function save()
{
$this->school = cleanUserInput($this->paramPost('school', TRUE, ""));
$this->email = cleanUserInput($this->paramPost('email', '', ""));
$this->year = intval($this->paramPost('year', TRUE, 1));
$this->phone = cleanUserInput($this->paramPost('phone', TRUE, ""));
$position = $_POST['position'];
if (!empty($position)) {
$N = count($position);
for ($i = 0; $i < $N; $i++) {
$this->position .= $position[$i] . ',';
}
}
//$this->position = cleanUserInput($this->paramPost('position', TRUE, ""));
$this->name = cleanUserInput($this->paramPost('name', TRUE, ""));
$table = 'students';
$dbRet = $this->db->insert($table, $this);
if (!$dbRet) {
$errNo = $this->db->_error_number();
$errMess = $this->db->_error_message();
echo "Problem inserting to " . $table . ": " . $errMess . " (" . $errNo . ")";
exit;
}
return $this->db->insert_id();
}
private function commit_save_scorer()
{
$requestInfo = $this->request->getLocationInfo();
$this->gps_lat = floatval($requestInfo->latitude);
$this->gps_lon = floatval($requestInfo->longitude);
$this->country_code = cleanUserInput($requestInfo->country_code);
$this->timestamp = time();
$dbRet = $this->db->insert(self::TABLE, $this);
//var_dump($dbRet);
if (!$dbRet) {
$errNo = $this->db->_error_number();
$errMess = $this->db->_error_message();
echo "Problem Inserting to " . $table . ": " . $errMess . " (" . $errNo . ")";
exit;
}
return $this->db->insert_id();
}
function insert()
{
$this->title = cleanUserInput($this->paramPost('title', TRUE, ""));
$this->content = cleanUserInput($this->paramPost('content', TRUE, ""));
$this->is_paid = cleanUserInput($this->paramPost('is_paid', TRUE, "0"));
$this->is_problem = cleanUserInput($this->paramPost('is_problem', TRUE, "0"));
$this->category = cleanUserInput($this->paramPost('category', TRUE, "0"));
$this->thumbnail_url = cleanUserInput($this->paramPost('thumbnail_url', TRUE, ""));
$this->user_id = cleanUserInput($this->paramPost('user_id', TRUE, "0"));
$this->price = floatval($this->paramPost('price', TRUE, "0"));
$this->creation_date = time();
$table = self::$TABLE_NAME;
$dbRet = $this->db->insert($table, $this);
//var_dump($dbRet);
if (!$dbRet) {
$errNo = $this->db->_error_number();
$errMess = $this->db->_error_message();
echo "Problem inserting to " . $table . ": " . $errMess . " (" . $errNo . ")";
exit;
}
return $this->db->insert_id();
}
function insert_scorer()
{
$this->load->library('encrypt');
$this->answered_question = intval($this->paramPost('answered_question', TRUE, 0));
$this->phone = cleanUserInput($this->paramPost('phone', TRUE, ""));
$this->email = cleanUserInput($this->paramPost('email', ''));
$this->firstname = cleanUserInput($this->paramPost('firstname', TRUE));
$this->lastname = cleanUserInput($this->paramPost('lastname', TRUE));
$this->os = cleanUserInput($this->paramPost('os', TRUE, ''));
$this->os_version = cleanUserInput($this->paramPost('os_version', TRUE, ''));
$this->social_security_number = cleanUserInput($this->paramPost('social_security_number', TRUE, ''));
$versionType = $this->paramPost('version', TRUE, '');
$submitCode = $this->paramPost('code', TRUE, '');
$date = cleanUserInput($this->paramPost('date', ''));
if ($this->email == "" || $this->answered_question <= 0) {
//TODO
//return FALSE;
}
if ($versionType === 'NK') {
//TODO
} else {
//TODO
}
$codeStr = $this->email . '-' . $this->os_version . '-' . $date . '-' . $this->answered_question;
$validSubmitCode = $this->encrypt->sha1($codeStr);
//echo $codeStr ."\n"; echo $validSubmitCode ."\n"; echo $submitCode ."\n"; exit;
if ($submitCode !== $validSubmitCode) {
return FALSE;
}
$this->timestamp = time();
$requestInfo = $this->getRequestInfo();
$this->gps_lat = floatval($requestInfo->latitude);
$this->gps_lon = floatval($requestInfo->longitude);
$this->country_code = cleanUserInput($requestInfo->country_code);
$this->region_code = cleanUserInput($requestInfo->region_name);
$table = 'bt_scorers';
$dbRet = $this->db->insert($table, $this);
//var_dump($dbRet);
if (!$dbRet) {
$errNo = $this->db->_error_number();
$errMess = $this->db->_error_message();
echo "Problem Inserting to " . $table . ": " . $errMess . " (" . $errNo . ")";
exit;
}
return $this->db->insert_id();
}
$location = "index.php";
} else {
$location = "pivotx/index.php";
}
header("Location: " . $location);
die;
}
// No trailing slashes on the URI, plz.
$_GET['uri'] = stripTrailingSlash($_GET['uri']);
// Check if we need to get the parameters from a 'non crufty' URL..
if (!empty($_GET['rewrite'])) {
parseRewrittenURL($_GET['rewrite'], $_GET['uri']);
}
// Cleaning user input - safeString-ing all values in the super globals
// ($_GET, $_POST, $_REQUEST and $_COOKIE) that are used in render.php
cleanUserInput();
/**
* Check if we need to handle a posted comment or trackback
*/
$trackback = getDefault($PIVOTX['config']->get('localised_trackback_name'), "trackback");
if (!empty($_POST['piv_code'])) {
require_once dirname(__FILE__) . "/modules/module_comments.php";
handlePostComment();
} elseif (isset($_GET[$trackback])) {
if (count($_POST) > 0) {
require_once dirname(__FILE__) . "/modules/module_trackbacks.php";
handlePostTrackback($_GET['e'], $_GET['date']);
} elseif (isset($_GET['getkey'])) {
require_once dirname(__FILE__) . "/modules/module_trackbacks.php";
getTracbackKeyJS($_GET['e'], $_GET['date']);
}
