<?php
define('SUCCESS', 0);
define('FILE_NOT_FOUND', 1);
define('DATABASE_NOT_EXISTS', 2);
define('ERR', [FILE_NOT_FOUND => 'config file not found, run install.php', DATABASE_NOT_EXISTS => 'database not eists. create new database.']);
function connect_to_db($config_file) : int
{
if (!file_exists($config_file)) {
return FILE_NOT_FOUND;
}
return SUCCESS;
}
$is_connect = connect_to_db('/etc/php7test.ini');
if ($is_connect != SUCCESS) {
echo ERR[$is_connect];
}
function _start()
{
global $db_con, $d_user, $d_pw, $d_base, $d_server, $d_pre;
include_once 'config.php';
$db_con = connect_to_db($d_user, $d_pw, $d_base, $d_server);
define('DB_PREFIX', $d_pre);
}
function get_book_number()
{
$conn = connect_to_db();
$book_num = -1;
$book_num_row = $conn->query('SELECT COUNT(*) FROM hahhtable');
$book_num = $book_num_row->fetch_row()[0];
$conn->close();
return $book_num;
}
function model_location_and_time_array($latitude, $longitude, $radius, $datetime, $numresults, $pollutant, $maxfit)
{
$query = query_location_time_circle_unique_entries($latitude, $longitude, $radius, $datetime, $pollutant);
$dbresult = connect_to_db($query);
$rows = mysql_num_rows($dbresult);
$array = generate_array($dbresult);
$array = array_strip($array, $pollutant, $numresults, $maxfit);
return $array;
}
function get_smallbiz_tax_rate($gross_income)
{
if ($GLOBALS['$connected'] == False) {
connect_to_db();
}
$sql = "SELECT tax_rate, income FROM smallbiz_brackets";
$result = mysql_query($sql);
while ($row = @mysql_fetch_array($result)) {
$low = $row["income_low"];
$high = $row["income_high"];
if ($low <= $total_income && $high >= $total_income) {
return $row["tax_rate"];
}
}
}
function sync_products($vid = NULL, $cid = NULL)
{
global $conn;
connect_to_db();
$sql = "\nSELECT c.channel_id, c.channel, c.products_api, s.store_id, s.store_name, s.api_key, s.api_password, s.access_token, v.vendor\n FROM store AS s\n JOIN vendor AS v ON s.vendor_id = v.vendor_id\n JOIN channel AS c ON s.channel_id = c.channel_id\n WHERE 1\n";
if ($vid && preg_match('/^\\d+$/', $vid)) {
$sql .= ' AND s.vendor_id=' . $vid;
}
if ($cid && preg_match('/^\\d+$/', $cid)) {
$sql .= ' AND s.channel_id=' . $cid;
}
// actually, Vend's API can be accessed using a private access-token without expiration!
$query = mysqli_query($conn, $sql);
while ($row = mysqli_fetch_assoc($query)) {
extract($row);
$api_url = str_replace(['{STORE_NAME}', '{API_KEY}', '{API_PASSWORD}', '{ACCESS_TOKEN}'], [$store_name, $api_key, $api_password, $access_token], $products_api);
$store = new stdClass();
$store->store_name = $store_name;
$store->vendor = $vendor;
$store->channel = $channel;
$store->api_url = $api_url;
$stores[$store_id] = $store;
}
$stores_apis = array_combine(array_keys($stores), array_map(function ($x) {
return $x->api_url;
}, $stores));
$api_results = fetch_products($stores_apis);
$results = [];
foreach ($stores as $store_id => $store) {
$result = new stdClass();
$result->store_name = $store->store_name;
$result->vendor = $store->vendor;
$result->channel = $store->channel;
if (!empty($api_results[$store_id])) {
$channel_products = json_decode($api_results[$store_id]);
$products = translate_channel_products($store->channel, $channel_products);
save_products($store_id, $products);
$result->status = 'succeeded';
} else {
$result->status = 'failed';
}
$results[$store_id] = $result;
}
return $results;
}
function displayform($currentstudent = "")
{
$dbc = connect_to_db("jed");
$query = "select ID, lastname, firstname from student";
$result = perform_query($dbc, $query);
echo "<form method=\"get\">\n\t\t <select name=\"studentmenu\">";
while ($row = mysqli_fetch_array($result, MYSQLI_ASSOC)) {
$firstname = $row['firstname'];
$lastname = $row['lastname'];
$id = $row['ID'];
if ($id == $currentstudent) {
echo "<option value=\"{$id}\" selected>{$firstname} {$lastname}</option>\n";
} else {
echo "<option value=\"{$id}\">{$firstname} {$lastname}</option>\n";
}
}
echo "</select>\n\t\t<input type=\"submit\" name=\"formsubmitted\" value=\"go\" />\n\t\t</form>";
disconnect_from_db($dbc, $result);
}
function create_select($menuname)
{
echo "<select name= '{$menuname}'>\n";
$dbc = connect_to_db("jed");
$query = "select ID, lastname, firstname from student";
$result = perform_query($dbc, $query);
while ($row = mysqli_fetch_array($result, MYSQLI_ASSOC)) {
$firstname = $row['firstname'];
$lastname = $row['lastname'];
$id = $row['ID'];
if (isset($_GET[$menuname]) && $_GET[$menuname] == $id) {
echo "<option value = '{$id}' selected> {$firstname} {$lastname} </option>\n";
} else {
echo "<option value = '{$id}'> {$firstname} {$lastname} </option>\n";
}
}
echo "</select>";
disconnect_from_db($dbc, $result);
}
function get_database_data($date)
{
global $query;
$array = array();
# poor-mans parameter substitution
$new_query = str_replace("?1", $date, $query);
$connection = connect_to_db();
$statement = mysql_query($new_query, $connection) or die('Could not execute query\\n' . mysql_error());
while ($row = mysql_fetch_array($statement, MYSQL_ASSOC)) {
$id = $row["id"];
$level = $row["content"];
$levelgen = $row["levelgen"];
$levelgen_filename = $row["levelgen_filename"];
$level_filename = $row["level_filename"];
$modified_date = $row["last_updated"];
$new_row_array = array('id' => $id, 'level_content' => $level, 'level_filename' => $level_filename, 'levelgen_content' => $levelgen, 'levelgen_filename' => $levelgen_filename, 'modified_date' => $modified_date);
array_push($array, $new_row_array);
}
mysql_close($connection);
return $array;
}
/**
*
*
* @param unknown $content
* @return unknown
*/
function insert_mcviz_results($content)
{
$replace_tag = "mcvizresults";
if (!preg_match("/mcvizresults/", $content)) {
return $content;
}
$viz_link_comment_javascript = '<div style="text-align:center"><input type="submit" value="Insert Visualization Link into Comment Box Below" onclick="document.forms.commentform.comment.value+=\'[REPLACE THIS WITH YOUR COMMENTS ABOUT THE VISUALIZATION]\\n<a href=\' + document.location + \'>My Visualization</a>\';" /></div>';
if ($_REQUEST["viz_type"] == "pivot") {
if ($_REQUEST["media_id"][1] == "") {
return output_error("You did not enter a media source to chart.\n");
}
if (preg_match("/^\\s*\$/", $_REQUEST["pivotterm"])) {
return output_error("You did not enter a term on which to pivot.\n");
}
$dbconn = connect_to_db(&$dberror);
if ($dberror != '') {
return output_db_error($dberror);
}
$tagcounts = array();
$medianum = 0;
foreach ($_REQUEST["media_id"] as $cur_media_id) {
if ($cur_media_id == '') {
continue;
}
$query = '';
$result = '';
$data = '';
$tags = '';
$title = '';
$max_tag_count = '';
$line = '';
$pivotterm = strtolower($_REQUEST["pivotterm"]);
$pivtotterm = preg_replace("/[^a-zA-Z0-9s]/", "", $pivotterm);
$sub_result = pg_query_params("SELECT * FROM tag_lookup where word = \$1 ", array($pivotterm));
if (pg_num_rows($sub_result) == 0) {
pg_query_params("insert into tag_lookup(word, tag_sets_id, tags_id) select \$1, \$2, tags_id from tags where tag_sets_id = \$2 and (tag = \$1 or split_part(tag, ' ', 1) = \$1 or split_part(tag, ' ', 2) = \$1 or split_part(tag, ' ', 3) = \$1) order by tags_id limit 20;", array($pivotterm, $_REQUEST["tagset"]));
}
// or split_part(t.tag, ' ', 1) = '$pivotterm' or split_part(t.tag, ' ', 2) = '$pivotterm' or split_part(t.tag, ' ', 3) = '$pivotterm'
$query = "select max(c.tag_count) as max_tag_count, m.name, tt.tag from media_tag_tag_counts c, tag_lookup t, tags tt, media m " . "where c.tag_tags_id = tt.tags_id and (t.word = '{$pivotterm}' ) " . "and c.tags_id = t.tags_id and c.media_id = '{$cur_media_id}' and m.media_id = c.media_id and " . "t.tag_sets_id = " . $_REQUEST["tagset"] . " and " . "tt.tag_sets_id = " . $_REQUEST["tagset"] . "group by tt.tags_id, m.name, tt.tag order by max_tag_count desc limit 10";
//$chart .= "$query<br/>";
$result = pg_query($query) or $dberror .= 'Query failed: ' . pg_last_error();
if ($dberror != '') {
return output_db_error($dberror);
}
while ($line = pg_fetch_array($result, null, PGSQL_ASSOC)) {
/* foreach ($line as $col_value) {
$chart .= " | $col_value";
}
$chart .= "<br/>";*/
// TODO: Fix this hack, which gives weird results unless max count is first (but in our case should always be true)
$max_tag_count = max($max_tag_count, $line[max_tag_count]);
$data .= round($line["max_tag_count"] / $max_tag_count * 100) . ",";
$shorttag = $line["tag"];
if (strlen($shorttag) > 13) {
$shorttag = substr($shorttag, 0, 13) . "...";
}
$tags = $shorttag . "|" . $tags;
// TODO: Don't do this on every loop, instead do separate query?
$title = $line["name"];
if (strlen($title) > 23) {
$title = substr($title, 0, 23) . "...";
}
$tagcounts[$line["tag"]][$medianum] = $line["max_tag_count"];
}
$medianum++;
//remove trailing comma - I should probably switch it to join() above
$data = substr($data, 0, -1);
if ($max_tag_count == '' || $max_tag_count == 0) {
$chart .= "<br />(<b>No results for source {$medianum}.</b> The available terms that you can currently serach for are focused on prominent people, places, and events. This will broaden considerably in the future.)<br />";
} else {
$chart .= "<img src=\"http://chart.apis.google.com/chart?&cht=bhs&chs=200x300&chd=t:{$data}&chxt=y&chxl=0:|{$tags}&chtt={$title}&chxs=0,,9&chts=000000,11\" />";
}
// while ($line = pg_fetch_array($result, null, PGSQL_ASSOC)) {
//foreach ($line as $col_value) {
// //$media_name = $
// $chart .= " | $col_value";
//}
// $chart .= "<br/>";
//}
//$chart .= "<br/><br/>";
}
// sum for each tag, find max
// print with scaling
//Print_r ($tagcounts);
} elseif ($_REQUEST["viz_type"] == "top10") {
//$chart .= "<br>top10<br>";
if ($_REQUEST["media_id"][1] == "") {
return $content;
}
foreach ($_REQUEST["media_id"] as $cur_media_id) {
if ($cur_media_id == '') {
continue;
}
$dbconn = connect_to_db(&$dberror);
if ($dberror != '') {
return output_db_error($dberror);
}
$query = '';
$result = '';
$data = '';
$tags = '';
$title = '';
$max_tag_count = '';
$line = '';
$query = "select m.name, c.* from top_ten_tags_for_media c, media m " . "where c.media_id = {$cur_media_id} and m.media_id = c.media_id and c.tag_sets_id =" . $_REQUEST["tagset"] . " order by c.media_tag_count desc limit 10";
//die("$query");
//$chart .= $query;
$result = pg_query($query) or $dberror .= 'Query failed: ' . pg_last_error();
while ($line = pg_fetch_array($result, null, PGSQL_ASSOC)) {
/* foreach ($line as $col_value) {
$chart .= " | $col_value";
}
$chart .= "<br/>";*/
// TODO: Fix this hack, which gives weird results unless max count is first (but in our case should always be true)
$max_tag_count = max($max_tag_count, $line[media_tag_count]);
$data .= round($line["media_tag_count"] / $max_tag_count * 100) . ",";
$shorttag = $line["tag_name"];
if (strlen($shorttag) > 13) {
$shorttag = substr($shorttag, 0, 13) . "...";
}
$tags = $shorttag . "|" . $tags;
// TODO: Don't do this on every loop, instead do separate query?
$title = $line["name"];
if (strlen($title) > 23) {
$title = substr($title, 0, 23) . "...";
}
}
//remove trailing comma - I should probably switch it to join() above
$data = substr($data, 0, -1);
$chart .= "<img src=\"http://chart.apis.google.com/chart?&cht=bhs&chco=70c44b&chs=200x300&chd=t:{$data}&chxt=y&chxl=0:|{$tags}&chtt={$title}&chxs=0,,9&chts=000000,11\" />";
pg_close($dbconn);
}
} elseif ($_REQUEST["viz_type"] == "map") {
if ($_REQUEST["media_id"][1] == "") {
return output_error("You did not enter a media source to chart.\n");
}
$dbconn = connect_to_db(&$dberror);
if ($dberror != '') {
return output_db_error($dberror);
}
//$chart .= "<br>map:<br>";
$chart .= "<div style='text-align: center;'>";
foreach ($_REQUEST["media_id"] as $cur_media_id) {
if ($cur_media_id == '') {
continue;
}
$query = "select chart_url, m.name as name from media_google_charts_map_url as u, media as m where u.media_id = m.media_id and u.media_id = {$cur_media_id} and chart_type_is_log is " . $_REQUEST["chart_is_log"] . " and tag_sets_id='" . $_REQUEST["tagset"] . "'";
$result = pg_query($query) or $dberror .= 'Query failed: ' . pg_last_error();
if ($dberror != '') {
return output_db_error($dberror);
}
$line = pg_fetch_array($result, null, PGSQL_ASSOC);
//print_r($line); echo "<br /><br />";
$chart .= $line[name] . ":<br />";
$chart .= "<img src=\"{$line['chart_url']}\"><br clear='all'><br />";
}
$chart .= "</div>";
pg_close($dbconn);
} else {
$chart .= "<br/>No visualisation type specified.</br>*" . addslashes($_REQUEST["viz_type"]) . "*";
}
$content = str_replace("{$replace_tag}", $chart, $content);
return $content;
}
function updateScheduleRun($schedule)
{
// Use these global variables
global $link, $finalResult, $dbResult;
// Get a connection to the report_generator.
$result = connect_to_db();
if (!isset($schedule) || $schedule == '') {
$rptuser = 1;
}
$query = "UPDATE tblSchedules SET nLastrun = NOW() WHERE nSchedID in ({$schedule}) ";
$dbResult = mysqli_query($link, $query);
}
<?php include 'functions.php'; $GLOBALS['graphid'] = 0; // Load libraries document_header(); // Create connection $link = connect_to_db(); ?> <div id="data" style="display: none"> <h2>Data</h2> <p>In this section we carry out an initial analysis of past transactions, with the objective of gathering information about the categories, products and customers that tend to generate the highest revenues. The results shown in this page can provide insights to inform the activities of the sales team. This information, together with the recommendation system and customer analysis which we have implemented in the next page, can support the activities of the company's marketing team.</p> <p> The chart below shows the best selling products ranked according to the revenues they generate. Only the top 10 best selling products are shown.</p> <?php // Total Revenue by product $query = "SELECT ProductName, Revenue FROM ecommerce.ProductsVsCustomers_Pivot ORDER BY Revenue DESC limit 10"; $title = "Products by revenues"; query_and_print_graph($query, $title, "Euros"); ?> <p>The chart below shows the results of a similar analysis, this time to rank the customers that contribute the most to total revenues. Only the top 20 customers are shown below.</p> <?php // Page body. Write here your queries $query = "SELECT b.CustomerID Customer, sum(a.Quantity*a.UnitPrice) Revenues from ecommerce.order_details a left join ecommerce.orders b on a.OrderID=b.OrderID group by CustomerID order by Revenues desc limit 20"; $title = "Customers by revenues"; query_and_print_graph($query, $title, "Euros");
function update_tax_brackets($table, $low, $high, $update, $value, $test)
{
if ($GLOBALS['$connected'] == False) {
connect_to_db();
}
$sql1 = mysql_query("UPDATE {$table} SET {$high}='{$update}' WHERE id='{$value}'") or die(mysql_error());
if ($test == 1) {
$temp = $value + 1;
$sql2 = "SELECT {$high} FROM {$table} WHERE id='{$value}'";
$result2 = mysql_query($sql2);
$row2 = @mysql_fetch_array($result2);
$low_update = $row2[$high] + 1;
$sql3 = mysql_query("UPDATE {$table} SET {$low}='{$low_update}' WHERE id='{$temp}'") or die(mysql_error());
}
}
function addFile($conn, $filename, $filetype, $filesize, $contents, $myID)
{
//check to see if file with the same name exists, if it does, then we update that
$statement = $conn->prepare("SELECT * FROM files where name = ? AND userid = ?");
$statement->bind_param("si", $filename, $myID);
$statement->execute();
$error = $statement->error;
$result = $statement->get_result();
$statement->close();
if ($error) {
return $error;
}
//update existing file
if ($result->num_rows > 0) {
$newConn = connect_to_db(1);
$statement = $newConn->prepare("UPDATE files SET type = ?, size = ?, content = ? WHERE userid = ? AND name = ?");
$statement->bind_param("sisis", $filetype, $filesize, $contents, $myID, $filename);
} else {
$statement = $conn->prepare("INSERT INTO files (name, type, size, content, userid) VALUES (?, ?, ?, ?, ?)");
$statement->bind_param("ssisi", $filename, $filetype, $filesize, $contents, $myID);
}
$statement->execute();
$error = $statement->error;
$statement->close();
if (isset($newConn)) {
$newConn->close();
}
return $error;
}
<?php
include 'dbconn.php';
?>
<!DOCTYPE html>
<head>
<title>Selecting Multiple Records</title>
</head>
<body>
<?php
$dbc = connect_to_db("jed");
$query = "select lastname, firstname from student";
$result = perform_query($dbc, $query);
echo "<ul>\n";
while ($row = mysqli_fetch_array($result, MYSQLI_ASSOC)) {
$firstname = $row['firstname'];
$lastname = $row['lastname'];
echo "<li>{$firstname} {$lastname} </li>\n";
}
echo "</ul>\n";
disconnect_from_db($dbc, $result);
?>
</body>
</html>
<?php
/** main page */
include 'includes/wc.main.inc.php';
$db = connect_to_db();
if ($signed_in) {
$who_you_want = select_p($db, "select crushee_id, (select name from wes_users where username = (select username from user where user_id = crushee_id)) as name from crushes where crusher_id = ?", array($signed_in_id), 'getAll');
$who_want_you = select_p($db, "select crusher_id, crusher_alias from crushes where crushee_id = ?", array($signed_in_id), 'getAll');
for ($i = 0; $i < count($who_you_want); $i++) {
$crushee_id = $who_you_want[$i]['crushee_id'];
$match = select_p($db, "select count(*) from crushes where crusher_id = ? and crushee_id = ?", array($crushee_id, $signed_in_id), 'getOne');
$who_you_want[$i]['match'] = $match;
}
for ($i = 0; $i < count($who_want_you); $i++) {
$crusher_id = $who_want_you[$i]['crusher_id'];
$match = select_p($db, "select count(*) from crushes where crusher_id = ? and crushee_id = ?", array($signed_in_id, $crusher_id), 'getOne');
// the big reveal... don't f**k up this code
if ($match) {
$name = select_p($db, "select name from wes_users where username = (select username from user where user_id = ?)", array($crusher_id), 'getOne');
$who_want_you[$i]['name'] = $name;
}
$who_want_you[$i]['match'] = $match;
}
$smarty->assign('who_you_want', $who_you_want);
$smarty->assign('who_want_you', $who_want_you);
$quote = select_p($db, "select * from quotes order by rand() limit 1", array(), 'getRow');
$smarty->assign('quote', $quote['quote']);
$smarty->assign('quoted', $quote['quoted']);
}
$smarty->display('index.tpl');
close_db($db);
$head = <<<HEAD
\t<div class="bs-example" data-example-id="contextual-table" style="border: 1px solid #eee">
\t\t<table class="table">
\t\t\t<thead>
\t\t\t\t<tr>
\t\t\t\t\t<th>ID</th>
\t\t\t\t\t<th>User</th>
\t\t\t\t</tr>
\t\t\t</thead>
HEAD;
$tail = <<<TAIL
\t\t</table>
\t</div>
TAIL;
require_once "functions.php";
$conn = connect_to_db(1);
$error = "";
$result = "";
$users = "";
if (isset($_POST['username'])) {
$username = $_POST['username'];
if ($username == "") {
$error = "Username must not be blank.";
}
if (!$error) {
$result = lookup_user($conn, $username);
$users = $result[0];
$error = $result[1];
}
}
$conn->close();
<?php
include 'config.php';
include 'db-functions.php';
$connection = connect_to_db();
select_db();
if (isset($_GET["notificationid"])) {
$query = "SELECT * FROM notification WHERE notificationid = " . $_GET["notificationid"];
} else {
$query = "SELECT * FROM notification";
}
$result = run_query($query);
// Pushes each entry of result into an array and converts it to JSON.
$array = array();
while ($row = mysql_fetch_assoc($result)) {
array_push($array, $row);
}
echo json_encode($array);
close_db($connection);
<?php
include 'connect_db.php';
$username = $_POST['username'];
$password = $_POST['password'];
$email = $_POST['email'];
$type = $_POST['type'];
function generate_userID()
{
$userID = rand(0, 65536);
// do check on if userID is unique
return strval($userID);
}
function generate_error_popup($error)
{
echo "<script type='text/javascript'>\n";
echo "alert('Error: ' . {$error})";
echo "</script>";
}
$userID = generate_userID();
$query = "INSERT INTO Users (userID, username, password, email, type) VALUES ('{$userID}', '{$username}', '{$password}', '{$email}', '{$type}')";
$con = connect_to_db("bookly");
mysqli_query($con, $query);
mysqli_close($con);
$baseOrder = translateHtml($rvar_baseOrder);
}
if (!empty($rvar_diatype)) {
$diatype = translateHtml($rvar_diatype);
}
// Export
if ($export == "excel") {
include "../include/export/2excel.php";
$expor_excel = new MID_SQLPARAExel();
}
// Load language
LanguageSetup($lang);
// Colors scheme
ColorSetup($color);
// Соединимся с SQL сервером
connect_to_db();
if (!checkpass()) {
nopass();
}
if (!hasprivilege("access", false)) {
nopass();
}
// Опишем базовые переменные
// ----------------------------------------------------------------------------
//
if (empty($mon)) {
$mon = date("m", mktime(0, 0, 0, date("m"), 1, date("Y")));
}
if (empty($day)) {
$day = date("d", mktime(0, 0, 0, date("m"), 1, date("Y")));
}
<?php
session_start();
if (isset($_SESSION['id'])) {
header("Location: /");
die;
}
session_unset();
session_destroy();
require_once "functions.php";
$error = "";
$conn = connect_to_db();
//if we got some post data try to register the user
if (isset($_POST['username']) && isset($_POST['password']) && isset($_POST['repassword']) && isset($_POST['firstname']) && isset($_POST['lastname'])) {
$username = $_POST['username'];
$password = $_POST['password'];
$repassword = $_POST['repassword'];
$first = $_POST['firstname'];
$last = $_POST['lastname'];
if ($username == "") {
//blank user name
$error = "Username must not be blank.";
} else {
if (strlen($username) > 64) {
$error = "Username cannot be longer than 64 characters.";
} else {
if (check_user($conn, strtolower($username))) {
//check if user exists
$error = "That username already exists.";
} else {
if ($password == "") {
<?php
session_start();
//Initialisations
require_once 'controller/global.php';
require_once 'controller/sql.php';
$DB = connect_to_db();
$PAGES_LIST = array('profil', 'profil/modifier', 'messagerie', 'messagerie/envoyer', 'carte', 'carte/creer', 'news', 'news/suivant', 'news/precedent');
$PAGES_USER_LIST = array('inscription', 'connexion', 'deconnexion', 'recuperation');
$STATIC_PAGES_LIST = array('informations');
//Mise à jour de la dernière activité
if (isset($_SESSION['pseudo'])) {
include_once 'model/user/update_last_activity.php';
update_last_activity($_SESSION['pseudo']);
}
//Routeur
if (isset($_GET['page']) and $_GET['page'] != NULL) {
if (in_array($_GET['page'], $PAGES_LIST)) {
include_once 'controller/' . $_GET['page'] . '/index.php';
} elseif (in_array($_GET['page'], $PAGES_USER_LIST)) {
include_once 'controller/user/' . $_GET['page'] . '/index.php';
} elseif (in_array($_GET['page'], $STATIC_PAGES_LIST)) {
include_once 'view/' . $_GET['page'] . '/index.php';
} else {
header('location: /covoiturage-yann/');
}
} else {
include 'controller/index.php';
}
<?php
if (empty($_GET["id"])) {
exit;
}
$browser = get_browser(null, true);
if (!$browser || $browser["ismobiledevice"]) {
$s = "pocketcampus://events.plugin.pocketcampus.org/showEventItem?eventItemId={$_GET["id"]}";
header("Location: {$s}");
exit;
}
$id = $_GET["id"];
include_once "admin/functions.php";
$conn = connect_to_db("pocketcampus");
mysql_set_charset("utf8", $conn);
sql_query("set time_zone = 'Europe/Zurich';", $conn);
$events = sql_query("SELECT * FROM eventitems WHERE eventId='" . sql_real_escape_string($id) . "' ;", $conn);
$event = sql_fetch_array($events);
if (!$event) {
exit;
}
if ($event["isProtected"]) {
exit;
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
function snews_startup()
{
putenv("TZ=" . s('new_timezone') . "");
connect_to_db();
update_articles();
if (isset($_POST['Submitted']) == "True") {
if (md5(clean($_POST['Username'])) == s('username') && md5(clean($_POST['Password'])) == s('password')) {
$_SESSION['Logged_In'] = "True";
$_SESSION['Username'] = s('username');
$_SESSION['Website'] = s('website');
}
}
}
