DFiNE
/
OdenseTrack
Watch 1
Star 1
Fork 0
Code Issues 3 Pull Requests 0 Releases 2 Wiki Activity
"OdenseTrack" is a school assignment/project from AspIT https://aspit.dfine.net/odensetrack
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
22 Commits
1 Branch
Tree: beb85b2214
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'beb85b2214'
${ noResults }
OdenseTrack/classes/get.class.php

get.class.php 3.2KB
History Raw

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586878889909192 
  1. <?php

  2. 

  3. /*

  4.  * Gets various items from the database - Used on basically all pages.

  5.  */

  6. 

  7. class Get {

  8. 

  9.     private function __construct() {

  10.         

  11.     }

  12. 

  13.     public static function NewsArticle($id) {

  14.         /* Here we sanitize the userinput. We only allow numbers here.

  15.          * - Filter the variable to remove anything but numbers (plusses and minusses)

  16.          * However, the filter_var needs us to trim the output first, as we dont want nullbytes.

  17.          */

  18. 

  19.         $newsitem = filter_var(trim($id), FILTER_SANITIZE_NUMBER_INT);

  20. 

  21.         $db = new DBClass();

  22.         $sql = "SELECT news.*,users.realname FROM `news` JOIN users ON news.author = users.id WHERE news.id = $newsitem";

  23. 

  24.         // Does the newsitem exist? If not, we redirect.

  25. 

  26.         if ($db->numRows($db->query($sql)) != 1) {

  27.             header('Location: ' . Config::$sys_url . '?page=error');

  28.             die("This newsitem doesnt exist.");

  29.         }

  30.         // It did, yay! - Lets fetch it, and return it.

  31.         return $db->fetchAll($db->query($sql))[0];

  32.     }

  33. 

  34.     public static function NewsList() {

  35.         // newsadmin

  36.         $db = new DBClass();

  37.         $sql = "SELECT news.*,users.realname FROM `news` JOIN users ON news.author = users.id ORDER BY `id` DESC";

  38.         return $db->fetchAll($db->query($sql));

  39.     }

  40. 

  41.     public static function publicNewsList() {

  42.         $db = new DBClass();

  43.         $sql = "SELECT news.*,users.realname FROM `news` JOIN users ON news.author = users.id ORDER BY `id` DESC LIMIT 5";

  44.         return $db->fetchAll($db->query($sql));

  45.     }

  46. 

  47.     /* Event functions */

  48. 

  49.     public static function ViewEvent($id) {

  50.         /* Here we sanitize the userinput. We only allow numbers here.

  51.          * - Filter the variable to remove anything but numbers (plusses and minusses)

  52.          * However, the filter_var needs us to trim the output first, as we dont want nullbytes.

  53.          */

  54.         $eventitem = filter_var(trim($id), FILTER_SANITIZE_NUMBER_INT);

  55. 

  56.         // Get the news

  57. 

  58.         $db = new DBClass();

  59.         $sql = "SELECT * FROM `events` WHERE `id` = $eventitem";

  60.         // Check if this eventitem exists - If not, we 404

  61.         if ($db->numRows($db->query($sql)) != 1) {

  62.             header('Location: ' . Config::$sys_url . '?page=error');

  63.             die("This newsitem doesnt exist.");

  64.         }

  65.         // It did, yay! - Lets fetch it, and return it.

  66.         return $db->fetchAll($db->query($sql))[0];

  67.     }

  68. 

  69.     public static function EventList() {

  70.         // eventadmin

  71.         $db = new DBClass();

  72.         $sql = "SELECT * FROM `events` ORDER BY `id` DESC";

  73.         return $db->fetchAll($db->query($sql));

  74.     }

  75. 

  76.     public static function publicEventList() {

  77.         $db = new DBClass();

  78.         $sql = "SELECT * FROM `events` ORDER BY `id` DESC LIMIT 5";

  79.         return $db->fetchAll($db->query($sql));

  80.     }

  81.     

  82.     

  83.     /* Login and user functions */

  84. 

  85.     public static function checkExists($name) {

  86.         // Checks if username already is in db, if not return false, if it exists return true

  87.         $db = new DBClass();

  88.         $sql = "SELECT * FROM `" . Config::$db_tableusers . "` WHERE `username` = '$name'";

  89.         if ($db->numRows($db->query($sql)) != 1) { return false; } else { return true; }

  90.     }

  91.     

  92. }