Example #1
1
 /**
  * Returns a PDOStatement
  *
  * This method will return the same object for equal queries.
  *
  * @param string $sql
  * @return \PDOStatement
  * @throws \PDOException
  */
 public function prepare($sql)
 {
     if (!array_key_exists($sql, $this->statements)) {
         $this->statements[$sql] = $this->pdo->prepare($sql);
     }
     return $this->statements[$sql];
 }
Example #2
1
 /**
  * Prepares a sql statement to be executed
  *
  * @param string|\Cake\Database\Query $query The query to turn into a prepared statement.
  * @return \Cake\Database\StatementInterface
  */
 public function prepare($query)
 {
     $this->connect();
     $isObject = $query instanceof Query;
     $statement = $this->_connection->prepare($isObject ? $query->sql() : $query);
     return new PDOStatement($statement, $this);
 }
Example #3
0
 public static function moveFile($file)
 {
     $dir = 'upload/' . time() . '_';
     $filename = $dir . $file['name'];
     $result = '';
     if (move_uploaded_file($file['tmp_name'], $filename)) {
         try {
             $bdd = new \PDO('mysql:host=localhost;dbname=ecvd_php', 'root', '');
         } catch (Exception $e) {
             die('Erreur : ' . $e->getMessage());
         }
         try {
             $insert_file = $bdd->prepare("INSERT INTO `ecvd_php`.`files` (`id`, `filename`, `path`, `extension`) VALUES ('', ?, ?, ?)");
             $insert_file->execute(array($file['name'], $dir, $file['type']));
             $result = 'Good !';
         } catch (Exception $e) {
             $result = 'Erreur !';
         }
         try {
             $update = $bdd->prepare("UPDATE `users` SET `image_id`= ? WHERE `username` = ?");
             $update->execute(array($bdd->lastInsertId(), $_SESSION['username']));
             $result = 'Good !';
         } catch (Exception $e) {
             $result = 'Erreur !';
             // die("Some error occured while the updating process : ".$e);
         }
     } else {
         $result = 'Erreur !';
     }
     return $result;
 }
 protected function existRow($query)
 {
     $statement = self::$dbh->prepare($query);
     $statement->execute();
     $result = $statement->fetchAll();
     return isset($result[0]['cnt']) && 1 === (int) $result[0]['cnt'];
 }
 public function it_should_be_able_to_delete_an_object(\PDOStatement $pdoStatement)
 {
     $uuid = Uuid::uuid4();
     $this->pdo->prepare(new TypeToken('string'))->willReturn($pdoStatement);
     $pdoStatement->execute(['uuid' => $uuid->getBytes(), 'type' => 'test'])->shouldBeCalled();
     $this->delete('test', $uuid);
 }
Example #6
0
 public function testHydrateAll_行が存在しないとき空配列を返す()
 {
     $hydrator = new Mappa\Hydrator();
     $stmt = $this->conn->prepare("SELECT * FROM books JOIN categories ON categories.id = books.category_id WHERE books.id = ?");
     $stmt->execute([100]);
     $this->assertSame([], $hydrator->hydrateAll($stmt, [Book::class, Category::class]));
 }
Example #7
0
 /**
  * Adds a new version to an application.
  *
  * @param array $info  Hash with the version information. Possible keys:
  *                     - application: (string) The name of the application.
  *                     - version: (string) The version string.
  *                     - state: (string) The version state. One of
  *                              "stable", "dev", "three". By default
  *                              automatically detected from "version.
  *                     - date: (DateTime) The release date. Defaults to
  *                             today.
  *                     - pear: (boolean) A PEAR release? Defaults to true.
  *                     - dir: (string) Optional website directory, if not
  *                            "application".
  *
  * @throws Horde_Exception
  */
 public function addNewVersion(array $info = array())
 {
     if (!isset($info['application']) || !isset($info['version'])) {
         throw new LogicException('Missing parameter');
     }
     $info = array_merge(array('state' => $this->_stateFromVersion($info['version']), 'date' => new DateTime(), 'pear' => true, 'dir' => null), $info);
     if (!in_array($info['state'], array('stable', 'dev', 'three'))) {
         throw new LogicException('Invalid state ' . $info['state']);
     }
     $info['date'] = $info['date']->format('Y-m-d');
     $bind = array();
     foreach ($info as $key => $value) {
         $bind[':' . $key] = $value;
     }
     try {
         $stmt = $this->_db->prepare('SELECT 1 FROM versions WHERE application = :application AND state = :state');
         $stmt->execute(array(':application' => $info['application'], ':state' => $info['state']));
         $stmt = $stmt->fetchColumn() ? $this->_db->prepare('UPDATE versions SET version = :version, date = :date, pear = :pear, dir = :dir WHERE application = :application AND state = :state') : $this->_db->prepare('INSERT INTO versions (application, state, version, date, pear, dir) VALUES (:application, :state, :version, :date, :pear, :dir)');
         if (!$stmt->execute($bind)) {
             $error = $stmt->errorInfo();
             throw new Horde_Exception($error[2], $error[1]);
         }
     } catch (PDOException $e) {
         throw new Horde_Exception($e);
     }
 }
 public function findBySlug($slug)
 {
     $sql = "SELECT * FROM sections WHERE slug = :slug";
     $stmt = $this->db->prepare($sql);
     $stmt->execute(['slug' => $slug]);
     return $stmt->fetch(\PDO::FETCH_ASSOC);
 }
Example #9
0
 /**
  * Queries the Auth table
  */
 public function query($params = array(), $operator = "OR")
 {
     $page = intval(@$params['page']);
     $size = intval(@$params['size']);
     $sort = @$params['sort'];
     unset($params['page']);
     unset($params['size']);
     unset($params['sort']);
     if (!$size) {
         $size = 20;
     }
     $cond = array();
     $bindings = array();
     foreach ($params as $key => $value) {
         $cond[] = sprintf("`%s` %s :where_%s", str_replace('`', '``', $key), is_null($value) ? 'is' : (strpos($value, '%') !== FALSE ? 'LIKE' : '='), $key);
         $bindings[":where_{$key}"] = $value;
     }
     $query = sprintf(self::SELECT_SEARCH, $this->params['table'], empty($cond) ? '1=1' : implode(" {$operator} ", $cond));
     $query .= sprintf(" LIMIT %d, %d", $page * $size, $size);
     $stmt = $this->pdo->prepare($query);
     $stmt->execute($bindings);
     if (!$stmt) {
         $error = $this->pdo->errorInfo();
         throw new \Exception($error[2]);
     }
     $data = $stmt->fetchAll(PDO::FETCH_ASSOC);
     $stmt = $this->pdo->query("SELECT FOUND_ROWS() as count");
     $count = $stmt->fetch(PDO::FETCH_ASSOC);
     if (!$count) {
         throw new \Exception("Error fetching count");
     }
     $count = intval($count['count']);
     return array('_embedded' => array($this->params['table'] => $data), 'page' => array('size' => $size, 'number' => $page, 'totalElements' => $count, 'totalPages' => ceil($count / $size)));
 }
Example #10
0
 /**
  * 	Every method which needs to execute a SQL query uses this method.
  * 	
  * 	1. If not connected, connect to the database.
  * 	2. Prepare Query.
  * 	3. Parameterize Query.
  * 	4. Execute Query.	
  * 	5. On exception : Write Exception into the log + SQL query.
  * 	6. Reset the Parameters.
  */
 private function Init($query, $parameters = "")
 {
     # Connect to database
     if (!$this->bConnected) {
         $this->Connect();
     }
     try {
         # Prepare query
         $this->sQuery = $this->pdo->prepare($query);
         # Add parameters to the parameter array
         $this->bindMore($parameters);
         # Bind parameters
         if (!empty($this->parameters)) {
             foreach ($this->parameters as $param) {
                 $parameters = explode("", $param);
                 $this->sQuery->bindParam($parameters[0], $parameters[1]);
             }
         }
         # Execute SQL
         $this->success = $this->sQuery->execute();
     } catch (\PDOException $e) {
         # Write into log and display Exception
         $this->ExceptionLog($e->getMessage(), $query);
         throw new \Exception($e->getMessage());
     }
     # Reset the parameters
     $this->parameters = array();
 }
Example #11
0
 /**
  * Prepares a statement for execution and returns a statement object
  *
  * @param string $statement
  *          A valid SQL statement for the target database server
  * @param array $driver_options
  *          Array of one or more key=>value pairs to set attribute values for the PDOStatement obj
  *          returned
  * @return PDOStatement
  */
 public function prepare($statement, $driver_options = false)
 {
     if (!$driver_options) {
         $driver_options = array();
     }
     return $this->PDOInstance->prepare($statement, $driver_options);
 }
 public function __construct($dsn)
 {
     $db = new \PDO($dsn);
     $db->query(self::ERZEUGE_TABELLE);
     $this->getDay = $db->prepare(self::LESE_TAG);
     $this->getAlleBis = $db->prepare(self::LESE_ALLE_BIS);
 }
Example #13
0
File: Blog.php Project: n14011/php
 function removeArticle($id)
 {
     $query = "DELETE FROM articles WHERE id = :id";
     $stmt = $this->dbh->prepare($query);
     $stmt->bindParam(":id", $id, PDO::PARAM_INT);
     return $stmt->execute();
 }
/**
 * Migrate CMI Worpress posts to Backdrop CMS blog content type.
 * 0: "ID",
 * 1: "post_author",
 * 2: "post_date",
 * 3: "post_date_gmt",
 * 4: "post_content",
 * 5: "post_title",
 * 6: "post_excerpt",
 * 7: "post_status",
 * 8: "comment_status",
 * 9: "ping_status",
 * 10: "post_password" => NOT USED,
 * 11: "post_name",
 * 12: "to_ping",
 * 13: "pinged",
 * 14: "post_modified",
 * 15: "post_modified_gmt",
 * 16: "post_content_filtered",
 * 17: "post_parent",
 * 18: "guid",
 * 19: "menu_order",
 * 20: "post_type",
 * 21: "post_mime_type",
 * 22: "comment_count"
 */
function run_migrate_posts()
{
    $user = '******';
    $pass = '******';
    $wpdb = new PDO('mysql:host=localhost;dbname=cmi_wp', $user, $pass);
    $bddb = new PDO('mysql:host=localhost;dbname=backdrop_cmi', $user, $pass);
    $sql = $wpdb->prepare("select * from wp_posts where post_type = 'post' and post_content != ''");
    $sql->execute();
    $data = $sql->fetchAll();
    $blog_sql = $bddb->prepare("insert into node (\n   nid,\n   vid,\n   type,\n   langcode,\n   title,\n   uid,\n   status,\n   created,\n   changed,\n   comment,\n   promote,\n   sticky,\n   tnid,\n   translate\n ) values (\n     :nid,\n     :vid,\n     :type,\n     :langcode,\n     :title,\n     :uid,\n     :status,\n     :created,\n     :changed,\n     :comment,\n     :promote,\n     :sticky,\n     :tnid,\n     :translate\n   )");
    $body_query = $bddb->prepare("insert into field_data_body (\n     entity_type,\n     bundle,\n     deleted,\n     entity_id,\n     revision_id,\n     language,\n     delta,\n     body_value,\n     body_summary,\n     body_format\n   ) values (\n     'node',\n     'blog',\n     0,\n     :entity_id,\n     :revision_id,\n     'und',\n     0,\n     :body_value,\n     NULL,\n     'full_html'\n   )");
    //$i = 79;
    foreach ($data as $d) {
        $post_author = $d['post_author'] + 1;
        $post_date = strtotime($d['post_date']);
        $post_changed = strtotime($d['post_modified']);
        $blog_binds = array(':nid' => $d['ID'], ':vid' => $d['ID'], ':type' => 'blog', ':langcode' => 'und', ':title' => $d['post_title'], ':uid' => $post_author, ':status' => 1, ':created' => $post_date, ':changed' => $post_changed, ':comment' => 0, ':promote' => 0, ':sticky' => 0, ':tnid' => 0, ':translate' => 0);
        $blog_sql->execute($blog_binds) or die(print_r($blog_sql->errorInfo(), true));
        print $d['post_author'] + 1 . " " . $post_date . "\n";
        $body_binds = array(':entity_id' => $d['ID'], ':revision_id' => $d['ID'], ':body_value' => $d['post_content']);
        $body_query->execute($body_binds) or die(print_r($body_query->errorInfo(), true));
        //$i++;
    }
    print "CMI wp-posts to Backdrop CMS blog content type complete.\n";
}
Example #15
0
 public function flush()
 {
     foreach ($this->clientes as $cliente) {
         $stmt = $this->pdo->prepare("INSERT INTO clientes_poo(\n                    nome,nome_empresa,tipo_cliente, endereco, nvlImportancia, telefone,\n                    endereco_cobranca,cpf,cnpj,filiacao)\n                    VALUES(:nome, :nomeEmpresa,:tipoCliente,:endereco, :nvlImportancia, :telefone,:enderecoCobranca, :cpf, :cnpj,:filiacao)");
         $stmt->bindValue(":tipoCliente", $cliente->getTipoCliente());
         $stmt->bindValue(":endereco", $cliente->getEndereco());
         $stmt->bindValue(":nvlImportancia", $cliente->getNvlImportancia());
         $stmt->bindValue(":telefone", $cliente->getTelefone());
         if ($cliente->getEnderecoCobranca()) {
             $stmt->bindValue(":enderecoCobranca", $cliente->getEnderecoCobranca());
         } else {
             $stmt->bindValue(":enderecoCobranca", null);
         }
         if ($cliente instanceof ClientePessoaFisica) {
             $stmt->bindValue(":cpf", $cliente->getCpf());
             $stmt->bindValue(":cnpj", null);
             $stmt->bindValue(":nome", $cliente->getNome());
             $stmt->bindValue(":nomeEmpresa", null);
             $stmt->bindValue(":filiacao", $cliente->getFiliacao());
         } else {
             $stmt->bindValue(":cnpj", $cliente->getCnpj());
             $stmt->bindValue(":cpf", null);
             $stmt->bindValue(":nomeEmpresa", $cliente->getNomeEmpresa());
             $stmt->bindValue(":nome", null);
             $stmt->bindValue(":filiacao", null);
         }
         $stmt->execute();
     }
 }
Example #16
0
 public function push($url, $deep)
 {
     $query = $this->db->prepare('INSERT OR IGNORE INTO queue (url, deep) VALUES (:url, :deep)');
     $query->bindValue(':url', $url);
     $query->bindValue(':deep', $deep);
     $query->execute();
 }
Example #17
0
/** \brief Updates database ticket with stored image url
* \param picture_url Part of URL to the image
* \param upload_dir Directory in which the images are stored
* \param interaction_id Ticket identifier for updated image
* \returns Successful database update or unsuccessful
*/
function updatePicture($picture_url, $upload_dir, $interaction_id)
{
    try {
        require "/var/database_config.php";
        $pdo = new PDO('mysql:host=' . $db_config['host'] . ';dbname=' . $db_config['dbname'], $db_config['username'], $db_config['password']);
        $sql_str = "SELECT image from tickets WHERE interaction_id = ?";
        $statement = $pdo->prepare($sql_str);
        $statement->execute(array($interaction_id));
        $picture = $statement->fetch(PDO::FETCH_ASSOC);
        if ($picture['image'] !== NULL) {
            $temp = explode("/", $picture['image']);
            $file = end($temp);
            $picture_path = $upload_dir . $file;
            if (file_exists($picture_path)) {
                if (unlink($picture_path)) {
                    //return array('status' => 'File deleted');
                }
            }
        }
        $sql_str = "UPDATE tickets SET image = ? WHERE interaction_id = ?";
        $statement = $pdo->prepare($sql_str);
        $statement->execute(array($picture_url, $interaction_id));
        $logs = array();
        $logs[] = "Image added to ticket.";
        require "../log.php";
        writeLog($interaction_id, $logs);
        return array('status' => 'Successful image update');
    } catch (PDOException $e) {
        return array('error' => 'Error updating the image in the database');
    }
}
 /**
  * Validates a username and password
  *
  * This method should return true or false depending on if login
  * succeeded.
  *
  * @param string $username
  * @param string $password
  * @return bool
  */
 function validateUserPass($username, $password)
 {
     $stmt = $this->pdo->prepare('SELECT ' . $this->passwordField . ' FROM ' . $this->tableName . ' WHERE ' . $this->usernameField . ' = ?');
     $stmt->execute([$username]);
     $hash = $stmt->fetchColumn();
     return password_verify($password, $hash) ?: null;
 }
Example #19
0
function formthrottle_too_many_submissions($ip)
{
    $tooManySubmissions = false;
    try {
        if (in_array("sqlite", PDO::getAvailableDrivers(), TRUE)) {
            $db = new PDO('sqlite:muse-throttle-db.sqlite3');
        } else {
            if (function_exists("sqlite_open")) {
                $db = new PDO('sqlite2:muse-throttle-db');
            }
        }
    } catch (PDOException $Exception) {
        return $tooManySubmissions;
    }
    if ($db) {
        $res = $db->query("SELECT 1 FROM sqlite_master WHERE type='table' AND name='Submission_History';");
        if (!$res or $res->fetchColumn() == 0) {
            $db->exec("CREATE TABLE Submission_History (IP VARCHAR(39), Submission_Date TIMESTAMP)");
        }
        $db->exec("DELETE FROM Submission_History WHERE Submission_Date < DATETIME('now','-2 hours')");
        $stmt = $db->prepare("INSERT INTO Submission_History (IP,Submission_Date) VALUES (:ip, DATETIME('now'))");
        $stmt->bindParam(':ip', $ip);
        $stmt->execute();
        $stmt->closeCursor();
        $stmt = $db->prepare("SELECT COUNT(1) FROM Submission_History WHERE IP = :ip;");
        $stmt->bindParam(':ip', $ip);
        $stmt->execute();
        if ($stmt->fetchColumn() > 25) {
            $tooManySubmissions = true;
        }
        // Close file db connection
        $db = null;
    }
    return $tooManySubmissions;
}
Example #20
0
 public function __construct()
 {
     parent::__construct();
     $pdo = new PDO('sqlite::memory:');
     $artists = [['name' => 'The Smashing Pumpkins', 'albums' => [['name' => 'Siamese Dream', 'year' => 1993, 'songs' => ['Hummer', 'Disarm', 'Soma', 'Mayonaise']], ['name' => 'Pisces Iscariot', 'year' => 1994, 'songs' => ['Plume', 'Whir', 'Landslide']]]], ['name' => 'Placebo', 'albums' => [['name' => 'Without You I\'m Nothing', 'year' => 1998, 'songs' => ['Pure Morning', 'Brick Shithouse', 'You Don\'t Care About Us', 'Allergic (to Thoughts of Mother Earth)', 'Every You Every Me']], ['name' => 'Black Market Music', 'year' => 2000, 'songs' => ['Taste in Men', 'Special K', 'Spice & Malice', 'Black-Eyed', 'Peeping Tom']], ['name' => 'Sleeping With Ghosts', 'year' => 2002, 'songs' => ['English Summer Rain', 'This Picture', 'Special Needs', 'Second Sight', 'Centrefolds']]]], ['name' => 'The Who', 'albums' => [['name' => 'Who\'s Next', 'year' => 1971, 'songs' => ['Baba O\'Riley', 'My Wife', 'Going Mobile', 'Behind Blue Eyes']]]]];
     $pdo->setAttribute(\PDO::ATTR_ERRMODE, \PDO::ERRMODE_EXCEPTION);
     $pdo->exec("CREATE TABLE artists (id INTEGER PRIMARY KEY, name TEXT)");
     $pdo->exec("CREATE TABLE albums  (id INTEGER PRIMARY KEY, name TEXT, year INTEGER, artist_id INTEGER)");
     $pdo->exec("CREATE TABLE songs   (id INTEGER PRIMARY KEY, name TEXT, track_number INTEGER, album_id INTEGER)");
     $insert_artist = $pdo->prepare("INSERT INTO artists (name) VALUES (?)");
     $insert_album = $pdo->prepare("INSERT INTO albums (name, year, artist_id) VALUES (?, ?, ?)");
     $insert_song = $pdo->prepare("INSERT INTO songs (name, track_number, album_id) VALUES (?, ?, ?)");
     $pdo->beginTransaction();
     foreach ($artists as $artist) {
         $insert_artist->execute([$artist['name']]);
         $artist_id = $pdo->lastInsertId();
         foreach ($artist['albums'] as $album) {
             $insert_album->execute([$album['name'], $album['year'], $artist_id]);
             $album_id = $pdo->lastInsertId();
             foreach ($album['songs'] as $track_number => $song) {
                 $insert_song->execute([$song, $track_number + 1, $album_id]);
             }
         }
     }
     $this->pdo = $pdo;
 }
Example #21
0
 public static function leavePlanet(\PDO $pdo_db, int $ship_id)
 {
     $sql = "SELECT * FROM ::prefix::planets WHERE owner=:owner";
     $stmt = $pdo_db->prepare($sql);
     $stmt->bindParam(':owner', $ship_id);
     $stmt->execute();
     $planets_owned = $stmt->fetchAll(\PDO::FETCH_ASSOC);
     if ($planets_owned !== null) {
         foreach ($planets_owned as $tmp_planet) {
             $sql = "SELECT * FROM ::prefix::ships WHERE on_planet='Y' AND planet_id = :planet_id AND ship_id <> :ship_id";
             $stmt = $pdo_db->prepare($sql);
             $stmt->bindParam(':planet_id', $tmp_planet['planet_id']);
             $stmt->bindParam(':ship_id', $ship_id);
             $stmt->execute();
             $ships_on_planet = $stmt->fetchAll(\PDO::FETCH_ASSOC);
             if ($ships_on_planet !== null) {
                 foreach ($ships_on_planet as $tmp_ship) {
                     $sql = "UPDATE ::prefix::ships SET on_planet='N', planet_id = '0' WHERE ship_id = :ship_id";
                     $stmt = $pdo_db->prepare($sql);
                     $stmt->bindParam(':ship_id', $tmp_ship['ship_id']);
                     $stmt->execute();
                     PlayerLog::WriteLog($pdo_db, $tmp_ship['ship_id'], LOG_PLANET_EJECT, $tmp_ship['sector'] . '|' . $tmp_ship['character_name']);
                 }
             }
         }
     }
 }
Example #22
0
 /**
  * @param PDO $link
  * @param string $user
  * @param string $field1
  * @param string $field2
  * @param string $lang
  * @param string $group
  * @param string $id1
  * @param string $id2
  * @param string $word
  * @param int $type
  */
 function update($link, $user, $field1, $field2, $lang, $group, $id1, $id2, $word, $type)
 {
     $sql = "SELECT associd FROM `associations` WHERE id1 = :id1 AND id2 = :id2 AND word = :word AND user = :user AND assigned_group = :group AND lang = :lang AND type = :type";
     $stmt = $link->prepare($sql);
     $stmt->bindValue(':id1', $id1, PDO::PARAM_STR);
     $stmt->bindValue(':id2', $id2, PDO::PARAM_STR);
     $stmt->bindValue(':word', $word, PDO::PARAM_STR);
     $stmt->bindValue(':type', $type, PDO::PARAM_INT);
     $stmt->bindValue(':user', $user, PDO::PARAM_STR);
     $stmt->bindValue(':group', $group, PDO::PARAM_STR);
     $stmt->bindValue(':lang', $lang, PDO::PARAM_STR);
     if ($stmt->execute() === false) {
         error_log(var_export($link->errorInfo(), true));
         die("Error performing database operation.");
     }
     if ($row = $stmt->fetch(PDO::FETCH_ASSOC)) {
         $sql = "INSERT INTO `evaluations` ( associd , evaluator , vote , popvote ) values ( :associd , :user , :vote , :popvote )";
         $stmt = $link->prepare($sql);
         $stmt->bindValue(':associd', $row['associd'], PDO::PARAM_STR);
         $stmt->bindValue(':user', $_SESSION['user_array']['user'], PDO::PARAM_STR);
         $stmt->bindValue(':vote', $field1 === 'upvotes' ? 2 : ($field1 === 'neutralvotes' ? 1 : 0), PDO::PARAM_INT);
         $stmt->bindValue(':popvote', $field2 === 'popupvotes' ? 2 : ($field2 === 'popneutralvotes' ? 1 : 0), PDO::PARAM_INT);
         if ($stmt->execute() === false) {
             error_log(var_export($link->errorInfo(), true));
             die("Error performing database operation.");
         }
     }
 }
Example #23
0
function insert_sql($table, $url, $contents)
{
    try {
        $dbh = new PDO('sqlite:test.db', '', '');
        //PDOクラスのオブジェクト作成
        //データベースに格納する
        $sql = 'insert into ' . $table . '(url,contents) values (?,?)';
        //SQL文
        $sth = $dbh->prepare($sql);
        //prepareメソッドでSQL準備
        $sth->execute(array($url, $contents));
        //準備したSQL文の実行
        //データベースを検索し情報を抽出
        $q = "'%t%'";
        $sql = "select * from {$table} where contents like {$q}";
        $sth = $dbh->prepare($sql);
        $sth->execute();
        while ($row = $sth->fetch()) {
            //echo $row['url'].$row['contents']."<br>";
        }
    } catch (PDOException $e) {
        print "エラー!: " . $e->getMessage() . "<br/>";
        die;
    }
}
 /**
  * @param $sql
  * @param array $params
  * @param array $pdoOptions
  * @return \Framework\DB\SimpleDB
  */
 public function prepare($sql, $params = array(), $pdoOptions = [])
 {
     $this->_statement = $this->_db->prepare($sql, $pdoOptions);
     $this->_params = $params;
     $this->_sql = $sql;
     return $this;
 }
Example #25
0
 public function getById($id)
 {
     if (is_int($id)) {
         $siglatempo = null;
         $stm = $this->pdo->prepare('SELECT
                 id,
                 sigla,
                 descricao
             FROM
                 siglatempo
             WHERE
                 id = :id;');
         $stm->setFetchMode(PDO::FETCH_CLASS, 'PrevisaoTempo\\DataAccess\\Entity\\SiglaTempo');
         $stm->bindValue(':id', $id, PDO::PARAM_INT);
         if ($stm->execute()) {
             $siglatempo = $stm->fetch();
             $stm->closeCursor();
         }
         if (!$siglatempo instanceof SiglaTempo) {
             throw new \RuntimeException('Falha ao recuparar siglatempo');
         }
         return $siglatempo;
     }
     throw new \InvalidArgumentException(print_r($id, true) . ' e um valor invalido');
 }
 public function prepare($sql, $params = [], $pdoOptions = [])
 {
     $this->stmt = $this->db->prepare($sql, $pdoOptions);
     $this->params = $params;
     $this->sql = $sql;
     return $this;
 }
Example #27
0
        function authenticate($username, $password) {
    
             $db = new PDO('mysql:dbname=dwa;host=localhost;charset=utf8', 'dbuser', '123');
                $db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
            try {
               
                $stmt = $db->prepare("SELECT zaporka FROM korisnik WHERE korIme = :username");
                $stmt->bindParam(':username', $username);
                $stmt->execute();

                $result = $stmt->fetch(PDO::FETCH_ASSOC);

                $hash = $result['zaporka'];

                if(!password_verify($password, $hash)) {    
            
                    return false;
                }

                $stmt = $db->prepare("SELECT id, korIme, ime FROM korisnik WHERE korIme = :username");
                $stmt->bindParam(':username', $username);
                $stmt->execute();

                $user = $stmt->fetch();

                $_SESSION['user'] = $user['korIme'];
                return true;

            } catch(PDOException $ex) {
                echo "Nes ne valja: ".$ex->getMessage();
                return false;
            }
    }
Example #28
0
 public static function destroy(\PDO $pdo_db, int $sector, $num_fighters)
 {
     $sql = "SELECT * FROM ::prefix::sector_defense WHERE sector_id=:sector_id AND defense_type ='F' ORDER BY quantity ASC";
     $stmt = $pdo_db->prepare($sql);
     $stmt->bindParam(':sector_id', $sector);
     $stmt->execute();
     $defense_present = $stmt->fetch(\PDO::FETCH_ASSOC);
     if ($defense_present !== null && $num_fighters > 0) {
         foreach ($defense_present as $tmp_defense) {
             if ($tmp_defense['quantity'] > $num_fighters) {
                 $sql = "UPDATE ::prefix::sector_defense SET quantity = :quantity - ? WHERE defense_id = :defense_id";
                 $stmt = $pdo_db->prepare($sql);
                 $stmt->bindParam(':quantity', $tmp_defense['quantity']);
                 $stmt->bindParam(':defense_id', $tmp_defense['defense_id']);
                 $stmt->execute();
                 $num_fighters = 0;
             } else {
                 $sql = "DELETE FROM ::prefix::sector_defense WHERE defense_id = :defense_id";
                 $stmt = $pdo_db->prepare($sql);
                 $stmt->bindParam(':defense_id', $tmp_defense['defense_id']);
                 $stmt->execute();
                 $num_fighters -= $tmp_defense['quantity'];
             }
         }
     }
 }
Example #29
0
function getUserData($username)
{
    try {
        $userarray = array();
        #echo "username: $username<br/>";
        $db = new PDO('mysql:dbname=michaeq6_mheartsj', 'michaeq6_mj', 'mj060708');
        $db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
        $stmt = $db->prepare("SELECT group_id FROM users WHERE name=?");
        $stmt->bindParam(1, $username);
        $completed = $stmt->execute();
        $array = $stmt->fetch(PDO::FETCH_BOTH);
        #echo "group id: " . $array['group_id'] . "<br/>";
        $userarray['gid'] = $array['group_id'];
        $stmt = $db->prepare("SELECT password FROM groups WHERE id=?");
        $stmt->bindParam(1, $array['group_id']);
        $completed = $stmt->execute();
        $array = $stmt->fetch(PDO::FETCH_BOTH);
        #echo "password: "******"<br/>";
        $userarray['password'] = $array['password'];
        #return $array['password'];
        return $userarray;
    } catch (PDOException $e) {
        echo $e->getMessage();
    }
    return false;
}
Example #30
0
 /**
  * 	Every method which needs to execute a SQL query uses this method.
  * 	
  * 	1. If not connected, connect to the database.
  * 	2. Prepare Query.
  * 	3. Parameterize Query.
  * 	4. Execute Query.	
  * 	5. On exception : Write Exception into the log + SQL query.
  * 	6. Reset the Parameters.
  */
 private function Init($query, $parameters = "")
 {
     # Connect to database
     if (!$this->bConnected) {
         $this->Connect();
     }
     try {
         # Prepare query
         $this->sQuery = $this->pdo->prepare($query);
         # Add parameters to the parameter array
         $this->bindMore($parameters);
         // Lista de parametros que podem ser recuperados no log
         $logParamsList = array();
         # Bind parameters
         if (!empty($this->parameters)) {
             foreach ($this->parameters as $param) {
                 $parameters = explode("", $param);
                 $this->sQuery->bindParam($parameters[0], $parameters[1]);
                 // Guarda parametros para exibir no log.
                 $logParamsList[$parameters[0]] = $parameters[1];
             }
         }
         // Adiciona aos logs
         $this->queryLogs[(string) ++$this->i . ' - ' . mctime()] = array('query' => is_object($query) ? $query->__toString() : $query, 'params' => $logParamsList);
         # Execute SQL
         $this->success = $this->sQuery->execute();
     } catch (\PDOException $e) {
         # Write into log and display Exception
         $this->ExceptionLog($e->getMessage(), $query);
         throw new \Exception($e->getMessage());
     }
     # Reset the parameters
     $this->parameters = array();
 }