public function connect($serverInfo) { $hostname = $serverInfo['hostname']; $instance = $serverInfo['instance']; $username = $serverInfo['username']; $password = $serverInfo['password']; //if(!self::$_connectSource) { //if(!$_connectSource) { $server = $hostname . "/" . $instance; //echo $server;die(); //self::$_connectSource = oci_connect($username,$password,$server); $_connectSource = oci_connect($username, $password, $server); //if(!self::$_connectSource) { if (!$_connectSource) { Response::show(101, "Database connect error, please start your listener and instance"); } //} return $_connectSource; }
public function getOriginPhoto($connect, $originID, $hostName) { $hostName = 'http://' . $hostName; $goSql = "SELECT PATH, LOCAL_NAME FROM PHOTO WHERE VALID=1 AND PHOTO_ID='{$originID}'"; $stGo = oci_parse($connect, $goSql); if (!oci_execute($stGo)) { Response::show(1401, 'Image_Information: query database by origin photo id error'); } $photoAddr = ''; if ($goRow = oci_fetch_array($stGo, OCI_BOTH)) { //var_dump($goRow); $localname = $goRow['LOCAL_NAME']; $path = $goRow['PATH']; $photoAddr = $this->getPhotoAddr($hostName, $path, $localname); $resData = array('photoURL' => $photoAddr); Response::show(1400, 'Get origin photo successful', $resData); } // Photo do not exist Response::show(1402, 'No such photo in database'); }
public function getUserBasicInfo($connect, $userInfo) { // global variable $resData = array(); // get user's login information //// login by loginid&password OR token $loginid = $userInfo['loginid']; $password = $userInfo['password']; $token = $userInfo['token']; // Get basic information if (!empty($loginid) && !empty($password)) { $basicsql = "SELECT LOGIN_NAME, USER_NAME, EMAIL, CELLPHONE, ICARD_ID, to_char(CREATE_TIME,'yyyy-mm-dd hh24:mi:ss') AS CREATE_TIME, to_char(MODIFY_TIME,'yyyy-mm-dd hh24:mi:ss') AS MODIFY_TIME FROM APP_USER WHERE LOGIN_NAME='{$loginid}' OR EMAIL='{$loginid}' OR CELLPHONE='{$loginid}' AND PASSWORD='******'"; } elseif (!empty($token)) { $basicsql = "SELECT LOGIN_NAME, USER_NAME, EMAIL, CELLPHONE, ICARD_ID, to_char(CREATE_TIME,'yyyy-mm-dd hh24:mi:ss') AS CREATE_TIME, to_char(MODIFY_TIME,'yyyy-mm-dd hh24:mi:ss') AS MODIFY_TIME FROM APP_USER WHERE TOKEN='{$token}'"; } else { // user should post loginid&password OR token Response::show(104, "UserInformation-getBasicInfo: No loginid&password OR token is specified"); } //$basicsql = "SELECT LOGIN_NAME, USER_NAME, EMAIL, ICARD_ID, to_char(CREATE_TIME,'yyyy-mm-dd hh24:mi:ss') AS CREATE_TIME, to_char(MODIFY_TIME,'yyyy-mm-dd hh24:mi:ss') AS MODIFY_TIME FROM APP_USER WHERE LOGIN_NAME='{$loginid}' OR EMAIL='{$loginid}' OR CELLPHONE='{$loginid}'"; // parse $stbs = oci_parse($connect, $basicsql); // Execute if (!oci_execute($stbs)) { Response::show(102, "UserInfo-getBasicInfo: query database error"); } // Get data if ($bsRow = oci_fetch_array($stbs, OCI_BOTH)) { $resData['loginname'] = isset($bsRow['LOGIN_NAME']) ? $bsRow['LOGIN_NAME'] : ''; $resData['username'] = isset($bsRow['USER_NAME']) ? $bsRow['USER_NAME'] : ''; $resData['email'] = isset($bsRow['EMAIL']) ? $bsRow['EMAIL'] : ''; $resData['cellphone'] = isset($bsRow['CELLPHONE']) ? $bsRow['CELLPHONE'] : ''; $resData['idnumber'] = isset($bsRow['ICARD_ID']) ? $bsRow['ICARD_ID'] : ''; $resData['createtime'] = isset($bsRow['CREATE_TIME']) ? $bsRow['CREATE_TIME'] : ''; $resData['modifytime'] = isset($bsRow['MODIFY_TIME']) ? $bsRow['MODIFY_TIME'] : ''; // Response data to client Response::show(100, "UserInfo-getBasicInfo: Get user's information successful", $resData); } else { Response::show(103, "UerInformation-getBasicInfo: Wrong loginid&password OR token"); } }
public function uploadFile($params, $connect, $savePath = 'uploads', $checkFlag = true, $allowExt = array('jpg', 'jpeg', 'png', 'gif', 'bmp'), $maxSize = 52428800) { // check whether storage folder is exist if (!file_exists($savePath)) { mkdir($savePath, 0777, true); chmod($savePath, 0777); } // check error $this->processErr($params, $checkFlag, $allowExt, $maxSize); // formate data of params for insert $username = '******' . $params['username'] . '"'; $originname = '"' . $params['filename'] . '"'; $filetmpname = '"' . $params['filetmpname'] . '"'; $filetype = '"' . $params['filetype'] . '"'; $filesize = '"' . $params['filesize'] . '"'; $description = '"' . "this is description" . '"'; // ensure imageid and file local name is unique $imageid = '"' . $params['username'] . date('Y/m/d-H:i:s') . 'R' . rand() . $params['filename'] . '"'; $localname = '"' . $params['username'] . date('YmdHis') . 'R' . rand() . $params['filename'] . '"'; // get real path $realSavePath = realpath($savePath); // for database value $filepath = '"' . $realSavePath . '/' . trim($localname, '"') . '"'; $fileerror = $params['fileerror']; $field = "imageid, originname, localname, type, path, size, description"; $value = $imageid . ',' . $originname . ',' . $localname . ',' . $filetype . ',' . $filepath . ',' . $filesize . ',' . $description; // query sentance $insert_sql = 'insert into file (' . $field . ') values (' . $value . ')'; // generate destination $destination = $realSavePath . '/' . trim($localname, '"'); if (move_uploaded_file($params['filetmpname'], $destination)) { if (!($result = mysql_query($insert_sql, $connect))) { // query error occur Response::show(501, 'File_Upload: query database by name error'); } // upload OK Response::show(700, 'File uploaded successful'); } else { // move_uploaded_file error occur Response::show(711, 'File storage failure'); } }
public function checkSecurityCode($connect, $userid) { // check sql $checksql = "SELECT SECURITY_CODE, EXPIRATION_TIME FROM SECURITY_CODE WHERE USER_ID='{$userid}'"; // parse $stcs = oci_parse($connect, $checksql); // execute if (!oci_execute($stcs)) { Response::show(1322, 'User_Modify-checkUserID: query database error'); } if ($csrow = oci_fetch_array($stcs, OCI_BOTH)) { } else { // insert security code into database } }
public function deleteComplaint($connect, $userInfo) { //get complaintID from userInfo $complaintID = $userInfo['complaintid']; if (!empty($complaintID)) { // update database and set valid column equals to 0 $update_sql = "UPDATE COMPLAINT SET VALID=0 WHERE COMPLAINT_ID='{$complaintID}'"; // parse $dcid = oci_parse($connect, $update_sql); // execute if (!oci_execute($dcid)) { Response::show(805, 'User_Complaint-deleteComplaint: Query database error'); //echo 'db'; //return false; } return true; } else { // complaintid is illegal //echo 'string'; return false; } }
function register($userInfo, $connect) { if (!self::itemExist($userInfo, $connect)) { // system data $userid = md5(uniqid(microtime(true), true)); $valid = 1; // 1 represent effective $createtime = date('Y-m-d H:i:s'); $modifytime = date('Y-m-d H:i:s'); // format user information $loginname = $userInfo['loginname']; $name = $userInfo['name']; $email = $userInfo['email']; $cellphone = $userInfo['cellphone']; $note = $userInfo['note']; $password = $userInfo['password']; $icardid = $userInfo['icardid']; if (empty($password)) { Response::show(506, "Password is invalid"); //return false; } // generate token $token = md5(uniqid(microtime(true), true)); $insertsql = "insert into APP_USER(USER_ID,LOGIN_NAME,USER_NAME,EMAIL,CELLPHONE,ICARD_ID,NOTE,VALID,PASSWORD,TOKEN,CREATE_TIME,MODIFY_TIME) values('{$userid}','{$loginname}','{$name}','{$email}','{$cellphone}','{$icardid}','{$note}',{$valid},'{$password}','{$token}',to_date('{$createtime}','yyyy-mm-dd hh24:mi:ss'),to_date('{$modifytime}','yyyy-mm-dd hh24:mi:ss'))"; // parse sql $stid = oci_parse($connect, $insertsql); // execute sql if (!oci_execute($stid)) { Response::show(502, 'Mobile_Register-Register: inset into database error'); } else { // response token to client $responseData = array('token' => $token); Response::show(500, 'Mobile_Register: register successful', $responseData); } } }
public function login($userInfo, $connect) { // check password if (isset($userInfo['password'])) { if ($userInfo['password'] != '') { if ($userid = $this->checkPassword($userInfo, $connect)) { //echo $userid; // TODO // update token and repsonse to client $token = $this->generateToken($userInfo, $connect); $responseData = array('token' => $token); //Response::show(401,'Mobile_Login: login successful by password',$responseData); //return 2; //echo 'pwd'; return $userid; } else { Response::show(403, 'Mobile_Login: wrong password'); //return false; } } } // check token if (isset($userInfo['token'])) { if ($userInfo['token'] != '') { if ($userid = $this->checkToken($userInfo, $connect)) { // response OK message to client //Response::show(400,'Mobile_Login: login successful by token'); //return 1; return $userid; } else { // token is out of date Response::show(402, 'Mobile_Login: token is out of date'); //return false; } } } Response::show(404, 'Mobile_Login: lack of password or token'); }
public function changePwdBySecurityCode($connect, $userInfo) { // Get parameters from user //$loginid = $userInfo['loginid']; $email = $userInfo['email']; $securitycode = $userInfo['securitycode']; $newpassword = $userInfo['newpassword']; $sn = $userInfo['sn']; $timestamp = $userInfo['timestamp']; // expiration time equals to timestamp $expirationtime = $timestamp; if (empty($email) || empty($securitycode) || empty($newpassword) || empty($sn) || empty($timestamp)) { Response::show(1129, 'User_ForgotPWD-ChangePwdBySecurityCode: email, securitycode, newpassword, sn, timestamp can not be empty'); } if (empty($email) || empty($securitycode) || empty($newpassword) || empty($sn)) { Response::show(1129, "Email, securitycode, newpassword and sn can not be empty"); } // verify serial number(sn) // seed for encription //$seed = $email.$securitycode.$timestamp; //$seed = $this->generateSeed($userInfo); $seed = $this->generateSeed($email, $securitycode, $timestamp); // Generate serail number $newsn = sha1(md5($seed)); // Get current time and expiration time $currenttime = date('Y-m-d H:i:s'); // Compare time stamp $expirationsec = strtotime($expirationtime); $currentsec = strtotime($currenttime); if ($expirationsec > $currentsec) { // valid if ($sn == $newsn) { // compare sn // valid sn and security code, then modify password //$updatePwd = "UPDATE APP_USER SET PASSWORD='******' WHERE LOGIN_NAME='{$loginid}' OR EMAIL='{$loginid}' OR CELLPHONE='{$loginid}'"; $updatePwd = "UPDATE APP_USER SET PASSWORD='******' WHERE EMAIL='{$email}'"; // parse $stup = oci_parse($connect, $updatePwd); // execute if (!oci_execute($stup)) { // TODO Response::show(1126, 'User_ForgotPWD-ChangePwdBySecurityCode: query database error'); } else { // Invalid security code $this->invalidSecurityCode($connect, $userInfo); // response success message Response::show(1100, 'User_ForgotPWD-ChangePwdBySecurityCode: User password modified successful'); } } else { // invalid security code Response::show(1128, 'User_ForgotPWD-ChangePwdBySecurityCode:Invlid security code'); } } else { // security code is out of date Response::show(1131, 'User_ForgotPWD-ChangePwdBySecurityCode: security code is out of date'); } }
/** * 检测目录不存在则创建 */ protected function checkUploadPath() { if (!file_exists($this->uploadPath)) { if (!mkdir($this->uploadPath, 0777, true)) { Response::show(715, 'Upload path created failure'); } chmod($this->uploadPath, 0777); } }
break; case 'GetCountryVersion': $cv = new BusInformation(); $countryID = $userDataSet['countryid']; $countryVersionNum = $cv->getCountryVersion($mobileConnect, $countryID); Response::show(1500, 'Get country version number successful', $countryVersionNum); break; case 'GetCityVersion': $cv = new BusInformation(); $cityID = $userDataSet['cityid']; $cityVersionNum = $cv->getCityVersion($mobileConnect, $cityID); Response::show(1600, 'Get city version number successful', $cityVersionNum); break; case 'GetCityInformation': $cv = new BusInformation(); //$cityID = $userDataSet['cityid']; $cityInformation = $cv->getCityInformation($mobileConnect); Response::show(1700, 'Get city list successful', $cityInformation); break; case 'GetBusLineInformation': $cv = new BusInformation(); $cityID = $userDataSet['cityid']; $busLineInformation = $cv->getBusLineInformation($mobileConnect, $cityID); Response::show(1800, 'Get city list successful', $busLineInformation); break; default: // no action matches //$data = array('code' => 0, 'msg' => 'No action spacified'); Response::show(20, "Default Message: No action specified"); break; }