function updateCat() { $upcategory = AppUser::cleanInput($_POST['uptitle']); $upparent_id = $_POST['upparent_id']; $id = $_POST['id']; $sql = "UPDATE categories SET cat_title=?, parent_id=? WHERE id=?"; $stmt = $this->conn->prepare($sql); $stmt->bindValue(1, $upcategory, PDO::PARAM_STR); $stmt->bindValue(2, $upparent_id, PDO::PARAM_INT); $stmt->bindValue(3, $id, PDO::PARAM_INT); $stmt->execute(); return true; }
function index() { if (isset($_POST['order'])) { $order = AppUser::cleanInput($_POST); $this->order = $order; $model = new Application_Models_Order(); $error = $model->insertBusket($order); if (!empty($error)) { $this->error = $error; } else { Lib_SmalCart::getInstance()->deleteCookies(); } if (empty($error)) { $this->success = 1; } } }
<?php include_once $_SERVER['DOCUMENT_ROOT'] . '/config.php'; session_start(); $message = AppUser::cleanInput($_POST); $model = new Application_Models_Feedback(); $error = $model->isValidData($message); $response = array(); if (!empty($error)) { foreach ($error as $key => $value) { if ($value) { $response[$key] = $value; } } } if (empty($error)) { $response = array("success" => "Ваше письмо отправлено!!!"); $model->sendMail(); } echo json_encode($response); //
<?php include_once $_SERVER['DOCUMENT_ROOT'] . '/config.php'; session_start(); $comments = AppUser::cleanInput($_POST, 'comment'); $feed_back = new Application_Models_Feedback(); $error = $feed_back->isValidCommentData($comments, $_SESSION['id']); if (!empty($error)) { $response = array(); foreach ($error as $key => $value) { if ($value) { $response[$key] = $value; } } } if (empty($error)) { $response = array("success" => "Ваш коментарий будет опубликован!"); unset($_SESSION['bild']); } echo json_encode($response);
function updateComment() { $avatar = $_SESSION['comments'] ? explode('/', $_SESSION['comments']) : ''; if ($avatar) { $avatar = array_pop($avatar); } $update = AppUser::cleanInput($_POST); $sql = "UPDATE comments SET name=?, email=?, comments=?, picture=? WHERE id=?"; $stmt = $this->conn->prepare($sql); $stmt->bindValue(1, $update['name'], PDO::PARAM_STR); $stmt->bindValue(2, $update['email'], PDO::PARAM_STR); $stmt->bindValue(3, $update['comments'], PDO::PARAM_STR); $stmt->bindValue(4, $avatar, PDO::PARAM_STR); $stmt->bindValue(5, $update['id'], PDO::PARAM_INT); $stmt->execute(); return true; }
<?php include_once $_SERVER['DOCUMENT_ROOT'] . '/config.php'; $search = AppUser::cleanInput($_POST); if (isset($_POST['id'])) { $id = $_POST['id']; $model = new Application_Models_Product(); $mod = $model->getProduct($id); $view = new Application_Views_Search(); $view->showWindow($mod); exit; } else { $model = new Application_Models_Search(); $model->getSearch($search['search']); }
function updateAbout() { $about = AppUser::cleanInput($_POST['text']); //$about=$_POST['text']; $sql = "UPDATE background SET about=?"; $stmt = $this->conn->prepare($sql); $stmt->bindValue(1, $about, PDO::PARAM_STR); $stmt->execute(); return true; }
function updateProduct($images, $update) { $insert = AppUser::cleanInput($update, 'pictures'); if ($insert['author'] != '' && $insert['title'] != '' && $insert['description'] != '' && $insert['body'] != '' && $insert['manufacturer'] != '' && $insert['price'] != '') { $sql = "UPDATE products SET author=?, title=?, description=?, body=?, price=?, id_cat=?, manufacturer_id=?, images=? WHERE id=?"; $stmt = $this->conn->prepare($sql); $stmt->bindValue(1, $insert['author'], PDO::PARAM_STR); $stmt->bindValue(2, $insert['title'], PDO::PARAM_STR); $stmt->bindValue(3, $insert['description'], PDO::PARAM_STR); $stmt->bindValue(4, $insert['body'], PDO::PARAM_STR); $stmt->bindValue(5, $insert['price'], PDO::PARAM_STR); $stmt->bindValue(6, $insert['category'], PDO::PARAM_INT); $stmt->bindValue(7, $insert['manufacturer'], PDO::PARAM_INT); $stmt->bindValue(8, $images, PDO::PARAM_STR); $stmt->bindValue(9, $insert['id'], PDO::PARAM_INT); $stmt->execute(); return true; } else { return false; } }
<?php session_start(); include_once $_SERVER['DOCUMENT_ROOT'] . '/config.php'; $data = AppUser::cleanInput($_POST); if ($_SESSION['bild']) { ?> <h3>Аватар: </h3> <img src="<?php echo 'uploads/comments/' . $_SESSION['bild']; ?> " "width="70" height="80" class="img-responsive"/> <?php } ?> <h3><strong>Имя: </strong></h3><p><?php echo $data['name']; ?> </p> <h3><strong>отзыв: </strong></h3><p><?php echo $data['message']; ?> </p> </br>