Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- //instantiate if needed
- include_once("class.login.php"); // the db class
- include_once("user.php"); // The user class
- function Respond_Post()
- {
- $result = mysql_query( "SELECT * FROM `profiles` WHERE `profileid` = '$_POST[profileid]'" );
- if( mysql_num_rows( $result ) == 0 )
- {
- mysql_query( "INSERT INTO `profiles` (firstname, lastname, hidden, summary) VALUES ('$_POST[firstname]', '$_POST[lastname]', 0, '$_POST[summary]'" );
- }
- else
- {
- mysql_query( "UPDATE `profiles` SET `firstname` = '$_POST[firstname]', `lastname` = '$_POST[lastname]', `summary` = `$_POST[summary]'" );
- }
- echo json_encode(Array("sucess" => true));
- }
- function Respond_Get()
- {
- $result = mysql_query( "SELECT * FROM `profiles` WHERE `userid` = $user->id" );
- $row = $mysql_fetch_assoc( $result );
- echo json_encode(Array(
- "id" => $row['profileid'],
- "firstname" => $row['firstname'],
- "lastname" => $row['lastname'],
- "summary" => $row['summary']
- ));
- }
- function Respond_Delete()
- {
- $result = mysql_query( "UPDATE `profiles` SET `hidden` = 1 WHERE `profileid` = '$_POST[profileid]'" );
- echo json_encode(Array("success" => true));
- }
- $log = new logmein(); // The db class
- $log->encrypt = false; //set encryption
- $log->dbconnect();
- //parameters are(SESSION, name of the table, name of the password field, name of the username field)
- if( $log->logincheck( $_SESSION['username'], $_SESSION['loggedin'], "logon", "password", "useremail" ) == false )
- {
- header( "Location: login.php" );
- exit;
- }
- $user = new user; // Refactor my user class, add all this crap vv as constructor parameters
- $user->username = $_SESSION['username'];
- $user->password = $_SESSION['loggedin'];
- $user->id = $_SESSION['userid'];
- $result = mysql_query( "SELECT * FROM `users` WHERE `userid` = $user->id AND `administrator` = `1`" );
- $row = mysql_fetch_assoc( $result );
- if( mysql_num_rows( $result ) != 1 )
- {
- echo(json_encode( Array( "success" => false ) ));
- exit;
- }
- switch( $_SERVER['REQUEST_METHOD'] )
- {
- case "POST": Respond_Post(); break;
- case "GET": Respond_Get(); break;
- case "DELETE": Respond_Delete(); break;
- }
Add Comment
Please, Sign In to add comment