Пример #1
0
<?php

//出力をUTF-8に設定
//	mb_http_output ( 'UTF-8' );
require_once "_common.php";
$sObjectKind = $_POST['sObjectKind'];
$sModifyObjectName = $_POST['sModifyObjectName'];
$sSql = $_POST['sSql'];
$sSqlErr = "";
//エスケープ文字変換
$sSql = stripslashes($sSql);
$mysqlLink = dbCon($sDbHostName, $sDbUserName, $sDbPassword, $sDbName);
if ($sModifyObjectName != "" && $sObjectKind != "View") {
    //PROCEDUREとFUNCTIONは、先にDROP文を実行する
    if ($sObjectKind == "Stored Procedure") {
        $sDropSql = "DROP PROCEDURE IF EXISTS " . $sModifyObjectName . ";";
    } else {
        if ($sObjectKind = "Stored Function") {
            $sDropSql = "DROP FUNCTION IF EXISTS " . $sModifyObjectName . ";";
        }
    }
    $rs = mysqli_query($mysqlLink, $sDropSql);
    if (!$rs) {
        $sSqlErr = mysqli_errno($mysqlLink) . ":" . mysqli_error($mysqlLink) . "\n";
    }
}
$rs = mysqli_query($mysqlLink, $sSql);
if (!$rs) {
    $sSqlErr .= mysqli_errno($mysqlLink) . ":" . mysqli_error($mysqlLink);
}
mysqli_close($mysqlLink);
Пример #2
0
<!DOCTYPE html>
<html>
	<head>
		<title>Migrant Help Desk - Home</title>
		<?php 
require 'include/functions.inc';
?>
	</head>

	<body>
		<?php 
require 'include/header.inc';
if (isset($_SESSION['userID'])) {
    header('Location: landing.php');
}
?>

		<div id="content">
			<?php 
$pdo = dbCon();
?>

			<form method='POST' id= 'loginForm' action=login.php name='login' >
				<input class='box' type='text' name='loginEmail' id='loginEmail' placeholder='Email'><br>
				<input class='box' type='password' name='loginPwd' id='loginPwd' placeholder='Password'><br>
				<input type='submit' value='Login'>
			</form>
		</div>
	</body>
</html>
Пример #3
0
<?php

require_once 'hortapp.dbLib.php';
require_once 'hortapp.events.utils.php';
// Short-circuit if the client did not give us a date range.
if (!isset($_POST['start']) || !isset($_POST['end'])) {
    die("Please provide a date range.");
}
$range_start = parseDateTime($_POST['start']);
$range_end = parseDateTime($_POST['end']);
$conexion = dbCon(2);
$res = array();
// sleep(1000);
$sql = "SELECT * FROM events WHERE user = "******"";
/**
*****************************************************************

to-do: add WHERE start > request.start AND start < request.end

start: 2015-05-06
request.start: 2015-05-31
request.end: 2015-07-12

formats compatibles!?
****************************************************************/
if ($events = query_escaped($conexion, $sql)) {
    // echo "into if";
    while ($event = mysqli_fetch_array($events)) {
        $event = new Event($event);
        if ($event->isWithinDayRange($range_start, $range_end)) {
            $res[] = $event->toArray();
Пример #4
0
function getFieldName($sHostName, $sUserName, $sPassword, $sDbName, $sTableName)
{
    $mysqlLink = dbCon($sHostName, $sUserName, $sPassword, $sDbName);
    $rs = mysqli_query($mysqlLink, D_SHOW_COLUMNS . $sTableName);
    if (!$rs) {
        print '<br><br>' . mysqli_errno($mysqlLink) . ':' . mysqli_error($mysqlLink) . '<br><br>';
        die('SQLエラーが発生しました。');
    } else {
        while ($rec = mysqli_fetch_assoc($rs)) {
            $arsName[] = $rec['Field'];
        }
    }
    mysqli_free_result($rs);
    mysqli_close($mysqlLink);
    return $arsName;
}
Пример #5
0
/**
* Return JSON object with all of user's events, with 
* - id
* - parcela
* - title
* - start
* - detalls
* - realitzada
* - user
*
* @param 	int 	$user user id whose events will be returned
*
* @return 	JSON 	 array with events parameters, or error detail if fail.
*/
function getCultius($user)
{
    if ($user == 0) {
        $conexion = dbCon(2);
    } else {
        $conexion = dbCon(1);
    }
    $res = array();
    $cultius = query_escaped($conexion, "SELECT id, planta, data_ini, data_fi, parcela, user FROM cultiu WHERE user = {$user};");
    if (mysqli_num_rows($cultius)) {
        // echo "into if";
        while ($cultiu = mysqli_fetch_array($cultius)) {
            $data_ini = date('d/m/Y', strtotime($cultiu['data_ini']));
            $data_fi = date('d/m/Y', strtotime($cultiu['data_fi']));
            $res[$cultiu['id']] = array('id' => $cultiu['id'], 'planta' => $cultiu['planta'], 'data_ini' => $data_ini, 'data_fi' => $data_fi, 'parcela' => $cultiu['parcela']);
        }
    } else {
        $res["error"] = "No hi ha cultius de l'usuari {$user} a la BBDD";
    }
    mysqli_close($conexion);
    return $res;
}
Пример #6
0
/**
*
* return negative values for errors, 0 for success, and >0 for other 
*
**/
function login($login, $password)
{
    $return = -1;
    //error not captured
    if ($dbAdmin = dbCon(0)) {
        $pas = hash('sha256', mysqli_real_escape_string($dbAdmin, $password));
        $exists = query_escaped($dbAdmin, "SELECT id, login FROM user WHERE login = '******' AND password = '******' LIMIT 1;");
        if (mysqli_num_rows($exists) == 1) {
            $user = mysqli_fetch_assoc($exists);
            if (session_start()) {
                if (isset($_SESSION['login'])) {
                    //error session already started
                    $return = -4;
                } else {
                    $_SESSION['login'] = $user['login'];
                    $_SESSION['id'] = $user['id'];
                    $return = 0;
                    //success login
                }
            } else {
                $return = -5;
                //error session can't be started
            }
        } else {
            $return = -3;
            //usuari no existent
        }
    } else {
        $return = -2;
        //error dbCon
    }
    return $return;
}
Пример #7
0
/**
* Receive validated and password and check it on DB. If success, set $_SESSION parameters and send user's workspace
*
* @param 	string 	$login 		new user's login
* @param 	string 	$password 	new user's password
*
* @return 	int|array 	if success, array with user's workspace. If error, returns [-4, -1]
*/
function login($login, $password)
{
    $return = -1;
    //error not captured
    if ($dbAdmin = dbCon(0)) {
        $pas = hash('sha256', mysqli_real_escape_string($dbAdmin, $password));
        $exists = query_escaped($dbAdmin, "SELECT id, login FROM user WHERE login = '******' AND password = '******' LIMIT 1;");
        if (mysqli_num_rows($exists) == 1) {
            $user = mysqli_fetch_assoc($exists);
            if (isset($_SESSION['login'])) {
                //error session already started
                $return = -4;
            } else {
                $_SESSION['login'] = $user['login'];
                $_SESSION['id'] = $user['id'];
                $return = getUserWS($user['id']);
                //success login
            }
        } else {
            $return = -3;
            //usuari o contrassenya incorrectes o no existents a la BD
        }
        mysqli_close($dbAdmin);
    } else {
        $return = -2;
        //error dbCon
    }
    return $return;
}