Example #1
0
 public function getMainNavigation()
 {
     $d = new Database();
     $d->open('hacker_blog');
     $sql = "SELECT * FROM navigation ";
     if ($this->type == 'private') {
         $sql .= " WHERE public = 0 ";
     } else {
         $sql .= " WHERE private = 1 ";
     }
     $s = $d->q($sql);
     if ($s && $d->numrows() >= 1) {
         $arr = array();
         while ($r = $d->mfa()) {
             //print_r($r);
             array_push($arr, $r);
         }
         $this->messages = array("success" => "Found Navigation");
         $this->current = $arr;
         return $arr;
         $d->close();
     } else {
         $this->messages = array("error" => "Could not Find Navigation");
         $d->close();
         return false;
     }
 }
 protected function cleanAndPost()
 {
     for ($n = 0; $n < count($this->message_information); $n++) {
         //clean left and white white space, escape the string for the Database
         $this->message_information[$n] = Sanitize::prepForDatabase(Sanitize::clearWhiteSpaceLR($this->message_information[$n]));
     }
     $d = new Database();
     $d->open('hacker_blog');
     //check for duplicates
     $chx = $d->q("SELECT * FROM user_messages WHERE user_messages.message = '{$this->message_information[2]}'");
     if ($chx && $d->numrows() <= 0) {
         // id in the messages field is for the user's uid or user_id, depending on how you are moving forward with your code
         $s = $d->q("INSERT into user_messages\n\t\t\t\t \t\t(user_message_id,first_name,last_name,id,message,type,added_on) VALUES\n\t\t\t\t\t\t(NULL,'{$this->message_information[0]}','{$this->message_information[1]}',NULL,'{$this->message_information[2]}','{$this->type}',now())");
         if ($s) {
             //echo 'made it through gauntlet. Added info into Database.';
             $this->passed = true;
         } else {
             $this->passed = false;
         }
     } else {
         //echo 'You have already made a comment like this.';
         $this->passed = false;
     }
     $d->close();
     //print_r($this->message_information);
 }
Example #3
0
 public function getPage($id = null)
 {
     if (is_int($id)) {
         $this->page_id = $id;
     }
     $d = new Database();
     $d->open('hacker_blog');
     $s = $d->q("SELECT * FROM pages WHERE id = '{$this->page_id}'");
     if ($s && $d->numrows() >= 1) {
         return $d->mfa();
         $d->close();
     } else {
         return false;
     }
 }
Example #4
0
 public function readBlogPost($start = 0, $end = 5, $post_id = null, $order = null)
 {
     $d = new Database();
     $d->open('hacker_blog');
     $sql = "SELECT * FROM blog_entries ";
     if (is_int($post_id)) {
         $sql .= " WHERE blog_id = '{$post_id}' ";
     }
     if (is_string($order)) {
         $sql .= " ORDER BY {$order} ";
     }
     $sql .= " LIMIT {$start}, {$end}";
     //
     $s = $d->q($sql);
     if ($s && $d->numrows() >= 1) {
         $posts = array();
         while ($r = $d->mfa()) {
             array_push($posts, $r);
         }
         return $posts;
     } else {
         return false;
     }
 }
require_once '../blog/includes/session.php';
require_once '../blog/classes/clsDatabase.php';
require_once '../blog/classes/clsSanitize.php';
if ($_POST['login']) {
    //print_r($_POST);
    // sanitize
    $login = Sanitize::clearWhiteSpaceLR($_POST['login']);
    //$password = Sanitize::clearWhiteSpaceLR($_POST['password']);
    $password = strtolower(Sanitize::clearWhiteSpaceLR($_POST['password']));
    //echo $login.' '.$password;
    // test if in Database as well
    $d = new Database();
    $d->open('hacker_blog');
    $s = $d->q("SELECT * FROM user WHERE user.username = '******' AND user.password = sha1('{$password}') LIMIT 0,1");
    if ($s && $d->numrows() > 0) {
        //mysql fetch assoc
        $info = $d->mfa();
        //print_r($info);
        //$info = associative array
        $_SESSION['loggedin'] = true;
        // concat first and last name
        $name = $info['user_first_name'] . ' ' . $info['user_last_name'];
        //echo "NAME: $name";
        $_SESSION['loggedin'] = true;
        $_SESSION['user_full_name'] = $name;
        $_SESSION['user_quick_name'] = $info['user_first_name'];
        $_SESSION['user_id'] = $info['id'];
        //echo '<a href="/week_eight/secret_loggedin_area.php">Manual Override</a>';
        header("Location: /week_eight/secret_loggedin_area.php");
        // /secret_loggedin_area.php