public function add($userId, $reason = "")
 {
     $result = array("error" => true, "error_code" => ERROR_UNKNOWN);
     $currentTime = time();
     $ip_addr = helper::ip_addr();
     $u_agent = helper::u_agent();
     $stmt = $this->db->prepare("INSERT INTO profile_blacklist (blockedByUserId, blockedUserId, reason, createAt, ip_addr, u_agent) value (:blockedByUserId, :blockedUserId, :reason, :createAt, :ip_addr, :u_agent)");
     $stmt->bindParam(":blockedByUserId", $this->requestFrom, PDO::PARAM_INT);
     $stmt->bindParam(":blockedUserId", $userId, PDO::PARAM_INT);
     $stmt->bindParam(":reason", $reason, PDO::PARAM_STR);
     $stmt->bindParam(":createAt", $currentTime, PDO::PARAM_INT);
     $stmt->bindParam(":ip_addr", $ip_addr, PDO::PARAM_STR);
     $stmt->bindParam(":u_agent", $u_agent, PDO::PARAM_STR);
     if ($stmt->execute()) {
         $result = array("error" => false, "error_code" => ERROR_SUCCESS);
         $my_profile = new profile($this->db, $this->requestFrom);
         if ($my_profile->is_friend_exists($userId)) {
             $friends = new friends($this->db, $this->requestFrom);
             $friends->remove($userId);
             unset($friends);
         } else {
             if ($my_profile->is_follower_exists($userId)) {
                 // Unfollow
                 $my_profile->addFollower($userId);
             }
             $profile = new profile($this->db, $userId);
             if ($profile->is_follower_exists($this->requestFrom)) {
                 $profile->addFollower($this->requestFrom);
             }
             unset($profile);
         }
         unset($my_profile);
     }
     return $result;
 }
 public function add($mode, $comment, $originImgUrl = "", $previewImgUrl = "", $imgUrl = "", $photoArea = "", $photoCountry = "", $photoCity = "", $photoLat = "", $photoLng = "")
 {
     $result = array("error" => true, "error_code" => ERROR_UNKNOWN);
     if (strlen($originImgUrl) == 0 && strlen($previewImgUrl) == 0 && strlen($imgUrl) == 0) {
         return $result;
     }
     if (strlen($comment) != 0) {
         $comment = $comment . " ";
     }
     $currentTime = time();
     $ip_addr = helper::ip_addr();
     $u_agent = helper::u_agent();
     $stmt = $this->db->prepare("INSERT INTO photos (fromUserId, accessMode, comment, originImgUrl, previewImgUrl, imgUrl, area, country, city, lat, lng, createAt, ip_addr, u_agent) value (:fromUserId, :accessMode, :comment, :originImgUrl, :previewImgUrl, :imgUrl, :area, :country, :city, :lat, :lng, :createAt, :ip_addr, :u_agent)");
     $stmt->bindParam(":fromUserId", $this->requestFrom, PDO::PARAM_INT);
     $stmt->bindParam(":accessMode", $mode, PDO::PARAM_INT);
     $stmt->bindParam(":comment", $comment, PDO::PARAM_STR);
     $stmt->bindParam(":originImgUrl", $originImgUrl, PDO::PARAM_STR);
     $stmt->bindParam(":previewImgUrl", $previewImgUrl, PDO::PARAM_STR);
     $stmt->bindParam(":imgUrl", $imgUrl, PDO::PARAM_STR);
     $stmt->bindParam(":area", $photoArea, PDO::PARAM_STR);
     $stmt->bindParam(":country", $photoCountry, PDO::PARAM_STR);
     $stmt->bindParam(":city", $photoCity, PDO::PARAM_STR);
     $stmt->bindParam(":lat", $photoLat, PDO::PARAM_STR);
     $stmt->bindParam(":lng", $photoLng, PDO::PARAM_STR);
     $stmt->bindParam(":createAt", $currentTime, PDO::PARAM_INT);
     $stmt->bindParam(":ip_addr", $ip_addr, PDO::PARAM_STR);
     $stmt->bindParam(":u_agent", $u_agent, PDO::PARAM_STR);
     if ($stmt->execute()) {
         $result = array("error" => false, "error_code" => ERROR_SUCCESS, "photoId" => $this->db->lastInsertId(), "photo" => $this->info($this->db->lastInsertId()));
         $account = new account($this->db, $this->requestFrom);
         $account->updateCounters();
         unset($account);
     }
     return $result;
 }
 public function photo($photoId, $abuseId)
 {
     $result = array("error" => false, "error_code" => ERROR_SUCCESS);
     $create_at = time();
     $ip_addr = helper::ip_addr();
     $stmt = $this->db->prepare("INSERT INTO photo_abuse_reports (abuseFromUserId, abuseToPhotoId, abuseId, createAt, ip_addr) value (:abuseFromUserId, :abuseToPhotoId, :abuseId, :createAt, :ip_addr)");
     $stmt->bindParam(":abuseFromUserId", $this->requestFrom, PDO::PARAM_INT);
     $stmt->bindParam(":abuseToPhotoId", $photoId, PDO::PARAM_INT);
     $stmt->bindParam(":abuseId", $abuseId, PDO::PARAM_INT);
     $stmt->bindParam(":createAt", $create_at, PDO::PARAM_INT);
     $stmt->bindParam(":ip_addr", $ip_addr, PDO::PARAM_STR);
     $stmt->execute();
     return $result;
 }
 public function createTicket($accountId, $email, $subject, $text, $clientId = 0)
 {
     $result = array("error" => true, "error_code" => ERROR_UNKNOWN);
     $currentTime = time();
     $ip_addr = helper::ip_addr();
     $u_agent = helper::u_agent();
     $stmt = $this->db->prepare("INSERT INTO support (clientId, accountId, email, subject, text, createAt, ip_addr, u_agent) value (:clientId, :accountId, :email, :subject, :text, :createAt, :ip_addr, :u_agent)");
     $stmt->bindParam(":clientId", $clientId, PDO::PARAM_INT);
     $stmt->bindParam(":accountId", $accountId, PDO::PARAM_INT);
     $stmt->bindParam(":email", $email, PDO::PARAM_STR);
     $stmt->bindParam(":subject", $subject, PDO::PARAM_STR);
     $stmt->bindParam(":text", $text, PDO::PARAM_STR);
     $stmt->bindParam(":createAt", $currentTime, PDO::PARAM_INT);
     $stmt->bindParam(":ip_addr", $ip_addr, PDO::PARAM_STR);
     $stmt->bindParam(":u_agent", $u_agent, PDO::PARAM_STR);
     if ($stmt->execute()) {
         $result = array("error" => false, "error_code" => ERROR_SUCCESS);
     }
     return $result;
 }
 public function create($accountId, $clientId = 0)
 {
     $result = array("error" => true, "error_code" => ERROR_UNKNOWN);
     $currentTime = time();
     // Current time
     $u_agent = helper::u_agent();
     $ip_addr = helper::ip_addr();
     $accessToken = md5(uniqid(rand(), true));
     $stmt = $this->db->prepare("INSERT INTO access_data (accountId, accessToken, clientId, createAt, u_agent, ip_addr) value (:accountId, :accessToken, :clientId, :createAt, :u_agent, :ip_addr)");
     $stmt->bindParam(":accountId", $accountId, PDO::PARAM_INT);
     $stmt->bindParam(":accessToken", $accessToken, PDO::PARAM_STR);
     $stmt->bindParam(":clientId", $clientId, PDO::PARAM_INT);
     $stmt->bindParam(":createAt", $currentTime, PDO::PARAM_INT);
     $stmt->bindParam(":u_agent", $u_agent, PDO::PARAM_STR);
     $stmt->bindParam(":ip_addr", $ip_addr, PDO::PARAM_STR);
     if ($stmt->execute()) {
         $result = array('error' => false, 'error_code' => ERROR_SUCCESS, 'accessToken' => $accessToken, 'accountId' => $accountId);
     }
     return $result;
 }
 public function restorePointCreate($email, $clientId)
 {
     $result = array("error" => true, "error_code" => ERROR_UNKNOWN);
     $restorePointInfo = $this->restorePointInfo();
     if ($restorePointInfo['error'] === false) {
         return $restorePointInfo;
     }
     $currentTime = time();
     // Current time
     $u_agent = helper::u_agent();
     $ip_addr = helper::ip_addr();
     $hash = md5(uniqid(rand(), true));
     $stmt = $this->db->prepare("INSERT INTO restore_data (accountId, hash, email, clientId, createAt, u_agent, ip_addr) value (:accountId, :hash, :email, :clientId, :createAt, :u_agent, :ip_addr)");
     $stmt->bindParam(":accountId", $this->id, PDO::PARAM_INT);
     $stmt->bindParam(":hash", $hash, PDO::PARAM_STR);
     $stmt->bindParam(":email", $email, PDO::PARAM_STR);
     $stmt->bindParam(":clientId", $clientId, PDO::PARAM_INT);
     $stmt->bindParam(":createAt", $currentTime, PDO::PARAM_INT);
     $stmt->bindParam(":u_agent", $u_agent, PDO::PARAM_STR);
     $stmt->bindParam(":ip_addr", $ip_addr, PDO::PARAM_STR);
     if ($stmt->execute()) {
         $result = array('error' => false, 'error_code' => ERROR_SUCCESS, 'accountId' => $this->id, 'hash' => $hash, 'email' => $email);
     }
     return $result;
 }
if (!empty($_POST)) {
    $accountId = isset($_POST['accountId']) ? $_POST['accountId'] : 0;
    $accessToken = isset($_POST['accessToken']) ? $_POST['accessToken'] : '';
    $lat = isset($_POST['lat']) ? $_POST['lat'] : '';
    $lng = isset($_POST['lng']) ? $_POST['lng'] : '';
    $lat = helper::clearText($lat);
    $lat = helper::escapeText($lat);
    $lng = helper::clearText($lng);
    $lng = helper::escapeText($lng);
    $result = array("error" => true, "error_code" => ERROR_UNKNOWN);
    $auth = new auth($dbo);
    if (!$auth->authorize($accountId, $accessToken)) {
        api::printError(ERROR_ACCESS_TOKEN, "Error authorization.");
    }
    $result = array("error" => false, "error_code" => ERROR_SUCCESS);
    $geo = new geo($dbo);
    $info = $geo->info(helper::ip_addr());
    $account = new account($dbo, $accountId);
    if (strlen($lat) > 0 && strlen($lng) > 0) {
        $result = $account->setGeoLocation($lat, $lng);
    } else {
        if ($info['geoplugin_status'] == 206) {
            $result = $account->setGeoLocation($info['geoplugin_latitude'], $info['geoplugin_longitude']);
        } else {
            // 37.421011, -122.084968 | Mountain View, CA 94043, USA   ;)
            $result = $account->setGeoLocation("37.421011", "-122.084968");
        }
    }
    echo json_encode($result);
    exit;
}
 public function reportAbuse($abuseId)
 {
     $result = array("error" => true);
     $create_at = time();
     $ip_addr = helper::ip_addr();
     $stmt = $this->db->prepare("INSERT INTO profile_abuse_reports (abuseFromUserId, abuseToUserId, abuseId, createAt, ip_addr) value (:abuseFromUserId, :abuseToUserId, :abuseId, :createAt, :ip_addr)");
     $stmt->bindParam(":abuseFromUserId", $this->requestFrom, PDO::PARAM_INT);
     $stmt->bindParam(":abuseToUserId", $this->id, PDO::PARAM_INT);
     $stmt->bindParam(":abuseId", $abuseId, PDO::PARAM_INT);
     $stmt->bindParam(":createAt", $create_at, PDO::PARAM_INT);
     $stmt->bindParam(":ip_addr", $ip_addr, PDO::PARAM_STR);
     if ($stmt->execute()) {
         $result = array("error" => false);
     }
     return $result;
 }
 public function create($toUserId, $chatId, $message = "", $imgUrl = "")
 {
     $result = array("error" => true, "error_code" => ERROR_UNKNOWN);
     if (strlen($imgUrl) == 0 && strlen($message) == 0) {
         return $result;
     }
     if ($chatId == 0) {
         $chatId = $this->getChatId($this->getRequestFrom(), $toUserId);
         if ($chatId == 0) {
             $chatId = $this->createChat($this->getRequestFrom(), $toUserId);
         }
     }
     $currentTime = time();
     $ip_addr = helper::ip_addr();
     $u_agent = helper::u_agent();
     $stmt = $this->db->prepare("INSERT INTO messages (chatId, fromUserId, toUserId, message, imgUrl, createAt, ip_addr, u_agent) value (:chatId, :fromUserId, :toUserId, :message, :imgUrl, :createAt, :ip_addr, :u_agent)");
     $stmt->bindParam(":chatId", $chatId, PDO::PARAM_INT);
     $stmt->bindParam(":fromUserId", $this->requestFrom, PDO::PARAM_INT);
     $stmt->bindParam(":toUserId", $toUserId, PDO::PARAM_INT);
     $stmt->bindParam(":message", $message, PDO::PARAM_STR);
     $stmt->bindParam(":imgUrl", $imgUrl, PDO::PARAM_STR);
     $stmt->bindParam(":createAt", $currentTime, PDO::PARAM_INT);
     $stmt->bindParam(":ip_addr", $ip_addr, PDO::PARAM_STR);
     $stmt->bindParam(":u_agent", $u_agent, PDO::PARAM_STR);
     if ($stmt->execute()) {
         $msgId = $this->db->lastInsertId();
         $result = array("error" => false, "error_code" => ERROR_SUCCESS, "chatId" => $chatId, "msgId" => $msgId, "message" => $this->info($msgId));
         $gcm = new gcm($this->db, $toUserId);
         $gcm->setData(GCM_NOTIFY_MESSAGE, "You have new message", $chatId);
         $gcm->send();
     }
     return $result;
 }