Esempio n. 1
 public function addClass($class_name, $subject)
     if (value_exists("Classes", "class_name", $class_name)) {
         return false;
     } else {
         db_add("Classes", sprintf("'%s', '%s'", $class_name, $subject));
         $this->class_name = $class_name;
         $this->subject = $subject;
         return true;
Esempio n. 2
 public function createComment($doc_id, $username, $comment_body)
     $comment_id = get_rand_num();
     while (value_exists("Comment", "comment_id", $comment_id)) {
         $comment_id = get_rand_num();
     db_add("Comment", sprintf("'%d', '%d', '%s', '%s', 'false'", $comment_id, $doc_id, $username, mysql_escape_string($comment_body)));
     $this->comment_id = $comment_id;
     $this->doc_id = $doc_id;
     $this->username = $username;
     $this->comment_body = $comment_body;
     $this->blocked = false;
Esempio n. 3
 function createPost($topic_id, $username, $post_content)
     //get random doc_id
     $post_id = get_rand_num();
     while (value_exists("Forum_Post", "post_id", $post_id)) {
         $post_id = get_rand_num();
     db_add("Forum_Post", sprintf("'%d', '%d', '%s', '%s', 'false'", $post_id, $topic_id, $username, $post_content));
     $this->post_id = $post_id;
     $this->topic_id = $topic_id;
     $this->username = $username;
     $this->post_content = $post_content;
     $this->blocked = false;
Esempio n. 4
 function createForum($username, $topic_name, $topic_description)
     //get random doc_id
     $topic_id = get_rand_num();
     while (value_exists("Forum_Topic", "topic_id", $topic_id)) {
         $topic_id = get_rand_num();
     db_add("Forum_Topic", sprintf("'%d', '%s', '%s', '%s', 'false'", $topic_id, $username, $topic_name, $topic_description));
     $this->topic_id = $topic_id;
     $this->username = $username;
     $this->topic_name = $topic_name;
     $this->topic_description = $topic_description;
     $this->blocked = false;
Esempio n. 5
 public function login($username, $password)
     if (value_exists("Registered_User", "username", $username)) {
         $db_val = db_get("Registered_User", "password", "username", $username);
         if (strcmp($password, $db_val['password']) == 0) {
             $role = $this->admin ? "admin" : "registered_user";
             return $role;
         } else {
             return null;
     } else {
         return null;
Esempio n. 6
 private function check_field($field)
     //page_type 分页方式/max_string 每页最大字符
     if (!isset($this->fields[$field]) || value_exists($field, 'id,max_string,page_type')) {
         return FALSE;
     if (defined('IN_ADMIN')) {
         if (value_exists($_SESSION['role'], $this->fields[$field]['unsetroles'])) {
             return FALSE;
     } else {
         $gid = get_cookie('gid');
         if (value_exists($gid, $this->fields[$field]['unsetgids'])) {
             return FALSE;
Esempio n. 7
 public function createDocument($username, $class_name, $subject, $doc_name, $doc_type, $path_to_doc)
     //get random doc_id
     $doc_id = get_rand_num();
     while (value_exists("Document", "doc_id", $doc_id)) {
         $doc_id = get_rand_num();
     $int = 1;
     //get all documents where doc_name similar to $doc_name AND path_to_doc==$path_to_doc
     $query_string = sprintf("SELECT * FROM `Document` WHERE doc_name LIKE '%s%%' AND path_to_doc='%s';", mysql_escape_string($doc_name), mysql_escape_string($path_to_doc));
     $data = get_query($query_string);
     if (isset($data)) {
         //put results into an array
         $doc_list = array();
         while ($row = $data->fetch_assoc()) {
             array_push($doc_list, $row['doc_name']);
         $int = 0;
         $new_doc_name = $doc_name;
         while ($int < $data->num_rows) {
             if (strcmp($doc_list[$int], $new_doc_name) == 0) {
                 $new_doc_name = sprintf("%s%d", $doc_name, $int);
                 $int = 0;
             } else {
     } else {
         $new_doc_name = $doc_name;
     db_add("Document", sprintf("'%d', '%s', '%s', '%s', '%s', '%s', '%s', '0', '0', 'false'", $doc_id, $username, mysql_escape_string($class_name), $subject, mysql_escape_string($new_doc_name), $doc_type, mysql_escape_string($path_to_doc)));
     $this->doc_name = $new_doc_name;
     $this->username = $username;
     $this->class_name = $class_name;
     $this->subject = $subject;
     $this->doc_type = $doc_type;
     $this->path_to_doc = $path_to_doc;
     $this->doc_id = $doc_id;
     $this->blocked = false;
     $this->upvotes = 0;
     $this->downvotes = 0;
Esempio n. 8
 public function login($username, $password)
     if (value_exists("Registered_User", "username", $username)) {
         $db_val = db_get("Registered_User", "password", "username", $username);
         //making sure user is not blocked
         $db_conn = db_conn();
         $query_string = "SELECT * from Registered_User where username='******'";
         $results = mysqli_query($db_conn, $query_string);
         $isBlocked = true;
         while ($result = $results->fetch_assoc()) {
             if ($result['blocked_date'] == NULL) {
                 //if not blocked
                 $isBlocked = false;
             } else {
                 $isBlocked = true;
                 $_SESSION['errorMessage'] = 'This user is blocked!';
                 return null;
                 // do not let the user login
         if (strcmp($password, $db_val['password']) == 0) {
             echo $this->admin;
             $role = $this->admin ? "admin" : "registered_user";
             return $role;
         } else {
             return null;
     } else {
         return null;