function processRequest()
{
// we can directly reference $_SESSION, $_REQUEST and defined vars set by config;
global $con;
// give access to open db connection object
$this->sesstoken = fct_session_token();
// from $_SESSION['token'] (may be gen'd new just now)
$email = isset($_POST) && isset($_POST['email']) ? $_POST['email'] : '';
$email = strtolower(urldecode($email));
$existing_user = $con->recordselect("SELECT * FROM `prelaunch_signup` WHERE emailAddress='" . $email . "'");
if (mysql_num_rows($existing_user) > 0) {
return "That email address is already signed up.";
} else {
// new pre-launch signup
$accessIp = get_ip_address1();
if (isset($_SESSION['plc'])) {
// new user has arrived on a referral link containing prelaunch_user created timestamp
$con->insert("INSERT INTO `prelaunch_signup` \n\t\t\t\t\t\t\t(`emailAddress`, `created`, `ipaddress`, `referrerCreated`) \n\t\t\t\t\t\t\tVALUES ('{$email}', " . time() . ", '" . $accessIp . "', '" . $_SESSION['plc'] . "') ");
} else {
if (isset($_SESSION['ruid'])) {
// new user has arrived on a referral link containing a registered user's id
$referrer = $con->recordselect("SELECT * FROM `users` WHERE `userId` = '" . $_SESSION['ruid'] . "' ");
if (mysql_num_rows($referrer) >= 1) {
// Use registered user's "created" timestamp as referrerCreated
// ... to add a little confusion to understand which "create" we are talking about
$con->insert("INSERT INTO `prelaunch_signup` \n\t\t\t\t\t\t\t(`emailAddress`, `created`, `ipaddress`, `referrerCreated`) \n\t\t\t\t\t\t\tVALUES ('{$email}', " . time() . ", '" . $accessIp . "', '" . $referrer['created'] . "') ");
} else {
// strange ... cannot located registered user by id
wrtlog("DEBUG: could not locate registered user by userId=" . $_SESSION['ruid'] . " from session['ruid'] ");
}
} else {
$con->insert("INSERT INTO `prelaunch_signup` (`emailAddress`, `created`, `ipaddress`) \n\t\t\t\t\t\t\tVALUES ('{$email}', " . time() . ", '" . $accessIp . "') ");
}
}
return "Thank you! We will notify you as soon as we open for business.";
}
}
function processRequest()
{
// we can directly reference $_SESSION, $_REQUEST and defined vars set by config;
global $con;
// give access to open db connection object
//wrtlog("API processRequest: ". print_r($_REQUEST,true));
$resp = array();
$no_login_required = array('cksession', 'login');
$defined_methods = array('cksession', 'login', 'logout', 'projects', 'userinfo', 'pledge');
/*
// before rewrite
/api/cksession/<b64_user_email>
/api/login/<session_token>/<b64_user_email>/<b64_user_pwd>
/api/logout/<session_token>
/api/projects/<session_token>
/api/userinfo/<session_token>
/api/userinfo/<session_token>/<projectId>
/api/pledge/<session_token>/<projectId>/<dollaramount>
// after rewrite
/api.php?a=<methodname>&b=<param1>[&c=<param2>[&d=<param3>]]
*/
$this->sesstoken = fct_session_token();
// from $_SESSION['token'] (may be gen'd new just now)
$this->method = isset($_REQUEST['a']) ? $_REQUEST['a'] : '';
if (empty($this->method) || !in_array($this->method, $defined_methods)) {
$resp = array('completion' => 'NOK', 'error' => 'invalid method requested: ' . $this->method);
} else {
if (in_array($this->method, $no_login_required)) {
// no logged in session required
if ($this->method == 'cksession') {
$user_email = base64_decode(isset($_REQUEST['b']) ? $_REQUEST['b'] : '');
$resp = $this->cksession($user_email);
} else {
if ($this->method == 'login') {
$_SESSION['pb6'] = '';
$token = isset($_REQUEST['b']) ? $_REQUEST['b'] : '';
$user_email = base64_decode(isset($_REQUEST['c']) ? $_REQUEST['c'] : '');
$user_pass = base64_decode(isset($_REQUEST['d']) ? $_REQUEST['d'] : '');
if (empty($user_email) || empty($user_pass)) {
$resp = array('completion' => 'NOK', 'error' => 'missing required parameters');
} else {
if ($token != $this->sesstoken) {
$resp = array('completion' => 'NOK', 'error' => 'invalid session token');
} else {
$resp = $this->login($user_email, $user_pass);
}
}
} else {
$resp = array('completion' => 'NOK', 'error' => 'requested method not yet hooked up');
}
}
} else {
// logged in session required
if ($this->method == 'logout') {
session_destroy();
$resp = array('completion' => 'OK');
} else {
$token = isset($_REQUEST['b']) ? $_REQUEST['b'] : '';
if ($token != $this->sesstoken) {
$resp = array('completion' => 'NOK', 'error' => 'invalid session token');
} else {
$this->userid = isset($_SESSION['userid']) ? $_SESSION['userid'] : false;
if (!$this->userid) {
$resp = array('completion' => 'NOK', 'error' => 'no user id in session');
} else {
if ($this->method == 'projects') {
$resp = $this->projects();
} else {
if ($this->method == 'userinfo') {
$projId = isset($_REQUEST['c']) ? $_REQUEST['c'] : '';
// may be null
$resp = $this->userinfo($projId);
} else {
if ($this->method == 'pledge') {
$projId = isset($_REQUEST['c']) ? $_REQUEST['c'] : '';
$b64pwd = isset($_REQUEST['d']) ? $_REQUEST['d'] : '';
$amount = isset($_REQUEST['e']) ? $_REQUEST['e'] : '';
if (!is_numeric($projId)) {
$resp = array('completion' => 'NOK', 'error' => 'missing valid project id');
} else {
if (!is_numeric($amount) || $amount <= 0) {
$resp = array('completion' => 'NOK', 'error' => 'missing valid pledge amount');
} else {
if (!isset($_SESSION) || !isset($_SESSION['pb6']) || $b64pwd != $_SESSION['pb6']) {
$resp = array('completion' => 'NOK', 'error' => 'password incorrect');
} else {
$resp = $this->pledge($projId, $amount);
}
}
}
} else {
$resp = array('completion' => 'NOK', 'error' => 'requested method not yet hooked up.');
}
}
}
}
}
}
}
}
//wrtlog("API response: " . print_r($resp,true));
//wrtlog(print_r($resp,true));
header('Content-Type: application/json; charset=utf-8');
$jsonResp = json_encode($resp);
//wrtlog($jsonResp); // DEBUG
return $jsonResp;
}
