Exemplo n.º 1
0
 function smazat($nazev, $bazarId)
 {
     $sql = "delete from sablony_zprav WHERE bazarId=" . $bazarId . " and nazev='" . $nazev . "'";
     #echo $sql."<BR>";
     $ret = $this->db2->query($sql);
     #exit;
     return !SQLEngine::isError($ret);
 }
Exemplo n.º 2
0
                $query = $sqlEngine->query($insert, array($_REQUEST["u"], $_REQUEST["kategorie"], $kanal_id));
            }
            break;
        case "delete":
            $delete = "DELETE FROM uzivatele_skupiny WHERE idUzivatel = ? && idSkupina = ?";
            $query = $sqlEngine->query($delete, array($_REQUEST["u"], $_REQUEST["skupID"]));
            break;
        case "uStav":
            $update = "UPDATE uzivatele SET stav=?, email=?, sms=? WHERE id = ?";
            $query = $sqlEngine->query($update, array($_REQUEST["stav"], $_REQUEST["uEmail"], $_REQUEST["uSMS"], $_REQUEST["u"]));
            break;
        default:
            $noSql = true;
            break;
    }
    if (SQLEngine::isError($query) && !$noSql) {
        $chyba = "Oops něco se porouchalo";
    }
}
// vybereme hlavni sablonu
$T->setFile('modulX', 'srcTpl/admin.htm');
// polozky menu
include_once 'moduly/menuAdmin.php';
// nastartujeme lokalni sablonu
$TM = new MyTemplate();
$TM->setFile('modulY', 'srcTpl/adminUzivatele_modul.htm');
//seznam uzivatelu
$query = "SELECT * FROM uzivatele ORDER BY login";
$qUzivatele = $sqlEngine->query($query);
foreach (SQLEngine::getRows($qUzivatele) as $u) {
    unset($T_data);
Exemplo n.º 3
0
<?php

adminLoginValidate();
//ulozeni zpravy do tabulky
if ($_REQUEST["obsah"] != "" && $_REQUEST["odeslatPo"] != "" && is_array($_REQUEST["skupina"]) && count($_REQUEST["skupina"]) > 0) {
    $reload = true;
    $insert_msg = "INSERT INTO zpravy (vlozeno, odeslatPo, text, textHTML, textSMS, vytvoreno_z, vytvoril)\n                       VALUES (now(), ?, ?, ?, ?, ?, ?)";
    $rs = $sqlEngine->query($insert_msg, array($_REQUEST["odeslatPo"], $_REQUEST["obsah"], "", $_REQUEST["obsahSMS"], "web", $_SESSION["admin"]["id"]));
    if (!SQLEngine::isError($rs)) {
        $msgId = $sqlEngine->getLastInsertId($rs);
        foreach ($_REQUEST["skupina"] as $v) {
            $insert_skupina = "INSERT INTO zpravy_skupiny (idZpravy, idSkupiny) VALUES (?, ?)";
            $rs = $sqlEngine->query($insert_skupina, array($msgId, $v));
            if (SQLEngine::isError($rs)) {
                //pokus se stane chyba vymaz zravu
                $sqlEngine->query("DELETE FROM zpravy WHERE id = " . $msgId);
                $sqlEngine->query("DELETE FROM zpravy_skupiny WHERE idZpravy = " . $msgId);
                $chyba = "Došlo k chybě zprávu se nepodařilo odeslat";
                $reload = false;
                break;
            }
        }
        if ($reload) {
            header("location: " . getUrl("adminSeznamZprav"));
        }
    } else {
        $chyba = "Došlo k chybě zprávu se nepodařilo odeslat";
    }
} elseif ($_REQUEST["odeslano"]) {
    $chyba = "Všechny položky jsou povinné";
}
Exemplo n.º 4
0
 /** upravi uzivatele
  * @param string $login zadejte email, je pouzit jako login
  * @param string $heslo
  * @param string $jmeno
  * @param string $prijmeni
  * @param string $telefon telefonni cislo ve formatu 420xxxxxxxxx
  * @param int $contact_hide 0=zobrazovat udaje v inzeratu, 1=nezobrazovat
  * @adresa pole array(sidlo,ulice,mesto,psc,kraj,uiradr_id)
  * @doprava array(text,cena)
  * @return array
  */
 function update($login, $heslo = null, $jmeno = null, $prijmeni = null, $telefon = null, $icq = null, $skype = null, $contact_hide = 0, $adresa = "", $doprava = array())
 {
     $sql = "UPDATE uzivatel SET login=?";
     $sqlPara = array($login);
     if (isset($heslo)) {
         $sql .= ",heslo=?";
         array_push($sqlPara, $heslo);
     }
     if (isset($jmeno)) {
         $sql .= ",jmeno=?";
         array_push($sqlPara, $jmeno);
     }
     if (isset($prijmeni)) {
         $sql .= ",prijmeni=?";
         array_push($sqlPara, $prijmeni);
     }
     if (isset($telefon)) {
         $sql .= ",telefon=?";
         array_push($sqlPara, $telefon);
     }
     if (isset($icq)) {
         $sql .= ",icq=?";
         array_push($sqlPara, $icq);
     }
     if (isset($skype)) {
         $sql .= ",skype=?";
         array_push($sqlPara, $skype);
     }
     if ($contact_hide == 0) {
         $sql .= ",contact_hide='0'";
     } else {
         $sql .= ",contact_hide='1'";
     }
     $sql .= " WHERE bazar=? AND login=?";
     array_push($sqlPara, $this->bazar);
     array_push($sqlPara, $login);
     $rs = $this->db2->query($sql, $sqlPara);
     $out["result"] = SQLEngine::getErrorCode($rs);
     $out["result_text"] = SQLEngine::getErrorText($rs);
     if (!SQLEngine::isError($rs) and $adresa != "") {
         $sql = "select id from uzivatel where login=? and bazar=?";
         $rs = $this->db2->query($sql, array($login, $this->bazar));
         $row = SQLEngine::getFirstRow($rs);
         $sql = "replace into uzivatel_adresa set\n                uzivatel_id=?, sidlo=?, ulice=?, mesto=?, kraj=?, uiradr_id=?";
         $rs = $this->db2->query($sql, array($row["id"], emptyOnNull($adresa["sidlo"]), emptyOnNull($adresa["ulice"]), emptyOnNull($adresa["mesto"]), emptyOnNull($adresa["kraj"]), emptyOnNull($adresa["uiradr_id"])));
         $out["result"] = SQLEngine::getErrorCode($rs);
         $out["result_text"] = SQLEngine::getErrorText($rs);
     }
     // je vplneno pole doprava
     if (isset($doprava["1"])) {
         $sql = "DELETE FROM uzivatel_doprava WHERE uzivatel_id = ?";
         $rs = $this->db2->query($sql, array($row["id"]));
         // ukladame pouze radky kde je vyplneny text
         foreach ($doprava as $poradi => $radek) {
             if ($radek["nazev"] != "") {
                 $sql = "INSERT INTO uzivatel_doprava SET uzivatel_id = ?, poradi=?, nazev=?, cena=?";
                 $rs = $this->db2->query($sql, array($row["id"], $poradi, $radek["nazev"], $radek["cena"]));
             }
         }
     }
     return $out;
 }
Exemplo n.º 5
0
<?php

if ($_REQUEST["stare"] != "" && $_REQUEST["nove"] != "" && $_REQUEST["kontrola"] != "") {
    if ($_REQUEST["nove"] == $_REQUEST["kontrola"]) {
        if (substr(md5($_REQUEST["stare"]), 0, 12) == $_SESSION["user"]["heslo"]) {
            $query = "UPDATE uzivatele SET heslo = SUBSTRING(MD5(?), 1, 12) WHERE id = ?";
            $update = $sqlEngine->query($query, array($_REQUEST["nove"], $_SESSION["user"]["id"]));
            if (SQLEngine::isError($update)) {
                $chyba = "Oops něco se porouchalo";
            } else {
                $chyba = "Heslo bylo změněno";
                $_SESSION["user"]["heslo"] = substr(md5($_REQUEST["nove"]), 0, 12);
            }
        } else {
            $chyba = "Špatně vyplněno staré heslo";
        }
    } else {
        $chyba = "Nové heslo se neshoduje s kontrolou";
    }
}
// vybereme hlavni sablonu
$T->setFile('modulX', 'srcTpl/user.htm');
// polozky menu
include_once 'moduly/menuUser.php';
// nastartujeme lokalni sablonu
$TM = new MyTemplate();
$TM->setFile('modulY', 'srcTpl/userZmenaHesla_modul.htm');
if (isset($chyba)) {
    unset($T_data);
    $T_data['textChyby'] = $chyba;
    $TM->assignBlockVars('ERROR', $T_data);
Exemplo n.º 6
0
 /**
  * slouzi pro nakesovani odpovedi dotazu typu SELECT pokud nekolik modulu na strance vola backend se stejnymi parametry
  * soucasne promazava cache po stanovenem limitu a umoznuje sdileni odpovedi vice aplikacnimi servery
  * @param string $query SQL dotaz SELECT ktery se ma vykonat
  * @param string $Benchmarked je-li vyplneno, bude zalogovan banchmark test do err_log a text bude pouzit jako identifikator ve vypisu logu
  * @param int $maxold pocet minut jak muze byt vysledek stary, jinak dojde k jeho aktualizaci (default 0) 0=cache off
  * @return array $out["rows"] ... radky s vysledky s omezenim limit, $out["count"] ... pocet nalezenych vysedku bez omezeni limitu
  */
 public function query($query, $params = array(), $benchMarked = "", $maxOld = 0)
 {
     if (!is_array($params)) {
         $params = array($params);
     }
     $time_start = microtime(true);
     $isCache = $maxOld > 0 && !$this->isUpdate($query);
     $actualPDO = $this->getPDO($query, $isCache);
     $connectionInfo = $actualPDO === $this->pdoMaster ? $this->masterHost . "/" . $this->masterDBName . " (master)" : ($connectionInfo = $this->slaveHost . "/" . $this->slaveDBName . " (slave)");
     if ($isCache) {
         // vypocteme id dotazu pro cache
         $checksum = sprintf("%u\n", crc32($query . print_r_log($params)));
         // zjistime zda uz takovy dotaz neprobehl a zda neni po expiraci
         $stmt = $actualPDO->prepare("SELECT *,TIMESTAMPDIFF(MINUTE,created,NOW()) AS oldmin FROM cache_sql WHERE sql_hash=?");
         $stmt->execute(array($checksum));
         $cache = $stmt->fetch();
         $isCache = $stmt->rowCount() > 0 && $cache['oldmin'] < $maxOld;
     }
     //znovu se ptam na stejnou podminku, protoze se mohla mezitim zmenit
     if ($isCache) {
         $out = unserialize($cache['result']);
     } else {
         // neprobehl nebo vyexpiroval - provedeme dotaz a vysledek ulozime do cache
         $stmt = $actualPDO->prepare($query);
         $stmt->setFetchMode(PDO::FETCH_ASSOC);
         $success = $stmt->execute($params);
         $errorInfo = $stmt->errorInfo();
         $out['errorCode'] = $errorInfo[0];
         $out['errorText'] = $errorInfo[2];
         $out["rows"] = $stmt->fetchAll();
         $out["lastInsertId"] = $actualPDO->lastInsertId();
         $out["affectedRows"] = $stmt->rowCount();
         if (!SQLEngine::isError($out)) {
             $out['errorText'] = "";
             $rs1 = $actualPDO->query("SELECT FOUND_ROWS() as pocet")->fetch();
             $out['count'] = $rs1['pocet'];
             //pokud nezafunguje found_rows a vrati 0-1 radku, tak pro jistotu si vezmu pocet z vracenych radku
             if ($out['count'] + 0 < 2) {
                 $out['count'] = count($out["rows"]);
             }
         } else {
             logmsg("SQLERROR:" . self::getErrorCode($out) . ":" . self::getErrorText($out) . "\n" . $query . "\n" . print_r_log($params), PEAR_LOG_CRIT);
         }
         if ($maxOld > 0) {
             // ulozime vysledek do cache pokud nepresahuje limitni delku mediumtext 2^24
             $serial = serialize($out);
             if (strlen($serial) < pow(2, 24) && strlen($serial) > 0) {
                 $sql = "REPLACE cache_sql SET sql_hash=?, result=?";
                 $stmt = $actualPDO->prepare($sql);
                 $stmt->execute(array($checksum, $serial));
             }
         }
     }
     $time_end = microtime(true);
     $time = $time_end - $time_start;
     global $conf;
     if ($conf["enableProfiler"]) {
         $stmt = $actualPDO->prepare("select count(*) as pocet from inzerat");
         $stmt->setFetchMode(PDO::FETCH_ASSOC);
         $success = $stmt->execute(array());
         $rs1 = $stmt->fetch();
         $profilerInsert = "INSERT INTO profiler_data (request_id, request_uri, startSql, stopSql, query, params, pocetInzeratu, callStack) VALUES (?, ?, ?, ?, ?, ?, ?, ?);";
         $e = new Exception();
         $profileParams = array($_SERVER["REQUEST_TIME"], $_SERVER["REQUEST_URI"], $time_start, $time_end, $query, serialize($params), $rs1["pocet"], $e->getTraceAsString());
         $stmt = $this->getPDOMaster()->prepare($profilerInsert);
         $stmt->execute($profileParams);
     }
     logmsg("BENCHMARK {$benchMarked} STOP for connection " . $connectionInfo . " " . round($time, 3) . "\n" . print_r_log($query) . "\n" . print_r_log($params), PEAR_LOG_DEBUG);
     return $out;
 }