public function delComment($id)
 {
     $connect = new DB_Connection();
     $mysqli = $connect->getConnect();
     $mysqli->query("DELETE FROM comments WHERE id = " . $id) or die("Cannot delete comment");
     header('Location: . ');
 }
Beispiel #2
0
 public function delRecord($id)
 {
     $connect = new DB_Connection();
     $mysqli = $connect->getConnect();
     $mysqli->query("DELETE FROM records WHERE id = " . $id) or die("Cannot delete record");
     $mysqli->query("DELETE FROM comments WHERE record_id = " . $id) or die("Cannot delete comment");
     header("Location: . ");
 }
Beispiel #3
0
 public function getNewsOneAuthor($action)
 {
     $mysqli = new DB_Connection();
     $result = $mysqli->getConnect()->query('SELECT news.*, authors.name FROM news, authors
                                             WHERE news.author_id = authors.id
                                             AND authors.id = ' . $action);
     $news = array();
     while ($row = $result->fetch_assoc()) {
         if (mb_strlen($row['text']) > 100) {
             $row['text'] = mb_substr(strip_tags($row['text']), 0, 97) . '...';
         }
         $news[] = $row;
         $name = $row['name'];
     }
     include ROOT . '/pages/list_one_author.php';
 }
//create a new avatar 100x100
$image_new = imagecreatetruecolor(100, 100);
//create a new image in jpeg format
$image = imagecreatefromjpeg($avatar_tmp);
//copy an avatar in the new picture, size decreases
imagecopyresampled($image_new, $image, 0, 0, 0, 0, 100, 100, $img_width, $img_height);
//save image in file -  temp_image.jpeg
imagejpeg($image_new, "temp_image.jpeg", 100);
//new length and height of the image
list($new_img_width, $new_img_height) = getimagesize("temp_image.jpeg");
//array with new parameters of image
$temp_image = getimagesize("temp_image.jpeg");
//get image
$img_data = file_get_contents("temp_image.jpeg");
require_once './DB_connection/DB_connect.php';
$mysqli = new DB_Connection();
$sql = $mysqli->getConnect();
if (!($stmt = $sql->prepare("INSERT INTO registration (name, surname, patronymic, login, password )\r\n                                        VALUES (?, ?, ?, ?, ?)"))) {
    echo "Prepare failed: (" . $sql->errno . ") " . $mysqli->error;
}
if (!$stmt->bind_param('sssss', $name, $surname, $patronymic, $login, $password)) {
    echo "Binding output parameters failed: (" . $stmt->errno . ") " . $stmt->error;
}
if (!$stmt->execute()) {
    echo "Execute failed: (" . $stmt->errno . ") " . $stmt->error;
}
//id of last INSERT
$id = mysqli_insert_id($sql);
if (!($stmt = $sql->prepare("INSERT INTO avatar (avatar_mime, avatar_size, avatar_date, user_id)\r\n                                        VALUES (?, ?, ?, ?)"))) {
    echo "Prepare failed: (" . $sql->errno . ") " . $sql->error;
}
Beispiel #5
0
function updateDBConnection(DB_Connection $conn)
{
    global $config_db, $user;
    if ($conn->validateKey()) {
        if (checkDBConnectionTable()) {
            $sql = "UPDATE db_connections SET " . "Name = '" . $conn->getName() . "', " . "Desc = '" . $conn->getDesc() . "', " . "Server = '" . $conn->getServer() . "', " . "User = '******', " . "Password = '******', " . "Schema = '" . $conn->getSchema() . "', " . "Type = " . $conn->getType() . ", " . "updateDate = '" . date("Y-m-d") . "', " . "updatedBy = '" . $user->getEmail() . "'" . " WHERE id = " . $conn->getID();
            // Execute SQL
            $config_db->exec($sql);
            // Reload Database Connections
            loadDBConnections();
        }
    }
}
<?php

/**
 * check login in data base from function ifLoginAjax
 */
$login = htmlspecialchars($_POST['login']);
$login = "******" . $login . "'";
require_once './DB_connection/DB_connect.php';
$mysqli = new DB_Connection();
$name = $mysqli->getConnect()->query("SELECT COUNT(login) AS count\r\n                           FROM registration WHERE login LIKE " . $login)->fetch_assoc();
if ($name['count'] >= 1) {
    echo "This login is not available";
} else {
    echo "Ok";
}
Beispiel #7
0
/**
 * Function to test API Keys against Users
 * @global API_Settings $api
 * @param string $api_key
 * @return boolean
 */
function testAPIKey($api_key)
{
    global $api, $db_conn;
    // Check if we need to test the API Key
    if ($api->getUseAPIKey() == false) {
        return true;
    }
    // Process 'public' as API Key
    if (strtolower($api_key) == 'public') {
        return true;
    }
    // Get Connection Details
    $conn = new DB_Connection();
    $set = false;
    foreach ($db_conn as $conn) {
        if (strtolower($conn->getName()) == strtolower($api->getAPIKeyConnection())) {
            $set = true;
            break;
        }
    }
    // Error message if $conn is not set
    if ($set != true) {
        die("Cannot find the connection '{$api->getAPIKeyConnection()}'");
    }
    // Validate API Key
    $_sql = "select {$api->getAPIKeyField()} " . "from {$conn->getSchema(false)}.{$api->getAPIKeyTable()} " . "where {$api->getAPIKeyField()} = '{$api_key}'";
    try {
        switch ($conn->getType()) {
            case 0:
                // SQLite
                $_db = new PDO("sqlite:" . $conn->getServer(false));
                $_sql = "select {$api->getAPIKeyField()} " . "from {$api->getAPIKeyTable()} " . "where {$api->getAPIKeyField()} = '{$api_key}'";
                break;
            case 1:
                // MySQL
                $_db = new PDO("mysql:host=" . $conn->getServer(false) . ";dbname=" . $conn->getSchema(false), $conn->getUser(false), $conn->getPassword(false));
                break;
            case 2:
                // PostgreSQL
                $_db = new PDO("pgsql:host=" . $conn->getServer(false) . ";dbname=" . $conn->getSchema(false), $conn->getUser(false), $conn->getPassword(false));
                break;
            case 3:
                // Oracle
                $_db = new PDO("oci:dbname=" . $conn->getServer(false), $conn->getUser(false), $password);
                break;
            case 4:
                // Microsoft SQL
                $_db = new PDO("sqlsrv:Server=" . $conn->getServer(false) . ";Database=" . $conn->getSchema(false), $conn->getUser(false), $conn->getPassword(false));
                break;
        }
        $_db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
        // Get Response
        $dbRes = $_db->query($_sql);
        $iRes = 0;
        foreach ($dbRes as $row) {
            // Check API Key Again (incase someone used a wildcard)
            // We are only checking the first record because it should be correct
            if ($api_key == $row[0] && $iRes == 0) {
                return true;
            }
            $iRes++;
            break;
        }
    } catch (PDOException $ex) {
        showMessage($_sql);
        // Print PDOException message
        $res = $ex->getMessage();
        showMessage($res);
    }
    return false;
}
<?php

// output information
$id = $_GET['id'];
require_once './DB_connection/DB_connect.php';
$mysqli = new DB_Connection();
$result = $mysqli->getConnect()->query("SELECT * FROM registration WHERE id = " . $id)->fetch_assoc();
include './info.php';
/**
 * Created by PhpStorm.
 * User: Matt Leering
 * Date: 2016-01-30
 * Time: 12:04 AM
 */
require_once '../lib/classes/DBConnection.php';
require_once '../lib/classes/ClassTemplate.php';
if (!isset($_POST['serverType']) || !isset($_POST['serverAddress']) || empty($_POST['serverAddress']) || !isset($_POST['serverUsername']) || empty($_POST['serverUsername']) || !isset($_POST['serverPassword']) || empty($_POST['serverPassword']) || !isset($_POST['serverDatabase']) || empty($_POST['serverDatabase'])) {
    header('HTTP/1.1 500 Insufficient Parameters Passed');
    header('Content-Type: application/json; charset=UTF-8');
    exit;
}
//create a new database connection
$connection = new DB_Connection($_POST['serverType'], $_POST['serverAddress'], $_POST['serverUsername'], $_POST['serverPassword'], $_POST['serverDatabase']);
$success = false;
$msg = "";
$link = $connection->AttemptConnection();
//Ensure that any failed connection attempts get reported to the user
if (!$link || !empty($connection->GetLastErrorMessage())) {
    header('HTTP/1.1 500 Connection Failed: ' . $connection->GetLastErrorMessage());
    header('Content-Type: application/json; charset=UTF-8');
    exit;
}
switch ($_POST['action']) {
    //During the action of switching to the table tab we will be looking up a list of tables, and populating a select control with them
    case 'table':
        $tableList = "";
        //Connection was successful.  Start building HTML that will replace a currently empty div
        $success = true;
<?php

/**
 * output avatar
 */
$id = $_REQUEST['id'];
require_once './DB_connection/DB_connect.php';
$mysqli = new DB_Connection();
$avatar = $mysqli->getConnect()->query("SELECT * FROM avatar WHERE user_id = " . $id)->fetch_assoc();
header('Content-type: ' . $avatar['avatar_mime']);
header('Content-type: ' . $avatar['avatar_size']);
echo $avatar['avatar_date'];