<?phpclass db { const hostname = 'localhost'; const user = 'buyselli_alex'

1. <?php
2. class db {
3. const hostname = 'localhost';
4. const user = 'buyselli_alex';
5. const pass = 'MarkoAlex9555';
6. const dbname = 'buyselli_prvabaza';
7. private $dbh;
8.  
9. function __construct() {
10. try {
11. $conn_string="mysql:host=".self::hostname.";dbname=".self::dbname;
12. $this->dbh = new PDO($conn_string, self::user, self::pass);
13.  
14. }
15. catch(PDOException $e) {
16. echo "ERROR: ";
17. echo $e->getMessage();
18. }
19. }
20. function __destruct() {
21. $this->dbh = null;
22. }
23.  
24. public function login($email,$password) {
25. try {
26. $pass=sha1($password);
27. $sql = "SELECT * FROM user where email='$email' and password='$pass'";
28. $pdo = $this->dbh->query($sql);
29. $n = $pdo->fetch(PDO::FETCH_ASSOC);
30. if ($n==false)
31. return null;
32. $sql = "UPDATE `user` SET `access_token`='".$this->randomString()."' WHERE `email`='".$email."'";
33. $pdo = $this->dbh->prepare($sql);
34. $pdo->execute();
35.  
36. $sql = "SELECT `id`, `email`, `role`, `owner_name`, `owner_surname`, `access_token` FROM `user` where `email`='$email' and `password`='$pass'";
37. $pdo = $this->dbh->query($sql);
38. $n = $pdo->fetch(PDO::FETCH_ASSOC);
39. return $n;
40. }
41. catch(PDOException $e) {
42. echo "ERROR: ";
43. echo $e->getMessage();
44. }
45. }
46.  
47. public function pets($id) {
48. try {
49. $sql = "SELECT * FROM pet where user_id='$id'";
50. $pdo = $this->dbh->query($sql);
51. $n = $pdo->fetch(PDO::FETCH_ASSOC);
52. return $n;
53. }
54. catch(PDOException $e) {
55. echo "ERROR: ";
56. echo $e->getMessage();
57. }
58. }
59.  
60. public function log($str){
61. try {
62. $str=addslashes($str);
63. $sql = "INSERT INTO log(str) ";
64. $sql.= "VALUES ('$str')";
65. $this->dbh->exec($sql);
66. }
67.  
68.  
69. catch(PDOException $e) {
70. echo "ERROR: ";
71. echo $e->getMessage();
72. return false;
73. }
74. }
75.  
76. public function randomString()
77. {
78. $characters = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
79. $randstring = '';
80. for ($i = 0; $i < 10; $i++) {
81. $randstring .= $characters[rand(0, strlen($characters)-1)];
82. }
83. return $randstring;
84. }
85.  
86. public function alreadyRegistered($email)
87. {
88. try{
89. $sql = "SELECT * FROM user where email='$email'";
90. $pdo = $this->dbh->query($sql);
91. $n = $pdo->fetch(PDO::FETCH_ASSOC);
92. if ($n==false)
93. return false;
94. else return true;
95. }
96. catch(PDOException $e) {
97. echo "ERROR: ";
98. echo $e->getMessage();
99. }
100. }
101.  
102. public function addUser($email,$password,$role,$owner_name,$owner_surname,$animal_name,$age_years,$age_months,$sex,$color,$image_url,$race)
103. {
104. try {
105. if ($this->alreadyRegistered($email))
106. {
107. return null;
108. }
109. $pass=sha1($password);
110. $sql = "INSERT INTO user(email,password,role,owner_name,owner_surname) ";
111. $sql.= "VALUES ('$email','$pass','$role','$owner_name','$owner_surname')";
112. $this->dbh->exec($sql);
113. $idD = $this->login($email,$password);
114. $id= $idD['id'];
115. $sql = "INSERT INTO pet(user_id,animal_name,age_years,age_months,sex,color,image_url,race) ";
116. $sql.= "VALUES ('$id','$animal_name','$age_years','$age_months','$sex','$color','$image_url','$race')";
117. $this->dbh->exec($sql);
118. return $this->login($email,$password);
119. }
120. catch(PDOException $e) {
121. echo "ERROR: ";
122. echo $e->getMessage();
123. return false;
124. }
125. }
126.  
127.  
128.  
129. public function checkToken($token) {
130. try {
131. $sql = "SELECT * FROM user where access_token='$token'";
132. $pdo = $this->dbh->query($sql);
133. $n = $pdo->fetch(PDO::FETCH_ASSOC);
134. if ($n==false)
135. return false;
136. return $n;
137. }
138. catch(PDOException $e) {
139. echo "ERROR: ";
140. echo $e->getMessage();
141. }
142. }
143.  
144. public function getPet($user_id) {
145. try {
146. $sql = "SELECT * FROM pet where user_id='$user_id'";
147. $pdo = $this->dbh->query($sql);
148. $n = $pdo->fetch(PDO::FETCH_ASSOC);
149. if ($n==false)
150. return false;
151. return $n;
152. }
153. catch(PDOException $e) {
154. echo "ERROR: ";
155. echo $e->getMessage();
156. }
157. }
158.  
159. public function updateUser($access_token,$email,$pass,$role,$owner_name,$owner_surname,$animal_name,$age_years,$age_months,$sex,$color,$image_url,$race)
160. {
161. try {
162.  
163. if (!($user=$this->checkToken($access_token)))
164. {
165. return false;
166. }
167. $password=sha1($pass);
168. $sql = "UPDATE user SET owner_name=:owner_name, owner_surname=:owner_surname ";
169. $sql.= "WHERE access_token=:access_token";
170. $pdo = $this->dbh->prepare($sql);
171. $pdo->bindParam(':access_token', $access_token);
172. $pdo->bindParam(':owner_name', $owner_name);
173. $pdo->bindParam(':owner_surname', $owner_surname);
174. $pdo->bindParam(':access_token', $access_token);
175. $pdo->execute();
176.  
177. $sql = "UPDATE pet SET animal_name=:animal_name, age_years=:age_years, age_months=:age_months, sex=:sex, color=:color, race=:race";
178. $sql.= " WHERE user_id=:user_id";
179. $pdo = $this->dbh->prepare($sql);
180. $pdo->bindParam(':animal_name', $animal_name);
181. $pdo->bindParam(':age_years', $age_years);
182. $pdo->bindParam(':age_months', $age_months);
183. $pdo->bindParam(':sex', $sex);
184. $pdo->bindParam(':color', $color);
185. $pdo->bindParam(':race', $race);
186. $pdo->bindParam(':user_id', $user['id']);
187. $this->log($sql);
188. $pdo->execute();
189. return null;
190. }
191. catch(PDOException $e) {
192. echo "ERROR: ";
193. echo $e->getMessage();
194. return false;
195. }
196. }
197.  
198. public function changeImage($access_token,$image_url) {
199. try {
200. $user = $this->checkToken($access_token);
201. $user_id=$user['id'];
202. $pet=$this->getPet($user_id);
203. if (!empty($pet['image_url']))
204. {
205. unlink("/home/buyselli/public_html/api/v1/".$pet['image_url']);
206. $this->log("/home/buyselli/public_html/api/v1/".$pet['image_url']);
207. }
208. $sql = "UPDATE pet SET image_url=:image_url ";
209. $sql.= "WHERE user_id=:user_id";
210. $pdo_izraz = $this->dbh->prepare($sql);
211. $pdo_izraz->bindParam(':image_url', $image_url);
212. $pdo_izraz->bindParam(':user_id', $user_id);
213. $pdo_izraz->execute();
214. return null;
215. }
216. catch(PDOException $e) {
217. echo "ERROR: ";
218. echo $e->getMessage();
219. return false;
220. }
221. }
222.  
223. public function addData($access_token,$longitude,$latitude,$dateTimeStamp,$data) {
224. try {
225. $this->log($access_token);
226. $user = $this->checkToken($access_token);
227. $user_id=$user['id'];
228. $pet=$this->getPet($user_id);
229. $pet_id=$pet['id'];
230. for($i=1;$i<25;$i++)
231. {
232. $number=$data[$hour=strval($i)];
233. $sql = "INSERT INTO data(pet_id,date,latitude,longitude,hour,steps) ";
234. $sql.= "VALUES ('$pet_id', '$dateTimeStamp','$latitude','$longitude','$hour','$number')";
235. $this->log($sql);
236. $this->dbh->exec($sql);
237. }
238. return null;
239. }
240. catch(PDOException $e) {
241. echo "ERROR: ";
242. echo $e->getMessage();
243. return false;
244. }
245. }
246.  
247. public function getData($access_token)
248. {
249. // $user = $this->checkToken($access_token);
250. // $user_id=$user['id'];
251. // $pet=$this->getPet($user_id);
252. // $pet_id=$pet['id'];
253. $pet_id=62;
254. $sql = "SELECT h.id,d.steps FROM hour h left join (SELECT id,steps,hour FROM data WHERE DATE(date)=CURRENT_DATE() AND pet_id=$pet_id)
255. as d on h.id=d.hour ORDER BY h.id";
256. $pdo = $this->dbh->query($sql);
257. $n1 = $pdo->fetchALL(PDO::FETCH_ASSOC);
258. $json=json_encode($n);
259. $this->log($json);
260. $string="";
261. $sql = "SELECT dd.id,dd.name,steps
262. FROM (SELECT WEEKDAY(Date(date)) as'DAY',SUM(steps) as 'Steps'
263. FROM data WHERE pet_id=$pet_id AND YEARWEEK(DATE(date),1)=YEARWEEK(CURRENT_DATE(),1)
264. GROUP BY(DATE(date))) AS d right join day dd ON d.DAY=(dd.id-1) order by dd.id
265. ";
266. $pdo = $this->dbh->query($sql);
267. $n2 = $pdo->fetchALL(PDO::FETCH_ASSOC);
268. $json=json_encode($n);
269. $this->log($json);
270. $sql ="SELECT dd.id,steps FROM (SELECT DAY(Date(date)) as'DAY',SUM(steps) as 'steps'
271. FROM data WHERE $pet_id=pet_id AND MONTH(DATE(date))=MONTH(CURRENT_DATE())
272. GROUP BY DATE(date)) AS d right join month dd ON d.DAY=dd.id order by dd.id";
273. $pdo = $this->dbh->query($sql);
274. $n3 = $pdo->fetchALL(PDO::FETCH_ASSOC);
275. $json=json_encode($n);
276. $this->log($json);
277. $sql ="SELECT dd.id,dd.month,steps FROM (SELECT MONTH(Date(date)) as'month',SUM(steps) as 'steps'
278. FROM data WHERE pet_id=$pet_id AND YEAR(DATE(date))=YEAR(CURRENT_DATE())
279. GROUP BY MONTH(DATE(date))) AS d right join year dd ON d.month=(dd.id) order by dd.id";
280. $pdo = $this->dbh->query($sql);
281. $n4 = $pdo->fetchALL(PDO::FETCH_ASSOC);
282. $json=json_encode($n);
283. $this->log($json);
284. $string='{ "day": ';
285. $string.="{ ";
286. foreach($n1 as $day)
287. {
288.  
289. $string.= '"'.$day['id'].'":'.'"';
290. if ($day['steps']!="null") $string.=$day['steps'];
291. $string.='"';
292. $string.=" ,";
293. }
294. $string=rtrim($string,",");
295. $string.='},';
296.  
297. $string.=' "week": ';
298. $string.="{ ";
299. foreach($n2 as $day)
300. {
301. $string.= '"'.$day['name'].'":'.'"';
302. if ($day['steps']!="null") $string.=$day['steps'];
303. $string.='"';
304. $string.=" ,";
305. }
306. $string=rtrim($string,",");
307. $string.='},';
308.  
309. $string.=' "month": ';
310. $string.="{ ";
311. foreach($n3 as $day)
312. {
313. $string.= '"'.$day['id'].'":'.'"';
314. if ($day['steps']!="null") $string.=$day['steps'];
315. $string.='"';
316. $string.=" ,";
317. }
318. $string=rtrim($string,",");
319. $string.='},';
320.  
321. $string.=' "year": ';
322. $string.="{ ";
323. foreach($n4 as $day)
324. {
325. $string.= '"'.$day['id'].'":'.'"';
326. if ($day['steps']!="null") $string.=$day['steps'];
327. $string.='"';
328. $string.=" ,";
329. }
330. $string=rtrim($string,",");
331. $string.='}}';
332.  
333. return $string;
334. }
335. }
336. ?>