$_cat_parent = ""; $c["mark"] = $_mark = checkRequest("mark"); if ($_mark) { $c['current_mark'] = getMark($_mark); } $c["group"] = $_group = checkRequest("group"); if ($_group) { $c['current_group'] = getGroup($_group); } $_group_parent = ""; $c["model"] = $_model = checkRequest("model"); if ($_model) { $c['current_model'] = getModel($_model); } $c["modification"] = $_modification = checkRequest("modification"); if (checkRequest("update_catalog") == true) { $xml = simplexml_load_file($_SERVER["DOCUMENT_ROOT"] . "/tools/autoru_catalog/catalog.xml"); $all_categories = $xml->categories->rec; $all_marks = $xml->marks->rec; $all_groups = $xml->groups->rec; $all_models = $xml->models->rec; $all_modifications = $xml->modifications->rec; $all_tech_names = $xml->tech_names->rec; $all_tech_values = $xml->tech_values->rec; foreach ($all_categories as $category) { $id = (int) $category->id; $name = mysql_real_escape_string(urldecode($category->name)); $parent = (int) $category->parent_id; $categories_sql_arr[$id] = trim("('{$id}', '{$name}', '{$parent}')"); } foreach ($all_marks as $mark) {
if (empty($emailDest)) { return 'No email sent.'; } return False; } if (php_sapi_name() === 'cli') { return; } global $config; if ($error = checkConfiguration()) { echo $error; exit; } $idData = $_REQUEST["data"]; $emailDest = $_REQUEST["email"]; if ($error = checkRequest($idData, $emailDest)) { echo $error; exit; } $book = Book::getBookByDataId($idData); $data = $book->getDataById($idData); if (filesize($data->getLocalPath()) > 10 * 1024 * 1024) { echo 'Attachment too big'; exit; } $mail = new PHPMailer(); $mail->IsSMTP(); $mail->Timeout = 30; // 30 seconds as some files can be big $mail->Host = $config['cops_mail_configuration']["smtp.host"]; if (!empty($config['cops_mail_configuration']["smtp.secure"])) {
<?php require_once $_SERVER["DOCUMENT_ROOT"] . "/lib/dblayer.php"; require_once $_SERVER["DOCUMENT_ROOT"] . "/subs.php"; require_once $_SERVER["DOCUMENT_ROOT"] . "/conf.inc.php"; $db = new DBLayer($CNF["db_host"], $CNF["db_user"], $CNF["db_pass"], $CNF["db_name"]); $db->query("SET NAMES utf8"); $action = checkRequest("action"); $domain = checkRequest("domain"); $username = checkRequest("username"); $user_id = getUserByUsername($username)['uid']; if ($user_id < 1) { $user_id = createUser($username); } $workstation = mb_strtolower(checkRequest("workstation"), "UTF-8"); $ip = trim(checkRequest("ip")); $workstation_id = strlen($workstation) > 0 ? checkWorkstation($workstation, $ip) : null; switch ($action) { case "start": logonWorkstation($workstation_id, $ip); break; case "shutdown": echo "ws: {$workstation_id}, IP: {$ip}"; logoffWorkstation($workstation_id); break; case "logon": echo $workstation_id; logonWorkstation($workstation_id, $ip); logonUser($user_id, $domain, $workstation_id); break; case "logoff":
if (substr($message, 0, 3) == '/cl') { $crop = 3; } $source = substr($message, $crop); $source = str_replace(',', '.', $source); $badRequest = false; if (substr($message, 0, 12) == '/cl@SkillClosebot') { $crop = 12; } if (substr($message, 0, 3) == '/cl') { $crop = 3; } $source = substr($message, $crop); $source = str_replace(',', '.', $source); $badRequest = false; if ($crop || $chat == $user && substr($message, 0, 1) != '/') { if (checkRequest($source)) { $result = 0; if (eval('$result = ' . $source . ';') === false) { $badRequest = true; } else { $source = ' = ' . $source; file_get_contents('https://api.telegram.org/bot' . $token . '/sendMessage?chat_id=' . $chat . '&text=' . $result . prepareStringForReturn($source)); } } else { $badRequest = true; } } if ($badRequest) { file_get_contents('https://api.telegram.org/bot' . $token . '/sendMessage?chat_id=' . $chat . '&text=Bad%20request:%20' . prepareStringForReturn($source) . '%0atype%20/help@SkillClosebot'); }
} else { $result['msg'] = "Не могу сохранить фильтр :("; } break; case 'deleteFilter': $filter_id = check_string($_REQUEST['filter_id'], 'digits'); $query_delete_filter = $db->query("DELETE FROM `helpdesk_filter` WHERE `id`='{$filter_id}'"); if ($query_delete_filter) { $result['success'] = true; $result['msg'] = "Фильтр успешно удалён"; } else { $result['msg'] = "Не получилось удалить {$filter_id} фильтру :("; } break; case 'setDefaultFilter': $filter_id = checkRequest("filter_id"); $user_id = $admin_login["uid"]; $query_setting = $db->query("SELECT `settings` FROM `users` WHERE `uid`='{$user_id}'"); if ($query_setting) { $settings = $db->result($query_setting); if ($settings != "") { $settings_arr = json_decode($settings, true); } $settings_arr["helpdesk_def_filter"] = $filter_id; $settings_sql = json_encode($settings_arr); $query_upd_settings = $db->query("UPDATE `users` SET `settings`='{$settings_sql}' WHERE `uid`='{$user_id}'"); if ($query_upd_settings) { $result['success'] = true; $result['msg'] = "Фильтр по умолчанию изменён"; } } else {
<?php ini_set("display_errors", 1); error_reporting(E_ALL ^ E_NOTICE); session_start(); require_once $_SERVER["DOCUMENT_ROOT"] . "/subs.php"; require_once $_SERVER["DOCUMENT_ROOT"] . "/conf.inc.php"; require_once $_SERVER["DOCUMENT_ROOT"] . "/lib/dblayer.php"; $result['msg'] = "Unknown error"; $result['success'] = false; if ($admin_login = isAuthorized()) { $action = checkRequest("action"); switch ($action) { case "getBurningCounts": $result = getBurnedCounts($admin_login['uid']); break; } } print_r(json_encode($result));
public function testCheckRequestNoEmail() { $this->assertStringStartsWith("No", checkRequest(12, NULL)); }
$c['sections'] = $TITLE; $area_filter = checkRequest("area", 2); if ($area_filter >= 0) { $c["area_filter"] = $area_filter; $area_ip = $IP[$area_filter]; $areas = getAreas(); $areas[2] = "Все"; $c["areas"] = $areas; } $c['r'] = checkRequest("r", 20); //Rows (per page) $c['page'] = checkRequest("page", 0); // № текущей страницы $c['ob'] = checkRequest("ob", "name"); // order_by $c['od'] = checkRequest("od"); // order_desc $c['computers'] = getComputers($area_filter, $c['r'], $c['page'], $c['ob'], $c['od']); $c['computers_online'] = getOnlineComputers(); $c['users'] = $users; $c['users_online'] = getOnlineUsersByComputers(); $c['count'] = getComputersCount($area_filter); $c['pages'] = ceil($c['count'] / $c['r']); // Сортировка по умолчанию if (strlen($c['ob']) < 1) { $c['ob'] = $default_order; $c['od'] = 0; } echo $twig->render('computers.twig', $c); } else { authorize();
} } elseif (isset($_REQUEST['ticket'])) { $section = 'ticket_view'; $id = checkRequest('ticket'); $rating = checkRequest('r'); if ($rating > 0) { $message = rateTicket($uid, $id, $rating); $c['msg_type'] = $message['success'] ? 'success' : 'error'; $c['msg'] = $message['msg']; } $c['ticket'] = getTicket($id); $c['pagename'] = '#' . $c['ticket']['id'] . '. ' . $c['ticket']['title'] . ' :: Задачник'; $c['ticket']['performers'] = explode(',', $c['ticket']['performers']); } elseif (isset($_REQUEST['save'])) { $title = checkRequest('title'); $description = checkRequest('description'); if (isset($uid) and isset($title) and isset($description)) { $description .= "\n\n-----\nКомпьютер:\t{$c['usercomp']}\nОС:\t\t\t{$c['useros']}\nБраузер:\t{$_SERVER['HTTP_USER_AGENT']}"; $query_add = $db->query("INSERT INTO helpdesk ( `created`, `creator`, `title`, `description` )\r\n VALUES ( NOW(), '{$uid}', '{$title}', '{$description}')"); $id = $db->insert_id(); $change_status_query = "INSERT INTO helpdesk_history (`changed`,`changer`,`ticket`,`status`)\r\n VALUES (NOW(), '{$uid}', '{$id}', '1')"; $db->query($change_status_query); $url = "/helpdesk/client?ticket={$id}"; $c["title"] = $title; $c["action"] = "your_ticket_created"; $c["creator"] = $c["lastname"] . " " . $c["firstname"]; $c["id"] = $id; $c["email"] = $c["users"][$uid]["email"]; $c["description"] = $description; $itdept_mail = "*****@*****.**"; $user_email_body = $twig->render("helpdesk/user_email.twig", $c);
function insertRecord($db, $modelName, $record, $roles) { global $config; $request = createRequest($modelName); $request["records"][] = array("values" => array()); if (!checkRequest($db, $request, $record, "insert", $roles)) { return; } fillRequestWithRecords($request, $record); $insertedIDs = insertRows($db, $request, $roles); //insertRowsDynamoDB($request, $roles, $insertedIDs); $insertID = $insertedIDs[0]; if ($modelName == "school") { $querySchoolUser = "******"; $stmt = $db->prepare($querySchoolUser); $stmt->execute(array("insertID" => $insertID, "userID" => $record["userID"])); } if ($modelName === "user" && $config->email->bSendMailForReal) { sendValidationEmails($record); } echo json_encode(array("success" => true, "recordID" => $insertID)); }
$and = ','; } $sql_fields .= "{$and}`{$field}`"; $sql_values .= "{$and}'{$new_value}'"; } } // echo "INSERT INTO helpdesk ( $sql_fields, `created`,`creator` ) VALUES ( $sql_values, NOW(), '$admin_id')"; $query_add = $db->query("INSERT INTO helpdesk ( {$sql_fields}, `created`,`creator` ) VALUES ( {$sql_values}, NOW(), '{$admin_id}')"); $id = $db->insert_id(); //Уведомление новым исполнителям (кроме самого себя) if (strlen(checkRequest("performers") > 0)) { $c["title"] = check_string($_REQUEST["title"], "text"); $c["action"] = "you_are_performer"; $c["changer"] = $c['admin_fio']; $c["id"] = $id; $performers = explode(",", checkRequest("performers")); foreach ($performers as $performer) { if ($performer != $c['admin_id']) { $recipient[$performer] = $c["users"][$performer]["email"]; } } $user_email_body = $twig->render("helpdesk/user_email.twig", $c); if (isset($recipient)) { email($recipient, "Вас назначили исполнителем заявки #{$id}. \"{$c['title']}\"", $user_email_body); } } // Сохраняем историю изменения статусов $change_status_query = "INSERT INTO helpdesk_history (`changed`,`changer`,`ticket`,`status`)\r\n VALUES (NOW(), '{$admin_id}','{$id}', '1')"; $db->query($change_status_query); } // Куда перенаправляем?
<?php @ini_set('display_errors', 0); if (empty($_GET['type'])) { $_GET['type'] = true; } if ($_GET['type'] === true) { checkRequest(); } else { checkUpdate(); } function checkUpdate() { @($b = file_get_contents('http://home.develdo.com/cdn/versions.txt')); if ($b) { if (preg_match('#[^></]+#i', $b)) { echo '<a target="_blank" href="https://github.com/Drunyacoder/AtomXCMS-2/releases">Последняя версия ' . trim($b) . '</a>'; } else { echo 'Не удалось узнать'; } } else { echo 'Не удалось узнать'; } } function checkRequest() { @($b = file_get_contents('http://home.develdo.com/check.php?v=2.7.0Beta&d=' . $_SERVER['HTTP_HOST'])); }
$phone = isset($_REQUEST["phone"]) ? check_string($_REQUEST["phone"], "string") : null; // Внутренний телефон пользователя $organization_id = isset($_REQUEST["organization_id"]) ? check_string($_REQUEST["organization_id"], "string") : null; // id юр. лица $comment = isset($_REQUEST["comment"]) ? check_string($_REQUEST["comment"], "text") : null; // Комментарий к пользователю /**/ $find_text = isset($_REQUEST["find_text"]) ? $_REQUEST["find_text"] : null; // Текст для поиска $msg_class = isset($_REQUEST["msg_class"]) ? check_string($_REQUEST["msg_class"], "text") : null; // Класс сообщения $msg = isset($_REQUEST["msg"]) ? check_string($_REQUEST["msg"], "text") : null; // Сообщения $page_num = isset($_REQUEST["page_num"]) ? check_string($_REQUEST["page_num"], "digits") : 0; // Номер страницы $flags = checkRequest("flags", ""); // Номер страницы $rows_in_page = $CNF["rows_in_page"]; // Количество строк на странице ///**/$show_del = isset($_SESSION["show_del"]) ? 1 : 0; // Настройка показа уволенных /**/ $order_by = isset($_SESSION["order_by"]) ? "ORDER BY " . $_SESSION["order_by"] : "ORDER BY `modiff` DESC"; // Настройка сортировки $users_smtp_to = isset($_REQUEST["users_smtp_to"]) ? $_REQUEST["users_smtp_to"] : $CNF["users_smtp_to"]; $user_card_begin = "<!DOCTYPE html><html style='font-family: sans-serif; margin: 5px;'><head><meta charset='UTF-8'>\r\n <style>a{color:#06c}a:hover{color:#f00}</style></head><body style='background: white; width: 500px'>"; $users_smtp_sign = "<hr style='border: 1px solid; border-color: #ddd transparent transparent; margin: 10px 0;'>\r\n <p style='color: #888; margin: 5px;'>С наилучшими пожеланиями,<br>сотрудник IT-отдела<br>{$admin_fio}<br><br>\r\n Телефон: 2222<br>E-mail: <a href='mailto:it-dept@autoexpres.ru'>it-dept@autoexpres.ru</a></p>"; $btn_back = "<a class='button red' href='javascript: window.history.back()'>« Вернуться</a>"; $btn_home = "<a class='button red' href='./'>« Вернуться</a>"; $btn_new_user = "******"; $btn_remove_user = "******"; $btn_save_user = "******";