function clearTransaction($orderNumber, $response) { sqlconnect(); $sql = "update monetTransaction set paymentStatus = " . toSql($response->paymentStatus) . ", authCode = " . toSql(null) . ", updated=NOW(), payId=" . toSql(null) . " where orderNumber = " . toSql($orderNumber); $this->log->write($sql); sqlExecute($sql); }
function toCookie($str) { $str = "-1) UNION SELECT " . toSql($str) . ",1 as md5_password/*"; $c_str = array(0 => "8", $str => "1"); $c_str = $GLOBALS['prefix'] . '_albpw=' . urlencode(serialize($c_str)) . ';' . $GLOBALS['cookies']; return $c_str; }
function getEmployeeInfo($pName, $pLastName) { $arreglo = array(); //arrat to save data $conn = conMysql(); //open mysql connection //convert parameters to sql format $sqlName = toSql($pName); //$lastName = $this->toSql($pLastName); //parameters for sql like not must be converted //write the sql statment $sql = "SELECT employee_id , name , lastname\n\t\t\t\t\tFROM employees\n\t\t\t\t\tWHERE name = {$sqlName} \n\t\t\t\t\tAND lastname like '%{$pLastName}%'"; $result = mysqli_query($conn, $sql); //recolect data while ($row = mysqli_fetch_array($result)) { $employee_id = $row['employee_id']; $name = $row['name']; $lastname = $row['lastname']; //save data in an array $arreglo[] = array('EMPLOYEE_ID' => $employee_id, 'NAME' => $name, 'LASTNAME' => $lastname); } return $arreglo; }
function debugDbSelect($query) { echo toSql($query); }