/** * 创建群 * @UserFunction(method = POST) * @CheckLogin */ function create_group(string $name, string $introduce) { $db = new DataBase(DB_DNS, DB_USER, DB_PASSWORD); $user_id = getCurrentUserId(); $group_id = $db->insert('INSERT INTO `group`(`name`,`introduce`,`create_user_id`) VALUES(?,?,?);', $name, $introduce, $user_id); $db->exec('INSERT INTO `group_user`(`group_id`, `user_id`, `role`) VALUES(?,?,1);', $group_id, $user_id); return $group_id; }
/** * 写入联系人修改历史记录 * @param int $user_id 用户ID * @param int $appid 应用ID * @param int $source 操作来源 * @param int $device_id 设备ID * @param int $phone_model 手机型号 * @param string $operation 操作说明 * @param array $added_ids 新增联系人ID * @param array $updated_ids 修改联系人ID * @param array $deleted_ids 删除联系人ID * @param int $count 联系人数 * @param int $category_count 分组数 * @return bool */ public function insert_history($user_id, $appid, $source, $device_id, $phone_model, $operation, $added_ids, $updated_ids, $deleted_ids, $count, $category_count) { $setters = array('uid' => $user_id, 'appid' => $appid, 'source' => $source, 'device_id' => $device_id, 'phone_model' => $phone_model, 'operation' => $operation, 'added_ids' => serialize($added_ids), 'updated_ids' => serialize($updated_ids), 'deleted_ids' => serialize($deleted_ids), 'dateline' => api::get_now_time(), 'count' => $count, 'category_count' => $category_count); $this->db->begin(); $query = $this->db->insert($this->get_table($user_id, 'contact_history'), $setters); if (!$query) { $this->db->rollback(); } return $this->db->commit(); }
$start_date = $_POST['start_date']; $at_most = $_POST['at_most']; $start_time = $_POST['start_time']; $end_time = $_POST['end_time']; $course_about = $_POST['course_about']; $language = $_POST['language']; $goals = $_POST['goals']; $description = $_POST['disctiption']; $notes = $_POST['note']; if (isset($_POST['insert'])) { mkdir("images/" . $_POST['course_id'] . "/"); $fields = array('c_id', 'course', 'event', 'c_name', 'c_num', 'c_location', 'c_collage_index', 'c_dept', 'c_price', 'c_gender', 'c_target_group', 'c_duration', 'c_req_num', 'c_reg_time', 'c_max_num', 'c_time_from', 'c_time_to', 'c_major', 'c_languate', 'c_goals', 'c_doc_desc', 'c_notes'); //here we write the attribute or fields which is in the table insid the database $values = array('', $course, $event, $course_name, $course_id, $pleace, $collage, $dept, $price, $type, $target, $how_long, $at_least, $start_date, $at_most, $start_time, $end_time, $course_about, $language, $goals, $description, $notes); //put all variables in values array() $con->insert($fields, $values, 'documentation'); //call insert(all fields or attribute , value array,table name) $sql = "SELECT c_id FROM documentation where c_num='" . $course_id . "' "; $result = mysql_query($sql); while ($row = mysql_fetch_array($result)) { $get_decument_id = $row['c_id']; } for ($i = 0; $i < count($_FILES['upload']['name']); $i++) { //Get the temp file path $tmpFilePath = $_FILES['upload']['tmp_name'][$i]; //Make sure we have a filepath if ($tmpFilePath != "") { //Setup our new file path //move_uploaded_file($_FILES["upload"]["tmp_name"], "Proposals/". $_SESSION["FirstName"] ."/". $_FILES["upload"]["name"]); $newFilePath = "./images/" . $_POST['course_id'] . "/" . $_FILES['upload']['name'][$i]; //Upload the file into the temp dir
$aDatos['entreCalles'] = filter_input(INPUT_POST, "entreCalles"); $aDatos['colonia'] = filter_input(INPUT_POST, "colonia"); $aDatos['ciudad'] = filter_input(INPUT_POST, "ciudad"); $aDatos['estado'] = filter_input(INPUT_POST, "estado"); $aDatos['codigoPostal'] = filter_input(INPUT_POST, "codigoPost"); // Pestaña de Localizacion $aDatos['telefono'] = filter_input(INPUT_POST, "telefono"); $aDatos['fax'] = filter_input(INPUT_POST, "fax"); $aDatos['movil'] = filter_input(INPUT_POST, "movil"); $aDatos['email'] = filter_input(INPUT_POST, "email"); // Pestaña de Contacto $aDatos['contactoNombre'] = filter_input(INPUT_POST, "contactoNombre"); $aDatos['contactoTelefono'] = filter_input(INPUT_POST, "contactoTelefono"); $aDatos['contactoMail'] = filter_input(INPUT_POST, "contactoMail"); // Pestaña Extras $aDatos['direccionEntrega'] = filter_input(INPUT_POST, "direccionEntrega"); $aDatos['direccionCobro'] = filter_input(INPUT_POST, "direccionCobro"); $aDatos['comentario'] = filter_input(INPUT_POST, "comentarios"); $cDb = new DataBase(); if ($cIdCliente != "") { $sWhere = "idCliente = {$cIdCliente}"; $actualizado = $cDb->update("cliente", $aDatos, $sWhere); } else { $actualizado = $cDb->insert("cliente", $aDatos); } $Mensaje = "Datos del Cliente Guardados Correctamente"; if (!$actualizado) { $Mensaje = $cDb->LastError; } $return = array("correcto" => $actualizado, "mensaje" => $Mensaje); echo json_encode($return);
ob_end_clean(); echo '{"success":false,"message":"error: no columns given to query"}'; exit; } if ($objParseColumns->success == false) { ob_end_clean(); echo '{"success":false,"message":"error: no columns given to query"}'; exit; } $dataBase->parseJoin($strJoin); $dataBase->parseRestrictions($strRestrictions); $dataBase->parseOrderBy($strOrder); $dataBase->parseGroupBy($strGroupBy); $dataBase->parseLimit($strLimit); $dataBase->parseValues($strValues); ob_end_clean(); switch ($strQuery) { case 'SELECT': echo $dataBase->select(); break; case 'INSERT': echo $dataBase->insert(); break; case 'DELETE': echo $dataBase->delete(); break; case 'UPDATE': echo $dataBase->update(); break; } exit;
<?php session_start(); include '../dataBaseClass/connection.php'; $aDatos = array(); $idAgente = filter_input(INPUT_POST, "idAgente"); $aDatos['nombre'] = filter_input(INPUT_POST, "nombre"); $aDatos['clave'] = filter_input(INPUT_POST, "clave"); $aDatos['direccion'] = filter_input(INPUT_POST, "direccion"); $aDatos['email'] = filter_input(INPUT_POST, "email"); $aDatos['telefono'] = filter_input(INPUT_POST, "telefono"); $aDatos['movil'] = filter_input(INPUT_POST, "movil"); $cDb = new DataBase(); if ($idAgente != '') { $lCorrecto = $cDb->update("agente", $aDatos, "idAgente = '{$idAgente}'"); } else { $lCorrecto = $cDb->insert("agente", $aDatos, false); } $mensaje = "Datos del agente guardados correctamente"; if (!$lCorrecto) { $mensaje = "Error al tratar de guardar la informacion del agente: " . $cDb->LastError; } echo json_encode(array('correcto' => $lCorrecto, 'mensaje' => $mensaje));
} die('true'); break; case 'unread': $unread = DataBase::query('SELECT COUNT(*) FROM messages WHERE opened = 0 AND recipient_dir = ' . DataBase::_secure($_GET['folder']) . ' AND recipient = ' . User::getID())->fetch()[0]; if (strval($unread)) { die($unread); } else { die; } break; case 'send': // check message HTML does not comport malicious tags // for example with HTMLPurify PHP library $recipient = DataBase::get('users', array('ID'), array('fullname' => $_POST['recipient'])); if (!count($recipient) || $recipient === false) { die('false'); } if (DataBase::insert('messages', array('sender' => User::getID(), 'recipient' => $recipient[0]['ID'], 'subject' => htmlspecialchars($_POST['subject']), 'content' => $_POST['content'], 'sent' => array('NOW()'), 'opened' => 0, 'answerTo' => 0, 'sender_dir' => 'sent', 'recipient_dir' => 'inbox'))) { if (DataBase::insert('messages', array('sender' => User::getID(), 'recipient' => $recipient[0]['ID'], 'subject' => htmlspecialchars($_POST['subject']), 'content' => $_POST['content'], 'sent' => array('NOW()'), 'opened' => 0, 'answerTo' => 0, 'sender_dir' => 'sent', 'recipient_dir' => 'sent'))) { } die('true'); } else { die('false'); } break; default: die('<h3>Unknwon action</h3>'); break; } die;
<?php session_start(); include '../dataBaseClass/connection.php'; $aDatos = array(); $id = filter_input(INPUT_POST, "IdTipo"); $aDatos['idTipo'] = $id; $aDatos['nombre'] = filter_input(INPUT_POST, "nombre"); $aDatos['descripcion'] = filter_input(INPUT_POST, "descripcion"); $cDb = new DataBase(); $lCorrecto = $cDb->insert("TipoPoliza", $aDatos, TRUE); $mensaje = "Datos del tipo de poliza guardados correctamente"; if (!$lCorrecto) { $mensaje = "Error al tratar de guardar la informacion del tipo de poliza: " . $cDb->LastError; } echo json_encode(array('correcto' => $lCorrecto, 'mensaje' => $mensaje));
<?php session_start(); include '../dataBaseClass/connection.php'; $aDatos = array(); $aDatos['idPaquete'] = filter_input(INPUT_POST, "idPaquete"); $aDatos['tipoPoliza'] = filter_input(INPUT_POST, "tipoPoliza"); $aDatos['cobertura'] = filter_input(INPUT_POST, "cobertura"); $cDb = new DataBase(); $lCorrecto = $cDb->insert("Paquete", $aDatos, FALSE); $mensaje = "Datos del tipo de poliza guardados correctamente"; if (!$lCorrecto) { $mensaje = "Error al tratar de guardar la informacion del tipo de poliza: " . $cDb->LastError; } echo json_encode(array('correcto' => $lCorrecto, 'mensaje' => $mensaje));
$aData['type'] = $sType; $aData['size'] = $iSize; $aData['content'] = $content; $aData['idCliente'] = $idCliente; $cDb = new DataBase(); $cTabla = ""; switch ($tipoArchivo) { case 1: $cTabla = "ExpedienteElectronico"; break; case 2: $cTabla = "ComprobantePago"; default: break; } $result = $cDb->insert($cTabla, $aData, false); if (!$result) { $msjReturn = 'Error al grabar en la base de datos: ' . $cDb->LastError; } else { $msjReturn = 'Documento almacenado correctamente'; $correcto = true; $iIdFile = $cDb->LastInsertedId; } } else { $msjReturn = "El archivo no se cargo correctamente, intente de nuevo"; } } else { $msjReturn = "No se especifico un archivo para almacenar"; } $return = array("correcto" => $correcto, "mensaje" => $msjReturn, "id" => $iIdFile); echo json_encode($return);
$aDatos = array(); $idCompania = filter_input(INPUT_POST, "IdCompania"); $aDatos['nombre'] = filter_input(INPUT_POST, "nombre"); $aDatos['direccion'] = filter_input(INPUT_POST, "direccion"); $aDatos['telefono'] = filter_input(INPUT_POST, "telefono"); $aDatos['portal'] = filter_input(INPUT_POST, "portal"); $aTipos = array(); if (isset($_POST['chkTipoPoliza'])) { $aTipos = $_POST['chkTipoPoliza']; } $cDb = new DataBase(); if ($idCompania != "") { $sWhere = "idCompania = {$idCompania}"; $lCorrecto = $cDb->update("Companias", $aDatos, $sWhere); } else { $lCorrecto = $cDb->insert("Companias", $aDatos); $idCompania = strval($cDb->LastInsertedId); } $mensaje = "Datos de la compañia guardados correctamente"; if (!$lCorrecto) { $mensaje = "Error al tratar de guardar la informacion de la compañia: " . mysqli_stmt_error($stmt); } if ($lCorrecto) { // Borramos los datos de los tipos de polizas y agregamos las nuevas seleccionadas $cDb->delete("TipoPolizaCompania", "idCompania = {$idCompania}"); foreach ($aTipos as $value) { $aData = array(); $aData['idCompania'] = $idCompania; $aData['idTipo'] = $value; $cDb->insert("TipoPolizaCompania", $aData, false); }
if ($result) { $json = array(); $json['lat'] = (double) $result['latitude']; $json['lng'] = (double) $result['longitude']; // This doesn't work in my arsys hosting //$encoded = json_encode($json); $encoded = '{"lat":' . $json['lat'] . ',"lng":' . $json['lng'] . '}'; } die($encoded); break; case "post": $db = new DataBase(); $id = (int) $_GET['id']; $lat = (double) $_GET['lat']; $lng = (double) $_GET['lng']; $db->insert($id, $lat, $lng); die; break; case "show": $id = $_GET['id']; break; default: ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xmlns:v="urn:schemas-microsoft-com:vml"> <head> <meta http-equiv="content-type" content="text/html; charset=utf-8"/> <title>Show me!</title> <script src="http://maps.google.com/maps?file=api&v=2&sensor=false&key=ABQIAAAAIUiRh9vGTU8GIfuQooImRxReysCIw65eY2HcdIK__B4VQ4C-DBTUJ6fZDI5YGR6Jutf1WNG8Ogs3UA" type="text/javascript"></script> <script src="prototype.js" type="text/javascript"></script>
$aDatos['modelo'] = (int) filter_input(INPUT_POST, 'modelo'); $aDatos['amis'] = filter_input(INPUT_POST, 'amis'); $aDatos['placas'] = filter_input(INPUT_POST, 'placas'); $aDatos['noSerie'] = filter_input(INPUT_POST, 'noSerie'); $aDatos['noMotor'] = filter_input(INPUT_POST, 'noMotor'); $aDatos['color'] = filter_input(INPUT_POST, 'color'); $aDatos['conductor'] = filter_input(INPUT_POST, 'conductor'); $aDatos['edadConductor'] = (int) filter_input(INPUT_POST, 'edadConductor'); $aDatos['edoCivilConductor'] = filter_input(INPUT_POST, 'edoCivilConductor'); $aDatos['ubicacion'] = filter_input(INPUT_POST, 'ubicacion'); $aDatos['tipoCarga'] = filter_input(INPUT_POST, 'tipoCarga'); $aDatos['descripcionCarga'] = filter_input(INPUT_POST, 'descripcionCarga'); $aDatos['paquete'] = filter_input(INPUT_POST, 'idPaquete'); $aDatos['observaciones'] = filter_input(INPUT_POST, 'observaciones'); $cDb = new DataBase(); $lCorrecto = $cDb->insert("OrdenTrabajo", $aDatos, FALSE); $aCobertura = array(); if (isset($_POST['cobertura'])) { $aCobertura = $_POST['cobertura']; } $aSumaAsegurada = array(); if (isset($_POST['sumaAsegurada'])) { $aSumaAsegurada = $_POST['sumaAsegurada']; } $aDeducible = array(); if (isset($_POST['deducible'])) { $aDeducible = $_POST['deducible']; } $tamanio = count($aCobertura); $i = 0; while ($i < $tamanio) {
/** * 发送激活码 * @UserFunction */ function send_activatiton_code(Mobile $mobile) { $db = new DataBase(DB_DNS, DB_USER, DB_PASSWORD); $code = 2000; if ($db->fetchColumn('SELECT count(*) FROM `activation_code` WHERE `mobile` = ?', $mobile) == 0) { $db->insert('INSERT INTO `activation_code` (`mobile`, `code`) values(?,?)', $mobile, $code); } else { $timestamp = $db->fetchColumn('SELECT `timestamp` FROM `activation_code` WHERE `mobile` = ?', $mobile); if (time() - $timestamp > 60000) { $db->exec('UPDATE `activation_code` SET `code` = ? WHERE `mobile` = ?', $code, $mobile); } else { throw new ProException('Activation code is sent too frequently', 107); } } }
require_once _DIR . 'config.php'; require_once _ENGINE . 'db.php'; $Db = new DataBase($_CONF); require_once _ENGINE . 'Auth.class.php'; $Auth = new Auth($Db); $filename = $_FILES['file']['name']; if ($Auth->isAdmin($_COOKIE['id'], $_COOKIE['hash'])) { $ext = pathinfo($filename, PATHINFO_EXTENSION); $newName = $Auth->generateCode(20); $data = array('old' => $filename, 'new' => $newName . '.' . $ext, 'small' => $newName . '_s.' . $ext, 'size' => $_FILES['file']['size'], 'status' => -1, 'errorMsg' => ''); $destination = _UPLOAD_RIR . $data['new']; $destinationSmall = _UPLOAD_RIR . $data['small']; if (move_uploaded_file($_FILES['file']['tmp_name'], $destination)) { $rows = array('category', 'src_large', 'src_small', 'oldname', 'newname', 'folder', 'size', 'user'); $queryData = array($_POST['category'], $data['new'], $data['small'], $data['old'], $newName, _UPLOAD_RIR, $data['size'], $_COOKIE['id']); $id = $Db->insert('galary_images', $rows, $queryData); if ($id > 0) { $data['status'] = 1; $data['id'] = $id; } } echo json_encode($data); img_resize($destination, $destinationSmall, 200, 0); } else { $data = array('status' => -1, 'errorMsg' => 'Недостаточно прав'); echo json_encode($data); } /* Функция img_resize(): генерация thumbnails Параметры: $src - имя исходного файла
$Auth = new Auth($Db); $_RETURN = array('status' => 0, 'errorMsg' => null, 'data' => array()); /** * without access * */ if ($_GET['action']) { $_a = $_GET['action']; if ($_a == 'registerPhone') { $data = json_decode($_GET['data']); pre($data); $name = $data->name; $phone = $data->phone; if (strlen($name) > 2 && strlen($phone) > 2) { $rows = array('name', 'phone', 'result'); $data = array($name, $phone, ''); $Db->insert('phoneRegister', $rows, $data); require_once _ENGINE . 'Mail.class.php'; require_once _ENGINE . 'HTML.class.php'; $HTML = new HTML(); $HTML->get('template/registerPhoneMail.html'); $HTML->replace(array('name', 'phone', 'date'), array($name, $phone, date('d.m.Y H:i:s'))); $MailSender = new Mail(); $headers = array('From: SiteSVAI <SiteSVAI.ru>'); //$MailSender->sendTo('*****@*****.**'); $MailSender->sendTo('*****@*****.**'); $MailSender->setHTML($HTML->get()); $MailSender->sendMail(); $_RETURN['status'] = 1; $_RETURN['data'] = array(true); echo json_encode($_RETURN); }
if ($this->db_name) { if (@mysql_close()) { echo 'closed'; $this->db_name = false; return true; } else { return false; } } } public function escapeString($data) { return $this->myconn->real_escape_string($data); } public function getSql() { $val = $this->myQuery; $this->myQuery = array(); return $val; } } $con = new DataBase(); $con->connect("localhost", "root", "", "comunity_service"); //$con->disconnect() $username = $_POST['username']; $password = $_POST['password']; $type = $_POST['type']; $fields = array('ID', 'username', 'password', 'type'); $values = array('', $username, $password, $type); $con->insert($fields, $values, 'login');
$err = 'The two passwords does not match'; } elseif ($_POST['email'] !== $_POST['email-confirm']) { $err = 'The two email does not match'; } elseif (!isset($_POST['agree-terms']) || !$_POST['agree-terms']) { $err = 'You must agree terms and privacy'; } else { $user = DataBase::get('users', array(), array('pseudo' => $_POST['pseudo'])); if (count($user) && $user !== false) { $err = 'This pseudo is already used !'; } else { $user = DataBase::get('users', array(), array('email' => $_POST['email'])); if (count($user) && $user !== false) { $err = 'This email is already used !'; } else { $token = md5(uniqid(rand(), true)) . md5(uniqid(rand(), true)); if (DataBase::insert('users', array('pseudo' => $_POST['pseudo'], 'password' => hash('sha384', $_POST['password']), 'email' => $_POST['email'], 'firstname' => $_POST['firstname'], 'lastname' => $_POST['lastname'], 'fullname' => $_POST['firstname'] . ' ' . $_POST['lastname'], 'activated' => 0, 'rights' => 1, 'register' => 'NOW()', 'reputation' => 0, 'token' => $token))) { try { chdir(__DIR__ . '/server/users'); Lib::recurseCopy('.model', $_POST['pseudo']); sendMail($_POST['email'], Config::get('SITE_TITLE'), Config::get('SITE_EMAIL'), 'Activate your account', 'Dear ' . $_POST['firstname'] . ' ' . $_POST['lastname'] . ",<br /><br />You've just created an account. To activate it, use the link below.<br /><br /><a href=\"http://{$_SERVER['HTTP_HOST']}{$_SERVER['REQUEST_URI']}?activate=" . $token . "\">Activate your account</a><br /><br /><small>Sent from Skyer</small>"); $registered = true; } catch (Exception $e) { $err = 'Internal disk error. Please try again.'; } } else { $err = 'DataBase error. Please try again.'; } } } } }