API Bolakoe (Encode)

<?php

//load database config

require_once '../includes/database.php';

//index query

$act = isset($_REQUEST['act']) ? $_REQUEST['act'] : '';

switch ($act) {
    case 'register':
        $role = strtolower($_REQUEST['role']);
        $username = strtolower($_REQUEST['username']);
        $email = strtolower($_REQUEST['email']);
        $password = $_REQUEST['password'];

        $result = $mysqli->query("SELECT username from user WHERE username='$username' OR email='$email'");
        if ($result->num_rows > 0) {
            echo 'Username or Email already in use';

            return;
        }

        $ses = md5($email.date('His'));
        $pass = md5($password);

        $fullname = ucfirst($username);

        $mysqli->query("insert into user (username, pass, email, session, ver, blok,level) values ('$username','$pass','$email','$ses','Y','N', '$role')");
        $mysqli->query("insert into user_detail (username, name, gender, address, id_city, country, id_card, phone, birth, bio, position, fav_team, weight, height, foot)
            values ('$username', '$fullname', '', '', '', '', '', '', '','','', '', '', '', '')");

        if ($role == 'coach') {
            $skrg = date('Y-m-d');
            $mysqli->query("insert into team (owner,date_created) values ('$username', '$skrg')");
        }

        echo 'ok';
        break;

    case 'login':
        # code...
        $user = $_REQUEST['username'];
        $username = $user;
        $pass = md5($_REQUEST['password']);

        //$res = login($user,$pass);
        $query = "SELECT * FROM user JOIN user_detail ON user.username=user_detail.username WHERE user.username = '$user' AND user.pass = '$pass'";

        $result = $mysqli->query($query);
        if ($result->num_rows > 0) {
            $user = $result->fetch_array();

            $q_check_req = $mysqli->query("select * from friends where friend = '$username' and status = 'requesting'");
            $count_req = $q_check_req->num_rows;

            $q_check_ver = $mysqli->query("select * from ver WHERE coach='$username'");
            $count_ver = $q_check_ver->num_rows;

            $data = array(
                'status' => 'success',
                'uid' => $user[0],
                'username' => $user[1],
                'session' => $user[4],
                'level' => $user[7],
                'image' => $user['image'],
                'friend_request' => (int) $count_req,
                'ver_request' => (int) $count_ver
                );
        } else {
            $data = array(
                'status' => 'error',
                'msg' => 'wrong username or password ',
                );
        }
        //print_r($user);

        echo json_encode($data);
        break;

    case 'poststatus':
        $username = $_REQUEST['username'];
        $content = $_REQUEST['status'];
        $date_created = time();
        $time_created = date('H:i:s');

        $mysqli->query("INSERT INTO post(username,content,date_created,time_created)
                        VALUES ('$username', '$content', $date_created, '$time_created')
        ");

        echo "ok";
        break;

    case 'deletepost':
        $id = $_REQUEST['id'];
        $mysqli->query("DELETE FROM post WHERE id_post=$id");

        echo 'ok';
        break;

    case 'getprogressperformance':

        break;

    case 'homefeed':
        $r_user['username'] = $_REQUEST['user'];
        $username = $_REQUEST['user'];

        $query = $mysqli->query("SELECT level FROM user WHERE username='$username'");
        $res = $query->fetch_assoc();
        if ($res['level'] == 'owner' || $res['level'] == 'fans') {
            $query = 'select p.*, u.*, s.*, UNIX_TIMESTAMP() - date_created AS TimeSpent
                                    from
                                    post p
                                    join user s ON (p.username=s.username)
                                    join user_detail u ON (p.username=u.username)

                                    order by p.date_created desc';
            $result = $mysqli->query($query);
        } else {

            # code...
            $query = "select *,UNIX_TIMESTAMP() - date_created AS TimeSpent
                                from
                                (select friend as username FROM friends where username = '$r_user[username]' and status = 'accepted'
                                union all
                                select username FROM friends where friend = '$r_user[username]' and status = 'accepted'
                                union all
                                select username from user where username = '$r_user[username]') as friend
                                inner join post on friend.username = post.username
                                inner join `user` on post.username = `user`.username
                                inner join `user_detail` on `user`.username = `user_detail`.username
                                order by `post`.date_created desc";
            $result = $mysqli->query($query);
        }
        //echo $query;
        $data = array();
        while ($row = $result->fetch_assoc()) {
            $row['image'] = '/gallery/'.$row['image'];
            $row['id_post'] = (int) $row['id_post'];
            array_push($data, $row);

            //$data[$row['id_post']]['id'] = $row['id_post'];
            //print_r($data);
        }
        //var_dump($_SERVER); return;
        //var_dump($data);
        echo json_encode($data, JSON_UNESCAPED_SLASHES);
        break;

    case 'profile':
        $username = $_REQUEST['username'];

        $q_player = $mysqli->query("select distinct *,(YEAR(CURDATE())-YEAR(user_detail.birth))-(RIGHT(CURDATE(),5)<RIGHT(user_detail.birth,5)) as age
        FROM
        user_detail
        Inner Join `user` ON `user`.username = user_detail.username
        left Join performance ON performance.username = `user`.username
        left Join country ON country.id_country = user_detail.country
        left Join `position` ON `position`.id_position = user_detail.`position`
        left Join club ON club.id_club = user_detail.fav_team
        left Join foot ON foot.id_foot = user_detail.foot
        left Join clasification ON clasification.id_classification = performance.class
        where user.username = '$username'
        order by performance.update_performance desc
        ");
        $r_player = $q_player->fetch_assoc();
        $data['biodata'] = $r_player;

        # code...
        $query = "select * from user u inner join user_detail ud on u.username = ud.username where u.username = '".$username."'";
        //echo $query;
        $query = $mysqli->query($query);
        $profile = $query->fetch_assoc();
        $data['profile'] = $profile;

        $q_per = $mysqli->query("select * from performance where username = '$username' order by update_performance desc");
        $r_per = $q_per->fetch_assoc();
        $data['performance'] = $r_per;

        //var_dump($data);
        echo json_encode($data);
        break;

    case 'playerprofile':
        $username = $_REQUEST['username'];
        $people = $_REQUEST['people'];

        $q_player = $mysqli->query("select distinct *,(YEAR(CURDATE())-YEAR(user_detail.birth))-(RIGHT(CURDATE(),5)<RIGHT(user_detail.birth,5)) as age
        FROM
        user_detail
        Inner Join `user` ON `user`.username = user_detail.username
        left Join performance ON performance.username = `user`.username
        left Join country ON country.id_country = user_detail.country
        left Join `position` ON `position`.id_position = user_detail.`position`
        left Join club ON club.id_club = user_detail.fav_team
        left Join foot ON foot.id_foot = user_detail.foot
        left Join clasification ON clasification.id_classification = performance.class
        where user.username = '$people'
        order by performance.update_performance desc
        ");
        $r_player = $q_player->fetch_assoc();
        $data['biodata'] = $r_player;

                    $q_check_friend = $mysqli->query("select * from friends where (username = '$username' OR friend = '$username')");
                    $check_friend = $q_check_friend->num_rows;
                    if ($check_friend >= 1) {
                        $q_check_friend1 = $mysqli->query("select * from friends where (username = '$username' OR friend = '$username') and (username = '$people' OR friend = '$people')");
                        $r_check_friend = $q_check_friend1->fetch_array();
                        if ($r_check_friend['status'] == 'requesting') {
                            $q_check = $mysqli->query("select * from friends where username = '$username'");
                            $r_check = $q_check->num_rows;
                            if ($r_check >= 1) {
                                $q_check_friend2 = $mysqli->query("select * from friends where (friend = '$username') and (username = '$people')");
                                $r_check_friend2 = $q_check_friend2->fetch_array();
                                if ($r_check_friend2 >= 1) {
                                    //echo "<input type=\"submit\" value=\"Accept\" class=\"button\" name=\"acceptfriend\" /> &nbsp; <input type=\"submit\" value=\"Reject\" class=\"button\" name=\"rejectfriend\" />";
                                    $data['friend_status'] = 'requestfriend';
                                } else {
                                    //echo ucfirst($r_check_friend['status']);
                                    $data['friend_status'] = 'requesting';
                                }
                            } else {
                                //echo "<input type=\"submit\" value=\"Accept\" class=\"button\" name=\"acceptfriend\" /> &nbsp; <input type=\"submit\" value=\"Reject\" class=\"button\" name=\"rejectfriend\" />";
                                $data['friend_status'] = 'requestfriend';
                            }
                        } elseif ($r_check_friend['status'] == 'accepted') {
                            //echo "You and $r_user_search[name] as now friend";
                            $data['friend_status'] = 'friend';
                        } elseif ($r_check_friend['status'] == 'reject') {
                            //echo "$r_user_search[name] as reject <br> <input type=\"submit\" value=\"Add Friend\" class=\"button\" name=\"addfriend\" />";
                            $data['friend_status'] = 'notfriend';
                        } else {
                            //echo "<input type=\"submit\" value=\"Add Friend\" class=\"button\" name=\"addfriend\" />";
                            $data['friend_status'] = 'notfriend';
                        }
                    } else {
                        $data['friend_status'] = 'notfriend';
                    }

        # code...
        #

        $querySquad = $mysqli->query("SELECT * FROM squad WHERE coach='$username' AND player='$people'");
        if ($querySquad->num_rows > 0) {
            $data['squad_status'] = '1';
        } else {
            $data['squad_status'] = '0';
        }

    $query = "select * from user u inner join user_detail ud on u.username = ud.username where u.username = '".$people."'";
    //echo $query;
    $query = $mysqli->query($query);
    $profile = $query->fetch_assoc();
    $data['profile'] = $profile;

        $q_per = $mysqli->query("select * from performance where username = '$people' order by update_performance desc");
        $r_per = $q_per->fetch_assoc();
        $data['performance'] = $r_per;

        $q_pro = $mysqli->query("select * from performance p join trainning t on p.username=t.username and p.update_performance=t.update_trainning where p.username = '$people' order by p.update_performance desc limit 0,5");
        while ($res = $q_pro->fetch_assoc()) {
            $q_per1 = $mysqli->query("select * from ver where player = '$people' and update_performance = '$res[update_performance]'");
            $r_per1 = $q_per1->num_rows;

            if ($r_per1 > 0) {
                $res['ver_status'] = 'requesting';
            } else {
                $res['ver_status'] = '';
            }

            $data['progress'][] = $res;
        }

        $q_rata = $mysqli->query("select username,avg(agility) as agility, avg(passing) as passing, avg(dribbling) as dribbling, avg(shooting) as shooting, avg(strength) as strength, avg(stamina) as stamina, avg(speed) as speed, avg(power) as power, avg(flexibility) as flexibility from performance where username = '$people' order by update_performance desc");
        $data['average'] = $q_rata->fetch_assoc();
        echo json_encode($data);
        break;

    case 'getcoachs':
        $query = $mysqli->query("SELECT * FROM user u JOIN user_detail d ON u.username=d.username WHERE u.level='coach'");
        $coachs = [];

        while ($res = $query->fetch_assoc()) {
            $res['image'] = '/gallery/'.$res['image'];

            if ($res['license'] == '') {
                $res['license'] = 'E';
            }
            $coachs[] = $res;
        }
        //var_dump($coachs);
        echo json_encode($coachs, JSON_UNESCAPED_SLASHES);
        break;

    case 'sendver':
        $coach = $_REQUEST['coach'];
        $username = $_REQUEST['username'];
        $update_performance = $_REQUEST['update_performance'];
        $current_date = date('Y-m-d');
        $status = 'request';

        $mysqli->query("INSERT INTO ver (coach, player, update_performance, status, date_created)
                        VALUES ('$coach', '$username', '$update_performance', '$status', '$current_date')
        ");

        echo 'ok';

        break;

    case 'progressperformance':
        $username = $_REQUEST['username'];
        /*
        $q_per = $mysqli->query("select * from performance where username = '$username' order by update_performance desc");
        $r_per = $q_per->fetch_assoc();
        */
        $q_pro = $mysqli->query("select * from performance p join trainning t on p.username=t.username and p.update_performance=t.update_trainning where p.username = '$username' order by p.update_performance desc limit 0,5");
        while ($res = $q_pro->fetch_assoc()) {
            $data['progress'][] = $res;
        }

        $q_rata = $mysqli->query("select username,avg(agility) as agility, avg(passing) as passing, avg(dribbling) as dribbling, avg(shooting) as shooting, avg(strength) as strength, avg(stamina) as stamina, avg(speed) as speed, avg(power) as power, avg(flexibility) as flexibility from performance where username = '$username' order by update_performance desc");
        $data['average'] = $q_rata->fetch_assoc();

        echo json_encode($data);
        //var_dump($r_per);
        break;

    case 'checktraining':
        $username = $_GET['username'];
        $skrg = date('Y-m-d');
        $q_check = $mysqli->query("select * from trainning where username = '$username' and update_trainning = '$skrg'");
        if ($q_check->num_rows >= 1) {
            print 'Anda telah melakukan penginputan latihan, pada penginputan latihan ini dapat diakses hanya 1 x 24 jam. Terima kasih.';
        } else {
            print 'ok';
        }
        break;

    case 'inputtraining':
        $username = $_GET['username'];
    include '../class/nilai_parameter.php';
    include '../class/SimpleImage.php';
    $strength = new nilai_parameter();
    $nilai_strength = $strength->strength($_POST['balke'], $_POST['situp'], $_POST['pushup']);

    $stamina = new nilai_parameter();
    $nilai_stamina = $stamina->stamina($_POST['run300m']);

    $speed = new nilai_parameter();
    $nilai_speed = $speed->speed($_POST['run30m']);

    $power = new nilai_parameter();
    $nilai_power = $power->power($_POST['verjump']);

    $flexibility = new nilai_parameter();
    $nilai_flexibility = $flexibility->flexibility($_POST['sitreach']);

    $agility = new nilai_parameter();
    $nilai_agility = $agility->agility($_POST['shuttle']);

    $passing = new nilai_parameter();
    $nilai_passing = $passing->passing($_POST['passspeed'], $_POST['passacc']);

    $dribbling = new nilai_parameter();
    $nilai_dribbling = $dribbling->dribbling($_POST['runball30m']);

    $shooting = new nilai_parameter();
    $nilai_shooting = $shooting->shooting($_POST['shootball']);

    $fName = '';
    if (isset($_FILES['file_video']) && $_FILES['file_video']['name'] != '') {
        $filename = $_FILES['file_video']['name'];
        $pathinfo = pathinfo($filename);
        $extension = $pathinfo['extension'];

        $allowedExtenison = array('mp4');
        if (!in_array($extension, $allowedExtenison)) {
            echo 'Extensi file yang diperbolehkan : '.implode(', ', $allowedExtenison);

            return;
        }

        $fName = date('YmdHis').'-'.$filename;
        $newFileName = '../validasi/video/'.$fName;
        move_uploaded_file($_FILES['file_video']['tmp_name'], $newFileName);
        //return;
    }

    $skrg = date('Y-m-d');
    $mysqli->query("insert into trainning (username, update_trainning, balke, passacc, passspeed, pushup, run30m, run300m, runball30m, shootball, shuttle, sitreach, situp, verjump, image, video, video_path)
    values
    ('$username', '$skrg', '$_POST[balke]', '$_POST[passacc]', '$_POST[passspeed]', '$_POST[pushup]', '$_POST[run30m]', '$_POST[run300m]', '$_POST[runball30m]', '$_POST[shootball]', '$_POST[shuttle]', '$_POST[sitreach]', '$_POST[situp]', '$_POST[verjump]','$_POST[image]','$_POST[video]', '$fName')");

    if ($_POST['image'] == '' && $_POST['video'] == '') {
        $validasi = 'Mandiri-1';
    } elseif ($_POST['image'] != '' && $_POST['video'] == '') {
        $validasi = 'Mandiri-2';
    } elseif ($_POST['image'] == '' && $_POST['video'] != '') {
        $validasi = 'Mandiri-3';
    } elseif ($_POST['image'] != '' && $_POST['video'] != '') {
        $validasi = 'Mandiri-4';
    }

    $mysqli->query("insert into performance (username, update_performance, strength, stamina, speed, power, flexibility, agility, passing, dribbling, shooting, validasi, class) values ('$username', '$skrg', '$nilai_strength', '$nilai_stamina', '$nilai_speed', '$nilai_power', '$nilai_flexibility', '$nilai_agility', '$nilai_passing', '$nilai_dribbling', '$nilai_shooting', '$validasi','')");

    //klasifikasi------------------------------------------------
    $query = $mysqli->query("select (YEAR(CURDATE())-YEAR(birth))-(RIGHT(CURDATE(),5)<RIGHT(birth,5)) as age from user_detail where username = '$username'");
    $row = $query->fetch_array();
    if ($row['age'] > 23) {
        $skrg1 = date('Y-m-d');
        $mysqli->query("update performance set class = 'senior' where username = '$username' and update_performance = '$skrg1'");
    } else {
        include '../class/klasifikasi.php';

        $username = $_REQUEST['username'];
        $bayes = new NaiveBayes();
        $bayes->umur($username);
        $bayes->jum_attribut();
        $q_per = $mysqli->query("select * from user_detail u inner join performance p on u.username = p.username where u.username = '$username' order by p.update_performance desc limit 0,1");
        $r_per = $q_per->fetch_array();
        $bayes->klasifikasi($r_per['position'], array($r_per['speed'], $r_per['agility'], $r_per['flexibility'], $r_per['dribbling'], $r_per['power'], $r_per['shooting'], $r_per['passing'], $r_per['stamina'], $r_per['strength']));
        $bayes->update_per($username, $r_per['update_performance']);
    }
        echo 'ok';
        //$mysqli->query("INSERT INTO tbl_test (val1, val2, video) VALUES('$val1', '$val2', '$video')");
        break;

    case 'test':
        # code...

        $data = array(
                'username' => 'test',
                'password' => 'apalah',
            );

        echo json_encode($data);
        break;

    case 'test_post':
        # code...
        echo json_encode($_POST);
        break;

    case 'advancedsearch':
                if (empty($_REQUEST['name'])) {
                    $name = " name like '%%'";
                } else {
                    $name = " (name like '%$_REQUEST[name]%' OR username like '%$_REQUEST[name]%') ";
                }

                if (empty($_REQUEST['position'])) {
                    $position = " id_position like '%'";
                } else {
                    $position = " id_position = '$_REQUEST[position]'";
                }

                if (empty($_REQUEST['age'])) {
                    $age = " age like '%'";
                } else {
                    $age = " age = '$_REQUEST[age]'";
                }

                if (empty($_REQUEST['foot'])) {
                    $foot = " id_foot like '%'";
                } else {
                    $foot = " id_foot = '$_REQUEST[foot]'";
                }

                if (empty($_REQUEST['country'])) {
                    $country = " id_country like '%'";
                } else {
                    $country = " id_country = '$_REQUEST[country]'";
                }

                if (empty($_REQUEST['classification'])) {
                    $classification = " sadaya.id_classification like '%'";
                } else {
                    $classification = " sadaya.id_classification = '$_REQUEST[classification]'";
                }

                if (empty($_REQUEST['strength'])) {
                    $strength = " sadaya.strength like '%'";
                } else {
                    $strength = " sadaya.strength = '$_REQUEST[strength]'";
                }

                if (empty($_REQUEST['stamina'])) {
                    $stamina = " sadaya.stamina like '%'";
                } else {
                    $stamina = " sadaya.stamina = '$_REQUEST[stamina]'";
                }

                if (empty($_REQUEST['speed'])) {
                    $speed = " sadaya.speed like '%'";
                } else {
                    $speed = " sadaya.speed = '$_REQUEST[speed]'";
                }

                if (empty($_REQUEST['power'])) {
                    $power = " sadaya.power like '%'";
                } else {
                    $power = " sadaya.power = '$_REQUEST[power]'";
                }

                if (empty($_REQUEST['flexibility'])) {
                    $flexibility = " sadaya.flexibility like'%'";
                } else {
                    $flexibility = " sadaya.flexibility = '$_REQUEST[flexibility]'";
                }

                if (empty($_REQUEST['agility'])) {
                    $agility = " sadaya.agility like '%'";
                } else {
                    $agility = " sadaya.agility = '$_REQUEST[agility]'";
                }

                if (empty($_REQUEST['passing'])) {
                    $passing = " sadaya.passing like '%'";
                } else {
                    $passing = " sadaya.passing = '$_REQUEST[passing]'";
                }

                if (empty($_REQUEST['dribbling'])) {
                    $dribbling = " sadaya.dribbling like '%'";
                } else {
                    $dribbling = " sadaya.dribbling = '$_REQUEST[dribbling]'";
                }

                if (empty($_REQUEST['shooting'])) {
                    $shooting = " sadaya.shooting like '%'";
                } else {
                    $shooting = " sadaya.shooting = '$_REQUEST[shooting]'";
                }

                $q_search = $mysqli->query('select * from (select * from
                (select `user`.username, user_detail.image, user_detail.name, `position`.id_position, `position`.name_position,(YEAR(CURDATE())-YEAR(user_detail.birth))-(RIGHT(CURDATE(),5)<RIGHT(user_detail.birth,5)) as age, `foot`.id_foot, `foot`.name_foot,  `country`.id_country, `country`.name_country, `clasification`.id_classification, `clasification`.name_classification, `performance`.strength, `performance`.stamina, `performance`.speed, `performance`.`power`, `performance`.flexibility, `performance`.agility, `performance`.passing, `performance`.dribbling, `performance`.shooting, performance.update_performance, ((`performance`.strength + `performance`.stamina + `performance`.speed + `performance`.`power` + `performance`.flexibility + `performance`.agility + `performance`.passing + `performance`.dribbling + `performance`.shooting)/9) as rata
                FROM
                user_detail
                Inner Join `user` ON `user`.username = user_detail.username
                left Join performance ON performance.username = `user`.username
                LEFT Join `position` ON `position`.id_position = user_detail.`position`
                LEFT Join country ON country.id_country = user_detail.country
                LEFT Join clasification ON clasification.id_classification = performance.class
                LEFT Join foot ON foot.id_foot = user_detail.foot
                order by performance.update_performance desc) as semua
                group by semua.username
                order by semua.rata desc) as sadaya
                where
                '.$name.' and '.$position.' and '.$age.' and '.$foot.' and '.$country.' and '.$classification.' and '.$strength.' and '.$stamina.' and '.$speed.' and '.$power.' and '.$flexibility.' and '.$agility.' and '.$passing.' and '.$dribbling.' and '.$shooting.'');

                $data = array();
                while ($r_search = $q_search->fetch_assoc()) {
                    $r_search['image'] = '/gallery/'.$r_search['image'];
                    $data[] = $r_search;
                }
                //print_r($data);
                //var_dump($data);

                //var_dump($data);
                echo json_encode($data, JSON_UNESCAPED_SLASHES);
        break;

    case 'teamsearch':
            if (isset($_REQUEST['name']))
                $team_name = $_REQUEST['name'];
            else
                $team_name = '';

            $query = $mysqli->query("SELECT * , team.address AS team_address
                FROM team
                INNER JOIN user_detail ON user_detail.username = team.owner
                LEFT JOIN city ON city.id_city = team.id_city
                LEFT JOIN country ON country.id_country = team.id_country
                WHERE team.name_team LIKE '%$team_name%' AND team.name_team <> 'untitled'
            ");

            $data = array();
            while ($res = $query->fetch_assoc()) {
                $data[] = $res;
            }

            echo json_encode($data, JSON_UNESCAPED_SLASHES);
        break;

    case 'viewsquad':
        $username = $_REQUEST['username'];
        $owner = $_REQUEST['owner'];
        $data = [];

        $q_squad = $mysqli->query("select *, user.email, team.city as t_city, team.address as t_add
                                FROM
                                team
                                Left Join squad ON squad.coach = team.owner
                                Left Join country ON country.id_country = team.id_country
                                Left Join city ON city.id_city = team.id_city
                                inner join user ON user.username=team.owner
                                Inner Join user_detail ON user_detail.username = team.owner
                                                                where team.owner = '$owner'
                                                                group by squad.coach"
        );

        $r_squad = $q_squad->fetch_assoc();

        $q_count_fans = $mysqli->query("select * from fans where id_team = '$r_squad[id_team]'");
        $r_count_fans = $q_count_fans->num_rows;

        $q_fans_status = $mysqli->query("SELECT * FROM fans WHERE id_team='$r_squad[id_team]' AND fans='$username'");
        $fans_status = $q_fans_status->num_rows;

        if ($fans_status > 0) $fans_status = 1;

        if ($r_squad['name_city'] === null || $r_squad['name_city'] == '') {
            $r_squad['name_city'] = $r_squad['t_city'];
        }

        $squad_info = [
            'team_id' => (int)$r_squad['id_team'],
            'team_name' => $r_squad['name_team'],
            'owner' => $r_squad['name'],
            'owner_username' => $r_squad['username'],
            'address' => $r_squad['t_add'].', '.$r_squad['name_city'].' - '.$r_squad['name_country'],
            't_add' => $r_squad['t_add'],
            'city' => $r_squad['name_city'],
            'country' => $r_squad['name_country'],
            'email' => $r_squad['email'],
            'fans_count' => $r_count_fans,
            'fans_status' => $fans_status,
        ];

        $data['squad_info'] = $squad_info;

        $q_pos = $mysqli->query('select * from position');

        $position_info = [];
        $idx_position = 0;
        while ($r_pos = $q_pos->fetch_array()) {
            $id_position = $r_pos['id_position'];
            $name_position = $r_pos['name_position'];
            $position_info[$idx_position] = [
                'position_id' => $id_position,
                'position_name' => $name_position,
                'players' => [],
            ];

            $q_player = $mysqli->query("select * from
                (select `user`.username, user_detail.image,user_detail.name, `position`.id_position, `position`.name_position,(YEAR(CURDATE())-YEAR(user_detail.birth))-(RIGHT(CURDATE(),5)<RIGHT(user_detail.birth,5)) as age, `foot`.id_foot, `foot`.name_foot,  `country`.id_country, `country`.name_country, `clasification`.id_classification, `clasification`.name_classification, `performance`.strength, `performance`.stamina, `performance`.speed, `performance`.`power`, `performance`.flexibility, `performance`.agility, `performance`.passing, `performance`.dribbling, `performance`.shooting, performance.update_performance, ((`performance`.strength + `performance`.stamina + `performance`.speed + `performance`.`power` + `performance`.flexibility + `performance`.agility + `performance`.passing + `performance`.dribbling + `performance`.shooting)/9) as rata, squad.coach
                FROM
                user_detail
                Inner Join `user` ON `user`.username = user_detail.username
                left Join performance ON performance.username = `user`.username
                Inner Join `position` ON `position`.id_position = user_detail.`position`
                Inner Join country ON country.id_country = user_detail.country
                left Join clasification ON clasification.id_classification = performance.class
                Inner Join foot ON foot.id_foot = user_detail.foot
                Inner Join squad ON `user`.username = squad.player
                order by performance.update_performance desc
                ) as semua
                where semua.coach = '$owner' and semua.id_position = '$r_pos[id_position]'
                group by semua.username
                order by semua.rata asc
            ");

            while ($r_player = $q_player->fetch_assoc()) {
                $position_info[$idx_position]['players'][] = [
                    'username' => $r_player['username'],
                    'image' => '/gallery/'.$r_player['image'],
                    'name' => $r_player['name'],
                    'age' => $r_player['age'],
                    'foot' => $r_player['id_foot'],
                    'country' => $r_player['name_country'],
                    'classification' => $r_player['name_classification'],
                    'strength' => $r_player['strength'],
                    'stamina' => $r_player['stamina'],
                    'speed' => $r_player['speed'],
                    'power' => $r_player['power'],
                    'flexibility' => $r_player['flexibility'],
                    'agility' => $r_player['agility'],
                    'passing' => $r_player['passing'],
                    'dribbling' => $r_player['dribbling'],
                    'shooting' => $r_player['shooting'],
                ];
            }
            ++$idx_position;
        }

        $data['position_info'] = $position_info;
        ini_set('xdebug.var_display_max_depth', 10);
        //var_dump($data);
        echo json_encode($data, JSON_UNESCAPED_SLASHES);

        break;

    case 'becomefans':
        $username = $_REQUEST['username'];
        $team_id = $_REQUEST['team_id'];

        $mysqli->query("INSERT fans (id_team, fans) values ('$team_id','$username')");

        echo 'ok';
        break;

    case 'checkfriend':
        $username = $_REQUEST['username'];
        $people = $_REQUEST['people'];

        $data = [];

                    $q_check_friend = $mysqli->query("select * from friends where (username = '$username' OR friend = '$username')");
                    $check_friend = $q_check_friend->num_rows;
                    if ($check_friend >= 1) {
                        $q_check_friend1 = $mysqli->query("select * from friends where (username = '$username' OR friend = '$username') and (username = '$people' OR friend = '$people')");
                        $r_check_friend = $q_check_friend1->fetch_array();
                        if ($r_check_friend['status'] == 'requesting') {
                            $q_check = $mysqli->query("select * from friends where username = '$username'");
                            $r_check = $q_check->num_rows;
                            if ($r_check >= 1) {
                                $q_check_friend2 = $mysqli->query("select * from friends where (friend = '$username') and (username = '$people')");
                                $r_check_friend2 = $q_check_friend2->fetch_array();
                                if ($r_check_friend2 >= 1) {
                                    //echo "<input type=\"submit\" value=\"Accept\" class=\"button\" name=\"acceptfriend\" /> &nbsp; <input type=\"submit\" value=\"Reject\" class=\"button\" name=\"rejectfriend\" />";
                                    $data['status'] = 'requestfriend';
                                } else {
                                    //echo ucfirst($r_check_friend['status']);
                                    $data['status'] = 'requesting';
                                }
                            } else {
                                //echo "<input type=\"submit\" value=\"Accept\" class=\"button\" name=\"acceptfriend\" /> &nbsp; <input type=\"submit\" value=\"Reject\" class=\"button\" name=\"rejectfriend\" />";
                                $data['status'] = 'requestfriend';
                            }
                        } elseif ($r_check_friend['status'] == 'accepted') {
                            //echo "You and $r_user_search[name] as now friend";
                            $data['status'] = 'friend';
                        } elseif ($r_check_friend['status'] == 'reject') {
                            //echo "$r_user_search[name] as reject <br> <input type=\"submit\" value=\"Add Friend\" class=\"button\" name=\"addfriend\" />";
                            $data['status'] = 'notfriend';
                        } else {
                            //echo "<input type=\"submit\" value=\"Add Friend\" class=\"button\" name=\"addfriend\" />";
                            $data['status'] = 'notfriend';
                        }
                    } else {
                        $data['status'] = 'notfriend';
                    }

        //var_dump($data);
        echo json_encode($data);
        break;

    case 'addfriend':
        $friend = $_REQUEST['friend'];
        $username = $_REQUEST['username'];

        $delete = $mysqli->query("delete from friends where (username = '$username' or friend = '$username') and (username = '$friend' or friend = '$friend')");
        $skrg = date('Y-m-d H:i:s');
        $save = $mysqli->query("insert into friends (username, friend, date_added) values ('$username','$friend','$skrg')");

        echo json_encode([
            'status' => 'ok',
        ]);
        break;

    case 'acceptfriendrequest':
        $username = $_REQUEST['username'];
        $friend = $_REQUEST['friend'];
        $update = $mysqli->query("update friends set status = 'accepted' where username = '$friend' and friend = '$username'");

        echo json_encode([
            'status' => 'ok',
        ]);
        break;

    case 'rejectfriendrequest':
        $username = $_REQUEST['username'];
        $friend = $_REQUEST['friend'];
        $update = $mysqli->query("update friends set status = 'reject' where username = '$friend' and friend = '$username'");

        echo json_encode([
            'status' => 'ok',
        ]);

        break;

    case 'showfriendrequest':
        $username = $_REQUEST['username'];

        $query = $mysqli->query(
            "SELECT a.username, b.image, b.name, 'friendrequest' AS type FROM friends a JOIN user_detail b ON a.username=b.username WHERE a.status='requesting' AND a.friend='$username'
        ");
        $data = [];
        while ($result = $query->fetch_assoc()) {
            $result['image'] = '/gallery/'.$result['image'];
            $data[] = $result;
        }

        echo json_encode($data, JSON_UNESCAPED_SLASHES);
        break;

    case 'showverrequest':
        $username = $_REQUEST['username'];

        $query = $mysqli->query(
            "SELECT a.id_ver, a.coach, a.player, a.update_performance, b.image, b.name, c.*, 'verrequest' AS type FROM ver a JOIN user_detail b ON a.player=b.username
             LEFT JOIN performance c ON a.update_performance=c.update_performance AND a.player=c.username
             WHERE a.coach='$username'
        ");
        $data = [];
        while ($result = $query->fetch_assoc()) {
            $result['image'] = '/gallery/'.$result['image'];
            $result['id_ver'] = (int) $result['id_ver'];
            $data[] = $result;
        }

        echo json_encode($data, JSON_UNESCAPED_SLASHES);
        break;

    case 'acceptverrequest':
        $id = $_REQUEST['id'];

        try {
            $mysqli->begin_transaction();
            $query = $mysqli->query("SELECT a.*, b.license FROM  ver a JOIN user_detail b ON a.coach=b.username WHERE id_ver=$id");

            $fetch = $query->fetch_assoc();

            $player = $fetch['player'];
            $update_performance = $fetch['update_performance'];
            $license = $fetch['license'];

            $mysqli->query("DELETE FROM ver WHERE id_ver=$id");

            $validasi = 'Coach-'.$license;

            $mysqli->query("UPDATE performance SET validasi='$validasi' WHERE username='$player' AND update_performance='$update_performance'");

            $mysqli->commit();
        } catch (Exception $e) {
            $mysqli->rollback();
            echo $e->getMessages();
        }

        echo json_encode([
            'status' => 'ok'
        ]);
        break;

    case 'usersetting':

        $currentPassword = $_REQUEST['current_password'];
        $newPassword = $_REQUEST['new_password'];
        $username = $_REQUEST['username'];

        if ($currentPassword != '' || $newPassword != '') {
            $hashPassword = md5($currentPassword);
            $hashNewPassword = md5($newPassword);

            $query = $mysqli->query("SELECT pass FROM user WHERE username='$username'");
            $result = $query->fetch_assoc();
            if ($result['pass'] != $hashPassword) {
                echo 'Wrong current password';

                return;
            }

            if ($newPassword == '') {
                echo 'New Password must be filled';

                return;
            }

            $query = $mysqli->query("UPDATE user SET pass='$hashNewPassword' WHERE username='$username'");
        }

        if (isset($_FILES['profile_image']) && $_FILES['profile_image']['name'] != '') {
            $filename = $_FILES['profile_image']['name'];
            $pathinfo = pathinfo($filename);
            $extension = $pathinfo['extension'];

            $allowedExtenison = array('jpg', 'jpeg', 'bmp', 'png', 'gif');
            if (!in_array($extension, $allowedExtenison)) {
                echo 'Extensi file yang diperbolehkan : '.implode(', ', $allowedExtenison);

                return;
            }

            $fName = date('YmdHis').'-'.$filename;
            $newFileName = '../gallery/'.$fName;

            if (move_uploaded_file($_FILES['profile_image']['tmp_name'], $newFileName)) {
                include '../class/SimpleImage.php';
                $image = new SimpleImage();
                $image->load($newFileName);
                $image->resize(150, 150);
                 //$image->resizeToHeight(150);
                 $image->save('../gallery/fix_'.$fName);
                $newFileName = '../gallery/fix_'.$fName;

                $query = $mysqli->query("UPDATE user_detail SET image='$newFileName' WHERE username='$username'");
            } else {
                echo 'Error';

                return;
            }
        } else {
            echo 'ok';

            return;
        }

        echo 'ok';
        break;

    case 'playeruploadvideo':
        $username = $_REQUEST['username'];
        $title = $_REQUEST['title'];
        $desc = $_REQUEST['desc'];

        if (isset($_FILES['file_video']) && $_FILES['file_video']['name'] != '') {
            $filename = $_FILES['file_video']['name'];
            $pathinfo = pathinfo($filename);
            $extension = $pathinfo['extension'];

            $allowedExtenison = array('mp4');
            if (!in_array($extension, $allowedExtenison)) {
                echo 'Extensi file yang diperbolehkan : '.implode(', ', $allowedExtenison);

                return;
            }

            $fName = date('YmdHis').'-'.$filename;
            $newFileName = '../gallery/video/'.$fName;
            move_uploaded_file($_FILES['file_video']['tmp_name'], $newFileName);
            //return;
        }

        $mysqli->query("INSERT INTO videos (`id`, `username`, `title`, `desc`, `path`, `created_at`) VALUES(NULL, '$username', '$title', '$desc', '$fName', NULL)");

        echo 'ok';
        break;

    case 'showplayervideo':
        $username = $_REQUEST['username'];

        $result = $mysqli->query("SELECT * FROM videos WHERE username='$username'");
        $data = [];

        while ($row = $result->fetch_assoc()) {
            $data[] = $row;
        }

        echo json_encode($data);
        break;

    case 'addtosquad':
        $player = $_REQUEST['player'];
        $coach = $_REQUEST['coach'];

        //$delete = $mysqli->query("delete from squad where (coach = '$coach' or friend = '$username') and (username = '$friend' or friend = '$friend')");
        $skrg = date('Y-m-d H:i:s');
        $save = $mysqli->query("insert into squad (id_squad, coach, player, request, status, date_added) values
                                (NULL,'$coach','$player', '', 'requesting', '$skrg')");

        echo json_encode([
            'status' => 'ok',
        ]);
        break;

    case 'editteam';
        $coach = $_REQUEST['coach'];
        $teamName = $_REQUEST['team_name'];
        $address = $_REQUEST['address'];
        $countryId = $_REQUEST['country_id'];
        $city = $_REQUEST['city'];

        $mysqli->query("UPDATE team SET name_team='$teamName',
                            address='$address',
                            id_country='$countryId',
                            id_city='',
                            city = '$city'

                            WHERE owner='$coach'
        ");

        echo json_encode([
            'status' => 'ok',
        ]);
        break;

    default:
        //echo 'This is developer area';
        include 'home.php';
        break;
}

function login($user, $pass)
{
    return $result;
}