function get_admin_oauth($username_user, $password_user, $device)
{
if (isset($username_user) && isset($password_user) && isset($device)) {
$secret = check_admin($username_user);
if ($secret != 'false') {
$device = json_encode($device);
$profile_id = get_profile_id($username_user, $password_user);
$oauth_key = check_oauth($profile_id, $device);
$status = "failure";
//$device_name = 'device_'.uniqid(rand(), true);
include 'sql.php';
if ($profile_id != null && $oauth_key == null) {
/*
* generate and write the oauth key to db
*/
$token = md5(uniqid(rand(), true));
$date = date_create();
date_timestamp_set($date, time() + 2 * 24 * 60 * 60);
$dtm = date_format($date, "Y-m-d H:i:s");
$sql = "insert into " . $dbname . ".oauth(oauth_key,oauth_expiry,device,profile_id) value ('{$token}','{$dtm}','{$device}',{$profile_id})";
$result = $conn->query($sql);
$oauth_key = $token;
header($_SERVER["SERVER_PROTOCOL"] . " " . $GLOBALS['status_found']);
header('Oauth: ' . $oauth_key);
$res = get_userdata($profile_id);
$result_array = array('status' => 'Success', 'message' => 'User found', 'number_of_devices_logged_in' => get_users_logged_in($profile_id), 'secret_key' => $secret, 'user_data' => $res);
// /*
// * write to logs
// */
// date_default_timezone_set('Asia/Calcutta');
// $date = date_create();
// date_timestamp_set($date, time());
// $dtm = date_format($date, "Y-m-d H:i:s");
// //echo $dtm;
// //exit;
// $sql = "insert into " . $dbname . ".logs(profile_id,state,mytime,oauth_key,device) value ($profile_id,'login','$dtm','$oauth_key','$device')";
// $result = $conn->query($sql);
$conn->close();
} else {
if ($oauth_key != null) {
$res = get_userdata($profile_id);
header($_SERVER["SERVER_PROTOCOL"] . " " . $GLOBALS['status_found']);
header('oauth: ' . $oauth_key);
$status = "Sucess";
$result_array = array('status' => 'Success', 'message' => 'User found', 'number_of_devices_logged_in' => get_users_logged_in($profile_id), 'secret_key' => $secret, 'user_data' => $res);
/*
* write to logs
*/
date_default_timezone_set('Asia/Calcutta');
$date = date_create();
date_timestamp_set($date, time());
$dtm = date_format($date, "Y-m-d H:i:s");
$sql = "insert into " . $dbname . ".logs(profile_id,state,mytime,oauth_key,device) value ({$profile_id},'login','{$dtm}','{$oauth_key}','{$device}')";
$result = $conn->query($sql);
} else {
header($_SERVER["SERVER_PROTOCOL"] . " " . $GLOBALS['status_notfound']);
// header('oauth: ' . $oauth_key);
$result_array = array('status' => 'Failure', 'message' => 'User not found');
}
}
print_r(json_encode($result_array));
} else {
header($_SERVER["SERVER_PROTOCOL"] . " " . $GLOBALS['status_notfound']);
$result_array = array('status' => 'Failure', 'message' => 'Admin access denied');
}
}
}
<?php
if (isset($_GET['authToken']) && isset($_GET['id'])) {
$auth = $_GET['authToken'];
$id = $_GET['id'];
check_oauth($auth, $id);
} else {
$apiResponse = array('status' => 'error', 'statusCode' => 405, 'message' => 'Method not allowed', 'error' => 'Method not allowed');
print_r(json_encode($apiResponse));
}
function check_oauth($auth, $id)
{
include 'sql.php';
$SQL = "SELECT * FROM oauth WHERE profile_id = {$id}";
$result = $conn->query($SQL);
if ($result->num_rows > 0) {
$row = $result->fetch_assoc();
if ($row['oauth_key'] == $auth) {
getlist();
$conn->close();
} else {
$apiResponse = array('status' => 'error', 'statusCode' => 404, 'message' => 'User not found');
print_r(json_encode($apiResponse));
}
}
}
function getlist()
{
include 'sql.php';
$SQL = "SELECT * FROM video";
$result = $conn->query($SQL);
