function GenMapMenu($table, $field, $order) { global $defined; $db = new dbConn(); $val = new ValidateStrings(); if (empty($table) || empty($field)) { return -1; } $conn = $db->dbConnect($defined['dbhost'], $defined['username'], $defined['password'], $defined['dbname']); if (empty($order)) { $query = "SELECT {$field} FROM `{$table}`"; } else { $query = "SELECT {$field} FROM `{$table}` ORDER BY `{$order}`"; } $query = $val->ValidateSQL($query, $conn); if (($value = $db->dbQuery($query, $conn)) === -1) { return -1; } if ($db->dbNumRows($value) === -1 || $db->dbNumRows($value) === 0) { return -1; } else { $list = "<form method=\"get\" action=\"{$_SERVER['PHP_SELF']}\"><b>Existing rides:</b> <select name=\"mapper\" onChange=\"jumpMenu('parent',this,0)\"><option value=\"NULL\">Select Map / Route...</option>"; $list .= "<option>------------------------------</option>"; foreach ($db->dbArrayResultsAssoc($value) as $key => $val) { $url = $_SERVER['PHP_SELF'] . "?lat=" . $val['lat'] . "&lon=" . $val['lon'] . "&z=" . $val['zoom'] . "&mType=" . $val['type'] . "&driveFrom=" . $val['from'] . "&driveTo=" . $val['to'] . "&driveVia=" . $val['via'] . "&locale=en"; $list .= "<option name=\"{$url}\" value=\"{$url}\">" . $val['name'] . "</option>"; } $list .= "</select></form>"; $data = $list; } $db->dbFreeData($conn); $db->dbCloseConn($conn); return $data; }
function deleteStudent($cne) { $mysql = dbConn::getConnection(); $q = $mysql->prepare("DELETE FROM etudiant WHERE cne = ?"); $q->execute(array($cne)); $mysql = dbConn::disconnect(); }
public function addStatement() { $argsCount = func_num_args(); $par = array(); // array with parameters; will be used later for prepare/exec // no query as parameter given if ($argsCount < 1) { throw new Exception("No Sql-Query given"); } // insert table prefix $query = func_get_arg(0); $query = str_replace(":prefix:", dbConn::getTablePrefix(), $query); // if there are parameters, insert in if ($argsCount > 1) { // create array with parameters for pdo usage for ($i = 1; $i < $argsCount; $i++) { $key = ":" . ($i - 1); $par[$key] = func_get_arg($i); } } try { // prepare statement $statement = $this->connection->prepare($query); $statement->execute($par); } catch (Exception $ex) { throw new Exception($ex->getMessage()); } // return current object for reusage return $this; }
function resolveRequest($req) { $result = array(); foreach (dbConn::query("SELECT class " . "FROM :prefix:module AS m " . "INNER JOIN :prefix:request AS r " . "ON m.moduleId = r.moduleId " . "WHERE r.url = :0", $req) as $r) { $result = array("file" => $r['class'], "module" => $r['class']); } return $result; }
/** * Writes a log entry into the database. * * @param int $module The moduleId of the module. * @param actionType $action The type of action the user did. * @param array $data Data before and after the action. */ public static function write($module, $action, $data) { if (!isset($_SESSION['user']) || $_SESSION['user'] == "") { die; } if (actionlogger::$loggingEnabled) { dbConn::execute("INSERT INTO :prefix:admin_action (sessionId, moduleId, action, data, ipaddress) VALUES (:0, :1, :2, :3, :4);", $_SESSION['sessionId'], $module, $action, json_encode($data), $_SERVER['REMOTE_ADDR']); } }
public function getOutput() { $tpl = new \template("mypatients/container"); // user data $user = \dbConn::queryRow("SELECT userid, firstname, lastname, rfid, email, state \n FROM :prefix:user WHERE userId = :0", $_SESSION['userId']); $tpl->insert("firstname", $user['firstname']); $tpl->insert("lastname", $user['lastname']); $tpl->insert("userid", $user['userid']); $tpl->insert("rfid", $user['rfid']); $tpl->insert("email", $user['email']); foreach (\dbConn::query("SELECT * FROM :prefix:user_state") as $r) { $tpl->insert("states", $r['name'] == $user['state'] ? "<option value=\"{$r['name']}\" selected>{$r['display']}</option>" : "<option value=\"{$r['name']}\">{$r['display']}</option>"); } // insert patients $hasPatients = false; $visit = null; foreach (\dbConn::query("\n SELECT firstname, lastname, patientId\n FROM :prefix:visit AS v\n INNER JOIN :prefix:patient AS p\n ON v.patient = p.patientId\n WHERE user = :0\n ORDER BY firstname", $_SESSION['userId']) as $r) { $tpl->insert("patients", "<option value=\"{$r['patientId']}\">{$r['firstname']} {$r['lastname']}</option>"); if (!$hasPatients) { $visit = \dbConn::queryRow("SELECT * FROM :prefix:visit WHERE user = :0 AND patient = :1", $_SESSION['userId'], $r['patientId']); } $hasPatients = true; } $visitTpl = new \template("visitors/edit.visit"); // relation foreach (\dbConn::query("SELECT * FROM :prefix:relation ORDER BY name ASC") as $r) { $visitTpl->insert("relations", "<option value=\"{$r['name']}\"" . ($r['name'] == $visit['relation'] ? " selected" : "") . ">{$r['name']}</option>"); } // description $visitTpl->insert("description", $visit['description']); // scent foreach (\dbConn::query("SELECT * FROM :prefix:scent ORDER BY name ASC") as $r) { $visitTpl->insert("scents", "<option value=\"{$r['name']}\"" . ($r['name'] == $visit['scent'] ? " selected" : "") . ">{$r['name']}</option>"); } // images $imgCount = 0; foreach (\dbConn::query("SELECT * FROM :prefix:visit_media WHERE visitId = :0 AND type = :1", $visit['visitId'], 'Image') as $img) { $visitTpl->insert("image" . ($imgCount + 1), ROOT . "media/image/" . $img['path']); $imgCount++; } for ($i = $imgCount + 1; $i <= 3; $i++) { $visitTpl->insert("image" . $i, ROOT . "images/icons/image.png"); } // audios $audioCount = 0; foreach (\dbConn::query("SELECT * FROM :prefix:visit_media WHERE visitId = :0 AND type = :1", $visit['visitId'], 'Audio') as $audio) { $visitTpl->insert("audio" . ($audioCount + 1), ROOT . "images/icons/audio.png"); $audioCount++; } for ($i = $audioCount + 1; $i <= 3; $i++) { $visitTpl->insert("audio" . $i, ROOT . "images/icons/plus.png"); } $tpl->insert("visit", $visitTpl->getOutput()); return $tpl->getOutput(); }
function __construct() { parent::__construct(); $creds = $this->getCreds(); $this->scCredentials = array('appKey' => $creds['appKey'], 'securityKey' => $creds['securityKey'], 'xslUri' => ''); $this->scWarehouse = $creds['warehouse']; //$this->scWarehouse = "wookies main"; $this->trakCredentials = array('user' => $creds['trakUser'], 'password' => $creds['trakPassword'], 'trakURL' => $creds['trakURL'], 'trakPort' => $creds['trakPort']); $this->emailCredentials = array('email' => $creds['email'], 'password' => $creds['emailPassword'], 'oversoldEmail' => json_decode($creds['oversoldEmail'], TRUE), 'storeEmail' => json_decode($creds['storeEmail'], TRUE)); $this->password = $creds['appPassword']; }
/** * Loads all (unloaded) frontend modules and returns an array with all loaded module names. * * @return array All loaded module names. * @static * @since Version 1.0 */ public static function loadAllModules() { $modules = array(); foreach (dbConn::query("SELECT class FROM :prefix:module WHERE backendOnly = 0") as $r) { if (!file_exists(BASEDIR . "modules/" . $r['class'] . "/" . $r['class'] . ".php")) { throw new Exception("Failed while loading installed module as the module file was not found: " . BASEDIR . "modules/" . $r['class'] . "/" . $r['class'] . ".php"); } require_once BASEDIR . "modules/" . $r['class'] . "/" . $r['class'] . ".php"; array_push($modules, "\\frontend\\" . $r['class']); } return $modules; }
function error() { $app = Slim\Slim::getInstance(); dbConn::close_connection(); // Close the connection to the MySQL database mongoConn::close_connection(); // Close the connection to the NoSQL database // remove all session variables session_unset(); // destroy the session session_destroy(); // Show the error $error = array("error" => "Unauthorised Access. Please Login to use this site."); $app->render('../api/resources/error.php', array('myerror' => $error)); }
function getHistory($limit) { if (!isset($limit) || $limit == 0 || $limit == null || !is_numeric($limit)) { $limit = 9999999; } $changes = new template("admin/lastchanges.container"); foreach (dbConn::query("SELECT\n action, \n nameBefore, \n nameAfter, \n emailBefore, \n emailAfter, \n production, \n fromDate,\n toDate,\n mvoe_plan.name AS plan, \n mvoe_worker_history.created\n FROM :prefix:worker_history \n INNER JOIN :prefix:shift ON :prefix:shift.shiftId = :prefix:worker_history.shift\n INNER JOIN :prefix:plan ON :prefix:shift.plan = :prefix:plan.name\n ORDER BY :prefix:worker_history.created DESC LIMIT 0, " . $limit) as $r) { $change = new template("admin/lastchanges.entry"); switch ($r['action']) { case "insert": $change->insert("action", "<span style=\"color:green;\"><small>\n <i class=\"fa fa-plus-square\"></i>\n </small></span> Hinzugefügt"); break; case "update": $change->insert("action", "<span style=\"color:orange;\"><small>\n <i class=\"fa fa-minus-square\"></i>\n </small></span> Bearbeitet"); break; case "delete": $change->insert("action", "<span style=\"color:red;\">\n <small><i class=\"fa fa-trash\"></i>\n </small></span> Gelöscht"); break; default: $change->insert("action", "Unbekannt"); break; } $change->insert("shift", "<small>{$r['plan']}, {$r['production']}</small><br />" . substr($r['fromDate'], 0, 5) . " - " . substr($r['toDate'], 0, 5)); if ($r['nameBefore'] == $r['nameAfter']) { $change->insert("user", $r['nameAfter']); } else { $change->insert("user", "<small><span style=\"text-decoration:line-through;\">{$r['nameBefore']}</span></small>\n <br /><strong>{$r['nameAfter']}</strong>"); } if ($r['emailBefore'] == $r['emailAfter']) { $change->insert("email", $r['emailAfter']); } else { $change->insert("email", "<small><span style=\"text-decoration:line-through;\">{$r['emailBefore']}</span></small>\n <br /><strong>{$r['emailAfter']}</strong>"); } $change->insert("date", (new DateTime($r['created']))->format("d.m.y H:i")); $changes->insert("content", $change->getOutput()); } $changes->removeVariables(); return $changes->getOutput(); }
public static function getOutput($par) { $nav = new template("navigation/container"); $public = !isset($_SESSION['user']); foreach (dbConn::query("SELECT * FROM :prefix:navigation WHERE parent IS NULL AND public = :0 ORDER BY position", $public) as $r) { if ($r['admin'] && !$_SESSION['isAdmin']) { continue; } $link = new template("navigation/layer1"); $link->insert("caption", htmlspecialchars($r['caption'])); $link->insert("destination", ROOT . $r['destination'] . "/"); $requestUri = $_SERVER['REQUEST_URI']; if (navigation::startsWith($_SERVER['REQUEST_URI'], ROOT)) { $requestUri = urldecode(substr($_SERVER['REQUEST_URI'], strlen(ROOT))); } // check active //$link->insert("active", $requestUri == $r['destination'] ? "active" : ""); $link->insert("active", navigation::startsWith($requestUri, $r['destination']) ? "active" : ""); foreach (dbConn::query("SELECT * FROM :prefix:navigation WHERE parent = :0 ORDER BY position", $r['linkId']) as $s) { $sublink = new template("navigation/layer2"); $sublink->insert("caption", htmlspecialchars($s['caption'])); $sublink->insert("destination", ROOT . $s['destination'] . "/"); $requestUri = $_SERVER['REQUEST_URI']; if ($requestUri[strlen($requestUri) - 1] == "/") { $requestUri = substr($requestUri, 0, strlen($requestUri) - 1); } if (navigation::startsWith($requestUri, ROOT)) { $requestUri = substr($requestUri, strlen(ROOT), strlen($requestUri) - strlen(ROOT)); } $sublink->insert("active", $requestUri == $s['destination'] ? "active" : ""); $link->insert("links", $sublink->getOutput()); } $nav->insert("links", $link->getOutput()); } return $nav->getOutput(); }
function ChkLevel($token) { global $defined; if (empty($token)) { $level->value = -1; } else { $auth = new Encryption(); $db = new dbConn(); $val = new ValidateStrings(); $array = $auth->DecodeAuthToken($token); $data = $db->dbConnect($defined['dbhost'], $defined['username'], $defined['password'], $defined['dbname']); $query = "SELECT `level` FROM `auth_users` WHERE `level` = \"" . base64_decode($array[2]) . "\""; $value = $db->dbQuery($val->ValidateSQL($query, $data), $data); $array = $db->dbArrayResults($value); $level->value = $array[0]['level']; $db->dbFreeData($query); $db->dbCloseConn($data); } return $level->value; }
<?php session_start(); require_once '../lib/class.dbConnect.php'; require_once '../lib/class.contents.php'; require_once '../lib/class.favorites.php'; $DB = new dbConn(); $Favorite = new clsFavorites($DB->getConnection()); $idx = $_POST['idx']; $m_idx = $_SESSION['USER_IDX']; $arr = array("tags" => trim($_POST['tags'])); $result = $Favorite->modify($idx, $m_idx, $arr); echo json_encode($result);
<?php session_start(); define('DOCROOT', realpath(dirname(__FILE__)) . '/'); require DOCROOT . 'dbConn.php'; $con = new dbConn(); $password = $_POST['password']; $email = $_SESSION['email']; require DOCROOT . 'activationAndNotifications.php'; $stm = "select pwcr from users where email = '" . $email . "';"; $res = $con->execute($stm); if ($res->num_rows > 0) { while ($row = $res->fetch_assoc()) { if ($row['pwcr'] == 1) { $stm = "update users set password = '******' where email='" . $email . "';"; if ($con->execute($stm) === true) { $not = new notification(); $body = "Password changed successfully."; $not->email("*****@*****.**", "Administration", "*****@*****.**", "mailstodeliver", $email, "Password Changed Successfully", $body); $stm = "update users set pcwr = 0 where email = '" . $email . "';"; $con->execute($stm); $stm = "update users set activationCode = 0 where email = '" . $email . "';"; $con->execute($stm); $_SESSION['homeMessage'] = "Password has been changed successfully."; echo "<meta http-equiv='refresh' content='0; url=http://32.208.103.211/chatRegistration/index.php'>"; } else { $_SESSION['homeMessage'] = "Link has been expired."; echo "<meta http-equiv='refresh' content='0; url=http://32.208.103.211/chatRegistration/index.php'>"; } } }
public static function disconnect() { self::$db = null; }
<?php /* * phpDHCPAdmin * Jason Gerfen [jason.gerfen@gmail.com] * * config.replication.php - DHCPD Replication configuration */ // load our config data if (file_exists("scripts/inc.config.php")) { require 'scripts/inc.config.php'; // ensure we are being called from our configured host if ($defined['hostname'] === $_SERVER['SERVER_NAME']) { // Initialize classes $db = new dbConn(); $err = new GenerateErrors(); $tpl = new Template(); $skin = new PageSkinner(); $val = new ValidateStrings(); $menu = new GenerateNavMenu(); $auth = new Authenticate(); $level = new AccessLevels(); $misc = new MiscFunctions(); $debug = new DebugData(); // initialize a db connection handle $dbconn = $db->dbConnect($defined['dbhost'], $defined['username'], $defined['password'], $defined['dbname']); // ensure our sessions are present if (empty($_SESSION['token'])) { $sessions = new dbSession(); } //define the template and cache directories
<?php /* * phpDHCPAdmin * Jason Gerfen [jason.gerfen@gmail.com] * * admin.import.hosts.php - DHCPD Import static hosts using xml or csv files */ // load our config data if (file_exists("scripts/inc.config.php")) { require 'scripts/inc.config.php'; // ensure we are being called from our configured host if ($defined['hostname'] === $_SERVER['SERVER_NAME']) { // Initialize classes $db = new dbConn(); $err = new GenerateErrors(); $tpl = new Template(); $skin = new PageSkinner(); $val = new ValidateStrings(); $menu = new GenerateNavMenu(); $auth = new Authenticate(); $level = new AccessLevels(); $misc = new MiscFunctions(); $debug = new DebugData(); // initialize a db connection handle $dbconn = $db->dbConnect($defined['dbhost'], $defined['username'], $defined['password'], $defined['dbname']); // ensure our sessions are present if (empty($_SESSION['token'])) { $sessions = new dbSession(); } //define the template and cache directories
<?php /* * phpDHCPAdmin * Jason Gerfen [jason.gerfen@gmail.com] * * config.pxe.php - DHCPD Global PXE/BOOTP configuration options */ // load our config data if (file_exists("scripts/inc.config.php")) { require 'scripts/inc.config.php'; // ensure we are being called from our configured host if ($defined['hostname'] === $_SERVER['SERVER_NAME']) { // Initialize classes $db = new dbConn(); $err = new GenerateErrors(); $tpl = new Template(); $skin = new PageSkinner(); $val = new ValidateStrings(); $menu = new GenerateNavMenu(); $auth = new Authenticate(); $level = new AccessLevels(); $misc = new MiscFunctions(); $debug = new DebugData(); // initialize a db connection handle $dbconn = $db->dbConnect($defined['dbhost'], $defined['username'], $defined['password'], $defined['dbname']); // ensure our sessions are present if (empty($_SESSION['token'])) { $sessions = new dbSession(); } //define the template and cache directories
<?php session_start(); require_once '../lib/class.dbConnect.php'; require_once '../lib/class.contents.php'; require_once '../lib/class.favorites.php'; $DB = new dbConn(); $Content = new clsContents($DB->getConnection()); $Favorite = new clsFavorites($DB->getConnection()); $result = array(); if ($_SESSION['USER_IDX'] == "") { $result = array("r" => "error", "msg" => "Available after sign in."); echo json_encode($result); return; } if (trim($_POST['cidx']) == "") { $arr = array("c_id" => trim($_POST['id']), "c_type" => trim($_POST['c_type']), "s_name" => trim($_POST['s_name']), "c_info" => trim($_POST['info'])); $result = $Content->save($arr); if ($result['r'] == "success" || $result['r'] == "exist") { $c_idx = $result['idx']; } } else { $c_idx = trim($_POST['cidx']); } $arr = array("m_idx" => $_SESSION['USER_IDX'], "c_idx" => $c_idx, "search_word" => trim($_POST['keyword']), "tags" => trim($_POST['tags'])); $result = $Favorite->save($arr); if ($result['r'] == "success") { $result['f_cnt'] = $Content->incrementFavorite($result['c_idx']); } echo json_encode($result);
header("location: " . ROOT . "login"); die; } function generateRandomString($length = 10) { $characters = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ'; $charactersLength = strlen($characters); $randomString = ''; for ($i = 0; $i < $length; $i++) { $randomString .= $characters[rand(0, $charactersLength - 1)]; } return $randomString; } $required = array("firstname", "lastname", "email", "password", "passwordre", "rfid", "isAdmin", "state"); foreach ($required as $r) { if (!isset($_POST[$r]) || $_POST[$r] == "") { die("Bitte füllen Sie alle Felder aus."); } } if ($_POST['password'] != $_POST['passwordre']) { die("Passwörter stimmen nicht überein."); } if (strlen($_POST['password']) < 6) { die("Passwort muss mindestens 6 Zeichen enthalten"); } try { $salt = generateRandomString(50); \dbConn::execute("INSERT INTO :prefix:user (firstname, \n lastname, \n email, \n password,\n salt,\n rfid,\n isAdmin,\n state) \n VALUES (:0, :1, :2, :3, :4, :5, :6, :7);", htmlentities($_POST['firstname']), htmlentities($_POST['lastname']), htmlentities($_POST['email']), hash("sha512", $_POST['password'] . $salt), $salt, htmlentities($_POST['rfid']), $_POST['isAdmin'], $_POST['state']); } catch (\Exception $ex) { echo $ex->getMessage(); }
/** * Checks if the user is an admin. * * @return boolean True if the user is administrator. */ private function isAdmin() { return \dbConn::querySingle("SELECT isAdmin FROM :prefix:user WHERE email = :0", $_POST['username']); }
$has = false; $required = 0; foreach (dbConn::query("SELECT * FROM :prefix:production_shift WHERE production = :0 AND shift = :1", $prod, $shiftId) as $r) { $required = $r['required']; $has = true; } $prodShift = new template("production_shift"); $prodShift->insert("shiftId", $shiftId); $prodShift->insert("disabled", $has ? "" : "shift-disabled"); $prodShift->insert("unique", seoUrl("{$plan}-{$prod}-" . substr(str_replace(":00-", " - ", $sh), 0, 13))); if ($has) { // fill required number of workers, name $prodShift->insert("required", $required); $prodShift->insert("name", $prod); // get workers of one shift in one production foreach (dbConn::query("SELECT * FROM :prefix:worker WHERE production = :0 AND shift = :1", $prod, $shiftId) as $r) { $worker = new template("worker"); $worker->insert("name", $r['name']); $worker->insert("email", $r['email']); $prodShift->insert("workers", $worker->getOutput()); } } $t->insert("shift_productions", $prodShift->getOutput()); } $planTpl->insert("shifts", $t->getOutput()); } $tabContent->insert("desktop", $planTpl->getOutput()); } $tpl->insert("plansContent", $tabContent->getOutput()); } // insert page request duration
public static function close_connection() { self::$db = null; }
<?php /* * phpDHCPAdmin * Jason Gerfen [jason.gerfen@gmail.com] * * hosts.search.php - DHCPD Search for static host */ // load our config data if (file_exists("scripts/inc.config.php")) { require 'scripts/inc.config.php'; // ensure we are being called from our configured host if ($defined['hostname'] === $_SERVER['SERVER_NAME']) { // Initialize classes $db = new dbConn(); $err = new GenerateErrors(); $tpl = new Template(); $skin = new PageSkinner(); $val = new ValidateStrings(); $menu = new GenerateNavMenu(); $auth = new Authenticate(); $encrypt = new Encryption(); $level = new AccessLevels(); $misc = new MiscFunctions(); $debug = new DebugData(); // initialize a db connection handle $dbconn = $db->dbConnect($defined['dbhost'], $defined['username'], $defined['password'], $defined['dbname']); // ensure our sessions are present if (empty($_SESSION['token'])) { $sessions = new dbSession(); }
<?php /* * phpDHCPAdmin * Jason Gerfen [jason.gerfen@gmail.com] * * manage.pools.php - Manage custom pools */ // load our config data if (file_exists("scripts/inc.config.php")) { require 'scripts/inc.config.php'; // ensure we are being called from our configured host if ($defined['hostname'] === $_SERVER['SERVER_NAME']) { // Initialize classes $db = new dbConn(); $err = new GenerateErrors(); $tpl = new Template(); $skin = new PageSkinner(); $val = new ValidateStrings(); $menu = new GenerateNavMenu(); $auth = new Authenticate(); $encrypt = new Encryption(); $level = new AccessLevels(); $misc = new MiscFunctions(); $debug = new DebugData(); // initialize a db connection handle $dbconn = $db->dbConnect($defined['dbhost'], $defined['username'], $defined['password'], $defined['dbname']); // ensure our sessions are present if (empty($_SESSION['token'])) { $sessions = new dbSession(); }
<?php require "../config.php"; function validateDate($date) { $d = DateTime::createFromFormat('d.m.Y', $date); return $d && $d->format('d.m.Y') == $date; } if (!isset($_POST['name']) || strlen($_POST['name']) < 1) { die("Bitte geben Sie einen gültigen Namen ein."); } if (!isset($_POST['public']) || !validateDate($_POST['public']) || !isset($_POST['editable']) || !validateDate($_POST['editable'])) { die("Bitte geben Sie ein gültiges Datum ein."); } dbConn::execute("UPDATE :prefix:plan SET name = :0, public = :1, editable = :2 WHERE name = :3", htmlspecialchars($_POST['name']), DateTime::createFromFormat("d.m.Y", $_POST['public'])->format("Y-m-d H:i:s"), DateTime::createFromFormat("d.m.Y", $_POST['editable'])->format("Y-m-d H:i:s"), htmlspecialchars($_POST['originalName'])); dbConn::execute("DELETE FROM :prefix:email_subscriber WHERE plan = :0", htmlspecialchars($_POST['originalName'])); foreach ($_POST['subscribers'] as $r) { dbConn::execute("INSERT INTO :prefix:email_subscriber (email, plan) VALUES (:0, :1);", $r, htmlspecialchars($_POST['name'])); } echo "SUCCESS";
<?php require "../config.php"; function validateDate($date) { $d = DateTime::createFromFormat('d.m.Y', $date); return $d && $d->format('d.m.Y') == $date; } if (!isset($_POST['name']) || strlen($_POST['name']) < 1) { die("Bitte geben Sie einen gültigen Namen ein."); } if (dbConn::querySingle("SELECT COUNT(*) FROM :prefix:plan WHERE name = :0", $_POST['name']) > 0) { die("Der eingegebene Name ist schon vergeben."); } if (!isset($_POST['public']) || !validateDate($_POST['public']) || !isset($_POST['editable']) || !validateDate($_POST['editable'])) { die("Bitte geben Sie ein gültiges Datum ein."); } dbConn::execute("INSERT INTO :prefix:plan (name, public, editable) VALUES (:0, :1, :2);", htmlspecialchars($_POST['name']), $_POST['public'], $_POST['editable']); $tpl = new template("admin/nav.plan"); $tpl->insert("active", ""); $tpl->insert("name", htmlspecialchars($_POST['name'])); echo "SUCCESS" . $tpl->getOutput();
<?php session_start(); require_once '../lib/class.dbConnect.php'; require_once '../lib/class.members.php'; $DB = new dbConn(); $Member = new clsMembers($DB->getConnection()); if ($Member->confirmPasswd(trim($_POST['email']), trim($_POST['currentPasswd'])) === true) { echo "true"; } else { echo "false"; }
<?php require "../config.php"; dbConn::execute("UPDATE :prefix:plan SET deleted = 1, name = CONCAT(name, '_', CURRENT_TIMESTAMP) WHERE name = :0", $_POST['plan']); echo "SUCCESS";
/** * Saves changes into database from POST data. * * @param string &$error Error variable for error text. * @return bool True if changes been done without errors. */ private function saveChanges(&$error) { try { \dbConn::execute("UPDATE :prefix:patient SET \n firstname = :0,\n lastname = :1,\n birth = :2,\n room = :3\n WHERE patientId = :4\n ", htmlentities($_POST['firstname']), htmlentities($_POST['lastname']), (new \DateTime($_POST['birthday']))->format("Y-m-d"), $_POST['room'], $_GET['par2']); return true; } catch (\Exception $ex) { $error = $ex->getMessage(); return false; } }