function isFriendDB($user_id, $friend_id) { // Usar global UNICAMENTE para esta variable global $BD; $query = "SELECT * FROM friends WHERE (id_amigo1='" . $BD->real_escape_string($user_id) . "'\n and id_amigo2='" . $BD->real_escape_string($friend_id) . "')"; $exito = false; if ($resultado = $BD->query($query)) { if ($resultado->num_rows == 0) { $exito = false; } else { $exito = true; } } cierraConsultas(); return $exito; }
function finalizar_Compra() { global $BD; $mercha = recuperar_productos(); $user = $_SESSION['usuario']; $id_user = dameID($user); $sql = "INSERT INTO orders (id_user) VALUES ('{$id_user}')"; if ($resultado = $BD->query($sql)) { $id_pedido = $BD->insert_id; foreach ($mercha as $producto) { $id_merchandising = $producto['id_merchandising']; $cantidad = $producto['unidades']; $sql2 = "INSERT INTO details_order (id_order, id_merchandising, cantidad) VALUES('{$id_pedido}','{$id_merchandising}','{$cantidad}')"; $resultado = $BD->query($sql2); } $precio = $_SESSION["totalcoste"]; $query = "UPDATE orders set precio = '" . $precio . "' where id_order ='" . $id_pedido . "'"; $resultado = $BD->query($query); } unset($_SESSION['carro']); cierraConsultas(); }
function searchContenido($busqueda) { global $BD; $query = "SELECT * from content \n\t\t\t\t\twhere titulo LIKE '%" . $busqueda . "%' or descripcion LIKE '%" . $busqueda . "%' \n\t\t\t\t\t\tor sinopsis LIKE '%" . $busqueda . "%'"; $exito = false; $contenido = array(); $i = 0; if ($resultado = $BD->query($query)) { while ($content = $resultado->fetch_assoc()) { $contenido[$i] = array(); $contenido[$i++] = $content; } } cierraConsultas(); return $contenido; }
function dameFilasMercha($search) { global $BD; $query = "SELECT * \n\t\t\t\tFROM merchandising \n\t\t\t\tWHERE nombre LIKE '%" . $search . "%'\n\t\t\t\t\tOR descripcion LIKE '%" . $search . "%'\n\t\t\t\t\tOR proveedor LIKE '%" . $search . "%'"; $exito = false; $exito = $BD->query($query); cierraConsultas(); return $exito->num_rows; }
function dameCommentsMercha($id_mercha) { global $BD; $query = "SELECT id_comment FROM comments_merchandising WHERE id_merchansing\t='" . $BD->real_escape_string($id_mercha) . "'"; $array1 = array(); $array2 = array(); if ($resultado = $BD->query($query)) { $h = 0; while ($arr = $resultado->fetch_array()) { $array1[$h++] = $arr["id_comment"]; } $h = 0; foreach ($array1 as $id_comment) { $query2 = "SELECT * FROM comments WHERE id_comment='" . $BD->real_escape_string($id_comment) . "'"; $result2 = $BD->query($query2); while ($comentarios = $result2->fetch_assoc()) { $array2[$h++] = $comentarios; } } } cierraConsultas(); return $array2; }
function insertRatingMerchandising($id_user, $nombre, $rating) { global $BD; $id_mercha = dameIDMercha($nombre); $sql = "insert into merchandising_ratings (id_user,id_merchandising,rating) values ({$id_user},{$id_mercha},{$rating}) "; $result = $BD->query($sql); echo $sql; cierraConsultas(); }
function dameFilasUsuarios($search) { global $BD; $query = "SELECT * \n\t\t\t\tFROM users \n\t\t\t\tWHERE username LIKE '%" . $search . "%'\n\t\t\t\t\tOR nombre LIKE '%" . $search . "%'\n\t\t\t\t\tOR apellidos LIKE '%" . $search . "%'\n\t\t\t\t\tOR email LIKE '%" . $search . "%'\n\t\t\t\t\tOR descripcion LIKE '%" . $search . "%'"; $exito = false; $exito = $BD->query($query); cierraConsultas(); return $exito->num_rows; }