170 lines
3.9 KiB
PHP
170 lines
3.9 KiB
PHP
<?php
|
|
|
|
ini_set( 'serialize_precision', -1 );
|
|
|
|
$_POST = json_decode(file_get_contents('php://input'), true);
|
|
|
|
if (isset($_POST)) {
|
|
$params=$_POST['params'];
|
|
$flag=$params['flag'];
|
|
if (method_exists($api, $flag)) {
|
|
call_user_func(array($api, $flag), $params);
|
|
} else {
|
|
header('Content-Type:text/html; charset=UTF-8', true, 301);
|
|
exit;
|
|
}
|
|
}
|
|
|
|
function exception_error_handler($severity, $message, $file, $line)
|
|
{
|
|
if (!(error_reporting() & $severity)) {
|
|
return;
|
|
}
|
|
throw new ErrorException($message, 0, $severity, $file, $line);
|
|
}
|
|
set_error_handler("exception_error_handler");
|
|
$sql = array();
|
|
function insert($query)
|
|
{
|
|
global $sql;
|
|
array_push($sql, array(
|
|
'insert' => $query,
|
|
));
|
|
};
|
|
function select($query)
|
|
{
|
|
global $sql;
|
|
array_push($sql, array(
|
|
'select' => $query,
|
|
));
|
|
};
|
|
function update($query)
|
|
{
|
|
global $sql;
|
|
array_push($sql, array(
|
|
'update' => $query,
|
|
));
|
|
};
|
|
function delete($query)
|
|
{
|
|
global $sql;
|
|
array_push($sql, array(
|
|
'delete' => $query,
|
|
));
|
|
};
|
|
|
|
function querySelect($sql_query)
|
|
{
|
|
global $conn;
|
|
global $response;
|
|
global $multiSelect;
|
|
$result = sqlsrv_query($conn, $sql_query);
|
|
$items=array();
|
|
while ($row = sqlsrv_fetch_object($result)) {
|
|
foreach ($row as &$value) {
|
|
//if (gettype($value)=="string") { //Бодавский, не удалять!!!
|
|
if (is_string($value)) { //added samofalov
|
|
$value = iconv('windows-1251', 'UTF-8', $value);
|
|
}
|
|
if (is_numeric($value)) { //added samofalov
|
|
$value =round($value, 3);
|
|
}
|
|
}
|
|
unset($value);
|
|
$items[] = $row;
|
|
}
|
|
if ($multiSelect==true) {
|
|
array_push($response, $items);
|
|
} else {
|
|
echo json_encode($items);
|
|
// $test=json_encode($items);
|
|
}
|
|
|
|
if ($result === false) {
|
|
if (($errors = sqlsrv_errors()) != null) {
|
|
header('Content-Type:text/html; charset=UTF-8', true, 301);
|
|
}
|
|
}
|
|
};
|
|
|
|
function queryOther($sql_query)
|
|
{
|
|
global $conn;
|
|
$result = sqlsrv_query($conn, $sql_query);
|
|
$rows_affected = sqlsrv_rows_affected($result);
|
|
if ($rows_affected === false) {
|
|
if ($rows_affected >= 1) {
|
|
header('Content-Type:text/html; charset=UTF-8', true, 200);
|
|
} else {
|
|
header('Content-Type:text/html; charset=UTF-8', true, 301);
|
|
}
|
|
}
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
include("libs/hs256.php");
|
|
include("libs/JWT.php");
|
|
use \Firebase\JWT\JWT;
|
|
|
|
try {
|
|
$JWTdecoded = JWT::decode($jwtToken, $secret, array('HS256'));
|
|
} catch (\Throwable $th) {
|
|
|
|
}
|
|
|
|
|
|
include("connection.php");
|
|
|
|
include("api.php");
|
|
|
|
|
|
$multiSelect=false;
|
|
if (isset($params['multiSelect'])) {
|
|
$multiSelect=$params['multiSelect'];
|
|
if ($multiSelect==true) {
|
|
$response=array();
|
|
}
|
|
}
|
|
|
|
|
|
try {
|
|
$query="SELECT id FROM [dbo].[users] where id=$JWTdecoded->id AND is_logged=1";
|
|
$params = array();
|
|
$options = array( "Scrollable" => SQLSRV_CURSOR_KEYSET );
|
|
$stmt = sqlsrv_query($conn, $query, $params, $options);
|
|
$row_count = sqlsrv_num_rows($stmt);
|
|
|
|
if ($row_count === false || $row_count ===0) {
|
|
header('HTTP/1.0 401 Unauthorized');
|
|
exit;
|
|
} else {
|
|
$verify = verifyJWT('sha256', $jwtToken, $secret);
|
|
if ($verify) {
|
|
foreach ($sql as $key => $value) {
|
|
$sql_key=array_keys(array_filter($value))[0];
|
|
$sql_query=array_values(array_filter($value))[0];
|
|
if ($sql_key==='select') {
|
|
querySelect($sql_query);
|
|
} else {
|
|
if ($JWTdecoded->role===1) {
|
|
queryOther($sql_query);
|
|
}
|
|
}
|
|
}
|
|
} else {
|
|
header('HTTP/1.0 401 Unauthorized');
|
|
}
|
|
}
|
|
} catch (Throwable $t) {
|
|
header($t);
|
|
}
|
|
|
|
if ($multiSelect==true) {
|
|
echo json_encode($response);
|
|
}
|