public function login($username, $password) { $username = strip_tags($username); $username = stripslashes($username); $username = mysql_real_escape_string($username); $passHash = md5($password); // Applies MD5 encoded hash to the password $connection = new MySQLConnection(); $connection->connect(); $sql = "SELECT * FROM mymembers WHERE my_username = '******' AND my_password = '******' LIMIT 1"; $query = mysql_query($sql); if ($query) { $count = mysql_num_rows($query); } else { die(mysql_error()); } if ($count > 0) { while ($row = mysql_fetch_array($query)) { $_SESSION['username'] = $username; $_SESSION['pw'] = $password; $uid = $row['uid']; session_name($username . $uid); setcookie(session_name(), '', time() + 42000, '/'); $connection->close(); die("login=1"); } die("login=0&error=Invalid username or password"); } else { $connection->close(); die("login=0&error=Invalid username or password"); } }
public function change($newMessage) { $newMessage = strip_tags($newMessage); $newMessage = stripslashes($newMessage); $newMessage = mysql_real_escape_string($newMessage); //$newMessage = eregi_replace( "`", "", $newMessage ); $connection = new MySQLConnection(); $connection->connect(); $uid = $this->uid; $sql = "UPDATE mymembers SET status_message = '{$newMessage}' WHERE uid = {$uid}"; $query = mysql_query($sql); $connection->close(); if ($query) { echo "result=1"; } else { die("result=0"); } }
<?php require_once "classes/MySQLConnection.php"; if (isset($_POST['username'])) { $connection = new MySQLConnection(); $connection->connect(); $username = $_POST['username']; $sql = "SELECT * FROM mymembers WHERE my_username = '******' LIMIT 1"; $query = mysql_query($sql); while ($row = mysql_fetch_array($query)) { $uid = $row['uid']; $xml = '<user id="' . $uid . '">' . "\n"; $xml .= "\t<firstName>" . $row['first_name'] . "</firstName>\n"; $xml .= "\t<lastName>" . $row['last_name'] . "</lastName>\n"; $xml .= "\t<country>" . $row['country'] . "</country>\n"; $xml .= "\t<statusMessage>" . $row['status_message'] . "</statusMessage>\n"; $xml .= "</user>\n"; } echo $xml; $connection->close(); exit; } ?>
<?php $root = realpath($_SERVER["DOCUMENT_ROOT"]); include_once $root . "/Gestarea/util/MySQLConnection.php"; include_once $root . "/Gestarea/modelo/service/ServiceTarea.php"; $msql = new MySQLConnection(); $connection = $msql->getConnection(); $sql = "SELECT ID, FECHA_ALTA, DESCRIPCION, FECHA_INICIO, HORA_INICIO, FECHA_FIN, HORA_FIN, HORAS_TAREA, TOTAL_HORAS FROM TAREA \r\n\t\t\t\tWHERE ID = '1'"; $connection->query($sql); if ($row = $result->num_rows > 0) { echo $row["ID"]; $tarea = new tarea($row["ID"], $row["FECHA_ALTA"], $row["DESCRIPCION"], $row["FECHA_INICIO"], $row["HORA_INICIO"], $row["FECHA_FIN"], $row["HORA_FIN"], $row["HORAS_TAREA"], $row["TOTAL_HORAS"]); } $msql->close();