Example #1
0
 public function checkUserSession()
 {
     if (!isset($this->SessionID)) {
         return array(false, "Session key empty");
     }
     $SessionID = $this->SessionID;
     $sql = "SELECT Email FROM Sessions WHERE SessionID = ?";
     $params = array($SessionID);
     global $conn;
     if ($conn) {
         $stmt = sqlsrv_query($conn, $sql, $params);
         if ($stmt === false) {
             return array(false, "Connection to server failed.");
         } else {
             if (sqlsrv_has_rows($stmt) > 0) {
                 $email = '';
                 while ($row = sqlsrv_fetch_array($stmt, SQLSRV_FETCH_ASSOC)) {
                     $email = $row['Email'];
                 }
                 return array(true, $email);
             } else {
                 return array(false, "Failed to authenticate");
             }
         }
     }
 }
Example #2
0
/**
 * Dumps the Founder data into a table
 *
 * @param int $CompanyID
 */
function dumpFounderData($CompanyID)
{
    // include the data access class
    include_once "DAO.php";
    try {
        // create a new data access object
        $db = new DAO();
        $sql = "EXEC dbo.GetFounderByCompanyID @CompanyID = " . $CompanyID;
        // set the select statement
        $db->setSQL($sql);
        // execute the SQL
        if ($db->execute()) {
            // did we get some rows
            if (sqlsrv_has_rows($db->getResultSet())) {
                // output the table and the first row (column headers)
                echo '<br>';
                echo '<table class="sorted table-autosort:0 table-stripeclass:alternate">';
                echo "<thead><tr>";
                echo "<th class='table-sortable:default' width='100'>Name</th>";
                echo "</tr></thead><tbody>";
                // output the table rows
                while ($row = sqlsrv_fetch_array($db->getResultSet(), SQLSRV_FETCH_ASSOC)) {
                    echo '<tr><td class="left" width="70"><a href="../Participant/History.php?wfID=' . $row['ID'] . '" target="_blank">' . $row['FounderName'] . '</a></td></tr>';
                }
                // finish the table
                echo "</tbody></table>";
            } else {
                echo "<div class='err'>No data found.</div>";
            }
        }
    } catch (Exception $e) {
        echo $e->getMessage(), "\n";
    }
    echo "</br>";
}
Example #3
0
/**
 * Execute Query to obtain one or more objects from the NECLIMS db; returns string on error
 *
 * @param $sql
 * @param optional class specification
 */
function query($sql, $object = NULL)
{
    // include object class if specifed
    if ($object != NULL) {
        require_once $object . ".cls.php";
    }
    // create a data access object
    $dao = new DAO();
    // pass the sql statement to the data access object
    $dao->setSQL($sql);
    // declare an array for storing the row results
    $retVal = array();
    try {
        // run the sql statement
        if ($dao->execute() && sqlsrv_has_rows($dao->getResultSet())) {
            // object specified.
            if ($object != NULL) {
                // while there were more results/rows, save the object in the array
                while ($row = sqlsrv_fetch_object($dao->getResultSet(), $object . "")) {
                    $retVal[] = $row;
                }
            } else {
                // while there were more results/rows, save the object in the array
                while ($row = sqlsrv_fetch_array($dao->getResultSet(), SQLSRV_FETCH_ASSOC)) {
                    $retVal[] = $row;
                }
            }
        }
    } catch (Exception $e) {
        return "Query Error: " . $e->getMessage() . ". SQL: " . $sql . ". Object specified: " . $object;
    }
    // return to the caller
    return $retVal;
    //error_log(print_r($retVal, true));
}
/**
 *
 * @param resource $conn
 *        	Recurso que contiene la conexión SQL.
 * @param string $tabla        	
 * @param boolean $comprobar
 *        	Si está a true (valor por defecto) siempre hace la comprobación.
 *        	Si se pone el valor a false sólo hace la comprobación cuando es
 *        	día 1.
 * @return mixed array si hay un error SQL. Si la tabla no existe false. Si la
 *         tabla existe true.
 */
function existeTabla($conn, $tabla, $comprobarTabla = 1)
{
    $hoy = getdate();
    if ($hoy["mday"] == 1 or $comprobarTabla) {
        global $respError;
        $sql = "select * from dbo.sysobjects where id = object_id(N'{$tabla}')";
        // Ejecutar una consulta SQL para saber si existe la tabla de auditoría
        //////////////////////////////////////////////////////
        $stmt = sqlsrv_query($conn, $sql);
        if ($stmt === false) {
            if (($errors = sqlsrv_errors()) != null) {
                $SQLSTATE = $errors[0]["SQLSTATE"];
                $Cerror = $errors[0]["code"];
                $Merror = utf8_encode($errors[0]["message"]);
                if ($farmacia == FARMACIA_DEBUG or strlen(FARMACIA_DEBUG) == 0) {
                    if (DEBUG & DEBUG_ERROR_SQL) {
                        $mensaje = "--[" . date("c") . "] código: {$Cerror} mensaje: {$Merror} \n";
                        $mensaje .= "--Error en el fichero: " . __FILE__ . ", en la línea: " . __LINE__;
                        error_log($mensaje . $sql . "\r\n", 3, DIRECTORIO_LOG . __FUNCTION__ . "_" . date("YmdH") . ".log");
                    }
                }
                // Error al hacer la consulta
                return $respError->errorSQL($SQLSTATE, $Cerror, $Merror);
            }
        }
        if (sqlsrv_has_rows($stmt) === false) {
            // La tabla no existe.
            return false;
        }
    }
    // La tabla existe o no hay que comprobarlo
    return true;
}
Example #5
0
 public static function hasRows($connection, $query, $params = NULL)
 {
     if (!$params) {
         $query = sqlsrv_has_rows(sqlsrv_query($connection, $query));
     } else {
         $query = sqlsrv_has_rows(sqlsrv_query($connection, $query, $params));
     }
     return $query;
 }
Example #6
0
function create_env_devices($conn)
{
    $query_check_data_exists = "SELECT * FROM riot4.ENV_settings";
    $statement_check_data_exist = sqlsrv_query($conn, $query_check_data_exists);
    if (!sqlsrv_has_rows($statement_check_data_exist)) {
        $MID = DEFAULT_ENV_ID;
        $query_insert_devices = "INSERT INTO riot4.ENV_settings (id,Device,Value) VALUES (?,'light_bulb',4),(?,'fan_table',8),(?,'light_table',2)";
        $params = array($MID, $MID, $MID);
        sqlsrv_query($conn, $query_insert_devices, $params);
    }
}
function getPlayerID($gameName, $clanID)
{
    $db = new BaseDB();
    $records = $db->dbQuery("SELECT PlayerID from Player WHERE GameName = '{$gameName}' AND ClanID = {$clanID}");
    if (sqlsrv_has_rows($records)) {
        $record = sqlsrv_fetch_array($records, SQLSRV_FETCH_BOTH);
        return $record['PlayerID'];
    } else {
        return null;
    }
}
Example #8
0
 private function fetch_rows()
 {
     $num_rows = $this->num_rows();
     if ($num_rows > 0 && sqlsrv_has_rows($this->result)) {
         for ($i = 0; $i < $num_rows; $i++) {
             $result_array[$i] = sqlsrv_fetch_array($this->result, SQLSRV_FETCH_ASSOC);
         }
         //END for
         return $result_array;
     } else {
         return null;
     }
     //END if
 }
Example #9
0
 function checkPW($user, $password)
 {
     $conn = sqlsrv_connect($GLOBALS['srvname'], $GLOBALS['con_info']);
     $query = "SELECT * FROM Gamer WHERE username=? AND password=?";
     $params = array($user, $password);
     $result = sqlsrv_query($conn, $query, $params);
     if (!$result) {
         die(print_r(sqlsrv_errors()));
     }
     $numrows = sqlsrv_has_rows($result);
     if (!$numrows) {
         return false;
     }
     sqlsrv_close($conn);
     return true;
 }
Example #10
0
function tekenProduct($productNaam, $image, $beschrijving, $resterendeTijd, $productNummer)
{
    if ($resterendeTijd == '0:0:0:0') {
        $sql99 = "update Voorwerp set VeilingGesloten='Ja' where Voorwerpnummer = " . $productNummer . "";
        $stmt99 = sqlsrv_query($conn, $sql99);
        $uitvoer99 = sqlsrv_fetch_array($stmt, SQLSRV_FETCH_ASSOC);
        $where = "WHERE Voorwerpnummer = " . $productNummer . "";
        $sql = 'select V.Titel, V.Verkoper
						from Voorwerp V
						' . $where . '';
        $stmt = sqlsrv_query($conn, $sql);
        $uitvoer = sqlsrv_fetch_array($stmt, SQLSRV_FETCH_ASSOC);
        $sql2 = 'select Gebruikersnaam, Voornaam, Achternaam, Mailbox
						from Gebruiker
						where Gebruikersnaam=(select top 1 B.Gebruiker
															from Voorwerp V INNER JOIN Bod B
																					ON V.Voorwerpnummer=B.Voorwerp
															' . $where . '
															ORDER BY B.Bodbedrag DESC)';
        $stmt2 = sqlsrv_query($conn, $sql2);
        $rows = sqlsrv_has_rows($stmt2);
        if ($rows == true) {
            $row = sqlsrv_fetch_array($stmt2, SQLSRV_FETCH_ASSOC);
            $email = $row['Mailbox'];
            $msg = "Gefeliciteerd! U heeft de veiling met de naam: " . rtrim($uitvoer['Titel']) . " gewonnen! \n Wanneer u uw product ontvangen hebt kunt u feedback achterlaten op de verkoper met deze link: iproject12.icasites.nl/feedbackAchterlaten.php?voorwerp=" . $productNummer . "&gebruiker=" . $uitvoer['Verkoper'] . "\n Bewaar deze email goed.";
            mail($email, "Gewonnen veiling", $msg);
        }
        if ($rows == false) {
            $sql2 = "select Mailbox\n\t\t\t\t\t\t\tfrom Gebruiker\n\t\t\t\t\t\t\twhere Gebruikersnaam='" . $uitvoer['Verkoper'] . "'";
            $stmt2 = sqlsrv_query($conn, $sql2);
            $row = sqlsrv_fetch_array($stmt2, SQLSRV_FETCH_ASSOC);
            $email = $row['Mailbox'];
            $msg = "Helaas! uw veiling met de naam: " . rtrim($uitvoer['Titel']) . " heeft geen biedingen gekregen. \n Uw veiling is gesloten.";
            mail($email, "Uw veiling is gesloten", $msg);
        }
    }
    $class = "product";
    echo '<div class="' . $class . '">
					<img src="resources/images/' . $image . '" alt="' . $image . '">
					<h1>' . $productNaam . '</h1>
					<div class="productoverzicht">
						' . $beschrijving . '
					</div>
					<h4>' . $resterendeTijd . '</h4>
					<a href="productDetailPagina.php?id=' . $productNummer . '">Bekijk veiling &nbsp;</a> 
				</div>';
}
Example #11
0
function ENV_logged_on()
{
    $query = "SELECT * FROM riot4.ENV WHERE id = ?";
    $params = array($_SESSION['MID']);
    $statement = sqlsrv_query($conn, $query, $params);
    if (sqlsrv_has_rows($statement)) {
        $row = sqlsrv_fetch_array($statement);
        if ($row['OTP'] == $_SESSION['ENV_OTP']) {
            $_SESSION['ENV_OTP'] = $row['OTP'];
        } else {
            $_SESSION['ENV_OTP'] = NULL;
            $_SESSION['MID'] = NULL;
            $_SESSION['ROOT'] = NULL;
        }
    }
    return isset($_SESSION['MID']);
}
Example #12
0
function dumpParticipantWorkFlows($DONOR_CODE)
{
    // include the data access class
    include_once "DAO.php";
    try {
        // create a new data access object
        $db = new DAO();
        // set the SQL
        $sql = "EXEC dbo.GetParticipantWorkFlows @DONOR_CODE ='" . $DONOR_CODE . "'";
        // set the select statement
        $db->setSQL($sql);
        // execute the SQL
        if ($db->execute()) {
            // did we get some rows
            if (sqlsrv_has_rows($db->getResultSet())) {
                // output the table and the first row (column headers)
                echo '<br>';
                echo '<table class="sorted table-autosort:0 table-stripeclass:alternate">';
                echo "<thead><tr>";
                echo "<th class='table-sortable:default' width='70'>Name</th>";
                echo "<th class='table-sortable:default' width='295'>Description</th>";
                echo "<th class='table-sortable:default' width='75'>Status</th>";
                echo "<th class='table-sortable:default' width='150'>Next step</th>";
                echo "<th class='table-sortable:default' width='200'>Next step role</th>";
                echo "</tr></thead><tbody>";
                // output the table rows
                while ($row = sqlsrv_fetch_array($db->getResultSet(), SQLSRV_FETCH_ASSOC)) {
                    echo '<tr><td class="left" width="70"><a href="../Participant/History.php?wfID=' . $row['ID'] . '" target="_blank">' . $row['Name'] . '</a></td>';
                    echo '<td class="left" width="295">' . $row['Description'] . '</td>';
                    echo '<td class="center" width="75">' . $row['WorkFlowStatus'] . '</td>';
                    echo '<td class="left" width="150">' . $row['NextStep'] . '</td>';
                    echo '<td class="left" width="200">' . $row['Role'] . '</td></tr>';
                }
                // finish the table
                echo "</tbody></table>";
            } else {
                echo "<div class='err'>No data found.</div>";
            }
        }
    } catch (Exception $e) {
        echo $e->getMessage(), "\n";
    }
    echo "</br>";
}
Example #13
0
 function doLogin($params)
 {
     $lquery = "SELECT username, rank, class, race FROM Gamer WHERE username=? AND password=?";
     $srvname = "localhost";
     $con_info = array("Database" => "EPGP", "UID" => "sa", "PWD" => "cakepie");
     $conn = sqlsrv_connect($srvname, $con_info);
     if (!$conn) {
         die(print_r(sqlsrv_errors(), true));
     }
     if (isset($conn) && isset($lquery)) {
         $result = sqlsrv_query($conn, $lquery, $params);
     } else {
         echo "DB Query missing connection or query";
     }
     if (sqlsrv_has_rows($result)) {
         return sqlsrv_fetch_array($result);
     } else {
         return false;
     }
 }
 function signUp()
 {
     if (!empty($_POST['username'])) {
         $checkUser = $_POST['username'];
         unset($query);
         $query = "select * from users where username = '******'";
         $stmt = sqlsrv_query($GLOBALS['conn'], $query);
         $record = sqlsrv_has_rows($stmt);
         if (!$record) {
             $this->regUser();
         } else {
             //echo "Sorry! You are already registered.";
             sqlsrv_close($GLOBALS['conn']);
             die(print_r(sqlsrv_errors(), true));
         }
     }
     if (isset($_POST['submit'])) {
         echo "Submit call";
         signUp();
     }
 }
Example #15
0
                 while ($row = sqlsrv_fetch_array($statement)) {
                     $query_env_update = "UPDATE riot4.ENV_settings SET Value  = ? WHERE id = ? AND Device = ?";
                     $params = array($row['Value'], $Envir_ID, $row['Device']);
                     $statement_env_update = sqlsrv_query($conn, $query_env_update, $params);
                 }
             }
             $msg = "You are admin for the environment";
             header("Location: /env_settings.php?Message=" . urlencode($msg));
         } else {
             if (get_count($_SESSION['MID']) == 0) {
                 /* Change ENV values to that of first user
                    -------------------------------------------*/
                 $query = "SELECT * from riot4.settings WHERE User_ID = ?";
                 $params = array($_SESSION['userid']);
                 $statement = sqlsrv_query($conn, $query, $params);
                 if (sqlsrv_has_rows($statement)) {
                     while ($row = sqlsrv_fetch_array($statement)) {
                         $query_env_update = "UPDATE riot4.ENV_settings SET Value  = ? WHERE id = ? AND Device = ? AND LOCK=0";
                         $params = array($row['Value'], $Envir_ID, $row['Device']);
                         $statement_env_update = sqlsrv_query($conn, $query_env_update, $params);
                     }
                 }
                 $msg = "You are 1st user in the environment";
                 header("Location: /env_settings.php?Message=" . urlencode($msg));
             }
         }
     } else {
         $msg = "Environment_ID/OTP combination is incorrect.<br><br>";
         $valid = TRUE;
     }
 } else {
Example #16
0
 /**
  * INSERT wrapper, inserts an array into a table
  *
  * $arrToInsert may be a single associative array, or an array of these with numeric keys, for
  * multi-row insert.
  *
  * Usually aborts on failure
  * If errors are explicitly ignored, returns success
  * @param string $table
  * @param array $arrToInsert
  * @param string $fname
  * @param array $options
  * @throws DBQueryError
  * @return bool
  */
 public function insert($table, $arrToInsert, $fname = __METHOD__, $options = array())
 {
     # No rows to insert, easy just return now
     if (!count($arrToInsert)) {
         return true;
     }
     if (!is_array($options)) {
         $options = array($options);
     }
     $table = $this->tableName($table);
     if (!(isset($arrToInsert[0]) && is_array($arrToInsert[0]))) {
         // Not multi row
         $arrToInsert = array(0 => $arrToInsert);
         // make everything multi row compatible
     }
     // We know the table we're inserting into, get its identity column
     $identity = null;
     // strip matching square brackets and the db/schema from table name
     $tableRawArr = explode('.', preg_replace('#\\[([^\\]]*)\\]#', '$1', $table));
     $tableRaw = array_pop($tableRawArr);
     $res = $this->doQuery("SELECT NAME AS idColumn FROM SYS.IDENTITY_COLUMNS " . "WHERE OBJECT_NAME(OBJECT_ID)='{$tableRaw}'");
     if ($res && sqlsrv_has_rows($res)) {
         // There is an identity for this table.
         $identityArr = sqlsrv_fetch_array($res, SQLSRV_FETCH_ASSOC);
         $identity = array_pop($identityArr);
     }
     sqlsrv_free_stmt($res);
     // Determine binary/varbinary fields so we can encode data as a hex string like 0xABCDEF
     $binaryColumns = $this->getBinaryColumns($table);
     foreach ($arrToInsert as $a) {
         // start out with empty identity column, this is so we can return
         // it as a result of the insert logic
         $sqlPre = '';
         $sqlPost = '';
         $identityClause = '';
         // if we have an identity column
         if ($identity) {
             // iterate through
             foreach ($a as $k => $v) {
                 if ($k == $identity) {
                     if (!is_null($v)) {
                         // there is a value being passed to us,
                         // we need to turn on and off inserted identity
                         $sqlPre = "SET IDENTITY_INSERT {$table} ON;";
                         $sqlPost = ";SET IDENTITY_INSERT {$table} OFF;";
                     } else {
                         // we can't insert NULL into an identity column,
                         // so remove the column from the insert.
                         unset($a[$k]);
                     }
                 }
             }
             // we want to output an identity column as result
             $identityClause = "OUTPUT INSERTED.{$identity} ";
         }
         $keys = array_keys($a);
         // INSERT IGNORE is not supported by SQL Server
         // remove IGNORE from options list and set ignore flag to true
         $ignoreClause = false;
         if (in_array('IGNORE', $options)) {
             $options = array_diff($options, array('IGNORE'));
             $this->mIgnoreDupKeyErrors = true;
         }
         // Build the actual query
         $sql = $sqlPre . 'INSERT ' . implode(' ', $options) . " INTO {$table} (" . implode(',', $keys) . ") {$identityClause} VALUES (";
         $first = true;
         foreach ($a as $key => $value) {
             if (isset($binaryColumns[$key])) {
                 $value = new MssqlBlob($value);
             }
             if ($first) {
                 $first = false;
             } else {
                 $sql .= ',';
             }
             if (is_null($value)) {
                 $sql .= 'null';
             } elseif (is_array($value) || is_object($value)) {
                 if (is_object($value) && $value instanceof Blob) {
                     $sql .= $this->addQuotes($value);
                 } else {
                     $sql .= $this->addQuotes(serialize($value));
                 }
             } else {
                 $sql .= $this->addQuotes($value);
             }
         }
         $sql .= ')' . $sqlPost;
         // Run the query
         $this->mScrollableCursor = false;
         try {
             $ret = $this->query($sql);
         } catch (Exception $e) {
             $this->mScrollableCursor = true;
             $this->mIgnoreDupKeyErrors = false;
             throw $e;
         }
         $this->mScrollableCursor = true;
         $this->mIgnoreDupKeyErrors = false;
         if (!is_null($identity)) {
             // then we want to get the identity column value we were assigned and save it off
             $row = $ret->fetchObject();
             $this->mInsertId = $row->{$identity};
         }
     }
     return $ret;
 }
/**
 * Comprueba si el DNI del certificado está dado de alta en la base de
 * datos.
 * 
 * @param resource $conn
 *        	Recurso que contiene la conexión SQL.
 * @param $farmacia string
 *        	Número de farmacia.
 * @param $DNIParam string
 *        	DNI pasado como parámetro en la petición.
 * @return mixed String de cuatro dígitos con el número de la farmacia si existe
 *         el DNI. <br> - Array con el error SQL, si lo hay.<br> - Si no está
 *         dado de alta o no se reconece el certificado, array con el error
 *         "-9001".
 */
function comprobarCertificado($conn, $farmacia, $DNIParam)
{
    $cetificadosPermitidos = unserialize(CERTIFICADOS_PERMITIDOS);
    if ($datosCertificado = analizaCertificado($cetificadosPermitidos)) {
        $CN = $datosCertificado["CN"];
        $DNI_CERT = strtoupper($datosCertificado["DNI"]);
        $SERIAL_NUMBER = $datosCertificado["SERIAL NUMBER"];
        $ORGANISMO = $datosCertificado["ORGANISMO"];
        define("CN", $CN);
    } else {
        $errors = array("code" => "-9001", "message" => "Certificado no reconocido.");
        return $errors;
        //No hay resultados
    }
    if ($DNI_CERT != $DNIParam) {
        $errors = array("code" => "-9002", "message" => "El DNI del certificado no es el mismo que el introducido como parámetro.");
        return $errors;
        //No hay resultados
    }
    $parametros = array($DNIParam, $farmacia);
    $sql = "SELECT\r\n\t\t\t[farmacia]\r\n\t\t\t,[nif]\r\n\t\tFROM DNIfarmacias WHERE (nif = ?) and (farmacia = ?)";
    // Ejecutar una consulta SQL
    //////////////////////////////////////////////////////
    if ($farmacia == FARMACIA_DEBUG or strlen(FARMACIA_DEBUG) == 0) {
        if (DEBUG & DEBUG_QUERY) {
            $mensaje = "--[" . date("c") . "] Farmacia: {$farmacia} \n";
            $mensaje .= "--Query hecha en el fichero: " . __FILE__ . ", en la línea: " . __LINE__ . "\n";
            error_log($mensaje . verQuery($sql, $parametros) . "\r\n", 3, DIRECTORIO_LOG . __FUNCTION__ . "_" . date("YmdH") . ".log");
        }
    }
    $stmt = sqlsrv_query($conn, $sql, $parametros);
    if ($stmt === false) {
        if (($errors = sqlsrv_errors()) != null) {
            $Cerror = $errors[0]["code"];
            $Merror = $errors[0]["message"];
            if ($farmacia == FARMACIA_DEBUG or strlen(FARMACIA_DEBUG) == 0) {
                if (DEBUG & DEBUG_ERROR_SQL) {
                    $mensaje = "--[" . date("c") . "] Farmacia: {$farmacia} código: {$Cerror} mensaje: {$Merror} \n";
                    $mensaje .= "--Error en el fichero: " . __FILE__ . ", en la línea: " . __LINE__ . "\n";
                    error_log($mensaje . verQuery($sql, $parametros) . "\r\n", 3, DIRECTORIO_LOG . __FUNCTION__ . "_" . date("YmdH") . ".log");
                }
            }
            throw new SoapFault("Client." . $Cerror, $Merror);
        }
    }
    // Desplegar la información del resultado
    //////////////////////////////////////////////////////
    if (sqlsrv_has_rows($stmt) === false) {
        $errors = array("code" => "-9001", "message" => utf8_encode("NIF ({$DNI_CERT}) [{$CN}] no está dado de alta, o no coincide en la farmacia."));
        sqlsrv_free_stmt($stmt);
        return $errors;
        //No hay resultados
    }
    $fila = sqlsrv_fetch_array($stmt, SQLSRV_FETCH_ASSOC);
    if ($fila === false) {
        if (($errors = sqlsrv_errors()) != null) {
            throw new SoapFault("Client." . $errors[0]["code"], $errors[0]["message"]);
        }
    }
    $numero = trim($fila["farmacia"]);
    sqlsrv_free_stmt($stmt);
    return $numero;
}
Example #18
0
    //$LastUpDate = $date->format('m-d-Y H:i:s');
    $LastUpDate = $date->format('m-d-Y h:i A');
}
?>
<div id="preReport">
<div id="spacer">&nbsp;</div>
<div id="spacer">&nbsp;</div>

<select name="supervisors" onchange="showTests(this.value)">
<?php 
$query = "SELECT [supervisor] FROM [APACS Sandbox].[dbo].[00securitytestTEMP]  group by [supervisor] order by [supervisor]";
$qresult = sqlsrv_query($db, $query, array(), array("Scrollable" => "buffered"));
if ($qresult === False) {
    echo "fail";
}
if (!sqlsrv_has_rows($qresult)) {
    return false;
}
while ($row = sqlsrv_fetch_array($qresult)) {
    echo '<option value="' . $row['supervisor'] . '">' . $row['supervisor'] . '</option>';
}
?>

</select>
<div id="div1">Select a supervisor for latest test scores of their employees</div>
Latest test scores updated on <?php 
echo $LastUpDate;
?>
.
</div>
	
 public function getSetting($key)
 {
     $query = "SELECT [value] FROM " . TeraWurflConfig::$TABLE_PREFIX . 'Settings' . " WHERE [id] = " . $this->SQLPrep($key);
     $this->numQueries++;
     $res = sqlsrv_query($this->dbcon, $query);
     if (!sqlsrv_has_rows($res)) {
         return null;
     }
     $row = sqlsrv_fetch_array($res);
     sqlsrv_free_stmt($res);
     return $row['value'];
 }
Example #20
0
 public function execute($bind_params = false)
 {
     $ret_val = false;
     $arg_list = func_get_args();
     $lazy = isset($arg_list[1]) && $arg_list[1] ? true : false;
     //----------------------------------------------
     // Prepare SQL Statement
     //----------------------------------------------
     $prepare_status = $this->_prepare($this->curr_query, $bind_params, $lazy);
     if (!$prepare_status) {
         if ($this->check_and_print_error()) {
             return false;
         }
         $this->print_error('Query prepare failed.');
         return false;
     }
     if (!$this->stmt) {
         return false;
     }
     //----------------------------------------------
     // Execute Query
     //----------------------------------------------
     $exec_status = @sqlsrv_execute($this->stmt);
     if (!$exec_status) {
         if ($this->check_and_print_error()) {
             return false;
         }
         $this->print_error('Query execution failed.');
         return false;
     }
     //----------------------------------------------
     // Create Data Result Object if Necessary
     //----------------------------------------------
     if ($this->stmt && gettype($this->stmt) != 'boolean') {
         //----------------------------------------------
         // Affected Rows
         //----------------------------------------------
         $this->affected_rows = sqlsrv_rows_affected($this->stmt);
         $ret_val = $this->affected_rows;
         //----------------------------------------------
         // Create Data Result Object
         //----------------------------------------------
         $has_rows = sqlsrv_has_rows($this->stmt);
         $this->data_result = new data_result($this->stmt, $this->data_src);
         //----------------------------------------------
         // Last Insert ID
         //----------------------------------------------
         $this->last_id = null;
     }
     //----------------------------------------------
     // Return Data Result Object if it exists
     //----------------------------------------------
     if ($this->data_result) {
         $this->num_rows = $this->data_result->num_rows();
         $this->num_fields = $this->data_result->num_fields();
         $ret_val = $this->data_result;
     }
     //----------------------------------------------
     // Check for Errors
     //----------------------------------------------
     if ($this->check_and_print_error()) {
         return false;
     }
     return $ret_val;
 }
Example #21
0
 // Establishing Connection with Server by passing server_name, user_id and password as a parameter
 $serverName = "localhost";
 $connectionInfo = array("Database" => "xxx", "UID" => "xxx", "PWD" => "xxx");
 $conn = sqlsrv_connect($serverName, $connectionInfo);
 if ($conn) {
     echo "Connection established.<br />";
 } else {
     echo "Connection could not be established.<br />";
     die(print_r(sqlsrv_errors(), true));
 }
 $sql = "SELECT MasterPatientID FROM vCrgvrPrtl_User\tWHERE vCrgvrPrtl_User.CaregiverPin = '{$pin}' AND UPPER(vCrgvrPrtl_User.FirstName) = '{$firstname}' AND UPPER(vCrgvrPrtl_User.LastName) ='{$lastname}';";
 $stmt = sqlsrv_query($conn, $sql);
 if ($stmt === false) {
     die(print_r(sqlsrv_errors(), true));
 } else {
     if (sqlsrv_has_rows($stmt) != 1) {
         header("location: logerror.php");
         // Redirecting To Invalid pin Page
     } else {
         // Make the first (and in this case, only) row of the result set available for reading.
         if (sqlsrv_fetch($stmt) === false) {
             die(print_r(sqlsrv_errors(), true));
         } else {
             // Get the row fields. Field indeces start at 0 and must be retrieved in order.
             // Retrieving row fields by name is not supported by sqlsrv_get_field.
             $mpi = sqlsrv_get_field($stmt, 0);
             $_SESSION['mpi'] = $mpi;
             sqlsrv_free_stmt($stmt);
             sqlsrv_close($conn);
             header("location: portal.php");
             // Redirecting To Other Page
Example #22
0
<?php

require "security\\server.php";
$conn = sqlsrv_connect($serverName, $connectionInfo);
if ($conn === false) {
    die(print_r(sqlsrv_errors(), true));
}
$user = '******';
$sql = "SELECT * FROM users where username = '******'";
echo "Conn: " . $conn . "<br>";
$stmt = sqlsrv_query($conn, $sql);
$record = sqlsrv_has_rows($stmt);
echo $record . "<br>";
if ($record) {
    echo "Exist<br>";
    //ie( print_r( sqlsrv_errors(), true) );
} else {
    echo "Die";
}
while ($row = sqlsrv_fetch_array($stmt, SQLSRV_FETCH_ASSOC)) {
    echo $row['name'] . ", " . $row['username'] . "<br />";
}
sqlsrv_free_stmt($stmt);
Example #23
0
/**
 * displays the founder pulldown
 *
 * @param unknown_type $ID
 * @param unknown_type $selectedVal
 * @param unknown_type $isBootstrap
 */
function displayFounderPulldown($ID, $selectedVal, $isBootstrap = false, $tooltip = null)
{
    // include the data access class
    include_once "DAO.php";
    try {
        // create a new data access object
        $db = new DAO();
        $sql = "EXEC dbo.GetCompanyLookUp @likeClause=" . $like . "'";
        // set the select statement
        $db->setSQL($sql);
        // execute the SQL
        if ($db->execute()) {
            // did we get some rows
            if (sqlsrv_has_rows($db->getResultSet())) {
                if ($isBootstrap) {
                    // start the pulldown control
                    echo '<select name="' . $ID . '" id="' . $ID . '" class="form-control" data-toggle="tooltip" data-placement="bottom"' . ' title="' . $tooltip . '"><option value="-1">Select a value...</option>';
                    // output the table rows
                    while ($row = sqlsrv_fetch_array($db->getResultSet(), SQLSRV_FETCH_ASSOC)) {
                        echo '<option value = "' . $row['CompanyID'] . '" ' . IsSelected($row['CompanyID'], $selectedVal) . '>' . $row['CompanyName'] . '</option>';
                    }
                    // finish off the control
                    echo "</select>";
                } else {
                    // start the pulldown control
                    echo '<select name="' . $ID . '" id="' . $ID . '"><option value="-1">Select a value...</option>';
                    // output the table rows
                    while ($row = sqlsrv_fetch_array($db->getResultSet(), SQLSRV_FETCH_ASSOC)) {
                        echo '<option value = "' . $row['CompanyID'] . '" ' . IsSelected($row['CompanyID'], $selectedVal) . '>' . $row['CompanyName'] . '</option>';
                    }
                    // finish off the control
                    echo "</select>";
                }
            } else {
                echo '<div class="err">No data found.</div>';
            }
        }
    } catch (Exception $e) {
        echo $e->getMessage(), "\n";
    }
}
Example #24
0
function listTestDates($logon, $db, $level, $ManagerId)
{
    $isManager = 0;
    $empsSupervised = 0;
    $x = 0;
    //$leftMargin=$level * 25;
    $row_count = 0;
    $query = "SELECT  * FROM [APACS Sandbox].[dbo].[00securitytestTEMP] where suplogon = '" . $logon . "'";
    //echo $query;
    $qresult = sqlsrv_query($db, $query, array(), array("Scrollable" => "buffered"));
    if ($qresult === False) {
        $db->exitWithError('query fail');
    }
    if (!sqlsrv_has_rows($qresult)) {
        // no rows not a manager   maybe manger livel -1 ????
        //echo "supervises no one  incementer = " . $x;
        //$isManager=0;
    } else {
        //$isManager=1;
        // supervisor add a level
        $level++;
        $row_count = sqlsrv_num_rows($qresult);
    }
    while ($row = sqlsrv_fetch_array($qresult)) {
        $date = $row['testdate'];
        $formattedDate = $date->format('m-d-Y');
        $x++;
        //echo "incrementer =" . $x;
        if ($x == 1) {
            //$Managers[$row['suplogon']] = $row['supervisor'] ;
            //echo "Supervises ".  	$row_count . " people";
        }
        //$x++;
        //Check if this employee is a supervior
        $mquery = "SELECT  * FROM [APACS Sandbox].[dbo].[00securitytestTEMP] where suplogon = '" . $row['logon'] . "'";
        // echo $query;
        $mqresult = sqlsrv_query($db, $mquery, array(), array("Scrollable" => "buffered"));
        if ($mqresult === False) {
            $db->exitWithError('query fail');
        }
        if (!sqlsrv_has_rows($mqresult)) {
            // no rows not a manager   maybe manger livel -1 ????
            ?>
 	<li class="dataline"><?php 
            echo $row['name'];
            ?>
 &nbsp; <?php 
            echo $row['email'];
            ?>
 <span style=" position:absolute; left:500px;">&nbsp;Test Date:<?php 
            echo $formattedDate;
            ?>
&nbsp;&nbsp;&nbsp;&nbsp;<?php 
            echo $row['attempts'];
            ?>
&nbsp;attempts</span>
	</li>
<?php 
        } else {
            $ManagerId++;
            ?>
 	<li class="dataline">
		<input type="checkbox" unchecked  id="Manager<?php 
            echo $ManagerId;
            ?>
" /> <label for="Manager<?php 
            echo $ManagerId;
            ?>
"><?php 
            echo $row['name'];
            ?>
&nbsp;<?php 
            echo $row['email'];
            ?>
 <span style=" position:absolute; left:500px;">&nbsp;Test Date:<?php 
            echo $formattedDate;
            ?>
&nbsp;&nbsp;&nbsp;&nbsp;<?php 
            echo $row['attempts'];
            ?>
&nbsp;attempts</span></label> 
		<ul>
	<?php 
            list($level, $ManagerId) = listTestDates($row['logon'], $db, $level, $ManagerId);
        }
        //echo " employee listed increnter =" . $x ;
        //echo "rowcount = " .$row_count;
        //echo "Employee level is " .$level;
        if ($row_count == $x) {
            //last of level down
            $level--;
            echo "<li> </li>\t  </ul></li>";
        }
        //	echo  $row['name'] . "is Manager" . $isManager;
    }
    //return $level;
    return array($level, $ManagerId);
}
Example #25
0
<?php

include_once "BaseClasses/BaseDB.class.php";
include_once "BaseClasses/Database.class.php";
$warID = $_REQUEST['selectedWarID'];
$db = new BaseDB();
$sql = "\n        SELECT TheirRank, MAX(StarsTaken) AS StarsTaken\n        FROM dbo.View_StarsTaken\n        GROUP BY TheirRank, OurAttack, WarID\n        HAVING (OurAttack = 1) AND (WarID = {$warID})\n    ";
$records = $db->dbQuery($sql);
$data = array();
$i = 0;
if (!sqlsrv_has_rows($records)) {
    $data['starsWon'][0] = array('TheirRank' => 0, 'StarsTaken' => 0);
} else {
    while ($record = sqlsrv_fetch_array($records, SQLSRV_FETCH_BOTH)) {
        $data['starsWon'][$i] = array('TheirRank' => $record['TheirRank'], 'StarsTaken' => $record['StarsTaken']);
        $i++;
    }
}
$db->Free($records);
$db->close();
echo json_encode($data);
 /**
  * Get related resource for a resource
  * 
  * @param ResourceSet      $sourceResourceSet    The source resource set
  * @param mixed            $sourceEntityInstance The source resource
  * @param ResourceSet      $targetResourceSet    The resource set of 
  *                                               the navigation property
  * @param ResourceProperty $targetProperty       The navigation property to be 
  *                                               retrieved
  * 
  * @return Object/null The related resource if exists else null
  */
 public function getRelatedResourceReference(ResourceSet $sourceResourceSet, $sourceEntityInstance, ResourceSet $targetResourceSet, ResourceProperty $targetProperty)
 {
     $result = null;
     $srcClass = get_class($sourceEntityInstance);
     $navigationPropName = $targetProperty->getName();
     if ($srcClass === 'Order') {
         if ($navigationPropName === 'Customer') {
             if (empty($sourceEntityInstance->CustomerID)) {
                 $result = null;
             } else {
                 $query = "SELECT * FROM Customers WHERE CustomerID = '{$sourceEntityInstance->CustomerID}'";
                 $stmt = sqlsrv_query($this->_connectionHandle, $query);
                 if ($stmt === false) {
                     $errorAsString = self::_getSQLSRVError();
                     ODataException::createInternalServerError($errorAsString);
                 }
                 if (!sqlsrv_has_rows($stmt)) {
                     $result = null;
                 }
                 $result = $this->_serializeCustomer(sqlsrv_fetch_array($stmt, SQLSRV_FETCH_ASSOC));
             }
         } else {
             ODataException::createInternalServerError('Customer does not have navigation porperty with name: ' . $navigationPropName . ' Contact Service Provider');
         }
     } else {
         if ($srcClass === 'Order_Details') {
             if ($navigationPropName === 'Order') {
                 if (empty($sourceEntityInstance->OrderID)) {
                     $result = null;
                 } else {
                     $query = "SELECT * FROM Orders WHERE OrderID = {$sourceEntityInstance->OrderID}";
                     $stmt = sqlsrv_query($this->_connectionHandle, $query);
                     if ($stmt === false) {
                         $errorAsString = self::_getSQLSRVError();
                         ODataException::createInternalServerError($errorAsString);
                     }
                     if (!sqlsrv_has_rows($stmt)) {
                         $result = null;
                     }
                     $result = $this->_serializeOrder(sqlsrv_fetch_array($stmt, SQLSRV_FETCH_ASSOC));
                 }
             } else {
                 ODataException::createInternalServerError('Order_Details does not have navigation porperty with name: ' . $navigationPropName . ' Contact Service Provider');
             }
         }
     }
     return $result;
 }
}
if (array_key_exists('eventdate', $_POST)) {
    $eventDate = $_POST['eventdate'];
    $Query .= " AND DATE = '{$eventDate}'";
}
if (array_key_exists('eventcategory', $_POST)) {
    $eventCategory = $_POST['eventcategory'];
    $Query .= " AND EVENT_CATEGORY = '{$eventCategory}'";
}
if (array_key_exists('eventrso', $_POST)) {
    $eventRSO = $_POST['eventrso'];
    $Query .= " AND RSO_AFFILIATION = '{$eventRSO}'";
}
$Result_Array = array();
$Result = sqlsrv_query($db, $Query);
if (!sqlsrv_has_rows($Result)) {
    echo false;
    return;
}
while ($row = sqlsrv_fetch_array($Result, SQLSRV_FETCH_ASSOC)) {
    $Result_Array[] = $row;
}
$html = '<tr>';
//header row
foreach ($Result_Array[0] as $key => $value) {
    $html .= '<th>' . $key . '</th>';
}
$html .= '</tr>';
foreach ($Result_Array as $row) {
    $html .= "<tr>";
    foreach ($row as $key => $value) {
<?php

require_once "Includes/header.php";
if (!logged_on() || !ENV_logged_on()) {
    header("Location: /index.php");
}
if (isset($_POST['ENV_Update'])) {
    $mid = $_SESSION['MID'];
    $query = "SELECT * FROM riot4.ENV_settings WHERE id = ? ORDER BY PrimKey DESC";
    $params = array($mid);
    $statement_user = sqlsrv_query($conn, $query, $params);
    if (sqlsrv_has_rows($statement_user)) {
        while ($row = sqlsrv_fetch_array($statement_user)) {
            $d = $row['PrimKey'];
            $d1 = $row['PrimKey'] . $row['PrimKey'];
            $val = $_POST[$d];
            $lock = isset($_POST[$d1]);
            $l = 0;
            if ($lock) {
                $l = 1;
            }
            $query_update = "UPDATE riot4.ENV_settings SET Value = ?,LOCK = ? WHERE PrimKey = ?";
            $params = array($val, $l, $row['PrimKey']);
            $statement_update = sqlsrv_query($conn, $query_update, $params);
        }
    }
}
echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"/Styles/Settings.css\">";
global $conn;
$mid = $_SESSION['MID'];
/**/
Example #29
0
$huidigeDag = date("d:m:Y");
$huidigeTijd = date("G:i:s");
$bodNietHoogGenoeg = false;
if ($c->getTimeRemaining() == '0 dagen 0:0:0' && $uitvoer['VeilingGesloten'] == 'Nee') {
    $sql99 = "update Voorwerp set VeilingGesloten='Ja' where Voorwerpnummer = " . $uitvoer['Voorwerpnummer'] . "";
    $stmt99 = sqlsrv_query($conn, $sql99);
    $uitvoer99 = sqlsrv_fetch_array($stmt, SQLSRV_FETCH_ASSOC);
    $sql2 = 'select Gebruikersnaam, Voornaam, Achternaam, Mailbox
					from Gebruiker
					where Gebruikersnaam=(select top 1 B.Gebruiker
														from Voorwerp V INNER JOIN Bod B
																				ON V.Voorwerpnummer=B.Voorwerp
														' . $where . '
														ORDER BY B.Bodbedrag DESC)';
    $stmt2 = sqlsrv_query($conn, $sql2);
    $rows = sqlsrv_has_rows($stmt2);
    if ($rows == true) {
        $row = sqlsrv_fetch_array($stmt2, SQLSRV_FETCH_ASSOC);
        $email = $row['Mailbox'];
        $msg = "Gefeliciteerd! U heeft de veiling met de naam: " . rtrim($uitvoer['Titel']) . " gewonnen! \n Wanneer u uw product ontvangen hebt kunt u feedback achterlaten op de verkoper met deze link: iproject12.icasites.nl/feedbackAchterlaten.php?voorwerp=" . $nummer . "&gebruiker=" . $uitvoer['Verkoper'] . "\n Bewaar deze email goed.";
        mail($email, "Gewonnen veiling", $msg);
    }
    if ($rows == false) {
        $sql2 = "select Mailbox\n\t\t\t\t\t\tfrom Gebruiker\n\t\t\t\t\t\twhere Gebruikersnaam='" . $uitvoer['Verkoper'] . "'";
        $stmt2 = sqlsrv_query($conn, $sql2);
        $row = sqlsrv_fetch_array($stmt2, SQLSRV_FETCH_ASSOC);
        $email = $row['Mailbox'];
        $msg = "Helaas! uw veiling met de naam: " . rtrim($uitvoer['Titel']) . " heeft geen biedingen gekregen. \n Uw veiling is gesloten.";
        mail($email, "Uw veiling is gesloten", $msg);
    }
}
Example #30
0
/**
 * gets the participant variants from NCGENES
 *
 * @param string $DonorCode
 */
function doGetParticipantVariants($DonorCode)
{
    // include the data access class
    include_once "DAO.php";
    // create a new data access object
    $db = new DAO();
    // set the request params
    $AnalysisType = 2;
    // the type of analysis results (Dx=2 vs. incidental=1)
    $roleID = 22;
    // the role of the user (22 is admin/everything)
    $type = 1;
    // the type of results (parent rows=1 vs transcript rows=2)
    $geneID = 'No filter';
    // filter on a specific gene in the results
    $FilterID = -1;
    // the type of specific bin analysis result (specific Dx code vs. specific incidental code)
    // create the SQL
    $sql = "EXEC dbo.GetAnalysisResults @DONOR_CODE = '" . $DonorCode . "', @AnalysisType=" . $AnalysisType . ", @Role=" . $roleID . ", @type=" . $type . ", @geneID='" . $geneID . "', @FilterID=" . $FilterID;
    // assign the SQL
    $db->setSQL($sql);
    // preset the return value
    $retVal = NULL;
    // execute the SQL
    if ($db->execute()) {
        // did we get some rows
        if (sqlsrv_has_rows($db->getResultSet())) {
            // init a counter
            $i = 0;
            // output the table rows
            while ($row = sqlsrv_fetch_array($db->getResultSet(), SQLSRV_FETCH_ASSOC)) {
                // add the row to the output array
                $data[$i] = $row;
                // next row
                $i++;
            }
            // return the data JSON formatted
            $retVal = '{"data":' . json_encode($data) . '}';
        } else {
            $retVal = '{"error": "doGetParticipantVariants() - No data"}';
        }
    } else {
        $retVal = '{"error": "doGetParticipantVariants() - Error getting data"}';
    }
    //error_log(print_r($data, true));
    // return the data to the caller
    echo $retVal;
    // terminate the data stream
    die;
}