public static function addInterest($session_id, $org_id, $resp_name, $resp_contact, $comment)
{
$db = new DB();
$resp_name = mysqli_real_escape_string($db->getConnection(), $resp_name);
$resp_contact = mysqli_real_escape_string($db->getConnection(), $resp_contact);
$comment = mysqli_real_escape_string($db->getConnection(), $comment);
$sql = "insert into session_interest (session_id, org_id, resp_name, resp_contact, comment) values ({$session_id}, {$org_id}, '{$resp_name}', '{$resp_contact}', '{$comment}')";
$db->execute($sql);
}
public static function insert($SQL)
{
$q = DB::getConnection()->prepare("INSERT" . $SQL);
$q->execute();
$result = DB::getConnection()->lastInsertId();
return $result;
}
function __construct($sql, $countSql, $numberOfRows = 10, $pageName, $showPageLinks = true)
{
//Skipjack
$this->pageName = $pageName;
$this->numberOfRows = intval($numberOfRows);
$this->pageVariableName = 'page';
$this->pageLinks = array();
$this->pageLinkCounter = 0;
$this->sql = $sql;
$this->countSql = $countSql;
$db = new DB();
$this->db = $db->getConnection();
$this->showPageLinks = $showPageLinks;
$next_page = $this->pageVariableName;
if (isset($_GET[$next_page])) {
$this->curr_page = (int) $_GET[$next_page];
} else {
$this->curr_page = 1;
}
//Skipjack
$this->startEntities = $this->curr_page * $this->numberOfRows - $this->numberOfRows + 1;
$this->endEntities = $this->curr_page * $this->numberOfRows;
$this->Render();
unset($this->rs);
unset($this->db);
unset($this->sql);
}
function getBy($id_parceiro)
{
$db = DB::getConnection('medoo');
//$db = DB::getConnection('medoo');
$servicos = $db->query("SELECT parceiro_servico.id as id, detalhes FROM parceiro_servico \n\t\t\t INNER JOIN servico ON(parceiro_servico.id_servico = servico.id)\n\t\t\t INNER JOIN parceiro ON(parceiro_servico.id_parceiro = parceiro.id)\n\t\t\t WHERE id_parceiro = " . $id_parceiro . " ")->fetchAll();
return $servicos;
}
public function getAll()
{
$sql = "SELECT * FROM produtos";
$db = new DB();
$db->getConnection();
$query = $db->execReader($sql);
return $query;
}
public static function get_result($query, $current_page = 1, $items_per_page = 0)
{
// get connection
$db = DB::getConnection();
// get the number of total result
$stmt = $db->prepare('SELECT COUNT(id) FROM ' . Config::USER_TABLE . ' WHERE ' . Config::SEARCH_COLUMN . ' LIKE :query');
$search_query = $query . '%';
$stmt->bindParam(':query', $search_query, PDO::PARAM_STR);
$stmt->execute();
$number_of_result = $stmt->fetch(PDO::FETCH_COLUMN);
// initialize variables
$HTML = '';
$number_of_pages = 1;
if ((int) $number_of_result !== 0) {
if ($items_per_page === 0) {
// show all
$stmt = $db->prepare('SELECT * FROM ' . Config::USER_TABLE . ' WHERE ' . Config::SEARCH_COLUMN . ' LIKE :query ORDER BY ' . Config::SEARCH_COLUMN);
$search_query = $query . '%';
$stmt->bindParam(':query', $search_query, PDO::PARAM_STR);
} else {
/*
* pagination
*
* calculate total pages
*/
if ($number_of_result < $items_per_page) {
$number_of_pages = 1;
} elseif ($number_of_result > $items_per_page) {
$number_of_pages = floor($number_of_result / $items_per_page) + 1;
} else {
$number_of_pages = $number_of_result / $items_per_page;
}
/*
* pagination
*
* calculate start
*/
$start = $current_page > 0 ? ($current_page - 1) * $items_per_page : 0;
$stmt = $db->prepare('SELECT * FROM ' . Config::USER_TABLE . ' WHERE ' . Config::SEARCH_COLUMN . ' LIKE :query ORDER BY ' . Config::SEARCH_COLUMN . ' LIMIT ' . $start . ', ' . $items_per_page);
$search_query = $query . '%';
$stmt->bindParam(':query', $search_query, PDO::PARAM_STR);
}
// run the query and get the result
$stmt->execute();
$results = $stmt->fetchAll(PDO::FETCH_ASSOC);
// generate HTML
foreach ($results as $result) {
$HTML .= "<tr><td>{$result['first_name']}</td><td>{$result['last_name']}</td><td>{$result['age']}</td><td>{$result['country']}</td></tr>";
}
} else {
// To prevent XSS prevention convert user input to HTML entities
$query = htmlentities($query, ENT_NOQUOTES, 'UTF-8');
// there is no result - return an appropriate message.
$HTML .= "<tr><td>There is no result for \"{$query}\"</td></tr>";
}
// form the return
return array('html' => $HTML, 'number_of_results' => (int) $number_of_result, 'total_pages' => $number_of_pages);
}
public function save($isNewStudent = false)
{
//create a new database object.
$db = new DB();
//if the user is already registered and we're
//just updating their info.
if (!$isNewStudent) {
//set the data array
$data = array("id" => "'{$this->id}'", "student_id" => "'{$this->student_id}'", "user_id" => "'{$this->user_id}'", "batch" => "'{$this->batch}'", "email" => "'{$this->email}'", "description" => "'" . mysqli_real_escape_string($db->getConnection(), $this->description) . "'");
//update the row in the database
$db->update($data, 'students', 'id = ' . $this->id);
} else {
//if the user is being registered for the first time.
$data = array("student_id" => "'{$this->student_id}'", "user_id" => "'{$this->user_id}'", "batch" => "'{$this->batch}'", "email" => "'{$this->email}'", "description" => "'" . mysqli_real_escape_string($db->getConnection(), $this->description) . "'");
$this->id = $db->insert($data, 'students');
}
return true;
}
public static function deleteCategory($category_id)
{
$category_id = intval($category_id);
$db = DB::getConnection();
$query = 'DELETE FROM category WHERE id = :id';
$result = $db->prepare($query);
$result->bindParam(':id', $category_id, PDO::PARAM_INT);
return $result->execute();
}
public static function deleteOrder($order_id)
{
$order_id = intval($order_id);
$db = DB::getConnection();
$query = 'DELETE FROM product_order WHERE id = :id';
$result = $db->prepare($query);
$result->bindParam(':id', $order_id, PDO::PARAM_INT);
return $result->execute();
}
/**
* get the database connection information
* @param: NULL
* @return: $db ref
* @access: protected
*/
protected function &getDB()
{
/*{{{*/
if (file_exists(CLASS_PATH . 'main/DB.class.php')) {
include_once CLASS_PATH . 'main/DB.class.php';
} else {
die("Can't include the Database connection.\n");
}
$db = DB::getConnection();
return $db;
}
public function __construct(array $data = null)
{
$this->db = DB::getConnection();
if (!$this->table) {
$this->table = $this->generateTableName();
}
parent::__construct($this->table);
if ($data) {
$this->fill($data);
}
}
function logar($login, $senha)
{
//echo "$login $senha";
$db = DB::getConnection('medoo');
$count = $db->count("cliente", ["AND" => ["email" => $login, "senha" => $senha]]);
if ($count == 1) {
return $this->getByEmail($login);
} else {
return "false";
}
}
function sincronize($animal)
{
$db = DB::getConnection('medoo');
$cliente = $db->select("cliente", "*", ["email" => '*****@*****.**']);
if (0 > 0) {
$db->update("cliente", ["nome" => $animal->nome, "email" => $animal->email, "fone" => $animal->fone, "endereco" => $animal->endereco, "senha" => $animal->senha, "data_cadastro" => $animal->dataCadastro, "data_ultima_alteracao" => $animal->dataUltimaAlteracao], ["email" => $animal->email]);
return 'atualizado';
} else {
$novoanimal = $db->insert("animal", ["id_cliente" => $cliente['id'], "nome" => $animal->nome, "sexo" => $animal->sexo, "raca" => $animal->raca, "cor" => $animal->cor, "data_cadastro" => $animal->dataCadastro, "data_ultima_alteracao" => $animal->dataUltimaAlteracao]);
return 'novo';
}
}
public function removeBoard()
{
try {
$id = $_GET["board"];
$db = new DB();
$sql = "DELETE FROM board WHERE id=" . $id;
$q = $db->getConnection()->prepare($sql);
$q->execute();
} catch (PDOException $e) {
echo $e->getMessage();
}
}
public function getCards()
{
try {
$db = new DB();
$query = $db->getConnection()->prepare("Select * from card where list_id=?");
if ($query->execute(array($this->id))) {
return $query->fetchAll(PDO::FETCH_CLASS, "Card");
}
} catch (PDOException $e) {
echo $e->getMessage();
}
}
public static function checkEmailExists($email)
{
$db = DB::getConnection();
$sql = 'SELECT COUNT(*) FROM users WHERE email = :email';
$result = $db->prepare($sql);
$result->bindParam(':email', $email, PDO::PARAM_STR);
$result->execute();
if ($result->fetchColumn()) {
return true;
}
return false;
}
function save($bet)
{
$conn = DB::getConnection('pdo');
$conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_WARNING);
$stmt = $conn->prepare("INSERT INTO bet (`winner`,`value`,`finalization`, `round`, `user_id`, `fight_id`,`is_draw`) VALUES (:winner,:value,:finalization,:round,:user_id,:fight_id,:is_draw)");
$stmt->bindParam("winner", $bet->winner);
$stmt->bindParam("value", $bet->value);
$stmt->bindParam("finalization", $bet->finalization);
$stmt->bindParam("round", $bet->round);
$stmt->bindParam("user_id", $bet->user_id);
$stmt->bindParam("fight_id", $bet->fight_id);
$stmt->bindParam("is_draw", $bet->is_draw, PDO::PARAM_BOOL);
$stmt->execute();
}
/**
* @return Product[]
*/
public function loadAll()
{
$conn = DB::getConnection();
$query = $conn->prepare('select * from product');
$query->execute();
$dataRows = $query->fetchAll();
$products = [];
if ($dataRows) {
foreach ($dataRows as $data) {
$product = $this->buildProduct($data);
$products[] = $product;
}
}
return $products;
}
public function getById($id)
{
$sql = "SELECT * FROM produtos WHERE id = " . addslashes($id);
$DB = new DB();
$DB->getConnection();
$query = $DB->execReader($sql);
$vo = new produtoVo();
while ($reg = $query->fetch_array(mysqli_assoc)) {
$vo->setId($reg["id"]);
$vo->setnome($reg["nome"]);
$vo->setmarca($reg["marca"]);
$vo->setpreco($reg["preco"]);
}
return $vo;
}
public function grabar()
{
$query = "INSERT INTO peliculas (nombre, genero, descripcion, disponibles, stock, precio)\n\t\t\t\t VALUES (:titulo, :genero, :desc, :disp, :stock, :precio)";
$stmt = DB::getStatement($query);
$stmt->bindParam(":titulo", $this->getTitulo(), PDO::PARAM_STR);
$stmt->bindParam(":genero", $this->getGenero(), PDO::PARAM_STR);
$stmt->bindParam(":desc", $this->getDescripcion(), PDO::PARAM_STR);
$stmt->bindParam(":disp", $this->getDisponibles(), PDO::PARAM_INT);
$stmt->bindParam(":stock", $this->getStock(), PDO::PARAM_INT);
$stmt->bindParam(":precio", $this->getPrecio(), PDO::PARAM_STR);
if ($stmt->execute()) {
$this->setCodigo(DB::getConnection()->lastInsertId());
return true;
}
return false;
}
public function load($id)
{
try {
$db = new DB();
$query = $db->getConnection()->prepare("Select * from user where id=?");
if ($query->execute(array($id))) {
$res = $query->fetch(PDO::FETCH_OBJ);
$this->id = $res->id;
$this->firstname = $res->firstname;
$this->lastname = $res->lastname;
$this->email = $res->email;
}
} catch (PDOException $e) {
echo $e->getMessage();
}
}
public static function save($name, $phone, $message, $userId, $sessionProducts)
{
$products = json_encode($sessionProducts);
$db = DB::getConnection();
if ($db) {
$sql = "INSERT INTO product_order(";
$sql .= "user_name, user_phone, user_comment, user_id, products";
$sql .= ") VALUES(";
$sql .= "?, ?, ?, ?, ?";
$sql .= ")";
$stmt = $db->prepare($sql);
$stmt->bindParam(1, $name, PDO::PARAM_STR);
$stmt->bindParam(2, $phone, PDO::PARAM_STR);
$stmt->bindParam(3, $message, PDO::PARAM_STR);
$stmt->bindParam(4, $userId, PDO::PARAM_INT);
$stmt->bindParam(5, $products, PDO::PARAM_STR);
return $stmt->execute();
}
}
public static function getCategoryList($status = true)
{
$db = DB::getConnection();
if ($db) {
$sql = "SELECT id, name ";
$sql .= "FROM category ";
if ($status) {
$sql .= "WHERE status = 1 ";
}
$sql .= "ORDER BY sort_order ASC";
if (!($result = $db->query($sql))) {
return false;
}
$categories = array();
while ($row = $result->fetch(PDO::FETCH_ASSOC)) {
$categories[] = $row;
}
return $categories;
}
}
public function getChildLevelData()
{
$parentId = null;
if (isset($_GET["parent_id"])) {
$parentId = $_GET["parent_id"];
}
if (!isset($parentId)) {
$response = new Response();
$response->success = false;
$response->data = null;
$response->message = "Parent ID is invalid for fetching child..";
return $response;
}
$conn = DB::getConnection();
$sql = "SELECT * FROM server_records WHERE record_id = " . $parentId;
$result = $conn->query($sql);
$rawList = array();
if ($result->num_rows > 0) {
while ($row = $result->fetch_assoc()) {
$serverRecord = new ServerRecord();
$serverRecord->copyFrom($row);
array_push($rawList, $serverRecord);
}
}
$conn->close();
if (!isset($_GET["filterPageSort"])) {
$response = new Response();
$response->message = "Data Fetched";
$response->success = true;
$response->data = $rawList;
return $response;
}
$filterPageSort = json_decode($_GET["filterPageSort"]);
$response = $this->doFilterPageSort($rawList, $filterPageSort);
return $response;
}
/**
* @param $dbInfo
* @param $query
* @param $current_page
* @param $items_per_page
* @throws \Exception
* @return array
*/
private function getDataFromMySQL($dbInfo, $query, $current_page, $items_per_page)
{
// get connection
$db = DB::getConnection($dbInfo);
$sql = "SELECT COUNT(*) FROM {$dbInfo['table']}";
// append where clause if search columns is set in the config
$whereClause = '';
if (!empty($dbInfo['searchColumns'])) {
$whereClause .= ' WHERE';
$counter = 1;
$binary = $dbInfo['caseSensitive'] == true ? 'BINARY' : '';
switch ($dbInfo['comparisonOperator']) {
case '=':
$comparisonOperator = '=';
break;
case 'LIKE':
$comparisonOperator = 'LIKE';
break;
default:
throw new \Exception('Comparison Operator is not valid');
}
foreach ($dbInfo['searchColumns'] as $searchColumn) {
if ($counter == count($dbInfo['searchColumns'])) {
// last item
$whereClause .= " {$binary} {$searchColumn} {$comparisonOperator} :query{$counter}";
} else {
$whereClause .= " {$binary} {$searchColumn} {$comparisonOperator} :query{$counter} OR";
}
++$counter;
}
$sql .= $whereClause;
}
// get the number of total result
$stmt = $db->prepare($sql);
if (!empty($whereClause)) {
switch ($dbInfo['searchPattern']) {
case 'q':
$search_query = $query;
break;
case '*q':
$search_query = "%{$query}";
break;
case 'q*':
$search_query = "{$query}%";
break;
case '*q*':
$search_query = "%{$query}%";
break;
default:
throw new \Exception('Search Pattern is not valid');
}
for ($i = 1; $i <= count($dbInfo['searchColumns']); ++$i) {
$toBindQuery = ':query' . $i;
$stmt->bindParam($toBindQuery, $search_query, \PDO::PARAM_STR);
}
}
$stmt->execute();
$number_of_result = (int) $stmt->fetch(\PDO::FETCH_COLUMN);
if (isset($dbInfo['maxResult']) && $number_of_result > $dbInfo['maxResult']) {
$number_of_result = $dbInfo['maxResult'];
}
// initialize variables
$HTML = '';
$number_of_pages = 1;
if (!empty($number_of_result) && $number_of_result !== 0) {
if (!empty($dbInfo['filterResult'])) {
$fromColumn = implode(',', $dbInfo['filterResult']);
} else {
$fromColumn = '*';
}
$baseSQL = "SELECT {$fromColumn} FROM {$dbInfo['table']}";
if (!empty($whereClause)) {
// set order by
$orderBy = !empty($dbInfo['orderBy']) ? $dbInfo['orderBy'] : $dbInfo['searchColumns'][0];
// set order direction
$allowedOrderDirection = array('ASC', 'DESC');
if (!empty($dbInfo['orderDirection']) && in_array($dbInfo['orderDirection'], $allowedOrderDirection)) {
$orderDirection = $dbInfo['orderDirection'];
} else {
$orderDirection = 'ASC';
}
$baseSQL .= "{$whereClause} ORDER BY {$orderBy} {$orderDirection}";
}
if ($items_per_page === 0) {
if (isset($dbInfo['maxResult'])) {
$baseSQL .= " LIMIT {$dbInfo['maxResult']}";
}
// show all
$stmt = $db->prepare($baseSQL);
if (!empty($whereClause)) {
for ($i = 1; $i <= count($dbInfo['searchColumns']); ++$i) {
$toBindQuery = ':query' . $i;
$stmt->bindParam($toBindQuery, $search_query, \PDO::PARAM_STR);
}
}
} else {
/*
* pagination
*
* calculate total pages
*/
if ($number_of_result < $items_per_page) {
$number_of_pages = 1;
} elseif ($number_of_result > $items_per_page) {
if ($number_of_result % $items_per_page === 0) {
$number_of_pages = floor($number_of_result / $items_per_page);
} else {
$number_of_pages = floor($number_of_result / $items_per_page) + 1;
}
} else {
$number_of_pages = $number_of_result / $items_per_page;
}
if (isset($dbInfo['maxResult'])) {
// calculate the limit
if ($current_page == 1) {
if ($items_per_page > $dbInfo['maxResult']) {
$limit = $dbInfo['maxResult'];
} else {
$limit = $items_per_page;
}
} elseif ($current_page == $number_of_pages) {
// last page
$limit = $dbInfo['maxResult'] - ($current_page - 1) * $items_per_page;
} else {
$limit = $items_per_page;
}
} else {
$limit = $items_per_page;
}
/*
* pagination
*
* calculate start
*/
$start = $current_page > 0 ? ($current_page - 1) * $items_per_page : 0;
$stmt = $db->prepare("{$baseSQL} LIMIT {$start}, {$limit}");
if (!empty($whereClause)) {
for ($i = 1; $i <= count($dbInfo['searchColumns']); ++$i) {
$toBindQuery = ':query' . $i;
$stmt->bindParam($toBindQuery, $search_query, \PDO::PARAM_STR);
}
}
}
// run the query and get the result
$stmt->execute();
$results = $stmt->fetchAll(\PDO::FETCH_ASSOC);
// generate HTML
foreach ($results as $result) {
$HTML .= '<tr>';
foreach ($result as $column) {
$HTML .= "<td>{$column}</td>";
}
$HTML .= '</tr>';
}
} else {
// To prevent XSS prevention convert user input to HTML entities
$query = htmlentities($query, ENT_NOQUOTES, 'UTF-8');
// there is no result - return an appropriate message.
$HTML .= "<tr><td>There is no result for \"{$query}\"</td></tr>";
}
// form the return
return array('html' => $HTML, 'number_of_results' => (int) $number_of_result, 'total_pages' => $number_of_pages);
}
?>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<link rel="stylesheet" href="css/960_16_col.css">
<link rel="stylesheet" href="css/bootstrap.css">
<link rel="stylesheet" href="css/pageStyle.css">
<script type="text/javascript" src="js/SignUpValidateSeeker.js"></script>
<title>Sign Up Seeker</title>
</head>
<body>
<?php
try {
ini_set("display_errors", 1);
$connection = DB::getConnection(DB::host, DB::database, DB::user, DB::password);
// gets the user id and searches for a matching id in the member table and displays the user's details
$table = new seekerTable($connection);
} catch (PODException $e) {
$connection = null;
exit("Connection Failed: " . $e->getMessage());
}
?>
<div id="page-container-default">
<div id="header">
<header class="container_16">
<div id="logo">
<div id="logo" class="grid_10">
<h1>appli.</h1>
</div>
<div id="nav" class="grid_6">
* Admin settings change
* *********************************
* @file : changeSettings.php
* @author : Vineeth N K(me@vineethkrisknan.in)
*
*/
session_start();
require_once '../assets/ajax/db.class.php';
if (!isset($_SESSION['username']) && empty($_SESSION['username']) || !isset($_SESSION['email']) && empty($_SESSION['email'])) {
echo 'session expired';
exit;
}
$post = filter_input_array(INPUT_POST);
if (isset($post) && !empty($post)) {
$connection = new DB();
$connection->getConnection();
if (isset($post['email']) && !empty($post['email'])) {
if (!filter_var($post['email'], FILTER_VALIDATE_EMAIL)) {
echo 'invalid email';
exit;
}
if ($post['email'] == $_SESSION['email']) {
echo 'old email';
exit;
}
$sql = "UPDATE `tc_users` SET `email` = '" . $post['email'] . "' WHERE `tc_users`.`user_id` = " . $_SESSION['user_id'] . ";";
try {
$change_email = $connection->query($sql);
} catch (PDOException $ex) {
echo 'Error: ' . $ex;
}
function deleteFavorito($favorito)
{
$db = DB::getConnection('medoo');
$id_cliente = $db->get("cliente", "id", ["email" => $favorito->cliente_email]);
$db->delete("favorito", ["AND" => ["id_cliente" => $id_cliente, "id_parceiro" => $favorito->parceiro_id]]);
}
/**
*/
function __construct()
{
parent::__construct();
$this->pdo = parent::getConnection();
$this->setValues();
}
static function getList()
{
return DB::getConnection()->query('SELECT * FROM file ORDER BY file_id DESC');
}
