public static function getProductById($id, $lang) { $res = DB::doQuery("SELECT t.title, t.description, t.pid, p.price FROM translation t INNER JOIN product p ON t.pid = p.id WHERE p.id = '{$id}' AND t.langcode = '{$lang}'"); if ($res) { $prod = $res->fetch_assoc(); } return $prod; }
public static function deleteCourse($id) { $sql = sprintf("DELETE FROM course\n WHERE course_id = '%d'", $id); $res = DB::doQuery($sql); if (!isset($res) || $res == null) { return false; } return true; }
public static function create($name, $pw) { $name = DB::getInstance()->escape_string($name); $res = DB::doQuery("SELECT * FROM users WHERE name = '{$name}'"); if ($res->num_rows == 0) { $pw = DB::getInstance()->escape_string($pw); $pw = password_hash($pw, PASSWORD_DEFAULT); DB::doQuery("INSERT INTO users (name, pw) VALUES ('{$name}', '{$pw}')"); return true; } return false; }
public static function getOptionsByProduct($productId) { $langCode = $_COOKIE['lang']; $options = array(); $res = DB::doQuery("SELECT o.options_id AS id, o.opt_values AS 'values' , o.name AS name, o.prices AS prices FROM options o \r\n\t\tWHERE o.lang_code = '{$langCode}' AND o.options_id IN (SELECT p.option_id FROM prod_opt p WHERE p.prod_id = '{$productId}')"); if ($res) { while ($option = $res->fetch_object(get_class())) { $option->setValues(explode("|", $option->getValues())); $option->setPrices(explode("|", $option->getPrices())); $options[] = $option; } } return $options; }
public static function checkLogin($email, $password) { $sql = sprintf("SELECT * FROM user WHERE email='%s'", $email); $res = DB::doQuery($sql); if ($res == null || $res->num_rows == 0) { return false; } $row = $res->fetch_assoc(); $hash = $row['pwd_hash']; $salt = $row['pwd_salt']; if (self::getHash($password, $salt) === $hash) { return true; } else { return false; } }
public static function getProductsbyCat($cat, $orderBy = "id") { $lang_code = $_COOKIE['lang']; $orderByStr = ''; if (in_array($orderBy, ['id', 'price', 'name', 'description'])) { $orderByStr = " ORDER BY {$orderBy}"; } $products = array(); $res = DB::doQuery("SELECT p.*, l.name AS 'name', l.description AS 'description' FROM products p LEFT OUTER JOIN products_lang l ON p.id = l.product_id WHERE p.category = '{$cat}' AND l.lang_code = '{$lang_code}' {$orderByStr}"); if ($res) { while ($product = $res->fetch_object(get_class())) { $products[] = $product; } } return $products; }
public static function parseArguments($argv) { $mapinfo = Env::get('mapinfo'); $cache = false; $args = self::arguments($argv); if (isset($args['game'])) { if (!isset($mapinfo[$args['game']])) { show::Event("ERROR", "Game: " . $args['game'] . " doesn't exists, escaping", 1); exit; } if (isset($args['map'])) { if (!isset($mapinfo[$args['game']][$args['map']])) { show::Event("ERROR", "Game: " . $args['game'] . " Map: " . $args['map'] . " doesn't exists, escaping", 1); exit; } $tmp[$args['game']][$args['map']] = $mapinfo[$args['game']][$args['map']]; show::Event("ARGS", "--game=" . $args['game'], 2); show::Event("ARGS", "--map=" . $args['map'], 2); } else { $tmp[$args['game']] = $mapinfo[$args['game']]; show::Event("ARGS", "--game=" . $args['game'], 2); } } else { $visible = ''; $query = "SELECT code FROM hlstats_Games WHERE hidden='0'"; $result = DB::doQuery($query); if (DB::numRows($result)) { while ($row = DB::getAssoc($result)) { foreach ($row as $key => $val) { if (isset($mapinfo[$val])) { $visible .= "{$val}, "; $tmp[$val] = $mapinfo[$val]; } } } } show::Event("GAMES", substr($visible, 0, -2), 2); } if (isset($tmp)) { $mapinfo = $tmp; } if (isset($args['disablecache'])) { $cache = true; show::Event("ARGS", "--disable-cache=true", 2); } else { $cache = false; show::Event("ARGS", "--disable-cache=false", 2); } if (isset($args['ignoreinfected'])) { $ignore_infected = true; show::Event("ARGS", "--ignore-infected=true", 2); } else { $ignore_infected = false; show::Event("ARGS", "--ignore-infected=false", 2); } Env::set('mapinfo', $mapinfo); Env::set('disable_cache', $cache); Env::set('ignore_infected', $ignore_infected); }
<?php require_once '../autoloader.php'; if (isset($_POST['btn-login'])) { $username = DB::getInstance()->real_escape_string(trim($_POST['user_name'])); $upass = DB::getInstance()->real_escape_string(trim($_POST['password'])); $query = DB::doQuery("SELECT * FROM admin WHERE admin_name='{$username}'"); $row = $query->fetch_array(); if (password_verify($upass, $row['password'])) { $_SESSION['admin'] = $row['id']; $_SESSION['adminlogged'] = true; header("Location: index.php"); } else { $msg = "fail"; } } ?> <!DOCTYPE html> <html> <body> <div> <div> <form method="post"> <h2>Admin Login</h2> <?php if (isset($msg)) { echo $msg;
/** * Realizar una consulta y devolver el resultado sin datos * * @param $query string La consulta a realizar * @param $querySource string La función orígen de la consulta * @param array $data Los valores de los parámetros de la consulta * @param $getRawData bool Si se deben de obtener los datos como PDOStatement * @return bool */ public static function getQuery($query, $querySource, array &$data = null, $getRawData = false) { if (empty($query)) { return false; } try { $db = new DB(); $db->_querySource = $querySource; $db->_stData = $data; $db->doQuery($query, $querySource, $getRawData); DB::$lastNumRows = $db->_numRows; } catch (SPException $e) { self::logDBException($query, $e->getMessage(), $e->getCode(), $querySource); self::$txtError = $e->getMessage(); self::$numError = $e->getCode(); return false; } return true; }
public static function update($id, $question, $answerEN, $answerDE) { $sql = "UPDATE exercise SET question='" . $question . "', answer_en='" . $answerEN . "', answer_de='" . $answerDE . "' WHERE exercise_id={$id}"; $res = DB::doQuery($sql); if (!isset($res) || $res == null) { return false; } return true; }
public static function deleteUser($email) { $sql = "DELETE FROM user WHERE email = '{$email}'"; $res = DB::doQuery($sql); return $res != null; }
<?php include_once 'autoloader.php'; include "includes/common.php"; if (isset($_SESSION['userSession']) != "") { header("Location: index.php"); exit; } if (isset($_POST['btn-login'])) { $username = DB::getInstance()->real_escape_string(trim($_POST['user_name'])); $upass = DB::getInstance()->real_escape_string(trim($_POST['password'])); $query = DB::doQuery("SELECT * FROM users WHERE username='******'"); $row = $query->fetch_array(); if (password_verify($upass, $row['password'])) { $_SESSION['userSession'] = $row['user_id']; $_SESSION['logged'] = true; header("Location: index.php"); } else { $msg = $lang['LOG_ALERT']; } } include "includes/header.php"; ?> <div class="signin-form"> <div class="container"> <form class="form-signin" method="post" id="login-form"> <h2 class="form-signin-heading"><?php
public static function clearHistoryTasks($params) { if (isset($params) && isset($params['clearWhat'])) { if ($params['clearWhat'] == 'uncomplete') { $accessUsers = " "; setHook('historyHTML', $accessUsers); $historyData = DB::getArray("?:history", "historyID", "status NOT IN ('completed','error','netError') AND " . $accessUsers . " showUser = '******' "); $error = 'task_cleared'; $errorMsg = 'Task cleared by user'; if (!empty($historyData) && is_array($historyData)) { foreach ($historyData as $key => $history) { updateHistory(array("status" => "error", "error" => $error, 'userIDCleared' => $GLOBALS['userID']), $history['historyID'], array("status" => "error", "errorMsg" => $errorMsg)); } } } elseif ($params['clearWhat'] == 'searchList') { $where = "showUser='******'"; if (!empty($params['dates'])) { $dates = explode('-', $params['dates']); $fromDate = strtotime(trim($dates[0])); $toDate = strtotime(trim($dates[1])); if (!empty($fromDate) && !empty($toDate) && $fromDate != -1 && $toDate != -1) { $toDate += 86399; $where .= " AND microtimeAdded >= " . $fromDate . " AND microtimeAdded <= " . $toDate . " "; } } $getKeyword = ""; if (!empty($params['getKeyword'])) { $keyword = "'" . implode("','", explode(',', $params['getKeyword'])) . "'"; $getKeyword = " AND type IN (" . $keyword . ") "; } if (!empty($params['userID'])) { $where .= " AND userID = '" . $params['userID'] . "' "; } $where2 = " "; if (empty($params['searchByUser'])) { setHook('historyHTML', $where2); } if (trim($where2 . $where . $getKeyword) != "showUser='******'") { $historyIDs = DB::getFields("?:history", "historyID", $where2 . $where . $getKeyword); self::clearHistoryByIDs($historyIDs); // $historyIDs = implode("','", $historyIDs); // DB::delete("?:history", "historyID IN ('".$historyIDs."')"); // DB::delete("?:history_additional_data", "historyID IN ('".$historyIDs."')"); // DB::delete("?:history_raw_details", "historyID IN ('".$historyIDs."')"); } else { DB::delete("?:history", "1"); DB::delete("?:history_additional_data", "1"); DB::delete("?:history_raw_details", "1"); DB::doQuery("OPTIMIZE TABLE `?:history`"); DB::doQuery("OPTIMIZE TABLE `?:history_additional_data`"); DB::doQuery("OPTIMIZE TABLE `?:history_raw_details`"); } } elseif ($params['clearWhat'] == 'autoDeleteLog') { if (!empty($params['time'])) { $where = " microtimeAdded <= '" . $params['time'] . "' "; $accessUsers = " "; setHook('historyHTML', $accessUsers); if ($accessUsers != " ") { $accessUsers = " AND " . $accessUsers; } $historyIDs = DB::getFields("?:history", "historyID", $where . $accessUsers); self::clearHistoryByIDs($historyIDs); // if(!empty($historyIDs)){ // $historyIDs = implode("','", $historyIDs); // DB::delete("?:history", "historyID IN ('".$historyIDs."')"); // DB::delete("?:history_additional_data", "historyID IN ('".$historyIDs."')"); // DB::delete("?:history_raw_details", "historyID IN ('".$historyIDs."')"); // DB::doQuery("OPTIMIZE TABLE `?:history`"); // DB::doQuery("OPTIMIZE TABLE `?:history_additional_data`"); // DB::doQuery("OPTIMIZE TABLE `?:history_raw_details`"); // } if (!empty($params['LastAutoDeleteLogTime'])) { $now = $params['LastAutoDeleteLogTime']; } else { $now = time(); } updateOption('LastAutoDeleteLogTime', $now); } } elseif ($params['clearWhat'] == 'singleAct') { if (!empty($params['actionID'])) { $historyIDs = DB::getFields("?:history", "historyID", "actionID='" . $params['actionID'] . "'"); self::clearHistoryByIDs($historyIDs); } } } }
public static function save($client) { if ($client->isBot()) { // bot client $sql = "INSERT INTO client_connections (session_id, ip_address, http_user_agent, is_bot) VALUES ('" . $client->getSessionId() . "', '" . $client->getIpAddressLong() . "', '" . $client->getUserAgentPlain() . "', TRUE)"; } else { // normal client $clientInfo = $client->getClientInfo(); $osInfo = $client->getOsInfo(); $deviceInfo = $client->getDeviceInfo(); $sql = "INSERT INTO client_connections (session_id, ip_address, country, region, city, latitude, longitude, http_user_agent, is_bot, client_type, client_name, client_version, client_engine, os_name, os_version, device_type, device_brand, device_model) VALUES ('" . $client->getSessionId() . "', '" . $client->getIpAddress() . "', '" . $client->getCountry() . "', '" . $client->getRegion() . "', '" . $client->getCity() . "', '" . $client->getLatitude() . "', '" . $client->getLongitude() . "', '" . $client->getUserAgentPlain() . "', FALSE, '" . $clientInfo['type'] . "', '" . $clientInfo['name'] . "', '" . $clientInfo['version'] . "', '" . $clientInfo['engine'] . "', '" . $osInfo['name'] . "', '" . $osInfo['version'] . "', '" . $deviceInfo['type'] . "', '" . $deviceInfo['brand'] . "', '" . $deviceInfo['model'] . "')"; } $res = DB::doQuery($sql); return isset($res) && $res !== null; }
include "includes/header.php"; if (isset($_POST['btn-signup'])) { $uname = DB::getInstance()->real_escape_string(trim($_POST['user_name'])); $email = DB::getInstance()->real_escape_string(trim($_POST['user_email'])); $upass = DB::getInstance()->real_escape_string(trim($_POST['password'])); $cupass = DB::getInstance()->real_escape_string(trim($_POST['con_password'])); if ($upass == $cupass) { $new_password = password_hash($upass, PASSWORD_DEFAULT); $check_email = DB::doQuery("SELECT email FROM users WHERE email='{$email}'"); $check_usern = DB::doQuery("SELECT username FROM users WHERE username='******'"); $count = $check_email->num_rows; $countusern = $check_usern->num_rows; if ($count == 0) { if ($countusern == 0) { $query = "INSERT INTO users(username,email,password) VALUES('{$uname}','{$email}','{$new_password}')"; if (DB::doQuery($query)) { $msg = $lang['ALERT_OK']; echo "<script type='text/javascript'> swal(\"Wuhuu!\", \"{$msg}\", \"success\");</script>"; } else { $msg = $lang['ALERT_ERR']; echo "<script type='text/javascript'> swal(\"Uups!\", \"{$msg}\", \"error\");</script>"; } } else { $msg = $lang['ALERT_USER']; echo "<script type='text/javascript'> swal(\"Uups!\", \"{$msg}\", \"error\");</script>"; } } else { $msg = $lang['ALERT_EMAIL']; echo "<script type='text/javascript'> swal(\"Hmm\", \"{$msg}\", \"error\");</script>"; } } else {
<?php require_once 'autoloader.php'; if (isset($_SESSION['userSession'])) { $userSess = $_SESSION['userSession']; $user = DB::doQuery("SELECT username FROM users WHERE user_id = '{$userSess}'"); if ($user) { $username = $user->fetch_assoc(); } } if (!isset($_SESSION["cart"])) { $_SESSION["cart"] = new Cart(); } $cart = $_SESSION['cart']; ?> <!DOCTYPE html> <html> <head> <meta charset="UTF-8"> <title>Lu's Cakes</title> <script src="//ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js"></script> <script src="/js/sweetalert.min.js"></script> <script src="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/js/bootstrap.min.js"></script> <link type="text/css" rel="stylesheet" href="/styles/stylesheet.css"> <link rel="stylesheet" type="text/css" href="/styles/sweetalert.css"> <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css"> <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap-theme.min.css"> <link href="favicon.ico" rel="icon" type="image/x-icon" /> </head> <body> <header>
<?php require_once '../autoloader.php'; if (isset($_POST['pid'])) { $pid = $_POST['pid']; $title = $_POST['title']; $description = $_POST['description']; $langcode = $_POST['langcode']; $price = $_POST['price']; DB::doQuery("UPDATE translation SET title='{$title}', description='{$description}' WHERE pid='{$pid}' AND langcode='{$langcode}'"); DB::doQuery("UPDATE product SET price='{$price}' WHERE id='{$pid}'"); header("Location: update.php"); }
<?php require_once 'autoloader.php'; if (isset($_POST['fname'])) { $fname = $_POST['fname']; $lname = $_POST['lname']; $email = $_POST['email']; $street = $_POST['street']; $nr = $_POST['nr']; $zip = $_POST['zip']; $city = $_POST['city']; $ordertext = $_POST['ordertext']; DB::doQuery("INSERT INTO cakeorder (fname, lastname, email, street, houseNr, zip, city, cakeorder) VALUES ('{$fname}', '{$lname}', '{$email}', '{$street}', '{$nr}', '{$zip}', '{$city}', '{$ordertext}')"); }
function checkRawHistoryAndDelete() { $currentTime = mktime(0, 0, 0, date("n"), date("j"), date("Y")); $nextSchedule = getOption('deleteRawHistoryNextSchedule'); if ($currentTime > $nextSchedule) { $nextSchedule = $currentTime + 86400; $thirtyDaysAgo = $currentTime - 30 * 86400; $sql = "DELETE HRD FROM `?:history_raw_details` AS HRD INNER JOIN `?:history` AS H ON HRD.historyID = H.historyID WHERE H.microtimeAdded < '" . $thirtyDaysAgo . "'"; $isDeleted = DB::doQuery($sql); if ($isDeleted) { updateOption('deleteRawHistoryNextSchedule', $nextSchedule); } DB::doQuery("OPTIMIZE TABLE `?:history_raw_details`"); } }
public static function deleteLesson($id) { $sql = sprintf("DELETE FROM lesson\n WHERE lesson_id = '%d'", $id); $res = DB::doQuery($sql); if (!isset($res) || $res == null) { return false; } return true; }