$result = mysqli_multi_query($con, $sql);
if ($result) {
sendPackage($con, $package, true, "", "ATTENDANCE ADDED");
} else {
queryFailed($con, 2.1);
}
} else {
if (isset($_POST["PostComment"], $_POST["LoginID"], $_POST["LoginPass"], $_POST["Data"], $_POST["To"]) && $_POST["PostComment"] != "" && $_POST["LoginID"] != "" && $_POST["LoginPass"] != "" && $_POST["Data"] != "" && $_POST["To"] != "") {
#Connect to database
$con = dbConnect();
#Get clean variables from POST
$EventID = mysqli_real_escape_string($con, $_POST["PostComment"]);
$CommentText = mysqli_real_escape_string($con, $_POST["Data"]);
$To = mysqli_real_escape_string($con, $_POST["To"]);
$LoginID = mysqli_real_escape_string($con, $_POST["LoginID"]);
$LoginPass = mysqli_real_escape_string($con, $_POST["LoginPass"]);
#Verify User
verifyUser($con, $LoginID, $LoginPass);
$CommentDate = currentDate();
$package = array();
$sql = "UPDATE comments SET commenttext = '{$CommentText}', commentdate = '{$CommentDate}' WHERE author = '{$LoginID}' AND username = '******' AND eventid = '{$EventID}'";
$result = mysqli_multi_query($con, $sql);
if ($result) {
sendPackage($con, $package, true, "", "COMMENT TEXT ADDED");
} else {
queryFailed($con, 2.1);
}
} else {
missingParams();
}
}
$sql = "INSERT INTO events (`eventname`, `host`, `participantlimit`, `eventtype`, `starttime`, `endtime`, `location`, `description`, `minkarma`, `MinAge`, `Sex`, `MinRating`, `MaxRating`, `Rated`, `PartOf`, `MaxAge`) VALUES ('{$EventName}', '{$LoginID}', '{$ParticipantLimit}', '{$EventType}', '{$StartTime}', '{$EndTime}', '{$EventLocation}', '{$EventDescription}', '{$MinKarma}', '{$MinAge}', '{$Sex}', '{$MinRating}', '{$MaxRating}', '{$Rated}', '{$PartOf}', '{$MaxAge}')";
$result = mysqli_query($con, $sql);
if (!$result) {
queryFailed($con, 2.1);
}
$sql = "INSERT INTO eventmembers (username, eventid, hidden, participation) VALUES ('{$LoginID}', LAST_INSERT_ID(), 0, 0)";
$result = mysqli_query($con, $sql);
if (!$result) {
queryFailed($con, 2.2);
}
$result = mysqli_query($con, "SELECT LAST_INSERT_ID()");
$EventID = mysqli_fetch_row($result)[0];
$sql = "INSERT INTO eventchats (eventid, username) VALUES ('{$EventID}', '{$LoginID}')";
$result = mysqli_query($con, $sql);
if (!$result) {
queryFailed($con, 2.3);
}
#Get the name of user
$sql = "SELECT name FROM user WHERE username = '******'";
$result = mysqli_query($con, $sql);
$Name = mysqli_fetch_row($result)[0];
#Create chat file and send result of event creation
$result = mysqli_query($con, "SELECT LAST_INSERT_ID()");
$ChatID = mysqli_fetch_row($result)[0];
$chatFile = $chatDir . "Event_{$ChatID}.txt";
file_put_contents($chatFile, "[" . date('Y-m-d H:i:s') . "] {$EventName} event created!\n[" . date('H:i') . "] {$Name} joined event!\n", FILE_APPEND | LOCK_EX);
$package = array("1" => array("EventID" => $EventID));
sendPackage($con, $package, true, "", "EVENT CREATED");
} else {
missingParams();
}
function getChatDetails($con, $LoginID, $i, $ChatID, $ChatType)
{
global $handle, $EOT, $logTxt;
$package = array();
if ($ChatID == "") {
#Select all event chats
$sql = "SELECT eventid FROM eventchats WHERE username = '******'";
$result = mysqli_query($con, $sql);
if ($result) {
while ($row = mysqli_fetch_row($result)) {
$ChatID = $row[0];
$sql = "SELECT eventname FROM events WHERE eventid = '{$ChatID}'";
$rs = mysqli_query($con, $sql);
if (mysqli_num_rows($rs) > 0) {
$row = mysqli_fetch_row($rs);
$ChatName = $row[0];
$tmp = array("{$i}" => array("BelongsTo" => "1", "ID" => $ChatID, "ChatName" => $ChatName));
$package = array_merge($package, $tmp);
$i++;
}
}
} else {
queryFailed($con, 5.1);
}
#Select all group chats
$sql = "SELECT groupid FROM groupchats WHERE username = '******'";
$result = mysqli_query($con, $sql);
if ($result) {
while ($row = mysqli_fetch_row($result)) {
$ChatID = $row[0];
$sql = "SELECT name FROM groups WHERE groupid = '{$ChatID}'";
$rs = mysqli_query($con, $sql);
if (mysqli_num_rows($rs) > 0) {
$row = mysqli_fetch_row($rs);
$ChatName = $row[0];
$tmp = array("{$i}" => array("BelongsTo" => "2", "ID" => $ChatID, "ChatName" => $ChatName));
$package = array_merge($package, $tmp);
$i++;
}
}
} else {
queryFailed($con, 5.2);
}
#Return all chats found
return $package;
} else {
if ($ChatType == "1") {
$sql = "SELECT eventname FROM events WHERE eventid = '{$ChatID}'";
$rs = mysqli_query($con, $sql);
if ($rs && mysqli_num_rows($rs) > 0) {
$row = mysqli_fetch_row($rs);
$ChatName = $row[0];
$tmp = array("{$i}" => array("BelongsTo" => "Event", "ChatID" => $ChatID, "ID" => $ChatID, "ChatName" => $ChatName));
$package = array_merge($package, $tmp);
} else {
queryFailed($con, 5.3);
}
return $package;
} else {
$sql = "SELECT name FROM groups WHERE groupid = '{$ChatID}'";
$rs = mysqli_query($con, $sql);
if ($rs) {
$row = mysqli_fetch_row($rs);
$ChatName = $row[0];
$tmp = array("{$i}" => array("BelongsTo" => "Group", "ChatID" => $ChatID, "ID" => $ChatID, "ChatName" => $ChatName));
$package = array_merge($package, $tmp);
} else {
queryFailed($con, 5.4);
}
return $package;
}
}
}
$AuthorID = $rowComment[1];
$sql = "SELECT name FROM user WHERE username = '******'";
$rs = mysqli_query($con, $sql);
if ($rs) {
$Author = mysqli_fetch_row($rs)[0];
$tmp = array("{$i}" => array("CommentID" => $CommentID, "Author" => $Author, "CommentText" => $CommentText, "EventID" => $EventID, "CommentDate" => $CommentDate));
$commentPackage = array_merge($commentPackage, $tmp);
$i++;
$commentIter++;
} else {
queryFailed($con, 2.51);
}
}
$package = array_merge($package, $commentPackage);
} else {
queryFailed($con, 2.5);
}
#All data retrieved
#Send Package
$fpackage = array("0" => array("status" => true, "reason" => $Reason, "GroupCount" => $groupIter, "EventCount" => $eventIter, "CommentCount" => $commentIter));
$package = array_merge($fpackage, $package);
packageLog($package);
file_put_contents($logTxt, "PROFILE SENT!\n{$EOT}", FILE_APPEND | LOCK_EX);
echo json_encode($package);
fclose($handle);
mysqli_close($con);
exit;
} else {
missingParams();
}
}
$package = array();
$i = 0;
$sql = "SELECT username, rating FROM groupmembers WHERE groupid = '{$GroupID}' ORDER BY rating DESC";
$result = mysqli_query($con, $sql);
if ($result) {
while (($row = mysqli_fetch_row($result)) && $i < 10) {
$Username = $row[0];
$Rating = $row[1];
$sql = "SELECT name FROM user WHERE username = '******'";
$res = mysqli_query($con, $sql);
if ($res) {
$Name = mysqli_fetch_row($res)[0];
$i++;
$tmp = array("{$i}" => array("Name" => $Name, "Rating" => $Rating));
$package = array_merge($package, $tmp);
} else {
queryFailed($con, 2.1);
}
}
sendPackage($con, $package, true, "", "LEADERBOARD SENT");
} else {
queryFailed($con, 2.2);
}
} else {
missingParams();
}
}
}
}
}
}
