function display($k, $v)
{
switch ($k) {
case "date":
if (substr($v, 0, 8) == date("Ymd")) {
return "oggi " . aux::formatDate($v, TIME);
} elseif (substr($v, 0, 8) == aux::yesterday()) {
return "ieri " . aux::formatDate($v, TIME);
} else {
return aux::formatDate($v, STANDARD) . " " . aux::formatDate($v, TIME);
}
break;
case "link":
if (ereg("manager", $v)) {
return "<a href=\"{$v}\">item</a>";
} else {
return "";
}
break;
default:
return beContentPager::display($k, $v);
break;
}
return $v;
}
function addItem_postInsertion()
{
/* controllare reload */
$skin = new Skin("dipartimento");
$mail = new Skinlet("user.mail");
$mail->setContent("name", $_REQUEST['name']);
$mail->setContent("username", $_REQUEST['username']);
$mail->setContent("password", $_REQUEST['password']);
$mail->setContent("message", $_REQUEST['message']);
$mail->setContent("email", $_REQUEST['email']);
if (isset($_REQUEST['home'])) {
$mail->setContent("home", "http://www.di.univaq.it/home.php?username={$_REQUEST['username']}");
/* $GLOBALS['homeEntity']->insertItem(NULL,
"{$_REQUEST['username']}",
date('YmdHi'),
date('YmdHi'),
"Generale",
"General",
"Home",
"Home",
"Pagina provvisoria di {$_REQUEST['name']} {$_REQUEST['surname']}",
"Temporary page of {$_REQUEST['name']} {$_REQUEST['surname']}",
"*",
1);
*/
}
/* --- The following line has been uncommented by Gulyx --- */
aux::mail($_REQUEST['email'], "{$GLOBALS['config']['website']['name']} Login data", $mail->get(), $GLOBALS['config']['website']['email']);
}
function phone($name, $data, $pars)
{
if ($data != "") {
$result = $pars['prefix'] . " " . aux::phone($data);
} else {
$result = "";
}
return $result;
}
function send2()
{
$uid = strtoupper(md5(uniqid(time())));
$header = "From: " . $this->from . "\nReply-To: " . $this->from . "\n";
if ($this->cc != "") {
$header .= "CC: " . $this->cc . "\n";
}
$header .= "MIME-Version: 1.0\n";
$header .= "Content-Type: multipart/mixed; boundary={$uid}\n";
$header .= "--{$uid}\n";
$header .= "Content-Type: text/plain\n";
$header .= "Content-Transfer-Encoding: 8bit\n\n";
$header .= $this->message . "\n";
if (is_array($this->file)) {
foreach ($this->file as $k => $v) {
$content = fread(fopen($this->file[$k], "r"), filesize($this->file[$k]));
$content = chunk_split(base64_encode($content));
$header .= "--{$uid}\n";
$header .= "Content-Type: " . $this->file_type[$k] . "; name=\"" . $this->file_name[$k] . "\"\n";
$header .= "Content-Transfer-Encoding: base64\n";
$header .= "Content-Disposition: attachment; filename=\"" . $this->file_name[$k] . "\"\n\n";
$header .= "{$content}\n";
}
}
if (is_array($this->buffer)) {
foreach ($this->buffer as $k => $v) {
$content = chunk_split(base64_encode($v));
$header .= "--{$uid}\n";
$header .= "Content-Type: " . $this->buffer_type[$k] . "; name=\"" . $this->buffer_name[$k] . "\"\n";
$header .= "Content-Transfer-Encoding: base64\n";
$header .= "Content-Disposition: attachment; filename=\"" . $this->buffer_name[$k] . "\"\n\n";
$header .= "{$content}\n";
}
}
aux::mail($this->to, $this->subject, $this->message, $header);
return true;
}
function addItem_postInsertion()
{
/* controllare reload */
$mail = new Template("dtml/user.mail");
$mail->setContent("name", $_REQUEST['name']);
$mail->setContent("username", $_REQUEST['username']);
$mail->setContent("password", $_REQUEST['password']);
$mail->setContent("message", $_REQUEST['message']);
mail("{$_REQUEST['email']}", "{$GLOBALS['config']['website']['name']} Login data", $mail->get(), "From: {{$GLOBALS['config']['website']['email']}}");
}
}
/* LOCAL END */
#if (isset($_SESSION['registered-user'])) {
# $main = new Template("dtml_{$_SESSION['language']}/frame-public-2.html");
#} else {
# $main = new Template("dtml/frame-private.html");
#}
$main = new Skin();
$form = new Form("dataEntry", $usersEntity);
$form->addSection("Modifica Password");
#$form1->addText("username", "username", 20, MANDATORY);
#$form1->addSection("personal data");
$form->addPassword("password", aux::lingual("Nuova Password", "New Password", "Nuova Password"));
if (!isset($_REQUEST['page'])) {
$_REQUEST['page'] = 1;
$_REQUEST['value'] = $_SESSION['user']['username'];
}
$main->setContent("body", $form->editItem(NO_DELETE));
$main->close();
?>
function tags($name, $data, $pars)
{
$data = aux::getResult("select * from tags order by position");
if (count($data) > 0) {
$content = '<div class="widget">';
$content .= '<h4>Tags</h4>';
$content .= '<nav class="tags">';
foreach ($data as $row) {
$content .= "<a href=\"search.php?text={$row['text']}\">{$row['tag']}</a>\n";
}
$content .= "</nav>";
$content .= "</div>";
} else {
$content = "";
}
return $content;
}
function getComments($id)
{
$comments = new Template("dtml/comments.html");
$data = aux::getResult("\n\t\t\tSELECT * \n\t\t FROM comments\n\t\t LEFT JOIN users\n\t\t ON users.username = comments.username\n\t\t WHERE entityname = '{$this->entity->name}'\n\t\t AND itemid = '{$id}'\n\t\t AND comments.active = '*'\n\t\t AND users.active = '*'\n\t\t ORDER BY creation DESC");
if (count($data) > 0) {
foreach ($data as $item) {
foreach ($item as $k => $v) {
switch ($k) {
case "creation":
$comments->setContent($k, aux::formatDate($v, EXTENDED));
break;
default:
$comments->setContent($k, $v);
break;
}
}
}
} else {
$comments->setContent("username", "");
$comments->setContent("creation", "");
$comments->setContent("body", aux::lingual("Non ci sono commenti", "No comments", "Nemo para commentares"));
}
return $comments->get();
}
function doLogin()
{
if (!isset($_SESSION['user'])) {
/* User not Logged */
$debug_action = "USER NOT LOGGED";
if (!isset($_POST['username']) and !isset($_POST['password'])) {
if (!isset($_SESSION['HTTP_LOGIN'])) {
unset($GLOBALS['_SERVER']['PHP_AUTH_PW']);
unset($GLOBALS['_SERVER']['PHP_AUTH_USER']);
/*
Some message should be *maybe* emitted here !
*/
}
if (!isset($_SERVER['PHP_AUTH_USER']) and !isset($_SERVER['PHP_AUTH_PW'])) {
Header("WWW-Authenticate: Basic realm=\"Login \"");
Header("HTTP/1.0 401 Unauthorized");
$_SESSION['HTTP_LOGIN'] = true;
exit;
} else {
$_POST['username'] = $_SERVER['PHP_AUTH_USER'];
$_POST['password'] = $_SERVER['PHP_AUTH_PW'];
$_SESSION['HTTP_LOGIN'] = false;
}
}
$name = addcslashes($_POST['username'], "'");
$oid = mysql_query("SELECT * \n\n\t\t \t FROM {$GLOBALS['usersEntity']->name} \n\n\t\t \t WHERE username = '******'\n\n\t\t \t AND password = MD5('{$_POST['password']}')");
if (!$oid) {
echo "Error in database!<hr>";
echo mysql_error();
exit;
}
if (mysql_num_rows($oid) == 0) {
if ($_REQUEST['mode'] == "compact") {
echo "0";
exit;
} else {
/* DISIM-specific: it should be removed ? anyhow it is never activate since
* it will be activated only with mode=ajax as before
*
* */
Header("Location: error.php?id=loginError");
exit;
}
} else {
$userdata = mysql_fetch_assoc($oid);
$_SESSION['user']['username'] = $userdata['username'];
$_SESSION['user']['name'] = $userdata['name'];
$_SESSION['user']['surname'] = $userdata['surname'];
$_SESSION['user']['email'] = $userdata['email'];
$lastlogin = aux::getResult("\n\t\t\t\t SELECT * \n\t\t\t\t FROM {$GLOBALS['logEntity']->name} \n\t\t\t\t WHERE username = '******'user']['username']}'\n\t\t\t\t AND operation = 'LOGIN'\n\t\t\t\t ORDER BY date DESC\n\t\t\t\t LIMIT 1");
if (isset($lastlogin)) {
$_SESSION['user']['lastlogin'] = $lastlogin[0]['date'];
} else {
$_SESSION['user']['lastlogin'] = "";
}
$GLOBALS['logEntity']->insertItem(NULL, 'LOGIN', '', '', basename($_SERVER['SCRIPT_FILENAME']), $_SESSION['user']['username'], date("YmdHi"), $_SERVER['HTTP_HOST']);
}
} else {
//USER HAS ALREADY LOGGED IN
$debug_action = "USER_LOGGED";
}
if (is_array($_SESSION['user']['services'])) {
$debug_action = " services array ";
} else {
$debug_action = " services NOT array, trying to reload it ";
$oid = mysql_query("SELECT DISTINCT {$GLOBALS['usersEntity']->name}.username, \n\n\t\t\t\t {$GLOBALS['servicesEntity']->name}.entry AS serviceName,\n\n\t\t\t\t {$GLOBALS['servicesEntity']->name}.visible,\n\n\t\t\t\t {$GLOBALS['servicesEntity']->name}.id_entities AS entity,\n\n\t\t\t\t {$GLOBALS['servicesEntity']->name}.script,\n\n\t\t\t\t {$GLOBALS['servicesEntity']->name}.superuser_group,\n\n\t\t\t\t {$GLOBALS['servicecategoryEntity']->name}.name AS category,\n\n\t\t\t\t {$GLOBALS['entitiesEntity']->name}.name AS tableName,\n\n\t\t\t\t {$GLOBALS['usersGroupsRelation']->name}.id_groups\n\n FROM {$GLOBALS['usersEntity']->name} \n\n LEFT JOIN {$GLOBALS['usersGroupsRelation']->name} \n\n ON {$GLOBALS['usersGroupsRelation']->name}.username = {$GLOBALS['usersEntity']->name}.username\n\n LEFT JOIN {$GLOBALS['groupsEntity']->name} \n\n ON {$GLOBALS['groupsEntity']->name}.id = {$GLOBALS['usersGroupsRelation']->name}.id_{$GLOBALS['groupsEntity']->name}\n\n LEFT JOIN {$GLOBALS['servicesGroupsRelation']->name} \n\n ON {$GLOBALS['servicesGroupsRelation']->name}.id_{$GLOBALS['groupsEntity']->name} = {$GLOBALS['groupsEntity']->name}.id\n\n LEFT JOIN {$GLOBALS['servicesEntity']->name} \n\n ON {$GLOBALS['servicesEntity']->name}.id = {$GLOBALS['servicesGroupsRelation']->name}.id_{$GLOBALS['servicesEntity']->name}\n\n LEFT JOIN {$GLOBALS['entitiesEntity']->name}\n\n ON {$GLOBALS['entitiesEntity']->name}.name = {$GLOBALS['servicesEntity']->name}.id_{$GLOBALS['entitiesEntity']->name}\n\n LEFT JOIN {$GLOBALS['servicecategoryEntity']->name}\n\n ON {$GLOBALS['servicecategoryEntity']->name}.id = {$GLOBALS['servicesEntity']->name}.servicecategory\n\n \n\n WHERE {$GLOBALS['usersEntity']->name}.username = '******'user']['username']}'\n\n ORDER BY {$GLOBALS['servicecategoryEntity']->name}.position, {$GLOBALS['servicesEntity']->name}.position");
if (!$oid) {
echo "Error in database!<hr>";
echo mysql_error();
exit;
}
do {
$data = mysql_fetch_assoc($oid);
if ($data) {
$_SESSION['user']['services'][] = $data;
$_SESSION['user']['services'][$data['script']] = $data;
$_SESSION['user']['groups'][$data['id_groups']] = $data['id_groups'];
}
} while ($data);
}
#print_r($_SESSION);
$trovato = false;
$error = 212;
if (is_array($_SESSION['user']['services'])) {
foreach ($_SESSION['user']['services'] as $k => $v) {
$error = 217;
if ($v['script'] == basename($_SERVER['SCRIPT_NAME'])) {
$trovato = true;
$currentService = $v;
$error = 223;
}
}
}
if (basename($_SERVER['SCRIPT_NAME']) == "error.php" or basename($_SERVER['SCRIPT_NAME']) == "login.php" or basename($_SERVER['SCRIPT_NAME']) == "logout.php") {
$trovato = true;
}
if (!$trovato) {
#echo $script;
if (basename($_SERVER['SCRIPT_NAME']) != "ajax-manager.php") {
Header("Location: error.php?id=priviledgeError&{$error}&{$debug_action}");
exit;
}
}
///se abilitato il datafiltering///////////////////////////////////////
if (isset($currentService['tableName'])) {
// Data Filtering Check
if (isset($_REQUEST['page']) and $_REQUEST['page'] > 0 and $_REQUEST['action'] == "edit") {
$result = mysql_query("select * from {$currentService['tableName']}");
if (!$result) {
echo "Generic Database Error!";
exit;
}
$meta = mysql_fetch_field($result, 0);
if (!$meta) {
echo "Metadata Error!";
exit;
}
$oid = mysql_query("SELECT username\n\n\t\t\t FROM {$currentService['tableName']}\n\n \t\t\t\t\t WHERE {$meta->name} = '{$_REQUEST['value']}' ");
if (!$oid) {
echo "Error in database!<hr>";
echo mysql_error();
exit;
}
$data = mysql_fetch_assoc($oid);
if ($data['username'] != $_SESSION['user']['username']) {
/* CHECK FOR SUPERUSER_GROUP */
$superuser_group = Auth::getSuperusergroup();
$mygroups = Auth::getGroups();
echo Auth::isSuperuser();
if (!in_array(Auth::getSuperusergroup(), Auth::getGroups()) and !Auth::isAdmin()) {
Header("Location: error.php?id=dataFiltering&289");
exit;
} else {
}
}
}
}
if (!isset($_SESSION['registered-user'])) {
$trovato = false;
if (is_array($_SESSION['user']['services'])) {
foreach ($_SESSION['user']['services'] as $k => $v) {
if ($v['id_groups'] == $GLOBALS['config']['registered_usergroup']) {
$script = $_SERVER['HTTP_REFERER'];
$_SESSION['registered-user'] = true;
Header("Location: {$script}");
exit;
}
}
}
}
////////////////////////////////////////////////////
$_SESSION['user']['admin'] = false;
if (is_array($_SESSION['user']['services'])) {
foreach ($_SESSION['user']['services'] as $k => $v) {
if ($v['id_groups'] == $GLOBALS['config']['admin_usergroup']) {
$_SESSION['user']['admin'] = true;
}
}
}
if ($_REQUEST['mode'] == "compact") {
echo "1";
exit;
}
}
function administrationmenu($name, $data, $pars)
{
$content = "";
#$content .= "<div id=\"administrationMenu\">\n";
$content .= "<ul>\n";
if (is_array($_SESSION['user']['services'])) {
foreach ($_SESSION['user']['services'] as $service) {
if ($service['visible'] == "*") {
$items[$service['script']] = $service;
}
}
$category = "";
foreach ($items as $v) {
if ($category != $v['category']) {
$content .= aux::first_comma("hiermenu", "</ul>\n");
$content .= "<li><strong>{$v['category']}</strong></li>\n";
$content .= "<ul>\n";
$category = $v['category'];
}
if (ereg("manager", $v['script'])) {
$content .= "<li><a href=\"{$v['script']}?action=edit\">{$v['serviceName']}</a> |<a href=\"{$v['script']}?action=add\" title=\"Add\"><img src=\"img/add.png\"></a></li>\n";
} else {
$content .= "<li><a href=\"{$v['script']}\">{$v['serviceName']}</a></li>\n";
}
}
}
$content .= "</ul>\n";
#$content .= "</div>\n";
#$content .= "<div id=\"administrationMenuBottom\"></div>\n";
return $content;
}
<?php
session_start();
require "include/template2.inc.php";
require "include/beContent.inc.php";
require "include/content.inc.php";
$main = new Skin("orange");
if (!isset($_GET['id'])) {
$data = aux::getResult("SELECT id,title,description FROM {$channelEntity->name}");
$body = new Skinlet("rss.html");
$body->setContent("website", $GLOBALS['config']['website']['name']);
$body->setContent("item", $data);
$main->setContent("body", $body->get());
$main->close();
} else {
$rss = new FeedRss($channelEntity);
$data = aux::getResultArray("SELECT title FROM {$channelEntity->name} WHERE id={$_GET['id']}", 'title');
$rss->addChannel("{$data[0]}");
$rss->emitXML();
}
function livereport($name, $entityName, $pars)
{
$item = new Template("dtml/liveReport.html");
$length = $pars['length'];
$index = false;
foreach ($_SESSION['user']['services'] as $k => $v) {
if ($v['script'] == basename($_SERVER['SCRIPT_FILENAME'])) {
$index = $k;
break;
}
}
if (!$index) {
$item->setContent("title", "Report");
} else {
$item->setContent("title", $_SESSION['user']['services'][$index]['serviceName']);
}
$entity = $GLOBALS['database']->getEntityByName($entityName);
$count = $entity->getReference(COUNT);
#$data = aux::getResult("SELECT COUNT(*) AS count FROM {$entityName}");
$item->setContent("length", $length);
#$item->setContent("total", $data[0]['count']);
$item->setContent("total", $count);
$item->setContent("entity", $entityName);
$item->setContent("script", basename($_SERVER['SCRIPT_FILENAME']));
$item->setContent("query", aux::encrypt($GLOBALS['currentform']->reportQuery));
return $item->get();
}
function emitHTML_post()
{
$allChannel = aux::getResult("SELECT id,title FROM bc_channel");
$count = 0;
$x = 0;
$temp = $allChannel;
while ($x < count($GLOBALS['becontent']->entities)) {
if ($GLOBALS['becontent']->entities[$x]->rss) {
$content = array();
$nameEntity = $GLOBALS['becontent']->entities[$x]->name;
$query = "SELECT id_bc_channel FROM channel_entity WHERE entity=\"{$nameEntity}\"";
$content = aux::getResult($query);
$mod = aux::getResult("SELECT modality FROM bc_rss_mod WHERE entity=\"{$nameEntity}\"");
$mod = $mod[0];
$data = array();
$i = 0;
while ($content[$i]) {
$data[] = $content[$i++]['id_bc_channel'];
}
//print_r($data);
$i = 0;
while ($i < count($allChannel)) {
if (is_array($data)) {
$temp[$i]['checked'] = in_array($temp[$i]['id'], $data);
} else {
$temp[$i]['checked'] = false;
}
$temp[$i]['nameEntity'] = $nameEntity;
$temp[$i]['mod'] = $mod['modality'];
$i++;
//print_r($temp);
}
$buffer[$count] = $temp;
$temp = $allChannel;
$count++;
}
$x++;
}
//print_r($buffer);
$content = formTag::lista("prova", $buffer, aux::parsePars("text=\"title\" name=\"title\" value=\"id\" checked=\"checked\" field=\"nameEntity\" mod=\"mod\""));
return $content;
}
<?php
session_start();
require "include/beContent.inc.php";
require "include/auth.inc.php";
$entity = $database->getEntityByName($_REQUEST['table']);
$data['item'] = $entity->getReference(BY_POSITION, $_REQUEST['position'], "{$_REQUEST['reference']} = '{$_REQUEST['value']}'");
foreach ($_REQUEST as $k => $v) {
$data[$k] = $v;
}
#print_r($data);
#echo "<hr>";
echo aux::AjaxEncode($data);
function getFieldRaw($key, $field)
{
$entity = $GLOBALS['database']->getEntityByName($this->entity_name);
if ($this->limit) {
$limit_clause = "LIMIT {$this->limit}";
} else {
$limit_clause = "";
}
$data = aux::getResult("SELECT " . $this->getEntityFields() . "\n\t\t\t\t\t\t\t\t FROM {$this->entity_name} \n\t\t\t\t WHERE {$this->entity_name}.{$entity->fields[0]['name']} = '{$key}'\n\t\t\t\t {$limit_clause}");
return $data[0][$this->getName($field)];
}
function display($data)
{
$length = 400;
foreach ($data as $k => $v) {
switch ($k) {
case "body":
$this->template->setContent($k, aux::subtext($data[$k], $length) . " ...");
break;
case "video":
if ($data[$k] != "") {
#$this->template->setContent("video","<span class=\"mediaicons\"><img src=\"img/grafica/icon_video.gif\" alt=\"Video: titolo_mainnews\"/><a href=\"javascript:openvideo('{$data['video']}','{$data['logo']}')\">video </a> </span>");
$this->template->setContent("video", "<img src=\"img/grafica/icon_video.gif\" alt=\"Video: titolo_mainnews\"/><a href=\"javascript:openvideo('{$data['video']}','{$data['logo']}')\">video </a>");
} else {
$this->template->setContent("video", "");
}
break;
case "foto":
if ($data[$k] != 0) {
$length = 250;
$this->template->setContent("foto", "<a href=\"news.php?id={$data['id']}\"><img src=\"show.php?token=3bcda8f2aed2c8f1fdea1c020dadcf39&id={$data['id']}&width=52&height=60&thumb\" alt=\"{$data['title']}\"/></a>");
} else {
$this->template->setContent("foto", "");
}
break;
case "data":
$this->template->setContent("data", aux::formatDate($v, STANDARD_PLUS));
break;
default:
$this->template->setContent($k, $data[$k]);
break;
}
}
}