function authenticate($U, $P, $recordar = 0, $by = 'usuario') { $RESULT = false; if (trim($U) != '' && trim($P) != '') { $db = new db(); $db->connect(); $sql = ' SELECT * FROM usuarios WHERE ( ' . $by . ' = "' . mysql_real_escape_string($U) . '" ) AND ( password = "******" ) '; $db->query($sql); // no existe $RESULT = false; while ($record = $db->next()) { // LOGEAR $this->creaSession($record); $RESULT = true; if ($recordar) { $two_months = time() + 30 * 24 * 3600; setcookie('id_usuario', $U, $two_months); setcookie('contrasena', $P, $two_months); } } $db->close(); } return $RESULT; }
public function VerDetallePais() { $db = new db(); $db->connect(); $query = 'SELECT * FROM albaranes WHERE id_albaranes = ' . $this->id_albaranes; $db->query($query); $r = $db->next(); $db->close(); return $r; }
function verCiudadPais() { $db = new db(); $db->connect(); $query = 'SELECT * FROM lista_estados WHERE id_pais = ' . $this->id_pais; $db->query($query); $Arr = array(); while ($r = $db->next()) { $Arr[] = $r; } return $Arr; $db->close(); }
public static function verEstadosPais() { $db = new db(); $db->connect(); $query = 'SELECT * FROM lista_estados WHERE id_pais = ' . self::$id_pais; $db->query($query); $Arr = array(); while ($r = $db->next()) { $Arr[] = $r; } $db->close(); return $Arr; }
public function verFuncionalidades() { $db = new db(); $db->connect(); $query = 'SELECT * FROM fk_privileges'; $db->query($query); $Arr = array(); while ($r = $db->next()) { $r['privilege_desc'] = utf8_encode($r['privilege_desc']); $Arr[] = $r; } $db->close(); return $Arr; }
function fk_select_text($table, $fields, $id_selected) { $db = new db(); $OPTION[0] = ''; $OPTION[1] = ''; $table_ar = trim($table); $table_ar = explode(' ', $table_ar); $table_ar = $table_ar[0]; $rec = new ActiveRecord($table_ar); $WHERE = ' WHERE ' . $rec->id_field_name . ' = "' . $id_selected . '" '; $SQL = 'SELECT ' . $fields . ' FROM ' . $table . ' ' . $WHERE; $db->query($SQL); if ($opt = $db->next()) { $OPTION[0] = htmlentities($opt[0]); $OPTION[1] = htmlentities($opt[1]); } return $OPTION; }
/** *@package AppForm *@method get_id_record($id_record) *@desc returns id record related to $record_num *@since v0.1 **/ private function get_id_record($record_num = 1) { $db = new db(); $id_record = 0; // Get $record_num = $record_num - 1 > 0 ? $record_num - 1 : 0; // SELECT {id} FROM TABLE WHERE 1=1 {AND} limit {record_num},1 $db->set_select($this->DbRecord->id_field_name); $db->set_table($this->model); $db->set_where(' 1 = 1 '); if ($this->DbRecord->SqlAnd != '') { $db->add_and($this->DbRecord->SqlAnd); } $db->set_limit(1, $record_num); $db->query(); if ($row = $db->next()) { $id_record = $row[0]; } else { // Find first $this->record_number = 1; if ($this->total_records == 0) { $this->record_number = 0; } //select ID_USUARIO from USUARIOS WHERE TRUE LIMIT 0,1 $db->set_select($this->DbRecord->id_field_name); $db->set_table($this->model); $db->set_where(' 1=1 '); if ($this->DbRecord->SqlAnd != '') { $db->add_and($this->DbRecord->SqlAnd); } $db->set_limit(1, 0); $db->query(); if ($row = $db->next()) { $id_record = $row[0]; } } return $id_record; }
function fk_select_text($table, $fields, $id_selected) { $db = new db(); $OPTION[0] = ''; $OPTION[1] = ''; $rec = new ActiveRecord($table); $WHERE = ' WHERE ' . $rec->id_field_name . ' = "' . $id_selected . '" '; $SQL = 'SELECT ' . $fields . ' FROM ' . $table . ' ' . $WHERE; $db->query($SQL); if ($opt = $db->next()) { $OPTION[0] = $opt[0]; $OPTION[1] = $opt[1]; } return $OPTION; }
function priv_paquete($codigo_paquete) { $db = new db(); $sql = 'SELECT count(id_paquete_usuario) FROM paquetes_usuario pu INNER JOIN paquetes p ON pu.id_paquete = p.id_paquete WHERE pu.id_usuario = "' . $_SESSION['id_usuario'] . '" AND pu.fecha_fin >= CURDATE() AND p.codigo ="' . $codigo_paquete . '" '; $db->query($sql); $found = $db->next(); $tot = $found[0]; if ($tot >= 1) { return TRUE; } else { return FALSE; } }
private function leaveACommentDisabled() { ?> <li class="leave-comment"> <div class="c1_6 col-md-1 hidden-xs"> <?php if (Security::is_logged()) { $imagen = ''; $db = new db(); $db->query_assoc('select * from usuarios usr left join uploads upl on upl.id_upload = usr.imagen where usr.id_usuario = "' . $_SESSION['id_usuario'] . '" '); if ($rec = $db->next()) { $imagen = $rec['archivo']; } } else { $imagen = ''; } if ($imagen != '') { ?> <div class="user-img"><img src="<?php echo http_uploads() . '/' . $imagen; ?> "></div><?php } else { ?> <div class="user-img no-pho"></div><?php } ?> </div> <div class="c5_6 col-md-11 "> <?php if ($this->show_detail) { ?> <table class="user-data"> <tr> <td colspan="2"> <div id="message-err-<?php echo $this->id_obj; ?> " class="fk-error-message" style="display: none"></div> </td> </tr> <tr> <td>Nombre(Requerido):</td> <td><input type="text" id="name-user-<?php echo $this->id_obj; ?> " name="name-user-<?php echo $this->id_obj; ?> " value="" /></td> </tr> <tr> <td>Email(Requerido):</td> <td><input type="text" id="email-user-<?php echo $this->id_obj; ?> " name="email-user<?php echo $this->id_obj; ?> " value="" /></td> </tr> <tr> <td>Sitio web:</td> <td><input type="text" id="web-user-<?php echo $this->id_obj; ?> " name="web-user<?php echo $this->id_obj; ?> " value="" /></td> </tr> </table><?php } ?> <table class="txt-data"> <tr> <td><textarea id="leave-comment-<?php echo $this->id_obj; ?> -disabled" class="form-control disabled" disabled="disabled"> </textarea></td> </tr> </table> <button type="button" class="btn btn-danger btn-xs" id="leave-comment-btn-<?php echo $this->id_obj; ?> -disabled"> Comentar <i class="fa fa-comment"></i></button> </div> <div class="clear"></div> </li> <?php }
public static function hasPriv_Field($id_user, $table, $field) { $db = new db(); $db->connect(); $id_controller = 0; $id_accion = 0; $id_priv = 0; $id_perfil = 0; $id_mode_priv = 2; // Privilegios sobre: 1 Pantalla, 2 campo, 3 Pantalla y campo // si no hay nada que evite ver este campo default: tiene priv $has_priv['access'] = 1; $has_priv['read_only'] = 0; // Encontrar el privilegio $sql = 'SELECT p.id_priv FROM fk_privileges p WHERE p.id_mode_priv ="' . $id_mode_priv . '" AND p.table_name = "' . $table . '" AND p.field_name = "' . $field . '" LIMIT 1 '; $db->query($sql); if ($rec = $db->next()) { $id_priv = $rec['id_priv']; } if ($id_priv != 0) { // Si existe el privilegio, por default el acceso es false $has_priv['access'] = 0; $has_priv['read_only'] = 0; // Encontrar perfil del usuario $sql = 'SELECT id_perfil from ' . self::$db_tbl_usuarios . ' where ' . self::$db_fld_id_usuario . ' = "' . $id_user . '" '; $db->query($sql); if ($rec = $db->next()) { $id_perfil = $rec[0]; } // 1) encontrar priv de excepcion $sql = 'SELECT p_usr.permitir_acceso as access,solo_lectura as read_only FROM fk_privileges_usuarios p_usr WHERE p_usr.id_usuario = "' . $id_user . '" AND p_usr.id_priv = "' . $id_priv . '" LIMIT 1'; $db->query($sql); if ($rec = $db->next()) { $acceso = $rec['access']; $read_only = $rec['read_only']; } else { //2) Si no hay registros de excepcion, buscar los del perfil // encontrar priv de perfil... $sql = 'SELECT p_pf.access,p_pf.read_only FROM fk_perfiles_privs p_pf WHERE p_pf.id_perfil = "' . $id_perfil . '" AND p_pf.id_priv = "' . $id_priv . '" LIMIT 1 '; $db->query($sql); if ($rec = $db->next()) { $acceso = $rec['access']; $read_only = $rec['read_only']; } } if (isset($acceso) && isset($read_only)) { $has_priv['access'] = $acceso; $has_priv['read_only'] = $read_only; } } return $has_priv; }
public function TakePermisosUsuario() { $db = new db(); $db->connect(); $query = 'SELECT * FROM fk_perfiles_privs WHERE id_usuario = ' . $this->id_usuario; $db->query($query); $Arr = array(); while ($r = $db->next()) { $Arr[] = $r; } return $Arr; }
protected function runQueryProcess() { $this->db_queryapplist = new db(); $db_queryapplist_2 = new db(); // SELECT FOUND_ROWS() $this->ProcessSqlFormat(); $this->db_queryapplist->query_assoc($this->sql_exec); // Obtener total de registros para paginador $db_queryapplist_2->query_assoc('SELECT FOUND_ROWS() as total'); $rec_tot = $db_queryapplist_2->next(); $this->tot_regs = $rec_tot['total']; $this->creaVariablesPaginador(); if ($this->page > $this->tot_pages) { // Si el usuario mete valores mayores a la pagina, regresa a pagina 1 $this->formaLimit(1); $this->ProcessSqlFormat(); $this->db_queryapplist->query_assoc($this->sql_exec); $this->creaVariablesPaginador(); } }
/** *@package AppForm *@method get_id_record($id_record) *@desc returns id record related to $record_num *@since v0.1 **/ private function get_id_record($record_num = 1) { $db = new db(); $id_record = 0; // Get $record_num = $record_num - 1 > 0 ? $record_num - 1 : 0; $sql = 'select ' . $this->DbRecord->id_field_name . ' from ' . $this->model . ' WHERE TRUE ' . $this->DbRecord->SqlAnd . ' LIMIT ' . $record_num . ',1'; $db->query($sql); if ($row = $db->next()) { $id_record = $row[0]; } else { // Find first $this->record_number = 1; if ($this->total_records == 0) { $this->record_number = 0; } $sql = 'select ' . $this->DbRecord->id_field_name . ' from ' . $this->model . ' WHERE TRUE ' . $this->DbRecord->SqlAnd . ' LIMIT 0,1'; $db->query($sql); if ($row = $db->next()) { $id_record = $row[0]; } } return $id_record; }
public function verPerfilPriv() { $db = new db(); $db->connect(); $query = 'SELECT * FROM fk_perfiles_privs WHERE id_usuario = ' . $this->id_perfil . ' AND id_priv = ' . $this->id_priv; $db->query($query); $r = $db->next(); return $r; }
private function printComments() { $db = new db(); $db->connect(); $sql = 'SELECT *,now() as ahora FROM ' . $this->table . ' WHERE ' . $this->code_field . ' = "' . $this->code . '" AND ' . $this->id_table2coment_field . ' = "' . $this->id_tab_val . '"'; $db->query($sql); while ($rec = $db->next()) { $this->printOneComent($rec); } }
public function getFileList() { $db = new db(); $db->connect(); $db->query('SELECT * FROM ' . $this->table . ' ;'); $list = ''; while ($rec = $db->next()) { $list .= $rec['archivo'] . '<br>'; } $db->close(); return $list; }
private function generateJSON() { // no mostrar errores como warnings, ya que afecta el resultado y marca error en {json} ini_set('display_errors', 0); // MySQL connection $db = new db(); $db->connect(); // Get Columns $this->get_columns(); //Limit $this->setLimit(); //Ordering $this->setOrder(); //Filtering $this->setFilter(); $this->sQuery = "SELECT SQL_CALC_FOUND_ROWS " . $this->sql_fields . "\n\t\t\t FROM " . $this->sql_table . " " . $this->sWhere . " " . $this->sOrder . " " . $this->sLimit . " ;"; $db->query($this->sQuery); $out_ini = ''; $out_regs = ''; $out_fin = ''; #-------------------------------------- # REGISTROS #-------------------------------------- while ($aRow = $db->next()) { $out_regs .= "["; foreach ($this->arr_columns as $k => $col) { if (isset($col['type']) && @$col['type'] == 'special') { $out_regs .= '"' . addslashes($this->procesa_columnas_esp($col, $aRow)) . '",'; } else { $out_regs .= '"' . addslashes($aRow[$col]) . '",'; } } $out_regs = substr_replace($out_regs, "", -1); $out_regs .= "],"; } $out_regs = substr_replace($out_regs, "", -1); #-------------------------------------- # TOTALES #-------------------------------------- $this->sQuery = "SELECT FOUND_ROWS()"; $db->query($this->sQuery); $aResultFilterTotal = $db->next(); $iFilteredTotal = $aResultFilterTotal[0]; $this->sQuery = "\n\t\t\tSELECT COUNT(*)\n\t\t\tFROM " . $this->sql_table . "\n\t\t"; $db->query($this->sQuery); $aResultTotal = $db->next(); $iTotal = $aResultTotal[0]; $out_ini .= '{'; $out_ini .= '"sEcho": ' . intval(@$_GET['sEcho']) . ', '; $out_ini .= '"iTotalRecords": ' . $iTotal . ', '; $out_ini .= '"iTotalDisplayRecords": ' . $iFilteredTotal . ', '; $out_ini .= '"aaData": [ '; #-------------------------------------- # Cerrar cadena output #-------------------------------------- $out_fin .= '] }'; #-------------------------------------- # FORTAMEAR output #-------------------------------------- $sOutput = $out_ini . $out_regs . $out_fin; return $sOutput; }