<?php /** * Login Checker * * @author Sam Plugins <*****@*****.**> * @copyright Sam Plugins <*****@*****.**> * @twitter http://twitter.com/samplugins */ require_once "include/init.php"; if (CommonFunc::isPost()) { $Login = new Login(MySql::Instance()); if ($Login->loginCheck(CommonFunc::safe($_POST['username']), CommonFunc::safe($_POST['password']))) { echo "<script>window.location='donations.php'</script>"; } else { $_SESSION['login-flash'] = "" . CommonFunc::ERROR . "|Invalid username and/or password"; echo "<script>window.location='login.php'</script>"; } }
function getSQL($data = array()) { $sql = "SELECT d.* FROM donations d "; $sql .= " WHERE d.donation_id > 0"; if (isset($data['donation_id']) && $data['donation_id'] != "") { $sql .= " AND d.donation_id = '" . (int) $data['donation_id'] . "'"; } if (isset($data['amount']) && $data['amount'] != "") { $sql .= " AND d.amount = '" . CommonFunc::safe($data['amount']) . "'"; } if (isset($data['status_id']) && $data['status_id'] != "") { $sql .= " AND d.status_id = '" . CommonFunc::safe($data['status_id']) . "'"; } if (isset($data['first_name']) && $data['first_name'] != "") { $sql .= " AND d.first_name like '%" . CommonFunc::safe($data['first_name']) . "%'"; } if (isset($data['last_name']) && $data['last_name'] != "") { $sql .= " AND d.last_name like '%" . CommonFunc::safe($data['last_name']) . "%'"; } if (isset($data['email']) && $data['email'] != "") { $sql .= " AND d.email = '" . CommonFunc::safe($data['email']) . "'"; } if (isset($data['date_from']) && $data['date_from'] != "") { $sql .= " AND STR_TO_DATE(d.donation_date,'%Y-%m-%d') >= '" . CommonFunc::safe($data['date_from']) . "'"; } if (isset($data['date_to']) && $data['date_to'] != "") { $sql .= " AND STR_TO_DATE(d.donation_date,'%Y-%m-%d') <= '" . CommonFunc::safe($data['date_to']) . "'"; } if (isset($data['order_by']) && $data['order_by'] != '' && $this->isValidOrderField($data['order_by'])) { $sql .= " ORDER BY d." . $data['order_by'] . " "; } else { $sql .= " ORDER BY d.donation_id "; } if (isset($data['order_direction']) && ($data['order_direction'] == 'asc' || $data['order_direction'] == 'desc')) { $sql .= " " . $data['order_direction'] . " "; } else { $sql .= " DESC "; } return $sql; }