Exemplos de executeSQL_Safe_U em PHP

Exemplo n.º 1

Arquivo: generateTimeSheet.php Projeto: SpencerBelleau/DOC_HardwareServiceRequestDatabase

<?php

require "../snippets/dbConn.php";
require "../snippets/SQLTools.php";
require "../snippets/utils.php";
session_start();
$com0 = "UPDATE DOC_Timestamps SET timeOut = :timeOut WHERE timestampId=:id";
executeSQL_Safe_U($com0, $dbConn, ":timeOut", date("Y-m-d H:i:s"), ":id", $_SESSION['sessionId']);
$com1 = "SELECT timestampId, timeIn, timeOut, finished, TIMESTAMPDIFF(HOUR, timeIn, timeOut) as hours, TIMESTAMPDIFF(MINUTE, timeIn, timeOut) as minutes, TIMESTAMPDIFF(SECOND, timeIn, timeOut) as seconds FROM DOC_Timestamps WHERE userId = :id ORDER BY timeIn DESC";
$ret = executeSQL_Safe($com1, $dbConn, ":id", $_SESSION['userID']);
foreach ($ret as $time) {
    drawTimeIO($time);
    echo "<br/>";
}

Exemplo n.º 2

Arquivo: setupAccount.php Projeto: SpencerBelleau/DOC_HardwareServiceRequestDatabase

</style>
</style>

<body style="background-color:#444444;font-family:Verdana">
<?php 
require "snippets/dbConn.php";
require "snippets/SQLTools.php";
require "snippets/utils.php";
session_start();
if (empty($_SESSION['username'])) {
    header("Location: Login.php");
}
if (isset($_POST['LoginForm'])) {
    if ($_POST['password'] == $_POST['password2'] && $_POST['password'] != "") {
        $com0 = "UPDATE DOC_Users SET firstName = :f, lastName = :l, password = :p, setup = 1 WHERE userId=:id";
        executeSQL_Safe_U($com0, $dbConn, ":f", $_POST['firstName'], ":l", $_POST['lastName'], ":p", sha1($_POST['password']), ":id", $_SESSION['userID']);
        header("Location: Logout.php");
    } else {
        echo "<h3 style='color:red;text-align:center'>Passwords Do Not Match</h3>";
    }
}
?>
	<table>
		<tr>
			<td style="text-align:center;color:white" colspan=2><h3>Set Up Your Account</h3></td>
		</tr>
		<form method="post" id="loginForm">
			<tr>
				<td style="width:150px;color:white;text-align:right">
					<b>First Name:  </b> 
				</td>

Exemplo n.º 3

Arquivo: Index.php Projeto: SpencerBelleau/DOC_HardwareServiceRequestDatabase

}
if (isset($_POST['submission'])) {
    if ($_POST['submission'] == "New") {
        echo "New submission made";
        $com2 = "INSERT INTO DOC_Hardware_Records (firstName, lastName, address, phoneNumber, email, computerModel, serviceRequested, extraParts, complete, creatorId) VALUES (:firstName, :lastName, :address, :phoneNumber, :email, :computerModel, :serviceRequested, :extraParts, 0, :creatorId)";
        executeSQL_Safe_U($com2, $dbConn, ":firstName", $_POST['firstName'], ":lastName", $_POST['lastName'], ":address", $_POST['address'], ":phoneNumber", $_POST['phoneNumber'], ":email", $_POST['email'], ":computerModel", $_POST['computerModel'], ":serviceRequested", $_POST['serviceRequested'], ":extraParts", $_POST['extraParts'], ":creatorId", $_SESSION['userID']);
    } else {
        if ($_POST['submission'] == "Complete") {
            //echo "Service ticket " . $_POST['serviceID'] . " updated.";
            $com2 = "UPDATE DOC_Hardware_Records SET complete=2, closeTime = :closeTime, closerId = :closerId WHERE serviceID=:id";
            executeSQL_Safe_U($com2, $dbConn, ":id", $_POST['serviceID'], ":closeTime", date("Y-m-d H:i:s"), ":closerId", $_SESSION['userID']);
        } else {
            if ($_POST['submission'] == "Open") {
                //echo "Service ticket " . $_POST['serviceID'] . " updated.";
                $com2 = "UPDATE DOC_Hardware_Records SET complete=1, openTime = :openTime, openerId = :openerId WHERE serviceID=:id";
                executeSQL_Safe_U($com2, $dbConn, ":id", $_POST['serviceID'], ":openTime", date("Y-m-d H:i:s"), ":openerId", $_SESSION['userID']);
            }
        }
    }
}
?>
<!DOCTYPE html>
<head>
	<!--External Style Sheet-->
	<link rel="stylesheet" type="text/css" href="MyStyles.css">
</head>
<style>
	h1, h2, h3{
		text-align:center;
	}
	table{

Exemplo n.º 4

Arquivo: updateServiceTicket.php Projeto: SpencerBelleau/DOC_HardwareServiceRequestDatabase

<?php

require "../snippets/dbConn.php";
require "../snippets/SQLTools.php";
require "../snippets/utils.php";
session_start();
$query = "SELECT complete FROM DOC_Hardware_Records WHERE serviceID = :serviceId ";
$ret = executeSQL_Safe($query, $dbConn, ":serviceId", $_GET["serviceId"]);
$newId = $ret[0]["complete"] + 1;
//echo $newId;
//echo $_SESSION['userID'];
//-----------------------------------------
if ($newId == 1) {
    $com2 = "UPDATE DOC_Hardware_Records SET complete=" . $newId . ", openTime = :openTime, openerId = :openerId, delegatedToId = :delegatedToId WHERE serviceID=:id";
    executeSQL_Safe_U($com2, $dbConn, ":id", $_GET["serviceId"], ":openTime", date("Y-m-d H:i:s"), ":openerId", $_SESSION['userID'], ":delegatedToId", $_GET['delegatedToId']);
} else {
    $com2 = "UPDATE DOC_Hardware_Records SET complete=2, serviceProvided=:service, closeTime = :closeTime, closerId = :closerId WHERE serviceID=:id";
    executeSQL_Safe_U($com2, $dbConn, ":id", $_GET["serviceId"], ":closeTime", date("Y-m-d H:i:s"), ":closerId", $_SESSION['userID'], ":service", $_GET["service"]);
}
echo "Service Ticket #" . $_GET["serviceId"] . " updated.";

Exemplo n.º 5

Arquivo: postToBBS.php Projeto: SpencerBelleau/DOC_HardwareServiceRequestDatabase

<?php

require "../snippets/dbConn.php";
require "../snippets/SQLTools.php";
require "../snippets/utils.php";
session_start();
$com1 = "INSERT INTO DOC_BBS (userId, message) VALUES (:userId, :message)";
executeSQL_Safe_U($com1, $dbConn, ":userId", $_SESSION['userID'], ":message", $_GET['message']);

Exemplo n.º 6

Arquivo: newTicket.php Projeto: SpencerBelleau/DOC_HardwareServiceRequestDatabase

<?php

require "../snippets/dbConn.php";
require "../snippets/SQLTools.php";
require "../snippets/utils.php";
session_start();
$com2 = "INSERT INTO DOC_Hardware_Records (firstName, lastName, address, phoneNumber, email, computerModel, serviceRequested, extraParts, complete, creatorId) VALUES (:firstName, :lastName, :address, :phoneNumber, :email, :computerModel, :serviceRequested, :extraParts, 0, :creatorId)";
executeSQL_Safe_U($com2, $dbConn, ":firstName", $_GET['firstName'], ":lastName", $_GET['lastName'], ":address", $_GET['address'], ":phoneNumber", $_GET['phoneNumber'], ":email", $_GET['email'], ":computerModel", $_GET['computerModel'], ":serviceRequested", $_GET['serviceRequested'], ":extraParts", $_GET['extraParts'], ":creatorId", $_SESSION['userID']);
echo "<strong>New Ticket Submitted</strong>";

Exemplo n.º 7

Arquivo: Login.php Projeto: SpencerBelleau/DOC_HardwareServiceRequestDatabase

                            /*if($_POST['interface'] == "complete")
                            		{
                            			//header("Location: ../Mockups/mockup.php");
                            		}
                            		else if($_POST['interface'] == "work")
                            		{
                            			//header("Location: ../Mockups/workInterface.php");
                            		}
                            		else
                            		{
                            			//header("Location: ../Mockups/delegationInterface.php");
                            		}*/
                        }
                    } else {
                        $com2 = "INSERT INTO DOC_Timestamps (userId) VALUES (:id)";
                        executeSQL_Safe_U($com2, $dbConn, ":id", $_SESSION['userID']);
                        $com3 = "SELECT MAX(timestampId) as timeId FROM DOC_Timestamps WHERE userId = :id";
                        $ret = executeSQL_Safe($com3, $dbConn, ":id", $_SESSION['userID']);
                        $_SESSION['sessionId'] = $ret[0]['timeId'];
                        header(proceed($_POST));
                        //header("Location: ../Mockups/mockup.php");
                    }
                }
                //Make a new timestamp
            }
        }
    }
}
function proceed($_POST)
{
    if ($_POST['interface'] == "complete") {