public static function update_comment()
{
$sql_query = "UPDATE `comments` SET `comment` = 'This is a Test Mannnnn hehheeh' WHERE `id` = '2'";
$pdo = Database::connect();
$pdo->query($sql_query);
Database::disconnect();
}
function __construct($commitId = NULL)
{
$framework = frameworkDir();
/* Get the directory of the framework */
require_once $framework . '/class/Database.class.php';
$link = new Database();
$link->connect();
/* Connect */
if (!is_null($commitId)) {
/* Get data */
$sql = 'SELECT * FROM commits WHERE commitId = %1 ';
$result = $link->query($sql, $commitId);
$data = mysql_fetch_object($result);
/* Set variables */
$this->_commitId = $commitId;
$this->_repoId = $data->repoId;
$this->_commitVal = $data->commitVal;
$this->_commitMessage = $data->commitMessage;
$this->_commitDateTime = $data->commitDateTime;
$this->_commitAuthor = $data->commitAuthor;
} else {
$this->_commitId = -1;
$this->_repoId = -1;
$this->_commitVal = '';
$this->_commitMessage = '';
$this->_commitDateTime = '';
}
/* Close link */
$link->disconnect();
}
public static function increaseSearchDb()
{
$pdo = Database::connect();
$pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$sql = "UPDATE metricas SET busquedas = busquedas + 1";
$q = $pdo->prepare($sql);
$q->execute();
Database::disconnect();
}
function authenticate($username, $password)
{
require_once 'lib/functions.lib.php';
$framework = frameworkDir();
require_once $framework . '/class/Database.class.php';
$link = new Database();
$link->connect();
$sql = 'SELECT * FROM users WHERE username = %1 AND password = %2 ';
$result = $link->query($sql, $_POST['username'], md5($_POST['password']));
if (mysql_num_rows($result) == 1) {
$data = mysql_fetch_object($result);
$link->disconnect();
return $data;
} else {
$link->disconnect();
return false;
}
}
public function delete($id)
{
$db = new Database();
$db->connect();
$where = 'id=' . $id;
$result = $db->delete(static::$tableName, $where);
$returnValue;
if ($result) {
$returnValue = TRUE;
} else {
$returnValue = FALSE;
}
$db->disconnect();
return $returnValue;
}
public function disconnect()
{
try {
$status = TRUE;
if (is_resource($this->_connection)) {
if ($status = mysql_close($this->_connection)) {
$this->_connection = NULL;
parent::disconnect();
}
}
} catch (Exception $e) {
$status = !is_resource($this->_connection);
}
return $status;
}
public static function read($id)
{
$sql = "SELECT * FROM users WHERE id=:id";
try {
$db = Database::connect();
$stmt = $db->prepare($sql);
$stmt->bindParam(":id", $id);
$stmt->execute();
$user = $stmt->fetchObject();
return $user;
Database::disconnect();
} catch (PDOException $e) {
echo 'Error: ' . $e->getMessage();
}
}
public function showAllUsers()
{
$pdo = Database::connect();
$pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
try {
$statement = $pdo->prepare("SELECT id,username,email,administrator,blocked FROM users");
$statement->execute();
} catch (Exception $e) {
Database::disconnect();
return $e->getMessage();
}
$data = $statement->fetchAll(PDO::FETCH_ASSOC);
Database::disconnect();
echo json_encode($data);
}
public static function readAll()
{
$sql = "SELECT * FROM suscriptor ORDER BY id";
try {
$db = Database::connect();
$stmt = $db->query($sql);
$stmt->setFetchMode(PDO::FETCH_OBJ);
while ($CurrentUser = $stmt->fetch()) {
echo '<p><b> Nombre: </b>' . $CurrentUser->nombre . '<b> Correo: </b>' . $CurrentUser->correo . '</p>';
}
Database::disconnect();
} catch (PDOException $e) {
echo 'Error: ' . $e->getMessage();
}
}
public function updateLoginCounter($ip, $counter)
{
$pdo = Database::connect();
$pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$counter = (int) $counter + 1;
$statement = $pdo->prepare("UPDATE login_attempts SET login_counter=:counter WHERE ip=:ip");
try {
$statement->execute(array("ip" => $ip, "counter" => $counter));
//test
Database::disconnect();
return $counter;
} catch (Exception $e) {
Database::disconnect();
return $e->getMessage();
}
Database::disconnect();
}
public static function create($Username, $Contrasena)
{
$sql = 'INSERT INTO News (Username, Contrasena) VALUES (:Username,:Contrasena)';
try {
$db = Database::connect();
$stmt = $db->prepare($sql);
$stmt->bindParam(':Username', $Username);
$stmt->bindParam(':Contrasena', $Contrasena);
$stmt->execute();
Database::disconnect();
echo "<script>alert(':D'); location.href='index.php'</script>";
return true;
} catch (PDOException $e) {
echo 'Error: ' . $e->getMessage();
return false;
}
}
public static function create($CORREO, $CONTRASENA)
{
$sql = 'INSERT INTO TABLAWEB (CORREO, CONTRASENA) VALUES (:CORREO,:CONTRASENA)';
try {
$db = Database::connect();
$stmt = $db->prepare($sql);
$stmt->bindParam(':CORREO', $CORREO);
$stmt->bindParam(':CONTRASENA', $CONTRASENA);
$stmt->execute();
Database::disconnect();
echo "<script>alert('EL REGISTRO FUE EXITOSO'); location.href='index.php'</script>";
return true;
} catch (PDOException $e) {
echo 'Error: ' . $e->getMessage();
return false;
}
}
function fillindevice()
{
global $lang, $error, $devid, $devtype, $acreg, $accn, $actype, $notrack, $noident, $twig;
$catarray = array(1 => 'Gliders/motoGliders', 2 => 'Planes', 3 => 'Ultralights', 4 => 'Helicoters', 5 => 'Drones/UAV', 6 => 'Others');
$dtypc = array('', '', '');
$dtypc[$devtype] = 'checked';
$aircraft = array();
$dbh = Database::connect();
$result = $dbh->query('SELECT * FROM aircrafts ORDER BY ac_cat,ac_type');
foreach ($result as $row) {
$selected = $row['ac_id'] == $actype ? 'selected' : '';
$aircraft[$row['ac_cat']][] = array('id' => $row['ac_id'], 'type' => $row['ac_type'], 'selected' => $selected);
}
Database::disconnect();
$template_vars = array('aircrafts' => $aircraft, 'lang' => $lang, 'error' => $error, 'dtypc' => $dtypc, 'catarray' => $catarray, 'cnotrack' => $notrack ? 'checked' : '', 'cnoident' => $noident ? 'checked' : '', 'devid' => $devid, 'acreg' => $acreg, 'accn' => $accn);
echo $twig->render('fillindevice.html.twig', $template_vars);
}
public function get_question_details($qid)
{
$result = array();
$db = new Database();
if ($db->connect()) {
if ($db->select('questions', 'q_id,c_id,q_name,q_tag,q_hint,q_points', NULL, 'q_id=' . $qid)) {
$dbResult = $db->getResult();
foreach ($dbResult as $out) {
$q = new question();
$q->set_question_information($out['q_id'], $out['c_id'], $out['q_name'], $out['q_tag'], $out['q_hint'], $out['q_points']);
array_push($result, $q);
}
}
$db->disconnect();
}
return $result;
}
function get_ScreenName($find)
{
$pdo = Database::connect();
$sql = "SELECT * FROM userimagedetails";
$rows = $pdo->query($sql);
global $nameArray;
foreach ($rows as $row) {
$nameArray = array($row['userName']);
}
Database::disconnect();
//get a return
foreach ($nameArray as $name) {
if ($name == $find) {
return $name;
break;
}
}
}
public function update()
{
$db = new Database();
$db->connect();
$where = 'id=' . $this->getId();
$updateInformation = array();
$updateInformation["parent_id"] = $db->escapeString($this->getParentId());
$updateInformation['name'] = $db->escapeString($this->getName());
$updateInformation['description'] = $db->escapeString($this->getDescription());
$result = $db->update(static::$tableName, $updateInformation, $where);
$db->disconnect();
if ($result) {
$this->setId($result);
return $result;
} else {
return false;
}
}
public function disconnect()
{
try {
// Database is assumed disconnected
$status = TRUE;
if ($this->_connection instanceof mysqli) {
if ($status = $this->_connection->close()) {
// Clear the connection
$this->_connection = NULL;
}
}
parent::disconnect();
} catch (Exception $e) {
// Database is probably not disconnected
$status = !$this->_connection instanceof mysqli;
}
return $status;
}
/**
* Returns Array user by username
*/
public function getUserByUsername($username)
{
$pdo = Database::connect();
$pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$sth = $pdo->prepare('SELECT * FROM users WHERE username=:username');
$sth->bindParam(':username', $username);
$sth->execute();
$data = $sth->fetch(PDO::FETCH_ASSOC);
if ($data) {
// print "User $data[username] exists <br>";
Database::disconnect();
return $data;
} else {
Database::disconnect();
// print "given '$username' not a user <br>";
return false;
}
}
public static function register($email)
{
if (!empty($_POST)) {
self::$email = $_POST['signup-email'];
self::$datetime = date('Y-m-d H:i:s');
if (empty(self::$email)) {
$status = "error";
$message = "The email address field must not be blank";
self::$valid = false;
} else {
if (!filter_var(self::$email, FILTER_VALIDATE_EMAIL)) {
$status = "error";
$message = "You must fill the field with a valid email address";
self::$valid = false;
}
}
if (self::$valid) {
$pdo = Database::connect();
$pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$existingSignup = $pdo->prepare("SELECT COUNT(*) FROM signups WHERE signup_email_address='{$email}'");
$existingSignup->execute();
$data_exists = $existingSignup->fetchColumn() > 0 ? true : false;
if (!$data_exists) {
$sql = "INSERT INTO signups (signup_email_address, signup_date) VALUES (:email, :datetime)";
$q = $pdo->prepare($sql);
$q->execute(array(':email' => self::$email, ':datetime' => self::$datetime));
if ($q) {
$status = "success";
$message = "You have been successfully subscribed";
} else {
$status = "error";
$message = "An error occurred, please try again";
}
} else {
$status = "error";
$message = "This email is already subscribed";
}
}
$data = array('status' => $status, 'message' => $message);
echo json_encode($data);
Database::disconnect();
}
}
public function disconnect()
{
try {
// Database is assumed disconnected
$status = TRUE;
if (is_resource($this->_connection)) {
if ($status = $this->_connection->close()) {
// Clear the connection
$this->_connection = NULL;
// Clear the instance
parent::disconnect();
}
}
} catch (Exception $e) {
// Database is probably not disconnected
$status = !is_resource($this->_connection);
}
return $status;
}
public function get_all_categories()
{
$db = new Database();
if (!$db->connect()) {
return array();
}
if (!$db->select('categories', 'c_id,c_name')) {
return array();
}
$result = $db->getResult();
$categories = array();
foreach ($result as $output) {
$c = new category();
$c->set_category($output['c_id'], $output['c_name']);
array_push($categories, $c);
}
$db->disconnect();
return $categories;
}
function login()
{
$data = array("status" => 1, "css" => "alert alert-success", "msg" => "Log-in Successfully", "user" => array());
$userId = trim($_REQUEST['username']);
$password = md5(trim($_REQUEST['password']));
$sql = "SELECT * FROM `user` WHERE `email` ='{$userId}' and `password` ='{$password}'";
$db = new Database();
$db->connect();
$result = $db->execute($sql);
$sql_result = mysqli_fetch_assoc($result);
$db->disconnect();
if (!empty($sql_result)) {
$_SESSION['user_id'] = $sql_result['id'];
$_SESSION['time'] = time();
$data['user'] = $sql_result;
} else {
$data = array("status" => 0, "css" => "alert alert-danger", "msg" => "Log-in Unsuccessfully");
}
return $data;
}
public function delTask($idTask, $idUser)
{
$db = new Database();
$db->connect();
$this->query = mysql_query("DELETE FROM task WHERE idTask = {$idTask} AND idUser = {$idUser}");
$this->total = mysql_affected_rows();
if ($this->total != 0) {
$query = mysql_query("SELECT * FROM attach WHERE idTask = {$idTask} AND idUser = {$idUser}");
$total = mysql_num_rows($query);
if ($total != 0) {
$data = mysql_fetch_array($query);
unlink("attach/" . $data['file']);
mysql_query("DELETE FROM attach WHERE idTask = {$idTask} AND idUser = {$idUser}");
}
header("Location: manager.php?teok");
} else {
header("Location: manager.php?tenok");
}
$db->disconnect();
}
public function showAll()
{
$pdo = Database::connect();
$pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
try {
$statement = $pdo->prepare("SELECT * FROM articles");
$statement->execute();
} catch (Exception $e) {
Database::disconnect();
return $e->getMessage();
}
$articles = $statement->fetchAll(PDO::FETCH_ASSOC);
$transformed = array();
foreach ($articles as $key => $article) {
// Remove html from content
$replaced = strip_tags($article['content']);
$article['content'] = $replaced;
// Add short version of article content
$article['content_short'] = substr($article['content'], 0, 60);
array_push($transformed, $article);
}
Database::disconnect();
return json_encode($transformed);
}
$q->execute(array($description, $featured, $image, $product_id, $id));
Database::disconnect();
header("Location: imageIndex.php");
}
} else {
$pdo = Database::connect();
$pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$sql = "SELECT * FROM image where id = ?";
$q = $pdo->prepare($sql);
$q->execute(array($id));
$data = $q->fetch(PDO::FETCH_ASSOC);
$description = $data['description'];
$featured = $data['featured'];
$image = $data['image'];
$product_id = $data['product_id'];
Database::disconnect();
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<link href="http://maxcdn.bootstrapcdn.com/bootstrap/3.3.5/css/bootstrap.min.css" rel="stylesheet">
<script src="https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js"></script>
</head>
<body>
<div class="container">
<div class="span10 offset1">
function addRandomPassword($username, $randompassword)
{
$database = new Database();
if ($database->connect()) {
$details = array();
$details['PasswordChangeFlag'] = $database->insertRandomPassword($username, $randompassword);
$database->disconnect();
unset($database);
if ($details['PasswordChangeFlag']) {
return TRUE;
} else {
return FALSE;
}
}
}
?>
"><b style="color:#0090c5;">Update paper</b></a><br>
<a href="<?php
echo base_url();
?>
admin/delete_paper.php?id=<?php
echo $paper_id;
?>
"><b style="color:#0090c5;">Delete paper</b></a>
</div>
<?php
}
//end of while
} else {
//no papers are there in this course
echo '<h4 style= "color:grey;padding-left:10px;">No papers are uploaded to this course</h4>';
}
}
//end of while
}
//end of if
?>
</article>
</div>
</div>
</div>
<?php
include 'tfooter.php';
$db->disconnect();
public function disconnect()
{
// Destroy the PDO object
$this->_connection = NULL;
return parent::disconnect();
}
public function removeVideo($pVideoID)
{
$lDB = new Database();
$lDB->connect();
Log::writeLog(1, $_SERVER["SCRIPT_NAME"], "Removing video with ID $pVideoID");
$lStatement = "DELETE FROM Conversions WHERE ID = $pVideoID";
$lDB->delete($lStatement);
$lDB->disconnect();
}
public function editItem($id)
{
//change to items controller
$partController = new PartController();
$partController->editItemForm($id);
$search = isset($_GET['search']) ? $_GET['search'] : "";
//change to tag controller
$db = new Database();
$db->connect();
$db->select("tags", "id,name", null, "name LIKE '%" . $search . "%'");
$results = $db->getResult();
$tagList = [];
foreach ($results as $key => $result) {
$tagList[$key]['value'] = $result['name'];
$tagList[$key]['id'] = $result['id'] . $key;
}
echo "<script>var test = " . json_encode($tagList) . ";</script>";
$db->disconnect();
}
