public function vote() { if (!POST("answer")) { showAlert("You must select an answer", _webBase); } $this->Polls_Model->vote(); showAlert("Thanks for your vote", _webBase); }
function connectDB() { $host = 'localhost'; $user = '******'; $pass = '******'; $database = 'blogs'; @($mysqli = new mysqli($host, $user, $pass, $database)); if ($mysqli->connect_errno) { showAlert("error", "Database error"); } return $mysqli; }
} else { if ($_GET['check'] == true) { $login = $_POST['login']; $pass = sha1($_POST['pass']); $mysqli = connectDB(); $checkUser = $mysqli->query("SELECT user_id, password FROM users WHERE username = '******'"); if ($checkUser->num_rows > 0) { $row = $checkUser->fetch_object(); } if (isset($row) && $row->password == $pass) { $_SESSION['uid'] = $row->user_id; unset($_GET['page']); $success = true; header("Location: index.php"); } else { showAlert("error", "Wrong username or password"); } } } if (!$success) { echo '<div class="bgdiv" style="width:280px;padding:0px;margin: 0 auto;">'; echo ' <div class="lab_title" style="box-shadow:none;">'; echo ' Log in'; echo ' </div>'; echo ' <form action="?page=user&action=login&check=true" method="post">'; echo ' <table style="margin: 0 auto;width: 180px; text-align: left;">'; echo ' <tr>'; echo ' <td style="width:50%">'; echo ' Username'; echo ' <br />'; echo ' <input class="text" type="text" name="login" style="width:92%" />';
} if ($r == TRUE) { showMessage("El dispositivo (" . $mac . ") ha sido desasociado correctamente de la categoría " . $categoria . "."); } else { if (!isset($mens_error)) { $mens_error = "El dispositivo movil no ha desasociado."; } } } break; case 'cerrar_sesion': $sess->unregister('userp'); $sess->unregister('passp'); $sess->unregister('clienteS'); $sess->unregister('categoriasS'); /* Redireccionar a una pagina diferente en el directorio actual de la peticion */ $host = $_SERVER['HTTP_HOST']; $uri = rtrim(dirname($_SERVER['PHP_SELF']), '/\\'); $extra = 'index.php'; header("Location: http://{$host}{$uri}/{$extra}"); exit; break; } if (isset($mens_error)) { showAlert($mens_error); } } else { showAlert("El WebService no se encuentra disponible."); } } page_close();
} else { $alerts[] = showAlert("There was a problem adding your new email template. An alert has been dispatched to the system administrator.", "alert_negative"); // sysadmin contact function pending } } // edit email template if (isset_or($_REQUEST['edit_template'])) { $name = mysql_real_escape_string($_REQUEST['email_name']); $subject = mysql_real_escape_string($_REQUEST['email_subject']); $body = mysql_real_escape_string(stripslashes($_REQUEST['email_body'])); $template_id = mysql_real_escape_string($_REQUEST['template_id']); $result = $db->query("UPDATE email_templates SET name = '{$name}', subject = '{$subject}', body = '{$body}' WHERE id = '{$template_id}'"); if ($result) { $alerts[] = showAlert("Email template edited successfully!", "alert_positive"); } else { $alerts[] = showAlert("There was a problem editing your email template. An alert has been dispatched to the system administrator.", "alert_negative"); // sysadmin contact function pending } } $template_id = mysql_real_escape_string(route(1)); if ($template_id) { $editing = $db->queryUniqueObject("SELECT * FROM email_templates WHERE id = '{$template_id}'"); } $emails = $db->query("SELECT * FROM email_templates"); $stylesheets = array("css/validationEngine.jquery.css"); $scripts = array("js/jquery.validationEngine.js", "js/jquery.validationEngine-en.js"); $title = "Email Templates"; include "head.php"; ?> <div id="content">
} } } elseif (!empty($_GET['token'])) { // user activation require_once INC_DIR . 'dbconn.php'; if ($user = $db->getRow($_GET['token'])) { if (!$user['priv']) { $res = $db->update(array('priv' => 1), $user['id']); if ($res) { showAlert('User "' . $user['name'] . '" successfully activated', 1); } } else { showAlert('User already activated'); } } else { showAlert('User not found'); } } elseif (!empty($_GET['action']) && $_GET['action'] == 'logout') { setcookie('token', '', time() - 1); unset($_COOKIE['token']); } $user = null; if (!isset($authtoken) && isset($_COOKIE['token'])) { $authtoken = $_COOKIE['token']; } if (isset($authtoken)) { require_once INC_DIR . 'dbconn.php'; $user = $db->getRow($authtoken); if ($user && $user['priv']) { $assist = array('newabs' => '+ Add new abstract', 'tools' => '', 'account' => $user['name']); }
public function records($trash = FALSE, $order = NULL) { $Model = ucfirst(segment(0, isLang())) . "_Model"; $this->{$Model} = $this->model($Model); if (isset($this->{$Model})) { if (POST("seek")) { $data = $this->{$Model}->cpanel("search", NULL, POST("field") . " " . POST("order"), POST("search"), POST("field")); if (!$data) { showAlert("Results not found", path(whichApplication() . "/cpanel/results")); } } else { $start = 0; if ($trash) { $start = (segment(4, isLang()) === "page" and segment(5, isLang()) > 0) ? segment(5, isLang()) * _maxLimit - _maxLimit : 0; } else { $start = (segment(3, isLang()) === "page" and segment(4, isLang()) > 0) ? segment(4, isLang()) * _maxLimit - _maxLimit : 0; } $limit = $start . ", " . _maxLimit; if (segment(3, isLang()) === "order") { $i = segment(4) ? 3 : 4; $j = segment(4) ? 4 : 5; if (segment($i) === "id") { $field = "ID"; } elseif (segment($i) === "end-date") { $field = "End_Date"; } elseif (segment($i) === "start-date") { $field = "Start_Date"; } elseif (segment($i) === "text-date") { $field = "Text_Date"; } else { $field = ucfirst(segment($i)); } if (segment($j) === "asc") { $data = $this->{$Model}->cpanel("all", $limit, "{$field} ASC", NULL, NULL, $trash); } elseif (segment($j) === "desc") { $data = $this->{$Model}->cpanel("all", $limit, "{$field} DESC", NULL, NULL, $trash); } } else { $data = $this->{$Model}->cpanel("all", $limit, $order, NULL, NULL, $trash); } } return $data; } return FALSE; }
$alerts[] = showAlert("There was a problem updating settings", "alert_negative"); } } $groups = $db->query("SELECT group_id,name FROM user_groups"); if (isset_or($_REQUEST['permSave'])) { foreach ($_REQUEST['permissions'] as $group_id => $whatever) { //echo $group_id; // drop the groups shit $db->query("DELETE FROM user_groups_permissions WHERE group_id = '{$group_id}'"); foreach ($_REQUEST['permissions'][$group_id] as $permission_id => $active) { //echo $group_id.">".$permission_id ."\n"; $result = $db->query("INSERT INTO user_groups_permissions (group_id, permission_id) VALUES ('{$group_id}','{$permission_id}')"); } } if ($result) { $alerts[] = showAlert("Permissions updated", "alert_positive"); } } $permission_files = $db->query("SELECT name FROM permissions"); while ($filename = $db->fetchNextObject($permission_files)) { $perm_files[] = $filename->name; } $files['_default'] = scandir("./_default"); $allfiles = array(); $allfiles = array_merge($allfiles, $files['_default']); $db->resetFetch($groups); while ($group = $db->fetchNextObject($groups)) { if (is_dir("./" . $group->name)) { $files[$group->name] = scandir("./" . $group->name); $allfiles = array_merge($allfiles, $files[$group->name]); }
public function vote() { $ID_Poll = POST("ID_Poll"); $ID_Answer = POST("answer"); $IP = getIP(); $date = now(4); $end = $date + 3600; $data = $this->Db->findBySQL("ID_Poll = '{$ID_Poll}' AND IP = '{$IP}' AND End_Date > {$date}", "polls_ips"); if ($data) { showAlert("You've previously voted on this poll", _webBase); } else { $this->Db->table("polls_answers"); $values = "Votes = (Votes) + 1"; $this->Db->values($values); $this->Db->save($ID_Answer); $fields = "ID_Poll, IP, Start_Date, End_Date"; $values = "'{$ID_Poll}', '{$IP}', '{$date}', '{$end}'"; $this->Db->table("polls_ips", $fields); $this->Db->values($values); $insertID2 = $this->Db->save(); createCookie("ZanPoll", $ID_Poll, 3600); showAlert("Thank you for your vote!", _webBase); } return TRUE; }
public function isToken($token = FALSE, $action = NULL) { if ($token and isset($action)) { $data = $this->Db->findBySQL("Token = '{$token}' AND Action = '{$action}' AND Situation = 'Active'", "tokens"); if (!$data) { showAlert("Invalid Token"); } else { return $data[0]["ID_Token"]; } } else { showAlert("Invalid Token"); } }
} elseif ($_REQUEST['action'] == 'edit' && $_REQUEST['booking_id']) { $intBookingID = intval($_REQUEST['booking_id']); $intBookingActivityID = intval($_REQUEST['booking_activity_id']); $intBookingProductID = intval($_REQUEST['booking_product_id']); updateBooking($intBookingID); updateBookingActivity($intBookingActivityID); updateBookingProduct($intBookingProductID); updateBookingActivityDescription($intBookingActivityID); $strAlertContent = 'Booking <strong>"' . $strBookingCode . '"</strong> for <strong>"' . $strSupplierName . '"</strong> is successfully updated!'; $strLog = 'Booking "' . $strBookingCode . '" for "' . $strSupplierName . '" is successfully updated'; } // elseif ($_REQUEST['action'] == 'edit' && $_REQUEST['booking_id']) updateBookingTotal($intBookingID); updateActivityGondola(); insertLog($strLog); showAlert($strAlertContent, $intBookingID, $intBookingActivityID, $intBookingProductID); } elseif ($_REQUEST['action'] == 'delete' && $_REQUEST['booking_id']) { $strBookingCode = $db->dbIDToField('mbs_bookings', 'booking_id', $_REQUEST['booking_id'], 'booking_code'); if ($_REQUEST['booking_activity_id']) { // delete booking activities $queryActivities = "DELETE FROM `mbs_bookings_activities` WHERE `booking_activity_id` = '" . mysql_real_escape_string($_REQUEST['booking_activity_id']) . "' LIMIT 1"; $resultActivities = mysql_query($queryActivities); // delete booking activity products $queryProduct = "DELETE FROM `mbs_bookings_products` WHERE `booking_activity_id` = '" . mysql_real_escape_string($_REQUEST['booking_activity_id']) . "'"; $resultProduct = mysql_query($queryProduct); $strAlert = 'Booking activity for "' . $strBookingCode . '" is successfully deleted!'; #$strAlert .= '<br /><br /><a class="btn" href="booking_list.php">Back</a>'; $strLog = 'Booking activity for "' . $strBookingCode . '" is successfully deleted.'; } else { // delete booking $query = "DELETE FROM `mbs_bookings` WHERE `booking_id` = '" . mysql_real_escape_string($_REQUEST['booking_id']) . "' LIMIT 1";
} /* // kontrollo fortesine e passwordit if(!preg_match('/^(?=.*\d)(?=.*[A-Za-z])[0-9A-Za-z!@#$%]{8,30}$/', $_POST["newPassword"])) { showAlert("Fjalëkalimi nuk plotëson kushtet."); render("change_password.php", ["title" => "Ndërro fjalëkalimin"]); return; } */ // kontrollo nese passwordi i ri eshte i ndryshem nga i pari if ($_POST["newPassword"] == $_POST["currPassword"]) { showAlert("Fjalëkalimi i ri duhet të jetë i ndryshëm nga i vjetri!"); render("change_password.php", ["title" => "Ndërro fjalëkalimin"]); return; } // merr kodin hash te passwordit aktual if (($result = query("SELECT password FROM users WHERE id = ?", $_SESSION["id"])) === false) { apologize("Nuk mund të verifikohet fjalëkalimi për momentin. Provoni përsëri."); } // verifiko passwordin if (!password_verify($_POST["currPassword"], $result[0]["password"])) { showAlert("Fjalëkalimi është i gabuar!"); render("change_password.php", ["title" => "Ndërro fjalëkalimin"]); return; } // nderro passwordin if (query("UPDATE users SET password = ? WHERE id = ?", password_hash($_POST["newPassword"], PASSWORD_DEFAULT), $_SESSION["id"]) === false) { apologize("Nuk mund të ndryshohet fjalëkalimi për momentin. Provoni përsëri."); } // nese cdo gje shkon mire, shko tek faqja kryesore redirect("/"); }
public function getPath($path, $option = NULL, $types = FALSE) { $this->Files = $this->core("Files"); $dir = @dir($path); $options = NULL; if (!$dir) { showAlert("Uploads directories does not exists", path("cpanel")); } while ($element = $dir->read()) { $directory = $path . $element . _sh; if ($element !== "." and $element !== ".." and !is_dir($directory)) { if ($element !== "cpanel" and $element !== "config") { if ($types) { if ($element === $option) { $options[] = '<option selected="selected">' . encode($element) . '</option>'; } else { $options[] = '<option>' . $element . '</option>'; } } else { $file = $this->Files->getFileInformation($element); if ($this->type === "documents") { if ($file["type"] === "document") { $options[] = encode($element); } } elseif ($this->type === "images") { if ($file["type"] === "image") { $options[] = encode($element); } } } } } } $dir->close(); return $options; }
$_POST['home_based'] = isset_or($_POST['home_based'], 0); $_POST['relocatable'] = isset_or($_POST['relocatable'], 0); $_POST['franchise'] = isset_or($_POST['franchise'], 0); $listing_id = mysql_real_escape_string($_POST['listing_id']); foreach ($_POST as $key => $value) { if (in_array($key, $listing_fields)) { $input_values[] = $key . "='" . isset_or(mysql_real_escape_string(stripslashes($_POST[$key]))) . "'"; } } $insert_data = implode(",", $input_values); $query = "UPDATE listings SET {$insert_data} WHERE id = '{$listing_id}'"; $result = $db->query($query); if ($result) { echo showAlert("Your listing has been updated!", "positive"); } else { echo showAlert("There was a problem updating your listing.", "negative"); } } if (isset_or($_REQUEST['doListingContact'])) { // get the listing id and the user_id of person who listed it $listing_id = mysql_real_escape_string($_REQUEST['listing_id']); $name = mysql_real_escape_string($_REQUEST['name']); $email = mysql_real_escape_string($_REQUEST['email']); $phone = mysql_real_escape_string($_REQUEST['phone']); $message = mysql_real_escape_string($_REQUEST['message']); $listing_info = $db->queryUniqueObject("SELECT l.headline, u.* FROM listings l\n\t\t\t\t\t\t\t\t\t\t\tLEFT JOIN users u ON u.id = l.user_id\n\t\t\t\t\t\t\t\t\t\t\tWHERE l.id = '{$listing_id}'"); $user_exists = $db->queryUniqueValue("SELECT id FROM users WHERE email = '{$email}'"); $emailTemplate = new EmailTemplate(); // Create an instance for new user from contact form if ($user_exists == null) { // user doesn't exist so add them
<div class="col-lg-12"> <div class="row navbar navbar-inverse navbar-fixed-top"> <div class="container"> <div class="navbar-header"> <span class="navbar-brand">Store</span> </div> <div> <ul class="nav navbar-nav"> <li role="presentation"><a href="index.php"><span class="glyphicon glyphicon-home"></span> Home</a></li> <li role="presentation"><a href="retrieve.php">Products List</a></li> <li role="presentation"><a href="create.php">Register Products</a></li> <li role="presentation"><a href="contact.php">Contact</a></li> </ul> <ul class="nav navbar-nav navbar-right"> <li role="presentation"><a href="logout.php" class="navbar-link"><span class="glyphicon glyphicon-off"></span></a></li> </ul> </div> </div> </div> <div class="container"> <div id="principal"> <?php showAlert("success"); showAlert("danger"); ?>
/* Sherben per te menaxhuar shtimin e notave per studentet */ // konfigurimi require "/../site_folders/includes/config.php"; // nese faqja eshte arritur nepermjet GET (link ose redirect) if ($_SERVER["REQUEST_METHOD"] == "GET") { redirect("/"); } else { if ($_SERVER["REQUEST_METHOD"] == "POST") { // hap nje forme per te kerkuar numrin e notave if ($_POST["option"] == "choose") { render("addgrades_choose.php", ["title" => "Shto nota"]); } elseif ($_POST["option"] == "add") { // kontrollo nese numri i lendeve eshte i vlefshem if (!preg_match("/^[1-9][0-9]*\$/", $_POST["nrLende"])) { showAlert("Numri i lëndëve është i pavlefshëm."); // nese jo, rishfaq formen if ($_SESSION["type"] == "student") { render("addgrades_choose.php", ["title" => "Shto nota"]); } elseif ($_SESSION["type"] == "admin") { render("addgrades_choose.php", ["title" => "Shto nota", "id" => $_POST["id"]]); } return; } render("addgrades_add.php", ["title" => "Shto nota", "nrLende" => $_POST["nrLende"]]); } elseif ($_POST["option"] == "publish") { for ($i = 0; $i < intval($_POST["nrLende"]); $i++) { // kontrollo nese jane vendosur vlera per lenden dhe noten if ($_POST["lenda" . $i] != "" && $_POST["nota" . $i] != "") { // ekzekuto query if (query("INSERT INTO nota (id_student, lenda, nota) VALUES (?, ?, ?)", $_SESSION["type"] == "admin" ? $_POST["id"] : $_SESSION["id"], $_POST["lenda" . $i], intval($_POST["nota" . $i])) === false) {
private function slug() { $this->Comments_Model = $this->model("Comments_Model"); $this->CSS("posts", $this->application); $this->CSS("comments", $this->application); if (POST("post-comment")) { $alert = $this->Comments_Model->saveComments(); } else { $alert = FALSE; } $data = $this->Blog_Model->getPost(segment(5), segment(2), segment(3), segment(4)); $year = isYear(segment(2)) ? segment(2) : NULL; $month = isMonth(segment(3)) ? segment(3) : NULL; $day = isDay(segment(4)) ? segment(4) : NULL; $URL = path("blog/{$year}/{$month}/{$day}/" . segment(5)); $vars["alert"] = $alert; $vars["ID_Post"] = $data[0]["post"][0]["ID_Post"]; $vars["dataTags"] = $data[0]["tags"]; $vars["post"] = $data[0]["post"][0]; $vars["dataCategories"] = $data[0]["categories"]; $vars["dataComments"] = $data[0]["comments"]; $vars["URL"] = $URL; if ($data) { $this->title(decode($data[0]["post"][0]["Title"])); if ($data[0]["post"][0]["Pwd"] === "") { $vars["view"][0] = $this->view("post", TRUE); if ($data[0]["post"][0]["Enable_Comments"]) { $vars["view"][1] = $this->view("comments", TRUE); } } elseif (POST("access")) { if (POST("password", "encrypt") === POST("pwd")) { if (!SESSION("access-id")) { SESSION("access-id", $data[0]["post"][0]["ID_Post"]); } else { SESSION("access-id", $data[0]["post"][0]["ID_Post"]); } redirect($URL); } else { showAlert("Incorrect password", _webBase . _sh . _webLang . _sh . _blog); } } elseif (!SESSION("access-id") and strlen($data[0]["post"][0]["Pwd"]) === 40 and !POST("access")) { $vars["password"] = $data[0]["post"][0]["Pwd"]; $vars["view"] = $this->view("access", TRUE); } elseif (SESSION("access-id") === $data[0]["post"][0]["ID_Post"]) { $vars["view"][0] = $this->view("post", TRUE); if ($data[0]["post"][0]["Enable_Comments"] === "Yes") { $vars["view"][1] = $this->view("comments", TRUE); } } elseif (SESSION("access-id") and SESSION("access-id") !== $data[0]["post"][0]["ID_Post"]) { $vars["password"] = $data[0]["post"][0]["Pwd"]; $vars["view"] = $this->view("access", TRUE); } $this->template("content", $vars); } else { $this->template("error404"); } }
echo ' </tr>'; echo ' </table>'; echo '</form>'; echo '<hr style="width:80%;" />'; if ($result = $mysqli->query("SELECT a.title, a.blog_id, a.create_date, IFNULL(b.posts,0) AS posts FROM blogs a LEFT OUTER JOIN \n\t\t\t\t\t\t\t\t(SELECT blog_id, count(*) AS posts FROM posts GROUP BY blog_id) b ON a.blog_id=b.blog_id WHERE a.user_id='" . $_SESSION['uid'] . "' ORDER BY title;")) { if ($result->num_rows > 0) { echo '<table style="width:80%; margin: 0 auto;">'; echo ' <tr>'; echo ' <th>Title</th>'; echo ' <th style="width:160px;">Added</th>'; echo ' <th style="width:60px;">Posts</th>'; echo ' <th style="width:40px;"></th>'; echo ' </tr>'; while ($row = $result->fetch_object()) { echo ' <tr>'; echo ' <td style="text-align:left;">' . $row->title . '</td>'; echo ' <td>' . $row->create_date . '</td>'; echo ' <td>' . $row->posts . '</td>'; echo ' <td><a href="?page=edit&action=editBlog&blog_id=' . $row->blog_id . '"><input type="button" class="button" value="Edit" /></a></td>'; echo ' </tr>'; } echo '</table>'; } else { showAlert("block", "You don't have any blogs"); } } echo '</div>'; echo '</div>'; } else { header("Location: index.php"); }
<?php if (!empty($_POST['vol']) && count($_POST) > 2) { require_once INC_DIR . 'dbconn.php'; if ($user && $user['priv'] > 1) { $aid = $_POST['vol'] . '(' . $_POST['issue'] . '): ' . $_POST['page'] . '-' . $_POST['end_page']; if (isset($_POST['update'])) { $res = $db->update($_POST['update'], array_intersect_key($_POST, array_flip(array('vol', 'issue', 'page'))), TBL_CON); showAlert('Record <i>' . implode(', ', array_keys($_POST['update'])) . '</i> in ' . $aid . ($res ? ' successfully updated' : ' failed updating'), $res); } else { $res = $db->insert($_POST, TBL_CON); showAlert($res ? 'Article ' . $aid . ' added successfully.' : 'Failed adding article ' . $aid . '. Duplicate entry?', $res); } } else { showAlert('You do not have enough privileges to perform the action'); } }
require "/../site_folders/includes/config.php"; // nese faqja eshte arritur nepermjet GET (link ose redirect) if ($_SERVER["REQUEST_METHOD"] == "GET") { render("change_password_admin.php", ["title" => "Ndrysho fjalëkalimin"]); } elseif ($_SERVER["REQUEST_METHOD"] == "POST") { // kontrollo nese te gjitha fushat jane te plotesuara foreach ($_POST as $value) { if (empty($value)) { showAlert("Ju lutemi, plotësoni të gjitha fushat!"); render("change_password_admin.php", ["title" => "Ndërro fjalëkalimin", "id" => $_POST["id"]]); return; } } // kontrollo nese passwordet perputhen if ($_POST["newPassword"] != $_POST["confirmPassword"]) { showAlert("Fjalëkalimet nuk përputhen!"); render("change_password_admin.php", ["title" => "Ndërro fjalëkalimin", "id" => $_POST["id"]]); return; } /* // kontrollo fortesine e passwordit if(!preg_match('/^(?=.*\d)(?=.*[A-Za-z])[0-9A-Za-z!@#$%]{8,30}$/', $_POST["newPassword"])) { showAlert("Fjalëkalimi nuk plotëson kushtet."); render("change_password_admin.php", ["title" => "Ndërro fjalëkalimin"]); return; } */ // hidh passwordin e ri ne databaze if (query("UPDATE users SET password = ? WHERE id = ?", password_hash($_POST["newPassword"], PASSWORD_DEFAULT), $_POST["id"]) === false) { apologize("Nuk mund të ndryshohet fjalëkalimi për momentin. Provoni përsëri."); } // nese gjithcka shkon mire
<?php ikutkan("head.php"); ikutkan("menu.php"); if (isset($_GET['add'])) { if (!empty($_POST['nomor'])) { $db->exec("insert into t_warga(X,Y,blok_rumah,nomor_rumah,nama_suami,telepon_suami,nama_istri,telepon_istri,tgl_masuk)\n\t\tValues(0,0,'" . $_POST['blok'] . "','" . $_POST['nomor'] . "','" . $db->escapeString($_POST['suami']) . "','" . $_POST['hp1'] . "'\n\t\t,'" . $db->escapeString($_POST['istri']) . "','" . $_POST['hp2'] . "','" . time() . "');"); } else { showAlert("Mohon isi nomor rumah", "danger"); } } ?> <br> <div class="row"> <form id="blokSubmit" role="form" class="form" action="./" method="get" enctype="application/x-www-form-urlencoded"> <?php if ($config->Gunakan_Blok == 'true') { ?> <div class="col-sm-4"> <select class="form-control input-sm" id="blok" name="blok" onChange="document.getElementById('blokSubmit').submit()"> <option value="" <?php if (empty($_GET['blok'])) { echo 'selected'; } ?> >--pilih blok--</option> <option value="all" <?php if ($_GET['blok'] == 'all') { echo 'selected'; } ?>
public function login($from = "users") { if (segment(3)) { $from = segment(3); } if ($from === "forums") { $this->CSS("loginforums", TRUE); } else { $this->CSS("login", $this->application); } $this->title("Login"); if (POST("connect")) { if ($this->Users_Model->isAdmin() or $this->Users_Model->isMember()) { $user = $this->Users_Model->getUserData(); } else { $user = FALSE; } if ($user) { SESSION("ZanUser", $user[0]["Username"]); SESSION("ZanUserPwd", $user[0]["Password"]); SESSION("ZanUserGod", $user[0]["God"]); SESSION("ZanUserID", $user[0]["ID_User"]); SESSION("ZanUserPrivilegeID", $user[0]["ID_Privilege"]); SESSION("ZanUserPrivilege", $user[0]["Privilege"]); if ($from === "forums") { $vars["success"] = TRUE; $vars["view"] = $this->view("login", $vars); } else { redirect(POST("URL")); } } elseif ($from === "cpanel") { showAlert("Incorrect Login", path("cpanel")); } else { if ($from === "forums") { $vars["href"] = path("users" . _sh . "login" . _sh . $from); $vars["noregister"] = TRUE; $vars["alert"] = getAlert("Incorrect Login"); $vars["view"] = $this->view("login", $vars); } else { $vars["href"] = path("users" . _sh . "login"); $vars["alert"] = getAlert("Incorrect Login"); $vars["view"] = $this->view("login", TRUE); } } } else { if ($from === "forums") { $vars["href"] = path("users" . _sh . "login" . _sh . $from); $vars["noregister"] = TRUE; $vars["view"] = $this->view("login", $vars); } else { $vars["href"] = path("users" . _sh . "login"); $vars["view"] = $this->view("login", TRUE); } } $this->render("content", $vars); }
if (!empty($_POST['topik']) && !empty($_POST['topik'])) { if ($do == 'tambahkan') { if ($db->exec("insert into t_sms(topik_sms,isi_sms,terakhir_dikirim,tanggal_dibuat)\n\t\t\t\t\t\tvalues('" . $db->escapeString($_POST['topik']) . "','" . $db->escapeString($_POST['sms']) . "',0," . time() . ");")) { showAlert("SMS berhasil ditambahkan", 'success'); } else { showAlert("SMS gagal ditambahkan.<br>" . $db->lastErrorMsg, 'danger'); } } else { if ($db->exec("update t_sms set topik_sms='" . $db->escapeString($_POST['topik']) . "',\n\t\t\t\t\t\tisi_sms='" . $db->escapeString($_POST['sms']) . "' where id_sms={$id}")) { showAlert("SMS berhasil diubah", 'success'); } else { showAlert("SMS gagal diubah.<br>" . $db->lastErrorMsg, 'danger'); } } } else { showAlert("Mohon isi semua data", 'danger'); } } $SMS = array(); if (!empty($id)) { $SMS = $db->querySingle("select isi_sms,topik_sms from t_sms where id_sms={$id}", true); } ?> <form role="form" action="?apa=<?php echo $apa; ?> &do=<?php echo $do; ?> &id=<?php echo $id;
// shfaq nje alert dhe rishfaq formularin showAlert("Duhet të jepni fjalëkalimin."); renderNoMenu("login_form.php", ["title" => "Hyr"]); } else { // ekzekuto query if (($rows = query("SELECT * FROM users WHERE username = ?", $_POST["username"])) === false) { apologize("Nuk mund të kryhet verifikimi. Provoni sërish."); } // nese u gjet perdoruesi, kontrollo fjalekalimin if (count($rows) == 1) { // rreshti i pare (dhe i vetem) $row = $rows[0]; // krahaso hash-in e passwordit te dhene nga perdoruesi me ate te databazes if (password_verify($_POST["password"], $row["password"])) { // kujto qe perdoruesi eshte loguar duke ruajtur ID-ne e tij $_SESSION["id"] = $row["id"]; // ruaj llojin e perdoruesit $_SESSION["type"] = $row["type"]; // ruaj username $_SESSION["username"] = $row["username"]; // shko tek faqja kryesore redirect("/"); } } // nese te dhenat nuk jane te sakta, shfaq nje alert dhe rishfaq formularin showAlert("Përdorues ose fjalëkalim i gabuar."); renderNoMenu("login_form.php", ["title" => "Hyr", "username" => $_POST["username"]]); } } } }
if ($key != "pershkrimi" && $key != "kualifikimet") { if (empty($value)) { // nese ka fusha te paplotesuara, shfaq alert dhe rishfaq formen showAlert("Ju lutemi, plotësoni të gjitha fushat e kërkuara!"); render("edit_njoftim.php", ["title" => "Modifiko njoftimin", "fields" => $_POST]); // shko tek elementi i pare i paplotesuar echo "<script>"; echo "document.getElementById('myForm').{$key}.focus()"; echo "</script>"; return; } } } // kontrollo nese data eshte ne format te rregullt if (!preg_match("/^[0-9]{4}-[0-9]{1,2}-[0-9]{1,2}\$/", $_POST["afati"])) { showAlert("Datë e pavlefshme!"); render("edit_njoftim.php", ["title" => "Modifiko njoftimin", "fields" => $_POST]); // shko tek fusha e dates echo "<script>"; echo "document.getElementById('myForm').afati.focus()"; echo "</script>"; return; } // hidh njoftimin e ri ne databaze if (query("INSERT INTO njoftime (id_kompani, pozicioni, qyteti, adresa, pershkrimi, kualifikimet, data_publikimit, afati)" . "VALUES (?, ?, ?, ?, ?, ?, CURDATE(), ?)", $_SESSION["id"], $_POST["pozicioni"], $_POST["qyteti"], $_POST["adresa"], $_POST["pershkrimi"], $_POST["kualifikimet"], $_POST["afati"]) === false) { apologize("Nuk mund të krijohet njoftimi për momentin. Provoni sërish më vonë."); } // gjej id-ne e fundit te shtuar tek tabela njoftime $rows = query("SELECT LAST_INSERT_ID() AS id_njoftim"); // nese cdo gje shkon mire, shko tek njoftimi redirect("/jobs.php?show=selected&id_njoftim=" . $rows[0]["id_njoftim"]);
<?php /* Copyright 2010 Ángel Daniel Sanjuán Espejo, David Armenteros Escabias. This file is part of BluFeedMe. BluFeedMe is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program. If not, see <http://www.gnu.org/licenses/>. */ require_once "UI.php"; if (isset($_POST['error'])) { showAlert($_POST['error']); }
if ($_GET['do'] == 'geser') { if ($_POST['fromX'] + $_POST['geserX'] < 0) { showAlert("Hasil geser tidak boleh kurang dari nol", "warning"); } else { if ($_POST['fromY'] + $_POST['geserY'] < 0) { showAlert("Hasil geser tidak boleh kurang dari nol", "warning"); } else { $db->exec("update t_warga SET X=(X+" . $_POST['geserX'] . "), Y=(Y+" . $_POST['geserY'] . "),last_update=" . time() . " where X>=" . $_POST['fromX'] . " and Y>=" . $_POST['fromY']); } } } if ($_GET['do'] == 'add') { if (!empty($_POST['blok']) && !empty($_POST['nomor'])) { $db->exec("insert into t_warga(X,Y,blok_rumah,nomor_rumah,nama_suami,tgl_keluar) values(" . $_POST['X'] . "," . $_POST['Y'] . ",'" . $_POST['blok'] . "','" . $_POST['nomor'] . "','belum',0)"); } else { showAlert("Mohon isi blok dan nomor rumah", "warning"); } } $maxX = $db->querySingle('SELECT max(`X`) as mx FROM t_warga', false); $maxY = $db->querySingle('SELECT max(`Y`) as mx FROM t_warga', false); $hasil = $db->query("SELECT `X`, `Y`, `blok_rumah`, `nomor_rumah`,nama_suami FROM t_warga"); $data = array(); while ($row = $hasil->fetchArray()) { $data[$row['X']][$row['Y']] = array("Blok" => $row["blok_rumah"], "Nomor" => $row["nomor_rumah"], "Suami" => $row["nama_suami"]); } //print_r($data); for ($y = 0; $y < $maxY + 2; $y++) { echo "<tr>"; for ($x = 0; $x < $maxX + 2; $x++) { if (!empty($data[$x][$y])) { if ($data[$x][$y]["Suami"] != 'belum') {
</h3> <span><?php echo conf('app.desc'); ?> </span> </div> <nav id="site-nav" class="clearfix"> <?php echo app('main-menu')->nav('menu menu-h'); ?> <?php echo app('user-menu')->nav('menu menu-h menu-right'); ?> </nav> </header> <div id="site-contents" class="clearfix"> <header id="content-header" class="clearfix"> <h3 id="page-title"><?php echo $heading; ?> </h3> <?php if (isset($toolbar)) { echo '<nav id="page-tool" class="clearfix">' . $toolbar->nav('menu menu-h menu-tool') . '</nav>'; } ?> </header> <div id="content-main" class="clearfix"> <?php echo showAlert();
echo "<script>"; echo "document.getElementById('myForm').username.focus()"; echo "</script>"; return; } // shto perdoruesin e ri ne tabelen users if (query("INSERT INTO users (username, password, type) VALUES (?, ?, ?)", $_POST["username"], password_hash($_POST["password"], PASSWORD_DEFAULT), $_POST["type"]) === false) { apologize("Nuk mund të regjistroheni për momentin. Provoni sërish më vonë."); } // gjej id-ne e fundit te shtuar ne databaze $rows = query("SELECT LAST_INSERT_ID() AS id"); // nese perdoruesi eshte student if ($_POST["type"] == "student") { // kontrollo moshen if (!preg_match("/^[1-9][0-9]\$/", $_POST["mosha"])) { showAlert("Moshë e pavlefshme."); renderNoMenu("register_" . $_POST["type"] . ".php", ["title" => "Regjistrohu", "fields" => $_POST]); // shko tek fusha e moshes echo "<script>"; echo "document.getElementById('myForm').mosha.focus()"; echo "</script>"; return; } // shto perdoruesin e ri ne tabelen student if (query("INSERT INTO student (id, emri, gjinia, mosha, email, cel) VALUES (?, ?, ?, ?, ?, ?)", $rows[0]["id"], $_POST["emri"], $_POST["gjinia"], intval($_POST["mosha"]), $_POST["email"], $_POST["cel"]) === false) { apologize("Nuk mund të regjistroheni për momentin. Provoni sërish më vonë."); } } else { if ($_POST["type"] == "kompani") { // shto perdoruesin e ri ne tabelen kompani if (query("INSERT INTO kompani (id, emri_kompani, qyteti, adresa, email, cel, pershkrimi) VALUES (?, ?, ?, ?, ?, ?, ?)", $rows[0]["id"], $_POST["emri_kompani"], $_POST["qyteti"], $_POST["adresa"], $_POST["email"], $_POST["cel"], $_POST["pershkrimi"]) === false) {
" /> <?php } ?> </form> </div> <?php } else { ?> <div class="newTopic"> <?php if ($action === "save") { if ($success > 0) { print showAlert("The new topic has been saved correctly", $href); } elseif ($success === 0) { print showAlert("You need to wait 25 seconds to create a new topic", $hrefE); } else { print showAlert("Ooops an unexpected problem has ocurred", "reload"); } } else { if ($success > 0) { print showAlert("The topic has been edited correctly", $href); } else { print showAlert("Ooops an unexpected problem has ocurred", "reload"); } } ?> </div> <?php }