File manager - Edit - /home/autoph/public_html/connect/api/v1/asa/api1.php
Back
<?php date_default_timezone_set('Asia/Manila'); header('Content-Type: application/json'); $sqlHost = 'localhost'; $sqlUser = 'autoph_arnel'; $sqlDatabase = 'autoph_connect'; $sqlPass = 'Hke@2001'; $conn = mysql_connect($sqlHost, $sqlUser, $sqlPass) or die ("Couldn't connct to MySQL server on $sqlHost: ". mysql_error(). '.'); $db = mysql_select_db($sqlDatabase, $conn) or die ("Couldn't select database $sqlDatabase: ". mysql_error(). '.'); if($_SERVER['REQUEST_METHOD'] != "POST"){ echo json_encode(array("status"=>0,"message"=>"Invalid request method.")); exit; } $key = $_REQUEST['key']; //API for userlogin if($key=='99797807845605376') { //validations if(empty($_REQUEST['username']) || empty($_REQUEST['password'])){ echo json_encode(array("status"=>0,"message"=>"Insufficient parameters.")); exit; } $username = addslashes($_REQUEST['username']); //$password = addslashes($_REQUEST['password']); $password = md5($_REQUEST['password']); $query = "SELECT u.*,d.dept_name,c.comp_code,c.comp_name,dl.deal_code,dl.deal_name FROM `vts_users` u LEFT OUTER JOIN vts_departments d ON u.`dept_id` = d.id LEFT OUTER JOIN vts_company c ON u.`company` = c.comp_id LEFT OUTER JOIN vts_dealerships dl ON u.`dealer` = dl.deal_id WHERE u.u_name = '".$username."' AND u.u_password = '".$password."' AND u.u_status = 1"; $sqlResult = mysql_query($query, $conn) or die("Couldn't perform query $query (".__LINE__."): " . mysql_error() . '.'); if(mysql_num_rows($sqlResult) > 0) { $sqlRecord = mysql_fetch_assoc($sqlResult); $sqlRecord['status'] = 1; $sqlRecord['message'] = "Data are valid."; echo json_encode($sqlRecord); }else{ echo json_encode(array("status"=>0,"message"=>"Invalid username or password.")); } //User data using ID }else if($key == "99799116300681216"){ if(empty($_REQUEST['id'])){ echo json_encode(array("status"=>0,"message"=>"Insufficient parameters.")); exit; } $id = addslashes($_REQUEST['id']); $query = "SELECT u.*,d.dept_name,c.comp_code,c.comp_name,dl.deal_code,dl.deal_name FROM `vts_users` u LEFT OUTER JOIN vts_departments d ON u.`dept_id` = d.id LEFT OUTER JOIN vts_company c ON u.`company` = c.comp_id LEFT OUTER JOIN vts_dealerships dl ON u.`dealer` = dl.deal_id WHERE u.u_id = '".$id."' AND u.u_status = 1"; $sqlResult = mysql_query($query, $conn) or die("Couldn't perform query $query (".__LINE__."): " . mysql_error() . '.'); if(mysql_num_rows($sqlResult) > 0) { $sqlRecord = mysql_fetch_assoc($sqlResult); $sqlRecord['status'] = 1; $sqlRecord['message'] = "Data are valid."; echo json_encode($sqlRecord); }else{ echo json_encode(array("status"=>0,"message"=>"No user found on given id.")); } //Company list }else if($key == "99799116300681217"){ $query = "SELECT * FROM `vts_company` WHERE 1 AND `comp_status` = 1 ORDER BY TRIM(`comp_name`) ASC"; $sqlResult = mysql_query($query, $conn) or die("Couldn't perform query $query (".__LINE__."): " . mysql_error() . '.'); if(mysql_num_rows($sqlResult) > 0) { $sql_arr = array(); while($sql__arr = mysql_fetch_assoc($sqlResult)) { $sql_arr[] = $sql__arr; } echo json_encode($sql_arr); }else{ echo json_encode(array("status"=>0,"message"=>"No data found.")); } //get dealers by company }else if($key == "99799116300681218"){ if(empty($_REQUEST['company_id'])){ echo json_encode(array("status"=>0,"message"=>"Insufficient parameters.")); exit; } $company_id = addslashes($_REQUEST['company_id']); $query = "SELECT * FROM `vts_dealerships` WHERE 1 AND deal_status = 1 AND `comp_id` = '".$company_id."' ORDER BY `vts_dealerships`.`deal_name` ASC"; $sqlResult = mysql_query($query, $conn) or die("Couldn't perform query $query (".__LINE__."): " . mysql_error() . '.'); if(mysql_num_rows($sqlResult) > 0) { $sql_arr = array(); while($sql__arr = mysql_fetch_assoc($sqlResult)) { $sql_arr[] = $sql__arr; } echo json_encode($sql_arr); }else{ echo json_encode(array("status"=>0,"message"=>"No data found.")); } //read departments }else if($key == "99799116300681219"){ $query = "SELECT * FROM `vts_departments` WHERE 1 AND `deleted` = 0 ORDER BY `dept_name` ASC"; $sqlResult = mysql_query($query, $conn) or die("Couldn't perform query $query (".__LINE__."): " . mysql_error() . '.'); if(mysql_num_rows($sqlResult) > 0) { $sql_arr = array(); while($sql__arr = mysql_fetch_assoc($sqlResult)) { $sql_arr[] = $sql__arr; } echo json_encode($sql_arr); }else{ echo json_encode(array("status"=>0,"message"=>"No data found.")); } }else{ echo "Invalid API key."; } ?>
| ver. 1.4 |
.
| PHP 7.3.33 | Generation time: 0 |
proxy
|
phpinfo
|
Settings