Пример #1
0
function echoPage($page, $limit)
{
    $dbLink = db_connect_syslog(DBUSER, DBUSERPW);
    if ($limit <= 10) {
        echo " <a href='wres.php?page={$page}&limit=" . ($limit + 10) . "' class='load_more'></a\t";
        $sqllimit = "0,{$limit}";
    } else {
        $sqllimit = "10,{$limit}";
    }
    echo "<div style=\"width: 310px; margin-bottom: 5px; margin-left: 5px; text-align: center; font-size: 5px;\">";
    echo " <table> ";
    if ($page == "tail") {
        if ($limit <= 10) {
            echo "\n\t\t\t   \t<td class=\"wapresultsheader\">HOST</td>\n\t\t\t   \t<td class=\"wapresultsheader\">TIME</td>\n\t\t\t   \t<td class=\"wapresultsheader\">MESSAGE</td>\n\t\t\t   \t";
        }
        $query = "SELECT * FROM logs JOIN (select seq from logs FORCE INDEX(PRIMARY) ORDER BY seq DESC LIMIT {$sqllimit}) as sub USING(seq)";
    }
    if ($page == "topx") {
        if ($limit <= 10) {
            echo "\n\t\t\t   \t<td class=\"wapresultsheader\">HOST</td>\n\t\t\t   \t<td class=\"wapresultsheader\">COUNT</td>\n\t\t\t   \t<td class=\"wapresultsheader\">MESSAGE</td>\n\t\t\t   \t";
        }
        if (defined('SQZ_ENABLED') && SQZ_ENABLED == TRUE) {
            $query = "SELECT host,counter as count,msg from logs WHERE counter>1 ORDER BY counter DESC LIMIT {$sqllimit}";
        } else {
            $query = "SELECT host,count(*) as count,msg from logs GROUP BY host ORDER BY count DESC LIMIT {$sqllimit}";
        }
    }
    $results = perform_query($query, $dbLink);
    $color = "waplighter";
    $today = date('Y-m-d');
    while ($row = fetch_array($results)) {
        if ($color == "wapdarker") {
            $color = "waplighter";
        } else {
            $color = "wapdarker";
        }
        echo "<tr class=\"{$color}\">";
        echo "<td>" . $row['host'] . "</td>";
        if ($page == "tail") {
            $pieces = explode(" ", $row['datetime']);
            echo '<td>';
            if ($pieces[0] != $today) {
                echo $pieces[0] . "&nbsp;";
            }
            echo $pieces[1];
        }
        if ($page == "topx") {
            echo '<td>';
            echo $row['count'] . "&nbsp;";
        }
        echo "</td>\n";
        $row['msg'] = preg_replace('/\\s:/', ':', $row['msg']);
        $row['msg'] = preg_replace('/.*(%.*?:.*)/', '$1', $row['msg']);
        $msg = htmlspecialchars($row['msg']);
        echo "<td>";
        echo "{$msg}</td>\n";
        echo "</tr>\n";
    }
    echo "</div>\n";
}
Пример #2
0
function load_canned_messages($locale, $groupid)
{
    global $mysqlprefix;
    $link = connect();
    $query = "select id, vcvalue from {$mysqlprefix}chatresponses " . "where locale = '" . $locale . "' AND (" . ($groupid ? "groupid = {$groupid}" : "groupid is NULL OR groupid = 0") . ") order by vcvalue";
    $result = select_multi_assoc($query, $link);
    if (!$groupid && count($result) == 0) {
        foreach (explode("\n", getstring_('chat.predefined_answers', $locale)) as $answer) {
            $result[] = array('id' => '', 'vcvalue' => $answer);
        }
        if (count($result) > 0) {
            $updatequery = "insert into {$mysqlprefix}chatresponses (vcvalue,locale,groupid) values ";
            for ($i = 0; $i < count($result); $i++) {
                if ($i > 0) {
                    $updatequery .= ", ";
                }
                $updatequery .= "('" . mysql_real_escape_string($result[$i]['vcvalue'], $link) . "','{$locale}', NULL)";
            }
            perform_query($updatequery, $link);
            $result = select_multi_assoc($query, $link);
        }
    }
    mysql_close($link);
    return $result;
}
Пример #3
0
function create_table($id, $link)
{
    global $dbtables, $memtables, $dbencoding, $mysqlprefix;
    if (!isset($dbtables[$id])) {
        show_install_err("Unknown table: {$id}, " . mysql_error($link));
    }
    $query = "CREATE TABLE {$id}\n" . "(\n";
    foreach ($dbtables[$id] as $k => $v) {
        $query .= "\t{$k} {$v},\n";
    }
    $query = preg_replace("/,\n\$/", "", $query);
    $query .= ") charset {$dbencoding}";
    if (in_array($id, $memtables)) {
        $query .= " ENGINE=MEMORY";
    } else {
        $query .= " ENGINE=InnoDb";
    }
    mysql_query($query, $link) or show_install_err(' Query failed: ' . mysql_error($link));
    if ($id == "{$mysqlprefix}chatoperator") {
        create_operator_("admin", "", "", "Administrator", "Administrator", "", $link);
    } else {
        if ($id == "{$mysqlprefix}chatrevision") {
            perform_query("INSERT INTO {$mysqlprefix}chatrevision VALUES (1)", $link);
        }
    }
}
Пример #4
0
function add_message($locale, $groupid, $message)
{
    global $mysqlprefix;
    $link = connect();
    perform_query("insert into {$mysqlprefix}chatresponses (locale,groupid,vcvalue) values ('" . mysql_real_escape_string($locale, $link) . "'," . ($groupid ? intval($groupid) . ", " : "null, ") . "'" . mysql_real_escape_string($message, $link) . "')", $link);
    mysql_close($link);
}
Пример #5
0
function update_operator_permissions($operatorid, $newvalue)
{
    global $mysqlprefix;
    $link = connect();
    $query = "update {$mysqlprefix}chatoperator set iperm = {$newvalue} where operatorid = {$operatorid}";
    perform_query($query, $link);
    mysql_close($link);
}
Пример #6
0
function update_group($groupid, $name, $descr, $commonname, $commondescr, $email)
{
    global $mysqlprefix;
    $link = connect();
    $query = sprintf("update {$mysqlprefix}chatgroup set vclocalname = '%s', vclocaldescription = '%s', vccommonname = '%s', vccommondescription = '%s', vcemail = '%s' where groupid = %s", mysql_real_escape_string($name), mysql_real_escape_string($descr), mysql_real_escape_string($commonname), mysql_real_escape_string($commondescr), mysql_real_escape_string($email), $groupid);
    perform_query($query, $link);
    mysql_close($link);
}
Пример #7
0
function update_operator_permissions($operatorid, $newvalue)
{
    global $mysqlprefix;
    $link = connect();
    $query = sprintf("update {$mysqlprefix}chatoperator set iperm = %s where operatorid = %s", intval($newvalue), intval($operatorid));
    perform_query($query, $link);
    mysql_close($link);
}
Пример #8
0
function update_group_members($groupid, $newvalue)
{
    global $mysqlprefix;
    $link = connect();
    perform_query("delete from {$mysqlprefix}chatgroupoperator where groupid = {$groupid}", $link);
    foreach ($newvalue as $opid) {
        perform_query("insert into {$mysqlprefix}chatgroupoperator (groupid, operatorid) values ({$groupid},{$opid})", $link);
    }
    mysql_close($link);
}
Пример #9
0
function update_operator_groups($operatorid, $newvalue)
{
    global $mysqlprefix;
    $link = connect();
    perform_query("delete from {$mysqlprefix}chatgroupoperator where operatorid = " . intval($operatorid), $link);
    foreach ($newvalue as $groupid) {
        perform_query(sprintf("insert into {$mysqlprefix}chatgroupoperator (groupid, operatorid) values (%s,%s)", intval($groupid), intval($operatorid)), $link);
    }
    mysql_close($link);
}
Пример #10
0
function update_settings()
{
    global $settings, $settings_in_db, $mysqlprefix;
    $link = connect();
    foreach ($settings as $key => $value) {
        if (!isset($settings_in_db[$key])) {
            perform_query("insert into {$mysqlprefix}chatconfig (vckey) values ('{$key}')", $link);
        }
        $query = sprintf("update {$mysqlprefix}chatconfig set vcvalue='%s' where vckey='{$key}'", mysql_real_escape_string($value));
        perform_query($query, $link);
    }
    mysql_close($link);
}
Пример #11
0
function update_settings()
{
    global $settings, $settings_in_db, $low_level_settings, $mysqlprefix;
    $link = connect();
    foreach ($settings as $key => $value) {
        // Don't store low level settings in the database to prevent them from being
        // unchangeable
        if (in_array($key, $low_level_settings)) {
            continue;
        }
        if (!isset($settings_in_db[$key])) {
            perform_query("insert into {$mysqlprefix}chatconfig (vckey) values ('" . mysql_real_escape_string($key, $link) . "')", $link);
        }
        $query = sprintf("update {$mysqlprefix}chatconfig set vcvalue='%s' where vckey='%s'", mysql_real_escape_string($value, $link), mysql_real_escape_string($key, $link));
        perform_query($query, $link);
    }
    mysql_close($link);
}
Пример #12
0
function displayform($currentstudent = "")
{
    $dbc = connect_to_db("jed");
    $query = "select ID, lastname, firstname from student";
    $result = perform_query($dbc, $query);
    echo "<form method=\"get\">\n\t\t  <select name=\"studentmenu\">";
    while ($row = mysqli_fetch_array($result, MYSQLI_ASSOC)) {
        $firstname = $row['firstname'];
        $lastname = $row['lastname'];
        $id = $row['ID'];
        if ($id == $currentstudent) {
            echo "<option value=\"{$id}\" selected>{$firstname} {$lastname}</option>\n";
        } else {
            echo "<option value=\"{$id}\">{$firstname} {$lastname}</option>\n";
        }
    }
    echo "</select>\n\t\t<input type=\"submit\" name=\"formsubmitted\" value=\"go\" />\n\t\t</form>";
    disconnect_from_db($dbc, $result);
}
Пример #13
0
function create_select($menuname)
{
    echo "<select name= '{$menuname}'>\n";
    $dbc = connect_to_db("jed");
    $query = "select ID, lastname, firstname from student";
    $result = perform_query($dbc, $query);
    while ($row = mysqli_fetch_array($result, MYSQLI_ASSOC)) {
        $firstname = $row['firstname'];
        $lastname = $row['lastname'];
        $id = $row['ID'];
        if (isset($_GET[$menuname]) && $_GET[$menuname] == $id) {
            echo "<option value = '{$id}' selected> {$firstname}  {$lastname} </option>\n";
        } else {
            echo "<option value = '{$id}'> {$firstname}  {$lastname} </option>\n";
        }
    }
    echo "</select>";
    disconnect_from_db($dbc, $result);
}
Пример #14
0
	private function extractName($message) {
        $preges = array();
		$result = perform_query(
			"SELECT preg_name FROM lzecs",
			$this->dbLink, $_SERVER['PHP_SELF']
		);
        while($row = fetch_array($result)) { 
            $preges[] = $row['preg_name'];
        }
        foreach($preges as $preg) {
            preg_match_all("/$preg/", $message, $matches);
        }
        if(! isset($matches[1][0]))
            return "";

		// Modified below for http://code.google.com/p/php-syslog-ng/issues/detail?id=43 
		// $name = $matches[1][0];
		$name = addcslashes($matches[1][0], '\'');

		return $name;
	}
Пример #15
0
 public function lookup($message)
 {
     $name = $this->extractName($message);
     if (empty($name)) {
         return false;
     }
     if (($data = $this->cacheFetch($name)) !== false) {
         return $data;
     }
     $result = perform_query("SELECT message, explanation, action, datetime FROM " . CISCO_ERROR_TABLE . " WHERE name = '{$name}' LIMIT 1", $this->dbLink);
     if (!num_rows($result) > 0) {
         return false;
     }
     $data = array();
     $row = fetch_array($result, "ASSOC");
     array_push($data, $name);
     array_push($data, $row['message']);
     array_push($data, $row['explanation']);
     array_push($data, $row['action']);
     array_push($data, $row['datetime']);
     $this->cacheStore($name, $data);
     return $data;
 }
Пример #16
0
<tbody>
    <tr>
        <td colspan="2">
            <?php
            if (getgroup($_SESSION['username']) == "admins") {
                echo "<select class=\"chzn-select\" style=\"width:102%\" id=\"sel_user\">\n";
                $query = "SELECT * FROM ".$_SESSION['TBL_AUTH'] ." WHERE username !='local_noauth'";
                $result = perform_query($query, $dbLink, $_SERVER['PHP_SELF']);
                while($row = fetch_array($result)) {
                    $chpw_user = $row['username'];
                    echo "<option name=\"chpw_user\ value=\"$chpw_user\">".htmlentities($chpw_user)."</option>\n";
                }
                echo "</select>\n";
            } else {
                $query = "SELECT * FROM ".$_SESSION['TBL_AUTH'] ." WHERE username ='******'";
                $result = perform_query($query, $dbLink, $_SERVER['PHP_SELF']);
                while($row = fetch_array($result)) {
                    $chpw_user = $row['username'];
                    echo "<input type=\"hidden\" id=\"inp_user\" value=\"$chpw_user\">\n";
                    echo "Change Password for ".htmlentities($chpw_user)."\n";
                }
            }
            ?>
        </td>
    </tr>
        <?php
        if (getgroup($_SESSION['username']) != "admins") {
        ?>
    <tr>
        <td width="33%">
		    Old password:
Пример #17
0
$errors = array();
$page = array('version' => $version);
$loginoremail = "";
if (isset($_POST['loginoremail'])) {
    $loginoremail = getparam("loginoremail");
    $torestore = is_valid_email($loginoremail) ? operator_by_email($loginoremail) : operator_by_login($loginoremail);
    if (!$torestore) {
        $errors[] = getlocal("no_such_operator");
    }
    $email = $torestore['vcemail'];
    if (count($errors) == 0 && !is_valid_email($email)) {
        $errors[] = "Operator hasn't set his e-mail";
    }
    if (count($errors) == 0) {
        $token = md5(time() + microtime() . rand(0, 99999999));
        $link = connect();
        $query = "update {$mysqlprefix}chatoperator set dtmrestore = CURRENT_TIMESTAMP, vcrestoretoken = '{$token}' where operatorid = " . $torestore['operatorid'];
        perform_query($query, $link);
        $href = get_app_location(true, false) . "/operator/resetpwd.php?id=" . $torestore['operatorid'] . "&token={$token}";
        webim_mail($email, $email, getstring("restore.mailsubj"), getstring2("restore.mailtext", array(get_operator_name($torestore), $href)), $link);
        mysql_close($link);
        $page['isdone'] = true;
        require '../view/restore.php';
        exit;
    }
}
$page['formloginoremail'] = topage($loginoremail);
$page['localeLinks'] = get_locale_links("{$webimroot}/operator/restore.php");
$page['isdone'] = false;
start_html_output();
require '../view/restore.php';
Пример #18
0
function login($forms)
{
    $error = "";
    $username = $forms["username"];
    $password = $forms["password"];
    if (!$password) {
        $password = "******";
    }
    // die("$password");
    if ($forms["authtype"] == "ldap") {
        //define an appropriate ldap search filter to find your users, and filter out accounts such as administrator(administrator should be renamed anyway!).
        $filter = "(&(|(!(displayname=Administrator*))(!(displayname=Admin*)))(" . LDAP_CN . "={$username}))";
        $dn = LDAP_CN . "={$username}, ";
        if (!($connect = @ldap_connect(LDAP_SRV))) {
            $error .= "Could not connect to LDAP server:" . LDAP_SRV;
        }
        switch (LDAP_MSAD) {
            case "YES":
                ldap_set_option($connect, LDAP_OPT_PROTOCOL_VERSION, 3);
                ldap_set_option($connect, LDAP_OPT_REFERRALS, 0);
                if (!($bind = @ldap_bind($connect, "{$username}@" . LDAP_DOMAIN, $password))) {
                    $error .= " Unable to bind to LDAP Server: <b>" . LDAP_SRV . "</b><br> <li>DN: {$dn}<br> <li>BaseDN: " . LDAP_BASE_DN . "<br>";
                }
                break;
            default:
                if (!($bind = @ldap_bind($connect, "{$dn}" . LDAP_BASE_DN, $password))) {
                    $error .= " Unable to bind to LDAP Server: <b>" . LDAP_SRV . "</b><br> <li>DN: {$dn}<br> <li>BaseDN: " . LDAP_BASE_DN . "<br>";
                }
        }
        if (!($sr = @ldap_search($connect, LDAP_BASE_DN, $filter))) {
            #search for user
            $error .= " Unable to search: <b>" . LDAP_SRV . "</b><br> <li>DN: {$dn}<br> <li>BaseDN: " . LDAP_BASE_DN . "<br>";
        }
        $info = @ldap_get_entries($connect, $sr);
        // print  "Number of entries returned is " .ldap_count_entries($connect, $sr)."<p>";
        if (LDAP_USEPRIV == "ON") {
            if (in_array(LDAP_RW_GROUP, $info[0]["groupmembership"])) {
                $_SESSION["userpriv"] = "rw";
            } elseif (in_array(LDAP_RO_GROUP, $info[0]["groupmembership"])) {
                $_SESSION["userpriv"] = "ro";
            } else {
                $_SESSION["userpriv"] = "disabled";
                // echo "User privileges are " . $_SESSION["userpriv"] . "<br>";
            }
        }
        if (trim($error) != "") {
            return $error;
        } else {
            $fullname = $info[0]["cn"][0];
            $fqdn = $info[0]["dn"];
            $_SESSION["username"] = $username;
            $_SESSION["groups"] = $info[0]["groupmembership"];
            $_SESSION["token"] = $password;
            $_SESSION["fullname"] = $fullname;
            $_SESSION["fqdn"] = $fqdn;
            $flname = explode(" ", $fullname);
            $_SESSION["firstname"] = $flname[0];
            $_SESSION["lastname"] = $flname[1];
            $_SESSION["pageId"] = "searchform";
            // die(phpinfo());
            // die(print_r($info[0]));
            // die(print_r($_SESSION));
        }
        /* from here, do your sql query to query the database to search for existing record with correct username and password */
    } elseif ($forms["authtype"] == "basic") {
        // Using Web basic authentication. Check to see if $_SERVER['REMOTE_USER'] has access, and act accordingly.
        $username = $_SERVER['REMOTE_USER'];
        if ($username == "") {
            $username = "******";
        }
        $dbLink = db_connect_syslog(DBUSER, DBUSERPW);
        if ($username && verify_user($username, $dbLink)) {
            $sessionId = md5(mt_rand());
            $_SESSION["pageId"] = "searchform";
            $expTime = time() + SESSION_EXP_TIME;
            $expTimeDB = date('Y-m-d H:i:s', $expTime);
            // Update sessionId and exptime in database
            $query = "UPDATE " . AUTHTABLENAME . " SET sessionid='" . $sessionId . "', \n\t\t\t\texptime='" . $expTimeDB . "' WHERE username='******'";
            $result = perform_query($query, $dbLink);
        } else {
            $error .= " Sorry, {$username} does not have access to this service.";
            $_SESSION["error"] = "{$error}";
        }
    } elseif ($forms["authtype"] == "cert") {
        // Using Cert basic authentication.Check certificate SerialNumber first, Subject DN if SerialNumber fails
        $dbLink = db_connect_syslog(DBUSER, DBUSERPW);
        if (verify_user($_SERVER['SSL_CLIENT_M_SERIAL'], $dbLink) || verify_user($_SERVER['SSL_CLIENT_S_DN'], $dbLink)) {
            $sessionId = md5(mt_rand());
            $_SESSION["pageId"] = "searchform";
            $expTime = time() + SESSION_EXP_TIME;
            $expTimeDB = date('Y-m-d H:i:s', $expTime);
            // Update sessionId and exptime in database
            $query = "UPDATE " . AUTHTABLENAME . " SET sessionid='" . $sessionId . "', \n             exptime='" . $expTimeDB . "' WHERE username='******'";
            $result = perform_query($query, $dbLink);
        } else {
            $error .= " Sorry, {$username} does not have access to this service.";
            $_SESSION["error"] = "{$error}";
        }
    } else {
        // Not using LDAP or WebBasic, revert to local db authentication
        if ($_POST["username"]) {
            $username = $_POST["username"];
            $password = $_POST["password"];
            // die("Info: $username, $password");
            $dbLink = db_connect_syslog(DBUSER, DBUSERPW);
            if ($username && $password && verify_login($username, $password, $dbLink)) {
                $sessionId = md5(mt_rand());
                $_SESSION["pageId"] = "searchform";
                // Calculate the expiration time
                $expTime = time() + SESSION_EXP_TIME;
                $expTimeDB = date('Y-m-d H:i:s', $expTime);
                // Update sessionId and exptime in database
                $query = "UPDATE " . AUTHTABLENAME . " SET sessionid='" . $sessionId . "', \n\t\t\t\t\texptime='" . $expTimeDB . "' WHERE username='******'";
                $result = perform_query($query, $dbLink);
            } else {
                $error .= " Invalid password for user {$username}";
                $_SESSION["error"] = "{$error}";
            }
        } else {
            $error .= " Missing POST variables";
            $_SESSION["error"] = "{$error}";
        }
    }
    if (trim($error) != "") {
        return $error;
    } else {
        $_SESSION["username"] = $username;
        return $username;
    }
}
Пример #19
0
function create_thread($groupid, $username, $remoteHost, $referer, $lang, $userid, $userbrowser, $initialState, $link)
{
    global $mysqlprefix;
    $query = sprintf("insert into {$mysqlprefix}chatthread (userName,userid,ltoken,remote,referer,lrevision,locale,userAgent,dtmcreated,dtmmodified,istate" . ($groupid ? ",groupid" : "") . ") values " . "('%s','%s',%s,'%s','%s',%s,'%s','%s',CURRENT_TIMESTAMP,CURRENT_TIMESTAMP,{$initialState}" . ($groupid ? ",{$groupid}" : "") . ")", mysql_real_escape_string($username, $link), mysql_real_escape_string($userid, $link), next_token(), mysql_real_escape_string($remoteHost, $link), mysql_real_escape_string($referer, $link), next_revision($link), mysql_real_escape_string($lang, $link), mysql_real_escape_string($userbrowser, $link));
    perform_query($query, $link);
    $id = mysql_insert_id($link);
    $newthread = thread_by_id_($id, $link);
    return $newthread;
}
Пример #20
0
function notify_operator_alive($operatorid, $istatus)
{
    global $mysqlprefix;
    $link = connect();
    perform_query(sprintf("update {$mysqlprefix}chatoperator set istatus = %s, dtmlastvisited = CURRENT_TIMESTAMP where operatorid = %s", intval($istatus), intval($operatorid)), $link);
    mysql_close($link);
}
Пример #21
0
function notify_operator_alive($operatorid, $istatus)
{
    global $mysqlprefix;
    $link = connect();
    perform_query("update {$mysqlprefix}chatoperator set istatus = {$istatus}, dtmlastvisited = CURRENT_TIMESTAMP where operatorid = {$operatorid}", $link);
    mysql_close($link);
}
Пример #22
0
$operator = check_login();
csrfchecktoken();
check_permissions($operator, $can_administrate);
if (isset($_GET['act']) && $_GET['act'] == 'del') {
    $groupid = isset($_GET['gid']) ? $_GET['gid'] : "";
    if (!preg_match("/^\\d+\$/", $groupid)) {
        $errors[] = "Cannot delete: wrong argument";
    }
    if (!is_capable($can_administrate, $operator)) {
        $errors[] = "You are not allowed to remove groups";
    }
    if (count($errors) == 0) {
        $link = connect();
        perform_query("delete from {$mysqlprefix}chatgroup where groupid = " . intval($groupid), $link);
        perform_query("delete from {$mysqlprefix}chatgroupoperator where groupid = " . intval($groupid), $link);
        perform_query("update {$mysqlprefix}chatthread set groupid = 0 where groupid = " . intval($groupid), $link);
        mysql_close($link);
        header("Location: {$mibewroot}/operator/groups.php");
        exit;
    }
}
function is_online($group)
{
    global $settings;
    return $group['ilastseen'] !== NULL && $group['ilastseen'] < $settings['online_timeout'] ? "1" : "";
}
function is_away($group)
{
    global $settings;
    return $group['ilastseenaway'] !== NULL && $group['ilastseenaway'] < $settings['online_timeout'] ? "1" : "";
}
Пример #23
0
tryfunc("json_encode", "json");

if($_SESSION['AUTHTYPE'] == "none") {
    $username = "******";
    $sessionId = session_id();
    $act = "login from local_noauth";
    action($act);
    $_SESSION["pageId"] = (empty($_GET["pageId"])?"searchform":$_GET["pageId"]) ;
    $_SESSION["username"] = '******';
    $destination = $_SESSION['SITE_URL']."index.php";
    $dbLink = db_connect_syslog(DBADMIN, DBADMINPW);
    $sql = "SELECT * FROM ui_layout WHERE userid=(SELECT id FROM users WHERE username='******')";
    $res = perform_query($sql, $dbLink, $_SERVER['PHP_SELF']);
    if(num_rows($res)==0){
        $sql = "INSERT INTO ui_layout (userid, pagename, col, rowindex, header, content, group_access) SELECT (SELECT id FROM users WHERE username='******'),pagename,col,rowindex,header,content,group_access FROM ui_layout WHERE userid=0";
        $res = perform_query($sql, $dbLink, $_SERVER['PHP_SELF']);
    }
    if (!empty($_SERVER['QUERY_STRING']))
    {

        $destination .= '?' . $_SERVER['QUERY_STRING'];
    }
    g_redirect($destination, "JS"); // Redirect unauthenticated member
}

if ($_POST) {
    if (auth($_POST) == $_SESSION["username"]) {
        $act = "logged in";
        action($act);
        $destination = $_SESSION['SITE_URL']."index.php";
        if (!empty($_POST['searchQuery']))
Пример #24
0
function log_notification($locale, $kind, $to, $subj, $text, $refop, $link)
{
    global $mysqlprefix;
    $query = sprintf("insert into {$mysqlprefix}chatnotification (locale,vckind,vcto,vcsubject,tmessage,refoperator,dtmcreated) values ('%s','%s','%s','%s','%s',%s,%s)", $locale, $kind, mysql_real_escape_string($to, $link), mysql_real_escape_string($subj, $link), mysql_real_escape_string($text, $link), $refop ? $refop : "0", "CURRENT_TIMESTAMP");
    perform_query($query, $link);
}
Пример #25
0
    $('#portlet-header_Mnemonics').append(" (<?php echo commify($count)?> total)")
};
</script>
<table class="hoverTable">
<thead class="ui-widget-header">
  <tr>
    <th width="5%" style="text-align:left"></th>
    <th width="45%" style="text-align:left">Mnemonic</th>
    <th width="25%" style="text-align:left">Seen</th>
    <th width="25%" style="text-align:left">Last Seen</th>
  </tr>
</thead>
  <tbody>
<?php
        $sql = "SELECT * FROM (SELECT * FROM mne where hidden='false' ORDER BY lastseen DESC) AS result LIMIT ". $_SESSION['PORTLET_MNE_LIMIT']; 
        $result = perform_query($sql, $dbLink, "portlet-mnemonics.php"); 
        $i=0; 
        while($row = fetch_array($result)) { 
        echo "<tr>";
        echo "<td id='mne_sel'>";
          echo "<input type=\"checkbox\" name=\"sel_mne[]\" value=\"$row[name]\" id='$row[name]'";
        echo "</td>";
        echo "<td id='mne'>";
        if (strlen($row['name']) < 26) {
            echo "$row[name]";
        } else {
            if (strlen($row['name']) > 39) {
                echo "<span style=\"font-size: xx-small\">$row[name]</span>";
            } else {
                echo "<span style=\"font-size: x-small\">$row[name]</span>";
            }
Пример #26
0
        $fh = fopen($myFile, 'a') or die("can't open file $myFile");
        fwrite($fh, print_r($_GET));
        fclose($fh);
        }
    */
    $where .= " AND user='******'username'] . "'";
    $count = get_total_rows("ui_layout", $dbLink, "{$where}");
    if ($count > 0) {
        $total_pages = ceil($count / $limit);
    } else {
        $total_pages = 0;
    }
    if ($page > $total_pages) {
        $page = $total_pages;
    }
    $start = $limit * $page - $limit;
    // do not put $limit*($page - 1)
    $response->page = $page;
    $response->total = $total_pages;
    $response->records = $count;
    $sql = "SELECT * FROM ui_layout {$where} ORDER BY {$sidx} {$sord} LIMIT {$start} , {$limit}";
    $result = perform_query($sql, $dbLink, $_REQUEST['pageId']);
    $i = 0;
    while ($row = fetch_array($result)) {
        $response->rows[$i]['id'] = $row[id];
        $response->rows[$i]['cell'] = array($row[user], $row[tab], $row[tabname], $row[col], $row[colwidth], $row[rowindex], $row['header'], $row['content']);
        $i++;
    }
    echo json_encode($response);
}
mysql_close($dbLink);
Пример #27
0
}
// CDUKES: Jun 18, 2008: Added in support of the SQZ feature
if (defined('SQZ_ENABLED') && SQZ_ENABLED == TRUE) {
    $query = "SELECT SUM(counter) FROM " . DEFAULTLOGTABLE . " ";
    $result = perform_query($query, $dbLink) or die(mysql_error());
    $row = fetch_array($result);
    $totalrows = commify($row[0]);
    // die ("Total COUNT rows: $totalrows");
} else {
    if (defined('COUNT_ROWS') && COUNT_ROWS == TRUE && $num_results) {
        $totalrows = commify(get_total_rows(DEFAULTLOGTABLE));
        // die ("Total COUNT rows:" . $totalrows);
    } else {
        // Get Total number of rows
        $query = "SELECT count(*) from " . DEFAULTLOGTABLE;
        $result = perform_query($query, $dbLink) or die(mysql_error());
        $numrows = mysql_num_rows($result);
        $totalrows = commify($numrows);
        // die ("Total rows: $query<br>" . $totalrows);
    }
}
// A new pie graph
$graph = new PieGraph(640, 480, 'auto');
$graph->SetShadow();
// Title setup
/* cdukes - 2-28-08: Added a test to notify the user if they selected more TopX than what was available in the database
    Example: Selecting Top 100 when only 50 hosts are in the DB
	 */
$numhosts = count($host);
// die("Hostcount:$numhosts \nTopx: $topx\n");
if ($numhosts >= $topx) {
Пример #28
0
require_once '../libs/common.php';
require_once '../libs/chat.php';
require_once '../libs/operator.php';
require_once '../libs/pagination.php';
$operator = check_login();
$page = array();
$errors = array();
setlocale(LC_TIME, getstring("time.locale"));
$link = connect();
if (isset($_GET['act']) && $_GET['act'] == 'del') {
    $banId = isset($_GET['id']) ? $_GET['id'] : "";
    if (!preg_match("/^\\d+\$/", $banId)) {
        $errors[] = "Cannot delete: wrong argument";
    }
    if (count($errors) == 0) {
        perform_query("delete from {$mysqlprefix}chatban where banid = {$banId}", $link);
        header("Location: {$webimroot}/operator/blocked.php");
        exit;
    }
}
$result = mysql_query("select banid,unix_timestamp(dtmtill) as till,address,comment from {$mysqlprefix}chatban", $link) or die(' Query failed: ' . mysql_error($link));
$blockedList = array();
while ($ban = mysql_fetch_array($result, MYSQL_ASSOC)) {
    $blockedList[] = $ban;
}
mysql_free_result($result);
mysql_close($link);
setup_pagination($blockedList);
prepare_menu($operator);
start_html_output();
require '../view/blocked_visitors.php';
Пример #29
0
            // print "Processing in list\n";
            if (!perform_query($query, $dbLink)) {
                rollback($dbLink);
                die("Error: Delete failed.");
            }
        }
    }
}
commit($dbLink);
$dbsecs = get_microtime() - $db_time_start;
print "Debug: Log table modifications complete in {$dbsecs} seconds...\n";
//------------------------------------------------------------------------
// Gather and spit out some stats
//------------------------------------------------------------------------
$query = 'SELECT count(*) AS "count" from ' . DEFAULTLOGTABLE;
$result = perform_query($query, $dbLink);
$row = fetch_array($result);
$num_rows_after = $row['count'];
$savings = $num_rows - $num_rows_after;
$savings_p = round($savings / $num_rows * 100, 0);
echo "\nStarting Row Count = {$num_rows}\n";
echo "Ending Row Count = {$num_rows_after}\n";
echo "Cleaned {$savings} records saving {$savings_p} percent\n";
$time_end = get_microtime();
$exetime = round($time_end - $time_start, 2);
$mps = round($num_rows / $exetime, 2);
echo "Squeeze finished in " . $exetime . " seconds ({$mps} MPS)\n";
//========================================================================
// END
//========================================================================
///// Functions (should probably be put in include file common functions
Пример #30
0
require_once '../libs/chat.php';
require_once '../libs/operator.php';
require_once '../libs/pagination.php';
$operator = check_login();
csrfchecktoken();
$page = array();
$errors = array();
setlocale(LC_TIME, getstring("time.locale"));
$link = connect();
if (isset($_GET['act']) && $_GET['act'] == 'del') {
    $banId = isset($_GET['id']) ? $_GET['id'] : "";
    if (!preg_match("/^\\d+\$/", $banId)) {
        $errors[] = "Cannot delete: wrong argument";
    }
    if (count($errors) == 0) {
        perform_query("delete from {$mysqlprefix}chatban where banid = " . intval($banId), $link);
        header("Location: {$mibewroot}/operator/blocked.php");
        exit;
    }
}
$result = mysql_query("select banid,unix_timestamp(dtmtill) as till,address,comment from {$mysqlprefix}chatban", $link) or die(' Query failed: ' . mysql_error($link));
$blockedList = array();
while ($ban = mysql_fetch_array($result, MYSQL_ASSOC)) {
    $blockedList[] = $ban;
}
mysql_free_result($result);
mysql_close($link);
setup_pagination($blockedList);
prepare_menu($operator);
start_html_output();
require '../view/blocked_visitors.php';