public function addUser($user) { $dbHelper = new DBHelper(); //All the data members are being passed through the escape string function $uid = $dbHelper->EscapeString($user->getUserId()); $fname = $dbHelper->EscapeString($user->getFirstName()); $lname = $dbHelper->EscapeString($user->getLastName()); //First escape the string, and then change it to hash $pwd = sha1($user->getPassword()); $loginid = $dbHelper->EscapeString($user->getLogin()); $email = $dbHelper->EscapeString($user->getEmail()); $dob = $dbHelper->EscapeString($user->getDOB()); $language = $dbHelper->EscapeString($user->getUserLanguage()); $usertype = $dbHelper->EscapeString($user->getUserType()); $regdate = $dbHelper->EscapeString($user->getRegistrationDate()); $location = $dbHelper->EscapeString($user->getLocation()); //Null for now, because we do not need it.. $mediaid = null; //$dbHelper->EscapeString($user->getMediaId(); $ratingid = null; //$dbHelper->EscapeString($user->getUserRatingId()); $emailsub = null; //$dbHelper->EscapeString($user->getEmailSub()); $query_insert = "INSERT INTO " . USER . " VALUES('', '{$fname}', '{$lname}','{$loginid}','{$pwd}','{$ratingid}','{$mediaid}','{$email}','{$dob}','{$location}','{$regdate}','{$usertype}','{$language}','{$emailsub}')"; $result = $dbHelper->executeInsertQuery($query_insert); //$last_inserted_id = mysql_insert_id(); return $result; //which will return the last inserted id }
public function AddProficient($ProfData) { $dbHelper = new DBHelper(); //All the data members are being passed through the escape string function $userid = $dbHelper->EscapeString($ProfData->getUserId()); $langid = $dbHelper->EscapeString($ProfData->getLanguageId()); $prof = $dbHelper->EscapeString($ProfData->getProf()); $query_insert = "INSERT INTO " . LANGUAGE_PROF . " VALUES('', '{$userid}', '{$langid}','{$prof}')"; //echo $query_insert; $result = $dbHelper->executeInsertQuery($query_insert); //returns the last row inserted.. return $result; }
public function getLanguageById($langid) { $dbHelper = new DBHelper(); //to escape the strings for inserting $lang_id = $dbHelper->EscapeString($langid); $query = "SELECT * FROM " . LANGUAGE . " where lan_language_id = " . $lang_id; $result = $dbHelper->executeQuery($query); $Language = $this->getLanguage($result); // 1 return $Language; }
public function getLanguageByName($langname) { $dbHelper = new DBHelper(); //to escape the strings for inserting $lang_name = $dbHelper->EscapeString($langname); $lang_name = strtoupper($lang_name); $query = "SELECT * FROM " . LANGUAGE . " where upper(lan_lang_name) = " . "'" . $lang_name . "'"; $result = $dbHelper->executeQuery($query); $Language = $this->getLanguage($result); return $Language->getLangId(); }
public function getAuthenByName($authenName) { $dbHelper = new DBHelper(); //to escape the strings for inserting $authen_name = $dbHelper->EscapeString($authenName); $authen_name = strtoupper($authen_name); $query = "SELECT * FROM " . AUTHEN . " WHERE UPPER(athn_stat_name) = " . "'" . $authen_name . "'"; $result = $dbHelper->executeQuery($query); $authen = $this->getAuthen($result); return $authen->getAuthenId(); }