function storeData($sql, $eMore) { $eMore = ""; $hn = 'localhost'; $user = '******'; $pw = 'password123'; $cn = MySQL_connect($hn, $user, $pw); if ($cn) { $dbname = 'advocacy_db'; $connect = MySQL_select_db($dbname); if ($connect) { $return = MySQL_query($sql, $cn); if ($return == TRUE) { //success... } else { $eMore .= "Query (return) was not successful.\n"; //error... } MySQL_close($cn); } else { $eMore .= "DB selection was not successful.\n"; } } else { $eMore .= "Connection to db was not successful.\n"; } return $eMore; }
function show_search_results() { global $user, $config, $keyword, $search_mode, $page_name; #santize sql keyword in case anyone reads xkcd... $keyword = mysql_real_escape_string($keyword); #perform the search #full text search in boolean mode #$sql = "SELECT * from files where MATCH(path, file) AGAINST('$keyword' in boolean mode)"; #<<----- orignal search command $sql = 'SELECT DISTINCT ' . $config[dbfiles] . '.ip, ' . $config[dbhosts] . '.name, ' . $config[dbhosts] . '.online, path, file, size, MATCH(path, file) AGAINST("' . $keyword . '") AS relevance FROM ' . $config[dbfiles] . ' JOIN ' . $config[dbhosts] . ' ON ' . $config[dbhosts] . '.ip = ' . $config[dbfiles] . '.ip WHERE MATCH(path, file) AGAINST("' . $keyword . '" IN BOOLEAN MODE)'; #add file type filters if requested #video needs to be bigger than 1MB, this eliminates most spurious results. I don't think a filesize filter can be applied to music though without #adverse effects if ($search_mode == 'video') { $sql = $sql . ' AND (file LIKE "%.avi" OR file LIKE "%.mpg" OR file LIKE "%.mpeg" OR file LIKE "%.ogm" OR file LIKE "%.wmv" OR file LIKE "%.mkv" OR file LIKE "%.mp4" OR file LIKE "%.ogg" OR file LIKE "%.ogv") AND (size > 1000000)'; } if ($search_mode == 'music') { $sql = $sql . ' AND (file LIKE "%.mp3" OR file LIKE "%.ogg" OR file LIKE "%.aac" OR file LIKE "%.mp4" OR file LIKE "%.wav" OR file LIKE "%.flac" OR file LIKE "%.m4a" OR file LIKE "%.oga")'; } if ($search_mode == 'documents') { $sql = $sql . ' AND (file LIKE "%.doc" OR file LIKE "%.xls" OR file LIKE "%.ppt" OR file LIKE "%.pdf" OR file LIKE "%.odt" OR file LIKE "%.txt" OR file LIKE "%.rtf" OR file LIKE "%.ods" OR file LIKE "%.odp")'; } if ($search_mode == 'disk_images') { $sql = $sql . ' AND (file LIKE "%.iso" OR file LIKE "%.bin" OR file LIKE "%.cue" OR file LIKE "%.vdi" OR file LIKE "%.vhd" OR file LIKE "%.wim" OR file LIKE "%.ima" OR file LIKE "%.img")'; } #remove nuisance files (thumbs.db, .lnk files, etc.) #I doubt anyone wants to look for these #add another condition if theres a type of usless file that's spoiling search results #we have to be careful not to make this too strict though as there is no intuitive option to disable it yet if ($_GET['spamfilter']) { $sql = $sql . ' AND (file NOT LIKE "%.db" AND file NOT LIKE "%.ini" AND file NOT LIKE "%.dll" AND file NOT LIKE "%.lnk" AND file NOT LIKE "%.scf" AND file NOT LIKE "%.DS_Store%" AND file NOT LIKE ".directory" AND file NOT LIKE "folder.jpg" AND file NOT LIKE "AlbumArt_%" AND file NOT LIKE "AlbumArtSmall.jpg" )'; } #order the results with preferance for online hosts #then by relevance $sql = $sql . ' ORDER BY (' . $config[dbhosts] . '.online = 1) DESC, relevance DESC'; #dispaly all films on network if this is requested. have moved this after the order by line as having it before causes errors (relevance DESC is #meaningless as this query string doesn't have a relevance variable) if ($search_mode == 'all_films') { $sql = 'SELECT DISTINCT ' . $config[dbfiles] . '.ip, ' . $config[dbhosts] . '.name, ' . $config[dbhosts] . '.online, path, file, size FROM ' . $config[dbfiles] . ' JOIN ' . $config[dbhosts] . ' ON ' . $config[dbhosts] . '.ip = ' . $config[dbfiles] . '.ip WHERE (size > 600000000) AND (file LIKE "%.avi" OR file LIKE "%.mpg" OR file LIKE "%.mpeg" OR file LIKE "%.ogm" OR file LIKE "%.wmv" OR file LIKE "%.mkv" OR file LIKE "%.mp4" OR file LIKE "%.ogg" OR file LIKE "%.ogv") ORDER BY (' . $config[dbhosts] . '.online = 0), (' . $config[dbfiles] . '.file) '; #online then offline, each alphabetical } if ($search_mode == 'extension') { $sql = 'SELECT DISTINCT ' . $config[dbfiles] . '.ip, ' . $config[dbhosts] . '.name, ' . $config[dbhosts] . '.online, path, file, size FROM ' . $config[dbfiles] . ' JOIN ' . $config[dbhosts] . ' ON ' . $config[dbhosts] . '.ip = ' . $config[dbfiles] . '.ip WHERE (file LIKE "%.' . $keyword . '") ORDER BY (' . $config[dbhosts] . '.online = 0), (' . $config[dbfiles] . '.file) '; #online then offline, each alphabetical } if ($search_mode == 'show_my_files') { $sql = 'SELECT DISTINCT ' . $config[dbfiles] . '.ip, ' . $config[dbhosts] . '.name, ' . $config[dbhosts] . '.online, path, file, size FROM ' . $config[dbfiles] . ' JOIN ' . $config[dbhosts] . ' ON ' . $config[dbhosts] . '.ip = ' . $config[dbfiles] . '.ip WHERE ' . $config[dbfiles] . '.ip like "' . $user->info[ip] . '"'; } #send query to mysql $res = MySQL_query($sql); ?> <?php if (mysql_num_rows($res) > 0) { if ($search_mode != 'show_my_files') { if ($user->can_use_site == false) { echo '<a href="wiki/index.php?title=Sharing">Share</a> your files to activate these links<br><br>'; } if ($user->can_use_site == true and $user->can_see_computers == false) { echo '<a href="wiki/index.php?title=Sharing">Share</a> your files to see the computer names<br><br>'; } } } ?> <table> <tr> <td align="left"><b>File</b></td> <td align="center"><b>Computer</b></td> <td align="center"><b>Size (MB)</b></td> </tr> <?php #put the results into a table, with clickable links for each file $table_row_number = 0; while ($row = MySQL_fetch_array($res)) { #colour the table rows alternately, and grey out offline computers $online_status = $row['online'] ? 'online' : 'offline'; $even_or_odd = $table_row_number % 2 ? 'even' : 'odd'; $class = 'class = "' . $online_status . '_' . $even_or_odd . '"'; if (eregi("windows", $_SERVER['HTTP_USER_AGENT'])) { $file_link = 'file://///' . $row['ip'] . '\\' . str_replace('/', '\\', $row['path']) . '\\'; $computer_link = 'file://///' . $row['ip'] . '/'; } else { $file_link = 'smb://' . $row['ip'] . '/' . $row['path'] . '/'; $computer_link = 'smb://' . $row['ip'] . '/'; } echo "<tr {$class} >"; #link to file echo '<td>'; if ($user->can_use_site or $search_mode == 'show_my_files') { echo '<a class=' . $online_status . ' href="' . $file_link . '">' . $row['file'] . '</a>'; } else { echo $row['file']; } echo '</td>'; #link to computer echo '<td align="center">'; if ($user->can_use_site and $user->can_see_computers or $search_mode == 'show_my_files') { echo '<a class=' . $online_status . ' href="' . $computer_link . '">' . $row['name'] . '</a>'; } else { echo '?'; } echo '</td>'; #size of file echo '<td align="center">'; echo round($row['size'] / 1000000, 2); echo '</td>'; echo '</tr>'; #produce readable HTML by having a new line here echo "\r\n"; #increment row count $table_row_number++; } echo '</table>'; #show the number of files if (mysql_num_rows($res) == 0) { echo '<h3 align="center">'; echo '0 files found'; echo '</h3>'; } }
# but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU Affero General Public License for more details. # # You should have received a copy of the GNU Affero General Public License # along with Trufflepig. If not, see <http://www.gnu.org/licenses/>. ?> <?php echo '<?xml version="1.0" encoding="ISO-8859-1"?>'; ?> <?php include 'common.php'; $sql = 'SELECT author, message, time, ip FROM ' . $config[dbwall] . ' ORDER BY time DESC LIMIT 40'; $wall = MySQL_query($sql); ?> <rss version="2.0"> <channel> <?php echo "\r\n"; echo '<title>' . $config[website_name] . '</title>'; echo '<link>' . $config[web_address] . '</link>'; echo '<description>Feed for comments on the ' . $config[website_name] . ' wall</description>'; echo "\r\n"; while ($row = MySQL_fetch_array($wall)) { echo '<item>'; echo '<title>' . safe_html($row['author']) . '</title>';
private function connect() { $this->conn = mysql_connect($this->db_host, $this->db_user, $this->db_pass) or die("数据库连接错误"); MySQL_query("SET NAMES 'UTF8'"); mysql_select_db($this->db_database, $this->conn) or die("没有找到" . $this->db_database . "这个数据库"); }
<?php require 'config/config.php'; require_once CORE_DIR . '/kernel.php'; mysql_connect(DB_HOST, DB_USER, DB_PASSWORD); MySQL_query("SET NAMES 'utf8'"); mysql_select_db(DB_NAME); class tools extends kernel { var $system; var $db; function tools() { parent::kernel(); $this->system =& $GLOBALS['system']; $this->db =& $this->system->database(); } function updateGoodsIntro($newURL, $oldURL) { $table = DB_PREFIX . 'goods'; $sql = "update " . $table . " set intro=replace(intro,'" . $oldURL . "','" . $newURL . "')"; mysql_query($sql); } } $do = new tools(); if ($_POST['submit']) { $newURL = trim($_POST['newURL']); $oldURL = trim($_POST['oldURL']); $do->updateGoodsIntro($newURL, $oldURL); echo '修改成功!'; } else {
public function getConn() { //建立数据库的连接 $this->conn = MySQL_query($this->username, $this->username, $this->userpwd); return $this->conn; }
function blog_visit_fnc($blog_id, $visit_id, $cookie_val, $connect) { $n_date = date('Ymd'); //하루 동안 부여하는 쿠키가 없을 때, 즉 오늘 처음 올 때 if (!$cookie_val) { $chk = "select vnum from blog_visit_count where user_id = '{$blog_id}' And visit_date='{$n_date}'"; $cres = mysql_query($chk, $connect); $crows = mysql_fetch_array($cres); //온ㄹ ㅏ운터가 있으면 업데이트 if ($crows) { $qry2 = "update blog_visit_count set visit_count = visit_count+1\r\n\t\t\t where user_id = '{$blog_id}'And visit_date = '{$n_date}'"; $res2 = MySQL_query($qry2, $connect); } else { //데이터가 없으면 INSERT $qry2 = "insert into blog_visit_count(user_id,visit_date, visit_count)values('{$blog_id}','{$n_date}',1)"; $res2 = mysql_query($qry2, $connect); } } //새로 쿠키를 부여 SetCookie("v_id", $n_date, time() + 3600 * 24, "/"); //자신이 아닌 로그인된 사용자가 접속했을 때 if ($visit_id && $visit_id != $blog_id) { //오늘 ㅓㅂ속한 사용자가 있는지 확인 $chk = "select mnum from blog_visit_member where user_id = '{$blog_id}'And\r\n\t\tvisit_date='{$n_date}'And\r\n\t\tvisit_id = '{$visit_id}"; $cres = MySQL_query($chk, $connect); $crows = mysql_fetch_array($cres); //오늘 방문 기록이 없을 경우에만 저장 if (!$crows) { $qry2 = "insert into blog_visit_member(user_id,visit_date,visit_id)\r\n\t\t\tvalues('{$blog_id}','{$n_date}','{$visit_id}')"; $res2 = MySQL_query($qry2, $connect); } } }
//for each user get contacts $q = "select contact from " . $config->table_location . " where username='******'"; $res2 = mySQL_query($q); if (!$res2) { echo "error in SQL query, line: " . __LINE__ . "\n"; continue; } $send_na = true; unset($user_icao_cache); $user_icao_cache = array(); //for each contact get meter data and send it while ($row2 = MySQL_Fetch_Object($res2)) { $domain = $reg->get_domainname($row2->contact); //get icao for domain $q = "select icao from " . $config->table_netgeo_cache . " where domainname='{$domain}'"; $res3 = MySQL_query($q); if (!$res3) { echo "error in SQL query, line: " . __LINE__ . "\n"; continue; } $row3 = MySQL_Fetch_Object($res3); if (!$row3) { continue; } $icao = $row3->icao; // if domain isn't in cache, continue with next contact if (!$icao) { continue; } // if icao for this domain isn't in cache, continue with next contact if (in_array($icao, $user_icao_cache)) {
function change_hitcount() { global $config; if ($this->info[hit_count] != -1) { if ($this->info[total_size] <= $config[cut_off]) { if ($config[encourage] == true) { $sql = 'update ' . $config[dbhosts] . ' set hit_count = hit_count + 1 where ip like "' . $this->info[ip] . '"'; $res = MySQL_query($sql); $this->info[hit_count] = $this->info[hit_count] + 1; } } else { if ($this->info[hit_count] > round($config[max_hit] / 2, 0)) { $this->info[hit_count] = round($config[max_hit] / 2, 0); $sql = 'update ' . $config[dbhosts] . ' set hit_count = ' . $this->info[hit_count] . ' where ip like "' . $this->info[ip] . '"'; $res = MySQL_query($sql); } } } }
function zobrazdielo($subor, $nazov, $autor, $koment, $id) { echo '<table class="hra-galerydetail"><tr>'; echo '<td width="40%"><a href="diela/', $subor, '"><img src="diela/', $subor, '" style="border: 1px solid black; max-width:500px;" alt="' . htmlspecialchars($nazov) . '" /></a></td><td valign="top">'; echo '<h2>', $nazov, '</h2>'; echo '<strong>autor:</strong> ', $autor, '<br />'; echo '<strong>komentár:</strong> ', $koment; $q = MySQL_query("SELECT COUNT(*) FROM hra_galeria_hlasy WHERE reg='" . mysql_escape_string($_SESSION['logname']) . "';"); $pocet = MySQL_result($q, 0); $q = MySQL_query("SELECT COUNT(*) FROM hra_galeria_hlasy WHERE galid={$id} AND reg='" . mysql_escape_string($_SESSION['logname']) . "';"); $uzsom = MySQL_result($q, 0); if ($uzsom == 1) { echo '<br /><br />Za toto dielo si už hlasoval'; } elseif ($autor == 'zenitova_sestra' or $autor == 'Zenit') { echo ''; } elseif ($_SESSION['logged'] == 0) { echo ''; } elseif ($pocet < 2) { echo '<br /><br /><a href="hra.php?action=hlasujw&hlas=' . $id . '">hlasuj za toto dielo</a> (máš ešte ' . (2 - $pocet) . ' hlasy)'; } else { echo '<br /><br />už si hlasoval 2x'; } echo '</td></tr></table>'; }
<?php $userid = $_GET['userid']; $btype = $_GET['btype']; $dbs = MySQL_connect("192.168.234.129", "toryzen", "q1w2e3r4"); MySQL_select_db("qqnotic", $dbs); mysql_query("set names utf8"); $now = time(); if ($userid && $btype) { $sql1 = "INSERT INTO qqnotic VALUES ('NULL','{$btype}','{$userid}','',0,'{$now}',0)"; $result = MySQL_query($sql1); echo "ok"; } else { echo "erro"; } mysql_close($dbs);