<?php // bids/user_bids GET //include '../auth.php'; include '../../sql_statements.php'; include '../../helper.php'; $get_data = validate_data("GET", array("bidder_user_id")); $bidder_user_id = $get_data['bidder_user_id']['value']; // echo bids_user_bids($bidder_user_id); $result = db_r_function(bids_user_bids($bidder_user_id)); if ($result) { http_response_code(200); echo $result; } else { http_response_code(500); echo '{"error":"no data returned"}'; }
<?php // auctions/retrieve_all GET OK include '../../sql_statements.php'; include '../../helper.php'; $result = db_r_function(auctions_retrieve_all()); if ($result) { http_response_code(200); echo $result; } else { echo '{error:"no data returned"}'; }
<?php // users/authenticate POST include '../../sql_statements.php'; include '../../helper.php'; include '../../post_header.php'; $post_data = validate_data("POST", array("username", "password")); $username = $post_data['username']['value']; $password = md5($post_data['password']['value']); $result = db_r_function(users_authenticate($username, $password)); //echo $result . " ". users_authenticate($username, $password); if ($result != "[]") { http_response_code(200); session_start(); $token = md5(uniqid(rand(), true)); $user_id = json_decode($result, TRUE)[0]["user_id"]; $_SESSION['access_token'] = $token; $_SESSION['user_id'] = $user_id; echo '{"access_token":"' . $token . '","user_id":' . $user_id . '}'; } else { http_response_code(401); echo '{"error":"Invalid username and password pair."}'; }
<?php // items/user_items GET POOR include '../../auth.php'; include '../../sql_statements.php'; include '../../helper.php'; $owner_user_id = intval($_GET['user_id']); $result = db_r_function(items_user_items($owner_user_id)); if ($result) { http_response_code(200); echo $result; } else { http_response_code(500); echo '{error:"no data returned"}'; }
<?php // users/rating GET include '../../sql_statements.php'; include '../../helper.php'; $get_data = validate_data("GET", array("user_id")); $user_id = $get_data['user_id']['value']; $result = db_r_function(users_rating($user_id)); if ($result) { http_response_code(200); echo $result; } else { http_response_code(200); echo '{"error":"no data returned"}'; }
<?php // Dependency: https://github.com/Synchro/PHPMailer include '../../sql_statements.php'; include '../../helper.php'; include '../PHPMailer/PHPMailerAutoload.php'; include '../emailconfig.php'; $result = db_r_function(event_retrieve_watches()); $data = json_decode($result, true); foreach ($data as $watch) { if (!is_null($watch['email'])) { // if an email address was returned $watcher_text = "Hey, @" . $watch['username'] . "!\n\nWatch out, someone has bid GBP " . $watch['bid_price'] . " on '" . $watch['title'] . "' Better go outbid them quickly! \n\nGood luck!\nHashtagories"; $seller_text = "Hey, @" . $watch['username'] . "!\n\nJust to let you know, someone has bid GBP " . $watch['bid_price'] . " on '" . $watch['title'] . "' \n\nHappy selling!\nHashtagories"; if ($watch['watch_user_id'] != $watch['owner_user_id']) { // if the watcher is not the owner $buyer_mail = new PHPMailer(); $buyer_mail->isSMTP(); // Set mailer to use SMTP $buyer_mail->Host = SMTP_HOSTNAME; // Specify main and backup SMTP servers $buyer_mail->SMTPAuth = true; // Enable SMTP authentication $buyer_mail->Username = SENDER; // SMTP username $buyer_mail->Password = PASSWORD; // SMTP password $buyer_mail->SMTPSecure = 'tls'; // Enable TLS encryption, `ssl` also accepted $buyer_mail->Port = 587; // TCP port to connect to
<?php // users/self GET include '../auth.php'; include '../sql_statements.php'; include '../helper.php'; $get_data = validate_data("GET", array("user_id")); $user_id = $get_data['user_id']['value']; $result = db_r_function(users_self($user_id)); if ($result) { http_response_code(200); echo $result; } else { http_response_code(200); echo '{"error":"no data returned"}'; }
<?php // bids/auction_bids GET OK include '../../sql_statements.php'; include '../../helper.php'; $auction_id = intval($_GET['auction_id']); $result = db_r_function(bids_auction_bids($auction_id)); if ($result) { http_response_code(200); echo $result; } else { echo '[]'; }
<?php // items/create POST OK // include '../../auth.php'; include '../../sql_statements.php'; include '../../helper.php'; include '../../post_header.php'; $post_data = validate_data("POST", array("owner_user_id", "title", "description", "image_ref")); $owner_user_id = $post_data['owner_user_id']['value']; $title = $post_data['title']['value']; $description = $post_data['description']['value']; $image_ref = $post_data['image_ref']['value']; preg_match_all("/#(\\w+)/", $description, $tags); $result = db_r_function(items_create($owner_user_id, $title, $description, $image_ref)); $new_item = json_decode($result, true)[0]['last_insert_id()']; // var_dump($result); // var_dump($new_item); // for each found hashtag in regex, // create hashtag relationship //var_dump($tags[1]); foreach ($tags[1] as $t) { //echo hashtagories_tag_item($new_item, $t); //echo db_cud_function(hashtagories_tag_item($new_item, $t)); } if ($result) { http_response_code(201); echo $result; } else { http_response_code(304); //Not modified
<?php include '../../sql_statements.php'; include '../../helper.php'; $result = db_r_function(hashtagories_trending()); if ($result) { http_response_code(200); echo $result; } else { echo '{"error":"no data returned"}'; }
<?php // auctions/self GET OK include '../sql_statements.php'; include '../helper.php'; $auction_id = intval($_GET['auction_id']); $result = db_r_function(auctions_self($auction_id)); if ($result) { http_response_code(200); echo $result; } else { echo '{"error":"no data returned"}'; }
<?php // hashtagories/search include '../auth.php'; include '../sql_statements.php'; include '../helper.php'; $q = $_GET['query']; $result = db_r_function(hashtagories_search($q)); if ($result) { http_response_code(200); echo $result; } else { http_response_code(500); echo '{"error":"no data returned"}'; }
<?php // hashtagories/all GET include '../../sql_statements.php'; include '../../helper.php'; $result = db_r_function(hashtagories_all()); if ($result) { http_response_code(200); echo $result; } else { echo '{error:"no data returned"}'; }
<?php // feedback/for_auction GET include '../../auth.php'; include '../../sql_statements.php'; include '../../helper.php'; $get_data = validate_data("GET", array("feedback_auction_id")); $feedback_auction_id = $get_data['feedback_auction_id']['value']; //echo feedback_for_auction($feedback_auction_id); $result = db_r_function(feedback_for_auction($feedback_auction_id)); if ($result) { http_response_code(200); echo $result; } else { http_response_code(200); echo '{"error":"no data returned"}'; }
<?php // users/username GET include '../../sql_statements.php'; include '../../helper.php'; $get_data = validate_data("GET", array("user_id")); $user_id = $get_data['user_id']['value']; $result = db_r_function(users_username($user_id)); if ($result) { http_response_code(200); echo $result; } else { http_response_code(200); echo '{"error":"no data returned"}'; }
<?php // Dependency: https://github.com/Synchro/PHPMailer // Triggered by cURL command, runs event_end_expired_auctions() sproc // and sends all auction completion/feedback invite emails include '../../sql_statements.php'; include '../../helper.php'; include '../PHPMailer/PHPMailerAutoload.php'; include '../emailconfig.php'; $result = db_r_function(event_end_expired_auctions()); $data = json_decode($result, true); foreach ($data as $auction) { print_r($auction); if ($auction['successful']) { $seller_text = "Congratulations, your item has sold to " . $auction['buyer_username'] . " for " . $auction['final_bid_price'] . "!\n\nAfter you have sent the item, please fill out some feedback here: " . APP_URL . $auction['seller_feedback_url'] . "\n\nThanks!\nHashtagories"; $buyer_text = "Congratulations, you've purchased an item from " . $auction['seller_username'] . " for " . $auction['final_bid_price'] . "!\n\nAfter you have received the item, please fill out some feedback here: " . APP_URL . $auction['buyer_feedback_url'] . "\n\nThanks!\nHashtagories"; $buyer_mail = new PHPMailer(); //$mail->SMTPDebug = 3; // Enable verbose debug output $buyer_mail->isSMTP(); // Set mailer to use SMTP $buyer_mail->Host = SMTP_HOSTNAME; // Specify main and backup SMTP servers $buyer_mail->SMTPAuth = true; // Enable SMTP authentication $buyer_mail->Username = SENDER; // SMTP username $buyer_mail->Password = PASSWORD; // SMTP password $buyer_mail->SMTPSecure = 'tls'; // Enable TLS encryption, `ssl` also accepted $buyer_mail->Port = 587;
<?php // feedback/for_user GET //include '../../auth.php'; include '../../sql_statements.php'; include '../../helper.php'; $get_data = validate_data("GET", array("user_id")); $user_id = $get_data['user_id']['value']; $result = db_r_function(feedback_for_user($user_id)); if ($result) { http_response_code(200); echo $result; } else { http_response_code(200); echo '{"error":"no data returned"}'; }
<?php // auctions/search GET OK include '../../sql_statements.php'; include '../../helper.php'; if (isset($_GET['query'])) { $q = $_GET['query']; $q_split = preg_split("/\\s/", $q); $q_send = "'" . join("* ", $q_split) . "*'"; } else { $q_send = "''"; } $sort_order = $_GET['sort_order'] ? $_GET['sort_order'] : 0; $sort = $_GET['sort'] ? $_GET['sort'] : 'views'; if ($sort_order) { $result = db_r_function(auctions_search_desc($q_send, $sort)); } else { $result = db_r_function(auctions_search($q_send, $sort)); } if ($result) { http_response_code(200); echo $result; } else { echo '{error:"no data returned"}'; } // SQL stored proc uses this concept: // http://stackoverflow.com/questions/8149545/pass-array-to-mysql-stored-routine
<?php // watches/user_watches GET include '../../auth.php'; include '../../sql_statements.php'; include '../../helper.php'; $get_data = validate_data("GET", array("watch_user_id")); $watch_user_id = $get_data['watch_user_id']['value']; $result = db_r_function(watches_user_watches($watch_user_id)); if ($result) { http_response_code(200); echo $result; } else { http_response_code(200); echo $result; }
<?php // auctions/user_auctions include '../../auth.php'; include '../../sql_statements.php'; include '../../helper.php'; $user_id = $_GET['user_id']; $result = db_r_function(auctions_user_auctions($user_id)); if ($result) { http_response_code(200); echo $result; } else { echo '[]'; }