Inheritance: extends ezSQL_Base
示例#1
1
 public function setUp()
 {
     parent::setUp();
     // create app
     $config = $this->appConfig + array('base_url' => 'http://localhost/');
     $app = new \FelixOnline\Core\App($config);
     $dbuser = getenv('DB_USER') ? getenv('DB_USER') : 'root';
     $dbpass = getenv('DB_PASS') ? getenv('DB_PASS') : '';
     $db = new \ezSQL_mysqli();
     $db->quick_connect($dbuser, $dbpass, 'test_media_felix', 'localhost', 3306, 'utf8');
     $app['db'] = $db;
     $app['safesql'] = new \SafeSQL_MySQLi($db->dbh);
     $app['env'] = \FelixOnline\Core\Environment::mock();
     // Initialize Akismet
     $connector = new \Riv\Service\Akismet\Connector\Test();
     $app['akismet'] = new \Riv\Service\Akismet\Akismet($connector);
     // Initialize email
     $transport = \Swift_NullTransport::newInstance();
     $app['email'] = \Swift_Mailer::newInstance($transport);
     $session = $this->mock('FelixOnline\\Core\\Session')->getId(1)->start(1)->reset()->new();
     $this->reflect($session)->__set('session', array());
     $app['env']['session'] = $session;
     $cookies = $this->mock('FelixOnline\\Core\\Cookies')->set(true)->delete(true)->new();
     $this->reflect($cookies)->__set('cookies', array());
     $app['env']['cookies'] = $cookies;
     if ($this->setCurrentUser) {
         $app['currentuser'] = new \FelixOnline\Core\CurrentUser();
     }
     // Set empty cache so data isn't cached in tests
     $app['cache'] = new \Stash\Pool();
     $app->run();
     $this->app = $app;
 }
 /**
  * Perform mySQL query
  *
  * Added to the original function: logging of all queries
  *
  * @since 1.7
  */
 function query($query)
 {
     // Keep history of all queries
     $this->debug_log[] = $query;
     // Original function
     return parent::query($query);
 }
示例#3
0
 public function createApp($config)
 {
     $app = new \FelixOnline\Core\App($config);
     $dbuser = getenv('DB_USER') ? getenv('DB_USER') : 'root';
     $dbpass = getenv('DB_PASS') ? getenv('DB_PASS') : '';
     $db = new \ezSQL_mysqli();
     $db->quick_connect($dbuser, $dbpass, 'test_media_felix', 'localhost', 3306, 'utf8');
     $app['db'] = $db;
     $app['safesql'] = new \SafeSQL_MySQLi($db->dbh);
     $app['env'] = \FelixOnline\Core\Environment::mock();
     $session = $this->mock('FelixOnline\\Core\\Session')->getId(1)->start(1)->reset()->new();
     $this->reflect($session)->__set('session', array());
     $app['env']['session'] = $session;
     $app->run();
     return $app;
 }
示例#4
0
include "includes/session.php";
include "includes/checksession.php";
include "includes/checksessionadmin.php";
?>
<!DOCTYPE html>
<html>
<head>
	<title>Edit Types</title>
<?php 
include "fhd_config.php";
include "includes/header.php";
include "includes/all-nav.php";
include "includes/ez_sql_core.php";
include "includes/ez_sql_mysqli.php";
include "includes/functions.php";
$db = new ezSQL_mysqli(db_user, db_password, db_name, db_host);
$actionstatus = "";
// <UPDATE>
//to do: need to check for duplicates...
if (isset($_POST['nacl'])) {
    if ($_POST['nacl'] == md5(AUTH_KEY . $db->get_var("select last_login from site_users where user_id = {$user_id};"))) {
        //authentication verified, continue.
        $type_id = checkid($_POST['type_id']);
        $type_name = $db->escape($_POST['type_name']);
        //	$type_email = $db->escape($_POST['type_email']);
        //	$type_location = $db->escape($_POST['type_location']);
        //	$type_phone = $db->escape($_POST['type_phone']);
        //	$db->query("UPDATE site_types SET type_name='$type_name',type_email='$type_email',type_location='$type_location',type_phone='$type_phone' WHERE type_id = $type_id;");
        $db->query("UPDATE site_types SET type_name='{$type_name}' WHERE type_id = {$type_id};");
        $actionstatus = "<div class=\"alert alert-success\" style=\"max-width: 250px;\">\n    <button type=\"button\" class=\"close\" data-dismiss=\"alert\">&times;</button>\n    Updated.\n    </div>";
    }
示例#5
0
<head>
<meta charset="utf-8">
	<title>Help Desk</title>
<?php 
include "fhd_config.php";
include "includes/header.php";
include "includes/all-nav.php";
?>

<h3><i class="fa fa-tachometer fa-lg"></i> Help Desk Dashboard</h3>
<hr>
<?php 
include "includes/ez_sql_core.php";
include "includes/ez_sql_mysqli.php";
include "includes/functions.php";
$db = new ezSQL_mysqli(db_user, db_password, db_name, db_host);
//only show tickets for the user if not admin.
switch ($user_level) {
    case 0:
        $queryadd = "";
        break;
    case 1:
        $queryadd = " AND call_user = {$user_id}";
        break;
    case 2:
        $addpage = "";
        break;
}
$opentickets = $db->get_var("select count(call_id) from site_calls where call_status = 0 {$queryadd};");
$button_style = ' class="btn btn-default btn-lg" style="width: 250px;"';
?>
示例#6
0
    exit;
}
//limit login tries.
if (isset($_SESSION['hit'])) {
    $_SESSION['hit'] += 1;
    if ($_SESSION['hit'] > LOGIN_TRIES) {
        echo "<p><i class='fa fa-lock fa-2x pull-left'></i> Access Locked</p>";
        include "includes/footer.php";
        exit;
    }
} else {
    $_SESSION['hit'] = 0;
}
include "includes/ez_sql_core.php";
include "includes/ez_sql_mysqli.php";
$db = new ezSQL_mysqli(db_user, db_password, db_name, db_host);
if (isset($_POST['user_login'])) {
    $user_login = trim($db->escape($_POST['user_login']));
} else {
    echo "<div class='alert alert-warning' style='width: 375px;'><i class='glyphicon glyphicon-info-sign'></i> Username / Email is Required.</div>";
    include "includes/footer.php";
    exit;
}
if (isset($_POST['user_password'])) {
    $user_password = trim($db->escape($_POST['user_password']));
    $is_valid = checkpwd($user_password, $user_login);
}
//uesrs can login with either login name or email address.
$pos = strrpos($user_login, "@");
if ($pos === false) {
    // note: three equal signs
示例#7
0
ob_start();
include "includes/session.php";
include "includes/checksession.php";
?>
<!DOCTYPE html>
<html>
<head>
	<title>Note Add/Edit</title>
<?php 
include "fhd_config.php";
include "includes/header.php";
include "includes/all-nav.php";
include "includes/ez_sql_core.php";
include "includes/ez_sql_mysqli.php";
include "includes/functions.php";
$db = new ezSQL_mysqli(db_user, db_password, db_name, db_host);
// <UPDATE>
if (isset($_POST['update'])) {
    if ($_POST['nacl'] == md5(AUTH_KEY . $db->get_var("select user_password from site_users where user_id = {$user_id};"))) {
        $note_id = checkid($_POST['note_id']);
        $call_id = checkid($_POST['call_id']);
        $user_id = $_SESSION['user_id'];
        if ($user_id == $db->get_var("select note_post_user from site_notes where note_post_user = {$user_id};")) {
            $note_body = trim(htmlentities($db->escape($_POST['note_body'])));
            $note_post_ip = $db->escape($_SERVER['REMOTE_ADDR']);
            $db->query("UPDATE site_notes SET note_body='{$note_body}',note_post_ip='{$note_post_ip}' WHERE note_id={$note_id};");
            header("Location: fhd_call_edit.php?call_id={$call_id}");
            //echo exit;
        }
    } else {
        //not verified, warning and exit!
示例#8
0
include "includes/session.php";
include "includes/checksession.php";
?>
<!DOCTYPE html>
<html>
<head>
	<title>Laporan Masalah</title>
<?php 
include "fhd_config.php";
include "includes/header.php";
include "includes/all-nav.php";
include "includes/ez_sql_core.php";
include "includes/ez_sql_mysqli.php";
include "includes/functions.php";
$db = new ezSQL_mysqli(db_user, db_password, db_name, db_host);
$queryadd = "";
$colspan = 2;
if ($user_level == 1) {
    $queryadd = " AND call_user = {$user_id}";
    $colspan = 1;
}
if (isset($_GET['user_id'])) {
    $queryadd = " AND call_user = "******"SELECT call_id,call_date,call_first_name,call_last_name,call_request,call_department,call_device from site_calls WHERE (call_status = 0) $queryadd order by call_id desc;";
$myquery = "SELECT call_id,call_date,call_first_name,call_last_name,call_request,call_department,call_device from site_calls WHERE (call_status = 0) order by call_id desc;";
$site_calls = $db->get_results($myquery);
$num = $db->num_rows;
//$db->debug();
示例#9
0
<head>
	<title>Ticket Details</title>
<?php 
include "fhd_config.php";
include "includes/header.php";
include "includes/all-nav.php";
include "includes/functions.php";
$call_id = checkid($_REQUEST['call_id']);
include "includes/ez_sql_core.php";
include "includes/ez_sql_mysqli.php";
include "includes/class.phpmailer.php";
$action = "";
$actionstatus = "";
$close_email = "";
$statusquery = "";
$db = new ezSQL_mysqli(db_user, db_password, db_name, db_host);
$isnotes = $db->get_var("SELECT count(*) from site_notes WHERE (note_relation = {$call_id}) AND note_type = 1;");
//<DELETE>
if (isset($_GET['action'])) {
    if ($_GET['action'] == 'delete') {
        if (isset($_GET['nacl'])) {
            if ($_GET['nacl'] == md5(AUTH_KEY . $db->get_var("select last_login from site_users where user_id = {$user_id};"))) {
                //authentication verified, continue.
                $call_id = checkid($_GET['call_id']);
                $db->query("UPDATE site_calls SET call_status = 3 WHERE call_id = {$call_id} limit 1;");
                $db->query("UPDATE site_notes SET note_type = 0 WHERE note_relation = {$call_id};");
                header("Location: fhd_calls.php");
            }
        }
    }
}
include "includes/session.php";
include "includes/checksession.php";
include "includes/checksessionadmin.php";
?>
<!DOCTYPE html>
<html>
<head>
	<title>Settings</title>
<?php 
include "fhd_config.php";
include "includes/header.php";
include "includes/all-nav.php";
include "includes/ez_sql_core.php";
include "includes/ez_sql_mysqli.php";
include "includes/functions.php";
$db = new ezSQL_mysqli(db_user, db_password, db_name, db_host);
//<DELETE>
if (isset($_GET['nacl'])) {
    if ($_GET['nacl'] == md5(AUTH_KEY . $db->get_var("select last_login from site_users where user_id = {$user_id};"))) {
        //authentication verified, continue.
        $type_id = checkid($_GET['type_id']);
        $action = $db->escape($_GET['action']);
        $type = checkid($_GET['type']);
        if ($action == 'delete') {
            $db->query("DELETE FROM site_types where type_id = {$type_id};");
            header("Location: fhd_settings_action.php?type={$type}");
        }
    }
}
//</DELETE>
//check type variable
示例#11
0
include "includes/session.php";
include "includes/checksession.php";
?>
<!DOCTYPE html>
<html>
<head>
	<title>Users</title>
<?php 
include "fhd_config.php";
include "includes/header.php";
include "includes/all-nav.php";
include "includes/ez_sql_core.php";
include "includes/ez_sql_mysqli.php";
include "includes/functions.php";
$db = new ezSQL_mysqli(db_user, db_password, db_name, db_host);
$pending = "";
$title = "";
if (isset($_GET['pending'])) {
    $pending = "AND user_pending = 1";
}
if (isset($_GET['support_staff'])) {
    $pending = "AND user_level = 2";
    $title = "Support Staff";
}
$myquery = "SELECT user_id,user_name,user_email,user_pending,user_level,user_protect_edit,user_msg_send from site_users where 1 {$pending} order by user_level,user_id desc;";
$site_calls = $db->get_results($myquery);
$num = $db->num_rows;
echo "<p><a href='fhd_settings.php'>Settings</a></p>";
echo "<h4>{$num} {$title} Users</h4>";
if ($num > 0) {
示例#12
0
include "includes/session.php";
include "includes/checksession.php";
include "includes/checksessionadmin.php";
?>
<!DOCTYPE html>
<html>
<head>
	<title>Add</title>
<?php 
include "fhd_config.php";
include "includes/header.php";
include "includes/all-nav.php";
include "includes/ez_sql_core.php";
include "includes/ez_sql_mysqli.php";
include "includes/functions.php";
$db = new ezSQL_mysqli(db_user, db_password, db_name, db_host);
// <ADD>
if (isset($_POST['nacl'])) {
    if ($_POST['nacl'] == md5(AUTH_KEY . $db->get_var("select user_password from site_users where user_id = {$user_id};"))) {
        //authentication verified, continue.
        $type = checkid($_POST['type']);
        $type_name = $db->escape($_POST['type_name']);
        $type_email = $db->escape($_POST['type_email']);
        $type_location = $db->escape($_POST['type_location']);
        $type_phone = $db->escape($_POST['type_phone']);
        $db->query("INSERT INTO site_types(type,type_name,type_email,type_location,type_phone) VALUES( {$type},'{$type_name}','{$type_email}','{$type_location}','{$type_phone}');");
        header("Location: fhd_settings_action.php?type={$type}");
    } else {
        //not verified, warning and exit!
        echo "<p class='save'>Warning: Verification Error!</p>";
        exit;
示例#13
0
include "includes/checksession.php";
include "includes/checksession_ss.php";
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
	<title>Ticket Details</title>
<?php 
include "fhd_config.php";
include "includes/header.php";
include "includes/all-nav.php";
include "includes/functions.php";
include "includes/ez_sql_core.php";
include "includes/ez_sql_mysqli.php";
$db = new ezSQL_mysqli(db_user, db_password, db_name, db_host);
$actionstatus = "";
//<ADD>
if (isset($_POST['nacl'])) {
    if ($_POST['nacl'] == md5(AUTH_KEY . $db->get_var("select last_login from site_users where user_id = {$user_id};"))) {
        //authentication verified, continue.
        $call_status = $db->escape($_POST['call_status']);
        $call_date = $db->escape(strtotime($_POST['call_date']));
        $call_first_name = $db->escape($_POST['call_first_name']);
        $call_email = $db->escape($_POST['call_email']);
        $call_phone = $db->escape($_POST['call_phone']);
        $call_department = $db->escape($_POST['call_department']);
        $call_request = $db->escape($_POST['call_request']);
        $call_device = $db->escape($_POST['call_device']);
        $call_details = $db->escape($_POST['call_details']);
        $call_solution = $db->escape($_POST['call_solution']);
示例#14
0
<?php

include "fhd_config.php";
if (ALLOW_REGISTER == "yes") {
    include "includes/ez_sql_core.php";
    include "includes/ez_sql_mysqli.php";
    $db = new ezSQL_mysqli(db_user, db_password, db_name, db_host);
    $q = $db->escape($_GET["q"]);
    $db = new ezSQL_mysqli(db_user, db_password, db_name, db_host);
    $q = $db->escape($q);
    $num = $db->get_var("select count(user_login) from site_users where user_login = '******';");
    if ($num == 0) {
        echo "<i class='glyphicon glyphicon-ok'></i> <small><em>available</em></small>";
    } else {
        echo "<i class='glyphicon glyphicon-ban-circle'></i> <small><em>name not available</em></small>";
    }
}
示例#15
0
文件: demo.php 项目: xFanly/ezSQL
<?php

/**********************************************************************
 *  ezSQL initialisation for mySQLi
 */
// Include ezSQL core
include_once "../shared/ez_sql_core.php";
// Include ezSQL database specific component
include_once "ez_sql_mysqli.php";
// Initialise database object and establish a connection
// at the same time - db_user / db_password / db_name / db_host
// db_host can "host:port" notation if you need to specify a custom port
$db = new ezSQL_mysqli('db_user', 'db_password', 'db_name', 'db_host');
/**********************************************************************
 *  ezSQL demo for mySQLi database
 */
// Demo of getting a single variable from the db
// (and using abstracted function sysdate)
$current_time = $db->get_var("SELECT " . $db->sysdate());
print "ezSQL demo for mySQL database run @ {$current_time}";
// Print out last query and results..
$db->debug();
// Get list of tables from current database..
$my_tables = $db->get_results("SHOW TABLES", ARRAY_N);
// Print out last query and results..
$db->debug();
// Loop through each row of results..
foreach ($my_tables as $table) {
    // Get results of DESC table..
    $db->get_results("DESC {$table['0']}");
    // Print out last query and results..
示例#16
0
function sendmessage_closed($call_id)
{
    $call_id = valid_id($call_id);
    $db = new ezSQL_mysqli(db_user, db_password, db_name, db_host);
    $mail = new PHPMailer();
    //Set who the message is to be sent from
    $mail->SetFrom(FROM_EMAIL);
    //Set who the message is to be sent to
    $call_email = $db->get_var("SELECT call_email FROM site_calls WHERE call_id = {$call_id};");
    $mail->AddAddress($call_email);
    //Set the subject line
    $mail->Subject = 'Ticket ' . FHD_TITLE . ' [# ' . $call_id . '] Closed.';
    //Read an HTML message body from an external file, convert referenced images to embedded, convert HTML into a basic plain-text alternative body
    $call_solution = $db->get_var("SELECT call_solution FROM site_calls WHERE call_id = {$call_id};");
    $econtent = "Ticket Closed.<br><hr>" . $call_solution;
    $mail->MsgHTML($econtent . "<br>");
    //Send the message
    $mail->Send();
}
示例#17
0
include "includes/checksessionadmin.php";
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
	<title>Administration Dashboard</title>
<?php 
include "fhd_config.php";
include "includes/PasswordHash.php";
include "includes/header.php";
include "includes/all-nav.php";
include "includes/ez_sql_core.php";
include "includes/ez_sql_mysqli.php";
include "includes/functions.php";
$db = new ezSQL_mysqli(db_user, db_password, db_name, db_host);
echo '<h4>One-Time Password Encryption</h4>';
$encrypted_passwords = $db->get_var("SELECT option_value FROM site_options where option_name = 'encrypted_passwords';");
if ($encrypted_passwords == "yes") {
    echo "<p class='text-danger'><strong>This function has already been run!</strong></p>";
    include "includes/footer.php";
    exit;
}
?>

<h4><strong>Please <u>backup database</u> before starting.</strong></h4>

<p><a href="fhd_admin_e.php?start=1" class="btn btn-success" onclick="return confirm('Please be sure you have a good database backup!')">Start</a> <a href="fhd_settings.php" class="btn btn-danger">Cancel</a></p>

<?php 
if (isset($_GET['start'])) {
示例#18
0
include "includes/checksessionadmin.php";
?>

<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
	<title>Help Desk Settings</title>
<?php 
include "fhd_config.php";
include "includes/header.php";
include "includes/all-nav.php";
include "includes/functions.php";
include "includes/ez_sql_core.php";
include "includes/ez_sql_mysqli.php";
$db = new ezSQL_mysqli(db_user, db_password, db_name, db_host);
$encrypted_passwords = $db->get_var("SELECT option_value from site_options where option_name = 'encrypted_passwords';");
$encrypted_link = "";
if ($encrypted_passwords != 'yes') {
    $encrypted_link = " <small><a href='fhd_admin_e.php'>Encrypt Passwords</a></small>";
}
$date = date_create();
$fhddate = date_format($date, 'U');
?>

<h4>Help Desk Settings</h4>

<a href="fhd_settings_action.php?type=1" class="btn btn-default btn-sm"><i class="fa fa-cog"></i> Departments</a> 
<a href="fhd_settings_action.php?type=2" class="btn btn-default btn-sm"><i class="fa fa-cog"></i> Request Types</a> 
<a href="fhd_settings_action.php?type=3" class="btn btn-default btn-sm"><i class="fa fa-cog"></i> Device Type</a> 
<a href="fhd_users.php?support_staff=show" class="btn btn-default btn-sm"><i class="fa fa-cog"></i> Support Staff</a>
示例#19
0
	<title>Ticket Search</title>
<?php 
include "fhd_config.php";
include "includes/header.php";
include "includes/all-nav.php";
include "includes/functions.php";
include "includes/ez_sql_core.php";
include "includes/ez_sql_mysqli.php";
$searchquery = "";
$colspan = 2;
$num = "";
if ($user_level == 1) {
    $searchquery = " AND call_user = {$user_id}";
    $colspan = 1;
}
$db = new ezSQL_mysqli(db_user, db_password, db_name, db_host);
//<SEARCHQUERY>
if (isset($_GET['search'])) {
    $call_status = $db->escape((int) $_GET['call_status']);
    $call_date1 = strtotime($_GET['call_date1']);
    $call_date2 = strtotime($_GET['call_date2']);
    if ($call_date2 == "") {
        $call_date2 = $call_date1;
    }
    $call_first_name = $db->escape($_GET['call_first_name']);
    $call_email = $db->escape($_GET['call_email']);
    $call_phone = $db->escape($_GET['call_phone']);
    $call_department = $db->escape((int) $_GET['call_department']);
    $call_request = $db->escape((int) $_GET['call_request']);
    $call_device = $db->escape((int) $_GET['call_device']);
    $call_staff = $db->escape((int) $_GET['call_staff']);
示例#20
0
    exit;
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
	<title>Open Ticket</title>
<?php 
include "includes/header.php";
include "includes/functions.php";
include "includes/ez_sql_core.php";
include "includes/ez_sql_mysqli.php";
$date = date_create();
$fhddate = date_format($date, 'U');
$db = new ezSQL_mysqli(db_user, db_password, db_name, db_host);
//<ADD>
if (isset($_POST['nacl'])) {
    //authentication verified, continue.";
    $user_id = 0;
    $call_status = 0;
    $call_date = strtotime(date('n/j/y g:i a'));
    $call_first_name = $db->escape($_POST['call_first_name']);
    $call_email = $db->escape($_POST['call_email']);
    if (!filter_var($call_email, FILTER_VALIDATE_EMAIL)) {
        echo "<div class=\"alert alert-danger\" style=\"max-width: 350px;\">That email address appears to be invalid.</div>";
        include "includes/footer.php";
        exit;
    }
    $call_phone = $db->escape($_POST['call_phone']);
    $call_department = $db->escape((int) $_POST['call_department']);
示例#21
0
    exit;
}
//limit login tries.
if (isset($_SESSION['hit'])) {
    $_SESSION['hit'] += 1;
    if ($_SESSION['hit'] > LOGIN_TRIES) {
        echo "<p><i class='fa fa-lock fa-2x pull-left'></i> Access Locked</p>";
        include "includes/footer.php";
        exit;
    }
} else {
    $_SESSION['hit'] = 0;
}
include "includes/ez_sql_core.php";
include "includes/ez_sql_mysqli.php";
$db = new ezSQL_mysqli(db_user, db_password, db_name, db_host);
if (isset($_POST['user_login'])) {
    $user_login = trim($db->escape($_POST['user_login']));
} else {
    echo "<div class='alert alert-warning' style='width: 375px;'><i class='glyphicon glyphicon-info-sign'></i> Username / Email is Required.</div>";
    include "includes/footer.php";
    exit;
}
if (isset($_POST['user_password'])) {
    $user_password = trim($db->escape($_POST['user_password']));
    $is_valid = checkpwd($user_password, $user_login);
}
//uesrs can login with either login name or email address.
$pos = strrpos($user_login, "@");
if ($pos === false) {
    // note: three equal signs
include "includes/session.php";
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
	<title>Registration</title>
<?php 
include "fhd_config.php";
include "includes/header.php";
include "includes/ez_sql_core.php";
include "includes/ez_sql_mysqli.php";
include "includes/functions.php";
//initilize db
$db = new ezSQL_mysqli(db_user, db_password, db_name, db_host);
if (ALLOW_REGISTER != "yes") {
    echo "<p>Registration is Closed</p>";
    include "includes/footer.php";
    exit;
}
if (CAPTCHA_REGISTER == "yes") {
    $captchasession = $_SESSION['captcha']['code'];
    $captcha = $db->escape(trim($_POST['captcha']));
    if ($captchasession != $captcha) {
        echo "<div class=\"alert alert-danger\" style=\"max-width: 350px;\">Invalid Captcha Code.</div>";
        include "includes/footer.php";
        exit;
    }
}
//IP and DATE field
示例#23
0
if (!file_exists($filename)) {
    define('css', 'css/bootstrap.min.css');
    echo "<p></p><strong>Notice:</strong> Software Configuration Needed</p>";
    echo "<p>Please check the <strong>fhd_config.php</strong> file.</p>";
    echo "<p>If this is a new install, you can <strong>rename fhd_config_sample.php to fhd_config.php</strong></p>";
    echo "<p>Open fhd_config.php in a text editor and <strong>configure your settings</strong>.</p>";
    echo "<p>For more information, please check the <a href='readme.htm' target='_blank'>readme file</a>.</p>";
    include "includes/footer.php";
    exit;
}
include "fhd_config.php";
include "includes/header.php";
//check database settings.
include "includes/ez_sql_core.php";
include "includes/ez_sql_mysqli.php";
$db = new ezSQL_mysqli(db_user, db_password, db_name, db_host);
$SCHEMA_NAME = $db->get_var("SELECT SCHEMA_NAME FROM INFORMATION_SCHEMA.SCHEMATA WHERE SCHEMA_NAME = '" . db_name . "';");
if ($SCHEMA_NAME != db_name) {
    echo "<p></p><strong>Notice:</strong> Software Configuration Needed</p>";
    echo "<p>Database specified in fhd_config.php [ " . db_name . " ] does not exist, please check the <a href='readme.htm' target='_blank'>readme file</a>.</p>";
    include "includes/footer.php";
    exit;
}
//check if tables actually exist.
$user_table_exists = $db->get_var("SHOW TABLES LIKE 'site_users';");
if ($user_table_exists != "site_users") {
    echo "<p></p><strong>Notice:</strong> Software Configuration Needed</p>";
    echo "<p>One or more database tables are missing from database (named: " . db_name . "). Please run <strong>site.sql</strong> against your databsae to create the tables. Please check the <a href='readme.htm' target='_blank'>readme file</a></p>";
    include "includes/footer.php";
    exit;
}
示例#24
0
include "fhd_simple-php-captcha.php";
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
	<title>Forgot Password</title>
<?php 
include "fhd_config.php";
include "includes/header.php";
include "includes/ez_sql_core.php";
include "includes/ez_sql_mysqli.php";
include "includes/functions.php";
$thedomain = $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];
//initilize db
$db = new ezSQL_mysqli(db_user, db_password, db_name, db_host);
//if STEP 2 of the process
if (isset($_GET['action'])) {
    $action = $db->escape($_GET['action']);
    $key = $db->escape($_GET['key']);
    //check if action is to reset password and that the key is not blank.
    if ($action == "rp") {
        if (!empty($key)) {
            $myquery = "SELECT user_id,user_email FROM site_users WHERE user_im_other = '{$key}' limit 1;";
            $resets = $db->get_row($myquery);
            // if a record is returned then continue
            if ($db->num_rows == 1) {
                $user_email = $resets->user_email;
                $user_id = $resets->user_id;
                //generage a new password, set resetcode to blank so link cannot be used again.
                $user_password_plain = generatePassword(8, 9);
示例#25
0
<!DOCTYPE html>
<html lang="es">
<head>
    <?php 
include "ncl/session.php";
include "ncl/checksession.php";
include "ncl/checksessionadmin.php";
include "ncl/head.php";
include "ncl/functions.php";
include "ncl/ez_sql_core.php";
include "ncl/ez_sql_mysqli.php";
$actionstatus = "";
$db = new ezSQL_mysqli(db_user, db_password, db_name, db_host);
//<ADD>
if (isset($_POST['nacl'])) {
    if ($_POST['nacl'] == md5(AUTH_KEY . $db->get_var("select last_login from site_users where user_id = {$user_id};"))) {
        //authentication verified, continue.
        $user_login = $db->escape($_POST['user_login']);
        $user_email = $db->escape($_POST['user_email']);
        //check email exists
        $num = $db->get_var("select count(user_email) from site_users where (user_email = '{$user_email}');");
        if ($num > 0) {
            echo "<div class='alert alert-danger'><strong>Error:</strong> that email address is already in use.</div>";
            include "ncl/footer.php";
            exit;
        }
        //password function here
        if (strlen($_POST['user_password']) > 4) {
            $user_password = makepwd(trim($db->escape($_POST['user_password'])));
        } else {
            echo "<div class='alert alert-danger'><strong>Error:</strong> password to short.</div>";
示例#26
0
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
	<title>Ticket Details</title>
<?php 
include "fhd_config.php";
include "includes/header.php";
include "includes/all-nav.php";
include "includes/functions.php";
$call_id = checkid($_GET['call_id']);
include "includes/ez_sql_core.php";
include "includes/ez_sql_mysqli.php";
//echo date('l jS \of F Y h:i:s A');
$db = new ezSQL_mysqli(db_user, db_password, db_name, db_host);
$nacl = md5(AUTH_KEY . $db->get_var("select last_login from site_users where user_id = {$user_id};"));
$site_calls = $db->get_row("SELECT call_id,call_first_name,call_last_name,call_phone,call_email,call_department,call_request,call_device,call_details ,call_date,call_date2,call_status,call_solution,call_user,call_staff FROM site_calls WHERE (call_id = {$call_id}) limit 1;");
?>
<h4><i class='fa fa-tag'></i> Ticket Details [ #<?php 
echo $call_id;
?>
 ]</h4>

<?php 
if ($user_level != 1) {
    ?>
<p><i class="glyphicon glyphicon-edit"></i> <a href="fhd_call_edit.php?call_id=<?php 
    echo $call_id;
    ?>
">Edit Ticket</a></p>
示例#27
0
include "includes/checksession.php";
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
	<title>Ticket Details</title>
<?php 
include "fhd_config.php";
include "includes/header.php";
include "includes/all-nav.php";
include "includes/functions.php";
include "includes/ez_sql_core.php";
include "includes/ez_sql_mysqli.php";
$actionstatus = "";
$db = new ezSQL_mysqli(db_user, db_password, db_name, db_host);
//<ADD>
if (isset($_POST['nacl'])) {
    if ($_POST['nacl'] == md5(AUTH_KEY . $db->get_var("select last_login from site_users where user_id = {$user_id};"))) {
        //authentication verified, continue.";
        $call_status = 0;
        $call_date = strtotime(date('n/j/y g:i a'));
        $call_first_name = $db->escape($_POST['call_first_name']);
        $call_email = $db->escape($_POST['call_email']);
        $call_phone = $db->escape($_POST['call_phone']);
        $call_department = $db->escape((int) $_POST['call_department']);
        $call_request = $db->escape((int) $_POST['call_request']);
        $call_device = $db->escape((int) $_POST['call_device']);
        $call_details = $db->escape($_POST['call_details']);
        $db->query("INSERT INTO site_calls(call_status,call_user,call_date,call_first_name,call_email,call_phone,call_department,call_request,call_device,call_details)VALUES({$call_status},{$user_id},{$call_date},'{$call_first_name}','{$call_email}','{$call_phone}',{$call_department},{$call_request},{$call_device},'{$call_details}');");
        $insert_id = $db->insert_id;
示例#28
0
include "includes/checksession.php";
include "includes/checksessionadmin.php";
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
	<title>Edit User Details</title>
<?php 
include "fhd_config.php";
include "includes/header.php";
include "includes/all-nav.php";
include "includes/functions.php";
include "includes/ez_sql_core.php";
include "includes/ez_sql_mysqli.php";
$db = new ezSQL_mysqli(db_user, db_password, db_name, db_host);
$actionstatus = "";
//<UPDATE>
if (isset($_POST['update'])) {
    if ($_POST['nacl'] == md5(AUTH_KEY . $db->get_var("select last_login from site_users where user_id = {$user_id};"))) {
        //authentication verified, continue.
        $url_user_id = valid_user($_POST['url_user_id']);
        $user_date = date(time());
        $user_login = $db->escape($_POST['user_login']);
        //password function here
        $user_password_set = "";
        if (strlen($_POST['user_password']) > 4) {
            $user_password = makepwd(trim($db->escape($_POST['user_password'])));
            $user_password_set = "user_password='******',";
        }
        $user_name = $db->escape($_POST['user_name']);
示例#29
0
<?php

ob_start();
include "includes/header.php";
include "includes/session.php";
include "includes/checksession.php";
include "fhd_config.php";
include "includes/ez_sql_core.php";
include "includes/ez_sql_mysqli.php";
$db = new ezSQL_mysqli(db_user, db_password, db_name, db_host);
//DELETE FILE
//check nacl
if (isset($_GET['nacl'])) {
    if ($_GET['nacl'] != md5(AUTH_KEY . $db->get_var("select last_login from site_users where user_id = {$user_id};"))) {
        echo "<div class=\"alert alert-danger\" style=\"max-width: 200px;\"><i class='glyphicon glyphicon-ban-circle'></i> Authentication Error</div>";
        exit;
    }
} else {
    echo "<div class=\"alert alert-danger\" style=\"width: 200px;\"><i class='glyphicon glyphicon-ban-circle'></i> Authentication Error</div>";
    exit;
}
if (isset($_GET['delete'])) {
    if ($_GET['delete'] == 1) {
        $file_id = $db->escape($_GET['file_id']);
        $call_id = $db->escape($_GET['call_id']);
        $file_ext = $db->get_var("SELECT file_ext FROM site_upload WHERE (id = {$file_id}) AND (call_id = {$call_id}) LIMIT 1;");
        $realpath = md5(UPLOAD_KEY . $file_id) . "." . $file_ext;
        unlink("upload/" . $realpath);
        $db->query("DELETE FROM site_upload where (id = {$file_id}) AND (call_id = {$call_id}) LIMIT 1;");
        header("Location: fhd_call_edit.php?call_id={$call_id}");
        exit;
示例#30
0
<?php

ob_start();
include "includes/session.php";
include "includes/checksession.php";
include "includes/checksession_ss.php";
include "fhd_config.php";
include "includes/ez_sql_core.php";
include "includes/ez_sql_mysqli.php";
include "includes/functions.php";
$db = new ezSQL_mysqli(db_user, db_password, db_name, db_host);
//<EDIT NOTE>
if ($_GET['action'] == 'delete') {
    if (isset($_GET['nacl'])) {
        if ($_GET['nacl'] == md5(AUTH_KEY . $db->get_var("select last_login from site_users where user_id = {$user_id};"))) {
            //authentication verified, continue.
            $note_id = checkid($_GET['note_id']);
            $call_id = checkid($_GET['call_id']);
            $db->query("UPDATE site_notes SET note_type = 0 where note_id = {$note_id} limit 1;");
            header("Location: fhd_call_edit.php?call_id={$call_id}");
        }
    }
}
//</EDIT NOTE>
//<DELETE NOTE>
if ($_GET['action'] == 'delete') {
    if (isset($_GET['nacl'])) {
        if ($_GET['nacl'] == md5(AUTH_KEY . $db->get_var("select last_login from site_users where user_id = {$user_id};"))) {
            //authentication verified, continue.
            $note_id = checkid($_GET['note_id']);
            $call_id = checkid($_GET['call_id']);