public static function add($username = "", $md5_pw_hash = "", $email = null, $enabled = 1, $acces_level = 25) {
$date_created = time();
$md5_pw = md5($md5_pw_hash, false);
$sql = 'INSERT INTO ' . self::getFullTableName() . ' (
username,
email,
password,
enabled,
access_level,
date_created
) VALUES (
:username,
:email,
:password,
:enabled,
:access_level,
:date_created
)';
return SQL::execute(
self::getConnection(),
$sql,
array(
"username" => $username,
"email" => $email,
"password" => $md5_pw,
"enabled" => $enabled,
"access_level" => $acces_level,
"date_created" => $date_created
)
);
}
/**
* @param int $fid - forums user id
* @param int $gid - game user id
* @param int $from - bann beginn
* @param int $till - bann ends
* @param int $level - Bann is active for: Forum (1), Game (2) or both (0)
* @param string $unbannedby - User is Unbanned by
* @param string $unbannip - IP from Unbanner
* @return int
*/
public static function add($fid, $gid, $from, $till, $unbannedby, $unbannip, $level = 0) {
$sql = 'INSERT INTO ' . self::getFullTableName() . ' (
banned_fid,
banned_gid,
banned_from,
banned_till,
level,
unbannedby,
unbannip,
date
) VALUES (
:fid,
:gid,
:from,
:till,
:level,
:unbannedby,
:unbannip,
:date
)';
return SQL::execute(self::getConnection(), $sql,
array(
"fid" => $fid,
"gid" => $gid,
"from" => $from,
"level" => $level,
"till" => $till,
"unbannedby" => $unbannedby,
"unbannip" => $unbannip,
"date" => common_functions::currentdate(),
)
);
}
/**
* @param int $group_id
* @param int $user_id
* @param int $leader
* @param int $pending
* @return bool
*/
public static function add($group_id, $user_id, $leader = 0, $pending = 0) {
$sql = 'INSERT INTO ' . self::getFullTableName() . ' (
group_id,
user_id,
group_leader,
user_pending
) VALUES (
:g_id,
:u_id,
:g_leader,
:pending
)';
$result = SQL::execute(self::getConnection(), $sql, array("g_id" => $group_id, "u_id" => $user_id, "g_leader" => $leader, "pending" => $pending));
if($result !== false) {
// Include libs
require_once(LIB_DIR . DS . 'class.phpbb_account.php');
// Empty permission for creating new
phpbb_account::clearUserPerms($user_id);
// Send PM new Group
if(SEND_PM_GROUPCHANGE)
get_phpbb_info::$instance->sendPM(output::newGroupPM($user_id, phpbb_groups::getGroupName($group_id)), SYSTEM_USER, "Willkommen in der Benutzergruppe " . phpbb_groups::getGroupName($group_id), $user_id);
return true;
}
return false;
}
public function execute($db)
{
$sql_result = parent::execute($db);
$result = NULL;
if ($sql_result && mysqli_num_rows($sql_result) != 0) {
$result = mysqli_fetch_array($sql_result, MYSQL_ASSOC);
}
$this->set_return_data($result);
}
public static function delete($accid, $realm = -1) {
$sql = 'DELETE FROM ' . self::getFullTableName() . ' WHERE accountId = :id AND realmId = :realm';
return SQL::execute(self::getConnection(), $sql,
array(
"id" => $accid,
"realm" => $realm
)
);
}
/**
* @param int $accid - account id
* @param int $unbandate - when is ban ends
* @return int
*/
public static function delete($accid, $unbandate) {
$sql = 'DELETE FROM ' . self::getFullTableName() . ' WHERE id = :id AND unbandate = :unban';
return SQL::execute(self::getConnection(), $sql,
array(
"id" => $accid,
"unban" => $unbandate
)
);
}
/**
* @param int $charguid - character guid
* @param int $oldacc - old account id
* @param int $newacc - new account id
* @return int
*/
public static function add($charguid, $oldacc, $newacc) {
$sql = 'INSERT INTO ' . self::getFullTableName() . ' (charguid, oldaccountid, newaccountid, date) VALUES (:char, :old, :new, :date)';
return SQL::execute(self::getConnection(), $sql,
array(
"char" => $charguid,
"old" => $oldacc,
"new" => $newacc,
"date" => time()
)
);
}
/**
* @param int $user_id - forum user id
* @param int $date - donate date
* @param int $money - donate money
* @return int
*/
public static function get($user_id, $date, $money) {
$sql = "SELECT * FROM " . self::getFullTableName() . ' WHERE user_id = :user AND date = :date AND money = :money';
return SQL::execute(self::getConnection(),
$sql,
array(
"user" => $user_id,
"date" => $date,
"money" => $money
)
);
}
/**
* @param int $user_id
* @param int $cost_id
* @return bool
*/
public static function add($user_id, $cost_id) {
$sql = 'INSERT INTO ' . self::getFullTableName() . ' (
user_id,
cost_id,
`date`
) VALUES (
:u_id,
:cost_id,
:date
)';
$result = SQL::execute(self::getConnection(), $sql, array("u_id" => $user_id, "cost_id" => $cost_id, "date" => time()));
if($result !== false)
return true;
return false;
}
public static function add($type, $user_id, $ip, $date, $operation, $data, $report_id = 0, $forum_id = 0, $topic_id = 0) {
$sql = 'INSERT INTO ' . self::getFullTableName() . ' (
log_type,
user_id,
forum_id,
topic_id,
reportee_id,
log_ip,
log_time,
log_operation,
log_data
) VALUES (
:type,
:id,
:f_id,
:t_id,
:report_id,
:ip,
:time,
:operation,
:data
)';
SQL::execute(self::getConnection(), $sql,
array(
"type" => $type,
"id" => $user_id,
"f_id" => $forum_id,
"t_id" => $topic_id,
"report_id" => $report_id,
"ip" => $ip,
"time" => $date,
"operation" => $operation,
"data" => $data
)
);
}
/**
* @param int $id
* @param string $reason
* @param int $change_points
* @return int
*/
public static function update($id, $reason = "Point change", $change_points = 0) {
// Create entry if not exists
if(! self::exists($id))
self::add($id, $change_points);
// Get userdata
$tmp_userdata = self::get($id);
// Set new Data
$params["new_points"] = $tmp_userdata["points_curr"] + $change_points;
$params["id"] = $id;
if($change_points > 0)
$params["new_life_points"] = $tmp_userdata["points_life"] + $change_points;
$sql = 'UPDATE ' . self::getFullTableName() . ' SET points_curr = :new_points' . (($change_points > 0) ? ', points_life = :new_life_points' : '') . ' WHERE user_id = :id';
// Add to VIP-Group if reaches a specific amount of points
self::check_vip($id, $params["new_points"]);
// Execute
if(SQL::execute(self::getConnection(), $sql, $params) !== false)
return points_log::add($id, $change_points, $reason);
return false;
}
/**
* @param int $date - log date (unix)
* @return int
*/
public static function getByDate($date) {
return SQL::execute(self::getConnection(), 'SELECT FROM ' . self::getFullTableName() . ' WHERE date = :date', array("date" => $date));
}
?>
<!DOCTYPE html>
<html>
<head>
<title>Таланты</title>
<link rel="stylesheet" type="text/css" href="https://cdnjs.cloudflare.com/ajax/libs/chosen/1.4.2/chosen.css">
</head>
<body>
<?php
if ($_GET['email'] != '') {
$email = $_GET['email'];
foreach (SQL::execute("SELECT * FROM competency;") as $e) {
$competency[$e['id']] = $e['name_ru'];
}
$ratings = array(1 => "Основной", 2 => "Промежуточный", 3 => "Опытный", 4 => "Передовой", 5 => "Эксперт");
$profile = SQL::execute("SELECT P.*,C.name_ru FROM `kontrotenko_super_new`.`profile_item` P LEFT JOIN `kontrotenko_super_new`.`competency` C ON P.competency=C.id WHERE P.email='{$email}';");
echo "<button class=add_profile>Добавить</button><form method=post><table> <thead> <tr> <th>#</th> <th>Навык</th> <th>Уровень</th> </tr> </thead> <tbody>";
foreach ($profile as $e) {
echo '<tr><td>' . $e['id'] . '</td><td>';
echo "<select name='prof[" . $e['id'] . "]' class='chzn'>";
foreach ($competency as $k => $v) {
$selected = $k == $e['competency'] ? 'selected' : '';
echo '<option ' . $selected . ' value=' . $k . '>' . $v . '</option>';
}
echo '</select></td><td>';
echo "<select name='rat[" . $e['id'] . "]' class='chzn'>";
foreach ($ratings as $k => $v) {
$selected = $k == $e['rating'] ? 'selected' : '';
echo '<option ' . $selected . ' value=' . $k . '>' . $v . '</option>';
}
echo '</select></td></tr>';
/**
* @param string $code
* @return int
*/
public static function delete($code) {
return SQL::execute(self::getConnection(), 'DELETE FROM ' . self::getFullTableName() . ' WHERE code = :code', array("code" => $code));
}
}
}
$ps->params = $params;
if ($ps->checkSignature($_GET['SignatureValue'])) {
//Данные прошли проверку
//if($ps->params['Type']=='balance'){
$rs = $ST->select("SELECT * FROM sc_income \r\n\t\t\t\tWHERE \r\n\t\t\t\t\tuserid=" . intval($ps->params['UserId']) . "\r\n\t\t\t\t\tAND pay_id=" . intval($ps->InvId) . "\r\n\t\t\t\t\tAND type='robokassa'");
if ($rs->next()) {
//перевод уже был, всё ок
echo 'OK' . $_GET['InvId'];
exit;
} else {
if ($ps->params['Type'] == 'balance') {
//пополним баланс
$ST->update('sc_users', array('balance=balance+' . floatval($ps->OutSum)), "u_id=" . intval($ps->params['UserId']));
$rs = $ST->execute("SELECT balance FROM sc_users WHERE u_id=" . intval($ps->params['UserId']));
if ($rs->next()) {
$ST->insert('sc_income', array('userid' => intval($ps->params['UserId']), 'sum' => floatval($ps->OutSum), 'balance' => floatval($rs->getFloat('balance')), 'type' => 'robokassa', 'description' => 'Приход с робокассы', 'pay_id' => intval($ps->InvId), 'pay_string' => $_SERVER['QUERY_STRING']));
}
}
//если указан номер заявки
if (isset($ps->params['OrderId'])) {
$rs = $ST->select("SELECT * FROM sc_users WHERE u_id=" . intval($ps->params['UserId']));
if ($rs->next()) {
$user = $rs->getRow();
// $rs=$ST->execute("SELECT * FROM sc_cc_order WHERE userid=".intval($ps->params['UserId'])." AND id=".intval($ps->params['OrderId']));
$rs = $ST->select("SELECT * FROM sc_shop_order WHERE userid=" . intval($ps->params['UserId']) . " AND id=" . intval($ps->params['OrderId']));
if ($rs->next() && floatval($ps->OutSum) >= $rs->getInt('total_price')) {
// $ST->update('sc_users',array('balance=balance-'.$rs->getInt('summ')),"u_id=".intval($ps->params['UserId']));
$ST->update('sc_shop_order', array('pay_time' => date('Y-m-d H:i:s'), 'pay_status' => 'ok'), 'id=' . intval($ps->params['OrderId']));
//Оплата заказа
/**
* @param int $user_id
* @param int $groupId
* @param string $groupColor
* @return bool
*/
public static function updateMainGroup($user_id, $groupId, $groupColor) {
$result = SQL::execute(
self::getConnection(),
'UPDATE ' . self::getFullTableName() . ' SET group_id = :group_id, user_colour = :color WHERE user_id = :u_id',
array("group_id" => $groupId, "color" => $groupColor, "u_id" => $user_id)
);
if($result !== false)
return true;
return false;
}
{
$res = mysql_query($sql);
$row = mysql_fetch_assoc($res);
return $row;
}
public function execute($sql)
{
$sql = mysql_query($sql);
while ($row = mysql_fetch_assoc($sql)) {
$data[] = $row;
}
return $data;
}
}
$SQL = new SQL();
$test = $SQL->execute('SELECT answers.answer, tests.* FROM tests
JOIN answers ON tests.number=answers.number and tests.name=answers.name ;');
header('Content-Type: text/plain; charset=windows-1251');
foreach ($test as $e) {
?>
?<?php
echo $e['question'];
?>
<?php
if ($e['a'] != '') {
echo $e['answer'] == 'À' ? '+' : '=';
echo $e['a'];
?>
<?php
}
/**
* @param int $charguid - character guid
* @param int $newaccountid - new account id
* @param int $oldaccountid - old account id
* @return bool
*/
protected static function charTrans($charguid, $newaccountid, $oldaccountid) {
require_once(LIB_DIR . DS . 'class.user_transfer_log.php');
if ($newaccountid == $oldaccountid)
return false;
if ($newaccountid == 0)
return false;
$sql = 'UPDATE ' . self::getFullTableName() . ' SET account = :new WHERE guid = :guid';
user_transfer_log::add($charguid, $oldaccountid, $newaccountid);
$result = SQL::execute(self::getConnection(), $sql, array("new" => $newaccountid, "guid" => $charguid ));
if($result !== false)
return true;
return false;
}
/**
* @param string $msg
* @param int $from
* @param string $subject
* @param bool|int $to
* @return bool
*/
public function sendPM($msg, $from, $subject = "New PM", $to = false) {
if($to === false)
$to = $this->user_id;
// Add Message
$sql = 'INSERT INTO ' . self::getPrefix() . 'privmsgs (
author_id,
author_ip,
message_time,
message_subject,
message_text,
to_address
) VALUES (
:from,
:ip,
:date,
:subject,
:message,
:to
)';
$message_id = SQL::execute(
self::getConnection(),
$sql,
array(
"from" => $from,
"ip" => "127.0.0.1",
"date" => time(),
"subject" => $subject,
"message" => $msg,
"to" => "u_" . $to
)
);
unset($sql);
if($message_id === false)
return false;
// Assign Message to folder
$sql = 'INSERT INTO ' . self::getPrefix() . 'privmsgs_to (
msg_id,
user_id,
author_id
) VALUES (
:msg_id,
:user_to,
:user_from
)';
$result = SQL::execute(self::getConnection(), $sql, array(
"msg_id" => $message_id,
"user_to" => $to,
"user_from" => $from
));
if($result === false) {
// Remove unused Message From Database
SQL::execute(self::getConnection(), 'DELETE FROM ' . self::getPrefix() . 'privmsgs WHERE msg_id = :id', array("id" => $message_id));
return false;
}
unset($sql);
unset($message_id);
// Update unread Messages
$sql = 'UPDATE ' . self::getPrefix() . 'users SET user_new_privmsg = :new_pms, user_unread_privmsg = :new_unread_pms WHERE user_id = :to';
SQL::execute(self::getConnection(), $sql, array(
"to" => $to,
"new_pms" => $this->newPM + 1,
"new_unread_pms" => $this->unreadPM + 1
));
return true;
}
ini_set('display_errors', 1);
ini_set('html_errors', true);
date_default_timezone_set('America/Recife');
function debug($file, $line, $dados, $titulo = "")
{
echo "<br><font color=\"#FF0033\"> <strong>" . $titulo . "</strong>: (file): " . $file . " - (line): " . $line . "</font>";
if (is_array($dados) or is_object($dados)) {
echo "<pre><font color=\"#0000FF\">";
print_r($dados);
echo "</font></pre>";
} else {
echo "<br><font color=\"#0000FF\">" . $dados . "</font><br>";
}
}
define('ACESSO', true);
#include_once '../pdo2/Conexao.class.php';
use pkg\pdo2\Conexao;
use pkg\sql;
include_once '../pdo/Conexao.php';
include_once '../../sql/SQL.class.php';
$oCon = new Conexao('mysql', 'localhost', 'frmkteste', 'root', '312487');
$sql = new SQL($oCon);
$sql->select()->column->add(array('idCliente', 'nome', 'idade'));
#array("tabela" => (campo1, campo2, campo3 ) )
$sql->select()->where("idade", ">", "10");
#$sql->select()->having("altura", ">", "50");
#$sql->select("select * from tab_Cliente");
#echo $sql->select()->execute();
debug(__FILE__, __LINE__, $sql->execute());
echo $sql->select()->table(array('tab_Cliente' => array('nome', 'idade'), 'tab_Telefone' => array('idTelefone', 'telefone')));
echo "<p>";
/**
* @param int $userid
* @param string $email
* @return int
*/
public static function update_email($userid, $email) {
$sql = 'UPDATE ' . self::getFullTableName() . ' SET email = :email WHERE id = :userid';
return SQL::execute(
self::getConnection(),
$sql,
array(
"email" => $email,
"userid" => $userid
)
);
}
return $row;
}
public function execute($sql)
{
$sql = mysql_query($sql);
while ($row = mysql_fetch_assoc($sql)) {
$data[] = $row;
}
return $data;
}
}
if ($_GET['n']) {
$where = "WHERE tests.name LIKE '%" . mysql_real_escape_string($_GET['n']) . "%' ";
}
$SQL = new SQL();
$test = $SQL->execute("SELECT UPPER(answers.answer) as answer, tests.* FROM tests\nJOIN answers ON tests.number=answers.number and tests.name=answers.name {$where} ;");
header('Content-Type: text/plain; charset=utf-8');
echo <<<END
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE test SYSTEM "XTF_v1p1.dtd">
<test>
<questions>
END;
foreach ($test as $e) {
?>
<single random="y" format="custom">
<p align="left"><font face="Times New Roman" size="3"><?php
echo $e['question'];
?>
</font></p>
$q = "operation=check&account=241205&sum=3270&secret=123";
$md5 = strtoupper(md5($q));
$q = "operation=check&account=241205&sum=3270&md5={$md5}";
//
//$q="operation=payment&id_payment=1&account=210111&sum=2140&date=20110120165612&secret=123";
//$md5=strtoupper(md5($q));
//
/*
operation=check&account=210111&sum=2140&secret=123&md5=4FA37F773D18163AC8092F943C447D5E
operation=payment&id_payment=1&account=210111&sum=2140&date=20110120165612&md5=026707C3DC6D75530E30651775B25D86
*/
file_put_contents('log.txt', date("Y-m-d H:i:s") . " {$_SERVER['REQUEST_URI']}\r\n", FILE_APPEND);
//exit;
$ST = new SQL();
$ST->connect(DB_HOST, DB_LOGIN, DB_PASSWORD, DB_BASE);
$rs = $ST->execute("SELECT * FROM sc_pay_system WHERE name='comepay'");
if ($rs->next() && $_GET) {
$ps = new PSComepay(unserialize($rs->get('config')));
$ps->operation = $_GET['operation'];
$ps->account = $_GET['account'];
//order_num
$ps->sum = isset($_GET['sum']) ? $_GET['sum'] : 0;
if ($ps->checkSignature($_GET)) {
//запрос корректный, идём дальше
$rs = $ST->select("SELECT order_num,total_price,id,pay_summ FROM sc_shop_order WHERE order_num='{$ps->account}' AND total_price>pay_summ");
if ($rs->next()) {
if ($ps->sum && $ps->sum < $rs->get('total_price') && false) {
//Условие не рассматривается
$ps->error = 542;
//Недостаточно средств
echo $ps->response();
/**
* @param int $fid - forum user id
* @param int $till - bann beginn
* @return int
*/
public static function delete($fid, $till) {
$sql = 'DELETE FROM ' . self::getFullTableName() . ' WHERE fid = :fid AND till = :till)';
return SQL::execute(self::getConnection(), $sql, array("fid" => $fid, "till" => $till));
}
<hr>
<center>
<div class="upload">
<span class="message">Загрузить файл</span>
<form id="uploader" action="/upload.php" method="post" enctype="multipart/form-data">
<input onchange="$('#uploader').submit()" type="file" name="file[]" multiple>
</form>
</div>
</center>
<div id="dropbox">
<span class="message">Dropни файл для загрузки. <br /><i>(это видно только для тебя)</i></span>
<?php
$hash = mysql_real_escape_string(get_link($_SERVER['REQUEST_URI'])[0]);
$files = SQL::execute("SELECT * FROM files WHERE hash='{$hash}';");
if (!empty($files)) {
// var_dump($files);
foreach ($files as $file) {
if (preg_match('#image#', $file['type'])) {
$src = $file['path'];
} else {
$src = '/assets/img/done.png';
}
$path = $file['path'];
echo <<<END
<a href="{$path}">
<div class="preview"><span class="imageHolder">
<img src="{$src}" style="max-width: 240px;
max-height: 180px;"> <h4></h4><span class="uploaded"></span></span>
</div>
$Memcache->set(md5($sql), $data, 100);
}
return $data;
}
public function executeWithCache($sql)
{
$Memcache = new Memcache();
$Memcache->connect('localhost', 11211) or die("Не могу подключиться");
$res = $Memcache->get(md5($sql));
if ($res) {
$data = $res;
} else {
$sql = @mysql_query($sql);
while ($row = @mysql_fetch_assoc($sql)) {
$data[] = $row;
}
$Memcache->set(md5($sql), $data, 100);
}
return $data;
}
}
if (isset($_GET['street']) && isset($_GET['housenum'])) {
$street = $_GET['street'];
$housenum = $_GET['housenum'];
$sql = "SELECT account FROM `abonents` WHERE `street` LIKE '%" . $street . "%' AND `housenum` = '" . $housenum . "'";
$data['response'] = json_encode(SQL::execute($sql));
} else {
$data['response'] = "No query params!!!";
}
//var_dump($sql);
var_dump($data);
/**
* @param int $id - forum user id
* @return int
*/
public static function delete($id) {
return SQL::execute(self::getConnection(), 'DELETE FROM '. self::getFullTableName() . ' WHERE id = :id', array("id" => $id));
}
/**
* Get SQL Functions from SQL Query.
*
* @param string $table Table name.
* @param string $func SQL Functions.
* @param string $alias Alias result.
* @param string $param Additional SQL parameter.
*
* @return object Get row number.
*/
public function sqlFunc($table, $func, $alias, $param = '')
{
parent::$query = 'SELECT ' . $func . ' AS ' . $alias . ' FROM ' . $table . ' ' . $param;
parent::prepare();
parent::execute();
return parent::result();
}
public static function SingleQuery($sql)
{
SQL::Query($sql);
SQL::execute();
if (SQL::RowCount() > 0) {
return SQL::DecryptSingleArray(SQL::$stmt->fetch(PDO::FETCH_ASSOC));
} else {
return SQL::$stmt->fetch(PDO::FETCH_ASSOC);
}
}
<?php
/***********************
* InventorySQL php example
* require .jar version 0.3.2
***********************/
require 'mysql.inc.php';
require 'config.inc.php';
require 'items.inc.php';
$MySQL = new SQL($host, $user, $pass, $database);
$users = $MySQL->execute("SELECT `id`, `owner` FROM `" . $table . "`");
$data = true;
$inv_totalItems = 0;
$pend_totalItems = 0;
$inventory[] = array();
$pendings[] = array();
$tmp[] = array();
$index = 0;
$isError = false;
$message = '';
if (isset($_GET['u'])) {
$data = $MySQL->execute("SELECT * FROM `" . $table . "` WHERE `id`='" . $MySQL->escape($_GET['u']) . "';");
} else {
$data = $MySQL->execute("SELECT * FROM `" . $table . "`");
}
if (isset($_POST['give'])) {
if ($_POST['item_byte'] == '') {
$_POST['item_byte'] = 0;
}
if ($_POST['item_count'] == '') {
$_POST['item_count'] = 1;
