public function processQuery()
{
try {
$action = $_GET["action"];
$user = $_GET["user"];
$follow = $_GET["follow"];
/* on préviens le cas ou $_GET["action"] n'est pas spécifié
ou pas définit, on lui donne par défaut la valeur "main"
*/
if (!isset($action) || $action == "") {
$action = "frontpage";
}
if (!in_array($action, $this->authKey)) {
$action = "frontpage";
}
switch ($action) {
/* PAGE */
case 'frontpage':
$controller = new ControllerUser();
$controller->displayUserHome($user);
break;
case 'followers':
$controller = new ControllerUser();
$controller->displayUserFollowers($user);
break;
/* TRAITEMENT */
/* TRAITEMENT */
case 'uploadNewPicture':
$controller = new ControllerUpload();
$controller->uploadPicture();
break;
case 'uploadProfilePicture':
$controller = new ControllerUpload();
$controller->uploadPicture("account_picture.jpg");
break;
case 'uploadBannerPicture':
$controller = new ControllerUpload();
$controller->uploadPicture("banner_picture.jpg");
break;
case 'follow':
$controller = new ControllerUser();
$controller->follow($follow);
break;
case 'deletePicture':
$controller = new ControllerUser();
$controller->deletePicture($_POST["idPictureToDelete"]);
break;
}
} catch (Exception $error) {
$this->processError($error->getMessage());
}
}
<?php
require_once '../header_rest.php';
$controllerRestAgent = new ControllerAgent();
$controllerUser = new ControllerUser();
$user_id = "";
if (!empty($_POST['user_id'])) {
$user_id = $_POST['user_id'];
}
$login_hash = "";
if (!empty($_POST['login_hash'])) {
$login_hash = $_POST['login_hash'];
}
$address = "";
if (!empty($_POST['address'])) {
$address = trim(strip_tags($_POST['address']));
}
$contact_no = "";
if (!empty($_POST['contact_no'])) {
$contact_no = trim(strip_tags($_POST['contact_no']));
}
$country = "";
if (!empty($_POST['country'])) {
$country = trim(strip_tags($_POST['country']));
}
$email = "";
if (!empty($_POST['email'])) {
$email = $_POST['email'];
}
$name = "";
if (!empty($_POST['name'])) {
<?php
require '../header_rest.php';
$controllerRest = new ControllerRest();
$controllerUser = new ControllerUser();
$password = "";
if (!empty($_POST['password'])) {
$password = md5($_POST['password']);
}
$full_name = "";
if (!empty($_POST['full_name'])) {
$full_name = $_POST['full_name'];
}
$email = "";
if (!empty($_POST['email'])) {
$email = $_POST['email'];
}
$user_id = "";
if (!empty($_POST['user_id'])) {
$user_id = $_POST['user_id'];
}
$login_hash = "";
if (!empty($_POST['login_hash'])) {
$login_hash = $_POST['login_hash'];
}
if (!$controllerUser->isUserIdExistAndHash($user_id, $login_hash)) {
$json = "{ \"status\" : { \"status_code\" : \"3\", \"status_text\" : \"Invalid Access\" } }";
echo $json;
} else {
$itm = $controllerUser->getUserByUserId($user_id);
if ($itm != null) {
function updateUserAccess($user_id, $deny_access)
{
$controller = new ControllerUser();
$controller->updateUserAccess($user_id, $deny_access);
echo "<script type='text/javascript'>location.href='users.php';</script>";
}
<?php
require_once 'models/User.php';
require_once 'header.php';
$controller = new ControllerUser('application/DB_Connect.php');
$users = $controller->getUsers();
if (!empty($_SERVER['QUERY_STRING'])) {
$extras = new Extras();
$params = $extras->decryptQuery2(KEY_SALT, $_SERVER['QUERY_STRING']);
$user_id = $params[0];
$deny_access = $params[1] == 0 ? 1 : 0;
if ($params != null) {
$controller->updateUserAccess($user_id, $deny_access);
echo "<script type='text/javascript'>location.href='users.php';</script>";
} else {
echo "<script type='text/javascript'>location.href='403.php';</script>";
}
}
$search_criteria = "";
if (isset($_POST['button_search'])) {
$search_criteria = trim(strip_tags($_POST['search']));
$users = $controller->getUsersBySearching($search_criteria);
}
?>
<!DOCTYPE html>
<html lang="en"><head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<?php
require '../header_rest.php';
$controllerRest = new ControllerRest();
$controllerDeal = new ControllerDeal();
$controllerCategory = new ControllerCategory();
$controllerCatDealAssoc = new ControllerCatDealAssoc();
$controllerUser = new ControllerUser();
$deal_id = 0;
if (!empty($_POST['deal_id'])) {
$deal_id = $_POST['deal_id'];
}
$user_id = 0;
if (!empty($_POST['user_id'])) {
$user_id = $_POST['user_id'];
}
$login_hash = "";
if (!empty($_POST['login_hash'])) {
$login_hash = $_POST['login_hash'];
}
$api_key = "";
if (!empty($_POST['api_key'])) {
$api_key = $_POST['api_key'];
}
if (!$controllerUser->isUserIdExistAndHash($user_id, $login_hash) || Constants::API_KEY != $api_key) {
$jsonArray = array();
$jsonArray['status'] = array('status_code' => "3", 'status_text' => "Invalid Access. Please relogin.");
echo json_encode($jsonArray);
} else {
if ($deal_id > 0) {
$controllerDeal->deleteDeal($deal_id, 1);
<?php
require_once 'header.php';
$controller = new ControllerAgent();
$controllerUser = new ControllerUser();
$users = $controllerUser->getUsers();
$extras = new Extras();
$agent_id = $extras->decryptQuery1(KEY_SALT, $_SERVER['QUERY_STRING']);
if ($agent_id != null) {
$agent = $controller->getAgentByAgentId($agent_id);
if (isset($_POST['submit'])) {
$itm = new Agent();
$itm->address = trim(strip_tags($_POST['address']));
$itm->contact_no = trim(strip_tags($_POST['contact_no']));
$itm->country = trim(strip_tags($_POST['country']));
$itm->created_at = time();
$itm->email = trim(strip_tags($_POST['email']));
$itm->name = trim(strip_tags($_POST['name']));
$itm->sms = trim(strip_tags($_POST['sms']));
$itm->updated_at = time();
$itm->zipcode = trim(strip_tags($_POST['zipcode']));
$itm->photo_url = trim(strip_tags($_POST['photo_url']));
$itm->thumb_url = trim(strip_tags($_POST['thumb_url']));
$itm->twitter = trim(strip_tags($_POST['twitter']));
$itm->fb = trim(strip_tags($_POST['fb']));
$itm->linkedin = trim(strip_tags($_POST['linkedin']));
$itm->company = trim(strip_tags($_POST['company']));
$itm->user_id = trim(strip_tags($_POST['user_id']));
$itm->agent_id = $agent_id;
$count = count($_FILES["file"]["name"]);
if (!empty($_FILES["file"]["name"][0]) && !empty($_FILES["file"]["name"][1])) {
<?php
require_once 'header.php';
$controller = new ControllerStore();
$controllerReview = new ControllerReview();
$controllerUser = new ControllerUser();
if (!empty($_SERVER['QUERY_STRING'])) {
$extras = new Extras();
$store_id = $extras->decryptQuery1(KEY_SALT, $_SERVER['QUERY_STRING']);
$review_delete = $extras->decryptQuery2(KEY_SALT, $_SERVER['QUERY_STRING']);
$reviews = $controllerReview->getReviewsByStoreId($store_id);
$store = $controller->getStoreByStoreId($store_id);
if ($review_delete != null) {
$store_id = $review_delete[0];
$review_id = $review_delete[1];
$controllerReview->deleteReview($review_id, 1);
$viewUrl = $extras->encryptQuery1(KEY_SALT, 'store_id', $store_id, 'store_reviews_view.php');
echo "<script type='text/javascript'>location.href='{$viewUrl}';</script>";
}
if ($store_id == null) {
echo "<script type='text/javascript'>location.href='403.php';</script>";
}
}
?>
<!DOCTYPE html>
<html lang="en"><head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<?php
require '../header_rest.php';
$controllerRest = new ControllerRest();
$controllerUser = new ControllerUser();
$controllerRating = new ControllerRating();
$user_id = 0;
if (!empty($_POST['user_id'])) {
$user_id = $_POST['user_id'];
}
$store_id = 0;
if (!empty($_POST['store_id'])) {
$store_id = $_POST['store_id'];
}
$login_hash = 0;
if (!empty($_POST['login_hash'])) {
$login_hash = $_POST['login_hash'];
}
if (!empty($user_id) && !empty($store_id) && !empty($login_hash)) {
if (!$controllerUser->isUserIdExistAndHash($user_id, $login_hash)) {
$json = "{ \"status\" : { \"status_code\" : \"3\", \"status_text\" : \"Invalid Access\" } }";
echo $json;
} else {
$itm = $controllerRating->checkUserCanRate($store_id, $user_id);
$canRate = $itm != null ? -1 : 1;
// header ("content-type: text/json");
header("Content-Type: application/text; charset=ISO-8859-1");
echo "{";
echo "\"store_rating\" : { \"store_id\" : \"{$store_id}\", \"can_rate\" : \"{$canRate}\" }, \"status\" : { \"status_code\" : \"-1\", \"status_text\" : \"Success.\" }";
echo "}";
}
<?php
require_once '../header_rest.php';
$controllerUser = new ControllerUser();
if (!empty($_POST['username'])) {
$username = $_POST['username'];
}
if (!empty($_POST['password'])) {
$password = md5($_POST['password']);
}
$full_name = "";
if (!empty($_POST['full_name'])) {
$full_name = $_POST['full_name'];
}
$email = "";
if (!empty($_POST['email'])) {
$email = $_POST['email'];
}
if (!empty($_POST['facebook_id'])) {
$facebook_id = $_POST['facebook_id'];
}
if (!empty($_POST['twitter_id'])) {
$twitter_id = $_POST['twitter_id'];
}
if (!empty($username) && !empty($password) && !empty($full_name) && !empty($email)) {
if (!$controllerUser->isUserExist($username)) {
if ($controllerUser->isEmailExist($email)) {
$json = "{ \"status\" : { \"status_code\" : \"1\", \"status_text\" : \"Email already registered.\" } }";
} else {
$itm = new User();
$itm->username = $username;
<?php
require_once '../header_rest.php';
$controllerUser = new ControllerUser();
$full_name = "";
if (!empty($_POST['full_name'])) {
$full_name = $_POST['full_name'];
}
$email = "";
if (!empty($_POST['email'])) {
$email = $_POST['email'];
}
$facebook_id = "";
if (!empty($_POST['facebook_id'])) {
$facebook_id = $_POST['facebook_id'];
}
$twitter_id = "";
if (!empty($_POST['twitter_id'])) {
$twitter_id = $_POST['twitter_id'];
}
$google_id = "";
if (!empty($_POST['google_id'])) {
$google_id = $_POST['google_id'];
}
$thumb_url = "";
if (!empty($_POST['thumb_url'])) {
$thumb_url = $_POST['thumb_url'];
}
$api_key = "";
if (!empty($_POST['api_key'])) {
$api_key = $_POST['api_key'];
<?php
require_once '../header_rest.php';
$controllerUser = new ControllerUser();
if (!empty($_POST['username'])) {
$username = $_POST['username'];
}
if (!empty($_POST['password'])) {
$password = md5($_POST['password']);
}
if (!empty($_POST['facebook_id'])) {
$facebook_id = $_POST['facebook_id'];
}
if (!empty($_POST['twitter_id'])) {
$twitter_id = $_POST['twitter_id'];
}
if (!empty($username) && !empty($password)) {
$user = $controllerUser->loginUser($username, $password);
if ($user != null) {
// update the hash
$controllerUser->updateUserHash($user);
$json = translateJSON($user);
} else {
$json = "{\n \"status\" : {\n \"status_code\" : \"1\",\n \"status_text\" : \"Username/Password Invalid or you are being denied to access. Please try again.\"\n }\n }";
}
echo $json;
} else {
if (!empty($facebook_id)) {
$user = $controllerUser->loginFacebook($facebook_id);
if ($user != null) {
// update the hash
<?php
require_once '../header_rest.php';
$controllerUser = new ControllerUser();
if (!empty($_POST['user_id'])) {
$user_id = $_POST['user_id'];
}
if (!empty($_POST['login_hash'])) {
$login_hash = $_POST['login_hash'];
}
$photo_url = "";
if (!empty($_POST['photo_url'])) {
$photo_url = trim(strip_tags($_POST['photo_url']));
}
$thumb_url = "";
if (!empty($_POST['thumb_url'])) {
$thumb_url = trim(strip_tags($_POST['thumb_url']));
}
if (!empty($login_hash) && !empty($user_id)) {
$user = $controllerUser->getUserByUserId($user_id);
$login_hash = str_replace(" ", "+", $login_hash);
if ($user != null) {
if ($user->login_hash == $login_hash) {
$itm = $user;
if (!empty($_FILES["thumb_file"]["name"]) && !empty($_FILES["photo_file"]["name"])) {
$desired_dir = Constants::IMAGE_UPLOAD_DIR;
$desired_dir_path = "../" . Constants::IMAGE_UPLOAD_DIR;
if (is_dir($desired_dir_path) == false) {
// Create directory if it does not exist
mkdir("{$desired_dir_path}", 0700);
}
