public static function add_new_pending_game($user_id, $size) { if (safe_input::is_number($user_id) && safe_input::is_number($size) && $size > 1) { $date = microtime(true); $query = "INSERT INTO `pending_game` (`userID`, `date`, `size`) VALUES ( '{$user_id}', '{$date}', '{$size}');"; $db = new database(); $res = $db->query($query); pending_game::$last_inserted_id = $db->insert_id(); return $res; } else { return false; } }
public static function create_new_user($username, $password, $email) { $date = time(); $salt = random::salt(); $safe_username = safe_input::all($username); $md5_password = md5(md5($password) . md5($salt)); $safe_email = safe_input::all($email); $db = new database(); $query = "INSERT INTO `user` (`username`, `password`, `salt`, `email`, `joinDate`, `lastLoginDate` , `gcmID`) VALUES ( '{$safe_username}', '{$md5_password}', '{$salt}', '{$safe_email}', '{$date}', '{$date}', 'null');"; $res = $db->query($query); session::$last_inserted_id = $db->insert_id(); return $res; }
public static function addNewLog($user_id, $ip, $uuid) { if (safe_input::is_number($user_id) && safe_input::is_valid_ip($ip) && safe_input::is_valid_uuid($uuid)) { $date = microtime(true); $query = "INSERT INTO `log` (`userID`, `date`, `uuid`, `ipAddress`) VALUES ( '{$user_id}', '{$date}', '{$uuid}', '{$ip}');"; $db = new database(); $res = $db->query($query); log::$last_inserted_id = $db->insert_id(); return $res; } else { return false; //invalid input } }
public static function add_new_game($current_turn_player_id, $size, $player1ID, $player2ID) { $date = time(); if (safe_input::is_number($current_turn_player_id) && safe_input::is_number($size) && $size > 1 && safe_input::is_number($player1ID) && safe_input::is_number($player2ID) && ($current_turn_player_id == $player1ID || $current_turn_player_id == $player2ID)) { $db = new database(); $query = "INSERT INTO `game` (`winnerID`, `createDate`, `currentTurnPlayerID`, `size`, `lastActivityDate`, `player1ID` , `player2ID`) VALUES ( null, '{$date}', '{$current_turn_player_id}', '{$size}', null , '{$player1ID}', '{$player2ID}');"; $res = $db->query($query); game::$last_inserted_id = $db->insert_id(); return $res; } else { //echo "table_game::add_new_game: current turn or size or player id is not a number!" ; return false; } }
public static function add_new_message($game_id, $user_id, $message) { $safe_message = safe_input::sql_inj($message); if (safe_input::is_number($game_id) && safe_input::is_number($user_id)) { $date = microtime(true); $db = new database(); $query = "INSERT INTO `message` (`gameID`, `userID`, `date`, `message_text`) VALUES ( '{$game_id}', '{$user_id}', '{$date}', '{$safe_message}');"; $res = $db->query($query); message::$last_inserted_id = $db->insert_id(); return $res; } else { return false; //invalud input } }
public static function add_new_session($user_id, $hash, $encryption_key) { if (safe_input::is_number($user_id) && safe_input::is_valid_session_hash($hash) && safe_input::is_valid_encryption_key($encryption_key)) { $date = microtime(true); $safe_hash = safe_input::sql_inj($hash); $safe_encryption_key = safe_input::sql_inj($encryption_key); $query = "INSERT INTO `session` (`userID`, `date`, `hash`, `encryptionKey`) VALUES ( '{$user_id}', '{$date}', '{$safe_hash}', '{$safe_encryption_key}');"; $db = new database(); $res = $db->query($query); session::$last_inserted_id = $db->insert_id(); return $res; } else { return false; //invalid input } }
} else { header("location:register.php?e=8"); } include "./Class_Database.php"; $db = new database(); //$db->setup("root", "", "localhost", "jobportaldb"); $query = "Select * from users where name_user='******' or email_user='******'"; if ($res = $db->send_sql($query)) { if (mysql_num_rows($res) <= 0) { if (isset($res)) { unset($res); } $random = GetRandomKey(); $query = "Insert Into users(name_user,type_user,password_user,email_user,securityquestion_user, securityanswer_user, key_user, createdon,updatedon)\n\t\tvalues('" . addslashes(strip_tags($uname)) . "','" . addslashes(strip_tags($utype)) . "','" . addslashes(strip_tags($pwd)) . "','" . addslashes(strip_tags($email)) . "','" . addslashes(strip_tags($question)) . "','" . addslashes(strip_tags($answer)) . "', '" . addslashes(strip_tags($random)) . "', Now(),Now())"; if ($res = $db->send_sql($query)) { $id = $db->insert_id(); if ($utype == "JobSeeker") { $query = "Insert Into js_personalinfo(id_user,fname,lname,email,createdon) values ('" . addslashes(strip_tags($id)) . "','" . addslashes(strip_tags($fname)) . "','" . addslashes(strip_tags($lname)) . "','" . addslashes(strip_tags($email)) . "',Now())"; } else { if ($utype == "Employer") { $query = "Insert Into emp_personalinfo(id_user,contactpersonfirstname,contactpersonlastname,email,createdon) values ('" . addslashes(strip_tags($id)) . "','" . addslashes(strip_tags($fname)) . "','" . addslashes(strip_tags($lname)) . "','" . addslashes(strip_tags($email)) . "',Now())"; } } if (isset($res)) { unset($res); } if ($res = $db->send_sql($query)) { header("location:register.php?s=1"); } } } else {
$db = new database(); $results = array(); if (isset($_POST['post']) && isset($_POST['for_name']) && $_POST['post'] != '') { if (isset($_POST['showName'])) { $showName = $db->escape($_POST['showName']); if ($showName === true || $showName === 'true') { $showName = 1; } else { $showName = 0; } } else { $showName = 0; } if ($session->checkLoggedIn() === true) { $db->send_sql("insert into ownage(u_id) values ('{$session->uid}')"); $ownage = $db->insert_id(); date_default_timezone_set('UTC'); $post = $db->escape($_POST['post']); $for_name = $db->escape($_POST['for_name']); $query = 'insert into posts(u_id, post, showName, ownage_id, for_name) values (\'' . $session->uid . '\', \'' . $post . '\', \'' . $showName . '\', \'' . $ownage . '\', \'' . $for_name . '\')'; $db->send_sql($query); array_push($results, "success"); } else { array_push($results, "Please log in"); } } else { if (isset($_POST['delete']) && $_POST['delete'] != '') { $delete = $db->escape($_POST['delete']); if ($session->isAdmin()) { $query = 'update posts set hidden=1 where p_id=\'' . $delete . '\''; } else {
$settq = $db->query("SELECT * FROM settings"); while ($r = $db->fetch_row($settq)) { $set[$r['conf_name']] = $r['conf_value']; } $db->query("UPDATE users SET attacking=0"); $db->query("UPDATE gangs SET gangCHOURS=gangCHOURS-1 WHERE gangCRIME>0"); $q = $db->query("SELECT g.*,oc.* FROM gangs g LEFT JOIN orgcrimes oc ON g.gangCRIME=oc.ocID WHERE g.gangCRIME > 0 AND g.gangCHOURS = 0"); while ($r = $db->fetch_row($q)) { $suc = rand(0, 1); if ($suc) { $log = $r['ocSTARTTEXT'] . $r['ocSUCCTEXT']; $muny = (int) rand($r['ocMINMONEY'], $r['ocMAXMONEY']); $log = str_replace(array("{muny}", "'"), array($muny, "''"), $log); $db->query("UPDATE gangs SET gangMONEY=gangMONEY+{$muny},gangCRIME=0 WHERE gangID={$r['gangID']}"); $db->query("INSERT INTO oclogs VALUES ('',{$r['ocID']},{$r['gangID']}, '{$log}', 'success', {$muny}, '{$r['ocNAME']}', unix_timestamp())"); $i = $db->insert_id(); $qm = $db->query("SELECT * FROM users WHERE gang={$r['gangID']}"); while ($rm = $db->fetch_row($qm)) { event_add($rm['userid'], "Your Gang's Organised Crime Succeeded. Go <a href='oclog.php?ID={$i}'>here</a> to view the details.", $c); } } else { $log = $r['ocSTARTTEXT'] . $r['ocFAILTEXT']; $muny = 0; $log = str_replace(array("{muny}", "'"), array($muny, "''"), $log); $db->query("UPDATE gangs SET gangCRIME=0 WHERE gangID={$r['gangID']}"); $db->query("INSERT INTO oclogs VALUES ('',{$r['ocID']},{$r['gangID']}, '{$log}', 'failure', {$muny}, '{$r['ocNAME']}', unix_timestamp())"); $i = $db->insert_id(); $qm = $db->query("SELECT * FROM users WHERE gang={$r['gangID']}"); while ($rm = $db->fetch_row($qm)) { event_add($rm['userid'], "Your Gang's Organised Crime Failed. Go <a href='oclog.php?ID={$i}'>here</a> to view the details.", $c); }
public function get_id() { return $this->database->insert_id(); }
break; } switch ($values[1]) { case "CMAX": $type = 2; break; case "ITEM": $type = 1; break; case "RACE": $type = 0; break; } $sql = "\r\n\t\t\tINSERT INTO buildings (name, type, granite, level, class, root, value) \r\n\t\t\tVALUES ('{$values['0']}', '{$type}', '{$values['2']}', '{$values['3']}', '{$class}', '0', '{$value}')\r\n\t\t\t"; $result = $db->query($sql); $id = $db->insert_id(); $buildings[$values[0]] = $id; $counter++; } $rooted = 0; // add root foreach ($lines as $line) { $values = explode("\t", $line); foreach ($values as $key => $value) { $values[$key] = trim($value); } if ($values[5] != "") { $sql = "UPDATE buildings SET root = '" . $buildings[$values[5]] . "' WHERE id = '" . $buildings[$values[0]] . "'"; $result = $db->query($sql); $rooted++; }