function doCheckUpdate($v, $d) { $db = openConnection(); $sql = ""; $user_id = ""; $str = "{\"result\":\"0\",\"version_code\":\"0\",\"version_name\":\"\",\"file\":\"\",\"size\":\"\",\"desc\":\"\"}"; if (!empty($d)) { $sql = "select id from root_tools_update_user where device='{$d}'"; $result = query($db, $sql); while (list($id) = mysql_fetch_row($result)) { $user_id = $id; break; } if ($user_id != "") { $sql = "select * from root_tools_update where ver_code > {$v} order by id desc limit 0,1"; $result = query($db, $sql); } } else { $sql = "select * from root_tools_update where tag=0 and ver_code > {$v} order by id desc limit 0,1"; $result = query($db, $sql); } closeConnection($db); while (list($id, $name, $ver_code, $size, $filename, $update_desc) = mysql_fetch_row($result)) { $str = "{\"result\":\"1\",\"version_code\":\"{$ver_code}\",\"version_name\":\"{$name}\",\"file\":\"{$filename}\",\"size\":\"{$size}\",\"desc\":" . json_encode($update_desc) . "}"; break; } return $str; }
function doUploadFont($n, $t) { $dbRet = 0; $sql = "select id from fonts where name='{$n}'"; $db = openConnection(); $result = query($db, $sql); $hasRecord = 0; while (list($id) = mysql_fetch_row($result)) { $hasRecord = 1; break; } if ($hasRecord == 0) { $istop = 0; if ($t == "1") { $istop = 1; } $fileName = $n . ".ttf"; $previewName = $n . ".png"; $sql = "insert into fonts (name, filename, istop, preview) values ('{$n}','{$fileName}',{$istop},'{$previewName}')"; $result = query($db, $sql); $dbRet = $result; } closeConnection($db); return $dbRet; }
function DoQuery($t) { $db = openConnection(); $id = 0; $versionCode = 0; $versionName = ""; $url = ""; $desc = ""; $desc_en = ""; $ret = "{\"versionCode\":0}"; if ($t == "last" || empty($t)) { $stmt = $db->prepare("select * from version order by versionCode desc limit 0, 1"); $stmt->execute(); $stmt->bind_result($id, $versionCode, $versionName, $url, $desc, $desc_en); $stmt->fetch(); $ret = "{\"versionCode\":${versionCode}, \"versionName\":".json_encode($versionName).", \"url\":".json_encode($url).", \"description\":".json_encode($desc).",\"desc_en\":".json_encode($desc_en)."}"; $stmt->close(); } else if ($t == "all") { $ret = "{\"result\":0, \"data\":["; $stmt = $db->prepare("select * from version order by versionCode desc limit 0, 10"); $stmt->execute(); $stmt->bind_result($id, $versionCode, $versionName, $url, $desc, $desc_en); while($stmt->fetch()) { $ret .= "{\"versionCode\":${versionCode}, \"versionName\":".json_encode($versionName).", \"url\":".json_encode($url).", \"description\":".json_encode($desc).",\"desc_en\":".json_encode($desc_en)."},"; } $ret = rtrim($ret, ","); $ret .= "]}"; } closeConnection($db); return $ret; }
/** * UserRoles model * * @author Enrique Bondoc <*****@*****.**> * @since 2016-01-13 03:03:54 +08:00 **/ function getUserRoleByID($config, $id) { $connection = getConnection($config); if (false === $connection['status']) { return $connection; } $connection = $connection['connection']; try { $query = sprintf(' SELECT `UserRoles`.* FROM `UserRoles` WHERE `ID` = :ID LIMIT 1 '); $data = ['ID' => $id]; $preparedStatement = $connection->prepare($query, [PDO::ATTR_CURSOR => PDO::CURSOR_FWDONLY]); $preparedStatement->execute($data); $preparedStatement->setFetchMode(PDO::FETCH_ASSOC); $record = $preparedStatement->fetch(); if (!empty($record)) { $record = ['ID' => $record['ID'], 'Name' => $record['Name'], 'Code' => $record['Code'], 'DateAdded' => $record['DateAdded'], 'DateModified' => $record['DateModified']]; return ['status' => true, 'message' => 'User Role found and retrieved successfully.', 'userRole' => $record]; } closeConnection($connection); return ['status' => false, 'message' => 'No user role found with given ID.']; } catch (Exception $e) { closeConnection($connection); return ['status' => false, 'message' => $e->getMessage(), 'code' => 500]; } }
function printTestUsers($accounts) { $connection = mysql_connect(DB_SERVER, DB_USER, DB_PASS) or die("Problemas en la conexion"); mysql_select_db(DB_NAME, $connection); $html = ""; if (isset($accounts['data']) && count($accounts['data'])) { $html .= "<table>"; $html .= "<tr class=\"head\"><td colspan=\"5\">Usuarios de prueba</td></tr>"; $html .= "<tr class=\"head\"><td>ID</td><td>Nombre</td><td>App user</td><td>Login URL</td><td>Borrar</td></tr>"; foreach ($accounts['data'] as $arr) { $html .= "<tr>"; $html .= "<td>{$arr['id']}</td>"; $fbid = $arr['id']; $fbid = quote_smart($fbid, $connection); $SQL = "SELECT * FROM USER_APP2 WHERE fbid = {$fbid}"; $result = mysql_query($SQL) or die("MySQL-err.Query: " . $SQL . " - Error: (" . mysql_errno() . ") " . mysql_error()); $num_rows = mysql_num_rows($result); if ($num_rows == 1) { $aRow = mysql_fetch_array($result); $html .= "<td>" . $aRow['fbname'] . "</td>"; } else { $html .= "<td>-</td>"; } $html .= "<td>" . (empty($arr['access_token']) ? "NO" : "YES") . "</td>"; $html .= "<td><a href=\"{$arr['login_url']}\" target=\"_blank\">Test User Login</a></td>"; $html .= "<td><a href=\"{$_SERVER['PHP_SELF']}?id={$arr['id']}&action=delete\">Delete Test User</a></td>"; $html .= "</tr>"; } $html .= "</table>"; } else { $html = "No hay usuarios"; } closeConnection($connection); return $html; }
function DoUpload($n, $p, $u, $i, $a, $m, $ai) { $ret = ""; $str = ""; if ($m == 1) { // update $db = openConnection(); $sql = "update root_tools_recommand set name='{$n}',icon_url='{$i}',download_url='{$a}' where package_name='{$p}'"; $str = query($db, $sql); closeConnection($db); } else { // add $id = generateId("root_tools_recommand", "id"); $db = openConnection(); $sql = "insert into root_tools_recommand (id, name, package_name, main_activity, icon_url, download_url, unix_name, app_order) values ({$id}, '{$n}', '{$p}', 'null', '{$i}', '{$a}', '{$u}', 0)"; $str = query($db, $sql); closeConnection($db); } if ($str == "0") { $ret = "1"; } else { $ret = "0"; } return $ret; }
function DoQuery($t) { $str = "{\"result\":0, \"data\":["; $db = openConnection(); $stmt = $db->prepare("select id, nickname, comment, photo1, photo2, photo3, photo4, photo5, commit_date from feedback where status = ? order by id desc"); $stmt->bind_param("i", $t); $stmt->execute(); $id = 0; $nickname = ""; $comment = ""; $photo1 = ""; $photo2 = ""; $photo3 = ""; $photo4 = ""; $photo5 = ""; $commit_date = ""; $stmt->bind_result($id, $nickname, $comment, $photo1, $photo2, $photo3, $photo4, $photo5, $commit_date); while ($stmt->fetch()) { $str .= "{\"id\":${id},\"nickname\":".json_encode($nickname).",\"comment\":".json_encode($comment).",\"photo1\":\"${photo1}\",\"photo2\":\"${photo2}\",\"photo3\":\"${photo3}\",\"photo4\":\"${photo4}\",\"photo5\":\"${photo5}\",\"commit_date\":\"${commit_date}\"},"; } $stmt->close(); closeConnection($db); $str = rtrim($str, ","); $str .= "]}"; return $str; }
function DoQuery($n, $c, $p1, $p2, $p3, $p4, $p5) { $str = "{\"result\":1}"; date_default_timezone_set("Asia/Hong_Kong"); $t_str = date("YmdHis"); $commit_date = date("Y-m-d H:i:s"); $pname = generateToken().".${t_str}."; $path1 = "./files/${pname}1"; $path2 = "./files/${pname}2"; $path3 = "./files/${pname}3"; $path4 = "./files/${pname}4"; $path5 = "./files/${pname}5"; $dbp1 = ""; $dbp2 = ""; $dbp3 = ""; $dbp4 = ""; $dbp5 = ""; if (isset($p1)) { move_uploaded_file($p1["tmp_name"], $path1); $dbp1 = "${pname}1"; } if (isset($p2)) { move_uploaded_file($p2["tmp_name"], $path2); $dbp2 = "${pname}2"; } if (isset($p3)) { move_uploaded_file($p3["tmp_name"], $path3); $dbp3 = "${pname}3"; } if (isset($p4)) { move_uploaded_file($p4["tmp_name"], $path4); $dbp4 = "${pname}4"; } if (isset($p5)) { move_uploaded_file($p5["tmp_name"], $path5); $dbp5 = "${pname}5"; } $db = openConnection(); $stmt = $db->prepare("insert into feedback(nickname, comment, photo1, photo2, photo3, photo4, photo5, commit_date) values (?, ?, ?, ?, ?, ?, ?, ?)"); $stmt->bind_param("ssssssss", $n, $c, $dbp1, $dbp2, $dbp3, $dbp4, $dbp5, $commit_date); $stmt->execute(); $rows = intval($stmt->affected_rows); $stmt->close(); closeConnection($db); if ($rows != 0) { $str = "{\"result\":0}"; } return $str; }
/** * StudentsSubjectsMatch model * * @author Enrique Bondoc <*****@*****.**> * @since 2016-01-13 04:04:01 +08:00 **/ function addStudentSubjectMatch($config, $studentID, $subjectID) { $connection = getConnection($config); if (false === $connection['status']) { return $connection; } $connection = $connection['connection']; try { /** * Insert into StudentsSubjectsMatch table. */ $query = sprintf(' INSERT INTO `StudentsSubjectsMatch` ( `UserID`, `SubjectID` ) VALUES ( :UserID, :SubjectID ) '); $preparedStatement = $connection->prepare($query); $preparedStatement->bindValue(':UserID', $studentID, PDO::PARAM_INT); $preparedStatement->bindValue(':SubjectID', $subjectID, PDO::PARAM_INT); $result = $preparedStatement->execute(); closeConnection($connection); if ($result) { return ['status' => true, 'message' => 'Match (Student-Subject) has been added successfully.']; } return ['status' => false, 'message' => 'An error occured while trying to add the Student-Subject match.']; } catch (Exception $e) { closeConnection($connection); return ['status' => false, 'message' => $e->getMessage(), 'code' => 500]; } }
function execute($sql) { global $invalidQueryInputError; $connection = connectToDatabase(); $result = mysqli_query($connection, $sql); closeConnection($connection); $rows = array(); if (mysqli_num_rows($result) > 0) { $i = 0; while ($row = mysqli_fetch_assoc($result)) { $rows[$i] = $row; $i++; } } if ($invalidQueryInputError != "") { $rows["PHP_ERROR"] = $invalidQueryInputError; //This is not safe [Security Flow] $invalidQueryInputError = ""; } if (mysqli_error($connection) != null) { $rows["SQL_ERROR"] = mysqli_connect_error(); //This is not safe [Security Flow] } return $rows; }
function DoChangeOrder($i, $a) { $sql = "update root_tools_recommand set app_order={$a} where id={$i}"; $db = openConnection(); $result = query($db, $sql); closeConnection($db); return $result; }
function doUploadNewVersion($n, $v, $s, $f, $u, $t) { $db = openConnection(); $sql = "insert into root_tools_update (name, ver_code, size, filename, update_desc,tag) values ('{$n}',{$v},'{$s}','{$f}','{$u}',{$t})"; $result = query($db, $sql); closeConnection($db); return $result; }
function doAddDevice($d, $u) { $db = openConnection(); $sql = "insert into root_tools_update_user (device, user_memo) values ('{$d}', '{$u}')"; $result = query($db, $sql); closeConnection($db); return $result; }
function DoDeletePackage($i) { $sql = "delete from root_tools_recommand where id={$i}"; $db = openConnection(); $result = query($db, $sql); closeConnection($db); return $result; }
function doDeleteDevice($i) { $db = openConnection(); $sql = "delete from root_tools_update_user where id={$i}"; $result = query($db, $sql); closeConnection($db); return $result; }
function doDeleteRecommand($i) { $sql = "delete from yugioh_recommand where id={$i}"; $db = openConnection(); $result = query($db, $sql); closeConnection($db); return $result; }
function doRecordFeedback($i, $e, $t, $a, $o) { $db = openConnection(); $sql = "insert into yugioh_feedback (device, email, feedback, appver, osver) values ('{$i}','{$e}','{$t}','{$a}','{$o}')"; $result = query($db, $sql); closeConnection($db); return $result; }
function doExecuteAndGetCount($query) { $conn = getConnection(); mysql_query($query, $conn) or die("Error en execute " . mysql_error()); $cant = mysql_affected_rows($conn); closeConnection($conn); return $cant; }
function generateCrashTable() { $db = openConnection(); $sql = "select deviceId,app_version,os_version,module,mail,crash, crash_time from root_tools_crash where mail != '' order by id desc limit 0, 500"; $result = query($db, $sql); while (list($d, $av, $ov, $m, $mail, $c, $ct) = mysql_fetch_row($result)) { echo "<tr><td>{$ct}</td><td>{$av}</td><td>{$ov}</td><td>{$m}</td><td>{$mail}</td><td style='word-break:break-all'>{$c}</td></tr>"; } closeConnection(); }
function letzteBestellungenExtended($benutzer) { //$con = mysql_connect('localhost','root',''); //mysql_select_db('ebertspizzapalace', $con); createConnection(); $sql = "SELECT p.Name, xpo.Amount, group_concat(i.Name) AS Zutaten, o.ID\n\t\tFROM Customers c, Orders o, xProductOrder xpo, Products p, xProductIngredient xpi, Ingredients i \n\t\tWHERE c.ID = o.CustomerID \n\t\tAND o.ID = xpo.OrderID \n\t\tAND xpo.ProductID = p.ID \n\t\tAND p.ID = xpi.ProductID \n\t\tAND xpi.IngredientID = i.ID \n\t\tAND c.Login = '******'\n\t\tGROUP BY p.ID, o.ID"; $results = mysql_query($sql); //mysql_close($con); closeConnection(); return $results; }
function doUploadNewSplash($p) { $extend = get_extend($p["name"]); $filename = "file_" . date("YYmmddhhiiss") . "." . $extend; move_uploaded_file($p["tmp_name"], "../splash/" . $filename); $db = openConnection(); $sql = "update root_tools_splash set filename='{$filename}' where id=0"; $result = query($db, $sql); closeConnection($db); return $result; }
function doLog($d, $m, $o, $mail, $b, $action) { $nid = generateId("root_tools_log", "id"); date_default_timezone_set("Asia/Hong_Kong"); $sql = "insert into root_tools_log values ('" . $nid . "', '" . $d . "', '" . $m . "', '" . $o . "', '" . $mail . "', '" . $b . "', '" . $action . "', '" . date("Y-m-d h:i a") . "')"; $db = openConnection(); $str = query($db, $sql); closeConnection($db); $str = "{\"result\":\"" . $str . "\"}"; return $str; }
function getDBFiles() { $dbFiles = array(); openConnection(); $result = getAllFrom("episode"); closeConnection(); while ($episode = mysqli_fetch_assoc($result)) { $dbFiles[] = $episode['filename']; } return $dbFiles; }
function doLog($d, $m, $o, $mail, $b, $crash, $a) { $nid = generateId("root_tools_crash", "id"); date_default_timezone_set("Asia/Hong_Kong"); $sql = "insert into root_tools_crash values ('{$nid}', '{$d}', '{$m}', '{$o}', '{$mail}', '{$b}', '{$crash}', '" . date("Y-m-d h:i a") . "', '{$a}')"; $db = openConnection(); $str = query($db, $sql); closeConnection($db); $str = "{\"result\":\"" . $str . "\"}"; return $str; }
function doLog($d, $m, $o, $mail, $b, $comment, $app) { $nid = generateId("root_tools_feedback", "id"); date_default_timezone_set("Asia/Hong_Kong"); $sql = "insert into root_tools_feedback(id,deviceId,module,os_version,mail,build_desc,comment,comment_time,app_version) values ('" . $nid . "', '" . $d . "', '" . $m . "', '" . $o . "', '" . $mail . "', '" . $b . "', '" . $comment . "', '" . date("Y-m-d h:i a") . "', '{$app}')"; $db = openConnection(); $str = query($db, $sql); closeConnection($db); $str = "{\"result\":\"" . $str . "\"}"; return $str; }
function DoGenerateTable() { $sql = "select id, name, package_name, main_activity from root_tools_recommand order by id asc"; $db = openConnection(); $result = query($db, $sql); closeConnection($db); $str = ""; while (list($id, $name, $package_name, $main_activity) = mysql_fetch_row($result)) { $str = $str . "<tr height='40'><td valign='top'>{$id}</td><td valign='top'>{$name}</td><td valign='top'>{$package_name}</td><td valign='top'><input type='button' value='删除' class='btn btn-small btn-primary' onClick=\"deletePackage({$id});\"></td><tr>"; } return $str; }
function executeQueryString($queryString) { $conn = createConnection(); if ($conn->query($queryString) === TRUE) { //echo "<br>New record created successfully<br>"; return true; } else { echo "Error: " . $queryString . "<br>" . $conn->error; return false; } closeConnection($conn); }
function DoGenerateTable() { $sql = "select id, name, app_order from root_tools_recommand order by app_order asc"; $db = openConnection(); $result = query($db, $sql); closeConnection($db); $str = ""; while (list($id, $name, $app_order) = mysql_fetch_row($result)) { $str = $str . "<tr height='40'><td valign='top'>{$id}</td><td valign='top'>{$name}</td><td valign='top'>{$app_order}</td><td valign='top'><input type='text' id='t{$id}' value='{$app_order}' class='input-block-level'></td><td valign='top'><input type='button' value='更改' class='btn btn-small btn-primary' onClick=\"changeOrder({$id}, document.getElementById('t{$id}').value);\"></td><tr>"; } return $str; }
function DoGenerateTable() { $sql = "select id, name, jump_mode, jump_url, jump_text from yugioh_recommand order by id asc"; $db = openConnection(); $result = query($db, $sql); closeConnection($db); $str = ""; while (list($id, $name, $jump_mode, $jump_url, $jump_text) = mysql_fetch_row($result)) { $str = $str . "<tr height='40'><td valign='top'>{$id}</td><td valign='top'>{$name}</td><td valign='top'>{$jump_mode}</td><td valign='top'>{$jump_url}</td><td valign='top'>{$jump_text}</td><td valign='top'><input type='button' value='Delete' class='btn btn-small btn-primary' onClick=\"deleteRecommand({$id});\"></td><tr>"; } return $str; }
function BenutzernameCheck($inputBenutzername) { createConnection(); //$con = mysql_connect('localhost','root',''); //mysql_select_db('ebertspizzapalace', $con); $sql = "SELECT Login FROM Customers WHERE Login = '******'"; $result = mysql_query($sql, $con); $count = mysql_num_rows($result); closeConnection(); //mysql_close($con); return $count; }