$permission = get_permission($owner, $_GET['id']);
$end_date_reached = false;
if ($permission['end']) {
$end_date_reached = time() > strtotime($permission['end']);
}
if ($permission && !$end_date_reached) {
// user is allowed
// TODO check the end value
// log the request if it is a swipe
add_swipe($_GET['id'], $owner, 0, 1);
send_headers();
$response = array("version" => $version, "response" => "OK", "uid" => $owner);
echo json_encode($response);
} else {
// user is not allowed
add_swipe($_GET['id'], $owner, 0, 0);
forbidden();
}
} else {
bad_request();
}
} else {
bad_request();
}
}
function bad_request()
{
header(':', true, 400);
send_headers();
$response = array("version" => $version, "response" => "Bad Request");
echo json_encode($response);
function checkout_job($uid, $job)
{
$user = get_user_by_uid($uid);
if ($user && $job['price'] > 0) {
$swipe = add_swipe(0, $user['uid'], 4, 1);
add_swipe_to_job($job['id'], $swipe);
debit_account($user['uid'], $job['price']);
$link = open_database_connection();
$query = "UPDATE jobs SET status = '2' WHERE id = '" . mysqli_real_escape_string($link, $job['id']) . "'";
$result = mysqli_query($link, $query);
// free result set
mysqli_free_result($result);
// close connection
mysqli_close($link);
return $result;
}
}
