function showAllUsers()
{
// Create DB connection
require_once __ROOT__ . '/admin/include/DBclass.php';
$sqlConn = new DBclass("nazmarket");
$result = $sqlConn->exeQuery("SELECT * FROM user, usertype WHERE user.usertype_idusertype = usertype.idusertype");
echo $result->num_rows;
echo '<form method="post"> ';
echo '<table cellspacing="5"><tr> <td></td> <td><b>First name</b><hr></td> <td><b>Last name</b>' . '<hr></td> <td><b>Email</b><hr></td> <td><b>Address</b><hr></td> <td><b>Phone</b><hr></td> ' . '<td><b>Registration date</b><hr></td> <td><b>Type</b><hr></td> <td></td></tr>';
while ($row = $result->fetch_assoc()) {
echo "<tr>";
echo "<td><button type='submit' name='edit' value='" . $row['iduser'] . "'>Edit</button></td>";
echo "<td>" . $row['firstname'] . "</td>";
//$articleImageSrc = __ROOT__."/uploads/article/image/".$row['articleimage'];
echo "<td> " . $row['lastname'] . "</td>";
echo "<td>" . $row['email'] . "</td>";
echo "<td>" . $row['address'] . "; " . $row['postnumber'] . "; " . $row['city'] . "</td>";
echo "<td>" . $row['phone'] . "</td>";
echo "<td>" . $row['timeAndDate'] . "</td>";
echo "<td>" . $row['idusertype'] . "</td>";
echo "<td><button type='submit' name='delete' value='" . $row['iduser'] . "'>Delete</button></td>";
echo "</tr> ";
}
echo '</table>';
echo '</form>';
}
function insertArticleIntoDB()
{
// Create DB connection
require_once __ROOT__ . '/admin/include/DBclass.php';
$sqlConn = new DBclass("nazmarket");
// Extract received informations.
// Do checks for SQL injection, data times and other limitations.
$articlename = $sqlConn->realEscapeString(filter_input(INPUT_POST, 'articlename', FILTER_DEFAULT));
$idcategory = $sqlConn->realEscapeString(filter_input(INPUT_POST, 'idcategory', FILTER_DEFAULT));
$idcompany = $sqlConn->realEscapeString(filter_input(INPUT_POST, 'idcompany', FILTER_DEFAULT));
$idunit = $sqlConn->realEscapeString(filter_input(INPUT_POST, 'idunit', FILTER_DEFAULT));
$articlecomment = $sqlConn->realEscapeString(filter_input(INPUT_POST, 'articlecomment', FILTER_DEFAULT));
$price = $sqlConn->realEscapeString(filter_input(INPUT_POST, 'price', FILTER_DEFAULT));
$available = $sqlConn->realEscapeString(filter_input(INPUT_POST, 'available', FILTER_DEFAULT));
// Corresponds to the name in HTML.
$articleimage = uploadFile("articleimage");
if ($articleimage == -1) {
$articleimage = "";
}
// $articleName =
//[articlename] => [idcategory] => 1 [idcompany] => 1 [articlecomment] => e.g. 500 [idunit] => 1 [price]
// Insert:
$query = "INSERT INTO article (articlename, idcategory, idcompany, idunit,\r\n price, articlecomment, articleimage, available) \r\n VALUES ('" . $articlename . "','" . $idcategory . "','" . $idcompany . "'," . $idunit . "," . $price . ",'" . $articlecomment . "','" . $articleimage . "'," . $available . ")";
echo "<br/>" . $query . "<br/>";
$sqlConn->exeQuery($query);
// Remove DB connection
unset($sqlConn);
}
function login($emailPOST, $passwordPOST)
{
echo "login()<br/>";
// Create DB connection
require_once __ROOT__ . '/admin/include/DBclass.php';
$sqlConn = new DBclass();
// Check for the submit data
$email = $sqlConn->realEscapeString($emailPOST);
$password = $sqlConn->realEscapeString($passwordPOST);
// React if email/password are empty or wrong
echo $email;
echo $password;
// Get user with email info from the database
$query = "SELECT * FROM user WHERE user.email='" . $email . "'";
$result = $sqlConn->exeQuery($query);
// Email address is unique in the database. Check if the user is logged on.
if ($result->num_rows == 1) {
$user = $result->fetch_assoc();
$emailDB = $user['email'];
$passwordDB = $user['password'];
$passwordEncrypt = base64_encode(mcrypt_encrypt(MCRYPT_RIJNDAEL_256, md5($email), $password, MCRYPT_MODE_CBC, md5(md5($email))));
// Check if user exists and password matches
if (strcmp($email, $emailDB) == 0 and strcmp($passwordEncrypt, $passwordDB) == 0) {
echo "Loggin suffessfull...<br/>";
return 1;
}
} else {
echo "Loggin ERROR...<br/>";
return 0;
}
}
function updateArticle($saveEdit)
{
// Create DB connection
require_once __ROOT__ . '/admin/include/DBclass.php';
$sqlConn = new DBclass("nazmarket");
$articlename = $sqlConn->realEscapeString(filter_input(INPUT_POST, 'articlename', FILTER_DEFAULT));
$idcategory = $sqlConn->realEscapeString(filter_input(INPUT_POST, 'idcategory', FILTER_DEFAULT));
$idcompany = $sqlConn->realEscapeString(filter_input(INPUT_POST, 'idcompany', FILTER_DEFAULT));
$idunit = $sqlConn->realEscapeString(filter_input(INPUT_POST, 'idunit', FILTER_DEFAULT));
$articlecomment = $sqlConn->realEscapeString(filter_input(INPUT_POST, 'articlecomment', FILTER_DEFAULT));
$price = $sqlConn->realEscapeString(filter_input(INPUT_POST, 'price', FILTER_DEFAULT));
$available = $sqlConn->realEscapeString(filter_input(INPUT_POST, 'available', FILTER_DEFAULT));
$query = "UPDATE article SET \r\n articlename='" . $articlename . "',\r\n idcategory=" . $idcategory . ",\r\n idcompany=" . $idcompany . ",\r\n idunit='" . $idunit . "',\r\n articlecomment='" . $articlecomment . "',\r\n price=" . $price . ",\r\n available=" . $available . " \r\n WHERE idarticle=" . $saveEdit;
echo $query;
$sqlConn->exeQuery($query);
}
function showAllArticles()
{
// Create DB connection
require_once __ROOT__ . '/admin/include/DBclass.php';
$sqlConn = new DBclass("nazmarket");
$result = $sqlConn->exeQuery("SELECT * FROM article, category, company, unit " . " WHERE ((article.idcategory = category.idcategory) AND " . " (article.idcompany = company.idcompany) AND " . " (article.idunit = unit.idunit))");
echo '<form method="post"> ';
while ($row = $result->fetch_assoc()) {
echo '<div class="ProductIcon">';
//$articleImage = __ROOT__."/uploads/article/image/".$row['articleimage'];
$articleImage = "uploads/article/image/" . $row['articleimage'];
echo '<img class="ProductIcon" src="' . $articleImage . '" alt=""width="200" Height="120" " </img> ';
echo '<br><br>';
echo $row['articlename'] . '<br>';
echo $row['price'] . 'e';
echo '<br>';
echo $row['articlecomment'] . $row['unitname'];
echo '<br>';
echo $row['companyname'];
echo '<a class="addButton"href="#"> Add </a>';
echo '</div>';
}
echo '</form>';
}
<?php
$dir_path = dirname(__FILE__) . '/';
$module_path = $dir_path . 'Modules/';
$view_path = $dir_path . 'Views/';
include $dir_path . 'includes/config.php';
$databaseobject = new DBclass();
extract($_GET);
$email = $_GET['uname'];
$replymsg = "";
$sql = mysql_query("select * from users where del_status='1' and email ='" . $email . "'");
if (mysql_num_rows($sql) > 0) {
$row = mysql_fetch_array($sql);
$username = $row['email'];
$password = $row['password'];
$headers = "MIME-Version: 1.0\r\n";
$headers .= "Content-type: text/html; charset=iso-8859-1\r\n";
$headers .= "From: Savostore.com";
$emailkey = $databaseobject->keygen('10');
$Addarray = array('email' => $email, 'keyword' => $emailkey, 'senddate' => date('Y-m-d H:i:s'), 'status' => '1');
$resetlink = HREF_LINK . 'login/reset-password/' . $emailkey . '/';
$description = "We revieved a forgot password request from your side. Find your account details below.";
$IMAGES_DIR_NAME = HREF_LINK . "images/";
$msg = '
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
function aggiungi_servizio($ipw, $d, $ips, $p)
{
$all_valid = true;
// echo $ipw."<br>";
// echo "porta=".$p."<br>";
if (!empty($d)) {
$valid = ip2long($ipw) !== false;
if (!$valid) {
$ipw .= "(Indirizzo non Valido)";
$all_valid = false;
}
$valid = ip2long($ips) !== false;
// echo $ips."<br>";
if (!$valid) {
$all_valid = false;
$ipm .= "(Indirizzo non Valido)";
}
}
if ($all_valid) {
$db = new DBclass();
$db->connetti();
$colonne = array("ID", "nome", "ip_wifi", "ip_man", "interface", "creato", "attivo", "registrato");
$condizioni = "ip_wifi='" . $ipw . "'";
if ($nodo = $db->estrai_record("nodi", $colonne, $condizioni)) {
// echo var_dump($nodo)."<br>";
$ID = $nodo[0]["ID"];
$colonne = array("ip", "porta");
// echo $ID."<br>";
$condizioni = "id_nodo =" . $ID . " and ip='" . $ips . "' and porta='" . $p . "'";
// $db->estrai_record("servizi",$colonne,$condizioni);
if (!($servizio = $db->estrai_record("servizi", $colonne, $condizioni))) {
// echo var_dump($servizio)."<br>";
$db->inserisci("servizi", array($ID, $ips, $p, $d), array("id_nodo", "ip", "porta", "descrizione"));
} else {
$ips .= "(Servizio esistente)";
}
} else {
$ipw .= "(Nodo Non Registrato)";
}
$db->disconnetti();
}
return array($ipw, $d, $ips, $p);
}
<?php session_start(); $dir_path = dirname(__FILE__) . '/'; $module_path = $dir_path . 'Modules/'; $view_path = $dir_path . 'Views/'; include $dir_path . 'includes/config.php'; $databaseobject = new DBclass(); /********************************************************** DoExpressCheckoutPayment.php This functionality is called to complete the payment with PayPal and display the result to the buyer. The code constructs and sends the DoExpressCheckoutPayment request string to the PayPal server. Called by GetExpressCheckoutDetails.php. Calls CallerService.php and APIError.php.
<?php
ob_start();
session_start();
$request = $_SERVER['REQUEST_URI'];
$adminsearch = explode("/", $request);
if (array_search("server", $adminsearch)) {
include "server/index.php";
exit;
}
$dir_path = dirname(__FILE__) . '/';
$class_path = $dir_path . 'Controller/classes/';
$module_path = $dir_path . 'Modules/';
$view_path = $dir_path . 'Views/';
include $dir_path . 'includes/config.php';
$databaseobject = new DBclass();
$functionsobject = new GosuPokerFunctions();
$loginStatus = $databaseobject->set_login_id();
$lastact = $databaseobject->set_lastaction();
if ($_POST['login'] || $_POST['login_x']) {
$a = session_id();
$_SESSION[session_id() . 'useremail'] = $_POST['useremail'];
$na = "'" . $_POST['useremail'] . "'";
$chk = "select * from " . $_POST['usertype'] . " where email=" . $na;
$chk1 = @mysql_query($chk);
if (@mysql_num_rows($chk1) > 0) {
$tt = "test";
} else {
$sql = "INSERT INTO temp_email(email,e_date) VALUES ('" . $_POST['email'] . "','" . time() . "')";
mysql_query($sql);
}
// $operazione="Disegna";
}
$lista = substr($lista, 0, strlen($lista) - 1);
}
}
#---------------------------------------------------------------------------------------
#---------------------------------------------------------------------------------------
# Sezione Tracciamento Grafici
#---------------------------------------------------------------------------------------
if ($operazione == "Disegna") {
$ora = date("H");
$giorno = date("d");
$mese = date("M");
$anno = date("Y");
$lista = $_POST['lista'];
$db = new DBclass();
$db->connetti();
$nodi = $db->estrai_record("nodi", array("ID", "nome", "ip_wifi", "ip_man", "interface", "creato", "attivo", "registrato"));
$db->disconnetti();
$a = explode("|", $lista);
//lista dei grafici da tracciare
//var_dump($a);
// $giorno="24";
// $mese="Sep";
// $anno="2014";
$vin_max = "0";
$vout_max = "0";
$medie = array();
foreach ($a as $l) {
// echo var_dump($l);
$ll = explode("@", $l);
<?php
$dir_path = dirname(__FILE__) . '/';
$class_path = $dir_path . 'Controller/classes/';
$module_path = $dir_path . 'Modules/';
$view_path = $dir_path . 'Views/';
include $dir_path . 'includes/config.php';
$databaseobject = new DBclass();
if (isset($_GET['email'])) {
$uemail = trim($_GET['email']);
$sql = "Select email from news_subscribe where email ='" . $uemail . "' and del_status != '2'";
$semail = $databaseobject->get_name_using_id($sql);
if (trim($semail) == '') {
$cdate = date("Y-m-d H:i:s");
mysql_query("INSERT INTO news_subscribe (email,created,del_status) VALUES ('" . $uemail . "','" . $cdate . "','1')");
echo mysql_error();
echo " Thanks You ! You are successfully subscribe for Savostore Newsletter.";
} else {
echo "You are allready subscribe in Savostore.";
}
} else {
echo " Invalid Information Found!";
}
function PF_SMS($conn, $mobile, $smsbody, $sendTime)
{
if ($mobile == '') {
return;
}
if (mb_strwidth($mobile) < 10) {
$msg = "長度不足";
}
if (is_numeric($mobile) == false) {
$msg = "格式錯誤";
}
//$messageid=date("YmdHis").floor(microtime()*1000);
if ($msg == "") {
/*
username 會員帳號
password 會員密碼
dstaddr 接收簡訊之手機號碼,一次發送多筆號碼可用逗號隔開(不可超過 50 筆)。
國內號碼 09 開頭,十碼的數字;
國際號碼請在開頭多個%2b
例如傳大陸: %2b8613681912700 其中 86 是大陸國碼,
後面(以 13、15、18 開頭) 11 位數字是
大陸手機號碼。 encoding BIG5/ASCII/UCS2/PBIG5/PASCII/LBIG5/LASCII/LUCS2/PUSH
預設值為 BIG5 (註: 此 encoding 可提供簡訊購作訊息處理,
以及手機接收訊息後該用何 種編碼讀取等之用。
P 表 POPUP 簡訊、L 表長簡訊、PUSH 表 wap push)
smbody 簡訊內容,中英文長度為 70 個字元,純英文為 160 個字元
若 encoding 為 LBIG5/LASCII/LUCS2,則大小為 330個中英文字 若 encoding 為 PUSH,
則此欄為 wap push title dlvtime 預約時間,
格式為 YYYY/MM/DD hh24:mm:ss wapurl PUSH 當 encoding 設為 PUSH 才可以使用這個 tag replyurl receiver 若有回覆簡訊時,vender 用來接收該回覆訊息的網址。(需另計點) 當 encoding 設為 BIG5/ASCII/UCS2 才可以使用這個 tag replydays 收取用戶回覆的天數,預設為 3(天)最大值不能超過 30(天), 當 encoding 設為 BIG5/ASCII/UCS2 才可以使用這個 tag response 狀態回報網址,預設為空字串(不回報)
*/
$postdata = "username="******"&password="******"&dstaddr=" . $mobile;
$postdata .= "&smbody=" . $smsbody;
$body = PF_geturlpost("http://www.smsgo.com.tw/sms_gw/sendsms.aspx", $postdata);
//$body="msgid=1512100111447143\r\nstatuscode=0\r\nstatusstr=OK\r\npoint=1";
$array = explode("\r\n", $body);
//PF_print(count($array));
if (count($array) >= 5) {
$msgid = $array[0];
$statuscode = str_replace("statuscode=", "", $array[1]);
$statusstr = str_replace("statusstr=", "", $array[2]);
$point = str_replace("point=", "", $array[3]);
$DB = new DBclass();
$DB->conn = $conn;
//$DB->Debug="1";
$DB->Table = "smslog";
$DB->NFieldAdd("id", $msgid, "S", "自動編號", "N");
$DB->NFieldAdd("smsbody", $smsbody, "S", "簡訊內容", "Y");
$DB->NFieldAdd("mobile", $mobile, "S", "手機", "Y");
$DB->NFieldAdd("status", $statuscode, "S", "狀態", "N");
$DB->NFieldAdd("msg", $statusstr, "S", "狀態訊息", "N");
//$DB->NFieldAdd("lastpoint",$point,"N","最後點數","N");
$DB->NFieldAdd("usepoint", 1, "N", "最後點數", "N");
$DB->NFieldAdd("adddate", "DATE", "D", "建立時間", "N");
$DB->Action = "insert";
$DB->Execute();
return $msg;
}
}
}
} else {
$lista = $lista . $_POST['grafico'];
}
//echo "operazione ".$operazione."<br>";
$db = new DBclass();
$db->connetti();
$nodi = $db->estrai_record("nodi", array("ID", "nome", "ip", "location", "fetch_url"));
$db->disconnetti();
}
#---------------------------------------------------------------------------------------
#---------------------------------------------------------------------------------------
# Sezione Tracciamento Grafici
#---------------------------------------------------------------------------------------
if ($operazione == "Disegna") {
$lista = $_POST['lista'];
$db = new DBclass();
$db->connetti();
// $nodi = $db->estrai_record("nodi",array ("ID","nome","ip_wifi","ip_man","interface","creato","attivo","registrato"));
$nodi = $db->estrai_record("nodi", array("ID", "nome", "ip", "location", "fetch_url"));
// $db->disconnetti();
$a = explode("|", $lista);
//lista dei grafici da tracciare
// var_dump($a);
// echo "<br>";
$vmax = 0;
foreach ($a as $l) {
// echo var_dump($l);
$ll = explode("@", $l);
// echo $ll[1],"-".$ll[0]."-".$ll[2]."<br>";
// $condizione=sprintf("id_nodo = '%s' and giorno ='%s' and mese='%s' and anno='%s' group by left(ora,2) order by ID",$ll[2],$giorno,$mese,$anno);
$group = "left(ora_remota,2)";
<?php
$dir_path = dirname(__FILE__) . '/';
$module_path = $dir_path . 'Modules/';
$view_path = $dir_path . 'Views/';
include $dir_path . 'includes/config.php';
$databaseobject = new DBclass();
extract($_GET);
$uname = $_GET['uname'];
$pass = $_GET['pass'];
$sql = "select email,password from users where del_status='1' and email = '" . $uname . "' and password='******'";
$count = $databaseobject->get_num_rows($sql);
if ($count > 0) {
$msg = '';
} else {
$msg = "Security Message is not same,Please try again";
}
echo $msg;
exit;
<?php
ob_start();
session_start();
$dir_path = dirname(__FILE__) . '/';
$module_path = $dir_path . 'Modules/';
$view_path = $dir_path . 'Views/';
include $dir_path . 'includes/config.php';
$databaseobject = new DBclass();
require "twitter/twitteroauth.php";
require 'config/twconfig.php';
require 'config/functions.php';
if (!empty($_GET['oauth_verifier']) && !empty($_SESSION['oauth_token']) && !empty($_SESSION['oauth_token_secret'])) {
// We've got everything we need
$twitteroauth = new TwitterOAuth(YOUR_CONSUMER_KEY, YOUR_CONSUMER_SECRET, $_SESSION['oauth_token'], $_SESSION['oauth_token_secret']);
// Let's request the access token
$access_token = $twitteroauth->getAccessToken($_GET['oauth_verifier']);
// Save it in a session var
$_SESSION['access_token'] = $access_token;
// Let's get the user's info
$user_info = $twitteroauth->get('account/verify_credentials');
print_r($_SESSION);
echo "<pre>";
print_r($user_info);
echo "</pre>";
if (isset($user_info->error)) {
header('Location: login-twitter.php');
} else {
$uid = $user_info->id;
$username = $user_info->name;
$sql = "Select email from " . USERS_TABLE . " where email ='" . $uid . "' AND sitelogin='******' AND del_status='1'";
<table style="border: 3px solid black; width:900px; background-image: url(sfondi/nuvole.jpg);border: 3px solid black;" align="center" background="”nuvole.jpg”" cellpadding="0" cellspacing="0">
<tr>
<?php
include "menu.html";
?>
<!-- <td style="border: 1px solid black;background-color: rgb(238, 238, 238); height: 200px; width: 700px; vertical-align: top; color: rgb(249, 57, 6);">-->
<td style="border: 1px solid black;background-image: url(weblink21.gif); height: 200px; width: 800px; vertical-align: top; color: rgb(249, 57, 6);">
<!-- Form di Registrazione dati del Nodo -->
<h3 style="text-align: center;" >Elenco dei Nodi</h3>
<table border="1" style="width:60%; color: blue;" align="center">
<?php
// echo "<tr style=".'"text-align: center; color:black;"'."> <td>Nome</td> <td>IP Antenna</td><td>IP Manutenzione</td> <td>Interfaccia</td><td>Registrato</td></tr>";
$db = new DBclass();
$db->connetti();
$nodi = $db->estrai_record("nodi", array("ID", "nome", "location", "ip", "fetch_url", "attivo", "creato"));
// $servizi= $db->estrai_record("servizi",array ("descrizione","ip","porta"));
// echo count($nodi);
if (count($nodi) > 0) {
// var_dump($nodi[0]);
foreach ($nodi as $row) {
$servizi = array();
// $servizi= $db->estrai_record("servizi",array ("descrizione","ip","porta"),"id_nodo='".$row['ID']."'");
// var_dump($servizi);
$data_ora = explode(" ", $row['creato']);
$attivo = "No";
$colore = '"text-align: center; color:red;"';
if ($row['attivo']) {
$attivo = "Si";
<?php
$dir_path = dirname(__FILE__) . '/';
$class_path = $dir_path . 'Controller/classes/';
$module_path = $dir_path . 'Modules/';
$view_path = $dir_path . 'Views/';
include $dir_path . 'includes/config.php';
$databaseobject = new DBclass();
$functionsobject = new GosuPokerFunctions();
$loginStatus = $databaseobject->set_login_id();
if ($databaseobject->get_login_id() && $_SERVER['QUERY_STRING'] == '=') {
//2nd arg logout button event
if ($databaseobject->unset_login_id()) {
$databaseobject->redirect(HREF_LINK);
}
}
if (!$databaseobject->get_login_id() && !$databaseobject->check_login_status()) {
//Chk Login status
include LOGIN_PAGE;
} else {
//echo '<pre>'; print_r($_SESSION);
//echo 'SUCCESS';
/* Controller classes */
require_once $class_path . 'controller.class.php';
/* Initialize Controller */
if (isset($_SESSION['usr_type'])) {
if ($_SESSION['usr_type'] == 'admin') {
$redirect_to = $_SERVER['REQUEST_URI'];
}
if ($_SESSION['usr_type'] == 'employee') {
//print_r($_POST);
function checkRegisterParams()
{
// Create DB connection
require_once __ROOT__ . '/admin/include/DBclass.php';
$sqlConn = new DBclass();
// Check for the submit data
$email = $sqlConn->realEscapeString(filter_input(INPUT_POST, 'email', FILTER_DEFAULT));
$firstname = $sqlConn->realEscapeString(filter_input(INPUT_POST, 'firstname', FILTER_DEFAULT));
$lastname = $sqlConn->realEscapeString(filter_input(INPUT_POST, 'lastname', FILTER_DEFAULT));
$password = $sqlConn->realEscapeString(filter_input(INPUT_POST, 'password', FILTER_DEFAULT));
$passwordRe = $sqlConn->realEscapeString(filter_input(INPUT_POST, 'passwordRe', FILTER_DEFAULT));
$address = $sqlConn->realEscapeString(filter_input(INPUT_POST, 'address', FILTER_DEFAULT));
$postnumber = $sqlConn->realEscapeString(filter_input(INPUT_POST, 'postnumber', FILTER_DEFAULT));
$city = $sqlConn->realEscapeString(filter_input(INPUT_POST, 'city', FILTER_DEFAULT));
$phone = $sqlConn->realEscapeString(filter_input(INPUT_POST, 'phone', FILTER_DEFAULT));
// Check inputs validity
// Encrypt password
$passwordEncypt = base64_encode(mcrypt_encrypt(MCRYPT_RIJNDAEL_256, md5($email), $password, MCRYPT_MODE_CBC, md5(md5($email))));
// Record current date and time
$timeAndDate = date("Y-m-d h:i:sa");
// Insert:
$query = "INSERT INTO user (firstname, lastname, password, address,\n email, phone, city, postnumber, usertype_idusertype, timeAndDate) \n VALUES ('" . $firstname . "','" . $lastname . "','" . $passwordEncypt . "','" . $address . "','" . $email . "','" . $phone . "','" . $city . "'," . $postnumber . ",1,'" . $timeAndDate . "')";
echo "<br/>" . $query . "<br/>";
$sqlConn->exeQuery($query);
// Remove DB connection
unset($sqlConn);
}
function boolQuery($query)
{
$thequery = new DBclass();
$out = $thequery->simpleQuery($query);
return $out;
}
// ci da un ID, e selezioniamo il database a cui cogliamo operare
} else {
return true;
}
}
}
//funzione per l'esecuzione delle Query
public function query($sql)
{
if (isset($this->attiva)) {
$sql = mysql_query($sql) or die(mysql_error());
return $sql;
} else {
return false;
}
//se c'� una connessine attiva non fa niente altrimenti atttiva la connessione
}
}
?>
<?php
//istanza dell'oggetto fuori dalla classe
//istanza sull'oggetto della classe
$db = new DBclass();
//connessione al database
$db->connetti();
//si invoca il metodo connetti su qeusto oggetto
?>
<?php
error_reporting(0);
$dir_path = dirname(__FILE__) . '/';
$module_path = $dir_path . 'Modules/';
$view_path = $dir_path . 'Views/';
include $dir_path . 'includes/config.php';
$databaseobject = new DBclass();
require_once 'CallerService.php';
session_start();
if (isset($_POST['submit']) || isset($_POST['submit_x'])) {
//print_r($_POST);
if ($_POST['paynow'] == 'mpesa') {
$where = "id=" . $_POST['orderid'];
$orderid = $_POST['orderid'];
$AddArray = array('paymentmode' => 'mpesa');
$databaseobject->update_record(ORDERS_TABLE, $AddArray, $where, '', $query_echo = '');
$sql = "select * from " . ORDERS_TABLE . " where id='" . $_POST['orderid'] . "'";
$orderdetails = $databaseobject->fetch_array($sql);
$sqladmin = "SELECT order_email from sitesetting";
$orderemail = $databaseobject->get_name_using_id($sqladmin);
extract($orderdetails[0]);
$mailsql = "SELECT * FROM mailtemplate WHERE id='4'";
$mailarr = $databaseobject->fetch_array($mailsql);
$from = $mailarr[0]['fromemail'];
//$from = 'Savostore.com';//$content['email'];
$to = $orderemail;
////$orderemail;//'*****@*****.**';////$toemail;
$headers = "MIME-Version: 1.0\r\n";
$headers .= "Content-type: text/html; charset=iso-8859-1\r\n";
$headers .= "From:" . $from;
