Code: Select all
<?PHP
include "Auth/configuration.php";
include "Auth/class.database.php";
include "Auth/Class.Main.php";
$Maintenance = new Maintenance();
// we are doing extra validation before saving.
if (isset($_POST['CompID']))
{
$Maintenance->CompID = $_POST['CompID'];
}
if (isset($_POST['CompModel']))
{
$Maintenance->CompModel = $_POST['CompModel'];
}
if (isset($_POST['CompSN']))
{
$Maintenance->CompSN = $_POST['CompSN'];
}
if (isset($_POST['CompOS']))
{
$Maintenance->CompOS = $_POST['CompOS'];
}
if (isset($_POST['ProbState']))
{
$Maintenance->ProbState = $_POST['ProbState'];
}
if (isset($_POST['ProbSum']))
{
$Maintenance->ProbSum = $_POST['ProbSum'];
}
if ($Maintenance->Save())
{
header("location:../Project/register_success.php");
}
?>Class.Main.php
Code: Select all
<?PHP
class Maintenance
{
var $RepID;
var $CompID;
var $CompModel;
var $CompSN;
var $CompOS;
var $ProbState;
var $ProbSum;
function Maintenance($CompID='', $CompModel='', $CompSN='', $CompOS='', $ProbState='', $ProbSum='')
{
$this->CompID = $CompID;
$this->CompModel = $CompModel;
$this->CompSN = $CompSN;
$this->CompOS = $ProbState;
$this->ProbState = $ProbState;
$this->ProbSum = $ProbSum;
}
function Save()
{
$Database = new DatabaseConnection();
$query = "SELECT Re_ID FROM `Report` where `RE_ID`='".$this->RepID."' LIMIT 1";
$Database->Query($query);
if ($Database->Rows() > 0)
{
$query = "UPDATE `report` SET
`CompID`='".$Database->Escape($this->CompID)."',
`CompModel`='".$Database->Escape($this->CompModel)."',
`CompSN `='".$Database->Escape($this->CompSN)."',
`CompOS`='".$Database->Escape($this->CompOS)."',
`ProbState`='".$Database->Escape($this->ProbState)."'
`ProbSum`='".$Database->Escape($this->ProbSum)."' where `RE_ID`='".$this->RepID."'";
}
else
{
$query = "INSERT INTO `report` (`CompID`, `CompModel`, `CompSN`, `CompOS`, `ProbState`, `ProbSum`)
values ( '".$Database->Escape($this->CompID)."',
'".$Database->Escape($this->CompModel)."',
'".$Database->Escape($this->CompSN)."',
'".$Database->Escape($this->CompOS)."',
'".$Database->Escape($this->ProbState)."',
'".$Database->Escape($this->ProbSum)."')";
//<-- This Line is the problem *100% Sure since it does not goes well with drop down list.
}
$Database->InsertOrUpdate($query);
if ($this->RepID == "")
{
$this->RepID = $Database->GetCurrentId();
}
return $this->RepID;
}
function SaveNew()
{
$this->RepID='';
return $this->Save();
}
function Delete()
{
$Database = new DatabaseConnection();
$query = "delete from `report` where `re_id`='".$this->RepID."'";
return $Database->Query($query);
}
}
?>This is class.database.php
Code: Select all
<?php
Class DatabaseConnection
{
var $connection;
var $databaseName;
var $result;
// -------------------------------------------------------------
function DatabaseConnection()
{
$this->databaseName = $GLOBALS['configuration']['db'];
$serverName = $GLOBALS['configuration']['host'];
$databaseUser = $GLOBALS['configuration']['user'];
$databasePassword = $GLOBALS['configuration']['pass'];
$this->connection = mysql_connect ($serverName, $databaseUser, $databasePassword) or die ('I cannot connect to the database.');
mysql_select_db ($this->databaseName);
}
// -------------------------------------------------------------
function Close()
{
mysql_close($this->connection);
}
// -------------------------------------------------------------
function GetConnection() {
return $this->connection;
}
// -------------------------------------------------------------
function Query($query)
{
$this->result = mysql_query($query,$this->connection);
if (!$this->result) {
die('Invalid query: '.mysql_error());
}
return $this->result;
}
// -------------------------------------------------------------
function Rows()
{
if ($this->result != false)
{
return mysql_num_rows($this->result);
}
return null;
}
// -------------------------------------------------------------
function AffectedRows()
{
return mysql_affected_rows();
}
// -------------------------------------------------------------
function Result($row,$name)
{
if ($this->Rows() > 0)
{
return mysql_result($this->result,$row,$name);
}
return null;
}
// -------------------------------------------------------------
function InsertOrUpdate($query)
{
$this->result = mysql_query($query,$this->connection);
return ($this->AffectedRows() > 0);
}
/**
* This function will always try to encode $text to base64, except when $text is a number. This allows us to Escape all data before they're inserted in the database, regardless of attribute type.
* @param string $text
* @return string encoded to base64
*/
function Escape($text)
{
if (!ctype_digit($text) && !is_integer($text))
{
//return base64_encode($text);
}
return $text;
}
function Unescape($text)
{
if (!ctype_digit($text) && !is_integer($text))
{
//return base64_decode($text);
}
return $text;
}
// -------------------------------------------------------------
function GetCurrentId()
{
return intval(mysql_insert_id($this->connection));
}
}
?>Code: Select all
<?
session_start();
global $configuration;
//Database related settings
$configuration['db'] = 'login'; //database name
$configuration['host'] = 'localhost'; //database host
$configuration['user'] = 'root'; //database user
$configuration['pass'] = ''; //database password
?>Ive disabled the encryption on the class.database.php as it messes up the database on line 84 and 94. The problem is when i press submit on the test page the site goes to processmain.php and it will only show a blank page. If it was successful it would have open up the registration_success.php instead of a blank page. Any thoughts on this?