2020-05-08 21:53:23 +03:00
|
|
|
|
<?php
|
|
|
|
|
|
|
|
|
|
|
|
function api_client_kuri($hash){
|
|
|
|
|
|
|
|
|
|
|
|
$sql = "SELECT client_id FROM `clients` WHERE `clienthash` = '$hash' LIMIT 1 ";
|
|
|
|
|
|
$client = db_get($sql);
|
|
|
|
|
|
|
|
|
|
|
|
if (isset($client['client_id']))
|
|
|
|
|
|
return $client;
|
|
|
|
|
|
|
|
|
|
|
|
return false;
|
|
|
|
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
2020-05-12 21:15:26 +03:00
|
|
|
|
function api_login($login, $password){
|
|
|
|
|
|
|
|
|
|
|
|
$sqlogin = "SELECT `client_id`, `clientpassword` FROM `clients` WHERE `clientmail` = '$login' LIMIT 1";
|
|
|
|
|
|
$client = dbl_get($sqlogin);
|
|
|
|
|
|
|
|
|
|
|
|
if (!isset($client['clientpassword']))
|
|
|
|
|
|
return ['error'=>'пользователь не найден'];
|
|
|
|
|
|
|
|
|
|
|
|
if ($client['clientpassword'] == '')
|
|
|
|
|
|
return ['error'=>'необходимо получить ссылку для доступа'];
|
|
|
|
|
|
|
|
|
|
|
|
if (!password_verify($password, $client['clientpassword']))
|
|
|
|
|
|
return ['error' => 'неверный пароль'];
|
|
|
|
|
|
|
|
|
|
|
|
return ['data' => $client];
|
|
|
|
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
2020-05-08 21:53:23 +03:00
|
|
|
|
function clientbuys_kuri($client_id, $page = 1){
|
|
|
|
|
|
|
|
|
|
|
|
$sql_sub = "SELECT number_id FROM anbuy WHERE client_id = '$client_id' AND `number_id` = 486 LIMIT 1";
|
|
|
|
|
|
$findsub = db_get($sql_sub);
|
|
|
|
|
|
|
|
|
|
|
|
|
2020-05-12 21:15:26 +03:00
|
|
|
|
if (isset($findsub['number_id'])) {// есть поп
|
|
|
|
|
|
return clients_arch($page);
|
|
|
|
|
|
}
|
2020-05-08 21:53:23 +03:00
|
|
|
|
|
|
|
|
|
|
$limit = 25;
|
|
|
|
|
|
$countsql = "SELECT DISTINCT COUNT(buy_id) as count FROM `anbuy` WHERE `client_id` = $client_id AND `buy_status` = '1' LIMIT 1";
|
|
|
|
|
|
|
|
|
|
|
|
$buycount = db_get($countsql);
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
$buysql = "
|
|
|
|
|
|
SELECT DISTINCT
|
|
|
|
|
|
price_id, pricehash, pricename, priceimg
|
|
|
|
|
|
FROM anbuy
|
|
|
|
|
|
LEFT JOIN price ON anbuy.number_id = price.price_id
|
|
|
|
|
|
WHERE client_id = '$client_id' AND `buy_status` = '1'
|
|
|
|
|
|
ORDER BY `buy_id` DESC
|
|
|
|
|
|
LIMIT $limit";
|
|
|
|
|
|
|
|
|
|
|
|
if ($page > 1){
|
|
|
|
|
|
$offset = $limit * ($page -1);
|
|
|
|
|
|
$pricesql .= " OFFSET $offset";
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
$books = db_get($buysql);
|
|
|
|
|
|
|
|
|
|
|
|
$result['books'] = clientbooks($books, $client_id);
|
|
|
|
|
|
$result['count'] = $buycount['count'];
|
|
|
|
|
|
|
|
|
|
|
|
return $result;
|
|
|
|
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
2020-05-12 21:15:26 +03:00
|
|
|
|
function client_find_email($mail){
|
|
|
|
|
|
|
|
|
|
|
|
if (!filter_var($mail, FILTER_VALIDATE_EMAIL))
|
|
|
|
|
|
return ['error' => 'некорректный email'];
|
2020-05-10 12:14:54 +03:00
|
|
|
|
|
|
|
|
|
|
$pwd_query = "SELECT * FROM `clients` WHERE `clientmail` = '$mail' LIMIT 1";
|
|
|
|
|
|
$client = db_get($pwd_query);
|
|
|
|
|
|
|
|
|
|
|
|
if (isset($client['client_id']))
|
|
|
|
|
|
return $client;
|
|
|
|
|
|
else
|
2020-05-12 21:15:26 +03:00
|
|
|
|
return ['error' => 'client not found'];
|
2020-05-10 12:14:54 +03:00
|
|
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2020-05-12 21:15:26 +03:00
|
|
|
|
function client_find_hash($hash){
|
2020-05-10 12:14:54 +03:00
|
|
|
|
|
|
|
|
|
|
|
2020-05-12 21:15:26 +03:00
|
|
|
|
$pwd_query = "SELECT * FROM `clients` WHERE `clienthash` = '$hash' LIMIT 1";
|
|
|
|
|
|
$client = db_get($pwd_query);
|
|
|
|
|
|
|
|
|
|
|
|
if (isset($client['client_id']))
|
|
|
|
|
|
return $client;
|
|
|
|
|
|
else
|
|
|
|
|
|
return ['error' => 'client not found'];
|
|
|
|
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
function client_find_id($id) {
|
|
|
|
|
|
|
|
|
|
|
|
$id_query = "SELECT * FROM `clients` WHERE `client_id` = '$id' LIMIT 1";
|
|
|
|
|
|
$client = db_get($id_query);
|
|
|
|
|
|
|
|
|
|
|
|
if (!isset($client['client_id'])){
|
|
|
|
|
|
return ['error' => 'client not found'];
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
return ['result' => $client];
|
|
|
|
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
function client_check_auth($login, $pwd){
|
|
|
|
|
|
|
|
|
|
|
|
$check_query = "SELECT * FROM `clients` WHERE `client_id` = '$login' LIMIT 1";
|
|
|
|
|
|
|
|
|
|
|
|
$client = dbl_get($check_query);
|
|
|
|
|
|
|
|
|
|
|
|
if (!isset($client['client_id'])){
|
|
|
|
|
|
return ['error' => 'client not found'];
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2020-05-12 22:56:44 +03:00
|
|
|
|
$hash_pwd = client_secret($client['client_id'], $client['clientpassword']);
|
|
|
|
|
|
|
2020-05-12 21:15:26 +03:00
|
|
|
|
|
|
|
|
|
|
if ($pwd == $hash_pwd){
|
|
|
|
|
|
return ['data' => $client];
|
|
|
|
|
|
}
|
|
|
|
|
|
else {
|
|
|
|
|
|
return ['error' => 'invalid hash'];
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
2020-05-12 22:56:44 +03:00
|
|
|
|
function client_secret($id, $password){
|
|
|
|
|
|
return md5($id.$password);
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
2020-05-12 21:15:26 +03:00
|
|
|
|
function client_add_password($client_id, $password, $confirm, $minlen = 5){
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
if ($password == ''){
|
2020-05-10 12:14:54 +03:00
|
|
|
|
return 'пароль не задан';
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2020-05-12 21:15:26 +03:00
|
|
|
|
if (strlen($password) < $minlen) {
|
2020-05-10 12:14:54 +03:00
|
|
|
|
return "пароль должен быть не менее $maxlen символов";
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2020-05-12 21:15:26 +03:00
|
|
|
|
if ($password !== $confirm){
|
2020-05-10 12:14:54 +03:00
|
|
|
|
return "пароли не совпадают";
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2020-05-12 21:15:26 +03:00
|
|
|
|
$clientpassword = password_hash($password, PASSWORD_DEFAULT);
|
|
|
|
|
|
$sqlupdate = "UPDATE `clients` SET `clientpassword` = '$clientpassword' WHERE `client_id` = '$client_id'";
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
$result = db_get($sqlupdate, 'chitatel');
|
|
|
|
|
|
|
2020-05-10 12:14:54 +03:00
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
return True;
|
|
|
|
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
2020-05-08 21:53:23 +03:00
|
|
|
|
function clientmail($mail, $hash){
|
|
|
|
|
|
|
|
|
|
|
|
$client = db_get("SELECT * FROM `clients` WHERE `clientmail` = $mail LIMIT 1");
|
|
|
|
|
|
|
|
|
|
|
|
if (!isset($client['client_id'])){
|
|
|
|
|
|
echo 'Не верный запрос';
|
|
|
|
|
|
return;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
if ($client['clienthash'] !== $hash){
|
|
|
|
|
|
echo 'Не верный запрос';
|
|
|
|
|
|
return;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
//весь активный архив
|
|
|
|
|
|
function clients_arch($page = 1){
|
|
|
|
|
|
|
|
|
|
|
|
$limit = 25;
|
|
|
|
|
|
|
|
|
|
|
|
$countsql = "SELECT COUNT(price_id) AS count
|
|
|
|
|
|
FROM price
|
|
|
|
|
|
WHERE category_id = 1
|
|
|
|
|
|
LIMIT 1";
|
|
|
|
|
|
|
|
|
|
|
|
$count = db_get($countsql);
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
$pricesql = "SELECT price_id, pricehash, pricename, priceimg FROM price WHERE category_id = 1 ORDER BY price_id DESC LIMIT $limit";
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
if ($page > 1){
|
|
|
|
|
|
$offset = $limit * ($page -1);
|
|
|
|
|
|
$pricesql .= " OFFSET $offset";
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
$books = db_get($pricesql);
|
|
|
|
|
|
|
2020-05-13 00:01:25 +03:00
|
|
|
|
$result['books'] = clientbooks($books);
|
2020-05-08 21:53:23 +03:00
|
|
|
|
$result['subscript'] = true;
|
|
|
|
|
|
$result['count'] = $count['count'];
|
|
|
|
|
|
|
|
|
|
|
|
return $result;
|
|
|
|
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
2020-05-13 00:01:25 +03:00
|
|
|
|
function clientbooks($books){
|
2020-05-08 21:53:23 +03:00
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
if (!is_array($books))
|
|
|
|
|
|
return null;
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
foreach($books as $book){
|
|
|
|
|
|
$book['pic'] = IMGSRV."price/180x280/{$book['price_id']}.{$book['priceimg']}";
|
2020-05-13 00:01:25 +03:00
|
|
|
|
$book['link'] = 'read/'.$book['pricehash'];
|
2020-05-08 21:53:23 +03:00
|
|
|
|
$result[] = $book;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
return $result;
|
|
|
|
|
|
|
|
|
|
|
|
}
|
