Exemple #1
0
 public function getRecordList($page)
 {
     if (is_null($page)) {
         $page = 0;
     }
     $page = mysqli_real_escape_string(parent::getDb(), $page);
     $qRecord = mysqli_real_escape_string(parent::getDb(), $this->qRecord);
     $qBand = mysqli_real_escape_string(parent::getDb(), $this->qBand);
     $qGenre = mysqli_real_escape_string(parent::getDb(), $this->qGenre);
     $qPerformer = mysqli_real_escape_string(parent::getDb(), $this->qPerformer);
     $start_index = $page * NUM_OF_RESULTS;
     if ($qPerformer === '') {
         $query = "SELECT DISTINCT record.record_id, record.record_name, \n \t\t\t\trecord.record_artwork, band.band_name \n\t\t\t\tFROM record\n\t\t\t\tLEFT OUTER JOIN band\n\t\t\t\tON record.band_id = band.band_id\n\t\t\t\tLEFT OUTER JOIN genre\n\t\t\t\tON record.genre_id = genre.genre_id\n\t\t\t\tWHERE record.record_name LIKE '%{$qRecord}%' AND COALESCE(genre.genre_name,'') LIKE '%{$qGenre}%'\n\t\t\t\tAND band.band_name LIKE '%{$qBand}%' \n\t\t\t\tORDER BY record.record_id";
     } else {
         $query = "SELECT DISTINCT record.record_id, record.record_name, \n \t\t\t\trecord.record_artwork, band.band_name \n\t\t\t\tFROM record\n\t\t\t\tLEFT OUTER JOIN band\n\t\t\t\tON record.band_id = band.band_id\n\t\t\t\tLEFT OUTER JOIN genre\n\t\t\t\tON record.genre_id = genre.genre_id\n\t\t\t\tLEFT OUTER JOIN bandmate\n\t\t\t\tON record.band_id = bandmate.band_id\n\t\t\t\tLEFT OUTER JOIN performer\n\t\t\t\tON bandmate.performer_id = performer.performer_id\n\t\t\t\tWHERE  record.record_name LIKE '%{$qRecord}%' AND COALESCE(genre.genre_name,'') LIKE '%{$qGenre}%' \n\t\t\t\tAND band.band_name LIKE '%{$qBand}%' \n\t\t\t\tAND performer.performer_name LIKE '%{$qPerformer}%'\n\t\t\t\tORDER BY record.record_id";
     }
     $countRows = mysqli_query(parent::getDb(), $query);
     $this->countResults = mysqli_num_rows($countRows);
     $result = mysqli_query(parent::getDb(), $query . " DESC LIMIT {$start_index}, " . NUM_OF_RESULTS);
     $list = null;
     if ($result) {
         while ($data = $result->fetch_assoc()) {
             $list[] = $data;
         }
     }
     if (sizeof($list) !== 0) {
         $this->foundResults = true;
     } else {
         $this->foundResults = false;
     }
     return isset($list) ? $list : null;
 }
Exemple #2
0
 public function authAccount()
 {
     $status = true;
     if (isset($_POST['email']) and isset($_POST['password'])) {
         $email = $_POST['email'];
         $password = $_POST['password'];
         //compare password against bcrypt hash
         $result = mysqli_query(parent::getDb(), "SELECT * FROM `user` WHERE user_email='{$email}'");
         $count = mysqli_num_rows($result);
         // Double check that only one result is returned
         $row = mysqli_fetch_assoc($result);
         $password_hash = password_hash($password, PASSWORD_BCRYPT);
         var_dump($password_hash);
         // We use bcrypt hash for verifcation
         if ($count == 1 && password_verify($password, $row['user_password_hash'])) {
             $_SESSION['loggedin'] = true;
             $_SESSION['user_id'] = $row['user_id'];
             header('Location: ' . realpath() . '/index.php');
         } else {
             $status = false;
         }
     } else {
         $status = false;
     }
     return $status;
 }
 private function setUserDataByApiKey($api_key)
 {
     $result = mysqli_query(parent::getDb(), "SELECT * FROM `user` WHERE user_api_key='{$api_key}'");
     $this->count = mysqli_num_rows($result);
     var_dump(mysqli_error(parent::getDb()));
     if ($this->count === 1) {
         $this->data = mysqli_fetch_assoc($result);
         $this->user_id = self::getUserId();
     } else {
         $this->data = NULL;
     }
     $result->close();
 }
Exemple #4
0
 private function setGenreDataByGenreId($genre_id)
 {
     $genre_id = mysqli_real_escape_string(parent::getDb(), $genre_id);
     $result = mysqli_query(parent::getDb(), "SELECT * FROM `genre` WHERE genre_id='{$genre_id}'");
     $this->count = mysqli_num_rows($result);
     // This is just for error checking, since we want to obtain a single unique label entry
     if ($this->count === 1) {
         $this->data = mysqli_fetch_assoc($result);
         $this->genre_id = $this->data['genre_id'];
         // here we set our internal data var, now we can just use it like a array dictionary
         // i.e. $this->data['label_id'] will return the integer value of the label_id
     } else {
         $this->data = NULL;
         // This is important, as this will be used to check whether we were able to find an associated label
     }
     $result->close();
     // not 100% why we do this... But I did notice it in some docs one time.
 }
Exemple #5
0
 private function setUserDataByApiKey($user_api_key)
 {
     $user_api_key = mysqli_real_escape_string(parent::getDb(), $user_api_key);
     $result = mysqli_query(parent::getDb(), "SELECT * FROM `user` WHERE user_api_key='{$user_api_key}'");
     $this->count = mysqli_num_rows($result);
     if ($this->count === 1) {
         $this->data = mysqli_fetch_assoc($result);
         $this->user_id = self::getUserId();
     } else {
         $this->data = NULL;
     }
     $result->close();
 }
Exemple #6
0
<?php

require_once __DIR__ . '/libs/bourbon.php';
$b = new Bourbon();
function cidr_match($ip, $range)
{
    list($subnet, $bits) = explode('/', $range);
    $ip = ip2long($ip);
    $subnet = ip2long($subnet);
    $mask = -1 << 32 - $bits;
    $subnet &= $mask;
    # nb: in case the supplied subnet wasn't correctly aligned
    return ($ip & $mask) == $subnet;
}
// Make sure either an authenticated user or GitHub is running this script
if (!WEB::_req('POST')) {
    $b->auth(null);
} else {
    if (!cidr_match($_SERVER['REMOTE_ADDR'], '192.30.252.0/22')) {
        header('Location: ' . realpath() . '/index.php');
    }
}
/**
 * GIT DEPLOYMENT SCRIPT
 *
 * Used for automatically deploying websites via github or bitbucket, more deets here:
 *
 *		https://gist.github.com/1809044
 */
// The commands
$commands = array('echo $PWD', 'whoami', 'git pull', 'git status', 'git submodule sync', 'git submodule update', 'git submodule status', 'mysqladmin -uroot -proot -f drop bourbon', 'mysqladmin -uroot -proot -f create bourbon', 'mysql -uroot -proot bourbon < /srv/cpsc471-bourbon/sql/latest.sql');
Exemple #7
0
 private function setRecordDataByRecordId($record_id)
 {
     $record_id = mysqli_real_escape_string(parent::getDb(), $record_id);
     $query = "SELECT *\n\t\t\t\t\t  FROM record\n\t\t\t\t\t  JOIN band ON record.band_id=band.band_id\n\t\t\t\t\t  LEFT OUTER JOIN genre ON record.genre_id= genre.genre_id\n\t\t\t\t\t  WHERE record_id = '{$record_id}'";
     $result = mysqli_query(parent::getDb(), $query);
     $this->count = mysqli_num_rows($result);
     // This is just for error checking, since we want to obtain a single unique label entry
     if ($this->count === 1) {
         $this->data = mysqli_fetch_assoc($result);
         $this->record_id = $this->data['record_id'];
         // here we set our internal data var, now we can just use it like a array dictionary
         // i.e. $this->data['label_id'] will return the integer value of the label_id
     } else {
         $this->data = NULL;
         // This is important, as this will be used to check whether we were able to find an associated label
     }
 }
Exemple #8
0
<?php

require_once __DIR__ . '/bourbon/libs/bourbon.php';
Bourbon::destroySession();
header('Location: ' . realpath() . '/login.php');
Exemple #9
0
<?php

require_once __DIR__ . "/bourbon/record.php";
require_once __DIR__ . "/bourbon/libs/Mandrill.php";
//Not required with Composer
$b = new Bourbon();
$mandrill = new Mandrill('BNc02m60hJyYEe-ADC-aEg');
$r = new Record();
$r->init(WEB::_get('record_id'));
$email = WEB::_get('email');
$name = WEB::_get('name');
// Dispatch Email using Mandrill
if (filter_var($email, FILTER_VALIDATE_EMAIL) && $r->valid()) {
    $query = "SELECT user_email \n\t\t\t \t  FROM user\n\t\t\t\t  WHERE user_notify = TRUE;";
    $result = mysqli_query($b->getDb(), $query);
    if ($result) {
        while ($data = $result->fetch_assoc()) {
            $users[] = $data;
        }
    }
    $recName = $r->getRecordName();
    try {
        for ($i = 0; $i < count($users); $i++) {
            $user_email = "" . $users[$i]['user_email'];
            // Send Email
            $message = new stdClass();
            $message->html = "Hi!<br><br><strong>{$name}</strong> just inquired about: <strong>{$recName}</strong>.<br><br>Email them at: {$email}.";
            $message->subject = "[Bourbon] New Record Inquiry - {$recName}";
            $message->from_email = "{$email}";
            $message->from_name = "{$name}";
            $message->to = array(array("email" => "{$user_email}"));
Exemple #10
0
<?php

require_once __DIR__ . "/../bourbon/libs/bourbon.php";
API::_json();
// Auth and Grab Data
$index = new Bourbon();
if (!$index->auth(API::_get('api_key'))) {
    exit;
}
// Here is the API Interface
// Here is the API Interface
// GET
if (API::_req('GET')) {
    printNotSupportedClass();
}
// POST
if (API::_req('POST')) {
    printNotSupportedClass();
}
// PUT - Since PHP Does not support PUT, we look for &update action
if (API::_req('PUT')) {
    printNotSupportedClass();
}
// DELETE
if (API::_req('DELETE')) {
    printNotSupportedClass();
}
// Simple Helper Function to print user data
function printNotSupportedClass()
{
    echo json_encode(array("status" => "error", "name" => "Invalid_Request", "message" => "Request Not Supported."));