function AddProduct($config, $jsonResult) { $cargo_id = $_GET["cargo_id"]; $kind_id = ""; $kind = $_GET["kind"]; $amount = $_GET["amount"]; $sql1 = "SELECT COUNT(name) as kind_amount , kind_id FROM kind WHERE name = '" . $kind . "';"; $sql2 = "INSERT INTO kind(name) VALUES('" . $kind . "')"; $conn = new connection($config); $jsonResult->json_data['result_code'] = JSON::$resultCodes['ok']; try { $result1 = $conn->query($sql1); foreach ($result1 as $row) { if ($row['kind_amount'] === "0") { $conn->query($sql2); $kind_id = $conn->conn->lastInsertId(); } else { $kind_id = $row['kind_id']; } } $conn->query("INSERT INTO product(cargo_id , amount , kind_id) VALUES(" . $cargo_id . " , " . $amount . " , " . $kind_id . ")"); $product_id = $conn->conn->lastInsertId(); $jsonResult->json_data['result_data'] = $product_id; } catch (PDOException $e) { $jsonResult->json_data['result_code'] = JSON::$resultCodes['mysql_exception']; } }
function getCargoListWithKinds($config, $jsonResult) { $conn = new connection(new Config(null, null)); $result = array(); $cargoes = $conn->query("SELECT * FROM cargo"); foreach ($cargoes as $cargo) { $kinds = $conn->query("SELECT DISTINCT kind.name\n FROM product INNER JOIN kind on product.kind_id = kind.kind_id\n WHERE cargo_id =" . $cargo['cargo_id']); $kinds = $kinds->fetchAll(); array_push($result, array('name' => $cargo['name'], 'kinds' => $kinds)); } $jsonResult->json_data['result_data'] = $result; }
function has_items($id) { $db = new connection(); $db->query('SELECT * FROM object WHERE type="page" AND status=1 AND parent_id=' . $id); if ($this->has_child($id)) { ?> <ul class="submenu"> <?php } while ($result = $db->fetch_array()) { ?> <li><a href='./?page_id=<?php echo $result['id']; ?> '><?php echo $result['menu_title']; ?> </a> <?php if ($this->has_items($result['id'])) { echo $this->has_items($result['id']); } ?> </li> <?php } if ($this->has_child($id)) { ?> </ul> <?php } }
function RemoveAuction($config, $jsonResult) { $id = $_GET['auction_id']; $conn = new connection($config); $jsonResult->json_data['result_code'] = JSON::$resultCodes['ok']; $conn->query("DELETE FROM allegro where auction_id='" . $id . "';"); }
function the_cat($by_name = null, $linked = null) { if ($this->is_object()) { if (!empty($this->cat)) { // Gibt die ID der Kategorie zurück if (null == $by_name) { return $this->cat; // Gibt den Titel der Kategorie zurück } else { $db = new connection(); $get_the_catname = $db->query('SELECT * FROM object WHERE id=' . $this->cat); $the_catname = $db->fetch_array(); if (null !== $linked) { // Kategorie wird als Link ausgegeben return '<a href="./?cat=' . $the_catname['id'] . '" rel="nofollow">' . $the_catname['title'] . '</a> '; } else { // Kategorie wird nicht als Link ausgegeben return $the_catname['title'] . " "; } } } else { return false; } } }
function getProductList($kind_name) { $productsWithPhotos = array(); $conn = new connection(new Config(null, null)); $products = $conn->query("SELECT product_id , amount , kind.name as kind\nFROM product INNER JOIN kind on product.kind_id = kind.kind_id\nWHERE kind.name = '" . $kind_name . "';"); print $conn->error; foreach ($products as $product) { $tmp_photos = array(); $photos = $conn->query("SELECT photo.photo_id as id, photo.extension\n from product inner join photo on product.product_id = photo.product_id\n where product.product_id = '" . $product['product_id'] . "';"); foreach ($photos as $photo) { array_push($tmp_photos, new Photo($photo['id'], $photo['extension'])); } array_push($productsWithPhotos, new Product($product['product_id'], $product['kind'], $product['amount'], $tmp_photos)); } return $productsWithPhotos; }
function getCargoListWithKinds($config, $jsonResult) { $kind_name = $_GET['kind_name']; $productsWithPhotos = array(); $conn = new connection($config); $products = $conn->query("SELECT product_id , amount , kind.name as kind\nFROM product INNER JOIN kind on product.kind_id = kind.kind_id\nWHERE kind.name = '" . $kind_name . "';"); print $conn->error; foreach ($products as $product) { $tmp_photos = array(); $photos = $conn->query("SELECT photo.photo_id as id, photo.extension\n from product inner join photo on product.product_id = photo.product_id\n where product.product_id = '" . $product['product_id'] . "';"); foreach ($photos as $photo) { array_push($tmp_photos, new Photo($photo['id'], $photo['extension'])); } array_push($productsWithPhotos, new Product($product['product_id'], $product['kind'], $product['amount'], $tmp_photos)); } $jsonResult->json_data['result_data'] = $productsWithPhotos; }
function RemoveProduct($config, $jsonResult) { $conn = new connection($config); $product_id = $_GET['product_id']; $jsonResult->json_data['result_code'] = JSON::$resultCodes['ok']; try { $conn->query("DELETE FROM product WHERE product_id=" . $product_id . ";"); $result = $conn->query("SELECT photo_id , extension FROM photo WHERE product_id = " . $product_id . ";"); foreach ($result as $row) { $photo_id = $row['$photo_id']; unlink('../images/' . $photo_id . '.' . $row['extension']); $conn->query("DELETE FROM photo WHERE photo_id = " . $photo_id . ";"); } } catch (PDOException $e) { $jsonResult->json_data['result_code'] = JSON::$resultCodes['mysql_exception']; } }
function GetAuctionList($config, $jsonResult) { $conn = new connection($config); $jsonResult->json_data['result_code'] = JSON::$resultCodes['ok']; $result = $conn->query("SELECT auction_id , name , sandbox FROM allegro;"); foreach ($result as $row) { array_push($jsonResult->json_data['result_data'], array('id' => $row['auction_id'], 'name' => $row['name'], 'sandbox' => $row['sandbox'])); } }
function GetCargoName($config, $jsonResult) { $cargo_id = $_GET['cargo_id']; $conn = new connection($config); $result = $conn->query("SELECT name FROM cargo WHERE cargo_id = " . $cargo_id . ";"); foreach ($result as $row) { array_push($jsonResult->json_data["result_data"], $row['name']); } $jsonResult->json_data["result_code"] = JSON::$resultCodes['ok']; }
function AddCargo($config, $jsonResult) { $name = $_GET['name']; $conn = new connection($config); $jsonResult->json_data['result_code'] = JSON::$resultCodes['ok']; try { $conn->query("INSERT INTO cargo(name) VALUES('" . $name . "');"); } catch (PDOException $e) { $jsonResult->json_data['result_code'] = JSON::$resultCodes['mysql_exception']; } }
function GetProductList($config, $jsonResult) { $cargo_id = $_GET['cargo_id']; $conn = new connection($config); $result = $conn->query("SELECT kind.name as kind_name , amount , product_id\n from product\n inner join kind on product.kind_id = kind.kind_id\n inner join cargo on product.cargo_id = cargo.cargo_id\n where cargo.cargo_id = '" . $cargo_id . "'\n ORDER BY kind.name;"); $kinds = array(); foreach ($result as $row) { $tmp_photos = array(); $result2 = $conn->query("SELECT photo.photo_id , photo.extension\n from product inner join photo on product.product_id = photo.product_id\n where product.product_id = '" . $row['product_id'] . "';"); foreach ($result2 as $row2) { array_push($tmp_photos, new Photo($row2['photo_id'], $row2['extension'])); } array_push($kinds, new Product($row['product_id'], $row['kind_name'], $row['amount'], $tmp_photos)); } $jsonResult->json_data['result_data'] = $kinds; if ($result->rowCount() === 0) { $jsonResult->json_data["result_code"] = JSON::$resultCodes['no_product']; } else { $jsonResult->json_data["result_code"] = JSON::$resultCodes['ok']; } }
function AddItems($config, $jsonResult) { $conn = new connection($config); $product_id = $_GET['product_id']; $amount = $_GET['amount']; $jsonResult->json_data['result_code'] = JSON::$resultCodes['ok']; try { $conn->query("UPDATE product SET amount = amount + " . $amount . " WHERE product_id = " . $product_id); } catch (PDOException $e) { $jsonResult->json_data['result_code'] = JSON::$resultCodes['mysql_exception']; } }
public function load($iRecordID) { $oCon = new connection(); $sSQL = "SELECT RecordID, Title, Artist, Price, GenreID, PhotoPath\n\t\t\t\tFROM tbrecords \n\t\t\t\tWHERE RecordID = " . $iRecordID; $oResultSet = $oCon->query($sSQL); $aRow = $oCon->fetchArray($oResultSet); $this->iRecordID = $aRow['RecordID']; $this->sTitle = $aRow['Title']; $this->sArtist = $aRow['Artist']; $this->fPrice = $aRow['Price']; $this->iGenreID = $aRow['GenreID']; $this->iPhotoPath = $aRow['PhotoPath']; $oCon->close(); }
function GetCargoList($config, $jsonResult) { $conn = new connection($config); $result = $conn->query("SELECT\n COUNT(DISTINCT kind_id) as kind_amount ,\n COUNT(product_id) as product_amount ,\n SUM(amount) as item_amount,\n cargo.cargo_id,\n cargo.name as cargo_name\n FROM product\n RIGHT JOIN cargo on product.cargo_id = cargo.cargo_id\n GROUP BY cargo.name\n ORDER BY cargo.cargo_id;"); print $conn->error; foreach ($result as $row) { array_push($jsonResult->json_data["result_data"], array('kind_amount' => $row['kind_amount'], 'product_amount' => $row['product_amount'], 'item_amount' => $row['item_amount'], 'cargo_id' => $row['cargo_id'], 'cargo_name' => $row['cargo_name'])); } if ($result->rowCount() === 0) { $jsonResult->json_data['result_code'] = JSON::$resultCodes['no_cargoes']; } else { $jsonResult->json_data['result_code'] = JSON::$resultCodes['ok']; } }
public function getAllCategories() { $aCategories = array(); $oConnection = new connection(); $sSQL = "SELECT TypeID\n\t\tFROM tbproducttype"; $oResult = $oConnection->query($sSQL); while ($aRow = $oConnection->fetch_array($oResult)) { $oCategory = new category(); $oCategory->load($aRow["TypeID"]); $aCategories[] = $oCategory; } $oConnection->close_connection(); return $aCategories; }
function makeOrders($config) { $conn = new connection($config); $allegroConn = new ALLEGRO(); $sandbox_auctions = $conn->query("SELECT auction_id FROM allegro WHERE sandbox = TRUE;"); $production_auctions = $conn->query("SELECT auction_id FROM allegro WHERE sandbox = FALSE;"); $sandbox_orders = GetAuctionDetails($allegroConn, CleanData($sandbox_auctions->fetchAll(), 'auction_id'), $allegroConn->sandbox); $production_orders = GetAuctionDetails($allegroConn, CleanData($production_auctions->fetchAll(), 'auction_id'), $allegroConn->production); $orders = array_merge($sandbox_orders, $production_orders); print "<pre>"; //print_r($orders); print "</pre>"; foreach ($orders as $order) { if (CheckIfRecordExist($order->order_id, $conn)) { /*Record already exist*/ } else { $conn->query("\n INSERT INTO client(city , postal_code ,email , address , nick , name)\n VALUES(\n '" . $order->client->city . "',\n '" . $order->client->postal_code . "',\n '" . $order->client->email . "',\n '" . $order->client->address . "',\n '" . $order->client->nick . "',\n '" . $order->client->name . "');"); $clientID = $conn->conn->lastInsertId(); $conn->query("\n INSERT INTO orders VALUES (\n '" . $order->order_id . "',\n 1,\n " . $clientID . ",\n '" . $order->date . "',\n '" . $order->message . "',\n '" . $order->delivery . "',\n " . $order->amount . "\n );\n "); print $conn->error; } } }
function AddAuction($config, $jsonResult) { $id = $_GET['auction_id']; $sandbox = $_GET['sandbox']; $conn = new connection($config); $jsonResult->json_data['result_code'] = JSON::$resultCodes['ok']; $allegroConn = new ALLEGRO(); if ($sandbox) { if (!$allegroConn->Connect($allegroConn->sandbox)) { $jsonResult->json_data['result_code'] = JSON::$resultCodes['allegro_error']; return; } } else { if (!$allegroConn->Connect($allegroConn->production)) { $jsonResult->json_data['result_code'] = JSON::$resultCodes['allegro_error']; return; } } $itemInfoRequest = array('sessionHandle' => $allegroConn->sessionNumber, 'itemsIdArray' => array($id + 0), 'getDesc' => 1, 'getPostageOptions' => 1); try { $auction_info = $allegroConn->GetItemsInfo($itemInfoRequest); } catch (Exception $e) { $jsonResult->json_data['result_code'] = JSON::$resultCodes['allegro_error']; return; } $auction_name = $auction_info->arrayItemListInfo->item->itemInfo->itName; if ($auction_name !== null) { if ($sandbox) { $sandbox = 1; } else { $sandbox = 0; } $jsonResult->json_data['result_data'] = array('auction_id' => $id, 'name' => $auction_name, 'sandbox' => $sandbox); } else { $jsonResult->json_data['result_code'] = JSON::$resultCodes['allegro_no_auction_name']; return; } try { $conn->query("INSERT INTO allegro VALUES ('" . $id . "' , '" . $auction_name . "' , " . $sandbox . ");"); } catch (PDOException $e) { $jsonResult->json_data['result_code'] = JSON::$resultCodes['mysql_exception']; return; } }
function AddImage($config, $jsonResult) { $conn = new connection($config); $product_id = $_POST['product_id']; $jsonResult->json_data['result_code'] = JSON::$resultCodes['ok']; $img_file = $_FILES['file']['name']; $img_file_tmp = $_FILES['file']['tmp_name']; $extension = pathinfo($img_file, PATHINFO_EXTENSION); $error = null; try { $conn->query("INSERT INTO photo(product_id , extension) VALUES('" . $product_id . "' , '" . $extension . "');"); } catch (PDOException $e) { $error = $e; $jsonResult->json_data['result_code'] = JSON::$resultCodes['mysql_exception']; } if ($error === NULL) { if (move_uploaded_file($img_file_tmp, "../images/" . $conn->conn->lastInsertId() . "." . $extension . "")) { //$jsonResult->json_data['result_data'] = "SUCCESS"; } else { $jsonResult->json_data['result_code'] = "image_upload_error"; } } }
break; case "category": $link = "../?cat={$temp_o['id']}"; break; } echo "Du kannst deine Änderungen <a href='{$link}'>hier ansehen</a> oder <a href='index.php?page=item_modify&id=" . $temp_o['id'] . "'>erneut bearbeiten</a>"; } else { if (isset($_GET['id'])) { $id = $_GET['id']; } else { exit; } $db = new connection(); // Objektdaten aus der Datenbank holen - LIMIT auf 1 begrenzt // $db->query("SELECT * FROM object WHERE id = '{$id}' LIMIT 1"); $result = $db->fetch_array(); $res_id = $result['id']; if (empty($result['nice_url'])) { $nice_url = filter_var($result['title'], FILTER_SANITIZE_SPECIAL_CHARS, FILTER_FLAG_STRIP_LOW | FILTER_FLAG_STRIP_HIGH); $nice_url = preg_replace("/\\s+/", "-", $nice_url); $nice_url = preg_replace("/:/", '', $nice_url); $nice_url = strtolower($nice_url); } else { $nice_url = $result['nice_url']; } $menutitle = $result['menu_title']; $title = $result['title']; $keywords = $result['keywords']; $description = $result['description']; $text = $result['content'];
<?php $db = new connection(); $id = $_GET['id']; $ref = "index.php?page=item_list&type=" . $_GET['ref']; $sql = "DELETE FROM object WHERE id = {$id};"; $query = $db->query($sql); echo "Inhalt wurde <b>aus der Datenbank entfernt</b>. Weiterleitung.."; ?> <script type="text/javascript"> function Redirect() { window.location = '<?php echo "{$ref}"; ?> '; } setTimeout('Redirect()', 1000); </script>
function list_cats($config) { if (!empty($config['title'])) { $title = $config['title']; } else { $title = 'Kategorien'; } if (!empty($config['order_by'])) { $order_by = $config['order_by']; } else { $order_by = 'title'; } $db = new connection(); $list_cats = $db->query('SELECT * FROM object WHERE type="category" AND status=1 ORDER BY ' . $order_by); echo "<div class='sidebar-item'>"; echo "<div class='sidebar-item-head'>{$title}</div>"; while ($cat = $db->fetch_array()) { echo "<div class='sidebar-item-box'>"; echo "<div class='sidebar-item-box-head'><a href='./?cat={$cat['id']}' title='" . strip_tags(html_entity_decode($cat['content'])) . "'>{$cat['title']}</a></div>"; echo "</div>"; } echo "</div>"; }
<h3>Alle <?php echo $type; ?> - <a href="./?page=item_add&type=<?php echo $type; ?> ">Neu</a></h3> <br> <?php $i = 0; $db = new connection(); // Objektdaten aus der Datenbank holen - LIMIT auf 1 begrenzt // $db->query("SELECT * from object WHERE type='{$type}' ORDER BY id DESC"); ?> <table id="example" class="display" cellspacing="0" width="100%"> <thead> <tr> <th></th> </tr> </thead> <tfoot> </tfoot> <tbody>
echo $nav; if ($frontpage) { echo "<div class='content'>"; echo "<div class='content-item'>"; echo "<div class='content-item-head'>{$frontpage['title']}</div>"; echo "<div class='content-item-body'>" . html_entity_decode($frontpage['content']) . "</div>"; echo "</div>"; echo "</div>"; } else { echo "<div class='content'>"; $db = new connection(); $max_per_page = 10; $qs = $system->the_querystring(); if (isset($qs['last'])) { $last = $qs['last']; $query = $db->query("SELECT * FROM object WHERE type='post' AND status=1 AND id<{$last} ORDER BY id DESC LIMIT {$max_per_page}"); } else { $query = $db->query("SELECT * FROM object WHERE type='post' AND status=1 ORDER BY id DESC LIMIT {$max_per_page}"); } $i = 0; while ($o = $db->fetch_array()) { $obj = new dbobject($o['id']); ?> <div class="content-item"> <div class="content-item-head"><a href="./?p=<?php echo $obj->the_id(); ?> " rel="nofollow"><?php echo $obj->the_title();
$nice_url = ""; $keywords = htmlentities($_POST['keywords']); $description = htmlentities($_POST['description']); $list = get_html_translation_table(HTML_ENTITIES); unset($list['"']); //unset($list['<']); //unset($list['>']); unset($list['&']); $text = $_POST['text']; $text = strtr($text, $list); $category = $_POST['category']; $date = time(); $status = 1; $db = new connection(); $query = "INSERT INTO object (type, title, nice_url, menu_title, content, description, keywords, status, date) \n\t\t\t VALUES ('{$posttype}','{$title}', '{$nice_url}', '{$menutitle}', '{$text}', '{$description}', '{$keywords}', {$status}, '{$date}')"; $db->query($query); $ff = $db->last_insert_id(); echo "Dein Inhalt wurde gespeichert. Du kannst ihn <a href='../?p={$ff}' target='_blank'>hier ansehen</a> oder <a href='index.php?page=item_modify&id={$ff}'>erneut bearbeiten</a>"; } else { ?> <form method="post"> <script type="text/javascript"> function toggle(id) { var e = document.getElementById(id); if(e.style.display == 'block') e.style.display = 'none'; else e.style.display = 'block';
<title><?php echo $feed['site_name']; ?> > Updates</title> <link><?php echo $channel_url; ?> </link> <description><?php echo $feed['site_description']; ?> </description> <?php $db = new connection(); $db->query("SELECT * FROM object WHERE type='post' AND status=1 ORDER BY id DESC"); while ($row = $db->fetch_array()) { $link = $item_url . "?p=" . $row['id']; $title = htmlspecialchars(html_entity_decode($row['title'])); $content = htmlspecialchars(html_entity_decode($row['content'])); $pubDate = $row['date']; $pubDate = gmdate("Y-m-d\\TH:i:s\\Z", $pubDate); ?> <item> <title><?php echo $title; ?> </title> <link><?php echo $link; ?>
$cat_id = $querystring['cat']; } if (!empty($querystring['last']) && is_numeric($querystring['last'])) { $last = $querystring['last']; } // aktuell mysql_real_escape_string() // Wenn htmlentities werden keine Ergebnisse angezeigt if (!empty($querystring['tag'])) { $tag = mysql_real_escape_string($querystring['tag']); } // aktuell mysql_real_escape_string() // wenn htmlentities, werden keine umlaute gesucht! if (isset($querystring['s'])) { $searchstring = mysql_real_escape_string($querystring['s']); if (isset($last) && is_numeric($last)) { $query = $db->query("SELECT * FROM object WHERE (type='post' OR type='page') AND ( title LIKE '%" . htmlentities($searchstring) . "%' OR menu_title LIKE '%" . htmlentities($searchstring) . "%' OR description LIKE '%" . htmlentities($searchstring) . "%' OR content LIKE '%" . htmlentities($searchstring) . "%' OR keywords LIKE '%" . htmlentities($searchstring) . "%' ) AND status=1 AND id<{$last} ORDER BY id DESC LIMIT {$max_per_page}"); } else { $query = $db->query("SELECT * FROM object WHERE (type='post' OR type='page') AND ( title LIKE '%" . htmlentities($searchstring) . "%' OR menu_title LIKE '%" . htmlentities($searchstring) . "%' OR description LIKE '%" . htmlentities($searchstring) . "%' OR content LIKE '%" . htmlentities($searchstring) . "%' OR keywords LIKE '%" . htmlentities($searchstring) . "%' ) AND status=1 ORDER BY id DESC LIMIT {$max_per_page}"); } } if (isset($cat_id)) { if (isset($last)) { $query = $db->query("SELECT * FROM object WHERE type='post' AND status=1 AND id<{$last} AND cat='{$cat_id}' ORDER BY id DESC LIMIT {$max_per_page}"); } else { $query = $db->query("SELECT * FROM object WHERE type='post' AND status=1 AND cat='{$cat_id}' ORDER BY id DESC LIMIT {$max_per_page}"); } } if (isset($tag)) { if (isset($last)) { $query = $db->query("SELECT * FROM object WHERE type='post' AND status=1 AND id<{$last} AND keywords LIKE '%" . htmlentities($tag) . "%' ORDER BY id DESC LIMIT {$max_per_page}"); } else {
} ?> </select> </p> <p>Startseite wählen</p> <p> <select name="startpage" class="input"> <option value="0">Die letzten Artikel</option> <?php $query2 = new connection(); $query2->query("SELECT * FROM object WHERE type='page' ORDER BY id"); while ($row2 = $query2->fetch_array()) { $id = $row2['id']; $title = $row2['menu_title']; if ($row['id'] == $id) { print "<option value=\"{$id}\" selected=\"selected\">{$title} </option>"; } else { print "<option value=\"{$id}\">{$title} </option>"; } } ?> </select> </p> <p>Allgemeine SEO Keywords</p>
<?php if (!isset($_GET['id']) || !isset($_GET['status'])) { echo "error"; exit; } $db = new connection(); $ref = "index.php?page=item_list&type=" . $_GET['ref']; $id = $_GET['id']; $status = $_GET['status']; if ($status == '0') { $var = "<b>deaktiviert</b>"; } else { $var = "<b>aktiviert</b>"; } $update = "UPDATE object SET status={$status} WHERE id={$id}"; $db->query($update); echo "Inhalt wurde {$var}. Weiterleitung.."; ?> <script type="text/javascript"> function Redirect() { window.location = '<?php echo "{$ref}"; ?> '; } setTimeout('Redirect()', 1000); </script>