/
var
/
www
/
barefootlaw.org
/
bios2
/
manager
/
Upload File
HOME
<?php date_default_timezone_set("Africa/Kampala") ?> <?php class fleet { public $site_name = "BIOS"; public $error_msg = ""; public $table_name = ""; public $database_name = "bfl"; public $page_token = 'EAAYSgYDjEewBAB4VdJOnZBk2YOR2eboBOH4UZCZC7TrqRXYByTNYvHGCyuiVLtCOzZBYW0yZC5hy5OiBZAm0jgirhBprbJkYBJIBnWEaZCeKV0EnHSEKdj0uculY87iWmNrQlnnTvD4ZC41i3KnJvHI7a39XHBffZCEK7Kz7U4a7lkAZDZD'; function __construct() { //$this } function table_name($hash) { $query = mysql_query("show tables"); $query2 = mysql_fetch_assoc($query); do { if (sha1($query2[mysql_field_name($query, 0)]) == $hash) { return $query2[mysql_field_name($query, 0)]; } } while ($query2 = mysql_fetch_assoc($query)); } function is_db_row($table, $ref) { $query = mysql_query("select ".$ref." from `".$table."`"); if($query) return true; else return false; } function get_records ($table, $col, $conditions) { $data = array(); if(is_array($col)) { $start = mysql_query("select ".implode(",",$col)." from ".$table." ".$conditions); } else { $start = mysql_query("select ".$col." from `".$table."` ".$conditions); } if($start) { if(true/*mysql_num_rows($start) > 0*/) { $end = mysql_fetch_assoc($start); //or die(mysql_error()); do { if(is_array($col)) { $temp = array(); for($i=0;$i<sizeof($col);$i++) { $temp = array_merge($temp, array(mysql_field_name($start,$i)=>$end[mysql_field_name($start,$i)])); } $data[] = $temp; } else { $data[] = $end[mysql_field_name($start,0)]; } } while($end = mysql_fetch_assoc($start)); mysql_free_result($start); return $data; } else return array(); } else { /*return array(mysql_error());*/ die(mysql_error()); } } function get_record ($table, $col, $conditions) { $data = ''; $start = mysql_query("select ".$col." from ".$table." ".$conditions); if($start) { if(mysql_num_rows($start) > 0) { $end = mysql_fetch_assoc($start); //or die(mysql_error()); $data = $end[mysql_field_name($start,0)]; mysql_free_result($start); return $data; } else return ''; } else return mysql_error(); } function form_field_html($field_name, $user_id="", $primary_key="") { $required = true; //Field Names are in the form table.column; Don't use period in table or column names $bits = explode(".",$field_name); if($primary_key != "") { $default_value = $this->get_record("`".$bits[0]."`","`".$bits[1]."`","where id = '".$primary_key."'"); } $field_descriptions = mysql_query("desc `".$bits[0]."`"); if($field_descriptions) { $field_info = mysql_fetch_assoc($field_descriptions); do { if($field_info['Field'] == $bits[1]) { if(!isset($default_value)) { $default_value = $field_info['Default']; } //Determine whether value is required or not. $required = (strtolower($field_info['Null']) == "no") ? "true" : "false"; if($field_info['Key'] == 'MUL' && $this->get_record("information_schema.KEY_COLUMN_USAGE","count(*)","WHERE TABLE_NAME = '".$bits[0]."' and COLUMN_NAME = '".$bits[1]."' and TABLE_SCHEMA = '".$this->database_name."' and REFERENCED_COLUMN_NAME is not null and REFERENCED_TABLE_NAME is not null") > 0) { $html = '<select id="select1" class="form-control" style="width: 100%" name="'.sha1($field_name).'" data-placeholder="Please Select . . ." '.($required == 'true' ? 'required' : '').' onchange="filter_values(\''.sha1($field_name).'\',this.value)"><option value=""> </option>'; $go = mysql_fetch_assoc(mysql_query("SELECT COLUMN_NAME, CONSTRAINT_NAME, REFERENCED_COLUMN_NAME, REFERENCED_TABLE_NAME FROM information_schema.KEY_COLUMN_USAGE WHERE TABLE_NAME = '".$bits[0]."' and COLUMN_NAME = '".$bits[1]."' and TABLE_SCHEMA = '".$this->database_name."' and REFERENCED_COLUMN_NAME is not null and REFERENCED_TABLE_NAME is not null")); if($go['COLUMN_NAME'] == $bits[1]) { //echo $bits[0]." ".$bits[1]; exit; $where_clause = "where _status = '1' and "; //Check whether comment field is JSON or not $comment_field = mysql_fetch_assoc(mysql_query("show full columns from `".$bits[0]."` where Field = '".$bits[1]."'")); $col_to_retrieve = "`".$go['REFERENCED_COLUMN_NAME']."`"; $temp = json_decode($comment_field['Comment'],true); //print_r($temp); exit; if(is_array($temp)) { $col_to_retrieve = $temp['ref_table_label']; if(isset($temp['ref_table_pk']) && trim($temp['ref_table_pk']) != "") { $pk = $temp['ref_table_pk']; } if(isset($temp['constraint']) && $temp['constraint'] != "") { $where_clause .= str_replace("{user_id}", $user_id, $temp['constraint']); } } if(substr(trim($where_clause),strlen(trim($where_clause))-3) == "and") { $where_clause = substr(trim($where_clause),0,-3); } //Access Table and Get Values $values = $this->get_records("`".$go['REFERENCED_TABLE_NAME']."`",array($col_to_retrieve,"`".(isset($pk) ? $pk : trim($field_info['Field']))."`","`".$go['REFERENCED_COLUMN_NAME']."`"),$where_clause); foreach($values as $item) { //if($bits[1] == "step") { print_r($item); exit; } if(isset($default_value) && $default_value != "" && $default_value == $item[$go['REFERENCED_COLUMN_NAME']]) { $html .= '<option value="'.$item[$go['REFERENCED_COLUMN_NAME']].'" selected="selected">'.($col_to_retrieve == "`".$go['REFERENCED_COLUMN_NAME']."`" ? (isset($pk) ? $pk : trim($item[$field_info['Field']])) : $item[$col_to_retrieve]).'</option>'; } else { $html .= '<option value="'.$item[$go['REFERENCED_COLUMN_NAME']].'">'.($col_to_retrieve == "`".$go['REFERENCED_COLUMN_NAME']."`" ? (isset($pk) ? $pk : trim($item[$field_info['Field']])) : $item[$col_to_retrieve]).'</option>'; } } } $html .= '</select>'; } else { //Other Types if(substr($field_info['Type'],0,3) == "int" || substr($field_info['Type'],0,6) == "double") { $html = '<input type="number" placeholder="Please Enter Value" class="form-control" '.(isset($default_value) && $default_value != '' ? 'value="'.$default_value.'"' : '').' name="'.sha1($field_name).'" '.($required == "true" ? "required" : "").' min="0" />'; } if(substr($field_info['Type'],0,7) == "varchar") { if(substr($field_info['Field'], 0,5) == "file_"){ $html ='<input name="'.sha1($field_name).'" type="file" />'; } else{ $html = '<input type="text" placeholder="Please Enter Value" class="form-control" '.(isset($default_value) && $default_value != '' ? 'value="'.$default_value.'"' : '').' name="'.sha1($field_name).'" '.($required == "true" ? "required" : "").' />'; } } if(substr($field_info['Type'],0,4) == "enum") { $options = str_replace("(","",substr($field_info['Type'],4)); $options = str_replace(")","",$options); $options = explode(",",str_replace("'","",$options)); $html = '<select id="select2" class="form-control" style="width: 100%" name="'.sha1($field_name).'" data-placeholder="Please Select . . ." '.($required == 'true' ? 'required' : '').' '.($required == "true" ? "required" : "").'><option value=""> </option>'; //Access Table and Get Values foreach($options as $item) { if(isset($default_value) && $default_value != '' && $default_value == $item) { $html .= '<option value="'.$item.'" selected="selected">'.ucfirst(strtolower($item)).'</option>'; } else { $html .= '<option value="'.$item.'">'.ucfirst(strtolower($item)).'</option>'; } } $html .= '</select>'; } if(substr($field_info['Type'],0,4) == "date") { $html = '<input type="date" class="form-control" '.(isset($default_value) && $default_value != '' ? 'value="'.$default_value.'"' : '').' placeholder="Please Select Date" name="'.sha1($field_name).'" '.($required == "true" ? "required" : "").'>'; } if(substr($field_info['Type'],0,4) == "text") { $html = '<textarea class="form-control editor" placeholder="Please enter information" name="'.sha1($field_name).'" '.($required == "true" ? "required" : "").'>'.(isset($default_value) && $default_value != '' ? $default_value : '').'</textarea>'; } } break; } } while ($field_info = mysql_fetch_assoc($field_descriptions)); return $html; } else { return mysql_error(); } } function format_data($table, $field, $data) { $this->error_msg = ""; $formatted_value = ""; $theValue = ""; $query = mysql_query("SHOW FULL COLUMNS FROM ".$table); if($query) { //Fields $fields = mysql_fetch_assoc($query); do { if($fields['Field'] == $field) { $theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($data) : mysql_escape_string($data); switch ($fields['Type']) { case "text": $formatted_value = ($theValue != "") ? $theValue : "NULL"; $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL"; break; case "long": case "int": $formatted_value = ($theValue != "") ? intval($theValue) : "NULL"; $theValue = ($theValue != "") ? intval($theValue) : "NULL"; break; case "double": $formatted_value = ($theValue != "") ? doubleval($theValue) : "NULL"; $theValue = ($theValue != "") ? doubleval($theValue) : "NULL"; break; case "date": $formatted_value = ($theValue != "") ? date("Y-m-d", strtotime($theValue)) : "NULL"; $theValue = ($theValue != "") ? "'" . date("Y-m-d", strtotime($theValue)) . "'" : "NULL"; break; case "datetime": $formatted_value = ($theValue != "") ? date("Y-m-d H:i:s", strtotime($theValue)) : "NULL"; $theValue = ($theValue != "") ? "'" . date("Y-m-d H:i:s", strtotime($theValue)) . "'" : "NULL"; break; case "time": $formatted_value = ($theValue != "") ? date("H:i:s", strtotime($theValue)) : "NULL"; $theValue = ($theValue != "") ? "'" . date("H:i:s", strtotime($theValue)) . "'" : "NULL"; break; default: $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL"; $formatted_value = ($theValue != "") ? $theValue : "NULL"; break; } } } while ($fields = mysql_fetch_assoc($query)); } return $theValue; } function retrieve_fields($table,$form_title,$form_desc,$navigate='') { $this->table_name = $table; $response = array("form_title"=>$form_title,"form_desc"=>$form_desc,"form_fields"=>array()); $query = mysql_query("SHOW FULL COLUMNS FROM `".$table."`"); if($query) { //Fields $fields = mysql_fetch_assoc($query); do { if(trim($fields['Comment']) != "") { $label = $fields['Comment']; $temp = json_decode($label,true); if(is_array($temp)) { $label = $temp['label']; } $response['form_fields'][] = array("field"=>$table.".".$fields['Field'],"label"=>trim($label)); } } while ($fields = mysql_fetch_assoc($query)); } //array("field"=>"vehicle.country","foreign_table_keys"=>array("id","country"),"extras"=>"where _status='1'","label"=>"Select Origin Country:") return $response; } function message_log($user_id, $start='', $end='') { $sent_in = $this->get_records("bios_message",array("id as message_id", "concat('user-',sender_id) as message_source", "sender_id as who_posted", "log_date as `date`","category","channel","recipient","message"),"where sender_id = '".$user_id."' ".($start != "" ? " and log_date > '".$start."'" : "").($end != "" ? " and log_date <= '".$end."'" : "")."order by log_date desc"); $sent_out = $this->get_records("bios_response",array("id as message_id", "concat('bfl-',who_posted) as message_source", "who_posted", "log_date as `date`","channel","recipient","message"),"where recipient_id = '".$user_id."'".($start != "" ? " and log_date > '".$start."'" : "").($end != "" ? " and log_date <= '".$end."'" : "")." order by log_date desc"); $merged = array_merge($sent_in, $sent_out); for($i=0;$i<sizeof($merged);$i++) { if(trim($merged[$i]['message_id']) == "" || $merged[$i]['message_id'] === null) { $merged[$i] = null; unset($merged[$i]); } } return $this->array_sort($merged,'date'); } function array_sort($array, $on, $order=SORT_ASC) { $new_array = array(); $sortable_array = array(); if (count($array) > 0) { foreach ($array as $k => $v) { if (is_array($v)) { foreach ($v as $k2 => $v2) { if ($k2 == $on) { $sortable_array[$k] = $v2; } } } else { $sortable_array[$k] = $v; } } switch ($order) { case SORT_ASC: asort($sortable_array); break; case SORT_DESC: arsort($sortable_array); break; } foreach ($sortable_array as $k => $v) { $new_array[$k] = $array[$k]; } } return $new_array; } function sendRequest($query) { $curl = curl_init(); # Create Curl Object curl_setopt($curl, CURLOPT_SSL_VERIFYPEER,0); # Allow self-signed certs curl_setopt($curl, CURLOPT_SSL_VERIFYHOST,0); # Allow certs that do not match the hostname curl_setopt($curl, CURLOPT_HEADER,0); # Do not include header in output curl_setopt($curl, CURLOPT_RETURNTRANSFER,1); # set the username and password curl_setopt($curl, CURLOPT_URL, $query); # execute the query $result = curl_exec($curl); if ($result == false) { error_log("curl_exec threw error \"" . curl_error($curl) . "\" for $query"); return ""; #log error if curl exec fails } curl_close($curl); return $result; } function post($json, $url) { $options = array ( CURLOPT_URL => $url, CURLOPT_HTTPHEADER => array("Content-Type: application/json"), CURLOPT_POST => 1, CURLOPT_POSTFIELDS => $json, CURLOPT_SSL_VERIFYPEER => false, CURLOPT_RETURNTRANSFER => 1 ); $curl = curl_init(); curl_setopt_array($curl, $options); $response = curl_exec($curl); if(!$response) { $response = curl_error($curl); } curl_close($curl); return $response; } function random_password() { $chars = "abcdefghijkmnopqrstuvwxyz023456789"; srand((double)microtime()*1000000); $i = 0; $pass = '' ; while ($i <= 7) { $num = rand() % 33; $tmp = substr($chars, $num, 1); $pass = $pass . $tmp; $i++; } return $pass; } function post_to_user($message, $user_id, $who_posted, $quick_replies=array(),$file="") { $response_json = array("recipient"=>array("id"=>$user_id),"message"=>array("text"=>$message)); if(isset($quick_replies) && sizeof($quick_replies)> 0) { $response_json['message']['quick_replies'] = array(); foreach($quick_replies as $reply) { $response_json['message']['quick_replies'][] = $reply; } //@mail("jkaizzi@gmail.com","BIOS Error",json_encode($response_json)); } $post_feedback = json_decode($this->post(json_encode($response_json),"https://graph.facebook.com/me/messages?access_token=".$this->page_token),true); if(!isset($post_feedback['recipient_id'])) { //Error @mail("jkaizzi@gmail.com","BIOS Error",json_encode($post_feedback)." Original Message: ".json_encode($response_json)); return false; } else { $rid = mysql_fetch_assoc(mysql_query("select id from bios_user where page_user_id = '".$user_id."'")); //Log Response $a = mysql_query("insert into bios_response (recipient_id, recipient, channel, message, who_posted, log_date) values ('".$rid['id']."', '".mysql_real_escape_string($post_feedback['recipient_id'])."', 'fb_bot', '".mysql_real_escape_string($message)."', '".$who_posted."', '".date("Y-m-d H:i:s")."')"); if(!$a) { @mail("jkaizzi@gmail.com","BIOS Error",mysql_error()); } else { //File Attachment if(trim($file) != "" && file_exists("./".$file)) { $response_json = array("recipient"=>array("id"=>$user_id),"message"=>array("attachment"=>array("type"=>"file","payload"=>array("url"=>"https://www.barefootlaw.org/bios2/".$file)))); $post_feedback = json_decode($this->post(json_encode($response_json),"https://graph.facebook.com/me/messages?access_token=".$this->page_token),true); if(!isset($post_feedback['recipient_id'])) { @mail("jkaizzi@gmail.com","BIOS Error",json_encode($post_feedback)." Original Message: ".json_encode($response_json)); } } else { @mail("jkaizzi@gmail.com","BIOS Error",$file." not present in ".getcwd()); } } return true; } } function send_email($recipient_name, $recipient_address, $email_subject, $email_content, $cc='') { require_once("mail/class.phpmailer.php"); $mail = new PHPMailer(); $mail->IsMail(); //$mail->IsSMTP(); // enable SMTP $mail->SMTPDebug = 0; // debugging: 1 = errors and messages, 2 = messages only /*$mail->SMTPAuth = true; // authentication enabled $mail->SMTPSecure = "SSL"; $mail->Host = 'smtp.gmail.com'; //$mail->Host = '154.72.197.91'; $mail->Port = '465'; $mail->Username = 'ask@barefootlaw.org'; $mail->Password = 'bfl2012ask@22';*/ //Headers $mail->From = "bios@barefootlaw.org"; $mail->FromName = 'BarefootLaw BIOS'; $mail->AddAddress($recipient_address,$recipient_name); $mail->Subject = $email_subject; $mail->Body = $email_content; if($cc != "") { $mail->AddCC('',$cc); } $mail->IsHTML(true); $mail->AddAddress($recipient_address, $recipient_name); $mail->Send(); } } ?>