<?php
session_start();
include 'connection.php';
include 'mysqlprep.php';
$image = mysql_prepare($_POST['image']);
$content = mysql_prepare($_POST['content']);
$result_set = mysql_query("UPDATE `sayipl1`.`schedule` SET `aside`='{$image}', `content`='{$content}' WHERE `schedule`.`id`=1");
if (!$result_set) {
die(" Database query failed : " . mysql_error());
} else {
header("location: editschedule.php?remarks=success");
}
mysql_close($con);
<?php
session_start();
include 'connection.php';
include 'mysqlprep.php';
switch (mysql_prepare($_POST["teams"])) {
case "MI":
header("location: editindex.php");
break;
case "RCB":
header("location: editindex1.php");
break;
case "RR":
header("location: editindex2.php");
break;
case "CSK":
header("location: editindex3.php");
break;
case "KKR":
header("location: editindex4.php");
break;
case "HYD":
header("location: editindex5.php");
break;
case "KXIP":
header("location: editindex6.php");
break;
case "DD":
header("location: editindex7.php");
break;
case "PWI":
<?php
session_start();
include 'connection.php';
include 'mysqlprep.php';
$fname = mysql_prepare($_POST['fname']);
$lname = mysql_prepare($_POST['lname']);
$address = mysql_prepare($_POST['addres']);
$email = mysql_prepare($_POST['email']);
$password = mysql_prepare($_POST['PASS']);
$contact = mysql_prepare($_POST['number']);
$teams = mysql_prepare($_POST['favteam']);
$hashed_password = sha1($password);
$result_set = mysql_query("INSERT INTO `register`(`firstname`, `lastname`, `address`, `email`, `hashed_password`, `phone`, `team`) VALUES('{$fname}', '{$lname}', '{$address}', '{$email}', '{$hashed_password}', '{$contact}', '{$teams}')");
if (!$result_set) {
die(" Database query failed : " . mysql_error());
} else {
$position = $_GET['position'];
if ($position == 'admin') {
header("location: http://localhost:/SAYipl/staff.php?comment=adminsuccess");
} else {
header("location: http://localhost:/SAYipl/login/mysignin.php");
}
}
mysql_close($con);
if ($raw_click) {
@mysql_query(mysql_prepare('UPDATE `tlx_account_hourly_stats` SET #=#+1,`raw_in_total`=`raw_in_total`+1 WHERE `username`=?', array("raw_in_{$this_hour}", "raw_in_{$this_hour}", $account['username']))) or die(mysql_error());
@mysql_query(mysql_prepare('UPDATE `tlx_account_country_stats` SET `raw_in`=`raw_in`+1 WHERE `username`=? AND `country`=?', array($account['username'], $geoip['country']))) or die(mysql_error());
if (@mysql_affected_rows() == 0) {
@mysql_query(mysql_prepare('INSERT INTO `tlx_account_country_stats` VALUES (?,?,?,?,?,?,?)', array($account['username'], $geoip['country'], 1, 1, 0, 0, 0))) or die(mysql_error());
}
@mysql_query(mysql_prepare('UPDATE `tlx_country_stats` SET `raw_in`=`raw_in`+1 WHERE `country`=?', array($geoip['country']))) or die(mysql_error());
} else {
@mysql_query(mysql_prepare('UPDATE `tlx_account_hourly_stats` SET #=#+1,#=#+1,`raw_in_total`=`raw_in_total`+1,`unique_in_total`=`unique_in_total`+1 WHERE `username`=?', array("raw_in_{$this_hour}", "raw_in_{$this_hour}", "unique_in_{$this_hour}", "unique_in_{$this_hour}", $account['username']))) or die(mysql_error());
@mysql_query(mysql_prepare('UPDATE `tlx_account_country_stats` SET `raw_in`=`raw_in`+1,`unique_in`=`unique_in`+1 WHERE `username`=? AND `country`=?', array($account['username'], $geoip['country']))) or die(mysql_error());
if (@mysql_affected_rows() == 0) {
@mysql_query(mysql_prepare('INSERT INTO `tlx_account_country_stats` VALUES (?,?,?,?,?,?,?)', array($account['username'], $geoip['country'], 1, 1, 0, 0, 0))) or die(mysql_error());
}
@mysql_query(mysql_prepare('UPDATE `tlx_country_stats` SET `raw_in`=`raw_in`+1,`unique_in`=`unique_in`+1 WHERE `country`=?', array($geoip['country']))) or die(mysql_error());
}
@mysql_query(mysql_prepare('UPDATE `tlx_accounts` SET `inactive`=0 WHERE `username`=?', array($account['username']))) or die(mysql_error());
// TODO: Check maximum clicks from an IP address (maybe only hourly?)
// TODO: Reject clicks from specified countries
mysql_close();
if ($C['tracking_mode'] == 'embedded') {
if (!isset($_COOKIE['tlxreferrer'])) {
echo '<script language="JavaScript" type="text/javascript">' . "document.cookie = 'tlxreferrer=" . $account['username'] . "; path=/; expires=" . gmdate('l, d-M-y H:i:s T', time() + 86400) . "; domain={$C['cookie_domain']};'" . '</script>';
}
return;
} else {
// TODO: Forward surfer by category
// TODO: Forward surfer by country
setcookie('tlxreferrer', $account['username'], time() + 86400, '/', $C['cookie_domain']);
header("Location: {$C['forward_url']}", true, $C['redirect_code']);
}
} else {
<?php
session_start();
include 'connection.php';
include 'mysqlprep.php';
$fname = mysql_prepare($_POST['firstname']);
$lname = mysql_prepare($_POST['lastname']);
$email = mysql_prepare($_POST['email']);
$result_set = mysql_query("SELECT * \r\nFROM `register` \r\nWHERE `firstname` = '{$fname}'\r\nAND `lastname` = '{$lname}'\r\nAND `email` = '{$email}'\r\nLIMIT 0 , 30");
if (!$result_set) {
die(" Database query failed : " . mysql_error());
} elseif (mysql_num_rows($result_set) == 1) {
//$found_user= mysql_fetch_array($result_set);
while ($row = mysql_fetch_array($result_set)) {
$id = $row["id"];
mysql_query("DELETE FROM `sayipl1`.`register` WHERE `register`.`id` = '{$id}'");
}
header("location: staff.php?remarks=delete");
} else {
header("location: staff.php?remarks=notdelete");
}
mysql_close($con);
if (@mysql_affected_rows() == 0) {
@mysql_query(mysql_prepare('INSERT INTO `tlx_account_country_stats` VALUES (?,?,?,?,?,?,?)', array($account['username'], $geoip['country'], 0, 0, 1, 1, 0))) or die(mysql_error());
}
@mysql_query(mysql_prepare('UPDATE `tlx_country_stats` SET `raw_out`=`raw_out`+1,`unique_out`=`unique_out`+1 WHERE `country`=?', array($geoip['country']))) or die(mysql_error());
}
// Update cookie to mark that surfer has been sent to this site
$sites_sent_to[$account['username']] = 1;
setcookie('tlxsent', serialize($sites_sent_to), time() + 86400, '/', $C['cookie_domain']);
}
// Update stats for the referrer account
if ($referrer_account && $referrer_account != $account['username']) {
// Update the IP click log
@mysql_query(mysql_prepare('UPDATE `tlx_ip_log_clicks` SET `clicks`=`clicks`+1,`last_visit`=NOW() WHERE `username`=? AND `ip_address`=? AND `url_hash`=?', array($referrer_account, $long_ip, sha1($send_to)))) or die(mysql_error());
if (@mysql_affected_rows() == 0) {
@mysql_query(mysql_prepare('INSERT INTO `tlx_ip_log_clicks` VALUES (?,?,?,?,NOW())', array($referrer_account, $long_ip, sha1($send_to), 1))) or die(mysql_error());
@mysql_query(mysql_prepare('UPDATE `tlx_account_hourly_stats` SET #=#+1,`clicks_total`=`clicks_total`+1 WHERE `username`=?', array("clicks_{$this_hour}", "clicks_{$this_hour}", $referrer_account))) or die(mysql_error());
}
}
@mysql_close();
}
if (!isset($C['redirect_code'])) {
$C['redirect_code'] = 301;
}
header("Location: {$send_to}", true, $C['redirect_code']);
function mysql_prepare($query, $binds)
{
$query_result = '';
$index = 0;
$pieces = preg_split('/(\\?|#)/', $query, -1, PREG_SPLIT_DELIM_CAPTURE);
foreach ($pieces as $piece) {
if ($piece == '?') {
<?php
session_start();
// code for sign in
include 'connection.php';
include 'mysqlprep.php';
$email = mysql_prepare($_POST['username']);
$password = mysql_prepare($_POST['password']);
$hashed_password = sha1($password);
$result_set = mysql_query("SELECT id, firstname, lastname, team FROM register WHERE email = '{$email}' AND hashed_password = '******'");
if (!$result_set) {
die(" Database query failed : " . mysql_error());
} elseif (mysql_num_rows($result_set) == 1) {
//$found_user= mysql_fetch_array($result_set);
while ($row = mysql_fetch_array($result_set)) {
if ($row["team"] == "MI") {
header("location: http://localhost:/SAYipl/index.php");
} elseif ($row["team"] == "RCB") {
header("location: http://localhost:/SAYipl/index1.php");
} elseif ($row["team"] == "staff") {
header("location: http://localhost:/SAYipl/staff.php");
}
$_SESSION['user_id'] = $row['id'];
$_SESSION['firstname'] = $row['firstname'];
}
} else {
header("location: http://localhost:/SAYipl/login/mysignin.php");
}
mysql_close($con);
<?php
session_start();
include 'connection.php';
include 'mysqlprep.php';
$link1 = mysql_prepare($_POST['link1']);
$link2 = mysql_prepare($_POST['link2']);
$link3 = mysql_prepare($_POST['link3']);
$link4 = mysql_prepare($_POST['link4']);
$link5 = mysql_prepare($_POST['link5']);
$link6 = mysql_prepare($_POST['link6']);
$link7 = mysql_prepare($_POST['link7']);
$link8 = mysql_prepare($_POST['link8']);
$link9 = mysql_prepare($_POST['link9']);
$link10 = mysql_prepare($_POST['link10']);
$link11 = mysql_prepare($_POST['link11']);
$link12 = mysql_prepare($_POST['link12']);
$result_set = mysql_query("UPDATE `sayipl1`.`gallery` SET `link1`='{$link1}', `link2`='{$link2}', `link3`='{$link3}', `link4`='{$link4}', `link5`='{$link5}', `link6`='{$link6}', `link7`='{$link7}', `link8`='{$link8}', `link9`='{$link9}', `link10`='{$link10}', `link11`='{$link11}', `link12`='{$link12}' WHERE `gallery`.`id`=1");
if (!$result_set) {
die(" Database query failed : " . mysql_error());
} else {
header("location: editgallery.php?remarks=success");
}
mysql_close($con);
<?php
$con = mysql_connect("local", "my_user", "my_password", "my_db");
$name = $_POST["name"];
$age = $_POST["age"];
$ssn = $_POST["ssn"];
$email = $_POST["email"];
$password = $_POST["password"];
$username = $_POST["username"];
$statement = mysql_prepare($con, "INSERT INTO User (name, age,ssn, email, username, password) VALUES (?, ?, ?, ?, ?, ?)");
mysqli_stmt_bind_param($statement, "sissss", $name, $age, $ssn, $email, $password, $username);
mysqli_stmt_excute($statement);
mysqli_stmt_close($statement);
mysql_close($con);
<?php
session_start();
include 'connection.php';
include 'mysqlprep.php';
$videos = mysql_prepare($_POST['videos']);
$result_set = mysql_query("UPDATE `sayipl1`.`videos` SET `link`='{$videos}' WHERE `videos`.`id`=1");
if (!$result_set) {
die(" Database query failed : " . mysql_error());
} else {
header("location: editvideos.php?remarks=success");
}
mysql_close($con);
<?php
session_start();
include 'connection.php';
include 'mysqlprep.php';
$jerseyimage = mysql_prepare($_POST['jerseyimage']);
$jerseysize = mysql_prepare($_POST['jerseysize']);
$capimage = mysql_prepare($_POST['capimage']);
$capsize = mysql_prepare($_POST['capsize']);
$title1 = mysql_prepare($_POST['title1']);
$title2 = mysql_prepare($_POST['title2']);
$result_set = mysql_query("UPDATE `sayipl1`.`shop` SET `jerseyimage`='{$jerseyimage}', `jerseysize`='{$jerseysize}', `capimage`='{$capimage}', `capsize`='{$capsize}', `title1`='{$title1}', `title2`='{$title2}' WHERE `shop`.`id`=2");
if (!$result_set) {
die(" Database query failed : " . mysql_error());
} else {
header("location: editshop.php?remarks=success");
}
mysql_close($con);
<?php
session_start();
include 'mysqlprep.php';
$mail_to = '*****@*****.**';
$name = mysql_prepare($_POST['fname']);
$mail_from = mysql_prepare($_POST['email']);
$message = mysql_prepare($_POST['message']);
$subject = "Message from visitor " . $name;
$body_message = "From: " . $name . "\r\n";
$body_message .= "E-mail: " . $mail_from . "\r\n";
$body_message .= "Message: " . $message;
$headers = "From: " . $mail_from . "\r\n";
$headers .= "Reply-To: " . $mail_from . "\r\n";
$mail_sent = mail($mail_to, $subject, $body_message, $headers);
if ($mail_sent == true) {
echo "Success";
} else {
echo "Fail";
}
?>
