$SESSIONID = $_SESSION['SESSIONID'];
$USERNAME = $_SESSION['USERNAME'];
if (preg_match("/[^A-Za-z0-9\\_\\-\\.\\@\\,]/", $USERNAME)) {
respond("BADUSER", '', '', true);
}
if (preg_match("/[^A-fa-f0-9]/", $SESSIONID)) {
respond("BADSESSION", '', '', true);
}
// CONNECT TO THE DATABASE
$mysqli = new mysqli('cge', 'cgeclient', 'www', 'cge');
// CHECK CONNECTION
if (mysqli_connect_errno()) {
respond("Connect failed: %s\n", mysqli_connect_error(), '', '', true);
}
// VALIDATE USER AND EXTRACT UID => $status = ACCEPTED or REJECTED
list($status, $uid) = ValidateUser($mysqli, $USERNAME);
if ($status == "ACCEPTED") {
// GET ISOLATE MAP DATA FROM DATABASE
$stmt = $mysqli->prepare("SELECT i.name,\n m.country, m.city, m.collection_date, m.longitude, m.latitude\n FROM isolates i \n LEFT OUTER JOIN meta m ON i.id = m.id\n WHERE i.owner = ?\n ;");
$stmt->bind_param('s', $uid);
// EXECUTE AND GET RESULTS
$stmt->execute();
$stmt->bind_result($INAME, $MCOUNTRY, $MCITY, $MDATE, $MLON, $MLAT);
$stmt->bind_result($iid, $name, $country, $region, $city, $zip, $lon, $lat, $mdate, $origin, $pathogenicity);
// FETCH RESULTS
$DATA = array();
while ($stmt->fetch()) {
$isolat = array('id' => $iid, 'name' => $name, 'metadata' => array('country' => $country, 'region' => $region, 'city' => $city, 'zip' => $zip, 'date' => $mdate, 'longitude' => $lon, 'latitude' => $lat, 'origin' => $origin, 'pathogenicity' => $pathogenicity));
// ADD THE ISOLATE TO THE DATA OBJECT
$DATA[$iid] = $isolat;
}
respond("BADLAT", array('VALUE' => $lat), true);
}
if (preg_match("/[^01]/", $ipublic)) {
respond("BADPUBLIC", array('VALUE' => $ipublic), true);
}
if (!preg_match("/^(yes|no|unknown)\$/", $pathogenicity)) {
respond("BADPATHOGEN", array('VALUE' => $pathogenicity), true);
}
// CONNECT TO THE DATABASE
$mysqli = new mysqli('cge', 'cgeclient', 'www', 'cge');
// CHECK CONNECTION
if (mysqli_connect_errno()) {
respond("MYSQLERROR", array('MESSAGE' => "Connect failed: %s\n", mysqli_connect_error()), true);
}
// VALIDATE USER AND EXTRACT UID => $status = ACCEPTED or NOUSER or INVALIDSESSION
list($status, $uid) = ValidateUser($mysqli, $USERNAME, $SESSIONID);
// VERIFY ISOLATE ACCESS PERMISSIONS => $status = ACCEPTED or NOACCESS or NOISOLATE
if ($status == "ACCEPTED") {
list($status, $ifolder) = ValidateIsolateAccess($mysqli, $uid, $iid);
}
if ($status == "ACCEPTED") {
// UPDATE THE ISOLATE DETAILS
$stmt = $mysqli->prepare("UPDATE isolates i, meta m\n SET i.sample_name = ?,\n i.sequencing_platform = ?,\n i.public = ?,\n i.shared = '',\n m.country = ?,\n m.region = ?,\n m.city = ?,\n m.zip_code = ?,\n m.longitude = ?,\n m.latitude = ?,\n m.location_note = ?,\n m.collection_date = ?,\n m.isolation_source = ?,\n m.source_note = ?,\n m.pathogenic = ?,\n m.pathogenicity_note = ?,\n m.notes = ?\n WHERE m.id = i.id\n AND i.id = ?\n AND i.owner = ?\n ;");
$stmt->bind_param('ssssssssssssssssss', $name, $technology, $ipublic, $country, $region, $city, $zip, $lon, $lat, $lnote, $mdate, $origin, $onote, $pathogenicity, $pnote, $note, $iid, $uid);
// EXECUTE AND CLOSE STATEMENT
$stmt->execute();
$stmt->close();
if ($mysqli->error) {
respond("MYSQLERROR", array('MESSAGE' => $mysqli->error));
} else {
// RESPOND WITH SUCCES
}
// Соединиться с базой данных
dbconnect($db_host, $db_user, $db_pass, $db_name);
dbquery("SET NAMES 'utf8';");
dbquery("SET CHARACTER SET 'utf8';");
dbquery("SET SESSION collation_connection = 'utf8_general_ci';");
require_once "loca.php";
require_once "bbcode.php";
require_once "uni.php";
require_once "prod.php";
require_once "planet.php";
require_once "user.php";
require_once "msg.php";
require_once "notes.php";
require_once "queue.php";
require_once "page.php";
require_once "ally.php";
require_once "unit.php";
require_once "fleet.php";
require_once "battle.php";
require_once "debug.php";
function RedirectHome()
{
global $StartPage;
echo "<html><head><meta http-equiv='refresh' content='0;url={$StartPage}' /></head><body></body>";
}
if (key_exists("ack", $_GET)) {
ValidateUser($_GET['ack']);
} else {
RedirectHome();
}
