<?php
require "utils.php";
try {
$proAuthID = htmlspecialchars($_POST['proAuthID']);
connectDB();
if (!isAuthenticate($proAuthID)) {
$response["success"] = -1;
$response["message"] = '401 - Unauthorized';
echo json_encode($response);
return;
}
$authEmail = htmlspecialchars($_POST['authEmail']);
$authName = htmlspecialchars($_POST['authName']);
$proName = htmlspecialchars($_POST['proName']);
$conName = htmlspecialchars($_POST['conName']);
$conEmail = htmlspecialchars($_POST['conEmail']);
$subject = "A new response from SMEP";
$msg = "Dear {$authName} \n\nA response has been submitted to your {$proName} experience by {$conName}. Please sign into SLAT with your Dropbox account at http://wraydisplay.lancs.ac.uk/sharcauthoringV1_20 to moderate the response. Once you have logged in, please go to menu Response -> Moderate new responses \n\nPlease do not reply to this automatic email. You can contact us at thesharcproject@gmail.com.\n\nThank you.\n\nThe SHARC project team.";
$headers = "From: SHARC-Authoring-Tool" . "\r\n" . "CC: thesharcproject@gmail.com";
// use wordwrap() if lines are longer than 70 characters
//$msg = wordwrap($msg,70);
mail($authEmail, $subject, $msg, $headers);
$msg = "Dear {$conName} \n\nYour response to the {$proName} experience has been submitted and is waiting for moderation. We will notify you the outcome once the moderator has made a decision.\n\nPlease do not reply to this automatic email. You can contact us at thesharcproject@gmail.com.\n\nThank you.\n\nThe SHARC project team.";
$headers = "From: SMET" . "\r\n" . "CC: thesharcproject@gmail.com";
mail($conEmail, $subject, $msg, $headers);
} catch (Exception $e) {
echo 'Caught exception: ', $e->getMessage(), "\n";
}
<?php
require "utils.php";
connectDB();
// Get user info
$userID = htmlspecialchars($_POST['userID']);
$projectID = htmlspecialchars($_POST['projectID']);
$mTime = date('d-m-Y H:i:s');
try {
if (!isAuthenticate($userID)) {
$response["success"] = -1;
$response["message"] = '401 - Unauthorized';
echo json_encode($response);
return;
}
$result = mysql_query("select * from usersProjects where userID = '{$userID}' and projectID = '{$projectID}' ");
// Check result
// This shows the actual query sent to MySQL, and the error. Useful for debugging.
if (!$result) {
$message = 'Invalid query: ' . mysql_error() . "\n";
die($message);
} else {
// check for empty result --> add new user - project
if (mysql_num_rows($result) == 0) {
mysql_query("insert into usersProjects (userID,projectID,consumedDate) values('{$userID}','{$projectID}','{$mTime}')");
//echo "New user added";
} else {
//Update time only
mysql_query("update usersProjects set consumedDate = '{$mTime}' where userID = '{$userID}' and projectID = '{$projectID}' ");
//echo "User already existed";
}
<?php
require "utils.php";
try {
//Get data from client
$myLat = htmlspecialchars($_POST['lat']);
$myLng = htmlspecialchars($_POST['lng']);
$locationID = htmlspecialchars($_POST['locationID']);
//Insert meta data into with MySQL
connectDB();
if (!isAuthenticate($locationID)) {
$response["success"] = -1;
$response["message"] = '401 - Unauthorized';
echo json_encode($response);
return;
}
$result = mysql_query("select * from MockLocation where LocationID = {$locationID}");
// Check result
if (!$result) {
$message = 'Invalid query: ' . mysql_error() . "\n";
die($message);
} else {
// check for empty result --> add new simulator
if (mysql_num_rows($result) == 0) {
mysql_query("insert into MockLocation (LocationID,lat,lng) values({$locationID},{$myLat},{$myLng})");
//echo "New user added";
} else {
mysql_query("update MockLocation SET lat = {$myLat}, lng = {$myLng} WHERE LocationID = {$locationID}");
}
}
} catch (Exception $e) {
require "utils.php";
connectDB();
// Get user info
$auID = htmlspecialchars($_POST['auID']);
$auName = htmlspecialchars($_POST['auName']);
$auEmail = htmlspecialchars($_POST['auEmail']);
$mTime = date('d-m-Y H:i:s');
//get experience info
$proName = htmlspecialchars($_POST['proName']);
$proPath = htmlspecialchars($_POST['proPath']);
$proDesc = htmlspecialchars($_POST['proDesc']);
$proAuthID = htmlspecialchars($_POST['proAuthID']);
$proAccess = htmlspecialchars($_POST['proAccess']);
try {
if (!isAuthenticate($auID)) {
$response["success"] = -1;
$response["message"] = '401 - Unauthorized';
echo json_encode($response);
return;
}
if (!isAuthorised($auID, $proPath)) {
$response["success"] = -1;
$response["message"] = '403 - Forbidden';
echo json_encode($response);
return;
}
$result = mysql_query("select * from users where userID = '{$auID}'");
// Check result
// This shows the actual query sent to MySQL, and the error. Useful for debugging.
if (!$result) {
<?php
require "utils.php";
connectDB();
try {
$inFile = $_POST['fileName'];
//id of designer actually
if (!isAuthenticate($inFile)) {
$response["success"] = -1;
$response["message"] = '401 - Unauthorized';
echo json_encode($response);
return;
}
$imageURI = htmlspecialchars($_POST['imageData']);
$encodedData = substr($imageURI, strpos($imageURI, ",") + 1);
$encodedData = str_replace(' ', '+', $encodedData);
$decodedData = base64_decode($encodedData);
$inFile = $inFile . ".jpg";
$outFile = 'data/' . $inFile;
$ret = file_put_contents($outFile, $decodedData);
if (!$ret) {
$response["data"] = 'Could not write to file: ' . error_get_last();
$response["success"] = 0;
} else {
$response["data"] = $inFile;
$response["success"] = 1;
}
} catch (Exception $e) {
$response["data"] = 'Caught exception: ' . $e->getMessage();
$response["success"] = 0;
}
