function insertSolution($mysqli, $data) { $sql = "INSERT INTO solvings SET studentName = \"{$data->studentName}\", solving = \"{$data->solving}\", class = \"{$data->class}\", topic = \"{$data->topic}\", ip = \"{$_SERVER['REMOTE_ADDR']}\", exerciseId = \"{$data->exerciseId}\", teacherName = \"{$data->teacherName}\""; $mysqli = connectDb(); //~ dblog($mysqli, "sql: $sql"); $mysqli->query($sql); closeDb($mysqli); }
function insertNewExercise($data) { $sql = "INSERT INTO exercises SET topic = \"{$data->topic}\", exercise = \"{$data->exercise}\", enable = \"{$data->enable}\""; $mysqli = connectDb(); $mysqli->query($sql); echo $mysqli->insert_id; closeDb($mysqli); }
function loadDonView() { global $app; load_head(); echo $app["version"]; $mysqli = connectDb(); $ids = getEnableds($mysqli); showTeacherForm($ids); closeDb($mysqli); load_foot(); }
function loadView() { global $app; load_head(); $mysqli = connectDb(); $ids = getEnableds($mysqli); $teacherNames = getTeacherNames($mysqli); showStudentForm($ids, $teacherNames); closeDb($mysqli); load_foot(); }
function fileUploadComplete($filename = null) { if ($filename == null) { die("Error: No filename for file upload"); } $conn = connectToDb(); try { //Prepare SQL and bind parameters for insert $stmt = $conn->prepare("INSERT INTO Uploaded_Files (filename)\n\t\t\t\t\t\t\t\tVALUES (:filename)"); $stmt->bindParam(':filename', $filename); $stmt->execute(); return $conn->insert_id; } catch (PDOException $e) { die("Exception in SQL INSERT: " . $e); } closeDb(); }
function getGraphByGrade($curp, $gradeId) { $conn = connectToDataBase(); $sql = "SELECT Co.name, gradeObtained FROM Course Co, ReportCard R\n WHERE R.CURP = \"" . $curp . "\" AND R.gradeId = " . $gradeId . " AND\n Co.courseId = R.courseId;"; $result = mysqli_query($conn, $sql); $courses = array(); if (mysqli_num_rows($result) > 0) { while ($row = mysqli_fetch_assoc($result)) { $materia = new Materia(); $materia->name = $row["name"]; $materia->grade = $row["gradeObtained"]; array_push($courses, $materia); } $res = array(); $res["n"] = count($courses); $res["materias"] = $courses; echo json_encode($res); } else { echo "error"; } closeDb($conn); }
function validateUser($username, $password) { $conn = connectToDataBase(); $sql = "SELECT * FROM User WHERE userName = \"" . $username . "\" AND userPassword = \"" . $password . "\""; $result = mysqli_query($conn, $sql); $array = array(); if (mysqli_num_rows($result) > 0) { $array["response"] = "accepted"; $sql = "SELECT rolId, institutionId\n FROM HasRole hr, WorksInInstitution wi\n WHERE hr.userName = \"" . $username . "\" AND\n hr.userName = wi.userName;"; $result = mysqli_query($conn, $sql); if ($row = mysqli_fetch_assoc($result)) { $array["rolId"] = $row["rolId"]; $array["institutionId"] = $row["institutionId"]; $array["userName"] = $username; startSession($array); } } else { $array["response"] = "declined"; } closeDb($conn); echo json_encode($array); }
function deleteReportCard($CURP, $gradeId) { $conn = connectToDatabase(); mysqli_begin_transaction($conn, MYSQLI_TRANS_START_READ_WRITE); $sql = "DELETE FROM ReportCard WHERE CURP = '{$CURP}' AND gradeId = {$gradeId}"; if (mysqli_multi_query($conn, $sql)) { echo "1"; } else { echo "0" . mysqli_error($conn); } mysqli_commit($conn); closeDb($conn); }
//********************************************************************* $vars = $this->vars; //require_once("../inc/chklist.php"); //print "<font color=\"blue\">"; //$myChkList = new chklist($vars, "ID_COMMENTPROTO"); //print_r ($myChkList->getSelected ()); // foreach ( $vars as $key=>$value ) // { // print "<li>\$key $key => \$value $value</li>\n"; // } //Callback method de vérification //print "</font>"; require_once "../inc/db_funcs.php"; $tmpDb = openDb(); $dirName = queryOneDb($tmpDb, "SELECT ATAB_REP_VCH FROM ATAB WHERE ATAB_NOMTBL_CKEY_VCH='" . $this->getVar("ATAB_NOMTBL_CKEY_VCH") . "'"); closeDb($tmpDb); //Redirection Explications ------------------------------------- if (isset($vars['Explications'])) { require_once "HTML/Page.php"; require_once "MOEUVREPROTO_def.php"; require_once "../inc/html_settings.php"; $page = new HTML_Page(array('lineend' => 'unix', 'doctype' => 'XHTML 1.0 Strict', 'language' => 'fr', 'cache' => 'false')); // $page->addStyleSheet($css_style); $page->setTitle('Phpaie -(EXplications)-'); // A modifier absolument 2 requêtes suivantes à fusionner. $buffer = MOEUVREPROTO::fetchOne("MOEUVREPROTO_EXPLIC_TE", "where ATAB_NOMTBL_CKEY_VCH ='" . $this->getVar("ATAB_NOMTBL_CKEY_VCH") . "'", ""); $ind = MOEUVREPROTO::fetchOne("ID_MOEUVREPROTO", "where ATAB_NOMTBL_CKEY_VCH ='" . $this->getVar("ATAB_NOMTBL_CKEY_VCH") . "'", ""); $page->addBodyContent("<p align=\"center\"><font face=\"Arial\"><b><a href=\"Javascript:history.go(-1)\">retour</a></b></font></p>\n"); $page->addBodyContent("<table border=\"0\" bgcolor=\"#CCCCFF\" width=\"100%\"><caption>Présentation</caption><tbody><tr><td>[" . $this->getVar("ATAB_NOMTBL_CKEY_VCH") . "] (Package :" . $dirName . ")</td></tr></tbody></table>"); $page->addBodyContent($buffer); $page->addBodyContent("<p align=\"center\"><font face=\"Arial\"><b><a href=\"Javascript:history.go(-1)\">retour</a></b></font></p>\n");
$newActor = mysqli_query($db, "INSERT INTO actor (first_name, last_name) VALUES\n (' " . $_POST['fName'] . " ',' " . $_POST['lName'] . " ');"); if (!$newActor) { die("Couldn't inset actor" . mysqli_error($db)); } } $result = mysqli_query($db, "SELECT * FROM actor ORDER by actor_id DESC Limit 0,10 "); while ($row = mysqli_fetch_assoc($result)) { echo "<tr>"; echo "<td>" . $row['actor_id'] . "</td>"; echo "<td>" . $row['first_name'] . "</td>"; echo "<td>" . $row['last_name'] . "</td>"; echo "<td>" . $row['last_update'] . "</td>"; //echo $row['title'] . " " . $row['description']; echo "</tr>"; } closeDb(); ?> </body> </tbody> </table> <form action="delete.php" method="post"> <p>ID to Delete:<input type="text" name="deleteid" /> <input type="submit" name="Submit" value="Delete"/></p> </form>
function executeQuery($sql, &$connection, $findFirst = false) { try { $result = mysqli_query($connection, $sql) or die("connection error"); $resultSet = array(); while ($row = mysqli_fetch_assoc($result)) { $resultSet[] = (object) $row; } closeDb($connection); // return the first result only. useful when query for just // a single record if ($findFirst) { $resultSet = count($resultSet) > 0 ? $resultSet[0] : null; } return $resultSet; } catch (Exception $e) { throw new Exception("db error"); } }
<?php include 'lib/config.php'; require_once 'lib/fbconfig.php'; include 'iHackyFunctions.php'; $userId = $_POST['id']; $classId = $_POST['class']; $classRank = $_POST['rank']; $conn = getDbConn(); $queryChangeRank = "UPDATE CLASS_USERS SET class_rank = {$classRank} \r\n WHERE CLASS_USERS.facebook_id = {$userId} AND CLASS_USERS.class_id = {$classId}"; mysql_query($queryChangeRank); closeDb($conn); echo "<a href=\"profile.php\">Return to your Profile</a>";
function insertInstitution($name, $email, $phone, $address) { $conn = connectToDataBase(); $sql = "INSERT INTO Institution (name, email, phone, address) VALUES (\"" . $name . "\", \"" . $email . "\", \"" . $phone . "\", \"" . $address . "\");"; if (mysqli_query($conn, $sql)) { echo "1"; } else { echo "0"; } closeDb($conn); }
<?php require_once realpath(dirname(__FILE__) . "/../../config/config.php"); require_once "db.php"; $postdata = file_get_contents("php://input"); $request = json_decode($postdata); $mysqli = connectDb(); $sor = getPassword($mysqli, $request->exerciseId); print json_encode($sor); closeDb($mysqli);
function checkNToNDbVars($TABLE_TO) { include_once "db_funcs.php"; $link = openDb(); // Caractère de liaison URL/QueryString $start_query = isset($GLOBALS[QUERY_STRING]) && $GLOBALS[QUERY_STRING] != "" ? "&" : "?"; $l_result = mysql_query("SELECT ID_{$this->name} from {$this->name}{$TABLE_TO} WHERE ID_{$TABLE_TO} = " . $this->vars["ID_" . $TABLE_TO] . ";"); $l_num_rows = mysql_num_rows($l_result); // récupérer les valeurs de check modifiées while ($l_a_row = mysql_fetch_assoc($l_result)) { while (list($key, $value) = each($l_a_row)) { $founded[$value] = "CHECKED"; } } $req = ""; foreach ($this->vars as $key => $value) { if ($value != "" && (strstr($key, "{$this}->name_") || !strcmp($key, "ID_{$this->name}") || !strcmp($key, "ID_VERSION"))) { if (ereg("_TI\$", $key) || ereg("_SI\$", $key) || ereg("_MI\$", $key) || ereg("_I\$", $key) || ereg("_BI\$", $key) || ereg("_F\$", $key) || ereg("_DO\$", $key) || ereg("_DE\$", $key) || ereg("^ID_", $key)) { $req .= "{$key}={$value} AND "; } else { // Le 'LIKE' est de parti pris $req .= "{$key} LIKE '{$value}%' AND "; } } // fabriquer une chaine avec select * where S_XXXX =$this->vars[S_XXXX] (ou $value) AND ... // pour parvenir à la requête voulue } if ($req != "") { $req = "SELECT * FROM {$this->name} where " . ereg_replace(" AND \$", "", $req); } else { // Si aucun champ n'est rempli on prend tout $req = "SELECT * FROM {$this->name}"; } // Gestion du tri des colonnes => effacer l'éventuel critère précédent if (isset($GLOBALS['ORDER']) && $GLOBALS['ORDER'] != "") { $req .= " ORDER BY " . $GLOBALS['ORDER']; $GLOBALS[REQUEST_URI] = str_replace(strstr($GLOBALS[REQUEST_URI], $start_query . "ORDER"), "", $GLOBALS[REQUEST_URI]); } // print "<H1>$req </H1><BR>"; $count_id = 0; $result = mysql_query("SELECT * FROM GESTAB WHERE GESTAB_NOMTBL_CKEY_VCH = '{$this->name}'"); // Aller chercher dans la table Gestab print "<table border=1 WIDTH=\"800\">\n"; print "<tr>\n"; while ($a_row = mysql_fetch_assoc($result)) { $colonnes[$a_row[GESTAB_NOMCOL_KEY_VCH]] = new Attributs($a_row[GESTAB_LNK_VCH] == "ON" ? 1 : 0, $a_row[GESTAB_VIS_VCH] == "ON" ? 1 : 0, $a_row[GESTAB_LARG_I]); // Il y a au mois 1 lien visible $count_id |= $a_row[GESTAB_VIS_VCH] == "ON" && $a_row[GESTAB_LNK_VCH] == "ON" ? 1 : 0; while (list($key, $value) = each($a_row)) { if ($key == "GESTAB_TITRE_VCH" && $a_row[GESTAB_VIS_VCH] == "ON") { print "\t<td bgcolor=\"#808000\"><a href=\"" . $GLOBALS[REQUEST_URI] . $start_query . "ORDER=" . $a_row[GESTAB_NOMCOL_KEY_VCH] . "\" class=\"tablelink\">{$value}</a></td>\n"; } } } // Afficher une colonne avec bouton suppression $result = mysql_query("SELECT * FROM ATAB WHERE ATAB_NOMTBL_CKEY_VCH = '{$this->name}'"); $a_row = mysql_fetch_assoc($result); $colonnes["ATAB_CHKSELECT_"] = new Attributs(1, $a_row["ATAB_CHKSELECT"] == "ON", 10); // Afficher une colonne avec bouton selection $colonnes["ATAB_SELECT_"] = new Attributs(1, $a_row["ATAB_SELECT"] == "ON", 10); // Il n'y a pas de lien visible if (!$count_id && !$colonnes["ATAB_CHKSELECT_"]->visible && !$colonnes["ATAB_SELECT_"]) { $colonnes["id"] = new Attributs(1, 1, 10); print " <td bgcolor=\"#887799\">ID</td>\n"; } if ($colonnes["ATAB_CHKSELECT_"]->visible) { print " <td bgcolor=\"#887799\">Lier</td>\n"; } if ($colonnes["ATAB_SELECT_"]->visible) { print " <td bgcolor=\"#887799\">selection</td>\n"; } print "</tr>\n"; $result = mysql_query("{$req}"); $num_rows = mysql_num_rows($result); while ($a_row = mysql_fetch_assoc($result)) { print "<tr>\n"; while (list($key, $value) = each($a_row)) { if ($colonnes[$key]->visible) { if ($value == "") { $value = " "; } if ($colonnes[$key]->id) { print "\t<td><a href=\"../{$this->directory}/{$this}->name_1.php?ID=" . $a_row["ID_{$this->name}"] . "\">{$value}</a></td>\n"; } else { print "\t<td>{$value}</td>\n"; } } } if ($colonnes["ATAB_CHKSELECT_"]->visible) { $NID = $a_row["{$name_index}"]; print " <td align=\"center\"><input type=\"checkbox\" name=\"CHK_{$NID}\" value=\"{$founded[$NID]}\" {$founded[$NID]} >\n"; print " \t\t\t <input type=\"hidden\" name=\"WAS_{$NID}\" value=\"{$founded[$NID]}\" size=\"20\"> </td>\n"; } if ($colonnes["ATAB_SELECT_"]->visible) { print "\t<td><a href=\"../->directory/.php?ID=" . $a_row["{$name_index}"] . "\">Select.</a></td>\n"; } print "</tr>\n"; } print "</table>\n"; print "<p>Cette séléction comprend {$num_rows} enregistrement(s)</p>"; closeDb($link); return 0; }
function getReportCardsOfChildrenByInstitution() { $conn = connectToDatabase(); $sql = "SELECT C.CURP, name, grade, G.gradeId FROM Child C, Grade G, ReportCard RC, BelongsToInstitution BTI " . "WHERE C.CURP = RC.CURP AND G.gradeId = RC.gradeId AND BTI.institutionId = " . $_SESSION["institutionId"] . " AND C.CURP = BTI.CURP " . "GROUP BY C.CURP, G.gradeId;"; $result = mysqli_query($conn, $sql); $table = "<table class='responsive-table striped teal lighten-3 z-depth-1 tabla-actividades' style='max-width:100%;'>\n <thead>\n <tr>\n <th>CURP</th>\n <th>Nombre</th>\n <th>Grado</th>\n <th>Eliminar</th>\n </tr>\n </thead>\n <tbody>"; if (mysqli_num_rows($result) > 0) { while ($row = mysqli_fetch_assoc($result)) { $tempId = $row["CURP"] . "*" . $row["gradeId"]; $table .= "<tr id=\"" . $row["CURP"] . "\">\n <td>" . $row["CURP"] . "</td>\n <td>" . $row["name"] . "</td>\n <td>" . $row["grade"] . "</td>\n <td>" . "<a id='" . $tempId . "' class='btn-floating medium waves-effect waves-light cyan z-depth-1 modal-trigger center' onclick='deleteReportCard(this.id)' href='#modal1'><i class='material-icons'>clear</i></a></td>\n </tr>"; } $table .= "</tbody></table>"; echo $table; } else { echo "Error"; } closeDb($conn); }
<tbody> <body> <?php include "DBCreator.php"; $db = connectToDB(); if (!$db) { die('Could not connect to the Sakila Database: ' . mysqli_error($db)); } $serach = $_POST['qdescription']; $result = mysqli_query($db, "SELECT * FROM film WHERE description LIKE '%{$serach}%';"); //$result = mysqli_query($db, "SELECT * FROM film WHERE description LIKE '%boring%' LIMIT 0,10"); if (!$result) { die('Could not retrieve records from the Sakila Database: ' . mysqli_error($db)); } while ($row = mysqli_fetch_assoc($result)) { echo "<tr>"; echo "<td>" . $row['title'] . "</td>"; echo "<td>" . $row['description'] . "</td>"; //echo $row['title'] . " " . $row['description']; echo "</tr>"; } $db = closeDb(); ?> </tbody> </table> </body> </html>