public function getQCEWQuarter($stfips, $areatype, $area, $periodyear, $periodtype, $period)
{
$link = getDatabaseConnection();
$query = sprintf(" SELECT ind.*, format(ind.estab, '###,###,###.##') as estab_fmt, \n format(ind.totwage, '###,###,###.##') as totwage_fmt, \n format(ind.avgwkwage, '###,###,###.##') as avgwage_fmt, \n format(ind.avgemp, '###,###,###.##') as avgemp_fmt, ic.codetitle \n FROM wid.industry ind\n INNER JOIN wid.indcodes ic ON ind.indcodty = ic.codetype \n AND ind.indcode = ic.code\n WHERE ind.stfips = '%s'\n AND ind.areatype = '%s'\n AND ind.area = '%s'\n AND ind.periodyear = '%s'\n AND ind.periodtype = '%s'\n AND ind.period = '%s'\n ORDER BY indcode, period ", mysql_real_escape_string($stfips), mysql_real_escape_string($areatype), mysql_real_escape_string($area), mysql_real_escape_string($periodyear), mysql_real_escape_string($periodtype), mysql_real_escape_string($period));
$list = $this->getResult($query, $link);
return $list;
}
public function getAreaList($stfips, $areatype)
{
$link = getDatabaseConnection();
$query = sprintf("select * from wid.geog " . "where stfips = '%s' and areatype = '%s' order by stfips, areatype, area", mysql_real_escape_string($stfips), mysql_real_escape_string($areatype));
$arealist = $this->getJSONResult($query, $link);
return $arealist;
}
public function getList($stfips, $areatype, $area, $seriescode, $adjusted)
{
$link = getDatabaseConnection();
$query = sprintf(" SELECT s.seriesttls, s.serieslvl, empces, format(c.empces, '###,###,###.##') as empces_fmt,\n c.periodyear, c.periodtype, c.period, c.stfips, c.areatype, c.area,\n c.adjusted, c.seriescode, c.prelim\n FROM wid.cescode s\n INNER JOIN wid.ces c ON c.stfips = s.stfips\n AND c.seriescode = s.seriescode\n WHERE c.stfips = '%s'\n AND c.areatype = '%s'\n AND c.area = '%s'\n AND c.seriescode = '%s'\n and c.adjusted = '%s'\n ORDER BY periodyear, periodtype, period, prelim ", mysql_real_escape_string($stfips), mysql_real_escape_string($areatype), mysql_real_escape_string($area), mysql_real_escape_string($seriescode), mysql_real_escape_string($adjusted));
$list = $this->getResult($query, $link);
return $list;
}
protected function processData()
{
//Alpha-num
sanitizeUsername($this->username);
//Verify username and password length requirements
if (strlen($this->username) > 40) {
throw new Exception("Username must be shorter than 40 characters");
}
if (strlen($this->username) > 72) {
throw new Exception("Password must be shorter than 72 characters");
}
//verify username available
$conn = getDatabaseConnection();
$availabilityQuery = new UsernameAvailabilityQuery($conn, $this->username);
$available = $availabilityQuery->getNumRows() == 0;
if ($available) {
//hash pw
$this->password = password_hash($this->password, PASSWORD_DEFAULT);
//add user
$addUserQuery = new AddUserQuery($conn, $this->username, $this->password);
$addUserQuery->query();
} else {
//username taken
throw new Exception("Username taken");
}
return true;
}
public function getLicxocc($stfips, $areatype, $area, $occcode)
{
$link = getDatabaseConnection();
$query = sprintf(" SELECT * from wid.licxocc x \n inner join wid.license l \n on l.stfips = x.stfips \n and l.licenseid = x.licenseid \n where l.stfips = '%s'\n and l.areatype = '%s'\n and l.area = '%s'\n and x.occcode = '%s' ", mysql_real_escape_string($stfips), mysql_real_escape_string($areatype), mysql_real_escape_string($area), mysql_real_escape_string($occcode));
$list = $this->getResult($query, $link);
return $list;
}
function getTripInfo($tripId)
{
$rsp = new JsonResponse_TripInfo("Problem getting trip info.");
// Connect to database
$conn = getDatabaseConnection();
// Prepare statement to get all waypoints with that tripid
$statement = $conn->prepare('SELECT time, latitude, longitude
FROM waypoints WHERE trip = :trid', array(PDO::ATTR_CURSOR => PDO::CURSOR_FWDONLY));
// Execute
$statement->execute(array(':trid' => $tripId));
$wps = $statement->fetchAll();
// Loop over results and build response data.. just space-sep'd vals
$timez = "";
$latz = "";
$longz = "";
for ($i = 0, $l = count($wps); $i < $l; ++$i) {
$timez .= $wps[$i][0] . " ";
$latz .= $wps[$i][1] . " ";
$longz .= $wps[$i][2] . " ";
}
$rsp->times = $timez;
$rsp->lats = $latz;
$rsp->longs = $longz;
// Return info
$rsp->setSuccessful();
$rsp->respondAndExit();
}
public function getSocCips($soccode)
{
$link = getDatabaseConnection();
$query = sprintf(" SELECT * from wid.cipcode c \n inner join wid.socxcip s on s.cipcode = c.cipcode\n where soccode = '%s'", mysql_real_escape_string($soccode));
$list = $this->getResult($query, $link);
return $list;
}
public function getList($stfips, $areatype, $area, $popsource)
{
$link = getDatabaseConnection();
$query = sprintf(" SELECT * from wid.populatn \n where stfips = '%s'\n and areatype = '%s'\n and area = '%s'\n and popsource = '%s' \n and periodyear >= '1980' ", mysql_real_escape_string($stfips), mysql_real_escape_string($areatype), mysql_real_escape_string($area), mysql_real_escape_string($popsource));
$list = $this->getResult($query, $link);
return $list;
}
public function getCenLabor($stfips, $periodyear)
{
$link = getDatabaseConnection();
$sqlstring = "\n select censtitle, format(femalelf, '#,###,###.##') as femalelf, format(malelf, '#,###,###.##') as malelf\n from wid.censcode c, wid.cenlabor l \n where c.censcode = l.censcode\n and l.stfips = '%s'\n and l.periodyear = '%s' \n order by c.censcode";
$query = sprintf($sqlstring, mysql_real_escape_string($stfips), mysql_real_escape_string($periodyear));
$cenlab = $this->getJSONResult($query, $link);
return $cenlab;
}
protected function processData()
{
//add game
$conn = getDatabaseConnection();
$addGameQuery = new IncreaseScoreQuery($conn, $this->game, $this->player, $this->increaseAmount);
$addGameQuery->query();
return true;
}
function __construct()
{
if (PRODUCTION_ENVIRONMENT) {
require_once $_SERVER['DOCUMENT_ROOT'] . '/inc/db.php';
} else {
require_once '../db.php';
}
$this->db = getDatabaseConnection();
}
public function getEmployerData($stfips = "41", $areatype = "01", $area = "000000", $zipcode = "", $naicscode = "000000", $sizeclass = "9", $annsalrng = "X", $search = "", $page = "1", $rows = "25", $sord = "asc", $sidx = "name")
{
$link = getDatabaseConnection();
$page = max($page, 1);
$start = $page * $rows + 1 - $rows;
$where = sprintf(" WHERE stfips = '%s' ", mysql_real_escape_string($stfips)) . sprintf($areatype == '01' ? "" : " and areatype = '%s' and area = '%s' ", mysql_real_escape_string($areatype), mysql_real_escape_string($area)) . sprintf($naicscode == '000000' ? "" : " and primnaics like '%s' ", mysql_real_escape_string($naicscode . '%')) . sprintf($search == '' ? "" : " and name like '%s' ", mysql_real_escape_string('%' . $search . '%')) . sprintf($annsalrng == 'X' ? "" : " and annsalrng='%s'", mysql_real_escape_string($annsalrng)) . sprintf($zipcode == '' ? "" : " and zipcode='%s'", mysql_real_escape_string($zipcode)) . sprintf(($sizeclass == '9' ? "" : " and empsizrng='%s'") . " order by " . $sidx . " " . $sord . " ", mysql_real_escape_string($sizeclass));
$query = "select * from wid.empdb " . $where . " limit " . ($start - 1) . ", " . $rows;
return $this->getEmployerResult($query, $where, $rows, $page, $link);
}
private static function updateUtilisateur($utilisateur)
{
try {
$bdd = getDatabaseConnection();
$request = $bdd->prepare('UPDATE utilisateur SET nom=?, prenom=?, mail=?, username=?, password=? WHERE userId = ? ;');
$result = $request->execute(array($utilisateur->getNom(), $utilisateur->getPrenom(), $utilisateur->getMail(), $utilisateur->getUserName(), $utilisateur->getPasswordHash(), $utilisateur->getID()));
} catch (Exception $e) {
die("Message: " + $e->getMEssage());
}
}
protected function processData()
{
//roll dice
$conn = getDatabaseConnection();
$dice = array();
for ($i = 0; $i < 6; $i++) {
array_push($dice, rand(1, 6));
}
$rollDiceQuery = new RollDiceQuery($conn, $this->game, $dice);
$rollDiceQuery->query();
return true;
}
protected function processData()
{
//add game
$conn = getDatabaseConnection();
$addGameQuery = new AddGameQuery($conn, $this->player1, $this->player2);
$addGameQuery->query();
//roll dice
$dice = array();
for ($i = 0; $i < 6; $i++) {
array_push($dice, rand(1, 6));
}
$rollDiceQuery = new RollDiceQuery($conn, $conn->insert_id, $dice);
$rollDiceQuery->query();
return true;
}
function doLogin($user_id, $user_pass)
{
$connect = getDatabaseConnection();
// See if the user is in the database
$query = sprintf("SELECT * from user_access where lower(user_id) = lower('%s') and user_pass = '******'", mysql_real_escape_string($user_id), mysql_real_escape_string($user_pass));
$result = mysql_query($query);
$num = mysql_num_rows($result);
if ($num > 0) {
// Generate a GUID
$result = mysql_query("select uuid() as unique_id");
$retVal = mysql_result($result, 0, "unique_id");
mysql_query("update user_access set user_session_uuid='" . $retVal . "', last_access_datetime=utc_timestamp()");
} else {
$retVal = null;
}
closeDatabaseConnection($connect);
return $retVal;
}
protected function processData()
{
//Alpha-num
sanitizeUsername($this->username);
//Verify username and password length requirements
if (strlen($this->username) > 40) {
throw new Exception("Username invalid");
}
if (strlen($this->username) > 72) {
throw new Exception("Password incorrect");
}
//verify password
$conn = getDatabaseConnection();
$storedPassQuery = new PasswordQuery($conn, $this->username);
$storedPassHash = $storedPassQuery->getPassword();
$valid = password_verify($this->password, $storedPassHash);
return $valid;
}
public function __construct($target, $singularity = false)
{
if (!$singularity) {
trigger_error('STOP! Use: $db = databaseMachine::getDatabaseMachine();', E_USER_NOTICE);
exit(1);
}
$this->_target = $target;
if (!isset($this->_dbLink)) {
$this->_dbLink = getDatabaseConnection();
}
if ($this->_dbLink) {
if (!@mysql_select_db($this->_target, $this->_dbLink)) {
trigger_error('Could not select database target: ' . $this->_target, E_USER_NOTICE);
@mysql_close($this->_dbLink);
$this->_dbLink = null;
}
} else {
trigger_error('Could not connect to database server.', E_USER_NOTICE);
}
}
function hasValidSession()
{
// See if username and password are set in session variables
if ($_SESSION["uname"] == null || $_SESSION["phash"] == null) {
return false;
}
// Try connecting to database
$conn = getDatabaseConnection();
// Prepare statement to check for users with that name
$statement = $conn->prepare('SELECT hashedpw
FROM users WHERE username = :username', array(PDO::ATTR_CURSOR => PDO::CURSOR_FWDONLY));
// Execute
$statement->execute(array(':username' => $_SESSION["uname"]));
$wps = $statement->fetchAll();
// If no users available, can't be a valid session...
if (count($wps) == 0) {
return false;
}
// Get hashed password (could check that only one user exists, but okay)
$phash = $wps[0][0];
// If equal to session var then fine
return $phash == $_SESSION["phash"];
}
* A HTML/PHP script file that acts as the account
* portal authorized by logging into the MySQL
* accounts database table used by the SWGEMU
* Core3 server for user management within MySQL.
*
* Refer to Register.php for DB structure.
*
* fin
*/
require_once 'includes/Conn.php';
session_start();
//Is this the indexed session from account_id?
if (!isset($_SESSION["account_id"])) {
header('Location: Login.php');
} else {
$con = getDatabaseConnection();
$account_id = $_SESSION["account_id"];
//Match query to account_id row
if ($stmt = $con->prepare("SELECT username FROM accounts WHERE account_id=?")) {
$stmt->bind_param("i", $account_id);
$stmt->execute();
$result = $stmt->get_result();
if ($result->num_rows == 1) {
$row = $result->fetch_assoc();
} else {
session_unset();
header("Location: Login.php");
exit(0);
}
}
}
function searchUsers($search)
{
$search = '%' . $search . '%';
$sql = pg_prepare(getDatabaseConnection(), "searchUsers", "SELECT id, username, profile_picture FROM users WHERE username LIKE \$1;");
$result = pg_execute(getDatabaseConnection(), "searchUsers", [$search]) or die('Query failed: ' . pg_last_error());
$arr = [];
while ($row = pg_fetch_assoc($result)) {
$arr[] = $row;
}
return $arr;
}
public static function deleteFilm($film)
{
try {
$bdd = getDatabaseConnection();
$request = $bdd->prepare('DELETE FROM movie WHERE mov_id = ?;');
$request->execute(array($film->getId()));
} catch (Exception $e) {
die("Message: " + $e->getMEssage());
}
}
public function getWageData($stfips, $occcode, $periodtype, $period)
{
$link = getDatabaseConnection();
$query = sprintf(" SELECT periodyear, g.areaname, pct10, pct25, median, pct75, pct90, mean \n from wid.geog g inner join wid.oeswage w \n on w.stfips = g.stfips and w.areatype = g.areatype and w.area = g.area \n inner join wid.soccode s on occcode = soccode \n where w.stfips = '%s' \n and occcode = '%s'\n and periodtype = '%s'\n and period = '%s' ", mysql_real_escape_string($stfips), mysql_real_escape_string($occcode), mysql_real_escape_string($periodtype), mysql_real_escape_string($period));
$list = $this->getResult($query, $link);
return $list;
}
/**
* Route - "GET /api/warranties/:id" - to show a specific warranty
* @return void
*/
function routeGetWarranty($id)
{
global $jsonObject, $app;
// Construct SQL query
$sql = "SELECT * FROM warranties WHERE id=:id";
try {
$dbCon = getDatabaseConnection();
$stmt = $dbCon->prepare($sql);
$stmt->bindParam("id", $id);
$stmt->execute();
$result = $stmt->fetchObject();
$dbCon = null;
if ($result) {
$jsonObject['data'] = $result;
} else {
$app->response->setStatus(404);
$jsonObject['status'] = 'error';
$jsonObject['message'] = 'Couldn\'t find warranty with id ' . $id;
}
echo json_encode($jsonObject);
} catch (PDOException $e) {
$app->response->setStatus(500);
$jsonObject['status'] = 'error';
$jsonObject['message'] = $e->getMessage();
echo json_encode($jsonObject);
}
}
<?php
require_once '../data/wfutils.php';
$link = getDatabaseConnection();
if (!$link) {
die('Could not connect: ' . mysql_error());
}
$parms = get_params(array('stfips' => '41', 'areatype' => '01', 'area' => '000000', 'adjusted' => '1'));
// Create parameterized query for labforce table
$query = sprintf("SELECT * FROM wid.labforce WHERE stfips='%s' and areatype='%s' and area='%s' and adjusted='%s' order by periodyear, periodtype, period, prelim", mysql_real_escape_string($parms['stfips']), mysql_real_escape_string($parms['areatype']), mysql_real_escape_string($parms['area']), mysql_real_escape_string($parms['adjusted']));
// Perform Query
$result = mysql_query($query, $link);
// Check result and report any errors
if (!$result) {
$message = 'Invalid query: ' . mysql_error() . "\n";
$message .= 'Whole query: ' . $query;
die($message);
}
// Put results in XML document
header('Content-type: text/xml');
echo "<?xml version='1.0' standalone='yes'?>";
echo "<labforcelist>";
while ($row = mysql_fetch_assoc($result)) {
?>
<labforce stfips="<?php
echo htmlspecialchars($row['stfips']);
?>
"
areatype="<?php
echo htmlspecialchars($row['areatype']);
?>
/**
* add a new feed with a user
*/
public function addFeeds($feed)
{
if (!$this->dbConnected()) {
$this->dbconnection = getDatabaseConnection();
}
if ($this->isValid()) {
//add a new feed to the database
$stmt = $this->dbconnection->prepare("insert into user_feed values(?,?,?)");
if (is_array($feed)) {
foreach ($feed as $oneofFeed) {
$stmt->bind_param('sss', $this->username, $oneofFeed->url, $oneofFeed->feedname);
$stmt->execute();
}
} else {
$stmt->bind_param('sss', $this->username, $feed->url, $feed->feedname);
$stmt->execute();
}
}
if (!$stmt->error) {
$stmt->close();
return true;
} else {
$stmt->close();
return false;
}
}
public function __construct()
{
$args = func_get_args();
$this->state_name = $args[0];
$this->stfips = $args[1];
$link = getDatabaseConnection();
$this->setMaxPeriods($link, $this, "labforce");
$query2 = sprintf("select * from wid.labforce " . "where (periodyear = '%s' " . "and periodtype = '03' " . "and period in ('%s', '%s') " . "and stfips in ('00', '%s') " . "and areatype in ('00', '01')" . "and area = '000000' " . "and adjusted = '1') " . "or" . "(periodyear = '%s' " . "and periodtype = '03' " . "and period = '%s' " . "and stfips in ('00', '%s') " . "and areatype in ('00', '01') " . "and area = '000000' " . "and adjusted = '1') " . "order by stfips, periodyear, period", $this->periodyear, $this->period, $this->lastperiod, $this->stfips, $this->lastyear, $this->period, $this->stfips);
$result = mysql_query($query2, $link);
if (!$result) {
$message = 'Invalid query: ' . mysql_error() . "\n";
$message .= 'Whole query: ' . $query;
die($message);
}
while ($row = mysql_fetch_assoc($result)) {
if ($this->periodyear == $row['periodyear'] && $this->period == $row['period'] && $row['stfips'] == '00') {
$this->rates['00M1'] = $row['unemprate'];
} else {
if ($this->periodyear == $row['periodyear'] && $this->lastperiod == $row['period'] && $row['stfips'] == '00') {
$this->rates['00M2'] = $row['unemprate'];
} else {
if ($this->lastyear == $row['periodyear'] && $this->period == $row['period'] && $row['stfips'] == '00' && $row['prelim'] == '0') {
$this->rates['00M3'] = $row['unemprate'];
} else {
if ($this->periodyear == $row['periodyear'] && $this->period == $row['period'] && $row['stfips'] == $this->stfips) {
$this->rates[$this->stfips . 'M1'] = $row['unemprate'];
} else {
if ($this->periodyear == $row['periodyear'] && $this->lastperiod == $row['period'] && $row['stfips'] == $this->stfips && $row['prelim'] == '0') {
$this->rates[$this->stfips . 'M2'] = $row['unemprate'];
} else {
if ($this->lastyear == $row['periodyear'] && $this->period == $row['period'] && $row['stfips'] == $this->stfips && $row['prelim'] == '0') {
$this->rates[$this->stfips . 'M3'] = $row['unemprate'];
} else {
}
}
}
}
}
}
}
mysql_free_result($result);
mysql_close($link);
}
<?php
include 'dbConnection.php';
$dbConn = getDatabaseConnection();
//Post Variable
//empty() doesn't work, because the productId = 0 is true when you use empty()
if (!isset($_GET['songId'])) {
echo "<h4>Additional Information:</h4>";
echo "<br>";
echo "<span style='color: red'>No Song selected</span>";
} else {
$records = displaySongInfo();
foreach ($records as $record) {
echo "<h4>Song:</h4>";
echo "<span style='color:blue'>" . $record['songName'] . "</span>";
echo "<br>";
echo "<h4>Length:</h4>";
echo "<span style='color:blue'>" . $record['length'] . " min" . "</span>";
echo "<br>";
echo "<h4>Artist</h4>";
echo "<span style='color:blue'>" . $record['artistName'] . "</span>";
echo "<br>";
echo "<h4>Artist Wiki:</h4>";
echo "<span style='color:blue'>" . "<a href=" . $record['artistWiki'] . " target='_blank'>Wikipedia</a>" . "</span>";
echo "<br>";
echo "<h4>Album</h4>";
echo "<span style='color:blue'>" . $record['albumName'] . "</span>";
echo "<br>";
echo "<h4>Album Release</h4>";
//Converting date
$phpdate = strtotime($record['releaseDate']);
<?php
include "functions.inc.php";
try {
$dbh = getDatabaseConnection();
$start = isset($_GET['page']) ? abs(intval($_GET['page'])) : 0;
$stmt = $dbh->prepare("SELECT code, ctime FROM records WHERE code LIKE :code ORDER BY ctime DESC LIMIT :start,20");
$stmt->bindValue(":start", $start, PDO::PARAM_INT);
$stmt->execute(array(":code" => "%"));
$result = $stmt->fetchAll(PDO::FETCH_ASSOC);
echo json_encode(array("result" => "success", "data" => $result));
} catch (PDOException $e) {
http_response_code(500);
echo json_encode(array("message" => $e->getMessage(), "line" => $e->getLine()));
die;
}
?>
<!DOCTYPE HTML>
<!--
2015 北一制服日・頭貼產生器 by christinesfkao, 2015, under CC-BY 3.0
Template by HTML5 UP html5up.net | n33.co @n33co dribbble.com/n33
Core functions inspired by 7 號頭像產生器(http://goooooooogle.github.io/profile-picture-generator/)
-->
<html>
<head>
<title>2015 北一制服日・頭貼產生器</title>
<meta charset="utf-8" />
<meta name="viewport" content="width=device-width, initial-scale=1" />
<!--[if lte IE 8]><script src="javascript/html5shiv.js"></script><![endif]-->
<link rel="stylesheet" href="stylesheets/main.css" />
function handshake($request, $conn)
{
$this->console("%s", "\n---------------------------------------------------------------------------------------\n", "BlueBold");
$this->console($request);
$this->console("%s", "\n---------------------------------------------------------------------------------------\n\n", "BlueBold");
preg_match('/(?<=GET \\/\\?ouser_id=)([0-9]*)/', $request, $matches);
// 1. Extract the ouser from the connection request
$ouser = new stdClass();
if (!empty($matches)) {
$ouser_id = $matches[0];
$this->setDatabaseConnection(getDatabaseConnection(true));
$this->console('retreiving user: /obray/OUsers/get/?ouser_id=' . $ouser_id . '&with=options' . "\n");
$ouser = $this->route('/obray/OUsers/get/?ouser_id=' . $ouser_id . '&with=options');
$this->console($ouser);
if (!empty($ouser->data[0])) {
$ouser = $ouser->data[0];
} else {
$ouser = new stdClass();
}
$ouser->subscriptions = array("all" => 1);
$ouser->connection = new stdClass();
}
// 2. Extract header information from request
$lines = explode("\r\n", $request);
$headers = array();
foreach ($lines as $line) {
$line = chop($line);
if (preg_match('/\\A(\\S+): (.*)\\z/', $line, $matches)) {
$headers[$matches[1]] = $matches[2];
$ouser->connection->{$matches[1]} = $matches[2];
}
}
// 3. Prepare/send response
$secKey = $headers['Sec-WebSocket-Key'];
$secAccept = base64_encode(pack('H*', sha1($secKey . '258EAFA5-E914-47DA-95CA-C5AB0DC85B11')));
//hand shaking header
$upgrade = "HTTP/1.1 101 Web Socket Protocol Handshake\r\n" . "Upgrade: websocket\r\n" . "Connection: Upgrade\r\n" . "WebSocket-Origin: {$this->host}\r\n" . "WebSocket-Location: ws://{$this->host}:{$this->port}/\r\n" . "Sec-WebSocket-Accept:{$secAccept}\r\n\r\n";
$this->console("Send upgrade request headers.\n");
$this->console("%s", "\n---------------------------------------------------------------------------------------\n", "BlueBold");
$this->console($upgrade);
$this->console("%s", "\n---------------------------------------------------------------------------------------\n\n", "BlueBold");
$this->console($conn);
fwrite($conn, $upgrade, strlen($upgrade));
return $ouser;
}
