Beispiel #1
0
 public function local_items()
 {
     global $con;
     if (!$_SESSION["userid"]) {
         return 403;
     } else {
         return sqlToArray($con, "SELECT * FROM request WHERE NOT(`usr`='" . mysqli_real_escape_string($con, $_SESSION["userid"]) . "') ORDER BY `date` DESC");
     }
 }
Beispiel #2
0
 public function listen()
 {
     global $con, $argv;
     if (!isset($argv["type"])) {
         return 401;
     } else {
         if (!isset($_SESSION["userid"])) {
             return 403;
         } else {
             $table = "";
             $user_match = array();
             switch ($argv["type"]) {
                 case USER:
                     $table = "usr";
                     $user_match = array("id");
                     break;
                 case ITEM:
                     $table = "item";
                     $user_match = array("usr");
                     break;
                 case CONVERSATION:
                     $table = "msg";
                     $user_match = array("from", "to");
                     break;
                 default:
                     exit;
             }
             $user_cond = "WHERE";
             foreach ($user_match as $v) {
                 $user_cond .= " `" . mysqli_real_escape_string($con, $v) . "` = '" . mysqli_real_escape_string($con, $_SESSION["userid"]) . "' OR";
             }
             $user_cond = substr($user_cond, 0, strlen($user_cond) - 2);
             $query_str = "SELECT * FROM `" . mysqli_real_escape_string($con, $table) . "` " . $user_cond;
             $start_length = count(sqlToArray($con, $query_str, array()));
             $current_length = count(sqlToArray($con, $query_str, array()));
             $timeout = 0;
             while ($current_length <= $start_length && $timeout <= 29) {
                 sleep(1);
                 clearstatcache();
                 $timeout++;
                 $current_length = count(sqlToArray($con, $query_str, array()));
                 if ($timeout > 29) {
                     return 201;
                     exit;
                 }
             }
             return sqlToArray($con, $query_str, array());
         }
     }
 }
Beispiel #3
0
 private static function match_class_code($class, $code)
 {
     $connect = mysqli_connect(host(), username(), password(), mainDb());
     if ($code) {
         $return_array = sqlToArray($connect, "SELECT `text` FROM `lookup` WHERE class={$class} AND code={$code}");
         if (count($return_array) != 0) {
             return $return_array[0]["text"];
         } else {
             return NULL;
         }
     } else {
         $return_array = sqlToArray($connect, "SELECT * FROM `lookup` WHERE class={$class}");
         return $return_array;
     }
 }
Beispiel #4
0
 private function get($filter, $sortBy = NULL, $sortOrder = NULL)
 {
     global $con;
     $escaped_id = mysqli_real_escape_string($con, $_SESSION["userid"]);
     $query = "SELECT * FROM msg WHERE (`from`='" . $escaped_id . "' OR `to`='" . $escaped_id . "')";
     if (isset($filter) && is_array($filter)) {
         foreach ($filter as $k => $v) {
             if (isset($k) && isset($v)) {
                 $query .= "AND `" . trim($k) . "`='" . trim($v) . "'";
             }
         }
     }
     switch (strtolower(trim($sortOrder)) == "d") {
         case "a":
             $sortOrder = "ASC";
             break;
         default:
             $sortOrder = "DESC";
             break;
     }
     if ($sortBy) {
         $query .= " ORDER BY `" . mysqli_real_escape_string($con, $sortBy) . "` " . mysqli_real_escape_string($con, strtoupper($sortOrder));
     }
     return sqlToArray($con, $query, array());
 }
Beispiel #5
0
 private function find()
 {
     global $con;
     $query = "SELECT * FROM exchange";
     $return_array = sqlToArray($con, $query, array());
     $continue = true;
     $exchange_array = array();
     if (is_array($return_array) && count($return_array) != 0) {
         for ($i = 0; $i < count($return_array); $i++) {
             $item1id = $return_array[$i]["item1"];
             $item2id = $return_array[$i]["item2"];
             $item1_obj = new Item(array("action" => "get", "filter" => array("id" => $item1id)));
             $item1_ret = $item1_obj->run();
             $item2_obj = new Item(array("action" => "get", "filter" => array("id" => $item2id)));
             $item2_ret = $item2_obj->run();
             if ($item1_ret[0]["usr"] == trim($_SESSION["userid"]) || $item2_ret[0]["usr"] == trim($_SESSION["userid"])) {
                 $who_ranked = is_array(json_decode($return_array[$i]["who_ranked"], true)) ? json_decode($return_array[$i]["who_ranked"], true) : array();
                 if (!in_array($_SESSION["userid"], $who_ranked)) {
                     array_push($exchange_array, $return_array[$i]);
                 }
             }
         }
     }
     return $exchange_array;
 }
Beispiel #6
0
 private function get($filter, $sort = "adddate", $order = "ASC", $limit = 10, $forbidden = array())
 {
     global $con;
     $query = "SELECT * FROM item ";
     if (!$sort) {
         $sort = "adddate";
     }
     if (!$order) {
         $order = "ASC";
     }
     if ($filter && is_array($filter)) {
         $query .= "WHERE ";
         foreach ($filter as $k => $v) {
             if (isset($k) && isset($v) && trim(strtolower($k)) != "status") {
                 $query .= " `" . mysqli_real_escape_string($con, trim($k)) . "`='" . mysqli_real_escape_string($con, trim($v)) . "' AND";
             }
         }
         $query = substr($query, 0, strlen($query) - 3);
     }
     $query .= "ORDER BY " . mysqli_real_escape_string($con, $sort) . " " . mysqli_real_escape_string($con, $order);
     $limit = intval($limit);
     if ($limit > 0) {
         $query .= " LIMIT " . mysqli_real_escape_string($con, $limit);
     }
     $ret_array = sqlToArray($con, $query, $forbidden);
     $fin_array = array();
     foreach ($ret_array as $v) {
         $v["status"] = "1";
         $esc_id = mysqli_real_escape_string($con, $v["id"]);
         $oq = mysqli_query($con, "SELECT * FROM `item`");
         while ($r = mysqli_fetch_array($oq)) {
             try {
                 $decode_offers = json_decode($r["offers"], true);
                 if (is_array($decode_offers)) {
                     foreach ($decode_offers as $a) {
                         if ($a["id"] == $v["id"]) {
                             $v["status"] = "2";
                         }
                     }
                 }
             } catch (Exception $e) {
             }
         }
         $q = mysqli_query($con, "SELECT * FROM exchange WHERE (`item1`='" . $esc_id . "' OR `item2`='" . $esc_id . "')");
         while ($r = mysqli_fetch_array($q)) {
             if (is_array(json_decode($r["who_ranked"], true))) {
                 if (in_array($v["usr"], json_decode($r["who_ranked"], true))) {
                     $v["status"] = "1";
                 } else {
                     $v["status"] = "0";
                 }
             } else {
                 $v["status"] = "0";
             }
         }
         array_push($fin_array, $v);
     }
     if (isset($filter["status"])) {
         $ret_arr = array();
         foreach ($fin_array as $i) {
             if ($i["status"] == $filter["status"]) {
                 array_push($ret_arr, $i);
             }
         }
         return $ret_arr;
     }
     return $fin_array;
 }