public function Authors($userId) { $userAuthorsFolder = Settings::getInstance()->p['userAuthorsFolder']; $UserHandler = new UsersDatabaseHandler(); $User = $UserHandler->UserById($userId); if ($User == null) { throw new RestException(401, "Unauthorized"); } $sql = "SELECT AuthorId, Name, UniqueName, Image FROM Author WHERE UserId = {$userId} AND Active = true ORDER BY Name"; $result = $this->mysqli->query($sql) or die($authIssueText); $recordsCount = mysqli_num_rows($result); $authors = array(); if ($recordsCount >= 1 && $result != null) { while ($row = mysqli_fetch_array($result)) { $imageUrl = strlen($row[Image]) > 0 ? parent::GetImageUrl($userId, $row[Image], $userAuthorsFolder) : ""; $imageThumbnailUrl = strlen($row[Image]) > 0 ? parent::GetImageUrl($userId, $row[Image], $userAuthorsFolder, true) : ""; $authors[] = array('AuthorId' => intval($row['AuthorId']), 'UniqueName' => $row['UniqueName'], 'Name' => $row['Name'], 'Image' => $imageUrl, 'Thumbnail' => $imageThumbnailUrl); } } return $authors; }
public function CreateArticle($Title, $UserId) { global $authIssueText; $UsersHandler = new UsersDatabaseHandler(); $User = $UsersHandler->UserById($UserId); $Language = $User['Language']; $sql = "INSERT INTO Article (Title, UserId, CreationDateTime, Language) "; $sql .= "VALUES(\"" . $this->mysqli->real_escape_string($Title) . "\", {$UserId}, '" . time() . "', \"{$Language}\")"; $result = $this->mysqli->query($sql) or die($authIssueText); return $result; }
/** * Update User * * @url POST /user/update/ */ public function updateUser() { $userId = parent::CheckAuthentication(); $userUserFolder = Settings::getInstance()->p['userUserFolder']; $user = parent::UserById($userId); $isImageUploading = isset($_FILES['NewImage']) && is_uploaded_file($_FILES['NewImage']['tmp_name']) ? 1 : 0; $destinationDirectory = "../../" . parent::GetImageUrl($userId, "", $userUserFolder, false, false, true) . "/"; if (strlen($_POST['Image']) == 0 || $isImageUploading) { $this->UnlinkRemovedUserImages($userId, $user['Image']); } // Upload new image if ($isImageUploading == 1) { $image = uploadImage($_FILES['NewImage'], $destinationDirectory, 350); } if (isset($_POST['Username'])) { $user["Username"] = $_POST['Username']; } if (isset($_POST['FirstName'])) { $user["FirstName"] = $_POST['FirstName']; } if (isset($_POST['LastName'])) { $user["LastName"] = $_POST['LastName']; } if (isset($_POST['Country'])) { $user["Country"] = $_POST['Country']; } if (isset($_POST['Image']) && $isImageUploading != 1) { $user["Image"] = $_POST['Image']; } else { $user["Image"] = $image; } if (isset($_POST['MobilePhone'])) { $user["MobilePhone"] = $_POST['MobilePhone']; } if (isset($_POST['Language'])) { $user["Language"] = $_POST['Language']; } // Return the up-to-date user return parent::DbUpdateUser($user) == true ? parent::UserById($userId) : "ERROR"; }
function CreateEvent($Title, $UserId) { global $authIssueText; $UsersHandler = new UsersDatabaseHandler(); $User = $UsersHandler->UserById($UserId); $Language = $User['Language']; $sql = "INSERT INTO Event (Title, UserId, CreationDateTime, Language) "; $sql .= "VALUES('{$Title}', {$UserId}, '" . time() . "', '{$Language}')"; $result = $this->mysqli->query($sql) or die($authIssueText); return $result; }