/** * Get avatars of a list of users * * @param int[] $uids * @param string $size * @param array $attributes * * @return array */ public function getList($uids, $size = '', $attributes = array()) { $result = array(); $srcList = $this->getSourceList($uids, $size); if (false === $attributes) { return $srcList; } if (is_string($attributes)) { $attributes = array('alt' => $attributes); } elseif (!isset($attributes['alt'])) { $attributes['alt'] = ''; } foreach ($srcList as $uid => $src) { $attrs = $attributes; $adapter = $this->adapters[$uid]; if ($size && !isset($attrs['width']) && !isset($attrs['height']) && !$this->hasSizeByAdapter($size, $adapter)) { $attrs['width'] = $this->getSizeByAdapter($size, $adapter); } $attrString = ''; foreach ($attrs as $key => $val) { $attrString .= ' ' . $key . '="' . _escape($val) . '"'; } $result[$uid] = sprintf('<img src="%s"%s />', $src, $attrString); } return $result; }
/** * */ public function actionOptions() { list($type, $id, $eid) = $this->request->getList('type', 'id', 'eid'); $user = app()->find($type, $id); if (!$user instanceof User) { throw new \InvalidArgumentException("Not member"); } $data = ['item' => $user, 'eid' => $eid, 'token' => _escape($user->toTokenArray())]; $this->response = ['html' => $this->partial('platform/user/partial/admin/user/options', $data)]; }
/** * Constructor * * @param array $options */ public function __construct($options = array()) { $this->setOptions($options); if (empty($this->options['replacement']) && empty($this->options['callback'])) { $this->options['callback'] = function ($name) { $url = Pi::service('user')->getUrl('profile', array('name' => $name)); $escapedName = _escape($name); return sprintf('<a href="%s" title="%s">@%s</a>', $url, $escapedName, $escapedName); }; } }
/** * @return string */ public function toHtml() { $fileInputId = uniqid('avatar_input_'); $previewImgId = uniqid('avatar_img_'); $fileHiddenId = uniqid('avatar_hidden_'); $data = ['name' => $this->name, 'value' => _escape($this->value), 'photoUrl' => '', 'fileInputId' => $fileInputId, 'previewImgId' => $previewImgId, 'fileHiddenId' => $fileHiddenId, 'width' => '0px', 'height' => '0px', 'left' => '0px', 'top' => '0px', 'style' => '', 'opts' => ['type' => 'temp', 'id' => '']]; if (!empty($this->value)) { if (!empty($this->value['url'])) { $data['photoUrl'] = $this->value['url']; } if (!empty($this->value['options'])) { list($w, $h, $w2, $h2, $left, $top) = explode(',', $this->value['options']); $previewScale = 98.0 / intval($w2); $data['width'] = floor($w * $previewScale); $data['height'] = floor($h * $previewScale); $data['left'] = floor($left * $previewScale * -1); $data['top'] = floor($top * $previewScale * -1); $data['style'] = 'left:' . $data['left'] . 'px; top:' . $data['top'] . 'px; position:absolute;'; } } return app()->viewHelper()->partial('layout/partial/form-render/edit-avatar-field', $data); }
protected function advanced_search($category) { global $user; $z = $this->__(array('_table' => array(0), '_field' => array(0), '_input' => array(''), '_vbox' => array(0))); foreach ($z['_input'] as $i => $row) { if (!isset($z['_vbox'][$i])) { $z['_vbox'][$i] = 0; } if ($row === '') { unset($z['_input'][$i], $z['_table'][$i], $z['_field'][$i], $z['_vbox'][$i]); } } ksort($z['_vbox']); $sql = 'SELECT * FROM _search_relation r, _search_tables t, _search_categories c WHERE r.relation_id IN (' . _implode(',', $z['_field']) . ")\n\t\t\t\tAND r.relation_table = t.table_id\n\t\t\t\tAND t.table_cat = c.category_id\n\t\t\t\tAND c.category_alias = ?\n\t\t\tORDER BY r.relation_field"; if (!($relation = _rowset(sql_filter($sql, $category)))) { return $this->e('NO_TABLE_FIELDS'); } $a_where = $a_where2 = $a_from = $a_cals = $ref = w(); $i_vbox = $i_and = 0; $s_open = false; foreach ($z['_field'] as $i => $row) { $ref[$row][] = $z['_input'][$i]; } foreach ($relation as $row) { $e_tables = array_map('trim', explode(',', trim($row['relation_tables']))); foreach ($e_tables as $e_row) { if (!in_array($e_row, $a_from)) { $a_from[] = _escape($e_row); } } $e_fields = array_map('trim', explode(',', trim($row['relation_fields']))); foreach ($e_fields as $e_row) { if (!f($e_row)) { continue; } if (!in_array($e_row, $a_where)) { $a_where[] = ($i_and ? ' AND ' : '') . $e_row; } $i_and++; } if (isset($ref[$row['relation_id']])) { foreach ($ref[$row['relation_id']] as $q => $e_row) { $s_sign = 'LIKE'; if ($row['relation_input'] == 'calendar') { if (isset($a_cals[$row['relation_field']])) { $e_endcal = explode('/', $e_row); $e_row = _timestamp($e_endcal[1], $e_endcal[0], $e_endcal[2], 23, 59, 59); $s_sign = '<='; unset($a_cals[$row['relation_field']]); } else { $e_row = $this->parse_calendar('calendar', $e_row); $s_sign = '>='; $a_cals[$row['relation_field']] = 1; } } $a_where2[] = ($z['_vbox'][$i_vbox] ? 'AND' : 'OR') . ' ' . $row['relation_field'] . " " . $s_sign . " '" . _escape(str_replace('+', '%', $e_row)) . "'"; $i_vbox++; } } } $a_where_count = count($a_where2); $section = false; foreach ($a_where2 as $i => $row) { $and = strpos($row, 'AND ') !== false; $and_prev = isset($a_where2[$i - 1]) && strpos($a_where2[$i - 1], 'AND ') !== false; $and_next = isset($a_where2[$i + 1]) && strpos($a_where2[$i + 1], 'AND ') !== false; $last = $i + 1 == $a_where_count; $last_next = $i + 2 == $a_where_count; $prev_first = !($i - 1); $row = str_replace(array('AND ', 'OR '), '', $row); if (!$section && (!$i || $and && !$and_prev && !$last || $and && !$and_prev && !$and_next && !$last || !$and && $and_next || $and && $and_prev && !$and_next)) { $row = '(' . $row; $section = true; } $row = ($and ? 'AND' : 'OR') . ' ' . $row; if ($section && ($last || $and && $and_prev && $and_next || $and && $and_prev && !$and_next && !$last_next || !$and && $and_prev && $last_next && $prev_first || $i && $and && !$and_prev || $last && !$and && $and_prev)) { $row .= ')'; $section = false; } $a_where2[$i] = $row; } if ($category == 'ticket') { $groups = $user->auth_groups(); if ($groups != -1) { $a_where2[] = 'AND t.ticket_group IN (' . $groups . ') '; } else { $a_where2[] = 'AND t.ticket_contact = ' . (int) $user->v('user_id'); } } if (!count($a_where)) { $a_where2[0] = preg_replace('#^(AND|OR) (.*?)#i', '\\2', $a_where2[0]); } if (count($a_where) == 1) { $a_where2[0] = preg_replace('#^OR (.*?)#i', 'AND \\2', $a_where2[0]); } return array('from' => $a_from, 'where' => array_merge($a_where, $a_where2)); }
<?php //Test Mode - Live Server Comment following 2 line. //$_REQUEST['From']="+918460422312"; //$_REQUEST['Body']="Test Static Data"; $apiPD = new apiPipeDrive(); $apiCall = new apiCall(); $phone_value = urldecode($_REQUEST['From']); $phone_value = last10Char($phone_value); $payload = file_get_contents('php://input'); $activity_data = qs("select * from activity_log where phone_last10 like '%{$phone_value}%' order by id desc"); if (isset($activity_data)) { $fields['subject'] = 'SMS - Replied By Customer'; $fields['done'] = '1'; $fields['type'] = 'text'; $fields['deal_id'] = $activity_data['deal_id']; // Test Deal Id - $fields['deal_id'] = '4586'; $fields['person_id'] = $activity_data['person_id']; $fields['org_id'] = $activity_data['org_id']; $fields['note'] = _escape(urldecode($_REQUEST['Body'])); $data = $apiPD->createActivity($fields); qi('test', array('payload' => $data)); } qi('test', array('payload' => $payload, 't' => $_REQUEST['From'])); die;
<?php /** * Admin side Login file * * * @version 1.0 * @package LySoft * */ $login_error = ''; if ($_REQUEST['submit']) { if ($_REQUEST['email'] || $_REQUEST['email'] != '') { $user_name = _escape($_REQUEST['email']); $password = _escape($_REQUEST['password']); if (User::doLogin($user_name, $password)) { User::setSession($user_name); } else { //$error = "Invalid Login"; $login_error = 1; } } else { //$error = "Invalid Login"; $login_error = 1; } } if (isset($_SESSION['user'])) { _R(lr('pipedrive-dashboard-source')); } //$login_action_url = lr('login'); $no_visible_elements = true;
<form class="form-horizontal margin-none" action="<?php echo get_base_url(); ?> templates/" id="validateSubmitForm" method="post" autocomplete="off"> <!-- Modal heading --> <div class="modal-header"> <button type="button" class="close" data-dismiss="modal" aria-hidden="true">×</button> <h3 class="modal-title"><?php echo _t('Update Username'); ?> </h3> </div> <!-- // Modal heading END --> <div class="modal-body"> <textarea id="uname" class="col-md-8 form-control" name="update_username" rows="10"><?php echo _escape(get_option('update_username')); ?> </textarea> </div> <div class="modal-footer"> <button type="submit" class="btn btn-icon btn-default"><i></i><?php echo _t('Update'); ?> </button> <a href="#" data-dismiss="modal" class="btn btn-primary"><?php echo _t('Cancel'); ?> </a> </div> </form> </div>
/** * inserts data to $table from one array at a time. * prepend value with "\" to denote SQL, e.g. 'current_time'=>'\NOW()' * <br> * create('table',array('name'=>'John'),array('name'=>'Jane','surname'=>'Doe'), ...); */ function create() { global $config; $params = func_get_args(); $table = array_shift($params); while (($ary = array_shift($params)) !== null) { foreach ($ary as $key => $value) { $value = _escape($value); $ary[] = "VALUES(" . implode(',', $ary) . ")"; } execute("INSERT INTO " . _wrap($table) . " (" . $config['escape'] . implode(_wrap(','), array_keys($ary)) . $config['escape'] . ") VALUES(" . implode(",", array_values($ary)) . ");"); } }
$al->stuID = $id; $al->acadProgCode = _trim($_POST['acadProgCode']); $al->acadLevelCode = _trim($_POST['acadLevelCode']); $al->addDate = $app->db->NOW(); /** * Fires before new student record is created. * * @since 6.1.07 * @param int $id Student's ID. */ $app->hook->do_action('pre_save_stu', $id); if ($student->save() && $sacp->save() && $al->save()) { if (_h(get_option('send_acceptance_email')) == 1) { $host = strtolower($_SERVER['SERVER_NAME']); $site = _t('myeduTrac :: ') . _h(get_option('institution_name')); $message = _escape(get_option('student_acceptance_letter')); $message = str_replace('#uname#', $nae->uname, $message); $message = str_replace('#fname#', $nae->fname, $message); $message = str_replace('#lname#', $nae->lname, $message); $message = str_replace('#name#', get_name($id), $message); $message = str_replace('#id#', $id, $message); $message = str_replace('#email#', $nae->email, $message); $message = str_replace('#sacp#', _trim($_POST['acadProgCode']), $message); $message = str_replace('#acadlevel#', _trim($_POST['acadLevelCode']), $message); $message = str_replace('#degree#', $degree->degreeCode, $message); $message = str_replace('#startterm#', $appl->startTerm, $message); $message = str_replace('#adminemail#', _h(get_option('system_email')), $message); $message = str_replace('#url#', get_base_url(), $message); $message = str_replace('#helpdesk#', _h(get_option('help_desk')), $message); $message = str_replace('#currentterm#', _h(get_option('current_term_code')), $message); $message = str_replace('#instname#', _h(get_option('institution_name')), $message);
/** * Renders errors * * @param string $title * @param array $errors * * @param string $type * * @return string */ protected function renderMessage($title, $errors = array(), $type = 'error') { switch ($type) { case 'error': $class = 'danger'; break; default: $class = $type ?: 'info'; break; } if (!$errors) { $message = _escape($title); } else { $patternPanel = <<<'EOT' <div class="panel panel-%s"> <div class="panel-heading">%s</div> <ul class="list-group"> %s </ul> </div> EOT; $patternList = <<<'EOT' <li class="list-group-item">%s</li> EOT; $list = ''; foreach ($errors as $error) { $list .= sprintf($patternList, _escape($error)) . PHP_EOL; } $message = sprintf($patternPanel, $class, _escape($title), $list); } return $message; }
<?php if (isset($_REQUEST['sendMessage'])) { include _PATH . "/TextMagic/TextMagicAPI.php"; $api = new TextMagicAPI(array("username" => "davejay", "password" => "uUXgZoOkpG")); $text = _escape($_REQUEST['txtMessage']); $phones = array($_REQUEST['ddlPhone']); $results = $api->send($text, $phones, true); $messageId = ''; $phone = ''; if (isset($results['messages'])) { foreach ($results['messages'] as $key => $value) { $messageId = $key; $phone = $value; } $conv_fields = array(); $conv_fields['deal_id'] = $_REQUEST['hidDealId']; $conv_fields['message_id'] = $messageId; $conv_fields['receiver'] = $phone; $conv_fields['receiver_last10'] = last10Char($phone); $conv_fields['type'] = 'SENT'; $conv_fields['text'] = $results['sent_text']; $conv_fields['messageTime'] = _mysqlDate(); $text_conv_list = q("select id from text_conversation where message_id='{$messageId}'"); if (count($text_conv_list) == 0) { qi("text_conversation", $conv_fields); } else { qu("text_conversation", $conv_fields, "message_id='{$messageId}'"); } } echo "success";
$sess = _h($r['id']); /** * Use the savedQuery from $q1 to retrieve results * to input into the email_queue table for processing. */ if (count($r['fromEmail']) > 0) { if (count($q2) <= 0) { $q = $hold1->find(function ($data) { $array = []; foreach ($data as $d) { $array[] = $d; } return $array; }); foreach ($q as $v) { $body = _escape($r['body']); $body = str_replace('#uname#', _h($v['uname']), $body); $body = str_replace('#email#', _h($v['email']), $body); $body = str_replace('#fname#', _h($v['fname']), $body); $body = str_replace('#lname#', _h($v['lname']), $body); $body = str_replace('#personID#', _h($v['personID']), $body); $queue = $app->db->email_queue(); $queue->personID = _h($r['personID']); $queue->uname = _h($v['uname']); $queue->lname = _h($v['lname']); $queue->email = _h($v['email']); $queue->fname = _h($v['fname']); $queue->fromName = _h($r['fromName']); $queue->fromEmail = _h($r['fromEmail']); $queue->subject = _h($r['subject']); $queue->holdID = _h($r['id']);
/** * */ public function actionOptions() { $vars = ['canEditPost' => false, 'canEditPrivacy' => false, 'canDelete' => false, 'canReport' => true, 'canSave' => false, 'canHide' => true, 'canHideTimeline' => false, 'canEmbed' => false, 'canFollow' => false, 'canSubscribe' => true]; list($id, $eid) = $this->request->getList('id', 'eid'); $feed = app()->find('platform_feed', $id); $context = ['profileId' => $this->request->getString('profileId'), 'profileType' => $this->request->getString('profileType'), 'type' => $feed->getType(), 'id' => $feed->getId(), 'eid' => $eid, 'isMainFeed' => $this->request->getString('isMainFeed', false)]; $followService = app()->followService(); if (!$feed instanceof Feed) { } $parent = app()->find($feed->getParentType(), $feed->getParentId()); $poster = app()->find($feed->getPosterType(), $feed->getPosterId()); if (!$poster instanceof PosterInterface) { } $viewer = app()->auth()->getViewer(); if (!$viewer) { return new AuthorizationRestrictException("Login required"); } $about = $feed->getAbout(); $vars['subscribed'] = app()->notificationService()->isSubscribed($viewer, $about) ? 1 : 0; $vars['hidden'] = app()->feedService()->isHidden($viewer->getId(), $feed->getId()) ? 1 : 0; if (!$context['isMainFeed'] && !$parent->viewerIsPoster()) { $vars['canHideTimeline'] = true; } /** * owner of this post */ if ($poster->getId() == $viewer->getId()) { $vars['canFollow'] = false; $vars['canReport'] = false; $vars['canEditPost'] = true; $vars['canDelete'] = true; } else { $vars['canFollow'] = true; if ($followService->isFollowed($viewer, $poster)) { $vars['following'] = 1; $vars['followLabel'] = app()->text('core.unfollow_$poster', ['$poster' => substr($poster->getTitle(), 0, 15)]); } else { $vars['following'] = 0; $vars['followLabel'] = app()->text('core.follow_$poster', ['$poster' => substr($poster->getTitle(), 0, 15)]); } if (!in_array($feed->getAboutType(), ['activity.story', 'share'])) { $vars['canSave'] = true; $vars['saveThisLabel'] = app()->text('core.save_this_' . str_replace('.', '_', $feed->getAboutType())); } } $vars['context'] = $context; $vars['jsonContext'] = _escape(json_encode($context)); /** * owner of parent */ if ($viewer->getId() == $parent->getUserId() || $viewer->getId() == $parent->getUserId()) { $vars['canDelete'] = true; $vars['canEditPrivacy'] = true; } $vars['simpleAttrs'] = ['type' => $feed->getType(), 'id' => $feed->getId()]; $this->response['vars'] = $vars; $this->response['html'] = $this->partial('platform/feed/partial/feed-options', $vars); }
$cell = _escape(trim($_REQUEST['cell'])); $group = _escape(trim($_REQUEST['group'])); $affected_row = -1; /*if ($phone || $cell) { $affected_row = qu('pd_users', array("phone" => $phone,"cell" => $cell,"group" => $group), " id = '{$agent_id}' "); }else{ $affected_row=0; }*/ $affected_row = qu('pd_users', array("phone" => $phone, "cell" => $cell, "group" => $group), " id = '{$agent_id}' "); echo $affected_row; die; } if ($_REQUEST['doUpdateAgent']) { $agent_id = _escape($_REQUEST['doUpdateAgent']); $value = _escape($_REQUEST['value']); if ($value) { qu('pd_users', array("phone" => $value), " id = '{$agent_id}' "); } die; } if ($_REQUEST['doUpdateAgentCell']) { $agent_id = _escape($_REQUEST['doUpdateAgentCell']); $value = _escape($_REQUEST['value']); if ($value) { qu('pd_users', array("cell" => $value), " id = '{$agent_id}' "); } die; } $agents = q("select * From pd_users where is_active='1' order by name asc "); _cg("page_title", "Pipedrive Agents List"); $jsInclude = "agents.js.php";
/** * Renders breadcrumbs content * * @param array $options * * @return string */ public function render(array $options = array()) { $result = ''; $data = array(); $module = isset($options['module']) ? $options['module'] : $this->module; $module = $module ?: Pi::service('module')->current(); $class = sprintf('Custom\\%s\\Api\\Breadcrumbs', ucfirst($module)); if (!class_exists($class)) { $directory = Pi::service('module')->directory($module); $class = sprintf('Module\\%s\\Api\\Breadcrumbs', ucfirst($directory)); } if (class_exists($class)) { $bcHandler = new $class($module); $data = $bcHandler->load(); } if ($data) { $prefix = isset($options['prefix']) ? $options['prefix'] : $this->prefix; $data = array_merge($prefix, $data); $separator = isset($options['separator']) ? $options['separator'] : $this->separator; $attribs = isset($options['attributes']) ? $options['attributes'] : $this->attributes; $pattern = '<ol class="breadcrumb"%s>' . PHP_EOL . '%s' . PHP_EOL . '</ol>'; $patternLink = '<li><a href="%s">%s</a></li>' . PHP_EOL; $patternLabel = '<li>%s</li>' . PHP_EOL; $elements = ''; foreach ($data as $item) { if (empty($item['href'])) { $elements .= sprintf($patternLabel, _escape($item['label'])); } else { $elements .= sprintf($patternLink, $item['href'], _escape($item['label'])); } } $attributes = $attribs ? $this->htmlAttribs($attribs) : ''; $result = sprintf($pattern, $attributes, $elements); } return $result; }
/** * array( 'state' => $each_trip['tripState'], 'name' => $each_trip['driverName'], 'number' => $each_trip['driverNumber'], 'tripTime' => $each_trip['tripTime'], 'wakeUpTime' => $newTime ) * @param type $data */ function doScheduleNightBeforeText($data) { $existingData = qs("select * from manualtextscheduler where tripCode = '{$data['tripCode']}' AND sentTime != '0000-00-00 00:00:00' "); if (!empty($existingData)) { _l(" Day Prior Text is already sent.. so not logging the Day Prior Text"); return; } _l(" Logging the Day Prior Text "); //Hi Hung, tomorrow your wakeup text will arrive at 4:45am for garage out at 7:15am. Please reply promptly $textArriveTime = date("m/d h:ia", strtotime($data['wakeUpTime'])); $tripTime = date("m/d h:ia", strtotime($data['tripTime'])); //$text = "Hi {$data['name']}, your wakeup text will arrive at {$textArriveTime} for garage out at {$tripTime}. Please reply promptly"; // New text from danielle 07/02/2015 // "Good Evening. Your scheduled "Garage Out" time is scheduled for _____ . Please report to base 10 minutes prior for pre-flight inspection. Your wake up text is scheduled for ______. Thank you and have a safe trip!" $text = "Good Evening. Your scheduled Garage Out time is scheduled for {$tripTime} . Please report to base 10 minutes prior for pre-flight inspection. Your wake up text is scheduled for {$textArriveTime}. Thank you and have a safe trip!"; $timeZone = resolveTimeZoneFromState($data['state']); $dayBeforeTime = resolveDayBeforeTime($data['tripTime']); qi('manualtextscheduler', array('textMessage' => _escape($text), 'textNumber' => $data['number'], 'tripCode' => $data['tripCode'], 'textTime' => $dayBeforeTime, 'sentTime' => '0000-00-00 00:00:00', 'textTimeZone' => $timeZone), 'REPLACE'); }
/** * Render a tag * * @param string $tag * @param string $module * @param string $type * * @return string */ public function render($tag, $module = null, $type = '') { $url = $this->url($tag, $module, $type); $html = '<a href="' . $url . '" title="' . _escape($tag) . '" target="_blank">' . _escape($tag) . '</a>'; return $html; }
$i = 0; while ($i < $size) { $q2 = $app->db->stu_rgn_cart(); $q2->stuID = get_persondata('personID'); $q2->courseSecID = $_POST['courseSecID'][$i]; $q2->deleteDate = $deleteDate; if ($q2->save()) { $app->flash('success_message', $flashNow->notice(200)); } else { $app->flash('error_message', $flashNow->notice(409)); } ++$i; redirect(get_base_url() . 'courses/cart' . '/'); } } $terms = _escape(get_option('open_terms')); if (function_exists('create_payment_plan') && isStudent(get_persondata('personID'))) { $sect = $app->db->course_sec()->setTableAlias('a')->select('a.courseSecID,a.courseSecCode,a.secShortTitle,a.dotw')->select('a.startTime,a.endTime,a.minCredit,a.termCode')->select('a.courseFee,a.labFee,a.materialFee,a.facID')->select('a.comment,a.courseSection,b.locationName,c.courseDesc')->_join('location', 'a.locationCode = b.locationCode', 'b')->_join('course', 'a.courseID = c.courseID', 'c')->_join('prog_crse', 'c.courseCode = d.crseCode', 'd')->_join('stu_program', 'd.progCode = e.acadProgCode', 'e')->where('e.stuID = ?', get_persondata('personID'))->_and_()->where('a.currStatus = "A"')->_and_()->where('a.webReg = "1"')->_and_()->where('a.termCode IN(' . $terms . ')'); } else { $sect = $app->db->course_sec()->setTableAlias('a')->select('a.courseSecID,a.courseSecCode,a.secShortTitle,a.dotw')->select('a.startTime,a.endTime,a.minCredit,a.termCode')->select('a.courseFee,a.labFee,a.materialFee,a.facID')->select('a.comment,a.courseSection,b.locationName,c.courseDesc')->_join('location', 'a.locationCode = b.locationCode', 'b')->_join('course', 'a.courseID = c.courseID', 'c')->where('a.currStatus = "A"')->_and_()->where('a.webReg = "1"')->_and_()->where('a.termCode IN(' . $terms . ')'); } $q = $sect->find(function ($data) { $array = []; foreach ($data as $d) { $array[] = $d; } return $array; }); $app->view->display('courses/index', ['title' => 'Search Courses', 'cssArray' => $css, 'jsArray' => $js, 'sect' => $q]); }); $app->get('/cart/', function () use($app, $css, $js) {
$agent_numbers = $apiPD->getAgentByDealSource($deal_source['pd_source_id']); if (count($agent_numbers) == 0) { ?> <Response> <Say>Thank you for calling Lysoft dot Com. We are sorry for can't handle your call. Please Try Later.</Say> </Response> <?php } else { ?> <Response> <Say>Thank you for calling Lysoft dot Com.</Say> <Say>We are connecting to our agents. Please wait a moment.</Say> <Dial> <?php foreach ($agent_numbers as $each_agent) { ?> <Number><?php echo $each_agent; ?> </Number> <?php } ?> </Dial> </Response> <?php } $payload = file_get_contents('php://input'); qi("test", array("payload" => _escape($payload))); die;
*/ $app->hook->do_action('update_application_db_table', $appl); if ($appl->update()) { $app->flash('success_message', $flashNow->notice(200)); etsis_logger_activity_log_write('Update Record', 'Application', get_name($_POST['personID']), get_persondata('uname')); } else { $app->flash('error_message', $flashNow->notice(409)); } $uname = $app->db->person(); $uname->uname = $_POST['uname']; $uname->where('personID = ?', $_POST['personID']); if ($uname->uname !== $_POST['uname']) { if ($uname->update()) { $host = strtolower($_SERVER['SERVER_NAME']); $site = _h(get_option('institution_name')); $message = _escape(get_option('update_username')); $message = str_replace('#uname#', getUserValue($_POST['personID'], 'uname'), $message); $message = str_replace('#fname#', getUserValue($_POST['personID'], 'fname'), $message); $message = str_replace('#lname#', getUserValue($_POST['personID'], 'lname'), $message); $message = str_replace('#name#', get_name($_POST['personID']), $message); $message = str_replace('#id#', $_POST['personID'], $message); $message = str_replace('#altID#', getUserValue($_POST['personID'], 'altID'), $message); $message = str_replace('#url#', get_base_url(), $message); $message = str_replace('#helpdesk#', _h(get_option('help_desk')), $message); $message = str_replace('#instname#', _h(get_option('institution_name')), $message); $message = str_replace('#mailaddr#', _h(get_option('mailing_address')), $message); $headers = "From: {$site} <dont-reply@{$host}>\r\n"; $headers .= "X-Mailer: PHP/" . phpversion(); $headers .= "MIME-Version: 1.0" . "\r\n"; $headers .= "Content-type:text/html;charset=UTF-8" . "\r\n"; $email->etsis_mail(getUserValue($_POST['personID'], 'email'), _t("myeduTrac Username Change"), $message, $headers);
<td><strong><?php echo _t('Description:'); ?> </strong></td> <td><?php echo _escape($v['courseDesc']); ?> </td> </tr> <tr> <td><strong><?php echo _t('Comment:'); ?> </strong></td> <td><?php echo _h(_escape($v['comment'])); ?> </td> </tr> <tr> <td><strong><?php echo _t('Course Fee:'); ?> </strong></td> <td><?php echo money_format('%i', _h($v['courseFee'])); ?> </td> </tr> <tr> <td><strong><?php
/** * Clean a string by stripping HTML tags * and removing unrecognizable characters * * @param string $text Text to be cleaned * @param string|null $replacement Replacement for stripped characters * @return string */ function _strip($text, $replacement = null) { $pattern = array("\t", "\r\n", "\r", "\n", "'", "\\", ' ', ',', '.', ';', ':', ')', '(', '"', '?', '!', '{', '}', '[', ']', '<', '>', '/', '+', '-', '_', '*', '=', '@', '#', '$', '%', '^', '&'); $replacement = null === $replacement ? ' ' : $replacement; // Strip HTML tags $text = $text ? strip_tags($text) : ''; // Sanitize $text = $text ? _escape($text) : ''; // Clean up $text = $text ? preg_replace('`\\[.*\\]`U', '', $text) : ''; $text = $text ? preg_replace('`&(amp;)?#?[a-z0-9]+;`i', '', $text) : ''; $text = $text ? preg_replace('/&([a-z])' . '(acute|uml|circ|grave|ring|cedil|slash|tilde|caron|lig);/i', '\\1', $text) : ''; $text = $text ? str_replace($pattern, $replacement, $text) : ''; return $text; }
/** * Change of Address Email * * Function used to send change of address to * appropriate staff member. * * @since 6.2.11 */ function etsis_nodeq_change_address() { $app = \Liten\Liten::getInstance(); $email = _etsis_email(); $host = $app->req->server['HTTP_HOST']; $site = _t('myeduTrac :: ') . _h(get_option('institution_name')); // Creates node's schema if does not exist. Node::dispense('change_address'); try { $sql = Node::table('change_address')->where('sent', '=', 0)->findAll(); if ($sql->count() == 0) { Node::table('change_address')->delete(); } $numItems = $sql->count(); $i = 0; if ($sql->count() > 0) { foreach ($sql as $r) { $message = _escape(get_option('coa_form_text')); $message = str_replace('#uname#', _h($r->uname), $message); $message = str_replace('#fname#', _h($r->fname), $message); $message = str_replace('#lname#', _h($r->lname), $message); $message = str_replace('#name#', get_name(_h($r->personid)), $message); $message = str_replace('#id#', _h($r->personid), $message); $message = str_replace('#address1#', _h($r->address1), $message); $message = str_replace('#address2#', _h($r->address2), $message); $message = str_replace('#city#', _h($r->city), $message); $message = str_replace('#state#', _h($r->state), $message); $message = str_replace('#zip#', _h($r->zip), $message); $message = str_replace('#country#', _h($r->country), $message); $message = str_replace('#phone#', _h($r->phone), $message); $message = str_replace('#email#', _h($r->email), $message); $message = str_replace('#adminemail#', _h(get_option('system_email')), $message); $message = str_replace('#url#', get_base_url(), $message); $message = str_replace('#helpdesk#', _h(get_option('help_desk')), $message); $message = str_replace('#currentterm#', _h(get_option('current_term_code')), $message); $message = str_replace('#instname#', _h(get_option('institution_name')), $message); $message = str_replace('#mailaddr#', _h(get_option('mailing_address')), $message); $headers = "From: {$site} <auto-reply@{$host}>\r\n"; $headers .= "X-Mailer: PHP/" . phpversion(); $headers .= "MIME-Version: 1.0" . "\r\n"; $headers .= "Content-type:text/html;charset=UTF-8" . "\r\n"; $email->etsis_mail(_h(get_option('contact_email')), _t('Change of Address Request'), $message, $headers); $upd = Node::table('change_address')->find(_h($r->id)); $upd->sent = 1; $upd->save(); if (++$i === $numItems) { //If we reach the last item, send user a desktop notification. etsis_push_notify('Change of Address', 'Request has been submitted.'); } } } } catch (\Exception $e) { return new \app\src\Core\Exception\Exception($e->getMessage(), 'NodeQ'); } }
if (strstra(strtolower($_POST['qtext']), forbidden_keyword())) { $app->flash('error_message', 'Your query contains a forbidden keywork, please try again.'); redirect($app->req->server['HTTP_REFERER']); exit; } if ($type == "query") { $qtext2 = str_replace("\\", " ", $qtext); /* Write to activity log table. */ etsis_logger_activity_log_write("Query", "SQL Interface", $qtext2, get_persondata('uname')); if ($result = $pdo->query("{$qtext2}")) { echo _t("Successly Executed - "); } else { echo "<font color=red>Not able to execute the query<br>Either the \n\t\t\t\t\t\t\t\ttable does not exist or the query is malformed.</font><br><br>"; } echo _t("Query is : "); echo "<font color=blue>" . _escape($qtext2) . "</font>\n"; echo "<table class=\"dynamicTable tableTools table table-striped table-bordered table-condensed table-white\">\n\t\t\t\t\t\t<thead>\n\t\t\t\t\t\t<tr>\n"; foreach (range(0, $result->columnCount() - 1) as $column_index) { $meta[] = $result->getColumnMeta($column_index); echo "<th>" . $meta[$column_index]['name'] . "</th>"; } echo "</tr>\n</thead>\n"; $vv = true; while ($row = $result->fetch(\PDO::FETCH_NUM)) { if ($vv === true) { echo "<tr>\n"; $vv = false; } else { echo "<tr>\n"; $vv = true; }
<!-- Modal heading --> <div class="modal-header"> <button type="button" class="close" data-dismiss="modal" aria-hidden="true">×</button> <h3 class="modal-title"><?php echo _t('Welcome Message'); ?> </h3> </div> <!-- // Modal heading END --> <!-- Modal body --> <div class="modal-body"> <!-- Group --> <div class="form-group"> <div class="col-md-12"> <textarea name="myet_welcome_message" class="form-control" rows="5"><?php echo _escape(get_option('myet_welcome_message')); ?> </textarea> </div> </div> <!-- // Group END --> </div> <!-- // Modal body END --> <!-- Modal footer --> <div class="modal-footer"> <button type="submit" class="btn btn-default"><?php echo _t('Save'); ?> </button> <a href="#" class="btn btn-primary" data-dismiss="modal"><?php echo _t('Cancel');
<?php $conv_fields = array(); $conv_fields['message_id'] = isset($_REQUEST['id']) ? $_REQUEST['id'] : ''; $conv_fields['text'] = isset($_REQUEST['text']) ? _escape($_REQUEST['text']) : ''; $conv_fields['sender'] = isset($_REQUEST['sender']) ? $_REQUEST['sender'] : ''; $conv_fields['sender_last10'] = isset($_REQUEST['sender']) ? last10Char($_REQUEST['sender']) : ''; $last_conv = qs("select * from text_conversation where receiver_last10='{$conv_fields['sender_last10']}' order by id desc limit 0,1"); $conv_fields['deal_id'] = isset($last_conv['deal_id']) ? $last_conv['deal_id'] : "-"; $conv_fields['type'] = 'RECEIVED'; $conv_fields['messageTime'] = _mysqlDate(); $conv_fields['receiver'] = isset($_REQUEST['receiver']) ? $_REQUEST['receiver'] : ''; $conv_fields['receiver_last10'] = isset($_REQUEST['receiver']) ? last10Char($_REQUEST['receiver']) : ''; qi("text_conversation", $conv_fields); die;