public function getMainNavigation() { $d = new Database(); $d->open('hacker_blog'); $sql = "SELECT * FROM navigation "; if ($this->type == 'private') { $sql .= " WHERE public = 0 "; } else { $sql .= " WHERE private = 1 "; } $s = $d->q($sql); if ($s && $d->numrows() >= 1) { $arr = array(); while ($r = $d->mfa()) { //print_r($r); array_push($arr, $r); } $this->messages = array("success" => "Found Navigation"); $this->current = $arr; return $arr; $d->close(); } else { $this->messages = array("error" => "Could not Find Navigation"); $d->close(); return false; } }
protected function cleanAndPost() { for ($n = 0; $n < count($this->message_information); $n++) { //clean left and white white space, escape the string for the Database $this->message_information[$n] = Sanitize::prepForDatabase(Sanitize::clearWhiteSpaceLR($this->message_information[$n])); } $d = new Database(); $d->open('hacker_blog'); //check for duplicates $chx = $d->q("SELECT * FROM user_messages WHERE user_messages.message = '{$this->message_information[2]}'"); if ($chx && $d->numrows() <= 0) { // id in the messages field is for the user's uid or user_id, depending on how you are moving forward with your code $s = $d->q("INSERT into user_messages\n\t\t\t\t \t\t(user_message_id,first_name,last_name,id,message,type,added_on) VALUES\n\t\t\t\t\t\t(NULL,'{$this->message_information[0]}','{$this->message_information[1]}',NULL,'{$this->message_information[2]}','{$this->type}',now())"); if ($s) { //echo 'made it through gauntlet. Added info into Database.'; $this->passed = true; } else { $this->passed = false; } } else { //echo 'You have already made a comment like this.'; $this->passed = false; } $d->close(); //print_r($this->message_information); }
function extendAuthentication($ticket) { $db = new Database('tazapi'); $db->open(); $dateTime = new DateTime('+1 hour', new DateTimeZone('Europe/Vilnius')); $expires = $dateTime->format('Y-m-d H:i:s'); $sql = "UPDATE tickets SET expires='" . $expires . "' WHERE ticket = '" . $ticket . "';"; $db->conn()->query($sql); $db->close(); }
public function getPage($id = null) { if (is_int($id)) { $this->page_id = $id; } $d = new Database(); $d->open('hacker_blog'); $s = $d->q("SELECT * FROM pages WHERE id = '{$this->page_id}'"); if ($s && $d->numrows() >= 1) { return $d->mfa(); $d->close(); } else { return false; } }
function getCategories() { @($user = $_SESSION[SESSION_USER_ID]); @($foreignLng = $_SESSION[SESSION_FOREIGN_LANG]); $db = new Database(); $db->open(); // TODO validation $arrCategory = array(); $sql = sprintf("SELECT cat.id, cat.name FROM `%s` cat INNER JOIN `%s` us_cat ON cat.id = us_cat.category WHERE us_cat.user = %d AND us_cat.foreign_language = %d ORDER BY category_order", CATEGORIES, USERS_CATEGORIES_LANGUAGES, $user, $foreignLng); $queryCategories = mysql_query($sql) or die(mysql_error()); while ($row = mysql_fetch_row($queryCategories)) { $arrCategory[$row[0]] = $row[1]; } $db->close(); return $arrCategory; }
public function getMainNavigation() { $d = new Database(); $d->open('hacker_blog'); $s = $d->q("SELECT * FROM navigation"); if ($s) { $r = $d->mfa(); $this->messages = array("success" => "Found Navigation"); $d->close(); return $r; } else { $this->messages = array("error" => "Could not Find Navigation"); $d->close(); return false; } }
function login($user, $pass) { $db = new Database(); $id = null; $foreign = null; $db->open(); $sql = sprintf("SELECT us.id FROM `%s` as us WHERE us.user = '******' AND us.password = '******'", USERS, $user, $pass); $query = mysql_query($sql) or die(mysql_error() . "<br>SQL: {$sql}"); if ($row = mysql_fetch_row($query)) { $id = $row[0]; $sql = sprintf("SELECT us_lan.foreign_language FROM `%s` as us_lan WHERE us_lan.user = '******'", USERS_CATEGORIES_LANGUAGES, $id); $query = mysql_query($sql) or die(mysql_error() . "<br>SQL: {$sql}"); $row = mysql_fetch_row($query); $foreign = $row[0]; } $db->close(); return array($id, $foreign); }
public function createBlogPost($title = null, $body = null) { $this->title = (string) $title; $this->body = (string) $body; //$this->title = Sanitize::sanitize_string($this->title); //$this->body = Sanitize::sanitize_string($this->body); // add database method to push into Database // mysql_real_escape_string (php.net for use examples) $d = new Database(); $d->open('hacker_blog'); //$d = new Database(); //$d->setDB('hacker_blog'); $s = $d->q("INSERT INTO blog_entries (blog_id,user_id,blog_title,blog_created_at,blog_updated_at,blog_body) VALUES (NULL,1,'{$this->title}',now(),now(),'{$this->body}');"); $d->close(); if ($s) { return true; } else { return false; } }
public function readBlogPost($start = 0, $end = 5, $post_id = null, $order = null) { $d = new Database(); $d->open('hacker_blog'); $sql = "SELECT * FROM blog_entries "; if (is_int($post_id)) { $sql .= " WHERE blog_id = '{$post_id}' "; } if (is_string($order)) { $sql .= " ORDER BY {$order} "; } $sql .= " LIMIT {$start}, {$end}"; // $s = $d->q($sql); if ($s && $d->numrows() >= 1) { $posts = array(); while ($r = $d->mfa()) { array_push($posts, $r); } return $posts; } else { return false; } }
function addItem($nameItem, $translationItem, $categoryItem) { @($user = $_SESSION[SESSION_USER_ID]); @($foreignLng = $_SESSION[SESSION_FOREIGN_LANG]); $nameItem = htmlentities($nameItem); $translationItem = htmlentities($translationItem); if ($nameItem && $translationItem && $categoryItem) { $db = new Database(); $db->open(); // TODO validation $sql = sprintf("INSERT INTO `%s` (`item`, `translation`, `category`) VALUES ('%s', '%s', %d)", LANGUAGE_ITEMS, $nameItem, $translationItem, $categoryItem); $queryInsert = mysql_query($sql) or die(mysql_error()); $ok = $queryInsert && mysql_affected_rows() == 1; $db->close(); } else { $ok = false; } return $ok; }
<?php require_once '../blog/includes/session.php'; require_once '../blog/classes/clsDatabase.php'; require_once '../blog/classes/clsSanitize.php'; if ($_POST['login']) { //print_r($_POST); // sanitize $login = Sanitize::clearWhiteSpaceLR($_POST['login']); //$password = Sanitize::clearWhiteSpaceLR($_POST['password']); $password = strtolower(Sanitize::clearWhiteSpaceLR($_POST['password'])); //echo $login.' '.$password; // test if in Database as well $d = new Database(); $d->open('hacker_blog'); $s = $d->q("SELECT * FROM user WHERE user.username = '******' AND user.password = sha1('{$password}') LIMIT 0,1"); if ($s && $d->numrows() > 0) { //mysql fetch assoc $info = $d->mfa(); //print_r($info); //$info = associative array $_SESSION['loggedin'] = true; // concat first and last name $name = $info['user_first_name'] . ' ' . $info['user_last_name']; //echo "NAME: $name"; $_SESSION['loggedin'] = true; $_SESSION['user_full_name'] = $name; $_SESSION['user_quick_name'] = $info['user_first_name']; $_SESSION['user_id'] = $info['id']; //echo '<a href="/week_eight/secret_loggedin_area.php">Manual Override</a>'; header("Location: /week_eight/secret_loggedin_area.php");
function error_handler($errorno, $string, $file, $line) { if ($errorno != 2048 && $errorno != 8) { // E_STRICT & E_NOTICE && $errorno != 8 return compile_error($string, $file, $line); } } set_error_handler("error_handler"); /** * Get all of the settings into one big array */ /* Get the configuration options */ global $_CONFIG; /* Get the database Object and set it to a global */ error::reset(); $_DBA =& Database::open($_CONFIG['dba']); if (error::grab()) { return critical_error(); } $GLOBALS['_DBA'] =& $_DBA; /* $query = ""; foreach(explode("\r\n", $query) as $q) if($q != '') $_DBA->executeUpdate($q); exit; */ /** * Create some cache files to reduce queries, but only if it needs to be re/created */
while (list($key, $val) = each($process)) { foreach ($val as $k => $v) { unset($process[$key][$k]); if (is_array($v)) { $process[$key][stripslashes($k)] = $v; $process[] =& $process[$key][stripslashes($k)]; } else { $process[$key][stripslashes($k)] = stripslashes($v); } } } unset($process); } // processing page Session::start(); Database::open(); // define current module $modules_codes_list = array_keys($g_modules); $g_current_module = $modules_codes_list[0]; if (isset($_GET['module']) && in_array($_GET['module'], $modules_codes_list)) { $g_current_module = $_GET['module']; } // define current action $g_actions = $g_modules[$g_current_module]['actions']; $actions_codes_list = array_keys($g_actions); $g_current_action = $actions_codes_list[0]; if (isset($_GET['action']) && in_array($_GET['action'], $actions_codes_list)) { $g_current_action = $_GET['action']; } $g_method = $_SERVER['REQUEST_METHOD']; if ($g_method == 'GET') {
return $app->abort(404); } }); $app->post('/eventos/{id}', function ($id, Request $request) use($app) { $evento = json_decode($request->getContent()); $db = Database::open(); if ($evento->id == 0) { $r = $db->executeUpdate('INSERT INTO eventos(nome, estado, cidade) VALUES(?, ?, ?)', array($evento->nome, $evento->estado, $evento->cidade)); $evento->id = $db->lastInsertId(); } else { $r = $db->executeUpdate('UPDATE eventos SET nome = ?, estado = ?, cidade = ? WHERE id = ?', array($evento->nome, $evento->estado, $evento->cidade, $evento->id)); } return $app->json(array('data' => $evento)); }); $app->delete('/eventos/{id}', function ($id) use($app) { $db = Database::open(); $r = $db->executeUpdate('DELETE FROM eventos WHERE id = ?', array($id)); return $app->json(array('data' => $r)); }); $app->post('/login', function (Request $request) use($app) { $vars = json_decode($request->getContent(), true); try { if (empty($vars['_username']) || empty($vars['_password'])) { throw new UsernameNotFoundException(sprintf('Username "%s" does not exist.', $vars['_username'])); } /** * @var $user User */ $user = $app['users']->loadUserByUsername($vars['_username']); if (!$app['security.encoder.digest']->isPasswordValid($user->getPassword(), $vars['_password'], '')) { throw new UsernameNotFoundException(sprintf('Username "%s" does not exist.', $vars['_username']));
<?php // here is a helpful controller file // we can use this to help us create a much better experience for ourselves! $basic = "Hero"; $data = new Database(); $data->open('phpclass'); $user_data = $data->q("SELECT * FROM users"); //Resource ID $resource = $data->getResource(); $r = $data->mfa($user_data); $data->close(); // used to call a function and get a result, yeah. //print_r($r);
function CallHook($hookname, $params) { global $use_mediawikiplugin, $G_SESSION, $HTML; if (isset($params['group_id'])) { $group_id = $params['group_id']; } elseif (isset($params['group'])) { $group_id = $params['group']; } else { $group_id = null; } if ($hookname == "outermenu") { $params['TITLES'][] = 'MediaWiki'; $params['DIRS'][] = '/mediawiki'; } elseif ($hookname == "usermenu") { $text = $this->text; // this is what shows in the tab if ($G_SESSION->usesPlugin("mediawiki")) { echo ' | ' . $HTML->PrintSubMenu(array($text), array('/mediawiki/index.php?title=User:'******'TITLES'][] = $this->text; $params['DIRS'][] = '/plugins/mediawiki/index.php?group_id=' . $project->getID(); } $params['toptab'] == $this->name ? $params['selected'] = count($params['TITLES']) - 1 : ''; } elseif ($hookname == "groupisactivecheckbox") { //Check if the group is active // this code creates the checkbox in the project edit public info page to activate/deactivate the plugin $group =& group_get_object($group_id); echo "<tr>"; echo "<td>"; echo ' <input type="CHECKBOX" name="use_mediawikiplugin" value="1" '; // CHECKED OR UNCHECKED? if ($group->usesPlugin($this->name)) { echo "CHECKED"; } echo "><br/>"; echo "</td>"; echo "<td>"; echo "<strong>Use " . $this->text . " Plugin</strong>"; echo "</td>"; echo "</tr>"; } elseif ($hookname == "groupisactivecheckboxpost") { // this code actually activates/deactivates the plugin after the form was submitted in the project edit public info page $group =& group_get_object($group_id); $use_mediawikiplugin = getStringFromRequest('use_mediawikiplugin'); if ($use_mediawikiplugin == 1) { $group->setPluginUse($this->name); } else { $group->setPluginUse($this->name, false); } } elseif ($hookname == "userisactivecheckbox") { //check if user is active // this code creates the checkbox in the user account manteinance page to activate/deactivate the plugin $user = $params['user']; echo "<tr>"; echo "<td>"; echo ' <input type="CHECKBOX" name="use_mediawikiplugin" value="1" '; // CHECKED OR UNCHECKED? if ($user->usesPlugin($this->name)) { echo "CHECKED"; } echo "> Use " . $this->text . " Plugin"; echo "</td>"; echo "</tr>"; } elseif ($hookname == "userisactivecheckboxpost") { // this code actually activates/deactivates the plugin after the form was submitted in the user account manteinance page $user = $params['user']; $use_mediawikiplugin = getStringFromRequest('use_mediawikiplugin'); if ($use_mediawikiplugin == 1) { $user->setPluginUse($this->name); } else { $user->setPluginUse($this->name, false); } echo "<tr>"; echo "<td>"; echo ' <input type="CHECKBOX" name="use_mediawikiplugin" value="1" '; // CHECKED OR UNCHECKED? if ($user->usesPlugin($this->name)) { echo "CHECKED"; } echo "> Use " . $this->text . " Plugin"; echo "</td>"; echo "</tr>"; } elseif ($hookname == "user_personal_links") { // this displays the link in the user's profile page to it's personal MediaWiki (if you want other sto access it, youll have to change the permissions in the index.php $userid = $params['user_id']; $user = user_get_object($userid); $text = $params['text']; //check if the user has the plugin activated if ($user->usesPlugin($this->name)) { echo ' <p>'; echo util_make_link("/plugins/helloworld/index.php?id={$userid}&type=user&pluginname=" . $this->name, _('View Personal MediaWiki')); echo '</p>'; } } elseif ($hookname == "project_admin_plugins") { // this displays the link in the project admin options page to it's MediaWiki administration $group_id = $params['group_id']; $group =& group_get_object($group_id); if ($group->usesPlugin($this->name)) { echo util_make_link("/plugins/projects_hierarchy/index.php?id=" . $group->getID() . '&type=admin&pluginname=' . $this->name, _('View the MediaWiki Administration')); echo '</p>'; } } elseif ($hookname == "session_before_login") { $loginname = $params['loginname']; $passwd = $params['passwd']; if (!session_login_valid_dbonly($loginname, $passwd, false)) { return; } $u = user_get_object_by_name($loginname); define('MEDIAWIKI', true); if (is_file('/var/lib/mediawiki/LocalSettings.php')) { require_once '/var/lib/mediawiki/LocalSettings.php'; } elseif (is_file('/var/lib/mediawiki1.10/LocalSettings.php')) { require_once '/var/lib/mediawiki1.10/LocalSettings.php'; } else { return 1; } if (is_dir('/usr/share/mediawiki')) { $mw_share_path = "/usr/share/mediawiki"; } elseif (is_dir('/usr/share/mediawiki1.10')) { $mw_share_path = "/usr/share/mediawiki1.10"; } else { return 1; } require_once $mw_share_path . '/includes/Defines.php'; require_once $mw_share_path . '/includes/Exception.php'; require_once $mw_share_path . '/includes/GlobalFunctions.php'; require_once $mw_share_path . '/StartProfiler.php'; require_once $mw_share_path . '/includes/Database.php'; $mwdb = new Database(); $mwdb->open($wgDBserver, $wgDBuser, $wgDBpassword, $wgDBname); $sql = "select count(*) from user where user_name=?"; $res = $mwdb->safeQuery($sql, ucfirst($loginname)); $row = $mwdb->fetchRow($res); if ($row[0] == 1) { $sql = "update user set user_password=?, user_email=?, user_real_name=? where user_name=?"; $res = $mwdb->safeQuery($sql, md5($passwd), $u->getEmail(), $u->getRealName(), array(ucfirst($loginname))); } else { $sql = "insert into user (user_name, user_real_name, user_password, user_email, user_options) values (?, ?, ?, ?, ?)"; $res = $mwdb->safeQuery($sql, array(ucfirst($loginname), $u->getRealName(), md5($passwd), $u->getEmail(), "skin=gforge\ncols=80\nrows=25")); } } elseif ($hookname == "blahblahblah") { // ... } }