public function onAction()
{
parent::onAction();
// TODO proper email sending
$target = $this->plugin->getData('target');
$actionResp = getApi()->invoke("/action/{$target['id']}/view.json", EpiRoute::httpGet);
if ($actionResp['code'] !== 200) {
return;
}
$action = $actionResp['result'];
$email = getConfig()->get('user')->email;
$subject = 'You got a new comment on your photo';
if ($action['type'] == 'comment') {
$body = <<<BODY
{$action['email']} left a comment on your photo.
====
{$action['value']}
====
See the comment here: {$action['permalink']}
BODY;
} else {
$body = <<<BODY
{$action['email']} favorited a photo of yours.
See the favorite here: {$action['permalink']}
BODY;
}
$headers = "From: Trovebox Robot <*****@*****.**>\r\n" . "Reply-To: no-reply@trovebox.com\r\n" . 'X-Mailer: Trovebox';
mail($email, $subject, $body, $headers);
}
public function __construct()
{
$this->api = getApi();
$this->config = getConfig()->get();
$this->plugin = getPlugin();
$this->route = getRoute();
$this->session = getSession();
$this->template = getTemplate();
$this->utility = new Utility();
$this->url = new Url();
$this->apiVersion = Request::getApiVersion();
}
public function __construct()
{
$this->api = getApi();
$this->config = getConfig()->get();
$this->logger = getLogger();
$this->route = getRoute();
$this->session = getSession();
$this->cache = getCache();
// really just for setup when the systems don't yet exist
if (isset($this->config->systems)) {
$this->db = getDb();
$this->fs = getFs();
}
}
static function login($post)
{
// Validate that all required fields are present
getApi()->checkFields($post, array('required' => array('username', 'password'), 'optional' => array('sessionId')));
// Validate user against database
if (!($user_id = getDatabase()->one("SELECT user_id FROM users where (name=:u OR (email=:u AND email>'')) and password=:p", array('u' => $post['username'], 'p' => sha1($post['password']))))) {
http_response_code(401);
trigger_error('Unauthorized');
}
if (!session_id()) {
session_start();
}
$_SESSION['user_id'] = $user_id['user_id'];
return array('sessionId' => session_id());
}
public function __construct()
{
$this->api = getApi();
$this->config = getConfig()->get();
$this->plugin = getPlugin();
$this->route = getRoute();
$this->session = getSession();
$this->template = getTemplate();
$this->theme = getTheme();
$this->utility = new Utility();
$this->url = new Url();
$this->template->template = $this->template;
$this->template->config = $this->config;
$this->template->plugin = $this->plugin;
$this->template->session = $this->session;
$this->template->theme = $this->theme;
$this->template->utility = $this->utility;
$this->template->url = $this->url;
$this->template->user = new User();
}
static function post($post)
{
$fields = getApi()->checkFields($post, array('required' => array('code', 'firstname', 'lastname', 'username', 'email', 'ref_user', 'phone', 'nationality', 'country', 'gender', 'city', 'address', 'zip', 'accepted_fields', 'order_owner'), 'optional' => array('ordernr')));
$post['attendee_id'] = $post['ref_user'];
$order['order_id'] = $post['ordernr'];
$order['attendee_id'] = $post['ref_user'];
$order['code'] = $post['code'];
$order['order_owner'] = $post['order_owner'];
$order['event_id'] = 1;
$order['revision'] = getDatabase()->one('SELECT revision FROM cust_orders WHERE order_id=:order_id AND event_id=:event_id AND code=:code', array('order_id' => $order['order_id'], 'event_id' => $order['event_id'], 'code' => $order['code']));
$order['revision'] = $order['revision']['revision'] + 1;
unset($post['ref_user']);
unset($fields['ref_user']);
unset($post['ordernr']);
unset($post['code']);
unset($post['order_owner']);
getDatabase()->insertOrUpdate('cust_orders', $order, array('order_id', 'event_id', 'code'));
getDatabase()->insertOrUpdate('cust_attendee', $post, 'attendee_id', $fields);
return $post['attendee_id'];
}
public function callApis($apisToCall, $apiObj = null)
{
if ($apiObj === null) {
$apiObj = getApi();
}
$params = array();
if (!empty($apisToCall)) {
foreach ($apisToCall as $name => $api) {
$apiParts = explode(' ', $api);
$apiMethod = strtoupper($apiParts[0]);
$apiMethod = $apiMethod == 'GET' ? EpiRoute::httpGet : EpiRoute::httpPost;
$apiUrlParts = parse_url($apiParts[1]);
$apiParams = array();
if (isset($apiUrlParts['query'])) {
parse_str($apiUrlParts['query'], $apiParams);
}
$response = $apiObj->invoke($apiUrlParts['path'], $apiMethod, array("_{$apiMethod}" => $apiParams));
$params[$name] = $response['result'];
}
}
return $params;
}
static function createUser($post)
{
$fields = getApi()->checkFields($post, array('required' => array('name', 'password', 'group'), 'optional' => array('email')));
//check is user is logged in and is member of group he/she is trying to create user in.
if (!getDatabase()->one("SELECT user_id FROM membership WHERE (group_id=:g OR group_id=0) and user_id=:u", array('g' => $post['group'], 'u' => $_SESSION['user_id']))) {
http_response_code(401);
trigger_error('Access is denied: You dont belong to this group');
}
//Check if username is already taken
if (getDatabase()->one("SELECT user_id FROM users WHERE name=:n AND NOT deleted", array('n' => $post['name']))) {
//username already exists
http_response_code(400);
trigger_error('Error: Username already exists');
}
//else create the user
//Hash the password
$post['password'] = sha1($post['password']);
//update the array with new fields to return
unset($fields['password']);
unset($fields['group']);
$fields['user_id'] = 'user_id';
//remoev the group from post
$group = $post['group'];
unset($post['group']);
// Insert user into database, and save result for later return.
$user = getDatabase()->insert('users', $post, 'user_id', $fields);
// Add user to group, if group_id > 0
if ($group > 0) {
// check if group actually exists
if (getDatabase()->one('SELECT group_id FROM groups WHERE group_id=:g', array('g' => $group))) {
getDatabase()->insert('membership', array('user_id' => $user['user_id'], 'group_id' => $group));
} else {
http_response_code(500);
trigger_error('Error: Group does not exist');
}
}
return $user;
}
<?php
// require our important files
// wp stuff?
require_once 'sugarapi-2.0.0.php';
function getApi()
{
$sugar_url = 'https://colorfarmrx.sugarondemand.com/rest/v10';
$sugar_user = '******';
$sugar_pwd = 'Password1';
$api = new SugarREST($sugar_url, $sugar_user, $sugar_pwd, false);
return $api;
}
// process request
if (isset($_POST['action'])) {
$path = isset($_POST['path']) ? $_POST['path'] : '';
$type = isset($_POST['type']) ? $_POST['type'] : 'GET';
$args = array();
if (isset($_POST['args'])) {
$args = $_POST['args'];
}
// get api
$sugar = getApi();
$url = $sugar->baseUrl() . $path;
$response = $sugar->call($url, $type, $args);
//print_r($response);
echo json_encode($response);
}
static function addMember($groupId, $user)
{
if (!self::isAdmin()) {
http_response_code(403);
return trigger_error('Access is denied');
}
getApi()->checkFields($user, array('required' => array('user_id'), 'optional' => array('name')));
if ($existingUser = self::getMember($groupId, $user['user_id'])) {
return $existingUser;
}
unset($user['name']);
$user['group_id'] = $groupId;
if (getDatabase()->insert('membership', $user)) {
return self::getMember($groupId, $user['user_id']);
}
}
public function team()
{
$envelope = getApi()->invoke('/team.json');
getTemplate()->display('template.php', $envelope['result']);
}
static function addScan($list, $post)
{
getApi()->CheckFields($post, array('required' => array('tag_id'), 'optional' => array('scanner', 'scanner_alias', 'attendee_id', 'timestamp')));
//max: check to see if user has access to post to this list
if (!getDatabase()->one('SELECT group_id,list_id FROM membership JOIN lists USING(group_id) WHERE user_id=:u AND list_id=:l', array('u' => $_SESSION['user_id'], 'l' => $list))) {
http_response_code(403);
trigger_error('Access to list is denied');
}
//max: check if tag has a unique user associated with it, if not, send all the people associated with the order_id and make them select themselfs.
if ($tag = getDatabase()->one('SELECT * FROM tags WHERE tag_id=:t AND attendee_id=0', array('t' => $post['tag_id']))) {
return getDatabase()->all('SELECT * FROM cust_orders JOIN cust_attendee USING(attendee_id) WHERE order_id=:oid', array('oid' => $tag['order_id']));
} else {
//max: add some IMPORTANT stuff to the array.
$post['user_id'] = $_SESSION['user_id'];
$post['list_id'] = $list;
//max: now insert the tag
getDatabase()->insert('scans', $post, 'scan_id');
$tag = getDatabase()->one('SELECT * FROM tags WHERE tag_id=:t', array('t' => $post['tag_id']));
return getDatabase()->all('SELECT * FROM cust_orders JOIN cust_attendee USING(attendee_id) WHERE attendee_id=:att', array('att' => $tag['attendee_id']));
}
}
date_default_timezone_set('America/Los_Angeles');
if (isset($_GET['__route__']) && strstr($_GET['__route__'], '.json')) {
header('Content-type: application/json');
}
$basePath = dirname(dirname(__FILE__));
$epiPath = "{$basePath}/libraries/external/epi";
require "{$epiPath}/Epi.php";
require "{$basePath}/libraries/compatability.php";
require "{$basePath}/libraries/models/UserConfig.php";
Epi::setSetting('exceptions', true);
Epi::setPath('base', $epiPath);
Epi::setPath('config', "{$basePath}/configs");
Epi::setPath('view', '');
Epi::init('api', 'cache', 'config', 'curl', 'form', 'logger', 'route', 'session', 'template', 'database');
$routeObj = getRoute();
$apiObj = getApi();
// loads configs and dependencies
$userConfigObj = new UserConfig();
$hasConfig = $userConfigObj->load();
$configObj = getConfig();
EpiCache::employ($configObj->get('epi')->cache);
$sessionParams = array($configObj->get('epi')->session);
if ($configObj->get('epiSessionParams')) {
$sessionParams = array_merge($sessionParams, (array) $configObj->get('epiSessionParams'));
// for TLDs we need to override the cookie domain if specified
if (isset($sessionParams['domain']) && stristr($_SERVER['HTTP_HOST'], $sessionParams['domain']) === false) {
$sessionParams['domain'] = $_SERVER['HTTP_HOST'];
}
$sessionParams = array_values($sessionParams);
// reset keys
}
/**
* Test #12. SYNCH put request without data.
*/
public function testSynchPutInvalid()
{
global $synchAuthToken;
$this->assertEquals(0, $this->countTestRows());
$data = array();
$result = putApi('synchUser.php', $data, $synchAuthToken);
$this->assertEquals(RESPONSE_BAD_REQUEST, $result['resultCode']);
$data = array('userId' => '');
$result = getApi('synchUser.php', $data, $synchAuthToken);
$this->assertEquals(RESPONSE_BAD_REQUEST, $result['resultCode']);
$this->assertEquals(0, $this->countTestRows());
}
}
function p($data)
{
echo "<pre>" . print_r($data, true) . "</pre>";
}
getRoute()->get('/', 'home', 'insecure');
//user
getApi()->get('/users', array('users', 'getAll'), 'secure', EpiApi::external);
getApi()->get('/users/self', array('users', 'getSelf'), 'secure', EpiApi::external);
getApi()->get('/users/(\\d+)', array('users', 'get'), 'secure', EpiApi::external);
getApi()->get('/users/relations', array('users', 'relations'), 'secure', EpiApi::external);
getApi()->get('/users/relationsng', array('users', 'relationsng'), 'secure', EpiApi::external);
getApi()->get('/users/phone/(\\w+)', array('users', 'phonenumber'), 'secure', EpiApi::external);
//group
//event
getApi()->get('/events', array('events', 'getng'), 'secure', EpiApi::external);
getApi()->get('/events/all', array('events', 'getAll'), 'secure', EpiApi::external);
getApi()->get('/events/(\\d+)', array('events', 'getng'), 'secure', EpiApi::external);
getApi()->get('/events/shortname/(\\w+)', array('events', 'getShort'), 'secure', EpiApi::external);
require_once "src/Epi.php";
try {
response(getRoute()->run('/' . implode($request, '/')));
} catch (Exception $err) {
// Make sure we always change the respose code to something else than 200
if (http_response_code() == 200) {
http_response_code(500);
}
$err = array('error' => $err->getMessage(), 'file' => $err->getFile(), 'line' => $err->getLine());
response($err);
}
die;
<?php
require sprintf('%s/controllers/BaseController.php', $libraryPath);
require sprintf('%s/controllers/ApiController.php', $libraryPath);
require sprintf('%s/controllers/GeneralController.php', $libraryPath);
require sprintf('%s/external/Markdown/markdown.php', $libraryPath);
require sprintf('%s/external/CssMin/CssMin.php', $libraryPath);
require sprintf('%s/external/JSMin/JSMin.php', $libraryPath);
$route = getRoute();
$api = getApi();
$route->get('/', array('GeneralController', 'home'));
$route->get('/community', array('GeneralController', 'community'));
$route->get('/contribute/?([a-zA-Z0-9-]+)?', array('GeneralController', 'contribute'));
$route->get('/documentation', array('GeneralController', 'documentation'));
$route->get('/documentation/api/([a-zA-Z0-9-]+)', array('GeneralController', 'documentationApi'));
$route->get('/documentation/faq/([a-zA-Z0-9-]+)', array('GeneralController', 'documentationFaq'));
$route->get('/documentation/guide/([a-zA-Z0-9-]+)', array('GeneralController', 'documentationGuide'));
$route->get('/documentation/schemas/([a-zA-Z0-9-]+)', array('GeneralController', 'documentationSchemas'));
$route->get('/get-started', array('GeneralController', 'getStarted'));
$route->get('/overview', array('GeneralController', 'overview'));
$route->get('/screenshots', array('GeneralController', 'screenshots'));
$route->get('/supporters', array('GeneralController', 'supporters'));
$route->get('/team', array('GeneralController', 'team'));
$api->get('/\\.json', array('ApiController', 'home'), EpiApi::external);
$api->get('/community\\.json', array('ApiController', 'community'), EpiApi::external);
$api->get('/contribute/?([a-zA-Z0-9-]+)?\\.json', array('ApiController', 'contribute'), EpiApi::external);
$api->get('/documentation\\.json', array('ApiController', 'documentation'), EpiApi::external);
$api->get('/documentation/api/([a-zA-Z0-9-]+)\\.json', array('ApiController', 'documentationApi'), EpiApi::external);
$api->get('/documentation/faq/([a-zA-Z0-9-]+)\\.json', array('ApiController', 'documentationFaq'), EpiApi::external);
$api->get('/documentation/guide/([a-zA-Z0-9-]+)\\.json', array('ApiController', 'documentationGuide'), EpiApi::external);
$api->get('/documentation/schemas/([a-zA-Z0-9-]+)\\.json', array('ApiController', 'documentationSchemas'), EpiApi::external);
function apiParamsFromExternal()
{
$res = getApi()->invoke('/params-internal.json', EpiRoute::httpGet);
return $res;
}
Epi::setPath('config', './conf');
getConfig()->load('config.ini');
//Include plugin classes and configuration
$dir = new DirectoryIterator(dirname(__FILE__) . '/plugins');
foreach ($dir as $fileinfo) {
if (!$fileinfo->isDot() && $fileinfo->isDir()) {
$file = $fileinfo->getFilename();
include_once './plugins/' . $file . '/index.php';
}
}
/*
* We create 1 normal route (think of these are user viewable pages).
* We also create 7 api routes (this of these as data methods).
* The beauty of the api routes are they can be accessed natively from PHP
* or remotely via HTTP.
* When accessed over HTTP the response is json.
* When accessed natively it's a php array/string/boolean/etc.
*/
//getApi()->get('/version.json', array('Api', 'getVersion'), EpiApi::external);
getApi()->get('/info/((\\w|-)+)', array('Api', 'info'), EpiApi::external);
getApi()->get('/start/((\\w|-)+)', array('Api', 'start'), EpiApi::external);
getApi()->get('/stop/((\\w|-)+)', array('Api', 'stop'), EpiApi::external);
getApi()->get('/turnAutoRecoverOn/((\\w|-)+)', array('Api', 'turnAutoRecoverOn'), EpiApi::external);
getApi()->get('/turnAutoRecoverOff/((\\w|-)+)', array('Api', 'turnAutoRecoverOff'), EpiApi::external);
getApi()->get('/turnRefuseNewSessionsOn/((\\w|-)+)', array('Api', 'turnRefuseNewSessionsOn'), EpiApi::external);
getApi()->get('/turnRefuseNewSessionsOff/((\\w|-)+)', array('Api', 'turnRefuseNewSessionsOff'), EpiApi::external);
getRoute()->get('/', array('Site', 'main'));
getRoute()->run();
?>
/**
* Extra text. Make sure the get operation works with a "latest"
* value.
*/
function testGetLatest()
{
global $testTripId1, $testTripId2;
// use the timezone where we do our testing :-)
date_default_timezone_set("America/New_York");
$now = time();
$today = date('Y-m-d', $now);
$yesterday = date('Y-m-d', $now - 24 * 60 * 60);
$tomorrow = date('Y-m-d', $now + 24 * 60 * 60);
$past = date('Y-m-d', $now - 5 * (24 * 60 * 60));
$future = date('Y-m-d', $now + 5 * (24 * 60 * 60));
$farPast = date('Y-m-d', $now - 10 * (24 * 60 * 60));
$farFuture = date('Y-m-d', $now + 10 * (24 * 60 * 60));
$testTrip1 = new Trip($testTripId1);
$testTrip2 = new Trip($testTripId2);
$data = array('current' => '');
// one past and one future trip
$testTrip1->setStartDate($past);
$testTrip1->setEndDate($yesterday);
$this->assertTrue($testTrip1->save());
$testTrip2->setStartDate($tomorrow);
$testTrip2->setEndDate($future);
$this->assertTrue($testTrip2->save());
$result = getApi('getTrip.php', $data);
$this->assertEquals(RESPONSE_SUCCESS, $result['resultCode']);
$this->assertTrue(isset($result['tripId']));
$this->assertEquals($testTripId1, $result['tripId']);
// one past and one current trip
$testTrip1->setStartDate($past);
$testTrip1->setEndDate($yesterday);
$this->assertTrue($testTrip1->save());
$testTrip2->setStartDate($yesterday);
$testTrip2->setEndDate($tomorrow);
$this->assertTrue($testTrip2->save());
$result = getApi('getTrip.php', $data);
$this->assertEquals(RESPONSE_SUCCESS, $result['resultCode']);
$this->assertTrue(isset($result['tripId']));
$this->assertEquals($testTripId2, $result['tripId']);
// two past trips
$testTrip1->setStartDate($past);
$testTrip1->setEndDate($yesterday);
$this->assertTrue($testTrip1->save());
$testTrip2->setStartDate($farPast);
$testTrip2->setEndDate($past);
$this->assertTrue($testTrip2->save());
$result = getApi('getTrip.php', $data);
$this->assertEquals(RESPONSE_SUCCESS, $result['resultCode']);
$this->assertTrue(isset($result['tripId']));
$this->assertEquals($testTripId1, $result['tripId']);
// one current and one future trip
$testTrip1->setStartDate($yesterday);
$testTrip1->setEndDate($tomorrow);
$this->assertTrue($testTrip1->save());
$testTrip2->setStartDate($tomorrow);
$testTrip2->setEndDate($future);
$this->assertTrue($testTrip2->save());
$result = getApi('getTrip.php', $data);
$this->assertEquals(RESPONSE_SUCCESS, $result['resultCode']);
$this->assertTrue(isset($result['tripId']));
$this->assertEquals($testTripId1, $result['tripId']);
// two current trips, nested
$testTrip1->setStartDate($yesterday);
$testTrip1->setEndDate($tomorrow);
$this->assertTrue($testTrip1->save());
$testTrip2->setStartDate($past);
$testTrip2->setEndDate($future);
$this->assertTrue($testTrip2->save());
$result = getApi('getTrip.php', $data);
$this->assertEquals(RESPONSE_SUCCESS, $result['resultCode']);
$this->assertTrue(isset($result['tripId']));
$this->assertEquals($testTripId1, $result['tripId']);
// two current trips, staggered
$testTrip1->setStartDate($past);
$testTrip1->setEndDate($tomorrow);
$this->assertTrue($testTrip1->save());
$testTrip2->setStartDate($yesterday);
$testTrip2->setEndDate($future);
$this->assertTrue($testTrip2->save());
$result = getApi('getTrip.php', $data);
$this->assertEquals(RESPONSE_SUCCESS, $result['resultCode']);
$this->assertTrue(isset($result['tripId']));
$this->assertEquals($testTripId2, $result['tripId']);
}
/**
* Test #11. SYNCH get an existent object.
* @depends testDataWipedBeforeTest
* @depends testGetExistent
*/
public function testSynchGet()
{
global $testTripId1;
global $testJournalId1;
global $synchAuthToken;
// Create the object and set attributes
$object = new Journal($testTripId1, $testJournalId1);
$object->setUserId('user');
$object->setJournalDate('2015-09-30');
$object->setJournalTitle('Journal Title');
$object->setJournalText('Journal Text');
$object->setDeleted('Y');
// Save the object and confirm a row is added to the database
$this->assertTrue($object->save());
$this->assertEquals(1, $this->countTestRows());
$data = array('hash' => $object->getHash());
$result = getApi('synchJournal.php', $data, $synchAuthToken);
$this->assertEquals(RESPONSE_SUCCESS, $result['resultCode']);
$this->assertTrue(isset($result['tripId']));
$this->assertTrue(isset($result['journalId']));
$this->assertTrue(isset($result['created']));
$this->assertTrue(isset($result['updated']));
$this->assertTrue(isset($result['userId']));
$this->assertTrue(isset($result['journalDate']));
$this->assertTrue(isset($result['journalTitle']));
$this->assertTrue(isset($result['journalText']));
$this->assertTrue(isset($result['deleted']));
$this->assertTrue(isset($result['hash']));
$this->assertEquals($testTripId1, $result['tripId']);
$this->assertEquals($testJournalId1, $result['journalId']);
$this->assertEquals($object->getCreated(), $result['created']);
$this->assertEquals($object->getUpdated(), $result['updated']);
$this->assertEquals('user', $result['userId']);
$this->assertEquals('2015-09-30', $result['journalDate']);
$this->assertEquals('Journal Title', $result['journalTitle']);
$this->assertEquals('Journal Text', $result['journalText']);
$this->assertEquals('Y', $result['deleted']);
$this->assertEquals($object->getHash(), $result['hash']);
}
/**
* @depends testSynchGetInvalid
*/
public function testSynchGetUnauthorized()
{
global $testTripId1;
global $testReferenceId1;
global $testUserId1;
global $adminAuthToken;
// Create the object and set attributes
$object = new Feedback($testTripId1, $testReferenceId1, $testUserId1);
$object->setType('-type-1');
$object->setDeleted('Y');
// Save the object and confirm a row is added to the database
$this->assertTrue($object->save());
$this->assertEquals(1, $this->countTestRows());
$data = array('hash' => $object->getHash());
$result = getApi('synchFeedback.php', $data, $adminAuthToken);
$this->assertEquals(RESPONSE_UNAUTHORIZED, $result['resultCode']);
}
/**
* Test #12. SYNCH put request without data.
*/
public function testSynchPutInvalid()
{
global $testTripId1;
global $testName1;
global $synchAuthToken;
$this->assertEquals(0, $this->countTestRows());
$data = array();
$result = putApi('synchTripAttribute.php', $data, $synchAuthToken);
$this->assertEquals(RESPONSE_BAD_REQUEST, $result['resultCode']);
$data = array('tripId' => '');
$result = getApi('synchTripAttribute.php', $data, $synchAuthToken);
$this->assertEquals(RESPONSE_BAD_REQUEST, $result['resultCode']);
$data = array('name' => '');
$result = getApi('synchTripAttribute.php', $data, $synchAuthToken);
$this->assertEquals(RESPONSE_BAD_REQUEST, $result['resultCode']);
$data = array('tripId' => $testTripId1);
$result = getApi('synchTripAttribute.php', $data, $synchAuthToken);
$this->assertEquals(RESPONSE_BAD_REQUEST, $result['resultCode']);
$data = array('name' => $testName1);
$result = getApi('synchTripAttribute.php', $data, $synchAuthToken);
$this->assertEquals(RESPONSE_BAD_REQUEST, $result['resultCode']);
$data = array('tripId' => $testTripId1, 'name' => '');
$result = getApi('synchTripAttribute.php', $data, $synchAuthToken);
$this->assertEquals(RESPONSE_BAD_REQUEST, $result['resultCode']);
$data = array('tripId' => '', 'name' => $testName1);
$result = getApi('synchTripAttribute.php', $data, $synchAuthToken);
$this->assertEquals(RESPONSE_BAD_REQUEST, $result['resultCode']);
$this->assertEquals(0, $this->countTestRows());
}
static function usePrepaid($attId, $post)
{
if (self::isAdmin()) {
getApi()->checkFields($post, array('required' => array('product_id', 'consumed_location'), 'optional' => array()));
if (!getDatabase()->one('SELECT * FROM prepaid WHERE attendee_id=:attid AND product_id=:prod AND NOT used', array('attid' => $attId, 'prod' => $post['product_id']))) {
echo "customer doesn't have enough prepaid for this product";
}
$ret = getDatabase()->update('prepaid', array('used' => 1, 'consumed' => date('Y-m-d H:i:s'), 'consumed_location' => $post['consumed_location']), 'WHERE attendee_id=:attid AND NOT used LIMIT 1', array('attid' => $attId), 'prepaid_id', array('prepaid_id', 'product_id', 'used'));
} else {
http_response_code(403);
trigger_error('Access is denied');
}
return $ret;
}
