function sql($table)
{
global $dbh;
global $database;
$data = array();
foreach ($database[$table] as $field => $type) {
if (!empty($_REQUEST[$field])) {
$data[$field] = $_REQUEST[$field];
} else {
if (!empty($type[1])) {
returnError("{$field} is required");
exit;
}
}
}
$sql = 'insert into ' . $table . ' (';
foreach ($data as $name => $value) {
$sql .= '`' . $name . '`,';
}
$sql = substr($sql, 0, -1);
$sql .= ') values (';
foreach ($data as $name => $value) {
$sql .= ':' . $name . ',';
}
$sql = substr($sql, 0, -1);
$sql .= ')';
$sth = $dbh->prepare($sql);
$sth->execute($data);
echo $sql;
}
function API_checkRequiredFields($requiredFields)
{
// Globale Variablen einbinden
global $apiResponseHeader;
$error = false;
$errorFields = '';
$requestParams = array();
$requestParams = $_REQUEST;
// PUT-Methode abfangen
if ($_SERVER['REQUEST_METHOD'] == 'PUT') {
$api_internal = \Slim\Slim::getInstance();
parse_str($app->request()->getBody(), $requestParams);
}
// Paramenter prüfen
foreach ($requiredFields as $field) {
if (!isset($requestParams[$field]) || strlen(trim($requestParams[$field])) <= 0) {
$error = true;
$errorFields .= $field . ', ';
}
}
// Fehler ausgeben
if ($error) {
$api_internal = \Slim\Slim::getInstance();
// API Ausgabe erzeugen
$errorMsg = returnError('E0002', 'API-Internal-CheckFields');
$apiResponseHeader['error'] = true;
$apiResponseHeader['code'] = $errorMsg['code'];
$apiResponseHeader['message'] = $errorMsg['message'] . ' (' . substr($errorFields, 0, -2) . ')';
API_Response(200, '');
// Ausführung anhalten
$api_internal->stop();
}
}
public function call()
{
// Check if the user is logged in to your oauth system.
if (false) {
returnError("You must be logged into to use the API", 401, "user_not_logged_in");
return;
}
// this line is required for the application to proceed
$this->next->call();
}
public function write($id, $data)
{
if ($data == null) {
return true;
}
$db = new database();
$db->query("INSERT INTO tbl_session\n SET session_id = :id,\n session_data = :data\n ON DUPLICATE KEY UPDATE session_data = :data");
$db->bind(':id', $id);
$db->bind(':data', $data);
try {
$db->execute();
} catch (Exception $e) {
return returnError("Database error: " . $e->getMessage());
}
}
public static function getUser($db)
{
$userName = $_SESSION['user_name'];
// Check for existing user
$getUserQuery = "SELECT user_id, user_name, name, avatar FROM user WHERE user_name = :userName";
$statement = $db->prepare($getUserQuery);
$statement->execute(array(":userName" => $userName));
$results = $statement->fetch(PDO::FETCH_OBJ);
if (!$results) {
returnError("User is not in the system.", 401, 'user_not_added');
return;
}
$results->user_id = intval($results->user_id);
return $results;
}
function errorHandler($errorNum, $errorStr, $errorFile, $errorLine)
{
$errorMsg = "Error {$errorNum}: {$errorStr} in {$errorFile}, line {$errorLine}.";
$GLOBALS['swxLastErrorMessage'] = $errorMsg;
// Display the error message in the PHP error log
error_log($errorMsg);
$errorObj = array('error' => TRUE, 'code' => $errorNum, 'message' => $errorMsg);
//if ($errorNum == E_ERROR || $errorNum == E_WARNING || $errorNum = E_USER_ERROR)
// Error num check replaced by code from http://drupal.org/node/11772#comment-18383.
// This stops PHP5 strict errors from failing a call (e.g., deprecated calls, etc.)
//if (($errorNum & (E_ALL & E_STRICT) ^ (E_NOTICE & E_STRICT)) || $errorNum = E_USER_ERROR)
if ($errorNum != E_STRICT && $errorNum != E_NOTICE) {
// On errors and warnings, stop execution and return the
// error message to the client. This is a far better
// alternative to failing silently.
returnError($errorObj);
}
}
function login($email, $password, $mysqli)
{
if ($stmt = $mysqli->prepare("SELECT user_id, user_firstname, user_lastname, user_username, user_email, user_password, user_salt FROM users WHERE user_username = ? OR user_email = ?")) {
$stmt->bind_param('ss', $email, $email);
// Bind "$email" to parameter.
$stmt->execute();
// Führe die vorbereitete Anfrage aus.
$stmt->store_result();
// hole Variablen von result.
$stmt->bind_result($user_id, $user_firstname, $user_lastname, $user_username, $user_email, $db_password, $salt);
$stmt->fetch();
// hash das Passwort mit dem eindeutigen salt.
$password = hash('sha512', $password . $salt);
if ($stmt->num_rows == 1) {
// Überprüfe, ob das Passwort in der Datenbank mit dem vom
// Benutzer angegebenen übereinstimmt.
if ($db_password == $password) {
$user_browser = $_SERVER['HTTP_USER_AGENT'];
// Login erfolgreich.
$login_string = hash('sha512', $password . $user_browser);
$SQLquery = "UPDATE users ";
$SQLquery .= "SET user_login_string = ? ";
$SQLquery .= "WHERE user_id = ? ";
if ($insert_stmt = $mysqli->prepare($SQLquery)) {
$insert_stmt->bind_param('ss', $login_string, $user_id);
if (!$insert_stmt->execute()) {
returnError("pL-0");
} else {
return $login_string;
}
}
} else {
// Passwort ist nicht korrekt
return false;
}
} else {
//Es gibt keinen Benutzer.
return false;
}
}
}
function taskBot()
{
global $db;
$req = $db->prepare("SELECT * FROM Exports\n\t\t\tJOIN Formats ON ID_Format = ID_Format_Export\n\t\t\tWHERE Running_Export = 1");
DBQuery($req, array());
foreach ($req->fetchAll() as $d) {
$statusfile = file("export/" . $d["Name_Export"] . "-status.txt", FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES);
if ($statusfile[count($statusfile) - 1] == "Blender quit") {
// Export finished
$name = uniqid("o") . "." . $d["Extension_Format"];
$db->beginTransaction();
$req = $db->prepare("INSERT INTO Outputs(ID_Export_Output, File_Output, DateCreate_Output)\n\t\t\t\t\tVALUES (:export, :name, NOW())");
DBQuery($req, array("export" => $d["ID_Export"], "name" => $name));
$req = $db->prepare("UPDATE Exports SET Running_Export = 0 WHERE ID_Export = :export");
DBQuery($req, array("export" => $d["ID_Export"]));
if (!copy("export/" . $d["Name_Export"] . "." . $d["Extension_Format"], "output/" . $name)) {
returnError("Erreur lors de la copie");
}
$db->commit();
}
}
}
}
include_once '../includes/functions.php';
include_once '../includes/db_connect.php';
$SQLQuery = " SELECT ";
$SQLQuery .= " library_id, ";
$SQLQuery .= " library_name, ";
$SQLQuery .= " library_path, ";
$SQLQuery .= " library_private, ";
$SQLQuery .= " library_type ";
$SQLQuery .= " FROM ";
$SQLQuery .= " libraries; ";
if ($stmt = $mysqli->prepare($SQLQuery)) {
$stmt->execute();
// Führe die vorbereitete Anfrage aus.
$stmt->store_result();
// hole Variablen von result.
$stmt->bind_result($library_id, $library_name, $library_path, $library_private, $library_type);
$arrReturn = array();
$i = 0;
while ($stmt->fetch()) {
$arrReturn[$i]["id"] = $library_id;
$arrReturn[$i]["name"] = $library_name;
$arrReturn[$i]["path"] = $library_path;
$arrReturn[$i]["type"] = $library_type;
$arrReturn[$i]["private"] = $library_private;
$i++;
}
echo json_encode($arrReturn);
} else {
returnError($mysqli->error);
}
if (!$link) {
returnError(mysql_error($link));
}
if (!mysql_select_db($DATABASE, $link)) {
returnError(mysql_error($link));
}
foreach ($_POST as $key => $value) {
$args[$key] = mysql_real_escape_string($value);
}
if (!array_key_exists('title', $args) || !$args['title']) {
returnError('Must provide a primary key.');
}
$query = "SELECT * FROM {$TABLE} WHERE `title`='{$args['title']}'";
$result = mysql_query($query, $link);
if (!$result) {
returnError(mysql_error($link));
}
if (mysql_num_rows($result) > 0) {
// item exists, update
foreach (array('uri', 'date', 'done') as $value) {
if (array_key_exists($value, $args)) {
$tmp[] = sprintf('%s=\'%s\'', $value, $args[$value]);
}
}
$tmp = implode(',', $tmp);
if ($tmp) {
$query = "UPDATE {$TABLE} SET {$tmp} WHERE title='{$args['title']}'";
$result = mysql_query($query, $link);
}
} else {
// new item, insert
// Generate a random salt
$random_salt = hash('sha512', uniqid(openssl_random_pseudo_bytes(16), TRUE));
// Create a password with the new password hash and the salt
$password = hash('sha512', $new_password . $random_salt);
// Update the users password and salt in the database
$SQLquery = "UPDATE users SET ";
$SQLquery .= "user_password = ?, user_salt = ? ";
$SQLquery .= "WHERE user_id = ?";
if ($update_stmt = $mysqli->prepare($SQLquery)) {
$update_stmt->bind_param('sss', $password, $random_salt, $user_id);
if (!$update_stmt->execute()) {
returnError("cP-3");
} else {
echo "true";
}
} else {
returnError("cP-3");
}
} else {
// Passwort ist nicht korrekt
returnError("cP-2");
}
} else {
//Es gibt keinen Benutzer.
returnError("cP-1");
}
}
} else {
// Die korrekten POST-Variablen wurden nicht zu dieser Seite geschickt.
returnError("cP-0");
}
}
if (!$walls) {
returnError("这里暂时没有墙。");
return;
}
$ret = array();
while (list($key, $value) = each($walls)) {
if (intval($key) > $limit) {
break;
}
$info = WaWall::GetWallInfo($value['wall_id']);
if (!$info) {
continue;
}
$wall = array();
$wall['wall_id'] = $info['wall_id'];
$wall['wall_name'] = $info['wall_name'];
$wall['wall_desc'] = $info['wall_desc'];
$userInfo = WaUser::GetUserInfo($info['wall_creator']);
if ($userInfo) {
$wall['wall_creatorname'] = $userInfo['user_name'];
}
$wall['wall_type'] = $info['wall_type'];
$wall['wall_usercount'] = $info['wall_usercount'];
array_push($ret, $wall);
}
if ($ret) {
echo json_encode($ret);
} else {
returnError('暂无。');
}
$SQLquery .= "VALUES (?, ?, ?, ?, ?, ?, ?, '0', ? , ?, now())";
if ($insert_stmt = $mysqli->prepare($SQLquery)) {
$insert_stmt->bind_param('sssssssss', $project_Id, $project_Title, $project_HTML, $project_CSS, $project_JS, $project_Tags, $project_Description, $arrResult[0]["version"], $project_Owner);
if (!$insert_stmt->execute()) {
returnError("Das Projekt konnte nicht in der Datenbank gespeichert werden.");
} else {
if (isset($_POST['projectLibraries'])) {
$project_newID = $mysqli->insert_id;
$project_libraries = $_POST['projectLibraries'];
$error = false;
foreach ($project_libraries as $key => $val) {
if ($library_stmt = $mysqli->prepare("INSERT INTO project_has_library (project_id, library_id) VALUES(?, ?)")) {
$library_stmt->bind_param('ss', $project_newID, $val);
if (!$library_stmt->execute()) {
$error = true;
}
}
}
if (!$error) {
echo "true";
} else {
returnError("Es konnten nicht alle Bibliotheken mit dem Projekt verknüpft werden.");
}
} else {
echo "true";
}
}
} else {
returnError("Das Projekt konnte nicht in der Datenbank gespeichert werden.");
}
}
function executeDbQuery($db, $query, $device, $reading, $timeRange, $maxCount)
{
try {
$stmt = $db->prepare($query);
$stmt->bindValue(':device', $device, PDO::PARAM_STR);
$stmt->bindValue(':reading', $reading, PDO::PARAM_STR);
// Check if request is initial request or update
if (!isset($_POST['update'])) {
$stmt->bindValue(':timeRange', $timeRange);
}
$stmt->bindValue(':count', $maxCount);
$stmt->execute();
} catch (PDOException $pe) {
returnError($pe->getMessage());
}
return $stmt;
}
if ($stmt = $mysqli->prepare("SELECT user_email FROM users WHERE user_email = ?")) {
$stmt->bind_param('s', $changed_value);
$stmt->execute();
// Führe die vorbereitete Anfrage aus.
$stmt->store_result();
if ($stmt->num_rows > 0) {
//check if username is used already
returnError("Username bereits vergeben");
} else {
if ($updatestmt = $mysqli->prepare("UPDATE users SET user_email = ? WHERE user_login_string = ?")) {
$updatestmt->bind_param('ss', $changed_value, $client_login_string);
if ($updatestmt->execute()) {
echo "true";
}
} else {
returnError("E-Mail Adresse konnte nicht aktualisiert werden.");
}
}
} else {
returnError("Email konnte nicht geprüft werden!");
}
break;
case "profilepic":
if ($stmt = $mysqli->prepare("UPDATE users SET user_firstname = ? WHERE user_login_string = ?")) {
$stmt->bind_param('ss', $changed_value, $client_login_string);
echo "profilepic";
} else {
returnError("Profilbild konnte nicht gespeichert werden!");
}
break;
}
// +------------------------------------------------+
$modelName = str_replace("boats/", "", $_GET['b']);
// GET BASIC INFO ON CURRENT BOAT MODEL
$getModel = mysql_query("SELECT * FROM boatmodels WHERE boatname ='{$modelName}'");
$model = mysql_fetch_assoc($getModel);
// +------------------------------------------------+
// | CHECK IF BOAT MODEL EXISTS
// +------------------------------------------------+
// BOAT MODEL DOES NOT EXISTS - RETURN ERROR
if (mysql_num_rows($getModel) == 0) {
?>
<div class="m-content">
<div class="m-error-container">
<?php
returnError("Sorry, the page you're looking for doesn't exist.");
?>
<a class="animate2 border3 m-button-large" href="../boats">View Boat Models</a>
</div>
</div>
<?php
} else {
// BOAT MODEL EXISTS - CONTINUE
// GET CURRENT BOAT MODEL SLIDES
$getSlide = mysql_query("SELECT * FROM slides WHERE slidetype = '{$modelName}' LIMIT 1");
$slide = mysql_fetch_assoc($getSlide);
$slideimg = str_replace("imgs/slides/boats/", "", $slide['slideimg']);
// GET CURRENT BOAT MODEL OVERVIEW
$getOverview = mysql_query("SELECT * FROM boatoverview WHERE contenttype = 'text' AND boatid = '" . $model['boatid'] . "'");
$overview = mysql_fetch_assoc($getOverview);
if (empty($studentName)) {
returnError($output, 'Invalid student name');
}
$studentCourse = filter_var($_POST['course'], FILTER_VALIDATE_REGEXP, ['options' => ['regexp' => '/[\\w -]+$/']]);
if (empty($studentCourse)) {
returnError($output, 'Invalid course');
}
$studentGrade = filter_var($_POST['grade'], FILTER_VALIDATE_REGEXP, ['options' => ['regexp' => '/^(?:100(?:\\.(?:0))?|[0-9]{1,2}(?:\\.(?:[0-9])?)?)$/']]);
if (empty($studentGrade)) {
returnError($output, 'Invalid student grade');
}
// Get rows from database that match api_key
$response = preparedStatement($conn, 'SELECT id, insert_own FROM user_table WHERE api_key=(?)', ['s', $apiKey], ['userId', 'insertOwn']);
if (empty($response['success'])) {
returnError($output, $response['error_msg']);
}
// If set of rows returned is empty or no insert permissions, throw access denied error
if (empty($response['data'][0]['insertOwn'])) {
returnError($output, 'Access Denied');
}
// Else get all available grades from the database
$response = preparedStatement($conn, 'INSERT INTO grade_table(grade, student_name, course_name, user_id) VALUES ((?), (?), (?), (?))', ['sssi', $studentGrade, $studentName, $studentCourse, $response['data'][0]['userId']], []);
if (!empty($response['error_msg'])) {
returnError($output, $response['error_msg']);
}
foreach ($response as $key => $value) {
$output[$key] = $value;
}
// Output to client
$output['success'] = true;
print json_encode($output);
<?php
require_once '../inc/bootstrap.php';
require_once 'sql.php';
if (isset($_GET['install'])) {
$db = new database();
$db->query($sql);
try {
$db->execute();
} catch (Exception $e) {
return returnError("Database error: " . $e->getMessage());
}
echo "The database tables were successfully created. <a href='" . APP_URL . "'>Home</a>.";
} else {
?>
<h1>Copy this into your MySQL database. <a href="?install">Or let me try for you</a></h1>
<pre><?php
echo $sql;
?>
</pre>
<?php
}
/**
* server-response 拼接响应报文,返回对应的url资源
* @param $http_line
* @param $http_header
* @param $http_data
* @return string
*/
function getResponse($http_line, $http_header, $http_data)
{
//4个部分:状态行、响应头、空行、响应数据
$response_header = '';
//1.http报文请求行:http-line
list($method, $url, $protocal) = explode(' ', $http_line);
//2.报文请求:http-header
$param_arr = array();
$param_line_arr = explode("\r\n", $http_header);
foreach ($param_line_arr as $k => $v) {
//key=>value
list($type, $value) = explode(':', $v);
$param_arr[$type] = $value;
}
//http-line处理:这里只做支持:get,post
$response_cookie = '';
if ($method == 'GET') {
//get
if (empty($url)) {
//返回默认的index的信息
$response_data = returnIndex();
} else {
//根据url获取资源文件
$response_data = returnResource();
}
} elseif ($method == 'POST') {
//post
//$url默认就是com.php的处理了(实际的应该根据url去定位相应的文件,并返回运行结果)
$client_ssid = isset($param_arr['Cookie']) ? $param_arr['Cookie'] : '';
$php_deal_data = dealPhp($http_data, $client_ssid);
$response_data = $php_deal_data['Html'];
$response_cookie = $php_deal_data['SSID'];
} else {
//请求数据错误
$response_data = returnError(405, 'Method Not Allowed ');
}
//1. response-line
$return_code = '200';
$return_code_comment = 'OK';
$response_line = $protocal . ' ' . $return_code . ' ' . $return_code_comment . "\r\n";
//2.response-header
$response_len = mb_strlen($response_data, 'utf-8');
$response_header_arr = array('Date' => gmdate('l, d F Y H:i:s ') . 'GMT', 'Content-Type' => 'text/html', 'Content-Length' => $response_len, 'set-cookie' => $response_cookie, 'Server' => 'myserver', 'Connection' => 'Keep-Alive', 'Keep-Alive' => 'timeout=5, max=100');
if (empty($response_cookie)) {
unset($response_header_arr['set-cookie']);
}
foreach ($response_header_arr as $key => $value) {
$response_header .= "{$key}:{$value}\r\n";
}
$response = $response_line . $response_header . "\r\n" . dechex($response_len) . "\r\n" . $response_data;
return $response;
}
<?php
require './post.php';
$id = $loginUser;
if (!$id) {
returnError('гКох╣гб╪');
return;
}
$wall = $_POST['wall_id'];
unlike($wall, $id);
public function action_store()
{
$library_id = $this->auth();
$event_tables = array('answers', 'borrows', 'open_scores', 'permissions', 'supports', 'belongs', 'transactions');
$entity_tables = array('roots', 'branches', 'users', 'authors', 'publications', 'objects', 'matches', 'files');
function parseRow($data)
{
$content = strpos($data, '|');
$values = explode(',', substr($data, 0, $content - 1));
$values[] = substr($data, $content + 1);
return $values;
}
function storeData($library_id, $command, $table, $values)
{
$event_tables = array('answers', 'borrows', 'open_scores', 'permissions', 'supports', 'belongs', 'transactions');
$entity_tables = array('roots', 'branches', 'users', 'authors', 'publications', 'objects', 'matches', 'files');
if (count($values) > 0 && (in_array($table, $event_tables) || in_array($table, $entity_tables))) {
$query = '';
$values = join(',', $values);
if ($command == 'insert') {
$query = "insert ignore into {$table} values {$values}";
} else {
if ($command == 'update') {
$query = "replace into {$table} values {$values}";
} else {
if ($command == 'delete') {
$query = "delete from {$table} where id in ({$values})" . (in_array($table, $event_tables) ? " and library_id = {$library_id}" : '');
} else {
returnData('Invalid Db Command');
}
}
}
DB::query($query);
}
}
// extract records
$logs = explode('|-|', Input::get('xlogs'));
// data validation
if (count($logs) != Input::get('count')) {
returnError(Input::get('count') . ' rows was sent but ' . count($logs) . ' was received');
}
// write logs to file
$logFile = fopen(path('storage') . 'files/' . $library_id . '.log', 'a');
// insert data into db in groups
$command = '';
$table = '';
$values = array();
foreach ($logs as $row) {
// store row before parsing it
fwrite($logFile, $row . "\n");
// set new value
$row = parseRow($row);
if ($row[0] == 'library') {
$data = explode(',', str_replace('null', '""', $row[5]));
DB::query("update libraries set title = {$data[0]}, description = {$data[1]}, started_at = {$data[2]}, image = {$data[3]}, version = {$data[4]} where id = {$library_id}");
continue;
}
if ($row[1] == 'delete') {
$value = $row[2];
} else {
if (in_array($row[0], $event_tables)) {
$value = "({$library_id},{$row[2]},{$row[5]})";
} else {
$value = "({$row[2]},{$row[5]})";
}
}
// store values
if ($table == $row[0] && $command == $row[1] && count($values) < 50) {
$values[] = $value;
} else {
storeData($library_id, $command, $table, $values);
$command = $row[1];
$table = $row[0];
$values = array($value);
}
}
storeData($library_id, $command, $table, $values);
// copy files into directory
if (count($_FILES) > 0) {
foreach ($_FILES as $file) {
move_uploaded_file($file['tmp_name'], path('storage') . 'files/' . $file['name']);
}
}
// update reghaabat synced_at
$synced_at = Input::get('synced_at');
DB::query('update libraries set synced_at = ? where id = ?', array($synced_at, $library_id));
return returnData(array('synced_at' => $synced_at, 'count' => count($logs)));
}
<?php
/*
* Copyright (c) 2006/2007 Flipperwing Ltd. (http://www.flipperwing.com)
*
* Licensed under the Apache License, Version 2.0 (the "License"); you may not
* use this file except in compliance with the License. You may obtain a copy of
* the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
* License for the specific language governing permissions and limitations under
* the License.
*/
/**
* @author andy.scholz@gmail.com
* @copyright (c)2006-2007 Flipperwing Ltd.
*/
// Set flag that this is a parent file
define('_VALID_MOS', 1);
require_once "../../init.php";
require_once $csModelsDir . "/JUser.php";
$id = intval($_REQUEST['id']);
$obj = new JUser(&$database);
if (!$obj->load($id)) {
returnError("Could not find user with id#{$id}");
}
returnData($obj);
$text = stripslashes($text);
}
if ($text != NULL) {
setlocale(LC_ALL, $dictionary);
// Set a custom error handler so we return the error message
// to the client.
set_error_handler("returnError");
// Get rid of double-dashes, since we ignore dashes
// when splitting words.
$text = preg_replace('/--+/u', ' ', $text);
// Split on anything that's not a word character, quote or dash
$words = preg_split($splitRegexp, $text);
// Load dictionary
$dictionary = pspell_new($dictionary, "", "", "UTF-8");
if ($dictionary == 0) {
returnError("Unable to open dictionary " . $dictionary);
}
$skip = FALSE;
$checked_words = array();
$misspelled = "";
foreach ($words as $word) {
if ($skip) {
$skip = FALSE;
continue;
}
// Skip ignored words.
if (array_key_exists($word, $ignoreWords)) {
continue;
}
// Ignore hyphenations
if (preg_match('/-$/u', $word)) {
$first_name = $_POST['first_name'];
$last_name = $_POST['last_name'];
$date_of_birth = $_POST['date_of_birth'];
$country = $_POST['date_of_birth'];
$username = $_POST['username'];
$password = $_POST['password'];
$email = $_POST['email'];
//validation fo data
if (!ctype_alpha($first_name)) {
returnError('All first_name chars must be english letters.');
}
if (!ctype_alpha($last_name)) {
returnError('All last_name chars must be english letters.');
}
if (!preg_match("/[0-9]{2}\\/[0-9]{2}\\/[0-9]{4}/", $date_of_birth)) {
returnError('Invalid date format.');
}
//M O J D E O A P L I K A C I J E
});
// PUT route
$app->put('/put', function () {
echo 'This is a PUT route';
});
// PATCH route
$app->patch('/patch', function () {
echo 'This is a PATCH route';
});
// DELETE route
$app->delete('/delete', function () {
echo 'This is a DELETE route';
});
<?php
require './get.php';
$id = $loginUser;
if (!$id) {
returnError('请先登录');
return;
}
$ret = array();
$walls = WaWall::FindWallIdsByUser($id);
if ($walls) {
while (list($key, $value) = each($walls)) {
$wall = array();
$wall['wall_id'] = $value['wall_id'];
if (isset($_GET['fulldata'])) {
$info = WaWall::GetWallInfo($wall['wall_id']);
$wall['wall_name'] = $info['wall_name'];
$wall['wall_desc'] = $info['wall_desc'];
$userInfo = WaUser::GetUserInfo($info['wall_creator']);
if ($userInfo) {
$wall['wall_creatorname'] = $userInfo['user_name'];
}
$wall['wall_type'] = $info['wall_type'];
$wall['wall_usercount'] = $info['wall_usercount'];
}
$wall['relationship'] = 'like';
array_push($ret, $wall);
}
}
$walls = WaWall::FindWallIdsByCreator($id);
if ($walls) {
}
include_once '../includes/functions.php';
include_once '../includes/db_connect.php';
$client_login_string = $_POST['key'];
if ($stmt = $mysqli->prepare("SELECT user_id, user_username, user_email, user_firstname, user_lastname, user_login_string FROM users")) {
$stmt->execute();
// Führe die vorbereitete Anfrage aus.
$stmt->store_result();
// hole Variablen von result.
$stmt->bind_result($user_id, $user_username, $user_email, $user_firstname, $user_lastname, $login_string);
$arrReturn = array();
$i = 0;
while ($stmt->fetch()) {
if ($login_string == $client_login_string) {
$arrReturn[$i]["current"] = true;
} else {
$arrReturn[$i]["current"] = false;
}
$arrReturn[$i]["id"] = $user_id;
$arrReturn[$i]["firstname"] = $user_firstname;
$arrReturn[$i]["lastname"] = $user_lastname;
$arrReturn[$i]["email"] = $user_email;
$arrReturn[$i]["pseudonym"] = $user_username;
$arrReturn[$i]["image"] = "";
//TODO: Bild in die Datenbank einfügen
$i++;
}
echo json_encode($arrReturn);
} else {
returnError("gAUI-1");
}
switch ($_POST['item_type']) {
case 'groups':
$post_class = $fm_sqlpass_groups;
break;
case 'servers':
$post_class = $fm_module_servers;
break;
}
if ($add_new) {
if ($_POST['item_type'] == 'logging') {
$edit_form = $post_class->printForm(null, $action, $_POST['item_sub_type']);
} else {
$edit_form = $post_class->printForm(null, $action, $type_map, $id);
}
} else {
basicGet('fm_' . $table, $id, $prefix, $field);
$results = $fmdb->last_result;
if (!$fmdb->num_rows) {
returnError();
}
$edit_form_data[] = $results[0];
if ($_POST['item_type'] == 'logging') {
$edit_form = $post_class->printForm($edit_form_data, 'edit', $_POST['item_sub_type']);
} else {
$edit_form = $post_class->printForm($edit_form_data, 'edit', $type_map, $view_id);
}
}
echo $edit_form;
} else {
returnUnAuth();
}
/**
* method for emove of user
* @param string $username [description]
* @param string $password [description]
* @param string $token [description]
*/
public function removeUser($username, $password, $token)
{
$password = hash('sha256', $password);
$username = trim($username);
$query = "select * from registrants where username = '******' and password = '******' and token = '{$token}'";
$result = $this->db->fetchOne($query);
if ($result) {
$query = "delete from registrants where username = '******'";
$this->db->execute($query);
successRemove($username);
} else {
returnError('Password or username or token doesn`t match');
}
}
/**
* Returns a formatted response to the requesting client.
* @method sendResponse
* @param mixed $results The results could be either an array or stdClass. Should be the data being returned to the client.
* @param integer $startTime Time the app started processing the response. Used for debugging time on the server during development.
*/
function sendResponse($results, $startTime = null)
{
$app = Slim::getInstance();
$details = new stdClass();
if (!is_null($startTime)) {
$elapsedTime = time() - $startTime;
$details->elapsedTime = $elapsedTime;
}
$details->responseCode = 200;
$response = array("details" => $details, "response" => $results);
$resp = $app->response;
$resp->setStatus(200);
$resp->headers->set('Content-Type', 'application/json');
try {
$resp->setBody(json_encode($response));
} catch (Exception $e) {
returnError($e->getMessage());
}
}
function WSDeleteUserFromGroup($params)
{
if (!WSHelperVerifyKey($params['secret_key'])) {
return returnError(WS_ERROR_SECRET_KEY);
}
$userGroup = new UserGroup();
return $userGroup->delete_user_rel_group($params['user_id'], $params['group_id']);
}