MyHyvesBookPlus/WebDB
1
0
Fork 0
Code Issues 2 Pull Requests Projects Releases Wiki Activity

fix queries for global and prepared

Browse Source
This commit is contained in:
Hendrik
2017-01-20 12:58:34 +01:00
parent daff2f41fa
commit 0f02859124
3 changed files with 52 additions and 36 deletions
Download Patch File Download Diff File Expand all files Collapse all files

43
website/queries/group_page.php
View File

@@ -1,7 +1,7 @@
<?php <?php
function selectGroupById($groupID) { function selectGroupById($groupID) {
return $GLOBALS["db"]->query(" $q = $GLOBALS["db"]->prepare("
SELECT SELECT
`group_page`.`name`, `group_page`.`name`,
`group_page`.`picture`, `group_page`.`picture`,
@@ -11,12 +11,16 @@ function selectGroupById($groupID) {
FROM FROM
`group_page` `group_page`
WHERE WHERE
`group_page`.`groupID` = $groupID `group_page`.`groupID` = :groupID
"); ");
$q->bindParam(':groupID', $groupID);
$q->execute();
return $q;
} }
function select20GroupsFromN($n) { function select20GroupsFromN($n) {
return $GLOBALS["db"]->query(" $q = $GLOBALS["db"]->prepare("
SELECT SELECT
`group_page`.`groupID`, `group_page`.`groupID`,
`group_page`.`name`, `group_page`.`name`,
@@ -29,12 +33,16 @@ function select20GroupsFromN($n) {
ORDER BY ORDER BY
`group_page`.`name` ASC `group_page`.`name` ASC
LIMIT LIMIT
$n, 20 :n, 20
"); ");
$q->bindParam(':n', $n);
$q->execute();
return $q;
} }
function select20GroupsByStatusFromN($n, $status) { function select20GroupsByStatusFromN($n, $status) {
return $GLOBALS["db"]->query(" $q = $GLOBALS["db"]->prepare("
SELECT SELECT
`group_page`.`groupID`, `group_page`.`groupID`,
`group_page`.`name`, `group_page`.`name`,
@@ -45,12 +53,17 @@ function select20GroupsByStatusFromN($n, $status) {
FROM FROM
`group_page` `group_page`
WHERE WHERE
`group_page`.`status` = $status `group_page`.`status` = :status
ORDER BY ORDER BY
`group_page`.`name` ASC `group_page`.`name` ASC
LIMIT LIMIT
$n, 20 :n, 20
"); ");
$q->bindParam(':status', $status);
$q->bindParam(':n', $n);
$q->execute();
return $q;
} }
function search20GroupsFromNByStatus($n, $keyword, $status) { function search20GroupsFromNByStatus($n, $keyword, $status) {
@@ -80,8 +93,8 @@ function search20GroupsFromNByStatus($n, $keyword, $status) {
return $q; return $q;
} }
function searchSomeGroupsByStatus($db, $n, $m, $keyword, $status) { function searchSomeGroupsByStatus($n, $m, $keyword, $status) {
$q = $db->prepare(" $q = $GLOBALS['db']->prepare("
SELECT SELECT
`groupID`, `groupID`,
`name`, `name`,
@@ -108,8 +121,8 @@ function searchSomeGroupsByStatus($db, $n, $m, $keyword, $status) {
return $q; return $q;
} }
function countSomeGroupsByStatus($db, $keyword, $status) { function countSomeGroupsByStatus($keyword, $status) {
$q = $db->prepare(" $q = $GLOBALS['db']->prepare("
SELECT SELECT
COUNT(*) COUNT(*)
FROM FROM
@@ -141,11 +154,9 @@ function changeGroupStatusByID($id, $status) {
return $q; return $q;
} }
<<<<<<< HEAD
function changeMultipleGroupStatusByID($ids, $status) {
function changeMultipleGroupStatusByID($db, $ids, $status) { $q = $GLOBALS['db']->prepare("
$q = $db->prepare("
UPDATE UPDATE
`group_page` `group_page`
SET SET
@@ -163,5 +174,3 @@ function changeMultipleGroupStatusByID($db, $ids, $status) {
?> ?>
=======
>>>>>>> master

29
website/queries/user.php
View File

@@ -87,7 +87,7 @@ function selectAllUserPosts($userID) {
} }
function select20UsersFromN($n) { function select20UsersFromN($n) {
return $GLOBALS["db"]->query(" $q = $GLOBALS["db"]->prepare("
SELECT SELECT
`userID`, `userID`,
`username`, `username`,
@@ -99,8 +99,12 @@ function select20UsersFromN($n) {
`role`, `role`,
`username` `username`
LIMIT LIMIT
$n, 20 :n, 20
"); ");
$q->bindParam(':n', $n);
$q->execute();
return $q;
} }
function search20UsersFromN($n, $keyword) { function search20UsersFromN($n, $keyword) {
@@ -155,8 +159,8 @@ function search20UsersFromNByStatus($n, $keyword, $status) {
return $q; return $q;
} }
function searchSomeUsersByStatus($db, $n, $m, $keyword, $status) { function searchSomeUsersByStatus($n, $m, $keyword, $status) {
$q = $db->prepare(" $q = $GLOBALS["db"]->prepare("
SELECT SELECT
`userID`, `userID`,
`username`, `username`,
@@ -184,8 +188,8 @@ function searchSomeUsersByStatus($db, $n, $m, $keyword, $status) {
return $q; return $q;
} }
function countSomeUsersByStatus($db, $keyword, $status) { function countSomeUsersByStatus($keyword, $status) {
$q = $db->prepare(" $q = $GLOBALS["db"]->prepare("
SELECT SELECT
COUNT(*) COUNT(*)
FROM FROM
@@ -208,20 +212,23 @@ function countSomeUsersByStatus($db, $keyword, $status) {
function changeUserStatusByID($id, $status) { function changeUserStatusByID($id, $status) {
$q = $GLOBALS["db"]->query(" $q = $GLOBALS["db"]->prepare("
UPDATE UPDATE
`user` `user`
SET SET
`role` = $status `role` = :status
WHERE WHERE
`userID` = $id `userID` = :id
"); ");
$q->bindParam(':status', $status);
$q->bindParam(':id', $id);
$q->execute();
return $q; return $q;
} }
function changeMultipleUserStatusByID($db, $ids, $status) { function changeMultipleUserStatusByID($ids, $status) {
$q = $db->prepare(" $q = $GLOBALS["db"]->prepare("
UPDATE UPDATE
`user` `user`
SET SET

16
website/views/adminpanel.php
View File

@@ -84,19 +84,19 @@ if (isset($_GET["groupstatus"])) {
if ($_SERVER["REQUEST_METHOD"] == "POST") { if ($_SERVER["REQUEST_METHOD"] == "POST") {
if (isset($_POST["actions"]) && isset($_POST["userID"])) { if (isset($_POST["actions"]) && isset($_POST["userID"])) {
changeUserStatusByID($db, $_POST["userID"], $_POST["actions"]); changeUserStatusByID($_POST["userID"], $_POST["actions"]);
} }
if (isset($_POST["actions"]) && isset($_POST["groupID"])) { if (isset($_POST["actions"]) && isset($_POST["groupID"])) {
changeGroupStatusByID($db, $_POST["groupID"], $_POST["actions"]); changeGroupStatusByID($_POST["groupID"], $_POST["actions"]);
} }
if (isset($_POST["batchactions"]) && isset($_POST["checkbox-user"])) { if (isset($_POST["batchactions"]) && isset($_POST["checkbox-user"])) {
changeMultipleUserStatusByID($db, $_POST["checkbox-user"], $_POST["batchactions"]); changeMultipleUserStatusByID($_POST["checkbox-user"], $_POST["batchactions"]);
} }
if (isset($_POST["groupbatchactions"]) && isset($_POST["checkbox-group"])) { if (isset($_POST["groupbatchactions"]) && isset($_POST["checkbox-group"])) {
changeMultipleGroupStatusByID($db, $_POST["checkbox-group"], $_POST["groupbatchactions"]); changeMultipleGroupStatusByID($_POST["checkbox-group"], $_POST["groupbatchactions"]);
} }
if (isset($_POST["pageselect"])) { if (isset($_POST["pageselect"])) {
@@ -226,9 +226,9 @@ function test_input($data) {
<div class="admin-pageui"> <div class="admin-pageui">
<?php <?php
if ($pagetype == "user") { if ($pagetype == "user") {
$pages = countSomeUsersByStatus($db, $search, $status); $pages = countSomeUsersByStatus($search, $status);
} else { } else {
$pages = countSomeGroupsByStatus($db, $search, $status); $pages = countSomeGroupsByStatus($search, $status);
} }
$countresults = $pages->fetchColumn(); $countresults = $pages->fetchColumn();
$mincount = min($listm, $countresults); $mincount = min($listm, $countresults);
@@ -277,7 +277,7 @@ function test_input($data) {
$listm = $currentpage * $perpage; $listm = $currentpage * $perpage;
if ($pagetype == 'user') { if ($pagetype == 'user') {
$q = searchSomeUsersByStatus($db, $listn, $listm, $search, $status); $q = searchSomeUsersByStatus($listn, $listm, $search, $status);
while($user = $q->fetch(PDO::FETCH_ASSOC)) { while($user = $q->fetch(PDO::FETCH_ASSOC)) {
$userID = $user['userID']; $userID = $user['userID'];
@@ -316,7 +316,7 @@ function test_input($data) {
"); ");
} }
} else { } else {
$q = searchSomeGroupsByStatus($db, $listn, $listm, $search, $groupstatus); $q = searchSomeGroupsByStatus($listn, $listm, $search, $groupstatus);
while ($group = $q->fetch(PDO::FETCH_ASSOC)) { while ($group = $q->fetch(PDO::FETCH_ASSOC)) {
$groupID = $group['groupID']; $groupID = $group['groupID'];