public function Exists() { //echo "Checking existance "; $Connection = ConnectDatabase("PDODatabase"); $Result = $Connection->query("SELECT * FROM UserInfo"); $Table = $Result->fetchAll(PDO::FETCH_ASSOC); $Records = count($Table); $CurrentUser = $this->LoginCredential["Username"]; $CurrentPassword = $this->LoginCredential["Password"]; $Message = NO_USERNAME; for ($i = 0; $i < $Records; $i++) { if ($CurrentUser == $Table[$i]["Username"]) { $Message = USERNAME_EXISTS; $this->__construct($Table[$i]); if ($CurrentPassword == $Table[$i]["Password"]) { return LOGIN_SUCCESS; } else { return PASSWORD_WRONG; break; } } } return $Message; /* foreach($Table as $Row) { foreach($Row as $Key =>$Value) if($Value==$this->BasicInfo["Username"]) return 1; } return 0; */ }
function contain($matchword) { $con = ConnectDatabase("library"); $sql = "select word from dictionary where word='{$matchword}';"; //echo $sql; $result = mysqli_query($con, $sql); if (mysqli_num_rows($result) < 1) { return false; } else { return true; } CloseDatabase($con); }
</div> <div id="page" style="display: none;text-align:center;margin:auto;"> <input type="text" name="pages" class="search_key" value="全文检索" id=textselectp onmouseover="javascript:selectInputContent(this.id)" > <input type="submit" class="submit" value="书海漫游"> </div> </FORM> </div> </div> </header> <section id="searchresult"> <h2><font color="black"><center>检索结果</center></font></h2> <?php $con = ConnectDatabase("library"); @($keyword = $_POST["keyword"]); @($author = $_POST["author"]); @($title = $_POST["title"]); @($pages = $_POST["pages"]); $words = array(); //查询共有多少行数据 if ($keyword != null and $keyword != "主题检索") { $sql = "SELECT count(*) FROM `book-information` WHERE subject1 like '%{$keyword}%' or subject2 like '%{$keyword}%' or subject3 like '%{$keyword}%' or subject4 like '%{$keyword}%' or subject5 like '%{$keyword}%';"; } else { if ($author != null and $author != "作者检索") { $sql = "SELECT count(*) FROM `book-information` WHERE firstauthor like '%{$author}%' or otherauthor like '%{$author}%';"; } else { if ($title != null and $title != "题目检索") { $sql = "SELECT count(*) FROM `book-information` WHERE name like '%{$title}%';"; } else {
require_once "include/Functions.php"; $Connection = ConnectDatabase(); try { $Connection->query("DROP DATABASE " . ENTRANCEDBNAME); echo "Removed the previous \"" . ENTRANCEDBNAME . "\" Database and "; } catch (PDOException $e) { echo "No previous database by the name " . ENTRANCEDBNAME . " existed"; } $SqlCommand = "CREATE DATABASE " . ENTRANCEDBNAME; $Create = $Connection->query($SqlCommand); if ($Create) { echo "Database created " . ENTRANCEDBNAME; } else { echo "Fatal error can not create database "; die(mysql_error()); } $Connection = ConnectDatabase(ENTRANCEDBNAME); foreach (SubjectArray() as $CurrentSubject) { $TableName = $CurrentSubject . "Questions"; $SqlCommand = "CREATE TABLE IF NOT EXISTS " . $TableName . "(" . "ID int(10) auto_increment not null," . "ValidFor INT(4) NOT NULL, " . "DifficultyLevel INT(1), " . "Question varchar(1000) not null," . "Option1 varchar(200) not null, " . "Option2 varchar(200) not null, " . "Option3 varchar (200) not null, " . "Option4 varchar(200) not null, " . "CorrectOption int(4), " . "PRIMARY KEY(ID) " . ");"; $Create = $Connection->query($SqlCommand); } $TableName = "UserInfo"; $SqlCommand = "CREATE TABLE IF NOT EXISTS " . $TableName . "(" . "ID int(10) auto_increment not null, " . "FirstName varchar(50) NOT NULL," . "LastName varchar(50) NOT NULL," . "Username varchar(50) NOT NULL," . "Password varchar(100) NOT NULL," . "Age int(3) not null," . "Sex varchar(10) not null," . "PhoneNumber varchar(15)," . "EmailAddress varchar (50)," . "SchoolName varchar(80)," . "PlusTwoName varchar(80)," . "PlusTwoPercentage int(3)," . "SLCPercentage int(3)," . "PRIMARY KEY(ID)" . ")"; $Create = $Connection->query($SqlCommand); $TableName = "AdminInfo"; $SqlCommand = "CREATE TABLE IF NOT EXISTS " . $TableName . "(" . "ID int(10) auto_increment not null, " . "Username varchar(50) NOT NULL," . "Password varchar(100) NOT NULL," . "PRIMARY KEY(ID)" . ");"; $Create = $Connection->query($SqlCommand); } else { echo "You have no right to be here"; }
function EscapeString($string) { global $db; ConnectDatabase(); return $db->real_escape_string($string); }