function insertSaniEmp()
{
//print_r($_POST);
if (isset($_POST)) {
$empid = $_POST['empid'];
$zoneid = $_POST['zoneid'];
$jobid = '17';
$firstname = $_POST['firstname'];
$lastname = $_POST['lastname'];
$birthdate = $_POST['birthdate'];
$sex = $_POST['sex'];
$nationality = $_POST['nationality'];
$hiredate = $_POST['hiredate'];
$address = $_POST['address'];
$email = $_POST['email'];
$phone = $_POST['phone'];
$salary = $_POST['salary'];
$bonus = $_POST['bonus'];
// an array that want to insert this can be multiple array at the time.
$data = array($empid, $zoneid, $jobid, $firstname, $lastname, $birthdate, $sex, $nationality, $hiredate, $address, $email, $phone, $salary, $bonus);
// print var_dump to display an array of variable data with type that prepare for query.
//echo var_dump($data) ."<br>";
}
// define $conn from model
$conn = dbConnect();
if ($conn) {
$sql = 'INSERT INTO EMM_ZOO.EMPLOYEE (EMPID, ZONEID, JOBID, FIRSTNAME, LASTNAME, BIRTHDATE, SEX, NATIONALITY, HIREDATE, ADDRESS, EMAIL, PHONE, SALARY, BONUS) VALUES (?,?,?,?,?,?,?,?,?,?,?,?,?,?);';
//$sql2 = 'INSERT INTO EMM_ZOO.EMP_SANI (EMPID) VALUES (?);';
//echo $sql;
// prepare statement using connection and sql
$stmt = db2_prepare($conn, $sql);
// If statement is valid execute it to db2
if ($stmt) {
//echo "SQL is valid<br>";
$result = db2_execute($stmt, $data);
if ($result) {
$resultMessage = "Successfully added to sanitation employee";
//echo "Successfully added";
echo "<script>";
echo "alert('Added successfully')";
echo "</script>";
header('Location: addEmpHome.php');
exit;
} else {
$resultMessage = "Failed to query into database";
echo "<script>";
echo "alert('Failed to query into database')";
echo "</script>";
}
} else {
// If statement is error why see the code
die('Critical error:' . db2_stmt_error());
}
db2_free_stmt($stmt);
db2_close($conn);
} else {
echo db2_conn_errormsg();
}
}
function uploadBioInfo()
{
if (!isset($_SESSION['current_user_name']) && !isset($_COOKIE[$cookie_name])) {
header('Location: ../login.php');
exit;
} else {
//print_r($_POST);
if (isset($_POST)) {
$AnimalID = $_POST['AnimalID'];
$species = $_POST['species'];
$Phylum = $_POST['Phylum'];
$Class = $_POST['Class'];
$Order = $_POST['Order'];
$Family = $_POST['Family'];
$Genus = $_POST['Genus'];
$warmblooded = $_POST['warmblooded'];
$Cover = $_POST['Cover'];
$Reproduction = $_POST['Reproduction'];
$Habitat = $_POST['Habitat'];
$food = $_POST['food'];
$BodyTemp = $_POST['BodyTemp'];
$EnviTemp = $_POST['EnviTemp'];
$LifeSpan = $_POST['LifeSpan'];
// an array that want to insert this can be multiple array at the time.
$data = array($AnimalID, $species, $Phylum, $Class, $Order, $Family, $Genus, $warmblooded, $Cover, $Reproduction, $Habitat, $food, $BodyTemp, $EnviTemp, $LifeSpan);
// print var_dump to display an array of variable data with type that prepare for query.
//echo var_dump($data) ."<br>";
}
require_once '/var/www/html/app/model/connect.php';
$conn = dbConnect();
if ($conn) {
// DEFAULT if you set generated as identify with specifier this will auto increament for integer.
$sql = 'INSERT INTO EMM_ZOO.BIOINFO (SPECIESID,SPECIESNAME, PHYLUM, CLASS, ORDER, FAMILY, GENUS, WARMBLOODED, BODYCOVER, REPRODUCTION, HABITAT, COMMONFOOD, BODYTEMP, ENVITEMPRANGE, LIFESPAN) VALUES (?,?,?,?,?,?,?,?,?,?,?,?,?,?,?);';
//echo $sql;
// prepare statement using connection and sql
$stmt = db2_prepare($conn, $sql);
// If statement is valid execute it to db2
if ($stmt) {
//echo "SQL is valid<br>";
$result = db2_execute($stmt, $data);
if ($result) {
$resultMessage = "Successfully added to Biological information";
echo "Successfully added";
header('Location: BioInfo.php');
exit;
} else {
$resultMessage = "Failed to query into database";
}
} else {
// If statement is error why see the code
die('Critical error:' . db2_stmt_error());
}
db2_free_stmt($stmt);
db2_close($conn);
} else {
echo db2_conn_errormsg();
}
}
}
function prepare($sql)
{
$stmt = @db2_prepare($this->_conn, $sql);
if (!$stmt) {
throw new DB2Exception(db2_stmt_errormsg());
}
return new DB2Statement($stmt);
}
/**
* Prepare a statement handle.
*
* @param string $sql
* @return void
* @throws Zend_Db_Statement_Db2_Exception
*/
public function _prepSql($sql)
{
parent::_prepSql($sql);
$connection = $this->_adapter->getConnection();
$this->_stmt = db2_prepare($connection, $sql);
if (!$this->_stmt) {
require_once 'Zend/Db/Statement/Db2/Exception.php';
throw new Zend_Db_Statement_Db2_Exception(db2_stmt_errormsg(), db2_stmt_error());
}
}
public static function query($conn, $sql)
{
if ($conn && strlen($sql) > 0) {
$stmt = db2_prepare($conn, $sql);
if (db2_execute($stmt)) {
return $stmt;
}
}
return false;
}
/**
* Prepare a statement handle.
*
* @param string $sql
* @return void
* @throws \Zend\Db\Statement\Db2Exception
*/
public function _prepare($sql)
{
$connection = $this->_adapter->getConnection();
// db2_prepare on i5 emits errors, these need to be
// suppressed so that proper exceptions can be thrown
$this->_stmt = @db2_prepare($connection, $sql);
if (!$this->_stmt) {
throw new Db2Exception(db2_stmt_errormsg(), db2_stmt_error());
}
}
function insertBuilding()
{
if ($_POST['form_token'] != $_SESSION['form_token']) {
header('Location:index.php');
} else {
//print_r($_POST);
if (isset($_POST)) {
$emm = $_POST['BEmp'];
$zone = $_POST['BZone'];
$build = $_POST['Building'];
$floor = $_POST['floor'];
$room = $_POST['room'];
// an array that want to insert this can be multiple array at the time.
$data = array($build, $floor, $room);
// print var_dump to display an array of variable data with type that prepare for query.
//echo var_dump($data) ."<br>";
}
// define $conn from model
$conn = dbConnect();
if ($conn) {
// DEFAULT if you set generated as identify with specifier this will auto increament for integer.
$sql = 'INSERT INTO EMM_ZOO.MAINTAINBUILDING (MAINTEGERAINID, BUILDINGNAME, FLOORLEVEL, ROOM) VALUES (DEFAULT,?,?,?);';
//echo $sql;
// prepare statement using connection and sql
$stmt = db2_prepare($conn, $sql);
// If statement is valid execute it to db2
if ($stmt) {
//echo "SQL is valid<br>";
$result = db2_execute($stmt, $data);
if ($result) {
$resultMessage = "Successfully added";
//echo "Successfully added";
echo "<script>";
echo "alert('Successfully')";
echo "</script>";
header('Location: index.php');
exit;
} else {
echo "<script>";
echo "alert('Failed')";
echo "</script>";
$resultMessage = "Failed to query into database";
}
} else {
// If statement is error why see the code
die('Critical error:' . db2_stmt_error());
}
db2_free_stmt($stmt);
db2_close($conn);
} else {
echo db2_conn_errormsg();
}
}
}
/**
* (non-PHPdoc)
* @see PreparedStatement::preparePreparedStatement()
*/
public function preparePreparedStatement($msg = '')
{
if (empty($this->parsedSQL)) {
$this->DBM->registerError($msg, "Empty SQL query");
return false;
}
$GLOBALS['log']->info('QueryPrepare: ' . $this->parsedSQL);
if (!($this->stmt = db2_prepare($this->dblink, $this->parsedSQL))) {
$this->DBM->checkError($msg);
return false;
}
return $this;
}
/**
* This function initializes the class.
*
* @access public
* @override
* @param DB_Connection_Driver $connection the connection to be used
* @param string $sql the SQL statement to be queried
* @param integer $mode the execution mode to be used
* @throws Throwable_SQL_Exception indicates that the query failed
*
* @see http://www.php.net/manual/en/function.db2-prepare.php
* @see http://www.php.net/manual/en/function.db2-execute.php
* @see http://www.php.net/manual/en/function.db2-stmt-error.php
*/
public function __construct(DB_Connection_Driver $connection, $sql, $mode = NULL)
{
$resource = $connection->get_resource();
$command = @db2_prepare($resource, $sql);
if ($command === FALSE) {
throw new Throwable_SQL_Exception('Message: Failed to query SQL statement. Reason: :reason', array(':reason' => @db2_conn_errormsg($resource)));
}
if (!@db2_execute($command)) {
throw new Throwable_SQL_Exception('Message: Failed to query SQL statement. Reason: :reason', array(':reason' => @db2_stmt_errormsg($command)));
}
$this->command = $command;
$this->record = FALSE;
}
function insertUselog()
{
//print_r($_POST);
if (isset($_POST)) {
$equipid = $_POST['equipid'];
$equipname = $_POST['equipname'];
$empid = $_POST['empid'];
$zoneid = $_POST['zoneid'];
$borrowdate = $_POST['borrowdate'];
$returndate = $_POST['returndate'];
// an array that want to insert this can be multiple array at the time.
$data = array($equipid, $equipname, $empid, $zoneid);
// print var_dump to display an array of variable data with type that prepare for query.
//echo var_dump($data) ."<br>";
}
// define $conn from model
$conn = dbConnect();
if ($conn) {
$sql = 'INSERT INTO EMM_ZOO.SANI_EQUIPUSELOG (EQUIPID, EMPID, WORKZONEID, BORROWDATE, RETURNDATE) VALUES (?,?,?,?,?);';
//$sql2 = 'INSERT INTO EMM_ZOO.EMP_SANI (EMPID) VALUES (?);';
//echo $sql;
// prepare statement using connection and sql
$stmt = db2_prepare($conn, $sql);
// If statement is valid execute it to db2
if ($stmt) {
//echo "SQL is valid<br>";
$result = db2_execute($stmt, $data);
if ($result) {
$resultMessage = "Successfully added to Equipment use log";
//echo "Successfully added";
echo "<script>";
echo "alert('Added successfully')";
echo "</script>";
header('Location: addUselogHome.php');
exit;
} else {
$resultMessage = "Failed to query into database";
echo "<script>";
echo "alert('Failed to query into database')";
echo "</script>";
}
} else {
// If statement is error why see the code
die('Critical error:' . db2_stmt_error());
}
db2_free_stmt($stmt);
db2_close($conn);
} else {
echo db2_conn_errormsg();
}
}
function insertEmpAtt()
{
//print_r($_POST);
if (isset($_POST)) {
$attno = $_POST['attno'];
$dates = $_POST['dates'];
$empid = $_POST['empid'];
$workzoneid = $_POST['workzoneid'];
$dutyid = $_POST['carplate'];
$starttime = $_POST['starttime'];
$endtime = $_POST['endtime'];
// an array that want to insert this can be multiple array at the time.
$data = array($attno, $dates, $empid, $workzoneid, $dutyid, $starttime, $endtime);
// print var_dump to display an array of variable data with type that prepare for query.
//echo var_dump($data) ."<br>";
}
// define $conn from model
$conn = dbConnect();
if ($conn) {
$sql = 'INSERT INTO EMM_ZOO.SANIEMP_ATTEND (ATTENDNO, DATES, EMPID, WORKZONEID, DUTYID, STARTTIME, ENDTIME) VALUES (?,?,?,?,?,?,?);';
// prepare statement using connection and sql
$stmt = db2_prepare($conn, $sql);
// If statement is valid execute it to db2
if ($stmt) {
//echo "SQL is valid<br>";
$result = db2_execute($stmt, $data);
if ($result) {
$resultMessage = "Successfully added to sanitation car";
//echo "Successfully added";
echo "<script>";
echo "alert('Added successfully')";
echo "</script>";
header('Location: addCarHome.php');
exit;
} else {
$resultMessage = "Failed to query into database";
echo "<script>";
echo "alert('Failed to query into database')";
echo "</script>";
}
} else {
// If statement is error why see the code
die('Critical error:' . db2_stmt_error());
}
db2_free_stmt($stmt);
db2_close($conn);
} else {
echo db2_conn_errormsg();
}
}
function uploadReserve()
{
if ($_POST['form_token'] != $_SESSION['form_token']) {
header('Location:reserved.php');
} else {
//print_r($_POST);
if (isset($_POST)) {
$name = $_POST['reserved_name'];
$resered_date = $_POST['reserved_date'];
$mobile = $_POST['mobile'];
$vehi_type = $_POST['type'];
$quantity = $_POST['quantity'];
$email = $_POST['email'];
// an array that want to insert this can be multiple array at the time.
$data = array($name, $resered_date, $mobile, $vehi_type, $quantity, $email);
// print var_dump to display an array of variable data with type that prepare for query.
//echo var_dump($data) ."<br>";
}
// define $conn from model
$conn = dbConnect();
if ($conn) {
// DEFAULT if you set generated as identify with specifier this will auto increament for integer.
$sql = 'INSERT INTO EMM_ZOO.PARKRESERVETOUR (PARKRESERVENO, RESERVE_NAME, RESERVE_DATE, PHONE, VEHI_TYPE, AMOUNT, EMAIL) VALUES (DEFAULT,?,?,?,?,?,?);';
//echo $sql;
// prepare statement using connection and sql
$stmt = db2_prepare($conn, $sql);
// If statement is valid execute it to db2
if ($stmt) {
//echo "SQL is valid<br>";
$result = db2_execute($stmt, $data);
if ($result) {
$resultMessage = 1;
return $resultMessage;
header('Location: reserved.php#reserve_list');
exit;
} else {
$resultMessage = 0;
return $resultMessage;
}
} else {
// If statement is error why see the code
die('Critical error:' . db2_stmt_error());
}
db2_free_stmt($stmt);
db2_close($conn);
} else {
echo db2_conn_errormsg();
}
}
}
/**
* Prepare a statement handle.
*
* @param string $sql
* @return void
* @throws Zend_Db_Statement_Db2_Exception
*/
public function _prepare($sql)
{
$connection = $this->_adapter->getConnection();
// db2_prepare on i5 emits errors, these need to be
// suppressed so that proper exceptions can be thrown
$this->_stmt = @db2_prepare($connection, $sql);
if (!$this->_stmt) {
/**
* @see Zend_Db_Statement_Db2_Exception
*/
require_once PHP_LIBRARY_PATH . 'Zend/Db/Statement/Db2/Exception.php';
throw new Zend_Db_Statement_Db2_Exception(db2_stmt_errormsg(), db2_stmt_error());
}
}
function updateTicket()
{
// connect db=> stmt sql => insert => refresh page
if (isset($_POST)) {
$type[0] = $_POST['typeC'];
$type[1] = $_POST['typeA'];
$type[2] = $_POST['typeF'];
$num[0] = intval($_POST['TicketNumC']);
$num[1] = intval($_POST['TicketNumA']);
$num[2] = intval($_POST['TicketNumF']);
//$num = $_POST['TicketNum'];
}
// start connect db
$conn = dbConnect();
if ($conn) {
//Part one select data from tickettype
for ($i = 0; $i <= 2; $i++) {
if ($num[$i] == 0) {
continue;
}
$sql = "SELECT * FROM EMM_ZOO.TICKETGATE_TYPE WHERE TICKETGATE_TYPE = '{$type[$i]}';";
$stmt = db2_prepare($conn, $sql);
$result = db2_execute($stmt);
while ($row = db2_fetch_assoc($stmt)) {
$ticket_price = $row['TICKETGATETYPE_PRICE'];
$ticket_type = $row['TICKETGATE_TYPE'];
$ticket_id = intval($row['TICKETGATETYPE_ID']);
//printf ("%-5d %-16s %-32d\n",
// $ticket_price, $ticket_type, $ticket_id);
}
$insert = "INSERT INTO EMM_ZOO.TICKETGATE_TRANSACTION (TICKETGATE_ID, TICKETGATETYPE_ID, TICKETGATE_DATE, TICKETGATE_NUM, TICKETGATE_PRICE) VALUES (DEFAULT, {$ticket_id}, CURRENT DATE, {$num[$i]}" . "," . $ticket_price * $num[$i] . ");";
//echo $insert;
$rc = db2_exec($conn, $insert);
// ตรงนี้ error ยังไม่เสร็จ
if ($rc) {
// echo "Insert successfully!!";
echo "<script>alert('{$num[$i]} {$type[$i]} ticket has sole in price " . $ticket_price * $num[$i] . "');window.location='GateTricket.php';</script>";
} else {
// If statement is error why see the code
die('Critical error:' . db2_stmt_error($stmt));
}
// finish all query statement
db2_free_stmt($stmt);
}
db2_close($conn);
} else {
echo db2_conn_errormsg($conn);
}
}
function uploadPubMedInfo()
{
if (!isset($_SESSION['current_user_name']) && !isset($_COOKIE[$cookie_name])) {
header('Location: ../login.php');
exit;
} else {
//print_r($_POST);
if (isset($_POST)) {
$PUBMEDID = $_POST['PUBMEDID'];
$Title = $_POST['Title'];
$Year = $_POST['Year'];
$Author = $_POST['Author'];
$Journal = $_POST['Journal'];
$ResearchType = $_POST['ResearchType'];
$data = array($PUBMEDID, $Title, $Year, $Author, $Journal, $ResearchType);
// print var_dump to display an array of variable data with type that prepare for query.
//echo var_dump($data) ."<br>";
}
require_once '/var/www/html/app/model/connect.php';
$conn = dbConnect();
if ($conn) {
// DEFAULT if you set generated as identify with specifier this will auto increament for integer.
$sql = 'INSERT INTO EMM_ZOO.PUBMEDREFERENCES (PUBMEDID,TITLE,YEAR,AUTHOR,JOURNAL,RESEARCH_TYPE) VALUES (?,?,?,?,?,?);';
//echo $sql;
// prepare statement using connection and sql
$stmt = db2_prepare($conn, $sql);
// If statement is valid execute it to db2
if ($stmt) {
//echo "SQL is valid<br>";
$result = db2_execute($stmt, $data);
if ($result) {
$resultMessage = "Successfully added to Biological information";
echo "Successfully added";
header('Location: PubMedRef.php');
exit;
} else {
$resultMessage = "Failed to query into database";
}
} else {
// If statement is error why see the code
die('Critical error:' . db2_stmt_error());
}
db2_free_stmt($stmt);
db2_close($conn);
} else {
echo db2_conn_errormsg();
}
}
}
public function testCreateStatement()
{
$driver = new IbmDb2(array());
$resource = db2_connect($this->variables['database'], $this->variables['username'], $this->variables['password']);
$stmtResource = db2_prepare($resource, 'SELECT 1 FROM SYSIBM.SYSDUMMY1');
$driver->getConnection()->setResource($resource);
$stmt = $driver->createStatement('SELECT 1 FROM SYSIBM.SYSDUMMY1');
$this->assertInstanceOf('Zend\\Db\\Adapter\\Driver\\IbmDb2\\Statement', $stmt);
$stmt = $driver->createStatement($stmtResource);
$this->assertInstanceOf('Zend\\Db\\Adapter\\Driver\\IbmDb2\\Statement', $stmt);
$stmt = $driver->createStatement();
$this->assertInstanceOf('Zend\\Db\\Adapter\\Driver\\IbmDb2\\Statement', $stmt);
$this->setExpectedException('Zend\\Db\\Adapter\\Exception\\InvalidArgumentException', 'only accepts an SQL string or a ibm_db2 resource');
$driver->createStatement(new \stdClass());
}
function insertSaniEquip()
{
//print_r($_POST);
if (isset($_POST)) {
$equipid = $_POST['equipid'];
$equipname = $_POST['equipname'];
$equiptype = $_POST['equiptype'];
$status = 'Available';
// an array that want to insert this can be multiple array at the time.
$data = array($equipid, $equipname, $equiptype, $status);
// print var_dump to display an array of variable data with type that prepare for query.
//echo var_dump($data) ."<br>";
}
// define $conn from model
$conn = dbConnect();
if ($conn) {
$sql = 'INSERT INTO EMM_ZOO.SANITATION_EQUIP (EQUIPID, EQUIPNAME, EQUIPTYPE, STATUS) VALUES (?,?,?,?);';
// prepare statement using connection and sql
$stmt = db2_prepare($conn, $sql);
// If statement is valid execute it to db2
if ($stmt) {
//echo "SQL is valid<br>";
$result = db2_execute($stmt, $data);
if ($result) {
$resultMessage = "Successfully added to sanitation equipment";
//echo "Successfully added";
echo "<script>";
echo "alert('Added successfully')";
echo "</script>";
header('Location: addEquipHome.php');
exit;
} else {
$resultMessage = "Failed to query into database";
echo "<script>";
echo "alert('Failed to query into database')";
echo "</script>";
}
} else {
// If statement is error why see the code
die('Critical error:' . db2_stmt_error());
}
db2_free_stmt($stmt);
db2_close($conn);
} else {
echo db2_conn_errormsg();
}
}
function CharacterUpload()
{
if (isset($_POST)) {
$AnimalID = $_POST['AnimalID'];
$RecordID = $_POST['RecordID'];
$EmpID = $_POST['EmpID'];
$Height = $_POST['Height'];
$Weight = $_POST['Weight'];
$Length = $_POST['Length'];
$Pattern = $_POST['Pattern'];
$BodyTemperature = $_POST['BodyTemperature'];
// an array that want to insert this can be multiple array at the time.
$data = array($AnimalID, $RecordID, $EmpID, $Height, $Weight, $Length, $Pattern, $BodyTemperature);
// print var_dump to display an array of variable data with type that prepare for query.
//echo var_dump($data) ."<br>";
}
$conn = dbConnect();
if ($conn) {
// DEFAULT if you set generated as identify with specifier this will auto increament for integer.
$sql = "INSERT INTO EMM_ZOO.ANIMAL_CHARACTORISTICS (ANIMALID, RECORDID, EMPID, HEIGHT, WEIGHT, LENGTH, PATTERN, BODYTEMP) VALUES (?,?,?,?,?,?,?,?);";
echo $sql;
// prepare statement using connection and sql
$stmt = db2_prepare($conn, $sql);
// If statement is valid execute it to db2
if ($stmt) {
//echo "SQL is valid<br>";
$result = db2_execute($stmt, $data);
if ($result) {
$resultMessage = "Successfully added to Biological information";
echo "Successfully added";
header('Location: AnimalCharacter.php');
exit;
} else {
$resultMessage = "Failed to query into database";
}
} else {
// If statement is error why see the code
die('Critical error:' . db2_stmt_error());
}
db2_free_stmt($stmt);
db2_close($conn);
} else {
echo db2_conn_errormsg();
}
}
function uploadPromotion()
{
if (isset($_POST)) {
$PromoName = $_POST['PromoName'];
$PromoID = $_POST['PromoID'];
$ProStart = $_POST['ProStart'];
$ProEnd = $_POST['ProEnd'];
$ProductNO = $_POST['ProductNO'];
$PromType = $_POST['PromType'];
// an array that want to insert this can be multiple array at the time.
$data = array($PromoID, $ProStart, $ProEnd, $ProductNO, $PromType, $PromoName);
// print var_dump to display an array of variable data with type that prepare for query.
//echo var_dump($data) ."<br>";
}
// define $conn from model
$conn = dbConnect();
if ($conn) {
// DEFAULT if you set generated as identify with specifier this will auto increament for integer.
$sql = 'INSERT INTO EMM_ZOO.PROMOTION(PROMOID, PROSTART, PROEND, PRODUCTNO, PROTYPE,PROMONAME) VALUES (?,?,?,?,?,?);';
echo $sql;
// prepare statement using connection and sql
$stmt = db2_prepare($conn, $sql);
// If statement is valid execute it to db2
if ($stmt) {
//echo "SQL is valid<br>";
$result = db2_execute($stmt, $data);
if ($result) {
$resultMessage = "Successfully added to parking reserved";
//echo "Successfully added";
header("Refresh:0; url=promotion.php");
// you must refresh page after insert, define specific page you want to refresh , header("Refresh:0"); it mean refresh current page
} else {
$resultMessage = "Failed to query into database";
}
} else {
// If statement is error why see the code
die('Critical error:' . db2_stmt_error($stmt));
}
db2_free_stmt($stmt);
db2_close($conn);
} else {
echo db2_conn_errormsg($conn);
}
}
function dbQuery($query, $show_errors = true, $all_results = true, $show_output = true)
{
if ($show_errors) {
error_reporting(E_ALL);
} else {
error_reporting(E_PARSE);
}
// Connect to the IBM DB2 database management system
$link = db2_pconnect("testdb", "db2inst1", "testpass");
if (!$link) {
die(db2_conn_errormsg());
}
// Print results in HTML
print "<html><body>\n";
// Print SQL query to test sqlmap '--string' command line option
//print "<b>SQL query:</b> " . $query . "<br>\n";
// Perform SQL injection affected query
$stmt = db2_prepare($link, $query);
$result = db2_execute($stmt);
if (!$result) {
if ($show_errors) {
print "<b>SQL error:</b> " . db2_stmt_errormsg($stmt) . "<br>\n";
}
exit(1);
}
if (!$show_output) {
exit(1);
}
print "<b>SQL results:</b>\n";
print "<table border=\"1\">\n";
while ($line = db2_fetch_array($stmt)) {
print "<tr>";
foreach ($line as $col_value) {
print "<td>" . $col_value . "</td>";
}
print "</tr>\n";
if (!$all_results) {
break;
}
}
print "</table>\n";
print "</body></html>";
}
function other()
{
if (isset($_POST)) {
$type = $_POST['type'];
$empID = $_POST['empID'];
$start = $_POST['start'];
$end = $_POST['end'];
// an array that want to insert this can be multiple array at the time.
$data = array($empID, $type, $start, $end);
// print var_dump to display an array of variable data with type that prepare for query.
//echo var_dump($data) ."<br>";
}
// define $conn from model
$conn = dbConnect();
if ($conn) {
// DEFAULT if you set generated as identify with specifier this will auto increament for integer.
$sql = 'INSERT INTO EMM_ZOO.VEHICLE_BORROW(BORROWVEHICLEID,VEHICLE_TYPE,STARTDATE,ENDDATE) VALUES (?,?,?,?);';
// prepare statement using connection and sql
$stmt = db2_prepare($conn, $sql);
// If statement is valid execute it to db2
if ($stmt) {
//echo "SQL is valid<br>";
$result = db2_execute($stmt, $data);
if ($result) {
$resultMessage = "Successfully added to parking reserved";
//echo "Successfully added";
header("Refresh:0; url=tey.php");
// you must refresh page after insert, define specific page you want to refresh , header("Refresh:0"); it mean refresh current page
} else {
$resultMessage = "Failed to query into database";
}
} else {
// If statement is error why see the code
die('Critical error:' . db2_stmt_error($stmt));
}
db2_free_stmt($stmt);
db2_close($conn);
} else {
echo db2_conn_errormsg($conn);
}
}
function addempani()
{
echo "addempani() called";
if (isset($_POST)) {
$empid = $_POST['empid'];
$aniid = $_POST['aniid'];
$start = $_POST['std'];
$end = $_POST['end'];
// an array that want to insert this can be multiple array at the time.
$data = array($empid, $aniid, $start, $end);
// print var_dump to display an array of variable data with type that prepare for query.
//echo var_dump($data) ."<br>";
}
// define $conn from model
$conn = dbConnect();
if ($conn) {
// DEFAULT if you set generated as identify with specifier this will auto increament for integer.
$sql = 'INSERT INTO EMM_ZOO.EMPFORANIMAL (EMPID, ANIMALID, EMPCARESTART, EMPCAREEND) VALUES (?,?,?,?);';
// prepare statement using connection and sql
$stmt = db2_prepare($conn, $sql);
// If statement is valid execute it to db2
if ($stmt) {
//echo "SQL is valid<br>";
$result = db2_execute($stmt, $data);
if ($result) {
$resultMessage = "Successfully added employee responsibility";
// header("Refresh:0; url=index.php"); // you must refresh page after insert, define specific page you want to refresh , header("Refresh:0"); it mean refresh current page
} else {
$resultMessage = "Failed to query into database";
}
} else {
// If statement is error why see the code
die('Critical error:' . db2_stmt_error($stmt));
}
db2_free_stmt($stmt);
// db2_close($conn);
} else {
echo db2_conn_errormsg($conn);
}
}
function addRound()
{
if (isset($_POST)) {
$showID = $_POST['showID'];
$roundID = $_POST['roundID'];
$starttime = $_POST['starttime'];
$endtime = $_POST['endtime'];
$showdate = $_POST['showdate'];
}
$conn = dbConnect();
if ($conn) {
$insert = "INSERT INTO EMM_ZOO.SHOW_TIMETABLE(SHOWID, ROUNDID, STARTTIME, ENDTIME, DATES) values({$showID}, {$roundID}, '{$starttime}', '{$endtime}', '{$showdate}');";
//$insert = "INSERT INTO EMM_ZOO.SHOW_TIMETABLE(SHOWID, ROUNDID, STARTTIME, ENDTIME, DATES) values(1, 3, '16:00:00', '16:30:00', '11/12/2015');";
$rc = db2_exec($conn, $insert);
if ($rc) {
echo "Insert Successful";
} else {
die('Critical error: ' . db2_stmt_error($rc));
}
$sql = "SELECT * from EMM_ZOO.SHOW WHERE SHOWID = {$showID};";
$stmt = db2_prepare($conn, $sql);
$result = db2_execute($stmt);
while ($row = db2_fetch_assoc($stmt)) {
$zone = $row['BUILDINGID'];
$name = $row['SHOWNAME'];
}
$insert = "INSERT INTO EMM_ZOO.SHOW_TICKET(SHOWID, STARTTIME, ENDTIME, DATES, SHOWNAME, ZONEID) values({$showID}, '{$starttime}', '{$endtime}', '{$showdate}', '{$name}', {$zone});";
$rc = db2_exec($conn, $insert);
if ($rc) {
echo "Insert Successful";
} else {
die('Critical error: ' . db2_stmt_error($rc));
}
db2_free_stmt($stmt);
db2_close($conn);
} else {
echo db2_conn_errormsg($conn);
}
}
function addemp()
{
if (isset($_POST)) {
$id = $_POST['id'];
$fn = $_POST['fn'];
$ln = $_POST['ln'];
$add = $_POST['add'];
$bdate = $_POST['bdate'];
$sex = $_POST['sex'];
$nat = $_POST['nat'];
$email = $_POST['email'];
$phone = $_POST['phone'];
$hdate = $_POST['hdate'];
$salary = $_POST['salary'];
$bonus = $_POST['bonus'];
$jobid = $_POST['jobid'];
$data = array($id, $jobid, $fn, $ln, $bdate, $sex, $nat, $hdate, $add, $email, $phone, $salary, $bonus);
}
$conn = dbConnect();
if ($conn) {
$sql = 'INSERT INTO EMM_ZOO.EMPLOYEE(EMPID, JOBID, FIRSTNAME, LASTNAME, BIRTHDATE, SEX, NATIONALITY, HIREDATE, ADDRESS, EMAIL, PHONE, SALARY, BONUS) VALUES (?,?,?,?,?,?,?,?,?,?,?,?,?);';
$stmt = db2_prepare($conn, $sql);
if ($stmt) {
$result = db2_execute($stmt, $data);
if ($result) {
$resultMessage = "Successful responsibility";
} else {
$resultMessage = "Failed to query into database";
}
} else {
die('Critical error:' . db2_stmt_error($stmt));
}
db2_free_stmt($stmt);
db2_close($conn);
} else {
echo db2_conn_errormsg($conn);
}
}
function updateTicket()
{
// connect db=> stmt sql => insert => refresh page
if (isset($_POST)) {
$type = $_POST['type'];
}
// start connect db
$conn = dbConnect();
if ($conn) {
//Part one select data from tickettype
$sql = "SELECT * FROM EMM_ZOO.TICKETTRANS_TYPE WHERE TRANSTYPE_NAME = '{$type}';";
//echo $sql;
$stmt = db2_prepare($conn, $sql);
$result = db2_execute($stmt);
while ($row = db2_fetch_assoc($stmt)) {
$tran_price = $row['TRANSTYPE_PRICE'];
$tran_type = $row['TRANSTYPE_NAME'];
$tran_id = $row['TRANSTYPE_ID'];
// printf ("%-5d %-16s %-32d\n",
// $tran_price, $tran_type, $tran_id);
}
$insert = " INSERT INTO EMM_ZOO.TICKETTRANS_TRANSACTION (TICKETTRANS_ID, VEHICLETRANS_ID, TICKETTRANS_DATE , TICKETTRANS_TIMEIN ,TICKETTRANS_TIMEOUT) VALUES (DEFAULT, '{$tran_id}',CURRENT DATE , NULL, CURRENT TIME);";
$rc = db2_exec($conn, $insert);
if ($rc) {
echo "<script>alert('1 {$tran_type} has rent');window.location='TranspotationTricket.php';</script>";
} else {
// If statement is error why see the code
die('Critical error:' . db2_stmt_error($stmt));
}
// finish all query statement
db2_free_stmt($stmt);
db2_close($conn);
} else {
echo db2_conn_errormsg($conn);
}
}
$sql2 = "SELECT ITEM_ID, BIDDER_EMAIL FROM " . $computerName . ".BIDHISTORY WHERE ITEM_ID = {$itemID} AND BIDDER_EMAIL = '{$userName}'";
$stmt2 = db2_prepare($conn, $sql2);
$result2 = db2_execute($stmt2);
if (!$result2) {
echo "exec errormsg: " . db2_stmt_errormsg($stmt2);
die("Failed Query");
}
$bid = db2_fetch_array($stmt2);
if (!$bid) {
continue;
// NOT BIDDING ITEM
}
// I BID
// CHECK IF ENDED
$sql2 = "SELECT HIGHEST_BID_AMOUNT, END_DATE, END_TIME, HIGHEST_BIDDER FROM " . $computerName . ".BIDS WHERE ITEM_ID = {$itemID} and CURRENT DATE >= END_DATE";
$stmt2 = db2_prepare($conn, $sql2);
$result2 = db2_execute($stmt2);
if (!$result2) {
echo "exec errormsg: " . db2_stmt_errormsg($stmt2);
die("Failed Query");
}
$bid = db2_fetch_array($stmt2);
if (!$bid) {
continue;
}
$endTime = $bid[1] . ' ' . $bid[2];
$curTime = date("Y-m-d H:i:s");
if (strcmp($endTime, $curTime) > 0) {
continue;
}
$endTime = $bid[1] . ' ' . $bid[2];
function addShow()
{
if (isset($_POST)) {
$showName = $_POST['showName'];
$animalID = $_POST['animalID'];
$staffID = $_POST['staffID'];
$buildingID = $_POST['buildingID'];
$seat = $_POST['seat'];
$price = $_POST['price'];
}
$conn = dbConnect();
if ($conn) {
$sql = "SELECT EMPID FROM EMM_ZOO.EMPLOYEE WHERE EMPID = " . $staffID;
$stmt = db2_prepare($conn, $sql);
$result = db2_execute($stmt);
$count = 0;
while ($row = db2_fetch_assoc($stmt)) {
$count++;
}
if ($count <= 0) {
echo "Wrong Staff ID.";
} else {
// Query
db2_free_stmt($stmt);
$sql = "SELECT ANIMALID FROM EMM_ZOO.ANIMAL WHERE ANIMALID = " . $animalID;
$stmt = db2_prepare($conn, $sql);
$result = db2_execute($stmt);
$count = 0;
while ($row = db2_fetch_assoc($stmt)) {
$count++;
}
if ($count <= 0) {
echo "Wrong Animal ID.";
} else {
$insert = "INSERT INTO EMM_ZOO.SHOW(SHOWID, SHOWNAME, BUILDINGID, SEAT_AMOUNT, PRICE) values(DEFAULT, '{$showName}', {$buildingID}, {$seat}, {$price});";
$rc = db2_exec($conn, $insert);
if ($rc) {
db2_free_stmt($stmt);
$sql = "SELECT SHOWID from EMM_ZOO.SHOW;";
$stmt = db2_prepare($conn, $sql);
$result = db2_execute($stmt);
while ($row = db2_fetch_assoc($stmt)) {
$show_showID = $row['SHOWID'];
}
$insert = "INSERT INTO EMM_ZOO.SHOW_ANIMAL (SHOWID, ANIMALID) VALUES ({$show_showID}, {$animalID});";
$rc = db2_exec($conn, $insert);
if ($rc) {
echo "Insert Successful";
} else {
die('Critical error: ' . db2_stmt_error($stmt));
}
$insert = "INSERT INTO EMM_ZOO.SHOW_STAFF (SHOWID, EMPID) VALUES ({$show_showID}, {$staffID});";
$rc = db2_exec($conn, $insert);
if ($rc) {
echo "Insert Successful";
} else {
die('Critical error: ' . db2_stmt_error($stmt));
}
/*
$insert = "INSERT INTO EMM_ZOO.SHOW_TICKET (SHOWID, SHOWNAME, BUILDINGID) VALUES ($show_showID, '$showName', $buildingID);";
$rc=db2_exec($conn, $insert);
if($rc) {
echo "Insert Successful";
}
else {
die('Critical error: '. db2_stmt_error($stmt));
}*/
} else {
}
}
}
db2_free_stmt($stmt);
db2_close($conn);
} else {
echo db2_conn_errormsg($conn);
}
}
<tr><td>Transaction ID</td><td>Vehicle Name</td><td>Transaction Date</td><td>Transaction Time Out</td><td>Transaction Time In</td><td>Price</td><td>Delete</td></tr>
<?php
$conn = dbConnect();
if ($conn) {
//echo "connection status : ".$conn;
//Part one select data from tickettype
$sql = "SELECT * FROM EMM_ZOO.TICKETTRANS_TRANSACTION WHERE TICKETTRANS_TIMEIN IS NOT NULL ORDER BY TICKETTRANS_DATE,TICKETTRANS_TIMEOUT ;";
$stmt = db2_exec($conn, $sql);
//echo $stmt;
if ($stmt) {
while ($row = db2_fetch_assoc($stmt)) {
echo "<tr><td>" . $row['TICKETTRANS_ID'] . "</td>";
$typeId = $row['VEHICLETRANS_ID'];
$sq = "SELECT * FROM EMM_ZOO.TICKETTRANS_TYPE WHERE TRANSTYPE_ID = '{$typeId}';";
//echo $sq;
$stm = db2_prepare($conn, $sq);
$result = db2_execute($stm);
$tran_type;
$tran_price;
while ($ro = db2_fetch_assoc($stm)) {
$tran_price = $ro['TRANSTYPE_PRICE'];
$tran_type = $ro['TRANSTYPE_NAME'];
// printf ("%-5d %-16s %-32d\n",
// $tran_price, $tran_type, $tran_id);
}
echo "<td>" . $tran_type . "</td>";
echo "<td>" . $row['TICKETTRANS_DATE'] . "</td>";
echo "<td>" . $row['TICKETTRANS_TIMEOUT'] . "</td>";
echo "<td>" . $row['TICKETTRANS_TIMEIN'] . "</td>";
$hourOut = (int) substr($row['TICKETTRANS_TIMEOUT'], 0, 2);
$hourIn = (int) substr($row['TICKETTRANS_TIMEIN'], 0, 2);
function _query($sql, $inputarr = false)
{
global $php_errormsg;
if (isset($php_errormsg)) {
$php_errormsg = '';
}
$this->_error = '';
if ($inputarr) {
if (is_array($sql)) {
$stmtid = $sql[1];
} else {
$stmtid = db2_prepare($this->_connectionID, $sql);
if ($stmtid == false) {
$this->_errorMsg = isset($php_errormsg) ? $php_errormsg : '';
return false;
}
}
if (!db2_execute($stmtid, $inputarr)) {
if ($this->_haserrorfunctions) {
$this->_errorMsg = db2_stmt_errormsg();
$this->_errorCode = db2_stmt_error();
}
return false;
}
} else {
if (is_array($sql)) {
$stmtid = $sql[1];
if (!db2_execute($stmtid)) {
if ($this->_haserrorfunctions) {
$this->_errorMsg = db2_stmt_errormsg();
$this->_errorCode = db2_stmt_error();
}
return false;
}
} else {
$stmtid = @db2_exec($this->_connectionID, $sql);
}
}
$this->_lastAffectedRows = 0;
if ($stmtid) {
if (@db2_num_fields($stmtid) == 0) {
$this->_lastAffectedRows = db2_num_rows($stmtid);
$stmtid = true;
} else {
$this->_lastAffectedRows = 0;
}
if ($this->_haserrorfunctions) {
$this->_errorMsg = '';
$this->_errorCode = 0;
} else {
$this->_errorMsg = isset($php_errormsg) ? $php_errormsg : '';
}
} else {
if ($this->_haserrorfunctions) {
$this->_errorMsg = db2_stmt_errormsg();
$this->_errorCode = db2_stmt_error();
} else {
$this->_errorMsg = isset($php_errormsg) ? $php_errormsg : '';
}
}
return $stmtid;
}
function DBexecute($query, $skip_error_messages = 0)
{
global $DB;
if (!isset($DB['DB']) || empty($DB['DB'])) {
return false;
}
$result = false;
$time_start = microtime(true);
$DB['EXECUTE_COUNT']++;
switch ($DB['TYPE']) {
case ZBX_DB_MYSQL:
if (!($result = mysqli_query($DB['DB'], $query))) {
error('Error in query [' . $query . '] [' . mysqli_error($DB['DB']) . ']');
}
break;
case ZBX_DB_POSTGRESQL:
if (!($result = (bool) pg_query($DB['DB'], $query))) {
error('Error in query [' . $query . '] [' . pg_last_error() . ']');
}
break;
case ZBX_DB_ORACLE:
if (!($result = oci_parse($DB['DB'], $query))) {
$e = @oci_error();
error('SQL error [' . $e['message'] . '] in [' . $e['sqltext'] . ']');
} elseif (!@oci_execute($result, $DB['TRANSACTIONS'] ? OCI_DEFAULT : OCI_COMMIT_ON_SUCCESS)) {
$e = oci_error($result);
error('SQL error [' . $e['message'] . '] in [' . $e['sqltext'] . ']');
} else {
$result = true;
// function must return boolean
}
break;
case ZBX_DB_DB2:
if (!($result = db2_prepare($DB['DB'], $query))) {
$e = @db2_stmt_errormsg($result);
error('SQL error [' . $query . '] in [' . $e . ']');
} elseif (true !== @db2_execute($result)) {
$e = @db2_stmt_errormsg($result);
error('SQL error [' . $query . '] in [' . $e . ']');
} else {
$result = true;
// function must return boolean
}
break;
case ZBX_DB_SQLITE3:
if ($DB['TRANSACTIONS'] == 0) {
lock_sqlite3_access();
}
if (!($result = $DB['DB']->exec($query))) {
error('Error in query [' . $query . '] Error code [' . $DB['DB']->lastErrorCode() . '] Message [' . $DB['DB']->lastErrorMsg() . ']');
}
if ($DB['TRANSACTIONS'] == 0) {
unlock_sqlite3_access();
}
break;
}
if ($DB['TRANSACTIONS'] != 0 && !$result) {
$DB['TRANSACTION_NO_FAILED_SQLS'] = false;
}
CProfiler::getInstance()->profileSql(microtime(true) - $time_start, $query);
return (bool) $result;
}
