Пример #1
0
function BottomPanel()
{
    global $table, $lines, $count;
    $sql = "SELECT COUNT(*) AS count FROM " . $table;
    $count_select = MakeSelection($sql);
    $count = $count_select[0]["count"];
    if (isset($_GET["banid"])) {
        $sql = "UPDATE " . $table . " SET unbantime = -1 WHERE banid = " . $_GET['banid'] . "";
        MakeSelection($sql);
    }
    if (isset($_GET["page"])) {
        $p = ($_GET["page"] - 1) * $lines;
    } else {
        $p = 0;
    }
    if ($_GET["search"] == "") {
        $sql = "SELECT * FROM " . $table . " ORDER BY banid DESC LIMIT " . $p . ", " . $lines;
    } else {
        $search = mysql_escape_string($_GET["search"]);
        $sql = "SELECT * FROM " . $table . " WHERE ip LIKE '%" . $search . "%' OR banname LIKE '%" . $search . "%' OR name LIKE '%" . $search . "%' OR sid LIKE '%" . $search . "%' ORDER BY banid DESC LIMIT " . $p . ", " . $lines;
    }
    $users = MakeSelection($sql);
    //Печатаем резальтат
    PrintResult($users);
}
Пример #2
0
function PrintAccountInfoByUSERNAME($username, $OnMainPage)
{
    $SQL = "SELECT user.Name, user.FirstName, user.LastName, user.Password, user.IMGURL, user.Birthday, user.Text, user.Sex FROM user WHERE user.Name = '" . $username . "'";
    $MyUserInfoResult = mysql_query($SQL);
    $MyUserInfo = mysql_fetch_array($MyUserInfoResult);
    PrintResult($MyUserInfo[0], $MyUserInfo[4], $MyUserInfo[1], $MyUserInfo[2], $MyUserInfo[6], $MyUserInfo[7], "", $OnMainPage);
}
Пример #3
0
function SendResponse($QueryType, $index, $type = 'empty', $message = 'empty')
{
    $con = mysqli_connect(HOST, USR, PSWD, DB);
    if ($QueryType == 'add' || $QueryType == 'remove' || $QueryType == 'update') {
        $query = AddParams($QueryType, $index);
        $log;
        $Ltype;
        if (!mysqli_query($con, $query)) {
            $log = 'esecuzione query(' . $query . ') fallita : ' . mysqli_error($con);
            $Ltype = 'qerr';
        } else {
            $log = $query;
            $Ltype = 'query';
        }
        //aggiorno i record visualizzati chiamando nuovamente la funzione con querytype = 1
        $QueryType = 'load';
        SendResponse($QueryType, $index, $Ltype, $log);
    } else {
        $query = AddParams($QueryType, $index);
        $result = mysqli_query($con, $query);
        $log;
        $Ltype;
        if ($result) {
            if ($message == 'empty') {
                $log = $query;
                $Ltype = 'query';
            } else {
                $log = $message;
                $Ltype = $type;
            }
        } else {
            if ($message == 'empty') {
                $log = 'esecuzione query (' . $query . ') fallita : ' . mysqli_error($con) . '</p>';
                $Ltype = 'qerr';
            } else {
                $log = $message;
                $Ltype = $type;
            }
        }
        PrintResult($result, $log, $Ltype, $index);
    }
    mysqli_close($con);
}
Пример #4
0
        $result = mysql_query($SQL);
        $USERuid = mysql_insert_id();
        $SQL = "INSERT INTO friends (FirstPersonID, SecondPersonID, FirstConfirm, SecondConfirm) VALUES (" . $USERuid . ", " . $USERuid . ", 1, 1)";
        $result = mysql_query($SQL);
        $SQL = "UPDATE user SET user.Password = '******' WHERE user.UID = " . $USERuid;
        $MyUpdate = mysql_query($SQL);
        $SQL = "INSERT INTO twoweeks (EvenWeekID, OddWeekID, OtherWeekID) VALUES (9, 9, 9)";
        $result = mysql_query($SQL);
        $uid = mysql_insert_id();
        $SQL = "SELECT user.UID FROM user WHERE user.Name = '" . $name . "'";
        $result = mysql_query($SQL);
        $row2 = mysql_fetch_array($result);
        $SQL = "INSERT INTO uw (UserID, TwoWeeksID) VALUES ('" . $row2[0] . "', " . $uid . ")";
        $result = mysql_query($SQL);
        mysql_close($dbLink);
        $_SESSION['psw'] = $psw . $USERuid;
        $_SESSION['name'] = $name;
    }
    echo '<div id = "urlTitleForm" style = "margin-bottom:-40px;color:red;">Внимание! Oт съображение за сигурност паролата ви е ';
    for ($counter = 1; $counter <= strlen($psw); $counter++) {
        echo '●';
    }
    echo $USERuid . '</div>';
    PrintResult($name, $IMGURL, $FirstName, $LastName, $Text, $Error);
}
?>
 
</div>
</div>
</body>
</html>