/**
* constructor
**/
function __construct()
{
require_once dirname(__FILE__) . '/dbConnect.php';
//Open DB connection
$db = new dbConnect();
$this->conn = $db->connect();
}
function __construct()
{
require_once 'dbConnect.php';
// opening db connection
$db = new dbConnect();
$this->conn = $db->connect();
}
function __construct()
{
require_once dirname(__FILE__) . '/dbConnect.php';
$db = new dbConnect();
//Connect to database
$this->con = $db->connect();
//Select "friends" collection, already defined in config.php
$this->col = new MongoCollection($this->con, DB_COLLECTION);
}
function createTable($name, $query)
{
$db = new dbConnect();
global $conn;
$result = mysqli_query($db->connect(), "create table if not exists {$name}({$query})");
if (!$result) {
die('failed to connect [' . $conn->connect_error . ']');
}
echo "Table '{$name}' created already.<br>";
}
function doWork()
{
try {
$dbh = dbConnect::getInstance()->dbh;
} catch (PDOException $e) {
print "Error!: " . $e->getMessage() . "<br/>";
die;
}
if (empty($_POST["isDelete"])) {
$sql = "insert into material (material_type, description) values ";
$sql .= "(:material_type, :description) ";
$sql .= "on duplicate key update description = :description ";
$stmt = $dbh->prepare($sql);
$stmt->bindValue(":material_type", $_POST["txtMaterialType"]);
$stmt->bindValue(":description", $_POST["txtDescription"]);
} else {
$sql = "delete from material where material_type = :material_type ";
$stmt = $dbh->prepare($sql);
$stmt->bindValue(":material_type", $_POST["isDelete"]);
}
if ($stmt->execute()) {
header("Content-Type: application/json");
echo json_encode(array("result" => "success"));
} else {
header("Content-Type: application/json");
echo json_encode($stmt->errorInfo());
}
}
public static function cekInstance()
{
if (is_null(self::$_cekInstance)) {
self::$_cekInstance = new self();
}
return self::$_cekInstance;
}
public function __construct($id)
{
$this->pdo = dbConnect::getInstance();
$this->id = $id;
$query = $this->pdo->query("SELECT * FROM shipy_user WHERE id = '" . $this->id . "' ");
$this->row = $query->fetch(PDO::FETCH_ASSOC);
}
public static function getInstance()
{
if (!isset(self::$instance)) {
self::$instance = new self();
}
return self::$instance;
}
function login($uname, $password, $checked)
{
$db = dbConnect::getInstance();
$mysqli = $db->getConnection();
$query = "SELECT * FROM users_tb WHERE mail= '" . $uname . "' AND pass = '******'";
$res = $mysqli->query($query);
if (mysqli_num_rows($res) > 0) {
$row = mysqli_fetch_array($res);
if ($row['type'] != "3") {
$_SESSION['cafeteriaSystem'] = $row['id'];
$_SESSION['type'] = $row['type'];
$_SESSION['name'] = $row['name'];
$_SESSION['pic'] = $row['pic_path'];
//echo $_SESSION['php'];
if ($checked == "1") {
setcookie("cafeteriaSystem", $row['id'], time() + 3600);
//echo $_COOKIE['php'];
}
if ($row['type'] == "1") {
header("location:orders.php");
} else {
header("location:index.php");
}
return TRUE;
}
} else {
return false;
}
}
function doWork()
{
try {
$dbh = dbConnect::getInstance()->dbh;
} catch (PDOException $e) {
print "Error!: " . $e->getMessage() . "<br/>";
die;
}
$sql = "update member set member_name = :member_name, address = :address, password = :password ";
$sql .= ",province_id = :province_id, province_name = :province_name ";
$sql .= ",amphur_id = :amphur_id, amphur_name = :amphur_name, ";
$sql .= ",district_id = :district_id, district_name = :district_name ";
$sql .= ",postcode = :postcode ";
$sql .= "where email = :email";
$stmt = $dbh->prepare($sql);
$stmt->bindValue(":member_name", $_POST["txtName"]);
$stmt->bindValue(":address", $_POST["txtAddress"]);
$stmt->bindValue(":password", $_POST["txtPassword"]);
$stmt->bindValue(":province_id", doExplode($_POST["cboProvince"])[0]);
$stmt->bindValue(":province_name", doExplode($_POST["cboProvince"])[1]);
$stmt->bindValue(":amphur_id", doExplode($_POST["cboAmphur"])[0]);
$stmt->bindValue(":amphur_name", doExplode($_POST["cboAmphur"])[1]);
$stmt->bindValue(":district_id", doExplode($_POST["cboDistrict"])[0]);
$stmt->bindValue(":district_name", doExplode($_POST["cboDistrict"])[1]);
$stmt->bindValue(":postcode", $_POST["txtPostCode"]);
$stmt->bindValue(":email", $_POST["email"]);
if ($stmt->execute()) {
header("Content-Type: application/json");
echo json_encode(array("result" => "success"));
} else {
header("Content-Type: application/json");
echo json_encode($stmt->errorInfo());
}
}
function deleteShirtSize()
{
try {
$dbh = dbConnect::getInstance()->dbh;
} catch (PDOException $e) {
echo "Error!: " . $e->getMessage() . "<br/>";
die;
}
$sql = "delete from shirt_size where size_code = :size_code and gender = :gender ";
$stmt = $dbh->prepare($sql);
$stmt->bindValue(":size_code", $_POST["size_code"]);
$stmt->bindValue(":gender", $_POST["gender"]);
header("Content-Type: application/json");
if ($stmt->execute()) {
echo json_encode(array("result" => "success"));
} else {
//echo json_encode($stmt->errorInfo());
$errorCode = $stmt->errorCode();
if ($errorCode == '23000') {
echo json_encode(array('result' => 'ไม่สามารถลบได้ เนื่องจากได้มีการใช้ข้อมูลนี้ไปแล้ว !!!'));
} else {
echo json_encode($stmt->errorInfo());
}
}
}
public static function getInstance()
{
if (!self::$_instance) {
// If no instance then make one
self::$_instance = new self();
}
return self::$_instance;
}
public static function getInstance()
{
if (!isset(self::$instance)) {
$object = __CLASS__;
self::$instance = new $object();
}
return self::$instance;
}
function mcacc_get_acc_list()
{
$mc_db = dbConnect::getInstance();
if (!is_user_logged_in()) {
log("Neprisijunges vartotojas bando pasitikrinti savo acc ip: " . $_SERVER['REMOTE_ADDR']);
return;
}
}
public static function newWord()
{
$newWordID = self::getRandomID();
$sql = "SELECT * FROM word WHERE ID={$newWordID}";
$result = dbConnect::runSQL($sql);
$word = $result->fetch_assoc();
$wordLetters = str_split($word['word']);
$word['wordLetters'] = $wordLetters;
return $word;
}
public function execute($sql)
{
$exe = mysql_query($sql, $this->_connAccess->getConnection());
if (!$exe) {
exit('Error : ' . mysql_error() . ':' . $sql);
} else {
return $exe;
dbConnect::closeConnection();
}
}
public static function getActiveCSS()
{
$db = dbConnect::getReadOnly();
$query = "SELECT * FROM CSSTemplates WHERE ActiveState=1;";
$results = mysqli_query($db, $query);
$row = mysqli_fetch_assoc($results);
$activeCSSTemplate = new self($row);
dbConnect::closeConnection($db);
return $activeCSSTemplate;
}
private function __construct()
{
try {
// Assign PDO object to db variable using super secure password
self::$db = new PDO('mysql:host=localhost;dbname=guestbook', 'homestead', 'secret');
self::$db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
} catch (PDOException $e) {
// Return connection errors - this is bad practice; should write to file
echo "Connection Error: " . $e->getMessage();
}
}
public static function getContentArea()
{
$db = dbConnect::getReadOnly();
$query = "SELECT * FROM ContentAreas;";
$results = mysqli_query($db, $query);
while ($row = mysqli_fetch_assoc($results)) {
$contentAreas[] = new self($row);
}
//end while
dbConnect::closeConnection($db);
return $contentAreas;
}
public static function getArticle($_area, $_page)
{
$db = dbConnect::getReadOnly();
$query = "SELECT * FROM Articles WHERE (Page='{$_page}' OR AllPages=1) AND ContentArea = '{$_area}';";
$result = mysqli_query($db, $query);
while ($row = mysqli_fetch_assoc($result)) {
$articleArray[] = new self($row);
}
//end while
dbConnect::closeConnection($db);
return $articleArray;
}
public static function getAllPages($_alias)
{
$db = dbConnect::getReadOnly();
$query = "SELECT * FROM SitePages;";
$result = mysqli_query($db, $query);
while ($row = mysqli_fetch_assoc($result)) {
$pages[] = new self($row);
}
//end while
dbConnect::closeConnection($db);
return $pages;
}
/**
* Get a new database connection returns a pdo object.
* @return PDO
*/
public static function getInstance()
{
if (self::$db === NULL) {
try {
self::$db = new PDO('mysql:dbname=' . DB . ';' . DB_HOST, DB_USERNAME, DB_PASSWORD);
self::$db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
} catch (Exception $e) {
throw new Exception($e->getMessage(), $e->getCode());
}
}
return self::$db;
}
protected function _getQuery()
{
if (!$this->_query) {
$this->_conn = dbConnect::getConnection();
$this->_query = mysql_query($this->_sql, $this->_conn);
if (!$this->_query) {
print 'Error : ' . mysql_error() . ' ' . $this->_sql;
}
}
return $this->_query;
dbConnect::closeConnection();
}
function regist($fname, $lname, $address, $country, $gender, $uname, $password, $myskils, $department, $pic_name)
{
$db = dbConnect::getInstance();
$mysqli = $db->getConnection();
$query = " insert into users_tb set\n\t\t\t\t\t\tfname='" . $fname . "' ,\n\t\t\t\t\t\tlname='" . $lname . "' ,\t\n\t\t\t\t\t\taddress='" . $address . "' ,\n\t\t\t\t\t\ttype = '2' ,\n\t\t\t\t\t\tcountry = '" . $country . "' ,\n\t\t\t\t\t\tgender='" . $gender . "' ,\n\t\t\t\t\t\tmail='" . $uname . "' ,\n\t\t\t\t\t\tpassword='******' ,\n\t\t\t\t\t\tskils='" . $myskils . "' ,\n\t\t\t\t\t\tdept = '" . $department . "' ,\n\t\t\t\t\t\tprof_pic='" . $pic_name . "'\n\t\t\t";
$res = $mysqli->query($query) or die(mysqli_error($mysqli));
if ($res) {
return TRUE;
} else {
return false;
}
}
function insertOrder()
{
try {
$dbh = dbConnect::getInstance()->dbh;
} catch (PDOException $e) {
print "Error!: " . $e->getMessage() . "<br/>";
die;
}
$sql = 'insert into shirt_order ';
$sql .= '(email, line_screen_price_1, line_screen_price_2, shirt_id_1, ';
$sql .= 'shirt_id_2, qty_1, qty_2, order_status, order_date, amt, ';
$sql .= 'screen_width_1, screen_height_1, screen_width_2, screen_height_2, color_area_1, color_area_2) ';
$sql .= 'values';
$sql .= '(:email, :line_screen_price_1, :line_screen_price_2, :shirt_id_1, ';
$sql .= ':shirt_id_2, :qty_1, :qty_2, :order_status, curdate(), :amt, ';
$sql .= ':screen_width_1, :screen_height_1, :screen_width_2, :screen_height_2, :color_area_1, :color_area_2); ';
$sql .= 'update member set address = :address where email = :email; ';
$stmt = $dbh->prepare($sql);
$stmt->bindValue(':email', $_POST['email']);
$stmt->bindValue(':line_screen_price_1', $_POST['line_screen_price_1']);
$stmt->bindValue(':line_screen_price_2', $_POST['line_screen_price_2']);
$stmt->bindValue(':shirt_id_1', $_POST['shirt_id_1']);
$stmt->bindValue(':shirt_id_2', $_POST['shirt_id_2']);
$stmt->bindValue(':qty_1', $_POST['qty_1']);
$stmt->bindValue(':qty_2', $_POST['qty_2']);
$stmt->bindValue(':order_status', 'order');
$stmt->bindValue(':amt', $_POST['amt']);
$stmt->bindValue(':address', $_POST['address']);
$stmt->bindValue(':screen_width_1', $_POST['screen_width_1']);
$stmt->bindValue(':screen_height_1', $_POST['screen_height_1']);
$stmt->bindValue(':screen_width_2', $_POST['screen_width_2']);
$stmt->bindValue(':screen_height_2', $_POST['screen_height_2']);
$stmt->bindValue(':color_area_1', $_POST['color_area_1']);
$stmt->bindValue(':color_area_2', $_POST['color_area_2']);
if ($stmt->execute()) {
$orderId = $dbh->lastInsertId();
$target_dir = 'uploads/';
$dirToMake = '../' . $target_dir . $orderId;
mkdir($dirToMake);
$screen1 = $_POST['line_screen_1'];
saveFileToDir($dirToMake, $screen1, '01.png');
$screen2 = $_POST['line_screen_2'];
saveFileToDir($dirToMake, $screen2, '02.png');
$product = $_POST['product_image'];
saveFileToDir($dirToMake, $product, '03.png');
header("Content-Type: application/json");
echo json_encode(array('order_id' => $orderId));
} else {
header("Content-Type: application/json");
echo json_encode($stmt->errorInfo());
}
}
public static function login($user, $pass)
{
$pass = md5($pass);
$pdo = dbConnect::getInstance();
if (empty($user) or empty($pass)) {
die('Niet alle velden zjin gevuld! Probeer nogmaals!');
}
$check = $pdo->prepare("SELECT * FROM shipy_user WHERE username = :user AND password = :pass ");
$check->execute(array(':user' => $user, ':pass' => $pass));
if ($check->rowCount() == 1) {
while ($row = $check->fetch(PDO::FETCH_ASSOC)) {
$_SESSION['log'] = $row['id'];
header('Location: /user/dashboard/');
}
} else {
die('Het opgegeven wachtwoord is verkeerd, of de gebruiker komt niet voor in de database. Probeer nogmaals!');
}
}
function deleteSizePrice()
{
try {
$dbh = dbConnect::getInstance()->dbh;
} catch (PDOException $e) {
echo "Error!: " . $e->getMessage() . "<br/>";
die;
}
$sql = "delete from size_price where size_price_id = :size_price_id ";
$stmt = $dbh->prepare($sql);
$stmt->bindValue(":size_price_id", $_POST["size_price_id"]);
if ($stmt->execute()) {
header("Content-Type: application/json");
echo json_encode(array("result" => "success"));
} else {
header("Content-Type: application/json");
echo json_encode($stmt->errorInfo());
}
}
function checkEmail()
{
try {
$dbh = dbConnect::getInstance()->dbh;
} catch (PDOException $e) {
print "Error!: " . $e->getMessage() . "<br/>";
die;
}
$email = $_POST["email"];
$sql = "select email from member where email = :email ";
$stmt = $dbh->prepare($sql);
$stmt->bindValue(":email", $email);
if ($stmt->execute()) {
$results = $stmt->fetch(PDO::FETCH_ASSOC);
if (!empty($results["email"])) {
header("Content-Type: application/json");
echo json_encode(array('valid' => false));
} else {
header("Content-Type: application/json");
echo json_encode(array('valid' => true));
}
}
}
echo '<option value="receive" ' . ($selectedItem == 'receive' ? 'selected' : '') . '>ยืนยันชำระเงินแล้ว</option>';
echo '<option value="delivered" ' . ($selectedItem == 'delivered' ? 'selected' : '') . '>จัดส่งแล้ว</option>';
echo '<option value="canceled" ' . ($selectedItem == 'canceled' ? 'selected' : '') . '>ยกเลิก</option>';
echo '<option value="all" ' . ($selectedItem == 'all' ? 'selected' : '') . '>ทั้งหมด</option>';
?>
</select>
</div>
</div>
</div>
</form>
<br/>
<?php
try {
$conn = dbConnect::getInstance();
$dbh = $conn->dbh;
} catch (PDOException $e) {
print "Error!: " . $e->getMessage() . "<br/>";
die;
}
$sql = 'select o.order_id, o.email as email, o.line_screen_price_1, o.line_screen_price_2, o.qty_1, o.qty_2, o.amt, o.order_date, ';
$sql .= 'o.paid_date, o.deliver_date, o.cancel_date, o.tracking_id, ';
$sql .= 'o.screen_width_1, o.screen_height_1, o.screen_width_2, o.screen_height_2, o.color_area_1, o.color_area_2, ';
$sql .= 's1.shirt_name as shirt_name_1, s1.gender as gender_1, s1.shirt_type as shirt_type_1, s1.color_hex as color_hex_1, s1.shirt_price as shirt_price_1, ';
$sql .= 's2.shirt_name as shirt_name_2, s2.gender as gender_2, s2.shirt_type as shirt_type_2, s2.color_hex as color_hex_2, s2.shirt_price as shirt_price_2, ';
$sql .= 's1.material_type as material_type_1, s1.size_code as size_code_1, ';
$sql .= 's2.material_type as material_type_2, s2.size_code as size_code_2, ';
$sql .= 'm.member_name, m.address, ';
$sql .= 'c1.color as color_1, ';
$sql .= 'c2.color as color_2 ';
<?php
/************************************************************
DEPENDENCIES
************************************************************/
require '../../settings.php';
/************************************************************
AJAX REQUEST
************************************************************/
$postdata = file_get_contents("php://input");
$dataobject = json_decode($postdata);
$post_id = $dataobject->id;
$post_status = $dataobject->status;
$post_title = $dataobject->title;
$post_date = $dataobject->date;
$post_content = $dataobject->input;
/************************************************************
DATABASE CONNECTION
************************************************************/
$connection = new dbConnect();
$pdo = $connection->connect();
/************************************************************
QUERY
************************************************************/
$querystring = "UPDATE posts SET post_status = :post_status, post_title = :post_title, post_date = :post_date, post_content = :post_content WHERE id = :post_id";
$preparedstatement = $pdo->prepare($querystring);
$preparedstatement->execute(["post_status" => $post_status, "post_title" => $post_title, "post_date" => $post_date, "post_content" => $post_content, "post_id" => $post_id]);
echo true;