public function EliminarMarca($marca)
{
$mysqli = $this->mysqli;
$stmt = \mysqli_prepare($mysqli, "CALL ELIMINAR_MARCA(?)");
\mysqli_stmt_bind_param($stmt, 'i', $marca);
\mysqli_stmt_execute($stmt);
}
public function insertItems(Items $items)
{
$con = self::openConnection();
$affected = 0;
mysqli_begin_transaction($con);
$stm = mysqli_stmt_init($con);
$sql = "INSERT INTO product VALUES (?, ?, ?, ?, ?, ?, ?, ?)";
mysqli_stmt_prepare($stm, $sql);
foreach ($items->getItems() as $item) {
$code = $item->getCode();
$articul = $item->getArticul();
$name = $item->getName();
$bmuID = $item->getBasicMeasurementUnit() == null ? null : $item->getBasicMeasurementUnit()->getId();
$price = $item->getPrice();
$curID = $item->getCurrency() == null ? null : $item->getCurrency()->getId();
$muID = $item->getMeasurementUnit() == null ? null : $item->getMeasurementUnit()->getId();
$parent = $item->getParent() == null ? null : $item->getParent()->getCode();
mysqli_stmt_bind_param($stm, 'sssdddds', $code, $articul, $name, $bmuID, $price, $curID, $muID, $parent);
mysqli_stmt_execute($stm);
if (mysqli_affected_rows($con) == 1) {
$affected++;
}
}
if ($affected > 0) {
mysqli_commit($con);
} else {
mysqli_rollback($con);
}
return $affected;
}
function login()
{
include_once 'database_conn.php';
// check is form filled
if (isFormFilled()) {
// if not filled, stop
return;
}
$uid = sanitizeData($_POST['username']);
$pswd = sanitizeData($_POST['password']);
$columnLengthSql = "\n\t\t\tSELECT COLUMN_NAME, CHARACTER_MAXIMUM_LENGTH\n\t\t\tFROM INFORMATION_SCHEMA.COLUMNS\n\t\t\tWHERE TABLE_NAME = 'te_users'\n\t\t\tAND (column_name = 'username'\n\t\t\tOR column_name = 'passwd')";
$COLUMN_LENGTH = getColumnLength($conn, $columnLengthSql);
$isError = false;
$errMsg[] = validateStringLength($uid, $COLUMN_LENGTH['username']);
//uid
$errMsg[] = validateStringLength($pswd, $COLUMN_LENGTH['passwd']);
//pswd
for ($i = 0; $i < count($errMsg); $i++) {
if (!($errMsg[$i] === true)) {
echo "{$errMsg[$i]}";
$isError = true;
}
}
//if contain error, halt continue executing the code
if ($isError) {
return;
}
// check is uid exist
$checkUIDSql = "SELECT passwd, salt FROM te_users WHERE username = ?";
$stmt = mysqli_prepare($conn, $checkUIDSql);
mysqli_stmt_bind_param($stmt, "s", $uid);
mysqli_stmt_execute($stmt);
mysqli_stmt_store_result($stmt);
if (mysqli_stmt_num_rows($stmt) <= 0) {
echo "Sorry we don't seem to have that username.";
return;
}
mysqli_stmt_bind_result($stmt, $getHashpswd, $getSalt);
while (mysqli_stmt_fetch($stmt)) {
$hashPswd = $getHashpswd;
$salt = $getSalt;
}
// if exist, then get salt and db hashed password
// create hash based on password
// hash pswd using sha256 algorithm
// concat salt in db by uid
// hash using sha256 algorithm
$pswd = hash("sha256", $salt . hash("sha256", $pswd));
// check does it match with hased password from db
if (strcmp($pswd, $hashPswd) === 0) {
echo "Success login<br/>";
// add session
$_SESSION['logged-in'] = $uid;
// go to url
$url = $_SERVER['REQUEST_URI'];
header("Location: {$url}");
} else {
echo "Fail login<br/>";
}
}
function update_last_try($dbh, $config, $key)
{
$stmt = mysqli_prepare($dbh, "UPDATE " . $config['table_prefix'] . "keys SET last_try = NOW() WHERE `key` = ?");
mysqli_stmt_bind_param($stmt, "s", $key);
mysqli_stmt_execute($stmt);
mysqli_stmt_close($stmt);
}
public function insertItems(Items $items)
{
$con = self::openConnection();
$affected = 0;
mysqli_begin_transaction($con);
$stm = mysqli_stmt_init($con);
$sql = "INSERT INTO category VALUES (?, ?, ?)";
mysqli_stmt_prepare($stm, $sql);
foreach ($items->getItems() as $item) {
$code = $item->getCode();
$name = $item->getName();
$parent = $item->getParent() == null ? null : $item->getParent()->getCode();
mysqli_stmt_bind_param($stm, 'sss', $code, $name, $parent);
mysqli_stmt_execute($stm);
if (mysqli_affected_rows($con) == 1) {
$affected++;
}
}
if ($affected > 0) {
mysqli_commit($con);
} else {
mysqli_rollback($con);
}
return $affected;
}
function insertAgent($agtdata)
{
//SQL connection variables
$servername = "localhost";
$username = "******";
$password = "";
$dbname = "travelexperts";
//myslqi connection and prepared statement
$dbh = @mysqli_connect($servername, $username, $password) or die("Connect Error: " . mysqli_connect_error());
mysqli_select_db($dbh, $dbname);
$colnames = array_keys($agtdata);
$colnamestring = implode(", ", $colnames);
$sql = "insert into agents ({$colnamestring}) values (?, ?, ?, ?, ?, ?, ?, ?, ?)";
//number of ? needs to match the number of fields
$stmt = mysqli_prepare($dbh, $sql);
$values = array_values($agtdata);
mysqli_stmt_bind_param($stmt, "ssssssiss", $values[0], $values[1], $values[2], $values[3], $values[4], $values[5], $values[6], $values[7], $values[8]);
// the number of s or i (string or int or other) needs to match the number and type of fields
$result = mysqli_stmt_execute($stmt);
//print(mysqli_error($dbh));
//print("result=$result");
//print($sql);
mysqli_close($dbh);
//Return messages if successful or unsuccessful
if ($result) {
return "A new agent account was created successfully<br />";
} else {
return "Failed to create new agent account<br />";
}
}
function changeItem($elemID, $uniqueID, $changeTo)
{
// Connect to the MySQL database
$host = "fall-2015.cs.utexas.edu";
$user = "******";
$file = fopen("/u/pjobrien/password.txt", "r");
$line = fgets($file);
$pwd = trim($line);
fclose($file);
$dbs = "cs329e_pjobrien";
$port = "3306";
$connect = mysqli_connect($host, $user, $pwd, $dbs, $port);
if (empty($connect)) {
die("mysql_connect failed " . mysqli_connect_error());
}
$elemID = trim($elemID);
$uniqueID = trim($uniqueID);
$changeTo = trim($changeTo);
// get the item we want to change from the front end
$stmt = mysqli_prepare($connect, "UPDATE userInfo SET {$elemID} = ? WHERE username= ?");
mysqli_stmt_bind_param($stmt, 'ss', $changeTo, $uniqueID) or die("Failed: " . mysqli_error($connect));
mysqli_stmt_execute($stmt) or die("Failed: " . mysqli_error($connect));
mysqli_stmt_close($stmt);
// Close connection to the database
mysqli_close($connect);
return true;
}
function email()
{
global $link, $stmt;
if (defined("CRYPT_BLOWFISH") && CRYPT_BLOWFISH) {
$salt = '$2y$11$' . substr(md5(uniqid(rand(), true)), 0, 22);
$password = crypt($_POST['password'], $salt);
}
mysqli_stmt_bind_param($stmt, 'ss', $_POST['email'], $password);
mysqli_stmt_execute($stmt);
mysqli_stmt_close($stmt);
//to verify email
$hash = hash('md5', $_POST["email"]);
$stmt = mysqli_prepare($link, "INSERT INTO `verify_email`(`email`, `hash`) VALUES(?,'" . $hash . "')") or die(mysqli_error($link));
mysqli_stmt_bind_param($stmt, 's', $_POST['email']);
mysqli_stmt_execute($stmt);
mysqli_stmt_close($stmt);
mysqli_close($link);
$to = $_POST['email'];
$subject = 'Email varification';
$message = 'Please click this link to activate your account: http://woofwarrior.com//gallery/verify.php?email=' . $_POST['email'] . '&hash=' . $hash . ' ';
$headers = "From: activation@woofwarrior.com\r\n";
mail($to, $subject, $message, $headers);
//echo json_encode('signed up, verify email. Please click this link to activate your account: http://woofwarrior.com//gallery/htdocs/verify.php?email='.$_POST['email'].'&hash='.$hash);
echo json_encode('verify email');
}
function checkCredentials($username, $password)
{
$link = retrieve_mysqli();
//Test to see if their credentials are valid
$queryString = 'SELECT salt, hashed_password FROM user WHERE username = ?';
if ($stmt = mysqli_prepare($link, $queryString)) {
//Get the stored salt and hash as $dbSalt and $dbHash
mysqli_stmt_bind_param($stmt, "s", $username);
mysqli_stmt_execute($stmt);
mysqli_stmt_bind_result($stmt, $dbSalt, $dbHash);
mysqli_stmt_fetch($stmt);
mysqli_stmt_close($stmt);
// close prepared statement
mysqli_close($link);
/* close connection */
//Generate the local hash to compare against $dbHash
$localhash = generateHash($dbSalt . $password);
//Compare the local hash and the database hash to see if they're equal
if ($localhash == $dbHash) {
return true;
}
// password hashes matched, this is a valid user
}
return false;
// password hashes did not match or username didn't exist
}
function update_vote($image_id)
{
//get number of votes and update
global $link;
/*$result = mysqli_query($link, "SELECT `amount` FROM `votes_amount` WHERE `imageID`=".$image_id.";") or die(mysqli_error($link));
$amount = mysqli_fetch_assoc($result);
$new_amount = $amount['amount']+1;
mysqli_query($link, "UPDATE `votes_amount` SET `amount`=".$new_amount." WHERE `imageID`=".$image_id.";") or die(mysqli_error($link));*/
$stmt = mysqli_stmt_init($link);
mysqli_stmt_prepare($stmt, "SELECT `amount` FROM `votes_amount` WHERE `imageID`=?;") or die(mysqli_error($link));
mysqli_stmt_bind_param($stmt, 'i', $image_id);
mysqli_stmt_execute($stmt);
$result = mysqli_stmt_get_result($stmt);
mysqli_stmt_close($stmt);
$amount = mysqli_fetch_assoc($result);
$new_amount = $amount['amount'] + 1;
$stmt = mysqli_prepare($link, "UPDATE `votes_amount` SET `amount`=" . $new_amount . " WHERE `imageID`=?;") or die(mysqli_error($link));
mysqli_stmt_bind_param($stmt, 'i', $image_id);
mysqli_stmt_execute($stmt);
mysqli_stmt_close($stmt);
//return ajax data
if (isset($_SESSION['id']) && !isset($_POST['action']) && !isset($_POST['votePic'])) {
$data = array('new_amount' => $new_amount, 'imageID' => $image_id);
} elseif (isset($_POST['action']) && $_POST['action'] == 'anonymous_voting') {
//get another two images
$result = mysqli_query($link, "SELECT * FROM `image` ORDER BY RAND() LIMIT 2;") or die(mysqli_error($link));
$data = array();
while ($row = mysqli_fetch_assoc($result)) {
$data[] = $row;
}
}
mysqli_close($link);
return $data;
}
public function insertBook($bookName, $bookAuthor)
{
$stmt = mysqli_prepare($this->connection, 'INSERT INTO books(book_title) VALUES (?)');
mysqli_stmt_bind_param($stmt, 's', $bookName);
mysqli_stmt_execute($stmt);
$authorId = [];
$author = new Author();
$allAuthors = $author->selectAllAuthors();
foreach ($bookAuthor as $au) {
foreach ($allAuthors as $key => $value) {
if ($au == $value) {
$authorId[] = $key;
}
}
}
$books = $this->getBook();
$keyID = 0;
foreach ($books as $key => $title) {
if ($title == $bookName) {
$keyID = $key;
}
}
$stmt2 = mysqli_prepare($this->connection, 'INSERT INTO books_authors(book_id,author_id) VALUES (?,?)');
for ($i = 0; $i < count($authorId); $i++) {
mysqli_stmt_bind_param($stmt2, 'ii', $keyID, $authorId[$i]);
mysqli_stmt_execute($stmt2);
}
}
public function Get_Safe_Item($table, $field, $var_type, $field_like, $like = FALSE)
{
// Подготавливаем sql-строку и предварительный запрос
$sign = $like ? "LIKE" : "=";
$sql = "SELECT `{$field}` FROM `{$table}` WHERE `{$field}` {$sign} ?";
$statement = mysqli_prepare($this->db_connector, $sql);
// Связываем параметр с меткой и выполняем запрос
switch ($var_type) {
case "string":
$var = "s";
break;
case "integer":
$var = "i";
break;
case "double":
$var = "d";
break;
default:
$var = "b";
break;
}
$field_value = $like ? $field_like . "%" : $field_like;
mysqli_stmt_bind_param($statement, $var, $field_value);
mysqli_stmt_execute($statement);
// Связываем переменную со значением результата запроса и получаем значение результата
mysqli_stmt_bind_result($statement, $safe_value);
if (mysqli_stmt_fetch($statement)) {
return $safe_value;
} else {
return NULL;
}
}
public function save()
{
$Autor = $this->getAlgo('autor');
$blog_id = $this->getAlgo('blog_id');
$Texto = $this->getAlgo('texto');
$Fecha = $this->getAlgo('fecha');
$conn = conexion();
if ($conn->connect_error) {
echo "<h2>";
die("Connection failed: " . $conn->connect_error);
echo "</h2>";
} else {
$sentencia = $conn->stmt_init();
if (!$sentencia->prepare("INSERT INTO comentarios (autor, blog_id, texto, fecha) VALUES (?, ?, ?, ?)")) {
echo "Falló la preparación: (" . $conn->errno . ") " . $conn->error;
} else {
mysqli_stmt_bind_param($sentencia, "siss", $Autor, $blog_id, $Texto, $Fecha);
if (!$sentencia->execute()) {
$conn->close();
} else {
$conn->close();
}
}
}
}
public function EliminarTienda($tienda)
{
$mysqli = $this->mysqli;
$stmt = \mysqli_prepare($mysqli, "CALL ELIMINAR_TIENDA(?);");
\mysqli_stmt_bind_param($stmt, 'i', $tienda);
\mysqli_stmt_execute($stmt);
}
function getPageInfo($con, $city_page_id)
{
$result_array = array();
$query_case_list = "SELECT r.region_name_latin, cp.city_page_key, c.city_name_latin FROM `city` c, `city_page` cp, `region` r WHERE 1 AND cp.city_page_id = ? AND c.city_id = cp.city_id AND c.region_id = r.region_id";
if (!($stmt = mysqli_prepare($con, $query_case_list))) {
#echo "Prepare failed: (" . mysqli_connect_errno() . ") " . mysqli_connect_error()."<br>";
}
//set values
#echo "set value...";
$id = 1;
if (!mysqli_stmt_bind_param($stmt, "s", $city_page_id)) {
#echo "Binding parameters failed: (" . mysqli_connect_errno() . ") " . mysqli_connect_error()."<br>";
}
#echo "execute...";
if (!mysqli_stmt_execute($stmt)) {
#echo "Execution failed: (" . mysqli_connect_errno() . ") " . mysqli_connect_error()."<br>";
}
/* instead of bind_result: */
#echo "get result...";
if (!mysqli_stmt_bind_result($stmt, $region_name_latin, $city_page_key, $city_name_latin)) {
#echo "Getting results failed: (" . mysqli_connect_errno() . ") " . mysqli_connect_error()."<br>";
}
if (mysqli_stmt_fetch($stmt)) {
$result_array = array("region_name_latin" => $region_name_latin, "city_page_key" => $city_page_key, "city_name_latin" => $city_name_latin);
} else {
#echo "Fetching results failed: (" . mysqli_connect_errno() . ") " . mysqli_connect_error()."<br>";
print_r(error_get_last());
}
mysqli_stmt_close($stmt);
return $result_array;
}
public function EliminarRedSocial($id)
{
$mysqli = $this->mysqli;
$stmt = \mysqli_prepare($mysqli, "CALL ELIMINAR_RS(?)");
\mysqli_stmt_bind_param($stmt, 'i', $id);
\mysqli_stmt_execute($stmt);
\mysqli_stmt_close($stmt);
}
public function EliminarImagen($imagen)
{
$mysqli = $this->mysqli;
$stmt = \mysqli_prepare($mysqli, "CALL ELIMINAR_IMG(?);");
\mysqli_stmt_bind_param($stmt, 'i', $imagen);
\mysqli_stmt_execute($stmt);
\mysqli_stmt_close($stmt);
}
public function Get_Safe_Rows($table, $field, $var_type, $field_like, $like = FALSE, $sql_end = "")
{
// Подготавливаем безопасный запрос в базу данных MyISAM и старых версий MySQL
/*
$field_value = mysqli_real_escape_string($this->db_connector, $field_like);
if ($field_value != $field_like) { return FALSE; }
$sign = ($like) ? "LIKE" : "=";
$field_value = ($like) ? $field_value."%" : $field_value;
$sql = "SELECT `id` FROM `$table` WHERE `$field` $sign '$field_value'";
if ($sql_end != "") {
$sql .= " AND ".$sql_end;
}
$temp_arr = $this->GetMultiItemsBySql($sql, array("id"));
$temp_num = count($temp_arr);
for ($i=0; $i<$temp_num; $i++) {
$arr_of_ids[$i] = $temp_arr[$i]["id"];
}
return $arr_of_ids;
*/
// Подготавливаем sql-строку и предварительный запрос в базу данных InnoDB и современных версий MySQL
$sign = $like ? "LIKE" : "=";
$sql = "SELECT `id` FROM `{$table}` WHERE `{$field}` {$sign} ?";
if ($sql_end != "") {
$sql .= " AND " . $sql_end;
}
$statement = mysqli_prepare($this->db_connector, $sql);
// Связываем параметр с меткой и выполняем запрос
switch ($var_type) {
case $var_type == "string" || $var_type == "str" || $var_type == "s":
$var = "s";
break;
case $var_type == "integer" || $var_type == "int" || $var_type == "i":
$var = "i";
break;
case $var_type == "double" || $var_type == "float" || $var_type == "d" || $var_type == "f":
$var = "d";
break;
default:
$var = "b";
break;
}
$field_value = $like ? "%" . $field_like . "%" : $field_like;
mysqli_stmt_bind_param($statement, $var, $field_value);
mysqli_stmt_execute($statement);
// Связываем переменную со значением результата запроса и получаем значение результата
mysqli_stmt_bind_result($statement, $id);
$arr_of_ids = array();
if (mysqli_stmt_fetch($statement)) {
$arr_of_ids[] = $id;
}
if (!empty($arr_of_ids)) {
return $arr_of_ids;
} else {
return NULL;
}
}
/**
* @param $name
* @return mixed
*/
public function checkRepeatName($name)
{
$stmt = mysqli_prepare($this->connection, 'SELECT author_name FROM authors WHERE author_name =?');
mysqli_stmt_bind_param($stmt, 's', $name);
mysqli_stmt_execute($stmt);
mysqli_stmt_bind_result($stmt, $hasAuthor);
mysqli_stmt_fetch($stmt);
return $hasAuthor;
}
function bind_twice($link, $engine, $sql_type1, $sql_type2, $bind_type1, $bind_type2, $bind_value1, $bind_value2, $offset)
{
if (!mysqli_query($link, "DROP TABLE IF EXISTS test_mysqli_stmt_bind_param_type_juggling_table_1")) {
printf("[%03d + 1] [%d] %s\n", $offset, mysqli_errno($link), mysqli_error($link));
return false;
}
mysqli_autocommit($link, true);
$sql = sprintf("CREATE TABLE test_mysqli_stmt_bind_param_type_juggling_table_1(col1 %s, col2 %s) ENGINE=%s", $sql_type1, $sql_type2, $engine);
if (!mysqli_query($link, $sql)) {
printf("[%03d + 2] [%d] %s\n", $offset, mysqli_errno($link), mysqli_error($link));
return false;
}
if (!($stmt = mysqli_stmt_init($link))) {
printf("[%03d + 3] [%d] %s\n", $offset, mysqli_errno($link), mysqli_error($link));
return false;
}
if (!mysqli_stmt_prepare($stmt, "INSERT INTO test_mysqli_stmt_bind_param_type_juggling_table_1(col1, col2) VALUES (?, ?)")) {
printf("[%03d + 4] [%d] %s\n", $offset, mysqli_stmt_errno($stmt), mysqli_stmt_error($stmt));
return false;
}
if (!mysqli_stmt_bind_param($stmt, $bind_type1 . $bind_type2, $bind_value1, $bind_value1)) {
printf("[%03d + 5] [%d] %s\n", $offset, mysqli_stmt_errno($stmt), mysqli_stmt_error($stmt));
return false;
}
if (!mysqli_stmt_execute($stmt)) {
printf("[%03d + 6] [%d] %s\n", $offset, mysqli_stmt_errno($stmt), mysqli_stmt_error($stmt));
return false;
}
if (!mysqli_stmt_bind_param($stmt, $bind_type1 . $bind_type2, $bind_value1, $bind_value2)) {
printf("[%03d + 7] [%d] %s\n", $offset, mysqli_stmt_errno($stmt), mysqli_stmt_error($stmt));
return false;
}
if (!mysqli_stmt_execute($stmt)) {
printf("[%03d + 8] [%d] %s\n", $offset, mysqli_stmt_errno($stmt), mysqli_stmt_error($stmt));
return false;
}
mysqli_stmt_close($stmt);
if (!($res = mysqli_query($link, "SELECT col1, col2 FROM test_mysqli_stmt_bind_param_type_juggling_table_1"))) {
printf("[%03d + 9] [%d] %s\n", $offset, mysqli_errno($link), mysqli_error($link));
return false;
}
if (2 !== ($tmp = mysqli_num_rows($res))) {
printf("[%03d + 10] Expecting 2 rows, got %d rows [%d] %s\n", $offset, $tmp, mysqli_errno($link), mysqli_error($link));
}
$row = mysqli_fetch_assoc($res);
if ($row['col1'] != $bind_value1 || $row['col2'] != $bind_value1) {
printf("[%03d + 11] Expecting col1 = %s, col2 = %s got col1 = %s, col2 = %s - [%d] %s\n", $offset, $bind_value1, $bind_value1, $row['col1'], $row['col2'], mysqli_errno($link), mysqli_error($link));
return false;
}
$row = mysqli_fetch_assoc($res);
if ($row['col1'] != $bind_value1 || $row['col2'] != $bind_value2) {
printf("[%03d + 12] Expecting col1 = %s, col2 = %s got col1 = %s, col2 = %s - [%d] %s\n", $offset, $bind_value1, $bind_value2, $row['col1'], $row['col2'], mysqli_errno($link), mysqli_error($link));
return false;
}
mysqli_free_result($res);
return true;
}
function perform_query($q, $bind, $bind_types)
{
$res = mysqli_prepare($con, $q);
if (count($bind) > 0) {
mysqli_stmt_bind_param($res, $bind_types, $bind);
}
mysqli_stmt_execute($res);
return fetch_records($res);
}
public function updateverify_sql($code)
{
$sql = "UPDATE `" . $this->table . "` SET " . $this->column5 . "= 'yes' WHERE " . $this->column4 . "=?";
$stmt = mysqli_prepare($this->con, $sql);
mysqli_stmt_bind_param($stmt, "s", $code);
$this->querystate = mysqli_stmt_execute($stmt);
$returner = array("sqldata" => "none", "querychecker" => $this->querystate);
return $returner;
}
function mysqli_query_insert($type, $len, $runs, $host, $user, $passwd, $db, $port, $socket)
{
$errors = $times = array();
foreach ($runs as $k => $run) {
$times['INSERT ' . $type . ' ' . $run . 'x = #rows overall'] = microtime(true);
do {
if (!($link = @mysqli_connect($host, $user, $passwd, $db, $port, $socket))) {
$errors[] = sprintf("INSERT %s %dx = #rows connect failure (original code = %s)", $type, $run, $flag_original_code ? 'yes' : 'no');
break 2;
}
if (!mysqli_query($link, "DROP TABLE IF EXISTS test")) {
$errors[] = sprintf("INSERT %s %dx = #rows drop table failure (original code = %s): [%d] %s", $type, $run, $flag_original_code ? 'yes' : 'no', mysqli_errno($link), mysqli_error($link));
break 2;
}
if (!mysqli_query($link, sprintf("CREATE TABLE test(id INT NOT NULL AUTO_INCREMENT PRIMARY KEY, label %s)", $type))) {
$errors[] = sprintf("INSERT %s %dx = #rows create table failure (original code = %s): [%d] %s", $type, $run, $flag_original_code ? 'yes' : 'no', mysqli_errno($link), mysqli_error($link));
break 2;
}
$label = '';
for ($i = 0; $i < $len; $i++) {
$label .= chr(mt_rand(65, 90));
}
$start = microtime(true);
if (!($stmt = mysqli_stmt_init($link))) {
$error[] = sprintf("INSERT %s %dx = #rows mysqli_stmt_init() failed (original code = %s): [%d] %s", $type, $run, $flag_original_code ? 'yes' : 'no', mysqli_errno($link), mysqli_error($link));
break 2;
}
$ret = mysqli_stmt_prepare($stmt, "INSERT INTO test(id, label) VALUES (?, ?)");
$times['INSERT ' . $type . ' ' . $run . 'x = #rows stmt_init() + stmt_prepare()'] += microtime(true) - $start;
if (!$ret) {
$error[] = sprintf("INSERT %s %dx = #rows mysqli_stmt_init() failed (original code = %s): [%d] %s", $type, $run, $flag_original_code ? 'yes' : 'no', mysqli_errno($link), mysqli_error($link));
break 2;
}
$start = microtime(true);
$ret = mysqli_stmt_bind_param($stmt, 'is', $i, $label);
$times['INSERT ' . $type . ' ' . $run . 'x = #rows stmt_bind_param()'] += microtime(true) - $start;
if (!$ret) {
$error[] = sprintf("INSERT %s %dx = #rows mysqli_stmt_bind_param failed (original code = %s): [%d] %s", $type, $run, $flag_original_code ? 'yes' : 'no', mysqli_errno($link), mysqli_error($link));
break 2;
}
for ($i = 1; $i <= $run; $i++) {
$start = microtime(true);
$ret = mysqli_stmt_execute($stmt);
$times['INSERT ' . $type . ' ' . $run . 'x = #rows stmt_execute()'] += microtime(true) - $start;
if (!$ret) {
$errors[] = sprintf("INSERT %s %dx = #rows stmt_execute failure (original code = %s): [%d] %s", $type, $run, $flag_original_code ? 'yes' : 'no', mysqli_errno($link), mysqli_error($link));
break 3;
}
}
mysqli_stmt_close($stmt);
mysqli_close($link);
} while (false);
$times['INSERT ' . $type . ' ' . $run . 'x = #rows overall'] = microtime(true) - $times['INSERT ' . $type . ' ' . $run . 'x = #rows overall'];
}
return array($errors, $times);
}
function insertLogingegevens($PersoonID, $Gebruikersnaam, $Wachtwoord)
{
$link = connect();
$stmt = mysqli_prepare($link, "INSERT INTO Logingegevens(PersoonID, Gebruikersnaam, Wachtwoord) VALUES(?, ?, ?);");
mysqli_stmt_bind_param($stmt, "iss", $PersoonID, $Gebruikersnaam, $Wachtwoord);
mysqli_stmt_execute($stmt);
mysqli_stmt_free_result($stmt);
mysqli_stmt_close($stmt);
mysqli_close($link);
}
function add_one($data_add)
{
$query = "INSERT INTO `{$this->_table}` SET `author` = ?";
$stmt = mysqli_prepare($this->_c, $query);
if ($stmt) {
mysqli_stmt_bind_param($stmt, 's', $data_add);
mysqli_stmt_execute($stmt);
}
return printf("Rows inserted: %d\n", mysqli_stmt_affected_rows($stmt));
}
function queueNotify($type, $data)
{
$connection = mappedConnection('queue');
$sql = 'INSERT INTO queue (event) VALUES (?);';
$statement = mysqli_prepare($connection, $sql);
$value = serialize(['type' => $type, 'data' => $data]);
mysqli_stmt_bind_param($statement, 's', $value);
mysqli_stmt_execute($statement);
mysqli_stmt_free_result($statement);
}
function model_delete($id)
{
global $link;
$query = 'DELETE FROM kleemets_kaubad WHERE Id=? LIMIT 1';
$stmt = mysqli_prepare($link, $query);
mysqli_stmt_bind_param($stmt, 'i', $id);
mysqli_stmt_execute($stmt);
$deleted = mysqli_stmt_affected_rows($stmt);
mysqli_stmt_close($stmt);
return $deleted;
}
function getPageInfoByNewsPoster($con, $page_id)
{
$result_array = array();
$query_case_list = "SELECT key_value_latin, key_value FROM page WHERE page_id = ?";
if (!($stmt = mysqli_prepare($con, $query_case_list))) {
#echo "Prepare failed: (" . mysqli_connect_errno() . ") " . mysqli_connect_error()."<br>";
}
//set values
#echo "set value...";
$id = 1;
if (!mysqli_stmt_bind_param($stmt, "s", $page_id)) {
#echo "Binding parameters failed: (" . mysqli_connect_errno() . ") " . mysqli_connect_error()."<br>";
}
#echo "execute...";
if (!mysqli_stmt_execute($stmt)) {
#echo "Execution failed: (" . mysqli_connect_errno() . ") " . mysqli_connect_error()."<br>";
}
/* instead of bind_result: */
#echo "get result...";
if (!mysqli_stmt_bind_result($stmt, $key_value_latin, $key_value)) {
#echo "Getting results failed: (" . mysqli_connect_errno() . ") " . mysqli_connect_error()."<br>";
}
if (mysqli_stmt_fetch($stmt)) {
$result_array = array("key_value_latin" => $key_value_latin, "key_value" => $key_value);
} else {
#echo "Fetching results failed: (" . mysqli_connect_errno() . ") " . mysqli_connect_error()."<br>";
print_r(error_get_last());
}
mysqli_stmt_close($stmt);
return $result_array;
}
function getRequests($senterId, $receiverId)
{
global $db;
$query = 'SELECT
transactions.uid,
transactions.bcid,
transactions.state,
transactions.time,
bcopies.bcid
FROM
transactions CROSS
JOIN bcopies ON bcopies.bcid = transactions.bcid
WHERE
transactions.uid = ? AND
bcopies.uid = ? AND
transactions.state = "request"
ORDER BY
transactions.time DESC
';
$stmt = mysqli_prepare($db, $query);
mysqli_stmt_bind_param($stmt, 'ii', $senterId, $receiverId);
mysqli_stmt_execute($stmt);
mysqli_stmt_store_result($stmt);
mysqli_stmt_bind_result($stmt, $uid, $bcid, $state, $time, $bcid);
$requests = [];
while (mysqli_stmt_fetch($stmt)) {
$request['uid'] = $uid;
$request['bcid'] = $bcid;
$request['state'] = $state;
$request['time'] = $time;
$request['bcid'] = $bcid;
$requests[] = $request;
}
return $requests;
}
function logi_sisse()
{
if (isset($_POST['username'], $_POST['password'])) {
global $link;
$username = $_POST['username'];
$password = $_POST['password'];
$stmt = mysqli_prepare($link, "SELECT kasutajanimi, parool, kasutaja_id FROM mario_kasutajad WHERE kasutajanimi = ? AND parool = SHA1(?)");
$bind = mysqli_stmt_bind_param($stmt, "ss", $username, $password);
$exce = mysqli_stmt_execute($stmt);
//true v false
$bind_r = mysqli_stmt_bind_result($stmt, $r['kasutajanimi'], $r['parool'], $r['kasutaja_id']);
var_dump(mysqli_stmt_fetch($stmt));
if ($exce) {
session_start();
session_regenerate_id();
$_SESSION['kasutaja1'] = $r['kasutajanimi'];
$_SESSION['kasutaja'] = $r['kasutaja_id'];
$nimi = $r['kasutajanimi'];
header('Location: Toad.php');
exit;
} else {
echo "Vale kasutajanimi või parool!";
}
mysqli_close($link);
}
}
