public function fetchImages() { if (!file_exists($this->fullPath)) { throw new Exception('Gallery path does not exist: ' . $this->fullPath); } $sql = 'SELECT i.id, i.filename, i.published FROM images i WHERE i.gallery = :gallery'; $stmt = DatabaseFactory::getInstance()->prepare($sql); $stmt->bindValue(':gallery', $this->id); $stmt->execute(); $databaseImages = assignKeys($stmt->fetchAll(), 'filename'); $privViewUnpublished = Session::hasPriv('GALLERY_VIEW_UNPUBLISHED'); $images = array(); foreach (scandir($this->fullPath) as $filename) { if (strpos($filename, '.') == 0) { continue; } $potentialImage = array('filename' => $filename, 'published' => true); $dbEntry =& $databaseImages[$filename]; $dbEntry = is_array($dbEntry) ? $dbEntry : array(); $imageMerged = array_merge($potentialImage, $dbEntry); if ($imageMerged['published'] || !$imageMerged['published'] && $privViewUnpublished) { $images[] = $imageMerged; } } return $images; }
public static function isEmpty() { $sql = 'SELECT bi.id FROM basket_items bi WHERE bi.basketOwner = :userId'; $stmt = DatabaseFactory::getInstance()->prepare($sql); $stmt->bindValue(':userId', Session::getUser()->getId()); $stmt->execute(); return $stmt->numRows() == 0; }
public function process() { $sql = 'INSERT INTO finance_accounts (title) VALUES (:title) '; $stmt = DatabaseFactory::getInstance()->prepare($sql); $stmt->bindValue(':title', $this->getElementValue('title')); $stmt->execute(); redirect('listFinanceAccounts.php', 'Created'); }
public function getEvents() { $sql = 'SELECT e.id, e.name FROM events e WHERE e.venue = :vid ORDER BY e.date ASC'; $stmt = DatabaseFactory::getInstance()->prepare($sql); $stmt->bindValue(':vid', $this->getId()); $stmt->execute(); return $stmt->fetchAll(); }
public function process() { $sql = 'INSERT INTO galleries (title, status, folderName) VALUES (:title, "Open", :folderName)'; $stmt = DatabaseFactory::getInstance()->prepare($sql); $stmt->bindValue('title', $this->getElementValue('title')); $stmt->bindValue(':folderName', $this->getElementValue('folderPath')); $stmt->execute(); }
public function process() { $sql = 'UPDATE permissions SET description = :description WHERE `key` = :key'; $stmt = DatabaseFactory::getInstance()->prepare($sql); $stmt->bindValue(':key', $this->getElementValue('id')); $stmt->bindValue(':description', $this->getElementValue('description')); $stmt->execute(); }
public function process() { $sql = 'INSERT INTO basket_items (user, event, basketOwner) VALUES (:user, :event, :basketOwner)'; $stmt = DatabaseFactory::getInstance()->prepare($sql); $stmt->bindValue(':user', $this->user->getId()); $stmt->bindValue(':event', $this->getElementValue('event')); $stmt->bindValue(':basketOwner', Session::getUser()->getId()); $stmt->execute(); }
public function process() { $sql = 'UPDATE seatingplans SET layout = :layout, seatCount = :seatCount WHERE id = :id'; $stmt = DatabaseFactory::getInstance()->prepare($sql); $stmt->bindValue(':layout', $this->getElementValue('layout')); $stmt->bindValue(':seatCount', $this->getElementValue('seatCount')); $stmt->bindValue(':id', $this->getElementValue('id')); $stmt->execute(); }
public function process() { $sql = 'INSERT INTO finance_transactions (amount, description, account) VALUES (:amount, :description, :account) '; $stmt = DatabaseFactory::getInstance()->prepare($sql); $stmt->bindValue(':amount', $this->getElementValue('amount')); $stmt->bindValue(':description', $this->getElementValue('description')); $stmt->bindValue(':account', $this->getElementValue('account')); $stmt->execute(); redirect('viewFinanceAccount.php?id=' . $this->getElementValue('account'), 'Finance entry created.'); }
public function process() { $sql = 'UPDATE finance_accounts SET title = :title, assigned_to = :assignedTo WHERE id = :id'; $stmt = DatabaseFactory::getInstance()->prepare($sql); $stmt->bindValue(':id', $this->getElementValue('id')); $stmt->bindValue(':title', $this->getElementValue('title')); $stmt->bindValue(':assignedTo', $this->getElementValue('assignedTo')); $stmt->execute(); redirect('listFinanceAccounts.php', 'Updated'); }
function getAuthenticatedMachines($user, $event) { $sql = 'SELECT a.id FROM authenticated_machines a WHERE a.user = :user AND a.event = :event'; $stmt = DatabaseFactory::getInstance()->prepare($sql); $stmt->bindValue(':user', $user); $stmt->bindValue(':event', $event); $stmt->execute(); $authenticatedMachines = $stmt->fetchAll(); return $authenticatedMachines; }
private function getElementVenues($id) { $el = $this->addElement(new ElementSelect('venue', 'Venue', $id)); $sql = 'SELECT v.id, v.name FROM venues v'; $stmt = DatabaseFactory::getInstance()->prepare($sql); $stmt->execute(); foreach ($stmt->fetchAll() as $itemVenue) { $el->addOption($itemVenue['name'], $itemVenue['id']); } return $el; }
public function process() { $sql = 'UPDATE images SET promo = :promo, caption = :caption, published = :published WHERE filename = :filename AND gallery = :gallery '; $stmt = DatabaseFactory::getInstance()->prepare($sql); $stmt->bindValue(':promo', $this->getElementValue('promo')); $stmt->bindValue(':caption', $this->getElementValue('caption')); $stmt->bindValue(':filename', $this->getElementValue('filename')); $stmt->bindValue(':published', $this->getElementValue('published')); $stmt->bindValue(':gallery', $this->getElementValue('gallery')); $stmt->execute(); }
function deleteSeatsForUser($eventId, $userId = null) { if (empty($userId)) { $userId = Session::getUser()->getId(); } $sql = 'DELETE FROM seatingplan_seat_selections WHERE event = :event AND user = :user '; $stmt = DatabaseFactory::getInstance()->prepare($sql); $stmt->bindValue(':event', $eventId); $stmt->bindValue(':user', $userId); $stmt->execute(); }
public function process() { $sql = 'INSERT INTO finance_transactions (amount, description, timestamp, account) VALUES (:amount, :title, now(), :account) '; $stmt = DatabaseFactory::getInstance()->prepare($sql); foreach (Basket::getContents() as $basketItem) { $stmt->bindValue(':amount', $basketItem['cost']); $stmt->bindValue(':title', '(given cash) ' . $basketItem['title'] . ' ticket for ' . $basketItem['username']); $stmt->bindValue(':account', $this->getElementValue('username')); $stmt->execute(); Events::setSignupStatus($basketItem['userId'], $basketItem['eventId'], 'CASH_IN_POST'); } }
public function process() { $sql = 'DELETE FROM finance_account_allocations'; $stmt = DatabaseFactory::getInstance()->prepare($sql); $stmt->execute(); $sql = 'INSERT INTO finance_account_allocations (identifier, account) values (:paymentType, :account)'; $stmt = DatabaseFactory::getInstance()->prepare($sql); foreach ($this->allocatedPaymentTypes as $account) { $stmt->bindValue(':paymentType', $account['paymentType']); $stmt->bindValue(':account', $this->getElementValue($account['paymentType'])); $stmt->execute(); } }
function setUserInSeat($eventId, $seatId, $userId = null) { if (empty($userId)) { $userId = Session::getUser()->getId(); } logActivity('_u_' . ' selected seat ' . $seatId . ' for event _e_', null, array('user' => $userId, 'event' => $eventId)); $sql = 'INSERT INTO seatingplan_seat_selections (seat, event, user) VALUES (:seat, :event, :user1) ON DUPLICATE KEY UPDATE user = :user2'; $stmt = DatabaseFactory::getInstance()->prepare($sql); $stmt->bindValue(':seat', $seatId); $stmt->bindValue(':event', $eventId); $stmt->bindValue(':user1', $userId); $stmt->bindValue(':user2', $userId); $stmt->execute(); }
public function commit() { $sql = 'UPDATE ' . $this->table . ' SET '; $updates = array(); foreach ($this->cache as $field => $value) { $updates[] = ' ' . $field . ' = :' . $field . 'Value '; } $sql .= implode($updates, ','); $sql .= ', id = id WHERE id = :id'; $stmt = DatabaseFactory::getInstance()->prepare($sql); foreach ($this->cache as $field => $value) { $stmt->bindValue($field . 'Value', $value); } $stmt->bindValue(':id', $this->id); $stmt->execute(); }
public function getSetting($key) { if (empty($this->settings)) { $sql = 'SELECT * FROM `settings`'; $stmt = DatabaseFactory::getInstance()->prepare($sql); $stmt->execute(); foreach ($stmt->fetchAll() as $setting) { $this->settings[$setting['key']] = $setting['value']; } } if (isset($this->settings[$key])) { return $this->settings[$key]; } else { throw new Exception('Tried to access game setting "' . $key . '", which does not exist.'); } }
private function removeEventsAlreadySignedupFor($events) { $sql = 'SELECT s.event, s.status FROM signups s WHERE s.user = :user AND s.status != "SIGNEDUP" '; $stmt = DatabaseFactory::getInstance()->prepare($sql); $stmt->bindValue(':user', Session::getUser()->getId()); $stmt->execute(); $eventIds = array(); foreach ($stmt->fetchAll() as $event) { $eventIds[] = $event['event']; } foreach ($events as $key => $event) { if (in_array($event['id'], $eventIds)) { unset($events[$key]); } } return $events; }
public function process() { foreach ($this->parseEmails() as $email) { $sql = 'SELECT u.id, u.email, u.username FROM users u WHERE u.email = :email LIMIT 1'; $stmt = DatabaseFactory::getInstance()->prepare($sql); $stmt->bindValue(':email', $email); $stmt->execute(); $user = $stmt->fetchRow(); if (!empty($user)) { echo 'Flagged email ' . $user['email'] . ' that belongs to ' . $user['username'] . '<br />'; $sql = 'UPDATE users u SET u.emailFlagged = 1 WHERE u.id = :uid'; $stmt = DatabaseFactory::getInstance()->prepare($sql); $stmt->bindValue(':uid', $user['id']); $stmt->execute(); } } echo '<a href = "account.php">return to account</a>'; }
public function process() { $filename = uniqid() . '.png'; $this->getElement('file')->destinationFilename = 'full/' . $filename; $this->getElement('file')->savePng(); $this->getElement('file')->resize(100, 100); $this->getElement('file')->destinationFilename = 'thumb/' . $filename; $this->getElement('file')->savePng(); $gal = intval(str_replace('gallery', null, $this->getElementValue('dir'))); if ($gal != null) { $sql = 'INSERT INTO images (filename, gallery, caption, published, user_uploaded) values (:filename, :gallery, :caption, 0, :user)'; $stmt = DatabaseFactory::getInstance()->prepare($sql); $stmt->bindValue(':filename', $filename); $stmt->bindValue(':gallery', $gal); $stmt->bindValue(':caption', 'Uploaded by: ' . Session::getUser()->getUsername()); $stmt->bindValue(':user', Session::getUser()->getId()); $stmt->execute(); } logActivity(Session::getUser()->getUsername() . ' uploaded image ' . $filename . ' to gallery: ' . $this->getElement('file')->destinationDir); redirect('account.php', 'Image has been uploaded, thanks!'); }
<?php require_once 'includes/common.php'; require_once 'libAllure/FormHandler.php'; use libAllure\FormHandler; use libAllure\DatabaseFactory; $sql = 'SELECT v.id FROM venues v'; $venuesCount = count(DatabaseFactory::getInstance()->query($sql)->fetchAll()); if ($venuesCount == 0) { redirect('account.php', 'There are 0 venues. Create a venue first.'); } $h = new FormHandler('FormEventCreate'); $f = new FormEventCreate(); if ($f->validate()) { $f->process(); redirect('listEvents.php', 'Event created'); } require_once 'includes/widgets/header.php'; require_once 'includes/widgets/sidebar.php'; $tpl->displayForm($f); require_once 'includes/widgets/footer.php';
<link rel = stylesheet href = includes/widgets/style.css> <title>Do activity.</title> </head> <body class = "noBgImage"> <?php $activity = $_GET['activity']; $stmt = DatabaseFactory::getInstance()->prepare("SELECT * FROM activitys WHERE name = '" . $activity . "' LIMIT 1"); $stmt->execute(); foreach ($stmt->fetchAll() as $row) { echo "<strong>"; echo $row['name']; echo "</strong><hr>"; if (isset($_GET['action'])) { $sql = "UPDATE `users` SET `gold` = (`gold` + " . $row['gold'] . "), `usedturns` = (`usedturns` + " . $row['turns'] . ") WHERE `username` = '" . $userdata['username'] . "' LIMIT 1"; $result2 = DatabaseFactory::getInstance()->prepare($sql); if ($result2) { echo "Thanks for doing the " . $row['name'] . "."; } else { message(TYPE_ERROR_SQL, "Cannot update user table."); } } else { $turns = get_turns($_SESSION['username']); $turns = $turns['turns']; if ($turns >= $row['turns']) { echo "This will take " . $row['turns'] . " turns, you will earn " . $row['gold'] . " gold."; echo "<br /><br /><div align = right><form><input type = hidden name = activity value = '" . $activity . "'><input type = submit name = action value = 'do it'></form></div>"; } else { echo "You dont have enough turns avalible to do this!"; } }
public static function getByGalleryId($id) { $sql = 'SELECT e.id FROM events e WHERE e.gallery = :galleryId'; $stmt = DatabaseFactory::getInstance()->prepare($sql); $stmt->bindValue(':galleryId', $id); $stmt->execute(); $event = $stmt->fetchRowNotNull(); return self::getById($event['id']); }
function getSingleUserSignupsWithStatuses($statuses, $user = null) { if ($user == null) { $user = Session::getUser()->getId(); } array_walk($statuses, array(DatabaseFactory::getInstance(), 'quote')); array_walk($statuses, 'addQuotes'); $statusString = implode(", ", $statuses); $sql = 'SELECT s.id, e.id AS eventId, e.name, s.status FROM signups s LEFT JOIN events e ON s.event = e.id WHERE s.user = :user AND s.status IN (' . $statusString . ')'; $stmt = DatabaseFactory::getInstance()->prepare($sql); $stmt->bindValue(':user', $user); $stmt->execute(); return $stmt->fetchAll(); }
function db_query($sql) { $stmt = \libAllure\DatabaseFactory::getInstance()->prepare($sql); $stmt->execute(); if (strpos("SELECT", $sql) !== FALSE) { return $stmt->fetchAll(); } }
if (!is_numeric($_GET['gold'])) { $title = "Add shop item"; require_once "includes/widgets/header.php"; message(TYPE_ERROR, "Invalid gold field."); } if (!is_numeric($_GET['turns'])) { $title = "Add shop item"; require_once "includes/widgets/header.php"; message(TYPE_ERROR, "Invalid turns field."); } if ($_GET['type'] == "SLAVE") { $sql = "INSERT INTO `slaves` (`name`, `gold` ) VALUES ('" . $_GET['name'] . "', '" . $_GET['gold'] . "')"; } else { $sql = "INSERT INTO `shop` (`type`, `name`, `gold`, `turns`, `description`) VALUES ('" . $_GET['type'] . "', '" . $_GET['name'] . "', '" . $_GET['gold'] . "', '" . $_GET['turns'] . "', '" . $_GET['type'] . "' )"; } $stmt = DatabaseFactory::getInstance()->prepare($sql); $stmt->execute(); $core->redirect('admin.php', "Item added successfully."); } $title = "Add shop item"; require_once "includes/widgets/header.php"; startBox($title, BOX_GREEN); ?> <form action = "adminShopAddItem.php"> <label>Type <select name = "type"> <option>BUSINESS</option> <option>SLAVE</option> <option>ACCESSORY</option> </select></label><br /><br /> <label>Name <input name = "name" /></label><br /><br />
set_include_path(get_include_path() . PATH_SEPARATOR . 'src/main/php/' . PATH_SEPARATOR . '/usr/share/php/' . PATH_SEPARATOR . 'vendor/jwread/lib-allure/src/main/php/'); date_default_timezone_set('Europe/London'); function __autoload($class) { $class = DIRECTORY_SEPARATOR . $class . '.php'; foreach (explode(PATH_SEPARATOR, get_include_path()) as $path) { if (file_exists($path . $class)) { require_once $path . $class; return; } } } require_once 'includes/functions.php'; require_once 'libAllure/Exceptions.php'; require_once 'libAllure/ErrorHandler.php'; require_once 'libAllure/Database.php'; require_once 'libAllure/Form.php'; require_once 'libAllure/Logger.php'; require_once 'libAllure/User.php'; require_once 'libAllure/Inflector.php'; require_once 'libAllure/Session.php'; require_once 'libAllure/AuthBackend.php'; require_once 'libAllure/AuthBackendDatabase.php'; require_once 'libAllure/HtmlLinksCollection.php'; require_once 'config.php'; \libAllure\ErrorHandler::getInstance()->beGreedy(); $db = new \libAllure\Database(CFG_DB_DSN, CFG_DB_USER, CFG_DB_PASS); \libAllure\DatabaseFactory::registerInstance($db); \libAllure\AuthBackend::setBackend(new \libAllure\AuthBackendDatabase()); \libAllure\Session::checkCredentials('SYSTEM', '');
<?php require_once 'includes/widgets/header.php'; use libAllure\DatabaseFactory; use libAllure\AuthBackend; use libAllure\HtmlLinksCollection; $db = DatabaseFactory::getInstance(); $sql = 'SELECT count(u.id) AS count FROM users u'; $stmt = $db->prepare($sql); $stmt->execute(); $countUsers = $stmt->fetchRow(); $countUsers = $countUsers['count']; $setupLinks = new HtmlLinksCollection(); if ($countUsers == 1 || isset($_REQUEST['recreate'])) { $sql = 'DELETE FROM users WHERE username = "******"'; $stmt = $db->prepare($sql)->execute(); $adminPassword = uniqid(); $sql = 'INSERT INTO users (username, password, `group`) VALUES (:username, :password, 1)'; $stmt = $db->prepare($sql); $stmt->bindValue(':username', 'admin'); $stmt->bindValue(':password', AuthBackend::getInstance()->hashPassword($adminPassword)); $stmt->execute(); $tpl->assign('message', 'User account created. Your username is <strong>admin</strong> and your password is <strong>' . $adminPassword . '</strong>'); $setupLinks->add('login.php', 'Login'); } else { $tpl->assign('message', 'Admin account already exists.'); $setupLinks->add('login.php', 'Login'); $setupLinks->add('?recreate', 'Recreate'); } $tpl->assign('links', $setupLinks); $tpl->display('notification.tpl');