Permalink
Browse files

Eerste PDO probeersel

  • Loading branch information...
root
root committed Sep 22, 2009
1 parent 6ea97c2 commit ab074d17a841b2ead8d9263a1eb9f0ff21407011
Showing with 243 additions and 166 deletions.
  1. +42 −40 admin.php
  2. +27 −16 broadcast.php
  3. +9 −15 functions.php
  4. +50 −38 index.php
  5. +11 −8 overzicht.php
  6. +7 −5 spelfout.php
  7. +25 −10 template-toevoegen.php
  8. +72 −34 toevoegen.php
View
@@ -14,18 +14,23 @@
$password = trim($_POST['password']);
if ($login != '' && $givenname != '') {
- $login = sqlite_escape_string($login);
- $givenname = sqlite_escape_string($givenname);
- $surname = sqlite_escape_string($surname);
- $addictions = sqlite_escape_string($addictions);
$passphrase = md5($login.':Kabelkrantadmin:'.$password);
-
- $db = sqlite_open(DATABASE, 0666, $sqlerror);
- sqlite_query('BEGIN;', $db);
- sqlite_query($db, 'DELETE FROM editors WHERE login = \''.$login.'\';');
- sqlite_query($db, 'INSERT INTO editors (login, passphrase, surname, addictions, givenname) VALUES (\''.$login.'\', \''.$passphrase.'\', \''.$surname.'\', \''.$addictions.'\', \''.$givenname.'\');');
- sqlite_query('COMMIT;', $db);
- sqlite_close($db);
+
+ $dbh = new PDO(DATABASE, DB_USER, DB_PASSWORD);
+ $dbh->beginTransaction();
+
+ $stmt = $dbh->prepare('DELETE FROM editors WHERE login = :login');
+ $stmt->bindParam(':login', $login, PDO::PARAM_STR);
+ $stmt->execute();
+
+ $stmt = $dbh->prepare('INSERT INTO editors (login, passphrase, surname, addictions, givenname) VALUES (:login, :passphrase, :surname, :addictions, :givenname)');
+ $stmt->bindParam(':login', $login, PDO::PARAM_STR);
+ $stmt->bindParam(':passphrase', $passphrase, PDO::PARAM_STR);
+ $stmt->bindParam(':surname', $surname, PDO::PARAM_STR);
+ $stmt->bindParam(':addictions', $addictions, PDO::PARAM_STR);
+ $stmt->bindParam(':givenname', $givenname, PDO::PARAM_STR);
+ $dbh->commit();
+ $dbh = null;
$fp = fopen('.htdigest', 'a');
fwrite($fp, $login.':Kabelkrantadmin:'.$passphrase."\n");
@@ -39,11 +44,15 @@
if ($login != '') {
clearstatcache();
/* we halen de gebruiker niet uit de database, omdat de refentiele integriteit dat kwijt raakt */
- $db = sqlite_open(DATABASE, 0666, $sqlerror);
- sqlite_query('BEGIN;', $db);
- sqlite_query($db, 'UPDATE editors SET passphrase = \'\' WHERE login = \''.$login.'\';');
- sqlite_query('COMMIT;', $db);
- sqlite_close($db);
+ $dbh = new PDO(DATABASE, DB_USER, DB_PASSWORD);
+ $dbh->beginTransaction();
+
+ $stmt = $dbh->prepare('UPDATE editors SET passphrase = NULL WHERE login = :login');
+ $stmt->bindParam(':login', $login, PDO::PARAM_STR);
+ $stmt->execute();
+
+ $dbh->commit();
+ $dbh = null;
$needle = $login.':';
$nlen = strlen($needle);
@@ -66,11 +75,16 @@
$passphrase = md5($login.':Kabelkrantadmin:'.$password);
clearstatcache();
/* we halen de gebruiker niet uit de database, omdat de refentiele integriteit dat kwijt raakt */
- $db = sqlite_open(DATABASE, 0666, $sqlerror);
- sqlite_query('BEGIN;', $db);
- sqlite_query($db, 'UPDATE editors SET passphrase = \''.$passphrase.'\' WHERE login = \''.$login.'\';');
- sqlite_query('COMMIT;', $db);
- sqlite_close($db);
+ $dbh = new PDO(DATABASE, DB_USER, DB_PASSWORD);
+ $dbh->beginTransaction();
+
+ $stmt = $dbh->prepare('UPDATE editors SET passphrase = :passphrase WHERE login = :login');
+ $stmt->bindParam(':login', $login, PDO::PARAM_STR);
+ $stmt->bindParam(':passphrase', $login, PDO::PARAM_STR);
+ $stmt->execute();
+
+ $dbh->commit();
+ $dbh = null;
$needle = $login.':';
$nlen = strlen($needle);
@@ -102,20 +116,7 @@
Welkom op de nieuwe beta-versie van kabelkrantadmin.<br />
Momenteel worden wat toevoegingen gedaan aan de broncode, het kan zijn
dat je daar iets van merkt.<br />
- <?php
- $now = time();
- $start = $now;
- $end = $now;
-
- $db = sqlite_open(DATABASE, 0666, $sqlerror);
- $query = sqlite_query($db, 'SELECT sum(content_text.duration) FROM content, content_text WHERE content.id=content_text.contentid AND content.start <= '.$start.' AND content.end >= '.$end.';');
- $result = sqlite_fetch_all($query, SQLITE_ASSOC);
-
- $lengte = $result[0]['sum(content_text.duration)'];
-
- sqlite_close($db);
- ?>
- Lengte: <?php echo $lengte; ?>s
+
<form method="post">
<fieldset>
<legend>Gebruiker Toevoegen</legend>
@@ -145,10 +146,11 @@
</tr>
<?php
- $db = sqlite_open(DATABASE, 0666, $sqlerror);
- $query = sqlite_query($db, 'SELECT login, givenname, addictions, surname FROM editors WHERE passphrase <> \'\' ORDER BY surname;');
- $result = sqlite_fetch_all($query, SQLITE_ASSOC);
- sqlite_close($db);
+ $dbh = new PDO(DATABASE, DB_USER, DB_PASSWORD);
+ $stmt = $dbh->query('SELECT login, givenname, addictions, surname FROM editors WHERE passphrase <> \'\' ORDER BY surname;');
+ $result = $stmt->fetchAll();
+ $dbh = null;
+
if (is_array($result)) {
foreach ($result as $entry) {
echo '<tr><td>'.$entry['givenname'].($entry['addictions']!=''?' '.$entry['addictions']:'').
@@ -173,7 +175,7 @@
</fieldset>
</form>
- <i>Wanneer er serieuze problemen zijn, kan er altijd gebeld worden met +31 87 8700579. Kinkrsoftware/Stefan de Konink;<br />
+ <i>Wanneer er serieuze problemen zijn, kan er altijd gebeld worden met +31 85 7 85 31 85. Kinkrsoftware/Stefan de Konink;<br />
Jeroen heeft ook een noodnummer.</i>
</body>
</html>
View
@@ -7,7 +7,8 @@
$now = $_GET['now'];
}
- $db = sqlite_open(DATABASE, 0666, $sqlerror);
+ $dbh = new PDO(DATABASE, DB_USER, DB_PASSWORD);
+
if (isset($_GET['week'])) {
$start = $now-(7*24*60*60);
} else {
@@ -22,20 +23,31 @@
$adsintro = array();
$adsoutro = array();
- $queryding = 'SELECT content_text.id, content_text.template, content_text.category, content_category.title, content_text.title, content_text.photo, content_text.content, content_text.duration FROM content_run, content, content_text, content_category, content_category_image WHERE content_run.start <= '.$start.' AND content_run.end >= '.$end.' AND content.id = content_run.contentid AND content.id=content_text.contentid AND content_category.id=content_category_image.categoryid AND content_text.category=content_category_image.id AND content_category.title = \'Vandaag\' ORDER BY content_text.id, content.start, content.end ASC;';
- $query = sqlite_query($db, $queryding);
- $vandaagresult = sqlite_fetch_all($query, SQLITE_ASSOC);
- $queryding = 'SELECT content_text.id, content_text.template, content_text.category, content_category.title, content_text.title, content_text.photo, content_text.content, content_text.duration FROM content_run, content, content_text, content_category, content_category_image WHERE content_run.start <= '.$start.' AND content_run.end >= '.$end.' AND content.id = content_run.contentid AND content.id=content_text.contentid AND (content_text.category=\'\' OR (content_category.id=content_category_image.categoryid AND content_text.category=content_category_image.id)) AND content_text.template <> \'ng-advertentie.xsl\' AND content_category.title <> \'Vandaag\' AND content_category.title <> \'Colofon\' GROUP BY content_text.id ORDER BY '.(THEMESEQ ? 'content_category_image.categoryid, ':'').'content_text.id, content.start, content.end ASC;';
- $query = sqlite_query($db, $queryding);
+
+ $stmt = $dbh->prepare('SELECT content_text.id, content_text.template, content_text.category, content_category.title, content_text.title, content_text.photo, content_text.content, content_text.duration FROM content_run, content, content_text, content_category, content_category_image WHERE content_run.start <= :start AND content_run.end >= :end AND content.id = content_run.contentid AND content.id=content_text.contentid AND content_category.id=content_category_image.categoryid AND content_text.category=content_category_image.id AND content_category.title = \'Vandaag\' ORDER BY content_text.id, content.start, content.end ASC');
+ $stmt->bindParam(':start', $start, PDO::PARAM_INT);
+ $stmt->bindParam(':end', $end, PDO::PARAM_INT);
+ $stmt->execute();
+ $vandaagresult = $stmt->fetchAll();
+
+ $stmt = $dbh->prepare('SELECT content_text.id, content_text.template, content_text.category, content_category.title, content_text.title, content_text.photo, content_text.content, content_text.duration FROM content_run, content, content_text, content_category, content_category_image WHERE content_run.start <= :start AND content_run.end >= :end AND content.id = content_run.contentid AND content.id=content_text.contentid AND (content_text.category=\'\' OR (content_category.id=content_category_image.categoryid AND content_text.category=content_category_image.id)) AND content_text.template <> \'ng-advertentie.xsl\' AND content_category.title <> \'Vandaag\' AND content_category.title <> \'Colofon\' GROUP BY content_text.id ORDER BY '.(THEMESEQ ? 'content_category_image.categoryid, ':'').'content_text.id, content.start, content.end ASC');
+ $stmt->bindParam(':start', $start, PDO::PARAM_INT);
+ $stmt->bindParam(':end', $end, PDO::PARAM_INT);
+ $stmt->execute();
+ $contentresult = $stmt->fetchAll();
+
+ $stmt = $dbh->prepare('SELECT content_text.id, content_text.template, content_text.category, content_category.title, content_text.title, content_text.photo, content_text.content, content_text.duration FROM content_run, content, content_text, content_category, content_category_image WHERE content_run.start <= :start AND content_run.end >= :end AND content.id = content_run.contentid AND content.id=content_text.contentid AND content_category.id=content_category_image.categoryid AND content_text.category=content_category_image.id AND content_category.title = \'Colofon\' ORDER BY content_text.id, content.start, content.end ASC');
+ $stmt->bindParam(':start', $start, PDO::PARAM_INT);
+ $stmt->bindParam(':end', $end, PDO::PARAM_INT);
+ $stmt->execute();
+ $colofonresult = $stmt->fetchAll();
- $contentresult = sqlite_fetch_all($query, SQLITE_ASSOC);
- $queryding = 'SELECT content_text.id, content_text.template, content_text.category, content_category.title, content_text.title, content_text.photo, content_text.content, content_text.duration FROM content_run, content, content_text, content_category, content_category_image WHERE content_run.start <= '.$start.' AND content_run.end >= '.$end.' AND content.id = content_run.contentid AND content.id=content_text.contentid AND content_category.id=content_category_image.categoryid AND content_text.category=content_category_image.id AND content_category.title = \'Colofon\' ORDER BY content_text.id, content.start, content.end ASC;';
- $query = sqlite_query($db, $queryding);
-
- $colofonresult = sqlite_fetch_all($query, SQLITE_ASSOC);
if (!isset($_GET['no-ads'])) {
- $query = sqlite_query($db, 'SELECT content_text.id, content_text.template, content_text.category, content_text.title, content_text.photo, content_text.content, content_text.duration FROM content_run, content, content_text WHERE content_run.start <= '.$start.' AND content_run.end >= '.$end.' AND content.id = content_run.contentid AND content.id=content_text.contentid AND content_text.template = \'ng-advertentie.xsl\' ORDER BY content_text.id, content.start, content.end ASC;');
- $adsresult = sqlite_fetch_all($query, SQLITE_ASSOC);
+ $stmt = $dbh->prepare('SELECT content_text.id, content_text.template, content_text.category, content_text.title, content_text.photo, content_text.content, content_text.duration FROM content_run, content, content_text WHERE content_run.start <= :start AND content_run.end >= :end AND content.id = content_run.contentid AND content.id=content_text.contentid AND content_text.template = \'ng-advertentie.xsl\' ORDER BY content_text.id, content.start, content.end ASC');
+ $stmt->bindParam(':start', $start, PDO::PARAM_INT);
+ $stmt->bindParam(':end', $end, PDO::PARAM_INT);
+ $stmt->execute();
+ $adsresult = $stmt->fetchAll();
if (count($adsresult) > 0) {
@@ -47,8 +59,6 @@
}
}
- sqlite_close($db);
-
$result = array_merge($vandaagresult, $contentresult, $colofonresult, $adsintro, $adsresult, $adsoutro);
@@ -77,11 +87,12 @@
$location = BROADCASTCACHEDIR.'/'.$file.'.png';
if (!file_exists($location)) {
- $file = checkandbroadcast($safebox=0, $width=RESOLUTIONW, $height=RESOLUTIONH, $format='png', $title, $content, $photo, $template, $category, $dir=$tmpdirectory);
+ $file = checkandbroadcast($dbh, $safebox=0, $width=RESOLUTIONW, $height=RESOLUTIONH, $format='png', $title, $content, $photo, $template, $category, $dir=$tmpdirectory);
}
$out[] = array('title'=>($title==''?($photo==''?'Naamloos':$photo):$title), 'src'=>REMOTEDIR.'/cache/'.$file.'.png', 'dur'=>$dur, 'template'=>$template, 'category'=>$category_title);
}
+ $dbh = null; /* Database niet meer nodig */
reset($out);
View
@@ -97,12 +97,7 @@ function dirtoselect($name, $dir, $active = '', $empty = false, $maxdate = 0) {
return $result;
}
- function dbtoselect($name, $query, $active = '', $empty = false) {
- $db = sqlite_open(DATABASE,0666, $sqlerror);
- $query = sqlite_query($db, $query);
- $qresult = sqlite_fetch_all($query, SQLITE_ASSOC);
- sqlite_close($db);
-
+ function dbtoselect($name, $qresult, $active = '', $empty = false) {
$result = '<select name="'.$name.'">';
if ($empty===true) $result.='<option value=""></option>';
@@ -172,29 +167,28 @@ function newpreview() {
$_SESSION['document']['activeid']=0;
}
- function checkandgenerate($id=0, $safebox=0, $width=269, $height=200, $format='png') {
+ function checkandgenerate($dbh, $id=0, $safebox=0, $width=269, $height=200, $format='png') {
$title = passive('text_title', $id);
$para = passive('text_content', $id);
$photo = passive('text_photo', $id);
$template = passive('text_template', $id);
$category = passive('text_category', $id);
- return checkandbroadcast($safebox, $width, $height, $format='png', $title, $para, $photo, $template, $category, $dir=PREVIEWDIR, $filename=md5($title.$para.$photo.$template.$category));
+ return checkandbroadcast($dbh, $safebox, $width, $height, $format='png', $title, $para, $photo, $template, $category, $dir=PREVIEWDIR, $filename=md5($title.$para.$photo.$template.$category));
}
- function checkandbroadcast($safebox=0, $width=RESOLUTIONW, $height=RESOLUTIONH, $format='png', $title, $para, $photo, $template, $category, $dir='', $filename='') {
+ function checkandbroadcast($dbh, $safebox=0, $width=RESOLUTIONW, $height=RESOLUTIONH, $format='png', $title, $para, $photo, $template, $category, $dir='', $filename='') {
$filename = ($filename!=''?$filename:md5($title.$para.$photo.$template.$category));
$dir = ($dir!=''?$dir:PREVIEWDIR);
$pngfile = $dir.'/'.$filename.'.png';
if (!file_exists($pngfile)) {
$category = ($category!=''?$category:'0');
-
- $db = sqlite_open(DATABASE, 0666, $sqlerror);
- $query = sqlite_query($db, 'SELECT content_category.title, content_category_image.title, content_category_image.photo, content_category_image.width, content_category_image.height, content_category_image.x, content_category_image.y FROM content_category, content_category_image WHERE content_category.id=content_category_image.categoryid AND content_category_image.id='.$category.';');
- $qresult = sqlite_fetch_all($query, SQLITE_ASSOC);
- sqlite_close($db);
-
+
+ $stmt = $dbh->prepare('SELECT content_category.title, content_category_image.title, content_category_image.photo, content_category_image.width, content_category_image.height, content_category_image.x, content_category_image.y FROM content_category, content_category_image WHERE content_category.id=content_category_image.categoryid AND content_category_image.id=:content_category_image_id');
+ $stmt->bindParam(':content_category_image_id', $category, PDO::PARAM_INT);
+ $stmt->execute();
+ $qresult = $stmt->fetchAll();
if (count($qresult)>=1) {
if ($qresult[0]['content_category_image.title']=='') {
Oops, something went wrong.

0 comments on commit ab074d1

Please sign in to comment.