public function approveRestriction($restrictionId, $restrictionTable, $approval)
 {
     //create instance of Database Manager object
     $dbMan = new DatabaseManager();
     //establish connection
     //if returns false, connection failed
     if (!$dbMan->establishConnection()) {
         //database connection error
         return false;
     }
     //if approval is true - change restriction status to active
     if ($approval) {
         /* Create new request to get all pending airline restrictions */
         $request = new Request('Approve Restriction', $restrictionTable);
         $request->addParameter('restriction_id', $restrictionId);
         $request->addParameter('status', 'ACTIVE');
     } else {
         if (!$approval) {
             /* Create new request to get all pending airline restrictions */
             $request = new Request('Delete Restriction', $restrictionTable);
             $request->addParameter('restriction_id', $restrictionId);
         }
     }
     //transform the command to sql statement
     $request->transformCommand();
     //execute command
     $results = $dbMan->executeQuery($request);
     //if results is not null, command was successfully executed.
     if ($results != null) {
         //successfully approved
         return true;
     }
     //command was not successfully executed.
     return false;
 }
function getAirlines()
{
    $dbMan = new DatabaseManager();
    if (!$dbMan->establishConnection()) {
        //database connection error
        return;
    }
    $request = new Request('SELECT *', 'se_Airlines');
    $request->transformCommand();
    $users = $dbMan->executeQuery($request);
    //server error
    if ($users == null) {
        //request was unsuccessful
    } else {
        if ($users->num_rows) {
            /* Get number of rows returned */
            $rows = $users->num_rows;
            /* For each row - push the airline name
             * onto the $airlines array */
            for ($i = 0; $i < $rows; ++$i) {
                $users->data_seek($i);
                $row = $users->fetch_array(MYSQLI_NUM);
                echo "<option>" . $row[0] . "</option>";
            }
        }
    }
}
 public function removeRestrictionRequest($restrictionId, $restrictionTable)
 {
     //create instance of Database Manager object
     $dbMan = new DatabaseManager();
     //establish connection
     //if returns false, connection failed
     if (!$dbMan->establishConnection()) {
         //database connection error
         return false;
     }
     /* Create new request to remove restriction*/
     $request = new Request('Delete Restriction', $restrictionTable);
     $request->addParameter('restriction_id', $restrictionId);
     //transform the command to sql statement
     $request->transformCommand();
     //execute command
     $results = $dbMan->executeQuery($request);
     //if results is not null, command was successfully executed.
     if ($results != null) {
         //successfully approved
         return true;
     }
     //command was not successfully executed.
     return false;
 }
 public function getNonRestrictedRegions()
 {
     $regions = array();
     $dbMan = new DatabaseManager();
     /* Establish connection with database
      * if the establishConnection function
      * returns false, a connection error occured*/
     if (!$dbMan->establishConnection()) {
         //database connection error
         return;
     }
     /* Create request to get valid airlines for user_id provided */
     $request = new Request('getValidRegions', 'se_Region_Restrictions');
     $request->addParameter('user_id', $this->id);
     /* Transform the Request into an MySQL command*/
     $request->transformCommand();
     /* Execute command to get valid Regions */
     $validRegions = $dbMan->executeQuery($request);
     //server error
     if ($validRegions == null) {
         //request was unsuccessful
     } else {
         if ($validRegions->num_rows) {
             /* Get number of rows returned */
             $rows = $validRegions->num_rows;
             /* For each row - push the region name
              * onto the $regions array */
             for ($i = 0; $i < $rows; ++$i) {
                 $validRegions->data_seek($i);
                 $row = $validRegions->fetch_array(MYSQLI_NUM);
                 /* Push value onto array */
                 array_push($regions, $row[0]);
             }
         }
     }
     /* Return Valid Regions */
     return $regions;
 }
							</tr>
						</thead>	
						<tbody>
						<?php 
    /* Create new instance of database manager */
    $dbMan = new DatabaseManager();
    /* Establish Connection with the database */
    if (!$dbMan->establishConnection()) {
        //database connection error
        return;
    }
    /* Create new request to get all pending airline restrictions */
    $request = new Request('getPendingRegionRestrictions', 'se_Region_Restrictions');
    $request->transformCommand();
    /* Execute query */
    $results = $dbMan->executeQuery($request);
    if ($results == null) {
        //request failed
    } else {
        $rows = $results->num_rows;
        for ($i = 0; $i < $rows; ++$i) {
            $results->data_seek($i);
            $row = $results->fetch_array(MYSQLI_NUM);
            $userId = $row[1];
            $restrictionId = $row[0];
            $name = "{$row['2']} {$row['3']}";
            $region = $row[4];
            $status = $row[5];
            echo "<tr>";
            echo "<td>{$userId}</td>";
            echo "<td>{$name}</td>";
function updateUserPassword($userId)
{
    /* Create new instance of database manager */
    $dbMan = new DatabaseManager();
    /* Establish connection with server */
    if (!$dbMan->establishConnection()) {
        //database connection error
        return;
    }
    /* Create new request to update user password */
    $request = new Request('UPDATE', 'se_Users');
    $request->addParameter('user_id', $userId);
    /* If the new passwords entered by the user match */
    if ($_POST['MY_ACCOUNT_PASSWORD'] == $_POST['MY_ACCOUNT_VERIFY_PASSWORD']) {
        $email = $_SESSION['user']->email;
        $password = $_POST['MY_ACCOUNT_PASSWORD'];
        $hashedPassword = hash('ripemd128', "g!cT{$email}{$password}");
        $request->addParameter('password', $hashedPassword);
    } else {
        unmatchedPasswords();
        return;
    }
    /* Transform request into SQL command */
    $request->transformCommand();
    /* Results returned from server */
    $results = $dbMan->executeQuery($request);
    //server error
    if ($results == null) {
        //request was unsuccessful
    } else {
        accountUpdateSuccess();
    }
}
function getNumberOfPendingAccounts()
{
    $dbMan = new DatabaseManager();
    if (!$dbMan->establishConnection()) {
        //database connection error
        return;
    }
    $request = new Request('SELECT *', 'se_Users');
    $request->addParameter('status', 'PENDING_APPROVAL');
    $request->transformCommand();
    $results = $dbMan->executeQuery($request);
    if ($results == null) {
        //request failed
    }
    return $rows = $results->num_rows;
}
Exemple #8
0
    } else {
        return $this->renderer->render($res, 'entrance');
    }
});
$app->get('/static/{fileName}', function ($req, $res, $args) {
    return Utility::loadStaticFile($this, $res, __DIR__ . '/assets/' . $args['fileName']);
});
$app->post('/signin', function ($req, $res, $args) use($config) {
    try {
        if (validateReferer($req)) {
            if (hasRequireParams($req->getParams(), ['screen_name', 'password'])) {
                $params = $req->getParams();
                $screenName = $params['screen_name'];
                $password = $params['password'];
                $db = new DatabaseManager($config['db-hostname'], $config['db-username'], $config['db-password'], $config['db-dbname']);
                $user = $db->executeQuery('select * from frost_account where screen_name = ? limit 1', [$screenName])->fetch();
                if (count($user) === 0) {
                    throw new ApiException(2, ['invalid_parameter' => 'screen_name']);
                }
                $passwordHash = hash('sha256', $password . $user[0]['created_at']);
                if ($user[0]['password_hash'] !== $passwordHash) {
                    throw new ApiException(2, ['invalid_parameter' => 'password']);
                }
                $_SESSION['me'] = ['screen_name' => $user[0]['screen_name'], 'id' => $user[0]['id'], 'name' => $user[0]['name']];
                return withSuccess($res, 'Success signin.');
            }
        }
    } catch (ApiException $e) {
        return withFailure($res, $e->getCode(), $e->getData());
    }
});