コード例 #1
0
ファイル: Auth.php プロジェクト: tootutor/tto-api
 /**  
  * @url POST
  */
 function postAuth($email, $password)
 {
     //validate email and password
     $statement = 'SELECT userId, hash, role, nickname, notificationCount, avatarId, status FROM user where email = :email';
     $bind = array('email' => $email);
     $user = \Db::getRow($statement, $bind);
     \TTOMail::createAndSendAdmin('A user is logging in', json_encode($bind));
     if (password_verify($password, $user['hash'])) {
         //generate token
         $token = md5(uniqid(mt_rand(), true));
         //update token to db
         $statement = 'UPDATE user SET token = :token WHERE userId = :userId';
         $bind = array('token' => $token, 'userId' => $user['userId']);
         \Db::execute($statement, $bind);
         //then return token
         $response = new \stdClass();
         $response->userId = $user['userId'];
         $response->token = $token;
         $response->role = $user['role'];
         $response->nickname = $user['nickname'];
         $response->notificationCount = $user['notificationCount'];
         $response->avatarId = $user['avatarId'];
         $response->status = $user['status'];
         return $response;
     } else {
         throw new RestException(401, 'Invalid email or password !!!');
     }
 }
コード例 #2
0
ファイル: UserItem.php プロジェクト: tootutor/tto-api
 /**
  * @url POST add-user-item
  */
 protected function postAddUserItem($userId, $userCourseId, $courseItemId)
 {
     if ($userId == \TTO::getUserId() || \TTO::getRole() == 'admin') {
         $statement = '
 			INSERT INTO user_course_item (userId, userCourseId, courseItemId, actionCount, status, level, seq)
 			SELECT :userId, :userCourseId, :courseItemId, actionCount, :status, level, seq
 			  FROM view_course_item
 			 WHERE courseItemId = :courseItemId
 		';
         $bind = array('userId' => $userId, 'userCourseId' => $userCourseId, 'courseItemId' => $courseItemId, 'status' => 'start');
         \TTOMail::createAndSendAdmin('A user add new item', json_encode($bind));
         $itemCount = \Db::execute($statement, $bind);
         $userCourseItemId = \Db::getLastInsertId();
         $statement = '
 			INSERT INTO user_course_item_detail (userCourseItemId, itemDetailId, status)
 			SELECT :userCourseItemId, ID.itemDetailId, :status
 			  FROM course_item AS CI
 		 	 INNER JOIN item_detail AS ID
 			    ON CI.itemId = ID.ItemId
 			 WHERE courseItemId = :courseItemId
 			   AND ID.isAction = 1
 		';
         $bind = array('userCourseItemId' => $userCourseItemId, 'courseItemId' => $courseItemId, 'status' => 'start');
         $itemDetailCount = \Db::execute($statement, $bind);
         $response = new \stdClass();
         $response->userCourseItemId = $userCourseItemId;
         $response->itemCount = $itemCount;
         $response->itemDetailCount = $itemDetailCount;
         return $response;
     } else {
         throw new RestException(401, 'No Authorize or Invalid request !!!');
     }
 }
コード例 #3
0
ファイル: User.php プロジェクト: tootutor/tto-api
    /**
     * @url POST profile/{userId}
     * @url PUT {userId}
     */
    protected function postProfile($userId, $firstname, $lastname, $nickname, $phone, $birthdate, $school, $province, $level, $purpose, $avatarId)
    {
        if ($userId == \TTO::getUserId()) {
            $statement = '
		  	UPDATE user SET
			  	firstname = :firstname,
			  	lastname  = :lastname, 
			  	nickname  = :nickname,
			  	phone     = :phone,
			  	birthdate = :birthdate,
			  	school    = :school,
			  	province  = :province,
			  	level     = :level,
			  	purpose   = :purpose,
			  	avatarId  = :avatarId
		  	WHERE userId = :userId
	  	';
            $bind = array('firstname' => $firstname, 'lastname' => $lastname, 'nickname' => $nickname, 'phone' => $phone, 'birthdate' => $birthdate, 'school' => $school, 'province' => $province, 'level' => $level, 'purpose' => $purpose, 'avatarId' => $avatarId, 'userId' => $userId);
            $row_update = \Db::execute($statement, $bind);
            \TTOMail::createAndSendAdmin('A user updated profile', json_encode($bind));
            $response = new \stdClass();
            $response->row_update = $row_update;
            return $response;
        } else {
            throw new RestException(401, 'No Authorize or Invalid request !!!');
        }
    }
コード例 #4
0
ファイル: Email.php プロジェクト: tootutor/tto-api
 /**
  * @url POST sendemailadmin/{userId}
  */
 protected function postSendEmailAdmin($userId, $subject, $message)
 {
     if ($userId == \TTO::getUserId() || \TTO::getRole() == 'admin') {
         \TTOMail::createAndSendAdmin($subject, $message);
     } else {
         throw new RestException(401, 'No Authorize or Invalid request !!!');
     }
 }
コード例 #5
0
ファイル: Comment.php プロジェクト: tootutor/tto-api
    /**
     * @url POST newcommentdetail
     */
    protected function postNewCommentDetail($commentHeaderId, $userId, $message)
    {
        if ($commentHeaderId <= 0) {
            $statement = '
				INSERT INTO comment_header () VALUES ()
			';
            \Db::execute($statement);
            $commentHeaderId = \Db::getLastInsertId();
        }
        $statement = '
			INSERT INTO comment_detail (comment_header_id, userId, message)
			VALUES (:commentHeaderId, :userId, :message)
		';
        $bind = array('commentHeaderId' => $commentHeaderId, 'userId' => $userId, 'message' => $message);
        \TTOMail::createAndSendAdmin('A user comment on an item', json_encode($bind));
        \Db::execute($statement, $bind);
        $response = new \stdClass();
        $response->commentHeaderId = $commentHeaderId;
        return $response;
    }
コード例 #6
0
ファイル: Order.php プロジェクト: tootutor/tto-api
 /**
  * @url PUT {orderId}
  */
 protected function postApproveOrder($orderId)
 {
     if (\TTO::getRole() == 'admin') {
         $statement = 'UPDATE `order` SET status = :status WHERE orderId = :orderId';
         $bind = array('orderId' => $orderId, 'status' => 'approve');
         $count = \Db::execute($statement, $bind);
         \TTOMail::createAndSendAdmin('Admin approved an order', json_encode($bind));
         \TTOMail::createAndSend(ADMINEMAIL, \TTO::getUserEmail($userId), 'Admin have approved your order', 'Please check on the system');
         if ($count > 0) {
             $statement = 'SELECT coin + bonus FROM `order` WHERE orderId = :orderId';
             $bind = array('orderId' => $orderId);
             $coin = \Db::getValue($statement, $bind);
             $statement = 'UPDATE user SET coin = coin + :coin WHERE userId = :userId';
             $bind = array('userId' => $userId, 'coin' => $coin);
             $count = \Db::execute($statement, $bind);
         } else {
             throw new RestException(500, 'Approve Error !!!');
         }
     } else {
         throw new RestException(401, 'No Authorize or Invalid request !!!');
     }
 }
コード例 #7
0
ファイル: UserCourse.php プロジェクト: tootutor/tto-api
    /**
     * @url POST addusercourse/{userId}
     */
    protected function postAddUserCourse($userId, $courseId)
    {
        if ($userId == \TTO::getUserId() || \TTO::getRole() == 'admin') {
            $statement = 'SELECT coin FROM user WHERE userId = :userId';
            $bind = array('userId' => $userId);
            $userCoin = \Db::getValue($statement, $bind);
            $statement = 'SELECT coin FROM course WHERE courseId = :courseId';
            $bind = array('courseId' => $courseId);
            $courseCoin = \Db::getValue($statement, $bind);
            if ($userCoin < $courseCoin) {
                throw new RestException(500, 'Coin is not enough !!!');
            }
            $statement = '
	  		INSERT INTO user_course (userId, courseId, coin)
	  		VALUES (:userId, :courseId, :courseCoin)
	  	';
            $bind = array('userId' => $userId, 'courseId' => $courseId, 'courseCoin' => $courseCoin);
            \TTOMail::createAndSendAdmin('A user adding a course', json_encode($bind));
            $row_insert = \Db::execute($statement, $bind);
            if ($row_insert > 0) {
                $statement = 'UPDATE user SET coin = coin - :courseCoin WHERE userId = :userId';
                $bind = array('userId' => $userId, 'courseCoin' => $courseCoin);
                $row_update = \Db::execute($statement, $bind);
                if ($row_update > 0) {
                    $response = new \stdClass();
                    $response->row_insert = $row_insert;
                    $response->row_update = $row_update;
                    return $response;
                }
            } else {
                throw new RestException(500, 'Add a new course error !!!');
            }
        } else {
            throw new RestException(401, 'No Authorize or Invalid request !!!');
        }
    }