private function insert_CommentLink()
{
//$GLOBALS['log'] .= "<br/>****************** <span class='startCall'> Call CommentLink->insert_CommentLink() </span>";
try {
if (!$this->commentID) {
throw new Exception('commentID is Null!');
}
if (!$this->AFDID) {
throw new Exception('AFDID is Null!');
}
if (!$this->link_Html) {
throw new Exception('link_Html is Null!');
}
$this->link_Html = trim($this->link_Html);
$conn_NeedToClose = false;
openDBConnection($this->conn, $conn_NeedToClose);
$sql = "INSERT INTO `commentLink` ( commentID, AFDID, link_Html, giveComment_Html, link_Sentance, link_Title, link_Label, link_URL, link_URLPosition, link_User, link_DateTime, link_External, link_Policy, link_Class, link_PolarityGrade, link_PolarityKeyword, link_ToOtherUser) \n VALUES ( '{$this->commentID}', '" . mysql_real_escape_string($this->AFDID) . "', '" . mysql_real_escape_string($this->link_Html) . "', '" . mysql_real_escape_string($this->giveComment_Html) . "', '" . mysql_real_escape_string($this->link_Sentance) . "', '" . mysql_real_escape_string($this->link_Title) . "', '" . mysql_real_escape_string($this->link_Label) . "', '" . mysql_real_escape_string($this->link_URL) . "', '" . mysql_real_escape_string($this->link_URLPosition) . "', '" . mysql_real_escape_string($this->link_User) . "', '" . $this->link_DateTime . "', '" . $this->link_External . "', '" . $this->link_Policy . "', '" . $this->link_Class . "', '" . $this->link_PolarityGrade . "', '" . $this->link_PolarityKeyword . "', '" . $this->link_ToOtherUser . "' )";
//$GLOBALS['log'] .= "<br/>sql: $sql";
if (mysqli_query($this->conn, $sql)) {
$this->commentLinkID = $this->conn->insert_id;
//$GLOBALS['log'] .= "<br/> CommentLink Inserted <span class='good'>successfully</span> to DB AFDID=". $this->AFDID.", commentID=$this->commentID, commentLinkID=$this->commentLinkID";
} else {
$GLOBALS['log'] .= "<br/> CommentLink <span class='bad'>Failed</span> to insert to DB";
$GLOBALS['log'] .= "<br/> <span class='bad'> Error description: " . mysqli_error($this->conn) . "</span>";
}
closeDBConnection($this->conn, $conn_NeedToClose);
} catch (Exception $e) {
echo 'Caught exception: ', $e->getMessage(), "\n";
}
}
}
}
} else {
if ($_SERVER['REQUEST_METHOD'] == "POST") {
if (count($resourceKeys) == 1) {
//Convert to JSON and transmit
header("Content-type: text/plain");
//print "It's a post!!";
$postData = file_get_contents("php://input");
$lesson = json_decode($postData, true);
//check if empty
if (empty($lesson)) {
die("Lesson contains no data!");
}
try {
$DBH = openDBConnection();
$DBH->beginTransaction();
$stmt = $DBH->prepare("INSERT INTO lesson (uid, date, content) VALUES(?,?,?);");
$stmt->bindValue(1, $lesson["uid"]);
$stmt->bindValue(2, $lesson["date"]);
$stmt->bindValue(3, $lesson["content"]);
$stmt->execute();
$DBH->commit();
//return success message
print json_encode("Lesson inserted successfully!");
} catch (PDOException $e) {
print_r($user);
die("Problem inserting into DB!");
reportDBError($e);
}
}
<?php
set_include_path("../../");
require_once "Controller/database.php";
require_once "Controller/authentication.php";
if (isset($_GET['firstName']) && isset($_GET['lastName']) && isset($_GET['uID']) && isset($_GET['phoneNumber']) && isset($_GET['email']) && isset($_GET['userName']) && isset($_GET['password']) && isset($_GET['confirmPassword'])) {
$first = trim($_GET['firstName']);
$last = trim($_GET['lastName']);
$uid = trim($_GET['uID']);
$phone = trim($_GET['phoneNumber']);
$email = trim($_GET['email']);
$username = trim($_GET['userName']);
$password = trim($_GET['password']);
$salt = makeSalt();
$hashedpassword = crypt($password, $salt);
$db = openDBConnection();
$query = "INSERT INTO `Grad_Prog_V5`.`users` (`uid`, `first_name`, `last_name`, `email`,\n `phone_number`, `role`, `username`, `hashword`) \n VALUES ('{$uid}','{$first}','{$last}','{$email}','{$phone}', 'student', '{$username}', '{$hashedpassword}')";
$statement = $db->prepare($query);
$statement->execute();
$output = "\n <div id='form'> \n <p>\n Thank you! Your information has been saved.<br>\n <a href='../mainpage.php'>Return to login</a>\n </p>\n </div>";
} else {
$output = "\n <div id=section>\n <p>Please enter the required information.</p>\n </div>\n \n <div id='form'>\n <form method='get'>\n <table>\n <tr>\n <td>\n First Name:\n </td>\n <td>\n <input type='text' name='firstName' pattern='[A-Z][a-z]+' \n title='Last name - Alphabet characters only' required placeholder='Josh'>\n </td>\n </tr>\n <tr>\n <td>\n Last Name:\n </td>\n <td>\n <input type='text' name='lastName' pattern='[A-Z][a-z]+' \n title='Last name - Alphabet characters only' required placeholder='Example'>\n </td>\n </tr>\n <tr>\n <td>\n uID:\n </td>\n <td>\n <input type='text' name='uID' pattern='[0-9]{8}' title='8-Digit Uid EX-00691234' \n required placeholder='00123456'>\n </td>\n </tr>\n <tr>\n <td>\n Phone Number:\n </td> \n <td>\n <input type='text' name = 'phoneNumber' pattern='[0-9]+' \n title='Numbers only'required placeholder='1234567890'>\n </td> \n </tr>\n <tr>\n <td> \n Email:\n </td>\n <td> \n <input type='email' name='email' required placeholder='*****@*****.**'>\n </td>\n </tr>\n </table>\n <br>\n <fieldset>\n <legend>Create a username and password</legend>\n <p>User Name: <input type='text' name='userName' required></p>\n <p>Password: <input type='password' name='password' pattern='.{8}.*' \n title='Passwords must be 8 characters long and match.'required> </p>\n <p>Confirm Password: <input type='password' name='confirmPassword' pattern='.{8}.*' \n title='Passwords must be 8 characters long and match.'required></p>\n </fieldset>\n <a href='../mainpage.php'>Cancel</a> \n <input id='submit' type='submit' value='Submit'> \n </form> \n\n </div>";
}
require "View/Create_User/new_user.php";
static function getHTMLByURL($AFDURL)
{
$output = "";
try {
$AFDURL = trim($AFDURL);
if (!$AFDURL) {
throw new Exception('AFDURL=$AFDURL is Null!');
}
$conn = "";
$conn_NeedToClose = false;
openDBConnection($conn, $conn_NeedToClose);
$GLOBALS['log'] .= "<br/> AFD::getHTMLByURL({$AFDURL})";
$sql = "select AFDID, AFDURL, AFDHTML\n from afd\n where AFDURL='{$AFDURL}'";
//echo $sql;
$result = $conn->query($sql);
if ($result->num_rows > 0) {
// output data of each row
while ($row = $result->fetch_assoc()) {
$output = $row[''];
$output .= "<br/><br/><a href='" . $row['AFDURL'] . "'>" . $row['AFDURL'] . "</a><br/><br/>";
$GLOBALS['log'] .= "<br/>" . basename(__FILE__, '.php') . ".php AFD::getHTMLByURL() AFDID:" . $row["AFDID"] . " AFDURL: " . $row["AFDURL"] . " </br>";
}
} else {
throw new Exception('There is no record in DB for AFDURL=$AFDURL!');
}
closeDBConnection($conn, $conn_NeedToClose);
} catch (Exception $e) {
echo 'Caught exception: ', $e->getMessage(), "\n";
}
return $output;
}
/**
*Checks to see if a login_id or name is available
*@param
* -login_id: a string
*@return boolean
* -return true if available, false if not
*/
function login_available($username)
{
try {
$DBH = openDBConnection();
//check if loginName already exists
$stmt = $DBH->prepare("SELECT COUNT(username) from user where username=?");
$stmt->bindValue(1, $username);
$stmt->execute();
$row = $stmt->fetch();
//if the user user exists
if ($row['COUNT(username)'] > 0) {
return false;
} else {
return true;
}
} catch (PDOException $e) {
}
}
private function insert_Comment()
{
//$GLOBALS['log'] .= "<br/>****************** <span class='startCall'> Call afd->insert_Comment() </span>";
try {
if (!$this->AFDID) {
throw new Exception('AFDID is Null!');
}
if (!$this->debateDateListID) {
throw new Exception('debateDateListID is Null!');
}
if (!$this->AFDTitleID) {
throw new Exception('AFDTitleID is Null!');
}
if (!$this->comment_Html) {
throw new Exception('comment_Html is Null!');
}
$this->AFDTitleID = trim($this->AFDTitleID);
$this->debateDateListID = trim($this->debateDateListID);
$this->comment_Html = trim($this->comment_Html);
$this->comment_User = trim($this->comment_User);
$this->comment_DateTime = trim($this->comment_DateTime);
$conn_NeedToClose = false;
openDBConnection($this->conn, $conn_NeedToClose);
$sql = "INSERT INTO `comment` ( AFDID, debateDateListID, AFDTitleID, comment_Html, comment_User, comment_DateTime) \n VALUES ( '{$this->AFDID}', '" . mysql_real_escape_string($this->debateDateListID) . "', '" . mysql_real_escape_string($this->AFDTitleID) . "', '" . mysql_real_escape_string($this->comment_Html) . "', '" . mysql_real_escape_string($this->comment_User) . "', '" . $this->comment_DateTime . "' )";
//$GLOBALS['log'] .= "<br/>sql: $sql";
if (mysqli_query($this->conn, $sql)) {
$this->commentID = $this->conn->insert_id;
$GLOBALS['log'] .= "<br/>Comment Inserted <span class='good'>successfully</span> to DB AFDID=" . $this->AFDID . ", commentID={$this->commentID}";
} else {
$GLOBALS['log'] .= "<br/> Comment <span class='bad'>Failed</span> to insert to DB";
$GLOBALS['log'] .= "<br/> <span class='bad'> Error description: " . mysqli_error($this->conn) . "</span>";
}
closeDBConnection($this->conn, $conn_NeedToClose);
} catch (Exception $e) {
echo 'Caught exception: ', $e->getMessage(), "\n";
}
}