robin.thoni
/
3ie-api.vdm
Watch 1
Star 0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
46 Commits
1 Branch
Branch: master
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'master'
${ noResults }
3ie-api.vdm/status.php

status.php 4.3KB
Permalink History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123 
  1. <?php

  2. require_once "utils.php";

  3. require_once "misc/config.php";

  4. 

  5. function check_token()

  6. {

  7.   $token = check_table_field("Authorization", "tokens", "token");

  8.   $date = new DateTime($token["date"]);

  9.   $date->add(new DateInterval("P1D"));

  10.   if ($token === false || $date < new DateTime())

  11.     error(401, "Invalid user token");

  12.   return $token["token"];

  13. }

  14. 

  15. function status_confirm($id)

  16. {

  17.   $token = check_token();

  18.   $confirm = get_post("confirmation");

  19. 

  20.   if (database_exec("SELECT `id` FROM status WHERE `id` = :id",

  21.     array(":id" => $id))->fetch() === false)

  22.     error(404, "Status not found");

  23. 

  24.   if ($confirm != 0 && $confirm != 1)

  25.     error(422, "Bad confirmation value");

  26. 

  27.   $u = database_exec("SELECT `id` FROM users WHERE `id` = ".

  28.     "(SELECT `user` FROM tokens WHERE `token` = :token)",

  29.     array(":token" => $token))->fetch();

  30. 

  31.   if (database_exec("SELECT `id` FROM confirms WHERE `status` = :status ".

  32.     "AND `user` = :user AND `confirmation` = :confirm",

  33.     array(":status" => $id, ":user" => $u["id"], ":confirm" => $confirm))

  34.     ->fetch() !== false)

  35.     error(409, "Can not confirm twice with same value");

  36. 

  37.   database_exec("INSERT INTO confirms (`confirmation`, `status`, `user`)".

  38.     "VALUES(:confirm, :status, :user)", array(":confirm" => $confirm,

  39.     ":status" => $id, ":user" => $u["id"]));

  40. 

  41.   echo json_encode(array("user_id" => intval($u["id"]),

  42.     "status_id" => intval(database_get()->lastInsertId()),

  43.     "confirmation" => (bool)$confirm));

  44. }

  45. 

  46. function status_create()

  47. {

  48.   $token = check_token();

  49.   $status = get_post("status");

  50.   if (strlen($status) < 10)

  51.     error(422, "Status length too short");

  52. 

  53.   $lat = check_float(get_post("latitude", false));

  54.   $long = check_float(get_post("longitude", false));

  55.   $media = null;

  56.   if (isset($_FILES["media"])

  57.       && getimagesize($_FILES["media"]["tmp_name"]) !== false)

  58.   {

  59.     global $media_path;

  60.     $media = dechex(microtime(true)) . dechex(rand());

  61.     move_uploaded_file($_FILES["media"]["tmp_name"], $media_path . $media);

  62.   }

  63. 

  64.   $u = database_exec("SELECT `id`, `username` FROM users WHERE `id` = ".

  65.     "(SELECT `user` FROM tokens WHERE `token` = :token)",

  66.     array(":token" => $token))->fetch();

  67. 

  68.   database_exec("INSERT INTO status (`status`, `user`, `longitude`, ".

  69.     "`latitude`, `media`) VALUES(:status, :user, :long, :lat, :media)",

  70.       array(":status" => $status, ":user" => $u["id"], ":long" => $long,

  71.       ":lat" => $lat, ":media" => $media));

  72. 

  73.   $s = database_exec("SELECT * FROM status WHERE id = :id",

  74.     array(":id" => database_get()->lastInsertId()))->fetch();

  75. 

  76.   $date = new DateTime($s["date"]);

  77. 

  78.   global $media_url;

  79.   echo json_encode(array("status" => $s["status"],

  80.     "user_id" => intval($u["id"]),

  81.     "creation_date" => $date->format(DateTime::ISO8601),

  82.     "latitude" => $s["latitude"] === null ? null : floatval($s["latitude"]),

  83.     "longitude" => $s["longitude"] === null ? null : floatval($s["longitude"]),

  84.     "media_url" => ($s["media"] !== null ) ? $media_url . $s["media"] : null,

  85.     "id" => intval($s["id"])

  86.   ));

  87. }

  88. 

  89. function status_feed()

  90. {

  91.   check_token();

  92.   $limit = check_int(get_get("limit", false), 15);

  93.   if ($limit < 1)

  94.     $limit = 15;

  95.   $page = max((check_int(get_get("page", false), 1) - 1), 0) * $limit;

  96.   $s = database_query("SELECT *, ".

  97.     "(SELECT COUNT(*) FROM confirms WHERE ".

  98.     "`status` = `status`.id and `confirmation` = 1) as 'up', ".

  99.     "(SELECT COUNT(*) FROM confirms WHERE ".

  100.     "`status` = `status`.id and `confirmation` = 0) as 'down' ".

  101.     "FROM status ORDER BY `id` DESC ".

  102.     "LIMIT $page, $limit");

  103.   $data = array();

  104.   global $media_url;

  105.   while (($u = $s->fetch()) !== false)

  106.   {

  107.     $a = database_exec("SELECT `id`, `username` FROM users WHERE `id` = :id",

  108.       array(":id" => $u["user"]))->fetch();

  109.     $date = new DateTime($u["date"]);

  110.     $data[] = array("id" => intval($u["id"]),

  111.     "status" => $u["status"],

  112.     "creation_date" => $date->format(DateTime::ISO8601),

  113.     "latitude" => $u["latitude"] === null ? null : floatval($u["latitude"]),

  114.     "longitude" => $u["longitude"] === null ? null : floatval($u["longitude"]),

  115.     "author_id" => intval($a["id"]),

  116.     "author_username" => $a["username"],

  117.     "nb_confirm_up" => intval($u["up"]),

  118.     "nb_confirm_down" => intval($u["down"]),

  119.     "media_url" => ($u["media"] !== null ) ? $media_url . $u["media"] : null);

  120.   }

  121.   echo json_encode($data);

  122. }

  123. ?>