<?php
include_once 'common.php';
include_once 'utils.php';
$qid = trim(avoid_sql($_POST['qid']));
$mid = trim(avoid_sql($_POST['mid']));
$action = trim(avoid_sql($_POST['action']));
$res = array();
if (strlen($qid) > 0) {
$fuid = 0;
$fnick = '';
$tuid = 0;
$tnick = 0;
$tag_type = '';
$queue_type = '';
$expire = 0;
$pid = 0;
try {
$db = new PDO($PDO_DB_DSN, DB_USER, DB_PWD);
$db->setAttribute(PDO::ATTR_CASE, PDO::CASE_LOWER);
//设置属性
$db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
// 检查是否有请求记录
$sql = "SELECT id, mid, tag_type, fuid, fnick, tuid, queue_type, queue_file FROM sc_queue WHERE id = {$qid} AND expire = 0 LIMIT 1";
$stmt = $db->prepare($sql);
$stmt->execute();
if ($row = $stmt->fetch(PDO::FETCH_ASSOC)) {
$tuid = $row['tuid'];
$fuid = $row['fuid'];
$fnick = $row['fnick'];
$tag_type = $row['tag_type'];
<?php
include_once 'common.php';
include_once 'utils.php';
$uid = trim(avoid_sql($_POST['uid']));
$res = array();
if (strlen($uid) > 0) {
try {
$db = new PDO($PDO_DB_DSN, DB_USER, DB_PWD);
$db->setAttribute(PDO::ATTR_CASE, PDO::CASE_LOWER);
//设置属性
$db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
// 查询群组信息
$groups = array();
// get group id
$group_ids = "";
$sql = "SELECT gid FROM sc_group_members WHERE member_id = {$uid} GROUP BY gid ";
$stmt = $db->prepare($sql);
$stmt->execute();
while ($row = $stmt->fetch(PDO::FETCH_ASSOC)) {
if (strlen($group_ids) > 0) {
$group_ids .= ",";
}
$group_ids .= $row['gid'];
}
if (strlen($group_ids) > 0) {
// get group info
$sql = "SELECT id, group_name, owner_id, status FROM sc_groups WHERE id in ({$group_ids}) ";
$stmt = $db->prepare($sql);
$stmt->execute();
while ($row = $stmt->fetch(PDO::FETCH_ASSOC)) {
<?php
include_once 'common.php';
include_once 'utils.php';
$group_name = trim(avoid_sql($_POST['group_name']));
$owner_id = trim(avoid_sql($_POST['owner_id']));
$members = trim(avoid_sql($_POST['members']));
$res = array();
if (strlen($group_name) > 0 && strlen($owner_id) > 0 && strlen($members) > 0) {
try {
$db = new PDO($PDO_DB_DSN, DB_USER, DB_PWD);
$db->setAttribute(PDO::ATTR_CASE, PDO::CASE_LOWER);
//设置属性
$db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
// 查询是否已经存在
$sql = "SELECT id FROM sc_groups WHERE owner_id = {$owner_id} AND group_name = '{$group_name}' LIMIT 1";
$stmt = $db->prepare($sql);
$stmt->execute();
if ($row = $stmt->fetch()) {
log_info("make group fail, owner:{$owner_id} group name:{$group_name} had been exists.");
$res = show_info('fail', '该群组已经存在.');
$res['localdes'] = $sql;
echo json_encode($res);
return 0;
}
} catch (PDOException $e) {
log_info("make group fail, " . $e->getMessage());
$res = show_info('fail', $e->getMessage());
echo json_encode($res);
return 1;
}
<?php
include_once 'common.php';
include_once 'utils.php';
$account = trim(avoid_sql($_POST['account']));
$password = trim(avoid_sql($_POST['password']));
$nickname = trim(avoid_sql($_POST['nickname']));
$gender = trim(avoid_sql($_POST['gender']));
$birthday = trim(avoid_sql($_POST['birthday']));
$res = array();
if (strlen($account) > 0 && strlen($password) > 0 && strlen($gender) > 0 && strlen($nickname) > 0 && strlen($birthday) > 0) {
$password = md5($password);
$uid = '';
$pid = '';
try {
$db = new PDO($PDO_DB_DSN, DB_USER, DB_PWD);
$db->setAttribute(PDO::ATTR_CASE, PDO::CASE_LOWER);
//设置属性
$db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
// 查询是否已经存在
$sql = "SELECT id FROM sc_pwds WHERE account = :account LIMIT 1";
$stmt = $db->prepare($sql);
$stmt->bindParam(':account', $account, PDO::PARAM_STR);
$stmt->execute();
if ($row = $stmt->fetch()) {
log_info("register fail, account:{$account} had been exists.");
$res = show_info('fail', '该帐号已经存在,换个帐号使用吧 :)');
$res['localdes'] = $sql;
echo json_encode($res);
return 0;
}
<?php
include_once 'common.php';
include_once 'utils.php';
$uid = trim(avoid_sql($_POST['uid']));
$fuid = trim(avoid_sql($_POST['fuid']));
$password = trim(avoid_sql($_POST['password']));
$res = array();
if (strlen($uid) > 0 && strlen($fuid) > 0 && strlen($password) > 0) {
try {
$db = new PDO($PDO_DB_DSN, DB_USER, DB_PWD);
$db->setAttribute(PDO::ATTR_CASE, PDO::CASE_LOWER);
//设置属性
$db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$password = md5($password);
$pid = "";
$account = "";
$i = 0;
// 检查是否该密码已经存在
$sql = "SELECT id, account, passwd FROM sc_pwds WHERE uid = {$uid}";
$stmt = $db->prepare($sql);
$stmt->execute();
while ($row = $stmt->fetch(PDO::FETCH_ASSOC)) {
if (i >= MAX_HIDE_NUMBER) {
// 超限
log_info("uid:{$uid} private number out of max number");
$res = show_info('fail', '密码数量超限,请升级该帐号');
echo json_encode($res);
return 0;
}
$i++;
<?php
include_once 'common.php';
include_once 'utils.php';
$name = trim(avoid_sql($_POST['name']));
$uid = trim(avoid_sql($_POST['uid']));
$page = trim(avoid_sql($_POST['page']));
$page = 0;
$res = array();
if (strlen($name) > 0) {
$members = array();
try {
$db = new PDO($PDO_DB_DSN, DB_USER, DB_PWD);
$db->setAttribute(PDO::ATTR_CASE, PDO::CASE_LOWER);
//设置属性
$db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$sql = "SELECT id, nickname, birthday, gender, status FROM sc_user WHERE nickname like '%{$name}%' LIMIT " . $page * ROWS_OF_PAGE . ", " . ROWS_OF_PAGE;
//echo $sql;
$stmt = $db->prepare($sql);
$stmt->execute();
while ($row = $stmt->fetch(PDO::FETCH_ASSOC)) {
if ($row['id'] == $uid) {
// 不允许出现自己
continue;
}
$data = array();
$data['id'] = $row['id'];
$data['nickname'] = $row['nickname'];
$data['birthday'] = $row['birthday'];
$data['gender'] = $row['gender'];
$data['status'] = $row['status'];
<?php
include_once 'common.php';
include_once 'utils.php';
$qid = 0;
$uid = trim(avoid_sql($_POST['uid']));
$qid = trim(avoid_sql($_POST['qid']));
$res = array();
if (strlen($uid) > 0 && strlen($qid) > 0) {
$queue = array();
try {
$db = new PDO($PDO_DB_DSN, DB_USER, DB_PWD);
$db->setAttribute(PDO::ATTR_CASE, PDO::CASE_LOWER);
//设置属性
$db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$sql = "";
// 获取用户已读最大qid
$db_qid = 0;
$sql = "SELECT read_qid FROM sc_user WHERE id = {$uid} LIMIT 1";
$stmt = $db->prepare($sql);
$stmt->execute();
if ($row = $stmt->fetch(PDO::FETCH_ASSOC)) {
$db_qid = $row['read_qid'];
}
if ($qid == 0 && $db_qid == 0) {
// 都为0时,不推送未读消息
$res = show_info('succ', '处理成功');
$res['queue'] = $queue;
echo json_encode($res);
return 0;
}
<?php
include_once 'common.php';
include_once 'utils.php';
$account = trim(avoid_sql($_POST['account']));
$password = trim(avoid_sql($_POST['password']));
$ios_token = trim(avoid_sql($_POST['ios_token']));
$res = array();
if (strlen($account) > 0 && strlen($password) > 0) {
$password = md5($password);
$mydata = array();
$uid = 0;
$pid = 0;
try {
$db = new PDO($PDO_DB_DSN, DB_USER, DB_PWD);
$db->setAttribute(PDO::ATTR_CASE, PDO::CASE_LOWER);
//设置属性
$db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
// 认证
$sql = "SELECT id, uid FROM sc_pwds WHERE account = :account and passwd = :password LIMIT 1";
$stmt = $db->prepare($sql);
$stmt->bindParam(':account', $account, PDO::PARAM_STR);
$stmt->bindParam(':password', $password, PDO::PARAM_STR);
$stmt->execute();
if ($row = $stmt->fetch(PDO::FETCH_ASSOC)) {
$pid = $row['id'];
$uid = $row['uid'];
}
if ($uid <= 0) {
log_info("login fail, account:{$account} or passowrd:{$password} error");
$res = show_info('fail', '登录失败, 帐号或密码错误');
<?php
include_once 'common.php';
include_once 'utils.php';
$uid = trim(avoid_sql($_POST['uid']));
$tag_type = trim(avoid_sql($_POST['type']));
$res = array();
if (strlen($uid) > 0 && strlen($tag_type) > 0) {
try {
$db = new PDO($PDO_DB_DSN, DB_USER, DB_PWD);
$db->setAttribute(PDO::ATTR_CASE, PDO::CASE_LOWER);
//设置属性
$db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$user = array();
$sql = "SELECT id, nickname, birthday, gender, status FROM sc_user WHERE id = {$uid} LIMIT 1";
//echo $sql;
$stmt = $db->prepare($sql);
$stmt->execute();
if ($row = $stmt->fetch(PDO::FETCH_ASSOC)) {
$user['id'] = $row['id'];
$user['nickname'] = $row['nickname'];
$user['birthday'] = $row['birthday'];
$user['gender'] = $row['gender'];
$user['status'] = $row['status'];
$user['icon'] = get_avatar_url($row['id']);
} else {
log_info("uid:{$uid} is not exits in the table sc_user");
$res = show_info('fail', "用户{$uid}不存在");
$res['sql'] = $sql;
echo json_encode($res);
return 1;
include_once 'common.php';
include_once 'utils.php';
$get_uer_info_for_uid = trim(avoid_sql($_POST['get_uer_info_for_uid']));
$user_where = trim(avoid_sql($_POST['where']));
$fuid = trim(avoid_sql($_POST['fuid']));
$tuid = trim(avoid_sql($_POST['tuid']));
$queue_type = trim(avoid_sql($_POST['queue_type']));
$expire = trim(avoid_sql($_POST['expire']));
$tag_type = trim(avoid_sql($_POST['tag_type']));
$since_id = trim(avoid_sql($_POST['since_id']));
// 取该id之后的数据
$before_id = trim(avoid_sql($_POST['before_id']));
// 取该id之前的数据
$order_by = trim(avoid_sql($_POST['order_by']));
$sort = trim(avoid_sql($_POST['sort']));
$res = array();
if (strlen($fuid) > 0 && strlen($tag_type) > 0 || strlen($user_where) > 0) {
try {
$db = new PDO($PDO_DB_DSN, DB_USER, DB_PWD);
$db->setAttribute(PDO::ATTR_CASE, PDO::CASE_LOWER);
//设置属性
$db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$queue = array();
$sql = '';
$select = "SELECT id, mid, tag_type, fuid, fnick, tuid, queue_type, queue_file, queue_size, image_wh, cdate, expire, fdel, tdel FROM sc_queue ";
$where = '';
if (strlen($fuid) > 0) {
$where .= " fuid = {$fuid} ";
}
if (strlen($tuid) > 0) {
<?php
include_once 'common.php';
include_once 'utils.php';
$mid = trim(avoid_sql($_POST['mid']));
$fuid = trim(avoid_sql($_POST['fuid']));
$fnick = trim(avoid_sql($_POST['fnick']));
$tuid = trim(avoid_sql($_POST['tuid']));
$content = trim(avoid_sql($_POST['content']));
$to_type = trim(avoid_sql($_POST['toType']));
$tag_type = "CHAT";
$res = array();
if (strlen($mid) > 0 && strlen($fuid) > 0 && strlen($fnick) > 0 && strlen($tuid) > 0) {
try {
$db = new PDO($PDO_DB_DSN, DB_USER, DB_PWD);
$db->setAttribute(PDO::ATTR_CASE, PDO::CASE_LOWER);
//设置属性
$db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$tpid = 0;
// ----- 查询是否已经是好友 -----
// 查询关系表
$group_name = "";
$sql = "";
if ($to_type == "user") {
$sql = "SELECT id, pid, status FROM sc_relationship WHERE myid = {$tuid} AND fid = {$fuid} LIMIT 1";
} else {
if ($to_type == "group") {
$sql = "SELECT gmt.id, gt.group_name as group_name FROM sc_group_members as gmt, sc_groups as gt WHERE gmt.member_id = {$fuid} AND gmt.gid = {$tuid} AND gmt.gid = gt.id LIMIT 1";
}
}
$stmt = $db->prepare($sql);
<?php
include_once 'common.php';
include_once 'utils.php';
$mid = trim(avoid_sql($_POST['mid']));
$fuid = trim(avoid_sql($_POST['fuid']));
$fnick = trim(avoid_sql($_POST['fnick']));
$tuid = trim(avoid_sql($_POST['tuid']));
$durationInSeconds = trim(avoid_sql($_POST['durationInSeconds']));
$voice_name = trim(avoid_sql($_FILES['voicename']['name']));
$voice_size = $_FILES['voicename']['size'];
$tag_type = "CHAT";
$res = array();
if (strlen($mid) > 0 && strlen($fuid) > 0 && strlen($fnick) > 0 && strlen($tuid) > 0 && strlen($voice_name) > 0 && $voice_size > 0) {
try {
$db = new PDO($PDO_DB_DSN, DB_USER, DB_PWD);
$db->setAttribute(PDO::ATTR_CASE, PDO::CASE_LOWER);
//设置属性
$db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$tpid = 0;
// ----- 查询是否已经是好友 -----
// 查询关系表
$sql = "SELECT id, pid, status FROM sc_relationship WHERE myid = {$tuid} AND fid = {$fuid} LIMIT 1";
$stmt = $db->prepare($sql);
$stmt->execute();
if ($row = $stmt->fetch(PDO::FETCH_ASSOC)) {
$tpid = $row['pid'];
} else {
$res = show_info('fail', '对方不是你的好友');
echo json_encode($res);
return 0;
<?php
include_once 'common.php';
include_once 'utils.php';
$mid = trim(avoid_sql($_POST['mid']));
$fuid = trim(avoid_sql($_POST['fuid']));
$fnick = trim(avoid_sql($_POST['fnick']));
$tuid = trim(avoid_sql($_POST['tuid']));
$img_wh = trim(avoid_sql($_POST['imgwh']));
$img_name = trim(avoid_sql($_FILES['jpgname']['name']));
$img_size = $_FILES['jpgname']['size'];
$tag_type = "CHAT";
$res = array();
if (strlen($mid) > 0 && strlen($fuid) > 0 && strlen($fnick) > 0 && strlen($tuid) > 0 && strlen($img_name) > 0 && $img_size > 0) {
try {
$db = new PDO($PDO_DB_DSN, DB_USER, DB_PWD);
$db->setAttribute(PDO::ATTR_CASE, PDO::CASE_LOWER);
//设置属性
$db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$tpid = 0;
// ----- 查询是否已经是好友 -----
// 查询关系表
$sql = "SELECT id, pid, status FROM sc_relationship WHERE myid = {$tuid} AND fid = {$fuid} LIMIT 1";
$stmt = $db->prepare($sql);
$stmt->execute();
if ($row = $stmt->fetch(PDO::FETCH_ASSOC)) {
$tpid = $row['pid'];
} else {
$res = show_info('fail', '对方不是你的好友');
echo json_encode($res);
return 0;
<?php
include_once 'common.php';
include_once 'utils.php';
$mid = trim(avoid_sql($_POST['mid']));
$fuid = trim(avoid_sql($_POST['fuid']));
$fnick = trim(avoid_sql($_POST['fnick']));
$tuid = trim(avoid_sql($_POST['tuid']));
$content = trim(avoid_sql($_POST['content']));
$tag_type = "CHAT";
$res = array();
if (strlen($mid) > 0 && strlen($fuid) > 0 && strlen($fnick) > 0 && strlen($tuid) > 0) {
try {
$db = new PDO($PDO_DB_DSN, DB_USER, DB_PWD);
$db->setAttribute(PDO::ATTR_CASE, PDO::CASE_LOWER);
//设置属性
$db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$tpid = 0;
// ----- 查询是否已经是好友 -----
// 查询关系表
$sql = "SELECT id, pid, status FROM sc_relationship WHERE myid = {$tuid} AND fid = {$fuid} LIMIT 1";
$stmt = $db->prepare($sql);
$stmt->execute();
if ($row = $stmt->fetch(PDO::FETCH_ASSOC)) {
$tpid = $row['pid'];
} else {
$res = show_info('fail', '对方不是你的好友');
echo json_encode($res);
return 0;
}
// ----- 操作 -----
