function get_siteInfo($TcName) { // Busca en la tabla de configuraciones el valor establecido $query = "SELECT valor,tipo FROM Configuracion WHERE idConfiguracion = '{$TcName}'"; include_once './dataBaseClass/connection.php'; $cDb = new DataBase(); $result = $cDb->query($query); $row = mysqli_fetch_assoc($result); return $row["valor"]; }
/** * 根据时间戳和联系人ID获取快照分组名 * @param int $user_id 用户ID * @param int $cid 联系人ID * @param int $dateline 时间戳 * @return string */ public function get_snapshot_category_by_cid($user_id, $cid, $dateline) { $sql = sprintf("SELECT category_id FROM %s WHERE uid = %d AND snapshot_id = %d AND cid = %d", $this->get_table($user_id, 'contact_classes_snapshot'), $user_id, $dateline, $cid); $query = $this->db->query($sql); if ($query->count()) { $result = array(); $res = $query->result_array(FALSE); foreach ($res as $val) { $result[] = $val['category_id']; } return $result; } return array(); }
/** * 获取联系信息列表 * @param int $id 联系人ID * @return array */ private function _get_info_list($id, $type = 'emails') { switch ($type) { case 'tels': $row = '`type`, `value`, `pref`, `city`'; break; case 'addresses': $row = '`type`, `country`, `postal`, `region`, `city`, `street`'; break; case 'ims': $row = '`protocol`, `type`, `value`'; break; default: $row = '`type`, `value`'; break; } $query = $this->db->query("SELECT {$row} FROM `gcp_{$type}` WHERE `gcid` = '{$id}' ORDER BY `id` ASC"); return $query->result_array(FALSE); }
<?php try { $allowGuest = $hideDefaultView = true; require '../framework/inc.php'; } catch (Exception $e) { die('Invalid DataBase informations <a href="javascript:window.history.back();">Launch installation wizard</a>'); } try { DataBase::query(file_get_contents('db-setup.sql')); echo 'Please remove the <strong>install</strong> folder.<br /><a href="..">Done !</a>'; Page::setTitle('Installation Wizard'); Page::send(); } catch (Exception $e) { echo '<h1>DataBase Error</h1>' . $e->message; }
/** * Find the related objects of the model * @param $table The name of the table of the objects * @param $conditions The relation conditions * @return array Array of objects */ public function _findRelations($table, $conditions) { if (count($conditions) == 0) { $query = "SELECT * FROM {$table}"; } else { $query = "SELECT * FROM {$table} WHERE ( {$conditions} )"; } $db2 = new DataBase(); $db2->query($query); $numResults = $db2->numRows(); $results = array(); for ($i = 0; $i < $numResults; $i++) { $result = $db2->fetchObject(); $results[] = new $table($result); } return $results; }
<?php session_start(); if (!isset($_SESSION['login_user']) || empty($_SESSION['login_user'])) { header("Location: /Cobranza/index.php"); exit; } $idCliente = filter_input(INPUT_GET, 'id'); $nombre = filter_input(INPUT_GET, 'Nombre'); include './dataBaseClass/connection.php'; $cDb = new DataBase(); $result = $cDb->query("SELECT * FROM ExpedienteElectronico WHERE idCliente = {$idCliente}"); ?> <div class="modal-dialog modal-lg"> <div class="modal-content"> <div class="modal-header"> <button type="button" class="close" data-dismiss="modal" aria-hidden="true">×</button <h1 class="modal-title">Agregar Expediente al Cliente: <?php echo $nombre; ?> </h1> </div> <div class="modal-body" style="margin: 20px;"> <table id="tblExpedientes" class="table table-striped table-bordered" cellspacing="0" width="100%"> <thead> <tr> <th>Id</th> <th>Nombre Archivo</th> <th>Acciones</th> </tr>
if ($mail['sender'] == User::getID()) { $r = DataBase::update('messages', array('sender_dir' => $_GET['dir']), array('ID' => $_GET['ID'], 'sender' => User::getID()))->fetch(); } else { if ($mail['recipient'] == User::getID()) { $r = DataBase::update('messages', array('recipient_dir' => $_GET['dir']), array('ID' => $_GET['ID'], 'recipient' => User::getID()))->fetch(); } else { die('<h3>Mail not found</h3>'); } } } else { die('<h3>That\'s not your mail !</h3>'); } die('true'); break; case 'unread': $unread = DataBase::query('SELECT COUNT(*) FROM messages WHERE opened = 0 AND recipient_dir = ' . DataBase::_secure($_GET['folder']) . ' AND recipient = ' . User::getID())->fetch()[0]; if (strval($unread)) { die($unread); } else { die; } break; case 'send': // check message HTML does not comport malicious tags // for example with HTMLPurify PHP library $recipient = DataBase::get('users', array('ID'), array('fullname' => $_POST['recipient'])); if (!count($recipient) || $recipient === false) { die('false'); } if (DataBase::insert('messages', array('sender' => User::getID(), 'recipient' => $recipient[0]['ID'], 'subject' => htmlspecialchars($_POST['subject']), 'content' => $_POST['content'], 'sent' => array('NOW()'), 'opened' => 0, 'answerTo' => 0, 'sender_dir' => 'sent', 'recipient_dir' => 'inbox'))) { if (DataBase::insert('messages', array('sender' => User::getID(), 'recipient' => $recipient[0]['ID'], 'subject' => htmlspecialchars($_POST['subject']), 'content' => $_POST['content'], 'sent' => array('NOW()'), 'opened' => 0, 'answerTo' => 0, 'sender_dir' => 'sent', 'recipient_dir' => 'sent'))) {
function delete($class, $where = "") { $temp_class = new $class(); $query = new Query($temp_class->__table__, "delete"); if ($where != "") { $query->where = $where; } $db = new DataBase(); $db->connect(); //echo $query->build(); $res = $db->query($query); return $res; }
public function findOneByPK() { $sql = 'SELECT * FROM ' . static::$table . ' WHERE id=:id'; $db = new DataBase(); return $db->query($sql, [':id' => $this->id])[0]; }
function set_main($photo, $i) { $r = new DataBase(); $r->query("DELETE FROM photo_main WHERE folder = '" . $photo['folder'] . "'"); $r->query("INSERT INTO photo_main (folder, count) VALUES('" . $photo['folder'] . "', " . $i . ")"); }
require 'framework/inc.php'; Page::setTitle('Home'); ?> <div class="row"> <div class="col-lg-3"> <div class="widget style1 lazur-bg"> <div class="row"> <div class="col-xs-4"> <i class="fa fa-envelope-o fa-5x"></i> </div> <div class="col-xs-8 text-right" widget="new-messages"> <span> New messages </span> <h2 class="font-bold"><?php echo DataBase::query('SELECT COUNT(*) FROM messages WHERE opened = 0 AND recipient = ' . User::getID())->fetch()[0]; ?> </h2> </div> </div> </div> </div> <!--<div class="col-lg-3"> <div class="ibox float-e-margins"> <div class="ibox-title"> <span class="label label-success pull-right">Monthly</span> <h5>Income</h5> </div> <div class="ibox-content"> <h1 class="no-margins">40 886,200</h1> <div class="stat-percent font-bold text-success">98% <i class="fa fa-bolt"></i></div>
//Verify if account exists $haserror = true; foreach ($accounts->get() as $acc) { if ($_DATA['id'] == $acc['id']) { $haserror = false; $forProfileId = $acc['profile_id']; break; } } if ($haserror) { RestUtils::sendResponse('406', array('data' => 'accountId', 'message' => 'A conta escolhida não existe.')); exit; } if ($forProfileId != CurrentUser::getId()) { RestUtils::sendResponse('406', array('data' => 'accountId', 'message' => 'A conta escolhida não pertence ao usuário.')); exit; } //Disable STATUS $sql->query("UPDATE accounts SET status = 0 WHERE id = '" . $_DATA['id'] . "'"); //Close Connection $sql->close(); RestUtils::sendResponse('200'); exit; break; /////////////////////////////////////DEFAULT /////////////////////////////////////DEFAULT default: RestUtils::sendResponse('405', array('message' => 'O método escolhido não é suportado.')); exit; break; }
<?php require 'framework/inc.php'; if (!isset($_GET['request'])) { die('<h3>Bad request</h3>'); } $req = $_GET['request']; $ans = DataBase::query('SELECT ID, fullname FROM users WHERE fullname LIKE ' . DataBase::_secure('%' . $req . '%')); $f = array(); while ($data = $ans->fetch()) { $f[] = $data; } die(json_encode($f));
function get_count($id) { $db = new DataBase(); $res = $db->query("select SUM(if(type = 'board',1,0)) as 'bcount', SUM(if(type = 'phone',1,0)) as 'pcount' from board_hits WHERE board_id = " . $id); return mysql_fetch_array($res); }
$sql = new DataBase(); $sql->connect(); //Verify if exists $tr = $transactions->get('all', '', '', '', $ID); $data = $tr; if (count($tr) == 0) { RestUtils::sendResponse('406', array('data' => 'transactionId', 'message' => 'Essa transação não existe.')); } if ($tr[0]['profile_id'] != CurrentUser::getId()) { RestUtils::sendResponse('406', array('data' => 'transactionId', 'message' => 'Essa transação não pertence ao perfil.')); } //Remove in Ammount if ($data[0]['account_to'] != '') { $balance = $accounts->get(1, $data[0]['account_from'], 'balance'); $balance += $data[0]['amount']; $sql->query("UPDATE accounts SET balance='" . $balance . "' WHERE id = '" . $data[0]['account_from'] . "'"); $sql->query("UPDATE accounts_month_balance AS amb SET amb.balance = amb.balance + " . $data[0]['amount'] . " WHERE amb.account_id = '" . $data[0]['account_from'] . "' AND amb.year >= " . date('Y', strtotime($data[0]['date'])) . " AND amb.month >= " . date('n', strtotime($data[0]['date'])) . ""); $balance = $accounts->get(1, $data[0]['account_to'], 'balance'); $balance -= $data[0]['amount']; $sql->query("UPDATE accounts SET balance='" . $balance . "' WHERE id = '" . $data[0]['account_to'] . "'"); $sql->query("UPDATE accounts_month_balance AS amb SET amb.balance = amb.balance - " . $data[0]['amount'] . " WHERE amb.account_id = '" . $data[0]['account_to'] . "' AND amb.year >= " . date('Y', strtotime($data[0]['date'])) . " AND amb.month >= " . date('n', strtotime($data[0]['date'])) . ""); } else { $balance = $accounts->get(1, $data[0]['account_from'], 'balance'); $balance -= $data[0]['amount']; $sql->query("UPDATE accounts SET balance='" . $balance . "' WHERE id = '" . $data[0]['account_from'] . "'"); $sql->query("UPDATE accounts_month_balance AS amb SET amb.balance = amb.balance - " . $data[0]['amount'] . " WHERE amb.account_id = '" . $data[0]['account_from'] . "' AND amb.year >= " . date('Y', strtotime($data[0]['date'])) . " AND amb.month >= " . date('n', strtotime($data[0]['date'])) . ""); } //Remove $sql->query("DELETE FROM transactions_has_tags WHERE transaction_id = '" . $ID . "'"); $sql->query("DELETE FROM transactions WHERE id = '" . $ID . "'"); //Close Connection
function getTransactionTags($count, $id) { $sql = new DataBase(); $sql->connect(); $sql->query("\r\n\t\tSELECT tag.*\r\n\t\tFROM tags tag, transactions_has_tags tht\r\n\t\tWHERE tht.transaction_id = '" . $id . "' AND tag.profile_id = " . CurrentUser::getId() . "\r\n\t\tAND tag.id = tht.tag_id\r\n\t\tLIMIT " . $count . "\r\n\t\t"); //Objects $json = array(); //Data while ($data = mysql_fetch_array($sql->result)) { $array = array("id" => $data["id"], "name" => $data["name"]); array_push($json, $array); } //Close connection $sql->close(); //Return return $json; }
<?php session_start(); if (!isset($_SESSION['login_user'])) { header("Location: /Cobranza/login.php"); } include './dataBaseClass/connection.php'; $cDb = new DataBase(); $lEdit = FALSE; $idCompania = filter_input(INPUT_GET, "idCompania"); $sQuery = "SELECT idTipo, nombre, 0 as marcado FROM TipoPoliza as cat "; if ($idCompania != "") { $sQuery = "SELECT idTipo, nombre, if(EXISTS(SELECT idTipo FROM TipoPolizaCompania where idTipo = cat.idTipo AND idCompania = {$idCompania}),1,0) as marcado FROM TipoPoliza as cat "; $query = "SELECT * FROM Companias WHERE idCompania = {$idCompania}"; $result = $cDb->query($query); if (mysqli_num_rows($result) > 0) { $row = mysqli_fetch_array($result); $lEdit = TRUE; } } $cEncabezado = $lEdit ? "Editando: " . $row['nombre'] : "Compañia Nueva"; $resultTipos = $cDb->query($sQuery); ?> <div class="modal-dialog modal-lg"> <div class="modal-content"> <div class="modal-header"> <button type="button" class="close" data-dismiss="modal" aria-hidden="true">×</button <h1 class="modal-title"><?php echo $cEncabezado; ?>
//$transactions = new Transactions; $accounts = new Accounts(); //Connect $sql = new DataBase(); $sql->connect(); //Verify if exists $tr = $transactions->get('all', '', '', '', $ID); $data = $tr; if (count($tr) == 0) { RestUtils::sendResponse('406', array('data' => 'transactionId', 'message' => 'Essa transação não existe.')); } if ($tr[0]['profile_id'] != CurrentUser::getId()) { RestUtils::sendResponse('406', array('data' => 'transactionId', 'message' => 'Essa transação não pertence ao perfil.')); } //Remove $sql->query("DELETE FROM transactions_has_tags WHERE transaction_id = '" . $ID . "'"); $sql->query("DELETE FROM transactions WHERE id = '" . $ID . "'"); //Remove in Ammount if ($data[0]['account_to'] != '') { $balance = $accounts->get(1, $data[0]['account_from'], 'balance'); $balance += $data[0]['amount']; $sql->query("UPDATE accounts SET balance='" . $balance . "' WHERE id = '" . $data[0]['account_from'] . "'"); $balance = $accounts->get(1, $data[0]['account_to'], 'balance'); $balance -= $data[0]['amount']; $sql->query("UPDATE accounts SET balance='" . $balance . "' WHERE id = '" . $data[0]['account_to'] . "'"); } else { $balance = $accounts->get(1, $data[0]['account_from'], 'balance'); $balance -= $data[0]['amount']; $sql->query("UPDATE accounts SET balance='" . $balance . "' WHERE id = '" . $data[0]['account_from'] . "'"); } //Close Connection
public static function getId() { //Get Token if (isset($_GET['token'])) { //Verify token $token = new Token(); if (!$token->verify($_GET['token'])) { //Connect $sql = new DataBase(); $sql->connect(); $sql->query("\r\n\t\t\t\t\tSELECT DISTINCT *\r\n\t\t\t\t\tFROM token\r\n\t\t\t\t\tWHERE token = '" . $_GET['token'] . "'\r\n\t\t\t\t"); //Data while ($data = mysql_fetch_array($sql->result)) { return $data['profile_id']; break; } } else { RestUtils::sendResponse('400', array('data' => 'token', 'message' => 'A verificação do token falhou.')); exit; } } else { RestUtils::sendResponse('412', array('data' => 'token', 'message' => 'O token não foi passado pela URL.')); exit; } }
function getForceBalance($account = "", $from = "", $to = "") { //Connect $sql = new DataBase(); $sql->connect(); //Objects $json = array(); $accounts = $this->get(50, $account); //Data foreach ($accounts as $acc) { //Query $balance = 0; $query = "SELECT transaction.amount, transaction.account_to_id FROM transactions transaction"; $query .= " WHERE (transaction.account_from_id = '" . $acc['id'] . "' OR transaction.account_to_id = '" . $acc['id'] . "')"; if (!empty($from)) { $query .= " AND transaction.date >= '" . $from . "' "; } if (!empty($to)) { $query .= " AND transaction.date <= '" . $to . "' "; } //execute $sql->query($query); //Data while ($data = mysql_fetch_array($sql->result)) { if ($data["account_to_id"] == $acc["id"]) { $balance -= $data["amount"]; } else { $balance += $data["amount"]; } } $balance += $acc["initial_balance"]; //Array $acc['balance'] = round($balance, 2); $array = $acc; array_push($json, $array); } return $json; $sql->close(); }
*/ case 'delete': $ID = $_DATA['id']; //Connect $sql = new DataBase(); $sql->connect(); //Verify if exists $tr = $tags->getUnique($ID); if (count($tr) == 0) { RestUtils::sendResponse('406', array('data' => 'tagId', 'message' => 'Essa tag não existe.')); } if ($tr[0]['profile_id'] != CurrentUser::getId()) { RestUtils::sendResponse('406', array('data' => 'tagId', 'message' => 'Essa tag não pertence ao perfil.')); } //Remove $sql->query("DELETE FROM transactions_has_tags WHERE tag_id = '" . $ID . "'"); $sql->query("DELETE FROM tags WHERE id = '" . $ID . "'"); //Close Connection $sql->close(); RestUtils::sendResponse('200'); break; /* * ====================================== * Default * ====================================== */ /* * ====================================== * Default * ====================================== */
$generateToken = $token->generate(); //Atribui token ao usuário $timeToBuildStructure = 1800; //Segundos (30 * 60 = 30 minutos) $now = time(); //Tempo atual (segundos desde 1/1/1970) $finishedBuilding = $now + $timeToBuildStructure; //Tempo a expirar $sql4 = new DataBase(); $sql4->connect(); $sql4->query("INSERT INTO token(token,profile_id,expires,application_id) VALUES ('" . $generateToken . "','" . $userdetails['id'] . "','" . date("Y-m-d H:i:s", $finishedBuilding) . "','" . $data['id'] . "')"); } //Atualiza tempo de último login $sql4 = new DataBase(); $sql4->connect(); $sql4->query("UPDATE profiles SET last_login='******'this_session'] . "', this_session='" . date("Y-m-d H:i:s") . "' WHERE profiles.id = '" . $userdetails['id'] . "'"); //Construct a new logged in user object //Transfer some db data to the session object // $loggedInUser = new loggedInUser(); // $loggedInUser->email = $userdetails["email"]; // $loggedInUser->id = $userdetails["id"]; // $loggedInUser->hash_pw = $userdetails["password"]; // $loggedInUser->display_username = $userdetails["username"]; // $loggedInUser->clean_username = $userdetails["username_clean"]; // $loggedInUser->remember_me = $remember_choice; // $loggedInUser->api_key = $_DATA['api_key']; // $loggedInUser->login = $userdetails["email"]; // $loggedInUser->redirect = 'false'; // $loggedInUser->remember_me_sessid = generateHash(uniqid(rand(), true)); // //Update last sign in // $loggedInUser->updatelast_sign_in();
function getTypes() { //Connect $sql = new DataBase(); $sql->connect(); //Query $sql->query("\r\n\t\tSELECT DISTINCT type.*\r\n\t\tFROM transactions_type type\r\n\t\tORDER BY type.id\r\n\t\t"); //Objects $json = array(); //Data while ($data = mysql_fetch_array($sql->result)) { $array = array("id" => $data["id"], "name" => $data["name"]); array_push($json, $array); } //Close connection $sql->close(); //Return return $json; }
function run($query) { $db = new DataBase(); $db->connect(); $res = $db->query($query); return $res; }
<?php global $hideDefaultView; global $allowGuest; if (User::isGuest() && !isset($allowGuest)) { header('Location: login.php'); } if (User::isLoggedIn()) { $unreadMessages = DataBase::query('SELECT COUNT(*) FROM messages WHERE opened = 0 AND recipient_dir = "inbox" AND recipient = ' . User::getID())->fetch()[0]; if (!strval($unreadMessages)) { $unreadMessages = ''; } $unreadAlerts = DataBase::query('SELECT COUNT(*) FROM messages WHERE opened = 0 AND recipient_dir = "alerts" AND recipient = ' . User::getID())->fetch()[0]; if (!strval($unreadAlerts)) { $unreadAlerts = ''; } } Page::css('main', true); Page::css('font-awesome/font-awesome.min', true); Page::css('inspinia/plugins/sweetalert/sweetalert', true); Page::css('inspinia/plugins/iCheck/custom', true); Page::css('inspinia/style', true); Page::css('inspinia/animate', true); Page::css('inspinia/bootstrap.min', true); Page::js('main', true); Page::js('inspinia/plugins/slimscroll/jquery.slimscroll', true); Page::js('inspinia/plugins/metisMenu/jquery.metisMenu', true); Page::js('inspinia/plugins/sweetalert/sweetalert.min', true); Page::js('inspinia/plugins/iCheck/icheck.min', true); Page::js('inspinia/inspinia', true); Page::js('inspinia/bootstrap.min', true);
$sSqlLimit = intval($_POST['sql_limit'], 10); $sSqlOffset = intval($_POST['sql_offset'], 10); // get new db object // (the parameters are stored in the db_config.php file) $oDB = new DataBase($sHost, $sDbUser, $sDbPasswd, $sDatabase); $oDB->connect(); // escape the search term $sSearchTerm = mysql_real_escape_string($_POST['search_term']); // extend the search term $sSearchTerm = '%' . $sSearchTerm . '%'; // escape the db field names of the both languages $sDbLang1 = mysql_real_escape_string($_POST['db_lang_1']); $sDbLang2 = mysql_real_escape_string($_POST['db_lang_2']); // now build the query $sQuery = sprintf("SELECT %s, %s FROM voka WHERE %s LIKE '%s' OR %s LIKE '%s' LIMIT %d, %d", $sDbLang1, $sDbLang2, $sDbLang1, $sSearchTerm, $sDbLang2, $sSearchTerm, $sSqlOffset, $sSqlLimit); $oResult = $oDB->query($sQuery); $oDB->disconnect(); if (!$oResult) { //echo "DB error: " . $oDB->getLastError(); $aReturnCode = array("code" => -1); echo json_encode($aReturnCode); return; } if (mysql_num_rows($oResult) == 0) { //echo "No result: ". $oDB->getLastError(); $aReturnCode = array("code" => 0); echo json_encode($aReturnCode); return; } // determine total number of possible results $oDB->connect();
<?php include './Header.php'; include './dataBaseClass/connection.php'; $cDb = new DataBase(); $queryCompanias = "SELECT C.idCompania,C.nombre FROM Companias AS C INNER JOIN TipoPolizaCompania AS T ON T.idCompania = C.idCompania WHERE T.idTipo = 'AUTOMOVIL'"; $resultCompanias = $cDb->query($queryCompanias); $queryPaquetes = "SELECT idPaquete FROM Paquete WHERE tipoPoliza = 'AUTOMOVIL' GROUP BY idPaquete"; $resultPaquetes = $cDb->query($queryPaquetes); ?> <script type="text/javascript" src="/Cobranza/js/OrdenTrabajo.js"></script> <div class="main"> <h1 class="page-header">Orden De Trabajo Automoviles</h1> <br> <button type="button" class="btn btn-primary" id="btnGuardar" onclick="GuardaOrdenTrabajo();">Guardar</button> <br> <br> <form id="inputForm"> <div class="row"> <div class= "col-md-2"> <p class="text-right"> <label class="control-label" for="selCompania">Compañia:</label> </p> </div> <div class="col-md-3"> <select class="form-control input-sm" id="selCompania" name="compania"> <option value = "c">Seleccionar compañia</option> <?php while ($row = mysqli_fetch_array($resultCompanias)) { ?> <option value = "<?php