$pdoquery = $dbconn->prepare($theq);
$pdoquery->execute(array(':checknumber' => clean_user_input($_POST['checkno' . $value]), ':receivedby' => $_SESSION["userid"], ':invoiceid' => $value));
} catch (PDOException $e) {
logit($logname, ' **ERROR** on line ' . __LINE__ . ' with query - ' . $theq . ' ' . $e->getMessage());
$results->errortext = $e->getMessage();
$cancontinue = FALSE;
}
}
}
unset($_SESSION['invoices']);
logit($logname, 'GETting back to recordpayment');
header('Location: recordpayment.php');
exit;
} else {
// get invoices
$dbconnw = PDOconnect('nakaweb', $_SESSION["clientdefaults"]["host"], $logname);
$theq = " select fullname,invoiceid,invoicedate,paymentreceived,login,invoiceamount,";
$theq .= " case when login is null then ";
$theq .= ' \'<input type="text" name="checkno\'||invoiceid::text||\'">\'';
$theq .= " else checknumber end as checknumber";
$theq .= " from invoices i";
$theq .= " join client c on i.schoolid=c.clientid";
$theq .= " left join users u on u.userid=receivedby";
$theq .= " order by paymentreceived desc, invoicedate desc, invoiceamount desc";
try {
$pdoquery = $dbconnw->prepare($theq);
$pdoquery->setFetchMode(PDO::FETCH_OBJ);
$pdoquery->execute();
$invoices = $pdoquery->fetchAll();
unset($_SESSION['invoices']);
$i = 0;
try {
$theq = " delete from sysdef.system_defaults where sd_item=:key";
$pdoquery = $dbconn->prepare($theq);
$pdoquery->execute(array(":key" => $key));
$theq = " insert into sysdef.system_defaults (sd_value,sd_item)";
$theq .= " values (:value,:key)";
$pdoquery = $dbconn->prepare($theq);
$pdoquery->execute(array(":key" => $key, ":value" => $value));
} catch (PDOException $e) {
logit($logname, ' **ERROR** on line ' . __LINE__ . ' with query - ' . $theq . ' ' . $e->getMessage());
$results->errortext = $e->getMessage();
$cancontinue = FALSE;
}
}
// create a pg conection
$dbconn = PDOconnect($_SESSION["clientdefaults"]["dbname"], $_SESSION["clientdefaults"]["host"], $logname);
if (key_exists('schoolname', $_POST)) {
// was called by self so do update
logit($logname, 'updating school');
updatesysdef("School Name", $_POST["schoolname"], $dbconn, $logname);
updatesysdef("School Address", $_POST["schooladdress"], $dbconn, $logname);
updatesysdef("School Address2", $_POST["schooladdress2"], $dbconn, $logname);
updatesysdef("School City", $_POST["schoolcity"], $dbconn, $logname);
updatesysdef("School State", $_POST["schoolstate"], $dbconn, $logname);
updatesysdef("School Zip", $_POST["schoolzip"], $dbconn, $logname);
updatesysdef("School Phone", $_POST["schoolphone"], $dbconn, $logname);
logit($logname, 'going back to school');
header('Location: school.php');
exit;
}
//school info
$_SESSION["clientdefaults"]["fedidprefix"] = $client->fedidprefix;
}
if ($cancontinue) {
$cancontinue = GetTheHTMLs($_SESSION["userlanguage"], $_SESSION["clientdefaults"]["clientid"], $PDOconn, $logname);
}
if ($cancontinue) {
header('Location: school.php');
}
return $cancontinue;
}
/*
* if this program is called with GET params for tag and client (must have been
* self called) then, check that the user has rights to that (to prevent
* cheating) and put them in.
*/
$PDOconn = PDOconnect('nakaweb', $_SESSION["dbhost"], $logname);
if (key_exists('clientid', $_GET)) {
$theq = 'select * ';
$theq .= ' from clientuser ';
$theq .= ' where userid = :userid';
$theq .= ' and clientid = :clientid';
try {
$pdoquery = $PDOconn->prepare($theq);
$pdoquery->setFetchMode(PDO::FETCH_OBJ);
$pdoquery->execute(array(':userid' => $_SESSION["userid"], ':clientid' => $_GET["clientid"]));
$row = $pdoquery->fetch();
if ($pdoquery->rowCount() != 1) {
logit($logname, ' looks like the user is cheating! NOT letting them in!');
$cancontinue = FALSE;
echo 'CHEATER!!!';
exit;
function LoadTheHTML($thehtmlfile, $allrows, $logname, $mulitrow, $depth = 1, $changeoncol = '*')
{
/*
* funtion to do row-by-row replacements on html file. final result should be an
* html ready to display to the client.
*
* $thehtmlfile : name of the $_SESSION['html'] key that holds the html text
* $allrows : an array of arrays of objects. the first key must match the name of the html file that
* will use that particular data. objects, represetning all rows of the data make up the second key
* $depth : just for debugging info to tell you how many times the function has recursivly called itself
* $multirow : either 1 or x. tells the function that only one row of data is expected for the sake of
* doing replacements (there is then no need to repeat the html multiple times)
* $changeoncol : column that will dictate the changing of the row color. when this column changes
* from one row of data to the next, the color of the row will change too. '*'
* means the row color will change every time
*
* for testing purposes, leftover replacement fields are NOT removed.
*/
if ($depth > 100) {
//prevent infinte loops
exit;
}
$indent = substr(' ', 0, $depth);
logit($logname, $indent . 'Loading HTML: ' . $thehtmlfile);
$therow = '';
// initialze some vars
if (!key_exists($thehtmlfile, $_SESSION['html'])) {
logit($logname, $indent . ' **ERROR** the html is MISSING');
exit;
}
$thehtml = $_SESSION['html'][$thehtmlfile];
$rowtype = 'ReportDetailsEvenDataRow';
// check if there are html's inside this html
$i = 0;
while (strpos($thehtml, '%%%') != 0 and $i < 10) {
// get next html replacement
$nextpiece = substr($thehtml, strpos($thehtml, '%%%') + 3);
$nextpiece = substr($nextpiece, 0, strpos($nextpiece, '%%%'));
//fill var that indicates multi or single row replacements
$nextmulitrow = substr($thehtml, strpos($thehtml, '%%%') + 3, 1);
//extract the html name
$thehtmlname = substr($nextpiece, 2);
// get the color change col if present
if (strpos($thehtmlname, '|') > 1) {
$changeoncol = substr($thehtmlname, strpos($thehtmlname, '|') + 1);
//$changeoncol = substr($changeoncol,0,strlen($changeoncol)-3);
$thehtmlname = substr($thehtmlname, 0, strpos($thehtmlname, '|'));
} else {
$changeoncol = '*';
}
$newstuff = LoadTheHTML($thehtmlname, $allrows, $logname, $nextmulitrow, $depth + 1, $changeoncol);
$thehtml = str_replace('%%%' . $nextpiece . '%%%', $newstuff, $thehtml);
$i++;
}
//for each row of data in the query
$lastchangeonvalue = '~%~%~';
if ($mulitrow == 'x') {
foreach ($allrows[$thehtmlfile] as $row) {
$therow .= $thehtml;
//alternating row colors
if ($changeoncol == '*' or $row->{$changeoncol} != $lastchangeonvalue) {
if ($changeoncol != '*') {
$lastchangeonvalue = $row->{$changeoncol};
}
if ($rowtype != 'ReportDetailsEvenDataRow') {
$rowtype = 'ReportDetailsEvenDataRow';
} else {
$rowtype = 'ReportDetailsOddDataRow';
}
}
$therow = str_replace('%%rowtype%%', $rowtype, $therow);
// set tooltips if any
if (strpos($therow, '%%tooltip|') != 0) {
if (!isset($pdowebcntrl)) {
$pdowebcntrl = PDOconnect('wc2', $_SESSION["wc2host"], $logname);
}
while (strpos($therow, '%%tooltip|') != 0) {
$thecol = substr($therow, strpos($therow, '%%tooltip|') + 10);
$thecol = substr($thecol, 0, strpos($thecol, '%%'));
$thecolvalue = (array) $row;
$therow = str_replace('%%tooltip|' . $thecol . '%%', CreateToolTip($thehtmlfile, $thecol, $thecolvalue[$thecol], $_SESSION["userlanguage"], $pdowebcntrl, 'left', $logname), $therow);
}
}
//for each column of the row of data, replace the merge fields with the data form the query
foreach ($row as $key => $value) {
$therow = str_replace('%%data-' . $key . '%%', $value, $therow);
//echo $key.' ';
}
//echo '<br>';
}
} else {
if ($mulitrow == '1' or isset($allrows[$thehtmlfile][0])) {
// not a multi row
$therow .= $thehtml;
// set tooltips if any
if (strpos($therow, '%%tooltip|') != 0) {
if (!isset($pdowebcntrl)) {
$pdowebcntrl = PDOconnect('wc2', $_SESSION["wc2host"], $logname);
}
while (strpos($therow, '%%tooltip|') != 0) {
$thecol = substr($therow, strpos($therow, '%%tooltip|') + 10);
$thecol = substr($thecol, 0, strpos($thecol, '%%'));
//echo ' ' . $thecol;
$therow = str_replace('%%tooltip|' . $thecol . '%%', CreateToolTip($thehtmlfile, $thecol, '', $_SESSION["userlanguage"], $pdowebcntrl, 'left', $logname), $therow);
}
}
//for each column of the row of data (if there is any data), replace the merge fields with the data form the query
if (isset($allrows[$thehtmlfile][0])) {
//var_dump($allrows[$thehtmlfile][0]);
foreach ($allrows[$thehtmlfile][0] as $key => $value) {
$therow = str_replace('%%data-' . $key . '%%', $value, $therow);
}
}
}
}
// put menu in
if (isset($_SESSION['viewlevel'])) {
if ($_SESSION['viewlevel'] == 5) {
$therow = str_replace('%%vertmenu%%', $_SESSION['usermenu-account'], $therow);
} else {
$therow = str_replace('%%vertmenu%%', $_SESSION['usermenu-field'], $therow);
}
}
//localization replacements
// foreach ($_SESSION['local'] as $key => $value) {
//$therow = str_replace('%%local-' . $key . '%%', $value, $therow);
//logit($logname, $key);
//}
//clientdefault replacements
foreach ($_SESSION['clientdefaults'] as $key => $value) {
$therow = str_replace('%%clientdefaults-' . $key . '%%', $value, $therow);
//logit($logname, $key);
}
// other misc replacements (accountinfo, userinfo, languagebar)
foreach ($_SESSION as $key => $value) {
if (!is_array($value)) {
$therow = str_replace('%%' . $key . '%%', $value, $therow);
// echo $value.'<br>';
}
}
// erase any leftovers ONLY when running under production
if ($_SERVER['SERVER_NAME'] != 'localhost') {
$therow = preg_replace('/%%.+%%/', '', $therow);
}
return $therow;
}
/**
* subCount($name, $group)
*
* get submission count for a user name and group number
*
**/
function subCount($name, $group)
{
// connect to database server and return handle
$dbhandle = PDOconnect();
// set some common variables
$stmt = null;
$results = null;
// MySQL statement
$sql = "SELECT count(*) FROM leader_board WHERE grp = :grp1 AND " . "name = :name";
// prepare the statement and get statement object
$stmt = $dbhandle->prepare($sql);
// bind parameter to variable name for a statement object
$stmt->bindParam(":grp1", $group);
$stmt->bindParam(":name", $name);
// execute or catch the error
try {
// if execute successful fetch results as associative array
if ($stmt->execute() !== false) {
$results = $stmt->fetchAll(PDO::FETCH_ASSOC);
}
} catch (PDOException $error) {
// return the error message
return $error->getMessage();
}
// return contents of two dimensional array
return $results[0]['count(*)'];
}
<?php
date_default_timezone_set('America/Chicago');
//America/Chicago
echo date("l F j, Y @ g:i:s a T") . "<br>";
//print_r($_POST);
include '../include/helfun.php';
$dbhandle = PDOconnect();
// set some common variables
$stmt = null;
$results = null;
// MySQL statement
$sql = "select id, grp, name, min(total) as total, dload, tcheck, size, unload, " . "mem, typ from leader_board group by name order by total";
/**
[id] => 47
[grp] => 3
[name] => AlexGierczyk
[total] => 0.1982
[dload] => 0.0606
[tcheck] => 0.1209
[size] => 0
[unload] => 0.0176
[mem] => 7.09676
[typ] => Hash Table
**/
// prepare the statement and get statement object //
$stmt = $dbhandle->prepare($sql);
// bind parameter to variable name for a statement object
//$stmt->bindParam(":grp1", $group);
//$stmt->bindParam(":name", $name);
<?php
header("location: /");
exit;
include "../include/helfun.php";
$mySQL_Handle = PDOconnect();
$grp = 6;
$rows = getPut("rows", $grp);
$outFileHandle = fopen('../include/archive2014/rows_0.txt', 'w');
foreach ($rows as $row) {
$line = $row['name'] . "," . $row['total'] . "," . $row['dload'] . "," . $row['tcheck'] . "," . $row['size'] . "," . $row['unload'] . "," . $row['mem'] . "," . $row['typ'] . "\r\n";
fwrite($outFileHandle, $line);
}
echo "done";
