function get_admin_oauth($username_user, $password_user, $device) { if (isset($username_user) && isset($password_user) && isset($device)) { $secret = check_admin($username_user); if ($secret != 'false') { $device = json_encode($device); $profile_id = get_profile_id($username_user, $password_user); $oauth_key = check_oauth($profile_id, $device); $status = "failure"; //$device_name = 'device_'.uniqid(rand(), true); include 'sql.php'; if ($profile_id != null && $oauth_key == null) { /* * generate and write the oauth key to db */ $token = md5(uniqid(rand(), true)); $date = date_create(); date_timestamp_set($date, time() + 2 * 24 * 60 * 60); $dtm = date_format($date, "Y-m-d H:i:s"); $sql = "insert into " . $dbname . ".oauth(oauth_key,oauth_expiry,device,profile_id) value ('{$token}','{$dtm}','{$device}',{$profile_id})"; $result = $conn->query($sql); $oauth_key = $token; header($_SERVER["SERVER_PROTOCOL"] . " " . $GLOBALS['status_found']); header('Oauth: ' . $oauth_key); $res = get_userdata($profile_id); $result_array = array('status' => 'Success', 'message' => 'User found', 'number_of_devices_logged_in' => get_users_logged_in($profile_id), 'secret_key' => $secret, 'user_data' => $res); // /* // * write to logs // */ // date_default_timezone_set('Asia/Calcutta'); // $date = date_create(); // date_timestamp_set($date, time()); // $dtm = date_format($date, "Y-m-d H:i:s"); // //echo $dtm; // //exit; // $sql = "insert into " . $dbname . ".logs(profile_id,state,mytime,oauth_key,device) value ($profile_id,'login','$dtm','$oauth_key','$device')"; // $result = $conn->query($sql); $conn->close(); } else { if ($oauth_key != null) { $res = get_userdata($profile_id); header($_SERVER["SERVER_PROTOCOL"] . " " . $GLOBALS['status_found']); header('oauth: ' . $oauth_key); $status = "Sucess"; $result_array = array('status' => 'Success', 'message' => 'User found', 'number_of_devices_logged_in' => get_users_logged_in($profile_id), 'secret_key' => $secret, 'user_data' => $res); /* * write to logs */ date_default_timezone_set('Asia/Calcutta'); $date = date_create(); date_timestamp_set($date, time()); $dtm = date_format($date, "Y-m-d H:i:s"); $sql = "insert into " . $dbname . ".logs(profile_id,state,mytime,oauth_key,device) value ({$profile_id},'login','{$dtm}','{$oauth_key}','{$device}')"; $result = $conn->query($sql); } else { header($_SERVER["SERVER_PROTOCOL"] . " " . $GLOBALS['status_notfound']); // header('oauth: ' . $oauth_key); $result_array = array('status' => 'Failure', 'message' => 'User not found'); } } print_r(json_encode($result_array)); } else { header($_SERVER["SERVER_PROTOCOL"] . " " . $GLOBALS['status_notfound']); $result_array = array('status' => 'Failure', 'message' => 'Admin access denied'); } } }
<?php if (isset($_GET['authToken']) && isset($_GET['id'])) { $auth = $_GET['authToken']; $id = $_GET['id']; check_oauth($auth, $id); } else { $apiResponse = array('status' => 'error', 'statusCode' => 405, 'message' => 'Method not allowed', 'error' => 'Method not allowed'); print_r(json_encode($apiResponse)); } function check_oauth($auth, $id) { include 'sql.php'; $SQL = "SELECT * FROM oauth WHERE profile_id = {$id}"; $result = $conn->query($SQL); if ($result->num_rows > 0) { $row = $result->fetch_assoc(); if ($row['oauth_key'] == $auth) { getlist(); $conn->close(); } else { $apiResponse = array('status' => 'error', 'statusCode' => 404, 'message' => 'User not found'); print_r(json_encode($apiResponse)); } } } function getlist() { include 'sql.php'; $SQL = "SELECT * FROM video"; $result = $conn->query($SQL);