link_database(); $this->em_check_database(); $this->read_variables(); date_default_timezone_set('Europe/Berlin'); } function read_variables() { //reads all GET and POST variables into the object, addslashing both if (count($_POST)) { foreach ($_POST as $key => $val){ $key=addslashes("r_".$key); if (is_array($val)) { for ($z=0;$z$key=$val; } } if (count($_GET)) { foreach ($_GET as $key => $val){ $key=addslashes("r_".$key); if (is_array($val)) { for ($z=0;$z$key=$val; } } }//end of function read variables function link_database() { $this->databaselink = new mysqli(DB_HOST,DB_USER,DB_PW,DB_DATABASE); $this->databaselink->set_charset('utf8'); if ($this->databaselink->connect_errno) { return "Datenbank nicht erreichbar: (" . $this->databaselink->connect_errno . ") " . $this->databaselink->connect_error; } else{ $this->databasename=DB_DATABASE; $this->databaselink->query("SET SQL_MODE = '';"); return True; } } function em_check_database() { /* params: None returns: None This function compares the database structure to a predefined structure which is saved in db_array_config.php and adds missing structures. Makes installation+updates easy */ $aTable=array(); //Alle Tabellen in Array lesen, inklusive aller Eigenschaften $result=$this->databaselink->query("show tables from ".DB_DATABASE); while($row = $result->fetch_array(MYSQLI_BOTH)){ $aTable[]=$row[0]; } $aData=array(); $database_structure_path = __DIR__."/config/db_array.inc.php"; include($database_structure_path); foreach($aData as $table=>$fields){ if(!in_array($table,$aTable)) { //Add table to database $mCounter=0; $sCommand="CREATE TABLE IF NOT EXISTS `".$table."` ("; foreach($fields as $fieldname=>$properties){ $extra = ""; if($mCounter==0) { $key="KEY `".$fieldname."` (`".$fieldname."`)"; } if($properties["size"]!="") { $size="(".$properties["size"].")"; } else { $size=""; } if((isset($properties["unique"])) and ($properties['unique']==true)) { $unique="UNIQUE KEY `".$fieldname."_2` (`".$fieldname."`),";} else { $unique=""; } if((isset($properties["extra"])) and ($properties != "")){ $extra = $properties['extra']; } $sCommand .= "`".$fieldname."` ".$properties["type"].$size." ".$properties["standard"]." ".$extra.","; $mCounter++; } $sCommand.=$unique.$key.") ENGINE=InnoDB ;"; $this->last_query[]=$sCommand; $updateresult=$this->databaselink->query($sCommand); } else { //Felder checken und Tabelle updaten $resultField=$this->databaselink->query("show fields from ".DB_DATABASE.".".$table); while($aRowF = $resultField->fetch_array(MYSQLI_BOTH)){ $aTableFields[]=$aRowF[0]; } foreach($fields as $fieldname=>$properties) { if(!in_array($fieldname,$aTableFields)) { if((isset($properties["size"]) and ($properties['size']!=""))) { $size="(".$properties["size"].")"; } else { $size=""; } $sCommand="ALTER TABLE `".$table."` ADD `".$fieldname."` ".$properties["type"].$size." ".$properties["standard"]; $this->last_query[]=$sCommand; $updateresult=$this->databaselink->query($sCommand); } } } unset($aTableFields); unset($aFields); unset($properties); } unset($aData); } function store_data($sTable,$aFields,$sKey_ID,$mID) { //updates or inserts data //returns ID or -1 if fails $i=0; $returnID = 0; if(($mID>0) or ($mID!="") or ($mID != null)) { //search for it $aCheckFields=array($sKey_ID=>$mID); $aRow=$this->select_row($sTable,$aCheckFields); $returnID=$aRow[$sKey_ID]; } if(($returnID>0) or ($returnID!="")) { $sQuery="update ".$sTable." set "; foreach($aFields as $key=>$value) { $sQuery.=$key."='".$value."'"; $i++; if($i$value) { $sKeys.=$sKey; $sValues.="'".$value."'"; $i++; if($ilast_query[]=$sQuery; if ($pResult = $this->databaselink->query($sQuery)) { if(($returnID>0) or ($returnID!="")) { return $returnID; } else { return $this->databaselink->insert_id; } } else { return -1; } } function save_user($aUser){ /* args: Array $aUser Array of user information which will be saved. e.g. array( 'forename' => String $forname, 'surname' => String $surname, 'email' => String $email, 'UID' => String $UID, 'language' => String $language, 'admin' => Bool $admin, 'password' => String md5(str_rev($password)), #deprecated, do not use! 'password_hash' => password_hash(String $password, PASSWORD_DEFAULT) ); returns: None Function will save user Information given in $aUser. If user exists it will overwrite existing data but not delete not-specified data */ $aFields = $aUser; if ((isset($this->r_user_ID))and ($this->r_user_ID != "")){ $this->ID=$this->store_data(TABLE_USER, $aFields, 'user_ID' , $this->r_user_ID); } else{ $this->ID=$this->store_data(TABLE_USER, $aFields, NULL , NULL); } } function get_view($Datei) { ob_start(); //startet Buffer include($Datei); $output=ob_get_contents(); //Buffer wird geschrieben ob_end_clean(); //Buffer wird gelöscht return $output; } } //end of class session_start(); include ("config/config.inc.php"); $oObject = new Data; $oObject->output = ""; switch ($oObject->r_ac){ case 'user_save': $aUser = array(); if(isset($oObject->r_user_ID)){ $aUser['user_ID'] = $oObject->r_user_ID; } if(isset($oObject->r_name)){ $aUser['name'] = $oObject->r_name; } if(isset($oObject->r_email)){ $aUser['email'] = $oObject->r_email; } if(isset($oObject->r_email)){ $aUser['signalmessenger'] = $oObject->r_signalmessenger; } if(isset($oObject->r_email)){ $aUser['sms'] = $oObject->r_sms; } if(isset($oObject->r_email)){ $aUser['telegram'] = $oObject->r_telegram; } if(isset($oObject->r_email)){ $aUser['threema'] = $oObject->r_threema; } $oObject->save_user($aUser); $oObject->output .= "Erfolgreich gespeichert"; break; default: $oObject->output = $oObject->get_view("views/user_form.php"); break; } function output($oObject){ echo $oObject->get_view("views/head.php"); echo $oObject->get_view("views/body.php"); } output($oObject); ?>