PageRenderTime 55ms CodeModel.GetById 21ms RepoModel.GetById 1ms app.codeStats 0ms

/bin/mysql.php

https://bitbucket.org/fieldsofview/athena
PHP | 1034 lines | 925 code | 34 blank | 75 comment | 110 complexity | 6f35fdb830c27a8d97a2e756f65ea939 MD5 | raw file
    

  1. <?php
    2. 

  2. 	function database_query($query)
    3. 

  3. 	{
    4. 

  4. 		return mysql_query($query);
    5. 

  5. 	}
    6. 

  6. 	function database_fetch_array($res)
    7. 

  7. 	{
    8. 

  8. 		return mysql_fetch_array($res);
    9. 

  9. 	}
    10. 

  10. 	function database_num_rows($res)
    11. 

  11. 	{
    12. 

  12. 		return mysql_num_rows($res);
    13. 

  13. 	}
    14. 

  14. 	function database_error()
    15. 

  15. 	{
    16. 

  16. 		return mysql_error();
    17. 

  17. 	}
    18. 

  18. 	function escape_sql($str)
    19. 

  19. 	{
    20. 

  20. 		return mysql_real_escape_string($str);
    21. 

  21. 	}
    22. 

  22. 	function check_for_php_modules()
    23. 

  23. 	{
    24. 

  24. 		/**Checks for MySQL and cURL PHP modules, without which Athena won't work.*/
    25. 

  25. 		$mysql=function_exists("mysql_connect");
    26. 

  26. 		$curl=function_exists("curl_init");
    27. 

  27. 		if(!$mysql or !$curl)
    28. 

  28. 		{
    29. 

  29. 			if(!$mysql)
    30. 

  30. 				echo "You haven't installed PHP MySQL module.";
    31. 

  31. 			if(!$curl)
    32. 

  32. 				echo "You haven't installed PHP cURL module";
    33. 

  33. 			return false;
    34. 

  34. 			die;
    35. 

  35. 		}
    36. 

  36. 		return true;
    37. 

  37. 	}
    38. 

  38. 	check_for_php_modules();
    39. 

  39. 	$db=mysql_connect("$hostname","$dbuser","$dbpw");
    40. 

  40. 	$d=mysql_select_db("$dbname");
    41. 

  41. 	$error=fopen("error.log","a");
    42. 

  42. 	check_db_connectivity($db,$d);
    43. 

  43. 	/* Function definitions */
    44. 

  44. 	//-----------------------
    45. 

  45. 	function check_db_connectivity($db,$d)
    46. 

  46. 	{
    47. 

  47. 		if(!$db)
    48. 

  48. 		{
    49. 

  49. 			echo "<script>window.location='notinstalled.php';</script>";
    50. 

  50. 		}	
    51. 

  51. 		if(!$d)
    52. 

  52. 		{
    53. 

  53. 			echo "<script>window.location='notinstalled.php';</script>";
    54. 

  54. 		}
    55. 

  55. 		return true;
    56. 

  56. 	}
    57. 

  57. 	function validate($email,$pass)
    58. 

  58. 	{
    59. 

  59. 		/** Used to validate users when they login and whenever else required*/
    60. 

  60. 		$email=mysql_real_escape_string($email);
    61. 

  61. 		$pass=mysql_real_escape_string($pass);
    62. 

  62. 		$res=mysql_query("select password('$pass');");
    63. 

  63. 		$p1=mysql_fetch_array($res);
    64. 

  64. 		$res=mysql_query("select password,uid from users where email='$email';");
    65. 

  65. 		if(!$res)
    66. 

  66. 		{
    67. 

  67. 			fputs($error,mysql_error());
    68. 

  68. 			return "0";
    69. 

  69. 		}
    70. 

  70. 		$p2=mysql_fetch_array($res);
    71. 

  71. 		if($p1[0]==$p2[0])
    72. 

  72. 			return "1";
    73. 

  73. 		else return "0";
    74. 

  74. 	}
    75. 

  75. 	function check_file_write()
    76. 

  76. 	{
    77. 

  77. 		
    78. 

  78. 		/*$f1=substr(sprintf("%o",fileperms("upload/")),-2);
    79. 

  79. 		echo $f1;
    80. 

  80. 		if($f1<77)
    81. 

  81. 		{
    82. 

  82. 			echo "you need to grant write to upload";
    83. 

  83. 			die;
    84. 

  84. 		}*/
    85. 

  85. 	}
    86. 

  86. 	function getemail($uid)
    87. 

  87. 	{
    88. 

  88. 		/**Returns the email (as a string) of the users with id as $uid. */
    89. 

  89. 		$uid=mysql_real_escape_string($uid);
    90. 

  90. 		$row=mysql_fetch_array(mysql_query("select email from users where uid='$uid';"));
    91. 

  91. 		return $row[0];
    92. 

  92. 	}
    93. 

  93. 	function getuserid($email)
    94. 

  94. 	{
    95. 

  95. 		$email=mysql_real_escape_string($email);
    96. 

  96. 		$row=mysql_fetch_array(mysql_query("select uid from users where email='$email';"));
    97. 

  97. 		return $row[0];
    98. 

  98. 	}
    99. 

  99. 	function getname($email)
    100. 

  100. 	{
    101. 

  101. 		$email=mysql_real_escape_string($email);
    102. 

  102. 		$row=mysql_fetch_array(mysql_query("select fname,sname from users where email='$email';"));
    103. 

  103. 		return $row[0]." ".$row[1];
    104. 

  104. 	}
    105. 

  105. 	function getname_uid($uid)
    106. 

  106. 	{
    107. 

  107. 		$uid=mysql_real_escape_string($uid);
    108. 

  108. 		$row=mysql_fetch_array(mysql_query("select fname,sname from users where uid='$uid';"));
    109. 

  109. 		return $row[0]." ".$row[1];
    110. 

  110. 	}
    111. 

  111. 	function getuserdetails($email)
    112. 

  112. 	{
    113. 

  113. 		$email=mysql_real_escape_string($email);
    114. 

  114. 		$row=mysql_fetch_array(mysql_query("select * from users where email='$email' or uid='$email';"));
    115. 

  115. 		return $row;
    116. 

  116. 	}
    117. 

  117. 	function gettypes()
    118. 

  118. 	{
    119. 

  119. 		$res=mysql_query("select * from type;");
    120. 

  120. 		return $res;
    121. 

  121. 	}
    122. 

  122. 	function getattr($tyid)
    123. 

  123. 	{
    124. 

  124. 		$tyid=mysql_real_escape_string($tyid);
    125. 

  125. 		$res=mysql_query("select attrib from resource_attrib where tyid='$tyid';");
    126. 

  126. 		//echo "select attrib from resource_attrib where tyid='$x';";
    127. 

  127. 		if(!$res)
    128. 

  128. 			fputs($error,mysql_error());
    129. 

  129. 		return $res;
    130. 

  130. 	}
    131. 

  131. 	function gettypename($x)
    132. 

  132. 	{
    133. 

  133. 		$x=mysql_real_escape_string($x);
    134. 

  134. 		$row=mysql_fetch_array(mysql_query("select description from type where tyid='$x';"));
    135. 

  135. 		$name=str_replace("_"," ",$row[0]);
    136. 

  136. 		return $name;
    137. 

  137. 	}
    138. 

  138. 	function gettypename_eid($x)
    139. 

  139. 	{
    140. 

  140. 		$x=mysql_real_escape_string($x);
    141. 

  141. 		$row=mysql_fetch_array(mysql_query("select description from type natural join resource where eid='$x';"));
    142. 

  142. 		$name=str_replace("_"," ",$row[0]);
    143. 

  143. 		return $name;
    144. 

  144. 	}
    145. 

  145. 	/*function getresources($l,$p,$t)
    146. 

  146. 	{
    147. 

  147. 		$l=mysql_real_escape_string($l);
    148. 

  148. 		$p=mysql_real_escape_string($p);
    149. 

  149. 		$t=mysql_real_escape_string($t);
    150. 

  150. 		$y=($p-1)*12;
    151. 

  151. 		if($t=="")
    152. 

  152. 			$query="select distinct eid,name,fname,sname,description,tyid,lost from (resource natural join type) natural join users where name like '$l%' order by name limit $y,12";
    153. 

  153. 		else
    154. 

  154. 			$query="select distinct eid,name,fname,sname,description,tyid,lost from (resource natural join type) natural join users where name like '$l%' and tyid='$t' order by name limit $y,10;";
    155. 

  155. 		//$query="select * from browse_view limit 12;";
    156. 

  156. 		$res=mysql_query($query);
    157. 

  157. 		
    158. 

  158. 		if(!$res)
    159. 

  159. 		{
    160. 

  160. 			fputs($error,mysql_error());
    161. 

  161. 			die;
    162. 

  162. 		}
    163. 

  163. 		return $res;
    164. 

  164. 	}
    165. 

  165. 	
    166. 

  166. 	function getbr_count($l,$t)
    167. 

  167. 	{
    168. 

  168. 		$l=mysql_real_escape_string($l);
    169. 

  169. 		$t=mysql_real_escape_string($t);
    170. 

  170. 		//$y=($p-1)*10;
    171. 

  171. 		if($t=="")
    172. 

  172. 			$query="select distinct eid,name,fname,sname,description,tyid,lost from (resource natural join type) natural join users where name like '$l%' order by name";
    173. 

  173. 		else
    174. 

  174. 			$query="select distinct eid,name,fname,sname,description,tyid,lost from (resource natural join type) natural join users where name like '$l%' and tyid='$t' order by name;";
    175. 

  175. 		//$query="select * from browse_view limit 12;";
    176. 

  176. 		$res=mysql_query($query);
    177. 

  177. 		if(!$res)
    178. 

  178. 		{
    179. 

  179. 			fputs($error,mysql_error());
    180. 

  180. 			die;
    181. 

  181. 		}
    182. 

  182. 		return $res;
    183. 

  183. 	}*/
    184. 

  184. 	function getresources($l,$p,$t)
    185. 

  185. 	{
    186. 

  186. 		$l=mysql_real_escape_string($l);
    187. 

  187. 		$p=mysql_real_escape_string($p);
    188. 

  188. 		$t=mysql_real_escape_string($t);
    189. 

  189. 		$y=($p-1)*12;
    190. 

  190. 		if($t=="")
    191. 

  191. 			$query="select distinct eid,name,fname,sname,description,tyid,lost from (resource natural join type) natural join users where name like '$l%' order by name limit 12 offset $y";
    192. 

  192. 		else
    193. 

  193. 			$query="select distinct eid,name,fname,sname,description,tyid,lost from (resource natural join type) natural join users where name like '$l%' and tyid='$t' order by name limit 10 offset $y;";
    194. 

  194. 		$res=mysql_query($query);
    195. 

  195. 		if(!$res)
    196. 

  196. 		{
    197. 

  197. 			fputs($error,database_error());
    198. 

  198. 			die;
    199. 

  199. 		}
    200. 

  200. 		return $res;
    201. 

  201. 	}
    202. 

  202. 	function getbr_count($l,$t)
    203. 

  203. 	{
    204. 

  204. 		$l=mysql_real_escape_string($l);
    205. 

  205. 		$t=mysql_real_escape_string($t);
    206. 

  206. 		//$y=($p-1)*10;
    207. 

  207. 		if($t=="")
    208. 

  208. 			$query="select distinct eid,name,fname,sname,description,tyid,lost from (resource natural join type) natural join users where name like '$l%' order by name";
    209. 

  209. 		else
    210. 

  210. 			$query="select distinct eid,name,fname,sname,description,tyid,lost from (resource natural join type) natural join users where name like '$l%' and tyid='$t' order by name;";
    211. 

  211. 		$res=mysql_query($query);
    212. 

  212. 		if(!$res)
    213. 

  213. 		{
    214. 

  214. 			fputs($error,database_error());
    215. 

  215. 			die;
    216. 

  216. 		}
    217. 

  217. 		return $res;
    218. 

  218. 	}
    219. 

  219. 	function checkborrow($eid)
    220. 

  220. 	{
    221. 

  221. 		$eid=mysql_real_escape_string($eid);
    222. 

  222. 		$res=mysql_query("select * from borrowed where eid='$eid';");
    223. 

  223. 		if(mysql_num_rows($res)==0)
    224. 

  224. 		{
    225. 

  225. 			return "0";
    226. 

  226. 		}
    227. 

  227. 		else
    228. 

  228. 		{
    229. 

  229. 			$row=mysql_fetch_array($res);
    230. 

  230. 			return $row[1];
    231. 

  231. 		}
    232. 

  232. 	}
    233. 

  233. 	function borrowed($uid)
    234. 

  234. 	{
    235. 

  235. 		$uid=mysql_real_escape_string($uid);
    236. 

  236. 		$res=mysql_query("select * from borrowed,resource where borrowed.uid='$uid' and resource.eid=borrowed.eid;");
    237. 

  237. 		
    238. 

  238. 		if(!$res)
    239. 

  239. 		{
    240. 

  240. 			fputs($error,mysql_error());
    241. 

  241. 			die;
    242. 

  242. 		}
    243. 

  243. 		return $res;
    244. 

  244. 	}
    245. 

  245. 	function getresname($eid)
    246. 

  246. 	{
    247. 

  247. 		$eid=mysql_real_escape_string($eid);
    248. 

  248. 		$res=mysql_query("select name from resource where eid='$eid';");
    249. 

  249. 		if(!$res)
    250. 

  250. 		{
    251. 

  251. 			fputs($error,mysql_error());
    252. 

  252. 			die;
    253. 

  253. 		}
    254. 

  254. 		$row=mysql_fetch_array($res);
    255. 

  255. 		return stripslashes($row[0]);
    256. 

  256. 	}
    257. 

  257. 	function getmessages($uid)
    258. 

  258. 	{
    259. 

  259. 		$uid=mysql_real_escape_string($uid);
    260. 

  260. 		$res=mysql_query("select * from message where to_uid='$uid' and delete_flag='1';");
    261. 

  261. 		if(!$res)
    262. 

  262. 		{
    263. 

  263. 			fputs($error,mysql_error());
    264. 

  264. 			die;
    265. 

  265. 		}
    266. 

  266. 		return $res;
    267. 

  267. 	}
    268. 

  268. 	function gettyid($eid)
    269. 

  269. 	{
    270. 

  270. 		$eid=mysql_real_escape_string($eid);
    271. 

  271. 		$res=mysql_query("select tyid from resource where eid='$eid';");
    272. 

  272. 		$row=mysql_fetch_array($res);
    273. 

  273. 		return $row[0];
    274. 

  274. 	}
    275. 

  275. 	function gettypeid($t)
    276. 

  276. 	{
    277. 

  277. 		$t=mysql_real_escape_string($t);
    278. 

  278. 		$res=mysql_query("select tyid from type where description='$t';");
    279. 

  279. 		$row=mysql_fetch_array($res);
    280. 

  280. 		return $row[0];
    281. 

  281. 	}
    282. 

  282. 	function searchresources($q,$by,$p,$t)
    283. 

  283. 	{
    284. 

  284. 		$q=mysql_real_escape_string($q);
    285. 

  285. 		$by=mysql_real_escape_string($by);
    286. 

  286. 		$p=mysql_real_escape_string($p);
    287. 

  287. 		$cl = new SphinxClient ();
    288. 

  288. 		$sql = "";
    289. 

  289. 		$mode = SPH_MATCH_EXTENDED;
    290. 

  290. 		$host = "localhost";
    291. 

  291. 		$port = 9312;
    292. 

  292. 		$groupby = "";
    293. 

  293. 		$groupsort = "@group desc";
    294. 

  294. 		$filter = "group_id";
    295. 

  295. 		$filtervals = array();
    296. 

  296. 		$distinct = "";
    297. 

  297. 		$sortby = "";
    298. 

  298. 		$limit = 1000;
    299. 

  299. 		$ranker = SPH_RANK_PROXIMITY_BM25;
    300. 

  300. 		$select = "";
    301. 

  301. 		$cl->SetServer ( $host, $port );
    302. 

  302. 		$cl->SetConnectTimeout ( 1 );
    303. 

  303. 		$cl->SetArrayResult ( true );
    304. 

  304. 		$cl->SetWeights ( array ( 100, 1 ) );
    305. 

  305. 		$cl->SetMatchMode ( $mode );
    306. 

  306. 		if ( count($filtervals) )	$cl->SetFilter ( $filter, $filtervals );
    307. 

  307. 		if ( $groupby )				$cl->SetGroupBy ( $groupby, SPH_GROUPBY_ATTR, $groupsort );
    308. 

  308. 		if ( $sortby )				$cl->SetSortMode ( SPH_SORT_EXTENDED, $sortby );
    309. 

  309. 		if ( $sortexpr )			$cl->SetSortMode ( SPH_SORT_EXPR, $sortexpr );
    310. 

  310. 		if ( $distinct )			$cl->SetGroupDistinct ( $distinct );
    311. 

  311. 		if ( $select )				$cl->SetSelect ( $select );
    312. 

  312. 		if ( $limit )				$cl->SetLimits ( 0, $limit, ( $limit>1000 ) ? $limit : 1000 );
    313. 

  313. 		$cl->SetRankingMode ( $ranker );
    314. 

  314. 		$y=($p-1)*10;
    315. 

  315. 		$uid=$_SESSION['uid'];
    316. 

  316. 		if($by=="all")
    317. 

  317. 		{
    318. 

  318. 			//$query="select eid,name,fname,sname,description,tyid from (resource natural join type) natural join users where name like '%$q%' or description like '$q%' order by name limit $y,10";
    319. 

  319. 			$index = "*";
    320. 

  320. 			$resname = $cl->Query("$q*",$index);
    321. 

  321. 			if ( $resname===false )
    322. 

  322. 			{
    323. 

  323. 				echo "Query failed: " . $cl->GetLastError() . ".\n";
    324. 

  324. 

  325. 			} else
    326. 

  326. 			{
    327. 

  327. 				if ( $cl->GetLastWarning() )
    328. 

  328. 					//echo "WARNING: " . $cl->GetLastWarning() . "\n\n";
    329. 

  329. 

  330. 				$res1[3]= "Search for '$q' retrieved $resname[total] of $resname[total_found] matches in $resname[time] sec.<br/>";	
    331. 

  331. 				if ( is_array($resname["matches"]) )
    332. 

  332. 				{
    333. 

  333. 					foreach ( $resname["matches"] as $docinfo )
    334. 

  334. 					{
    335. 

  335. 						$results.=$docinfo[id].",";
    336. 

  336. 					}
    337. 

  337. 				}
    338. 

  338. 			}
    339. 

  339. 			$query="select eid,name,fname,sname,description,tyid from (resource natural join type) natural join users where eid in ($results"."0) and tyid in ($t"."0".") limit $y,10";
    340. 

  340. 			//echo $query;
    341. 

  341. 		}
    342. 

  342. 		else if($by=="name")
    343. 

  343. 		{
    344. 

  344. 			//$query="select eid,name,fname,sname,description,tyid from (resource natural join type) natural join users where name like '%$q%' order by name limit $y,10;";
    345. 

  345. 			//$query="select eid,name,fname,sname,description,tyid from (resource natural join type) natural join users where name like \"$q%\" limit $y,10;";
    346. 

  346. 			
    347. 

  347. 			$index = "nameindex";
    348. 

  348. 			$resname = $cl->Query ( "$q*", $index );
    349. 

  349. 			if ( $resname===false )
    350. 

  350. 			{
    351. 

  351. 				echo "Query failed: " . $cl->GetLastError() . ".\n";
    352. 

  352. 

  353. 			} else
    354. 

  354. 			{
    355. 

  355. 				if ( $cl->GetLastWarning() )
    356. 

  356. 					echo "WARNING: " . $cl->GetLastWarning() . "\n\n";
    357. 

  357. 

  358. 				$message= "Search for '$q' retrieved $resname[total] of $resname[total_found] matches in $resname[time] sec.<br/>";
    359. 

  359. 				echo $message;	
    360. 

  360. 				if ( is_array($resname["matches"]) )
    361. 

  361. 				{
    362. 

  362. 					foreach ( $resname["matches"] as $docinfo )
    363. 

  363. 					{
    364. 

  364. 						$results.=$docinfo[id].",";
    365. 

  365. 					}
    366. 

  366. 				}
    367. 

  367. 			}
    368. 

  368. 			$query="select eid,name,fname,sname,description,tyid from (resource natural join type) natural join users where eid in ($results"."0) and tyid in ($t"."0".") limit $y,10";
    369. 

  369. 			
    370. 

  370. 		}
    371. 

  371. 		else if($by=="tag")
    372. 

  372. 			$query="select distinct resource.eid,name,fname,sname,description,type.tyid from resource,type,user,resource_tag where resource.tyid=type.tyid and resource.uid=user.uid and resource.eid=resource_tag.eid and tagname like '%$q%' and type.tyid in ($t"."0".") limit $y,10;";
    373. 

  373. 		elseif($by=="taguser")
    374. 

  374. 			$query="select distinct resource.eid,resource.name,user.fname,user.sname,type.description,type.tyid from resource,type,user,resource_tag where resource.tyid=type.tyid and resource.uid=user.uid and resource.eid=resource_tag.eid and tagname like '%$q%' and user.uid='$uid' and type.tyid in ($t"."0".")order by name limit $y,10;";
    375. 

  375. 		else
    376. 

  376. 		{
    377. 

  377. 			$i=0;
    378. 

  378. 			$res=mysql_query("select description from type natural join resource_attrib where attrib='$by';");
    379. 

  379. 			while($row=mysql_fetch_array($res))
    380. 

  380. 			{
    381. 

  381. 				$q1="select eid from $row[0]details where $by like '$q%';";
    382. 

  382. 				$res2=mysql_query($q1);
    383. 

  383. 				if(!$res2)
    384. 

  384. 				{
    385. 

  385. 					fputs($error,mysql_error());
    386. 

  386. 					die;
    387. 

  387. 				}
    388. 

  388. 				while($row2=mysql_fetch_array($res2))
    389. 

  389. 				{
    390. 

  390. 					$searchr[$i]=$row2[0];
    391. 

  391. 					$i++;
    392. 

  392. 				}
    393. 

  393. 			}
    394. 

  394. 			$query="select eid,name,fname,sname,description,tyid from (resource natural join type) natural join users where ";
    395. 

  395. 			if($i>=1)
    396. 

  396. 				foreach($searchr as $x1)
    397. 

  397. 				{
    398. 

  398. 					$query.="eid='$x1' or ";
    399. 

  399. 				}
    400. 

  400. 			$query.="eid='0' order by name;";
    401. 

  401. 		
    402. 

  402. 			
    403. 

  403. 		}
    404. 

  404. 		$res=mysql_query($query);
    405. 

  405. 		if(!$res)
    406. 

  406. 		{
    407. 

  407. 			fputs($error,mysql_error());
    408. 

  408. 			die;
    409. 

  409. 		}
    410. 

  410. 		$res1[0]=$res;
    411. 

  411. 		$res1[1]=$resname[total];
    412. 

  412. 		$res1[2]=$message;
    413. 

  413. 		return $res1;
    414. 

  414. 	}
    415. 

  415. 	function searchresources_exists($q,$by,$p,$t)
    416. 

  416. 	{
    417. 

  417. 		$q=mysql_real_escape_string($q);
    418. 

  418. 		$by=mysql_real_escape_string($by);
    419. 

  419. 		$p=mysql_real_escape_string($p);
    420. 

  420. 		$cl = new SphinxClient ();
    421. 

  421. 		$sql = "";
    422. 

  422. 		$mode = SPH_MATCH_PHRASE;
    423. 

  423. 		$host = "localhost";
    424. 

  424. 		$port = 9312;
    425. 

  425. 		$groupby = "";
    426. 

  426. 		$groupsort = "@group desc";
    427. 

  427. 		$filter = "group_id";
    428. 

  428. 		$filtervals = array();
    429. 

  429. 		$distinct = "";
    430. 

  430. 		$sortby = "";
    431. 

  431. 		$limit = 1000;
    432. 

  432. 		$ranker = SPH_RANK_PROXIMITY_BM25;
    433. 

  433. 		$select = "";
    434. 

  434. 		$cl->SetServer ( $host, $port );
    435. 

  435. 		$cl->SetConnectTimeout ( 1 );
    436. 

  436. 		$cl->SetArrayResult ( true );
    437. 

  437. 		$cl->SetWeights ( array ( 100, 1 ) );
    438. 

  438. 		$cl->SetMatchMode ( $mode );
    439. 

  439. 		if ( count($filtervals) )	$cl->SetFilter ( $filter, $filtervals );
    440. 

  440. 		if ( $groupby )				$cl->SetGroupBy ( $groupby, SPH_GROUPBY_ATTR, $groupsort );
    441. 

  441. 		if ( $sortby )				$cl->SetSortMode ( SPH_SORT_EXTENDED, $sortby );
    442. 

  442. 		if ( $sortexpr )			$cl->SetSortMode ( SPH_SORT_EXPR, $sortexpr );
    443. 

  443. 		if ( $distinct )			$cl->SetGroupDistinct ( $distinct );
    444. 

  444. 		if ( $select )				$cl->SetSelect ( $select );
    445. 

  445. 		if ( $limit )				$cl->SetLimits ( 0, $limit, ( $limit>1000 ) ? $limit : 1000 );
    446. 

  446. 		$cl->SetRankingMode ( $ranker );
    447. 

  447. 		$y=($p-1)*10;
    448. 

  448. 		$uid=$_SESSION['uid'];
    449. 

  449. 		if($by=="all")
    450. 

  450. 		{
    451. 

  451. 			//$query="select eid,name,fname,sname,description,tyid from (resource natural join type) natural join users where name like '%$q%' or description like '$q%' order by name limit $y,10";
    452. 

  452. 			$index = "*";
    453. 

  453. 			$resname = $cl->Query("$q",$index);
    454. 

  454. 			if ( $resname===false )
    455. 

  455. 			{
    456. 

  456. 				echo "";
    457. 

  457. 

  458. 			} else
    459. 

  459. 			{
    460. 

  460. 				if ( $cl->GetLastWarning() )
    461. 

  461. 					//echo "WARNING: " . $cl->GetLastWarning() . "\n\n";
    462. 

  462. 

  463. 				$res1[3]= "Search for '$q' retrieved $resname[total] of $resname[total_found] matches in $resname[time] sec.<br/>";	
    464. 

  464. 				if ( is_array($resname["matches"]) )
    465. 

  465. 				{
    466. 

  466. 					foreach ( $resname["matches"] as $docinfo )
    467. 

  467. 					{
    468. 

  468. 						
    469. 

  469. 							$results.=$docinfo[id].",";
    470. 

  470. 					}
    471. 

  471. 				}
    472. 

  472. 			}
    473. 

  473. 			$query="select eid,name,fname,sname,description,tyid from (resource natural join type) natural join users where eid in ($results"."0) and tyid in ($t"."0".") limit $y,10";
    474. 

  474. 			//echo $query;
    475. 

  475. 		}
    476. 

  476. 		else if($by=="name")
    477. 

  477. 		{
    478. 

  478. 			//$query="select eid,name,fname,sname,description,tyid from (resource natural join type) natural join users where name like '%$q%' order by name limit $y,10;";
    479. 

  479. 			//$query="select eid,name,fname,sname,description,tyid from (resource natural join type) natural join users where name like \"$q%\" limit $y,10;";
    480. 

  480. 			
    481. 

  481. 			$index = "nameindex";
    482. 

  482. 			$resname = $cl->Query ( "$q", $index );
    483. 

  483. 			if ( $resname===false )
    484. 

  484. 			{
    485. 

  485. 				echo "";
    486. 

  486. 

  487. 			} else
    488. 

  488. 			{
    489. 

  489. 				if ( $cl->GetLastWarning() )
    490. 

  490. 					echo "WARNING: " . $cl->GetLastWarning() . "\n\n";
    491. 

  491. 

  492. 				$message= "Search for '$q' retrieved $resname[total] of $resname[total_found] matches in $resname[time] sec.<br/>";	
    493. 

  493. 				if ( is_array($resname["matches"]) )
    494. 

  494. 				{
    495. 

  495. 					foreach ( $resname["matches"] as $docinfo )
    496. 

  496. 					{
    497. 

  497. 						
    498. 

  498. 							$results.=$docinfo[id].",";
    499. 

  499. 					}
    500. 

  500. 				}
    501. 

  501. 			}
    502. 

  502. 			$query="select eid,name,fname,sname,description,tyid from (resource natural join type) natural join users where eid in ($results"."0) and tyid in ($t"."0".") limit $y,10";
    503. 

  503. 			
    504. 

  504. 		}
    505. 

  505. 		else if($by=="tag")
    506. 

  506. 			$query="select distinct resource.eid,name,fname,sname,description,type.tyid from resource,type,user,resource_tag where resource.tyid=type.tyid and resource.uid=user.uid and resource.eid=resource_tag.eid and tagname like '%$q%' and type.tyid in ($t"."0".") limit $y,10;";
    507. 

  507. 		elseif($by=="taguser")
    508. 

  508. 			$query="select distinct resource.eid,resource.name,user.fname,user.sname,type.description,type.tyid from resource,type,user,resource_tag where resource.tyid=type.tyid and resource.uid=user.uid and resource.eid=resource_tag.eid and tagname like '%$q%' and user.uid='$uid' and type.tyid in ($t"."0".")order by name limit $y,10;";
    509. 

  509. 		else
    510. 

  510. 		{
    511. 

  511. 			$i=0;
    512. 

  512. 			$res=mysql_query("select description from type natural join resource_attrib where attrib='$by';");
    513. 

  513. 			while($row=mysql_fetch_array($res))
    514. 

  514. 			{
    515. 

  515. 				$q1="select eid from $row[0]details where $by like '$q%';";
    516. 

  516. 				$res2=mysql_query($q1);
    517. 

  517. 				if(!$res2)
    518. 

  518. 				{
    519. 

  519. 					fputs($error,mysql_error());
    520. 

  520. 					die;
    521. 

  521. 				}
    522. 

  522. 				while($row2=mysql_fetch_array($res2))
    523. 

  523. 				{
    524. 

  524. 					$searchr[$i]=$row2[0];
    525. 

  525. 					$i++;
    526. 

  526. 				}
    527. 

  527. 			}
    528. 

  528. 			$query="select eid,name,fname,sname,description,tyid from (resource natural join type) natural join users where ";
    529. 

  529. 			if($i>=1)
    530. 

  530. 				foreach($searchr as $x1)
    531. 

  531. 				{
    532. 

  532. 					$query.="eid='$x1' or ";
    533. 

  533. 				}
    534. 

  534. 			$query.="eid='0' order by name;";
    535. 

  535. 		
    536. 

  536. 			
    537. 

  537. 		}
    538. 

  538. 		$res=mysql_query($query);
    539. 

  539. 		if(!$res)
    540. 

  540. 		{
    541. 

  541. 			fputs($error,mysql_error());
    542. 

  542. 			die;
    543. 

  543. 		}
    544. 

  544. 		$res1[0]=$res;
    545. 

  545. 		$res1[1]=$resname[total];
    546. 

  546. 		$res1[2]=$message;
    547. 

  547. 		return $res1;
    548. 

  548. 	}
    549. 

  549. 	function getcount($q,$by,$p)
    550. 

  550. 	{
    551. 

  551. 		$q=mysql_real_escape_string($q);
    552. 

  552. 		$by=mysql_real_escape_string($by);
    553. 

  553. 		$p=mysql_real_escape_string($p);
    554. 

  554. 		if($by=="all")
    555. 

  555. 			$query="select distinct count(*) from (resource natural join type) natural join users where name like '$q%' or description like '$q%' order by name";
    556. 

  556. 		else if($by=="name")
    557. 

  557. 		{
    558. 

  558. 			//$query="select distinct count(*) from (resource natural join type) natural join users where name like '$q%' order by name;";
    559. 

  559. 			$query="select count(eid) from (resource natural join type) natural join users where name like '$q%';";
    560. 

  560. 		}
    561. 

  561. 		else if($by=="tag")
    562. 

  562. 		{
    563. 

  563. 			//$query="select distinct count(*) from ((resource natural join type) natural join user) natural join resource_tag where tagname like '$q%' order by name;";
    564. 

  564. 			$query="select count(distinct resource.eid) from resource,type,user,resource_tag where resource.tyid=type.tyid and resource.uid=user.uid and resource.eid=resource_tag.eid and tagname like '%$q%' order by name";
    565. 

  565. 		}
    566. 

  566. 		else
    567. 

  567. 		{
    568. 

  568. 			$i=0;
    569. 

  569. 			$res=mysql_query("select description from type natural join resource_attrib where attrib='$by';");
    570. 

  570. 			while($row=mysql_fetch_array($res))
    571. 

  571. 			{
    572. 

  572. 				$q1="select eid from $row[0]details where $by like '%$q%';";
    573. 

  573. 				$res2=mysql_query($q1);
    574. 

  574. 				if(!$res2)
    575. 

  575. 				{
    576. 

  576. 					fputs($error,mysql_error());
    577. 

  577. 					die;
    578. 

  578. 				}
    579. 

  579. 				while($row2=mysql_fetch_array($res2))
    580. 

  580. 				{
    581. 

  581. 					$searchr[$i]=$row2[0];
    582. 

  582. 					$i++;
    583. 

  583. 				}
    584. 

  584. 			}
    585. 

  585. 			$query="select count(*) from (resource natural join type) natural join users where ";
    586. 

  586. 			if($i>=1)
    587. 

  587. 				foreach($searchr as $x1)
    588. 

  588. 				{
    589. 

  589. 					$query.="eid='$x1' or ";
    590. 

  590. 				}
    591. 

  591. 			$query.="eid='0' order by name;";
    592. 

  592. 		
    593. 

  593. 			
    594. 

  594. 		}
    595. 

  595. 		$res=mysql_query($query);
    596. 

  596. 		if(!$res)
    597. 

  597. 		{
    598. 

  598. 			echo mysql_error();
    599. 

  599. 			die;
    600. 

  600. 		}
    601. 

  601. 		$c=mysql_fetch_array($res);
    602. 

  602. 		return $c[0];
    603. 

  603. 	}
    604. 

  604. 	function check_exists_index($value,$type)
    605. 

  605. 	{
    606. 

  606. 		$value=mysql_real_escape_string($value);
    607. 

  607. 		$type=mysql_real_escape_string($type);
    608. 

  608. 		$q="$value";
    609. 

  609. 		$cl = new SphinxClient ();
    610. 

  610. 		$sql = "";
    611. 

  611. 		$mode = SPH_MATCH_EXTENDED;
    612. 

  612. 		$host = "localhost";
    613. 

  613. 		$port = 9312;
    614. 

  614. 		$groupby = "";
    615. 

  615. 		$groupsort = "@group desc";
    616. 

  616. 		$filter = "group_id";
    617. 

  617. 		$filtervals = array();
    618. 

  618. 		$distinct = "";
    619. 

  619. 		$sortby = "";
    620. 

  620. 		$limit = 1000;
    621. 

  621. 		$ranker = SPH_RANK_PROXIMITY_BM25;
    622. 

  622. 		$select = "";
    623. 

  623. 		$cl->SetServer ( $host, $port );
    624. 

  624. 		$cl->SetConnectTimeout ( 1 );
    625. 

  625. 		$cl->SetArrayResult ( true );
    626. 

  626. 		$cl->SetWeights ( array ( 100, 1 ) );
    627. 

  627. 		$cl->SetMatchMode ( $mode );
    628. 

  628. 		if ( count($filtervals) )	$cl->SetFilter ( $filter, $filtervals );
    629. 

  629. 		if ( $groupby )				$cl->SetGroupBy ( $groupby, SPH_GROUPBY_ATTR, $groupsort );
    630. 

  630. 		if ( $sortby )				$cl->SetSortMode ( SPH_SORT_EXTENDED, $sortby );
    631. 

  631. 		if ( $sortexpr )			$cl->SetSortMode ( SPH_SORT_EXPR, $sortexpr );
    632. 

  632. 		if ( $distinct )			$cl->SetGroupDistinct ( $distinct );
    633. 

  633. 		if ( $select )				$cl->SetSelect ( $select );
    634. 

  634. 		if ( $limit )				$cl->SetLimits ( 0, $limit, ( $limit>1000 ) ? $limit : 1000 );
    635. 

  635. 		$cl->SetRankingMode ( $ranker );
    636. 

  636. 		$index = "*";
    637. 

  637. 		$resname = $cl->Query("$q",$index);
    638. 

  638. 		if ( $resname===false )
    639. 

  639. 		{
    640. 

  640. 			echo "error";
    641. 

  641. 

  642. 		} else
    643. 

  643. 		{
    644. 

  644. 			if($resname[total_found]==0)
    645. 

  645. 			{
    646. 

  646. 				echo "error";
    647. 

  647. 				return;
    648. 

  648. 			}
    649. 

  649. 			if ( $cl->GetLastWarning() )
    650. 

  650. 				//echo "WARNING: " . $cl->GetLastWarning() . "\n\n";
    651. 

  651. 

  652. 			
    653. 

  653. 			if ( is_array($resname["matches"]) )
    654. 

  654. 			{
    655. 

  655. 				foreach ( $resname["matches"] as $docinfo )
    656. 

  656. 				{
    657. 

  657. 					$results.=$docinfo[id].",";
    658. 

  658. 					echo $docinfo[id];
    659. 

  659. 				}
    660. 

  660. 			}
    661. 

  661. 		}
    662. 

  662. 		return $results;
    663. 

  663. 		
    664. 

  664. 	}
    665. 

  665. 	function gettags($eid,$uid)
    666. 

  666. 	{
    667. 

  667. 		$eid=mysql_real_escape_string($eid);
    668. 

  668. 		$uid=mysql_real_escape_string($uid);
    669. 

  669. 		$res=mysql_query("select tagname from resource_tag where eid='$eid' and uid='$uid';");
    670. 

  670. 		return $res;
    671. 

  671. 	}
    672. 

  672. 	function getpoptags($eid)
    673. 

  673. 	{
    674. 

  674. 		$eid=mysql_real_escape_string($eid);
    675. 

  675. 		if($eid=="0")
    676. 

  676. 		{
    677. 

  677. 			$res=mysql_query("select distinct tagname from resource_tag group by tagname having count(tagname)>'150';");
    678. 

  678. 		}
    679. 

  679. 		else
    680. 

  680. 			$res=mysql_query("select distinct tagname from resource_tag where eid='$eid';");
    681. 

  681. 		return $res;
    682. 

  682. 	}
    683. 

  683. 	function gettagcount($tag,$eid)
    684. 

  684. 	{
    685. 

  685. 		$eid=mysql_real_escape_string($eid);
    686. 

  686. 		$tag=mysql_real_escape_string($tag);
    687. 

  687. 		if($eid=='0')
    688. 

  688. 			$res=mysql_query("select count(*) from resource_tag where tagname='$tag';");
    689. 

  689. 		else
    690. 

  690. 			$res=mysql_query("select count(*) from resource_tag where tagname='$tag' and eid='$eid';");
    691. 

  691. 		$row=mysql_fetch_array($res);
    692. 

  692. 		return $row[0];
    693. 

  693. 	}
    694. 

  694. 	function getcomments($eid)
    695. 

  695. 	{	
    696. 

  696. 		$eid=mysql_real_escape_string($eid);
    697. 

  697. 		$res=mysql_query("select * from comment_table where eid='$eid';");
    698. 

  698. 		if(!$res)
    699. 

  699. 		{
    700. 

  700. 			fputs($error,mysql_error());
    701. 

  701. 			die;
    702. 

  702. 		}
    703. 

  703. 		return $res;
    704. 

  704. 	}
    705. 

  705. 	function getmodule($page)
    706. 

  706. 	{
    707. 

  707. 		$page=mysql_real_escape_string($page);
    708. 

  708. 		$res1=mysql_query("select * from module where mod_loc='$page';");
    709. 

  709. 		if(mysql_num_rows($res1)==0)
    710. 

  710. 		{
    711. 

  711. 			return;
    712. 

  712. 		}
    713. 

  713. 		if(!$res1)
    714. 

  714. 		{
    715. 

  715. 			fputs($error,mysql_error());
    716. 

  716. 			die;
    717. 

  717. 		}
    718. 

  718. 		else
    719. 

  719. 		{
    720. 

  720. 			while($row=mysql_fetch_array($res1))
    721. 

  721. 			{
    722. 

  722. 				
    723. 

  723. 				echo "<div id='$row[0]' class='module'>";
    724. 

  724. 				if($page=="menu.php")
    725. 

  725. 					include_once "modules/$row[0]";
    726. 

  726. 				else
    727. 

  727. 					include_once "modules/$row[0]";			
    728. 

  728. 				echo "</div>";
    729. 

  729. 				
    730. 

  730. 			}
    731. 

  731. 		}
    732. 

  732. 		
    733. 

  733. 	}
    734. 

  734. 	function getlostres()
    735. 

  735. 	{
    736. 

  736. 		$res=mysql_query("select * from resource where lost='1'");
    737. 

  737. 		if(!$res)
    738. 

  738. 		{
    739. 

  739. 			fputs($error,mysql_error());
    740. 

  740. 			die;
    741. 

  741. 		}
    742. 

  742. 		return $res;
    743. 

  743. 	}
    744. 

  744. 	function borrowed_from_log($uid)
    745. 

  745. 	{
    746. 

  746. 		$uid=mysql_real_escape_string($uid);
    747. 

  747. 		$res=mysql_query("select * from log,resource where log.uid='$uid' and resource.eid=log.eid and activity='borrowed' group by name order by time_entry desc;");
    748. 

  748. 		
    749. 

  749. 		if(!$res)
    750. 

  750. 		{
    751. 

  751. 			fputs($error,mysql_error());
    752. 

  752. 			die;
    753. 

  753. 		}
    754. 

  754. 		return $res;
    755. 

  755. 	}
    756. 

  756. 	function getattributes()
    757. 

  757. 	{
    758. 

  758. 		$res=mysql_query("select distinct attrib from resource_attrib;");
    759. 

  759. 		if(!$res)
    760. 

  760. 		{
    761. 

  761. 			fputs($error,mysql_error());
    762. 

  762. 			die;
    763. 

  763. 		}
    764. 

  764. 		return $res;
    765. 

  765. 	}
    766. 

  766. 	function checkauthor($tyid)
    767. 

  767. 	{
    768. 

  768. 		$tyid=mysql_real_escape_string($tyid);
    769. 

  769. 		$res=mysql_query("select attrib from resource_attrib where tyid='$tyid' and attrib='author';");
    770. 

  770. 		if(!$res)
    771. 

  771. 		{
    772. 

  772. 			fputs($error,mysql_error());
    773. 

  773. 			die;
    774. 

  774. 		}
    775. 

  775. 		$c=mysql_num_rows($res);
    776. 

  776. 		return $c;
    777. 

  777. 	}
    778. 

  778. 	function getauthor($eid,$tyid)
    779. 

  779. 	{
    780. 

  780. 		$eid=mysql_real_escape_string($eid);
    781. 

  781. 		$tyid=mysql_real_escape_string($tyid);
    782. 

  782. 		$ty=gettypename($tyid);
    783. 

  783. 		$res=mysql_query("select author from $ty where eid='$eid';");
    784. 

  784. 		//echo "select author from $ty where eid='$eid';";
    785. 

  785. 		if(!$res)
    786. 

  786. 		{
    787. 

  787. 			fputs($error,mysql_error());
    788. 

  788. 			die;
    789. 

  789. 		}
    790. 

  790. 		$row=mysql_fetch_array($res);
    791. 

  791. 		return $row[0];
    792. 

  792. 	}
    793. 

  793. 	function getusers()
    794. 

  794. 	{
    795. 

  795. 		$res=mysql_query("select fname,sname,uid from users where uid<>'-1';");
    796. 

  796. 		return $res;
    797. 

  797. 	}
    798. 

  798. 	function getrating($eid,$uid)
    799. 

  799. 	{
    800. 

  800. 		$eid=mysql_real_escape_string($eid);
    801. 

  801. 		$uid=mysql_real_escape_string($uid);
    802. 

  802. 		$res=mysql_query("select rating from ratings where eid='$eid' and uid='$uid';");
    803. 

  803. 		if(!$res)
    804. 

  804. 		{
    805. 

  805. 			fputs($error,mysql_error());
    806. 

  806. 			die;
    807. 

  807. 		}
    808. 

  808. 		$row=mysql_fetch_array($res);
    809. 

  809. 		return $row[0];
    810. 

  810. 	}
    811. 

  811. 	function getglobalrating($eid)
    812. 

  812. 	{
    813. 

  813. 		$eid=mysql_real_escape_string($eid);
    814. 

  814. 		$res=mysql_query("select rating from ratings where eid='$eid';");
    815. 

  815. 		$avg=0;
    816. 

  816. 		$count=mysql_num_rows($res);
    817. 

  817. 		if($count!=0)
    818. 

  818. 		{
    819. 

  819. 			while($row=mysql_fetch_array($res))
    820. 

  820. 			{
    821. 

  821. 				//$count++;
    822. 

  822. 				$avg+=$row[0];
    823. 

  823. 			}
    824. 

  824. 			$avg=$avg/$count;
    825. 

  825. 		}
    826. 

  826. 		else $avg=0;
    827. 

  827. 		return $avg;
    828. 

  828. 	}
    829. 

  829. 	function logger($s)
    830. 

  830. 	{
    831. 

  831. 		$s=mysql_real_escape_string($s);
    832. 

  832. 		$uid=$_SESSION['uid'];
    833. 

  833. 		if($s=='Logged in' or $s=='Logged out')
    834. 

  834. 		{
    835. 

  835. 			$res=mysql_query("insert into log (time_entry,activity,uid) values(now(),'$s','$uid')");
    836. 

  836. 			return;
    837. 

  837. 		}
    838. 

  838. 		
    839. 

  839. 		$data=explode("::",$s);
    840. 

  840. 		if($data[0]=="details")
    841. 

  841. 		{
    842. 

  842. 			$data[1]=mysql_real_escape_string($data[1]);
    843. 

  843. 			$res=mysql_query("insert into log (time_entry,activity,uid,eid) values(now(),'viewed','$uid','$data[1]')");
    844. 

  844. 			return;
    845. 

  845. 		}
    846. 

  846. 		if($data[0]=="wished for")
    847. 

  847. 		{
    848. 

  848. 			$data[1]=mysql_real_escape_string($data[1]);
    849. 

  849. 			$res=mysql_query("insert into log (time_entry,activity,uid,wid,comments) values(now(),'wished for','$uid','$data[1]',\"$data[2]\")");
    850. 

  850. 			//echo "insert into log (time_entry,activity,uid,wid,comments) values(now(),'viewed','$uid','$data[1]',\"$data[2]\")";
    851. 

  851. 			return;
    852. 

  852. 		}
    853. 

  853. 		
    854. 

  854. 		if($data[0]=="search")
    855. 

  855. 		{
    856. 

  856. 			$data[1]=mysql_real_escape_string($data[1]);
    857. 

  857. 			$res=mysql_query("insert into log (time_entry,activity,uid,comments) values (now(),'search','$uid',\"$data[1]\")");
    858. 

  858. 			return;
    859. 

  859. 		}
    860. 

  860. 		if($data[0]=="added")
    861. 

  861. 		{
    862. 

  862. 			$data[1]=mysql_real_escape_string($data[1]);
    863. 

  863. 			$res=mysql_query("insert into log (time_entry,activity,uid,eid) values (now(),'added','$uid',\"$data[1]\")");
    864. 

  864. 			return;
    865. 

  865. 		}
    866. 

  866. 		if($data[0]=="borrowed")
    867. 

  867. 		{
    868. 

  868. 			$data[1]=mysql_real_escape_string($data[1]);
    869. 

  869. 			$res=mysql_query("insert into log (time_entry,activity,uid,eid) values (now(),'borrowed','$data[1]',\"$data[2]\")");
    870. 

  870. 			if(!$res)
    871. 

  871. 			{
    872. 

  872. 				echo "insert into log (time_entry,activity,uid,eid) values (now(),'borrowed','$data[1]',\"$data[2]\")";
    873. 

  873. 			}
    874. 

  874. 			return;
    875. 

  875. 		}
    876. 

  876. 		if($data[0]=="returned")
    877. 

  877. 		{
    878. 

  878. 			$data[1]=mysql_real_escape_string($data[1]);
    879. 

  879. 			$res=mysql_query("insert into log (time_entry,activity,uid,eid) values (now(),'returned','$data[1]',\"$data[2]\")");
    880. 

  880. 			if(!$res)
    881. 

  881. 			{
    882. 

  882. 				echo mysql_error();
    883. 

  883. 			}
    884. 

  884. 			return;
    885. 

  885. 		}
    886. 

  886. 		if($data[0]=="added new resource type")
    887. 

  887. 		{
    888. 

  888. 			$data[1]=mysql_real_escape_string($data[1]);
    889. 

  889. 			$res=mysql_query("insert into log(time_entry,activity,uid,comments) values(now(),'added new resource type','$uid',\"$data[1]\")");
    890. 

  890. 			return;
    891. 

  891. 		}
    892. 

  892. 		if($data[0]=="edited")
    893. 

  893. 		{
    894. 

  894. 			$data[1]=mysql_real_escape_string($data[1]);
    895. 

  895. 			$data[2]=mysql_real_escape_string($data[2]);
    896. 

  896. 			$res=mysql_query("insert into log(time_entry,activity,uid,eid,comments) values(now(),'edited','$uid','$data[1]','$data[2]');");
    897. 

  897. 			return;
    898. 

  898. 		}
    899. 

  899. 	}
    900. 

  900. 	function api_logger($uid,$s)
    901. 

  901. 	{
    902. 

  902. 	
    903. 

  903. 	}	
    904. 

  904. 	function rand_str($length = 32, $chars = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz1234567890')
    905. 

  905. 	{
    906. 

  906. 		// Length of character list
    907. 

  907. 		$chars_length = (strlen($chars) - 1);
    908. 

  908. 		// Start our string
    909. 

  909. 		$string = $chars{rand(0, $chars_length)};
    910. 

  910. 		// Generate random string
    911. 

  911. 		for ($i = 1; $i < $length; $i = strlen($string))
    912. 

  912. 		{
    913. 

  913. 		// Grab a random character from our list
    914. 

  914. 		$r = $chars{rand(0, $chars_length)};
    915. 

  915. 

  916. 		// Make sure the same two characters don't appear next to each other
    917. 

  917. 		if ($r != $string{$i - 1}) $string .=  $r;
    918. 

  918. 		}
    919. 

  919. 		// Return the string
    920. 

  920. 		return $string;
    921. 

  921. 	}
    922. 

  922. 	function getfav($uid)
    923. 

  923. 	{
    924. 

  924. 		$uid=mysql_real_escape_string($uid);
    925. 

  925. 		$res=mysql_query("select resource.eid,name,tyid from favourites,resource where favourites.uid='$uid' and favourites.eid=resource.eid;");
    926. 

  926. 		if(!$res or mysql_num_rows($res)==0)
    927. 

  927. 		{
    928. 

  928. 			echo "You havn't added anything to your favourites list.";
    929. 

  929. 			die;
    930. 

  930. 		}
    931. 

  931. 		return $res;
    932. 

  932. 	}
    933. 

  933. 	function login($uid)
    934. 

  934. 	{
    935. 

  935. 		$uid=mysql_real_escape_string($uid);
    936. 

  936. 		$res=mysql_query("insert into online values('$uid',now());");
    937. 

  937. 	}	
    938. 

  938. 	function logout($uid)
    939. 

  939. 	{
    940. 

  940. 		$uid=mysql_real_escape_string($uid);
    941. 

  941. 		$res=mysql_query("delete from online where uid='$uid';");
    942. 

  942. 	}
    943. 

  943. 	function getoverallrating($eid)
    944. 

  944. 	{
    945. 

  945. 		$eid=mysql_real_escape_string($eid);
    946. 

  946. 		$row=mysql_fetch_array(mysql_query("select rating from resource where eid='$eid';"));
    947. 

  947. 		return $row[0];
    948. 

  948. 	}
    949. 

  949. 	function delete_resource($eid)
    950. 

  950. 	{
    951. 

  951. 		mysql_query("delete from resource where eid='$eid';");
    952. 

  952. 		
    953. 

  953. 		echo "done";
    954. 

  954. 		
    955. 

  955. 	}
    956. 

  956. 	function getauthors()
    957. 

  957. 	{
    958. 

  958. 		$f=fopen("authors.txt","w");
    959. 

  959. 		$i=0;
    960. 

  960. 		$res=mysql_query(" select author,count(author) from Book where author<>' ' group by author order by count(author) desc");
    961. 

  961. 		while($row=mysql_fetch_array($res))
    962. 

  962. 		{
    963. 

  963. 			$authors=explode(",",$row[0]);
    964. 

  964. 			foreach($authors as $a)
    965. 

  965. 			{
    966. 

  966. 				fputs($f,"$a-$row[1]\n");
    967. 

  967. 				$i++;
    968. 

  968. 			}
    969. 

  969. 		}
    970. 

  970. 		fclose($f);
    971. 

  971. 		return $i;
    972. 

  972. 	}
    973. 

  973. 	function getcovers($eid)
    974. 

  974. 	{
    975. 

  975. 		$res=mysql_query("select url from images where eid='$eid' limit 0,3;");
    976. 

  976. 		return $res;
    977. 

  977. 	}
    978. 

  978. 	function getallcovers($eid)
    979. 

  979. 	{
    980. 

  980. 		$res=mysql_query("select url,uid from images where eid='$eid';");
    981. 

  981. 		return $res;
    982. 

  982. 	}
    983. 

  983. 	function check_for_download_request($eid,$uid)
    984. 

  984. 	{
    985. 

  985. 		$eid=mysql_real_escape_string($eid);
    986. 

  986. 		$uid=mysql_real_escape_string($uid);
    987. 

  987. 		$res=mysql_query("select * from download_request where eid='$eid' and uid='$uid'");
    988. 

  988. 		return $res;
    989. 

  989. 	}
    990. 

  990. 	function pending_download_requests_for_eid($eid,$uid)
    991. 

  991. 	{
    992. 

  992. 		$eid=mysql_real_escape_string($eid);
    993. 

  993. 		$uid=mysql_real_escape_string($uid);
    994. 

  994. 		$res=mysql_query("select * from download_request where eid='$eid' and status='pending' and id in(select id from uploaded where uid='$uid');");
    995. 

  995. 		return $res;
    996. 

  996. 	}
    997. 

  997. 	function get_installed_modules()
    998. 

  998. 	{	
    999. 

  999. 		$res=mysql_query("select module_name,mod_id from installed_modules");
    1000. 

  1000. 		return $res;
    1001. 

  1001. 	}
    1002. 

  1002. 	function notinstalled($name)
    1003. 

  1003. 	{
    1004. 

  1004. 		
    1005. 

  1005. 		$res=mysql_query("select * from installed_modules where module_name='$name'");
    1006. 

  1006. 		if(mysql_num_rows($res)==0)
    1007. 

  1007. 		{
    1008. 

  1008. 			return true;
    1009. 

  1009. 		}
    1010. 

  1010. 		else
    1011. 

  1011. 			return false;
    1012. 

  1012. 	}
    1013. 

  1013. 	function most_popular()
    1014. 

  1014. 	{
    1015. 

  1015. 		$res=mysql_query("select eid from log where activity<>'returned' and eid<>'NULL' group by eid order by count(*) desc limit 9;");
    1016. 

  1016. 		return $res;
    1017. 

  1017. 	}
    1018. 

  1018. 	function check_exists($eid)
    1019. 

  1019. 	{
    1020. 

  1020. 		$res=mysql_num_rows(mysql_query("select eid from resource where eid='$eid';"));
    1021. 

  1021. 		return $res;
    1022. 

  1022. 	}
    1023. 

  1023. 	function getUserWishlist($uid)
    1024. 

  1024. 	{
    1025. 

  1025. 		$uid=mysql_real_escape_string($uid);
    1026. 

  1026. 		$res=database_query("select * from wishlist where uid='$uid';");
    1027. 

  1027. 		return $res;
    1028. 

  1028. 	}
    1029. 

  1029. 	function getPublicWishlist()
    1030. 

  1030. 	{
    1031. 

  1031. 		$res=database_query("select * from wishlist;");
    1032. 

  1032. 		return $res;
    1033. 

  1033. 	}
    1034. 

  1034. ?>
    1035. 

  1035.