function __construct($step_table, $url_is_tab = false) { global $CFG; $this->table = $step_table; $this->url_is_tab = $CFG->url == $step_table ? $CFG->is_tab : $url_is_tab; if (!DB::tableExists($step_table)) { if (DB::createTable($step_table, array('name' => 'vchar', 'group_id' => 'int', 'user_id' => 'int', 'supervisor_id' => 'int', 'days_available' => 'int', 'step_order' => 'int'))) { Messages::add($CFG->table_created); } } }
function addTable($table, $table_fields = false, $folder_field = false, $url = false, $target_elem_id = false, $link_is_tab = false, $alert_condition1 = false, $alert_condition2 = false) { global $CFG; if (DB::tableExists($table)) { $this->tables[$table] = array('table_fields' => $table_fields, 'folder_field' => $folder_field, 'url' => $url, 'target_elem_id' => $target_elem_id, 'method_id' => $CFG->method_id, 'link_is_tab' => $link_is_tab, 'alert_condition1' => $alert_condition1, 'alert_condition2' => $alert_condition2); } if ($CFG->pm_editor) { echo ' <li>' . $table . ' [addTable] ' . Form::peLabel($CFG->method_id, 'addTable') . '</li>'; } echo ' <input type="hidden" class="added_table" value="' . $table . '" /> <input type="hidden" id="table_' . $table . '_fields" value="' . implode('|', $table_fields) . '" />'; }
function get($record_id) { global $CFG; if ($this->record_id && !$CFG->save_called || !($record_id > 0) || !DB::tableExists($this->table)) { return false; } $this->get_called = true; if (!($info = DB::getRecord($this->table, $record_id))) { $this->errors = $CFG->form_get_record_error; } else { $this->record_id = $record_id; } if (!$this->save_called) { $this->old_info = $info; } if ($info && $this->info) { $this->info = array_merge($this->info, $info); } elseif ($info) { $this->info = $info; } }
if (is_array($rows)) { $active = $_REQUEST['active'] == 1 ? 'Y' : 'N'; foreach ($rows as $id) { if (!DB::update($table, array('is_active' => $active), $id)) { $errors[] = $CFG->ajax_save_error; } } } } } } elseif ($action == 'delete_file') { if (!empty($_REQUEST['filename'])) { unlink($_REQUEST['filename']); } } elseif ($action == 'check_table') { if (!DB::tableExists($_REQUEST['table'])) { DB::createTable($_REQUEST['table'], $_REQUEST['db_fields'], $_REQUEST['radioinputs']); } else { DB::editTable($_REQUEST['table'], $_REQUEST['db_fields'], $_REQUEST['radioinputs']); } } elseif ($_REQUEST['rows'] && !empty($_REQUEST['rows'])) { foreach ($_REQUEST['rows'] as $row) { if ($row['info']) { if ($row['id']) { DB::update($row['table'], $row['info'], $row['id']); } else { DB::insert($row['table'], $row['info']); } } } } elseif ($_REQUEST['table']) {
function field($name = false, $caption = false, $subtable = false, $subtable_fields = false, $link_url = false, $concat_char = false, $in_form = false, $f_id_field = false, $order_by = false, $order_asc = false, $record_id = false, $link_is_tab = false, $limit_is_curdate = false, $override_value = false, $link_id_field = false) { global $CFG; $concat_char = $concat_char ? $concat_char : ' '; $caption = $caption ? $caption : $name; $record_row = $this->in_grid ? $this->grid_values : $this->row; $table = $this->in_grid ? $this->grid_table : $this->table; $db_fields = $this->in_grid ? DB::getTableFields($table) : $this->db_fields; if (!$link_id_field) { $param_name = $this->in_grid ? 'id' : $name; $param_name = $CFG->url != $link_url ? 'id' : $param_name; $id = $record_row[$name]; } else { $param_name = $link_id_field; $id = $record_row[$link_id_field]; } if (is_array($record_row) || strlen($override_value) > 0) { $is_field = @array_key_exists($name, $record_row) || strlen($override_value) > 0; $has_subtable = in_array($subtable, $this->db_subtables); $has_table = DB::tableExists($subtable); $value = strlen($override_value) > 0 ? $override_value : $record_row[$name]; $is_time = $this->form_method_args[$name]['only_time']; //echo $name.$is_field.'-'.$has_subtable.'-'.$has_table.'|'; if (!$is_field && strstr($f_id_field, ',')) { $id = DB::getForeignValue($f_id_field, $this->record_id, 1); } if ($is_field && !$has_subtable && !$has_table) { $text = Grid::detectData($name, $value, $db_fields, false, $is_time); if ($link_url) { $text = Link::url($link_url, $text, "{$param_name}={$id}&is_tab={$link_is_tab}&action=record"); } } elseif ($is_field && !$has_subtable && $has_table) { $result = DB::getFields($subtable, $value, $subtable_fields, $f_id_field); $text = @implode('<span class="record_component">' . $concat_char . '</span>', $result); if ($link_url) { $text = Link::url($link_url, $text, "{$param_name}={$id}&is_tab={$link_is_tab}&action=record"); } } elseif (!$is_field && $has_subtable && $has_table) { $result = DB::getFieldsByLookup($table, $subtable, $this->row['id'], $subtable_fields); foreach ($result as $row) { $text_parts = false; if (is_array($subtable_fields)) { foreach ($subtable_fields as $field) { $text_parts[] = $row[$field]; } $concat_char = $concat_char ? $concat_char : ' '; $text = implode('<span class="record_component">' . $concat_char . '</span>', $text_parts); } else { $text = $row['name']; } if ($link_url) { $results[] = Link::url($link_url, $text, "{$param_name}={$id}&is_tab={$link_is_tab}&action=record"); } else { $results[] = $text; } } $text = implode('<span class="record_component">' . $concat_char . '</span>', $results); } elseif (!$is_field && $has_subtable && !$has_table) { $result = DB::getSubTable($subtable, $subtable_fields, $id, $concat_char); if ($link_url) { foreach ($result as $id => $row) { $text = Grid::detectData($name, $value, $db_fields); $result1[] = Link::url($link_url, $row, "{$param_name}={$id}&is_tab={$link_is_tab}&action=record"); } } else { $result1 = $result; } $text = implode(', ', $result1); } elseif (!$is_field && !$has_subtable && $has_table) { $record_id = $record_id > 0 ? $record_id : $this->record_id; $result = DB::getFields($subtable, $this->record_id, $subtable_fields, $f_id_field, $order_by, $order_asc, $record_id, $limit_is_curdate); $text = @implode('<span class="record_component">' . $concat_char . '</span>', $result); if ($link_url) { $text = Link::url($link_url, $text, "{$param_name}={$id}&is_tab={$link_is_tab}&action=record"); } } } if ($CFG->pm_editor && !$this->in_grid) { $method_name = Form::peLabel($CFG->method_id, 'field'); } if ($this->t) { if ($this->i == 0) { $HTML = '<tr>'; } $HTML = $HTML . "|||<td><b class=\"record_label\">{$caption}</b>{$method_name}</td><td>{$text}</td>"; $this->i++; if ($this->i == $this->t_cols) { $HTML = $HTML . '</tr>'; $this->i = 0; } } else { if (!$this->in_grid) { $align_left_class = $db_fields[$name]['Type'] == 'blob' ? 'files_caption' : ''; $al1 = $db_fields[$name]['Type'] == 'blob' ? '<div class="long_text">' : ''; $al2 = $db_fields[$name]['Type'] == 'blob' ? '</div>' : ''; $HTML = "<div class=\"label_extend\"></div><b class=\"record_label {$align_left_class}\">{$caption}</b><span class=\"record_item\"> {$method_name} {$al1}{$text}{$al2}</span>"; } else { $HTML = $text; } } if (!$in_form) { $this->HTML[] = $HTML; } else { return $HTML; } }
function bid($amount) { global $CFG; date_default_timezone_set($CFG->default_timezone); if (!($this->id > 0)) { return false; } if ($this->is_expired) { return false; } if (!is_numeric($amount)) { $this->errors[] = $CFG->auction_invalid_bid_error; return false; } if (User::isLoggedIn()) { if (DB::tableExists($this->table . '_bids')) { $user_id = User::$info['id']; $this->minimum_increase = !($this->high_bid > 0) ? $this->initial_bid : $this->minimum_increase; if ($amount >= $this->item_info['high_bid'] + $this->minimum_increase || $this->high_bid_user_id == User::$info['id'] && $amount > $this->item_info['high_bid']) { if ($this->proxy_bids) { $proxy = Auction::getHighestProxy(); if ($this->high_bid_user_id != User::$info['id']) { if ($amount <= $proxy['amount']) { $proxy_increase = $amount + $this->minimum_increase <= $proxy['amount'] ? $amount + $this->minimum_increase : $proxy['amount']; DB::insert($this->table . '_bids', array('item_id' => $this->id, 'item_table' => $this->table, 'user_id' => $user_id, 'amount' => $amount, 'date' => $this->now)); DB::insert($this->table . '_bids', array('item_id' => $this->id, 'item_table' => $this->table, 'user_id' => $this->high_bid_user_id, 'amount' => $proxy_increase, 'is_proxy' => 'Y', 'date' => $this->now)); DB::update($this->table, array('high_bid' => $proxy_increase), $this->id); //Auction::realizeBids($proxy_increase); $this->high_bid = $proxy_increase; $outbid = true; } elseif ($amount > $proxy['amount'] && $amount < $proxy['amount'] + $this->minimum_increase && $proxy['user_id'] != $user_id) { $this->errors[] = str_ireplace('[field]', $this->minimum_increase, $CFG->auction_min_increase_error); DB::insert($this->table . '_bids', array('item_id' => $this->id, 'item_table' => $this->table, 'user_id' => $user_id, 'amount' => $amount, 'date' => $this->now)); DB::insert($this->table . '_bids', array('item_id' => $this->id, 'item_table' => $this->table, 'user_id' => $this->high_bid_user_id, 'amount' => $proxy['amount'], 'is_proxy' => 'Y', 'date' => $this->now)); DB::update($this->table, array('high_bid' => $proxy['amount']), $this->id); //Auction::realizeBids($proxy['amount']); $this->high_bid = $proxy['amount']; $outbid = true; } else { if ($proxy['amount'] > $this->high_bid) { if ($proxy['amount'] > $this->high_bid + $this->minimum_increase) { $this->high_bid = $proxy['amount']; } } if ($amount > $proxy['amount'] + $this->minimum_increase) { DB::insert($this->table . '_bids', array('item_id' => $this->id, 'item_table' => $this->table, 'user_id' => $user_id, 'amount' => $amount, 'is_proxy' => 'N', 'is_realized' => 'N', 'date' => $this->now)); $this->high_bid = $proxy['amount']; } } } else { if ($amount < $proxy['amount']) { $this->errors[] = str_ireplace('[field]', $amount, $CFG->auction_outbid_self_proxy_error); $outbid = true; } else { $this->messages[] = str_ireplace('[field]', $amount, $CFG->auction_new_proxy_message); DB::insert($this->table . '_bids', array('item_id' => $this->id, 'item_table' => $this->table, 'user_id' => $user_id, 'amount' => $amount, 'is_proxy' => 'N', 'is_realized' => 'N', 'date' => $this->now)); $bypass = true; } } } if ($this->anti_sniping && $this->anti_sniping_increase) { if ($this->time_remaining < $this->anti_sniping) { if (!($this->proxy_bids && $this->high_bid_user_id == User::$info['id'])) { Auction::addTime($this->anti_sniping_increase); } } } //DB::insert($this->table.'_bids',array('item_id'=>$15this->id,'item_table'=>$this->table,'user_id'=>$user_id,'amount'=>$amount)); if (!$outbid) { $new_bid = $this->proxy_bids ? $this->high_bid + $this->minimum_increase : $amount; $new_bid = $this->proxy_bids && $this->high_bid_user_id == $user_id ? $this->high_bid : $new_bid; //$new_bid = (!($this->high_bid > 0)) ? $amount : $new_bid; $this->high_bid = $new_bid; $this->high_bid_user_id = $user_id; $is_proxy = $this->proxy_bids && $amount > $this->high_bid + $this->minimum_increase ? 'Y' : 'N'; Auction::realizeBids($new_bid); if (!$bypass) { DB::insert($this->table . '_bids', array('item_id' => $this->id, 'item_table' => $this->table, 'user_id' => $user_id, 'amount' => $new_bid, 'is_proxy' => $is_proxy, 'date' => $this->now)); } DB::update($this->table, array('high_bid' => $new_bid, 'high_bid_user_id' => $user_id), $this->id); $this->messages[] = $CFG->auction_high_bid_message; return true; } else { if (!is_array($this->errors)) { $this->errors[] = $CFG->auction_outbid_error; } return false; } } elseif ($amount >= $this->item_info['high_bid'] && $amount < $this->item_info['high_bid'] + $this->minimum_increase) { $this->errors[] = str_ireplace('[field]', $this->minimum_increase, $CFG->auction_min_increase_error); return false; } elseif ($amount < $this->item_info['high_bid'] && $this->item_info['high_bid_user_id'] != $user_id) { $this->errors[] = str_ireplace('[field]', $this->high_bid, $CFG->auction_bid_too_low_error); return false; } elseif ($amount < $this->item_info['high_bid'] && $this->item_info['high_bid_user_id'] == $user_id) { $this->errors[] = $CFG->auction_outbid_self_error; return false; } } else { $this->errors[] = $CFG->auction_table_error; } } else { $this->errors[] = $CFG->auction_login_error; } }
function save() { global $CFG; if ($_REQUEST['bypass_save'] || $CFG->save_called || strstr($_REQUEST['form_name'], 'form_filters')) { return false; } $this->save_called = true; $CFG->save_called = true; if (!$this->get_called && $this->record_id > 0) { if (!is_array(self::$old_info_prev)) { $this->old_info = DB::getRecord($this->table, $this->record_id, 0, 1); self::$old_info_prev = $this->old_info; } else { $this->old_info = self::$old_info_prev; } $subtables = DB::getSubtables($this->name); if (is_array($subtables)) { foreach ($subtables as $subtable) { if (!DB::tableExists($this->table . '_' . $subtable)) { continue; } if (strstr($subtable, 'grid_')) { $name_parts = explode('grid_', $subtable); $name = $name_parts[1]; $this->old_info[$name] = DB::getGridValues($this->table . '_grid_' . $name, $subtable_fields, $this->record_id); } elseif (strstr($subtable, 'files')) { //$files = DB::getFiles($this->table.'_files',$this->record_id); } else { if ($this->info['cat_selects']) { $cats = DB::getCats($this->table . '_' . $subtable, $this->record_id); if ($cats) { foreach ($cats as $cat) { $this->old_info['cat_selects'][$subtable][] = $cat['row']['c_id']; } } } } } } } if ($_FILES[$this->name]['name']) { foreach ($_FILES[$this->name]['name'] as $input_name => $file_name) { if ($file_name) { $temp_files[] = Upload::saveTemp($this->name, $input_name); } } if (is_array($temp_files)) { foreach ($temp_files as $file_info) { $field_name = $file_info['input_name']; if ($file_info['error']) { $this->errors[$field_name] = $file_info['error']; } else { $this->temp_files[$field_name] = $file_info['filename']; $CFG->temp_files[$field_name] = $file_info['filename']; $this->temp_descs[$field_name] = $file_info['file_desc']; } } } } }
<?php date_default_timezone_set($CFG->default_timezone); String::magicQuotesOff(); if ($_REQUEST['new_settings']) { foreach ($_REQUEST['new_settings'] as $name => $value) { Settings::set($name, $value); if ($_FILES['new_settings']['name']) { foreach ($_FILES['new_settings']['name'] as $input_name => $file_name) { if ($file_name) { if (!DB::tableExists('settings_files')) { $sql = "\n\t\t\t\t\t\tCREATE TABLE `settings_files` (\n\t\t\t\t\t\tid INT( 10 ) UNSIGNED NOT NULL AUTO_INCREMENT PRIMARY KEY ,\n\t\t\t\t\t\t`f_id` INT( 10 ) UNSIGNED NOT NULL ,\n\t\t\t\t\t\t`ext` CHAR( 4 ) NOT NULL ,\n\t\t\t\t\t\t`dir` VARCHAR( 255 ) NOT NULL ,\n\t\t\t\t\t\t`url` TEXT NOT NULL ,\n\t\t\t\t\t\t`old_name` VARCHAR( 255 ) NOT NULL ,\n\t\t\t\t\t\t`field_name` VARCHAR( 50 ) NOT NULL ,\n\t\t\t\t\t\tINDEX ( `f_id`)\n\t\t\t\t\t\t) ENGINE = MYISAM "; db_query($sql); } $temp_files1[] = Upload::saveTemp('new_settings', $input_name); } } if (is_array($temp_files1)) { foreach ($temp_files1 as $file_info) { $field_name = $file_info['input_name']; if ($file_info['error']) { $errors[$field_name] = $file_info['error']; } else { $temp_files[$field_name] = $file_info['filename']; } } } } if (!$errors && is_array($temp_files)) { foreach ($temp_files as $field_name => $file_name) { $field_name_parts = explode('__', $field_name);
$CFG->dbuser = "******"; $CFG->dbpass = ""; $dbh = mysql_connect($CFG->dbhost, $CFG->dbuser, $CFG->dbpass); require_once "../shared2/autoload.php"; $sql = "SHOW DATABASES"; $result = db_query_array($sql); $ignore = array('information_schema', 'cdcol', 'mysql', 'performance_schema', 'phpmyadmin'); if ($result) { foreach ($result as $database) { if (in_array($database['Database'], $ignore)) { continue; } mysql_select_db($database['Database']); $sql = "DELETE FROM sessions WHERE session_start < '" . date('Y-m-d 00:00:00', strtotime('-7 days')) . "' "; mysql_query($sql); if (!DB::tableExists('admin_cron')) { continue; } Settings::assign($CFG); $sql = "SELECT * FROM admin_cron "; $result = db_query_array($sql); if ($result) { foreach ($result as $row) { $control = DB::getRecord('admin_controls', $row['control_id'], 0, 1); $control_args = unserialize($control['arguments']); $method = DB::getRecord('admin_controls_methods', $row['method_id'], 0, 1); $method_args = Control::parseArguments($method['arguments'], $control['class'], $method['method']); if ($method['method'] == 'emailNotify') { $email_field = $method_args['email_field']; $message = DB::getRecord($method_args['email_table'], $method_args['email_record'], 0, 1); }
private function get($start, $end) { global $CFG; if (is_array($this->tables)) { foreach ($this->tables as $table => $fields) { $s_date = false; $e_date = false; if (!DB::tableExists($table)) { $this->errors[$table] = $CFG->grid_no_table_error; } $table_fields = $fields['table_fields']; if (is_array($table_fields)) { if (!empty($fields['sdate_field'])) { if (array_key_exists($fields['sdate_field'], $table_fields)) { $s_date = $fields['sdate_field']; } else { $this->errors[$fields['sdate_field']] = $CFG->grid_no_field_error; } } if (!empty($fields['edate_field'])) { if (array_key_exists($fields['edate_field'], $table_fields)) { $e_date = $fields['edate_field']; } else { $this->errors[$fields['edate_field']] = $CFG->grid_no_field_error; } } if (!empty($fields['stime_field'])) { if (array_key_exists($fields['stime_field'], $table_fields)) { $s_time = $fields['stime_field']; } else { $this->errors[$fields['stime_field']] = $CFG->grid_no_field_error; } } if (!empty($fields['etime_field'])) { if (array_key_exists($fields['etime_field'], $table_fields)) { $e_time = $fields['etime_field']; } else { $this->errors[$fields['etime_field']] = $CFG->grid_no_field_error; } } if (!empty($fields['int_field'])) { if (array_key_exists($fields['int_field'], $table_fields)) { $int = $fields['int_field']; } elseif (array_key_exists($fields['int_field'], $table_fields)) { $int = $fields['int_field']; } else { $this->errors[$fields['int_field']] = $CFG->grid_no_field_error; } } if (!$s_date || !$e_date) { foreach ($table_fields as $name => $field) { if ($s_date) { break; } if ($field['Type'] == 'datetime') { $s_date = $name; } } } } if (is_array($this->fields[$table])) { $db_fields = array(); foreach ($this->fields[$table] as $k => $info) { if (!$info['is_placeholder']) { $db_fields[$k] = $info; } } if ($s_date) { $db_fields[$s_date] = array('name' => $s_date); } if ($e_date) { $db_fields[$e_date] = array('name' => $e_date); } if ($s_time) { $db_fields[$s_time] = array('name' => $s_time); } if ($e_time) { $db_fields[$e_time] = array('name' => $e_time); } if ($int) { $db_fields[$int] = array('name' => $int); } $fields['filters'] = is_array($fields['filters']) ? $fields['filters'] : array(); $this->filter_results = is_array($this->filter_results) ? $this->filter_results : array(); $fields['filters'] = array_merge($fields['filters'], $this->filter_results); $record_id = $fields['f_id_field'] ? $this->record_id : 0; $datasets = array(); if ($this->tokenizers) { foreach ($this->tokenizers as $t_name => $tokenizer) { if (is_array($tokenizer)) { foreach ($tokenizer as $t_id => $t_value) { $datasets[] = $t_id; } } } } else { $datasets = array(0 => $record_id); } foreach ($datasets as $set) { if (strstr($fields['f_id_field'], ',')) { $f_id_parts = explode(',', $fields['f_id_field']); $f_parts = explode('.', $f_id_parts[count($f_id_parts) - 1]); $db_fields['f_table_id'] = array('name' => 'f_table_id', 'formula' => $f_parts[0] . '.id', 'run_in_sql' => 1); } $result = DB::get($table, $db_fields, 0, 0, false, false, false, $fields['filters'], $set, $fields['f_id_field'], false, false, $start, $end, $s_date, $e_date, 1); if ($result) { foreach ($result as $row) { $row['table'] = $table; $data[$set][strtotime($row[$s_date])][] = $row; } @ksort($data[$set]); } else { $data[$set] = ''; } } } } } return $data; }