public function save()
{
if (is_numeric($this->page_id) && is_string($this->page_name)) {
$db = new Db();
$id = $db->quote($this->page_id);
$category_id = $db->quote($this->category_id);
$name = $db->quote($this->page_name);
$url = $db->quote($this->url);
$top_description = $db->quote($this->top_description);
$bottem_description = $db->quote($this->bottom_description);
$keyword = $db->quote($this->keyword);
$title = $db->quote($this->title);
$description = $db->quote($this->description);
$access_type = $db->quote($this->access_type);
$active = $db->quote($this->page_status);
$author = $db->quote(1);
$modified = $db->quote(1);
$query = "INSERT INTO " . $this->tableName() . " (page_id, category_id, name, url, top_description, bottem_description, \n Keyword, title, description, author, modified_by, access_type, active) \n VALUES({$id}, {$category_id}, {$name}, {$url}, {$top_description}, {$bottem_description}, {$keyword}, {$title}, {$description},\n {$author}, {$modified}, {$access_type}, {$active})\n ON DUPLICATE KEY UPDATE \n name= {$name}, category_id={$category_id}, url={$url},top_description={$top_description}, bottem_description={$bottem_description}, \n Keyword={$keyword}, title={$title}, description={$description}, author={$author}, modified_by={$modified}, \n active={$active}, access_type={$access_type}";
if ($db->query($query)) {
return true;
} else {
Error::set($db->error());
}
}
return false;
}
public function GetKolokvij($kolk, $naz)
{
$db = new Db();
$query = $db->select("SELECT * FROM " . $kolk . " INNER JOIN " . $naz . " ON ( (`" . $kolk . "`.JMBAG) = ( `" . $naz . "`.JMBAG ) )") or die('Cannot process SQL count totals query Error: ' . $db->error());
$postArray = array();
if (count($query) > 0) {
foreach ($query as $row) {
//echo $row['br'].','.$row["JMBAG"].','.$row['Ime'].','.$row['Prezime'].','. $row['Grupa'].','.$row['Izostanci'].','. $row['Testovi'].','.$row['Pravo'].','.$row['Bodovi'];
$myKolokvij = new Kolokvij($row['br'], $row["JMBAG"], $row['Ime'], $row['Prezime'], $row['Grupa'], $row['Izostanci'], $row['Testovi'], $row['Pravo'], $row['Bodovi']);
array_push($postArray, $myKolokvij);
}
}
return $postArray;
}
public function save()
{
if (is_numeric($this->state_id) && is_string($this->state_name)) {
$db = new Db();
$id = $db->quote($this->state_id);
$country_id = $db->quote($this->country_id);
$name = $db->quote($this->state_name);
$active = $db->quote($this->state_status);
$query = "INSERT INTO " . $this->tableName() . " (id, country_id, name, active) VALUES({$id},{$country_id}, {$name} , {$active}) \n ON DUPLICATE KEY UPDATE \n name= {$name},country_id={$country_id}, active={$active}";
if ($db->query($query)) {
return true;
} else {
Error::set($db->error());
}
}
return false;
}
<link rel="stylesheet" href="css/style.css">
</head>
<body style="text-align: center">
<h1>Result</h1>
<?php
include_once "db.php";
$db = new Db();
if (isset($_POST['submit'])) {
$name = $db->quote($_POST['nimi']);
$phone = $db->quote($_POST['phone']);
$email = $db->quote($_POST['email']);
$date = $db->quote($_POST['date']);
$time = $db->quote($_POST['time']);
$arv = $db->quote($_POST['arv']);
$eelroad = $db->quote($_POST['eelroad']);
$pohiroad = $db->quote($_POST['põhiroad']);
$jarelroad = $db->quote($_POST['järelroad']);
if ($name == '' || $phone == '' || $email == '' || $date == '' || $time == '' || $arv == '' || $eelroad == '' || $pohiroad == '' || $jarelroad == '') {
// generate error message
$error = 'ERROR: Palun täida kõik väljad!';
$_SESSION['status'] = 'error';
header("Location: failure.php");
} else {
$db->query("INSERT INTO broneering (nimi,telefon,email,date,time,number,eelroad,pohiroad,jarelroad)\nVALUES ({$name},{$phone},{$email},{$date},{$time},{$arv},{$eelroad},{$pohiroad},{$jarelroad});") or die($db->error());
// once saved, redirect back to the view page
header("Location: success.html");
}
}
?>
</body>
</html>
public function updatePravo($ispit, $jmbg)
{
$sql = "UPDATE `" . $ispit . "` SET `Pravo`='Da' WHERE `JMBAG`=" . $jmbg;
$db = new Db();
$query = $db->query($sql) or die('Cannot process SQL count totals query Error: ' . $db->error());
}
<script src="https://cdn.datatables.net/1.10.10/js/jquery.dataTables.min.js"></script>
</head>
<body>
<script>
$(document).ready(function () {
$('#example').DataTable();
});
</script>
<?php
/*
VIEW.PHP
Displays all data from 'broneering' table
*/
include_once "db.php";
$db = new Db();
$result = $db->query("SELECT * FROM broneering") or die($db->error());
echo "<h1>Broneeringute andmed</h1>";
// display data in table
echo "<table id=\"example\" class=\"display\" cellspacing=\"0\" width=\"100%\">";
echo "<thead> <th>Tellimuse ID</th> <th>Nimi</th> <th>Telefon</th> <th>E-Mail</th> <th>Kuupäev</th> <th>Kellaaeg</th> <th>Arv</th> <th>Eelroad</th> <th>Põhiroad</th> <th>Järelroad</th> <th></th> <th></th></thead>";
// loop through results of database query, displaying them in the table
while ($row = mysqli_fetch_array($result)) {
// echo out the contents of each row into a table
echo "<tr>";
echo '<td>' . $row['order_id'] . '</td>';
echo '<td>' . $row['nimi'] . '</td>';
echo '<td>' . $row['telefon'] . '</td>';
echo '<td>' . $row['email'] . '</td>';
echo '<td>' . $row['date'] . '</td>';
echo '<td>' . $row['time'] . '</td>';
echo '<td>' . $row['number'] . '</td>';
require_once "classes/jswriter.class.php";
require_once "classes/validationhelper.class.php";
require_once "classes/bookingshelper.class.php";
if (!SessionHelper::isMaster()) {
die("You don't belong here!");
}
$db = new Db();
$t = new Template("templates/admin_page.tpl.html");
$tt = new Template("templates/confirm_bookings.tpl.html");
if ($_GET['action'] == 'confirm') {
$keys = array("statii_id");
$values = array(2);
$types = 'i';
$updateResult = $db->update("bookings_id", $_GET['id'], "i", "bookings", $keys, $values, $types);
if ($updateResult === false) {
$error = "Could not confirm booking. The server said: " . $db->error();
} else {
$error = "Booking confirmed successfully!";
}
} elseif ($_GET['action'] == 'delete') {
$keys = array("statii_id");
$values = array(6);
$types = 'i';
$updateResult = $db->update("bookings_id", $_GET['id'], "i", "bookings", $keys, $values, $types);
if ($updateResult === false) {
$error = "Could not delete booking. The server said: " . $db->error();
} else {
$error = "Booking deleted successfully!";
}
}
$vals = array(1);
require_once "classes/jswriter.class.php";
require_once "classes/validationhelper.class.php";
require_once "classes/bookingshelper.class.php";
if (!SessionHelper::isMaster()) {
die("You don't belong here!");
}
$db = new Db();
$t = new Template("templates/admin_page.tpl.html");
$tt = new Template("templates/deleted_bookings.tpl.html");
if ($_GET['action'] == 'request') {
$keys = array("statii_id");
$values = array(1);
$types = 'i';
$updateResult = $db->update("bookings_id", $_GET['id'], "i", "bookings", $keys, $values, $types);
if ($updateResult === false) {
$error = "Could not set booking to requested. The server said: " . $db->error();
} else {
$error = "Booking restored successfully!";
}
} elseif ($_GET['action'] == 'delete') {
$updateResult = $db->delete("bookings", "bookings_id = " . $_GET['id']);
if ($updateResult === false) {
$error = "Could not delete booking. The server said: " . $db->error();
} else {
$error = "Booking deleted successfully!";
}
}
$vals = array(6);
$types = 'i';
$q = "SELECT * from bookings WHERE statii_id = ? ORDER BY cdate DESC LIMIT 0,100";
$rows = $db->getRows($q, $vals, $types);
public function brisiBodovi($naz)
{
$rs = $this->GetBodovi($naz);
if (is_array($rs)) {
$db = new Db();
foreach ($rs as $row) {
$db->query("UPDATE `" . $naz . "` SET Bodovi = Bodovi = '0' WHERE `JMBAG`=" . $row->JMBAG) or die('Cannot process SQL count totals query Error: ' . $db->error());
}
}
}
require_once "classes/db.class.php";
require_once "classes/sessionhelper.class.php";
require_once "classes/jswriter.class.php";
require_once "classes/validationhelper.class.php";
require_once "classes/bookingshelper.class.php";
if (!SessionHelper::isMaster()) {
die("You don't belong here!");
}
$db = new Db();
$t = new Template("templates/admin_page.tpl.html");
$tt = new Template("templates/voucher_add.tpl.html");
if ($_GET['action'] == 'delete') {
if ($db->delete("vouchers", "id = " . $_GET['id'])) {
$error = "Voucher deleted successfully!";
} else {
$error = "Could not delete voucher. The server said: " . $db->error();
}
}
if ($_POST['submitButton']) {
if (!empty($_POST['voucher_code']) && !empty($_POST['discount_percent'])) {
$keys = array();
$keys[] = "voucher_id";
$keys[] = "code";
$keys[] = "discount";
$values = array();
$values[] = $_POST['voucher'];
$values[] = $_POST['voucher_code'];
$values[] = $_POST['discount_percent'];
$types = 'isi';
if ($db->insert('vouchers', $keys, $values, $types)) {
$error = "Voucher added successfully!";
public function error()
{
return $this->db->error();
}
$date = $db->quote($_POST['date']);
$time = $db->quote($_POST['time']);
$number = $db->quote($_POST['number']);
$eelroad = $db->quote($_POST['eelroad']);
$pohiroad = $db->quote($_POST['pohiroad']);
$jarelroad = $db->quote($_POST['jarelroad']);
// check that name/phone/email fields are both filled in
if ($nimi == '' || $telefon == '' || ($e_mail = '' || $date == '' || $time == '' || $number == '' || $eelroad == '' || $pohiroad == '' || $jarelroad == '')) {
// generate error message
$error = 'ERROR: Palun täitke kõik väljad!';
//error, display form
renderForm($order_id, $nimi, $telefon, $e_mail, $date, $time, $number, $eelroad, $pohiroad, $jarelroad, $error);
} else {
// save the data to the database
//var_dump($db->query("UPDATE broneering set email = $email"));
$db->query("UPDATE broneering SET nimi = {$nimi}, telefon = {$telefon}, email = {$email}, date = {$date}, time = {$time},\n number = {$number}, eelroad = {$eelroad}, pohiroad = {$pohiroad}, jarelroad = {$jarelroad} WHERE order_id = {$order_id}") or die($db->error());
// once saved, redirect back to the view page
header("Location: views.php");
}
} else {
// if the 'id' isn't valid, display an error
echo "Error! Id isn't valid";
}
} else {
// get the 'id' value from the URL (if it exists), making sure that it is valid (checking that it is numeric/larger than 0)
if (isset($_GET['id']) && is_numeric($_GET['id']) && $_GET['id'] > 0) {
// query db
$id = $_GET['id'];
$result = $db->query("SELECT * FROM broneering WHERE order_id={$id}") or die($db->error());
$row = mysqli_fetch_array($result);
// check that the 'id' matches up with a row in the databse
$values[] = Utils::truncate(Utils::insertStrip($make), 255);
$values[] = Utils::truncate(Utils::insertStrip($reg), 255);
$values[] = Utils::truncate(Utils::insertStrip($colour), 255);
$values[] = Utils::truncate(Utils::insertStrip($flight), 255);
// doesn't have seconds
$values[] = $depart . ":00";
$values[] = $arrive . ":00";
$values[] = substr($depart, 0, strpos($depart, ' ') + 1) . $suggested_time . ":00";
$values[] = $payment_methods_id;
$values[] = $statii_id;
$values[] = Utils::truncate(Utils::insertStrip($parking_points), 8);
$types = "sssssssssssssiis";
if ($clone) {
$insertResult = $db->insert("bookings", $keys, $values, $types);
if ($insertResult === false) {
$error = "Could not insert cloned booking. The server said: " . $db->error();
} else {
$emailConfirmResult = BookingsHelper::sendConfirmationEmails($db, $db->insertID(), $email);
if ($emailConfirmResult === false) {
$error = "Edited successfully but could not send confirmation emails.";
} else {
header("Location: report_time.php");
}
header("Location: report_search.php");
}
} else {
$updateResult = $db->update("bookings_id", $bid, "i", "bookings", $keys, $values, $types);
if ($updateResult === false) {
$error = "Could not update booking. The server said: " . $db->error();
} else {
header("Location: report_time.php");
<?php
/*
DELETE.PHP
Deletes a specific entry from the 'broneering' table
*/
// connect to the database
include 'db.php';
$db = new Db();
// check if the 'id' variable is set in URL, and check that it is valid
if (isset($_GET['id']) && is_numeric($_GET['id'])) {
// get id value
$id = $_GET['id'];
// delete the entry
$result = $db->query("DELETE FROM broneering WHERE order_id={$id}") or die($db->error());
// redirect back to the view page
header("Location: views.php");
} else {
header("Location: views.php");
}
public function delete($arg)
{
$db = new Db();
$oid = $db->quote($arg);
$results = $db->query("DELETE from observations where oid = {$oid}");
if ($dberror = $db->error()) {
echo "delete: db error: ", $dberror;
}
}
