igor/GEOVizor_PHP
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Старт

Browse Source
This commit is contained in:
igor
2023-11-07 19:51:49 +06:00
commit 86542a157f
5002 changed files with 199551 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

180
observation/pscripts/user.php Normal file
View File

@ -0,0 +1,180 @@
<?php
@session_start();
require_once("../../monitoring/config.php");
require_once("../../monitoring/tools.php");
require_once("../../resources/metadata/include/tools.php");
function sendError($msg)
{
$json='{"errorCode":1,"errorMessage":'.json_encode($msg,JSON_UNESCAPED_UNICODE).'}';
header('Content-Type: application/json');
echo $json;
exit;
}
$db = connectToDB();
$MainFrom = 'irigm@yandex.ru';
//$MainFrom = 'info@motion-engine.com';
$fn=0;
if(isset($_GET['fn'])) { $fn=$_GET['fn']; }
if($fn=='1') //Зарегестрировать нового пользователя и компанию
{
if(!isset($HTTP_RAW_POST_DATA))
{ $HTTP_RAW_POST_DATA = file_get_contents("php://input");
}
$object = json_decode($HTTP_RAW_POST_DATA);
if($object==null) sendError(trt("Invalid_request")."!");
$captcha=$_SESSION['secpic1'];
if($captcha!=$object->captcha) {
sendError('The numbers from the picture do not match!');
}else{
$password = getPassword(5);
$sql = "select * from main.p__users_1(1,null,:company_name,:surname,:name,:position,:phone,:email,:password);";
$stmt = $db->prepare($sql);
$stmt->bindParam(':company_name', $object->company, PDO::PARAM_STR);
$stmt->bindParam(':surname', $object->lastname, PDO::PARAM_STR);
$stmt->bindParam(':name', $object->firstname, PDO::PARAM_STR);
$stmt->bindParam(':position', $object->position, PDO::PARAM_STR);
$stmt->bindParam(':phone', $object->phone, PDO::PARAM_STR);
$stmt->bindParam(':email', $object->email, PDO::PARAM_STR);
$stmt->bindParam(':password', $password, PDO::PARAM_STR);
$response = new stdClass();
$response->errorCode = '0';
$response->errorMessage = '';
try
{
$res = $stmt->execute();
} catch (Exception $e)
{
sendError($e->getMessage());
}
$html='<html><head><title>Message</title></head><body>';
$html.='<h1>Поздравляю, Вы зарегистрированы!</h1>';
$html.='<b>Ваш пароль:</b> '.$password.'<br>';
$html.='</body></html>';
//Отсылаю пароль на почту
if(mail($object->email,'Motion-Engine.com',$html,"Content-type: text/html; charset=utf-8\r\nFrom: Motion-Engine Site <".$MainFrom.">"))
{
}else{
sendError('Failed to send password email to!');
}
echo json_encode($response);
exit;
}
}else if($fn=='2') //Восстановление пароля
{
if(!isset($HTTP_RAW_POST_DATA))
{ $HTTP_RAW_POST_DATA = file_get_contents("php://input");
}
$object = json_decode($HTTP_RAW_POST_DATA);
if($object==null) sendError(trt("Invalid_request")."!");
$captcha=$_SESSION['secpic2'];
if($captcha!=$object->captcha) {
sendError('The numbers from the picture do not match!');
}else{
$password = getPassword(5);
$sql = "update main._users set password='".md5($password)."' where email=lower('".$object->email."');";
$response = new stdClass();
$response->errorCode = '0';
$response->errorMessage = '';
try
{
$db->query($sql);
}catch (Exception $ex)
{
sendError($ex->getMessage());
}
$html='<html><head><title>Message</title></head><body>';
$html.='<h1>Password recovery</h1>';
$html.='<b>Your password has been changed to:</b> '.$password.'<br>';
$html.='</body></html>';
//Отсылаю пароль на почту
if(mail($object->email,'Motion-Engine.com',$html,"Content-type: text/html; charset=utf-8\r\nFrom: Motion-Engine Site <".$MainFrom.">"))
{
}else{
sendError('Failed to send password email to!');
}
echo json_encode($response);
exit;
}
}else if($fn=='3'){ //Смена пароля
if(!isset($HTTP_RAW_POST_DATA))
{ $HTTP_RAW_POST_DATA = file_get_contents("php://input");
}
$object = json_decode($HTTP_RAW_POST_DATA);
if($object==null) sendError(trt("Invalid_request")."!");
//Проверяю есть ли такой пользователь
$sql = "select id from main._users where del=false and password='".md5($object->password)."' and email=lower('".$object->email."');";
try
{
$res = $db->query($sql);
}catch (Exception $ex)
{
sendError($ex->getMessage());
}
if($res==NULL || $res->rowCount()==0)
{
sendError(trt("Invalid_username_and_or_password"));
}
$sql = "update main._users set password='".md5($object->new_password)."' where email=lower('".$object->email."') and password='".md5($object->password)."';";
$response = new stdClass();
$response->errorCode = '0';
$response->errorMessage = '';
try
{
$db->query($sql);
}catch (Exception $ex)
{
sendError($ex->getMessage());
}
echo json_encode($response);
exit;
}else if($fn=='10'){ //Вернуть список для заполнения компаний к которым у пользователя есть доступ
$sql="select id,name,exists(select 1 from main._users where del=false and c.id=company_id and id=".$_SESSION['USER_ID'].") as select from main.companies c where id in (select company_id from main.companies_users where del=false and user_id=".$_SESSION['USER_ID'].") order by name";
try
{
$res = $db->query($sql);
}catch (Exception $ex)
{
sendError($ex->getMessage());
}
if($res != null)
{
while ($row = $res->fetch(PDO::FETCH_ASSOC))// $row - ассоциативный массив значений, ключи - названия столбцов
{
if($row['select'])
echo '<option selected="selected" value="'.$row['id'].'">'.$row['name'].'</option>';
else
echo '<option value="'.$row['id'].'">'.$row['name'].'</option>';
}
}
}else{
sendError("Fn is null!");
}