function comment()
{
$db = new database();
$db->connect();
$this->id = $db->selectData("SELECT max(comid) as maximum from comment");
while ($this->row = mysqli_fetch_array($this->id)) {
if (empty($this->row['maximum'])) {
$this->id_no = "COM00001";
} else {
if (intval(substr($this->row['maximum'], 8)) == 99999) {
$str = substr($this->row['maximum'], 0, 8);
++$str;
$this->id_no = $str . '00001';
} else {
$this->id_no = ++$this->row['maximum'];
}
}
}
return $this->id_no;
}
<?php
require_once "../classes/database.php";
$db = new database();
$db->connect();
$postid = $_REQUEST['postid'];
//echo $postid;
if (isset($_REQUEST['postid'])) {
$query = "SELECT * from post where postid='{$postid}'";
$result = $db->selectData($query);
while ($row = mysqli_fetch_array($result)) {
$upvote = $row['upvote'];
$downvote = $row['downvote'];
//echo $upvote." ".$downvote;
}
if ($_REQUEST['vote'] == "up") {
$GLOBALS['upvote']++;
echo $GLOBALS['upvote'];
$query = "UPDATE post set upvote='" . $GLOBALS['upvote'] . "' where postid='{$postid}'";
$db->update($query);
} else {
if ($_REQUEST['vote'] == "down") {
++$GLOBALS['downvote'];
//echo $GLOBALS['downvote'];
$query = "UPDATE post set downvote='{$downvote}' where postid='{$postid}'";
$db->update($query);
}
}
}
<?php
require_once "../classes/database.php";
$user = $_REQUEST['user'];
$pass = $_REQUEST['pass'];
if (empty($user) || empty($pass)) {
echo "No";
} else {
$db = new database();
$db->connect();
$query = "SELECT * from users where username='******'";
$result = $db->selectData($query);
if (mysqli_num_rows($db->selectData($query)) == 0) {
echo "No";
} else {
while ($row = mysqli_fetch_array($db->selectData($query))) {
if (strcmp($row['username'], $user) == 0 || strcmp($row['password'], md5($pass)) == 0) {
session_start();
$_SESSION['sess_user'] = $user;
$_SESSION['username'] = $row['firstname'] . " " . $row['lastname'];
//set session with username
echo "Yes";
break;
}
}
}
}
?>
" data-value2="<?php
echo $GLOBALS['event_name'];
?>
" href="#">View</a> </td>
</tr>
</tbody>
<?php
}
?>
<?php
$query = "SELECT userID from users where email='" . $_SESSION['sess_user'] . "'";
$row = mysqli_fetch_array($db->selectData($query));
$query = "SELECT * from users_events INNER JOIN events ON (users_events.event_id=events.event_id) where users_events.user_id='" . $row['userID'] . "'";
$ans = $db->selectData($query);
while ($result = mysqli_fetch_array($ans)) {
$event_name = $result['event_name'];
$event_path = $result['content_path'];
$event_domain = $result['event_domain'];
$time = $result['timestamp'];
echo "<tr>";
display();
echo "</tr>";
}
?>
<?php
$db->disconnect();
<?php include "crud.php"; $control = new database(); $departur = $control->security($_POST['departur']); $return = $control->security($_POST['return']); $date_go = $control->security($_POST['date-go']); $ticket_options = $control->security($_POST['ticket-options']); $date_back = $control->security($_POST['date-back']); echo $control->selectData($departur, $return, $date_go);
<?php
require_once "../classes/database.php";
session_start();
$db = new database();
$db->connect();
$query = "SELECT * from users where username='******'sess_user'] . "'";
if (mysqli_num_rows($db->selectData($query)) > 0) {
$query = "SELECT * from skill where username='******'sess_user']) . "'";
$result = $db->selectData($query);
if (mysqli_num_rows($db->selectData($query)) > 0) {
while ($row = mysqli_fetch_array($result)) {
$_SESSION['skill_id'] = $row['skill_id'];
$_SESSION['head'] = $row['head'];
break;
}
require_once 'skill_display.php';
} else {
require_once 'skill_input.php';
}
}
date_default_timezone_set("Asia/Kolkata");
$time2=strtotime("now");
if($time2<($ban+3*60*60))
{
header('Location:fail.php');
}
else
{
$stm6=$db->del("delete from session_count where name='$name'");
//$stm6->execute();
}
}
*/
$result = $db->selectData("SELECT * from users where email='{$name}'");
//echo $result;
if (empty($result)) {
echo "Failed";
} else {
while ($row = mysqli_fetch_array($result)) {
$salt = decryptIt($row['salt']);
$hash = sha1($salt . $pass);
if (strcmp($row['email'], $name) == 0 and strcmp(decryptIt($row['password']), $hash) == 0) {
/*
echo "Successfuly logged in ! <br>";
echo "Welcome : ".$row['user_name'];
*/
$flag = 1;
// $db->del("delete from session_count where name='".$name."'");
session_start();
<?php
session_start();
require_once '../classes/database.php';
require_once '../classes/retrieval.php';
#error_reporting(0);
$var2 = $_REQUEST["id"];
$head = $_REQUEST["head"];
$db = new database();
$db->connect();
$query = "SELECT * from users where email='" . $_SESSION['sess_user'] . "'";
if (mysqli_num_rows($db->selectData($query)) > 0) {
$rt = new retrieval();
$event_id = $rt->events();
echo $event_id;
$row = mysqli_fetch_array($db->selectData($query));
$domain = $row['domain'];
$userid = $row['userID'];
$query = "INSERT INTO events (event_id , event_name, event_domain ) VALUES( '{$event_id}' , '{$head}' , '{$domain}') ";
$db->insertData($query);
} else {
echo "Daabse not updated";
}
$targetfolder = "../content/";
if (!is_dir($targetfolder)) {
mkdir($targetfolder);
}
if (!is_dir($targetfolder . $GLOBALS['domain'])) {
mkdir($targetfolder . $GLOBALS['domain']);
}
if (!file_exists($targetfolder . $GLOBALS['domain'] . "/" . $head . ".json")) {
require_once "../classes/database.php";
function encryptIt($q)
{
$cryptKey = 'qJB0rGtIn5UB1xG03efyCp';
$qEncoded = base64_encode(mcrypt_encrypt(MCRYPT_RIJNDAEL_256, md5($cryptKey), $q, MCRYPT_MODE_CBC, md5(md5($cryptKey))));
return $qEncoded;
}
function unique_salt()
{
return substr(sha1(mt_rand()), 0, 22);
}
$username = $_REQUEST['username'];
$db = new database();
$db->connect();
$query = "SELECT * from users where username='******'";
if (mysqli_num_rows($db->selectData($query)) > 0) {
echo "A";
} else {
//code for registration
if (!empty($_REQUEST["Submit"])) {
//input
$firstname = $_POST["firstname"];
$lastname = $_POST["lastname"];
$contact = $_POST['contact'];
$email = $_POST['username'];
$pass = md5($_POST["password"]);
$unique_salt = unique_salt();
$hash = sha1($unique_salt . $pass);
$encrypted = encryptIt($hash);
//creation of object
$db = new database();
