public static function get_member_menu() { $sql = "SELECT * FROM menu_items WHERE menu_parent_id = '4' ORDER BY orders"; //$sql = "SELECT * FROM menu_items"; $menu_query = mysqli_query(Dbconnection::getConnection(), $sql); $menu_bucket = mysqli_fetch_assoc($menu_query); //return $menu_bucket; do { if ($menu_bucket['menu_item_name']) { echo '<li><a href="home.php?page=' . $menu_bucket['menu_item_name'] . '">' . strtoupper($menu_bucket['menu_item_name']) . '</a></li>'; //echo '<a href="#" class="tag-link-23" title="" style="font-size: 15pt;"> ' //. strtoupper($menu_bucket['menu_item_name']) . ' | </a>'; } else { return false; //echo '<a href="home.php?page=' . $menu_bucket['menu_item_name'] //. '" class="tag-link-23" title="" style="font-size: 15pt;"> ' //. strtoupper($menu_bucket['menu_item_name']) . ' | </a>'; } //echo '<li id="menu-item-223" class="'; //echo DataBucket::echoSelectedClassIfRequestMatches($menu_bucket['menu_item_name']).'php'; //echo '"><a href="index.php?page='.$menu_bucket['menu_item_name'].'">'.$menu_bucket['menu_item_name'].'</a></li>'; } while ($menu_bucket = mysqli_fetch_assoc($menu_query)); //return $get_event_id = $event_by_id_bucket['post_id']; //$get_event_name = $event_by_id_bucket['event_name']; //$get_event_content = $event_by_id_bucket['event_content']; }
public function isUserExist($email) { $qr = mysqli_query(Dbconnection::getConnection(), "SELECT * FROM users WHERE EMAIL = '" . $email . "'"); var_dump($qr); echo $row = mysqli_num_rows($qr); if ($row > 0) { return true; } else { return false; } }
public static function create_event($event_id, $event_title, $event_title, $event_content, $event_image, $event_date, $event_cat_id, $event_user_id, $event_venue, $event_time_stamp, $event_address_1, $event_address_2, $event_state, $event_city, $event_zip) { $dbConnection = Dbconnection::getConnection(); //$result = mysqli_query($dbConnection, "SELECT event_id FROM event WHERE event_name = 'Event::title'"); //print_r($result); $sql = "INSERT INTO zapp_base.event (event_id, event_name, event_heading,\n event_content, e_date, e_image, post_date, event_cat_id, user_id, event_venue,\n event_time, event_address_1, event_address_2, event_state_id, event_zip_code)\n VALUES (NULL, '{$event_title}', '{$event_title}', '{$event_content}',\n '{$event_date}', '{$event_image}', CURRENT_TIMESTAMP, '{$event_cat_id}', '{$event_user_id}', '{$event_venue}', '{$event_date}',\n '{$event_address_1}', '{$event_address_2}', '{$event_state}', '{$event_zip}')"; print_r($sql); if ($event_query = mysqli_query($dbConnection, $sql)) { echo 'enter good'; $elvis = new Elvis(); //$elvis->upload_item_photo($event_image); $elvis->upload_item_photo('asset/img/' . $event_image); } else { echo 'no way jose'; } }
public function get_listings() { $dbConnection = Dbconnection::getConnection(); //$dbConnection = mysqli_connect('localhost', 'root', '', 'zapp_base'); $list_sql = "SELECT * FROM event"; $list_query = mysqli_query($dbConnection, $list_sql); $list_record = mysqli_fetch_assoc($list_query); if (empty($list_record)) { echo "Sorry there are no events in our database"; } else { ?> <?php do { //echo '<a href="index.php?page='.$list_record['event_name'].'"><img src=""'.$list_record['e_image'].'" alt="ek-aanhanger" width="350" height="350" />'; ///display the records echo '<a href="index.php?page=' . $list_record['event_name'] . '"><img src="' . $list_record['e_image'] . '" alt="ek-aanhanger" width="350" height="350">'; //echo '<br/>'; //echo '<a href="../index.php?page='.$list_record['event_name'].'">'.$list_record['event_name'].'</a>'; // echo '<br/>'; } while ($list_record = mysqli_fetch_assoc($list_query)); } }
function get_password($id) { $res = mysqli_query(Dbconnection::getConnection(), "SELECT * FROM users WHERE ID = '" . $id . "'"); $user_data = mysqli_fetch_array($res); //print_r($user_data); $no_rows = mysqli_num_rows($res); if ($no_rows == 1) { //$user_id = $user_data['ID']; //return $username = $user_data['USER_NAME']; return $password = $user_data['PASSWORD']; } }
public function userLogIn($username, $password) { // Sanitize incoming username and password $this->userName = filter_var($username, FILTER_SANITIZE_STRING); $this->passWord = filter_var($password, FILTER_SANITIZE_STRING); // Determine whether an account exists matching this username and password $stmt = self::$dbConnection->prepare("SELECT id FROM {$this->table} WHERE USER_NAME = ? and password = md5(?)"); // Bind the input parameters to the prepared statement $stmt->bind_param('ss', $this->userName, $this->passWord); // Execute the query $stmt->execute(); // Store the result so we can determine how many rows have been returned $stmt->store_result(); if ($stmt->num_rows == 1) { // Bind the returned user ID to the $id variable $stmt->bind_result($id); $stmt->fetch(); // Update the account's last_login column $stmt = self::$dbConnection->prepare("UPDATE {$this->table} SET last_login = NOW() WHERE id = ?"); $stmt->bind_param('d', $id); $stmt->execute(); session_start(); $_SESSION['username'] = $this->userName; $res = mysqli_query(Dbconnection::getConnection(), "SELECT * FROM users WHERE USER_NAME = '" . $this->userName . "' AND PASSWORD = '******'"); $user_data = mysqli_fetch_array($res); //print_r($user_data); $no_rows = mysqli_num_rows($res); if ($no_rows == 1) { $_SESSION['login'] = true; $_SESSION['uid'] = $user_data['ID']; //$_SESSION['username'] = $user_data['USER_NAME']; $_SESSION['email'] = $user_data['EMAIL']; $_SESSION['fristname'] = $user_data['USER_F_NAME']; header('Location: index.php?page=dashboard'); } else { return FALSE; } if ($_SESSION['login'] == true) { header('Location: index.php?page=dashboard'); } // Redirect the user to the home page } }
<?php /** * Created by PhpStorm. * User: munabste * Date: 10/12/2015 * Time: 8:42 AM * * */ include "class/Shipshear.php"; if (isset($_POST['submit'])) { $login = new Users(); $username = mysqli_real_escape_string(Dbconnection::getConnection(), $_POST['username']); $password = mysqli_real_escape_string(Dbconnection::getConnection(), $_POST['password']); $login->userLogIn($username, $password); } ?> <style> body{ margin: 0; } .topper{ width: 100%; background-color: red; height: 2px; } .header-wrapper{ width: 100%; height: 40px;
public function get_page_content($page) { $dbConnection = Dbconnection::getConnection(); //$dbConnection = mysqli_connect('localhost', 'root', '', 'zapp_base'); $content_sql = "SELECT * FROM event WHERE event_name = '{$page}'"; $content_query = mysqli_query($dbConnection, $content_sql); $cont_result = mysqli_fetch_assoc($content_query); echo "<title> The E | " . $cont_result['event_heading'] . "</title>"; echo "<div class='box' style='background-image: url(" . $cont_result['e_image'] . "); width: 500px; height: 500px;'>"; echo "<style> header{background-image: url(" . $cont_result['e_image'] . ");}</style>"; $date = $cont_result['e_date']; echo "<div class='reddate'>"; echo date('F', strtotime($date)); echo "<br/>"; echo "<b style='font-size: 34px;'>" . date('d', strtotime($date)) . "</b>"; echo "</div>"; echo "<div style='float: right;'><h3>" . $cont_result['event_heading'] . "</h3></div>"; echo "</div>"; //echo $cont_result['event_name']; //echo $cont_result['e_image']; //echo "<h3>".$cont_result['event_heading']."</h3>"; echo "<center>" . $cont_result['event_content'] . "</center>"; }