function doWork() { try { $dbh = dbConnect::getInstance()->dbh; } catch (PDOException $e) { print "Error!: " . $e->getMessage() . "<br/>"; die; } $sql = "update member set member_name = :member_name, address = :address, password = :password "; $sql .= ",province_id = :province_id, province_name = :province_name "; $sql .= ",amphur_id = :amphur_id, amphur_name = :amphur_name, "; $sql .= ",district_id = :district_id, district_name = :district_name "; $sql .= ",postcode = :postcode "; $sql .= "where email = :email"; $stmt = $dbh->prepare($sql); $stmt->bindValue(":member_name", $_POST["txtName"]); $stmt->bindValue(":address", $_POST["txtAddress"]); $stmt->bindValue(":password", $_POST["txtPassword"]); $stmt->bindValue(":province_id", doExplode($_POST["cboProvince"])[0]); $stmt->bindValue(":province_name", doExplode($_POST["cboProvince"])[1]); $stmt->bindValue(":amphur_id", doExplode($_POST["cboAmphur"])[0]); $stmt->bindValue(":amphur_name", doExplode($_POST["cboAmphur"])[1]); $stmt->bindValue(":district_id", doExplode($_POST["cboDistrict"])[0]); $stmt->bindValue(":district_name", doExplode($_POST["cboDistrict"])[1]); $stmt->bindValue(":postcode", $_POST["txtPostCode"]); $stmt->bindValue(":email", $_POST["email"]); if ($stmt->execute()) { header("Content-Type: application/json"); echo json_encode(array("result" => "success")); } else { header("Content-Type: application/json"); echo json_encode($stmt->errorInfo()); } }
public function __construct($id) { $this->pdo = dbConnect::getInstance(); $this->id = $id; $query = $this->pdo->query("SELECT * FROM shipy_user WHERE id = '" . $this->id . "' "); $this->row = $query->fetch(PDO::FETCH_ASSOC); }
function login($uname, $password, $checked) { $db = dbConnect::getInstance(); $mysqli = $db->getConnection(); $query = "SELECT * FROM users_tb WHERE mail= '" . $uname . "' AND pass = '******'"; $res = $mysqli->query($query); if (mysqli_num_rows($res) > 0) { $row = mysqli_fetch_array($res); if ($row['type'] != "3") { $_SESSION['cafeteriaSystem'] = $row['id']; $_SESSION['type'] = $row['type']; $_SESSION['name'] = $row['name']; $_SESSION['pic'] = $row['pic_path']; //echo $_SESSION['php']; if ($checked == "1") { setcookie("cafeteriaSystem", $row['id'], time() + 3600); //echo $_COOKIE['php']; } if ($row['type'] == "1") { header("location:orders.php"); } else { header("location:index.php"); } return TRUE; } } else { return false; } }
function doWork() { try { $dbh = dbConnect::getInstance()->dbh; } catch (PDOException $e) { print "Error!: " . $e->getMessage() . "<br/>"; die; } if (empty($_POST["isDelete"])) { $sql = "insert into material (material_type, description) values "; $sql .= "(:material_type, :description) "; $sql .= "on duplicate key update description = :description "; $stmt = $dbh->prepare($sql); $stmt->bindValue(":material_type", $_POST["txtMaterialType"]); $stmt->bindValue(":description", $_POST["txtDescription"]); } else { $sql = "delete from material where material_type = :material_type "; $stmt = $dbh->prepare($sql); $stmt->bindValue(":material_type", $_POST["isDelete"]); } if ($stmt->execute()) { header("Content-Type: application/json"); echo json_encode(array("result" => "success")); } else { header("Content-Type: application/json"); echo json_encode($stmt->errorInfo()); } }
function deleteShirtSize() { try { $dbh = dbConnect::getInstance()->dbh; } catch (PDOException $e) { echo "Error!: " . $e->getMessage() . "<br/>"; die; } $sql = "delete from shirt_size where size_code = :size_code and gender = :gender "; $stmt = $dbh->prepare($sql); $stmt->bindValue(":size_code", $_POST["size_code"]); $stmt->bindValue(":gender", $_POST["gender"]); header("Content-Type: application/json"); if ($stmt->execute()) { echo json_encode(array("result" => "success")); } else { //echo json_encode($stmt->errorInfo()); $errorCode = $stmt->errorCode(); if ($errorCode == '23000') { echo json_encode(array('result' => 'ไม่สามารถลบได้ เนื่องจากได้มีการใช้ข้อมูลนี้ไปแล้ว !!!')); } else { echo json_encode($stmt->errorInfo()); } } }
function mcacc_get_acc_list() { $mc_db = dbConnect::getInstance(); if (!is_user_logged_in()) { log("Neprisijunges vartotojas bando pasitikrinti savo acc ip: " . $_SERVER['REMOTE_ADDR']); return; } }
function regist($fname, $lname, $address, $country, $gender, $uname, $password, $myskils, $department, $pic_name) { $db = dbConnect::getInstance(); $mysqli = $db->getConnection(); $query = " insert into users_tb set\n\t\t\t\t\t\tfname='" . $fname . "' ,\n\t\t\t\t\t\tlname='" . $lname . "' ,\t\n\t\t\t\t\t\taddress='" . $address . "' ,\n\t\t\t\t\t\ttype = '2' ,\n\t\t\t\t\t\tcountry = '" . $country . "' ,\n\t\t\t\t\t\tgender='" . $gender . "' ,\n\t\t\t\t\t\tmail='" . $uname . "' ,\n\t\t\t\t\t\tpassword='******' ,\n\t\t\t\t\t\tskils='" . $myskils . "' ,\n\t\t\t\t\t\tdept = '" . $department . "' ,\n\t\t\t\t\t\tprof_pic='" . $pic_name . "'\n\t\t\t"; $res = $mysqli->query($query) or die(mysqli_error($mysqli)); if ($res) { return TRUE; } else { return false; } }
function insertOrder() { try { $dbh = dbConnect::getInstance()->dbh; } catch (PDOException $e) { print "Error!: " . $e->getMessage() . "<br/>"; die; } $sql = 'insert into shirt_order '; $sql .= '(email, line_screen_price_1, line_screen_price_2, shirt_id_1, '; $sql .= 'shirt_id_2, qty_1, qty_2, order_status, order_date, amt, '; $sql .= 'screen_width_1, screen_height_1, screen_width_2, screen_height_2, color_area_1, color_area_2) '; $sql .= 'values'; $sql .= '(:email, :line_screen_price_1, :line_screen_price_2, :shirt_id_1, '; $sql .= ':shirt_id_2, :qty_1, :qty_2, :order_status, curdate(), :amt, '; $sql .= ':screen_width_1, :screen_height_1, :screen_width_2, :screen_height_2, :color_area_1, :color_area_2); '; $sql .= 'update member set address = :address where email = :email; '; $stmt = $dbh->prepare($sql); $stmt->bindValue(':email', $_POST['email']); $stmt->bindValue(':line_screen_price_1', $_POST['line_screen_price_1']); $stmt->bindValue(':line_screen_price_2', $_POST['line_screen_price_2']); $stmt->bindValue(':shirt_id_1', $_POST['shirt_id_1']); $stmt->bindValue(':shirt_id_2', $_POST['shirt_id_2']); $stmt->bindValue(':qty_1', $_POST['qty_1']); $stmt->bindValue(':qty_2', $_POST['qty_2']); $stmt->bindValue(':order_status', 'order'); $stmt->bindValue(':amt', $_POST['amt']); $stmt->bindValue(':address', $_POST['address']); $stmt->bindValue(':screen_width_1', $_POST['screen_width_1']); $stmt->bindValue(':screen_height_1', $_POST['screen_height_1']); $stmt->bindValue(':screen_width_2', $_POST['screen_width_2']); $stmt->bindValue(':screen_height_2', $_POST['screen_height_2']); $stmt->bindValue(':color_area_1', $_POST['color_area_1']); $stmt->bindValue(':color_area_2', $_POST['color_area_2']); if ($stmt->execute()) { $orderId = $dbh->lastInsertId(); $target_dir = 'uploads/'; $dirToMake = '../' . $target_dir . $orderId; mkdir($dirToMake); $screen1 = $_POST['line_screen_1']; saveFileToDir($dirToMake, $screen1, '01.png'); $screen2 = $_POST['line_screen_2']; saveFileToDir($dirToMake, $screen2, '02.png'); $product = $_POST['product_image']; saveFileToDir($dirToMake, $product, '03.png'); header("Content-Type: application/json"); echo json_encode(array('order_id' => $orderId)); } else { header("Content-Type: application/json"); echo json_encode($stmt->errorInfo()); } }
public static function login($user, $pass) { $pass = md5($pass); $pdo = dbConnect::getInstance(); if (empty($user) or empty($pass)) { die('Niet alle velden zjin gevuld! Probeer nogmaals!'); } $check = $pdo->prepare("SELECT * FROM shipy_user WHERE username = :user AND password = :pass "); $check->execute(array(':user' => $user, ':pass' => $pass)); if ($check->rowCount() == 1) { while ($row = $check->fetch(PDO::FETCH_ASSOC)) { $_SESSION['log'] = $row['id']; header('Location: /user/dashboard/'); } } else { die('Het opgegeven wachtwoord is verkeerd, of de gebruiker komt niet voor in de database. Probeer nogmaals!'); } }
function deleteSizePrice() { try { $dbh = dbConnect::getInstance()->dbh; } catch (PDOException $e) { echo "Error!: " . $e->getMessage() . "<br/>"; die; } $sql = "delete from size_price where size_price_id = :size_price_id "; $stmt = $dbh->prepare($sql); $stmt->bindValue(":size_price_id", $_POST["size_price_id"]); if ($stmt->execute()) { header("Content-Type: application/json"); echo json_encode(array("result" => "success")); } else { header("Content-Type: application/json"); echo json_encode($stmt->errorInfo()); } }
function checkEmail() { try { $dbh = dbConnect::getInstance()->dbh; } catch (PDOException $e) { print "Error!: " . $e->getMessage() . "<br/>"; die; } $email = $_POST["email"]; $sql = "select email from member where email = :email "; $stmt = $dbh->prepare($sql); $stmt->bindValue(":email", $email); if ($stmt->execute()) { $results = $stmt->fetch(PDO::FETCH_ASSOC); if (!empty($results["email"])) { header("Content-Type: application/json"); echo json_encode(array('valid' => false)); } else { header("Content-Type: application/json"); echo json_encode(array('valid' => true)); } } }
function deliverOrder($orderNum) { $db = dbConnect::getInstance(); $mysqli = $db->getConnection(); $query = " update check_tb set status = '2' where id='" . $orderNum . "' "; $res = $mysqli->query($query) or die(mysqli_error($mysqli)); $mysqli->query("CREATE EVENT updateStatus" . $orderNum . " ON SCHEDULE AT CURRENT_TIMESTAMP + INTERVAL 1 MINUTE DO \n \tupdate check_tb set status = '1' where id='" . $orderNum . "' ;\n \t") or die(mysqli_error($mysqli)); if ($res) { return true; } else { return false; } }
function addcat($Name) { $db = dbConnect::getInstance(); $mysqli = $db->getConnection(); $query = "insert into categories_tb (name,status) VALUES ('{$Name}' ,1) "; $res = $mysqli->query($query) or die(mysqli_error($mysqli)); return true; }
<?php session_start(); ini_set('max_execution_time', 0); require_once "../files/dbConnect.php"; require_once "../files/orders.php"; $orders = new orders(); $db = dbConnect::getInstance(); $mysqli = $db->getConnection(); $query = " select * from check_tb where u_id = '" . $_SESSION['cafeteriaSystem'] . "' "; $res = $mysqli->query($query) or die(mysqli_error($mysqli)); $row = mysqli_num_rows($res); //$file_name = 'document.txt'; $client_amount = isset($_GET['lastModified']) ? $_GET['lastModified'] : 0; //$client_deliver = isset($_GET['LastModifiedDelivered'])?$_GET['LastModifiedDelivered']:0; //$client_process = isset($_GET['LastModifiedProcessing'])?$_GET['LastModifiedProcessing']:0; /* Get Deliver number $queryDeliver = " select * from check_tb where u_id = '".$_SESSION['cafeteriaSystem']."' and status='2' "; $resDeliver = $mysqli->query($queryDeliver) or die (mysqli_error($mysqli)); $serverDeliver=mysqli_num_rows($resDeliver); /* Get Process number $queryProcess = " select * from check_tb where u_id = '".$_SESSION['cafeteriaSystem']."' and status='3' "; $resProcess = $mysqli->query($queryProcess) or die (mysqli_error($mysqli)); $serverProcess=mysqli_num_rows($resProcess); $client_process = $serverProcess;
"> <?php require "navbar.php"; require "service/message_service.php"; require "service/db_connect.php"; //get data class ShirtType { public $shirt_type = ""; public $shirt_type_description = ""; } //select user profile if (isset($_GET["shirttype"]) && !empty($_GET["shirttype"])) { try { $dbh = dbConnect::getInstance()->dbh; } catch (PDOException $e) { print "Error!: " . $e->getMessage() . "<br/>"; die; } $sql = "select shirt_type, shirt_type_description from shirt_type "; $sql .= "where shirt_type = :shirt_type "; $stmt = $dbh->prepare($sql); $stmt->bindValue(":shirt_type", $_GET["shirttype"]); if ($stmt->execute()) { $stmt->setFetchMode(PDO::FETCH_CLASS, "ShirtType"); $shirttype = $stmt->fetch(); } else { echo "error -> " . $stmt->errorInfo()[2]; } } else {
function selectAvilableRoom() { $db = dbConnect::getInstance(); $mysqli = $db->getConnection(); $query = " select * from rooms_tb where status='1'"; $res = $mysqli->query($query) or die(mysqli_error($mysqli)); if ($res) { return $res; } else { return false; } }
function getShirtSize($size_code, $gender) { try { $dbh = dbConnect::getInstance()->dbh; } catch (PDOException $e) { print "Error!: " . $e->getMessage() . "<br/>"; die; } $sql = "select chest_size, shirt_length from shirt_size "; $sql .= "where size_code = :size_code and gender = :gender "; $stmt->bindValue(":size_code", $size_code); $stmt->bindValue(":gender", $gender); if ($stmt->execute()) { $results = $stmt->fetch(PDO::FETCH_ASSOC); return $results; } }
protected function getDb() { return dbConnect::getInstance(); }
<meta charset="utf-8"> <link rel="stylesheet" href="/res/css/main.css"> <link rel="stylesheet" href="http://cdn.leafletjs.com/leaflet-0.7.3/leaflet.css" /> <script src="http://cdn.leafletjs.com/leaflet-0.7.3/leaflet.js"></script> <script src="http://leaflet.github.io/Leaflet.heat/dist/leaflet-heat.js"></script> </head> <body> <?php include "../autoloader/autoloader.php"; include "../config/exeption_handler.php"; set_exception_handler('exception_handler'); $pdo = dbConnect::getInstance(); $url = $_SERVER['REQUEST_URI']; $array_tmp_uri = preg_split('[\\/]', $url, -1, PREG_SPLIT_NO_EMPTY); $array_uri = array('controller' => 'user', 'method' => 'login', 'var' => array()); foreach ($array_tmp_uri as $key => $val) { switch ($key) { case 0: $array_uri['controller'] = $val; break; case 1: $array_uri['method'] = $val; break; default: $array_uri['var'][] = $val; } }
function resetPassword($mail, $secret) { $db = dbConnect::getInstance(); $mysqli = $db->getConnection(); $newPass = substr(str_shuffle(str_repeat("0123456789abcdefghijklmnopqrstuvwxyz", 5)), 0, 5); $q1 = "select * from users_tb where mail='" . $mail . "' and secret='" . $secret . "' "; $qRes = $mysqli->query($q1) or die(mysqli_error($mysqli)); if (mysqli_num_rows($qRes) > 0) { $query = " update users_tb set\t\t\t\t\tpass='******' where mail='" . $mail . "' and secret='" . $secret . "'"; $res = $mysqli->query($query) or die(mysqli_error($mysqli)); if ($res) { echo "Password Reset And ur new password is " . $newPass; } else { echo "Wrong Secret and Mail"; } } else { echo "Please Enter Valied Email and Secret"; } }
public function checkCommentAuther($id) { $db = dbConnect::getInstance(); $mysqli = $db->getConnection(); $query = "SELECT * FROM comments_tb WHERE id= '" . $id . "'"; $res = $mysqli->query($query); if (mysqli_num_rows($res) > 0) { $row = mysqli_fetch_array($res); if ($row['u_id'] == $_SESSION['php'] or $_SESSION['type'] == "1") { return true; } else { return false; } } }
function checkExistingOrder() { try { $dbh = dbConnect::getInstance()->dbh; } catch (PDOException $e) { print "Error!: " . $e->getMessage() . "<br/>"; die; } $order_id = $_POST['order_id']; $email = $_POST['email']; $amt = 0; if (isset($_POST['amount'])) { $amt = $_POST['amount']; } $sql = 'select order_id from shirt_order '; $sql .= 'where order_id = :order_id '; $sql .= 'and email = :email '; $sql .= 'and paid_date is null '; if ($amt > 0) { $sql .= 'and amt = :amt '; } else { $sql .= 'and amt > :amt'; } $stmt = $dbh->prepare($sql); $stmt->bindValue(':order_id', $order_id); $stmt->bindValue(':email', $email); $stmt->bindValue(':amt', $amt); if ($stmt->execute()) { $results = $stmt->fetch(PDO::FETCH_ASSOC); if (!empty($results["order_id"])) { header("Content-Type: application/json"); echo json_encode(array('valid' => true)); } else { header("Content-Type: application/json"); echo json_encode(array('valid' => false)); } } }
function insertColor() { try { $dbh = dbConnect::getInstance()->dbh; } catch (PDOException $e) { print "Error!: " . $e->getMessage() . "<br/>"; die; } $sql = "insert into shirt_color (color, color_hex) values "; $sql .= "(:color, :color_hex) "; $sql .= "on duplicate key update color = :color "; $stmt = $dbh->prepare($sql); $stmt->bindValue(":color", $_POST["txtColor"]); $stmt->bindValue(":color_hex", $_POST["txtColorHex"]); if ($stmt->execute()) { header("Content-Type: application/json"); echo json_encode(array("result" => "success")); } else { header("Content-Type: application/json"); echo json_encode($stmt->errorInfo()); } }
echo '<option value="receive" ' . ($selectedItem == 'receive' ? 'selected' : '') . '>ยืนยันชำระเงินแล้ว</option>'; echo '<option value="delivered" ' . ($selectedItem == 'delivered' ? 'selected' : '') . '>จัดส่งแล้ว</option>'; echo '<option value="canceled" ' . ($selectedItem == 'canceled' ? 'selected' : '') . '>ยกเลิก</option>'; echo '<option value="all" ' . ($selectedItem == 'all' ? 'selected' : '') . '>ทั้งหมด</option>'; ?> </select> </div> </div> </div> </form> <br/> <?php try { $conn = dbConnect::getInstance(); $dbh = $conn->dbh; } catch (PDOException $e) { print "Error!: " . $e->getMessage() . "<br/>"; die; } $sql = 'select o.order_id, o.email as email, o.line_screen_price_1, o.line_screen_price_2, o.qty_1, o.qty_2, o.amt, o.order_date, '; $sql .= 'o.paid_date, o.deliver_date, o.cancel_date, o.tracking_id, '; $sql .= 'o.screen_width_1, o.screen_height_1, o.screen_width_2, o.screen_height_2, o.color_area_1, o.color_area_2, '; $sql .= 's1.shirt_name as shirt_name_1, s1.gender as gender_1, s1.shirt_type as shirt_type_1, s1.color_hex as color_hex_1, s1.shirt_price as shirt_price_1, '; $sql .= 's2.shirt_name as shirt_name_2, s2.gender as gender_2, s2.shirt_type as shirt_type_2, s2.color_hex as color_hex_2, s2.shirt_price as shirt_price_2, '; $sql .= 's1.material_type as material_type_1, s1.size_code as size_code_1, '; $sql .= 's2.material_type as material_type_2, s2.size_code as size_code_2, '; $sql .= 'm.member_name, m.address, '; $sql .= 'c1.color as color_1, '; $sql .= 'c2.color as color_2 ';
function updateSystemInit() { if ($this->get_request_method() != "POST") { $this->response('', 406); } try { $dbh = dbConnect::getInstance()->dbh; } catch (PDOException $e) { $this->response("Error!: " . $e->getMessage() . "<br/>", 500); die; } $print_format = $this->_request['print_format']; $width = $this->_request['width']; $height = $this->_request['height']; $vat_rate = $this->_request['vat_rate']; $old_print_format = $this->_request['old_print_format']; $sql = 'update printer set '; $sql .= 'print_format = :print_format, '; $sql .= 'width = :width, '; $sql .= 'height = :height, '; $sql .= 'vat_rate = :vat_rate '; $sql .= 'where print_format = :old_print_format '; $stmt = $dbh->prepare($sql); $stmt->bindValue(":print_format", $print_format); $stmt->bindValue(":width", $width); $stmt->bindValue(":height", $height); $stmt->bindValue(":vat_rate", $vat_rate); $stmt->bindValue(":old_print_format", $old_print_format); if ($stmt->execute()) { $this->response(json_encode(array("result" => "success")), 200); } else { $this->response(json_encode($stmt->errorInfo()), 500); } }