2020-05-08 21:53:23 +03:00
< ? php
function api_client_kuri ( $hash ){
2020-05-29 21:29:27 +03:00
$sql = " SELECT client_id, clientgroup_id, clientmail FROM `clients` WHERE `clienthash` = ' $hash ' LIMIT 1 " ;
2020-05-08 21:53:23 +03:00
$client = db_get ( $sql );
if ( isset ( $client [ 'client_id' ]))
return $client ;
return false ;
}
2020-05-12 21:15:26 +03:00
function api_login ( $login , $password ){
$sqlogin = " SELECT `client_id`, `clientpassword` FROM `clients` WHERE `clientmail` = ' $login ' LIMIT 1 " ;
$client = dbl_get ( $sqlogin );
if ( ! isset ( $client [ 'clientpassword' ]))
return [ 'error' => 'пользователь не найден' ];
if ( $client [ 'clientpassword' ] == '' )
return [ 'error' => 'необходимо получить ссылку для доступа' ];
if ( ! password_verify ( $password , $client [ 'clientpassword' ]))
return [ 'error' => 'неверный пароль' ];
return [ 'data' => $client ];
}
2020-07-02 17:27:30 +03:00
function api_restore_mail ( $mail ){
$date = date ( " Y-m-d H:i:s " );
$hash = md5 ( $mail . $date );
$add = [];
$add [ 'mail' ] = $mail ;
$add [ 'restore' ] = false ;
$add [ 'date' ] = $date ;
$add [ 'hash' ] = $hash ;
$res = db_insert ( 'restorations' , $add );
if ( $res > 0 )
return $hash ;
}
function api_restore_hash ( $hash ){
$re_sql = "
SELECT
`id` , `restore` , `mail`
FROM
`restorations`
WHERE
`hash` = '$hash'
LIMIT
'1'
" ;
$res = db_get ( $re_sql );
if ( isset ( $res [ 'restore' ]) AND $res [ 'restore' ] == 0 ){
db_get ( "
UPDATE
`restorations`
SET
`restore` = '1'
WHERE
`id` = '${res[' id ']}'
" );
db_get ( "
UPDATE
`clients`
SET
`clientpassword` = ''
WHERE
`clientmail` = '${res[' mail ']}'
" );
$client_hash = db_get ( "
SELECT
`clienthash`
FROM
`clients`
WHERE
`client_mail` = '${res[' mail ']}'
LIMIT
1 " );
if ( isset ( $client_hash [ 'clienthash' ]))
return $client_hash ;
else
return false ;
}
else
return false ;
}
2021-05-24 01:13:43 +03:00
# подписчик или нет
function client_status_sub ( $client_id , $client_group = 3 ){
2020-07-02 17:27:30 +03:00
2021-05-24 01:13:43 +03:00
if ( $client_group == 1 or $client_group == 2 ){
return True ;
}
$findsub = db_get ( " SELECT number_id FROM `anbuy` WHERE `client_id` = ' $client_id ' AND `number_id` = '486' AND `buy_status` = '1' LIMIT 1 " );
if ( isset ( $findsub [ 'number_id' ])){
return True ;
}
}
# куплена книжка или нет
function client_status_book ( $book_id , $client_id ){
$book_sql = " SELECT buy_id FROM anbuy WHERE number_id = $book_id AND client_id = $client_id AND buy_status = 1 " ;
$book = db_get ( $book_sql );
if ( isset ( $book [ 'buy_id' ])){
return True ;
}
return False ;
}
2020-07-02 17:27:30 +03:00
2020-05-29 21:29:27 +03:00
function clientbuys_kuri ( $client_mail , $page = 1 , $category_id = 1 , $group_id = null , $filter = null ){
2020-05-16 12:40:01 +03:00
if ( $group_id == 1 or $group_id == 2 ){
2020-05-16 14:53:38 +03:00
return clients_arch ( $page , $category_id , $filter );
2020-05-16 12:40:01 +03:00
}
2020-05-08 21:53:23 +03:00
2020-05-29 21:29:27 +03:00
$sql_sub = " SELECT number_id FROM `anbuy` WHERE buy_email = ' $client_mail ' AND `number_id` = 486 AND `buy_status` = '1' LIMIT 1 " ; //есть ли активная подписка
2020-05-08 21:53:23 +03:00
$findsub = db_get ( $sql_sub );
2020-05-12 21:15:26 +03:00
if ( isset ( $findsub [ 'number_id' ])) { // есть поп
2020-05-16 14:53:38 +03:00
return clients_arch ( $page , $category_id , $filter );
2020-05-12 21:15:26 +03:00
}
2020-05-08 21:53:23 +03:00
2020-05-16 14:53:38 +03:00
if ( $filter !== 'all' ){
$between = " AND BeginDate BETWEEN ' $filter -01-11' AND ' $filter -12-31' " ;
}
else
$between = '' ;
2020-05-18 18:03:51 +03:00
$limit = 28 ;
2020-05-16 14:53:38 +03:00
$countsql = "
SELECT
DISTINCT COUNT ( buy_id ) as count
FROM
`anbuy`
WHERE
2020-05-29 21:41:37 +03:00
`buy_email` = '$client_mail'
2020-05-16 14:53:38 +03:00
AND `buy_status` = '1'
$between
LIMIT 1
" ;
2020-05-08 21:53:23 +03:00
$buycount = db_get ( $countsql );
2020-05-13 00:23:18 +03:00
2020-05-08 21:53:23 +03:00
$buysql = "
SELECT DISTINCT
price_id , pricehash , pricename , priceimg
2020-05-16 14:53:38 +03:00
FROM
anbuy
LEFT JOIN
price ON anbuy . number_id = price . price_id
WHERE
2020-05-29 21:43:12 +03:00
buy_email = '$client_mail' AND `buy_status` = '1'
2020-05-16 14:53:38 +03:00
AND category_id = $category_id
$between
ORDER BY
`buy_id` DESC
LIMIT
$limit
" ;
2020-05-08 21:53:23 +03:00
if ( $page > 1 ){
$offset = $limit * ( $page - 1 );
$pricesql .= " OFFSET $offset " ;
}
$books = db_get ( $buysql );
$result [ 'books' ] = clientbooks ( $books , $client_id );
$result [ 'count' ] = $buycount [ 'count' ];
return $result ;
}
2020-05-13 06:59:52 +03:00
function client_find_email_kuri ( $mail ){
2020-05-12 21:15:26 +03:00
if ( ! filter_var ( $mail , FILTER_VALIDATE_EMAIL ))
return [ 'error' => 'некорректный email' ];
2020-05-10 12:14:54 +03:00
2020-05-13 06:59:52 +03:00
$pwd_query = " SELECT `clienthash` FROM `clients` WHERE `clientmail` = ' $mail ' LIMIT 1 " ;
2020-05-10 12:14:54 +03:00
$client = db_get ( $pwd_query );
2020-05-13 07:04:40 +03:00
if ( isset ( $client [ 'clienthash' ]))
2020-05-10 12:14:54 +03:00
return $client ;
else
2020-05-12 21:15:26 +03:00
return [ 'error' => 'client not found' ];
2020-05-10 12:14:54 +03:00
}
2021-06-19 23:26:37 +03:00
# узнаем id клиента по мылу или создаем е г о
function api_add_client ( $mail ){
2021-06-20 18:20:21 +03:00
$find_client = dbl_get ( " SELECT `client_id`, `clientmail`, `clienthash` FROM `clients` WHERE `clientmail` = ' $mail ' LIMIT 1 " );
2021-06-19 23:26:37 +03:00
2021-06-20 18:20:21 +03:00
if ( isset ( $find_client [ 'client_id' ])){
$result = $find_client ; // возвращаем клиента
2021-06-19 23:26:37 +03:00
}
else {
$add [ 'clientmail' ] = $mail ;
$add [ 'clienthash' ] = md5 ( $mail );
$add [ 'clientdate' ] = date ( " Y-m-d H:i:s " );
2021-06-20 18:20:21 +03:00
$res = db_insert ( 'clients' , $add , 'chitatel' ); // создаем клиента
2021-06-19 23:26:37 +03:00
if ( $res > 0 ){
2021-06-20 18:20:21 +03:00
$add [ 'client_id' ] = $res ;
$result = $add ;
2021-06-19 23:26:37 +03:00
}
else {
2021-06-20 18:20:21 +03:00
$result = false ; # клиент не добавлен
2021-06-19 23:26:37 +03:00
}
}
return $result ;
}
2020-05-12 21:15:26 +03:00
function client_find_hash ( $hash ){
2020-05-10 12:14:54 +03:00
2020-05-12 21:15:26 +03:00
$pwd_query = " SELECT * FROM `clients` WHERE `clienthash` = ' $hash ' LIMIT 1 " ;
$client = db_get ( $pwd_query );
if ( isset ( $client [ 'client_id' ]))
return $client ;
else
return [ 'error' => 'client not found' ];
}
function client_find_id ( $id ) {
$id_query = " SELECT * FROM `clients` WHERE `client_id` = ' $id ' LIMIT 1 " ;
$client = db_get ( $id_query );
if ( ! isset ( $client [ 'client_id' ])){
return [ 'error' => 'client not found' ];
}
return [ 'result' => $client ];
}
function client_check_auth ( $login , $pwd ){
$check_query = " SELECT * FROM `clients` WHERE `client_id` = ' $login ' LIMIT 1 " ;
$client = dbl_get ( $check_query );
if ( ! isset ( $client [ 'client_id' ])){
return [ 'error' => 'client not found' ];
}
2020-05-12 22:56:44 +03:00
$hash_pwd = client_secret ( $client [ 'client_id' ], $client [ 'clientpassword' ]);
2020-05-12 21:15:26 +03:00
if ( $pwd == $hash_pwd ){
return [ 'data' => $client ];
}
else {
return [ 'error' => 'invalid hash' ];
}
}
2020-05-12 22:56:44 +03:00
function client_secret ( $id , $password ){
2020-05-13 01:02:18 +03:00
$secret = md5 ( $id . $password );
//echo "$id + $password = $secret<br>";
return $secret ;
2020-05-12 22:56:44 +03:00
}
2020-05-12 21:15:26 +03:00
function client_add_password ( $client_id , $password , $confirm , $minlen = 5 ){
if ( $password == '' ){
2020-05-10 12:14:54 +03:00
return 'пароль не задан' ;
}
2020-05-12 21:15:26 +03:00
if ( strlen ( $password ) < $minlen ) {
2020-05-10 12:14:54 +03:00
return " пароль должен быть не менее $maxlen символов " ;
}
2020-05-12 21:15:26 +03:00
if ( $password !== $confirm ){
2020-05-10 12:14:54 +03:00
return " пароли не совпадают " ;
}
2020-05-12 21:15:26 +03:00
$clientpassword = password_hash ( $password , PASSWORD_DEFAULT );
$sqlupdate = " UPDATE `clients` SET `clientpassword` = ' $clientpassword ' WHERE `client_id` = ' $client_id ' " ;
$result = db_get ( $sqlupdate , 'chitatel' );
2020-05-13 01:02:18 +03:00
return [ 'newpassword' => $clientpassword ];
2020-05-10 12:14:54 +03:00
}
2020-05-08 21:53:23 +03:00
function clientmail ( $mail , $hash ){
$client = db_get ( " SELECT * FROM `clients` WHERE `clientmail` = $mail LIMIT 1 " );
if ( ! isset ( $client [ 'client_id' ])){
echo 'Н е ;
return ;
}
if ( $client [ 'clienthash' ] !== $hash ){
echo 'Н е ;
return ;
}
}
//весь активный архив
2020-05-16 14:53:38 +03:00
function clients_arch ( $page = 16 , $category_id = 1 , $filter = 'all' ){
2020-05-08 21:53:23 +03:00
2020-05-18 18:03:51 +03:00
$limit = 28 ;
2020-05-08 21:53:23 +03:00
2020-05-16 14:53:38 +03:00
if ( $filter !== 'all' ){
$between = " AND BeginDate BETWEEN ' $filter -01-11' AND ' $filter -12-31' " ;
}
else
$between = '' ;
$countsql = "
SELECT
COUNT ( price_id ) AS count
FROM
price
WHERE
category_id = $category_id
$between
2020-05-16 18:36:20 +03:00
AND
`active` = 1
2020-05-16 14:53:38 +03:00
LIMIT 1
" ;
2020-05-08 21:53:23 +03:00
$count = db_get ( $countsql );
2020-05-16 14:53:38 +03:00
$pricesql = "
SELECT
price_id , pricehash , pricename , priceimg
FROM
price
WHERE
category_id = $category_id
$between
2020-05-16 18:36:20 +03:00
AND
`active` = 1
2020-05-16 14:53:38 +03:00
ORDER BY
price_id DESC
LIMIT $limit
" ;
2020-05-08 21:53:23 +03:00
if ( $page > 1 ){
$offset = $limit * ( $page - 1 );
$pricesql .= " OFFSET $offset " ;
}
$books = db_get ( $pricesql );
2020-05-13 00:01:25 +03:00
$result [ 'books' ] = clientbooks ( $books );
2020-05-08 21:53:23 +03:00
$result [ 'subscript' ] = true ;
$result [ 'count' ] = $count [ 'count' ];
return $result ;
}
2020-05-13 00:01:25 +03:00
function clientbooks ( $books ){
2020-05-08 21:53:23 +03:00
if ( ! is_array ( $books ))
return null ;
foreach ( $books as $book ){
$book [ 'pic' ] = IMGSRV . " price/180x280/ { $book [ 'price_id' ] } . { $book [ 'priceimg' ] } " ;
2020-05-13 00:06:40 +03:00
$book [ 'link' ] = SITE . 'read/' . $book [ 'pricehash' ];
2020-05-08 21:53:23 +03:00
$result [] = $book ;
}
return $result ;
}
