/** * Constructor for survey class * * Loads data from survey table * * @param in $id number of current survey * @return void * @todo none */ public function __construct($id) { $id = (int) $id; #cast to integer $sql = "select Title, Description from sp15_surveys where SurveyID={$id}"; $result = mysqli_query(IDB::conn(), $sql) or die(trigger_error(mysqli_error(IDB::conn()), E_USER_ERROR)); if (mysqli_num_rows($result) > 0) { #there are records - present data while ($row = mysqli_fetch_assoc($result)) { # pull data from associative array $this->Title = dbOut($row['Title']); $this->Description = dbOut($row['Description']); $this->SurveyID = $id; $this->isValid = true; } # Endwhile } # Endif @mysqli_free_result($result); }
function showCustomers() { //Select Customer global $config; get_header(); echo '<h3 align="center">' . smartTitle() . '</h3>'; $sql = "select CustomerID,FirstName,LastName,Email from test_Customers"; $result = mysqli_query(IDB::conn(), $sql) or die(trigger_error(mysqli_error(IDB::conn()), E_USER_ERROR)); if (mysqli_num_rows($result) > 0) { //show results echo '<table align="center" border="1" style="border-collapse:collapse" cellpadding="3" cellspacing="3">'; echo '<tr> <th>CustomerID</th> <th>First Name</th> <th>Last Name</th> <th>Email</th> </tr> '; while ($row = mysqli_fetch_assoc($result)) { //dbOut() function is a 'wrapper' designed to strip slashes, etc. of data leaving db echo '<tr> <td>' . (int) $row['CustomerID'] . '</td> <td>' . dbOut($row['FirstName']) . '</td> <td>' . dbOut($row['LastName']) . '</td> <td>' . dbOut($row['Email']) . '</td> </tr> '; } echo '</table>'; } else { //no records echo '<div align="center"><h3>Currently No Customers in Database.</h3></div>'; } echo '<div align="center"><a href="' . THIS_PAGE . '?act=add">ADD CUSTOMER</a></div>'; @mysqli_free_result($result); //free resources get_footer(); }
function responseList($id) { $myReturn = ''; $sql = "select DateAdded, ResponseID from sm15_responses where SurveyID = {$id}"; #reference images for pager $prev = '<img src="' . VIRTUAL_PATH . 'images/arrow_prev.gif" border="0" />'; $next = '<img src="' . VIRTUAL_PATH . 'images/arrow_next.gif" border="0" />'; # Create instance of new 'pager' class $myPager = new Pager(10, '', $prev, $next, ''); $sql = $myPager->loadSQL($sql); #load SQL, add offset # connection comes first in mysqli (improved) function $result = mysqli_query(IDB::conn(), $sql) or die(trigger_error(mysqli_error(IDB::conn()), E_USER_ERROR)); if (mysqli_num_rows($result) > 0) { #records exist - process if ($myPager->showTotal() == 1) { $itemz = "response"; } else { $itemz = "responses"; } //deal with plural $myReturn .= '<div align="center">We have ' . $myPager->showTotal() . ' ' . $itemz . '!</div>'; while ($row = mysqli_fetch_assoc($result)) { # process each row $myReturn .= '<div align="center"><a href="' . VIRTUAL_PATH . 'surveys/response_view.php?id=' . (int) $row['ResponseID'] . '">' . dbOut($row['DateAdded']) . '</a>'; $myReturn .= '</div>'; } $myReturn .= $myPager->showNAV(); # show paging nav, only if enough records } else { #no records $myReturn .= "<div align=center>There are currently no surveys</div>"; } @mysqli_free_result($result); //$myReturn .= $id; return $myReturn; }
# Will change to true, if record found! # connection comes first in mysqli (improved) function $result = mysqli_query(IDB::conn(), $sql) or die(trigger_error(mysqli_error(IDB::conn()), E_USER_ERROR)); echo "<h3 style='text-align: center'>News Feeds Available</h3>"; if (mysqli_num_rows($result) > 0) { #records exist - process $foundRecord = TRUE; /** * * COLUMNS * */ echo "<ul id='feedlist'>"; while ($row = mysqli_fetch_assoc($result)) { $Title = dbOut($row['FeedName']); $Link = dbOut($row['FeedURL']); if ($foundRecord) { #records exist - show muffin! ?> <li style="text-align: center"><a href="news_feed.php?url=<?php echo $Link; ?> "<h3><?php echo $Title; ?> </h3></a></li> <hr> <?php } else { //no such muffin! echo '<div align="center">No Items Match Category.</div>';
/** * Constructor for Response class. * * @param integer $id ID number of Response * @return void * @todo none */ function __construct($id) { $this->ResponseID = (int) $id; if ($this->ResponseID == 0) { return FALSE; } # invalid response id - abort $iConn = \IDB::conn(); # uses a singleton DB class to create a mysqli improved connection $sql = sprintf("select SurveyID, DateAdded from " . PREFIX . "responses where ResponseID =%d", $this->ResponseID); $result = mysqli_query($iConn, $sql) or die(trigger_error(mysqli_error($iConn), E_USER_ERROR)); if (mysqli_num_rows($result) > 0) { # returned a response! while ($row = mysqli_fetch_array($result)) { # load singular response object properties $this->SurveyID = (int) $row['SurveyID']; $this->DateTaken = dbOut($row['DateAdded']); } } else { return FALSE; #no responses - abort } mysqli_free_result($result); parent::__construct($this->SurveyID); # access parent class to build Question & Answers # attempt to load choice array of Answer objects if ($this->TotalQuestions > 0) { # Questions must exist for this survey, if we are to proceed $sql = sprintf("select AnswerID, QuestionID, RQID from " . PREFIX . "responses_answers where ResponseID=%d order by QuestionID asc", $this->ResponseID); $result = mysqli_query($iConn, $sql) or die(trigger_error(mysqli_error($iConn), E_USER_ERROR)); if (mysqli_num_rows($result) > 0) { # must be choices while ($row = mysqli_fetch_array($result)) { # load data into array of choices $this->aChoice[] = new Choice((int) $row['AnswerID'], (int) $row['QuestionID'], (int) $row['RQID']); } @mysqli_free_result($result); } } }
$itemz = "muffins"; } echo '<div align="center">We have ' . $myPager->showTotal() . ' ' . $itemz . '!</div>'; $tdWidth = number_format(100 / COLS, 0); # Here we determine the number of columns we'll be using $pos = 0; #init position variable echo '<table align="center" border="0" width="90%" style="border-collapse:collapse" cellpadding="10" cellspacing="10"><tr>'; while ($row = mysqli_fetch_assoc($result)) { //dbOut() function is a 'wrapper' designed to strip slashes, etc. of data leaving db $pos++; //echo '<td class="myborder" width="' . $tdWidth . '%">'; #we can't place the class on the <td> in all browers echo '<td width="' . $tdWidth . '%"><div class="myborder" align="center">'; echo '<img src="' . VIRTUAL_PATH . 'upload/m' . dbOut($row['MuffinID']) . '_thumb.jpg" hspace="5" vspace="5" align="middle" />'; echo ' <a href="' . VIRTUAL_PATH . 'demo/demo_view_curvy.php?id=' . dbOut($row['MuffinID']) . '">' . dbOut($row['MuffinName']) . '</a>'; echo '<br /><i>only</i> <font color="red">$' . money_format("%(#10n", dbOut($row['Price'])) . '</font>'; echo '</div></td>'; if ($pos % COLS === 0 && is_array($row)) { echo '</tr><tr>'; } } while ($pos % COLS) { #loop to fill in final row echo '<td> </td>'; $pos++; } echo "</tr></table>"; echo $myPager->showNAV(); //show paging nav, only if enough records } else { #no records
function editDisplay() { global $config; if ($_SESSION["Privilege"] == "admin") { #use session data if logged in as admin only $myID = (int) $_SESSION['AdminID']; } else { if (isset($_POST['AdminID']) && (int) $_POST['AdminID'] > 0) { $myID = (int) $_POST['AdminID']; #Convert to integer, will equate to zero if fails } else { feedback("AdminID not numeric", "error"); myRedirect($config->adminReset); } } $privileges = getENUM(PREFIX . 'Admin', 'Privilege'); #grab all possible 'Privileges' from ENUM $myConn = conn('', FALSE); $sql = sprintf("select FirstName,LastName,Email,Privilege from " . PREFIX . "Admin WHERE AdminID=%d", $myID); $result = @mysql_query($sql, $myConn) or die(trigger_error(mysql_error(), E_USER_ERROR)); if (mysql_num_rows($result) > 0) { //show results while ($row = mysql_fetch_array($result)) { //dbOut() function is a 'wrapper' designed to strip slashes, etc. of data leaving db $FirstName = dbOut($row['FirstName']); $LastName = dbOut($row['LastName']); $Email = dbOut($row['Email']); $Privilege = dbOut($row['Privilege']); } } else { //no records //put links on page to reset form, exit echo ' <div align="center"><h3>No such administrator.</h3></div> <div align="center"><a href="' . $config->adminDashboard . '">Exit To Admin</a></div> '; } $config->loadhead = ' <script type="text/javascript" src="<?php echo VIRTUAL_PATH; ?>include/util.js"></script> <script type="text/javascript"> function checkForm(thisForm) {//check form data for valid info if(empty(thisForm.FirstName,"Please enter first name.")){return false;} if(empty(thisForm.LastName,"Please enter last name.")){return false;} if(!isEmail(thisForm.Email,"Please enter a valid Email Address")){return false;} return true;//if all is passed, submit! } </script> '; get_header(); echo ' <h3 align="center">Edit Administrator</h3> <form action="' . $config->adminEdit . '" method="post" onsubmit="return checkForm(this);"> <table align="center"> <tr> <td align="right">First Name</td> <td> <input type="text" name="FirstName" value="' . $FirstName . '" /> <font color="red"><b>*</b></font> </td> </tr> <tr> <td align="right">Last Name</td> <td> <input type="text" name="LastName" value="' . $LastName . '" /> <font color="red"><b>*</b></font> </td> </tr> <tr> <td align="right">Email</td> <td> <input type="text" name="Email" value="' . $Email . '" /> <font color="red"><b>*</b></font> </td> </tr> '; if ($_SESSION["Privilege"] == "developer" || $_SESSION["Privilege"] == "superadmin") { # uses createSelect() function to preload the select option echo ' <tr> <td align="right">Privilege</td> <td> '; # createSelect(element-type,element-name,values-array,db-array,labels-array,concatentator) - creates preloaded radio, select, checkbox set createSelect("select", "Privilege", $privileges, $Privilege, $privileges, ","); #privileges is from ENUM echo ' </td> </tr>'; } else { echo '<input type="hidden" name="Privilege" value="' . $_SESSION["Privilege"] . '" />'; } echo ' <input type="hidden" name="AdminID" value="', $myID . '" /> <input type="hidden" name="act" value="update" /> <tr> <td align="center" colspan="2"> <input type="submit" value="Update Admin" /> <em>(<font color="red"><b>*</b> required field</font>)</em> </td> </tr> </table> </form> <div align="center"><a href="' . $config->adminDashboard . '">Exit To Admin</a></div> '; @mysql_free_result($result); //free resources get_footer(); }
$foundRecord = FALSE; # Will change to true, if record found! # connection comes first in mysqli (improved) function $result = mysqli_query(IDB::conn(),$sql) or die(trigger_error(mysqli_error(IDB::conn()), E_USER_ERROR)); if(mysqli_num_rows($result) > 0) {#records exist - process $foundRecord = TRUE; while ($row = mysqli_fetch_assoc($result)) { $MuffinName = dbOut($row['MuffinName']); $Description = dbOut($row['Description']); $Price = (float)$row['Price']; $MetaDescription = dbOut($row['MetaDescription']); $MetaKeywords = dbOut($row['MetaKeywords']); } } @mysqli_free_result($result); # We're done with the data! if($foundRecord) {#only load data if record found $config->titleTag = $MuffinName . " muffins made with PHP & love!"; #overwrite PageTitle with Muffin info! #Fills <meta> tags. Currently we're adding to the existing meta tags in config_inc.php $config->metaDescription = $MetaDescription . ' Seattle Central\'s ITC280 Class Muffins are made with pure PHP! ' . $config->metaDescription; $config->metaKeywords = $MetaKeywords . ',Muffins,PHP,Fun,Bran,Regular,Regular Expressions,'. $config->metaKeywords; } /* $config->metaDescription = 'Web Database ITC281 class website.'; #Fills <meta> tags. $config->metaKeywords = 'SCCC,Seattle Central,ITC281,database,mysql,php';
echo '<table align="center" border="1" style="border-collapse:collapse" cellpadding="3" cellspacing="3">'; echo '<tr> <th>SurveyID</th> <th>DateAdded</th> <th>Title</th> <th>Description</th> <th>AdminName</th> </tr> <tr> <td> <a href="' . VIRTUAL_PATH . 'surveys/survey_view.php?id=' . (int) $row['SurveyID'] . '">' . dbOut($row['SurveyID']) . '</a> </td> <td>' . dbOut($row['DateAdded']) . '</td> <td>' . dbOut($row['Title']) . '</td> <td>' . dbOut($row['Description']) . '</td> <td>' . dbOut($row['AdminName']) . '</td> </tr> '; //. (int)$row['SurveyID'] . } echo '</table>'; echo $myPager->showNAV(); # show paging nav, only if enough records } else { #no records echo "<div align=center>I'm sorry, there are currently no surveys.</div>"; } @mysqli_free_result($result); get_footer(); #defaults to theme footer or footer_inc.php
$next = '<img src="' . VIRTUAL_PATH . 'images/arrow_next.gif" border="0" />'; #Create a connection # connection comes first in mysqli (improved) function $iConn = @mysqli_connect(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME) or die(myerror(__FILE__, __LINE__, mysqli_connect_error())); # Create instance of new 'pager' class $myPager = new Pager(5, '', $prev, $next, ''); $sql = $myPager->loadSQL($sql, $iConn); #load SQL, pass in existing connection, add offset $result = mysqli_query($iConn, $sql) or die(myerror(__FILE__, __LINE__, mysqli_error($iConn))); if (mysqli_num_rows($result) > 0) { #records exist - process if ($myPager->showTotal() == 1) { $itemz = "beer"; } else { $itemz = "beers"; } //deal with plural echo '<div align="center">We have ' . $myPager->showTotal() . ' ' . $itemz . '!</div>'; while ($row = mysqli_fetch_assoc($result)) { # process each row echo '<div align="center"><a href="' . VIRTUAL_PATH . 'beers_view.php?id=' . (int) $row['BeerID'] . '">' . dbOut($row['Beer']) . '</a>'; echo ' <i>Alcohol Content:</i> <font color="red">$' . number_format((double) $row['AlcoholContent'], 2) . '%</font></div>'; } echo $myPager->showNAV(); # show paging nav, only if enough records } else { #no records echo "<div align=center>What! No beers? There must be a mistake!!</div>"; } @mysqli_free_result($result); include 'include/footer.php';
function showFavorites() { //Select Favorites global $config; get_header(); echo '<h3 align="center">' . smartTitle() . '</h3>'; //$sql = "select CustomerID,FirstName,LastName,Email from test_Customers"; $sql = "select `FavoriteID`, `LastName`, `FirstName`, `Email`, `Title`, `URL`, `Description`, `Category`, `DateAdded` from sp15_Favorites"; $result = mysqli_query(IDB::conn(), $sql) or die(trigger_error(mysqli_error(IDB::conn()), E_USER_ERROR)); if (mysqli_num_rows($result) > 0) { //show results echo '<table align="center" border="1" style="border-collapse:collapse" cellpadding="3" cellspacing="3">'; echo '<tr> <th>FavoriteID</th> <th>LastName</th> <th>FirstName</th> <th>Email</th> <th>Title</th> <th>URL</th> <th>Description</th> <th>Category</th> <th>DateAdded</th> </tr> '; while ($row = mysqli_fetch_assoc($result)) { //dbOut() function is a 'wrapper' designed to strip slashes, etc. of data leaving db echo '<tr> <td>' . (int) $row['FavoriteID'] . '</td> <td>' . dbOut($row['FirstName']) . '</td> <td>' . dbOut($row['LastName']) . '</td> <td>' . dbOut($row['Email']) . '</td> <td>' . dbOut($row['Title']) . '</td> <td>' . dbOut($row['URL']) . '</td> <td>' . dbOut($row['Description']) . '</td> <td>' . dbOut($row['Category']) . '</td> <td>' . dbOut($row['DateAdded']) . '</td> </tr> '; } echo '</table>'; } else { //no records echo '<div align="center"><h3>Currently No Favorites in Database.</h3></div>'; } echo '<div align="center"><a href="' . THIS_PAGE . '?act=add">ADD FAVORITES</a></div>'; @mysqli_free_result($result); //free resources get_footer(); }
function editDisplay() { global $config; if ($_SESSION["Privilege"] == "admin") { #use session data if logged in as admin only $myID = (int) $_SESSION['AdminID']; } else { if (isset($_POST['AdminID']) && (int) $_POST['AdminID'] > 0) { $myID = (int) $_POST['AdminID']; #Convert to integer, will equate to zero if fails } else { feedback("AdminID not numeric", "error"); myRedirect($config->adminReset); } } $config->loadhead = ' <script type="text/javascript" src="' . VIRTUAL_PATH . 'include/util.js"></script> <script type="text/javascript"> function checkForm(thisForm) {//check form data for valid info if(!isAlphanumeric(thisForm.PWord1,"Only alphanumeric characters are allowed for passwords.")){thisForm.PWord2.value="";return false;} if(!correctLength(thisForm.PWord1,6,20,"Password does not meet the following requirements:")){thisForm.PWord2.value="";return false;} if(thisForm.PWord1.value != thisForm.PWord2.value) {//match password fields alert("Password fields do not match."); thisForm.PWord1.value = ""; thisForm.PWord2.value = ""; thisForm.PWord1.focus(); return false; } return true;//if all is passed, submit! } </script> '; get_header(); $myConn = conn('', FALSE); $sql = sprintf("select AdminID,FirstName,LastName,Email,Privilege from " . PREFIX . "Admin WHERE AdminID=%d", $myID); $result = @mysql_query($sql, $myConn) or die(trigger_error(mysql_error(), E_USER_ERROR)); if (mysql_num_rows($result) > 0) { //show results while ($row = mysql_fetch_array($result)) { //dbOut() function is a 'wrapper' designed to strip slashes, etc. of data leaving db $Name = dbOut($row['FirstName']) . ' ' . dbOut($row['LastName']); $Email = dbOut($row['Email']); $Privilege = dbOut($row['Privilege']); } } else { //no records //put links on page to reset form, exit echo ' <div align="center"><h3>No such administrator.</h3></div> <div align="center"><a href="' . $config->adminDashboard . '">Exit To Admin</a></div> '; } echo ' <h3 align="center">Reset Administrator Password</h3> <p align="center"> Admin: <font color="red"><b>' . $Name . '</b></font> Email: <font color="red"><b>' . $Email . '</b></font> Privilege: <font color="red"><b>' . $Privilege . '</b></font> </p> <p align="center">Be sure to write down password!!</p> <form action="' . $config->adminReset . '" method="post" onsubmit="return checkForm(this);"> <table align="center"> <tr> <td align="right">Password</td> <td> <input type="password" name="PWord1" /> <font color="red"><b>*</b></font> <em>(6-20 alphanumeric chars)</em> </td> </tr> <tr> <td align="right">Re-enter Password</td> <td> <input type="password" name="PWord2" /> <font color="red"><b>*</b></font> </td> </tr> <tr> <td align="center" colspan="2"> <input type="hidden" name="AdminID" value="' . $myID . '" /> <input type="hidden" name="act" value="update" /> <input type="submit" value="Reset Password!" /> <em>(<font color="red"><b>*</b> required field</font>)</em> </td> </tr> </table> </form> <div align="center"><a href="' . $config->adminDashboard . '">Exit To Admin</a></div> '; @mysql_free_result($result); #free resources get_footer(); }
$next = '<img src="' . VIRTUAL_PATH . 'images/arrow_next.gif" border="0" />'; # Create instance of new 'pager' class $myPager = new Pager(10, '', $prev, $next, ''); $sql = $myPager->loadSQL($sql); #load SQL, add offset # connection comes first in mysqli (improved) function $result = mysqli_query(IDB::conn(), $sql) or die(trigger_error(mysqli_error(IDB::conn()), E_USER_ERROR)); if (mysqli_num_rows($result) > 0) { #records exist - process if ($myPager->showTotal() == 1) { $itemz = "survey"; } else { $itemz = "surveys"; } //deal with plural echo '<div align="center">We have ' . $myPager->showTotal() . ' ' . $itemz . '!</div>'; while ($row = mysqli_fetch_assoc($result)) { # process each row echo '<div align="center"><a href="' . (int) $row['SurveyID'] . '" class="ajax">' . dbOut($row['Title']) . '</a>'; echo '</div>'; echo '<div class="survey" align="center" id="d' . (int) $row['SurveyID'] . '"> </div>'; } echo $myPager->showNAV(); # show paging nav, only if enough records } else { #no records echo "<div align=center>What! No surveys? There must be a mistake!!</div>"; } @mysqli_free_result($result); get_footer(); #defaults to theme footer or footer_inc.php
function editDisplay($nav1 = '') { if ($_SESSION["Privilege"] == "admin") { #use session data if logged in as admin only $myID = (int) $_SESSION['AdminID']; } else { if (isset($_POST['AdminID']) && (int) $_POST['AdminID'] > 0) { $myID = (int) $_POST['AdminID']; #Convert to integer, will equate to zero if fails } else { header('Location:' . ADMIN_PATH . THIS_PAGE); die; } } $iConn = @mysqli_connect(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME) or die(myerror(__FILE__, __LINE__, mysqli_connect_error())); $sql = sprintf("select FirstName,LastName,Email,Privilege from " . PREFIX . "Admin WHERE AdminID=%d", $myID); $result = @mysqli_query($iConn, $sql) or die(myerror(__FILE__, __LINE__, mysqli_error($iConn))); if (mysqli_num_rows($result) > 0) { //show results while ($row = mysqli_fetch_array($result)) { //dbOut() function is a 'wrapper' designed to strip slashes, etc. of data leaving db $FirstName = dbOut($row['FirstName']); $LastName = dbOut($row['LastName']); $Email = dbOut($row['Email']); $Privilege = dbOut($row['Privilege']); } } else { //no records //put links on page to reset form, exit echo ' <p align="center"><h3>No such administrator.</h3></p> <p align="center"><a href="' . ADMIN_PATH . 'admin_dashboard.php">Exit To Admin</a></p> '; } $loadhead = ' <script type="text/javascript" src="' . VIRTUAL_PATH . 'include/util.js"></script> <script type="text/javascript"> function checkForm(thisForm) {//check form data for valid info if(empty(thisForm.FirstName,"Please enter first name.")){return false;} if(empty(thisForm.LastName,"Please enter last name.")){return false;} if(!isEmail(thisForm.Email,"Please enter a valid Email Address")){return false;} return true;//if all is passed, submit! } </script> '; include INCLUDE_PATH . 'header.php'; echo ' <h1>Edit Administrator</h1> <form action="' . ADMIN_PATH . THIS_PAGE . '" method="post" onsubmit="return checkForm(this);"> <table align="center"> <tr> <td align="right">First Name</td> <td> <input type="text" autofocus required name="FirstName" value="' . $FirstName . '" /> <font color="red"><b>*</b></font> </td> </tr> <tr> <td align="right">Last Name</td> <td> <input type="text" required name="LastName" value="' . $LastName . '" /> <font color="red"><b>*</b></font> </td> </tr> <tr> <td align="right">Email</td> <td> <input type="email" required name="Email" value="' . $Email . '" /> <font color="red"><b>*</b></font> </td> </tr> '; if ($_SESSION["Privilege"] == "developer" || $_SESSION["Privilege"] == "superadmin") { # uses returnSelect() function to preload the select option echo ' <tr> <td align="right">Privilege</td> <td> '; #creates preloaded radio, select, checkbox set $privileges = getENUM(PREFIX . 'Admin', 'Privilege', $iConn); #grab all possible 'Privileges' from ENUM echo returnSelect("select", "Privilege", $privileges, "", $privileges, ","); echo ' </td> </tr>'; } else { echo '<input type="hidden" name="Privilege" value="' . $_SESSION["Privilege"] . '" />'; } echo ' <input type="hidden" name="AdminID" value="', $myID . '" /> <input type="hidden" name="act" value="update" /> <tr> <td align="center" colspan="2"> <input type="submit" value="Update Admin" /> <em>(<font color="red"><b>*</b> required field</font>)</em> </td> </tr> </table> </form> <p align="center"><a href="' . ADMIN_PATH . 'admin_dashboard.php">Exit To Admin</a></p> '; @mysqli_free_result($result); @mysqli_close($iConn); include INCLUDE_PATH . 'footer.php'; }
<p>This page shows the list of news categories that we offer!</p> <p>Click any category to show news feeds available in that category.</p> <!--<p>This page, along with <b>demo_view.php</b>, demonstrate a List/View web application.</p> <p>It was built on the mysql shared web application page, <b>demo_shared.php</b></p> <p>This page is the entry point of the application, meaning this page gets a link on your web site. Since the current subject is muffins, we could name the link something clever like <a href="<?php echo VIRTUAL_PATH; ?> demo_list.php">Muffins</a></p> <p>Use <b>demo_list.php</b> and <b>demo_view.php</b> as a starting point for building your own List/View web application!</p>--> <?php # connection comes first in mysqli (improved) function $result = mysqli_query(IDB::conn(), $sql) or die(trigger_error(mysqli_error(IDB::conn()), E_USER_ERROR)); /** * * RESULTS HERE * */ if (mysqli_num_rows($result) > 0) { #records exist - process while ($row = mysqli_fetch_assoc($result)) { # process each row echo '<div align="center"><a href="' . VIRTUAL_PATH . 'feed/news_view.php?id=' . (int) $row['CategoryID'] . '">' . dbOut($row['CategoryName']) . '</a>'; } } else { #no records echo "<div align=center>No Records Found.</div>"; } @mysqli_free_result($result); get_footer(); #defaults to theme footer or footer_inc.php
$sql = $myPager->loadSQL($sql, $iConn); #load SQL, pass in existing connection, add offset $result = mysqli_query($iConn, $sql) or die(myerror(__FILE__, __LINE__, mysqli_error($iConn))); if (mysqli_num_rows($result) > 0) { #records exist - process if ($myPager->showTotal() == 1) { $itemz = "workout"; } else { $itemz = "workouts"; } //deal with plural echo '<p align="center"><b>We have ' . $myPager->showTotal() . ' ' . $itemz . '!</b></p>'; while ($row = mysqli_fetch_assoc($result)) { # process each row echo '<p align="center">'; echo 'Workout Name: <b>' . $row['WorkoutName'] . '</b> '; echo 'Workout Type: <b>' . $row['WorkoutType'] . '</b> '; echo '<a href="' . VIRTUAL_PATH . 'workout_view.php?id=' . (int) $row['WorkoutID'] . '">' . dbOut($row['WorkoutName']) . '</a>'; echo '</p>'; } //the showNAV() method defaults to a div, which blows up in our design //echo $myPager->showNAV();//show pager if enough records //the version below adds the optional bookends to remove the div design problem echo $myPager->showNAV('<p align="center">', '</p>'); } else { #no records echo "<p align=center>Currently no workouts available</p>"; } @mysqli_free_result($result); @mysqli_close($iConn); include 'includes/footer.php';
$myPager = new Pager(2, '', $prev, $next, ''); # Create instance of new 'pager' class $sql = $myPager->loadSQL($sql); #load SQL, add offset # connection comes first in mysqli (improved) function $result = mysqli_query(IDB::conn(), $sql) or die(trigger_error(mysqli_error(IDB::conn()), E_USER_ERROR)); if (mysqli_num_rows($result) > 0) { #records exist - process if ($myPager->showTotal() == 1) { $itemz = "muffin"; } else { $itemz = "muffins"; } //deal with plural echo '<div align="center">We have ' . $myPager->showTotal() . ' ' . $itemz . '!</div>'; while ($row = mysqli_fetch_assoc($result)) { # process each row echo '<div align="center">'; echo '<img src="' . VIRTUAL_PATH . 'upload/m' . dbOut($row['MuffinID']) . '_thumb.jpg" />'; echo '<a href="' . VIRTUAL_PATH . 'demo/demo_view_upload.php?id=' . dbOut($row['MuffinID']) . '">' . dbOut($row['MuffinName']) . '</a>'; echo ' <i>only</i> <font color="red">$' . dbOut($row['Price']) . '</font></div>'; } echo $myPager->showNAV(); # show paging nav, only if enough records } else { #no records echo "<div align=center>What! No muffins? There must be a mistake!!</div>"; } @mysqli_free_result($result); get_footer(); #defaults to theme footer or footer_inc.php
/** * Constructor for survey class * * Loads data from survey table * * @param in $id number of current survey * @return void * @todo none */ public function __construct($id) { $id = (int) $id; #cast to integer if ($id < 1) { return false; } // Don't hit the db if zero $sql = "select Title, Description from sp15_surveys where SurveyID={$id}"; $result = mysqli_query(IDB::conn(), $sql) or die(trigger_error(mysqli_error(IDB::conn()), E_USER_ERROR)); if (mysqli_num_rows($result) > 0) { #there are records - present data while ($row = mysqli_fetch_assoc($result)) { # pull data from associative array $this->Title = dbOut($row['Title']); $this->Description = dbOut($row['Description']); $this->SurveyID = $id; $this->isValid = true; } # Endwhile } # Endif @mysqli_free_result($result); $sql = "select q.QuestionID, q.Question, q.Description from sp15_questions q inner join sp15_surveys s on s.SurveyID = q.SurveyID where s.SurveyID = {$id}"; $result = mysqli_query(IDB::conn(), $sql) or die(trigger_error(mysqli_error(IDB::conn()), E_USER_ERROR)); if (mysqli_num_rows($result) > 0) { #there are records - present data while ($row = mysqli_fetch_assoc($result)) { # pull data from associative array $this->aQuestions[] = new Question(dbOut($row['QuestionID']), dbOut($row['Question']), dbOut($row['Description'])); /* $this->Title = dbOut($row['Title']); $this->Description = dbOut($row['Description']); $this->SurveyID = $id; $this->isValid = true; */ } # Endwhile } # Endif @mysqli_free_result($result); }
$myPager = new Pager(2, '', $prev, $next, ''); $sql = $myPager->loadSQL($sql, $iConn); #load SQL, pass in existing connection, add offset $result = mysqli_query($iConn, $sql) or die(myerror(__FILE__, __LINE__, mysqli_error($iConn))); if (mysqli_num_rows($result) > 0) { #records exist - process if ($myPager->showTotal() == 1) { $itemz = "customer"; } else { $itemz = "customers"; } //deal with plural echo '<p align="center">We have ' . $myPager->showTotal() . ' ' . $itemz . '!</p>'; while ($row = mysqli_fetch_assoc($result)) { # process each row echo '<p align="center"> <a href="' . VIRTUAL_PATH . 'customer_view.php?id=' . (int) $row['CustomerID'] . '">' . dbOut($row['FirstName']) . '</a> </p>'; } //the showNAV() method defaults to a div, which blows up in our design echo $myPager->showNAV(); //show pager if enough records //the version below adds the optional bookends to remove the div design problem //echo $myPager->showNAV('<p align="center">','</p>'); } else { #no records echo "<p align=center>What! No Customers? There must be a mistake!!</p>"; } @mysqli_free_result($result); @mysqli_close($iConn); include 'includes/footer.php';
# Will change to true, if record found! # connection comes first in mysqli (improved) function $iConn = @mysqli_connect(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME) or die(myerror(__FILE__, __LINE__, mysqli_connect_error())); $result = mysqli_query($iConn, $sql) or die(myerror(__FILE__, __LINE__, mysqli_error($iConn))); if (mysqli_num_rows($result) > 0) { #records exist - process $foundRecord = TRUE; while ($row = mysqli_fetch_assoc($result)) { $Beer = dbOut($row['Beer']); $Category = dbOut($row['Category']); $Style = dbOut($row['Style']); $Brewer = dbOut($row['Brewer']); $Appearance = dbOut($row['Appearance']); $Description = dbOut($row['Description']); $AlcoholContent = (double) $row['AlcoholContent']; $Calories = dbOut($row['Calories']); } } @mysqli_free_result($result); # We're done with the data! if ($foundRecord) { #only load data if record found $title = $Beer . "A Selection of Top-Rated Beers"; #overwrite title with info! } # END CONFIG AREA ---------------------------------------------------------- include 'include/header.php'; #header must appear before any HTML is printed by PHP ?> <h3 align="center"><?php echo THIS_PAGE;
$sql = "select BeerID, Beer, AlcoholContent from Beers"; #Fills <title> tag $title = 'A Selection of Top-Rated Beers'; # END CONFIG AREA ---------------------------------------------------------- include 'include/header.php'; #header must appear before any HTML is printed by PHP ?> <h3 align="center"><?php echo THIS_PAGE; ?> </h3> <p>This page, along with <b>beers_view.php</b>, demonstrate a List/View web application.</p> <?php # connection comes first in mysqli (improved) function $iConn = @mysqli_connect(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME) or die(myerror(__FILE__, __LINE__, mysqli_connect_error())); $result = mysqli_query($iConn, $sql) or die(myerror(__FILE__, __LINE__, mysqli_error($iConn))); if (mysqli_num_rows($result) > 0) { #records exist - process while ($row = mysqli_fetch_assoc($result)) { # process each row echo '<div align="center"><b><a href="beers_view.php?id=' . (int) $row['BeerID'] . '">' . dbOut($row['Beer']) . '</b></a>'; echo ' <i>Alcohol By Volume:</i> <font color="red">' . number_format((double) $row['AlcoholContent'], 2) . '%</font></div>'; } } else { #no records echo "<div align=center>What! No beers? There must be a mistake!!</div>"; } @mysqli_free_result($result); include 'include/footer.php';
} echo '<div align="center">We have ' . $myPager->showTotal() . ' ' . $itemz . '!</div>'; $tdWidth = number_format(100 / COLS, 0); # Here we determine the number of columns we'll be using $pos = 0; echo '<table align="center" border="0" width="90%" style="border-collapse:collapse" cellpadding="2" cellspacing="2"><tr>'; while ($row = mysqli_fetch_assoc($result)) { //dbOut() function is a 'wrapper' designed to strip slashes, etc. of data leaving db $pos++; #creates a meaningful image prefix out of table name and name of item $imagePrefix = createImagePrefix('muffins', dbOut($row['MuffinName'])); echo '<td width="' . $tdWidth . '%"><div class="myborder">'; echo '<img src="' . VIRTUAL_PATH . 'upload/' . $imagePrefix . dbOut($row['MuffinID']) . '_thumb.jpg" hspace="5" vspace="5" align="middle" />'; echo '<a href="' . VIRTUAL_PATH . 'demo/demo_view_meaningful.php?id=' . dbOut($row['MuffinID']) . '">' . dbOut($row['MuffinName']) . '</a>'; echo ' <i>only</i> <font color="red">$' . money_format("%(#10n", dbOut($row['Price'])) . '</font><br />'; echo dbOut($row['Description']) . '</div></td>'; if ($pos % COLS === 0 && is_array($row)) { echo '</tr><tr>'; } } while ($pos % COLS) { //loop to fill in final row echo '<td> </td>'; $pos++; } echo "</tr></table>"; echo $myPager->showNAV(); //show paging nav, only if enough records } else { #no records echo "<div align=center>What! No muffins? There must be a mistake!!</div>";
function editDisplay() { # shows details from a single customer, and preloads their first name in a form. global $config; if (!is_numeric($_POST['CustomerID'])) { //data must be alphanumeric only feedback("id passed was not a number. (error code #" . createErrorCode(THIS_PAGE, __LINE__) . ")", "error"); myRedirect(THIS_PAGE); } $myID = (int) $_POST['CustomerID']; //forcibly convert to integer $sql = sprintf("select CustomerID,FirstName,LastName,Email from test_Customers WHERE CustomerID=%d", $myID); $result = mysqli_query(IDB::conn(), $sql) or die(trigger_error(mysqli_error(IDB::conn()), E_USER_ERROR)); if (mysqli_num_rows($result) > 0) { //show results while ($row = mysqli_fetch_array($result)) { //dbOut() function is a 'wrapper' designed to strip slashes, etc. of data leaving db $Name = dbOut($row['FirstName']) . ' ' . dbOut($row['LastName']); $First = dbOut($row['FirstName']); $Last = dbOut($row['LastName']); $Email = dbOut($row['Email']); } } else { //no records //feedback issue to user/developer feedback("No such customer. (error code #" . createErrorCode(THIS_PAGE, __LINE__) . ")", "error"); myRedirect(THIS_PAGE); } $config->loadhead .= ' <script type="text/javascript" src="' . VIRTUAL_PATH . 'include/util.js"></script> <script type="text/javascript"> function checkForm(thisForm) {//check form data for valid info if(empty(thisForm.FirstName,"Please Enter Customer\'s First Name")){return false;} if(empty(thisForm.LastName,"Please Enter Customer\'s Last Name")){return false;} if(!isEmail(thisForm.Email,"Please Enter a Valid Email")){return false;} return true;//if all is passed, submit! } </script>'; get_header(); echo '<h3 align="center">' . smartTitle() . '</h3> <h4 align="center">Update Customer\'s Name</h4> <p align="center">Customer: <font color="red"><b>' . $Name . '</b> Email: <font color="red"><b>' . $Email . '</b></font> <form action="' . THIS_PAGE . '" method="post" onsubmit="return checkForm(this);"> <table align="center"> <tr><td align="right">First Name</td> <td> <input type="text" name="FirstName" value="' . $First . '"> <font color="red"><b>*</b></font> <em>(alphanumerics & punctuation)</em> </td> </tr> <tr><td align="right">Last Name</td> <td> <input type="text" name="LastName" value="' . $Last . '"> <font color="red"><b>*</b></font> <em>(alphanumerics & punctuation)</em> </td> </tr> <tr><td align="right">Email</td> <td> <input type="text" name="Email" value="' . $Email . '"> <font color="red"><b>*</b></font> <em>(valid email only)</em> </td> </tr> <input type="hidden" name="CustomerID" value="' . $myID . '" /> <input type="hidden" name="act" value="update" /> <tr> <td align="center" colspan="2"> <input type="submit" value="Update Info!"><em>(<font color="red"><b>*</b> required field</font>)</em> </td> </tr> </table> </form> <div align="center"><a href="' . THIS_PAGE . '">Exit Without Update</a></div> '; @mysqli_free_result($result); //free resources get_footer(); }
trigger_error($ex->getMessage(), E_USER_ERROR); } $result = $stmt->fetchAll(); if (count($result) > 0) { #there are records - present data startSession(); #wrapper for session_start() foreach ($result as $row) { # pull data from associative array $AdminID = (int) $row["AdminID"]; # use (int) cast to for conversion to integer $_SESSION["AdminID"] = $AdminID; # create session variables to identify admin $_SESSION["FirstName"] = dbOut($row["FirstName"]); #use dbOut() to clean strings, replace escaped quotes $_SESSION["Privilege"] = dbOut($row["Privilege"]); $NumLogins = (int) $row["NumLogins"]; $NumLogins += 1; # increment number of logins, then prepare to update record! } //update number of logins, last login $sql = "UPDATE " . PREFIX . "Admin set NumLogins=?, LastLogin=NOW() WHERE AdminID=?"; $stmt = $db->prepare($sql); $stmt->bindValue(1, $NumLogins, PDO::PARAM_INT); $stmt->bindValue(2, $AdminID, PDO::PARAM_INT); try { $stmt->execute(); } catch (PDOException $ex) { trigger_error($ex->getMessage(), E_USER_ERROR); } feedback("Login Successful!", "notice");
$prev = '<img src="' . VIRTUAL_PATH . 'images/arrow_prev.gif" border="0" />'; $next = '<img src="' . VIRTUAL_PATH . 'images/arrow_next.gif" border="0" />'; # Create instance of new 'pager' class $myPager = new Pager(10, '', $prev, $next, ''); $sql = $myPager->loadSQL($sql); #load SQL, add offset # connection comes first in mysqli (improved) function $result = mysqli_query(IDB::conn(), $sql) or die(trigger_error(mysqli_error(IDB::conn()), E_USER_ERROR)); if (mysqli_num_rows($result) > 0) { #records exist - process if ($myPager->showTotal() == 1) { $itemz = "survey"; } else { $itemz = "surveys"; } //deal with plural echo '<div align="center">We have ' . $myPager->showTotal() . ' ' . $itemz . '!</div>'; while ($row = mysqli_fetch_assoc($result)) { # process each row echo '<div align="center"><a href="' . VIRTUAL_PATH . 'surveys/survey_view.php?id=' . (int) $row['SurveyID'] . '">' . dbOut($row['Title']) . '</a>'; echo '</div>'; } echo $myPager->showNAV(); # show paging nav, only if enough records } else { #no records echo "<div align=center>There are currently no Surveys. Would you like to create a survey?</div>"; } @mysqli_free_result($result); get_footer(); #defaults to theme footer or footer_inc.php
$prev = '<img src="' . VIRTUAL_PATH . 'images/arrow_prev.gif" border="0" />'; $next = '<img src="' . VIRTUAL_PATH . 'images/arrow_next.gif" border="0" />'; # Create instance of new 'pager' class $myPager = new Pager(2, '', $prev, $next, ''); $sql = $myPager->loadSQL($sql); #load SQL, add offset # connection comes first in mysqli (improved) function $result = mysqli_query(IDB::conn(), $sql) or die(trigger_error(mysqli_error(IDB::conn()), E_USER_ERROR)); if (mysqli_num_rows($result) > 0) { #records exist - process if ($myPager->showTotal() == 1) { $itemz = "muffin"; } else { $itemz = "muffins"; } //deal with plural echo '<div align="center">We have ' . $myPager->showTotal() . ' ' . $itemz . '!</div>'; while ($row = mysqli_fetch_assoc($result)) { # process each row echo '<div align="center"><a href="' . VIRTUAL_PATH . 'demo/demo_view_pager.php?id=' . (int) $row['MuffinID'] . '">' . dbOut($row['MuffinName']) . '</a>'; echo ' <i>only</i> <font color="red">$' . number_format((double) $row['Price'], 2) . '</font></div>'; } echo $myPager->showNAV(); # show paging nav, only if enough records } else { #no records echo "<div align=center>What! No muffins? There must be a mistake!!</div>"; } @mysqli_free_result($result); get_footer(); #defaults to theme footer or footer_inc.php
/** * Constructor for Survey class. * * @param integer $id The unique ID number of the Survey * @return void * @todo none */ function __construct($id) { #constructor sets stage by adding data to an instance of the object $this->SurveyID = (int) $id; if ($this->SurveyID == 0) { return FALSE; } #get Survey data from DB $sql = sprintf("select Title, Description from " . PREFIX . "surveys Where SurveyID =%d", $this->SurveyID); #in mysqli, connection and query are reversed! connection comes first $result = mysqli_query(IDB::conn(), $sql) or die(trigger_error(mysqli_error(IDB::conn()), E_USER_ERROR)); if (mysqli_num_rows($result) > 0) { #Must be a valid survey! $this->isValid = TRUE; while ($row = mysqli_fetch_assoc($result)) { #dbOut() function is a 'wrapper' designed to strip slashes, etc. of data leaving db $this->Title = dbOut($row['Title']); $this->Description = dbOut($row['Description']); } } @mysqli_free_result($result); #free resources if (!$this->isValid) { return; } #exit, as Survey is not valid #attempt to create question objects $sql = sprintf("select QuestionID, Question, Description from " . PREFIX . "questions where SurveyID =%d", $this->SurveyID); $result = mysqli_query(IDB::conn(), $sql) or die(trigger_error(mysqli_error(IDB::conn()), E_USER_ERROR)); if (mysqli_num_rows($result) > 0) { #show results while ($row = mysqli_fetch_assoc($result)) { #create question, and push onto stack! $this->aQuestion[] = new Question(dbOut($row['QuestionID']), dbOut($row['Question']), dbOut($row['Description'])); } } $this->TotalQuestions = count($this->aQuestion); //the count of the aQuestion array is the total number of questions @mysqli_free_result($result); #free resources #attempt to load all Answer objects into cooresponding Question objects $sql = "select a.AnswerID, a.Answer, a.Description, a.QuestionID from \n\t\t" . PREFIX . "surveys s inner join " . PREFIX . "questions q on q.SurveyID=s.SurveyID \n\t\tinner join " . PREFIX . "answers a on a.QuestionID=q.QuestionID \n\t\twhere s.SurveyID = %d \n\t\torder by a.AnswerID asc"; $sql = sprintf($sql, $this->SurveyID); #process SQL $result = mysqli_query(IDB::conn(), $sql) or die(trigger_error(mysqli_error(IDB::conn()), E_USER_ERROR)); if (mysqli_num_rows($result) > 0) { #at least one answer! while ($row = mysqli_fetch_assoc($result)) { #match answers to questions $QuestionID = (int) $row['QuestionID']; #process db var foreach ($this->aQuestion as $question) { #Check db questionID against Question Object ID if ($question->QuestionID == $QuestionID) { $question->TotalAnswers += 1; #increment total number of answers #create answer, and push onto stack! $question->aAnswer[] = new Answer((int) $row['AnswerID'], dbOut($row['Answer']), dbOut($row['Description'])); break; } } } } }
$myPager = new Pager(10, '', $prev, $next, ''); $sql = $myPager->loadSQL($sql, $iConn); #load SQL, pass in existing connection, add offset $result = mysqli_query($iConn, $sql) or die(myerror(__FILE__, __LINE__, mysqli_error($iConn))); if (mysqli_num_rows($result) > 0) { #records exist - process if ($myPager->showTotal() == 1) { $itemz = "record"; } else { $itemz = "records"; } //deal with plural echo '<p align="center">We have ' . $myPager->showTotal() . ' ' . $itemz . '!</p>'; while ($row = mysqli_fetch_assoc($result)) { # process each row echo '<p align="center"> <a href="' . VIRTUAL_PATH . 'record_view.php?id=' . (int) $row['RecordID'] . '">' . dbOut($row['Album']) . '</a> </p>'; } //the showNAV() method defaults to a div, which blows up in our design echo $myPager->showNAV(); //show pager if enough records //the version below adds the optional bookends to remove the div design problem //echo $myPager->showNAV('<p align="center">','</p>'); } else { #no records echo "<p align=center>What! No Records? There must be a mistake!!</p>"; } @mysqli_free_result($result); @mysqli_close($iConn); include 'includes/footer.php';