c3lf-system-3/ajax.php

263 lines
11 KiB
PHP
Raw Normal View History

2018-12-28 20:05:34 +01:00
<?php
/**
* Created by PhpStorm.
* User: jedi
* Date: 12/28/18
* Time: 6:13 PM
2018-12-29 20:17:54 +01:00
*/
include "backend.php";
include "functions.php";
2018-12-29 20:17:54 +01:00
function hasval($var){
return isset($var) && !empty($var);
}
2019-02-24 11:52:15 +01:00
function makethumb($hash, $width=100, $height=100, $quality = 90)
{
$img = getcwd()."/upload/".$hash;
if (is_file($img)) {
$imagick = new Imagick($img);
$imagick->setImageFormat('jpeg');
$imagick->setImageCompression(Imagick::COMPRESSION_JPEG);
$imagick->setImageCompressionQuality($quality);
$imagick->cropThumbnailImage($width, $height);
$imagick->setImagePage(0, 0, 0, 0);
if (file_put_contents(getcwd()."/thumb/" . $hash, $imagick) === false) {
throw new Exception("Could not put contents.");
}
return true;
}
else {
throw new Exception("No valid image provided with {$img}.");
}
}
2019-02-22 00:10:56 +01:00
$successmsg = "added one item";
2018-12-29 20:17:54 +01:00
switch($_GET["action"]) {
case "add_featurerequest":
if (hasval($_POST["title"]) && hasval($_POST["desc"])) {
/* Prepared statement, stage 1: prepare */
2018-12-30 12:50:42 +01:00
if (!($stmt = $mysqli->prepare("INSERT INTO feature_request(title, `desc`) VALUES (?, ?)"))) {
$errormsg = "Prepare failed: (" . $mysqli->errno . ") " . $mysqli->error;
}else
if (!$stmt->bind_param("ss", $_POST["title"], $_POST["desc"])) {
$errormsg = "Binding parameters failed: (" . $stmt->errno . ") " . $stmt->error;
}else
if (!$stmt->execute()) {
$errormsg = "Execute failed: (" . $stmt->errno . ") " . $stmt->error;
}
}else{
$errormsg = "all values have to be set";
}
break;
2018-12-30 13:26:45 +01:00
case "add_found":
2019-02-22 20:47:26 +01:00
if (hasval($_POST["was"]) && hasval($_POST["wann"]) && hasval($_POST["wo"])&& hasval($_POST["container"])) {
2018-12-30 12:50:42 +01:00
/* Prepared statement, stage 1: prepare */
2019-02-22 20:47:26 +01:00
if (!($stmt = $mysqli->prepare("INSERT INTO found_items(was, wann, wo, container) VALUES (?, ?, ?, ?)"))) {
2018-12-30 12:50:42 +01:00
$errormsg = "Prepare failed: (" . $mysqli->errno . ") " . $mysqli->error;
2018-12-29 20:17:54 +01:00
}
2019-02-22 20:47:26 +01:00
if (!$stmt->bind_param("ssss", $_POST["was"], $_POST["wann"], $_POST["wo"], $_POST["container"])) {
2018-12-30 12:50:42 +01:00
$errormsg = "Binding parameters failed: (" . $stmt->errno . ") " . $stmt->error;
2018-12-29 20:17:54 +01:00
}
if (!$stmt->execute()) {
2018-12-30 12:50:42 +01:00
$errormsg = "Execute failed: (" . $stmt->errno . ") " . $stmt->error;
2018-12-29 20:17:54 +01:00
}
2018-12-30 12:50:42 +01:00
}else{
$errormsg = "all values have to be set";
2018-12-29 20:17:54 +01:00
}
2018-12-30 12:50:42 +01:00
break;
case "add_lost":
if (hasval($_POST["was"]) && hasval($_POST["wann"]) && hasval($_POST["wo"]) && hasval($_POST["contact"])) {
/* Prepared statement, stage 1: prepare */
2019-02-22 00:02:28 +01:00
if (!($stmt = $mysqli->prepare("INSERT INTO lost_items(was, wann, wo, contact) VALUES (?, ?, ?, ?)"))) {
2018-12-30 12:50:42 +01:00
$errormsg = "Prepare failed: (" . $mysqli->errno . ") " . $mysqli->error;
}
if (!$stmt->bind_param("ssss", $_POST["was"], $_POST["wann"], $_POST["wo"], $_POST["contact"])) {
$errormsg = "Binding parameters failed: (" . $stmt->errno . ") " . $stmt->error;
}
if (!$stmt->execute()) {
$errormsg = "Execute failed: (" . $stmt->errno . ") " . $stmt->error;
}
}else{
$errormsg = "all values have to be set";
2019-03-02 02:19:17 +01:00
}
break;
case "add_match":
$successmsg = "one match added";
if (hasval($_POST["found_id"]) && hasval($_POST["lost_id"])) {
/* Prepared statement, stage 1: prepare */
if (!($stmt = $mysqli->prepare("INSERT INTO matches(f_id, l_id) VALUES (?, ?)"))) {
$errormsg = "Prepare failed: (" . $mysqli->errno . ") " . $mysqli->error;
}
if (!$stmt->bind_param("ii", $_POST["found_id"], $_POST["lost_id"])) {
$errormsg = "Binding parameters failed: (" . $stmt->errno . ") " . $stmt->error;
}
if (!$stmt->execute()) {
$errormsg = "Execute failed: (" . $stmt->errno . ") " . $stmt->error;
}
}else if (hasval($_POST["found_id"]) && hasval($_POST["ticket_id"])) {
if (!($stmt = $mysqli->prepare("INSERT INTO lost_items(was) VALUES (?)"))) {
$errormsg = "Prepare failed: (" . $mysqli->errno . ") " . $mysqli->error;
}
if (!$stmt->bind_param("s", $_POST["ticket_id"])) {
$errormsg = "Binding parameters failed: (" . $stmt->errno . ") " . $stmt->error;
}
if (!$stmt->execute()) {
$errormsg = "Execute failed: (" . $stmt->errno . ") " . $stmt->error;
}
$lost_id = $mysqli->insert_id;
/* Prepared statement, stage 1: prepare */
if (!($stmt = $mysqli->prepare("INSERT INTO matches(f_id, l_id) VALUES (?, ?)"))) {
$errormsg = "Prepare failed: (" . $mysqli->errno . ") " . $mysqli->error;
}
if (!$stmt->bind_param("ii", $_POST["found_id"], $lost_id)) {
$errormsg = "Binding parameters failed: (" . $stmt->errno . ") " . $stmt->error;
}
if (!$stmt->execute()) {
$errormsg = "Execute failed: (" . $stmt->errno . ") " . $stmt->error;
}
}else{
$errormsg = "all values have to be set";
2018-12-30 12:50:42 +01:00
}
break;
case "get_stats";
echo json_encode(array("status"=>"ok","stats"=>get_stats()));
break;
2019-02-22 00:10:56 +01:00
case "delete_found_item":
if(hasval($_POST["id"])) {
/* Prepared statement, stage 1: prepare */
if (!($stmt = $mysqli->prepare("UPDATE found_items SET del = 1 WHERE id = ?"))) {
$errormsg = "Prepare failed: (" . $mysqli->errno . ") " . $mysqli->error;
}
if (!$stmt->bind_param("i", $_POST["id"])) {
$errormsg = "Binding parameters failed: (" . $stmt->errno . ") " . $stmt->error;
}
if (!$stmt->execute()) {
$errormsg = "Execute failed: (" . $stmt->errno . ") " . $stmt->error;
}
$successmsg = "one item deleted";
}else{
$errormsg = "id not set";
}
break;
case "delete_lost_item":
if(hasval($_POST["id"])) {
/* Prepared statement, stage 1: prepare */
if (!($stmt = $mysqli->prepare("UPDATE lost_items SET del = 1 WHERE id = ?"))) {
$errormsg = "Prepare failed: (" . $mysqli->errno . ") " . $mysqli->error;
}
if (!$stmt->bind_param("i", $_POST["id"])) {
$errormsg = "Binding parameters failed: (" . $stmt->errno . ") " . $stmt->error;
}
if (!$stmt->execute()) {
$errormsg = "Execute failed: (" . $stmt->errno . ") " . $stmt->error;
}
$successmsg = "one item deleted";
2019-02-22 13:26:57 +01:00
}else{
$errormsg = "id not set";
}
break;
case "edit_found_item":
2019-02-22 20:47:26 +01:00
if(hasval($_POST["id"]) && hasval($_POST["was"])&& hasval($_POST["container"])) {
2019-02-22 13:26:57 +01:00
/* Prepared statement, stage 1: prepare */
$was=$_POST["was"];
2019-02-24 11:45:21 +01:00
if (!($stmt = $mysqli->prepare("UPDATE found_items SET was=?, wo=?, wann=?, container=?, uid=? WHERE id = ?"))) {
2019-02-22 13:26:57 +01:00
$errormsg = "Prepare failed: (" . $mysqli->errno . ") " . $mysqli->error;
}
2019-02-24 11:45:21 +01:00
if (!$stmt->bind_param("sssssi", $_POST["was"] , $_POST["wo"], $_POST["wann"], $_POST["container"], $_POST["uid"], $_POST["id"])) {
2019-02-22 13:26:57 +01:00
$errormsg = "Binding parameters failed: (" . $stmt->errno . ") " . $stmt->error;
}
if (!$stmt->execute()) {
$errormsg = "Execute failed: (" . $stmt->errno . ") " . $stmt->error;
}
$successmsg = "one item edited";
if(isset($_FILES["image"])&& hasval($_FILES["image"]["tmp_name"])){
2019-02-22 13:26:57 +01:00
$hash = md5($_FILES['image']['name'].time());
if(move_uploaded_file($_FILES['image']['tmp_name'], "upload/".$hash)){
if (!($stmt = $mysqli->prepare("INSERT INTO files(hash, item_id) VALUES (?, ?)"))) {
$errormsg = "Prepare failed: (" . $mysqli->errno . ") " . $mysqli->error;
}
if (!$stmt->bind_param("si", $hash, $_POST["id"])) {
$errormsg = "Binding parameters failed: (" . $stmt->errno . ") " . $stmt->error;
}
if (!$stmt->execute()) {
$errormsg = "Execute failed: (" . $stmt->errno . ") " . $stmt->error;
}
2019-02-23 10:43:45 +01:00
if(!makethumb($hash)){
$errormsg = "thumbnail creation failed";
}
2019-02-22 13:26:57 +01:00
$successmsg = "one item edited";
2019-02-22 13:26:57 +01:00
}else{
$errormsg = "upload failed";
}
}else{
}
2019-02-22 00:10:56 +01:00
}else{
$errormsg = "id not set";
}
break;
case "add_found_item":
2019-02-23 10:43:45 +01:00
if (hasval($_POST["was"])&& hasval($_POST["container"])&& hasval($_POST["uid"])) {
2019-02-22 00:10:56 +01:00
/* Prepared statement, stage 1: prepare */
2019-02-23 10:43:45 +01:00
if (!($stmt = $mysqli->prepare("INSERT INTO found_items(uid, was, container) VALUES (?, ?, ?)"))) {
2019-02-22 00:10:56 +01:00
$errormsg = "Prepare failed: (" . $mysqli->errno . ") " . $mysqli->error;
}
2019-02-23 10:43:45 +01:00
if (!$stmt->bind_param("sss", $_POST["uid"], $_POST["was"], $_POST["container"])) {
2019-02-22 00:10:56 +01:00
$errormsg = "Binding parameters failed: (" . $stmt->errno . ") " . $stmt->error;
}
if (!$stmt->execute()) {
$errormsg = "Execute failed: (" . $stmt->errno . ") " . $stmt->error;
}
$item_id = $mysqli->insert_id;
2019-02-23 13:55:24 +01:00
if(isset($_FILES["image"]) && hasval($_FILES["image"]["tmp_name"])){
2019-02-22 00:10:56 +01:00
$hash = md5($_FILES['image']['name'].time());
if(move_uploaded_file($_FILES['image']['tmp_name'], "upload/".$hash)){
if (!($stmt = $mysqli->prepare("INSERT INTO files(hash, item_id) VALUES (?, ?)"))) {
$errormsg = "Prepare failed: (" . $mysqli->errno . ") " . $mysqli->error;
}
if (!$stmt->bind_param("si", $hash, $item_id)) {
$errormsg = "Binding parameters failed: (" . $stmt->errno . ") " . $stmt->error;
}
if (!$stmt->execute()) {
$errormsg = "Execute failed: (" . $stmt->errno . ") " . $stmt->error;
}
2019-02-23 10:43:45 +01:00
if(!makethumb($hash)){
$errormsg = "thumbnail creation failed";
}
2019-02-22 00:10:56 +01:00
$successmsg = "upload ok";
}else{
$errormsg = "upload failed";
}
}else{
}
}else{
$errormsg = "all values have to be set";
}
break;
case "get_found_table":
2019-02-23 10:43:45 +01:00
include "templates/found_item_table.php";
exit;
break;
2018-12-30 12:50:42 +01:00
default:
$errormsg = "action unknown";
2018-12-29 20:17:54 +01:00
break;
}
2018-12-30 12:50:42 +01:00
if(empty($errormsg))
2019-02-22 00:10:56 +01:00
echo json_encode(array("get"=>$_GET,"post"=>$_POST,"files"=>$_FILES,"status"=>"ok","message"=>$successmsg));
2018-12-30 12:50:42 +01:00
else
2019-02-22 00:10:56 +01:00
echo json_encode(array("get"=>$_GET,"post"=>$_POST,"files"=>$_FILES,"status"=>"error","message"=>$errormsg));
2018-12-29 20:17:54 +01:00
?>