public function connect($serverInfo)
{
$hostname = $serverInfo['hostname'];
$instance = $serverInfo['instance'];
$username = $serverInfo['username'];
$password = $serverInfo['password'];
//if(!self::$_connectSource) {
//if(!$_connectSource) {
$server = $hostname . "/" . $instance;
//echo $server;die();
//self::$_connectSource = oci_connect($username,$password,$server);
$_connectSource = oci_connect($username, $password, $server);
//if(!self::$_connectSource) {
if (!$_connectSource) {
Response::show(101, "Database connect error, please start your listener and instance");
}
//}
return $_connectSource;
}
public function getOriginPhoto($connect, $originID, $hostName)
{
$hostName = 'http://' . $hostName;
$goSql = "SELECT PATH, LOCAL_NAME FROM PHOTO WHERE VALID=1 AND PHOTO_ID='{$originID}'";
$stGo = oci_parse($connect, $goSql);
if (!oci_execute($stGo)) {
Response::show(1401, 'Image_Information: query database by origin photo id error');
}
$photoAddr = '';
if ($goRow = oci_fetch_array($stGo, OCI_BOTH)) {
//var_dump($goRow);
$localname = $goRow['LOCAL_NAME'];
$path = $goRow['PATH'];
$photoAddr = $this->getPhotoAddr($hostName, $path, $localname);
$resData = array('photoURL' => $photoAddr);
Response::show(1400, 'Get origin photo successful', $resData);
}
// Photo do not exist
Response::show(1402, 'No such photo in database');
}
public function getUserBasicInfo($connect, $userInfo)
{
// global variable
$resData = array();
// get user's login information
//// login by loginid&password OR token
$loginid = $userInfo['loginid'];
$password = $userInfo['password'];
$token = $userInfo['token'];
// Get basic information
if (!empty($loginid) && !empty($password)) {
$basicsql = "SELECT LOGIN_NAME, USER_NAME, EMAIL, CELLPHONE, ICARD_ID, to_char(CREATE_TIME,'yyyy-mm-dd hh24:mi:ss') AS CREATE_TIME, to_char(MODIFY_TIME,'yyyy-mm-dd hh24:mi:ss') AS MODIFY_TIME FROM APP_USER WHERE LOGIN_NAME='{$loginid}' OR EMAIL='{$loginid}' OR CELLPHONE='{$loginid}' AND PASSWORD='******'";
} elseif (!empty($token)) {
$basicsql = "SELECT LOGIN_NAME, USER_NAME, EMAIL, CELLPHONE, ICARD_ID, to_char(CREATE_TIME,'yyyy-mm-dd hh24:mi:ss') AS CREATE_TIME, to_char(MODIFY_TIME,'yyyy-mm-dd hh24:mi:ss') AS MODIFY_TIME FROM APP_USER WHERE TOKEN='{$token}'";
} else {
// user should post loginid&password OR token
Response::show(104, "UserInformation-getBasicInfo: No loginid&password OR token is specified");
}
//$basicsql = "SELECT LOGIN_NAME, USER_NAME, EMAIL, ICARD_ID, to_char(CREATE_TIME,'yyyy-mm-dd hh24:mi:ss') AS CREATE_TIME, to_char(MODIFY_TIME,'yyyy-mm-dd hh24:mi:ss') AS MODIFY_TIME FROM APP_USER WHERE LOGIN_NAME='{$loginid}' OR EMAIL='{$loginid}' OR CELLPHONE='{$loginid}'";
// parse
$stbs = oci_parse($connect, $basicsql);
// Execute
if (!oci_execute($stbs)) {
Response::show(102, "UserInfo-getBasicInfo: query database error");
}
// Get data
if ($bsRow = oci_fetch_array($stbs, OCI_BOTH)) {
$resData['loginname'] = isset($bsRow['LOGIN_NAME']) ? $bsRow['LOGIN_NAME'] : '';
$resData['username'] = isset($bsRow['USER_NAME']) ? $bsRow['USER_NAME'] : '';
$resData['email'] = isset($bsRow['EMAIL']) ? $bsRow['EMAIL'] : '';
$resData['cellphone'] = isset($bsRow['CELLPHONE']) ? $bsRow['CELLPHONE'] : '';
$resData['idnumber'] = isset($bsRow['ICARD_ID']) ? $bsRow['ICARD_ID'] : '';
$resData['createtime'] = isset($bsRow['CREATE_TIME']) ? $bsRow['CREATE_TIME'] : '';
$resData['modifytime'] = isset($bsRow['MODIFY_TIME']) ? $bsRow['MODIFY_TIME'] : '';
// Response data to client
Response::show(100, "UserInfo-getBasicInfo: Get user's information successful", $resData);
} else {
Response::show(103, "UerInformation-getBasicInfo: Wrong loginid&password OR token");
}
}
public function uploadFile($params, $connect, $savePath = 'uploads', $checkFlag = true, $allowExt = array('jpg', 'jpeg', 'png', 'gif', 'bmp'), $maxSize = 52428800)
{
// check whether storage folder is exist
if (!file_exists($savePath)) {
mkdir($savePath, 0777, true);
chmod($savePath, 0777);
}
// check error
$this->processErr($params, $checkFlag, $allowExt, $maxSize);
// formate data of params for insert
$username = '******' . $params['username'] . '"';
$originname = '"' . $params['filename'] . '"';
$filetmpname = '"' . $params['filetmpname'] . '"';
$filetype = '"' . $params['filetype'] . '"';
$filesize = '"' . $params['filesize'] . '"';
$description = '"' . "this is description" . '"';
// ensure imageid and file local name is unique
$imageid = '"' . $params['username'] . date('Y/m/d-H:i:s') . 'R' . rand() . $params['filename'] . '"';
$localname = '"' . $params['username'] . date('YmdHis') . 'R' . rand() . $params['filename'] . '"';
// get real path
$realSavePath = realpath($savePath);
// for database value
$filepath = '"' . $realSavePath . '/' . trim($localname, '"') . '"';
$fileerror = $params['fileerror'];
$field = "imageid, originname, localname, type, path, size, description";
$value = $imageid . ',' . $originname . ',' . $localname . ',' . $filetype . ',' . $filepath . ',' . $filesize . ',' . $description;
// query sentance
$insert_sql = 'insert into file (' . $field . ') values (' . $value . ')';
// generate destination
$destination = $realSavePath . '/' . trim($localname, '"');
if (move_uploaded_file($params['filetmpname'], $destination)) {
if (!($result = mysql_query($insert_sql, $connect))) {
// query error occur
Response::show(501, 'File_Upload: query database by name error');
}
// upload OK
Response::show(700, 'File uploaded successful');
} else {
// move_uploaded_file error occur
Response::show(711, 'File storage failure');
}
}
public function checkSecurityCode($connect, $userid)
{
// check sql
$checksql = "SELECT SECURITY_CODE, EXPIRATION_TIME FROM SECURITY_CODE WHERE USER_ID='{$userid}'";
// parse
$stcs = oci_parse($connect, $checksql);
// execute
if (!oci_execute($stcs)) {
Response::show(1322, 'User_Modify-checkUserID: query database error');
}
if ($csrow = oci_fetch_array($stcs, OCI_BOTH)) {
} else {
// insert security code into database
}
}
public function deleteComplaint($connect, $userInfo)
{
//get complaintID from userInfo
$complaintID = $userInfo['complaintid'];
if (!empty($complaintID)) {
// update database and set valid column equals to 0
$update_sql = "UPDATE COMPLAINT SET VALID=0 WHERE COMPLAINT_ID='{$complaintID}'";
// parse
$dcid = oci_parse($connect, $update_sql);
// execute
if (!oci_execute($dcid)) {
Response::show(805, 'User_Complaint-deleteComplaint: Query database error');
//echo 'db';
//return false;
}
return true;
} else {
// complaintid is illegal
//echo 'string';
return false;
}
}
function register($userInfo, $connect)
{
if (!self::itemExist($userInfo, $connect)) {
// system data
$userid = md5(uniqid(microtime(true), true));
$valid = 1;
// 1 represent effective
$createtime = date('Y-m-d H:i:s');
$modifytime = date('Y-m-d H:i:s');
// format user information
$loginname = $userInfo['loginname'];
$name = $userInfo['name'];
$email = $userInfo['email'];
$cellphone = $userInfo['cellphone'];
$note = $userInfo['note'];
$password = $userInfo['password'];
$icardid = $userInfo['icardid'];
if (empty($password)) {
Response::show(506, "Password is invalid");
//return false;
}
// generate token
$token = md5(uniqid(microtime(true), true));
$insertsql = "insert into APP_USER(USER_ID,LOGIN_NAME,USER_NAME,EMAIL,CELLPHONE,ICARD_ID,NOTE,VALID,PASSWORD,TOKEN,CREATE_TIME,MODIFY_TIME) values('{$userid}','{$loginname}','{$name}','{$email}','{$cellphone}','{$icardid}','{$note}',{$valid},'{$password}','{$token}',to_date('{$createtime}','yyyy-mm-dd hh24:mi:ss'),to_date('{$modifytime}','yyyy-mm-dd hh24:mi:ss'))";
// parse sql
$stid = oci_parse($connect, $insertsql);
// execute sql
if (!oci_execute($stid)) {
Response::show(502, 'Mobile_Register-Register: inset into database error');
} else {
// response token to client
$responseData = array('token' => $token);
Response::show(500, 'Mobile_Register: register successful', $responseData);
}
}
}
public function login($userInfo, $connect)
{
// check password
if (isset($userInfo['password'])) {
if ($userInfo['password'] != '') {
if ($userid = $this->checkPassword($userInfo, $connect)) {
//echo $userid;
// TODO
// update token and repsonse to client
$token = $this->generateToken($userInfo, $connect);
$responseData = array('token' => $token);
//Response::show(401,'Mobile_Login: login successful by password',$responseData);
//return 2;
//echo 'pwd';
return $userid;
} else {
Response::show(403, 'Mobile_Login: wrong password');
//return false;
}
}
}
// check token
if (isset($userInfo['token'])) {
if ($userInfo['token'] != '') {
if ($userid = $this->checkToken($userInfo, $connect)) {
// response OK message to client
//Response::show(400,'Mobile_Login: login successful by token');
//return 1;
return $userid;
} else {
// token is out of date
Response::show(402, 'Mobile_Login: token is out of date');
//return false;
}
}
}
Response::show(404, 'Mobile_Login: lack of password or token');
}
public function changePwdBySecurityCode($connect, $userInfo)
{
// Get parameters from user
//$loginid = $userInfo['loginid'];
$email = $userInfo['email'];
$securitycode = $userInfo['securitycode'];
$newpassword = $userInfo['newpassword'];
$sn = $userInfo['sn'];
$timestamp = $userInfo['timestamp'];
// expiration time equals to timestamp
$expirationtime = $timestamp;
if (empty($email) || empty($securitycode) || empty($newpassword) || empty($sn) || empty($timestamp)) {
Response::show(1129, 'User_ForgotPWD-ChangePwdBySecurityCode: email, securitycode, newpassword, sn, timestamp can not be empty');
}
if (empty($email) || empty($securitycode) || empty($newpassword) || empty($sn)) {
Response::show(1129, "Email, securitycode, newpassword and sn can not be empty");
}
// verify serial number(sn)
// seed for encription
//$seed = $email.$securitycode.$timestamp;
//$seed = $this->generateSeed($userInfo);
$seed = $this->generateSeed($email, $securitycode, $timestamp);
// Generate serail number
$newsn = sha1(md5($seed));
// Get current time and expiration time
$currenttime = date('Y-m-d H:i:s');
// Compare time stamp
$expirationsec = strtotime($expirationtime);
$currentsec = strtotime($currenttime);
if ($expirationsec > $currentsec) {
// valid
if ($sn == $newsn) {
// compare sn
// valid sn and security code, then modify password
//$updatePwd = "UPDATE APP_USER SET PASSWORD='******' WHERE LOGIN_NAME='{$loginid}' OR EMAIL='{$loginid}' OR CELLPHONE='{$loginid}'";
$updatePwd = "UPDATE APP_USER SET PASSWORD='******' WHERE EMAIL='{$email}'";
// parse
$stup = oci_parse($connect, $updatePwd);
// execute
if (!oci_execute($stup)) {
// TODO
Response::show(1126, 'User_ForgotPWD-ChangePwdBySecurityCode: query database error');
} else {
// Invalid security code
$this->invalidSecurityCode($connect, $userInfo);
// response success message
Response::show(1100, 'User_ForgotPWD-ChangePwdBySecurityCode: User password modified successful');
}
} else {
// invalid security code
Response::show(1128, 'User_ForgotPWD-ChangePwdBySecurityCode:Invlid security code');
}
} else {
// security code is out of date
Response::show(1131, 'User_ForgotPWD-ChangePwdBySecurityCode: security code is out of date');
}
}
/**
* 检测目录不存在则创建
*/
protected function checkUploadPath()
{
if (!file_exists($this->uploadPath)) {
if (!mkdir($this->uploadPath, 0777, true)) {
Response::show(715, 'Upload path created failure');
}
chmod($this->uploadPath, 0777);
}
}
break;
case 'GetCountryVersion':
$cv = new BusInformation();
$countryID = $userDataSet['countryid'];
$countryVersionNum = $cv->getCountryVersion($mobileConnect, $countryID);
Response::show(1500, 'Get country version number successful', $countryVersionNum);
break;
case 'GetCityVersion':
$cv = new BusInformation();
$cityID = $userDataSet['cityid'];
$cityVersionNum = $cv->getCityVersion($mobileConnect, $cityID);
Response::show(1600, 'Get city version number successful', $cityVersionNum);
break;
case 'GetCityInformation':
$cv = new BusInformation();
//$cityID = $userDataSet['cityid'];
$cityInformation = $cv->getCityInformation($mobileConnect);
Response::show(1700, 'Get city list successful', $cityInformation);
break;
case 'GetBusLineInformation':
$cv = new BusInformation();
$cityID = $userDataSet['cityid'];
$busLineInformation = $cv->getBusLineInformation($mobileConnect, $cityID);
Response::show(1800, 'Get city list successful', $busLineInformation);
break;
default:
// no action matches
//$data = array('code' => 0, 'msg' => 'No action spacified');
Response::show(20, "Default Message: No action specified");
break;
}
