function shortenLink()
{
$arraySize = 69;
$short = "";
$dbc = new dbc();
$res = $dbc->query("SELECT url FROM Links WHERE (SELECT MAX(IDlink) FROM Links) = IDlink");
if ($res != 0) {
//var_dump($dbc->getResult());
$res = decodeLink($dbc->getResult());
//exit;
$latestURL = explode(",", $res);
if ($latestURL[2] == 68) {
$latestURL[2] = "0";
if ($latestURL[1] == 68) {
$latestURL[1] = "0";
if ($latestURL[0] == 68) {
echo "S**t på URL:er!!!";
exit;
} else {
$latestURL[0]++;
}
} else {
$latestURL[1]++;
}
} else {
$latestURL[2]++;
}
$short = $latestURL[0] . "," . $latestURL[1] . "," . $latestURL[2];
} else {
$short = "0,0,0";
}
return encodeLink($short);
}
public static function instance()
{
if (!isset(self::$instance)) {
self::$instance = new self();
}
return self::$instance;
}
private function filtering($data)
{
$data = mysqli_real_escape_string(dbc::dbconnect(), $data);
$data = trim($data);
$data = stripslashes($data);
return $data;
}
<?php
include "config.php";
include "clean_input.php";
include "dbconn.php";
session_start();
$dbc = dbc::instance();
if (isset($_SESSION['user'])) {
$user = $_SESSION['user'];
$userId = (int) $user['id'];
$bookId = (int) $_GET['id'];
} else {
$_SESSION['flash'] = "Zaloguj się";
header("Location: " . $_SERVER['HTTP_REFERER']);
die;
}
$userBook = $dbc->prepare("DELETE FROM user_books\r\n WHERE \r\n user_id =:user_id AND\r\n book_id =:book_id");
$userBook->bindParam(':user_id', $userId, PDO::PARAM_INT);
$userBook->bindParam(':book_id', $bookId, PDO::PARAM_INT);
$available = date('Y-m-d H:i:s', strtotime('-1 days'));
$book = $dbc->prepare("UPDATE books\r\n SET `available` =:available\r\n WHERE `id` =:id");
$book->bindParam(':available', $available, PDO::PARAM_STR);
$book->bindParam(':id', $bookId, PDO::PARAM_INT);
$first = $dbc->execute($userBook);
$third = $dbc->execute($book);
if ($first && $third) {
$_SESSION['flash'] = "Oddałes książkę, zachęcamy do wypożyczenia kolejnej.";
} else {
$_SESSION['flash'] = "Wystąpił błąd";
}
header("Location: " . $_SERVER['HTTP_REFERER']);
//Variables
$uName = $_SESSION["user"];
$signUp = $res["signUp"];
//$IDuser = $res["IDuser"];
$eMail = $res["eMail"];
$bio = utf8_encode($res["bio"]);
$permissions = $res["permissions"];
//$nrLinks = $res["nrLinks"];
//Gravatar
$default = "http://www.arbr.se/img/default.jpg";
$size = 170;
$gravatar = "http://www.gravatar.com/avatar/" . md5(strtolower(trim($eMail))) . "?d=" . urlencode($default) . "&s=" . $size;
$createdLinks;
$dump;
$res;
$dbc = new dbc();
$dbcData = array('IDuser' => $IDuser);
$res = $dbc->query("SELECT * FROM Links WHERE IDuser = :IDuser", $dbcData);
$dump = $dbc->getAllResult();
function printUserInfo()
{
global $fName, $IDuser, $uName, $signUp, $eMail, $bio, $res;
//if($res > 0) {
$temp = explode(" ", $signUp);
echo "<h2>" . $fName . "</h2>";
//echo $IDuser . "<br/>";
echo "<span class='profile_headers'>Username: </span>" . $uName . "<br/>";
echo "<span class='profile_headers'>Email: </span>" . $eMail . "<br/>";
//echo "<span class='profile_headers'>Member since: </span>" . $temp[0] . "<br/>";
//echo "<span class='profile_headers'>Number of links: </span>" . $res . "<br>";
if ($bio != null) {
<?php
$uName = $_GET["q"];
require_once '../dbc_class.php';
$dbc = new dbc();
$dbcData = array('uName' => $uName);
$res = $dbc->query("SELECT * FROM Users WHERE uName = :uName", $dbcData);
if ($res != 0) {
echo "0";
} else {
echo "1";
}
ini_set('max_execution_time', 3600);
session_start();
$where = '';
$submit = '';
if (isset($_GET)) {
extract($_GET);
}
if (isset($_GET['sitename'])) {
$supplier_name = $_GET['sitename'];
$where = "name = '{$supplier_name}'";
$submit = "addpathes";
} elseif (isset($_GET['id'])) {
$where = "id = " . $_GET['id'];
$submit = "updatepathes";
}
$db = new dbc($config);
$data = $db->select('*', 'supplier', "{$where}");
foreach ($data as $key) {
$siteid = $key['id'];
$sitename = $key['name'];
$siteurl = $key['url'];
$_SESSION['siteid'] = $siteid;
}
//$curl = new iniDOM(1);
//$curl->initiate_cURL($siteurl);
//$curl->write_file($sitename);
//include 'views/header.php';
echo '<!DOCTYPE html>
<html>
<head>
<title>
}
if (checkPassword($pass) && $pass != "") {
$success++;
//echo $pass . "<br/>";
} else {
$errorString .= "<li>- The entred password has the wrong format</li>";
}
if ($success == 2) {
$dbc = new dbc();
$dbcData = array('uName' => $uName, 'pass' => sha1($pass . UNIQE_SALT));
$res = $dbc->query("SELECT * FROM Users WHERE uName = :uName AND pass = :pass", $dbcData);
if ($res == 1) {
$success++;
userSignIn($uName);
}
$dbc = new dbc();
$dbcData = array('uName' => $uName, 'pass' => sha1($pass . UNIQE_SALT));
$res = $dbc->query("SELECT uName FROM Users WHERE eMail = :uName AND pass = :pass", $dbcData);
if ($res == 1) {
$success++;
$uName = $dbc->getResult();
userSignIn($uName["uName"]);
}
$errorString .= "<li>- Wrong password OR the account does not exsist</li>";
}
if ($errorString != "") {
somethingWrong();
}
/*if($res == 1){
header("Location: index.php")
}
<?php
//echo "hej";
//REQUIRE FILES
require_once '../dbc_class.php';
$eMail = $_POST['eMail'];
$errorString;
if (!isset($eMail)) {
$eMail = $_GET['eMail'];
}
if (checkEmail($eMail)) {
$dbc = new dbc();
$dbcData = array('eMail' => $eMail);
$res = $dbc->query("SELECT * FROM Users WHERE eMail = :eMail", $dbcData);
if ($res == 1) {
$pass = generatePassword();
$temp = $dbc->getResult();
$uName = $temp["uName"];
$fName = $temp["fName"];
$dbcData = array('eMail' => $eMail, 'pass' => sha1($pass . UNIQE_SALT));
$dbc->query("UPDATE Users SET pass = :pass WHERE eMail = :eMail", $dbcData);
email($pass, $eMail, $uName, $fName);
} else {
$errorString .= "<li>- You are not a part of arbr.se, but be sure to sign up!</li>";
}
} else {
$errorString .= "<li>- Your Username/Password has the wrong format, please try agian</li>";
}
function checkEmail($eMail)
{
global $errorString;
<?php
session_start();
require_once 'dbc_class.php';
$signedin = false;
$IDuser;
$fName;
$gravatar_nav;
$eMail;
$uName;
if (isset($_SESSION["user"])) {
$uName = $_SESSION["user"];
$dbc = new dbc();
$dbcData = array('uName' => $uName);
$res = $dbc->query("SELECT * FROM Users WHERE uName = :uName", $dbcData);
if ($res == 1) {
$signedin = true;
$temp = $dbc->getResult();
$eMail = $temp["eMail"];
$IDuser = $temp["IDuser"];
$gdefault = "http://www.arbr.se/img/default.jpg";
$gsize = 20;
$gravatar_nav = "http://www.gravatar.com/avatar/" . md5(strtolower(trim($temp["eMail"]))) . "?d=" . urlencode($gdefault) . "&s=" . $gsize;
$fName = utf8_encode($temp["fName"]);
}
}
if (checkPassword($pass, $pass2)) {
$success++;
} else {
if ($pass == "" && $pass2 == "" || !isset($pass) && !isset($pass2)) {
$success++;
} else {
$errorString .= "<li>Your password is not correctly formated.</li>";
}
}
if (checkBIO($bio)) {
$success++;
} else {
$errorString .= "<li>Your BIO '" . $bio . "', it sounds fishy...</li>";
}
if ($success == 2) {
$dbc = new dbc();
if ($pass != "" && isset($pass)) {
$dbcData = array('pass' => sha1($pass . UNIQE_SALT), 'IDuser' => $IDuser);
$dbc->query("UPDATE Users SET pass = :pass WHERE IDuser = :IDuser", $dbcData);
}
$dbcData = array('bio' => $bio, 'IDuser' => $IDuser);
$dbc->query("UPDATE Users SET bio = :bio WHERE IDuser = :IDuser", $dbcData);
session_destroy();
header("Location: http://www.arbr.se/signin/signmein.php?pass="******"&uName=" . $eMail);
} else {
header("Location: http://www.arbr.se/settings/?error=" . $errorString);
}
/*if($res == 1){
header("Location: index.php")
}
*/
function checkUName($uName)
{
global $errorString;
$dbc = new dbc();
$dbcData = array('uName' => $uName);
$res = $dbc->query("SELECT * FROM Users WHERE uName = :uName", $dbcData);
if ($res > 0) {
$errorString .= "<li>- The username '" . $uName . "', is already taken.</li>";
return false;
} else {
if (!preg_match("/^[A-Za-z0-9_-]{5,25}\$/", $uName)) {
$errorString .= "<li>- The username '" . $uName . "', is not correctly formated.</li>";
return false;
}
}
return true;
}
public static function rutExiste($rut)
{
$_db = dbc::instance();
$stmt = $_db->prepare("SELECT nombre FROM " . USUARIO . " WHERE Rut = :rut");
$stmt->bindParam(':rut', $rut);
$stmt->execute();
if ($stmt->fetch()) {
return true;
}
return false;
}
<?php
if (($route != "" || $route != NULL) && strlen($route) == 3) {
$dbc = new dbc();
$dbcData = array('url' => $route);
$res = $dbc->query("SELECT urlSrc FROM Links WHERE url LIKE BINARY :url", $dbcData);
if ($res == 1) {
$dump = $dbc->getResult();
$dbc->query("UPDATE Links SET clicks = clicks + 1 WHERE url LIKE BINARY :url", $dbcData);
header("Location: " . $dump["urlSrc"]);
}
} else {
//echo "fail";
//header("Location: http://www.arbr.se");
}
<?php
require_once 'signinCheck.php';
if (!$signedin) {
header("Location: /signin");
exit;
}
$IDlink = $_GET['id'];
$dbc = new dbc();
$dbcData = array('IDuser' => $IDuser, 'IDlink' => $IDlink);
$dbc->query("DELETE FROM Links WHERE IDuser = :IDuser AND IDlink = :IDlink", $dbcData);
header("Location: /profile");
function obtener_imagenes($filtros, $numero, $offset = 0)
{
//echo "<pre>";
//printr_r($filtros);
//echo "</pre>";
/*
global $imagenes_prueba;
$resultado = array();
*/
if ($offset > 0) {
$offset *= $numero;
$numero += $offset;
} else {
if ($offset < 0) {
$offset = 0;
}
}
/*
for ($i=$offset; $i < $numero; $i++) {
$resultado[] = $imagenes_prueba[$i];
}*/
//return $resultado;
if (isset($filtros) == false) {
$consulta = '';
$aux = '';
foreach ($filtros[preparacion_de] as $preparacion) {
if (strcmp($consulta, $aux) == 0) {
$consulta .= "SELECT Id,Autor,Ruta,DescripcionBreve,TipoTenido,Preparacion,Diametro,Aumento,DATE_FORMAT(Fecha, '%d/%m/%y') AS FechaFormato, RutaDibujo FROM Repositorio WHERE Preparacion = " . $preparacion . " ORDER BY Fecha DESC";
} else {
$consulta .= "OR SELECT Id,Autor,Ruta,DescripcionBreve,TipoTenido,Preparacion,Diametro,Aumento,DATE_FORMAT(Fecha, '%d/%m/%y') AS FechaFormato, RutaDibujo FROM Repositorio WHERE Preparacion = " . $preparacion . " ORDER BY Fecha DESC";
}
}
foreach ($filtros['tincion_usada'] as $tincion) {
if (strcmp($consulta, $aux) == 0) {
$consulta .= "SELECT Id,Autor,Ruta,DescripcionBreve,TipoTenido,Preparacion,Diametro,Aumento,DATE_FORMAT(Fecha, '%d/%m/%y') AS FechaFormato, RutaDibujo FROM Repositorio WHERE TipoTenido = " . $tincion . " ORDER BY Fecha DESC";
} else {
$consulta .= "OR SELECT Id,Autor,Ruta,DescripcionBreve,TipoTenido,Preparacion,Diametro,Aumento,DATE_FORMAT(Fecha, '%d/%m/%y') AS FechaFormato, RutaDibujo FROM Repositorio WHERE TipoTenido = " . $tincion . " ORDER BY Fecha DESC";
}
}
foreach ($filtros['diametro_campo'] as $diametro) {
if (strcmp($consulta, $aux) == 0) {
$consulta .= "SELECT Id,Autor,Ruta,DescripcionBreve,TipoTenido,Preparacion,Diametro,Aumento,DATE_FORMAT(Fecha, '%d/%m/%y') AS FechaFormato, RutaDibujo FROM Repositorio WHERE Diametro = " . $diametro . " ORDER BY Fecha DESC";
} else {
$consulta .= "OR SELECT Id,Autor,Ruta,DescripcionBreve,TipoTenido,Preparacion,Diametro,Aumento,DATE_FORMAT(Fecha, '%d/%m/%y') AS FechaFormato, RutaDibujo FROM Repositorio WHERE Diametro = " . $diametro . " ORDER BY Fecha DESC";
}
}
foreach ($filtros['aumento_total'] as $aumento) {
if (strcmp($consulta, $aux) == 0) {
$consulta .= "SELECT Id,Autor,Ruta,DescripcionBreve,TipoTenido,Preparacion,Diametro,Aumento,DATE_FORMAT(Fecha, '%d/%m/%y') AS FechaFormato, RutaDibujo FROM Repositorio WHERE Aumento = " . $aumento . " ORDER BY Fecha DESC";
} else {
$consulta .= "OR SELECT Id,Autor,Ruta,DescripcionBreve,TipoTenido,Preparacion,Diametro,Aumento,DATE_FORMAT(Fecha, '%d/%m/%y') AS FechaFormato, RutaDibujo FROM Repositorio WHERE Aumento = " . $aumento . " ORDER BY Fecha DESC";
}
}
//crear la conexion
$_db = dbc::instance();
$stmt = $_db->prepare($consulta . ' LIMIT ' . $offset . ',' . $numero);
$stmt->execute();
while ($fila = $stmt->fetch()) {
$fotosGaleria[] = new Imagen($fila['Id'], $fila['Autor'], $fila['Ruta'], $fila['DescripcionBreve'], $fila['TipoTenido'], $fila['Preparacion'], $fila['Diametro'], $fila['Aumento'], $fila['RutaDibujo'], $fila['FechaFormato']);
}
// retornar el array con las imagenes
//$contador = count($fotosGaleria);
//echo $contador;
return $fotosGaleria;
} else {
//echo "No hay filtros";
global $consulta;
$consulta .= "Id,Autor,Ruta,DescripcionBreve,TipoTenido,Preparacion,Diametro,Aumento,DATE_FORMAT(Fecha, '%d/%m/%y') AS FechaFormato, RutaDibujo FROM Repositorio ORDER BY Fecha DESC";
$_db = dbc::instance();
$stmt = $_db->prepare('SELECT ' . $consulta . ' LIMIT ' . $offset . ',' . $numero);
$stmt->execute();
//pasar los datos a un array
while ($fila = $stmt->fetch()) {
/*
echo $fila['Id'];
echo $fila['Autor'];
echo $fila['Ruta'];
echo $fila['DescripcionBreve'];
echo $fila['Preparacion'];
echo $fila['Diametro'];
echo $fila['Aumento'];
echo $fila['FechaFormato'];
echo $fila['RutaDibujo'];
$foto = getimagesize( $fila['Ruta'] );
$ancho = $foto[0]; // se guarda el ancho de la imagen
$alto = $foto[1]; // se guarda el alto de la imagen
echo $ancho;
echo $alto;*/
$fotosGaleria[] = new Imagen($fila['Id'], $fila['Autor'], $fila['Ruta'], $fila['DescripcionBreve'], $fila['TipoTenido'], $fila['Preparacion'], $fila['Diametro'], $fila['Aumento'], $fila['RutaDibujo'], $fila['FechaFormato']);
}
// retornar el array con las imagenes
//$contador = count($fotosGaleria);
//echo $contador;
return $fotosGaleria;
}
}
