static function offline_tags($eventId)
{
$tags = getDatabase()->all('SELECT tag_id,order_id FROM tags
WHERE order_id IN (SELECT order_id FROM cust_orders WHERE event_id=:eventid
GROUP BY order_id HAVING COUNT(*)>0)', array('eventid' => $eventId));
return $tags;
}
function processInput()
{
global $myga;
if (isset($_REQUEST["action"])) {
switch ($_REQUEST["action"]) {
case "createuser":
// "users_id" INTEGER PRIMARY KEY AUTOINCREMENT,"users_username" TEXT,"users_fullname" TEXT,"users_tokendata" TEXT
$username = $_REQUEST["username"];
$fullname = $_REQUEST["fullname"];
$password = sha1($_REQUEST["password"]);
$sql = "insert into users values (NULL, '{$username}', '{$fullname}', '{$password}','0')";
$db = getDatabase();
$db->query($sql);
closeDatabase($db);
header("Location: index.php?success=created");
break;
case "provision":
$username = $_REQUEST["user"];
$tokentype = $_REQUEST["tokentype"];
$myga->setUser($username, $tokentype);
header("Location: index.php?success=Provisioned");
break;
case "auth":
$username = $_REQUEST["user"];
$tokencode = $_REQUEST["tokencode"];
if ($myga->authenticateUser($username, $tokencode)) {
header("Location: index.php?success=Passed");
} else {
header("Location: index.php?failure=wrongcode");
}
break;
}
}
}
function getValue()
{
$args = func_get_args();
$sql = array_shift($args);
$query = getDatabase()->prepare($sql);
$query->execute($args);
return $query->fetchColumn();
}
function mysql_1_3_0($sql, $params = array())
{
try {
getDatabase()->execute($sql, $params);
getLogger()->info($sql);
} catch (Exception $e) {
getLogger()->crit($e->getMessage());
}
}
public static function isSalespoint($user = null)
{
if ($user === null) {
$user = $_SESSION['user_id'];
}
if (getDatabase()->execute("SELECT * FROM membership JOIN groups USING(group_id) where user_id=:u AND salespoint", array('u' => $user))) {
return true;
}
return false;
}
function get($table, $getters, $mysqli)
{
$params = array();
$sql = "SELECT * FROM " . $table;
if (!empty($getters)) {
$params = $getters;
}
$params['user_id'] = $_SESSION['user_id'];
getDatabase($sql, $params, $mysqli);
}
function getCategories()
{
$db = getDatabase();
$state = $db->prepare("SELECT * from categories");
$results = array();
if ($state->execute()) {
$results = $state->fetchAll(PDO::FETCH_ASSOC);
}
return $results;
}
/**
* Creates a key
* @param int $paramUser the user
* @param array $paramApp app info
* @return String the new key code
*/
public static function createKey($paramUser, $paramApp)
{
if (!is_array($paramApp)) {
throw new IllegalArgumentException("Invalid argument, array expected");
}
if (!array_key_exists("name", $paramApp) || !array_key_exists("desc", $paramApp) || !array_key_exists("website", $paramApp)) {
throw new IllegalArugmentException("App info missing!");
}
getDatabase()->insert("orongo_auth_keys", array("key" => "", "userID" => $paramUser->getID(), "expire_ts" => "", "app_name" => $paramApp['name'], "app_desc" => $paramApp['desc'], "app_website" => $paramApp['website']));
}
function checkEmail($email)
{
$db = getDatabase();
$stmt2 = $db->prepare("Select * from users where email = :email");
$binds = array(":email" => $email);
if ($stmt2->execute($binds) && $stmt2->rowCount() == 1) {
return true;
}
return false;
}
function makeaccount($email, $pass)
{
$make = getDatabase()->prepare("insert into users set email=:email, password=:pass, created=now()");
$binds = array(":email" => $email, ":pass" => sha1($pass));
if ($make->execute($binds)) {
return true;
} else {
return false;
}
}
function sortcorps($column, $sortvalue)
{
$db = getDatabase();
$stmt = $db->prepare("SELECT * FROM corps ORDER BY {$column} {$sortvalue}");
$results = array();
if ($stmt->execute() && $stmt->rowCount() > 0) {
$results = $stmt->fetchAll(PDO::FETCH_ASSOC);
}
return $results;
}
public function validate()
{
$db = getDatabase();
$q = "UPDATE temp_validation_table SET " . self::KEY_CREATED_TIME . "=0 WHERE " . self::KEY_ID . "=" . $this->data[self::KEY_ID];
try {
$stmt = $db->prepare($q);
$stmt->execute();
} catch (PDOException $ex) {
Utils::HandlePDOException($ex);
}
}
function sortAddress($column2, $bysort)
{
$db = getDatabase();
$stmt = $db->prepare("SELECT * FROM address ORDER BY {$column2} {$bysort}");
$column2 = '%' . $column2 . '%';
$results = array();
if ($stmt->execute() && $stmt->rowCount() > 0) {
$results = $stmt->fetchAll(PDO::FETCH_ASSOC);
}
return $results;
}
function UpdateCategory($value, $value2)
{
$db = getDatabase();
$stmt = $db->prepare("UPDATE categories SET category = :category WHERE category_id = :category_id");
$binds = array(":category_id" => $value, ":category" => $value2);
if ($stmt->execute($binds)) {
return true;
} else {
return false;
}
}
function sortBy($sort, $id)
{
$db = getDatabase();
$stmt = $db->prepare("SELECT * FROM address WHERE address.user_id = :user_id AND address_group_id = :address_group_id ORDER BY address_group_id DESC");
$binds = array(":user_id" => $id, ":address_group_id" => $sort);
$results = array();
if ($stmt->execute($binds) && $stmt->rowCount() > 0) {
$results = $stmt->fetchAll(PDO::FETCH_ASSOC);
}
return $results;
}
function mysql_3_0_6($sql, $params = array())
{
try {
getDatabase()->execute($sql, $params);
getLogger()->info($sql);
} catch (Exception $e) {
getLogger()->crit($e->getMessage());
return false;
}
return true;
}
function search($search, $by, $id)
{
$db = getDatabase();
$stmt = $db->prepare("SELECT * FROM address WHERE user_id = :user_id AND {$by} LIKE CONCAT(:search, '%')");
$binds = array(":user_id" => $id, ":search" => $search);
$results = array();
if ($stmt->execute($binds) && $stmt->rowCount() > 0) {
$results = $stmt->fetchAll(PDO::FETCH_ASSOC);
}
return $results;
}
function createUser($email, $password)
{
$db = getDatabase();
$stmt = $db->prepare("INSERT INTO users SET email = :email, password = :password, created = NOW()");
$password = sha1($password);
$binds = array(":email" => $email, ":password" => $password);
$stmt->execute($binds);
if (empty($binds)) {
return false;
}
return true;
}
function isValidUser($email, $password)
{
include_once '../functions/dbConn.php';
$db = getDatabase();
$stmt = $db->prepare("SELECT * FROM users WHERE email = :email and password = :password");
$password = sha1($password);
$binds = array(":email" => $email, ":password" => $password);
if ($stmt->execute($binds) && $stmt->rowCount() > 0) {
return true;
}
return false;
}
function searchTest($column, $search)
{
$db = getDatabase();
$stmt = $db->prepare("SELECT * FROM corps WHERE {$column} LIKE :search");
$search = '%' . $search . '%';
$binds = array(":search" => $search);
$results = array();
if ($stmt->execute($binds) && $stmt->rowCount() > 0) {
$results = $stmt->fetch(PDO::FETCH_ASSOC);
}
return $results;
}
function dbhandler()
{
$users = getDatabase()->all('SELECT * FROM user');
echo "<h2>All users</h2><ol>";
foreach ($users as $key => $user) {
echo "<li>User {$key} - select privilege = {$user['Select_priv']}</li>";
}
echo "</ol>";
$user = getDatabase()->one('SELECT * FROM user WHERE Host=:Localhost', array(':Localhost' => 'localhost'));
echo "<h2>First localhost users</h2><ol>";
echo "<li>First - select privilege = {$user['Select_priv']}</li>";
echo "</ol>";
}
static function login($post)
{
// Validate that all required fields are present
getApi()->checkFields($post, array('required' => array('username', 'password'), 'optional' => array('sessionId')));
// Validate user against database
if (!($user_id = getDatabase()->one("SELECT user_id FROM users where (name=:u OR (email=:u AND email>'')) and password=:p", array('u' => $post['username'], 'p' => sha1($post['password']))))) {
http_response_code(401);
trigger_error('Unauthorized');
}
if (!session_id()) {
session_start();
}
$_SESSION['user_id'] = $user_id['user_id'];
return array('sessionId' => session_id());
}
function createProduct($categoryid, $product, $price, $image)
{
//product_id
//category_id
//product
//price
//image
//products
$db = getDatabase();
$state = $db->prepare("INSERT INTO products SET category_id = :categoryid, product = :product, price = :price, image = :image");
$binds = array(":categoryid" => $categoryid, ":product" => $product, ":price" => $price, ":image" => $image);
if ($state->execute($binds)) {
return true;
}
}
public function __invoke($args)
{
if (count($args) < 1) {
throw new OrongoScriptParseException("Arguments missing for MySQL.Query()");
}
$query = $args[0];
unset($args[0]);
$args = count($args) > 1 ? $args : end($args);
$rows = getDatabase()->query($query, $args);
foreach ($rows as &$row) {
if (is_array($row)) {
$row = new OrongoList($row);
}
}
return new OrongoList($rows);
}
/**
* Constructor
*
* @return void
*/
public function __construct($config = null, $params = null)
{
$this->config = !is_null($config) ? $config : getConfig()->get();
$mysql = $this->config->mysql;
if (!is_null($params) && isset($params['db'])) {
$this->db = $params['db'];
} else {
$utilityObj = new Utility();
EpiDatabase::employ('mysql', $mysql->mySqlDb, $mysql->mySqlHost, $mysql->mySqlUser, $utilityObj->decrypt($mysql->mySqlPassword));
$this->db = getDatabase();
}
foreach ($mysql as $key => $value) {
$this->{$key} = $value;
}
if (isset($this->config->user)) {
$this->owner = $this->config->user->email;
}
}
function addActivity($SerialNumber, $UserName, $Activity, $ArtistID, $OrgID)
{
include 'database.php';
include 'common.php';
//establish a database connection to scoretrak
$dbname = getDatabase();
$tablename = "tblActivity";
//adjust time to Pacific Time
date_default_timezone_set("America/Los_Angeles");
$today = date("Y-m-d H:i:s");
$connection = mysql_connect("localhost", "pricerub_priceru", "prp95") or die(mysql_error());
$db = @mysql_select_db($dbname, $connection) or die(mysql_error());
//get marketerid from tblMarketers
$MarketerID = getMarketerID($UserName, $SerialNumber);
//Build an insert query
$sql = "INSERT INTO {$tablename}(MarketerID, OrgID, ArtistID, Activity, TimeStamp, RemoteIPAddress) VALUES('{$MarketerID}', '{$OrgID}', '{$ArtistID}', '{$Activity}', '{$today}', '{$REMOTE_ADDR}')";
//process query
$result = @mysql_query($sql, $connection);
}
function getUsers()
{
// get our database connection
$dbObject = getDatabase();
// now the sql again
$sql = "select users_username from users";
// run the query
$result = $dbObject->query($sql);
// iterate over the results - we expect a simple array containing
// a list of usernames
$i = 0;
$users = array();
foreach ($result as $row) {
$users[$i] = $row["username"];
$i++;
}
// now return the list
return $users;
}
static function post($post)
{
$fields = getApi()->checkFields($post, array('required' => array('code', 'firstname', 'lastname', 'username', 'email', 'ref_user', 'phone', 'nationality', 'country', 'gender', 'city', 'address', 'zip', 'accepted_fields', 'order_owner'), 'optional' => array('ordernr')));
$post['attendee_id'] = $post['ref_user'];
$order['order_id'] = $post['ordernr'];
$order['attendee_id'] = $post['ref_user'];
$order['code'] = $post['code'];
$order['order_owner'] = $post['order_owner'];
$order['event_id'] = 1;
$order['revision'] = getDatabase()->one('SELECT revision FROM cust_orders WHERE order_id=:order_id AND event_id=:event_id AND code=:code', array('order_id' => $order['order_id'], 'event_id' => $order['event_id'], 'code' => $order['code']));
$order['revision'] = $order['revision']['revision'] + 1;
unset($post['ref_user']);
unset($fields['ref_user']);
unset($post['ordernr']);
unset($post['code']);
unset($post['order_owner']);
getDatabase()->insertOrUpdate('cust_orders', $order, array('order_id', 'event_id', 'code'));
getDatabase()->insertOrUpdate('cust_attendee', $post, 'attendee_id', $fields);
return $post['attendee_id'];
}
function doLogin()
{
if (empty($_POST['email']) || empty($_POST['password'])) {
$_SESSION['loginErrorMessage'] = 'please fill in both fields.';
} else {
$database = getDatabase();
$result = $database->select('users', '*', ['email' => $_POST['email']]);
if (empty($result) || count($result) !== 1) {
$_SESSION['loginErrorMessage'] = 'login failed.';
} else {
$passwordHash = $result[0]['password_hash'];
if (!password_verify($_POST['password'], $passwordHash)) {
$_SESSION['loginErrorMessage'] = 'login failed.';
} else {
$_SESSION['userId'] = $result[0]['id'];
$_SESSION['firstName'] = $result[0]['first_name'];
$_SESSION['lastName'] = $result[0]['last_name'];
$_SESSION['loggedIn'] = true;
}
}
}
}
function results()
{
if (filter_input(INPUT_POST, "thefilter") != null) {
$searchAll = getDatabase()->prepare("Select * from address where user_id=:id and address_group_id = :group");
$binds = array(":id" => $_SESSION["theid"], ":group" => filter_input(INPUT_POST, "thefilter"));
if ($searchAll->execute($binds)) {
return $searchAll->fetchALL(PDO::FETCH_ASSOC);
}
return -1;
}
if (filter_input(INPUT_POST, "searchby") != null && filter_input(INPUT_POST, "search") != null) {
switch (filter_input(INPUT_POST, "searchby")) {
case "name":
$searchAll = getDatabase()->prepare("Select * from address where user_id=:id and fullname like :searching");
break;
case "email":
$searchAll = getDatabase()->prepare("Select * from address where user_id=:id and email like :searching");
break;
case "address":
$searchAll = getDatabase()->prepare("Select * from address where user_id=:id and address like :searching");
break;
case "phone":
$searchAll = getDatabase()->prepare("Select * from address where user_id=:id and phone like :searching");
}
$binds = array(":id" => $_SESSION["theid"], ":searching" => "%" . filter_input(INPUT_POST, "search") . "%");
if ($searchAll->execute($binds)) {
return $searchAll->fetchALL(PDO::FETCH_ASSOC);
}
return -1;
}
$searchAll = getDatabase()->prepare("Select * from address where user_id=:id");
$binds = array(":id" => $_SESSION["theid"]);
if ($searchAll->execute($binds)) {
return $searchAll->fetchALL(PDO::FETCH_ASSOC);
}
return -1;
}