DFiNE
/
OdenseTrack
關注 1
收藏 1
複製 0
程式碼 問題 3 合併請求 0 版本發佈 2 Wiki 活動
"OdenseTrack" is a school assignment/project from AspIT https://aspit.dfine.net/odensetrack
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
38 提交
1 分支
目錄樹: 45d21c6d09
分支列表 標籤
${ item.name }
建立分支 ${ searchTerm }
從 '45d21c6d09'
${ noResults }
OdenseTrack/classes/get.class.php

get.class.php 3.9KB
歷史記錄 原始文件

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112 
  1. <?php

  2. 

  3. /*

  4.  * Gets various items from the database - Used on basically all pages.

  5.  */

  6. 

  7. class Get {

  8. 

  9.     private function __construct() {

  10.         

  11.     }

  12. 

  13.     public static function NewsArticle($id) {

  14.         /* Here we sanitize the userinput. We only allow numbers here.

  15.          * - Filter the variable to remove anything but numbers (plusses and minusses)

  16.          * However, the filter_var needs us to trim the output first, as we dont want nullbytes.

  17.          */

  18. 

  19.         $newsitem = filter_var(trim($id), FILTER_SANITIZE_NUMBER_INT);

  20. 

  21.         $db = new DBClass();

  22.         $sql = "SELECT news.*,users.realname FROM `news` JOIN users ON news.author = users.id WHERE news.id = $newsitem";

  23. 

  24.         // Does the newsitem exist? If not, we redirect.

  25. 

  26.         if ($db->numRows($db->query($sql)) != 1) {

  27.             header('Location: ' . Config::$sys_url . '?page=error');

  28.             die("This newsitem doesnt exist.");

  29.         }

  30.         // It did, yay! - Lets fetch it, and return it.

  31.         return $db->fetchAll($db->query($sql))[0];

  32.     }

  33. 

  34.     public static function NewsList() {

  35.         // newsadmin

  36.         $db = new DBClass();

  37.         $sql = "SELECT news.*,users.realname FROM `news` JOIN users ON news.author = users.id ORDER BY `id` DESC";

  38.         return $db->fetchAll($db->query($sql));

  39.     }

  40. 

  41.     public static function publicNewsList() {

  42.         $db = new DBClass();

  43.         $sql = "SELECT news.*,users.realname FROM `news` JOIN users ON news.author = users.id ORDER BY `id` DESC LIMIT 5";

  44.         return $db->fetchAll($db->query($sql));

  45.     }

  46. 

  47.     /* Event functions */

  48. 

  49.     public static function ViewEvent($id) {

  50.         /* Here we sanitize the userinput. We only allow numbers here.

  51.          * - Filter the variable to remove anything but numbers (plusses and minusses)

  52.          * However, the filter_var needs us to trim the output first, as we dont want nullbytes.

  53.          */

  54.         $eventitem = filter_var(trim($id), FILTER_SANITIZE_NUMBER_INT);

  55. 

  56.         // Get the news

  57. 

  58.         $db = new DBClass();

  59.         $sql = "SELECT * FROM `events` WHERE `id` = $eventitem";

  60.         // Check if this eventitem exists - If not, we 404

  61.         if ($db->numRows($db->query($sql)) != 1) {

  62.             header('Location: ' . Config::$sys_url . '?page=error');

  63.             die("This newsitem doesnt exist.");

  64.         }

  65.         // It did, yay! - Lets fetch it, and return it.

  66.         return $db->fetchAll($db->query($sql))[0];

  67.     }

  68. 

  69.     public static function EventList() {

  70.         // eventadmin

  71.         $db = new DBClass();

  72.         $sql = "SELECT * FROM `events` ORDER BY `id` DESC";

  73.         return $db->fetchAll($db->query($sql));

  74.     }

  75. 

  76.     public static function publicEventList() {

  77.         $db = new DBClass();

  78.         $sql = "SELECT * FROM `events` ORDER BY `time` ASC";

  79.         return $db->fetchAll($db->query($sql));

  80.     }

  81.     

  82.     public static function publicEventListHome($limit) {

  83.         $db = new DBClass();

  84.         $sql = "SELECT * FROM `events` ORDER BY `time` ASC LIMIT $limit";

  85.         return $db->fetchAll($db->query($sql));

  86.     }

  87.     

  88.     public static function EventTrackList($limit) {

  89.         $db = new DBClass();

  90.         $sql = "SELECT * FROM `events` WHERE `type` = '2' ORDER BY `time` ASC LIMIT $limit";

  91.         return $db->fetchAll($db->query($sql));

  92.     }

  93.     

  94.     /* Login and user functions */

  95. 

  96.     public static function checkExists($name) {

  97.         // Checks if username already is in db, if not return false, if it exists return true

  98.         $db = new DBClass();

  99.         $sql = "SELECT * FROM `" . Config::$db_tableusers . "` WHERE `username` = '$name'";

  100.         if ($db->numRows($db->query($sql)) != 1) { return false; } else { return true; }

  101.     }

  102.     

  103.     /* File/Upload functions */

  104.     

  105.     public static function getImages($limit) {

  106.         // Returns all images in database.

  107.         $db = new DBClass();

  108.         $sql = "SELECT * FROM `uploads` WHERE `mime` LIKE 'image%'";

  109.         return $db->fetchAll($db->query($sql));

  110.     }

  111.     

  112. }