robin.thoni
/
3ie-api.vdm


			
				
					
						
						
							1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586878889909192
							<?php
require_once "utils.php";
require_once "misc/config.php";

function check_token()
{
  $token = check_table_field("Authorization", "tokens", "token");
  $date = new DateTime($token["date"]);
  $date->add(new DateInterval("P1D"));
  if ($token === false || $date < new DateTime())
    error(401, "Invalid token");
  return $token['token'];
}

function status_confirm($id)
{
  check_token();
}

function status_create()
{
  $token = check_token();
  $status = get_post("status");
  if (strlen($status) < 10)
    error(422, "Status too short");

  $lat = check_float(get_post("latitude", false));
  $long = check_float(get_post("longitude", false));
  $media = null;
  if (isset($_FILES["media"])
      && getimagesize($_FILES["media"]["tmp_name"]) !== false)
  {
    global $media_path;
    $media = dechex(microtime(true)) . dechex(rand());
    move_uploaded_file($_FILES["media"]["tmp_name"], $media_path . $media);
  }

  $u = database_exec("SELECT `id`, `username` FROM users WHERE `id` = ".
    "(SELECT `user` FROM tokens WHERE `token` = :token)",
    array(":token" => $token))->fetch();

  database_exec("INSERT INTO status (`status`, `user`, `longitude`, ".
    "`latitude`, `media`) VALUES(:status, :user, :long, :lat, :media)",
      array(":status" => $status, ":user" => $u["id"], ":long" => $long,
      ":lat" => $lat, ":media" => $media));

  $s = database_exec("SELECT * FROM status WHERE id = :id",
    array(":id" => database_get()->lastInsertId()))->fetch();

  $date = new DateTime($s["date"]);

  global $media_url;
  echo json_encode(array("status" => $s["status"],
    "user_id" => intval($u["id"]),
    "creation_date" => $date->format(DateTime::ISO8601),
    "latitude" => $s["latitude"] === null ? null : floatval($s["latitude"]),
    "longitude" => $s["longitude"] === null ? null : floatval($s["longitude"]),
    "media_url" => ($s["media"] !== null ) ? $media_url . $s["media"] : null,
    "id" => intval($s["id"])
  ));
}

function status_feed()
{
  check_token();
  $limit = check_int(get_get("limit", false), 15);
  if ($limit < 1)
    $limit = 15;
  $page = max((check_int(get_get("page", false), 1) - 1), 0) * $limit;
  $s = database_query("SELECT * FROM status ORDER BY `id` DESC ".
    "LIMIT $page, $limit");
  $data = array();
  global $media_url;
  while (($u = $s->fetch()) !== false)
  {
    $a = database_exec("SELECT `id`, `username` FROM users WHERE `id` = :id",
      array(":id" => $u["user"]))->fetch();
    $date = new DateTime($u["date"]);
    $data[] = array("id" => intval($u["id"]),
    "status" => $u["status"],
    "creation_date" => $date->format(DateTime::ISO8601),
    "latitude" => $u["latitude"] === null ? null : floatval($u["latitude"]),
    "longitude" => $u["longitude"] === null ? null : floatval($u["longitude"]),
    "author_id" => intval($a["id"]),
    "author_username" => $a["username"],
    "nb_confirm_up" => intval($u["up"]),
    "nb_confirm_down" => intval($u["down"]),
    "media_url" => ($u["media"] !== null ) ? $media_url . $u["media"] : null);
  }
  echo json_encode($data);
}
?>