function deletemessage($mid)
{
$cn = connect_db();
$sql = "delete from message where id='" . $mid . "'";
$result = mysql_query($sql, $cn) or die("ERROR :" . mysql_error());
disconnect_db($cn);
}
function hangee_login($form)
{
global $dbconn;
$email = trim($form['email']);
$password = $form['password'];
$aip = $_SERVER['REMOTE_ADDR'];
$atime = time();
$response = new xajaxResponse();
connect_db();
$sql = "select id, email, password from hangee_users where email='{$email}'";
if (!($res = mysql_query($sql, $dbconn))) {
$response->assign("debug", "innerHTML", "query failed: {$sql}" . mysql_error($dbconn));
$response->assign("debug", "style.display", "block");
return $response;
}
if (!mysql_num_rows($res)) {
$msg = "Log in failed. Please check your email address.";
$response->assign("result", "innerHTML", $msg);
$response->assign("result", "style.display", "block");
return $response;
}
$row = mysql_fetch_array($res);
$db_id = $row['id'];
$db_password = $row['password'];
if (md5($password) != $db_password) {
$msg = "Log in failed. Please check your password.";
$response->assign("result", "innerHTML", $msg);
$response->assign("result", "style.display", "block");
return $response;
}
$sql = "update hangee_users set aip='{$aip}', atime={$atime} where id={$db_id}";
if (!($res = mysql_query($sql, $dbconn))) {
$response->assign("debug", "innerHTML", "query failed: {$sql}" . mysql_error($dbconn));
$response->assign("debug", "style.display", "block");
return $response;
}
disconnect_db();
$getdata = "t={$db_id}&tt={$db_password}";
$response->script("document.location.href='session.php?{$getdata}'");
return $response;
}
<?php
require_once "__lib.php";
$goman = "handata/goman_hyosim.csv";
die;
if (!($handle = fopen($goman, "r"))) {
die("failed to open file: {$goman}");
}
connect_db();
$num = 0;
while ($data = fgetcsv($handle)) {
$num++;
$page = $data[0];
$word = strtolower($data[1]);
$sense = addslashes($data[2]);
$page = 500 + substr($page, 1);
//echo "$num) $page:$word: $sense <br>";
$sql = "insert into hangee_words (page, word, sense) values ({$page}, '{$word}', '{$sense}')";
$res = mysql_query($sql, $dbconn);
if (!$res) {
die("failed: " . mysql_error($dbconn));
}
echo "insert {$num} <br>";
}
disconnect_db();
echo "<p>{$num} records were inserted.</p>";
fclose($handle);
function PhotoThumbnail($pid)
{
$cn = connect_db();
$sql = "SELECT thumb_url FROM `photo` WHERE id=" . $pid;
$link = mysql_query($sql, $cn) or die("Error : Photo Thumbnail " . mysql_error());
$row = mysql_fetch_assoc($link);
return $row['thumb_url'];
disconnect_db($cn);
}
function getmediumimagefromid($id)
{
$cn = connect_db();
$sql = "SELECT *,UNIX_TIMESTAMP(upload_time) as upload_time FROM `photo` WHERE id='" . $id . "'";
$link = mysql_query($sql, $cn) or die("Error : " . mysql_error());
$data = mysql_fetch_assoc($link);
disconnect_db($cn);
return $data['medium_url'];
}
public function calculate_sd()
{
$conn = connect_db();
$sql = "SELECT * FROM `course_score`;";
$result = $conn->query($sql);
disconnect_db($conn);
if ($result->num_rows > 0) {
$i = 0;
while ($row = $result->fetch_assoc()) {
$midterm_scrs[$i] = $row["midterm_score"];
$final_scrs[$i] = $row["final_score"];
$i += 1;
}
}
return array(sd($midterm_scrs), sd($final_scrs));
}
function hangee_exit()
{
disconnect_db();
}
function browse_word($ch, $form = '')
{
global $dbconn;
global $uid;
$ch = strtolower($ch);
$sql = '';
$num_res = 0;
$response = new xajaxResponse();
connect_db();
$goman = substr($form, 0, 5) == 'goman' ? TRUE : FALSE;
if ($form) {
if ($goman) {
$page = $ch + 500;
$sql = "select * from hangee_words where page={$page}";
if (substr($form, -1) == 'm') {
$sql .= " and id in (select wid from hangee_marked where uid={$uid})";
}
$sql .= " order by word asc";
} else {
$column = $form['column'];
$key = trim($form['key']);
if (strlen($key) == 0) {
$response->assign("result", "innerHTML", "No search word is given!");
$response->assign("result", "style.display", "block");
return $response;
}
switch ($column) {
case 'word':
$sql = "select * from hangee_words where word like '%{$key}%' order by word asc";
break;
case 'sense':
$sql = "select * from hangee_words where sense like '%{$key}%' order by word asc";
break;
case 'SQL':
$sql = "select * from hangee_words where " . $key;
break;
default:
$response->assign("result", "innerHTML", "Internal Error!");
$response->assign("result", "style.display", "block");
return $response;
break;
}
}
} else {
if (strlen($ch) == 2) {
$ch = substr($ch, 0, 1);
$sql = "select * from hangee_words where word like '{$ch}%' and page < 300 " . "and id in (select wid from hangee_marked where uid = {$uid})";
} else {
$sql = "select * from hangee_words where word like '{$ch}%' and page < 300 order by word asc";
}
}
$res = mysql_query($sql, $dbconn);
if (!$res) {
$response->assign("debug", "innerHTML", "query failed: {$sql}" . mysql_error($dbconn));
$response->assign("debug", "style.display", "block");
return $response;
}
if (($num_res = mysql_num_rows($res)) == 0) {
$response->assign("word_browser", "innerHTML", "<strong>No words, lucky you!</strong>");
$response->assign("word_browser", "style.display", "block");
return $response;
}
$num = 0;
if (isset($key)) {
if ($column == 'SQL') {
$caption = "Search result of SQL";
} else {
$caption = "Search result of '<strong>" . htmlspecialchars($key) . "</strong>'";
}
} else {
if ($goman) {
$caption = "GoMAN DAY {$ch}";
} else {
$caption = "HanGEE words starting with '<strong>" . strtoupper($ch) . "</strong>'";
}
}
$pstr = $goman ? "Day" : "Page";
$html = "<p>{$num_res} words are found</p>" . "<p><a href='javascript:void(0);' onClick=\"show_sense({$num_res});\"><strong>Show Sense</strong></a> | " . "<a href='javascript:void(0);' onClick=\"hide_sense({$num_res});\"><strong>Hide Sense</strong></a> | " . "<a href='javascript:void(0);' onClick=\"words_upper({$num_res});\"><strong>Upper</strong></a> | " . "<a href='javascript:void(0);' onClick=\"words_lower({$num_res});\"><strong>Lower</strong></a></p>" . "<center>" . "<table id='word_table'>" . "<caption>{$caption}</caption>" . "<tr><th id='num' width='5%'>Num</th><th id='page' width='8%'>{$pstr}</th><th id='word' width='15%'>Word</th>" . "<th id='sense' width='40%'>Sense</th><th id='hint'>Hint</th>" . "<!-- <th id='edit'>Edit</th></tr> -->";
while ($row = mysql_fetch_array($res)) {
$num++;
$id = $row['id'];
$page = $row['page'];
$word = $row['word'];
$sense = htmlspecialchars(stripslashes($row['sense']));
if (!$goman && $page < 500) {
$pattern = '/((a|v|vi|n|ad|pre)\\.)/';
$replace = '<br>$1';
$sense = preg_replace($pattern, $replace, $sense);
$sense = substr($sense, 4);
// delete leading <br>
}
$grade = get_user_grade();
if ($grade == '1' || $grade == '0') {
$numstr = "<a name='{$num}' href=\"javascript:openPopup('edit.php?id={$id}', 'editwin');\"><b>{$num}</b></a>";
} else {
$numstr = "<a href='mailto:sandrain@gmail.com'><b>{$num}</b></a>";
}
$word = "<a href=\"javascript:mark_word({$id}, {$num})\"><span id='w{$num}'>" . strtoupper($word) . "</span></a>";
$mcount = get_marked_count($id);
if ($mcount > 0) {
$wbackcolor = "#ffcc00";
$word .= " <a href=\"javascript:unmark_word({$id}, {$num})\"><font color='#cc0000'>";
while ($mcount--) {
$word .= "*";
}
$word .= "</font></a>";
} else {
$wbackcolor = "#ffff99";
}
$bgcolor = '';
if ($page > 500) {
$page = "D - " . ($page - 500);
$bgcolor = "bgcolor='#ccffff'";
}
$dict = "<a href='javascript:void(0); return false;' onClick=\"openPopup('dict.php?id={$id}', 'dictwin')\">{$page}</a>";
$hint = get_hint($id);
$hintlink = "<a href='javascript:void(0);' " . "onClick=\"javascript:openPopup('hint.php?id={$id}', 'hintwin');\">Edit</a>";
if ($hint) {
$hint = htmlspecialchars(stripslashes($hint)) . " <span style='font-size:8pt;'>({$hintlink})</span>";
} else {
$hint = $hintlink;
}
$html .= "<tr onMouseOver=\"this.bgColor='#ccff99'\" onMouseOut=\"this.bgColor='#ffffff'\">" . "<td headers='num' align='right' style='padding-right:10px;'>{$numstr}</td>" . "<td headers='page' align='center' {$bgcolor}>{$dict}</td>" . "<td headers='word' bgcolor='{$wbackcolor}' align='left'><p class='table_word'>{$word}</p></td>" . "<td headers='sense' align='left' id='td{$num}' class='answer_off' " . "onMouseOver=\"className='answer_on'\" onMouseOut=\"className='answer_off'\">" . "<p class='table_text'>{$sense}</p></td>" . "<td headers='hint' align='left'><p class='table_text'>{$hint}</p></td>";
}
$html .= "</table></center>";
disconnect_db();
if (isset($column) && isset($key)) {
$response->script("set_search_active('{$column}', '{$key}')");
} else {
$response->script("update_current_ch('{$ch}');");
}
$response->assign("word_browser", "innerHTML", $html);
$response->assign("word_browser", "style.display", "block");
$response->script("num_res = {$num_res};");
return $response;
}
<html>
<?php
include "global.php";
error_reporting(E_ALL);
?>
<body>
<?php
$dblink = connect_db();
$result = db_query("SELECT * FROM contact");
$num = mysql_numrows($result);
disconnect_db($dblink);
if ($num > 0) {
echo "<b><center>List of contacts:</center></b><br>";
echo "<table border=\"1\"><th>First name</th><th>Surname</th><th>Phone</th><th>Email</th>";
$i = 0;
while ($i < $num) {
$firstName = mysql_result($result, $i, "first_name");
if ($firstName == "") {
$i++;
continue;
}
echo "<tr>";
$lastName = mysql_result($result, $i, "last_name");
$phone = mysql_result($result, $i, "phone");
$email = mysql_result($result, $i, "email");
echo "<td><b>";
echo $firstName;
echo "</b></td>";
echo "<td><b>";
echo "{$lastName}";
echo "</b></td>";
function getalluserlist()
{
$cn = connect_db();
$sql = "select * from `users` where username<>'admin'";
$link = mysql_query($sql, $cn) or die("Error : " . mysql_error());
$array = array();
while ($data = mysql_fetch_assoc($link)) {
$array[] = $data;
}
disconnect_db($cn);
return $array;
}
$link = mysql_query($sql, $cn); $data = mysql_fetch_assoc($link); $mymessages = $data['value']; $sql = "select * from paging where page='myblog'"; $link = mysql_query($sql, $cn); $data = mysql_fetch_assoc($link); $myblog = $data['value']; $sql = "select * from paging where page='myfriendinvites'"; $link = mysql_query($sql, $cn); $data = mysql_fetch_assoc($link); $myfriendinvites = $data['value']; $sql = "select * from paging where page='search'"; $link = mysql_query($sql, $cn); $data = mysql_fetch_assoc($link); $search = $data['value']; disconnect_db($cn); ?> <form name="listphoto" action="pagemanagement.php?action=listphoto" method="post" onsubmit="return checklistphoto();"> <table width="100%" style="font-family:Arial, Helvetica, sans-serif; font-size:12px;" bgcolor="#FFFFFF"> <tr> <td width="25%">List Photo Page Size: </td> <td width="25%"><input type="text" value="" name="listphoto" id="listphoto"/> </td> <td width="25%">(Current : <?php echo $listphoto; ?> Photos)</td> <td width="25%"><input type="submit" value="Set Value" /> </td> </tr> </table>
function cancelfriendrequest($fid)
{
$cn = connect_db();
$sql = "delete from `friend` where friendid='" . $fid . "' and userid='" . $_SESSION['gallery_userid'] . "'";
$result = mysql_query($sql, $cn) or die("ERROR :" . mysql_error());
disconnect_db($cn);
}
function changePassword($ar)
{
$sql = "select * from `users` where password='******'currentpassword']) . "' and id='" . $this->getLoggedID() . "'";
$array = $this->mysql->queryrow($sql);
if (is_array($array)) {
$objcommon = new common();
$str = $objcommon->getTemplateFormat('changepassword');
$objconfig = new config();
$newpass = md5($ar['newpassword']);
$sql = "update users set password='******' where id='" . $this->getLoggedID() . "'";
$this->mysql->query($sql);
$to['name'] = $array['username'];
$to['email'] = $array['email'];
$from['name'] = $objcommon->getConfigValue('change_password_from_name');
$from['email'] = $objcommon->getConfigValue('change_password_from_email');
$subject = $objcommon->getConfigValue('change_password_from_subject');
$identifier['sitename'] = $objcommon->getConfigValue('sitename');
$identifier['username'] = $array['username'];
$identifier['password'] = $ar['newpassword'];
$objemail = new email();
$objemail->sendMail($to, $from, $subject, $str, $identifier);
return "1";
} else {
// echo "else part";
$this->error = "Invalid Current Password..";
return "0";
}
disconnect_db($cn);
}