public function delComment($id)
{
$connect = new DB_Connection();
$mysqli = $connect->getConnect();
$mysqli->query("DELETE FROM comments WHERE id = " . $id) or die("Cannot delete comment");
header('Location: . ');
}
public function delRecord($id)
{
$connect = new DB_Connection();
$mysqli = $connect->getConnect();
$mysqli->query("DELETE FROM records WHERE id = " . $id) or die("Cannot delete record");
$mysqli->query("DELETE FROM comments WHERE record_id = " . $id) or die("Cannot delete comment");
header("Location: . ");
}
public function getNewsOneAuthor($action)
{
$mysqli = new DB_Connection();
$result = $mysqli->getConnect()->query('SELECT news.*, authors.name FROM news, authors
WHERE news.author_id = authors.id
AND authors.id = ' . $action);
$news = array();
while ($row = $result->fetch_assoc()) {
if (mb_strlen($row['text']) > 100) {
$row['text'] = mb_substr(strip_tags($row['text']), 0, 97) . '...';
}
$news[] = $row;
$name = $row['name'];
}
include ROOT . '/pages/list_one_author.php';
}
//create a new avatar 100x100
$image_new = imagecreatetruecolor(100, 100);
//create a new image in jpeg format
$image = imagecreatefromjpeg($avatar_tmp);
//copy an avatar in the new picture, size decreases
imagecopyresampled($image_new, $image, 0, 0, 0, 0, 100, 100, $img_width, $img_height);
//save image in file - temp_image.jpeg
imagejpeg($image_new, "temp_image.jpeg", 100);
//new length and height of the image
list($new_img_width, $new_img_height) = getimagesize("temp_image.jpeg");
//array with new parameters of image
$temp_image = getimagesize("temp_image.jpeg");
//get image
$img_data = file_get_contents("temp_image.jpeg");
require_once './DB_connection/DB_connect.php';
$mysqli = new DB_Connection();
$sql = $mysqli->getConnect();
if (!($stmt = $sql->prepare("INSERT INTO registration (name, surname, patronymic, login, password )\r\n VALUES (?, ?, ?, ?, ?)"))) {
echo "Prepare failed: (" . $sql->errno . ") " . $mysqli->error;
}
if (!$stmt->bind_param('sssss', $name, $surname, $patronymic, $login, $password)) {
echo "Binding output parameters failed: (" . $stmt->errno . ") " . $stmt->error;
}
if (!$stmt->execute()) {
echo "Execute failed: (" . $stmt->errno . ") " . $stmt->error;
}
//id of last INSERT
$id = mysqli_insert_id($sql);
if (!($stmt = $sql->prepare("INSERT INTO avatar (avatar_mime, avatar_size, avatar_date, user_id)\r\n VALUES (?, ?, ?, ?)"))) {
echo "Prepare failed: (" . $sql->errno . ") " . $sql->error;
}
function updateDBConnection(DB_Connection $conn)
{
global $config_db, $user;
if ($conn->validateKey()) {
if (checkDBConnectionTable()) {
$sql = "UPDATE db_connections SET " . "Name = '" . $conn->getName() . "', " . "Desc = '" . $conn->getDesc() . "', " . "Server = '" . $conn->getServer() . "', " . "User = '******', " . "Password = '******', " . "Schema = '" . $conn->getSchema() . "', " . "Type = " . $conn->getType() . ", " . "updateDate = '" . date("Y-m-d") . "', " . "updatedBy = '" . $user->getEmail() . "'" . " WHERE id = " . $conn->getID();
// Execute SQL
$config_db->exec($sql);
// Reload Database Connections
loadDBConnections();
}
}
}
<?php
/**
* check login in data base from function ifLoginAjax
*/
$login = htmlspecialchars($_POST['login']);
$login = "******" . $login . "'";
require_once './DB_connection/DB_connect.php';
$mysqli = new DB_Connection();
$name = $mysqli->getConnect()->query("SELECT COUNT(login) AS count\r\n FROM registration WHERE login LIKE " . $login)->fetch_assoc();
if ($name['count'] >= 1) {
echo "This login is not available";
} else {
echo "Ok";
}
/**
* Function to test API Keys against Users
* @global API_Settings $api
* @param string $api_key
* @return boolean
*/
function testAPIKey($api_key)
{
global $api, $db_conn;
// Check if we need to test the API Key
if ($api->getUseAPIKey() == false) {
return true;
}
// Process 'public' as API Key
if (strtolower($api_key) == 'public') {
return true;
}
// Get Connection Details
$conn = new DB_Connection();
$set = false;
foreach ($db_conn as $conn) {
if (strtolower($conn->getName()) == strtolower($api->getAPIKeyConnection())) {
$set = true;
break;
}
}
// Error message if $conn is not set
if ($set != true) {
die("Cannot find the connection '{$api->getAPIKeyConnection()}'");
}
// Validate API Key
$_sql = "select {$api->getAPIKeyField()} " . "from {$conn->getSchema(false)}.{$api->getAPIKeyTable()} " . "where {$api->getAPIKeyField()} = '{$api_key}'";
try {
switch ($conn->getType()) {
case 0:
// SQLite
$_db = new PDO("sqlite:" . $conn->getServer(false));
$_sql = "select {$api->getAPIKeyField()} " . "from {$api->getAPIKeyTable()} " . "where {$api->getAPIKeyField()} = '{$api_key}'";
break;
case 1:
// MySQL
$_db = new PDO("mysql:host=" . $conn->getServer(false) . ";dbname=" . $conn->getSchema(false), $conn->getUser(false), $conn->getPassword(false));
break;
case 2:
// PostgreSQL
$_db = new PDO("pgsql:host=" . $conn->getServer(false) . ";dbname=" . $conn->getSchema(false), $conn->getUser(false), $conn->getPassword(false));
break;
case 3:
// Oracle
$_db = new PDO("oci:dbname=" . $conn->getServer(false), $conn->getUser(false), $password);
break;
case 4:
// Microsoft SQL
$_db = new PDO("sqlsrv:Server=" . $conn->getServer(false) . ";Database=" . $conn->getSchema(false), $conn->getUser(false), $conn->getPassword(false));
break;
}
$_db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
// Get Response
$dbRes = $_db->query($_sql);
$iRes = 0;
foreach ($dbRes as $row) {
// Check API Key Again (incase someone used a wildcard)
// We are only checking the first record because it should be correct
if ($api_key == $row[0] && $iRes == 0) {
return true;
}
$iRes++;
break;
}
} catch (PDOException $ex) {
showMessage($_sql);
// Print PDOException message
$res = $ex->getMessage();
showMessage($res);
}
return false;
}
<?php
// output information
$id = $_GET['id'];
require_once './DB_connection/DB_connect.php';
$mysqli = new DB_Connection();
$result = $mysqli->getConnect()->query("SELECT * FROM registration WHERE id = " . $id)->fetch_assoc();
include './info.php';
/**
* Created by PhpStorm.
* User: Matt Leering
* Date: 2016-01-30
* Time: 12:04 AM
*/
require_once '../lib/classes/DBConnection.php';
require_once '../lib/classes/ClassTemplate.php';
if (!isset($_POST['serverType']) || !isset($_POST['serverAddress']) || empty($_POST['serverAddress']) || !isset($_POST['serverUsername']) || empty($_POST['serverUsername']) || !isset($_POST['serverPassword']) || empty($_POST['serverPassword']) || !isset($_POST['serverDatabase']) || empty($_POST['serverDatabase'])) {
header('HTTP/1.1 500 Insufficient Parameters Passed');
header('Content-Type: application/json; charset=UTF-8');
exit;
}
//create a new database connection
$connection = new DB_Connection($_POST['serverType'], $_POST['serverAddress'], $_POST['serverUsername'], $_POST['serverPassword'], $_POST['serverDatabase']);
$success = false;
$msg = "";
$link = $connection->AttemptConnection();
//Ensure that any failed connection attempts get reported to the user
if (!$link || !empty($connection->GetLastErrorMessage())) {
header('HTTP/1.1 500 Connection Failed: ' . $connection->GetLastErrorMessage());
header('Content-Type: application/json; charset=UTF-8');
exit;
}
switch ($_POST['action']) {
//During the action of switching to the table tab we will be looking up a list of tables, and populating a select control with them
case 'table':
$tableList = "";
//Connection was successful. Start building HTML that will replace a currently empty div
$success = true;
<?php
/**
* output avatar
*/
$id = $_REQUEST['id'];
require_once './DB_connection/DB_connect.php';
$mysqli = new DB_Connection();
$avatar = $mysqli->getConnect()->query("SELECT * FROM avatar WHERE user_id = " . $id)->fetch_assoc();
header('Content-type: ' . $avatar['avatar_mime']);
header('Content-type: ' . $avatar['avatar_size']);
echo $avatar['avatar_date'];
