public function getMainNavigation() { $d = new Database(); $d->open('hacker_blog'); $sql = "SELECT * FROM navigation "; if ($this->type == 'private') { $sql .= " WHERE public = 0 "; } else { $sql .= " WHERE private = 1 "; } $s = $d->q($sql); if ($s && $d->numrows() >= 1) { $arr = array(); while ($r = $d->mfa()) { //print_r($r); array_push($arr, $r); } $this->messages = array("success" => "Found Navigation"); $this->current = $arr; return $arr; $d->close(); } else { $this->messages = array("error" => "Could not Find Navigation"); $d->close(); return false; } }
protected function cleanAndPost() { for ($n = 0; $n < count($this->message_information); $n++) { //clean left and white white space, escape the string for the Database $this->message_information[$n] = Sanitize::prepForDatabase(Sanitize::clearWhiteSpaceLR($this->message_information[$n])); } $d = new Database(); $d->open('hacker_blog'); //check for duplicates $chx = $d->q("SELECT * FROM user_messages WHERE user_messages.message = '{$this->message_information[2]}'"); if ($chx && $d->numrows() <= 0) { // id in the messages field is for the user's uid or user_id, depending on how you are moving forward with your code $s = $d->q("INSERT into user_messages\n\t\t\t\t \t\t(user_message_id,first_name,last_name,id,message,type,added_on) VALUES\n\t\t\t\t\t\t(NULL,'{$this->message_information[0]}','{$this->message_information[1]}',NULL,'{$this->message_information[2]}','{$this->type}',now())"); if ($s) { //echo 'made it through gauntlet. Added info into Database.'; $this->passed = true; } else { $this->passed = false; } } else { //echo 'You have already made a comment like this.'; $this->passed = false; } $d->close(); //print_r($this->message_information); }
public function getPage($id = null) { if (is_int($id)) { $this->page_id = $id; } $d = new Database(); $d->open('hacker_blog'); $s = $d->q("SELECT * FROM pages WHERE id = '{$this->page_id}'"); if ($s && $d->numrows() >= 1) { return $d->mfa(); $d->close(); } else { return false; } }
public function readBlogPost($start = 0, $end = 5, $post_id = null, $order = null) { $d = new Database(); $d->open('hacker_blog'); $sql = "SELECT * FROM blog_entries "; if (is_int($post_id)) { $sql .= " WHERE blog_id = '{$post_id}' "; } if (is_string($order)) { $sql .= " ORDER BY {$order} "; } $sql .= " LIMIT {$start}, {$end}"; // $s = $d->q($sql); if ($s && $d->numrows() >= 1) { $posts = array(); while ($r = $d->mfa()) { array_push($posts, $r); } return $posts; } else { return false; } }
require_once '../blog/includes/session.php'; require_once '../blog/classes/clsDatabase.php'; require_once '../blog/classes/clsSanitize.php'; if ($_POST['login']) { //print_r($_POST); // sanitize $login = Sanitize::clearWhiteSpaceLR($_POST['login']); //$password = Sanitize::clearWhiteSpaceLR($_POST['password']); $password = strtolower(Sanitize::clearWhiteSpaceLR($_POST['password'])); //echo $login.' '.$password; // test if in Database as well $d = new Database(); $d->open('hacker_blog'); $s = $d->q("SELECT * FROM user WHERE user.username = '******' AND user.password = sha1('{$password}') LIMIT 0,1"); if ($s && $d->numrows() > 0) { //mysql fetch assoc $info = $d->mfa(); //print_r($info); //$info = associative array $_SESSION['loggedin'] = true; // concat first and last name $name = $info['user_first_name'] . ' ' . $info['user_last_name']; //echo "NAME: $name"; $_SESSION['loggedin'] = true; $_SESSION['user_full_name'] = $name; $_SESSION['user_quick_name'] = $info['user_first_name']; $_SESSION['user_id'] = $info['id']; //echo '<a href="/week_eight/secret_loggedin_area.php">Manual Override</a>'; header("Location: /week_eight/secret_loggedin_area.php"); // /secret_loggedin_area.php