public function userAlreadyVote($user) { if (is_object($user) && isset($user->id)) { $userId = $user->id; } else { if (is_numeric($user)) { $userId = $user; } else { return null; } } if (Database::getOne('votes', array('possibility' => $this->id, 'user' => $userId))) { return true; } else { return false; } }
function __construct($datas = array()) { if (!$this->tableName || !$this->databaseFields) { return; } if (is_array($datas) && count($datas) > 0) { foreach ($datas as $fieldName => $fieldValue) { if (isset($this->fieldsToConvertIntoObject[$fieldName])) { $tableName = $this->fieldsToConvertIntoObject[$fieldName]; $this->{$fieldName} = Database::getOne($tableName, array('id' => $fieldValue)); } else { $this->{$fieldName} = $fieldValue; } } } if (isset($this->id) && is_numeric($this->id)) { $this->saved = true; } }
<?php function __autoload($className) { include 'classes/' . $className . '.php'; } session_start(); $loggedUser = null; if (isset($_SESSION['userId']) && is_numeric($_SESSION['userId'])) { $loggedUser = Database::getOne('users', array('id' => $_SESSION['userId'])); } Database::visit($loggedUser); ?> <html> <head> <title>GTA Demago</title> <link href="http://fonts.googleapis.com/icon?family=Material+Icons" rel="stylesheet"> <link rel="stylesheet" type="text/css" href="ressources/css/materialize.min.css"> <link rel="stylesheet" type="text/css" href="ressources/css/main.css"> <meta charset="utf-8"> <meta name="viewport" content="width=device-width, initial-scale=1.0"/> </head> <body> <header class="grey center-align"> <!--<img height="200" src="./ressources/images/gta_demago.png" alt="Logo GTA Demago"/>--> </header> <nav class="grey center-align">
try { // Генерируем проверочный код $sms_code = rand(1000, 9999); // Формируем сообщение $sms = array('sender' => 'SYNERGY'); $sms['mes'] = $site_name . ': Ваш проверочный код: ' . $sms_code; if (isset($rest->data['phone'])) { $sms['phones'] = preg_replace('/[ \\-_\\(\\)]/i', '', $rest->data['phone']); } else { throw new Exception('No phone field value', 400); } // print_r($sms); // Подключение к БД $db = new Database($pdoconfig); // Ищем телефон $found = $db->getOne('modx_sms_validator', $sms['phones'], 'phone', 'id,user_id,status,phone,code_sent'); if (!empty($found)) { if ($state['status'] == 'checked') { throw new Exception('checked', 200); } // Повторный запрос, модифицируем строку в БД $state = $found; $state['code_sent'] = $state['code_sent'] . ',' . $sms_code; $check_arr = explode(',', $state['code_sent']); if (count($check_arr) > MAX_STORE_CODES) { unset($check_arr[0]); $state['code_sent'] = implode(',', $check_arr); } $state['status'] = 'ready'; $db->updateOne('modx_sms_validator', $found['id'], $state); } else {
<?php /** * Created by PhpStorm. * User: DiD * Date: 30/09/2015 * Time: 13:49 */ if (isset($_GET['update-idea']) && is_numeric($_GET['update-idea'])) { $idea = Database::getOne('ideas', array('id' => $_GET['update-idea'])); } else { $idea = new Idea(); } if ($idea) { ?> <form action="./operations/idea.php" method="post"> <div class="row"> <div class="col l6 m5 s12"> <div class="card grey lighten-3"> <div class="card-content"> <div class="card-title grey-text text-darken-4">Idée</div> <div class="input-field"> <label for="name">Nom :</label> <input type="text" id="name" name="name" value="<?php echo $idea->name; ?> "/> </div>
<?php /** * Created by PhpStorm. * User: DiD * Date: 30/09/2015 * Time: 14:50 */ include 'common.php'; if (isset($_GET['possibility-id']) && is_numeric($_GET['possibility-id']) && $loggedUser) { $possibility = Database::getOne('possibilities', array('id' => $_GET['possibility-id'])); $idea = Database::getOne('ideas', array('id' => $possibility->idea)); $idea->removeVote($loggedUser); if ($possibility) { $vote = new Vote(); $vote->possibility = $possibility->id; $vote->user = $loggedUser->id; $vote->save(); header('location:../?message=added-vote'); } else { header('location:../?error=unknown-possibility'); } } else { header('location:../'); }
$error_page_id = $modx->getOption('error_page'); $alias = $modx->context->getOption('request_param_alias', 'q'); if (!isset($_REQUEST[$alias])) { return false; } $request = $_REQUEST[$alias]; $tmp = explode('/', $request); $count = count($tmp) - 1; $stuff = $tmp[$count]; $tmp = explode("_", $stuff, 2); $stuff_code_1c = $tmp[0]; $stuff_code_1c = preg_replace('/[^\\d]/', '', $stuff_code_1c); include_once MODX_BASE_PATH . "/api/core/config/pdo.private.config.php"; include_once MODX_BASE_PATH . "/api/core/class/database/database.class.php"; $db = new Database($pdoconfig); $item = $db->getOne('modx_items', $stuff_code_1c, 'code_1c'); if (empty($item)) { return false; } if (!empty($item) && $REDIRECT_URL != '/' . $item['uri']) { $modx->sendRedirect($item['uri'], array('responseCode' => 'HTTP/1.1 301 Moved Permanently')); } $result = array(); $result[0] = $item; $brend = $result[0]['brend']; $brend = str_replace('"', '', $brend); $st_page = $modx->getObject('modResource', array("pagetitle:LIKE" => $brend, "parent" => "2")); $sql_brand = "SELECT uri FROM modx_site_content WHERE pagetitle='" . $result[0]['brend'] . "' AND parent = 2"; $result_brand = getQuery($sql_brand, $path); //var_dump($result_brand); if ($result_brand[0]['uri']) {
if ($user) { header('location:../?error=username-exists'); } else { if ($_POST['password'] == $_POST['password_confirmation']) { $user = new User(); $user->username = $_POST['username']; $user->password = md5($_POST['password']); $user->save(); $_SESSION['userId'] = $user->id; header('location:../'); } else { header('location:../?error=inccorect-confirmation'); } } } else { $user = Database::getOne('users', array('username' => $_POST['username'], 'password' => md5($_POST['password']))); if ($user) { $_SESSION['userId'] = $user->id; header('location:../?message=logged'); } else { unset($_SESSION['userId']); header('location:../?error=unknown-user'); } } } else { if (isset($_POST['username'], $_POST['password'], $_POST['password_confirmation'])) { unset($_SESSION['userId']); header('location:../?message=disconnected'); } else { if (isset($_POST['disconnect'])) { unset($_SESSION['userId']);
// Приём и санитизация ID $id = 0; if (isset($_REQUEST['id'])) { $id = preg_replace('/[^0-9]/', '', $_REQUEST['id']); } if (isset($_REQUEST['InvId'])) { $id = preg_replace('/[^0-9]/', '', $_REQUEST['InvId']); } if (!$id) { die('ID not exists!'); } // Чтение инфо о Заказе из БД require_once API_ROOT_PATH . '/core/class/database/database.class.php'; require_once API_ROOT_PATH . '/core/config/pdo.config.php'; $db = new Database($pdoconfig_lander); $order = $db->getOne('payments', $id); //print_r($order); // Проверка if ($order['SignatureValue'] == $_POST['SignatureValue']) { $log_array['status'] = 'Successful'; } // Запись в файл $log_array['attempt'] = $order['attempts'] + 1; $log_array['Requested ID'] = $id; $json = json_encode($log_array); $curtime = time() - 3600; $data = date("Y-m-d H:i:s", $curtime); $content = $data . ' incoming POST:' . $json . " REMOTE_ADDR:" . $_SERVER['REMOTE_ADDR'] . "\n"; file_put_contents('log.txt', $content, FILE_APPEND); // Обновление информации в БД $status = 'Неизвестный статус';
foreach ($possibilities as $possibility) { if (isset($_POST['possibility_' . $possibility->id]) && isset($_POST['possibility_code_' . $possibility->id]) && !empty($_POST['possibility_' . $possibility->id])) { $possibility->name = htmlspecialchars($_POST['possibility_' . $possibility->id]); $possibility->code = htmlspecialchars($_POST['possibility_code_' . $possibility->id]); $possibility->save(); } else { $possibility->delete(); } } foreach ($_POST['possibility_new'] as $index => $possibilityName) { if (!empty($possibilityName)) { $possibility = new Possibility(); $possibility->idea = $idea->id; $possibility->name = htmlspecialchars($possibilityName); $possibility->code = htmlspecialchars($_POST['possibility_code_new'][$index]); $possibility->save(); } } } header('location:../?message=added-idea'); } else { if (isset($_POST['idea-id'], $_POST['delete']) && is_numeric($_POST['idea-id'])) { $idea = Database::getOne('ideas', array('id' => $_POST['idea-id'])); if ($idea) { $idea->delete(); } header('location:../?message=deleted-idea'); } else { header('location:../?error=bad-parameters'); } }