Expand|Select|Wrap|Line Numbers
- <?php
- //Make a database connection
- session_start();
- mysql_connect("localhost", "root", "");
- mysql_select_db("test");
- //Login section start
- if(!isset($_SESSION["logged"])) {
- if(isset($_POST["username"]) && ($_POST['password'])) {
- $query = mysql_query("SELECT id FROM login WHERE username = '" . $_POST["username"] . "' AND password = '" . $_POST["password"] . "'");
- if(mysql_num_rows($query) > 0) {
- $row = mysql_fetch_array($query);
- $_SESSION["logged"] = $row["id"];
- header("Location: " . $_SERVER["PHP_SELF"]);
- }
- } else {
- echo("<form method=\"POST\">
- <input type=\"text\" name=\"username\" value=\"Type username here\">
- <input type=\"text\" name=\"password\" value=\"Type username here\">
- <input type=\"submit\" name=\"submit\">
- </form>");
- }
- } else {
- //end of login section
- //Section for adding
- if(isset($_GET["add"])) {
- $query = mysql_query("SELECT id FROM login WHERE id = '" . $_GET["add"] . "'");
- if(mysql_num_rows($query) > 0) {
- $_query = mysql_query("SELECT * FROM data WHERE leo = '" . $_SESSION["logged"] . "' AND jon = '" . $_GET["add"] . "'");
- if(mysql_num_rows($_query) == 0) {
- mysql_query("INSERT INTO data SET leo = '" . $_SESSION["logged"] . "', jon = '" . $_GET["add"] . "'");
- }
- }
- }
- //END
- //Section for exceting
- if(isset($_GET["accept"])) {
- $query = mysql_query("SELECT * FROM data WHERE leo = '" . $_GET["accept"] . "' AND jon = '" . $_SESSION["logged"] . "'");
- if(mysql_num_rows($query) > 0) {
- $_query = mysql_query("SELECT * FROM login WHERE id = '" . $_GET["accept"] . "'");
- $_row = mysql_fetch_array($_query);
- $rec = unserialize($_row["rec "]);
- $rec [] = $_SESSION["rec "];
- mysql_query("UPDATE login SET rec = '" . serialize($rec ) . "' WHERE id = '" . $_GET["accept"] . "'");
- $_query = mysql_query("SELECT * FROM login WHERE id = '" . $_SESSION["logged"] . "'");
- $_row = mysql_fetch_array($_query);
- $rec = unserialize($_row["rec "]);
- $rec [] = $_GET["accept"];
- mysql_query("UPDATE login SET rec = '" . serialize($rec ) . "' WHERE id = '" . $_SESSION["logged"] . "'");
- }
- mysql_query("DELETE FROM data WHERE leo = '" . $_GET["accept"] . "' AND jon = '" . $_SESSION["logged"] . "'");
- }
- //END
- //Section for showing
- $query = mysql_query("SELECT * FROM data WHERE leo = '" . $_SESSION["logged"] . "'");
- if(mysql_num_rows($query) > 0) {
- while($row = mysql_fetch_array($query)) {
- $_query = mysql_query("SELECT * FROM login WHERE id = '" . $row["leo"] . "'");
- while($_row = mysql_fetch_array($_query)) {
- }
- }
- }
- //END
- //Section for showing 2
- $query = mysql_query("SELECT * FROM login WHERE id != '" . $_SESSION["logged"] . "'");
- while($row = mysql_fetch_array($query)) {
- $ok = false;
- $rec = unserialize($row["rec"]);
- if(isset($rec[0])) {
- foreach($rec as $rec) {
- if($rec == $_SESSION["logged"]) $ok = true;
- }
- }
- echo "not bad";
- $_query = mysql_query("SELECT * FROM data WHERE leo = '" . $_SESSION["logged"] . "' AND jon = '" . $row["id"] . "'");
- if(mysql_num_rows($_query) > 0) {
- echo "good.";
- } elseif($ok == false) {
- echo " good again";
- } else {
- echo " thats me.";
- }
- echo "<br />";
- }
- //END
- //display
- $query = mysql_query("SELECT rec FROM login WHERE id = '" . $_SESSION["logged"] . "'");
- while($row = mysql_fetch_array($query)) {
- $rec = unserialize($row["rec"]);
- if(isset($rec[0])) {
- foreach($rec as $rec) {
- $_query = mysql_query("SELECT username FROM login WHERE id = '" . $rec . "'");
- $_row = mysql_fetch_array($_query);
- echo "thanks";
- }
- }
- }
- //END
- }
- ?>
below is my code migration to PDO but is not working
Expand|Select|Wrap|Line Numbers
- <?php
- //Make a database connection
- session_start();
- error_reporting(E_ERROR | E_PARSE | E_CORE_ERROR);
- require "config.php"; // Database connection details.
- dataConnect();
- //Login section start
- if(!isset($_SESSION["logged"])) {
- if(isset($_POST["username"]) && ($_POST['password'])) {
- $count=$dbo->prepare("select id FROM login where username=:username AND password=:password");
- $count->bindParam(":username",$username,PDO::PARAM_STRING,30);
- $count->bindParam(":password",$password,PDO::PARAM_STRING,35);
- $count->execute();
- $total = $count->rowCount();
- if($total>0){
- echo " login Success <br>";
- $row = $count->fetch(PDO::FETCH_OBJ);
- $_SESSION["logged"] = row->id;
- //$row = $count->fetch();
- //print_r($row);
- header("Location: " . $_SERVER["PHP_SELF"]);
- }else{
- echo("<form method=\"POST\">
- <input type=\"text\" name=\"username\" value=\"Type username here\">
- <input type=\"text\" name=\"password\" value=\"Type username here\">
- <input type=\"submit\" name=\"submit\">
- </form>");
- }
- } else {
- //end of login section
- //Section for adding friend
- if(isset($_GET["add"])) {
- $count=$dbo->prepare("select * from login where id=:add");
- $count->bindParam(":add",$id,PDO::PARAM_INT,1);
- $count->execute();
- $total = $count->rowCount();
- $row = $count->fetch(PDO::FETCH_OBJ);
- if($total>0){
- $count2=$dbo->prepare("select * from data where leo=:add AND jon=:logged");
- $count2->bindParam(":add",$leo,PDO::PARAM_STRING,1);
- $count2->bindParam(":logged",$jon,PDO::PARAM_STRING,2);
- $count2->execute();
- $total2 = $count2->rowCount();
- $row = $count2->fetch(PDO::FETCH_OBJ);
- if($total2==0){
- $sql=$dbo->prepare("INSERT INTO data SET leo =:logged,jon=:add");
- $sql->bindParam(':logged',$leo,PDO::PARAM_STR, 15);
- $sql->bindParam(':add',$jon,PDO::PARAM_STR, 15);
- if($sql->execute()){
- $id=$dbo->lastInsertId();
- echo " Thanks .. Your id = $id ";
- }
- else{
- echo " Not able to add data please ";
- }
- }
- }
- }
- //END
- //Section for exceting
- if(isset($_GET["accept"])) {
- $count=$dbo->prepare("select * from data where leo=:accept AND jon =:logged");
- $count->bindParam(":accept",$leo,PDO::PARAM_STRING,34);
- $count->bindParam(":logged",$jon,PDO::PARAM_STRING,34);
- $count->execute();
- $total = $count->rowCount();
- $row = $count->fetch(PDO::FETCH_OBJ);
- if($total>0){
- $count2=$dbo->prepare("select * from login WHERE id=:accept");
- $count2->bindParam(":accept",$id,PDO::PARAM_INT,1);
- $count2->execute();
- $total2 = $count->rowCount();
- $row = $count2->fetch(PDO::FETCH_OBJ);
- $rec = unserialize($row["rec"]);
- $rec[] = $_SESSION["rec"];
- $sql=$dbo->prepare("update login SET rec=:serialize($rec) where id=accept");
- $sql->bindParam(":id",$id,PDO::PARAM_INT,1);
- $sql->bindParam(':rec',$rec,PDO::PARAM_STR, 15);
- if($sql->execute()){
- echo "Successfully updated";
- }
- $count2=$dbo->prepare("select * from login WHERE id=:logged");
- $count2->bindParam(":logged",$id,PDO::PARAM_INT,1);
- $count2->execute();
- $total2 = $count->rowCount();
- $row = $count2->fetch(PDO::FETCH_OBJ);
- $rec = unserialize($row["rec"]);
- $rec[] = $_GET["accept"];
- $sql=$dbo->prepare("update login SET rec=:serialize($rec) where id=logged");
- $sql->bindParam(":id",$id,PDO::PARAM_INT,1);
- $sql->bindParam(':rec',$rec,PDO::PARAM_STR, 15);
- if($sql->execute()){
- echo "Successfully updated";
- }
- }
- $sql=$dbo->prepare("delete from data where leo=:accept AND jon =:logged");
- $sql->bindParam(":id",$id,PDO::PARAM_INT,1);
- $sql->bindParam(':rec',$rec,PDO::PARAM_STR, 15);
- if($sql->execute()){
- echo "Successfully deleted";
- }
- }
- //END
- //Section for showing
- $count=$dbo->prepare("select * from data where leo =:logged");
- $count->bindParam(":logged",$leo,PDO::PARAM_STRING,34);
- $count->execute();
- $total = $count->rowCount();
- $row = $count->fetch(PDO::FETCH_OBJ);
- if($total>0){
- while($row = $count->fetch(PDO::FETCH_OBJ)) {
- $count2=$dbo->prepare("SELECT * FROM login where id =: $row['leo']");
- $count2->bindParam(":id",$row['leo'],PDO::PARAM_STRING,34);
- $count2->execute();
- $total 2= $count2->rowCount();
- $row2 = $count2->fetch(PDO::FETCH_OBJ);
- while($row2 = $count2->fetch(PDO::FETCH_OBJ)) {
- echo " $row2->username";
- }
- }
- }
- //END
- //Section for showing 2
- $count=$dbo->prepare("SELECT * FROM login WHERE id ! =:logged");
- $count->bindParam(":logged",$id,PDO::PARAM_STRING,34);
- $count->execute();
- $total = $count->rowCount();
- $row = $count->fetch(PDO::FETCH_OBJ);
- while($row = $count->fetch(PDO::FETCH_OBJ)) {
- $ok = false;
- $rec = unserialize($row["rec"]);
- if(isset($rec[0])) {
- foreach($rec as $rec) {
- if($rec == $_SESSION["logged"]) $ok = true;
- }
- }
- echo "not bad";
- $count2=$dbo->prepare("SELECT * from data where leo=:logged AND jon =:$row->id");
- $count2->bindParam(":id",$row->id,PDO::PARAM_STRING,34);
- $count2->execute();
- $total2= $count2->rowCount();
- $row2 = $count2->fetch(PDO::FETCH_OBJ);
- if($total2>0){
- echo " good";
- } elseif($ok == false) {
- echo " good again";
- } else {
- echo " thats me";
- }
- echo "<br />";
- }
- //END
- $count=$dbo->prepare("SELECT * FROM login WHERE id =:logged");
- $count->bindParam(":logged",$id,PDO::PARAM_STRING,34);
- $count->execute();
- $total = $count->rowCount();
- $row = $count->fetch(PDO::FETCH_OBJ);
- while($row = $count->fetch(PDO::FETCH_OBJ)) {
- $rec = unserialize($row["rec"]);
- if(isset($rec[0])) {
- foreach($rec as $rec) {
- $count2=$dbo->prepare("SELECT username FROM login WHERE id =:$rec");
- $count2->bindParam(":id",$rec,PDO::PARAM_STRING,34);
- $count2->execute();
- $total2= $count2->rowCount();
- $row2 = $count2->fetch(PDO::FETCH_OBJ);
- echo "Thanks";
- }
- }
- }
- //END
- }
- ?>