<?php echo $lang["Last modified:"]; ?> 2007-08-22. <a href="<?php echo mergeGetUrlData($_GET, "?style=printer-friendly"); ?> "><?php echo $lang["Printer-friendly version"]; ?> </a> <?php echo $lang["of this page"]; ?> . <a href="<?php echo mergeGetUrlData($_GET, "?style=") != "" ? mergeGetUrlData($_GET, "?style=") : "?style="; ?> "><?php echo $lang["Default style version"]; ?> </a> <?php echo $lang["of this page"]; ?> . </div> <div id="footer-text-right"> <!-- Nothing here --> </div> </div> </div>
// Inclusion of configuration files require_once "config.inc.php"; // Inclusion of libraries require_once "db-connection.lib.php"; require_once "encode-decode.lib.php"; require_once "merge-get.lib.php"; require_once "session.lib.php"; // Override default language settings by session settings if ($_SESSION["lang"]) { include_once "lang/" . $_SESSION["lang"] . ".php"; } // Override default language settings by URL settings if ($_GET["lang"]) { include_once "lang/" . $_GET["lang"] . ".php"; } // Connects to the database $db = db_connect(); if (is_null($db)) { die($lang["Error connecting to the database."] . $lang["MySQL says:"] . " " . db_error($db)); } // Checks if DB can be erased if (!isset($_POST["security"]) || $_POST["security"] !== $_POST["hidden-security"]) { header("Location: " . mergeGetUrlData($_GET, "error-database-clear.php")); exit; } // The code is OK, erase the databases $result = db_query($db, "DELETE FROM " . $config["ddDBPrefix"] . "sellers;"); $result = db_query($db, "DELETE FROM " . $config["ddDBPrefix"] . "books;"); // Redirects to confirmation page header("Location: " . mergeGetUrlData($_GET, "database-cleared.php")); exit;
// Checks if target seller ID exists in database $query_string = "SELECT * FROM " . $config["ddDBPrefix"] . "sellers WHERE sellerKey = '" . strtoupper(db_encode($_POST["sellerid"])) . "' LIMIT 1;"; $result = db_query($db, $query_string); if (!is_null($result) && db_num_rows($result) > 0) { // If yes, warns and redirects to this seller info page header("Location: " . mergeGetUrlData($_GET, "error-duplicate-seller.php?key=" . $_POST["sellerid"])); exit; } // Otherwise, delete previous table entry $query_string = "DELETE FROM " . $config["ddDBPrefix"] . "sellers WHERE sellerKey = '" . strtoupper(db_encode($_POST["originalid"])) . "' LIMIT 1;"; $result = db_query($db, $query_string); if (is_null($result)) { die($lang["Error connecting to the database."] . $lang["MySQL says:"] . " " . db_error($db)); } // And inserts new $query_string = "INSERT INTO " . $config["ddDBPrefix"] . "sellers SET " . "sellerKey = '" . strtoupper(db_encode($_POST["sellerid"])) . "', " . "firstName = '" . db_encode($_POST["firstname"]) . "', " . "lastName = '" . db_encode($_POST["lastname"]) . "', " . "email = '" . db_encode($_POST["email"]) . "', " . "phone = '" . db_encode($_POST["phone"]) . "';"; $result = db_query($db, $query_string); if (is_null($db)) { die($lang["Error connecting to the database."] . $lang["MySQL says:"] . " " . db_error($db)); } } else { // Replaces seller into database $query_string = "REPLACE INTO " . $config["ddDBPrefix"] . "sellers SET " . "sellerKey = '" . strtoupper(db_encode($_POST["sellerid"])) . "', " . "firstName = '" . db_encode($_POST["firstname"]) . "', " . "lastName = '" . db_encode($_POST["lastname"]) . "', " . "email = '" . db_encode($_POST["email"]) . "', " . "phone = '" . db_encode($_POST["phone"]) . "';"; $result = db_query($db, $query_string); if (is_null($db)) { die($lang["Error connecting to the database."] . $lang["MySQL says:"] . " " . db_error($db)); } } // Redirects to seller information page header("Location: " . mergeGetUrlData($_GET, "seller-info.php?key=" . strtoupper($_POST["sellerid"]))); exit;
******************************************************************************/ // Inclusion of configuration files require_once "config.inc.php"; // Inclusion of libraries require_once "db-connection.lib.php"; require_once "encode-decode.lib.php"; require_once "merge-get.lib.php"; require_once "session.lib.php"; // Set language include_once "lang.inc.php"; // Connects to the database $db = db_connect(); if (is_null($db)) { die($lang["Error connecting to the database."] . $lang["MySQL says:"] . " " . db_error($db)); } $flag = 0; $whereclause = ""; foreach ($_POST as $key => $value) { $flag++; if ($value == "on") { $whereclause .= "bookID = " . $key . " OR "; } } $whereclause .= "1>2"; // Adds book into database $timestamp = time(); $query_string = "UPDATE " . $config["ddDBPrefix"] . "books SET " . "status = 'returned', " . "lastUpdate = '" . date("Y-m-d H:i:s", $timestamp) . "' " . "WHERE " . $whereclause . " LIMIT " . $flag . ";"; $result = db_query($db, $query_string); // Redirects to seller information page header("Location: " . mergeGetUrlData($_GET, "seller-info.php?key=" . $_POST["key"])); exit;
<?php echo $lang["Last modified:"]; ?> 2007-08-22. <a href="<?php echo mergeGetUrlData($_GET, "?style=printer-friendly"); ?> "><?php echo $lang["Printer-friendly version"]; ?> </a> <?php echo $lang["of this page"]; ?> . <a href="<?php echo mergeGetUrlData($_GET, "?style=") == "" ? "?style=" : mergeGetUrlData($_GET, "?style="); ?> "><?php echo $lang["Default style version"]; ?> </a> <?php echo $lang["of this page"]; ?> . </div> <div id="footer-text-right"> <!-- Nothing here --> </div> </div> </div>
MA 02110-1301, USA. ******************************************************************************/ // Inclusion of configuration files require_once "config.inc.php"; // Inclusion of libraries require_once "db-connection.lib.php"; require_once "encode-decode.lib.php"; require_once "merge-get.lib.php"; require_once "session.lib.php"; // Override default language settings by session settings if ($_SESSION["lang"]) { include_once "lang/" . $_SESSION["lang"] . ".php"; } // Override default language settings by URL settings if ($_GET["lang"]) { include_once "lang/" . $_GET["lang"] . ".php"; } // Connects to the database $db = db_connect(); if (is_null($db)) { die($lang["Error connecting to the database."] . $lang["MySQL says:"] . " " . db_error($db)); } // Marks all the books as sold for ($i = 1; $i <= 10; $i++) { if ($_POST["bookid-" . $i] != "") { $result = db_query($db, "UPDATE " . $config["ddDBPrefix"] . "books SET status = 'sold', lastUpdate = '" . date("Y-m-d H:i:s", time()) . "' WHERE bookID = " . db_encode($_POST["bookid-" . $i]) . " LIMIT 1;"); } } // Redirects to success page header("Location: " . mergeGetUrlData($_GET, "book-sell-success.php")); exit;
$db = db_connect(); if (is_null($db)) { die($lang["Error connecting to the database."] . $lang["MySQL says:"] . " " . db_error($db)); } // Checks for valid data if (!isset($_POST["sellerid"]) || trim($_POST["sellerid"]) == "") { header("Location: " . mergeGetUrlData($_GET, "error-empty-seller.php")); exit; } // Checks if seller exists in database (it must) $query_string = "SELECT * FROM " . $config["ddDBPrefix"] . "sellers WHERE sellerKey = '" . strtoupper($_POST["sellerid"]) . "' LIMIT 1;"; $result = db_query($db, $query_string); if (is_null($result) || db_num_rows($result) < 1) { header("Location: " . mergeGetUrlData($_GET, "error-no-seller.php")); exit; } // Adds book into database $timestamp = time(); $query_string = "INSERT INTO " . $config["ddDBPrefix"] . "books SET " . "sellerKey = '" . strtoupper(db_encode($_POST["sellerid"])) . "', " . "title = '" . db_encode($_POST["title"]) . "', " . "author = '" . db_encode($_POST["author"]) . "', " . "bookYear = " . ($_POST["year"] == "" ? "NULL" : db_encode($_POST["year"])) . ", " . "price = " . db_encode(format_number($_POST["price"])) . ", " . "status = '" . db_encode($_POST["status"]) . "', " . "lastUpdate = '" . date("Y-m-d H:i:s", $timestamp) . "';"; $result = db_query($db, $query_string); // Gets book ID $query_string = "SELECT * FROM " . $config["ddDBPrefix"] . "books WHERE " . "sellerKey = '" . strtoupper(db_encode($_POST["sellerid"])) . "' AND " . "title = '" . db_encode($_POST["title"]) . "' AND " . "author = '" . db_encode($_POST["author"]) . "' AND " . "bookYear " . ($_POST["year"] == "" ? " IS NULL" : " = " . db_encode($_POST["year"])) . " AND " . "ABS(price - " . db_encode(format_number($_POST["price"])) . ") < 0.01 AND " . "status = '" . db_encode($_POST["status"]) . "' AND " . "lastUpdate = '" . date("Y-m-d H:i:s", $timestamp) . "' LIMIT 1;"; $result = db_query($db, $query_string); //echo $query_string; $answer = db_fetch_assoc_array($result); $bookid = $answer["bookID"]; // Sleeps for 1/2 second so that MySQL can add the record usleep(500000); // Redirects to book information page header("Location: " . mergeGetUrlData($_GET, "book-info.php?bookid=" . db_decode($answer["bookID"]))); exit;
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. ******************************************************************************/ // Inclusion of configuration files require_once "config.inc.php"; // Inclusion of libraries require_once "merge-get.lib.php"; // Override default language settings by session settings if ($_SESSION["lang"]) { include_once "lang/" . $_SESSION["lang"] . ".php"; } // Override default language settings by URL settings if ($_GET["lang"]) { include_once "lang/" . $_GET["lang"] . ".php"; } // Checks username and password if (isset($_POST["username"]) && isset($_POST["password"])) { // Basic check; to be replaced later if ($_POST["username"] == $config["adminlogin"] && $_POST["password"] == $config["adminpassword"]) { // Login OK, starts session and puts session id session_start(); $_SESSION["sessionid"] = "123"; // Bogus data $_SESSION["lastclick"] = time(); // Redirects to main page header("Location: " . mergeGetUrlData($_GET, "main.php")); exit; } } // Wrong identification die("Bad login");
<a id="link-sellerbrowse" href="<?php echo mergeGetUrlData($_GET, "seller-browse.php"); ?> "><?php echo $lang["Browse sellers"]; ?> </a> <a id="link-dbclear" href="<?php echo mergeGetUrlData($_GET, "database-clear.php"); ?> "><?php echo $lang["Clear database"]; ?> </a> <a id="link-logout" href="<?php echo mergeGetUrlData($_GET, "logout.php"); ?> "><?php echo $lang["Logout"]; ?> </a> </p> </div> </div> </div> <?php include_once "footer.inc.php"; ?>
if ($_SESSION["lang"]) { include_once "lang/" . $_SESSION["lang"] . ".php"; } // Override default language settings by URL settings if ($_GET["lang"]) { include_once "lang/" . $_GET["lang"] . ".php"; } // Connects to the database $db = db_connect(); if (is_null($db)) { die($lang["Error connecting to the database."] . $lang["MySQL says:"] . " " . db_error($db)); } // Checks for valid data if (!isset($_POST["sellerid"]) || trim($_POST["sellerid"]) == "") { header("Location: " . mergeGetUrlData($_GET, "error-empty-seller.php")); exit; } // Checks if seller exists in database (it must) $query_string = "SELECT * FROM " . $config["ddDBPrefix"] . "sellers WHERE sellerKey = '" . $_POST["sellerid"] . "' LIMIT 1;"; $result = db_query($db, $query_string); if (is_null($result) || db_num_rows($result) < 1) { header("Location: " . mergeGetUrlData($_GET, "error-no-seller.php")); exit; } // Adds book into database $timestamp = time(); $query_string = "UPDATE " . $config["ddDBPrefix"] . "books SET " . "sellerKey = '" . db_encode($_POST["sellerid"]) . "', " . "title = '" . db_encode($_POST["title"]) . "', " . "author = '" . db_encode($_POST["author"]) . "', " . "bookYear = " . db_encode($_POST["year"]) . ", " . "price = " . db_encode(format_number($_POST["price"])) . ", " . "status = '" . db_encode($_POST["status"]) . "', " . "lastUpdate = '" . date("Y-m-d H:i:s", $timestamp) . "' " . "WHERE bookID = " . $_POST["bookid"] . " LIMIT 1;"; $result = db_query($db, $query_string); // Redirects to book information page header("Location: " . mergeGetUrlData($_GET, "book-info.php?bookid=" . $_POST["bookid"])); exit;
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. ******************************************************************************/ // Inclusion of configuration files require_once "config.inc.php"; // Inclusion of libraries require_once "merge-get.lib.php"; // Starts session session_start(); // Override default language settings by session settings if ($_SESSION["lang"]) { include_once "lang/" . $_SESSION["lang"] . ".php"; } // Override default language settings by URL settings if ($_GET["lang"]) { include_once "lang/" . $_GET["lang"] . ".php"; } // Kills session $_SESSION = array(); session_destroy(); // Redirects to login page header("Location: " . mergeGetUrlData($_GET, "index.php")); exit;