echo "</div>"; echo '</td><td valign="top" id="main_column" class="right_td" style="padding:9px 2px 9px 9px;">'; //- HTML: breadcrumb navigation echo "<a href='" . PAGE . "'>" . htmlencode($currentDB['name']) . "</a>"; if ($target_table) { echo " → <a href='?table=" . urlencode($target_table) . "&action=row_view'>" . htmlencode($target_table) . "</a>"; } echo "<br/><br/>"; //- HTML: confirmation panel //if the user has performed some action, show the resulting message if (isset($_GET['confirm'])) { echo "<div id='main'>"; echo "<div class='confirm'>"; if (isset($error) && $error) { //an error occured during the action, so show an error message echo $lang['err'] . ": " . $db->getError() . "<br/>" . $lang['bug_report'] . ' ' . PROJECT_BUGTRACKER_LINK; } else { //action was performed successfully - show success message echo $completed; } echo "</div>"; if ($_GET['action'] == "row_delete" || $_GET['action'] == "row_create" || $_GET['action'] == "row_edit") { echo "<br/><br/><a href='?table=" . urlencode($target_table) . "&action=row_view'>" . $lang['return'] . "</a>"; } else { if ($_GET['action'] == "column_create" || $_GET['action'] == "column_delete" || $_GET['action'] == "column_edit" || $_GET['action'] == "index_create" || $_GET['action'] == "index_delete" || $_GET['action'] == "trigger_delete" || $_GET['action'] == "trigger_create") { echo "<br/><br/><a href='?table=" . urlencode($target_table) . "&action=column_view'>" . $lang['return'] . "</a>"; } else { echo "<br/><br/><a href='" . PAGE . (isset($backlinkParameters) ? "?" . $backlinkParameters : '') . "'>" . $lang['return'] . "</a>"; } } echo "</div>";
echo "</div>"; echo "</div>"; echo "<div id='content'>"; //breadcrumb navigation echo "<a href='" . PAGE . "'>" . $currentDB['name'] . "</a>"; if (isset($_GET['table'])) { echo " → <a href='" . PAGE . "?table=" . $_GET['table'] . "&action=row_view'>" . $_GET['table'] . "</a>"; } echo "<br/><br/>"; //user has performed some action so show the resulting message if (isset($_GET['confirm'])) { echo "<div id='main'>"; echo "<div class='confirm'>"; if (isset($error) && $error) { //an error occured during the action, so show an error message echo "Error: " . $db->getError() . ".<br/>This may be a bug that needs to be reported at <a href='http://code.google.com/p/phpliteadmin/issues/list' target='_blank'>code.google.com/p/phpliteadmin/issues/list</a>"; } else { //action was performed successfully - show success message echo $completed; } echo "</div>"; if ($_GET['action'] == "row_delete" || $_GET['action'] == "row_create" || $_GET['action'] == "row_edit") { echo "<br/><br/><a href='" . PAGE . "?table=" . $_GET['table'] . "&action=row_view'>Return</a>"; } else { if ($_GET['action'] == "column_create" || $_GET['action'] == "column_delete" || $_GET['action'] == "column_edit" || $_GET['action'] == "index_create" || $_GET['action'] == "index_delete" || $_GET['action'] == "trigger_delete" || $_GET['action'] == "trigger_create") { echo "<br/><br/><a href='" . PAGE . "?table=" . $_GET['table'] . "&action=column_view'>Return</a>"; } else { echo "<br/><br/><a href='" . PAGE . "'>Return</a>"; } } echo "</div>";
function uploadProfilePicture() { // check if we have a file if (empty($_FILES)) { respond(array('success' => false, 'message' => 'No file uploaded!')); } if (empty($_REQUEST['userid'])) { respond(array('success' => false, 'message' => 'No user ID set!')); } $ext = end(explode(".", $_FILES['profile']['name'])); $tempFile = $_FILES['profile']['tmp_name']; $imgName = strtolower($_REQUEST['userid'] . '.' . $ext); $query = 'UPDATE `' . USERS . '` SET `picture` = "' . mysql_real_escape_string($imgName) . '" WHERE `id` = ' . (int) $_REQUEST['userid'] . ' LIMIT 1;'; // no need to move file, put it straight in database // $path = dirname(__FILE__); // $path = $path . UPLOAD_PATH. '/' . $_REQUEST['userid'] . '.' . $ext; // if (move_uploaded_file($tempFile, $path)) { if (!mysql_query($query)) { respond(array('success' => false, 'message' => SL_DB_FAILURE)); } else { $file = $tempFile; $rc = null; $type = null; if ($ext == "JPG" || $ext == "jpg" || $ext == "JPEG" || $ext == "jpeg") { $rc = imagecreatefromjpeg($file); $type = "image/jpeg"; } else { if ($ext == "GIF" || $ext == "gif") { $rc = imagecreatefromgif($file); $type = "image/gif"; } else { if ($ext == "PNG" || $ext == "png") { $rc = imagecreatefrompng($file); $type = "image/png"; } } } // Get original width and height $width = imagesx($rc); $height = imagesy($rc); $cont = addslashes(fread(fopen($file, "r"), filesize($file))); $size = filesize($file); $sql = "INSERT INTO " . ALL_ASSETS . " \n (`app`, `content_type`, `content`, `size`, `filename`,`created`, `width`, `height`)\n VALUES('" . LOVE . "','" . $type . "','" . $cont . "','" . $size . "','" . $imgName . "',NOW()," . $width . "," . $height . ") \n ON DUPLICATE KEY UPDATE content_type = '" . $type . "', content = '" . $cont . "', size = '" . $size . "', updated = NOW(), width = " . $width . ", height = " . $height; $db = new Database(); if (file_exists($tempFile)) { unlink($tempFile); } if (!$db->query($sql)) { respond(array('success' => false, 'message' => "Error with: " . $file . " Error message: " . $db->getError())); } else { respond(array('success' => true, 'picture' => $imgName)); } } }
function pushCreateUser() { if ($_REQUEST['calling_app'] != REVIEW_SERVICE_NAME) { $is_admin = $_REQUEST['admin'] ? 1 : 0; $is_auditor = $_REQUEST['admin'] ? 1 : 0; $user_id = intval($_REQUEST['id']); $username = mysql_real_escape_string($_REQUEST['username']); $nickname = mysql_real_escape_string($_REQUEST['nickname']); $db = new Database(); $sql = "INSERT INTO " . REVIEW_USERS . " \n (`id`, `rewarder_points`, `is_auditor`, `rewarder_limit_day`, `username`, `nickname`, `confirmed`, `is_active`, `is_giver`, `is_receiver`, `is_admin`) \n VALUES ('{$user_id}', '0', '{$is_auditor}', '60', '{$username}', '{$nickname}', '0', '1', '1', '1', '{$is_admin}')"; if (!$db->query($sql)) { error_log("add user failed: " . $db->getError()); respond(array('success' => false, 'message' => 'failed to create user')); } } respond(array('success' => true, 'message' => 'User has been created!')); }
$action_required = 'tables'; } elseif ($db->getStatus() == -2) { // We can only create db if we are on mysql (in this version) if ($dbsettings['dbtype'] == 'mysql') { // Try creating database if (!$db->createDb($dbsettings['database'])) { // unable to create database - most likely permissions - hosted accounts may need to create // the database using the hosting cpanel etc. displayDbError("Unable to create new database " . $dbsettings['database'] . " <br />\nThis is normally due to insufficient permissions. If using a hosting account on a shared server you may need to use cpanel or ask your hosting provider for how to create a database<br />\nPlease read the install documentation for more details and then create the database manually before reloading this page.\n"); exit(0); } else { $status_msg .= "\nNew database created " . $dbsettings['database'] . "<br />\n\n"; // now connect to the new database if (!$db->connectDb($dbsettings['database'])) { // shouldn't get this as if we have permission to create the database we should be able to connect to it. Perhaps we have lost our network connection $error_msg = $db->getError(); displayDbError("Unable to connect to the new database " . $dbsettings['database'] . " <br />\nError {$error_msg}.\n"); exit(0); } else { $status_msg .= "\nConnected to the new database <br />\n\n"; $action_required = 'tables'; } } } else { $error_msg = $db->getError(); displayDbError("Unable to connect to the database " . $error_msg . "\n<br />If not using mysql then you will need to create the database manually. Please read the install documenation for more details\n"); } } else { $error_msg = $db->getError(); displayDbError("Unable to connect to the database " . $error_msg . "\n<br />\n"); exit(0);
<?php include "database.php"; $db = new Database('test', 'root', 'root', '127.0.0.1'); $db->query('CREATE TABLE IF NOT EXISTS `test` ( `id` int(11) NOT NULL, `data` text NOT NULL )', array(), false); if (($error = $db->getError()) !== null) { var_dump($error); } $db->begin(); $db->query('DELETE FROM test WHERE id = :id', array(':id' => 2), false); $db->query('DELETE FROM test WHERE id = :id', array(':id' => 3), false); $db->end(); if (($error = $db->getError()) !== null) { var_dump($error); } $db->query('insert into test (data) values (:value)', array('value' => 'xxx'), false); if (($error = $db->getError()) !== null) { var_dump($error); } else { echo "last id:" . $db->lastId(); } $result = $db->query('select * from test'); var_dump($result);