public static function add($username = "", $md5_pw_hash = "", $email = null, $enabled = 1, $acces_level = 25) { $date_created = time(); $md5_pw = md5($md5_pw_hash, false); $sql = 'INSERT INTO ' . self::getFullTableName() . ' ( username, email, password, enabled, access_level, date_created ) VALUES ( :username, :email, :password, :enabled, :access_level, :date_created )'; return SQL::execute( self::getConnection(), $sql, array( "username" => $username, "email" => $email, "password" => $md5_pw, "enabled" => $enabled, "access_level" => $acces_level, "date_created" => $date_created ) ); }
/** * @param int $fid - forums user id * @param int $gid - game user id * @param int $from - bann beginn * @param int $till - bann ends * @param int $level - Bann is active for: Forum (1), Game (2) or both (0) * @param string $unbannedby - User is Unbanned by * @param string $unbannip - IP from Unbanner * @return int */ public static function add($fid, $gid, $from, $till, $unbannedby, $unbannip, $level = 0) { $sql = 'INSERT INTO ' . self::getFullTableName() . ' ( banned_fid, banned_gid, banned_from, banned_till, level, unbannedby, unbannip, date ) VALUES ( :fid, :gid, :from, :till, :level, :unbannedby, :unbannip, :date )'; return SQL::execute(self::getConnection(), $sql, array( "fid" => $fid, "gid" => $gid, "from" => $from, "level" => $level, "till" => $till, "unbannedby" => $unbannedby, "unbannip" => $unbannip, "date" => common_functions::currentdate(), ) ); }
/** * @param int $group_id * @param int $user_id * @param int $leader * @param int $pending * @return bool */ public static function add($group_id, $user_id, $leader = 0, $pending = 0) { $sql = 'INSERT INTO ' . self::getFullTableName() . ' ( group_id, user_id, group_leader, user_pending ) VALUES ( :g_id, :u_id, :g_leader, :pending )'; $result = SQL::execute(self::getConnection(), $sql, array("g_id" => $group_id, "u_id" => $user_id, "g_leader" => $leader, "pending" => $pending)); if($result !== false) { // Include libs require_once(LIB_DIR . DS . 'class.phpbb_account.php'); // Empty permission for creating new phpbb_account::clearUserPerms($user_id); // Send PM new Group if(SEND_PM_GROUPCHANGE) get_phpbb_info::$instance->sendPM(output::newGroupPM($user_id, phpbb_groups::getGroupName($group_id)), SYSTEM_USER, "Willkommen in der Benutzergruppe " . phpbb_groups::getGroupName($group_id), $user_id); return true; } return false; }
public function execute($db) { $sql_result = parent::execute($db); $result = NULL; if ($sql_result && mysqli_num_rows($sql_result) != 0) { $result = mysqli_fetch_array($sql_result, MYSQL_ASSOC); } $this->set_return_data($result); }
public static function delete($accid, $realm = -1) { $sql = 'DELETE FROM ' . self::getFullTableName() . ' WHERE accountId = :id AND realmId = :realm'; return SQL::execute(self::getConnection(), $sql, array( "id" => $accid, "realm" => $realm ) ); }
/** * @param int $accid - account id * @param int $unbandate - when is ban ends * @return int */ public static function delete($accid, $unbandate) { $sql = 'DELETE FROM ' . self::getFullTableName() . ' WHERE id = :id AND unbandate = :unban'; return SQL::execute(self::getConnection(), $sql, array( "id" => $accid, "unban" => $unbandate ) ); }
/** * @param int $charguid - character guid * @param int $oldacc - old account id * @param int $newacc - new account id * @return int */ public static function add($charguid, $oldacc, $newacc) { $sql = 'INSERT INTO ' . self::getFullTableName() . ' (charguid, oldaccountid, newaccountid, date) VALUES (:char, :old, :new, :date)'; return SQL::execute(self::getConnection(), $sql, array( "char" => $charguid, "old" => $oldacc, "new" => $newacc, "date" => time() ) ); }
/** * @param int $user_id - forum user id * @param int $date - donate date * @param int $money - donate money * @return int */ public static function get($user_id, $date, $money) { $sql = "SELECT * FROM " . self::getFullTableName() . ' WHERE user_id = :user AND date = :date AND money = :money'; return SQL::execute(self::getConnection(), $sql, array( "user" => $user_id, "date" => $date, "money" => $money ) ); }
/** * @param int $user_id * @param int $cost_id * @return bool */ public static function add($user_id, $cost_id) { $sql = 'INSERT INTO ' . self::getFullTableName() . ' ( user_id, cost_id, `date` ) VALUES ( :u_id, :cost_id, :date )'; $result = SQL::execute(self::getConnection(), $sql, array("u_id" => $user_id, "cost_id" => $cost_id, "date" => time())); if($result !== false) return true; return false; }
public static function add($type, $user_id, $ip, $date, $operation, $data, $report_id = 0, $forum_id = 0, $topic_id = 0) { $sql = 'INSERT INTO ' . self::getFullTableName() . ' ( log_type, user_id, forum_id, topic_id, reportee_id, log_ip, log_time, log_operation, log_data ) VALUES ( :type, :id, :f_id, :t_id, :report_id, :ip, :time, :operation, :data )'; SQL::execute(self::getConnection(), $sql, array( "type" => $type, "id" => $user_id, "f_id" => $forum_id, "t_id" => $topic_id, "report_id" => $report_id, "ip" => $ip, "time" => $date, "operation" => $operation, "data" => $data ) ); }
/** * @param int $id * @param string $reason * @param int $change_points * @return int */ public static function update($id, $reason = "Point change", $change_points = 0) { // Create entry if not exists if(! self::exists($id)) self::add($id, $change_points); // Get userdata $tmp_userdata = self::get($id); // Set new Data $params["new_points"] = $tmp_userdata["points_curr"] + $change_points; $params["id"] = $id; if($change_points > 0) $params["new_life_points"] = $tmp_userdata["points_life"] + $change_points; $sql = 'UPDATE ' . self::getFullTableName() . ' SET points_curr = :new_points' . (($change_points > 0) ? ', points_life = :new_life_points' : '') . ' WHERE user_id = :id'; // Add to VIP-Group if reaches a specific amount of points self::check_vip($id, $params["new_points"]); // Execute if(SQL::execute(self::getConnection(), $sql, $params) !== false) return points_log::add($id, $change_points, $reason); return false; }
/** * @param int $date - log date (unix) * @return int */ public static function getByDate($date) { return SQL::execute(self::getConnection(), 'SELECT FROM ' . self::getFullTableName() . ' WHERE date = :date', array("date" => $date)); }
?> <!DOCTYPE html> <html> <head> <title>Таланты</title> <link rel="stylesheet" type="text/css" href="https://cdnjs.cloudflare.com/ajax/libs/chosen/1.4.2/chosen.css"> </head> <body> <?php if ($_GET['email'] != '') { $email = $_GET['email']; foreach (SQL::execute("SELECT * FROM competency;") as $e) { $competency[$e['id']] = $e['name_ru']; } $ratings = array(1 => "Основной", 2 => "Промежуточный", 3 => "Опытный", 4 => "Передовой", 5 => "Эксперт"); $profile = SQL::execute("SELECT P.*,C.name_ru FROM `kontrotenko_super_new`.`profile_item` P LEFT JOIN `kontrotenko_super_new`.`competency` C ON P.competency=C.id WHERE P.email='{$email}';"); echo "<button class=add_profile>Добавить</button><form method=post><table> <thead> <tr> <th>#</th> <th>Навык</th> <th>Уровень</th> </tr> </thead> <tbody>"; foreach ($profile as $e) { echo '<tr><td>' . $e['id'] . '</td><td>'; echo "<select name='prof[" . $e['id'] . "]' class='chzn'>"; foreach ($competency as $k => $v) { $selected = $k == $e['competency'] ? 'selected' : ''; echo '<option ' . $selected . ' value=' . $k . '>' . $v . '</option>'; } echo '</select></td><td>'; echo "<select name='rat[" . $e['id'] . "]' class='chzn'>"; foreach ($ratings as $k => $v) { $selected = $k == $e['rating'] ? 'selected' : ''; echo '<option ' . $selected . ' value=' . $k . '>' . $v . '</option>'; } echo '</select></td></tr>';
/** * @param string $code * @return int */ public static function delete($code) { return SQL::execute(self::getConnection(), 'DELETE FROM ' . self::getFullTableName() . ' WHERE code = :code', array("code" => $code)); }
} } $ps->params = $params; if ($ps->checkSignature($_GET['SignatureValue'])) { //Данные прошли проверку //if($ps->params['Type']=='balance'){ $rs = $ST->select("SELECT * FROM sc_income \r\n\t\t\t\tWHERE \r\n\t\t\t\t\tuserid=" . intval($ps->params['UserId']) . "\r\n\t\t\t\t\tAND pay_id=" . intval($ps->InvId) . "\r\n\t\t\t\t\tAND type='robokassa'"); if ($rs->next()) { //перевод уже был, всё ок echo 'OK' . $_GET['InvId']; exit; } else { if ($ps->params['Type'] == 'balance') { //пополним баланс $ST->update('sc_users', array('balance=balance+' . floatval($ps->OutSum)), "u_id=" . intval($ps->params['UserId'])); $rs = $ST->execute("SELECT balance FROM sc_users WHERE u_id=" . intval($ps->params['UserId'])); if ($rs->next()) { $ST->insert('sc_income', array('userid' => intval($ps->params['UserId']), 'sum' => floatval($ps->OutSum), 'balance' => floatval($rs->getFloat('balance')), 'type' => 'robokassa', 'description' => 'Приход с робокассы', 'pay_id' => intval($ps->InvId), 'pay_string' => $_SERVER['QUERY_STRING'])); } } //если указан номер заявки if (isset($ps->params['OrderId'])) { $rs = $ST->select("SELECT * FROM sc_users WHERE u_id=" . intval($ps->params['UserId'])); if ($rs->next()) { $user = $rs->getRow(); // $rs=$ST->execute("SELECT * FROM sc_cc_order WHERE userid=".intval($ps->params['UserId'])." AND id=".intval($ps->params['OrderId'])); $rs = $ST->select("SELECT * FROM sc_shop_order WHERE userid=" . intval($ps->params['UserId']) . " AND id=" . intval($ps->params['OrderId'])); if ($rs->next() && floatval($ps->OutSum) >= $rs->getInt('total_price')) { // $ST->update('sc_users',array('balance=balance-'.$rs->getInt('summ')),"u_id=".intval($ps->params['UserId'])); $ST->update('sc_shop_order', array('pay_time' => date('Y-m-d H:i:s'), 'pay_status' => 'ok'), 'id=' . intval($ps->params['OrderId'])); //Оплата заказа
/** * @param int $user_id * @param int $groupId * @param string $groupColor * @return bool */ public static function updateMainGroup($user_id, $groupId, $groupColor) { $result = SQL::execute( self::getConnection(), 'UPDATE ' . self::getFullTableName() . ' SET group_id = :group_id, user_colour = :color WHERE user_id = :u_id', array("group_id" => $groupId, "color" => $groupColor, "u_id" => $user_id) ); if($result !== false) return true; return false; }
{ $res = mysql_query($sql); $row = mysql_fetch_assoc($res); return $row; } public function execute($sql) { $sql = mysql_query($sql); while ($row = mysql_fetch_assoc($sql)) { $data[] = $row; } return $data; } } $SQL = new SQL(); $test = $SQL->execute('SELECT answers.answer, tests.* FROM tests JOIN answers ON tests.number=answers.number and tests.name=answers.name ;'); header('Content-Type: text/plain; charset=windows-1251'); foreach ($test as $e) { ?> ?<?php echo $e['question']; ?> <?php if ($e['a'] != '') { echo $e['answer'] == 'À' ? '+' : '='; echo $e['a']; ?> <?php }
/** * @param int $charguid - character guid * @param int $newaccountid - new account id * @param int $oldaccountid - old account id * @return bool */ protected static function charTrans($charguid, $newaccountid, $oldaccountid) { require_once(LIB_DIR . DS . 'class.user_transfer_log.php'); if ($newaccountid == $oldaccountid) return false; if ($newaccountid == 0) return false; $sql = 'UPDATE ' . self::getFullTableName() . ' SET account = :new WHERE guid = :guid'; user_transfer_log::add($charguid, $oldaccountid, $newaccountid); $result = SQL::execute(self::getConnection(), $sql, array("new" => $newaccountid, "guid" => $charguid )); if($result !== false) return true; return false; }
/** * @param string $msg * @param int $from * @param string $subject * @param bool|int $to * @return bool */ public function sendPM($msg, $from, $subject = "New PM", $to = false) { if($to === false) $to = $this->user_id; // Add Message $sql = 'INSERT INTO ' . self::getPrefix() . 'privmsgs ( author_id, author_ip, message_time, message_subject, message_text, to_address ) VALUES ( :from, :ip, :date, :subject, :message, :to )'; $message_id = SQL::execute( self::getConnection(), $sql, array( "from" => $from, "ip" => "127.0.0.1", "date" => time(), "subject" => $subject, "message" => $msg, "to" => "u_" . $to ) ); unset($sql); if($message_id === false) return false; // Assign Message to folder $sql = 'INSERT INTO ' . self::getPrefix() . 'privmsgs_to ( msg_id, user_id, author_id ) VALUES ( :msg_id, :user_to, :user_from )'; $result = SQL::execute(self::getConnection(), $sql, array( "msg_id" => $message_id, "user_to" => $to, "user_from" => $from )); if($result === false) { // Remove unused Message From Database SQL::execute(self::getConnection(), 'DELETE FROM ' . self::getPrefix() . 'privmsgs WHERE msg_id = :id', array("id" => $message_id)); return false; } unset($sql); unset($message_id); // Update unread Messages $sql = 'UPDATE ' . self::getPrefix() . 'users SET user_new_privmsg = :new_pms, user_unread_privmsg = :new_unread_pms WHERE user_id = :to'; SQL::execute(self::getConnection(), $sql, array( "to" => $to, "new_pms" => $this->newPM + 1, "new_unread_pms" => $this->unreadPM + 1 )); return true; }
ini_set('display_errors', 1); ini_set('html_errors', true); date_default_timezone_set('America/Recife'); function debug($file, $line, $dados, $titulo = "") { echo "<br><font color=\"#FF0033\"> <strong>" . $titulo . "</strong>: (file): " . $file . " - (line): " . $line . "</font>"; if (is_array($dados) or is_object($dados)) { echo "<pre><font color=\"#0000FF\">"; print_r($dados); echo "</font></pre>"; } else { echo "<br><font color=\"#0000FF\">" . $dados . "</font><br>"; } } define('ACESSO', true); #include_once '../pdo2/Conexao.class.php'; use pkg\pdo2\Conexao; use pkg\sql; include_once '../pdo/Conexao.php'; include_once '../../sql/SQL.class.php'; $oCon = new Conexao('mysql', 'localhost', 'frmkteste', 'root', '312487'); $sql = new SQL($oCon); $sql->select()->column->add(array('idCliente', 'nome', 'idade')); #array("tabela" => (campo1, campo2, campo3 ) ) $sql->select()->where("idade", ">", "10"); #$sql->select()->having("altura", ">", "50"); #$sql->select("select * from tab_Cliente"); #echo $sql->select()->execute(); debug(__FILE__, __LINE__, $sql->execute()); echo $sql->select()->table(array('tab_Cliente' => array('nome', 'idade'), 'tab_Telefone' => array('idTelefone', 'telefone'))); echo "<p>";
/** * @param int $userid * @param string $email * @return int */ public static function update_email($userid, $email) { $sql = 'UPDATE ' . self::getFullTableName() . ' SET email = :email WHERE id = :userid'; return SQL::execute( self::getConnection(), $sql, array( "email" => $email, "userid" => $userid ) ); }
return $row; } public function execute($sql) { $sql = mysql_query($sql); while ($row = mysql_fetch_assoc($sql)) { $data[] = $row; } return $data; } } if ($_GET['n']) { $where = "WHERE tests.name LIKE '%" . mysql_real_escape_string($_GET['n']) . "%' "; } $SQL = new SQL(); $test = $SQL->execute("SELECT UPPER(answers.answer) as answer, tests.* FROM tests\nJOIN answers ON tests.number=answers.number and tests.name=answers.name {$where} ;"); header('Content-Type: text/plain; charset=utf-8'); echo <<<END <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE test SYSTEM "XTF_v1p1.dtd"> <test> <questions> END; foreach ($test as $e) { ?> <single random="y" format="custom"> <p align="left"><font face="Times New Roman" size="3"><?php echo $e['question']; ?> </font></p>
$q = "operation=check&account=241205&sum=3270&secret=123"; $md5 = strtoupper(md5($q)); $q = "operation=check&account=241205&sum=3270&md5={$md5}"; // //$q="operation=payment&id_payment=1&account=210111&sum=2140&date=20110120165612&secret=123"; //$md5=strtoupper(md5($q)); // /* operation=check&account=210111&sum=2140&secret=123&md5=4FA37F773D18163AC8092F943C447D5E operation=payment&id_payment=1&account=210111&sum=2140&date=20110120165612&md5=026707C3DC6D75530E30651775B25D86 */ file_put_contents('log.txt', date("Y-m-d H:i:s") . " {$_SERVER['REQUEST_URI']}\r\n", FILE_APPEND); //exit; $ST = new SQL(); $ST->connect(DB_HOST, DB_LOGIN, DB_PASSWORD, DB_BASE); $rs = $ST->execute("SELECT * FROM sc_pay_system WHERE name='comepay'"); if ($rs->next() && $_GET) { $ps = new PSComepay(unserialize($rs->get('config'))); $ps->operation = $_GET['operation']; $ps->account = $_GET['account']; //order_num $ps->sum = isset($_GET['sum']) ? $_GET['sum'] : 0; if ($ps->checkSignature($_GET)) { //запрос корректный, идём дальше $rs = $ST->select("SELECT order_num,total_price,id,pay_summ FROM sc_shop_order WHERE order_num='{$ps->account}' AND total_price>pay_summ"); if ($rs->next()) { if ($ps->sum && $ps->sum < $rs->get('total_price') && false) { //Условие не рассматривается $ps->error = 542; //Недостаточно средств echo $ps->response();
/** * @param int $fid - forum user id * @param int $till - bann beginn * @return int */ public static function delete($fid, $till) { $sql = 'DELETE FROM ' . self::getFullTableName() . ' WHERE fid = :fid AND till = :till)'; return SQL::execute(self::getConnection(), $sql, array("fid" => $fid, "till" => $till)); }
<hr> <center> <div class="upload"> <span class="message">Загрузить файл</span> <form id="uploader" action="/upload.php" method="post" enctype="multipart/form-data"> <input onchange="$('#uploader').submit()" type="file" name="file[]" multiple> </form> </div> </center> <div id="dropbox"> <span class="message">Dropни файл для загрузки. <br /><i>(это видно только для тебя)</i></span> <?php $hash = mysql_real_escape_string(get_link($_SERVER['REQUEST_URI'])[0]); $files = SQL::execute("SELECT * FROM files WHERE hash='{$hash}';"); if (!empty($files)) { // var_dump($files); foreach ($files as $file) { if (preg_match('#image#', $file['type'])) { $src = $file['path']; } else { $src = '/assets/img/done.png'; } $path = $file['path']; echo <<<END <a href="{$path}"> <div class="preview"><span class="imageHolder"> <img src="{$src}" style="max-width: 240px; max-height: 180px;"> <h4></h4><span class="uploaded"></span></span> </div>
$Memcache->set(md5($sql), $data, 100); } return $data; } public function executeWithCache($sql) { $Memcache = new Memcache(); $Memcache->connect('localhost', 11211) or die("Не могу подключиться"); $res = $Memcache->get(md5($sql)); if ($res) { $data = $res; } else { $sql = @mysql_query($sql); while ($row = @mysql_fetch_assoc($sql)) { $data[] = $row; } $Memcache->set(md5($sql), $data, 100); } return $data; } } if (isset($_GET['street']) && isset($_GET['housenum'])) { $street = $_GET['street']; $housenum = $_GET['housenum']; $sql = "SELECT account FROM `abonents` WHERE `street` LIKE '%" . $street . "%' AND `housenum` = '" . $housenum . "'"; $data['response'] = json_encode(SQL::execute($sql)); } else { $data['response'] = "No query params!!!"; } //var_dump($sql); var_dump($data);
/** * @param int $id - forum user id * @return int */ public static function delete($id) { return SQL::execute(self::getConnection(), 'DELETE FROM '. self::getFullTableName() . ' WHERE id = :id', array("id" => $id)); }
/** * Get SQL Functions from SQL Query. * * @param string $table Table name. * @param string $func SQL Functions. * @param string $alias Alias result. * @param string $param Additional SQL parameter. * * @return object Get row number. */ public function sqlFunc($table, $func, $alias, $param = '') { parent::$query = 'SELECT ' . $func . ' AS ' . $alias . ' FROM ' . $table . ' ' . $param; parent::prepare(); parent::execute(); return parent::result(); }
public static function SingleQuery($sql) { SQL::Query($sql); SQL::execute(); if (SQL::RowCount() > 0) { return SQL::DecryptSingleArray(SQL::$stmt->fetch(PDO::FETCH_ASSOC)); } else { return SQL::$stmt->fetch(PDO::FETCH_ASSOC); } }
<?php /*********************** * InventorySQL php example * require .jar version 0.3.2 ***********************/ require 'mysql.inc.php'; require 'config.inc.php'; require 'items.inc.php'; $MySQL = new SQL($host, $user, $pass, $database); $users = $MySQL->execute("SELECT `id`, `owner` FROM `" . $table . "`"); $data = true; $inv_totalItems = 0; $pend_totalItems = 0; $inventory[] = array(); $pendings[] = array(); $tmp[] = array(); $index = 0; $isError = false; $message = ''; if (isset($_GET['u'])) { $data = $MySQL->execute("SELECT * FROM `" . $table . "` WHERE `id`='" . $MySQL->escape($_GET['u']) . "';"); } else { $data = $MySQL->execute("SELECT * FROM `" . $table . "`"); } if (isset($_POST['give'])) { if ($_POST['item_byte'] == '') { $_POST['item_byte'] = 0; } if ($_POST['item_count'] == '') { $_POST['item_count'] = 1;