Example #1
1
 /** Convert name to id (add Style to database if not exists)
  *
  * @return bool
  */
 protected function _findId()
 {
     global $Database, $Config, $Log;
     // get data from database to compare
     $sql = "SELECT name as name,\n\t\tnameid as nameid,\n\t\tid__module as id__module\n\t    FROM #__modules\n\t    WHERE name = '" . mysql_real_escape_string($this->getInfofile('name')) . "'\n\t\tAND nameid = '" . mysql_real_escape_string($this->getInfofile('nameid')) . "';";
     $result = $Database->doSelect($sql);
     if ($result === false or count($result) > 1) {
         return false;
     }
     // new module?
     if (count($result) == 0) {
         $Log->doLog(3, "Module: Found new module '" . $this->getInfofile('name') . "'");
         // add module to database
         $sql = "INSERT INTO #__modules\n\t\tSET name = '" . mysql_real_escape_string($this->getInfofile('name')) . "',\n\t\t    nameid = '" . mysql_real_escape_string($this->getInfofile('nameid')) . "',\n\t\t    version = '" . mysql_real_escape_string($this->getInfofile('version')) . "',\n\t\t    author = '" . mysql_real_escape_string($this->getInfofile('author')) . "',\n\t\t    link = '" . mysql_real_escape_string($this->getInfofile('link')) . "',\n\t\t    description = '" . mysql_real_escape_string($this->getInfofile('description')) . "'\n\t    ;";
         $result = $Database->doInsert($sql);
         if (!$result) {
             return false;
         }
         // save id
         $this->id = mysql_insert_id();
         // preparse
         $this->_preparse();
         return true;
     }
     // save id
     $this->id = $result[0]['id__module'];
     // update found! -> replace old version
     if ($this->getInfofile('version') > $this->getInfo('version')) {
         $Log->doLog(3, "Module: Update of module '" . $this->getInfofile('name') . "' found.");
         // update database
         $sql = "UPDATE #__modules\n\t\tSET version = '" . mysql_real_escape_string($this->getInfofile('version')) . "',\n\t\t    author = '" . mysql_real_escape_string($this->getInfofile('author')) . "',\n\t\t    link = '" . mysql_real_escape_string($this->getInfofile('link')) . "',\n\t\t    description = '" . mysql_real_escape_string($this->getInfofile('description')) . "',\n\t\t    nameid = '" . mysql_real_escape_string($this->getInfofile('nameid')) . "'\n\t\tWHERE id__module = '" . $this->id . "'\n\t    ;";
         $result_1 = $Database->doUpdate($sql);
         if (!$result_1) {
             return false;
         }
         // backup old version
         ts_BackupHandler::backupModule($Config->get('dir_data') . '/source/modules/_mod' . $this->id, $this->getInfofile('name') . '_' . $this->getInfofile('nameid') . '__version__' . $this->getInfofile('version'));
         // preparse (and replace old version by that)
         $this->_preparse();
         // version is same as saved in database
     } elseif ($this->getInfofile('version') == $this->getInfo('version')) {
         // get correct path
         $path_correct = $this->_getPath(false, false);
         // check, if in correct folder
         if ($this->path != $path_correct) {
             $Log->doLog(3, "Module: Move module '" . $this->getInfofile('name') . "' to correct path.");
             $this->_preparse();
         }
         // old version found! -> delete this one
     } else {
         $Log->doLog(3, "Module: Remove old version of module '" . $this->getInfofile('name') . "'.");
         // backup and delete folder
         ts_BackupHandler::backupModule($this->path);
         ts_FileHandler::deleteFolder($this->path);
         // delete id
         $this->id = 0;
         return false;
     }
     return true;
 }
 public function grabar_venta($pedido, $cliente, $tipo_documento, $nro_documento, $serie_documento)
 {
     $query = "INSERT INTO ventas(ped_id,cli_id,ven_fecha,ven_estado,ven_nrodoc,tipc_id,ven_seriedoc) VALUES ('{$pedido}','{$cliente}','" . date('y-m-d') . "','0','{$nro_documento}','{$tipo_documento}','{$serie_documento}')";
     $rs = mysql_query($query);
     $_SESSION['venta_codigo'] = mysql_insert_id();
     return $rs;
 }
Example #3
0
 function save()
 {
     $rValue = false;
     if ($this->name != "" && $this->project_id != "" && $this->version != "") {
         global $dbh;
         if ($this->file_id == 0) {
             $this->file_id = $this->getFileID($this->name, $this->project_id, $this->version);
         }
         $sql = "INSERT INTO";
         $where = "";
         if ($this->file_id > 0) {
             $sql = "UPDATE";
             $where = " WHERE file_id = " . sqlSanitize($this->file_id, $dbh);
         }
         $Event = new EventLog("files", "file_id", $this->file_id, $sql);
         $sql .= " files \n\t\t\t\t\t\tSET file_id \t= " . sqlSanitize($this->file_id, $dbh) . ",\n\t\t\t\t\t\t\tproject_id\t= " . returnQuotedString(sqlSanitize($this->project_id, $dbh)) . ", \n\t\t\t\t\t\t\tversion\t\t= " . returnQuotedString(sqlSanitize($this->version, $dbh)) . ", \n\t\t\t\t\t\t\tname\t\t= " . returnQuotedString(sqlSanitize($this->name, $dbh)) . ",\n\t\t\t\t\t\t\tplugin_id\t= " . returnQuotedString(sqlSanitize($this->plugin_id, $dbh)) . ",\n\t\t\t\t\t\t\tis_active\t= " . $this->is_active . $where;
         if (mysql_query($sql, $dbh)) {
             if ($this->file_id == 0) {
                 $this->file_id = mysql_insert_id($dbh);
                 $Event->key_value = $this->file_id;
             }
             $rValue = true;
             $Event->add();
         } else {
             echo $sql . "\n";
             $GLOBALS['g_ERRSTRS'][1] = mysql_error();
         }
     } else {
         echo "ERROR: One missing:Name: " . $this->name . "Project: " . $this->project_id . "Version: " . $this->version;
     }
     return $rValue;
 }
 function create($params, $files)
 {
     self::validate($params);
     $link = self::db_connect();
     $params = self::clear_params($params, $link);
     $table = get_called_class() . 's';
     $val_fields = array_map(function ($f) {
         return "`" . $f . "`";
     }, static::$fields);
     $values = [];
     foreach (static::$fields as $field) {
         array_push($values, '"' . $params[$field] . '"');
     }
     foreach (static::$file_fields as $field) {
         if ($files[$field]['name']) {
             $dir_path = 'uploads/' . get_called_class() . '/';
             mkdir($dir_path, 0777);
             $file_path = $dir_path . $files[$field]['name'];
             move_uploaded_file($files[$field]['tmp_name'], $file_path);
             array_push($val_fields, '`' . $field . '`');
             array_push($values, '"' . $file_path . '"');
         }
     }
     $request_fields = implode(', ', $val_fields);
     $request_values = implode(', ', $values);
     $query = "INSERT INTO .`" . $table . "` (" . $request_fields . ") VALUES (" . $request_values . ")";
     $result = mysql_query($query, $link) or die('MySQL error: ' . mysql_error());
     $id = mysql_insert_id($link);
     mysql_close($link);
     return $id;
 }
Example #5
0
function place_order($have_amount_disp, $have_currency, $want_amount_disp, $want_currency)
{
    global $is_logged_in;
    $have_currency = strtoupper($have_currency);
    $want_currency = strtoupper($want_currency);
    curr_supported_check($have_currency);
    curr_supported_check($want_currency);
    // convert for inclusion into database
    $have_amount = numstr_to_internal($have_amount_disp);
    $want_amount = numstr_to_internal($want_amount_disp);
    if ($have_currency == 'BTC') {
        order_worthwhile_check($have_amount, $have_amount_disp, $have_currency, MINIMUM_BTC_AMOUNT);
        order_worthwhile_check($want_amount, $want_amount_disp, $want_currency, MINIMUM_FIAT_AMOUNT);
    } else {
        order_worthwhile_check($have_amount, $have_amount_disp, $have_currency, MINIMUM_FIAT_AMOUNT);
        order_worthwhile_check($want_amount, $want_amount_disp, $want_currency, MINIMUM_BTC_AMOUNT);
    }
    enough_money_check($have_amount, $have_currency);
    do_query("START TRANSACTION");
    // deduct money from their account
    deduct_funds($have_amount, $have_currency);
    // add the money to the order book
    $query = "\n        INSERT INTO orderbook (\n            uid,\n            initial_amount,\n            amount,\n            type,\n            initial_want_amount,\n            want_amount,\n            want_type)\n        VALUES (\n            '{$is_logged_in}',\n            '{$have_amount}',\n            '{$have_amount}',\n            '{$have_currency}',\n            '{$want_amount}',\n            '{$want_amount}',\n            '{$want_currency}');\n    ";
    $result = do_query($query);
    $orderid = mysql_insert_id();
    do_query("COMMIT");
    return $orderid;
}
Example #6
0
 public function query($query = "")
 {
     try {
         $results = array();
         $queryString = trim($query);
         $explodedQuery = explode(' ', $queryString);
         $queryFirstWord = strtoupper(trim($explodedQuery[0]));
         $response = mysql_query($queryString, $this->databaseConnection);
         if ($response) {
             if (is_resource($response)) {
                 while ($row = mysql_fetch_assoc($response)) {
                     $results[] = $row;
                 }
             }
             switch ($queryFirstWord) {
                 case "DELETE":
                 case "UPDATE":
                     return mysql_affected_rows();
                     break;
                 case "INSERT":
                     return mysql_insert_id();
                     break;
                 default:
                     return $results;
                     break;
             }
         } else {
             return mysql_error();
         }
     } catch (Exception $error) {
         echo 'Caught exception: ', $error->getMessage(), "\n";
     }
 }
 public function AddInsurance()
 {
     global $dbObj, $common;
     //header('Content-type: application/json');
     $action = $common->replaceEmpty('action', '');
     $document_name = $common->replaceEmpty('docname', '');
     $document_date = $common->replaceEmpty('docdate', '');
     $document_quick_note = $common->replaceEmpty('docquicknote', '');
     $document_type = $common->replaceEmpty('doctype', '');
     $vechile_id = $common->replaceEmpty('vecid', '');
     $document = $common->replaceEmpty('document', '');
     $email = $common->replaceEmpty('email', '');
     $password = $common->replaceEmpty('password', '');
     if ($action = 'adddocuments') {
         $sql = $dbObj->runQuery("select * from user_reg where email='" . $email . "' AND password ='******' ");
         if (mysql_num_rows($sql) > 0) {
             $add_insurance = "insert into document (document_name,document_date,document_quick_note,created_date,document_type,vecid,email,document) \n\t\t\tvalues ('" . $document_name . "','" . $document_date . "','" . $document_quick_note . "',NOW(),'" . $document_type . "','" . $vechile_id . "','" . $email . "','" . $document . "')";
             $dbObj->runQuery($add_insurance);
             $docunentid = mysql_insert_id();
             $result[] = array("docid" => $docunentid, "message" => "Document has been Added.");
             //$result['login-status']= "1";
             //$finalarray[] =  $result;
             echo json_encode(array('result' => $result));
         }
     }
 }
Example #8
0
function dbInsert($data, $table)
{
    global $fullSql;
    global $db_stats;
    // the following block swaps the parameters if they were given in the wrong order.
    // it allows the method to work for those that would rather it (or expect it to)
    // follow closer with SQL convention:
    // insert into the TABLE this DATA
    if (is_string($data) && is_array($table)) {
        $tmp = $data;
        $data = $table;
        $table = $tmp;
        // trigger_error('QDB - Parameters passed to insert() were in reverse order, but it has been allowed', E_USER_NOTICE);
    }
    $sql = 'INSERT INTO `' . $table . '` (`' . implode('`,`', array_keys($data)) . '`)  VALUES (' . implode(',', dbPlaceHolders($data)) . ')';
    $time_start = microtime(true);
    dbBeginTransaction();
    $result = dbQuery($sql, $data);
    if ($result) {
        $id = mysql_insert_id();
        dbCommitTransaction();
        // return $id;
    } else {
        if ($table != 'Contact') {
            trigger_error('QDB - Insert failed.', E_USER_WARNING);
        }
        dbRollbackTransaction();
        // $id = false;
    }
    // logfile($fullSql);
    $time_end = microtime(true);
    $db_stats['insert_sec'] += number_format($time_end - $time_start, 8);
    $db_stats['insert']++;
    return $id;
}
Example #9
0
function giveUserPokemon($uid, $name, $level, $exp, $move1, $move2, $move3, $move4)
{
    $uid = (int) $uid;
    $level = (int) $level;
    $exp = (int) $exp;
    $name = cleanSql($name);
    $move1 = cleanSql($move1);
    $move2 = cleanSql($move2);
    $move3 = cleanSql($move3);
    $move4 = cleanSql($move4);
    $gender = rand(0, 2);
    mysql_query("\n\t\tINSERT INTO `user_pokemon` (\n\t\t\t`uid`, `name`, `level`, `exp`, `move1`, `move2`, `move3`, `move4`, `gender`\n\t\t) VALUES (\n\t\t\t'{$uid}', '{$name}', '{$level}', '{$exp}', '{$move1}', '{$move2}', '{$move3}', '{$move4}', '{$gender}'\n\t\t)\n\t");
    $pokeId = mysql_insert_id();
    $query = mysql_query("SELECT `poke1`,`poke2`,`poke3`,`poke4`,`poke5`,`poke6` FROM `users` WHERE `id`='{$uid}'");
    if (mysql_num_rows($query) == 1) {
        $pokeIds = mysql_fetch_assoc($query);
        for ($i = 1; $i <= 6; $i++) {
            if ($pokeIds['poke' . $i] == '0') {
                mysql_query("UPDATE `users` SET `poke{$i}`='{$pokeId}' WHERE `id`='{$uid}'");
                break;
            }
        }
    }
    return $pokeId;
}
Example #10
0
 /**
  * Storing new user
  * returns user details
  */
 public function storeUser($firstname, $lastname, $email, $username, $password)
 {
     //echo "$firstname, $lastname, $email, $username, $password";
     $hash = $this->hashSSHA($password);
     $encrypted_password = $hash["encrypted"];
     // encrypted password
     $salt = $hash["salt"];
     // salt
     $query = "INSERT INTO user(firstname, lastname, email, username, password, salt) VALUES ('{$firstname}', '{$lastname}','{$email}', '{$username}', '{$encrypted_password}', '{$salt}')";
     //echo $query;
     $result = mysql_query($query) or die(mysql_error());
     //print_r($result);
     // check for successful store
     if ($result) {
         // get user details
         $uid = mysql_insert_id();
         // last inserted id
         $result = mysql_query("SELECT * FROM user WHERE id = {$uid}");
         //create Directory for new User with EMAIL
         if (!file_exists($_SERVER['DOCUMENT_ROOT'] . '/api/registratedUserhome/' . $email)) {
             mkdir($_SERVER['DOCUMENT_ROOT'] . '/api/registratedUserhome/' . $email, 0777, true);
             //echo "Ordner erfolgreich erstellt";
         }
         // return user details
         return mysql_fetch_array($result);
     } else {
         return false;
     }
 }
Example #11
0
 public function insertUrl($url)
 {
     $date = date('F d, Y');
     $query = "INSERT INTO url_shortener (long_url, date_created)\n\t\t\t\t\t  VALUES('{$url}', '{$date}');";
     mysql_query($query);
     return mysql_insert_id();
 }
 function addImage($data)
 {
     $sql = 'INSERT into `image` (name) VALUES ("' . $data['name'] . '")';
     if (mysql_query($sql)) {
         return $id = mysql_insert_id();
     }
 }
Example #13
0
    function addBilling($Billing){
        global $adb;
		global $table_prefix;
		
		$firstname = addslashes($Billing->firstname);
		$lastname = addslashes($Billing->lastname);
		$address = addslashes($Billing->address);
		$address1 = addslashes($Billing->address1);
		$city = addslashes($Billing->city);
		  
        $query="INSERT INTO ".$table_prefix."_tblBilling SET ".
            "fldBillingClientID='$Billing->client_id',". 			
			"fldBillingLastname='$lastname',". 
			"fldBillingFirstName='$firstname',". 
			"fldBillingEmail='$Billing->email',".			
			"fldBillingAddress='$address',".
			"fldBillingAddress1='$address1',".
			"fldBillingCity='$Billing->city',".
			"fldBillingState='$Billing->state',".
			"fldBillingCountry='$Billing->country',".
			"fldBillingZip='$Billing->zip',".
			"fldBillingPhoneNo='$Billing->phone'";			
			            
        $adb->query($query);
        return mysql_insert_id();
    }
Example #14
0
function db_insert($table, $hash)
{
    $fields = array_keys($hash);
    $sql = "INSERT INTO `{$table}` (`" . implode('`,`', $fields) . "`) VALUES ('" . implode("','", $hash) . "')";
    $result = db_query($sql);
    return mysql_insert_id();
}
 /**
  * Create a new user group
  * @access  public
  * @param   title
  *          description
  * @return  user id, if successful
  *          false and add error into global var $msg, if unsuccessful
  * @author  Cindy Qi Li
  */
 public function Create($title, $description)
 {
     global $addslashes, $msg;
     $missing_fields = array();
     /* email check */
     $title = $addslashes(trim($title));
     /* login name check */
     if ($title == '') {
         $missing_fields[] = _AT('title');
     }
     if ($missing_fields) {
         $missing_fields = implode(', ', $missing_fields);
         $msg->addError(array('EMPTY_FIELDS', $missing_fields));
     }
     if (!$msg->containsErrors()) {
         /* insert into the db */
         $sql = "INSERT INTO " . TABLE_PREFIX . "user_groups\n\t\t\t              (title,\n\t\t\t               description,\n\t\t\t               create_date\n\t\t\t               )\n\t\t\t       VALUES ('" . $title . "',\n\t\t\t               '" . $description . "',\n\t\t\t               now()\n\t\t\t              )";
         if (!$this->execute($sql)) {
             $msg->addError('DB_NOT_UPDATED');
             return false;
         } else {
             return mysql_insert_id();
         }
     } else {
         return false;
     }
 }
Example #16
0
 public function processQuery($sql, $type = NULL)
 {
     $query_start = microtime(true);
     $result = mysql_query($sql, $this->db);
     $query_end = microtime(true);
     $this->log($sql, $query_end - $query_start);
     $this->checkForError();
     $data = array();
     if (is_resource($result)) {
         $resultType = MYSQL_NUM;
         if ($type == 'assoc') {
             $resultType = MYSQL_ASSOC;
         }
         while ($row = mysql_fetch_array($result, $resultType)) {
             if (mysql_affected_rows($this->db) > 1) {
                 array_push($data, $row);
             } else {
                 $data = $row;
             }
         }
         mysql_free_result($result);
     } else {
         if ($result) {
             $data = mysql_insert_id($this->db);
         }
     }
     return $data;
 }
Example #17
0
 function StoreRecord($dto)
 {
     $dataRenovacao = "'" . $dto->dataRenovacao . "'";
     if (empty($dto->dataRenovacao)) {
         $dataRenovacao = "null";
     }
     $dataReajuste = "'" . $dto->dataReajuste . "'";
     if (empty($dto->dataReajuste)) {
         $dataReajuste = "null";
     }
     // Monta a query dependendo do id como INSERT ou UPDATE
     $query = "INSERT INTO contrato VALUES (NULL, '" . $dto->numero . "', '" . $dto->pn . "', '" . $dto->divisao . "', " . $dto->contato . ", " . $dto->status . ", " . $dto->categoria . ", '" . $dto->dataAssinatura . "', '" . $dto->dataEncerramento . "', '" . $dto->inicioAtendimento . "', '" . $dto->fimAtendimento . "', '" . $dto->primeiraParcela . "', " . $dto->parcelaAtual . ", " . $dto->mesReferencia . ", " . $dto->anoReferencia . ", " . $dto->quantidadeParcelas . ", " . $dto->global . ", " . $dto->vendedor . ", " . $dto->diaVencimento . ", " . $dto->referencialVencimento . ", " . $dto->diaLeitura . ", " . $dto->referencialLeitura . ", " . $dto->indiceReajuste . ", " . $dataRenovacao . ", " . $dataReajuste . ", " . $dto->valorImplantacao . ", " . $dto->quantParcelasImplantacao . ", '" . $dto->obs . "', 0);";
     if ($dto->id > 0) {
         $query = "UPDATE contrato SET numero = '" . $dto->numero . "', pn = '" . $dto->pn . "', divisao = '" . $dto->divisao . "', contato = " . $dto->contato . ", status = " . $dto->status . ", categoria = " . $dto->categoria . ", assinatura = '" . $dto->dataAssinatura . "', encerramento = '" . $dto->dataEncerramento . "', inicioAtendimento = '" . $dto->inicioAtendimento . "', fimAtendimento = '" . $dto->fimAtendimento . "', primeiraParcela = '" . $dto->primeiraParcela . "', parcelaAtual = " . $dto->parcelaAtual . ", mesReferencia = " . $dto->mesReferencia . ", anoReferencia = " . $dto->anoReferencia . ", quantidadeParcelas = " . $dto->quantidadeParcelas . ", global = " . $dto->global . ", vendedor = " . $dto->vendedor . ", diaVencimento = " . $dto->diaVencimento . ", referencialVencimento = " . $dto->referencialVencimento . ", diaLeitura = " . $dto->diaLeitura . ", referencialLeitura = " . $dto->referencialLeitura . ", indicesReajuste_id = " . $dto->indiceReajuste . ", dataRenovacao = " . $dataRenovacao . ", dataReajuste = " . $dataReajuste . ", valorImplantacao = " . $dto->valorImplantacao . ", quantParcelasImplantacao = " . $dto->quantParcelasImplantacao . ", obs = '" . $dto->obs . "' WHERE id = " . $dto->id . ";";
     }
     $result = mysql_query($query, $this->mysqlConnection);
     if ($result) {
         $insertId = mysql_insert_id($this->mysqlConnection);
         if ($insertId == null) {
             return $dto->id;
         }
         return $insertId;
     }
     if (!$result && $this->showErrors) {
         print_r(mysql_error());
         echo '<br/>';
     }
     return null;
 }
Example #18
0
 function set_prop_fields_from_standin()
 {
     $roni = 0;
     foreach ($_POST as $postkey => $postval) {
         $final_post_val = clean_request_val($_POST[$postkey]);
         if (is_array($final_post_val)) {
             continue;
         }
         $posted_lookup_field = trim($final_post_val);
         if (ereg("^standin_pi([0-9]+)epi([0-9]+)ron([0-9]+)\$", $postkey, $regs) and (!empty($posted_lookup_field) or empty($posted_lookup_field) and $regs[2] != 0)) {
             $prop_id = $regs[1];
             $ent_prop_id = $regs[2];
             $roni = $regs[3];
             LookupTable::get_table_and_field_by_prop_id($prop_id, $lookuptable, $lookupfield);
             $sql = "SELECT " . $lookuptable . "_id FROM {$lookuptable} WHERE {$lookupfield} = '{$posted_lookup_field}'";
             $result = mysql_query($sql);
             if ($row = mysql_fetch_array($result)) {
                 $_POST[str_replace("standin_", "", $postkey)] = $row[$lookuptable . "_id"];
                 $_REQUEST[str_replace("standin_", "", $postkey)] = $row[$lookuptable . "_id"];
             } else {
                 $sql = "INSERT INTO " . $lookuptable . " SET {$lookupfield} = '{$posted_lookup_field}'";
                 mysql_query($sql);
                 $inserted_id = mysql_insert_id();
                 $_POST[str_replace("standin_", "", $postkey)] = $inserted_id;
                 $_REQUEST[str_replace("standin_", "", $postkey)] = $inserted_id;
             }
         }
     }
 }
Example #19
0
 /**
  * Adds the given employee as a admin to the given project.
  * If the employee is already an admin, the request is ignored.
  *
  * @param int $projectId The project ID
  * @param int $empNumber The employee number
  * @return true if successful
  */
 public function addAdmin($projectId, $empNumber)
 {
     if (!CommonFunctions::isValidId($projectId) || !CommonFunctions::isValidId($empNumber)) {
         throw new ProjectAdminException("Invalid parameters to addAdmin(): emp_number = {$empNumber} , " . "projectId = {$projectId}");
     }
     $result = true;
     if (!$this->isAdmin($empNumber, $projectId)) {
         $fields[0] = self::PROJECT_ADMIN_FIELD_PROJECT_ID;
         $fields[1] = self::PROJECT_ADMIN_FIELD_EMP_NUMBER;
         $values[0] = "'{$projectId}'";
         $values[1] = "'{$empNumber}'";
         $sqlBuilder = new SQLQBuilder();
         $sqlBuilder->table_name = self::TABLE_NAME;
         $sqlBuilder->flg_insert = 'true';
         $sqlBuilder->arr_insert = $values;
         $sqlBuilder->arr_insertfield = $fields;
         $sql = $sqlBuilder->addNewRecordFeature2();
         $conn = new DMLFunctions();
         $result = $conn->executeQuery($sql);
         if (!$result || mysql_affected_rows() != 1) {
             $result = false;
         } else {
             $this->id = mysql_insert_id();
         }
     }
     return $result;
 }
 public function ThemDM()
 {
     $TieuDe = isset($_POST['TieuDe']) ? $_POST['TieuDe'] : '';
     $TomTat = isset($_POST['TomTat']) ? $_POST['TomTat'] : '';
     $Title = isset($_POST['Title']) ? $_POST['Title'] : '';
     $Des = isset($_POST['Des']) ? $_POST['Des'] : '';
     $Parent = isset($_POST['Parent']) ? $_POST['Parent'] : '';
     $Keyword = isset($_POST['Keyword']) ? $_POST['Keyword'] : '';
     $idGroup = isset($_POST['idGroup']) ? $_POST['idGroup'] : '';
     settype($Parent, "int");
     settype($idGroup, "int");
     $TieuDe = parent::XoaDinhDang($TieuDe);
     $Title = parent::XoaDinhDang($Title);
     $Keyword = parent::XoaDinhDang($Keyword);
     $Des = parent::XoaDinhDang($Des);
     if ($Title == '') {
         $Title = $TieuDe;
     }
     $TieuDeKD = parent::stripUnicode($TieuDe);
     //Chèn dữ liệu vào database
     $sql = "INSERT INTO mk_catalog (TieuDe, TieuDeKD, Title, Des, Parent, Keyword, idGroup, TomTat)\n\t\t\t\tVALUES ('{$TieuDe}', '{$TieuDeKD}', '{$Title}', '{$Des}', '{$Parent}', '{$Keyword}', '{$idGroup}', '{$TomTat}')";
     mysql_query($sql) or die(mysql_error());
     $idLoai = mysql_insert_id();
     $TieuDeKD = $TieuDeKD . "-" . $idLoai;
     $sql = "UPDATE mk_catalog\n            SET TieuDeKD = '{$TieuDeKD}'\n            WHERE idLoai = {$idLoai}";
     mysql_query($sql) or die(mysql_error());
     return $sql;
 }
Example #21
0
 /**
  * 添加供应商的函数
  * @return    $result   $result > 0 成功,否则失败
  */
 public function addPartner()
 {
     global $dbConn;
     $data = array('company_name' => post_check($_POST['company_name']), 'username' => post_check($_POST['username']), 'tel' => post_check($_POST['tel']), 'phone' => post_check($_POST['phone']), 'fax' => post_check($_POST['fax']), 'e_mail' => post_check($_POST['e_mail']), 'address' => post_check($_POST['address']), 'note' => post_check($_POST['note']), 'city' => post_check($_POST['city']), 'QQ' => post_check($_POST['QQ']), 'AliIM' => post_check($_POST['AliIM']), 'shoplink' => post_check($_POST['shoplink']), 'type_id' => post_check($_POST['type_id']), 'company_id' => post_check($_POST['company_id']), 'purchaseuser_id' => post_check($_POST['purchaser_id']), 'sms_status' => post_check($_POST['sms_status']), 'email_status' => post_check($_POST['email_status']), 'limit_money' => post_check($_POST['limitmoney']), 'limit_alert_money' => post_check($_POST['alertmoney']), 'payWay' => $_POST['payWay']);
     $row = PartnerModel::getOne($_POST['company_name']);
     if (!empty($row)) {
         $arr = array('code' => 2, 'msg' => '该供应商已存在');
         return json_encode($arr);
     }
     $dbConn->begin();
     //开启事务
     $dataSql = array2sql($data);
     $sql = "insert into ph_partner set {$dataSql}";
     if ($dbConn->execute($sql)) {
         $partnerid = mysql_insert_id();
         $sql = "insert into ph_user_partner_relation (`partnerId`, `purchaseId`, `companyname`) VALUES ({$partnerid},{$_POST['purchaser_id']},'{$_POST['company_name']}')";
         if ($dbConn->execute($sql)) {
             $dbConn->commit();
             //提交事务
             $arr = array('code' => 1, 'msg' => '添加成功');
         } else {
             $dbConn->rollback();
             //事务回滚
             $arr = array('code' => 0, 'msg' => '添加失败');
         }
     } else {
         $arr = array('code' => 0, 'msg' => '添加失败');
     }
     return json_encode($arr);
 }
Example #22
0
 /**
  * Create a new group.
  */
 function create_group($arguments)
 {
     global $database;
     $this->state = array();
     /** Define the group information */
     $this->name = $arguments['name'];
     $this->description = $arguments['description'];
     $this->members = $arguments['members'];
     $this->timestamp = time();
     /** Who is creating the group? */
     $this->this_admin = get_current_user_username();
     $this->sql_query = $database->query("INSERT INTO tbl_groups (name,description,created_by)" . "VALUES ('{$this->name}', '{$this->description}','{$this->this_admin}')");
     $this->id = mysql_insert_id();
     $this->state['new_id'] = $this->id;
     /** Create the members records */
     foreach ($this->members as $this->member) {
         $this->sql_member = $database->query("INSERT INTO tbl_members (added_by,client_id,group_id)" . "VALUES ('{$this->this_admin}', '{$this->member}', '{$this->id}' )");
     }
     if ($this->sql_query) {
         $this->state['query'] = 1;
     } else {
         $this->state['query'] = 0;
     }
     return $this->state;
 }
 public function addLink()
 {
     /* Url registration */
     if (!Db::getInstance()->Execute('INSERT INTO ' . _DB_PREFIX_ . 'blocklink VALUES (\'\', \'' . pSQL($_POST['url']) . '\', ' . ((isset($_POST['newWindow']) and $_POST['newWindow']) == 'on' ? 1 : 0) . ')') or !($lastId = mysql_insert_id())) {
         return false;
     }
     /* Multilingual text */
     $languages = Language::getLanguages();
     $defaultLanguage = intval(Configuration::get('PS_LANG_DEFAULT'));
     if (!$languages) {
         return false;
     }
     foreach ($languages as $language) {
         if (!empty($_POST['text_' . $language['id_lang']])) {
             if (!Db::getInstance()->Execute('INSERT INTO ' . _DB_PREFIX_ . 'blocklink_lang VALUES (' . intval($lastId) . ', ' . intval($language['id_lang']) . ', \'' . pSQL($_POST['text_' . $language['id_lang']]) . '\')')) {
                 return false;
             }
         } else {
             if (!Db::getInstance()->Execute('INSERT INTO ' . _DB_PREFIX_ . 'blocklink_lang VALUES (' . intval($lastId) . ', ' . intval($language['id_lang']) . ', \'' . pSQL($_POST['text_' . $defaultLanguage]) . '\')')) {
                 return false;
             }
         }
     }
     return true;
 }
Example #24
0
 function save()
 {
     # Ignored if not in the columns
     $this->updated_at = strftime("%Y-%m-%d %H:%M:%S", time());
     if ($this->isNewRecord()) {
         # Ignored if not in the columns
         $this->created_at = strftime("%Y-%m-%d %H:%M:%S", time());
         $columns = implode(array_keys($this->columns), ",");
         $values = array();
         foreach ($this->columns as $key => $value) {
             array_push($values, "'" . mysql_escape_string($this->{$key}) . "'");
         }
         $values = implode($values, ",");
         $sql = "insert into {$this->table} ({$columns}) VALUES ({$values})";
         mysql_query($sql);
         $this->id = mysql_insert_id();
     } else {
         $columns = array();
         foreach ($this->columns as $key => $value) {
             array_push($columns, $key . "='" . mysql_escape_string($this->{$key}) . "'");
         }
         $columns = implode($columns, ",\n");
         $sql = "update {$this->table} set {$columns} where id=" . (int) $this->id;
         mysql_query($sql);
     }
 }
Example #25
0
 function getid()
 {
     if ($this->connect) {
         return @mysql_insert_id($this->connect);
     }
     return false;
 }
Example #26
0
 public function __construct($query, &$conn, &$orm = null)
 {
     $this->conn = $conn;
     $this->res = null;
     $this->orm = $orm;
     $this->rowOrm = null;
     $this->success = false;
     $this->fields = null;
     $this->EOF = true;
     $this->BOF = true;
     $this->index = 0;
     $this->count = 0;
     $this->insertID = 0;
     $type = strtolower(substr(trim(str_replace("\n", " ", $query)), 0, 7));
     $typeIsSelect = $type == "select ";
     $typeIsShowTables = $type == "show ta";
     $typeIsInsert = $type == "insert ";
     $query = Str::finish($query, ";");
     if ($this->res = @mysql_query($query, $this->conn->res)) {
         $this->success = true;
         if ($typeIsSelect || $typeIsShowTables) {
             $this->count = mysql_num_rows($this->res);
             $this->moveFirst();
         } else {
             if ($typeIsInsert) {
                 $this->insertID = mysql_insert_id($this->conn->res);
             }
         }
     } else {
         trigger_error("SQL error: " . $query . "\n<br><b>'" . mysql_error($this->conn->res) . "'</b>");
     }
 }
Example #27
0
 function dataInsert($table, $dataArray)
 {
     $fldArray = $dataArray;
     $i = 0;
     $j = 0;
     $sql .= "insert into `" . $table . "` (";
     while (list($key1, $value1) = each($fldArray)) {
         $sql .= "`" . $key1 . "`";
         $j++;
         if ($j != count($fldArray)) {
             $sql .= ",";
         }
         if ($j == count($fldArray)) {
             $sql .= ") VALUES (";
         }
     }
     while (list($key1, $value1) = each($dataArray)) {
         $sql .= "'" . $value1 . "'";
         $i++;
         if ($i != count($dataArray)) {
             $sql .= ",";
         }
         if ($i == count($dataArray)) {
             $sql .= ")";
         }
     }
     mysql_query($sql) or die(CHECK_QUERY . $sql);
     $id = mysql_insert_id();
     return $id;
 }
Example #28
0
 public function Insert_ID()
 {
     if ($this->_link) {
         return mysql_insert_id($this->_link);
     }
     return false;
 }
Example #29
0
/**
 * Creates a new incident
 * @param string $title The title of the incident
 * @param int $contact The ID of the incident contact
 * @param int $servicelevel The ID of the servicelevel to log the incident under
 * @param int $contract The ID of the contract to log the incident under
 * @param int $product The ID of the product the incident refers to
 * @param int $skill The ID of the skill the incident refers to
 * @param int $priority (Optional) Priority of the incident (Default: 1 = Low)
 * @param int $owner (Optional) Owner of the incident (Default: 0 = SiT)
 * @param int $status (Optional) Incident status (Default: 1 = Active)
 * @param string $productversion (Optional) Product version field
 * @param string $productservicepacks (Optional) Product service packs field
 * @param int $opened (Optional) Timestamp when incident was opened (Default: now)
 * @param int $lastupdated (Optional) Timestamp when incident was updated (Default: now)
 * @return int|bool Returns FALSE on failure, an incident ID on success
 * @author Kieran Hogg
 */
function create_incident($title, $contact, $servicelevel, $contract, $product, $software, $priority = 1, $owner = 0, $status = 1, $productversion = '', $productservicepacks = '', $opened = '', $lastupdated = '')
{
    global $now, $dbIncidents;
    if (empty($opened)) {
        $opened = $now;
    }
    if (empty($lastupdated)) {
        $lastupdated = $now;
    }
    $sql = "INSERT INTO `{$dbIncidents}` (title, owner, contact, priority, ";
    $sql .= "servicelevel, status, maintenanceid, product, softwareid, ";
    $sql .= "productversion, productservicepacks, opened, lastupdated) ";
    $sql .= "VALUES ('{$title}', '{$owner}', '{$contact}', '{$priority}', ";
    $sql .= "'{$servicelevel}', '{$status}', '{$contract}', ";
    $sql .= "'{$product}', '{$software}', '{$productversion}', ";
    $sql .= "'{$productservicepacks}', '{$opened}', '{$lastupdated}')";
    $result = mysql_query($sql);
    if (mysql_error()) {
        trigger_error("MySQL Query Error " . mysql_error(), E_USER_ERROR);
        return FALSE;
    } else {
        $incident = mysql_insert_id();
        return $incident;
    }
}
Example #30
-1
function submitSolution($pid, $solution, $language)
{
    require "../include/db_info.inc.php";
    if (isset($OJ_LANG)) {
        require "../lang/{$OJ_LANG}.php";
    }
    require "../include/const.inc.php";
    for ($i = 0; $i < count($language_name); $i++) {
        //echo "$language=$language_name[$i]=".($language==$language_name[$i]);
        if ($language == $language_name[$i]) {
            $language = $i;
            //echo $language;
            break;
        }
    }
    $len = mb_strlen($solution, 'utf-8');
    $sql = "INSERT INTO solution(problem_id,user_id,in_date,language,ip,code_length)\n\tVALUES('{$pid}','" . $_SESSION['user_id'] . "',NOW(),'{$language}','127.0.0.1','{$len}')";
    mysql_query($sql);
    $insert_id = mysql_insert_id();
    $solution = mysql_real_escape_string($solution);
    //echo "submiting$language.....";
    $sql = "INSERT INTO `source_code`(`solution_id`,`source`)VALUES('{$insert_id}','{$solution}')";
    mysql_query($sql);
    $sql = "INSERT INTO `source_code_user`(`solution_id`,`source`)VALUES('{$insert_id}','{$solution}')";
    mysql_query($sql);
}