function printUserBox()
{
global $userData;
global $isLoggedIn;
global $authUrl;
handleNameChange();
echo "<div class='userBox box header'>";
if ($isLoggedIn) {
echo "<img class='circle-image' src='" . $userData['picture'] . "' width=100px height=100px /><br/>";
if (!isset($_GET["settings"])) {
echo "<p class='welcome'>Welcome <a href='" . $userData['link'] . "'>" . getUsername($userData) . "</a></p>";
} else {
echo "<form action='" . getUrl() . "' method='post'>";
echo "<p class='welcome'>Welcome";
echo "<input type='text' name='displayName' value='" . getUsername($userData) . "'/>";
echo "<input type='submit' value='Submit'>";
echo "</p></form>";
}
echo "<div class='userBoxBottom'>";
echo "<div class='settings'><a href='?settings'><img src='Settings.png' width=16px height=16px /></a></div>";
echo "<div class='logout'><a href='?logout'>Logout</a></div></div>";
} else {
echo "<a href='{$authUrl}'>Sign in using Google</a>";
}
echo "</div>";
}
public function tambahAdminsubmit()
{
$this->form_validation->set_rules('USERNAME', 'USERNAME', 'required');
$this->form_validation->set_rules('PASSWORD', 'PASSWORD', 'required');
$this->form_validation->set_rules('PASSWORD2', 'Confrim password', 'required|matches[PASSWORD]');
if ($this->form_validation->run() == FALSE) {
$this->session->set_flashdata('notif', validation_errors());
$this->session->set_flashdata('clr', 'danger');
redirect('admin_user');
}
$cekpass = $this->user->tampilData('mp_user');
foreach ($cekpass as $row) {
if ($row->PASSWORD == acakPass($this->input->post('PASSWORD'))) {
$this->session->set_flashdata('notif', 'Ulangi Password sudah terpakai');
$this->session->set_flashdata('clr', 'warning');
redirect('admin_user');
}
}
$dataadmin = array('NAMA' => $this->input->post('NAMA'), 'NO_TELP' => $this->input->post('NO_TELP'), 'USERNAME' => getUsername($this->input->post('USERNAME'), 'admin'));
$insertadmin = $this->user->tambahData($dataadmin, 'mp_admin');
$data = array('ID_LEVEL' => '1', 'ID_AUTH' => $this->db->insert_id(), 'USERNAME' => getUsername($this->input->post('USERNAME'), 'admin'), 'PASSWORD' => acakPass($this->input->post('PASSWORD')));
$insert = $this->user->tambahData($data, 'mp_user');
if ($insert) {
$this->session->set_flashdata('notif', 'admin berhasil di tambah');
$this->session->set_flashdata('clr', 'success');
redirect('admin_user');
} else {
$this->session->set_flashdata('notif', 'maaf data tidak bisa masuk ulangi lagi');
$this->session->set_flashdata('clr', 'warning');
redirect('admin_user');
}
}
/**
* Changes user's username.
* User must enter security number to prevent robot attacks.
*/
public function changeUsername()
{
checkUnauthorizedAccess();
$main = new Main();
$main->setPageTitle("Username settings");
$changeUsername = new ChangeUsername();
$main->setBody($changeUsername);
echo $main;
$oldUsername = getUsername();
if (post('change-username')) {
$newUsername = post('first');
$confirmNewUsername = post('second');
$userSecurityNumber = post('security');
$error = false;
if (!ctype_alnum($newUsername) || strlen($newUsername) < 4 || strlen($newUsername) > 25) {
$error = true;
}
if (!ctype_alnum($confirmNewUsername) || strlen($confirmNewUsername) < 4 || strlen($confirmNewUsername) > 25) {
$error = true;
}
if ($userSecurityNumber < 1113 || $userSecurityNumber > 1207) {
$error = true;
}
if ($newUsername === $confirmNewUsername && !$error) {
UserRepository::changeUsername($oldUsername, $newUsername);
$_SESSION['username'] = $newUsername;
}
}
}
function addAlbum($aData = array(), $bCheck = true)
{
if ($bCheck) {
$iCheck = $this->_checkAlbumExistence($aData);
if ($iCheck != 0) {
return $iCheck;
}
}
$iOwner = (int) $aData['owner'];
if (isset($aData['AllowAlbumView'])) {
$iAllowAlbumView = (int) $aData['AllowAlbumView'];
} elseif (strpos($aData['caption'], getUsername($iOwner)) !== false) {
$iAllowAlbumView = BX_DOL_PG_ALL;
} else {
$iAllowAlbumView = BX_DOL_PG_NOBODY;
}
$aFields = array('Caption' => $aData['caption'], 'Uri' => $this->getCorrectUri($aData['caption'], $iOwner, $bCheck), 'Location' => $aData['location'], 'Description' => $aData['description'], 'AllowAlbumView' => $iAllowAlbumView, 'Type' => $this->sType, 'Owner' => $iOwner, 'Status' => getParam('sys_album_auto_app') == 'on' ? 'active' : 'passive', 'Date' => time(), 'LastObjId' => isset($aData['lastObjId']) ? (int) $aData['last_obj'] : 0);
$sqlBegin = "";
$sqlCond = "";
$sqlBody = $this->_getSqlPart($aFields);
$sqlBegin = "INSERT INTO ";
$sqlQuery = "{$sqlBegin} `{$this->sAlbumTable}` SET {$sqlBody} {$sqlCond}";
$GLOBALS['MySQL']->res($sqlQuery);
return $GLOBALS['MySQL']->lastId();
}
function getBaseUrl()
{
$aEntry = $this->_oModule->oAlbums->getAlbumInfo(array('fileid' => $this->getId()));
if (empty($aEntry) || !is_array($aEntry)) {
return '';
}
return BX_DOL_URL_ROOT . $this->_oModule->_oConfig->getBaseUri() . 'browse/album/' . $aEntry['Uri'] . '/owner/' . getUsername($aEntry['Owner']);
}
function getBasicFileInfoForm(&$aInfo, $sUrlPref = '')
{
$aForm = parent::getBasicFileInfoForm($aInfo, $sUrlPref);
if (!empty($aInfo['albumCaption']) && !empty($aInfo['albumUri'])) {
$aForm['album'] = array('type' => 'value', 'value' => getLink($aInfo['albumCaption'], $sUrlPref . 'browse/album/' . $aInfo['albumUri'] . '/owner/' . getUsername($aInfo['medProfId'])), 'caption' => _t('_bx_files_album'));
}
return $aForm;
}
function getCacheOwnername($cacheid)
{
$sql = "SELECT user_id FROM caches WHERE cache_id='" . sql_escape(intval($cacheid)) . "'";
$query = mysql_query($sql) or die;
if (mysql_num_rows($query) > 0) {
return getUsername(mysql_result($query, 0));
}
return null;
}
function auth()
{
$u = getUsername();
$p = getPassword();
if (!trim($u) || !trim($p)) {
return false;
}
return smfapi_authenticate(trim($u), trim($p), true);
}
function getLevel()
{
$koneksi = mysql_connect('localhost', 'root', '');
mysql_select_db('mtrain', $koneksi);
$query = "SELECT level FROM admin WHERE username='******'";
$mQuery = mysql_query($query);
$result = mysql_fetch_array($mQuery);
return $result['level'];
mysql_close();
}
public function testGetUsername()
{
// try basic
$this->assertEquals($_SESSION['username'], 'old_user');
$this->assertEquals(getUsername(), 'old_user');
unset($_SESSION['username']);
// try with not setted SESSION
$this->assertFalse(isset($_SESSION['username']));
$this->assertEquals(getUsername(), null);
}
function checkLoggedIn()
{
// if logged in:
if (isset($_SESSION['user_id']) && $_SESSION['user_id'] > 0) {
$user = array("username" => getUsername(), "wood" => calcCurrentResources()["wood"], "iron" => calcCurrentResources()["iron"], "clay" => calcCurrentResources()["clay"], "level" => getLevel(), "villagers_in_use" => getVillagers(), "max_villagers" => getMaxVillagers());
} else {
// not logged in:
$user = null;
}
return $user;
}
function login4($sUser, $sPwdClear)
{
$iId = 0;
$aProfileInfo = getProfileInfo(getID($sUser));
if ($aProfileInfo && ((32 == strlen($sPwdClear) || 40 == strlen($sPwdClear)) && BxDolXMLRPCUtil::checkLogin($sUser, $sPwdClear))) {
$iId = $aProfileInfo['ID'];
} elseif ($aProfileInfo && getParam('enable_dolphin_footer') != 'on' && check_password($aProfileInfo['ID'], $sPwdClear, BX_DOL_ROLE_MEMBER, false)) {
$iId = $aProfileInfo['ID'];
}
return new xmlrpcresp(new xmlrpcval(array('member_id' => new xmlrpcval($iId, "int"), 'member_pwd_hash' => new xmlrpcval($iId ? $aProfileInfo['Password'] : ""), 'member_username' => new xmlrpcval($iId ? getUsername($iId) : ""), 'protocol_ver' => new xmlrpcval(BX_XMLRPC_PROTOCOL_VER, "int")), "struct"));
}
function checkResetID()
{
if (isset($_GET['resetid'])) {
$db = new DbObject();
$resUser = $db->select("username", "Member", 'resetID="' . $_GET['resetid'] . '"');
$username = getUsername($resUser);
return $username;
} else {
return false;
}
}
function parseContent($sContent, $aKeys, $iMemberId = 0)
{
$aResultKeys = $this->getDefaultKeys();
if ($iMemberId != 0) {
$aProfile = getProfileInfo($iMemberId);
$aResultKeys = array_merge($aResultKeys, array('recipientID' => $aProfile['ID'], 'RealName' => getNickName($aProfile['ID']), 'NickName' => getNickName($aProfile['ID']), 'Username' => getUsername($aProfile['ID']), 'RecipientUrl' => getProfileLink($aProfile['ID']), 'Email' => $aProfile['Email'], 'Password' => $aProfile['Password'], 'SiteName' => getParam('site_title')));
}
if (is_array($aKeys)) {
$aResultKeys = array_merge($aResultKeys, $aKeys);
}
return $GLOBALS['oSysTemplate']->parseHtmlByContent($sContent, $aResultKeys, array('<', '>'));
}
function serviceSetAvatar($iPhotoID, $iAuthorId = 0)
{
if (!$iAuthorId) {
$iAuthorId = getLoggedId();
}
$aFileInfo = $this->_oDb->getFileInfo(array('fileId' => $iPhotoID));
$sProfileAlbumUri = uriFilter(str_replace('{nickname}', getUsername($iAuthorId), $this->_oConfig->getGlParam('profile_album_name')));
if ($sProfileAlbumUri != $aFileInfo['albumUri']) {
return false;
}
return $this->_oDb->setAvatar($iPhotoID, $aFileInfo['albumId']);
}
function login($userid, $userpassword)
{
//check password for login
$password = getUserpassword($userid);
if (empty($password)) {
echo "ID not found!";
} else {
if ($password == $userpassword) {
echo "login success!";
setSession($userid, getUsername($userid), getUsertype($userid));
}
}
}
function ajax_save_listing()
{
global $wpdb;
$user_id = explode(":", $_COOKIE["kallababy_user"])[0];
$location = filter_var($_REQUEST["location"], FILTER_SANITIZE_STRING);
$section = filter_var($_REQUEST["section"], FILTER_SANITIZE_STRING);
$categories = $_REQUEST["categories"];
$keywords = filter_var($_REQUEST["keywords"], FILTER_SANITIZE_STRING);
$company_name = filter_var($_REQUEST["company_name"], FILTER_SANITIZE_STRING);
$description = filter_var($_REQUEST["description"], FILTER_SANITIZE_STRING);
$phone = filter_var($_REQUEST["phone"], FILTER_SANITIZE_STRING);
$website = addhttp(filter_var($_REQUEST["website"], FILTER_SANITIZE_STRING));
$email = filter_var($_REQUEST["email"], FILTER_SANITIZE_EMAIL);
$features = $_REQUEST["features"];
$logo = $_REQUEST["logo"];
$banner = $_REQUEST["banner"];
$gallery = $_REQUEST["gallery"];
//create new listing
$sql = "INSERT INTO " . $wpdb->prefix . "kallababy_listing VALUES(NULL, '" . $user_id . "', '" . $location . "', '" . $section . "', '" . $keywords . "', '" . $company_name . "' , '" . $logo . "', '" . $banner . "', '" . $description . "', '', '', '', '', '', '', '', '" . $phone . "', '" . $website . "', '" . $email . "', '', '', '', '', '', '', '', '', '', '', '', '', '', '', '', '', '', '', '', '', '', 'testimonial.jpg', '', '', 'testimonial.jpg', '', '', 'testimonial.jpg', '', '0', '', '', '', '', '', '" . date('Y-m-d H.i.s', time()) . "' )";
$wpdb->query($sql);
$listing_id = $wpdb->insert_id;
//associate all categories with the new created listing
for ($i = 0; $i < count($categories); $i++) {
$sql = "INSERT INTO " . $wpdb->prefix . "kallababy_cross_categories VALUES('" . $listing_id . "', '" . $categories[$i] . "')";
$wpdb->query($sql);
}
//associate all features with the new created listing
for ($i = 0; $i < count($features); $i++) {
$sql = "INSERT INTO " . $wpdb->prefix . "kallababy_cross_features VALUES('" . $listing_id . "', '" . $features[$i] . "')";
$wpdb->query($sql);
}
//GALLERY
//insert all images into gallery table
for ($i = 0; $i < count($gallery); $i++) {
$sql = "INSERT INTO " . $wpdb->prefix . "kallababy_gallery VALUES( NULL, '" . $gallery[$i] . "', NULL )";
$wpdb->query($sql);
$gallery_id = $wpdb->insert_id;
$sql = "INSERT INTO " . $wpdb->prefix . "kallababy_cross_gallery VALUES('" . $listing_id . "', '" . $gallery_id . "')";
$wpdb->query($sql);
}
//send email to admin to notify of new listing
$email = get_option("admin_email");
$user_real_name = getUsername();
$message = "A new listing has been created by " . $user_real_name . " for " . $company_name . "<br/>";
$message .= "<a href='" . home_url() . "/basic-listing?id=" . $listing_id . "'>View Listing</a>";
sendEmail($email, "New Listing", $message);
$res = array('message' => "OK");
echo json_encode($res);
die;
}
public function authenticate(MOXMAN_Auth_User $user)
{
$config = MOXMAN::getConfig();
if (!isLogged()) {
return false;
}
$s = getUsername();
$sPath = BX_DIRECTORY_PATH_ROOT . 'media/moxie/files/' . substr($s, 0, 1) . '/' . substr($s, 0, 2) . '/' . substr($s, 0, 3) . '/' . $s;
bx_mkdir_r($sPath);
$config->put('filesystem.rootpath', $sPath);
$config->replaceVariable("user", $s);
$user->setName($s);
return true;
}
function response($oAlert)
{
global $gConf;
$iProfileId = $oAlert->iObject;
if (!$iProfileId || $oAlert->sUnit != 'profile' || 'delete' != $oAlert->sAction && 'edit' != $oAlert->sAction) {
return;
}
$sUsername = '******' == $oAlert->sAction ? $oAlert->aExtras['profile_info']['NickName'] : getUsername($iProfileId);
if ('edit' == $oAlert->sAction && $oAlert->aExtras['OldProfileInfo']['NickName'] == $sUsername) {
return;
}
$oDb = new DbForum();
$sOldUsername = '******' == $oAlert->sAction ? $sUsername : $oAlert->aExtras['OldProfileInfo']['NickName'];
$sNewUsername = '******' == $oAlert->sAction ? $gConf['anonymous'] : $sUsername;
$oDb->renameUser($sOldUsername, $sNewUsername);
}
function _getMediaAlbumsArray($sType, $iIdProfile, $iIdProfileViewer, $isShowEmptyAlbums = false)
{
switch ($sType) {
case 'photo':
$sModuleName = 'photos';
$sType = 'bx_photos';
$sMemAction = 'BX_PHOTOS_VIEW';
break;
case 'video':
$sModuleName = 'videos';
$sType = 'bx_videos';
$sMemAction = 'BX_VIDEOS_VIEW';
break;
case 'music':
$sModuleName = 'sounds';
$sType = 'bx_sounds';
$sMemAction = 'BX_SOUNDS_VIEW';
break;
default:
return array();
}
if (!BxDolXMLRPCMedia::_isMembershipEnabledFor($iIdProfileViewer, $sMemAction)) {
return array();
}
bx_import('BxDolMemberInfo');
$oMemberInfo = BxDolMemberInfo::getObjectInstance(getParam('sys_member_info_thumb'));
$isSetAvatarFromDefaultAlbumOnly = $oMemberInfo->isSetAvatarFromDefaultAlbumOnly();
bx_import('BxDolAlbums');
$o = new BxDolAlbums($sType, (int) $iIdProfile);
$aList = $o->getAlbumList(array('owner' => (int) $iIdProfile, 'show_empty' => $isShowEmptyAlbums), 1, 1000);
$aRet = array();
foreach ($aList as $r) {
if (!BxDolService::call($sModuleName, 'get_album_privacy', array((int) $r['ID'], $iIdProfileViewer), 'Search')) {
continue;
}
if ($isSetAvatarFromDefaultAlbumOnly) {
$isDefaulAlbum = $r['Uri'] == uriFilter(str_replace('{nickname}', getUsername($iIdProfile), getParam($sType . '_profile_album_name'))) ? 1 : 0;
} else {
$isDefaulAlbum = 1;
}
$aRet[] = array('Id' => $r['ID'], 'Title' => $r['Caption'], 'Num' => $r['ObjCount'], 'DefaultAlbum' => $isDefaulAlbum);
}
return $aRet;
}
function doAction($action)
{
global $kbank, $vbulletin, $bbuserinfo, $permissions, $KBANK_HOOK_NAME;
if ($action == 'enable') {
$item = $this->data;
eval('$tmp = "' . fetch_template('kbank_template_announce_enable') . '";');
eval(standard_error($tmp));
}
if ($action == 'do_enable') {
if ($this->ready2Enable()) {
$vbulletin->input->clean_array_gpc('r', array('url' => TYPE_NOHTML, 'text' => TYPE_NOHTML));
if (strlen($vbulletin->GPC['text']) > $this->itemtypedata['options']['text_max']) {
$vbulletin->GPC['text'] = substr($vbulletin->GPC['text'], 0, $this->itemtypedata['options']['text_max']) . '..';
}
$url_cutoff = array('javascript:', 'ftp://');
$vbulletin->GPC['url'] = str_replace($url_cutoff, '', $vbulletin->GPC['url']);
if (substr($vbulletin->GPC['url'], 0, 7) != 'http://') {
$vbulletin->GPC['url'] = 'http://' . $vbulletin->GPC['url'];
}
$item_new = array('status' => KBANK_ITEM_ENABLED, 'expire_time' => iif(!$this->data['options']['enabled'], iif($this->data['options']['duration'] > 0, TIMENOW + $this->data['options']['duration'] * 24 * 60 * 60, -1), $this->data['expire_time']), 'options' => serialize(array('url' => $vbulletin->GPC['url'], 'text' => $vbulletin->GPC['text'], 'enabled' => 1)));
$vbulletin->db->query_write(fetch_query_sql($item_new, 'kbank_items', "WHERE itemid = {$this->data['itemid']}"));
//Update datastore
updateAnnounceCache();
}
}
if ($this->data['status'] == KBANK_ITEM_ENABLED and ($action == 'sell' or $action == 'gift')) {
//Update datastore
updateAnnounceCache();
}
if ($action == 'disable') {
if ($this->ready2Disable()) {
$item_new = array('status' => KBANK_ITEM_AVAILABLE);
$vbulletin->db->query_write(fetch_query_sql($item_new, 'kbank_items', "WHERE itemid = {$this->data[itemid]}"));
//Update datastore
updateAnnounceCache();
}
}
if ($action == 'work_real' && $KBANK_HOOK_NAME == KBANK_GLOBAL_START) {
global $kbank_announces;
$kbank_announces[] = array('url' => $this->data['options']['url'], 'text' => $vbulletin->kbankBBCodeParser->parse_bbcode($this->data['options']['text'], true), 'owner' => getUsername($this->data));
}
return parent::doAction($action);
}
public function loginAkun()
{
$this->form_validation->set_rules('username', 'Username', 'required|max_length[50]');
$this->form_validation->set_rules('password', 'Password', 'required');
if ($this->form_validation->run() == FALSE) {
$this->session->set_flashdata('notif', validation_errors());
$this->session->set_flashdata('clr', 'danger');
redirect('login/');
} else {
$level = array("ukm", "admin", "akun");
foreach ($level as $row) {
$where_CEK = array("USERNAME" => getUsername($this->input->post("username"), $row), "PASSWORD" => acakPass($this->input->post("password")));
$cek = $this->loginmodel->tampilData("mp_user", "*", $where_CEK, TRUE);
if ($cek) {
$level = $cek->ID_LEVEL;
if ($level == 1) {
$idakun2 = $cek->ID_USER;
$data = array("id_akun_admin" => $idakun2, "admin" => TRUE);
$this->session->set_userdata($data);
redirect('admin_controller/');
} elseif ($level == 2) {
$idakun2 = $cek->ID_USER;
$data = array("id_akun_ukm" => $idakun2, "ukm" => TRUE);
$this->session->set_userdata($data);
redirect('ukm_info/');
} elseif ($level == 3) {
$idakun2 = $cek->ID_USER;
$id_auth = $cek->ID_AUTH;
$data = array("id_akun_user" => $idakun2, "user" => TRUE, "id_akun_auth" => $id_auth);
$this->session->set_userdata($data);
redirect('user_profil/');
} else {
$this->session->set_flashdata('notif', '<i class="fa fa-times"></i> Username dan password salah !');
$this->session->set_flashdata('clr', 'danger');
redirect('login/');
}
}
}
$this->session->set_flashdata('notif', '<i class="fa fa-times"></i> Username dan password salah !');
$this->session->set_flashdata('clr', 'danger');
redirect('login/');
}
}
function passwordFormSubmitted()
{
if ($_POST['pass1'] != $_POST['pass2']) {
dieError("ERROR: Passwords do not match");
// has javascript checking, we should never hit this error.
}
if (!isValidUserPassword(getUsername(), $_POST['pass0'])) {
echo "<h2>Incorrect Old password entered. Please try again.</h2>\n";
echo file_get_contents("html/password.html");
die(' ');
}
// now we insert it into the database
if (setUserPassword($_POST['pass1'])) {
echo "<h1>Password Changed</h1>\n";
echo "<form><input type=\"button\" name=\"continue\" value=\"Continue\" onClick=\"parent.main_popupWindowCancel()\"></form>\n";
} else {
dieError("Password Change Failed. Please contact the administrator");
}
}
function getContacts($sUser, $sPwd)
{
$aRet = array();
if (!($iId = BxDolXMLRPCUtil::checkLogin($sUser, $sPwd))) {
return new xmlrpcresp(new xmlrpcval(array('error' => new xmlrpcval(1, "int")), "struct"));
}
$aAll = array();
$aContacts = array();
// hot list
$r = db_res("SELECT `p`.`ID` FROM `Profiles` AS `p`\n INNER JOIN `sys_fave_list` AS `h` ON (`h`.`Profile` = `p`.`ID`)\n WHERE `h`.`ID` = {$iId}");
while ($aRow = $r->fetch()) {
$aAll[$aRow['ID']] = $aRow;
}
// mail contacts received
$r = db_res("SELECT `p`.`ID` FROM `Profiles` AS `p`\n INNER JOIN `sys_messages` AS `m` ON (`m`.`Sender` = `p`.`ID`)\n WHERE `p`.`ID` != {$iId} AND `m`.`Recipient` = {$iId}");
while ($aRow = $r->fetch()) {
$aAll[$aRow['ID']] = $aRow;
}
// mail contacts sent
$r = db_res("SELECT `p`.`ID` FROM `Profiles` AS `p`\n INNER JOIN `sys_messages` AS `m` ON (`m`.`Recipient` = `p`.`ID`)\n WHERE `p`.`ID` != {$iId} AND `m`.`Sender` = {$iId}");
while ($aRow = $r->fetch()) {
$aAll[$aRow['ID']] = $aRow;
}
// friends 1
$r = db_res("SELECT `p`.`ID` FROM `sys_friend_list` AS `fr`\n LEFT JOIN `Profiles` AS `p` ON (`p`.`ID` = `fr`.`Profile`)\n WHERE `fr`.`ID` = '{$iId}' AND `fr`.`Profile` != {$iId} AND `fr`.`Check` = '1'");
while ($aRow = $r->fetch()) {
$aAll[$aRow['ID']] = $aRow;
}
// friends 2
$r = db_res("SELECT `p`.`ID` FROM `sys_friend_list` AS `fr`\n LEFT JOIN `Profiles` AS `p` ON (`p`.`ID` = `fr`.`ID`)\n WHERE `fr`.`Profile` = '{$iId}' AND `fr`.`ID` != {$iId} AND `fr`.`Check` = '1'");
while ($aRow = $r->fetch()) {
$aAll[$aRow['ID']] = $aRow;
}
bx_import('BxDolAlerts');
$oZ = new BxDolAlerts('mobile', 'contacts', $iId, 0, array('contacts_data' => $aAll));
$oZ->alert();
foreach ($aAll as $aRow) {
$a = array('ID' => new xmlrpcval($aRow['ID']), 'Nick' => new xmlrpcval(getUsername($aRow['ID'])), 'UserTitle' => new xmlrpcval(getNickName($aRow['ID'])));
$aContacts[] = new xmlrpcval($a, 'struct');
}
return new xmlrpcval($aContacts, "array");
}
function getUserInfo()
{
$userInfo = array();
$sql = "SELECT * FROM user WHERE Username LIKE '" . getUsername() . "'";
$result = mysql_query($sql);
if ($result) {
while ($ar = mysql_fetch_array($result, MYSQL_ASSOC)) {
$userInfo[0] = $ar["UserID"];
$userInfo[1] = $ar["Username"];
$userInfo[2] = $ar["UserPassword"];
$userInfo[3] = $ar["UserMail"];
$userInfo[4] = $ar["UserRight"];
$userInfo[5] = $ar["UserGold"];
$userInfo[6] = $ar["UserDiamond"];
$userInfo[7] = $ar["UserWins"];
$userInfo[8] = $ar["UserAvatar"];
}
}
return $userInfo;
}
function _getMessages($sUser, $sPwd, $isInbox)
{
$aRet = array();
if (!($iId = BxDolXMLRPCUtil::checkLogin($sUser, $sPwd))) {
return new xmlrpcresp(new xmlrpcval(array('error' => new xmlrpcval(1, "int")), "struct"));
}
$aMsgs = array();
if ($isInbox) {
$sWhere = "`Recipient` = '{$iId}' AND NOT FIND_IN_SET('recipient', `Trash`)";
} else {
$sWhere = "`Sender` = '{$iId}' AND NOT FIND_IN_SET('sender', `Trash`)";
}
$sFieldsAdd = $isInbox ? ", `m`.`Sender` AS `AuthorID`" : ", `m`.`Recipient` AS `AuthorID` ";
$r = db_res("SELECT\n `m`.`ID`, UNIX_TIMESTAMP(`m`.`Date`) AS `Date`, `m`.`Sender`, `m`.`Recipient`, `m`.`Subject`, `m`.`New` {$sFieldsAdd}\n FROM `sys_messages` AS `m`\n INNER JOIN `Profiles` as `p` ON (`p`.`ID` = `m`.`Sender`)\n WHERE {$sWhere}\n ORDER BY `Date` DESC");
while ($aRow = $r->fetch()) {
$sIcon = BxDolXMLRPCUtil::getThumbLink($isInbox ? $aRow['Sender'] : $aRow['Recipient'], 'thumb');
$aMsg = array('ID' => new xmlrpcval($aRow['ID']), 'Date' => new xmlrpcval(defineTimeInterval($aRow['Date'])), 'Sender' => new xmlrpcval($aRow['Sender']), 'Recipient' => new xmlrpcval($aRow['Recipient']), 'Subject' => new xmlrpcval($aRow['Subject']), 'New' => new xmlrpcval($aRow['New']), 'Nick' => new xmlrpcval(getUsername($aRow['AuthorID'])), 'UserTitleInterlocutor' => new xmlrpcval(getNickName($aRow['AuthorID'])), 'Thumb' => new xmlrpcval($sIcon));
$aMsgs[] = new xmlrpcval($aMsg, 'struct');
}
return new xmlrpcval($aMsgs, "array");
}
function saveElectionResults($district, $machine_number, $candidateID, $votes)
{
global $variables;
//echo "Votes are $votes";
global $conn;
if ($votes == "" || !is_numeric($votes)) {
if (!is_numeric($votes) && $votes != "") {
echo "Invalid data: " . $votes . " is not a number";
}
return;
}
$votes = strip_tags($votes);
//$table = $variables['resultsTableName'];
$d = $variables['district_results'];
//election_district_id
$m = $variables['machine_results'];
$c_id = $variables['candidateID_results'];
$v = $variables['votes_results'];
$username = getUsername();
// add timestamp
$datetime = date_create()->format('Y-m-d H:i:s');
//get id FROM district
$election_district_id = getElectionDistrictID($district);
$query = "SELECT id FROM results WHERE {$d} = {$election_district_id} AND {$m} = {$machine_number} AND {$c_id} = {$candidateID}";
//echo $query;
$result = runQuery($query);
$rows = $result->num_rows;
//ON DUPLICATE KEY
$query = "";
if ($rows == 0) {
$query = "INSERT INTO results ({$d}, {$m}, {$c_id}, {$v},username_changed,time_changed) VALUES ({$election_district_id}, {$machine_number}, {$candidateID}, {$votes}, '{$username}', '{$datetime}')";
} else {
$query .= " UPDATE results SET ";
$query .= "{$v} = {$votes}, username_changed = '{$username}', time_changed ='{$datetime}' ";
$query .= "WHERE {$d} = {$election_district_id} AND {$m} = {$machine_number} AND {$c_id} = {$candidateID}";
}
$result = runQuery($query);
}
function getBlockCode_Objects($iBlockId)
{
if (!empty($this->sBrowseCode)) {
return $this->sBrowseCode;
}
$sClassName = $this->oConfig->getClassPrefix() . 'Search';
bx_import('Search', $this->oModule->_aModule);
$oSearch = new $sClassName('album');
$aParams = array('album' => $this->aInfo['Uri'], 'owner' => getUsername($this->aInfo['Owner']));
$aCustom = array('enable_center' => true, 'per_page' => $this->oConfig->getGlParam('number_top'), 'sorting' => 'album_order');
$aHtml = $oSearch->getBrowseBlock($aParams, $aCustom);
$iCount = $oSearch->aCurrent['paginate']['totalNum'];
$sPaginate = '';
if ($iCount > $oSearch->aCurrent['paginate']['perPage']) {
$sLink = $this->oConfig->getBaseUri() . 'browse/album/' . $aParams['album'] . '/owner/' . $aParams['owner'];
$oPaginate = new BxDolPaginate(array('page_url' => $sLink . '&page={page}&per_page={per_page}', 'count' => $iCount, 'per_page' => $oSearch->aCurrent['paginate']['perPage'], 'page' => $oSearch->aCurrent['paginate']['page'], 'on_change_per_page' => 'document.location=\'' . BX_DOL_URL_ROOT . $sLink . '&page=1&per_page=\' + this.value;'));
$sPaginate = $oPaginate->getPaginate();
}
if (empty($aHtml['code'])) {
$aHtml['code'] = MsgBox(_t('_Empty'));
}
return DesignBoxContent(_t('_' . $this->oConfig->getMainPrefix() . '_browse_by_album', $this->aInfo['Caption']), $aHtml['code'], 1, '', $sPaginate);
}
function _uploadImage($iProfileId = 0)
{
$iProfileId = (int) $iProfileId;
$sImagePath = BX_AVA_DIR_TMP . ($iProfileId ? $iProfileId : $this->_iProfileId) . BX_AVA_EXT;
$i = strrpos($_FILES['image']['name'], '.');
if (false === $i) {
return false;
}
$sExt = strtolower(substr($_FILES['image']['name'], $i + 1));
if (!in_array($sExt, $this->_aAllowedExt)) {
return false;
}
if (move_uploaded_file($_FILES['image']['tmp_name'], $sImagePath)) {
if ($_POST['copy_to_profile_photos']) {
if (BxDolRequest::serviceExists('photos', 'perform_photo_upload', 'Uploader')) {
$aFileInfo = array('medTitle' => _t('_bx_ava_avatar'), 'medDesc' => _t('_bx_ava_avatar'), 'medTags' => _t('_ProfilePhotos'), 'Categories' => array(_t('_ProfilePhotos')), 'album' => str_replace('{nickname}', getUsername($iProfileId), getParam('bx_photos_profile_album_name')), 'albumPrivacy' => BX_DOL_PG_ALL);
$_POST[BX_DOL_UPLOADER_EP_PREFIX . 'album'] = uriFilter($aFileInfo['album']);
BxDolService::call('photos', 'perform_photo_upload', array($sImagePath, $aFileInfo, false), 'Uploader');
}
}
return IMAGE_ERROR_SUCCESS == imageResize($sImagePath, '', BX_AVA_PRE_RESIZE_W, BX_AVA_PRE_RESIZE_H, true) ? true : false;
}
return false;
}
$bps = $_POST['bps'];
$bpd = $_POST['bpd'];
$weight = $_POST['weight'];
$height = $_POST['height'];
$temperature = $_POST['temperature'];
$temp_method = $_POST['temp_method'];
$pulse = $_POST['pulse'];
$respiration = $_POST['respiration'];
$note = $_POST['note'];
$BMI = $_POST['BMI'];
$BMI_status = $_POST['BMI_status'];
$waist_circ = $_POST['waist_circ'];
$head_circ = $_POST['head_circ'];
$oxygen_saturation = $_POST['oxygen_saturation'];
if ($userId = validateToken($token)) {
$user = getUsername($userId);
$acl_allow = acl_check('encounters', 'auth_a', $user);
if ($acl_allow) {
$strQuery = "UPDATE `form_vitals` SET \n `date`='" . add_escape_custom($date) . "',\n `pid`='" . add_escape_custom($patientId) . "',\n `user`='" . add_escape_custom($user) . "',\n `groupname`='" . add_escape_custom($groupname) . "',\n `authorized`='" . add_escape_custom($authorized) . "',\n `activity`='" . add_escape_custom($activity) . "',\n `bps`='" . add_escape_custom($bps) . "',\n `bpd`='" . add_escape_custom($bpd) . "',\n `weight`='" . add_escape_custom($weight) . "',\n `height`='" . add_escape_custom($height) . "',\n `temperature`='" . add_escape_custom($temperature) . "',\n `temp_method`='" . add_escape_custom($temp_method) . "',\n `pulse`='" . add_escape_custom($pulse) . "',\n `respiration`='" . add_escape_custom($respiration) . "',\n `note`='" . add_escape_custom($note) . "',\n `BMI`='" . add_escape_custom($BMI) . "',\n `BMI_status`='" . add_escape_custom($BMI_status) . "',\n `waist_circ`='" . add_escape_custom($waist_circ) . "',\n `head_circ`='" . add_escape_custom($head_circ) . "',\n `oxygen_saturation`='" . add_escape_custom($oxygen_saturation) . "' \n WHERE id = ?";
$result = sqlStatement($strQuery, array($vital_id));
if ($result !== FALSE) {
$xml_array['status'] = 0;
$xml_array['reason'] = 'Visit vital update successfully';
} else {
$xml_array['status'] = -1;
$xml_array['reason'] = 'Could not update isit vital';
}
} else {
$xml_string .= "<status>-2</status>\n";
$xml_string .= "<reason>You are not Authorized to perform this action</reason>\n";
}
