function removeUser($user)
{
//borrar usuario
$rem = new db_connection();
if (!$rem->searchUser($user)) {
return false;
} else {
//quitar de la base de datos
$query = "DELETE FROM `users` WHERE User = '******'";
global $mySqlPDO;
$mySqlQ = $mySqlPDO->prepare($query);
$result = $mySqlQ->execute();
return $result;
}
}
function computePoll()
{
require 'functions/cla-connection.php';
require 'config/dbconfig.php';
$enq_id = $_POST['enq_id'];
$vote = $_POST['vote'];
$login = $_SESSION['LOGIN'];
$conn = new db_connection($hostname, $username, $password, $database);
// Update vote count
$result = $conn->update("enq_resposta", array("enq_votos=enq_votos+1"), "id={$vote}");
// Compute Update vote count
$result = $conn->insert("enq_voto", array("login,enq_id"), array("'{$login}',{$enq_id}"));
$info['RET'] = 0;
print json_encode($info);
}
public static function getInstance()
{
if (!self::$_instance) {
// If no instance then make one
self::$_instance = new self();
}
return self::$_instance;
}
function cnct()
{
$connect = new db_connection();
$C = 'ConstantsControl_p_admin';
$C = new ReflectionClass($C);
if (!isset($mod)) {
$mod = 'dev';
}
//$mod = 'production';
$mod = $C->getConstant('CATEGORY');
if ($mod == 'prod') {
$cnx = $connect->db_connect($C->getConstant('HOST_prod'), $C->getConstant('ROOT_prod'), $C->getConstant('PASS_prod'), $C->getConstant('DB_prod'));
} else {
$cnx = $connect->db_connect($C->getConstant('HOST_dev'), $C->getConstant('ROOT_dev'), $C->getConstant('PASS_dev'), $C->getConstant('DB_dev'));
}
return $cnx;
}
function cnct()
{
$connect = new db_connection();
$C = 'ConstantsControl_p_admin';
$C = new ReflectionClass($C);
if (!isset($mod)) {
$mod = 'dev';
}
//$mod = 'production';
$mod = $C->getConstant('CATEGORY');
if ($mod == 'prod') {
$cnx = $connect->db_connect($C->getConstant('HOST_prod'), $C->getConstant('ROOT_prod'), $C->getConstant('PASS_prod'), $C->getConstant('DB_prod'));
} else {
$cnx = $connect->db_connect($C->getConstant('HOST_dev'), $C->getConstant('ROOT_dev'), $C->getConstant('PASS_dev'), $C->getConstant('DB_dev'));
}
$sql = "SET time_zone = '" . $C->getConstant('TIMEZONE') . "'";
mysqli_query($cnx, $sql);
return $cnx;
}
function hasPoll()
{
require 'functions/cla-connection.php';
require 'config/dbconfig.php';
// No poll avaliable
$POLL = false;
$conn = new db_connection($hostname, $username, $password, $database);
// Check is has active pool
$result = $conn->select("enq_pergunta", array("id"), "enq_ativa=1");
// Has one active poll
if ($conn->affected_rows() == 1) {
$data = $conn->fetch_array($result);
$poll = $data['id'];
$login = $_SESSION['LOGIN'];
//
$result = $conn->select("enq_voto", array("login"), "enq_id='{$poll}' and login = '******'");
// User has already voted
if ($conn->affected_rows() == 0) {
$POLL = true;
}
}
// Return array of values
//$info[] = array();
$info['POLL'] = $POLL;
print json_encode($info);
}
function hasPool()
{
require 'classes/db_connection.php';
require 'config/dbconfig.php';
require 'functions/fun-net.inc.php';
// Get Remote user IP
$remoteIP = getIp();
$conn = new db_connection($hostname, $username, $password, $database);
$result = $conn->select("user_control", array("username"), "address='{$remoteIP}'");
//
if ($conn->affected_rows() == 1) {
$data = $conn->fetch_array($result);
$login = $data['username'];
$result = $conn->select("tec_users", array("nome"), "login='******'");
$data = $conn->fetch_array($result);
$nome = $data['nome'];
$_SESSION['IP'] = $remoteIP;
$_SESSION['LOGIN'] = $login;
} else {
$nome = "404";
}
// Return array of values
//$info[] = array();
$info['IP'] = $remoteIP;
$info['USER'] = $nome;
$info['LOGIN'] = $login;
print json_encode($info);
}
public function get_all_product()
{
//rana
$db = db_connection::getInstance();
$mysqli = $db->getConnection();
$query = " select * from product where product_amount = 'avaliable' ";
$res = $mysqli->query($query) or die(mysqli_error($mysqli));
if ($res) {
return $res;
} else {
return false;
}
}
<?php
session_start();
header("Content-Type:application/json");
require_once '../cfg/common.php';
$dbconn = new db_connection();
$logged_user = $_SESSION['mms_logged_uid'];
$start = $_GET['start'];
$end = $_GET['end'];
$prepare_statement = "SELECT * from " . expense_details . " a, " . user_split_expense . " b where a.exp_id = b.exp_id and b.email='" . $logged_user . "'";
//echo $prepare_statement;
$result = $dbconn->query($prepare_statement);
$expense = array();
$num_rows = 0;
//start=2014-11-30&end=2015-01-11&timezone=UTC&_=1420015222023"
if ($result->num_rows > 0) {
while ($row = mysqli_fetch_assoc($result)) {
$expenseArray['id'] = $row['exp_id'];
$expenseArray['title'] = $row['expense_title'];
$expenseArray['description'] = $row['expense_desc'];
$expenseArray['amount'] = $row['expense_total'];
$expenseArray['start'] = $row['exp_date'];
$expenseArray['allDay'] = "1";
$expense[$num_rows] = $expenseArray;
$num_rows++;
}
}
echo json_encode($expense);
//exp_id,expense_title,expense_desc, expense_total,exp_owner,exp_date
<?php
/**
* Created by PhpStorm.
* User: ae
* Date: 21/12/2015
* Time: 3:18
*/
include_once 'classes.php';
//verificacion de usuarios y contraseñas
if (isset($_POST["user"]) && isset($_POST["pass"])) {
$user = $_POST["user"];
$pass = $_POST["pass"];
$checkVariables = new checkInput();
$e = $checkVariables->check($user, $pass) ? true : false;
} else {
$e = false;
}
//agrega usuario
if ($e) {
$addUser = new db_connection();
if ($addUser->addUser($user, $pass)) {
echo 'ingreso correcto';
}
} else {
echo 'ingreso incorrecto';
}
<?php
include_once "./header.php";
?>
<!-- body -->
<div class="row">
<div class="col-md-3"></div>
<div class="col-md-6">
<?php
include_once '../classes/db_connection.php';
$getid = new db_connection();
$get_id = $getid->get_by_id('users', 'user_id', $_REQUEST['user_id']);
$row = mysqli_fetch_array($get_id);
echo ' <form class="form-horizontal" action="updateuser.php" method="POST" enctype="multipart/form-data">
<fieldset>
<div id="legend">
<legend class="">Add Users</legend>
</div>
<input type="hidden" name="user_id" value=' . $row[0] . '>
<div class="control-group">
<label class="control-label" for="name">Name</label>
<div class="controls">
<input type="text" id="name" value=' . $row[1] . ' name="user_name" placeholder="" class="form-control input-lg">
<p class="help-block">Please provide the user name</p>
</div>
</div>
<div class="control-group">
<label class="control-label" for="email">Email</label>
<div class="controls">
<input type="email" id="email" value=' . $row[2] . ' name="user_email" placeholder="" class="form-control input-lg">
require_once 'cfg/config.php';
require_once 'cfg/common.php';
$success_registration = 0;
if (isset($_POST['submit_btn'])) {
if ($_POST['submit_btn'] == "submit_val") {
$ch = new clean_and_hash();
$name = $ch->clean_all_tags($_POST['name']);
$email = $ch->clean_all_tags($_POST['email']);
$password = $ch->clean_all_tags($_POST['password']);
$c_password = $ch->clean_all_tags($_POST['c_password']);
if ($password != $c_password) {
header('location:signup.php?error=1');
}
$secure_pass = $ch->password_hash($email, $password);
$activation_id = $ch->get_activation_code($email);
$dbconn = new db_connection();
$prepare_statement = "SELECT * from " . user_profile . " where email = '" . $email . "' and reg_type='self'";
$result = $dbconn->query($prepare_statement);
$num_rows = $result->num_rows;
if ($num_rows == 0) {
// new users
$insert_statement = "INSERT into " . user_profile . " (email,password,name,activation_id) values ('" . $email . "','" . $secure_pass . "','" . $name . "','" . $activation_id . "')";
$insert_cmd = $dbconn->query($insert_statement);
if ($insert_cmd) {
$success_registration = 1;
} else {
$success_registration = 0;
}
} else {
// user already exists send back to login.php with some verify & userid
header('location:login.php?return=verify&user=' . $email);
public function import_person_file_to_db()
{
//Import to a DB the data of a file
$dbinfo = new db_connection();
$file = fopen("personinfo.txt", "r") or die("ERROR: Fail reading the file");
try {
$conn = new PDO("mysql:host=localhost;dbname=myowndb", $dbinfo->get_dbusr(), $dbinfo->get_dbpw());
// set the PDO error mode to exception
$conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
//echo "Connected successfully<br><br>";
while (!feof($file)) {
$line = fgets($file);
$datarray = explode(";", $line);
/*if( !isset($datarray[0]) && !isset($datarray[1]) && !isset($datarray[2]) &&
!isset($datarray[3]) && !isset($datarray[4]) && !isset($datarray[5]) && !isset($datarray[6]) ) {
$datarray[0] = null;
$datarray[1] = null;
$datarray[2] = null;
$datarray[3] = null;
$datarray[4] = null;
$datarray[5] = null;
$datarray[6] = null;
}*/
$sql = "INSERT INTO person (firstname, lastname, id, age, gender, phone, email) VALUES ('{$datarray['0']}', '{$datarray['1']}', '{$datarray['2']}', '{$datarray['3']}', '{$datarray['4']}', '{$datarray['5']}', '{$datarray['6']}')";
$conn->exec($sql);
}
} catch (PDOException $e) {
echo "Connection failed: " . $e->getMessage();
}
}
select tab01_pergunta, tab01_resp1, tab01_perc1, tab01_resp2, tab01_perc2
from tab01_enquetes a
where tab01_id = 1
# Quantas vezes o mesmo ip participou de nossas campanhas?
select tab02_ip ip, count(tab02_ip) votos
from tab02_voto
group by tab02_ip
order by tab02_ip
*/
require_once 'classes/db_connection.php';
require_once 'config/dbconfig.php';
require_once 'functions/fun-net.inc.php';
$ip = getIP();
$voto = $_POST['radio_voto'];
$votou = '';
$conn = new db_connection($hostname, $username, $password, $database);
$result = $conn->select("enq_pergunta", array("id,enq_pergunta,enq_obrigatoria"), "enq_ativa = 1");
// Seleciona a enquete da vez, só pra pegar o ID
$data = $conn->fetch_array($result);
$id = $data['tab01_id'];
$result = $conn->select("enq_voto", array("tab01_id"), "tab01_id = '{$id}' and tab02_ip = '{$ip}'");
$data = $conn->fetch_array($result);
// Se ainda não votou.
if ($data['tab02_ip'] == '') {
// Computa o voto
if ($_POST['radio_voto'] != '') {
$id = $_POST['tab01_id'];
$sql = "insert into tab02_voto VALUES ('{$id}', '{$ip}', now(), {$voto})";
mysql_query($sql) or die(mysql_error());
$sql = "update tab01_enquetes set tab01_perc{$voto} = (tab01_perc{$voto} +1) where tab01_id = '{$id}'";
mysql_query($sql) or die(mysql_error());
<?php
include_once './header.php';
?>
<hr>
<!-- body -->
<div class="row">
<div class="col-md-3"></div>
<div class="col-md-6">
<?php
include_once '../classes/db_connection.php';
$getid = new db_connection();
$get_id = $getid->get_by_id('product', 'product_id', $_REQUEST['product_id']);
$row = mysqli_fetch_array($get_id);
echo ' <form class="form-horizontal" action="updateproduct.php" method="POST">
<fieldset>
<div id="legend">
<legend class="">Add Products</legend>
</div>
<input type="hidden" name="product_id" value=' . $row[0] . '>
<div class="control-group">
<label class="control-label" for="product">Product</label>
<div class="controls">
<input type="text" id="product" value=' . $row[1] . ' name="product_name" placeholder="" class="form-control input-lg">
<p class="help-block">Product can contain any letters</p>
</div>
</div>
<div class="control-group">
<label class="control-label" for="category" >Category</label>
* Date: 18/12/2015
* Time: 0:34
*/
include 'classes.php';
$e = false;
//por las dudas
//que las validaciones de entrada sean por javascript
//verifico que no vengan vacías nada mas
//BORRAR, solo para pruebas
$prueba = new db_connection();
if (isset($_POST)) {
if ($_POST["user"] != '') {
if ($_POST["pass"] != '') {
$user = $_POST["user"];
$pass = $_POST["pass"];
$search = new db_connection();
if ($search->searchUser($user)) {
if ($search->matchPass($user, $pass)) {
//único caso en el que se valida el ingreso
$e = true;
//falso porque no coincide la contraseña
} else {
$e = false;
}
//falso porque no existe el usuario
} else {
$e = false;
}
//falso porque la contraseña está en blanco
} else {
$e = false;
<?php
/**
* Created by PhpStorm.
* User: ae
* Date: 5/1/16
* Time: 00:55
*/
include_once 'classes.php';
//busca si existe el usuario
if (isset($_POST["user"])) {
$user = $_POST["user"];
$e = true;
} else {
$e = false;
}
//agrega usuario
if ($e) {
$remUser = new db_connection();
if ($remUser->removeUser($user)) {
echo 'se borró correctamente';
} else {
echo 'no se borró el usuario o el usuario no existe';
}
}
<?php
session_start();
require_once '../cfg/common.php';
require_once '../cfg/config.php';
$ch = new clean_and_hash();
$bill_title = $ch->clean_all_tags($_POST['bill_title']);
$bill_desc = $ch->clean_all_tags($_POST['bill_description']);
$bill_amount = $ch->clean_all_tags($_POST['bill_amount']);
$start_bill_day = $ch->clean_all_tags($_POST['start_bill_day']);
$date = new DateTime();
$unix_date = $date->getTimestamp();
$bill_id = sha1($_SESSION['mms_logged_uid'] . $unix_date);
$dbconn = new db_connection();
$success_addbill = -1;
$logged_user = $_SESSION['mms_logged_uid'];
$sum_of_all_shares = 0;
$insert_statement = "INSERT into " . expense_details . " (exp_id,expense_title,expense_desc, expense_total,exp_owner,exp_date) values ('" . $bill_id . "','" . $bill_title . "','" . $bill_desc . "'," . $bill_amount . ",'" . $logged_user . "','" . $start_bill_day . "')";
$insert_cmd = $dbconn->query($insert_statement);
if ($insert_cmd) {
$success_addbill = 1;
} else {
$success_addbill = 0;
}
if (isset($_POST['split_frens_check'])) {
$num_of_frens = 1;
$success_fren_add_share = 0;
$failure_fren_add_share = 0;
while (isset($_POST["name{$num_of_frens}"])) {
$fren_name = $ch->clean_all_tags($_POST["name{$num_of_frens}"]);
$fren_share = $ch->clean_all_tags($_POST["share{$num_of_frens}"]);
