function smazat($nazev, $bazarId)
{
$sql = "delete from sablony_zprav WHERE bazarId=" . $bazarId . " and nazev='" . $nazev . "'";
#echo $sql."<BR>";
$ret = $this->db2->query($sql);
#exit;
return !SQLEngine::isError($ret);
}
$query = $sqlEngine->query($insert, array($_REQUEST["u"], $_REQUEST["kategorie"], $kanal_id));
}
break;
case "delete":
$delete = "DELETE FROM uzivatele_skupiny WHERE idUzivatel = ? && idSkupina = ?";
$query = $sqlEngine->query($delete, array($_REQUEST["u"], $_REQUEST["skupID"]));
break;
case "uStav":
$update = "UPDATE uzivatele SET stav=?, email=?, sms=? WHERE id = ?";
$query = $sqlEngine->query($update, array($_REQUEST["stav"], $_REQUEST["uEmail"], $_REQUEST["uSMS"], $_REQUEST["u"]));
break;
default:
$noSql = true;
break;
}
if (SQLEngine::isError($query) && !$noSql) {
$chyba = "Oops něco se porouchalo";
}
}
// vybereme hlavni sablonu
$T->setFile('modulX', 'srcTpl/admin.htm');
// polozky menu
include_once 'moduly/menuAdmin.php';
// nastartujeme lokalni sablonu
$TM = new MyTemplate();
$TM->setFile('modulY', 'srcTpl/adminUzivatele_modul.htm');
//seznam uzivatelu
$query = "SELECT * FROM uzivatele ORDER BY login";
$qUzivatele = $sqlEngine->query($query);
foreach (SQLEngine::getRows($qUzivatele) as $u) {
unset($T_data);
<?php
adminLoginValidate();
//ulozeni zpravy do tabulky
if ($_REQUEST["obsah"] != "" && $_REQUEST["odeslatPo"] != "" && is_array($_REQUEST["skupina"]) && count($_REQUEST["skupina"]) > 0) {
$reload = true;
$insert_msg = "INSERT INTO zpravy (vlozeno, odeslatPo, text, textHTML, textSMS, vytvoreno_z, vytvoril)\n VALUES (now(), ?, ?, ?, ?, ?, ?)";
$rs = $sqlEngine->query($insert_msg, array($_REQUEST["odeslatPo"], $_REQUEST["obsah"], "", $_REQUEST["obsahSMS"], "web", $_SESSION["admin"]["id"]));
if (!SQLEngine::isError($rs)) {
$msgId = $sqlEngine->getLastInsertId($rs);
foreach ($_REQUEST["skupina"] as $v) {
$insert_skupina = "INSERT INTO zpravy_skupiny (idZpravy, idSkupiny) VALUES (?, ?)";
$rs = $sqlEngine->query($insert_skupina, array($msgId, $v));
if (SQLEngine::isError($rs)) {
//pokus se stane chyba vymaz zravu
$sqlEngine->query("DELETE FROM zpravy WHERE id = " . $msgId);
$sqlEngine->query("DELETE FROM zpravy_skupiny WHERE idZpravy = " . $msgId);
$chyba = "Došlo k chybě zprávu se nepodařilo odeslat";
$reload = false;
break;
}
}
if ($reload) {
header("location: " . getUrl("adminSeznamZprav"));
}
} else {
$chyba = "Došlo k chybě zprávu se nepodařilo odeslat";
}
} elseif ($_REQUEST["odeslano"]) {
$chyba = "Všechny položky jsou povinné";
}
/** upravi uzivatele
* @param string $login zadejte email, je pouzit jako login
* @param string $heslo
* @param string $jmeno
* @param string $prijmeni
* @param string $telefon telefonni cislo ve formatu 420xxxxxxxxx
* @param int $contact_hide 0=zobrazovat udaje v inzeratu, 1=nezobrazovat
* @adresa pole array(sidlo,ulice,mesto,psc,kraj,uiradr_id)
* @doprava array(text,cena)
* @return array
*/
function update($login, $heslo = null, $jmeno = null, $prijmeni = null, $telefon = null, $icq = null, $skype = null, $contact_hide = 0, $adresa = "", $doprava = array())
{
$sql = "UPDATE uzivatel SET login=?";
$sqlPara = array($login);
if (isset($heslo)) {
$sql .= ",heslo=?";
array_push($sqlPara, $heslo);
}
if (isset($jmeno)) {
$sql .= ",jmeno=?";
array_push($sqlPara, $jmeno);
}
if (isset($prijmeni)) {
$sql .= ",prijmeni=?";
array_push($sqlPara, $prijmeni);
}
if (isset($telefon)) {
$sql .= ",telefon=?";
array_push($sqlPara, $telefon);
}
if (isset($icq)) {
$sql .= ",icq=?";
array_push($sqlPara, $icq);
}
if (isset($skype)) {
$sql .= ",skype=?";
array_push($sqlPara, $skype);
}
if ($contact_hide == 0) {
$sql .= ",contact_hide='0'";
} else {
$sql .= ",contact_hide='1'";
}
$sql .= " WHERE bazar=? AND login=?";
array_push($sqlPara, $this->bazar);
array_push($sqlPara, $login);
$rs = $this->db2->query($sql, $sqlPara);
$out["result"] = SQLEngine::getErrorCode($rs);
$out["result_text"] = SQLEngine::getErrorText($rs);
if (!SQLEngine::isError($rs) and $adresa != "") {
$sql = "select id from uzivatel where login=? and bazar=?";
$rs = $this->db2->query($sql, array($login, $this->bazar));
$row = SQLEngine::getFirstRow($rs);
$sql = "replace into uzivatel_adresa set\n uzivatel_id=?, sidlo=?, ulice=?, mesto=?, kraj=?, uiradr_id=?";
$rs = $this->db2->query($sql, array($row["id"], emptyOnNull($adresa["sidlo"]), emptyOnNull($adresa["ulice"]), emptyOnNull($adresa["mesto"]), emptyOnNull($adresa["kraj"]), emptyOnNull($adresa["uiradr_id"])));
$out["result"] = SQLEngine::getErrorCode($rs);
$out["result_text"] = SQLEngine::getErrorText($rs);
}
// je vplneno pole doprava
if (isset($doprava["1"])) {
$sql = "DELETE FROM uzivatel_doprava WHERE uzivatel_id = ?";
$rs = $this->db2->query($sql, array($row["id"]));
// ukladame pouze radky kde je vyplneny text
foreach ($doprava as $poradi => $radek) {
if ($radek["nazev"] != "") {
$sql = "INSERT INTO uzivatel_doprava SET uzivatel_id = ?, poradi=?, nazev=?, cena=?";
$rs = $this->db2->query($sql, array($row["id"], $poradi, $radek["nazev"], $radek["cena"]));
}
}
}
return $out;
}
<?php
if ($_REQUEST["stare"] != "" && $_REQUEST["nove"] != "" && $_REQUEST["kontrola"] != "") {
if ($_REQUEST["nove"] == $_REQUEST["kontrola"]) {
if (substr(md5($_REQUEST["stare"]), 0, 12) == $_SESSION["user"]["heslo"]) {
$query = "UPDATE uzivatele SET heslo = SUBSTRING(MD5(?), 1, 12) WHERE id = ?";
$update = $sqlEngine->query($query, array($_REQUEST["nove"], $_SESSION["user"]["id"]));
if (SQLEngine::isError($update)) {
$chyba = "Oops něco se porouchalo";
} else {
$chyba = "Heslo bylo změněno";
$_SESSION["user"]["heslo"] = substr(md5($_REQUEST["nove"]), 0, 12);
}
} else {
$chyba = "Špatně vyplněno staré heslo";
}
} else {
$chyba = "Nové heslo se neshoduje s kontrolou";
}
}
// vybereme hlavni sablonu
$T->setFile('modulX', 'srcTpl/user.htm');
// polozky menu
include_once 'moduly/menuUser.php';
// nastartujeme lokalni sablonu
$TM = new MyTemplate();
$TM->setFile('modulY', 'srcTpl/userZmenaHesla_modul.htm');
if (isset($chyba)) {
unset($T_data);
$T_data['textChyby'] = $chyba;
$TM->assignBlockVars('ERROR', $T_data);
/**
* slouzi pro nakesovani odpovedi dotazu typu SELECT pokud nekolik modulu na strance vola backend se stejnymi parametry
* soucasne promazava cache po stanovenem limitu a umoznuje sdileni odpovedi vice aplikacnimi servery
* @param string $query SQL dotaz SELECT ktery se ma vykonat
* @param string $Benchmarked je-li vyplneno, bude zalogovan banchmark test do err_log a text bude pouzit jako identifikator ve vypisu logu
* @param int $maxold pocet minut jak muze byt vysledek stary, jinak dojde k jeho aktualizaci (default 0) 0=cache off
* @return array $out["rows"] ... radky s vysledky s omezenim limit, $out["count"] ... pocet nalezenych vysedku bez omezeni limitu
*/
public function query($query, $params = array(), $benchMarked = "", $maxOld = 0)
{
if (!is_array($params)) {
$params = array($params);
}
$time_start = microtime(true);
$isCache = $maxOld > 0 && !$this->isUpdate($query);
$actualPDO = $this->getPDO($query, $isCache);
$connectionInfo = $actualPDO === $this->pdoMaster ? $this->masterHost . "/" . $this->masterDBName . " (master)" : ($connectionInfo = $this->slaveHost . "/" . $this->slaveDBName . " (slave)");
if ($isCache) {
// vypocteme id dotazu pro cache
$checksum = sprintf("%u\n", crc32($query . print_r_log($params)));
// zjistime zda uz takovy dotaz neprobehl a zda neni po expiraci
$stmt = $actualPDO->prepare("SELECT *,TIMESTAMPDIFF(MINUTE,created,NOW()) AS oldmin FROM cache_sql WHERE sql_hash=?");
$stmt->execute(array($checksum));
$cache = $stmt->fetch();
$isCache = $stmt->rowCount() > 0 && $cache['oldmin'] < $maxOld;
}
//znovu se ptam na stejnou podminku, protoze se mohla mezitim zmenit
if ($isCache) {
$out = unserialize($cache['result']);
} else {
// neprobehl nebo vyexpiroval - provedeme dotaz a vysledek ulozime do cache
$stmt = $actualPDO->prepare($query);
$stmt->setFetchMode(PDO::FETCH_ASSOC);
$success = $stmt->execute($params);
$errorInfo = $stmt->errorInfo();
$out['errorCode'] = $errorInfo[0];
$out['errorText'] = $errorInfo[2];
$out["rows"] = $stmt->fetchAll();
$out["lastInsertId"] = $actualPDO->lastInsertId();
$out["affectedRows"] = $stmt->rowCount();
if (!SQLEngine::isError($out)) {
$out['errorText'] = "";
$rs1 = $actualPDO->query("SELECT FOUND_ROWS() as pocet")->fetch();
$out['count'] = $rs1['pocet'];
//pokud nezafunguje found_rows a vrati 0-1 radku, tak pro jistotu si vezmu pocet z vracenych radku
if ($out['count'] + 0 < 2) {
$out['count'] = count($out["rows"]);
}
} else {
logmsg("SQLERROR:" . self::getErrorCode($out) . ":" . self::getErrorText($out) . "\n" . $query . "\n" . print_r_log($params), PEAR_LOG_CRIT);
}
if ($maxOld > 0) {
// ulozime vysledek do cache pokud nepresahuje limitni delku mediumtext 2^24
$serial = serialize($out);
if (strlen($serial) < pow(2, 24) && strlen($serial) > 0) {
$sql = "REPLACE cache_sql SET sql_hash=?, result=?";
$stmt = $actualPDO->prepare($sql);
$stmt->execute(array($checksum, $serial));
}
}
}
$time_end = microtime(true);
$time = $time_end - $time_start;
global $conf;
if ($conf["enableProfiler"]) {
$stmt = $actualPDO->prepare("select count(*) as pocet from inzerat");
$stmt->setFetchMode(PDO::FETCH_ASSOC);
$success = $stmt->execute(array());
$rs1 = $stmt->fetch();
$profilerInsert = "INSERT INTO profiler_data (request_id, request_uri, startSql, stopSql, query, params, pocetInzeratu, callStack) VALUES (?, ?, ?, ?, ?, ?, ?, ?);";
$e = new Exception();
$profileParams = array($_SERVER["REQUEST_TIME"], $_SERVER["REQUEST_URI"], $time_start, $time_end, $query, serialize($params), $rs1["pocet"], $e->getTraceAsString());
$stmt = $this->getPDOMaster()->prepare($profilerInsert);
$stmt->execute($profileParams);
}
logmsg("BENCHMARK {$benchMarked} STOP for connection " . $connectionInfo . " " . round($time, 3) . "\n" . print_r_log($query) . "\n" . print_r_log($params), PEAR_LOG_DEBUG);
return $out;
}