当前位置: 首页>>代码示例>>PHP>>正文


PHP obj::prepare方法代码示例

本文整理汇总了PHP中obj::prepare方法的典型用法代码示例。如果您正苦于以下问题:PHP obj::prepare方法的具体用法?PHP obj::prepare怎么用?PHP obj::prepare使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在obj的用法示例。


在下文中一共展示了obj::prepare方法的4个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。

示例1: login

/**
 * Login API
 * @param  string $email    email of user
 * @param  string $password password of user
 * @param  obj $mysqli   mysql connection
 * @return bool           success or not
 */
function login($email, $password, $mysqli)
{
    // Using prepared statements means that SQL injection is not possible.
    if ($stmt = $mysqli->prepare("SELECT id, username, password, salt\n        FROM members\n       WHERE email = ?\n        LIMIT 1")) {
        $stmt->bind_param('s', $email);
        // Bind "$email" to parameter.
        $stmt->execute();
        // Execute the prepared query.
        $stmt->store_result();
        // get variables from result.
        $stmt->bind_result($user_id, $username, $db_password, $salt);
        $stmt->fetch();
        // hash the password with the unique salt.
        $password = hash('sha512', $password . $salt);
        if ($stmt->num_rows == 1) {
            // If the user exists we check if the account is locked
            // from too many login attempts
            if (checkbrute($user_id, $mysqli) == true) {
                // Account is locked
                // Send an email to user saying their account is locked
                return false;
            } else {
                // Check if the password in the database matches
                // the password the user submitted.
                if ($db_password == $password) {
                    // Password is correct!
                    // Get the user-agent string of the user.
                    $user_browser = $_SERVER['HTTP_USER_AGENT'];
                    // XSS protection as we might print this value
                    $user_id = preg_replace("/[^0-9]+/", "", $user_id);
                    $_SESSION['user_id'] = $user_id;
                    // XSS protection as we might print this value
                    $username = preg_replace("/[^a-zA-Z0-9_\\-]+/", "", $username);
                    $_SESSION['username'] = $username;
                    $_SESSION['login_string'] = hash('sha512', $password . $user_browser);
                    // Login successful.
                    return true;
                } else {
                    // Password is not correct
                    // We record this attempt in the database
                    $now = time();
                    $mysqli->query("INSERT INTO login_attempts(user_id, time)\n                                    VALUES ('{$user_id}', '{$now}')");
                    return false;
                }
            }
        } else {
            // No user exists.
            return false;
        }
    }
}
开发者ID:varatep,项目名称:comp484-final-lab-tmp,代码行数:58,代码来源:functions.php

示例2: query

 /**
  * 执行SQL,并返回结果
  */
 function query()
 {
     $tArgs = func_get_args();
     $tSql = array_shift($tArgs);
     # 锁表查询
     if ($this->_lock) {
         $tSql .= ' ' . $this->_lock;
         $this->_lock = '';
     }
     # 使用缓存
     if ($this->cache) {
         $tMem =& Cache_Memcache::instance('default');
         if ('md5' == $this->cache['key']) {
             $this->cache['key'] = md5($tSql . ($tArgs ? join(',', $tArgs) : ''));
         }
         if (false !== ($tData = $tMem->get($this->cache['key']))) {
             return $tData;
         }
     }
     # 查询数据库
     $this->db =& self::instance($this->_config);
     if ($tArgs) {
         $tQuery = $this->db->prepare($tSql);
         $tQuery->execute($tArgs);
     } else {
         $tQuery = $this->db->query($tSql);
     }
     if (!$tQuery) {
         $this->error = $this->db->errorInfo();
         isset($this->error[1]) || ($this->error = array());
         return array();
     }
     # 不缓存查询结果
     if (!$this->cache) {
         return $tQuery->fetchAll(PDO::FETCH_ASSOC);
     }
     # 设置缓存
     $tData = $tQuery->fetchAll(PDO::FETCH_ASSOC);
     $tMem->set($this->cache['key'], $tData, 0, $this->cache['expire']);
     $this->cache = array();
     return $tData;
 }
开发者ID:tanqinwang,项目名称:test_own,代码行数:45,代码来源:Base.php

示例3: getSIGAccess

 /**
  * SIG Access Return Method
  *
  * This method determines if a user has access to a specific Special Interest Group
  *
  * @return bool
  */
 public function getSIGAccess($sigID, $sigRequiredAccessLevel)
 {
     /** Looking up this user's access permissions to the sig */
     $stmt_sig_lookup = $this->_db->prepare('SELECT sig_access_level FROM sig_memberships WHERE userid = ? AND sig_id = ? AND groupid = ? LIMIT 1');
     $stmt_sig_lookup->execute(array($this->_userID, $sigID, $this->_group->getGroupID()));
     if ($stmt_sig_lookup->rowCount() == 1) {
         /** The user is a member of this Special Interest Group, so we'll confirm their access level now */
         $sigAccessLevel = $stmt_sig_lookup->fetch(\PDO::FETCH_ASSOC);
         /** Comparing the user's sig_access_level to the required $sigRequiredAccessLevel */
         if ($sigAccessLevel['sig_access_level'] >= $sigRequiredAccessLevel) {
             /** The user has access*/
             return true;
         } else {
             /** The user does not have access */
             return false;
         }
     } else {
         /** The user is not a member of this Special Interest Group */
         return false;
     }
 }
开发者ID:jgrancell,项目名称:blackbriar,代码行数:28,代码来源:user.inc.php

示例4: i3GeoAdminInsert

/**
 * Faz o insert de um novo registro em uma tabela do sistema de administracao
 *
 * @param obj $pdo - objeto pdo
 * @param string $tabela - nome da tabela que sofreara o insert
 * @param array $data - array com os nomes dos campos da tabela e os valores
 * @return boolean
 */
function i3GeoAdminInsert($pdo, $tabela, $data)
{
    global $esquemaadmin;
    $keys = array_keys($data);
    $fields = implode(",", $keys);
    $placeholder = str_repeat("?,", count($keys));
    $placeholder = trim($placeholder, ",");
    $sql = "INSERT INTO " . $esquemaadmin . "{$tabela}({$fields}) VALUES ({$placeholder})";
    $pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
    try {
        $prep = $pdo->prepare($sql);
    } catch (PDOException $e) {
        return "prepare ";
    }
    try {
        $exec = $prep->execute(array_values($data));
        //atualiza o log
        i3GeoAdminInsertLog($pdo, $sql, array_values($data));
        return true;
    } catch (PDOException $e) {
        return "execute ";
    }
}
开发者ID:edmarmoretti,项目名称:i3geo,代码行数:31,代码来源:admin.php


注:本文中的obj::prepare方法示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。