<?php
require '../../php/main/db_connect.php';
$id_other = filter_input(INPUT_POST, 'page');
$text = filter_input(INPUT_POST, 'text');
if (isset($user_id, $text, $id_other) && $id_other !== $user_id) {
$string = new SafeMySQL();
date_default_timezone_set('Europe/London');
$date = date('Y-m-d H:i:s');
$x = $string->getRow("SELECT d_id FROM users_dialogs WHERE pioneer_id=?i AND other_id=?i OR other_id=?i AND pioneer_id=?i", $user_id, $id_other, $user_id, $id_other);
if ($x) {
$y = $string->query("INSERT INTO users_messages (d_id,user_id,text,date) VALUES (?i,?i,?s,?s)", $x['d_id'], $user_id, $text, $date);
$query_dialog = $string->query('UPDATE users_dialogs SET date=?s,meter=?i WHERE d_id=?i LIMIT 1', $date, $user_id, $x['d_id']);
print "success";
} else {
$y = $string->query("INSERT INTO users_dialogs (other_id, pioneer_id, date) VALUES (?i, ?i, ?s)", $id_other, $user_id, $date);
$k = $string->getOne('SELECT d_id FROM users_dialogs WHERE pioneer_id=?i AND other_id=?i', $user_id, $id_other);
$z = $string->query("INSERT INTO users_messages (d_id,user_id,text,date) VALUES (?i,?i,?s,?s)", $k, $user_id, $text, $date);
print "success";
}
} else {
print 'Пройдите регистрацию или авторизацию.';
}
<?php
require 'SafeMySQL.php';
$session_start = session_start();
$email = filter_input(INPUT_COOKIE, 'email', FILTER_VALIDATE_EMAIL);
$RememberMe = filter_input(INPUT_COOKIE, 'RememberMe');
$RememberMeFilter = strlen($RememberMe) === 32 ? true : false;
if ($RememberMeFilter && $email) {
$o = new SafeMySQL();
$user_id = $o->getOne("SELECT user_id FROM users WHERE password=?s AND email=?s LIMIT 1", $RememberMe, $email);
if (!$user_id) {
setcookie('RememberMe', '', time() - 3600, '/');
setcookie('email', '', time() - 3600, '/');
unset($user_id, $RememberMeFilter, $RememberMe, $email);
}
} else {
setcookie('RememberMe', '', time() - 3600, '/');
setcookie('email', '', time() - 3600, '/');
unset($user_id, $RememberMeFilter, $RememberMe, $email);
}
<?php
require '../php/main/db_connect.php';
require 'mm/parser.php';
$arr = array();
if ($last_id && $page && $user_id) {
$string_object = new SafeMySQL();
$writer = new Writer();
$y = $string_object->getRow("SELECT d_id, other_id, pioneer_id,meter FROM users_dialogs WHERE d_id=?i AND pioneer_id=?i OR d_id=?i AND other_id=?i LIMIT 1", $category, $user_id, $category, $user_id);
if ($y['d_id']) {
$dg = $string_object->getAll("SELECT m.text, m.date, m.mes_id, i.avatar, i.category, i.nickname FROM users_messages m, users_information i WHERE m.d_id=?i AND m.mes_id < ?i AND i.user_id = m.user_id ORDER BY m.mes_id DESC LIMIT 10", $y['d_id'], $last_id);
$avatar = $string_object->getOne('SELECT avatar FROM users_information WHERE user_id=?i', $user_id);
$avatar = file_exists('../upload_image/avatars/pre_150px/' . $avatar . '.jpg') ? $avatar : 'default';
$i = 0;
foreach ($dg as $array) {
$res = array('n0' => $y['d_id'], 'n1' => $array['mes_id'], 'n2' => $array['avatar'], 'n3' => $array['nickname'], 'n4' => $array['date'], 'n5' => $writer->main($array['text'], 1));
$i++;
array_push($arr, $res);
}
unset($array);
}
}
print json_encode($arr);
protected function getId()
{
$userId;
if ($this->checkCookie()) {
$db = new SafeMySQL();
$userId = $db->getOne('SELECT id FROM ?n WHERE user_hash = ?s', $this->table, $_COOKIE['user_hash']);
}
if ($this->checkSession()) {
$db = new SafeMySQL();
$userId = $db->getOne('SELECT id FROM ?n WHERE user_hash = ?s', $this->table, $_SESSION['user_hash']);
}
return $userId;
}
$sql = 'SELECT * FROM test_sections WHERE section_id = ' . (int) $_GET['section_id'];
$section = $db->getRow($sql);
if (false == $section) {
echo 'section_not_found';
exit;
}
$sql = 'UPDATE test_sections SET ?u WHERE section_id = ?i';
$db->query($sql, $_POST['section'], $_GET['section_id']);
header('Location:dbtree_demo.php');
exit;
}
/* ------------------------ EDIT FORM ------------------------ */
// Node edit form
if (!empty($_GET['action']) && 'edit' == $_GET['action']) {
$sql = 'SELECT section_name FROM test_sections WHERE section_id = ' . (int) $_GET['section_id'];
$section = $db->getOne($sql);
?>
<table border="1" cellpadding="5" align="center">
<tr>
<td>
Edit section
</td>
</tr>
<tr>
<td align="center">
<form action="dbtree_demo.php?action=edit_ok§ion_id=<?php
echo $_GET['section_id'];
?>
" method="POST">
Section name:<br>
<input type="text" name="section[section_name]" value="<?php
//$session_start = session_start();
$arr = array();
if ($_SESSION['registration_email'] && $_SESSION['registration_password'] && preg_match('/^(?:\\d+)_(?:\\w+)$/', $category)) {
require '../php/main/SafeMySQL.php';
$o = new SafeMySQL();
//Если данные уже есть в базе пользователей
$x = $o->getRow('SELECT password, email, nickname, category, rules FROM users_registration WHERE key_reg=?s', $category);
if (!$x) {
$res = array('head' => '<div id="material_null">
<p>МАТЕРИАЛОВ НЕТ</p>
</div>');
array_push($arr, $res);
print json_encode($arr);
exit;
}
$re_id = $o->getOne('SELECT user_id FROM users WHERE email=?s AND password=?s', $x['email'], $x['password']);
if ($re_id) {
$res = array('head' => '<div id="material_null">
<p>Вы уже зарегистрированы.</p>
</div>');
array_push($arr, $res);
print json_encode($arr);
exit;
}
//Данных нет, отлично, ищем в таблице регистрации
if ($x['password'] == $_SESSION['registration_password'] && $x['email'] == $_SESSION['registration_email']) {
//Создаем транзакцию, чтобы данные попали во все нужны таблицы
$load = $o->transactionQuery();
mysqli_autocommit($load, false);
$t1 = mysqli_query($load, $o->parse("INSERT INTO users (email,password) VALUES (?s,?s)", $x['email'], $x['password']));
mysqli_query($load, $o->parse("SET @lastID := LAST_INSERT_ID();"));
<?php
require_once '../../php/main/SafeMySQL.php';
$string_object = new SafeMySQL();
$email = filter_input(INPUT_POST, 'email', FILTER_VALIDATE_EMAIL);
$password = md5(filter_input(INPUT_POST, 'password'));
if (isset($email, $password)) {
$login_query = $string_object->getOne("SELECT user_id FROM users WHERE email=?s AND password=?s LIMIT 1", $email, $password);
if ($login_query) {
setcookie('RememberMe', $password, time() + 3600 * 24 * 365, '/');
setcookie('email', $email, time() + 3600 * 24 * 365, '/');
$string_object->query("UPDATE users_online SET online='online' WHERE user_id=?i", $login_query['user_id']);
print 'success';
} else {
print 'Вы не зарегитрированы.';
}
} else {
print 'Вы не заполнили нужные формы.';
}
<?php
require '../../php/main/db_connect.php';
$dialog = filter_input(INPUT_GET, 'dialog', FILTER_VALIDATE_INT);
if ($user_id) {
//Кол-во новых сообщений
$o = new SafeMySQL();
if ($dialog) {
$mm = $o->getOne('SELECT COUNT(meter) FROM users_dialogs WHERE meter=other_id AND pioneer_id=?i AND d_id <>?i OR meter=pioneer_id AND other_id=?i AND d_id <>?i', $user_id, $dialog, $user_id, $dialog);
$query_dialog = $o->query('UPDATE users_dialogs SET meter=0 WHERE d_id=?i AND meter<>?i LIMIT 1', $dialog, $user_id);
} else {
$mm = $o->getOne('SELECT COUNT(meter) FROM users_dialogs WHERE meter=other_id AND pioneer_id=?i OR meter=pioneer_id AND other_id=?i', $user_id, $user_id);
}
if ($mm) {
print $mm;
}
}
<div id="pre_hiden">
</div>
<div id="loadbar_box">
<div id="loadbar_plane">
<div id="loadbar_progress_plane">
</div>
</div>
</div>
<div id="startupload">
<button title="Пути назад не будет!">ГОТОВО</button>
</div>
</div>
</div>
<?php
$string_object = new SafeMySQL();
$o = $string_object->getOne('SELECT avatar FROM users_information WHERE user_id=?i', $user_id);
$i = file_exists('upload_image/avatars/pre_50px/' . $o . '.jpg') ? $o : 'default';
$online = $string_object->getOne('SELECT online FROM users_online WHERE user_id=?i', $user_id);
$rating = $string_object->getOne('SELECT rating FROM users_rating WHERE user_id=?i', $user_id);
$lvl = floor($rating / 100);
$xp = floor($rating % 100);
$prifile_ui = json_decode(file_get_contents('json/ui/ru/main/main_login.json'), true);
?>
<section id="profile_info">
<div id="profile_avatar_upload">
<button class="profile_avatar_upload"></button>
<button class="profile_avatar_upload" id="avatar_upload"></button>
<button class="profile_avatar_upload"></button>
<button class="profile_co" id="profile_close"></button>
</div>
<div id="profile_avatar" style="background: #000 url('upload_image/avatars/pre_150px/<?php
<?php
$session_start = session_start();
require_once '../../php/main/SafeMySQL.php';
$string_object = new SafeMySQL();
$email = filter_input(INPUT_POST, 'email', FILTER_VALIDATE_EMAIL);
$login = filter_input(INPUT_POST, 'login');
$password = md5(filter_input(INPUT_POST, 'password'));
$category = filter_input(INPUT_POST, 'category');
$rules = filter_input(INPUT_POST, 'rules');
if (isset($email, $login, $password, $category, $rules)) {
$x = $string_object->getOne("SELECT user_id FROM users WHERE email=?s", $email);
if ($x) {
print 'Извините пожайлуста, но такой email уже зарегистрирован.';
exit;
}
$x = $string_object->getOne("SELECT in_id FROM users_information WHERE nickname=?s", $login);
if ($x) {
print 'Извините пожайлуста, но такой никнейм уже зарегистрирован.';
exit;
}
$x = $string_object->getOne("SELECT nickname FROM users_registration WHERE nickname=?s", $login);
if ($x) {
print 'Просим прощения, но такой никнейм уже пытается зарегистрироваться.';
exit;
}
$x = $string_object->getOne("SELECT email FROM users_registration WHERE email=?s", $email);
if ($x) {
print 'Просим прощения, но кто-то уже регистрируется с таким E-mail.';
exit;
}
