sendMpdCommand($mpd, 'play');
echo json_encode(readMpdResponse($mpd));
}
break;
case 'update':
if (isset($_POST['path']) && $_POST['path'] != '') {
sendMpdCommand($mpd, "update \"" . html_entity_decode($_POST['path']) . "\"");
echo json_encode(readMpdResponse($mpd));
}
break;
case 'trackremove':
if (isset($_GET['songid']) && $_GET['songid'] != '') {
echo json_encode(remTrackQueue($mpd, $_GET['songid']));
}
break;
case 'search':
if (isset($_POST['query']) && $_POST['query'] != '' && isset($_GET['querytype']) && $_GET['querytype'] != '') {
echo json_encode(searchDB($mpd, $_GET['querytype'], $_POST['query']));
}
break;
}
closeMpdSocket($mpd);
}
} else {
echo 'MPD DB INTERFACE<br>';
echo 'INTERNAL USE ONLY<br>';
echo 'hosted on raspyfi.local:81';
}
?>
break;
case 'trackremove':
if (isset($_GET['songid']) && $_GET['songid'] != '') {
echo json_encode(remTrackQueue($mpd, $_GET['songid']));
}
break;
case 'savepl':
if (isset($_GET['plname']) && $_GET['plname'] != '') {
sendMpdCommand($mpd, "rm \"" . html_entity_decode($_GET['plname']) . "\"");
sendMpdCommand($mpd, "save \"" . html_entity_decode($_GET['plname']) . "\"");
echo json_encode(readMpdResponse($mpd));
}
break;
case 'search':
if (isset($_POST['query']) && $_POST['query'] != '' && isset($_GET['querytype']) && $_GET['querytype'] != '') {
$arraySearchResults = searchDB($mpd, $_GET['querytype'], $_POST['query']);
if ($spop) {
$arraySpopSearchResults = querySpopDB($spop, 'file', $_POST['query']);
$arraySearchResults = array_merge($arraySearchResults, $arraySpopSearchResults);
}
echo json_encode($arraySearchResults);
}
break;
case 'loadlib':
echo loadAllLib($mpd);
break;
case 'playall':
if (isset($_POST['path']) && $_POST['path'] != '') {
echo json_encode(playAll($mpd, $_POST['path']));
}
break;
<?php
$text = isset($_POST['search']) ? $_POST['search'] : '';
if ('' === $text) {
die;
}
define('DB_HOST', "localhost");
// db host or ip
define('DB_USER', "root");
// user
define('DB_PASS', "");
// password
define('DB_NAME', "wallethub");
// schema name
$data = searchDB($text);
echo json_encode($data);
/**
* Use PDO to open a connection to DB
*/
function connectDB()
{
$db = new PDO("mysql:dbname=" . DB_NAME . ";host=" . DB_HOST, DB_USER, DB_PASS);
$db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
return $db;
}
/**
* Queries the DB to search for $text
*
* @param $text
*
* @return array
function module_delete_article()
{
echo "<!-- start delete article -->";
if (!$_SESSION['valid_user']) {
echo "Du må være innlogget for å få tilgang til denne siden.";
} else {
$reallydelete = $_REQUEST['reallydelete'];
$articleid = $_REQUEST['articleid'];
// TODO: this smells like shit..
if ($reallydelete) {
$query = "select * from articles where articleid={$articleid}";
$result = DB_get_table($query);
$num_results = DB_rows_affected($result);
if ($num_results == 1) {
//$deletequery = "DELETE FROM articles WHERE articleid = $articleid;";
$deletequery = "UPDATE articles SET is_deleted = 1 WHERE articleid = {$articleid};";
$deleteresult = DB_update($deletequery);
global $logtype;
global $eventdesc;
write_log_entry($articleid, $logtype['article'], "deletearticle,");
echo "<h3>Følgende artikkel er nå slettet fra databasen</h3>";
$row = DB_next_row($result);
echo '<p><strong>' . ($i + 1) . '. Title: ';
echo htmlspecialchars(stripslashes($row['title']));
echo '</strong><br />Author: ';
echo stripslashes($row['author']);
echo '<br />Date: ';
echo stripslashes($row['date']);
echo '<br />Article ID: ';
echo stripslashes($row['articleid']);
echo '<br />Article priority: ';
echo stripslashes($row['priority']);
echo '<br />Text:<br/> ';
echo stripslashes($row['body']);
echo '</p>';
} else {
echo "<h3>Artikkelen fins ikke i databasen.</h3>";
}
} else {
$query = "select * from articles where articleid={$articleid}";
$row = searchDB($query);
// lov til � slette?
$ok = false;
if (isset($_SESSION['valid_user'])) {
if ($_SESSION['valid_user'] == $row['author_username']) {
$ok = true;
}
}
if (isset($_SESSION['valid_admin'])) {
if ($_SESSION['valid_admin']) {
$ok = true;
}
}
if ($ok) {
echo "Vil du virkelig slette " . stripslashes($row['title']) . "?";
form_start_post();
form_hidden("m_c", "module_delete_article");
form_hidden("articleid", $articleid);
form_hidden("reallydelete", "yes");
form_submit("submit", "Ja, slett artikkelen.");
form_end();
} else {
echo "Du må være forfatteren av denne teksten for å kunne slette den.";
}
}
}
}
function getResult()
{
$con = getConnection($_SESSION['loggedInUsername'], $_SESSION['loggedInPW']);
$app = \Slim\Slim::getInstance();
//create variables to store information
$ingredients = array();
$filters = array();
$methods = array();
$noIngredients = array();
$results = array();
$points = array();
$time;
$calories;
$numberOfIngredients = 0;
$counter = 0;
$rows = array();
$results = array();
$saved = array();
$timesSearched;
//epty previous table
try {
$sql = "Truncate TABLE results";
$con->query($sql);
//store all information from json, input from user
foreach ($_GET as $part) {
if (array_key_exists("ing", $part)) {
$ingredient = $con->real_escape_string($part['ing']);
$ingredients[] = $ingredient;
//increment the nuber of times that ingredient is searched for
$query = "select timesSearched from ingredient where foodName = ? ";
$stmt = $con->prepare($query);
$stmt->bind_param('s', $ingredient);
$stmt->execute();
$timesSearched;
$stmt->bind_result($timesSearched);
while ($stmt->fetch()) {
$timesSearched = $timesSearched + 1;
$timesSearched = (int) $timesSearched;
}
$q = "UPDATE ingredient SET timesSearched = ? where foodName = ? ";
$sql = $con->prepare($q);
$sql1 = $con->prepare($q);
$sql1->bind_param('is', $timesSearched, $ingredient);
$sql1->execute();
}
if (array_key_exists("restriction", $part)) {
$filter = $con->real_escape_string($part['restriction']);
$filters[] = $filter;
}
if (array_key_exists("method", $part)) {
$method = $con->real_escape_string($part['method']);
$methods[] = $method;
}
if (array_key_exists("time", $part)) {
$time = $part['time'];
}
if (array_key_exists("noning", $part)) {
$noIngredient = $con->real_escape_string($part['noning']);
$noIngredients[] = $noIngredient;
}
if (array_key_exists("calories", $part)) {
$calories = (int) $part['calories'];
}
if (array_key_exists("numberOfIngredients", $part)) {
$numberOfIngredients = (int) $part['numberOfIngredients'];
}
}
//create all possible subsets of the ingredients
$subset = createSubSet($ingredients);
//insert and search for all subsets
foreach ($subset as $part) {
searchDB($filters, $part, $methods, $time, $calories, $noIngredients, $numberOfIngredients);
}
if (empty($ingredients)) {
searchDB($filters, $ingredients, $methods, $time, $calories, $noIngredients, $numberOfIngredients);
}
if (isset($_SESSION['id'])) {
//check what of the results you have favorited
$result1 = $con->query("select distinct recipeName from recipe inner join searchHistory on recipe.recipeID = searchHistory.ID where username = '******'username'] . "'");
//execute query
if (!$result1) {
throw new Exception(mysqli_error($con));
}
if (mysqli_num_rows($result1) != 0) {
//store information in results
while ($r = mysqli_fetch_assoc($result1)) {
$saved[] = $r;
}
}
}
$result = $con->query("select distinct recipeName, time, recipe.rating, rankingPoints, calories, picture from recipe inner join results on results.recipeID = recipe.recipeID inner join filter on results.recipeID = filter.recipeID order by rankingPoints desc");
//execute query
//check what of the results you have favorited
if (!$result) {
throw new Exception(mysqli_error($con));
}
$issaved = FALSE;
if (mysqli_num_rows($result) != 0) {
//loop through saved to see if a recipe is already saved
while ($r = mysqli_fetch_assoc($result)) {
$issaved = FALSE;
if (!empty($saved)) {
foreach ($saved as $recipe) {
if ($recipe['recipeName'] == $r['recipeName']) {
$issaved = true;
}
}
if ($issaved) {
$r['saved'] = 'true';
$results[] = $r;
} else {
$r['saved'] = 'false';
$results[] = $r;
}
} else {
$r['saved'] = 'false';
$results[] = $r;
}
}
}
} catch (Exception $e) {
$e->getMessage();
}
//send back a json
echo json_encode($results);
mysqli_close($con);
}
} else {
if ($_POST["action"] == "signout") {
$ID = $_POST['id'];
mysqli_query($conn, "UPDATE details SET dleave=NOW() WHERE idDetails='{$ID}'");
} else {
if ($_POST["action"] == "delete") {
$ID = $_POST['id'];
mysqli_query($conn, "DELETE FROM details WHERE idDetails = '{$ID}' ");
//deleteRecord($ID);
} else {
if ($_POST["action"] == "search") {
$fname = $_POST['fname'];
$sname = $_POST['sname'];
$company = $_POST['company'];
$phone = $_POST['phone'];
searchDB($fname, $sname, $company, $phone);
} else {
if ($_POST["action"] == "edit") {
$ID = $_POST["id"];
displayFilledForm($ID);
}
}
}
}
}
}
}
//Functions
//Function to return a filled form.
function displayFilledForm($ID)
{
</head>
<body>
<?php
include "./include/dbUtil.php";
$action = "";
//Chekcs to see if get request to pull values from get.
if (isGetRequest()) {
$action = filter_input(INPUT_GET, 'action');
$search = filter_input(INPUT_GET, 'search');
$column = filter_input(INPUT_GET, 'column');
$columnSort = filter_input(INPUT_GET, 'columnSort');
$order = filter_input(INPUT_GET, 'order');
}
//checks to see $action value. if search runs search function, if sort runs sort function.
if ($action === 'search') {
$results = searchDB($column, $search);
} elseif ($action === 'sort') {
$results = sortDB($columnSort, $order);
} else {
$results = dbAll();
}
?>
<table border="1" class="table table-striped">
<tr>
<th>
Search
</th>
<th>
Sort
</th>
</tr>
function module_edit_profile()
{
echo "<!-- start edit profile -->";
global $href_edit_profile;
global $max_profile_image_size;
if (isset($_REQUEST['savechanges'])) {
$savechanges = $_REQUEST['savechanges'];
}
$edituser = $_SESSION['valid_user'];
if (isset($_REQUEST['canceledit'])) {
$canceledit = $_REQUEST['canceledit'];
}
if (!isset($edituser) || isset($canceledit)) {
if (isset($canceledit)) {
form_unset_user();
echo "Redigering avbrutt.";
} else {
echo "Du må ha logget deg inn for å ha tilgang til denne siden.";
}
} else {
styleConfig();
if (isset($savechanges)) {
$all_ok = true;
$email = $_POST['email'];
$password1 = $_POST['password1'];
$password2 = $_POST['password2'];
$description = $_REQUEST['description'];
$webpage = $_REQUEST['webpage'];
$picture_url = $_REQUEST['picture_url'];
$password1 = strip_tags($password1);
$password2 = strip_tags($password2);
$firstname = strip_tags($firstname);
$lastname = strip_tags($lastname);
$webpage = strip_tags($webpage);
$description = strip_tags($description);
$birthdate = strip_tags($birthdate);
$picture = strip_tags($_REQUEST['picture']);
$admin = $_REQUEST['admin'];
$may_post = $_REQUEST['may_post'];
// Assemble SQL birthdate
$birthdate = $_REQUEST['birthyear'] . "-" . $_REQUEST['birthmonth'] . "-" . $_REQUEST['birthday'];
$birthdate = strip_tags($birthdate);
$_SESSION['existing_edit'] = "true";
save_form_user();
if (strlen($password1) > 0) {
// Do password relevant checks
if (!($password1 == $password2)) {
$all_ok = false;
$error_msg .= " Passordene stemmer ikke.";
}
if (strlen($password1) < 6 || strlen($password1) > 16) {
$all_ok = false;
$error_msg .= " Passoerdet må være mellom 6 og 16 tegn.";
}
}
if (!isset($email) || !valid_email($email)) {
$all_ok = false;
$error_msg .= " Ugyldig e-postadresse.";
}
// Check what to do with the admin flag
if ($admin == 1) {
$admin = 1;
} else {
$admin = 0;
}
// Saveuser() checks whether a password is given or not :p
if (strlen($_FILES['picturepath']['tmp_name']) == 0) {
$info .= " Ingen endringer gjort med profilbilde.";
// Fair enough, no image set OR IT DOESNT EXIST. OOPS.
} else {
if ($max_profile_image_size < $_FILES['picturepath']['size']) {
$all_ok = false;
$error_msg .= " Maksimal bildestørrelse er ." . $max_profile_image_size / 1000 . " kilobytes. Ditt bilde er " . $_FILES['picturepath']['size'] / 1000 . " kilobytes.";
} else {
$picture_result = file_upload($_SESSION['valid_user']);
if ($all_ok == true && $picture_result < 0) {
if ($picture_result == -1) {
$all_ok = false;
$error_msg .= " Bildet er for stort.";
} else {
if ($picture_result == -4) {
$all_ok = false;
$error_msg .= " Lagring av bilde i databasen gikk galt.";
} else {
if ($picture_result == -3) {
$all_ok = false;
$error_msg .= " Fant ikke bildefilen.";
} else {
$all_ok = false;
$error_msg .= " Uspesifisert feil i bildeopplasting.";
}
}
}
} else {
$username = $_SESSION['valid_user'];
$sql = "UPDATE user SET picture=" . $picture_result . " WHERE username='******'";
$result = DB_insert($sql);
if (!$result || DB_rows_affected($result) == 0) {
$log_description .= "imgnotattached,";
$all_ok = false;
$error_msg .= " Bilde lastet opp, men ikke knyttet til bruker. ";
} else {
$log_description .= "goodimgupload,";
}
}
}
}
if ($all_ok) {
$result = saveuser(addslashes($_REQUEST['username']), addslashes($_REQUEST['password1']), addslashes($_REQUEST['email']), $_REQUEST['firstname'], addslashes($_REQUEST['lastname']), addslashes($_REQUEST['webpage']), addslashes($birthdate), addslashes($_POST['description']), $admin, $may_post);
if ($result) {
$log_description .= "goodedit,";
form_unset_user();
echo "<h3>Profil oppdatert</h3>";
echo "Endringene er lagret." . $info;
}
} else {
$log_description .= "badedit,";
echo $error_msg;
}
global $logtype;
write_log_entry($_POST['username'], $logtype['user'], $log_description);
} else {
if (isset($_REQUEST['existing_edit'])) {
$existing_edit = $_SESSION['existing_edit'];
}
if (isset($existing_edit)) {
form_edit_profile($_SESSION);
} else {
$edituser = $_SESSION['valid_user'];
$query = "SELECT * FROM user WHERE username=\"" . $edituser . "\";";
$row = searchDB($query);
form_edit_profile($row);
}
module_my_drafts();
}
}
}
<?php
include "MainFunctions.php";
//Gets all the html files in the directory
$directory = $_GET['dir'] . "/*.{html}";
$files = glob($directory, GLOB_BRACE);
$db = initDB();
$string = $_REQUEST['search'];
$results = searchDB($db, $string);
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1">
<meta name="description" content="">
<meta name="author" content="">
<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4/jquery.min.js"></script>
<title>Narcos - Documents</title>
<!-- Bootstrap Core CSS -->
<link href="css/bootstrap.min.css" rel="stylesheet">
<!-- Custom CSS -->
<link href="css/shop-homepage.css" rel="stylesheet">
<!-- HTML5 Shim and Respond.js IE8 support of HTML5 elements and media queries -->
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.5/css/bootstrap-theme.min.css">
<title>Add to Link Database</title>
</head>
<body>
<?php
//Includes the Header template.
include './includes/header.php';
//Includes the CURL functions
include_once './includes/curlFun.php';
//Includes the Databse Utilities
include_once './includes/dbUtil.php';
$url = filter_input(INPUT_POST, 'url');
//Checks to see if Post Request to add url to database
if (isPostRequest()) {
if (filter_var($url, FILTER_VALIDATE_URL)) {
if (searchDB($url)) {
echo '<h3> Site is already in system.</h3>';
} elseif (!filter_var($url, FILTER_VALIDATE_URL)) {
echo '<h3>URL is not valid!</h3>' . '<h5>Please use "http://www.[SITE].[com,edu,...]/" format</h5>';
} else {
$pageData = getCurl($url);
echo "<h3> {$url}</h3>";
$links = matchURL($pageData);
$message = addData($url, $links);
$url = "";
}
}
}
?>
<?php
<?php
//mySQL Connection
global $conn;
$conn = mysqli_connect('localhost', 'root', null, 'labels');
if ($conn != null) {
file_put_contents('log.txt', 'Connection Success!');
} else {
file_put_contents('log.txt', 'Connection Failure: ' . mysqli_connect_error());
}
//Assign form variables
$fname = $_POST["fname"];
$sname = $_POST["sname"];
$phone = $_POST["phone"];
searchDB($phone);
//Functions
//Delete record from table
function deleteRecord()
{
global $conn, $fname, $sname, $company, $phone, $carpark, $carreg, $visit, $darrive, $dleave;
$stmt = mysqli_prepare($conn, "DELETE * FROM details WHERE (fname = ? OR '') AND (sname = ? OR '') AND (company = ? OR '') AND (phone = ? OR '') AND (carpark = ? OR '') AND (carreg = ?) OR '') AND (visit = ? OR '') AND (darrive = ? OR '') AND (dleave = ? OR '')");
mysqli_stmt_bind_param($stmt, "sssiissss", $fname, $sname, $company, $phone, $carpark, $carreg, $visit, $darrive, $dleave);
mysqli_stmt_execute($stmt);
}
//Search the table based on details, return resultSet in HTML table
function searchDB($phone)
{
global $conn, $fname, $sname, $phone;
$rs = mysqli_prepare($conn, "SELECT DISTINCT fname,sname,company,phone FROM details WHERE (fname = ? OR '') AND (sname = ? OR '') AND (phone = ? OR '')");
mysqli_stmt_bind_param($rs, "ssi", $fname, $sname, $phone);
mysqli_stmt_execute($rs);
case 'trackmove':
if (isset($_GET['songid']) && $_GET['songid'] != '') {
$_args = $_GET['songid'] . ' ' . $_GET['newpos'];
execMpdCommand($mpd, 'move ' . $_args);
$res = 'track move args= ' . $_args;
}
break;
case 'savepl':
if (isset($_GET['plname']) && $_GET['plname'] != '') {
$res = execMpdCommand($mpd, 'rm "' . html_entity_decode($_GET['plname']) . '"');
$res = execMpdCommand($mpd, 'save "' . html_entity_decode($_GET['plname']) . '"');
}
break;
case 'search':
if (isset($_POST['query']) && $_POST['query'] != '' && isset($_GET['querytype']) && $_GET['querytype'] != '') {
$res = searchDB($mpd, $_GET['querytype'], $_POST['query']);
}
break;
case 'loadlib':
$res = loadAllLib($mpd);
break;
case 'addall':
if (null !== $path) {
$res = mpdQueueAddMultiple($mpd, array_column($path, 'file'));
// nested array
}
break;
// - added code to set the playlist song pos for play
// - added code to set the playlist song pos for play
case 'playall':
if (null !== $path) {