function authenticate_user($data)
{
global $db;
$email = $data['email'];
$password = $data['password'];
//getting the salt
$stmt = mysqli_prepare($db, "SELECT salt FROM users WHERE email = ? LIMIT 1");
mysqli_stmt_bind_param($stmt, "s", $email);
mysqli_stmt_execute($stmt);
mysqli_stmt_store_result($stmt);
mysqli_stmt_bind_result($stmt, $salt);
if (mysqli_stmt_num_rows($stmt)) {
mysqli_stmt_fetch($stmt);
$password = hash('sha256', "{$password}" . "{$salt}");
//adding salt to given pass hashing and checking if the resulting hash is the same as the original
mysqli_stmt_close($stmt);
$stmt = mysqli_prepare($db, "SELECT uid, username, email FROM users WHERE email = ? AND password = ?");
mysqli_stmt_bind_param($stmt, "ss", $email, $password);
mysqli_stmt_execute($stmt);
mysqli_stmt_store_result($stmt);
mysqli_stmt_bind_result($stmt, $uid, $username, $email);
if (mysqli_stmt_num_rows($stmt)) {
mysqli_stmt_fetch($stmt);
mysqli_stmt_close($stmt);
$user = ['userid' => $uid, 'username' => $username, 'email' => $email];
return $user;
} else {
return false;
}
} else {
return false;
}
}
public static function get_makes()
{
//open connection to MySql
parent::open_connection();
//initialize arrays
$ids = array();
//array for ids
$list = array();
//array for objects
//query
$query = "select mak_id from makes";
//prepare command
$command = parent::$connection->prepare($query);
//execute command
$command->execute();
//link results
$command->bind_result($id);
//fill ids array
while ($command->fetch()) {
array_push($ids, $id);
}
//close command
mysqli_stmt_close($command);
//close connection
parent::close_connection();
//fill object array
for ($i = 0; $i < count($ids); $i++) {
array_push($list, new Make($ids[$i]));
}
//return array
return $list;
}
/**
* Save data
* @param array Request data (unfiltered)
*/
function saveAction($request)
{
require_once 'config.php';
//connection:
$link = mysqli_connect($servidor, $user, $pass, $database) or die("Error " . mysqli_error($link));
$flag = 'false';
$param = $request;
$idUrl = mysqli_real_escape_string($link, $param['idUrl']);
$dataPost = isset($param['data']) ? $param['data'] : false;
$idPage = _checkIdUrl($link, $idUrl);
if ($idPage > 0 && is_array($dataPost) && count($dataPost) > 0) {
$reg = formarDataToSerial($idPage, $dataPost);
$reg['page_id'] = intval($reg['page_id']);
$reg['browser_id'] = $reg['browser_id'];
$reg['view_port'] = mysqli_real_escape_string($link, $reg['view_port']);
$reg['window_browser'] = mysqli_real_escape_string($link, $reg['window_browser']);
$reg['screen'] = mysqli_real_escape_string($link, $reg['screen']);
$query = "INSERT INTO heatmap (page_id, browser_id, view_port, window_browser, screen, data_serial, created_at) " . "VALUES ('" . $reg['page_id'] . "', '" . $reg['browser_id'] . "','" . $reg['view_port'] . "','" . $reg['window_browser'] . "','" . $reg['screen'] . "', '" . $reg['data_serial'] . "', '" . date('Y-m-d H:i:s') . "')";
$stmt = mysqli_prepare($link, $query);
mysqli_stmt_execute($stmt);
mysqli_stmt_close($stmt);
$flag = 'true';
}
mysqli_close($link);
echo $flag;
}
function email()
{
global $link, $stmt;
if (defined("CRYPT_BLOWFISH") && CRYPT_BLOWFISH) {
$salt = '$2y$11$' . substr(md5(uniqid(rand(), true)), 0, 22);
$password = crypt($_POST['password'], $salt);
}
mysqli_stmt_bind_param($stmt, 'ss', $_POST['email'], $password);
mysqli_stmt_execute($stmt);
mysqli_stmt_close($stmt);
//to verify email
$hash = hash('md5', $_POST["email"]);
$stmt = mysqli_prepare($link, "INSERT INTO `verify_email`(`email`, `hash`) VALUES(?,'" . $hash . "')") or die(mysqli_error($link));
mysqli_stmt_bind_param($stmt, 's', $_POST['email']);
mysqli_stmt_execute($stmt);
mysqli_stmt_close($stmt);
mysqli_close($link);
$to = $_POST['email'];
$subject = 'Email varification';
$message = 'Please click this link to activate your account: http://woofwarrior.com//gallery/verify.php?email=' . $_POST['email'] . '&hash=' . $hash . ' ';
$headers = "From: activation@woofwarrior.com\r\n";
mail($to, $subject, $message, $headers);
//echo json_encode('signed up, verify email. Please click this link to activate your account: http://woofwarrior.com//gallery/htdocs/verify.php?email='.$_POST['email'].'&hash='.$hash);
echo json_encode('verify email');
}
function bindFetch($stmt, $valArray)
{
prepareStatment($stmt, $valArray);
mysqli_stmt_execute($stmt);
$array = array();
if ($stmt instanceof mysqli_stmt) {
$stmt->store_result();
$variables = array();
$data = array();
$meta = $stmt->result_metadata();
while ($field = $meta->fetch_field()) {
$variables[] =& $data[$field->name];
}
// pass by reference
call_user_func_array(array($stmt, 'bind_result'), $variables);
$i = 0;
while ($stmt->fetch()) {
$array[$i] = array();
foreach ($data as $k => $v) {
$array[$i][$k] = $v;
}
$i++;
}
} elseif ($stmt instanceof mysqli_result) {
while ($row = $stmt->fetch_assoc()) {
$array[] = $row;
}
}
mysqli_stmt_close($stmt);
return $array;
}
function registrator($link)
{
//Функция регистрации пользователя (Взято из интернета "редактированно")
if (!empty($_POST["submit"])) {
if (!preg_match("/^[a-zA-Z0-9]+\$/", $_POST['login'])) {
$err[] = "Логин может состоять только из букв английского алфавита и цифр<br>";
}
if (strlen($_POST['login']) < 3 or strlen($_POST['login']) > 30) {
$err[] = "Логин должен быть не меньше 3-х символов и не больше 30<br>";
}
$query = "SELECT COUNT(user_id) FROM users WHERE user_login='******'login']) . "'";
if ($stmt = mysqli_prepare($link, $query)) {
mysqli_stmt_execute($stmt);
mysqli_stmt_bind_result($stmt, $user_id);
mysqli_stmt_store_result($stmt);
mysqli_stmt_fetch($stmt);
mysqli_stmt_close($stmt);
}
if (!$user_id == 0) {
$err[] = "Пользователь с таким логином уже существует в базе данных<br>";
}
if (count($err) == 0) {
$login = $_POST['login'];
$password = md5(md5(trim($_POST['password'])));
mysqli_query($link, "INSERT INTO users SET user_login='******', user_password='******'");
header("Location: login.php");
exit;
} else {
print "<b>При регистрации произошли следующие ошибки:</b><br>";
foreach ($err as $error) {
print $error . "<br>";
}
}
}
}
function update_last_try($dbh, $config, $key)
{
$stmt = mysqli_prepare($dbh, "UPDATE " . $config['table_prefix'] . "keys SET last_try = NOW() WHERE `key` = ?");
mysqli_stmt_bind_param($stmt, "s", $key);
mysqli_stmt_execute($stmt);
mysqli_stmt_close($stmt);
}
function changeItem($elemID, $uniqueID, $changeTo)
{
// Connect to the MySQL database
$host = "fall-2015.cs.utexas.edu";
$user = "******";
$file = fopen("/u/pjobrien/password.txt", "r");
$line = fgets($file);
$pwd = trim($line);
fclose($file);
$dbs = "cs329e_pjobrien";
$port = "3306";
$connect = mysqli_connect($host, $user, $pwd, $dbs, $port);
if (empty($connect)) {
die("mysql_connect failed " . mysqli_connect_error());
}
$elemID = trim($elemID);
$uniqueID = trim($uniqueID);
$changeTo = trim($changeTo);
// get the item we want to change from the front end
$stmt = mysqli_prepare($connect, "UPDATE userInfo SET {$elemID} = ? WHERE username= ?");
mysqli_stmt_bind_param($stmt, 'ss', $changeTo, $uniqueID) or die("Failed: " . mysqli_error($connect));
mysqli_stmt_execute($stmt) or die("Failed: " . mysqli_error($connect));
mysqli_stmt_close($stmt);
// Close connection to the database
mysqli_close($connect);
return true;
}
function __construct()
{
if (func_num_args() == 0) {
$this->id = '';
$this->name = '';
$this->description = '';
$this->dosification = '';
$this->peridiocity = "";
}
if (func_num_args() == 1) {
$args = func_get_args();
$id = $args[0];
parent::open_connection();
$query = "select schedule_id, schedule_name, schedule_note from Activities_Schedule where schedule_id = ?";
$command = parent::$connection->prepare($query);
$command->bind_param('s', $id);
$command->execute();
$command->bind_result($this->id, $this->name, $this->description);
$found = $command->fetch();
mysqli_stmt_close($command);
parent::close_connection();
if (!$found) {
throw new RecordNotFoundException();
}
}
}
function checkCredentials($username, $password)
{
$link = retrieve_mysqli();
//Test to see if their credentials are valid
$queryString = 'SELECT salt, hashed_password FROM user WHERE username = ?';
if ($stmt = mysqli_prepare($link, $queryString)) {
//Get the stored salt and hash as $dbSalt and $dbHash
mysqli_stmt_bind_param($stmt, "s", $username);
mysqli_stmt_execute($stmt);
mysqli_stmt_bind_result($stmt, $dbSalt, $dbHash);
mysqli_stmt_fetch($stmt);
mysqli_stmt_close($stmt);
// close prepared statement
mysqli_close($link);
/* close connection */
//Generate the local hash to compare against $dbHash
$localhash = generateHash($dbSalt . $password);
//Compare the local hash and the database hash to see if they're equal
if ($localhash == $dbHash) {
return true;
}
// password hashes matched, this is a valid user
}
return false;
// password hashes did not match or username didn't exist
}
function update_vote($image_id)
{
//get number of votes and update
global $link;
/*$result = mysqli_query($link, "SELECT `amount` FROM `votes_amount` WHERE `imageID`=".$image_id.";") or die(mysqli_error($link));
$amount = mysqli_fetch_assoc($result);
$new_amount = $amount['amount']+1;
mysqli_query($link, "UPDATE `votes_amount` SET `amount`=".$new_amount." WHERE `imageID`=".$image_id.";") or die(mysqli_error($link));*/
$stmt = mysqli_stmt_init($link);
mysqli_stmt_prepare($stmt, "SELECT `amount` FROM `votes_amount` WHERE `imageID`=?;") or die(mysqli_error($link));
mysqli_stmt_bind_param($stmt, 'i', $image_id);
mysqli_stmt_execute($stmt);
$result = mysqli_stmt_get_result($stmt);
mysqli_stmt_close($stmt);
$amount = mysqli_fetch_assoc($result);
$new_amount = $amount['amount'] + 1;
$stmt = mysqli_prepare($link, "UPDATE `votes_amount` SET `amount`=" . $new_amount . " WHERE `imageID`=?;") or die(mysqli_error($link));
mysqli_stmt_bind_param($stmt, 'i', $image_id);
mysqli_stmt_execute($stmt);
mysqli_stmt_close($stmt);
//return ajax data
if (isset($_SESSION['id']) && !isset($_POST['action']) && !isset($_POST['votePic'])) {
$data = array('new_amount' => $new_amount, 'imageID' => $image_id);
} elseif (isset($_POST['action']) && $_POST['action'] == 'anonymous_voting') {
//get another two images
$result = mysqli_query($link, "SELECT * FROM `image` ORDER BY RAND() LIMIT 2;") or die(mysqli_error($link));
$data = array();
while ($row = mysqli_fetch_assoc($result)) {
$data[] = $row;
}
}
mysqli_close($link);
return $data;
}
function getPageInfo($con, $page_id)
{
$result_array = array();
$query_case_list = "SELECT key_value_latin FROM page WHERE page_id = ?";
if (!($stmt = mysqli_prepare($con, $query_case_list))) {
#echo "Prepare failed: (" . mysqli_connect_errno() . ") " . mysqli_connect_error()."<br>";
}
//set values
#echo "set value...";
$id = 1;
if (!mysqli_stmt_bind_param($stmt, "s", $page_id)) {
#echo "Binding parameters failed: (" . mysqli_connect_errno() . ") " . mysqli_connect_error()."<br>";
}
#echo "execute...";
if (!mysqli_stmt_execute($stmt)) {
#echo "Execution failed: (" . mysqli_connect_errno() . ") " . mysqli_connect_error()."<br>";
}
/* instead of bind_result: */
#echo "get result...";
if (!mysqli_stmt_bind_result($stmt, $key_value_latin)) {
#echo "Getting results failed: (" . mysqli_connect_errno() . ") " . mysqli_connect_error()."<br>";
}
if (mysqli_stmt_fetch($stmt)) {
$result_array = array("key_value_latin" => $key_value_latin);
} else {
#echo "Fetching results failed: (" . mysqli_connect_errno() . ") " . mysqli_connect_error()."<br>";
print_r(error_get_last());
}
mysqli_stmt_close($stmt);
return $result_array;
}
public function EliminarRedSocial($id)
{
$mysqli = $this->mysqli;
$stmt = \mysqli_prepare($mysqli, "CALL ELIMINAR_RS(?)");
\mysqli_stmt_bind_param($stmt, 'i', $id);
\mysqli_stmt_execute($stmt);
\mysqli_stmt_close($stmt);
}
public function EliminarImagen($imagen)
{
$mysqli = $this->mysqli;
$stmt = \mysqli_prepare($mysqli, "CALL ELIMINAR_IMG(?);");
\mysqli_stmt_bind_param($stmt, 'i', $imagen);
\mysqli_stmt_execute($stmt);
\mysqli_stmt_close($stmt);
}
function mysqli_fetch_array_large($offset, $link, $package_size)
{
/* we are aiming for maximum compression to test MYSQLI_CLIENT_COMPRESS */
$random_char = str_repeat('a', 255);
$sql = "INSERT INTO test(label) VALUES ";
while (strlen($sql) < $package_size - 259) {
$sql .= sprintf("('%s'), ", $random_char);
}
$sql = substr($sql, 0, -2);
$len = strlen($sql);
assert($len < $package_size);
if (!@mysqli_query($link, $sql)) {
if (1153 == mysqli_errno($link) || 2006 == mysqli_errno($link) || stristr(mysqli_error($link), 'max_allowed_packet')) {
/*
myslqnd - [1153] Got a packet bigger than 'max_allowed_packet' bytes
libmysql -[2006] MySQL server has gone away
*/
return false;
}
printf("[%03d + 1] len = %d, [%d] %s\n", $offset, $len, mysqli_errno($link), mysqli_error($link));
return false;
}
/* buffered result set - let's hope we do not run into PHP memory limit... */
if (!($res = mysqli_query($link, "SELECT id, label FROM test"))) {
printf("[%03d + 2] len = %d, [%d] %s\n", $offset, $len, mysqli_errno($link), mysqli_error($link));
return false;
}
while ($row = mysqli_fetch_assoc($res)) {
if ($row['label'] != $random_char) {
printf("[%03d + 3] Wrong results - expecting '%s' got '%s', len = %d, [%d] %s\n", $offset, $random_char, $row['label'], $len, mysqli_errno($link), mysqli_error($link));
return false;
}
}
mysqli_free_result($res);
if (!($stmt = mysqli_prepare($link, "SELECT id, label FROM test"))) {
printf("[%03d + 4] len = %d, [%d] %s\n", $offset, $len, mysqli_errno($link), mysqli_error($link));
return false;
}
/* unbuffered result set */
if (!mysqli_stmt_execute($stmt)) {
printf("[%03d + 5] len = %d, [%d] %s, [%d] %s\n", $offset, $len, mysqli_stmt_errno($stmt), mysqli_stmt_error($stmt), mysqli_errno($link), mysqli_error($link));
return false;
}
$id = $label = NULL;
if (!mysqli_stmt_bind_result($stmt, $id, $label)) {
printf("[%03d + 6] len = %d, [%d] %s, [%d] %s\n", $offset, $len, mysqli_stmt_errno($stmt), mysqli_stmt_error($stmt), mysqli_errno($link), mysqli_error($link));
return false;
}
while (mysqli_stmt_fetch($stmt)) {
if ($label != $random_char) {
printf("[%03d + 7] Wrong results - expecting '%s' got '%s', len = %d, [%d] %s\n", $offset, $random_char, $label, $len, mysqli_stmt_errno($stmt), mysqli_stmt_error($stmt));
return false;
}
}
mysqli_stmt_free_result($stmt);
mysqli_stmt_close($stmt);
return true;
}
function bind_twice($link, $engine, $sql_type1, $sql_type2, $bind_type1, $bind_type2, $bind_value1, $bind_value2, $offset)
{
if (!mysqli_query($link, "DROP TABLE IF EXISTS test_mysqli_stmt_bind_param_type_juggling_table_1")) {
printf("[%03d + 1] [%d] %s\n", $offset, mysqli_errno($link), mysqli_error($link));
return false;
}
mysqli_autocommit($link, true);
$sql = sprintf("CREATE TABLE test_mysqli_stmt_bind_param_type_juggling_table_1(col1 %s, col2 %s) ENGINE=%s", $sql_type1, $sql_type2, $engine);
if (!mysqli_query($link, $sql)) {
printf("[%03d + 2] [%d] %s\n", $offset, mysqli_errno($link), mysqli_error($link));
return false;
}
if (!($stmt = mysqli_stmt_init($link))) {
printf("[%03d + 3] [%d] %s\n", $offset, mysqli_errno($link), mysqli_error($link));
return false;
}
if (!mysqli_stmt_prepare($stmt, "INSERT INTO test_mysqli_stmt_bind_param_type_juggling_table_1(col1, col2) VALUES (?, ?)")) {
printf("[%03d + 4] [%d] %s\n", $offset, mysqli_stmt_errno($stmt), mysqli_stmt_error($stmt));
return false;
}
if (!mysqli_stmt_bind_param($stmt, $bind_type1 . $bind_type2, $bind_value1, $bind_value1)) {
printf("[%03d + 5] [%d] %s\n", $offset, mysqli_stmt_errno($stmt), mysqli_stmt_error($stmt));
return false;
}
if (!mysqli_stmt_execute($stmt)) {
printf("[%03d + 6] [%d] %s\n", $offset, mysqli_stmt_errno($stmt), mysqli_stmt_error($stmt));
return false;
}
if (!mysqli_stmt_bind_param($stmt, $bind_type1 . $bind_type2, $bind_value1, $bind_value2)) {
printf("[%03d + 7] [%d] %s\n", $offset, mysqli_stmt_errno($stmt), mysqli_stmt_error($stmt));
return false;
}
if (!mysqli_stmt_execute($stmt)) {
printf("[%03d + 8] [%d] %s\n", $offset, mysqli_stmt_errno($stmt), mysqli_stmt_error($stmt));
return false;
}
mysqli_stmt_close($stmt);
if (!($res = mysqli_query($link, "SELECT col1, col2 FROM test_mysqli_stmt_bind_param_type_juggling_table_1"))) {
printf("[%03d + 9] [%d] %s\n", $offset, mysqli_errno($link), mysqli_error($link));
return false;
}
if (2 !== ($tmp = mysqli_num_rows($res))) {
printf("[%03d + 10] Expecting 2 rows, got %d rows [%d] %s\n", $offset, $tmp, mysqli_errno($link), mysqli_error($link));
}
$row = mysqli_fetch_assoc($res);
if ($row['col1'] != $bind_value1 || $row['col2'] != $bind_value1) {
printf("[%03d + 11] Expecting col1 = %s, col2 = %s got col1 = %s, col2 = %s - [%d] %s\n", $offset, $bind_value1, $bind_value1, $row['col1'], $row['col2'], mysqli_errno($link), mysqli_error($link));
return false;
}
$row = mysqli_fetch_assoc($res);
if ($row['col1'] != $bind_value1 || $row['col2'] != $bind_value2) {
printf("[%03d + 12] Expecting col1 = %s, col2 = %s got col1 = %s, col2 = %s - [%d] %s\n", $offset, $bind_value1, $bind_value2, $row['col1'], $row['col2'], mysqli_errno($link), mysqli_error($link));
return false;
}
mysqli_free_result($res);
return true;
}
function mysqli_query_insert($type, $len, $runs, $host, $user, $passwd, $db, $port, $socket)
{
$errors = $times = array();
foreach ($runs as $k => $run) {
$times['INSERT ' . $type . ' ' . $run . 'x = #rows overall'] = microtime(true);
do {
if (!($link = @mysqli_connect($host, $user, $passwd, $db, $port, $socket))) {
$errors[] = sprintf("INSERT %s %dx = #rows connect failure (original code = %s)", $type, $run, $flag_original_code ? 'yes' : 'no');
break 2;
}
if (!mysqli_query($link, "DROP TABLE IF EXISTS test")) {
$errors[] = sprintf("INSERT %s %dx = #rows drop table failure (original code = %s): [%d] %s", $type, $run, $flag_original_code ? 'yes' : 'no', mysqli_errno($link), mysqli_error($link));
break 2;
}
if (!mysqli_query($link, sprintf("CREATE TABLE test(id INT NOT NULL AUTO_INCREMENT PRIMARY KEY, label %s)", $type))) {
$errors[] = sprintf("INSERT %s %dx = #rows create table failure (original code = %s): [%d] %s", $type, $run, $flag_original_code ? 'yes' : 'no', mysqli_errno($link), mysqli_error($link));
break 2;
}
$label = '';
for ($i = 0; $i < $len; $i++) {
$label .= chr(mt_rand(65, 90));
}
$start = microtime(true);
if (!($stmt = mysqli_stmt_init($link))) {
$error[] = sprintf("INSERT %s %dx = #rows mysqli_stmt_init() failed (original code = %s): [%d] %s", $type, $run, $flag_original_code ? 'yes' : 'no', mysqli_errno($link), mysqli_error($link));
break 2;
}
$ret = mysqli_stmt_prepare($stmt, "INSERT INTO test(id, label) VALUES (?, ?)");
$times['INSERT ' . $type . ' ' . $run . 'x = #rows stmt_init() + stmt_prepare()'] += microtime(true) - $start;
if (!$ret) {
$error[] = sprintf("INSERT %s %dx = #rows mysqli_stmt_init() failed (original code = %s): [%d] %s", $type, $run, $flag_original_code ? 'yes' : 'no', mysqli_errno($link), mysqli_error($link));
break 2;
}
$start = microtime(true);
$ret = mysqli_stmt_bind_param($stmt, 'is', $i, $label);
$times['INSERT ' . $type . ' ' . $run . 'x = #rows stmt_bind_param()'] += microtime(true) - $start;
if (!$ret) {
$error[] = sprintf("INSERT %s %dx = #rows mysqli_stmt_bind_param failed (original code = %s): [%d] %s", $type, $run, $flag_original_code ? 'yes' : 'no', mysqli_errno($link), mysqli_error($link));
break 2;
}
for ($i = 1; $i <= $run; $i++) {
$start = microtime(true);
$ret = mysqli_stmt_execute($stmt);
$times['INSERT ' . $type . ' ' . $run . 'x = #rows stmt_execute()'] += microtime(true) - $start;
if (!$ret) {
$errors[] = sprintf("INSERT %s %dx = #rows stmt_execute failure (original code = %s): [%d] %s", $type, $run, $flag_original_code ? 'yes' : 'no', mysqli_errno($link), mysqli_error($link));
break 3;
}
}
mysqli_stmt_close($stmt);
mysqli_close($link);
} while (false);
$times['INSERT ' . $type . ' ' . $run . 'x = #rows overall'] = microtime(true) - $times['INSERT ' . $type . ' ' . $run . 'x = #rows overall'];
}
return array($errors, $times);
}
function insertLogingegevens($PersoonID, $Gebruikersnaam, $Wachtwoord)
{
$link = connect();
$stmt = mysqli_prepare($link, "INSERT INTO Logingegevens(PersoonID, Gebruikersnaam, Wachtwoord) VALUES(?, ?, ?);");
mysqli_stmt_bind_param($stmt, "iss", $PersoonID, $Gebruikersnaam, $Wachtwoord);
mysqli_stmt_execute($stmt);
mysqli_stmt_free_result($stmt);
mysqli_stmt_close($stmt);
mysqli_close($link);
}
function mysqli_update($db, $sql)
{
$stmt = call_user_func_array('mysqli_interpolate', func_get_args());
if (!mysqli_stmt_execute($stmt)) {
throw new mysqli_sql_exception(mysqli_stmt_error($stmt), mysqli_stmt_errno($stmt));
}
$affected = mysqli_stmt_affected_rows($stmt);
mysqli_stmt_close($stmt);
return (int) $affected;
}
function mysqli_update($db, string $sql, ...$params) : int
{
$stmt = mysqli_interpolate($db, $sql, ...$params);
if (!mysqli_stmt_execute($stmt)) {
throw new mysqli_sql_exception(mysqli_stmt_error($stmt), mysqli_stmt_errno($stmt));
}
$affected = mysqli_stmt_affected_rows($stmt);
mysqli_stmt_close($stmt);
return $affected;
}
function model_delete($id)
{
global $link;
$query = 'DELETE FROM kleemets_kaubad WHERE Id=? LIMIT 1';
$stmt = mysqli_prepare($link, $query);
mysqli_stmt_bind_param($stmt, 'i', $id);
mysqli_stmt_execute($stmt);
$deleted = mysqli_stmt_affected_rows($stmt);
mysqli_stmt_close($stmt);
return $deleted;
}
function model_user_add($kasutajanimi, $parool)
{
global $l;
$hash = password_hash($parool, PASSWORD_DEFAULT);
$query = 'INSERT INTO areinman__kasutajad (Kasutajanimi, Parool) VALUES (?, ?)';
$stmt = mysqli_prepare($l, $query);
mysqli_stmt_bind_param($stmt, 'ss', $kasutajanimi, $hash);
mysqli_stmt_execute($stmt);
$id = mysqli_stmt_insert_id($stmt);
mysqli_stmt_close($stmt);
return $id;
}
function test_format($link, $format, $from, $order_by, $expected, $offset)
{
if (!($stmt = mysqli_stmt_init($link))) {
printf("[%03d] Cannot create PS, [%d] %s\n", $offset, mysqli_errno($link), mysqli_error($link));
return false;
}
if ($order_by) {
$sql = sprintf('SELECT %s AS _format FROM %s ORDER BY %s', $format, $from, $order_by);
} else {
$sql = sprintf('SELECT %s AS _format FROM %s', $format, $from);
}
if (!mysqli_stmt_prepare($stmt, $sql)) {
printf("[%03d] Cannot prepare PS, [%d] %s\n", $offset + 1, mysqli_stmt_errno($stmt), mysqli_stmt_error($stmt));
return false;
}
if (!mysqli_stmt_execute($stmt)) {
printf("[%03d] Cannot execute PS, [%d] %s\n", $offset + 2, mysqli_stmt_errno($stmt), mysqli_stmt_error($stmt));
return false;
}
if (!mysqli_stmt_store_result($stmt)) {
printf("[%03d] Cannot store result set, [%d] %s\n", $offset + 3, mysqli_stmt_errno($stmt), mysqli_stmt_error($stmt));
return false;
}
if (!is_array($expected)) {
$result = null;
if (!mysqli_stmt_bind_result($stmt, $result)) {
printf("[%03d] Cannot bind result, [%d] %s\n", $offset + 4, mysqli_stmt_errno($stmt), mysqli_stmt_error($stmt));
return false;
}
if (!mysqli_stmt_fetch($stmt)) {
printf("[%03d] Cannot fetch result,, [%d] %s\n", $offset + 5, mysqli_stmt_errno($stmt), mysqli_stmt_error($stmt));
return false;
}
if ($result !== $expected) {
printf("[%03d] Expecting %s/%s got %s/%s with %s - %s.\n", $offset + 6, gettype($expected), $expected, gettype($result), $result, $format, $sql);
}
} else {
$order_by_col = $result = null;
if (!mysqli_stmt_bind_result($stmt, $order_by_col, $result)) {
printf("[%03d] Cannot bind result, [%d] %s\n", $offset + 7, mysqli_stmt_errno($stmt), mysqli_stmt_error($stmt));
return false;
}
reset($expected);
while ((list($k, $v) = each($expected)) && mysqli_stmt_fetch($stmt)) {
if ($result !== $v) {
printf("[%03d] Row %d - expecting %s/%s got %s/%s [%s] with %s - %s.\n", $offset + 8, $k, gettype($v), $v, gettype($result), $result, $order_by_col, $format, $sql);
}
}
}
mysqli_stmt_free_result($stmt);
mysqli_stmt_close($stmt);
return true;
}
function addItemToCatalog($title, $author, $pubyear, $price)
{
$sql = "INSERT INTO catalog (title, author, pubyear, price) VALUES ('{$title}', '{$author}', '{$pubyear}', '{$price}')";
global $link;
if (!($stmt = mysqli_prepare($link, $sql))) {
showSqlErrors("addItemToCatalog");
return false;
}
mysqli_stmt_bind_param($stmt, "ssii", $title, $author, $pubyear, $price);
mysqli_stmt_execute($stmt);
mysqli_stmt_close($stmt);
return true;
}
/**
* @param $connection
* @param array $user
* @return bool
*/
function saveUser($connection, array &$user)
{
$query = 'INSERT IGNORE INTO users (name, email, hashed_password) VALUES (?, ?, ?)';
$statement = mysqli_prepare($connection, $query);
mysqli_stmt_bind_param($statement, 'sss', $user['name'], $user['email'], $user['hashed_password']);
mysqli_stmt_execute($statement);
$inserted = (bool) mysqli_stmt_affected_rows($statement);
if ($inserted) {
$user['id'] = mysqli_stmt_insert_id($statement);
}
mysqli_stmt_close($statement);
return $inserted;
}
function register($usr, $pass, $cpass, $email, $register_moment, $games)
{
if ($pass != $cpass) {
die("Mismatched passwords");
}
$table = "fp_users";
$conn = conn();
$stmt = mysqli_prepare($conn, "INSERT INTO {$table} (username, password, user_since, contact, games_played) VALUES (?,?,?,?,?)");
mysqli_stmt_bind_param($stmt, 'ssisi', $usr, $pass, $register_moment, $email, $games);
mysqli_stmt_execute($stmt);
mysqli_stmt_close($stmt);
login($usr, $pass);
}
function saveRecord()
{
global $link;
//insert into game table
$sql = "INSERT INTO game VALUES(?,?,?,?)";
if ($stmt = mysqli_prepare($link, $sql)) {
//prepare successful
mysqli_stmt_bind_param($stmt, "ssss", $_POST['GameID'], $_POST['HomeTeam'], $_POST['GuestTeam'], $_POST['GameTime']) or die("bind param");
//mysqli_stmt_bind_param($stmt, "ssss", $_POST['GameID'], $_POST['HomeTeam'], $_POST['GuestTeam'], NOW()) or die("bind param");
if (mysqli_stmt_execute($stmt)) {
//execute successful
echo "<h2>Successfully insert Record</h2>";
} else {
echo "WRONG1";
}
mysqli_stmt_close($stmt);
} else {
//prepare failed
echo "WRONG2";
}
//insert into team_game table
$sql2 = "INSERT INTO team_game VALUES(?,?)";
if ($stmt = mysqli_prepare($link, $sql2)) {
//prepare successful
mysqli_stmt_bind_param($stmt, "ss", $_POST['HomeTeam'], $_POST['GameID']) or die("bind param");
if (mysqli_stmt_execute($stmt)) {
//execute successful
echo "<h2>Successfully insert Record</h2>";
} else {
echo "WRONG1";
}
mysqli_stmt_close($stmt);
} else {
//prepare failed
echo "WRONG2";
}
if ($stmt = mysqli_prepare($link, $sql2)) {
//prepare successful
mysqli_stmt_bind_param($stmt, "ss", $_POST['GuestTeam'], $_POST['GameID']) or die("bind param");
if (mysqli_stmt_execute($stmt)) {
//execute successful
echo "<h2>Successfully insert Record</h2>";
} else {
echo "WRONG1";
}
mysqli_stmt_close($stmt);
} else {
//prepare failed
echo "WRONG2";
}
}
function getStatusById($id)
{
$connection = dbConnect();
$options = ['columns' => 'id, status', 'where' => ['id' => $id]];
$sql = buildSelect('status_atividade', $options);
$stmt = mysqli_prepare($connection, $sql);
mysqli_stmt_bind_param($stmt, 'i', $id);
mysqli_stmt_execute($stmt);
$resultObject = mysqli_stmt_get_result($stmt);
$result = mysqli_fetch_all($resultObject, MYSQLI_ASSOC);
mysqli_stmt_close($stmt);
dbClose($connection);
return $result[0];
}
function getUserById($id)
{
$connection = dbConnect();
$options = ['columns' => 'u.id_setor, u.nome, u.email, u.ativo, u.tipo, s.sigla, s.nome as setor', 'join' => [['type' => 'INNER JOIN', 'table' => 'setores s', 'columns' => 's.id = u.id_setor']], 'where' => ['u.id' => $id]];
$sql = buildSelect('usuarios u', $options);
$stmt = mysqli_prepare($connection, $sql);
mysqli_stmt_bind_param($stmt, 'i', $id);
mysqli_stmt_execute($stmt);
$resultObject = mysqli_stmt_get_result($stmt);
$result = mysqli_fetch_all($resultObject, MYSQLI_ASSOC);
mysqli_stmt_close($stmt);
dbClose($connection);
return $result[0];
}
function add_one($array)
{
$query = "INSERT INTO `{$this->_table}` SET `{$this->_fields_aut}` = ?";
$stmt = mysqli_prepare($this->_c, $query);
if ($stmt) {
$count = count($data_add);
for ($i = 0; $i < $count; $i++) {
mysqli_stmt_bind_param($stmt, 's', $data_add[$i]);
mysqli_stmt_execute($stmt);
}
}
return printf("Rows inserted: %d\n", mysqli_stmt_affected_rows($stmt));
mysqli_stmt_close($stmt);
}
