function editPage($id) { include_once 'login.php'; include_once 'database_conn.php'; include_once 'showEventFunction.php'; $pageHeader = "Event Edit Page"; $sql = "SELECT * FROM te_events WHERE eventID = {$id}"; $rslt = mysqli_query($conn, $sql) or die(mysqli_error($conn)); // error message return if return empty result $row = mysqli_fetch_row($rslt); $venues = getFromDb($conn, "SELECT * FROM te_venue"); $categories = getFromDb($conn, "SELECT * FROM te_category"); $output = "<h1>{$pageHeader}</h1>"; $i = 1; $output .= "<form id=\"editForm\" action=\"handleEditPage.php\" method=\"post\">"; $output .= "<table border=0 >"; $output .= createRowData("Title", createTextField("title", $row[$i++])); $output .= createRowData("Description", createTextArea("desc", $row[$i++], 5, 40)); $output .= createRowData("Venue Name", createCombobox("venue", $row[$i++], $venues)); $output .= createRowData("Category", createCombobox("category", $row[$i++], $categories)); $output .= createRowData("Start Time", createDate("startTime", $row[$i++])); $output .= createRowData("End Time", createDate("endTime", $row[$i++])); $output .= createRowData("Price", createTextField("price", $row[$i++])); $output .= "<tr><td><input type=\"submit\" name=\"submit\" value=\"Submit\"></td></tr>"; $output .= "<input type=\"hidden\" name=\"e_id\" value=\"{$id}\">"; $output .= "</table></form>"; mysqli_free_result($rslt); mysqli_close($conn); return $output; }
function insertZones($array) { for ($i = 0; $i < count($array); ++$i) { $zoneID = $array[$i]["id"]; $sql = "SELECT * FROM zones WHERE id=? LIMIT 1"; $params = [$zoneID]; $res = getFromDb($sql, $params); if (count($res) == 0) { $id = $zoneID; $name = $array[$i]["name"]; $region = $array[$i]["region"]["id"]; $totalTakeovers = $array[$i]["totalTakeovers"]; $takeoverPoints = $array[$i]["takeoverPoints"]; $pointsPerHour = $array[$i]["pointsPerHour"]; $dateCreated = $array[$i]["dateCreated"]; $longitude = $array[$i]["longitude"]; $latitude = $array[$i]["latitude"]; $params = [$id, $name, $region, $totalTakeovers, $takeoverPoints, $pointsPerHour, $dateCreated, $longitude, $latitude]; $db = connectToDb(DATABASE); $query = "INSERT INTO zones VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?);"; $stmt = $db->prepare($query); $stmt->execute($params); } } }
function getDbLength() { $sql = "SELECT COUNT(*) FROM zones"; $params = []; $res = getFromDb($sql, $params); $res = $res[0]["COUNT(*)"]; echo $res; }
function handleSearchPage() { include_once 'login.php'; include_once 'database_conn.php'; include_once 'showEventFunction.php'; $pageHeader = "Result"; $output = "<h1>{$pageHeader}</h1>"; $backURL = "<br/><a href = \"searchPage.php\">Back</a>\n\t<br/><a href = \"index.php\">Back to Home</a>\n\t"; $event = array(); foreach ($_POST as $field => $value) { //echo "$field => $value <br/>"; if (strcmp($field, "submit") === 0) { continue; } $event[$field] = $value; // sanitizeData($value); } $event = array_filter($event); //if any field is not filled, stop user //then ask user to enter something if (empty($event)) { $output .= "Please describe something to search."; return $output . $backURL; } $sql = generateSQL($event); $datas = array(); $datas['venues'] = getFromDb($conn, "SELECT * FROM te_venue"); $datas['categories'] = getFromDb($conn, "SELECT * FROM te_category"); $datas['events'] = getFromDb($conn, $sql); $datas['events'] = array_filter($datas['events']); // if there is record, show in table if (!empty($datas['events'])) { $output .= showTable($datas, false); return $output . $backURL; } else { //if there is no result, result not found $output .= "No record found."; return $output . $backURL; } }
function searchPage() { include_once 'login.php'; include_once 'database_conn.php'; include_once 'showEventFunction.php'; $pageHeader = "Search Page"; $backURL = "<br/><a href = \"index.php\">Back to Home</a>"; $venues = getFromDb($conn, "SELECT * FROM te_venue"); $categories = getFromDb($conn, "SELECT * FROM te_category"); $output = "<h1>{$pageHeader}</h1>"; $output .= "<form id=\"searchForm\" action=\"handleSearchPage.php\" method=\"post\">"; $output .= "<table border=0 >"; $output .= createRowData("Title", createTextField("title", "")); $output .= createRowData("Venue Name", createCombobox("venue", "", $venues)); $output .= createRowData("Category", createCombobox("category", "", $categories)); $output .= createRowData("Start Time", createDate("startTime", "")); $output .= createRowData("End Time", createDate("endTime", "")); $output .= createRowData("Price", createTextField("price", "")); $output .= "<tr><td><input type=\"submit\" name=\"submit\" value=\"Search\"></td></tr>"; $output .= "</table></form>"; return $output . $backURL; }
function insertRegions($array) { for ($i = 0; $i < count($array); ++$i) { $regionID = $array[$i]["id"]; $sql = "SELECT * FROM regions WHERE regionID=? LIMIT 1"; $params = [$regionID]; $res = getFromDb($sql, $params); if (count($res) == 0) { $regionName = $array[$i]["name"]; if (array_key_exists("country", $array[$i])) { $country = $array[$i]["country"]; } else { $country = null; } $params = [$regionID, $regionName, $country]; $db = connectToDb(DATABASE); $query = "INSERT INTO regions VALUES (?, ?, ?)"; $stmt = $db->prepare($query); $stmt->execute($params); } } }
<?php include 'utils.php'; $north = $_POST["north"]; // lat $south = $_POST["south"]; // lat $east = $_POST["east"]; // long $west = $_POST["west"]; // long $name = $_POST["name"]; $exclude = $_POST["exclude"]; $excludeArray = json_decode($exclude, true); $sql = "SELECT * FROM zones WHERE latitude > ? AND latitude < ? AND longitude > ? AND longitude < ? AND name NOT IN ( '" . implode($excludeArray, "', '") . "' )"; $params = [$south, $north, $west, $east]; echo json_encode(getFromDb($sql, $params));
$session_timeout = param_extract("session_timeout"); if ($session_timeout == "0") { $session_timeout = "604800"; } // cookie never expires (in fact it does after one week) setcookie("bookings_user_id", $_COOKIE["bookings_user_id"], time() + $session_timeout); if (isset($_COOKIE["bookings_profile_id"])) { setcookie("bookings_profile_id", $_COOKIE["bookings_profile_id"], time() + $session_timeout); } if (isset($_COOKIE["bookings_language"])) { setcookie("bookings_language", $_COOKIE["bookings_language"], time() + $session_timeout); } if (isset($_COOKIE["bookings_date_format"])) { setcookie("bookings_date_format", $date_format, time() + $session_timeout); } $time_offset = getFromDb("rs_data_users", "user_id", $_COOKIE["bookings_user_id"], "user_timezone") - param_extract("server_timezone"); } else { $time_offset = param_extract("default_user_timezone") - param_extract("server_timezone"); } function includeCommonScripts() { $common_scripts = "function \$(id) { return document.getElementById(id); }\n"; echo $common_scripts; } function dateRange($start_date, $end_date) { global $date_format; if (date("Y-m-d", strtotime($start_date)) == date("Y-m-d", strtotime($end_date))) { // current booking starts and ends in the same day return date("H:i", strtotime($start_date)) . " - " . date("H:i", strtotime($end_date)); } else {
<?php include 'utils.php'; $term = trim(strip_tags($_GET['term'])); $term = $term . "%"; $sql = "SELECT name FROM zones WHERE name LIKE ? ORDER BY name LIMIT 15"; $params = [$term]; $res = getFromDb($sql, $params); $suggestions = array(); for ($i = 0; $i < count($res); ++$i) { array_push($suggestions, $res[$i]["name"]); } echo json_encode($suggestions);
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>Event List</title> <link rel="stylesheet" type="text/css" href="bookEvent.css"/> </head> <body> <?php include_once 'login.php'; include_once 'showEventFunction.php'; include 'database_conn.php'; $pageHeader = "Event List"; $output = "<h1>{$pageHeader}</h1>"; $backURL = "<br/><a href = \"index.php\">Back to Home</a>"; echo $output . $backURL; $datas = array(); $datas['venues'] = getFromDb($conn, "SELECT * FROM te_venue"); $datas['categories'] = getFromDb($conn, "SELECT * FROM te_category"); $datas['events'] = getFromDb($conn, "SELECT * FROM te_events ORDER BY eventTitle ASC"); $formEdible = false; if (isset($_SESSION['logged-in'])) { $formEdible = true; } else { $formEdible = false; } echo showTable($datas, $formEdible); mysqli_close($conn); ?> </body> </html>
$mysqli = new mysqli($mysqlConfig['host'], $mysqlConfig['username'], $mysqlConfig['password'], $mysqlConfig['schema']); $mysqli->set_charset('utf8'); $stmt = $mysqli->prepare("SELECT `dataBlob` FROM `schematics` WHERE id=?"); $stmt->bind_param('i', $id); $stmt->execute(); $stmt->bind_result($dataBlob); if (!$stmt->fetch()) { echo json_encode(array("error" => true, "errorDescription" => "No record found with ID {$id}")); exit; } $stmt->close(); $dataBlob = gzdecode_prePhp6($dataBlob); //decompressing in javascript is much slower and because we are using HTTP compression, there is no substantial difference in size. $dataBlob = base64_encode($dataBlob); return $dataBlob; } function getFromLiveSite($id) { return file_get_contents('http://mordritch.com/mc_rss/php/openBinaryById.php?id=' . $id); } $runningOnLive = !(strpos($_SERVER['HTTP_HOST'], 'mordritch.com') === false); if (!$runningOnLive && $recordId >= 1000) { $dataBlob = getFromLiveSite($recordId); } else { $dataBlob = getFromDb($recordId, $mysqlConfig); } ob_start("ob_gzhandler"); //Enables GZIP compression. header('Content-Type: text/html; charset=UTF-8'); echo $dataBlob; //In the database it's stored as a GZIP encoded file.