/cake/app_controller.php
PHP | 772 lines | 541 code | 135 blank | 96 comment | 81 complexity | fe48a5b19afcac01bc514ccf4d5bb74f MD5 | raw file
Possible License(s): LGPL-2.1, AGPL-1.0
- <?php
- /* SVN FILE: $Id: app_controller.php 4409 2007-02-02 13:20:59Z phpnut $ */
- /**
- * Short description for file.
- *
- * This file is application-wide controller file. You can put all
- * application-wide controller-related methods here.
- *
- * PHP versions 4 and 5
- *
- * CakePHP(tm) : Rapid Development Framework <http://www.cakephp.org/>
- * Copyright 2005-2007, Cake Software Foundation, Inc.
- * 1785 E. Sahara Avenue, Suite 490-204
- * Las Vegas, Nevada 89104
- *
- * Licensed under The MIT License
- * Redistributions of files must retain the above copyright notice.
- *
- * @filesource
- * @copyright Copyright 2005-2007, Cake Software Foundation, Inc.
- * @link http://www.cakefoundation.org/projects/info/cakephp CakePHP(tm) Project
- * @package cake
- * @subpackage cake.cake
- * @since CakePHP(tm) v 0.2.9
- * @version $Revision: 4409 $
- * @modifiedby $LastChangedBy: phpnut $
- * @lastmodified $Date: 2007-02-02 07:20:59 -0600 (Fri, 02 Feb 2007) $
- * @license http://www.opensource.org/licenses/mit-license.php The MIT License
- */
- /**
- * This is a placeholder class.
- * Create the same file in app/app_controller.php
- *
- * Add your application-wide methods in the class below, your controllers
- * will inherit them.
- *
- * @package cake
- * @subpackage cake.cake
- */
-
- class AppController extends Controller {
- var $components = array('RequestHandler','Gcheckout','Paypal');
-
- public $profileNameforTitle="";
- public $profileUserIdforQry = '';
- public $PROFILE_USER_ID = '';
- public $PROFILE_THEME = '';
- //the public variables are used for PAYPAL
- //put tha clock of code in
- public $returnUrl="";
- public $cancelUrl="";
- public $notifyUrl="";
- public $amountPay=NULL;
- public $userEmail=NULL;
- public $eventId=NULL;
- public $userId=NULL;
- public $merchantEmail=NULL;
- public $itemName=NULL;
- public $itemNumber=NULL;
- public $itemQuantity=NULL;
- public $invoice=NULL;
- public $custom=NULL;
- public $paypalUrl='https://www.paypal.com/cgi-bin/webscr';
- //public $paypalUrl='https://www.sandbox.paypal.com/cgi-bin/webscr';
- public $ticketPaymentMsg=NULL;
- function paypal() {
- //echo $this->merchantEmail;die();
- if(isset($this->ticketPaymentMsg))
- $this->Paypal->ticketPayment=$this->ticketPaymentMsg;
-
- $this->Paypal->paypal_class();
- $this->Paypal->paypal_url = $this->paypalUrl;
-
-
- $this->Paypal->add_field('business', $this->merchantEmail);
- $this->Paypal->add_field('return', $this->returnUrl);
- //$this->Paypal->add_field('cancel_return', $this->cancelUrl);
- $this->Paypal->add_field('notify_url', $this->notifyUrl);
- $this->Paypal->add_field('item_name', $this->itemName);
- $this->Paypal->add_field('amount', $this->amountPay);
- $this->Paypal->add_field('quantity', $this->itemQuantity);
- $this->Paypal->add_field('custom', $this->custom);
- $this->Paypal->add_field('invoice',$this->invoice);
- $this->Paypal->add_field('cbt','Return to Xoimages.com to complete your purchase');
- $this->Paypal->submit_paypal_post(); // submit the fields to paypal
- }
- //-----
- function transactionMaster($transactionDesc = null,$transactionHead = null,$transactionTitle = null, $invoice = null,$invoiceId = null) {
- mysql_query("
- INSERT INTO
- xouser_transactions(transaction_desc,transaction_head,transaction_title,invoice,invoice_id)
- VALUES('".$transactionDesc."','".$transactionHead."','".$transactionTitle."','".$invoice."','".$invoiceId."')") or die("Error on line ".__LINE__.mysql_error());
-
- return $xouserTransactionId=mysql_insert_id();
- }
-
- //'-1' entry implies that buyer has been charged
- //'+1' entry implies thar he has paid the amount that is charged
- //At the time of commission calculation we will make the charged entry against the user
- function transactionDetail($buyer = null,$amount = null,$DbCr = null,$lastTransactionId = null, $receipient = null,$statusoffee="",$pay_status=0,$paymentstatus="pending") {
-
- mysql_query("INSERT INTO
- xouser_transaction_details(user_id,amount,DrCr,xouser_transaction_id,payment_to,paystatus,statusfee,paymentstatus)
- VALUES('".$buyer."','".$amount."','".$DbCr."','".$lastTransactionId."','".$receipient."','".$pay_status."','".$statusoffee."','".$paymentstatus."')");
-
- }
-
-
- /* this function still not in use now. this you will use from notify_eventcommissionpayment() function of xoevents_controller instead of transactionDetail function call, as to make pending status finished */
-
- function transactionDetailPaid($buyer = null,$amount = null,$DbCr = null,$lastTransactionId = null, $receipient = null,$statusoffee="",$pay_status=0,$paymentstatus="pending") {
-
- /* for changing status to finished from pending */
- $query_check= mysql_query("select * from xouser_transaction_details where user_id='".$buyer."' and payment_to='".$receipient."' and statusfee='transactionfee' and paymentstatus='pending' order by id asc");
- $nuamt = $amount;
- while($result_check = mysql_fetch_array($query_check)) {
- if($result_check['amount'] < $nuamt) {
- //mysql_query("update xouser_transaction_details set paymentstatus='finished' where id='".$result_check['id']."'");
- $nuamt = $nuamt - $result_check['amount'];
- }
- }
- /* end */
-
- mysql_query("INSERT INTO
- xouser_transaction_details(user_id,amount,DrCr,xouser_transaction_id,payment_to,paystatus,statusfee,paymentstatus)
- VALUES('".$buyer."','".$amount."','".$DbCr."','".$lastTransactionId."','".$receipient."','".$pay_status."','".$statusoffee."','".$paymentstatus."')");
-
-
-
- }
- /* end of the function */
-
-
- function checkSession($signin=null) {
- // If the session info hasn't been set...
- if (!$this->Session->check('User')) {
- $this->redirect('/?id=1');
- }
- else {
- ######################################## CHECKING FOR VALIDATE EMAIL ############################
- $validateEmail = "SELECT is_validate FROM users where id='".$_SESSION['UserId']."'";
- $validateEmail_res = mysql_query($validateEmail);
- if($validateEmail_arr = mysql_fetch_array($validateEmail_res)) {
- if($validateEmail_arr['is_validate']=='0') {
- $this->redirect('users/validateemail/'.$signin);
- }
- }
-
- ######################################## CHECKING FOR VALIDATE EMAIL ############################
- }
-
- }
-
- function userProfileLeftPanel($userId=0) {
-
- //echo $userId ;
- ########################################## BELOW CODE IS TO GET THE PROFILE DATA ######
- if(isset($_REQUEST['uid']) && $userId==0)
- $userId=$_REQUEST['uid'];
-
-
-
- if(isset($userId) && base64_decode($userId)>0) {
- $uid = base64_decode($userId);
- ##### Validate the user
- $string = addcslashes($uid,';%_:$&?-+=*[]()��"�`'); // step for stopping sql injection
- $validuser = "Select * from users where id='".$string."'";
- $validuser_res = mysql_query($validuser);
- if(mysql_num_rows($validuser_res) > 0) {
- $user_det_qry = "select user_details.* , users.username , users.user_group_master_id from user_details , users where user_details.user_id = ".$uid." and user_details.user_id = users.id";
- $user_det = mysql_fetch_array(mysql_query($user_det_qry));
- $profileName = ucfirst(stripslashes($user_det['username'])) ;
- $profiletheme = $user_det['theme'] ;
- $profilebackimg = $user_det['theme'] ;
-
- $profileskype = $user_det['skype'] ;
- ################################################ BG IMAGE ###################################################################
- $user_imge = "select * from profile_background where bg_user=".$uid."" ;
- $user_imge_sql = mysql_query($user_imge);
- $res_user_img = mysql_fetch_array($user_imge_sql);
- if($res_user_img['bg_status']=='admin') {
- $profilebackimg = "img/default_profile/".$res_user_img['bg_image_path'] ;
- }
- else {
- if($res_user_img['bg_status']=='upload') {
- $profilebackimg = "img/default_profile/".$res_user_img['bg_image_path'] ;
- }
- else {
- if($res_user_img['bg_status']=='url') {
- $profilebackimg = $res_user_img['bg_image_path'];
- }
- }
- }
- #####################################################################################
- $this->profileNameforTitle = $profileName ;
- $this->profileUserIdforQry = $uid ;
- $this->set('user_detail',$user_det);
- ############################### SCHOOL NAME #########################
- $this->set('profileskype',$profileskype);
-
-
-
-
- $this->set('profileName',$profileName);
- $this->set('profileuserid',$uid);
-
- if($profiletheme=='')
- $profiletheme='blue';
-
-
- $this->set('profileusertheme',$profiletheme);
- $this->set('profilebackgroundImg',$profilebackimg);
- $this->PROFILE_THEME = $profiletheme;
- $this->PROFILE_USER_ID=$uid;
- $this->generateMusicList($this->profileUserIdforQry);
-
-
-
- if(isset($_SESSION['UserId']) && $_SESSION['UserId']!=$this->profileUserIdforQry) {
- ####### CHECK FOR FRIEND STATUS ###########
- $friendstatus = "select * from user_friends where user_id='".$_SESSION['UserId']."' and friend_id='".$this->profileUserIdforQry."'";
- $friendstatus_res = mysql_query($friendstatus);
- $this->set('friendNum',mysql_num_rows($friendstatus_res));
- ################################################
-
- ####### CHECK FOR FAVORITE STATUS ###########
- $friendstatus = "select * from user_favorite_friends where user_id='".$_SESSION['UserId']."' and favorite_user_id='".$this->profileUserIdforQry."'";
- $friendstatus_res = mysql_query($friendstatus);
- $this->set('friendRequestNum',mysql_num_rows($friendstatus_res));
- ################################################
- }
-
- ############LOCATION INFO #####
- $locationstr = "select IFNULL(countries.country_name,'not set') as country ,IFNULL(state.Name,'not set') as state ,IFNULL(city_master.city_name,'not set') as city from user_details
-
- LEFT JOIN countries ON user_details.c_id=countries.id
- LEFT JOIN state ON user_details.state=state.id
- LEFT JOIN city_master ON user_details.city=city_master.city_id
- where user_details.user_id='".$this->profileUserIdforQry."'";
- $locationstr_res =mysql_query($locationstr);
- $locationstr_arr = mysql_fetch_array($locationstr_res);
- $this->set('countryName',$locationstr_arr['country']);
- $this->set('stateName',$locationstr_arr['state']);
- $this->set('cityName',$locationstr_arr['city']);
- ################################
-
-
-
- }
- else
- $this->redirect('/?id=1&access=denied');
- }
-
- if(isset($_SESSION['UserId'])) {
- $myphotolink = $this->webroot.'user_albums/viewphoto?id='.time().'&uid='.base64_encode($_SESSION['UserId']).'&sessid='.base64_encode(1).'&act=edit';
- $myfriendlink = $this->webroot.'users/myfriend_top?id='.time().'&uid='.base64_encode($_SESSION['UserId']).'&sessid='.base64_encode(1).'&act=edit';
-
- $myinboxlink = $this->webroot.'emails/inbox?id='.time().'&uid='.base64_encode($_SESSION['UserId']).'&sessid='.base64_encode(1).'&act=edit';
-
- $mycalendarlink = $this->webroot.'calendars/today?id='.time().'&uid='.base64_encode($_SESSION['UserId']).'&sessid='.base64_encode(1).'&act=edit';
-
- $myfavlink = $this->webroot.'user_friends/myfavFriends?id='.time().'&uid='.base64_encode($_SESSION['UserId']).'&sessid='.base64_encode(1).'&act=edit';
-
- $mycustomprofile = $this->webroot.'users/editskin?uid='.base64_encode($_SESSION['UserId']);
-
- $managewebsite = $this->webroot.'users/managewebsite?uid='.base64_encode($_SESSION['UserId']);
-
- $this->set('myphotolink',$myphotolink);
- $this->set('myfriendlink',$myfriendlink);
- $this->set('myinboxlink',$myinboxlink);
- $this->set('mycalendarlink',$mycalendarlink);
- $this->set('myfavlink',$myfavlink);
- $this->set('editskin',$mycustomprofile);
- $this->set('managewebsite',$managewebsite);
-
- #### Unread Mail
- $mail = mysql_query("select * from emails where user_id=".$_SESSION['UserId']." and inbox_status='unread'");
- if($mail) {
- $mailQry = mysql_num_rows($mail);
- }
- $this->set('Noofunread',$mailQry);
- ###
-
-
- }
-
- }
-
- function checkSessionForPreview() {
- if (!$this->Session->check('User'))
- return true;
- else
- return false;
- }
-
- function generateMusicList($profileuserid) {
- $musicSQL = "Select music_path,music_title from musics where user_id='".$profileuserid."'";
- $musicSQL_res = mysql_query($musicSQL);
- if(mysql_num_rows($musicSQL_res) >0) {
- $mp3list = '';
- $mp3title ='';
- $confiG='';
- while($musicSQL_arr = mysql_fetch_array($musicSQL_res)) {
- if($musicSQL_arr['music_path']!='')
- $mp3list .= $this->webroot.'user_music/'.$musicSQL_arr['music_path'].'|';
-
- if($musicSQL_arr['music_title']!='')
- $mp3title .= $musicSQL_arr['music_title'].'|';
- else
- $mp3title .= 'xoimages music'.'|';
-
- }
- if($this->PROFILE_THEME=='green')
- $confiG='mp3= '.substr($mp3list,0,(strlen($mp3list)-1)).'&title= '.substr($mp3title,0,(strlen($mp3title)-1)).'^^'.'&width=140&height=150&bgcolor=63A41D&bgcolor1=AEB873&bgcolor2=72CC11&buttoncolor=325E04&buttonovercolor=A3FF02&slidercolor1=3B670D&slidercolor2=cccccc&sliderovercolor=f9bf37&textcolor=2C5006&playlistcolor=848181&currentmp3color=AEFF00&scrollbarcolor=69B135&scrollbarovercolor=f9bf37&showvolume=1';
- if($this->PROFILE_THEME=='black')
- $confiG='mp3= '.substr($mp3list,0,(strlen($mp3list)-1)).'&title= '.substr($mp3title,0,(strlen($mp3title)-1)).'^^'.'&width=140&height=150&bgcolor=000000&bgcolor1=484848&bgcolor2=000000&buttoncolor=dddddd&buttonovercolor=f9bf37&slidercolor1=dddddd&slidercolor2=cccccc&sliderovercolor=f9bf37&textcolor=dddddd&playlistcolor=848181&currentmp3color=f9bf37&scrollbarcolor=cccccc&scrollbarovercolor=f9bf37&showvolume=1';
- if($this->PROFILE_THEME=='yellow')
- $confiG='mp3= '.substr($mp3list,0,(strlen($mp3list)-1)).'&title= '.substr($mp3title,0,(strlen($mp3title)-1)).'^^'.'&width=140&height=150&bgcolor=FFCE58&bgcolor1=FFDC83&bgcolor2=D4A22C&buttoncolor=987D2A&buttonovercolor=FF8A00&slidercolor1=FFDC83&slidercolor2=DDA52B&sliderovercolor=f9bf37&textcolor=685312&playlistcolor=B1903C&currentmp3color=FFE7A9&scrollbarcolor=69B135&scrollbarovercolor=f9bf37&showvolume=1';
- if($this->PROFILE_THEME=='blue')
- $confiG='mp3= '.substr($mp3list,0,(strlen($mp3list)-1)).'&title= '.substr($mp3title,0,(strlen($mp3title)-1)).'^^'.'&width=140&height=150&bgcolor=4094CF&bgcolor1=BEE4FF&bgcolor2=4094CF&buttoncolor=537993&buttonovercolor=09D4FF&slidercolor1=FFDC83&slidercolor2=DDA52B&sliderovercolor=f9bf37&textcolor=134264&playlistcolor=3F6F91&currentmp3color=D8EFFF&scrollbarcolor=69B135&scrollbarovercolor=f9bf37&showvolume=1';
- if($this->PROFILE_THEME=='red')
- $confiG='mp3= '.substr($mp3list,0,(strlen($mp3list)-1)).'&title= '.substr($mp3title,0,(strlen($mp3title)-1)).'^^'.'&width=140&height=150&bgcolor=EF7E34&bgcolor1=F5B245&bgcolor2=EF7E34&buttoncolor=8C5F30&buttonovercolor=FEE11B&slidercolor1=FFDC83&slidercolor2=DDA52B&sliderovercolor=f9bf37&textcolor=7E4819&playlistcolor=BB7C53&currentmp3color=FFD053&scrollbarcolor=69B135&scrollbarovercolor=f9bf37&showvolume=1';
-
- $this->set("confiG",$confiG);
- $this->set("musicnum",mysql_num_rows($musicSQL_res));
-
- }
-
-
- }
-
- function getMyComments($profile_user_comment) {
- $this->set("test",1);
- $queryUserComments=mysql_query("
- SELECT UC.comment,UC.dt_time,U.username,USR.user_profile_img
- FROM user_comments UC
- LEFT JOIN user_details USR ON(UC.friend_id=USR.user_id)
- LEFT JOIN users U ON(UC.friend_id=U.id)
- WHERE UC.user_id='".$profile_user_comment."'
- ") or die("Error on line ".__LINE__.mysql_error());
-
- $this->set("queryUserComments",$queryUserComments);
- }
-
- function previewFeePayment($data) {
- $query="
- SELECT *
- FROM xoevent_user_list
- WHERE xoevent_id='".$data['Event']['headerEventId']."' AND user_id='".$_SESSION['UserId']."' AND pflag='1'";
- $qtemp=mysql_query($query) or die(mysql_error()." on 514");
- if(mysql_num_rows($qtemp)>0) {
- $this->redirect("xoevents/eventlist?id=".$data['Event']['headerEventId']."&uid=".base64_encode($_SESSION['UserId']));
- exit;
- }
- else {
- $q1="SELECT id,photo_preview_list_id FROM xoevents WHERE id=".$data['Event']['headerEventId'];
- $rsEvent=mysql_query($q1);
- $rowEvent=mysql_fetch_assoc($rsEvent);
- if($rowEvent['photo_preview_list_id']) {
- $q2="SELECT preview_fee FROM photo_preview_list WHERE id=".$rowEvent['photo_preview_list_id'];
- $rsPrev=mysql_query($q2);
- if(mysql_num_rows($rsPrev)>0) {
- $rowPreview=mysql_fetch_assoc($rsPrev);
- $this->set("previewFee",$rowPreview['preview_fee']);
- $this->set("paymentMethods",$this->getPaymentMethodsEvent($data['Event']['headerEventId']));
- }
-
- $this->set("payment",1);
- $this->set("restricted",0);
- $this->set("wintype","pay");
- $this->set("returnController",1);
- }
- else {
- $this->redirect("xoevents/eventlist?id=".$data['Event']['headerEventId']."&uid=".base64_encode($_SESSION['UserId']));
- exit;
- }
- }
- }
-
- //this is the payment setup fetch against each events
- function getPaymentMethodsEvent($eventId) {
- $qPay=mysql_query("
- SELECT P.paypal_email,P.gcheckout_email
- FROM user_payment_setup P,xoevents E
- WHERE P.user_id=E.user_id AND E.id=".$eventId) or die(mysql_error());
- $rowPayment=mysql_fetch_assoc($qPay);
- return $rowPayment;
- }
-
- //this is the payment method set against each ticket
- function getPaymentMethodTicket($eventId) {
- $qPay=mysql_query("
- SELECT P.paypal_email,P.gcheckout_email
- FROM user_payment_setup P,tickets T
- WHERE P.user_id=T.user_id AND T.id=".$eventId) or die(mysql_error());
- $rowPayment=mysql_fetch_assoc($qPay);
- return $rowPayment;
- }
-
-
- //this function check whether to show the tooltip or not for the left panel of the photographer and organisations
- //control panel
- function checktooltip() {
- //Check whether to show tooltip or not
- if(isset($_SESSION['UserId'])) {
- $chkTooltip=mysql_query("SELECT id,tooltip FROM user_tooltip WHERE user_id='".$_SESSION['UserId']."'");
- $toolTip=0;
- if(mysql_num_rows($chkTooltip)>0) {
- $rwTooltip=mysql_fetch_assoc($chkTooltip);
- if($rwTooltip['tooltip']==1)
- $toolTip=1;
- }
-
- $this->Session->write("toolTipSes",$toolTip);
- }
-
- }
-
- function userLogin($userName,$password) {
- $someone = $this->User->findByUsername($userName);//"http://adserver:8088/xoimage-115-07/Nnew/"
- if(!empty($someone['User']['password']) && $someone['User']['password'] == $password && $someone['User']['user_status']==1) {
- mysql_query("DELETE FROM xoevent_cart WHERE xoevent_pay_status='0' AND user_id='".$someone['User']['id']."' AND xoevent_sessionid!='".session_id()."'") or die(mysql_error());
- $this->Session->write('User', $someone['User']['username']);
- $this->Session->write('UserId', $someone['User']['id']);
- $this->Session->write('GrpId', $someone['User']['user_group_master_id']);
-
- $this->checktooltip();
- return $someone;
- }
- else {
- return false;
- }
- }
-
- function Login($data) {
- $eventId=$data['Event']['headerEventId'];
- $this->set("eventId",$eventId);
- $data['Event']['username']=trim($data['Event']['headerLoginName']);
- $data['Event']['password']=base64_encode(trim($data['Event']['headerLoginPass']));
-
-
- $someone=$this->userLogin($data['Event']['username'],$data['Event']['password']);
- if($someone) {
- //This section is for the project section NOTHING TO DO WITH EVENT SECTION
- if($data['Event']['headerFav']=="EVENTACT") {
- $this->redirect("calendars/editevent?id=".time()."&uid=&sessid=".base64_encode(1)."&evid=".base64_encode($eventId));
- exit;
- }
-
- if($data['Event']['headerFav']=="ACTIVITY") {
- $this->redirect("calendars/showactivity?id=".time()."&uid=&sessid=".base64_encode(1)."&evid=".base64_encode($eventId));
- exit;
- }
-
- if($data['Event']['headerFav']=="PROJECT") {
- if($someone['User']['user_group_master_id']==1) {
- return "NOT AUTH";
- exit;
- }
- else {
- $this->redirect("organization_projects/project_detail?id=".base64_encode($eventId)."=&uid=".base64_encode($someone['User']['id'])."&sessid=MQ==&project=uij4");
- exit;
- }
- }
-
- ################### ORGANISATION WEBPAGE Calender event and activity
- if($data['Event']['headerFav']=="Calevent" || $data['Event']['headerFav']=="Calactivity") {
- if($data['Event']['headerFav']=="Calevent")
- $this->redirect("calendars/editevent?id=".time()."&uid=&sessid=MQ==&evid=".base64_encode($eventId));
- if($data['Event']['headerFav']=="Calactivity")
- $this->redirect("calendars/showactivity?id=".time()."&uid=&sessid=MQ==&evid=".base64_encode($eventId));
- exit;
-
- }
- ################### ORGANISATION WEBPAGE Calender event and activity
- if($data['Event']['headerFav']!="FAV") {
- $q1=mysql_query("SELECT access_password,photo_preview_list_id FROM xoevents WHERE id=".$data['Event']['headerEventId']);
- if(mysql_num_rows($q1)>0) {
- $row=mysql_fetch_assoc($q1);
- if($row['access_password']=="") {
- $eventUserList=0;
- if(isset($row['photo_preview_list_id']) && $row['photo_preview_list_id']!=0) {
- $query="SELECT * FROM xoevent_user_list WHERE xoevent_id=".$data['Event']['headerEventId']." AND user_id=".$someone['User']['id'];
- $qtemp=mysql_query($query) or die(mysql_error()." on 300");
- if(mysql_num_rows($qtemp)>0)
- $eventUserList=1;
- }
- else
- $eventUserList=1;
-
- if(isset($eventUserList) && $eventUserList==1) {
- $this->redirect("xoevents/eventlist?id=".$data['Event']['headerEventId']."&uid=".base64_encode($someone['User']['id']));
- exit;
- }
- }
-
- }
-
- }
- else {
- $wintype="DONT";
- return $wintype;
- }
- }
- else {
- $this->set("wrongPwd","Please provide a valid username and password.");
- $wintype="pwd";
- $this->set("returnController",1);
- return $wintype;
- }
- }
-
- function winType($eventId) {
- //print "From function winType - ".$eventId;
- $this->set("restricted",0);
- $this->set("payment",0);
- $this->set("previewFee",0);
- $this->set("accessDenied",0);
- $this->set("eventId",$eventId);
- $q1=mysql_query("SELECT access_password FROM xoevents WHERE id='".$eventId."'");
- if(mysql_num_rows($q1)>0) {
- $row=mysql_fetch_assoc($q1);
- if($row['access_password']!="" || $row['access_password']!=0) {
- $this->set("wintype","pevt");
- $this->set("restricted",1);
- $this->set("returnController",1);
- }
- else {
-
- if(isset($_SESSION['UserId'])) {
- $this->set("paymentMethods",$this->getPaymentMethodsEvent($eventId));
- }
-
- $this->set("payment",1);
- $this->set("restricted",0);
- $this->set("wintype","pay");
- $this->set("returnController",1);
- }
- }
-
- //print "from wintype".$eventId;
-
- }
-
- function paymentWindow($data) {
- //print "from payment window";
- $payment=0;
- if(isset($data['Event']['password1'])) {
- //print "From payment function";
- $this->set("eventId",$data['Event']['headerEventId']);
- $q1="
- SELECT id,photo_preview_list_id
- FROM xoevents
- WHERE access_password='".base64_encode(strtoupper($data['Event']['password1']))."' AND id=".$data['Event']['headerEventId'];
- $rsEvent=mysql_query($q1) or die("Error on line :".__LINE__.mysql_error());
- if(mysql_num_rows($rsEvent)>0) {
- $payment=1;
- $this->previewFeePayment($data);
- }
- else {
- $this->set("wrongPwd","Event password provided does not match.");
- $this->set("wintype","pevt");
- $this->set("returnController",1);
- }
- }
-
- //
- // if(isset($_SESSION['UserId']) && $payment==0)
- // {
- // $this->previewFeePayment($data);
- // $this->set("paymentMethods",$this->getPaymentMethods($data['Event']['headerEventId']));
- // }
- }
-
- function notautho() {
- $userName="testorganisation";
- $queryUsers=mysql_query("SELECT UDTL.user_id userId,U.user_group_master_id GrpId FROM users U,user_details UDTL WHERE U.id=UDTL.user_id AND U.username='".$userName."'") or die(" Error on line ".__LINE__.mysql_error());
- $fetchUsers=mysql_fetch_array($queryUsers);
- $this->pageTitle = ucfirst($userName) .' Projects';
- $this->Websitetemplateinfo($fetchUsers['userId']);
- $this->layout=$this->filelayoutName;
- $this->set('profileviewUid',$fetchUsers['userId']);
- $this->set('profileviewUgrpId',$fetchUsers['GrpId']);
- }
-
- //This function can be removesd when all the testing completes
- //we can use getConfigAmount instead of this function
- function getFeaturedAmount($configName) {
-
- $queryAdminPaymentConfig=mysql_query("SELECT config_value FROM admin_payment_config WHERE config_name='".$configName."'") or die("Error on line :".__LINE__.mysql_error());
- $fetchAdminPaymentConfig=mysql_fetch_assoc($queryAdminPaymentConfig);
-
- return $fetchAdminPaymentConfig;
- }
-
- function getConfigAmount($config) {
- $queryAdminPaymentConfig=mysql_query("SELECT config_value FROM admin_payment_config WHERE config_name='".$config."'") or die("Error on line : ".__LINE__.mysql_error());
- $fetchAdminPaymentConfig=mysql_fetch_assoc($queryAdminPaymentConfig);
- return $fetchAdminPaymentConfig;
- }
-
- function getPaymentMethods($userId) {
- /*$queryAdminPaymentSetup=mysql_query("SELECT paypal_email,gcheckout_email FROM admin_payment_setup WHERE admin_id='".$userId."'") or die("Error on line :".__LINE__.mysql_error());*/
- $queryAdminPaymentSetup=mysql_query("SELECT paypal_email FROM admin_payment_setup WHERE admin_id='".$userId."'") or die("Error on line :".__LINE__.mysql_error());
- $fetchAdminPaymentSetup=mysql_fetch_assoc($queryAdminPaymentSetup);
- return $fetchAdminPaymentSetup;
- }
-
- function getPaymentMethodsUsers($userId) {
- $fetchAdminPaymentSetup=array();
- $queryAdminPaymentSetup=mysql_query("SELECT paypal_email,gcheckout_email FROM user_payment_setup WHERE user_id='".$userId."'") or die("Error on line :".__LINE__.mysql_error());
-
- if(mysql_num_rows($queryAdminPaymentSetup)>0)
- $fetchAdminPaymentSetup=mysql_fetch_assoc($queryAdminPaymentSetup);
-
- return $fetchAdminPaymentSetup;
-
- }
-
- function parseXmlArray($xmlData) {
- $data = $xmlData;
- $xml_parser = xml_parser_create();
- xml_parse_into_struct($xml_parser, $data, $vals, $index);
- xml_parser_free($xml_parser);
-
- $params = array();
- $level = array();
- foreach ($vals as $xml_elem) {
- if ($xml_elem['type'] == 'open') {
- if (array_key_exists('attributes',$xml_elem)) {
- list($level[$xml_elem['level']],$extra) = array_values($xml_elem['attributes']);
- }
- else {
- $level[$xml_elem['level']] = $xml_elem['tag'];
- }
- }
-
- if ($xml_elem['type'] == 'complete') {
- $start_level = 1;
- $php_stmt = '$params';
- while($start_level < $xml_elem['level']) {
- $php_stmt .= '[$level['.$start_level.']]';
- $start_level++;
- }
- $php_stmt .= '[$xml_elem[\'tag\']] = $xml_elem[\'value\'];';
- eval($php_stmt);
- }
- }
-
- return $params;
- }
-
- function getCityList($stateId) {
- $cityList=array();
- $cityList['0']="Select a city";
- $qryCityMaster = mysql_query("SELECT * FROM city_master WHERE state_id='".$stateId."' order by city_name ");
- while($fetchCityMaster = mysql_fetch_array($qryCityMaster)) {
- $cityList[$fetchCityMaster['city_id']]=preg_replace('/[^0-9a-z ]+/i', '', $fetchCityMaster['city_name']);
-
- }
-
- return $cityList;
- }
-
- function getStateList($countryId) {
- $stateSList=array();
- $stateSList['0']="Select a state";
- $qry3 = mysql_query("SELECT * FROM state WHERE c_id='".$countryId."' order by Name");
- while($state = mysql_fetch_array($qry3)) {
-
- $stateSList[$state['id']]=preg_replace('/[^0-9a-z ]+/i', '', $state['Name']);
-
-
- }
-
- return $stateSList;
- }
-
- function getCountryList() {
- $coutryList=array();
- $countryList['0']="Select Country";
- $qry = mysql_query("SELECT * FROM countries");
- while($country = mysql_fetch_array($qry)) {
-
- $countryList[$country['id']]=preg_replace('/[^0-9a-z ]+/i', '', $country['country_name']);
- }
-
- return $countryList;
- }
-
- function getUserDetails($userId) {
- $qry2=mysql_query("SELECT UD.*,U.* FROM user_details UD,users U WHERE UD.user_id=U.id AND U.id='".$userId."'");
- $rowQry=mysql_fetch_assoc($qry2);
-
- return $rowQry;
- }
-
- function getSiteownerDetails() {
- $qry2=mysql_query("SELECT U.* FROM admins U WHERE U.role_id='1'");
- $rowQry=mysql_fetch_assoc($qry2);
- return $rowQry;
- }
-
- function getStateMaster($stateId) {
- $queryStateMaster=mysql_query("SELECT Name FROM state WHERE id='".$stateId."' order by Name") or die(mysql_error());
- $fetchStateMaster=mysql_fetch_assoc($queryStateMaster);
-
- return $fetchStateMaster;
- }
-
- function getCityMaster($cityId) {
- $queryCityMaster=mysql_query("SELECT city_name FROM city_master WHERE city_id='".$cityId."' order by city_name") or die(mysql_error());
- $fetchCityMaster=mysql_fetch_assoc($queryCityMaster);
- return $fetchCityMaster;
- }
-
- function senderMail($sender=null,$receiver=null,$subject=null,$body=null) {
- $mailQry = "
- INSERT INTO sent_mails(user_id, reciever_id, email_subject, email_body)
- VALUES(".$sender.", ".$receiver.", '".$subject."', '".addslashes($body)."')";
- $sentMailUpdate = mysql_query($mailQry) or die("1 - ".mysql_error());
- }
-
- function receiverMail($receiver=null,$sender=null,$subject=null,$body=null) {
- $eMailQry = "
- INSERT INTO
- emails(user_id, email_creater, email_subject, email_body)
- VALUES(".$receiver.", ".$sender.", '".$subject."', '".addslashes($body)."')";
- $inboxUpdate = mysql_query($eMailQry) or die("2 - ".mysql_error());
- }
-
- ############################ home page slide ######################
- function homepageslideInfo($catName=null) {
- //$catName = 'Projects';
- $selectTextimg = " SELECT * FROM homepage_texts where category='".$catName."'";
- $categorysql_res = mysql_query($selectTextimg);
- $categorysql_num = mysql_num_rows($categorysql_res);
- if($categorysql_num>0) {
- $listarr=array();
- while($categorysql_array = mysql_fetch_array($categorysql_res)) {
- $listarr[]=array('categoryName'=>$categorysql_array['category'],'helpimage'=>$categorysql_array['helpimage'],'helptitle'=>$categorysql_array['helptitle'],'helpdescription'=>$categorysql_array['helpdescription'],'morelink'=>$categorysql_array['morelink']) ;
- }
- $this->set('slideInfo',$listarr);
-
- }
- $this->set('slideNumber',$categorysql_num);
- $this->set('categoryslide',$catName);
- }
-
- ##################################################################
- ##################################################################
-
- ###### FOR INAPPROPRIATE URL ######
- function verifyserverUrl($txturl=NULL) {
- if($txturl) {
- $selectUrl = "SELECT * from report_abuse where abuse_url='".$txturl."' and admin_block='1' ";
- $selectUrl_res = mysql_query($selectUrl);
- if(mysql_num_rows($selectUrl_res)>0) {
- $this->redirect('/error');
- }
- }
- }
-
-
- ###############################
-
-
-
-
-
- }
- ?>