The administration panel and web client for ParEdu
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
 
 

208 lines
7.9 KiB

<?php
header("Cache-Control: no-store, no-cache, must-revalidate");
header("Cache-Control: post-check=0, pre-check=0", false);
header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT");
header("Pragma: no-cache");
header('Content-Type: application/json');
include "../creds.php";
// Create connection
$conn = new mysqli($sqlserver, $sqluser, $sqlpass, $dbname);
// Check connection
if ($conn->connect_error) {
header('Content-Type: application/json');
echo json_encode(array('response' => "Database connection error (".$conn->connect_error.")"));
exit;
}
if(isset($_GET["type"])){
$type = $_GET["type"];
}else{
$type = null;
}
if($type == null){
echo json_encode(array('response' => "No type specified"));
}else{
switch($type){
case "schools":
$list = array();
if(isset($_GET["id"])){
$result = $conn->query("SELECT * FROM `schools` WHERE `id` = '".$conn->real_escape_string($_GET["id"])."'");
}else{
$result = $conn->query("SELECT * FROM `schools`");
}
if (!empty($result) && $result->num_rows > 0) {
while($row = $result->fetch_assoc()) {
$list[] = $row;
}
echo json_encode($list);
}else{
echo json_encode(array('response' => "No events connected to specified owner"));
}
$result->close();
$conn->close();
break;
case "user":
$list = array();
if(isset($_GET["id"])){
$result = $conn->query("SELECT * FROM `auth` WHERE `id` = '".$conn->real_escape_string($_GET["id"])."'");
}else{
$result = $conn->query("SELECT * FROM `auth`");
}
if (!empty($result) && $result->num_rows > 0) {
while($row = $result->fetch_assoc()) {
if($row["fullname"] != ""){
$list["name"] = $row["fullname"];
}else{
$list["name"] = $row["username"];
}
}
echo json_encode($list);
}else{
echo json_encode(array('response' => "No events connected to specified owner"));
}
$result->close();
$conn->close();
break;
case "companies":
$list = array();
if(isset($_GET["id"])){
$result = $conn->query("SELECT * FROM `companies` WHERE `id` = '".$conn->real_escape_string($_GET["id"])."'");
}else{
$result = $conn->query("SELECT * FROM `companies`");
}
if (!empty($result) && $result->num_rows > 0) {
while($row = $result->fetch_assoc()) {
$list[] = $row;
}
echo json_encode($list);
}else{
echo json_encode(array('response' => "No events connected to specified owner"));
}
$result->close();
$conn->close();
break;
case "events":
$list = array();
if(isset($_GET["ownertype"]) && isset($_GET["ownerid"])){
$result = $conn->query("SELECT * FROM `events` WHERE `ownertype` = '".$conn->real_escape_string($_GET["ownertype"])."' AND `ownerid` = '".$conn->real_escape_string($_GET["ownerid"])."' ");
}else{
$result = $conn->query("SELECT * FROM `events`");
}
if (!empty($result) && $result->num_rows > 0) {
while($row = $result->fetch_assoc()) {
$list[] = $row;
}
echo json_encode($list);
}else{
echo json_encode(array('response' => "No events connected to specified owner"));
}
$result->close();
$conn->close();
break;
case "image":
if(isset($_GET["subtype"])){
$subtype = $_GET["subtype"];
}else{
echo json_encode(array('response' => "No subtype specified"));
}
switch($subtype){
case "school":
header('Content-Type: image/png');
$file = "../images/school/".$_GET["id"].".png";
if(file_exists($file)){
include $file;
}else{
include "../images/default.png";
}
break;
case "company":
header('Content-Type: image/png');
$file = "../images/company/".$_GET["id"].".png";
if(file_exists($file)){
include $file;
}else{
include "../images/default.png";
}
break;
case "user":
header('Content-Type: image/png');
$file = "../images/user/".$_GET["id"].".png";
if(file_exists($file)){
include $file;
}else{
include "../images/defaultuser.png";
}
break;
case "eventcategory":
header('Content-Type: image/png');
$file = "../images/eventcategory/".$_GET["category"].".png";
if(file_exists($file)){
include $file;
}else{
include "../images/eventcategory/default.png";
}
break;
default:
echo json_encode(array('response' => "Invalid subtype specified"));
break;
}
break;
case "string":
if(isset($_GET["subtype"])){
$subtype = $_GET["subtype"];
}else{
echo json_encode(array('response' => "No subtype specified"));
}
//if(isset($_GET["lang"])){
// $lang = $_GET["lang"];
//}else{
// echo json_encode(array('response' => "No language specified"));
//}
switch($subtype){
case "school":
$list = array();
if ($result = $conn->query("SELECT * FROM `schooltypes`")) {
while($row = $result->fetch_assoc()) {
$list[] = $row;
}
echo json_encode($list);
}
$result->close();
$conn->close();
break;
case "company":
$list = array();
if ($result = $conn->query("SELECT * FROM `schooltypes`")) {
while($row = $result->fetch_assoc()) {
$list[] = $row;
}
echo json_encode($list);
}
$result->close();
$conn->close();
break;
case "user":
$list = array();
if ($result = $conn->query("SELECT * FROM `acctypes`")) {
while($row = $result->fetch_assoc()) {
$list[] = $row;
}
echo json_encode($list);
}
$result->close();
$conn->close();
break;
default:
break;
}
break;
default:
echo json_encode(array('response' => "Invalid type specified"));
break;
}
}
?>