function getLanguages($conn) { $selQ = new selectSQL($conn); $selQ->select = array("abreviation"); $selQ->tableNames = array("languages"); if (!$selQ->executeQuery() || $selQ->getNumberOfResults() == 0) { $GLOBALS['statusMessage'] = makeStatusMessage(2, "error"); mysqli_close($conn); return null; } else { $lang = array(); while ($r = $selQ->result->fetch_assoc()) { $lang[] = $r['abreviation']; } return $lang; } }
function checkLoginAttempts($conn, $seconds, $user = null) { $timeout = time() - $seconds; $ip = ip2long($_SERVER['REMOTE_ADDR']); $selQ = new selectSQL($conn); $selQ->select = array("date"); $selQ->tableNames = array("login_logs"); if (isset($user)) { $selQ->where = "(user = '******' OR ip = '" . $ip . "')"; } else { $selQ->where = "ip = '" . $ip . "'"; } $selQ->where .= " AND date > '" . $timeout . "' AND result = '0'"; if (!$selQ->executeQuery()) { return -1; } else { return $selQ->getNumberOfResults(); } }
function getCat($where, $conn, $lang, $langArr) { $selQ = new selectSQL($conn); if (!empty($lang)) { $selQ->select = array("id", "parentid", "name" . $lang . " as nameEN", "desc" . $lang . " as descEN", "imgurl"); } else { $selQ->select = array("id", "parentid"); foreach ($langArr as $l) { $selQ->select[] = "name" . $l; $selQ->select[] = "desc" . $l; } $selQ->select[] = "imgurl"; } $selQ->tableNames = array("categories"); $selQ->where = $where; if (isset($_POST['deleted'])) { $selQ->where .= " AND visible = 0"; } else { $selQ->where .= " AND visible = 1"; } if (!$selQ->executeQuery()) { return; } if ($selQ->getNumberOfResults() > 0) { while ($row = $selQ->result->fetch_assoc()) { $subCats = getCat("parentid = '" . $row['id'] . "'", $conn, $lang, $langArr); if ($subCats) { $data[] = array_merge($row, array("subCategories" => $subCats)); } else { $data[] = $row; } } return $data; } else { return; } }
for ($i = 0; $i < count($propNames); $i++) { $selQ->select = array_merge($selQ->select, array($propNames[$i] . " as `" . $propLangName[$i] . "`")); } $selQ->tableNames = array("products as p"); $selQ->joins = array(); $selQ->joinTypes = array(); if (checkTable($conn, "products_" . $catid)) { $selQ->tableNames[] = "products_" . $catid . " as nld"; $selQ->joins[] = "p.id = nld.infoid"; $selQ->joinTypes[] = "LEFT JOIN"; } if (checkTable($conn, "products_" . $catid . "_" . $language)) { $selQ->tableNames[] = "products_" . $catid . "_" . $language . " as ld"; $selQ->joins[] = "p.id = ld.infoid"; $selQ->joinTypes[] = "LEFT JOIN"; } if (!$selQ->executeQuery()) { $statusMessage = $selQ->status; mysqli_close($conn); return; } if ($selQ->getNumberOfResults() == 0) { $statusMessage = makeStatusMessage(59, "error"); } else { $data = array(); while ($row = $selQ->result->fetch_assoc()) { $data[] = $row; } $statusMessage = makeStatusMessage(22, "success"); } mysqli_close($conn);
$insQ->insertData[] = $conn->real_escape_string($_POST['minprice']); $insQ->cols[] = "minprice"; } $selQ = new selectSQL($conn); $selQ->select = array("id"); $selQ->tableNames = array("dicounts"); if (isset($_POST['prodid']) && count($_POST['prodid'])) { $insCount = count($insQ->insertData); foreach ($_POST['prodid'] as $pid) { $pid = $conn->real_escape_string($pid); $selQ->where = "productid = '" . $pid . "' AND userid = '" . $conn->real_escape_string($_POST['userid']) . "'"; if (!$selQ->executeQuery()) { $statusMessage = $selQ->status; $error = 1; } else { if ($selQ->getNumberOfResults()) { $statusMessage = makeStatusMessage(105, "error"); $error = 1; } else { $insQ->insertData[$insCount] = $pid; $insQ->cols[$insCount] = "productid"; if (!$insQ->executeQuery()) { $statusMessage = $insQ->status; $error = 1; } } } } } else { if (!empty($_POST['catid'])) { $selQ->where = "categoryid = '" . $conn->real_escape_string($_POST['catid']) . "' AND userid = '" . $conn->real_escape_string($_POST['userid']) . "'";
mysqli_close($conn); return; } $log = createLog("", "changeUserInfo", "", "", $id); $selQ = new selectSQL($conn); $selQ->select = array("u.id as uid", "i.userid as iid"); $selQ->tableNames = array("user_info as i", "users as u"); $selQ->joinTypes = array("RIGHT OUTER JOIN"); $selQ->joins = array("u.id = i.userid"); $selQ->where = "u.id='" . $id . "'"; if (!$selQ->executeQuery()) { $statusMessage = $selQ->status; mysqli_close($conn); return; } if ($selQ->getNumberOfResults() > 1) { $statusMessage = $selQ->status; mysql_close($conn); return; } $row = $selQ->result->fetch_assoc(); if (is_null($row['iid'])) { $insQ = new insertSQL($conn); $insQ->insertData = array(); $insQ->cols = array("fname", "lname", "firm", "address", "city", "country", "email", "phone"); foreach ($insQ->cols as $c) { if (isset($_POST[$c]) && !empty($_POST[$c])) { $insQ->insertData[] = $conn->real_escape_string($_POST[$c]); } else { $insQ->insertData[] = ""; }
function insCat($conn) { require_once 'languageConfig.php'; $insQ = new insertSQL($conn); $insQ->insertData = array(); $insQ->cols = array(); foreach ($langArr as $l) { if (isset($_POST['names'][$l])) { $insQ->insertData[] = $conn->real_escape_string($_POST['names'][$l]); $insQ->cols[] = "name" . $l; } if (isset($_POST['desc'][$l])) { $insQ->insertData[] = $conn->real_escape_string($_POST['desc'][$l]); $insQ->cols[] = "desc" . $l; } } if (isset($_POST['imgUrl'])) { $insQ->insertData[] = $conn->real_escape_string($_POST['imgUrl']); $insQ->cols[] = "imgurl"; } if (isset($_POST['parentid'])) { $insQ->insertData[] = $conn->real_escape_string($_POST['parentid']); $insQ->cols[] = "parentid"; } $insQ->tableName = "categories"; if (!$insQ->executeQuery()) { $statusMessage = $insQ->status; } else { $selQid = new selectSQL($conn); $selQid->where = ""; foreach ($langArr as $l) { if (isset($_POST['names'][$l])) { $selQid->where = "name" . $l . " = '" . $conn->real_escape_string($_POST['names'][$l]) . "' OR "; } } $selQid->where = substr($selQid->where, 0, -4); $selQid->order = "id DESC"; $selQid->tableNames = array("categories"); $selQid->select = array("id"); if (!$selQid->executeQuery()) { $statusMessage = $selQid->status; } else { $row = $selQid->result->fetch_assoc(); $catid = $row['id']; $selQ = new selectSQL($conn); $selQ->select = array("name", "langDependant"); $selQ->tableNames = array("properties"); $tmp = array(); foreach ($_POST['fid'] as $f) { $tmp[] = $conn->real_escape_string($f); } $selQ->where = "id IN (" . arrToQueryString($tmp, null) . ")"; if (!$selQ->executeQuery() or $selQ->getNumberOfResults() == 0) { $statusMessage = makeStatusMessage(53, "error"); } else { $propsDef = array(); $propsLang = array(); while ($row = $selQ->result->fetch_assoc()) { if ($row['langDependant']) { $propsLang[] = $row['name']; } else { $propsDef[] = $row['name']; } } $ctQ = new createTableSQL($conn); $ctQ->cols = array(); $ctQ->cols[] = "infoid"; $ctQ->colTypes = array(); $ctQ->colTypes[] = "int(11) NOT NULL"; $ctQ->name = "products_" . $catid; if (count($propsDef)) { foreach ($propsDef as $pr) { $ctQ->cols[] = $pr; $ctQ->colTypes[] = "varchar(40) COLLATE utf8_unicode_ci DEFAULT NULL"; } if (!$ctQ->executeQuery()) { $statusMessage = $ctQ->status; mysqli_close($conn); return; } } if (count($propsLang)) { foreach ($langArr as $l) { unset($ctQ->cols); $ctQ->cols[] = "infoid"; unset($ctQ->colTypes); $ctQ->colTypes[] = "int(11) NOT NULL"; $ctQ->name = "products_" . $catid . "_" . $l; foreach ($propsLang as $pr) { $ctQ->cols[] = $pr . $l; $ctQ->colTypes[] = "varchar(40) COLLATE utf8_unicode_ci DEFAULT NULL"; } if (!$ctQ->executeQuery()) { $GLOBALS['statusMessage'] = $ctQ->status; mysqli_close($conn); return; } } } $insQ = new insertSQL($conn); $insQ->cols = array("catid", "propid"); $insQ->tableName = "props_to_prods"; foreach ($_POST['fid'] as $f) { $insQ->insertData = array($catid, $conn->real_escape_string($f)); if (!$insQ->executeQuery()) { $resultAddProps = true; } } if (isset($resultAddProps)) { $statusMessage = makeStatusMessage(103, "error"); } else { $statusMessage = makeStatusMessage(11, "success"); } } } } $GLOBALS['statusMessage'] = $statusMessage; }
function getPropsForCat($conn, $catid, $langArr = null, $insertQueryLangArr = null) { $language = $GLOBALS['language']; include_once 'variables/productVariables.php'; if (isset($langArr)) { $propNamesDefld = array(); foreach ($propNamesDefldtemp as $tmp) { foreach ($langArr as $lan) { $propNamesDefld[] = $tmp . $lan; } } } else { $propNamesDefld = $propNamesDefldtemp; } $propNames = array(); $propNamesld = array(); if (isset($insertQueryLangArr)) { $langArr = $insertQueryLangArr; } $conn = sqlConnectDefault(); if (is_null($conn)) { $statusMessage = makeStatusMessage(1, "error"); return; } $selQ = new selectSQL($conn); $selQ->tableNames = array("props_to_prods as ptp", "properties as p"); $selQ->joins = array("p.id = ptp.propid"); $selQ->joinTypes = array("INNER JOIN"); $selQ->select = array("p.name as propName", "p.langDependant as ld", "p.name" . $language . " as `langName`"); $selQ->where = "ptp.catid = '" . $catid . "'"; if (!$selQ->executeQuery()) { $GLOBALS['statusMessage'] = $selQ->status; return null; } elseif ($selQ->getNumberOfResults() == 0) { $GLOBALS['statusMessage'] = makeStatusMessage(53, "error"); return null; } elseif (isset($langArr)) { while ($r = $selQ->result->fetch_assoc()) { if ($r['ld']) { if (isset($insertQueryLangArr)) { $propNamesld[] = $r['propName'] . " as `" . $r['langName'] . "`"; } else { foreach ($langArr as $lan) { $propNamesld[] = $r['propName'] . $lan . " as `" . $r['langName'] . "`"; } } } else { $propNames[] = $r['propName'] . " as `" . $r['langName'] . "`"; } } } else { while ($r = $selQ->result->fetch_assoc()) { if ($r['ld']) { $propNamesld[] = $r['propName']; } else { $propNames[] = $r['propName']; } } } return array("propNamesDefld" => $propNamesDefld, "propNamesDef" => $propNamesDef, "propNamesld" => $propNamesld, "propNames" => $propNames); }