/**
* Remove all HTML
*
* @param string $text HTML text
* @return string Plain text
**/
function strip( $text ) {
$text = preg_replace( preg_encoding( '/<script(.*?)<\/script>/s' ), '', $text );
$text = preg_replace( preg_encoding( '/<!--(.*?)-->/s' ), '', $text );
$text = str_replace( '>', '> ', $text ); // Makes the strip function look better
$text = wp_filter_nohtml_kses( $text );
$text = stripslashes( $text );
$text = preg_replace( preg_encoding( '/<!--(.*?)-->/s' ), '', $text );
$text = strip_html( $text ); // Remove all HTML
return $text;
}
public function testStripHtml()
{
$s = 'hello ' . '<style>.box h1 {text-align:left;}</style>' . '<style type="text/css">.xxx</style>' . '<script>strip me</script>' . '<script language="text/javascript">strip me</script>' . 'world';
$this->assertEquals(strip_html($s), 'hello world');
$this->assertEquals(strip_html('hi<!--comment--> bye'), 'hi bye');
$s = '<!--[if gte mso 9]><x>val</x><![endif]--> res <br/>';
$this->assertEquals(strip_html($s), ' res ');
$s = '<!--[if gte mso 9]><w>0</w><![endif]
-->';
$this->assertEquals(strip_html($s), '');
$s = '<!-- c1 -->SHOULD_SHOW<!-- c2 -->ALWAYS_SHOWS';
$this->assertEquals(strip_html($s), 'SHOULD_SHOWALWAYS_SHOWS');
}
function strip_html(&$data)
{
if (!is_array($data)) {
$data = strip_tags($data);
} else {
foreach ($data as &$v) {
if (is_array($v)) {
strip_html($v);
} else {
$v = strip_tags($v);
}
}
}
}
break;
case "edit":
//editing
if (isset($id)) {
$id = (int) $id;
$edit_cl = CovingLetter::find_by_id_username($id, $user_id);
$edit_title = $edit_cl->cl_title;
$smarty->assign('cl_title', $edit_title);
$edit_text = $edit_cl->cl_text;
$smarty->assign('cl_text', $edit_text);
}
//edit buttn
if (isset($_POST['bt_cl_edit'])) {
//$id = $_POST['id'];
$covingletter->id = (int) $id;
$covingletter->cl_title = strip_html($_POST['txt_name']);
$covingletter->cl_text = strip_tags($_POST['txt_letter'], "\n\t");
$covingletter->fk_employer_id = $user_id;
if ($covingletter && $covingletter->save()) {
$session->message("<div class='success'>" . format_lang('success', 'cl_update_success') . "</div>");
redirect_to(BASE_URL . "covering_letter/");
} else {
$message = "<div class='error'> \r\n\t\t\t\t\t\t\t\t" . get_lang('following_errors') . "\r\n\t\t\t\t\t\t\t<ul> <li />";
$message .= join(" <li /> ", $covingletter->errors);
$message .= " </ul> \r\n\t\t\t\t\t\t\t</div>";
}
}
$html_title = SITE_NAME . " - " . ucfirst(format_lang('edit')) . $edit_title;
$smarty->assign('message', $message);
$smarty->assign('rendered_page', $smarty->fetch('edit_cover_letter.tpl'));
break;
<?php
$req = return_url();
$var_name = $req[1];
$jobs = new Job();
$job = $jobs->find_by_var_name($var_name);
$smarty->assign('job', $job);
$job_id = (int) $job->id;
if ($job && !empty($job)) {
$smarty->assign('job_title', safe_output(strip_html($job->job_title)));
$smarty->assign('job_description', subtrack_string(strip_html($job->job_description), 500));
$smarty->assign('created_at', safe_output(strftime(DATE_FORMAT, strtotime($job->created_at))));
$city = City::find_by_code($job->country, $job->state_province, $job->county, $job->city);
$city_name = empty($city) ? $job->city : $city->name;
$smarty->assign('location', $city_name);
}
if (isset($_POST['bt_send'])) {
$error = array();
/** SNED to email address and check for vaildation on entered emails */
$_SESSION['share']['send_to'] = $send_to = safe_output($_POST['txt_send_to1']);
if ($send_to == "") {
$error[] = format_lang('errormsg', 38);
}
if ($send_to != "") {
$send = split(",", $send_to);
for ($i = 0; $i < sizeof($send); $i++) {
$ch = check_email($send[$i]);
if ($ch == "") {
$error[] = format_lang('error', 'incorrect_format_email') . " - " . $send[$i];
}
}
function get_terms($name, $source, $page, $removenumbers, $removequotations)
{
$page = convert_pdf($page);
print "{$source} document from " . htmlspecialchars($name) . " (" . strlen($page) . " characters";
$page_text = strip_html($page, $removenumbers, $removequotations);
// print ("page_text: $page_text\n");
$result = preg_split('/\\s+/', $page_text);
print ", " . count($result) . " words)<br/>";
return $result;
}
$render .= $features[4] . "^";
//FEATURE5
$render .= $features[5] . "^";
//FEATURE6
$render .= $features[6] . "^";
//FEATURE7
$render .= $features[7] . "^";
//FEATURE8
$render .= $features[8] . "^";
//FEATURE9
$render .= $features[9] . "^";
//FEATURE10
unset($features);
$length = 300 - strlen($row['dea_strapline']);
// 300 is allowed, but i add (cont) so we use 294
$desc = strip_html($row['dea_description']);
$trimmed = preg_replace("/[\r\n]+[\\s\t]*[\r\n]+/", "", $desc);
$trimmed = str_replace("&#039;", "'", $trimmed);
$trimmed = str_replace("&amp;#039;", "'", $trimmed);
$trimmed = str_replace("&eacute;", "�", $trimmed);
$trimmed = substr($trimmed, 0, $length);
$render .= $row['dea_strapline'] . ": " . $trimmed . "^";
//SUMMARY
$longDescription = $row['dea_description'];
if ($row['total_area']) {
$longDescription .= "<p>Approximate Gross Internal Area: " . $row['total_area'] . " square metres</p>";
}
$longDescription .= "<p>For further information or to arrange a viewing, please contact our <b>" . $row['bra_title'] . " Branch</b> on <b>" . $row['bra_tel'] . ".</b></p>";
$longDescription .= "<p>Visit <b>www.woosterstock.co.uk</b> for full details, colour photos, maps and floor plans.</p>";
$longDescription .= "<p>We endeavour to make all our property particulars, descriptions, floor-plans, marketing and local information accurate and reliable but we make no guarantees as to the accuracy of this information. All measurements and dimensions are for guidance only and should not be considered accurate. If there is any point which is of particular importance to you we advise that you contact us to confirm the details; particularly if you are contemplating travelling some distance to view the property. Please note that we have not tested any services or appliances mentioned in property sales details.</p>";
$render .= preg_replace("/[\r\n]+[\\s\t]*[\r\n]+/", "", $longDescription) . "^";
function update_order_details(&$tpl, &$sql, $user_id, $order_id)
{
$domain = strtolower($_POST['domain']);
$domain = get_punny($domain);
$customer_id = strip_html($_POST['customer_id']);
$fname = strip_html($_POST['fname']);
$lname = strip_html($_POST['lname']);
$firm = strip_html($_POST['firm']);
$zip = strip_html($_POST['zip']);
$city = strip_html($_POST['city']);
$country = strip_html($_POST['country']);
$street1 = strip_html($_POST['street1']);
$street2 = strip_html($_POST['street2']);
$email = strip_html($_POST['email']);
$phone = strip_html($_POST['phone']);
$fax = strip_html($_POST['fax']);
$query = <<<SQL_QUERY
update
orders
set
domain_name=?,
\t\t\t\tcustomer_id=?,
fname=?,
lname=?,
firm=?,
zip=?,
city=?,
country=?,
email=?,
phone=?,
fax=?,
street1=?,
street2=?
where
id=?
\t\t\tand
\t\t\t\tuser_id=?
SQL_QUERY;
exec_query($sql, $query, array($domain, $customer_id, $fname, $lname, $firm, $zip, $city, $country, $email, $phone, $fax, $street1, $street2, $order_id, $user_id));
}
<?php
$req = return_url();
$var_name = $req[1];
$page = strip_html($var_name);
$sql = "Select * FROM " . TBL_PAGE . " WHERE pagekey='" . $page . "' ";
$result = $database->query($sql);
$page_ = $database->fetch_object($result);
if (!$page_ && !is_array($page_)) {
redirect_to(BASE_URL . 'page-unavailable/');
exit;
}
$smarty->assign('page', $page_);
$title = strip_html($page_->title);
$smarty->assign('title', $title);
$key = $page_->pagekey;
$pagetext = stripslashes($page_->pagetext);
$smarty->assign('pagetext', $pagetext);
$html_title = SITE_NAME . " - " . $title;
$smarty->assign('message', $message);
$smarty->assign('rendered_page', $smarty->fetch('page.tpl'));
function cleanWebString($theMixed, $theLength = 0, $theSpacer = '')
{
$theResult = '';
$theMixed = (array) $theMixed;
foreach ($theMixed as $theString) {
$theString = (string) $theString;
if ($theString != '') {
$theString = strip_html($theString);
$theString = preg_replace('/' . WS . '' . WS . '+/', ' ', $theString);
$theString = preg_replace('/\\"/', '"', $theString);
$theString = preg_replace('/\'/', ''', $theString);
$theString = preg_replace('/\\>/', '>', $theString);
$theString = preg_replace('/\\</', '<', $theString);
$theString = trim($theString);
if ($theLength > 0) {
$add = '';
if ($theLength < strlen($theString)) {
$add = '...';
}
$theString = substr($theString, 0, $theLength) . $add;
}
if ($theString != '') {
if ($theResult != '') {
$theResult .= '. ';
}
$theString = makeSafeEntities($theString);
//
// $theString = str_ireplace('<','<',$theString);
// $theString = str_ireplace('>','>',$theString);
//
$theResult .= $theString;
}
}
}
return $theResult;
}
$apps[$i]['created_at'] = strftime(DATE_FORMAT, strtotime($job->created_at));
$apps[$i]['job_url'] = "job/" . $job->var_name . "/";
}
$apps[$i]['date_apply'] = strftime(DATE_FORMAT, strtotime($app->date_apply));
$apps[$i]['cover_letter'] = $app->cover_letter;
$apps[$i]['cv_name'] = $app->cv_name;
$apps[$i]['id'] = $app->id;
$i++;
}
$smarty->assign('application', $apps);
} else {
//$message = "<div class='error'>No application(s) found</div>";
}
if (isset($_GET['delete'])) {
if (isset($_GET['delete']) && isset($_GET['job_id']) && $_GET['delete'] == true) {
$jobhistory = new JobHistory();
$jobhistory->fk_employee_id = $user_id;
$jobhistory->fk_job_id = (int) $_GET['job_id'];
$jobhistory->id = (int) $_GET['id'];
if ($jobhistory->delete_job()) {
$session->message("<div class='success'>" . format_lang('success', 'app_delete_success') . "</div>");
redirect_to(BASE_URL . "applications/");
} else {
$message = "<div class='error'>" . format_lang('errormsg', 06) . "</div>";
}
}
}
$html_title = SITE_NAME . " - " . format_lang('page_title', 'my_app') . " " . strip_html($employee->full_name());
$smarty->assign('lang', $lang);
$smarty->assign('message', $message);
$smarty->assign('rendered_page', $smarty->fetch('application.tpl'));
function edit_ticket($id)
{
/* post changes */
global $addrs, $NOTIFY_TICKET;
$post_frm_meridiem_problemstart = empty($_POST) || !empty($_POST) && empty($_POST['frm_meridiem_problemstart']) ? "" : $_POST['frm_meridiem_problemstart'];
$post_frm_meridiem_booked_date = empty($_POST) || !empty($_POST) && empty($_POST['frm_meridiem_booked_date']) ? "" : $_POST['frm_meridiem_booked_date'];
//10/1/09
$post_frm_affected = empty($_POST) || !empty($_POST) && empty($_POST['frm_affected']) ? "" : $_POST['frm_affected'];
$_POST['frm_description'] = strip_html($_POST['frm_description']);
//clean up HTML tags
$post_frm_affected = strip_html($post_frm_affected);
$_POST['frm_scope'] = strip_html($_POST['frm_scope']);
/* if (get_variable('reporting')) { // if any change do automatic action reporting
// if ($_POST[frm_affected] != $_POST[frm_affected_default]) report_action($GLOBALS[ACTION_AFFECTED],$_POST[frm_affected],0,$id);
if ($_POST[frm_severity] != $_POST[frm_severity_default]) report_action($GLOBALS[ACTION_SEVERITY],get_severity($_POST[frm_severity_default]),get_severity($_POST[frm_severity]),$id);
if ($_POST[frm_scope] != $_POST[frm_scope_default]) report_action($GLOBALS[ACTION_SCOPE],$_POST[frm_scope_default],0,$id);
}
*/
if (!get_variable('military_time')) {
//put together date from the dropdown box and textbox values
if ($post_frm_meridiem_problemstart == 'pm') {
$post_frm_meridiem_problemstart = ($post_frm_meridiem_problemstart + 12) % 24;
}
if (isset($_POST['frm_meridiem_booked_date'])) {
//10/1/09
if ($_POST['frm_meridiem_booked_date'] == 'pm') {
$_POST['frm_hour_booked_date'] = ($_POST['frm_hour_booked_date'] + 12) % 24;
}
}
// if ($_POST['frm_meridiem_problemend'] == 'pm') $_POST['frm_hour_problemend'] = ($_POST['frm_hour_problemend'] + 12) % 24;
}
if (empty($post_frm_owner)) {
$post_frm_owner = 0;
}
// $frm_problemstart = $_POST['frm_year_problemstart']-$_POST['frm_month_problemstart']-$_POST['frm_day_problemstart'] $_POST['frm_hour_problemstart']:$_POST['frm_minute_problemstart']:00";
$frm_problemstart = "{$_POST['frm_year_problemstart']}-{$_POST['frm_month_problemstart']}-{$_POST['frm_day_problemstart']} {$_POST['frm_hour_problemstart']}:{$_POST['frm_minute_problemstart']}:00{$post_frm_meridiem_problemstart}";
$curr_groups = $_POST['frm_exist_groups'];
// 6/10/11
$groups = "," . implode(',', $_POST['frm_group']) . ",";
// 6/10/11
// dump($_POST); // 6/10/11
if (!get_variable('military_time')) {
//put together date from the dropdown box and textbox values
if ($post_frm_meridiem_problemstart == 'pm') {
$_POST['frm_hour_problemstart'] = ($_POST['frm_hour_problemstart'] + 12) % 24;
}
if (isset($_POST['frm_meridiem_problemend'])) {
if ($_POST['frm_meridiem_problemend'] == 'pm') {
$_POST['frm_hour_problemend'] = ($_POST['frm_hour_problemend'] + 12) % 24;
}
}
if (isset($_POST['frm_meridiem_booked_date'])) {
//10/1/09
if ($_POST['frm_meridiem_booked_date'] == 'pm') {
$_POST['frm_hour_booked_date'] = ($_POST['frm_hour_booked_date'] + 12) % 24;
}
}
}
$frm_problemend = isset($_POST['frm_year_problemend']) ? quote_smart("{$_POST['frm_year_problemend']}-{$_POST['frm_month_problemend']}-{$_POST['frm_day_problemend']} {$_POST['frm_hour_problemend']}:{$_POST['frm_minute_problemend']}:00") : "NULL";
$frm_booked_date = isset($_POST['frm_year_booked_date']) ? quote_smart("{$_POST['frm_year_booked_date']}-{$_POST['frm_month_booked_date']}-{$_POST['frm_day_booked_date']} {$_POST['frm_hour_booked_date']}:{$_POST['frm_minute_booked_date']}:00") : "NULL";
//10/1/09
if ($_POST['frm_status'] != 1) {
$frm_problemend = "NULL";
}
// perform db update
$now = mysql_format_date(time() - get_variable('delta_mins') * 60);
$by = $_SESSION['user_id'];
// 12/7/10
if (empty($post_frm_owner)) {
$post_frm_owner = 0;
}
// 8/23/08, 9/20/08, 9/22/09 (Facility), 10/1/09 (receiving facility), 6/26/10 (911), 6/10/11
$query = "UPDATE `{$GLOBALS['mysql_prefix']}ticket` SET \n\t\t\t`contact`= " . quote_smart(trim($_POST['frm_contact'])) . ",\n\t\t\t`street`= " . quote_smart(trim($_POST['frm_street'])) . ",\n\t\t\t`city`= " . quote_smart(trim($_POST['frm_city'])) . ",\n\t\t\t`state`= " . quote_smart(trim($_POST['frm_state'])) . ",\n\t\t\t`phone`= " . quote_smart(trim($_POST['frm_phone'])) . ",\n\t\t\t`facility`= " . quote_smart(trim($_POST['frm_facility_id'])) . ",\n\t\t\t`rec_facility`= " . quote_smart(trim($_POST['frm_rec_facility_id'])) . ",\n\t\t\t`lat`= " . quote_smart(trim($_POST['frm_lat'])) . ",\n\t\t\t`lng`= " . quote_smart(trim($_POST['frm_lng'])) . ",\n\t\t\t`scope`= " . quote_smart(trim($_POST['frm_scope'])) . ",\n\t\t\t`owner`= " . quote_smart(trim($post_frm_owner)) . ",\n\t\t\t`severity`= " . quote_smart(trim($_POST['frm_severity'])) . ",\n\t\t\t`in_types_id`= " . quote_smart(trim($_POST['frm_in_types_id'])) . ",\n\t\t\t`status`=" . quote_smart(trim($_POST['frm_status'])) . ",\n\t\t\t`problemstart`=" . quote_smart(trim($frm_problemstart)) . ",\n\t\t\t`problemend`=" . $frm_problemend . ",\n\t\t\t`description`= " . quote_smart(trim($_POST['frm_description'])) . ",\n\t\t\t`comments`= " . quote_smart(trim($_POST['frm_comments'])) . ",\n\t\t\t`nine_one_one`= " . quote_smart(trim($_POST['frm_nine_one_one'])) . ",\n\t\t\t`booked_date`= \t\t{$frm_booked_date},\n\t\t\t`_by` = \t\t\t{$by}, \n\t\t\t`updated`='{$now}'\n\t\t\tWHERE ID='{$id}'";
$result = mysql_query($query) or do_error($query, 'mysql query failed', mysql_error(), __FILE__, __LINE__);
$list = $_POST['frm_exist_groups'];
// 6/10/11
$ex_grps = explode(',', $list);
// 6/10/11
if ($curr_groups != $groups) {
// 6/10/11
foreach ($_POST['frm_group'] as $posted_grp) {
// 6/10/11
if (!in_array($posted_grp, $ex_grps)) {
$tick_stat = $_POST['frm_status'];
$query = "INSERT INTO `{$GLOBALS['mysql_prefix']}allocates` (`group` , `type`, `al_as_of` , `al_status` , `resource_id` , `sys_comments` , `user_id`) VALUES \n\t\t\t\t\t\t\t({$posted_grp}, 1, '{$now}', {$tick_stat}, {$id}, 'Allocated to Group' , {$by})";
$result = mysql_query($query) or do_error($query, 'mysql query failed', mysql_error(), basename(__FILE__), __LINE__);
}
}
foreach ($ex_grps as $existing_grp) {
// 6/10/11
print $existing_grp;
if (in_array($existing_grp, get_allocates(4, $id))) {
if (!in_array($existing_grp, $_POST['frm_group'])) {
$query = "DELETE FROM `{$GLOBALS['mysql_prefix']}allocates` WHERE `type` = 1 AND `group` = '{$existing_grp}' AND `resource_id` = {$id}";
$result = mysql_query($query) or do_error($query, 'mysql query failed', mysql_error(), basename(__FILE__), __LINE__);
}
}
}
}
$query = "SELECT * FROM `{$GLOBALS['mysql_prefix']}assigns` WHERE `ticket_id` = '{$id}' AND (`clear` IS NULL OR DATE_FORMAT(`clear`,'%y') = '00')";
$result = mysql_query($query) or do_error($query, 'mysql query failed', mysql_error(), basename(__FILE__), __LINE__);
$num_assigns = mysql_num_rows($result);
if ($num_assigns != 0) {
// 4/4/11 - added to update any existing assigns record with any ticket changes.
$query = "UPDATE `{$GLOBALS['mysql_prefix']}assigns` SET \n\t\t\t`as_of`='{$now}',\n\t\t\t`status_id`= " . quote_smart(trim($_POST['frm_status'])) . ",\n\t\t\t`user_id`= " . quote_smart(trim($post_frm_owner)) . ",\n\t\t\t`facility_id`= " . quote_smart(trim($_POST['frm_facility_id'])) . ",\n\t\t\t`rec_facility_id`= " . quote_smart(trim($_POST['frm_rec_facility_id'])) . "\n\t\t\tWHERE ticket_id='{$id}'";
$result = mysql_query($query) or do_error($query, 'mysql query failed', mysql_error(), basename(__FILE__), __LINE__);
}
do_log($GLOBALS['LOG_INCIDENT_CHANGE'], $id, 0);
// report change - 3/25/10
if ($_POST['frm_status'] == $GLOBALS['STATUS_CLOSED']) {
// log incident complete - repeats possible
do_log($GLOBALS['LOG_INCIDENT_CLOSE'], $id, 0);
}
switch ($_POST['frm_fac_chng']) {
// log facility changes - 3/25/10
case "0":
// no change
break;
case "1":
do_log($GLOBALS['LOG_FACILITY_INCIDENT_CHANGE'], $id, 0);
//10/1/09
break;
case "2":
do_log($GLOBALS['LOG_CALL_REC_FAC_CHANGE'], $id);
//10/7/09
break;
case "3":
do_log($GLOBALS['LOG_FACILITY_INCIDENT_CHANGE'], $id, 0);
//10/1/09
do_log($GLOBALS['LOG_CALL_REC_FAC_CHANGE'], $id);
//10/7/09
break;
default:
// 8/10/09
// dump($_POST['frm_fac_chng']);
print "ERROR in " . basename(__FILE__) . " " . __LINE__ . "<BR />";
}
// end switch ()
print '<FONT CLASS="header">Ticket <I>' . $_POST['frm_scope'] . '</I> has been updated</FONT><BR /><BR />';
/* show updated ticket */
// notify_user($id, $GLOBALS['NOTIFY_TICKET']);
add_header($id);
show_ticket($id);
$addrs = notify_user($id, $GLOBALS['NOTIFY_TICKET_CHG']);
// returns array or FALSE
unset($_SESSION['active_ticket']);
// 5/4/11
}
$job_description = strip_html($jobs->job_description);
$job_description = subtrack_string($job_description, 800);
$city = City::find_by_code($jobs->country, $jobs->state_province, $jobs->county, $jobs->city);
$city_name = $city ? $city->name : $jobs->city;
$smarty->assign('jobs', $jobs);
$var_name = $jobs->var_name;
$smarty->assign('var_name', $jobs->var_name);
$smarty->assign('job_ref', strip_html($jobs->job_ref));
$smarty->assign('job_title', strip_html($jobs->job_title));
$smarty->assign('job_description', $job_description);
$smarty->assign('location', $city_name);
$smarty->assign('company_name', $company_name);
$smarty->assign('contact_name', $jobs->contact_name);
$smarty->assign('start_date', !empty($jobs->start_date) ? strftime(DATE_FORMAT, strtotime($jobs->start_date)) : '');
$smarty->assign('created_at', strftime(DATE_FORMAT, strtotime($jobs->created_at)));
$html_title = SITE_NAME . " - " . format_lang('page_title', 'apply') . " " . strip_html($jobs->job_title);
$meta_description = seo_words(subtrack_string($jobs->job_description, 150));
$meta_keywords = seo_words(subtrack_string($jobs->job_description, 150));
//end of job details //
///setting fields
$working_status_select_bx = format_lang('select', "working_status");
$smarty->assign('working_status', $working_status_select_bx);
$notice_select_bx = format_lang('select', "notice");
$smarty->assign('notice', $notice_select_bx);
$salary_select_bx = format_lang('select', "salary");
$smarty->assign('salary', $salary_select_bx);
$willing_to_travel_bx = format_lang('select', "far_travel_work");
$smarty->assign('willing_to_travel', $willing_to_travel_bx);
//when button is press
if (isset($_POST['submit'])) {
$_SESSION['apply']['email'] = $email = safe_output($_POST['txt_email1']);
<?php
require_once "../initialise_files.php";
include_once "sessioninc.php";
$plugin_arr = new PluginConfig();
$id = !isset($_REQUEST['id']) ? 0 : $_REQUEST['id'];
$smarty->assign('id', $id);
$k = false;
if (isset($_POST['add'])) {
foreach ($_POST['plugin'] as $key => $data) {
$plugin_arr->id = strip_html($key);
$plugin_arr->plugin_value = strip_html($data);
if ($plugin_arr->update_plugin()) {
$k = true;
}
}
if (isset($k) && $k == true) {
$session->message("<div class='success'> Plugin has been updated successfully. </div>");
redirect_to($_SERVER['PHP_SELF'] . "?id=" . $id);
die;
} else {
redirect_to($_SERVER['PHP_SELF'] . "?id=" . $id);
die;
}
}
$plugin_arr->plugin_id = (int) $id;
$plugin_ = $plugin_arr->get_pluginconfig_by_plugin_id();
$manage_lists = array();
if ($plugin_ && is_array($plugin_)) {
$i = 1;
foreach ($plugin_ as $list) {
$save_search->id = $id;
if ($save_search->delete_saveSearch()) {
$message = "<div class='success'>" . format_lang('success', 'delete_success') . "</div>";
} else {
$message = "<div class='error'>" . format_lang('errormsg', 64) . "</div>";
}
} else {
redirect_to(BASE_URL . "save_search/");
die;
}
$session->message($message);
redirect_to(BASE_URL . "save_search/");
}
$save_search_arr = SaveSearch::find_by_user_id($user_id);
if (!empty($save_search_arr)) {
$search = array();
$i = 1;
foreach ($save_search_arr as $save_search) {
$search[$i]['id'] = $save_search->id;
$search[$i]['reference_name'] = $save_search->reference_name;
$search[$i]['reference'] = urldecode($save_search->reference);
$search[$i]['is_deleted'] = $save_search->is_deleted;
$search[$i]['created_at'] = strftime(DATE_FORMAT, strtotime($save_search->date_save));
$i++;
}
$smarty->assign('save_search', $search);
}
$html_title = SITE_NAME . " - " . format_lang('page_title', 'save_search') . chr(10) . strip_html($employee->full_name());
$smarty->assign('lang', $lang);
$smarty->assign('message', $message);
$smarty->assign('rendered_page', $smarty->fetch('save_search.tpl'));
function updt_ticket($id)
{
/* 1/25/09 */
global $addrs, $NOTIFY_TICKET;
$post_frm_meridiem_problemstart = empty($_POST) || !empty($_POST) && empty($_POST['frm_meridiem_problemstart']) ? "" : $_POST['frm_meridiem_problemstart'];
$post_frm_meridiem_booked_date = empty($_POST) || !empty($_POST) && empty($_POST['frm_meridiem_booked_date']) ? "" : $_POST['frm_meridiem_booked_date'];
//10/1/09
$post_frm_affected = empty($_POST) || !empty($_POST) && empty($_POST['frm_affected']) ? "" : $_POST['frm_affected'];
$_POST['frm_description'] = strip_html($_POST['frm_description']);
//clean up HTML tags
$post_frm_affected = strip_html($post_frm_affected);
$_POST['frm_scope'] = strip_html($_POST['frm_scope']);
if (!get_variable('military_time')) {
//put together date from the dropdown box and textbox values
if ($post_frm_meridiem_problemstart == 'pm') {
$post_frm_meridiem_problemstart = ($post_frm_meridiem_problemstart + 12) % 24;
}
}
if (!get_variable('military_time')) {
//put together date from the dropdown box and textbox values
if ($post_frm_meridiem_booked_date == 'pm') {
$post_frm_meridiem_booked_date = ($post_frm_meridiem_booked_date + 12) % 24;
}
}
if (empty($post_frm_owner)) {
$post_frm_owner = 0;
}
$frm_problemstart = "{$_POST['frm_year_problemstart']}-{$_POST['frm_month_problemstart']}-{$_POST['frm_day_problemstart']} {$_POST['frm_hour_problemstart']}:{$_POST['frm_minute_problemstart']}:00{$post_frm_meridiem_problemstart}";
if (intval($_POST['frm_status']) == 3) {
// 1/21/11
$frm_booked_date = "{$_POST['frm_year_booked_date']}-{$_POST['frm_month_booked_date']}-{$_POST['frm_day_booked_date']} {$_POST['frm_hour_booked_date']}:{$_POST['frm_minute_booked_date']}:00{$post_frm_meridiem_booked_date}";
} else {
// $frm_booked_date = "NULL";
$frm_booked_date = "";
// 6/20/10
}
if (!get_variable('military_time')) {
//put together date from the dropdown box and textbox values
if ($post_frm_meridiem_problemstart == 'pm') {
$_POST['frm_hour_problemstart'] = ($_POST['frm_hour_problemstart'] + 12) % 24;
}
if (isset($_POST['frm_meridiem_problemend'])) {
if ($_POST['frm_meridiem_problemend'] == 'pm') {
$_POST['frm_hour_problemend'] = ($_POST['frm_hour_problemend'] + 12) % 24;
}
}
if (isset($_POST['frm_meridiem_booked_date'])) {
//10/1/09
if ($_POST['frm_meridiem_booked_date'] == 'pm') {
$_POST['frm_hour_booked_date'] = ($_POST['frm_hour_booked_date'] + 12) % 24;
}
}
}
$frm_problemend = isset($_POST['frm_year_problemend']) ? quote_smart("{$_POST['frm_year_problemend']}-{$_POST['frm_month_problemend']}-{$_POST['frm_day_problemend']} {$_POST['frm_hour_problemend']}:{$_POST['frm_minute_problemend']}:00") : "NULL";
$now = mysql_format_date(time() - intval(get_variable('delta_mins') * 60));
// 6/20/10
if (empty($post_frm_owner)) {
$post_frm_owner = 0;
}
// $inc_num_ary = unserialize (get_variable('_inc_num')); // 11/13/10
$temp = get_variable('_inc_num');
// 3/2/11
$inc_num_ary = strpos($temp, "{") > 0 ? unserialize($temp) : unserialize(base64_decode($temp));
$name_rev = $_POST['frm_scope'];
if ($inc_num_ary[0] == 0) {
// no auto numbering scheme
switch (get_variable('serial_no_ap')) {
// incident name revise -1/22/09
case 0:
/* no serial no. */
$name_rev = $_POST['frm_scope'];
break;
case 1:
/* prepend */
$name_rev = $id . "/" . $_POST['frm_scope'];
break;
case 2:
/* append */
$name_rev = $_POST['frm_scope'] . "/" . $id;
break;
default:
/* error???? */
$name_rev = " error error error ";
}
// end switch
// 8/23/08, 9/20/08, 8/13/09
}
// end if()
$facility_id = empty($_POST['frm_facility_id']) ? 0 : trim($_POST['frm_facility_id']);
// 9/28/09
$rec_facility_id = empty($_POST['frm_rec_facility_id']) ? 0 : trim($_POST['frm_rec_facility_id']);
// 9/28/09
$groups = "," . implode(',', $_POST['frm_group']) . ",";
// 6/10/11
if ($facility_id > 0) {
// 9/22/09
$query_g = "SELECT * FROM {$GLOBALS['mysql_prefix']}facilities WHERE `id`= {$facility_id} LIMIT 1";
$result_g = mysql_query($query_g) or do_error($query_g, 'mysql query failed', mysql_error(), basename(__FILE__), __LINE__);
$row_g = stripslashes_deep(mysql_fetch_array($result_g));
$the_lat = $row_g['lat'];
// use facility location
$the_lng = $row_g['lng'];
} else {
$the_lat = quote_smart(trim($_POST['frm_lat']));
// use incident location
$the_lng = quote_smart(trim($_POST['frm_lng']));
}
if (strlen($the_lat) < 3 && strlen($the_lng) < 3) {
// 1/29/11
$the_lat = $the_lng = 0.999999;
}
// perform db update //9/22/09 added facility capability, 10/1/09 added receiving facility
@session_start();
$by = $_SESSION['user_id'];
// $booked_date = empty($frm_booked_date)? "NULL" : quote_smart(trim($frm_booked_date)) ; // 6/20/10
$booked_date = intval(trim($_POST['frm_do_scheduled']) == 1) ? quote_smart($frm_booked_date) : "NULL";
// 1/2/11, 1/19/10
// die;
// 6/26/10
$query = "UPDATE `{$GLOBALS['mysql_prefix']}ticket` SET \n\t\t\t\t`contact`= " . quote_smart(trim($_POST['frm_contact'])) . ",\n\t\t\t\t`street`= " . quote_smart(trim($_POST['frm_street'])) . ",\n\t\t\t\t`city`= " . quote_smart(trim($_POST['frm_city'])) . ",\n\t\t\t\t`state`= " . quote_smart(trim($_POST['frm_state'])) . ",\n\t\t\t\t`phone`= " . quote_smart(trim($_POST['frm_phone'])) . ",\n\t\t\t\t`facility`= " . quote_smart($facility_id) . ",\n\t\t\t\t`rec_facility`= " . quote_smart($rec_facility_id) . ",\n\t\t\t\t`lat`= " . $the_lat . ",\n\t\t\t\t`lng`= " . $the_lng . ",\n\t\t\t\t`scope`= " . quote_smart(trim($name_rev)) . ",\n\t\t\t\t`owner`= " . quote_smart(trim($post_frm_owner)) . ",\n\t\t\t\t`severity`= " . quote_smart(trim($_POST['frm_severity'])) . ",\n\t\t\t\t`in_types_id`= " . quote_smart(trim($_POST['frm_in_types_id'])) . ",\n\t\t\t\t`status`=" . quote_smart(trim($_POST['frm_status'])) . ",\n\t\t\t\t`problemstart`=" . quote_smart(trim($frm_problemstart)) . ",\n\t\t\t\t`problemend`=" . $frm_problemend . ",\n\t\t\t\t`description`= " . quote_smart(trim($_POST['frm_description'])) . ",\n\t\t\t\t`comments`= " . quote_smart(trim($_POST['frm_comments'])) . ",\n\t\t\t\t`nine_one_one`= " . quote_smart(trim($_POST['frm_nine_one_one'])) . ",\n\t\t\t\t`booked_date`= " . $booked_date . ",\n\t\t\t\t`date`='{$now}',\n\t\t\t\t`updated`='{$now}',\n\t\t\t\t`_by` = {$by}\n\t\t\t\tWHERE ID={$id}";
$result = mysql_query($query) or do_error($query, 'mysql query failed', mysql_error(), basename(__FILE__), __LINE__);
$tick_stat = $_POST['frm_status'];
// 6/10/11
$prob_start = quote_smart(trim($frm_problemstart));
// 6/10/11
foreach ($_POST['frm_group'] as $grp_val) {
// 6/10/11
if (test_allocates($id, $grp_val, 1)) {
$query_a = "INSERT INTO `{$GLOBALS['mysql_prefix']}allocates` (`group` , `type`, `al_as_of` , `al_status` , `resource_id` , `sys_comments` , `user_id`) VALUES \n\t\t\t\t\t\t({$grp_val}, 1, '{$now}', {$tick_stat}, {$id}, 'Allocated to Group' , {$by})";
$result_a = mysql_query($query_a) or do_error($query_a, 'mysql query failed', mysql_error(), basename(__FILE__), __LINE__);
}
}
do_log($GLOBALS['LOG_INCIDENT_OPEN'], $id);
if (intval($facility_id) > 0) {
//9/22/09, 10/1/09, 3/24/10
do_log($GLOBALS['LOG_FACILITY_INCIDENT_OPEN'], $id, '', 0, $facility_id);
// - 7/11/10
}
if (intval($rec_facility_id) > 0) {
do_log($GLOBALS['LOG_CALL_REC_FAC_SET'], $id, 0, 0, 0, $rec_facility_id);
// 6/20/10 - 7/11/10
}
$the_year = date("y");
if ((int) $inc_num_ary[0] == 3 && !($inc_num_ary[5] == $the_year)) {
// year style and change?
$inc_num_ary[3] = 1;
// roll over and start at 1
$inc_num_ary[5] = $the_year;
} else {
if ((int) $inc_num_ary[0] > 0) {
// step to next no. if scheme in use
$inc_num_ary[3]++;
// do the deed for next use
}
$out_str = base64_encode(serialize($inc_num_ary));
// 3/2/11
$query = "UPDATE`{$GLOBALS['mysql_prefix']}settings` SET `value` = '{$out_str}' WHERE `name` = '_inc_num'";
$result = mysql_query($query) or do_error($query, 'mysql query failed', mysql_error(), basename(__FILE__), __LINE__);
}
return $name_rev;
}
/**
* Clean a piece of text suitable for indexing
* This removes all HTML, removes most entities and empty spaces
*
* @param string $text Text to clean
* @return string Cleaned text
**/
function clean_for_search($text)
{
// Save HREF and ALT attributes
preg_match_all('/ href=["\'](.*?)["\']/iu', $text, $href);
preg_match_all('/ alt=["\'](.*?)["\']/iu', $text, $alt);
preg_match_all('/ title=["\'](.*?)["\']/iu', $text, $title);
// Remove comments and JavaScript
$text = preg_replace(preg_encoding('/<script(.*?)<\\/script>/s'), '', $text);
$text = preg_replace(preg_encoding('/<!--(.*?)-->/s'), '', $text);
$text = str_replace('<', ' <', $text);
// Insert a space before HTML so the strip will have seperate words
$text = preg_replace('/&#\\d*;/', '', $text);
$text = addslashes(wp_kses(stripslashes(strip_html($text)), array()));
$text = preg_replace(preg_encoding('/&\\w*;/'), ' ', $text);
// Removes entities
$text = str_replace("'", '', $text);
$text = str_replace('­', '', $text);
$text = preg_replace(preg_encoding('/[\'!;#$%&\\,_\\+=\\?\\(\\)\\[\\]\\{\\}\\"<>`]/'), ' ', $text);
if (count($href) > 0) {
$text .= ' ' . implode(' ', $href[1]);
}
if (count($alt) > 0) {
$text .= ' ' . implode(' ', $alt[1]);
}
if (count($title) > 0) {
$text .= ' ' . implode(' ', $title[1]);
}
while (preg_match(preg_encoding('/\\s{2}/'), $text, $matches) > 0) {
$text = preg_replace(preg_encoding('/\\s{2}/'), ' ', $text);
}
$text = str_replace('"', '', $text);
$text = str_replace($this->blog_url, '', $text);
return stripslashes(trim($text));
}
function dctl_getValueFromClass($value)
{
$returnText = '';
global $cachedCLASS;
$xpath = 'id("' . $value . '")/eg[@xml:lang="it"]/text()';
$returnText = $cachedCLASS->xpath($xpath);
$returnText = strip_html($returnText[0]);
return $returnText;
}
function slugify($post)
{
global $config;
$slug = "";
if (isset($post['subject']) && $post['subject']) {
$slug = $post['subject'];
} elseif (isset($post['body_nomarkup']) && $post['body_nomarkup']) {
$slug = $post['body_nomarkup'];
} elseif (isset($post['body']) && $post['body']) {
$slug = strip_html($post['body']);
}
// Fix UTF-8 first
$slug = mb_convert_encoding($slug, "UTF-8", "UTF-8");
// Transliterate local characters like ü, I wonder how would it work for weird alphabets :^)
$slug = iconv("UTF-8", "ASCII//TRANSLIT//IGNORE", $slug);
// Remove Tinyboard custom markup
$slug = preg_replace("/<tinyboard [^>]+>.*?<\\/tinyboard>/s", '', $slug);
// Downcase everything
$slug = strtolower($slug);
// Strip bad characters, alphanumerics should suffice
$slug = preg_replace('/[^a-zA-Z0-9]/', '-', $slug);
// Replace multiple dashes with single ones
$slug = preg_replace('/-+/', '-', $slug);
// Strip dashes at the beginning and at the end
$slug = preg_replace('/^-|-$/', '', $slug);
// Slug should be X characters long, at max (80?)
$slug = substr($slug, 0, $config['slug_max_size']);
// Slug is now ready
return $slug;
}
/**
* Saves a page
*
*/
function save()
{
/* Check if the default lang URL or the default lang title are set
* One of these need to be set to save the page
*
*/
if ($this->_check_before_save() == TRUE) {
$id = $this->input->post('id_page');
// try to get the page with one of the form provided URL
$urls = array_values($this->_get_urls());
// Clear the cache
Cache()->clear_cache();
// Prepare data before save
$this->_prepare_data();
// Save Page
$saved_id = $this->page_model->save($this->data, $this->lang_data);
// Correct DB integrity : links URL and names, childrens pages menus
if (!empty($id)) {
$this->page_model->correct_integrity($this->data, $this->lang_data);
// Correct pages levels regarding parents.
$this->system_check_model->check_page_level(TRUE);
}
// Save extends fields data
$this->extend_field_model->save_data('page', $saved_id, $_POST);
// Save linked access groups authorizations
// $this->base_model->join_items_keys_to('user_groups', $this->input->post('groups'), 'page', $this->id);
// Save Home page
if ($this->data['home'] == '1') {
$this->page_model->update_home_page($saved_id);
}
// Save the Sitemap
$this->structure->build_sitemap();
// Prepare the Json answer
$page = array_merge($this->lang_data[Settings::get_lang('default')], $this->page_model->get($saved_id));
$page['menu'] = $this->menu_model->get($page['id_menu']);
// Remove HTML tags from returned array
strip_html($page);
if (empty($id)) {
// Used by JS Tree to detect if page in inserted in tree or not
$page['inserted'] = TRUE;
$this->callback = array('fn' => $page['menu']['name'] . 'Tree.insertElement', 'args' => array($page, 'page'));
} else {
$this->callback = array('fn' => 'ION.updateTreePage', 'args' => $page);
}
$this->update[] = array('element' => 'mainPanel', 'url' => admin_url() . 'page/edit/' . $saved_id, 'title' => lang('ionize_title_edit_page'));
// Answer
$this->success(lang('ionize_message_page_saved'));
} else {
$this->error(lang('ionize_message_page_needs_url_or_title'));
}
}
}
$smarty->assign('experience', $experience_t);
}
$categories = Category::find_all();
if (is_array($categories) and !empty($categories)) {
$category_t = array();
foreach ($categories as $category) {
$category_t[$category->id] = $category->cat_name;
}
$smarty->assign('category', $category_t);
}
///when button is press run this
if (isset($_POST['bt_add'])) {
$_SESSION['add_job']['job_ref'] = $job->job_ref = $_POST['txt_ref_code'];
$job->var_name = $job->mod_write_check($_POST['txt_job_title'], $old_var_name);
$_SESSION['add_job']['job_title'] = $job->job_title = strip_html(stripHTMLTags($_POST['txt_job_title']));
$_SESSION['add_job']['job_desc'] = $job->job_description = allowedTags($_POST['txt_job_desc']);
$_SESSION['add_job']['job_postion'] = $job->job_postion = $_POST['txt_position'];
$_SESSION['add_job']['salary'] = $job->job_salary = $_POST['txt_salary'];
$_SESSION['add_job']['freq'] = $job->salaryfreq = $_POST['txt_salaryfreq'];
$_SESSION['add_job']['cname'] = $job->contact_name = $_POST['txt_contact_name'];
$_SESSION['add_job']['tn'] = $job->contact_telephone = $_POST['txt_telephone'];
$_SESSION['add_job']['sl'] = $job->site_link = $_POST['txt_site_link'];
$_SESSION['add_job']['email'] = $job->poster_email = $_POST['txt_email'];
$_SESSION['add_job']['jsd'] = $job->start_date = $_POST['txt_start_date'];
if (is_array($_POST['txt_job_type']) && !empty($_POST['txt_job_type'])) {
$type_selected = array();
foreach ($_POST['txt_job_type'] as $key => $value) {
$type_selected[] = $value;
}
}
function viewingForm($propId, $strState, $SaleLet)
{
global $CONFIG, $db;
if ($SaleLet == 'Lettings') {
$statusMsgUO = 'Let S.T.C';
$statusMsgSold = 'Let';
} else {
$statusMsgUO = 'Under Offer';
$statusMsgSold = 'Sold';
}
// viewing form
if ($strState == 'Available') {
if ($_POST['action'] == 'arrangeviewing') {
if (!trim($_POST['name'])) {
$errors['name'] = true;
} else {
$name = trim(strip_html($_POST['name']));
$_SESSION['viewing']['name'] = $name;
}
if (!trim($_POST['email'])) {
$errors['email'] = true;
} else {
$email = trim(strip_html($_POST['email']));
$_SESSION['viewing']['email'] = $email;
}
if (!trim($_POST['telephone'])) {
$errors['telephone'] = true;
} else {
$telephone = trim(strip_html($_POST['telephone']));
$_SESSION['viewing']['telephone'] = $telephone;
}
$datetime = trim(strip_html($_POST['datetime']));
} else {
$name = $_SESSION['viewing']['name'];
$email = $_SESSION['viewing']['email'];
$telephone = $_SESSION['viewing']['telephone'];
}
if (!$name) {
$name = $_SESSION['register']['name'];
}
if (!$email) {
$email = $_SESSION['register']['email'];
}
if (!$telephone) {
$telephone = $_SESSION['register']['tel'];
}
$viewing_form = '
<form method="post" action="">
<label>Name</label>
<input type="text" name="name" value="' . $name . '" />
<label>Email</label>
<input type="text" name="email" value="' . $email . '" />
<label>Telephone</label>
<input type="text" name="telephone" value="' . $telephone . '" />
<label>Preferred Date and Time</label>
<textarea name="datetime" rows="3" cols="10">' . $datetime . '</textarea>
<input type="submit" value="Send »" class="submit" />
<input type="hidden" name="action" value="arrangeviewing" />
</form>';
if ($_POST['action'] == 'arrangeviewing' && !$errors) {
// set up session variables for use in other forms
$_SESSION['register']['fname'] = $fname;
$_SESSION['register']['sname'] = $sname;
$_SESSION['register']['name'] = $fname . ' ' . $sname;
$_SESSION['register']['tel'] = $telephone;
$_SESSION['register']['email'] = $email;
$sql = "SELECT pro_addr3,pro_addr4,pro_addr5,pro_postcode,pro_postcode AS pro_fullpostcode,bra_title,bra_email,bra_tel,deal.*,CONCAT(use_fname,' ',use_sname) AS use_name\n\t\tFROM deal\n\t\tLEFT JOIN property ON deal.dea_prop = property.pro_id\n\t\tLEFT JOIN branch ON dea_branch = bra_id\n\t\tLEFT JOIN user ON dea_neg = use_id\n\t\tWHERE dea_id = {$propId}";
$q = $db->query($sql);
while ($row = $q->fetchRow()) {
$pcSplit = explode(" ", $row['pro_postcode']);
$row['pro_postcode'] = $pcSplit[0];
$address = $row['pro_addr3'] . ', ' . $row['pro_postcode'];
$description = $row['dea_strapline'];
$price = $row['dea_marketprice'];
$branch = $row['bra_title'];
$branchtel = $row['bra_tel'];
$branchemail = $row['bra_email'];
$use_name = $row['use_name'];
}
// send email
$EmailSubject = "Arrange viewing: " . $address;
// Message to Client
$html_body = '<html>
<head></head>
<body>
<span style="font-family:Arial, Helvetica, sans-serif; font-size:13px; color:#000000">
<p>Hi ' . $name . ',</p>
<p>Many thanks for your interest. We will be getting back to you shortly to confirm your viewing. Please do call us at any time if you would like to speak to a negotiator to discuss your requirements further.</p>
<p>Contact our ' . $branch . ' office on ' . $branchtel . '</p>
<p>' . $description . '<br />' . $address . '<br />' . format_price($price) . '<br />
<a href="' . $CONFIG['SITE_URL'] . 'details/' . $propId . '.html">' . $CONFIG['SITE_URL'] . 'details/' . $propId . '.html</a></p>
</span>
' . email_footer("html", $email, $name);
$text_body = '
Hi ' . $strName . ',
Many thanks for your interest. We will be getting back to you shortly to confirm your viewing. Please do call us at any
time if you would like to speak to a negotiator to discuss your requirements further.
Contact our ' . $branch . ' office on ' . $branchtel . '
' . $description . '
' . $address . '
' . format_price($price) . '<br />
' . $CONFIG['SITE_URL'] . 'details/' . $propId . '.html
' . email_footer("text", $email, $name);
$text = $text_body;
$html = $html_body;
$crlf = "\r\n";
$hdrs = array('From' => $branchemail, 'Subject' => $EmailSubject);
$mime = new Mail_mime($crlf);
$mime->setTXTBody($text);
$mime->setHTMLBody($html);
$body = $mime->get();
$hdrs = $mime->headers($hdrs);
$mail =& Mail::factory('mail');
$mail->send($email, $hdrs, $body);
// message to Office
$EmailBody = 'Name: ' . $name . '
Tel: ' . $telephone . '
Email: ' . $email . '
Would like to arrange a viewing of:
Address: ' . $address . '
Price: ' . $price . '
Link: ' . $CONFIG['SITE_URL'] . 'details/' . $propId . '.html
Date/Time: ' . $datetime . '
Property ID: ' . $propId . '
Sent: ' . date('r') . '
';
$text = $EmailBody;
$subject = "(" . $use_name . ") - " . $EmailSubject;
$crlf = "\r\n";
$hdrs = array('From' => $email, 'Subject' => $subject);
$mime = new Mail_mime($crlf);
$mime->setTXTBody($text);
$body = $mime->get();
$hdrs = $mime->headers($hdrs);
$mail =& Mail::factory('mail');
$mail->send($branchemail, $hdrs, $body);
return '<p>Thank you for your message</p>';
} elseif ($_POST['action'] == 'arrangeviewing' && $errors) {
// error messgae
return '<p class="error">Please fill in all the fields</p>' . $viewing_form;
} else {
// view form
return $viewing_form;
}
} elseif ($strState == 'Under Offer' || $strStatus == 'Under Offer with Other') {
if ($_POST['action'] == 'arrangeviewing') {
if (!trim($_POST['name'])) {
$errors['name'] = true;
} else {
$name = trim($_POST['name']);
$_SESSION['viewing']['name'] = $name;
}
if (!trim($_POST['email'])) {
$errors['email'] = true;
} else {
$email = trim($_POST['email']);
$_SESSION['viewing']['email'] = $email;
}
if (!trim($_POST['telephone'])) {
$errors['telephone'] = true;
} else {
$telephone = trim($_POST['telephone']);
$_SESSION['viewing']['telephone'] = $telephone;
}
} else {
$name = $_SESSION['viewing']['name'];
$email = $_SESSION['viewing']['email'];
$telephone = $_SESSION['viewing']['telephone'];
}
if (!$name) {
$name = $_SESSION['register']['name'];
}
if (!$email) {
$email = $_SESSION['register']['email'];
}
if (!$telephone) {
$telephone = $_SESSION['register']['tel'];
}
$viewing_form = '
<form method="post" action="">
<label>Name</label>
<input type="text" name="name" value="' . $name . '" />
<label>Email</label>
<input type="text" name="email" value="' . $email . '" />
<label>Telephone</label>
<input type="text" name="telephone" value="' . $telephone . '" />
<input type="submit" value="Send »" class="submit" />
<input type="hidden" name="action" value="arrangeviewing" />
</form>';
if ($_POST['action'] == 'arrangeviewing' && !$errors) {
// set up session variables for use in other forms
$_SESSION['register']['fname'] = $fname;
$_SESSION['register']['sname'] = $sname;
$_SESSION['register']['name'] = $fname . ' ' . $sname;
$_SESSION['register']['tel'] = $telephone;
$_SESSION['register']['email'] = $email;
// send email
$sql = "SELECT pro_addr3,pro_addr4,pro_addr5,pro_postcode,pro_postcode AS pro_fullpostcode,bra_title,bra_email,bra_tel,deal.*,CONCAT(use_fname,' ',use_sname) AS use_name\n\t\tFROM deal\n\t\tLEFT JOIN property ON deal.dea_prop = property.pro_id\n\t\tLEFT JOIN branch ON dea_branch = bra_id\n\t\tLEFT JOIN user ON dea_neg = use_id\n\t\tWHERE dea_id = {$propId}";
$q = $db->query($sql);
while ($row = $q->fetchRow()) {
$pcSplit = explode(" ", $row['pro_postcode']);
$row['pro_postcode'] = $pcSplit[0];
$address = $row['pro_addr3'] . ', ' . $row['pro_postcode'];
$description = $row['dea_strapline'];
$price = $row['dea_marketprice'];
$branch = $row['bra_title'];
$branchtel = $row['bra_tel'];
$branchemail = $row['bra_email'];
$use_name = $row['use_name'];
}
// send email
$EmailSubject = "Register interest: " . $address;
// Message to Client
$html_body = '<html>
<head></head>
<body>
<span style="font-family:Arial, Helvetica, sans-serif; font-size:13px; color:#000000">
<p>Hi ' . $name . ',</p>
<p>Many thanks for your interest. We will let you know if this property comes back on the market. Please do call us at any time if you would like to speak to a negotiator to discuss your requirements further.</p>
<p>Contact our ' . $branch . ' office on ' . $branchtel . '</p>
<p>' . $description . '<br />' . $address . '<br />' . format_price($price) . '<br />
<a href="' . $CONFIG['SITE_URL'] . 'details/' . $propId . '.html">' . $CONFIG['SITE_URL'] . 'details/' . $propId . '.html</a></p>
</span>
' . email_footer("html", $email, $name);
$text_body = '
Hi ' . $strName . ',
Many thanks for your interest. We will let you know if this property comes back on the market. Please do call us at any
time if you would like to speak to a negotiator to discuss your requirements further.
Contact our ' . $branch . ' office on ' . $branchtel . '
' . $description . '
' . $address . '
' . format_price($price) . '<br />
' . $CONFIG['SITE_URL'] . 'details/' . $propId . '.html
' . email_footer("text", $email, $name);
$text = $text_body;
$html = $html_body;
$crlf = "\r\n";
$hdrs = array('From' => $branchemail, 'Subject' => $EmailSubject);
$mime = new Mail_mime($crlf);
$mime->setTXTBody($text);
$mime->setHTMLBody($html);
$body = $mime->get();
$hdrs = $mime->headers($hdrs);
$mail =& Mail::factory('mail');
$mail->send($email, $hdrs, $body);
// message to Office
$EmailBody = 'Name: ' . $name . '
Tel: ' . $telephone . '
Email: ' . $email . '
Would like to register interest in:
Address: ' . $address . '
Price: ' . $price . '
Link: ' . $CONFIG['SITE_URL'] . '/details/' . $propId . '
Date/Time: ' . $datetime . '
Property ID: ' . $propId . '
Sent: ' . date('r') . '
';
$text = $EmailBody;
$subject = "(" . $use_name . ") - " . $EmailSubject;
$crlf = "\r\n";
$hdrs = array('From' => $email, 'Subject' => $subject);
$mime = new Mail_mime($crlf);
$mime->setTXTBody($text);
$body = $mime->get();
$hdrs = $mime->headers($hdrs);
$mail =& Mail::factory('mail');
$mail->send($branchemail, $hdrs, $body);
return '<p>Thank you for your message</p>';
} elseif ($_POST['action'] == 'arrangeviewing' && $errors) {
// error messgae
return '<p><span style="color:#FF0000;">This property is currently ' . $statusMsgUO . '</span></p>
<p>It is not possible to view this property but if you fill in the form below we will let you know if this property becomes available again.</p>
<p class="error">Please fill in all the fields</p>
' . $viewing_form;
} else {
// view form
return '<p><span style="color:#FF0000;">This property is currently ' . $statusMsgUO . '</span></p>
<p>It is not possible to view this property but if you fill in the form below we will let you know if this property becomes available again.</p>
' . $viewing_form;
}
} else {
return '
<p>This property is ' . $statusMsgSold . '</p>
<p>It is not possible to view this property.</p>
<p>Please <a href="' . $CONFIG['SITE_URL'] . 'register">register with us</a> for up to the minute updates by email</p>
';
}
}
<?php
require_once "../initialise_files.php";
include_once 'sessioninc.php';
$setting = new Setting();
$k = false;
if (isset($_POST['add'])) {
foreach ($_POST['setting'] as $key => $data) {
$setting->setting_name = strip_html($key);
$setting->value = strip_html($data);
if ($setting->update_setting()) {
$k = true;
}
}
//die;
if (isset($k) && $k == true) {
$session->message("<div class='success'> Setting has been updated successfully. </div>");
redirect_to($_SERVER['PHP_SELF']);
die;
} else {
redirect_to($_SERVER['PHP_SELF']);
die;
}
}
$id = $setting->fk_category_id = 2;
$smarty->assign('id', $id);
$get_cat_name = $setting->get_setting_name($id);
$cat_description = $get_cat_name['category_desc'];
$smarty->assign('cat_description', $cat_description);
$title = $setting->get_setting_by_setting_name('PAGE_TITLE');
$smarty->assign('title', $title->title);
<?php
require_once 'SOAP/Client.php';
$key = 'cSlFdvpQFHIiGEpLTO2YzQq55k1G4519';
$query = '"Sterling Hughes"';
$wsdlurl = 'GoogleSearch.wsdl';
$WSDL = new SOAP_WSDL($wsdlurl);
$client = $WSDL->getProxy();
$response = $client->doGoogleSearch($key, $query, 0, 10, false, '', false, '', '', '');
foreach ($response->resultElements as $result) {
echo str_repeat(' ', 40);
strip_html($result->title);
echo "{$result->title}\n";
echo str_repeat(' ', 40);
echo "({$result->URL})\n";
echo "\n";
strip_html($result->snippet);
echo $result->snippet;
echo "\n\n";
}
function strip_html(&$text)
{
$text = preg_replace('/<.*?>/', '', $text);
}
}
} // end function set_signal()
</SCRIPT>
</HEAD>
<?php
print $get_action == "add" || $get_action == "update" ? "<BODY onLoad = 'do_notify(); ck_window();' onUnload='GUnload();'>\n" : "<BODY onLoad = 'ck_window();'>\n";
if ($get_action == 'add') {
/* update ticket */
$now = mysql_format_date(time() - get_variable('delta_mins') * 60);
if ($_GET['ticket_id'] == '' or $_GET['ticket_id'] <= 0 or !check_for_rows("SELECT * FROM `{$GLOBALS['mysql_prefix']}ticket` WHERE id='{$_GET['ticket_id']}' LIMIT 1")) {
print "<FONT CLASS='warn'>Invalid Ticket ID: '{$_GET['ticket_id']}'</FONT>";
} elseif ($_POST['frm_description'] == '') {
print '<FONT CLASS="warn">Please enter Description.</FONT><BR />';
} else {
$_POST['frm_description'] = strip_html($_POST['frm_description']);
//fix formatting, custom tags etc.
$post_frm_meridiem_asof = empty($_POST['frm_meridiem_asof']) ? "" : $_POST['frm_meridiem_asof'];
$frm_asof = "{$_POST['frm_year_asof']}-{$_POST['frm_month_asof']}-{$_POST['frm_day_asof']} {$_POST['frm_hour_asof']}:{$_POST['frm_minute_asof']}:00{$post_frm_meridiem_asof}";
// 8/15/10
$query = "SELECT * FROM `{$GLOBALS['mysql_prefix']}patient` WHERE \n \t\t\t`description` =\t'" . addslashes($_POST['frm_description']) . "' AND\n \t\t\t`ticket_id` =\t'{$_GET['ticket_id']}' AND\n \t\t\t`user` =\t\t'{$_SESSION['user_id']}' AND\n \t\t\t`action_type` =\t'{$GLOBALS['ACTION_COMMENT']}' AND \n \t\t\t`name` = \t\t'" . addslashes($_POST['frm_name']) . "' AND \n \t\t\t`updated` =\t\t'{$frm_asof}' LIMIT 1";
$result = mysql_query($query) or do_error($query, 'mysql_query() failed', mysql_error(), basename(__FILE__), __LINE__);
if (mysql_affected_rows() == 0) {
// not a duplicate - 8/15/10
if (array_key_exists('frm_fullname', $_POST)) {
// 6/22/11
$ins_data = "\n\t\t\t\t\t\t`fullname`\t= " . quote_smart(addslashes(trim($_POST['frm_fullname']))) . ",\n\t\t\t\t\t\t`dob`\t= " . quote_smart(addslashes(trim($_POST['frm_dob']))) . ",\n\t\t\t\t\t\t`gender`\t= " . quote_smart(addslashes(trim($_POST['frm_gender_val']))) . ",\n\t\t\t\t\t\t`insurance_id`\t=" . quote_smart(addslashes(trim($_POST['frm_ins_id']))) . ",\n\t\t\t\t\t\t`facility_contact` = " . quote_smart(addslashes(trim($_POST['frm_fac_cont']))) . ",";
} else {
$ins_data = "";
}
$query = "INSERT INTO `{$GLOBALS['mysql_prefix']}patient` SET \n\t \t\t\t{$ins_data}\n\t \t\t\t`description`= " . quote_smart(addslashes(trim($_POST['frm_description']))) . ",\n\t \t\t\t`ticket_id`= " . quote_smart(addslashes(trim($_GET['ticket_id']))) . ",\n\t \t\t\t`date`= " . quote_smart(addslashes(trim($now))) . ",\n\t \t\t\t`user`= " . quote_smart(addslashes(trim($_SESSION['user_id']))) . ",\n\t \t\t\t`action_type` = " . quote_smart(addslashes(trim($GLOBALS['ACTION_COMMENT']))) . ",\n\t \t\t\t`name` = " . quote_smart(addslashes(trim($_POST['frm_name']))) . ", \n\t \t\t\t`updated` = " . quote_smart(addslashes(trim($frm_asof)));
function seo_words($str)
{
$str = remove_accent($str);
$str = strip_html($str);
$str = str_replace("&", "", $str);
$str = str_replace("&", "", $str);
return $str;
}
/**
* Saves the page's options.
* If no page ID is given by $_POST
*
* @param int Page ID
*/
public function save_options()
{
$id_page = $this->input->post('id_page');
// Do stuff
if ($id_page) {
// Prepare data before save
$this->_prepare_options_data();
// Event Data
$event_data = array('base' => $this->data, 'lang' => $this->lang_data, 'post' => $this->input->post());
Event::fire('Page.options.save.before', $event_data);
// Save Page
$this->page_model->save($this->data, $this->lang_data);
// Save the Urls
$this->page_model->save_urls($id_page);
// Save Home page
if ($this->data['home'] == '1') {
$this->page_model->update_home_page($id_page);
}
$page = array_merge($this->lang_data[Settings::get_lang('default')], $this->page_model->get_by_id($id_page));
$page['menu'] = $this->menu_model->get($page['id_menu']);
// Saves linked categories
$this->base_model->join_items_keys_to('category', $this->input->post('categories'), 'page', $id_page);
// Saves Tags
$this->tag_model->save_element_tags($this->input->post('tags'), 'page', $id_page);
// Rules
if (Authority::can('access', 'admin/page/permissions/backend')) {
$resource = $this->_get_resource_name('backend', 'page', $id_page);
$this->rule_model->save_element_roles_rules($resource, $this->input->post('backend_rule'));
}
if (Authority::can('access', 'admin/page/permissions/frontend')) {
$resource = $this->_get_resource_name('frontend', 'page', $id_page);
$this->rule_model->save_element_roles_rules($resource, $this->input->post('frontend_rule'));
}
Event::fire('Page.options.save.success', $event_data);
// Remove HTML tags from returned array
strip_html($page);
}
// Reloads the page edition panel
$this->_reload_panel($id_page);
// Answer
$this->success(lang('ionize_message_page_saved'));
}
/**
* Updates the articles contexts (in tree for example)
* Called after article->save() && article->save_context()
*
*/
public function update_contexts($id_article)
{
$contexts = $this->article_model->get_lang_contexts($id_article, Settings::get_lang('default'));
strip_html($contexts);
$this->callback[] = array('fn' => 'ION.updateArticleContext', 'args' => array($contexts));
}
$render .= "^";
//FEATURE5
$render .= "^";
//FEATURE6
$render .= "^";
//FEATURE7
$render .= "^";
//FEATURE8
$render .= "^";
//FEATURE9
$render .= "^";
//FEATURE10
$length = strlen($row["dea_strapline"]);
$length = 300 - $length;
// 300 is allowed, but i add (cont) so we use 294
$desc = strip_html($row["dea_description"]);
$trimmed = preg_replace("/[\r\n]+[\\s\t]*[\r\n]+/", "", $desc);
$trimmed = str_replace("&#039;", "'", $trimmed);
$trimmed = str_replace("&amp;#039;", "'", $trimmed);
$trimmed = str_replace("&eacute;", "�", $trimmed);
$trimmed = substr($trimmed, 0, $length);
$render .= $row["dea_strapline"] . ": " . $trimmed . "^";
//SUMMARY
$longDescription = $row["dea_description"];
if ($row["total_area"]) {
$longDescription .= "<p>Approximate Gross Internal Area: " . $row["total_area"] . " square metres</p>";
}
$longDescription .= "<p>For further information or to arrange a viewing, please contact our <b>" . $row["bra_title"] . " Branch</b> on <b>" . $row["bra_tel"] . ".</b></p>";
$longDescription .= "<p>Visit <b>www.woosterstock.co.uk</b> for full details, colour photos, maps and floor plans.</p>";
$longDescription .= "<p>We endeavour to make all our property particulars, descriptions, floor-plans, marketing and local information accurate and reliable but we make no guarantees as to the accuracy of this information. All measurements and dimensions are for guidance only and should not be considered accurate. If there is any point which is of particular importance to you we advise that you contact us to confirm the details; particularly if you are contemplating travelling some distance to view the property. Please note that we have not tested any services or appliances mentioned in property sales details.</p>";
$render .= preg_replace("/[\r\n]+[\\s\t]*[\r\n]+/", "", $longDescription) . "^";
public function job_details()
{
$output_message = " <br /><b>Reference: </b>" . safe_output($this->job_ref ? $this->job_ref : SITE_NAME);
//$output_message .= "<br /><b>Company: </b>".$company_name->company_name;
$output_message .= " <br /><b>Title: </b>" . strip_html($this->job_title);
$output_message .= " <br /><b>Description: </b>" . strip_html($this->job_description);
$state = StateProvince::find_by_code($this->country, $this->state_province);
$state_name = empty($state) ? $this->state_province : $state->name;
$county = County::find_by_code($this->country, $this->state_province, $this->county);
$county_name = empty($county) ? $this->county : $county->name;
$city = City::find_by_code($this->country, $this->state_province, $this->county, $this->city);
$city_name = empty($city) ? $this->city : $city->name;
$location = $city_name . ", " . $county_name . ", " . $state_name;
$output_message .= " <br /><b>Location: </b> " . safe_output($location);
//$output_message .= "<br /><b>Job Type: </b>".$type;
$output_message .= " <br /><b>Start Date: </b>" . safe_output(strftime(DATE_FORMAT, strtotime($my_cv->created_at)));
//date("D d M Y", strtotime($this->created_at) ) );
$output_message .= " <br /><b>Contact: </b>" . safe_output($this->contact_name);
$output_message .= " <br /><b>Telephone: </b>" . safe_output($this->contact_telephone);
$output_message .= " <br /><b>Email: </b>" . safe_output($this->poster_email);
$output_message .= " <br /><b>Rate: </b>" . safe_output($this->job_salary) . " per " . safe_output($this->salaryfreq);
return $output_message;
}
