/** * Get the ids and the names of all cities * * @return array with objects */ public function getAllCities() { require '../database_connection/database_connect.php'; $databaseConnection = new DatabaseConnect(); $connection = $databaseConnection->connect(); $stmt = $connection->query("SET NAMES 'utf8';"); $stmt = $connection->prepare("SELECT id, name FROM cities ORDER BY name;"); $stmt->execute(); return $stmt->fetchAll(PDO::FETCH_OBJ); }
function RegisterUser($username, $password, $name, $parentEmail, $avatarSetup, $avatarImage) { include_once '../config/Config.php'; $conn = new DatabaseConnect(); $mysqli = $conn->connect($db_host, $db_username, $db_password, $mysql_db); //check valid email address if entered if (!filter_var($parentEmail, FILTER_VALIDATE_EMAIL) && $parentEmail != null) { echo "Please try your parent's email address again"; die; } $md5_password = md5($password); $hash = md5(rand(1, 10000)); $add = new Child_Functions(); //Function which either adds or creates new family entry $add->childFamilyAdd($parentEmail, $username); //NEED TO INSERT ID NOT USERNAME $queryEmReg = "SELECT '" . $username . "' FROM Child_Account WHERE email ='" . $email . "'"; $emailCheck = $mysqli->query($queryEmReg); if (!mysqli_num_rows($emailCheck) < 1) { echo 'Username already in use'; echo $queryEmReg; } else { $sql = "INSERT INTO Child_Account (Username,Password,Name,ParentsEmail,hash)\n\t\t\t\t\tVALUES (?,?,?,?,?)"; //avatarSetup,avatarImage, $mail = new Child_Functions(); //prepared query statements if ($stmt = $mysqli->prepare($sql)) { $stmt->bind_param("sssss", $username, $md5_password, $name, $parentEmail, $hash); $stmt->execute(); $stmt->bind_result($result); if ($stmt->affected_rows > 0) { echo 'Email sent'; $mail->VerificationParent($parentEmail, $name, $hash); } else { echo 'Error - could not register'; } $stmt->close(); } else { echo 'Failed register child database query'; echo $stmt->errno; } } $connect->close(); }
/** * Selects the images for the most rated 4 landmarks * * @return array Array with arrays of objects */ public function selectLandmarkHomepageItemsImages($type) { $mostRated = $this->selectLandmarkHomepageItems(); $ids = array(); foreach ($mostRated as $value) { $ids[] = (int) $value->id; } require 'database_connection/database_connect.php'; $databaseConnect = new DatabaseConnect(); $connection = $databaseConnect->connect(); $stmt = $connection->query("SET NAMES 'utf8';"); $images = array(); foreach ($ids as $id) { $stmt = $connection->prepare("SELECT image FROM landmark_images WHERE place_id = :id AND type = :type LIMIT 1;"); $stmt->bindParam(':id', $id, PDO::PARAM_INT); $stmt->bindParam(':type', $type, PDO::PARAM_STR); $stmt->execute(); $images["{$id}"] = $stmt->fetch(PDO::FETCH_OBJ); } return $images; }
function RegisterParent($email, $password, $title, $sex, $nickname, $firstname, $lastname) { include_once '../config/Config.php'; $conn = new DatabaseConnect(); $mysqli = $conn->connect($db_host, $db_username, $db_password, $mysql_db); //check valid email address if (!filter_var($email, FILTER_VALIDATE_EMAIL)) { echo "Please enter a valid email address"; die; } else { //md5 level password encryption $md5_password = md5($password); $hash = md5(rand(1, 10000)); $queryEmReg = "SELECT * FROM parents WHERE email ='" . $email . "'"; $emailCheck = $mysqli->query($queryEmReg); if (!mysqli_num_rows($emailCheck) < 1) { echo 'Email address in use'; } else { $sql = "INSERT INTO parents (email,password,title,sex,nickname,firstname,lastname,hash)\n\t\t\t\t\t\tVALUES (?,?,?,?,?,?,?,?)"; $mail = new Parents(); //prepared query statements if ($stmt = $mysqli->prepare($sql)) { $stmt->bind_param("ssssssss", $email, $md5_password, $title, $sex, $nickname, $firstname, $lastname, $hash); $stmt->execute(); $stmt->bind_result($result); if ($stmt->affected_rows > 0) { echo 'Email sent'; $mail->VerificationEmail($email, $firstname, $hash); } else { echo 'Error - could not register'; } $stmt->close(); } else { echo 'Failed query'; } } } $connect->close(); }
<?php include_once '../functions/Parents.php'; include_once '../functions/DatabaseConnect.php'; $conn = new DatabaseConnect(); include '../config/Config.php'; $mysqli = $conn->connect($db_host, $db_username, $db_password, $mysql_db); //if(isset($_GET['email']) && !empty($_GET['email']) AND isset($_GET['hash']) && !empty($_GET['hash'])){ // Verify data //$email = mysql_escape_string($_GET['email']); // Set email variable //$hash = mysql_escape_string($_GET['hash']); // Set hash variable $updatePass = md5(mysql_escape_string($_POST["password"])); $email = '*****@*****.**'; $hash = '4ef30115b941a1bcd71ffebb50c69ece'; $query = "SELECT password FROM parents WHERE email='" . $email . "' AND hash='" . $hash . "' "; if (!($search = $mysqli->query($query))) { echo 'Could not update password: '******'" . $updatePass . "' \n\t\t\tWHERE email ='" . $email . "' \n\t\t\tAND hash='" . $hash . "'"; $mysqli->query($update); echo 'Thank you, your new password has been saved.'; } else { echo 'Could not find account. Please copy and paste link from email in your browser.'; } } mysqli_close($conn);
function taskServer() { include_once '../config/Config.php'; $conn = new DatabaseConnect(); $mysqli = $conn->connect($db_host, $db_username, $db_password, $mysql_db); $time = time() / 86400; $rounded = floor($time); $frequency = 2; date_default_timezone_set("Europe/London"); $time = time() / 86400; $today = round($time); $expiry = round($time + $frequency); $insertTask = "INSERT INTO Child_Tasks (parenttask_id, User, Description, Reward, repeat_frequency, time_of_day, expiry)\n\t\t\t\t\tSELECT id, Child, Description, Reward, repeat_frequency, time_of_day, expiry\n\t\t\t\t\tFROM Parent_Tasks\n\t\t\t\t\tWHERE expiry = '" . $today . "'"; $updateParentExpiry = "UPDATE Parent_Tasks SET expiry = '" . $expiry . "' WHERE expiry = '" . $today . "'"; $updateChildExpiry = "UPDATE Child_Tasks SET expiry = '" . $expiry . "' WHERE expiry = '" . $today . "'"; if ($mysqli->query($insertTask)) { if ($mysqli->query($updateParentExpiry)) { if ($mysqli->query($updateChildExpiry)) { echo 'Set new expiry- both child and parent'; } } } else { echo 'Could not update fields'; } //need to find number of tasks complete/failed for x days, auto destroy tasks, //if today+1 = expiry then delete (deletes after final day) //if completed = 1 before expiry - completed //if completed = 0 before expiry - failed $expired = $expiry + 1; $deleteCompleted = "SELECT FROM Child_Tasks\n\t\t\t\tWHERE completed = 1 AND expiry = '" . $expired . "'"; $deleteFailed = "SELECT FROM Child_Tasks\n\t\t\t\tWHERE completed = 0 AND expiry = '" . $expired . "'"; //check for any expired tasks //seperate failed and completed //count if deleted or completed //delete after counted if ($result = $mysqli->query($deleteCompleted)) { if (mysqli_num_rows($result) > 0) { while ($row = $result->fetch_assoc()) { $countComplete = "UPDATE Parent_Tasks SET Completed = Completed + 1\n\t\t\t\t\t\t\tWHERE id = '" . $row['id'] . "'"; if ($mysqli->query($countComplete)) { echo 'Completed task'; $deleteQuery = "DELETE FROM Child_Tasks WHERE parenttask_id = '" . $row['id'] . "'"; if ($mysqli->query($deleteQuery)) { echo 'Deleted completed task'; } } } } } else { die("N/A: Database Error:" . $mysqli->error . ""); } if ($resultF = $mysqli->query($deleteFailed)) { if (mysqli_num_rows($resultF) > 0) { while ($row = $resultF->fetch_assoc()) { $countDelete = "UPDATE Parent_Tasks SET Failed = Failed + 1\n\t\t\t\t\t\t\tWHERE id = '" . $row['id'] . "'"; if ($mysqli->query($countDelete)) { echo 'Failed task'; $deleteQuery = "DELETE FROM Child_Tasks WHERE parenttask_id = '" . $row['id'] . "'"; if ($mysqli->query($deleteQuery)) { echo 'Deleted failed task'; } } } } } else { die("N/A: Database Error:" . $mysqli->error . ""); } $deleteCompleted = "DELETE FROM Child_Tasks \n\t\t\t\tWHERE completed = 1 AND expiry = '" . $expired . "'"; $deleteFailed = "DELETE FROM Child_Tasks\n\t\t\t\tWHERE completed = 0 AND expiry = '" . $expired . "'"; //have to insert into table which and then delete $query = "SELECT id FROM Child_Tasks WHERE Confirmed = 1"; $updateQuery = "DELETE FROM Child_Tasks WHERE Confirmed = 1"; if ($upd = $mysqli->prepare($updateQuery)) { $upd->bind_param('s', $taskID); $upd->execute(); $upd->bind_result($login); $upd->fetch(); echo ''; } else { echo 'Could not delete task'; } $mysqli->close(); }
/** * Gets the landmarks from given city * * @param int $id * * @return array */ public function searchLandmarkByCity($id) { require '../database_connection/database_connect.php'; $databaseConnect = new DatabaseConnect(); $connection = $databaseConnect->connect(); $stmt = $connection->query("SET NAMES 'utf8';"); $stmt = $connection->prepare("SELECT id, name FROM landmarks WHERE city_id = :id;"); $stmt->bindParam(':id', $id, PDO::PARAM_INT); $stmt->execute(); return $stmt->fetchAll(PDO::FETCH_OBJ); }
function SendCharmsToRelative($parentID, $Charms, $ownEmail) { include_once '../config/Config.php'; $conn = new DatabaseConnect(); $mysqli = $conn->connect($db_host, $db_username, $db_password, $mysql_db); $query = "UPDATE users\n\t\t\t\tSET charms = \n\t\t\t\tWHERE Username = '******'\n\t\t\t\t"; if (!($result = $mysqli->query($query))) { die("N/A: Database Error:" . $mysqli->error . ""); } while ($row = $result->fetch_assoc()) { echo $row['Charms']; } }
/** * Adds the place in the database * * @param array $data The data for the place */ public function addBar($data) { $cityId = (int) $data['city']; $type = $data['types']; $url = trim($data['url']); require '../database_connection/database_connect.php'; $databaseConnect = new DatabaseConnect(); $connection = $databaseConnect->connect(); $stmt = $connection->query("SET NAMES 'utf8';"); $stmt = $connection->prepare("INSERT INTO landmark_restaurants(city_id, type, review) VALUES(:cityId, :type, :url);"); $stmt->bindParam(':type', $type, PDO::PARAM_STR); $stmt->bindParam(':url', $url, PDO::PARAM_STR); $stmt->bindParam(':cityId', $cityId, PDO::PARAM_INT); $stmt->execute(); }
/** * Get the id of the logged in user * * @param string $userName * * @return int */ public function getUserId($userName) { require 'database_connection/database_connect.php'; $databaseConnect = new DatabaseConnect(); $connection = $databaseConnect->connect(); $stmt = $connection->prepare("SELECT id FROM users WHERE username = :userName"); $stmt->bindParam(':userName', $userName, PDO::PARAM_STR); $stmt->execute(); while ($row = $stmt->fetch()) { return $row['id']; } }