numRows($db->query($sql)) != 1) { header('Location: ' . Config::$sys_url . '?page=error'); die("This newsitem doesnt exist."); } // It did, yay! - Lets fetch it, and return it. return $db->fetchAll($db->query($sql))[0]; } public static function NewsList() { // newsadmin $db = new DBClass(); $sql = "SELECT news.*,users.realname FROM `news` JOIN users ON news.author = users.id ORDER BY `id` DESC"; return $db->fetchAll($db->query($sql)); } public static function publicNewsList() { $db = new DBClass(); $sql = "SELECT news.*,users.realname FROM `news` JOIN users ON news.author = users.id ORDER BY `id` DESC LIMIT 5"; return $db->fetchAll($db->query($sql)); } /* Event functions */ public static function ViewEvent($id) { /* Here we sanitize the userinput. We only allow numbers here. * - Filter the variable to remove anything but numbers (plusses and minusses) * However, the filter_var needs us to trim the output first, as we dont want nullbytes. */ $eventitem = filter_var(trim($id), FILTER_SANITIZE_NUMBER_INT); // Get the news $db = new DBClass(); $sql = "SELECT * FROM `events` WHERE `id` = $eventitem"; // Check if this eventitem exists - If not, we 404 if ($db->numRows($db->query($sql)) != 1) { header('Location: ' . Config::$sys_url . '?page=error'); die("This newsitem doesnt exist."); } // It did, yay! - Lets fetch it, and return it. return $db->fetchAll($db->query($sql))[0]; } public static function EventList() { // eventadmin $db = new DBClass(); $sql = "SELECT * FROM `events` ORDER BY `id` DESC"; return $db->fetchAll($db->query($sql)); } public static function publicEventList() { $db = new DBClass(); $time = new DateTime(); $sql = "SELECT * FROM `events` WHERE `time` > ".$time->getTimestamp()." ORDER BY `time` ASC"; return $db->fetchAll($db->query($sql)); } public static function publicOldEventList() { $db = new DBClass(); $time = new DateTime(); $sql = "SELECT * FROM `events` WHERE `time` < ".$time->getTimestamp()." ORDER BY `time` ASC"; return $db->fetchAll($db->query($sql)); } public static function publicEventListHome($limit) { $db = new DBClass(); $time = new DateTime(); $sql = "SELECT * FROM `events` WHERE `time` > ".$time->getTimestamp()." ORDER BY `time` ASC LIMIT $limit"; return $db->fetchAll($db->query($sql)); } public static function EventTrackList($limit) { $db = new DBClass(); $sql = "SELECT * FROM `events` WHERE `type` = '2' ORDER BY `time` ASC LIMIT $limit"; return $db->fetchAll($db->query($sql)); } /* Attend functions */ public static function attentEventList() { // Get list of events that havent already started $db = new DBClass(); $time = new DateTime(); $sql = "SELECT * FROM `events` WHERE `time` > ".$time->getTimestamp()." AND `type` = 1 ORDER BY `time` ASC"; return $db->fetchAll($db->query($sql)); } public static function attentDouble($user,$event) { // Checks if username already is in db, if not return false, if it exists return true $db = new DBClass(); $sql = "SELECT * FROM `attendees` WHERE `userid` = $user AND `eventid` = $event"; if ($db->numRows($db->query($sql)) != 1) { return false; } else { return true; } } public static function attendees($event) { // Checks if username already is in db, if not return false, if it exists return true $db = new DBClass(); $sql = "SELECT * FROM `attendees` WHERE `eventid` = $event"; return $db->numRows($db->query($sql)); } /* Login and user functions */ public static function checkExists($name) { // Checks if username already is in db, if not return false, if it exists return true $db = new DBClass(); $sql = "SELECT * FROM `" . Config::$db_tableusers . "` WHERE `username` = '$name'"; if ($db->numRows($db->query($sql)) != 1) { return false; } else { return true; } } /* File/Upload functions */ public static function getImages($limit) { // Returns all images in database. $db = new DBClass(); $sql = "SELECT * FROM `uploads` WHERE `mime` LIKE 'image%'"; return $db->fetchAll($db->query($sql)); } }