public function delete($id) { if ($this->checkExistedInBills($id)) { return 1; } $ps = new PreparedStatement("DELETE FROM stocks WHERE id = ?"); $ps->setInt(1, $id); return $this->ds->execute($ps->getSql()) ? 0 : 2; }
function delete($id) { $sql = 'DELETE FROM carts WHERE id = ?'; $ps = new PreparedStatement($sql); $ps->setInt(1, $id); $this->ds->execute($ps->getSql()); $cartItemDAO = new CartItemDAO($this->ds); $cartItemDAO->deleteInCart($id); }
public function delete($id) { $ps = new PreparedStatement("DELETE FROM cities WHERE id = ?"); $ps->setInt(1, $id); if ($this->ds->execute($ps->getSql())) { $customerDAO = new CustomerDAO($this->ds); $customerDAO->updateCity($id, 'NULL'); return TRUE; } return FALSE; }
public function delete($id) { $ps = new PreparedStatement("DELETE FROM categories WHERE id = ?"); $ps->setInt(1, $id); if ($this->ds->execute($ps->getSql())) { $productDAO = new ProductDAO($this->ds); $productDAO->updateCat($id, 'NULL'); return TRUE; } return FALSE; }
public function checkExisted($stock_id) { $ps = new PreparedStatement('SELECT id FROM export_bills WHERE stock_id = ?'); $ps->setInt(1, $stock_id); $rs = $this->ds->execute($ps->getSql()); $ret = FALSE; if (mysql_fetch_array($rs)) { $ret = TRUE; } mysql_free_result($rs); return $ret; }
public function checkLogin($username, $password) { $ps = new PreparedStatement('SELECT group_id FROM members WHERE username = ? AND password = ?'); $ps->setString(1, $username); $ps->setString(2, $password); $rs = $this->ds->execute($ps->getSql()); $ret = 0; if ($row = mysql_fetch_array($rs)) { $ret = (int) $row['group_id']; } mysql_free_result($rs); return $ret; }
function deleteCheckHook() { global $db, $id, $result, $RESERVED_PERM_NAMES; $apppermDAO = new ApppermDAO($db); if (!($perm = $apppermDAO->load($id))) { $result->errorMsg .= "This Permission cannot be deleted because it does not exist.\n"; return; } if (in_array($perm->perm_name, $RESERVED_PERM_NAMES)) { $result->errorMsg .= "This is a reserved Permission, and cannot be deleted.\n"; return; } $ps = new PreparedStatement('select * from apppageuriperm where perm_name = ?', 0, 1); $ps->setString($perm->perm_name); if ($db->fetchObject($db->executeQuery($ps), true)) { $result->errorMsg .= "This Permission cannot be deleted because it is referenced by one or more Page URIs.\n"; } $ps = new PreparedStatement('select * from approleperm where perm_name = ?', 0, 1); $ps->setString($perm->perm_name); if ($db->fetchObject($db->executeQuery($ps), true)) { $result->errorMsg .= "This Permission cannot be deleted because it is referenced by one or more Roles.\n"; } }
public function validate($db, &$row) { $sql = sprintf('select %s from %s', $this->foreignKeyMapping[0]->foreign, $this->foreignTable); $sep = ' where '; foreach ($this->foreignKeyMapping as $fkm) { $sql .= sprintf('%s%s = ?', $sep, $fkm->foreign); if ($sep != ' and ') { $sep = ' and '; } } $ps = new PreparedStatement($sql, 0, 1); foreach ($this->foreignKeyMapping as $fkm) { $vn = $fkm->local; $val = property_exists($row, $vn) ? $row->{$vn} : ''; // If we're set to allow nulls and any value is null, don't validate. if ($this->allowNULL && $val === null) { return ''; } switch ($fkm->type) { case 'int': $ps->setInt($val); break; case 'float': $ps->setFloat($val); break; case 'double': $ps->setDouble($val); break; case 'boolean': $ps->setBoolean($val); break; case 'string': $ps->setString($val); break; case 'binary': $ps->setBinary($val); break; default: throw new Exception(sprintf('Unexpected PreparedStatement data type: %s', $fkm->type)); } } if (!$db->fetchObject($db->executeQuery($ps), true)) { if ($this->errorMsg != '') { return $this->errorMsg; } return _t('ForeignKeyValidator.class.errorMsg.mustMatchAnExistingEntry'); } return ''; }
<?php // DO NOT EDIT THIS FILE. // This file was generated by searchgen. // If you need to customize this file, please edit the corresponding // yaml file in the gencfg directory, and then re-generate this file // by running searchgen, passing in the table name. if (isset($command) && $command == 'loadPosting') { header('Content-Type: application/json'); $db = ConnectionFactory::getConnection(); $postingDAO = new PostingDAO($db); $id = isset($params['id']) ? (int) trim($params['id']) : 0; if ($id <= 0) { $rows = array(Posting::createDefault()); } else { $sql = <<<EOF select * from posting pri where pri.id = ? EOF; $ps = new PreparedStatement($sql, 0, 1); $ps->setInt($id); $rows = $postingDAO->findWithPreparedStatement($ps); } echo json_encode($rows); $db->close(); exit; }
<?php // DO NOT EDIT THIS FILE. // This file was generated by searchgen. // If you need to customize this file, please edit the corresponding // yaml file in the gencfg directory, and then re-generate this file // by running searchgen, passing in the table name. if (isset($command) && $command == 'loadIncomeexpense') { header('Content-Type: application/json'); $db = ConnectionFactory::getConnection(); $incomeexpenseDAO = new IncomeexpenseDAO($db); $id = isset($params['id']) ? (int) trim($params['id']) : 0; if ($id <= 0) { $rows = array(Incomeexpense::createDefault()); } else { $sql = <<<EOF select * from incomeexpense pri where pri.id = ? EOF; $ps = new PreparedStatement($sql, 0, 1); $ps->setInt($id); $rows = $incomeexpenseDAO->findWithPreparedStatement($ps); } echo json_encode($rows); $db->close(); exit; }
private function findMaxOrderInCat($cat_id) { $sql = 'SELECT MAX(order_in_cat) AS max_order FROM products WHERE category_id = ?'; $ps = new PreparedStatement($sql); $ps->setInt(1, $cat_id); $rs = $this->ds->execute($ps->getSql()); $max_order = 0; if ($row = mysql_fetch_array($rs)) { $max_order = (int) $row['max_order']; } mysql_free_result($rs); return $max_order; }
public static function inScriptPermissionsCheck($user_id, $showMenuIfFailed) { $pageURI = $_SERVER['REQUEST_URI']; if (!Permissions::hasPermissionsForScript($user_id, $pageURI)) { if ($showMenuIfFailed) { include dirname(dirname(__FILE__)) . '/include/header.include.php'; } else { echo '<html><head></head><body>'; } echo '<h3>You need the following permissions to use this page:</h3>'; echo '<ul>'; $fileCache = self::createFileCache(); $db = null; $ps = new PreparedStatement('select description from appperm where perm_name = ?'); foreach (Permissions::getRequiredPermissionsForScript($pageURI) as $p) { $cacheKey = sprintf('apppermDesc%s', $p); if (($desc = $fileCache->get($cacheKey)) === false) { if ($db === null) { $db = ConnectionFactory::getConnection(); } $ps->clearParams(); $ps->setString($p); if (($row = $db->fetchObject($db->executeQuery($ps), true)) !== false) { $desc = $row->description; } else { $desc = $p; } $fileCache->set($cacheKey, $desc); } echo '<li>'; echo htmlspecialchars($desc); echo '</li>'; } if ($db !== null) { $db->close(); } echo '</ul>'; if ($showMenuIfFailed) { include dirname(dirname(__FILE__)) . '/include/footer.include.php'; } else { echo '</body></html>'; } exit; } }
public function findByHas_sharesPS($has_shares, $queryOperator = '=', $orderBy = null, $offset = 0, $limit = 0) { if (!in_array($queryOperator, self::$ALLOWED_NUMERIC_QUERY_OPERATORS)) { $queryOperator = self::$ALLOWED_NUMERIC_QUERY_OPERATORS[0]; } $ps = new PreparedStatement("select * from accttype where has_shares {$queryOperator} ?" . ($orderBy !== null && $orderBy != '' ? ' order by ' . $orderBy : ''), $offset, $limit); $ps->setInt($has_shares); return $ps; }
public function findByDescriptionPS($description, $queryOperator = '=', $orderBy = null, $offset = 0, $limit = 0) { if (!in_array($queryOperator, self::$ALLOWED_STRING_QUERY_OPERATORS)) { $queryOperator = self::$ALLOWED_STRING_QUERY_OPERATORS[0]; } if ($queryOperator == 'beginsWith' || $queryOperator == 'endsWith' || $queryOperator == 'contains') { $sqlQueryOperator = $this->connection->likeOperator; $needLower = !$this->connection->hasCaseInsensitiveLike; } else { $sqlQueryOperator = $queryOperator; $needLower = false; } $ps = new PreparedStatement("select * from appperm where " . ($needLower ? 'lower(description)' : 'description') . ' ' . $sqlQueryOperator . ' ' . ($needLower ? 'lower(?)' : '?') . ($orderBy !== null && $orderBy != '' ? ' order by ' . $orderBy : ''), $offset, $limit); if ($queryOperator == 'beginsWith') { $ps->setString($description . '%'); } else { if ($queryOperator == 'endsWith') { $ps->setString('%' . $description); } else { if ($queryOperator == 'contains') { $ps->setString('%' . $description . '%'); } else { $ps->setString($description); } } } return $ps; }
function delete($id) { $sql = 'DELETE FROM promos WHERE id = ?'; $ps = new PreparedStatement($sql); $ps->setInt(1, $id); return $this->ds->execute($ps->getSql()) ? TRUE : FALSE; }
// by running searchgen, passing in the table name. if (isset($command) && $command == 'loadApprole') { header('Content-Type: application/json'); $db = ConnectionFactory::getConnection(); $approleDAO = new ApproleDAO($db); $apppermDAO = new ApppermDAO($db); $id = isset($params['id']) ? (int) trim($params['id']) : 0; if ($id <= 0) { $rows = array(Approle::createDefault()); } else { $sql = <<<EOF select * from approle pri where pri.id = ? EOF; $ps = new PreparedStatement($sql, 0, 1); $ps->setInt($id); $rows = $approleDAO->findWithPreparedStatement($ps); } $ps1 = new PreparedStatement(<<<EOF select distinct p.* from approleperm r_p inner join appperm p on p.perm_name = r_p.perm_name where r_p.role_name = ? order by p.perm_name EOF , 0, 0); foreach ($rows as &$row) { $ps1->clearParams(); $ps1->setString($row->role_name); $row->perms = $id <= 0 ? array() : $apppermDAO->findWithPreparedStatement($ps1); } unset($row); echo json_encode($rows); $db->close(); exit; }
} else { $ps->setString('%' . $query . '%'); } $ps->setInt($queryCol == '' || $queryCol == 'pri.last_name' ? 1 : 0); if ($canDoFulltextSearch) { $ps->setString($ftquery); $ps->setString($ftquery); } else { $ps->setString('%' . $query . '%'); } $row = $db->fetchObject($db->executeQuery($ps), true); $rowCount = isset($row->rowCount) ? (int) $row->rowCount : 0; printf('{"sEcho": %d, "iTotalRecords": %d, "iTotalDisplayRecords": %d, "aaData": [', $sEcho, $rowCount, $rowCount); // Get actual rows. $ps = new PreparedStatement(<<<EOF select pri.* EOF . $sqlTail . $orderBy, $offset, $limit); $ps->setInt($queryCol == '' || $queryCol == 'pri.id' ? 1 : 0); $ps->setInt($query); $ps->setInt($queryCol == '' || $queryCol == 'pri.user_name' ? 1 : 0); $ps->setString($query . '%'); $ps->setInt($queryCol == '' || $queryCol == 'pri.email_addr' ? 1 : 0); $ps->setString($query . '%'); $ps->setInt($queryCol == '' || $queryCol == 'pri.first_name' ? 1 : 0); if ($canDoFulltextSearch) { $ps->setString($ftquery); $ps->setString($ftquery); } else { $ps->setString('%' . $query . '%'); } $ps->setInt($queryCol == '' || $queryCol == 'pri.last_name' ? 1 : 0);
public function findBySort_orderPS($sort_order, $queryOperator = '=', $orderBy = null, $offset = 0, $limit = 0) { if (!in_array($queryOperator, self::$ALLOWED_NUMERIC_QUERY_OPERATORS)) { $queryOperator = self::$ALLOWED_NUMERIC_QUERY_OPERATORS[0]; } $ps = new PreparedStatement("select * from incomeexpense where sort_order {$queryOperator} ?" . ($orderBy !== null && $orderBy != '' ? ' order by ' . $orderBy : ''), $offset, $limit); $ps->setInt($sort_order); return $ps; }
public function update($col, $content) { $ps = new PreparedStatement('UPDATE global SET ' . $col . ' = ?'); $ps->setString(1, $this->ds->escape($content)); return $this->ds->execute($ps->getSql()); }
public function deleteInCart($cart_id) { $ps = new PreparedStatement('DELETE FROM cart_items WHERE cart_id = ?'); $ps->setInt(1, $cart_id); return $this->ds->execute($ps->getSql()); }
public static function isView($db, $tableName, $dbName = '') { switch ($db->getDialect()) { case 'mysql': $dbNamePlaceholder = $dbName != '' ? '?' : 'database()'; $ps = new PreparedStatement("select TABLE_NAME from information_schema.VIEWS where TABLE_SCHEMA = {$dbNamePlaceholder} and TABLE_NAME = ?"); if ($dbName != '') { $ps->setString($dbName); } $ps->setString($tableName); return $db->fetchObject($db->executeQuery($ps), true) !== false; case 'pgsql': $dbNamePlaceholder = $dbName != '' ? '?' : 'current_schema()'; $ps = new PreparedStatement("select viewname from pg_views where schemaname = {$dbNamePlaceholder} and viewname = ?"); if ($dbName != '') { $ps->setString($dbName); } $ps->setString($tableName); return $db->fetchObject($db->executeQuery($ps), true) !== false; } }
/** * Populates values in a prepared statement. * * @param PreparedStatement $stmt * @param array $params array('column' => ..., 'table' => ..., 'value' => ...) * @param DatabaseMap $dbMap * @return int The number of params replaced. */ private static function populateStmtValues($stmt, $params, DatabaseMap $dbMap) { $i = 1; foreach ($params as $param) { $tableName = $param['table']; $columnName = $param['column']; $value = $param['value']; if ($value === null) { $stmt->setNull($i++); } else { $cMap = $dbMap->getTable($tableName)->getColumn($columnName); $setter = 'set' . CreoleTypes::getAffix($cMap->getCreoleType()); $stmt->{$setter}($i++, $value); } } // foreach }
public function validate($db, &$row) { $sql = sprintf('select %s from %s', $this->fields[0]->field, $this->table); $sep = ' where '; foreach ($this->fields as $fld) { $qo = $fld->queryOperator; if ($qo == 'beginsWith' || $qo == 'contains' || $qo == 'endsWith') { $qo = 'like'; } $sql .= sprintf('%s%s %s ?', $sep, $fld->field, $qo); if ($sep != ' and ') { $sep = ' and '; } } $ps = new PreparedStatement($sql, 0, 1); foreach ($this->fields as $fld) { $vn = $fld->field; $val = property_exists($row, $vn) ? $row->{$vn} : ''; // If we're set to allow nulls and any value is null, don't validate. if ($this->allowNULL && $val === null) { return ''; } switch ($fld->type) { case 'int': $ps->setInt($val); break; case 'float': $ps->setFloat($val); break; case 'double': $ps->setDouble($val); break; case 'boolean': $ps->setBoolean($val); break; case 'string': switch ($fld->queryOperator) { case 'beginsWith': $ps->setString($val . '%'); break; case 'contains': $ps->setString('%' . $val . '%'); break; case 'endsWith': $ps->setString('%' . $val); break; default: $ps->setString($val); break; } break; case 'binary': $ps->setBinary($val); break; default: throw new Exception(sprintf('Unexpected PreparedStatement data type: %s', $fld->type)); } } if ($db->fetchObject($db->executeQuery($ps), true)) { if ($this->errorMsg != '') { return $this->errorMsg; } return _t('NoDuplicatesValidator.class.errorMsg.anEntryAlreadyExistsWithThisValue'); } return ''; }
public function updateCity($old_city_id, $new_city_id) { $sql = 'UPDATE customers SET city_id = ? WHERE city_id = ?'; $ps = new PreparedStatement($sql); if ($new_city_id == 'NULL') { $ps->setNull(1); } else { $ps->setInt(1, $new_city_id); } $ps->setInt(2, $old_city_id); $this->ds->execute($ps->getSql()); }
$limit = isset($params['limit']) ? (int) $params['limit'] : 0; if ($limit < 1 || $limit > 100) { $limit = 100; } } else { $id = isset($params['id']) ? (int) trim($params['id']) : 0; $sqlTail = <<<EOF from appuser pri where pri.id = ? EOF; $offset = 0; $limit = 1; } $ps = new PreparedStatement(<<<EOF select pri.* EOF . $sqlTail, $offset, $limit); if ($query !== null) { $ps->setString($query . '%'); if ($canDoFulltextSearch) { $ps->setString($ftquery); $ps->setString($ftquery); } else { $ps->setString('%' . $query . '%'); } if ($canDoFulltextSearch) { $ps->setString($ftquery); $ps->setString($ftquery); } else { $ps->setString('%' . $query . '%'); }
EOF; // Get row count. $ps = new PreparedStatement('select count(*) as rowCount' . $sqlTail); $ps->setInt($queryCol == '' || $queryCol == 'pri.id' ? 1 : 0); $ps->setInt($query); $ps->setInt($queryCol == '' || $queryCol == 'pri.description' ? 1 : 0); $ps->setString('%' . $query . '%'); $ps->setInt($queryCol == '' || $queryCol == 'pri.normal_sign' ? 1 : 0); $ps->setString('%' . $query . '%'); $row = $db->fetchObject($db->executeQuery($ps), true); $rowCount = isset($row->rowCount) ? (int) $row->rowCount : 0; printf('{"sEcho": %d, "iTotalRecords": %d, "iTotalDisplayRecords": %d, "aaData": [', $sEcho, $rowCount, $rowCount); // Get actual rows. $ps = new PreparedStatement(<<<EOF select pri.* EOF . $sqlTail . $orderBy, $offset, $limit); $ps->setInt($queryCol == '' || $queryCol == 'pri.id' ? 1 : 0); $ps->setInt($query); $ps->setInt($queryCol == '' || $queryCol == 'pri.description' ? 1 : 0); $ps->setString('%' . $query . '%'); $ps->setInt($queryCol == '' || $queryCol == 'pri.normal_sign' ? 1 : 0); $ps->setString('%' . $query . '%'); $rows = $db->fetchAllObjects($db->executeQuery($ps), true); $sep = ''; foreach ($rows as $row) { $arr = array(); foreach ($returnColumns as $dc) { $arr[] = isset($row->{$dc}) ? $row->{$dc} : ''; } echo $sep;
// by running searchgen, passing in the table name. if (isset($command) && $command == 'loadAppuser') { header('Content-Type: application/json'); $db = ConnectionFactory::getConnection(); $appuserDAO = new AppuserDAO($db); $approleDAO = new ApproleDAO($db); $id = isset($params['id']) ? (int) trim($params['id']) : 0; if ($id <= 0) { $rows = array(Appuser::createDefault()); } else { $sql = <<<EOF select * from appuser pri where pri.id = ? EOF; $ps = new PreparedStatement($sql, 0, 1); $ps->setInt($id); $rows = $appuserDAO->findWithPreparedStatement($ps); } $ps1 = new PreparedStatement(<<<EOF select distinct r.* from appuserrole u_r inner join approle r on r.role_name = u_r.role_name where u_r.user_id = ? order by r.sort_order, r.role_name EOF , 0, 0); foreach ($rows as &$row) { $ps1->clearParams(); $ps1->setInt($row->id); $row->roles = $id <= 0 ? array() : $approleDAO->findWithPreparedStatement($ps1); } unset($row); echo json_encode($rows); $db->close(); exit; }
<?php // DO NOT EDIT THIS FILE. // This file was generated by searchgen. // If you need to customize this file, please edit the corresponding // yaml file in the gencfg directory, and then re-generate this file // by running searchgen, passing in the table name. if (isset($command) && $command == 'loadAcct') { header('Content-Type: application/json'); $db = ConnectionFactory::getConnection(); $acctDAO = new AcctDAO($db); $id = isset($params['id']) ? (int) trim($params['id']) : 0; if ($id <= 0) { $rows = array(Acct::createDefault()); } else { $sql = <<<EOF select * from acct pri where pri.id = ? EOF; $ps = new PreparedStatement($sql, 0, 1); $ps->setInt($id); $rows = $acctDAO->findWithPreparedStatement($ps); } echo json_encode($rows); $db->close(); exit; }
// Get row count. $ps = new PreparedStatement('select count(*) as rowCount' . $sqlTail); $ps->setInt($queryCol == '' || $queryCol == 'pri.id' ? 1 : 0); $ps->setInt($query); $ps->setInt($queryCol == '' || $queryCol == 'pri.description' ? 1 : 0); $ps->setString('%' . $query . '%'); $ps->setInt($queryCol == '' || $queryCol == 'pri.acct_no' ? 1 : 0); $ps->setString('%' . $query . '%'); $ps->setInt($queryCol == '' || $queryCol == 'pri.ticker_symbol' ? 1 : 0); $ps->setString('%' . $query . '%'); $row = $db->fetchObject($db->executeQuery($ps), true); $rowCount = isset($row->rowCount) ? (int) $row->rowCount : 0; printf('{"sEcho": %d, "iTotalRecords": %d, "iTotalDisplayRecords": %d, "aaData": [', $sEcho, $rowCount, $rowCount); // Get actual rows. $ps = new PreparedStatement(<<<EOF select pri.* EOF . $sqlTail . $orderBy, $offset, $limit); $ps->setInt($queryCol == '' || $queryCol == 'pri.id' ? 1 : 0); $ps->setInt($query); $ps->setInt($queryCol == '' || $queryCol == 'pri.description' ? 1 : 0); $ps->setString('%' . $query . '%'); $ps->setInt($queryCol == '' || $queryCol == 'pri.acct_no' ? 1 : 0); $ps->setString('%' . $query . '%'); $ps->setInt($queryCol == '' || $queryCol == 'pri.ticker_symbol' ? 1 : 0); $ps->setString('%' . $query . '%'); $rows = $db->fetchAllObjects($db->executeQuery($ps), true); $sep = ''; foreach ($rows as $row) { $arr = array(); foreach ($returnColumns as $dc) { $arr[] = isset($row->{$dc}) ? $row->{$dc} : '';