function search($offset = '', $limit = '', $qa) { global $conn; $q = "SELECT product_id,\n product_name,\n product_description,\n unit_price,\n date_added,\n products.product_type_id,\n product_type_name,\n subcategory.subcategory_id,\n subcategory_name,\n category.category_id,\n category_name\n FROM products \n INNER JOIN product_type \n ON products.product_type_id=product_type.product_type_id \n INNER JOIN subcategory \n ON product_type.subcategory_id=subcategory.subcategory_id \n INNER JOIN category \n ON subcategory.category_id=category.category_id "; $q_ex = " WHERE ( \n product_name LIKE :query\n OR product_description LIKE :query\n OR product_type_name LIKE :query\n OR subcategory_name LIKE :query "; if (empty($offset) && empty($limit)) { $q_ord_lmt = " ORDER BY date_added DESC "; } else { $q_ord_lmt = " ORDER BY date_added DESC LIMIT " . $offset . "," . $limit; } if (!empty($qa['query']) && !empty($qa['cat_name']) && $qa['cat_name'] != 'all') { $sql = myQuery($q . $q_ex . " ) AND category_name=:category_name " . $q_ord_lmt, array(':query' => '%' . $qa['query'] . '%', ':category_name' => $qa['cat_name']), $conn); } elseif (!empty($qa['cat_name']) && empty($qa['query'])) { $sql = myQuery($q . " WHERE category_name=:category_name " . $q_ord_lmt, array(':category_name' => $qa['cat_name']), $conn); } elseif (!empty($qa['query'])) { $sql = myQuery($q . $q_ex . " OR category_name LIKE :query) " . $q_ord_lmt, array(':query' => '%' . $qa['query'] . '%'), $conn); } elseif (!empty($qa['cat_id'])) { $sql = myQuery($q . " WHERE category.category_id = :category_id " . $q_ord_lmt, array(':category_id' => $qa['cat_id']), $conn); } elseif (!empty($qa['scat_id'])) { $sql = myQuery($q . " WHERE subcategory.subcategory_id = :subcategory_id " . $q_ord_lmt, array(':subcategory_id' => $qa['scat_id']), $conn); } elseif (!empty($qa['pt_id'])) { $sql = myQuery($q . " WHERE products.product_type_id = :product_type_id " . $q_ord_lmt, array(':product_type_id' => $qa['pt_id']), $conn); } else { $sql = myQuery($q . $q_ord_lmt, array(), $conn); } return $sql; }
function option_resources($preset = '') { $qry = "SELECT * FROM sites WHERE ep_occi != '' ORDER BY cmf"; $ret = myQuery($qry); $opts = "<option>::select a site::</option>"; while ($row = myFetchRow($ret)) { //dd($row); $v = $row['id']; $t = site_title($row); if ($preset == $v) { $sel = " selected"; } else { $sel = ''; } $opts .= "<option value='{$v}'{$sel}>{$t}</option>"; } return $opts; }
function List_Resource_Template($siteid) { $ctype = 'RES'; $w = array(); $w[] = "siteid='{$siteid}'"; $w[] = "ctype='{$ctype}'"; $vtime = $this->vtime; if ($vtime > 0) { $w[] = "idate > date_sub(now(), interval {$vtime} SECOND)"; } $sql_where = " WHERE " . join(" AND ", $w); $qry = "SELECT * FROM {$this->tbl} {$sql_where}"; $this->_debug($qry); $ret = myQuery($qry); $lists = array(); while ($row = myFetchRow($ret)) { //dd($row); $uri = $row['uri']; $lists[] = $uri; } return $lists; }
if (!empty($current_password) && !empty($new_password) && !empty($confirm_new_password)) { if ($current_password === $_SESSION['customer_password'] && $new_password === $confirm_new_password) { $sql = myQuery("UPDATE customer SET customer_password=:customer_password WHERE customer_id=:customer_id", array(":customer_password" => $new_password, ':customer_id' => $_SESSION['customer_id']), $conn); //if($sql->rowCount()>0){$status['password_update_success']="You have successfully updated your password!";} $disable_profile = ""; $disable_email = $disable_password = "******"; header('location: customer_signout.php'); } else { $status['match_err'] = "Password didn't match! Try again."; } } else { $status['password_empty_err'] = "Fill up all the fields."; } } } $sql = myQuery("SELECT * FROM customer WHERE customer_id=:customer_id", array(':customer_id' => $_SESSION['customer_id']), $conn); if ($sql) { $res = $sql->fetchAll(PDO::FETCH_ASSOC); foreach ($res as $row) { $value['customer_name'] = $row['customer_name']; $value['phone'] = $row['phone']; $value['address'] = $row['address']; $value['postal_code'] = $row['postal_code']; $value['city'] = $row['city']; $value['country'] = $row['country']; } } include "directory_from_customer.php"; include "../views/header.view.php"; include "../views/customer/profile.view.php"; include "../views/footer.view.php";
function listIdData($id, $data) { //初始化返回值信息,返回一个ID或多个ID $str = ''; //判断传入的是父类,还是子类 $sql = "select count(*) as total from " . PREFIX . "type where pid={$id}"; $result = myQuery($sql); if ($result[0]['total'] == 0) { //当传入值为子类目的情况 $str = $id; } else { //当传入ID为父类的情况 $arr['parent'] = $id; $arr['child'] = typeDate($data, $id); //使用上面定义的递归函数 foreach ($arr['child'] as $v) { $str .= $v['id'] . ','; } $str = rtrim($str, ','); } return $str; }
// See if that product name is an identical match to another product in the system myQuery("UPDATE products \n SET product_name=:product_name, unit_price=:unit_price, product_description=:product_description,product_type_id=:product_type_id\n WHERE product_id=:product_id", array(':product_name' => $product_name, ':unit_price' => $unit_price, ':product_description' => $product_description, ':product_type_id' => $product_type_id['product_type_id'], ':product_id' => $pid), $conn); if ($_FILES['fileField']['tmp_name'] != "") { // Place image in the folder $newname = $pid . ".jpg"; move_uploaded_file($_FILES['fileField']['tmp_name'], "../assets/img/" . $newname); } header("location: update_product.php?product_id={$pid}"); exit; } // Gather this product's full information for inserting automatically into the edit form below on page $pid_for_img = ""; $pname_for_img = ""; if (isset($_GET['product_id'])) { $targetID = $_GET['product_id']; $sql = myQuery("SELECT * FROM products WHERE product_id=:product_id LIMIT 1", array(':product_id' => $targetID), $conn); if ($sql->rowCount() > 0) { $res = $sql->fetchAll(PDO::FETCH_ASSOC); foreach ($res as $row) { $pid_for_img = $_GET['product_id']; $pname_for_img = $row['product_name']; $product_name = $row['product_name']; $unit_price = $row['unit_price']; $category = find_category_name($row['product_type_id']); $subcategory = find_subcategory_name($row['product_type_id']); $product_type = find_product_type_name($row['product_type_id']); $product_description = $row['product_description']; $date_added = strftime("%b %d, %Y", strtotime($row['date_added'])); } } else { $data = "Sorry! No such product exists.";
<li><a href="#" onclick="ec.member.orderList.seltime(this,1);"><span>三个月前订单<em id="count-seltime-1" style="display: none; ">0</em></span></a></li> </ul> <div class="ec-tab-arrow" style="left: 0px; width: 136px; "></div> </div> </div> </div> <!-- 20141212-栏目-end --> <!-- 20141222-我的订单-订单类别-start --> <div style="margin-top:10px;"> </div> <!-- 20141222-我的订单-订单类别-end --> <!-- 20141222-我的订单-列表-start --> <div class="myOrder-record" id="myOrders-list-content"> <?php $sqldz = "select * from " . PREFIX . "address where uid={$_SESSION['user']['id']}"; $resdz = myQuery($sqldz); //收货人 $linkman = $resdz['0']['linkman']; $address = $resdz['0']['address']; $code = $resdz['0']['code']; $phone = $resdz['0']['phone']; if ($resdz) { foreach ($resdz as $value) { ?> <div class="list-group-item"> <div class="o-pro"> <table cellspacing="0" cellpadding="0" border="0"> <tbody> <tr> <td class="col-pro-img"><?php echo $value['linkman'];
$unit_price = $_POST['unit_price']; $category = $_POST['category']; $subcategory = $_POST['subcategory']; $product_type = $_POST['product_type']; $product_description = $_POST['product_description']; if (empty($product_name) || empty($unit_price) || empty($category) || empty($subcategory) || empty($product_type) || empty($product_description)) { $data['empty_status'] = "Please Fill up all the fields."; } else { $sql = myQuery("SELECT product_id FROM products WHERE product_name=:product_name LIMIT 1", array(':product_name' => $product_name), $conn); if ($sql->rowCount() > 0) { $data['duplicate_status'] = 'Sorry! You tried to place a duplicate "Product Name" into the system. Try a new name'; } else { $sql = myQuery("SELECT product_type_id FROM product_type WHERE product_type_name=:product_type_name LIMIT 1", array(':product_type_name' => $product_type), $conn); $res = $sql->fetch(); $product_type_id = $res['product_type_id']; myQuery("INSERT INTO products (product_name,product_description,unit_price,product_type_id, date_added) \n VALUES(:product_name,:product_description,:unit_price,:product_type_id,now())", array(':product_name' => $product_name, ':product_description' => $product_description, ':unit_price' => $unit_price, ':product_type_id' => $product_type_id), $conn) or die(error()); $product_id = $conn->lastInsertId(); $newname = $product_id . ".jpg"; move_uploaded_file($_FILES['fileField']['tmp_name'], "../assets/img/" . $newname); $data['created_status'] = "Product Created Successfully!"; header("location: update_product.php?product_id={$product_id}"); } } } elseif (isset($_POST['btn_submit']) && $_POST['btn_submit'] == "slct_cat") { if (isset($_POST['product_name'])) { $product_name = $_POST['product_name']; } if (isset($_POST['unit_price'])) { $unit_price = $_POST['unit_price']; } if (isset($_POST['product_description'])) {
} elseif (isset($_POST['btn_submit']) && $_POST['btn_submit'] == "slct_cat") { $value_pt = $_POST['product_type']; if (empty($_POST['category_pt']) || $_POST['category_pt'] == "--- select category") { $data['pt']['four'] = "Please select a category."; } else { $catpt_value = $_POST['category_pt']; } } elseif (isset($_POST['btn_submit']) && $_POST['btn_submit'] == "crt_pt") { $value_pt = $_POST['product_type']; if (empty($_POST['subcategory_pt']) || empty($_POST['category_pt']) || $_POST['subcategory_pt'] == "--- select subcategory" || $_POST['category_pt'] == "--- select category") { $data['pt']['one'] = "Please select a category and a subcategory."; } else { $scsql = myQuery("SELECT subcategory_id \n FROM subcategory \n WHERE category_id=(SELECT category_id FROM category WHERE category_name=:category_name LIMIT 1)\n AND subcategory_name=:subcategory_name LIMIT 1", array(':category_name' => $_POST['category_pt'], ':subcategory_name' => $_POST['subcategory_pt']), $conn); $scategory_id = $scsql->fetch(); $sql = myQuery("SELECT product_type_id FROM product_type WHERE product_type_name=:product_type_name AND subcategory_id=:subcategory_id LIMIT 1", array(':product_type_name' => $_POST['product_type'], ':subcategory_id' => $scategory_id['subcategory_id']), $conn); if ($sql->rowCount() == 1) { $data['pt']['two'] = 'Sorry! You tried to place a duplicate "Product Type Name" into the system. Try a new name'; } else { myQuery('INSERT INTO product_type(subcategory_id,product_type_name) VALUES(:subcategory_id,:product_type_name)', array(':subcategory_id' => $scategory_id['subcategory_id'], ':product_type_name' => $_POST['product_type']), $conn); } } if (empty($value_pt)) { $data['pt']['three'] = "Please put a subcategory name."; } } include "directory_from_admin.php"; include "../views/header.view.php"; include "../views/admin/admin_header.view.php"; include "../views/admin/create_category.view.php"; include "../views/admin/admin_footer.view.php";
} elseif($approvedstatus=="reverse") { $condns="verified=1 and formNumber='$searchQuery' or vlSampleID='$searchQuery' or concat(lrCategory,lrEnvelopeNumber,'/',lrNumericID) like '$searchQuery%'"; } } elseif($searchQueryFrom && $searchQueryTo) { $condns="concat(lrCategory,lrEnvelopeNumber)>='$searchQueryFrom' and concat(lrCategory,lrEnvelopeNumber)<='$searchQueryTo'"; } else { if(!$approvedstatus || $approvedstatus=="pending") { $condns="verified=0"; } elseif($approvedstatus=="processed" || $approvedstatus=="reverse") { $condns="verified=1"; } } //number pages $numberPages=0; $query=myQuery($condns,$offset,$rowsToDisplay); $the_count=mysqlquery("SELECT count(id) AS num FROM vl_samples WHERE $condns LIMIT 1"); $num_res=mysqlfetcharray($the_count); $num_rows=$num_res['num']; $numberPages=ceil($num_rows/$rowsToDisplay); if(mysqlnumrows($query)) { //how many pages are there? if($numberPages>1) { echo "<tr><td style=\"padding:0px 0px 10px 0px\" class=\"vls_grey\"><strong>Pages:</strong> ".displayPagesLinks("/verify/".($approvedstatus=="search"?"search/$encryptedSample":$approvedstatus)."/pg/",1,$numberPages,($pg?$pg:1),$default_radius)."</td></tr>"; } $numberOfRelevantSamples=0; $numberOfRelevantSamples=getDetailedTableInfo3("vl_samples","verified=0","count(id)","num");
</div> <div class="fl u-1-4"> <!--购买该商品的用户还购买了 start--> <!--购买该商品的用户还购买了 end--> <div class="hot-area"> <div class="h"> <h3><span>热销榜单</span></h3> </div> <div class="b"> <!--商品列表 --> <div class="pro-list"> <ul> <!--根据浏览量遍历商品--> <?php $sqlk = "select * from " . PREFIX . "goods order by clicknum desc limit 0,5"; $resk = myQuery($sqlk); $jsq = 1; //计时器 foreach ($resk as $v) { ?> <li> <div> <p class="p-img"><a href="article.php?id=<?php echo $v['id']; ?> " ><img width="56" src="<?php echo $path . '64_' . $v['picname']; ?> " alt=""/></a><s class="s<?php echo $jsq; ?>
</div> </div> </div> <!-- 20141212-栏目-end --> <!-- 20141222-我的订单-列表-start --> <div class="myOrder-record" id="myOrders-list-content"> <div class="list-group" id="list-group"> <?php $ping = array('1' => '差评', '3' => '中评', '5' => '好评'); //遍历评论 $sqlpl = "select c.*,d.userorder,d.picname from " . PREFIX . "comment as c," . PREFIX . "detail as d where c.uid='{$_SESSION['user']['id']}' and c.goodsid=d.goodsid and c.orderid=d.orderid order by c.id"; //echo $sqlpl;die; $respl = myQuery($sqlpl); if ($respl) { foreach ($respl as $val) { ?> <div class="list-group-item"> <div class="o-info"> <div class="col-info"> <span class="o-date"><?php echo date('Y-m-d H:i:s', $val['addtime']); ?> </span> <span class="o-no">订单号:<a title="1260264708" href="#"><?php echo $val['userorder']; ?> </a></span> </div>
<em class="channel-subtitle">华为精品手机</em> <ul class="channel-nav"> <li><a href="#" target="_blank">荣耀</a></li> <li><a href="#" target="_blank">畅玩</a></li> <li><a href="#" target="_blank">华为 Mate/P系列</a></li> <li><a href="#" target="_blank">G/Y系列</a></li> <li><a href="#" target="_blank">运营商合约</a></li> </ul> </div> <div class="b"> <ul class="channel-pro-list"> <?php //php遍历数据,手机栏目 $sqlw = "select * from " . PREFIX . "goods where typeid in(3,4,5) limit 0,8"; $resultw = myQuery($sqlw); //var_dump($result);die(); //图片路径 $path = "../public/uploads/"; foreach ($resultw as $k => $val) { $h = $k + 4; ?> <li id="channel-pro-1-<?php echo $h; ?> " class="channel-pro-item"> <div class="channel-pro-panels"> <div class="pro-info"> <div class="p-img"><a href="article.php?id=<?php echo $val['id'];
include "../db/connect.php"; include "../db/db_helper.php"; $status = NULL; $value = NULL; // Parse the log in form if the user has filled it out and pressed "Log In" if ($_SERVER['REQUEST_METHOD'] === 'POST') { $admin_name = $_POST["admin_name"]; $admin_password = $_POST["password"]; if (empty($admin_name) or empty($admin_password)) { $status = "Please give valid admin name and password."; } else { $value = $admin_name; $admin_name = preg_replace('#[^A-Za-z0-9]#i', '', $admin_name); // filter everything but numbers and letters // Connect to the MySQL database $sql = myQuery("SELECT admin_id FROM admin WHERE admin_name=:admin_name AND admin_password=:admin_password LIMIT 1", array(":admin_name" => $admin_name, ":admin_password" => $admin_password), $conn); // query the person // ------- MAKE SURE PERSON EXISTS IN DATABASE --------- if ($sql->rowCount() == 0) { $status = "Wrong admin name or password."; } elseif ($sql->rowCount() == 1) { // evaluate the count\ $res = $sql->fetchAll(PDO::FETCH_ASSOC); foreach ($res as $row) { $admin_id = $row["admin_id"]; } $_SESSION["admin_id"] = $admin_id; $_SESSION["admin_name"] = $admin_name; $_SESSION["admin_password"] = $admin_password; header("location: index.php"); exit;
<div class="box-form-tips"><span class=""></span></div> </form> </div> </div> <td class="box-cr"></td> </tr> </tbody> </table> </div> </div> </div> <?php if (isset($_GET['editaddress'])) { $sqlt = "select * from " . PREFIX . "address where id=6"; $rest = myQuery($sqlt); //var_dump($rest);die; ?> <!--下面是修改菜单,根据URL是否有edit标识进行判断--> <div id="edit_address"> <div style="z-index: 500; width: 700px; visibility: visible; position: fixed; top: 50%; left: 50%; margin-left:-350px;margin-top:-212px;" id="myAddress-new-box" class="ol_box_4"> <div class="box-ct"> <div class="box-header"> <div class="box-tl"></div> <div class="box-tc"> <div class="box-tc1"></div> <div class="box-tc2"><a href="javascript:;" onclick="$('#edit_address').hide();" title="关闭" class="box-close"></a><span class="box-title">修改地址</span></div> </div> <div class="box-tr"></div> </div>
<td onclick="nologin();"><a target="_blank" class="p-button-cart"><span>加入购物车</span></a></td> <?php } else { ?> <td id="sub_goods"><a target="_blank" class="p-button-cart"><span>加入购物车</span></a></td> <?php } ?> <!--遍历输出商品评价数目--> <?php //初始化评论数 $plNum = 0; //获取商品id $goodsid = $value['id']; $sqlpl = "select count(*) as total from " . PREFIX . "comment where goodsid={$goodsid}"; $resultpl = myQuery($sqlpl); $plNum = $resultpl[0]['total']; echo '<td><label class="p-button-score"><span>' . ($plNum + 3) . '人评价</span></label></td>'; ?> </tr> </tbody> </table> </div> <s class="p-tag"><img src="images/1382542518162.png"/></s> </div> </li> <?php } } ?>
function _update_vm_status($id, $stat) { $qry = "UPDATE vminfo SET state='{$stat}' WHERE id='{$id}'"; $ret = myQuery($qry); }
$email = $_POST['email']; $customer_password = $_POST['password']; $value = $email; $confirm_customer_password = $_POST['confirm_password']; if (empty($email) or empty($customer_password) or empty($confirm_customer_password)) { $status['empty_err'] = "Please fill up all the fields."; } elseif (!filter_var($email, FILTER_VALIDATE_EMAIL)) { $status['email_err'] = "Invalid email format."; } elseif ($confirm_customer_password !== $customer_password) { $status['customer_password_err'] = "Password didn't match!"; } else { $sql = myQuery("SELECT customer_id FROM customer WHERE email=:email", array(':email' => $email), $conn); if ($sql->rowCount() == 1) { $status['duplicate_err'] = "Sorry! There's an account with this email ! "; } else { $sql = myQuery("INSERT INTO customer(email,customer_password) VALUES(:email,:customer_password)", array(':email' => $email, ':customer_password' => $customer_password), $conn); if ($sql->rowCount() == 1) { $status['success'] = "Congratulations! You have successfully signed up!"; $value = ""; $_SESSION['customer_email'] = $email; $_SESSION['customer_id'] = $conn->lastInsertId(); $_SESSION['customer_password'] = $customer_password; header("location: profile.php"); } } } } include "directory_from_customer.php"; include "../views/header.view.php"; include "../views/customer/customer_signup.view.php"; include "../views/footer.view.php";
</div> <div class="uc"> <!-- 头部 --> <div class="uc_head"> <div class="uc_head_middle"> <div class="uc_head_middle_left">我的华为帐号</div> <div class="uc_head_middle_right"><a class="logout_c" href="#"><?php echo $_SESSION['user']['username']; ?> </a> | <a class="logout_c" href="useraction.php?a=logout">退出</a></div> </div> </div> <?php $path = '../public/user/'; $sql = "select * from " . PREFIX . "users where id={$_SESSION['user']['id']}"; $result = myQuery($sql); //echo $sql;die; ?> <div class="uc_body"> <div class="uc_body_form"> <dl> <dd class="dd_left" style="text-align: center; position: relative;"> <img alt="头像" id="headPic" src="<?php echo $path . $result['0']['mypic']; ?> "> <div id="uploadHead">上传头像</div> </dd> <dd> <form action="useraction.php?a=update" method="post" enctype="multipart/form-data"> <table style="width:700px;"> <tbody>
?> </a></span> </div> <div class="col-state"> 状态 </div> </div> <div class="o-pro"> <table border="0" cellpadding="0" cellspacing="0"> <tbody> <!-- 组合套餐列表 --> <!-- 普通商品列表 --> <?php $sqla = "select * from " . PREFIX . "detail where orderid={$value['id']} order by id desc"; //echo $sqla;die; $resulta = myQuery($sqla); $tiao = count($resulta); $i = 0; //定时器 foreach ($resulta as $v) { $i++; ?> <tr> <td class="col-pro-img"><p class="p-img"> <a title="" href="article.php?id=<?php echo $v['goodsid']; ?> " target="_blank"> <img width="100" src="<?php echo $path . '218_' . $v['picname']; ?> "> </a> </p></td> <td class="col-pro-info"><p class="p-name"> <a title="" target="_blank" href="article.php?id=<?php
} else { $page = 1; } } if (!empty($_POST['next']) && $_POST['next'] === 'next') { if ($page < $pg_qty) { $page++; } else { $page = $pg_qty; } } header('location: index.php?page=' . $page); } //Delete Product if (isset($_GET['deleteproduct_id'])) { $data['confirmation'] = '<div class="confirmation" align="center"> Do you really want to delete product with ID of ' . $_GET['deleteproduct_id'] . '? <a class="btn btn-warning" href="index.php?yesdelete=' . $_GET['deleteproduct_id'] . '">Yes</a> | <a class="btn btn-info" href="index.php">No</a> </div>'; } if (isset($_GET['yesdelete'])) { $product_id_to_delete = $_GET['yesdelete']; myQuery("DELETE FROM products WHERE product_id=:product_id LIMIT 1", array(':product_id' => $product_id_to_delete), $conn) or die(error()); $pictodelete = "../assets/img/{$product_id_to_delete}.jpg"; if (file_exists($pictodelete)) { unlink($pictodelete); } header("location: index.php"); } include "directory_from_admin.php"; include "../views/header.view.php"; include "../views/admin/admin_header.view.php"; include "../views/admin/index.view.php"; include "../views/admin/admin_footer.view.php";
mysql_select_db(DBNAME, $conn); mysql_set_charset('utf8'); $wd = $_GET['wd']; //下一页进来的时候,必须要带上wd,不然下一页就出不来信息了 //echo $wd;die; if (empty($wd)) { //echo "请输入查询内容"; echo "<script>alert('请输入查询的内容!');window.location.href='./index.php';</script>"; die; } //设置where like语句 $where = "where linkman like '%{$wd}%' or userorder like '%{$wd}%'"; //分页 //总条数 $sqlmax = "select count(*) as total from " . PREFIX . "orders {$where}"; $resmax = myQuery($sqlmax); $count = $resmax[0]['total']; //echo $count;die; //每页显示5条 $row = 5; //总页数 $countPage = ceil($count / $row); //当前页数 $page = empty($_GET['page']) ? '1' : $_GET['page']; //偏移量 $py = ($page - 1) * 5; $where2 = "where o.uid=u.id and (o.linkman like '%{$wd}%' or o.userorder like '%{$wd}%')"; $limit = "limit {$py},{$row}"; $sql = "select o.*,u.username from " . PREFIX . "orders as o," . PREFIX . "users as u {$where2} order by o.id desc {$limit}"; //echo $sql;die; $result = mysql_query($sql);
var form = document.form; form.mode.value = 'dodelete'; //form.target = 'hiddenframe' form.submit(); } </script> EOS; pagetail(); exit; } ### }}} pagehead($pgtitle); ParagraphTitle($pgtitle); ParagraphTitle("OS Template", 1); $qry = "SELECT O.*\n, R.affiliation, R.cmf, R.cc\n FROM ostpl O\n LEFT JOIN resources R ON O.resid=R.id"; $ret = myQuery($qry); print <<<EOS <table border='1' class='mmdata'> <th>#</th> <th>Affiliation</th> <th>CC</th> <th>CMF</th> <th>OSID</th> <th>Date</th> </tr> EOS; $cnt = 0; while ($row = myFetchRow($ret)) { $cnt++; //dd($row);
include "../db/db_helper.php"; $status = NULL; $value = NULL; // Parse the log in form if the user has filled it out and pressed "Log In" if ($_SERVER['REQUEST_METHOD'] === 'POST') { $email = $_POST["email"]; $customer_password = $_POST["password"]; if (empty($email) or empty($customer_password)) { $status = "Please give valid email and password."; } else { $value = $email; if (!filter_var($email, FILTER_VALIDATE_EMAIL)) { $status = "Invalid Email."; } else { // Connect to the MySQL database $sql = myQuery("SELECT customer_id FROM customer WHERE email=:email AND customer_password=:customer_password LIMIT 1", array(':email' => $email, ':customer_password' => $customer_password), $conn); // query the person // ------- MAKE SURE PERSON EXISTS IN DATABASE --------- if ($sql->rowCount() == 0) { $status = "Wrong email or password."; } elseif ($sql->rowCount() == 1) { // evaluate the count\ $res = $sql->fetch(); $_SESSION["customer_id"] = $res["customer_id"]; $_SESSION["customer_email"] = $email; $_SESSION["customer_password"] = $customer_password; header("location: index.php"); exit; } } }