1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
|
<?php
session_start();
function clear_input($data) {
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
if ($_SERVER["REQUEST_METHOD"] == "POST" && isset($_SESSION['admin']) && $_SESSION['admin'] == true) {
try {
$user = "yota_admin";
$password = "quaequaquagh6ahwoh6Chahx1EiFooGh";
$database = "yota_call_db";
$conn = new PDO("mysql:host=localhost;dbname=$database", $user, $password);
$conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
} catch (PDOException $e) {
echo "Error: " . $e->getMessage();
}
try {
$recvData = json_decode(file_get_contents("php://input"));
$recvData->id = clear_input($recvData->id);
$recvData->approved = clear_input($recvData->approved);
$recvData->specialCall = clear_input($recvData->specialCall);
$recvData->fromTime = clear_input($recvData->fromTime);
$recvData->toTime = clear_input($recvData->toTime);
$recvData->frequencies = clear_input($recvData->frequencies);
$recvData->modes = clear_input($recvData->modes);
$recvData->operatorCall = clear_input($recvData->operatorCall);
$recvData->operatorName = clear_input($recvData->operatorName);
$recvData->operatorEmail = clear_input($recvData->operatorEmail);
$recvData->operatorPhone = clear_input($recvData->operatorPhone);
$recvData->qso = clear_input($recvData->qso);
} catch (Exception $e) {
die("Can't decode JSON!");
}
try {
if ($recvData->action == "update") {
$sql = "UPDATE activities SET
approved=:approved,
specialCall=:specialCall,
fromTime=:fromTime,
toTime=:toTime,
frequencies=:frequencies,
modes=:modes,
operatorCall=:operatorCall,
operatorName=:operatorName,
operatorEmail=:operatorEmail,
operatorPhone=:operatorPhone,
qso=:qso
WHERE id=:id";
$stmt = $conn->prepare($sql);
$stmt->bindParam(':approved', $recvData->approved);
$stmt->bindParam(':specialCall', $recvData->specialCall);
$stmt->bindParam(':fromTime', $recvData->fromTime);
$stmt->bindParam(':toTime', $recvData->toTime);
$stmt->bindParam(':frequencies', $recvData->frequencies);
$stmt->bindParam(':modes', $recvData->modes);
$stmt->bindParam(':operatorCall', $recvData->operatorCall);
$stmt->bindParam(':operatorName', $recvData->operatorName);
$stmt->bindParam(':operatorEmail', $recvData->operatorEmail);
$stmt->bindParam(':operatorPhone', $recvData->operatorPhone);
$stmt->bindParam(':qso', $recvData->qso);
$stmt->execute();
$sendData->action=$recvData->action;
echo json_encode($sendData);
} else if ($recvData->action == "restore") {
$stmt = $conn->prepare("SELECT * FROM activities WHERE id=:id");
$stmt->bindParam(':id', $recvData->id);
$stmt->execute();
$row = $stmt->fetch();
$sendData->action=$recvData->action;
$sendData->id=$row->id;
$sendData->approved=$row->approved;
$sendData->specialCall=$row->specialCall;
$sendData->fromTime=$row->fromTime;
$sendData->toTime=$row->toTime;
$sendData->frequencies=$row->frequencies;
$sendData->modes=$row->modes;
$sendData->operatorCall=$row->operatorCall;
$sendData->operatorName=$row->operatorName;
$sendData->operatorEmail=$row->operatorEmail;
$sendData->operatorPhone=$row->operatorPhone;
$sendData->qso=$row->qso;
echo json_encode($sendData);
} else if ($recvData->action == "delete") {
$stmt = $conn->prepare("DELETE FROM activities WHERE id=:id");
$stmt->bindParam(':id', $recvData->id);
$stmt->execute();
$sendData->action=$recvData->action;
echo json_encode($sendData);
}
} catch ( Exception $e ) {
if ( $e instanceof PDOException )
echo "Error: " . $e->getMessage();
else
echo "Error in action handling!";
}
}
|