delf/anpdf
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
584635a12147181c4146759d53b0a122624875c7
anpdf/app/api/apiclient.php
arlemp@selectel.ru df1bbc481e correct gramm
2022-02-03 17:58:35 +03:00

439 lines
9.3 KiB
PHP
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

<?php
function api_client_kuri($hash){
$sql = "SELECT client_id, clientgroup_id, clientmail FROM `clients` WHERE `clienthash` = '$hash' LIMIT 1 ";
$client = db_get($sql);
if (isset($client['client_id']))
return $client;
return false;
}
function api_login($login, $password){
$sqlogin = "SELECT `client_id`, `clientpassword` FROM `clients` WHERE `clientmail` = '$login' LIMIT 1";
$client = dbl_get($sqlogin);
if (!isset($client['clientpassword']))
return ['error'=>'пользователь не найден'];
if ($client['clientpassword'] == '')
return ['error'=>'необходимо получить ссылку для доступа'];
if (!password_verify($password, $client['clientpassword']))
return ['error' => 'неверный пароль'];
return ['data' => $client];
}
function api_restore_mail($mail){
$date = date("Y-m-d H:i:s");
$hash = md5($mail.$date);
$add = [];
$add['mail'] = $mail;
$add['restore'] = false;
$add['date'] = $date;
$add['hash'] = $hash;
$res = db_insert('restorations', $add);
if ($res > 0)
return $hash;
}
function api_restore_hash($hash){
$re_sql = "
SELECT
`id`, `restore`, `mail`
FROM
`restorations`
WHERE
`hash` = '$hash'
LIMIT
'1'
";
$res = db_get($re_sql);
if (isset($res['restore']) AND $res['restore'] == 0){
db_get("
UPDATE
`restorations`
SET
`restore` = '1'
WHERE
`id` = '${res['id']}'
");
db_get("
UPDATE
`clients`
SET
`clientpassword` = ''
WHERE
`clientmail` = '${res['mail']}'
");
$client_hash = db_get("
SELECT
`clienthash`
FROM
`clients`
WHERE
`client_mail` = '${res['mail']}'
LIMIT
1");
if (isset($client_hash['clienthash']))
return $client_hash;
else
return false;
}
else
return false;
}
# подписчик или нет
function client_status_sub($client_id, $client_group = 3){
if ($client_group == 1 or $client_group == 2){
return True;
}
$findsql = "SELECT number_id FROM `anbuy` WHERE `client_id` = '$client_id' AND `number_id` = '486' AND `buy_status` = '1' LIMIT 1";
// echo $findsql;
$findsub = db_get($findsql);
//print_r($findsub);
if (isset($findsub['number_id'])){
return True;
}
}
# куплена книжка или нет
function client_status_book($book_id, $client_id){
$book_sql = "SELECT buy_id FROM anbuy WHERE number_id = $book_id AND client_id = $client_id AND buy_status = 1";
$book = db_get($book_sql);
if (isset($book['buy_id'])){
return True;
}
return False;
}
function clientbuys_kuri($client_mail, $page = 1, $category_id = 1, $group_id = null, $filter = null){
if ($group_id == 1 or $group_id == 2){
return clients_arch($page, $category_id, $filter);
}
$sql_sub = "SELECT number_id FROM `anbuy` WHERE buy_email = '$client_mail' AND `number_id` = 486 AND `buy_status` = '1' LIMIT 1"; //есть ли активная подписка
$findsub = db_get($sql_sub);
if (isset($findsub['number_id'])) {// есть поп
return clients_arch($page, $category_id, $filter);
}
if ($filter !== 'all'){
$between = "AND BeginDate BETWEEN '$filter-01-11' AND '$filter-12-31'";
}
else
$between = '';
$limit = 28;
$countsql = "
SELECT
DISTINCT COUNT(buy_id) as count
FROM
`anbuy`
WHERE
`buy_email` = '$client_mail'
AND `buy_status` = '1'
$between
LIMIT 1
";
$buycount = db_get($countsql);
$buysql = "
SELECT DISTINCT
price_id, pricehash, pricename, priceimg
FROM
anbuy
LEFT JOIN
price ON anbuy.number_id = price.price_id
WHERE
buy_email = '$client_mail' AND `buy_status` = '1'
AND category_id = $category_id
$between
ORDER BY
`buy_id` DESC
LIMIT
$limit
";
if ($page > 1){
$offset = $limit * ($page -1);
$pricesql .= " OFFSET $offset";
}
$books = db_get($buysql);
$result['books'] = clientbooks($books, $client_id);
$result['count'] = $buycount['count'];
return $result;
}
function client_find_email_kuri($mail){
if (!filter_var($mail, FILTER_VALIDATE_EMAIL))
return ['error' => 'некорректный email'];
$pwd_query = "SELECT `clienthash` FROM `clients` WHERE `clientmail` = '$mail' LIMIT 1";
$client = db_get($pwd_query);
if (isset($client['clienthash']))
return $client;
else
return ['error' => 'client not found'];
}
# узнаем id клиента по мылу или создаем его
function api_add_client($mail){
$find_client = dbl_get("SELECT `client_id`, `clientmail`, `clienthash` FROM `clients` WHERE `clientmail` = '$mail' LIMIT 1");
if (isset($find_client['client_id'])){
$result = $find_client; // возвращаем клиента
}
else {
$add['clientmail'] = $mail;
$add['clienthash'] = md5($mail);
$add['clientdate'] = date("Y-m-d H:i:s");
$res = db_insert('clients', $add, 'chitatel'); // создаем клиента
if ($res > 0){
$add['client_id'] = $res;
$result = $add;
}
else{
$result = false; # клиент не добавлен
}
}
return $result;
}
function client_find_hash($hash){
$pwd_query = "SELECT * FROM `clients` WHERE `clienthash` = '$hash' LIMIT 1";
$client = db_get($pwd_query);
if (isset($client['client_id']))
return $client;
else
return ['error' => 'client not found'];
}
function client_find_id($id) {
$id_query = "SELECT * FROM `clients` WHERE `client_id` = '$id' LIMIT 1";
$client = db_get($id_query);
if (!isset($client['client_id'])){
return ['error' => 'client not found'];
}
return ['result' => $client];
}
function client_check_auth($login, $pwd){
$check_query = "SELECT * FROM `clients` WHERE `client_id` = '$login' LIMIT 1";
$client = dbl_get($check_query);
if (!isset($client['client_id'])){
return ['error' => 'client not found'];
}
$hash_pwd = client_secret($client['client_id'], $client['clientpassword']);
if ($pwd == $hash_pwd){
return ['data' => $client];
}
else {
return ['error' => 'invalid hash'];
}
}
function client_secret($id, $password){
$secret = md5($id.$password);
//echo "$id + $password = $secret<br>";
return $secret;
}
function client_add_password($client_id, $password, $confirm, $minlen = 5){
if ($password == ''){
return 'пароль не задан';
}
if (strlen($password) < $minlen) {
return "пароль должен быть не менее $maxlen символов";
}
if ($password !== $confirm){
return "пароли не совпадают";
}
$clientpassword = password_hash($password, PASSWORD_DEFAULT);
$sqlupdate = "UPDATE `clients` SET `clientpassword` = '$clientpassword' WHERE `client_id` = '$client_id'";
$result = db_get($sqlupdate, 'chitatel');
return ['newpassword' => $clientpassword];
}
function clientmail($mail, $hash){
$client = db_get("SELECT * FROM `clients` WHERE `clientmail` = $mail LIMIT 1");
if (!isset($client['client_id'])){
echo 'Не верный запрос';
return;
}
if ($client['clienthash'] !== $hash){
echo 'Не верный запрос';
return;
}
}
//весь активный архив
function clients_arch($page = 16, $category_id = 1, $filter = 'all'){
$limit = 28;
if ($filter !== 'all'){
$between = "AND BeginDate BETWEEN '$filter-01-11' AND '$filter-12-31'";
}
else
$between = '';
$countsql = "
SELECT
COUNT(price_id) AS count
FROM
price
WHERE
category_id = $category_id
$between
AND
`active` = 1
LIMIT 1
";
$count = db_get($countsql);
$pricesql = "
SELECT
price_id, pricehash, pricename, priceimg
FROM
price
WHERE
category_id = $category_id
$between
AND
`active` = 1
ORDER BY
price_id DESC
LIMIT $limit
";
if ($page > 1){
$offset = $limit * ($page -1);
$pricesql .= " OFFSET $offset";
}
$books = db_get($pricesql);
$result['books'] = clientbooks($books);
$result['subscript'] = true;
$result['count'] = $count['count'];
return $result;
}
function clientbooks($books){
if (!is_array($books))
return null;
foreach($books as $book){
$book['pic'] = IMGSRV."price/180x280/{$book['price_id']}.{$book['priceimg']}";
$book['link'] = SITE.'read/'.$book['pricehash'];
$result[] = $book;
}
return $result;
}
Reference in New Issue View Git Blame Copy Permalink