Файловый менеджер

Файловый менеджер - Редактировать - /home/carpe/public_html/CURSED/inv.php

Назад
<?php session_start(); include 'database.php'; $database = new Database(); $connexion = $database->getConnection(); if ($connexion) { if(isset($_SESSION['login'])){ $username = $_SESSION['login']; } $sql = "SELECT * from users where pseudo = '$username'"; $statement = $connexion->prepare($sql); $statement->execute(); $results = $statement->fetchAll(PDO::FETCH_ASSOC); foreach ($results as $row) { $id = $row['id_user']; } if(isset($_POST['cause2'])){ $cause2 = $_POST['cause2']; if($cause2 == "supp"){ $sql = "DELETE FROM `inv` WHERE id_user = '$id'"; $statement = $connexion->prepare($sql); $statement->execute(); } if($cause2 == "take"){ $sql = "SELECT * from inv where id_user = '$id'"; $statement = $connexion->prepare($sql); $statement->execute(); $results = $statement->fetchAll(PDO::FETCH_ASSOC); foreach ($results as $row) { echo $row['nom']; echo ","; echo $row['quantite']; echo "."; } } if($cause2 == "send"){ $nom = $_POST['nom']; $quantite = $_POST['quantite']; $sql2 = "DELETE FROM `inv` WHERE id_user = '$id'"; $statement2 = $connexion->prepare($sql2); $statement2->execute(); $sql = "INSERT INTO `inv`(`id_user`, `nom`, `quantite`) VALUES ('$id','$nom','$quantite')"; $statement = $connexion->prepare($sql); $statement->execute(); } if($cause2 == "send2"){ $nom = $_POST['nom']; $quantite = $_POST['quantite']; $ind = 0; $sql = "SELECT * from inv where id_user = '$id'"; $statement = $connexion->prepare($sql); $statement->execute(); $results = $statement->fetchAll(PDO::FETCH_ASSOC); foreach ($results as $row) { $nom2 = $row['nom']; $quantite2 = $row['quantite']; if($nom2 == $nom){ $ind++; }else{ } / $sql = "INSERT INTO `inv`(`id_user`, `nom`, `quantite`) VALUES ('$id','$nom','$quantite')"; $statement = $connexion->prepare($sql); $statement->execute(); / } if($ind == 0){ $sql = "INSERT INTO `inv`(`id_user`, `nom`, `quantite`) VALUES ('$id','$nom','$quantite')"; $statement = $connexion->prepare($sql); $statement->execute(); echo 'update1'; }else{ $sql = "UPDATE `inv` SET `quantite`='$quantite' WHERE id_user = $id AND nom = '$nom'"; $statement = $connexion->prepare($sql); $statement->execute(); echo 'update2'; echo $quantite; } } } } ?>

| ver. 1.4 | Github | . | PHP 8.0.30 | Генерация страницы: 0 | proxy | phpinfo | Настройка