$_SESSION['dateline'] = $dateline; $_SESSION['created'] = $created; // Log the activity $action = new activity(); $action->track_activity($userID, $action->saving_article, 'Saving the article ' . $_SESSION['title']); $gotoURL = "../admin/my_articles2.php"; } } break; case 'submit2editor': if (isset($articletask)) { $currenttime = time(); $sql = "select * from tasks where taskID = '{$articletask}' "; $db->query($sql); $gettask = array(); while ($gettask[] = $db->fetcharray()) { } $duedate = $gettask[0]->enddate; if ($db->getnumrows() > 0) { if ($currenttime > $duedate) { echo '<script>alert("Sorry, the article is no longer accepted because you haven\'t met the deadline of this task which is ' . friendlydate5($duedate) . '. If you really want to submit the article kindly contact the editor.");</script>'; echo '<script>history.go(-1);</script>'; exit; } else { $sql = "update tasks set status = 'Completed' where taskID = '{$articletask}' "; $db->query($sql); } } } if (isset($_SESSION['articleID'])) { $created = $_SESSION['created'];
unset($_SESSION['title']); unset($_SESSION['article_body']); unset($_SESSION['dateline']); unset($_SESSION['created']); unset($_SESSION['edited_by']); } /** * Get all the tasks */ $sql = " select * from tasks where assignedto = '{$userID}' \r\n\t\tand status != 'Completed' "; if (!($result = $db->query($sql))) { die('Error:' . $db->error()); } //echo $sql; $tasks = array(); while ($row = $db->fetcharray()) { $tasks[] = $row; } $db->freeresult(); $tasklist = ''; foreach ($tasks as $field => $data) { $tasklist .= '<option value="' . $data->taskID . '">'; $tasklist .= $data->subject; $tasklist .= '</option>'; } /** * Get all the news category */ $sql = " select * from category "; if (!($result = $db->query($sql))) { die('Error:' . $db->error());
case 6: // whos yur daddy... $sql = " select * from article_versions av "; $sql .= " where av.stageID = " . $_SESSION['stageID']; $sql .= " and av.isarchive = '1' "; $sql .= " order by dateline DESC "; $heading = "News Content Archive Manager"; break; } } //print $sql; if (!($result = $db->query($sql))) { die('Error:' . $db->error()); } $my_articles = array(); while ($row = $db->fetcharray()) { $my_articles[] = $row; } $n = $db->getnumrows(); $db->freeresult(); //print_r($my_articles); $totalrows = count($my_articles); $limit = 10; $paging = ceil($totalrows / $limit); $scroll = 1; $scrollnumber = 5; if (isset($_GET['page'])) { $page = $_GET['page']; } else { $page = 1; }
if ( !isset($_SESSION['login'])) { header('Location: login.php'); } if (isset($_SESSION['login'])) { $userID = $_SESSION['userID']; $usertype = $_SESSION['usertype']; } */ $db = new database(); $sql = "select * from content_users "; if (!($result = $db->query($sql))) { die('Error:' . $db->error()); } $content_users = array(); while ($content_users[] = $db->fetcharray()) { } $db->freeresult(); for ($i = 0; $i < count($content_users) - 1; $i++) { $i % 2 == 0 ? $bgcolor = "" : ($bgcolor = "#F5F5F5"); $row_data .= '<tr class="tdhover" bgcolor = "' . $bgcolor . '" align = "center">'; $row_data .= '<td align="left">'; $row_data .= $content_users[$i]->fullname; $row_data .= '</td>'; $row_data .= '<td>'; $row_data .= $content_users[$i]->username; $row_data .= '</td>'; $row_data .= '<td>'; $row_data .= '<label>'; $row_data .= $content_users[$i]->is_loggedin; $row_data .= '</label>';
} else { $ads148x300 .= '<p><a href="' . $PHP_SELF . '?bannerID=' . $bannerdata->bannerID . '">'; $ads148x300 .= '<img src="' . makeRelativePath($bannerdata->banner_imageurl, 7) . '" border="0" width="130" ></a>'; $ads148x300 .= '</p>'; } } /** * Get the sponsored links.., esp. the active clients */ $sql = " select website from corporate_partners cp "; $sql .= " where cp.status = '1' "; if (!($result = $db->query($sql))) { die('Error:' . $db->error()); } $links = array(); while ($links[] = $db->fetcharray()) { } $db->freeresult(); $sponsoredlinks = ''; $n = count($links) - 1; for ($i = 0; $i < $n; $i++) { // Count the active banners foreach ($links as $field => $values) { if ($field == 'clientID') { if (checkhttptext($links[$i]->website)) { $url = splithttptext($links[$i]->website); $sponsoredlinks .= '<li><a href="' . $links[$i]->website . '">' . $url[1] . '</a></li>'; } else { $sponsoredlinks .= '<li><a href="http://' . $links[$i]->website . '">' . $links[$i]->website . '</a></li>'; } }
$message = 'Successfully saved the tasks: ' . $_SESSION['title']; break; case 'delete': $message = 'Successfully delete the task(s) '; break; } unset($_SESSION['task']); } $db = new database(); $created = simpledate(time()); $sql = "select * from tasks order by created_t desc"; if (!($result = $db->query($sql))) { die('Error:' . $db->error()); } $tasks = array(); while ($tasks[] = $db->fetcharray()) { } $totalrows = count($tasks); $limit = 10; $paging = ceil($totalrows / $limit); $scroll = 0; $scrollnumber = 5; if (isset($_GET['page'])) { $page = $_GET['page']; } else { $page = 1; } $start = $page * $limit - $limit; $pagelink = new paging($page, $totalrows, $limit, $paging, $scroll, $scrollnumber); $j = $start + 1; for ($i = $start; $i < $start + $limit; $i++) {
break; case 'add': $message = 'Successfully saved client: ' . $_SESSION['title']; break; default: $message = ''; break; } unset($_SESSION['task']); } $sql = " select * from corporate_partners order by registerDate desc "; if (!($result = $db->query($sql))) { die('Error:' . $db->error()); } $clients = array(); while ($clients[] = $db->fetcharray()) { } //print_r($clients); $totalrows = count($clients); $limit = 10; $paging = ceil($totalrows / $limit); $scroll = 1; $scrollnumber = 5; if (isset($_GET['page'])) { $page = $_GET['page']; } else { $page = 1; } $start = $page * $limit - $limit; $pagelink = new paging($page, $totalrows, $limit, $paging, $scroll, $scrollnumber); $j = $start + 1;
session_start(); // if user is not login..redirect him to login page if (!isset($_SESSION['login'])) { header('Location: login.php'); } if (isset($_SESSION['login'])) { $userID = $_SESSION['userID']; $usertype = $_SESSION['usertype']; } $db = new database(); $sql = " select * from user_log "; if (!($result = $db->query($sql))) { die('Error :' . $db->error()); } $user_log = array(); while ($user_log[] = $db->fetcharray()) { } $db->freeresult(); for ($i = 0; $i < count($user_log) - 1; $i++) { $i % 2 == 0 ? $bgcolor = "" : ($bgcolor = "#F5F5F5"); $row_data .= '<tr class="tdhover" id="tdata" bgcolor = "' . $bgcolor . '" align = "center">'; $row_data .= '<td align="left">'; $row_data .= '<a href="' . VIEW_PROFILE_URL . $user_log[$i]->userID . '">'; //$row_data .= '<input type="hidden" value = "' . $user_log[$i]->userID . '">'; $user_fullname = getUser_info($user_log[$i]->userID, 'fullname'); $row_data .= $user_fullname; $row_data .= $user_log[$i]->fullname; $row_data .= '</a>'; $row_data .= '</td>'; $row_data .= '<td>'; $username = getUser_info($user_log[$i]->userID, 'username');
$userID = $_SESSION['userID']; $usertype = $_SESSION['usertype']; } if (isset($_SESSION['message'])) { $message = $_SESSION['message']; unset($_SESSION['message']); } $quotaID = $_GET['quotaID']; $_SESSION['quotaID'] = $quotaID; $db = new database(); $sql = " select * from quota where quotaID='{$quotaID}' "; if (!($result = $db->query($sql))) { die('Error:' . $db->error()); } $quota = array(); if ($quota[] = $db->fetcharray()) { } $db->freeresult(); $myquota = $quota[0]->quota; if ($quota[0]->isdefault) { $optyesno .= '<input name="isdefault" type="radio" value="1" checked>Yes'; $optyesno .= '<input name="isdefault" type="radio" value="0" >No'; } else { $optyesno .= '<input name="isdefault" type="radio" value="1" >Yes'; $optyesno .= '<input name="isdefault" type="radio" value="0" checked >No'; } // Log the activity $action = new activity(); $action->track_activity($userID, $action->creating_category, '-'); // ok baby, let start compiling the page now..go! go! go! {mh} $tpl = new template_parser('../templates/edit_quota.tpl.php');
if ( $field == 'articleID' ) { $other_headlines .= '<li><a href="view_article.php?articleID=' . $other_headlinenews[$i]->articleID . '">' . $other_headlinenews[$i]->title . '</a>'; $other_headlines .= '</li>'; } } } */ /** * obtain list of the category */ $sql = "select * from category order by category_name ASC"; if (!($result = $db->query($sql))) { die('Error:' . $db->error()); } $categories = array(); while ($categories[] = $db->fetcharray()) { } $totalcategories = count($categories); $categorylist = ''; for ($i = 0; $i < $totalcategories - 1; $i++) { foreach ($categories as $field => $value) { if ($field == 'category_name') { $categorylist .= '<li><a href="' . VIEW_CATEGORY_URL . $categories[$i]->categoryID . '">' . $categories[$i]->category_name . '</a></li>'; } } } /** * Get the set of images of the article...( its better to have 1 image per article,, ok na!!) */ $imagesets = getArticle_imageSets($view_article[0]->articleID); if (count($imagesets) > 1) {
$db = new database(); $x = new online_tracker(); $x->tracker(); $gerger = new gerger_timer(); $gerger->start(); $gerger->setprecision(4); /** * obtain list of all client ads, images */ $sql = " select * from corporate_partners_imgs "; $sql .= " where banner_show = '1' "; if (!($result = $db->query($sql))) { die('Error:' . $db->error()); } $alladvertisements = array(); while ($alladvertisements[] = $db->fetcharray()) { } $ads = ''; for ($i = 0; $i < count($alladvertisements) - 1; $i++) { foreach ($alladvertisements as $field => $value) { if ($field == 'bannerID') { if (checkhttptext($alladvertisements[$i]->banner_clickURL)) { $ads .= '<div id= "banner_imgs" >'; $ads .= '<a href="' . $alladvertisements[$i]->banner_clickURL . '" >'; $ads .= '<img src= "' . makeRelativepath($alladvertisements[$i]->banner_imageurl, 7) . '" border="0" ></a>'; $ads .= '</div>'; } else { $ads .= '<div id= "banner_imgs" >'; $ads .= '<a href="http://' . $alladvertisements[$i]->banner_clickURL . '" >'; $ads .= '<img src= "' . makeRelativepath($alladvertisements[$i]->banner_imageurl, 7) . '" border="0" ></a>'; $ads .= '</div>';
session_start(); // if user is not login..redirect him to login page if (!isset($_SESSION['login'])) { header('Location: ../index.php'); } $bannerID = $_GET['bannerID']; $_SESSION['bannerID'] = $bannerID; $clientID = $_SESSION['clientID']; //print_r($_SESSION); $db = new database(); $sql = " select * from corporate_partners_imgs cp "; $sql .= " where cp.bannerID=" . intval($bannerID); if (!($result = $db->query($sql))) { die('Error:' . $db->error()); } while ($cpimages[] = $db->fetcharray()) { } $sql = " select * from corporate_partners_imgs cp , stockphotos s \r\n where cp.banner_clientID= {$clientID}\r\n and s.imageID=cp.imageID "; if (!($result = $db->query($sql))) { die('Error:' . $db->error()); } $ads = array(); while ($ads[] = $db->fetcharray()) { } /** * Populate all the corporate partners into an array.. */ $bannerurl = ''; for ($i = 0; $i < count($ads); $i++) { foreach ($ads as $field => $data) { if ($field == 'bannerID') {
<?php require 'admin/coreclass.php'; $db = new database(); $x = new online_tracker(); $x->tracker(); $gerger = new gerger_timer(); $gerger->start(); $gerger->setprecision(4); $sql = " select * from other_site_content where status='Published' and id=2 order by created desc "; if (!($result = $db->query($sql))) { die('Error:' . $db->error()); } $about = array(); while ($about[] = $db->fetcharray()) { } $db->freeresult(); $title = $about[0]->title; $body = $about[0]->body; /* * Get the default stylesheets */ include 'admin/template.configuration.php'; $stylesheet = ' themes/' . $default_template_name . '/' . $default_template_stylesheet; $db->close(); $gerger->stop(); $pagegenerated = $gerger->display(); // Generate the page now $tpl = new template_parser('themes/templates/aboutus2.tpl.php'); $tags = array('{TITLE}' => $title, '{BODY}' => $body, '{PAGE_GENERATED}' => ' ' . $pagegenerated, '{FOOTER}' => 'themes/templates/footer.tpl.php', '{STYLESHEET}' => $stylesheet); $tpl->parse_template($tags);
case 'add': $message = 'Successfully saved the quota: ' . $_SESSION['title']; break; case 'delete': $message = 'Successfully delete the quota(s)'; break; } unset($_SESSION['task']); } $db = new database(); $sql = " select * from quota order by quota asc"; if (!($result = $db->query($sql))) { die('Error:' . $db->error()); } $quota = array(); while ($quota[] = $db->fetcharray()) { } $totalrows = count($quota); $limit = 10; $paging = ceil($totalrows / $limit); $scroll = 1; $scrollnumber = 5; if (isset($_GET['page'])) { $page = $_GET['page']; } else { $page = 1; } $start = $page * $limit - $limit; $pagelink = new paging($page, $totalrows, $limit, $paging, $scroll, $scrollnumber); $j = $start + 1; for ($i = $start; $i < $start + $limit; $i++) {
if (!isset($_SESSION['login'])) { header('Location: ../index.php'); } //print_r($_SESSION); //print_r($_POST); unset($_SESSION['imageID']); // remove pre-existing sessions unset($_SESSION['bannerID']); $clientID = $_SESSION['clientID']; $db = new database(); $sql = " select * from corporate_partners_imgs cp , stockphotos s \r\n where cp.banner_clientID= {$clientID}\r\n and s.imageID=cp.imageID "; if (!($result = $db->query($sql))) { die('Error:' . $db->error()); } $ads = array(); while ($ads[] = $db->fetcharray()) { } /** * Populate all the corporate partners into an array.. */ $bannerurl = ''; for ($i = 0; $i < count($ads); $i++) { foreach ($ads as $field => $data) { if ($field == 'bannerID') { $imgurl = $ads[$i]->banner_imageurl; $bannerurl .= '<option value="' . $imgurl . '">'; //$bannerurl .= '<option value="' . $ads[$i]->imageID . '">'; $bannerurl .= makeRelativePath($imgurl, 9); $bannerurl .= '</option>'; } }
switch ($viewby) { case 'uploads': $sql = " select * from stockphotos"; break; case 'cpartners': $sql = " select * from corporate_partners_imgs "; $sql .= " where banner_clientID= " . intval($clientID); break; default: break; } if (!($result = $db->query($sql))) { die('Error:' . $db->error()); } $cpimgs = array(); while ($cpimgs[] = $db->fetcharray()) { } // display images by uploads... if ($viewby == 'uploads') { for ($i = 0; $i < count($cpimgs) - 1; $i++) { foreach ($cpimgs as $imageID => $imagename) { if ($imageID == 'imageID') { $dir_images .= '<div class = "xpthumbnail2">'; $dir_images .= '<a href="' . $cpimgs[$i]->imageID . '">'; $imageurl = makeRelativePath($cpimgs[$i]->image_filename, 4); $imageID = $cpimgs[$i]->imageID; $dir_images .= "<a href = \"javascript:openPopup('preview_image_details.php?imageID={$imageID}' ,'1024x768','toolbar=no,location=no,directories=no,status=no,menubar=no,scrollbars=yes,resizable=yes,width=200,height=200')\">"; $dir_images .= '<div class="center"><img src="' . $imageurl . '" width="50" height="65" border="0" alt ="' . $file . '"></div>'; $dir_images .= '</a>'; $dir_images .= '<br>' . makeRelativePath($imageurl, 6); $dir_images .= '<br><a href="delete_image.php?imageID=' . $cpimgs[$i]->imageID . '" ><img src="../admin/images/edit_trash.gif" border="0"></a>';
$phoneno = $_POST['phoneno']; $faxno = $_POST['faxno']; $extrainfo = $_POST['extrainfo']; $registerDate = $_SESSION['registerDate']; $address = $_POST['address']; } $db = new database(); if (isset($_POST['task'])) { switch ($_POST['task']) { case 'add': $sql = ""; break; case 'edit': $sql = "select * from corporate_partners where username = '******' and clientID !=" . $_SESSION['clickclientID']; $db->query($sql); $db->fetcharray(); if ($db->getnumrows() > 0) { echo '<script>alert("Username is already taken by someone, Please choose another username.");history.go(-2);</script>'; exit; } $sql = "select * from corporate_partners where emailadd = '{$emailadd}' and clientID !=" . $_SESSION['clickclientID']; $db->query($sql); $db->fetcharray(); if ($db->getnumrows() > 0) { echo '<script>alert("This email is already registered. If you forgot the password click on Lost your Password and new password will be sent to you.");window.history.go(-2);</script>'; exit; } break; } } /*if ( $password != $password2 ) {
} else { $sql .= " av.status = 'approved' or av.status = 'published' "; } } if ($rejected) { if ($approved) { $sql .= " or av.status = 'rejected' "; } else { $sql .= " and av.status = 'rejected' "; } } if (!($result = $db->query($sql))) { die('Error:' . $db->error()); } $reports = array(); while ($reports[] = $db->fetcharray()) { } $_SESSION['report_newsdirector_articles'] = $reports; //print_r($reports); if (!($db->getnumrows() > 0)) { $no_records_found = true; } if ($no_records_found) { $result_msg = 'No Records Found'; } else { for ($i = 0; $i < count($reports); $i++) { if ($reports[$i]->article_versionID) { $i % 2 == 0 ? $bgcolor = "" : ($bgcolor = "#F5F5F5"); $row_data .= '<tr class="tdhover" id= "tdata" bgcolor = "' . $bgcolor . '">'; $row_data .= '<td>'; $row_data .= $i + 1;
include 'configuration.php'; require 'coreclass.php'; session_start(); if (!isset($_SESSION['login'])) { header('Location: login.php'); } if (isset($_SESSION['login'])) { $userID = $_SESSION['userID']; $usertype = $_SESSION['usertype']; } $db = new database(); $id = $_GET['id']; $sql = " select * from other_site_content \r\n\t\twhere id = '{$id}' "; if (!($result = $db->query($sql))) { die('Error:' . $db->error()); } while ($content[] = $db->fetcharray()) { } $db->freeresult(); $category = $content[0]->category; $datecreated = friendlydate($content[0]->created); $author = getUser_info($content[0]->author, 'fullname'); // start generating page $tpl = new template_parser('../templates/preview_sitecontent.tpl.php'); $tags = array('{CATEGORY}' => $category, '{AUTHOR}' => $author, '{DATE_CREATED}' => $datecreated, '{TITLE}' => $content[0]->title, '{BODY}' => $content[0]->body); $tpl->parse_template($tags); print $tpl->display(); ?>
require 'admin/coreclass.php'; $db = new database(); $x = new online_tracker(); $x->tracker(); $gerger = new gerger_timer(); $gerger->start(); $gerger->setprecision(4); $articleID = $_GET['articleID']; $sql = " select * from article_versions av "; $sql .= " where av.articleID =" . intval($articleID); if (!($result = $db->query($sql))) { die('Error:' . $db->error()); } $view_article = array(); while ($view_article[] = $db->fetcharray()) { } $dateline = $view_article[0]->dateline; // get the dateline of the headline news.. $day = $view_article[0]->published_day; $month = $view_article[0]->published_month; $year = $view_article[0]->published_year; $articleID = $view_article[0]->articleID; /** * Get the other news on this category */ $categoryID = getArticle_category_info($articleID, 'categoryID'); $sql = " select * from article_versions av , "; $sql .= " article_category ac "; $sql .= " where av.stageID = '6' "; $sql .= " and ac.articleID = av.articleID ";
$x = new online_tracker(); $x->tracker(); $gerger = new gerger_timer(); $gerger->start(); $gerger->setprecision(4); /** * retrieve all the news articles on live */ $sql = " select * from article_versions av "; $sql .= " where av.stageID = '6' "; $sql .= " order by av.dateline DESC "; if (!($result = $db->query($sql))) { die('Error:' . $db->error()); } $allarticles = array(); while ($row = $db->fetcharray()) { $allarticles[] = $row; } $totalarticles = count($allarticles); /** * Get the headline news */ $sql = " select * from article_versions av , "; $sql .= " article_frontpage af "; $sql .= " where af.frontpage_sectionID = 1 "; $sql .= " and av.stageID = 6 "; $sql .= " and af.articleID = av.articleID"; //$sql .= " and av.isarchive = 1 "; $sql .= " group by av.articleID "; $sql .= " order by av.dateline desc limit 1 "; //echo $sql;
<?php require 'admin/coreclass.php'; $articleID = $_GET['articleID']; $db = new database(); $sql = "select * from article_versions "; $sql .= " where articleID=" . intval($articleID); if (!($result = $db->query($sql))) { die('Error:' . $db->error()); } while ($article[] = $db->fetcharray()) { } $db->freeresult(); $title = $article[0]->title; $author = getArticle_authors_info($article[0]->articleID, 'fullname'); $dateline = friendlyDate3($article[0]->dateline); $body = strip_tags($article[0]->article_body, ''); $doc = new document_generator('templates/preview.rtf'); $tags = array('<TITLE>' => $title, '<AUTHOR>' => $author, '<DATELINE>' => $dateline, '<BODY>' => $body); $doc->doc_tags($tags); echo $doc->display();
/** * Get current active quota */ function getActiveQuota() { $sql = "select * from quota where isdefault=1 "; $db = new database(); if (!($result = $db->query($sql))) { die('Error:' . $db->error()); } $quota = array(); if ($quota[] = $db->fetcharray()) { } return $quota[0]->quota; }
$set_template = "../templates/edit_article.tpl.php"; } break; } $n = $db->getnumrows(); $db->freeresult(); /** * Get all the tasks */ $sql = " select * from tasks where assignedto = '{$userID}' and status != 'Completed' "; if (!($result = $db->query($sql))) { die('Error:' . $db->error()); } //echo $sql; $tasks = array(); while ($row = $db->fetcharray()) { $tasks[] = $row; } $sql = "select * from article_tasks where articleID = " . $_SESSION['articleID']; $db->query($sql); $currenttask[] = $db->fetcharray(); $db->freeresult(); $tasklist = ''; foreach ($tasks as $field => $data) { if ($data->taskID == $currenttask[0]->taskID) { $tasklist .= '<option value="' . $data->taskID . '" selected >'; $tasklist .= $data->subject; $tasklist .= '</option>'; } else { $tasklist .= '<option value="' . $data->taskID . '">'; $tasklist .= $data->subject;
/** * This function will send a query to the table user_stage then, retrieve the * stages that the user has been assign.. * return the recordset in array() */ function query_data($userID) { // get this user stages of this user... $sql = "select * from user_stage us\r\n\t\twhere us.userID = " . intval($userID) . " order by us.stageID ASC "; // sort the STAGES accordingly.. $db = new database(); if (!($result = $db->query($sql))) { die('Error:' . $db->error()); } $user_stages = array(); while ($row = $db->fetcharray()) { $user_stages[] = $row; } $db->freeresult(); // simply free the result.. print 'USERNAME='******'username']; // ok pepol,, lets chek his user stages.. $sql = " select * from "; // if the user has been assign with SOME workflows... $state = 0; foreach ($user_stages as $field => $user_stage) { if ($user_stage->stageID) { switch ($user_stage->stageID) { case 1: // if the user is on writing stage, retrieve his articles $sql .= " articles a ,"; $sql .= " article_author aa "; $state = 1; // we assume that there was another stages been assign.. break; case 2: // the user is assign on editing stage.. $editing_stage = 1; break; case 3: // ..proofreading stage.. $proofreading_stage = 1; break; case 4: // ..publishinng stage.. $publishing_stage = 1; break; } } } // if this user has been assign with these stages..editing, proofreading ..etc... if ($editing_stage == 1 || $proofreading_stage == 1 || $publishing_stage == 1) { if (count($user_stages) > 1) { // this user is assign with SOME WORKFLOWS.. if ($state) { // $sql .= " ,article_versions av "; } else { // simply, first call of the article versions.. $sql .= " article_versions av "; } } else { // this user has been set with one workflows.. $sql .= " article_versions av "; } } $sql .= " where "; // WHERE CLAUSE HERE..very important!!!! $state = 0; if (count($user_stages) > 1) { // this user has been assign with SOME WORKFLOWS foreach ($user_stages as $field => $user_stage) { if ($user_stage->stageID) { switch ($user_stage->stageID) { case 1: // writer $sql .= " a.stageID = 1 "; $sql .= " and aa.userID = {$userID} "; $state = 1; break; case 2: // editor // PROBLEM : concatenation of and..ex. editor+chef if ($state) { $sql .= " and av.stageID = 2 "; } else { $sql .= " av.stageID = 2 "; } break; case 3: // editor n chief if ($state) { $sql .= " and av.stageID = 3 "; } else { $sql .= " av.stageID = 3 "; } //$sql .= " and av.modified_by = $userID "; break; case 4: // publisher $sql .= " and av.stageID = 4 "; break; } } } } else { foreach ($user_stages as $field => $user_stage) { if ($user_stage->stageID) { switch ($user_stage->stageID) { case 1: // writer $sql .= " a.stageID = 1 "; //$sql .= " and aa.userID = $userID "; break; case 2: // editor $sql .= " av.stageID = 2 "; //$sql .= " and av.modified_by = $userID "; break; case 3: // editor n chief $sql .= " av.stageID = 3 "; //$sql .= " or av.modified_by = $userID "; break; case 4: // publisher $sql .= " av.stageID = 4 "; break; } } } } print '[SQL=' . $sql; if (!($result = $db->query($sql))) { die('Error:' . $db->error()); } $query_data = array(); while ($query_data[] = $db->fetcharray()) { } print '[totalrec=' . $db->getnumrows(); //print_r($query_data ); return $query_data; $db->close(); // close connection }
<?php require '../admin/coreclass.php'; session_start(); $db = new database(); if (isset($_POST['submit'])) { $username = $_POST['username']; $password = $_POST['password']; $sql = " select * from corporate_partners "; $sql .= " where username= '******'"; $sql .= " and password = '******' "; //$sql .= " and status = '1' "; $db->query($sql); while ($result[] = $db->fetcharray()) { } if ($db->getNumRows() > 0) { // the userlogin is found..saved his userdata. if ($result[0]->status > 0) { $_SESSION['login'] = true; $_SESSION['username'] = $result[0]->username; $_SESSION['clientID'] = $result[0]->clientID; $_SESSION['clientname'] = $result[0]->clientname; header('Location: client_window.php'); } else { echo '<script>alert("Sorry, this account was blocked by the administrator. Please contact the administrator to enable the account. Thanks.");history.go(-1);</script>'; session_unset(); session_destroy(); exit; } } else { echo '<script>alert("Incorrect username or password. Please try again.");history.go(-1);</script>';
for ($i = 1; $i <= 12; $i++) { $optmonth .= '<option value ="' . date("M", mktime(0, 0, 0, $i, 1, 0)) . '">' . date("M", mktime(0, 0, 0, $i, 1, 0)) . '</option>'; } for ($i = 1; $i <= 31; $i++) { $optday .= '<option value ="' . $i . '">' . date("d", mktime(0, 0, 0, 0, $i, 0)) . '</option>'; } // TODO: bai moi kindly change the year must be DYNAMIC!! $optyear .= '<option value ="2006">' . date('Y') . '</option>'; $db = new database(); $sql = " select * from content_users where usertypeID=2 order by fullname asc"; //$sql = " select * from content_users order by fullname asc"; if (!($result = $db->query($sql))) { die('Error:' . $db->error()); } $contentwriters = array(); while ($contentwriters[] = $db->fetcharray()) { } $totalrows = count($contentwriters); $j = 1; $quota = getActiveQuota(); for ($i = 0; $i < $totalrows; $i++) { if ($contentwriters[$i]->userID) { $i % 2 == 0 ? $bgcolor = "" : ($bgcolor = "#F5F5F5"); $row_data .= '<tr class="tdhover" id= "tdata" bgcolor = "' . $bgcolor . '">'; $row_data .= '<td>'; $row_data .= $j++; $row_data .= '</td>'; if ($contentwriters[$i]->userID == $assignedto) { $row_data .= '<td>'; $row_data .= '<input type="radio" name="cid[]" id="cb' . $i . '" value="' . $contentwriters[$i]->userID . '" onClick="isChecked(this.checked)" checked/>'; $row_data .= '</td>';
*/ $sql = " select * from article_versions av , "; $sql .= " article_frontpage af , "; $sql .= " article_category ac "; $sql .= " where av.stageID = 6 "; //$sql .= " and af.frontpage_sectionID = 1 "; //$sql .= " and af.articleID = av.articleID"; $sql .= " and ac.articleID = av.articleID "; $sql .= " and ac.categoryID= " . intval($categoryID); $sql .= " group by av.articleID "; $sql .= " order by av.dateline desc limit 1"; if (!($result = $db->query($sql))) { die('Error:' . $db->error()); } $headline = array(); while ($headline[] = $db->fetcharray()) { } $db->freeresult(); // get the dateline of the headline news.. $day = $headline[0]->published_day; $month = $headline[0]->published_month; $year = $headline[0]->published_year; $articleID = $headline[0]->articleID; $fullstory = '<p><a href="view_article.php?articleID=' . $articleID . '" >FULLSTORY >></a></p>'; /** * Get the set of images of the article...( its better to have 1 image per article,, ok na!!) */ $imagesets = getArticle_imageSets($headline[0]->articleID); if (count($imagesets) > 1) { $photo = ''; $photo .= '<div id="column2">';
$articleID = $_SESSION['articleID']; $title = addslashes($_SESSION['title']); $article_body = addslashes($_SESSION['article_body']); $created = $_SESSION['created']; $d = $_SESSION['created_day']; $m = $_SESSION['created_month']; $y = $_SESSION['created_year']; $dateline = $_SESSION['dateline']; //$edited_by = $_SESSION['userID']; // MYSTERY BUG HERE... //$edited_by = 0; $stageID = $_SESSION['stageID']; //print_r($_POST); // print_r($_SESSION); $sql = "select * from article_tasks where articleID = '{$articleID}' "; $db->query($sql); while ($articletask[] = $db->fetcharray()) { } if ($db->getnumrows() > 0) { $articletaskID = $articletask[0]->taskID; /* check if the article met the deadline */ $currenttime = time(); $sql = "select * from tasks where taskID = '{$articletaskID}' "; $db->query($sql); if ($db->getnumrows() > 0) { $gettask = array(); while ($gettask[] = $db->fetcharray()) { } $duedate = $gettask[0]->enddate; if ($currenttime > $duedate) { echo '<script>alert("Sorry, the article is no longer accepted because you haven\'t met the deadline of this task which is ' . friendlydate5($duedate) . '. If you really want to submit the article kindly contact the editor.");</script>'; echo '<script>history.go(-1);</script>';
} //print_r($topiclist ); //$db->freeresult(); //print_r($_POST); if (isset($_POST['pol'])) { $ptopicid = $_POST['pol']; $date = date('Y-m-d'); $sql = "SELECT * FROM poll_topic"; $sql .= " WHERE topic_date = '{$date}' OR '{$date}' BETWEEN topic_date AND expiry_date and topic_id = '{$ptopicid}' "; //echo $sql; $db = new database(); if (!($result = $db->query($sql))) { die('Error:' . $db->error()); } $poll = array(); while ($poll[] = $db->fetcharray()) { } $topicid = $poll[0]->topic_id; $topic = $poll[0]->topic; $labels = $poll[0]->response_label; $labels = explode(",", $labels); foreach ($labels as $idx => $value) { $optlabel .= '<input name="label" type="radio" value="' . $value . '">' . $value; $optlabel .= '<br>'; } $viewpollresult .= '<input type="button" class="button2" onClick=popupWindow("' . "admin/create_poll_graph.php?topic_id=" . $topicid . '","win1",530,350,"yes","yes"); name="submit" value="Results" class="button" />'; //$viewpollresult = '<a href="#" onClick=popupWindow("' . "admin/create_poll_graph.php?topic_id=" . $topicid . '","win100",530,350,"yes","yes");>'; //$viewpollresult .= ' <b class="whitetext">Results</b>'; $viewpollresult .= '</a>'; $polls .= '<form name="pollform" method="post" action="admin/save_poll_response2.php">'; $polls .= ' <input type="hidden" name="topicid" value="' . $ptopicid . '" >';