function getPrecommitInfoInTimeSlotAsTable($db, $timeSlotID, $DBName, $prefix = '')
{
//prepare query
$table = $prefix . "precommit_" . $timeSlotID;
$query = "SELECT * FROM `" . $DBName . "`.`" . $table . "` ORDER BY `Lane`, `ID`;";
//query and store result
$result = queryDatabase($db, $query);
$dataTable = encodeResultToTable($result);
return $dataTable;
}
function authenticateUser($username, $password, $conn)
{
$user = queryDatabase("SELECT * FROM user WHERE username='******'", $conn);
if ($user->num_rows) {
$user = $user->fetch_array(MYSQLI_ASSOC);
define('RANDOMSTR', 'ELVIJS');
$id = $user['id'];
$password = RANDOMSTR . "{$id}{$password}";
if (password_verify($password, $user['password'])) {
$_SESSION['id'] = $id;
$_SESSION['user'] = $username;
header('Location: index.php');
} else {
echo "Not going to happen!";
}
}
}
function getPublicPostsWithAuthors($conn)
{
return queryDatabase("SELECT * FROM post LEFT JOIN user ON post.author = user.id WHERE post.visible='2'", $conn);
}
if (isset($_GET['id'])) {
$emp_positions = queryDatabase("SELECT position.position_name, emp_position.emp_position_effective_date, emp_position.emp_position_id " . "FROM emp_position INNER JOIN position ON emp_position.emp_position_position_id = position.position_id " . "WHERE emp_position.emp_position_employee_id = " . $_GET['id']);
}
?>
<div id="addEmployeePosition" class="modal" style="overflow-y: visible;">
<form action="addEmployeePosition.php" method="POST" class="col m12">
<div class="modal-content">
<div class="row">
<div class="input-field col m12">
<input type="hidden" name="emp_position_employee_id" value="<?php
echo $_GET['id'];
?>
"></input>
<?php
$positions = queryDatabase('SELECT `position_id`, `position_name` FROM `position`');
?>
<select name="emp_position_position_id" required>
<option value="" disabled selected>Select a Position for this employee</option>
<?php
foreach ($positions as $key => $position) {
echo '<option value="' . $position['position_id'] . '">' . $position['position_name'] . '</option>';
}
?>
</select>
<label for="emp_position_position_id">Section Name</label>
</div>
<div class="input-field col m12">
<input type="date" class="datepicker" name="emp_position_effective_date">
<label for="emp_position_effective_date">Effective Date</label>
</div>
function getPendingFollowers($userID, $conn)
{
return queryDatabase("SELECT * FROM following WHERE follows='{$userID}' AND approved='2'", $conn);
}
$x_IN_FILE = 1;
include 'functions.php';
$mysqlerror = 1;
$data = file('data.txt');
$sql_query = " TRUNCATE TABLE `{$table}` ";
queryDatabase($sql_query);
//1 10.9 119.25 Anchorage Island osm-id 302034523 place:island 10/4/2008 23:30:49
//5904,7.21019,124.24505,"Cotabato City","osm-id 244475001",,"City (Large)",01/28/09,03:43:42 AM
// 0 1 2 3 4 5 6 7
unset($data[0]);
foreach ($data as $k => $v) {
$temp = explode(',', $v);
$lat = $temp[1];
$lng = $temp[2];
$temp[3] = substr($temp[3], 1, strlen($temp[3]) - 2);
$temp[4] = substr($temp[4], 1, strlen($temp[4]) - 2);
$temp[6] = substr($temp[6], 1, strlen($temp[6]) - 2);
$temp[7] .= ' ' . $temp[8];
$place = quote_smart($temp[3]);
$osm = str_replace('osm-id ', '', $temp[4]);
$osm = (int) $osm;
$temp[6] = str_replace('place:', '', $temp[6]);
$temp[6] = str_replace('_', ' ', $temp[6]);
$temp[6] = ucwords($temp[6]);
$osm_desc = quote_smart($temp[6]);
$updated = quote_smart($temp[7]);
$sql_query = "INSERT INTO `{$table}` SET place='{$place}', lat={$lat}, lng={$lng}, osmid={$osm}, osmdesc='{$osm_desc}', updated='{$updated}'";
queryDatabase($sql_query);
echo '.';
}
if (isset($_GET['id'])) {
$emp_sections = queryDatabase("SELECT section.section_name, emp_section.emp_section_effective_date, emp_section.emp_section_id " . "FROM emp_section INNER JOIN section ON emp_section.emp_section_section_id = section.section_id " . "WHERE emp_section.emp_section_employee_id = " . $_GET['id']);
}
?>
<div id="addEmployeeSection" class="modal" style="overflow-y: visible;">
<form action="addEmployeeSection.php" method="POST" class="col m12">
<div class="modal-content">
<div class="row">
<div class="input-field col m12">
<input type="hidden" name="emp_section_employee_id" value="<?php
echo $_GET['id'];
?>
"></input>
<?php
$sections = queryDatabase('SELECT `section_id`, `section_name` FROM `section`');
?>
<select name="emp_section_section_id" required>
<option value="" disabled selected>Select a Section for this employee</option>
<?php
foreach ($sections as $key => $section) {
echo '<option value="' . $section['section_id'] . '">' . $section['section_name'] . '</option>';
}
?>
</select>
<label for="emp_section_section_id">Section Name</label>
</div>
<div class="input-field col m12">
<input type="date" class="datepicker" name="emp_section_effective_date">
<label for="emp_section_effective_date">Effective Date</label>
</div>
<label for="department_name">Name</label>
</div>
</div>
<div class="row">
<div class="input-field col s12">
<input name="department_code" type="text" style="text-transform: uppercase" required maxlength="10">
<label for="department_code" data-wrong="Already exists.">Code</label>
</div>
</div>
<div class="row">
<div class="input-field col m12">
<select name="department_factory_id">
<option value="" disabled selected>Select which factory this department belongs to...</option>
<?php
$html = '';
$factories = queryDatabase('SELECT `factory_id`, `factory_name` FROM `factory`');
foreach ($factories as $factory) {
$html .= '<option value="' . $factory['factory_id'] . '">' . $factory['factory_name'] . '</option>';
}
echo $html;
?>
</select>
</div>
</div>
</div>
<div class="modal-footer">
<button type="submit" name="submit" class="modal-action btn waves-effect waves-light green darken-1">
<i class="material-icons right">add</i> Add
</button>
<a href="#!" class="modal-action modal-close waves-effect waves-red btn-flat black-text">Close</a>
</div>
<label for="section_name">Name</label>
</div>
</div>
<div class="row">
<div class="input-field col s12">
<input name="section_code" type="text" style="text-transform: uppercase" required maxlength="10">
<label for="section_code" data-error="Already exists.">Code</label>
</div>
</div>
<div class="row">
<div class="input-field col s12">
<select name="section_department_id">
<option value="" disabled selected>Select which department this section belongs to...</option>
<?php
$html = '';
$factories = queryDatabase('SELECT `department_id`, `department_name` FROM `department`');
foreach ($factories as $factory) {
$html .= '<option value="' . $factory['department_id'] . '">' . $factory['department_name'] . '</option>';
}
echo $html;
?>
</select>
</div>
</div>
</div>
<div class="modal-footer">
<button type="submit" name="submit" class="modal-action btn waves-effect waves-light green darken-1">
<i class="material-icons right">add</i> Add
</button>
<a href="#!" class="modal-action modal-close waves-effect waves-red btn-flat black-text">Close</a>
</div>
</i></small>
</span>
</div>
</div>
<div class="divider"></div>
<div class="row">
<div class="col m12">
<input type="hidden" name="employee_id" value="<?php
echo $employee['employee_id'];
?>
"></input>
<div class="input-field col s12 m6">
<?php
$workStatuses = queryDatabase('SELECT `work_status_id`, `work_status_name` FROM `work_status` WHERE `work_status_flag` = 1');
?>
<select name="employee_work_status_id">
<option value="" disabled="">Select a Work Status for this employee</option>
<?php
foreach ($workStatuses as $key => $work_status) {
echo '<option value="' . $work_status['work_status_id'] . '"' . ($employee['employee_work_status_id'] === $work_status['work_status_id'] ? ' selected' : '') . '>' . $work_status['work_status_name'] . '</option>';
}
?>
</select>
<label for="employee_work_status_id" class="active" style="top: 14px">Work Status</label>
</div>
<div class="input-field col s12 m6">
<input type="text" name="employee_id_num" value="<?php
echo $employee['employee_id_num'];
function moveFile($params)
{
global $fileDir, $thumbDir;
if (isset($params['name']) && isset($params['path']) && isset($params['newPath']) && isset($params['type']) && isset($params['id'])) {
// get the mapping that was passed
$name = $params["name"];
$path = $fileDir . $params["path"];
$newPath = $fileDir . $params["name"];
rename($path . $name, $newPath . $name);
if ($params['type'] == "images") {
$thumbPath = $thumbDir . $params["path"];
$newThumbPath = $thumbDir . $params["name"];
rename($thumbPath . $name, $newThumbPath . $name);
}
$sql = "UPDATE media SET path='" . $newPath . "' WHERE id='" . $params['id'] . "'";
if ($result = queryDatabase($sql)) {
sendSuccess();
} else {
die("Query failed");
}
} else {
die("Missing Parameters");
}
}
/**
* returns auto-increment for the table
*/
function getAutoIncrement($tablename)
{
$sql = "SELECT Auto_increment FROM information_schema.tables WHERE table_name='" . $tablename . "' AND table_schema='" . DB_NAME . "'";
$result = queryDatabase($sql);
$row = $result->fetch(PDO::FETCH_ASSOC);
$autoIncrement = $row['Auto_increment'];
return $autoIncrement;
}
function findSales($connection, $artistID)
{
$query = "select `itemArray`,`priceArray` from `receipts` where `itemArray` LIKE '%AN" . forceStringLength($artistID, 3, 0, true) . "%' OR `itemArray` LIKE '%PN" . forceStringLength($artistID, 3, 0, true) . "%';";
$database = queryDatabase($connection, $query);
return $database;
}
<div class="row">
<div class="card">
<div class="card-content white-text">
<div class="row">
<?php
// Store all factories to an array.
$factories = fetchAllRecordsFromTable('factory');
// Create a nested array ( Factory > Department > Section > Employees ).
foreach ($factories as $factoryKey => $factory) {
$departmentsForFactory = queryDatabase('SELECT * FROM `department` WHERE `department_factory_id` = ' . $factory['factory_id']);
$factories[$factoryKey]['departments'] = $departmentsForFactory;
foreach ($departmentsForFactory as $departmentKey => $department) {
$sectionsForDepartment = queryDatabase('SELECT * FROM `section` WHERE `section_department_id` = ' . $department['department_id']);
$factories[$factoryKey]['departments'][$departmentKey]['sections'] = $sectionsForDepartment;
foreach ($sectionsForDepartment as $sectionKey => $section) {
$employeesForSection = queryDatabase('SELECT * FROM `emp_section` INNER JOIN `employee` ON `emp_section`.`emp_section_employee_id` = `employee`.`employee_id` WHERE `emp_section_section_id` = ' . $section['section_id']);
$factories[$factoryKey]['departments'][$departmentKey]['sections'][$sectionKey]['employees'] = $employeesForSection;
}
}
}
?>
<!-- Factories Starts Here -->
<?php
foreach ($factories as $factoryKey => $factory) {
?>
<div class="col s12 m12 l12">
<div class="card blue-grey darken-3">
<div class="card-content white-text">
<?php
require 'config/initialize.php';
mustBeGuest();
if (isset($_POST['authForm'])) {
$username = sanitizeString($_POST['username'], $connection);
$fullName = sanitizeString($_POST['fullName'], $connection);
$password = sanitizeString($_POST['password'], $connection);
if ($username == "" || $fullName == "" || $password == "" || !ctype_alnum($username)) {
header("location: register.php");
} else {
$user = queryDatabase("SELECT username FROM user WHERE username='******'", $connection);
if ($user->num_rows) {
header("location: register.php");
} else {
// constString + newUserId + password
$newUserId = getLastId($connection) + 1;
$password = generatePassword($newUserId, $password);
$password = password_hash($password, PASSWORD_BCRYPT);
registerUser($username, $fullName, $password, $connection);
header('Location: authenticate.php');
}
}
}
view('auth/register');
function getUserPostsRange($userID, $from, $to, $conn)
{
return queryDatabase("SELECT * FROM post WHERE author='{$userID}' AND visible BETWEEN '{$from}' AND '{$to}' ORDER BY id DESC", $conn);
}
function sendUserInformation($params)
{
if (isset($params["email"])) {
$sendParams;
$sql = "SELECT * from user";
$sql .= " WHERE email=:email ";
$sendParams['email'] = $params['email'];
$result = queryDatabase($sql, $sendParams);
$count = 0;
while ($row = $result->fetch(PDO::FETCH_ASSOC)) {
$count++;
$body = "Here is your requested user information.\r\n";
$body .= "username: "******"username"] . "\r\n";
$body .= "password: "******"password"]) . "\r\n \r\n";
$email = $row["email"];
}
if ($count == 1) {
$headers = "From: mig@themapoffice.com \r\n";
$headers .= "Content-Type: text/plain; charset=UTF-8";
$headers .= "MIME-Version: 1.0 ";
mail($email, "Your MiG account information", $body, $headers);
sendSuccess();
} else {
if ($count == 0) {
die("No such email");
} else {
die("Contact System administrator");
}
}
} else {
die("No email was provided");
}
}
function duplicateRows($tablename, $idField, $idValue, $insertId)
{
$sendParams = array();
$sql = "SELECT * from `" . $tablename . "` WHERE " . $idField . "= :idvalue ";
$sendParams['idvalue'] = $idValue;
$result = queryDatabase($sql, $sendParams);
while ($row = $result->fetch(PDO::FETCH_ASSOC)) {
$sendParams = array();
$sql = "INSERT INTO `" . $tablename . "`";
// put field names into SQL
$sql .= "(";
foreach ($row as $key => $value) {
if ($key != 'id') {
$sql .= $key . ",";
}
}
// remove last comma
$sql = substr($sql, 0, strlen($sql) - 1);
$sql .= ")";
// put values into SQL
$sql .= " VALUES (";
foreach ($row as $key => $value) {
if ($key != 'id') {
if ($key == $idField) {
$sql .= "'" . $insertId . "',";
} else {
$sql .= ":" . $key . ",";
$sendParams[$key] = $value;
}
}
}
$sql = substr($sql, 0, strlen($sql) - 1);
$sql .= ")";
queryDatabase($sql, $sendParams, $insertid);
}
}
<?php
include_once "database.php";
$inputJSON = file_get_contents('php://input');
$input = json_decode($inputJSON, TRUE);
//convert JSON into array
queryDatabase($input["query"]);
<?php
session_start();
require 'config.php';
require 'aiml.php';
require 'prolog.php';
require 'database.php';
require 'xml.php';
$request = $_POST['request'];
$query = $_POST['query'];
switch ($request) {
case 'aiml':
echo queryAIML($query, $_POST['file']);
break;
case 'database':
echo queryDatabase($query, $_POST['value']);
break;
case 'xml':
echo getAimlXML();
break;
case 'update':
echo updateAiml($_POST['categories']);
break;
echo $request;
echo 'Error [Invalid request]';
break;
}
function cleanup($params)
{
$sql = "SELECT GROUP_CONCAT(id) as ids, countryid,COUNT(countryid) FROM `hsbc_world_alcohol_consumption_2003` GROUP BY countryid ORDER BY countryid";
if ($result = queryDatabase($sql)) {
while ($row = $result->fetch(PDO::FETCH_OBJ)) {
$arr = explode(",", $row->ids);
if (count($arr) > 1) {
//echo $row->ids. " " . $arr[1] . "<br>";
$sql = "DELETE FROM `hsbc_world_alcohol_consumption_2003` WHERE id='" . $arr[1] . "'";
queryDatabase($sql);
}
}
}
}
function checkSearchType($search)
{
if (isset($search) && mb_strlen($search) < 250) {
// Remove trailing spaces because they won't trigger our regex.
$newSearch = rtrim($search);
global $dqo;
foreach ($dqo as $d) {
// Our DatabaseQueryObject properties
$query = $d->query;
$parameters = $d->parameters;
$parameterTypes = $d->parameterTypes;
$regex = $d->regex;
$queryType = $d->queryType;
$lang = $d->lang;
// Is it one of our valid queries, and *NOT* a keyword search?
if ($queryType != 5 && preg_match($regex, $newSearch)) {
// We've got a match. Split the query into an array based on regex capture groups.
$contents = getPregSplitArray($regex, $newSearch);
// How big is our array?
$conCount = count($contents);
// This is where we'll put the temporary parameters once we've removed the empty ones.
$tmpParameters = array();
// Remove bad elements and insert into new array, $parameters.
for ($i = 0; $i < $conCount; $i++) {
// If it's not the first or last option (both of which are empty when using preg_split()), add it to the parameter list.
if ($i != 0 && $i != $conCount - 1) {
//echo "Index: [" . $i . "] value: " . $contents[$i] . "<br/>"; Great. Chinese is correct.
array_push($tmpParameters, $contents[$i]);
}
}
// This query was for Song of Solomon. Combine tmpParameters[0], tmpParameters[1], and tmpParameters[2] to create a single book.
if (strtolower($tmpParameters[0]) == "song") {
// Combine the full book name.
$bookName = $tmpParameters[0] . " " . $tmpParameters[1] . " " . $tmpParameters[2];
array_push($parameters, $bookName);
for ($j = 0; $j < count($tmpParameters); $j++) {
// Make sure we skip the book name. We already combined that.
if ($j != 0 && $j != 1 && $j != 2) {
array_push($parameters, $tmpParameters[$j]);
}
}
} else {
if (is_numeric($tmpParameters[0])) {
// Combine the full book name.
$bookName = $tmpParameters[0] . " " . $tmpParameters[1];
array_push($parameters, $bookName);
for ($j = 0; $j < count($tmpParameters); $j++) {
// Make sure we skip the book name. We already combined that.
if ($j != 0 && $j != 1) {
array_push($parameters, $tmpParameters[$j]);
}
}
} else {
if (is_string($tmpParameters[0])) {
$parameters = $tmpParameters;
}
}
}
// Everything looks good. Let's start the parameterization process, and return the results to the visitor.
$results = queryDatabase($query, $parameters, $parameterTypes, $queryType, $newSearch, $lang);
// Found something
if (strlen($results) > 10) {
return $results;
}
} else {
if (preg_match($regex, $newSearch) && $queryType == 5) {
$results = queryDatabase($query, array($newSearch), $parameterTypes, $queryType, $newSearch, $lang);
if (strlen($results) > 10) {
return $results;
}
}
}
}
} else {
return "No results found.";
}
return "No results found.";
}
