Exemple #1
0
<?php

require_once "/includes/session.php";
require_once "/includes/db_connect.php";
require_once "/includes/functions.php";
$db = new DB_CONNECT();
$message = "";
// check and submit the user request for the access of the page
if (isset($_POST["submit"])) {
    $user_id = trim($db->mysql_prep($_POST["username"]));
    $password = trim($db->mysql_prep($_POST["password"]));
    $hashed_password = sha1($password);
    // for the hashing of the password
    $queryString = "SELECT * FROM adminUser WHERE username='******' && password='******' ";
    $result = $db->query_db($queryString);
    if ($db->number_of_rows($result) > 0) {
        $_SESSION["username"] = $user_id;
        redirect_to("firstpage.php");
    } else {
        $message = "Passowrd and Username combination is wrong";
    }
}
?>
<html lang="en" class="no-js">
<head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<meta charset="UTF-8">
<title>DISASTER SAFETY</title>
  <link rel="stylesheet" type="text/css" href="stylesheets/demo.css">
  <link rel="stylesheet" type="text/css" href="stylesheets/style.css">
  <link rel="stylesheet" type="text/css" href="stylesheets/animate-custom.css">
</head>
<?php

require_once "includes/db_connect.php";
require_once "includes/functions.php";
$response = array();
$db = new DB_CONNECT();
if (isset($_POST["id"]) && isset($_POST["phonenumber"])) {
    $id = $_POST["id"];
    $number = $_POST["phonenumber"];
    $query = "SELECT * FROM family WHERE member_id = '{$number}' && family_id = '{$id}'";
    $result = $db->query_db($query);
    if ($db->number_of_rows($result) > 0) {
        $row = $db->fetch_array($result);
        $permission = $row["permission_given"];
        if ($permission == 1) {
            // now get the position of the specified user
            $query1 = "SELECT * FROM login where id = '{$number}'";
            $result1 = $db->query_db($query1);
            if ($db->number_of_rows($result1) > 0) {
                $row = $db->fetch_array($result1);
                $response["success"] = 1;
                $response["latitude"] = $row["latitude"];
                $response["longitude"] = $row["longitude"];
                $response["message"] = "You can access his location";
            }
        } else {
            // permission is 0
            $response["success"] = 0;
            $response["message"] = "The user has not provied the accces to its location";
        }
    } else {
 $response["phonenumbers"] = array();
 foreach ($phonearrays as $number) {
     // convert the number
     $original_number = $number["phonenumber"];
     if ($original_number[0] == '0') {
         $number = substr($original_number, 1);
         $original_number = "+91" . $number;
     } else {
         if ($original_number[0] == '+') {
             // do nothing every thing is fine
         } else {
             $original_number = "+91" . $original_number;
         }
     }
     $query_string = "SELECT * FROM login WHERE id = '{$original_number}'";
     $result = $db->query_db($query_string);
     if ($db->number_of_rows($result) > 0) {
         $row = $db->fetch_array($result);
         // If number["phonenumber"] is found in the login table...
         // Check if it is already added or not...
         $query_string2 = "SELECT * FROM family WHERE family_id = '{$original_number}'\n\t\t\t\t\t\t\t\t  && member_id = '{$id}'";
         $result2 = $db->query_db($query_string2);
         if ($db->number_of_rows($result2) > 0) {
         } else {
             $query_string3 = "INSERT INTO family(member_id,family_id) VALUES('{$id}','{$original_number}')";
             $result3 = $db->query_db($query_string3);
         }
     }
 }
 $queryString = "SELECT * FROM family,login WHERE member_id = '{$id}' && id = family_id";
 $result = $db->query_db($queryString);
Exemple #4
0
require_once "includes/db_connect.php";
require_once "GCM.php";
// making the object of DB
// response array for the JSON
$response = array();
$db = new DB_CONNECT();
$gcm = new GCM();
if (isset($_POST["id"]) && isset($_POST["name"]) && isset($_POST["regId"])) {
    // removing the sql injections and extra space after the text
    $id = trim($db->mysql_prep($_POST["id"]));
    $name = trim($db->mysql_prep($_POST["name"]));
    $regId = trim($db->mysql_prep($_POST["regId"]));
    // Check if the contact is already there or not
    // We can reduce two queries to DB but to make it simple i have used 2 queries
    $query_string = "SELECT * from login where id='{$id}'";
    $result = $db->query_db($query_string);
    if (!($db->number_of_rows($result) > 0)) {
        // insertion is successfully
        $query_string = "INSERT INTO login (id,name,gcm_regId) VALUES('{$id}','{$name}','{$regId}')";
        $result = $db->query_db($query_string);
        $response["success"] = 1;
        $response["message"] = "The user is successfully registered";
        $response["status"] = 1;
        // now do the work of the GCM
        /*$registatoin_ids = array($regId);
        		$message = array("message" => "You are registered with Disaster Saftey app");
        		$result = $gcm->send_notification($registatoin_ids, $message);*/
        //echo json_encode($response);
    } else {
        $query = "UPDATE login set name='{$name}' , gcm_Id = '{$regId}' WHERE id='{$id}'";
        $result = $db->query_db($query);