/** * Creates new banksta row in Database * * @param string $newDate * @param string $newHash * @param string $newFilename * @param string $newAdmin * @param string $newContract * @param string $newSumm * @param string $newAddress * @param string $newRealname * @param string $newNotes * @param string $newPate * @param string $newPtime * @param int $payId * * @return void */ protected function bankstaCreateRow($newDate, $newHash, $newFilename, $newAdmin, $newContract, $newSumm, $newAddress, $newRealname, $newNotes, $newPdate, $newPtime, $payId) { $query = "INSERT INTO `ukv_banksta` (`id`, `date`, `hash`, `filename`, `admin`, `contract`, `summ`, `address`, `realname`, `notes`, `pdate`, `ptime`, `processed`, `payid`)\n VALUES (\n NULL ,\n '" . $newDate . "',\n '" . $newHash . "',\n '" . $newFilename . "',\n '" . $newAdmin . "',\n '" . $newContract . "',\n '" . $newSumm . "',\n '" . $newAddress . "',\n '" . $newRealname . "',\n '" . $newNotes . "',\n '" . $newPdate . "',\n '" . $newPtime . "',\n '0',\n '" . $payId . "'\n );\n "; nr_query($query); }
/** * Remove lousy mark * * @param $tariff tariff name * */ function zb_LousyTariffDelete($tariff) { $tariff = mysql_real_escape_string($tariff); $query = "DELETE from `lousytariffs` WHERE `tariff`='" . $tariff . "' "; nr_query($query); log_register("LOUSYTARIFF DELETE `" . $tariff . "`"); }
/** * logs succeful self credit fact into database * * @param string $login existing users login * * @return void */ function zbs_CreditLogPush($login) { $login = mysql_real_escape_string($login); $date = curdatetime(); $query = "INSERT INTO `zbssclog` (`id` , `date` , `login` ) VALUES ( NULL , '" . $date . "', '" . $login . "');"; nr_query($query); }
/** * Creates new DB entry for some login * * @param string $login * @param string $seal * @param string $length * @param string $price * * @return void */ protected function create($login, $seal, $length, $price) { $login = mysql_real_escape_string($login); $seal = mysql_real_escape_string($seal); $length = mysql_real_escape_string($length); $price = mysql_real_escape_string($price); $query = "INSERT INTO `condet` (`id`,`login`,`seal`,`length`,`price`) VALUES (NULL,'" . $login . "','" . $seal . "','" . $length . "', '" . $price . "');"; nr_query($query); }
function ms_TicketCreate($from, $to, $text, $replyto = 'NULL', $admin = '') { $from = mysql_real_escape_string($from); $to = mysql_real_escape_string($to); $admin = mysql_real_escape_string($admin); $text = mysql_real_escape_string(strip_tags($text)); $date = curdatetime(); $replyto = vf($replyto); $query = "\n INSERT INTO `ticketing` (\n `id` ,\n `date` ,\n `replyid` ,\n `status` ,\n `from` ,\n `to` ,\n `text`,\n `admin`\n )\n VALUES (\n NULL ,\n '" . $date . "',\n " . $replyto . ",\n '0',\n '" . $from . "',\n '" . $to . "',\n '" . $text . "',\n '" . $admin . "'\n );\n "; nr_query($query); }
public function create($public, $type, $title, $text) { $public = vf($public, 3); $type = vf($type); $title = mysql_real_escape_string($title); $text = mysql_real_escape_string($text); $query = "INSERT INTO `zbsannouncements` (`id`,`public`,`type`,`title`,`text`) VALUES\n (NULL, '" . $public . "', '" . $type . "', '" . $title . "', '" . $text . "'); "; nr_query($query); $newId = simple_get_lastid('zbsannouncements'); log_register("ANNOUNCEMENT CREATE [" . $newId . "]"); return $newId; }
/** * Deletes comment from database * * @param type $id existing comment database ID * * @return void */ protected function deleteComment($id) { $id = vf($id, 3); $query = "DELETE FROM `adcomments` WHERE `id`='" . $id . "';"; nr_query($query); log_register("ADCOMM DELETE SCOPE `" . $this->scope . "` ITEM [" . $this->item . "]"); }
/** * Performs switch replacement in database * * @param int $fromId * @param int $toId * @param int $employeeid * * @return void */ function zb_SwitchReplace($fromId, $toId, $employeeId) { $fromId = vf($fromId, 3); $toId = vf($toId, 3); $employeeId = vf($employeeId, 3); $allEmployees = ts_GetAllEmployee(); $fromData = zb_SwitchGetData($fromId); $toData = zb_SwitchGetData($toId); if (!empty($fromData)) { //copy geo coordinates to new switch simple_update_field('switches', 'geo', $fromData['geo'], "WHERE `id`='" . $toId . "'"); //setting new description and remove NP flag $newDescriptionTo = str_replace('NP', 'm:' . @$allEmployees[$employeeId], $toData['desc']); simple_update_field('switches', 'desc', $newDescriptionTo, "WHERE `id`='" . $toId . "'"); //copy location simple_update_field('switches', 'location', $fromData['location'], "WHERE `id`='" . $toId . "'"); //copy switch parent ID if (!empty($fromData['parentid'])) { simple_update_field('switches', 'parentid', $fromData['parentid'], "WHERE `id`='" . $toId . "'"); } else { $parentId_q = "UPDATE `switches` SET `parentid`=NULL WHERE `id`='" . $toId . "';"; nr_query($parentId_q); } //moving childs if it present simple_update_field('switches', 'parentid', $toId, "WHERE `parentid`='" . $fromId . "'"); // doing old switch cleanup and disabling it simple_update_field('switches', 'geo', '', "WHERE `id`='" . $fromId . "'"); $newFromLocation = __('removed from') . ': ' . $fromData['location']; simple_update_field('switches', 'location', $newFromLocation, "WHERE `id`='" . $fromId . "'"); $newFromDesc = 'NP u:' . @$allEmployees[$employeeId]; simple_update_field('switches', 'desc', $newFromDesc, "WHERE `id`='" . $fromId . "'"); $parentIdFrom_q = "UPDATE `switches` SET `parentid`=NULL WHERE `id`='" . $fromId . "';"; nr_query($parentIdFrom_q); log_register("SWITCH REPLACE FROM [" . $fromId . "] TO [" . $toId . "] EMPLOYEE [" . $employeeId . "]"); } else { show_error(__('Strange exeption') . ': FROM_SWITCH_EMPTY_DATA'); } }
/** * saves new passport data for some build * * @return void */ protected function savePassport() { if (wf_CheckPost(array('savebuildpassport'))) { $buildid = vf($_POST['savebuildpassport'], 3); // Yep, im know - thats shitty solution. Need to refactor this later. $clean_query = "DELETE FROM `buildpassport` WHERE `buildid`='" . $buildid . "';"; nr_query($clean_query); $owner = mysql_real_escape_string($_POST['powner']); $ownername = mysql_real_escape_string($_POST['pownername']); $ownerphone = mysql_real_escape_string($_POST['pownerphone']); $ownercontact = mysql_real_escape_string($_POST['pownercontact']); $keys = isset($_POST['pkeys']) ? 1 : 0; $accessnotices = mysql_real_escape_string($_POST['paccessnotices']); $floors = mysql_real_escape_string($_POST['pfloors']); $entrances = mysql_real_escape_string($_POST['pentrances']); $apts = mysql_real_escape_string($_POST['papts']); $notes = mysql_real_escape_string($_POST['pnotes']); $query = "INSERT INTO `buildpassport` (\n `id` ,\n `buildid` ,\n `owner` ,\n `ownername` ,\n `ownerphone` ,\n `ownercontact` ,\n `keys` ,\n `accessnotices` ,\n `floors` ,\n `apts` ,\n `entrances` ,\n `notes`\n )\n VALUES (\n NULL ,\n '" . $buildid . "',\n '" . $owner . "',\n '" . $ownername . "',\n '" . $ownerphone . "',\n '" . $ownercontact . "',\n '" . $keys . "',\n '" . $accessnotices . "',\n '" . $floors . "',\n '" . $apts . "',\n '" . $entrances . "',\n '" . $notes . "'\n );\n "; nr_query($query); log_register('BUILD PASSPORT SAVE [' . $buildid . ']'); } }
/** * Just system logging subroutine * * @param string $event */ function log_register($event) { $admin_login = whoami(); @($ip = $_SERVER['REMOTE_ADDR']); if (!$ip) { $ip = '127.0.0.1'; } $current_time = curdatetime(); $event = mysql_real_escape_string($event); $query = "INSERT INTO `weblogs` (`id`,`date`,`admin`,`ip`,`event`) VALUES(NULL,'" . $current_time . "','" . $admin_login . "','" . $ip . "','" . $event . "')"; nr_query($query); }
/** * Deletes existing task from database * * @param int $taskid * * @return void */ function ts_DeleteTask($taskid) { $taskid = vf($taskid, 3); $query = "DELETE from `taskman` WHERE `id`='" . $taskid . "'"; nr_query($query); log_register("TASKMAN DELETE " . $taskid); }
function ra_UserRebuildAttributes($login, $attrtemplate, $verbose = false) { $login = mysql_real_escape_string($login); $clean_q = "DELETE from `radattr` WHERE `login`='" . $login . "'"; nr_query($clean_q); if (!empty($attrtemplate)) { if ($verbose) { show_window(__('User attributes'), '<pre>' . $attrtemplate . '</pre>'); } $splitted = explodeRows($attrtemplate); if (!empty($splitted)) { foreach ($splitted as $io => $eachattr) { if (ispos($eachattr, '=')) { $attr_raw = explode('=', $eachattr); $attr = $attr_raw[0]; $value = $attr_raw[1]; $query = "INSERT INTO `radattr` (`id` ,`login` ,`attr` ,`value`) VALUES (NULL , '" . $login . "', '" . $attr . "', '" . $value . "');"; nr_query($query); } } } } }
/** * Deletes user signup price record from database * * @param string $login */ function zb_UserDeleteSignupPrice($login) { $query = "DELETE FROM `signup_prices_users` WHERE `login` = '" . $login . "'"; nr_query($query); }
/** * Stargazer direct handler * * @param int $virtualid * @param float $cash * @param string $paysys * * @return void */ function op_HandleStg($virtualid, $cash, $paysys = '') { $opconfig = op_LoadConfig(); $allcustomers = op_CustomersGetAll(); $sgconf = $opconfig['SGCONF']; $stg_host = $opconfig['STG_HOST']; $stg_port = $opconfig['STG_PORT']; $stg_login = $opconfig['STG_LOGIN']; $stg_passwd = $opconfig['STG_PASSWD']; if (isset($opconfig['UB_CASHTYPE'])) { $ub_cashtype = $opconfig['UB_CASHTYPE']; } else { //cash money by default $ub_cashtype = 1; } if ($paysys == '') { $note = 'OPENPAYZ'; } else { $note = 'OP:' . $paysys; } if (isset($allcustomers[$virtualid])) { $login = $allcustomers[$virtualid]; //adding cash if login exists $addcash_cmd = $sgconf . ' set -s ' . $stg_host . ' -p ' . $stg_port . ' -a' . $stg_login . ' -w' . $stg_passwd . ' -u' . $login . ' -c ' . $cash; shell_exec($addcash_cmd); //ubilling payment logging $curdate = date("Y-m-d H:i:s"); $balance_q = "SELECT `Cash` from `users` WHERE `login`='" . $login . "'"; $curbalance = simple_query($balance_q); $curbalance = $curbalance['Cash'] - $cash; $query_paymentlog = "INSERT INTO `payments` (`id` , `login` , `date` , `admin` , `balance` , `summ` , `cashtypeid` , `note` )\n VALUES (NULL , '" . $login . "', '" . $curdate . "', 'openpayz', '" . $curbalance . "', '" . $cash . "', '" . $ub_cashtype . "', '" . $note . "');"; nr_query($query_paymentlog); } }
/** * mark thread as read by sender * * @param string $sender sender login * * @return void */ function im_ThreadMarkAsRead($sender) { $sender = mysql_real_escape_string($sender); $me = whoami(); $query = "UPDATE `ub_im` SET `read` = '1' WHERE `to` = '" . $me . "' AND `from`='" . $sender . "' AND `read`='0'"; nr_query($query); }
/** * kills document in database * * @param $documentid - existing document ID * * @return void */ public function unregisterDocument($documentid) { $documentid = vf($documentid, 3); $query = "DELETE FROM `docxdocuments` WHERE `id`='" . $documentid . "'"; nr_query($query); log_register("PLDOCS DEL DOCUMENT [" . $documentid . "]"); }
/** * Deletes all of CF intems in database associated with some login * * @param string $login Existing user login * * @return void */ function cf_FlushAllUserCF($login) { $login = mysql_real_escape_string($login); $query = "DELETE from `cfitems` WHERE `login`='" . $login . "'"; nr_query($query); log_register("CF FLUSH (" . $login . ")"); }
/** * Update some option in "remote-id|circuit-id" view into the nethosts * * @param $ip - nethost ip * @param $option - nethost option to set * * @return void */ function opt82_SetOption($ip, $option) { $query = "UPDATE `nethosts` SET `option`='" . $option . "' WHERE `ip`='" . $ip . "'"; nr_query($query); log_register("OPT82 SET " . $ip . ' `' . $option . '`'); }
/** * Sets openpayz transaction as processed in database * * @param int $transactionid * * @return void */ public function transactionSetProcessed($transactionid) { $transactionid = vf($transactionid, 3); $query = "UPDATE `op_transactions` SET `processed` = '1' WHERE `id`='" . $transactionid . "'"; nr_query($query); log_register('OPENPAYZ PROCESSED [' . $transactionid . ']'); }
function docsis_ModemDelete($modemid) { $modemid = vf($modemid, 3); $modemdata = docsis_ModemGetData($modemid); if (!empty($modemdata)) { $modemip = $modemdata['ip']; $query = "DELETE from `modems` WHERE `id`='" . $modemid . "'"; nr_query($query); log_register("DOCSIS MODEM DELETE IP " . $modemip . " [" . $modemid . "]"); multinet_delete_host($modemip); multinet_rebuild_all_handlers(); } }
$form->addrow(__('op'), $content); // Значение $content = $form->text_box('edit[Value]', $result['Value']); $form->addrow(__('Value'), $content); // Добавляем в код страницы открытое модальное окно $html .= wf_modalOpened(__('Editing of RADIUS-attribute'), $form->show(1), 450, 275); } if (wf_checkPost(array('reassignment'))) { // Экранируем все введённые данные foreach ($_POST['reassignment'] as &$value) { $value = mysql_real_escape_string($value); } extract($_POST['reassignment']); // Добавляем информацию о переназначении $query = "INSERT INTO `radius_reassigns` (`netid`, `value`) VALUES ({$netid}, '{$value}') ON DUPLICATE KEY UPDATE `value` = '{$value}'"; if (nr_query($query)) { rcms_redirect("?module=freeradius&netid={$netid}"); } } $query = "SELECT `id`, `login`, `scenario`, `Attribute`, `op`, `Value` FROM `radius_attributes` WHERE `netid` = '{$netid}'"; $results = simple_queryall($query); $cells = wf_TableCell(__('ID')); $cells .= wf_TableCell(__('Scenario')); $cells .= wf_TableCell(__('Attribute')); $cells .= wf_TableCell(__('op')); $cells .= wf_TableCell(__('Value')); $cells .= wf_TableCell(__('Foreach')); $cells .= wf_TableCell(__('Actions')); $rows = wf_TableRow($cells, 'row1'); if (!empty($results)) { foreach ($results as $result) {
/** * Edits existing timerule in database * * @param type $timeruleid * @param type $threshold1 event start time * @param type $threshold2 event stop time * @param type $speed */ public function edit($timeruleid, $threshold1, $threshold2, $speed) { $timeruleid = vf($timeruleid); $threshold1 = mysql_real_escape_string($threshold1); $threshold2 = mysql_real_escape_string($threshold2); $speed = vf($speed); $query = "UPDATE `dshape_time` SET \n `threshold1` = '" . $threshold1 . "',\n `threshold2` = '" . $threshold2 . "',\n `speed` = '" . $speed . "' WHERE `id` ='" . $timeruleid . "' LIMIT 1;\n "; nr_query($query); log_register("DSHAPE CHANGE [" . $timeruleid . '] ON `' . $speed . '`'); }
/** * Deleting task from DB by users will * * @param type $login * @param type $param */ function deleteTask($login, $param) { $query = "DELETE FROM `dealwithit` WHERE login='******' and param='" . $param . "' AND action='tagadd'"; nr_query($query); log_register('SCHEDULER deleted (' . $login . ') tagid: ' . $param); }
/** * Deletes document from database and filesystem and redirects back to * documents list of the node * * @param type $document_id ID of the deleting document * @return type */ public function document_delete($id, $redirect = true) { // Get info about deleting file: $query = "SELECT * FROM `" . self::TABLE_DOCS . "` WHERE `id` = '" . $id . "'"; $result = simple_query($query); // Delete from database if deleted from filesystem: if (unlink($result['path'])) { $query = "DELETE FROM `" . self::TABLE_DOCS . "` WHERE `id` = '" . $id . "'"; nr_query($query); if ($redirect) { $item = empty($result['mark_id']) ? 'line' : 'mark'; $item_id = empty($result['mark_id']) ? $result['line_id'] : $result['mark_id']; rcms_redirect('?module=vols&item=' . $item . '&action=documents&id=' . $item_id); } } }
function zb_NasDelete($nasid) { $nasid = vf($nasid); $query = "DELETE from `nas` WHERE `id`='" . $nasid . "'"; nr_query($query); log_register("NAS DELETE" . $nasid); }
/** * Deletes user notes database record for some login * * @param string $login existing user login */ function zb_UserDeleteNotes($login) { $login = vf($login); $query = "DELETE FROM `notes` WHERE `login`='" . $login . "'"; nr_query($query); log_register('DELETE UserNote (' . $login . ')'); }
/** * Adds some money to user account * * @param string $login * @param float $cash * @param string $note * * @return void */ function zbs_CashAdd($login, $cash, $note) { $login = vf($login); $cash = mysql_real_escape_string($cash); $cashtype = 0; $note = mysql_real_escape_string($note); $date = curdatetime(); $balance = zb_CashGetUserBalance($login); billing_addcash($login, $cash); $query = "INSERT INTO `payments` ( `id` , `login` , `date` , `balance` , `summ` , `cashtypeid` , `note` )\n VALUES (NULL , '" . $login . "', '" . $date . "', '" . $balance . "', '" . $cash . "', '" . $cashtype . "', '" . $note . ");"; nr_query($query); log_register("BALANCECHANGE (" . $login . ') ON ' . $cash); }
/** * register generated document in database * * @param $login - current user login * @param $templateid - existing template ID * @param $path path to file in storage * * @return void */ public function registerDocument($login, $templateid, $path) { $login = mysql_real_escape_string($login); $templateid = vf($templateid, 3); $path = mysql_real_escape_string($path); $date = date("Y-m-d H:i:s"); $query = "\n INSERT INTO `docxdocuments` (\n `id` ,\n `date` ,\n `login` ,\n `public` ,\n `templateid` ,\n `path`\n )\n VALUES (\n NULL , '" . $date . "', '" . $login . "', '1', '" . $templateid . "', '" . $path . "'\n );\n "; nr_query($query); }
/** * Fills cemetary log with some data * * @param string $login * @param int $state * * @return void */ protected function logFuneral($login, $state) { $state = vf($state, 3); $date = curdatetime(); $loginF = mysql_real_escape_string($login); $query = "INSERT INTO `cemetery` (`id`,`login`,`state`,`date`) VALUES (NULL,'" . $loginF . "','" . $state . "','" . $date . "'); "; nr_query($query); log_register('CEMETERY (' . $login . ') SET `' . $state . '`'); }
/** * Update users passport data * * @param $login - user login * @param $birthdate - user date of birth * @param $passportnum - passport number * @param $passportdate - passport assign date * @param $passportwho - who produce the passport? * @param $pcity - additional address city * @param $pstreet - additional address street * @param $pbuild - additional address build * @param $papt - additional address apartment * * @return void */ function zb_UserPassportDataSet($login, $birthdate, $passportnum, $passportdate, $passportwho, $pcity, $pstreet, $pbuild, $papt) { $login = mysql_real_escape_string($login); $birthdate = mysql_real_escape_string($birthdate); $passportnum = mysql_real_escape_string($passportnum); $passportdate = mysql_real_escape_string($passportdate); $passportwho = mysql_real_escape_string($passportwho); $pcity = mysql_real_escape_string($pcity); $pstreet = mysql_real_escape_string($pstreet); $pbuild = mysql_real_escape_string($pbuild); $papt = mysql_real_escape_string($papt); $query = "\n UPDATE `passportdata` SET\n `birthdate` = '" . $birthdate . "',\n `passportnum` = '" . $passportnum . "',\n `passportdate` = '" . $passportdate . "',\n `passportwho` = '" . $passportwho . "',\n `pcity` = '" . $pcity . "',\n `pstreet` = '" . $pstreet . "',\n `pbuild` = '" . $pbuild . "',\n `papt` = '" . $papt . "'\n WHERE `login`='" . $login . "'\n "; nr_query($query); log_register("CHANGE UserPassportData (" . $login . ")"); }