public function getUserCommentList($ConsumerId)
{
try {
//SELECT a.id, a.comment, a.lastmodifiedtime, b.displayname, b.smallportraiturl FROM productcomment a JOIN consumer b ON a.consumerid = b.id WHERE
//$records = R::getAll("SELECT id, comment, consumerid, lastmodifiedtime FROM productcomment WHERE productid = ? LIMIT ?,?", [$ProductId, (int)$_GET['offset'], (int)$_GET['limit']]);
$records = R::getAll("SELECT a.id, a.comment, a.lastmodifiedtime AS commenttime, b.id AS productid, b.name, b.description, b.type, b.price, b.originalprice, b.unit, b.freight, b.lastmodifiedtime FROM productcomment a JOIN product b ON a.productid = b.id WHERE consumerid = ? ORDER BY a.id DESC LIMIT ?,?", [$ConsumerId, (int) $_GET['offset'], (int) $_GET['limit']]);
$Count = count($records);
$CommentList = array();
foreach ($records as $record) {
$prodcutImageDetail = R::getRow('SELECT id, bigportraiturl, smallportraiturl FROM productimage WHERE productid=? LIMIT 1', array($record['productid']));
$CommentList[] = array('CommentInfo' => $record, 'ProductImage' => $prodcutImageDetail);
}
sendSuccess(array('Count' => $Count, 'List' => $CommentList));
} catch (Exception $ex) {
return ExceptionHandler::Response($ex, $this->_app);
}
}
function updateDatasetRow($params)
{
$numParamsToUpdate = 0;
// counts num of params to update.
$sendParams = array();
// make sure we have a content id and tablename
if (isset($params['countryid']) && isset($params['tablename'])) {
// gets array of fields name for 'tablename'
$columnsArray = getTableColumns($params['tablename']);
$sql = "UPDATE `" . $params['tablename'] . "` SET ";
foreach ($params as $key => $value) {
if ($key != 'action' && $key != 'countryid' && $key != 'tablename' && $key != 'tags' && $key != 'verbosity') {
$numParamsToUpdate++;
if (in_array($key, $columnsArray)) {
$sql .= "`" . $key . "` = :" . $key . ", ";
$sendParams[$key] = processText($value);
} else {
die("Unknown field name '{$key}'.");
}
}
}
if ($numParamsToUpdate == 0) {
//no other name/value pairs provided
die("No name/value pairs provided to update.");
} else {
// remove last comma and space!
$sql = substr($sql, 0, strlen($sql) - 2);
$sql .= " WHERE countryid = :countryid";
$sendParams['countryid'] = $params['countryid'];
}
} else {
die("No id or tablename provided.");
}
if ($numParamsToUpdate > 0) {
//echo $sql;
//print_r($sendParams);
if ($result = queryDatabase($sql, $sendParams)) {
sendSuccess();
}
}
}
public function get_ConsumerId_Producer($ConsumerId)
{
try {
$records = R::getAll("SELECT * " . "FROM consumerfavoriteproducer " . "WHERE consumerid = ?", [$ConsumerId]);
if (!isset($records) || empty($records)) {
throw new RecordNotFoundException("Record not found, id:" . $ConsumerId);
}
$Count = count($records);
$OrderList = array();
foreach ($records as $record) {
$OrderList[] = array('FavoriteId' => $record['id'], 'ProducerId' => $record['producerid'], 'Time' => $record['lastmodifiedtime']);
}
sendSuccess(array('Count' => $Count, 'List' => $OrderList));
} catch (Exception $ex) {
return ExceptionHandler::Response($ex, $this->_app);
}
}
function sendUserInformation($params)
{
if (isset($params["email"])) {
$sendParams;
$sql = "SELECT * from user";
$sql .= " WHERE email=:email ";
$sendParams['email'] = $params['email'];
$result = queryDatabase($sql, $sendParams);
$count = 0;
while ($row = $result->fetch(PDO::FETCH_ASSOC)) {
$count++;
$body = "Here is your requested user information.\r\n";
$body .= "username: "******"username"] . "\r\n";
$body .= "password: "******"password"]) . "\r\n \r\n";
$email = $row["email"];
}
if ($count == 1) {
$headers = "From: mig@themapoffice.com \r\n";
$headers .= "Content-Type: text/plain; charset=UTF-8";
$headers .= "MIME-Version: 1.0 ";
mail($email, "Your MiG account information", $body, $headers);
sendSuccess();
} else {
if ($count == 0) {
die("No such email");
} else {
die("Contact System administrator");
}
}
} else {
die("No email was provided");
}
}
$handledPath = '/users';
if (strpos($requestUri, $handledPath) === false) {
sendError();
}
$userId = str_replace($handledPath, '', $requestUri);
$userId = str_replace('/', '', $userId);
if ($userId) {
try {
$userData = getUserData($userId);
// Handle requests to /users/{userId}
sendSuccess($userData);
} catch (Exception $e) {
sendError();
}
} else {
sendSuccess(getAllUsers());
// Handle requests to /users
}
function getUserData($userId)
{
$users = getAllUsers();
if (isset($users[$userId])) {
$userData = $users[$userId];
return [$userId => $userData];
} else {
throw new Exception('Unable to fetch user');
}
}
function getAllUsers()
{
return ['123' => ['user_id' => 123, 'username' => 'omoloro', 'first_name' => 'Omoloro', 'last_name' => 'Oyegoke', 'dob' => '12-Apr-1991', 'status' => 'active'], '124' => ['user_id' => 124, 'username' => 'zack1920', 'first_name' => 'Isaac', 'last_name' => 'Asimov', 'dob' => '02-Jan-1920', 'status' => 'inactive']];
public function getHotSearchWord()
{
//get types of searchwords
$types = R::getAll("SELECT DISTINCT type FROM searchword WHERE type <> '' OR type <> null");
$Count = count($types);
$List = array();
foreach ($types as $type) {
$records = R::getAll("SELECT name, COUNT(name) AS searchcount FROM searchword WHERE type=? GROUP BY name ORDER BY searchcount DESC LIMIT ?", array($type["type"], (int) $_GET['limit']));
//$Count = count($records);
$KeyWords = array();
foreach ($records as $record) {
$KeyWords[] = array('name' => $record["name"], "searchcount" => $record["searchcount"]);
}
//$List[] = array('HotSearchWord' => array("type" => $type["type"], "KeyWords" => $record));
$List[] = array('HotSearchWord' => array("type" => $type["type"], "KeyWords" => $KeyWords));
}
sendSuccess(array('Count' => $Count, 'List' => $List));
}
public function get_ConsumerId($ConsumerId)
{
try {
$records = R::getAll("SELECT a.id AS contactid, a.producerid, a.lastmodifiedtime AS contacttime, b.displayname, b.province, b.city, b.address, b.smallportraiturl, b.telephone " . "FROM consumercontactproducer a " . "JOIN producer b ON a.producerid = b.id " . "WHERE a.consumerid = ?", [$ConsumerId]);
/*$records = R::getAll(
"SELECT * "
. "FROM consumercontactproducer "
. "WHERE consumerid = ?", [$ConsumerId]);*/
if (!isset($records) || empty($records)) {
throw new RecordNotFoundException("Record not found, id:" . $ConsumerId);
}
$Count = count($records);
$List = array();
foreach ($records as $record) {
$OrderInfo = R::getRow('SELECT a.id AS orderid, a.productid, a.count, a.status, a.lastmodifiedtime AS ordertime, b.name AS productname, b.type, b.price, b.originalprice, b.unit, b.freight FROM orders a JOIN product b ON a.productid = b.id WHERE b.producerid=? ORDER BY a.id DESC LIMIT 5', array($record['producerid']));
$List[] = array('ContactInfo' => $record, 'OrderInfo' => array($OrderInfo));
//$List[] = $record;//array('ContactId' => $record['id'], 'ProducerId' => $record['producerid'], 'Time' => $record['lastmodifiedtime']);
}
sendSuccess(array('Count' => $Count, 'List' => $List));
} catch (Exception $ex) {
return ExceptionHandler::Response($ex, $this->_app);
}
}
function duplicateObject($params)
{
/*
* Script will attempt to duplicate a record (by content id) into table 'content'
** REQUIRED PARAMS
id - primary key of the record to duplicate
*/
// make sure we have a content id
if (isset($params['id']) && isset($params['tablename'])) {
$sendParams = array();
$sql = "SELECT " . $params["tablename"] . ".* from `" . $params["tablename"] . "` WHERE id = :id";
$sendParams['id'] = $params['id'];
$result = queryDatabase($sql, $sendParams);
$row = $result->fetch(PDO::FETCH_ASSOC);
// valid id
if ($row != null) {
$sendParams = array();
$sql = "INSERT INTO `" . $params["tablename"] . "` ";
// put field names into SQL
$sql .= "(";
foreach ($row as $key => $value) {
if ($key != 'id') {
$sql .= $key . ",";
}
}
// remove last comma
$sql = substr($sql, 0, strlen($sql) - 1);
$sql .= ")";
// put values into SQL
$sql .= " VALUES (";
foreach ($row as $key => $value) {
if ($key != 'id') {
$sql .= ":" . $key . ",";
$sendParams[$key] = $value;
}
}
$sql = substr($sql, 0, strlen($sql) - 1);
$sql .= ")";
if ($result = queryDatabase($sql, $sendParams, $insertid)) {
if (isset($params["relatedTables"]) && isset($params["relatedField"])) {
$relatedTables = explode(",", $params["relatedTables"]);
foreach ($relatedTables as $key => $value) {
duplicateRows($value, $params["relatedField"], $params['id'], $insertid);
}
sendSuccess($insertid);
} else {
die("something is wrong");
}
} else {
die("Query Failed: " . $result->errorInfo());
}
} else {
die("Invalid id.");
}
} else {
die("Content id is not provided.");
}
}
function getDirSize($params)
{
global $fileDir;
if (isset($params["directory"])) {
$size = dirSize($fileDir . $params["directory"]) * 1024;
sendSuccess($size);
} else {
sendFailed("Directory is not specified");
}
}
public function getHotExpress()
{
//$records = R::getAll("SELECT name, COUNT(name) AS searchcount FROM searchword GROUP BY name ORDER BY searchcount DESC LIMIT ?", array((int)$_GET['limit']));
//$Count = count($records);
$List = array();
$List[] = array('HotExpress' => array('Name' => 'Shunfeng', 'Website' => 'www.sf-express.com', 'Telephone' => '95338'));
$List[] = array('HotExpress' => array('Name' => 'Zhongtong', 'Website' => 'www.zto.cn', 'Telephone' => '95311'));
$List[] = array('HotExpress' => array('Name' => 'Yuantong', 'Website' => 'www.ytoexpress.com', 'Telephone' => '95554'));
$List[] = array('HotExpress' => array('Name' => 'Shentong', 'Website' => 'www.sto.cn', 'Telephone' => '95543'));
/*foreach ($records as $record)
{
$List[] = array('HotSearchWord' => $record);
}*/
sendSuccess(array('Count' => 4, 'List' => $List));
}
enableCors();
$logfile = fopen('../logs/contact-' . date('Y-m-d', time()) . '.log', 'a');
clog("Request: " . print_r($_POST, true), $logfile);
if ($_SERVER['REQUEST_METHOD'] != "OPTIONS" && $_SERVER['REQUEST_METHOD'] != "POST") {
error(406, $_SERVER['REQUEST_METHOD'] . ' is not allowed on this resource.', $logfile);
}
// simple SPAM prevention
if (trim($_POST['_gotcha']) != '') {
clog('Spam? Value of _gotcha is: ' . $_POST['_gotcha'], $logfile);
error(400, 'Spam? Value of _gotcha is: "' . $_POST['_gotcha'] . '"', $logfile);
}
if (!validate()) {
error(400, 'Form validation failed', $logfile);
}
if (!sendSuccess()) {
error(500);
}
ok($logfile);
function enableCors()
{
header('Access-Control-Allow-Origin: http://www.ruppertdesign.de');
if ($_SERVER['REQUEST_METHOD'] == 'OPTIONS') {
if (isset($_SERVER['HTTP_ACCESS_CONTROL_REQUEST_METHOD'])) {
header('Access-Control-Allow-Methods: POST, OPTIONS');
}
if (isset($_SERVER['HTTP_ACCESS_CONTROL_REQUEST_HEADERS'])) {
header("Access-Control-Allow-Headers: {$_SERVER['HTTP_ACCESS_CONTROL_REQUEST_HEADERS']}");
}
die;
}
