errorno=".mysql_errno() ."

error=".mysql_error() ."

query=".$query ); // } return $local_result; } //Function: date_to_date //Source: Hervey Allen, NSRC, September 2002 //Use: This will format a date column in to the expected date // format for use with nsrc.org web page. The format is // "Updated: xn-MMM-YYYY" - or, 5-Aug-2001, and 10-Jan-1999, // Note that there is no leading "0". // Also Note, this is a different conversion from timestamp. function date_to_date ($date) { $formatted_year = substr($date,0,4); $formatted_month = substr($date,5,2); $formatted_day = substr($date,8,2); if (substr($formatted_day, 0, 1) == "0") { $formatted_day = substr($formatted_day, 1, 1); } switch ($formatted_month) { case "1": $formatted_month = "Jan"; break; case "2": $formatted_month = "Feb"; break; case "3": $formatted_month = "Mar"; break; case "4": $formatted_month = "Apr"; break; case "5": $formatted_month = "May"; break; case "6": $formatted_month = "Jun"; break; case "7": $formatted_month = "Jul"; break; case "8": $formatted_month = "Aug"; break; case "9": $formatted_month = "Sep"; break; case "10": $formatted_month = "Oct"; break; case "11": $formatted_month = "Nov"; break; case "12": $formatted_month = "Dec"; break; default: $formatted_month = "??"; } $formatted_date = $formatted_day ."-". $formatted_month ."-". $formatted_year; return $formatted_date; } //Function: date_to_ts //Source: Hervey Allen, ISOC, October 2003 //Use: This will format a date column to a UNIX timestamp. Note that // we don't have an actual time, so we set this to Noon, or '120000' // function date_to_ts ($date) { $year = substr($date,0,4); $month = substr($date,5,2); $day = substr($date,8,2); $timestamp = $year.$month.$day. "120000"; return $timestamp; } //Function: ts_to_date //Source: Hervey Allen, NSRC, September 2002 //Use: This will format a ts column in to the expected datea // format for use with nsrc.org web page. The format is // "Updated: xn-MMM-YYYY" - or, 5-Aug-2001, and 10-Jan-1999, // Note that there is no leading "0". function ts_to_date ($ts) { $formatted_date = substr($ts,0,8); $formatted_year = substr($formatted_date, 0, 4); $formatted_month = substr($formatted_date, 4, 2); if (substr($formatted_month, 0, 1) == "0") { $formatted_month = substr($formatted_month, 1, 1); } $formatted_day = substr($formatted_date, 6, 2); if (substr($formatted_day, 0, 1) == "0") { $formatted_day = substr($formatted_day, 1, 1); } switch ($formatted_month) { case "1": $formatted_month = "Jan"; break; case "2": $formatted_month = "Feb"; break; case "3": $formatted_month = "Mar"; break; case "4": $formatted_month = "Apr"; break; case "5": $formatted_month = "May"; break; case "6": $formatted_month = "Jun"; break; case "7": $formatted_month = "Jul"; break; case "8": $formatted_month = "Aug"; break; case "9": $formatted_month = "Sep"; break; case "10": $formatted_month = "Oct"; break; case "11": $formatted_month = "Nov"; break; case "12": $formatted_month = "Dec"; break; default: $formatted_month = "??"; } $formatted_date = $formatted_day ."-". $formatted_month ."-". $formatted_year; return $formatted_date; } //Function: select_countries //Source: Hervey Allen, NSRC, September 2002 //Use: Used in Report View to determine what countries the // report belongs to. We need to parse all country codes, // and then we need to create a "Countries" variable with // each countries name. function select_countries ($countries) { // First, let's be careful. If for some reason we have a malformed // string with a trailing ':', get rid of it. Note, you can use // the more powerful preg POSIX regular expression functions like // preg_split to do this, but then have fun reading the code... $pieces = trim($countries); $pieces = explode(":", $pieces); return $pieces; } //Function: select_countries //Source: Hervey Allen, NSRC, September 2002 //Use: Used in Report View to determine what countries the // report belongs to. We need to parse all country codes, // and then we need to create a "Countries" variable with // each countries name. function display_countries ($formvalues_array) { // First, let's be careful. If for some reason we have a malformed // string with a trailing ':', get rid of it. Note, you can use // the more powerful preg POSIX regular expression functions like // preg_split to do this, but then have fun reading the code... $local_countries = $formvalues_array["countries"]; echo "countries = : " .$local_countries. "
\n"; $pieces = $countries; $pieces = trim($pieces); $pieces = explode(":", $pieces); echo "pieces = : " .$pieces. "
\n"; $num_cc = count($pieces); echo "num_cc = : " .$num_cc. "
\n"; for($i = 1; $i <= $num_cc; $i++) { $query2 = "select * from country where country_code='$pieces[$i]'"; $query2 = stripslashes($query2); $result2 = safe_query($query2); $row2 = mysql_fetch_array($result2); echo "result2 = :" .$result2. "
\n"; echo "row2[country_name] = :" .$row2["country_name"]. "
\n"; $exploded_countries = $row2["country_name"]; } return $exploded_countries; } // // function privilege_level: // function privilege_level($appUsername) { if((isset($PHPSESSID)) & (isset($HTTP_SESSION_VARS["authenticatedUser"]))) { $authedUser = $HTTP_SESSION_VARS["authenticatedUser"]; $query = "select * from user where userid='$authedUser'"; $query = stripslashes($query); $result = safe_query($query); $row = mysql_fetch_array($result); if ((mysql_num_rows($result) == 1) & ($row["privilege"] == 1)) { return 1; } elseif ((mysql_num_rows($result) == 1) & ($row["privilege"] == 0)) { return 0; } elseif ((mysql_num_rows($result) == 1) & ($row["privilege"] != 0) & ($row["privilege"] != 1)) { return -2; } else { // User is not logged in properly. return -1; } // end else } // end if } // end priv_level // // function authenticate // function authenticate($authed_user, $authed_user_pw) { if($authed_user == '') { $error_array["authed_user"] = "Username blank."; } if($authed_user_pw == '') { $error_array["authed_user_pw"] = "Password blank."; } if($authed_user != '') { $query = "select * from user where userid='$authed_user'"; $query = stripslashes($query); $result = safe_query($query); $row = mysql_fetch_array($result); if (mysql_num_rows($result) === 1) { $error_array["authed_user"] = ''; } else { $error_array["authed_user"] = "Username \"" .$authed_user. "\" is invalid!"; } } if($error_array["authed_user"] == '') { $md5_password = "MD5:" . strtoupper(md5($authed_user_pw)); $query = "select * from user where password='$md5_password' and userid='$authed_user'"; $query = stripslashes($query); $result = safe_query($query); $row = mysql_fetch_array($result); // If true, then the password/userid combination is correct. if (mysql_num_rows($result) == 1) { $error_array["authed_user_pw"] = ''; } else { $error_array["authed_user_pw"] = "Incorrect password."; } } else { $error_array["authed_user_pw"] = ''; } return $error_array; } // end function authenticate // // Function verify password. Just wanna know if the current user has // given us a valid password. // function verify_password($authed_user, $user_pw) { if(empty($user_pw)) { $result = 'EMPTY'; return $result; } $md5_password = "MD5:" . strtoupper(md5($user_pw)); $query = "select * from user where password='$md5_password' and userid='$authed_user'"; $query = stripslashes($query); $result = safe_query($query); $row = mysql_fetch_array($result); if (mysql_num_rows($result) == 1) { $result = 'TRUE'; } else { $result = 'FALSE'; } return $result; } function country_lookup($ISO_code) { $query_country = "select country_name from country where country_code='" .$ISO_code. "'"; $query_country = stripslashes($query_country); $result_country = safe_query($query_country); $row_country = mysql_fetch_array($result_country); return $row_country['country_name']; } function region_lookup($region_code) { $query_region = "select long_name from regions where region='" .$region_code. "'"; $query_region = stripslashes($query_region); $result_region = safe_query($query_region); $row_region = mysql_fetch_array($result_region); return $row_region['long_name']; } function user_lookup($id) { $query_user = "select name from user where id='" .$id. "'"; $query_user = stripslashes($query_user); $result_user = safe_query($query_user); $row_user = mysql_fetch_array($result_user); return $row_user['name']; } // // Function language_lookup // // Find the actual language name based on the drop-down list position // function language_lookup($lang_id) { $querylang = "select * from languages where list_item_number='$lang_id'"; $querylang = stripslashes($querylang); $resultlang = safe_query($querylang); $rowlang = mysql_fetch_array($resultlang); return $rowlang["language"]; } // // Function language_id_lookup // // Find the actual language id based on language name // function language_id_lookup($lang_name) { $querylang = "select * from languages where language='$lang_name'"; $querylang = stripslashes($querylang); $resultlang = safe_query($querylang); $rowlang = mysql_fetch_array($resultlang); return $rowlang["list_item_number"]; } // // Function topic_id_lookup // // Find the actual topic id based on ltopic name // function topic_id_lookup($topic) { $querytopic = "select * from topics where topic='$topic'"; $querytopic = stripslashes($querytopic); $resulttopic = safe_query($querytopic); $rowtopic = mysql_fetch_array($resulttopic); return $rowtopic["id"]; } // // Function workshop_lookup // function workshop_lookup($by_date, $by_region, $substring) { // // We have three possible search methods with any combination of all three. // This function does the work of creating the MySQL query string first, // then doing the query, then returning the results in an array // if((!empty($by_date)) & (!empty($by_region)) & (!empty($substring))) { $query_string = "select * from workshop where year='" .$by_date. "' AND (region='" .$by_region. "' or region_secondary='" .$by_region. "' or region_terciary='" .$by_region. "') AND locate(lcase('" .$substring. "'),lcase(" .title. ")) ORDER by year DESC"; } elseif((!empty($by_date)) & (!empty($by_region)) & (empty($substring))) { $query_string = "select * from workshop where year='" .$by_date. "' AND (region='" .$by_region. "' or region_secondary='" .$by_region. "' or region_terciary='" .$by_region. "') ORDER by year DESC"; } elseif((!empty($by_date)) & (empty($by_region)) & (empty($substring))) { $query_string = "select * from workshop where year='" .$by_date. "' ORDER by year DESC"; } elseif((empty($by_date)) & (!empty($by_region)) & (!empty($substring))) { $query_string = "select * from workshop where (region='" .$by_region. "' or region_secondary='" .$by_region. "' or region_terciary='" .$by_region. "') AND locate(lcase('" .$substring. "'),lcase(" .title. ")) ORDER by year DESC"; } elseif((!empty($by_date)) & (empty($by_region)) & (!empty($substring))) { $query_string = "select * from workshop where year='" .$by_date. "' AND locate(lcase('" .$substring. "'),lcase(" .title. ")) ORDER by year DESC"; } elseif((empty($by_date)) & (empty($by_region)) & (!empty($substring))) { $query_string = "select * from workshop where locate(lcase('" .$substring. "'),lcase(" .title. ")) ORDER by year DESC"; } elseif((empty($by_date)) & (!empty($by_region)) & (empty($substring))) { $query_string = "select * from workshop where (region='" .$by_region. "' or region_secondary='" .$by_region. "' or region_terciary='" .$by_region. "') ORDER by year DESC"; } elseif((empty($by_date)) & (empty($by_region)) & (empty($substring))) { $query_string = "No items selected!\n"; } else { $query_string = "Error: unknown condition encountered. Contact admin@ws.edu.isoc.org for help.\n"; } return $query_string; } ?>