public function login($username, $password) { $username = strip_tags($username); $username = stripslashes($username); $username = mysql_real_escape_string($username); $passHash = md5($password); // Applies MD5 encoded hash to the password $connection = new MySQLConnection(); $connection->connect(); $sql = "SELECT * FROM mymembers WHERE my_username = '******' AND my_password = '******' LIMIT 1"; $query = mysql_query($sql); if ($query) { $count = mysql_num_rows($query); } else { die(mysql_error()); } if ($count > 0) { while ($row = mysql_fetch_array($query)) { $_SESSION['username'] = $username; $_SESSION['pw'] = $password; $uid = $row['uid']; session_name($username . $uid); setcookie(session_name(), '', time() + 42000, '/'); $connection->close(); die("login=1"); } die("login=0&error=Invalid username or password"); } else { $connection->close(); die("login=0&error=Invalid username or password"); } }
public function change($newMessage) { $newMessage = strip_tags($newMessage); $newMessage = stripslashes($newMessage); $newMessage = mysql_real_escape_string($newMessage); //$newMessage = eregi_replace( "`", "", $newMessage ); $connection = new MySQLConnection(); $connection->connect(); $uid = $this->uid; $sql = "UPDATE mymembers SET status_message = '{$newMessage}' WHERE uid = {$uid}"; $query = mysql_query($sql); $connection->close(); if ($query) { echo "result=1"; } else { die("result=0"); } }
public function grab() { $connection = new MySQLConnection(); $connection->connect(); $uid = $this->uid; $sql = "SELECT * FROM mymembers WHERE uid = {$uid} LIMIT 1"; $query = mysql_query($sql); if ($query) { while ($row = mysql_fetch_array($query)) { $xml = "<user id='{$uid}'>\n"; $xml .= "\t<firstName>" . $row['first_name'] . "</firstName>\n"; $xml .= "\t<lastName>" . $row['last_name'] . "</lastName>\n"; $xml .= "\t<email>" . $row['email'] . "</email>\n"; $xml .= "\t<country>" . $row['country'] . "</country>\n"; $xml .= "\t<statusMessage>" . $row['status_message'] . "</statusMessage>\n"; $xml .= "</user>"; $this->xml = $xml; } } else { die("<error>Failed to grab user data.</error>"); } }
<?php require_once "classes/MySQLConnection.php"; if (isset($_POST['username'])) { $connection = new MySQLConnection(); $connection->connect(); $username = $_POST['username']; $sql = "SELECT * FROM mymembers WHERE my_username = '******' LIMIT 1"; $query = mysql_query($sql); while ($row = mysql_fetch_array($query)) { $uid = $row['uid']; $xml = '<user id="' . $uid . '">' . "\n"; $xml .= "\t<firstName>" . $row['first_name'] . "</firstName>\n"; $xml .= "\t<lastName>" . $row['last_name'] . "</lastName>\n"; $xml .= "\t<country>" . $row['country'] . "</country>\n"; $xml .= "\t<statusMessage>" . $row['status_message'] . "</statusMessage>\n"; $xml .= "</user>\n"; } echo $xml; $connection->close(); exit; } ?>
} public static function error() { return "#" . mysqli_errno(MySQLConnection::$db_connection) . " - " . mysqli_error(MySQLConnection::$db_connection); } public static function get_numb_queries() { return MySQLConnection::$numb_queries; } public static function autocommit($state) { if (is_bool($state)) { return mysqli_autocommit(MySQLConnection::$db_connection, $state); } } public static function commit() { return mysqli_commit(MySQLConnection::$db_connection); } public static function close() { //// // Make sure a database connection has been established before attemping to close //// if (!empty(MySQLConnection::$db_connection)) { return @mysqli_close(MySQLConnection::$db_connection); } } } MySQLConnection::connect();