public function add($arrayValue, $tbName, $dbName = NULL) { if ($dbName) { selectDB($dbName); } // foreach($arrayValue as $k=>$v){ // $key =$k.','; // } // $sql = "insert into ".$tbName; }
$return_data = array('status' => 0); foreach ($fields as $field) { if ($field === 'content') { $val = addslashes(trim($_POST[$field])); } else { $val = secure_data($_POST[$field]); } if (in_array($field, $required_fields) && $val === '') { $error = 1; $message .= $message !== '' ? '<br>Please fill up all data' : 'Please fill up all data'; break; } $insert_data[$field] = $val; } if ($error == 0) { $parent = $insert_data['parent']; $course_id = selectDB(" WHERE id='{$parent}'", 'course_sections', 'course_id'); $insert_data['created_at'] = date('Y-m-d H:i:s', time()); $insert_data['type'] = 2; $insert_data['course_id'] = $course_id; insertDB($insert_data, 'course_sections'); $_SESSION['msg_selector'] = 'success'; $_SESSION['msg_message'] = 'step added succesfully.'; $return_data['cid'] = $course_id; $return_data['status'] = 1; $return_data['message'] = 'step added successfully.'; } else { $return_data['message'] = $message; } echo json_encode($return_data); exit;
function create_user($pNumber, $pPassword) { $response = ""; if (isset($pNumber) && isset($pPassword)) { $number = $pNumber; $ClientPassword = $pPassword; } else { return $response; } // Connect to DB $connection = initializeConnectionToDB(); $db = selectDB(); $selected = mysql_select_db($db, $connection) or die("Could not select Database"); // Check if user already exists $result = mysql_query('SELECT mobileNumber FROM users WHERE mobileNumber ="' . $number . '";') or die("There was an error running the query to look for existing temp registration!<br>"); if (mysql_num_rows($result) != 0) { die("User with number: " . $number . " already exist"); } // Create User $result = mysql_query("INSERT INTO users (mobileNumber,password) VALUES ('" . $number . "','" . $ClientPassword . "')") or die("There was an error running the query in create_user()!<br>"); //Get user id of newly created user if (mysql_affected_rows() != 0) { $result = mysql_query('SELECT id FROM users WHERE mobileNumber ="' . $number . '";'); if (mysql_num_rows($result) != 0) { $userID = mysql_result($result, 0, 0); $response = "OK : " . $userID; } } else { die("Internal Server Error during creating user"); } mysql_close($connection); return $response; }
<?php include "dbconnection.php"; $connection = initializeConnectionToDB(); $db = selectDB(); $selected = mysql_select_db($db, $connection) or die("Could not select Database"); $result = mysql_query('SELECT * FROM temp_registrations;') or die("There was an error running the query !<br>"); while ($row = mysql_fetch_array($result)) { echo "Temp_Users: "; echo "ID: " . $row[0] . " Number: " . $row[1] . " Verification Key: " . $row[2]; echo "<br>"; } $result = mysql_query('SELECT * FROM users;') or die("There was an error running the query !<br>"); echo "<br>---------------------------------------------------------------------------<br>"; while ($row = mysql_fetch_array($result)) { echo "Users: "; echo "ID: " . $row[0] . " Number: " . $row[1] . " password: "******"<br>"; } $result = mysql_query('SELECT * FROM contacts;') or die("There was an error running the query !<br>"); echo "<br>---------------------------------------------------------------------------<br>"; while ($row = mysql_fetch_array($result)) { echo "Contacts: "; echo "ID: " . $row[0] . " Source_ID: " . $row[1] . " Destination_ID: " . $row[2] . " Nickname " . $row[3]; echo "<br>"; } $result = mysql_query('SELECT * FROM messages;') or die("There was an error running the query !<br>"); echo "<br>---------------------------------------------------------------------------<br>"; while ($row = mysql_fetch_array($result)) { echo "Messages: "; echo "ID: " . $row[0] . " Contact ID: " . $row[1] . " Content: " . $row[2] . " Timestamp: " . $row[3] . " READ Status: " . $row[4];
function getOwnCIDFromOppositeCID($pending_contact_IDs) { $ownContactIDs = array(); //Connect to DB $connection = initializeConnectionToDB(); $db = selectDB(); $selected = mysql_select_db($db, $connection) or die("Could not select Database"); //encode contactID $contactInfo = array(); foreach ($pending_contact_IDs as $contact_id) { $result = mysql_query('SELECT origin_user_id, destination_user_id FROM contacts WHERE ' . 'contact_id=' . $contact_id . '') or die("SQL Error:" . mysql_error() . " with param" . var_dump($contact_id) . " <br>"); if (mysql_num_rows($result) > 0) { for ($i = 0; $i < mysql_num_rows($result); ++$i) { $opponent = mysql_result($result, $i, 0); $own = mysql_result($result, $i, 1); $data = array($opponent, $own); array_push($contactInfo, $data); } } } // find contact id with data foreach ($contactInfo as $info) { $result = mysql_query('SELECT contact_id FROM contacts WHERE origin_user_id=' . $info[1] . ' AND destination_user_id=' . $info[0] . ';') or die("SQL Error:" . mysql_error() . " with param" . var_dump($info) . " <br>"); if (mysql_num_rows($result) > 0) { for ($i = 0; $i < mysql_num_rows($result); ++$i) { $ownContactIDs[] = mysql_result($result, $i, 0); } } } mysql_close($connection); return $ownContactIDs; }
<?php require_once 'config.php'; if (isset($_POST['save'])) { require_once 'ajax/editstep.php'; } $data = array(); $sections = array(); $id = secure_data($_GET['id']); $data = selectDB(" WHERE id = '{$id}' AND type=2", 'course_sections'); if ($data === '') { header("Location: " . SITE_URL . "admin/"); die; } ?> <div id="page-wrapper"> <div class="row"> <div class="col-lg-12"> <div class="clearfix"> <h1 class="page-header">Edit step</h1> </div> <div class="clearfix loader-parent"> <form id="form-edit-step" class="form-horizontal" enctype="multipart/form-data" action="" method="post" role="form"> <div class="message-container"></div> <div class="form-group clearfix"> <label class="col-sm-2 control-label" for="name">Name</label> <div class="col-lg-6 col-sm-10"> <input type="text" name="name" id="name" class="form-control" value="<?php echo form_field('name', $data); ?> ">
$update_data = ''; $post_data = array(); $return_data = array('status' => 0); foreach ($fields as $field) { if ($field === 'content') { $val = addslashes(trim($_POST[$field])); } else { $val = secure_data($_POST[$field]); } if (in_array($field, $required_fields) && $val === '') { $error = 1; $message .= $message !== '' ? '<br>Please fill up all data' : 'Please fill up all data'; break; } $update_data .= $update_data !== '' ? ", " : ""; $update_data .= "`{$field}` = '{$val}'"; $post_data[$field] = $val; } if ($error == 0) { updateDB($update_data, " WHERE id='{$id}'", 'course_sections'); $course_id = selectDB(" WHERE id='{$id}'", 'course_sections', 'course_id'); $_SESSION['msg_selector'] = 'success'; $_SESSION['msg_message'] = 'step updated succesfully.'; $return_data['cid'] = $course_id; $return_data['status'] = 1; $return_data['message'] = 'step updated successfully.'; } else { $return_data['message'] = $message; } echo json_encode($return_data); exit;
<?php echo htmlspecialchars($_SERVER["PHP_SELF"]); ?> method="POST"> <?php require "../classes/dbutils.php"; require "../rest/getEmployee.php"; $fillDep = ""; if (filter_input(INPUT_SERVER, 'REQUEST_METHOD', FILTER_SANITIZE_STRING) == "POST") { if (!empty($_POST['department'])) { $index = $_POST['department']; $empCol = leftOuterJoin("Department", "Employee", "idDepartment", "Department_idDepartment", $index); $fillDep = $empCol; } } $empCol = selectDB("Department"); echo 'Select a department: '; echo '<select name="department" id="department">'; $length = sizeof($empCol) + 1; for ($i = 1; $i < $length; $i++) { echo "<option value=" . $i . ">" . $empCol[$i - 1]["name"] . "</option> \n"; } echo '</select>'; ?> <br><span style="color:red;"> <?php echo $fillDep; ?> </span><br><br> <?php ?> <br><br><input type="submit">
function findUsers($id, $db) { $stm = "select * from USERLOGIN WHERE ID_USER='******'"; $result = selectDB($stm, &$db); return $result; }
<?php require_once 'config.php'; $course_id = secure_data($_GET['cid']); $course_id_check = selectDB(" WHERE id='{$course_id}'", 'courses', 'id'); if ($course_id_check === '') { header("Location: " . SITE_URL . "admin/"); die; } $sections = array('' => 'Add new Section'); $cqry = "SELECT * FROM course_sections WHERE course_id = '{$course_id}' AND type=1"; $cresult = mysql_query($cqry); while ($row = mysql_fetch_assoc($cresult)) { $sections[$row['id']] = $row['name']; } ?> <div id="page-wrapper"> <div class="row"> <div class="col-lg-12"> <div class="clearfix"> <h1 class="page-header">Course Section</h1> </div> <div class="message-box-container"> <div class="message-container"> <?php echo message_html(); ?> </div> </div> <div class="well loader-parent mb20">