<?php
session_start();
include 'includes/globals.php';
include 'includes/kick.php';
$database = new Database();
$seed = '0123456789abcdefghijklmnopqrstuvwxyz';
$hash = sha1(uniqid($seed . mt_rand(), true));
$hash = substr($hash, 0, 10);
$dir = GALERIA_DIR . "/" . $hash;
if (!file_exists($dir)) {
mkdir($dir, 0777);
} else {
$hash = sha1(uniqid($seed . mt_rand(), true));
$hash = substr($hash, 0, 10);
$dir = GALERIA_DIR . "/" . $hash;
mkdir($dir, 0777);
}
$sql = 'INSERT INTO galeria (album_name, album_dir, album_status) VALUES (:album_name, :album_dir, :album_status)';
$database->query($sql);
$database->bindArray(array(':album_name' => $_POST['album_name'], ':album_dir' => $hash, ':album_status' => 1));
if ($database->execute()) {
$redirect = "galeria.php?e=2";
} else {
$redirect = "galeria.php?e=1";
}
header('Location: ' . $redirect);
exit;
$database = new Database();
//catch error;
echo $database->errorInfo();
//insert
$sql = "INSERT INTO mytable (FName, LName, Age, Gender) VALUES (:fname, :lname, :age, :gender)";
$database->query($sql);
$database->bind(':fname', 'John');
$database->bind(':lname', 'Smith');
$database->bind(':age', '24');
$database->bind(':gender', 'male');
//$database->execute();
//echo $database->lastInsertId();
//insert array
$sql = "INSERT INTO mytable (FName, LName, Age, Gender) VALUES (:fname, :lname, :age, :gender)";
$database->query($sql);
$database->bindArray(array(':fname' => 'Maria2', ':lname' => 'Azpeitia', ':age' => 26, ':gender' => 'female'));
//$database->execute();
//multiple
$database->beginTransaction();
$sql = "INSERT INTO mytable (FName, LName, Age, Gender) VALUES (:fname, :lname, :age, :gender)";
$database->query($sql);
$database->bind(':fname', 'Jenny');
$database->bind(':lname', 'Smith');
$database->bind(':age', '23');
$database->bind(':gender', 'female');
//$database->execute();
$database->bind(':fname', 'Jilly');
$database->bind(':lname', 'Smith');
$database->bind(':age', '25');
$database->bind(':gender', 'female');
//$database->execute();
<?php
session_start();
include 'includes/globals.php';
include 'includes/kick.php';
$id = intval($_POST['album_id']);
$database = new Database();
$sql = "UPDATE galeria SET album_name=:album_name WHERE album_id=:album_id";
$database->query($sql);
$database->bindArray(array(':album_id' => $id, ':album_name' => $_POST['album_name']));
if ($database->execute()) {
$redirect = "galeria.php?e=2";
} else {
$redirect = "galeria.php?e=1";
}
header('Location: ' . $redirect);
exit;
<?php
session_start();
include 'includes/globals.php';
include 'includes/kick.php';
$id = intval($_GET['id']);
$database = new Database();
$sql = "UPDATE galeria SET album_status=:album_status WHERE album_id=:album_id";
$database->query($sql);
$database->bindArray(array(':album_id' => $id, ':album_status' => 1));
if ($database->execute()) {
$redirect = "galeria.php?e=2";
} else {
$redirect = "galeria.php?e=1";
}
header('Location: ' . $redirect);
exit;
<?php
session_start();
include 'includes/globals.php';
include 'includes/kick.php';
$id = intval($_POST['id']);
$seed = '0123456789abcdefghijklmnopqrstuvwxyz';
$hash = sha1(uniqid($seed . mt_rand(), true));
$comments = utf8_encode($_POST['comments']);
$database = new Database();
$sql = "INSERT INTO files_comments (comments_file, comments_author, comments_comment, comments_date) VALUES (:comments_file, :comments_author, :comments_comment, NOW())";
$database->query($sql);
$database->bindArray(array(':comments_file' => $id, ':comments_author' => $_SESSION['id'], ':comments_comment' => $comments));
if ($database->execute()) {
$redirect = 'files_detail.php?mes=' . $hash . '&id=' . $row['file_month'] . '&f=' . $id . '&day=' . $hash . '&file=' . $row['file_filename'] . '&e=2&y=' . $row['file_year'] . '&year=' . date('Y') . $hash . date('m');
} else {
$redirect = 'files_detail.php?mes=' . $hash . '&id=' . $row['file_month'] . '&f=' . $id . '&day=' . $hash . '&file=' . $row['file_filename'] . '&e=1&y=' . $row['file_year'] . '&year=' . date('Y') . $hash . date('m');
}
header('Location: ' . $redirect);
exit;
?>
<?php
session_start();
include 'includes/globals.php';
include 'includes/kick.php';
$id = intval($_POST['user_id']);
$database = new Database();
if ($_POST['user_passwd'] == "") {
$sql = "UPDATE users SET user_fullname=:user_fullname, user_login=:user_login, user_email=:user_email, user_level=:user_level WHERE user_id=:user_id";
$database->query($sql);
$database->bindArray(array(':user_id' => $id, ':user_fullname' => $_POST['user_fullname'], ':user_login' => $_POST['user_login'], ':user_email' => $_POST['user_email'], ':user_level' => $_POST['user_level']));
if ($database->execute()) {
$redirect = "admins.php?e=2";
} else {
$redirect = "admins.php?e=1";
}
header('Location: ' . $redirect);
exit;
} else {
$passwd = password_hash($_POST['user_passwd'], PASSWORD_DEFAULT);
$sql = "UPDATE users SET user_fullname=:user_fullname, user_login=:user_login, user_email=:user_email, user_passwd=:user_passwd, user_level=:user_level WHERE user_id=:user_id";
$database->query($sql);
$database->bindArray(array(':user_id' => $id, ':user_fullname' => $_POST['user_fullname'], ':user_login' => $_POST['user_login'], ':user_email' => $_POST['user_email'], ':user_passwd' => $passwd, ':user_level' => $_POST['user_level']));
if ($database->execute()) {
$redirect = "admins.php?e=2";
} else {
$redirect = "admins.php?e=1";
}
header('Location: ' . $redirect);
exit;
}
$ext = pathinfo($path, PATHINFO_EXTENSION);
$seed = '0123456789abcdefghijklmnopqrstuvwxyz';
$hash = sha1(uniqid($seed . mt_rand(), true));
$hash = substr($hash, 0, 10) . "." . $ext;
$file = "archivos/" . $hash;
$file_title = $_POST['file_title'];
$day = date('d');
$mes = date('m');
$ano = date('Y');
$comments = utf8_encode($_POST['comentarios']);
if ($_FILES['file']['size'] != 0) {
if (move_uploaded_file($_FILES['file']['tmp_name'], $file)) {
$database = new Database();
$sql = "INSERT INTO files (file_title, file_filename, file_day, file_month, file_year, file_comment, file_author) VALUES (:file_title, :file_filename, :file_day, :file_month, :file_year, :file_comment, :file_author)";
$database->query($sql);
$database->bindArray(array(':file_title' => $file_title, ':file_filename' => $hash, ':file_day' => $day, ':file_month' => $mes, ':file_year' => $ano, ':file_comment' => $comments, ':file_author' => $id));
if ($database->execute()) {
$redirect = "files.php?e=2";
} else {
$redirect = "files.php?e=1";
}
header("cache-Control: no-cache, must-revalidate");
header("Location: {$redirect}");
exit;
}
$redirect = "files.php?e=1";
header("cache-Control: no-cache, must-revalidate");
header("Location: {$redirect}");
exit;
} else {
$redirect = "files.php?e=1";
$database->query($sql);
$database->bind(':email', $email);
$database->bind(':key', $key);
$database->execute();
$check_key = $database->rowCount();
if ($check_key != 0) {
//get the confirm info
$confirm_info = $database->single();
//confirm the email and update the users database
$seed = '0123456789abcdefghijklmnopqrstuvwxyz';
$hash = sha1(uniqid($seed . mt_rand(), true));
$hash = substr($hash, 0, 10);
$pass = password_hash($hash, PASSWORD_DEFAULT);
$sql = "UPDATE `users` SET `user_passwd`=:user_passwd WHERE `user_id`=:user_id LIMIT 1";
$database->query($sql);
$database->bindArray(array(':user_id' => $confirm_info['userid'], ':user_passwd' => $pass));
if ($database->execute()) {
$action['result'] = 'success';
$action['text'] = 'Restablecimiento correcto!';
$run = 1;
} else {
$action['result'] = 'error';
$action['text'] = 'No se puede restablecer la contraseña debido a: ' . $database->errorInfo();
$run = 0;
}
//delete the confirm row
$sql = "DELETE FROM `forgot` WHERE `id`=:f_id LIMIT 1";
$database->query($sql);
$database->bindArray(array(':f_id' => $confirm_info['id']));
$database->execute();
$sql = "OPTIMIZE TABLE `forgot`";
