<?php session_start(); include 'includes/globals.php'; include 'includes/kick.php'; $database = new Database(); $seed = '0123456789abcdefghijklmnopqrstuvwxyz'; $hash = sha1(uniqid($seed . mt_rand(), true)); $hash = substr($hash, 0, 10); $dir = GALERIA_DIR . "/" . $hash; if (!file_exists($dir)) { mkdir($dir, 0777); } else { $hash = sha1(uniqid($seed . mt_rand(), true)); $hash = substr($hash, 0, 10); $dir = GALERIA_DIR . "/" . $hash; mkdir($dir, 0777); } $sql = 'INSERT INTO galeria (album_name, album_dir, album_status) VALUES (:album_name, :album_dir, :album_status)'; $database->query($sql); $database->bindArray(array(':album_name' => $_POST['album_name'], ':album_dir' => $hash, ':album_status' => 1)); if ($database->execute()) { $redirect = "galeria.php?e=2"; } else { $redirect = "galeria.php?e=1"; } header('Location: ' . $redirect); exit;
$database = new Database(); //catch error; echo $database->errorInfo(); //insert $sql = "INSERT INTO mytable (FName, LName, Age, Gender) VALUES (:fname, :lname, :age, :gender)"; $database->query($sql); $database->bind(':fname', 'John'); $database->bind(':lname', 'Smith'); $database->bind(':age', '24'); $database->bind(':gender', 'male'); //$database->execute(); //echo $database->lastInsertId(); //insert array $sql = "INSERT INTO mytable (FName, LName, Age, Gender) VALUES (:fname, :lname, :age, :gender)"; $database->query($sql); $database->bindArray(array(':fname' => 'Maria2', ':lname' => 'Azpeitia', ':age' => 26, ':gender' => 'female')); //$database->execute(); //multiple $database->beginTransaction(); $sql = "INSERT INTO mytable (FName, LName, Age, Gender) VALUES (:fname, :lname, :age, :gender)"; $database->query($sql); $database->bind(':fname', 'Jenny'); $database->bind(':lname', 'Smith'); $database->bind(':age', '23'); $database->bind(':gender', 'female'); //$database->execute(); $database->bind(':fname', 'Jilly'); $database->bind(':lname', 'Smith'); $database->bind(':age', '25'); $database->bind(':gender', 'female'); //$database->execute();
<?php session_start(); include 'includes/globals.php'; include 'includes/kick.php'; $id = intval($_POST['album_id']); $database = new Database(); $sql = "UPDATE galeria SET album_name=:album_name WHERE album_id=:album_id"; $database->query($sql); $database->bindArray(array(':album_id' => $id, ':album_name' => $_POST['album_name'])); if ($database->execute()) { $redirect = "galeria.php?e=2"; } else { $redirect = "galeria.php?e=1"; } header('Location: ' . $redirect); exit;
<?php session_start(); include 'includes/globals.php'; include 'includes/kick.php'; $id = intval($_GET['id']); $database = new Database(); $sql = "UPDATE galeria SET album_status=:album_status WHERE album_id=:album_id"; $database->query($sql); $database->bindArray(array(':album_id' => $id, ':album_status' => 1)); if ($database->execute()) { $redirect = "galeria.php?e=2"; } else { $redirect = "galeria.php?e=1"; } header('Location: ' . $redirect); exit;
<?php session_start(); include 'includes/globals.php'; include 'includes/kick.php'; $id = intval($_POST['id']); $seed = '0123456789abcdefghijklmnopqrstuvwxyz'; $hash = sha1(uniqid($seed . mt_rand(), true)); $comments = utf8_encode($_POST['comments']); $database = new Database(); $sql = "INSERT INTO files_comments (comments_file, comments_author, comments_comment, comments_date) VALUES (:comments_file, :comments_author, :comments_comment, NOW())"; $database->query($sql); $database->bindArray(array(':comments_file' => $id, ':comments_author' => $_SESSION['id'], ':comments_comment' => $comments)); if ($database->execute()) { $redirect = 'files_detail.php?mes=' . $hash . '&id=' . $row['file_month'] . '&f=' . $id . '&day=' . $hash . '&file=' . $row['file_filename'] . '&e=2&y=' . $row['file_year'] . '&year=' . date('Y') . $hash . date('m'); } else { $redirect = 'files_detail.php?mes=' . $hash . '&id=' . $row['file_month'] . '&f=' . $id . '&day=' . $hash . '&file=' . $row['file_filename'] . '&e=1&y=' . $row['file_year'] . '&year=' . date('Y') . $hash . date('m'); } header('Location: ' . $redirect); exit; ?>
<?php session_start(); include 'includes/globals.php'; include 'includes/kick.php'; $id = intval($_POST['user_id']); $database = new Database(); if ($_POST['user_passwd'] == "") { $sql = "UPDATE users SET user_fullname=:user_fullname, user_login=:user_login, user_email=:user_email, user_level=:user_level WHERE user_id=:user_id"; $database->query($sql); $database->bindArray(array(':user_id' => $id, ':user_fullname' => $_POST['user_fullname'], ':user_login' => $_POST['user_login'], ':user_email' => $_POST['user_email'], ':user_level' => $_POST['user_level'])); if ($database->execute()) { $redirect = "admins.php?e=2"; } else { $redirect = "admins.php?e=1"; } header('Location: ' . $redirect); exit; } else { $passwd = password_hash($_POST['user_passwd'], PASSWORD_DEFAULT); $sql = "UPDATE users SET user_fullname=:user_fullname, user_login=:user_login, user_email=:user_email, user_passwd=:user_passwd, user_level=:user_level WHERE user_id=:user_id"; $database->query($sql); $database->bindArray(array(':user_id' => $id, ':user_fullname' => $_POST['user_fullname'], ':user_login' => $_POST['user_login'], ':user_email' => $_POST['user_email'], ':user_passwd' => $passwd, ':user_level' => $_POST['user_level'])); if ($database->execute()) { $redirect = "admins.php?e=2"; } else { $redirect = "admins.php?e=1"; } header('Location: ' . $redirect); exit; }
$ext = pathinfo($path, PATHINFO_EXTENSION); $seed = '0123456789abcdefghijklmnopqrstuvwxyz'; $hash = sha1(uniqid($seed . mt_rand(), true)); $hash = substr($hash, 0, 10) . "." . $ext; $file = "archivos/" . $hash; $file_title = $_POST['file_title']; $day = date('d'); $mes = date('m'); $ano = date('Y'); $comments = utf8_encode($_POST['comentarios']); if ($_FILES['file']['size'] != 0) { if (move_uploaded_file($_FILES['file']['tmp_name'], $file)) { $database = new Database(); $sql = "INSERT INTO files (file_title, file_filename, file_day, file_month, file_year, file_comment, file_author) VALUES (:file_title, :file_filename, :file_day, :file_month, :file_year, :file_comment, :file_author)"; $database->query($sql); $database->bindArray(array(':file_title' => $file_title, ':file_filename' => $hash, ':file_day' => $day, ':file_month' => $mes, ':file_year' => $ano, ':file_comment' => $comments, ':file_author' => $id)); if ($database->execute()) { $redirect = "files.php?e=2"; } else { $redirect = "files.php?e=1"; } header("cache-Control: no-cache, must-revalidate"); header("Location: {$redirect}"); exit; } $redirect = "files.php?e=1"; header("cache-Control: no-cache, must-revalidate"); header("Location: {$redirect}"); exit; } else { $redirect = "files.php?e=1";
$database->query($sql); $database->bind(':email', $email); $database->bind(':key', $key); $database->execute(); $check_key = $database->rowCount(); if ($check_key != 0) { //get the confirm info $confirm_info = $database->single(); //confirm the email and update the users database $seed = '0123456789abcdefghijklmnopqrstuvwxyz'; $hash = sha1(uniqid($seed . mt_rand(), true)); $hash = substr($hash, 0, 10); $pass = password_hash($hash, PASSWORD_DEFAULT); $sql = "UPDATE `users` SET `user_passwd`=:user_passwd WHERE `user_id`=:user_id LIMIT 1"; $database->query($sql); $database->bindArray(array(':user_id' => $confirm_info['userid'], ':user_passwd' => $pass)); if ($database->execute()) { $action['result'] = 'success'; $action['text'] = 'Restablecimiento correcto!'; $run = 1; } else { $action['result'] = 'error'; $action['text'] = 'No se puede restablecer la contraseña debido a: ' . $database->errorInfo(); $run = 0; } //delete the confirm row $sql = "DELETE FROM `forgot` WHERE `id`=:f_id LIMIT 1"; $database->query($sql); $database->bindArray(array(':f_id' => $confirm_info['id'])); $database->execute(); $sql = "OPTIMIZE TABLE `forgot`";