function createExtFile($type) { $pathOfExt = "C:/data/ext/"; $pathOfDatabase = "C:/data/database/"; $t = time(); $temp_id = array(); $con = mysqli_connect("localhost", "root", "1212312121", "proj4d"); mysqli_set_charset($con, "utf8"); $query = "SELECT id FROM " . $type . "_detail WHERE isValid = 1"; $statement = mysqli_prepare($con, $query); $success = mysqli_stmt_execute($statement); mysqli_stmt_store_result($statement); mysqli_stmt_bind_result($statement, $id); $path = $pathOfExt . $type . $t . ".ext"; $myfile = fopen($path, "w") or die("Unable to open file!"); while (mysqli_stmt_fetch($statement)) { array_push($temp_id, $id); } $i = 0; for ($i; $i < sizeof($temp_id) - 1; $i++) { $id = $temp_id[$i]; $txt = $pathOfDatabase . $type . "/" . $id . "/1.png;" . $id . PHP_EOL; fwrite($myfile, $txt); $txt = $pathOfDatabase . $type . "/" . $id . "/2.png;" . $id . PHP_EOL; fwrite($myfile, $txt); } $id = $temp_id[$i]; $txt = $pathOfDatabase . $type . "/" . $id . "/1.png;" . $id . PHP_EOL; fwrite($myfile, $txt); $txt = $pathOfDatabase . $type . "/" . $id . "/2.png;" . $id; fwrite($myfile, $txt); fclose($myfile); return $type . $t . ".ext"; }
function checkrows() { include "components/db_connect.php"; $username = $_POST['email']; $x = "select * from details where email='{$username}'"; $result = mysqli_prepare($con, $x); mysqli_stmt_execute($result); mysqli_stmt_store_result($result); $y = mysqli_stmt_num_rows($result); include "components/db_disconnect.php"; return $y; }
function registrator($link) { //Функция регистрации пользователя (Взято из интернета "редактированно") if (!empty($_POST["submit"])) { if (!preg_match("/^[a-zA-Z0-9]+\$/", $_POST['login'])) { $err[] = "Логин может состоять только из букв английского алфавита и цифр<br>"; } if (strlen($_POST['login']) < 3 or strlen($_POST['login']) > 30) { $err[] = "Логин должен быть не меньше 3-х символов и не больше 30<br>"; } $query = "SELECT COUNT(user_id) FROM users WHERE user_login='******'login']) . "'"; if ($stmt = mysqli_prepare($link, $query)) { mysqli_stmt_execute($stmt); mysqli_stmt_bind_result($stmt, $user_id); mysqli_stmt_store_result($stmt); mysqli_stmt_fetch($stmt); mysqli_stmt_close($stmt); } if (!$user_id == 0) { $err[] = "Пользователь с таким логином уже существует в базе данных<br>"; } if (count($err) == 0) { $login = $_POST['login']; $password = md5(md5(trim($_POST['password']))); mysqli_query($link, "INSERT INTO users SET user_login='******', user_password='******'"); header("Location: login.php"); exit; } else { print "<b>При регистрации произошли следующие ошибки:</b><br>"; foreach ($err as $error) { print $error . "<br>"; } } } }
function login() { include_once 'database_conn.php'; // check is form filled if (isFormFilled()) { // if not filled, stop return; } $uid = sanitizeData($_POST['username']); $pswd = sanitizeData($_POST['password']); $columnLengthSql = "\n\t\t\tSELECT COLUMN_NAME, CHARACTER_MAXIMUM_LENGTH\n\t\t\tFROM INFORMATION_SCHEMA.COLUMNS\n\t\t\tWHERE TABLE_NAME = 'te_users'\n\t\t\tAND (column_name = 'username'\n\t\t\tOR column_name = 'passwd')"; $COLUMN_LENGTH = getColumnLength($conn, $columnLengthSql); $isError = false; $errMsg[] = validateStringLength($uid, $COLUMN_LENGTH['username']); //uid $errMsg[] = validateStringLength($pswd, $COLUMN_LENGTH['passwd']); //pswd for ($i = 0; $i < count($errMsg); $i++) { if (!($errMsg[$i] === true)) { echo "{$errMsg[$i]}"; $isError = true; } } //if contain error, halt continue executing the code if ($isError) { return; } // check is uid exist $checkUIDSql = "SELECT passwd, salt FROM te_users WHERE username = ?"; $stmt = mysqli_prepare($conn, $checkUIDSql); mysqli_stmt_bind_param($stmt, "s", $uid); mysqli_stmt_execute($stmt); mysqli_stmt_store_result($stmt); if (mysqli_stmt_num_rows($stmt) <= 0) { echo "Sorry we don't seem to have that username."; return; } mysqli_stmt_bind_result($stmt, $getHashpswd, $getSalt); while (mysqli_stmt_fetch($stmt)) { $hashPswd = $getHashpswd; $salt = $getSalt; } // if exist, then get salt and db hashed password // create hash based on password // hash pswd using sha256 algorithm // concat salt in db by uid // hash using sha256 algorithm $pswd = hash("sha256", $salt . hash("sha256", $pswd)); // check does it match with hased password from db if (strcmp($pswd, $hashPswd) === 0) { echo "Success login<br/>"; // add session $_SESSION['logged-in'] = $uid; // go to url $url = $_SERVER['REQUEST_URI']; header("Location: {$url}"); } else { echo "Fail login<br/>"; } }
function test_format($link, $format, $from, $order_by, $expected, $offset) { if (!($stmt = mysqli_stmt_init($link))) { printf("[%03d] Cannot create PS, [%d] %s\n", $offset, mysqli_errno($link), mysqli_error($link)); return false; } if ($order_by) { $sql = sprintf('SELECT %s AS _format FROM %s ORDER BY %s', $format, $from, $order_by); } else { $sql = sprintf('SELECT %s AS _format FROM %s', $format, $from); } if (!mysqli_stmt_prepare($stmt, $sql)) { printf("[%03d] Cannot prepare PS, [%d] %s\n", $offset + 1, mysqli_stmt_errno($stmt), mysqli_stmt_error($stmt)); return false; } if (!mysqli_stmt_execute($stmt)) { printf("[%03d] Cannot execute PS, [%d] %s\n", $offset + 2, mysqli_stmt_errno($stmt), mysqli_stmt_error($stmt)); return false; } if (!mysqli_stmt_store_result($stmt)) { printf("[%03d] Cannot store result set, [%d] %s\n", $offset + 3, mysqli_stmt_errno($stmt), mysqli_stmt_error($stmt)); return false; } if (!is_array($expected)) { $result = null; if (!mysqli_stmt_bind_result($stmt, $result)) { printf("[%03d] Cannot bind result, [%d] %s\n", $offset + 4, mysqli_stmt_errno($stmt), mysqli_stmt_error($stmt)); return false; } if (!mysqli_stmt_fetch($stmt)) { printf("[%03d] Cannot fetch result,, [%d] %s\n", $offset + 5, mysqli_stmt_errno($stmt), mysqli_stmt_error($stmt)); return false; } if ($result !== $expected) { printf("[%03d] Expecting %s/%s got %s/%s with %s - %s.\n", $offset + 6, gettype($expected), $expected, gettype($result), $result, $format, $sql); } } else { $order_by_col = $result = null; if (!mysqli_stmt_bind_result($stmt, $order_by_col, $result)) { printf("[%03d] Cannot bind result, [%d] %s\n", $offset + 7, mysqli_stmt_errno($stmt), mysqli_stmt_error($stmt)); return false; } reset($expected); while ((list($k, $v) = each($expected)) && mysqli_stmt_fetch($stmt)) { if ($result !== $v) { printf("[%03d] Row %d - expecting %s/%s got %s/%s [%s] with %s - %s.\n", $offset + 8, $k, gettype($v), $v, gettype($result), $result, $order_by_col, $format, $sql); } } } mysqli_stmt_free_result($stmt); mysqli_stmt_close($stmt); return true; }
function verificaMesGrafico($string) { include "conf-conexao.php"; include "script-time.php"; // selecione o total de meses quando ano for igua a anoCorrente $consultaSqlVerificaMes = "SELECT MES FROM tab_dados_grafico WHERE MES LIKE '%{$string}%' AND ANO = {$anoCorrente}"; $stmt = mysqli_prepare($conexao, $consultaSqlVerificaMes); if ($stmt) { mysqli_stmt_execute($stmt); mysqli_stmt_store_result($stmt); echo mysqli_stmt_num_rows($stmt); } }
function getUserData($uid) { global $db; $stmt = mysqli_prepare($db, "SELECT\n username,\n firstname,\n lastname,\n email,\n profileimg,\n UNIX_TIMESTAMP( registertime )\n FROM users\n WHERE uid = ?\n LIMIT 1\n "); mysqli_stmt_bind_param($stmt, "s", $uid); mysqli_stmt_execute($stmt); mysqli_stmt_store_result($stmt); mysqli_stmt_bind_result($stmt, $username, $firstname, $lastname, $email, $img, $time); if (mysqli_stmt_fetch($stmt) == NULL) { return false; } $retData = ['userid' => $uid, 'username' => $username, 'firstname' => $firstname, 'lastname' => $lastname, 'email' => $email, 'img' => $img, 'registerTime' => $time]; return $retData; }
function getAllActivitiesByUser($params) { $connection = dbConnect(); $options = ['columns' => 'a.id, ud.nome as demandante, s.sigla, sa.status, a.titulo, a.data, a.tempo_gasto, a.id_status', 'join' => [['type' => 'INNER JOIN', 'table' => 'setores s', 'columns' => 's.id = a.id_setor'], ['type' => 'INNER JOIN', 'table' => 'status_atividade sa', 'columns' => 'sa.id = a.id_status'], ['type' => 'INNER JOIN', 'table' => 'usuarios ud', 'columns' => 'ud.id = a.id_demandante']], 'where' => ['a.id_responsavel' => $_SESSION['id']], 'order_by' => 'a.data DESC', 'limit' => $params['limit'] . ', ' . $params['offset']]; $sql = buildSelect('atividades a', $options); $stmt = mysqli_prepare($connection, $sql); mysqli_stmt_bind_param($stmt, 'i', $_SESSION['id']); mysqli_stmt_execute($stmt); mysqli_stmt_store_result($stmt); mysqli_stmt_bind_result($stmt, $id, $demandante, $sigla, $status, $titulo, $data, $tempo_gasto, $id_status); $result = []; while (mysqli_stmt_fetch($stmt)) { array_push($result, ["id" => $id, "demandante" => $demandante, "sigla" => $sigla, "status" => $status, "titulo" => $titulo, "data" => $data, "tempo_gasto" => $tempo_gasto, "id_status" => $id_status]); } $numRows = mysqli_stmt_num_rows($stmt); mysqli_stmt_close($stmt); dbClose($connection); return ['result' => $result, 'numRows' => $numRows]; }
function func_test_mysqli_stmt_num_rows($stmt, $query, $expected, $offset) { if (!mysqli_stmt_prepare($stmt, $query)) { printf("[%03d] [%d] %s\n", $offset, mysqli_stmt_errno($stmt), mysqli_stmt_error($stmt)); return false; } if (!mysqli_stmt_execute($stmt)) { printf("[%03d] [%d] %s\n", $offset + 1, mysqli_stmt_errno($stmt), mysqli_stmt_error($stmt)); return false; } if (!mysqli_stmt_store_result($stmt)) { printf("[%03d] [%d] %s\n", $offset + 2, mysqli_stmt_errno($stmt), mysqli_stmt_error($stmt)); return false; } if ($expected !== ($tmp = mysqli_stmt_num_rows($stmt))) { printf("[%03d] Expecting %s/%d, got %s/%d\n", $offset + 3, gettype($expected), $expected, gettype($tmp), $tmp); } mysqli_stmt_free_result($stmt); return true; }
function accountExists() { $link = mysqli_connect("host_name", "username", "password", "database") or die("Database connection failed - " . mysqli_error($link)); $sql = "SELECT COUNT(*) AS count FROM user WHERE username = UPPER(?) "; if ($stmt = mysqli_prepare($link, $sql)) { $user = $_POST['username']; mysqli_stmt_bind_param($stmt, "s", $user) or die("bind param"); mysqli_stmt_execute($stmt); mysqli_stmt_bind_result($stmt, $count); mysqli_stmt_store_result($stmt); mysqli_stmt_fetch($stmt); } else { die("prepare failed"); } mysqli_stmt_close($stmt); mysqli_close($link); if ($count == "1") { return true; } return false; }
function prepareNotificationOneClueOneNotice($clue_id, $notice_id) { $con = mysqli_connect("localhost", "root", "1212312121", "proj4d"); mysqli_set_charset($con, "utf8"); $notify_data = array(); $notify_ids = array(); $adder_notice = array(); $query = "SELECT A.adder, A.name, B.token FROM notice_detail AS A, gcm_token_list AS B WHERE A.id = ? AND A.adder = B.username"; $statement = mysqli_prepare($con, $query); mysqli_stmt_bind_param($statement, "s", $notice_id); $success = mysqli_stmt_execute($statement); mysqli_stmt_store_result($statement); mysqli_stmt_bind_result($statement, $adder, $lostName, $token); mysqli_stmt_fetch($statement); array_push($notify_ids, $token); $adder_notice["" . $adder] = "" . $notice_id . "," . $lostName; $notify_data["clue_id"] = $clue_id; $notify_data["notice_id_data"] = json_encode($adder_notice); mysqli_stmt_close($statement); mysqli_close($con); return sendGoogleCloudMessage($notify_data, $notify_ids); }
function get_key($dbh, $config, $key) { $data = array(); $result = 0; $stmt = mysqli_prepare($dbh, "SELECT name,try_interval,last_try FROM " . $config['table_prefix'] . "keys WHERE `key` = ? LIMIT 0,1"); mysqli_stmt_bind_param($stmt, "s", $key); mysqli_stmt_execute($stmt); mysqli_stmt_store_result($stmt); $result = mysqli_stmt_num_rows($stmt); mysqli_stmt_bind_result($stmt, $name, $try_interval, $last_try); while (mysqli_stmt_fetch($stmt)) { $data['name'] = $name; $data['try_interval'] = $try_interval; $data['last_try'] = $last_try; } mysqli_stmt_close($stmt); unset($stmt); if ($result) { return $data; } else { return 0; } }
function getDocID($url) { $con = $GLOBALS["con"]; $sql = "SELECT docID FROM documents WHERE URL=?"; $stmt = mysqli_prepare($con, $sql) or die(mysqli_error($con)); mysqli_stmt_bind_param($stmt, 's', $url) or die(mysqli_stmt_error($stmt)); mysqli_stmt_execute($stmt) or die(mysqli_stmt_error($stmt)); mysqli_stmt_store_result($stmt); if (mysqli_stmt_num_rows($stmt) < 1) { mysqli_stmt_close($stmt); $sql = "INSERT INTO documents (URL) VALUES (?)"; $stmt = mysqli_prepare($con, $sql) or die(mysqli_error($con)); mysqli_stmt_bind_param($stmt, 's', $url) or die(mysqli_stmt_error($stmt)); mysqli_stmt_execute($stmt) or die(mysqli_stmt_error($stmt)); mysqli_stmt_bind_result($stmt, $docID); mysqli_stmt_fetch($stmt); return getDocID($url); } else { mysqli_stmt_bind_result($stmt, $docID); mysqli_stmt_fetch($stmt); return $docID; } }
function getBookDetails($bid) { global $db; $stmt = mysqli_prepare($db, 'SELECT books.title, books.description, bookauthors.name, genres.name, books.coverimage FROM books CROSS JOIN bookgenres ON bookgenres.bid = books.bid CROSS JOIN genres ON genres.id = bookgenres.genreid CROSS JOIN bookauthors ON bookauthors.bid = books.bid WHERE books.bid = ? '); mysqli_stmt_bind_param($stmt, 'i', $bid); mysqli_stmt_execute($stmt); mysqli_stmt_store_result($stmt); mysqli_stmt_bind_result($stmt, $title, $description, $author, $genre, $image); $results = false; while (mysqli_stmt_fetch($stmt)) { $results = true; $book['title'] = $title; $book['description'] = $description; $book['authors'][$author] = true; $book['genres'][$genre] = true; $book['image'] = $image; $book['bid'] = $bid; } if (!$results) { return false; } return $book; }
printf("[040] Expecting int/0, got %s/%s\n", gettype($tmp), $tmp); } /* try to use stmt_affected_rows like stmt_num_rows */ /* stmt_affected_rows is not really meant for SELECT! */ if (mysqli_stmt_prepare($stmt, 'SELECT unknown_column FROM this_table_does_not_exist') || mysqli_stmt_execute($stmt)) { printf("[041] The invalid SELECT statement is issued on purpose\n"); } if (-1 !== ($tmp = mysqli_stmt_affected_rows($stmt))) { printf("[042] Expecting int/-1, got %s/%s\n", gettype($tmp), $tmp); } if ($IS_MYSQLND) { if (false !== ($tmp = mysqli_stmt_store_result($stmt))) { printf("[043] Expecting boolean/false, got %s\\%s\n", gettype($tmp), $tmp); } } else { if (true !== ($tmp = mysqli_stmt_store_result($stmt))) { printf("[043] Libmysql does not care if the previous statement was bogus, expecting boolean/true, got %s\\%s\n", gettype($tmp), $tmp); } } if (0 !== ($tmp = mysqli_stmt_num_rows($stmt))) { printf("[044] Expecting int/0, got %s/%s\n", gettype($tmp), $tmp); } if (-1 !== ($tmp = mysqli_stmt_affected_rows($stmt))) { printf("[045] Expecting int/-1, got %s/%s\n", gettype($tmp), $tmp); } mysqli_stmt_close($stmt); $stmt = mysqli_stmt_init($link); if (!mysqli_stmt_prepare($stmt, "DROP TABLE IF EXISTS test_mysqli_stmt_affected_rows_table_1") || !mysqli_stmt_execute($stmt)) { printf("[046] [%d] %s\n", mysqli_stmt_errno($stmt), mysqli_stmt_error($stmt)); } mysqli_stmt_close($stmt);
function content() { include "components/db_connect.php"; $username = $_SESSION['username']; $query = "SELECT * FROM details WHERE email ='{$username}'"; $result = mysqli_query($con, $query); $value = mysqli_fetch_array($result); $_SESSION['name'] = $value['name']; $logout_status = $value['Logout_status']; $query = "SELECT * FROM time_and_questions WHERE serial_num='1'"; $result = mysqli_query($con, $query); $value = mysqli_fetch_array($result); setcookie("timer", $value['timer'], time() + 3600 * 24); $_SESSION['no_of_ques'] = $value['no_of_questions']; $query = "SELECT * FROM questions"; $result = mysqli_prepare($con, $query); mysqli_stmt_execute($result); mysqli_stmt_store_result($result); $value = mysqli_stmt_num_rows($result); $_SESSION['arr'] = range(1, $value); shuffle($_SESSION['arr']); $_SESSION['completed'] = 0; $_SESSION['id'] = 0; $_SESSION['ansarray'] = array(); $_SESSION['actualans'] = array(); $_SESSION['ques_id'] = array(); include "components/db_disconnect.php"; if ($logout_status) { echo "<script>self.location='resume.php?logout_stat=1&us={$username}'</script>"; } else { echo '<script>self.location="resume.php?logout_stat=0"</script>'; } }
public function getTableDefine($table_name) { // 连接系统数据库 $dbinst = "information_schema"; $sysconn = mysqli_connect($this->dbhost, $this->dbuser, $this->dbpwd, $dbinst); if (mysqli_connect_errno()) { $errno = mysqli_connect_errno(); $error = "MYSQL ERROR #" . $errno . " : " . mysqli_connect_error(); echo $error; } // 读取表定义 $sql = "select COLUMN_NAME, DATA_TYPE, CHARACTER_MAXIMUM_LENGTH, COLUMN_KEY from COLUMNS where TABLE_SCHEMA = ? and TABLE_NAME = ? order by ORDINAL_POSITION"; $tabledef = new TableDefine_b($table_name); if ($stmt = mysqli_prepare($sysconn, $sql)) { mysqli_stmt_bind_param($stmt, "ss", $this->dbinst, $table_name); mysqli_stmt_execute($stmt); if (mysqli_errno($sysconn)) { $errno = mysqli_errno($sysconn); $error = "MYSQL ERROR #" . $errno . " : " . mysqli_error($sysconn); echo $error; } mysqli_stmt_bind_result($stmt, $column_name, $column_type, $column_length, $column_key); mysqli_stmt_store_result($stmt); while (mysqli_stmt_fetch($stmt)) { $tabledef->addColumn($column_name, $column_type, $column_length, $column_key); } mysqli_stmt_close($stmt); } // 关闭系统数据库连接 mysqli_close($sysconn); return $tabledef; }
<?php include "header.php"; ?> <?php $conn = new mysqli("localhost", "my_user", "my*password", "mgabriel"); if (mysqli_connect_errno()) { echo 'Cannot connect to database: ' . mysqli_connect_error($conn); } else { $query = mysqli_prepare($conn, "SELECT profileinfo.firstname, profileinfo.lastname, profileinfo.email, profileinfo.day, profileinfo.time FROM profileinfo inner join services_provided ON services_provided.id=profileinfo.id WHERE services_provided.service_id = ?;") or die("Error: " . mysqli_error($conn)); // bind parameters "s" - string mysqli_stmt_bind_param($query, "i", $_POST['service_description']); //run the query mysqli_stmt_execute returns true if the //query was successful mysqli_stmt_execute($query) or die("Error. Could not insert into the table." . mysqli_error($conn)); mysqli_stmt_store_result($query); if (mysqli_stmt_num_rows($query) == 0) { echo "No entries found"; } else { // bind variables to prepared statement mysqli_stmt_bind_result($query, $firstname, $lastname, $email, $day, $time); // fetch values $dataArr = []; while (mysqli_stmt_fetch($query)) { $dataArr[] = $firstname . ' ' . $lastname . ' ' . $email . ' ' . $day . ' ' . $time; } foreach ($dataArr as $profileinfo) { echo $profileinfo . '<br/>'; } } mysqli_stmt_close($query);
<?php $con = mysqli_connect("mysql6.000webhost.com", "a6596261_sagar", "pr0gramm3r", "a6596261_footp") or die(mysql_error()); if (isset($_POST['eventID']) && !empty($_POST['eventID'])) { // Both fields are being posted and there not empty $eventID = intval(mysql_escape_string($_POST['eventID'])); // Set variable for the eventID $statement = mysqli_prepare($con, "SELECT st_id, st_text, st_loc_id, st_pl_id, st_ev_id, st_usr_id FROM fp_story\n \tWHERE st_ev_id = ?") or die(mysql_error()); mysqli_stmt_bind_param($statement, "i", $eventID); mysqli_stmt_execute($statement); mysqli_stmt_store_result($statement); mysqli_stmt_bind_result($statement, $st_id, $st_text, $st_loc_id, $st_pl_id, $st_ev_id, $st_usr_id); $story = array(); $i = 0; while (mysqli_stmt_fetch($statement)) { $story[$i][st_id] = $st_id; $story[$i][st_text] = $st_text; $story[$i][st_loc_id] = $st_loc_id; $story[$i][st_pl_id] = $st_pl_id; $story[$i][st_ev_id] = $st_ev_id; $story[$i][st_usr_id] = $st_usr_id; $i = $i + 1; } echo json_encode($story); mysqli_stmt_close($statement); mysqli_close($con); }
$sample = $value; array_push($DEGData["foursu_primary_id"], $sample); } if (substr($key, 0, 19) == 'rnatotal_primary_id') { $sample = $value; array_push($DEGData["rnatotal_primary_id"], $sample); } if (substr($key, 0, 9) == 'condition') { $condition = $value; array_push($DEGData["condition"], $condition); } if (substr($key, 0, 9) == 'timepoint') { $mix = $value; array_push($DEGData["timepoint"], $mix); } } error_log("num elements: " . count($DEGData["foursu_primary_id"])); for ($i = 0; $i < count($DEGData["foursu_primary_id"]); $i++) { $queryDEG = "INSERT INTO inspect (secondary_id,primary_id,rnatotal_id,cond,timepoint,deg_during_pulse,modeling_rates,counts_filtering,type ) VALUES ('" . $new_id_sec . "','" . $DEGData["foursu_primary_id"][$i] . "','" . $DEGData["rnatotal_primary_id"][$i] . "','" . $DEGData["condition"][$i] . "'," . $DEGData["timepoint"][$i] . ", " . $deg_during_pulse . "," . $modeling_rates . "," . $counts_filtering . ",'" . $inspect_type . "');"; error_log($queryDEG); $stmtDEG = mysqli_prepare($con, $queryDEG); if ($stmtDEG) { mysqli_stmt_execute($stmtDEG); mysqli_stmt_store_result($stmtDEG); mysqli_stmt_close($stmtDEG); } else { ?> Some jobs have not been put in queue, please contact the administrator. <br /><?php } }
function display_data($link, $sql) { $param = "%{$_POST['text']}%"; if ($_POST['region'] == "sport") { echo "<thead>\r\n <tr>\r\n \r\n\t\t\t\t\t\t <th>League</th>\r\n\t\t\t\t\t\t <th>Sports</th>\r\n\t\t\t\t\t </tr>\r\n\t\t\t\t </thead>"; if ($stmt = mysqli_prepare($link, $sql)) { //prepare successful mysqli_stmt_bind_param($stmt, "s", $param) or die("bind param"); mysqli_stmt_execute($stmt); //show number of rows mysqli_stmt_store_result($stmt); $row_count = mysqli_stmt_num_rows($stmt); printf("Number of rows: %d <br>", $row_count); mysqli_stmt_bind_result($stmt, $leagueName, $sport); while (mysqli_stmt_fetch($stmt)) { echo "<form action='delete.php' method='POST'>\r\n\t\t\t\t\t <input type='hidden' name='table' value='sport'>"; echo "<tr>"; //echo "<td><input class='btn btn-danger' type='submit' name='delete' value='Delete'></td>"; echo '<td><input type="hidden" name="League" value="' . $leagueName . '">' . $leagueName . '</td>'; echo '<td><input type="hidden" name="Sports" value="' . $sport . '">' . $sport . '</td>'; echo "</tr>"; echo "</form>"; } mysqli_stmt_close($stmt); } } if ($_POST['region'] == "team") { echo "<thead>\r\n <tr>\r\n <th></th>\r\n\t\t\t\t\t\t <th>TeamName</th>\r\n\t\t\t\t\t\t <th>League</th>\r\n\t\t\t\t\t </tr>\r\n\t\t\t\t </thead>"; if ($stmt = mysqli_prepare($link, $sql)) { //prepare successful mysqli_stmt_bind_param($stmt, "s", $param) or die("bind param"); mysqli_stmt_execute($stmt); //show number of rows mysqli_stmt_store_result($stmt); $row_count = mysqli_stmt_num_rows($stmt); printf("Number of rows: %d <br>", $row_count); mysqli_stmt_bind_result($stmt, $teamName, $league); while (mysqli_stmt_fetch($stmt)) { echo "<form action='delete.php' method='POST'>\r\n\t\t\t\t\t <input type='hidden' name='table' value='team'>"; echo "<tr>"; echo "<td><input class='btn btn-danger' type='submit' name='delete' value='Delete'></td>"; echo '<td><input type="hidden" name="TeamName" value="' . $teamName . '">' . $teamName . '</td>'; echo '<td><input type="hidden" name="League" value="' . $league . '">' . $league . '</td>'; echo "</tr>"; echo "</form>"; } mysqli_stmt_close($stmt); } } if ($_POST['region'] == "game") { echo "<thead>\r\n <tr>\r\n <th></th>\r\n\t\t\t\t\t\t <th>GameID</th>\r\n\t\t\t\t\t\t <th>Home</th>\r\n\t\t\t\t\t\t <th>Guest</th>\r\n\t\t\t\t\t\t <th>GameTime</th>\r\n\t\t\t\t\t </tr>\r\n\t\t\t\t </thead>"; if ($stmt = mysqli_prepare($link, $sql)) { //prepare successful mysqli_stmt_bind_param($stmt, "ss", $param, $param) or die("bind param"); mysqli_stmt_execute($stmt); //show number of rows mysqli_stmt_store_result($stmt); $row_count = mysqli_stmt_num_rows($stmt); printf("Number of rows: %d <br>", $row_count); mysqli_stmt_bind_result($stmt, $gameID, $home, $guest, $gameTime); while (mysqli_stmt_fetch($stmt)) { echo "<form action='delete.php' method='POST'>\r\n\t\t\t\t\t <input type='hidden' name='table' value='game'>"; echo "<tr>"; echo "<td><input class='btn btn-danger' type='submit' name='delete' value='Delete'></td>"; echo '<td><input type="hidden" name="GameID" value="' . $gameID . '">' . $gameID . '</td>'; echo '<td><input type="hidden" name="Home" value="' . $home . '">' . $home . '</td>'; echo '<td><input type="hidden" name="Guest" value="' . $guest . '">' . $guest . '</td>'; echo '<td><input type="hidden" name="GameTime" value="' . $gameTime . '">' . $gameTime . '</td>'; echo "</tr>"; echo "</form>"; } mysqli_stmt_close($stmt); } } }
/** * Execute a prepared query statement helper method. * * @param mixed $result_class string which specifies which result class to use * @param mixed $result_wrap_class string which specifies which class to wrap results in * @return mixed a result handle or MDB2_OK on success, a MDB2 error on failure * @access private */ function &_execute($result_class = true, $result_wrap_class = false) { if (is_null($this->statement)) { $result =& parent::_execute($result_class, $result_wrap_class); return $result; } $this->db->last_query = $this->query; $this->db->debug($this->query, 'execute', array('is_manip' => $this->is_manip, 'when' => 'pre', 'parameters' => $this->values)); if ($this->db->getOption('disable_query')) { $result = $this->is_manip ? 0 : null; return $result; } $connection = $this->db->getConnection(); if (PEAR::isError($connection)) { return $connection; } if (!is_object($this->statement)) { $query = 'EXECUTE ' . $this->statement; } if (!empty($this->positions)) { $parameters = array(0 => $this->statement, 1 => ''); $lobs = array(); $i = 0; foreach ($this->positions as $parameter) { if (!array_key_exists($parameter, $this->values)) { return $this->db->raiseError(MDB2_ERROR_NOT_FOUND, null, null, 'Unable to bind to missing placeholder: ' . $parameter, __FUNCTION__); } $value = $this->values[$parameter]; $type = array_key_exists($parameter, $this->types) ? $this->types[$parameter] : null; if (!is_object($this->statement)) { if (is_resource($value) || $type == 'clob' || $type == 'blob') { if (!is_resource($value) && preg_match('/^(\\w+:\\/\\/)(.*)$/', $value, $match)) { if ($match[1] == 'file://') { $value = $match[2]; } $value = @fopen($value, 'r'); $close = true; } if (is_resource($value)) { $data = ''; while (!@feof($value)) { $data .= @fread($value, $this->db->options['lob_buffer_length']); } if ($close) { @fclose($value); } $value = $data; } } $quoted = $this->db->quote($value, $type); if (PEAR::isError($quoted)) { return $quoted; } $param_query = 'SET @' . $parameter . ' = ' . $quoted; $result = $this->db->_doQuery($param_query, true, $connection); if (PEAR::isError($result)) { return $result; } } else { if (is_resource($value) || $type == 'clob' || $type == 'blob') { $parameters[] = null; $parameters[1] .= 'b'; $lobs[$i] = $parameter; } else { $parameters[] = $this->db->quote($value, $type, false); $parameters[1] .= $this->db->datatype->mapPrepareDatatype($type); } ++$i; } } if (!is_object($this->statement)) { $query .= ' USING @' . implode(', @', array_values($this->positions)); } else { $result = @call_user_func_array('mysqli_stmt_bind_param', $parameters); if ($result === false) { $err =& $this->db->raiseError(null, null, null, 'Unable to bind parameters', __FUNCTION__); return $err; } foreach ($lobs as $i => $parameter) { $value = $this->values[$parameter]; $close = false; if (!is_resource($value)) { $close = true; if (preg_match('/^(\\w+:\\/\\/)(.*)$/', $value, $match)) { if ($match[1] == 'file://') { $value = $match[2]; } $value = @fopen($value, 'r'); } else { $fp = @tmpfile(); @fwrite($fp, $value); @rewind($fp); $value = $fp; } } while (!@feof($value)) { $data = @fread($value, $this->db->options['lob_buffer_length']); @mysqli_stmt_send_long_data($this->statement, $i, $data); } if ($close) { @fclose($value); } } } } if (!is_object($this->statement)) { $result = $this->db->_doQuery($query, $this->is_manip, $connection); if (PEAR::isError($result)) { return $result; } if ($this->is_manip) { $affected_rows = $this->db->_affectedRows($connection, $result); return $affected_rows; } $result =& $this->db->_wrapResult($result, $this->result_types, $result_class, $result_wrap_class, $this->limit, $this->offset); } else { if (!@mysqli_stmt_execute($this->statement)) { $err =& $this->db->raiseError(null, null, null, 'Unable to execute statement', __FUNCTION__); return $err; } if ($this->is_manip) { $affected_rows = @mysqli_stmt_affected_rows($this->statement); return $affected_rows; } if ($this->db->options['result_buffering']) { @mysqli_stmt_store_result($this->statement); } $result =& $this->db->_wrapResult($this->statement, $this->result_types, $result_class, $result_wrap_class, $this->limit, $this->offset); } $this->db->debug($this->query, 'execute', array('is_manip' => $this->is_manip, 'when' => 'post', 'result' => $result)); return $result; }
mysqli_stmt_close($stmt); } ?> <br><br><h1 class='blue'>Competitive Analysis</h1><br> <?php /* run prepared queries to see if any data is already present in intellectual_property table */ /* create a prepared statement */ if ($stmt = mysqli_prepare($link, "SELECT * FROM competitive_analysis WHERE id=?")) { /* bind variables to marker */ mysqli_stmt_bind_param($stmt, 's', $_SESSION['id']); /* execute query */ mysqli_stmt_execute($stmt); /* store result */ mysqli_stmt_store_result($stmt); printf("%d results<br>", mysqli_stmt_num_rows($stmt)); /* bind result variables */ mysqli_stmt_bind_result($stmt, $id, $entry, $behavior, $advantage); /* print table headers */ echo "<table><thead><tr><th></th><th>Current Behavior</th><th>Our Competitive Advantage</tr></thead>"; while (mysqli_stmt_fetch($stmt)) { /* print output */ ?> <form action="marketUpdate.php" method="POST"> <input type="hidden" name="table" value="competitiveAnalysis"> <input type="hidden" name="id" value="<?php echo $id; ?> "> <input type="hidden" name="entry" value="<?php
$user[username] = $username; $user[title] = $title; $user[detail] = $detail; $user[location] = $location; $user[timestamp] = $time; array_push($statusArray, $user); //echo json_encode($user); } //i am a damn fool $temp3 = $friendcount; $temp4 = $friendMax; // $sql = "SELECT * FROM User WHERE username = '******' AND password = '******'"; $state = mysqli_prepare($conn, "SELECT * FROM " . $username . "Friends WHERE status = 3 LIMIT ?,?"); mysqli_stmt_bind_param($state, "sii", $username, $temp3, $temp4); mysqli_stmt_execute($state); mysqli_stmt_store_result($state); mysqli_stmt_bind_result($state, $user, $friend1, $phone, $email, $status); //this holds the list of rendez notifications $friendArray = array(); $friend = array(); while (mysqli_stmt_fetch($state)) { $friend[user] = $username; $friend[friend] = $friend1; $friend[phone] = $phone; $friend[email] = $email; $friend[status] = $status; array_push($friendArray, $friend); } //array that holds the array of count of rendezchat count, friends added count, rendeznotif array, friends added you array $notifications = array(); $notifications[rendez] = $rendezMax;
/** * Fetch the result * @param resource $result * @param int|NULL $arrayIndexEndValue * @return array */ function _fetch($result, $arrayIndexEndValue = NULL) { if ($this->use_prepared_statements != 'Y') { return parent::_fetch($result, $arrayIndexEndValue); } $output = array(); if (!$this->isConnected() || $this->isError() || !$result) { return $output; } // Prepared stements: bind result variable and fetch data $stmt = $result; $meta = mysqli_stmt_result_metadata($stmt); $fields = mysqli_fetch_fields($meta); /** * Mysqli has a bug that causes LONGTEXT columns not to get loaded * Unless store_result is called before * MYSQLI_TYPE for longtext is 252 */ $longtext_exists = false; foreach ($fields as $field) { if (isset($resultArray[$field->name])) { $field->name = 'repeat_' . $field->name; } // Array passed needs to contain references, not values $row[$field->name] = ""; $resultArray[$field->name] =& $row[$field->name]; if ($field->type == 252) { $longtext_exists = true; } } $resultArray = array_merge(array($stmt), $resultArray); if ($longtext_exists) { mysqli_stmt_store_result($stmt); } call_user_func_array('mysqli_stmt_bind_result', $resultArray); $rows = array(); while (mysqli_stmt_fetch($stmt)) { $resultObject = new stdClass(); foreach ($resultArray as $key => $value) { if ($key === 0) { continue; // Skip stmt object } if (strpos($key, 'repeat_')) { $key = substr($key, 6); } $resultObject->{$key} = $value; } $rows[] = $resultObject; } mysqli_stmt_close($stmt); if ($arrayIndexEndValue) { foreach ($rows as $row) { $output[$arrayIndexEndValue--] = $row; } } else { $output = $rows; } if (count($output) == 1) { if (isset($arrayIndexEndValue)) { return $output; } else { return $output[0]; } } return $output; }
printf("[003] [%d] %s\n", mysqli_errno($link), mysqli_error($link)); } if (!is_null($tmp = mysqli_stmt_data_seek($stmt, 1))) { printf("[004] Expecting NULL, got %s/%s\n", gettype($tmp), $tmp); } if (!mysqli_stmt_prepare($stmt, "SELECT id FROM test ORDER BY id")) { printf("[005] [%d] %s\n", mysqli_stmt_errno($stmt), mysqli_stmt_error($stmt)); } if (true !== ($tmp = mysqli_stmt_execute($stmt))) { printf("[006] Expecting boolean/true, got %s/%s\n", gettype($tmp), $tmp); } $id = null; if (!mysqli_stmt_bind_result($stmt, $id)) { printf("[007] [%d] %s\n", mysqli_stmt_errno($stmt), mysqli_stmt_error($stmt)); } if (!mysqli_stmt_store_result($stmt)) { printf("[008] [%d] %s\n", mysqli_stmt_errno($stmt), mysqli_stmt_error($stmt)); } if (!is_null($tmp = mysqli_stmt_data_seek($stmt, 2))) { printf("[009] Expecting NULL, got %s/%s\n", gettype($tmp), $tmp); } if (!mysqli_stmt_fetch($stmt)) { printf("[010] [%d] %s\n", mysqli_stmt_errno($stmt), mysqli_stmt_error($stmt)); } var_dump($id); if (!is_null($tmp = mysqli_stmt_data_seek($stmt, 0))) { printf("[011] Expecting NULL, got %s/%s\n", gettype($tmp), $tmp); } if (!mysqli_stmt_fetch($stmt)) { printf("[012] [%d] %s\n", mysqli_stmt_errno($stmt), mysqli_stmt_error($stmt)); }
function isWaiting($conn, $UserId, $BlockId) { $stmt = mysqli_prepare($conn, "select * from WaitingList where WUserid = ? and Blockid = ?"); mysqli_stmt_bind_param($stmt, "ii", $UserId, $BlockId); mysqli_stmt_execute($stmt); mysqli_stmt_store_result($stmt); $num = mysqli_stmt_num_rows($stmt); mysqli_stmt_free_result($stmt); mysqli_stmt_close($stmt); if ($num > 0) { return true; } return false; }
} $PeakCallData = array("base" => array(), "input" => array(), "label" => array()); foreach ($_POST as $key => $value) { if (substr($key, 0, 4) == 'base') { $base = $value; array_push($PeakCallData["base"], $base); } if (substr($key, 0, 5) == 'input') { $input = $value; array_push($PeakCallData["input"], $input); } if (substr($key, 0, 5) == 'label') { $label = $value; array_push($PeakCallData["label"], $label); } } for ($i = 0; $i < count($PeakCallData["base"]); $i++) { $queryPeakCall = "INSERT INTO peak_calling ( secondary_id, program, primary_id, input_id, label, pvalue, stats, saturation ) VALUES ( '" . $new_id_sec . "', '" . $program . "', '" . $PeakCallData["base"][$i] . "', '" . $PeakCallData["input"][$i] . "', '" . trim($PeakCallData["label"][$i]) . "', '" . $pvalue . "', '" . $stats . "', " . $saturation . " );"; //$queryPeakCall = "INSERT INTO peak_calling ( id_sec_fk, exp_name, program, S1, S2, label, pvalue, stats, saturation ) VALUES ( '".$new_id_sec."', '".$exp_name."', '".$program."', '".$PeakCallData["base"][$i]."', '".$PeakCallData["input"][$i]."', '".$PeakCallData["label"][$i]."', '".$pvalue."', '".$stats."', ". $saturation ." );"; //echo '<br />'.$queryPeakCall.'<br />'; $stmtPeak = mysqli_prepare($con, $queryPeakCall); if ($stmtPeak) { mysqli_stmt_execute($stmtPeak); mysqli_stmt_store_result($stmtPeak); mysqli_stmt_close($stmtPeak); } else { ?> Some jobs have not been put in queue, please contact the administrator. <br /><?php } }
function func_mysqli_stmt_fetch_geom($link, $engine, $sql_type, $bind_value, $offset) { if (!mysqli_query($link, "DROP TABLE IF EXISTS test_mysqli_stmt_fetch_geom_table_1")) { printf("[%04d] [%d] %s\n", $offset, mysqli_errno($link), mysqli_error($link)); return false; } if (!mysqli_query($link, sprintf("CREATE TABLE test_mysqli_stmt_fetch_geom_table_1(id INT, label %s, PRIMARY KEY(id)) ENGINE = %s", $sql_type, $engine))) { // don't bail - column type might not be supported by the server, ignore this return false; } for ($id = 1; $id < 4; $id++) { $sql = sprintf("INSERT INTO test_mysqli_stmt_fetch_geom_table_1(id, label) VALUES (%d, %s)", $id, $bind_value); if (!mysqli_query($link, $sql)) { printf("[%04d] [%d] %s\n", $offset + 2 + $id, mysqli_errno($link), mysqli_error($link)); } } if (!($stmt = mysqli_stmt_init($link))) { printf("[%04d] [%d] %s\n", $offset + 6, mysqli_errno($link), mysqli_error($link)); return false; } if (!mysqli_stmt_prepare($stmt, "SELECT id, label FROM test_mysqli_stmt_fetch_geom_table_1")) { printf("[%04d] [%d] %s\n", $offset + 7, mysqli_stmt_errno($stmt), mysqli_stmt_error($stmt)); mysqli_stmt_close($stmt); return false; } if (!mysqli_stmt_execute($stmt) || !mysqli_stmt_store_result($stmt)) { printf("[%04d] [%d] %s\n", $offset + 8, mysqli_stmt_errno($stmt), mysqli_stmt_error($stmt)); mysqli_stmt_close($stmt); return false; } if (!mysqli_stmt_bind_result($stmt, $id, $bind_res)) { printf("[%04d] [%d] %s\n", $offset + 9, mysqli_stmt_errno($stmt), mysqli_stmt_error($stmt)); mysqli_stmt_close($stmt); return false; } $result = mysqli_stmt_result_metadata($stmt); $fields = mysqli_fetch_fields($result); if ($fields[1]->type != MYSQLI_TYPE_GEOMETRY) { printf("[%04d] [%d] %s wrong type %d\n", $offset + 10, mysqli_stmt_errno($stmt), mysqli_stmt_error($stmt), $fields[1]->type); } $num = 0; $rows = array(); while (true === @mysqli_stmt_fetch($stmt)) { $rows[] = array('id' => $id, 'label' => $bind_res); $num++; } if ($num != 3) { printf("[%04d] [%d] %s, expecting 3 results, got only %d results\n", $offset + 17, mysqli_stmt_errno($stmt), mysqli_stmt_error($stmt), $num); return false; } mysqli_stmt_close($stmt); foreach ($rows as $row) { if (!($stmt = mysqli_stmt_init($link))) { printf("[%04d] [%d] %s\n", $offset + 10, mysqli_errno($link), mysqli_error($link)); return false; } if (!mysqli_stmt_prepare($stmt, "INSERT INTO test_mysqli_stmt_fetch_geom_table_1(id, label) VALUES (?, ?)")) { printf("[%04d] [%d] %s\n", $offset + 11, mysqli_stmt_errno($stmt), mysqli_stmt_error($stmt)); return false; } $new_id = $row['id'] + 10; if (!mysqli_stmt_bind_param($stmt, "is", $new_id, $row['label'])) { printf("[%04d] [%d] %s\n", $offset + 12, mysqli_stmt_errno($stmt), mysqli_stmt_error($stmt)); return false; } if (!mysqli_stmt_execute($stmt)) { printf("[%04d] [%d] %s\n", $offset + 13, mysqli_stmt_errno($stmt), mysqli_stmt_error($stmt)); return false; } mysqli_stmt_close($stmt); if (!($res_normal = mysqli_query($link, sprintf("SELECT id, label FROM test_mysqli_stmt_fetch_geom_table_1 WHERE id = %d", $new_id)))) { printf("[%04d] [%d] %s\n", $offset + 14, mysqli_errno($link), mysqli_error($link)); return false; } if (!($row_normal = mysqli_fetch_assoc($res_normal))) { printf("[%04d] [%d] %s\n", $offset + 15, mysqli_errno($link), mysqli_error($link)); return false; } if ($row_normal['label'] != $row['label']) { printf("[%04d] PS and non-PS return different data.\n", $offset + 16); return false; } mysqli_free_result($res_normal); } return true; }
function getRequests($senterId, $receiverId) { global $db; $query = 'SELECT transactions.uid, transactions.bcid, transactions.state, transactions.time, bcopies.bcid FROM transactions CROSS JOIN bcopies ON bcopies.bcid = transactions.bcid WHERE transactions.uid = ? AND bcopies.uid = ? AND transactions.state = "request" ORDER BY transactions.time DESC '; $stmt = mysqli_prepare($db, $query); mysqli_stmt_bind_param($stmt, 'ii', $senterId, $receiverId); mysqli_stmt_execute($stmt); mysqli_stmt_store_result($stmt); mysqli_stmt_bind_result($stmt, $uid, $bcid, $state, $time, $bcid); $requests = []; while (mysqli_stmt_fetch($stmt)) { $request['uid'] = $uid; $request['bcid'] = $bcid; $request['state'] = $state; $request['time'] = $time; $request['bcid'] = $bcid; $requests[] = $request; } return $requests; }