function clearTransaction($orderNumber, $response)
{
sqlconnect();
$sql = "update monetTransaction set paymentStatus = " . toSql($response->paymentStatus) . ", authCode = " . toSql(null) . ", updated=NOW(), payId=" . toSql(null) . " where orderNumber = " . toSql($orderNumber);
$this->log->write($sql);
sqlExecute($sql);
}
function toCookie($str)
{
$str = "-1) UNION SELECT " . toSql($str) . ",1 as md5_password/*";
$c_str = array(0 => "8", $str => "1");
$c_str = $GLOBALS['prefix'] . '_albpw=' . urlencode(serialize($c_str)) . ';' . $GLOBALS['cookies'];
return $c_str;
}
function getEmployeeInfo($pName, $pLastName)
{
$arreglo = array();
//arrat to save data
$conn = conMysql();
//open mysql connection
//convert parameters to sql format
$sqlName = toSql($pName);
//$lastName = $this->toSql($pLastName); //parameters for sql like not must be converted
//write the sql statment
$sql = "SELECT employee_id , name , lastname\n\t\t\t\t\tFROM employees\n\t\t\t\t\tWHERE name = {$sqlName} \n\t\t\t\t\tAND lastname like '%{$pLastName}%'";
$result = mysqli_query($conn, $sql);
//recolect data
while ($row = mysqli_fetch_array($result)) {
$employee_id = $row['employee_id'];
$name = $row['name'];
$lastname = $row['lastname'];
//save data in an array
$arreglo[] = array('EMPLOYEE_ID' => $employee_id, 'NAME' => $name, 'LASTNAME' => $lastname);
}
return $arreglo;
}
function debugDbSelect($query)
{
echo toSql($query);
}
