL = str_replace('[value]', $value, $tmpSQL); $sql .= $tmpSQL; } } } $sql = rtrim($sql, ",\n"); $result = mysql_query($sql, $dbconn) or die('You have a SQL error on line ' . __LINE__ . ' of ' . __FILE__ . '. Error message is: ' . mysql_error() . ".<br />SQL:<br /><pre>\n{$sql}\n<br />\n</pre>\n"); if (!$result) { $msg = 'Error updating bot personality.'; } elseif ($msg == "") { $msg = 'Bot personality added!'; } mysql_close($dbconn); return $msg; }
# 'host' => 'localhost', # 'user' => 'root', # 'pass' => '', # 'db' => 'aaa', # 'networks_table' => 'networks', # 'networks_uamsecret_field' => 'uamsecret', # ); # // initialize globals $hotspot_ap = false; $hotspot_network = false; $hotspot_user = false; $hotspot_device = false; $hotspot_code = false; $hotspot_session = false; $dblink = db_open(); // Look up access point based on MAC address $hotspot_ap = get_ap(); if (!is_array($hotspot_ap) || !isset($hotspot_ap['network_id'])) { echo 'Reply-Message: Access Point not found'; exit; } // Load the network that owns the access point to get uamsecret $hotspot_network = get_network(); if (!is_array($hotspot_network) || !isset($hotspot_network['id'])) { echo 'Reply-Message: Network is not configured correctly'; exit; } // Verify the query string parameters with uamsecret check_url(); switch ($_GET['stage']) {
function updateSpell() { //global vars global $template, $msg; $dbconn = db_open(); $missspelling = mysql_real_escape_string(trim($_POST['missspelling'])); $correction = mysql_real_escape_string(trim($_POST['correction'])); $id = trim($_POST['id']); if ($id == "" || $missspelling == "" || $correction == "") { $msg = '<div id="errMsg">There was a problem editing the correction - no changes made.</div>'; } else { $sql = "UPDATE `spellcheck` SET `missspelling` = '{$missspelling}',`correction`='{$correction}' WHERE `id`='{$id}' LIMIT 1"; $result = mysql_query($sql, $dbconn) or die('You have a SQL error on line ' . __LINE__ . ' of ' . __FILE__ . '. Error message is: ' . mysql_error() . ".<br />\nSQL = {$sql}<br />\n"); if ($result) { $msg = '<div id="successMsg">Correction edited.</div>'; } else { $msg = '<div id="errMsg">There was a problem editing the correction - no changes made.</div>'; } } }
require_once "db.php"; $yo = basename($_SERVER["SCRIPT_NAME"]); // para enlaces relativos a este mismo script // son 2 relaciones 1 a N - artistas -> albumes -> canciones // PROGRAMA PRINCIPAL // usa unordered lists, se puede presentar algo mejor con un poco de CSS // los parametros del script: co(ntinente) pa(is) ci(udad) param("ar", $ar); // param() cambia(defina) el valor de la variable(global) 2º argumento param("al", $al); // mira lo que hace extract(), todavía no lo uso aquí param("ca", $ca); // seria buena idea si son muchos parametros // empezamos el query string para pasarlo a hacer_lista() $qs = "{$yo}"; $con = db_open("discoteca"); // cojemos los artistas $artistas = db_query($con, "SELECT id_artista, nombre FROM artistas ORDER BY nombre")[1]; // 0 son headings // mostrar siempre los artistas echo hacer_lista("Artistas", "", "?ar", $artistas); if ($ar) { // mostrar albumes si se ha selecionado un artista $qs .= "?ar={$ar}"; // cojemos los albumes $albumes = db_query($con, "SELECT id_album, titulo_album FROM albumes WHERE id_artista={$ar} ORDER BY titulo_album")[1]; // 0 son headings echo hacer_lista("Álbumes", " de artista {$ar}", "&al", $albumes); if ($al) { // mostrar canciones si se ha selecionado un album $qs .= "&al={$al}";
echo "</table>\n"; echo "<br><br>"; echo "<center><span class='headingtext'>{$title}</span></center>\n"; echo "<br>"; if (isset($_POST["submit"])) { if (!isset($_FILES['uploadfile']['tmp_name']) || !is_uploaded_file($_FILES['uploadfile']['tmp_name'])) { display_error("You must select an SQL script for update"); } else { include_once $path_to_root . "/config_db.php"; if (!isset($_POST['user']) || !isset($_POST['passwd']) || $_POST['user'] == "") { display_error("You must select a user name and an optional password"); } else { foreach ($db_connections as $id => $conn) { $conn['dbuser'] = $_POST['user']; $conn['dbpassword'] = $_POST['passwd']; if (!($db = db_open($conn))) { display_error("Wrong user name or password - " . mysql_error()); } else { if (!db_import($_FILES['uploadfile']['tmp_name'], $conn)) { display_error("Bad SQL file or you have already updated the company: " . $id . " " . $conn['name'] . " - " . mysql_error()); } else { display_notification("Database has been updated for company: " . $id . " " . $conn['name']); } } } } } } if (!isset($_POST['passwd'])) { $_POST['passwd'] = ""; }
<?php Header('Content-Type: text/html; charset=UTF-8'); setlocale(LC_ALL, 'ru_RU.UTF-8'); include_once 'passwd.php'; include_once 'functions.php'; include_once 'db.php'; $PERSMAP_MAX_POINTS = 1500; $PERSMAP_MAX_LINE_POINTS = 600; $pages_menu = array("map" => array("name" => "map", "text" => "Карта Online", "color" => "#99bd1b"), "navigator" => array("name" => "navigator", "text" => "Для навигаторов", "color" => "#f58720"), "about" => array("name" => "about", "text" => "О проекте", "color" => "#db4c39")); $db_type = "postgresql"; if (function_exists("pg_connect")) { // чтобы можно было тестировать не поднимая БД $dbapi = db_open($db_type, $pg_base, $pg_user, $pg_pass, $pg_host); pg_connect("host='" . $pg_host . "' user='******' password='******' dbname='" . $pg_base . "'"); //mysql_query('SET CHARACTER SET utf8'); //mysql_query('SET NAMES utf8'); //mysql_select_db($mysql_base); } session_start(); ob_start();
if ($gfle) { $parent = db_read(array('table' => $table, 'col' => 'p', 'where' => $where)); db_write(array('table' => $table, 'set' => $set, 'where' => $where)); b('/' . $mod . '/?p=' . $parent); } else { //$gfle = db_write(array('table'=>$table, 'set'=>$set)); //b('/'.$mod.'/jne/?id='.$gid.'&fle='.$gfle); b('/' . $mod . '/'); } } elseif (!$post && $gfle) { $parent = db_read(array('table' => $table, 'col' => 'p', 'where' => $where)); $has_children = db_read(array('table' => $table, 'col' => 'id', 'where' => '`p` = ' . $gfle)); if (!$has_children) { $result = db_write(array('table' => $table, 'where' => $where)); img_delete_fdb($table, $gfle); db_open('sqlite:thumb.sqlite3'); db_write(array('db' => 'thumb.sqlite3', 'table' => 't', 'where' => 'id = ' . $gfle)); } b('/' . $mod . '/?p=' . $parent); } // end: delete } // -------------------------------------------------------------------------------------------------------------------- // // --------------------------------------------------- AJAX ----------------------------------------------------------- // // -------------------------------------------------------------------------------------------------------------------- // // -------------------------------- file upload -------------------------------- // if ($act == 'fup') { $ajax = TRUE; //http_response_code(418); // [name] => Sol9pbjQC4M.jpg // [type] => image/jpeg
function getSelOpts() { global $dbn, $bot_id, $msg; $out = " <!-- Start Selectbox Options -->\n"; $dbconn = db_open(); $optionTemplate = " <option value=\"[val]\">[val]</option>\n"; $sql = "SELECT DISTINCT filename FROM `aiml` where `bot_id` = {$bot_id} order by `filename`;"; #return "SQL = $sql"; $result = mysql_query($sql, $dbconn) or die(mysql_error()); if (mysql_num_rows($result) == 0) { $msg = "This bot has no AIML categories. Please select another bot."; } while ($row = mysql_fetch_assoc($result)) { if (empty($row['filename'])) { $curOption = " <option value=\"\">{No Filename entry}</option>\n"; } else { $curOption = str_replace('[val]', $row['filename'], $optionTemplate); } $out .= $curOption; } mysql_close($dbconn); $out .= " <!-- End Selectbox Options -->\n"; return $out; }
$session_cookie_path = str_replace("http://{$server_name}", '', _DEBUG_URL_); session_set_cookie_params($session_lifetime, $session_cookie_path); $session_name = 'PGO_DEBUG'; session_name($session_name); session_start(); $iframeURL = 'about:blank'; $options = array('file' => FILTER_SANITIZE_STRING, 'name' => FILTER_SANITIZE_STRING, 'pass' => FILTER_SANITIZE_STRING, 'logout' => FILTER_SANITIZE_STRING); $post_vars = filter_input_array(INPUT_POST, $options); if (isset($post_vars['logout'])) { $_SESSION['isLoggedIn'] = false; header('Location: ' . _DEBUG_URL_); } if (isset($post_vars['name'])) { $name = $post_vars['name']; $pass = md5($post_vars['pass']); $dbConn = db_open(); $sql = "select `password` from `myprogramo` where `user_name` = '{$name}' limit 1;"; $sth = $dbConn->prepare($sql); $sth->execute(); $row = $sth->fetch(); if ($row !== false) { $verify = $row['password']; if ($pass == $verify) { $_SESSION['isLoggedIn'] = true; header('Location: ' . _DEBUG_URL_); } else { $iframeURL = _LIB_URL_ . 'accessdenied.htm'; } } else { echo 'No results found!'; }
<?php $host = $_GET['host']; if (!isset($host) || !strlen($host)) { $host = false; $hosts = $_POST['hosts']; if (!isset($hosts)) { exit; } } require_once 'mod_file.php'; require_once 'mod_dbase.php'; $dbase = db_open($dbase); while (true) { if ($host !== false) { $host = str_replace("\r", "", $host); // host is unique? $sql = "SELECT host FROM hostban WHERE host = '{$host}' LIMIT 1"; $res = mysqli_query($dbase, $sql); if (!@$res) { // error writelog("error.log", "Wrong query : {$sql}"); $content .= "<font class='error'>ERROR</font> : Wrong query : {$sql}<br><br>"; break; } else { if (mysqli_num_rows($res) == 1) { // no $content .= "<font class='error'>ERROR</font> : Host \"{$host}\" already exists!<br><br>"; } else { // yep // insert new
<?php $site_root = $_SERVER['DOCUMENT_ROOT']; require_once "{$site_root}/db/db_functions.php"; $location = 'Randwick'; $con = db_open(); $query = "SELECT date, no2, o3 FROM Samples \nWHERE location_name='{$location}' \nAND datediff(date,'2014-05-01')>0"; $result = mysql_query($query, $con); if (!$result) { die("invalid query" . mysql_error()); } $text = array(); while ($temp = mysql_fetch_assoc($result)) { array_push($text, $temp['date'] . ',' . $temp['no2'] . ',' . $temp['o3']); } $output = implode("</br>", $text); echo 'date,no2,o3</br>' . $output;
<?php require "common.php"; db_open(); function print_suite_performance($branch, $config_set, $config, $suite, $runs) { echo "<!-- START GENERATED CHART FOR SUITE [" . $suite . "] -->\n"; echo "<div id=\"suite_chart_container\">\n"; echo "\t<div>Suite: " . $suite . "</div>\n\n"; $numRuns = count($runs); $query = "SELECT DISTINCT name FROM results WHERE branch = \"" . $branch . "\" AND suite_name = \"" . $suite . "\""; $result = mysql_query($query); while ($row = mysql_fetch_array($result)) { // need to use "id" for the 3rd element in order to deal with odd suite names $testId = $config_set . "_" . $config . "_" . str_replace('/', '_', $suite) . "_" . $row["name"]; echo "\t<div id=\"suite_chart_contents\">\n"; echo "\t\t<div id=\"" . $testId . "\" style=\"width: " . $numRuns * 100 . "px\"></div>\n"; echo "\t\t<script type=\"text/javascript\">\n"; echo "\t\t\tvar runIds = [];\n"; echo "\t\t\tvar driverIds = [];\n"; echo "\t\t\tvar chartData = [];\n\n"; $query2 = "SELECT DISTINCT driver_id FROM results WHERE branch = \"" . $branch . "\" AND name = \"" . $row["name"] . "\" AND suite_name = \"" . $suite . "\" ORDER BY driver_id ASC"; $result2 = mysql_query($query2); while ($row2 = mysql_fetch_array($result2)) { echo "\t\t\tdriverIds.push(\"" . $row2["driver_id"] . "\");\n\n"; echo "\t\t\tvar driverPerformanceData = [];\n"; for ($i = 0; $i < $numRuns; $i++) { echo "\t\t\tif (runIds.length < " . ($i + 1) . ") {\n"; echo "\t\t\t\trunIds.push(\"" . date("n-j-Y g:i:s A", $runs[$i]["timestamp"]) . " / " . substr($runs[$i]["git_hash"], 0, 10) . "\");\n"; echo "\t\t\t}\n"; $query3 = "SELECT * FROM results WHERE driver_id = \"" . $row2["driver_id"] . "\" AND run_id = " . $runs[$i]["id"] . " AND name = \"" . $row["name"] . "\" LIMIT 1";
function _clean($max) { $old = time() - $max; // Open the database connection $db = db_open(); $stmt = $db->prepare("DELETE FROM sessions WHERE access < :old"); $stmt->bindParam(":old", $old, PDO::PARAM_INT, 10); $return = $stmt->execute(); // Close the database connection db_close($db); return $return; }
<?php $guid = urldecode($_GET['guid']); if (strlen($guid) === false) { $content .= '<b>ERROR</b> : Invalid bot GUID'; } $pos = strpos($guid, "!"); $guid2 = "SYSTEM" . substr($guid, $pos); $guid3 = "" . substr($guid, $pos); require_once 'mod_file.php'; require_once 'mod_time.php'; require_once 'mod_dbase.php'; require_once 'mod_strenc.php'; $dbase = db_open(); $sql = 'SELECT *' . ' FROM rep1' . " WHERE bot_guid = '{$guid}'" . ' LIMIT 1'; $res = mysqli_query($dbase, $sql); if (!@$res) { writelog("error.log", "Wrong query : \" {$sql} \""); db_close($dbase); exit; } if (!mysqli_num_rows($res)) { $sql = 'SELECT *' . ' FROM rep1' . " WHERE bot_guid = '{$guid2}' OR bot_guid = '{$guid3}'" . ' LIMIT 1'; $res = mysqli_query($dbase, $sql); if (!@$res) { writelog("error.log", "Wrong query : \" {$sql} \""); db_close($dbase); exit; } if (!mysqli_num_rows($res)) { $content = "<center><font class='error'>ERROR</font> : cannot find info bot this bot : <b>{$guid}</b> or <b>{$guid2}</b> or <b>{$guid3}</b></center>";
function update_last_login($user_id) { // Get current datetime for last_update $current_datetime = date('Y-m-d H:i:s'); // Open the database connection $db = db_open(); // Update the last login $stmt = $db->prepare("UPDATE user SET `last_login`=:last_login WHERE `value`=:user_id"); $stmt->bindParam(":last_login", $current_datetime, PDO::PARAM_STR, 20); $stmt->bindParam(":user_id", $user_id, PDO::PARAM_INT); $stmt->execute(); // Close the database connection db_close($db); return true; }