function collectData()
{
global $statusData;
if (isset($_REQUEST['MainFrameID']) && $_REQUEST['MainFrameID'] == "1") {
$statusData["event"]["elements"]["MainFrameID"] = array("sql" => "(select FrameID from Frames where EventId=Events.id order by Score desc,FrameId limit 1)");
$statusData["events"]["elements"]["MainFrameID"] = array("sql" => "(select FrameID from Frames where EventId=Events.id order by Score desc,FrameId limit 1)");
}
$entitySpec =& $statusData[strtolower(validJsStr($_REQUEST['entity']))];
#print_r( $entitySpec );
if (!canView($entitySpec['permission'])) {
ajaxError('Unrecognised action or insufficient permissions');
}
if (!empty($entitySpec['func'])) {
$data = eval("return( " . $entitySpec['func'] . " );");
} else {
$data = array();
$postFuncs = array();
$fieldSql = array();
$joinSql = array();
$groupSql = array();
$elements =& $entitySpec['elements'];
$lc_elements = array_change_key_case($elements);
$id = false;
if (isset($_REQUEST['id'])) {
if (!is_array($_REQUEST['id'])) {
$id = array(validJsStr($_REQUEST['id']));
} else {
$id = array_values($_REQUEST['id']);
}
}
if (!isset($_REQUEST['element'])) {
$_REQUEST['element'] = array_keys($elements);
} else {
if (!is_array($_REQUEST['element'])) {
$_REQUEST['element'] = array(validJsStr($_REQUEST['element']));
}
}
if (isset($entitySpec['selector'])) {
if (!is_array($entitySpec['selector'])) {
$entitySpec['selector'] = array($entitySpec['selector']);
}
foreach ($entitySpec['selector'] as $selector) {
if (is_array($selector) && isset($selector['table']) && isset($selector['join'])) {
$joinSql[] = "left join " . $selector['table'] . " on " . $selector['join'];
}
}
}
foreach ($_REQUEST['element'] as $element) {
if (!($elementData = $lc_elements[strtolower($element)])) {
ajaxError("Bad " . validJsStr($_REQUEST['entity']) . " element " . $element);
}
if (isset($elementData['func'])) {
$data[$element] = eval("return( " . $elementData['func'] . " );");
} else {
if (isset($elementData['postFunc'])) {
$postFuncs[$element] = $elementData['postFunc'];
} else {
if (isset($elementData['zmu'])) {
$data[$element] = exec(escapeshellcmd(getZmuCommand(" " . $elementData['zmu'])));
} else {
if (isset($elementData['sql'])) {
$fieldSql[] = $elementData['sql'] . " as " . $element;
} else {
$fieldSql[] = $element;
}
if (isset($elementData['table']) && isset($elementData['join'])) {
$joinSql[] = "left join " . $elementData['table'] . " on " . $elementData['join'];
}
if (isset($elementData['group'])) {
$groupSql[] = $elementData['group'];
}
}
}
}
}
if (count($fieldSql)) {
$sql = "select " . join(", ", $fieldSql) . " from " . $entitySpec['table'];
if ($joinSql) {
$sql .= " " . join(" ", array_unique($joinSql));
}
if ($id && !empty($entitySpec['selector'])) {
$index = 0;
$where = array();
$values = array();
foreach ($entitySpec['selector'] as $selector) {
if (is_array($selector)) {
$where[] = $selector['selector'] . ' = ?';
$values[] = validInt($id[$index]);
} else {
$where[] = $selector . ' = ?';
$values[] = validInt($id[$index]);
}
$index++;
}
$sql .= " where " . join(" and ", $where);
}
if ($groupSql) {
$sql .= " group by " . join(",", array_unique($groupSql));
}
if (!empty($_REQUEST['sort'])) {
$arr = explode(' ', $_REQUEST['sort']);
$col = validCol($arr[0]);
$dir = "";
if (count($arr) == 2) {
if ($arr[1] == "desc") {
$dir = $arr[1];
}
}
$sql .= " order by {$col} {$dir}";
}
if (!empty($entitySpec['limit'])) {
$limit = $entitySpec['limit'];
} elseif (!empty($_REQUEST['count'])) {
$limit = validInt($_REQUEST['count']);
}
$limit_offset = "";
if (!empty($_REQUEST['offset'])) {
$limit_offset = validInt($_REQUEST['offset']) . ", ";
}
if (!empty($limit)) {
$sql .= " limit " . $limit_offset . $limit;
}
if (isset($limit) && $limit == 1) {
if ($sqlData = dbFetchOne($sql, NULL, $values)) {
foreach ($postFuncs as $element => $func) {
$sqlData[$element] = eval('return( ' . $func . '( $sqlData ) );');
}
$data = array_merge($data, $sqlData);
}
} else {
$count = 0;
foreach (dbFetchAll($sql, NULL, $values) as $sqlData) {
foreach ($postFuncs as $element => $func) {
$sqlData[$element] = eval('return( ' . $func . '( $sqlData ) );');
}
$data[] = $sqlData;
if (isset($limi) && ++$count >= $limit) {
break;
}
}
}
}
}
#print_r( $data );
return $data;
}
$monitor_str = "";
$monitor_str .= make_tag("id", $monitor['Id']);
$monitor_str .= make_tag("name", $monitor['Name']);
$monitor_str .= make_tag("method", $monitor['Function']);
$monitor_str .= make_tag("enabled", $monitor['Enabled']);
$monitor_str .= make_tag("width", $monitor['Width']);
$monitor_str .= make_tag("height", $monitor['Height']);
print make_tag("monitor", $monitor_str);
}
} else {
if ($_REQUEST['action'] == "get_connkey") {
print make_tag("connkey", generateConnKey());
} else {
if ($_REQUEST['action'] == "event_stats") {
if (!canView("Events")) {
ajaxError('Unrecognised action or insufficient permissions');
}
$eid = validInt($_REQUEST['eid']);
$stats = dbFetchAll("select S.*,E.*,Z.Name as ZoneName,Z.Units,Z.Area,M.Name as MonitorName,M.Width,M.Height from Stats as S left join Events as E on S.EventId = E.Id left join Zones as Z on S.ZoneId = Z.Id left join Monitors as M on E.MonitorId = M.Id where S.EventId = '" . $eid . "' order by S.FrameId, S.ZoneId");
for ($i = 0; $i < count($stats); $i++) {
$stat = $stats[$i];
$stat_str = "";
$stat_str .= make_tag("FrameId", $stat["FrameId"]);
$stat_str .= make_tag("PixelDiff", $stat["PixelDiff"]);
$stat_str .= make_tag("AlarmPixels", $stat["AlarmPixels"]);
$stat_str .= make_tag("FilterPixels", $stat["FilterPixels"]);
$stat_str .= make_tag("BlobPixels", $stat["BlobPixels"]);
$stat_str .= make_tag("Blobs", $stat["Blobs"]);
$stat_str .= make_tag("ZoneName", $stat["ZoneName"]);
$stat_str .= make_tag("Score", $stat["Score"]);
print make_tag("stat", $stat_str);
//Now add the suggestion
if (!$member->edit($_POST['name'], $_POST['gender'], $_POST['relationship'], $_POST['dob'], $_POST['alive'], TRUE)) {
trigger_error("Cannot Edit Member. Some error occured");
} else {
ajaxSuccess();
}
}
break;
case "feedback":
$name = $_POST['name'];
$email = $_POST['email'];
$message = $_POST['message'];
if (!$db->query("insert into feedback (user_name,user_emailid,feedback_text) \n values ('{$name}','{$email}','{$message}')")) {
trigger_error("Some error occured");
} else {
ajaxSuccess();
}
break;
case "checkregistered":
global $db, $vanshavali;
$res = $vanshavali->getmember($_POST['id']);
if (empty($res->data['username']) && empty($res->data['password'])) {
ajaxSuccess();
} else {
ajaxError();
}
break;
default:
//when nothing matches
break;
}
function collectData()
{
global $statusData;
$entitySpec =& $statusData[strtolower(validJsStr($_REQUEST['entity']))];
#print_r( $entitySpec );
if (!canView($entitySpec['permission'])) {
ajaxError('Unrecognised action or insufficient permissions');
}
if (!empty($entitySpec['func'])) {
$data = eval("return( " . $entitySpec['func'] . " );");
} else {
$data = array();
$postFuncs = array();
$fieldSql = array();
$joinSql = array();
$groupSql = array();
$elements =& $entitySpec['elements'];
$lc_elements = array_change_key_case($elements);
$id = false;
if (isset($_REQUEST['id'])) {
if (!is_array($_REQUEST['id'])) {
$id = array(validJsStr($_REQUEST['id']));
} else {
$id = array_values($_REQUEST['id']);
}
}
if (!isset($_REQUEST['element'])) {
$_REQUEST['element'] = array_keys($elements);
} else {
if (!is_array($_REQUEST['element'])) {
$_REQUEST['element'] = array(validJsStr($_REQUEST['element']));
}
}
if (isset($entitySpec['selector'])) {
if (!is_array($entitySpec['selector'])) {
$entitySpec['selector'] = array($entitySpec['selector']);
}
foreach ($entitySpec['selector'] as $selector) {
if (is_array($selector) && isset($selector['table']) && isset($selector['join'])) {
$joinSql[] = "left join " . $selector['table'] . " on " . $selector['join'];
}
}
}
foreach ($_REQUEST['element'] as $element) {
if (!($elementData = $lc_elements[strtolower($element)])) {
ajaxError("Bad " . validJsStr($_REQUEST['entity']) . " element " . $element);
}
if (isset($elementData['func'])) {
$data[$element] = eval("return( " . $elementData['func'] . " );");
} else {
if (isset($elementData['postFunc'])) {
$postFuncs[$element] = $elementData['postFunc'];
} else {
if (isset($elementData['zmu'])) {
$data[$element] = exec(escapeshellcmd(getZmuCommand(" " . $elementData['zmu'])));
} else {
if (isset($elementData['sql'])) {
$fieldSql[] = $elementData['sql'] . " as " . $element;
} else {
$fieldSql[] = $element;
}
if (isset($elementData['table']) && isset($elementData['join'])) {
$joinSql[] = "left join " . $elementData['table'] . " on " . $elementData['join'];
}
if (isset($elementData['group'])) {
$groupSql[] = $elementData['group'];
}
}
}
}
}
if (count($fieldSql)) {
$sql = "select " . join(", ", $fieldSql) . " from " . $entitySpec['table'];
if ($joinSql) {
$sql .= " " . join(" ", array_unique($joinSql));
}
if ($id && !empty($entitySpec['selector'])) {
$index = 0;
$where = array();
foreach ($entitySpec['selector'] as $selector) {
if (is_array($selector)) {
$where[] = $selector['selector'] . " = " . dbEscape($id[$index]);
} else {
$where[] = $selector . " = " . dbEscape($id[$index]);
}
$index++;
}
$sql .= " where " . join(" and ", $where);
}
if ($groupSql) {
$sql .= " group by " . join(",", array_unique($groupSql));
}
if (!empty($_REQUEST['sort'])) {
$sql .= " order by " . dbEscape($_REQUEST['sort']);
}
if (!empty($entitySpec['limit'])) {
$limit = $entitySpec['limit'];
} elseif (!empty($_REQUEST['count'])) {
$limit = dbEscape($_REQUEST['count']);
}
if (!empty($limit)) {
$sql .= " limit " . $limit;
}
if (isset($limit) && $limit == 1) {
if ($sqlData = dbFetchOne($sql)) {
foreach ($postFuncs as $element => $func) {
$sqlData[$element] = eval('return( ' . $func . '( $sqlData ) );');
}
$data = array_merge($data, $sqlData);
}
} else {
$count = 0;
foreach (dbFetchAll($sql) as $sqlData) {
foreach ($postFuncs as $element => $func) {
$sqlData[$element] = eval('return( ' . $func . '( $sqlData ) );');
}
$data[] = $sqlData;
if (isset($limi) && ++$count >= $limit) {
break;
}
}
}
}
}
#print_r( $data );
return $data;
}
break;
case 'load_states_disabled':
load_states_disabled($vars['country']);
break;
case 'get_country':
get_country($vars['country']);
break;
case 'get_state':
get_state($vars['state']);
break;
case 'save_country':
save_country($vars['country'], $vars['title'], $vars['tag'], $vars['act']);
break;
case 'save_state':
save_state($vars['country'], $vars['state'], $vars['title'], $vars['tag'], $vars['act']);
break;
case 'get_expire':
get_expire($vars['product_id'], $vars['begin_date']);
break;
case 'calculate_tax':
calculate_tax($vars['product_id'], $vars['member_id'], $vars['amount'], $vars['incl_tax']);
break;
case 'affiliate_search':
affiliate_search($vars['search']);
break;
case 'change_affiliate':
change_affiliate($vars['member_id'], $vars['aff_id']);
break;
default:
ajaxError('Unknown Request');
}
}
// Connect to avariceDB
try {
$avarice_dbh = new PDO("sqlite:" . $config['avariceDataFile']['path']);
} catch (PDOException $e) {
ajaxError("Database", $e->getMessage());
}
// Creates module DB connection based on 'section' parametor
if (empty($formData['section'])) {
ajaxError("Syntax", "'section' is a required parameter");
} else {
if ($formData['section'] == "eventLog") {
try {
$dbh = new PDO("sqlite:" . $config['module']['eventLog']['path'] . "/eventLog.sqlite3");
} catch (PDOException $e) {
ajaxError("Database", $e->getMessage());
}
}
}
// Actions
$return = array();
if ($formData['section'] == "eventLog") {
if ($formData['action'] == "getUser") {
$query = "\r\n\t\t\tselect\r\n\t\t\t\tUserID,\r\n\t\t\t\tUser\r\n\t\t\tfrom user\r\n\t\t\torder by\r\n\t\t\t\tUser;";
$sth = $dbh->prepare($query);
$sth->execute();
$result = $sth->fetchAll(PDO::FETCH_ASSOC);
$return[1410065407] = "All";
foreach ($result as $row) {
$return[$row['UserID']] = $row['User'];
}
} while (false);
return ajaxResponse($res);
}
function ajaxCheckCoupon($vars)
{
global $db, $config;
$coupon = htmlentities($vars['coupon']);
$res = array('msg' => '', 'errorCode' => 0);
$ret = $db->coupon_get($vars['coupon']);
if (!is_array($ret) || !$ret['coupon_id']) {
$res['msg'] = $ret;
$res['errorCode'] = 1;
}
return ajaxResponse($res);
}
header("Content-type: text/plain; charset=UTF-8");
$vars = get_input_vars();
$vars['do'] = preg_replace('/[^a-zA-Z0-9_.,-]/', '', $vars['do']);
switch ($vars['do']) {
case 'get_states':
ajaxGetStates($vars);
break;
case 'check_uniq_login':
ajaxCheckUniqLogin($vars);
break;
case 'check_coupon':
ajaxCheckCoupon($vars);
break;
default:
ajaxError('Unknown Request: ' . $vars['do']);
}
