API tools faq
paste
Guest User

Untitled

a guest
Apr 16th, 2018
103
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
PHP 2.12 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2.  
  3. //instantiate if needed
  4. include_once("class.login.php"); // the db class
  5. include_once("user.php"); // The user class
  6.  
  7. function Respond_Post()
  8. {
  9.     $result = mysql_query( "SELECT * FROM `profiles` WHERE `profileid` = '$_POST[profileid]'" );
  10.     if( mysql_num_rows( $result ) == 0 )
  11.     {
  12.         mysql_query( "INSERT INTO `profiles` (firstname, lastname, hidden, summary) VALUES ('$_POST[firstname]', '$_POST[lastname]', 0, '$_POST[summary]'" );
  13.     }
  14.     else
  15.     {
  16.         mysql_query( "UPDATE `profiles` SET `firstname` = '$_POST[firstname]', `lastname` = '$_POST[lastname]', `summary` = `$_POST[summary]'" );
  17.     }
  18.     echo json_encode(Array("sucess" => true));
  19. }
  20.  
  21. function Respond_Get()
  22. {
  23.     $result = mysql_query( "SELECT * FROM `profiles` WHERE `userid` = $user->id" );
  24.     $row = $mysql_fetch_assoc( $result );
  25.     echo json_encode(Array(
  26.         "id" => $row['profileid'],
  27.         "firstname" => $row['firstname'],
  28.         "lastname" => $row['lastname'],
  29.         "summary" => $row['summary']   
  30.         ));
  31. }
  32.  
  33. function Respond_Delete()
  34. {
  35.     $result = mysql_query( "UPDATE `profiles` SET `hidden` = 1 WHERE `profileid` = '$_POST[profileid]'" );
  36.     echo json_encode(Array("success" => true));
  37. }
  38.  
  39. $log = new logmein(); // The db class
  40. $log->encrypt = false; //set encryption
  41. $log->dbconnect();
  42.  
  43. //parameters are(SESSION, name of the table, name of the password field, name of the username field)
  44. if( $log->logincheck( $_SESSION['username'], $_SESSION['loggedin'], "logon", "password", "useremail" ) == false )
  45. {
  46.     header( "Location: login.php" );
  47.     exit;
  48. }
  49.  
  50. $user = new user; // Refactor my user class, add all this crap vv as constructor parameters
  51. $user->username = $_SESSION['username'];
  52. $user->password = $_SESSION['loggedin'];
  53. $user->id = $_SESSION['userid'];
  54.  
  55. $result = mysql_query( "SELECT * FROM `users` WHERE `userid` = $user->id AND `administrator` = `1`" );
  56. $row = mysql_fetch_assoc( $result );
  57.  
  58. if( mysql_num_rows( $result ) != 1 )
  59. {
  60.     echo(json_encode( Array( "success" => false ) ));
  61.     exit;
  62. }
  63.  
  64. switch( $_SERVER['REQUEST_METHOD'] )
  65. {
  66. case "POST": Respond_Post(); break;
  67. case "GET": Respond_Get(); break;
  68. case "DELETE": Respond_Delete(); break;
  69. }
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!