function Edit($option, $var) { $post_id = $var['post_id']; $subject = pg_escape_string($var['subject']); $content = pg_escape_string($var['content']); $cat_id = $var['cat_id']; $user_id = $var['user_id']; $public = $var['public']; switch ($option) { case "UPDATE": if (count($var) != 6) { throw new Exception(__METHOD__ . "() required 6 inputs on \$var"); } $sql = " UPDATE {$this->TBL_POSTS}" . " SET user_id = {$user_id}," . " post_subject = '{$subject}'," . " post_content = '{$content}'," . " post_public = {$public}," . " post_cat_id = {$cat_id}" . " WHERE post_id = {$post_id};"; break; case "DELETE": $sql = " DELETE FROM {$this->TBL_POSTS}" . " WHERE post_id={$post_id};"; break; } try { $db = Database::getConnection(); $this->sqlQueries[] = array('sql' => $sql, 'method' => __METHOD__); $db->executeQuery($sql); } catch (SQLException $e) { throw new Exception($e->getMessage() . ErrorWraper("SQL", $sql)); } return $option; }
public function getInfoOnUser() { if (is_null($this->email)) { throw new Exception("An email address must be defined"); } if (is_null($this->username)) { throw new Exception("A username must be defined"); } $sql = " SELECT *,(SELECT COUNT(*)" . " FROM {$this->TBL_USR}" . " WHERE user_email ='{$this->email}'" . " AND user_username ='******'" . " ) AS userexists" . " FROM {$this->TBL_USR}" . " WHERE user_email='{$this->email}'"; try { $db = Database::getConnection(); $this->sqlQueries[] = array('sql' => $sql, 'method' => __METHOD__); $rs = $db->executeQuery($sql); if ($rs->next()) { return $rs->getRow(); } else { return 0; } } catch (SQLException $e) { throw new Exception($e->getMessage() . ErrorWraper("SQL", $sql)); } return ""; }
public function EditProfile($var) { $user_id = $var['user_id']; $password = md5($var['password']); $alias = $var['alias']; $email = $var['email']; if (count($var) != 4) { throw new Exception(__METHOD__ . "() required 4 inputs on \$var"); } $sql .= " UPDATE {$this->TBL_USR}" . " SET"; if (!empty($password)) { $sql .= " user_password = '******',"; } $sql .= " user_alias = '{$alias}'," . " user_email = '{$email}'," . " WHERE user_id = {$user_id};"; try { $db = Database::getConnection(); $this->sqlQueries[] = array('sql' => $sql, 'method' => __METHOD__); $db->executeQuery($sql); } catch (SQLException $e) { throw new Exception($e->getMessage() . ErrorWraper("SQL", $sql)); } }