<?php require "utils.php"; try { $proAuthID = htmlspecialchars($_POST['proAuthID']); connectDB(); if (!isAuthenticate($proAuthID)) { $response["success"] = -1; $response["message"] = '401 - Unauthorized'; echo json_encode($response); return; } $authEmail = htmlspecialchars($_POST['authEmail']); $authName = htmlspecialchars($_POST['authName']); $proName = htmlspecialchars($_POST['proName']); $conName = htmlspecialchars($_POST['conName']); $conEmail = htmlspecialchars($_POST['conEmail']); $subject = "A new response from SMEP"; $msg = "Dear {$authName} \n\nA response has been submitted to your {$proName} experience by {$conName}. Please sign into SLAT with your Dropbox account at http://wraydisplay.lancs.ac.uk/sharcauthoringV1_20 to moderate the response. Once you have logged in, please go to menu Response -> Moderate new responses \n\nPlease do not reply to this automatic email. You can contact us at thesharcproject@gmail.com.\n\nThank you.\n\nThe SHARC project team."; $headers = "From: SHARC-Authoring-Tool" . "\r\n" . "CC: thesharcproject@gmail.com"; // use wordwrap() if lines are longer than 70 characters //$msg = wordwrap($msg,70); mail($authEmail, $subject, $msg, $headers); $msg = "Dear {$conName} \n\nYour response to the {$proName} experience has been submitted and is waiting for moderation. We will notify you the outcome once the moderator has made a decision.\n\nPlease do not reply to this automatic email. You can contact us at thesharcproject@gmail.com.\n\nThank you.\n\nThe SHARC project team."; $headers = "From: SMET" . "\r\n" . "CC: thesharcproject@gmail.com"; mail($conEmail, $subject, $msg, $headers); } catch (Exception $e) { echo 'Caught exception: ', $e->getMessage(), "\n"; }
<?php require "utils.php"; connectDB(); // Get user info $userID = htmlspecialchars($_POST['userID']); $projectID = htmlspecialchars($_POST['projectID']); $mTime = date('d-m-Y H:i:s'); try { if (!isAuthenticate($userID)) { $response["success"] = -1; $response["message"] = '401 - Unauthorized'; echo json_encode($response); return; } $result = mysql_query("select * from usersProjects where userID = '{$userID}' and projectID = '{$projectID}' "); // Check result // This shows the actual query sent to MySQL, and the error. Useful for debugging. if (!$result) { $message = 'Invalid query: ' . mysql_error() . "\n"; die($message); } else { // check for empty result --> add new user - project if (mysql_num_rows($result) == 0) { mysql_query("insert into usersProjects (userID,projectID,consumedDate) values('{$userID}','{$projectID}','{$mTime}')"); //echo "New user added"; } else { //Update time only mysql_query("update usersProjects set consumedDate = '{$mTime}' where userID = '{$userID}' and projectID = '{$projectID}' "); //echo "User already existed"; }
<?php require "utils.php"; try { //Get data from client $myLat = htmlspecialchars($_POST['lat']); $myLng = htmlspecialchars($_POST['lng']); $locationID = htmlspecialchars($_POST['locationID']); //Insert meta data into with MySQL connectDB(); if (!isAuthenticate($locationID)) { $response["success"] = -1; $response["message"] = '401 - Unauthorized'; echo json_encode($response); return; } $result = mysql_query("select * from MockLocation where LocationID = {$locationID}"); // Check result if (!$result) { $message = 'Invalid query: ' . mysql_error() . "\n"; die($message); } else { // check for empty result --> add new simulator if (mysql_num_rows($result) == 0) { mysql_query("insert into MockLocation (LocationID,lat,lng) values({$locationID},{$myLat},{$myLng})"); //echo "New user added"; } else { mysql_query("update MockLocation SET lat = {$myLat}, lng = {$myLng} WHERE LocationID = {$locationID}"); } } } catch (Exception $e) {
require "utils.php"; connectDB(); // Get user info $auID = htmlspecialchars($_POST['auID']); $auName = htmlspecialchars($_POST['auName']); $auEmail = htmlspecialchars($_POST['auEmail']); $mTime = date('d-m-Y H:i:s'); //get experience info $proName = htmlspecialchars($_POST['proName']); $proPath = htmlspecialchars($_POST['proPath']); $proDesc = htmlspecialchars($_POST['proDesc']); $proAuthID = htmlspecialchars($_POST['proAuthID']); $proAccess = htmlspecialchars($_POST['proAccess']); try { if (!isAuthenticate($auID)) { $response["success"] = -1; $response["message"] = '401 - Unauthorized'; echo json_encode($response); return; } if (!isAuthorised($auID, $proPath)) { $response["success"] = -1; $response["message"] = '403 - Forbidden'; echo json_encode($response); return; } $result = mysql_query("select * from users where userID = '{$auID}'"); // Check result // This shows the actual query sent to MySQL, and the error. Useful for debugging. if (!$result) {
<?php require "utils.php"; connectDB(); try { $inFile = $_POST['fileName']; //id of designer actually if (!isAuthenticate($inFile)) { $response["success"] = -1; $response["message"] = '401 - Unauthorized'; echo json_encode($response); return; } $imageURI = htmlspecialchars($_POST['imageData']); $encodedData = substr($imageURI, strpos($imageURI, ",") + 1); $encodedData = str_replace(' ', '+', $encodedData); $decodedData = base64_decode($encodedData); $inFile = $inFile . ".jpg"; $outFile = 'data/' . $inFile; $ret = file_put_contents($outFile, $decodedData); if (!$ret) { $response["data"] = 'Could not write to file: ' . error_get_last(); $response["success"] = 0; } else { $response["data"] = $inFile; $response["success"] = 1; } } catch (Exception $e) { $response["data"] = 'Caught exception: ' . $e->getMessage(); $response["success"] = 0; }