function searchBooks() { if ($_SERVER['REQUEST_METHOD'] != 'POST') { return; } $query = composeQuery(); $connection = connect(); $results = mysql_query($query, $connection); showResults($results); mysql_close($connection); }
function customerLogin() { $query = composeQuery(); $connection = connect(); $results = mysql_query($query, $connection); if (!$results) { die('Could not get authentication information: ' . mysql_error()); } if (mysql_num_rows($results) != 1) { // FIXME die("Login failed!"); } $row = mysql_fetch_assoc($results); setcookie("employee_id", "", time() - 3600); setcookie("customer_id", "{$row['customer_id']}"); setcookie("username", "{$row['username']}"); setcookie("full_name", "{$row['first_name']} {$row['last_name']}"); header("Location: /customer_menu.php"); }
function showMonthlySalesSummary() { if ($_SERVER['REQUEST_METHOD'] != 'POST') { return; } $connection = connect(); if (empty($_POST['month'])) { echo "<p class='center'>Please input a month.</p>"; return; } if (empty($_POST['year'])) { echo "<p class='center'>Please input a year.</p>"; return; } $query = composeQuery(); $results = mysql_query($query, $connection); showResults($results); mysql_close($connection); }
function register() { if ($_SERVER['REQUEST_METHOD'] != 'POST') { return false; } if (!validateRegistration()) { return false; } $query = composeQuery(); $connection = connect(); $result = mysql_query($query, $connection); if (!$result) { echo "<p class='center'>Registration is failed. Please try again.</p>"; mysql_close($connection); return false; } $customer_id = mysql_insert_id($connection); echo "\n <p class='center'>\n Congratulations! You have been registered successfully.\n </p>"; showCustomer($connection, $customer_id); echo "<h3>Go to <a href='/'>Login Page</a></h3>"; mysql_close($connection); return true; }
<?php include '../db.php'; $conn = dbInit(); $query = composeQuery(); #echo "<pre>"; #echo ($query); executeQuery($conn, $query); dbDone($conn); function param($name, $defaultValue) { $p = isset($_GET[$name]) ? $_GET[$name] : null; if (!$p || empty($p)) { $p = $defaultValue; } return $p; } function composeQuery() { $table = param('table', 'trips'); $start_row = param('start_row', 0); $row_count = param('row_count', 10); $sort = ""; $sortParams = param("sort", array()); foreach ($sortParams as $sortSpec) { if ($sort == "") { $sort = " ORDER BY "; } else { $sort .= ", "; } $sort .= rawurldecode($sortSpec);