/*benutzereingaben auswerten*/
if($vars->validateVars()){
$e= new pExploit();
$e->autor('anonymous');
$e->title($vars->catname());
$e->category($vars->category());
$e->platform($vars->platform());
$e->content($vars->content());
$e->codeLanguage($vars->language());
$verified=false;
if ($vars->verified()=='on')
$verified=true;
$e->verified($verified);
$e->dbh($dbh);
$upload=new Upload($vars->url_upload(),$_FILES['pc_upload']);
$upload->uploaddir('upload');
$e->file($upload->upload());
$e->mysqlInsert();
echo "<h4>{$vars->catname()} hinzugefügt</h4>";
}else {
//nicht alle erforderlichen Variablen dabei
echo "<h5>missing stuff:</h5>";
foreach ($vars->missingVars()as $missing){
echo $missing. ", ";
}
}
/**Formular erzeugen***/
public function mysqlSelect($id=""){
if(!$this->dbh())
return false;
if (empty($id)){
$sql="SELECT * FROM cms_exploit";
$stmt=$this->dbh->prepare($sql);
$stmt->execute();
$exploits=array();
foreach($stmt->fetchAll() as $value){
$e=new pExploit();
$e->id($value['id']);
$e->date=$value['date'];
$e->verified=$value['verified'];
$e->hits=$value['hits'];
$e->autor=$value['autor'];
$e->codeLanguage=$value['code_language'];
$e->title=$value['title'];
$e->content=$value['content'];
$e->file=$value['file'];
$e->category=$value['category'];
$e->platform=$value['platform'];
$e->dbh=$e->dbh();
$exploits[]=$e;
}
return $exploits;
} else {
$sql="SELECT * FROM cms_exploit WHERE id=?";
$stmt=$this->dbh->prepare($sql);
$stmt->bindParam(1, $id, PDO::PARAM_INT);
$stmt->execute();
$value=$stmt->fetch(PDO::FETCH_ASSOC);
if($value==null)
return false;
$this->id($value['id']);
$this->date=$value['date'];
$this->verified=$value['verified'];
$this->hits=$value['hits'];
$this->autor=$value['autor'];
$this->codeLanguage=$value['code_language'];
$this->title=$value['title'];
$this->content=$value['content'];
$this->file=$value['file'];
$this->category=$value['category'];
$this->platform=$value['platform'];
}
}//function
<img src="img/logo.png" alt="logo" />
</div>
<div>
<div class="list">
<table class="exploits-list">
<?php
//LOESCHEN
$getDelete=new Getvars();
$getDelete->requireVar('delete');
if ($getDelete->validateVars()){
$exploit=new pExploit();
$exploit->dbh($dbh);
$exploit->id($getDelete->delete());
$exploit->mysqlDelete();
}
foreach ($exploits as $e){
$view=$fgen->getLink($e->title(), 'ShowExploit.php', array("view" =>$e->id()));
$edit=$fgen->getLink('edit', 'EditExploit.php', array("edit" =>$e->id()));
$delete=$fgen->getLink('delete', 'ListExploit.php',array('delete'=>$e->id()),true, "{$e->title()} löschen?");
echo "<tr><td>$view</td><td>$edit</td><td>$delete</td></tr>\n";
}
?>
public function loadBy(){
if ($this->userVars->validateVars()){
$e= new pExploit();
$e->dbh($this->dbh);
if($this->userVars->id()){
$this->exploits=$e->mySqlSelectByCategory($this->userVars->id(), 0, 15);
$this->navigation->nElements($e->mysqlCountByCategory($this->userVars->id()));
}
}
}//loadBy
