public static function getStatusUser($user_id) { if (DB::query_row("SELECT * FROM `online_tb` WHERE `user_id` = '" . $user_id . "' && `date` >= '" . date("Y-m-d H:i:s", time() - 60 * 10) . "'")) { return true; } return false; }
function getCount($aResultSQL) { $ex = explode("FROM ", $aResultSQL); unset($ex['0']); $count = DB::query_row("SELECT COUNT(DISTINCT(" . $this->count_field . ")) as count FROM " . implode(" ", $ex)); return $count['count']; }
public static function getMeta($parentID, $table) { if ($meta = DB::query_row("SELECT * FROM `meta_tb` WHERE `parentID` = '" . DB::escape($parentID) . "' && `table` = '" . DB::escape($table) . "'")) { return $meta; } return false; }
function actionEdit() { $obj = DB::query_row("SELECT * FROM `" . $_GET['table'] . "` WHERE `id` = '" . $_GET['id'] . "'"); $class = new $_GET['class'](); $oForm = call_user_func(array($class, "form"), $obj); $oForm->setFunctionPostBack($this, "editForm"); //echo $oForm->getForm("", "");die(); return $this->InIndex("Редактирование " . $oForm->getFormName(), $oForm->getForm("", ""), 1); }
function _HCM_recentposts($limit = null, $stranky = "", $typ = null) { // priprava $result = ""; if (isset($limit) and intval($limit) >= 1) { $limit = abs(intval($limit)); } else { $limit = 10; } // filtr cisel sekci, knih nebo clanku if (isset($stranky) and isset($typ)) { $rtype = intval($typ); if ($rtype < 1 or $rtype > 3) { $rtype = 1; } $rroots = "(" . _sqlWhereColumn("home", $stranky) . ") AND type=" . $rtype; } else { $rroots = "type!=4 AND type!=6 AND type!=7"; } $query = DB::query("SELECT id,type,home,xhome,subject,author,guest,time,text FROM `" . _mysql_prefix . "-posts` WHERE " . $rroots . " ORDER BY id DESC LIMIT " . $limit); while ($item = DB::row($query)) { // nacteni titulku a odkazu na stranku switch ($item['type']) { case 1: case 3: $hometitle = DB::query_row("SELECT title,title_seo FROM `" . _mysql_prefix . "-root` WHERE id=" . $item['home']); $homelink = _linkRoot($item['home'], $hometitle['title_seo']); break; case 2: $hometitle = DB::query_row("SELECT art.title,art.title_seo,cat.title_seo AS cat_title_seo FROM `" . _mysql_prefix . "-articles` AS art JOIN `" . _mysql_prefix . "-root` AS cat ON(cat.id=art.home1) WHERE art.id=" . $item['home']); $homelink = _linkArticle($item['home'], $hometitle['title_seo'], $hometitle['cat_title_seo']); break; case 5: if ($item['xhome'] == -1) { $tid = $item['id']; $hometitle = array("title" => $item['subject']); } else { $tid = $item['xhome']; $hometitle = DB::query_row("SELECT subject FROM `" . _mysql_prefix . "-posts` WHERE id=" . $item['xhome']); $hometitle = array("title" => $hometitle['subject']); } $homelink = "index.php?m=topic&id=" . $tid; break; } // nacteni jmena autora if ($item['author'] != -1) { $authorname = _linkUser($item['author'], null, true, true); } else { $authorname = $item['guest']; } $hometitle = $hometitle['title']; $result .= "\n<h2 class='list-title'><a href='" . $homelink . "'>" . $hometitle . "</a></h2>\n<p class='list-perex'>" . _cutStr(strip_tags(_parsePost($item['text'])), 256) . "</p>\n<div class='list-info'>\n<span>" . $GLOBALS['_lang']['global.postauthor'] . ":</span> " . $authorname . _template_listinfoseparator . "\n<span>" . $GLOBALS['_lang']['global.time'] . ":</span> " . _formatTime($item['time']) . "\n</div>\n\n"; } return $result; }
function table($aRow) { $photo = Photo::getPhotoById($aRow['main']); $aRow['main'] = "<img src='" . $photo['path'] . "/thumb/" . $photo['name'] . "'>"; if ($parent = DB::query_row("SELECT * FROM `category_tb` WHERE `id` = '" . DB::escape($aRow['categoryID']) . "'")) { $aRow['categoryID'] = $parent['name']; } else { $aRow['categoryID'] = "нет"; } return $aRow; }
public static function authorized($email, $password) { self::$user = DB::query_row('SELECT * FROM `user_tb` WHERE `email`="' . mysqli_real_escape_string(DB::$desc, $email) . '" && `passwd` = "' . mysqli_real_escape_string(DB::$desc, $password) . '" '); if (!self::$user) { return FALSE; } if (self::$user['isactive'] == 1) { return FALSE; } $_SESSION['session_id'] = self::$user['id']; return TRUE; }
function table($aRow) { if ($parent = DB::query_row("SELECT * FROM `category_tb` WHERE `id` = '" . DB::escape($aRow['categoryID']) . "'")) { $aRow['categoryID'] = $parent['name']; } else { $aRow['categoryID'] = "нет"; } if (DB::query_row("SELECT * FROM `category_tb` WHERE `categoryID` = '" . $aRow['id'] . "'")) { $aRow['name'] = '<a href="/admin/ru/Category/Show/?categoryID=' . $aRow['id'] . '">' . $aRow['name'] . '</a>'; } return $aRow; }
function _HCM_linkart($id = null, $text = null, $nove_okno = false) { if (null === $text) { $query = DB::query_row('SELECT art.title,art.title_seo,cat.title_seo AS cat_title_seo FROM `' . _mysql_prefix . '-articles` AS art JOIN `' . _mysql_prefix . '-root` AS cat ON(cat.id=art.home1) WHERE art.' . (is_numeric($id) ? 'id' : 'title_seo') . '=' . DB::val($id)); if (false === $query) { return '{' . _htmlStr($id) . '}'; } $text = $query['title']; } else { $query = array('title_seo' => null, 'cat_title_seo' => null); } return "<a href='" . _linkArticle($id, $query['title_seo'], $query['cat_title_seo']) . "'" . ($nove_okno ? ' target="_blank"' : '') . ">" . $text . "</a>"; }
function actionNews() { if (isset($_GET['all'])) { DB::query("UPDATE `user_tb` SET `news` = '0' WHERE `id` = '" . $_SESSION['session_id'] . "'"); $this->redirectTo("/news/"); } $limit = ($_GET['page'] - 1) * $this->count . ", " . $this->count; $news = DB::query_array("SELECT * FROM `news_tb` ORDER BY `id` DESC LIMIT " . $limit); $cpartners = DB::query_row("SELECT COUNT(id) as count FROM `news_tb` "); if (ceil($cpartners['count'] / $this->count) > 1) { $this->oSmarty->assign("pagination", $this->getNavigationIndex($cpartners['count'], $this->count, "/news/", $_GET['page'], 10)); } return $this->oSmarty->assign("news", $news)->fetch($_GET['region'] . "/Body/News.tpl"); }
$message = "<br /><ul>\n"; foreach ($prev_count as $key => $val) { $message .= "<li><strong>" . $_lang[$key] . ":</strong> <code>" . $val . "</code></li>\n"; } $message .= "</ul>"; } else { $message = _formMessage(1, $_lang['global.done']); } break; // deinstalace // deinstalace case 2: $pass = $_POST['pass']; $confirm = _checkboxLoad("confirm"); if ($confirm) { $right_pass = DB::query_row("SELECT password,salt FROM `" . _mysql_prefix . "-users` WHERE id=0"); if (_md5Salt($pass, $right_pass['salt']) == $right_pass['password']) { // ziskani tabulek $tables = array(); $q = DB::query('SHOW TABLES LIKE \'' . _mysql_prefix . '-%\''); while ($r = DB::rown($q)) { $tables[] = $r[0]; } // odstraneni tabulek foreach ($tables as $table) { DB::query("DROP TABLE `" . $table . "`"); } // zprava _userLogout(); echo "<h1>" . $_lang['global.done'] . "</h1>\n<p>" . $_lang['admin.other.cleanup.uninstall.done'] . "</p>"; exit;
$oBaseModule->oSmarty->assign("user", Auth::getUser()); } if (!isset($menu['class'])) { $oBaseModule->redirectTo("/404/"); } $oProcess = new $menu['class'](); $action = $menu['method'] == "" ? "action" : "action" . $menu['method']; call_user_func(array($oProcess, "init"), &$oBaseModule->oSmarty); $CONTENT = call_user_func(array($oProcess, $action)); //echo $_SERVER['HTTP_ACCEPT'];die(); if (mb_strpos($_SERVER['HTTP_ACCEPT'], "json")) { echo json_encode(array('result' => $CONTENT)); die; } else { if ($CONTENT == null) { $oBaseModule->redirectTo("/404/"); } $oBaseModule->oSmarty->assign("text", $CONTENT); header('Content-type: text/html; charset=utf-8'); header("HTTP/1.1 200 OK", TRUE, 200); if (isset($_SESSION['session_id']) && is_file("i/profile/" . $_SESSION['session_id'] . ".jpg")) { $oBaseModule->oSmarty->assign("photo_profile", "/i/profile/" . $_SESSION['session_id'] . ".jpg"); } $active = call_user_func(array($oProcess, "getActive"), &$oBaseModule->oSmarty); $oBaseModule->oSmarty->assign("active", $active); if (isset($_SESSION['session_id']) && $_SESSION['session_id'] != '') { echo $oBaseModule->oSmarty->assign("user_amount", number_format(Config::userAmount($_SESSION['session_id']), 0, ',', ' '))->assign("count_message", DB::query_row("SELECT COUNT(id) as count FROM `pmessage_tb` WHERE `status` = '1' && `user_id` = '" . $_SESSION['session_id'] . "'"))->assign("count_news", Auth::getUser("news"))->fetch($_GET['region'] . "/IndexFrontend.tpl"); } else { echo $oBaseModule->oSmarty->fetch($_GET['region'] . "/IndexAuth.tpl"); } }
/** * Delete action * @param array $params * @param array $action * @param AdminBread $bread * @return array */ public static function deleteAction(array $params, array $action, AdminBread $bread) { $messages = array(); $trigger = "_del_{$bread->uid}"; /* ----- load data ----- */ // verify ID if (!isset($params[1])) { return array(array('msg' => 'Missing parameter 1 for ' . __METHOD__), self::ACTION_ERR); } // process ID $id = (int) $params[1]; // load data $sql = $bread->formatSql("SELECT %columns% FROM `" . $bread->formatTable($bread->table) . "` {$bread->tableAlias} WHERE {$bread->tableAlias}.{$bread->primary}=@id@", array('columns' => array_merge(array($bread->primary), $action['extra_columns']), 'id' => $id)); $data = DB::query_row($sql); if (false === $data) { return array(null, self::ACTION_NOT_FOUND); } /* ----- delete ----- */ if (isset($_POST[$trigger])) { // handler or simple delete if (null !== $action['handler']) { // use handler $success = call_user_func($action['handler'], array('data' => $data, 'params' => $params, 'action' => $action, 'bread' => $bread, 'messages' => &$messages)); } else { // simple delete $success = DB::query($bread->formatSql("DELETE FROM `" . $bread->formatTable($bread->table) . "` WHERE {$bread->primary}=@id@ LIMIT 1", array('id' => $id))); } // handle result if ($success) { return array(array('messages' => $messages), self::ACTION_DONE); } else { $messages[] = array(2, $GLOBALS['_lang']['global.error']); } } /* ----- render ----- */ return array(array('messages' => $messages), $bread->render($action['template'], array('data' => $data, 'self' => $params['action'], 'submit_text' => $GLOBALS['_lang']['admin.content.redir.act.wipe.submit'], 'submit_trigger' => $trigger))); }
// forum // forum case 5: $tdata = DB::query("SELECT public,var2,var3,level FROM `" . _mysql_prefix . "-root` WHERE id=" . $posttarget . " AND type=8"); if (DB::size($tdata) != 0) { $tdata = DB::row($tdata); if (_publicAccess($tdata['public'], $tdata['level']) and _publicAccess($tdata['var3']) and $tdata['var2'] != 1) { $continue = true; } } break; // zprava // zprava case 6: if (_messages && _loginindicator) { $tdata = DB::query_row('SELECT sender,receiver FROM `' . _mysql_prefix . '-pm` WHERE id=' . $posttarget . ' AND (sender=' . _loginid . ' OR receiver=' . _loginid . ') AND sender_deleted=0 AND receiver_deleted=0'); if ($tdata !== false) { $continue = true; $xhome = $posttarget; } } break; // plugin post // plugin post case 7: _extend('call', 'posts.' . $pluginflag . '.validate', array('home' => $posttarget, 'valid' => &$continue)); break; // blbost // blbost default: die;
<?php /* --- kontrola jadra --- */ if (!defined('_core')) { exit; } /* --- nacteni promennych --- */ $continue = false; if (isset($_GET['cat'])) { $cid = intval($_GET['cat']); if (DB::result(DB::query("SELECT COUNT(id) FROM `" . _mysql_prefix . "-root` WHERE id=" . $cid . " AND type=2"), 0) != 0) { $catdata = DB::query_row("SELECT title,var1,var2 FROM `" . _mysql_prefix . "-root` WHERE id=" . $cid); $continue = true; } } /* --- vystup --- */ if ($continue) { $output .= "\n<p class='bborder'>" . $_lang['admin.content.articles.list.p'] . "</p>\n"; // nastaveni strankovani podle kategorie $artsperpage = $catdata['var2']; switch ($catdata['var1']) { case 1: $artorder = "art.time DESC"; break; case 2: $artorder = "art.id DESC"; break; case 3: $artorder = "art.title"; break; case 4:
define('LOCAL_SERVER', TRUE); } else { $db_host = "jgiven79.mydomaincommysql.com"; $db_name = "ezonsync"; $db_username = "******"; $db_pass = "******"; define('LOCAL_SERVER', FALSE); } foreach (glob('lib/autoload/*.php') as $lib) { require_once $lib; } $db = new DB($db_name, $db_host, $db_username, $db_pass); if (isset($_SESSION['user_id'])) { $active_user = $_SESSION['user_id']; $sql = "SELECT * FROM ebay_users WHERE user_id = {$active_user}"; $user = array_map('trim', DB::query_row($sql)); $DEVNAME = $user['dev_name']; $APPNAME = $user['app_name']; $CERTNAME = $user['cert_name']; //$token = encrypt('AgAAAA**AQAAAA**aAAAAA**G+62VA**nY+sHZ2PrBmdj6wVnY+sEZ2PrA2dj6AFmYKiAZODqAidj6x9nY+seQ**D5kCAA**AAMAAA**hBTDbwVBZQzRd1eWo+Q6GpIKHswi1M0LpELsFw3mMBz1rTRu6YbK++5EW9jfeOEaP47160L+pM3DonYI+9x0IRUrCGa5A+KARGCZsAtv9ahZO/SNw0zdKEqGQjU2gDbEtniyRYGhRXmyNBadHTQjnl21gsCGRyIO3IJDiMkdm8pxl/lTax4XaNr2lvrCD4zzBSFVScyKxnJAIFnFhuhMij3vagg452WSHApVajCe4STr9yatb9VX1Rleo2jVHQdWX5XrAV3HXvAP3MsVVu4LXAvtXvmbOAmM6c/FS6yqrC1k1dS7ODqTFxSgaDPwJxJxJ/FVmpKlkgOyRC2n9MMXqY2GCe+3uPa4CsosCnKduTryU1BSsw2wmizaG/uDoX7w8ci6D17ot3OJbhQQUFfO0RaGFQuSHTq1T0qSnhRzpHQrdHuX6iHWYTYt9/aP/rONApXk7Y5zGx9AKjwxyfPPWztyrG1Xo8v+WVySrQ6DN6yY4KYFDzjR/ENhy2Hnd/gxIMkQXmLrq4gzgJ9RPG3V6kBxoGrqOJ5tT45SBNp3gvxe9lpeTSRrwr8LGKTLHc/ukq3eTdLiQoXTyCBOp8EyU9J/7oz9/+b1mRLNq2zkCZkTyicST0TB+TmyEgnvzxtIqWv5Ho3ULbKYd0UcQo43CMpEuU88OA+uAZCCBGsY77YKnA3lKl7G7p+HOM7nAoWd20eVCsACmNhSDhRkVn+l4m+48gPxGTGJh107N7GqM+ExG1nXYS/cqFo0EXpgVyGr'); //xd(encrypt("AgAAAA**AQAAAA**aAAAAA**JPnJVA**nY+sHZ2PrBmdj6wVnY+sEZ2PrA2dj6wFk4GhDZGLpwudj6x9nY+seQ**TzUDAA**AAMAAA**vKXXPTO6jEoyGt+tEaOoay7uhUawF5n7YMuRajXR2Oq3NtXE2aFumryVj0iOkFogNf/0DxW2iffHyLUv93eRc/AMZFXyGBJb470GEGm6hh9ou7gUsIPN4Q7frHQgtl7yqrJ6RMBsYw4xuVVrqaTJ0Ud4gIaKFpxwV7KxJE20H2/MVUOFv4d/OhG8Y9pJJFITFQguWiMHB1amGPBugHADrYc97/wF/i3f5AZ+/6pjFGNAR2nmRA0NunJrqCHT4z0ckjB/aE0eRFOtFv35MIKyCSGMhVNzuv94p4OUFUAfEv2ojjf1/Qla8ufpnPigmfSjLVWaSGMqNu2nOPZL0Ul8j9MTCKI0MMxk5USC+gduMCKu2AIvLzd089heFPCwGH7MeNSlRdFEq0BshHNdzBXS+sGgvfHArIg0TIXzqq7Kn85F90F2HL9rFgfDaywZmk5lvMv0W7DjpbsoSsSQv9H8AmivtBsQN7J0KovenEKmOF1AK7U7MIC/evDRFzWyu2B6B3I7ylkMd+P9nygw3/a/eQMVGtt5kIJVByoLjVY5KMlrBZ1xSqALsvmaS2xG5PWAq8077oB5U3y1iUZwH1941wkMgE2tB3NQVBGuLe5drIvt5ODvCkNxewP6aLmMInGOqwvgWE20+uWZQhiqWtcqMSScHGxIO5poyIAARlwlmsiqcBwwCHPJoo4+1y9C34nSFvvcDSMNJCP3of4j4EsrMNcVsMv0OtywBIR1y1VQ54N7MPRvInqXwCYZKpQuyDOq")); // TESTUSER_seeker1983 //xd(encrypt("AgAAAA**AQAAAA**aAAAAA**bajSVA**nY+sHZ2PrBmdj6wVnY+sEZ2PrA2dj6wFk4GhDZKKpwydj6x9nY+seQ**zjgDAA**AAMAAA**xN7nAFSZwy0OULgz4hYVevvVk4DmgZp38S0PkqCtN0v2eNAviRrZuoYFbNWzXuyGc+ebcPkWaL1hY7IKm0BUCiFShZQo+p70ZObH0cotvF9xu9jg8Oj8M/Tr7ocaRf3JYqwL9igtJb6RXM7F0r69OcN3G/mu4iOSSIWjMeDmG7WbkjzVlQwidWAJlne8nMviZpTakBXweGIX3AdpfM9MSVO2mPpJZwQZiIqqEOIvHnTn1lFgKIkPU66jFCeeFv1ykWmkad1rKCJjOzpMKSB3gpf2wr3CG6voueYvt6gYzJ/+6Xb0vuYLV34cr8bX7QQPfQx/xdIFuCW1ZLrXaEvsMsojBgHwvIdUYZDMf3cK0P+XQN8yIALKYKnRDMXCuGtskYhNcswtDKu1kCtx9RAEt+JN28nj7dv2VfMsrt2E4OoZeZ29eQdT/mCXEFAyDz9HlUU5TtiVtRh/3N6wIgLT7/J169iLpDmEDKAp6W6F6MiQ82jeNxq/khUEdfOAZnkR73CyZ4ZatY1JvKJeo5XIgOuB6DkT7frMJltKIedqzSeDz+nBL/kRdNzyW5asaR0H1qg02C+3jaYRHURLiReBGN7YnGBxgVsiBzilMuz2D3m6n3veQAZWXf92QIBR2XVqcR2Ie/qw4L2eJtmFxUc75ZwQSOZgsyuHb1I+XBpdhHY0IDxrpBhnujlizZ3D0FUJWsACK1F9hte28XzlvSirWlmEPiK8T6YbWNz2SHU7C+ap+0PXSs7xgZ0JTLI706/2")); // TESTUSER_jgiven //mysql_query("UPDATE ebay_users set `token`='$token' WHERE user_id = $active_user"); $token = decrypt($user['token']); $ebayusername = $user['ebay_name']; if ($user['sandbox']) { $eBayAPIURL = "https://api.sandbox.ebay.com/ws/api.dll"; } else { $eBayAPIURL = "https://api.ebay.com/ws/api.dll"; } }
<?php /* --- kontrola jadra --- */ if (!defined('_core')) { exit; } /* --- priprava --- */ $form = false; $message = ""; $id = null; if (isset($_GET['id'])) { $id = DB::esc($_GET['id']); $query = DB::query("SELECT * FROM `" . _mysql_prefix . "-users` WHERE username='******'"); if (DB::size($query) != 0) { $query = DB::row($query); $groupdata = DB::query_row("SELECT title,descr,icon,color,blocked FROM `" . _mysql_prefix . "-groups` WHERE id=" . $query['group']); $form = true; // promenne if ($query['note'] == "") { $note = ""; } else { $note = "<tr class='valign-top'><td><strong>" . $_lang['global.note'] . "</strong></td><td><div class='note'>" . _parsePost($query['note']) . "</div></td></tr>"; } // cesta k avataru $query['avatar'] = _getAvatar($query['id'], true, false, true); // clanky autora $arts = DB::result(DB::query("SELECT COUNT(*) FROM `" . _mysql_prefix . "-articles` AS art WHERE author=" . $query['id'] . " AND " . _sqlArticleFilter()), 0); if ($arts != 0) { // zjisteni prumerneho hodnoceni $avgrate = DB::result(DB::query("SELECT ROUND(SUM(ratesum)/SUM(ratenum)) FROM `" . _mysql_prefix . "-articles` WHERE rateon=1 AND ratenum!=0 AND confirmed=1 AND author=" . $query['id']), 0); if ($avgrate === null) {
$oProcess = new Admin(); call_user_func(array($oProcess, "init"), &$oBaseModule->oSmarty); $CONTENT = call_user_func(array($oProcess, $sAct)); if (isset($_GET['class'])) { if (is_file("assets/backend/js/" . $_GET['class'] . ".js")) { $oBaseModule->oSmarty->assign("jsfile", "/assets/backend/js/" . $_GET['class'] . ".js"); } if (is_file("assets/backend/css/" . $_GET['class'] . ".css")) { $oBaseModule->oSmarty->assign("cssfile", "/assets/backend/css/" . $_GET['class'] . ".css"); } } if (isset($_SERVER['PHP_AUTH_USER']) && isset($_SERVER['PHP_AUTH_PW'])) { $usr = $_SERVER['PHP_AUTH_USER']; $pwd = $_SERVER['PHP_AUTH_PW']; //echo $usr."|".$pwd;die(); if (DB::query_row("SELECT * FROM `user_tb` WHERE `email` = '" . DB::escape($usr) . "' AND `passwd` = '" . DB::escape($pwd) . "' && `status` = '2'")) { $login_successful = true; } } if (!$login_successful) { header('WWW-Authenticate: Basic realm="My Realm"'); header('HTTP/1.0 401 Unauthorized'); print "Login failed!n"; } else { $oMenu = new Menu(); $oMenu->setMenuParent("Информация", '/admin/' . $_GET['region'] . '/'); $oMenu->setMenuParent("Пользователи", "/admin/" . $_GET['region'] . "/Users/Show/", null); $oMenu->setMenuParent("Товары", "/admin/" . $_GET['region'] . "/Product/Show/", null); $oMenu->setMenuParent("Категории", "/admin/" . $_GET['region'] . "/Category/Show/", null); $parent_id = $oMenu->setMenuParent("Тех поддержка", "/admin/" . $_GET['region'] . "/Support/Show/", null); $oBaseModule->oSmarty->assign("menu", $oMenu->getMenu());
switch ($post['type']) { case 1: case 3: $hometitle = DB::query_row("SELECT title,title_seo FROM `" . _mysql_prefix . "-root` WHERE id=" . $post['home']); $homelink = _linkRoot($post['home'], $hometitle['title_seo']); $hometitle = $hometitle['title']; break; case 2: $hometitle = DB::query_row("SELECT art.title,art.title_seo,cat.title_seo AS cat_title_seo FROM `" . _mysql_prefix . "-articles` AS art JOIN `" . _mysql_prefix . "-root` AS cat ON(cat.id=art.home1) WHERE art.id=" . $post['home']); $homelink = _linkArticle($post['home'], $hometitle['title_seo']); $hometitle = $hometitle['title']; break; case 5: $homelink = 'index.php?m=topic&id=' . $post[$post['xhome'] == '-1' ? 'id' : 'xhome']; if ($post['xhome'] == '-1') { $hometitle = $post['subject']; } else { $hometitle = DB::query_row("SELECT subject FROM `" . _mysql_prefix . "-posts` WHERE id=" . $post['xhome']); $hometitle = $hometitle['subject']; } break; } $module .= "<div class='post-head'><a href='" . $homelink . "#post-" . $post['id'] . "' class='post-author'>" . $hometitle . "</a> <span class='post-info'>(" . _formatTime($post['time']) . ")</span></div><p class='post-body'>" . _parsePost($post['text']) . "</p>\n"; } if (_pagingmode == 2 or _pagingmode == 3) { $module .= '<br />' . $paging[0]; } } else { $module .= $_lang['global.nokit']; } }
public function revise($options) { $sql = "UPDATE `user_products` SET `VendorPrice` = '{$options['vendor-price']}',\n `VendorQty` = '{$options['vendor_quantity']}',\n `ProfitRatio` = '" . $options['profit-pc'] * 100 . "',\n `Qty` = '{$options['ebay_quantity']}',\n `price` = '{$options['price']}',\n `max_quantity` = '{$options['max_quantity']}'\n WHERE `user_products`.`ItemID` ='{$this->item_id}'"; $this->query($sql); if ($options['price'] != $this->local_data['Price'] || $options['max_quantity'] != $options['ebay_quantity']) { $response = Ebay::revise_item($this->item_id, array('quantity' => $options['max_quantity'], 'price' => $options['price'])); $this->log("Updated: price: {$options['price']}, quantity: {$options['max_quantity']}"); } $this->local_data = DB::query_row("SELECT * from `user_products` where ItemID='{$this->item_id}'"); }
<?php set_time_limit(0); $start_time = time("now"); require_once 'lib/config.php'; if ($user['group'] !== 'admin') { $user_info = $user; } else { if (!empty($_GET['add'])) { $user_info = array('user_id' => 'NULL', 'first_name' => '', 'name' => 'John Doe', 'username' => 'new_user', 'password' => '', 'email' => '', 'paypal_address' => '', 'ebay_name' => '', 'dev_name' => '', 'app_name' => '', 'cert_name' => '', 'token' => '', 'sandbox' => '0', 'postal_code' => '00000', 'location' => 'New york', 'payment_methods' => 'PayPal'); $user_info = array('user_id' => '', 'first_name' => '', 'name' => 'Justin Given', 'username' => 'jgiven', 'password' => '332532dcfaa1cbf61e2a266bd723612c', 'email' => '*****@*****.**', 'paypal_address' => '*****@*****.**', 'ebay_name' => 'mnmerchant2014', 'dev_name' => '47d6fc1b-0e74-4627-b281-be45b8a2191f', 'app_name' => 'MnMercha-6e1f-4d7e-88b9-9954f3aab846', 'cert_name' => 'd5d6cf0c-f5c2-4baa-9196-4cb3db9e0f5d', 'eBayReady' => 'Yes', 'token' => decrypt('+D9KBgPFHvVdaH5I3o1HixlIfEANKhJT7Ti9kyBFwUqIW7ZN3zrBGBVL2javkhM1uxPb9HNz639EiuVfeWoAFdHWx0tuFk8ZGWqbrTFcFueKHLnYr31rUt07AzEoHI7qIDnURm+dwqdm1GEF7tGQ50nHemh1yQ9JkyW6i9UsvRC4v4AVYATzFahcKRFfzkKChwYJ9OlmbklwRvze/9hskWyHLv0eLsVzNhP8mm4n34V6p1iBuzasnHeP6Ipj+n7jAHYhCcs4q5+rJvAD37Cs9mOgUfjCRnWXezhGYM7PzSom68p7dmWGPpOSbBWDScTKp9jlkbDtCFuWrxiyK9SqWIS7SjK7fFb+cX+cGpxm2zfFHz3TnU0p7+J0eXyQFl0Z1H1ScHBZS6yFqcJKI3xfgrPtWG93AuBAYCBpGrCxdXo/PTz4b+dUru1HGUkSAgtS18Fjoef2sTS2MhJIufkmZgrRVV1UaGriuifFM45trj9D2UKFDuT50Y7ssEL8JrRO+1WaUyUrYSgFxW9CmOaCUcOTIIsHa47OmYrq0KdHCLpvEgeLhxvbsyq0clA6d0OksUxhzEbdxAyTXB3n+iA+xeRuz6NtbsREGYy8jTl6PuSr9AAPNuYxhlU2Eg5M8ECxVLwN3LKUdtsviZ0ai8iJKZd6sFWdKEGYEyhbJmfg0j5B+AmNNTRKyFSFKl53UFvKtQkkLolit90ZAxO1dxHWUGOWFjThgQhQUEu8XkrRkIN2RDbRSkOOP3rwNAa9JBXhbo6sbE0uvlE981Uk12WZ7Km9Sx+KFtxpjuk5h2+kQfCMmYpZJJHF6YzObZBfRHyj7m+5/RkYf5LTMzdAptkPwWl+zLiUrw/syDX3px7k+/D3gmde29G/MgI99xCvIFE00iHL40VnU29HdX1R4MpSeRCXB404wJDJ91Y9UXC3m7nWSC7jCpZPkuTatX86xDUpUgezDIMu5OdDTqze3STS+z2VL51fSi75qSvEgXYMMyQPhEt/eY8cg4BGQsVrC8FsZsZNMfD5aWv91yisap/Qg7AJNsxl0HV4jIlsTNWdCNZUENp3ifmEdhnYNw/weeV9Kt2LZKLAfVJOt5XlWj/n87GmtJz8DJWH7SW7Conu9vYVy/LHbWe0vlc0Y1x1KFfRq9UA5DOLEPo='), 'Token_exp_date' => '', 'amazon_username' => '', 'amazon_publickey' => '', 'amazon_privatekey' => '', 'sandbox' => '0', 'postal_code' => '55317', 'location' => 'Mines Chanhassen', 'payment_methods' => 'PayPal', 'footer' => '0'); } else { $user_id = empty($_GET['user_id']) ? $user['user_id'] : intval($_GET['user_id']); $user_info = DB::query_row("SELECT * from ebay_users where `user_id` = '{$user_id}'"); } } if (isset($_POST['do'])) { $data = array('first_name' => mysql_real_escape_string(isset($_POST['first_name']) ? $_POST['first_name'] : ''), 'name' => mysql_real_escape_string(isset($_POST['name']) ? $_POST['name'] : ''), 'username' => mysql_real_escape_string(isset($_POST['username']) ? $_POST['username'] : ''), 'email' => mysql_real_escape_string(isset($_POST['email']) ? $_POST['email'] : ''), 'paypal_address' => mysql_real_escape_string(isset($_POST['paypal_address']) ? $_POST['paypal_address'] : ''), 'ebay_name' => mysql_real_escape_string(isset($_POST['ebay_name']) ? $_POST['ebay_name'] : ''), 'dev_name' => mysql_real_escape_string(isset($_POST['dev_name']) ? $_POST['dev_name'] : ''), 'app_name' => mysql_real_escape_string(isset($_POST['app_name']) ? $_POST['app_name'] : ''), 'cert_name' => mysql_real_escape_string(isset($_POST['cert_name']) ? $_POST['cert_name'] : ''), 'token' => encrypt($_POST['token']), 'sandbox' => empty($_POST['sandbox']) ? 0 : 1, 'postal_code' => mysql_real_escape_string(isset($_POST['postal_code']) ? $_POST['postal_code'] : ''), 'location' => mysql_real_escape_string(isset($_POST['location']) ? $_POST['location'] : ''), 'payment_methods' => mysql_real_escape_string(isset($_POST['payment_methods']) ? $_POST['payment_methods'] : '')); if ($user['group'] == 'admin') { if (!empty($_POST['add']) || isset($_GET['add'])) { $data['user_id'] = ''; } else { if (!empty($_POST['user_id'])) { $data['user_id'] = intval($_POST['user_id']); } elseif (!empty($_GET['user_id'])) { $data['user_id'] = intval($_GET['user_id']); } } } else { $data['user_id'] = $user['user_id']; }
<?php /* --- kontrola jadra --- */ if (!defined('_core')) { exit; } /* --- pripava promennych --- */ $message = ""; $query = DB::query_row("SELECT * FROM `" . _mysql_prefix . "-users` WHERE id=" . _loginid); if ($query['icq'] == 0) { $query['icq'] = ""; } // cesta k avataru $avatar_path = _getAvatar(_loginid, true, false, true, true); /* --- ulozeni --- */ if (isset($_POST['username'])) { $errors = array(); /* -- nacteni a kontrola promennych -- */ // sebedestrukce if (_loginright_selfdestruction and _checkboxLoad("selfremove")) { $selfremove_confirm = _md5Salt($_POST['selfremove-confirm'], $query['salt']); if ($selfremove_confirm == $query['password']) { if (_loginid != 0) { _deleteUser(_loginid); $_SESSION = array(); session_destroy(); define('_redirect_to', 'index.php?m=login&_mlr=4'); return; } else { $errors[] = $_lang['mod.settings.selfremove.denied']; }
$query = DB::row($query); if (_postAccess($query)) { $continue = true; $nobbcode = false; $backlink = null; _extend('call', 'mod.editpost.backlink', array('backlink' => &$backlink, 'query' => $query)); if (null === $backlink) { switch ($query['type']) { case 1: $backlink = _addGetToLink(_linkRoot($query['home']), "page=" . _resultPagingGetItemPage(_commentsperpage, "posts", "id>" . $query['id'] . " AND type=1 AND xhome=-1 AND home=" . $query['home'])) . "#post-" . $query['id']; break; case 2: $backlink = _addGetToLink(_linkArticle($query['home']), "page=" . _resultPagingGetItemPage(_commentsperpage, "posts", "id>" . $query['id'] . " AND type=2 AND xhome=-1 AND home=" . $query['home'])) . "#post-" . $query['id']; break; case 3: $postsperpage = DB::query_row("SELECT var2 FROM `" . _mysql_prefix . "-root` WHERE id=" . $query['home']); $backlink = _addGetToLink(_linkRoot($query['home']), "page=" . _resultPagingGetItemPage($postsperpage['var2'], "posts", "id>" . $query['id'] . " AND type=3 AND xhome=-1 AND home=" . $query['home'])) . "#post-" . $query['id']; break; case 4: $nobbcode = true; break; case 5: if ($query['xhome'] == -1) { if (!_checkboxLoad("delete")) { $backlink = "index.php?m=topic&id=" . $query['id']; } else { $backlink = _linkRoot($query['home']); } } else { $backlink = _addGetToLink("index.php?m=topic&id=" . $query['xhome'], "page=" . _resultPagingGetItemPage(_commentsperpage, "posts", "id<" . $query['id'] . " AND type=5 AND xhome=" . $query['xhome'] . " AND home=" . $query['home'])) . "#post-" . $query['id']; }
$gquery['level'] += 1; } // konstanty opravneni foreach ($rights_array as $item) { define('_loginright_' . $item, $gquery[$item]); } // zaznamenani casu aktivity (max 1x za 30 sekund) if (time() - $uquery['activitytime'] > 30) { DB::query("UPDATE `" . _mysql_prefix . "-users` SET activitytime='" . time() . "', ip='" . _userip . "' WHERE id=" . _loginid); } } } if (1 !== $result) { // konstanty hosta define('_loginid', -1); define('_loginname', ''); define('_loginpublicname', ''); define('_loginemail', ''); define('_loginwysiwyg', 0); define('_loginlanguage', ''); define('_logincounter', 0); // konstanty skupiny $gquery = DB::query_row("SELECT * FROM `" . _mysql_prefix . "-groups` WHERE id=2"); define('_loginright_group', $gquery['id']); define('_loginright_groupname', $gquery['title']); foreach ($rights_array as $item) { define('_loginright_' . $item, $gquery[$item]); } } // konstanta pro indikaci prihlaseni define('_loginindicator', $result);
$message = _formMessage(1, $_lang['global.created']); break; } else { // ulozeni DB::query('UPDATE `' . _mysql_prefix . '-redir` SET old=\'' . DB::esc($q['old']) . '\',new=\'' . DB::esc($q['new']) . '\',active=' . $q['active'] . ' WHERE id=' . $edit_id); $message = _formMessage(1, $_lang['global.saved']); } } // nacteni dat if ($new) { if (!isset($q)) { $q = array(); } $q += array('id' => null, 'old' => '', 'new' => '', 'active' => '1'); } else { $q = DB::query_row('SELECT * FROM `' . _mysql_prefix . '-redir` WHERE id=' . $edit_id); if ($q === false) { break; } } // formular $output .= $message . "\n<form action='' method='post'>\n<table class='formtable'>\n\n<tr>\n <td class='rpad'><strong>" . $_lang['admin.content.redir.old'] . "</strong></td>\n <td><input type='text' name='old' value='" . $q['old'] . "' class='inputmedium' maxlength='255' /></td>\n</tr>\n\n<tr>\n <td class='rpad'><strong>" . $_lang['admin.content.redir.new'] . "</strong></td>\n <td><input type='text' name='new' value='" . $q['new'] . "' class='inputmedium' maxlength='255' /></td>\n</tr>\n\n<tr>\n <td class='rpad'><strong>" . $_lang['admin.content.redir.act'] . "</strong></td>\n <td><input type='checkbox' name='act' value='1'" . _checkboxActivate($q['active']) . " /></td>\n</tr>\n\n<tr>\n <td></td>\n <td><input type='submit' value='" . $_lang['global.' . ($new ? 'create' : 'save')] . "' /></td>\n</tr>\n\n</table>\n" . _xsrfProtect() . "</form>"; } while (false); } elseif (isset($_GET['del']) && _xsrfCheck(true)) { // smazani DB::query('DELETE FROM `' . _mysql_prefix . '-redir` WHERE id=' . intval($_GET['del'])); $output .= _formMessage(1, $_lang['global.done']); } elseif (isset($_GET['wipe'])) { // smazani vsech if (isset($_POST['wipe_confirm'])) { DB::query('TRUNCATE TABLE `' . _mysql_prefix . '-redir`');
} // formular if (isset($message)) { $module .= $message . "\n"; } $module .= "<form action='' method='post' name='newmsg'" . _jsCheckForm('newmsg', array('receiver')) . ">\n<table>\n\n<tr>\n <td><strong>" . $_lang['mod.messages.receiver'] . "</strong></td>\n <td><input type='text' name='receiver' class='inputsmall' maxlength='24'" . _restorePostValue("receiver", _get('receiver')) . " /></td>\n</tr>\n\n<tr>\n <td><strong>" . $_lang['posts.subject'] . "</strong></td>\n <td><input type='text' name='subject' class='inputsmall' maxlength='22'" . _restorePostValue("subject", _get('subject')) . " /></td>\n</tr>\n\n<tr class='valign-top'>\n <td><strong>" . $_lang['mod.messages.message'] . "</strong></td>\n <td><textarea name='text' class='areamedium' rows='5' cols='33'>" . _restorePostValue("text", null, true) . "</textarea></td>\n</tr>\n\n<tr>\n <td></td>\n <td><input type='submit' value='" . $_lang['global.send'] . "' />" . _getPostFormControls('newmsg', 'text') . "</td>\n</tr>\n\n</table>\n\n" . _jsLimitLength(16384, 'newmsg', 'text') . "\n\n" . _xsrfProtect() . "</form>\n"; break; /* --- vypis --- */ /* --- vypis --- */ default: // cteni vzkazu if (isset($_GET['read'])) { // promenne $id = intval($_GET['read']); // nacist data $q = DB::query_row('SELECT pm.*,post.subject,post.time FROM `' . _mysql_prefix . '-pm` AS pm JOIN `' . _mysql_prefix . '-posts` AS post ON (post.type=6 AND post.home=pm.id AND post.xhome=-1) WHERE pm.id=' . $id . ' AND (sender=' . _loginid . ' AND sender_deleted=0 OR receiver=' . _loginid . ' AND receiver_deleted=0)'); if ($q === false) { $module .= _formMessage(3, $_lang['global.badinput']); break; } // titulek $mod_title = 'mod.messages.read'; // stavy $locked = $q['sender_deleted'] || $q['receiver_deleted']; list($role, $role_other) = $q['sender'] == _loginid ? array('sender', 'receiver') : array('receiver', 'sender'); // citace neprectenych zprav $counter = DB::result(DB::query('SELECT COUNT(*) FROM `' . _mysql_prefix . '-posts` WHERE home=' . $q['id'] . ' AND type=6 AND time>' . $q[$role_other . '_readtime']), 0); $counter_s = array('', ''); $counter_s[$role === 'sender' ? 1 : 0] = ' (' . $counter . ')'; // vystup require_once _indexroot . 'require/functions-posts.php';
if (!_loginindicator) { if (_xsrfCheck()) { if (_iplogCheck(1)) { // nacteni promennych $username = DB::esc($_POST['username']); $email = strpos($_POST['username'], '@') !== false; $password = $_POST['password']; $persistent = _checkboxLoad('persistent'); // nalezeni uzivatele $query = DB::query("SELECT * FROM `" . _mysql_prefix . "-users` WHERE `" . ($email ? 'email' : 'username') . "`='" . $username . "'" . (!$email && $username !== '' ? ' OR publicname=\'' . $username . '\'' : '')); if (DB::size($query) != 0) { $query = DB::row($query); if (empty($username)) { $username = $query['username']; } $groupblock = DB::query_row("SELECT blocked FROM `" . _mysql_prefix . "-groups` WHERE id=" . $query['group']); if ($query['blocked'] == 0 and $groupblock['blocked'] == 0) { if (_md5Salt($password, $query['salt']) == $query['password']) { // navyseni poctu prihlaseni DB::query("UPDATE `" . _mysql_prefix . "-users` SET logincounter=logincounter+1 WHERE id=" . $query['id']); // zaslani cookie pro stale prihlaseni if ($persistent) { $persistent_cookie_data = array(); $persistent_cookie_data[] = $query['id']; $persistent_cookie_data[] = $ipbound ? '1' : '0'; $persistent_cookie_data[] = _md5HMAC($query['password'] . '$' . $query['email'], $ipbound ? _userip : _sessionprefix); setcookie(_sessionprefix . "persistent_key", implode('$', $persistent_cookie_data), time() + 2592000, "/"); } // ulozeni dat pro session $_SESSION[_sessionprefix . "user"] = $query['id']; $_SESSION[_sessionprefix . "password"] = $query['password'];
if (!defined('_core')) { exit; } // vystup $title = $query['title']; // odkazani podle ID if ($query['content'] !== '') { if (mb_substr($query['content'], 0, 1) == "*") { // stranka $lid = intval(mb_substr($query['content'], 1)); $query['content'] = ""; $rootdata = DB::query_row("SELECT id,title_seo FROM `" . _mysql_prefix . "-root` WHERE id=" . $lid); if ($rootdata !== false) { $query['content'] = _linkRoot($rootdata['id'], $rootdata['title_seo']); } } else { // clanek if (mb_substr($query['content'], 0, 1) == "%") { $lid = intval(mb_substr($query['content'], 1)); $query['content'] = ""; $artdata = DB::query_row("SELECT art.id,art.title_seo,cat.title_seo AS cat_title_seo FROM `" . _mysql_prefix . "-articles` AS art JOIN `" . _mysql_prefix . "-root` AS cat ON(cat.id=art.home1) WHERE art.id=" . $lid); if ($artdata !== false) { $query['content'] = _linkArticle($artdata['id'], $artdata['title_seo']); } } } } // aktivace presmerovani if ($query['content'] != "") { define('_redirect_to', $query['content']); }
<?php /* * FIO invoices - API * Automatizace zaplacenych faktur * Author <smetka.net> */ $ip = "IP ADRESS SERVER"; $fio_token = "FIO TOKEN API"; if ($_SERVER["REMOTE_ADDR"] === $ip) { $xml = simplexml_load_file("https://www.fio.cz/ib_api/rest/periods/{$fio_token}/" . date("Y-m-d", strtotime("-2 month")) . "/" . date("Y-m-d") . "/transactions.xml"); $items = $xml->TransactionList->Transaction; foreach ($items as $key => $value) { $final_price = $value->column_1; $vs = $value->column_5; $update = DB::query_row("SELECT vs, final_price, confirm FROM table WHERE confirm='0' AND vs='{$vs}' AND final_price='{$final_price}'"); if ($update) { // E.g. sending a notification email } } }
/** * Sestavit a provest dotaz na cestu * @param array $columns * @param int $nodeId * @param int|null $nodeLevel * @return array */ public function loadPath(array $columns, $nodeId, $nodeLevel = null) { // zjistit uroven uzlu if (null === $nodeLevel) { $nodeLevel = DB::query_row('SELECT ' . $this->levelColumn . ' FROM `' . $this->table . '` WHERE ' . $this->idColumn . '=' . DB::val($nodeId)); if (false === $nodeLevel) { throw new RuntimeException(sprintf('Neexistujici uzel "%s"', $nodeId)); } $nodeLevel = $nodeLevel[$this->levelColumn]; } // pripravit sloupce $columns = array_merge(array($this->idColumn, $this->parentColumn, $this->levelColumn, $this->depthColumn), $columns); $columnCount = sizeof($columns); // sestavit dotaz $sql = 'SELECT '; for ($i = 0; $i <= $nodeLevel; ++$i) { for ($j = 0; $j < $columnCount; ++$j) { if (0 !== $i || 0 !== $j) { $sql .= ','; } $sql .= 'n' . $i . '.' . $columns[$j]; } } $sql .= ' FROM `' . $this->table . '` n0'; for ($i = 1; $i <= $nodeLevel; ++$i) { $sql .= sprintf(_nl . ' JOIN `%s` n%s ON(n%2$s.%s=n%s.%s)', $this->table, $i, $this->idColumn, $i - 1, $this->parentColumn); } $sql .= ' WHERE n0.' . $this->idColumn . '=' . DB::val($nodeId); // nacist uzly $nodes = array(); $nodeIndex = 0; $query = DB::query($sql); $row = DB::rown($query); for ($i = $nodeLevel * $columnCount; isset($row[$i]); $i -= $columnCount) { for ($j = 0; $j < $columnCount; ++$j) { $nodes[$nodeIndex][$columns[$j]] = $row[$i + $j]; } ++$nodeIndex; } DB::free($query); return $nodes; }