- Timestamp:
- Mar 12, 2018, 8:53:21 PM (7 years ago)
- Location:
- trunk
- Files:
-
- 1 added
- 19 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/admin/admin.php
r246 r253 133 133 134 134 135 136 137 138 $dbi=mysql_connect($dbhost, $dbuname, $dbpass) or die("Connessione non riuscita: " . mysql_error()); 139 mysql_select_db($dbname)or die("Connessione non riuscita:" . mysql_error()); 140 mysql_query("SET NAMES 'utf8'", $dbi); 135 try{ 136 $dbi = new PDO("mysql:host=$dbhost;charset=latin1", $dbuname, $dbpass, array(PDO::ATTR_EMULATE_PREPARES => false, PDO::ATTR_ERRMODE=>PDO::ERRMODE_EXCEPTION)); 137 $sql = "use $dbname"; 138 $dbi->exec($sql); 139 } 140 catch(PDOException $e) 141 { 142 echo $sql . "<br>" . $e->getMessage(); 143 } 144 145 146 147 # $dbi=mysql_connect($dbhost, $dbuname, $dbpass) or die("Connessione non riuscita: " . mysql_error()); 148 # mysql_select_db($dbname)or die("Connessione non riuscita:" . mysql_error()); 149 ## mysql_query("SET NAMES 'utf8'", $dbi); 141 150 //---10/05/2009 gestione consultazione predefinita 142 $res_config = mysql_query("select * from ".$prefix."_config ",$dbi); 143 list ($sitename,$siteurl,$site_logo,$slogan,$startdate,$adminmail,$tema,$foot,$language,$blocco 144 ,$testata,$logo,$fileout,$copyright,$versione,$patch,$id_comune,$multicomune,$flash,$displayerrors,$editor,$tema_on,$ed_user) = mysql_fetch_row($res_config); 145 $siteistat=$id_comune; 151 $sth = $dbi->prepare("select * from ".$prefix."_config"); 152 $sth->execute(); 153 154 $row = $sth->fetch(PDO::FETCH_ASSOC); 155 # $res_config = mysql_query("select * from ".$prefix."_config ",$dbi); 156 # list ($sitename,$siteurl,$site_logo,$slogan,$startdate,$adminmail,$tema,$foot,$language,$blocco,$testata,$logo,$fileout,$copyright,$versione,$patch,$id_comune,$multicomune,$flash,$displayerrors,$editor,$tema_on,$ed_user) = ($res_config->fetch()); 157 $siteistat=$row['siteistat']; 146 158 if (!isset($_SESSION['id_comune'])){ 147 $_SESSION['sitename']=$ sitename;148 $_SESSION['siteurl']=$ siteurl;149 $_SESSION['site_logo']=$ site_logo;150 $_SESSION['slogan']=$ slogan;151 $_SESSION['startdate']=$ startdate;152 $_SESSION['adminmail']=$ adminmail;159 $_SESSION['sitename']=$row['sitename']; 160 $_SESSION['siteurl']=$row['siteurl']; 161 $_SESSION['site_logo']=$row['site_logo']; 162 $_SESSION['slogan']=$row['slogan']; 163 $_SESSION['startdate']=$row['startdate']; 164 $_SESSION['adminmail']=$row['adminmail']; 153 165 if ($tema=='facebook') 154 $_SESSION['tema']=$ tema;166 $_SESSION['tema']=$row['tema']; 155 167 else $_SESSION['tema']='default'; 156 $_SESSION['foot']=$ foot;157 $_SESSION['lang']=$ language;158 $_SESSION['blocco']=$ blocco;159 $_SESSION['testata']=$ testata;160 $_SESSION['logo']=$ logo;161 $_SESSION['fileout']=$ fileout;162 $_SESSION['copyright']=$ copyright;163 $_SESSION['versione']=$ versione;164 $_SESSION['patch']=$ patch;165 $_SESSION['id_comune']=$ id_comune;168 $_SESSION['foot']=$row['foot']; 169 $_SESSION['lang']=$row['language']; 170 $_SESSION['blocco']=$row['blocco']; 171 $_SESSION['testata']=$row['testata']; 172 $_SESSION['logo']=$row['logo']; 173 $_SESSION['fileout']=$row['fileout']; 174 $_SESSION['copyright']=$row['copyright']; 175 $_SESSION['versione']=$row['versione']; 176 $_SESSION['patch']=$row['patch']; 177 $_SESSION['id_comune']=$row['siteistat']; 166 178 $_SESSION['multicomune']=$multicomune; 167 179 $_SESSION['flash']=$flash; … … 227 239 $dbi=$_SESSION['dbi']; 228 240 $prefix=$_SESSION['prefix']; 229 $id_comune=$_SESSION['id_comune']; 241 $id_comune=$_SESSION['id_comune'];die("qui"); 230 242 if (isset($_GET['id_cons_gen'])) $id_cons_gen=intval($_GET['id_cons_gen']); 231 243 else { -
trunk/admin/index.php
r23 r253 8 8 /************************************************************************/ 9 9 include("config.php"); 10 $dbi=mysql_connect($dbhost, $dbuname, $dbpass) or die("Connessione non riuscita: " . mysql_error()); 11 mysql_select_db($dbname)or die("Connessione non riuscita:" . mysql_error()); 12 mysql_query("SET NAMES 'utf8'", $dbi); 10 try{ 11 $dbi = new PDO("mysql:host=$dbhost;charset=latin1", $dbuname, $dbpass, array(PDO::ATTR_EMULATE_PREPARES => false, PDO::ATTR_ERRMODE=>PDO::ERRMODE_EXCEPTION)); 12 $sql = "use $dbname"; 13 $dbi->exec($sql); 14 } 15 catch(PDOException $e) 16 { 17 echo $sql . "<br>" . $e->getMessage(); 18 } 13 19 //---10/05/2009 gestione consultazione predefinita 14 20 //if (!isset($_SESSION['id_comune'])){ 15 $res_config = mysql_query("select * from ".$prefix."_config ",$dbi); 16 list ($sitename,$siteurl,$site_logo,$slogan,$startdate,$adminmail,$tema,$foot,$language,$blocco,$testata,$logo,$fileout,$copyright,$versione,$patch,$id_comune) = mysql_fetch_row($res_config); 17 $siteistat=$id_comune; 21 $sth = $dbi->prepare("select * from ".$prefix."_config"); 22 $sth->execute(); 23 24 $row = $sth->fetch(PDO::FETCH_ASSOC); 25 # list ($sitename,$siteurl,$site_logo,$slogan,$startdate,$adminmail,$tema,$foot,$language,$blocco,$testata,$logo,$nometestata,$fileout,$copyright,$versione,$patch,$id_comune,$multicomune,$flash,$displayerrors,$gkey,$googlemaps,$editor,$tema_on,$ed_user) = ($res_config->fetch()); 26 $siteistat=$row['siteistat']; 18 27 //} 19 28 Header("Location: admin.php?id_comune=$siteistat"); -
trunk/admin/modules/Elezioni/ele_voti.php
r250 r253 170 170 list($validi, $nulli, $bianchi,$contestati,$votinulli,$sologruppo,$validilista,$contestatilista,$votinullilista,$sololista)=mysql_fetch_row($res4); 171 171 if($validi>0) { 172 if (($validi+$nulli+$bianchi+$contestati+$votinulli +$sololista)==$voti)172 if (($validi+$nulli+$bianchi+$contestati+$votinulli)==$voti) 173 173 {$status=2;$ops=(-4+$votog);$val=1;} 174 174 else {$val=-1;$stret=(4-$votog);} … … 187 187 # list($votigs)=mysql_fetch_row($res4); 188 188 if($votigs>0) { 189 if (($votigs )==$validi)189 if (($votigs+$sololista)==$validi) 190 190 {$status=3;$ops=-3;$gru=1;} 191 191 else {$gru=-1; $stret=4;} … … 209 209 $sezscru=mysql_num_rows($res4); 210 210 if($sezscru) { 211 if($genere==4 or $votog) $contrlis= ($validilista ==$validi) ? 1:0;211 if($genere==4 or $votog) $contrlis= ($validilista+$sologruppo==$validi) ? 1:0; 212 212 else $contrlis=($sologruppo+$validilista+$contestatilista+$votinullilista-$sololista)==$validi ? 1:0; 213 213 if((($contrlis) and $validilista==$votils) or ($fascia<=$limite and $fascia)) {$status=4;$lis=1;$ops=-4;} … … 560 560 $ele_lista=''; 561 561 if (($genere==4 or $genere==5) and !$votoc) { //liste a piu' candidati 562 if(($genere==5 and $ fascia<=$limite and $id_conf) and !$id_lista) { //esclude il voto di lista per le comunali nei comuni sotto fascia limite562 if(($genere==5 and $id_conf and $fascia<=$limite and !isdisgiunto()) and !$id_lista) { //esclude il voto di lista per le comunali nei comuni sotto fascia limite 563 563 $result = mysql_query("SELECT id_lista from ".$prefix."_ele_lista where id_cons=$id_cons limit 0,1",$dbi); 564 564 list($id_lista)=mysql_fetch_row($result); … … 583 583 $result = mysql_query("SELECT sum(t1.voti),0,0 from ".$prefix."_ele_voti_candidati as t1 left join ".$prefix."_ele_candidati as t2 on (t1.id_cand=t2.id_cand) where t1.id_sez=$id_sez and t2.id_lista=$id_rif",$dbi); 584 584 list($votisezcand)=mysql_fetch_row($result); 585 if(( $fascia>$limiteor !$id_conf) or $genere==4)585 if((($fascia>$limite or isdisgiunto()) or !$id_conf) or $genere==4) 586 586 $result = mysql_query("SELECT voti,nulli_lista from ".$prefix."_ele_voti_lista where id_sez='$id_sez' and id_lista='$id_rif'", $dbi); 587 587 else{ … … 619 619 $result = mysql_query("SELECT sum(t1.voti),t2.validi_lista, t2.solo_gruppo,t2.contestati_lista,t2.voti_nulli_lista,t2.bianchi,t2.nulli,t2.contestati,t2.voti_nulli,0,t1.nulli_lista from ".$prefix."_ele_sezioni as t2 left join ".$prefix.$tab." as t1 on (t1.id_sez=t2.id_sez) where t2.id_sez='$id_sez' group by t1.id_sez",$dbi); 620 620 else 621 $result = mysql_query("SELECT sum(t1.voti),t2.validi_lista, t2.solo_gruppo,t2.contestati_lista,t2.voti_nulli_lista,t2.bianchi,t2.nulli,t2.contestati,t2.voti_nulli, 0,0 from ".$prefix."_ele_sezioni as t2 left join ".$prefix.$tab." as t1 on (t1.id_sez=t2.id_sez) where t2.id_sez='$id_sez' group by t1.id_sez",$dbi);621 $result = mysql_query("SELECT sum(t1.voti),t2.validi_lista, t2.solo_gruppo,t2.contestati_lista,t2.voti_nulli_lista,t2.bianchi,t2.nulli,t2.contestati,t2.voti_nulli,solo_lista,0 from ".$prefix."_ele_sezioni as t2 left join ".$prefix.$tab." as t1 on (t1.id_sez=t2.id_sez) where t2.id_sez='$id_sez' group by t1.id_sez",$dbi); 622 622 623 623 // aggiunte le variabili $sgpl e $vnpl per la gestione dei voti 1) al solo presidente per singola lista - 2) al solo presidente per singola lista perché nullo o contestato quello di lista … … 637 637 $result = mysql_query("SELECT sum(t1.voti) from ".$prefix."_ele_voti_candidati as t1 left join ".$prefix."_ele_candidati as t2 on (t1.id_cand=t2.id_cand) where t1.id_sez=$id_sez and t2.id_lista=$id_lista",$dbi); 638 638 list($votisezcand)=mysql_fetch_row($result); 639 if( $fascia>$limiteor !$id_conf)639 if(($fascia>$limite or isdisgiunto()) or !$id_conf) 640 640 $result = mysql_query("SELECT sum(voti) from ".$prefix."_ele_voti_lista where id_sez='$id_sez' and id_lista='$id_lista'", $dbi); 641 641 else{ … … 748 748 // toglie ai candidati la visual... del solo_gruppo 749 749 if(!$votog) { 750 if (($genere==3 OR $genere==5) and (!$id_lista) and ( $fascia>$limiteor !$id_conf)) { //gruppo e liste750 if (($genere==3 OR $genere==5) and (!$id_lista) and ((isdisgiunto() or $fascia>$limite) or !$id_conf)) { //gruppo e liste 751 751 echo "<tr bgcolor=\"$bgcolor2\"><td></td><td><b>"._VALIDI_LISTA."</b></td><td align=\"center\"><input type=\"hidden\" name=\"id_sez\" value=\"$id_sez\"><input name=\"valista\" value=\"$valista\" size=\"5\" style=\"text-align:right\"></td></tr>"; 752 752 echo "<tr bgcolor=\"$bgcolor2\"><td></td><td><b>"._SOLO_GRUPPO."</b></td><td align=\"center\"><input name=\"sg\" value=\"$sg\" size=\"5\" style=\"text-align:right\"></td></tr>"; … … 754 754 ."</td></tr><tr bgcolor=\"$bgcolor2\"><td></td><td><b>"._CONTESTATI_LISTE."</b></td><td align=\"center\"><input name=\"contestati\" value=\"$contestati\" size=\"5\" style=\"text-align:right\"></td></tr>"; 755 755 756 }elseif (($genere==3 OR $genere==5) and !$votoc and ( $fascia>$limiteor !$id_conf)){ //}elseif ($tipo_cons!=10 and $tipo_cons!=11){756 }elseif (($genere==3 OR $genere==5) and !$votoc and ((isdisgiunto() or $fascia>$limite) or !$id_conf)){ //}elseif ($tipo_cons!=10 and $tipo_cons!=11){ 757 757 echo "<tr bgcolor=\"$bgcolor1\"><td></td><td><b>"._SOLO_GRUPPO."</b></td><td align=\"center\">$sg</td></tr>"; 758 758 } … … 821 821 $condizione="id_lista"; 822 822 } 823 if ((($genere==3) OR ($genere==5)) and !$id_lista and !$votog and ( $fascia>$limiteor !$id_conf)) $y = (count($arg)-4);823 if ((($genere==3) OR ($genere==5)) and !$id_lista and !$votog and ((isdisgiunto() or $fascia>$limite) or !$id_conf)) $y = (count($arg)-4); 824 824 else $y=count($arg);#die ("delete from ".$prefix."_ele_controllosez where id_cons='$id_cons' and id_sez='$id_sez'"); 825 825 mysql_query("delete from ".$prefix."_ele_controllosez where id_cons='$id_cons' and id_sez='$id_sez'", $dbi); … … 855 855 856 856 if(!$votog) { 857 if ((($genere==3) OR ($genere==5)) and !$id_lista and ( $fascia>$limiteor !$id_conf)) {857 if ((($genere==3) OR ($genere==5)) and !$id_lista and ((isdisgiunto() or $fascia>$limite) or !$id_conf)) { 858 858 $valista=$arg[$i++]; 859 859 $result = mysql_query("update ".$prefix."_ele_sezioni set solo_gruppo='".$arg[$i]."' where id_sez='$id_sez'",$dbi); … … 1105 1105 list($id_cons2,$id_sez2,$validi, $nulli, $bianchi, $contestati,$votinulli,$sg,$conts,$nullis,$sololista) = mysql_fetch_row($result); 1106 1106 $tot_nulli=$nulli+$bianchi+$contestati+$votinulli; 1107 $tot_voti=$validi+$tot_nulli+$ sg+$conts+$nullis+$sololista;1107 $tot_voti=$validi+$tot_nulli+$conts+$nullis; 1108 1108 // ."</td><td><input name=\"sololista\" value=\"$sololista\" size=\"5\" style=\"text-align:right\">" --- ."<td><b>"._SOLOLIS."</b></td>" 1109 1109 … … 1178 1178 $result= mysql_query("select * from ".$prefix."_ele_sezioni where id_cons='$id_cons' and id_sez='$id_sez' ", $dbi); 1179 1179 $ar=mysql_fetch_array($result); 1180 $validilista=$validi-$ar['solo_gruppo']; 1180 1181 if ($ar['solo_lista'] or !isdisgiunto()) $rigasl=''; else $rigasl=", solo_lista='$sololista'"; 1181 1182 #die("qui: if($ops==3 and ($genere==3 or $genere==4 or $genere==5) and $votog){"); 1182 1183 if($ops==3 and ($genere==3 or $genere==4 or $genere==5) and ($votog or $genere==4)){ 1183 mysql_query("insert into ".$prefix."_ele_log values('$id_cons','$id_sez','$username','$log_data','$orario','validi_lista:$ar[14] nulli:$ar[7] bianchi:$ar[8] contestati_lista:$ar[15] voti_nulli_lista:$ar[16]','validi_lista=$validi , nulli=$nulli,bianchi=$bianchi,contestati_lista=$contestati,voti_nulli_lista=$votinulli','_ele_sezioni')", $dbi);1184 mysql_query("insert into ".$prefix."_ele_log values('$id_cons','$id_sez','$username','$log_data','$orario','validi_lista:$ar[14] nulli:$ar[7] bianchi:$ar[8] contestati_lista:$ar[15] voti_nulli_lista:$ar[16]','validi_lista=$validilista, nulli=$nulli,bianchi=$bianchi,contestati_lista=$contestati,voti_nulli_lista=$votinulli','_ele_sezioni')", $dbi); 1184 1185 1185 1186 /* $result = mysql_query("update ".$prefix."_ele_sezioni set validi='$validi', contestati='$contestati', validi_lista='$validi', nulli='$nulli',bianchi='$bianchi',contestati_lista='$contestati', voti_nulli_lista='$votinulli' where id_cons='$id_cons' and id_sez='$id_sez' ", $dbi); 1186 1187 if ($fileout) fwrite($fp,"update ".$prefix."_ele_sezioni set validi='$validi', contestati='$contestati', validi_lista='$validi', nulli='$nulli',bianchi='$bianchi',contestati_lista='$contestati', voti_nulli_lista='$votinulli' where id_cons='$id_cons' and id_sez='$id_sez';\n"); */ 1187 1188 $result = mysql_query("update ".$prefix."_ele_sezioni set validi='$validi', contestati='$contestati', validi_lista='$validi', nulli='$nulli',bianchi='$bianchi',contestati_lista='$contestati', voti_nulli='$votinulli' $rigasl where id_cons='$id_cons' and id_sez='$id_sez' ", $dbi); 1188 if ($fileout) fwrite($fp,"update ".$prefix."_ele_sezioni set validi='$validi', contestati='$contestati', validi_lista='$validi ', nulli='$nulli',bianchi='$bianchi',contestati_lista='$contestati', voti_nulli='$votinulli' $rigasl where id_cons='$id_cons' and id_sez='$id_sez';\n");1189 if ($fileout) fwrite($fp,"update ".$prefix."_ele_sezioni set validi='$validi', contestati='$contestati', validi_lista='$validilista', nulli='$nulli',bianchi='$bianchi',contestati_lista='$contestati', voti_nulli='$votinulli' $rigasl where id_cons='$id_cons' and id_sez='$id_sez';\n"); 1189 1190 }else{ 1190 1191 mysql_query("insert into ".$prefix."_ele_log values('$id_cons','$id_sez','$username','$log_data','$orario','validi:$ar[6] nulli:$ar[7] bianchi:$ar[8] contestati:$ar[9] voti_nulli:$ar[13]','validi=$validi, nulli=$nulli,bianchi=$bianchi,contestati=$contestati, voti_nulli=$votinulli','_ele_sezioni')", $dbi); 1191 1192 $valista=""; 1192 1193 if ($ar['validi_lista']){ 1193 $tvalista=$validi-$ar['solo_gruppo']-$ar['voti_nulli_lista']-$ar['contestati_lista'] +$ar['solo_lista'];1194 $tvalista=$validi-$ar['solo_gruppo']-$ar['voti_nulli_lista']-$ar['contestati_lista']; 1194 1195 $valista=",validi_lista='$tvalista'"; 1195 1196 } … … 1264 1265 $res = mysql_query("SELECT validi,nulli,bianchi,contestati,solo_lista,voti_nulli FROM ".$prefix."_ele_sezioni where id_cons='$id_cons' and id_sez='$id_sez'", $dbi); 1265 1266 list($validi,$nulli,$bianchi,$contestati,$solo_lista,$votinulli) = mysql_fetch_row($res); 1266 if ($voti_parz!= $validiand $voti_parz>0){1267 echo "<td style=\"background-color: rgb(255, 0, 0); text-align:center\"><img src=\"modules/Elezioni/images/alert.gif\" align=\"middle\" alt=\"\"><br><b> "._ATT_VOTI." ".$voti_parz." "._NO_VAL_VOTI." ". $validi."</b><br></td>";1267 if ($voti_parz!=($validi-$solo_lista) and $voti_parz>0){ 1268 echo "<td style=\"background-color: rgb(255, 0, 0); text-align:center\"><img src=\"modules/Elezioni/images/alert.gif\" align=\"middle\" alt=\"\"><br><b> "._ATT_VOTI." ".$voti_parz." "._NO_VAL_VOTI." ".($validi-$solo_lista)."</b><br></td>"; 1268 1269 } 1269 1270 $res2 = mysql_query("SELECT max(voti_complessivi) FROM ".$prefix."_ele_voti_parziale where id_cons='$id_cons' and id_sez='$id_sez'", $dbi); 1270 1271 list($tot) = mysql_fetch_row($res2); 1271 if ($validi+$nulli+$bianchi+$contestati+$votinulli +$solo_lista!=$tot and $validi+$nulli+$bianchi+$contestati+$votinulli>0){1272 if ($validi+$nulli+$bianchi+$contestati+$votinulli!=$tot and $validi+$nulli+$bianchi+$contestati+$votinulli>0){ 1272 1273 echo "<td style=\"background-color: rgb(255, 0, 0); text-align:center\"><img src=\"modules/Elezioni/images/alert.gif\" align=\"middle\" alt=\"\"><br><b> "._ATT_VOTANTI." ".$tot." "._NO_TOT_VOTI." ".($validi+$nulli+$bianchi+$contestati+$votinulli)."</b><br></td>"; 1273 1274 } -
trunk/admin/temi/facebook/style.css
r250 r253 87 87 88 88 div#container{ 89 width: 999px;89 width: 80%; 90 90 margin: 0 auto; /*centra negli altri browsers*/ 91 91 /*text-align: left; */ /*ripristina l' allineamento*/ -
trunk/admin/versione.php
r252 r253 1 1 <?php 2 2 3 $versione = "2.0 rev 25 2";3 $versione = "2.0 rev 253"; 4 4 $version_number = $versione; 5 $version = "Eleonline $version_number (<i>Data Release: 1 6 aprile 2016</i>)";5 $version = "Eleonline $version_number (<i>Data Release: 15 aprile 2017</i>)"; 6 6 7 7 ?> -
trunk/client/inc/csrf-magic/csrf-magic.php
r153 r253 54 54 */ 55 55 $GLOBALS['csrf']['secret'] = ''; 56 // nota bene: library code should use csrf_get_secret() and not access 57 // this global directly 56 58 57 59 /** … … 130 132 131 133 // Don't edit this! 132 $GLOBALS['csrf']['version'] = '1.0. 1';134 $GLOBALS['csrf']['version'] = '1.0.4'; 133 135 134 136 /** … … 152 154 $name = $GLOBALS['csrf']['input-name']; 153 155 $endslash = $GLOBALS['csrf']['xhtml'] ? ' /' : ''; 154 $input = " \n<div><input type='hidden' name='$name' value=\"$tokens\"$endslash></div>";156 $input = "<input type='hidden' name='$name' value=\"$tokens\"$endslash>"; 155 157 $buffer = preg_replace('#(<form[^>]*method\s*=\s*["\']post["\'][^>]*>)#i', '$1' . $input, $buffer); 156 158 if ($GLOBALS['csrf']['frame-breaker']) { … … 216 218 if (!$has_cookies && $secret) { 217 219 // :TODO: Harden this against proxy-spoofing attacks 218 $ip = ';ip:' . csrf_hash($_SERVER['IP_ADDRESS']); 220 $IP_ADDRESS = (isset($_SERVER['IP_ADDRESS']) ? $_SERVER['IP_ADDRESS'] : $_SERVER['REMOTE_ADDR']); 221 $ip = ';ip:' . csrf_hash($IP_ADDRESS); 219 222 } else { 220 223 $ip = ''; … … 241 244 } 242 245 246 function csrf_flattenpost($data) { 247 $ret = array(); 248 foreach($data as $n => $v) { 249 $ret = array_merge($ret, csrf_flattenpost2(1, $n, $v)); 250 } 251 return $ret; 252 } 253 function csrf_flattenpost2($level, $key, $data) { 254 if(!is_array($data)) return array($key => $data); 255 $ret = array(); 256 foreach($data as $n => $v) { 257 $nk = $level >= 1 ? $key."[$n]" : "[$n]"; 258 $ret = array_merge($ret, csrf_flattenpost2($level+1, $nk, $v)); 259 } 260 return $ret; 261 } 262 243 263 /** 244 264 * @param $tokens is safe for HTML consumption 245 265 */ 246 266 function csrf_callback($tokens) { 267 // (yes, $tokens is safe to echo without escaping) 247 268 header($_SERVER['SERVER_PROTOCOL'] . ' 403 Forbidden'); 248 echo "<html><head><title>CSRF check failed</title></head><body>CSRF check failed. Please enable cookies.<br />Debug: ".$tokens."</body></html> 269 $data = ''; 270 foreach (csrf_flattenpost($_POST) as $key => $value) { 271 if ($key == $GLOBALS['csrf']['input-name']) continue; 272 $data .= '<input type="hidden" name="'.htmlspecialchars($key).'" value="'.htmlspecialchars($value).'" />'; 273 } 274 echo "<html><head><title>CSRF check failed</title></head> 275 <body> 276 <p>CSRF check failed. Your form session may have expired, or you may not have 277 cookies enabled.</p> 278 <form method='post' action=''>$data<input type='submit' value='Try again' /></form> 279 <p>Debug: $tokens</p></body></html> 249 280 "; 250 281 } … … 298 329 if (!empty($_COOKIE)) return false; 299 330 if (!$GLOBALS['csrf']['allow-ip']) return false; 300 return $value === csrf_hash($_SERVER['IP_ADDRESS'], $time); 331 $IP_ADDRESS = (isset($_SERVER['IP_ADDRESS']) ? $_SERVER['IP_ADDRESS'] : $_SERVER['REMOTE_ADDR']); 332 return $value === csrf_hash($IP_ADDRESS, $time); 301 333 } 302 334 return false; … … 328 360 function csrf_get_secret() { 329 361 if ($GLOBALS['csrf']['secret']) return $GLOBALS['csrf']['secret']; 330 // secret by db l.apolito331 global $prefix,$dbi;332 # crea campo secret nella tabella _config se non esiste333 $campo= mysql_query("SHOW COLUMNS FROM ".$prefix."_config LIKE 'secret' ",$dbi);334 $esiste=mysql_num_rows($campo);335 if ($esiste==0) {336 $result=mysql_query("ALTER TABLE ".$prefix."_config ADD secret VARCHAR(30);",$dbi);337 }338 339 $res_secret = mysql_query("SELECT * FROM ".$prefix."_config" , $dbi);340 $row = mysql_fetch_array($res_secret);341 $secret = $row['secret'];342 if (isset($secret)){ return $secret;343 344 }else{345 $secret = csrf_generate_secret();346 mysql_query("UPDATE ".$prefix."_config SET secret='$secret'" , $dbi);347 return $secret;348 }349 return '';350 351 352 /* nel caso di registrazione del file353 362 $dir = dirname(__FILE__); 354 363 $file = $dir . '/csrf-secret.php'; … … 358 367 return $secret; 359 368 } 360 361 369 if (is_writable($dir)) { 362 370 $secret = csrf_generate_secret(); … … 367 375 } 368 376 return ''; 369 */370 377 } 371 378 … … 375 382 function csrf_generate_secret($len = 32) { 376 383 $r = ''; 377 for ($i = 0; $i < 32; $i++) {384 for ($i = 0; $i < $len; $i++) { 378 385 $r .= chr(mt_rand(0, 255)); 379 386 } … … 388 395 function csrf_hash($value, $time = null) { 389 396 if (!$time) $time = time(); 390 return sha1( $GLOBALS['csrf']['secret']. $value . $time) . ',' . $time;397 return sha1(csrf_get_secret() . $value . $time) . ',' . $time; 391 398 } 392 399 -
trunk/client/modules.php
r241 r253 99 99 100 100 101 102 101 $dbi = new PDO("mysql:host=$dbhost;charset=latin1", $dbuname, $dbpass, array(PDO::ATTR_EMULATE_PREPARES => false, 102 PDO::ATTR_ERRMODE=>PDO::ERRMODE_EXCEPTION)); 103 $sql = "use $dbname"; 104 $dbi->exec($sql); 105 106 /* 103 107 104 108 if(!$dbi = mysql_connect($dbhost, $dbuname, $dbpass)){ … … 110 114 } 111 115 mysql_query("SET NAMES 'utf8'", $dbi); 112 116 */ 113 117 # protezione csrf ottobre 2012 - by l.apolito 114 118 if (file_exists("inc/csrf-magic/csrf-magic.php")) { … … 122 126 123 127 # carica i parametri di default sulla tabella 124 $res = mysql_query("SELECT * FROM ".$prefix."_config" , $dbi); 125 $row = mysql_fetch_array($res); 128 $sql = $dbi->prepare("SELECT * FROM ".$prefix."_config"); 129 $sql->execute(); 130 while($riga = $sql->fetchAll(PDO::FETCH_ASSOC)){$row=$riga[0]; 126 131 $sitename = stripslashes($row['sitename']); 127 132 $siteurl = $row['siteurl']; … … 146 151 $ed_user = $row['ed_user']; 147 152 #tema mobile 148 153 } 149 154 150 155 151 156 152 157 # altre config 153 $res = mysql_query("SELECT * FROM ".$prefix."_ele_comuni where id_comune='$siteistat' ", $dbi); 154 $row = mysql_fetch_array($res); 158 $sql = $dbi->prepare("SELECT * FROM ".$prefix."_ele_comuni where id_comune='$siteistat' "); 159 $sql->execute(); 160 $riga = $sql->fetchAll(PDO::FETCH_ASSOC); 161 $row=$riga[0]; 155 162 $id_cons_pred = intval($row['id_cons']); 156 163 if($id_cons_pred=='0')$id_cons_pred=''; 157 164 if(!isset($id_cons_gen)) $id_cons_gen=$id_cons_pred; 158 165 # carica il metodo d'hontd 159 $res = mysql_query("SELECT * FROM ".$prefix."_ele_cons_comune where id_cons_gen='$id_cons_gen' ", $dbi); 160 $row = mysql_fetch_array($res); 161 162 163 166 ##$sql = $dbi->prepare("SELECT * FROM ".$prefix."_ele_cons_comune where id_cons_gen='$id_cons_gen' "); 167 ##$sql->execute(); 164 168 165 169 $param=strip_tags(strtolower($_SERVER['REQUEST_METHOD'])) == 'get' ? $_GET : $_POST; … … 170 174 $id_cons_bak=intval($param['id_cons_gen']); 171 175 if (isset($param['id_comune'])) $id_combak=intval($param['id_comune']); else $id_combak=$_SESSION['id_comune']; 172 $res = mysql_query("SELECT id_cons,id_conf FROM ".$prefix."_ele_cons_comune where id_cons_gen='$id_cons_bak' and id_comune='$id_combak'" , $dbi); 173 list($id_cons,$hondt) = mysql_fetch_row($res); 176 $sql = $dbi->prepare("SELECT id_cons,id_conf FROM ".$prefix."_ele_cons_comune where id_cons_gen='$id_cons_bak' and id_comune='$id_combak'"); 177 $sql->execute(); 178 $row = $sql->fetchAll(PDO::FETCH_ASSOC); 179 $id_cons=$row[1];$hondt=$row[2]; 174 180 175 181 // incluso in consiglieri.php, ma io carico le vecchie variabili per compatibilit'a all'indietro 176 182 if($hondt>=1){ 177 183 # proiezione consiglio 178 $r es = mysql_query("SELECT * FROM ".$prefix."_ele_conf where id_conf='$hondt'", $dbi);179 $row = mysql_fetch_array($res);184 $row = $dbi->exec("SELECT * FROM ".$prefix."_ele_conf where id_conf='$hondt'"); 185 180 186 $descrizione_consiglio = $row['descrizione']; 181 187 $LIMITE = intval($row['limite']); -
trunk/client/modules/Elezioni/grafici.php
r229 r253 11 11 die ("You can't access this file directly..."); 12 12 } 13 14 include "pdoquery.php"; 15 $res=tipocons(); 16 $descr_cons=$res[1];$tipo_cons=$res[2];$genere=$res[3];$votog=$res[4];$votol=$res[5];$votoc=$res[6];$circo=$res[7]; 17 die("SELECT t1.descrizione, t1.tipo_cons,t2.genere, t2.voto_g, t2.voto_l, t2.voto_c, t2.circo ($descr_cons,$tipo_cons,$genere,$votog,$votol,$votoc,$circo)"); 13 18 14 19 … … 657 662 658 663 function graf_candidato(){ 659 global $ bgcolor1, $bgcolor5,$bgcolor5, $prefix, $dbi, $offset, $min,$descr_cons, $id_cons,$tipo_cons,$copy,$id_comune,$id_istat,$genere,$votog,$votol,$votoc,$circo,$siteistat;664 global $descr_com, $bgcolor1, $bgcolor5,$bgcolor5, $prefix, $dbi, $offset, $min,$descr_cons, $id_cons,$tipo_cons,$copy,$id_comune,$id_istat,$genere,$votog,$votol,$votoc,$circo,$siteistat; 660 665 661 666 $logo=verificasimbolo(); // carica_logo da funzioni.php … … 700 705 while (list($id_lista,$id_cand,$nome,$cognome,$voti) = mysql_fetch_row($res)){ 701 706 $candidato[$i]=$cognome; 702 $pro[$i]=number_format($voti*100/$tot,2);707 if ($tot) $pro[$i]=number_format($voti*100/$tot,2); else $pro[$i]=0; 703 708 // sviluppo tabella dati 704 709 $e=$i+1; -
trunk/client/modules/Elezioni/gruppo.php
r225 r253 638 638 $voticompl=$sevaltot+$senultot+$sebiatot+$secontot+$sevnutot; 639 639 $resvt = mysql_query("SELECT voti from ".$prefix."_ele_voti_$tab15 where id_cons='$id_cons'",$dbi); 640 list($votlt)=mysql_fetch_row($resvt);640 if($resvt) list($votlt)=mysql_fetch_row($resvt); else $votlt=0; 641 641 $temp3=arrayperc($tempar,$sevaltot); 642 642 while (list($key,$voti)= each($temp)) { … … 680 680 }else{ 681 681 $res_lis = mysql_query("SELECT id_gruppo, descrizione,num_gruppo from ".$prefix."_ele_gruppo where id_cons=$id_cons order by num_gruppo",$dbi); 682 $numliste=mysql_num_rows($res_lis);682 if($res_lis) $numliste=mysql_num_rows($res_lis); else $numliste=0; 683 683 684 684 if (!isset($offset)) $offset=10; … … 695 695 echo "<input type=\"hidden\" name=\"id_comune\" value=\"$id_comune\"></input>"; 696 696 echo ""._SCELTA." "._CONSULTAZIONE.": <select name=\"id_gruppo\">"; 697 while(list($id_rif,$descrizione,$num_lis) = mysql_fetch_row($res_lis)) { 697 if($res_lis) 698 while(list($id_rif,$descrizione,$num_lis) = mysql_fetch_row($res_lis)) { 698 699 if (!$id_gruppo) $id_gruppo=$id_rif; 699 700 $sel = ($id_rif == $id_gruppo) ? "selected=\"selected\"" : ""; … … 701 702 for ($j=strlen($num_lis);$j<2;$j++) { echo " ";} 702 703 echo $num_lis.") ".strip_tags(substr($descrizione,0,50))."</option>"; 703 }704 } 704 705 echo "</select>"; 705 706 echo "<br />"._VIS_PERC.": <input type=\"checkbox\" name=\"perc\" value=\"true\""; … … 724 725 order by $tab3, t1.num_gruppo 725 726 ", $dbi); 726 $num_sez=mysql_num_rows($res);727 list($num_gruppo,$descr)= mysql_fetch_row($res_ref);727 if($res) $num_sez=mysql_num_rows($res); else $num_sez=0; 728 if($res_ref) list($num_gruppo,$descr)= mysql_fetch_row($res_ref); else {$num_gruppo=0;$descr='';} 728 729 729 730 if (!$csv){ … … 811 812 $ar[0][5]=_BIANCHI; 812 813 $ar[0][6]=_CONTESTATI; 813 814 while (list($num_gruppo,$desc_ref) = mysql_fetch_row($res_ref)){814 if($res_ref) 815 while (list($num_gruppo,$desc_ref) = mysql_fetch_row($res_ref)){ 815 816 $ar[0][$i++]= $num_gruppo.") ".$desc_ref; 816 817 $ar[1][$y++]= "SI"; 817 818 $ar[1][$y++]= "NO"; 818 }819 } 819 820 $num_sez++; 820 821 $tot_si=0; … … 824 825 $tot_bi=0; 825 826 $tot_co=0; 826 while (list($num_circ,$desc_circ,$num_gruppo,$desc_ref,$simbolo,$si,$no,$validi,$nulli,$bianchi, $contestati) = mysql_fetch_row($res)){ 827 if($res) 828 while (list($num_circ,$desc_circ,$num_gruppo,$desc_ref,$simbolo,$si,$no,$validi,$nulli,$bianchi, $contestati) = mysql_fetch_row($res)){ 827 829 $i=1; 828 830 $votanti=$validi+$nulli+$bianchi+$contestati; … … 852 854 $ar[$num_circ][$i++]= $perc=='true' ? $contestati."<br /><span class=\"red\"><i>0.00%</i></span>":$contestati; 853 855 } 854 }856 } 855 857 $i=1; 856 858 $tot_vo=$tot_va+$tot_nu+$tot_bi+$tot_co; -
trunk/client/modules/Elezioni/index.php
r241 r253 15 15 $_GET : $_POST; 16 16 17 17 include("pdoquery.php"); 18 18 if (isset($param['rss'])) $rss=intval($param['rss']); else $rss='0'; 19 19 if (isset($param['xls'])) $xls=intval($param['xls']); else $xls='0'; … … 24 24 if (isset($param['id_cons_gen'])) $id_cons_gen=intval($param['id_cons_gen']); else 25 25 { 26 $res = mysql_query("SELECT id_cons FROM ".$prefix."_ele_comuni where id_comune='$id_comune' ", $dbi); 27 list($id_cons_pred)=mysql_fetch_row($res); 28 $res = mysql_query("SELECT id_cons_gen FROM ".$prefix."_ele_cons_comune where id_cons='$id_cons_pred' ", $dbi); 29 list($id_cons_gen)=mysql_fetch_row($res); 26 $id_cons_gen=dbpredefinita(); 27 30 28 } 31 29 if (isset($param['op'])) $op=$param['op']; else $op=''; … … 62 60 $ordine=htmlentities($ordine); 63 61 64 $ res = mysql_query("SELECT id_conf FROM ".$prefix."_ele_cons_comune where id_cons_gen='$id_cons_gen' and id_comune='$id_comune'" , $dbi);65 list($hondt) = mysql_fetch_row($res); 66 67 $sql = "SELECT t3.genere,t1.tipo_cons,t1.descrizione,t2.id_cons_gen FROM ".$prefix."_ele_consultazione as t1, ".$prefix."_ele_cons_comune as t2, ".$prefix."_ele_tipo as t3 where t1.tipo_cons=t3.tipo_cons and t2.id_comune=$id_comune and t1.id_cons_gen=t2.id_cons_gen and t2.id_cons_gen='$id_cons_gen' and t2.chiusa!='2' "; 68 $ res = mysql_query("$sql",$dbi);69 $t ot=mysql_num_rows($res);70 if ($tot>0 and $id_cons_gen>0) { 71 $sql = "SELECT t3.genere,t1.tipo_cons,t1.descrizione,t2.id_cons_gen FROM ".$prefix."_ele_consultazione as t1, ".$prefix."_ele_cons_comune as t2, ".$prefix."_ele_tipo as t3 where t1.tipo_cons=t3.tipo_cons and t2.id_comune=$id_comune and t1.id_cons_gen=t2.id_cons_gen and t2.id_cons_gen='$id_cons_gen' and t2.chiusa!='2'";72 }else{ 73 $sql = "SELECT t3.genere,t1.tipo_cons,t1.descrizione,t2.id_cons_gen FROM ".$prefix."_ele_consultazione as t1, ".$prefix."_ele_cons_comune as t2, ".$prefix."_ele_tipo as t3 where t1.tipo_cons=t3.tipo_cons and t2.id_comune=$id_comune and t1.id_cons_gen=t2.id_cons_gen and t2.chiusa!='2' order by t1.data_fine desc limit 0,1 "; 74 } 75 $res = mysql_query("$sql",$dbi); 76 if ($res) list($genere,$tipo_cons,$descr_cons,$id_cons_gen) = mysql_fetch_row($res); 62 $hondt = dbvalorehondt(); 63 64 $res=dbselectcons(); 65 66 $genere=$res['genere']; 67 $tipo_cons=$res['tipo_cons']; 68 $descr_cons=$res['descrizione']; 69 $id_cons_gen=$res['id_cons_gen']; 70 echo "descr:$descr_cons"; 71 72 73 74 ########## 77 75 78 76 if ($tipo_cons!=3) $limite=0; -
trunk/client/modules/Elezioni/language/lang-it.php
r230 r253 272 272 //global $tipo_cons; 273 273 switch ($tipo_cons){ 274 case '': 275 define("_CONSULTAZIONE","Consultazione"); 276 break; 274 277 case 1: 275 278 define("_SCELTA_CIR","Scegli la Circoscrizione"); -
trunk/client/temi/Futura2/config.php
r249 r253 6 6 # devisualizz errori 7 7 ini_set('display_errors','0'); 8 8 if(isset($_POST['rss'])) {$rss=intval($_POST['rss']);} 9 9 # verifica cambiamento colore 10 10 # usata variabile rss gia esistente … … 14 14 elseif($rss==4){$colortheme="d";$_SESSION['colortheme']=$colortheme;} 15 15 elseif($rss==5){$colortheme="e";$_SESSION['colortheme']=$colortheme;} 16 elseif($rss==6){$colortheme="f";$_SESSION['colortheme']=$colortheme;} 16 elseif($rss==6) {$colortheme="f";$_SESSION['colortheme']=$colortheme;} 17 18 $defcolortheme='f'; 19 if (isset($_SESSION['colortheme'])) $colortheme=$_SESSION['colortheme']; else $colortheme=$defcolortheme; 20 #elseif($rss==6){$colortheme="f";$_SESSION['colortheme']=$colortheme;} 21 22 #colori 23 #f=arancio;e=azzurro-grigio;d=verde;c=rosso;b=azzurro;a=grigio 17 24 18 25 # verifica se arriva dalle app iphone e android -
trunk/client/temi/Futura2/index.php
r251 r253 12 12 13 13 # colore tema mobile 14 15 14 16 include("temi/$tema/config.php"); 15 $colortheme=$_SESSION['colortheme']; 16 if($colortheme=='')$colortheme="c";17 18 #if($colortheme=='')$colortheme="c"; 17 19 # descrizione comune 18 20 if(!$id_comune or $id_comune=='') $id_comune=$siteistat; -
trunk/client/versione.php
r252 r253 1 1 <?php 2 2 3 $versione = "2.0 rev 25 2";3 $versione = "2.0 rev 253"; 4 4 $version_number = $versione; 5 $version = "Eleonline $version_number (<i>Data Release: 1 6 aprile 2016</i>)";5 $version = "Eleonline $version_number (<i>Data Release: 15 aprile 2017</i>)"; 6 6 7 7 -
trunk/install/index.php
r230 r253 96 96 <tr> 97 97 <td> 98 - supporto MySQL 99 </td> 100 <td align="left"> 101 <?php echo function_exists( 'mysql_connect' ) ? '<b><font color="green">Disponibile</font></b>' : '<b><font color="red">Non Disponibile</font></b>';?> 98 - supporto PDO MySQL 99 </td> 100 <td align="left"> 101 102 <?php echo (extension_loaded('Pdo_mysql')) ? '<b><font color="green">Disponibile</font></b>' : '<b><font color="red">Non Disponibile</font></b>';?> 102 103 </td> 103 104 </tr> … … 163 164 <?php 164 165 $php_recommended_settings = array( 165 array ('Magic Quotes GPC','magic_quotes_gpc','O N'),166 array ('Magic Quotes GPC','magic_quotes_gpc','OFF'), 166 167 array ('Register Globals','register_globals','OFF'), 167 168 array ('Session auto start','session.auto_start','OFF'), -
trunk/install/install2.php
r248 r253 26 26 $Capoluogo = mosGetParam( $_POST, 'Capoluogo', '' ); 27 27 $Lingua = mosGetParam( $_POST, 'Lingua', '' ); 28 $Multicomune = mosGetParam( $_POST, 'Multicomune', ' ' );28 $Multicomune = mosGetParam( $_POST, 'Multicomune', '0' ); 29 29 $Replica = mosGetParam( $_POST, 'Replica', '' ); 30 30 //tema … … 54 54 db_err ('stepBack','Non avete indicato il prefisso tabelle database.'); 55 55 } 56 57 $database = new database( $DBhostname, $DBuserName, $DBpassword, '', '', false ); 58 $test = $database->getErrorMsg(); 59 60 if (!$database->_resource) { 61 db_err ('stepBack2','password ed username inseriti non sono corretti.'); 62 } 63 64 // Does this code actually do anything??? 65 $configArray['DBhostname'] = $DBhostname; 66 $configArray['DBuserName'] = $DBuserName; 67 $configArray['DBpassword'] = $DBpassword; 68 $configArray['DBname'] = $DBname; 69 $configArray['DBPrefix']= $DBPrefix; 70 71 $sql = "CREATE DATABASE `$DBname`"; 72 $database->setQuery( $sql ); 73 $database->query(); 74 $test = $database->getErrorNum(); 75 76 if ($test != 0 && $test != 1007) { 77 db_err( 'stepBack', 'Avvenuto un errore database: ' . $database->getErrorMsg() ); 78 } 79 80 // db is now new or existing, create the db object connector to do the serious work 81 $database = new database( $DBhostname, $DBuserName, $DBpassword, $DBname, $DBPrefix ); 82 83 // delete existing mos table if exists 84 $query = "SHOW TABLES FROM `$DBname`"; 85 $database->setQuery( $query ); 86 $errors = array(); 87 if ($tables = $database->loadResultArray()) { 88 foreach ($tables as $table) { 89 $query = "DROP TABLE IF EXISTS `$table`"; 90 $database->setQuery( $query ); 91 $database->query(); 92 if ($database->getErrorNum()) { 93 $errors[$database->getQuery()] = $database->getErrorMsg(); 94 } 95 } 96 } 97 98 populate_db( $database, 'eleonline.sql' ); 56 try{ 57 $database = new PDO("mysql:host=$DBhostname;charset=latin1", $DBuserName, $DBpassword, array(PDO::ATTR_EMULATE_PREPARES => false, 58 PDO::ATTR_ERRMODE=>PDO::ERRMODE_EXCEPTION)); 59 $sql = "CREATE DATABASE IF NOT EXISTS $DBname; 60 CREATE USER `$DBuserName`@'$DBhostname' IDENTIFIED BY '$DBpassword'; 61 GRANT ALL ON `$DBname`.* TO `$DBuserName`@'$DBhostname'; 62 FLUSH PRIVILEGES;"; 63 $database->exec($sql); 64 $sql = "use $DBname"; 65 $database->exec($sql); 66 $sql = file_get_contents('sql/eleonline.sql'); 67 $qr = $database->exec($sql); 99 68 $DBcreated = 1; 69 } 70 catch(PDOException $e) 71 { 72 echo $sql . "<br>" . $e->getMessage();die(); 73 } 100 74 } 101 75 -
trunk/install/install3.php
r2 r253 19 19 $nomecomune = mosGetParam( $_POST, 'nomecomune', '' ) ; 20 20 $istat = mosGetParam( $_POST, 'istat', '' ) ; 21 $Capoluogo = mosGetParam( $_POST, 'Capoluogo', ' ' );21 $Capoluogo = mosGetParam( $_POST, 'Capoluogo', '0' ); 22 22 $Lingua = mosGetParam( $_POST, 'Lingua', '' ); 23 $Multicomune = mosGetParam( $_POST, 'Multicomune', ' ' );23 $Multicomune = mosGetParam( $_POST, 'Multicomune', '0' ); 24 24 $Replica = mosGetParam( $_POST, 'Replica', '' ); 25 25 -
trunk/install/install4.php
r17 r253 25 25 $nomecomune = mosGetParam( $_POST, 'nomecomune', '' ) ; 26 26 $istat = mosGetParam( $_POST, 'istat', '' ) ; 27 $Capoluogo = mosGetParam( $_POST, 'Capoluogo', ' ' );27 $Capoluogo = mosGetParam( $_POST, 'Capoluogo', '0' ); 28 28 $Lingua = mosGetParam( $_POST, 'Lingua', '' ); 29 $Multicomune = mosGetParam( $_POST, 'Multicomune', ' ' );29 $Multicomune = mosGetParam( $_POST, 'Multicomune', '0' ); 30 30 $Replica = mosGetParam( $_POST, 'Replica', '' ); 31 31 … … 295 295 296 296 297 298 $database = new database( $DBhostname, $DBuserName, $DBpassword, $DBname ); 299 $nullDate = $database->getNullDate(); 297 $database = new PDO("mysql:host=$DBhostname;charset=latin1", $DBuserName, $DBpassword, array(PDO::ATTR_EMULATE_PREPARES => false, 298 PDO::ATTR_ERRMODE=>PDO::ERRMODE_EXCEPTION)); 299 $sql = "use $DBname"; 300 $database->exec($sql); 300 301 301 302 // create the admin user … … 303 304 //$query = "INSERT INTO {$configArray['DBPrefix']}_authors VALUES ('$adminName', '$adminName', '0', '$adminEmail', '$cryptpass','1','0','0','1','it')"; 304 305 $query = "UPDATE {$configArray['DBPrefix']}_authors SET aid='$adminName', name='$adminName', email='$adminEmail', pwd= '$cryptpass' WHERE aid='suser'"; 305 $database->setQuery( $query ); 306 $database->query(); 306 $database->exec( $query ); 307 307 308 308 // create Comune 309 try{ 310 $query = "INSERT INTO {$configArray['DBPrefix']}_ele_comuni VALUES ('$istat', '$nomecomune', '','','','','$Limite','$Capoluogo','','','0','')"; 311 $database->exec( $query ); 312 } catch(PDOException $e) {} 313 $query = "UPDATE {$configArray['DBPrefix']}_config SET sitename='$sitename', siteurl='$siteUrl', adminmail='$adminEmail', tema='$tema', foot='',language='$Lingua',blocco='$blocco',fileout='$Replica',Versione='3', siteistat='$istat',multicomune='$Multicomune',flash='$flash', tema_on='$sceltatema' WHERE sitename=''"; 309 314 310 $query = "INSERT INTO {$configArray['DBPrefix']}_ele_comuni VALUES ('$istat', '$nomecomune', '','','','','$Limite','$Capoluogo','','','')"; 311 312 $database->setQuery( $query ); 313 $database->query(); 314 315 $query = "UPDATE {$configArray['DBPrefix']}_config SET sitename='$sitename', siteurl='$siteUrl', adminmail='$adminEmail', tema='$tema', foot='',language='$Lingua',blocco='$blocco',fileout='$Replica',Versione='2.0 beta', siteistat='$istat',multicomune='$Multicomune',flash='$flash', tema_on='$sceltatema' WHERE sitename=''"; 316 317 318 $database->setQuery( $query ); 319 $database->query(); 315 $database->exec( $query ); 320 316 321 317 322 318 // touch config table 323 319 $date = date("F Y"); 324 $query = "UPDATE {$configArray['DBPrefix']}_config SET sitename='$sitename', nukeurl='$siteUrl', startdate='$date', adminmail='$adminEmail', backend_title='$sitename', notify_email='$adminEmail'"; 325 $database->setQuery( $query ); 326 $database->query(); 320 $query = "UPDATE {$configArray['DBPrefix']}_config SET sitename='$sitename', siteurl='$siteUrl', startdate='$date', adminmail='$adminEmail'"; 321 $database->exec( $query ); 327 322 328 323 } else { … … 407 402 da quella di amministrazione (admin)<br/> 408 403 od anche l'utenza del database pubblico in sola lettura<br/> 409 e altri accorgimenti che riterrai necessari e<br/>404 e altri accorgimenti che riterrai necessari<br/> 410 405 411 406 -
trunk/install/sql/eleonline.sql
r247 r253 100 100 /*!40000 ALTER TABLE `soraldo_config` DISABLE KEYS */; 101 101 LOCK TABLES `soraldo_config` WRITE; 102 INSERT INTO `soraldo_config` VALUES ('','http://www.fonte-nuova.it','','Sito istituzionale','Maggio 2009','admin@localhost','facebook','<b>Comune di Menfi</b><br>\r\nvia - 84023 Menfi (Ag)\r\nTel: Fax: \r\n<hr>','it','1','','','','Gpl v3',2,0,84023,'1','1',' ','','0','1','1','Admin');102 INSERT INTO `soraldo_config` VALUES ('','http://www.fonte-nuova.it','','Sito istituzionale','Maggio 2009','admin@localhost','facebook','<b>Comune di Menfi</b><br>\r\nvia - 84023 Menfi (Ag)\r\nTel: Fax: \r\n<hr>','it','1','','','','Gpl v3',2,0,84023,'1','1','0','','0','1','1','Admin'); 103 103 UNLOCK TABLES; 104 104 /*!40000 ALTER TABLE `soraldo_config` ENABLE KEYS */; … … 747 747 `id_cons_gen` int(11) NOT NULL default '0', 748 748 `orario` time NOT NULL default '00:00:00', 749 `data` date NOT NULL default '0000-00-00',749 `data` date NOT NULL, 750 750 KEY `id_cons_gen` (`id_cons_gen`) 751 751 ) ENGINE=MyISAM DEFAULT CHARSET=latin1; … … 989 989 `id_parz` int(11) NOT NULL auto_increment, 990 990 `orario` time NOT NULL default '00:00:00', 991 `data` date NOT NULL default '0000-00-00',991 `data` date NOT NULL, 992 992 `voti_uomini` int(7) NOT NULL default '0', 993 993 `voti_donne` int(7) NOT NULL default '0',
Note:
See TracChangeset
for help on using the changeset viewer.