function db_logout(&$gc) { if(!$_COOKIE[C_LOGIN_ID]){ return false; } $sql = "DELETE FROM c_company_login "; $sql.= "WHERE login_id = '".f_dbs($_COOKIE[C_LOGIN_ID])."' AND"; $sql.= " user_no = ".$gc->login_user_no; $gc->db->execute($sql); $sql = "SELECT u.user_no, u.company_no, u.password,c.ddir "; $sql.= " FROM m_company_user u"; $sql.= " LEFT JOIN m_company c ON u.company_no=c.company_no"; $sql.= " WHERE u.user_no = '".$gc->login_user_no."'"; $rs = $gc->db->query($sql); if(!$rs->eof){ $gc->cid = $rs->fields["ddir"]; } $rs->free_result(); return true; }
function f_db_like($str, $trim = true) { $s = $str; $s = str_replace("%", "\\%", $s); $s = str_replace("_", "\\_", $s); $s = f_dbs($s, $trim); return $s; }
function db_logout(&$gc) { if(!$_COOKIE[C_LOGIN_ID]){ return false; } $sql = "DELETE FROM c_login "; $sql.= "WHERE login_id = '".f_dbs($_COOKIE[C_LOGIN_ID])."' AND"; $sql.= " user_no = ".$gc->login_user_no; $gc->db->execute($sql); return true; }
function is_zip($gc) { $gc->shikucyouson_no = 0; $sql = "SELECT"; $sql.= " shikucyouson_no "; $sql.= "FROM"; $sql.= " m_zip "; $sql.= "WHERE"; $sql.= " zip = '".f_dbs($_POST["zip1"].$_POST["zip2"])."'"; $rs = $gc->db->query($sql); if(!$rs->eof){ $gc->shikucyouson_no = $rs->fields["shikucyouson_no"]; } $rs->free_result(); return ($gc->shikucyouson_no > 0); }
function db_entry2($gc) { $gc->db->begin_tran(); switch ($_POST["act"]) { case "u": //更新処理 $sql = "UPDATE m_company_user SET"; $sql.= " password = '******',"; $sql.= " ltime = CURRENT_TIMESTAMP "; $sql.= "WHERE"; $sql.= " user_no = ".$gc->user_no; $ret = $gc->db->execute($sql, true); if($ret["errno"] > 0){ $gc->db->rollback(); if(db_set_errmsg($gc, $ret["errno"], $ret["error"])){ return false; }else{ die('update error'); } } break; } $gc->db->commit(); return true; }
function db_entry($gc) { $gc->db->begin_tran(); //コメント更新処理 $sql = "UPDATE propertylist SET"; $sql.= " comment = '".f_dbs($_POST["comment"])."',"; $sql.= "latlon = GeomFromText('POINT($gc->lon $gc->lat)'),"; $sql.= " direction = ".f_num_edit_db($_POST["direction"]).","; $sql.= " pitch = ".f_num_edit_db($_POST["pitch"]).","; $sql.= " zoom = ".f_num_edit_db($_POST["zoom"]).","; $sql.= " ltime = CURRENT_TIMESTAMP "; $sql.= "WHERE"; $sql.= " property_no = ".f_num_edit_db($gc->property_no); $ret = $gc->db->execute($sql, true); if($ret["errno"] > 0){ $gc->db->rollback(); if(db_set_errmsg($gc, $ret["errno"], $ret["error"])){ return false; }else{ die('update error'); } } $gc->db->commit(); return true; }
function sql_text_create_l($gc) { $base_sql = "SELECT SQL_CALC_FOUND_ROWS"; $base_sql .= " t.company_no,c.company_nm,c.company_sh,c.company_kbn,c.todoufuken_no,c.add1,c.jyougen,c3.c_mukou_flg, "; $base_sql .= " sum(t.light_flg) as s_l,"; $base_sql .= " case when k.s_kk > 0 then k.s_kk else sum(t.tesuryou) end as s_t,"; $base_sql .= " sum(t.tesuryou) as s_t2,"; $base_sql .= " COALESCE(srl.cnt,0) as sr_l,"; $base_sql .= " COALESCE(sr1.cnt,0) as sr_1,"; $base_sql .= " COALESCE(sr2.cnt,0) as sr_2,"; $base_sql .= " COALESCE(sr3.cnt,0) as sr_3,"; $base_sql .= " COALESCE(sr4.cnt,0) as sr_4,"; $base_sql .= " case when t.kotei_flg > 0 then t.kotei_flg else 0 end as s_k,"; $base_sql .= " DATE_FORMAT(t.moushikomibi, '%Y%m') as m_d,"; $base_sql .= " k.kingaku as c_k "; $base_sql .= "FROM t_tesuryou as t "; $base_sql .= "INNER JOIN t_item i ON t.item_no = i.item_no "; $base_sql .= "LEFT JOIN"; $base_sql .= " t_item_company as c3 "; $base_sql .= "ON "; $base_sql .= " (t.company_no = c3.company_no and t.item_no = c3.item_no) "; $base_sql .= "left join"; $base_sql .= " (select tt1.company_no,count(tt1.company_no) as cnt from t_tesuryou tt1 right join t_item_company ic1 on ic1.company_no=tt1.company_no and ic1.item_no=tt1.item_no where tt1.light_flg > 0 and ic1.c_mukou_flg=0 and DATE_FORMAT(tt1.moushikomibi,'%Y%m%d') BETWEEN '" . $gc->mbif . "' AND '" . $gc->mbit . "' group by tt1.company_no) srl on srl.company_no=t.company_no "; $base_sql .= "left join "; $base_sql .= "(select tt1.company_no,count(tt1.company_no) as cnt from t_tesuryou tt1 right join t_item_company ic1 on ic1.company_no=tt1.company_no and ic1.item_no=tt1.item_no where tt1.rank_no = 1 and tt1.light_flg = 0 and ic1.c_mukou_flg=0 and DATE_FORMAT(tt1.moushikomibi,'%Y%m%d') BETWEEN '" . $gc->mbif . "' AND '" . $gc->mbit . "' group by tt1.company_no) sr1 on sr1.company_no=t.company_no "; $base_sql .= "left join "; $base_sql .= " (select tt1.company_no,count(tt1.company_no) as cnt from t_tesuryou tt1 right join t_item_company ic1 on ic1.company_no=tt1.company_no and ic1.item_no=tt1.item_no where tt1.rank_no = 2 and tt1.light_flg = 0 and ic1.c_mukou_flg=0 and DATE_FORMAT(tt1.moushikomibi,'%Y%m%d') BETWEEN '" . $gc->mbif . "' AND '" . $gc->mbit . "' group by tt1.company_no) sr2 on sr2.company_no=t.company_no "; $base_sql .= "left join "; $base_sql .= " (select tt1.company_no,count(tt1.company_no) as cnt from t_tesuryou tt1 right join t_item_company ic1 on ic1.company_no=tt1.company_no and ic1.item_no=tt1.item_no where tt1.rank_no = 3 and tt1.light_flg = 0 and ic1.c_mukou_flg=0 and DATE_FORMAT(tt1.moushikomibi,'%Y%m%d') BETWEEN '" . $gc->mbif . "' AND '" . $gc->mbit . "' group by tt1.company_no) sr3 on sr3.company_no=t.company_no "; $base_sql .= "left join "; $base_sql .= " (select tt1.company_no,count(tt1.company_no) as cnt from t_tesuryou tt1 right join t_item_company ic1 on ic1.company_no=tt1.company_no and ic1.item_no=tt1.item_no where tt1.rank_no = 4 and tt1.light_flg = 0 and ic1.c_mukou_flg=0 and DATE_FORMAT(tt1.moushikomibi,'%Y%m%d') BETWEEN '" . $gc->mbif . "' AND '" . $gc->mbit . "' group by tt1.company_no) sr4 on sr4.company_no=t.company_no "; $base_sql .= "left join m_company c on c.company_no=t.company_no "; $base_sql .= "left join (select company_no,sum(kingaku) as s_kk,kingaku from t_kotei where date=DATE_FORMAT('" . $gc->mbif . "', '%Y%m') or date=DATE_FORMAT('" . $gc->mbit . "', '%Y%m') group by company_no) k ON t.company_no = k.company_no"; $base_sql .= " WHERE 0 = 0 and DATE_FORMAT(t.moushikomibi,'%Y%m%d') BETWEEN '" . $gc->mbif . "' AND '" . $gc->mbit . "'"; $base_sql .= " AND i.mukou_flg = 0 "; $base_sql .= " AND c3.c_mukou_flg = 0 "; if ($gc->relocation_flg == 1) { $base_sql .= " AND c.relocation_flg = 1 "; } switch ($gc->company_kbn) { case 1: //大手 $base_sql .= "AND c.company_kbn = 1 "; break; case 2: //地場 $base_sql .= "AND c.company_kbn = 2 "; break; } if (is_numeric($gc->company_no)) { $base_sql .= "AND c.company_no = " . $gc->company_no . " "; } if (strlen($gc->company_sh) > 0) { $base_sql .= "AND c.company_sh = '" . f_dbs($gc->company_sh) . "' "; } if (is_numeric($gc->todoufuken_no)) { $base_sql .= "AND c.todoufuken_no = " . $gc->todoufuken_no . " "; } $base_sql .= " group by t.company_no"; return $base_sql; }
function db_entry($gc) { $gc->db->begin_tran(); $zip = $_POST["zip1"]."-".$_POST["zip2"]; if (!preg_match("/^\d{3}\-\d{4}$/", $zip)) { $zip = ""; } $sk_zip = $_POST["sk_zip1"]."-".$_POST["sk_zip2"]; if (!preg_match("/^\d{3}\-\d{4}$/", $sk_zip)) { $sk_zip = ""; } switch ($_POST["act"]) { case "i": //新規追加処理 $sql = "INSERT INTO m_company ("; $sql.= " company_nm,"; $sql.= " company_sh,"; $sql.= " company_kn,"; $sql.= " company_kbn,"; $sql.= " tantou,"; $sql.= " tel,"; $sql.= " fax,"; $sql.= " e_mail,"; $sql.= " e_mail_2,"; $sql.= " e_mail_3,"; $sql.= " e_mail_4,"; $sql.= " e_mail_5,"; $sql.= " e_mail_6,"; $sql.= " e_mail_7,"; $sql.= " e_mail_8,"; $sql.= " e_mail_9,"; $sql.= " e_mail_10,"; $sql.= " url,"; $sql.= " zip,"; $sql.= " todoufuken_no,"; $sql.= " add1,"; $sql.= " add2,"; $sql.= " sk_zip,"; $sql.= " sk_todoufuken_no,"; $sql.= " sk_add1,"; $sql.= " sk_add2,"; $sql.= " sk_jigyoubu,"; $sql.= " sk_tantou,"; $sql.= " jyougen,"; $sql.= " light_flg,"; $sql.= " kingaku_light,"; $sql.= " kingaku_kotei,"; $sql.= " kakuritsu,"; //$sql.= " chintai_flg,"; //$sql.= " relocation_flg,"; $sql.= " chintai_flg,"; $sql.= " chintai_ritu,"; $sql.= " relocation_flg,"; $sql.= " relocation_ritu,"; $sql.= " sublease_flg,"; $sql.= " sublease_ritu,"; $sql.= " comment,"; $sql.= " plan_flg,"; $sql.= " light_ritu,"; $sql.= " display_flg,"; $sql.= " buken_mansion_flg,"; $sql.= " buken_kodate_flg,"; $sql.= " buken_ittou_flg,"; $sql.= " keisai_flg,"; $sql.= " keisai_logo_flg,"; $sql.= " keisai_comment_flg,"; $sql.= " ddir,"; $sql.= " ltime"; $sql.= ") VALUES ("; $sql.= "'".f_dbs($_POST["company_nm"])."',"; $sql.= "'".f_dbs($_POST["company_sh"])."',"; $sql.= "'".f_dbs($_POST["company_kn"])."',"; $sql.= f_num_edit_db($_POST["company_kbn"], 0).","; $sql.= "'".f_dbs($_POST["tantou"])."',"; $sql.= "'".f_dbs($_POST["tel"])."',"; $sql.= "'".f_dbs($_POST["fax"])."',"; $sql.= "'".f_dbs($_POST["e_mail"])."',"; $sql.= "'".f_dbs($_POST["e_mail_2"])."',"; $sql.= "'".f_dbs($_POST["e_mail_3"])."',"; $sql.= "'".f_dbs($_POST["e_mail_4"])."',"; $sql.= "'".f_dbs($_POST["e_mail_5"])."',"; $sql.= "'".f_dbs($_POST["e_mail_6"])."',"; $sql.= "'".f_dbs($_POST["e_mail_7"])."',"; $sql.= "'".f_dbs($_POST["e_mail_8"])."',"; $sql.= "'".f_dbs($_POST["e_mail_9"])."',"; $sql.= "'".f_dbs($_POST["e_mail_10"])."',"; $sql.= "'".f_dbs($_POST["url"])."',"; $sql.= "'".f_dbs($zip)."',"; $sql.= f_num_edit_db($_POST["todoufuken_no"]).","; $sql.= "'".f_dbs($_POST["add1"])."',"; $sql.= "'".f_dbs($_POST["add2"])."',"; $sql.= "'".f_dbs($sk_zip)."',"; $sql.= f_num_edit_db($_POST["sk_todoufuken_no"]).","; $sql.= "'".f_dbs($_POST["sk_add1"])."',"; $sql.= "'".f_dbs($_POST["sk_add2"])."',"; $sql.= "'".f_dbs($_POST["sk_jigyoubu"])."',"; $sql.= "'".f_dbs($_POST["sk_tantou"])."',"; $sql.= f_num_edit_db($_POST["jyougen"], 0).","; $sql.= f_bool_edit_db($_POST["light_flg"], 0).","; $sql.= f_num_edit_db($_POST["kingaku_light"], 0).","; $sql.= f_num_edit_db($_POST["kingaku_kotei"], 0).","; $sql.= f_num_edit_db($_POST["kakuritsu"], 0).","; //$sql.= f_bool_edit_db($_POST["chintai_flg"], 0).","; //$sql.= f_bool_edit_db($_POST["relocation_flg"], 0).","; $sql.= f_bool_edit_db($_POST["chintai_flg"], 0).","; $sql.= f_num_edit_db($_POST["chintai_ritu"], 0).","; $sql.= f_bool_edit_db($_POST["relocation_flg"], 0).","; $sql.= f_num_edit_db($_POST["relocation_ritu"], 0).","; $sql.= f_bool_edit_db($_POST["sublease_flg"], 0).","; $sql.= f_num_edit_db($_POST["sublease_ritu"], 0).","; $sql.= "'".f_dbs($_POST["comment"])."',"; $sql.= f_num_edit_db($_POST["plan_flg"], 0).","; $sql.= f_num_edit_db($_POST["light_ritu"], 0).","; $sql.= f_num_edit_db($_POST["display_flg"], 0).","; $sql.= f_bool_edit_db($_POST["buken_mansion_flg"], 0).","; $sql.= f_bool_edit_db($_POST["buken_kodate_flg"], 0).","; $sql.= f_bool_edit_db($_POST["buken_ittou_flg"], 0).","; $sql.= f_bool_edit_db($_POST["keisai_flg"], 0).","; $sql.= f_bool_edit_db($_POST["keisai_logo_flg"], 0).","; $sql.= f_bool_edit_db($_POST["keisai_comment_flg"], 0).","; $sql.= "'".f_dbs(f_get_random_str())."',"; $sql.= "CURRENT_TIMESTAMP)"; $ret = $gc->db->execute($sql, true); if($ret["errno"] > 0){ $gc->db->rollback(); if(db_set_errmsg($gc, $ret["errno"], $ret["error"])){ return false; }else{ die('insert error '.$sql); } } $gc->company_no = $gc->db->get_last_id(); if (strlen($gc->img_tmp_nm)>0 and $gc->img_del!="y") { fimg_tmp_rename($gc->img_tmp_nm, $gc->company_no, "logo/"); fimg_copy($gc->company_no, "logo/"); } break; case "u": //更新処理 $sql = "UPDATE m_company SET"; $sql.= " company_nm = '".f_dbs($_POST["company_nm"])."',"; $sql.= " company_sh = '".f_dbs($_POST["company_sh"])."',"; $sql.= " company_kn = '".f_dbs($_POST["company_kn"])."',"; $sql.= " company_kbn = ".f_num_edit_db($_POST["company_kbn"], 0).","; $sql.= " tantou = '".f_dbs($_POST["tantou"])."',"; $sql.= " tel = '".f_dbs($_POST["tel"])."',"; $sql.= " fax = '".f_dbs($_POST["fax"])."',"; $sql.= " e_mail = '".f_dbs($_POST["e_mail"])."',"; $sql.= " e_mail_2 = '".f_dbs($_POST["e_mail_2"])."',"; $sql.= " e_mail_3 = '".f_dbs($_POST["e_mail_3"])."',"; $sql.= " e_mail_4 = '".f_dbs($_POST["e_mail_4"])."',"; $sql.= " e_mail_5 = '".f_dbs($_POST["e_mail_5"])."',"; $sql.= " e_mail_6 = '".f_dbs($_POST["e_mail_6"])."',"; $sql.= " e_mail_7 = '".f_dbs($_POST["e_mail_7"])."',"; $sql.= " e_mail_8 = '".f_dbs($_POST["e_mail_8"])."',"; $sql.= " e_mail_9 = '".f_dbs($_POST["e_mail_9"])."',"; $sql.= " e_mail_10 = '".f_dbs($_POST["e_mail_10"])."',"; $sql.= " url = '".f_dbs($_POST["url"])."',"; $sql.= " zip = '".f_dbs($zip)."',"; $sql.= " todoufuken_no = ".f_num_edit_db($_POST["todoufuken_no"]).","; $sql.= " add1 = '".f_dbs($_POST["add1"])."',"; $sql.= " add2 = '".f_dbs($_POST["add2"])."',"; $sql.= " sk_zip = '".f_dbs($sk_zip)."',"; $sql.= " sk_todoufuken_no = ".f_num_edit_db($_POST["sk_todoufuken_no"]).","; $sql.= " sk_add1 = '".f_dbs($_POST["sk_add1"])."',"; $sql.= " sk_add2 = '".f_dbs($_POST["sk_add2"])."',"; $sql.= " sk_jigyoubu = '".f_dbs($_POST["sk_jigyoubu"])."',"; $sql.= " sk_tantou = '".f_dbs($_POST["sk_tantou"])."',"; $sql.= " jyougen = ".f_num_edit_db($_POST["jyougen"], 0).","; $sql.= " light_flg = ".f_bool_edit_db($_POST["light_flg"], 0).","; $sql.= " kingaku_light = ".f_num_edit_db($_POST["kingaku_light"], 0).","; $sql.= " kingaku_kotei = ".f_num_edit_db($_POST["kingaku_kotei"], 0).","; $sql.= " kakuritsu = ".f_num_edit_db($_POST["kakuritsu"], 0).","; //$sql.= " chintai_flg = ".f_bool_edit_db($_POST["chintai_flg"], 0).","; //$sql.= " relocation_flg = ".f_bool_edit_db($_POST["relocation_flg"], 0).","; $sql.= " chintai_flg = ".f_bool_edit_db($_POST["chintai_flg"], 0).","; $sql.= " chintai_ritu = ".f_num_edit_db($_POST["chintai_ritu"], 0).","; $sql.= " relocation_flg = ".f_bool_edit_db($_POST["relocation_flg"], 0).","; $sql.= " relocation_ritu = ".f_num_edit_db($_POST["relocation_ritu"], 0).","; $sql.= " sublease_flg = ".f_bool_edit_db($_POST["sublease_flg"], 0).","; $sql.= " sublease_ritu = ".f_num_edit_db($_POST["sublease_ritu"], 0).","; $sql.= " comment = '".f_dbs($_POST["comment"])."',"; $sql.= " plan_flg = ".f_num_edit_db($_POST["plan_flg"], 0).","; $sql.= " light_ritu = ".f_num_edit_db($_POST["light_ritu"], 0).","; $sql.= " display_flg = ".f_num_edit_db($_POST["display_flg"], 0).","; $sql.= " buken_mansion_flg = ".f_bool_edit_db($_POST["buken_mansion_flg"], 0).","; $sql.= " buken_kodate_flg = ".f_bool_edit_db($_POST["buken_kodate_flg"], 0).","; $sql.= " buken_ittou_flg = ".f_bool_edit_db($_POST["buken_ittou_flg"], 0).","; $sql.= " keisai_flg = ".f_bool_edit_db($_POST["keisai_flg"], 0).","; $sql.= " keisai_logo_flg = ".f_bool_edit_db($_POST["keisai_logo_flg"], 0).","; $sql.= " keisai_comment_flg = ".f_bool_edit_db($_POST["keisai_comment_flg"], 0).","; $sql.= " ltime = CURRENT_TIMESTAMP "; $sql.= "WHERE"; $sql.= " company_no = ".$gc->company_no; $ret = $gc->db->execute($sql, true); if($ret["errno"] > 0){ $gc->db->rollback(); if(db_set_errmsg($gc, $ret["errno"], $ret["error"])){ return false; }else{ die('update error'); } } if ($gc->img_del=="y") { fimg_delete($gc->img_nm, "logo/"); }else{ if (strlen($gc->img_tmp_nm)>0) { fimg_delete($gc->img_nm, "logo/"); fimg_tmp_rename($gc->img_tmp_nm, $gc->company_no, "logo/"); fimg_copy($gc->company_no, "logo/"); } } break; } $ret = edit_kotei($gc,$_POST["kingaku_kotei"]); $ret = update_tesuryo($gc,$_POST["kingaku_kotei"],$_POST["kingaku_light"]); if($ret["errno"] > 0){ $gc->db->rollback(); if(db_set_errmsg($gc, $ret["errno"], $ret["error"])){ return false; }else{ die('SQL error'); } } $gc->db->commit(); return true; }
function db_entry($gc) { $gc->db->begin_tran(); //新規追加処理 $sql = "INSERT INTO t_ads ("; $sql .= " company_nm,"; $sql .= " busyo_nm,"; $sql .= " lname,"; $sql .= " fname,"; $sql .= " lname_kn,"; $sql .= " fname_kn,"; $sql .= " e_mail,"; $sql .= " tel,"; $sql .= " naiyou,"; $sql .= " otoiawasebi,"; $sql .= " ltime"; $sql .= ") VALUES ("; $sql .= "'" . f_dbs($_POST["company_nm"]) . "',"; $sql .= "'" . f_dbs($_POST["busyo_nm"]) . "',"; $sql .= "'" . f_dbs($_POST["lname"]) . "',"; $sql .= "'" . f_dbs($_POST["fname"]) . "',"; $sql .= "'" . f_dbs($_POST["lname_kn"]) . "',"; $sql .= "'" . f_dbs($_POST["fname_kn"]) . "',"; $sql .= "'" . f_dbs($_POST["e_mail"]) . "',"; $sql .= "'" . f_dbs($_POST["tel1"] . "-" . $_POST["tel2"] . "-" . $_POST["tel3"]) . "',"; $sql .= "'" . f_dbs($_POST["naiyou"]) . "',"; $sql .= "CURRENT_TIMESTAMP,"; $sql .= "CURRENT_TIMESTAMP)"; $ret = $gc->db->execute($sql, true); if ($ret["errno"] > 0) { $gc->db->rollback(); $gc->msg->add($sql . "大変申し訳ございません申し込みができませんでした。"); return false; } $gc->ads_no = $gc->db->get_last_id(); $gc->db->commit(); send_mail($gc); return true; }
function checkinsert($gc, $property_nm, $todoufuken_nm, $shikucyouson_nm, $town_nm, $address, $rent){ $sql =" SELECT no"; $sql.=" FROM propertydetail "; $sql.=" WHERE"; $sql.=" property_nm = '".f_dbs($property_nm)."'"; $sql.=" AND todoufuken_nm = '".f_dbs($todoufuken_nm)."'"; $sql.=" AND shikucyouson_nm = '".f_dbs($shikucyouson_nm)."'"; $sql.=" AND town_nm = '".f_dbs($town_nm)."'"; $sql.=" AND address = '".f_dbs($address)."'"; $sql.=" AND rent = ".f_num_edit_db($rent); $rs = $gc->db->query($sql); if(!$rs->eof){ return false; } $rs->free_result(); return true; }
function checkinsert($gc, $company_no, $shikucyouson_no){ $sql =" SELECT company_no"; $sql.=" FROM m_company_area "; $sql.=" WHERE"; $sql.=" company_no = '".f_dbs($company_no)."'"; $sql.=" AND shikucyouson_no = '".f_dbs($shikucyouson_no)."'"; $rs = $gc->db->query($sql); if(!$rs->eof){ return false; } $rs->free_result(); return true; }
function user_check($gc, $user_id, $user_password) { $sql = "SELECT user_no, password "; $sql.= " FROM m_user"; $sql.= " WHERE user_id = '".f_dbs($user_id)."'"; $rs = $gc->db->query($sql); if(!$rs->eof){ $gc->user_no = $rs->fields["user_no"]; // c_login INSET時に使用 $password = $rs->fields["password"]; } $rs->free_result(); if($password!=$user_password) { return false; } return true; }
function user_check($gc, $user_id, $user_password) { $sql = "SELECT u.user_no, u.company_no, u.password "; $sql.= " FROM m_company_user u"; $sql.= " LEFT JOIN m_company c ON u.company_no=c.company_no"; $sql.= " WHERE u.user_id = '".f_dbs($user_id)."' and c.ddir='".f_dbs($gc->cid)."'"; $rs = $gc->db->query($sql); if(!$rs->eof){ $gc->user_no = $rs->fields["user_no"]; // c_login INSET時に使用 $gc->company_no = $rs->fields["company_no"]; // c_login INSET時に使用 $password = $rs->fields["password"]; } $rs->free_result(); if($password!=$user_password) { return false; } return true; }
function fdb_company_login_check($gc) { //------------------------------------------------- // 企業用ログインチェック //------------------------------------------------- $gc->login_user_no = 0; if ($_GET[C_LOGIN_ID]) { $sql = "SELECT"; $sql .= " user_no "; $sql .= "FROM"; $sql .= " c_company_login "; $sql .= "WHERE"; $sql .= " login_id = '" . f_dbs($_GET[C_LOGIN_ID]) . "'"; } if ($_POST[C_LOGIN_ID]) { $sql = "SELECT"; $sql .= " user_no "; $sql .= "FROM"; $sql .= " c_company_login "; $sql .= "WHERE"; $sql .= " login_id = '" . f_dbs($_POST[C_LOGIN_ID]) . "'"; } if ($_COOKIE[C_LOGIN_ID]) { $sql = "SELECT"; $sql .= " user_no "; $sql .= "FROM"; $sql .= " c_company_login "; $sql .= "WHERE"; $sql .= " login_id = '" . f_dbs($_COOKIE[C_LOGIN_ID]) . "'"; } if (empty($sql)) { return false; } $rs = $gc->db->query($sql); if (!$rs->eof) { $gc->login_user_no = $rs->fields["user_no"]; $gc->login_user_nm = fdb_get_name($gc, "m_company_user", "user_nm", "user_no", $gc->login_user_no); $gc->login_company_no = fdb_get_name($gc, "m_company_user", "company_no", "user_no", $gc->login_user_no); $sql = "UPDATE m_company_user SET"; $sql .= " last_login_time = CURRENT_TIMESTAMP,"; $sql .= " ltime = CURRENT_TIMESTAMP "; $sql .= "WHERE"; $sql .= " user_no = " . $gc->login_user_no; $gc->db->execute($sql); } $rs->free_result(); if ($gc->login_user_no > 0) { return true; } else { return false; } }
function db_entry($gc) { $gc->db->begin_tran(); $sql = "DELETE FROM"; $sql.= " w_area2 "; $ret = $gc->db->execute($sql, true); if($ret["errno"] > 0){ $gc->db->rollback(); die('delete error'); } $contents = file(C_KEN_ALL_FILE); $row = 0; foreach($contents as $line){ $row++; $line = mb_ereg_replace("\n", "", $line); $line = mb_ereg_replace("\r", "", $line); $item = explode(",", $line); $sql = "INSERT INTO w_area2 ("; $sql.= " code,"; $sql.= " old_zip,"; $sql.= " zip,"; $sql.= " todoufuken_kn,"; $sql.= " shikucyouson_kn,"; $sql.= " chouiki_kn,"; $sql.= " todoufuken_nm,"; $sql.= " shikucyouson_nm,"; $sql.= " chouiki_nm,"; $sql.= " flg1,"; $sql.= " flg2,"; $sql.= " flg3,"; $sql.= " flg4,"; $sql.= " flg5,"; $sql.= " flg6"; $sql.= ") VALUES ("; $cnt = count($item); for ($col = 0; $col < $cnt; $col++) { if(substr($item[$col], 0, 1)=="\"" and substr($item[$col], -1, 1)=="\""){ $data = trim($item[$col], "\""); }else{ $data = $item[$col]; } if($col == ($cnt - 1) ){ $sql.= "'".f_dbs($data)."')"; }else{ $sql.= "'".f_dbs($data)."',"; } } $ret = $gc->db->execute($sql, true); if($ret["errno"] > 0){ $gc->db->rollback(); die('insert error'); } } echo $row; $gc->db->commit(); }
function db_entry($gc) { $gc->db->begin_tran(); switch ($_POST["act"]) { case "i": //新規追加処理 $sql = "INSERT INTO m_company_user ("; $sql.= " company_no,"; $sql.= " user_nm,"; $sql.= " user_kn,"; $sql.= " user_id,"; $sql.= " password,"; $sql.= " e_mail,"; $sql.= " auth,"; $sql.= " ltime"; $sql.= ") VALUES ("; $sql.= "'".f_dbs($_POST["company_no"])."',"; $sql.= "'".f_dbs($_POST["user_nm"])."',"; $sql.= "'".f_dbs($_POST["user_kn"])."',"; $sql.= "'".f_dbs($_POST["user_id"])."',"; $sql.= "'".f_dbs($_POST["password"])."',"; $sql.= "'".f_dbs($_POST["e_mail"])."',"; $sql.= "'".f_dbs(check_auth($gc))."',"; $sql.= "CURRENT_TIMESTAMP)"; $ret = $gc->db->execute($sql, true); if($ret["errno"] > 0){ $gc->db->rollback(); if(db_set_errmsg($gc, $ret["errno"], $ret["error"])){ return false; }else{ die('insert error'); } } $gc->user_no = $gc->db->get_last_id(); break; case "u": //更新処理 $sql = "UPDATE m_company_user SET"; $sql.= " user_nm = '".f_dbs($_POST["user_nm"])."',"; $sql.= " user_kn = '".f_dbs($_POST["user_kn"])."',"; $sql.= " user_id = '".f_dbs($_POST["user_id"])."',"; $sql.= " password = '******',"; $sql.= " e_mail = '".f_dbs($_POST["e_mail"])."',"; $sql.= " ltime = CURRENT_TIMESTAMP "; $sql.= "WHERE"; $sql.= " user_no = ".$gc->user_no; $ret = $gc->db->execute($sql, true); if($ret["errno"] > 0){ $gc->db->rollback(); if(db_set_errmsg($gc, $ret["errno"], $ret["error"])){ return false; }else{ die('update error'); } } break; } $gc->db->commit(); return true; }