function model_add($nimetus, $kogus)
{
global $link;
$query = 'INSERT INTO kleemets_kaubad (Nimetus, Kogus) VALUES (?,?)';
$stmt = mysqli_prepare($link, $query);
mysqli_stmt_bind_param($stmt, 'si', $nimetus, $kogus);
mysqli_stmt_execute($stmt);
$id = mysqli_stmt_insert_id($stmt);
mysqli_stmt_close($stmt);
return $id;
}
function model_user_add($kasutajanimi, $parool)
{
global $l;
$hash = password_hash($parool, PASSWORD_DEFAULT);
$query = 'INSERT INTO kleemets_kasutajad (Kasutajanimi, Parool) VALUES (?, ?)';
$stmt = mysqli_prepare($l, $query);
mysqli_stmt_bind_param($stmt, 'ss', $kasutajanimi, $hash);
mysqli_stmt_execute($stmt);
$id = mysqli_stmt_insert_id($stmt);
mysqli_stmt_close($stmt);
return $id;
}
/**
* @param $connection
* @param array $user
* @return bool
*/
function saveUser($connection, array &$user)
{
$query = 'INSERT IGNORE INTO users (name, email, hashed_password) VALUES (?, ?, ?)';
$statement = mysqli_prepare($connection, $query);
mysqli_stmt_bind_param($statement, 'sss', $user['name'], $user['email'], $user['hashed_password']);
mysqli_stmt_execute($statement);
$inserted = (bool) mysqli_stmt_affected_rows($statement);
if ($inserted) {
$user['id'] = mysqli_stmt_insert_id($statement);
}
mysqli_stmt_close($statement);
return $inserted;
}
public function saveItem($dbc, $cid)
{
$query = "INSERT INTO basket(cartID,itemName,Value) VALUES(?,?,?)";
$stmt = mysqli_prepare($dbc, $query);
if (!$stmt) {
die('mysqli error: ' . mysqli_error($dbc));
}
mysqli_stmt_bind_param($stmt, "dsd", $cid, $this->name, $this->value);
if (!mysqli_execute($stmt)) {
die('stmt error: ' . mysqli_stmt_error($stmt));
}
$this->id = mysqli_stmt_insert_id($stmt);
}
function model_user_add($kasutajanimi, $parool)
{
global $l;
$hash = password_hash($parool, PASSWORD_DEFAULT);
$query = "INSERT INTO areinman__kasutajad (Kasutajanimi, Parool) VALUES (?,?)";
$stmt = mysqli_prepare($l, $query);
if (mysqli_error($l)) {
echo mysqli_error($l);
exit;
}
mysqli_stmt_bind_param($stmt, "ss", $kasutajanimi, $hash);
mysqli_execute($stmt);
$id = mysqli_stmt_insert_id($stmt);
mysqli_stmt_close($stmt);
return $id;
}
public function insertUser($dbc)
{
require_once '../mysqli_connect.php';
//Insert info into the database
$query = "INSERT INTO users(firstName,lastName,email, password, streetAddress, postalCode, DOB, gender) VALUES (?,?,?,?,?,?,?,?)";
//Prepare mysqli statement
$stmt = mysqli_prepare($dbc, $query);
if (!$stmt) {
die('mysqli error1: ' . mysqli_error($dbc));
}
//Bind parameters
mysqli_stmt_bind_param($stmt, "ssssssds", $this->firstName, $this->lastName, $this->email, $this->password, $this->streetAddress, $this->postalCode, $this->DOB, $this->gender);
if (!mysqli_execute($stmt)) {
die('stmt error2: ' . mysqli_stmt_error($stmt));
}
$this->id = mysqli_stmt_insert_id($stmt);
}
public function executeNonQuery($sql, $argv = NULL)
{
//Logger::trace("MysqlDao.executeNonQuery executed", LOG_LEVEL_NOTICE);
$affected = 0;
// 校验参数有效性
$lowstr = strtolower($sql);
if (strtolower(substr($lowstr, 0, 6)) === "select") {
echo "Invalid query SQL statement.";
}
//echo $sql;
// 创建数据库连接(如果需要)
$connected = $this->connected();
$conn = $connected ? $this->conn : $this->connect(FALSE);
// 将默认字符集设置为utf8
mysqli_query($conn, "set names 'utf8'");
mysqli_query($conn, "set character set 'utf8'");
// 执行SQL语句
$stmt = mysqli_prepare($conn, $sql);
if (mysqli_errno($conn)) {
$errno = mysqli_errno($conn);
$error = "MYSQL ERROR #" . $errno . " : " . mysqli_error($conn);
echo $error;
}
// 根据参数的个数动态生成参数绑定语句
if (isset($argv) && count($argv) > 0) {
$bind_param_cmd = "mysqli_stmt_bind_param(\$stmt, ";
$paramstr = "";
$bindstr = "";
$holdstr = "";
$i = 0;
foreach ($argv as $arg) {
$paramstr .= "\$invar{$i}, ";
$bindstr .= "\$invar{$i} = \$argv[{$i}]; ";
$holdstr .= "s";
$i++;
}
$bind_param_cmd = "mysqli_stmt_bind_param(\$stmt, \"{$holdstr}\", " . substr($paramstr, 0, strlen($paramstr) - 2) . "); ";
$bind_param_cmd .= $bindstr;
eval($bind_param_cmd);
//将字符串中的变量代入
}
// 执行SQL语句
mysqli_stmt_execute($stmt);
if (mysqli_stmt_errno($stmt)) {
$errno = mysqli_stmt_errno($stmt);
$error = "MYSQL ERROR #" . $errno . " : " . mysqli_stmt_error($stmt);
echo $error;
}
$this->insert_id = mysqli_stmt_insert_id($stmt);
//数据库操作数据id
//echo $this->insert_id;
$affected = mysqli_stmt_affected_rows($stmt);
mysqli_stmt_close($stmt);
// 关闭数据库连接(如果需要)
if (!$connected) {
$this->disconnect($conn);
}
return $affected;
}
/**
* Returns the item corresponding to the value specified for the primary key.
*
* Add authorization or any logical checks for secure access to your data
*
*
* @return stdClass
*/
public function createTraceInTimeline($item) {
$stmt = mysqli_prepare($this->connection, "INSERT INTO $this->tablename (idTimeline, idTrace, idSelector, position, delay, visible) VALUES (?, ?, ?, ?, ?, ?)");
$this->throwExceptionOnError();
mysqli_stmt_bind_param($stmt, 'iiiiii', $item->idTimeline, $item->idTrace, $item->idSelector, $item->position, $item->delay, $item->visible);
$this->throwExceptionOnError();
mysqli_stmt_execute($stmt);
$this->throwExceptionOnError();
$autoid = mysqli_stmt_insert_id($stmt);
mysqli_stmt_free_result($stmt);
mysqli_close($this->connection);
return $autoid;
}
printf("[005] Expecting int/0, got %s/%s\n", gettype($tmp), $tmp);
}
mysqli_stmt_close($stmt);
// no auto_increment column
$stmt = mysqli_stmt_init($link);
if (!mysqli_stmt_prepare($stmt, "INSERT INTO test_mysqli_stmt_insert_id_table_1(id, label) VALUES (100, 'a')") || !mysqli_stmt_execute($stmt)) {
printf("[006] [%d] %s\n", mysqli_stmt_errno($stmt), mysqli_stmt_error($stmt));
}
if (0 !== ($tmp = mysqli_stmt_insert_id($stmt))) {
printf("[007] Expecting int/0, got %s/%s\n", gettype($tmp), $tmp);
}
if (mysqli_get_server_version($link) > 50000 && (!mysqli_stmt_prepare($stmt, "ALTER TABLE test_mysqli_stmt_insert_id_table_1 MODIFY id INT NOT NULL AUTO_INCREMENT") || !mysqli_stmt_execute($stmt))) {
printf("[008] [%d] %s\n", mysqli_stmt_errno($stmt), mysqli_stmt_error($stmt));
} else {
if (mysqli_get_server_version($link) < 50000) {
mysqli_query($link, "ALTER TABLE test_mysqli_stmt_insert_id_table_1 MODIFY id INT NOT NULL AUTO_INCREMENT");
}
}
if (!mysqli_stmt_prepare($stmt, "INSERT INTO test_mysqli_stmt_insert_id_table_1(label) VALUES ('a')") || !mysqli_stmt_execute($stmt)) {
printf("[009] [%d] %s\n", mysqli_stmt_errno($stmt), mysqli_stmt_error($stmt));
}
if (0 === ($tmp = mysqli_stmt_insert_id($stmt))) {
printf("[010] Expecting int/any non zero, got %s/%s\n", gettype($tmp), $tmp);
}
mysqli_stmt_close($stmt);
mysqli_close($link);
var_dump(mysqli_stmt_insert_id($stmt));
print "done!";
error_reporting(0);
$test_table_name = 'test_mysqli_stmt_insert_id_table_1';
require_once "clean_table.inc";
public function executeNonQuery($sql, $argv = NULL)
{
//Logger::trace("MysqlDao.executeNonQuery executed", LOG_LEVEL_NOTICE);
$affected = 0;
$lowstr = strtolower($sql);
if (strtolower(substr($lowstr, 0, 6)) === "select") {
//Logger::trace("Invalid query SQL statement.", LOG_LEVEL_ERROR);
//Logger::debug("sql = $sql, argv = $argv");
throw new DaoException("Invalid query SQL statement.");
}
$connected = $this->connected();
$conn = $connected ? $this->conn : $this->connect(FALSE);
mysqli_query($conn, "set names 'utf8'");
$stmt = mysqli_prepare($conn, $sql);
if (mysqli_errno($conn)) {
$errno = mysqli_errno($conn);
$error = "MYSQL ERROR #" . $errno . " : " . mysqli_error($conn);
//Logger::trace($error, LOG_LEVEL_ERROR);
//Logger::debug("sql = $sql ". ($argv));
throw new DaoException("database error---", $errno);
}
//Logger::trace("sql = " . $sql, LOG_LEVEL_VERBOSE);
if (isset($argv) && count($argv) > 0) {
$bind_param_cmd = "mysqli_stmt_bind_param(\$stmt, ";
$paramstr = "";
$bindstr = "";
$holdstr = "";
$i = 0;
foreach ($argv as $arg) {
$paramstr .= "\$invar{$i}, ";
$bindstr .= "\$invar{$i} = \$argv[{$i}]; ";
$holdstr .= "s";
$i++;
}
$bind_param_cmd = "mysqli_stmt_bind_param(\$stmt, \"{$holdstr}\", " . substr($paramstr, 0, strlen($paramstr) - 2) . "); ";
$bind_param_cmd .= $bindstr;
//Logger::trace("bind parameter: " . $bind_param_cmd, LOG_LEVEL_VERBOSE);
eval($bind_param_cmd);
}
mysqli_stmt_execute($stmt);
if (mysqli_stmt_errno($stmt)) {
$errno = mysqli_stmt_errno($stmt);
$error = "MYSQL ERROR #" . $errno . " : " . mysqli_stmt_error($stmt);
//Logger::trace($error, LOG_LEVEL_ERROR);
//Logger::debug("sql = $sql ". ($argv));
throw new DaoException("database error...", $errno);
}
$this->insert_id = mysqli_stmt_insert_id($stmt);
$affected = mysqli_stmt_affected_rows($stmt);
mysqli_stmt_close($stmt);
if (!$connected) {
$this->disconnect($conn);
}
return $affected;
}
if (!$stmt->prepare("INSERT INTO test_mysqli_class_mysqli_stmt_interface_table_1(id, label) VALUES (100, 'z')") || !$stmt->execute()) {
printf("[001] [%d] %s\n", $stmt->errno, $stmt->error);
}
assert(mysqli_stmt_affected_rows($stmt) === $stmt->affected_rows);
printf("stmt->affected_rows = '%s'\n", $stmt->affected_rows);
assert(mysqli_stmt_errno($stmt) === $stmt->errno);
printf("stmt->errno = '%s'\n", $stmt->errno);
assert(mysqli_stmt_error($stmt) === $stmt->error);
printf("stmt->error = '%s'\n", $stmt->error);
assert(mysqli_stmt_error_list($stmt) === $stmt->error_list);
var_dump("stmt->error = ", $stmt->error_list);
assert(mysqli_stmt_field_count($stmt) === $stmt->field_count);
printf("stmt->field_count = '%s'\n", $stmt->field_count);
assert($stmt->id > 0);
printf("stmt->id = '%s'\n", $stmt->id);
assert(mysqli_stmt_insert_id($stmt) === $stmt->insert_id);
printf("stmt->insert_id = '%s'\n", $stmt->insert_id);
assert(mysqli_stmt_num_rows($stmt) === $stmt->num_rows);
printf("stmt->num_rows = '%s'\n", $stmt->num_rows);
assert(mysqli_stmt_param_count($stmt) === $stmt->param_count);
printf("stmt->param_count = '%s'\n", $stmt->param_count);
assert(mysqli_stmt_sqlstate($stmt) === $stmt->sqlstate);
printf("stmt->sqlstate = '%s'\n", $stmt->sqlstate);
printf("\nAccess to undefined properties:\n");
printf("stmt->unknown = '%s'\n", @$stmt->unknown);
@($stmt->unknown = 13);
printf("stmt->unknown = '%s'\n", @$stmt->unknown);
printf("\nPrepare using the constructor:\n");
$stmt = new mysqli_stmt($link, 'SELECT id FROM test_mysqli_class_mysqli_stmt_interface_table_1 ORDER BY id');
if (!$stmt->execute()) {
printf("[002] [%d] %s\n", $stmt->errno, $stmt->error);
mysqlnd resets the IDE to 0
libmysql doesn't
$link->change_user ($user, $passwd, $db);
if (0 != $link->insert_id || 0 != mysqli_insert_id($link)) {
printf("[007] mysqli_change_user changes insert_id: %s", var_export($link->insert_id, true));
die();
}
*/
$stmt = $link->prepare("SELECT 1");
if ($i != $link->insert_id || $i != mysqli_insert_id($link)) {
printf("[008a] mysqli_prepare changes insert_id: %s", var_export($link->insert_id, true));
die;
}
echo mysqli_error($link);
if (0 != $stmt->insert_id || 0 != mysqli_stmt_insert_id($stmt)) {
printf("[008b] mysqli_stmt doesn't initialise insert_id: %s", var_export($stmt->insert_id, true));
die;
}
unset($stmt);
if ($i != $link->insert_id || $i != mysqli_insert_id($link)) {
printf("[009] stmt free changes insert_id: %s", var_export($link->insert_id, true));
die;
}
$link->query("DROP TABLE IF EXISTS test_insert_id_var");
echo "DONE";
require_once "connect.inc";
if (!($link = my_mysqli_connect($host, $user, $passwd, $db, $port, $socket))) {
printf("[c001] [%d] %s\n", mysqli_connect_errno(), mysqli_connect_error());
}
if (!mysqli_query($link, "DROP TABLE IF EXISTS test_insert_id_var")) {
function insert($query, $inputArray, $id = "", $close = 0)
{
$this->Open();
if (!$this->conn) {
$this->message = 'Ingen forbindelse til databasen. Pr�v igjen senere.';
return false;
} else {
$inputArray = $this->_getInputArrayType($inputArray);
// GJ�RE KLAR FOR INSERT
if ($stmt = mysqli_prepare($this->conn, $query)) {
/* OPPRETTER ET ARRAY, BINDROW, MED ARGUMENTENE TIL BIND PARAM (1. ER STATEMENT, 2. ER STRINGEN
MED TYPENE OG RESTEN ER ALLE VARIABLENE TIL QUERYET)*/
$bindRow[0] = $stmt;
$bindRow[1] = "";
foreach ($inputArray as $entry) {
$bindRow[] =& $entry[0];
$bindRow[1] .= $entry[1];
}
// BINDE PARAMTERNE
call_user_func_array("mysqli_stmt_bind_param", $this->refValues($bindRow));
$res = mysqli_stmt_execute($stmt);
if ($close) {
$this->close();
}
// KJ�RE QUERYET
if (!$res) {
return false;
}
if ($id > 0) {
return $id;
} else {
if ($id == -1) {
return $res;
} else {
return mysqli_stmt_insert_id($stmt);
}
}
} else {
echo "Query feilet: <br>Connection: \"{$connection}\"<br>";
echo mysqli_error($this->conn) . "<br>Query:<br>";
echo $query . "<br>";
}
if ($close) {
echo mysqli_error($this->conn);
}
return false;
}
}
/**
* Returns the item corresponding to the value specified for the primary key.
*
* Add authorization or any logical checks for secure access to your data
*
*
* @return stdClass
*/
public function createTimeline($item) {
$stmt = mysqli_prepare($this->connection, "INSERT INTO $this->tablename (title, description, zoomStart, zoomEnd, position) VALUES (?, ?, ?, ?, ?)");
$this->throwExceptionOnError();
mysqli_stmt_bind_param($stmt, 'ssiii', $item->title, $item->description, $item->zoomStart, $item->zoomEnd, $item->position);
$this->throwExceptionOnError();
mysqli_stmt_execute($stmt);
$this->throwExceptionOnError();
$autoid = mysqli_stmt_insert_id($stmt);
mysqli_stmt_free_result($stmt);
mysqli_close($this->connection);
return $autoid;
}
/**
* 添加一笔数据,对应INSERT 。对已被执行过字段赋值的本对象,执行插入数据表的操作。
* @return boolean 成功为true,失败为false
*/
public function add()
{
$rt = false;
$fields = null;
$values = null;
$types = null;
$params = [];
foreach ($this->fields as $k => $v) {
if ($k !== $this->AIField && $v['value'] != null) {
$fields .= "`{$k}`,";
$values .= "?,";
$types .= $v['type'];
$params[] =& $this->fields[$k]['value'];
}
}
$fields = trim($fields, ",");
$values = trim($values, ",");
$sql = "insert into `{$this->tableName}` ({$fields}) values ({$values})";
$this->lastSql = $sql;
$stmt = mysqli_prepare($this->conn, $sql);
if ($stmt) {
call_user_func_array([$stmt, "bind_param"], array_merge([$types], $params));
if (mysqli_stmt_execute($stmt)) {
if (strlen($this->AIField) > 0) {
$this->fields[$this->AIField]["value"] = mysqli_stmt_insert_id($stmt);
}
$rt = $this->fields[$this->AIField]["value"];
} else {
$this->logError(mysqli_stmt_error($stmt));
}
mysqli_stmt_close($stmt);
} else {
$this->logError(mysqli_error($this->conn));
}
$this->clear();
$this->degbugLog();
return $rt;
}
/**
* @param string $name
* @param string $description
* @param int $price
* @param int $ownerId
* @return bool|int
*/
function createOrder($name, $description, $price, $ownerId)
{
$sql = 'INSERT INTO orders (title, description, created_by, price) VALUES (?, ?, ?, ?)';
$sqlUsers = 'UPDATE users SET cash = cash - ' . $price . ' WHERE id = ' . $ownerId . ' AND cash >= ' . $price . ';';
$orderConnection = mappedConnection('orders');
$userConnection = mappedConnection('users');
if ($orderConnection === $userConnection) {
mysqli_begin_transaction($orderConnection);
if (mysqli_query($userConnection, $sqlUsers) && mysqli_affected_rows($userConnection)) {
$statement = mysqli_prepare($orderConnection, $sql);
mysqli_stmt_bind_param($statement, 'ssdd', $name, $description, $ownerId, $price);
mysqli_stmt_execute($statement);
mysqli_commit($orderConnection);
return mysqli_stmt_insert_id($statement);
} else {
mysqli_rollback($userConnection);
return false;
}
} else {
$result = false;
$uuid = uniqid('', false);
$transactionOrder = '\'' . $uuid . '\', \'oi\'';
$transactionUser = '******'' . $uuid . '\', \'ui\'';
mysqli_query($userConnection, 'DO GET_LOCK(\'' . $uuid . '-u\', 1);');
mysqli_query($orderConnection, 'DO GET_LOCK(\'' . $uuid . '-o\', 1);');
// стартуем транзацкцию на базе с юзерами.
mysqli_query($userConnection, 'XA START ' . $transactionUser . ';');
// списываем деньги, если они есть
mysqli_query($userConnection, $sqlUsers);
$done = (bool) mysqli_affected_rows($userConnection);
mysqli_query($userConnection, 'XA END ' . $transactionUser . ';');
// если списать деньги удалось, то пробуем опубликовать заказ
if ($done) {
// стартуем транзакцию на базе с заказами
mysqli_query($orderConnection, 'XA START ' . $transactionOrder . ';');
// сейвим
$statement = mysqli_prepare($orderConnection, $sql);
mysqli_stmt_bind_param($statement, 'ssdd', $name, $description, $ownerId, $price);
mysqli_stmt_execute($statement);
$result = mysqli_stmt_insert_id($statement);
mysqli_query($orderConnection, 'XA END ' . $transactionOrder . ';');
// подготавиливаем обе транзакции
if (mysqli_query($userConnection, 'XA PREPARE ' . $transactionUser . ';')) {
if (mysqli_query($orderConnection, 'XA PREPARE ' . $transactionOrder . ';')) {
// пытаемся закоммитить списание денег
if (mysqli_query($userConnection, 'XA COMMIT ' . $transactionUser . ';')) {
// публикуем заказ, если в этот момет БД упала, то коммитим при поднятии.
mysqli_query($orderConnection, 'XA COMMIT ' . $transactionOrder . ';');
} else {
// если что-то пошло не так, откатываем
mysqli_query($orderConnection, 'XA ROLLBACK ' . $transactionOrder . ';');
$result = false;
}
} else {
mysqli_query($userConnection, 'XA ROLLBACK ' . $transactionUser . ';');
$result = false;
}
} else {
mysqli_query($orderConnection, 'XA ROLLBACK ' . $transactionOrder . ';');
$result = false;
}
} else {
// коммитим, изменений все равно нет.
mysqli_query($userConnection, 'XA COMMIT ' . $transactionUser . ' ONE PHASE;');
}
mysqli_query($userConnection, 'DO RELEASE_LOCK(\'' . $uuid . '-u\');');
mysqli_query($orderConnection, 'DO RELEASE_LOCK(\'' . $uuid . '-o\');');
return $result;
}
}
/**
* Returns the item corresponding to the value specified for the primary key.
*
* Add authorization or any logical checks for secure access to your data
*
*
* @return stdClass
*/
public function createMedia($item) {
$stmt = mysqli_prepare($this->connection, "INSERT INTO $this->tablename (length, startDate, title, description, color, url) VALUES (?, ?, ?, ?, ?, ?)");
$this->throwExceptionOnError();
mysqli_stmt_bind_param($stmt, 'isssis', $item->length, $item->startDate->toString('YYYY-MM-dd HH:mm:ss'), $item->title, $item->description, $item->color, $item->url);
$this->throwExceptionOnError();
mysqli_stmt_execute($stmt);
$this->throwExceptionOnError();
$autoid = mysqli_stmt_insert_id($stmt);
mysqli_stmt_free_result($stmt);
mysqli_close($this->connection);
return $autoid;
}
if (empty($errors)) { // If everything's OK.
// Add the print to the database:
$q = 'INSERT INTO prints (artist_id, print_name, price, size, description, image_name) VALUES (?, ?, ?, ?, ?, ?)';
$stmt = mysqli_prepare($dbc, $q);
mysqli_stmt_bind_param($stmt, 'isdsss', $a, $pn, $p, $s, $d, $i);
mysqli_stmt_execute($stmt);
// Check the results...
if (mysqli_stmt_affected_rows($stmt) == 1) {
// Print a message:
echo '<p>The print has been added.</p>';
// Rename the image:
$id = mysqli_stmt_insert_id($stmt); // Get the print ID.
rename ($temp, "../../uploads/$id");
// Clear $_POST:
$_POST = array();
} else { // Error!
echo '<p style="font-weight: bold; color: #C00">Your submission could not be processed due to a system error.</p>';
}
mysqli_stmt_close($stmt);
} // End of $errors IF.
// Delete the uploaded file if it still exists:
if ( isset($temp) && file_exists ($temp) && is_file($temp) ) {
/**
* Returns the item corresponding to the value specified for the primary key.
*
* Add authorization or any logical checks for secure access to your data
*
*
* @return stdClass
*/
public function createScreenshot($item) {
$stmt = mysqli_prepare($this->connection, "INSERT INTO $this->tablename (filename, traceUri, time) VALUES (?, ?, ?)");
$this->throwExceptionOnError();
mysqli_stmt_bind_param($stmt, 'sss', $item->filename, $item->traceUri, $item->time);
$this->throwExceptionOnError();
mysqli_stmt_execute($stmt);
$this->throwExceptionOnError();
$autoid = mysqli_stmt_insert_id($stmt);
mysqli_stmt_free_result($stmt);
mysqli_close($this->connection);
return $autoid;
}
foreach($aut_id as $key=>$val)
{
echo $key." ".$val.'<br>';
}
*/
//dodawanie książki
$id_ks = null;
$stmt = $mysqli->prepare("insert into ksiazka(tytul,r_wydania,egzemplarz_id,l_stron,jezyk_id,wydawnictwo_id,dostepnosc)\n values(?,?,?,?,?,?,?);");
if (!$stmt) {
throw new RuntimeException($mysqli->errno . " " . $mysqli->error);
die;
} else {
$dost = 1;
$stmt->bind_param('siiiiii', $_POST['tytul'], $_POST['rok'], $_POST['id_egz'], $_POST['l_stron'], $_POST['jezyk'], $wyd_id, $dost);
if ($stmt->execute()) {
$id_ks = mysqli_stmt_insert_id($stmt);
} else {
throw new RuntimeException('Błąd Zapytania.');
}
}
//dodawanie gatunków do książki
foreach ($gat_id as $key => $gatunek) {
$stmt = $mysqli->prepare("insert into gatunki(gatunek_id,ksiazka_id)\n values(?,?);");
if (!$stmt) {
throw new RuntimeException($mysqli->errno . " " . $mysqli->error);
} else {
$stmt->bind_param('ii', $gatunek, $id_ks);
if (!$stmt->execute()) {
throw new RuntimeException('Błąd dodawania gatunków do książki.');
}
}
/**
* Returns the item corresponding to the value specified for the primary key.
*
* Add authorization or any logical checks for secure access to your data
*
*
* @return stdClass
*/
public function createTrace($item) {
$stmt = mysqli_prepare($this->connection, "INSERT INTO $this->tablename (uri, title, description, begin, end, size, subject, idTtl) VALUES (?, ?, ?, ?, ?, ?, ?, ?)");
$this->throwExceptionOnError();
mysqli_stmt_bind_param($stmt, 'sssssisi', $item->uri, $item->title, $item->description, $item->begin, $item->end, $item->size, $item->subject, $item->idTtl);
$this->throwExceptionOnError();
mysqli_stmt_execute($stmt);
$this->throwExceptionOnError();
$autoid = mysqli_stmt_insert_id($stmt);
mysqli_stmt_free_result($stmt);
mysqli_close($this->connection);
return $autoid;
}
public function createEmployee($item)
{
$stmt = mysqli_prepare($this->connection, "INSERT INTO employees (\n\t\t\tfirstname,lastname,title,departmentid,officephone,cellphone, \t\n\t\t\temail,street,city,state,zipcode,office,photofile) \n\t\tVALUES (?, ?, ?, ?, ?, ?,?,?,?,?,?,?,?)");
$this->throwExceptionOnError();
mysqli_bind_param($stmt, 'sssisssssssss', $item->firstname, $item->lastname, $item->title, $item->departmentid, $item->officephone, $item->cellphone, $item->email, $item->street, $item->city, $item->state, $item->zipcode, $item->office, $item->photofile);
$this->throwExceptionOnError();
mysqli_stmt_execute($stmt);
$this->throwExceptionOnError();
$autoid = mysqli_stmt_insert_id($stmt);
mysqli_stmt_free_result($stmt);
mysqli_close($this->connection);
return $autoid;
}
// No artist selected.
$errors[] = 'Please select the print\'s artist!';
}
if (empty($errors)) {
// If everything's OK.
// Add the print to the database:
$q = "INSERT INTO prints (artist_id, print_name, price, size, description, image_name) VALUES (?, ?, ?, ?, ?, ?)";
$stmt = mysqli_prepare($dbc, $q);
mysqli_stmt_bind_param($stmt, 'isdsss', $a, $pn, $p, $s, $d, $i);
mysqli_stmt_execute($stmt);
// Check the results...
if (mysqli_stmt_affected_rows($stmt) == 1) {
// Print a message:
echo '<p>The print has been added.</p>';
// Rename the image:
$id = mysqli_stmt_insert_id($stmt);
// Get the print ID.
rename($temp, "../uploads/{$id}");
// Clear $_POST:
$_POST = array();
} else {
// Error!
echo '<p style="font-weight: bold; color: #C00">Your submission could not be processed due to a system error.</p>';
}
mysqli_stmt_close($stmt);
}
// End of $errors IF.
// Delete the uploaded file if it still exists:
if (isset($temp) && file_exists($temp) && is_file($temp)) {
unlink($temp);
}
/**
* Returns the item corresponding to the value specified for the primary key.
*
* Add authorization or any logical checks for secure access to your data
*
*
* @return stdClass
*/
public function createIntervalle($item) {
$stmt = mysqli_prepare($this->connection, "INSERT INTO $this->tablename (idTimeline, title, description, start, end) VALUES (?, ?, ?, ?, ?)");
$this->throwExceptionOnError();
mysqli_stmt_bind_param($stmt, 'issss', $item->idTimeline, $item->title, $item->description, $item->start->toString('YYYY-MM-dd HH:mm:ss'), $item->end->toString('YYYY-MM-dd HH:mm:ss'));
$this->throwExceptionOnError();
mysqli_stmt_execute($stmt);
$this->throwExceptionOnError();
$autoid = mysqli_stmt_insert_id($stmt);
mysqli_stmt_free_result($stmt);
mysqli_close($this->connection);
return $autoid;
}
/**
* Will grab the auto incremented value from the last query (if one exists)
*
* @param fResult $result The result object for the query
* @param mixed $resource Only applicable for `pdo`, `oci8` and `sqlsrv` extentions or `mysqli` prepared statements - this is either the `PDOStatement` object, `mysqli_stmt` object or the `oci8` or `sqlsrv` resource
* @return void
*/
private function handleAutoIncrementedValue($result, $resource = NULL)
{
if (!preg_match('#^\\s*INSERT\\s+(?:INTO\\s+)?(?:`|"|\\[)?(["\\w.]+)(?:`|"|\\])?#i', $result->getSQL(), $table_match)) {
$result->setAutoIncrementedValue(NULL);
return;
}
$quoted_table = $table_match[1];
$table = str_replace('"', '', strtolower($table_match[1]));
$insert_id = NULL;
if ($this->type == 'oracle') {
if (!isset($this->schema_info['sequences'])) {
$sql = "SELECT\n\t\t\t\t\t\t\t\tLOWER(OWNER) AS \"SCHEMA\",\n\t\t\t\t\t\t\t\tLOWER(TABLE_NAME) AS \"TABLE\",\n\t\t\t\t\t\t\t\tTRIGGER_BODY\n\t\t\t\t\t\t\tFROM\n\t\t\t\t\t\t\t\tALL_TRIGGERS\n\t\t\t\t\t\t\tWHERE\n\t\t\t\t\t\t\t\tTRIGGERING_EVENT LIKE 'INSERT%' AND\n\t\t\t\t\t\t\t\tSTATUS = 'ENABLED' AND\n\t\t\t\t\t\t\t\tTRIGGER_NAME NOT LIKE 'BIN\$%' AND\n\t\t\t\t\t\t\t\tOWNER NOT IN (\n\t\t\t\t\t\t\t\t\t'SYS',\n\t\t\t\t\t\t\t\t\t'SYSTEM',\n\t\t\t\t\t\t\t\t\t'OUTLN',\n\t\t\t\t\t\t\t\t\t'ANONYMOUS',\n\t\t\t\t\t\t\t\t\t'AURORA\$ORB\$UNAUTHENTICATED',\n\t\t\t\t\t\t\t\t\t'AWR_STAGE',\n\t\t\t\t\t\t\t\t\t'CSMIG',\n\t\t\t\t\t\t\t\t\t'CTXSYS',\n\t\t\t\t\t\t\t\t\t'DBSNMP',\n\t\t\t\t\t\t\t\t\t'DIP',\n\t\t\t\t\t\t\t\t\t'DMSYS',\n\t\t\t\t\t\t\t\t\t'DSSYS',\n\t\t\t\t\t\t\t\t\t'EXFSYS',\n\t\t\t\t\t\t\t\t\t'FLOWS_020100',\n\t\t\t\t\t\t\t\t\t'FLOWS_FILES',\n\t\t\t\t\t\t\t\t\t'LBACSYS',\n\t\t\t\t\t\t\t\t\t'MDSYS',\n\t\t\t\t\t\t\t\t\t'ORACLE_OCM',\n\t\t\t\t\t\t\t\t\t'ORDPLUGINS',\n\t\t\t\t\t\t\t\t\t'ORDSYS',\n\t\t\t\t\t\t\t\t\t'PERFSTAT',\n\t\t\t\t\t\t\t\t\t'TRACESVR',\n\t\t\t\t\t\t\t\t\t'TSMSYS',\n\t\t\t\t\t\t\t\t\t'XDB'\n\t\t\t\t\t\t\t\t)";
$this->schema_info['sequences'] = array();
foreach ($this->query($sql) as $row) {
if (preg_match('#SELECT\\s+(["\\w.]+).nextval\\s+INTO\\s+:new\\.(\\w+)\\s+FROM\\s+dual#i', $row['trigger_body'], $matches)) {
$table_name = $row['table'];
if ($row['schema'] != strtolower($this->username)) {
$table_name = $row['schema'] . '.' . $table_name;
}
$this->schema_info['sequences'][$table_name] = array('sequence' => $matches[1], 'column' => str_replace('"', '', $matches[2]));
}
}
if ($this->cache) {
$this->cache->set($this->makeCachePrefix() . 'schema_info', $this->schema_info);
}
}
if (!isset($this->schema_info['sequences'][$table]) || preg_match('#INSERT\\s+INTO\\s+"?' . preg_quote($quoted_table, '#') . '"?\\s+\\([^\\)]*?(\\b|")' . preg_quote($this->schema_info['sequences'][$table]['column'], '#') . '(\\b|")#i', $result->getSQL())) {
return;
}
$insert_id_sql = "SELECT " . $this->schema_info['sequences'][$table]['sequence'] . ".currval AS INSERT_ID FROM dual";
}
if ($this->type == 'postgresql') {
if (!isset($this->schema_info['sequences'])) {
$sql = "SELECT\n\t\t\t\t\t\t\t\tpg_namespace.nspname AS \"schema\",\n\t\t\t\t\t\t\t\tpg_class.relname AS \"table\",\n\t\t\t\t\t\t\t\tpg_attribute.attname AS column\n\t\t\t\t\t\t\tFROM\n\t\t\t\t\t\t\t\tpg_attribute INNER JOIN\n\t\t\t\t\t\t\t\tpg_class ON pg_attribute.attrelid = pg_class.oid INNER JOIN\n\t\t\t\t\t\t\t\tpg_namespace ON pg_class.relnamespace = pg_namespace.oid INNER JOIN\n\t\t\t\t\t\t\t\tpg_attrdef ON pg_class.oid = pg_attrdef.adrelid AND pg_attribute.attnum = pg_attrdef.adnum\n\t\t\t\t\t\t\tWHERE\n\t\t\t\t\t\t\t\tNOT pg_attribute.attisdropped AND\n\t\t\t\t\t\t\t\tpg_attrdef.adsrc LIKE 'nextval(%'";
$this->schema_info['sequences'] = array();
foreach ($this->query($sql) as $row) {
$table_name = strtolower($row['table']);
if ($row['schema'] != 'public') {
$table_name = $row['schema'] . '.' . $table_name;
}
$this->schema_info['sequences'][$table_name] = $row['column'];
}
if ($this->cache) {
$this->cache->set($this->makeCachePrefix() . 'schema_info', $this->schema_info);
}
}
if (!isset($this->schema_info['sequences'][$table]) || preg_match('#INSERT\\s+INTO\\s+"?' . preg_quote($quoted_table, '#') . '"?\\s+\\([^\\)]*?(\\b|")' . preg_quote($this->schema_info['sequences'][$table], '#') . '(\\b|")#i', $result->getSQL())) {
return;
}
}
if ($this->extension == 'ibm_db2') {
$insert_id_res = db2_exec($this->connection, "SELECT IDENTITY_VAL_LOCAL() FROM SYSIBM.SYSDUMMY1");
$insert_id_row = db2_fetch_assoc($insert_id_res);
$insert_id = current($insert_id_row);
db2_free_result($insert_id_res);
} elseif ($this->extension == 'mssql') {
$insert_id_res = mssql_query("SELECT @@IDENTITY AS insert_id", $this->connection);
$insert_id = mssql_result($insert_id_res, 0, 'insert_id');
mssql_free_result($insert_id_res);
} elseif ($this->extension == 'mysql') {
$insert_id = mysql_insert_id($this->connection);
} elseif ($this->extension == 'mysqli') {
if (is_object($resource)) {
$insert_id = mysqli_stmt_insert_id($resource);
} else {
$insert_id = mysqli_insert_id($this->connection);
}
} elseif ($this->extension == 'oci8') {
$oci_statement = oci_parse($this->connection, $insert_id_sql);
oci_execute($oci_statement, $this->inside_transaction ? OCI_DEFAULT : OCI_COMMIT_ON_SUCCESS);
$insert_id_row = oci_fetch_array($oci_statement, OCI_ASSOC);
$insert_id = $insert_id_row['INSERT_ID'];
oci_free_statement($oci_statement);
} elseif ($this->extension == 'pgsql') {
$insert_id_res = pg_query($this->connection, "SELECT lastval()");
$insert_id_row = pg_fetch_assoc($insert_id_res);
$insert_id = array_shift($insert_id_row);
pg_free_result($insert_id_res);
} elseif ($this->extension == 'sqlite') {
$insert_id = sqlite_last_insert_rowid($this->connection);
} elseif ($this->extension == 'sqlsrv') {
$insert_id_res = sqlsrv_query($this->connection, "SELECT @@IDENTITY AS insert_id");
$insert_id_row = sqlsrv_fetch_array($insert_id_res, SQLSRV_FETCH_ASSOC);
$insert_id = $insert_id_row['insert_id'];
sqlsrv_free_stmt($insert_id_res);
} elseif ($this->extension == 'pdo') {
switch ($this->type) {
case 'db2':
$insert_id_statement = $this->connection->query("SELECT IDENTITY_VAL_LOCAL() FROM SYSIBM.SYSDUMMY1");
$insert_id_row = $insert_id_statement->fetch(PDO::FETCH_ASSOC);
$insert_id = array_shift($insert_id_row);
$insert_id_statement->closeCursor();
unset($insert_id_statement);
break;
case 'mssql':
try {
$insert_id_statement = $this->connection->query("SELECT @@IDENTITY AS insert_id");
if (!$insert_id_statement) {
throw new Exception();
}
$insert_id_row = $insert_id_statement->fetch(PDO::FETCH_ASSOC);
$insert_id = array_shift($insert_id_row);
} catch (Exception $e) {
// If there was an error we don't have an insert id
}
break;
case 'oracle':
try {
$insert_id_statement = $this->connection->query($insert_id_sql);
if (!$insert_id_statement) {
throw new Exception();
}
$insert_id_row = $insert_id_statement->fetch(PDO::FETCH_ASSOC);
$insert_id = array_shift($insert_id_row);
} catch (Exception $e) {
// If there was an error we don't have an insert id
}
break;
case 'postgresql':
$insert_id_statement = $this->connection->query("SELECT lastval()");
$insert_id_row = $insert_id_statement->fetch(PDO::FETCH_ASSOC);
$insert_id = array_shift($insert_id_row);
$insert_id_statement->closeCursor();
unset($insert_id_statement);
break;
case 'mysql':
$insert_id = $this->connection->lastInsertId();
break;
case 'sqlite':
$insert_id = $this->connection->lastInsertId();
break;
}
}
$result->setAutoIncrementedValue($insert_id);
}
function bts_mysqli_insert($tbname, $key = null, $values, $safe = 1, $linki = 'btsnone')
{
if ($linki != 'btsnone') {
$bts_link_my_i = $linki;
} else {
include './config/bts_cf_mysqli.php';
include './run/mysqli.php';
}
if ($safe != 0) {
$tbname = bts_mysqli_VSafe($tbname, $bts_link_my_i, 3);
}
if (isset($bts_mysql_head) && $bts_mysql_head != '') {
$tbname = $bts_mysql_head . $tbname;
}
$bts_link_my_i_stmt = mysqli_stmt_init($bts_link_my_i);
$keyvaluestmt = array();
$keyvaluestmt[0] = 1;
$keyvaluestmt[1] = 1;
$keyvaluestmts = '';
$sql = 'insert into ' . $tbname;
//$sql='insert into '."?";
//$keyvaluestmt[]=$tbname;
//$keyvaluestmts=$keyvaluestmts.'s';
if ($key != null) {
$sql = $sql . '(';
if (is_array($key)) {
foreach ($key as $keya) {
$keya = bts_mysqli_VSafe($keya, $bts_link_my_i, $safe);
$sql = $sql . $keya . ',';
}
$sql = substr($sql, 0, -1);
$sql = $sql . ") values(";
} else {
$key = bts_mysqli_VSafe($key, $bts_link_my_i, $safe);
$sql = $sql . $key . ") values(";
}
} else {
$sql = $sql . " values(";
}
if (is_array($values)) {
foreach ($values as $valuesa) {
$valuesa = bts_mysqli_VSafe($valuesa, $bts_link_my_i, 3);
$sql = $sql . "?" . ",";
$keyvaluestmt[] = $valuesa;
$keyvaluestmts = $keyvaluestmts . bts_str_iswhat($valuesa);
}
$sql = substr($sql, 0, -1);
$sql = $sql . ')';
} else {
$values = bts_mysqli_VSafe($values, $bts_link_my_i, $safe);
$sql = $sql . "?" . ")";
$keyvaluestmt[] = $values;
$keyvaluestmts = $keyvaluestmts . bts_str_iswhat($values);
}
if (mysqli_stmt_prepare($bts_link_my_i_stmt, $sql)) {
$keyvaluestmt[0] = $bts_link_my_i_stmt;
$keyvaluestmt[1] = trim($keyvaluestmts);
/*
echo $sql;
echo $keyvaluestmts;
foreach($keyvaluestmt as $keyvaluestmtt){
echo '|'.$keyvaluestmtt;
}
$res[0]=false;
$res[1]="-1";
return $res;
*/
call_user_func_array("mysqli_stmt_bind_param", bts_bas_valueref($keyvaluestmt));
mysqli_stmt_execute($bts_link_my_i_stmt);
$res[0] = true;
$res[1] = mysqli_stmt_insert_id($bts_link_my_i_stmt);
mysqli_stmt_close($bts_link_my_i_stmt);
return $res;
} else {
echo '<br /><br /><br />' . $sql;
$res[0] = false;
$res[1] = "-1";
return $res;
}
}
