Execute actual queries. Within this class, this function should be used
to do queries, not the wrapper function query(). The logger will log
the caller of the caller of this function. So there should be one function
in between this and outside this class.
| protected doQuery ( $sql ) : MySQL | ||
| Результат | MySQL | resource|false |
function logAccess()
{
define('_VALID_CODE', true);
include_once 'database.php';
$dbh = new Database();
$dbh->init();
$ipaddr_base = $_SERVER['REMOTE_ADDR'];
if (is_array($ipaddr_base)) {
$ipaddr = $ipaddr_base[0];
} else {
$ipaddr = $ipaddr_base;
}
//echo("--> " . $ipaddr);
$query = "SELECT * FROM downloads26 WHERE ipaddr = '{$ipaddr}';";
$result = $dbh->doQuery($query);
if (mysql_num_rows(&$result) > 0) {
/*$row = mysql_fetch_array(&$result);
if (intval( $row['attempts'] ) > 50)
{
die("Sorry, you've attempted to download StealthBot too many times. Please contact Stealth by <a href='mailto:stealth@stealthbot.net'>email</a> if you need another copy, or if you received this message in error.");
} */
$query = "UPDATE downloads26 SET attempts=attempts+1 WHERE ipaddr='{$ipaddr}';";
} else {
$query = "INSERT INTO downloads26(ipaddr, attempts) VALUES('{$ipaddr}', 1);";
}
mysql_free_result($result);
$result = $dbh->doQuery($query);
}
public static function getAllSizes()
{
$result = Database::doQuery("SELECT * FROM " . Database::addPrefix('websizes'));
$sizes = array();
while ($row = mysql_fetch_assoc($result)) {
$sizes[] = new Size($row['Size']);
}
return $sizes;
}
public static function getAllWebAdUsers()
{
$result = Database::doQuery("SELECT * FROM " . Database::addPrefix('webadusers') . " ORDER BY username ASC");
$users = array();
while ($row = mysql_fetch_assoc($result)) {
$users[] = new WebAdUser($row['username']);
}
return $users;
}
public static function getDistinctMondays()
{
$mondays = array();
$result = Database::doQuery("SELECT DISTINCT StartingMonday FROM " . Database::addPrefix('webads') . " ORDER BY StartingMonday DESC");
while ($row = mysql_fetch_assoc($result)) {
$mondays[] = $row['StartingMonday'];
}
return $mondays;
}
public static function updateUserPassword($login, $password)
{
if ($login instanceof Login) {
$query = "UPDATE " . Database::addPrefix('logins') . "\n\t\t\t\t\t\t\tSET password = '******'\n\t\t\t\t\t\t\tWHERE LoginID = '" . $login->getID() . "'";
Database::doQuery($query);
} else {
$query = "UPDATE " . Database::addPrefix('logins') . "\n\t\t\t\tSET password = '******'\n\t\t\t\tWHERE LoginID = '" . Database::makeStringSafe($login) . "'";
Database::doQuery($query);
}
}
public static function getByID($ID)
{
$query = "SELECT * FROM " . Database::addPrefix('insertionorders') . " WHERE InsertId = '" . $ID . "'";
$result = Database::doQuery($query);
$row = mysql_fetch_assoc($result);
if ($row) {
return InsertionOrderDao::populateInsertionOrder($row);
} else {
return null;
}
}
public static function getAllEquipment()
{
$result = Database::doQuery("SELECT * FROM " . Database::addPrefix(EquipmentDao::table_name));
$equipment = array();
if (mysql_num_rows($result) > 0) {
while ($row = mysql_fetch_assoc($result)) {
$equipment[] = new Equipment($row['equip_id'], $row['name'], $row['type'], $row['serial'], $row['description'], $row['max_length'], $row['picture'], $row['min_user_level'], $row['checkoutfrom']);
}
}
return $equipment;
}
public static function updateClient($client, $name, $email, $phone, $address)
{
if ($client instanceof Client) {
$query = "UPDATE " . Database::addPrefix('clients') . "\n\t\t\t\tSET Name = '" . $name . "', Email = '" . $email . "',\n\t\t\t\tPhone = '" . $phone . "', Address = '" . $address . "'\n\t\t\t \tWHERE ClientID = '" . Database::makeStringSafe($client->getID()) . "' LIMIT 1";
Database::doQuery($query);
return ClientDao::getClientByID($client->getID());
} else {
$query = "UPDATE " . Database::addPrefix('clients') . "\n\t\t\t\t\t\t\tSET Name = '" . $name . "', Email = '" . $email . "',\n\t\t\t\t\t\t\tPhone = '" . $phone . "', Address = '" . $address . "'\n\t\t\t\t\t\t \tWHERE ClientID = '" . Database::makeStringSafe($client) . "' LIMIT 1";
Database::doQuery($query);
return ClientDao::getClientByID($client->getID());
}
}
public static function updateAdRep($adRep, $name, $email, $phone)
{
if ($adRep instanceof AdRep) {
$query = "UPDATE " . Database::addPrefix('adreps') . "\n\t\t\t\t\tSET name = '" . $name . "', email = '" . $email . "',\n\t\t\t\t\tphone = '" . $phone . "'\n\t\t\t\t \tWHERE AdRepID = '" . Database::makeStringSafe($adRep->getID()) . "' LIMIT 1";
Database::doQuery($query);
return AdRepDao::getAdRepByID($adRep->getID());
} else {
$query = "UPDATE " . Database::addPrefix('clients') . "\n\t\t\t\t\t\t\t\tSET name = '" . $name . "', email = '" . $email . "',\n\t\t\t\t\t\t\t\tphone = '" . $phone . "', address = '" . $address . "'\n\t\t\t\t\t\t\t \tWHERE AdRepID = '" . Database::makeStringSafe($client) . "' LIMIT 1";
Database::doQuery($query);
return AdRepDao::getAdRepByID($adRep);
}
}
public static function getReservationsForEquipmentByDate($equipId, $startDate, $endDate)
{
$equipId = Database::makeStringSafe($equipId);
$query = "SELECT * FROM " . Database::addPrefix(ReservationDao::table_name) . " WHERE equip_id = '" . $equipId . "'" . " AND (('{$startDate}' BETWEEN start_date AND end_date) OR ('{$endDate}' BETWEEN start_date AND end_date))";
echo $query;
$result = Database::doQuery($query);
$reservations = array();
if (mysql_num_rows($result) > 0) {
while ($row = mysql_fetch_assoc($result)) {
$reservations[] = new Reservation($row['res_id'], $row['equip_id'], $row['user_id'], $row['start_date'], $row['end_date'], $row['checked_out_by'], $row['check_out_date'], $row['checked_in_by'], $row['check_in_date'], $row['length'], $row['user_comment'], $row['admin_comment'], $row['mod_status']);
}
}
return $reservations;
}
public static function setView($ip, $hostname, $site, $size, $webadID)
{
$ip = Database::makeStringSafe($ip);
$hostname = Database::makeStringSafe($hostname);
$site = Database::makeStringSafe($site);
$size = Database::makeStringSafe($size);
$webadID = Database::makeStringSafe($webadID);
$view = WebAdViewDao::getView($ip, $site, $size);
if ($view) {
$query = "UPDATE " . Database::addPrefix('webadviews') . " SET webadID = '" . $webadID . "'WHERE" . " ip = '" . $ip . "' AND site = '" . $site . "' AND size = '" . $size . "'";
Database::doQuery($query);
} else {
WebAdViewDao::createView($ip, $hostname, $site, $size, $webadID);
}
}
public static function updateName($userid, $name)
{
$userid = Database::makeStringSafe($userid);
$name = Database::makeStringSafe($name);
Database::doQuery("UPDATE " . Database::addPrefix(UserDao::table_name) . " SET name = '" . $name . "' WHERE user_id = '" . $userid . "' LIMIT 1");
}
public static function getByID($ID)
{
$row = mysql_fetch_assoc(Database::doQuery("SELECT * FROM " . Database::addPrefix('designstatus') . " WHERE StatusID = '" . $ID . "'"));
return new DesignStatus($row['StatusID'], $row['Name'], $row['Description']);
}
/**
* Created by Ryan J | ryanjayako@gmail.com
* Date:
* Version : v1.1
*/
session_start();
include "Database.class.php";
if (isset($_POST['submit'])) {
$username = $_POST['username'];
$password = $_POST['password'];
$_SESSION['error'] = NULL;
if ($username && $password) {
//new database object
$database = new Database();
$query = "SELECT * FROM user where user = '******' AND pass = '******'";
$rowResult = $database->numRows($database->doQuery($query));
$result = $database->doQuery($query);
//checking for user existence before proceeding with login.
if ($rowResult == 1) {
while ($rowdata = mysql_fetch_array($result)) {
$dbusername = $rowdata['user'];
$dbpassword = $rowdata['pass'];
}
if ($dbusername == $username && $dbpassword == $password) {
echo "You're in! Welcome " . $username;
} else {
echo "Something went wrong." . $rowResult . $dbusername;
}
} else {
header("Location: ../index.php?page=login");
}
<?php
require '../app/start.php';
if (!empty($_POST)) {
$label = $_POST['label'];
$title = $_POST['title'];
$slug = $_POST['slug'];
$body = $_POST['body'];
$insertQuery = "INSERT INTO pages ( label, title , slug, body, created )\n\tVALUES ( '" . $label . "','" . $title . "','" . $slug . "','" . $body . "',NOW())";
$resultINSert = Database::doQuery($insertQuery);
header('Location: ' . BASE_URL . 'admin/list.php');
}
require VIEW_ROOT . '/admin/add.php';
<?php
ini_set('display_errors', 1);
error_reporting(E_ALL);
require_once './config.php';
require_once './lib/DB/Database.php';
require_once './lib/Site/Page.php';
require_once './lib/Site/StandardLayout.php';
require_once './lib/Site/StandardNavigation.php';
require_once './lib/Util/Context.php';
require_once './lib/Util/SessionUtil.php';
if (!SessionUtil::start()) {
echo "Error Starting Session";
}
Database::Open();
$result = Database::doQuery("SELECT site, size, count(ip) AS view_count FROM " . Database::addPrefix("webadviews") . " GROUP BY site, size");
echo "\r\n<html>\r\n\t<head>\r\n\t\t<style>\r\n\t\t\ttd {\r\n\t\t\t\ttext-align: center;\r\n\t\t\t}\r\n\t\t</style>\r\n\t</head>\r\n\t<body>\r\n\t\t<table border=\"1\" style=\"margin-left: auto; margin-right: auto; width: 300px;\">\r\n\t\t<caption>All Time Unique Visitors Per Site</caption>\r\n\t\t<tr>\r\n\t\t\t<th>Site</th>\r\n\t\t\t<th>Size</th>\r\n\t\t\t<th>Visitors</th>\r\n\t\t</tr>";
while ($row = mysql_fetch_assoc($result)) {
echo "\r\n\t<tr>\r\n\t\t<td>" . $row['site'] . "</td>\r\n\t\t<td>" . $row['size'] . "</td>\r\n\t\t<td>" . $row['view_count'] . "</td>\r\n\t</tr>";
}
echo "</table></body></html>";
Database::Close();
<?php
require '../app/start.php';
if (!empty($_GET['id'])) {
$deletQuery = "DELETE FROM pages\n\tWHERE id = '" . $_GET['id'] . "'";
//echo $deletQuery;
$resultINSert = Database::doQuery($deletQuery);
}
header('Location: ' . BASE_URL . 'admin/list.php');
public static function getRecieved()
{
$result = mysql_fetch_assoc(Database::doQuery("SELECT * FROM " . Database::addPrefix('insertstatus') . " WHERE Name = 'Recieved'"));
return new InsertStatus($result['StatusID'], $result['Name'], $result['Description']);
}
public static function getWarningCountForUserByType($userId, $type)
{
$result = Database::doQuery("SELECT * FROM " . Database::addPrefix(WarningDao::table_name) . " WHERE user_id = '" . $userId . "' and type = '" . $type . "'");
return mysql_num_rows($result);
}
