function RecursiveCat($pid, $sel = '', $sel1) { $db = new myDBC(); if ($sel) { $cnd = "and category_parent!='{$sel}'"; } static $level = 0; static $strid = ""; static $strname = ""; $sql = $db->runQuery("select * from " . CAT . " where category_parent='{$pid}' {$cnd} "); while ($row = $db->getQuery($sql)) { $id = $row['id']; $level--; $pad = ""; for ($p = 1; $p < $level * -1; $p++) { $pad .= " > "; } $ys = ''; if ($sel1 == $row['id']) { $ys = 'selected'; } $strname .= '<option ' . $ys . ' value="' . $row['id'] . '">' . $pad . ucwords(strtolower($row['category_title'])) . '</option>'; $rid = RecursiveCat($id, $sel, $sel1); $strid[] = $row['id']; $level++; } return $strname; }
function check_session($user) { $db = new myDBC(); if ($user == 'admin') { @($chk = explode("|", $_SESSION['admin_id'])); $qry1 = $db->runQuery("SELECT * from " . USERS . " where password='******'0']}' and userId='{$chk['1']}' "); if (mysqli_num_rows($qry1) == 0) { $error = "your session is destroyed please login again"; } } //session timeout $inactive = logout * 60; if (isset($_SESSION['timeout'])) { $session_life = time() - $_SESSION['timeout']; if ($session_life > $inactive) { $error = 'Due to inactivity you have been logged out'; } } $_SESSION['timeout'] = time(); if ($error != '') { $_SESSION['admin_id'] = ''; $_SESSION['error'] = "{$error}"; echo "<script>window.location='index.php'</script>"; die; } }
function RecursiveCat($pid, $sel) { $db = new myDBC(); static $level = 0; static $strid = ""; static $strname = ""; $sql = $db->runQuery("select * from " . CATEGORY . " where parent_id =" . $pid . " "); while ($row = $db->getQuery($sql)) { $id = $row['page_id']; $level--; $pad = ""; for ($p = 1; $p < $level * -1; $p++) { $pad .= " > "; } $ys = ''; if ($sel == $row['page_id']) { $ys = 'selected'; } $strname .= '<option ' . $ys . ' value="' . $row['page_id'] . '">' . $pad . ucwords($row['page_name']) . '</option>'; $rid = RecursiveCat($id, $sel); $strid[] = $row['page_id']; $level++; } return $strname; }
function category_url($id, $url = "", $rpt = '') { $db = new myDBC(); if ($id != '' && $id != $rpt) { $data = $db->getQuery($db->runQuery("select id,category_parent,slug from " . CAT . " where id='{$id}'")); $url[] = $data['slug']; return category_url($data['category_parent'], $url, $id); } else { return @trim(implode(" / ", array_reverse($url, true)), ' / '); } }
public function getLongElements() { $mydb = new myDBC(); $sql = "SELECT * FROM Report_content where id_Report = '{$this->id_report}' and title_number > 12 and code='200' order by publication_datetime DESC;"; $result = $mydb->runQuery($sql); if (isset($result)) { while ($row = mysqli_fetch_assoc($result)) { $this->array_title_elements[] = $row; } } return $this->array_title_elements; }
/** * Add a new user to the database. This user is just able to give referrals. * * @return int */ function new_invite() { global $Conf, $User; // referralData is Full Name, Phone, and Email stored in an array. $fields = array("`UserID`" => "'{$User->ID}'", "`Email`" => "'{$this->Email}'", "`message`" => "'{$this->Message}'", "`dateAdded`" => "NOW()"); myDBC::insert_Record($Conf['data']->Invites, $fields); }
/** * Add a new user to the database. This user is just able to give referrals. * * @return int */ function new_Note($id) { global $Conf, $User; $this->dateAdded = date('Y-m-d H:i:s'); $fields = array("`ReferralID`" => "'{$id}'", "`UserID`" => "'{$User->ID}'", "`notes`" => "'{$this->Notes}'", "`dateAdded`" => "'{$this->dateAdded}'"); // dispute_level | 1= admin, 2= referrer, 3= customer return myDBC::insert_Record($Conf['data']->ReferralNotes, $fields); }
function process_transactions($uid, $vid) { global $Conf, $referral; // transaction data will enter the funds into the creators account and the Passing Green admin. $fields = array("`user_id`" => "'{$uid}'", "`referral_id`" => "'{$referral->ID}'", "`amount`" => "'{$referral->Commission}'", "`created`" => "NOW()"); myDBC::insert_Record($Conf['data']->Transactions, $fields); $fields = array("`user_id`" => "2809", "`referral_id`" => "'{$referral->ID}'", "`amount`" => "'{$referral->Commission}'", "`created`" => "NOW()"); myDBC::insert_Record($Conf['data']->Transactions, $fields); $fields = array("`user_id`" => "'{$vid}'", "`referral_id`" => "'{$referral->ID}'", "`amount`" => "'{$referral->Fee}'", '`is_billable`' => "'1'", "`created`" => "NOW()"); myDBC::insert_Record($Conf['data']->Transactions, $fields); }
/** * Add a new comment to the Comments table in the database. * * @return int */ function add_Comments() { global $Conf; // $birthday = $this->Birthday['Y'].'-'.$this->Birthday['F'].'-01'; // $anniversary = $this->Anniversary['Y'].'-'.$this->Anniversary['F'].'-01'; if ($this->State < '253') { $country = '13'; } else { $country = '92'; } $fields = array("`useremail`" => "'{$this->Email}'", "`userFirstname`" => "'{$this->Firstname}'", "`userLastname`" => "'{$this->Lastname}'", "`userAddr1`" => "'{$this->Address1}'", "`userCity`" => "'{$this->City}'", "`userState`" => "'{$this->State}'", "`userCountry`" => "'{$country}'", "`userZip`" => "'{$this->ZIP}'", "`userPhone`" => "'{$this->PhoneNumber}'", "`brochure`" => "'{$this->Brochure}'", "`news`" => "'{$this->News}'", "`hearaboutus`" => "'{$this->HearAboutUs2}'", "`vehicle`" => "'{$this->Vehicle}'", "`comments`" => "'{$this->Comments}'", "`date_added`" => "NOW()", "`last_ip`" => "'{$this->Ip}'"); return myDBC::insert_Record($Conf["data"]->Comments, $fields); }
public function __construct() { parent::__construct(); $query = $this->runQuery("SELECT * from `" . SETTINGS . "` where `autoload` = 'yes' "); while ($row = $this->getQuery($query)) { define($row['setting'], $row['value']); } define(temp_location, 'application/views/themes/' . theme_folder . '/'); define(temp_path, site_url . '/' . temp_location); define(img_path, site_url . '/' . image_folder . '/'); define(thirdParty, site_url . '/application/third_party/'); return $setting; }
/** * Add a new user to the database. This user is just able to give and receive referrals. * * @return int */ function update_member() { global $Conf, $order, $User; // Process and store payment information $privateKey = decrypt_data($this->ID, true); // Return the stored encrypted key if (!$privateKey) { // No key exists create a new one. $privateKey = genPrivateKey(); //Generate a private key - This will made into a static value after generating it once } $data = array('status' => $this->ccStatus, 'details' => $this->ccDetails, 'error' => $this->ccError, 'tcode' => $this->ccTCode, 'name' => $order->name, 'ccType' => $order->cardtype, 'ccNum' => $order->cardnumber, 'MM' => $order->cardexpmonth, 'YY' => $order->cardexpyear, 'ccCODE' => $order->cvmvalue); $data = encrypt(serialize($data), $privateKey); //Catches the ciphertext from the encrypt function // Convert the string value users enter and update it to and numeric string, autoid $state = $User->get_province_by_name(strtoupper($order->state)); $tA = $Conf["data"]->UserTable; myDBC::new_andWhere(); myDBC::andWhere("{$tA}.AutoID = '{$this->ID}'"); $fields = array("`shipAddr1`" => "'{$order->address1}'", "`shipCity`" => "'{$order->city}'", "`shipState`" => "'{$state->autoid}'", "`shipZip`" => "'{$order->zip}'", "`cc`" => "'{$data}'", "`level`" => "'member'", "`is_enabled`" => "'yes'", "`date_added`" => "NOW()", "`paymentType`" => "'Credit Card'"); capture_cc($this->ID, '', $privateKey); myDBC::update_Record($tA, $fields, myDBC::get_andWhere(), " LIMIT 1"); }
</div> </form> <table class="dataTable border bordered" data-role="datatable"> <thead> <tr> <td style="width: 20px"></td> <td class="sortable-column sort-asc" style="width: 100px">ID</td> <td class="sortable-column">Nombre usuario</td> <td class="sortable-column">Descripción</td> <td class="sortable-column" style="width: 20px">Contraseña</td> <td style="width: 20px">¿Eliminar?</td> </tr> </thead> <tbody> <?php $mydb = new myDBC(); /*$conexion = mysql_connect(HOST, USERNAME,PASSWORD) or die("No se pudo conectar con el servidor"); mysql_select_db(DB, $conexion) or die("No se pudo conectar con la base de datos, revisar configuración.");*/ /*$result=mysql_query("select * from passwords where iduser="******" and activated=0;",$conexion);*/ $query = "select * from passwords where iduser="******" and activated=0;"; $total = 0; foreach ($mydb->runQuery($query) as $row) { $total = $total + 1; } $result = $mydb->runQuery($query); if ($total > 0) { $i = 1; foreach ($mydb->runQuery($query) as $fila) { ?> <tr>
<?php /*Archivos de configuración de la bases de datos*/ include "../includes/dbconfig.php"; include "../includes/mydbclass.php"; header("Content-Type: text/html;charset=utf-8"); @session_start(); if (!isset($_SESSION['useracount']) || trim($_SESSION['useracount']) == '') { session_unset(); session_destroy(); /*en caso de que la sesión sea incorrecta el mensaje de error va aquí*/ //header('Location: index.php?inisesion=no'); header("Location:../index.php?inisesion=no"); exit; } else { if ($_POST) { /*se accede al valor de las variables, del post de esa forma*/ $log = $_SESSION['useracount']; /*se obtiene el nombre de la cuenta de usuario*/ $cuentanueva = $_POST["cuentanueva"]; $passcuenta = $_POST["passcuenta"]; $descripcion = $_POST["descripcion"]; /*En caso de que no haya error se actualiza la contraseña*/ $mydb = new myDBC(); $guardar = "insert into passwords values(" . $_SESSION['iduser'] . ",'" . $cuentanueva . "','" . $passcuenta . "','" . $descripcion . "',0);"; $mydb->runQuery($guardar); header('Location: ../dashboard.php'); } }
$description = $mydb->clearText($description); $keywords = $mydb->clearText($keywords); $code = '200'; $publication_date = $siguiente_dia; $sql = "INSERT INTO Report_content (id_Report,URL,title,title_number,description,description_number,keywords,keywords_number,code,publication_datetime)\n\t\t\t\t\t\tVALUES ('{$id_report}','{$url}','{$title}','{$title_num}','{$description}','{$description_num}','{$keywords}','{$keywords_num}','{$code}','{$publication_date}'); "; $mydb->runQuery($sql); echo "Url crawled....\n"; } else { $mydb = new myDBC(); $code = '404'; $sql = "INSERT INTO Report_content (id_Report,URL,code)\n\t\t\t\t\t\tVALUES ('{$id_report}','{$url}','{$code}'); "; $mydb->runQuery($sql); echo "Found 404 ....\n"; } } } } else { $mydb = new myDBC(); $sql = "INSERT INTO Report_error (id_Report,URL)\n\t\t\tVALUES ('{$id_report}','{$GSA_API}'); "; $mydb->runQuery($sql); echo "Error al conectarse a la API ....\n"; } $dia++; } // Actualizamos log a scaning $mydb = new myDBC(); $sql = "UPDATE Report SET status='3' where id_Report = '{$id_report}' "; $mydb->runQuery($sql); echo "***********************************************\n"; echo "End process \n"; }
function adminNoti($type, $typeId, $userId, $name = '') { // address/service | addressid | userId $db = new myDBC(); $array = array('date' => date('Y-m-d H:i:s'), 'remark' => $name, 'type' => $type, 'by' => 'admin', 'userId' => $userId, 'typeid' => $typeId); $db->insert(NOTI, $array); }
public function getLastInsertDate() { $array_return = array(); $mydb = new myDBC(); $sql = "SELECT publication_datetime FROM Report_content where id_Report = '{$this->id_report}' order by publication_datetime desc limit 1;"; $result = $mydb->runQuery($sql); if (isset($result)) { while ($row = mysqli_fetch_assoc($result)) { $array_return[] = $row; } } return $array_return; }
//incluimos el archivo para manipular la base de datos require_once "myDBC.php"; //Recibimos en variables los campos del registro //Con trim quitamos espacios en blanco al inicio y final $nombre = trim($_POST['nombre']); $apellidos = trim($_POST['apellidos']); $correo = trim($_POST['correo']); $pass = trim($_POST['pass']); $repass = trim($_POST['repass']); $patron1 = "/^[a-z]+\$/i"; //Expresión regular para solo caracteres //Validamos todos los campos con OR, si al menos hay uno que no cumpla la condición //El if se anula y mostramos un error y redirigimos al registro //filter_var es una expresión regular nativa de PHP if ($nombre == '' || preg_match(!$patron1, $nombre) || $apellidos == '' || preg_match(!$patron1, $apellidos) || $correo == '' || !filter_var($correo, FILTER_VALIDATE_EMAIL) || $pass != $repass || $pass == "" || $repass == "") { echo '<script type="text/javascript"> alert("Error: Datos invalidos en el formulario"); window.location="../../../registro.php" </script>'; } else { if ($pass == $_SESSION["pass"]) { $pass_oculto = $pass; } else { $pass_oculto = crypt($pass, "\$1{$rasmusle}\$"); } $mydb = new myDBC(); $mydb->actualizarUsuario($nombre, $apellidos, $correo, $pass_oculto); } ?>
<body> <?php //error_reporting(E_ALL ^ E_DEPRECATED); //@session_start(); /*SE PREGUNTA SI HAY DATOS EN EL POST*/ if ($_POST) { /*se accede al valor de las variables, del post de esa forma*/ $useracount = $_POST["email"]; $pass = md5($_POST["pass"]); $pass1 = md5($_POST["pass2"]); $username = $_POST["username"]; $lastname = $_POST["lastname"]; $frase = $_POST["frase"]; $usernoexiste = false; $passwd = false; $mydb = new myDBC(); //$conexion = mysqli_connect(HOST, USERNAME,PASSWORD) or die("No se pudo conectar con el servidor"); //mysql_select_db(DB, $conexion) or die("No se pudo conectar con la base de datos, revisar configuración."); /*Se valida que el nombre de la cuenta no exista*/ /* $usurexist = mysql_query("select cuentauser from usuarios where activated=0 and cuentauser='******';", $conexion); while ($fila = mysql_fetch_array($usurexist)) { /*extrae el nombre y el lastnameellido y lo concatena en la variable global de sesión nomuser, para poder acceder a ella desde cualquier sección* / $usernoexiste = true; }*/ foreach ($mydb->runQuery("select cuentauser from usuarios where activated=0 and cuentauser='******';") as $row) { $usernoexiste = true; } if ($pass == $pass1) { $passwd = true;
/** * Get information about a Country. * * @param int $country_id * @return object */ function get_country_by_id($country_id) { global $Conf, $dbconn; myDBC::new_andWhere(); myDBC::andWhere("`AutoID` = {$country_id}"); $q = "SELECT * FROM " . $Conf["data"]->CountryTable . myDBC::get_andWhere() . " LIMIT 1"; $r = mysqli_query($dbconn, $q); $row = mysqli_fetch_object($r); return $row; }
/*Archivos de configuración de la bases de datos*/ include "../includes/dbconfig.php"; include "../includes/mydbclass.php"; header("Content-Type: text/html;charset=utf-8"); @session_start(); if (!isset($_SESSION['useracount']) || trim($_SESSION['useracount']) == '') { session_unset(); session_destroy(); /*en caso de que la sesión sea incorrecta el mensaje de error va aquí*/ //header('Location: index.php?inisesion=no'); header("Location:../index.php?inisesion=no"); exit; } else { /*se accede al valor de las variables, del post de esa forma*/ $iduser = $_SESSION['iduser']; /*se obtiene el nombre de la cuenta de usuario*/ /*En caso de que no haya error se actualiza la contraseña*/ echo "id" . $iduser . " nomcuent:" . $nomcuenta; $mydb = new myDBC(); $modificar = "update passwords set activated=1 WHERE iduser="******";"; $mydb->runQuery($modificar); $modificar = "update usuarios set activated=1 WHERE iduser="******";"; $mydb->runQuery($modificar); session_unset(); session_destroy(); /*en caso de que la sesión sea incorrecta el mensaje de error va aquí*/ //header('Location: index.php?inisesion=no'); header('Location: ../index.php'); exit; }
<?php $baseurl = getcwd() . '/../'; require $baseurl . 'index.php'; $db = new myDBC(); $load = new loader(); $load->model('site_function'); $i = $_POST['id']; //print_r($_POST); /* sort form */ if ($_POST['update'] == "update") { //print_r($_REQUEST);die; //print_r(implode(',',$_REQUEST['arrayorder']));die; //$array = $_POST['arrayorder']; //$count = 1; //echo "UPDATE wkends_workorder SET formId = '" . implode(',',$_REQUEST['arrayorder']) . "' WHERE uniqueId = '" . $_REQUEST['form']."'";die; //if($query = "UPDATE wkends_workorder SET formId = '" . implode(',',$_REQUEST['arrayorder']) . "' WHERE uniqueId = '" . $_REQUEST['form']."'") if ($_REQUEST['re_form']) { if ($db->runQuery("UPDATE wkends_workorder SET reassign_formid = '" . implode(',', $_REQUEST['arrayorder']) . "' WHERE id = '" . $_REQUEST['re_form'] . "'")) { echo 'All saved! refresh the page to see the changes'; } else { mysql_query($query) or die('Error, in form saving'); } } else { if ($db->runQuery("UPDATE wkends_workorder SET formId = '" . implode(',', $_REQUEST['arrayorder']) . "' WHERE id = '" . $_REQUEST['form'] . "'")) { echo 'All saved! refresh the page to see the changes'; } else { mysql_query($query) or die('Error, in form saving'); } } }
/** * Retrieve all information about a specific item. * * @param int $model_id * @return array */ public function user_comments($id) { global $Conf, $dbconn; myDBC::new_andWhere(); myDBC::andWhere("`AutoID` = '{$id}';"); $tA = $Conf["data"]->UserTable; $q = "SELECT userfirstname, userlastname, comments FROM {$tA}" . myDBC::get_andWhere(); $r = mysqli_query($dbconn, $q); while ($row = mysqli_fetch_object($r)) { $rows[] = $row; } return $rows; }
public function deleteReport() { $mydb = new myDBC(); $sql = "DELETE FROM Report where id_Report = '{$this->id_report}';"; $sql2 = "DELETE FROM Report_content where id_Report = '{$this->id_report}';"; $mydb->runQuery($sql); $mydb->runQuery($sql2); }
<?php $baseurl = getcwd() . '/../../'; require $baseurl . 'index.php'; $db = new myDBC(); function search_array($value, $key, $array) { foreach ($array as $k => $val) { if ($val[$key] == $value) { return $ar[] = $k; } } return $ar; } function tym($startdate) { $enddate = date("Y-m-d H:i:s"); $diff = strtotime($enddate) - strtotime($startdate); $temp = $diff / 86400; $days = floor($temp); $temp = 24 * ($temp - $days); $hours = floor($temp); $temp = 60 * ($temp - $hours); $minutes = floor($temp); $temp = 60 * ($temp - $minutes); if ($days == '1' && $hours == '0') { return 'Yesterday at ' . date('H A', strtotime($startdate)); } elseif ($days >= '1') { return date('F', strtotime($startdate)) . ' ' . date('d', strtotime($startdate)); } elseif ($hours > '1' && $hours < '24') { return $hours . ' hours ago';
/*Se obtiene la contraseña del formulario y encriptarla con md5*/ $pass2 = md5($_POST["pass2"]); $passactigual = false; $passnuevigual = false; /*se compara que la contarseña del formulario se igual a la contraseña de la sesión*/ if ($passActual == $passRecivida) { $passactigual = true; } if ($pass1 == $pass2) { $passnuevigual = true; } if ($passactigual == false && $passnuevigual == false) { header('Location: acount.php?p=0'); } else { if ($passactigual == false) { header('Location: acount.php?p=1'); } else { if ($passnuevigual == false) { header('Location: acount.php?p=2'); } else { /*En caso de que no haya error se actualiza la contraseña*/ $mydb = new myDBC(); $actualizar = "update usuarios set passwd='" . $pass1 . "' WHERE cuentauser='******' and iduser="******";"; $mydb->runQuery($actualizar); $_SESSION['userpass'] = $pass1; header('Location: acount.php?p=3&' . $log); } } } } }
<?php if ($_POST) { include "includes/dbconfig.php"; include "includes/mydbclass.php"; //include('config.php'); /*Archivos de configuración de la bases de datos*/ $cuentauser = $_POST['userlogin1']; /*Nombre de usuario o cuenta de usuario, correo o nombre de usuario*/ $passwroduser = md5($_POST['passuser1']); //Asignando las variables de entorno de la bd con encriptación //$conexion = mysql_connect(HOST, USERNAME,PASSWORD) or die("No se pudo conectar con el servidor"); //mysql_select_db(DB, $conexion) or die("No se pudo conectar con la base de datos, revisar configuración."); $mydb = new myDBC(); /*$result = mysql_query("select * from usuarios where cuentauser='******' and passwd='".$passwroduser."' and activated=0;", $conexion);*/ $query = "select * from usuarios where cuentauser='******' and passwd='" . $passwroduser . "' and activated=0;"; foreach ($mydb->runQuery($query) as $row) { $encontrado = true; } if ($encontrado == true) { echo "dentro del if"; foreach ($mydb->runQuery($query) as $row) { session_start(); /*en las variables globales de sesión usuario y pass almacena el nombre de usuario y la contraseña se puede acceder desde cualquier sección*/ $_SESSION['useracount'] = $cuentauser; $_SESSION['userpass'] = $passwroduser; /*realiza una consulta a mysql, extrayendo el nombre y apellido, de acuerdo al nombre de usuario dado*/ foreach ($mydb->runQuery("select * from usuarios where cuentauser='******' and passwd='" . $passwroduser . "' and activated=0;") as $row) { /*$result=mysql_query("select nomuser, apuser, fraseuser, iduser from usuarios where cuentauser='******';", $conexion);*/ /*extrae el nombre y el apellido y lo concatena en la variable global de sesión nomuser, para poder acceder a ella desde cualquier sección*/
/*Archivos de configuración de la bases de datos*/ include "includes/dbconfig.php"; include "includes/mydbclass.php"; if ($_POST) { /*se accede al valor de las variables, del post de esa forma*/ $useracount = $_POST['username']; /*se obtiene el nombre de la cuenta de usuario*/ $frase = $_POST["frase"]; $pass1 = md5($_POST["passreset1"]); $pass2 = md5($_POST["passreset2"]); $userid = ""; $userexist = false; $frasecorrect = false; $passiguales = false; /*Inicializando conexión a la base de datos.*/ $mydb = new myDBC(); $userid = $mydb->obtenerCampo("iduser", "usuarios", " where cuentauser='******' and fraseuser='******' and activated=0 ;"); //$query = "select iduser from usuarios where activated=0 and cuentauser='******';"); if ($userid != "") { $fra = $mydb->obtenerCampo("fraseuser", "usuarios", " where iduser="******" and activated=0 ;"); if ($pass2 == $pass1) { $passiguales = true; } if ($fra == $frase) { $frasecorrect = true; } if ($frasecorrect == false && $passiguales == false) { header('Location: resetpasswd.php?fr=0&ps=0'); } else { if ($frasecorrect == false && $passiguales == true) { header('Location: resetpasswd.php?fr=0');
$apellidos = trim($_POST['apellidos']); $correo = trim($_POST['correo']); $pass = trim($_POST['pass']); $repass = trim($_POST['repass']); $patron1 = "/^[a-z]+\$/i"; //Expresión regular para solo caracteres //Validamos todos los campos con OR, si al menos hay uno que no cumpla la condición //El if se anula y mostramos un error y redirigimos al registro //filter_var es una expresión regular nativa de PHP if ($nombre == '' || preg_match(!$patron1, $nombre) || $apellidos == '' || preg_match(!$patron1, $apellidos) || $correo == '' || !filter_var($correo, FILTER_VALIDATE_EMAIL) || $pass != $repass || $pass == "" || $repass == "") { echo '<script type="text/javascript"> alert("Error: Datos invalidos en el formulario"); window.location="../../../registro.php" </script>'; } else { $mydb = new myDBC(); $mydb->agregaUsuario($nombre, $apellidos, $correo, $repass); } ?> <!DOCTYPE html> <html lang="es"> <head> <title>SERVIDOR</title> </head> <body bgcolor="blue"> </body>
require_once "myDBC.php"; //Recibimos en variables los campos del registro //Con trim quitamos espacios en blanco al inicio y final $nombre = trim($_POST['nombre']); $apellidos = trim($_POST['apellidos']); $correo = trim($_POST['correo']); $pass = trim($_POST['pass']); $repass = trim($_POST['repass']); $patron1 = "/^[a-z]+\$/i"; //Expresión regular para solo caracteres //Validamos todos los campos con OR, si al menos hay uno que no cumpla la condición //El if se anula y mostramos un error y redirigimos al registro //filter_var es una expresión regular nativa de PHP if ($nombre == '' || preg_match(!$patron1, $nombre) || $apellidos == '' || preg_match(!$patron1, $apellidos) || $correo == '' || !filter_var($correo, FILTER_VALIDATE_EMAIL) || $pass != $repass || $pass == "" || $repass == "") { } else { $mydb = new myDBC(); $pass_oculto = crypt($pass, '_er#.lop'); $mydb->agregaUsuario($nombre, $apellidos, $correo, $pass_oculto); } ?> <!DOCTYPE html> <html lang="es"> <head> <title>SERVIDOR</title> </head> <body > </body>
<?php $baseurl = getcwd() . '/../'; require $baseurl . 'index.php'; $db = new myDBC(); if ($_REQUEST['cid']) { $cat = $db->getQuery($db->runQuery("select * from " . CAT . " where id='{$_REQUEST['cid']}' order by id DESC")); $par = explode(",", $cat['parameter']); $_SESSION['par'] = $par; } //for color auto fill if ($_REQUEST[act] == sesion) { $b = "{$_SESSION['colrs']},{$_REQUEST['color']}"; $kd = array_unique(array_filter(explode(",", $b))); sort($kd); $_SESSION[colrs] = implode(",", $kd); ?> <select name="mcolor[]" style="width:200px;"> <option value="">Select</option> <?php for ($i = 0; $i < count($kd); $i++) { ?> <option value="<?php echo $kd[$i]; ?> "> <?php echo ucwords($kd[$i]); ?> </option> <?php