/**
* Prepara la query que se va a ejecutar
* @param unknown_type $query
*/
public function query($query)
{
$desarrollo = unserialize(DEVELOPMENT);
//querys
if ($desarrollo['enabled'] && $desarrollo['querys']) {
show_query($query, $desarrollo['query_result'], $desarrollo['query_params']);
}
$this->stmt = $this->dbh->prepare($query);
}
function validate($lname = '')
{
global $dbc;
if (empty($lname)) {
return -1;
}
# Make the query
$query = "SELECT id, lname FROM presidents WHERE lname='" . $lname . "'";
show_query($query);
# Execute the query
$results = mysqli_query($dbc, $query);
check_results($results);
# If we get no rows, the login failed
if (mysqli_num_rows($results) == 0) {
return -1;
}
# We have at least one row, so get the frist one and return it
$row = mysqli_fetch_array($results, MYSQLI_ASSOC);
$pid = $row['id'];
return intval($pid);
}
function insert_record($dbc, $desc, $location, $owner, $finder, $status, $image_url)
{
if (empty($image_url)) {
$image_url = 'images/pic01.jpg';
}
$query = 'INSERT INTO stuff(location_id, description, create_date, update_date, owner, finder, status, image_url) VALUES (' . $location . ' , "' . $desc . '" , now(), now(), "' . $owner . '", "' . $finder . '", "' . $status . '", "' . $image_url . '")';
show_query($query);
$results = mysqli_query($dbc, $query);
check_results($results);
return $results;
}
?>
<div id='main'>
<?php
$tok = "";
if (isset($_GET["pid"])) {
$tok = $_GET["pid"];
include $tok;
} else {
?>
<h2>това е началната страница</h2>
<div id="product">
<p>НАЙ-НОВИЯ НИ ПРОДУКТ</p>
<?php
$query3 = "SELECT * FROM `products` ORDER BY `products`.`date` DESC LIMIT 1";
$rows3 = show_query($query3);
echo $rows3['name'] . $rows3['latin_name'] . $rows3['description'];
?>
</div>
<div id="news">
<p>голямa nowina - голяма работа</p>
</div>
<br style="clear:both"/><br style="clear:both"/>
<?php
}
?>
</div>
<div id='right_menu'>
<p>твоята количка с поръчки съдържа 'N' поръчки<p>
</div>
function insert_item($status, $date)
{
global $dbc;
#Assign variabled to insert into database from user input in $_POST
$loc = $_POST['location'];
$title = $_POST['title'];
$descr = $_POST['description'];
$category = $_POST['category'];
$create_date = $date;
$update_date = $date;
if ($status == 'Lost') {
$lost_date = $_POST['date'];
} else {
$lost_date = '';
}
if ($status == 'Found') {
$found_date = $_POST['date'];
} else {
$found_date = '';
}
$room = trim($_POST['room']);
if (!empty($_POST['owner_email'])) {
$owner_email = strtolower(trim($_POST['owner_email']));
} else {
$owner_email = '';
}
if (!empty($_POST['owner_phone'])) {
$owner_phone = trim($_POST['owner_phone']);
} else {
$owner_phone = '';
}
if (!empty($_POST['finder_email'])) {
$finder_email = strtolower(trim($_POST['finder_email']));
} else {
$finder_email = '';
}
if (!empty($_POST['finder_phone'])) {
$finder_phone = trim($_POST['finder_phone']);
} else {
$finder_phone = '';
}
//$photo = $_POST['filepath'];
if ($status == 'Lost') {
$owner = $_POST['full_name'];
} else {
$owner = '';
}
if ($status == 'Found') {
$finder = $_POST['full_name'];
} else {
$finder = '';
}
#TODO: add database insert functionality here
$query = "INSERT INTO stuff (location_id, title, description, category, create_date, update_date, lost_date, found_date, room, owner_email, owner_phone, finder_email, finder_phone, owner, finder, status) VALUES({$loc}, \"{$title}\", \"{$descr}\", {$category}, \"{$create_date}\", \"{$update_date}\", \"{$lost_date}\", \"{$found_date}\", \"{$room}\", \"{$owner_email}\", \"{$owner_phone}\", \"{$finder_email}\", \"{$finder_phone}\", \"{$owner}\", \"{$finder}\", \"{$status}\")";
#Show query if debugging is enabled (at the top of this file)
show_query($query);
#Get results of SQL query
$results = mysqli_query($dbc, $query);
#Output SQL errors, if any
check_results($results);
return $results;
}
function insert_record($dbc, $location_id, $description, $room, $owner, $finder, $status)
{
$query = 'INSERT INTO stuff(location_id, description, create_date, update_date, room, owner, finder, status)
VALUES ("' . $location_id . '" , "' . $description . '" , NOW() , NOW() , "' . $room . '" , "NA" , "' . $finder . '" , "' . $status . '")';
show_query($query);
$results = mysqli_query($dbc, $query);
check_results($results);
return $results;
}