public static function selectAll($inStatus, $inOwner, $inPerformer, $inMFrom, $inMTo, $inPFrom, $inPTo, $inRankFrom, $inRankTo) { global $connection; $query = "SELECT Wishes.Status,\r\n\t\tWishes.WishID, \r\n\t\tWishes.OwnerID, \r\n\t\tUsers.FirstName, \r\n\t\tUsers.LastName, \r\n\t\tUsers.Rank, \r\n\t\tWishes.Description, \r\n\t\tWishes.PriceMoney, \r\n\t\tWishes.PricePoints, \r\n\t\tWishRating.PlusMinus \r\n\t\tFROM (Wishes \r\n\t\tJOIN Users ON Wishes.OwnerID=Users.UserID) \r\n\t\tLEFT JOIN WishRating ON WishRating.WishID = Wishes.WishID AND WishRating.UserID = {$_SESSION['UserID']}"; $conditions = array(); if (isset($inStatus)) { if ($inStatus != '') { $conditions[] = "Wishes.Status={$inStatus}"; } } if (isset($inOwner)) { if ($inOwner != '') { $conditions[] = "Wishes.OwnerID={$inOwner}"; } } if (isset($inPerformer)) { if ($inPerformer != '') { $conditions[] = "Wishes.PerformerID={$inPerformer}"; } } if (isset($inMFrom)) { if ($inMFrom != '') { $conditions[] = "Wishes.PriceMoney >={$inMFrom}"; } } if (isset($inMTo)) { if ($inMTo != '') { $conditions[] = "Wishes.PriceMoney <={$inMTo}"; } } if (isset($inPFrom)) { if ($inPFrom != '') { $conditions[] = "Wishes.PricePoints >={$inPFrom}"; } } if (isset($inPTo)) { if ($inPTo != '') { $conditions[] = "Wishes.PricePoints <={$inPTo}"; } } if (isset($inRFrom)) { if ($inRFrom != '') { $conditions[] = "Users.Rank >={$inRFrom}"; } } if (isset($inRTo)) { if ($inRTo != '') { $conditions[] = "Users.Rank <={$inRTo}"; } } if (count($conditions) > 0) { $query .= " WHERE " . implode(' AND ', $conditions); } $query .= " ORDER BY Wishes.CreateTime LIMIT 0,20"; $result = $connection->select($query); $resultArray = array(); while ($row = $result->fetch_assoc()) { $resultArray[] = wishClass::create($row['WishID'], $row['Status'], $row['OwnerID'], $row['FirstName'], $row['LastName'], $row['Rank'], $row['Description'], $row['PriceMoney'], $row['PricePoints'], $row['PlusMinus']); } return $resultArray; }
$action = $_GET['act']; } if ($action == "all") { require_once 'dbConnection.php'; require_once 'wishClass.php'; $connection = new dbConnection(); $status = preg_replace("/[^0-9,.]/", "", $connection->escape($_POST['status'])); $owner = preg_replace("/[^0-9,.]/", "", $connection->escape($_POST['owner'])); $performer = preg_replace("/[^0-9,.]/", "", $connection->escape($_POST['performer'])); $moneyFrom = preg_replace("/[^0-9,.]/", "", $connection->escape($_POST['moneyFrom'])); $moneyTo = preg_replace("/[^0-9,.]/", "", $connection->escape($_POST['moneyTo'])); $pointsFrom = preg_replace("/[^0-9,.]/", "", $connection->escape($_POST['pointsFrom'])); $pointsTo = preg_replace("/[^0-9,.]/", "", $connection->escape($_POST['pointsTo'])); $rankFrom = preg_replace("/[^0-9,.]/", "", $connection->escape($_POST['rankFrom'])); $rankTo = preg_replace("/[^0-9,.]/", "", $connection->escape($_POST['rankTo'])); $wishes = wishClass::selectAll($status, $owner, $performer, $moneyFrom, $moneyTo, $pointsFrom, $pointsTo, $rankFrom, $rankTo); if (!isset($_SESSION['count'])) { $_SESSION['count'] = 0; } foreach ($wishes as $wish) { if (!file_exists("images/profiles/{$wish->ownerId}.jpg")) { $profileImage = 'not-found.png'; } else { $profileImage = $wish->ownerId . '.jpg' . '?' . time(); } if ($wish->status == 0) { $statusHTML = "<div class=\"innerA\"><h3>Active</h3></div>"; } elseif ($wish->status == 2) { $statusHTML = "<div class=\"innerD\"><h3>Done</h3></div>"; } echo <<<HTML
$result = $connection->select("SELECT * FROM Users WHERE UserID = " . $userID); $row = $result->fetch_assoc(); if (!file_exists("images/profiles/{$userID}.jpg")) { $profileImage = 'not-found.png'; } else { $profileImage = $userID . '.jpg' . '?' . time(); } $profileViewType = 'bigProfile'; include 'profileViews.php'; $action = ''; if (isset($_GET['act'])) { $action = $_GET['act']; } if ($action == "create_wish") { echo "<h1>боженьки! ты желание добавил</h1>"; $object = wishClass::save($_POST['description'], $_POST['time'], $_POST['moneyReward'], $_POST['pointsReward']); } ?> </div> <div class="profileBottom"> <div class="left-center" id="profileLeftCenter"> <div id="profileListLeft" class="list"> <div onclick="get_wishez('status=0&owner=<?php echo $userID; ?> ','profileListRight');" class="profileWishezButtons" id="profileActive"><h4>ACTIVE</h4></div> <div onclick="get_wishez('status=2&owner=<?php echo $userID; ?>