public function getQCEWQuarter($stfips, $areatype, $area, $periodyear, $periodtype, $period) { $link = getDatabaseConnection(); $query = sprintf(" SELECT ind.*, format(ind.estab, '###,###,###.##') as estab_fmt, \n format(ind.totwage, '###,###,###.##') as totwage_fmt, \n format(ind.avgwkwage, '###,###,###.##') as avgwage_fmt, \n format(ind.avgemp, '###,###,###.##') as avgemp_fmt, ic.codetitle \n FROM wid.industry ind\n INNER JOIN wid.indcodes ic ON ind.indcodty = ic.codetype \n AND ind.indcode = ic.code\n WHERE ind.stfips = '%s'\n AND ind.areatype = '%s'\n AND ind.area = '%s'\n AND ind.periodyear = '%s'\n AND ind.periodtype = '%s'\n AND ind.period = '%s'\n ORDER BY indcode, period ", mysql_real_escape_string($stfips), mysql_real_escape_string($areatype), mysql_real_escape_string($area), mysql_real_escape_string($periodyear), mysql_real_escape_string($periodtype), mysql_real_escape_string($period)); $list = $this->getResult($query, $link); return $list; }
public function getAreaList($stfips, $areatype) { $link = getDatabaseConnection(); $query = sprintf("select * from wid.geog " . "where stfips = '%s' and areatype = '%s' order by stfips, areatype, area", mysql_real_escape_string($stfips), mysql_real_escape_string($areatype)); $arealist = $this->getJSONResult($query, $link); return $arealist; }
public function getList($stfips, $areatype, $area, $seriescode, $adjusted) { $link = getDatabaseConnection(); $query = sprintf(" SELECT s.seriesttls, s.serieslvl, empces, format(c.empces, '###,###,###.##') as empces_fmt,\n c.periodyear, c.periodtype, c.period, c.stfips, c.areatype, c.area,\n c.adjusted, c.seriescode, c.prelim\n FROM wid.cescode s\n INNER JOIN wid.ces c ON c.stfips = s.stfips\n AND c.seriescode = s.seriescode\n WHERE c.stfips = '%s'\n AND c.areatype = '%s'\n AND c.area = '%s'\n AND c.seriescode = '%s'\n and c.adjusted = '%s'\n ORDER BY periodyear, periodtype, period, prelim ", mysql_real_escape_string($stfips), mysql_real_escape_string($areatype), mysql_real_escape_string($area), mysql_real_escape_string($seriescode), mysql_real_escape_string($adjusted)); $list = $this->getResult($query, $link); return $list; }
protected function processData() { //Alpha-num sanitizeUsername($this->username); //Verify username and password length requirements if (strlen($this->username) > 40) { throw new Exception("Username must be shorter than 40 characters"); } if (strlen($this->username) > 72) { throw new Exception("Password must be shorter than 72 characters"); } //verify username available $conn = getDatabaseConnection(); $availabilityQuery = new UsernameAvailabilityQuery($conn, $this->username); $available = $availabilityQuery->getNumRows() == 0; if ($available) { //hash pw $this->password = password_hash($this->password, PASSWORD_DEFAULT); //add user $addUserQuery = new AddUserQuery($conn, $this->username, $this->password); $addUserQuery->query(); } else { //username taken throw new Exception("Username taken"); } return true; }
public function getLicxocc($stfips, $areatype, $area, $occcode) { $link = getDatabaseConnection(); $query = sprintf(" SELECT * from wid.licxocc x \n inner join wid.license l \n on l.stfips = x.stfips \n and l.licenseid = x.licenseid \n where l.stfips = '%s'\n and l.areatype = '%s'\n and l.area = '%s'\n and x.occcode = '%s' ", mysql_real_escape_string($stfips), mysql_real_escape_string($areatype), mysql_real_escape_string($area), mysql_real_escape_string($occcode)); $list = $this->getResult($query, $link); return $list; }
function getTripInfo($tripId) { $rsp = new JsonResponse_TripInfo("Problem getting trip info."); // Connect to database $conn = getDatabaseConnection(); // Prepare statement to get all waypoints with that tripid $statement = $conn->prepare('SELECT time, latitude, longitude FROM waypoints WHERE trip = :trid', array(PDO::ATTR_CURSOR => PDO::CURSOR_FWDONLY)); // Execute $statement->execute(array(':trid' => $tripId)); $wps = $statement->fetchAll(); // Loop over results and build response data.. just space-sep'd vals $timez = ""; $latz = ""; $longz = ""; for ($i = 0, $l = count($wps); $i < $l; ++$i) { $timez .= $wps[$i][0] . " "; $latz .= $wps[$i][1] . " "; $longz .= $wps[$i][2] . " "; } $rsp->times = $timez; $rsp->lats = $latz; $rsp->longs = $longz; // Return info $rsp->setSuccessful(); $rsp->respondAndExit(); }
public function getSocCips($soccode) { $link = getDatabaseConnection(); $query = sprintf(" SELECT * from wid.cipcode c \n inner join wid.socxcip s on s.cipcode = c.cipcode\n where soccode = '%s'", mysql_real_escape_string($soccode)); $list = $this->getResult($query, $link); return $list; }
public function getList($stfips, $areatype, $area, $popsource) { $link = getDatabaseConnection(); $query = sprintf(" SELECT * from wid.populatn \n where stfips = '%s'\n and areatype = '%s'\n and area = '%s'\n and popsource = '%s' \n and periodyear >= '1980' ", mysql_real_escape_string($stfips), mysql_real_escape_string($areatype), mysql_real_escape_string($area), mysql_real_escape_string($popsource)); $list = $this->getResult($query, $link); return $list; }
public function getCenLabor($stfips, $periodyear) { $link = getDatabaseConnection(); $sqlstring = "\n select censtitle, format(femalelf, '#,###,###.##') as femalelf, format(malelf, '#,###,###.##') as malelf\n from wid.censcode c, wid.cenlabor l \n where c.censcode = l.censcode\n and l.stfips = '%s'\n and l.periodyear = '%s' \n order by c.censcode"; $query = sprintf($sqlstring, mysql_real_escape_string($stfips), mysql_real_escape_string($periodyear)); $cenlab = $this->getJSONResult($query, $link); return $cenlab; }
protected function processData() { //add game $conn = getDatabaseConnection(); $addGameQuery = new IncreaseScoreQuery($conn, $this->game, $this->player, $this->increaseAmount); $addGameQuery->query(); return true; }
function __construct() { if (PRODUCTION_ENVIRONMENT) { require_once $_SERVER['DOCUMENT_ROOT'] . '/inc/db.php'; } else { require_once '../db.php'; } $this->db = getDatabaseConnection(); }
public function getEmployerData($stfips = "41", $areatype = "01", $area = "000000", $zipcode = "", $naicscode = "000000", $sizeclass = "9", $annsalrng = "X", $search = "", $page = "1", $rows = "25", $sord = "asc", $sidx = "name") { $link = getDatabaseConnection(); $page = max($page, 1); $start = $page * $rows + 1 - $rows; $where = sprintf(" WHERE stfips = '%s' ", mysql_real_escape_string($stfips)) . sprintf($areatype == '01' ? "" : " and areatype = '%s' and area = '%s' ", mysql_real_escape_string($areatype), mysql_real_escape_string($area)) . sprintf($naicscode == '000000' ? "" : " and primnaics like '%s' ", mysql_real_escape_string($naicscode . '%')) . sprintf($search == '' ? "" : " and name like '%s' ", mysql_real_escape_string('%' . $search . '%')) . sprintf($annsalrng == 'X' ? "" : " and annsalrng='%s'", mysql_real_escape_string($annsalrng)) . sprintf($zipcode == '' ? "" : " and zipcode='%s'", mysql_real_escape_string($zipcode)) . sprintf(($sizeclass == '9' ? "" : " and empsizrng='%s'") . " order by " . $sidx . " " . $sord . " ", mysql_real_escape_string($sizeclass)); $query = "select * from wid.empdb " . $where . " limit " . ($start - 1) . ", " . $rows; return $this->getEmployerResult($query, $where, $rows, $page, $link); }
private static function updateUtilisateur($utilisateur) { try { $bdd = getDatabaseConnection(); $request = $bdd->prepare('UPDATE utilisateur SET nom=?, prenom=?, mail=?, username=?, password=? WHERE userId = ? ;'); $result = $request->execute(array($utilisateur->getNom(), $utilisateur->getPrenom(), $utilisateur->getMail(), $utilisateur->getUserName(), $utilisateur->getPasswordHash(), $utilisateur->getID())); } catch (Exception $e) { die("Message: " + $e->getMEssage()); } }
protected function processData() { //roll dice $conn = getDatabaseConnection(); $dice = array(); for ($i = 0; $i < 6; $i++) { array_push($dice, rand(1, 6)); } $rollDiceQuery = new RollDiceQuery($conn, $this->game, $dice); $rollDiceQuery->query(); return true; }
protected function processData() { //add game $conn = getDatabaseConnection(); $addGameQuery = new AddGameQuery($conn, $this->player1, $this->player2); $addGameQuery->query(); //roll dice $dice = array(); for ($i = 0; $i < 6; $i++) { array_push($dice, rand(1, 6)); } $rollDiceQuery = new RollDiceQuery($conn, $conn->insert_id, $dice); $rollDiceQuery->query(); return true; }
function doLogin($user_id, $user_pass) { $connect = getDatabaseConnection(); // See if the user is in the database $query = sprintf("SELECT * from user_access where lower(user_id) = lower('%s') and user_pass = '******'", mysql_real_escape_string($user_id), mysql_real_escape_string($user_pass)); $result = mysql_query($query); $num = mysql_num_rows($result); if ($num > 0) { // Generate a GUID $result = mysql_query("select uuid() as unique_id"); $retVal = mysql_result($result, 0, "unique_id"); mysql_query("update user_access set user_session_uuid='" . $retVal . "', last_access_datetime=utc_timestamp()"); } else { $retVal = null; } closeDatabaseConnection($connect); return $retVal; }
protected function processData() { //Alpha-num sanitizeUsername($this->username); //Verify username and password length requirements if (strlen($this->username) > 40) { throw new Exception("Username invalid"); } if (strlen($this->username) > 72) { throw new Exception("Password incorrect"); } //verify password $conn = getDatabaseConnection(); $storedPassQuery = new PasswordQuery($conn, $this->username); $storedPassHash = $storedPassQuery->getPassword(); $valid = password_verify($this->password, $storedPassHash); return $valid; }
public function __construct($target, $singularity = false) { if (!$singularity) { trigger_error('STOP! Use: $db = databaseMachine::getDatabaseMachine();', E_USER_NOTICE); exit(1); } $this->_target = $target; if (!isset($this->_dbLink)) { $this->_dbLink = getDatabaseConnection(); } if ($this->_dbLink) { if (!@mysql_select_db($this->_target, $this->_dbLink)) { trigger_error('Could not select database target: ' . $this->_target, E_USER_NOTICE); @mysql_close($this->_dbLink); $this->_dbLink = null; } } else { trigger_error('Could not connect to database server.', E_USER_NOTICE); } }
function hasValidSession() { // See if username and password are set in session variables if ($_SESSION["uname"] == null || $_SESSION["phash"] == null) { return false; } // Try connecting to database $conn = getDatabaseConnection(); // Prepare statement to check for users with that name $statement = $conn->prepare('SELECT hashedpw FROM users WHERE username = :username', array(PDO::ATTR_CURSOR => PDO::CURSOR_FWDONLY)); // Execute $statement->execute(array(':username' => $_SESSION["uname"])); $wps = $statement->fetchAll(); // If no users available, can't be a valid session... if (count($wps) == 0) { return false; } // Get hashed password (could check that only one user exists, but okay) $phash = $wps[0][0]; // If equal to session var then fine return $phash == $_SESSION["phash"]; }
* A HTML/PHP script file that acts as the account * portal authorized by logging into the MySQL * accounts database table used by the SWGEMU * Core3 server for user management within MySQL. * * Refer to Register.php for DB structure. * * fin */ require_once 'includes/Conn.php'; session_start(); //Is this the indexed session from account_id? if (!isset($_SESSION["account_id"])) { header('Location: Login.php'); } else { $con = getDatabaseConnection(); $account_id = $_SESSION["account_id"]; //Match query to account_id row if ($stmt = $con->prepare("SELECT username FROM accounts WHERE account_id=?")) { $stmt->bind_param("i", $account_id); $stmt->execute(); $result = $stmt->get_result(); if ($result->num_rows == 1) { $row = $result->fetch_assoc(); } else { session_unset(); header("Location: Login.php"); exit(0); } } }
function searchUsers($search) { $search = '%' . $search . '%'; $sql = pg_prepare(getDatabaseConnection(), "searchUsers", "SELECT id, username, profile_picture FROM users WHERE username LIKE \$1;"); $result = pg_execute(getDatabaseConnection(), "searchUsers", [$search]) or die('Query failed: ' . pg_last_error()); $arr = []; while ($row = pg_fetch_assoc($result)) { $arr[] = $row; } return $arr; }
public static function deleteFilm($film) { try { $bdd = getDatabaseConnection(); $request = $bdd->prepare('DELETE FROM movie WHERE mov_id = ?;'); $request->execute(array($film->getId())); } catch (Exception $e) { die("Message: " + $e->getMEssage()); } }
public function getWageData($stfips, $occcode, $periodtype, $period) { $link = getDatabaseConnection(); $query = sprintf(" SELECT periodyear, g.areaname, pct10, pct25, median, pct75, pct90, mean \n from wid.geog g inner join wid.oeswage w \n on w.stfips = g.stfips and w.areatype = g.areatype and w.area = g.area \n inner join wid.soccode s on occcode = soccode \n where w.stfips = '%s' \n and occcode = '%s'\n and periodtype = '%s'\n and period = '%s' ", mysql_real_escape_string($stfips), mysql_real_escape_string($occcode), mysql_real_escape_string($periodtype), mysql_real_escape_string($period)); $list = $this->getResult($query, $link); return $list; }
/** * Route - "GET /api/warranties/:id" - to show a specific warranty * @return void */ function routeGetWarranty($id) { global $jsonObject, $app; // Construct SQL query $sql = "SELECT * FROM warranties WHERE id=:id"; try { $dbCon = getDatabaseConnection(); $stmt = $dbCon->prepare($sql); $stmt->bindParam("id", $id); $stmt->execute(); $result = $stmt->fetchObject(); $dbCon = null; if ($result) { $jsonObject['data'] = $result; } else { $app->response->setStatus(404); $jsonObject['status'] = 'error'; $jsonObject['message'] = 'Couldn\'t find warranty with id ' . $id; } echo json_encode($jsonObject); } catch (PDOException $e) { $app->response->setStatus(500); $jsonObject['status'] = 'error'; $jsonObject['message'] = $e->getMessage(); echo json_encode($jsonObject); } }
<?php require_once '../data/wfutils.php'; $link = getDatabaseConnection(); if (!$link) { die('Could not connect: ' . mysql_error()); } $parms = get_params(array('stfips' => '41', 'areatype' => '01', 'area' => '000000', 'adjusted' => '1')); // Create parameterized query for labforce table $query = sprintf("SELECT * FROM wid.labforce WHERE stfips='%s' and areatype='%s' and area='%s' and adjusted='%s' order by periodyear, periodtype, period, prelim", mysql_real_escape_string($parms['stfips']), mysql_real_escape_string($parms['areatype']), mysql_real_escape_string($parms['area']), mysql_real_escape_string($parms['adjusted'])); // Perform Query $result = mysql_query($query, $link); // Check result and report any errors if (!$result) { $message = 'Invalid query: ' . mysql_error() . "\n"; $message .= 'Whole query: ' . $query; die($message); } // Put results in XML document header('Content-type: text/xml'); echo "<?xml version='1.0' standalone='yes'?>"; echo "<labforcelist>"; while ($row = mysql_fetch_assoc($result)) { ?> <labforce stfips="<?php echo htmlspecialchars($row['stfips']); ?> " areatype="<?php echo htmlspecialchars($row['areatype']); ?>
/** * add a new feed with a user */ public function addFeeds($feed) { if (!$this->dbConnected()) { $this->dbconnection = getDatabaseConnection(); } if ($this->isValid()) { //add a new feed to the database $stmt = $this->dbconnection->prepare("insert into user_feed values(?,?,?)"); if (is_array($feed)) { foreach ($feed as $oneofFeed) { $stmt->bind_param('sss', $this->username, $oneofFeed->url, $oneofFeed->feedname); $stmt->execute(); } } else { $stmt->bind_param('sss', $this->username, $feed->url, $feed->feedname); $stmt->execute(); } } if (!$stmt->error) { $stmt->close(); return true; } else { $stmt->close(); return false; } }
public function __construct() { $args = func_get_args(); $this->state_name = $args[0]; $this->stfips = $args[1]; $link = getDatabaseConnection(); $this->setMaxPeriods($link, $this, "labforce"); $query2 = sprintf("select * from wid.labforce " . "where (periodyear = '%s' " . "and periodtype = '03' " . "and period in ('%s', '%s') " . "and stfips in ('00', '%s') " . "and areatype in ('00', '01')" . "and area = '000000' " . "and adjusted = '1') " . "or" . "(periodyear = '%s' " . "and periodtype = '03' " . "and period = '%s' " . "and stfips in ('00', '%s') " . "and areatype in ('00', '01') " . "and area = '000000' " . "and adjusted = '1') " . "order by stfips, periodyear, period", $this->periodyear, $this->period, $this->lastperiod, $this->stfips, $this->lastyear, $this->period, $this->stfips); $result = mysql_query($query2, $link); if (!$result) { $message = 'Invalid query: ' . mysql_error() . "\n"; $message .= 'Whole query: ' . $query; die($message); } while ($row = mysql_fetch_assoc($result)) { if ($this->periodyear == $row['periodyear'] && $this->period == $row['period'] && $row['stfips'] == '00') { $this->rates['00M1'] = $row['unemprate']; } else { if ($this->periodyear == $row['periodyear'] && $this->lastperiod == $row['period'] && $row['stfips'] == '00') { $this->rates['00M2'] = $row['unemprate']; } else { if ($this->lastyear == $row['periodyear'] && $this->period == $row['period'] && $row['stfips'] == '00' && $row['prelim'] == '0') { $this->rates['00M3'] = $row['unemprate']; } else { if ($this->periodyear == $row['periodyear'] && $this->period == $row['period'] && $row['stfips'] == $this->stfips) { $this->rates[$this->stfips . 'M1'] = $row['unemprate']; } else { if ($this->periodyear == $row['periodyear'] && $this->lastperiod == $row['period'] && $row['stfips'] == $this->stfips && $row['prelim'] == '0') { $this->rates[$this->stfips . 'M2'] = $row['unemprate']; } else { if ($this->lastyear == $row['periodyear'] && $this->period == $row['period'] && $row['stfips'] == $this->stfips && $row['prelim'] == '0') { $this->rates[$this->stfips . 'M3'] = $row['unemprate']; } else { } } } } } } } mysql_free_result($result); mysql_close($link); }
<?php include 'dbConnection.php'; $dbConn = getDatabaseConnection(); //Post Variable //empty() doesn't work, because the productId = 0 is true when you use empty() if (!isset($_GET['songId'])) { echo "<h4>Additional Information:</h4>"; echo "<br>"; echo "<span style='color: red'>No Song selected</span>"; } else { $records = displaySongInfo(); foreach ($records as $record) { echo "<h4>Song:</h4>"; echo "<span style='color:blue'>" . $record['songName'] . "</span>"; echo "<br>"; echo "<h4>Length:</h4>"; echo "<span style='color:blue'>" . $record['length'] . " min" . "</span>"; echo "<br>"; echo "<h4>Artist</h4>"; echo "<span style='color:blue'>" . $record['artistName'] . "</span>"; echo "<br>"; echo "<h4>Artist Wiki:</h4>"; echo "<span style='color:blue'>" . "<a href=" . $record['artistWiki'] . " target='_blank'>Wikipedia</a>" . "</span>"; echo "<br>"; echo "<h4>Album</h4>"; echo "<span style='color:blue'>" . $record['albumName'] . "</span>"; echo "<br>"; echo "<h4>Album Release</h4>"; //Converting date $phpdate = strtotime($record['releaseDate']);
<?php include "functions.inc.php"; try { $dbh = getDatabaseConnection(); $start = isset($_GET['page']) ? abs(intval($_GET['page'])) : 0; $stmt = $dbh->prepare("SELECT code, ctime FROM records WHERE code LIKE :code ORDER BY ctime DESC LIMIT :start,20"); $stmt->bindValue(":start", $start, PDO::PARAM_INT); $stmt->execute(array(":code" => "%")); $result = $stmt->fetchAll(PDO::FETCH_ASSOC); echo json_encode(array("result" => "success", "data" => $result)); } catch (PDOException $e) { http_response_code(500); echo json_encode(array("message" => $e->getMessage(), "line" => $e->getLine())); die; } ?> <!DOCTYPE HTML> <!-- 2015 北一制服日・頭貼產生器 by christinesfkao, 2015, under CC-BY 3.0 Template by HTML5 UP html5up.net | n33.co @n33co dribbble.com/n33 Core functions inspired by 7 號頭像產生器(http://goooooooogle.github.io/profile-picture-generator/) --> <html> <head> <title>2015 北一制服日・頭貼產生器</title> <meta charset="utf-8" /> <meta name="viewport" content="width=device-width, initial-scale=1" /> <!--[if lte IE 8]><script src="javascript/html5shiv.js"></script><![endif]--> <link rel="stylesheet" href="stylesheets/main.css" />
function handshake($request, $conn) { $this->console("%s", "\n---------------------------------------------------------------------------------------\n", "BlueBold"); $this->console($request); $this->console("%s", "\n---------------------------------------------------------------------------------------\n\n", "BlueBold"); preg_match('/(?<=GET \\/\\?ouser_id=)([0-9]*)/', $request, $matches); // 1. Extract the ouser from the connection request $ouser = new stdClass(); if (!empty($matches)) { $ouser_id = $matches[0]; $this->setDatabaseConnection(getDatabaseConnection(true)); $this->console('retreiving user: /obray/OUsers/get/?ouser_id=' . $ouser_id . '&with=options' . "\n"); $ouser = $this->route('/obray/OUsers/get/?ouser_id=' . $ouser_id . '&with=options'); $this->console($ouser); if (!empty($ouser->data[0])) { $ouser = $ouser->data[0]; } else { $ouser = new stdClass(); } $ouser->subscriptions = array("all" => 1); $ouser->connection = new stdClass(); } // 2. Extract header information from request $lines = explode("\r\n", $request); $headers = array(); foreach ($lines as $line) { $line = chop($line); if (preg_match('/\\A(\\S+): (.*)\\z/', $line, $matches)) { $headers[$matches[1]] = $matches[2]; $ouser->connection->{$matches[1]} = $matches[2]; } } // 3. Prepare/send response $secKey = $headers['Sec-WebSocket-Key']; $secAccept = base64_encode(pack('H*', sha1($secKey . '258EAFA5-E914-47DA-95CA-C5AB0DC85B11'))); //hand shaking header $upgrade = "HTTP/1.1 101 Web Socket Protocol Handshake\r\n" . "Upgrade: websocket\r\n" . "Connection: Upgrade\r\n" . "WebSocket-Origin: {$this->host}\r\n" . "WebSocket-Location: ws://{$this->host}:{$this->port}/\r\n" . "Sec-WebSocket-Accept:{$secAccept}\r\n\r\n"; $this->console("Send upgrade request headers.\n"); $this->console("%s", "\n---------------------------------------------------------------------------------------\n", "BlueBold"); $this->console($upgrade); $this->console("%s", "\n---------------------------------------------------------------------------------------\n\n", "BlueBold"); $this->console($conn); fwrite($conn, $upgrade, strlen($upgrade)); return $ouser; }