function createUnauthorizedResponse($app, $request)
{
$error = new Error();
$error->code = 401;
$error->message = 'Unauthorized';
return createResponse($app, $request, $error);
}
<?php
include_once __DIR__ . '/pay_form.php';
include_once SRC_DIR . '/forms.php';
include_once SRC_DIR . '/database.php';
function addCash($connection, $userId, $sum)
{
$sql = 'UPDATE users SET cash = cash + ' . $sum . ' WHERE id = ' . $userId . ';';
mysqli_query($connection, $sql);
return (bool) mysqli_affected_rows($connection);
}
return function (array $request) {
$form = createPayForm();
formHandleRequest($form, $request);
if (formIsValid($form)) {
$vars = extractValues($form);
$sum = (int) ((double) $vars['pay'] * 100);
$user = currentUser();
$userId = (int) $user['id'];
$connection = mappedConnection('users');
addCash($connection, $userId, $sum);
return createResponse();
}
return createResponse('', 400);
};
return;
}
session_set_save_handler('mysql_session_open', 'mysql_session_close', 'mysql_session_read', 'mysql_session_write', 'mysql_session_destroy', 'mysql_session_gc');
session_start();
$request = requestFromGlobals();
if (!array_key_exists('PATH_INFO', $request['server'])) {
$location = $request['server']['SCRIPT_NAME'] . '/' . substr($request['server']['REQUEST_URI'], strlen($request['server']['SCRIPT_NAME']));
$response = createRedirectResponse($location);
} else {
$route = handleRequest($request, $routerConfig);
if ($route) {
if ($route[2] && !currentUser()) {
$response = createRedirectResponse('/index.php/login');
} else {
$handler = $route[1];
if (file_exists($hadlerPath = SRC_DIR . '/' . $handler)) {
$handlerCallable = (include $hadlerPath);
if (is_callable($handlerCallable)) {
$response = $handlerCallable($request);
} else {
$response = createResponse('handler function is missed', 404);
}
} else {
$response = createResponse('handler not found', 404);
}
}
} else {
$response = createResponse('no one route is matched', 404);
}
}
sendResponse($response);
<?php
include_once __DIR__ . '/destroy_form.php';
include_once SRC_DIR . '/forms.php';
include_once SRC_DIR . '/session.php';
return function (array $request) {
$form = createDestroyForm();
formHandleRequest($form, $request);
if (formIsValid($form)) {
logout();
return createRedirectResponse('/index.php/');
}
return createResponse('Invalid csrf token', 400);
};
$sql = 'SELECT id, name, email, hashed_password FROM users WHERE email = ? LIMIT 1';
$statement = mysqli_prepare($connection, $sql);
mysqli_stmt_bind_param($statement, 's', $email);
mysqli_stmt_execute($statement);
mysqli_stmt_bind_result($statement, $id, $name, $email, $hp);
mysqli_stmt_fetch($statement);
mysqli_stmt_close($statement);
if (isset($id, $name, $email, $hp)) {
return ['id' => $id, 'name' => $name, 'email' => $email, 'hashed_password' => $hp];
}
return null;
}
return function (array $request) {
if (currentUser()) {
return createRedirectResponse('/index.php/');
}
$form = createCreateForm();
formHandleRequest($form, $request);
if (formIsValid($form)) {
$auth = extractValues($form);
$user = findUserByEmail(mappedConnection('users'), $auth['email']);
if ($user && password_verify($auth['password'], $user['hashed_password'])) {
authorize($user);
return createRedirectResponse('/');
} else {
$form['valid'] = false;
$form['fields']['password']['errors'][] = 'Неверный Пароль';
}
}
return createResponse(render('session/new.html.php', ['form' => $form]));
};
function createJSONResponse($output)
{
$response = createResponse($output);
return json_encode($response);
}
<?php
include_once __DIR__ . '/create_form.php';
include_once SRC_DIR . '/template.php';
include_once SRC_DIR . '/forms.php';
return function ($request) {
if (currentUser()) {
return createRedirectResponse('/index.php/');
}
return createResponse(render('session/new.html.php', ['form' => createCreateForm()]));
};
if ($check !== false) {
$uploadOk = 1;
} else {
createResponse(array('error' => 'File is not a valid image.'));
$uploadOk = 0;
}
}
// Check if file already exists
if (file_exists($target_file)) {
createResponse(array('error' => 'Could not create movie, id already exists.'));
$uploadOk = 0;
}
// Check file size
if ($_FILES["fileToUpload"]["size"] > 5000000) {
echo "Sorry, your file is too large.";
$uploadOk = 0;
}
// Allow certain file formats
if ($imageFileType != "jpg" && $imageFileType != "png" && $imageFileType != "jpeg") {
createResponse(array('error' => 'File is not a JPG, PNG or JPEG.'));
$uploadOk = 0;
}
// Check if $uploadOk is set to 0 by an error
if ($uploadOk == 0) {
createResponse(array('error' => 'Could not create movie.'));
// if everything is ok, try to upload file
} else {
if (move_uploaded_file($_FILES["fileToUpload"]["tmp_name"], $target_file)) {
echo file_get_contents('https://movie-rental.8t2.eu/api/movie/add/' . $id . '/' . $_POST['title'] . '/' . $_POST['releaseDate'] . '/' . $_POST['description'], false);
}
}
function magicBuildPage($request)
{
$orderConnection = mappedConnection('orders');
$usersConnection = mappedConnection('users');
$query = $request['query'];
// пагинация по айдишникам, что бы не было сдвигов/повторов при добавлении/удаленнии элементов в ленте
$minId = array_key_exists('min_id', $query) ? (int) $query['min_id'] : null;
$maxId = array_key_exists('max_id', $query) ? (int) $query['max_id'] : null;
$pageSize = 10;
// селектим на 1 элемент больше,
// что бы понять, достигнут ли конец и не селектить count
$pageSeizeInc = $pageSize + 1;
$orders = loadOrders($orderConnection, $pageSeizeInc, $minId, $maxId);
$isLastPage = count($orders) < $pageSeizeInc;
// удаляем лишний элемент
if (!$isLastPage) {
array_pop($orders);
}
$userIds = [];
foreach ($orders as $order) {
if (($id = $order['created_by']) && !in_array($id, $userIds, true)) {
$userIds[] = $id;
}
}
$users = loadUsersByIds($usersConnection, $userIds);
$vars = ['users' => $users, 'orders' => $orders, 'is_last_page' => $isLastPage];
if (array_key_exists('HTTP_ACCEPT', $request['server']) && strpos(strtolower($request['server']['HTTP_ACCEPT']), 'application/json') !== false) {
return createResponse(json_encode($vars), 200, ['content-type' => 'application/json']);
} else {
$vars['form'] = createCreateForm();
return createResponse(render('orders/list.html.php', $vars));
}
}
<?php
include_once __DIR__ . '/common.php';
include_once SRC_DIR . '/template.php';
return function (array $request) {
if (currentUser()) {
return createRedirectResponse('/index.php/');
}
return createResponse(render('registration/index.html.php', ['form' => createForm()]));
};
<?php
// Website Content Recommendation Engine
// Developed by Naxrun - available for everyone
// This script returning the recommendation based on IP or UID
// Initial configuration
require_once 'includes/g_functions.php';
header('Content-type: application/json');
$response = createResponse();
// Connect to database
$db_con = createDatabaseConnection();
$db_con->set_charset("utf8");
// Post data
$visitor_ip = $_POST['v_ip'];
$visitor_unique_id = $_POST['v_uid'];
// Initial sanetization
if (isset($visitor_ip) && !empty($visitor_ip) && !filter_var($visitor_ip, FILTER_VALIDATE_IP) === FALSE) {
$todb_visitor_ip = $visitor_ip;
} else {
$todb_visitor_ip = NULL;
}
if (isset($visitor_unique_id) && !empty($visitor_unique_id)) {
$todb_visitor_unique_id = $visitor_unique_id;
} else {
$todb_visitor_unique_id = NULL;
}
// Recommendation request
if ($todb_visitor_ip != NULL || $todb_visitor_unique_id != NULL) {
if ($todb_visitor_ip != NULL) {
$prep = $db_con->prepare('SELECT p_cat, COUNT( * ) AS p_cat_count FROM site_log WHERE v_ip = ? GROUP BY p_cat ORDER BY p_cat_count DESC LIMIT 1');
$prep->bind_param('s', $todb_visitor_ip);
}
$values = array_map('htmlspecialchars', $values);
$Template = new Template($values, 'template/default.php');
$body = $Template->output();
$mail = new PHPMailer();
$mail->CharSet = 'UTF-8';
$mail->SetFrom($values['contact-form-mail'], $values['contact-form-name']);
$mail->AddReplyTo($values['contact-form-mail'], $values['contact-form-name']);
$mail->AddAddress(CONTACT_FORM_TO_EMAIL, CONTACT_FORM_TO_NAME);
$smtp = CONTACT_FORM_SMTP_HOST;
if (!empty($smtp)) {
$mail->IsSMTP();
$mail->SMTPAuth = true;
$mail->Port = CONTACT_FORM_SMTP_PORT;
$mail->Host = CONTACT_FORM_SMTP_HOST;
$mail->Username = CONTACT_FORM_SMTP_USER;
$mail->Password = CONTACT_FORM_SMTP_PASSWORD;
$mail->SMTPSecure = CONTACT_FORM_SMTP_SECURE;
}
$mail->Subject = CONTACT_FORM_SUBJECT;
$mail->MsgHTML($body);
if (!$mail->Send()) {
$response['error'] = 1;
$response['info'][] = array('fieldId' => 'contact-form-send', 'message' => CONTACT_FORM_SEND_MSG_ERROR);
createResponse($response);
}
$response['error'] = 0;
$response['info'][] = array('fieldId' => 'contact-form-send', 'message' => CONTACT_FORM_SEND_MSG_OK);
createResponse($response);
/**********************************************************************/
//**********************************************************************/
return $result;
}
}
return function (array $request) {
$form = createCreateForm();
formHandleRequest($form, $request);
$errors = [];
$form['fields']['name']['value'] = trim(preg_replace('/(?|( )+|(\\n)+|(\\r\\n)+)/', '$1', $form['fields']['name']['value']));
$form['fields']['description']['value'] = trim(preg_replace('/(?|( )+|(\\n)+|(\\r\\n)+)/', '$1', $form['fields']['description']['value']));
if (formIsValid($form)) {
$vars = extractValues($form);
$name = htmlspecialchars($vars['name']);
$description = htmlspecialchars($vars['description']);
$userId = currentUser()['id'];
$price = (int) ((double) $vars['price'] * 100);
if ($id = createOrder($name, $description, $price, $userId)) {
$user = currentUser();
queueNotify('order_top', ['id' => $id, 'title' => $name, 'description' => nl2br($description), 'price' => $price / 100, 'created_by' => ['id' => $user['id'], 'name' => $user['name']]]);
return createResponse(json_encode(['id' => $id]), 200, ['content-type' => 'application/json']);
} else {
$errors = [['name' => 'price', 'errors' => ['Недостаточно средств на счете.']]];
}
} else {
foreach ($form['fields'] as $field) {
if ($field['errors']) {
$errors[] = ['name' => $field['name'], 'errors' => $field['errors']];
}
}
}
return createResponse(json_encode($errors), 400, ['content-type' => 'application/json']);
};
if (time() - $timer >= 5) {
return [];
}
}
return $events;
}
return function (array $request) {
$query = $request['query'];
if (array_key_exists('t', $query)) {
$id = (int) $query['t'];
if (!eventExists($id)) {
return createResponse('', 400);
}
} else {
$id = getLastId();
}
session_write_close();
$events = waitForEvent($id);
session_start();
if (0 === count($events)) {
$response = ['t' => $id];
} else {
$currentUser = currentUser();
if ($currentUser) {
$response = ['events' => $events, 'cash' => getCashById(currentUser()['id']) / 100, 't' => $events[0]['id']];
} else {
return createResponse('', 401);
}
}
return createResponse(json_encode($response), 200, ['content-type' => 'application/json']);
};
$portal = new Portal();
if ($portal->login($user, $password)) {
createResponse($integrater::addPresention($scheduleData, $portal->getPresention(), $week + 1));
} else {
$app->halt(401, json_encode(['error' => 'Wrong Password or Username!']));
}
} else {
$app->halt(401, json_encode($authStatus));
}
});
// Itslearning
$app->get('/itslearning/subjects/:username/:password', function ($username, $password) use($app) {
$itslearning = new Itslearning();
createResponse($itslearning->getSubjects($username, $password));
});
$app->get('/itslearning/digitalcontents/:username/:password', function ($username, $password) use($app) {
$itslearning = new Itslearning();
createResponse($itslearning->getDTDL($username, $password));
});
$app->get('/itslearning/planner/:subjectID/:username/:password', function ($subjectID, $username, $password) use($app) {
$itslearning = new Itslearning();
createResponse($itslearning->getPlanner($username, $password, $subjectID));
});
$app->get('/itslearning/participants/:subjectID/:username/:password', function ($subjectID, $username, $password) use($app) {
$itslearning = new Itslearning();
createResponse($itslearning->getParticipants($username, $password, $subjectID));
});
$app->get('/test', function () use($app) {
$app->halt(403, json_encode(['error' => "This endpoint is just for debugging"]));
});
$app->run();
/**
* @param $location
* @param int $status
* @return array
*/
function createRedirectResponse($location, $status = 302)
{
return createResponse('', $status, ['location' => $location]);
}
}
createResponse($results);
});
//////////////////////
// //
// Stats //
// //
//////////////////////
$app->get('/stats/payed/', function ($request, $response, $args) {
if ($statsData = payedStats()) {
$stats = array();
while ($stat = mysqli_fetch_array($statsData)) {
array_push($stats, $stat);
}
createResponse($stats);
} else {
createResponse(array('error' => 'Could not load invoice stats.'));
}
});
//////////////////////
// //
// Misc //
// //
//////////////////////
$app->get('/version/', function ($request, $response, $args) {
if ($version = exec("git log --pretty=format:'%h' -n 1")) {
createResponse(array('git_version' => $version));
} else {
createResponse(array('error' => 'Could not fetch version.'));
}
});
function successResponse()
{
return createResponse(RESPONSE_SUCCESS, 'OK');
}
$listener->url = $payload->get('url', $listener->url);
$listener->async = $payload->get('async', $listener->async);
try {
$resource = $bus->createListener($listener);
} catch (EventBusException $exc) {
$resource = $exc->getErrorResource();
}
return createResponse($app, $request, $resource);
});
$app->get('/listeners', function (Request $request) use($app, $bus) {
$collection = new \Exaprint\EventBus\ListenerCollection();
$collection->setItemPerPage($request->get('itemPerPage', 50));
$collection->setPage($request->get('page', 1));
$collection->setScope($request->get('scope'));
$collection->setDir($request->get('dir'));
$collection->setSort($request->get('sort'));
$collection = $bus->getListeners($collection);
return createResponse($app, $request, $collection);
});
$app->get('/listeners/{id}', function (Request $request, $id) use($app, $bus) {
$collection = new \Exaprint\EventBus\ListenerCollection();
$collection->setId($id);
$collection = $bus->getListeners($collection);
if ($collection->getItemTotalCount() > 0) {
return createResponse($app, $request, $collection->getItem(0));
}
$error = new Error();
$error->code = 404;
$error->message = "Resource Listener({$id}) not found";
return createResponse($app, $request, $error);
});
<?php
require_once 'vendor/autoload.php';
include 'AnswerController.php';
use Silex\Application;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\Response;
$app = new Silex\Application();
$answerController = new AnswerController();
$app->get('/suggestion', function (Application $app, Request $request) use($app) {
$question = $request->query->get('question');
global $answerController;
return createResponse($answerController->getAnswer($question));
});
$app->get('/suggestion/add', function (Application $app, Request $request) use($app) {
$question = $request->query->get('question');
$answer = $request->query->get('answer');
global $answerController;
return createResponse($answerController->addSuggestion($question, $answer));
});
function createResponse($object)
{
$response = new Response();
$response->setContent(json_encode($object));
$response->setStatusCode(200);
$response->headers->set("Access-Control-Allow-Origin", "*");
$response->headers->set("Access-Control-Allow-Methods", "GET,POST,PUT,DELETE,OPTIONS");
$response->headers->set("Content-Type", "application/json; charset=UTF-8 ");
return $response;
}
$app->run();
