public function processQuery() { try { $action = $_GET["action"]; $user = $_GET["user"]; $follow = $_GET["follow"]; /* on préviens le cas ou $_GET["action"] n'est pas spécifié ou pas définit, on lui donne par défaut la valeur "main" */ if (!isset($action) || $action == "") { $action = "frontpage"; } if (!in_array($action, $this->authKey)) { $action = "frontpage"; } switch ($action) { /* PAGE */ case 'frontpage': $controller = new ControllerUser(); $controller->displayUserHome($user); break; case 'followers': $controller = new ControllerUser(); $controller->displayUserFollowers($user); break; /* TRAITEMENT */ /* TRAITEMENT */ case 'uploadNewPicture': $controller = new ControllerUpload(); $controller->uploadPicture(); break; case 'uploadProfilePicture': $controller = new ControllerUpload(); $controller->uploadPicture("account_picture.jpg"); break; case 'uploadBannerPicture': $controller = new ControllerUpload(); $controller->uploadPicture("banner_picture.jpg"); break; case 'follow': $controller = new ControllerUser(); $controller->follow($follow); break; case 'deletePicture': $controller = new ControllerUser(); $controller->deletePicture($_POST["idPictureToDelete"]); break; } } catch (Exception $error) { $this->processError($error->getMessage()); } }
<?php require_once '../header_rest.php'; $controllerRestAgent = new ControllerAgent(); $controllerUser = new ControllerUser(); $user_id = ""; if (!empty($_POST['user_id'])) { $user_id = $_POST['user_id']; } $login_hash = ""; if (!empty($_POST['login_hash'])) { $login_hash = $_POST['login_hash']; } $address = ""; if (!empty($_POST['address'])) { $address = trim(strip_tags($_POST['address'])); } $contact_no = ""; if (!empty($_POST['contact_no'])) { $contact_no = trim(strip_tags($_POST['contact_no'])); } $country = ""; if (!empty($_POST['country'])) { $country = trim(strip_tags($_POST['country'])); } $email = ""; if (!empty($_POST['email'])) { $email = $_POST['email']; } $name = ""; if (!empty($_POST['name'])) {
<?php require '../header_rest.php'; $controllerRest = new ControllerRest(); $controllerUser = new ControllerUser(); $password = ""; if (!empty($_POST['password'])) { $password = md5($_POST['password']); } $full_name = ""; if (!empty($_POST['full_name'])) { $full_name = $_POST['full_name']; } $email = ""; if (!empty($_POST['email'])) { $email = $_POST['email']; } $user_id = ""; if (!empty($_POST['user_id'])) { $user_id = $_POST['user_id']; } $login_hash = ""; if (!empty($_POST['login_hash'])) { $login_hash = $_POST['login_hash']; } if (!$controllerUser->isUserIdExistAndHash($user_id, $login_hash)) { $json = "{ \"status\" : { \"status_code\" : \"3\", \"status_text\" : \"Invalid Access\" } }"; echo $json; } else { $itm = $controllerUser->getUserByUserId($user_id); if ($itm != null) {
function updateUserAccess($user_id, $deny_access) { $controller = new ControllerUser(); $controller->updateUserAccess($user_id, $deny_access); echo "<script type='text/javascript'>location.href='users.php';</script>"; }
<?php require_once 'models/User.php'; require_once 'header.php'; $controller = new ControllerUser('application/DB_Connect.php'); $users = $controller->getUsers(); if (!empty($_SERVER['QUERY_STRING'])) { $extras = new Extras(); $params = $extras->decryptQuery2(KEY_SALT, $_SERVER['QUERY_STRING']); $user_id = $params[0]; $deny_access = $params[1] == 0 ? 1 : 0; if ($params != null) { $controller->updateUserAccess($user_id, $deny_access); echo "<script type='text/javascript'>location.href='users.php';</script>"; } else { echo "<script type='text/javascript'>location.href='403.php';</script>"; } } $search_criteria = ""; if (isset($_POST['button_search'])) { $search_criteria = trim(strip_tags($_POST['search'])); $users = $controller->getUsersBySearching($search_criteria); } ?> <!DOCTYPE html> <html lang="en"><head> <meta http-equiv="content-type" content="text/html; charset=UTF-8"> <meta charset="utf-8"> <meta http-equiv="X-UA-Compatible" content="IE=edge">
<?php require '../header_rest.php'; $controllerRest = new ControllerRest(); $controllerDeal = new ControllerDeal(); $controllerCategory = new ControllerCategory(); $controllerCatDealAssoc = new ControllerCatDealAssoc(); $controllerUser = new ControllerUser(); $deal_id = 0; if (!empty($_POST['deal_id'])) { $deal_id = $_POST['deal_id']; } $user_id = 0; if (!empty($_POST['user_id'])) { $user_id = $_POST['user_id']; } $login_hash = ""; if (!empty($_POST['login_hash'])) { $login_hash = $_POST['login_hash']; } $api_key = ""; if (!empty($_POST['api_key'])) { $api_key = $_POST['api_key']; } if (!$controllerUser->isUserIdExistAndHash($user_id, $login_hash) || Constants::API_KEY != $api_key) { $jsonArray = array(); $jsonArray['status'] = array('status_code' => "3", 'status_text' => "Invalid Access. Please relogin."); echo json_encode($jsonArray); } else { if ($deal_id > 0) { $controllerDeal->deleteDeal($deal_id, 1);
<?php require_once 'header.php'; $controller = new ControllerAgent(); $controllerUser = new ControllerUser(); $users = $controllerUser->getUsers(); $extras = new Extras(); $agent_id = $extras->decryptQuery1(KEY_SALT, $_SERVER['QUERY_STRING']); if ($agent_id != null) { $agent = $controller->getAgentByAgentId($agent_id); if (isset($_POST['submit'])) { $itm = new Agent(); $itm->address = trim(strip_tags($_POST['address'])); $itm->contact_no = trim(strip_tags($_POST['contact_no'])); $itm->country = trim(strip_tags($_POST['country'])); $itm->created_at = time(); $itm->email = trim(strip_tags($_POST['email'])); $itm->name = trim(strip_tags($_POST['name'])); $itm->sms = trim(strip_tags($_POST['sms'])); $itm->updated_at = time(); $itm->zipcode = trim(strip_tags($_POST['zipcode'])); $itm->photo_url = trim(strip_tags($_POST['photo_url'])); $itm->thumb_url = trim(strip_tags($_POST['thumb_url'])); $itm->twitter = trim(strip_tags($_POST['twitter'])); $itm->fb = trim(strip_tags($_POST['fb'])); $itm->linkedin = trim(strip_tags($_POST['linkedin'])); $itm->company = trim(strip_tags($_POST['company'])); $itm->user_id = trim(strip_tags($_POST['user_id'])); $itm->agent_id = $agent_id; $count = count($_FILES["file"]["name"]); if (!empty($_FILES["file"]["name"][0]) && !empty($_FILES["file"]["name"][1])) {
<?php require_once 'header.php'; $controller = new ControllerStore(); $controllerReview = new ControllerReview(); $controllerUser = new ControllerUser(); if (!empty($_SERVER['QUERY_STRING'])) { $extras = new Extras(); $store_id = $extras->decryptQuery1(KEY_SALT, $_SERVER['QUERY_STRING']); $review_delete = $extras->decryptQuery2(KEY_SALT, $_SERVER['QUERY_STRING']); $reviews = $controllerReview->getReviewsByStoreId($store_id); $store = $controller->getStoreByStoreId($store_id); if ($review_delete != null) { $store_id = $review_delete[0]; $review_id = $review_delete[1]; $controllerReview->deleteReview($review_id, 1); $viewUrl = $extras->encryptQuery1(KEY_SALT, 'store_id', $store_id, 'store_reviews_view.php'); echo "<script type='text/javascript'>location.href='{$viewUrl}';</script>"; } if ($store_id == null) { echo "<script type='text/javascript'>location.href='403.php';</script>"; } } ?> <!DOCTYPE html> <html lang="en"><head> <meta http-equiv="content-type" content="text/html; charset=UTF-8"> <meta charset="utf-8"> <meta http-equiv="X-UA-Compatible" content="IE=edge">
<?php require '../header_rest.php'; $controllerRest = new ControllerRest(); $controllerUser = new ControllerUser(); $controllerRating = new ControllerRating(); $user_id = 0; if (!empty($_POST['user_id'])) { $user_id = $_POST['user_id']; } $store_id = 0; if (!empty($_POST['store_id'])) { $store_id = $_POST['store_id']; } $login_hash = 0; if (!empty($_POST['login_hash'])) { $login_hash = $_POST['login_hash']; } if (!empty($user_id) && !empty($store_id) && !empty($login_hash)) { if (!$controllerUser->isUserIdExistAndHash($user_id, $login_hash)) { $json = "{ \"status\" : { \"status_code\" : \"3\", \"status_text\" : \"Invalid Access\" } }"; echo $json; } else { $itm = $controllerRating->checkUserCanRate($store_id, $user_id); $canRate = $itm != null ? -1 : 1; // header ("content-type: text/json"); header("Content-Type: application/text; charset=ISO-8859-1"); echo "{"; echo "\"store_rating\" : { \"store_id\" : \"{$store_id}\", \"can_rate\" : \"{$canRate}\" }, \"status\" : { \"status_code\" : \"-1\", \"status_text\" : \"Success.\" }"; echo "}"; }
<?php require_once '../header_rest.php'; $controllerUser = new ControllerUser(); if (!empty($_POST['username'])) { $username = $_POST['username']; } if (!empty($_POST['password'])) { $password = md5($_POST['password']); } $full_name = ""; if (!empty($_POST['full_name'])) { $full_name = $_POST['full_name']; } $email = ""; if (!empty($_POST['email'])) { $email = $_POST['email']; } if (!empty($_POST['facebook_id'])) { $facebook_id = $_POST['facebook_id']; } if (!empty($_POST['twitter_id'])) { $twitter_id = $_POST['twitter_id']; } if (!empty($username) && !empty($password) && !empty($full_name) && !empty($email)) { if (!$controllerUser->isUserExist($username)) { if ($controllerUser->isEmailExist($email)) { $json = "{ \"status\" : { \"status_code\" : \"1\", \"status_text\" : \"Email already registered.\" } }"; } else { $itm = new User(); $itm->username = $username;
<?php require_once '../header_rest.php'; $controllerUser = new ControllerUser(); $full_name = ""; if (!empty($_POST['full_name'])) { $full_name = $_POST['full_name']; } $email = ""; if (!empty($_POST['email'])) { $email = $_POST['email']; } $facebook_id = ""; if (!empty($_POST['facebook_id'])) { $facebook_id = $_POST['facebook_id']; } $twitter_id = ""; if (!empty($_POST['twitter_id'])) { $twitter_id = $_POST['twitter_id']; } $google_id = ""; if (!empty($_POST['google_id'])) { $google_id = $_POST['google_id']; } $thumb_url = ""; if (!empty($_POST['thumb_url'])) { $thumb_url = $_POST['thumb_url']; } $api_key = ""; if (!empty($_POST['api_key'])) { $api_key = $_POST['api_key'];
<?php require_once '../header_rest.php'; $controllerUser = new ControllerUser(); if (!empty($_POST['username'])) { $username = $_POST['username']; } if (!empty($_POST['password'])) { $password = md5($_POST['password']); } if (!empty($_POST['facebook_id'])) { $facebook_id = $_POST['facebook_id']; } if (!empty($_POST['twitter_id'])) { $twitter_id = $_POST['twitter_id']; } if (!empty($username) && !empty($password)) { $user = $controllerUser->loginUser($username, $password); if ($user != null) { // update the hash $controllerUser->updateUserHash($user); $json = translateJSON($user); } else { $json = "{\n \"status\" : {\n \"status_code\" : \"1\",\n \"status_text\" : \"Username/Password Invalid or you are being denied to access. Please try again.\"\n }\n }"; } echo $json; } else { if (!empty($facebook_id)) { $user = $controllerUser->loginFacebook($facebook_id); if ($user != null) { // update the hash
<?php require_once '../header_rest.php'; $controllerUser = new ControllerUser(); if (!empty($_POST['user_id'])) { $user_id = $_POST['user_id']; } if (!empty($_POST['login_hash'])) { $login_hash = $_POST['login_hash']; } $photo_url = ""; if (!empty($_POST['photo_url'])) { $photo_url = trim(strip_tags($_POST['photo_url'])); } $thumb_url = ""; if (!empty($_POST['thumb_url'])) { $thumb_url = trim(strip_tags($_POST['thumb_url'])); } if (!empty($login_hash) && !empty($user_id)) { $user = $controllerUser->getUserByUserId($user_id); $login_hash = str_replace(" ", "+", $login_hash); if ($user != null) { if ($user->login_hash == $login_hash) { $itm = $user; if (!empty($_FILES["thumb_file"]["name"]) && !empty($_FILES["photo_file"]["name"])) { $desired_dir = Constants::IMAGE_UPLOAD_DIR; $desired_dir_path = "../" . Constants::IMAGE_UPLOAD_DIR; if (is_dir($desired_dir_path) == false) { // Create directory if it does not exist mkdir("{$desired_dir_path}", 0700); }