public function save() { $connection = new Connection(); $sSQL = "INSERT INTO tblike(UserID, RecipeID)\n\t\t\t VALUES ('" . $connection->escape($this->iUserID) . "','" . $connection->escape($this->iRecipeID) . "')"; $bSuccess = $connection->query($sSQL); if ($bSuccess == true) { $this->iLikeID = $connection->get_insert_id(); } else { die($sSQL . " fails!"); } }
public function save() { $connection = new Connection(); $sSQL = "INSERT INTO tbnewsletter(Email)\n VALUES ('" . $connection->escape($this->sEmail) . "')"; $bSuccess = $connection->query($sSQL); if ($bSuccess == true) { $this->iSubscriberID = $connection->get_insert_id(); } else { die($sSQL . " fails!"); } }
public function saveReply() { $connection = new Connection(); $sSQL = "INSERT INTO tbcomment(Comment, UserID, OriginalID)\n VALUES ('" . $connection->escape($this->sComment) . "','" . $connection->escape($this->iUserID) . "','" . $connection->escape($this->iOriginalID) . "')"; $bSuccess = $connection->query($sSQL); if ($bSuccess == true) { $this->iCommentID = $connection->get_insert_id(); } else { die($sSQL . " fails!"); } }
public function save() { $connection = new Connection(); $a = date("Y-m-d"); $sSQL = "INSERT INTO tborder(OrderDate,OrderStatus, RecipientName, DeliveryAddress, BillingAddress, Payment, AccountName, CardNumber, ExpiryDate, Security, UserID)\n VALUES ('" . $connection->escape($a) . "','" . $connection->escape($this->sOrderStatus) . "','" . $connection->escape($this->sRecipientName) . "','" . $connection->escape($this->sDelivery) . "','" . $connection->escape($this->sBilling) . "','" . $connection->escape($this->sPayment) . "','" . $connection->escape($this->sAccountName) . "','" . $connection->escape($this->iCardNumber) . "','" . $connection->escape($this->sExpiry) . "','" . $connection->escape($this->iSecurity) . "','" . $connection->escape($this->iUserID) . "')"; $bSuccess = $connection->query($sSQL); if ($bSuccess == true) { $this->iOrderID = $connection->get_insert_id(); } else { die($sSQL . " fails!"); } }
public function save() { $connection = new Connection(); if ($this->iProductID == 0) { $sSQL = "INSERT INTO tbproduct(ProductName, Description, Price, Size, Ingredients, StockLevel, ImagePath)\n VALUES ('" . $connection->escape($this->sProductName) . "','" . $connection->escape($this->sDescription) . "','" . $connection->escape($this->fPrice) . "','" . $connection->escape($this->sSize) . "','" . $connection->escape($this->sIngredients) . "','" . $connection->escape($this->iStockLevel) . "','" . $connection->escape($this->sImagePath) . "')"; $bSuccess = $connection->query($sSQL); if ($bSuccess == true) { $this->iProductID = $connection->get_insert_id(); } else { die($sSQL . " fails!"); } } else { //update instead $sSQL = "UPDATE tbproduct\n SET ProductName = '" . $connection->escape($this->sProductName) . "',Description ='" . $connection->escape($this->sDescription) . "',Price='" . $connection->escape($this->fPrice) . "',Size='" . $connection->escape($this->sSize) . "',Ingredients='" . $connection->escape($this->sIngredients) . "',StockLevel='" . $connection->escape($this->iStockLevel) . "', ImagePath='" . $connection->escape($this->sImagePath) . "'\n WHERE ProductID=" . $this->iProductID; $bSuccess = $connection->query($sSQL); if ($bSuccess == false) { die($sSQL . " fails!"); } } }
public function save() { $connection = new Connection(); if ($this->iRecipeID == 0) { $sSQL = "INSERT INTO tbrecipe(Title, AuthorNotes, Ingredients, Directions, ImagePath, UserID, RecipeTypeID)\n VALUES ('" . $connection->escape($this->sTitle) . "','" . $connection->escape($this->sAuthorNotes) . "','" . $connection->escape($this->sIngredients) . "','" . $connection->escape($this->sDirections) . "','" . $connection->escape($this->sImagePath) . "','" . $connection->escape($this->iUserID) . "','" . $connection->escape($this->iRecipeTypeID) . "')"; $bSuccess = $connection->query($sSQL); if ($bSuccess == true) { $this->iRecipeID = $connection->get_insert_id(); } else { die($sSQL . " fails!"); } } else { // update instead $sSQL = "UPDATE tbrecipe\n SET Title = '" . $connection->escape($this->sTitle) . "',AuthorNotes ='" . $connection->escape($this->sAuthorNotes) . "',Ingredients='" . $connection->escape($this->sIngredients) . "',Directions='" . $connection->escape($this->sDirections) . "',ImagePath='" . $connection->escape($this->sImagePath) . "',UserID='" . $connection->escape($this->iUserID) . "', RecipeTypeID='" . $connection->escape($this->iRecipeTypeID) . "'\n WHERE RecipeID=" . $this->iRecipeID; $bSuccess = $connection->query($sSQL); if ($bSuccess == false) { die($sSQL . " fails!"); } } }
public function save() { $connection = new Connection(); if ($this->iUserID == 0) { // if new customer $sSQL = "INSERT INTO tbuser (FirstName, LastName, Username, Address, Email, Telephone, Password, Admin)\n VALUES ('" . $connection->escape($this->sFirstName) . "','" . $connection->escape($this->sLastName) . "','" . $connection->escape($this->sUsername) . "','" . $connection->escape($this->sAddress) . "','" . $connection->escape($this->sEmail) . "','" . $connection->escape($this->iTelephone) . "','" . $connection->escape($this->sPassword) . "','" . $connection->escape($this->iAdmin) . "')"; $bSuccess = $connection->query($sSQL); if ($bSuccess == true) { $this->iUserID = $connection->get_insert_id(); } else { die($sSQL . " fails"); } } else { // if updating an existing customer $sSQL = "UPDATE tbuser\n SET UserID = '" . $connection->escape($this->iUserID) . "', FirstName ='" . $connection->escape($this->sFirstName) . "', LastName ='" . $connection->escape($this->sLastName) . "', Username = '******', Address = '" . $connection->escape($this->sAddress) . "', Email = '" . $connection->escape($this->sEmail) . "', Telephone = '" . $connection->escape($this->iTelephone) . "', Password ='******', Admin ='" . $connection->escape($this->iAdmin) . "'\n WHERE UserID =" . $connection->escape($this->iUserID); $bSuccess = $connection->query($sSQL); if ($bSuccess == false) { die($sSQL . " fails"); } } }
public function save() { $oConnection = new Connection(); if ($this->bExisting == false) { $sSQL = "INSERT INTO tbcustomer(FirstName, LastName, Address, Telephone, Email, UserName, Password\n\t\t\t\t)\n\t\t\tVALUES (\n\t\t\t\t'" . $oConnection->escape_value($this->sFirstName) . "',\n\t\t\t\t'" . $oConnection->escape_value($this->sLastName) . "',\n\t\t\t\t'" . $oConnection->escape_value($this->sAddress) . "',\n\t\t\t\t'" . $oConnection->escape_value($this->sTelephone) . "',\n\t\t\t\t'" . $oConnection->escape_value($this->sEmail) . "',\n\t\t\t\t'" . $oConnection->escape_value($this->sUserName) . "',\n\t\t\t\t'" . $oConnection->escape_value($this->sPassword) . "'\n\t\t\t\t)"; $bResult = $oConnection->query($sSQL); if ($bResult == true) { $this->iCustomerID = $oConnection->get_insert_id(); $this->bExisting = true; } else { die($sSQL . "failed"); } } else { // updating current customer $sSQL = "UPDATE tbcustomer\n\t\t\tSET FirstName = '" . $oConnection->escape_value($this->sFirstName) . "', \n\t\t\tLastName = '" . $oConnection->escape_value($this->sLastName) . "',\n\t\t\tAddress = '" . $oConnection->escape_value($this->sAddress) . "', \n\t\t\tTelephone = '" . $oConnection->escape_value($this->sTelephone) . "',\n\t\t\tEmail = '" . $oConnection->escape_value($this->sEmail) . "',\n\t\t\tUserName = '******',\n\t\t\tPassword = '******'\n\t\t\tWHERE tbcustomer.CustomerID =" . $oConnection->escape_value($this->iCustomerID); $bResult = $oConnection->query($sSQL); if ($bResult == false) { die($sSQL . "fails"); } } $oConnection->close_connection(); }