function upgrade_075_080_pskills_migrate() { # Note: Requires the players_skills table AND all skills name corrections made in DB so they fit $skillsididx. global $skillididx; global $skillididx_rvs; # Make global for use below (dirty trick). $skillididx_rvs = array_flip($skillididx); # Already run this version upgrade (note: this routine specifically does not remove the skills column(s))? if (!SQLUpgrade::doesColExist('players', 'ach_nor_skills')) { return true; } $status = true; $status &= (mysql_query("\n CREATE TABLE IF NOT EXISTS players_skills (\n f_pid MEDIUMINT SIGNED NOT NULL,\n f_skill_id SMALLINT UNSIGNED NOT NULL,\n type VARCHAR(1)\n )\n ") or die(mysql_error())); $players = get_rows('players', array('player_id', 'ach_nor_skills', 'ach_dob_skills', 'extra_skills'), array('ach_nor_skills != "" OR ach_dob_skills != "" OR extra_skills != ""')); foreach ($players as $p) { foreach (array('N' => 'ach_nor_skills', 'D' => 'ach_dob_skills', 'E' => 'extra_skills') as $t => $grp) { $values = empty($p->{$grp}) ? array() : array_map(create_function('$s', 'global $skillididx_rvs; return "(' . $p->player_id . ',\'' . $t . '\',".$skillididx_rvs[$s].")";'), explode(',', $p->{$grp})); if (!empty($values)) { $status &= (mysql_query("INSERT INTO players_skills(f_pid, type, f_skill_id) VALUES " . implode(',', $values)) or die(mysql_error())); } } } $sqls_drop = array(SQLUpgrade::runIfColumnExists('players', 'ach_nor_skills', 'ALTER TABLE players DROP ach_nor_skills'), SQLUpgrade::runIfColumnExists('players', 'ach_dob_skills', 'ALTER TABLE players DROP ach_dob_skills'), SQLUpgrade::runIfColumnExists('players', 'extra_skills', 'ALTER TABLE players DROP extra_skills')); foreach ($sqls_drop as $query) { $status &= (mysql_query($query) or die(mysql_error())); } return $status; }
function dumpTable($table, $style, $is_view = false) { if ($_POST["format"] == "sql_alter") { $create = create_sql($table, $_POST["auto_increment"]); if ($is_view) { echo substr_replace($create, " OR REPLACE", 6, 0) . ";\n\n"; } else { echo substr_replace($create, " IF NOT EXISTS", 12, 0) . ";\n\n"; // create procedure which iterates over original columns and adds new and removes old $query = "SELECT COLUMN_NAME, COLUMN_DEFAULT, IS_NULLABLE, COLLATION_NAME, COLUMN_TYPE, EXTRA, COLUMN_COMMENT FROM information_schema.COLUMNS WHERE TABLE_SCHEMA = DATABASE() AND TABLE_NAME = " . q($table) . " ORDER BY ORDINAL_POSITION"; echo "DELIMITER ;;\nCREATE PROCEDURE adminer_alter (INOUT alter_command text) BEGIN\n\tDECLARE _column_name, _collation_name, after varchar(64) DEFAULT '';\n\tDECLARE _column_type, _column_default text;\n\tDECLARE _is_nullable char(3);\n\tDECLARE _extra varchar(30);\n\tDECLARE _column_comment varchar(255);\n\tDECLARE done, set_after bool DEFAULT 0;\n\tDECLARE add_columns text DEFAULT '"; $fields = array(); $after = ""; foreach (get_rows($query) as $row) { $default = $row["COLUMN_DEFAULT"]; $row["default"] = $default !== null ? q($default) : "NULL"; $row["after"] = q($after); //! rgt AFTER lft, lft AFTER id doesn't work $row["alter"] = escape_string(idf_escape($row["COLUMN_NAME"]) . " {$row['COLUMN_TYPE']}" . ($row["COLLATION_NAME"] ? " COLLATE {$row['COLLATION_NAME']}" : "") . ($default !== null ? " DEFAULT " . ($default == "CURRENT_TIMESTAMP" ? $default : $row["default"]) : "") . ($row["IS_NULLABLE"] == "YES" ? "" : " NOT NULL") . ($row["EXTRA"] ? " {$row['EXTRA']}" : "") . ($row["COLUMN_COMMENT"] ? " COMMENT " . q($row["COLUMN_COMMENT"]) : "") . ($after ? " AFTER " . idf_escape($after) : " FIRST")); echo ", ADD {$row['alter']}"; $fields[] = $row; $after = $row["COLUMN_NAME"]; } echo "';\n\tDECLARE columns CURSOR FOR {$query};\n\tDECLARE CONTINUE HANDLER FOR NOT FOUND SET done = 1;\n\tSET @alter_table = '';\n\tOPEN columns;\n\tREPEAT\n\t\tFETCH columns INTO _column_name, _column_default, _is_nullable, _collation_name, _column_type, _extra, _column_comment;\n\t\tIF NOT done THEN\n\t\t\tSET set_after = 1;\n\t\t\tCASE _column_name"; foreach ($fields as $row) { echo "\n\t\t\t\tWHEN " . q($row["COLUMN_NAME"]) . " THEN\n\t\t\t\t\tSET add_columns = REPLACE(add_columns, ', ADD {$row['alter']}', IF(\n\t\t\t\t\t\t_column_default <=> {$row['default']} AND _is_nullable = '{$row['IS_NULLABLE']}' AND _collation_name <=> " . (isset($row["COLLATION_NAME"]) ? "'{$row['COLLATION_NAME']}'" : "NULL") . " AND _column_type = " . q($row["COLUMN_TYPE"]) . " AND _extra = '{$row['EXTRA']}' AND _column_comment = " . q($row["COLUMN_COMMENT"]) . " AND after = {$row['after']}\n\t\t\t\t\t, '', ', MODIFY {$row['alter']}'));"; //! don't replace in comment } echo "\n\t\t\t\tELSE\n\t\t\t\t\tSET @alter_table = CONCAT(@alter_table, ', DROP ', '`', REPLACE(_column_name, '`', '``'), '`');\n\t\t\t\t\tSET set_after = 0;\n\t\t\tEND CASE;\n\t\t\tIF set_after THEN\n\t\t\t\tSET after = _column_name;\n\t\t\tEND IF;\n\t\tEND IF;\n\tUNTIL done END REPEAT;\n\tCLOSE columns;\n\tIF @alter_table != '' OR add_columns != '' THEN\n\t\tSET alter_command = CONCAT(alter_command, 'ALTER TABLE " . adminer_table($table) . "', SUBSTR(CONCAT(add_columns, @alter_table), 2), ';\\n');\n\tEND IF;\nEND;;\nDELIMITER ;\nCALL adminer_alter(@adminer_alter);\nDROP PROCEDURE adminer_alter;\n\n"; //! indexes } return true; } }
//номер специальности if (!isset($id_e)) { //список отделений $sql = "SELECT * FROM osakond ORDER BY name_osakond ASC"; } else { $sql = "SELECT * FROM eriala WHERE id_eriala=" . $id_e; } $rows = get_rows($sql); echo '<div id="column3"><h1>Osakond</h1> <div style="width:912px;">'; if (isset($id_e)) { foreach ($rows as $row) { echo '<div id="column2" style="min-height:250px; height:100%;"><h2>' . $row[1] . '</h2> <span class="left"><img src="images/' . $row[2] . '" alt="" width="148px" height="168px"></span> <p style="width: 800px">' . $row[4] . '</p> </div> '; echo '<a href="' . $_SERVER['PHP_SELF'] . "?page=" . $page . '">Tagasi</a>'; } } else { foreach ($rows as $row) { echo '<h2>' . $row[1] . '</h2>'; $sql_e = "SELECT * FROM eriala WHERE id_osakond=" . $row[0]; $rows_e = get_rows($sql_e); $text = ""; foreach ($rows_e as $row_e) { $text .= "<li> <a href='" . $_SERVER['PHP_SELF'] . "?page=" . $page . "&id_e=" . $row_e[0] . "'>" . $row_e[1] . "</a></li>"; } echo '<ul>' . $text . '</ul>'; } } echo '</div></div>';
<?php $USER = $_GET["user"]; $privileges = array("" => array("All privileges" => "")); foreach (get_rows("SHOW PRIVILEGES") as $row) { foreach (explode(",", $row["Privilege"] == "Grant option" ? "" : $row["Context"]) as $context) { $privileges[$context][$row["Privilege"]] = $row["Comment"]; } } $privileges["Server Admin"] += $privileges["File access on server"]; $privileges["Databases"]["Create routine"] = $privileges["Procedures"]["Create routine"]; // MySQL bug #30305 unset($privileges["Procedures"]["Create routine"]); $privileges["Columns"] = array(); foreach (array("Select", "Insert", "Update", "References") as $val) { $privileges["Columns"][$val] = $privileges["Tables"][$val]; } unset($privileges["Server Admin"]["Usage"]); foreach ($privileges["Tables"] as $key => $val) { unset($privileges["Databases"][$key]); } $new_grants = array(); if ($_POST) { foreach ($_POST["objects"] as $key => $val) { $new_grants[$val] = (array) $new_grants[$val] + (array) $_POST["grants"][$key]; } } $grants = array(); $old_pass = ""; if (isset($_GET["host"]) && ($result = $connection->query("SHOW GRANTS FOR " . q($USER) . "@" . q($_GET["host"])))) { //! use information_schema for MySQL 5 - column names in column privileges are not escaped
include "./func.php"; try { $conn = connect(); } catch (Exception $error) { display_message($error->getMessage(), "", "error"); exit; } $nickname = get_nickname($conn); //获取页面参数 if (isset($_GET['page']) && is_num($_GET['page'])) { $page = $_GET['page']; } else { $page = 1; } $PAGESIZE = 5; $pages = ceil(get_rows($conn) / $PAGESIZE); $offset = $PAGESIZE * ($page - 1); $select = "select * from article order by id desc limit {$offset},{$PAGESIZE}"; $result = $conn->query($select); ?> <!DOCTYPE html> <html> <head> <title>monogatari</title> <meta charset="utf-8"> <meta http-equiv="X-UA-Compatible" content="IE=edge"> <meta name="viewport" content="width=device-width, initial-scale=1"> <link rel="stylesheet" href="css/bootstrap.min.css"> <link rel="stylesheet" href="css/bootstrap-combined.min.css"> <script src="//cdn.bootcss.com/jquery/1.11.3/jquery.min.js"></script> <script src="js/bootstrap.min.js"></script>
<?php include_once 'cgi/config.php'; include_once 'cgi/common.php'; db_init(); $samples = get_rows('samples'); ?> <html lang="en"> <head> <title>Data Generator App!</title> <meta charset="utf-8"> <meta http-equiv="X-UA-Compatible" content="IE=edge"> <meta name="viewport" content="width=device-width, initial-scale=1"> <link href="css/bootstrap.min.css" rel="stylesheet" > <link href="css/themes/<?php echo $theme; ?> .css" rel="stylesheet" > </head> <body> <div class="navbar navbar-default"> <div class="container"> <div class="navbar-header"> <a href="/" class="navbar-brand">Data Generator App!!!</a> <button class="navbar-toggle" type="button" data-toggle="collapse" data-target="#navbar-main"> <span class="icon-bar"></span> <span class="icon-bar"></span> <span class="icon-bar"></span> </button> </div> <div class="navbar-collapse collapse" id="navbar-main">
<div class="boxCommon"> <div class="boxTitle<?php echo T_HTMLBOX_ADMIN; ?> "> Change local access level </div> <div class="boxBody"> <form method="POST"> Coach name<br> <input type="text" name="cname" id="coach1" size="20" maxlength="50"><br><br> <div id='massuserlist' style='display:none;'> Coaches<br> <br> <?php foreach (get_rows('coaches', array('coach_id', 'name')) as $subm_coach) { echo "<input type='checkbox' name='cid{$subm_coach->coach_id}' value='1'> {$subm_coach->name}<br>\n"; } ?> <br> </div> Access level<br> <select name="ring"> <?php foreach ($T_LOCAL_RINGS as $r => $desc) { echo "<option value='{$r}' " . ($r == Coach::T_RING_LOCAL_REGULAR ? 'SELECTED' : '') . ">{$desc}</option>\n"; } echo "<option value='" . Coach::T_RING_LOCAL_NONE . "'>None</option>\n"; ?> </select> <br><br>
public function getWonTours() { // Returns an array of tournament objects for those tournaments this team has won. return array_map(create_function('$t', 'return new Tour($t->tour_id);'), get_rows('tours', array('tour_id'), array("winner = {$this->team_id}"))); }
$EVENT = $_GET["event"]; $intervals = array("YEAR", "QUARTER", "MONTH", "DAY", "HOUR", "MINUTE", "WEEK", "SECOND", "YEAR_MONTH", "DAY_HOUR", "DAY_MINUTE", "DAY_SECOND", "HOUR_MINUTE", "HOUR_SECOND", "MINUTE_SECOND"); $statuses = array("ENABLED" => "ENABLE", "DISABLED" => "DISABLE", "SLAVESIDE_DISABLED" => "DISABLE ON SLAVE"); $row = $_POST; if ($_POST && !$error) { if ($_POST["drop"]) { query_redirect("DROP EVENT " . idf_escape($EVENT), substr(ME, 0, -1), lang('Event has been dropped.')); } elseif (in_array($row["INTERVAL_FIELD"], $intervals) && isset($statuses[$row["STATUS"]])) { $schedule = "\nON SCHEDULE " . ($row["INTERVAL_VALUE"] ? "EVERY " . q($row["INTERVAL_VALUE"]) . " {$row['INTERVAL_FIELD']}" . ($row["STARTS"] ? " STARTS " . q($row["STARTS"]) : "") . ($row["ENDS"] ? " ENDS " . q($row["ENDS"]) : "") : "AT " . q($row["STARTS"])) . " ON COMPLETION" . ($row["ON_COMPLETION"] ? "" : " NOT") . " PRESERVE"; queries_redirect(substr(ME, 0, -1), $EVENT != "" ? lang('Event has been altered.') : lang('Event has been created.'), queries(($EVENT != "" ? "ALTER EVENT " . idf_escape($EVENT) . $schedule . ($EVENT != $row["EVENT_NAME"] ? "\nRENAME TO " . idf_escape($row["EVENT_NAME"]) : "") : "CREATE EVENT " . idf_escape($row["EVENT_NAME"]) . $schedule) . "\n" . $statuses[$row["STATUS"]] . " COMMENT " . q($row["EVENT_COMMENT"]) . rtrim(" DO\n{$row['EVENT_DEFINITION']}", ";") . ";")); } } page_header($EVENT != "" ? lang('Alter event') . ": " . h($EVENT) : lang('Create event'), $error); if (!$row && $EVENT != "") { $rows = get_rows("SELECT * FROM information_schema.EVENTS WHERE EVENT_SCHEMA = " . q(DB) . " AND EVENT_NAME = " . q($EVENT)); $row = reset($rows); } ?> <form action="" method="post"> <table cellspacing="0"> <tr><th><?php echo lang('Name'); ?> <td><input name="EVENT_NAME" value="<?php echo h($row["EVENT_NAME"]); ?> " maxlength="64" autocapitalize="off"> <tr><th title="datetime"><?php echo lang('Start');
function getTestTeams() { $sql = "SELECT * FROM testsolve_team"; return get_rows($sql); }
function getTestCommentsAll() { $sql = sprintf("SELECT comments.id, comments.uid, comments.comment, comments.type,\n comments.timestamp, comments.pid, comment_type.name FROM\n comments LEFT JOIN comment_type ON comments.type=comment_type.id\n WHERE comment_type.name='Testsolver' ORDER BY comments.id ASC", mysql_real_escape_string($pid)); return get_rows($sql); }
/** Get process list * @return array ($row) */ function process_list() { return get_rows("SHOW FULL PROCESSLIST"); }
<?php //get number of page from db in tabel "menyy" $sql = "SELECT * FROM menyy WHERE flag=2"; $rows = get_rows($sql); foreach ($rows as $row) { $page = $row[3]; $k = 1; if ($k == 1) { $sql_o = "SELECT * FROM osakond ORDER BY name_osakond ASC"; $rows_o = get_rows($sql_o); $text = ""; foreach ($rows_o as $row_o) { $text .= "<li> <a href='" . $_SERVER['PHP_SELF'] . "?page=" . $page . "&id_o=" . $row_o[0] . "'>" . $row_o[1] . "</a></li>"; } echo "\t<div class='sidebaritem'>\n \t\t\t\t<div class='sbihead'>\n \t\t\t\t\t<h1>" . $row[1] . "</h1>\n \t\t\t\t</div>\n \t\t\t\t\t<div class='sbilinks'> \n \t\t\t\t\t<ul>"; echo $text; echo "</ul></div></div>"; } $k++; }
} foreach ($orig_fields as $field) { $field["has_default"] = isset($field["default"]); if ($field["on_update"]) { $field["default"] .= " ON UPDATE {$field['on_update']}"; // CURRENT_TIMESTAMP } $row["fields"][] = $field; } if (support("partitioning")) { $from = "FROM information_schema.PARTITIONS WHERE TABLE_SCHEMA = " . q(DB) . " AND TABLE_NAME = " . q($TABLE); $result = $connection->query("SELECT PARTITION_METHOD, PARTITION_ORDINAL_POSITION, PARTITION_EXPRESSION {$from} ORDER BY PARTITION_ORDINAL_POSITION DESC LIMIT 1"); list($row["partition_by"], $row["partitions"], $row["partition"]) = $result->fetch_row(); $row["partition_names"] = array(); $row["partition_values"] = array(); foreach (get_rows("SELECT PARTITION_NAME, PARTITION_DESCRIPTION {$from} AND PARTITION_NAME != '' ORDER BY PARTITION_ORDINAL_POSITION") as $row1) { $row["partition_names"][] = $row1["PARTITION_NAME"]; $row["partition_values"][] = $row1["PARTITION_DESCRIPTION"]; } $row["partition_names"][] = ""; } } $collations = collations(); $suhosin = floor(extension_loaded("suhosin") ? (min(ini_get("suhosin.request.max_vars"), ini_get("suhosin.post.max_vars")) - 13) / 10 : 0); // 10 - number of fields per row, 13 - number of other fields if ($suhosin && count($row["fields"]) > $suhosin) { echo "<p class='error'>" . h(lang('Maximum number of allowed fields exceeded. Please increase %s and %s.', 'suhosin.post.max_vars', 'suhosin.request.max_vars')) . "\n"; } $engines = engines(); // case of engine may differ foreach ($engines as $engine) {
$views[] = $table_status["Name"]; } } } foreach ($views as $view) { $adminer->dumpTable($view, $_POST["table_style"], true); } if ($ext == "tar") { echo pack("x512"); } } if ($style == "CREATE+ALTER" && $is_sql) { // drop old tables $query = "SELECT TABLE_NAME, ENGINE, TABLE_COLLATION, TABLE_COMMENT FROM information_schema.TABLES WHERE TABLE_SCHEMA = DATABASE()"; echo "DELIMITER ;;\nCREATE PROCEDURE adminer_alter (INOUT alter_command text) BEGIN\n\tDECLARE _table_name, _engine, _table_collation varchar(64);\n\tDECLARE _table_comment varchar(64);\n\tDECLARE done bool DEFAULT 0;\n\tDECLARE tables CURSOR FOR {$query};\n\tDECLARE CONTINUE HANDLER FOR NOT FOUND SET done = 1;\n\tOPEN tables;\n\tREPEAT\n\t\tFETCH tables INTO _table_name, _engine, _table_collation, _table_comment;\n\t\tIF NOT done THEN\n\t\t\tCASE _table_name"; foreach (get_rows($query) as $row) { $comment = q($row["ENGINE"] == "InnoDB" ? preg_replace('~(?:(.+); )?InnoDB free: .*~', '\\1', $row["TABLE_COMMENT"]) : $row["TABLE_COMMENT"]); echo "\n\t\t\t\tWHEN " . q($row["TABLE_NAME"]) . " THEN\n\t\t\t\t\t" . (isset($row["ENGINE"]) ? "IF _engine != '{$row['ENGINE']}' OR _table_collation != '{$row['TABLE_COLLATION']}' OR _table_comment != {$comment} THEN\n\t\t\t\t\t\tALTER TABLE " . idf_escape($row["TABLE_NAME"]) . " ENGINE={$row['ENGINE']} COLLATE={$row['TABLE_COLLATION']} COMMENT={$comment};\n\t\t\t\t\tEND IF" : "BEGIN END") . ";"; } echo "\n\t\t\t\tELSE\n\t\t\t\t\tSET alter_command = CONCAT(alter_command, 'DROP TABLE `', REPLACE(_table_name, '`', '``'), '`;\\n');\n\t\t\tEND CASE;\n\t\tEND IF;\n\tUNTIL done END REPEAT;\n\tCLOSE tables;\nEND;;\nDELIMITER ;\nCALL adminer_alter(@adminer_alter);\nDROP PROCEDURE adminer_alter;\n"; } if (in_array("CREATE+ALTER", array($style, $_POST["table_style"])) && $is_sql) { echo "SELECT @adminer_alter;\n"; } } } if ($is_sql) { echo "-- " . $connection->result("SELECT NOW()") . "\n"; } exit; }
function displayTestingSummary() { $sql = sprintf("SELECT uid, pid from test_queue"); $result = get_rows($sql); if (!$result) { echo "<span class='emptylist'>No puzzles in test queue</span>"; return; } echo '<style type="text/css">'; echo '.testingtable, .testingtable a { color: #999999; }'; echo '.testingtable .name, .testingtable .current, .testingtable .past { color: #000000; font-weight: bold; }'; $currqueue = array(); foreach ($result as $r) { $currclass = NULL; $uid = $r['uid']; $pid = $r['pid']; if (isset($currqueue[$uid])) { $currqueue[$uid] .= "{$pid} "; } else { $currqueue[$uid] = "{$pid} "; } $currclass = ".a{$uid}-{$pid}"; echo ".testingtable {$currclass}, .testingtable {$currclass} a {color: #000000; }\n"; } echo "</style>\n"; $sql = sprintf("SELECT user_info.uid, user_info.username, comments.id, type, timestamp, pid FROM comments\n LEFT JOIN user_info on comments.uid = user_info.uid WHERE comments.type = 5\n ORDER BY user_info.username, comments.pid"); $result = query_db($sql); $r = mysql_fetch_assoc($result); $arr = array(); while ($r) { $uid = $r['uid']; $pid = $r['pid']; $id = $r['id']; $timestamp = $r['timestamp']; $name = getUserName($uid); $arr[$uid] = "<tr><td class='name'>{$name}</td><td>"; if (!isset($currqueue[$uid])) { $currqueue[$uid] = ""; } $arr[$uid] .= '<span class="current">Current queue: ' . print_r($currqueue[$uid], true) . '</span><br />'; $arr[$uid] .= '<span class="past">Past comments: </span><br />'; $arr[$uid] .= "<span class='a{$uid}-{$pid}'>"; $puzzlink = URL . "/puzzle.php?pid={$pid}"; $arr[$uid] .= "<a href='{$puzzlink}'>{$pid}</a>: "; $arr[$uid] .= "<a href='{$puzzlink}#comm{$id}'>{$timestamp}</a> "; $r = mysql_fetch_assoc($result); while ($r) { if ($uid != $r['uid']) { $arr[$uid] .= "</td></tr>"; break; } if ($pid != $r['pid']) { $pid = $r['pid']; $arr[$uid] .= "</span><br />\n" . "<span class=\"a" . $r['uid'] . "-" . $pid . "\">"; $puzzlink = URL . "/puzzle.php?pid=" . $pid; $arr[$uid] .= "<a href=\"" . $puzzlink . "\">" . $pid . "</a>: "; } $arr[$uid] .= "<a href=\"" . $puzzlink . "#comm" . $r['id'] . "\">" . $r['timestamp'] . "</a> "; $r = mysql_fetch_assoc($result); } } if (!$arr) { echo "<div class='emptylist'>No comments</div>"; } echo "<table class=\"testingtable\">\n"; foreach ($arr as $key => $value) { echo $value . "\n"; } echo "</table>\n\n"; }
<?php include "./config"; include "./func.php"; try { $conn = connect(); } catch (Exception $error) { display_message($error->getMessage(), "", "error"); exit; } $nickname = get_nickname($conn); $count = get_rows($conn); $select = "select * from article;"; $result = $conn->query($select); ?> <!DOCTYPE html> <html> <head> <title>归档</title> <meta charset="utf-8"> <meta http-equiv="X-UA-Compatible" content="IE=edge"> <meta name="viewport" content="width=device-width, initial-scale=1"> <link rel="stylesheet" href="css/bootstrap.min.css"> <link rel="stylesheet" href="css/bootstrap-combined.min.css"> <script src="//cdn.bootcss.com/jquery/1.11.3/jquery.min.js"></script> <script src="js/bootstrap.min.js"></script> <style type="text/css"> body { background-image:url("image/theme.png"); background-size: cover; background-repeat:no-repeat;
public static function main($argv) { global $lng; title($lng->getTrn('name', 'Gallery')); list($sel_lid, $HTML_LeagueSelector) = HTMLOUT::simpleLeagueSelector(); if (isset($_POST['type'])) { echo "<center><a href='handler.php?type=gallery'>" . $lng->getTrn('common/back') . "</a></center>\n"; switch ($_POST['type']) { case 'team': $t = new Team((int) $_POST['tid']); echo "<b>" . $lng->getTrn('playersof', 'Gallery') . " {$t->name}</b><br><hr><br>\n"; foreach ($t->getPlayers() as $p) { $img = new ImageSubSys(IMGTYPE_PLAYER, $p->player_id); $pic = $img->getPath(); echo "<div style='float:left; padding:10px;'>{$p->name} (#{$p->nr})<br><a href='" . urlcompile(T_URL_PROFILE, T_OBJ_PLAYER, $p->player_id, false, false) . "'><img HEIGHT=150 src='{$pic}' alt='pic'></a></div>"; } break; case 'stad': echo "<b>" . $lng->getTrn('stads', 'Gallery') . "</b><br><hr><br>\n"; $teams = get_rows('teams', array('team_id', 'name'), array("f_lid = {$sel_lid}")); objsort($teams, array('+name')); foreach ($teams as $t) { $img = new ImageSubSys(IMGTYPE_TEAMSTADIUM, $t->team_id); $pic = $img->getPath(); echo "<div style='float:left; padding:10px;'>{$t->name}<br><a href='{$pic}'><img HEIGHT=150 src='{$pic}' alt='pic'></a></div>"; } break; case 'coach': echo "<b>" . $lng->getTrn('coaches', 'Gallery') . "</b><br><hr><br>\n"; $q = "SELECT coach_id, name FROM coaches,memberships WHERE cid = coach_id AND lid = {$sel_lid} GROUP BY cid, lid ORDER BY name ASC"; $result = mysql_query($q); while ($c = mysql_fetch_object($result)) { $img = new ImageSubSys(IMGTYPE_COACH, $c->coach_id); $pic = $img->getPath(); echo "<div style='float:left; padding:10px;'>{$c->name}<br><a href='{$pic}'><img HEIGHT=150 src='{$pic}' alt='pic'></a></div>"; } break; } return; } echo $HTML_LeagueSelector; echo "<br><br>\n"; echo $lng->getTrn('note', 'Gallery'); ?> <ul> <li> <?php $teams = get_rows('teams', array('team_id', 'name'), array("f_lid = {$sel_lid}")); objsort($teams, array('+name')); echo $lng->getTrn('players', 'Gallery') . "\n <form method='POST' style='display:inline; margin:0px;'><select name='tid' onChange='this.form.submit();'>\n <option value='0'>— " . $lng->getTrn('none', 'Gallery') . " —</option>" . implode("\n", array_map(create_function('$o', 'return "<option value=\'$o->team_id\'>$o->name</option>";'), $teams)) . "</select><input type='hidden' name='type' value='team'></form>\n "; ?> </li> <li><?php echo inlineform(array('type' => 'stad'), 'stadForm', $lng->getTrn('stads', 'Gallery')); ?> </li> <li><?php echo inlineform(array('type' => 'coach'), 'coachesForm', $lng->getTrn('coaches', 'Gallery')); ?> </li> </ul> <?php }
function editAccount($uid) { $user = getPerson($uid); $picture = $_FILES['picture']; if ($_POST['email'] == "") { return "Email may not be empty"; } if ($_POST['fullname'] == "") { return "Full name may not be empty"; } if ($picture['name'] != '') { $pic = pictureHandling($uid, $picture); } else { $pic = getPic($uid); } $purifier = new HTMLPurifier(); $fullname = $purifier->purify($_POST['fullname']); $pic = $purifier->purify($pic); $email_level = $purifier->purify($_POST['email_pref']); mysql_query('START TRANSACTION'); $failed = 0; $sql = sprintf("UPDATE user_info SET fullname='%s', picture='%s', email_level='%s' WHERE uid='%s'", mysql_real_escape_string($fullname), mysql_real_escape_string($pic), mysql_real_escape_string($email_level), mysql_real_escape_string($uid)); $result = mysql_query($sql); if ($result == FALSE) { $failed = 1; } $sql = sprintf("DELETE from user_info_values WHERE person_id = '%s'", mysql_real_escape_string($uid)); $result = mysql_query($sql); if ($result == FALSE) { $failed = 1; } $sql = sprintf("SELECT id, shortname, longname FROM user_info_key"); $result = get_rows($sql); if (!$result) { $failed = 1; } foreach ($result as $r) { $shortname = $r['shortname']; $longname = $r['longname']; $user_key_id = $r['id']; $value = $_POST[$shortname]; $value = $purifier->purify($value); if ($_POST[$shortname] != "") { $sql = sprintf("INSERT INTO user_info_values VALUES ('%s', '%s', '%s')", mysql_real_escape_string($uid), mysql_real_escape_string($user_key_id), mysql_real_escape_string($value)); $res = mysql_query($sql); if ($res == FALSE) { $failed = 1; } } } if ($failed == 1) { mysql_query('ROLLBACK'); return "Registration Failed"; } else { mysql_query('COMMIT'); return TRUE; } }
echo "<h3 id='user-types'>" . lang('User types') . "</h3>\n"; $user_types = types(); if ($user_types) { echo "<table cellspacing='0'>\n"; echo "<thead><tr><th>" . lang('Name') . "</thead>\n"; odd(''); foreach ($user_types as $val) { echo "<tr" . odd() . "><th><a href='" . h(ME) . "type=" . urlencode($val) . "'>" . h($val) . "</a>\n"; } echo "</table>\n"; } echo "<p class='links'><a href='" . h(ME) . "type='>" . lang('Create type') . "</a>\n"; } if (support("event")) { echo "<h3 id='events'>" . lang('Events') . "</h3>\n"; $rows = get_rows("SHOW EVENTS"); if ($rows) { echo "<table cellspacing='0'>\n"; echo "<thead><tr><th>" . lang('Name') . "<td>" . lang('Schedule') . "<td>" . lang('Start') . "<td>" . lang('End') . "<td></thead>\n"; foreach ($rows as $row) { echo "<tr>"; echo "<th>" . h($row["Name"]); echo "<td>" . ($row["Execute at"] ? lang('At given time') . "<td>" . $row["Execute at"] : lang('Every') . " " . $row["Interval value"] . " " . $row["Interval field"] . "<td>{$row['Starts']}"); echo "<td>{$row['Ends']}"; echo '<td><a href="' . h(ME) . 'event=' . urlencode($row["Name"]) . '">' . lang('Alter') . '</a>'; } echo "</table>\n"; $event_scheduler = $connection->result("SELECT @@event_scheduler"); if ($event_scheduler && $event_scheduler != "ON") { echo "<p class='error'><code class='jush-sqlset'>event_scheduler</code>: " . h($event_scheduler) . "\n"; }
<?php $id_e = $_GET['id_e']; //номер специальности if (!isset($id_e)) { //список отделений $sql = "SELECT * FROM news ORDER BY date_news DESC"; } else { $sql = "SELECT * FROM news WHERE id_news=" . $id_e; } $rows = get_rows($sql); echo '<div id="column3"><h1>Uudised</h1> <div style="width:912px;">'; if (isset($id_e)) { foreach ($rows as $row) { echo '<div id="column2" style="min-height:250px; height:100%;"><span class="left"><img src="images/' . $row[3] . '" alt="" width="158px" height="220"></span>'; echo '<div><h2>' . $row[1] . '</h2>'; echo '<p style="width:800px">' . $row[2] . '</p>'; echo '<span style="float:right">' . $row[4] . '</span></div></div> '; echo '<a href="' . $_SERVER['PHP_SELF'] . "?page=" . $page . '">Tagasi</a>'; } } else { echo '<ul>'; foreach ($rows as $row) { echo '<li>' . $row[4] . ' <a href="' . $_SERVER['PHP_SELF'] . '?page=' . $page . '&id_e=' . $row[0] . '">' . $row[1] . '</a></li>'; } echo '</ul>'; } echo '</div></div>';
function printPerson($p) { $id = $p['uid']; $uname = $p['username']; $picture = $p['picture']; $fullname = $p['fullname']; $email = $p['email']; if (strncmp($uname, "test", 4) == 0) { // Ignore test users. return; } $pic = "<img src=\"nophoto.gif\" />"; if ($picture != "") { if (USING_AWS) { $picsrc = "https://" . AWS_BUCKET . ".s3.amazonaws.com/uploads/pictures/thumbs/{$id}.jpg"; $pic = "<img src=\"" . $picsrc . "\" />"; } else { $picsrc = "uploads/pictures/thumbs/{$id}.jpg"; if (file_exists($picsrc)) { $pic = "<img src=\"" . $picsrc . "\" />"; } } } $jobNames = getUserJobsAsList($id); if (canSeeAllPuzzles($id)) { $profclass = "seeallprofilebox"; } else { if (isApprover($id)) { $profclass = "approverprofilebox"; } else { if ($jobNames) { $profclass = "specprofilebox"; } else { $profclass = "profilebox"; } } } ?> <div class="<?php echo $profclass; ?> "> <div class="profileimg"><?php echo $pic; ?> </div> <div class="profiletxt"> <span class="profilename"><?php echo "{$fullname}"; ?> (<?php echo "{$uname}"; ?> )</span> <span class="profiletitle"><?php echo $jobNames; ?> </span> <span class="profilecontact"><a href="mailto:<?php echo $email; ?> "><?php echo $email; ?> </a></span> <?php $sql = "SELECT * FROM user_info_key"; $result = get_rows($sql); foreach ($result as $r) { $shortname = $r['shortname']; $longname = $r['longname']; $user_key_id = $r['id']; $sql = sprintf("SELECT value FROM user_info_values WHERE person_id = '%s' AND user_info_key_id = '%s'", mysql_real_escape_string($id), mysql_real_escape_string($user_key_id)); $res = get_rows($sql); if (count($res) > 0 && $res[0]['value'] != "") { ?> <span class="profilesect"><?php echo "<b>{$longname}</b>: " . $res[0]['value']; ?> </span> <?php } } ?> </div> <div class="profilefooter"></div> </div> <?php }
echo "{$create};\n"; } if ($is_sql) { if ($style) { echo use_sql($db) . ";\n\n"; } $out = ""; if ($_POST["routines"]) { foreach (array("FUNCTION", "PROCEDURE") as $routine) { foreach (get_rows("SHOW {$routine} STATUS WHERE Db = " . q($db), null, "-- ") as $row) { $out .= ($style != 'DROP+CREATE' ? "DROP {$routine} IF EXISTS " . idf_escape($row["Name"]) . ";;\n" : "") . remove_definer($connection->result("SHOW CREATE {$routine} " . idf_escape($row["Name"]), 2)) . ";;\n\n"; } } } if ($_POST["events"]) { foreach (get_rows("SHOW EVENTS", null, "-- ") as $row) { $out .= ($style != 'DROP+CREATE' ? "DROP EVENT IF EXISTS " . idf_escape($row["Name"]) . ";;\n" : "") . remove_definer($connection->result("SHOW CREATE EVENT " . idf_escape($row["Name"]), 3)) . ";;\n\n"; } } if ($out) { echo "DELIMITER ;;\n\n{$out}" . "DELIMITER ;\n\n"; } } if ($_POST["table_style"] || $_POST["data_style"]) { $views = array(); foreach (table_status('', true) as $name => $table_status) { $table = DB == "" || in_array($name, (array) $_POST["tables"]); $data = DB == "" || in_array($name, (array) $_POST["data"]); if ($table || $data) { if ($ext == "tar") { $tmp_file = new TmpFile();
<?php ////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// require_once "inc/setup.php"; ////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// // If not table ID, get ID from name if ($_GET['table'] || $_GET['table'] == 0) { $table_id = array_search($_GET['table'], $tables) !== false ? array_search($_GET['table'], $tables) : $_GET['table']; $table_rows = get_rows($table_id); //print_r($table_rows); } ////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// // If nothing is found... if (!$table_rows) { $_SESSION['alert'] = "no_such_table_" . addslashes($_GET['table']); header("Location: " . CMS_INSTALL_PATH . "tables.php"); die; } ////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// // Check Permissions $allow = get_permissions($table_rows['name']); if (!$allow['view']) { $_SESSION['alert'] = "permissions_view"; header("Location: " . CMS_INSTALL_PATH . "tables.php"); die; } // Disable Reordering if more than X items if (count($table_rows['rows']) > MAX_TABLE_REORDERABLE_ITEMS) { $allow['reorder'] = false; } //////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
$select = array(); foreach ($fields as $name => $field) { if (isset($field["privileges"]["select"])) { $as = convert_field($field); if ($_POST["clone"] && $field["auto_increment"]) { $as = "''"; } if ($jush == "sql" && ereg("enum|set", $field["type"])) { $as = "1*" . idf_escape($name); } $select[] = ($as ? "{$as} AS " : "") . idf_escape($name); } } $row = array(); if ($select) { $rows = get_rows("SELECT" . limit(implode(", ", $select) . " FROM " . table($TABLE), " WHERE {$where}", isset($_GET["select"]) ? 2 : 1)); $row = isset($_GET["select"]) && count($rows) != 1 ? null : reset($rows); } } if ($row === false) { echo "<p class='error'>" . lang('No rows.') . "\n"; } ?> <form action="" method="post" enctype="multipart/form-data" id="form"> <?php if ($fields) { echo "<table cellspacing='0' onkeydown='return editingKeydown(event);'>\n"; foreach ($fields as $name => $field) { echo "<tr><th>" . $adminer->fieldName($field); $default = $_GET["set"][bracket_escape($name)];
function register() { $errors = array(); $data = $_POST; $picture = $_FILES['picture']; $email = isset($data['email']) ? $data['email'] : ""; $username = isset($data['username']) ? $data['username'] : ""; $fullname = isset($data['fullname']) ? $data['fullname'] : ""; $pass1 = isset($data['pass1']) ? $data['pass1'] : ""; $pass2 = isset($data['pass2']) ? $data['pass2'] : ""; if ($email === "") { $errors['email'] = "Email may not be empty"; } if ($username === "") { $errors['username'] = "******"; } if ($fullname === "") { $errors['fullname'] = "Full name may not be empty"; } if (!TRUST_REMOTE_USER) { if ($pass1 === "") { $errors['pass1'] = "Passwords may not be empty"; } if ($pass2 === "") { $errors['pass2'] = "Passwords may not be empty"; } else { if ($pass1 !== $pass2) { $errors['pass2'] = "Passwords do not match"; } else { if (strlen($pass1) < 6) { $errors['pass1'] = "Password must be at least 6 characters"; } } } } $purifier = new HTMLPurifier(); $username = $purifier->purify($username); $fullname = $purifier->purify($fullname); $email = $purifier->purify($email); $sql = sprintf("SELECT * FROM user_info WHERE username='******'", mysql_real_escape_string($username)); if (has_result($sql)) { $errors['username'] = "******"; } $sql = sprintf("SELECT * FROM user_info WHERE email='%s'", mysql_real_escape_string($email)); if (has_result($sql)) { $errors['email'] = "There is already an account using that email"; } if ($errors) { return $errors; } if ($picture['name'] != '') { $pic = pictureHandling($uid, $picture); } $pic = $purifier->purify($pic); mysql_query('START TRANSACTION'); if (TRUST_REMOTE_USER) { $sql = sprintf("INSERT INTO user_info (username, fullname, email) VALUES ('%s', '%s', '%s')", mysql_real_escape_string($username), mysql_real_escape_string($fullname), mysql_real_escape_string($email)); } else { $sql = sprintf("INSERT INTO user_info (username, password, fullname, email) VALUES ('%s', AES_ENCRYPT('%s', '%s%s'), '%s', '%s')", mysql_real_escape_string($username), mysql_real_escape_string($pass1), mysql_real_escape_string($username), mysql_real_escape_string($pass1), mysql_real_escape_string($fullname), mysql_real_escape_string($email)); } $result = mysql_query($sql); if ($result === FALSE) { mysql_query('ROLLBACK'); return array("unknown" => "Registration error in adding user"); } $uid = mysql_insert_id(); $failed = FALSE; $sql = sprintf("UPDATE user_info SET picture='%s' WHERE uid='%s'", mysql_real_escape_string($pic), mysql_real_escape_string($uid)); $result = mysql_query($sql); if ($result === FALSE) { $failed = TRUE; } $sql = sprintf("DELETE from user_info_values WHERE person_id = '%s'", mysql_real_escape_string($uid)); $result = mysql_query($sql); if ($result === FALSE) { $failed = TRUE; } $sql = sprintf("SELECT id, shortname, longname FROM user_info_key"); $result = get_rows($sql); foreach ($result as $r) { $shortname = $r['shortname']; $longname = $r['longname']; $user_key_id = $r['id']; if (isset($data[$shortname]) && $data[$shortname] !== "") { $value = $purifier->purify($data[$shortname]); $sql = sprintf("INSERT INTO user_info_values VALUES ('%s', '%s', '%s')", mysql_real_escape_string($uid), mysql_real_escape_string($user_key_id), mysql_real_escape_string($value)); $res = mysql_query($sql); if ($res === FALSE) { $failed = TRUE; } } } if ($failed) { mysql_query('ROLLBACK'); return array("unknown" => "Registration error in updating info"); } else { mysql_query('COMMIT'); return array(); } }