<?php
/* Priatek Vending PHP Server-Side
* Checks POST requests. It checks a 'tag' in a post response, and looks
* for other tag-specific data. Tag if one of the following, along with the
* other required data:
*
* Tag Other Tag 1 Other Tag 2
* ==========================================
* login | ID OR user_name | password
* logout | ID OR user_name |
* getTickets | user_name |
* addTickets | user_name | tickets
* subTickets | user_name | tickets
*
* Other Tag Descriptions
* ==========================================
* user_name : ther user's name on the databae in the user_name column
* ID : the user's ID in the ID column
* password : the contents of the pass_hash column
* ticket : an integer of the number of tickets to add or remove
*
* Brief Explinations
* ==========================================
* login - User to lookup and mark a user a logged in
* logout - Logout a user setting a boolean "loggedin" in the databse.
* getTickets - Return a user's tickets
* addTickets - Add to a user's tickets
* subTickets - Subtract from a user's tickets
* viewLogs - Return the first ten entires in the adminlogs and redemptionstable
*/
//Echos an error message, given a tag, back to the user
function sendError($tag, $message) {
$response = array("tag" => $tag, "error" => TRUE);
$response['error_msg'] = $message;
echo json_encode($response);
}
if (isset($_POST['tag']) && $_POST['tag'] != '') {
require_once 'include/DB_Functions.php';
$db = new DB_Functions(); //object of the class containing all the functions
//response Array. Will be json_encode'd sent back
$tag = $_POST['tag'];
$response = array("tag" => $tag, "error" => FALSE);
/********response when tag == login*************/
if ($tag == 'login') {
// Request type is check Login
$id = $_POST['ID'];
$username = $_POST['user_name'];
$password = $_POST['password'];
$machinesID = $_POST["machinesID"];
$itemsID = $_POST["itemsID"];
// Lookup by either username, or ID
$user = $db->loginUserByPassword($id, $username, $password, $machinesID);
if ($user != false) {
//Record was found
$response["user"]["tickets"] = $user["tickets"];
$response["error"] = FALSE;
$response["user"]["name"] = $user["name"];
$response["user"]["id"] = $user["ID"];
$response["user"]["created_at"] = $user["created_at"];
$response["user"]["updated_at"] = $user["updated_at"];
echo json_encode($response);
} else {
//record was not found
sendError($tag, "Incorrect id or password!");
}
}
/********response when tag == ViewLogs*************/
else if ($tag == 'viewLogs') {
$id = $_POST["id"];
$logs = $db->getMachineLogs($id);
if($logs != FALSE) {
$response["logs"] = $logs;
echo json_encode($response);
} else {
sendError($tag, "Error retrieving logs");
}
}
/********response when tag == addTickets*************/
else if ($tag == 'addTickets') {
//TODO: add a restrain, if the user doesnt exist tickets cannot be adde
$user_name = $_POST["user_name"];
$tickets = $_POST["tickets"];
$currentBalance = $db->getTickets($user_name);
$newBalance = $currentBalance["tickets"] + $tickets;
if($db->addTickets($user_name, $tickets)){
$response["newBalance"]= $newBalance;
echo json_encode($response);
} else {
sendError($tag, "processing error");
}
}
/********response when tag == subTickets*************/
else if ($tag == 'subTickets'){
//TODO: add a restrain, if the user doesnt exist tickets cannot be subtracted
$user_name = $_POST["user_name"];
$tickets = $_POST["tickets"];
$machinesID = $_POST["machinesID"];
$itemsID = $_POST["itemsID"];
$currentBalance = $db->getTickets($user_name, $machinesID, $itemsID);
$newBalance = $currentBalance["tickets"] - $tickets;
if($newBalance > 0) {
if($db->subTickets($user_name, $tickets)) {
$response["newBalance"]= $newBalance;
echo json_encode($response);
} else {
sendError($tag, "processing error");
}
} else {
sendError($tag, "Subtracting tickets will result in a negative value!");
}
}
/******** response when tag == getTickets *************/
else if ($tag == 'getTickets') {
$user_name = $_POST["user_name"];
$balance = $db->getTickets($user_name);
if($balance != FALSE) {
$response["tickets"] = $balance["tickets"];
echo json_encode($response);
} else {
sendError($tag, "error processing the tickets");
}
}
/********response when tag == unknown*************/
else {
sendError($tag, "Unknown tag given");
}
/********response when tag == empty*************/
} else {
sendError($tag, "Empty tag value given");
}
?>
Warning: Undefined variable $tag in /in/3aF6L on line 141
{"tag":null,"error":true,"error_msg":"Empty tag value given"}
Output for 8.3.5
Warning: PHP Startup: Unable to load dynamic library 'sodium.so' (tried: /usr/lib/php/8.3.5/modules/sodium.so (libsodium.so.23: cannot open shared object file: No such file or directory), /usr/lib/php/8.3.5/modules/sodium.so.so (/usr/lib/php/8.3.5/modules/sodium.so.so: cannot open shared object file: No such file or directory)) in Unknown on line 0
Warning: Undefined variable $tag in /in/3aF6L on line 141
{"tag":null,"error":true,"error_msg":"Empty tag value given"}