public static function otkljucani()
{
$tablica = "<table class=\"table table-striped table-hover\"><caption><h2><strong>Otkljucani korisnici</strong></h2></caption>";
$tablica .= "<thead><tr><th>Korisnicko ime</th><th>Ime</th><th>Prezime</th><th>Email</th><th>Tip korisnika</th></tr></thead><tbody>";
$baza = new Baza();
$upit = "select korisnicko_ime,ime,prezime,email,tip_korisnika,idkorisnik from korisnik where zakljucan = 0 order by korisnicko_ime";
$rezultat = $baza->selectDB($upit);
while ($red = $rezultat->fetch_row()) {
$tablica .= "<tr><td>{$red['0']}</td><td>{$red['1']}</td><td>{$red['2']}</td><td>{$red['3']}</td><td>{$red['4']}</td>";
$tablica .= "<td><a href=\"controler/otkljucaj_zakljucaj.php?id={$red['5']}&tip=0\">Zakljucaj</a></td></tr>";
}
$tablica .= "</tbody></table>";
echo $tablica;
}
public function wyplujAktualnaWersje()
{
$query = "SELECT `wartosc` FROM `SYSTEM`\r\n WHERE `opcja` = 'wersja';";
$results = parent::get($query, array());
if ($results !== NULL) {
return $results[0]['wartosc'];
} else {
return false;
}
}
public static function brojKazniDnevno()
{
$id = $_SESSION["ID"];
$baza = new Baza();
$upit = "select parking from korisnik where idkorisnik='{$id}';";
$rezultat = $baza->selectDB($upit);
$red = $rezultat->fetch_row();
$id_parking = $red[0];
$tablica = "<div class=\"container\"></div><table class=\"table table-striped table-hover\"><caption><h2><strong>Broj kazni dnevno</strong></h2></caption>";
$tablica .= "<thead><tr><th>Datum</th><th>Broj kazni</th></tr></thead><tbody>";
$upit = "select date(vrijeme), count(date(vrijeme))from kazna where parking='{$id_parking}' group by date(vrijeme) limit 30;";
$rezultat = $baza->selectDB($upit);
while ($red = $rezultat->fetch_row()) {
$tablica .= "<tr><td>{$red['0']}</td>";
$tablica .= "<td>{$red['1']}</td></tr>";
}
$tablica .= "</tbody></table>";
echo $tablica;
}
public static function ostalo($korIme, $radnja, $izcontrolera)
{
if ($izcontrolera == 1) {
include_once 'baza.class.php';
} else {
include_once './controler/baza.class.php';
}
$baza = new Baza();
$upit = "SELECT idkorisnik FROM korisnik where korisnicko_ime = '{$korIme}';";
$rezultat = $baza->selectDB($upit);
$red = $rezultat->fetch_row();
$id_kor = $red[0];
$baza = new Baza();
$upit = "insert into dnevnik_rada values(default,now(),1,'{$id_kor}','{$radnja}',null);";
$rezultat = $baza->selectDB($upit);
}
public static function autentikacija($korIme, $lozinka)
{
$baza = new Baza();
$korisnik = new Korisnik();
$upit = "SELECT tip_korisnika, idkorisnik, korisnicko_ime,ime,prezime,email,lozinka,zakljucan FROM korisnik where korisnicko_ime = '{$korIme}' or email='{$korIme}'";
$rezultat = $baza->selectDB($upit);
if ($rezultat->num_rows == 1) {
list($tip_korisnika, $id_korisnika, $korIme, $ime, $prezime, $email, $lozinka2, $zakljucan) = $rezultat->fetch_array();
$korisnik->set_podaci($tip_korisnika, $id_korisnika, $korIme, $ime, $prezime, $email);
if ($zakljucan == 1) {
Dnevnik::prijava($korIme, -1);
return -1;
}
if ($lozinka == $lozinka2) {
self::kreirajSesiju($tip_korisnika, $id_korisnika, $korIme, $ime, $prezime, $email);
$upit2 = "update korisnik set pokusaj = 0 where idkorisnik ='{$id_korisnika}'";
$rezultat2 = $baza->selectDB($upit2);
Dnevnik::prijava($korIme, 1);
return $tip_korisnika;
}
if ($lozinka != $lozinka2) {
Dnevnik::prijava($korIme, -1);
$upit2 = "update korisnik set pokusaj = pokusaj+1 where idkorisnik = '{$id_korisnika}'";
$rezultat2 = $baza->selectDB($upit2);
$upit3 = "select pokusaj from korisnik where idkorisnik = '{$id_korisnika}'";
$rezultat3 = $baza->selectDB($upit3);
$broj = $rezultat3->fetch_array();
$broj2 = $broj['pokusaj'];
if ($broj2 >= 3) {
$kljucaj = "update korisnik set zakljucan = 1 where idkorisnik ='{$id_korisnika}'";
$rezultat4 = $baza->selectDB($kljucaj);
}
return 0;
} else {
header("Location: greske.php?id=0");
}
}
}
<?php
/**
* Created by PhpStorm.
* User: Prima
* Date: 31.05.14.
* Time: 20:47
*/
include_once './controler/baza.class.php';
$baza = new Baza();
include_once "./view/header.php";
if (!isset($_SESSION["PzaWeb"])) {
header("Location: greske.php?id_greske=12");
exit;
}
if ($_SESSION["TIP"] != 1) {
header("Location: greske.php?id_greske=13");
exit;
}
$tablica = $_GET['tablica'];
$id = $_GET['id'];
/*ob_start();
session_start();
if (!isset($_COOKIE["Zadaca_05_korisnik"])) {
header("Location: greske.php?id_greske=12");
exit();
}
if (!isset($_SESSION["PzaWeb"])) {
header("Location: greske.php?id_greske=12");
public function transferWykonaj($kwota, $budzet_dawca_id, $budzet_biorca_id, $secret)
{
if ($budzet_dawca_id === $budzet_biorca_id) {
header("HTTP/1.1 401 Budżet dawcy musi być inny niż budżet biorcy");
return false;
}
if (floatval($kwota) === 0 || $kwota === '0') {
header("HTTP/1.1 401 Podaj kwotę przelewu");
return false;
}
if ($budzet_dawca_id === 0 || $budzet_biorca_id === 0) {
header("HTTP/1.1 401 Wybierz budżet biorcy");
return false;
}
$kwota = (string) $kwota;
if (!$this->walidator->kwotaWaliduj($kwota)) {
header("HTTP/1.1 401 Zły format kwoty");
return false;
}
if (!$this->budzetSprawdzId($budzet_dawca_id, $secret) || !$this->budzetSprawdzId($budzet_biorca_id, $secret)) {
header("HTTP/1.1 401 Błąd 1");
return false;
}
$budzet_dawca_kwota = $this->budzetKwotaPrzygotuj($budzet_dawca_id, 0 - floatval($kwota));
$budzet_biorca_kwota = $this->budzetKwotaPrzygotuj($budzet_biorca_id, floatval($kwota));
if (!$this->walidator->kwotaWaliduj((string) $budzet_dawca_kwota)) {
header("HTTP/1.1 401 Nie posiadasz tyle funduszy w budżecie");
return false;
}
if (!$this->walidator->kwotaWaliduj((string) $budzet_biorca_kwota)) {
header("HTTP/1.1 401 Budżet biorcy przekracza dozwoloną kwotę");
return false;
}
$query = "INSERT INTO `TRANSFER`\r\n ( `BUDZET_DAWCA_ID`, `BUDZET_BIORCA_ID`, `data`, `kwota` )\r\n VALUES\r\n ( :budzet_dawca_id, :budzet_biorca_id, :data, :kwota )";
$params = array(':budzet_dawca_id' => $budzet_dawca_id, ':budzet_biorca_id' => $budzet_biorca_id, ':data' => date('Y-m-d H:i:s'), ':kwota' => $kwota);
$this->budzetKwotaZmien($budzet_dawca_id, $budzet_dawca_kwota);
$this->budzetKwotaZmien($budzet_biorca_id, $budzet_biorca_kwota);
$this->budzetTouch($budzet_dawca_id);
return parent::post($query, $params);
}
<?php
include './baza.class.php';
$baza = new Baza();
$username = $_GET['Username'];
$status = $_GET['Status'];
$rezultat = "Error";
$upitB = "UPDATE user SET status='{$status}' where username='******'";
if ($baza->updateDB($upitB)) {
$rezultat = "uspjeh";
} else {
$rezultat = "Error";
}
echo $rezultat;
public static function sveKarte()
{
$id = $_SESSION["ID"];
$baza = new Baza();
$upit = "select registracijske_oznake from vozilo where korisnik='{$id}';";
$rezultat = $baza->selectDB($upit);
$red = $rezultat->fetch_row();
$oznake = $red[0];
$tablica = "<div class=\"container\"></div><table id=\"tablica\" class=\"table table-striped table-hover\"><caption><h2><strong>Sve kupljene karte</strong></h2></caption>";
$tablica .= "<thead><tr><th>Vrijeme kupnje</th><th>Vrijeme prodaje</th><th>Parking</th><th>Iznos</th></tr></thead><tbody>";
$upit = "select k.vrijeme_kupnje,k.vrijeme_isteka,p.ime,k.iznos,id from karta as k, parking as p where k.vozilo='{$oznake}' and k.parking=p.idparking; ";
$rezultat = $baza->selectDB($upit);
while ($red = $rezultat->fetch_row()) {
$tablica .= "<tr><td>{$red['0']}</td>";
$tablica .= "<td>{$red['1']}</td>";
$tablica .= "<td>{$red['2']}</td>";
$tablica .= "<td>{$red['3']}</td>";
}
$tablica .= "</tbody></table>";
echo $tablica;
}
private function sesjaMysqlWyplujUsera($secret)
{
$query = "SELECT `nazwa` FROM `USER`\r\n WHERE `sesja` = :secret;";
$params = array(':secret' => $secret);
$results = parent::get($query, $params);
return $results === 'NULL' ? false : $results[0]['nazwa'];
}
<?php
// session_start();
header('charset=utf-8');
include './baza.class.php';
$baza = new Baza();
$datum = date('Y-m-d H:i:s');
header('charset=utf-8');
if (isset($_REQUEST['sezona'])) {
$sezona = $_REQUEST['sezona'];
} else {
$sezona = null;
}
if ($sezona != null) {
$upit = "SELECT * FROM sezone_has_lovina WHERE id_sezona ='{$sezona}'";
$rezultat = $baza->selectDB($upit);
while ($nesto = $rezultat->fetch_array()) {
$temp = $nesto['id_lovina'];
$upit2 = "SELECT * FROM lovina WHERE idlovina ='{$temp}'";
$rezultat2 = $baza->selectDB($upit2);
$nesto2 = $rezultat2->fetch_array();
$sezona_info[] = array("Lovina" => $nesto['id_lovina'], "Naziv" => $nesto2['naziv'], "Link" => $nesto2['link']);
}
echo json_encode($sezona_info);
} else {
$ispis = "Error";
echo $ispis;
}
public static function Vrijeme()
{
$baza = new Baza();
$upit = "select korisnicko_ime from korisnik where tip_korisnika=3 order by korisnicko_ime;";
$rezultat = $baza->selectDB($upit);
$polje = array();
while ($red = $rezultat->fetch_assoc()) {
$polje[] = $red[korisnicko_ime];
}
$reg_json = json_encode($polje);
echo $reg_json;
return $reg_json;
}
<?php
/**
* Created by PhpStorm.
* User: Prima
* Date: 13.06.14.
* Time: 23:16
*/
session_start();
if (!isset($_SESSION["PzaWeb"])) {
header("Location: greske.php?id_greske=12");
exit;
}
if ($_SESSION["TIP"] != 3) {
header("Location: greske.php?id_greske=13");
exit;
}
include_once 'baza.class.php';
include_once 'dnevnik.php';
$idkazna = $_GET['id'];
$baza = new Baza();
$upit = "update kazna set placena=1 where idkazna='{$idkazna}'";
if ($rezulat = $baza->selectDB($upit)) {
$id = $_SESSION["ID"];
Dnevnik::update($id, $upit, 1);
header("Location: ../vlasnik.php");
}
private function sesjaMysqlWykasujPoSecret($secret)
{
$query = "DELETE FROM `SESJA`\r\n WHERE\r\n `secret` = :secret;";
$params = array(':secret' => $secret);
parent::post($query, $params);
}
<?php
include './baza.class.php';
$baza = new Baza();
$json = $_GET['json'];
$data = json_decode($json, true);
$name = $data['Name'];
$lastname = $data['Lastname'];
$username = $data['Username'];
$password = $data['Password'];
$dob = $data['DOB'];
$email = $data['Email'];
$greska = 0;
$rezultat = "error";
$upit = "select * from user where username ='******'";
$rezultat_korime = $baza->selectDB($upit);
if ($rezultat_korime->num_rows != 0) {
$greska = 1;
$rezultat = "username exists";
}
$upit = "select * from user where email ='" . $email . "'";
$rezultat_email = $baza->selectDB($upit);
if ($rezultat_email->num_rows != 0) {
$greska = 2;
$rezultat = "email taken";
}
if ($greske == 0) {
$upitB = "insert into user(ime, prezime, email, username, password, datum_rod, tip_korisnika_idtip_korisnika)" . "values ('{$name}','{$lastname}','{$email}','{$username}','{$password}','{$dob}', 1)";
if ($baza->updateDB($upitB)) {
$rezultat = "uspjeh";
} else {
private function uzytkownikUtworz($uzytkownik, $haslo)
{
$query = "INSERT INTO `USER`\r\n ( `nazwa`, `password` )\r\n VALUES\r\n ( :nazwa, :password );";
$params = array(':nazwa' => parent::htmlencode($uzytkownik), ':password' => $this->passwordHash($haslo));
return parent::post($query, $params);
}
* User: Prima
* Date: 13.06.14.
* Time: 21:37
*/
include_once './view/header.php';
include_once './controler/baza.class.php';
if (!isset($_SESSION["PzaWeb"])) {
header("Location: greske.php?id_greske=12");
exit;
}
if ($_SESSION["TIP"] != 1) {
header("Location: greske.php?id_greske=14");
exit;
}
if (isset($_POST['kreiraj'])) {
$baza = new Baza();
$parking = $_POST['parking'];
$broj_mjesta = $_POST['broj'];
$broj_mjesta = $_POST['broj'] == "" ? "NULL" : "'{$broj_mjesta}'";
$opis = $_POST['opis'];
$opis = $_POST['opis'] == "" ? "NULL" : "'{$opis}'";
$cijena = $_POST['cijena'];
$cijena = $_POST['cijena'] == "" ? "NULL" : "'{$cijena}'";
$vrijeme = $_POST['vrijeme'];
$vrijeme = $_POST['vrijeme'] == "" ? "NULL" : "'{$vrijeme}'";
$upit = "insert into parking values(default, '{$parking}',{$opis},{$broj_mjesta},{$cijena},{$vrijeme});";
$rezutlat = $baza->selectDB($upit);
header("Location: administrator.php");
}
//
?>
<?php
// session_start();
include './baza.class.php';
$baza = new Baza();
$datum = date('Y-m-d H:i:s');
if (isset($_REQUEST['UserName'])) {
$UserName = $_REQUEST['UserName'];
} else {
$UserName = null;
}
if (isset($_REQUEST['Password'])) {
$Password = $_REQUEST['Password'];
} else {
$Password = null;
}
if ($UserName != null && $Password != null) {
$upit = "SELECT * FROM user WHERE username='******'";
$rezultat = $baza->selectDB($upit);
$nesto = $rezultat->fetch_array();
if ($rezultat->num_rows != 0 && $nesto['password'] == $Password) {
$id = $nesto['iduser'];
$upit_hash = "SELECT * FROM hashbase WHERE naziv='login_uspjeh'";
$rezultat_hash = $baza->selectDB($upit_hash);
$dohvat = $rezultat_hash->fetch_array();
$hash = $dohvat['vrijednost'];
} else {
$upit_hash = "SELECT * FROM hashbase WHERE naziv='login_neuspjeh'";
$rezultat_hash = $baza->selectDB($upit_hash);
$dohvat = $rezultat_hash->fetch_array();
$hash = $dohvat['vrijednost'];
<?php
// session_start();
include './baza.class.php';
$baza = new Baza();
header('charset=utf-8');
$datum = date('Y-m-d H:i:s');
if (isset($_REQUEST['UserName'])) {
$UserName = $_REQUEST['UserName'];
} else {
$UserName = null;
}
if ($UserName != null) {
$upit = "SELECT * FROM user WHERE username='******'";
$rezultat = $baza->selectDB($upit);
$nesto = $rezultat->fetch_array();
if ($rezultat->num_rows != 0) {
echo json_encode(array("id" => $nesto['iduser'], "Ime" => $nesto['ime'], "Prezime" => $nesto['prezime'], "Dob" => $nesto['datum_rod'], "Status" => $nesto['status']), JSON_UNESCAPED_UNICODE);
} else {
$ispis = "profil_neuspjeh";
}
echo $ispis;
} else {
$ispis = "profil_nepostojeci";
echo $ispis;
}
<?php
/**
* Created by PhpStorm.
* User: Prima
* Date: 31.05.14.
* Time: 23:55
*/
include_once "baza.class.php";
include_once "dnevnik.php";
$baza = new Baza();
$tablica2 = $_POST['tablica'];
$broj = $_POST['broj'];
$upit2 = "insert into {$tablica2} values (";
$imena = array();
foreach ($_POST as $key => $value) {
array_push($imena, $key);
}
for ($k = 0; $k < $broj; $k++) {
$param = $imena[$k];
$upit2 .= "'{$_POST[$param]}',";
}
$upit2 = substr($upit2, 0, -1);
$upit2 .= ");";
$baza->selectDB($upit2);
$id = $_SESSION["ID"];
Dnevnik::insert($id, $upit, 1);
header("Location: ../tablice.php");
exit;
