PHP Database::sql Examples

Programming Language: PHP

Class/Type: Database

Method/Function: sql

Examples at hotexamples.com: 30

1. PHP Database SQL using PDO:
Description: PDO (PHP Data Object) is a PHP extension that allows PHP to provide a standard interface for accessing databases. PDO supports various databases and acts as a database abstraction layer, which makes database programming more flexible and portable.

Code Example:

// connect to database using PDO
$dsn = 'mysql:host=localhost;dbname=mydatabase';
$user = 'username';
$pass = 'password';
$pdo = new PDO($dsn, $user, $pass);

// prepare and execute a database query
$stmt = $pdo->prepare('SELECT name, email FROM users WHERE id = :id');
$stmt->bindParam(':id', $id);
$stmt->execute();

// fetch the result set
$result_set = $stmt->fetchAll(PDO::FETCH_ASSOC);

Package Library: PDO is a built-in PHP extension and doesn't require any additional package/library.

2. PHP Database SQL using MySQLi:
Description: MySQLi (MySQL Improved) is an API for accessing MySQL databases from PHP. It extends the functionality provided by the original MySQL API, providing better security, prepared statement support, and additional features.

Code Example:

// connect to database using MySQLi
$mysqli = new mysqli('localhost', 'username', 'password', 'mydatabase');

// prepare and execute a database query
$stmt = $mysqli->prepare('SELECT name, email FROM users WHERE id = ?');
$stmt->bind_param('i', $id);
$stmt->execute();

// fetch the result set
$result_set = $stmt->get_result()->fetch_all(MYSQLI_ASSOC);

Package Library: MySQLi is a built-in PHP extension and doesn't require any additional package/library.

3. PHP Database SQL using Laravel's Eloquent ORM:
Description: Laravel's Eloquent ORM (Object-Relational Mapping) is a database abstraction layer that provides an easy-to-use and expressive syntax for interacting with databases. It's built on top of the PHP PDO library and provides a simple interface for basic CRUD (Create, Read, Update, Delete) operations.

Code Example:

// connect to database using Laravel's Eloquent ORM
use Illuminate\Database\Capsule\Manager as Capsule;
$capsule = new Capsule();
$capsule->addConnection([
'driver' => 'mysql',
'host' => 'localhost',
'database' => 'mydatabase',
'username' => 'username',
'password' => 'password'
]);
$capsule->setAsGlobal();
$capsule->bootEloquent();

// perform database operations using Eloquent ORM
$user = new User;
$user->name = 'John Doe';
$user->email = 'johndoe@example.com';
$user->save();

Package Library: Laravel's Eloquent ORM is part of the Laravel framework and requires the installation of the Laravel package/library.

PHP Database::sql - 30 examples found. These are the top rated real world PHP examples of Database::sql from package testswarm extracted from open source projects. You can rate examples to help us improve the quality of examples.

Frequently Used Methods

Show Hide

query_insert(30)

Instance(30)

pDataConnect(30)

fetch(30)

Insert(30)

get_statistic_table(30)

commit(30)

obtain(30)

insert_id(30)

db(30)

connect(30)

select(30)

num_rows(30)

num_row(30)

close(30)

fetch_row(30)

update(30)

executeQuery(30)

execute(30)

fetchAll(30)

_instance(30)

resultset(30)

fetch_array(30)

sql2single(30)

fetch_object(30)

fetch_assoc(30)

sql2row(30)

sql2array(30)

prepare(30)

instance(30)

sql(30)

fetch_all_array(30)

get_course_table(30)

pexecute_first(30)

GetOne(30)

singleton(30)

pexecute(30)

single(30)

connection(30)

get(30)

getInstance(30)

store_result(30)

query(30)

exec(30)

query_update(30)

tDataConnect(30)

bind(30)

table(30)

getConnection(30)

get_main_table(30)

Database Class Documentation

Example #1

Show file

File: post.php Project: 4otaku/4otaku

    public function delete_unused_urls()
    {
        Database::begin();
        try {
            Database::sql('DELETE FROM post_link WHERE
				post_id NOT IN (SELECT id FROM post)');
            Database::sql('DELETE FROM post_update_link WHERE
				update_id NOT IN (SELECT id FROM post_update)');
            Database::sql('DELETE FROM post_link_url WHERE
				link_id NOT IN (SELECT id FROM post_link)');
            Database::sql('DELETE FROM post_update_link_url WHERE
				link_id NOT IN (SELECT id FROM post_update_link)');
            Database::sql('DELETE FROM post_url WHERE
				id NOT IN (SELECT url_id FROM post_link_url) AND
				id NOT IN (SELECT url_id FROM post_update_link_url)');
            $count = Database::count_affected();
            if ($count > self::MAX_LINK_DELETIONS) {
                Database::rollback();
                throw new Error_Cron('Too many post urls pending for deletion');
            }
            Database::commit();
        } catch (PDOException $e) {
            Database::rollback();
            throw new Error_Cron('Error with database, while deleting post urls');
        }
    }

Example #2

Show file

File: admin.php Project: 4otaku/4otaku

	function edittag() {

		Check::rights();

		if (query::$post['old_alias'] != query::$post['alias']) {
			$params = array(
				'|'.query::$post['old_alias'].'|',
				'|'.query::$post['alias'].'|',
			);

			Database::sql('update post set tag = replace(tag,?,?)', $params);
			Database::sql('update video set tag = replace(tag,?,?)', $params);
			Database::sql('update art set tag = replace(tag,?,?)', $params);
		}

		$variants = array_unique(array_filter(explode(' ',str_replace(',', ' ', query::$post['variants']))));
		if (!empty($variants)) {
			$variants = '|'.implode('|',$variants).'|';
		} else {
			$variants = '|';
		}

		Database::update('tag', array(
			'alias' => query::$post['alias'],
			'name' => query::$post['name'],
			'variants' => $variants,
			'color' => query::$post['color']
		), query::$post['id']);
	}

Example #3

Show file

File: index.php Project: mawilliamson/version-control

function myplugin_activate()
{
    $db = new Database();
    $db->connect();
    // Create Items Table
    $filesTableExists = $db->select("items");
    if (!$filesTableExists) {
        $sql = "CREATE TABLE items (\n\t\t\t\t\tid INT NOT NULL AUTO_INCREMENT PRIMARY KEY,\n\t\t\t\t\tname VARCHAR(200) NOT NULL,\n\t\t\t\t\tuploaded_timestamp timestamp,\n\t\t\t\t\tlast_updated_timestamp timestamp\n\t\t\t\t)";
        $result = $db->sql($sql);
        if ($result) {
            echo "Items Table created.<br>";
        } else {
            echo "Error When Creating Items Table<br>";
        }
    } else {
        echo "Items Table already exists.<br>";
    }
    // Create Files Table
    $filesTableExists = $db->select("files");
    if (!$filesTableExists) {
        //change on uploaded attr
        $sql = "CREATE TABLE files (\n\t\t\t\t\tid INT NOT NULL AUTO_INCREMENT PRIMARY KEY,\n\t\t\t\t\tfileName VARCHAR(300) NOT NULL,\n\t\t\t\t\tname VARCHAR(200) NOT NULL,\n\t\t\t\t\tpath VARCHAR(200) NOT NULL,\n\t\t\t\t\tviews INT NOT NULL,\n\t\t\t\t\tuploadedTimestamp timestamp,\n\t\t\t\t\tlastUpdatedTimestamp timestamp\n\t\t\t\t)";
        $result = $db->sql($sql);
        if ($result) {
            echo "Files Table created.<br>";
        } else {
            echo "Error When Creating Files Table<br>";
        }
    } else {
        echo "Files Table already exists.<br>";
    }
    // Create File Connector Table
    $fileConnectorTableExists = $db->select("file_connector");
    if (!$fileConnectorTableExists) {
        $sql = "CREATE TABLE file_connector (\n\t\t\t\t\tid INT NOT NULL AUTO_INCREMENT PRIMARY KEY,\n\t\t\t\t\tfile_id INT NOT NULL,\n\t\t\t\t\titem_id INT NOT NULL,\n\t\t\t\t\tlabel VARCHAR(50) NOT NULL,\n\t\t\t\t\tfeatured_image INT NOT NULL,\n\t\t\t\t\tdisplay INT NOT NULL\n\n\t\t\t\t)";
        $result = $db->sql($sql);
        if ($result) {
            echo "Category Connector Table created.<br>";
        } else {
            echo "Error When Creating Category Connector Table<br>";
        }
    } else {
        echo "Category Connector Table already exists.<br>";
    }
}

Example #4

Show file

File: db.class.php Project: cobicarmel/agenda

 /**
  *
  * creating new implementation of mysqli, with Database configuration
  *
  * @param string $db_name name of the database
  *
  * @return bool
  */
 static function createSql($db_name)
 {
     self::$sql = new mysqli(DB_HOST, DB_USER, DB_PASS, $db_name);
     if (!self::$sql) {
         return false;
     }
     self::$sql->set_charset('utf8');
     return true;
 }

Example #5

Show file

File: Notificaciones.php Project: acampos1916/corcione_produccion

 public static function get_asignado($usuario)
 {
     //DB Conection
     $db = new Database();
     $db->connect();
     $sql = "SELECT CONCAT_WS(' ', IF(nombre != '', nombre, ''), IF(apellido != '', apellido, '')) AS nombre_completo, email, HEX(uuid_usuario) as uuid_usuario FROM usuarios WHERE uuid_usuario IN('" . $usuario . "')\n\t\t\t\tAND status = 'Activo'";
     $db->sql($sql);
     $results = $db->getResult();
     return array('nombre_completo' => $results[0]['nombre_completo'], 'uuid_usuario' => $results[0]['uuid_usuario']);
 }

Example #6

Show file

File: Students.php Project: M7ammed/Mobile-Judge-App

 public function getByEmail($email)
 {
     $db = new Database();
     $db->sql("select s.id,u.Email,u.FirstName,u.LastName,s.Project,s.Location, case when(select GradesPosted from Settings) = 1 then s.Grade else null end as Grade\nfrom Users as u inner join Students as s on u.StudentId = s.id\nwhere u.Email = '" . $email . "'");
     $res = $db->getResult();
     if (count($res) == 0) {
         return null;
     }
     return $res;
 }

Example #7

Show file

File: extended.class.php Project: fulldump/8

 public static function add(&$data)
 {
     // Fields
     $SessionId = md5(microtime());
     $Ip = Database::escape($_SERVER['REMOTE_ADDR']);
     $UserAgent = Database::escape($_SERVER['HTTP_USER_AGENT']);
     $Created = time();
     $Data = Database::escape(serialize($data));
     $sql = "INSERT INTO `SystemSession` (`id`, `__timestamp__`, `__operation__`, `SessionId`, `Ip`, `UserAgent`, `Created`, `Data`) VALUES (NULL, " . time() . ", 'INSERT', '{$SessionId}', '{$Ip}', '{$UserAgent}', '{$Created}', '{$Data}')";
     // Run query
     $result = Database::sql($sql);
     $id = Database::getInsertId();
     return self::ROW($id);
 }

Example #8

Show file

File: Email.php Project: M7ammed/Mobile-Judge-App

 public function getContact($email)
 {
     $db = new Database();
     $db->sql('select FirstName, LastName, Email from Users where Email = \'' . $email . '\'');
     $res = $db->getResult();
     $total = 0;
     if (array_key_exists('LastName', $res)) {
         $res = array($res);
         $total = count($res);
     } else {
         $res = $email;
     }
     return array('total' => $total, 'data' => $res);
 }

Example #9

Show file

File: back-index.php Project: samdubey/ads2

function profile($req, $res)
{
    try {
        $id = $req->id;
        $data = Database::sql("select * from students where id = {$id}");
    } catch (Exception $e) {
        exit($e->getMessage());
    }
    if (!$data) {
        $res->code(404);
        echo 'Not Found';
    } else {
        $res->header('Content-Type', 'application/json');
        echo json_encode($data);
    }
}

Example #10

Show file

File: PendingGrades.php Project: M7ammed/Mobile-Judge-App

 public function setAccept($judgeId, $studentId, $acceptance)
 {
     $db = new Database();
     $success = $db->update('JudgeStudentGrade', array('Accepted' => $acceptance ? 1 : 0), 'JudgeId = ' . $judgeId . ' and StudentId = ' . $studentId);
     $msg = $db->getResult();
     if (!$success) {
         return array('success' => false, 'msg' => $msg);
     }
     $db->select('JudgeStudentGrade', 'Grade, Accepted', null, 'StudentId = ' . $studentId);
     $res = $db->getResult();
     if (array_key_exists('Grade', $res)) {
         $res = array($res);
     }
     $grade = 0;
     $reviewed = 0;
     $accepted = 0;
     $total = 0;
     foreach ($res as $judge) {
         $total++;
         if (is_null($judge['Accepted'])) {
             continue;
         }
         if (intval($judge['Accepted']) === 1) {
             $accepted++;
             $grade += intval($judge['Grade']);
         }
         $reviewed++;
     }
     if ($total == $reviewed && $accepted > 0) {
         $grade /= $accepted;
         $db->update('Students', array('Grade' => $grade), 'id = ' . $studentId);
         return array('success' => true, 'grade' => $grade);
     } else {
         $db->sql('UPDATE Students SET Grade = NULL WHERE id = ' . $studentId . ';');
         return array('success' => true, 'grade' => null);
     }
 }

Example #11

Show file

File: Reportes.php Project: acampos1916/corcione_produccion

 private static function getUsuarios($user_info)
 {
     //DB Conection
     $db = new Database();
     $db->connect();
     $sql = "SELECT usr.id_usuario, HEX(uuid_usuario) as uuid_usuario, HEX(ucat.uuid_categoria) as uuid_categoria, reporta_rol, reporta_usuario, id_rol, ucat.key\n\t\t\t\tFROM usuarios AS usr\n\t\t\t\tLEFT JOIN usuario_rol as urol ON urol.id_usuario = usr.id_usuario\n\t\t\t\tLEFT JOIN usuarios_categoria as ucat ON ucat.uuid_categoria = usr.uuid_categoria\n\t\t\t\tWHERE reporta_rol = " . $user_info[0]["id_rol"];
     if (!empty($user_info[0]["key"]) && $user_info[0]["key"] != 'admin') {
         $sql .= " AND HEX(ucat.uuid_categoria) = " . $user_info[0]["uuid_categoria"];
     }
     $sql .= " AND reporta_usuario = 0  OR reporta_usuario =  " . $user_info[0]["id_usuario"];
     $db->sql($sql);
     $result = $db->getResult();
     if (!empty($result) && count($result) > 0) {
         foreach ($result as $usuario) {
             array_push(self::$array_helper, $usuario["uuid_usuario"]);
             if (!in_array($usuario["uuid_usuario"], self::$array_helper, true)) {
                 self::getUsuarios(self::$array_helper, $usuario);
             }
         }
     } else {
         array_push(self::$array_helper, $user_info[0]["uuid_usuario"]);
     }
     return self::$array_helper;
 }

Example #12

Show file

File: kelas.php Project: teknomatika/kursus

"<?php 
            }
            ?>
 maxlength="9" required="required" aria-describedby="helpBlock">
						<span id="helpBlock" class="help-block">Format: 2000/2000</span>
					</div>
				</div>

				<div class="form-group">
					<label for="inputProgram" class="col-sm-2 control-label">Program:</label>
					<div class="col-sm-10">
						<select name="program" id="inputProgram" class="form-control" required="required">
							<?php 
            $dp = new Database();
            $dp->connect();
            $dp->sql('select id,nama from program union select id,nama from programs');
            $dp = $dp->getResult();
            foreach ($dp as $dp) {
                ?>
							<option value="<?php 
                echo $dp['id'];
                ?>
" <?php 
                if (isset($_GET['id'])) {
                    echo selek($dp['id'], $d[0]['idprogram']);
                }
                ?>
><?php 
                echo $dp['nama'];
                ?>
</option>

Example #13

Show file

File: port_news.php Project: 4otaku/4otaku

<?php

include '../inc.common.php';
ob_end_clean();
$news = Database::get_full_vector('news');
Database::sql('ALTER TABLE  `news` ADD  `extension` VARCHAR( 16 ) CHARACTER SET utf8 COLLATE utf8_general_ci NOT NULL AFTER  `image`');
foreach ($news as $id => $item) {
    rename(IMAGES . SL . 'full' . SL . $item['image'], IMAGES . SL . 'news' . SL . 'full' . SL . $item['image']);
    rename(IMAGES . SL . 'thumbs' . SL . $item['image'], IMAGES . SL . 'news' . SL . 'thumb' . SL . preg_replace('/\\.[a-z]+$/ui', '.jpg', $item['image']));
    Database::update('news', array('image' => preg_replace('/\\.[a-z]+$/ui', '', $item['image']), 'extension' => preg_replace('/^.*\\./ui', '', $item['image'])), $id);
    Database::update('comment', array('post_id' => $id), 'post_id = ?', $item['url']);
}
Database::sql('ALTER TABLE `news` DROP `url`;');
Database::sql('ALTER TABLE  `news` ADD  `author` TEXT CHARACTER SET utf8 COLLATE utf8_general_ci NOT NULL AFTER  `extension` ,
ADD  `category` TEXT CHARACTER SET utf8 COLLATE utf8_general_ci NOT NULL AFTER  `author`;');
Database::sql('update news set category = \'|website|\' where 1;');
Database::sql('update news set author = \'|nameless|\' where 1;');
Database::sql('update news set pretty_text = \'\' where 1;');
Database::sql('INSERT INTO  `category` (`id` ,`alias` ,`name` ,`area`)VALUES (NULL ,  \'website\',  \'Новости сайта\',  \'|news|\');');
Database::sql('INSERT INTO  `category` (`id` ,`alias` ,`name` ,`area`)VALUES (NULL ,  \'otaku\',  \'Новости индустрии\',  \'|news|\');');

Example #14

Show file

File: auto.class.php Project: fulldump/8

 public function DELETE($physical = true)
 {
     if ($physical) {
         $sql = "DELETE FROM `Comment` WHERE id='" . $this->id . "'";
         unset(self::$data[$this->id]);
     } else {
         $sql = "UPDATE `Comment` SET `__timestamp__` = " . time() . ", `__operation__` = 'DELETE' WHERE `id`='" . $this->id . "'";
     }
     Database::sql($sql);
 }

Example #15

Show file

File: auto.class.php Project: fulldump/8

 public function setTitle($value)
 {
     $this->row['Title'] = $value;
     $value = Database::escape($value);
     $timestamp = time();
     $sql = "UPDATE `Blog` SET `Title`='{$value}',`__timestamp__` = {$timestamp}, `__operation__` = 'UPDATE' WHERE `id`='{$this->id}'";
     Database::sql($sql);
 }

Example #16

Show file

File: auto.class.php Project: fulldump/8

 public function setName($value)
 {
     $this->row['Name'] = $value;
     $value = Database::escape($value);
     $timestamp = time();
     $sql = "UPDATE `GraphicSlideshow` SET `Name`='{$value}',`__timestamp__` = {$timestamp}, `__operation__` = 'UPDATE' WHERE `id`='{$this->id}'";
     Database::sql($sql);
 }

Example #17

Show file

File: auto.class.php Project: fulldump/8

 public function setResult($value)
 {
     $value = str_replace(',', '.', $value);
     $this->row['Result'] = $value;
     $value = Database::escape($value);
     $timestamp = time();
     $sql = "UPDATE `EmailerLog` SET `Result`='{$value}', `__timestamp__` = {$timestamp}, `__operation__` = 'UPDATE'  WHERE `id`='{$this->id}'";
     Database::sql($sql);
 }

Example #18

Show file

File: auto.class.php Project: fulldump/8

 public function setEnabled($value)
 {
     $value = str_replace(',', '.', $value);
     $this->row['Enabled'] = $value;
     $value = Database::escape($value);
     $timestamp = time();
     $sql = "UPDATE `GraphicSlideshowItem` SET `Enabled`='{$value}', `__timestamp__` = {$timestamp}, `__operation__` = 'UPDATE'  WHERE `id`='{$this->id}'";
     Database::sql($sql);
 }

Example #19

Show file

File: auto.class.php Project: fulldump/8

 public function setImage($value)
 {
     if (is_object($value) && $value->getClassName() == 'Image') {
         $id = $value->getId();
         $sql = "UPDATE `DocumentPart` SET `Image`='" . $id . "',\t`__timestamp__` = " . time() . " WHERE `id`='" . $this->id . "'";
         Database::sql($sql);
         $this->row['Image'] = $id;
     } else {
         if ($value === null) {
             $sql = "UPDATE `DocumentPart` SET `Image`='0', `__timestamp__` = " . time() . " WHERE `id`='" . $this->id . "'";
             Database::sql($sql);
             $this->row['Image'] = 0;
         }
     }
 }

Example #20

Show file

File: auto.class.php Project: fulldump/8

 public function setGroups($value)
 {
     $this->row['Groups'] = $value;
     $value = Database::escape($value);
     $timestamp = time();
     $sql = "UPDATE `SystemUser` SET `Groups`='{$value}',`__timestamp__` = {$timestamp}, `__operation__` = 'UPDATE' WHERE `id`='{$this->id}'";
     Database::sql($sql);
 }

Example #21

Show file

File: auto.class.php Project: fulldump/8

 public function setTag($value)
 {
     if (is_object($value) && $value->getClassName() == 'BlogTag') {
         $id = $value->getId();
         $sql = "UPDATE `BlogPostTags` SET `Tag`='" . $id . "',\t`__timestamp__` = " . time() . " WHERE `id`='" . $this->id . "'";
         Database::sql($sql);
         $this->row['Tag'] = $id;
     } else {
         if ($value === null) {
             $sql = "UPDATE `BlogPostTags` SET `Tag`='0', `__timestamp__` = " . time() . " WHERE `id`='" . $this->id . "'";
             Database::sql($sql);
             $this->row['Tag'] = 0;
         }
     }
 }

Example #22

Show file

File: auto.class.php Project: fulldump/8

 public function setImage($value)
 {
     $this->row['Image'] = $value;
     $value = Database::escape($value);
     $timestamp = time();
     $sql = "UPDATE `ImageInstance` SET `Image`='{$value}',`__timestamp__` = {$timestamp}, `__operation__` = 'UPDATE' WHERE `id`='{$this->id}'";
     Database::sql($sql);
 }

Example #23

Show file

File: Settings.php Project: M7ammed/Mobile-Judge-App

 public function reset()
 {
     $db = new Database();
     $db->delete('History', 'Term = (SELECT Term FROM Settings)');
     $db->sql('INSERT INTO History (Term,Email,FirstName,LastName,Grade,Response)
             SELECT x.Term, u.Email, u.FirstName, u.LastName, s.Grade, NULL AS Response
             FROM Students AS s
             LEFT OUTER JOIN Users AS u ON u.StudentId = s.id AND u.StudentId IS NOT NULL
             INNER JOIN Settings AS x
             UNION
             SELECT x.Term, i.Email, COALESCE(u.FirstName,i.FirstName) AS FirstName, COALESCE(u.LastName,i.LastName) AS LastName, NULL AS Grade, i.Response
             FROM JudgeInvitations AS i
             LEFT OUTER JOIN Users u ON u.Email = i.Email AND u.JudgeId IS NOT NULL
             INNER JOIN Settings AS x');
     $db->delete('JudgeStudentGrade', '1=1');
     $db->delete('JudgeStudentConflicts', '1=1');
     $db->delete('Users', 'NOT(StudentId IS NULL AND JudgeId IS NULL) AND Email != "admin"');
     $db->delete('Judges', '1=1');
     $db->delete('JudgeInvitations', '1=1');
     //$db->delete('Questions','1=1');
     $db->delete('Students', '1=1');
     return true;
 }

Example #24

Show file

File: index.php Project: IsiRoca/PHP-CRUD

echo "<br/><br/>";
$db->disconnect();
$db->connect();
// Get all Tables in your Database
echo "Get all Tables in your Database";
echo "<br />------------------<br />";
$db->tables();
$response = $db->getResponse();
for ($x = 0; $x < count($response); $x++) {
    echo $response[$x] . "<br/>";
}
echo "<br/><br/>";
// Get Full Table
echo "Get Full Table";
echo "<br />------------------<br />";
$db->sql('SELECT * FROM users');
$response = $db->getResponse();
foreach ($response as $row) {
    echo $row["username"] . "<br />";
    echo $row["email"] . "<br />";
    echo $row["first_name"] . "<br />";
    echo $row["last_name"] . "<br />";
}
echo "<br/><br/>";
// Get Last ID
echo "Get Last ID";
echo "<br />------------------<br />";
$db->sql('SELECT MAX(id) FROM users');
$response = $db->getResponse();
echo $response[0]["MAX(id)"];
echo "<br/><br/>";

Example #25

Show file

File: auto.class.php Project: fulldump/8

 public function setUser($value)
 {
     if (is_object($value) && $value->getClassName() == 'Users') {
         $id = $value->getId();
         $sql = "UPDATE `Feedback` SET `User`='" . $id . "',\t`__timestamp__` = " . time() . " WHERE `id`='" . $this->id . "'";
         Database::sql($sql);
         $this->row['User'] = $id;
     } else {
         if ($value === null) {
             $sql = "UPDATE `Feedback` SET `User`='0', `__timestamp__` = " . time() . " WHERE `id`='" . $this->id . "'";
             Database::sql($sql);
             $this->row['User'] = 0;
         }
     }
 }

Example #26

Show file

File: index.php Project: juliuxu/JuliCMS

            $user->showLogin("Your login session has been revoked for security reasons<br />Maybe you switched to another wifi?<br />Please login again..");
            die;
        }
    }
}
if (isset($_GET['user']) && $_GET['user'] == "logout") {
    $user->LogoutUser();
    header("location: index.php");
    die;
}
//////////////////////////////////
//Decide stuff here
$admin = new Administrator($db);
//This is the interfase template designers talk to
//Load modules
$result = $db->sql("SELECT foldername,backend FROM " . $db->tb_prefix . "modules");
while ($v = mysql_fetch_array($result, MYSQL_ASSOC)) {
    if ($v['backend'] == "") {
        continue;
    }
    //Possible rfi
    //and defintly a lfi
    //but won't really matter as it would be better to attack from the module file included..
    //although if someone gains write access to db, they could comprimise the whole site.
    $path = "../modules/" . $v['foldername'] . "/" . $v['backend'];
    include $path;
}
mysql_free_result($result);
$text = "";
$error = "";
$success = "";

Example #27

Show file

File: auto.class.php Project: fulldump/8

 public function setNumResponses($value)
 {
     $value = str_replace(',', '.', $value);
     $this->row['NumResponses'] = $value;
     $value = Database::escape($value);
     $timestamp = time();
     $sql = "UPDATE `Forum` SET `NumResponses`='{$value}', `__timestamp__` = {$timestamp}, `__operation__` = 'UPDATE'  WHERE `id`='{$this->id}'";
     Database::sql($sql);
 }

Example #28

Show file

File: Livestats.php Project: M7ammed/Mobile-Judge-App

 public function getApprovedStudent($StudentId)
 {
     $db = new Database();
     $db->sql('select s.id, avg(j.grade) as Grade, u.FirstName, u.LastName
         FROM JudgeStudentGrade as j 
         inner join Users as u on j.StudentId = u.StudentId
         inner join Students as s on s.id = j.StudentId
         where j.Accepted = 1 AND j.StudentId = ' . $StudentId . '
         group by j.StudentId');
     $res = $db->getResult();
     if (array_key_exists('id', $res)) {
         $res = array($res);
     }
     return array('total' => count($res), 'data' => $res);
 }

Example #29

Show file

File: Judges.php Project: M7ammed/Mobile-Judge-App

    public function register($data)
    {
        $db = new Database();
        $db->update('JudgeInvitations', array('Replied' => date('Y-m-d H:i:s'), 'Response' => 1), "id ='" . $data->id . "'");
        $res = $db->getResult();
        if ($res[0] !== 1) {
            return "Invalid invitation link.";
        }
        $db->insert('Judges', array('Title' => $data->Title, 'Affiliation' => $data->Affiliation));
        $res = $db->getResult();
        $id = $res[0];
        foreach ($data->Conflicts as $studentId) {
            $db->insert('JudgeStudentConflicts', array('JudgeId' => $id, 'StudentId' => $studentId));
        }
        $db->select('Settings', 'StudentsPerJudge,Subject,Date,Time,Location');
        $res = $db->getResult();
        $maxStudents = $res['StudentsPerJudge'];
        $db->sql('insert into JudgeStudentGrade (JudgeId, StudentId)
                select ' . $id . ' as JudgeId, s.id as StudentId
                from Students as s
                left outer join JudgeStudentGrade as g on g.StudentId = s.id
                where s.id not in (select StudentId from JudgeStudentConflicts where JudgeId = ' . $id . ')
                group by s.id
                order by count(g.JudgeId), rand()
                limit ' . $maxStudents);
        $db->select('Users', 'Email,FirstName,LastName,StudentId,JudgeId,Roles,DefaultRole', null, "Email ='" . $data->Email . "'");
        $studentUser = $db->getResult();
        if (count($studentUser) > 0) {
            $newRoles = "";
            $defaultRole = "judge";
            if ($studentUser['Roles'] == "admin;student") {
                $newRoles = "admin;judge;student";
            } else {
                if ($studentUser['Roles'] == "student") {
                    $newRoles = "judge;student";
                } else {
                    if ($studentUser['Roles'] == "") {
                        $newRoles = "judge";
                    }
                }
            }
            $success = $db->update('Users', array('Roles' => $newRoles), "Email ='" . $data->Email . "';");
            if (!$success) {
                return "Roles update failed";
            }
            $success = $db->update('Users', array('DefaultRole' => $defaultRole), "Email ='" . $data->Email . "';");
            if (!$success) {
                return "Default update failed";
            }
            $success = $db->sql("UPDATE Users SET Password=password('" . $data->Password . "') WHERE Email ='" . $data->Email . "';");
            // and Password=NULL;");
            if (!$success) {
                return "Password update failed";
            }
            $success = $db->update('Users', array('JudgeId' => ".{$id}."), "Email ='" . $data->Email . "';");
            if (!$success) {
                return "ID update failed";
            }
        } else {
            $db->sql("insert into Users (Email, FirstName, LastName, Password, JudgeId, Roles, DefaultRole) VALUES ('" . $data->Email . "', '" . $data->FirstName . "', '" . $data->LastName . "', password('" . $data->Password . "'), " . $id . ", 'judge', 'judge');");
        }
        $date = date_format(DateTime::createFromFormat('Y-m-d', $res['Date']), "l, F j");
        $sent = mail($data->Email, 'Confirmation: ' . $res['Subject'], '<html>
<body>
    <div style="width: 600px; border: 2px solid #E9EBF6; margin: auto; font-size: 16px; color: #555555;">
        <h1 style="margin: 0; padding: 8px; background-color: #E9EBF6; text-align: center;">
            Dear ' . $data->FirstName . ' ' . $data->LastName . ',
        </h1>
        <div style="overflow: hidden; padding: 8px; padding-top: 0; background-color: #F5F6FB;">
            <p>We are pleased to confirm your participation in the FIU Computer Science Senior Project Event!</p>
			<p>The day of the event will be ' . $date . ' ' . $res['Time'] . ' at ' . $res['Location'] . '.<br /> You will be able to login on this <a href="' . Invites::getRSVPUrl() . '">Web Application</a> with the following credentials:</p>
			<p>Username: '******' <br />Password: '******' <p>
			<p>Keep this information safe for the day of the event.</p>
            <br />
            <p>Sincerely,</p>
            <p>Masoud Sadjadi</p>
        </div>
    </div>
</body>
</html>', "From: Masoud Sadjadi <*****@*****.**>\r\nMIME-Version: 1.0\r\nContent-type: text/html; charset=iso-8859-1\r\n");
        return $sent;
    }

Example #30

Show file

File: index.php Project: juliuxu/JuliCMS

} else {
    if (!function_exists("sqlconfig")) {
        header("Location: install/index.php");
        die;
    }
}
//Check if install folder still is there
//Warn user that it still there..
//Maybe delete it?
require_once "includes/includes.php";
$db = new Database(sqlconfig());
$cms = new JuliCMS($db);
//This is the interfase template designers talk to
//Todo: accesslevels
$accesslevel = 0;
//Everybody
//Load modules
$result = $db->sql("SELECT foldername,frontend FROM " . $db->tb_prefix . "modules");
while ($v = mysql_fetch_array($result, MYSQL_ASSOC)) {
    if ($v['frontend'] == "") {
        continue;
    }
    //Possible rfi
    //and defintly a lfi
    //but won't really matter as it would be better to attack from the module file included..
    //although if someone gains write access to db, they could comprimise the whole site.
    $path = "modules/" . $v['foldername'] . "/" . $v['frontend'];
    include $path;
}
mysql_free_result($result);
require_once $cms->templatepath . "/theme.php";