function authenticate_user($data) { global $db; $email = $data['email']; $password = $data['password']; //getting the salt $stmt = mysqli_prepare($db, "SELECT salt FROM users WHERE email = ? LIMIT 1"); mysqli_stmt_bind_param($stmt, "s", $email); mysqli_stmt_execute($stmt); mysqli_stmt_store_result($stmt); mysqli_stmt_bind_result($stmt, $salt); if (mysqli_stmt_num_rows($stmt)) { mysqli_stmt_fetch($stmt); $password = hash('sha256', "{$password}" . "{$salt}"); //adding salt to given pass hashing and checking if the resulting hash is the same as the original mysqli_stmt_close($stmt); $stmt = mysqli_prepare($db, "SELECT uid, username, email FROM users WHERE email = ? AND password = ?"); mysqli_stmt_bind_param($stmt, "ss", $email, $password); mysqli_stmt_execute($stmt); mysqli_stmt_store_result($stmt); mysqli_stmt_bind_result($stmt, $uid, $username, $email); if (mysqli_stmt_num_rows($stmt)) { mysqli_stmt_fetch($stmt); mysqli_stmt_close($stmt); $user = ['userid' => $uid, 'username' => $username, 'email' => $email]; return $user; } else { return false; } } else { return false; } }
public static function get_makes() { //open connection to MySql parent::open_connection(); //initialize arrays $ids = array(); //array for ids $list = array(); //array for objects //query $query = "select mak_id from makes"; //prepare command $command = parent::$connection->prepare($query); //execute command $command->execute(); //link results $command->bind_result($id); //fill ids array while ($command->fetch()) { array_push($ids, $id); } //close command mysqli_stmt_close($command); //close connection parent::close_connection(); //fill object array for ($i = 0; $i < count($ids); $i++) { array_push($list, new Make($ids[$i])); } //return array return $list; }
/** * Save data * @param array Request data (unfiltered) */ function saveAction($request) { require_once 'config.php'; //connection: $link = mysqli_connect($servidor, $user, $pass, $database) or die("Error " . mysqli_error($link)); $flag = 'false'; $param = $request; $idUrl = mysqli_real_escape_string($link, $param['idUrl']); $dataPost = isset($param['data']) ? $param['data'] : false; $idPage = _checkIdUrl($link, $idUrl); if ($idPage > 0 && is_array($dataPost) && count($dataPost) > 0) { $reg = formarDataToSerial($idPage, $dataPost); $reg['page_id'] = intval($reg['page_id']); $reg['browser_id'] = $reg['browser_id']; $reg['view_port'] = mysqli_real_escape_string($link, $reg['view_port']); $reg['window_browser'] = mysqli_real_escape_string($link, $reg['window_browser']); $reg['screen'] = mysqli_real_escape_string($link, $reg['screen']); $query = "INSERT INTO heatmap (page_id, browser_id, view_port, window_browser, screen, data_serial, created_at) " . "VALUES ('" . $reg['page_id'] . "', '" . $reg['browser_id'] . "','" . $reg['view_port'] . "','" . $reg['window_browser'] . "','" . $reg['screen'] . "', '" . $reg['data_serial'] . "', '" . date('Y-m-d H:i:s') . "')"; $stmt = mysqli_prepare($link, $query); mysqli_stmt_execute($stmt); mysqli_stmt_close($stmt); $flag = 'true'; } mysqli_close($link); echo $flag; }
function email() { global $link, $stmt; if (defined("CRYPT_BLOWFISH") && CRYPT_BLOWFISH) { $salt = '$2y$11$' . substr(md5(uniqid(rand(), true)), 0, 22); $password = crypt($_POST['password'], $salt); } mysqli_stmt_bind_param($stmt, 'ss', $_POST['email'], $password); mysqli_stmt_execute($stmt); mysqli_stmt_close($stmt); //to verify email $hash = hash('md5', $_POST["email"]); $stmt = mysqli_prepare($link, "INSERT INTO `verify_email`(`email`, `hash`) VALUES(?,'" . $hash . "')") or die(mysqli_error($link)); mysqli_stmt_bind_param($stmt, 's', $_POST['email']); mysqli_stmt_execute($stmt); mysqli_stmt_close($stmt); mysqli_close($link); $to = $_POST['email']; $subject = 'Email varification'; $message = 'Please click this link to activate your account: http://woofwarrior.com//gallery/verify.php?email=' . $_POST['email'] . '&hash=' . $hash . ' '; $headers = "From: activation@woofwarrior.com\r\n"; mail($to, $subject, $message, $headers); //echo json_encode('signed up, verify email. Please click this link to activate your account: http://woofwarrior.com//gallery/htdocs/verify.php?email='.$_POST['email'].'&hash='.$hash); echo json_encode('verify email'); }
function bindFetch($stmt, $valArray) { prepareStatment($stmt, $valArray); mysqli_stmt_execute($stmt); $array = array(); if ($stmt instanceof mysqli_stmt) { $stmt->store_result(); $variables = array(); $data = array(); $meta = $stmt->result_metadata(); while ($field = $meta->fetch_field()) { $variables[] =& $data[$field->name]; } // pass by reference call_user_func_array(array($stmt, 'bind_result'), $variables); $i = 0; while ($stmt->fetch()) { $array[$i] = array(); foreach ($data as $k => $v) { $array[$i][$k] = $v; } $i++; } } elseif ($stmt instanceof mysqli_result) { while ($row = $stmt->fetch_assoc()) { $array[] = $row; } } mysqli_stmt_close($stmt); return $array; }
function registrator($link) { //Функция регистрации пользователя (Взято из интернета "редактированно") if (!empty($_POST["submit"])) { if (!preg_match("/^[a-zA-Z0-9]+\$/", $_POST['login'])) { $err[] = "Логин может состоять только из букв английского алфавита и цифр<br>"; } if (strlen($_POST['login']) < 3 or strlen($_POST['login']) > 30) { $err[] = "Логин должен быть не меньше 3-х символов и не больше 30<br>"; } $query = "SELECT COUNT(user_id) FROM users WHERE user_login='******'login']) . "'"; if ($stmt = mysqli_prepare($link, $query)) { mysqli_stmt_execute($stmt); mysqli_stmt_bind_result($stmt, $user_id); mysqli_stmt_store_result($stmt); mysqli_stmt_fetch($stmt); mysqli_stmt_close($stmt); } if (!$user_id == 0) { $err[] = "Пользователь с таким логином уже существует в базе данных<br>"; } if (count($err) == 0) { $login = $_POST['login']; $password = md5(md5(trim($_POST['password']))); mysqli_query($link, "INSERT INTO users SET user_login='******', user_password='******'"); header("Location: login.php"); exit; } else { print "<b>При регистрации произошли следующие ошибки:</b><br>"; foreach ($err as $error) { print $error . "<br>"; } } } }
function update_last_try($dbh, $config, $key) { $stmt = mysqli_prepare($dbh, "UPDATE " . $config['table_prefix'] . "keys SET last_try = NOW() WHERE `key` = ?"); mysqli_stmt_bind_param($stmt, "s", $key); mysqli_stmt_execute($stmt); mysqli_stmt_close($stmt); }
function changeItem($elemID, $uniqueID, $changeTo) { // Connect to the MySQL database $host = "fall-2015.cs.utexas.edu"; $user = "******"; $file = fopen("/u/pjobrien/password.txt", "r"); $line = fgets($file); $pwd = trim($line); fclose($file); $dbs = "cs329e_pjobrien"; $port = "3306"; $connect = mysqli_connect($host, $user, $pwd, $dbs, $port); if (empty($connect)) { die("mysql_connect failed " . mysqli_connect_error()); } $elemID = trim($elemID); $uniqueID = trim($uniqueID); $changeTo = trim($changeTo); // get the item we want to change from the front end $stmt = mysqli_prepare($connect, "UPDATE userInfo SET {$elemID} = ? WHERE username= ?"); mysqli_stmt_bind_param($stmt, 'ss', $changeTo, $uniqueID) or die("Failed: " . mysqli_error($connect)); mysqli_stmt_execute($stmt) or die("Failed: " . mysqli_error($connect)); mysqli_stmt_close($stmt); // Close connection to the database mysqli_close($connect); return true; }
function __construct() { if (func_num_args() == 0) { $this->id = ''; $this->name = ''; $this->description = ''; $this->dosification = ''; $this->peridiocity = ""; } if (func_num_args() == 1) { $args = func_get_args(); $id = $args[0]; parent::open_connection(); $query = "select schedule_id, schedule_name, schedule_note from Activities_Schedule where schedule_id = ?"; $command = parent::$connection->prepare($query); $command->bind_param('s', $id); $command->execute(); $command->bind_result($this->id, $this->name, $this->description); $found = $command->fetch(); mysqli_stmt_close($command); parent::close_connection(); if (!$found) { throw new RecordNotFoundException(); } } }
function checkCredentials($username, $password) { $link = retrieve_mysqli(); //Test to see if their credentials are valid $queryString = 'SELECT salt, hashed_password FROM user WHERE username = ?'; if ($stmt = mysqli_prepare($link, $queryString)) { //Get the stored salt and hash as $dbSalt and $dbHash mysqli_stmt_bind_param($stmt, "s", $username); mysqli_stmt_execute($stmt); mysqli_stmt_bind_result($stmt, $dbSalt, $dbHash); mysqli_stmt_fetch($stmt); mysqli_stmt_close($stmt); // close prepared statement mysqli_close($link); /* close connection */ //Generate the local hash to compare against $dbHash $localhash = generateHash($dbSalt . $password); //Compare the local hash and the database hash to see if they're equal if ($localhash == $dbHash) { return true; } // password hashes matched, this is a valid user } return false; // password hashes did not match or username didn't exist }
function update_vote($image_id) { //get number of votes and update global $link; /*$result = mysqli_query($link, "SELECT `amount` FROM `votes_amount` WHERE `imageID`=".$image_id.";") or die(mysqli_error($link)); $amount = mysqli_fetch_assoc($result); $new_amount = $amount['amount']+1; mysqli_query($link, "UPDATE `votes_amount` SET `amount`=".$new_amount." WHERE `imageID`=".$image_id.";") or die(mysqli_error($link));*/ $stmt = mysqli_stmt_init($link); mysqli_stmt_prepare($stmt, "SELECT `amount` FROM `votes_amount` WHERE `imageID`=?;") or die(mysqli_error($link)); mysqli_stmt_bind_param($stmt, 'i', $image_id); mysqli_stmt_execute($stmt); $result = mysqli_stmt_get_result($stmt); mysqli_stmt_close($stmt); $amount = mysqli_fetch_assoc($result); $new_amount = $amount['amount'] + 1; $stmt = mysqli_prepare($link, "UPDATE `votes_amount` SET `amount`=" . $new_amount . " WHERE `imageID`=?;") or die(mysqli_error($link)); mysqli_stmt_bind_param($stmt, 'i', $image_id); mysqli_stmt_execute($stmt); mysqli_stmt_close($stmt); //return ajax data if (isset($_SESSION['id']) && !isset($_POST['action']) && !isset($_POST['votePic'])) { $data = array('new_amount' => $new_amount, 'imageID' => $image_id); } elseif (isset($_POST['action']) && $_POST['action'] == 'anonymous_voting') { //get another two images $result = mysqli_query($link, "SELECT * FROM `image` ORDER BY RAND() LIMIT 2;") or die(mysqli_error($link)); $data = array(); while ($row = mysqli_fetch_assoc($result)) { $data[] = $row; } } mysqli_close($link); return $data; }
function getPageInfo($con, $page_id) { $result_array = array(); $query_case_list = "SELECT key_value_latin FROM page WHERE page_id = ?"; if (!($stmt = mysqli_prepare($con, $query_case_list))) { #echo "Prepare failed: (" . mysqli_connect_errno() . ") " . mysqli_connect_error()."<br>"; } //set values #echo "set value..."; $id = 1; if (!mysqli_stmt_bind_param($stmt, "s", $page_id)) { #echo "Binding parameters failed: (" . mysqli_connect_errno() . ") " . mysqli_connect_error()."<br>"; } #echo "execute..."; if (!mysqli_stmt_execute($stmt)) { #echo "Execution failed: (" . mysqli_connect_errno() . ") " . mysqli_connect_error()."<br>"; } /* instead of bind_result: */ #echo "get result..."; if (!mysqli_stmt_bind_result($stmt, $key_value_latin)) { #echo "Getting results failed: (" . mysqli_connect_errno() . ") " . mysqli_connect_error()."<br>"; } if (mysqli_stmt_fetch($stmt)) { $result_array = array("key_value_latin" => $key_value_latin); } else { #echo "Fetching results failed: (" . mysqli_connect_errno() . ") " . mysqli_connect_error()."<br>"; print_r(error_get_last()); } mysqli_stmt_close($stmt); return $result_array; }
public function EliminarRedSocial($id) { $mysqli = $this->mysqli; $stmt = \mysqli_prepare($mysqli, "CALL ELIMINAR_RS(?)"); \mysqli_stmt_bind_param($stmt, 'i', $id); \mysqli_stmt_execute($stmt); \mysqli_stmt_close($stmt); }
public function EliminarImagen($imagen) { $mysqli = $this->mysqli; $stmt = \mysqli_prepare($mysqli, "CALL ELIMINAR_IMG(?);"); \mysqli_stmt_bind_param($stmt, 'i', $imagen); \mysqli_stmt_execute($stmt); \mysqli_stmt_close($stmt); }
function mysqli_fetch_array_large($offset, $link, $package_size) { /* we are aiming for maximum compression to test MYSQLI_CLIENT_COMPRESS */ $random_char = str_repeat('a', 255); $sql = "INSERT INTO test(label) VALUES "; while (strlen($sql) < $package_size - 259) { $sql .= sprintf("('%s'), ", $random_char); } $sql = substr($sql, 0, -2); $len = strlen($sql); assert($len < $package_size); if (!@mysqli_query($link, $sql)) { if (1153 == mysqli_errno($link) || 2006 == mysqli_errno($link) || stristr(mysqli_error($link), 'max_allowed_packet')) { /* myslqnd - [1153] Got a packet bigger than 'max_allowed_packet' bytes libmysql -[2006] MySQL server has gone away */ return false; } printf("[%03d + 1] len = %d, [%d] %s\n", $offset, $len, mysqli_errno($link), mysqli_error($link)); return false; } /* buffered result set - let's hope we do not run into PHP memory limit... */ if (!($res = mysqli_query($link, "SELECT id, label FROM test"))) { printf("[%03d + 2] len = %d, [%d] %s\n", $offset, $len, mysqli_errno($link), mysqli_error($link)); return false; } while ($row = mysqli_fetch_assoc($res)) { if ($row['label'] != $random_char) { printf("[%03d + 3] Wrong results - expecting '%s' got '%s', len = %d, [%d] %s\n", $offset, $random_char, $row['label'], $len, mysqli_errno($link), mysqli_error($link)); return false; } } mysqli_free_result($res); if (!($stmt = mysqli_prepare($link, "SELECT id, label FROM test"))) { printf("[%03d + 4] len = %d, [%d] %s\n", $offset, $len, mysqli_errno($link), mysqli_error($link)); return false; } /* unbuffered result set */ if (!mysqli_stmt_execute($stmt)) { printf("[%03d + 5] len = %d, [%d] %s, [%d] %s\n", $offset, $len, mysqli_stmt_errno($stmt), mysqli_stmt_error($stmt), mysqli_errno($link), mysqli_error($link)); return false; } $id = $label = NULL; if (!mysqli_stmt_bind_result($stmt, $id, $label)) { printf("[%03d + 6] len = %d, [%d] %s, [%d] %s\n", $offset, $len, mysqli_stmt_errno($stmt), mysqli_stmt_error($stmt), mysqli_errno($link), mysqli_error($link)); return false; } while (mysqli_stmt_fetch($stmt)) { if ($label != $random_char) { printf("[%03d + 7] Wrong results - expecting '%s' got '%s', len = %d, [%d] %s\n", $offset, $random_char, $label, $len, mysqli_stmt_errno($stmt), mysqli_stmt_error($stmt)); return false; } } mysqli_stmt_free_result($stmt); mysqli_stmt_close($stmt); return true; }
function bind_twice($link, $engine, $sql_type1, $sql_type2, $bind_type1, $bind_type2, $bind_value1, $bind_value2, $offset) { if (!mysqli_query($link, "DROP TABLE IF EXISTS test_mysqli_stmt_bind_param_type_juggling_table_1")) { printf("[%03d + 1] [%d] %s\n", $offset, mysqli_errno($link), mysqli_error($link)); return false; } mysqli_autocommit($link, true); $sql = sprintf("CREATE TABLE test_mysqli_stmt_bind_param_type_juggling_table_1(col1 %s, col2 %s) ENGINE=%s", $sql_type1, $sql_type2, $engine); if (!mysqli_query($link, $sql)) { printf("[%03d + 2] [%d] %s\n", $offset, mysqli_errno($link), mysqli_error($link)); return false; } if (!($stmt = mysqli_stmt_init($link))) { printf("[%03d + 3] [%d] %s\n", $offset, mysqli_errno($link), mysqli_error($link)); return false; } if (!mysqli_stmt_prepare($stmt, "INSERT INTO test_mysqli_stmt_bind_param_type_juggling_table_1(col1, col2) VALUES (?, ?)")) { printf("[%03d + 4] [%d] %s\n", $offset, mysqli_stmt_errno($stmt), mysqli_stmt_error($stmt)); return false; } if (!mysqli_stmt_bind_param($stmt, $bind_type1 . $bind_type2, $bind_value1, $bind_value1)) { printf("[%03d + 5] [%d] %s\n", $offset, mysqli_stmt_errno($stmt), mysqli_stmt_error($stmt)); return false; } if (!mysqli_stmt_execute($stmt)) { printf("[%03d + 6] [%d] %s\n", $offset, mysqli_stmt_errno($stmt), mysqli_stmt_error($stmt)); return false; } if (!mysqli_stmt_bind_param($stmt, $bind_type1 . $bind_type2, $bind_value1, $bind_value2)) { printf("[%03d + 7] [%d] %s\n", $offset, mysqli_stmt_errno($stmt), mysqli_stmt_error($stmt)); return false; } if (!mysqli_stmt_execute($stmt)) { printf("[%03d + 8] [%d] %s\n", $offset, mysqli_stmt_errno($stmt), mysqli_stmt_error($stmt)); return false; } mysqli_stmt_close($stmt); if (!($res = mysqli_query($link, "SELECT col1, col2 FROM test_mysqli_stmt_bind_param_type_juggling_table_1"))) { printf("[%03d + 9] [%d] %s\n", $offset, mysqli_errno($link), mysqli_error($link)); return false; } if (2 !== ($tmp = mysqli_num_rows($res))) { printf("[%03d + 10] Expecting 2 rows, got %d rows [%d] %s\n", $offset, $tmp, mysqli_errno($link), mysqli_error($link)); } $row = mysqli_fetch_assoc($res); if ($row['col1'] != $bind_value1 || $row['col2'] != $bind_value1) { printf("[%03d + 11] Expecting col1 = %s, col2 = %s got col1 = %s, col2 = %s - [%d] %s\n", $offset, $bind_value1, $bind_value1, $row['col1'], $row['col2'], mysqli_errno($link), mysqli_error($link)); return false; } $row = mysqli_fetch_assoc($res); if ($row['col1'] != $bind_value1 || $row['col2'] != $bind_value2) { printf("[%03d + 12] Expecting col1 = %s, col2 = %s got col1 = %s, col2 = %s - [%d] %s\n", $offset, $bind_value1, $bind_value2, $row['col1'], $row['col2'], mysqli_errno($link), mysqli_error($link)); return false; } mysqli_free_result($res); return true; }
function mysqli_query_insert($type, $len, $runs, $host, $user, $passwd, $db, $port, $socket) { $errors = $times = array(); foreach ($runs as $k => $run) { $times['INSERT ' . $type . ' ' . $run . 'x = #rows overall'] = microtime(true); do { if (!($link = @mysqli_connect($host, $user, $passwd, $db, $port, $socket))) { $errors[] = sprintf("INSERT %s %dx = #rows connect failure (original code = %s)", $type, $run, $flag_original_code ? 'yes' : 'no'); break 2; } if (!mysqli_query($link, "DROP TABLE IF EXISTS test")) { $errors[] = sprintf("INSERT %s %dx = #rows drop table failure (original code = %s): [%d] %s", $type, $run, $flag_original_code ? 'yes' : 'no', mysqli_errno($link), mysqli_error($link)); break 2; } if (!mysqli_query($link, sprintf("CREATE TABLE test(id INT NOT NULL AUTO_INCREMENT PRIMARY KEY, label %s)", $type))) { $errors[] = sprintf("INSERT %s %dx = #rows create table failure (original code = %s): [%d] %s", $type, $run, $flag_original_code ? 'yes' : 'no', mysqli_errno($link), mysqli_error($link)); break 2; } $label = ''; for ($i = 0; $i < $len; $i++) { $label .= chr(mt_rand(65, 90)); } $start = microtime(true); if (!($stmt = mysqli_stmt_init($link))) { $error[] = sprintf("INSERT %s %dx = #rows mysqli_stmt_init() failed (original code = %s): [%d] %s", $type, $run, $flag_original_code ? 'yes' : 'no', mysqli_errno($link), mysqli_error($link)); break 2; } $ret = mysqli_stmt_prepare($stmt, "INSERT INTO test(id, label) VALUES (?, ?)"); $times['INSERT ' . $type . ' ' . $run . 'x = #rows stmt_init() + stmt_prepare()'] += microtime(true) - $start; if (!$ret) { $error[] = sprintf("INSERT %s %dx = #rows mysqli_stmt_init() failed (original code = %s): [%d] %s", $type, $run, $flag_original_code ? 'yes' : 'no', mysqli_errno($link), mysqli_error($link)); break 2; } $start = microtime(true); $ret = mysqli_stmt_bind_param($stmt, 'is', $i, $label); $times['INSERT ' . $type . ' ' . $run . 'x = #rows stmt_bind_param()'] += microtime(true) - $start; if (!$ret) { $error[] = sprintf("INSERT %s %dx = #rows mysqli_stmt_bind_param failed (original code = %s): [%d] %s", $type, $run, $flag_original_code ? 'yes' : 'no', mysqli_errno($link), mysqli_error($link)); break 2; } for ($i = 1; $i <= $run; $i++) { $start = microtime(true); $ret = mysqli_stmt_execute($stmt); $times['INSERT ' . $type . ' ' . $run . 'x = #rows stmt_execute()'] += microtime(true) - $start; if (!$ret) { $errors[] = sprintf("INSERT %s %dx = #rows stmt_execute failure (original code = %s): [%d] %s", $type, $run, $flag_original_code ? 'yes' : 'no', mysqli_errno($link), mysqli_error($link)); break 3; } } mysqli_stmt_close($stmt); mysqli_close($link); } while (false); $times['INSERT ' . $type . ' ' . $run . 'x = #rows overall'] = microtime(true) - $times['INSERT ' . $type . ' ' . $run . 'x = #rows overall']; } return array($errors, $times); }
function insertLogingegevens($PersoonID, $Gebruikersnaam, $Wachtwoord) { $link = connect(); $stmt = mysqli_prepare($link, "INSERT INTO Logingegevens(PersoonID, Gebruikersnaam, Wachtwoord) VALUES(?, ?, ?);"); mysqli_stmt_bind_param($stmt, "iss", $PersoonID, $Gebruikersnaam, $Wachtwoord); mysqli_stmt_execute($stmt); mysqli_stmt_free_result($stmt); mysqli_stmt_close($stmt); mysqli_close($link); }
function mysqli_update($db, $sql) { $stmt = call_user_func_array('mysqli_interpolate', func_get_args()); if (!mysqli_stmt_execute($stmt)) { throw new mysqli_sql_exception(mysqli_stmt_error($stmt), mysqli_stmt_errno($stmt)); } $affected = mysqli_stmt_affected_rows($stmt); mysqli_stmt_close($stmt); return (int) $affected; }
function mysqli_update($db, string $sql, ...$params) : int { $stmt = mysqli_interpolate($db, $sql, ...$params); if (!mysqli_stmt_execute($stmt)) { throw new mysqli_sql_exception(mysqli_stmt_error($stmt), mysqli_stmt_errno($stmt)); } $affected = mysqli_stmt_affected_rows($stmt); mysqli_stmt_close($stmt); return $affected; }
function model_delete($id) { global $link; $query = 'DELETE FROM kleemets_kaubad WHERE Id=? LIMIT 1'; $stmt = mysqli_prepare($link, $query); mysqli_stmt_bind_param($stmt, 'i', $id); mysqli_stmt_execute($stmt); $deleted = mysqli_stmt_affected_rows($stmt); mysqli_stmt_close($stmt); return $deleted; }
function model_user_add($kasutajanimi, $parool) { global $l; $hash = password_hash($parool, PASSWORD_DEFAULT); $query = 'INSERT INTO areinman__kasutajad (Kasutajanimi, Parool) VALUES (?, ?)'; $stmt = mysqli_prepare($l, $query); mysqli_stmt_bind_param($stmt, 'ss', $kasutajanimi, $hash); mysqli_stmt_execute($stmt); $id = mysqli_stmt_insert_id($stmt); mysqli_stmt_close($stmt); return $id; }
function test_format($link, $format, $from, $order_by, $expected, $offset) { if (!($stmt = mysqli_stmt_init($link))) { printf("[%03d] Cannot create PS, [%d] %s\n", $offset, mysqli_errno($link), mysqli_error($link)); return false; } if ($order_by) { $sql = sprintf('SELECT %s AS _format FROM %s ORDER BY %s', $format, $from, $order_by); } else { $sql = sprintf('SELECT %s AS _format FROM %s', $format, $from); } if (!mysqli_stmt_prepare($stmt, $sql)) { printf("[%03d] Cannot prepare PS, [%d] %s\n", $offset + 1, mysqli_stmt_errno($stmt), mysqli_stmt_error($stmt)); return false; } if (!mysqli_stmt_execute($stmt)) { printf("[%03d] Cannot execute PS, [%d] %s\n", $offset + 2, mysqli_stmt_errno($stmt), mysqli_stmt_error($stmt)); return false; } if (!mysqli_stmt_store_result($stmt)) { printf("[%03d] Cannot store result set, [%d] %s\n", $offset + 3, mysqli_stmt_errno($stmt), mysqli_stmt_error($stmt)); return false; } if (!is_array($expected)) { $result = null; if (!mysqli_stmt_bind_result($stmt, $result)) { printf("[%03d] Cannot bind result, [%d] %s\n", $offset + 4, mysqli_stmt_errno($stmt), mysqli_stmt_error($stmt)); return false; } if (!mysqli_stmt_fetch($stmt)) { printf("[%03d] Cannot fetch result,, [%d] %s\n", $offset + 5, mysqli_stmt_errno($stmt), mysqli_stmt_error($stmt)); return false; } if ($result !== $expected) { printf("[%03d] Expecting %s/%s got %s/%s with %s - %s.\n", $offset + 6, gettype($expected), $expected, gettype($result), $result, $format, $sql); } } else { $order_by_col = $result = null; if (!mysqli_stmt_bind_result($stmt, $order_by_col, $result)) { printf("[%03d] Cannot bind result, [%d] %s\n", $offset + 7, mysqli_stmt_errno($stmt), mysqli_stmt_error($stmt)); return false; } reset($expected); while ((list($k, $v) = each($expected)) && mysqli_stmt_fetch($stmt)) { if ($result !== $v) { printf("[%03d] Row %d - expecting %s/%s got %s/%s [%s] with %s - %s.\n", $offset + 8, $k, gettype($v), $v, gettype($result), $result, $order_by_col, $format, $sql); } } } mysqli_stmt_free_result($stmt); mysqli_stmt_close($stmt); return true; }
function addItemToCatalog($title, $author, $pubyear, $price) { $sql = "INSERT INTO catalog (title, author, pubyear, price) VALUES ('{$title}', '{$author}', '{$pubyear}', '{$price}')"; global $link; if (!($stmt = mysqli_prepare($link, $sql))) { showSqlErrors("addItemToCatalog"); return false; } mysqli_stmt_bind_param($stmt, "ssii", $title, $author, $pubyear, $price); mysqli_stmt_execute($stmt); mysqli_stmt_close($stmt); return true; }
/** * @param $connection * @param array $user * @return bool */ function saveUser($connection, array &$user) { $query = 'INSERT IGNORE INTO users (name, email, hashed_password) VALUES (?, ?, ?)'; $statement = mysqli_prepare($connection, $query); mysqli_stmt_bind_param($statement, 'sss', $user['name'], $user['email'], $user['hashed_password']); mysqli_stmt_execute($statement); $inserted = (bool) mysqli_stmt_affected_rows($statement); if ($inserted) { $user['id'] = mysqli_stmt_insert_id($statement); } mysqli_stmt_close($statement); return $inserted; }
function register($usr, $pass, $cpass, $email, $register_moment, $games) { if ($pass != $cpass) { die("Mismatched passwords"); } $table = "fp_users"; $conn = conn(); $stmt = mysqli_prepare($conn, "INSERT INTO {$table} (username, password, user_since, contact, games_played) VALUES (?,?,?,?,?)"); mysqli_stmt_bind_param($stmt, 'ssisi', $usr, $pass, $register_moment, $email, $games); mysqli_stmt_execute($stmt); mysqli_stmt_close($stmt); login($usr, $pass); }
function saveRecord() { global $link; //insert into game table $sql = "INSERT INTO game VALUES(?,?,?,?)"; if ($stmt = mysqli_prepare($link, $sql)) { //prepare successful mysqli_stmt_bind_param($stmt, "ssss", $_POST['GameID'], $_POST['HomeTeam'], $_POST['GuestTeam'], $_POST['GameTime']) or die("bind param"); //mysqli_stmt_bind_param($stmt, "ssss", $_POST['GameID'], $_POST['HomeTeam'], $_POST['GuestTeam'], NOW()) or die("bind param"); if (mysqli_stmt_execute($stmt)) { //execute successful echo "<h2>Successfully insert Record</h2>"; } else { echo "WRONG1"; } mysqli_stmt_close($stmt); } else { //prepare failed echo "WRONG2"; } //insert into team_game table $sql2 = "INSERT INTO team_game VALUES(?,?)"; if ($stmt = mysqli_prepare($link, $sql2)) { //prepare successful mysqli_stmt_bind_param($stmt, "ss", $_POST['HomeTeam'], $_POST['GameID']) or die("bind param"); if (mysqli_stmt_execute($stmt)) { //execute successful echo "<h2>Successfully insert Record</h2>"; } else { echo "WRONG1"; } mysqli_stmt_close($stmt); } else { //prepare failed echo "WRONG2"; } if ($stmt = mysqli_prepare($link, $sql2)) { //prepare successful mysqli_stmt_bind_param($stmt, "ss", $_POST['GuestTeam'], $_POST['GameID']) or die("bind param"); if (mysqli_stmt_execute($stmt)) { //execute successful echo "<h2>Successfully insert Record</h2>"; } else { echo "WRONG1"; } mysqli_stmt_close($stmt); } else { //prepare failed echo "WRONG2"; } }
function getStatusById($id) { $connection = dbConnect(); $options = ['columns' => 'id, status', 'where' => ['id' => $id]]; $sql = buildSelect('status_atividade', $options); $stmt = mysqli_prepare($connection, $sql); mysqli_stmt_bind_param($stmt, 'i', $id); mysqli_stmt_execute($stmt); $resultObject = mysqli_stmt_get_result($stmt); $result = mysqli_fetch_all($resultObject, MYSQLI_ASSOC); mysqli_stmt_close($stmt); dbClose($connection); return $result[0]; }
function getUserById($id) { $connection = dbConnect(); $options = ['columns' => 'u.id_setor, u.nome, u.email, u.ativo, u.tipo, s.sigla, s.nome as setor', 'join' => [['type' => 'INNER JOIN', 'table' => 'setores s', 'columns' => 's.id = u.id_setor']], 'where' => ['u.id' => $id]]; $sql = buildSelect('usuarios u', $options); $stmt = mysqli_prepare($connection, $sql); mysqli_stmt_bind_param($stmt, 'i', $id); mysqli_stmt_execute($stmt); $resultObject = mysqli_stmt_get_result($stmt); $result = mysqli_fetch_all($resultObject, MYSQLI_ASSOC); mysqli_stmt_close($stmt); dbClose($connection); return $result[0]; }
function add_one($array) { $query = "INSERT INTO `{$this->_table}` SET `{$this->_fields_aut}` = ?"; $stmt = mysqli_prepare($this->_c, $query); if ($stmt) { $count = count($data_add); for ($i = 0; $i < $count; $i++) { mysqli_stmt_bind_param($stmt, 's', $data_add[$i]); mysqli_stmt_execute($stmt); } } return printf("Rows inserted: %d\n", mysqli_stmt_affected_rows($stmt)); mysqli_stmt_close($stmt); }