function getPage() { if (!isset($_REQUEST['page'])) { $page = 1; } else { $page = $_REQUEST['page']; } $oid = mysql_query($this->query); $pagerLength = mysql_affected_rows(); if ($pagerLength > 0) { $this->template = new Template($this->templateFile); $min = ($page - 1) * $this->pageLength; $max = $page * $this->pageLength; $query = $this->query . " LIMIT {$min}, {$this->pageLength}"; $this->buffer = aux::getResult($query); foreach ($this->buffer as $data) { $this->display($data); } $this->pageNumber = ceil($pagerLength / $this->pageLength); $this->template->setContent("pageNumber", $this->pageNumber); $this->template->setContent("page", $page); $script = basename($_SERVER['SCRIPT_FILENAME']); $pars = $_SERVER['QUERY_STRING']; if ($this->pageNumber == 1) { $next = "avanti »"; $prev = "« indietro"; } else { if ($page == $this->pageNumber) { $next = "avanti »"; $prevPage = $page - 1; $prev = "<a href=\"{$script}?{$pars}&page={$prevPage}\">« indietro</a>"; } else { if ($page == 1) { $prev = "« indietro"; $nextPage = $page + 1; $next = "<a href=\"{$script}?{$pars}&page={$nextPage}\">avanti »</a>"; } else { $nextPage = $page + 1; $next = "<a href=\"{$script}?{$pars}&page={$nextPage}\">avanti »</a>"; $prevPage = $page - 1; $prev = "<a href=\"{$script}?{$pars}&page={$prevPage}\">« indietro</a>"; } } } $this->template->setContent("next", $next); $this->template->setContent("prev", $prev); } else { $this->template = new Template($this->emptyTemplateFile); } return $this->template->get(); }
function emitHTML_post() { $allChannel = aux::getResult("SELECT id,title FROM bc_channel"); $count = 0; $x = 0; $temp = $allChannel; while ($x < count($GLOBALS['becontent']->entities)) { if ($GLOBALS['becontent']->entities[$x]->rss) { $content = array(); $nameEntity = $GLOBALS['becontent']->entities[$x]->name; $query = "SELECT id_bc_channel FROM channel_entity WHERE entity=\"{$nameEntity}\""; $content = aux::getResult($query); $mod = aux::getResult("SELECT modality FROM bc_rss_mod WHERE entity=\"{$nameEntity}\""); $mod = $mod[0]; $data = array(); $i = 0; while ($content[$i]) { $data[] = $content[$i++]['id_bc_channel']; } //print_r($data); $i = 0; while ($i < count($allChannel)) { if (is_array($data)) { $temp[$i]['checked'] = in_array($temp[$i]['id'], $data); } else { $temp[$i]['checked'] = false; } $temp[$i]['nameEntity'] = $nameEntity; $temp[$i]['mod'] = $mod['modality']; $i++; //print_r($temp); } $buffer[$count] = $temp; $temp = $allChannel; $count++; } $x++; } //print_r($buffer); $content = formTag::lista("prova", $buffer, aux::parsePars("text=\"title\" name=\"title\" value=\"id\" checked=\"checked\" field=\"nameEntity\" mod=\"mod\"")); return $content; }
function tags($name, $data, $pars) { $data = aux::getResult("select * from tags order by position"); if (count($data) > 0) { $content = '<div class="widget">'; $content .= '<h4>Tags</h4>'; $content .= '<nav class="tags">'; foreach ($data as $row) { $content .= "<a href=\"search.php?text={$row['text']}\">{$row['tag']}</a>\n"; } $content .= "</nav>"; $content .= "</div>"; } else { $content = ""; } return $content; }
function getComments($id) { $comments = new Template("dtml/comments.html"); $data = aux::getResult("\n\t\t\tSELECT * \n\t\t FROM comments\n\t\t LEFT JOIN users\n\t\t ON users.username = comments.username\n\t\t WHERE entityname = '{$this->entity->name}'\n\t\t AND itemid = '{$id}'\n\t\t AND comments.active = '*'\n\t\t AND users.active = '*'\n\t\t ORDER BY creation DESC"); if (count($data) > 0) { foreach ($data as $item) { foreach ($item as $k => $v) { switch ($k) { case "creation": $comments->setContent($k, aux::formatDate($v, EXTENDED)); break; default: $comments->setContent($k, $v); break; } } } } else { $comments->setContent("username", ""); $comments->setContent("creation", ""); $comments->setContent("body", aux::lingual("Non ci sono commenti", "No comments", "Nemo para commentares")); } return $comments->get(); }
function lastupdate($name, $data, $pars) { $update = aux::getResult("\n\t\t\n\t\t\tSELECT date\n\t\t\t FROM {$GLOBALS['logEntity']->name}\n\t\t\t WHERE entity = '{$GLOBALS['newsEntity']->name}' \n\t\t\t AND (operation = 'ADD' or operation = 'EDIT')\n\t\t ORDER BY date DESC\n\t\t LIMIT 1\n\t\t"); return aux::formatDate($update[0]['date'], EXTENDED); }
function doLogin() { if (!isset($_SESSION['user'])) { /* User not Logged */ $debug_action = "USER NOT LOGGED"; if (!isset($_POST['username']) and !isset($_POST['password'])) { if (!isset($_SESSION['HTTP_LOGIN'])) { unset($GLOBALS['_SERVER']['PHP_AUTH_PW']); unset($GLOBALS['_SERVER']['PHP_AUTH_USER']); /* Some message should be *maybe* emitted here ! */ } if (!isset($_SERVER['PHP_AUTH_USER']) and !isset($_SERVER['PHP_AUTH_PW'])) { Header("WWW-Authenticate: Basic realm=\"Login \""); Header("HTTP/1.0 401 Unauthorized"); $_SESSION['HTTP_LOGIN'] = true; exit; } else { $_POST['username'] = $_SERVER['PHP_AUTH_USER']; $_POST['password'] = $_SERVER['PHP_AUTH_PW']; $_SESSION['HTTP_LOGIN'] = false; } } $name = addcslashes($_POST['username'], "'"); $oid = mysql_query("SELECT * \n\n\t\t \t FROM {$GLOBALS['usersEntity']->name} \n\n\t\t \t WHERE username = '******'\n\n\t\t \t AND password = MD5('{$_POST['password']}')"); if (!$oid) { echo "Error in database!<hr>"; echo mysql_error(); exit; } if (mysql_num_rows($oid) == 0) { if ($_REQUEST['mode'] == "compact") { echo "0"; exit; } else { /* DISIM-specific: it should be removed ? anyhow it is never activate since * it will be activated only with mode=ajax as before * * */ Header("Location: error.php?id=loginError"); exit; } } else { $userdata = mysql_fetch_assoc($oid); $_SESSION['user']['username'] = $userdata['username']; $_SESSION['user']['name'] = $userdata['name']; $_SESSION['user']['surname'] = $userdata['surname']; $_SESSION['user']['email'] = $userdata['email']; $lastlogin = aux::getResult("\n\t\t\t\t SELECT * \n\t\t\t\t FROM {$GLOBALS['logEntity']->name} \n\t\t\t\t WHERE username = '******'user']['username']}'\n\t\t\t\t AND operation = 'LOGIN'\n\t\t\t\t ORDER BY date DESC\n\t\t\t\t LIMIT 1"); if (isset($lastlogin)) { $_SESSION['user']['lastlogin'] = $lastlogin[0]['date']; } else { $_SESSION['user']['lastlogin'] = ""; } $GLOBALS['logEntity']->insertItem(NULL, 'LOGIN', '', '', basename($_SERVER['SCRIPT_FILENAME']), $_SESSION['user']['username'], date("YmdHi"), $_SERVER['HTTP_HOST']); } } else { //USER HAS ALREADY LOGGED IN $debug_action = "USER_LOGGED"; } if (is_array($_SESSION['user']['services'])) { $debug_action = " services array "; } else { $debug_action = " services NOT array, trying to reload it "; $oid = mysql_query("SELECT DISTINCT {$GLOBALS['usersEntity']->name}.username, \n\n\t\t\t\t {$GLOBALS['servicesEntity']->name}.entry AS serviceName,\n\n\t\t\t\t {$GLOBALS['servicesEntity']->name}.visible,\n\n\t\t\t\t {$GLOBALS['servicesEntity']->name}.id_entities AS entity,\n\n\t\t\t\t {$GLOBALS['servicesEntity']->name}.script,\n\n\t\t\t\t {$GLOBALS['servicesEntity']->name}.superuser_group,\n\n\t\t\t\t {$GLOBALS['servicecategoryEntity']->name}.name AS category,\n\n\t\t\t\t {$GLOBALS['entitiesEntity']->name}.name AS tableName,\n\n\t\t\t\t {$GLOBALS['usersGroupsRelation']->name}.id_groups\n\n FROM {$GLOBALS['usersEntity']->name} \n\n LEFT JOIN {$GLOBALS['usersGroupsRelation']->name} \n\n ON {$GLOBALS['usersGroupsRelation']->name}.username = {$GLOBALS['usersEntity']->name}.username\n\n LEFT JOIN {$GLOBALS['groupsEntity']->name} \n\n ON {$GLOBALS['groupsEntity']->name}.id = {$GLOBALS['usersGroupsRelation']->name}.id_{$GLOBALS['groupsEntity']->name}\n\n LEFT JOIN {$GLOBALS['servicesGroupsRelation']->name} \n\n ON {$GLOBALS['servicesGroupsRelation']->name}.id_{$GLOBALS['groupsEntity']->name} = {$GLOBALS['groupsEntity']->name}.id\n\n LEFT JOIN {$GLOBALS['servicesEntity']->name} \n\n ON {$GLOBALS['servicesEntity']->name}.id = {$GLOBALS['servicesGroupsRelation']->name}.id_{$GLOBALS['servicesEntity']->name}\n\n LEFT JOIN {$GLOBALS['entitiesEntity']->name}\n\n ON {$GLOBALS['entitiesEntity']->name}.name = {$GLOBALS['servicesEntity']->name}.id_{$GLOBALS['entitiesEntity']->name}\n\n LEFT JOIN {$GLOBALS['servicecategoryEntity']->name}\n\n ON {$GLOBALS['servicecategoryEntity']->name}.id = {$GLOBALS['servicesEntity']->name}.servicecategory\n\n \n\n WHERE {$GLOBALS['usersEntity']->name}.username = '******'user']['username']}'\n\n ORDER BY {$GLOBALS['servicecategoryEntity']->name}.position, {$GLOBALS['servicesEntity']->name}.position"); if (!$oid) { echo "Error in database!<hr>"; echo mysql_error(); exit; } do { $data = mysql_fetch_assoc($oid); if ($data) { $_SESSION['user']['services'][] = $data; $_SESSION['user']['services'][$data['script']] = $data; $_SESSION['user']['groups'][$data['id_groups']] = $data['id_groups']; } } while ($data); } #print_r($_SESSION); $trovato = false; $error = 212; if (is_array($_SESSION['user']['services'])) { foreach ($_SESSION['user']['services'] as $k => $v) { $error = 217; if ($v['script'] == basename($_SERVER['SCRIPT_NAME'])) { $trovato = true; $currentService = $v; $error = 223; } } } if (basename($_SERVER['SCRIPT_NAME']) == "error.php" or basename($_SERVER['SCRIPT_NAME']) == "login.php" or basename($_SERVER['SCRIPT_NAME']) == "logout.php") { $trovato = true; } if (!$trovato) { #echo $script; if (basename($_SERVER['SCRIPT_NAME']) != "ajax-manager.php") { Header("Location: error.php?id=priviledgeError&{$error}&{$debug_action}"); exit; } } ///se abilitato il datafiltering/////////////////////////////////////// if (isset($currentService['tableName'])) { // Data Filtering Check if (isset($_REQUEST['page']) and $_REQUEST['page'] > 0 and $_REQUEST['action'] == "edit") { $result = mysql_query("select * from {$currentService['tableName']}"); if (!$result) { echo "Generic Database Error!"; exit; } $meta = mysql_fetch_field($result, 0); if (!$meta) { echo "Metadata Error!"; exit; } $oid = mysql_query("SELECT username\n\n\t\t\t FROM {$currentService['tableName']}\n\n \t\t\t\t\t WHERE {$meta->name} = '{$_REQUEST['value']}' "); if (!$oid) { echo "Error in database!<hr>"; echo mysql_error(); exit; } $data = mysql_fetch_assoc($oid); if ($data['username'] != $_SESSION['user']['username']) { /* CHECK FOR SUPERUSER_GROUP */ $superuser_group = Auth::getSuperusergroup(); $mygroups = Auth::getGroups(); echo Auth::isSuperuser(); if (!in_array(Auth::getSuperusergroup(), Auth::getGroups()) and !Auth::isAdmin()) { Header("Location: error.php?id=dataFiltering&289"); exit; } else { } } } } if (!isset($_SESSION['registered-user'])) { $trovato = false; if (is_array($_SESSION['user']['services'])) { foreach ($_SESSION['user']['services'] as $k => $v) { if ($v['id_groups'] == $GLOBALS['config']['registered_usergroup']) { $script = $_SERVER['HTTP_REFERER']; $_SESSION['registered-user'] = true; Header("Location: {$script}"); exit; } } } } //////////////////////////////////////////////////// $_SESSION['user']['admin'] = false; if (is_array($_SESSION['user']['services'])) { foreach ($_SESSION['user']['services'] as $k => $v) { if ($v['id_groups'] == $GLOBALS['config']['admin_usergroup']) { $_SESSION['user']['admin'] = true; } } } if ($_REQUEST['mode'] == "compact") { echo "1"; exit; } }
function path($name, $data, $pars) { if ($data != "") { $content = ""; $id_menu = $data; do { $item = aux::getResult("SELECT menu.*,\n\t\t\t\t\t \t\t\t\t pages.title,\n\t\t\t\t\t\t\t\t \t pages.id AS pages_id \n\t\t\t\t FROM menu\n\t\t \t\t LEFT JOIN pages\n\t\t \t\t\tON pages.id = menu.page_id\n\t\t\t\t\t WHERE menu.id = {$id_menu}\n\t\t \t\t\t ORDER BY position"); $id_menu = $item[0]['parent_id']; if ($item[0]['link'] != "") { $content = "<a href=\"{$item[0]['link']}\">{$item[0]['entry']}</a>" . aux::first_comma("path", " » ") . $content; } else { $content = "<a href=\"page/" . aux::seo_url($item[0]['title']) . "/{$item[0]['pages_id']}-{$item[0]['id']}.htm\">{$item[0]['entry']}</a>" . aux::first_comma("path", " > ") . $content; } } while ($item[0]['parent_id'] != 0); return $content; } }
<?php session_start(); require "include/template2.inc.php"; require "include/beContent.inc.php"; require "include/content.inc.php"; $main = new Skin("orange"); if (!isset($_GET['id'])) { $data = aux::getResult("SELECT id,title,description FROM {$channelEntity->name}"); $body = new Skinlet("rss.html"); $body->setContent("website", $GLOBALS['config']['website']['name']); $body->setContent("item", $data); $main->setContent("body", $body->get()); $main->close(); } else { $rss = new FeedRss($channelEntity); $data = aux::getResultArray("SELECT title FROM {$channelEntity->name} WHERE id={$_GET['id']}", 'title'); $rss->addChannel("{$data[0]}"); $rss->emitXML(); }
function liveReport2($name, $entityName, $pars) { $item = new Template("dtml/liveReport2.html"); $length = $pars['length']; $index = false; foreach ($_SESSION['user']['services'] as $k => $v) { if ($v['script'] == basename($_SERVER['SCRIPT_FILENAME'])) { $index = $k; break; } } if (!$index) { $item->setContent("title", "Report"); } else { $item->setContent("title", $_SESSION['user']['services'][$index]['serviceName']); } $data = aux::getResult("SELECT COUNT(*) AS count FROM {$entityName}"); $item->setContent("length", $length); $item->setContent("total", $data[0]['count']); $item->setContent("entity", $entityName); $item->setContent("script", basename($_SERVER['SCRIPT_FILENAME'])); $item->setContent("query", aux::encrypt($GLOBALS['currentform']->reportQuery)); return $item->get(); }
function getFieldRaw($key, $field) { $entity = $GLOBALS['database']->getEntityByName($this->entity_name); if ($this->limit) { $limit_clause = "LIMIT {$this->limit}"; } else { $limit_clause = ""; } $data = aux::getResult("SELECT " . $this->getEntityFields() . "\n\t\t\t\t\t\t\t\t FROM {$this->entity_name} \n\t\t\t\t WHERE {$this->entity_name}.{$entity->fields[0]['name']} = '{$key}'\n\t\t\t\t {$limit_clause}"); return $data[0][$this->getName($field)]; }