Código:
<?php
class DBEngine
{
var $link;
var $result;
function Connect()
{
$link = mysql_connect("localhost", "root", "cubahack001");
if(!$link)
print("Error connecting to the database<br/>");
mysql_select_db("sms");
return $link;
}
function Close()
{
mysql_close();
}
/*
* User Class
*/
function ValidateUserCredentials($username, $password)
{
$username = addslashes($username);
$password = addslashes($password);
$result = mysql_query("SELECT * from user WHERE username=\"" . $username . "\" and password=\"" . $password . "\"");
if($result)
{
if(mysql_num_rows($result) > 0)
{
return true;
}
else
return false;
}
return -1;
}
function IsUserActive($username)
{
$username = addslashes($username);
$result = mysql_query("SELECT active from user WHERE username=\"" . $username . "\"");
if($result)
{
if(mysql_num_rows($result) > 0)
{
$row = mysql_fetch_assoc($result);
return ($row["active"] == 1);
}
else
return -1;
}
return -1;
}
function GetUserByUsername($username)
{
$username = addslashes($username);
$result = mysql_query("SELECT * from user WHERE username=\"" . $username . "\"");
if($result)
{
if(mysql_num_rows($result) > 0)
{
$row = mysql_fetch_assoc($result);
return $row;
}
else
return -1;
}
return -1;
}
function InsertUser($name, $secondName, $lastName, $email, $credit, $active, $username, $password)
{
$name = addslashes($name);
$secondName = addslashes($secondName);
$lastName = addslashes($lastName);
$email = addslashes($email);
$username = addslashes($username);
$password = addslashes($password);
if(!is_numeric($credit)) return false;
if(!is_numeric($active) && !is_bool($active)) return false;
$sql = "INSERT INTO user (name, second_name, last_name, email, credit, active, username, password) VALUES " .
"('" . $name . "', " .
"'" . $secondName . "', " .
"'" . $lastName . "', " .
"'" . $email . "', " .
"" . $credit . ", " .
"" . $active . ", " .
"'" . $username . "', " .
"'" . $password . "')";
mysql_query($sql);
return (mysql_affected_rows() > 0);
}
function UpdateUser($id, $name, $secondName, $lastName, $email, $credit, $active, $username, $password)
{
$name = addslashes($name);
$secondName = addslashes($secondName);
$lastName = addslashes($lastName);
$email = addslashes($email);
$username = addslashes($username);
$password = addslashes($password);
if(!is_numeric($id)) return false;
if(!is_numeric($credit)) return false;
if(!is_numeric($active) && !is_bool($active)) return false;
$sql = "UPDATE user SET ".
"name=\"" . $name . "\", " .
"second_name=\"" . $secondName . "\", " .
"last_name=\"" . $lastName . "\", " .
"email=\"" . $email . "\", " .
"credit=" . $credit . ", " .
"active=" . $active . ", " .
"username=\"" . $username . "\", " .
"password=\"" . $password . "\" " .
"WHERE id=" . $id;
mysql_query($sql);
return (mysql_affected_rows() > 0);
}
/*
* Rate Class
*/
function GetRateByCode($code)
{
$code = addslashes($code);
$result = mysql_query("SELECT * from rate WHERE code=" . $code . "");
if($result)
{
if(mysql_num_rows($result) > 0)
{
$row = mysql_fetch_assoc($result);
return $row;
}
else
return -1;
}
return -1;
}
function GetRateCodes()
{
$i = 0;
$codes = "";
$result = mysql_query("SELECT code from rate");
if($result)
{
while ($row = mysql_fetch_assoc($result))
{
$codes[$i] = $row["code"];
$i++;
}
return $codes;
}
return -1;
}
}
?>
Mis saludos