/** * Add a job posting to the database. * @param string job title * @param string description * @param Array categories id * @param int 1 if public; 0 otherwise. * @param string Closing date for this job post, mysql TIMESTAMP format * @precondition ATutor Mailer class imported. */ function addJob($title, $description, $categories, $is_public, $closing_date) { require AT_INCLUDE_PATH . 'classes/phpmailer/atutormailer.class.php'; global $addslashes, $db, $msg, $_config, $_base_href; if ($_SESSION['jb_employer_id'] < 1) { $msg->addError(); //authentication error exit; } else { include AT_JB_INCLUDE . 'Employer.class.php'; $employer = new Employer($_SESSION['jb_employer_id']); $employer_id = $employer->getId(); } $title = $addslashes($title); $description = $addslashes($description); $is_public = isset($is_public) ? 1 : 0; $closing_date = $addslashes($closing_date); $approval_state = $_config['jb_posting_approval'] == 1 ? AT_JB_POSTING_STATUS_UNCONFIRMED : AT_JB_POSTING_STATUS_CONFIRMED; $sql = 'INSERT INTO ' . TABLE_PREFIX . "jb_postings (employer_id, title, description, is_public, closing_date, created_date, revised_date, approval_state) VALUES ({$employer_id}, '{$title}', '{$description}', {$is_public}, '{$closing_date}', NOW(), NOW(), {$approval_state})"; $result = mysql_query($sql, $db); $posting_id = mysql_insert_id(); //add to posting category table if (!empty($categories)) { foreach ($categories as $id => $category) { $category = intval($category); $sql = 'INSERT INTO ' . TABLE_PREFIX . "jb_posting_categories (posting_id, category_id) VALUES ({$posting_id}, {$category})"; mysql_query($sql, $db); //send out notification if the person is subscribed to the category. $sql = 'SELECT m.member_id, m.email FROM ' . TABLE_PREFIX . 'jb_category_subscribes cs LEFT JOIN ' . TABLE_PREFIX . "members m ON cs.member_id=m.member_id WHERE category_id={$category}"; $result = mysql_query($sql, $db); $post_link = $_base_href . AT_JB_BASENAME . 'view_post.php?jid=' . $posting_id; if ($result) { while ($row = mysql_fetch_assoc($result)) { $mail = new ATutorMailer(); $mail->AddAddress($row['email'], get_display_name($row['member_id'])); $body = _AT('jb_subscription_msg', $title, $this->getCategoryNameById($category), $post_link); $body .= "\n\n"; $body .= _AT('jb_posted_by') . ": " . htmlentities_utf8($employer->getCompany()) . "\n"; $mail->FromName = $_config['site_name']; $mail->From = $_config['contact_email']; $mail->Subject = _AT('jb_subscription_mail_subject'); $mail->Body = $body; if (!$mail->Send()) { $msg->addError('SENDING_ERROR'); } unset($mail); } } } } if (!$result) { //TODO: db error message $msg->addError(); } }
function job_board_news() { global $db; $news = array(); $job = new Job(); $result = $job->getAllJobs('created_date', 'desc'); if (is_array($result)) { foreach ($result as $row) { $title = htmlentities_utf8($row['title']); $news[] = array('time' => $row['revised_date'], 'object' => $row, 'thumb' => AT_JB_BASENAME . 'images/jb_icon_tiny.png', 'link' => '<span title="' . strip_tags($title) . '"><a href="' . AT_JB_BASENAME . 'view_post.php?jid=' . $row['id'] . '">' . $title . "</a></span>"); } } return $news; }
/** * Export */ function export() { global $savant; //localize $wl = $this->wl; //assign all the neccessarily values to the template. $savant->assign('title', htmlentities_utf8($wl->getTitle(), ENT_QUOTES, 'UTF-8')); $url = $wl->getUrl(); $savant->assign('url_href', urlencode($url['href'])); $savant->assign('url_target', $url['target']); //TODO: not supported yet //$savant->assign('url_window_features', $url['window_features']); //generates xml $xml = $savant->fetch(TR_INCLUDE_PATH . 'classes/Weblinks/Weblinks.tmpl.php'); return $xml; }
function printSocialNameForConnection($id, $trigger) { global $_config, $display_name_formats, $db; $display_name_format = $_config['display_name_format']; //if trigger = true, it's for the drop down ajax if ($trigger == true) { if ($display_name_format > 1) { $display_name_format = 1; } } else { if ($display_name_format == 1) { $display_name_format = 2; } } $sql = 'SELECT login, first_name, second_name, last_name FROM %smembers WHERE member_id=%d'; $row = queryDB($sql, array(TABLE_PREFIX, $id), TRUE); return htmlentities_utf8(_AT($display_name_formats[$display_name_format], $row['login'], $row['first_name'], $row['second_name'], $row['last_name'])); }
function printSocialNameForConnection($id, $trigger) { global $_config, $display_name_formats, $db; $display_name_format = $_config['display_name_format']; //if trigger = true, it's for the drop down ajax if ($trigger == true) { if ($display_name_format > 1) { $display_name_format = 1; } } else { if ($display_name_format == 1) { $display_name_format = 2; } } $sql = 'SELECT login, first_name, second_name, last_name FROM ' . TABLE_PREFIX . 'members WHERE member_id=' . $id; $result = mysql_query($sql, $db); $row = mysql_fetch_assoc($result); return htmlentities_utf8(_AT($display_name_formats[$display_name_format], $row['login'], $row['first_name'], $row['second_name'], $row['last_name'])); }
function bigbluebutton_news() { global $db, $enrolled_courses, $system_courses; $news = array(); if ($enrolled_courses == ''){ return $news; } $sql = 'SELECT * FROM '.TABLE_PREFIX.'bigbluebutton WHERE course_id IN '.$enrolled_courses; $result = mysql_query($sql, $db); if($result){ while($row = mysql_fetch_assoc($result)){ $news[] = array('time'=>htmlentities_utf8($row['course_timing']), 'object'=>$row, 'alt'=>_AT('bigbluebutton'), 'course'=>$system_courses[$row['course_id']]['title'], 'thumb'=>'mods/bigbluebutton/bigbluebutton_sm.png', 'link'=>htmlentities_utf8($row['message'])); } } return $news; }
require AT_INCLUDE_PATH . 'header.inc.php'; ?> <div id="my_courses_container"> <ul class="my-courses-list-ul" > <?php foreach ($this->courses as $row) { static $counter; $counter++; ?> <li class="my-courses-list"> <?php echo '<a href="' . url_rewrite('bounce.php?course=' . $row['course_id']) . '"> ' . htmlentities_utf8($row['title']) . '</a>'; ?> <?php if ($row['last_cid']) { ?> <a class="my-courses-resume" href="bounce.php?course=<?php echo $row['course_id'] . SEP . 'p=' . urlencode('content.php?cid=' . $row['last_cid']); ?> "><img src="<?php echo $_base_href; ?> themes/default/images/resume.png" border="" alt="<?php echo _AT('resume'); ?> " title="<?php echo _AT('resume');
$query = "\tSELECT user_camp.id\n\t\t\t\t\t\tFROM user_camp\n\t\t\t\t\t\tWHERE user_id = {$user_id} AND camp_id = " . $_camp->id; $result = mysql_query($query); $user_camp_id = mysql_result($result, 0, 'id'); $mat_list_id = "NULL"; $query = "\tSELECT user.scoutname \n\t\t\t\t\t\tFROM user, user_camp\n\t\t\t\t\t\tWHERE user.id = user_camp.user_id\n\t\t\t\t\t\tAND user_camp.id = {$user_camp_id}"; $result = mysql_query($query); $resp_str = mysql_result($result, 0, 'scoutname'); } if (substr($resp, 0, 8) == "mat_list") { $user_camp_id = "NULL"; $mat_list_id = substr($resp, 9); $query = "\tSELECT mat_list.name \n\t\t\t\t\t\tFROM mat_list\n\t\t\t\t\t\tWHERE mat_list.id = {$mat_list_id}"; $result = mysql_query($query); $resp_str = mysql_result($result, 0, 'name'); } $resp_str_js = htmlentities_utf8($resp_str); $query = "\tSELECT\n\t\t\t\t\t\tid\n\t\t\t\t\tFROM\n\t\t\t\t\t(\n\t\t\t\t\t\tSELECT\t\n\t\t\t\t\t\t\tid as id,\n\t\t\t\t\t\t\tname as name\n\t\t\t\t\t\tFROM\n\t\t\t\t\t\t\tmat_article\n\t\t\t\t\t\t\n\t\t\t\t\t\tUNION\n\t\t\t\t\t\t\n\t\t\t\t\t\tSELECT\n\t\t\t\t\t\t\tmat_article.id as id,\n\t\t\t\t\t\t\tconcat( mat_article_alias.name, ' (', mat_article.name, ')' ) as name\n\t\t\t\t\t\tFROM\n\t\t\t\t\t\t\tmat_article,\n\t\t\t\t\t\t\tmat_article_alias\n\t\t\t\t\t\tWHERE\n\t\t\t\t\t\t\tmat_article_alias.mat_article_id = mat_article.id\n\t\t\t\t\t\t\n\t\t\t\t\t\tORDER BY name\n\t\t\t\t\t) as mat\n\t\t\t\t\tWHERE\n\t\t\t\t\t\tmat.name = '{$article}'"; $result = mysql_query($query); if (mysql_num_rows($result)) { $id = mysql_result($result, 'id'); } else { $id = "NULL"; } $query = "\tUPDATE mat_event\n\t\t\t\t\tSET \n\t\t\t\t\t\t`user_camp_id` = {$user_camp_id},\n\t\t\t\t\t\t`mat_list_id` = {$mat_list_id},\n\t\t\t\t\t\t`mat_article_id` = {$id},\n\t\t\t\t\t\t`article_name` = '{$article}',\n\t\t\t\t\t\t`quantity` = '{$quantity}'\n\t\t\t\t\tWHERE\n\t\t\t\t\t\tid = {$entry_id}"; $result = mysql_query($query); if (!mysql_error()) { $ans = array("values" => array("1" => $quantity_js, "2" => $article_js, "3" => $resp_str_js)); echo json_encode($ans); die; } else { $ans = array("error" => true, "error_msg" => "Fehler aufgetreten");
* This file is part of eCamp. * * eCamp is free software: you can redistribute it and/or modify * it under the terms of the GNU Affero General Public License as published by * the Free Software Foundation, either version 3 of the License, or * (at your option) any later version. * * eCamp is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU Affero General Public License for more details. * * You should have received a copy of the GNU Affero General Public License * along with eCamp. If not, see <http://www.gnu.org/licenses/>. */ $job_name = htmlentities_utf8(trim($_REQUEST['job_name'])); $job_name_save = mysql_real_escape_string($_REQUEST['job_name']); $cmd = mysql_real_escape_string($_REQUEST['cmd']); // Authentifizierung überprüfen // write --> Ab Lagerleiter (level: 50) if ($_user_camp->auth_level < 50 || $job_name == "") { // Keine Berechtigung if ($_user_camp->auth_level < 50) { //$xml_replace[error] = 1; //$xml_replace['error-msg'] = "Keine Berechtigung"; $ans = array("error" => true, "msg" => "Keine berechtigung!"); echo json_encode($ans); die; } else { //$xml_replace[error] = 2; //$xml_replace['error-msg'] = "Bitte gib zuerst einen Job-Namen ein!";
if($response['messageKey'] == 'checksumError'){ $msg->addError("CHECKSUM_ERROR_BBB"); } else{ $msg = $response['message']; } } else{//"The meeting was created, and the user will now be joined " $bbb_joinURL = BigBlueButton::joinURL($meetingID,$username,"ap", $salt, $url); } $sql = "SELECT * from ".TABLE_PREFIX."bigbluebutton WHERE course_id = '$meetingID'"; $result = mysql_query($sql, $db); if (mysql_num_rows($result) > 0) { while ($row = mysql_fetch_assoc($result)) { /**** * SUBLINK_TEXT_LEN, VALIDATE_LENGTH_FOR_DISPLAY are defined in include/lib/constance.lib.inc * SUBLINK_TEXT_LEN determins the maxium length of the string to be displayed on "detail view" box. *****/ $list[] = '<a href="'.$bbb_joinURL.'"'. (strlen(htmlentities_utf8($row['message'])) > SUBLINK_TEXT_LEN ? ' title="'.htmlentities_utf8($row['course_timing']).'"' : '') .' title="'.htmlentities_utf8($row['course_timing']).'">'. validate_length(htmlentities_utf8($row['message']), SUBLINK_TEXT_LEN, VALIDATE_LENGTH_FOR_DISPLAY) .'</a>'; } return $list; } else { return 0; } ?>
echo $current_file['folder_id']; ?> " /> </form> <?php } else { ?> <?php $current_file = current($files); } ?> <div class="input-form"> <div class="row"> <h3><?php echo htmlentities_utf8($current_file['file_name']); ?> <small> - <?php echo _AT('revision'); ?> <?php echo $current_file['num_revisions']; ?> </small></h3> <span style="font-size: small"><?php echo get_display_name($current_file['member_id']); ?> - <?php echo AT_date(_AT('filemanager_date_format'), $current_file['date'], AT_DATE_MYSQL_DATETIME); ?> </span>
$id = intval($_REQUEST['id']); $sql = "SELECT * FROM ".TABLE_PREFIX."groups_types WHERE type_id=$id AND course_id=$_SESSION[course_id]"; $result = mysql_query($sql,$db); if (!($type_row = mysql_fetch_assoc($result))) { require (AT_INCLUDE_PATH.'header.inc.php'); $msg->printErrors('GROUP_TYPE_NOT_FOUND'); require (AT_INCLUDE_PATH.'footer.inc.php'); exit; } $tmp_groups = array(); $sql = "SELECT group_id, title FROM ".TABLE_PREFIX."groups WHERE type_id=$id ORDER BY title"; $result = mysql_query($sql, $db); while ($row = mysql_fetch_assoc($result)) { $tmp_groups[$row['group_id']] = htmlentities_utf8($row['title']); } $groups_keys = array_keys($tmp_groups); $groups_keys = implode($groups_keys, ','); if (isset($_POST['cancel'])) { $msg->addFeedback('CANCELLED'); header('Location: index.php'); exit; } else if (isset($_POST['submit'])) { $sql = "DELETE FROM ".TABLE_PREFIX."groups_members WHERE group_id IN ($groups_keys)"; mysql_query($sql, $db); $sql = ''; foreach ($_POST['groups'] as $mid => $gid) { $mid = abs($mid);
/* http://atutor.ca */ /* */ /* This program is free software. You can redistribute it and/or */ /* modify it under the terms of the GNU General Public License */ /* as published by the Free Software Foundation. */ /************************************************************************/ if (!defined('AT_INCLUDE_PATH')) { exit; } // print the AccessForAll alternatives tool bar // see /content.php for details of the alt_infos() array // images for the toolbar can be customized by adding images of the same name to a theme's images directory ?> <div id="alternatives_shortcuts"> <?php foreach ($this->alt_infos as $alt_info){ echo '<a href="'.$_SERVER['PHP_SELF'].'?cid='.$this->cid.(($_GET['alternative'] == $alt_info['0']) ? '' : htmlentities_utf8(SEP).'alternative='.$alt_info[0]).'"> <img src="'.AT_BASE_HREF.(($_GET['alternative'] == $alt_info[0]) ? $alt_info[3] : $alt_info[4]).'" alt="'.(($_GET['alternative'] == $alt_info[0]) ? $alt_info[2] : $alt_info[1]).'" title="'.(($_GET['alternative'] == $alt_info[0]) ? $alt_info[2] : $alt_info[1]).'" border="0" class="img1616"/></a>'; } ?> </div> <?php if ($this->shortcuts): ?> <fieldset id="shortcuts"><legend><?php echo _AT('shortcuts'); ?></legend> <ul> <?php foreach ($this->shortcuts as $link): ?> <li><a href="<?php echo $link['url']; ?>"><?php echo $link['title']; ?></a></li> <?php endforeach; ?> </ul> </fieldset> <?php endif; ?>
/** * Generate the title string for application. * * @param int application id * @return the title string that has a hyperlink to the application itself. */ function generateApplicationTitle($app_id) { $app_id = intval($app_id); //This here, it is actually better to use $url instead of app_id. //$url is the primary key. $id is also a key, but it is not guranteed that it will be unique $sql = "SELECT title FROM %ssocial_applications WHERE id=%d"; $row = queryDB($sql, array(TABLE_PREFIX, $app_id), TRUE); $msg = _AT("has_added_app", url_rewrite(AT_SOCIAL_BASENAME . 'applications.php?app_id=' . $app_id, AT_PRETTY_URL_IS_HEADER), htmlentities_utf8($row['title'])); return $msg; }
for ($i = 0; $i < count($words); $i++) { $words[$i] = $strtolower($words[$i]); } $words = array_unique($words); if (count($words) > 0) { $count = 0; $glossary_key_lower = array_change_key_case($glossary); foreach ($words as $k => $v) { $original_v = $v; $v = $strtolower($v); //array_change_key_case change everything to lowercase, including encoding. if (isset($glossary_key_lower[$v]) && $glossary_key_lower[$v] != '') { $v_formatted = urldecode(array_search($glossary_key_lower[$v], $glossary)); $def = AT_print($glossary_key_lower[$v], 'glossary.definition'); $count++; echo '<a class="tooltip" href="' . $_base_path . 'mods/_core/glossary/index.php?g_cid=' . $_SESSION['s_cid'] . htmlentities(SEP) . 'w=' . urlencode($original_v) . '#term" title="' . htmlentities_utf8($v_formatted) . ': ' . $def . '">'; if ($strlen($original_v) > 26) { $v_formatted = $substr($v_formatted, 0, 26 - 4) . '...'; } echo AT_print($v_formatted, 'glossary.word') . '</a>'; echo '<br />'; } } if ($count == 0) { /* there are defn's, but they're not defined in the glossary */ echo '<strong>' . _AT('no_terms_found') . '</strong>'; } } else { /* there are no glossary terms on this page */ echo '<strong>' . _AT('no_terms_found') . '</strong>'; }
<?php if ($this->sub_level_pages[$i]['url'] == $this->current_sub_level_page) { ?> <li class="active"><?php echo htmlentities_utf8($this->sub_level_pages[$i]['title']); ?> </li> <?php } else { ?> <li><a href="<?php echo $this->sub_level_pages[$i]['url']; ?> "><?php echo htmlentities_utf8($this->sub_level_pages[$i]['title']); ?> </a></li> <?php } ?> <?php if ($i < $num_pages - 1) { echo " "; ?> <?php } ?> <?php } ?>
function printMenu($parent_id, $depth, $path, $children, $truncate, $ignore_state, $from = '') { global $cid, $_my_uri, $_base_path, $rtl, $substr, $strlen; static $temp_path; $redirect_to = $from == 'sitemap' ? '1' : '0'; if (!isset($temp_path)) { if ($cid) { $temp_path = $this->getContentPath($cid); } else { $temp_path = $this->getContentPath($_SESSION['s_cid']); } } $highlighted = array(); if (is_array($temp_path)) { foreach ($temp_path as $temp_path_item) { $_SESSION['menu'][$temp_path_item['content_id']] = 1; $highlighted[$temp_path_item['content_id']] = true; } } if ($this->start) { reset($temp_path); $this->start = false; } if (isset($this->_menu[$parent_id]) && is_array($this->_menu[$parent_id])) { $top_level = $this->_menu[$parent_id]; $counter = 1; $num_items = count($top_level); echo '<div id="folder' . $parent_id . $from . '">' . "\n"; foreach ($top_level as $garbage => $content) { $link = ''; //tests do not have content id $content['content_id'] = isset($content['content_id']) ? $content['content_id'] : ''; $content['parent_content_id'] = $parent_id; if (!$ignore_state) { $link .= '<a name="menu' . $content['content_id'] . '"></a>'; } $on = false; if (($_SESSION['s_cid'] != $content['content_id'] || $_SESSION['s_cid'] != $cid) && ($content['content_type'] == CONTENT_TYPE_CONTENT || $content['content_type'] == CONTENT_TYPE_WEBLINK)) { // non-current content nodes with content type "CONTENT_TYPE_CONTENT" if (isset($highlighted[$content['content_id']])) { $link .= '<strong>'; $on = true; } //content test extension @harris //if this is a test link. if (isset($content['test_id'])) { $title_n_alt = $content['title']; $in_link = 'mods/_standard/tests/test_intro.php?tid=' . $content['test_id'] . SEP . 'in_cid=' . $content['parent_content_id']; $img_link = ' <img src="' . $_base_path . 'images/check.gif" title="' . $title_n_alt . '" alt="' . $title_n_alt . '" />'; } else { $in_link = 'content.php?cid=' . $content['content_id']; $img_link = ''; } $full_title = $content['title']; $link .= $img_link . ' <a href="' . $_base_path . htmlentities_utf8(url_rewrite($in_link)) . '" title="'; $base_title_length = 29; if ($_SESSION['prefs']['PREF_NUMBERING']) { $base_title_length = 24; } $link .= $content['title'] . '">'; if ($truncate && $strlen($content['title']) > $base_title_length - $depth * 4) { $content['title'] = htmlspecialchars(rtrim($substr(htmlspecialchars_decode($content['title']), 0, $base_title_length - $depth * 4 - 4))) . '...'; } if (isset($content['test_id'])) { $link .= $content['title']; } else { $link .= '<span class="inlineEdits" id="menu-' . $content['content_id'] . '" title="' . $full_title . '">'; if ($_SESSION['prefs']['PREF_NUMBERING']) { $link .= $path . $counter; } $link .= ' ' . $content['title'] . '</span>'; } $link .= '</a>'; if ($on) { $link .= '</strong>'; } // instructors have privilege to delete content if (authenticate(AT_PRIV_CONTENT, AT_PRIV_RETURN) && !isset($content['test_id']) && !is_mobile_device()) { $link .= '<a href="' . $_base_path . 'mods/_core/editor/delete_content.php?cid=' . $content['content_id'] . '&redirect_to=' . $redirect_to . '"><img src="' . AT_BASE_HREF . 'images/x.gif" alt="' . _AT("delete_content") . '" title="' . _AT("delete_content") . '" class="del-content-icon" /></a>'; } } else { // current content page & nodes with content type "CONTENT_TYPE_FOLDER" $base_title_length = 33; if ($_SESSION['prefs']['PREF_NUMBERING']) { $base_title_length = 26; } if (isset($highlighted[$content['content_id']])) { $link .= '<strong>'; $on = true; } if ($content['content_type'] == CONTENT_TYPE_CONTENT || $content['content_type'] == CONTENT_TYPE_WEBLINK) { // current content page $full_title = $content['title']; $link .= '<a href="' . $_my_uri . '"><img src="' . $_base_path . 'images/clr.gif" alt="' . _AT('you_are_here') . ': '; if ($_SESSION['prefs']['PREF_NUMBERING']) { $link .= $path . $counter; } $link .= $content['title'] . '" height="1" width="1" border="0" /></a><strong class="current-content" title="' . $content['title'] . '">' . "\n"; if ($truncate && $strlen($content['title']) > $base_title_length - $depth * 4) { $content['title'] = htmlspecialchars(rtrim($substr(htmlspecialchars_decode($content['title']), 0, $base_title_length - $depth * 4 - 4))) . '...'; } $link .= '<a name="menu' . $content['content_id'] . '"></a><span class="inlineEdits" id="menu-' . $content['content_id'] . '" title="' . $full_title . '">'; if ($_SESSION['prefs']['PREF_NUMBERING']) { $link .= $path . $counter; } $link .= $content['title'] . '</span></strong>'; // instructors have privilege to delete content if (authenticate(AT_PRIV_CONTENT, AT_PRIV_RETURN) && !is_mobile_device()) { $link .= '<a href="' . $_base_path . 'mods/_core/editor/delete_content.php?cid=' . $content['content_id'] . '&redirect_to=' . $redirect_to . '"><img src="' . AT_BASE_HREF . 'images/x.gif" alt="' . _AT("delete_content") . '" title="' . _AT("delete_content") . '" class="del-content-icon" /></a>'; } } else { // nodes with content type "CONTENT_TYPE_FOLDER" $full_title = $content['title']; if (authenticate(AT_PRIV_CONTENT, AT_PRIV_RETURN) && !is_mobile_device()) { $link .= '<a href="' . $_base_path . "mods/_core/editor/edit_content_folder.php?cid=" . $content['content_id'] . '" title="' . $full_title . _AT('click_edit') . '">' . "\n"; } else { $link .= '<span style="cursor:pointer" onclick="javascript: ATutor.course.toggleFolder(\'' . $content['content_id'] . $from . '\', \'' . _AT('expand') . '\', \'' . _AT('collapse') . '\', ' . $this->course_id . '); ">' . "\n"; } if ($truncate && $strlen($content['title']) > $base_title_length - $depth * 4) { $content['title'] = htmlspecialchars(rtrim($substr(htmlspecialchars_decode($content['title']), 0, $base_title_length - $depth * 4 - 4))) . '...'; } if (isset($content['test_id'])) { $link .= $content['title']; } else { $link .= '<span class="inlineEdits" id="menu-' . $content['content_id'] . '" title="' . $full_title . '">'; } if ($_SESSION['prefs']['PREF_NUMBERING']) { $link .= $path . $counter; } $link .= ' ' . $content['title'] . '</span>'; if (authenticate(AT_PRIV_CONTENT, AT_PRIV_RETURN) && !is_mobile_device()) { $link .= '</a>' . "\n"; } else { $link .= '</span>' . "\n"; } // instructors have privilege to delete content if (authenticate(AT_PRIV_CONTENT, AT_PRIV_RETURN) && !is_mobile_device()) { $link .= '<a href="' . $_base_path . 'mods/_core/editor/delete_content.php?cid=' . $content['content_id'] . '&redirect_to=' . $redirect_to . '"><img src="' . AT_BASE_HREF . 'images/x.gif" alt="' . _AT("delete_content") . '" title="' . _AT("delete_content") . '" class="del-content-icon" /></a>'; } } if ($on) { $link .= '</strong>'; } } if ($ignore_state) { $on = true; } echo '<span>' . "\n"; if (isset($this->_menu[$content['content_id']]) && is_array($this->_menu[$content['content_id']])) { /* has children */ for ($i = 0; $i < $depth; $i++) { if ($children[$i] == 1) { echo '<img src="' . AT_BASE_HREF . $this->tree_vertline_icon . '" alt="" border="0" width="16" height="16" class="img-size-tree" />' . "\n"; } else { echo '<img src="' . $_base_path . 'images/clr.gif" alt="" border="0" width="16" height="16" class="img-size-tree" />' . "\n"; } } if ($counter == $num_items && $depth > 0) { echo '<img src="' . AT_BASE_HREF . $this->tree_end_icon . '" alt="" border="0" width="16" height="16" class="img-size-tree" />' . "\n"; $children[$depth] = 0; } else { if ($counter == $num_items) { echo '<img src="' . AT_BASE_HREF . $this->tree_end_icon . '" alt="" border="0" width="16" height="16" class="img-size-tree" />' . "\n"; $children[$depth] = 0; } else { echo '<img src="' . AT_BASE_HREF . $this->tree_split_icon . '" alt="" border="0" width="16" height="16" class="img-size-tree" />' . "\n"; $children[$depth] = 1; } } if ($_SESSION['s_cid'] == $content['content_id']) { if (is_array($this->_menu[$content['content_id']])) { $_SESSION['menu'][$content['content_id']] = 1; } } if (isset($_SESSION['menu'][$content['content_id']]) && $_SESSION['menu'][$content['content_id']] == 1) { if ($on) { echo '<a href="javascript:void(0)" onclick="javascript: ATutor.course.toggleFolder(\'' . $content['content_id'] . $from . '\', \'' . _AT('expand') . '\', \'' . _AT('collapse') . '\', ' . $this->course_id . '); "><img src="' . AT_BASE_HREF . $this->tree_collapse_icon . '" id="tree_icon' . $content['content_id'] . $from . '" alt="' . _AT('collapse') . '" border="0" width="16" height="16" title="' . _AT('collapse') . '" class="img-size-tree" /></a>' . "\n"; } else { echo '<a href="' . $_my_uri . 'collapse=' . $content['content_id'] . '">' . "\n"; echo '<img src="' . AT_BASE_HREF . $this->tree_collapse_icon . '" id="tree_icon' . $content['content_id'] . $from . '" alt="' . _AT('collapse') . '" border="0" width="16" height="16" title="' . _AT('collapse') . ' ' . $content['title'] . '" class="img-size-tree" onclick="javascript: ATutor.course.toggleFolder(\'' . $content['content_id'] . $from . '\', \'' . _AT('expand') . '\', \'' . _AT('collapse') . '\', ' . $this->course_id . '); " />' . "\n"; echo '</a>' . "\n"; } } else { if ($on) { echo '<a href="javascript:void(0)" onclick="javascript: ATutor.course.toggleFolder(\'' . $content['content_id'] . $from . '\', \'' . _AT('expand') . '\', \'' . _AT('collapse') . '\', ' . $this->course_id . '); "><img src="' . AT_BASE_HREF . $this->tree_collapse_icon . '" id="tree_icon' . $content['content_id'] . $from . '" alt="' . _AT('collapse') . '" border="0" width="16" height="16" title="' . _AT('collapse') . '" class="img-size-tree" /></a>' . "\n"; } else { echo '<a href="' . $_my_uri . 'expand=' . $content['content_id'] . '">' . "\n"; echo '<img src="' . AT_BASE_HREF . $this->tree_expand_icon . '" id="tree_icon' . $content['content_id'] . $from . '" alt="' . _AT('expand') . '" border="0" width="16" height="16" title="' . _AT('expand') . ' ' . $content['title'] . '" class="img-size-tree" onclick="javascript: ATutor.course.toggleFolder(\'' . $content['content_id'] . $from . '\', \'' . _AT('expand') . '\', \'' . _AT('collapse') . '\', ' . $this->course_id . '); " />'; echo '</a>' . "\n"; } } } else { /* doesn't have children */ if ($counter == $num_items) { for ($i = 0; $i < $depth; $i++) { if ($children[$i] == 1) { echo '<img src="' . AT_BASE_HREF . $this->tree_vertline_icon . '" alt="" border="0" width="16" height="16" class="img-size-tree" />' . "\n"; } else { echo '<img src="' . $_base_path . 'images/clr.gif" alt="" border="0" width="16" height="16" class="img-size-tree" />' . "\n"; } } echo '<img src="' . AT_BASE_HREF . $this->tree_end_icon . '" alt="" border="0" class="img-size-tree" />' . "\n"; } else { for ($i = 0; $i < $depth; $i++) { if ($children[$i] == 1) { echo '<img src="' . AT_BASE_HREF . $this->tree_vertline_icon . '" alt="" border="0" width="16" height="16" class="img-size-tree" />' . "\n"; } else { echo '<img src="' . AT_BASE_HREF . $this->tree_space_icon . '" alt="" border="0" width="16" height="16" class="img-size-tree" />' . "\n"; } } echo '<img src="' . AT_BASE_HREF . $this->tree_split_icon . '" alt="" border="0" width="16" height="16" class="img-size-tree" />' . "\n"; } echo '<img src="' . AT_BASE_HREF . $this->tree_horizontal_icon . '" alt="" border="0" width="16" height="16" class="img-size-tree" />' . "\n"; } echo $link; echo "\n<br /></span>\n\n"; if ($ignore_state || isset($_SESSION['menu'][$content['content_id']]) && $_SESSION['menu'][$content['content_id']] == 1) { $depth++; $this->printMenu($content['content_id'], $depth, $path . $counter . '.', $children, $truncate, $ignore_state, $from); $depth--; } $counter++; } // end of foreach print "</div>\n\n"; } }
?> </span> </div> <?php } else { ?> <div> <a href="profile.php?id=<?php echo $comment_array['member_id']; ?> "><strong><?php echo AT_print(get_display_name($comment_array['member_id']), 'members.full_name'); ?> </a></strong> <?php echo htmlentities_utf8($comment_array['comment'], true); ?> </div> <?php } ?> <div class="comment_actions"> <!-- TODO: if author, add in-line "edit" --> <?php echo AT_date(_AT('forum_date_format'), $comment_array['created_date'], AT_DATE_MYSQL_DATETIME); ?> <?php if ($this->action_permission || $comment_array['member_id'] == $_SESSION['member_id']) { ?> <a href="<?php echo AT_PA_BASENAME . 'delete_comment.php?aid=' . $this->album_info['id'] . SEP . 'comment_id=' . $comment_array['id'];
<br /> <?php $sql = "SELECT * FROM %sglossary WHERE course_id=%d AND word_id<>%d ORDER BY word"; $rows_g = queryDB($sql, array(TABLE_PREFIX, $_SESSION[course_id], $gid)); if (count($rows_g) != 0) { echo '<select name="related_term">'; echo '<option value="0"></option>'; foreach ($rows_g as $row_g) { if ($row_g['word_id'] == $row['word_id']) { continue; } echo '<option value="' . $row_g['word_id'] . '"'; if ($row_g['word_id'] == $row['related_word_id']) { echo ' selected="selected" '; } echo '>' . htmlentities_utf8($row_g['word']) . '</option>'; } echo '</select>'; } else { echo _AT('no_glossary_items'); } ?> </div> <div class="row buttons"> <input type="submit" name="submit" value="<?php echo _AT('save'); ?> " accesskey="s" /> <input type="submit" name="cancel" value="<?php echo _AT('cancel'); ?>
echo _AT('site_name'); ?> </th> <th><?php echo _AT('url'); ?> </th> </tr></thead> <tbody> <?php foreach ($this->websites as $sites) { $is_http = preg_match("/^http/", $sites['url']); if ($is_http == 0) { $sites['url'] = 'http://' . $sites['url']; } echo '<tr><td>' . htmlentities_utf8($sites['site_name']) . '</td>'; echo '<td><a href="' . $sites['url'] . '" target="user_profile_site">' . $sites['url'] . '</a></td></tr>'; } ?> </tbody> </table> </div><br/> <?php } ?> </div> <?php } ?> <?php
function format_text($field) { $this->current_row[$field] = htmlentities_utf8($this->current_row[$field]); }
define('TR_INCLUDE_PATH', '../../../include/'); require AT_INCLUDE_PATH . 'vitals.inc.php'; require_once AT_INCLUDE_PATH . 'classes/AContent_lcl/Utils.php'; require_once 'classes/ResultParser.class.php'; //$default_results_per_page = 25; $default_results_per_page = 20; $browse = intval($browse); if (!isset($_REQUEST["results_per_page"])) { $_REQUEST["results_per_page"] = $default_results_per_page; } if ($_REQUEST['submit'] || isset($_REQUEST['p'])) { // *** // ACC // Add some filter to the input // Convert all applicable characters to HTML entities $_REQUEST['keywords'] = htmlentities_utf8($_REQUEST['keywords']); // Remove all % chars to prevent unnecessary execution of the SQL query $_REQUEST['keywords'] = str_replace('%', '', $_REQUEST['keywords']); // Escapes special characters in a string for use in an SQL statement $_REQUEST['keywords'] = $addslashes($_REQUEST['keywords']); $keywords = trim($_REQUEST['keywords']); //$title = trim($_REQUEST['title']); //$description = trim($_REQUEST['description']); //$author = trim($_REQUEST['author']); $results_per_page = intval(trim($_REQUEST['results_per_page'])); if ($keywords != "") { $page = intval($_REQUEST['p']); if (!$page) { $page = 1; } if ($results_per_page > $default_results_per_page || $results_per_page == 0) {
?> <div title="<?php echo htmlentities_utf8($row['description']); ?> "><?php echo substr(htmlentities_utf8($row['description'], true), 0, 150); if (strlen($row['description']) > 150) { echo "..."; } ?> </div> <?php } else { ?> <div title="<?php echo htmlentities_utf8($row['description']); ?> "> </div> <?php } ?> </td> <td class="hidecol700"> <?php if (is_array($this->cats) && $row['cat_id'] != 0) { ?> <a href="<?php echo $_SERVER['PHP_SELF'] . '?' . $page_string . SEP; ?> category=<?php echo $row['cat_id'];
<div class="category_box"> <input type="checkbox" id="jb_category_<?php echo $category['id']; ?> " name="jb_categories[]" value="<?php echo $category['id']; ?> " <?php echo $this->job_post['categories'] && in_array($category['id'], $this->job_post['categories']) ? 'checked="checked"' : ''; ?> /> <label for="jb_category_<?php echo $category['id']; ?> "><?php echo htmlentities_utf8($category['name']); ?> </label> </div> <?php } } ?> <div style="clear:both;"></div> </div> <div class="row"> <label for="jb_is_public"><?php echo _AT('jb_is_public'); ?> </label> <input type="checkbox" id="jb_is_public" name="jb_is_public" <?php
mysql_query($query); $id = mysql_insert_id(); if ($id != 0) { $ans = array("error" => false, "id" => $id, "values" => array($quantity_js, $article_js)); } else { $ans = array("error" => true, "error_msg" => "Alle Felder ausfüllen."); } echo json_encode($ans); die; } if ($todo == "edit") { $inputs = $_REQUEST['inputs']; $quantity = mysql_real_escape_string($inputs[1]); $article = mysql_real_escape_string($inputs[2]); $article_js = htmlentities_utf8($inputs[2]); $quantity_js = htmlentities_utf8($inputs[1]); $event_id = mysql_real_escape_string($_REQUEST['event_id']); $entry_id = mysql_real_escape_string($_REQUEST['id']); $_camp->event($event_id) || die("error"); $_camp->mat_event($entry_id) || die("error"); $query = "\tUPDATE mat_event\n\t\t\t\t\tSET \n\t\t\t\t\t\t`article_name` = '{$article}',\n\t\t\t\t\t\t`quantity` = '{$quantity}'\n\t\t\t\t\tWHERE\n\t\t\t\t\t\tid = {$entry_id}"; $result = mysql_query($query); if (!mysql_error()) { $ans = array("error" => false, "values" => array("1" => $quantity_js, "2" => $article_js)); echo json_encode($ans); die; } else { $ans = array("error" => true, "error_msg" => "Fehler aufgetreten"); echo json_encode($ans); die; }
echo _AT('jb_website'); ?> </label><br/> <input type="text" name="jb_employer_website" id="jb_employer_website" value="<?php echo htmlentities_utf8($this->website); ?> "/> </div> <div class="row"> <label for="jb_employer_description"><?php echo _AT('jb_company_description'); ?> </label><br/> <textarea id="jb_employer_description" name="jb_employer_description" ><?php echo htmlentities_utf8($this->description); ?> </textarea> </div> <div class="row"> <input type="hidden" name="jb_employer_password_hidden" value="" /> <input class="hidden" name="jb_employer_password_error" /> <input class="button" type="submit" name="submit" value="<?php echo _AT('submit'); ?> " onclick="return encrypt_password();"/> </div> </form> </div>
</ul> </div> --> <!-- the sub navigation and guide --> <div id="sub-menu"> <div class="search_top"> <form target="_top" action="<?php echo TR_BASE_HREF; ?> home/search.php" method="get"> <input type="text" name="search_text" id="search_text_at_header" value="<?php if (isset($_GET['search_text'])) { echo htmlentities_utf8($_GET['search_text'], ENT_QUOTES, 'UTF-8'); } ?> " size="25" /> <?php if (is_array($this->categories)) { // print category dropdown list box ?> <select name="catid"> <option value="" <?php if (!isset($_GET['catid']) || $_GET['catid'] == '') { echo 'selected="selected"'; } ?> ><?php
$msg->addFeedback('CANCELLED'); header('Location: index.php'); exit; } require(AT_INCLUDE_PATH.'header.inc.php'); $_GET['gid'] = intval($_GET['gid']); if ($_GET['gid'] == 0) { $msg->printErrors('ITEM_NOT_FOUND'); require(AT_INCLUDE_PATH.'footer.inc.php'); exit; } $hidden_vars['word'] = $_GET['t']; $hidden_vars['gid'] = $_GET['gid']; $sql = "SELECT * from ".TABLE_PREFIX."glossary WHERE word_id = '$hidden_vars[gid]'"; $result = mysql_query($sql, $db); while ($row = mysql_fetch_assoc($result)){ $title = $row['word']; } $msg->addConfirm(array('DELETE', htmlentities_utf8($title)), $hidden_vars); $msg->addConfirm('GLOSSARY_REMAINS', $hidden_vars); $msg->printConfirm(); require(AT_INCLUDE_PATH.'footer.inc.php'); ?>
<li><a href="<?php echo $this->sub_level_pages_i[$i]['url']; ?> "><?php echo stripslashes(htmlentities_utf8($this->sub_level_pages_i[$i]['title'])); ?> </a></li> <?php } else { ?> <li><a href="<?php echo $this->sub_level_pages_i[$i]['url'] . $fcid; ?> "><?php echo stripslashes(htmlentities_utf8($this->sub_level_pages_i[$i]['title'])); ?> </a></li> <?php } } ?> <?php if ($i < $num_pages - 1) { echo " "; ?> <?php } ?> <?php }
<?php global $addslashes; //escape all strings $company = htmlentities_utf8($this->company); $title = htmlentities_utf8($this->profile_title); $description = htmlentities_utf8($this->description, false); $from = htmlentities_utf8($this->from); $to = htmlentities_utf8($this->to); ?> <script type="text/javascript" src="jscripts/lib/calendar.js"></script> <script type="text/javascript"> <!-- //overwrite calendar dates range settings. scwBaseYear = scwDateNow.getFullYear()-50; scwDropDownYears = 70; --> </script> <div class="headingbox"><h3><?php if ($_GET['id']) { echo _AT('edit_position'); } else { echo _AT('add_new_position'); } ?> </h3></div> <div class="contentbox"> <form method="post" action="<?php echo url_rewrite(AT_SOCIAL_BASENAME . 'edit_profile.php'); ?> ">