function view() { // TODO: Protect against SQL injections some day $course_id = $this->params[0]; $this->course = get_first("SELECT * FROM course WHERE course_id = '{$course_id}'"); $this->lessons = get_all("SELECT * FROM lesson WHERE course_id = '{$course_id}'"); }
public function testAddDeleteDVD() { $many_all = get_all("dvd"); $this->assertTrue(sizeof($many_all) > 0, "should be at least one dvd in the db"); $it = get_dvd_by_title($this->the_title); $this->assertEqual($it['title'], $this->the_title); }
public function is_visible_for(\System\User $user) { $is_visible = false; if ($this->visibility == \Impro\Status\Visibility::ID_PUBLIC) { $is_visible = true; } else { if ($this->visibility == \Impro\Status\Visibility::ID_TEAMS) { foreach (self::$attrs_team as $attr) { if ($this->{$attr}) { $member = get_all('Impro\\Team\\Member')->where(array("user" => $user->id, "team" => $this->team_home->id))->fetch_first(); if ($member) { $is_visible = true; break; } } } } else { if ($this->visibility == \Impro\Status\Visibility::ID_COMMUNITY) { $groups = $user->groups->where(array('id' => self::$groups_community))->count(); if ($groups) { $is_visible = true; } } else { $is_visible = $this->author->id == $user->id; } } } return $is_visible; }
function view() { $post_id = $this->params[0]; $this->post = get_first("SELECT * FROM post NATURAL JOIN user WHERE post_id='{$post_id}'"); $this->tags = get_all("SELECT * FROM post_tags NATURAL JOIN tag WHERE post_id='{$post_id}'"); $this->comments = get_all("SELECT * FROM comment WHERE post_id ='{$post_id}'"); }
function edit() { $broneering_id = $this->params[0]; $this->broneering = get_first("SELECT * FROM broneering WHERE broneering_id = '{$broneering_id}'"); $this->dates = get_all("SELECT * FROM kuupaev"); $this->times = get_all("SELECT * FROM kellaeg"); }
public function getUsers(array $params) { $sql = "SELECT * FROM users WHERE deleted=0"; if (isset($params['order']) && isset($params['field'])) { $sql .= " ORDER BY {$params['field']} {$params['order']}"; } return get_all($sql); }
public function spells_end($config, $player) { $events = get_all("select * from arena_events where e_type = 1 and e_usr_id = " . $player->usr_id . " and e_done = 0 and e_end <= unix_timestamp()"); if (is_array($events)) { foreach ($events as $event) { $this->spell_dispel($config, $player, $event->e_subtype); } reload($config, 'spells', ''); } }
function print_form($db, $smarty, $print_ad = 0) { if ($print_ad) { $print_ad = get_ad($db, $print_ad); } $add = get_all($db); $smarty->assign('add', $add); $smarty->assign('print_ad', $print_ad); $smarty->assign('city', get_city($db)); $smarty->assign('category', get_category($db)); $smarty->display('form.tpl'); }
public function town_main($config, $player) { $town = (int) $town; $events = get_all("select * from events where e_t_id = " . $player->actual_town . " and e_done = 0 and e_end <= unix_timestamp()"); require_once 'functions/EventsMgr.php'; $eventMgr = new EventsMgr(); if (is_array($events)) { foreach ($events as $event) { $this->build_end($event->e_t_id, $event->e_type, $event->e_subtype, $event->e_count, $event->e_start, $event->e_end); $eventMgr->event_end($config, $event->e_id, $event->e_t_id); } } }
/** * Xóa bản ghi có khóa chính là $id */ function categories_delete($id) { $id = intval($id); //xóa sản phẩm require_once 'backend/models/products.php'; $options = array('select' => 'id', 'where' => 'category_id=' . $id); $products = get_all('products', $options); foreach ($products as $product) { products_delete($product['id']); } //xóa danh mục $sql = "DELETE FROM categories WHERE id={$id}"; mysql_query($sql) or die(mysql_error()); }
function print_form($db, $smarty, $print_ad = 0) { // функция вывода формы $add_query = get_ad($db, $print_ad); $row = mysqli_fetch_assoc($add_query); $smarty->assign('print_ad', $row); $add = array(); $add_query = get_all($db); while ($row = mysqli_fetch_assoc($add_query)) { $add[$row['id']] = $row; } $smarty->assign('add', $add); $smarty->assign('cities', get_cities($db)); $smarty->assign('category', get_category($db)); $smarty->display('dz9-form.tpl'); }
function public_menu() { //funkcija koja sluzi za generisanje menija koji ce se prikazivati javnim korisnicima $result = get_all('categories'); $output = '<ul class="nav navbar-nav">'; while ($category = mysqli_fetch_assoc($result)) { $all_news = get_news($category['id']); if (mysqli_num_rows($all_news) > 0 && $category['visible'] == 1) { //ako je kategorija vidljiva i ima vidljivih vijesti $output .= '<li class="dropdown">'; $output .= '<a href="#" class="dropdown-toggle" data-toggle="dropdown" role="button" aria-haspopup="true" aria-expanded="false">' . $category['title'] . '<span class="caret"></span></a>'; $output .= '<ul class="dropdown-menu">'; while ($news = mysqli_fetch_assoc($all_news)) { $output .= '<li><a href="index.php?id=' . $news['id'] . '">' . $news['title'] . '</a></li>'; } $output .= '</ul>'; $output .= '</li>'; } } $output .= '</ul>'; return $output; }
foreach ($dvds as $dvd) { echo "<tr>\n"; echo "<td><a href='view_dvd.php?part_title={$dvd[0]}'>{$dvd[0]}</a></td>"; for ($i = 1; $i < sizeof($dvd); $i++) { echo "<td>{$dvd[$i]}</td>"; } echo "</tr>\n"; } echo "</table><hr />\n"; } } else { echo "<h2>No matches were found for {$genre_found}</h2><br /><hr />"; } } catch (DbException $dbe) { echo "<h3 class='error'>An error ocurred while feching the dvds for {$genre_found}: {$dbe->getMessage()}</h3>"; } } try { $genres = get_all("genre"); echo "<h2>Genres in the catalogue</h2>"; if (sizeof($genres) > 0) { echo "<ul>\n"; foreach ($genres as $genre) { echo "<li><a href='genres?genre={$genre[0]}'>{$genre[0]}</a></li>\n"; } echo "</ul>\n"; } } catch (DbException $dbe) { echo "<h3 class='error'>An error ocurred while feching the list of genres: {$dbe->getMessage()}</h3>"; } include "../dvd-lib-common/foot.html";
function index() { $this->users = get_all("SELECT * FROM user"); }
<?php session_start(); require_once "config.php"; $smarty = new Smarty(); $smarty->compile_check = true; require_once "dvd-db.php"; require_once "dvd-util.php"; try { $all_dvds = get_all("dvd"); $dvd_list = array(); foreach ($all_dvds as $dvd) { array_push($dvd_list, $dvd['title']); } $smarty->assign("dvd_list", $dvd_list); $smarty->assign("heading", "All DVDs in the Library"); } catch (DbException $dbe) { display_error_page($smarty, "An error ocurred while feching the list of DVDs: {$dbe->getMessage()}"); } $smarty->display("list_dvds.tpl");
<?php $active = "labor"; $lang = get_lang(); if (isset($_POST['submit'])) { $labor_name = $_POST['laborname']; $labor = array('labor_name' => $labor_name); save('labor', $labor); } if (isset($_GET['del'])) { delete('labor', 'labor_id', $_GET['del']); delete('labor_content', 'labor_id', $_GET['del']); } $labor = get_all('labor'); require 'view/labor/add_labor_name.php';
//title website ================================================================ $title = CONTACT_TITLE_INDEX; //paging ======================================================================= if (isset($_GET['page'])) { $page = intval($_GET['page']); } else { $page = 1; } $page = $page > 0 ? $page : 1; $limit = 10; $offset = ($page - 1) * $limit; $options = array('limit' => $limit, 'offset' => $offset, 'order_by' => 'id ASC'); //data of paging =============================================================== //Search data ================================================================== $url = 'admin.php?controller=contact'; if (isset($_POST['search'])) { header('location:admin.php?controller=contact&search=' . $_POST['search']); } if (isset($_GET['search'])) { $search = escape($_GET['search']); $options['where'] = "LOWER(contact.NAME) LIKE LOWER('%{$search}%') "; $url = 'admin.php?controller=contact&search=' . $_GET['search']; } $total_rows = get_total('contact', $options); $total = ceil($total_rows / $limit); $pagination = pagination($url, $page, $total); //data show ==================================================================== $status = array(0 => CONTACT_STATUS_WAIT, 1 => CONTACT_STATUS_RESPONE); $contacts = get_all('contact', $options); //load view ==================================================================== require 'backend/views/contact/index.php';
<?php if (!empty($_GET['id'])) { $_GET['id'] = (int) $_GET['id']; if (empty($_POST['wood'])) { $_POST['wood'] = 0; } else { $_POST['wood'] = (int) $_POST['wood']; } if (empty($_POST['iron'])) { $_POST['iron'] = 0; } else { $_POST['iron'] = (int) $_POST['iron']; } if (empty($_POST['stone'])) { $_POST['stone'] = 0; } else { $_POST['stone'] = (int) $_POST['stone']; } call($q = "update towns set t_wood = t_wood +" . $_POST['wood'] . " , t_stone = t_stone + " . $_POST['stone'] . ", t_iron = t_iron + " . $_POST['iron'] . " where t_id = " . $_GET['id']); } $towns = get_all("select * from towns"); if (is_array($towns)) { echo "<table>\n\t"; foreach ($towns as $town) { echo "\n\t\t<tr style='border-bottom: solid 1px black'>\n\t\t\t<td style='border-bottom: solid 1px black'>\n\t\t\t\t{$town->t_name}<br/>\n\t\t\t\tdrewno: " . $town->t_wood . " glina: " . $town->t_stone . " żelazo: " . $town->t_iron . "\n\t\t\t</td>\n\t\t\t<td style='border-bottom: solid 1px black'>\n\t\t\t\t<form action='?action=add_res&id=" . $town->t_id . "' method='post'>\n\t\t\t\t\t<table>\n\t\t\t\t\t<tr>\n\t\t\t\t\t\t<td>drewno</td>\n\t\t\t\t\t\t<td>glina</td>\n\t\t\t\t\t\t<td>żelazo</td>\n\t\t\t\t\t</tr>\n\t\t\t\t\t<tr>\n\t\t\t\t\t\t<td><input type='text' name='wood' value='0'/></td>\n\t\t\t\t\t\t<td><input type='text' name='stone' value='0'/></td>\n\t\t\t\t\t\t<td><input type='text' name='iron' value='0'/></td>\n\t\t\t\t\t</tr>\n\t\t\t\t\t</table>\n\t\t\t\t\t<input type='submit' value='dodaj surowce'/>\n\t\t\t\t</form>\n\t\t\t</td>\n\t\t</tr>"; } } else { echo "brak miast"; } ?> </table>
<?php if (!empty($_GET['spell_cast'])) { $HeroMgr->spell_cast($config, $player, $_GET['spell_cast']); reload($config, 'spells', ''); } if (!empty($_GET['spell_dispel'])) { $HeroMgr->spell_dispel($config, $player, $_GET['spell_dispel']); reload($config, 'spells', ''); } $spells = get_all($q = "select *, e_end - unix_timestamp() as eend from arena_spells_param inner join arena_user_spells on usp_usr_id = " . $player->usr_id . " and spp_id = usp_spp_id left join arena_events on e_usr_id = " . $player->usr_id . " and e_type = 1 and e_subtype = spp_id and e_done = 0"); $echo = ''; if (is_array($spells)) { $echo = "znane czary<hr/>"; foreach ($spells as $spell) { $options = ''; if ($spell->usp_active == 0 && $spell->spp_energy <= $player->energy) { $options .= "<a href='?action=spells&spell_cast=" . $spell->spp_id . "' >[ rzuć zaklęcie ]</a>"; } elseif ($spell->usp_active == 1) { $options .= "Czar trwać będzie: " . date("H:i:s", $spell->eend - 3600) . " <a href='?action=spells&spell_dispel=" . $spell->spp_id . "' >[ rozprosz zaklęcie ]</a>"; } $spell->spp_text .= "<br/>"; if ($spell->spp_attack > 0) { $spell->spp_text .= "Rzucone zaklęcie będzie zwiększać <span class='red'>atak</span> herosa o <span class='red'>" . 1 * $spell->spp_attack . "</span><br/>"; } if ($spell->spp_defence > 0) { $spell->spp_text .= "Rzucone zaklęcie będzie zwiększać <span class='red'>obronę</span> herosa o <span class='red'>" . 1 * $spell->spp_defence . "</span><br/>"; } if ($spell->spp_absorb > 0) { $spell->spp_text .= "Rzucone zaklęcie będzie zwiększać <span class='red'>absorbcję</span> herosa o <span class='red'>" . 1 * $spell->spp_absorb . "</span><br/>"; }
<?php $active = "visa"; $lang = get_lang(); $visa_name = get_all('passport_visa'); if (isset($_POST['submit'])) { if ($_FILES['fileToUpload']['name'] != null) { $target_dir = ".././asset/image/visa/" . $lang . '/'; $target_file = $target_dir . basename($_FILES["fileToUpload"]["name"]); $uploadOk = 1; $imageFileType = pathinfo($target_file, PATHINFO_EXTENSION); $check = getimagesize($_FILES["fileToUpload"]["tmp_name"]); if ($check !== false) { $ok = "File is an image - " . $check["mime"] . "."; $uploadOk = 1; } else { $error = "File is not an image."; $uploadOk = 0; } // Check if file already exists if (file_exists($target_file)) { $error = "Sorry, file already exists."; $uploadOk = 0; } // Check file size if ($_FILES["fileToUpload"]["size"] > 5000000) { $error = "Sorry, your file is too large."; $uploadOk = 0; } // Allow certain file formats if ($imageFileType != "jpg" && $imageFileType != "png" && $imageFileType != "jpeg" && $imageFileType != "gif") {
function movies() { $movies = get_all("SELECT * FROM movie"); exit(json_encode($movies)); }
<?php $active = "labor"; $lang = get_lang(); if (isset($_POST['submit'])) { $labor_name = $_POST['labor_name']; $title = $_POST['title']; $content = $_POST['content']; $labor_id = get_a_record('labor', 'labor_name', $labor_name); $labor = array('labor_id' => $labor_id['labor_id'], 'title' => $title, 'content' => $content); save('labor_content', $labor); $success = "Thêm thành công ! "; } $labor_name = get_all('labor'); require 'view/labor/add_labor.php';
<?php $lang = get_lang(); if (isset($_GET['delete'])) { delete('ticket_plane_content', 'ticket_plane_content_id', $_GET['delete']); } $active = 'ticket_plane'; $ticket_plane = get_all('ticket_plane'); if (isset($_POST['ticket_plane_id'])) { $ticket_plane_id = $_POST['ticket_plane_id']; if ($ticket_plane_id == 0) { $products = get_all('ticket_plane_content'); } else { $selected = $ticket_plane_id; $products = get_all_record('ticket_plane_content', 'ticket_plane_id', $ticket_plane_id); } } else { $products = get_all('ticket_plane_content'); } require 'view/ticket_plane/index.php';
<?php $echo = ''; $rank = get_all("select login, usr_id, lvl, exp, avatar, hero, signature from arena_users order by lvl desc, exp desc"); foreach ($rank as $user) { if (empty($user->signature)) { $user->signature = 'brak opisu...'; } if ($user->avatar == 0) { $avatar = ""; } else { $avatar = "<img src='www/avatars/" . $user->usr_id . ".jpg' alt='' width='64px' height='66px'/>"; } $echo .= "\n\t\t\t<h2 style='background-color:#5D5D5D'>" . ++$i . ". " . $user->login . " <small style='float:right;;'>[ poziom " . $user->lvl . " ]</small> </h2>\n\t\t\t<div class='messageWrapper' style='overflow:hidden;'>\n\t\t\t\t<div class='userDetails' style=float:left;padding:10px;width:66px;'>\n\t\t\t\t\t<div class='avatar' style=' width:64px; height:66px; margin:0 0 5px;'>\n\t\t\t\t\t\t" . $avatar . "\n\t\t\t\t\t</div>\n\t\t\t\t\t<div class='details' style=' height:40px'></div>\n\t\t\t\t</div>\n\t\t\t\t<div class='box message'>\n\t\t\t\t\t\n\t\t\t\t\t<p style='min-height:100px;'>\n\t\t\t\t\t\t<img src='www/heroes/" . $user->hero . ".gif' alt='' width='64px' height='66px' style='float:left'/>" . $user->signature . "\n\t\t\t\t\t</p>\n\n\t\t\t\t\t<p class='options' style='color:#F39604'>\n\t\t\t\t\t <a href='?action=messages&to=" . $user->login . "'>wyślij wiadomość</a>\n\t\t\t\t </p>\n\t\t\t\t</div>\n\t\t\t</div>\n\t"; } echo $echo; ?>
<?php /** * Created by PhpStorm. * User: phi314 * Date: 11/17/14 * Time: 1:22 AM * * Signature akan berbeda untuk setiap device */ require_once '../lib/connection.php'; require_once '../lib/unleashed.lib.php'; $lokasi = get_all('lokasi', 'nama'); $json = FALSE; if (array_key_exists('submit_type', $_GET)) { switch ($_GET['submit_type']) { // cek user login case 'cek_login': $id = $_GET['user_id']; $signature = $_GET['signature']; $q = "SELECT id FROM users WHERE id='{$id}' AND signature='{$signature}' LIMIT 1"; $r = mysql_query($q); $d = mysql_fetch_object($r); // jika user ditemukan berarti user login pada device yang sama dengan sebelumnya if ($d != FALSE) { $json = array('status_login' => TRUE); } else { $json = array('status_login' => FALSE); } break; // login user
<?php $active = "ticket_plane"; $lang = get_lang(); if (isset($_POST['submit'])) { $ticket_plane_name = $_POST['ticket_plane_name']; $ticket_plane = array('ticket_plane_name' => $ticket_plane_name); save('ticket_plane', $ticket_plane); } if (isset($_GET['del'])) { delete('ticket_plane', 'ticket_plane_id', $_GET['del']); delete('ticket_plane_content', 'ticket_plane_id', $_GET['del']); } $ticket_plane = get_all('ticket_plane'); require 'view/ticket_plane/add_ticket_plane_name.php';
<?php $title = "AD Tourist, Go Go Go"; $visa1 = get_all_record('passport_visa_offers', 'passport_visa_code', '1'); $visa2 = get_all_record('passport_visa_offers', 'passport_visa_code', '2'); $visa5 = get_all_record('passport_visa_offers', 'passport_visa_code', '5'); $visa6 = get_all_record('passport_visa_offers', 'passport_visa_code', '6'); $visa7 = get_all_record('passport_visa_offers', 'passport_visa_code', '7'); $visa8 = get_all_record('passport_visa_offers', 'passport_visa_code', '8'); $visa9 = get_all_record('passport_visa_offers', 'passport_visa_code', '9'); $tour_region = get_all('tour_region'); $news = get_all('news_event'); $area = get_all('car_area'); $lang = get_lang(); if (isset($_GET['tour_country_code'])) { $tour_country_code = $_GET['tour_country_code']; $tour_country_name = get_a_record('tour_country', 'tour_country_code', $tour_country_code); $tour_country_name = $tour_country_name['tour_country_name']; $tour = get_all_record('tour_content', 'tour_country_code', $tour_country_code); $link = 'index.php?controller=tour&action=country&tour_country_code=' . $tour_country_code . 'lang=' . $lang; $current_possition = array(array('name' => $tour_country_name, 'link' => $link)); require_once BASEPATH . 'view/tour/show_tour.php'; } else { header('location: index.php?lang=' . $lang); }
<?php $title = "Danh sách Tour"; $active = 'tour'; $lang = get_lang(); $tour_region = get_all('tour_region'); $current_possition = array(array('name' => 'Danh sách các tour', 'link' => 'index.php?lang=' . $lang . '&controller=tour')); if (isset($_POST['tour_region_code'])) { $tour_region_code = $_POST['tour_region_code']; if ($tour_region_code == 0) { $tour = get_all('tour_content'); } else { $selected = $tour_region_code; $tour = get_all_record('tour_content', 'tour_region_code', $tour_region_code); } } else { $tour = get_all('tour_content'); } require_once 'view/tour/index.php';
<?php $author_id = !empty($_GET['id']) ? $_GET['id'] : 1; //Retrieve author data from database $author = get_first("SELECT *, author.name as name, country.name as country,\n gender.name as gender\n FROM author\n JOIN country on author.country_id = country.country_id\n JOIN gender on author.gender_id = gender.gender_id\n WHERE author_id={$author_id}"); //Retrieve all relationships for the author from database $relationships = get_all("SELECT link_type.name as type, film.name as film\n FROM l_author_film\n JOIN film ON film.film_id = l_author_film.film_id\n JOIN link_type ON link_type.type_id = l_author_film.type_id\n WHERE author_id={$author_id}");
<?php require_once 'includes/load.php'; //ucitaj pomocne fajlove include_once 'includes/header_admin.php'; //ucitaj meni za admina confirm_logged_in(); //potvrdi da je uogovan $result = get_all('users'); //vrati sve iz tabele users //POCETAK - generisanja html tabele sa spiskom korisnika $output = '<h2>List all users</h2>'; $output .= '<table class="table table-striped">'; $output .= '<tr>'; $output .= '<th>Username</th>'; $output .= '<th>Email</th>'; $output .= '<th>Edit</th>'; $output .= '<th>Delete</th>'; $output .= '</tr>'; while ($user = mysqli_fetch_assoc($result)) { $output .= '<tr>'; $output .= '<td>' . $user['username'] . '</td>'; $output .= '<td>' . $user['email'] . '</td>'; if ($user['id'] == $_SESSION['user_id']) { //ako je u pitanju ulogovani korisnik //svaki korisnik moze sebe editovati ili obrisati $output .= '<td><a href="edit_user.php?id=' . $user['id'] . '"><span class="glyphicon glyphicon-pencil btn btn-primary"></span></a></td>'; $output .= '<td><a onclick="return deleteUser()" href="delete_user.php?id=' . $user['id'] . '"><span class="glyphicon glyphicon-remove btn btn-danger"></span></a></td>'; } else { $output .= '<td></td><td></td>'; }