<?php require '../../php/main/db_connect.php'; $id_other = filter_input(INPUT_POST, 'page'); $text = filter_input(INPUT_POST, 'text'); if (isset($user_id, $text, $id_other) && $id_other !== $user_id) { $string = new SafeMySQL(); date_default_timezone_set('Europe/London'); $date = date('Y-m-d H:i:s'); $x = $string->getRow("SELECT d_id FROM users_dialogs WHERE pioneer_id=?i AND other_id=?i OR other_id=?i AND pioneer_id=?i", $user_id, $id_other, $user_id, $id_other); if ($x) { $y = $string->query("INSERT INTO users_messages (d_id,user_id,text,date) VALUES (?i,?i,?s,?s)", $x['d_id'], $user_id, $text, $date); $query_dialog = $string->query('UPDATE users_dialogs SET date=?s,meter=?i WHERE d_id=?i LIMIT 1', $date, $user_id, $x['d_id']); print "success"; } else { $y = $string->query("INSERT INTO users_dialogs (other_id, pioneer_id, date) VALUES (?i, ?i, ?s)", $id_other, $user_id, $date); $k = $string->getOne('SELECT d_id FROM users_dialogs WHERE pioneer_id=?i AND other_id=?i', $user_id, $id_other); $z = $string->query("INSERT INTO users_messages (d_id,user_id,text,date) VALUES (?i,?i,?s,?s)", $k, $user_id, $text, $date); print "success"; } } else { print 'Пройдите регистрацию или авторизацию.'; }
<?php require 'SafeMySQL.php'; $session_start = session_start(); $email = filter_input(INPUT_COOKIE, 'email', FILTER_VALIDATE_EMAIL); $RememberMe = filter_input(INPUT_COOKIE, 'RememberMe'); $RememberMeFilter = strlen($RememberMe) === 32 ? true : false; if ($RememberMeFilter && $email) { $o = new SafeMySQL(); $user_id = $o->getOne("SELECT user_id FROM users WHERE password=?s AND email=?s LIMIT 1", $RememberMe, $email); if (!$user_id) { setcookie('RememberMe', '', time() - 3600, '/'); setcookie('email', '', time() - 3600, '/'); unset($user_id, $RememberMeFilter, $RememberMe, $email); } } else { setcookie('RememberMe', '', time() - 3600, '/'); setcookie('email', '', time() - 3600, '/'); unset($user_id, $RememberMeFilter, $RememberMe, $email); }
<?php require '../php/main/db_connect.php'; require 'mm/parser.php'; $arr = array(); if ($last_id && $page && $user_id) { $string_object = new SafeMySQL(); $writer = new Writer(); $y = $string_object->getRow("SELECT d_id, other_id, pioneer_id,meter FROM users_dialogs WHERE d_id=?i AND pioneer_id=?i OR d_id=?i AND other_id=?i LIMIT 1", $category, $user_id, $category, $user_id); if ($y['d_id']) { $dg = $string_object->getAll("SELECT m.text, m.date, m.mes_id, i.avatar, i.category, i.nickname FROM users_messages m, users_information i WHERE m.d_id=?i AND m.mes_id < ?i AND i.user_id = m.user_id ORDER BY m.mes_id DESC LIMIT 10", $y['d_id'], $last_id); $avatar = $string_object->getOne('SELECT avatar FROM users_information WHERE user_id=?i', $user_id); $avatar = file_exists('../upload_image/avatars/pre_150px/' . $avatar . '.jpg') ? $avatar : 'default'; $i = 0; foreach ($dg as $array) { $res = array('n0' => $y['d_id'], 'n1' => $array['mes_id'], 'n2' => $array['avatar'], 'n3' => $array['nickname'], 'n4' => $array['date'], 'n5' => $writer->main($array['text'], 1)); $i++; array_push($arr, $res); } unset($array); } } print json_encode($arr);
protected function getId() { $userId; if ($this->checkCookie()) { $db = new SafeMySQL(); $userId = $db->getOne('SELECT id FROM ?n WHERE user_hash = ?s', $this->table, $_COOKIE['user_hash']); } if ($this->checkSession()) { $db = new SafeMySQL(); $userId = $db->getOne('SELECT id FROM ?n WHERE user_hash = ?s', $this->table, $_SESSION['user_hash']); } return $userId; }
$sql = 'SELECT * FROM test_sections WHERE section_id = ' . (int) $_GET['section_id']; $section = $db->getRow($sql); if (false == $section) { echo 'section_not_found'; exit; } $sql = 'UPDATE test_sections SET ?u WHERE section_id = ?i'; $db->query($sql, $_POST['section'], $_GET['section_id']); header('Location:dbtree_demo.php'); exit; } /* ------------------------ EDIT FORM ------------------------ */ // Node edit form if (!empty($_GET['action']) && 'edit' == $_GET['action']) { $sql = 'SELECT section_name FROM test_sections WHERE section_id = ' . (int) $_GET['section_id']; $section = $db->getOne($sql); ?> <table border="1" cellpadding="5" align="center"> <tr> <td> Edit section </td> </tr> <tr> <td align="center"> <form action="dbtree_demo.php?action=edit_ok§ion_id=<?php echo $_GET['section_id']; ?> " method="POST"> Section name:<br> <input type="text" name="section[section_name]" value="<?php
//$session_start = session_start(); $arr = array(); if ($_SESSION['registration_email'] && $_SESSION['registration_password'] && preg_match('/^(?:\\d+)_(?:\\w+)$/', $category)) { require '../php/main/SafeMySQL.php'; $o = new SafeMySQL(); //Если данные уже есть в базе пользователей $x = $o->getRow('SELECT password, email, nickname, category, rules FROM users_registration WHERE key_reg=?s', $category); if (!$x) { $res = array('head' => '<div id="material_null"> <p>МАТЕРИАЛОВ НЕТ</p> </div>'); array_push($arr, $res); print json_encode($arr); exit; } $re_id = $o->getOne('SELECT user_id FROM users WHERE email=?s AND password=?s', $x['email'], $x['password']); if ($re_id) { $res = array('head' => '<div id="material_null"> <p>Вы уже зарегистрированы.</p> </div>'); array_push($arr, $res); print json_encode($arr); exit; } //Данных нет, отлично, ищем в таблице регистрации if ($x['password'] == $_SESSION['registration_password'] && $x['email'] == $_SESSION['registration_email']) { //Создаем транзакцию, чтобы данные попали во все нужны таблицы $load = $o->transactionQuery(); mysqli_autocommit($load, false); $t1 = mysqli_query($load, $o->parse("INSERT INTO users (email,password) VALUES (?s,?s)", $x['email'], $x['password'])); mysqli_query($load, $o->parse("SET @lastID := LAST_INSERT_ID();"));
<?php require_once '../../php/main/SafeMySQL.php'; $string_object = new SafeMySQL(); $email = filter_input(INPUT_POST, 'email', FILTER_VALIDATE_EMAIL); $password = md5(filter_input(INPUT_POST, 'password')); if (isset($email, $password)) { $login_query = $string_object->getOne("SELECT user_id FROM users WHERE email=?s AND password=?s LIMIT 1", $email, $password); if ($login_query) { setcookie('RememberMe', $password, time() + 3600 * 24 * 365, '/'); setcookie('email', $email, time() + 3600 * 24 * 365, '/'); $string_object->query("UPDATE users_online SET online='online' WHERE user_id=?i", $login_query['user_id']); print 'success'; } else { print 'Вы не зарегитрированы.'; } } else { print 'Вы не заполнили нужные формы.'; }
<?php require '../../php/main/db_connect.php'; $dialog = filter_input(INPUT_GET, 'dialog', FILTER_VALIDATE_INT); if ($user_id) { //Кол-во новых сообщений $o = new SafeMySQL(); if ($dialog) { $mm = $o->getOne('SELECT COUNT(meter) FROM users_dialogs WHERE meter=other_id AND pioneer_id=?i AND d_id <>?i OR meter=pioneer_id AND other_id=?i AND d_id <>?i', $user_id, $dialog, $user_id, $dialog); $query_dialog = $o->query('UPDATE users_dialogs SET meter=0 WHERE d_id=?i AND meter<>?i LIMIT 1', $dialog, $user_id); } else { $mm = $o->getOne('SELECT COUNT(meter) FROM users_dialogs WHERE meter=other_id AND pioneer_id=?i OR meter=pioneer_id AND other_id=?i', $user_id, $user_id); } if ($mm) { print $mm; } }
<div id="pre_hiden"> </div> <div id="loadbar_box"> <div id="loadbar_plane"> <div id="loadbar_progress_plane"> </div> </div> </div> <div id="startupload"> <button title="Пути назад не будет!">ГОТОВО</button> </div> </div> </div> <?php $string_object = new SafeMySQL(); $o = $string_object->getOne('SELECT avatar FROM users_information WHERE user_id=?i', $user_id); $i = file_exists('upload_image/avatars/pre_50px/' . $o . '.jpg') ? $o : 'default'; $online = $string_object->getOne('SELECT online FROM users_online WHERE user_id=?i', $user_id); $rating = $string_object->getOne('SELECT rating FROM users_rating WHERE user_id=?i', $user_id); $lvl = floor($rating / 100); $xp = floor($rating % 100); $prifile_ui = json_decode(file_get_contents('json/ui/ru/main/main_login.json'), true); ?> <section id="profile_info"> <div id="profile_avatar_upload"> <button class="profile_avatar_upload"></button> <button class="profile_avatar_upload" id="avatar_upload"></button> <button class="profile_avatar_upload"></button> <button class="profile_co" id="profile_close"></button> </div> <div id="profile_avatar" style="background: #000 url('upload_image/avatars/pre_150px/<?php
<?php $session_start = session_start(); require_once '../../php/main/SafeMySQL.php'; $string_object = new SafeMySQL(); $email = filter_input(INPUT_POST, 'email', FILTER_VALIDATE_EMAIL); $login = filter_input(INPUT_POST, 'login'); $password = md5(filter_input(INPUT_POST, 'password')); $category = filter_input(INPUT_POST, 'category'); $rules = filter_input(INPUT_POST, 'rules'); if (isset($email, $login, $password, $category, $rules)) { $x = $string_object->getOne("SELECT user_id FROM users WHERE email=?s", $email); if ($x) { print 'Извините пожайлуста, но такой email уже зарегистрирован.'; exit; } $x = $string_object->getOne("SELECT in_id FROM users_information WHERE nickname=?s", $login); if ($x) { print 'Извините пожайлуста, но такой никнейм уже зарегистрирован.'; exit; } $x = $string_object->getOne("SELECT nickname FROM users_registration WHERE nickname=?s", $login); if ($x) { print 'Просим прощения, но такой никнейм уже пытается зарегистрироваться.'; exit; } $x = $string_object->getOne("SELECT email FROM users_registration WHERE email=?s", $email); if ($x) { print 'Просим прощения, но кто-то уже регистрируется с таким E-mail.'; exit; }