function town2xy($name) { global $table, $casen, $zx; $xy = array(); $name = sql_escape_string($name); if (preg_match("/^id:\\d+\$/", $name)) { $id = (int) substr($name, 3); $za2 = sql_fetch_row(sql_query("SELECT x,y FROM {$table} WHERE town_id={$id} LIMIT 1")); } else { $cmp = $casen ? "=" : "LIKE"; $za2 = sql_fetch_row(sql_query("SELECT x,y FROM {$table} WHERE town_name {$cmp} '{$name}' LIMIT 1")); } if ($zx < -256) { $zx = -256; } $xy[0] = $za2['x'] ? $za2['x'] : 0; $xy[1] = $za2['y'] ? $za2['y'] : 0; return $xy; }
function sendFinalEmails($email, $client_key, $final1, $final2, $final3, $final4) { //echo 'final email '.$email.' '.$client_key.'<br>'; //find device email and device type $sql = "call getDeviceInfo(" . sql_escape_string($email, 1) . ");"; echo $sql; $Result = execute_query($mysqli, $sql); if ($Result) { $row = $Result[0]->fetch_assoc(); $device_email = $row['email']; $device = $row['device']; $fname = $row['fname']; $lname = $row['lname']; $gSQL = 'CALL getOrgByKey(' . sql_escape_string($client_key, 1) . ');'; //echo $gSQL; //echo '<br>'; $gResult = execute_query($mysqli, $gSQL); $group_code = $gResult[0]->fetch_array()[0]; //echo $group_code; //echo '<br>'; //send to Socks $sMail = getSocksMailer(); $sMail->Subject = "Litesprite User Completed Onboarding"; $sMail->Body = "client key: " . $client_key . "<br>\n\t\t\t\t\t\tgroup: " . $group_code . "<br>\n\t\t\t\t\t\tCodes and Instructions have been sent to: " . $email . "<br> \n\t\t\t\t\t\tDevice: " . ($device == 'A' ? 'Android' : 'iOS') . "<br> \n\t\t\t\t\t\tDevice email: " . $device_email . "<br>\n\t\t\t\t\t\tLast name: " . $lname . "<br>\n\t\t\t\t\t\tFirst name:" . $fname; //echo $sMail->Body; //echo '<br>'; $sMail->AddAddress("*****@*****.**"); sendMail($sMail); //send to User $uMail = getSocksMailer(); $uMail->Subject = "Litesprite Beta Sign-Up Completed!"; $uMail->AddEmbeddedImage('../images/paw.png', 'paw'); $uMail->Body = $final1 . $group_code . $final2 . $client_key . $final3 . $device_email . $final4; //echo $uMail->Body; $uMail->AddAddress($email); sendMail($uMail); } }
require_once "include/config.inc.php"; require_once 'include/mysqli.inc.php'; require_once "include/utils.inc.php"; require_once 'include/header.php'; require_once 'include/footer.php'; if (isset($_SESSION['user_key']) == false || strlen($_SESSION['user_key']) < 1) { header('Location: /login'); } if (strlen($args[1]) < 1) { $survey_id = 1; } else { $survey_id = $args[1]; } //Validate the user $sql = "CALL rptSurveySummary(" . sql_escape_string($survey_id, 0) . ");"; //echo $sql.'<br/>'; $Result = execute_query($mysqli, $sql); if ($Result) { while ($row = $Result[0]->fetch_assoc()) { $countm = $row['countm']; $countf = $row['countf']; $countm10 = $row['countm10']; $countm20 = $row['countm20']; $countm30 = $row['countm30']; $countm40 = $row['countm40']; $countm50 = $row['countm50']; $countm60 = $row['countm60']; $countm70 = $row['countm70']; $countm80 = $row['countm80']; $countm90 = $row['countm90'];
require_once "include/config.inc.php"; require_once 'include/mysqli.inc.php'; require_once "include/utils.inc.php"; require_once 'include/header.php'; require_once 'include/footer.php'; if (isset($_SESSION['user_key']) == false || strlen($_SESSION['user_key']) < 1) { header('Location: /login'); } if (strlen($args[1]) > 0) { $OrgID = $args[1]; } else { $OrgID = 2; } //Validate the user $sql = 'CALL td_journal_by_org(' . sql_escape_string($OrgID, 0) . ');'; //echo $sql.'<br/>'; $Result = execute_query($mysqli, $sql); if ($Result) { while ($row = $Result[0]->fetch_assoc()) { $organization = $row['organization']; $client_key = $row['client_key']; $anxiety_id = $row['anxiety_id']; $client_id = $row['client_id']; $device_id = $row['device_id']; $session_id = $row['session_id']; $anxiety_type = $row['anxiety_type']; $journal_other_text = $row['journal_other_text']; $anxiety_rating = $row['anxiety_rating']; $anxiety_manageable = $row['anxiety_manageable']; $anxiety_description = $row['anxiety_description'];
\t\t\t\t\t</tr> \t\t\t\t{$phq_data} \t\t\t\t</table> \t\t\t</div> \t\t\t<div class="reportlegend"> \t\t\t\t<table width="400px"> \t\t\t\t\t<tr> \t\t\t\t\t\t<th colspan="1">LEGEND</th> \t\t\t\t\t</tr> \t\t\t\t\t<tr>\t\t\t\t\t\t \t\t\t\t\t\t<td colspan="1">Lower score is better.</td> \t\t\t\t\t</tr> \t\t\t\t</table> \t\t\t</div> EOD; $sql = "CALL rptpssbyUser(" . sql_escape_string($client_key, 1) . ");"; //echo $sql.'<br/>'; $Result = execute_query($mysqli, $sql); $i = 1; if ($Result) { while ($row = $Result[0]->fetch_assoc()) { $survey[$i] = $row['survey']; $survey_id[$i] = $row['survey_id']; $client_key = $row['client_key']; $array1[$i] = $row['pss1']; $array2[$i] = $row['pss2']; $array3[$i] = $row['pss3']; $array4[$i] = $row['pss4']; $array5[$i] = $row['pss5']; $array6[$i] = $row['pss6']; $array7[$i] = $row['pss7'];
/** * this function create a copy of a question and return the corresponding id * * @return int return the id of the new question if success else return false * * @access public * @author Fabio Pirovano (fabio@docebo.com) */ function copy($new_id_poll, $back_poll = NULL) { //retriving question list($sel_cat, $quest, $sequence, $page) = sql_fetch_row(sql_query("\r\n\t\tSELECT id_category, title_quest, sequence, page\r\n\t\tFROM " . $GLOBALS['prefix_lms'] . "_pollquest\r\n\t\tWHERE id_quest = '" . (int) $this->id . "'")); //insert question $ins_query = "\r\n\t\tINSERT INTO " . $GLOBALS['prefix_lms'] . "_pollquest\r\n\t\t( id_poll, id_category, type_quest, title_quest, sequence, page ) VALUES\r\n\t\t( \t'" . (int) $new_id_poll . "',\r\n\t\t\t'" . (int) $sel_cat . "',\r\n\t\t\t'" . $this->getQuestionType() . "',\r\n\t\t\t'" . sql_escape_string($quest) . "',\r\n\t\t\t'" . (int) $sequence . "',\r\n\t\t\t'" . (int) $page . "' ) "; if (!sql_query($ins_query)) { return false; } //find id of auto_increment colum list($new_id_quest) = sql_fetch_row(sql_query("SELECT LAST_INSERT_ID()")); if (!$new_id_quest) { return false; } //retriving new answer $re_answer = sql_query("\r\n\t\tSELECT answer, sequence\r\n\t\tFROM " . $GLOBALS['prefix_lms'] . "_pollquestanswer\r\n\t\tWHERE id_quest = '" . (int) $this->id . "'\r\n\t\tORDER BY id_answer"); while (list($answer, $sequence) = sql_fetch_row($re_answer)) { //insert answer $ins_answer_query = "\r\n\t\t\tINSERT INTO " . $GLOBALS['prefix_lms'] . "_pollquestanswer\r\n\t\t\t( id_quest, answer, sequence ) VALUES\r\n\t\t\t( \t'" . $new_id_quest . "',\r\n\t\t\t\t'" . sql_escape_string($answer) . "',\r\n\t\t\t\t'" . $sequence . "' ) "; if (!sql_query($ins_answer_query)) { return false; } } return $new_id_quest; }
} } if ($hasresults) { $q1[$phq1] = 'checked'; $q2[$phq2] = 'checked'; $q3[$phq3] = 'checked'; $q4[$phq4] = 'checked'; $q5[$phq5] = 'checked'; $q6[$phq6] = 'checked'; $q7[$phq7] = 'checked'; $q8[$phq8] = 'checked'; $q9[$phq9] = 'checked'; $q10[$phq10] = 'checked'; } $hasresults = false; $sql = "call getClientSurveyGAD(" . sql_escape_string($_SESSION['client_survey_header_id'], 0) . ", " . sql_escape_string($_SESSION['client_id'], 1) . ");"; $Result = execute_query($mysqli, $sql); if ($Result) { $rowcount = 0; while ($row = $Result[0]->fetch_assoc()) { $hasresults = true; $gad1 = $row['gad1']; $gad2 = $row['gad2']; $gad3 = $row['gad3']; $gad4 = $row['gad4']; $gad5 = $row['gad5']; $gad6 = $row['gad6']; $gad7 = $row['gad7']; } } if ($hasresults) {
<?php require_once '../../include/config.inc.php'; require_once '../../include/mysqli.inc.php'; require_once '../../include/utils.inc.php'; header('Content-Type: application/json'); $json = "["; $sql = ''; if (isset($_REQUEST['id'])) { $sql = 'CALL rptAnxiety(' . sql_escape_string($_REQUEST['id'], 1) . ');'; } else { $sql = 'CALL rptAnxietyOverview();'; } $Result = execute_query($mysqli, $sql); if ($Result) { $row = $Result[0]->fetch_assoc(); $json .= '{'; $json .= '"type": "' . $row['anxiety_type'] . '", '; $json .= '"rating": ' . $row['anxiety_rating'] . ','; $json .= '"manageable": ' . $row['anxiety_manageable'] . ', '; $json .= '"created": "' . $row['anxiety_added'] . '"'; $json .= '}'; while ($row = $Result[0]->fetch_assoc()) { $json .= ', {'; $json .= '"type": "' . $row['anxiety_type'] . '", '; $json .= '"rating": ' . $row['anxiety_rating'] . ','; $json .= '"manageable": ' . $row['anxiety_manageable'] . ', '; $json .= '"created": "' . $row['anxiety_added'] . '"'; $json .= '}'; } }
public function dupcourse() { if (!$this->permissions['add']) { $output = array('success' => false, 'message' => $this->_getMessage("no permission")); echo $this->json->encode($output); return; } //TO DO: make it a sqltransaction if possible if (isset($_POST['confirm'])) { $id_dupcourse = Get::req('id_course', DOTY_INT, 0); $id_orgs = array(); $array_new_testobject = array(); // read the old course info $query_sel = "SELECT * FROM %lms_course WHERE idCourse = '" . $id_dupcourse . "' "; $result_sel = sql_query($query_sel); $list_sel = sql_fetch_array($result_sel); foreach ($list_sel as $k => $v) { $list_sel[$k] = sql_escape_string($v); } $new_course_dup = 0; $new_file_array = array(); if ($list_sel['imgSponsor'] != '') { $new_name_array = explode('_', str_replace('course_sponsor_logo_', '', $list_sel['imgSponsor'])); $filename = 'course_sponsor_logo_' . mt_rand(0, 100) . '_' . time() . '_' . str_replace('course_sponsor_logo_' . $new_name_array[0] . '_' . $new_name_array[1] . '_', '', $list_sel['imgSponsor']); $new_file_array[0]['old'] = $list_sel['imgSponsor']; $new_file_array[0]['new'] = $filename; $list_sel['imgSponsor'] = $filename; } if ($list_sel['img_course'] != '') { $new_name_array = explode('_', str_replace('course_logo_', '', $list_sel['img_course'])); $filename = 'course_logo_' . mt_rand(0, 100) . '_' . time() . '_' . str_replace('course_logo_' . $new_name_array[0] . '_' . $new_name_array[1] . '_', '', $list_sel['img_course']); $new_file_array[1]['old'] = $list_sel['img_course']; $new_file_array[1]['new'] = $filename; $list_sel['img_course'] = $filename; } if ($list_sel['img_material'] != '') { $new_name_array = explode('_', str_replace('course_user_material_', '', $list_sel['img_material'])); $filename = 'course_user_material_' . mt_rand(0, 100) . '_' . time() . '_' . str_replace('course_user_material_' . $new_name_array[0] . '_' . $new_name_array[1] . '_', '', $list_sel['img_material']); $new_file_array[2]['old'] = $list_sel['img_material']; $new_file_array[2]['new'] = $filename; $list_sel['img_material'] = $filename; } if ($list_sel['img_othermaterial'] != '') { $new_name_array = explode('_', str_replace('course_otheruser_material_', '', $list_sel['img_othermaterial'])); $filename = 'course_otheruser_material_' . mt_rand(0, 100) . '_' . time() . '_' . str_replace('course_otheruser_material_' . $new_name_array[0] . '_' . $new_name_array[1] . '_', '', $list_sel['img_othermaterial']); $new_file_array[3]['old'] = $list_sel['img_othermaterial']; $new_file_array[3]['new'] = $filename; $list_sel['img_othermaterial'] = $filename; } if ($list_sel['course_demo'] != '') { $new_name_array = explode('_', str_replace('course_demo_', '', $list_sel['course_demo'])); $filename = 'course_demo_' . mt_rand(0, 100) . '_' . time() . '_' . str_replace('course_demo_' . $new_name_array[0] . '_' . $new_name_array[1] . '_', '', $list_sel['course_demo']); $new_file_array[4]['old'] = $list_sel['course_demo']; $new_file_array[4]['new'] = $filename; $list_sel['course_demo'] = $filename; } // duplicate the entry of learning_course $query_ins = "INSERT INTO %lms_course\n\t\t\t\t( idCategory, code, name, description, lang_code, status, level_show_user,\n\t\t\t\tsubscribe_method, linkSponsor, imgSponsor, img_course, img_material, img_othermaterial,\n\t\t\t\tcourse_demo, mediumTime, permCloseLO, userStatusOp, difficult, show_progress, show_time, show_extra_info,\n\t\t\t\tshow_rules, valid_time, max_num_subscribe, min_num_subscribe,\n\t\t\t\tmax_sms_budget, selling, prize, course_type, policy_point, point_to_all, course_edition, classrooms, certificates,\n\t\t\t\tcreate_date, security_code, imported_from_connection, course_quota, used_space, course_vote, allow_overbooking, can_subscribe,\n\t\t\t\tsub_start_date, sub_end_date, advance, show_who_online, direct_play, autoregistration_code, use_logo_in_courselist )\n\t\t\t\tVALUES\n\t\t\t\t( '" . $list_sel['idCategory'] . "', '" . $list_sel['code'] . "', '" . "Copia di " . $list_sel['name'] . "', '" . $list_sel['description'] . "', '" . $list_sel['lang_code'] . "', '" . $list_sel['status'] . "', '" . $list_sel['level_show_user'] . "',\n\t\t\t\t'" . $list_sel['subscribe_method'] . "', '" . $list_sel['linkSponsor'] . "', '" . $list_sel['imgSponsor'] . "', '" . $list_sel['img_course'] . "', '" . $list_sel['img_material'] . "', '" . $list_sel['img_othermaterial'] . "',\n\t\t\t\t'" . $list_sel['course_demo'] . "', '" . $list_sel['mediumTime'] . "', '" . $list_sel['permCloseLO'] . "', '" . $list_sel['userStatusOp'] . "', '" . $list_sel['difficult'] . "', '" . $list_sel['show_progress'] . "', '" . $list_sel['show_time'] . "', '" . $list_sel['show_extra_info'] . "',\n\t\t\t\t'" . $list_sel['show_rules'] . "', '" . $list_sel['valid_time'] . "', '" . $list_sel['max_num_subscribe'] . "', '" . $list_sel['min_num_subscribe'] . "',\n\t\t\t\t'" . $list_sel['max_sms_budget'] . "', '" . $list_sel['selling'] . "', '" . $list_sel['prize'] . "', '" . $list_sel['course_type'] . "', '" . $list_sel['policy_point'] . "', '" . $list_sel['point_to_all'] . "', '" . $list_sel['course_edition'] . "', '" . $list_sel['classrooms'] . "', '" . $list_sel['certificates'] . "',\n\t\t\t\t'" . date('Y-m-d H:i:s') . "', '" . $list_sel['security_code'] . "', '" . $list_sel['imported_from_connection'] . "', '" . $list_sel['course_quota'] . "', '" . $list_sel['used_space'] . "', '" . $list_sel['course_vote'] . "', '" . $list_sel['allow_overbooking'] . "', '" . $list_sel['can_subscribe'] . "',\n\t\t\t\t'" . $list_sel['sub_start_date'] . "', '" . $list_sel['sub_end_date'] . "', '" . $list_sel['advance'] . "', '" . $list_sel['show_who_online'] . "', '" . $list_sel['direct_play'] . "', '" . $list_sel['autoregistration_code'] . "', '" . $list_sel['use_logo_in_courselist'] . "' )"; $result_ins = sql_query($query_ins); if (!$result_ins) { ob_clean(); ob_start(); echo $this->json->encode(array('success' => false)); die; } // the id of the new course created $new_id_course = $new_course_dup = sql_insert_id(); //Create the new course file if (isset($_POST['image'])) { $path = Get::sett('pathcourse'); $path = '/appLms/' . Get::sett('pathcourse') . (substr($path, -1) != '/' && substr($path, -1) != '\\' ? '/' : ''); require_once _base_ . '/lib/lib.upload.php'; sl_open_fileoperations(); foreach ($new_file_array as $file_info) { sl_copy($path . $file_info['old'], $path . $file_info['new']); } sl_close_fileoperations(); } //--- copy menu data ----------------------------------------------------- // copy the old course menu into the new one $query_selmen = "SELECT * FROM %lms_menucourse_main WHERE idCourse = '" . $id_dupcourse . "' "; $result_selmen = sql_query($query_selmen); while ($list_selmen = sql_fetch_array($result_selmen)) { $query_dupmen = "INSERT INTO %lms_menucourse_main " . " (idCourse, sequence, name, image) " . " VALUES " . " ( '" . $new_course_dup . "', '" . $list_selmen['sequence'] . "', '" . $list_selmen['name'] . "', '" . $list_selmen['image'] . "' )"; $result_dupmen = sql_query($query_dupmen); $array_seq[$list_selmen['idMain']] = sql_insert_id(); } $query_insert_list = array(); $query_selmenun = "SELECT * FROM %lms_menucourse_under WHERE idCourse = '" . $id_dupcourse . "' "; $result_selmenun = sql_query($query_selmenun); while ($new_org = sql_fetch_array($result_selmenun)) { $valore_idn = $new_org['idMain']; $_idMain = $array_seq[$valore_idn]; $query_insert_list[] = "('" . $_idMain . "', '" . $new_course_dup . "', '" . $new_org['sequence'] . "', '" . $new_org['idModule'] . "', '" . $new_org['my_name'] . "')"; } $result_dupmen = true; if (!empty($query_insert_list)) { $query_dupmen = "INSERT INTO %lms_menucourse_under\n\t\t\t\t\t(idMain, idCourse, sequence, idModule, my_name)\n\t\t\t\t\tVALUES " . implode(",", $query_insert_list); $result_dupmen = sql_query($query_dupmen); } //--- end menu ----------------------------------------------------------- function &getCourseLevelSt($id_course) { $map = array(); $levels = CourseLevel::getLevels(); // find all the group created for this menu custom for permission management foreach ($levels as $lv => $name_level) { $group_info = Docebo::aclm()->getGroup(FALSE, '/lms/course/' . $id_course . '/subscribed/' . $lv); $map[$lv] = $group_info[ACL_INFO_IDST]; } return $map; } function funAccess($functionname, $mode, $returnValue = false, $custom_mod_name = false) { return true; } require_once _lms_ . '/lib/lib.course.php'; require_once _lms_ . '/lib/lib.manmenu.php'; require_once _lms_ . '/lib/lib.subscribe.php'; $docebo_course = new DoceboCourse($id_dupcourse); $subscribe_man = new CourseSubscribe_Manager(); $group_idst =& $docebo_course->createCourseLevel($new_course_dup); $group_of_from =& $docebo_course->getCourseLevel($id_dupcourse); $perm_form =& createPermForCoursebis($group_of_from, $new_course_dup, $id_dupcourse); $levels = $subscribe_man->getUserLevel(); foreach ($levels as $lv => $name_level) { foreach ($perm_form[$lv] as $idrole => $v) { if ($group_idst[$lv] != 0 && $idrole != 0) { Docebo::aclm()->addToRole($idrole, $group_idst[$lv]); } } } if (isset($_POST['certificate'])) { // duplicate the certificate assigned $query_insert_list = array(); $query_selmenun = "SELECT * FROM %lms_certificate_course WHERE id_course = '" . $id_dupcourse . "' "; $result_selmenun = sql_query($query_selmenun); while ($new_org = sql_fetch_assoc($result_selmenun)) { $query_insert_list[] = "('" . $new_org['id_certificate'] . "', '" . $new_course_dup . "', \n\t\t\t\t\t\t'" . $new_org['available_for_status'] . "', '" . $new_org['point_required'] . "' )"; } $result_dupmen = true; if (!empty($query_insert_list)) { $query_dupmen = "INSERT INTO %lms_certificate_course\n\t\t\t\t\t\t(id_certificate, id_course, available_for_status, point_required)\n\t\t\t\t\t\tVALUES " . implode(",", $query_insert_list); $result_dupmen = sql_query($query_dupmen); } } require_once _lms_ . '/modules/organization/orglib.php'; require_once _lms_ . '/lib/lib.param.php'; require_once _lms_ . '/class.module/track.object.php'; require_once _lms_ . '/class.module/learning.object.php'; $nullVal = NULL; $id_orgs = array(); $map_org = array(); if (isset($_POST['lo'])) { $org_map = array(); $id_orgs = array(); $prereq_map = array(); // retrive all the folders and object, the order by grant that folder are created before the elements contained in them $query = "SELECT * FROM %lms_organization WHERE idCourse = " . (int) $id_dupcourse . " ORDER BY path ASC"; $source_res = sql_query($query); // Go trough all the entry of learning_organization while ($source = sql_fetch_object($source_res)) { // check if LO id is checked if (in_array($source->idOrg, $_POST['lo_list'])) { // if it's an object we must make a copy, if it's a folder we can create a row // inside learning_orgation and save the id for later use if ($source->objectType == '') { // is a folder // create a new row in learning_organization $query_new_org = "INSERT INTO %lms_organization (\n\t\t\t\t\t\t\t\tidParent,\n\t\t\t\t\t\t\t\tpath, lev, title,\n\t\t\t\t\t\t\t\tobjectType, idResource, idCategory, idUser,\n\t\t\t\t\t\t\t\tidAuthor, version, difficult, description,\n\t\t\t\t\t\t\t\tlanguage, resource, objective, dateInsert,\n\t\t\t\t\t\t\t\tidCourse, prerequisites, isTerminator, idParam,\n\t\t\t\t\t\t\t\tvisible, milestone)\n\t\t\t\t\t\t\t\tVALUES\n\t\t\t\t\t\t\t\t('" . (isset($id_orgs[$source->idParent]) ? $id_orgs[$source->idParent] : 0) . "',\n\t\t\t\t\t\t\t\t'" . $source->path . "', '" . $source->lev . "', '" . sql_escape_string($source->title) . "',\n\t\t\t\t\t\t\t\t'" . $source->objectType . "', '" . $source->idResource . "', '" . $source->idCategory . "', '" . $source->idUser . "',\n\t\t\t\t\t\t\t\t'" . $source->idAuthor . "', '" . $source->version . "', '" . $source->difficult . "', '" . sql_escape_string($source->description) . "',\n\t\t\t\t\t\t\t\t'" . $source->language . "', '" . $source->resource . "', '" . $source->objective . "', '" . $source->dateInsert . "',\n\t\t\t\t\t\t\t\t'" . $new_id_course . "', '" . $source->prerequisites . "', '" . $source->isTerminator . "', '" . $source->idParam . "',\n\t\t\t\t\t\t\t\t'" . $source->visible . "', '" . $source->milestone . "')"; $re_new_org = sql_query($query_new_org); $new_id_reference = sql_insert_id(); // map for later use $org_map['folder'][$source->idOrg] = $new_id_reference; } else { // is an object // make a copy $lo = $this->_createLO($source->objectType); $new_id_resource = $lo->copy($source->idResource); // create a new row in learning_organization $query_new_org = "INSERT INTO %lms_organization (\n\t\t\t\t\t\t\t\tidParent, path, lev, title,\n\t\t\t\t\t\t\t\tobjectType, idResource, idCategory, idUser,\n\t\t\t\t\t\t\t\tidAuthor, version, difficult, description,\n\t\t\t\t\t\t\t\tlanguage, resource, objective, dateInsert,\n\t\t\t\t\t\t\t\tidCourse, prerequisites, isTerminator, idParam,\n\t\t\t\t\t\t\t\tvisible, milestone)\n\t\t\t\t\t\t\t\tVALUES\n\t\t\t\t\t\t\t\t('" . (isset($id_orgs[$source->idParent]) ? $id_orgs[$source->idParent] : 0) . "',\n\t\t\t\t\t\t\t\t'" . $source->path . "', '" . $source->lev . "', '" . sql_escape_string($source->title) . "',\n\t\t\t\t\t\t\t\t'" . $source->objectType . "', '" . $new_id_resource . "', '" . $source->idCategory . "', '" . $source->idUser . "',\n\t\t\t\t\t\t\t\t'" . $source->idAuthor . "', '" . $source->version . "', '" . $source->difficult . "', '" . sql_escape_string($source->description) . "',\n\t\t\t\t\t\t\t\t'" . $source->language . "', '" . $source->resource . "', '" . $source->objective . "', '" . $source->dateInsert . "',\n\t\t\t\t\t\t\t\t'" . $new_id_course . "', '" . $source->prerequisites . "', '" . $source->isTerminator . "', '0',\n\t\t\t\t\t\t\t\t'" . $source->visible . "', '" . $source->milestone . "')"; $re_new_org = sql_query($query_new_org); $new_id_reference = sql_insert_id(); // for a learning_object we have to create a row in lo_param as well // with 4.1 or 4.2 we plan to remove this table, but until then we need this $query_lo_par = "INSERT INTO %lms_lo_param (param_name, param_value) VALUES ('idReference', '" . $new_id_reference . "') "; $result_lo_par = sql_query($query_lo_par); $id_lo_par = sql_insert_id(); $query_up_lo = "UPDATE %lms_lo_param SET idParam = '" . $id_lo_par . "' WHERE id = '" . $id_lo_par . "' "; $result_up_lo = sql_query($query_up_lo); $query_up_or = "UPDATE %lms_organization SET idParam = '" . $id_lo_par . "' WHERE idOrg = '" . $new_id_reference . "' "; $result_up_or = sql_query($query_up_or); // map for later use $org_map[$source->objectType][$source->idResource] = $new_id_resource; } // create a map for the olds and new idReferences $id_orgs[$source->idOrg] = $new_id_reference; if ($source->prerequisites != '') { $prereq_map[$new_id_reference] = $source->prerequisites; } } } // updates prerequisites foreach ($prereq_map as $new_id_reference => $old_prerequisites) { $new_prerequisites = array(); $old_prerequisites = explode(",", $old_prerequisites); foreach ($old_prerequisites as $old_p) { //a prerequisite can be a pure number or something like 7=NULL, or 7=incomplete $old_id = intval($old_p); if (isset($id_orgs[$old_id])) { $new_prerequisites[] = str_replace($old_id, $id_orgs[$old_id], $old_p); } } if (!empty($new_prerequisites)) { $query_updcor = "UPDATE %lms_organization " . "SET prerequisites = '" . implode(",", $new_prerequisites) . "' " . "WHERE idOrg = " . $new_id_reference . " "; $result_upcor = sql_query($query_updcor); } } //--- copy forum data -------------------------------------------------- $query_insert_list = array(); $query_selmenun = "SELECT * FROM %lms_forum WHERE idCourse = '" . $id_dupcourse . "' "; $result_selmenun = sql_query($query_selmenun); while ($new_org = sql_fetch_assoc($result_selmenun)) { $query_insert_list[] = "('" . $new_course_dup . "', '" . sql_escape_string($new_org['title']) . "', '" . sql_escape_string($new_org['description']) . "',\n\t\t\t\t\t\t'" . $new_org['locked'] . "', '" . $new_org['sequence'] . "', '" . $new_org['emoticons'] . "')"; } $result_dupmen = true; if (!empty($query_insert_list)) { $query_dupmen = "INSERT INTO %lms_forum\n\t\t\t\t\t\t(idCourse, title, description, locked, sequence, emoticons)\n\t\t\t\t\t\tVALUES " . implode(",", $query_insert_list); $result_dupmen = sql_query($query_dupmen); } //--- end forum -------------------------------------------------------- //--- copy coursereports data ------------------------------------------ //create a conversion table for tests and scoitems coursereports $array_organization = array('test' => array(), 'scoitem' => array()); $arr_items_flat = array('test' => array(), 'scoitem' => array()); $query_org = "SELECT source_of, id_source\n\t\t\t\t\tFROM %lms_coursereport WHERE id_course = '" . $id_dupcourse . "'\n\t\t\t\t\tAND source_of IN ('test', 'scoitem')"; $res_org = sql_query($query_org); while (list($source_of, $id_source) = sql_fetch_row($res_org)) { switch ($source_of) { case 'scoitem': $arr_items_flat['scoitem'][] = $id_source; break; } } if (!empty($arr_items_flat['scoitem'])) { //retrieve idOrgs of scoitems' scormorgs $arr_old_idorg = array(); $arr_old_ident = array(); $query = "SELECT o.idOrg, o.idResource, s.idscorm_item, s.item_identifier\n\t\t\t\t\t\tFROM %lms_organization AS o\n\t\t\t\t\t\tJOIN %lms_scorm_items AS s\n\t\t\t\t\t\tON (o.idResource = s.idscorm_organization)\n\t\t\t\t\t\tWHERE s.idscorm_item IN (" . implode(",", $arr_items_flat['scoitem']) . ")\n\t\t\t\t\t\tAND o.objectType = 'scormorg'"; $res = sql_query($query); while (list($idOrg, $idResource, $idscorm_item, $item_identifier) = sql_fetch_row($res)) { $arr_old_idorg[] = $idOrg; $arr_old_ident[$idOrg . '/' . $item_identifier] = $idscorm_item; } if (!empty($arr_old_idorg)) { $arr_new_idorg = array(); foreach ($arr_old_idorg as $idOrg) { $arr_new_idorg[] = $id_orgs[$idOrg]; } $query = "SELECT o.idOrg, o.idResource, s.idscorm_item, s.item_identifier\n\t\t\t\t\t\t\tFROM %lms_organization AS o\n\t\t\t\t\t\t\tJOIN %lms_scorm_items AS s\n\t\t\t\t\t\t\tON (o.idResource = s.idscorm_organization)\n\t\t\t\t\t\t\tWHERE o.idOrg IN (" . implode(",", $arr_new_idorg) . ")\n\t\t\t\t\t\t\tAND o.objectType = 'scormorg'"; $res = sql_query($query); $new_to_old = array_flip($id_orgs); while (list($idOrg, $idResource, $idscorm_item, $item_identifier) = sql_fetch_row($res)) { $_key = $new_to_old[$idOrg] . '/' . $item_identifier; if (array_key_exists($_key, $arr_old_ident)) { $_index = $arr_old_ident[$_key]; $array_organization['scoitem'][$_index] = $idscorm_item; } } } } $query_insert_list = array(); $query_selmenun = "SELECT * FROM %lms_coursereport WHERE id_course = '" . $id_dupcourse . "' "; $result_selmenun = sql_query($query_selmenun); while ($new_org = sql_fetch_array($result_selmenun)) { $id_source_val = 0; switch ($new_org['source_of']) { case 'test': $id_source_val = !isset($org_map['test'][$new_org['id_source']]) ? 0 : $org_map['test'][$new_org['id_source']]; break; case 'scoitem': $id_source_val = !isset($array_organization['scoitem'][$new_org['id_source']]) || $array_organization['scoitem'][$new_org['id_source']] == "" ? 0 : $array_organization['scoitem'][$new_org['id_source']]; break; } $query_insert_list[] = "('" . $new_course_dup . "', '" . sql_escape_string($new_org['title']) . "', '" . $new_org['max_score'] . "',\n\t\t\t\t\t\t'" . $new_org['required_score'] . "', '" . $new_org['weight'] . "', '" . $new_org['show_to_user'] . "',\n\t\t\t\t\t\t'" . $new_org['use_for_final'] . "', '" . $new_org['sequence'] . "', '" . $new_org['source_of'] . "',\n\t\t\t\t\t\t'" . $id_source_val . "')"; } $result_dupman = true; if (!empty($query_insert_list)) { $query_dupmen = "INSERT INTO %lms_coursereport\n\t\t\t\t\t\t(id_course,title,max_score,required_score,weight,show_to_user,use_for_final,sequence,source_of,id_source)\n\t\t\t\t\t\tVALUES " . implode(",", $query_insert_list); $result_dupmen = sql_query($query_dupmen); } //--- end coursereports ------------------------------------------------ //--- copy htmlfront data ---------------------------------------------- $query_insert_list = array(); $query_selmenun = "SELECT * FROM %lms_htmlfront WHERE id_course = '" . $id_dupcourse . "' "; $result_selmenun = sql_query($query_selmenun); while ($new_org = sql_fetch_array($result_selmenun)) { $query_insert_list[] = "('" . $new_course_dup . "', '" . sql_escape_string($new_org['textof']) . "')"; } $result_dupmen = true; if (!empty($query_insert_list)) { $query_dupmen = "INSERT INTO %lms_htmlfront\n\t\t\t\t\t\t(id_course, textof)\n\t\t\t\t\t\tVALUES " . implode(",", $query_insert_list); $result_dupmen = sql_query($query_dupmen); } //--- end htmlfront ---------------------------------------------------- } if (isset($_POST['advice'])) { $query = "SELECT * FROM %lms_advice WHERE idCourse = " . (int) $id_dupcourse; $result = sql_query($query); if (sql_num_rows($result) > 0) { $query_insert_list = array(); $array_sub = array(); $array_replace = array(); foreach ($id_orgs as $id_old_obj => $id_new_obj) { $array_sub[] = 'id_org=' . $id_old_obj; $array_replace[] = 'id_org=' . $id_new_obj; //convert direct links to LOs. TO DO: make sure you are changing only the correct link urls $array_sub[] = 'id_item=' . $id_old_obj; $array_replace[] = 'id_item=' . $id_new_obj; } while ($row = sql_fetch_assoc($result)) { $new_description = !empty($id_orgs) ? str_replace($array_sub, $array_replace, $row['description']) : $row['description']; $query_insert_list[] = "(NULL, " . (int) $new_course_dup . ", '" . $row['posted'] . "', " . (int) $row['author'] . ", '" . $row['title'] . "', '" . $new_description . "', " . (int) $row['important'] . ")"; } if (!empty($query_insert_list)) { $query = "INSERT INTO %lms_advice\n\t\t\t\t\t\t\t(idAdvice, idCourse, posted, author, title, description, important)\n\t\t\t\t\t\t\tVALUES " . implode(",", $query_insert_list); sql_query($query); } } } ob_clean(); echo $this->json->encode(array('success' => true)); } }
<body> <div class="header container"> <div class="title"> <img class="logo" src="../images/litesprite.png"/> <div class="titletext">Litesprite Sign-Up</div> </div> </div> <div class="wrapper container"> <br> <p style="font-weight:bold;color:#447a2d;">This information has also been sent to your email if you wish to complete the sign-up form or survey at a later date.</p> <?php echo '<p>Hello!</p> <p> Thank you for volunteering to be a beta tester for our game, Sinasprite, that helps people manage stress, anxiety, and depression! To get started please: </p>'; $sql = 'call getIfOnboardedKey(' . sql_escape_string($client_key, 1) . ');'; $Result = execute_query($mysqli, $sql); //&& $row = $Res[0]->fetch_array(MYSQL_NUM) && trim($Res[0]->$row[0],"'") == $client_key if ($Result && strlen($Result[0]->fetch_array()[0]) > 1) { echo '<p style="color:green;"><img style="vertical-align:bottom;" src="../images/check.png" width="30" height="30"> Sign-up and Survey Competed</p>'; } else { echo '<p> <button class="btn btn-success link-same" href="http://test.litesprite.com/signup/index.php?key=' . $client_key . '&">Complete the Sign Up and Survey</button></p>'; } echo ' <p> After you\'ve completed the process above, we will send you unique access codes. </p> <p> These <a class="link" href="https://litesprite.com/info/faq.php">FAQs</a> tell you how and why we are doing this Beta.
<?php require_once "database.php"; if ($_GET["mode"] == "servers") { $country = sql_escape_string($_GET["country"]); $result = sql_query("SELECT * FROM servers WHERE country='{$country}' AND visible=True ORDER BY num"); while ($row = sql_fetch_row($result)) { print $row["name"] . "," . ($row["population"] > 1000) . "\n"; } }
<?php require_once "../include/config.inc.php"; require_once "../include/mysqli.inc.php"; require_once "../include/utils.inc.php"; session_start(); if (!isset($_REQUEST['key'])) { header("Location: https://litesprite.com"); } $_SESSION['client_key'] = $_REQUEST['key']; $client_key = $_REQUEST['key']; $email = ""; if (isset($_SESSION['email']) && strlen($_SESSION['email']) > 1) { $email = $_SESSION['email']; } else { $sql = "SELECT player_email_address from litesprite.players as p where client_key =" . sql_escape_string($client_key, 1) . " ;"; $Result = execute_query($mysqli, $sql); if ($Result && ($row = $Result[0]->fetch_array())) { $email = $row[0]; } } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <head> <meta http-equiv="content-type" content="text/html; charset=utf-8" /> <meta name="description" content="" /> <meta name="keywords" content="" /> <meta name="author" content="Litesprite" /> <link rel="stylesheet" type="text/css" href="../css/bootstrap.min.css">
require_once 'include/mysqli.inc.php'; require_once "include/utils.inc.php"; require_once 'include/header.php'; require_once 'include/footer.php'; // echo isset($_SESSION['user_key'])."<br/>"; // echo strlen($_SESSION['user_key'])."<br/>"; if (isset($_SESSION['user_key']) == false || strlen($_SESSION['user_key']) < 1) { header('Location: /login'); } if (strlen($args[1]) < 1) { $client_key = 'null'; } else { $client_key = $args[1]; } //Validate the user $sql = "CALL rptBaselinebyUser(" . sql_escape_string($client_key, 1) . ");"; //echo $sql.'<br/>'; $Result = execute_query($mysqli, $sql); if ($Result) { while ($row = $Result[0]->fetch_assoc()) { $survey = $row['survey']; $survey_id = $row['client_survey_baseline_id']; $client_key = $row['client_key']; $client_age = $row['client_age']; $client_gender = $row['client_gender']; $baseline1 = $row['baseline1']; $baseline2 = $row['baseline2']; $baseline2a = $row['baseline2a']; $baseline3 = $row['baseline3']; $baseline4 = $row['baseline4']; switch ($row['baseline4a']) {
case 'pmph': $sql = "update client_survey_pmph set " . str_replace("'", "''", $_REQUEST['question']) . " = " . sql_escape_string($_REQUEST['value'], 1) . " where client_id = " . sql_escape_string($_SESSION['client_id'], 1) . " and client_survey_header_id = " . sql_escape_string($_SESSION['client_survey_header_id'], 0) . ";"; break; case 'phq': $sql = "update client_survey_phq set " . str_replace("'", "''", $_REQUEST['question']) . " = " . sql_escape_string($_REQUEST['value'], 1) . " where client_id = " . sql_escape_string($_SESSION['client_id'], 1) . " and client_survey_header_id = " . sql_escape_string($_SESSION['client_survey_header_id'], 0) . ";"; break; case 'gad': $sql = "update client_survey_gad set " . str_replace("'", "''", $_REQUEST['question']) . " = " . sql_escape_string($_REQUEST['value'], 1) . " where client_id = " . sql_escape_string($_SESSION['client_id'], 1) . " and client_survey_header_id = " . sql_escape_string($_SESSION['client_survey_header_id'], 0) . ";"; break; case 'cse': $sql = "update client_survey_cse set " . str_replace("'", "''", $_REQUEST['question']) . " = " . sql_escape_string($_REQUEST['value'], 1) . " where client_id = " . sql_escape_string($_SESSION['client_id'], 1) . " and client_survey_header_id = " . sql_escape_string($_SESSION['client_survey_header_id'], 0) . ";"; break; case 'lsq': $sql = "update client_survey_lsq set " . str_replace("'", "''", $_REQUEST['question']) . " = " . sql_escape_string($_REQUEST['value'], 1) . " where client_id = " . sql_escape_string($_SESSION['client_id'], 1) . " and client_survey_header_id = " . sql_escape_string($_SESSION['client_survey_header_id'], 0) . ";"; break; case 'pss': $sql = "update client_survey_pss set " . str_replace("'", "''", $_REQUEST['question']) . " = " . sql_escape_string($_REQUEST['value'], 1) . " where client_id = " . sql_escape_string($_SESSION['client_id'], 1) . " and client_survey_header_id = " . sql_escape_string($_SESSION['client_survey_header_id'], 0) . ";"; break; } if (strlen($sql) < 1) { exit; } else { echo $sql; } $Result = execute_query($mysqli, $sql); if ($Result) { $rowcount = 0; while ($row = $Result[0]->fetch_assoc()) { $hasresults = 1; } }
// echo $key; // echo ": " . $value; // echo "<br/>"; // } if ($_SERVER['REQUEST_METHOD'] == "POST" && isset($_POST['bf_login'])) { if (strlen($_POST['log']) < 1) { $logerr = "fielderror"; } if (strlen($_POST['pwd']) < 1) { $pwderr = "fielderror"; } } if (isset($_POST['log']) && isset($_POST['pwd'])) { //posted data : yes $dblogin = sql_escape_string(strtolower($_POST['log']), 1); $dbpassword = sql_escape_string(hash('sha256', doubleSalt($_POST['pwd'], $dblogin)), 1); //Validate the user $sql = "CALL ValidateUser(" . $dblogin . ", " . $dbpassword . ", '" . getRealIpAddr() . "');"; //echo $sql.'<br/>'; $Result = execute_query($mysqli, $sql); if ($Result) { while ($row = $Result[0]->fetch_assoc()) { $validemail = 1; } while ($row[1] = $Result[1]->fetch_assoc()) { $_SESSION['user_id'] = $row[1]['user_id']; $_SESSION['user_key'] = $row[1]['user_key']; $_SESSION['company_id'] = $row[1]['company_id']; $_SESSION['organization_id'] = $row[1]['organization_id']; $_SESSION['organization_name'] = $row[1]['organization_name']; $_SESSION['user_email_address'] = $row[1]['user_email_address'];
$sql = "call insert_ls_emailjoin(" . sql_escape_string($emailaddress, 1) . ", " . sql_escape_string($ipaddress, 1) . ", " . sql_escape_string($user_agent, 1) . ");"; //echo $sql; $Result = execute_query($mysqli, $sql); if ($Result) { $rowcount = 0; while ($row = $Result[0]->fetch_assoc()) { $t_emailjoin_id = $row['t_emailjoin_id']; } $getKey = "call createAndGetClientKey();"; $keyResult = execute_query($mysqli, $getKey); if ($keyResult) { $client_key = $keyResult[0]->fetch_array(MYSQLI_NUM)[0]; $_SESSION['client_key'] = $client_key; $_SESSION['clientkey'] = $client_key; } $addPlayer = "call setPlayerInfo(" . sql_escape_string($_SESSION['client_key'], 1) . ", " . "'TEST User'" . "," . "' ' , ' ', " . sql_escape_string($_SESSION['email'], 1) . ", 0" . " );"; //echo $addPlayer; $Result = execute_query($mysqli, $addPlayer); if ($Result) { $mail = getSocksMailer(); //$mail->AddAddress("*****@*****.**"); $mail->AddAddress($emailaddress); $mail->Subject = "Socks has a new friend!"; $mail->AddEmbeddedImage('../images/paw.png', 'paw'); $mail->Body = $intro1 . $client_key . $intro2; $mail->WordWrap = 80; if (!$mail->Send()) { $MMessage = "Confirmation Message was not sent"; // $MMessage = "Mailer Error: " . $mail->ErrorInfo; //echo $MMessage. "<br/>"; } else {
function sendFinalEmails($email, $client_key, $final1, $final2, $final3) { //echo "<br>final: ".$email; //GET CLIENT KEY //find device email and device type $sql = "call getDeviceInfo(" . sql_escape_string($email, 1) . ")"; $Result = execute_query($mysqli, $sql); if ($Result) { $row = $Result[0]->fetch_assoc(); $device_email = $row['email']; $device = $row['device']; $fname = $row['fname']; $lname = $row['lname']; //send to Socks $sMail = getSocksMailer(); $sMail->Subject = "Litesprite User Completed Onboarding"; $sMail->Body = "client key: " . $client_key . "<br>\n\t\t\t\t\t\tCodes and Instructions have been sent to: " . $email . "<br> \n\t\t\t\t\t\tDevice: " . ($device == 'A' ? 'Android' : 'iOS') . "<br> \n\t\t\t\t\t\tDevice email: " . $device_email . "<br>\n\t\t\t\t\t\tLast name: " . $lname . "<br>\n\t\t\t\t\t\tFirst name:" . $fname; $sMail->AddAddress("*****@*****.**"); sendMail($sMail); //send to User $uMail = getSocksMailer(); $uMail->Subject = "Litesprite Beta Sign-Up Completed!"; $uMail->AddEmbeddedImage('../images/paw.png', 'paw'); $uMail->Body = $final1 . $client_key . $final2 . $device_email . $final3; $uMail->AddAddress($email); sendMail($uMail); } }
<?php require_once "../include/config.inc.php"; require_once '../include/mysqli.inc.php'; require_once "../include/utils.inc.php"; require_once '../include/header.php'; require_once '../include/footer.php'; if (isset($_SESSION['user_key']) == false || strlen($_SESSION['user_key']) < 1) { header('Location: /login'); } if (isset($_SESSION['company_id']) == true && $_SESSION['company_id'] == 1 && (isset($_SESSION['user_role_id']) && ($_SESSION['user_role_id'] == 0 || $_SESSION['user_role_id'] == 1))) { if (isset($_REQUEST['email'])) { $dblogin = sql_escape_string(strtolower($_POST['email']), 1); $dbpassword = sql_escape_string(hash('sha256', doubleSalt($_POST['password'], $dblogin)), 1); $sql = "call createReportUser(" . sql_escape_string($_REQUEST['org'], 0) . ',' . $dblogin . ',' . sql_escape_string($_REQUEST['fname'], 1) . ',' . sql_escape_string($_REQUEST['lname'], 1) . ',' . $dbpassword . ',' . sql_escape_string($_REQUEST['role'], 0) . ");"; //echo $sql; execute_query($mysqli, $sql); } else { echo 'error'; } } header('location: /manageusers');
$sqldump .= "--\n"; $sqldump .= "-- Table structure for table \"" . $TableNames[$renee_s] . "\"\n"; $sqldump .= "--\n\n"; $sqldump .= $FullTable[$renee_s] . "\n"; while ($kazuki_p < $numz) { $tnumz = $numz - 1; $srow = null; $srowvalue = null; $trownew = $trow[$kazuki_p]; $trowname = array_keys($trownew); $nums = count($trownew); $il = 0; while ($il < $nums) { $tnums = $nums - 1; $trowrname = sql_escape_string($trowname[$il], $SQLStat); $trowrvalue = sql_escape_string($trownew[$trowrname], $SQLStat); if ($_GET['outtype'] == "UTF-8" && $Settings['charset'] != "UTF-8") { $trowrvalue = utf8_encode($trowrvalue); } $trowrvalue = str_replace(array("\n", "\r"), array('\\n', '\\r'), $trowrvalue); /*if($kazuki_p===0) {*/ if ($il === 0) { $srow = "INSERT INTO \"" . $TableNames[$renee_s] . "\" ("; } if ($il < $tnums && $il != $tnums) { $srow .= "\"" . $trowrname . "\", "; } if ($il == $tnums) { $srow .= "\"" . $trowrname . "\") VALUES"; } /*}*/
case 1: //password reset //if the passwords are long enough and they match $pass1 = isset($_REQUEST["password1"]) ? $_REQUEST["password1"] : ''; // Pass1 $pass2 = isset($_REQUEST["password2"]) ? $_REQUEST["password2"] : ''; // Pass2 $dblogin = isset($_REQUEST["action_user_email_address"]) ? $_REQUEST["action_user_email_address"] : ''; // login $action_code = isset($_REQUEST["action_code"]) ? $_REQUEST["action_code"] : ''; // Action code $action_user_key = isset($_REQUEST["action_user_key"]) ? $_REQUEST["action_user_key"] : ''; // Action user $dblogin = sql_escape_string(strtolower($dblogin), 1); $pass1 = sql_escape_string(hash(sha256, doubleSalt($pass1, $dblogin)), 1); $pass2 = sql_escape_string(hash(sha256, doubleSalt($pass2, $dblogin)), 1); if (strlen($action_code) == 36 && strlen($pass1) > 0 && strlen($pass2) > 0 && $pass1 == $pass2) { $sql = "CALL PasswordResetAction(" . $action_type_id . ", '" . $action_user_key . "', '" . $action_code . "', " . $pass1 . ", " . $pass2 . " );"; //echo $sql; $Result = execute_query($mysqli, $sql); if ($Result) { while ($row = $Result[0]->fetch_assoc()) { $_SESSION['user_email_address'] = $row['user_email_address']; $_SESSION['user_first_name'] = $row['user_first_name']; $_SESSION['user_last_name'] = $row['user_last_name']; $_SESSION['user_id'] = $row['user_id']; $_SESSION['user_key'] = $row['user_key']; $_SESSION['user_role_id'] = $row['user_role_id']; $validated = 1; } } else {
require_once "include/config.inc.php"; require_once 'include/mysqli.inc.php'; require_once "include/utils.inc.php"; require_once 'include/header.php'; require_once 'include/footer.php'; if (isset($_SESSION['user_key']) == false || strlen($_SESSION['user_key']) < 1) { header('Location: /login'); } if (strlen($args[1]) > 0) { $OrgID = $args[1]; } else { $OrgID = 2; } //Validate the user $sql = 'CALL td_meditation_by_org(' . sql_escape_string($OrgID, 0) . ');'; //echo $sql.'<br/>'; $Result = execute_query($mysqli, $sql); if ($Result) { while ($row = $Result[0]->fetch_assoc()) { $organization = $row['organization']; $client_key = $row['client_key']; $meditation_id = $row['meditation_id']; $client_id = $row['client_id']; $device_id = $row['device_id']; $session_id = $row['session_id']; $meditation_selected = $row['meditation_selected']; $meditation_completed = $row['meditation_completed']; $meditation_lat = $row['meditation_lat']; $meditation_long = $row['meditation_long']; $meditation_mandala = $row['meditation_mandala'];
require_once "include/config.inc.php"; require_once 'include/mysqli.inc.php'; require_once "include/utils.inc.php"; require_once 'include/header.php'; require_once 'include/footer.php'; if (isset($_SESSION['user_key']) == false || strlen($_SESSION['user_key']) < 1) { header('Location: /login'); } if (strlen($args[1]) > 0) { $OrgID = $args[1]; } else { $OrgID = 2; } //Validate the user $sql = 'CALL td_questions_by_org(' . sql_escape_string($OrgID, 0) . ');'; //echo $sql.'<br/>'; $Result = execute_query($mysqli, $sql); if ($Result) { while ($row = $Result[0]->fetch_assoc()) { $organization = $row['organization']; $client_key = $row['client_key']; $question_id = $row['question_id']; $client_id = $row['client_id']; $device_id = $row['device_id']; $session_id = $row['session_id']; $oracle_question_id = $row['oracle_question_id']; $question = $row['question']; $question_text = $row['question_text']; $oracle_question_option_id = $row['oracle_question_option_id']; $question_response = $row['question_response'];
require_once 'include/mysqli.inc.php'; require_once "include/utils.inc.php"; require_once 'include/header.php'; require_once 'include/footer.php'; // echo isset($_SESSION['user_key'])."<br/>"; // echo strlen($_SESSION['user_key'])."<br/>"; if (isset($_SESSION['user_key']) == false || strlen($_SESSION['user_key']) < 1) { header('Location: /login'); } if (strlen($args[1]) < 1) { $survey_id = 1; } else { $survey_id = $args[1]; } //Validate the user $sql = "CALL rptBASELINEbySurvey(" . sql_escape_string($survey_id, 0) . ");"; //echo $sql.'<br/>'; $Result = execute_query($mysqli, $sql); if ($Result) { while ($row = $Result[0]->fetch_assoc()) { $survey = $row['survey']; $client_key = $row['client_key']; $baseline5 = $row['baseline5']; if ($baseline5 == 0) { $baseline5 = ""; } if ($baseline5 == 16) { $baseline5 = "16+"; } $report_data .= <<<EOD \t<tr>
function escape($string) { return sql_escape_string($string); }
// echo strlen($_SESSION['user_key'])."<br/>"; if (isset($_SESSION['user_key']) == false || strlen($_SESSION['user_key']) < 1) { header('Location: /login'); } if (strlen($args[1]) > 0) { $OrgID = $args[1]; } else { $OrgID = 2; } if (strlen($args[2]) > 0) { $client_key = $args[2]; } else { $client_key = ""; } //Validate the user $sql = 'CALL rptActLogByOrgID(' . sql_escape_string($OrgID, 0) . ', ' . sql_escape_string($client_key, 1) . ');'; //echo $sql.'<br/>'; $Result = execute_query($mysqli, $sql); if ($Result) { while ($row = $Result[0]->fetch_assoc()) { $date = $row['date']; $client_key = $row['client_key']; $countnew = $row['countnew']; $countlog = $row['countlog']; $countmm = $row['countmm']; $countjc = $row['countjc']; $countjcadd = $row['countjcadd']; $countjcdel = $row['countjcdel']; $countme = $row['countme']; $countpa = $row['countpa']; $countga = $row['countga'];
require_once "include/config.inc.php"; require_once 'include/mysqli.inc.php'; require_once "include/utils.inc.php"; require_once 'include/header.php'; require_once 'include/footer.php'; if (isset($_SESSION['user_key']) == false || strlen($_SESSION['user_key']) < 1) { header('Location: /login'); } if (strlen($args[1]) > 0) { $OrgID = $args[1]; } else { $OrgID = 2; } //Validate the user $sql = 'CALL td_activity_log_by_org(' . sql_escape_string($OrgID, 0) . ');'; //echo $sql.'<br/>'; $Result = execute_query($mysqli, $sql); if ($Result) { while ($row = $Result[0]->fetch_assoc()) { $organization = $row['organization']; $client_key = $row['client_key']; $activity_id = $row['activity_id']; $client_id = $row['client_id']; $device_id = $row['device_id']; $session_id = $row['session_id']; $activity_code = $row['activity_code']; $activity_lat = $row['activity_lat']; $activity_long = $row['activity_long']; $activity_timestamp = $row['activity_timestamp']; $activity_timezone = $row['activity_timezone'];
//require_once("include/config.inc.php"); require_once "../include/config.survey.php"; require_once 'include/mysqli.inc.php'; require_once "../include/utils.inc.php"; require_once './include/header.php'; //include './include/debug.php'; $error = null; if (isset($_SESSION['error'])) { $error = $_SESSION['error']; } if (strlen($_REQUEST['key']) > 0) { $_SESSION['clientkey'] = $_REQUEST['key']; $_SESSION['client_key'] = $_REQUEST['key']; //echo $_SESSION['client_key']; } $sql = "call ValidateClientKey(" . sql_escape_string($_SESSION['clientkey'], 1) . ");"; //echo $sql; $Result = execute_query($mysqli, $sql); if ($Result) { $rowcount = 0; while ($row = $Result[0]->fetch_assoc()) { $_SESSION['client_key'] = $row['client_key']; //echo "client_key:".$_SESSION['client_key']; } } if (strlen($_REQUEST['survey']) > 0) { $_SESSION['survey_id'] = $_REQUEST['survey']; } else { $_SESSION['survey_id'] = 1; } if ($_SESSION['survey_id'] > 1) {
function write_sql($in, $out_file, $options = array()) { if (!isset($options["escape_backslash"])) { $options["escape_backslash"] = true; } if (!isset($options["offset"])) { $options["offset"] = "0"; } $escape_backslash = $options["escape_backslash"]; $offset = $options["offset"] + 0; $force = $options["force"]; // データベーススキーマを収集する。 $schema = array(); while (($line = fgets($in)) !== false) { // "# ワークシート名"はワークシートの先頭行を示す。 if (substr($line, 0, 1) != "#") { continue; } $table = trim(substr($line, 1)); $records = array(); $row = 0; while (($record = fgetcsv($in, 65536, ",", '"')) !== FALSE) { // 空行はワークシートの最終行を示す。 if ($record == array('')) { break; } $tag = array_shift($record); $record = array_slice($record, $offset); $num_cols = count($record); for ($i = 0; $i < $num_cols; $i++) { $record[$i] = sql_escape_string($record[$i], $escape_backslash); } switch ($tag) { case "fields": $fields = $record; break; case "types": $types = $record; break; case "params": $params = $record; break; case "titles": $titles = $record; break; case "record": $records[] = $record; break; default: $contents = implode(",", $record); fputs(STDERR, "Warning: Unkown tag[{$tag}]. {$contents}\n"); return; } $row += 1; } $schema[$table] = ["fields" => $fields, "types" => $types, "params" => $params, "titles" => $titles, "records" => $records, "num_cols" => $num_cols, "options" => $options]; } // テンプレートのあるディレクトリと出力ディレクトリを決める。 $template_dirs = array(); $template_dirs[] = "./sql_templates/"; $template_dirs[] = dirname(__FILE__) . "/sql_templates/"; $instance_dirs = array(); $instance_dirs[] = "./sql_output/"; $template_dir = ""; foreach ($template_dirs as $dir) { if (file_exists($dir)) { $template_dir = $dir; break; } } if ($template_dir == "") { fputs(STDERR, "Error: Template directory does not exist.\n"); return; } $instance_dir = ""; foreach ($instance_dirs as $dir) { if (file_exists($dir)) { $instance_dir = $dir; break; } } if ($instance_dir == "") { if (mkdir("./sql_output/", 0700)) { $instance_dir = "./sql_output/"; } else { fputs(STDERR, "Error: Output directory does not exist.\n"); return; } } // コードを生成する。 foreach ($schema as $focused) { $in_dir = $template_dir; $out_dir = "{$instance_dir}/"; if (!file_exists($out_dir)) { mkdir($out_dir); } $in_ext = "sql"; $out_ext = "sql"; $templates = preg_grep("/^\\w+\\.{$in_ext}\$/", scandir($template_dir)); foreach ($templates as $template) { $filename = pathinfo($template, PATHINFO_FILENAME); $in_file = "{$in_dir}/{$filename}.{$in_ext}"; $out_file = "{$out_dir}/{$filename}.{$out_ext}"; $ans = render_sql(file_get_contents($in_file), ["schema" => $schema], $focused); if (file_exists($out_file) && !$force) { fputs(STDERR, "Error: Already [{$out_file}] exists. Use -f option to override.\n"); return; } file_put_contents($out_file, $ans); } } return; }
require_once 'include/mysqli.inc.php'; require_once "include/utils.inc.php"; require_once 'include/header.php'; require_once 'include/footer.php'; // echo isset($_SESSION['user_key'])."<br/>"; // echo strlen($_SESSION['user_key'])."<br/>"; if (isset($_SESSION['user_key']) == false || strlen($_SESSION['user_key']) < 1) { header('Location: /login'); } if (strlen($args[1]) < 1) { $survey_id = 1; } else { $survey_id = $args[1]; } //Validate the user $sql = "CALL rptPMPHbySurvey(" . sql_escape_string($survey_id, 0) . ");"; //echo $sql.'<br/>'; $Result = execute_query($mysqli, $sql); if ($Result) { while ($row = $Result[0]->fetch_assoc()) { //$survey = $row['survey']; // $survey_id = $row['client_survey_baseline_id']; $client_key = $row['client_key']; $pmph2a = eval2($row['pmph2a']); $pmph2b = eval2($row['pmph2b']); $pmph2c = eval2($row['pmph2c']); $pmph2d = eval2($row['pmph2d']); $pmph2e = eval2($row['pmph2e']); $pmph2f = eval2($row['pmph2f']); $pmph2g = eval2($row['pmph2g']); $pmph2h = eval2($row['pmph2h']);
function getDescendantsId($folder) { $fields = $this->_getArrBaseFields($this->table); $query = "SELECT " . $this->_getDISTINCT() . $fields['id'] . " FROM " . $this->table . $this->_getOtherTables() . $this->_outJoinFilter($this->table) . " WHERE ((path LIKE '" . ($folder->id == 0 ? "" : sql_escape_string($folder->path)) . "/%')" . " AND (" . $fields['id'] . " != '" . $folder->id . "') " . $this->_getFilter($this->table) . ") ORDER BY " . $this->_getOrderBy($this->table); $rs = $this->_executeQuery($query) or die(sql_error() . " [ {$query} ]"); // or $this->_printSQLError( 'getChildrensById' ); if (sql_num_rows($rs) === 0) { return FALSE; } else { $result = array(); while (list($id) = sql_fetch_row($rs)) { $result[] = $id; } } return $result; }