function makeContent($user, $password)
{
if (isset($_GET['dbConnect'])) {
createFormular($GLOBALS['formularAction']);
dbConnect($user, $password);
} elseif (isset($_GET['dbShowAll'])) {
createFormular($GLOBALS['formularAction']);
listCompany($user, $password);
} elseif (isset($_GET['logout'])) {
createFormular($GLOBALS['formularAction']);
session_start();
unset($_SESSION);
session_destroy();
session_write_close();
header('Location: http://localhost/');
die;
} elseif (isset($_GET['dbAdd'])) {
createFormular($GLOBALS['formularAction']);
createDBAddFormular($GLOBALS['formularAction']);
} elseif (isset($_GET['dbTryAdd'])) {
createFormular($GLOBALS['formularAction']);
createDBAddFormular($GLOBALS['formularAction']);
addCompany($user, $password);
} elseif (isset($_GET['dbDel'])) {
createFormular($GLOBALS['formularAction']);
createDBDelFormular($GLOBALS['formularAction']);
} elseif (isset($_GET['dbTryDel'])) {
createFormular($GLOBALS['formularAction']);
createDBDelFormular($GLOBALS['formularAction']);
delCompany($user, $password);
} else {
createFormular($GLOBALS['formularAction']);
}
}
echo json_encode($ret);
}
////////////////////////// MAIN ///////////////////////////////////////
if (!isset($_POST["op"])) {
die("operation not specified");
}
$op = $_POST["op"];
// API handlers........................................................
if ($op == "login") {
handleLogin();
}
if ($op == "register") {
handleRegister();
}
if ($op == "addcompany") {
addCompany();
}
// driver apis
if ($op == "get_drivers") {
handleGetDrivers();
}
if ($op == "driver_login") {
handleDriverLogin();
}
if ($op == "add_driver_location") {
addDriverLocation();
}
if ($op == "get_driver_locations") {
getDriverLocations();
}
if ($op == "get_max_driver_location") {
$opening_hours = $_POST['ophours'];
$closing_hours = $_POST['clhours'];
$room = $_POST['roomnum'];
$max_cap = $_POST['maxcap'];
// start session which may be needed later
// start it now because it must go before headers
session_start();
// get database handle
$db = db_connect();
try {
// check forms filled in
if (!filled_out($_POST)) {
throw new Exception('You have not filled the form out correctly. Please go back and try again.');
}
// attempt to register
// this function can also throw an exception
addCompany($db, $company, $date);
addBranch($db, $company, $branch, $type, $opening_hours, $closing_hours, $longitude, $latitude);
addRoom($db, $company, $branch, $room, $max_cap);
// send to the main page
$url = 'index.php?page=addsuccess';
// clean buffer
ob_end_clean();
// go to the header
header("Location: {$url}");
exit;
} catch (Exception $e) {
// print error
echo $e->getMessage();
exit;
}
<select class="styledDrop" name="compDrop" id="compDrop">
<?php
$query = "SELECT company FROM campaign";
$result = mysql_query($query) or die(mysql_error());
while ($row = mysql_fetch_assoc($result)) {
echo '<option value="' . $row['company'] . '">' . $row['company'] . '</option>';
}
?>
</select>
<input name="submitDrop" class="styledCompList" type="submit" id="submitted" value="Select Company" />
</form>
<?php
if (isset($_POST["submitComp"]) != '') {
addCompany($_POST["compname"]);
}
if (isset($_POST["submitDrop"]) != '') {
displayLinkForm($_POST["compDrop"]);
displayCompany($_POST["compDrop"]);
}
if (isset($_POST["submitLink"]) != '') {
addLink();
displayLinkForm($_POST["compName"]);
displayCompany($_POST["compName"]);
}
function addCompany($name)
{
$query = "INSERT INTO campaign (company) VALUES ('{$name}')";
$result = mysql_query($query) or die(mysql_error());
}
function updatePosting($user)
{
$title = $_POST["title"];
$url = urldecode($_POST["url"]);
$companyName = $_POST["company"];
$locationName = $_POST["location"];
# string value needs to be converted to int
$source = $_POST["source"];
$id = $_POST["sid"];
// if location doesn't exist in locations table yet, add it
if (locationExists($locationName) != true) {
addLocation($locationName);
}
$locationId = getLocationId($locationName);
// if location doesn't exist yet for user, add it
if (companyIdExists($companyName) != true) {
addCompany($companyName);
}
$companyId = getCompanyId($companyName);
$query = "update postings ";
$query .= "set title=\"{$title}\", ";
$query .= "source=\"{$source}\", ";
$query .= "location={$locationId}, ";
$query .= "company={$companyId}, ";
$query .= "url=\"{$url}\" ";
$query .= "where id = {$id} ";
//echo $query;
if (booleanReturn($query)) {
echo json_encode(true);
} else {
echo "failed to add posting";
}
}
function controller_insertCompany()
{
view_insertCompany();
if (!empty($_POST['nameCompany'])) {
//проверка нет ли уже такой компании
$nameCompany = $_POST['nameCompany'];
$res = mysqli_query(connect(), "SELECT id FROM companies WHERE name = '{$nameCompany}'");
$row = mysqli_fetch_row($res);
$count = $row[0];
close_bd();
if (!preg_match("/^[a-zA-Z0-9]+\$/", $_POST['nameCompany'])) {
echo "Название может состоять только из букв английского алфавита и цифр";
} elseif (strlen($_POST['nameCompany']) < 3 or strlen($_POST['nameCompany']) > 30) {
echo "Название должно быть не меньше 3-х символов и не больше 30";
} elseif (!empty($count)) {
echo "Компания с таким названием уже существует, придумайте другое";
} else {
addCompany();
}
}
}
if ($_GET['apikey'] != $Api_Key) {
$jsondata = array("status" => 0, "msg" => "Unauthorised Access. Invalid Signature");
publishOutput($jsondata);
return;
}
} else {
$jsondata = array("status" => 0, "msg" => "Unauthorised Access. Invalid Signature");
publishOutput($jsondata);
return;
}
if ($_SERVER['REQUEST_METHOD'] == "GET" && !empty($_GET['method'])) {
$request_parts = explode('/', $_GET['method']);
$method = $request_parts[1];
switch ($method) {
case "addCompany":
$jsondata = addCompany();
break;
case "getCompany":
$jsondata = getCompany();
break;
case "editCompany":
$jsondata = editCompany();
break;
case "updateCompany":
$jsondata = updateCompany();
break;
case "deleteCompany":
$jsondata = deleteCompany();
break;
}
publishOutput($jsondata);
function handleProject($project, $company_id, $division_id)
{
global $mysqli;
$query = "INSERT INTO project (project_name, project_company, project_division) VALUES ('" . $project['name'] . "', '{$company_id}', '{$division_id}')";
$mysqli->query($query);
$project_id = $mysqli->insert_id;
//echo "Project ID:".$project_id." ".$query."\n";
foreach ($project->PARTNER as $partner) {
$company_id = addCompany($partner['name']);
$query = "INSERT INTO projectpartner (projectpartner_company, projectpartner_project) VALUES ('{$company_id}', '{$project_id}')";
$mysqli->query($query);
}
foreach ($project->REVENUE as $revenue) {
$query = "INSERT INTO proj_rev (proj_rev_project, proj_rev_year, proj_rev_value) VALUES ('{$project_id}', '" . $revenue['year'] . "', '" . $revenue['value'] . "')";
$mysqli->query($query);
}
foreach ($project->ACCOUNT as $account) {
foreach ($account->children() as $item) {
$id = getPersonIdFromString($item['name']);
if ($id > 0) {
$query = "INSERT INTO mgmt (mgmt_person, mgmt_type) VALUES ('{$id}', '" . $item->getName() . "')";
$mysqli->query($query);
}
}
}
}