function opendatabaseupdate()
{
    // get user info from db.
    $db = mysql_connect("localhost", "cobblest_markh", "jobs358");
    mysql_select_db(getdbname(), $db);
    return $db;
}
Exemple #2
0
function opendatabaseupdate()
{
    // get user info from db.
    $db = mysql_connect($GLOBALS['dynamic_mysqlhost'], $GLOBALS['dynamic_mysqluser'], $GLOBALS['dynamic_mysqlpass']);
    mysql_select_db(getdbname(), $db);
    $myquery = "SET NAMES latin1";
    if (!mysql_query($myquery)) {
        DoError(1, "", mysql_error());
    }
    return $db;
}
    exit;
} else {
    //Make sure we have a match.
    $thecatid = $thepage->gettablename() . "id";
    $matchquery = "SELECT * FROM " . $thepage->gettablename() . " WHERE " . $thefield . "='" . $thefile . "' AND " . $thecatid . "='" . $indid . "'";
    if ($validquery = mysql_query($matchquery)) {
        if (mysql_num_rows($validquery) == 0) {
            $headerloc = "Location: ../../index.php?page=" . $thepage->getfoldername() . "/edit/index.php&message=nomatcherror" . $merror . "&indid=" . $indid;
            header($headerloc);
            unset($headerloc);
            exit;
        } else {
            //Update the image file name to none.
            $deletequery = "UPDATE " . $thepage->gettablename() . " SET " . $thefield . "='none' WHERE " . $thefield . "='" . $thefile . "' AND " . $thecatid . "='" . $indid . "'";
            //Make sure the user deletion succeeded.
            if (mysql_db_query(getdbname(), $deletequery, $db)) {
                //Move on.
            } else {
                $merror = mysql_error();
                $headerloc = "Location: ../../index.php?page=" . $thepage->getfoldername() . "/edit/index.php&message=dataerror&merror=" . $merror . $merror . "&indid=" . $indid;
                header($headerloc);
                unset($headerloc);
                exit;
            }
            $thedeletefile = "../" . $thepage->getimagefolder() . $thefile;
            //If we find the file, then we remove it.
            if (is_file($thedeletefile)) {
                unlink($thedeletefile);
            }
            //If we get this far, then we have succeeded, so let's go back to the appropriate view page...
            $headerloc = "Location: ../../index.php?page=" . $thepage->getfoldername() . "/edit/index.php&message=success" . $merror . "&indid=" . $indid;
 $multicounter = 0;
 for ($k = 0; $k < count($multiinstances); $k++) {
     $multicounter++;
     $tempinst = new multilink("", "", "", "", "", "", "");
     $tempinst = $multiinstances[$k];
     //If the user selected any, then go through them.
     if (count($_POST['themultiples' . $multicounter]) > 0) {
         //Go through the multiples.
         for ($i = 0; $i < count($_POST['themultiples' . $multicounter]); $i++) {
             $themultiple = $_POST['themultiples' . $multicounter][$i];
             //First make sure there isn't already a record for this link.
             if ($verifyquery = mysql_query("SELECT * FROM " . $tempinst->getmultilinktablename() . " WHERE " . $thepage->gettablename() . "id='{$theid}' && " . $tempinst->getmultitablename() . "id='{$themultiple}'")) {
                 if (mysql_num_rows($verifyquery) == 0) {
                     //Then add a rows to the table.
                     $multiaddquery = "INSERT INTO " . $tempinst->getmultilinktablename() . " (" . $tempinst->getmultilinktablename() . "id," . $thepage->gettablename() . "id, " . $tempinst->getmultitablename() . "id) VALUES ('0','{$theid}','{$themultiple}')";
                     if (mysql_db_query(getdbname(), $multiaddquery, $db)) {
                         //Success
                     } else {
                         $merror = mysql_error();
                         $headerloc = "Location: ../../index.php?page=" . $thepage->getfoldername() . "/add/index.php&message=dataerror&merror=" . $merror;
                         header($headerloc);
                         unset($headerloc);
                         exit;
                     }
                 }
             } else {
                 DoError(1, "", mysql_error());
             }
         }
     }
 }
Exemple #5
0
<?php

$qstr = getenv('QUERY_STRING');
parse_str($qstr);
include 'db.php';
$dbname = getdbname($season);
$max_pos = isset($team) ? null : 50;
$sql = <<<END
with
params as (select :lsel as league_select, :tsel as team_select, :max as max_pos),
innings_data as
(select b.player, b.balls, b.runs, b.wickets, 
printf('%d%.15f%d/%d', b.wickets, 10 - (cast(b.runs as real) / b.balls), 999 - b.runs, b.runs) as sort_key
from bowling b, player p, team t, league l, params parms
where b.player = p.id
and p.team = t.id
and t.league = l.id
and (parms.league_select is null or instr(l.name, parms.league_select) <> 0)
and (parms.team_select is null or parms.team_select = t.id)
),
bowling_data as
(
select p.name as player_name, t.id as team_id, t.name as team_name,
sum(b.balls) as balls, sum(b.runs) as runs, sum(b.wickets) as wickets,
round(cast(sum(b.runs) as real) / sum(b.wickets), 2) as average, round(cast(sum(b.runs) * 6 as real) / sum(b.balls), 2) as economy, max(b.sort_key) as best,
printf('%d%.15f', sum(b.wickets) + 10, 10 - (cast(sum(b.runs) as real) / sum(b.balls))) as sort_key
from innings_data b, player p, team t
where b.player = p.id
and p.team = t.id
group by player)
select player_name, team_id, team_name, balls / 6 + 0.1 * (balls % 6) as overs,
    $seclevel = 2;
}
if ($yesno != "full" || $seclevel != 1) {
    header("Location: ../../index.php?page=files/index.php&message=loginerror");
    exit;
} else {
    //Now, we check for a proper match.
    $uid = finduserid($cookie_id);
    if ($checkquery = mysql_query("SELECT touserfileid FROM touserfile WHERE touserfileid='{$indid}' AND fromuser='******'")) {
        $numcheck = mysql_num_rows($checkquery);
        if ($numcheck == 0) {
            header("Location: ../../index.php?page=files/index.php&message=nomatcherror");
            exit;
        } else {
            //Finally we are ready for the archival.
            $arcquery = "UPDATE touserfile SET archive='1' WHERE touserfileid='{$indid}' AND fromuser='******'";
            //Make sure the user deletion succeeded.
            if (mysql_db_query(getdbname(), $arcquery, $db)) {
                //Move on.
            } else {
                header("Location: ../../index.php?page=files/index.php&message=dataerror");
                exit;
            }
            header("Location: ../../index.php?page=files/index.php&message=archivesuccess");
        }
    } else {
        header("Location: ../../index.php?page=files/index.php&message=dataerror");
        exit;
    }
}
mysql_close($db);
Exemple #7
0
             unset($headerloc);
             exit;
         }
         //Now, we need to go through and clean out any files there were.
         for ($i = 0; $i < count($imgarr); $i++) {
             $thedeletefile = "../" . $thepage->getimagefolder() . $imgarr[$i];
             //If we find the file, then we remove it.
             if (is_file($thedeletefile)) {
                 unlink($thedeletefile);
             }
             unset($thedeletefile);
         }
         //And lastly, if there are any linked tables, we must take care of them.
         if ($thepage->getallowmultilink()) {
             $remquery = "DELETE FROM " . $thepage->getmultilinktablename() . " WHERE " . $thepage->gettablename() . "id='{$indid}'";
             if (mysql_db_query(getdbname(), $remquery, $db)) {
                 //Move on.
             } else {
                 $merror = mysql_error();
                 $headerloc = "Location: ../../index.php?page=" . $thepage->getfoldername() . "/index.php&message=dataerror&merror=" . $merror;
                 header($headerloc);
                 unset($headerloc);
                 exit;
             }
         }
         //If we get this far, then we have succeeded, so let's go back to the appropriate view page...
         $headerloc = "Location: ../../index.php?page=" . $thepage->getfoldername() . "/index.php&message=success";
         header($headerloc);
         unset($headerloc);
     }
 } else {
            $city = trim(addslashes($_POST['city']));
            $postal = trim(addslashes($_POST['postal']));
            $email = trim(addslashes($_POST['email']));
            $province = $_POST['province'];
            $password = trim($_POST['password']);
            //Now edit the client.
            $editquery = "UPDATE useraccount SET name='{$clientname}', address='{$address}', phone='{$phone}', city='{$city}', province='{$province}', postal='{$postal}', email='{$email}' WHERE useraccountid='{$indid}' AND whosclient='{$uid}'";
            if (mysql_db_query(getdbname(), $editquery, $db)) {
                //Move on.
            } else {
                header("Location: ../../index.php?page=clients/edit/index.php&message=dataerror&indid={$indid}");
                exit;
            }
            //Then edit the client's login.
            $editloginquery = "UPDATE userlogin SET username='******', password='******' WHERE useraccountid='{$indid}'";
            if (mysql_db_query(getdbname(), $editloginquery, $db)) {
                //Move on.
            } else {
                header("Location: ../../index.php?page=clients/edit/index.php&message=dataerror&indid={$indid}");
                exit;
            }
            //If we get this far, then we have succeeded, so let's go back to the clients page...
            header("Location: ../../index.php?page=clients/index.php&message=editsuccess");
        }
    } else {
        header("Location: ../../index.php?page=clients/edit/index.php&message=dataerror&indid={$indid}");
        exit;
    }
}
//Close the database.
mysql_close($db);
        $loginrow = mysql_fetch_array($validloginquery);
        if (strcmp($username, $loginrow['username']) == 0 && strcmp($password, $loginrow['password']) == 0) {
            session_start();
            $cookie_id = $loginrow['staffloginid'];
            $cookie_user = $loginrow['username'];
            $cookie_pass = crypt($loginrow['password'], 'xx');
            $_SESSION['cookie_id'] = $cookie_id;
            $_SESSION['cookie_user'] = $cookie_user;
            $_SESSION['cookie_pass'] = $cookie_pass;
            //Now we grab the current time and IP Address.
            $now = time();
            $ip = $REMOTE_ADDR;
            $updateid = $loginrow['staffloginid'];
            $updateloginquery = "UPDATE stafflogin SET lastlogin='******', lastip='{$ip}' WHERE staffloginid='{$updateid}'";
            //Make sure the update succeeded.
            if (mysql_db_query(getdbname(), $updateloginquery, $db)) {
                //Keep moving.
            } else {
                $theerror = mysql_error();
                header("Location: index.php?message=dataerror&merror={$theerror}");
                exit;
            }
            //Then we clear out.
            header("Location: index.php");
        } else {
            header("Location: index.php?message=loginerror");
            exit;
        }
    }
} else {
    $theerror = mysql_error();
             DoError(1, "", mysql_error());
         }
     }
 }
 //Now, we have to go through all the link records for this item.  If there is one that was
 //not selected this time, then the user must want to remove it.  So it shall be.
 //Run through all the instances.
 if ($rquery = mysql_query("SELECT * FROM " . $tempinst->getmultilinktablename() . " WHERE " . $thepage->gettablename() . "id='{$indid}'")) {
     if (mysql_num_rows($rquery) > 0) {
         while ($rdata = mysql_fetch_array($rquery)) {
             $tempid = $tempinst->getmultitablename() . "id";
             if (!in_array($rdata[$tempid], $multitracker)) {
                 //Then remove the record.
                 $thedel = $rdata[$tempid];
                 $multiremovequery = "DELETE FROM " . $tempinst->getmultilinktablename() . " WHERE " . $tempinst->getmultitablename() . "id='{$thedel}' AND " . $thepage->gettablename() . "id='{$indid}'";
                 if (mysql_db_query(getdbname(), $multiremovequery, $db)) {
                     //Success
                 } else {
                     $merror = mysql_error();
                     $headerloc = "Location: ../../index.php?page=" . $thepage->getfoldername() . "/add/index.php&message=dataerror&merror=" . $merror;
                     header($headerloc);
                     unset($headerloc);
                     exit;
                 }
             }
         }
     }
 } else {
     $merror = mysql_error();
     $headerloc = "Location: ../../index.php?page=" . $thepage->getfoldername() . "/add/index.php&message=dataerror&merror=" . $merror;
     header($headerloc);
    $clientname = trim(addslashes($_POST['clientname']));
    $address = trim(addslashes($_POST['address']));
    $phone = trim(addslashes($_POST['phone']));
    $city = trim(addslashes($_POST['city']));
    $postal = trim(addslashes($_POST['postal']));
    $email = trim(addslashes($_POST['email']));
    $province = $_POST['province'];
    $password = trim($_POST['password']);
    $uid = finduserid($cookie_id);
    //Now add the client.
    $addquery = "INSERT INTO useraccount (useraccountid, name, address, phone, city, province, postal, email, whosclient) VALUES ('0','{$clientname}','{$address}','{$phone}','{$city}','{$province}','{$postal}','{$email}','{$uid}')";
    if (mysql_db_query(getdbname(), $addquery, $db)) {
        //Move on.
    } else {
        header("Location: ../../index.php?page=clients/add/index.php&message=dataerror");
        exit;
    }
    $newid = mysql_insert_id();
    //Now, insert the login information.
    $addloginquery = "INSERT INTO userlogin (userloginid, useraccountid, username, password, lastlogin, lastip, seclevel) VALUES ('0','{$newid}','{$username}','{$password}','never','none','2')";
    if (mysql_db_query(getdbname(), $addloginquery, $db)) {
        //Move on.
    } else {
        header("Location: ../../index.php?page=clients/add/index.php&message=dataerror");
        exit;
    }
    //If we get this far, then we have succeeded, so let's go back to the clients page...
    header("Location: ../../index.php?page=clients/index.php&message=success");
}
//Close the database.
mysql_close($db);
         //Now, we simply move the category to the new position and take the category in that position to the other position.
         $updatequery = "UPDATE " . $thepage->gettablename() . " SET displayorder='{$towhat}' WHERE " . $thecatid . "='{$indid}'";
         if (mysql_db_query(getdbname(), $updatequery, $db)) {
             //Move on.
         } else {
             $merror = mysql_error();
             $headerloc = "Location: ../../index.php?page=" . $thepage->getfoldername() . "/index.php&indid={$indid}&message=dataerror&merror=" . $merror;
             header($headerloc);
             unset($headerloc);
             exit;
         }
         $old = $catdata['displayorder'];
         $oldid = $olddata[$thecatid];
         //Then change the other one.
         $updateoldquery = "UPDATE " . $thepage->gettablename() . " SET displayorder='{$old}' WHERE " . $thecatid . "='{$oldid}'";
         if (mysql_db_query(getdbname(), $updateoldquery, $db)) {
             //Move on.
         } else {
             $merror = mysql_error();
             $headerloc = "Location: ../../index.php?page=" . $thepage->getfoldername() . "/index.php&indid={$indid}&message=dataerror&merror=" . $merror;
             header($headerloc);
             unset($headerloc);
             exit;
         }
         header("Location: ../../index.php?page=" . $thepage->getfoldername() . "/index.php&message=Record position successfully altered.");
     }
 } else {
     $merror = mysql_error();
     $headerloc = "Location: ../../index.php?page=" . $thepage->getfoldername() . "/index.php&indid={$indid}&message=dataerror&merror=" . $merror;
     header($headerloc);
     unset($headerloc);