forked from science-ation/science-ation
- And the server side of the JSON stats. We should probably rename this file
since it has nothing to do with XML anymore.
This commit is contained in:
dave
parent
687d4ea875
commit
036cf2c295
@ -25,36 +25,58 @@
|
|||||||
<?
|
<?
|
||||||
require_once('common.inc.php');
|
require_once('common.inc.php');
|
||||||
require_once('user.inc.php');
|
require_once('user.inc.php');
|
||||||
require_once('admin/xml.inc.php');
|
|
||||||
|
|
||||||
$d=xml_parsexml($_POST['xml']);
|
/* magic quotes DEPRECATED as of PHP 5.3.0, REMOVE as of 6.0, on by default *
|
||||||
$data = $d['sfiab'][0];
|
* for any PHP < 5.3.0. Pain in the ASS. php is running the urldecode for us,
|
||||||
|
* seeing that the string has quotes, then adding quotes before we can
|
||||||
|
* json_decode()
|
||||||
|
* It only does this in POST and GET */
|
||||||
|
if(get_magic_quotes_gpc())
|
||||||
|
$data = json_decode(stripslashes($_POST['json']), true);
|
||||||
|
else
|
||||||
|
$data = json_decode($_POST['json'], true);
|
||||||
|
|
||||||
$username = $data['username'][0];
|
// echo "post:";print_r($_POST);
|
||||||
$password = $data['password'][0];
|
// echo "json post: ".htmlspecialchars($_POST['json'])."<br>";
|
||||||
|
// echo "stripslashes(json post): ".stripslashes($_POST['json'])."<br>";
|
||||||
|
// echo "data:";print_r($data);
|
||||||
|
// echo "<br />";
|
||||||
|
// exit;
|
||||||
|
|
||||||
|
$username = $data['auth']['username'];
|
||||||
|
$password = $data['auth']['password'];
|
||||||
|
|
||||||
|
$response['query'] = $data;
|
||||||
|
|
||||||
// echo "Authenticating... ";
|
// echo "Authenticating... ";
|
||||||
$username = mysql_escape_string($username);
|
$username = mysql_escape_string($username);
|
||||||
$q=mysql_query("SELECT uid FROM users WHERE username='$username'");
|
$q=mysql_query("SELECT uid FROM users WHERE username='$username'");
|
||||||
if(mysql_num_rows($q) != 1) {
|
if(mysql_num_rows($q) != 1) {
|
||||||
echo "<sfiab><error>1</error><message>authentication failed</message></sfiab>";
|
$response['error'] = 1;
|
||||||
exit;
|
$response['message'] = "Authentication Failed";
|
||||||
|
echo json_encode($response);
|
||||||
|
exit;
|
||||||
}
|
}
|
||||||
$i = mysql_fetch_assoc($q);
|
$i = mysql_fetch_assoc($q);
|
||||||
$u = user_load_by_uid($i['uid']);
|
$u = user_load_by_uid($i['uid']);
|
||||||
|
$response['i'] = $i;
|
||||||
if(!is_array($u) || $u['password'] == '') {
|
if(!is_array($u) || $u['password'] == '') {
|
||||||
echo "<sfiab><error>1</error><message>authentication failed</message></sfiab>";
|
$response['error'] = 1;
|
||||||
exit;
|
$response['message'] = "Authentication Failed2";
|
||||||
|
echo json_encode($response);
|
||||||
|
exit;
|
||||||
}
|
}
|
||||||
|
|
||||||
if($u['password'] != $password) {
|
if($u['password'] != $password) {
|
||||||
echo "<sfiab><error>1</error><message>authentication failed</message></sfiab>";
|
$response['error'] = 1;
|
||||||
exit;
|
$response['message'] = "Authentication Failed3";
|
||||||
|
echo json_encode($response);
|
||||||
|
exit;
|
||||||
}
|
}
|
||||||
|
|
||||||
$response = array();
|
$response = array();
|
||||||
if(array_key_exists('getstats', $data)) {
|
if(array_key_exists('getstats', $data)) {
|
||||||
$year = $data['getstats'][0]['year'][0];
|
$year = $data['getstats']['year'];
|
||||||
$vars = array('fair_stats_participation', 'fair_stats_schools_ext',
|
$vars = array('fair_stats_participation', 'fair_stats_schools_ext',
|
||||||
'fair_stats_minorities', 'fair_stats_guests',
|
'fair_stats_minorities', 'fair_stats_guests',
|
||||||
'fair_stats_sffbc_misc', 'fair_stats_info',
|
'fair_stats_sffbc_misc', 'fair_stats_info',
|
||||||
@ -68,14 +90,16 @@
|
|||||||
AND year='$year'");
|
AND year='$year'");
|
||||||
$response['stats'] = mysql_fetch_assoc($q);
|
$response['stats'] = mysql_fetch_assoc($q);
|
||||||
unset($response['stats']['id']);
|
unset($response['stats']['id']);
|
||||||
|
$response['error'] = 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
if(array_key_exists('stats', $data)) {
|
if(array_key_exists('stats', $data)) {
|
||||||
$stats = array();
|
$stats = $data['stats'];
|
||||||
foreach($data['stats'][0] as $k=>$v) {
|
foreach($stats as $k=>$v) {
|
||||||
$stats[$k] = $v[0];
|
$stats[$k] = mysql_escape_string($stats[$k]);
|
||||||
}
|
}
|
||||||
$str = join(',',$stats);
|
|
||||||
|
// $str = join(',',$stats);
|
||||||
$keys = '`fairs_id`,`'.join('`,`', array_keys($stats)).'`';
|
$keys = '`fairs_id`,`'.join('`,`', array_keys($stats)).'`';
|
||||||
$vals = "'{$u['fairs_id']}','".join("','", array_values($stats))."'";
|
$vals = "'{$u['fairs_id']}','".join("','", array_values($stats))."'";
|
||||||
mysql_query("DELETE FROM fairs_stats WHERE fairs_id='{$u['fairs_id']}'
|
mysql_query("DELETE FROM fairs_stats WHERE fairs_id='{$u['fairs_id']}'
|
||||||
@ -88,9 +112,7 @@
|
|||||||
$response['message'] = 'Stats saved';
|
$response['message'] = 'Stats saved';
|
||||||
}
|
}
|
||||||
|
|
||||||
$output="";
|
echo urlencode(json_encode($response));
|
||||||
xmlCreateRecurse(array('sfiab'=>$response));
|
|
||||||
echo urlencode($output);
|
|
||||||
// echo "Success!<br />";
|
// echo "Success!<br />";
|
||||||
|
|
||||||
|
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user