Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- require_once 'class-phpass.php';
- header('Access-Control-Allow-Origin: *');
- //$query = implode("&", $inputdata);
- $method = $_GET["act"];
- switch($method)
- {
- case "getUserList":
- getUserList();
- break;
- case "isnewUser":
- checkFBUser();
- break;
- case "checkUserExists": // ha, i missed ":".
- checkUserExists();
- break;
- case "returnPoint":
- returnPoint();
- break;
- // djdavis 3/2/15 - fetch points
- case "fetch_points":
- if (isset($_GET['userID'])) {
- fetch_points($_GET['userID']);
- }
- break;
- case "logout":
- logout();
- break;
- }
- exit;
- //ok so we can try to connect
- /**
- * Before you execute below code ,must validation check about $_GET. for example,special characters and attack strings
- */
- function checkFBUser()
- {
- $facebook_id = $_GET["id"];
- $name = $_GET["name"];
- $avatar = $_GET["avatar"];
- $birthday = date("yyyy-mm-dd", strtotime($_GET["birthday"]));;
- $email = $_GET["email"];
- if(empty($facebook_id)){
- print_r(json_encode(array('error' => 'Not hear son.')));
- die();
- }
- try {
- $db = new PDO("mysql:host=db526857900.db.1and1.com;dbname=db526857900;port=3306", "dbo526857900", "admin1234admin");
- $db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
- $db->setAttribute(PDO::ATTR_EMULATE_PREPARES, false);
- $getherInformation = $db->prepare("SELECT ID,user_login,user_pass,card_number,display_name,user_birth,image_url FROM wp_users where facebook_id = :id");
- $getherInformation->bindValue(":id", $facebook_id);
- $getherInformation->setFetchMode(PDO::FETCH_ASSOC);
- $getherInformation->execute();
- $Result = $getherInformation->fetchAll();
- $res = array();
- if(count($Result) > 0){
- foreach ($Result as $row) {
- $card_number = $row['card_number'];
- $user_birth = $row['user_birth'];
- $id = $row['ID'];
- $display_name = $row['display_name'];
- $image_url = $row['image_url'];
- $res[] = array(
- "id" => $id,
- "userID" => $userid,
- "cardNumber" => $card_number,
- "user_birth" => $user_birth,
- "display_name" => $display_name,
- "avatar" => $image_url
- );
- echo json_encode($res);
- }
- }else{
- // echo json_encode(array('error' => 'User does not exist!','id' => $facebook_id));
- $insert = $db->prepare("INSERT INTO `wp_users`(`user_login`, `user_nicename`, `user_email`, `display_name`, `user_birth`, `facebook_id`, `image_url`) VALUES ( ':user_login', ':first_name', ':email', ':name', ':birthday', ':facebook_id', ':avatar')");
- $insert->execute(array(":user_login" => $first_name,
- ":first_name" => $first_name,
- ":facebook_id" => $facebook_id,
- ":display_name" => $name,
- ":image_url" => $avatar,
- ":user_birth" => $birthday,
- ":email" => $email));
- echo json_encode(array('id' => $facebook_id, 'userID' => $db->lastInsertId()));
- }
- }catch (PDOException $e) {
- print_r(json_encode(array('error' => 'PDOException:'.$e->errorInfo)));
- die();
- }
- }
- //ok so we can try to connect
- /**
- * Before you execute below code ,must validation check about $_GET. for example,special characters and attack strings
- */
- function checkUserExists()
- {
- $userid = $_GET["user_id"];
- $userpw = $_GET["user_pw"];
- if(empty($userid) || empty($userpw)){
- print_r(json_encode(array('error' => 'User Name Or Password Empty')));
- die();
- }
- try {
- //$db = new PDO("mysql:host=127.0.0.1;dbname=cordova_service;port=3306", "root", ""); // this setting woks fine for me
- $db = new PDO("mysql:host=db526857900.db.1and1.com;dbname=db526857900;port=3306", "dbo526857900", "admin1234admin");
- $db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
- $db->setAttribute(PDO::ATTR_EMULATE_PREPARES, false);
- //Password to wordpress hashed Password
- $wp_hasher = new PasswordHash(8, TRUE);
- //$getCardNumbers = $db->prepare("SELECT ID,user_login,user_pass,card_number FROM user where user_login = :user");
- $getCardNumbers = $db->prepare("SELECT ID,user_login,user_pass,card_number,display_name,user_birth,image_url FROM wp_users where user_login = :user");
- $getCardNumbers->bindValue(":user", $userid);
- $getCardNumbers->setFetchMode(PDO::FETCH_ASSOC);
- $getCardNumbers->execute();
- $Result = $getCardNumbers->fetchAll();
- $res = array();
- if(count($Result) > 0){
- foreach ($Result as $row) {
- /*...*/
- $card_number = $row['card_number'];
- $user_birth = $row['user_birth'];
- $id = $row['ID'];
- $display_name = $row['display_name'];
- $image_url = $row['image_url'];
- if($wp_hasher->CheckPassword($userpw, $row['user_pass'])) {
- $res[] = array(
- "id" => $id,
- "userID" => $userid,
- "userPass" => $userpw,
- "cardNumber" => $card_number,
- "user_birth" => $user_birth,
- "display_name" => $display_name,
- "avatar" => $image_url
- );
- echo json_encode($res); // outputs user info if user exists on the table.
- } else {
- echo json_encode(array('error' => 'User password incorrect!'));
- }
- }
- }else{
- echo json_encode(array('error' => 'User does not exist!','user' => $userid,'password' => $userpw));
- }
- }
- catch (PDOException $e) {
- print_r(json_encode(array('error' => 'PDOException:'.$e->errorInfo)));
- die();
- }
- }
- /**
- * Logout Process
- */
- function logout(){
- $msg = array('msg' => 'You are logout.');
- print_r(json_encode( $msg ));
- }
- /**
- * getUserList() func is the api for getting user list.
- */
- function getUserList()
- {
- /*
- Maybe, in here, first you should connect to your mysql server to fecth user list from User table.
- understand?yes can you do it inphp?
- yes buto ki,f we can do together to be sur is work i prefer if you want
- I will write puseduo code in here sorry i'm looking for something
- //
- */
- /*
- so you fetched all user list from mysql server, and stores them into array with named $res.
- */
- /*
- $dbconnect = mysql_connect(db526857900.db.1and1.com, dbo526857900, admin1234admin);
- $sql = "SELECT * FROM wp_users ORDER BY id ASC";
- mysql_fetch_query($sql);
- */
- $res = array(
- array(
- "id" => "1",
- "userId" => "first@user.mail",
- "userBirth" => "1980-10-20" // and blablabla fields
- ),
- array(
- "id" => "2",
- "userId" => "second@user.mail",
- "userBirth" => "1980-10-20" // and blablabla fields
- ),
- array(
- "id" => "3",
- "userId" => "third@user.mail",
- "userBirth" => "1980-10-20" // and blablabla fields
- ),
- array(
- "id" => "4",
- "userId" => "others@user.mail",
- "userBirth" => "1980-10-20" // and blablabla fields
- )
- ) ;
- // now, we outputs user list array as JSON format
- echo json_encode($res);
- }
- /*TEST*/
- function returnPoint()
- {
- try {
- //$db = new PDO("mysql:host=127.0.0.1;dbname=cordova_service;port=3306", "root", ""); // this setting woks fine for me
- $db = new PDO("mysql:host=db526857900.db.1and1.com;dbname=db526857900;port=3306", "dbo526857900", "admin1234admin");
- $wp_hasher = new PasswordHash(8, TRUE);
- //$getCardNumbers = $db->prepare("SELECT ID,user_login,user_pass,card_number FROM user where user_login = :user");
- $getCardNumbers = $db->prepare("SELECT `point` FROM `point_customer_store_tbl` WHERE `id_customer`=83 and `id_store`=23");
- $getCardNumbers->bindValue(":user", $userid);
- $getCardNumbers->setFetchMode(PDO::FETCH_ASSOC);
- $getCardNumbers->execute();
- $Result = $getCardNumbers->fetchAll();
- $res = array();
- if(count($Result) > 0){
- foreach ($Result as $row) {
- /*...*/
- $point = $row['point'];
- $res[] = array(
- "point" => $point,
- );
- echo json_encode($res); // outputs user info if user exists on the table.
- }
- }else{
- echo json_encode(array('error' => 'User no exist!','user' => $userid,'password' => $userpw));
- }
- }
- catch (PDOException $e) {
- print_r(json_encode(array('error' => 'PDOException:'.$e->errorInfo)));
- die();
- }
- }
- // djdavis 3/2/15 - fetch_points
- function fetch_points($userID) {
- /* $db = new PDO("mysql:host=db526857900.db.1and1.com;dbname=db526857900;port=3306", "dbo526857900", "admin1234admin");
- $db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
- $db->setAttribute(PDO::ATTR_EMULATE_PREPARES, false);
- $store_points = $db->prepare("
- SELECT
- store_tbl.store_id,
- store_tbl.store_name,
- store_tbl.name
- FROM `store_tbl`");
- $store_points->setFetchMode(PDO::FETCH_ASSOC);
- $store_points->execute();
- $Result = $store_points->fetchAll(); */
- mysql_connect("db526857900.db.1and1.com","dbo526857900", "admin1234admin");
- mysql_select_db("db526857900");
- $selectbl = "SELECT w.user_nicename, s.store_name as store_name, p.id_store as id_store, s.reservationemail as reservationemail, s.name as name, SUM( p.point ) AS total
- FROM point_customer_store_tbl AS p
- LEFT JOIN store_tbl AS s ON p.id_store = s.store_id
- LEFT JOIN wp_users AS w ON w.ID = p.id_customer WHERE w.id=".$userID."
- GROUP BY p.id_customer, p.id_store
- ORDER BY total DESC";
- $datatbl=mysql_query($selectbl);
- while($row = mysql_fetch_array ($datatbl))
- {
- $sql = "SELECT * FROM `store_reward` WHERE store_id = ".$row["id_store"]." ORDER BY value";
- $rewards = mysql_query($sql);
- while($reward = mysql_fetch_array ($rewards)) {
- $array_reward[] = $reward;
- }
- $row["rewards"] = $array_reward;
- $rows[] = $row;
- $array_reward = null;
- }
- if(count($rows) > 0) {
- $return = array();
- foreach ($rows as $row) {
- $return[] = array('store_name' => $row['store_name'],
- 'store_pic' => "store-images/".$row['name'],
- 'short_store_pic' => $row['name'],
- 'pts' => $row['total']
- );
- }
- echo json_encode($return);
- } else {
- echo json_encode(array('error' => 'No data found'));
- }
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement