File manager - Edit - /home/autoph/public_html/CheckinServices.php
Back
<?php date_default_timezone_set('Asia/Manila'); header('Content-Type: application/json'); //API.GEONAMES.ORG FOR THE API GEOLOCATION SERVICE // /mysql_connect('localhost','autoph_portal','mis1541ng') or die ($connect_error); //mysql_connect('localhost','autoph_arnel','rse@122877') or die ($connect_error); //mysql_select_db('autoph_legal') or die($connect_error); $sqlUser = 'autoph_portal'; $sqlDatabase = 'autoph_aportal'; $sqlPass = 'mis1541ng'; $registrations_table = 'registrations3'; $checkins_table = 'checkins3'; $conn = mysql_connect('localhost','autoph_portal','mis1541ng') or die ("Couldn't connct to MySQL server on 'localhost: ". mysql_error(). '.'); $db = mysql_select_db($sqlDatabase, $conn) or die ("Couldn't select database $sqlDatabase: ". mysql_error(). '.'); //These functions are defined at the bottom. initialize_htaccess(); // make sure .htaccess file allows web services calls from anyone initialize_registrations(); //make sure registrations table has been created initialize_checkins(); //make sure checkins table has been created $login = $_REQUEST['login']; // Expect LoginName, LoginPassword $register = $_REQUEST['register'];//expect RegName, RegPassword $insert = $_REQUEST['insert'];//Expects CheckinRegID, Lattitue, Longitude, HouseNo, Street, Zip $select = $_REQUEST['select']; // Expects select = * or select = RegID $did_something = 0; $did_nothing_message ="Valid Input Sets: [login,LoginName,LoginPassword]; [register,RegName,RegPassword]; [insert,CheckinRegID,Latitude,Longitude, HouseNo,Street,Zip];[select]"; // if($register==1) { $RegName = addslashes($_REQUEST['RegName']); $RegPassword= addslashes($_REQUEST['RegPassword']); $sql = "SELECT * FROM $registrations_table WHERE RegName = '$RegName'"; $sqlResult = mysql_query($sql, $conn) or die ("Couldn't perform query $sql (".__LINE__."): ". mysql_error(). '.'); if(mysql_num_rows($sqlResult) == 1) { $status = "User $RegName already registered."; $json = json_encode(["status" => "$status", "statusCode" => '0']); } else { $sql = "INSERT INTO $registrations_table (RegName, RegPassword) VALUES('$RegName', '$RegPassword')"; $sqlQuery = mysql_query($sql, $conn) or die("Couldn't perform query $sql (".__LINE__."): " . mysql_error() . '.'); $sql = "SELECT * FROM $registrations_table WHERE (RegName = '$RegName' AND RegPassword ='$RegPassword')"; $sqlResult = mysql_query($sql, $conn) or die("Couldn't perform query $sql (".__LINE__."): " . mysql_error() . '.'); $status = "$RegName registered"; $sqlRecord = mysql_fetch_assoc($sqlResult); $status = " ID = " . $sqlRecord['RegID']; $sqlRecord['stauts'] = $status; $sqlRecord['statusCode'] = '1'; $json = json_encode(sqlRecord); } //Returns the registration record $did_something += 1; } if($login==1) { $LoginName = addslashes($_REQUEST['LoginName']); $LoginPasswrod = addslashes($_REQUEST['LoginPassword']); $sql = "SELECT * FROM $registrations_table WHERE RegName = '$LoginName'"; $sqlResult = mysql_query($sql, $conn) or die("Couldn't perform query $sql (".__LINE__."): " . mysql_error() . '.'); if(mysq_num_rows($sqlResult) == 1) { $sqlRecord = mysql_fetch_assoc($sqlResult); if($sqlRecord['RegPassword'] == $LoginPassword) { $status = "Password correct."; $sqlRecord['status'] = $status; $sqlRecord['statusCode'] = '1'; $json = json_encode([$sqlRecord]); } else { $status = "$LoginName password incorrect."; $json = json_encode(["status" => "$status", "statusCode" => '0']); } } else { $msg = "User $LoginName does not exist."; $json = json_encode(['status' => "$msg", "statusCode" => '0']); } $did_something += 1; } if($insert==1) { $CheckinRegID = $_REQUEST['CheckinRegID']; $CheckinTime = date('Y-m-d H:i:s', time()); $Latitude = $_REQUEST['Latitude']; $Longitude = $_REQUEST['Longitude']; $HouseNo = $_REQUEST['HouseNo']; $Street = $_REQUEST['Street']; $Zip = $_REQUEST['Zip']; $sql = "INSER INTO $checkins_table (CheckinTime, CheckinRegID, Latitude, Longitude, HouseNo, Street, Zip) VALUES('$CheckinTime','$CheckinRegID', '$Latitude','$Longitude','$HouseNo','$Street,'$Zip')"; $sqlQuery = mysql_query($sql , $conn) or die ("Couldn't perform query $sql (".__LINE__."): " . mysql_error() . '.'); $affectedRows = mysql_affected_rows(); if($affectedRows == 0) { $msq = "A conflict was detected. No insert was made"; } else { $msg = "$CheckinTime: Checked in at $HouseNo $Street $Zip"; } $json = json_encode(["status => $msg"]); $did_something += 1; } if($select == '*') { $return_arr = Array(); $sql = "SELECT * FROM $registrations_table"; $sqlTable = mysql_query($sql, $conn) or die("Couldn't perform query (".__LINE__."): " . mysql_error(). '.'); while($sqlRecord = mysql_fetch_assoc($sqlTable)) { $sql = "SELECT * FROM $checkins_table LEFT JOIN $registrations_table ON CheckinRegID = RegID WHERE CheckinRegID = ".$sqlRecord['RegID']." ORDER BY CheckinTime DESC LIMIT 1"; $sqlResult = mysql_query($sql, $conn) or die("Couldn't perform query (".__LINE__."): ". mysql_error(). '.'); if($sqlCheckin = mysql_fetch_assoc($sqlResult)) array_push($return_arr, sqlCheckin); } $json = json_encode($return_arr); $did_something += 1; } else if($select > 0) { $sql="SELECT * FROM $checkins_table LEFT JOIN $registrations_table ON CheckinRegID=RegID WHERE CheckinRegID =".$select." ORDER BY CheckinTime DESC LIMIT 1"; $sqlResult = mysql_query($sql, $conn) or die ("Couldn't perform query (".__LINE__."): ". mysql_error().'.'); if($sqlCheckin = mysql_fetch_assoc($sqlResult)) { $sqlCheckin['status']='succes'; $json = json_encode($sqlCheckin); } else { $msg = "Registration ID $select not found. "; $json = json_encode(["status" => "$msg", "statusCode" => '0']); } $did_something += 1; } if($did_something === 0) { $msg = did_nothing_message; $json = json_encode(["status" => "$msg", "statusCode" => '0']); } echo $json; //RECORD TRANSACTOIN $handle = fopen("CheckinService.log", "a"); $json2 = json_encode($_REQUEST); fputs($handle,date('Y-m-d H:i:s',time())."\t".$_SERVER['REMOTE_ADD']."\t".$sql."\t".$json2."\t".$json."\n"); fclose($handle); function initialize_htaccess() { $found = 0; if(file_exists(".htaccess")) { $handle = fopen(".htaccess", "r"); while (($line = fgets($handle)) !== false){ if(strpos($line, 'Header set Access-Control-Allow-Origin')>0) $found = 1; } fclose($handle); } if($found == 0) { $handle = fopen(".htaccess", "a"); fputs($handle,'Header set Access-Control-Allow-Origin "*"' . "\n"); fclose($handle); } } function initialize_registrations() { global $conn, $registrations_table; $sql = "SHOW tables LIKE '$registrations_table'"; $sqlTables = mysql_query($sql, $conn) or die ("Couldn't perform query $sql (".__LINE__."): " . mysql_error(). '.'); if(mysql_num_rows($sqlTables)==0) { $sql = "CREATE TABLE IF NOT EXISTS `$registrations_table` (`RegID` int(11) NOT NULL AUTO_INCREMENT, `RegName` varchar(100) NOT NULL, `RegPassword` varchar(100) NOT NULL, PRIMARY KEY (`RegID`));"; $sqlResponse = mysql_query($sql, $conn) or die("Couldn't perform query $sql (".__LINE__."): ". mysql_error(). '.'); }; }; function initialize_checkins() { global $conn, $checkins_table; $sql = "SHOW tables LIKE '$checkins_table'"; $sqlTables = mysql_query($sql, $conn) or die ("Couldn't perform query $sql (".__LINE__."): " . mysql_error(). '.'); if(mysql_num_rows($sqlTables)){ $sql = "CREATE TABLE IF NOT EXISTS `$checkins_table`( `CheckinID` int(11) NOT NULL AUTO_INCREMENT, `CheckinRegID` int(11) NOT NULL, `CheckinTime` datetime NOT NULL, `Latitude` double NOT NULL, `Longitude` double NOT NULL, `HouseNo` varchar(5) NOT NULL, `Street` varchar(50) NOT NULL, `Zip` varchar(5) NOT NULL, PRIMARY KEY (`CheckinID`) ); "; $sqlResponse = mysql_query($sql, $conn) or die("Couldn't perform query $qsl (".__LINE__."): ". mysql_error() . '.'); }; }; ?>
| ver. 1.4 |
.
| PHP 7.3.33 | Generation time: 0 |
proxy
|
phpinfo
|
Settings