Example #1
0
 public static function Create($recipe, $picture, $number, $description)
 {
     if (is_a($recipe, 'Recipe') && $recipe->GetId() != null) {
         $recipeid = $recipe->GetId();
         $pictureid = null;
         //if (is_a($picture, 'Picture')) { $pictureid = $picture->GetId(); }
         if ($stmt = Database::GetLink()->prepare('INSERT INTO `Step`(`recipe_id`, `picture_id`, `step_number`, `step_description`) VALUES (?,?,?,?)')) {
             $stmt->bindParam(1, $this->recipeId, PDO::PARAM_STR, 255);
             $stmt->bindParam(2, $this->pictureId, PDO::PARAM_STR, 255);
             $stmt->bindParam(3, $this->number, PDO::PARAM_STR, 255);
             $stmt->bindParam(4, $this->description, PDO::PARAM_STR, 255);
             $stmt->execute();
             $stmt->closeCursor();
         }
     }
 }
Example #2
0
 public function insertUserDB()
 {
     $firstname = $this->userObject->getFname();
     $lastName = $this->userObject->getLname();
     $email = $this->userObject->getEmail();
     $telNo = $this->userObject->getTelNo();
     $userName = $this->userObject->getUserName();
     if ($stmt = Database::GetLink()->prepare('INSERT INTO `User`(`fname`, `lname`, `email`, `telno`, `user_name`) VALUES (?,?,?,?,?)')) {
         $stmt->bindParam(1, $firstname, PDO::PARAM_STR, 255);
         $stmt->bindParam(2, $lastName, PDO::PARAM_STR, 255);
         $stmt->bindParam(3, $email, PDO::PARAM_STR, 255);
         $stmt->bindParam(4, $telNo, PDO::PARAM_STR, 255);
         $stmt->bindParam(5, $userName, PDO::PARAM_STR, 255);
         $stmt->execute();
         $this->userId = Database::GetLink()->lastInsertId();
     }
 }
Example #3
0
 public static function LoadComments($id)
 {
     $comments = array();
     $search = $id . '%%';
     if ($stmt = Database::GetLink()->prepare('SELECT `comment_id`, `user_id`, `comment_path`, `comment_contents`, `sent_at` FROM `Comment` WHERE `comment_path` LIKE ? ORDER BY `comment_path`, `sent_at` ASC;')) {
         $stmt->bindParam(1, $search, PDO::PARAM_STR, 255);
         $stmt->execute();
         $stmt->bindColumn(1, $commentid);
         $stmt->bindColumn(2, $userid);
         $stmt->bindColumn(3, $path);
         $stmt->bindColumn(4, $contents);
         $stmt->bindColumn(5, $timestamp);
         while ($stmt->fetch()) {
             $comment = new Comment($commentid);
             $comment->_user = User::Load($userid);
             $comment->_contents = $contents;
             $comment->_timestamp = $timestamp;
             $GLOBALS['COMMENTS'][$commentid] = $comment;
             if ($path == $id) {
                 $comments[] = $GLOBALS['COMMENTS'][$commentid];
             } else {
                 $parts = explode('>', $path);
                 $lastid = end($parts);
                 if (is_numeric($lastid)) {
                     $lastid = intval($lastid);
                     if (array_key_exists($lastid, $GLOBALS['COMMENTS'])) {
                         $parent = $GLOBALS['COMMENTS'][$lastid];
                         $parent->_comments[] = $comment;
                     }
                 }
             }
         }
         $stmt->closeCursor();
         return $comments;
     }
 }
Example #4
0
 public function insertPicture()
 {
     if ($stmt = Database::GetLink()->prepare('INSERT INTO `Picture`(`pic_path`) VALUES (?)')) {
         $stmt->bindParam(1, $this->imagepath, PDO::PARAM_STR, 255);
         $stmt->execute();
         $stmt->closeCursor();
         $this->pictureId = Database::GetLink()->lastInsertId();
         $errorMsg = $stmt->errorInfo();
         $this->createRecipe();
     }
 }
Example #5
0
 public static function Load($id)
 {
     $result = false;
     if (array_key_exists($id, $GLOBALS['USERS'])) {
         $result = $GLOBALS['USERS'][$id];
     } else {
         if ($stmt = Database::GetLink()->prepare('SELECT `fname`, `lname`, `email`, `telno`, `user_name` FROM `User` WHERE `user_id` = ?')) {
             $stmt->bindParam(1, $id, PDO::PARAM_STR, 255);
             $stmt->execute();
             $rows = $stmt->fetchAll();
             if (sizeof($rows) == 1) {
                 $row = $rows[0];
                 if (sizeof($row) == 10) {
                     $user = new User();
                     $user->userId = $id;
                     $user->firstName = $row[0];
                     $user->lastName = $row[1];
                     $user->email = $row[2];
                     $user->telNo = $row[3];
                     $user->userName = $row[4];
                     $result = $GLOBALS['USERS'][$id] = $user;
                 }
             }
         }
     }
     return $result;
 }
Example #6
0
 /**
  * Log a login attempt to the database (and ban if necessary).
  * @param string $username The username that the client provided (in hashed form, but will be translated if possible).
  * @param string $success Whether the login was successful or not.
  **/
 private static function LogAttempt($username, $success)
 {
     $now = time();
     if ($success) {
         $username = Login::GetUsername();
     } else {
         $id = Login::FetchUserId($username);
         if ($id > 0) {
             $name = Login::FetchUsername($id);
             if ($name != false) {
                 $username = $name;
             }
         }
     }
     if ($stmt = Database::GetLink()->prepare('INSERT INTO LoginAttempt (occurred_at, username_input, successful) VALUES (?, ?, ?);')) {
         $stmt->bindParam(1, $now, PDO::PARAM_INT);
         $stmt->bindParam(2, $username, PDO::PARAM_STR, 255);
         $stmt->bindParam(3, $success, PDO::PARAM_BOOL);
         $stmt->execute();
         $stmt->closeCursor();
     }
     if (!$success) {
         Login::IncrementAttempts();
         $tryleft = 3 - Login::GetAttempts();
         if ($tryleft <= 0) {
             Login::SetError('You have been banned.');
             Login::BanClient();
         } else {
             Login::SetError('Login failed, only ' . $tryleft . ' attempts left.');
         }
     }
 }