public function checkUserSession()
{
if (!isset($this->SessionID)) {
return array(false, "Session key empty");
}
$SessionID = $this->SessionID;
$sql = "SELECT Email FROM Sessions WHERE SessionID = ?";
$params = array($SessionID);
global $conn;
if ($conn) {
$stmt = sqlsrv_query($conn, $sql, $params);
if ($stmt === false) {
return array(false, "Connection to server failed.");
} else {
if (sqlsrv_has_rows($stmt) > 0) {
$email = '';
while ($row = sqlsrv_fetch_array($stmt, SQLSRV_FETCH_ASSOC)) {
$email = $row['Email'];
}
return array(true, $email);
} else {
return array(false, "Failed to authenticate");
}
}
}
}
/**
* Dumps the Founder data into a table
*
* @param int $CompanyID
*/
function dumpFounderData($CompanyID)
{
// include the data access class
include_once "DAO.php";
try {
// create a new data access object
$db = new DAO();
$sql = "EXEC dbo.GetFounderByCompanyID @CompanyID = " . $CompanyID;
// set the select statement
$db->setSQL($sql);
// execute the SQL
if ($db->execute()) {
// did we get some rows
if (sqlsrv_has_rows($db->getResultSet())) {
// output the table and the first row (column headers)
echo '<br>';
echo '<table class="sorted table-autosort:0 table-stripeclass:alternate">';
echo "<thead><tr>";
echo "<th class='table-sortable:default' width='100'>Name</th>";
echo "</tr></thead><tbody>";
// output the table rows
while ($row = sqlsrv_fetch_array($db->getResultSet(), SQLSRV_FETCH_ASSOC)) {
echo '<tr><td class="left" width="70"><a href="../Participant/History.php?wfID=' . $row['ID'] . '" target="_blank">' . $row['FounderName'] . '</a></td></tr>';
}
// finish the table
echo "</tbody></table>";
} else {
echo "<div class='err'>No data found.</div>";
}
}
} catch (Exception $e) {
echo $e->getMessage(), "\n";
}
echo "</br>";
}
/**
* Execute Query to obtain one or more objects from the NECLIMS db; returns string on error
*
* @param $sql
* @param optional class specification
*/
function query($sql, $object = NULL)
{
// include object class if specifed
if ($object != NULL) {
require_once $object . ".cls.php";
}
// create a data access object
$dao = new DAO();
// pass the sql statement to the data access object
$dao->setSQL($sql);
// declare an array for storing the row results
$retVal = array();
try {
// run the sql statement
if ($dao->execute() && sqlsrv_has_rows($dao->getResultSet())) {
// object specified.
if ($object != NULL) {
// while there were more results/rows, save the object in the array
while ($row = sqlsrv_fetch_object($dao->getResultSet(), $object . "")) {
$retVal[] = $row;
}
} else {
// while there were more results/rows, save the object in the array
while ($row = sqlsrv_fetch_array($dao->getResultSet(), SQLSRV_FETCH_ASSOC)) {
$retVal[] = $row;
}
}
}
} catch (Exception $e) {
return "Query Error: " . $e->getMessage() . ". SQL: " . $sql . ". Object specified: " . $object;
}
// return to the caller
return $retVal;
//error_log(print_r($retVal, true));
}
/**
*
* @param resource $conn
* Recurso que contiene la conexión SQL.
* @param string $tabla
* @param boolean $comprobar
* Si está a true (valor por defecto) siempre hace la comprobación.
* Si se pone el valor a false sólo hace la comprobación cuando es
* día 1.
* @return mixed array si hay un error SQL. Si la tabla no existe false. Si la
* tabla existe true.
*/
function existeTabla($conn, $tabla, $comprobarTabla = 1)
{
$hoy = getdate();
if ($hoy["mday"] == 1 or $comprobarTabla) {
global $respError;
$sql = "select * from dbo.sysobjects where id = object_id(N'{$tabla}')";
// Ejecutar una consulta SQL para saber si existe la tabla de auditoría
//////////////////////////////////////////////////////
$stmt = sqlsrv_query($conn, $sql);
if ($stmt === false) {
if (($errors = sqlsrv_errors()) != null) {
$SQLSTATE = $errors[0]["SQLSTATE"];
$Cerror = $errors[0]["code"];
$Merror = utf8_encode($errors[0]["message"]);
if ($farmacia == FARMACIA_DEBUG or strlen(FARMACIA_DEBUG) == 0) {
if (DEBUG & DEBUG_ERROR_SQL) {
$mensaje = "--[" . date("c") . "] código: {$Cerror} mensaje: {$Merror} \n";
$mensaje .= "--Error en el fichero: " . __FILE__ . ", en la línea: " . __LINE__;
error_log($mensaje . $sql . "\r\n", 3, DIRECTORIO_LOG . __FUNCTION__ . "_" . date("YmdH") . ".log");
}
}
// Error al hacer la consulta
return $respError->errorSQL($SQLSTATE, $Cerror, $Merror);
}
}
if (sqlsrv_has_rows($stmt) === false) {
// La tabla no existe.
return false;
}
}
// La tabla existe o no hay que comprobarlo
return true;
}
public static function hasRows($connection, $query, $params = NULL)
{
if (!$params) {
$query = sqlsrv_has_rows(sqlsrv_query($connection, $query));
} else {
$query = sqlsrv_has_rows(sqlsrv_query($connection, $query, $params));
}
return $query;
}
function create_env_devices($conn)
{
$query_check_data_exists = "SELECT * FROM riot4.ENV_settings";
$statement_check_data_exist = sqlsrv_query($conn, $query_check_data_exists);
if (!sqlsrv_has_rows($statement_check_data_exist)) {
$MID = DEFAULT_ENV_ID;
$query_insert_devices = "INSERT INTO riot4.ENV_settings (id,Device,Value) VALUES (?,'light_bulb',4),(?,'fan_table',8),(?,'light_table',2)";
$params = array($MID, $MID, $MID);
sqlsrv_query($conn, $query_insert_devices, $params);
}
}
function getPlayerID($gameName, $clanID)
{
$db = new BaseDB();
$records = $db->dbQuery("SELECT PlayerID from Player WHERE GameName = '{$gameName}' AND ClanID = {$clanID}");
if (sqlsrv_has_rows($records)) {
$record = sqlsrv_fetch_array($records, SQLSRV_FETCH_BOTH);
return $record['PlayerID'];
} else {
return null;
}
}
private function fetch_rows()
{
$num_rows = $this->num_rows();
if ($num_rows > 0 && sqlsrv_has_rows($this->result)) {
for ($i = 0; $i < $num_rows; $i++) {
$result_array[$i] = sqlsrv_fetch_array($this->result, SQLSRV_FETCH_ASSOC);
}
//END for
return $result_array;
} else {
return null;
}
//END if
}
function checkPW($user, $password)
{
$conn = sqlsrv_connect($GLOBALS['srvname'], $GLOBALS['con_info']);
$query = "SELECT * FROM Gamer WHERE username=? AND password=?";
$params = array($user, $password);
$result = sqlsrv_query($conn, $query, $params);
if (!$result) {
die(print_r(sqlsrv_errors()));
}
$numrows = sqlsrv_has_rows($result);
if (!$numrows) {
return false;
}
sqlsrv_close($conn);
return true;
}
function tekenProduct($productNaam, $image, $beschrijving, $resterendeTijd, $productNummer)
{
if ($resterendeTijd == '0:0:0:0') {
$sql99 = "update Voorwerp set VeilingGesloten='Ja' where Voorwerpnummer = " . $productNummer . "";
$stmt99 = sqlsrv_query($conn, $sql99);
$uitvoer99 = sqlsrv_fetch_array($stmt, SQLSRV_FETCH_ASSOC);
$where = "WHERE Voorwerpnummer = " . $productNummer . "";
$sql = 'select V.Titel, V.Verkoper
from Voorwerp V
' . $where . '';
$stmt = sqlsrv_query($conn, $sql);
$uitvoer = sqlsrv_fetch_array($stmt, SQLSRV_FETCH_ASSOC);
$sql2 = 'select Gebruikersnaam, Voornaam, Achternaam, Mailbox
from Gebruiker
where Gebruikersnaam=(select top 1 B.Gebruiker
from Voorwerp V INNER JOIN Bod B
ON V.Voorwerpnummer=B.Voorwerp
' . $where . '
ORDER BY B.Bodbedrag DESC)';
$stmt2 = sqlsrv_query($conn, $sql2);
$rows = sqlsrv_has_rows($stmt2);
if ($rows == true) {
$row = sqlsrv_fetch_array($stmt2, SQLSRV_FETCH_ASSOC);
$email = $row['Mailbox'];
$msg = "Gefeliciteerd! U heeft de veiling met de naam: " . rtrim($uitvoer['Titel']) . " gewonnen! \n Wanneer u uw product ontvangen hebt kunt u feedback achterlaten op de verkoper met deze link: iproject12.icasites.nl/feedbackAchterlaten.php?voorwerp=" . $productNummer . "&gebruiker=" . $uitvoer['Verkoper'] . "\n Bewaar deze email goed.";
mail($email, "Gewonnen veiling", $msg);
}
if ($rows == false) {
$sql2 = "select Mailbox\n\t\t\t\t\t\t\tfrom Gebruiker\n\t\t\t\t\t\t\twhere Gebruikersnaam='" . $uitvoer['Verkoper'] . "'";
$stmt2 = sqlsrv_query($conn, $sql2);
$row = sqlsrv_fetch_array($stmt2, SQLSRV_FETCH_ASSOC);
$email = $row['Mailbox'];
$msg = "Helaas! uw veiling met de naam: " . rtrim($uitvoer['Titel']) . " heeft geen biedingen gekregen. \n Uw veiling is gesloten.";
mail($email, "Uw veiling is gesloten", $msg);
}
}
$class = "product";
echo '<div class="' . $class . '">
<img src="resources/images/' . $image . '" alt="' . $image . '">
<h1>' . $productNaam . '</h1>
<div class="productoverzicht">
' . $beschrijving . '
</div>
<h4>' . $resterendeTijd . '</h4>
<a href="productDetailPagina.php?id=' . $productNummer . '">Bekijk veiling </a>
</div>';
}
function ENV_logged_on()
{
$query = "SELECT * FROM riot4.ENV WHERE id = ?";
$params = array($_SESSION['MID']);
$statement = sqlsrv_query($conn, $query, $params);
if (sqlsrv_has_rows($statement)) {
$row = sqlsrv_fetch_array($statement);
if ($row['OTP'] == $_SESSION['ENV_OTP']) {
$_SESSION['ENV_OTP'] = $row['OTP'];
} else {
$_SESSION['ENV_OTP'] = NULL;
$_SESSION['MID'] = NULL;
$_SESSION['ROOT'] = NULL;
}
}
return isset($_SESSION['MID']);
}
function dumpParticipantWorkFlows($DONOR_CODE)
{
// include the data access class
include_once "DAO.php";
try {
// create a new data access object
$db = new DAO();
// set the SQL
$sql = "EXEC dbo.GetParticipantWorkFlows @DONOR_CODE ='" . $DONOR_CODE . "'";
// set the select statement
$db->setSQL($sql);
// execute the SQL
if ($db->execute()) {
// did we get some rows
if (sqlsrv_has_rows($db->getResultSet())) {
// output the table and the first row (column headers)
echo '<br>';
echo '<table class="sorted table-autosort:0 table-stripeclass:alternate">';
echo "<thead><tr>";
echo "<th class='table-sortable:default' width='70'>Name</th>";
echo "<th class='table-sortable:default' width='295'>Description</th>";
echo "<th class='table-sortable:default' width='75'>Status</th>";
echo "<th class='table-sortable:default' width='150'>Next step</th>";
echo "<th class='table-sortable:default' width='200'>Next step role</th>";
echo "</tr></thead><tbody>";
// output the table rows
while ($row = sqlsrv_fetch_array($db->getResultSet(), SQLSRV_FETCH_ASSOC)) {
echo '<tr><td class="left" width="70"><a href="../Participant/History.php?wfID=' . $row['ID'] . '" target="_blank">' . $row['Name'] . '</a></td>';
echo '<td class="left" width="295">' . $row['Description'] . '</td>';
echo '<td class="center" width="75">' . $row['WorkFlowStatus'] . '</td>';
echo '<td class="left" width="150">' . $row['NextStep'] . '</td>';
echo '<td class="left" width="200">' . $row['Role'] . '</td></tr>';
}
// finish the table
echo "</tbody></table>";
} else {
echo "<div class='err'>No data found.</div>";
}
}
} catch (Exception $e) {
echo $e->getMessage(), "\n";
}
echo "</br>";
}
function doLogin($params)
{
$lquery = "SELECT username, rank, class, race FROM Gamer WHERE username=? AND password=?";
$srvname = "localhost";
$con_info = array("Database" => "EPGP", "UID" => "sa", "PWD" => "cakepie");
$conn = sqlsrv_connect($srvname, $con_info);
if (!$conn) {
die(print_r(sqlsrv_errors(), true));
}
if (isset($conn) && isset($lquery)) {
$result = sqlsrv_query($conn, $lquery, $params);
} else {
echo "DB Query missing connection or query";
}
if (sqlsrv_has_rows($result)) {
return sqlsrv_fetch_array($result);
} else {
return false;
}
}
function signUp()
{
if (!empty($_POST['username'])) {
$checkUser = $_POST['username'];
unset($query);
$query = "select * from users where username = '******'";
$stmt = sqlsrv_query($GLOBALS['conn'], $query);
$record = sqlsrv_has_rows($stmt);
if (!$record) {
$this->regUser();
} else {
//echo "Sorry! You are already registered.";
sqlsrv_close($GLOBALS['conn']);
die(print_r(sqlsrv_errors(), true));
}
}
if (isset($_POST['submit'])) {
echo "Submit call";
signUp();
}
}
while ($row = sqlsrv_fetch_array($statement)) {
$query_env_update = "UPDATE riot4.ENV_settings SET Value = ? WHERE id = ? AND Device = ?";
$params = array($row['Value'], $Envir_ID, $row['Device']);
$statement_env_update = sqlsrv_query($conn, $query_env_update, $params);
}
}
$msg = "You are admin for the environment";
header("Location: /env_settings.php?Message=" . urlencode($msg));
} else {
if (get_count($_SESSION['MID']) == 0) {
/* Change ENV values to that of first user
-------------------------------------------*/
$query = "SELECT * from riot4.settings WHERE User_ID = ?";
$params = array($_SESSION['userid']);
$statement = sqlsrv_query($conn, $query, $params);
if (sqlsrv_has_rows($statement)) {
while ($row = sqlsrv_fetch_array($statement)) {
$query_env_update = "UPDATE riot4.ENV_settings SET Value = ? WHERE id = ? AND Device = ? AND LOCK=0";
$params = array($row['Value'], $Envir_ID, $row['Device']);
$statement_env_update = sqlsrv_query($conn, $query_env_update, $params);
}
}
$msg = "You are 1st user in the environment";
header("Location: /env_settings.php?Message=" . urlencode($msg));
}
}
} else {
$msg = "Environment_ID/OTP combination is incorrect.<br><br>";
$valid = TRUE;
}
} else {
/**
* INSERT wrapper, inserts an array into a table
*
* $arrToInsert may be a single associative array, or an array of these with numeric keys, for
* multi-row insert.
*
* Usually aborts on failure
* If errors are explicitly ignored, returns success
* @param string $table
* @param array $arrToInsert
* @param string $fname
* @param array $options
* @throws DBQueryError
* @return bool
*/
public function insert($table, $arrToInsert, $fname = __METHOD__, $options = array())
{
# No rows to insert, easy just return now
if (!count($arrToInsert)) {
return true;
}
if (!is_array($options)) {
$options = array($options);
}
$table = $this->tableName($table);
if (!(isset($arrToInsert[0]) && is_array($arrToInsert[0]))) {
// Not multi row
$arrToInsert = array(0 => $arrToInsert);
// make everything multi row compatible
}
// We know the table we're inserting into, get its identity column
$identity = null;
// strip matching square brackets and the db/schema from table name
$tableRawArr = explode('.', preg_replace('#\\[([^\\]]*)\\]#', '$1', $table));
$tableRaw = array_pop($tableRawArr);
$res = $this->doQuery("SELECT NAME AS idColumn FROM SYS.IDENTITY_COLUMNS " . "WHERE OBJECT_NAME(OBJECT_ID)='{$tableRaw}'");
if ($res && sqlsrv_has_rows($res)) {
// There is an identity for this table.
$identityArr = sqlsrv_fetch_array($res, SQLSRV_FETCH_ASSOC);
$identity = array_pop($identityArr);
}
sqlsrv_free_stmt($res);
// Determine binary/varbinary fields so we can encode data as a hex string like 0xABCDEF
$binaryColumns = $this->getBinaryColumns($table);
foreach ($arrToInsert as $a) {
// start out with empty identity column, this is so we can return
// it as a result of the insert logic
$sqlPre = '';
$sqlPost = '';
$identityClause = '';
// if we have an identity column
if ($identity) {
// iterate through
foreach ($a as $k => $v) {
if ($k == $identity) {
if (!is_null($v)) {
// there is a value being passed to us,
// we need to turn on and off inserted identity
$sqlPre = "SET IDENTITY_INSERT {$table} ON;";
$sqlPost = ";SET IDENTITY_INSERT {$table} OFF;";
} else {
// we can't insert NULL into an identity column,
// so remove the column from the insert.
unset($a[$k]);
}
}
}
// we want to output an identity column as result
$identityClause = "OUTPUT INSERTED.{$identity} ";
}
$keys = array_keys($a);
// INSERT IGNORE is not supported by SQL Server
// remove IGNORE from options list and set ignore flag to true
$ignoreClause = false;
if (in_array('IGNORE', $options)) {
$options = array_diff($options, array('IGNORE'));
$this->mIgnoreDupKeyErrors = true;
}
// Build the actual query
$sql = $sqlPre . 'INSERT ' . implode(' ', $options) . " INTO {$table} (" . implode(',', $keys) . ") {$identityClause} VALUES (";
$first = true;
foreach ($a as $key => $value) {
if (isset($binaryColumns[$key])) {
$value = new MssqlBlob($value);
}
if ($first) {
$first = false;
} else {
$sql .= ',';
}
if (is_null($value)) {
$sql .= 'null';
} elseif (is_array($value) || is_object($value)) {
if (is_object($value) && $value instanceof Blob) {
$sql .= $this->addQuotes($value);
} else {
$sql .= $this->addQuotes(serialize($value));
}
} else {
$sql .= $this->addQuotes($value);
}
}
$sql .= ')' . $sqlPost;
// Run the query
$this->mScrollableCursor = false;
try {
$ret = $this->query($sql);
} catch (Exception $e) {
$this->mScrollableCursor = true;
$this->mIgnoreDupKeyErrors = false;
throw $e;
}
$this->mScrollableCursor = true;
$this->mIgnoreDupKeyErrors = false;
if (!is_null($identity)) {
// then we want to get the identity column value we were assigned and save it off
$row = $ret->fetchObject();
$this->mInsertId = $row->{$identity};
}
}
return $ret;
}
/**
* Comprueba si el DNI del certificado está dado de alta en la base de
* datos.
*
* @param resource $conn
* Recurso que contiene la conexión SQL.
* @param $farmacia string
* Número de farmacia.
* @param $DNIParam string
* DNI pasado como parámetro en la petición.
* @return mixed String de cuatro dígitos con el número de la farmacia si existe
* el DNI. <br> - Array con el error SQL, si lo hay.<br> - Si no está
* dado de alta o no se reconece el certificado, array con el error
* "-9001".
*/
function comprobarCertificado($conn, $farmacia, $DNIParam)
{
$cetificadosPermitidos = unserialize(CERTIFICADOS_PERMITIDOS);
if ($datosCertificado = analizaCertificado($cetificadosPermitidos)) {
$CN = $datosCertificado["CN"];
$DNI_CERT = strtoupper($datosCertificado["DNI"]);
$SERIAL_NUMBER = $datosCertificado["SERIAL NUMBER"];
$ORGANISMO = $datosCertificado["ORGANISMO"];
define("CN", $CN);
} else {
$errors = array("code" => "-9001", "message" => "Certificado no reconocido.");
return $errors;
//No hay resultados
}
if ($DNI_CERT != $DNIParam) {
$errors = array("code" => "-9002", "message" => "El DNI del certificado no es el mismo que el introducido como parámetro.");
return $errors;
//No hay resultados
}
$parametros = array($DNIParam, $farmacia);
$sql = "SELECT\r\n\t\t\t[farmacia]\r\n\t\t\t,[nif]\r\n\t\tFROM DNIfarmacias WHERE (nif = ?) and (farmacia = ?)";
// Ejecutar una consulta SQL
//////////////////////////////////////////////////////
if ($farmacia == FARMACIA_DEBUG or strlen(FARMACIA_DEBUG) == 0) {
if (DEBUG & DEBUG_QUERY) {
$mensaje = "--[" . date("c") . "] Farmacia: {$farmacia} \n";
$mensaje .= "--Query hecha en el fichero: " . __FILE__ . ", en la línea: " . __LINE__ . "\n";
error_log($mensaje . verQuery($sql, $parametros) . "\r\n", 3, DIRECTORIO_LOG . __FUNCTION__ . "_" . date("YmdH") . ".log");
}
}
$stmt = sqlsrv_query($conn, $sql, $parametros);
if ($stmt === false) {
if (($errors = sqlsrv_errors()) != null) {
$Cerror = $errors[0]["code"];
$Merror = $errors[0]["message"];
if ($farmacia == FARMACIA_DEBUG or strlen(FARMACIA_DEBUG) == 0) {
if (DEBUG & DEBUG_ERROR_SQL) {
$mensaje = "--[" . date("c") . "] Farmacia: {$farmacia} código: {$Cerror} mensaje: {$Merror} \n";
$mensaje .= "--Error en el fichero: " . __FILE__ . ", en la línea: " . __LINE__ . "\n";
error_log($mensaje . verQuery($sql, $parametros) . "\r\n", 3, DIRECTORIO_LOG . __FUNCTION__ . "_" . date("YmdH") . ".log");
}
}
throw new SoapFault("Client." . $Cerror, $Merror);
}
}
// Desplegar la información del resultado
//////////////////////////////////////////////////////
if (sqlsrv_has_rows($stmt) === false) {
$errors = array("code" => "-9001", "message" => utf8_encode("NIF ({$DNI_CERT}) [{$CN}] no está dado de alta, o no coincide en la farmacia."));
sqlsrv_free_stmt($stmt);
return $errors;
//No hay resultados
}
$fila = sqlsrv_fetch_array($stmt, SQLSRV_FETCH_ASSOC);
if ($fila === false) {
if (($errors = sqlsrv_errors()) != null) {
throw new SoapFault("Client." . $errors[0]["code"], $errors[0]["message"]);
}
}
$numero = trim($fila["farmacia"]);
sqlsrv_free_stmt($stmt);
return $numero;
}
//$LastUpDate = $date->format('m-d-Y H:i:s');
$LastUpDate = $date->format('m-d-Y h:i A');
}
?>
<div id="preReport">
<div id="spacer"> </div>
<div id="spacer"> </div>
<select name="supervisors" onchange="showTests(this.value)">
<?php
$query = "SELECT [supervisor] FROM [APACS Sandbox].[dbo].[00securitytestTEMP] group by [supervisor] order by [supervisor]";
$qresult = sqlsrv_query($db, $query, array(), array("Scrollable" => "buffered"));
if ($qresult === False) {
echo "fail";
}
if (!sqlsrv_has_rows($qresult)) {
return false;
}
while ($row = sqlsrv_fetch_array($qresult)) {
echo '<option value="' . $row['supervisor'] . '">' . $row['supervisor'] . '</option>';
}
?>
</select>
<div id="div1">Select a supervisor for latest test scores of their employees</div>
Latest test scores updated on <?php
echo $LastUpDate;
?>
.
</div>
public function getSetting($key)
{
$query = "SELECT [value] FROM " . TeraWurflConfig::$TABLE_PREFIX . 'Settings' . " WHERE [id] = " . $this->SQLPrep($key);
$this->numQueries++;
$res = sqlsrv_query($this->dbcon, $query);
if (!sqlsrv_has_rows($res)) {
return null;
}
$row = sqlsrv_fetch_array($res);
sqlsrv_free_stmt($res);
return $row['value'];
}
public function execute($bind_params = false)
{
$ret_val = false;
$arg_list = func_get_args();
$lazy = isset($arg_list[1]) && $arg_list[1] ? true : false;
//----------------------------------------------
// Prepare SQL Statement
//----------------------------------------------
$prepare_status = $this->_prepare($this->curr_query, $bind_params, $lazy);
if (!$prepare_status) {
if ($this->check_and_print_error()) {
return false;
}
$this->print_error('Query prepare failed.');
return false;
}
if (!$this->stmt) {
return false;
}
//----------------------------------------------
// Execute Query
//----------------------------------------------
$exec_status = @sqlsrv_execute($this->stmt);
if (!$exec_status) {
if ($this->check_and_print_error()) {
return false;
}
$this->print_error('Query execution failed.');
return false;
}
//----------------------------------------------
// Create Data Result Object if Necessary
//----------------------------------------------
if ($this->stmt && gettype($this->stmt) != 'boolean') {
//----------------------------------------------
// Affected Rows
//----------------------------------------------
$this->affected_rows = sqlsrv_rows_affected($this->stmt);
$ret_val = $this->affected_rows;
//----------------------------------------------
// Create Data Result Object
//----------------------------------------------
$has_rows = sqlsrv_has_rows($this->stmt);
$this->data_result = new data_result($this->stmt, $this->data_src);
//----------------------------------------------
// Last Insert ID
//----------------------------------------------
$this->last_id = null;
}
//----------------------------------------------
// Return Data Result Object if it exists
//----------------------------------------------
if ($this->data_result) {
$this->num_rows = $this->data_result->num_rows();
$this->num_fields = $this->data_result->num_fields();
$ret_val = $this->data_result;
}
//----------------------------------------------
// Check for Errors
//----------------------------------------------
if ($this->check_and_print_error()) {
return false;
}
return $ret_val;
}
// Establishing Connection with Server by passing server_name, user_id and password as a parameter
$serverName = "localhost";
$connectionInfo = array("Database" => "xxx", "UID" => "xxx", "PWD" => "xxx");
$conn = sqlsrv_connect($serverName, $connectionInfo);
if ($conn) {
echo "Connection established.<br />";
} else {
echo "Connection could not be established.<br />";
die(print_r(sqlsrv_errors(), true));
}
$sql = "SELECT MasterPatientID FROM vCrgvrPrtl_User\tWHERE vCrgvrPrtl_User.CaregiverPin = '{$pin}' AND UPPER(vCrgvrPrtl_User.FirstName) = '{$firstname}' AND UPPER(vCrgvrPrtl_User.LastName) ='{$lastname}';";
$stmt = sqlsrv_query($conn, $sql);
if ($stmt === false) {
die(print_r(sqlsrv_errors(), true));
} else {
if (sqlsrv_has_rows($stmt) != 1) {
header("location: logerror.php");
// Redirecting To Invalid pin Page
} else {
// Make the first (and in this case, only) row of the result set available for reading.
if (sqlsrv_fetch($stmt) === false) {
die(print_r(sqlsrv_errors(), true));
} else {
// Get the row fields. Field indeces start at 0 and must be retrieved in order.
// Retrieving row fields by name is not supported by sqlsrv_get_field.
$mpi = sqlsrv_get_field($stmt, 0);
$_SESSION['mpi'] = $mpi;
sqlsrv_free_stmt($stmt);
sqlsrv_close($conn);
header("location: portal.php");
// Redirecting To Other Page
<?php
require "security\\server.php";
$conn = sqlsrv_connect($serverName, $connectionInfo);
if ($conn === false) {
die(print_r(sqlsrv_errors(), true));
}
$user = '******';
$sql = "SELECT * FROM users where username = '******'";
echo "Conn: " . $conn . "<br>";
$stmt = sqlsrv_query($conn, $sql);
$record = sqlsrv_has_rows($stmt);
echo $record . "<br>";
if ($record) {
echo "Exist<br>";
//ie( print_r( sqlsrv_errors(), true) );
} else {
echo "Die";
}
while ($row = sqlsrv_fetch_array($stmt, SQLSRV_FETCH_ASSOC)) {
echo $row['name'] . ", " . $row['username'] . "<br />";
}
sqlsrv_free_stmt($stmt);
/**
* displays the founder pulldown
*
* @param unknown_type $ID
* @param unknown_type $selectedVal
* @param unknown_type $isBootstrap
*/
function displayFounderPulldown($ID, $selectedVal, $isBootstrap = false, $tooltip = null)
{
// include the data access class
include_once "DAO.php";
try {
// create a new data access object
$db = new DAO();
$sql = "EXEC dbo.GetCompanyLookUp @likeClause=" . $like . "'";
// set the select statement
$db->setSQL($sql);
// execute the SQL
if ($db->execute()) {
// did we get some rows
if (sqlsrv_has_rows($db->getResultSet())) {
if ($isBootstrap) {
// start the pulldown control
echo '<select name="' . $ID . '" id="' . $ID . '" class="form-control" data-toggle="tooltip" data-placement="bottom"' . ' title="' . $tooltip . '"><option value="-1">Select a value...</option>';
// output the table rows
while ($row = sqlsrv_fetch_array($db->getResultSet(), SQLSRV_FETCH_ASSOC)) {
echo '<option value = "' . $row['CompanyID'] . '" ' . IsSelected($row['CompanyID'], $selectedVal) . '>' . $row['CompanyName'] . '</option>';
}
// finish off the control
echo "</select>";
} else {
// start the pulldown control
echo '<select name="' . $ID . '" id="' . $ID . '"><option value="-1">Select a value...</option>';
// output the table rows
while ($row = sqlsrv_fetch_array($db->getResultSet(), SQLSRV_FETCH_ASSOC)) {
echo '<option value = "' . $row['CompanyID'] . '" ' . IsSelected($row['CompanyID'], $selectedVal) . '>' . $row['CompanyName'] . '</option>';
}
// finish off the control
echo "</select>";
}
} else {
echo '<div class="err">No data found.</div>';
}
}
} catch (Exception $e) {
echo $e->getMessage(), "\n";
}
}
function listTestDates($logon, $db, $level, $ManagerId)
{
$isManager = 0;
$empsSupervised = 0;
$x = 0;
//$leftMargin=$level * 25;
$row_count = 0;
$query = "SELECT * FROM [APACS Sandbox].[dbo].[00securitytestTEMP] where suplogon = '" . $logon . "'";
//echo $query;
$qresult = sqlsrv_query($db, $query, array(), array("Scrollable" => "buffered"));
if ($qresult === False) {
$db->exitWithError('query fail');
}
if (!sqlsrv_has_rows($qresult)) {
// no rows not a manager maybe manger livel -1 ????
//echo "supervises no one incementer = " . $x;
//$isManager=0;
} else {
//$isManager=1;
// supervisor add a level
$level++;
$row_count = sqlsrv_num_rows($qresult);
}
while ($row = sqlsrv_fetch_array($qresult)) {
$date = $row['testdate'];
$formattedDate = $date->format('m-d-Y');
$x++;
//echo "incrementer =" . $x;
if ($x == 1) {
//$Managers[$row['suplogon']] = $row['supervisor'] ;
//echo "Supervises ". $row_count . " people";
}
//$x++;
//Check if this employee is a supervior
$mquery = "SELECT * FROM [APACS Sandbox].[dbo].[00securitytestTEMP] where suplogon = '" . $row['logon'] . "'";
// echo $query;
$mqresult = sqlsrv_query($db, $mquery, array(), array("Scrollable" => "buffered"));
if ($mqresult === False) {
$db->exitWithError('query fail');
}
if (!sqlsrv_has_rows($mqresult)) {
// no rows not a manager maybe manger livel -1 ????
?>
<li class="dataline"><?php
echo $row['name'];
?>
<?php
echo $row['email'];
?>
<span style=" position:absolute; left:500px;"> Test Date:<?php
echo $formattedDate;
?>
<?php
echo $row['attempts'];
?>
attempts</span>
</li>
<?php
} else {
$ManagerId++;
?>
<li class="dataline">
<input type="checkbox" unchecked id="Manager<?php
echo $ManagerId;
?>
" /> <label for="Manager<?php
echo $ManagerId;
?>
"><?php
echo $row['name'];
?>
<?php
echo $row['email'];
?>
<span style=" position:absolute; left:500px;"> Test Date:<?php
echo $formattedDate;
?>
<?php
echo $row['attempts'];
?>
attempts</span></label>
<ul>
<?php
list($level, $ManagerId) = listTestDates($row['logon'], $db, $level, $ManagerId);
}
//echo " employee listed increnter =" . $x ;
//echo "rowcount = " .$row_count;
//echo "Employee level is " .$level;
if ($row_count == $x) {
//last of level down
$level--;
echo "<li> </li>\t </ul></li>";
}
// echo $row['name'] . "is Manager" . $isManager;
}
//return $level;
return array($level, $ManagerId);
}
<?php
include_once "BaseClasses/BaseDB.class.php";
include_once "BaseClasses/Database.class.php";
$warID = $_REQUEST['selectedWarID'];
$db = new BaseDB();
$sql = "\n SELECT TheirRank, MAX(StarsTaken) AS StarsTaken\n FROM dbo.View_StarsTaken\n GROUP BY TheirRank, OurAttack, WarID\n HAVING (OurAttack = 1) AND (WarID = {$warID})\n ";
$records = $db->dbQuery($sql);
$data = array();
$i = 0;
if (!sqlsrv_has_rows($records)) {
$data['starsWon'][0] = array('TheirRank' => 0, 'StarsTaken' => 0);
} else {
while ($record = sqlsrv_fetch_array($records, SQLSRV_FETCH_BOTH)) {
$data['starsWon'][$i] = array('TheirRank' => $record['TheirRank'], 'StarsTaken' => $record['StarsTaken']);
$i++;
}
}
$db->Free($records);
$db->close();
echo json_encode($data);
/**
* Get related resource for a resource
*
* @param ResourceSet $sourceResourceSet The source resource set
* @param mixed $sourceEntityInstance The source resource
* @param ResourceSet $targetResourceSet The resource set of
* the navigation property
* @param ResourceProperty $targetProperty The navigation property to be
* retrieved
*
* @return Object/null The related resource if exists else null
*/
public function getRelatedResourceReference(ResourceSet $sourceResourceSet, $sourceEntityInstance, ResourceSet $targetResourceSet, ResourceProperty $targetProperty)
{
$result = null;
$srcClass = get_class($sourceEntityInstance);
$navigationPropName = $targetProperty->getName();
if ($srcClass === 'Order') {
if ($navigationPropName === 'Customer') {
if (empty($sourceEntityInstance->CustomerID)) {
$result = null;
} else {
$query = "SELECT * FROM Customers WHERE CustomerID = '{$sourceEntityInstance->CustomerID}'";
$stmt = sqlsrv_query($this->_connectionHandle, $query);
if ($stmt === false) {
$errorAsString = self::_getSQLSRVError();
ODataException::createInternalServerError($errorAsString);
}
if (!sqlsrv_has_rows($stmt)) {
$result = null;
}
$result = $this->_serializeCustomer(sqlsrv_fetch_array($stmt, SQLSRV_FETCH_ASSOC));
}
} else {
ODataException::createInternalServerError('Customer does not have navigation porperty with name: ' . $navigationPropName . ' Contact Service Provider');
}
} else {
if ($srcClass === 'Order_Details') {
if ($navigationPropName === 'Order') {
if (empty($sourceEntityInstance->OrderID)) {
$result = null;
} else {
$query = "SELECT * FROM Orders WHERE OrderID = {$sourceEntityInstance->OrderID}";
$stmt = sqlsrv_query($this->_connectionHandle, $query);
if ($stmt === false) {
$errorAsString = self::_getSQLSRVError();
ODataException::createInternalServerError($errorAsString);
}
if (!sqlsrv_has_rows($stmt)) {
$result = null;
}
$result = $this->_serializeOrder(sqlsrv_fetch_array($stmt, SQLSRV_FETCH_ASSOC));
}
} else {
ODataException::createInternalServerError('Order_Details does not have navigation porperty with name: ' . $navigationPropName . ' Contact Service Provider');
}
}
}
return $result;
}
}
if (array_key_exists('eventdate', $_POST)) {
$eventDate = $_POST['eventdate'];
$Query .= " AND DATE = '{$eventDate}'";
}
if (array_key_exists('eventcategory', $_POST)) {
$eventCategory = $_POST['eventcategory'];
$Query .= " AND EVENT_CATEGORY = '{$eventCategory}'";
}
if (array_key_exists('eventrso', $_POST)) {
$eventRSO = $_POST['eventrso'];
$Query .= " AND RSO_AFFILIATION = '{$eventRSO}'";
}
$Result_Array = array();
$Result = sqlsrv_query($db, $Query);
if (!sqlsrv_has_rows($Result)) {
echo false;
return;
}
while ($row = sqlsrv_fetch_array($Result, SQLSRV_FETCH_ASSOC)) {
$Result_Array[] = $row;
}
$html = '<tr>';
//header row
foreach ($Result_Array[0] as $key => $value) {
$html .= '<th>' . $key . '</th>';
}
$html .= '</tr>';
foreach ($Result_Array as $row) {
$html .= "<tr>";
foreach ($row as $key => $value) {
<?php
require_once "Includes/header.php";
if (!logged_on() || !ENV_logged_on()) {
header("Location: /index.php");
}
if (isset($_POST['ENV_Update'])) {
$mid = $_SESSION['MID'];
$query = "SELECT * FROM riot4.ENV_settings WHERE id = ? ORDER BY PrimKey DESC";
$params = array($mid);
$statement_user = sqlsrv_query($conn, $query, $params);
if (sqlsrv_has_rows($statement_user)) {
while ($row = sqlsrv_fetch_array($statement_user)) {
$d = $row['PrimKey'];
$d1 = $row['PrimKey'] . $row['PrimKey'];
$val = $_POST[$d];
$lock = isset($_POST[$d1]);
$l = 0;
if ($lock) {
$l = 1;
}
$query_update = "UPDATE riot4.ENV_settings SET Value = ?,LOCK = ? WHERE PrimKey = ?";
$params = array($val, $l, $row['PrimKey']);
$statement_update = sqlsrv_query($conn, $query_update, $params);
}
}
}
echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"/Styles/Settings.css\">";
global $conn;
$mid = $_SESSION['MID'];
/**/
$huidigeDag = date("d:m:Y");
$huidigeTijd = date("G:i:s");
$bodNietHoogGenoeg = false;
if ($c->getTimeRemaining() == '0 dagen 0:0:0' && $uitvoer['VeilingGesloten'] == 'Nee') {
$sql99 = "update Voorwerp set VeilingGesloten='Ja' where Voorwerpnummer = " . $uitvoer['Voorwerpnummer'] . "";
$stmt99 = sqlsrv_query($conn, $sql99);
$uitvoer99 = sqlsrv_fetch_array($stmt, SQLSRV_FETCH_ASSOC);
$sql2 = 'select Gebruikersnaam, Voornaam, Achternaam, Mailbox
from Gebruiker
where Gebruikersnaam=(select top 1 B.Gebruiker
from Voorwerp V INNER JOIN Bod B
ON V.Voorwerpnummer=B.Voorwerp
' . $where . '
ORDER BY B.Bodbedrag DESC)';
$stmt2 = sqlsrv_query($conn, $sql2);
$rows = sqlsrv_has_rows($stmt2);
if ($rows == true) {
$row = sqlsrv_fetch_array($stmt2, SQLSRV_FETCH_ASSOC);
$email = $row['Mailbox'];
$msg = "Gefeliciteerd! U heeft de veiling met de naam: " . rtrim($uitvoer['Titel']) . " gewonnen! \n Wanneer u uw product ontvangen hebt kunt u feedback achterlaten op de verkoper met deze link: iproject12.icasites.nl/feedbackAchterlaten.php?voorwerp=" . $nummer . "&gebruiker=" . $uitvoer['Verkoper'] . "\n Bewaar deze email goed.";
mail($email, "Gewonnen veiling", $msg);
}
if ($rows == false) {
$sql2 = "select Mailbox\n\t\t\t\t\t\tfrom Gebruiker\n\t\t\t\t\t\twhere Gebruikersnaam='" . $uitvoer['Verkoper'] . "'";
$stmt2 = sqlsrv_query($conn, $sql2);
$row = sqlsrv_fetch_array($stmt2, SQLSRV_FETCH_ASSOC);
$email = $row['Mailbox'];
$msg = "Helaas! uw veiling met de naam: " . rtrim($uitvoer['Titel']) . " heeft geen biedingen gekregen. \n Uw veiling is gesloten.";
mail($email, "Uw veiling is gesloten", $msg);
}
}
/**
* gets the participant variants from NCGENES
*
* @param string $DonorCode
*/
function doGetParticipantVariants($DonorCode)
{
// include the data access class
include_once "DAO.php";
// create a new data access object
$db = new DAO();
// set the request params
$AnalysisType = 2;
// the type of analysis results (Dx=2 vs. incidental=1)
$roleID = 22;
// the role of the user (22 is admin/everything)
$type = 1;
// the type of results (parent rows=1 vs transcript rows=2)
$geneID = 'No filter';
// filter on a specific gene in the results
$FilterID = -1;
// the type of specific bin analysis result (specific Dx code vs. specific incidental code)
// create the SQL
$sql = "EXEC dbo.GetAnalysisResults @DONOR_CODE = '" . $DonorCode . "', @AnalysisType=" . $AnalysisType . ", @Role=" . $roleID . ", @type=" . $type . ", @geneID='" . $geneID . "', @FilterID=" . $FilterID;
// assign the SQL
$db->setSQL($sql);
// preset the return value
$retVal = NULL;
// execute the SQL
if ($db->execute()) {
// did we get some rows
if (sqlsrv_has_rows($db->getResultSet())) {
// init a counter
$i = 0;
// output the table rows
while ($row = sqlsrv_fetch_array($db->getResultSet(), SQLSRV_FETCH_ASSOC)) {
// add the row to the output array
$data[$i] = $row;
// next row
$i++;
}
// return the data JSON formatted
$retVal = '{"data":' . json_encode($data) . '}';
} else {
$retVal = '{"error": "doGetParticipantVariants() - No data"}';
}
} else {
$retVal = '{"error": "doGetParticipantVariants() - Error getting data"}';
}
//error_log(print_r($data, true));
// return the data to the caller
echo $retVal;
// terminate the data stream
die;
}