/** * {@inheritDoc} */ public function quoteTrustedValue($value) { if ($this->resource instanceof DriverInterface) { $this->resource = $this->resource->getConnection()->getResource(); } if (is_resource($this->resource)) { return '\'' . pg_escape_string($this->resource, $value) . '\''; } if ($this->resource instanceof \PDO) { return $this->resource->quote($value); } return 'E' . parent::quoteTrustedValue($value); }
/** * Quote Trusted Value * * The ability to quote values without notices * * @param $value * @return mixed */ public function quoteTrustedValue($value) { if ($this->resource instanceof DriverInterface) { $this->resource = $this->resource->getConnection()->getResource(); } if ($this->resource instanceof \PDO) { return $this->resource->quote($value); } return '\'' . addcslashes($value, "\n\r\\'\"") . '\''; }
/** * {@inheritDoc} */ public function quoteTrustedValue($value) { if ($this->resource instanceof DriverInterface) { $this->resource = $this->resource->getConnection()->getResource(); } if ($this->resource instanceof \PDO) { return $this->resource->quote($value); } return '\'' . str_replace('\'', '\'\'', $value) . '\''; }
/** * @param \Zend\Db\Adapter\Driver\Pdo\Pdo||\PDO $driver * @throws \Zend\Db\Adapter\Exception\InvalidArgumentException * @return $this */ public function setDriver($driver) { if ($driver instanceof \PDO && $driver->getAttribute(\PDO::ATTR_DRIVER_NAME) == 'sqlite') { $this->resource = $driver; return $this; } if ($driver instanceof Pdo\Pdo && $driver->getDatabasePlatformName() == 'Sqlite') { $this->resource = $driver->getConnection()->getResource(); return $this; } throw new Exception\InvalidArgumentException('$driver must be a Sqlite PDO Zend\\Db\\Adapter\\Driver, Sqlite PDO instance'); }
/** * @param \Zend\Db\Adapter\Driver\Pgsql\Pgsql|\Zend\Db\Adapter\Driver\Pdo\Pdo|resource|\PDO $driver * @throws \Zend\Db\Adapter\Exception\InvalidArgumentException * @return $this */ public function setDriver($driver) { if ($driver instanceof Pgsql\Pgsql || $driver instanceof Pdo\Pdo && $driver->getDatabasePlatformName() == 'Postgresql') { $this->resource = $driver->getConnection()->getResource(); return $this; } if (is_resource($driver) && in_array(get_resource_type($driver), array('pgsql link', 'pgsql link persistent')) || $driver instanceof \PDO && $driver->getAttribute(\PDO::ATTR_DRIVER_NAME) == 'pgsql') { $this->resource = $driver; return $this; } throw new Exception\InvalidArgumentException('$driver must be a Pgsql or Postgresql PDO Zend\\Db\\Adapter\\Driver, pgsql link resource or Postgresql PDO instance'); }
/** * Quote Trusted Value * * The ability to quote values without notices * * @param $value * @return mixed */ public function quoteTrustedValue($value) { if ($this->resource instanceof DriverInterface) { $this->resource = $this->resource->getConnection()->getResource(); } if ($this->resource instanceof \mysqli) { return '\'' . $this->resource->real_escape_string($value) . '\''; } if ($this->resource instanceof \PDO) { return $this->resource->quote($value); } return '\'' . addcslashes($value, "\x00\n\r\\'\"\x1a") . '\''; }
public static function templateDelete() { $sql = 'DELETE FROM ' . $GLOBALS['table_prefix'] . 'template WHERE id=:id;'; try { $db = PDO::getConnection(); $stmt = $db->prepare($sql); $stmt->bindParam('id', $_REQUEST['id']); $stmt->execute(); $db = null; Response::outputDeleted('Template', $_REQUEST['id']); } catch (PDOException $e) { Response::outputError($e); } }
/** * @param \Zend\Db\Adapter\Driver\Sqlsrv\Sqlsrv|\Zend\Db\Adapter\Driver\Pdo\Pdo||resource|\PDO $driver * @throws \Zend\Db\Adapter\Exception\InvalidArgumentException * @return $this */ public function setDriver($driver) { // handle Zend_Db drivers if ($driver instanceof Pdo\Pdo && $driver->getDatabasePlatformName() == 'Sqlsrv') { /** @var $driver \Zend\Db\Adapter\Driver\DriverInterface */ $this->resource = $driver->getConnection()->getResource(); return $this; } // handle if ($driver instanceof \PDO && $driver->getAttribute(\PDO::ATTR_DRIVER_NAME) == 'sqlsrv') { $this->resource = $driver; return $this; } throw new Exception\InvalidArgumentException('$driver must be a Sqlsrv PDO Zend\\Db\\Adapter\\Driver or Sqlsrv PDO instance'); }
public static function enforceRequestLimit($limit) { $response = new Response(); try { $db = PDO::getConnection(); $stmt = $db->prepare('select count(cmd) as num from ' . $GLOBALS['table_prefix'] . 'restapi_request_log where date > date_sub(now(),interval 1 minute)'); $stmt->execute(); $result = $stmt->fetch(PDO::FETCH_OBJ); if ($result->num > $limit) { $response->outputErrorMessage('Too many requests. Requests are limited to ' . $limit . ' per minute'); die(0); } } catch (\Exception $e) { $response->setError($e->getCode(), $e->getMessage()); } }
public static function templateDelete() { $sql = 'DELETE FROM ' . $GLOBALS['table_prefix'] . 'template WHERE id=:id'; try { if (!is_numeric($_REQUEST['id'])) { Response::outputErrorMessage('invalid call'); } $db = PDO::getConnection(); $stmt = $db->prepare($sql); $stmt->bindParam('id', $_REQUEST['id'], PDO::PARAM_STR); $stmt->execute(); $db = null; Response::outputDeleted('Template', $_REQUEST['id']); } catch (\Exception $e) { Response::outputError($e); } }
/** * Unassigns a list from a campaign. * * <p><strong>Parameters:</strong><br/> * [*list_id] {integer} the ID of the list.<br/> * [*campaign_id] {integer} the ID of the campaign. * </p> * <p><strong>Returns:</strong><br/> * System message of action. * </p> */ public static function listCampaignDelete($list_id = 0, $campaign_id = 0) { if ($list_id == 0) { $list_id = $_REQUEST['list_id']; } if ($campaign_id == 0) { $campaign_id = $_REQUEST['campaign_id']; } $sql = 'DELETE FROM ' . $GLOBALS['tables']['listmessage'] . ' WHERE listid=:list_id AND messageid=:campaign_id;'; try { $db = PDO::getConnection(); $stmt = $db->prepare($sql); $stmt->bindParam('campaign_id', $campaign_id, PDO::PARAM_INT); $stmt->bindParam('list_id', $list_id, PDO::PARAM_INT); $stmt->execute(); $db = null; Response::outputMessage('Campaign ' . $campaign_id . ' wsa removed from list ' . $list_id); } catch (\Exception $e) { Response::outputError($e); } die(0); }
/** * Delete a Subscriber. * * <p><strong>Parameters:</strong><br/> * [*id] {integer} the ID of the Subscriber.<br/> * </p> * <p><strong>Returns:</strong><br/> * The deleted Subscriber ID. * </p> */ public static function subscriberDelete() { $sql = 'DELETE FROM ' . $GLOBALS['tables']['user'] . ' WHERE id=:id;'; try { if (!is_numeric($_REQUEST['id'])) { Response::outputErrorMessage('invalid call'); } $db = PDO::getConnection(); $stmt = $db->prepare($sql); $stmt->bindParam('id', $_REQUEST['id'], PDO::PARAM_INT); $stmt->execute(); $db = null; Response::outputDeleted('Subscriber', sprintf('%d', $_REQUEST['id'])); } catch (\Exception $e) { Response::outputError($e); } }
/** * Update existing message/campaign. * * <p><strong>Parameters:</strong><br/> * [*id] {integer} <br/> * [*subject] {string} <br/> * [*fromfield] {string} <br/> * [*replyto] {string} <br/> * [*message] {string} <br/> * [*textmessage] {string} <br/> * [*footer] {string} <br/> * [*status] {string} <br/> * [*sendformat] {string} <br/> * [*template] {string} <br/> * [*embargo] {string} <br/> * [*rsstemplate] {string} <br/> * [owner] {string} <br/> * [htmlformatted] {string} <br/> * <p><strong>Returns:</strong><br/> * The message added. * </p> */ public static function messageUpdate($id = 0) { if ($id == 0) { $id = $_REQUEST['id']; } $sql = 'UPDATE ' . $GLOBALS['table_prefix'] . 'message SET subject=:subject, fromfield=:fromfield, replyto=:replyto, message=:message, textmessage=:textmessage, footer=:footer, status=:status, sendformat=:sendformat, template=:template, sendstart=:sendstart, rsstemplate=:rsstemplate, owner=:owner, htmlformatted=:htmlformatted WHERE id=:id;'; try { $db = PDO::getConnection(); $stmt = $db->prepare($sql); $stmt->bindParam('id', $id); $stmt->bindParam('subject', $_REQUEST['subject']); $stmt->bindParam('fromfield', $_REQUEST['fromfield']); $stmt->bindParam('replyto', $_REQUEST['replyto']); $stmt->bindParam('message', $_REQUEST['message']); $stmt->bindParam('textmessage', $_REQUEST['textmessage']); $stmt->bindParam('footer', $_REQUEST['footer']); $stmt->bindParam('status', $_REQUEST['status']); $stmt->bindParam('sendformat', $_REQUEST['sendformat']); $stmt->bindParam('template', $_REQUEST['template']); $stmt->bindParam('embargo', $_REQUEST['embargo']); $stmt->bindParam('rsstemplate', $_REQUEST['rsstemplate']); $stmt->bindParam('owner', $_REQUEST['owner']); $stmt->bindParam('htmlformatted', $_REQUEST['htmlformatted']); $stmt->execute(); $db = null; self::messageGet($id); } catch (PDOException $e) { Response::outputError($e); } }