192 lines
5.1 KiB
PHP
192 lines
5.1 KiB
PHP
|
<?php
|
||
|
|
class Data{
|
||
|
|
function __construct(){
|
||
|
|
$this->link_database();
|
||
|
|
$this->em_check_database();
|
||
|
|
$this->read_variables();
|
||
|
|
date_default_timezone_set($this->settings['timezone']);
|
||
|
|
}
|
||
|
|
|
||
|
|
function read_variables() {
|
||
|
|
//reads all GET and POST variables into the object, addslashing both
|
||
|
|
if (count($_POST)) {
|
||
|
|
foreach ($_POST as $key => $val){
|
||
|
|
$key=addslashes("r_".$key);
|
||
|
|
if (is_array($val)) {
|
||
|
|
for ($z=0;$z<count($val);$z++) {
|
||
|
|
$val[$z]=addslashes($val[$z]);
|
||
|
|
}
|
||
|
|
}
|
||
|
|
else {
|
||
|
|
$val=addslashes($val);
|
||
|
|
}
|
||
|
|
$this->$key=$val;
|
||
|
|
}
|
||
|
|
}
|
||
|
|
if (count($_GET)) {
|
||
|
|
foreach ($_GET as $key => $val){
|
||
|
|
$key=addslashes("r_".$key);
|
||
|
|
if (is_array($val)) {
|
||
|
|
for ($z=0;$z<count($val);$z++) {
|
||
|
|
$val[$z]=addslashes($val[$z]);
|
||
|
|
}
|
||
|
|
}
|
||
|
|
else {
|
||
|
|
$val=addslashes($val);
|
||
|
|
}
|
||
|
|
|
||
|
|
$this->$key=$val;
|
||
|
|
}
|
||
|
|
}
|
||
|
|
}//end of function read variables
|
||
|
|
|
||
|
|
|
||
|
|
function link_database() {
|
||
|
|
$this->databaselink = new mysqli(DB_HOST,DB_USER,DB_PW,DB_DATABASE);
|
||
|
|
$this->databaselink->set_charset('utf8');
|
||
|
|
if ($this->databaselink->connect_errno) {
|
||
|
|
return "Datenbank nicht erreichbar: (" . $this->databaselink->connect_errno . ") " . $this->databaselink->connect_error;
|
||
|
|
}
|
||
|
|
else{
|
||
|
|
$this->databasename=DB_DATABASE;
|
||
|
|
$this->databaselink->query("SET SQL_MODE = '';");
|
||
|
|
return True;
|
||
|
|
}
|
||
|
|
}
|
||
|
|
|
||
|
|
function store_data($sTable,$aFields,$sKey_ID,$mID) {
|
||
|
|
//updates or inserts data
|
||
|
|
//returns ID or -1 if fails
|
||
|
|
$i=0; $returnID = 0;
|
||
|
|
|
||
|
|
if(($mID>0) or ($mID!="") or ($mID != null)) {
|
||
|
|
//search for it
|
||
|
|
$aCheckFields=array($sKey_ID=>$mID);
|
||
|
|
$aRow=$this->select_row($sTable,$aCheckFields);
|
||
|
|
$returnID=$aRow[$sKey_ID];
|
||
|
|
}
|
||
|
|
if(($returnID>0) or ($returnID!="")) {
|
||
|
|
$sQuery="update ".$sTable." set ";
|
||
|
|
foreach($aFields as $key=>$value) {
|
||
|
|
$sQuery.=$key."='".$value."'";
|
||
|
|
$i++;
|
||
|
|
if($i<count($aFields)) {
|
||
|
|
$sQuery.=",";
|
||
|
|
}
|
||
|
|
}
|
||
|
|
$sQuery.=" where ".$sKey_ID."='".$mID."'";
|
||
|
|
$mDataset_ID=$returnID;
|
||
|
|
}
|
||
|
|
else {
|
||
|
|
$sKeys = ""; $sValues = "";
|
||
|
|
$sQuery="insert into ".$sTable." (";
|
||
|
|
foreach($aFields as $sKey=>$value) {
|
||
|
|
$sKeys.=$sKey;
|
||
|
|
$sValues.="'".$value."'";
|
||
|
|
$i++;
|
||
|
|
if($i<count($aFields)) {
|
||
|
|
$sKeys.=",";
|
||
|
|
$sValues.=",";
|
||
|
|
}
|
||
|
|
}
|
||
|
|
$sQuery.=$sKeys.") values (".$sValues.")";
|
||
|
|
}
|
||
|
|
$this->last_query[]=$sQuery;
|
||
|
|
if ($pResult = $this->databaselink->query($sQuery)) {
|
||
|
|
if(($returnID>0) or ($returnID!="")) {
|
||
|
|
return $returnID;
|
||
|
|
}
|
||
|
|
else {
|
||
|
|
return $this->databaselink->insert_id;
|
||
|
|
}
|
||
|
|
}
|
||
|
|
else {
|
||
|
|
return -1;
|
||
|
|
}
|
||
|
|
}
|
||
|
|
|
||
|
|
function save_user($aUser){
|
||
|
|
/*
|
||
|
|
args:
|
||
|
|
Array $aUser
|
||
|
|
Array of user information which will be saved.
|
||
|
|
e.g. array(
|
||
|
|
'forename' => String $forname,
|
||
|
|
'surname' => String $surname,
|
||
|
|
'email' => String $email,
|
||
|
|
'UID' => String $UID,
|
||
|
|
'language' => String $language,
|
||
|
|
'admin' => Bool $admin,
|
||
|
|
'password' => String md5(str_rev($password)), #deprecated, do not use!
|
||
|
|
'password_hash' => password_hash(String $password, PASSWORD_DEFAULT)
|
||
|
|
);
|
||
|
|
|
||
|
|
returns:
|
||
|
|
None
|
||
|
|
Function will save user Information given in $aUser. If user exists it will
|
||
|
|
overwrite existing data but not delete not-specified data
|
||
|
|
*/
|
||
|
|
$aFields = $aUser;
|
||
|
|
if ((isset($this->r_user_ID))and ($this->r_user_ID != "")){
|
||
|
|
$this->ID=$this->store_data(TABLE_USER, $aFields, 'user_ID' , $this->r_user_ID);
|
||
|
|
}
|
||
|
|
else{
|
||
|
|
$this->ID=$this->store_data(TABLE_USER, $aFields, NULL , NULL);
|
||
|
|
}
|
||
|
|
}
|
||
|
|
}
|
||
|
|
|
||
|
|
//end of class
|
||
|
|
|
||
|
|
session_start();
|
||
|
|
|
||
|
|
|
||
|
|
include ("config/config.inc.php");
|
||
|
|
|
||
|
|
|
||
|
|
$oObject = new Data;
|
||
|
|
|
||
|
|
$oObject->output = "";
|
||
|
|
|
||
|
|
switch ($oObject->r_ac){
|
||
|
|
case 'save'
|
||
|
|
$aUser = array();
|
||
|
|
if(isset($oObject->r_user_ID)){
|
||
|
|
$aUser['user_ID'] = $oObject->r_user_ID;
|
||
|
|
}
|
||
|
|
if(isset($oObject->r_name)){
|
||
|
|
$aUser['name'] = $oObject->r_forename;
|
||
|
|
}
|
||
|
|
if(isset($oObject->r_email)){
|
||
|
|
$aUser['email'] = $oObject->r_email;
|
||
|
|
}
|
||
|
|
if(isset($oObject->r_email)){
|
||
|
|
$aUser['signal'] = $oObject->r_email;
|
||
|
|
}
|
||
|
|
if(isset($oObject->r_email)){
|
||
|
|
$aUser['sms'] = $oObject->r_email;
|
||
|
|
}
|
||
|
|
if(isset($oObject->r_email)){
|
||
|
|
$aUser['telegram'] = $oObject->r_email;
|
||
|
|
}
|
||
|
|
if(isset($oObject->r_email)){
|
||
|
|
$aUser['threema'] = $oObject->r_email;
|
||
|
|
}
|
||
|
|
$oObject->save_user($aUser);
|
||
|
|
$oObject->output += "Erfolgreich gespeichert";
|
||
|
|
break;
|
||
|
|
default:
|
||
|
|
$oObject->get_view("views/user_form.php");
|
||
|
|
}
|
||
|
|
function output($oObject){
|
||
|
|
echo $oObject->get_view("views/head.php");
|
||
|
|
echo $oObject->get_view("views/body.php");
|
||
|
|
}
|
||
|
|
output($oObject);
|
||
|
|
|
||
|
|
}
|
||
|
|
|
||
|
|
|
||
|
|
|
||
|
|
?>
|