Viewing file:  db_mysqli.inc.php (48.58 KB) -rwxr-xr-x
Select action/file-type:
 (+) |  (+) |  (+) | Code (+) | Session (+) |  (+) | SDB (+) |  (+) |  (+) |  (+) |  (+) |  (+) |
<?php
/*
############################################################################
# DWmail
# - version 4.0
# - Copyright (c) 2003-2006 Dominion Web Design
# - http://www.dominion-web.com/products/dwmail/
############################################################################
#
# The contents of this file are subject to the DWmail License version
# 2.2 ('License'). You may not use this file except in compliance with
# the License. You may obtain a copy of the License at
# http://www.dominion-web.com/products/dwmail/license.php
# Software distributed under the License is distributed on an "AS IS" basis,
# without warranty of any kind, either express or implied.
#
# This code is Copyright (c) 2003-2006 Dominion Web Design.
# All rights reserved.
#
# This software may not be redistributed outside the terms of the
# license agreement.
#
############################################################################
*/
// #############################################################################
// This class is for standard MySQLi extensions.
// If you are using PHP 4 or PHP5 with MySQL < 4.0 you should use the mysql library
class DB_Connection {
var $_DBUserName;
var $_DBPassword;
var $_DBDatabase;
var $_DBHost;
var $_cn;
var $_db;
var $_DBUserID;
var $_daycount;
var $_lastlogindate;
var $_lastlogintime;
var $_currentemailaddress;
var $_currentpassword;
var $_externallist;
function DB_Connection($dbhost, $dbuser, $dbpassword, $dbdatabase) {
$this->_DBUserName=$dbuser;
$this->_DBPassword=$dbpassword;
$this->_DBHost=$dbhost;
$this->_DBDatabase=$dbdatabase;
}
function DBConnect() {
$this->_cn = mysqli_connect($this->_DBHost, $this->_DBUserName, $this->_DBPassword);
return $this->_cn;
}
function TableSelect() {
$this->_db = mysqli_select_db($this->_cn, $this->_DBDatabase);
return $this->_db;
}
function DB_MakeConnection() {
$this->DBConnect();
if ($this->_cn) {
$this->TableSelect();
if ($this->_db) {
return true;
}
else {
return false;
}
}
else {
return false;
}
}
function DB_CloseConnection() {
mysqli_close($this->_cn);
}
function DB_CheckUser($currentemailaddress, $currentpassword) {
$this->_currentemailaddress = $currentemailaddress;
$this->_currentpassword = $currentpassword;
$result = mysqli_query ($this->_cn, "SELECT id, DATE_FORMAT(`lastlogin`, '%D %M %Y') as lastdateformat, DATE_FORMAT(`lastlogin`, '%T') as lasttimeformat, emailclear FROM `dwm-users` WHERE `emailaddress` = MD5('" . $currentemailaddress . "') and `password` = MD5('" . $currentpassword . "') LIMIT 0,1");
if (!$result) {
echo mysqli_error($this->_cn);
}
if ($row = mysqli_fetch_array($result, MYSQLI_BOTH)) {
$db_id = $row["id"];
$this->_lastlogindate = $row["lastdateformat"];
$this->_lastlogintime = $row["lasttimeformat"];
if (empty($row["emailclear"])) {
$result3 = mysqli_query ($this->_cn, "UPDATE `dwm-users` SET `emailclear` = '" . strtolower($currentemailaddress) . "' WHERE `id` = '" . $db_id . "'");
}
}
else {
$result2 = mysqli_query ($this->_cn, "INSERT INTO `dwm-users` (`emailaddress`, `password`, `lastlogin`, `emailclear`) VALUES (MD5('" . $currentemailaddress . "'), MD5('" . $currentpassword . "'), NOW(), '" . strtolower($currentemailaddress) . "')");
if (!$result2) {
echo mysqli_error($this->_cn);
}
$db_id = mysqli_insert_id($this->_cn);
}
if (isset($db_id)) {
$this->_DBUserID = $db_id;
return $this->_DBUserID;
}
}
function DB_FindProfile($oldemail, $oldpassword) {
$result = mysqli_query ($this->_cn, "SELECT `id` FROM `dwm-users` WHERE `emailaddress` = MD5('" . $oldemail . "') and `password` = MD5('" . $oldpassword . "') LIMIT 0,1");
if (!$result) {
echo mysqli_error($this->_cn);
}
if ($row = mysqli_fetch_array($result, MYSQLI_BOTH)) {
$oldid = $row["id"];
}
else {
$oldid = FALSE;
}
return $oldid;
}
function DB_UpdateLastLogin() {
$result = mysqli_query ($this->_cn, "UPDATE `dwm-users` SET lastlogin = NOW() WHERE `emailaddress` = MD5('" . $this->_currentemailaddress . "') and `password` = MD5('" . $this->_currentpassword . "')");
return $result;
}
function DB_LogAccess($IPLogging) {
if ($IPLogging == 1) {
$result = mysqli_query ($this->_cn, "INSERT INTO `dwm-stats` (`logindts`, `userid`, `ipaddress`) VALUES (NOW(), '" . $this->_DBUserID . "', '" . $_SERVER['REMOTE_ADDR'] . "')");
}
else {
$result = mysqli_query ($this->_cn, "INSERT INTO `dwm-stats` (`logindts`, `userid`) VALUES (NOW(), '" . $this->_DBUserID . "')");
}
return $result;
}
function DB_LogSend($recipients) {
$result = mysqli_query ($this->_cn, "INSERT INTO `dwm-statscompose` (`userid`, `sentdts`, `recipients`) VALUES ('" . $this->_DBUserID . "', NOW(), '$recipients')");
return $result;
}
function DB_LoginPeriod($period) {
$resultcount = mysqli_query ($this->_cn, "SELECT * FROM `dwm-stats` WHERE TO_DAYS(NOW()) - TO_DAYS(`logindts`) <= $period");
$result = mysqli_num_rows($resultcount);
return $result;
}
function DB_LoginStats($period) {
// Sent emails
$resultcount = mysqli_query ($this->_cn, "SELECT * FROM `dwm-statscompose` WHERE TO_DAYS(NOW()) - TO_DAYS(`sentdts`) <= $period");
$result = mysqli_num_rows($resultcount);
return $result;
}
function DB_CleanUp($cleanup) {
// Delete all users and user data where we have a) a number of days set and
// b) haven't logged in in that number of days
if ($cleanup > 0) {
$result = mysqli_query ($this->_cn, "SELECT * FROM `dwm-users` WHERE TO_DAYS(NOW()) - TO_DAYS(`lastlogin`) >= $cleanup");
if (!$result) {
echo mysqli_error($this->_cn);
}
if ($row = mysqli_fetch_array($result, MYSQLI_BOTH)) {
$db_id = $row["id"];
$result11 = mysqli_query ($this->_cn, "DELETE FROM `dwm-attendees` WHERE `userid` = $db_id");
$result10 = mysqli_query ($this->_cn, "DELETE FROM `dwm-alias` WHERE `userid` = $db_id");
$result3 = mysqli_query ($this->_cn, "DELETE FROM `dwm-addressbook` WHERE `userid` = $db_id");
$result2 = mysqli_query ($this->_cn, "DELETE FROM `dwm-calendar` WHERE `userid` = $db_id");
$result4 = mysqli_query ($this->_cn, "DELETE FROM `dwm-prefs` WHERE `userid` = $db_id");
$result6 = mysqli_query ($this->_cn, "DELETE FROM `dwm-filters` WHERE `userid` = $db_id");
$result7 = mysqli_query ($this->_cn, "DELETE FROM `dwm-pop3` WHERE `userid` = $db_id");
$result8 = mysqli_query ($this->_cn, "DELETE FROM `dwm-groups` WHERE `userid` = $db_id");
$result9 = mysqli_query ($this->_cn, "DELETE FROM `dwm-groupmembers` WHERE `userid` = $db_id");
$result5 = mysqli_query ($this->_cn, "DELETE FROM `dwm-users` WHERE `id` = $db_id");
}
}
}
/*
ADDRESS BOOK FUNCTIONS
----------------------
*/
function DB_GetEmailList($LetterView = 'all') {
if ($LetterView == 'all') {
$SQLStatement = "SELECT * FROM `dwm-addressbook` WHERE (`userid` = '" . $this->_DBUserID . "' OR `userid` = '0') ORDER BY `lastname`";
}
elseif ($LetterView == 'num') {
$SQLStatement = "SELECT * FROM `dwm-addressbook` WHERE (`userid` = '" . $this->_DBUserID . "' OR `userid` = '0') AND LEFT(UCASE(`lastname`), 1) = '0' OR LEFT(UCASE(`lastname`), 1) = '1' OR LEFT(UCASE(`lastname`), 1) = '2' OR LEFT(UCASE(`lastname`), 1) = '3' OR LEFT(UCASE(`lastname`), 1) = '4' OR LEFT(UCASE(`lastname`), 1) = '5' OR LEFT(UCASE(`lastname`), 1) = '6' OR LEFT(UCASE(`lastname`), 1) = '7' OR LEFT(UCASE(`lastname`), 1) = '8' OR LEFT(UCASE(`lastname`), 1) = '9' ORDER BY `lastname`";
}
else {
$SQLStatement = "SELECT * FROM `dwm-addressbook` WHERE (`userid` = '" . $this->_DBUserID . "' OR `userid` = '0') AND LEFT(UCASE(`lastname`), 1) = '" . $LetterView . "' ORDER BY `lastname`";
}
$result = mysqli_query ($this->_cn, $SQLStatement);
if (!$result) {
echo mysqli_error($this->_cn);
}
if ($row = mysqli_fetch_array($result, MYSQLI_BOTH)) {
do {
$entryid = $row["entryid"];
$ab_entry[$entryid]['userid'] = $row["userid"];
$ab_entry[$entryid]['firstname'] = $row["firstname"];
$ab_entry[$entryid]['lastname'] = $row["lastname"];
$ab_entry[$entryid]['email'] = $row["email"];
$ab_entry[$entryid]['id'] = $entryid;
$ab_entry[$entryid]['title'] = str_replace('"', """, stripslashes($row["title"]));
$ab_entry[$entryid]['homephone'] = str_replace('"', """, stripslashes($row["homephone"]));
$ab_entry[$entryid]['workphone'] = str_replace('"', """, stripslashes($row["workphone"]));
$ab_entry[$entryid]['cellphone'] = str_replace('"', """, stripslashes($row["cellphone"]));
$ab_entry[$entryid]['fax'] = str_replace('"', """, stripslashes($row["fax"]));
$ab_entry[$entryid]['homeaddress'] = stripslashes($row["homeaddress"]);
$ab_entry[$entryid]['workaddress'] = stripslashes($row["workaddress"]);
$ab_entry[$entryid]['url'] = stripslashes($row["url"]);
$ab_entry[$entryid]['notes'] = stripslashes($row["notes"]);
} while($row = mysqli_fetch_array($result, MYSQLI_BOTH));
}
return $ab_entry;
}
function DB_SearchList($searchparam) {
$SQLStatement = "SELECT * FROM `dwm-addressbook` WHERE (`userid` = '" . $this->_DBUserID . "' or `userid` = 0) AND (UCASE(`lastname`) LIKE '" . $searchparam . "%' OR UCASE(`firstname`) LIKE '" . $searchparam . "%' OR UCASE(`email`) LIKE '" . $searchparam . "%') ORDER BY `lastname`";
$result = mysqli_query ($this->_cn, $SQLStatement);
if (!$result) {
echo mysqli_error($this->_cn);
}
if ($row = mysqli_fetch_array($result, MYSQLI_BOTH)) {
do {
$entryid = $row["entryid"];
$ab_entry[$entryid]['userid'] = $row["userid"];
$ab_entry[$entryid]['firstname'] = $row["firstname"];
$ab_entry[$entryid]['lastname'] = $row["lastname"];
$ab_entry[$entryid]['email'] = $row["email"];
$ab_entry[$entryid]['id'] = $entryid;
} while($row = mysqli_fetch_array($result, MYSQLI_BOTH));
}
return $ab_entry;
}
function DB_GetGroupList() {
$SQLStatement = "SELECT * FROM `dwm-groups` WHERE `userid` = '" . $this->_DBUserID . "' ORDER BY `name`";
$result = mysqli_query ($this->_cn, $SQLStatement);
if (!$result) {
echo mysqli_error($this->_cn);
}
if ($row = mysqli_fetch_array($result, MYSQLI_BOTH)) {
do {
$entryid = $row["id"];
$ab_entry[$entryid]['groupname'] = $row["name"];
$resultcount = mysqli_query ($this->_cn, "SELECT * FROM `dwm-groupmembers` WHERE `userid` = '" . $this->_DBUserID . "' AND `groupid` = " . $entryid);
$NumberofMembers = mysqli_num_rows($resultcount);
$ab_entry[$entryid]['count'] = $NumberofMembers;
$ab_entry[$entryid]['id'] = $entryid;
} while($row = mysqli_fetch_array($result, MYSQLI_BOTH));
}
return $ab_entry;
}
function DB_GetEntryDetails($entryid) {
$result = mysqli_query ($this->_cn, "SELECT * FROM `dwm-addressbook` WHERE (`userid` = '" . $this->_DBUserID . "' OR `userid` = '0') AND `entryid` = $entryid ORDER BY `lastname` LIMIT 0,1");
if (!$result) {
echo mysqli_error($this->_cn);
}
if ($row = mysqli_fetch_array($result, MYSQLI_BOTH)) {
$entrydetails['userid'] = $row["userid"];
$entrydetails['firstname'] = str_replace('"', """, stripslashes($row["firstname"]));
$entrydetails['lastname'] = str_replace('"', """, stripslashes($row["lastname"]));
$entrydetails['email'] = str_replace('"', """, stripslashes($row["email"]));
$entrydetails['title'] = str_replace('"', """, stripslashes($row["title"]));
$entrydetails['homephone'] = str_replace('"', """, stripslashes($row["homephone"]));
$entrydetails['workphone'] = str_replace('"', """, stripslashes($row["workphone"]));
$entrydetails['cellphone'] = str_replace('"', """, stripslashes($row["cellphone"]));
$entrydetails['fax'] = str_replace('"', """, stripslashes($row["fax"]));
$entrydetails['homeaddress'] = stripslashes($row["homeaddress"]);
$entrydetails['workaddress'] = stripslashes($row["workaddress"]);
$entrydetails['url'] = stripslashes($row["url"]);
$entrydetails['notes'] = stripslashes($row["notes"]);
}
else {
$entrydetails['lastname'] = "Invalid ID";
}
return $entrydetails;
}
function DB_GetGroupDetails($entryid) {
$result = mysqli_query ($this->_cn, "SELECT * FROM `dwm-groups` WHERE `userid` = '" . $this->_DBUserID . "' AND `id` = $entryid ORDER BY `name` LIMIT 0,1");
if (!$result) {
echo mysqli_error($this->_cn);
}
if ($row = mysqli_fetch_array($result, MYSQLI_BOTH)) {
$entrydetails['name'] = str_replace('"', """, stripslashes($row["name"]));
}
else {
$entrydetails['name'] = "Invalid ID";
}
return $entrydetails;
}
function DB_FindGroup($searchname) {
$resultcount = mysqli_query ($this->_cn, "SELECT * FROM `dwm-groups` WHERE `name` = '" . trim(strip_tags(addslashes($searchname))) . "' AND `userid` = " . $this->_DBUserID);
$NumberofResults = mysqli_num_rows($resultcount);
if ($NumberofResults > 1) {
// Oops we have found too many groups, to be safe we are going to drop this and return false
return FALSE;
}
elseif ($NumberofResults == 0) {
// Oops we have found too many groups, to be safe we are going to drop this and return false
return FALSE;
}
else {
// Good we have only found one group matching the request
$result = mysqli_query ($this->_cn, "SELECT * FROM `dwm-groups` WHERE `name` = '" . trim(strip_tags(addslashes($searchname))) . "' AND `userid` = '" . $this->_DBUserID . "' LIMIT 0,1");
if (!$result) {
echo mysqli_error($this->_cn);
}
if ($row = mysqli_fetch_array($result, MYSQLI_BOTH)) {
$groupid = $row["id"];
$result2 = mysqli_query ($this->_cn, "SELECT * FROM `dwm-groupmembers` WHERE `userid` = '" . $this->_DBUserID . "' AND `groupid` = " . $groupid);
if ($row2 = mysqli_fetch_array($result2, MYSQLI_BOTH)) {
do {
$lookupid = $row2["addressbookid"];
$result3 = mysqli_query ($this->_cn, "SELECT * FROM `dwm-addressbook` WHERE `userid` = '" . $this->_DBUserID . "' AND `entryid` = " . $lookupid);
if ($row3 = mysqli_fetch_array($result3, MYSQLI_BOTH)) {
$entrydetails[$lookupid]['firstname'] = stripslashes($row3["firstname"]);
$entrydetails[$lookupid]['lastname'] = stripslashes($row3["lastname"]);
$entrydetails[$lookupid]['email'] = stripslashes($row3["email"]);
}
} while($row2 = mysqli_fetch_array($result2, MYSQLI_BOTH));
}
}
return $entrydetails;
}
}
function DB_GetGroupMembers($entryid = 0) {
$result = mysqli_query ($this->_cn, "SELECT * FROM `dwm-addressbook` WHERE `userid` = '" . $this->_DBUserID . "' ORDER BY `lastname`");
if (!$result) {
echo mysqli_error($this->_cn);
}
if ($row = mysqli_fetch_array($result, MYSQLI_BOTH)) {
do {
$addressbookid = $row["entryid"];
if ($entryid > 0) {
$resultcount = mysqli_query ($this->_cn, "SELECT * FROM `dwm-groupmembers` WHERE `userid` = '" . $this->_DBUserID . "' AND `groupid` = " . $entryid . " AND `addressbookid` = " . $addressbookid);
$ismember = mysqli_num_rows($resultcount);
}
else {
$ismember = 0;
}
$ab_entry[$addressbookid]['firstname'] = $row["firstname"];
$ab_entry[$addressbookid]['lastname'] = $row["lastname"];
$ab_entry[$addressbookid]['email'] = $row["email"];
$ab_entry[$addressbookid]['id'] = $entryid;
$ab_entry[$addressbookid]['ismember'] = $ismember;
} while($row = mysqli_fetch_array($result, MYSQLI_BOTH));
}
return $ab_entry;
}
function DB_NewEntry($submitteddetails) {
$result = mysqli_query ($this->_cn, "INSERT INTO `dwm-addressbook` (`userid`, `lastname`, `firstname`, `email`, `title`, `homephone`, `workphone`, `cellphone`, `fax`, `homeaddress`, `workaddress`, `url`, `notes`) VALUES ('" . $this->_DBUserID . "', '" . $submitteddetails['lastname'] . "', '" . $submitteddetails['firstname'] . "', '" . $submitteddetails['email'] . "', '" . $submitteddetails['title'] . "', '" . $submitteddetails['homephone'] . "', '" . $submitteddetails['workphone'] . "', '" . $submitteddetails['cellphone'] . "', '" . $submitteddetails['fax'] . "', '" . $submitteddetails['homeaddress'] . "', '" . $submitteddetails['workaddress'] . "', '" . $submitteddetails['url'] . "', '" . $submitteddetails['notes'] . "')");
if (!$result) {
echo mysqli_error($this->_cn);
}
return $result;
}
function DB_NewGroup($submitteddetails) {
$resultcount = mysqli_query ($this->_cn, "SELECT * FROM `dwm-groups` WHERE `userid` = '" . $this->_DBUserID . "' AND `name` = '" . addslashes($submitteddetails['name']) . "'");
$checkexist = mysqli_num_rows($resultcount);
if ($checkexist == 0) {
$result = mysqli_query ($this->_cn, "INSERT INTO `dwm-groups` (`userid`, `name`) VALUES ('" . $this->_DBUserID . "', '" . addslashes($submitteddetails['name']) . "')");
if (!$result) {
echo mysqli_error($this->_cn);
}
$newgroupid = mysqli_insert_id($this->_cn);
if (is_array($submitteddetails['members'])) {
while(list($key, $value) = each($submitteddetails['members'])) {
$result2 = mysqli_query ($this->_cn, "INSERT INTO `dwm-groupmembers` (`userid`, `groupid`, `addressbookid`) VALUES ('" . $this->_DBUserID . "', " . $newgroupid . ", " . $submitteddetails['members'][$key] . ")");
if (!$result2) {
echo mysqli_error($this->_cn);
}
}
}
return $result;
}
else {
return FALSE;
}
}
function DB_UpdateEntry($entryid, $submitteddetails) {
$result = mysqli_query ($this->_cn, "UPDATE `dwm-addressbook` SET `lastname` = '" . $submitteddetails['lastname'] . "', `firstname` = '" . $submitteddetails['firstname'] . "', `email` = '" . $submitteddetails['email'] . "', `title` = '" . $submitteddetails['title'] . "', `homephone` = '" . $submitteddetails['homephone'] . "', `workphone` = '" . $submitteddetails['workphone'] . "', `cellphone` = '" . $submitteddetails['cellphone'] . "', `fax` = '" . $submitteddetails['fax'] . "', `homeaddress` = '" . $submitteddetails['homeaddress'] . "', `workaddress` = '" . $submitteddetails['workaddress'] . "', `url` = '" . $submitteddetails['url'] . "', `notes` = '" . $submitteddetails['notes'] . "' WHERE userid = '" . $this->_DBUserID . "' AND entryid = " . $entryid);
if (!$result) {
echo mysqli_error($this->_cn);
}
return $result;
}
function DB_UpdateGroup($entryid, $submitteddetails) {
$result = mysqli_query ($this->_cn, "UPDATE `dwm-groups` SET `name` = '" . $submitteddetails['name'] . "' WHERE userid = '" . $this->_DBUserID . "' AND `id` = " . $entryid);
if (!$result) {
echo mysqli_error($this->_cn);
}
$result2 = mysqli_query ($this->_cn, "DELETE FROM `dwm-groupmembers` WHERE `userid` = '" . $this->_DBUserID . "' AND `groupid` = " . $entryid);
if (!$result2) {
echo mysqli_error($this->_cn);
}
if (is_array($submitteddetails['members'])) {
while(list($key, $value) = each($submitteddetails['members'])) {
$result3 = mysqli_query ($this->_cn, "INSERT INTO `dwm-groupmembers` (`userid`, `groupid`, `addressbookid`) VALUES ('" . $this->_DBUserID . "', " . $entryid . ", " . $submitteddetails['members'][$key] . ")");
if (!$result3) {
echo mysqli_error($this->_cn);
}
}
}
return $result;
}
function DB_DeleteEntry($entryid) {
$result = mysqli_query ($this->_cn, "DELETE FROM `dwm-addressbook` WHERE userid = '" . $this->_DBUserID . "' AND entryid = " . $entryid);
if (!$result) {
echo mysqli_error($this->_cn);
}
return $result;
}
function DB_DeleteGroup($entryid) {
$result = mysqli_query ($this->_cn, "DELETE FROM `dwm-groupmembers` WHERE userid = '" . $this->_DBUserID . "' AND groupid = " . $entryid);
$result2 = mysqli_query ($this->_cn, "DELETE FROM `dwm-groups` WHERE userid = '" . $this->_DBUserID . "' AND id = " . $entryid);
return $result2;
}
function DB_EntryExist($emailcheck) {
$resultcount = mysqli_query ($this->_cn, "SELECT * FROM `dwm-addressbook` WHERE `userid` = '" . $this->_DBUserID . "' AND `email` = '" . trim($emailcheck) . "'");
$emailexist = mysqli_num_rows($resultcount);
if ($emailexist >= 1) {
return TRUE;
}
else {
return FALSE;
}
}
function DB_CopyContacts($oldid) {
$result = mysqli_query ($this->_cn, "SELECT * FROM `dwm-addressbook` WHERE `userid` = $oldid");
if (!$result) {
$errors .= mysqli_error($this->_cn);
}
if ($row = mysqli_fetch_array($result, MYSQLI_BOTH)) {
do {
$lastname = stripslashes($row["lastname"]);
$firstname = stripslashes($row["firstname"]);
$email = stripslashes($row["email"]);
$title = stripslashes($row["title"]);
$homephone = stripslashes($row["homephone"]);
$workphone = stripslashes($row["workphone"]);
$cellphone = stripslashes($row["cellphone"]);
$fax = stripslashes($row["fax"]);
$homeaddress = stripslashes($row["homeaddress"]);
$workaddress = stripslashes($row["workaddress"]);
$url = stripslashes($row["url"]);
$notes = stripslashes($row["notes"]);
$result2 = mysqli_query ($this->_cn, "INSERT INTO `dwm-addressbook` (`userid`, `lastname`, `firstname`, `email`, `title`, `homephone`, `workphone`, `cellphone`, `fax`, `homeaddress`, `workaddress`, `url`, `notes`) VALUES ('" . $this->_DBUserID . "', '" . addslashes($lastname) . "', '" . addslashes($firstname) . "', '" . addslashes($email) . "', '" . addslashes($title) . "', '" . addslashes($homephone) . "', '" . addslashes($workphone) . "', '" . addslashes($cellphone) . "', '" . addslashes($fax) . "', '" . addslashes($homeaddress) . "', '" . addslashes($workaddress) . "', '" . addslashes($url) . "', '" . addslashes($notes) . "')");
if (!$result2) {
$errors .= mysqli_error($this->_cn);
}
} while($row = mysqli_fetch_array($result, MYSQLI_BOTH));
}
return $errors;
}
/*
CALENDAR FUNCTIONS
------------------
*/
function DB_CalDateCheck($currentdate) {
$resultcount = mysqli_query ($this->_cn, "SELECT * FROM `dwm-calendar` WHERE `userid` = '" . $this->_DBUserID . "' AND '" . $currentdate . "' BETWEEN `starttime` AND `endtime`");
$this->_daycount = mysqli_num_rows($resultcount);
$result = mysqli_query ($this->_cn, "SELECT `entryid`, HOUR(`starttime`) AS starthour, MINUTE(`starttime`) AS startminute, HOUR(`endtime`) AS endhour, MINUTE(`endtime`) AS endminute, DATE_FORMAT(`starttime`, '%d/%m/%y') as startdate, DATE_FORMAT(`endtime`, '%d/%m/%y') as enddate, `subject`, `recur` FROM `dwm-calendar` WHERE `userid` = '" . $this->_DBUserID . "' AND '" . $currentdate . "' BETWEEN DATE_FORMAT(`starttime`, '%Y-%m-%d') AND DATE_FORMAT(`endtime`, '%Y-%m-%d')");
if (!$result) {
echo mysqli_error($this->_cn);
}
if ($row = mysqli_fetch_array($result, MYSQLI_BOTH)) {
do {
$entryid = $row["entryid"];
$cal_entry[$entryid]['starthour'] = $row["starthour"];
$cal_entry[$entryid]['startminute'] = $row["startminute"];
$cal_entry[$entryid]['startdate'] = $row["startdate"];
$cal_entry[$entryid]['endhour'] = $row["endhour"];
$cal_entry[$entryid]['endminute'] = $row["endminute"];
$cal_entry[$entryid]['enddate'] = $row["enddate"];
$cal_entry[$entryid]['recur'] = $row["recur"];
$cal_entry[$entryid]['subject'] = stripslashes($row["subject"]);
$cal_entry[$entryid]['id'] = $entryid;
} while($row = mysqli_fetch_array($result, MYSQLI_BOTH));
}
return $cal_entry;
}
function DB_CalRecurCheck($currentdate, $day, $month, $year, $dow) {
$ReturnStatus = FALSE;
// Check every day events
$result = mysqli_query ($this->_cn, "SELECT a.`entryid`, b.`type`, b.`extras`, HOUR(a.`starttime`) AS starthour, MINUTE(a.`starttime`) AS startminute, HOUR(a.`endtime`) AS endhour, MINUTE(a.`endtime`) AS endminute, DATE_FORMAT(a.`starttime`, '%d/%m/%y') as startdate, DATE_FORMAT(a.`endtime`, '%d/%m/%y') as enddate, a.`subject` FROM `dwm-calendar` a, `dwm-recurring` b WHERE a.`recur` = '1' AND a.`entryid` = b.`calendarid` AND b.`type` = '1' AND b.`extras` = '1' AND a.`userid` = '" . $this->_DBUserID . "' AND DATE_FORMAT(a.`starttime`, '%Y-%m-%d') < '$currentdate' AND DATE_FORMAT(b.`dtsuntil`, '%Y-%m-%d') > '$currentdate'");
if (!$result) {
echo mysqli_error($this->_cn);
}
if ($row = mysqli_fetch_array($result, MYSQLI_BOTH)) {
do {
$entryid = $row["entryid"];
$day_entry[$entryid]['starthour'] = $row["starthour"];
$day_entry[$entryid]['startminute'] = $row["startminute"];
$day_entry[$entryid]['startdate'] = $row["startdate"];
$day_entry[$entryid]['endhour'] = $row["endhour"];
$day_entry[$entryid]['endminute'] = $row["endminute"];
$day_entry[$entryid]['enddate'] = $row["enddate"];
$day_entry[$entryid]['subject'] = stripslashes($row["subject"]);
$day_entry[$entryid]['id'] = $entryid;
$ReturnStatus = TRUE;
} while($row = mysqli_fetch_array($result, MYSQLI_BOTH));
}
// Check week day events
$result = mysqli_query ($this->_cn, "SELECT a.`entryid`, b.`type`, b.`extras`, HOUR(a.`starttime`) AS starthour, MINUTE(a.`starttime`) AS startminute, HOUR(a.`endtime`) AS endhour, MINUTE(a.`endtime`) AS endminute, DATE_FORMAT(a.`starttime`, '%d/%m/%y') as startdate, DATE_FORMAT(a.`endtime`, '%d/%m/%y') as enddate, a.`subject` FROM `dwm-calendar` a, `dwm-recurring` b WHERE a.`recur` = '1' AND a.`entryid` = b.`calendarid` AND b.`type` = '1' AND b.`extras` = '2' AND a.`userid` = '" . $this->_DBUserID . "' AND DATE_FORMAT(a.`starttime`, '%Y-%m-%d') < '$currentdate' AND DATE_FORMAT(b.`dtsuntil`, '%Y-%m-%d') > '$currentdate' AND DAYOFWEEK('$currentdate') > 1 AND DAYOFWEEK('$currentdate') < 7");
if (!$result) {
echo mysqli_error($this->_cn);
}
if ($row = mysqli_fetch_array($result, MYSQLI_BOTH)) {
do {
$entryid = $row["entryid"];
$weekday_entry[$entryid]['starthour'] = $row["starthour"];
$weekday_entry[$entryid]['startminute'] = $row["startminute"];
$weekday_entry[$entryid]['startdate'] = $row["startdate"];
$weekday_entry[$entryid]['endhour'] = $row["endhour"];
$weekday_entry[$entryid]['endminute'] = $row["endminute"];
$weekday_entry[$entryid]['enddate'] = $row["enddate"];
$weekday_entry[$entryid]['subject'] = stripslashes($row["subject"]);
$weekday_entry[$entryid]['id'] = $entryid;
$ReturnStatus = TRUE;
} while($row = mysqli_fetch_array($result, MYSQLI_BOTH));
}
// Check weekly events
$result = mysqli_query ($this->_cn, "SELECT a.`entryid`, b.`type`, b.`extras`, HOUR(a.`starttime`) AS starthour, MINUTE(a.`starttime`) AS startminute, HOUR(a.`endtime`) AS endhour, MINUTE(a.`endtime`) AS endminute, DATE_FORMAT(a.`starttime`, '%d/%m/%y') as startdate, DATE_FORMAT(a.`endtime`, '%d/%m/%y') as enddate, a.`subject` FROM `dwm-calendar` a, `dwm-recurring` b WHERE a.`recur` = '1' AND a.`entryid` = b.`calendarid` AND b.`type` = '2' AND a.`userid` = '" . $this->_DBUserID . "' AND DAYOFWEEK(a.`starttime`) = '$dow' AND DATE_FORMAT(a.`starttime`, '%Y-%m-%d') < '$currentdate' AND DATE_FORMAT(b.`dtsuntil`, '%Y-%m-%d') > '$currentdate'");
if (!$result) {
echo mysqli_error($this->_cn);
}
if ($row = mysqli_fetch_array($result, MYSQLI_BOTH)) {
do {
$entryid = $row["entryid"];
$week_entry[$entryid]['starthour'] = $row["starthour"];
$week_entry[$entryid]['startminute'] = $row["startminute"];
$week_entry[$entryid]['startdate'] = $row["startdate"];
$week_entry[$entryid]['endhour'] = $row["endhour"];
$week_entry[$entryid]['endminute'] = $row["endminute"];
$week_entry[$entryid]['enddate'] = $row["enddate"];
$week_entry[$entryid]['subject'] = stripslashes($row["subject"]);
$week_entry[$entryid]['id'] = $entryid;
$ReturnStatus = TRUE;
} while($row = mysqli_fetch_array($result, MYSQLI_BOTH));
}
// Check monthly events
$result = mysqli_query ($this->_cn, "SELECT a.`entryid`, b.`type`, b.`extras`, HOUR(a.`starttime`) AS starthour, MINUTE(a.`starttime`) AS startminute, HOUR(a.`endtime`) AS endhour, MINUTE(a.`endtime`) AS endminute, DATE_FORMAT(a.`starttime`, '%d/%m/%y') as startdate, DATE_FORMAT(a.`endtime`, '%d/%m/%y') as enddate, a.`subject` FROM `dwm-calendar` a, `dwm-recurring` b WHERE a.`recur` = '1' AND a.`entryid` = b.`calendarid` AND b.`type` = '3' AND a.`userid` = '" . $this->_DBUserID . "' AND DAYOFMONTH(a.`starttime`) = '$day' AND DATE_FORMAT(a.`starttime`, '%Y-%m-%d') < '$currentdate' AND DATE_FORMAT(b.`dtsuntil`, '%Y-%m-%d') > '$currentdate'");
if (!$result) {
echo mysqli_error($this->_cn);
}
if ($row = mysqli_fetch_array($result, MYSQLI_BOTH)) {
do {
$entryid = $row["entryid"];
$month_entry[$entryid]['starthour'] = $row["starthour"];
$month_entry[$entryid]['startminute'] = $row["startminute"];
$month_entry[$entryid]['startdate'] = $row["startdate"];
$month_entry[$entryid]['endhour'] = $row["endhour"];
$month_entry[$entryid]['endminute'] = $row["endminute"];
$month_entry[$entryid]['enddate'] = $row["enddate"];
$month_entry[$entryid]['subject'] = stripslashes($row["subject"]);
$month_entry[$entryid]['id'] = $entryid;
$ReturnStatus = TRUE;
} while($row = mysqli_fetch_array($result, MYSQLI_BOTH));
}
// Check yearly events
$tzcurrdate = strtotime("$year-$month-$day");
$dayofyear = (date("z", $tzcurrdate) + 1);
$result = mysqli_query ($this->_cn, "SELECT a.`entryid`, b.`type`, b.`extras`, HOUR(a.`starttime`) AS starthour, MINUTE(a.`starttime`) AS startminute, HOUR(a.`endtime`) AS endhour, MINUTE(a.`endtime`) AS endminute, DATE_FORMAT(a.`starttime`, '%d/%m/%y') as startdate, DATE_FORMAT(a.`endtime`, '%d/%m/%y') as enddate, a.`subject` FROM `dwm-calendar` a, `dwm-recurring` b WHERE a.`recur` = '1' AND a.`entryid` = b.`calendarid` AND b.`type` = '4' AND a.`userid` = '" . $this->_DBUserID . "' AND DAYOFYEAR(a.`starttime`) = '$dayofyear' AND DATE_FORMAT(a.`starttime`, '%Y-%m-%d') < '$currentdate' AND DATE_FORMAT(b.`dtsuntil`, '%Y-%m-%d') > '$currentdate'");
if (!$result) {
echo mysqli_error($this->_cn);
}
if ($row = mysqli_fetch_array($result, MYSQLI_BOTH)) {
do {
$entryid = $row["entryid"];
$year_entry[$entryid]['starthour'] = $row["starthour"];
$year_entry[$entryid]['startminute'] = $row["startminute"];
$year_entry[$entryid]['startdate'] = $row["startdate"];
$year_entry[$entryid]['endhour'] = $row["endhour"];
$year_entry[$entryid]['endminute'] = $row["endminute"];
$year_entry[$entryid]['enddate'] = $row["enddate"];
$year_entry[$entryid]['subject'] = stripslashes($row["subject"]);
$year_entry[$entryid]['id'] = $entryid;
$ReturnStatus = TRUE;
} while($row = mysqli_fetch_array($result, MYSQLI_BOTH));
}
$this->_dayrecur = $day_entry;
unset ($day_entry);
$this->_weekdayrecur = $weekday_entry;
unset ($weekday_entry);
$this->_weekrecur = $week_entry;
unset ($week_entry);
$this->_monthrecur = $month_entry;
unset ($month_entry);
$this->_yearrecur = $year_entry;
unset ($year_entry);
return $ReturnStatus;
}
function DB_GetCalDetails($entryid) {
$result = mysqli_query ($this->_cn, "SELECT `entryid`, `url`, `uid`, HOUR(`starttime`) AS starthour, MINUTE(`starttime`) AS startminute, HOUR(`endtime`) AS endhour, MINUTE(`endtime`) AS endminute, DATE_FORMAT(`starttime`, '%d') as startday, DATE_FORMAT(`starttime`, '%m') as startmonth, DATE_FORMAT(`starttime`, '%Y') as startyear, DATE_FORMAT(`endtime`, '%d') as endday, DATE_FORMAT(`endtime`, '%m') as endmonth, DATE_FORMAT(`endtime`, '%Y') as endyear, `subject`, `location`, `description`, `recur` FROM `dwm-calendar` WHERE `userid` = '" . $this->_DBUserID . "' AND entryid = '" . $entryid . "'");
if (!$result) {
echo mysqli_error($this->_cn);
}
if ($row = mysqli_fetch_array($result, MYSQLI_BOTH)) {
$entryid = $row["entryid"];
$cal_entry['starthour'] = $row["starthour"];
$cal_entry['startminute'] = $row["startminute"];
$cal_entry['startday'] = $row["startday"];
$cal_entry['startmonth'] = $row["startmonth"];
$cal_entry['startyear'] = $row["startyear"];
$cal_entry['endhour'] = $row["endhour"];
$cal_entry['endminute'] = $row["endminute"];
$cal_entry['endday'] = $row["endday"];
$cal_entry['endmonth'] = $row["endmonth"];
$cal_entry['endyear'] = $row["endyear"];
$cal_entry['uid'] = $row["uid"];
$cal_entry['recur']['set'] = $row["recur"];
$cal_entry['subject'] = str_replace('"', """, stripslashes($row["subject"]));
$cal_entry['description'] = stripslashes($row["description"]);
$cal_entry['location'] = str_replace('"', """, stripslashes($row["location"]));
$cal_entry['url'] = str_replace('"', """, stripslashes($row["url"]));
$cal_entry['id'] = $entryid;
$i=0;
$result2 = mysqli_query ($this->_cn, "SELECT `name`, `email`, `status` FROM `dwm-attendees` WHERE `userid` = '" . $this->_DBUserID . "' AND calendarid = '" . $entryid . "' ORDER BY `name` DESC, `email` DESC");
if (!$result2) {
echo mysqli_error($this->_cn);
}
if ($row2 = mysqli_fetch_array($result2, MYSQLI_BOTH)) {
do {
$cal_entry['attendees'][$i]['name'] = stripslashes($row2["name"]);
$cal_entry['attendees'][$i]['email'] = stripslashes($row2["email"]);
$cal_entry['attendees'][$i]['status'] = stripslashes($row2["status"]);
$i++;
} while($row2 = mysqli_fetch_array($result2, MYSQLI_BOTH));
}
}
return $cal_entry;
}
function DB_GetCalRecurDetails($entryid) {
$result = mysqli_query ($this->_cn, "SELECT `entryid`, `type`, `dtsuntil`, `numrecurrences`, `extras` FROM `dwm-recurring` WHERE `calendarid` = '" . $entryid . "'");
if (!$result) {
echo mysqli_error($this->_cn);
}
if ($row = mysqli_fetch_array($result, MYSQLI_BOTH)) {
$entryid = $row["entryid"];
$datetimesplit = explode(" ", $row["dtsuntil"]);
$datesplit = explode("-", $datetimesplit[0]);
$recur_entry['datetime'] = $datesplit[0] . $datesplit[1] . $datesplit[2] . 'T000000Z';
$recur_entry['year'] = $datesplit[0];
$recur_entry['month'] = $datesplit[1];
$recur_entry['day'] = $datesplit[2];
$recur_entry['type'] = $row["type"];
$recur_entry['numrecurrences'] = $row["numrecurrences"];
$recur_entry['extras'] = $row["extras"];
$recur_entry['id'] = $entryid;
}
return $recur_entry;
}
function DB_CalNewRecipients($users, $cal_addentry) {
for ($i=0;$i<sizeof($users);$i++) {
$result = mysqli_query ($this->_cn, "INSERT INTO `dwm-attendees` (`userid`, `calendarid`, `name`, `email`, `status`) VALUES ('" . $this->_DBUserID . "', '" . $cal_addentry . "', '" . addslashes($users[$i]['name']) . "', '" . addslashes($users[$i]['email']) . "', 'not responded')");
if (!$result) {
echo mysqli_error($this->_cn);
}
}
return true;
}
function DB_CalNewEntry($submitteddetails) {
$result = mysqli_query ($this->_cn, "INSERT INTO `dwm-calendar` (`userid`, `subject`, `location`, `description`, `starttime`, `endtime`, `url`, `uid`, `recur`) VALUES ('" . $this->_DBUserID . "', '" . $submitteddetails['subject'] . "', '" . $submitteddetails['location'] . "', '" . $submitteddetails['description'] . "', '" . $submitteddetails['starttime'] . "', '" . $submitteddetails['endtime'] . "', '" . $submitteddetails['url'] . "', '" . $submitteddetails['uid'] . "', '" . $submitteddetails['recur']['set'] . "')");
if (!$result) {
echo mysqli_error($this->_cn);
}
$returnid = mysqli_insert_id($this->_cn);
if ($submitteddetails['recur']['set'] == 1) {
$result = mysqli_query ($this->_cn, "INSERT INTO `dwm-recurring` (`calendarid`, `type`, `extras`, `dtsuntil`) VALUES ('" . $returnid . "', '" . $submitteddetails['recur']['type'] . "', '" . $submitteddetails['recur']['extras'] . "', '" . $submitteddetails['recur']['date'] . "')");
if (!$result) {
echo mysqli_error($this->_cn);
}
}
return $returnid;
}
function DB_CalUpdateEntry($entryid, $submitteddetails) {
$result = mysqli_query ($this->_cn, "UPDATE `dwm-calendar` SET `subject` = '" . $submitteddetails['subject'] . "', `location` = '" . $submitteddetails['location'] . "', `description` = '" . $submitteddetails['description'] . "', `starttime` = '" . $submitteddetails['starttime'] . "', `endtime` = '" . $submitteddetails['endtime'] . "', `url` = '" . $submitteddetails['url'] . "', `recur` = '" . $submitteddetails['recur']['set'] . "' WHERE `userid` = '" . $this->_DBUserID . "' AND `entryid` = " . $entryid);
if (!$result) {
echo mysqli_error($this->_cn);
}
if ($submitteddetails['recur']['set'] == 1) {
$result = mysqli_query ($this->_cn, "UPDATE `dwm-recurring` SET `type` = '" . $submitteddetails['recur']['type'] . "', `extras` = '" . $submitteddetails['recur']['extras'] . "' WHERE `calendarid` = '" . $entryid . "', `dtsuntil` = '" . $submitteddetails['recur']['date'] . "'");
if (!$result) {
echo mysqli_error($this->_cn);
}
}
return $result;
}
function DB_AddUID($uid, $entryid) {
$result = mysqli_query ($this->_cn, "UPDATE `dwm-calendar` SET `uid` = '" . $uid . "' WHERE userid = '" . $this->_DBUserID . "' AND entryid = " . $entryid);
if (!$result) {
echo mysqli_error($this->_cn);
}
return $result;
}
function DB_AttendeeStatus($entryid, $address, $status) {
if (strtoupper($status) == 'ACCEPTED') {
$statussave = 'accepted';
}
else {
$statussave = 'declined';
}
if (isset($statussave)) {
$result = mysqli_query ($this->_cn, "UPDATE `dwm-attendees` SET `status` = '" . $statussave . "' WHERE userid = '" . $this->_DBUserID . "' AND email = '" . $address . "' AND calendarid = '" . $entryid . "'");
if (!$result) {
echo mysqli_error($this->_cn);
}
}
return $result;
}
function DB_CheckUID($uid) {
$result = mysqli_query ($this->_cn, "SELECT * FROM `dwm-calendar` WHERE userid = '" . $this->_DBUserID . "' AND `uid` = '" . $uid . "'");
if (!$result) {
echo mysqli_error($this->_cn);
}
if ($row = mysqli_fetch_array($result, MYSQLI_BOTH)) {
$entryid = $row["entryid"];
}
return $entryid;
}
function DB_CalDeleteEntry($entryid) {
$result = mysqli_query ($this->_cn, "DELETE FROM `dwm-calendar` WHERE userid = '" . $this->_DBUserID . "' AND `entryid` = " . $entryid);
if (!$result) {
echo mysqli_error($this->_cn);
}
return $result;
}
function DB_CopyCalendar($oldid) {
$result = mysqli_query ($this->_cn, "SELECT * FROM `dwm-calendar` WHERE `userid` = $oldid");
if (!$result) {
$errors .= mysqli_error($this->_cn);
}
if ($row = mysqli_fetch_array($result, MYSQLI_BOTH)) {
do {
$starttime = $row["starttime"];
$endtime = $row["endtime"];
$subject = stripslashes($row["subject"]);
$description = stripslashes($row["description"]);
$location = stripslashes($row["location"]);
$url = stripslashes($row["url"]);
$uid = stripslashes($row["uid"]);
$result2 = mysqli_query ($this->_cn, "INSERT INTO `dwm-calendar` (`userid`, `subject`, `location`, `description`, `starttime`, `endtime`, `url`, `uid`) VALUES ('" . $this->_DBUserID . "', '" . addslashes($subject) . "', '" . addslashes($location) . "', '" . addslashes($description) . "', '" . $starttime . "', '" . $endtime . "', '" . addslashes($url) . "', '" . addslashes($uid) . "')");
if (!$result2) {
$errors .= mysqli_error($this->_cn);
}
} while($row = mysqli_fetch_array($result, MYSQLI_BOTH));
}
$result = mysqli_query ($this->_cn, "SELECT * FROM `dwm-attendees` WHERE `userid` = $oldid");
if (!$result) {
$errors .= mysqli_error($this->_cn);
}
if ($row = mysqli_fetch_array($result, MYSQLI_BOTH)) {
do {
$calendarid = $row["calendarid"];
$name = stripslashes($row["name"]);
$email = stripslashes($row["email"]);
$status = stripslashes($row["status"]);
$result2 = mysqli_query ($this->_cn, "INSERT INTO `dwm-attendees` (`userid`, `calendarid`, `name`, `email`, `status`) VALUES ('" . $this->_DBUserID . "', '" . $calendarid . "', '" . addslashes($name) . "', '" . addslashes($email) . "', '" . addslashes($status) . "')");
if (!$result2) {
$errors .= mysqli_error($this->_cn);
}
} while($row = mysqli_fetch_array($result, MYSQLI_BOTH));
}
return $errors;
}
/*
PREFERENCES FUNCTIONS
---------------------
*/
function DB_GetPrefs($type, $oldid = '') {
if ($type == "") {
$type = 'standard';
}
if ($oldid <> '') {
$result = mysqli_query ($this->_cn, "SELECT * FROM `dwm-prefs` WHERE `userid` = '$oldid' AND `type` = '" . $type . "'");
}
else {
$result = mysqli_query ($this->_cn, "SELECT * FROM `dwm-prefs` WHERE `userid` = '" . $this->_DBUserID . "' AND `type` = '" . $type . "'");
}
if (!$result) {
echo mysqli_error($this->_cn);
}
if ($row = mysqli_fetch_array($result, MYSQLI_BOTH)) {
$prefs = stripslashes($row["setting"]);
return $prefs;
}
else {
return FALSE;
}
}
function DB_UpdatePrefs($newprefs, $type) {
$newprefs = addslashes($newprefs);
if ($type == "") {
$type = 'standard';
}
$resultcount = mysqli_query ($this->_cn, "SELECT * FROM `dwm-prefs` WHERE `userid` = '" . $this->_DBUserID . "' AND `type` = '" . $type . "'");
$alreadyexists = mysqli_num_rows($resultcount);
if ($alreadyexists > 0) {
$result = mysqli_query ($this->_cn, "UPDATE `dwm-prefs` SET `setting` = '" . $newprefs . "' WHERE `userid` = '" . $this->_DBUserID . "' AND `type` = '" . $type . "'");
if (!$result) {
echo mysqli_error($this->_cn);
}
}
else {
$result = mysqli_query ($this->_cn, "INSERT INTO `dwm-prefs` (`userid`, `type`, `setting`) VALUES ('" . $this->_DBUserID . "', '" . $type . "', '" . $newprefs . "')");
if (!$result) {
echo mysqli_error($this->_cn);
}
}
return $result;
}
function DB_DeletePrefs($type) {
if ($type == "all") {
$result = mysqli_query ($this->_cn, "DELETE FROM `dwm-prefs` WHERE `userid` = '" . $this->_DBUserID . "'");
}
else {
$result = mysqli_query ($this->_cn, "DELETE FROM `dwm-prefs` WHERE `userid` = '" . $this->_DBUserID . "' AND `type` = '" . $type . "'");
}
if (!$result) {
echo mysqli_error($this->_cn);
}
return $result;
}
function DB_GetHash($hash, $lookupid = 0, $forcereset = 0) {
if ($lookupid == 0) {
if ($forcereset == 0) {
$result = mysqli_query ($this->_cn, "SELECT * FROM `dwm-users` WHERE `id` = '" . $this->_DBUserID . "' AND `hash` <> ''");
if (!$result) {
echo mysqli_error($this->_cn);
}
if ($row = mysqli_fetch_array($result, MYSQLI_BOTH)) {
$hash = stripslashes($row["hash"]);
return $hash;
}
else {
$result = mysqli_query ($this->_cn, "UPDATE `dwm-users` SET `hash` = '" . $hash . "' WHERE `id` = '" . $this->_DBUserID . "'");
return $hash;
}
}
else {
$result = mysqli_query ($this->_cn, "UPDATE `dwm-users` SET `hash` = '" . $hash . "' WHERE `id` = '" . $this->_DBUserID . "'");
return $hash;
}
}
else {
$result = mysqli_query ($this->_cn, "SELECT * FROM `dwm-users` WHERE `id` = '" . $lookupid . "' AND `hash` = '" . $hash . "'");
if (!$result) {
echo mysqli_error($this->_cn);
}
if ($row = mysqli_fetch_array($result, MYSQLI_BOTH)) {
return TRUE;
}
else {
return FALSE;
}
}
}
/*
FILTERS FUNCTIONS
-----------------
*/
function DB_SaveFilter($needle, $haystack, $action, $folder) {
$needle = addslashes($needle);
$result = mysqli_query ($this->_cn, "INSERT INTO `dwm-filters` (`userid`, `needle`, `haystack-to`, `haystack-cc`, `haystack-from`, `haystack-subject`, `haystack-body`, `action`, `dest`) VALUES ('" . $this->_DBUserID . "', '" . $needle . "', '" . $haystack['to'] . "', '" . $haystack['cc'] . "', '" . $haystack['from'] . "', '" . $haystack['subject'] . "', '" . $haystack['body'] . "', '" . $action . "', '" . $folder . "')");
if (!$result) {
echo mysqli_error($this->_cn);
}
return $result;
}
function DB_GetFilters() {
$result = mysqli_query ($this->_cn, "SELECT * FROM `dwm-filters` WHERE `userid` = '" . $this->_DBUserID . "'");
if (!$result) {
echo mysqli_error($this->_cn);
}
if ($row = mysqli_fetch_array($result, MYSQLI_BOTH)) {
do {
$filterid = $row["id"];
$filterdetails[$filterid]['needle'] = stripslashes($row["needle"]);
$filterdetails[$filterid]['to'] = $row["haystack-to"];
$filterdetails[$filterid]['cc'] = $row["haystack-cc"];
$filterdetails[$filterid]['from'] = $row["haystack-from"];
$filterdetails[$filterid]['subject'] = $row["haystack-subject"];
$filterdetails[$filterid]['body'] = $row["haystack-body"];
$filterdetails[$filterid]['action'] = $row["action"];
$filterdetails[$filterid]['folder'] = stripslashes($row["dest"]);
} while($row = mysqli_fetch_array($result, MYSQLI_BOTH));
}
return $filterdetails;
}
function DB_DeleteFilter($entryid) {
$result = mysqli_query ($this->_cn, "DELETE FROM `dwm-filters` WHERE `userid` = '" . $this->_DBUserID . "' AND `id` = '" . $entryid . "'");
if (!$result) {
echo mysqli_error($this->_cn);
}
return $result;
}
function DB_GetAliasList() {
$result = mysqli_query ($this->_cn, "SELECT * FROM `dwm-alias` WHERE `userid` = '" . $this->_DBUserID . "'");
if (!$result) {
echo mysqli_error($this->_cn);
}
if ($row = mysqli_fetch_array($result, MYSQLI_BOTH)) {
do {
$aliasid = $row["id"];
$aliasdetails[$aliasid]['email'] = stripslashes($row["email"]);
$aliasdetails[$aliasid]['name'] = $row["name"];
} while($row = mysqli_fetch_array($result, MYSQLI_BOTH));
}
return $aliasdetails;
}
function DB_SaveAlias($email, $name, $id = '') {
$name = addslashes($name);
if ($id <> '' && $id <> 'new') {
$result = mysqli_query ($this->_cn, "UPDATE `dwm-alias` SET `email` = '$email', `name` = '$name' WHERE `userid` = '" . $this->_DBUserID . "' AND `id` = '$id'");
}
else {
$result = mysqli_query ($this->_cn, "INSERT INTO `dwm-alias` (`userid`, `email`, `name`) VALUES ('" . $this->_DBUserID . "', '" . $email . "', '" . $name . "')");
}
if (!$result) {
echo mysqli_error($this->_cn);
}
return $result;
}
function DB_DeleteAlias($entryid) {
$result = mysqli_query ($this->_cn, "DELETE FROM `dwm-alias` WHERE `userid` = '" . $this->_DBUserID . "' AND `id` = '" . $entryid . "'");
if (!$result) {
echo mysqli_error($this->_cn);
}
return $result;
}
/*
EXTERNAL ACCOUNT FUNCTIONS
--------------------------
*/
function DB_GetExternalList() {
$result = mysqli_query ($this->_cn, "SELECT * FROM `dwm-pop3` WHERE `userid` = '" . $this->_DBUserID . "' ORDER BY `popid` ASC");
if (!$result) {
echo mysqli_error($this->_cn);
}
$i = 0;
if ($row = mysqli_fetch_array($result, MYSQLI_BOTH)) {
do {
$this->_externallist[$i]['id'] = $row["id"];
$this->_externallist[$i]['sess_u'] = stripslashes($row["username"]);
$this->_externallist[$i]['sess_p'] = stripslashes($row["password"]);
if ($row["servertype"] == '') {
$this->_externallist[$i]['servertype'] = 'pop3';
}
else {
$this->_externallist[$i]['servertype'] = stripslashes($row["servertype"]);
}
$this->_externallist[$i]['mailserver'] = stripslashes($row["server"]);
$this->_externallist[$i]['portnumber'] = $row["port"];
$this->_externallist[$i]['leave'] = $row["leaveonserver"];
$this->_externallist[$i]['folder'] = $row["folder"];
$this->_externallist[$i]['email'] = $row["email"];
$i++;
} while($row = mysqli_fetch_array($result, MYSQLI_BOTH));
}
return $this->_externallist;
}
function DB_UpdateExternalList($list) {
$resultdel = mysqli_query ($this->_cn, "DELETE FROM `dwm-pop3` WHERE `userid` = '" . $this->_DBUserID . "'");
for ($i=0; $i<count($list); $i++) {
// Create new entry
if ($list[$i]['sess_u'] <> "" && $list[$i]['sess_p'] <> "") {
$result2 = mysqli_query ($this->_cn, "INSERT INTO `dwm-pop3` (`popid`, `userid`, `username`, `password`, `server`, `servertype`, `port`, `leaveonserver`, `folder`, `email`) VALUES ('$i', '" . $this->_DBUserID . "', '" . $list[$i]['sess_u'] . "', '" . $list[$i]['sess_p'] . "', '" . $list[$i]['mailserver'] . "', '" . $list[$i]['servertype'] . "', " . $list[$i]['portnumber'] . ", " . $list[$i]['leave'] . ", '" . $list[$i]['folder'] . "', '" . $list[$i]['email'] . "')");
if (!$result2) {
echo mysqli_error($this->_cn);
}
}
}
}
/*
GET BLOCKED DOMAINS
-------------------
*/
function DB_CheckBlocked($mailserver) {
$result = mysqli_query ($this->_cn, "SELECT * FROM `dwm-block` WHERE `domain` = '" . $mailserver . "'");
if (!$result) {
echo mysqli_error($this->_cn);
}
if ($row = mysqli_fetch_array($result, MYSQLI_BOTH)) {
$rowid = $row["id"];
return $rowid;
}
else {
return 0;
}
}
}
?>
|