forked from science-ation/science-ation
Complete initial pass of sql conversion
This commit is contained in:
parent
f7c6c506a1
commit
9892d738d4
@ -1,7 +1,7 @@
|
||||
<?
|
||||
include "../data/config.inc.php";
|
||||
mysql_connect($DBHOST,substr($DBUSER,0,16),$DBPASS);
|
||||
mysql_select_db($DBNAME);
|
||||
include "../common.inc.php";
|
||||
|
||||
$q=$pdo->prepare("SELECT val FROM config WHERE year='0' AND var='judge_scheduler_percent'");
|
||||
$q->execute();
|
||||
$r=$q->fetch(PDO::FETCH_OBJ);
|
||||
|
||||
@ -26,8 +26,8 @@ ogram; see the file COPYING. If not, write to
|
||||
|
||||
if($_GET['action'] == 'output') {
|
||||
include "../data/config.inc.php";
|
||||
mysql_connect($DBHOST,substr($DBUSER,0,16),$DBPASS);
|
||||
mysql_select_db($DBNAME);
|
||||
include "../common.inc.php";
|
||||
|
||||
$q=$pdo->prepare("SELECT val FROM config WHERE year='0' AND var='tours_assigner_percent'");
|
||||
$q->execute();
|
||||
$r=$q->fetch(PDO::FETCH_OBJ);
|
||||
@ -49,20 +49,7 @@ ogram; see the file COPYING. If not, write to
|
||||
'Tours' => 'admin/tours.php')
|
||||
);
|
||||
require_once("../ajax.inc.php");
|
||||
?>
|
||||
|
||||
<script type="text/javascript">
|
||||
var starttime=0;
|
||||
var startpercent=0;
|
||||
var deltatime=0;
|
||||
var deltapercent=0;
|
||||
var avgtimeperpercent=0;
|
||||
var remainingpercent=0;
|
||||
var remainingtime=0;
|
||||
|
||||
function updateStatus()
|
||||
{
|
||||
document.getElementById('updatestatus').innerHTML="Updating...";
|
||||
?>DBHOST'updatestatus').innerHTML="Updating...";
|
||||
var url="tours_sa_status.php?action=output";
|
||||
http.open("GET",url,true);
|
||||
http.onreadystatechange=handleResponse;
|
||||
@ -75,26 +62,26 @@ function clearUpdatingMessage()
|
||||
|
||||
}
|
||||
|
||||
function handleResponse()
|
||||
function handleResponse()DBHOST
|
||||
{
|
||||
try {
|
||||
|
||||
if(http.readyState==4)
|
||||
{
|
||||
{DBHOST
|
||||
var obj=http.responseText.split(":");
|
||||
document.getElementById('schedulerstatus').innerHTML=obj[1];
|
||||
document.getEleDBHOSTmentById('schedulerstatus').innerHTML=obj[1];
|
||||
if(obj[0]=="-1")
|
||||
{
|
||||
document.getElementById('schedulerpercent').innerHTML="100%";
|
||||
document.getElementById('updatestatus').innerHTML="Scheduling Complete";
|
||||
document.getElementById('schedulereta').innerHTML="Complete";
|
||||
document.getDBHOSTElementById('schedulereta').innerHTML="Complete";
|
||||
}
|
||||
else
|
||||
{
|
||||
document.getElementById('schedulerpercent').innerHTML=obj[0]+"%";
|
||||
setTimeout('updateStatus()',5000);
|
||||
setTimeout('DBHOSTupdateStatus()',5000);
|
||||
document.getElementById('updatestatus').innerHTML="Updating... Done!";
|
||||
setTimeout('clearUpdatingMessage()',500);
|
||||
setTimeout('DBHOSTclearUpdatingMessage()',500);
|
||||
|
||||
var currentTime=new Date();
|
||||
if(starttime==0)
|
||||
@ -102,7 +89,7 @@ function handleResponse()
|
||||
starttime=currentTime.getTime();
|
||||
startpercent=obj[0];
|
||||
}
|
||||
deltatime=currentTime.getTime()-starttime;
|
||||
deltatime=cDBHOSTurrentTime.getTime()-starttime;
|
||||
deltapercent=obj[0]-startpercent;
|
||||
|
||||
avgtimeperpercent=deltatime/deltapercent;
|
||||
@ -115,7 +102,7 @@ function handleResponse()
|
||||
}
|
||||
}
|
||||
}
|
||||
catch(e)
|
||||
catch(e)DBHOST
|
||||
{
|
||||
alert('caught error'+e);
|
||||
|
||||
|
||||
@ -3,15 +3,19 @@ function db_update_111_post()
|
||||
{
|
||||
global $config;
|
||||
//grab the index page
|
||||
$q=mysql_query("SELECT * FROM pagetext WHERE textname='index' AND year='{$config['FAIRYEAR']}'");
|
||||
if(!mysql_num_rows($q)) {
|
||||
$q=mysql_query("SELECT * FROM pagetext WHERE textname='index' AND year='-1'");
|
||||
}
|
||||
while($r=mysql_fetch_object($q)) {
|
||||
$q=$pdo->prepare("SELECT * FROM pagetext WHERE textname='index' AND year='{$config['FAIRYEAR']}'");
|
||||
$q->execute();
|
||||
if(!$q->rowCount()) {
|
||||
$q=$pdo->prepare("SELECT * FROM pagetext WHERE textname='index' AND year='-1'");
|
||||
$q->execute();
|
||||
}
|
||||
while($r=$q->fetch(PDO::FETCH_OBJ)) {
|
||||
//insert it into the CMS under index.html
|
||||
mysql_query("INSERT INTO cms (filename,dt,lang,text,showlogo) VALUES ('index.html','$r->lastupdate','$r->lang','".mysql_escape_string($r->text)."','1')");
|
||||
$stmt = $pdo->prepare("INSERT INTO cms (filename,dt,lang,text,showlogo) VALUES ('index.html','$r->lastupdate','$r->lang','".$r->text."','1')");
|
||||
$stmt->execute();
|
||||
}
|
||||
//and remove it from the pagetext
|
||||
mysql_query("DELETE FROM pagetext WHERE textname='index'");
|
||||
$stmt = $pdo->prepare("DELETE FROM pagetext WHERE textname='index'");
|
||||
$stmt->execute();
|
||||
}
|
||||
?>
|
||||
|
||||
@ -9,18 +9,21 @@ function db_update_117_post()
|
||||
'willing_chair' => 'Willing Chair');
|
||||
|
||||
foreach($qmap as $field=>$head) {
|
||||
$q = mysql_query("SELECT id FROM questions WHERE db_heading='{$head}'");
|
||||
while($i = mysql_fetch_object($q)) {
|
||||
$q = $pdo->prepare("SELECT id FROM questions WHERE db_heading='{$head}'");
|
||||
$q->execute();
|
||||
while($i = $q->fetch(PDO::FETCH_OBJ)) {
|
||||
$id = $i->id;
|
||||
|
||||
/* Drop all answers for this question */
|
||||
mysql_query("DELETE FROM question_answers
|
||||
$stmt = $pdo->prepare("DELETE FROM question_answers
|
||||
WHERE questions_id='$id'");
|
||||
}
|
||||
$stmt->execute();
|
||||
}
|
||||
|
||||
/* Now dump the question itself */
|
||||
mysql_query("DELETE FROM questions
|
||||
$stmt = $pdo->prepare("DELETE FROM questions
|
||||
WHERE id='$id'");
|
||||
$stmt->execute();
|
||||
|
||||
}
|
||||
}
|
||||
|
||||
@ -8,8 +8,9 @@ function db_update_118_post()
|
||||
$userfields=array("salutation","firstname","lastname","email","phonehome","phonework","phonecell","fax");
|
||||
|
||||
//grab all the contacts from awards_contacts
|
||||
$q=mysql_query("SELECT * FROM award_contacts");
|
||||
while($r=mysql_fetch_object($q)) {
|
||||
$q=$pdo->prepare("SELECT * FROM award_contacts");
|
||||
$q->execute();
|
||||
while($r=$q->fetch(PDO::FETCH_OBJ)) {
|
||||
|
||||
//if its older than the current year, then set them to complete/active because if they were in the
|
||||
//system then, then they must have beenc omplete and active
|
||||
@ -24,8 +25,9 @@ function db_update_118_post()
|
||||
$active="yes";
|
||||
}
|
||||
//see if a user exists with this email
|
||||
$uq=mysql_query("SELECT * FROM users WHERE (username='".mysql_real_escape_string($r->email)."' OR email='".mysql_real_escape_string($r->email)."') ORDER BY year DESC LIMIT 1"); // AND year='$r->year'");
|
||||
if($r->email && $ur=mysql_fetch_object($uq)) {
|
||||
$uq=$pdo->prepare("SELECT * FROM users WHERE (username='".$r->email."' OR email='".$r->email."') ORDER BY year DESC LIMIT 1"); // AND year='$r->year'");
|
||||
$uq->execute();
|
||||
if($r->email && $ur=$uq->fetch(PDO::FETCH_OBJ)) {
|
||||
$user_id=$ur->id;
|
||||
echo "Using existing users.id=$user_id for award_contacts.id=$r->id because email address ($r->email) matches\n";
|
||||
|
||||
@ -34,12 +36,13 @@ function db_update_118_post()
|
||||
foreach($userfields AS $f) {
|
||||
//if its NOT in their USER record, but it IS in their AWARD_CONTACTS record, then bring it over, else, assume the users record has priority
|
||||
if(!$ur->$f && $r->$f) {
|
||||
$sqlset.="`$f`='".mysql_real_escape_string($r->$f)."', ";
|
||||
$sqlset.="`$f`='".$r->$f."', ";
|
||||
}
|
||||
}
|
||||
$sql="UPDATE users SET $sqlset `types`='{$ur->types},sponsor' WHERE id='$user_id'";
|
||||
mysql_query($sql);
|
||||
echo mysql_error();
|
||||
$stmt = $pdo->prepare($sql);
|
||||
$stmt->execute();
|
||||
echo $pdo->errorInfo();
|
||||
echo " Updated user record\n";
|
||||
|
||||
}
|
||||
@ -61,31 +64,34 @@ function db_update_118_post()
|
||||
|
||||
//set passwordset to 0000-00-00 to force it to expire on next login
|
||||
$sql="INSERT INTO users (`types`,`username`,`created`,`password`,`passwordset`,`".implode("`,`",$userfields)."`,`year`) VALUES (";
|
||||
$sql.="'sponsor','".mysql_real_escape_string($username)."',NOW(),'$password','0000-00-00'";
|
||||
$sql.="'sponsor','".$username."',NOW(),'$password','0000-00-00'";
|
||||
foreach($userfields AS $f) {
|
||||
$sql.=",'".mysql_real_escape_string($r->$f)."'";
|
||||
$sql.=",'".$r->$f."'";
|
||||
}
|
||||
$sql.=",'".mysql_real_escape_string($r->year)."')";
|
||||
mysql_query($sql);
|
||||
echo mysql_error();
|
||||
$sql.=",'".$r->year."')";
|
||||
$stmt = $pdo->prepare($sql);
|
||||
$stmt->execute();
|
||||
echo $pdo->errorInfo();
|
||||
|
||||
$user_id=mysql_insert_id();
|
||||
$user_id=$pdo->lastInsertId();
|
||||
//and link it to themselves as a starting record
|
||||
mysql_query("UPDATE users SET uid='$user_id' WHERE id='$user_id'");
|
||||
$stmt = $pdo->prepare("UPDATE users SET uid='$user_id' WHERE id='$user_id'");
|
||||
$stmt->execute();
|
||||
echo "Creating new users.id=$user_id for award_contacts.id=$r->id\n";
|
||||
|
||||
}
|
||||
|
||||
echo " Linking $user_id to users_sponsor record\n";
|
||||
mysql_query("INSERT INTO users_sponsor (`users_id`,`sponsors_id`,`sponsor_complete`,`sponsor_active`,`primary`,`position`,`notes`) VALUES (
|
||||
$stmt = $pdo->prepare("INSERT INTO users_sponsor (`users_id`,`sponsors_id`,`sponsor_complete`,`sponsor_active`,`primary`,`position`,`notes`) VALUES (
|
||||
'".$user_id."',
|
||||
'".$r->award_sponsors_id."',
|
||||
'$complete',
|
||||
'$active',
|
||||
'".mysql_real_escape_string($r->primary)."',
|
||||
'".mysql_real_escape_string($r->position)."',
|
||||
'".mysql_real_escape_string($r->notes)."')");
|
||||
echo mysql_error();
|
||||
'".$r->primary."',
|
||||
'".$r->position."',
|
||||
'".$r->notes."')");
|
||||
$stmt->execute();
|
||||
echo $pdo->errorInfo();
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@ -8,13 +8,16 @@ function db_update_131_pre()
|
||||
//add a sponsorship entry with a value of the total sum of the prizes given
|
||||
//for each sponsor
|
||||
|
||||
$q=mysql_query("SELECT * FROM sponsors");
|
||||
while($r=mysql_fetch_object($q)) {
|
||||
$q=$pdo->prepare("SELECT * FROM sponsors");
|
||||
$q->execute();
|
||||
while($r=$q->fetch(PDO::FETCH_OBJ)) {
|
||||
$total=0;
|
||||
$awardq=mysql_query("SELECT * FROM award_awards WHERE sponsors_id='$r->id' AND year='$year'");
|
||||
while($awardr=mysql_fetch_object($awardq)) {
|
||||
$prizeq=mysql_query("SELECT cash,scholarship,value,number FROM award_prizes WHERE award_awards_id='$awardr->id'");
|
||||
while($prizer=mysql_fetch_object($prizeq)) {
|
||||
$awardq=$pdo->prepare("SELECT * FROM award_awards WHERE sponsors_id='$r->id' AND year='$year'");
|
||||
$awardq->execute();
|
||||
while($awardr=$awardq->fetch(PDO::FETCH_OBJ)) {
|
||||
$prizeq=$pdo->prepare("SELECT cash,scholarship,value,number FROM award_prizes WHERE award_awards_id='$awardr->id'");
|
||||
$prizeq->execute();
|
||||
while($prizer=$prizeq->fetch(PDO::FETCH_OBJ)) {
|
||||
//some people never set the value for some reason, i dunno why..
|
||||
$realvalue=max($prizer->cash+$prizer->scholarship,$prizer->value);
|
||||
$totalvalue=$realvalue*$prizer->number;
|
||||
@ -22,14 +25,16 @@ function db_update_131_pre()
|
||||
}
|
||||
}
|
||||
echo "Creating sponsorship for ID: $r->id value: $total\n";
|
||||
mysql_query("INSERT INTO sponsorships (sponsors_id,fundraising_type,value,status,probability,year) VALUES (
|
||||
$pdo->prepare("INSERT INTO sponsorships (sponsors_id,fundraising_type,value,status,probability,year) VALUES (
|
||||
'$r->id',
|
||||
'sfawards',
|
||||
'$total',
|
||||
'pending',
|
||||
'25',
|
||||
'$year')");
|
||||
mysql_query("INSERT INTO sponsors_logs (sponsors_id,dt,users_id,log) VALUES ('$r->id',NOW(),0,'Automatically created sponsorship from existing sponsor. type=award, value=\$$total, status=pending, probability=25%')");
|
||||
$pdo->execute(0;)
|
||||
$stmt = $pdo->prepare("INSERT INTO sponsors_logs (sponsors_id,dt,users_id,log) VALUES ('$r->id',NOW(),0,'Automatically created sponsorship from existing sponsor. type=award, value=\$$total, status=pending, probability=25%')");
|
||||
$stmt->execute();
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@ -41,8 +41,9 @@ function db_update_146_handle($name, $email, $phone, $type)
|
||||
function db_update_146_post()
|
||||
{
|
||||
global $config;
|
||||
$q = mysql_query("SELECT * FROM schools WHERE year='{$config['FAIRYEAR']}'");
|
||||
while($s = mysql_fetch_assoc($q)) {
|
||||
$q = $pdo->prepare("SELECT * FROM schools WHERE year='{$config['FAIRYEAR']}'");
|
||||
$q->execute();
|
||||
while($s = $q->fetch(PDO::FETCH_ASSOC) {
|
||||
/* Science head */
|
||||
if(trim($s['sciencehead']) != '') {
|
||||
$u = db_update_146_handle($s['sciencehead'],
|
||||
@ -50,7 +51,8 @@ function db_update_146_post()
|
||||
$s['scienceheadphone'],
|
||||
'teacher');
|
||||
if($u != false) {
|
||||
mysql_query("UPDATE schools SET sciencehead_uid='{$u['uid']}' WHERE id='{$s['id']}'");
|
||||
$stmt = $pdo->prepare("UPDATE schools SET sciencehead_uid='{$u['uid']}' WHERE id='{$s['id']}'");
|
||||
$stmt->execute();
|
||||
}
|
||||
}
|
||||
|
||||
@ -61,8 +63,9 @@ function db_update_146_post()
|
||||
$s['phone'],
|
||||
'principal');
|
||||
if($u != false) {
|
||||
mysql_query("UPDATE schools SET principal_uid='{$u['uid']}' WHERE id='{$s['id']}'");
|
||||
}
|
||||
$stmt = $pdo->prepare("UPDATE schools SET principal_uid='{$u['uid']}' WHERE id='{$s['id']}'");
|
||||
$stmt->execute();
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@ -131,8 +131,9 @@ function db146_user_load_sponsor(&$u)
|
||||
$u['sponsor_complete'] = ($u['sponsor_complete'] == 'yes') ? 'yes' : 'no';
|
||||
$u['sponsor_active'] = ($u['sponsor_active'] == 'yes') ? 'yes' : 'no';
|
||||
if($u['sponsors_id']) {
|
||||
$q=mysql_query("SELECT * FROM sponsors WHERE id='{$u['sponsors_id']}'");
|
||||
$u['sponsor']=mysql_fetch_assoc($q);
|
||||
$q=$pdo->prepare("SELECT * FROM sponsors WHERE id='{$u['sponsors_id']}'");
|
||||
$q->execute(0;)
|
||||
$u['sponsor']=$q->fetch(PDO::FETCH_ASSOC);
|
||||
}
|
||||
return true;
|
||||
}
|
||||
@ -185,16 +186,17 @@ function db146_user_load($user, $uid = false)
|
||||
$id = intval($user);
|
||||
$query .= " `users`.`id`='$id'";
|
||||
}
|
||||
$q=mysql_query($query);
|
||||
$q=$pdo->prepare($query);
|
||||
$q->execute();
|
||||
|
||||
if(mysql_num_rows($q)!=1) {
|
||||
// echo "Query [$query] returned ".mysql_num_rows($q)." rows\n";
|
||||
if($q->rowCount()!=1) {
|
||||
// echo "Query [$query] returned ".$q->rowCount()." rows\n";
|
||||
// echo "<pre>";
|
||||
// print_r(debug_backtrace());
|
||||
return false;
|
||||
}
|
||||
|
||||
$ret = mysql_fetch_assoc($q);
|
||||
$ret = $q->fetch(PDO::FETCH_ASSOC);
|
||||
|
||||
/* Make sure they're not deleted, we don't want to do this in the query, because loading by $uid would
|
||||
* simply return the previous year (where deleted=no) */
|
||||
@ -256,11 +258,12 @@ function db146_user_load_by_uid($uid)
|
||||
function db146_user_load_by_email($email)
|
||||
{
|
||||
/* Find the most recent uid for the email, regardless of deleted status */
|
||||
$e = mysql_real_escape_string($email);
|
||||
$q = mysql_query("SELECT uid FROM users WHERE email='$e' OR username='$e' ORDER BY year DESC LIMIT 1");
|
||||
$e = $email;
|
||||
$q = $pdo->prepare("SELECT uid FROM users WHERE email='$e' OR username='$e' ORDER BY year DESC LIMIT 1");
|
||||
$q->execute();
|
||||
|
||||
if(mysql_num_rows($q) == 1) {
|
||||
$i = mysql_fetch_assoc($q);
|
||||
if($q->rowCount() == 1) {
|
||||
$i = $q->fetch(PDO::FETCH_ASSOC);
|
||||
return db146_user_load_by_uid($i['uid']);
|
||||
}
|
||||
return false;
|
||||
@ -268,9 +271,10 @@ function db146_user_load_by_email($email)
|
||||
|
||||
function db146_user_load_by_uid_year($uid, $year)
|
||||
{
|
||||
$q = mysql_query("SELECT id FROM users WHERE uid='$uid' AND year <= '$year'");
|
||||
if(!mysql_num_rows($q)) return false;
|
||||
$i = mysql_fetch_assoc($q);
|
||||
$q = $pdo->prepare("SELECT id FROM users WHERE uid='$uid' AND year <= '$year'");
|
||||
$q->execute();
|
||||
if(!$q->rowCount()) return false;
|
||||
$i = $q->fetch(PDO::FETCH_ASSOC);
|
||||
return db146_user_load($i['id']);
|
||||
}
|
||||
|
||||
@ -279,8 +283,9 @@ function db146_user_set_password($id, $password = NULL)
|
||||
/* pass $u by reference so we can update it */
|
||||
$save_old = false;
|
||||
if($password == NULL) {
|
||||
$q = mysql_query("SELECT passwordset FROM users WHERE id='$id'");
|
||||
$u = mysql_fetch_assoc($q);
|
||||
$q = $pdo->prepare("SELECT passwordset FROM users WHERE id='$id'");
|
||||
$q->execute();
|
||||
$u = $q->fetch(PDO::FETCH_ASSOC);
|
||||
/* Generate a new password */
|
||||
$password = db146_user_generate_password(12);
|
||||
/* save the old password only if it's not an auto-generated one */
|
||||
@ -293,13 +298,14 @@ function db146_user_set_password($id, $password = NULL)
|
||||
$save_set = 'NOW()';
|
||||
}
|
||||
|
||||
$p = mysql_escape_string($password);
|
||||
$p = $password;
|
||||
$set = ($save_old == true) ? 'oldpassword=password, ' : '';
|
||||
$set .= "password='$p', passwordset=$save_set ";
|
||||
|
||||
$query = "UPDATE users SET $set WHERE id='$id'";
|
||||
mysql_query($query);
|
||||
echo mysql_error();
|
||||
$stmt = $pdo->prepare($query);
|
||||
$stmt->execute();
|
||||
echo $pdo->errorInfo();
|
||||
|
||||
return $password;
|
||||
}
|
||||
@ -323,17 +329,18 @@ function db146_user_save_type_list($u, $db, $fields)
|
||||
}
|
||||
|
||||
if(is_array($u[$f]))
|
||||
$data = mysql_escape_string(serialize($u[$f]));
|
||||
$data = serialize($u[$f]);
|
||||
else
|
||||
$data = mysql_escape_string(stripslashes($u[$f]));
|
||||
$data = stripslashes($u[$f]);
|
||||
|
||||
$set .= "`$f`='$data'";
|
||||
}
|
||||
if($set != "") {
|
||||
$query = "UPDATE $db SET $set WHERE users_id='{$u['id']}'";
|
||||
mysql_query($query);
|
||||
if(mysql_error()) {
|
||||
echo mysql_error();
|
||||
$stmt = $pdo->prepare($query);
|
||||
$stmt->execute();
|
||||
if($pdo->errorInfo()) {
|
||||
echo $pdo->errorInfo();
|
||||
echo error("Full query: $query");
|
||||
}
|
||||
}
|
||||
@ -409,7 +416,8 @@ function db146_user_save(&$u)
|
||||
exit;
|
||||
}
|
||||
//give em a record, the primary key on the table takes care of uniqueness
|
||||
$q=mysql_query("INSERT INTO users_$t (users_id) VALUES ('{$u['id']}')");
|
||||
$q=$pdo->prepare("INSERT INTO users_$t (users_id) VALUES ('{$u['id']}')");
|
||||
$q->execute();
|
||||
}
|
||||
|
||||
|
||||
@ -429,7 +437,7 @@ function db146_user_save(&$u)
|
||||
if($f == 'types')
|
||||
$set .= "$f='".implode(',', $u[$f])."'";
|
||||
else {
|
||||
$data = mysql_escape_string(stripslashes($u[$f]));
|
||||
$data = stripslashes($u[$f]);
|
||||
$set .= "$f='$data'";
|
||||
}
|
||||
}
|
||||
@ -438,9 +446,10 @@ function db146_user_save(&$u)
|
||||
// echo "</pre>";
|
||||
if($set != "") {
|
||||
$query = "UPDATE users SET $set WHERE id='{$u['id']}'";
|
||||
mysql_query($query);
|
||||
$stmt = $pdo->prepare($query);
|
||||
$stmt->execute();
|
||||
// echo "query=[$query]";
|
||||
echo mysql_error();
|
||||
echo $pdo->errorInfo();
|
||||
}
|
||||
|
||||
/* Save the password if it changed */
|
||||
@ -466,7 +475,8 @@ function db146_user_save(&$u)
|
||||
|
||||
function db146_user_delete_committee($u)
|
||||
{
|
||||
mysql_query("DELETE FROM committees_link WHERE users_uid='{$u['uid']}'");
|
||||
$stmt = $pdo->prepare("DELETE FROM committees_link WHERE users_uid='{$u['uid']}'");
|
||||
$stmt->execute();
|
||||
}
|
||||
|
||||
function db146_user_delete_volunteer($u)
|
||||
@ -477,8 +487,10 @@ function db146_user_delete_judge($u)
|
||||
{
|
||||
global $config;
|
||||
$id = $u['id'];
|
||||
mysql_query("DELETE FROM judges_teams_link WHERE users_id='$id'");
|
||||
mysql_query("DELETE FROM judges_specialawards_sel WHERE users_id='$id'");
|
||||
$stmt = $pdo->prepare("DELETE FROM judges_teams_link WHERE users_id='$id'");
|
||||
$stmt->execute();
|
||||
$stmt = $pdo->prepare("DELETE FROM judges_specialawards_sel WHERE users_id='$id'");
|
||||
$stmt->execute();
|
||||
}
|
||||
|
||||
function db146_user_delete_fair($u)
|
||||
@ -535,7 +547,8 @@ function db146_user_delete($u, $type=false)
|
||||
if($types != '') $types .= ',';
|
||||
$types .= $t;
|
||||
}
|
||||
mysql_query("UPDATE users SET types='$types' WHERE id='{$u['id']}'");
|
||||
$stmt = $pdo->prepare("UPDATE users SET types='$types' WHERE id='{$u['id']}'");
|
||||
$stmt->execute();
|
||||
} else {
|
||||
$finish_delete = true;
|
||||
}
|
||||
@ -548,7 +561,8 @@ function db146_user_delete($u, $type=false)
|
||||
$finish_delete = true;
|
||||
}
|
||||
if($finish_delete == true) {
|
||||
mysql_query("UPDATE users SET deleted='yes', deleteddatetime=NOW() WHERE id='{$u['id']}'");
|
||||
$stmt = $pdo->prepare("UPDATE users SET deleted='yes', deleteddatetime=NOW() WHERE id='{$u['id']}'");
|
||||
$stmt->execute();
|
||||
}
|
||||
}
|
||||
|
||||
@ -578,7 +592,8 @@ function db146_user_purge($u, $type=false)
|
||||
if($types != '') $types .= ',';
|
||||
$types .= $t;
|
||||
}
|
||||
mysql_query("UPDATE users SET types='$types' WHERE id='{$u['id']}'");
|
||||
$stmt = $pdo->prepare("UPDATE users SET types='$types' WHERE id='{$u['id']}'");
|
||||
$stmt->execute();
|
||||
} else {
|
||||
$finish_purge = true;
|
||||
}
|
||||
@ -586,18 +601,21 @@ function db146_user_purge($u, $type=false)
|
||||
* out the entry */
|
||||
call_user_func("db146_user_delete_$type", $u);
|
||||
// call_user_func("user_purge_$type", $u);
|
||||
mysql_query("DELETE FROM users_$type WHERE users_id='{$u['id']}'");
|
||||
$stmt = $pdo->prepare("DELETE FROM users_$type WHERE users_id='{$u['id']}'");
|
||||
$stmt->execute();
|
||||
} else {
|
||||
/* Delete the whole user */
|
||||
foreach($u['types'] as $t) {
|
||||
call_user_func("db146_user_delete_$t", $u);
|
||||
// call_user_func("user_purge_$t", $u);
|
||||
mysql_query("DELETE FROM users_$t WHERE users_id='{$u['id']}'");
|
||||
$stmt = $pdo->prepare("DELETE FROM users_$t WHERE users_id='{$u['id']}'");
|
||||
$stmt->execute();
|
||||
}
|
||||
$finish_purge = true;
|
||||
}
|
||||
if($finish_purge == true) {
|
||||
mysql_query("DELETE FROM users WHERE id='{$u['id']}'");
|
||||
$stmt = $pdo->prepare("DELETE FROM users WHERE id='{$u['id']}'");
|
||||
$stmt->execute();
|
||||
}
|
||||
}
|
||||
|
||||
@ -607,12 +625,13 @@ function db146_user_dupe_row($db, $key, $val, $newval)
|
||||
{
|
||||
global $config;
|
||||
$nullfields = array('deleteddatetime'); /* Fields that can be null */
|
||||
$q = mysql_query("SELECT * FROM $db WHERE $key='$val'");
|
||||
if(mysql_num_rows($q) != 1) {
|
||||
$q = $pdo->prepare("SELECT * FROM $db WHERE $key='$val'");
|
||||
$q->execute();
|
||||
if($q->rowCount() != 1) {
|
||||
echo "ERROR duplicating row in $db: $key=$val NOT FOUND.\n";
|
||||
exit;
|
||||
}
|
||||
$i = mysql_fetch_assoc($q);
|
||||
$i = $q->fetch(PDO::FETCH_ASSOC);
|
||||
$i[$key] = $newval;
|
||||
|
||||
foreach($i as $k=>$v) {
|
||||
@ -621,7 +640,7 @@ function db146_user_dupe_row($db, $key, $val, $newval)
|
||||
else if($k == 'year')
|
||||
$i[$k] = $config['FAIRYEAR'];
|
||||
else
|
||||
$i[$k] = '\''.mysql_escape_string($v).'\'';
|
||||
$i[$k] = '\''.$v.'\'';
|
||||
}
|
||||
|
||||
$keys = '`'.join('`,`', array_keys($i)).'`';
|
||||
@ -629,10 +648,11 @@ function db146_user_dupe_row($db, $key, $val, $newval)
|
||||
|
||||
$q = "INSERT INTO $db ($keys) VALUES ($vals)";
|
||||
// echo "Dupe Query: [$q]";
|
||||
$r = mysql_query($q);
|
||||
echo mysql_error();
|
||||
$r = $pdo->prepare($q);
|
||||
$r->execute();
|
||||
echo $pdo->errorInfo();
|
||||
|
||||
$id = mysql_insert_id();
|
||||
$id = $pdo->lastInsertId();
|
||||
return $id;
|
||||
}
|
||||
/* Used by the login scripts to copy one user from one year to another */
|
||||
@ -646,9 +666,10 @@ function db146_user_dupe($u, $new_year)
|
||||
* - That previous entry has deleted=no */
|
||||
|
||||
/* Find the last entry */
|
||||
$q = mysql_query("SELECT id,uid,year,deleted FROM users WHERE uid='{$u['uid']}'
|
||||
$q = $pdo->prepare("SELECT id,uid,year,deleted FROM users WHERE uid='{$u['uid']}'
|
||||
ORDER BY year DESC LIMIT 1");
|
||||
$r = mysql_fetch_object($q);
|
||||
$q->execute();
|
||||
$r = $q->fetch(PDO::FETCH_OBJ);
|
||||
if($r->deleted == 'yes') {
|
||||
echo "Cannot duplicate user ID {$u['id']}, they are deleted. Undelete them first.\n";
|
||||
exit;
|
||||
@ -659,8 +680,9 @@ function db146_user_dupe($u, $new_year)
|
||||
}
|
||||
|
||||
$id = db146_user_dupe_row('users', 'id', $u['id'], NULL);
|
||||
$q = mysql_query("UPDATE users SET year='$new_year' WHERE id='$id'");
|
||||
$q = $pdo->prepare("UPDATE users SET year='$new_year' WHERE id='$id'");
|
||||
|
||||
$q->execute();
|
||||
/* Load the new user */
|
||||
$u2 = db146_user_load($id);
|
||||
|
||||
@ -703,20 +725,25 @@ function db146_user_create($type, $username, $u = NULL)
|
||||
{
|
||||
global $config;
|
||||
if(!is_array($u)) {
|
||||
mysql_query("INSERT INTO users (`types`,`username`,`passwordset`,`created`,`year`)
|
||||
$stmt = $pdo->prepare("INSERT INTO users (`types`,`username`,`passwordset`,`created`,`year`)
|
||||
VALUES ('$type','$username','0000-00-00', NOW(), '{$config['FAIRYEAR']}')");
|
||||
echo mysql_error();
|
||||
$uid = mysql_insert_id();
|
||||
$stmt->execute();
|
||||
echo $pdo->errorInfo();
|
||||
$uid = $pdo->lastInsertId();
|
||||
if(db146_user_valid_email($username)) {
|
||||
mysql_query("UPDATE users SET email='$username' WHERE id='$uid'");
|
||||
}
|
||||
mysql_query("UPDATE users SET uid='$uid' WHERE id='$uid'");
|
||||
echo mysql_error();
|
||||
$stmt = $pdo->prepare("UPDATE users SET email='$username' WHERE id='$uid'");
|
||||
$stmt->execute();
|
||||
}
|
||||
|
||||
$stmt = $pdo->prepare("UPDATE users SET uid='$uid' WHERE id='$uid'");
|
||||
$stmt->execute();
|
||||
echo $pdo->errorInfo();
|
||||
db146_user_set_password($uid, NULL);
|
||||
/* Since the user already has a type, user_save won't create this
|
||||
* entry for us, so do it here */
|
||||
mysql_query("INSERT INTO users_$type (users_id) VALUES('$uid')");
|
||||
echo mysql_error();
|
||||
$stmt = $pdo->prepare("INSERT INTO users_$type (users_id) VALUES('$uid')");
|
||||
$stmt->execute();
|
||||
echo $pdo->errorInfo();
|
||||
/* Load the complete user */
|
||||
$u = db146_user_load($uid);
|
||||
} else {
|
||||
|
||||
@ -3,8 +3,9 @@
|
||||
include "db.update.149.user.inc.php";
|
||||
|
||||
function db_update_149_post() {
|
||||
$q=mysql_query("SELECT * FROM emergencycontact");
|
||||
while($r=mysql_fetch_object($q)) {
|
||||
$q=$pdo->prepare("SELECT * FROM emergencycontact");
|
||||
$q->execute();
|
||||
while($r=$q->fetch(PDO::FETCH_OBJ))) {
|
||||
$relation=strtolower(trim($r->relation));
|
||||
if( levenshtein('parent',$relation)<2
|
||||
|| levenshtein('mother',$relation)<3
|
||||
|
||||
@ -131,8 +131,9 @@ function db149_user_load_sponsor(&$u)
|
||||
$u['sponsor_complete'] = ($u['sponsor_complete'] == 'yes') ? 'yes' : 'no';
|
||||
$u['sponsor_active'] = ($u['sponsor_active'] == 'yes') ? 'yes' : 'no';
|
||||
if($u['sponsors_id']) {
|
||||
$q=mysql_query("SELECT * FROM sponsors WHERE id='{$u['sponsors_id']}'");
|
||||
$u['sponsor']=mysql_fetch_assoc($q);
|
||||
$q=$pdo->prepare("SELECT * FROM sponsors WHERE id='{$u['sponsors_id']}'");
|
||||
$q->execute();
|
||||
$u['sponsor']=$q->fetch(PDO::FETCH_ASSOC);
|
||||
}
|
||||
return true;
|
||||
}
|
||||
@ -185,16 +186,16 @@ function db149_user_load($user, $uid = false)
|
||||
$id = intval($user);
|
||||
$query .= " `users`.`id`='$id'";
|
||||
}
|
||||
$q=mysql_query($query);
|
||||
|
||||
if(mysql_num_rows($q)!=1) {
|
||||
// echo "Query [$query] returned ".mysql_num_rows($q)." rows\n";
|
||||
$q=$pdo->prepare($query);
|
||||
$q->execute();
|
||||
if($q->rowCount()!=1) {
|
||||
// echo "Query [$query] returned ".$q->rowCount()." rows\n";
|
||||
// echo "<pre>";
|
||||
// print_r(debug_backtrace());
|
||||
return false;
|
||||
}
|
||||
|
||||
$ret = mysql_fetch_assoc($q);
|
||||
$ret = $q->fetch(PDO::FETCH_ASSOC);
|
||||
|
||||
/* Make sure they're not deleted, we don't want to do this in the query, because loading by $uid would
|
||||
* simply return the previous year (where deleted=no) */
|
||||
@ -256,11 +257,12 @@ function db149_user_load_by_uid($uid)
|
||||
function db149_user_load_by_email($email)
|
||||
{
|
||||
/* Find the most recent uid for the email, regardless of deleted status */
|
||||
$e = mysql_real_escape_string($email);
|
||||
$q = mysql_query("SELECT uid FROM users WHERE email='$e' OR username='$e' ORDER BY year DESC LIMIT 1");
|
||||
$e = $email;
|
||||
$q = $pdo->prepare("SELECT uid FROM users WHERE email='$e' OR username='$e' ORDER BY year DESC LIMIT 1");
|
||||
$q->execute();
|
||||
|
||||
if(mysql_num_rows($q) == 1) {
|
||||
$i = mysql_fetch_assoc($q);
|
||||
if($q->rowCount() == 1) {
|
||||
$i = $q->fetch(PDO::FETCH_ASSOC);
|
||||
return db149_user_load_by_uid($i['uid']);
|
||||
}
|
||||
return false;
|
||||
@ -268,9 +270,10 @@ function db149_user_load_by_email($email)
|
||||
|
||||
function db149_user_load_by_uid_year($uid, $year)
|
||||
{
|
||||
$q = mysql_query("SELECT id FROM users WHERE uid='$uid' AND year <= '$year'");
|
||||
if(!mysql_num_rows($q)) return false;
|
||||
$i = mysql_fetch_assoc($q);
|
||||
$q = $pdo->prepare("SELECT id FROM users WHERE uid='$uid' AND year <= '$year'");
|
||||
$q->execute();
|
||||
if(!$q->rowCount()) return false;
|
||||
$i = $q->fetch(PDO::FETCH_ASSOC);
|
||||
return db149_user_load($i['id']);
|
||||
}
|
||||
|
||||
@ -279,8 +282,9 @@ function db149_user_set_password($id, $password = NULL)
|
||||
/* pass $u by reference so we can update it */
|
||||
$save_old = false;
|
||||
if($password == NULL) {
|
||||
$q = mysql_query("SELECT passwordset FROM users WHERE id='$id'");
|
||||
$u = mysql_fetch_assoc($q);
|
||||
$q = $pdo->prepare("SELECT passwordset FROM users WHERE id='$id'");
|
||||
$q->execute();
|
||||
$u = $q->fetch(PDO::FETCH_ASSOC);
|
||||
/* Generate a new password */
|
||||
$password = db149_user_generate_password(12);
|
||||
/* save the old password only if it's not an auto-generated one */
|
||||
@ -293,13 +297,14 @@ function db149_user_set_password($id, $password = NULL)
|
||||
$save_set = 'NOW()';
|
||||
}
|
||||
|
||||
$p = mysql_escape_string($password);
|
||||
$p = $password;
|
||||
$set = ($save_old == true) ? 'oldpassword=password, ' : '';
|
||||
$set .= "password='$p', passwordset=$save_set ";
|
||||
|
||||
$query = "UPDATE users SET $set WHERE id='$id'";
|
||||
mysql_query($query);
|
||||
echo mysql_error();
|
||||
$stmt = $pdo->prepare($query);
|
||||
$stmt->execute();
|
||||
echo $pdo->errorInfo();
|
||||
|
||||
return $password;
|
||||
}
|
||||
@ -323,17 +328,18 @@ function db149_user_save_type_list($u, $db, $fields)
|
||||
}
|
||||
|
||||
if(is_array($u[$f]))
|
||||
$data = mysql_escape_string(serialize($u[$f]));
|
||||
$data = serialize($u[$f]);
|
||||
else
|
||||
$data = mysql_escape_string(stripslashes($u[$f]));
|
||||
$data = stripslashes($u[$f]);
|
||||
|
||||
$set .= "`$f`='$data'";
|
||||
}
|
||||
if($set != "") {
|
||||
$query = "UPDATE $db SET $set WHERE users_id='{$u['id']}'";
|
||||
mysql_query($query);
|
||||
if(mysql_error()) {
|
||||
echo mysql_error();
|
||||
$stmt = $pdo->prepare($query);
|
||||
$stmt->execute();
|
||||
if($pdo->errorInfo()) {
|
||||
echo $pdo->errorInfo();
|
||||
echo error("Full query: $query");
|
||||
}
|
||||
}
|
||||
@ -409,7 +415,8 @@ function db149_user_save(&$u)
|
||||
exit;
|
||||
}
|
||||
//give em a record, the primary key on the table takes care of uniqueness
|
||||
$q=mysql_query("INSERT INTO users_$t (users_id) VALUES ('{$u['id']}')");
|
||||
$q=$pdo->prepare("INSERT INTO users_$t (users_id) VALUES ('{$u['id']}')");
|
||||
$q->execute();
|
||||
}
|
||||
|
||||
|
||||
@ -429,7 +436,7 @@ function db149_user_save(&$u)
|
||||
if($f == 'types')
|
||||
$set .= "$f='".implode(',', $u[$f])."'";
|
||||
else {
|
||||
$data = mysql_escape_string(stripslashes($u[$f]));
|
||||
$data = stripslashes($u[$f]);
|
||||
$set .= "$f='$data'";
|
||||
}
|
||||
}
|
||||
@ -438,9 +445,10 @@ function db149_user_save(&$u)
|
||||
// echo "</pre>";
|
||||
if($set != "") {
|
||||
$query = "UPDATE users SET $set WHERE id='{$u['id']}'";
|
||||
mysql_query($query);
|
||||
$stmt = $pdo->prepare($query);
|
||||
$stmt->execute();
|
||||
// echo "query=[$query]";
|
||||
echo mysql_error();
|
||||
echo $pdo->errorInfo();
|
||||
}
|
||||
|
||||
/* Save the password if it changed */
|
||||
@ -466,8 +474,9 @@ function db149_user_save(&$u)
|
||||
|
||||
function db149_user_delete_committee($u)
|
||||
{
|
||||
mysql_query("DELETE FROM committees_link WHERE users_uid='{$u['uid']}'");
|
||||
}
|
||||
$stmt = $pdo->prepare("DELETE FROM committees_link WHERE users_uid='{$u['uid']}'");
|
||||
$stmt->execute();}
|
||||
|
||||
|
||||
function db149_user_delete_volunteer($u)
|
||||
{
|
||||
@ -477,9 +486,11 @@ function db149_user_delete_judge($u)
|
||||
{
|
||||
global $config;
|
||||
$id = $u['id'];
|
||||
mysql_query("DELETE FROM judges_teams_link WHERE users_id='$id'");
|
||||
mysql_query("DELETE FROM judges_specialawards_sel WHERE users_id='$id'");
|
||||
}
|
||||
$stmt = $pdo->prepare("DELETE FROM judges_teams_link WHERE users_id='$id'");
|
||||
$stmt->execute();
|
||||
$stmt = $pdo->prepare("DELETE FROM judges_specialawards_sel WHERE users_id='$id'");
|
||||
$stmt->execute();}
|
||||
|
||||
|
||||
function db149_user_delete_fair($u)
|
||||
{
|
||||
@ -535,7 +546,8 @@ function db149_user_delete($u, $type=false)
|
||||
if($types != '') $types .= ',';
|
||||
$types .= $t;
|
||||
}
|
||||
mysql_query("UPDATE users SET types='$types' WHERE id='{$u['id']}'");
|
||||
$stmt = $pdo->prepare("UPDATE users SET types='$types' WHERE id='{$u['id']}'");
|
||||
$stmt->execute();
|
||||
} else {
|
||||
$finish_delete = true;
|
||||
}
|
||||
@ -548,7 +560,8 @@ function db149_user_delete($u, $type=false)
|
||||
$finish_delete = true;
|
||||
}
|
||||
if($finish_delete == true) {
|
||||
mysql_query("UPDATE users SET deleted='yes', deleteddatetime=NOW() WHERE id='{$u['id']}'");
|
||||
$stmt = $pdo->prepare("UPDATE users SET deleted='yes', deleteddatetime=NOW() WHERE id='{$u['id']}'");
|
||||
$stmt->execute();
|
||||
}
|
||||
}
|
||||
|
||||
@ -578,7 +591,8 @@ function db149_user_purge($u, $type=false)
|
||||
if($types != '') $types .= ',';
|
||||
$types .= $t;
|
||||
}
|
||||
mysql_query("UPDATE users SET types='$types' WHERE id='{$u['id']}'");
|
||||
$stmt = $pdo->prepare("UPDATE users SET types='$types' WHERE id='{$u['id']}'");
|
||||
$stmt->execute();
|
||||
} else {
|
||||
$finish_purge = true;
|
||||
}
|
||||
@ -586,18 +600,21 @@ function db149_user_purge($u, $type=false)
|
||||
* out the entry */
|
||||
call_user_func("db149_user_delete_$type", $u);
|
||||
// call_user_func("user_purge_$type", $u);
|
||||
mysql_query("DELETE FROM users_$type WHERE users_id='{$u['id']}'");
|
||||
$stmt = $pdo->prepare("DELETE FROM users_$type WHERE users_id='{$u['id']}'");
|
||||
$stmt->execute();
|
||||
} else {
|
||||
/* Delete the whole user */
|
||||
foreach($u['types'] as $t) {
|
||||
call_user_func("db149_user_delete_$t", $u);
|
||||
// call_user_func("user_purge_$t", $u);
|
||||
mysql_query("DELETE FROM users_$t WHERE users_id='{$u['id']}'");
|
||||
$stmt = $pdo->prepare("DELETE FROM users_$t WHERE users_id='{$u['id']}'");
|
||||
$stmt->execute();
|
||||
}
|
||||
$finish_purge = true;
|
||||
}
|
||||
if($finish_purge == true) {
|
||||
mysql_query("DELETE FROM users WHERE id='{$u['id']}'");
|
||||
$stmt = $pdo->prepare("DELETE FROM users WHERE id='{$u['id']}'");
|
||||
$stmt->execute();
|
||||
}
|
||||
}
|
||||
|
||||
@ -607,12 +624,13 @@ function db149_user_dupe_row($db, $key, $val, $newval)
|
||||
{
|
||||
global $config;
|
||||
$nullfields = array('deleteddatetime'); /* Fields that can be null */
|
||||
$q = mysql_query("SELECT * FROM $db WHERE $key='$val'");
|
||||
if(mysql_num_rows($q) != 1) {
|
||||
$q = $pdo->prepare("SELECT * FROM $db WHERE $key='$val'");
|
||||
$q->exectue();
|
||||
if($q->rowCount() != 1) {
|
||||
echo "ERROR duplicating row in $db: $key=$val NOT FOUND.\n";
|
||||
exit;
|
||||
}
|
||||
$i = mysql_fetch_assoc($q);
|
||||
$i = $q->fetch(PDO::FETCH_ASSOC);
|
||||
$i[$key] = $newval;
|
||||
|
||||
foreach($i as $k=>$v) {
|
||||
@ -621,7 +639,7 @@ function db149_user_dupe_row($db, $key, $val, $newval)
|
||||
else if($k == 'year')
|
||||
$i[$k] = $config['FAIRYEAR'];
|
||||
else
|
||||
$i[$k] = '\''.mysql_escape_string($v).'\'';
|
||||
$i[$k] = '\''.$v.'\'';
|
||||
}
|
||||
|
||||
$keys = '`'.join('`,`', array_keys($i)).'`';
|
||||
@ -629,10 +647,11 @@ function db149_user_dupe_row($db, $key, $val, $newval)
|
||||
|
||||
$q = "INSERT INTO $db ($keys) VALUES ($vals)";
|
||||
// echo "Dupe Query: [$q]";
|
||||
$r = mysql_query($q);
|
||||
echo mysql_error();
|
||||
$r = $pdo->prepare($q);
|
||||
$r->execute(0;)
|
||||
echo $pdo->errorInfo();
|
||||
|
||||
$id = mysql_insert_id();
|
||||
$id = $pdo->lastInsertId();
|
||||
return $id;
|
||||
}
|
||||
/* Used by the login scripts to copy one user from one year to another */
|
||||
@ -646,9 +665,10 @@ function db149_user_dupe($u, $new_year)
|
||||
* - That previous entry has deleted=no */
|
||||
|
||||
/* Find the last entry */
|
||||
$q = mysql_query("SELECT id,uid,year,deleted FROM users WHERE uid='{$u['uid']}'
|
||||
$q = $pdo->prepare("SELECT id,uid,year,deleted FROM users WHERE uid='{$u['uid']}'
|
||||
ORDER BY year DESC LIMIT 1");
|
||||
$r = mysql_fetch_object($q);
|
||||
$q->execute();
|
||||
$r = $q->fetch(PDO::FETCH_OBJ);
|
||||
if($r->deleted == 'yes') {
|
||||
echo "Cannot duplicate user ID {$u['id']}, they are deleted. Undelete them first.\n";
|
||||
exit;
|
||||
@ -659,8 +679,8 @@ function db149_user_dupe($u, $new_year)
|
||||
}
|
||||
|
||||
$id = db149_user_dupe_row('users', 'id', $u['id'], NULL);
|
||||
$q = mysql_query("UPDATE users SET year='$new_year' WHERE id='$id'");
|
||||
|
||||
$q = $pdo->prepare("UPDATE users SET year='$new_year' WHERE id='$id'");
|
||||
$q->execute();
|
||||
/* Load the new user */
|
||||
$u2 = db149_user_load($id);
|
||||
|
||||
@ -703,20 +723,32 @@ function db149_user_create($type, $username, $u = NULL)
|
||||
{
|
||||
global $config;
|
||||
if(!is_array($u)) {
|
||||
mysql_query("INSERT INTO users (`types`,`username`,`passwordset`,`created`,`year`)
|
||||
$stmt = $pdo->prepare("INSERT INTO users (`types`,`username`,`passwordset`,`created`,`year`)
|
||||
|
||||
|
||||
VALUES ('$type','$username','0000-00-00', NOW(), '{$config['FAIRYEAR']}')");
|
||||
echo mysql_error();
|
||||
$uid = mysql_insert_id();
|
||||
$stmt->execute();
|
||||
echo $pdo->errorInfo();
|
||||
$uid = $pdo->lastInsertId();
|
||||
if(db149_user_valid_email($username)) {
|
||||
mysql_query("UPDATE users SET email='$username' WHERE id='$uid'");
|
||||
$stmt = $pdo->prepare("UPDATE users SET email='$username' WHERE id='$uid'");
|
||||
}
|
||||
mysql_query("UPDATE users SET uid='$uid' WHERE id='$uid'");
|
||||
echo mysql_error();
|
||||
|
||||
|
||||
|
||||
$stmt = $pdo->prepare("UPDATE users SET uid='$uid' WHERE id='$uid'");
|
||||
$stmt->execute();
|
||||
|
||||
echo $pdo->errorInfo();
|
||||
|
||||
db149_user_set_password($uid, NULL);
|
||||
/* Since the user already has a type, user_save won't create this
|
||||
* entry for us, so do it here */
|
||||
mysql_query("INSERT INTO users_$type (users_id) VALUES('$uid')");
|
||||
echo mysql_error();
|
||||
$stmt = $pdo->prepare("INSERT INTO users_$type (users_id) VALUES('$uid')");
|
||||
$stmt->execute();
|
||||
|
||||
echo $pdo->errorInfo();
|
||||
|
||||
/* Load the complete user */
|
||||
$u = db149_user_load($uid);
|
||||
} else {
|
||||
|
||||
@ -2,14 +2,16 @@
|
||||
|
||||
function db_update_155_post() {
|
||||
//we need to query the stuff from the table
|
||||
$q=mysql_query("SELECT * FROM emails");
|
||||
while($r=mysql_fetch_object($q)) {
|
||||
$q=$pdo->prepare("SELECT * FROM emails");
|
||||
$q->execute();
|
||||
while($r=$q->fetch(PDO::FETCH_OBJ)) {
|
||||
echo "Updating email id $r->id\n";
|
||||
mysql_query("UPDATE emails SET
|
||||
body='".mysql_real_escape_string(iconv("ISO-8859-1","UTF-8//TRANSLIT",$r->body))."' ,
|
||||
bodyhtml='".mysql_real_escape_string(iconv("ISO-8859-1","UTF-8//TRANSLIT",$r->bodyhtml))."' ,
|
||||
subject='".mysql_real_escape_string(iconv("ISO-8859-1","UTF-8//TRANSLIT",$r->subject))."'
|
||||
$stmt = $pdo->prepare("UPDATE emails SET
|
||||
body='".iconv("ISO-8859-1","UTF-8//TRANSLIT",$r->body)."' ,
|
||||
bodyhtml='".iconv("ISO-8859-1","UTF-8//TRANSLIT",$r->bodyhtml)."' ,
|
||||
subject='".iconv("ISO-8859-1","UTF-8//TRANSLIT",$r->subject)."'
|
||||
WHERE id='$r->id'");
|
||||
$stmt->execute();
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@ -3,11 +3,12 @@ function db_update_174_post()
|
||||
{
|
||||
global $config;
|
||||
|
||||
$q = mysql_query("SELECT * FROM users WHERE deleted = 'yes'");
|
||||
while($row = mysql_fetch_assoc($q)){
|
||||
$q = $pdo->prepare("SELECT * FROM users WHERE deleted = 'yes'");
|
||||
while($row = $q->fetch(PDO::FETCH_ASSOC)){
|
||||
echo "Flagging user records prior to " . $row['year'] . " for user " . $row['uid'] . " as deleted - ";
|
||||
mysql_query("UPDATE users SET deleted = 'yes' WHERE uid = " . $row['uid'] . " AND year < " . $row['year']);
|
||||
echo mysql_affected_rows() . " rows affected.\n";
|
||||
$stmt = $pdo->prepare("UPDATE users SET deleted = 'yes' WHERE uid = " . $row['uid'] . " AND year < " . $row['year']);
|
||||
$stmt->execute();
|
||||
echo $pdo->rowCount() . " rows affected.\n";
|
||||
}
|
||||
}
|
||||
?>
|
||||
|
||||
@ -9,19 +9,21 @@ function db_update_75_post()
|
||||
{
|
||||
global $config;
|
||||
|
||||
$q = mysql_query("SELECT id FROM users WHERE types LIKE '%committee%'");
|
||||
$q = $pdo->prepare("SELECT id FROM users WHERE types LIKE '%committee%'");
|
||||
$q->execute();
|
||||
|
||||
$x = 0;
|
||||
while($i = mysql_fetch_object($q)) {
|
||||
while($i = $q->fetch(PDO::FETCH_OBJ)) {
|
||||
$uid = $i->id;
|
||||
|
||||
$sid = array(9, 36, -1, -2, 17, 19, 16, 30, 26, 27,
|
||||
28, -3, 21, 22, -4, -6, 29, -8, -9);
|
||||
foreach($sid as $s) {
|
||||
if($s > 0) {
|
||||
$qq = mysql_query("SELECT id FROM reports WHERE
|
||||
$qq = $pdo->prepare("SELECT id FROM reports WHERE
|
||||
system_report_id='$s'");
|
||||
$ii = mysql_fetch_object($qq);
|
||||
$qq->execute();
|
||||
$ii = $qq->fetch(PDO::FETCH_OBJ);
|
||||
$rid[$x] = $ii->id;
|
||||
} else {
|
||||
$rid[$x] = $s;
|
||||
@ -55,7 +57,8 @@ function db_update_75_post()
|
||||
echo $qq;
|
||||
echo "\n\n";
|
||||
|
||||
mysql_query($qq);
|
||||
$stmt = $pdo->prepare($qq);
|
||||
$stmt->execute();
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@ -6,18 +6,20 @@ function db_update_76_pre()
|
||||
* types link. Right now this can only happen with committee members
|
||||
* and volunteers */
|
||||
|
||||
$q = mysql_query("SELECT DISTINCT username FROM users WHERE 1");
|
||||
while($r = mysql_fetch_assoc($q)) {
|
||||
$q = $pdo->prepare("SELECT DISTINCT username FROM users WHERE 1");
|
||||
$q->execute();
|
||||
while($r = $q->fetch(PDO::FETCH_ASSOC)) {
|
||||
$user = $r['username'];
|
||||
if($user == '') continue;
|
||||
|
||||
$qq = mysql_query("SELECT * FROM users WHERE username='$user'");
|
||||
if(mysql_num_rows($qq) <= 1) continue;
|
||||
$qq = $pdo->prepare("SELECT * FROM users WHERE username='$user'");
|
||||
$qq->execute();
|
||||
if($qq->rowCount() <= 1) continue;
|
||||
|
||||
/* Fix $user */
|
||||
|
||||
/* Load all their data */
|
||||
while($rr = mysql_fetch_assoc($qq)) {
|
||||
while($rr = $qq->fetch(PDO::FETCH_ASSOC)) {
|
||||
$types = explode(',', $rr['types']);
|
||||
foreach($types as $t) {
|
||||
$u[$t] = $rr;
|
||||
@ -46,27 +48,30 @@ function db_update_76_pre()
|
||||
$query = "`types`='committee,volunteer'";
|
||||
foreach($fields as $f) {
|
||||
if($u['committee'][$f] == '' && $u['volunteer'][$f] != '') {
|
||||
$v = mysql_escape_string($u['volunteer'][$f]);
|
||||
$v = $u['volunteer'][$f];
|
||||
$query .= ",`$f`='$v'";
|
||||
}
|
||||
}
|
||||
|
||||
$query = "UPDATE users SET $query WHERE id='$cid'";
|
||||
echo "$query\n";
|
||||
mysql_query($query);
|
||||
$stmt = $pdo->prepare($query);
|
||||
$stmt->execute();
|
||||
|
||||
/* Now fix the volunteers links */
|
||||
$query = "UPDATE volunteer_positions_signup SET users_id='$cid' WHERE users_id='$vid'";
|
||||
echo "$query\n";
|
||||
mysql_query($query);
|
||||
|
||||
$stmt = $pdo->prepare($query);
|
||||
$stmt->execute();
|
||||
/* The user_volunteer table is empty, we should just delete it,
|
||||
* no need to update it */
|
||||
|
||||
/* Delete the old user */
|
||||
$query = "DELETE FROM users WHERE id='$vid'";
|
||||
echo "$query\n";
|
||||
mysql_query($query);
|
||||
$stmt = $pdo->prepare($query);
|
||||
$stmt->execute();
|
||||
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@ -3,8 +3,8 @@ function db_update_87_post()
|
||||
{
|
||||
global $config;
|
||||
|
||||
$q = mysql_query("SELECT id,types,passwordset FROM users");
|
||||
while($i = mysql_fetch_object($q)) {
|
||||
$q = $pdo->prepare("SELECT id,types,passwordset FROM users");
|
||||
while($i = $q->fetch(PDO::FETCH_OBJ)) {
|
||||
$id = $i->id;
|
||||
$types = explode(',', $i->types);
|
||||
$expiry = $i->passwordset;
|
||||
@ -40,7 +40,8 @@ function db_update_87_post()
|
||||
if($newval != false) {
|
||||
$query = "UPDATE users SET passwordset=$newval WHERE id='$id'";
|
||||
echo "$query\n";
|
||||
mysql_query($query);
|
||||
$stmt = $pdo->prepare($query);
|
||||
$stmt->execute();
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@ -7,6 +7,7 @@ if(!function_exists("system")) {
|
||||
//include the config.inc.php
|
||||
//so we have the db connection info
|
||||
require("../data/config.inc.php");
|
||||
require("../common.inc.php");
|
||||
echo "<pre>\n";
|
||||
if(file_exists("db.code.version.txt"))
|
||||
{
|
||||
@ -22,11 +23,12 @@ else
|
||||
//same fix here for mysql 5.1 not truncating the 16 char usernames
|
||||
$DBUSER=substr($DBUSER,0,16);
|
||||
|
||||
mysql_connect($DBHOST,$DBUSER,$DBPASS);
|
||||
mysql_select_db($DBNAME);
|
||||
@mysql_query("SET NAMES latin1");
|
||||
$q=mysql_query("SELECT val FROM config WHERE var='DBVERSION' AND year='0'");
|
||||
$r=mysql_fetch_object($q);
|
||||
|
||||
$stmt = $pdo->prepare("SET NAMES latin1");
|
||||
$stmt->execute();
|
||||
$q=$pdo->prepare("SELECT val FROM config WHERE var='DBVERSION' AND year='0'");
|
||||
$q->execute();
|
||||
$r=$q->fetch(PDO::FETCH_OBJ);
|
||||
$dbdbversion=$r->val;
|
||||
if(!$dbdbversion)
|
||||
{
|
||||
@ -35,13 +37,15 @@ if(!$dbdbversion)
|
||||
}
|
||||
|
||||
/* Get the fair year */
|
||||
$q=mysql_query("SELECT val FROM config WHERE var='FAIRYEAR' AND year='0'");
|
||||
$r=mysql_fetch_object($q);
|
||||
$q=$pdo->prepare("SELECT val FROM config WHERE var='FAIRYEAR' AND year='0'");
|
||||
$q->execute();
|
||||
$r=$q->fetch(PDO::FETCH_OBJ);
|
||||
$config = array('FAIRYEAR' => $r->val);
|
||||
|
||||
/* Load config just in case there's a PHP script that wants it */
|
||||
$q=mysql_query("SELECT * FROM config WHERE year='{$config['FAIRYEAR']}'");
|
||||
while($r=mysql_fetch_object($q)) $config[$r->var]=$r->val;
|
||||
$q=$pdo->prepare("SELECT * FROM config WHERE year='{$config['FAIRYEAR']}'");
|
||||
$q->execute();
|
||||
while($r=$q->fetch(PDO::FETCH_OBJ)) $config[$r->var]=$r->val;
|
||||
|
||||
|
||||
require_once("../config_editor.inc.php"); // For config_update_variables()
|
||||
@ -111,8 +115,8 @@ if($dbcodeversion && $dbdbversion)
|
||||
if (substr(trim($line), -1, 1) == ';')
|
||||
{
|
||||
// Perform the query
|
||||
if(!mysql_query($templine)){
|
||||
echo('<br/>Error performing query!<br/>'.$templine.'<br/> mysqlerror: '.mysql_error().'<br /><br />');
|
||||
if(!$pdo->query($templine)){
|
||||
echo('<br/>Error performing query!<br/>'.$templine.'<br/> mysqlerror: '.$pdo->errorInfo().'<br /><br />');
|
||||
$error_count += 1;
|
||||
$exit_code = -1; // do we bail out here or keep going? keep going for now, get all errors
|
||||
}
|
||||
@ -145,8 +149,8 @@ if($dbcodeversion && $dbdbversion)
|
||||
}
|
||||
|
||||
echo "\nAll done - updating new DB version to $dbcodeversion\n";
|
||||
mysql_query("UPDATE config SET val='$dbcodeversion' WHERE var='DBVERSION' AND year='0'");
|
||||
|
||||
$stmt = $pdo->prepare("UPDATE config SET val='$dbcodeversion' WHERE var='DBVERSION' AND year='0'");
|
||||
$stmt->execute();
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@ -23,10 +23,11 @@
|
||||
*/
|
||||
|
||||
require_once("../../../../../data/config.inc.php");
|
||||
mysql_connect($DBHOST,$DBUSER,$DBPASS);
|
||||
mysql_select_db($DBNAME);
|
||||
$q=mysql_query("SELECT * FROM config WHERE var='SFIABDIRECTORY'");
|
||||
$r=mysql_fetch_object($q);
|
||||
require("../../../../../common.inc.php");
|
||||
|
||||
$q=$pdo->prepare("SELECT * FROM config WHERE var='SFIABDIRECTORY'");
|
||||
$q->execute();
|
||||
$r=$q->fetch(PDO::FETCH_OBJ);
|
||||
$config_sfiabdirectory=$r->val;
|
||||
|
||||
global $Config ;
|
||||
|
||||
14
install3.php
14
install3.php
@ -80,7 +80,7 @@ if(pdo->errorInfo)
|
||||
|
||||
}
|
||||
//1 is okay (DBVERSION). More than 1 is bad (already isntalled)
|
||||
if(mysql_num_rows($q)>1)
|
||||
if($q->rowCount()>1)
|
||||
{
|
||||
//we say all tables, but really only we check for config where year=0;
|
||||
echo "<div class=\"error\">ERROR: Detected existing table data, SFIAB Installation Step 3 requires a clean SFIAB database installation.</div>";
|
||||
@ -209,17 +209,17 @@ $stmt->execute([
|
||||
|
||||
$u = user_create('committee',$_POST['email']);
|
||||
if($_POST['firstname'] && $_POST['lastname']) {
|
||||
$u['firstname']=mysql_escape_string(stripslashes($_POST['firstname']));
|
||||
$u['lastname']=mysql_escape_string(stripslashes($_POST['lastname']));
|
||||
$u['firstname']=stripslashes($_POST['firstname']);
|
||||
$u['lastname']=stripslashes($_POST['lastname']);
|
||||
}
|
||||
else {
|
||||
$u['firstname'] = 'Superuser';
|
||||
$u['lastname'] = 'Account';
|
||||
}
|
||||
$u['emailprivate'] = mysql_escape_string(stripslashes($_POST['email']));
|
||||
$u['email'] = mysql_escape_string(stripslashes($_POST['email']));
|
||||
$u['username'] = mysql_escape_string(stripslashes($_POST['email']));
|
||||
$u['password'] = mysql_escape_string(stripslashes($_POST['pass1']));
|
||||
$u['emailprivate'] = stripslashes($_POST['email']);
|
||||
$u['email'] = stripslashes($_POST['email']);
|
||||
$u['username'] = stripslashes($_POST['email']);
|
||||
$u['password'] = stripslashes($_POST['pass1']);
|
||||
$u['access_admin'] = 'yes';
|
||||
$u['access_config'] = 'yes';
|
||||
$u['access_super'] = 'yes';
|
||||
|
||||
@ -114,7 +114,8 @@ if($_GET['year'] && $_GET['type']) {
|
||||
}
|
||||
}
|
||||
// Still have to find the PDO equivalent
|
||||
mysql_data_seek($pq, 0);
|
||||
//mysql_data_seek($pq, 0);
|
||||
$pq->fetch(PDO::FETCH_ORI_ABS(0));
|
||||
}
|
||||
if($show_unawarded_awards=="yes" || $awarded_count > 0)
|
||||
{
|
||||
|
||||
Loading…
Reference in New Issue
Block a user