Ejemplo n.º 1
0
function check_if_empty($itemName, $errorMessage)
{
    global $errorArray;
    if (!empty($_POST[$itemName])) {
        $item = clean_data($_POST[$itemName]);
        return $item;
    } else {
        $errorArray[$itemName] = "<span class=\"form-error\">{$errorMessage}</span>";
        return '';
    }
}
Ejemplo n.º 2
0
function output_json($data, $status_code)
{
    global $_GET;
    header("HTTP/1.0 {$status_code}");
    $data = clean_data($data);
    if (isset($_GET['callback'])) {
        // JSONP
        header("Content-Type: application/javascript");
        echo "{$_GET['callback']}(" . json_encode($data) . ");";
    } else {
        header("Content-Type: application/json");
        echo json_encode($data);
    }
}
Ejemplo n.º 3
0
<?php

require_once './core_files/excel_file_extractor.php';
require_once './core_files/attendance_processor.php';
include_once './core_files/acessories.php';
$excelfile = 'tmpdir/file.xlsx';
echo "Data You Are about to submit" . '<br/>' . '<br/>';
$raw_data = extract_to_array($excelfile);
//extracts the excel file into an array
$clean_data = clean_data($raw_data);
//removes all unnecessory spacess at the end of rows
print_review($clean_data);
if (isset($_GET['cancel'])) {
    header('Location: home.php');
}
if (isset($_GET['submit'])) {
    insert_students($clean_data);
    insert_section($clean_data);
    insert_attendance($clean_data);
    echo "<script>setTimeout(\"location.href = 'home.php';\",7000);</script>";
    //header('Location: index.php');
}
?>
<a href='confirm.php?cancel=true'>Cancel</a>
<a href='confirm.php?submit=true'>Submit</a>
Ejemplo n.º 4
0
/**
 * edit zef entry 
 *
 * @param integer $id ID of record
 * @global array $kga kimai-global-array
 * @param integer $data  array with new record data
 * @author th
 */
function zef_edit_record($id, $data)
{
    global $kga, $conn;
    logfile(serialize($data));
    $data = clean_data($data);
    $original_array = zef_get_data($id);
    $new_array = array();
    foreach ($original_array as $key => $value) {
        if (isset($data[$key]) == true) {
            $new_array[$key] = $data[$key];
        } else {
            $new_array[$key] = $original_array[$key];
        }
    }
    logfile(serialize($new_array));
    $values['zef_comment'] = MySQL::SQLValue($new_array['zef_comment']);
    $values['zef_location'] = MySQL::SQLValue($new_array['zef_location']);
    if ($new_array['zef_trackingnr'] == '') {
        $values['zef_trackingnr'] = 'NULL';
    } else {
        $values['zef_trackingnr'] = MySQL::SQLValue($new_array['zef_trackingnr']);
    }
    $values['zef_pctID'] = MySQL::SQLValue($new_array['zef_pctID'], MySQL::SQLVALUE_NUMBER);
    $values['zef_evtID'] = MySQL::SQLValue($new_array['zef_evtID'], MySQL::SQLVALUE_NUMBER);
    $values['zef_comment_type'] = MySQL::SQLValue($new_array['zef_comment_type'], MySQL::SQLVALUE_NUMBER);
    $values['zef_in'] = MySQL::SQLValue($new_array['zef_in'], MySQL::SQLVALUE_NUMBER);
    $values['zef_out'] = MySQL::SQLValue($new_array['zef_out'], MySQL::SQLVALUE_NUMBER);
    $values['zef_time'] = MySQL::SQLValue($new_array['zef_time'], MySQL::SQLVALUE_NUMBER);
    $values['zef_rate'] = MySQL::SQLValue($new_array['zef_rate'], MySQL::SQLVALUE_NUMBER);
    $values['zef_cleared'] = MySQL::SQLValue($new_array['zef_cleared'] ? 1 : 0, MySQL::SQLVALUE_NUMBER);
    $filter['zef_ID'] = MySQL::SQLValue($id, MySQL::SQLVALUE_NUMBER);
    $table = $kga['server_prefix'] . "zef";
    $query = MySQL::BuildSQLUpdate($table, $values, $filter);
    $success = true;
    if (!$conn->Query($query)) {
        $success = false;
    }
    if ($success) {
        if (!$conn->TransactionEnd()) {
            $conn->Kill();
        }
    } else {
        if (!$conn->TransactionRollback()) {
            $conn->Kill();
        }
    }
    return $success;
    // $data['pct_ID']
    // $data['evt_ID']
    // $data['comment']
    // $data['comment_type']
    // $data['erase']
    // $data['in']
    // $data['out']
    // $data['diff']
    // if wrong time values have been entered in the edit window
    // the following 3 variables arrive as zeros - like so:
    // $data['in']   = 0;
    // $data['out']  = 0;
    // $data['diff'] = 0;
    // in this case the record has to be edited WITHOUT setting new time values
    // @oleg: ein zef-eintrag muss auch ohne die zeiten aktualisierbar sein weil die ggf. bei der prüfung durchfallen.
}
Ejemplo n.º 5
0
     if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
         $emailErr = "Invalid email format!";
     }
 }
 if (empty($_POST['password'])) {
     echo 'password is required' . '<br />';
 } else {
     $password = clean_data($_POST['password']);
     if (!preg_match("/^[a-zA-Z ]*\$/", $password)) {
         $passErr = "Only letters and white space allowed!";
     }
 }
 if (empty($_POST['password2'])) {
     echo 'password retype is required' . '<br />';
 } else {
     $password2 = clean_data($_POST['password2']);
     if (!preg_match("/^[a-zA-Z ]*\$/", $password2)) {
         $pass2Err = "Only letters and white space allowed!";
     }
 }
 if ($password == $password2) {
     $password = sha1($password);
     $q = "INSERT INTO users (username, password, email)\n\t\tVALUES ('{$username}', '{$password}', '{$email}')\n\t\t";
     if ($conn->query($q) == TRUE) {
         $msg = 'added success now please..';
     } else {
         echo "Error: " . $q . "<br>" . $conn->error;
     }
 } else {
     echo 'passwords must match';
 }
Ejemplo n.º 6
0
                $tiiconfigfield->value = $value;
                if (!$DB->update_record('config_plugins', $tiiconfigfield)) {
                    error("errorupdating");
                }
            } else {
                $tiiconfigfield = new stdClass();
                $tiiconfigfield->value = $value;
                $tiiconfigfield->plugin = 'plagiarism';
                $tiiconfigfield->name = $field;
                if (!$DB->insert_record('config_plugins', $tiiconfigfield)) {
                    error("errorinserting");
                }
            }
        }
        if ($field == 'delall' && $value == true) {
            clean_data();
        }
        if ($field == 'testglobal' && $value == true) {
            test_global_search();
        }
        if ($field == 'registration' && $value == true) {
            echo $OUTPUT->box("<b><a href=\"https://spreadsheets.google.com/viewform?formkey=dFRPVTRiSkNzSzI1cTVManUwNWVKZXc6MQ\" target=\"_new\">Please follow this link to register!</a></b>");
        }
    }
    notify(get_string('savedconfigsuccess', 'plagiarism_crot'), 'notifysuccess');
}
$plagiarismsettings = (array) get_config('plagiarism');
$mform->set_data($plagiarismsettings);
function clean_data()
{
    global $DB;
Ejemplo n.º 7
0
<?php

session_start();
require_once './inc/functions.php';
require_once './inc/db_connect.php';
if ($_POST) {
    $username = clean_data($_POST['username']);
    $password = clean_data($_POST['password']);
    $query = 'SELECT * FROM gallery_admins WHERE username =:username AND password=:password';
    $preparedStatement = $bdd->prepare($query);
    $preparedStatement->bindParam(':username', $username);
    $preparedStatement->bindParam(':password', $password);
    $preparedStatement->execute();
    $posts = $preparedStatement->fetchAll(PDO::FETCH_ASSOC);
    if (count($posts) > 0) {
        $_SESSION['username'] = $posts[0]['username'];
        header('Location:index.php');
        exit;
    }
}
?>
<!DOCTYPE html>
<html lang="en">
	<head>
		<title>Connection | The Mashup project</title>
		<meta charset="UTF-8" />
		<meta name="viewport" content="user-scalable=no, width=device-width, initial-scale=1.0" />
		<link rel="icon" type="image/png" href="img/favicon.png" />
		<link rel="stylesheet" type="text/css" href="style.css" />
	</head>
	<body>
Ejemplo n.º 8
0
     if (!is_numeric($_POST["phone"])) {
         $phoneErr = "numbers only please!";
     }
 }
 if (empty($_POST['pass'])) {
     echo 'password is required';
 } else {
     $pass = clean_data($_POST['pass']);
     if (!preg_match("/^[a-zA-Z ]*\$/", $pass)) {
         $passErr = "Only letters and white space allowed!";
     }
 }
 if (empty($_POST['pass_2'])) {
     echo 'password retype is required';
 } else {
     $pass_2 = clean_data($_POST['pass_2']);
     if (!preg_match("/^[a-zA-Z ]*\$/", $pass_2)) {
         $pass2Err = "Only letters and white space allowed!";
     }
 }
 if ($pass == $pass_2) {
     $pass = sha1($pass);
     $q = "INSERT INTO users (name, password, email, phone)\n              VALUES ('{$name}', '{$pass}', '{$email}', '{$phone}')\n             ";
     if ($conn->query($q) == TRUE) {
         $msg = 'added success now please..';
     } else {
         echo "Error: " . $q . "<br>" . $conn->error;
     }
 } else {
     echo 'passwords must match';
 }
Ejemplo n.º 9
0
 if (isset($_REQUEST["param"])) {
     switch ($_REQUEST["param"]) {
         case "wp_cleanup":
             if (wp_verify_nonce($_REQUEST["_wpnonce"], "clear_wp_data")) {
                 $type = $_REQUEST["typeClean"];
                 clean_data($type);
                 die;
             }
             break;
         case "bulk_delete_action":
             if (wp_verify_nonce($_REQUEST["_wpnonce"], "bulk_clear_wp_data")) {
                 $val = "";
                 $types = $_REQUEST["ux_chk_cleanup"];
                 print_r($types);
                 for ($flag = 0; $flag < count($types); $flag++) {
                     clean_data($types[$flag]);
                 }
                 die;
             }
             break;
         case "bulk_selected_action":
             if (wp_verify_nonce($_REQUEST["_wpnonce"], "bulk_action_table")) {
                 $types = $_REQUEST["ux_ddl_bulk_action_db_optimzier"];
                 $chk_value = $_REQUEST["ux_chk_cleanup_arr_db"];
                 $test = array();
                 if (is_multisite()) {
                     for ($flag1 = 0; $flag1 < count($chk_value); $flag1++) {
                         if ((strstr($chk_value[$flag1], $wpdb->terms) || strstr($chk_value[$flag1], $wpdb->term_taxonomy) || strstr($chk_value[$flag1], $wpdb->term_relationships) || strstr($chk_value[$flag1], $wpdb->commentmeta) || strstr($chk_value[$flag1], $wpdb->comments) || strstr($chk_value[$flag1], $wpdb->links) || strstr($chk_value[$flag1], $wpdb->options) || strstr($chk_value[$flag1], $wpdb->postmeta) || strstr($chk_value[$flag1], $wpdb->posts) || strstr($chk_value[$flag1], $wpdb->users) || strstr($chk_value[$flag1], $wpdb->usermeta) || strstr($chk_value[$flag1], $wpdb->prefix . "cleanup_optimizer_wp_scheduler") || strstr($chk_value[$flag1], $wpdb->prefix . "cleanup_optimizer_db_scheduler") || strstr($chk_value[$flag1], $wpdb->prefix . "cleanup_optimizer_login_log") || strstr($chk_value[$flag1], $wpdb->prefix . "cleanup_optimizer_plugin_settings") || strstr($chk_value[$flag1], $wpdb->prefix . "cleanup_optimizer_licensing") || strstr($chk_value[$flag1], $wpdb->prefix . "cleanup_optimizer_block_single_ip") || strstr($chk_value[$flag1], $wpdb->prefix . "cleanup_optimizer_block_range_ip") || strstr($chk_value[$flag1], $wpdb->signups) || strstr($chk_value[$flag1], $wpdb->sitemeta) || strstr($chk_value[$flag1], $wpdb->site) || strstr($chk_value[$flag1], $wpdb->registration_log) || strstr($chk_value[$flag1], $wpdb->blogs) || strstr($chk_value[$flag1], $wpdb->blog_versions)) == true) {
                         } else {
                             switch ($types) {
                                 case 1:
Ejemplo n.º 10
0
 //optional fields; therefore, they are allowed to be empty.
 $addContactAddressLine2 = empty($_POST['addContactAddressLine2']) ? '' : $_POST['addContactAddressLine2'];
 $addContactDepartmentWebsite = empty($_POST['addContactDepartmentWebsite']) ? '' : $_POST['addContactDepartmentWebsite'];
 $addContactIndividualWebsite = empty($_POST['addContactIndividualWebsite']) ? '' : $_POST['addContactIndividualWebsite'];
 $addContactCampus = empty($_POST['addContactCampus']) ? '' : $_POST['addContactCampus'];
 //check to make sure State data is in the array of valid states. if not, show an error.
 if (empty($errorArray['addContactState'])) {
     if (!in_array($addContactState, $listOfStates)) {
         $errorArray['addContactState'] = '<span class="form-error">You must select a State from the dropdown list!</span>';
     }
 }
 //clean optional fields, as they were not checked using check_if_empty (and therefore were not cleaned).
 $addContactAddressLine2 = clean_data($addContactAddressLine2);
 $addContactDepartmentWebsite = clean_data($addContactDepartmentWebsite);
 $addContactIndividualWebsite = clean_data($addContactIndividualWebsite);
 $addContactCampus = clean_data($addContactCampus);
 //if everything is valid, add instructor contact data to database and redirect to table page.
 if (empty($errorArray)) {
     //get database connection named $geologyDBConnection
     require '../secure-includes/db-connection.php';
     //escape data for mySQL database
     $addContactFName = mysqli_real_escape_string($geologyDBConnection, $addContactFName);
     $addContactLName = mysqli_real_escape_string($geologyDBConnection, $addContactLName);
     $addContactEmailAddress = mysqli_real_escape_string($geologyDBConnection, $addContactEmailAddress);
     $addContactPhoneNumber = mysqli_real_escape_string($geologyDBConnection, $addContactPhoneNumber);
     $addContactState = mysqli_real_escape_string($geologyDBConnection, $addContactState);
     $addContactCity = mysqli_real_escape_string($geologyDBConnection, $addContactCity);
     $addContactZIP = mysqli_real_escape_string($geologyDBConnection, $addContactZIP);
     $addContactAddressLine1 = mysqli_real_escape_string($geologyDBConnection, $addContactAddressLine1);
     $addContactInstitution = mysqli_real_escape_string($geologyDBConnection, $addContactInstitution);
     $addContactDepartment = mysqli_real_escape_string($geologyDBConnection, $addContactDepartment);
Ejemplo n.º 11
0
 //optional fields; therefore, they are allowed to be empty.
 $updateContactAddressLine2 = empty($_POST['updateContactAddressLine2']) ? '' : $_POST['updateContactAddressLine2'];
 $updateContactDepartmentWebsite = empty($_POST['updateContactDepartmentWebsite']) ? '' : $_POST['updateContactDepartmentWebsite'];
 $updateContactIndividualWebsite = empty($_POST['updateContactIndividualWebsite']) ? '' : $_POST['updateContactIndividualWebsite'];
 $updateContactCampus = empty($_POST['updateContactCampus']) ? '' : $_POST['updateContactCampus'];
 //check to make sure State data is in the array of valid states. if not, show an error.
 if (empty($errorArray['updateContactState'])) {
     if (!in_array($updateContactState, $listOfStates)) {
         $errorArray['updateContactState'] = '<span class="form-error">You must select a State from the dropdown list!</span>';
     }
 }
 //clean optional fields, as they were not checked using check_if_empty (and therefore were not cleaned).
 $updateContactAddressLine2 = clean_data($updateContactAddressLine2);
 $updateContactDepartmentWebsite = clean_data($updateContactDepartmentWebsite);
 $updateContactIndividualWebsite = clean_data($updateContactIndividualWebsite);
 $updateContactCampus = clean_data($updateContactCampus);
 //if everything is valid, add instructor contact data to database and redirect to table page.
 if (empty($errorArray)) {
     //get database connection named $geologyDBConnection
     require '../secure-includes/db-connection.php';
     //escape data for mySQL database
     $updateContactFName = mysqli_real_escape_string($geologyDBConnection, $updateContactFName);
     $updateContactLName = mysqli_real_escape_string($geologyDBConnection, $updateContactLName);
     $updateContactEmailAddress = mysqli_real_escape_string($geologyDBConnection, $updateContactEmailAddress);
     $updateContactPhoneNumber = mysqli_real_escape_string($geologyDBConnection, $updateContactPhoneNumber);
     $updateContactState = mysqli_real_escape_string($geologyDBConnection, $updateContactState);
     $updateContactCity = mysqli_real_escape_string($geologyDBConnection, $updateContactCity);
     $updateContactZIP = mysqli_real_escape_string($geologyDBConnection, $updateContactZIP);
     $updateContactAddressLine1 = mysqli_real_escape_string($geologyDBConnection, $updateContactAddressLine1);
     $updateContactInstitution = mysqli_real_escape_string($geologyDBConnection, $updateContactInstitution);
     $updateContactDepartment = mysqli_real_escape_string($geologyDBConnection, $updateContactDepartment);
Ejemplo n.º 12
0
<?php

session_start();
require_once './inc/functions.php';
require_once './inc/db_connect.php';
if (isset($_SESSION['username'])) {
    if ($_GET) {
        $id = clean_data($_GET['id']);
        $query = 'DELETE FROM gallery_posts WHERE id=:id';
        $preparedStatement = $bdd->prepare($query);
        $preparedStatement->bindParam(':id', $id);
        $preparedStatement->execute();
        header('Location:index.php');
        exit;
    } else {
        header('Location:index.php');
        exit;
    }
} else {
    header('Location:index.php');
    exit;
}
Ejemplo n.º 13
0
function copy_upsell($oldid, $newid)
{
    global $dbh;
    $query = "SELECT * FROM item_upselling WHERE item_id='{$oldid}'";
    if (!($res = $dbh->query($query))) {
        return false;
    }
    if (DEBUG >= 3) {
        print "Processing " . $res->num_rows . " item_upselling for {$oldid}...\n";
    }
    while ($row = $res->fetch_assoc()) {
        $row['item_id'] = $newid;
        $row['old_child'] = $row['child_item_id'];
        unset($row['id']);
        $row = clean_data($row);
        $query = "INSERT INTO item_upselling (" . implode(',', array_keys($row)) . ") VALUES ('" . implode("','", array_values($row)) . "')";
        if (!$dbh->query($query)) {
            return false;
        }
    }
    return true;
}
Ejemplo n.º 14
0
include_once '../connection.php';
if (isset($_POST)) {
    if (!empty($_POST['name']) && !empty($_POST['pass'])) {
        $name = $_POST['name'];
        $pass = $_POST['pass'];
        $keep = $_POST['keep'];
        function clean_data($data)
        {
            $data = trim($data);
            $data = stripslashes($data);
            $data = htmlspecialchars($data);
            return $data;
        }
        $name = clean_data($name);
        $pass = clean_data($pass);
        $pass = sha1($pass);
        $q = "SELECT * FROM users WHERE name = '{$name}' AND password = '******'";
        $result = $conn->query($q);
        if ($result->num_rows == 1) {
            $row = mysqli_fetch_object($result);
            if ($row->type == 'user') {
                echo 'succesfully logged in';
                session_start();
                $info = array('username' => $name, 'loggedin' => TRUE, 'loginDate' => time(), 'lastlogged' => time(), 'ip' => $_SERVER['REMOTE_ADDR'], 'via' => 'form', 'keepLoggedIn' => $keep, 'type' => 'user');
                $_SESSION['LOGIN'] = $info;
                echo '<pre>';
                print_r($_SESSION['LOGIN']);
                if ($keep == 1) {
                    $cookie = setcookie('logindata', '1' . base64_encode(serialize($info)), time() + 2592000, '/');
                    print_r($_COOKIE);
Ejemplo n.º 15
0
        } else {
            if (strlen($data['password']) > 30) {
                $errors['password'] = '******';
            }
        }
    }
    if ($data['password'] != $data['password_repeat']) {
        $errors['password'] = '******';
    }
    return $errors;
}
if (isset($_SESSION['auth']) && $_SESSION['auth'] == true) {
    header('Location:index.php');
} else {
    if (!empty($_POST['form_inscription'])) {
        $data = clean_data($_POST);
        $errors = check_data($data);
        require_once 'config.php';
        $req = $pdo->prepare('SELECT * FROM users WHERE pseudo = ?');
        $req->execute(array($data['pseudo']));
        $nb_rows = $req->rowCount();
        if ($nb_rows > 0) {
            $errors['pseudo_used'] = 'Erreur : Pseudo déjà utilisé.';
        }
        if (empty($errors)) {
            $password = sha1($data['password']);
            $pseudo = $data['pseudo'];
            $sexe = $data['sexe'];
            $color = $data['color'];
            $req = 'INSERT INTO users (login,password,sexe, color, role) VALUES (:login, :password, :sexe, :color, :role)';
            $insert = $pdo->prepare($req);
Ejemplo n.º 16
0
				<td class='fSmall'><input type="text" name="server_name" maxlength="255" size="35" value="<?php 
echo clean_data($_POST['server_name']);
?>
" /></td>
			</tr>
			<tr valign="bottom" class="head">
				<td class='fSmall'>Rcon Password</td>
				<td class='fSmall'><input type="text" name="server_rcon" maxlength="128" size="15" value="<?php 
echo clean_data($_POST['server_rcon']);
?>
" /></td>
			</tr>
			<tr valign="bottom" class="head">
				<td class='fSmall'>Public Address</td>
				<td class='fSmall'><input type="text" name="public_address" maxlength="128" size="15" value="<?php 
echo clean_data($_POST['public_address']);
?>
" /></td>
			</tr>
			<tr valign="bottom" class="head">
				<td class='fSmall'>Admin Mod</td>
				<td class='fSmall'>
					<select name="game_mod">
					<option value="PLEASESELECT">PLEASE SELECT</option>
					<?php 
$db->query("SELECT code, name FROM `hlstats_Mods_Supported`");
while ($row = $db->fetch_array()) {
    echo '<option value="' . $row['code'] . '">' . $row['name'] . '</option>';
}
?>
					</select>
Ejemplo n.º 17
0
function fix_session($incoming)
{
    $result = str_replace('-', '_', $incoming);
    return $result;
}
//-------------------------------------------------------------------------------------
debug("Run start");
// pre clean ...
$data = $_POST;
if (empty($_POST) == true) {
    debug('Processing POST data ..');
    $data = $HTTP_RAW_POST_DATA;
}
debug("Processing RAW Post data ...");
if (empty($data) == true) {
    debug('ERROR: Unable to extract data from POST message!');
    return;
}
// take out the payload and fix any malformed xml ...
array_push($pure, clean_data($data));
// Process the pure xml payload ...
foreach ($pure as $value) {
    $decoded = urldecode($value[1]);
    debug("Decoded: " . $decoded);
    $xml = new SimpleXMLElement($value[0]);
    $session_id = fix_session($xml['session_id']);
    fwrite($logFile, "[[ENVELOPE]][s:" . $session_id . "] -- " . $value[0] . "\n");
    fwrite($logFile, "[[CONTENT ]][s:" . $session_id . "] -- " . $decoded . "\n");
}
echo 'MESSAGE RECEIVED';
debug("Run end");
Ejemplo n.º 18
0
/**
 * edit exp entry 
 *
 * @param integer $id ID of record
 * @global array $kga kimai-global-array
 * @param integer $data  array with new record data
 * @author th
 */
function exp_edit_record($id, $data)
{
    global $kga, $conn;
    $data = clean_data($data);
    $original_array = exp_get_data($id);
    $new_array = array();
    foreach ($original_array as $key => $value) {
        if (isset($data[$key]) == true) {
            $new_array[$key] = $data[$key];
        } else {
            $new_array[$key] = $original_array[$key];
        }
    }
    $values['exp_pctID'] = MySQL::SQLValue($new_array['exp_pctID'], MySQL::SQLVALUE_NUMBER);
    $values['exp_designation'] = MySQL::SQLValue($new_array['exp_designation']);
    $values['exp_comment'] = MySQL::SQLValue($new_array['exp_comment']);
    $values['exp_comment_type'] = MySQL::SQLValue($new_array['exp_comment_type'], MySQL::SQLVALUE_NUMBER);
    $values['exp_timestamp'] = MySQL::SQLValue($new_array['exp_timestamp'], MySQL::SQLVALUE_NUMBER);
    $values['exp_multiplier'] = MySQL::SQLValue($new_array['exp_multiplier'], MySQL::SQLVALUE_NUMBER);
    $values['exp_value'] = MySQL::SQLValue($new_array['exp_value'], MySQL::SQLVALUE_NUMBER);
    $values['exp_refundable'] = MySQL::SQLValue($new_array['exp_refundable'], MySQL::SQLVALUE_NUMBER);
    $filter['exp_ID'] = MySQL::SQLValue($id, MySQL::SQLVALUE_NUMBER);
    $table = $kga['server_prefix'] . "exp";
    $query = MySQL::BuildSQLUpdate($table, $values, $filter);
    $success = true;
    if (!$conn->Query($query)) {
        $success = false;
    }
    if ($success) {
        if (!$conn->TransactionEnd()) {
            $conn->Kill();
        }
    } else {
        if (!$conn->TransactionRollback()) {
            $conn->Kill();
        }
    }
    return $success;
    $original_array = exp_get_data($id);
    $new_array = array();
    foreach ($original_array as $key => $value) {
        if (isset($data[$key]) == true) {
            $new_array[$key] = $data[$key];
        } else {
            $new_array[$key] = $original_array[$key];
        }
    }
}
Ejemplo n.º 19
0
					</li>
				<?php 
        }
        $query = 'SELECT COUNT(*) FROM gallery_posts ORDER BY id DESC';
        $preparedStatement = $bdd->prepare($query);
        $preparedStatement->bindParam(':offset', $offset);
        $preparedStatement->execute();
        $count = $preparedStatement->fetchAll(PDO::FETCH_ASSOC);
        if ($count[0]['COUNT(*)'] > 10) {
            ?>
					<a href="index.php?posts=2">Next page</a>
				<?php 
        }
    } else {
        $id = clean_data($_GET['posts']);
        $offset = intval(clean_data($_GET['posts'])) * 10 - 1;
        $query = 'SELECT * FROM gallery_posts ORDER BY id DESC LIMIT 10 OFFSET :offset';
        $preparedStatement = $bdd->prepare($query);
        $preparedStatement->bindParam(':offset', $offset);
        $preparedStatement->execute();
        $posts = $preparedStatement->fetchAll(PDO::FETCH_ASSOC);
        foreach ($posts as $keys => $p) {
            ?>
					<li>
						<figure class="img-controller">
							<img src="<?php 
            echo $p['source'];
            ?>
" alt="<?php 
            echo $p['title'];
            ?>
Ejemplo n.º 20
0
/**
 * Edits a configuration variables by replacing the data by the new array
 *
 * @param array $data    variables array
 * @global array $kga         kimai-global-array
 * @return boolean            true on success, false on failure
 * @author ob
 */
function var_edit($data)
{
    global $kga, $pdo_conn;
    $p = $kga['server_prefix'];
    $data = clean_data($data);
    $pdo_conn->beginTransaction();
    $statement = $pdo_conn->prepare("UPDATE {$p}var SET value = ? WHERE var = ?");
    foreach ($data as $key => $value) {
        $statement->bindValue(1, $value);
        $statement->bindValue(2, $key);
        if (!$statement->execute()) {
            return false;
        }
    }
    if ($pdo_conn->commit() == false) {
        return false;
    }
    return true;
}