<?php if($_POST["submit"] != "yep") { echo "0Forbidden"; exit(); } $ser

1. <?php
2. if($_POST["submit"] != "yep") {
3. echo "0Forbidden";
4. exit();
5. }
6.  
7. $servername = "localhost";
8. $username = "upld";
9. $password = "upld";
10. $dbname = "upld";
11.  
12. // Create connection
13. $conn = new mysqli($servername, $username, $password, $dbname);
14. // Check connection
15. if ($conn->connect_error) {
16. echo("0Connection failed: " . $conn->connect_error);
17. exit();
18. }
19.  
20. if($_POST["what"] == "all") {
21. $results = array();
22.  
23. $sql = "SELECT * FROM snippets";
24. $result = $conn->query($sql);
25.  
26. if ($result->num_rows > 0) {
27.  
28. while($row = $result->fetch_assoc()) {
29. $r = array();
30.  
31. $snip_id = $row["id"];
32. $snip_listing = $row["listing"];
33. $snip_text = $row["text"];
34. $snip_title = $row["title"];
35. $snip_tags = array();
36.  
37. $sql_tags = "SELECT tags.name, tags.is_minor FROM tags INNER JOIN snippets_tags ON snippets_tags.tags_id=tags.id WHERE snippets_tags.snippets_id=" . $snip_id;
38. $result_tags = $conn->query($sql_tags);
39.  
40. if ($result_tags->num_rows > 0) {
41. while($row_tags = $result_tags->fetch_assoc()) {
42. $tag = array("name" => $row_tags["name"], "is_minor" => $row_tags["is_minor"]);
43. array_push($snip_tags, $tag);
44. }
45. }
46.  
47. $r["id"] = $snip_id;
48. $r["title"] = $snip_title;
49. $r["listing"] = $snip_listing;
50. $r["tags"] = $snip_tags;
51. $r["text"] = $snip_text;
52.  
53. array_push($results, $r);
54. }
55. }
56. else {
57. //echo "2no_results";
58. }
59.  
60. echo json_encode($results);
61. }
62.  
63. else if($_POST["what"] == "get_tags") {
64. $results = array();
65. $results["major"] = array();
66. $results["minor"] = array();
67.  
68. $sql = "SELECT `name` FROM tags WHERE `is_minor`=false";
69. $result = $conn->query($sql);
70.  
71. if ($result->num_rows > 0) {
72.  
73. while($row = $result->fetch_assoc()) {
74. array_push($results["major"], $row["name"]);
75. }
76. }
77.  
78. $sql = "SELECT `name` FROM tags WHERE `is_minor`=true";
79. $result = $conn->query($sql);
80.  
81. if ($result->num_rows > 0) {
82.  
83. while($row = $result->fetch_assoc()) {
84. array_push($results["minor"], $row["name"]);
85. }
86. }
87.  
88. echo json_encode($results);
89. }
90.  
91. else if($_POST["what"] == "add") {
92. if(md5($_POST["secret"]) !== "ec9a58037686a96ba89cccc5446ede22") {
93. echo "0Wrong secret!";
94. }
95. else {
96. $input_title = $_POST["title"];
97. $input_listing = $_POST["listing"];
98. $input_text = $_POST["text"];
99. $input_major_tags = $_POST["major_tags"];
100. $input_minor_tags = $_POST["minor_tags"];
101.  
102. $tags_ids = array();
103.  
104. $input_listing = $conn->real_escape_string($input_listing);
105.  
106. foreach($input_major_tags as $v) {
107. $result = $conn->query("SELECT * FROM tags WHERE name='" . $v . "'");
108. $num_rows = $result->num_rows;
109.  
110. if ($num_rows > 0) {
111. $row = $result->fetch_assoc();
112. array_push($tags_ids, intval($row["id"]));
113. }
114. else {
115. $conn->query("INSERT INTO tags (name, is_minor) VALUES ('" . $v ."', 0)");
116. array_push($tags_ids, intval($conn->insert_id));
117. }
118. }
119.  
120. foreach($input_minor_tags as $v) {
121. $result = $conn->query("SELECT * FROM tags WHERE name='" . $v . "'");
122. $num_rows = $result->num_rows;
123.  
124. if ($num_rows > 0) {
125. $row = $result->fetch_assoc();
126. array_push($tags_ids, intval($row["id"]));
127. }
128. else {
129. $conn->query("INSERT INTO tags (name, is_minor) VALUES ('" . $v ."', 1)");
130. array_push($tags_ids, intval($conn->insert_id));
131. }
132. }
133.  
134. $conn->query("INSERT INTO snippets (title, listing, text) VALUES ('" . $input_title . "', '" . $input_listing . "', '" . $input_text . "')");
135.  
136. $snippet_id = $conn->insert_id;
137.  
138. foreach($tags_ids as $v) {
139. $conn->query("INSERT INTO snippets_tags (snippets_id, tags_id) VALUES ('" . $snippet_id ."', '" . $v . "')");
140. }
141.  
142. if(!empty($conn->error)) {
143. echo "0" . $conn->error;
144. }
145. else {
146. echo "1Added successfully!";
147. }
148.  
149. }
150. }
151.  
152. else if($_POST["what"] == "search") {
153. $search_query = $_POST["search"];
154.  
155. $results = array();
156.  
157. //search by title
158. {
159. //$sql = "SELECT * FROM snippets WHERE title LIKE '%" . $search_query ."%'";
160. $sql = "SELECT * FROM snippets WHERE REPLACE(title, ' ', '') LIKE REPLACE('%" . $search_query . "%', ' ', '')";
161. $result = $conn->query($sql);
162.  
163. if ($result->num_rows > 0) {
164.  
165. while($row = $result->fetch_assoc()) {
166. $r = array();
167.  
168. $snip_id = $row["id"];
169. $snip_listing = $row["listing"];
170. $snip_text = $row["text"];
171. $snip_title = $row["title"];
172. $snip_tags = array();
173.  
174. $sql_tags = "SELECT tags.name, tags.is_minor FROM tags INNER JOIN snippets_tags ON snippets_tags.tags_id=tags.id WHERE snippets_tags.snippets_id=" . $snip_id;
175. $result_tags = $conn->query($sql_tags);
176.  
177. if ($result_tags->num_rows > 0) {
178. while($row_tags = $result_tags->fetch_assoc()) {
179. $tag = array("name" => $row_tags["name"], "is_minor" => $row_tags["is_minor"]);
180. array_push($snip_tags, $tag);
181. }
182. }
183.  
184. $r["id"] = $snip_id;
185. $r["title"] = $snip_title;
186. $r["listing"] = $snip_listing;
187. $r["tags"] = $snip_tags;
188. $r["text"] = $snip_text;
189.  
190. array_push($results, $r);
191. }
192. }
193. else {
194. //echo "2no_results";
195. }
196. }
197.  
198. //search by tag name
199. {
200. // $sql = "SELECT * FROM tags WHERE name LIKE '%" . $search_query ."%'";
201. $sql = "SELECT * FROM tags WHERE REPLACE(name, ' ', '') LIKE REPLACE('%" . $search_query . "%', ' ', '')";
202. $result = $conn->query($sql);
203.  
204. $tags_ids = array();
205.  
206. if ($result->num_rows > 0) {
207. while($row = $result->fetch_assoc()) {
208. array_push($tags_ids, $row["id"]);
209. }
210. }
211.  
212. foreach($tags_ids as $v) {
213. $sql = "SELECT snippets.id, snippets.title, snippets.listing, snippets.text FROM snippets INNER JOIN snippets_tags ON snippets_tags.snippets_id=snippets.id WHERE snippets_tags.tags_id=" . $v;
214. $result = $conn->query($sql);
215.  
216. if ($result->num_rows > 0) {
217. while($row = $result->fetch_assoc()) {
218. $r = array();
219.  
220. $snip_id = $row["id"];
221. $snip_listing = $row["listing"];
222. $snip_text = $row["text"];
223. $snip_title = $row["title"];
224. $snip_tags = array();
225.  
226. $sql_tags = "SELECT tags.name, tags.is_minor FROM tags INNER JOIN snippets_tags ON snippets_tags.tags_id=tags.id WHERE snippets_tags.snippets_id=" . $snip_id;
227. $result_tags = $conn->query($sql_tags);
228.  
229. if ($result_tags->num_rows > 0) {
230. while($row_tags = $result_tags->fetch_assoc()) {
231. $tag = array("name" => $row_tags["name"], "is_minor" => $row_tags["is_minor"]);
232. array_push($snip_tags, $tag);
233. }
234. }
235.  
236. $r["id"] = $snip_id;
237. $r["title"] = $snip_title;
238. $r["listing"] = $snip_listing;
239. $r["tags"] = $snip_tags;
240. $r["text"] = $snip_text;
241.  
242. array_push($results, $r);
243. }
244. }
245. }
246. }
247.  
248. $results_unqiue = array_unique($results, SORT_REGULAR);
249. $results_return = array_values($results_unqiue);
250.  
251.  
252.  
253. //send
254. $results_json = json_encode($results_return);
255.  
256. //header('Content-Length: ' . strlen(gzencode($results_json)));
257. echo $results_json;
258.  
259.  
260.  
261.  
262. }
263.  
264. else {
265. echo "0Unknown request!";
266. }
267.  
268.  
269.  
270. $conn->close();
271. ?>