public function authenticateAction() { $mapper = new Application_Model_TableMapper(); $table_name = 'users'; $email = $this->_getParam('email', 'Missing User ID'); $password = $this->_getParam('password', ''); $data = array(); try { $salt = $this->_helper->utilities->create_salt(); $hash = $this->_helper->utilities->create_hash($password, $salt); $query = "select * from users where email='{$email}';"; $users = $mapper->getCustomSelect($query); if (count($users) > 0) { $user = $users[0]; $salt = $user["salt"]; $key = $user["password"]; $hash = $this->_helper->utilities->create_hash($password, $salt); if ($key == $hash) { $values = array('email' => $email, 'password' => $key); if ($this->getRequest()->isPost()) { if ($this->_process($table_name, $values)) { $data["success"] = true; $data["message"] = "Authentication success"; $data["code"] = 0; $data["user"] = $user; } else { $data["success"] = false; $data["message"] = "Authentication failed: Invalid user id or password."; $data["code"] = -1; } } else { $data["success"] = false; $data["message"] = "Authentication failed: GET request detected."; $data["code"] = -2; } } else { $data["success"] = false; $data["message"] = "Authentication failed: Password does not match user id."; $data["code"] = -3; } } else { $data["success"] = false; $data["message"] = "Authentication failed: Could not find account associated with provided email [{$email}]."; $data["code"] = -4; } } catch (Exception $ex) { $data["success"] = false; $data["message"] = "Authentication failed: " . $ex->getMessage(); $data["code"] = $ex->getCode(); } $this->view->data = json_encode($data); $this->view->layout()->disableLayout(); }
public function mainAction() { $priority = $this->_getParam("priority"); $mapper = new Application_Model_TableMapper(); $data = array(); $query = "select * from ads "; $query .= "where priority = {$priority};"; //$query .= " "; //$query .= " "; //$query .= " "; $ads = $mapper->getCustomSelect($query); $data["ads"] = $ads; $this->view->data = json_encode($data); $this->view->layout()->disableLayout(); }
public function getAction() { $data = array(); $selects = array(); $id = $this->_getParam('id', 0); // addresses $query = "select concat(id, ':', description) as 'option' "; $query .= "from addresses "; $query .= "where location_id = {$id};"; $mapper = new Application_Model_TableMapper(); $addresses = $mapper->getCustomSelect($query); $selects["addresses"] = $this->_helper->utilities->arrayitize($addresses); $data["selects"] = $selects; $this->view->data = json_encode($data); $this->view->layout()->disableLayout(); }
public function getAction() { $data = array(); $auth = Zend_Auth::getInstance(); $user_id = 0; if ($auth->hasIdentity()) { $user_id = $id = $auth->getIdentity()->id; } $mapper = new Application_Model_TableMapper(); // user $query = "select a.* "; $query .= "from photos a "; $query .= "where a.user_id = {$user_id};"; $data["photos"] = $mapper->getCustomSelect($query); $path = "/users/{$user_id}/photos/"; $data["path"] = $path; $this->view->data = json_encode($data); $this->view->layout()->disableLayout(); }
public function getAction() { $user_id = 1; $id = $this->_getParam("id", 0); $mapper = new Application_Model_TableMapper(); $data = array(); $query = "select * "; $query .= "from groups "; $query .= "where id = {$id};"; $data["group"] = $mapper->getCustomSelect($query); $query = "select a.*, "; $query .= "(select first_name from users where id = a.user_id) as 'first_name', "; $query .= "(select last_name from users where id = a.user_id) as 'last_name', "; $query .= "(select skill from users where id = a.user_id) as 'skill', "; $query .= "(select experience from users where id = a.user_id) as 'experience', "; $query .= "(select type from users where id = a.user_id) as 'type' "; $query .= "from group_members a "; $query .= "where group_id = {$id};"; $data["members"] = $mapper->getCustomSelect($query); // friends $query = "select a.*, "; $query .= "(select first_name from users where id = a.friend_id) as 'first_name', "; $query .= "(select last_name from users where id = a.friend_id) as 'last_name', "; $query .= "(select email from users where id = a.friend_id) as 'email', "; $query .= "(select skill from users where id = a.friend_id) as 'skill', "; $query .= "(select experience from users where id = a.friend_id) as 'experience', "; $query .= "(select type from users where id = a.friend_id) as 'type', "; $query .= "(select guide from users where id = a.friend_id) as 'guide' "; $query .= "from\tfriends a "; $query .= "where user_id = {$user_id}; "; $data["friends"] = $mapper->getCustomSelect($query); // drop downs $selects = array(); $config = Zend_Registry::get('config'); // join $joinable = explode('|', $config->codes->joinable); $selects["joinable"] = $joinable; // lockable $locked = explode('|', $config->codes->rides->locked); $selects["locked"] = $locked; // public $public = explode('|', $config->codes->public); $selects["public"] = $public; // ride types $ridetypes = explode('|', $config->codes->rides->types); $selects["ridetypes"] = $ridetypes; // deputies $query = "select concat(b.user_id, ':', b.last_name, ', ', b.first_name) as 'option' "; $query .= "from "; $query .= "(select a.*, "; $query .= "(select first_name from users where id = a.user_id) as 'first_name', "; $query .= "(select last_name from users where id = a.user_id) as 'last_name', "; $query .= "(select skill from users where id = a.user_id) as 'skill' "; $query .= "from group_members a "; $query .= "where a.group_id = {$id}) b; "; $deputies = $mapper->getCustomSelect($query); $selects["deputies"] = $this->_helper->utilities->arrayitize($deputies); $data["selects"] = $selects; $this->view->data = json_encode($data); $this->view->layout()->disableLayout(); }
public function postAction() { $data = array(); try { $auth = Zend_Auth::getInstance(); $user_id = 0; if ($auth->hasIdentity()) { $user_id = $auth->getIdentity()->id; if ($this->getRequest()->isPost()) { $d = date('Y-m-d'); $name = $this->_getParam("name", ""); $description = $this->_getParam("description", ""); $owner = $this->_getParam("owner", ""); $group = $this->_getParam("group", ""); $location = $this->_getParam("location", ""); $address = $this->_getParam("address", ""); $date = $this->_getParam("date", ""); $time = $this->_getParam("time", ""); $status = $this->_getParam("status", ""); $join = $this->_getParam("join", ""); $tempo = $this->_getParam("tempo", ""); $drop = $this->_getParam("drop", ""); $public = $this->_getParam("public", ""); $mapper = new Application_Model_TableMapper(); $table_name = "rides"; $values = array("date_created" => $d, "last_updated" => $d, "active" => 1, "name" => $name, "description" => $description, "owner" => $user_id, "group_id" => $group, "location_id" => $location, "address_id" => $address, "date" => date('Y-m-d', strtotime($date)), "time" => $time, "status" => "ON TIME", "join" => $join, "tempo" => $tempo, "drop" => $drop, "public" => $public); $i = $mapper->insertItem($table_name, $values); $id = $mapper->getLastInsertId($table_name); if ($i > 0) { $failed_riders = array(); // add riders $query = "select * "; $query .= "from group_members "; $query .= "where group_id={$group}"; $group_members = $mapper->getCustomSelect($query); foreach ($group_members as $member) { $values = array("date_created" => $d, "last_updated" => $d, "active" => 1, "ride_id" => $id, "user_id" => $member["user_id"], "group_id" => $group, "rsvp" => 0, "status" => "ON TIME", "complete" => 0, "rating" => 0, "comment" => null); $j = $mapper->insertItem("riders", $values); if ($j <= 0) { array_push($failed_riders, $member["user_id"]); } } if (count($failed_riders) > 0) { $error = array(); $error["code"] = "105"; $error["message"] = "Failed to add riders: " . join($failed_riders, ","); $data["success"] = false; $data["message"] = "Some riders failed to be added to the ride: {$id}"; $data["code"] = 105; $data["error"] = $error; } else { $data["success"] = true; $data["message"] = "Ride added: {$id}"; $data["code"] = 0; } } else { $error = array(); $error["code"] = "104"; $error["message"] = "Ride could not be added."; $data["success"] = false; $data["message"] = "Ride could not be added."; $data["code"] = 104; $data["error"] = $error; } } else { $error = array(); $error["code"] = "102"; $error["message"] = "Possible security violation. Please check log(s)."; $data["success"] = false; $data["message"] = "Bad HTTP Request Type."; $data["code"] = 102; $data["error"] = $error; } } else { $error = array(); $error["code"] = "100"; $error["message"] = "User is not authenticated."; $data["success"] = false; $data["message"] = "Ride add fail."; $data["code"] = 102; $data["error"] = $error; } } catch (Exception $ex) { $error = array(); $error["code"] = "Code: " . $ex->getCode(); $error["message"] = "Exception: " . $ex->getMessage(); $data["success"] = false; $data["message"] = "Ride add exception."; $data["error"] = $error; } $this->view->data = json_encode($data); $this->view->layout()->disableLayout(); }