示例#1
0
function helppageurl($ocpage)
{
    global $opt;
    $help_locale = $opt['template']['locale'];
    $helppage = sql_value("SELECT `helppage` FROM `helppages`\n\t                        WHERE `ocpage`='&1' AND `language`='&2'", "", $ocpage, $help_locale);
    if ($helppage == "") {
        $helppage = sql_value("SELECT `helppage` FROM `helppages`\n\t\t                        WHERE `ocpage`='&1' AND `language`='*'", "", $ocpage);
    }
    if ($helppage == "") {
        $helppage = sql_value("SELECT `helppage` FROM `helppages`\n\t\t                        WHERE `ocpage`='&1' AND `language`='&2'", "", $ocpage, $opt['template']['default']['fallback_locale']);
        if ($helppage != "") {
            $help_locale = $opt['template']['default']['fallback_locale'];
        }
    }
    if ($helppage == "" && isset($opt['locale'][$opt['template']['locale']]['help'][$ocpage])) {
        $helppage = $opt['locale'][$opt['template']['locale']]['help'][$ocpage];
    }
    if (substr($helppage, 0, 1) == "!") {
        substr($helppage, 1);
    } else {
        if ($helppage != "" && isset($opt['locale'][$help_locale]['helpwiki'])) {
            return $opt['locale'][$help_locale]['helpwiki'] . str_replace(' ', '_', $helppage);
        } else {
            return "";
        }
    }
}
示例#2
0
function CheckThrottle()
{
    global $opt, $tpl;
    $ip_string = $_SERVER['REMOTE_ADDR'];
    $ip_blocks = mb_split('\\.', $ip_string);
    $ip_numeric = $ip_blocks[3] + $ip_blocks[2] * 256 + $ip_blocks[1] * 65536 + $ip_blocks[0] * 16777216;
    sql('CREATE TABLE IF NOT EXISTS &tmpdb.`sys_accesslog`
        (`id` INT UNSIGNED NOT NULL AUTO_INCREMENT PRIMARY KEY, `ip` INT UNSIGNED NOT NULL,
         `access_time` TIMESTAMP NOT NULL, INDEX (`access_time`), INDEX (`ip`)) ENGINE = MEMORY');
    $rsStaus = sql("SHOW STATUS LIKE 'Threads_connected'");
    $rStatus = sql_fetch_array($rsStaus);
    sql_free_result($rsStaus);
    if ($rStatus) {
        if ($rStatus[1] > $opt['db']['throttle_connection_count']) {
            $access_count = sql_value("SELECT COUNT(*) FROM &tmpdb.`sys_accesslog` WHERE ip ='&1'", 0, $ip_numeric);
            if ($access_count > $opt['db']['throttle_access_count']) {
                $tpl->error(ERROR_THROOTLE);
            }
        }
    }
    // remove old entries every 100st call
    if (mt_rand(0, 100) == 50) {
        sql("DELETE FROM &tmpdb.`sys_accesslog` WHERE `access_time`<CURRENT_TIMESTAMP()-'&2'", $ip_numeric, $opt['db']['throttle_access_time']);
    }
    sql("INSERT INTO &tmpdb.`sys_accesslog` (`ip`, `access_time`) VALUES ('&1', CURRENT_TIMESTAMP())", $ip_numeric);
}
示例#3
0
文件: search.php 项目: EMRL/approval
function showApproval($result)
{
    $approval = sql_value("SELECT approval_status AS value FROM resource WHERE ref = {$result['ref']}", FALSE);
    $approval_form_id = sql_value("SELECT ref AS value FROM resource_type_field WHERE name = 'approval_form'", FALSE);
    if (!$approval_form_id) {
        return;
    }
    $approval_form = TidyList(get_data_by_field($result['ref'], $approval_form_id));
    if (empty($approval) and strpos($approval_form, 'Yes') !== FALSE) {
        $approval = 'waiting';
    }
    if ($approval) {
        switch ($approval) {
            case 'waiting':
                $title = 'Awaiting Approval';
                break;
            case 'minor':
                $title = 'Minor Changes Needed';
                break;
            case 'major':
                $title = 'Major Changes Needed';
                break;
            case 'approved':
                $title = 'Approved';
                break;
        }
        echo '<span class="rps-approval rps-approval-' . $approval . '" title="' . $title . '"></span>';
    }
}
 public function run()
 {
     // cleanup XML session data
     sql_temp_table('tmpsessiondata');
     sql('CREATE TEMPORARY TABLE &tmpsessiondata ENGINE=MEMORY
          SELECT DISTINCT `xmlsession_data`.`session_id` FROM `xmlsession_data`
          LEFT JOIN `xmlsession` ON `xmlsession`.`id`=`xmlsession_data`.`session_id`
          WHERE `xmlsession`.`id` IS NULL');
     $count = sql_value('SELECT COUNT(*) FROM `xmlsession_data`
          WHERE `session_id` IN (SELECT `session_id` FROM &tmpsessiondata)', 0);
     if ($count) {
         sql("DELETE FROM `xmlsession_data`\n                 WHERE `session_id` IN (SELECT `session_id` FROM &tmpsessiondata)");
         echo 'orphan_cleanup: dropped ' . $count . " record(s) from xmlsession_data\n";
     }
     sql_drop_temp_table('tmpsessiondata');
     // cleanup map data
     sql_temp_table('tmpsessiondata');
     sql('CREATE TEMPORARY TABLE &tmpsessiondata ENGINE=MEMORY
          SELECT DISTINCT `map2_data`.`result_id` FROM `map2_data`
          LEFT JOIN `map2_result` ON `map2_result`.`result_id`=`map2_data`.`result_id`
          WHERE `map2_result`.`result_id` IS NULL');
     $count = sql_value("SELECT COUNT(*) FROM `map2_data`\n             WHERE `result_id` IN (SELECT `result_id` FROM &tmpsessiondata)", 0);
     if ($count) {
         sql("DELETE FROM `map2_data`\n                 WHERE `result_id` IN (SELECT `result_id` FROM &tmpsessiondata)");
         echo 'orphan_cleanup: dropped ' . $count . " record(s) from map2_data\n";
     }
     sql_drop_temp_table('tmpsessiondata');
 }
 function cleanup_mapresult2($slaveId)
 {
     global $opt;
     // cleanup old entries
     $rs = sql("SELECT SQL_BUFFER_RESULT `result_id` FROM `map2_result` WHERE DATE_ADD(`date_created`, INTERVAL '&1' SECOND)<NOW()", $opt['map']['maxcacheage']);
     while ($r = sql_fetch_assoc($rs)) {
         sql("DELETE FROM `map2_result` WHERE `result_id`='&1'", $r['result_id']);
     }
     sql_free_result($rs);
     // now reduce table size? (29 bytes is the average row size)
     if (sql_value_slave("SELECT COUNT(*) FROM `map2_data`", 0) > $opt['map']['maxcachesize'] / 29) {
         while (sql_value_slave("SELECT COUNT(*) FROM `map2_data`", 0) > $opt['map']['maxcachereducedsize'] / 29) {
             $resultId = sql_value("SELECT `result_id` FROM `map2_result` WHERE `slave_id`='&1' ORDER BY `date_lastqueried` DESC LIMIT 1", 0, $slaveId);
             if ($resultId == 0) {
                 return;
             }
             sql("DELETE FROM `map2_result` WHERE `result_id`='&1'", $resultId);
         }
     }
     $nMinId = sql_value("SELECT MIN(`result_id`) FROM `map2_result`", 0);
     if ($nMinId == 0) {
         sql("DELETE FROM `map2_data`");
     } else {
         sql("DELETE FROM `map2_data` WHERE `result_id`<'&1'", $nMinId);
     }
 }
示例#6
0
 public function userMayModify($cacheid)
 {
     global $login;
     $login->verify();
     $cacheOwner = sql_value("SELECT `user_id` FROM `caches` WHERE `cache_id`=&1", -1, $cacheid);
     return $cacheOwner == $login->userid;
 }
function HookAction_datesPagestoolscron_copy_hitcountAddplugincronjob()
{
    global $lang, $action_dates_restrictfield, $action_dates_deletefield, $resource_deletion_state, $action_dates_reallydelete, $action_dates_email_admin_days, $email_notify, $email_from, $applicationname;
    $allowable_fields = sql_array("select ref as value from resource_type_field where type in (4,6,10)");
    # Check that this is a valid date field to use
    if (in_array($action_dates_restrictfield, $allowable_fields)) {
        $restrict_resources = sql_query("select resource, value from resource_data where resource_type_field = '{$action_dates_restrictfield}'");
        $emailrefs = array();
        foreach ($restrict_resources as $resource) {
            $ref = $resource["resource"];
            if ($action_dates_email_admin_days != "") {
                $action_dates_email_admin_seconds = intval($action_dates_email_admin_days) * 60 * 60 * 24;
                if (time() >= strtotime($resource["value"]) - $action_dates_email_admin_seconds && time() <= strtotime($resource["value"]) - $action_dates_email_admin_seconds + 86400) {
                    $emailrefs[] = $ref;
                }
            }
            if (time() >= strtotime($resource["value"])) {
                # Restrict access to the resource as date has been reached
                $existing_access = sql_value("select access as value from resource where ref='{$ref}'", "");
                if ($existing_access == 0) {
                    echo "restricting resource " . $ref . "\r\n";
                    sql_query("update resource set access=1 where ref='{$ref}'");
                    resource_log($ref, 'a', '', $lang['action_dates_restrict_logtext'], $existing_access, 1);
                }
            }
        }
        if (count($emailrefs) > 0) {
            global $baseurl;
            # Send email as the date is within the specified number of days
            $subject = $lang['action_dates_email_subject'];
            $message = str_replace("%%DAYS", $action_dates_email_admin_days, $lang['action_dates_email_text']) . "\r\n";
            $message .= $baseurl . "?r=" . implode("\r\n" . $baseurl . "?r=", $emailrefs) . "\r\n";
            $templatevars['message'] = $message;
            echo "Sending email to " . $email_notify . "\r\n";
            send_mail($email_notify, $subject, $message, $applicationname, $email_from, "emailexpiredresources", $templatevars, $applicationname);
        }
    }
    if (in_array($action_dates_deletefield, $allowable_fields)) {
        $delete_resources = sql_query("select resource, value from resource_data where resource_type_field = '{$action_dates_deletefield}'");
        foreach ($delete_resources as $resource) {
            $ref = $resource["resource"];
            if (time() >= strtotime($resource["value"])) {
                # Delete the resource as date has been reached
                echo "deleting resource " . $ref . "\r\n";
                if ($action_dates_reallydelete) {
                    delete_resource($ref);
                } else {
                    if (!isset($resource_deletion_state)) {
                        $resource_deletion_state = 3;
                    }
                    sql_query("update resource set archive='" . $resource_deletion_state . "' where ref='" . $ref . "'");
                }
                # Remove the resource from any collections
                sql_query("delete from collection_resource where resource='{$ref}'");
                resource_log($ref, 'x', '', $lang['action_dates_delete_logtext']);
            }
        }
    }
}
/**
 * Deactivate a named plugin.
 *
 * Blanks the inst_version field in the plugins database, which has the effect
 * of deactivating the plugin while maintaining any configuration that is stored
 * in the database.
 *
 * @param string $name Name of plugin to be deativated.
 * @return bool Returns true if plugin is deactivated.
 * @see activate_plugin
 */
function deactivate_plugin($name)
{
    $inst_version = sql_value("SELECT inst_version as value FROM plugins WHERE name='{$name}'", '');
    if ($inst_version >= 0) {
        # Remove the version field. Leaving the rest of the plugin information.  This allows for a config column to remain (future).
        sql_query("UPDATE plugins set inst_version=NULL WHERE name='{$name}'");
    }
}
 function run()
 {
     global $opt;
     $rsCache = sql("SELECT `caches`.`cache_id`, `caches`.`latitude`, `caches`.`longitude` FROM `caches` LEFT JOIN `cache_location` ON `caches`.`cache_id`=`cache_location`.`cache_id` WHERE ISNULL(`cache_location`.`cache_id`) UNION SELECT `caches`.`cache_id`, `caches`.`latitude`, `caches`.`longitude` FROM `caches` INNER JOIN `cache_location` ON `caches`.`cache_id`=`cache_location`.`cache_id` WHERE `caches`.`last_modified`>`cache_location`.`last_modified`");
     while ($rCache = sql_fetch_assoc($rsCache)) {
         $sCode = '';
         $rsLayers = sql("SELECT `level`, `code`, AsText(`shape`) AS `geometry` FROM `nuts_layer` WHERE WITHIN(GeomFromText('&1'), `shape`) ORDER BY `level` DESC", 'POINT(' . $rCache['longitude'] . ' ' . $rCache['latitude'] . ')');
         while ($rLayers = sql_fetch_assoc($rsLayers)) {
             if (gis::ptInLineRing($rLayers['geometry'], 'POINT(' . $rCache['longitude'] . ' ' . $rCache['latitude'] . ')')) {
                 $sCode = $rLayers['code'];
                 break;
             }
         }
         sql_free_result($rsLayers);
         if ($sCode != '') {
             $adm1 = null;
             $code1 = null;
             $adm2 = null;
             $code2 = null;
             $adm3 = null;
             $code3 = null;
             $adm4 = null;
             $code4 = null;
             if (mb_strlen($sCode) > 5) {
                 $sCode = mb_substr($sCode, 0, 5);
             }
             if (mb_strlen($sCode) == 5) {
                 $code4 = $sCode;
                 $adm4 = sql_value("SELECT `name` FROM `nuts_codes` WHERE `code`='&1'", null, $sCode);
                 $sCode = mb_substr($sCode, 0, 4);
             }
             if (mb_strlen($sCode) == 4) {
                 $code3 = $sCode;
                 $adm3 = sql_value("SELECT `name` FROM `nuts_codes` WHERE `code`='&1'", null, $sCode);
                 $sCode = mb_substr($sCode, 0, 3);
             }
             if (mb_strlen($sCode) == 3) {
                 $code2 = $sCode;
                 $adm2 = sql_value("SELECT `name` FROM `nuts_codes` WHERE `code`='&1'", null, $sCode);
                 $sCode = mb_substr($sCode, 0, 2);
             }
             if (mb_strlen($sCode) == 2) {
                 $code1 = $sCode;
                 // try to get localised name first
                 $adm1 = sql_value("SELECT IFNULL(`sys_trans_text`.`text`, `countries`.`name`)\r\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t FROM `countries`\r\n\t\t\t\t\t\t\t\t\t\t\t\t\tLEFT JOIN `sys_trans` ON `countries`.`trans_id`=`sys_trans`.`id` AND `countries`.`name`=`sys_trans`.`text`\r\n\t\t\t\t\t\t\t\t\t\t\t\t\tLEFT JOIN `sys_trans_text` ON `sys_trans`.`id`=`sys_trans_text`.`trans_id` AND `sys_trans_text`.`lang`='&2'\r\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\tWHERE `countries`.`short`='&1'", null, $sCode, $opt['template']['default']['locale']);
                 if ($adm1 == null) {
                     $adm1 = sql_value("SELECT `name` FROM `nuts_codes` WHERE `code`='&1'", null, $sCode);
                 }
             }
             sql("INSERT INTO `cache_location` (`cache_id`, `adm1`, `adm2`, `adm3`, `adm4`, `code1`, `code2`, `code3`, `code4`) VALUES ('&1', '&2', '&3', '&4', '&5', '&6', '&7', '&8', '&9') ON DUPLICATE KEY UPDATE `adm1`='&2', `adm2`='&3', `adm3`='&4', `adm4`='&5', `code1`='&6', `code2`='&7', `code3`='&8', `code4`='&9'", $rCache['cache_id'], $adm1, $adm2, $adm3, $adm4, $code1, $code2, $code3, $code4);
         } else {
             $sCountry = sql_value("SELECT IFNULL(`sys_trans_text`.`text`, `countries`.`name`)\r\n\t\t\t\t                         FROM `caches` \r\n\t\t\t\t                   INNER JOIN `countries` ON `caches`.`country`=`countries`.`short`\r\n\t\t\t\t                    LEFT JOIN `sys_trans` ON `countries`.`trans_id`=`sys_trans`.`id` AND `countries`.`name`=`sys_trans`.`text`\r\n\t\t\t\t                    LEFT JOIN `sys_trans_text` ON `sys_trans`.`id`=`sys_trans_text`.`trans_id` AND `sys_trans_text`.`lang`='&2'\r\n\t\t\t\t                        WHERE `caches`.`cache_id`='&1'", null, $rCache['cache_id'], $opt['template']['default']['locale']);
             $sCode1 = sql_value("SELECT `caches`.`country` FROM `caches` WHERE `caches`.`cache_id`='&1'", null, $rCache['cache_id']);
             sql("INSERT INTO `cache_location` (`cache_id`, `adm1`, `code1`) VALUES ('&1', '&2', '&3') ON DUPLICATE KEY UPDATE `adm1`='&2', `adm2`=NULL, `adm3`=NULL, `adm4`=NULL, `code1`='&3', `code2`=NULL, `code3`=NULL, `code4`=NULL", $rCache['cache_id'], $sCountry, $sCode1);
         }
     }
     sql_free_result($rsCache);
 }
示例#10
0
function HookGrant_editAllCustomediteaccess()
{
    global $ref, $userref;
    $access = sql_value("select resource value from grant_edit where resource='{$ref}' and user='******' and (expiry is null or expiry>=NOW())", "");
    if ($access != "") {
        return true;
    }
    return false;
}
示例#11
0
function HookGrant_editViewBeforepermissionscheck()
{
    global $ref, $userref, $access;
    $grant_edit = sql_value("select resource value from grant_edit where resource='{$ref}' and user='******' and (expiry is null or expiry>=NOW())", "");
    if ($grant_edit != "") {
        $access = 0;
    }
    return true;
}
function get_youtube_access_token($refresh = false)
{
    global $baseurl, $userref, $youtube_publish_client_id, $youtube_publish_client_secret, $youtube_publish_callback_url, $code;
    $url = 'https://accounts.google.com/o/oauth2/token';
    if ($refresh) {
        $refresh_token = sql_value("select youtube_refresh_token as value from user where ref='{$userref}'", "");
        if ($refresh_token == "") {
            get_youtube_authorization_code();
            exit;
        }
        $params = array("client_id" => $youtube_publish_client_id, "client_secret" => $youtube_publish_client_secret, "refresh_token" => $refresh_token, "grant_type" => "refresh_token");
    } else {
        $params = array("code" => $code, "client_id" => $youtube_publish_client_id, "client_secret" => $youtube_publish_client_secret, "redirect_uri" => $baseurl . $youtube_publish_callback_url, "grant_type" => "authorization_code");
    }
    $curl = curl_init("https://accounts.google.com/o/oauth2/token");
    curl_setopt($curl, CURLOPT_HEADER, "Content-Type:application/x-www-form-urlencoded");
    curl_setopt($curl, CURLOPT_POST, 1);
    curl_setopt($curl, CURLOPT_POSTFIELDS, $params);
    curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, 0);
    curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
    curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, 1);
    $response = json_decode(curl_exec($curl), true);
    curl_close($curl);
    //exit (print_r($response));
    if (isset($response["error"])) {
        sql_query("update user set youtube_access_token='' where ref='{$userref}'");
        //exit("ERROR: bad response" . print_r($response));
        get_youtube_authorization_code();
        exit;
    }
    if (isset($response["access_token"])) {
        $access_token = escape_check($response["access_token"]);
        sql_query("update user set youtube_access_token='{$access_token}' where ref='{$userref}'");
        if (isset($response["refresh_token"])) {
            $refresh_token = escape_check($response["refresh_token"]);
            sql_query("update user set youtube_refresh_token='{$refresh_token}' where ref='{$userref}'");
        }
        debug("YouTube plugin: Access token: " . $access_token);
        debug("YouTube plugin: Refresh token: " . $refresh_token);
    }
    # Get user account details and store these so we can tell which account they will be uploading to
    $headers = array("Authorization: Bearer " . $access_token, "GData-Version: 2");
    $curl = curl_init("https://gdata.youtube.com/feeds/api/users/default");
    curl_setopt($curl, CURLOPT_HTTPHEADER, $headers);
    curl_setopt($curl, CURLOPT_HTTPGET, 1);
    curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, 0);
    curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
    curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, 1);
    #$response = json_decode( curl_exec( $curl ), true );
    $response = curl_exec($curl);
    $userdataxml = new SimpleXmlElement($response, LIBXML_NOCDATA);
    //exit(print_r($userdataxml));
    $youtube_username = escape_check($userdataxml->title);
    sql_query("update user set youtube_username='******' where ref='{$userref}'");
    return $access_token;
}
function get_mapped_user_by_field($id, $value)
{
    $query = sprintf('
            SELECT user_id AS value
              FROM assign_request_map
             WHERE field_id = \'%s\'
               AND field_value = \'%s\';
        ', $id, $value);
    return sql_value($query, 0);
}
function HookDiscount_codePurchase_callbackPayment_complete()
{
    # Find out the discount code applied to this collection.
    $code = sql_value("select discount_code value from collection_resource where collection='" . getvalescaped("custom", "") . "' limit 1", "");
    # Find out the purchasing user
    # As this is a callback script being called by PayPal, there is no login/authentication and we can't therefore simply use $userref.
    $user = sql_value("select ref value from user where current_collection='" . getvalescaped("custom", "") . "'", 0);
    # Insert used discount code row
    sql_query("insert into discount_code_used (code,user) values ('" . escape_check($code) . "','{$user}')");
}
示例#15
0
 public function getOptValue($pId)
 {
     if ($pId == USR_OPT_SHOWSTATS && sql_value("SELECT `is_active_flag` FROM `user` WHERE `user_id`='&1'", 0, $this->nUserId) == 0) {
         // User profile options are deleted when an account is disabled. This will
         // enable USR_OPT_SHOWSTATS which is 1 by default. We encounter this by
         // forcing USR_OPT_SHOWSTATS = 0 for disabled users.
         return 0;
     } elseif (array_key_exists($pId, $this->nOptions)) {
         return $this->nOptions[$pId]['option_value'];
     }
     return false;
 }
function HookAction_datesPagestoolscron_copy_hitcountAddplugincronjob()
	{
	global $lang, $action_dates_restrictfield,$action_dates_deletefield, $resource_deletion_state, $action_dates_reallydelete;
	
	
	$allowable_fields=sql_array("select ref as value from resource_type_field where type in (4,6,10)");
	# Check that this is a valid date field to use
	if(in_array($action_dates_restrictfield, $allowable_fields))
		{
		$restrict_resources=sql_query("select resource, value from resource_data where resource_type_field = '$action_dates_restrictfield'");
		
		foreach ($restrict_resources as $resource)
			{
			$ref=$resource["resource"];
			if (time()>=strtotime($resource["value"]))		
				{
				# Restrict access to the resource as date has been reached
				$existing_access=sql_value("select access as value from resource where ref='$ref'","");
				if($existing_access==0) # Only apply to resources that are currently open
					{
					echo "restricting resource " . $ref ."\r\n";
					sql_query("update resource set access=1 where ref='$ref'");
					resource_log($ref,'a','',$lang['action_dates_restrict_logtext'],$existing_access,1);		
					}
				}
			}
		}
	if(in_array($action_dates_deletefield, $allowable_fields))
		{
		$delete_resources=sql_query("select resource, value from resource_data where resource_type_field = '$action_dates_deletefield'");
		foreach ($delete_resources as $resource)
			{
			$ref=$resource["resource"];
			if (time()>=strtotime($resource["value"]))		
				{
				# Delete the resource as date has been reached
				echo "deleting resource " . $ref ."\r\n";
				if ($action_dates_reallydelete)
					{
					delete_resource($ref);
					}
				else
					{
					if (!isset($resource_deletion_state)){$resource_deletion_state=3;}
					sql_query("update resource set archive='" . $resource_deletion_state . "' where ref='" . $ref . "'");
					}
				# Remove the resource from any collections
				sql_query("delete from collection_resource where resource='$ref'");
				resource_log($ref,'x','',$lang['action_dates_delete_logtext']);			
				}	
			}
		}
	}
示例#17
0
function HookResourceofthedayHomeReplaceslideshow()
{
    include_once dirname(__FILE__) . "/../inc/rotd_functions.php";
    global $baseurl, $view_title_field;
    $rotd = get_resource_of_the_day();
    if ($rotd === false) {
        return false;
    }
    # No ROTD, return false to disable hook and display standard slide show.
    # Get preview width
    $sizes = get_image_sizes($rotd, true);
    foreach ($sizes as $size) {
        if ($size["id"] == "pre") {
            $width = $size["width"];
            break;
        }
    }
    # Fetch title
    $title = sql_value("select value from resource_data where resource='{$rotd}' and resource_type_field={$view_title_field}", "");
    # Fetch caption
    $caption = sql_value("select value from resource_data where resource='{$rotd}' and resource_type_field=18", "");
    # Show resource!
    $pre = get_resource_path($rotd, false, "pre", false, "jpg");
    ?>
	<div class="HomePicturePanel RecordPanel" style="width: <?php 
    echo $width;
    ?>
px; padding-left: 3px;">
	<a onClick="return CentralSpaceLoad(this,true);" href="<?php 
    echo $baseurl;
    ?>
/pages/view.php?ref=<?php 
    echo $rotd;
    ?>
"><img class="ImageBorder" style="margin-bottom: 10px;" src="<?php 
    echo $pre;
    ?>
" /></a>
	<br />
	<h2 ><?php 
    echo i18n_get_translated(htmlspecialchars($title));
    ?>
</h2>
	<?php 
    echo $caption;
    ?>
	</div>
	<?php 
    return true;
}
 public function fill_turn($start_wp, $max_inserts_count)
 {
     global $opt;
     // query the end of this waypoint range
     $end_wp = sql_value("SELECT DECTOWP(MIN(dec_wp), '&3')\n                           FROM (\n                                   SELECT MIN(WPTODEC(`wp_oc`, '&3')) AS dec_wp\n                                     FROM `caches`\n                                    WHERE WPTODEC(`wp_oc`, '&3')>WPTODEC('&1', '&3')\n                                      AND `wp_oc` REGEXP '&2'\n                              UNION\n                                   SELECT MIN(WPTODEC(`wp_oc`, '&3')) AS dec_wp\n                                     FROM `cache_waypoint_pool`\n                                    WHERE WPTODEC(`wp_oc`, '&3')>WPTODEC('&1', '&3')\n                                 ) AS tbl", $opt['logic']['waypoint_pool']['prefix'] . '100000', $start_wp, '^' . $opt['logic']['waypoint_pool']['prefix'] . '[' . $opt['logic']['waypoint_pool']['valid_chars'] . ']{1,}$', $opt['logic']['waypoint_pool']['prefix']);
     // now, we have start and end waypoints ...
     $nWaypointsGenerated = 0;
     while ($nWaypointsGenerated < $max_inserts_count && $start_wp != $end_wp) {
         sql("INSERT INTO `cache_waypoint_pool` (`wp_oc`) VALUES ('&1')", $start_wp);
         $nWaypointsGenerated++;
         $start_wp = $this->increment_waypoint($start_wp, $opt['logic']['waypoint_pool']['prefix']);
     }
     return $nWaypointsGenerated;
 }
 function process_syslog()
 {
     global $opt;
     $dbc = @mysql_connect($opt['system']['maillog']['syslog_db_host'], $opt['system']['maillog']['syslog_db_user'], $opt['system']['maillog']['syslog_db_password'], TRUE);
     // use separate connection even if on same DB host
     if ($dbc === FALSE) {
         echo $this->name . ": could not connect to syslog database\n";
         return;
     }
     if (@mysql_query("USE " . $opt['system']['maillog']['syslog_db_name'], $dbc) === FALSE) {
         echo $this->name . ": could not open syslog database: " . mysql_error() . "\n";
         return;
     }
     $last_id = sql_value("SELECT `value` FROM `sysconfig` WHERE `name`='syslog_maillog_lastid'", 0);
     $last_date = sql_value("SELECT `value` FROM `sysconfig` WHERE `name`='syslog_maillog_lastdate'", "");
     // We check for both, new IDs and new creation dates, so that it still works
     // if the syslog DB is re-setup and IDs restarted from 1 (dates are not unique).
     $rs = @mysql_query("SELECT `id`, `message`, `created`\n\t\t\t     FROM `event`\n\t\t\t    WHERE  (`id`>'" . mysql_real_escape_string($last_id) . "' OR `created`>'" . mysql_real_escape_string($last_date) . "')  \n\t\t\t      AND `host_name`='" . mysql_real_escape_string($opt['system']['maillog']['syslog_oc_host']) . "'\n\t\t\t      AND `program`='" . mysql_real_escape_string($opt['system']['maillog']['syslog_mta']) . "'\n\t\t\t ORDER BY `id`", $dbc);
     if ($rs === FALSE) {
         echo $this->name . ": syslog query error (" . mysql_errno() . "): " . mysql_error() . "\n";
         return;
     }
     while ($logentry = mysql_fetch_assoc($rs)) {
         $message = $logentry['message'];
         // latin-1 charset
         $delivered = strpos($message, 'status=sent') > 0;
         $bounced = strpos($message, 'status=bounced') > 0;
         if ($delivered || $bounced) {
             if (preg_match('/ to=<(.+)>,/U', $message, $matches)) {
                 $emailadr = $matches[1];
                 if ($delivered) {
                     sql("UPDATE `user` SET `email_problems`=0\n\t\t\t\t\t\t      WHERE `email`='&1'", $emailadr);
                 } else {
                     if ($bounced) {
                         // maximum one bounce per day is counted, to filter out temporary problems
                         sql("UPDATE `user` SET `email_problems`=`email_problems`+1, `last_email_problem`='&2'\n\t\t\t\t\t\t      WHERE `email`='&1' AND IFNULL(`last_email_problem`,'') < '&2'", $emailadr, $logentry['created']);
                     }
                 }
             } else {
                 echo $this->name . ": no email address found for record ID " . $logentry['id'] . "\n";
             }
         }
         $last_id = $logentry['id'];
         $last_date = $logentry['created'];
     }
     mysql_free_result($rs);
     sql("INSERT INTO `sysconfig` (`name`, `value`) VALUES ('syslog_maillog_lastid','&1')\n\t\t     ON DUPLICATE KEY UPDATE `value`='&1'", $last_id);
     sql("INSERT INTO `sysconfig` (`name`, `value`) VALUES ('syslog_maillog_lastdate','&1')\n\t\t     ON DUPLICATE KEY UPDATE `value`='&1'", $last_date);
 }
 public function check_slave($id)
 {
     global $opt;
     $nActive = 0;
     $nOnline = 0;
     $sLogName = '';
     $sLogPos = '';
     $nTimeDiff = -1;
     $slave = $opt['db']['slaves'][$id];
     if ($slave['active'] == true) {
         $nActive = 1;
         // connect
         $dblink = @mysql_connect($slave['server'], $slave['username'], $slave['password']);
         if ($dblink !== false) {
             if (mysql_select_db($opt['db']['placeholder']['db'], $dblink)) {
                 // read slave time
                 $rs = mysql_query("SELECT `data` FROM `sys_repl_timestamp`", $dblink);
                 if ($rs !== false) {
                     $rTime = mysql_fetch_assoc($rs);
                     mysql_free_result($rs);
                     // read current master db time
                     $nMasterTime = sql_value("SELECT NOW()", null);
                     $nTimeDiff = strtotime($nMasterTime) - strtotime($rTime['data']);
                     if ($nTimeDiff < $opt['db']['slave']['max_behind']) {
                         $nOnline = 1;
                     }
                 }
                 // update logpos
                 $rs = mysql_query("SHOW SLAVE STATUS");
                 $r = mysql_fetch_assoc($rs);
                 mysql_free_result($rs);
                 $sLogName = $r['Master_Log_File'];
                 $sLogPos = $r['Read_Master_Log_Pos'];
             }
             mysql_close($dblink);
         }
     }
     // only-flag changed?
     if ($nOnline != sql_value("SELECT `online` FROM `sys_repl_slaves` WHERE `id`='&1'", 0, $id)) {
         mail($opt['db']['error']['mail'], "MySQL Slave Server Id " . $id . " (" . $slave['server'] . ") is now " . ($nOnline != 0 ? 'Online' : 'Offline'), '');
     }
     sql("INSERT INTO `sys_repl_slaves` (`id`, `server`, `active`, `weight`, `online`, `last_check`, `current_log_name`, `current_log_pos`)\n\t\t                            VALUES ('&1', '&2', '&3', '&4', '&5', NOW(), '&6', '&7')\n\t\t           ON DUPLICATE KEY UPDATE `server`='&2', `active`='&3', `weight`='&4', `online`='&5', `last_check`=NOW(), `current_log_name`='&6', `current_log_pos`='&7'", $id, $slave['server'], $nActive, $slave['weight'], $nOnline, $sLogName, $sLogPos);
     // update time_diff?
     if ($nTimeDiff != -1) {
         sql("UPDATE `sys_repl_slaves` SET `time_diff`='&1' WHERE `id`='&2'", $nTimeDiff, $id);
     }
 }
示例#21
0
function generate_transform_preview($ref){
	global $storagedir;	
        global $imagemagick_path;
	global $imversion;

	if (!isset($imversion)){
		$imversion = get_imagemagick_version();
	}

	$tmpdir = get_temp_dir();

        // get imagemagick path
        $command = get_utility_path("im-convert");
        if ($command==false) {exit("Could not find ImageMagick 'convert' utility.");}

        $orig_ext = sql_value("select file_extension value from resource where ref = '$ref'",'');
        $originalpath= get_resource_path($ref,true,'',false,$orig_ext);

	# Since this check is in get_temp_dir() omit: if(!is_dir($storagedir."/tmp")){mkdir($storagedir."/tmp",0777);}
	if(!is_dir(get_temp_dir() . "/transform_plugin")){mkdir(get_temp_dir() . "/transform_plugin",0777);}

       if ($imversion[0]<6 || ($imversion[0] == 6 &&  $imversion[1]<7) || ($imversion[0] == 6 && $imversion[1] == 7 && $imversion[2]<5)){
                $colorspace1 = " -colorspace sRGB ";
                $colorspace2 =  " -colorspace RGB ";
        } else {
                $colorspace1 = " -colorspace RGB ";
                $colorspace2 =  " -colorspace sRGB ";
        }

        $command .= " \"$originalpath\" +matte -delete 1--1 -flatten $colorspace1 -geometry 450 $colorspace2 \"$tmpdir/transform_plugin/pre_$ref.jpg\"";
        run_command($command);


	// while we're here, clean up any old files still hanging around
	$dp = opendir(get_temp_dir() . "/transform_plugin");
	while ($file = readdir($dp)) {
		if ($file <> '.' && $file <> '..'){
			if ((filemtime(get_temp_dir() . "/transform_plugin/$file")) < (strtotime('-2 days'))) {
				unlink(get_temp_dir() . "/transform_plugin/$file");
			}
		}
	}
	closedir($dp);

        return true;
  
}
示例#22
0
文件: view.php 项目: EMRL/approval
function HookApprovalViewRenderbeforeresourcedetails()
{
    global $lang, $ref, $resource, $fields;
    $approval_form_id = sql_value("SELECT ref AS value FROM resource_type_field WHERE name = 'approval_form'", FALSE);
    if (!$approval_form_id) {
        return;
    }
    $approval_form = TidyList(get_data_by_field($ref, $approval_form_id));
    if ($approval_form !== 'Yes') {
        return;
    }
    $history = sql_query('SELECT id, ref, posted, comment, name, signature, status FROM approval WHERE ref = ' . (int) $ref . ' ORDER BY posted DESC');
    ob_start();
    $path = dirname(dirname(__FILE__));
    include $path . '/inc/approval.php';
    echo ob_get_clean();
}
function generate_transform_preview($ref)
{
    global $storagedir;
    global $imagemagick_path;
    global $imversion;
    if (!isset($imversion)) {
        $imversion = get_imagemagick_version();
    }
    $tmpdir = get_temp_dir();
    // get imagemagick path
    $command = get_utility_path("im-convert");
    if ($command == false) {
        exit("Could not find ImageMagick 'convert' utility.");
    }
    $orig_ext = sql_value("select file_extension value from resource where ref = '{$ref}'", '');
    $transformsourcepath = get_resource_path($ref, true, 'scr', false, 'jpg');
    //use screen size if available to save time
    if (!file_exists($transformsourcepath)) {
        $transformsourcepath = get_resource_path($ref, true, '', false, $orig_ext);
    }
    # Since this check is in get_temp_dir() omit: if(!is_dir($storagedir."/tmp")){mkdir($storagedir."/tmp",0777);}
    if (!is_dir(get_temp_dir() . "/transform_plugin")) {
        mkdir(get_temp_dir() . "/transform_plugin", 0777);
    }
    if ($imversion[0] < 6 || $imversion[0] == 6 && $imversion[1] < 7 || $imversion[0] == 6 && $imversion[1] == 7 && $imversion[2] < 5) {
        $colorspace1 = " -colorspace sRGB ";
        $colorspace2 = " -colorspace RGB ";
    } else {
        $colorspace1 = " -colorspace RGB ";
        $colorspace2 = " -colorspace sRGB ";
    }
    $command .= " \"{$transformsourcepath}\"[0] +matte -flatten {$colorspace1} -geometry 450 {$colorspace2} \"{$tmpdir}/transform_plugin/pre_{$ref}.jpg\"";
    run_command($command);
    // while we're here, clean up any old files still hanging around
    $dp = opendir(get_temp_dir() . "/transform_plugin");
    while ($file = readdir($dp)) {
        if ($file != '.' && $file != '..') {
            if (filemtime(get_temp_dir() . "/transform_plugin/{$file}") < strtotime('-2 days')) {
                unlink(get_temp_dir() . "/transform_plugin/{$file}");
            }
        }
    }
    closedir($dp);
    return true;
}
function get_resource_of_the_day()
{
    global $rotd_field;
    # Search for today's resource of the day.
    $rotd = sql_value("select resource value from resource_data where resource>0 and resource_type_field={$rotd_field} and value like '" . date("Y-m-d") . "%' limit 1;", 0);
    if ($rotd != 0) {
        return $rotd;
    }
    # A resource was found?
    # No resource of the day today. Pick one at random, using today as a seed so the same image will be used all of the day.
    $rotd = sql_value("select resource value from resource_data where resource>0 and resource_type_field={$rotd_field} and length(value)>0 order by rand(" . date("d") . ") limit 1;", 0);
    if ($rotd != 0) {
        return $rotd;
    }
    # A resource was found now?
    # No resource of the day fields are set. Return to default slideshow functionality.
    return false;
}
示例#25
0
function HookApprovalResource_emailFooterbottom()
{
    global $ref;
    $approval_form_id = sql_value("SELECT ref AS value FROM resource_type_field WHERE name = 'approval_form'", FALSE);
    if (!$approval_form_id) {
        return;
    }
    $approval_form = TidyList(get_data_by_field($ref, $approval_form_id));
    if ($approval_form !== 'Yes') {
        return;
    }
    $settings = get_plugin_config('approval');
    echo '
		<script type="text/javascript">
			document.getElementById("message").value = "' . htmlspecialchars($settings['email_message']) . '";
		</script>
	';
}
示例#26
0
function savequery($queryid, $queryname, $saveas, $submit, $saveas_queryid)
{
    global $login, $tpl;
    if ($submit == true) {
        // check if query exists
        if (sql_value("SELECT COUNT(*) FROM `queries` WHERE `id`='&1'", 0, $queryid) == 0) {
            $tpl->error(ERROR_UNKNOWN);
        }
        if ($saveas == false) {
            $bError = false;
            if ($queryname == '') {
                $tpl->assign('errorEmptyName', true);
                $bError = true;
            }
            if (sql_value("SELECT COUNT(*) FROM `queries` WHERE `name`='&1' AND `user_id`='&2'", 0, $queryname, $login->userid) > 0) {
                $tpl->assign('errorNameExists', true);
                $bError = true;
            }
            if ($bError == false) {
                // save
                sql("UPDATE `queries` SET `user_id`='&1', `name`='&2' WHERE `id`='&3'", $login->userid, $queryname, $queryid);
                $tpl->redirect('query.php?action=view');
            }
        } else {
            if (sql_value("SELECT COUNT(*) FROM `queries` WHERE `id`='&1' AND `user_id`='&2'", 0, $saveas_queryid, $login->userid) == 0) {
                $tpl->assign('errorMustSelectQuery', true);
            } else {
                // save as
                $oOptions = sql_value("SELECT `options` FROM `queries` WHERE `id`='&1'", array(), $queryid);
                sql("UPDATE `queries` SET `options`='&1' WHERE `id`='&2'", $oOptions, $saveas_queryid);
                $tpl->redirect('query.php?action=view');
            }
        }
    }
    $rs = sql("SELECT `id`, `name` FROM `queries` WHERE `user_id`='&1' ORDER BY `name` ASC", $login->userid);
    $tpl->assign_rs('queries', $rs);
    sql_free_result($rs);
    $tpl->assign('queryid', $queryid);
    $tpl->assign('queryname', $queryname);
    $tpl->assign('action', 'save');
    $tpl->display();
}
function check_debug_log_override()
{
    global $debug_log_override, $userref;
    if (isset($debug_log_override) || !isset($userref)) {
        return;
    }
    $debug_log_override = false;
    $debug_user = sql_value("SELECT value FROM sysvars WHERE name='debug_override_user'", "");
    $debug_expires = sql_value("SELECT value FROM sysvars WHERE name='debug_override_expires'", "");
    if ($debug_user == "" || $debug_expires == "") {
        return;
    }
    if ($debug_expires < time()) {
        sql_query("DELETE FROM sysvars WHERE name='debug_override_user' OR name='debug_override_expires'");
        return;
    }
    if ($debug_user == -1 || $debug_user == $userref) {
        $debug_log_override = true;
    }
}
 function track_field_history_get_field_log($resource_id, $field_id)
 {
     $query = sprintf('
                SELECT resource_log.date AS date,
                       IFNULL(user.fullname, user.username) AS user,
                       resource_log.previous_value AS value
                  FROM resource_log
             LEFT JOIN user ON user.ref = resource_log.user
                 WHERE type = "e"
                   AND resource = %d
                   AND resource_type_field = %d
              ORDER BY resource_log.date DESC;
         ', $resource_id, $field_id);
     $log_results = sql_query($query);
     if (empty($log_results)) {
         return $log_results;
     }
     // Create an array with all the previous values and remove the last element as it will always be empty:
     $log_values = array();
     foreach ($log_results as $result) {
         $log_values[] = $result['value'];
     }
     array_pop($log_values);
     $query = sprintf('
             SELECT value
               FROM resource_data
              WHERE resource = %d
                AND resource_type_field = %d;
         ', $resource_id, $field_id);
     $last_log_value = sql_value($query, '');
     for ($i = 0; $i < count($log_results); $i++) {
         // Current value is recorded in a different place:
         if ($i == 0) {
             $log_results[$i]['value'] = $last_log_value;
             continue;
         }
         // Make sure each edit record has the next previous value:
         $log_results[$i]['value'] = $log_values[$i - 1];
     }
     return $log_results;
 }
示例#29
0
function HookFlickr_theme_publishThemesRender_actions_add_collection_option($top_actions, $options)
{
    global $getthemes, $m, $lang, $baseurl_short;
    $theme = $getthemes[$m];
    // these aren't really set on themes.php
    $result = get_collection_resources($theme['ref']);
    $count_result = count($result);
    $c = count($options);
    if ($count_result > 0) {
        $lang_string = $lang["publish_to_flickr"];
        $unpublished = sql_value("select count(*) value from resource join collection_resource on resource.ref=collection_resource.resource where collection_resource.collection='" . $theme["ref"] . "' and flickr_photo_id is null", 0);
        if ($unpublished > 0) {
            $lang_string .= " <strong>(" . ($unpublished == 1 ? $lang["unpublished-1"] : str_replace("%number", $unpublished, $lang["unpublished-2"])) . ")</strong>";
        }
        $data_attribute['url'] = sprintf('%splugins/flickr_theme_publish/pages/sync.php?theme=%s', $baseurl_short, urlencode($theme["ref"]));
        $options[$c]['value'] = 'flickr_publish';
        $options[$c]['label'] = $lang_string;
        $options[$c]['data_attr'] = $data_attribute;
        return $options;
    }
}
 public function archive_disabled_caches()
 {
     // Logging of status changes in cache_status_modified has started on June 1, 2013.
     // For archiving caches that were disabled earlier, we also check the listing
     // modification date.
     // This statement may be optimized. It typically runs for ~15 seconds at OC.de.
     $rs = sql('
         SELECT `caches`.`cache_id`,
                `caches`.`user_id`,
                DATEDIFF(NOW(), `listing_last_modified`) AS `listing_age`,
                (SELECT `date_modified` FROM `cache_status_modified` `csm`
                 WHERE `csm`.`cache_id`=`caches`.`cache_id` AND `csm`.`new_state`=2
                 ORDER BY `date_modified` DESC
                 LIMIT 1) `disable_date`,
                (SELECT `user_id` FROM `cache_status_modified` `csm`
                 WHERE `csm`.`cache_id`=`caches`.`cache_id` AND `csm`.`new_state`=2
                 ORDER BY `date_modified` DESC
                 LIMIT 1) `disabled_by`,
                IFNULL(DATEDIFF(NOW(), `user`.`last_login`), 150) `login_lag`,
                `ca`.`attrib_id` IS NOT NULL `seasonal_cache`
         FROM `caches`
         LEFT JOIN `user` ON `user`.`user_id`=`caches`.`user_id`
         LEFT JOIN `caches_attributes` `ca` ON `ca`.`cache_id`=`caches`.`cache_id` AND `ca`.`attrib_id`=60
         WHERE `status`=2 AND DATEDIFF(NOW(), `listing_last_modified`) > 184
         ORDER BY `listing_last_modified`');
     $archived = 0;
     while ($rCache = sql_fetch_assoc($rs)) {
         if ($rCache['listing_age'] > 366 || $rCache['listing_age'] > 184 && (sql_value("SELECT DATEDIFF(NOW(),'&1')", 0, $rCache['disable_date']) > 366 || !$rCache['seasonal_cache'] && ($rCache['disabled_by'] != 0 && $rCache['disabled_by'] != $rCache['user_id'] && $rCache['login_lag'] > 45 || $rCache['disabled_by'] == $rCache['user_id'] && $rCache['login_lag'] >= $rCache['listing_age']) && sql_value("SELECT MAX(`date`) FROM `cache_logs`\n                                 WHERE `cache_logs`.`cache_id`='&1'", '', $rCache['cache_id']) <= $rCache['disable_date'] && sql_value("SELECT `type` FROM `cache_logs`\n                                 WHERE `cache_id`='&1'\n                                 ORDER BY `order_date` DESC, `date_created` DESC, `id` DESC\n                                 LIMIT 1", '', $rCache['cache_id']) == cachelog::LOGTYPE_DISABLED)) {
             $months = $rCache['listing_age'] > 366 ? 12 : 6;
             $this->archive_cache($rCache['cache_id'], 'This cache has been "temporarily unavailable" for more than %1 months now; ' . 'therefore it is being archived automatically. The owner may decide to ' . 'maintain the cache and re-enable the listing.', $months);
             ++$archived;
             // This limit throttles archiving. If something goes wrong, it won't
             // produce too much trouble.
             if ($archived >= 10) {
                 break;
             }
         }
     }
     sql_free_result($rs);
 }