/** * @fn login * @short Action method to perform a login. */ function login() { if ($this->request->is_post()) { $conn = Db::get_connection(); $user_factory = new User(); $users = $user_factory->find_all(array('where_clause' => "`username` = '{$conn->escape($_POST['username'])}' AND `password` = '" . md5($_POST['password']) . "'", 'limit' => 1)); if (count($users) > 0) { $user = $users[0]; $expires = $_POST['leave_me_registered'] ? Time::next_year() : Time::tomorrow(); Cookie::set('_u', $user->username, $expires, "/", FALSE); Cookie::set('_uid', md5(Login::magic_phrase . $user->password), $expires, "/", FALSE); // Annotates the login in the database $user_login = new UserLogin(); $user_login->user_id = $user->id; $user_login->performed_at = date("Y-m-d H:i:s"); $user_login->save(); $this->flash(sprintf(l('Welcome, %s'), $user->first), 'info'); // When login is required to access a particular action, we may store controller & action in a session, // perform login, then redirect to the action requested in the first place if (isset($_SESSION['redirect_to'])) { $this->redirect_to(array('controller' => $_SESSION['redirect_to']['controller'], 'action' => $_SESSION['redirect_to']['action'])); } else { $this->redirect_to(array('controller' => 'home')); } Db::close_connection($conn); } else { $this->flash(l('Bad username / password'), 'error'); } } $this->redirect_to(array('action' => 'index')); }
public static function roi_with_timeline($isin, $username, $month_from, $month_to) { $conn = Db::get_connection(); $stock = new Stock(); if (!$stock->find_by_id($isin)) { return; } $portfolio_stock_factory = new PortfolioStock(); $portfolio_stocks = $portfolio_stock_factory->find_all(array('where_clause' => "`isin` = '{$conn->escape($isin)}' " . "AND `utente` = '{$conn->escape($username)}'")); if (count($portfolio_stocks) == 0) { return; } $portfolio_stock = $portfolio_stocks[0]; $quantita = self::quantita_history($isin, $username, $month_from); switch ($stock->tipo) { case 'obbligazione': $investito = $portfolio_stock->prezzo * $portfolio_stock->quantita / 100; break; default: $investito = $portfolio_stock->prezzo * $portfolio_stock->quantita; } $investito = Change::convert($investito, $stock->divisa); $roi = PianificatoreHelper::roi_with_timeline($isin, $quantita, $month_from, $month_to, $investito); foreach ($roi->payments as $payment) { $payment->portfolio_stock = $portfolio_stock; } // print_r($roi); return $roi; }
function index() { $conn = Db::get_connection(); if (isset($_GET['software_name'])) { $software_factory = new Software(); $softwares = $software_factory->find_all(array('where_clause' => "`name` = '{$conn->escape($_GET['software_name'])}' AND (`name` != 'guidatv' OR `type` = 'macosx')", 'limit' => 1)); if (count($softwares) > 0) { $this->software = $softwares[0]; $this->software->has_many('software_releases'); // Sort releases $releases = $this->software->software_releases; usort($releases, array($releases[0], 'sort_releases')); $this->software->release = $releases[0]; $this->software->release->has_many('software_artifacts'); // Horrible hack to enable per-software caching. $_REQUEST['id'] = $this->software->id; } } else { if (isset($_GET['id'])) { $this->software = new Software(); $this->software->find_by_id($_GET['id']); $this->software->has_many('software_releases'); // Sort releases $releases = $this->software->software_releases; usort($releases, array($releases[0], 'sort_releases')); $this->software->release = $releases[0]; $this->software->release->has_many('software_artifacts'); } else { $this->render_error(); } } Db::close_connection($conn); }
protected function get_connection() { if (!isset($this->conn)) { $this->conn = Db::get_connection(); } return $this->conn; }
public static function sql_inner($forms) { $db = Db::get_connection(); $db->exec('SET CHARACTER SET utf8'); $result = $db->prepare($forms[0]); $counter = count($forms); echo $counter; switch ($counter) { case 2: $result->bindParam(':login', $forms['login'], PDO::PARAM_INT); break; case 3: $result->bindParam(':login', $forms['login'], PDO::PARAM_INT); $result->bindParam(':password', $forms['password'], PDO::PARAM_INT); break; case 8: $result->bindParam(':login', $forms['login'], PDO::PARAM_INT); $result->bindParam(':password', $forms['password'], PDO::PARAM_INT); $result->bindParam(':first_name', $forms['first_name'], PDO::PARAM_INT); $result->bindParam(':last_name', $forms['last_name'], PDO::PARAM_INT); $result->bindParam(':surname', $forms['surname'], PDO::PARAM_INT); $result->bindParam(':index', $forms['index'], PDO::PARAM_INT); $result->bindParam(':address', $forms['address'], PDO::PARAM_INT); break; } $result->execute(); return $result; }
public static function refunds($isin, $month_from, $month_to) { $payments = array(); $conn = Db::get_connection(); $stock = new Stock(); if (!$stock->find_by_id($isin)) { return; } switch ($stock->tipo) { case 'azione': break; case 'obbligazione': $bond_factory = new Bond(); $bonds = $bond_factory->find_all(array('where_clause' => "`isin` = '{$conn->escape($isin)}' " . "AND `scadenza` >= '{$conn->escape($month_from)}' " . "AND `scadenza` <= '{$conn->escape($month_to)}' ")); if (count($bonds) > 0) { $bond = $bonds[0]; $payment = new Payment(); $payment->stock = $stock; $payment->bond = $bond; $payment->timestamp = strtotime($bond->scadenza); $payment->importo = $payment->bond->prezzo_rimborso; $payment->tipo = 'rimborso'; $payments[] = $payment; } break; } return $payments; }
/** * @fn is_blocked($ip_addr) * @short Returns <tt>TRUE</tt> if <tt>ip_addr</tt> is in the blacklist, * <tt>FALSE</tt> otherwise. * @param ip_addr The IP address to test. */ public static function is_blocked($ip_addr) { $conn = Db::get_connection(); $bip_factory = new self(); $ret = $bip_factory->find_all(array('where_clause' => "`ip_addr` = '{$conn->escape($ip_addr)}'")); Db::close_connection($conn); return count($ret) > 0; }
function delete_rows($table, $primary_key, $keys) { $conn = Db::get_connection(); foreach ($keys as $key) { $conn->prepare("DELETE FROM `{$conn->escape($table)}` WHERE `{$conn->escape($primary_key)}` = '{$conn->escape($key)}' LIMIT 1"); $conn->exec(); } Db::close_connection($conn); }
/** * @fn check_spam_signature * @short Checks whether the string of text has a recognized spam signature. * @param $text The text that is used to calculate the spam signature. */ public static function check_spam_signature($text) { $conn = Db::get_connection(); $signature = self::get_spam_signature($text); $sig_factory = new SpamSignature(); $matches = $sig_factory->find_all(array('where_clause' => "`signature` = '{$conn->escape($signature)}'")); Db::close_connection($conn); return count($matches) > 0; }
/** * @fn count_by_ip($the_ip) * @short Returns the count of blocked visits for the desired IP address. * @the_ip An IP address. */ public static function count_by_ip($the_ip) { $conn = Db::get_connection(); $conn->prepare("SELECT COUNT(*) FROM `{1}` WHERE `ip_addr` = '{2}'", $this->get_table_name(), $the_ip); $conn->exec(); $ret = $conn->result(0); Db::close_connection($conn); return $ret; }
public static function for_range_and_order($isin, $date_from, $date_to, $order_by, $sort_dir) { $conn = Db::get_connection(); $quote = new Quote(); $quotes = $quote->find_by_query('SELECT `id`, `quotazione` ' . 'FROM `creso_quotazioni` ' . "WHERE `isin` = '{$conn->escape($isin)}' " . "AND `data` > '{$conn->escape($date_from)}' " . "AND `data` < '{$conn->escape($date_to)}' " . "ORDER BY `{$conn->escape($order_by)}` {$conn->escape(strtoupper($sort_dir))} " . 'LIMIT 1'); // print_r($quotes); Db::close_connection($conn); return $quotes[0]; }
/** * @fn software * @short Action method that generates the feed of software releases. */ public function software() { $conn = Db::get_connection(); $release_factory = new SoftwareRelease(); if (isset($_GET['id']) && is_numeric($_GET['id'])) { $this->releases = $release_factory->find_all(array('where_clause' => '`released` = 1 ' . 'AND `software_id` = \'' . $conn->escape($_GET['id']) . '\' ', 'order_by' => '`date` DESC ')); } else { $this->releases = $release_factory->find_by_query('SELECT MAX(`software_releases`.`id`) AS `id`, `software_releases`.`software_id`, MAX(`software_releases`.`version`) AS `version`, MAX(`software_releases`.`date`) AS `date` ' . 'FROM `softwares` ' . 'LEFT JOIN `software_releases` ON `softwares`.`id` = `software_releases`.`software_id` ' . 'WHERE `software_releases`.`released` = 1 ' . 'GROUP BY `softwares`.`id` ' . 'ORDER BY `date` DESC '); } Db::close_connection($conn); }
public static function action() { $db = Db::get_connection(); $db_name = $_POST['surname']; $db_revenue = $_POST['revenue']; $db_loan = $_POST['loan']; $db_debt = $_POST['debt']; $db_founder = $_POST['founder']; $db_obligation = $_POST['obligation']; $db_date = $_POST['date']; $db->query("CREATE TABLE IF NOT EXISTS {$db_name} LIKE main"); $db->query("INSERT INTO {$db_name} (surname, revenue, loan, debt, \n\t\t\tfounder, obligation, date)\n\t\t\tVALUES ('{$db_name}', '{$db_revenue}', '{$db_loan}', '{$db_debt}', '{$db_founder}', \n\t\t\t'{$db_obligation}', '{$db_date}')"); }
static function is_logged_in() { if (!isset(Login::$logged_in)) { Login::$logged_in = FALSE; if (!empty($_COOKIE['username'])) { $conn = Db::get_connection(); $user_factory = new User(); $users = $user_factory->find_all(array('where_clause' => "`utente` = '{$conn->escape($_COOKIE['username'])}'", 'limit' => 1)); if (count($users) > 0) { $user = $users[0]; Login::$logged_in = md5($user->utente . self::magic_phrase) == @$_COOKIE['userID']; } Db::close_connection($conn); } } return Login::$logged_in; }
/** * @fn update_versiontracker_ratings * @short Action method that updates the VersionTracker ratings for software products. */ public function update_versiontracker_ratings() { $conn = Db::get_connection(); error_reporting(E_ALL | E_STRICT); $sw = new Software(); $softwares = $sw->find_all(); foreach ($softwares as $software) { $software->has_one('version_tracker_entries'); if ($software->version_tracker_entry && $software->version_tracker_entry->vt_id != 0) { $vt = new VTRatingsParser($software->version_tracker_entry->vt_id); $vt->parse(); $software->version_tracker_entry->rating = $vt->rating; $software->version_tracker_entry->save(); } } $this->render(NULL); Db::close_connection($conn); }
public static function timeline($isin, $quantita, $month_from, $month_to) { $payments = array(); $conn = Db::get_connection(); $stock = new Stock(); if (!$stock->find_by_id($isin)) { return; } $yields = PaymentsHelper::yields($isin, $month_from, $month_to); $refunds = PaymentsHelper::refunds($isin, $month_from, $month_to); $events = array_merge($yields, $refunds); $payments = array(); foreach ($events as $event) { if (is_array($quantita)) { // reset() rewinds array's internal pointer to the first element and returns the value of the first array element, or FALSE if the array is empty. $q = reset($quantita); foreach ($quantita as $date => $value) { if (strtotime($date) < $event->timestamp) { break; } $q = $value; } } else { $q = $quantita; } if ($event->tipo == 'rimborso') { switch ($event->stock->tipo) { case 'obbligazione': $event->importo *= $q / 100; break; default: $event->importo *= $q; } } else { $event->importo *= $q; } $event->quantita = $q; $payments[] = $event; } // print_r($payments); Db::close_connection($conn); return $payments; }
/** * @fn lookup_host_and_cache($ip_addr) * @short Obtains the hostname for the given IP address. * @param ip_addr The IP address. */ private static function lookup_host_and_cache($ip_addr) { $conn = Db::get_connection(); $hostname = $ip_addr; // Attempt to retrieve the hostname from the lookup table... $conn->prepare("SELECT `hostname` " . "FROM `hosts` " . "WHERE `ip_addr` = '{1}' " . "LIMIT 1", $ip_addr); $lookup_result = $conn->exec(); if ($conn->num_rows() > 0) { // Got it $hostname = $conn->result(0); } else { // Resolve the host name with a call to gethostbyaddr $hostname = gethostbyaddr($ip_addr); // Store it in the lookup table for later $conn->prepare("INSERT INTO `hosts` (`ip_addr`,`hostname`,`last_update`) " . "VALUES ('{1}', '{2}', NOW())", $ip_addr, $hostname); $conn->exec(); } Db::close_connection($conn); return $hostname; }
/** * @fn last_n_visits * @short Action method that shows the last <em>N</em> hosts that have visited the website. */ public function last_n_visits($n) { $conn = Db::get_connection(); $conn->prepare("SELECT `ip_addr`, `params`, COUNT(*) AS `weight` " . "FROM `visits` " . "GROUP BY CONCAT(`ip_addr`, `user_agent`) " . "ORDER BY `date` DESC " . "LIMIT {1}", $n * 3); $conn->exec(); $this->hosts = array(); if ($conn->num_rows() > 0) { $i = 0; while ($line = $conn->fetch_assoc()) { $host = Geoip::by_ip_addr($line['ip_addr'], $line['params']); $host->weight = $line['weight']; if (!(empty($host->latitude) && empty($host->longitude))) { $this->hosts[] = $host; $i++; } if ($i >= $n) { break; } } } Db::close_connection($conn); $this->render(array('action' => 'hits_by_host')); }
static function chg2eur($divisa = 'USD', $date = NULL) { if ($date == NULL) { $date = date('Y-m-d H:i:s'); } if (!isset(self::$cache[$date])) { $conn = Db::get_connection(); $change_factory = new self(); $changes = $change_factory->find_all(array('where_clause' => empty($date) ? '1' : "`data` <= '{$conn->escape($date)}'", 'order_by' => '`data` DESC', 'limit' => 1)); $change = $changes[0]; self::$cache[$date] = array('usd2eur' => $change->usd2eur, 'aud2eur' => $change->aud2eur, 'try2eur' => $change->try2eur, 'zar2eur' => $change->zar2eur, 'brl2eur' => $change->brl2eur, 'gbp2eur' => $change->gbp2eur, 'rub2eur' => $change->rub2eur); Db::close_connection($conn); } switch ($divisa) { case 'USD': return self::$cache[$date]['usd2eur']; break; case 'AUD': return self::$cache[$date]['aud2eur']; break; case 'TRY': return self::$cache[$date]['try2eur']; break; case 'ZAR': return self::$cache[$date]['zar2eur']; break; case 'BRL': return self::$cache[$date]['brl2eur']; break; case 'GBP': return self::$cache[$date]['gbp2eur']; case 'RUB': return self::$cache[$date]['rub2eur']; } return 1; }
/** * @fn total_downloads * @short Returns the total number of downloads for all software artifacts. */ public static function total_downloads() { $conn = Db::get_connection(); $conn->prepare('SELECT SUM(`downloads`) FROM `software_artifacts` WHERE 1'); $conn->exec(); $ret = $conn->result(0); Db::close_connection($conn); return $ret; }
/** * @fn next * @short Returns the item that succeeds the receiver in the order. */ public function next() { $conn = Db::get_connection(); $factory = new self(); $results = $factory->find_all(array('where_clause' => "`created_at` > '{$conn->escape($this->created_at)}' " . "AND `status` = 'pubblicato'", 'order_by' => '`created_at` ASC', 'limit' => 1)); $ret = count($results) > 0 ? $results[0] : NULL; Db::close_connection($conn); return $ret; }
/** * @fn _init_software * @short Private method that initializes repetitive members of software product page actions. */ private function _init_software() { $conn = Db::get_connection(); if (isset($_REQUEST['software_name'])) { $software_factory = new Software(); $softwares = $software_factory->find_all(array('where_clause' => '`name` = \'' . $conn->escape($_REQUEST['software_name']) . '\' AND `type` = \'' . $conn->escape($_REQUEST['software_type']) . '\'', 'limit' => 1)); if (count($softwares) > 0) { $this->software = $softwares[0]; } else { $softwares = $software_factory->find_by_query('SELECT `softwares`.`id` ' . 'FROM `softwares` ' . 'LEFT JOIN `software_typos` ON `softwares`.`id` = `software_typos`.`software_id` ' . 'WHERE `software_typos`.`typo` = \'' . $conn->escape($_REQUEST['software_name']) . '\' ' . 'LIMIT 1'); if (count($softwares) > 0) { $this->software = $softwares[0]; header(sprintf('Location: http://%s%s', $_SERVER['HTTP_HOST'], $this->software->url_to_detail($_REQUEST['subview']))); exit; } else { HTTP::error(404); } } $_REQUEST['id'] = $this->software->id; } else { if (isset($_GET['id'])) { $this->software = new Software(); if ($this->software->find_by_id($_GET['id']) === FALSE) { $this->flash(l('No such software product!'), 'error'); $this->redirect_to(array('action' => 'index')); } } else { HTTP::error(404); } } $this->software->has_many('software_releases', array('where_clause' => '`released` = \'1\'')); $releases = $this->software->software_releases; usort($releases, array($releases[0], 'sort_releases')); $this->release = $releases[0]; $this->software->software_releases = $releases; Db::close_connection($conn); }
/** * @fn read * @short Action method that shows an article for reading. */ public function read() { if (empty($_REQUEST['id'])) { $this->redirect_to(array('action' => 'index')); } $conn = Db::get_connection(); /* // THIS SUCKS!!! $this->article = DiarioPost::find($_REQUEST['id'], 'DiarioPost'); */ $this->article = new DiarioPost(); if ($this->article->find_by_id($_REQUEST['id']) === FALSE) { $this->flash(l('No such article'), 'error'); $this->redirect_to(array('action' => 'index')); } if ($this->article->status != 'pubblicato') { HTTP::error(404); } // Annotates that the article has been read $this->article->readings++; $this->article->save(); $this->render(array('layout' => 'diario_read')); Db::close_connection($conn); }
/** * @short Deletes an object's database counterpart. * @details This method performs a <tt>DELETE</tt> SQL statement on the * table bound to the receiver's class, requesting the deletion of the object whose * primary key is equal to the receiver's primary key value. If the object has been * created programmatically and lacks a primary key value, this method has no effect. * @param bool cleanup Set to <tt>FALSE</tt> if you do not want the table to be optimized after deletion. */ public function delete($optimize = TRUE) { $conn = Db::get_connection(); if (!empty($this->values[$this->primary_key])) { $conn->prepare("DELETE FROM `{1}` WHERE `{$this->primary_key}` = '{2}' LIMIT 1", $this->get_table_name(), $this->values[$this->primary_key]); $conn->exec(); // Clean up if ($optimize) { $conn->prepare("OPTIMIZE TABLE `{1}`", $this->get_table_name()); $conn->exec(); } } Db::close_connection($conn); }
protected function ensure_multiple_isin() { $isins_from_request = isset($_REQUEST['id']) ? $_REQUEST['id'] : $_REQUEST['isin']; if (isset($isins_from_request)) { $isins = explode(',', $isins_from_request); } else { $conn = Db::get_connection(); $stock_factory = new Stock(); // $stocks = $stock_factory->find_all(array( // 'where_clause' => "`tipo` = 'obbligazione' " . // 'AND `attivo` = 1', // 'order_by' => '`title` ASC', // 'limit' => 57, // 'start' => 0 // )); if (!isset($_REQUEST['start'])) { $_REQUEST['start'] = 0; } $stocks = $stock_factory->find_by_query('SELECT `creso_titoli`.`isin` FROM `creso_titoli` ' . 'JOIN `creso_obbligazioni` ON `creso_titoli`.`isin` = `creso_obbligazioni`.`isin` ' . "WHERE `creso_titoli`.`tipo` = 'obbligazione' " . 'AND `creso_titoli`.`attivo` = 1 ' . 'AND `creso_obbligazioni`.`zero_coupon` = 0 ' . 'ORDER BY ' . '`creso_obbligazioni`.`tasso` DESC ' . ',' . '`creso_obbligazioni`.`scadenza` DESC ' . "LIMIT {$conn->escape($_REQUEST['start'])}, 170"); $isins = array_map(function ($stock) { return $stock->isin; }, $stocks); Db::close_connection($conn); // $this->redirect_to(array('action' => 'compare', 'id' => implode(',', $isins))); } $this->isins = $isins; }
define("H_MIN", 25); define("H_MAX", 65); define("BOTTOM", 78); define("FONTSIZE", 2); define("VIEWPORT", 100); define("LABEL", "Intraday"); define("STEP", 6); $sdata = mktime(0, 0, 0, $month, $day, $year); $edata = mktime(0, 0, 0, $month, $day, $year); $qdata = "`data` >= '" . date("Y-m-d", $sdata) . "' AND `data` <= '" . date("Y-m-d", $edata) . "'"; } function f($val, $m, $n, $min) { return floor(($val - $min) * $m) + $n; } $conn = Db::get_connection(); $conn->prepare("SELECT `quotazione`, `data`, `ora` FROM `creso_quotazioni` WHERE `quotazione` > 0 AND `isin` = '{1}' AND " . $qdata . " ORDER BY `data` ASC, `ora` ASC LIMIT {2}", @$_REQUEST['isin'], VIEWPORT); $result = $conn->exec(); $len = min(VIEWPORT, $conn->num_rows()); Db::close_connection($conn); // create image $image = @imagecreatetruecolor(WIDTH, HEIGHT); @imageantialias($image, true); // some colors $bg = @imagecolorallocate($image, 255, 255, 255); $lblue = @imagecolorallocate($image, 202, 219, 243); $llblue = @imagecolorallocate($image, 245, 248, 254); $blue = @imagecolorallocate($image, 132, 179, 243); $black = @imagecolorallocate($image, 0, 0, 0); $dblue = @imagecolorallocate($image, 18, 86, 178); $magenta = @imagecolorallocate($image, 255, 0, 128);
/** * @fn attribute_visits * @short Action method to attribute a visit to a person. * @details This method is designed to be called with AJAX, and does not render anything. * It assigns a visit object to a person object. */ public function attribute_visits() { $conn = Db::get_connection(); $visit_factory = new Visit(); $visits = $visit_factory->find_all(array('where_clause' => "`date` >= '{$conn->escape(date("Y-m-d H:i:s", Time::ago(@$_REQUEST['t'])))}' " . "AND (`ip_addr` = '{$conn->escape(@$_REQUEST['ip'])}' " . "OR `params` LIKE '%Apache'' => ''{$conn->escape(@$_REQUEST['ip'])}%')")); if (count($visits) > 0) { foreach ($visits as $visit) { $visit->person_id = @$_REQUEST['person_id']; $visit->save(); } } Db::close_connection($conn); $this->render(NULL); }
/** * @fn _batch_moderate($table_name) * @short Performs batch moderation operations on one or more items. * @param table_name The name of the table we want to operate on. */ private function _batch_moderate($table_name) { $conn = Db::get_connection(); $has_deleted = FALSE; if ($this->request->is_post()) { $query_preamble = 'SELECT 1 '; if (isset($_POST['delete-selected'])) { $query_preamble = "DELETE FROM `{$table_name}` "; $has_deleted = TRUE; } else { if (isset($_POST['moderate-selected'])) { $query_preamble = "UPDATE `{$table_name}` SET `approved` = 1 "; } } if (is_array($_POST['id'])) { $conn->prepare($query_preamble . "WHERE FIND_IN_SET(`id`, '{1}') " . 'LIMIT {2}', implode(',', $_POST['id']), count($_POST['id'])); $conn->exec(); } else { if (isset($_POST['id'])) { $conn->prepare($query_preamble . "WHERE `id` = '{1}' " . 'LIMIT 1'); $conn->exec(); } } if ($has_deleted) { $conn->prepare("OPTIMIZE TABLE `{$table_name}`"); $conn->exec(); } } Db::close_connection($conn); }