function closeConnection() { if (self::$con) { @mysql_close(self::$con); self::$con = FALSE; return TRUE; } else { return FALSE; } }
<?php include '../core/main.class.php'; $main = new Main(); //check for loged in $id = Security::secureString($_GET['id']); $status = Security::secureString($_GET['status']); if (session::check() && session::get_param('admin')) { $main->con()->db_query("UPDATE feedback_ideas SET status='{$status}' WHERE id='{$id}'"); $info = array('status' => '<div id="status_' . $id . '" class="nr_votes ' . render::giveStatus($status, "class") . '">' . render::giveStatus($status, "text") . '</div>', 'adm_com' => '<div id="com_status_' . $id . '" class="ad_' . render::giveStatus($status, "class") . '"></div>'); echo json_encode($info); }
<?php include '../core/main.class.php'; $main = new Main(); //check for loged in $id = Security::secureString($_GET['id']); $idea = mysql_fetch_array($main->con()->db_query("SELECT votes FROM feedback_ideas WHERE id='{$id}'")); if (session::check()) { $voter_id = session::get_param('user_id'); $main->con()->db_query("UPDATE feedback_ideas SET votes=votes+1 WHERE id='{$id}'"); $main->con()->db_query("INSERT INTO feedback_votes (idea_id,voter_id) VALUES('{$id}','{$voter_id}')"); } echo render::dynamicFont(number_format($idea['votes'] + 1, 0, '', ','), 32); ?> <br/> votes<br/>
<?php include '../core/main.class.php'; $main = new Main(); //check for loged in $id = Security::secureString($_GET['id']); if (session::check() && session::get_param('admin')) { $main->con()->db_query("DELETE FROM feedback_ideas WHERE id='{$id}'"); }
<?php include '../../../core/main.class.php'; $main = new Main(); //check for loged in $id = Security::secureString($_GET['id']); if (session::check() && session::get_param('admin')) { $idea = mysql_fetch_array($main->con()->db_query("SELECT * FROM feedback_comments WHERE id='{$id}'")); $main->con()->db_query("DELETE FROM feedback_comments WHERE id='{$id}'"); $main->con()->db_query("UPDATE feedback_ideas SET comments=comments-1 WHERE id='" . $idea['idea_id'] . "'"); }
<?php include '../../../core/main.class.php'; $main = new Main(); //check for loged in $title = Security::secureString($_GET['title']); $descr = Security::secureString($_GET['description']); $auth_id = session::get_param('user_id'); $main->con()->db_query("INSERT INTO feedback_ideas (idea,description,sub_date,auth_id) VALUES('{$title}','{$descr}',NOW(),'{$auth_id}')"); //insert si in votes votu lu asta! $id = mysql_insert_id(); $idea = mysql_fetch_array($main->con()->db_query("SELECT idea,id FROM feedback_ideas WHERE id='{$id}'")); $url = HTTP_CORE_BASE . 'idea/id/' . $idea['id'] . '/' . render::makeTitle($idea['idea']); echo '&url=' . $url;
include '../../../core/main.class.php'; $main = new Main(); $action = Security::secureString($_GET['action']); switch ($action) { case 'signup': $username = strtolower(Security::secureString($_GET['username'])); $email = strtolower(Security::secureString($_GET['email'])); $password = Security::secureString($_GET['password']); $rpassword = Security::secureString($_GET['rpassword']); if ($password == $rpassword) { $pass = md5($password); } else { $msg = 'The passwords did not match!'; } if ($main->con()->db_query("INSERT INTO members (username,email,password,joindate) VALUES('{$username}','{$email}','{$pass}',NOW())")) { $msg = 'The user was created!'; } echo $msg; break; case 'login': $username = strtolower(Security::secureString($_GET['username'])); $password = md5(Security::secureString($_GET['password'])); $error = '0'; $msg = ''; $admin = false; $sql_check = $main->con()->db_query("SELECT username,password,id,admin FROM members WHERE username='******' AND password='******'"); if (mysql_num_rows($sql_check)) { $row = mysql_fetch_assoc($sql_check); session::start_secure_session(); session::add_param("admin", $row['admin']);
public function __construct() { if (!empty($this->exception_handler)) { set_exception_handler($this->exception_handler); } $this->plugins_dir = PLUGINS_DIR; //data encapsulation self::$con = new Conn(); Session::start(SESSION_NAME); }
<?php include '../../../core/main.class.php'; $main = new Main(); $term = Security::secureString($_GET['term']); $result_resources = $main->con()->db_query("SELECT *, MATCH(idea, description) AGAINST('{$term}') AS score FROM feedback_ideas\n WHERE MATCH(idea, description) AGAINST('{$term}') ORDER BY score DESC LIMIT 30"); while ($info = mysql_fetch_array($result_resources)) { $ideas[] = $info; } $voted_ideas = array(); if (session::check()) { $videas_q = $main->con()->db_query("SELECT idea_id FROM feedback_votes WHERE voter_id='" . session::get_param('user_id') . "'"); while ($i_videas = mysql_fetch_assoc($videas_q)) { $voted_ideas[] = $i_videas; } } $highliter = '<span style="background:yellow;">\\1</span>'; if (!empty($ideas)) { foreach ($ideas as $idea) { ?> <div id="idea_<?php echo $idea['id']; ?> " class="idea_container"> <div class="votes"> <div id="nr_votes_<?php echo $idea['id']; ?> " class="nr_votes <?php echo $idea['status'] == 4 || render::checkVoted($idea['id'], $voted_ideas) ? 'full' : ''; ?>
<?php include '../../../core/main.class.php'; $main = new Main(); if (session::check()) { $user_id = session::get_param('user_id'); $idea_id = Security::secureString($_GET['idea_id']); $comment = Security::secureString(strip_tags($_GET['comment'])); $admin_change = Security::secureString(strip_tags($_GET['admin_change'])); if ($admin_change == '1') { $main->con()->db_query("UPDATE feedback_ideas SET admin_comment='{$comment}' WHERE id='{$idea_id}'"); } else { $main->con()->db_query("INSERT INTO feedback_comments (idea_id,user_id,comment,date) VALUES('{$idea_id}','{$user_id}','{$comment}',NOW())"); $main->con()->db_query("UPDATE feedback_ideas SET comments=comments+1 WHERE id='{$idea_id}'"); } } ?>