function CheckLoginInDB($username, $password)
{
if (empty($username) || empty($password)) {
$this->HandleError("Tên đăng nhập / Mật khẩu không được để trống");
return -1;
} else {
//$password = md5($password);
//$connection = mysqli_connect("localhost","root","","tapdoc");
//$query = mysqli_query($connection, "SELECT * FROM taikhoan WHERE tk_TenDangNhap='$username' AND tk_MatKhau = '$password'");
$sql = "SELECT * FROM taikhoan WHERE tk_TenDangNhap='{$username}' AND tk_MatKhau = '{$password}'";
$query = DataProvider::ExecuteQuery($sql);
$rows = mysqli_num_rows($query);
if ($rows == 1) {
$id = -1;
while ($row = $query->fetch_assoc()) {
$id = $row["tk_ID"];
}
//mysqli_close($connection);
return $id;
} else {
$this->HandleError("Tên đăng nhập / Mật khẩu không hợp lệ");
}
//mysqli_close($connection);
}
}
<?php
include_once '../dataconfig/dataprovider.php';
if (isset($_POST["idbt"])) {
if (session_status() == PHP_SESSION_NONE) {
session_start();
}
$uid = $_SESSION['UID'];
$today = date("Y-m-d h:i:s");
$id_BT = $_POST['idbt'];
$score = $_POST['sr'];
$sqlx = "INSERT INTO `lichsubaitap`(`lsbt_TaiKhoan`, `lsbt_BaiTap`, `lsbt_NgayLam`, `lsbt_SoCauDung`, `lsbt_DiemSo`) \n\t\t\tVALUES ({$uid}, {$id_BT}, '{$today}', {$score}, {$score})";
DataProvider::ExecuteQuery($sqlx);
echo "Data saved";
} else {
echo "This is not a POST";
}
</script>
<?php
if (isset($_SESSION['UID']) && isset($_GET['bh'])) {
$userId = $_SESSION['UID'];
$bhId = $_GET['bh'];
// Check history exists
$lichSuBaiHocModel = DataProvider::GetOneRow("select * from lichsubaihoc where lsbh_TaiKhoan={$userId} AND lsbh_BaiHoc={$bhId}");
if ($lichSuBaiHocModel) {
// If exist, update counter
$result = DataProvider::ExecuteQuery("update lichsubaihoc set lsbh_SoLanHoc=lsbh_SoLanHoc+1 where lsbh_ID={$lichSuBaiHocModel['lsbh_ID']}");
//var_dump($result);
//echo 'count';exit;
} else {
// If not exist, insert
$result = DataProvider::ExecuteQuery("insert into lichsubaihoc(`lsbh_TaiKhoan`, `lsbh_BaiHoc`, `lsbh_ThoiGian`, `lsbh_SoLanHoc`) values ({$userId}, {$bhId}, now(), 1)");
//var_dump($result);
//echo 'insert';exit;
}
}
$idBaiHoc = $_GET["bh"];
$idLoaiBaiHoc = $_GET["lbh"];
$result = DataProvider::GetRows("select * from cau where c_BaiHoc = {$idBaiHoc}");
foreach ($result as $value) {
$chon = rand(1, 5);
if ($chon == 1) {
$mau = "blue";
}
if ($chon == 2) {
$mau = "green";
}
<?php
include_once '../dataconfig/dataprovider.php';
$kiememail = $_GET["email"];
$strSQL = "SELECT * FROM taikhoan WHERE tk_TenDangNhap='" . $kiememail . "'";
$resu = DataProvider::ExecuteQuery($strSQL);
$record = DataProvider::ExecuteQueryArray($resu);
if ($record) {
echo "Email đã tồn tại !";
} else {
echo " ";
}
$table = 'server_info_5dayago';
break;
case '6dayago':
$table = 'server_info_6dayago';
break;
case '7dayago':
$table = 'server_info_7dayago';
break;
}
}
if ($tmp[0] == "|") {
$strSQL = "Select * From " . $table . " Where ip_private like '" . substr($tmp, 1) . "'";
} else {
$strSQL = "Select * From " . $table . " Where ip_private like '%{$string}%'";
}
$result = $dp->ExecuteQuery($strSQL);
if ($result) {
if (mysql_num_rows($result) == 0) {
$notfound = "Not Found";
echo "<h2><center>{$notfound}</center></h2>";
} else {
if (mysql_num_rows($result) == 1) {
if (isset($_REQUEST["addbutton"]) && !empty($_REQUEST["product"]) && isset($_REQUEST["ipadd"])) {
$ipadd = $_REQUEST["ipadd"];
$result_add = $dp->UpdateRecord("Update server_info set product = '" . strtoupper($_REQUEST["product"]) . "' where ip_private = '" . $ipadd . "'");
if ($result_add) {
$addret = "<h2><center>Added!</center></h2>";
} else {
$addret = "<h2><center>Error!</center></h2>";
}
}
