function doCheckUpdate($v, $d)
{
$db = openConnection();
$sql = "";
$user_id = "";
$str = "{\"result\":\"0\",\"version_code\":\"0\",\"version_name\":\"\",\"file\":\"\",\"size\":\"\",\"desc\":\"\"}";
if (!empty($d)) {
$sql = "select id from root_tools_update_user where device='{$d}'";
$result = query($db, $sql);
while (list($id) = mysql_fetch_row($result)) {
$user_id = $id;
break;
}
if ($user_id != "") {
$sql = "select * from root_tools_update where ver_code > {$v} order by id desc limit 0,1";
$result = query($db, $sql);
}
} else {
$sql = "select * from root_tools_update where tag=0 and ver_code > {$v} order by id desc limit 0,1";
$result = query($db, $sql);
}
closeConnection($db);
while (list($id, $name, $ver_code, $size, $filename, $update_desc) = mysql_fetch_row($result)) {
$str = "{\"result\":\"1\",\"version_code\":\"{$ver_code}\",\"version_name\":\"{$name}\",\"file\":\"{$filename}\",\"size\":\"{$size}\",\"desc\":" . json_encode($update_desc) . "}";
break;
}
return $str;
}
function doUploadFont($n, $t)
{
$dbRet = 0;
$sql = "select id from fonts where name='{$n}'";
$db = openConnection();
$result = query($db, $sql);
$hasRecord = 0;
while (list($id) = mysql_fetch_row($result)) {
$hasRecord = 1;
break;
}
if ($hasRecord == 0) {
$istop = 0;
if ($t == "1") {
$istop = 1;
}
$fileName = $n . ".ttf";
$previewName = $n . ".png";
$sql = "insert into fonts (name, filename, istop, preview) values ('{$n}','{$fileName}',{$istop},'{$previewName}')";
$result = query($db, $sql);
$dbRet = $result;
}
closeConnection($db);
return $dbRet;
}
function DoQuery($t) {
$db = openConnection();
$id = 0;
$versionCode = 0;
$versionName = "";
$url = "";
$desc = "";
$desc_en = "";
$ret = "{\"versionCode\":0}";
if ($t == "last" || empty($t)) {
$stmt = $db->prepare("select * from version order by versionCode desc limit 0, 1");
$stmt->execute();
$stmt->bind_result($id, $versionCode, $versionName, $url, $desc, $desc_en);
$stmt->fetch();
$ret = "{\"versionCode\":${versionCode}, \"versionName\":".json_encode($versionName).", \"url\":".json_encode($url).", \"description\":".json_encode($desc).",\"desc_en\":".json_encode($desc_en)."}";
$stmt->close();
} else if ($t == "all") {
$ret = "{\"result\":0, \"data\":[";
$stmt = $db->prepare("select * from version order by versionCode desc limit 0, 10");
$stmt->execute();
$stmt->bind_result($id, $versionCode, $versionName, $url, $desc, $desc_en);
while($stmt->fetch()) {
$ret .= "{\"versionCode\":${versionCode}, \"versionName\":".json_encode($versionName).", \"url\":".json_encode($url).", \"description\":".json_encode($desc).",\"desc_en\":".json_encode($desc_en)."},";
}
$ret = rtrim($ret, ",");
$ret .= "]}";
}
closeConnection($db);
return $ret;
}
/**
* UserRoles model
*
* @author Enrique Bondoc <*****@*****.**>
* @since 2016-01-13 03:03:54 +08:00
**/
function getUserRoleByID($config, $id)
{
$connection = getConnection($config);
if (false === $connection['status']) {
return $connection;
}
$connection = $connection['connection'];
try {
$query = sprintf('
SELECT
`UserRoles`.*
FROM `UserRoles`
WHERE
`ID` = :ID
LIMIT 1
');
$data = ['ID' => $id];
$preparedStatement = $connection->prepare($query, [PDO::ATTR_CURSOR => PDO::CURSOR_FWDONLY]);
$preparedStatement->execute($data);
$preparedStatement->setFetchMode(PDO::FETCH_ASSOC);
$record = $preparedStatement->fetch();
if (!empty($record)) {
$record = ['ID' => $record['ID'], 'Name' => $record['Name'], 'Code' => $record['Code'], 'DateAdded' => $record['DateAdded'], 'DateModified' => $record['DateModified']];
return ['status' => true, 'message' => 'User Role found and retrieved successfully.', 'userRole' => $record];
}
closeConnection($connection);
return ['status' => false, 'message' => 'No user role found with given ID.'];
} catch (Exception $e) {
closeConnection($connection);
return ['status' => false, 'message' => $e->getMessage(), 'code' => 500];
}
}
function printTestUsers($accounts)
{
$connection = mysql_connect(DB_SERVER, DB_USER, DB_PASS) or die("Problemas en la conexion");
mysql_select_db(DB_NAME, $connection);
$html = "";
if (isset($accounts['data']) && count($accounts['data'])) {
$html .= "<table>";
$html .= "<tr class=\"head\"><td colspan=\"5\">Usuarios de prueba</td></tr>";
$html .= "<tr class=\"head\"><td>ID</td><td>Nombre</td><td>App user</td><td>Login URL</td><td>Borrar</td></tr>";
foreach ($accounts['data'] as $arr) {
$html .= "<tr>";
$html .= "<td>{$arr['id']}</td>";
$fbid = $arr['id'];
$fbid = quote_smart($fbid, $connection);
$SQL = "SELECT * FROM USER_APP2 WHERE fbid = {$fbid}";
$result = mysql_query($SQL) or die("MySQL-err.Query: " . $SQL . " - Error: (" . mysql_errno() . ") " . mysql_error());
$num_rows = mysql_num_rows($result);
if ($num_rows == 1) {
$aRow = mysql_fetch_array($result);
$html .= "<td>" . $aRow['fbname'] . "</td>";
} else {
$html .= "<td>-</td>";
}
$html .= "<td>" . (empty($arr['access_token']) ? "NO" : "YES") . "</td>";
$html .= "<td><a href=\"{$arr['login_url']}\" target=\"_blank\">Test User Login</a></td>";
$html .= "<td><a href=\"{$_SERVER['PHP_SELF']}?id={$arr['id']}&action=delete\">Delete Test User</a></td>";
$html .= "</tr>";
}
$html .= "</table>";
} else {
$html = "No hay usuarios";
}
closeConnection($connection);
return $html;
}
function DoUpload($n, $p, $u, $i, $a, $m, $ai)
{
$ret = "";
$str = "";
if ($m == 1) {
// update
$db = openConnection();
$sql = "update root_tools_recommand set name='{$n}',icon_url='{$i}',download_url='{$a}' where package_name='{$p}'";
$str = query($db, $sql);
closeConnection($db);
} else {
// add
$id = generateId("root_tools_recommand", "id");
$db = openConnection();
$sql = "insert into root_tools_recommand (id, name, package_name, main_activity, icon_url, download_url, unix_name, app_order) values ({$id}, '{$n}', '{$p}', 'null', '{$i}', '{$a}', '{$u}', 0)";
$str = query($db, $sql);
closeConnection($db);
}
if ($str == "0") {
$ret = "1";
} else {
$ret = "0";
}
return $ret;
}
function DoQuery($t) {
$str = "{\"result\":0, \"data\":[";
$db = openConnection();
$stmt = $db->prepare("select id, nickname, comment, photo1, photo2, photo3, photo4, photo5, commit_date from feedback where status = ? order by id desc");
$stmt->bind_param("i", $t);
$stmt->execute();
$id = 0;
$nickname = "";
$comment = "";
$photo1 = "";
$photo2 = "";
$photo3 = "";
$photo4 = "";
$photo5 = "";
$commit_date = "";
$stmt->bind_result($id, $nickname, $comment, $photo1, $photo2, $photo3, $photo4, $photo5, $commit_date);
while ($stmt->fetch()) {
$str .= "{\"id\":${id},\"nickname\":".json_encode($nickname).",\"comment\":".json_encode($comment).",\"photo1\":\"${photo1}\",\"photo2\":\"${photo2}\",\"photo3\":\"${photo3}\",\"photo4\":\"${photo4}\",\"photo5\":\"${photo5}\",\"commit_date\":\"${commit_date}\"},";
}
$stmt->close();
closeConnection($db);
$str = rtrim($str, ",");
$str .= "]}";
return $str;
}
function DoQuery($n, $c, $p1, $p2, $p3, $p4, $p5) {
$str = "{\"result\":1}";
date_default_timezone_set("Asia/Hong_Kong");
$t_str = date("YmdHis");
$commit_date = date("Y-m-d H:i:s");
$pname = generateToken().".${t_str}.";
$path1 = "./files/${pname}1";
$path2 = "./files/${pname}2";
$path3 = "./files/${pname}3";
$path4 = "./files/${pname}4";
$path5 = "./files/${pname}5";
$dbp1 = "";
$dbp2 = "";
$dbp3 = "";
$dbp4 = "";
$dbp5 = "";
if (isset($p1)) { move_uploaded_file($p1["tmp_name"], $path1); $dbp1 = "${pname}1"; }
if (isset($p2)) { move_uploaded_file($p2["tmp_name"], $path2); $dbp2 = "${pname}2"; }
if (isset($p3)) { move_uploaded_file($p3["tmp_name"], $path3); $dbp3 = "${pname}3"; }
if (isset($p4)) { move_uploaded_file($p4["tmp_name"], $path4); $dbp4 = "${pname}4"; }
if (isset($p5)) { move_uploaded_file($p5["tmp_name"], $path5); $dbp5 = "${pname}5"; }
$db = openConnection();
$stmt = $db->prepare("insert into feedback(nickname, comment, photo1, photo2, photo3, photo4, photo5, commit_date) values (?, ?, ?, ?, ?, ?, ?, ?)");
$stmt->bind_param("ssssssss", $n, $c, $dbp1, $dbp2, $dbp3, $dbp4, $dbp5, $commit_date);
$stmt->execute();
$rows = intval($stmt->affected_rows);
$stmt->close();
closeConnection($db);
if ($rows != 0) {
$str = "{\"result\":0}";
}
return $str;
}
/**
* StudentsSubjectsMatch model
*
* @author Enrique Bondoc <*****@*****.**>
* @since 2016-01-13 04:04:01 +08:00
**/
function addStudentSubjectMatch($config, $studentID, $subjectID)
{
$connection = getConnection($config);
if (false === $connection['status']) {
return $connection;
}
$connection = $connection['connection'];
try {
/**
* Insert into StudentsSubjectsMatch table.
*/
$query = sprintf('
INSERT INTO `StudentsSubjectsMatch` ( `UserID`, `SubjectID` )
VALUES ( :UserID, :SubjectID )
');
$preparedStatement = $connection->prepare($query);
$preparedStatement->bindValue(':UserID', $studentID, PDO::PARAM_INT);
$preparedStatement->bindValue(':SubjectID', $subjectID, PDO::PARAM_INT);
$result = $preparedStatement->execute();
closeConnection($connection);
if ($result) {
return ['status' => true, 'message' => 'Match (Student-Subject) has been added successfully.'];
}
return ['status' => false, 'message' => 'An error occured while trying to add the Student-Subject match.'];
} catch (Exception $e) {
closeConnection($connection);
return ['status' => false, 'message' => $e->getMessage(), 'code' => 500];
}
}
function execute($sql)
{
global $invalidQueryInputError;
$connection = connectToDatabase();
$result = mysqli_query($connection, $sql);
closeConnection($connection);
$rows = array();
if (mysqli_num_rows($result) > 0) {
$i = 0;
while ($row = mysqli_fetch_assoc($result)) {
$rows[$i] = $row;
$i++;
}
}
if ($invalidQueryInputError != "") {
$rows["PHP_ERROR"] = $invalidQueryInputError;
//This is not safe [Security Flow]
$invalidQueryInputError = "";
}
if (mysqli_error($connection) != null) {
$rows["SQL_ERROR"] = mysqli_connect_error();
//This is not safe [Security Flow]
}
return $rows;
}
function DoChangeOrder($i, $a)
{
$sql = "update root_tools_recommand set app_order={$a} where id={$i}";
$db = openConnection();
$result = query($db, $sql);
closeConnection($db);
return $result;
}
function doUploadNewVersion($n, $v, $s, $f, $u, $t)
{
$db = openConnection();
$sql = "insert into root_tools_update (name, ver_code, size, filename, update_desc,tag) values ('{$n}',{$v},'{$s}','{$f}','{$u}',{$t})";
$result = query($db, $sql);
closeConnection($db);
return $result;
}
function doAddDevice($d, $u)
{
$db = openConnection();
$sql = "insert into root_tools_update_user (device, user_memo) values ('{$d}', '{$u}')";
$result = query($db, $sql);
closeConnection($db);
return $result;
}
function DoDeletePackage($i)
{
$sql = "delete from root_tools_recommand where id={$i}";
$db = openConnection();
$result = query($db, $sql);
closeConnection($db);
return $result;
}
function doDeleteDevice($i)
{
$db = openConnection();
$sql = "delete from root_tools_update_user where id={$i}";
$result = query($db, $sql);
closeConnection($db);
return $result;
}
function doDeleteRecommand($i)
{
$sql = "delete from yugioh_recommand where id={$i}";
$db = openConnection();
$result = query($db, $sql);
closeConnection($db);
return $result;
}
function doRecordFeedback($i, $e, $t, $a, $o)
{
$db = openConnection();
$sql = "insert into yugioh_feedback (device, email, feedback, appver, osver) values ('{$i}','{$e}','{$t}','{$a}','{$o}')";
$result = query($db, $sql);
closeConnection($db);
return $result;
}
function doExecuteAndGetCount($query)
{
$conn = getConnection();
mysql_query($query, $conn) or die("Error en execute " . mysql_error());
$cant = mysql_affected_rows($conn);
closeConnection($conn);
return $cant;
}
function generateCrashTable()
{
$db = openConnection();
$sql = "select deviceId,app_version,os_version,module,mail,crash, crash_time from root_tools_crash where mail != '' order by id desc limit 0, 500";
$result = query($db, $sql);
while (list($d, $av, $ov, $m, $mail, $c, $ct) = mysql_fetch_row($result)) {
echo "<tr><td>{$ct}</td><td>{$av}</td><td>{$ov}</td><td>{$m}</td><td>{$mail}</td><td style='word-break:break-all'>{$c}</td></tr>";
}
closeConnection();
}
function letzteBestellungenExtended($benutzer)
{
//$con = mysql_connect('localhost','root','');
//mysql_select_db('ebertspizzapalace', $con);
createConnection();
$sql = "SELECT p.Name, xpo.Amount, group_concat(i.Name) AS Zutaten, o.ID\n\t\tFROM Customers c, Orders o, xProductOrder xpo, Products p, xProductIngredient xpi, Ingredients i \n\t\tWHERE c.ID = o.CustomerID \n\t\tAND o.ID = xpo.OrderID \n\t\tAND xpo.ProductID = p.ID \n\t\tAND p.ID = xpi.ProductID \n\t\tAND xpi.IngredientID = i.ID \n\t\tAND c.Login = '******'\n\t\tGROUP BY p.ID, o.ID";
$results = mysql_query($sql);
//mysql_close($con);
closeConnection();
return $results;
}
function doUploadNewSplash($p)
{
$extend = get_extend($p["name"]);
$filename = "file_" . date("YYmmddhhiiss") . "." . $extend;
move_uploaded_file($p["tmp_name"], "../splash/" . $filename);
$db = openConnection();
$sql = "update root_tools_splash set filename='{$filename}' where id=0";
$result = query($db, $sql);
closeConnection($db);
return $result;
}
function doLog($d, $m, $o, $mail, $b, $action)
{
$nid = generateId("root_tools_log", "id");
date_default_timezone_set("Asia/Hong_Kong");
$sql = "insert into root_tools_log values ('" . $nid . "', '" . $d . "', '" . $m . "', '" . $o . "', '" . $mail . "', '" . $b . "', '" . $action . "', '" . date("Y-m-d h:i a") . "')";
$db = openConnection();
$str = query($db, $sql);
closeConnection($db);
$str = "{\"result\":\"" . $str . "\"}";
return $str;
}
function getDBFiles()
{
$dbFiles = array();
openConnection();
$result = getAllFrom("episode");
closeConnection();
while ($episode = mysqli_fetch_assoc($result)) {
$dbFiles[] = $episode['filename'];
}
return $dbFiles;
}
function doLog($d, $m, $o, $mail, $b, $crash, $a)
{
$nid = generateId("root_tools_crash", "id");
date_default_timezone_set("Asia/Hong_Kong");
$sql = "insert into root_tools_crash values ('{$nid}', '{$d}', '{$m}', '{$o}', '{$mail}', '{$b}', '{$crash}', '" . date("Y-m-d h:i a") . "', '{$a}')";
$db = openConnection();
$str = query($db, $sql);
closeConnection($db);
$str = "{\"result\":\"" . $str . "\"}";
return $str;
}
function doLog($d, $m, $o, $mail, $b, $comment, $app)
{
$nid = generateId("root_tools_feedback", "id");
date_default_timezone_set("Asia/Hong_Kong");
$sql = "insert into root_tools_feedback(id,deviceId,module,os_version,mail,build_desc,comment,comment_time,app_version) values ('" . $nid . "', '" . $d . "', '" . $m . "', '" . $o . "', '" . $mail . "', '" . $b . "', '" . $comment . "', '" . date("Y-m-d h:i a") . "', '{$app}')";
$db = openConnection();
$str = query($db, $sql);
closeConnection($db);
$str = "{\"result\":\"" . $str . "\"}";
return $str;
}
function DoGenerateTable()
{
$sql = "select id, name, package_name, main_activity from root_tools_recommand order by id asc";
$db = openConnection();
$result = query($db, $sql);
closeConnection($db);
$str = "";
while (list($id, $name, $package_name, $main_activity) = mysql_fetch_row($result)) {
$str = $str . "<tr height='40'><td valign='top'>{$id}</td><td valign='top'>{$name}</td><td valign='top'>{$package_name}</td><td valign='top'><input type='button' value='删除' class='btn btn-small btn-primary' onClick=\"deletePackage({$id});\"></td><tr>";
}
return $str;
}
function executeQueryString($queryString)
{
$conn = createConnection();
if ($conn->query($queryString) === TRUE) {
//echo "<br>New record created successfully<br>";
return true;
} else {
echo "Error: " . $queryString . "<br>" . $conn->error;
return false;
}
closeConnection($conn);
}
function DoGenerateTable()
{
$sql = "select id, name, app_order from root_tools_recommand order by app_order asc";
$db = openConnection();
$result = query($db, $sql);
closeConnection($db);
$str = "";
while (list($id, $name, $app_order) = mysql_fetch_row($result)) {
$str = $str . "<tr height='40'><td valign='top'>{$id}</td><td valign='top'>{$name}</td><td valign='top'>{$app_order}</td><td valign='top'><input type='text' id='t{$id}' value='{$app_order}' class='input-block-level'></td><td valign='top'><input type='button' value='更改' class='btn btn-small btn-primary' onClick=\"changeOrder({$id}, document.getElementById('t{$id}').value);\"></td><tr>";
}
return $str;
}
function DoGenerateTable()
{
$sql = "select id, name, jump_mode, jump_url, jump_text from yugioh_recommand order by id asc";
$db = openConnection();
$result = query($db, $sql);
closeConnection($db);
$str = "";
while (list($id, $name, $jump_mode, $jump_url, $jump_text) = mysql_fetch_row($result)) {
$str = $str . "<tr height='40'><td valign='top'>{$id}</td><td valign='top'>{$name}</td><td valign='top'>{$jump_mode}</td><td valign='top'>{$jump_url}</td><td valign='top'>{$jump_text}</td><td valign='top'><input type='button' value='Delete' class='btn btn-small btn-primary' onClick=\"deleteRecommand({$id});\"></td><tr>";
}
return $str;
}
function BenutzernameCheck($inputBenutzername)
{
createConnection();
//$con = mysql_connect('localhost','root','');
//mysql_select_db('ebertspizzapalace', $con);
$sql = "SELECT Login FROM Customers WHERE Login = '******'";
$result = mysql_query($sql, $con);
$count = mysql_num_rows($result);
closeConnection();
//mysql_close($con);
return $count;
}
