I created a code for password change, in postman I should give old and new passwords with userid, when I create change password, but can't change password, it remains same in database and I think the problem is with session. Can someone see the error in my code?
Controller
public function changepasswordcheckagain() {
$arr = array();
$arr['old_password'] = $this->input->post('old_password');
$arr['new_password'] = $this->input->post('new_password');
$this->load->model('User_model');
$result = $this->User_model->checkPasswordfor($arr);
echo json_encode($result);
if ($result) {
echo json_encode('success');exit;
} else {
echo json_encode($result);
echo json_encode('fail');exit;
}
}
Model
public function checkPasswordfor($arr)
{
$user_id = $this->session->userdata('user_id');
$this->db->select('*');
$this->db->from('userdetails');
$this->db->where('user_id',$user_id);
//$this->db->where('user_password',$arr['old_password']);
$query=$this->db->get();
$result=$query->result();
if($result){
$layout['user_password'] = $arr['old_password'];
$layout_data['user_password'] = $arr['new_password'];
$this->db->where('user_id',$user_id);
$this->db->update('userdetails',$layout_data, $layout);
return true;
}else{
return false;
}
}
try this code:
controller
public function changepasswordcheckagain() {
$user_id = $this->session->userdata('user_id');
$arr = array();
$old_password = $this->input->post('old_password');
$new_password = $this->input->post('new_password');
$this->load->model('User_model');
$where = ['user_id' => $user_id];
//$data['password'] ---> column name
//$data['password' => $new_password] ---> new value of column
$data = [
'password' => $new_password
];
$result = $this->User_model->checkPasswordfor($where, $data);
echo json_encode($result);
if ($result == TRUE) {
echo json_encode('success');exit;
} else {
echo json_encode($result);
echo json_encode('fail');exit;
}
}
model
public function checkPasswordfor($arr)
{
$this->db->where($where);
if($this->db->update('table name',$data))
{
return TRUE;
}
else
return FALSE;
}
Related
Trying to get result from database by calling stored procedure in code-igniter. Below is my controller & model. Model is working fine getting result from stored procedure and can show the result when I do print_r() in model. But I am not able to get the result of query in controller method. Not able to understand the error here.
Controller:
function weeklysalesstatus()
{
$this->data['rpt'] =$this->reports_model->weeklysalesstatus(true);
$this->data['page_title'] ='Weekly Sales Status [ Residential ]';
print_r("here...");
$this->page_construct('reports/weeklysalesstatus', $this->data);
}
Model:
public function weeklysalesstatus($sender = false)
{
$sql = 'select * from region';
$sql1 = 'CALL GetWeeklySalesStatus()';
$query = $this->db->query($sql1);
if(count($query) > 0) {
foreach (($query->result()) as $row) {
$data[] = $row;
//var_dump($data);
}
return $data;
} else {
print_r("no rows");
}
return $data;
}
The issue is somewhere in this line : $this->data[$rpt] = $this->reports_model->weeklysalesstatus();
But can't figure it out.
Thanks
EDIT:
These errors arise only when I call Stored Procedure CALL. For other queries it work perfectly. So is there any settings I need to do on Codeigniter DB class for calling a Stored procedure thru active record?
$q = $this->db->query('CALL GetWeeklySalesStatus');
Change this line to
$q = $this->db->query('CALL GetWeeklySalesStatus')->result();
In Model
public function weeklysalesstatus()
{
//$sql = 'select * from region';
$sql1 = 'CALL GetWeeklySalesStatus()';
$query = $this->db->query($sql1);
if(!empty($query))
{
$data = $query->result_array();
return $data;
}
else
{
return FALSE;
}
}
In Controller
function weeklysalesstatus()
{
$rpt =$this->reports_model->weeklysalesstatus();
if ($rpt == FALSE) {
echo "Empty";
} else {
$data['rpt'] = $rpt;
}
$data['page_title'] ='Weekly Sales Status [ Residential ]';
$this->page_construct('reports/weeklysalesstatus', $data);
}
Modify the controller like the following hope it works
function weeklysalesstatus()
{
$this->data['rpt'] =$this->reports_model->weeklysalesstatus();
$this->data['page_title'] ='Weekly Sales Status';
$this->page_construct('reports/weeklysalesstatus', $this->data);
}
your model
public function weeklysalesstatus($sender = false)
{
$sql = 'select * from region';
$sql1 = 'CALL GetWeeklySalesStatus()';
$query = $this->db->query($sql1);
$data["result"] = array();
if(count($query) > 0) {
foreach (($query->result()) as $row) {
$data["result"][] = $row;
//var_dump($data);
}
}
return $data;
}
your controller
function weeklysalesstatus()
{
$data['rpt'] =$this->reports_model->weeklysalesstatus(true);
$data['page_title'] ='Weekly Sales Status [ Residential ]';
print_r("here...");
$this->page_construct('reports/weeklysalesstatus', $data);
}
My Model
<?php
class Keluhan extends CI_Model {
var $tabel = 'tb_keluhan';
function __construct() {
parent::__construct();
}
function GetAllCustomer() {
$hasil = $this->db->query("SELECT * FROM tb_customer ORDER BY username");
if ($hasil->num_rows() > 0) {
foreach ($hasil->result() as $row) {
$data[] = $row;
}
return $data;
}
}
function GetCustomerSession($username) {
$hasil = $this->db->query("SELECT * FROM tb_customer WHERE username='" . $username . "'");
if ($hasil->num_rows() > 0) {
foreach ($hasil->result() as $row) {
$data[] = $row;
}
return $data;
}
}
function InsertFeedback($data) {
$this->db->insert('tb_keluhan', $data);
return;
}
function InsertRating($data) {
$this->db->insert('tb_rating', $data);
return;
}
//CRUD
function insertCustomer($data) {
$this->db->insert('tb_customer', $data);
return;
}
function get_data_by_id($table, $kode) {
$this->db->where('id', $kode);
return $this->db->get($table);
}
function updateCustomer($table, $kode, $data) {
$this->db->where('id', $kode);
return $this->db->update($table, $data);
}
function del_by_id($table, $kode) {
$this->db->where('id', $kode);
$this->db->delete($table);
}
function GetAllKeluhan() {
$hasil = $this->db->query("SELECT * FROM tb_keluhan");
if ($hasil->num_rows() > 0) {
foreach ($hasil->result() as $row) {
$data[] = $row;
}
return $data;
}
}
function GetAllSudahProses() {
$hasil = $this->db->query("SELECT * FROM tb_keluhan WHERE status='SELESAI' ORDER BY status");
if ($hasil->num_rows() > 0) {
foreach ($hasil->result() as $row) {
$data[] = $row;
}
return $data;
}
}
function GetAllBelumProses() {
$hasil = $this->db->query("SELECT * FROM tb_keluhan WHERE status='BELUM' ORDER BY status");
if ($hasil->num_rows() > 0) {
foreach ($hasil->result() as $row) {
$data[] = $row;
}
return $data;
}
}
//END OF CRUD
}
?>
My controller //controler
public function rateform($username,$id,$name) {
$rating = $this->input->post('rating');
$name2 = urldecode($name);
$data = array
(
'id' => $this->input->post('id'),
'username' => $this->input->post('username'),
'rating' => $this->input->post('rating')
);
$result = $this->login_database->InsertRating($data);
if ($result == TRUE) {
$data['message_display'] = 'Registration Successful !';
} else {
$data['message_display'] = 'Username already exist!';
}
help me, I can't insert data to database.
$result always false and data didn't enter to the database
I not understand with the error
Change your controller function with below code
I think You are calling wrong model for inserting rating
public function rateform($username,$id,$name) {
$this->load->Model('Keluhan'); // load your model
$rating = $this->input->post('rating');
$name2 = urldecode($name);
$data = array
(
'id' => $this->input->post('id'),
'username' => $this->input->post('username'),
'rating' => $this->input->post('rating')
);
$result = $this->Keluhan->InsertRating($data); // change your model name where you want to insert rating
if ($result == TRUE) {
$data['message_display'] = 'Registration Successful !';
} else {
$data['message_display'] = 'Username already exist!';
}
}
my problem is i whenever i input fname and mname i got an error from the database. i just want to search both of fname and mname in search field.
my search controller function
public function search()
{
$li = $this->session->userdata('logged_in');
$id = $this->session->userdata('idnumber');
if($li == TRUE)
{
$this->load->model('users_model');
$this->load->helper('smiley');
$this->load->library('table');
$image_array = get_clickable_smileys('http://localhost/efg/images/smileys', 'status');
$col_array = $this->table->make_columns($image_array, 8);
$image_array2 = get_clickable_smileys('http://localhost/efg/images/smileys', 'status');
$col_array2 = $this->table->make_columns($image_array2, 8);
$this->data['smiley_table1'] = $this->table->generate($col_array);
$this->data['smiley_tables'] = $this->table->generate($col_array2);
if($this->input->post())
{
$search = $this->input->post('search');
$memb = $this->users_model->search($search);
$usersearch = $this->users_model->search($search);
$grpsearch = $this->users_model->searchgrp($search);
redirect ('home/profile/'.$memb);
}
}
}
My users_model model
public function search($search)
{
$this->db->select('*');
$this->db->from('users');
$this->db->like('username',$search);
$this->db->or_like('fname',$search);
$this->db->or_like('lname',$search);
$this->db->or_like('mname',$search);
$query = $this->db->get();
foreach ($query->result_array() as $row)
{
$memb = $row['idnumber'];
}
$error = 'There is no record for the one you searched. Please go Back.';
$query1 = $this->db->query("SELECT * FROM users WHERE idnumber ='$memb'");
$hehe = $query1->result_array();
if($hehe==NULL)
{
echo $error; exit;
}
else
{
return $memb;
}
}
Always check the varibles using in condition are declared before the condition.
If it doesnt pass the condition what would be the output
public function search($search)
{
$this->db->select('*');
$this->db->from('users');
$this->db->like('username',$search);
$this->db->or_like('fname',$search);
$this->db->or_like('lname',$search);
$this->db->or_like('mname',$search);
$query = $this->db->get();
$memb = null;
foreach ($query->result_array() as $row)
{
$memb = $row['idnumber'];
}
$error = 'There is no record for the one you searched. Please go Back.';
$query1 = $this->db->query("SELECT * FROM users WHERE idnumber =$memb");
$hehe = $query1->result_array();
if($hehe==NULL)
{
return $error;
}
else
{
return $memb;
}
}
Make sure the variables that youll be using in queries are set. Trap before executing queries.
Also, use Query Builder (Active Record) when you can.
public function search($search)
{
$this->db->select('*');
$this->db->from('users');
$this->db->like('username',$search);
$this->db->or_like('fname',$search);
$this->db->or_like('lname',$search);
$this->db->or_like('mname',$search);
$query = $this->db->get();
$memb = '';
if ($query->result_array() > 0) {
foreach ($query->result_array() as $row) {
$memb = $row['idnumber'];
}
if ($memb) {
$this->db->select("*");
$this->db->where("idnumber", $memb);
$query1 = $this->db->get("users");
//$query1 = $this->db->query("SELECT * FROM users WHERE idnumber ='$memb'");
$hehe = $query1->result_array();
return ($hehe) ? $memb : false;
}
return false;
}
$error = 'There is no record for the one you searched. Please go Back.';
return $error;
}
I am new to Codeigniter i am stuck into a problem, i have searched every where but i did not find solution to it,
My problem is when i hit a particular controller method through a link it works perfectly for eg.
http://localhost/MyProject/indexController/user_login_process
but when i hit that method manually after it renders first time properly, it renders view but following error is there.
Please help me to sort out my issue:
Controller:
public function user_login_process() {
$this->form_validation->set_rules('username', 'Username', 'trim|required|xss_clean');
$this->form_validation->set_rules('password', 'Password', 'trim|required|xss_clean');
if ($this->form_validation->run() == FALSE) {
if(isset($this->session->userdata['logged_in'])){
$this->load->view('teaching');
}else{
$this->load->view('index');
}
} else {
$username=$this->input->post('username');
$data = array('username' => $this->input->post('username'),'password' => $this->input->post('password'));
$result = $this->login_database->login($data);
if ($result == TRUE) {
$result = $this->login_database->read_user_information($username);
if ($result != false) {
$session_data = array('id'=>$result[0]->id,'username' => $result[0]->email,'password' => $result[0]->password);
// Add user data in session
$this->session->set_userdata('logged_in', $session_data);
$this->session->set_userdata('user_info', $session_data);
$user_info=$this->session->userdata('user_info');
$u_id=$user_info['id'];
$data['query']=$this->teaching_model->get_all_courses($u_id);
$this->load->view('teaching', $data);
}
}
else
{
$data = array('error_message' => 'Invalid Username or Password');
$this->load->view('index', $data);
}
}
}
Model:
<?php
Class Teaching_model extends CI_Model {
function get_all_courses($u_id)
{
$condition = "u_id =" . "'" . $u_id . "'";
$this->load->database();
$this->db->select("*");
$this->db->from("course");
$this->db->where($condition);
$query=$this->db->get();
return $query->result();
}
}
teaching View:
foreach ($query as $row)
{ ?>
$row->name;
<? } ?>
Try this. All codes are changed. check carefully.
Change your controller name to Home.php and inside Home too. Bcz your URL contain index is something feal bad
In Controller
public function user_login_process() {
$this->form_validation->set_rules('username', 'Username', 'trim|required|xss_clean');
$this->form_validation->set_rules('password', 'Password', 'trim|required|xss_clean');
if ($this->form_validation->run() == FALSE)
{
# I dont know purpose od this. For now i juts redirct to login
redirect('login');
/* if(isset($this->session->userdata['logged_in']))
{
$this->load->view('teaching');
}
else
{
$this->load->view('index');
}*/
}
else
{
$this->load->database();
$username = $this->input->post('username');
$password = $this->input->post('password');
$result = $this->login_database->login($username,$password);
if ($result == 0) {
echo "Invalid login";
}
elseif ($result == 1) {
echo "Multiple account matched. Contact admin";
}
else{
$session_data = array(
'id' =>$result[0]['id'],
'username' => $result[0]['email'],
'password' => $result[0]['password'],
'logged_in' => TRUE
);
# only set one sesstion
$this->session->set_userdata($session_data);
$id = $result[0]['id']; # logged User ID
$data['query']=$this->teaching_model->get_all_courses($id);
}
if ($result)
{
$result = $this->login_database->read_user_information($username);
if ($result != false)
{
// Add user data in session
$this->session->set_userdata('logged_in', $session_data);
$this->session->set_userdata('user_info', $session_data);
$user_info=$this->session->userdata('user_info');
$u_id=$user_info['id'];
$result2 = $this->teaching_model->get_all_courses($u_id);
if($result2 == 0){
echo "No Courses Found";
}
else{
$data['query'] = $result2;
$this->load->view('teaching', $data);
}
}
}
else
{
$data = array('error_message' => 'Invalid Username or Password');
$this->load->view('index', $data);
}
}
}
In Model*(login_database)*
public function login($username,$password)
{
$query = $this->db->query("SELECT * FROM table_name WHERE username = '$username' AND password= '$password' ");
$result = $query->result_array();
$count = count($result);
if (empty($count)) {
return 0;
}
elseif ($count) >1) {
return 1;
}
else{
return $result;
}
}
In Model*(Teaching_model)*
Class Teaching_model extends CI_Model {
function get_all_courses($id)
{
$query = $this->db->query("SELECT * FROM course WHERE u_id = $id");
$result = $query->result_array();
$count = count($result);
if (empty($count)) {
return 0;
}
else{
return $result;
}
}
}
if it is an issue with session, try using database for managing sessions:
config.php
$config['sess_driver'] = 'database';
$config['sess_cookie_name'] = 'ci_sessions';
$config['sess_expiration'] = 7200;
$config['sess_save_path'] = 'ci_sessions';
$config['sess_match_ip'] = FALSE;
$config['sess_time_to_update'] = 300;
$config['sess_regenerate_destroy'] = FALSE;
For MySQL:
Create a table named 'ci_sessions' in your database, all the sessions will be managed using this table, and it will help you when you are hosting the website / application , may avoid some possible errors with the session variables and the permissions :
CREATE TABLE IF NOT EXISTS `ci_sessions` (
`id` varchar(40) NOT NULL,
`ip_address` varchar(45) NOT NULL,
`timestamp` int(10) unsigned DEFAULT 0 NOT NULL,
`data` blob NOT NULL,
KEY `ci_sessions_timestamp` (`timestamp`)
);
**For Validating the users against their password **
public function validate_admin($username,$password)
{
// grab user input
if(isset($_POST['username']) AND $_POST['username'] !='')
{
$username = $this->security->xss_clean($this->input->post('username'));
$password = $this->security->xss_clean($this->input->post('password'));
}
$this->db->where('username', $username);
$this->db->where('password', $password);
$this->db->having("rec_status != 'C' ");
// Run the query
$query = $this->db->get('employee');
// Let's check if there are any results
if($query->num_rows() == 1)
{
// If there is a user, then create session data
$row = $query->row();
$data = array(
'id_admin' => $row->id,
'first_name' => $row->first_name,
'last_name' => $row->last_name,
'email_admin' => $row->email,
'phone_admin' => $row->phone,
'acc_status_admin' => $row->rec_status,
'acc_type_admin' => $row->emp_role,
'validated_admin' => true
);
$this->session->set_userdata($data);
return true;
}
// If the previous process did not validate
// then return false.
return false;
}
I'm writing a class and handful of functions to connect to the database and retrieve the information from the tables. I went through previous posts having similar titles, but most of them have written using mysql functions and I am using mysqli functions.
I want somebody who can go through this simple script and let me know where I am making my mistake.
This is my class.connect.php:
<?php
class mySQL{
var $host;
var $username;
var $password;
var $database;
public $dbc;
public function connect($set_host, $set_username, $set_password, $set_database)
{
$this->host = $set_host;
$this->username = $set_username;
$this->password = $set_password;
$this->database = $set_database;
$this->dbc = mysqli_connect($this->host, $this->username, $this->password, $this->database) or die('Error connecting to DB');
}
public function query($sql)
{
return mysqli_query($this->dbc, $sql) or die('Error querying the Database');
}
public function fetch($sql)
{
$array = mysqli_fetch_array($this->query($sql));
return $array;
}
public function close()
{
return mysqli_close($this->dbc);
}
}
?>
This is my index.php:
<?php
require_once ("class.connect.php");
$connection = new mySQL();
$connection->connect('localhost', 'myDB', 'joker', 'names_list');
$myquery = "SELECT * FROM list";
$query = $connection->query($myquery);
while($array = $connection->fetch($query))
{
echo $array['first_name'] . '<br />';
echo $array['last_name'] . '<br />';
}
$connection->close();
?>
I am getting the error saying that Error querying the Database.
Few problems :-
you don't die without provide a proper mysql error (and is good practice to exit gracefully)
fetch method is only FETCH the first row
mysqli have OO method, why you still using procedural function?
The problem is either this:
public function fetch($sql)
{
$array = mysqli_fetch_array($this->query($sql));
return $array;
}
or this:
while($array = $connection->fetch($query))
Because you are using the result from the query to query again. Basically, you are doing:
$r = mysqli_query($this->dbc, $sql);
$array = mysqli_fetch_array(mysqli_query($this->dbc, $r));
And you are getting an error, because $r is not a query string. When it's converted to a string, it's a "1" (from your other comment).
Try changing the function to (changed name of variable so you can see the difference):
public function fetch($result)
{
return mysqli_fetch_array($result);
}
or just call the function directly.
If you don't do your own db abstraction for learning php and mysql, you can use Medoo (http://medoo.in/).
It's a free and tiny db framework, that could save a huge work and time.
Obviously an error occurs on SELECT * FROM list you can use mysqli_error to find the error:
return mysqli_query($this->dbc, $sql) or die('Error:'.mysqli_error($this->dbc));
This will display the exact error message and will help you solve your problem.
Try to check this
https://pramodjn2.wordpress.com/
$database = new db();
$query = $database->select(‘user’);
$st = $database->result($query);
print_r($st);
class db {
public $server = ‘localhost';
public $user = ‘root';
public $passwd = ‘*****';
public $db_name = ‘DATABASE NAME';
public $dbCon;
public function __construct(){
$this->dbCon = mysqli_connect($this->server, $this->user, $this->passwd, $this->db_name);
}
public function __destruct(){
mysqli_close($this->dbCon);
}
/* insert function table name, array value
$values = array(‘first_name’ => ‘pramod’,’last_name’=> ‘jain’);
*/
public function insert($table,$values)
{
$sql = “INSERT INTO $table SET “;
$c=0;
if(!empty($values)){
foreach($values as $key=>$val){
if($c==0){
$sql .= “$key='”.htmlentities($val, ENT_QUOTES).”‘”;
}else{
$sql .= “, $key='”.htmlentities($val, ENT_QUOTES).”‘”;
}
$c++;
}
}else{
return false;
}
$this->dbCon->query($sql) or die(mysqli_error());
return mysqli_insert_id($this->dbCon);
}
/* update function table name, array value
$values = array(‘first_name’ => ‘pramod’,’last_name’=> ‘jain’);
$condition = array(‘id’ =>5,’first_name’ => ‘pramod!’);
*/
public function update($table,$values,$condition)
{
$sql=”update $table SET “;
$c=0;
if(!empty($values)){
foreach($values as $key=>$val){
if($c==0){
$sql .= “$key='”.htmlentities($val, ENT_QUOTES).”‘”;
}else{
$sql .= “, $key='”.htmlentities($val, ENT_QUOTES).”‘”;
}
$c++;
}
}
$k=0;
if(!empty($condition)){
foreach($condition as $key=>$val){
if($k==0){
$sql .= ” WHERE $key='”.htmlentities($val, ENT_QUOTES).”‘”;
}else{
$sql .= ” AND $key='”.htmlentities($val, ENT_QUOTES).”‘”;
}
$k++;
}
}else{
return false;
}
$result = $this->dbCon->query($sql) or die(mysqli_error());
return $result;
}
/* delete function table name, array value
$where = array(‘id’ =>5,’first_name’ => ‘pramod’);
*/
public function delete($table,$where)
{
$sql = “DELETE FROM $table “;
$k=0;
if(!empty($where)){
foreach($where as $key=>$val){
if($k==0){
$sql .= ” where $key='”.htmlentities($val, ENT_QUOTES).”‘”;
}else{
$sql .= ” AND $key='”.htmlentities($val, ENT_QUOTES).”‘”;
}
$k++;
}
}else{
return false;
}
$del = $result = $this->dbCon->query($sql) or die(mysqli_error());
if($del){
return true;
}else{
return false;
}
}
/* select function
$rows = array(‘id’,’first_name’,’last_name’);
$where = array(‘id’ =>5,’first_name’ => ‘pramod!’);
$order = array(‘id’ => ‘DESC’);
$limit = array(20,10);
*/
public function select($table, $rows = ‘*’, $where = null, $order = null, $limit = null)
{
if($rows != ‘*’){
$rows = implode(“,”,$rows);
}
$sql = ‘SELECT ‘.$rows.’ FROM ‘.$table;
if($where != null){
$k=0;
foreach($where as $key=>$val){
if($k==0){
$sql .= ” where $key='”.htmlentities($val, ENT_QUOTES).”‘”;
}else{
$sql .= ” AND $key='”.htmlentities($val, ENT_QUOTES).”‘”;
}
$k++;
}
}
if($order != null){
foreach($order as $key=>$val){
$sql .= ” ORDER BY $key “.htmlentities($val, ENT_QUOTES).””;
}
}
if($limit != null){
$limit = implode(“,”,$limit);
$sql .= ” LIMIT $limit”;
}
$result = $this->dbCon->query($sql);
return $result;
}
public function query($sql){
$result = $this->dbCon->query($sql);
return $result;
}
public function result($result){
$row = $result->fetch_array();
$result->close();
return $row;
}
public function row($result){
$row = $result->fetch_row();
$result->close();
return $row;
}
public function numrow($result){
$row = $result->num_rows;
$result->close();
return $row;
}
}
The mysqli_fetch_array function in your fetch method requires two parameters which are the SQL result and the kind of array you intend to return. In my case i use MYSQLI_ASSOC.
That is it should appear like this:
public function fetch($sql)
{
$array = mysqli_fetch_array($this->query($sql), MYSQLI_ASSOC);
return $array;
}
**classmysql.inc.php**
<?php
class dbclass {
var $CONN;
function dbclass() { //constructor
$conn = mysql_connect(SERVER_NAME,USER_NAME,PASSWORD);
//$conn = mysql_connect(localhost,root,"","");
if(!$conn)
{ $this->error("Connection attempt failed"); }
if(!mysql_select_db(DB_NAME,$conn))
{ $this->error("Database Selection failed"); }
$this->CONN = $conn;
return true;
}
//_____________close connection____________//
function close(){
$conn = $this->CONN ;
$close = mysql_close($conn);
if(!$close){
$this->error("Close Connection Failed"); }
return true;
}
function error($text) {
$no = mysql_errno();
$msg = mysql_error();
echo "<hr><font face=verdana size=2>";
echo "<b>Custom Message :</b> $text<br><br>";
echo "<b>Error Number :</b> $no<br><br>";
echo "<b>Error Message :</b> $msg<br><br>";
echo "<hr></font>";
exit;
}
//_____________select records___________________//
function select ($sql=""){
if(empty($sql)) { return false; }
if(!eregi("^select",$sql)){
echo "Wrong Query<hr>$sql<p>";
return false; }
if(empty($this->CONN)) { return false; }
$conn = $this->CONN;
$results = #mysql_query($sql,$conn);
if((!$results) or empty($results)) { return false; }
$count = 0;
$data = array();
while ( $row = mysql_fetch_array($results)) {
$data[$count] = $row;
$count++; }
mysql_free_result($results);
return $data;
}
//________insert record__________________//
function insert ($sql=""){
if(empty($sql)) { return false; }
if(!eregi("^insert",$sql)){ return false; }
if(empty($this->CONN)){ return false; }
$conn = $this->CONN;
$results = #mysql_query($sql,$conn);
if(!$results){
$this->error("Insert Operation Failed..<hr>$sql<hr>");
return false; }
$id = mysql_insert_id();
return $id;
}
//___________edit and modify record___________________//
function edit($sql="") {
if(empty($sql)) { return false; }
if(!eregi("^update",$sql)){ return false; }
if(empty($this->CONN)){ return false; }
$conn = $this->CONN;
$results = #mysql_query($sql,$conn);
$rows = 0;
$rows = #mysql_affected_rows();
return $rows;
}
//____________generalize for all queries___________//
function sql_query($sql="") {
if(empty($sql)) { return false; }
if(empty($this->CONN)) { return false; }
$conn = $this->CONN;
$results = mysql_query($sql,$conn) or $this->error("Something wrong in query<hr>$sql<hr>");
if(!$results){
$this->error("Query went bad ! <hr>$sql<hr>");
return false; }
if(!eregi("^select",$sql)){return true; }
else {
$count = 0;
$data = array();
while ( $row = mysql_fetch_array($results))
{ $data[$count] = $row;
$count++; }
mysql_free_result($results);
return $data;
}
}
function extraqueries($sql="") {
if(empty($sql)) { return false; }
if(empty($this->CONN)) { return false; }
$conn = $this->CONN;
$results = mysql_query($sql,$conn) or $this->error("Something wrong in query<hr>$sql<hr>");
if(!$results){
$this->error("Query went bad ! <hr>$sql<hr>");
return false; }
else {
$count = 0;
$data = array();
while ( $row = mysql_fetch_array($results))
{ $data[$count] = $row;
$count++; }
mysql_free_result($results);
return $data;
}
}
}
?>
**config.inc.php**
<?php
ini_set("memory_limit","70000M");
ini_set('max_execution_time', 900);
ob_start();
session_start();
error_reporting(E_ALL & ~E_NOTICE & ~E_DEPRECATED);
############################################
# Database Server
############################################
if($_SERVER['HTTP_HOST']=="localhost")
{
define("DB_NAME","DB_NAME");
define("SERVER_NAME","SERVER_NAME");
define("USER_NAME","USER_NAME");
define("PASSWORD","PASSWORD");
}
else
{
define("DB_NAME","DB_NAME");
define("SERVER_NAME","SERVER_NAME");
define("USER_NAME","USER_NAME");
define("PASSWORD","PASSWORD");
}
#############################################
# File paths
#############################################
// For the Database file path
include("system/classmysql.inc.php");
//For the inc folders
define("INC","inc/");
//For the Function File of the pages folders
define("FUNC","func/");
//For the path of the system folder
define("SYSTEM","system/");
$table_prefix = 'dep_';
################################################################
# Database Class
################################################################
$obj_db = new dbclass();
?>
**Function Page**
<?php
// IF admin is not logged in
if(!isset($_SESSION['session_id']))
{
header("location:index.php");
}
$backpage = 'page.php?type=staff&';
if(isset($_REQUEST['endbtn']) && trim($_REQUEST['endbtn']) == "Back")
{
header("location:".$backpage);
die();
}
// INSERT into database.
if(isset($_REQUEST['submit']) && trim($_REQUEST['submit']) == "Submit")
{
$pass = addslashes(trim($_REQUEST['password']));
$password = encrypt($pass, "deppro");
$username = addslashes(trim($_REQUEST['username']));
$sql = "select * from ".$table_prefix."users where `UserName` ='".$username."'";
$result = $obj_db->select($sql);
if(count($result) == 0)
{
$insert="INSERT INTO ".$table_prefix."users (`UserName`)VALUES ('".$username."')";
$sql=$obj_db->insert($insert);
$newuserid = mysql_insert_id($obj_db->CONN);
}
header("location:".$backpage."msg=send&alert=2");
die();
}
// DELETE record from database
if(isset($_REQUEST['action']) && trim($_REQUEST['action'])==3)
{
if(isset($_REQUEST['id']) && trim($_REQUEST['id']!=""))
{
$id = site_Decryption($_REQUEST['id']);
$sql_del = "Delete from ".$table_prefix."users where StaffID ='$id'";
$del = $obj_db->sql_query($sql_del);
header("location:".$backpage."msg=delete&alert=2");
die();
}
}
// UPDATE the record
$action=1;
if((isset($_REQUEST['action']) && trim($_REQUEST['action'])==2) && (!(isset($_REQUEST['submit']) && trim($_REQUEST['submit']) == "Submit")))
{
if(isset($_REQUEST['id']) && trim($_REQUEST['id']!=""))
{
$id = site_Decryption($_REQUEST['id']);
//$id = $_SESSION['depadmin_id'];
$sql = "select * from ".$table_prefix."users where StaffID ='$id'";
$result = $obj_db->select($sql);
if($result)
{
foreach($result as $row)
{
$title = stripslashes($row['StaffTitle']);
$action=2;
}
}
if(isset($_REQUEST['submit']) && trim($_REQUEST['submit']) == "Update")
{
$title = addslashes(trim($_REQUEST['title']));
$sql_upd ="UPDATE ".$table_prefix."users SET `StaffTitle` = '$title' WHERE StaffID ='$id'";
$result = $obj_db->sql_query($sql_upd);
$action=1;
header("location:".$backpage."msg=edited&alert=2");
die();
}
}
}
if(isset($_REQUEST['vid']) && trim($_REQUEST['vid']!=""))
{
$id = site_Decryption($_REQUEST['vid']);
$sql = "select * from ".$table_prefix."users where StaffID ='$id'";
$result = $obj_db->select($sql);
if($result)
{
foreach($result as $row)
{
$username = stripslashes($row['UserName']);
}
}
}
?>
<td class="center"><span class="editbutton"> </span> <span class="deletebutton"> </span> <a class="lightbox" title="View" href="cpropertyview.php?script=view&vid=<?php echo site_Encryption($sql[$j]['PropertyID']); ?>&lightbox[width]=55p&lightbox[height]=60p"><span class="viewbutton"> </span></a></td>