2021-04-09 21:21:53 +02:00
< ? php
include ( " config.php " );
2023-01-22 20:28:24 +01:00
$API_VERSION = 0.2 ;
2021-04-09 21:21:53 +02:00
function quit ()
{
$ret = new stdClass ;
$ret -> success = False ;
$ret -> version = $GLOBALS [ " API_VERSION " ];
echo ( json_encode ( $ret ));
exit ();
}
$ret = new stdClass ;
$ret -> success = True ;
$ret -> version = $API_VERSION ;
// Make sure we've got at least auth and an action in the request
if ( isset ( $_POST [ 'auth' ]) && $_POST [ 'auth' ] != " " && isset ( $_POST [ 'action' ]) && $_POST [ 'action' ] != " " )
{
$auth = $_POST [ 'auth' ];
$action = $_POST [ 'action' ];
}
else
{
quit ();
}
// Connect to DB
$con = new mysqli ( $SQL_SERVER , $SQL_USER , $SQL_PASSWORD , $SQL_DATABASE , $SQL_PORT );
if ( $con -> connect_error )
{
quit ();
}
// Check auth
$stmt = $con -> prepare ( " SELECT id FROM auth WHERE token = ? " );
$stmt -> bind_param ( " s " , $auth );
$stmt -> execute ();
$result = $stmt -> get_result ();
$res = $result -> fetch_assoc ();
$stmt -> close ();
if ( $res == Null )
{
quit ();
}
// Setup helper functions
function get_lock ( $con )
{
$sql = " SELECT GET_LOCK('tile-status-lock', 10) " ;
$ret = $con -> query ( $sql ) -> fetch_array ()[ 0 ];
if ( $ret == 0 )
{
quit ();
}
}
function rel_lock ( $con )
{
$con -> query ( " SELECT RELEASE_LOCK('tile-status-lock') " );
}
function set_status ( $con , $name , $status , $type )
{
if ( $type == " area " )
{
// Get status ID
$sql = " SELECT id FROM status WHERE name = ? " ;
$stmt = $con -> prepare ( $sql );
$stmt -> bind_param ( " s " , $status );
$stmt -> execute ();
$result = $stmt -> get_result ();
$stmt -> close ();
if ( $result == False )
{
rel_lock ( $con );
quit ();
}
$sid = $result -> fetch_array ()[ 0 ];
2023-01-22 20:28:24 +01:00
$sql = 'SELECT * FROM information_schema.tables WHERE table_name = "tile" AND table_schema = "' . $SQL_DATABASE . '"' ;
$ret = $con -> query ( $sql ) -> fetch_all ( MYSQLI_ASSOC );
if ( ! empty ( $ret ))
{
2023-01-22 22:44:39 +01:00
// Get parent ID
$sql = " SELECT id FROM secondLevel WHERE name = ? " ;
$stmt = $con -> prepare ( $sql );
$stmt -> bind_param ( " s " , $name );
$stmt -> execute ();
$result = $stmt -> get_result ();
$stmt -> close ();
if ( $result == False )
{
rel_lock ( $con );
quit ();
}
$pid = $result -> fetch_array ()[ 0 ];
2023-01-22 20:28:24 +01:00
// Update tiles in area
$sql = " UPDATE tile SET status_id = ? WHERE parent_id = ? " ;
$stmt = $con -> prepare ( $sql );
$stmt -> bind_param ( " ii " , $sid , $pid );
$stmt -> execute ();
$stmt -> close ();
}
2023-01-22 22:44:39 +01:00
else
{
$sql = " UPDATE secondLevel SET status_id = ? WHERE name = ? " ;
$stmt = $con -> prepare ( $sql );
$stmt -> bind_param ( " is " , $sid , $name );
$stmt -> execute ();
$stmt -> close ();
}
2021-04-09 21:21:53 +02:00
}
else
{
$sql = " UPDATE tile SET status_id = (SELECT id FROM status WHERE name = ?) WHERE id = ? " ;
$stmt = $con -> prepare ( $sql );
$stmt -> bind_param ( " si " , $status , $name );
$stmt -> execute ();
$stmt -> close ();
}
}
if ( $action == " set " )
{
if ( isset ( $_POST [ 'tile' ]) && $_POST [ 'tile' ] != " " )
{
get_lock ( $con );
set_status ( $con , $_POST [ 'tile' ], $_POST [ 'status' ], " tile " );
rel_lock ( $con );
}
else if ( isset ( $_POST [ 'area' ]) && $_POST [ 'area' ] != " " )
{
get_lock ( $con );
set_status ( $con , $_POST [ 'area' ], $_POST [ 'status' ], " area " );
rel_lock ( $con );
}
else
{
quit ();
}
}
2021-04-18 02:08:58 +02:00
else if ( $action == " get-job " && isset ( $_POST [ " status " ]) && $_POST [ " status " ] != " " && isset ( $_POST [ " new-status " ]) && $_POST [ " new-status " ] != " " )
2021-04-09 21:21:53 +02:00
{
2023-01-22 20:28:24 +01:00
if ( isset ( $_POST [ " level " ]) && ( $_POST [ " level " ] == " tile " || $_POST [ " level " ] == " area " ))
{
$level = $_POST [ " level " ];
2023-01-22 22:44:39 +01:00
$table = " secondLevel " ;
$field = " name " ;
2023-01-22 20:28:24 +01:00
}
else
{
$level = " tile " ;
$table = " tile " ;
2023-01-22 22:44:39 +01:00
$field = " id " ;
2023-01-22 20:28:24 +01:00
}
2023-01-22 22:44:39 +01:00
2023-01-22 20:28:24 +01:00
2021-04-09 21:21:53 +02:00
get_lock ( $con );
2023-01-22 22:44:39 +01:00
$sql = " SELECT " . $field . " , parent_id FROM " . $table . " WHERE status_id = (SELECT id FROM status WHERE name = ?) ORDER BY parent_id LIMIT 1 " ;
2021-04-17 00:49:56 +02:00
$stmt = $con -> prepare ( $sql );
2021-04-19 18:07:52 +02:00
$stmt -> bind_param ( " s " , $_POST [ " status " ]);
2021-04-09 21:21:53 +02:00
$stmt -> execute ();
$result = $stmt -> get_result ();
$stmt -> close ();
if ( $result == False )
{
quit ();
}
2021-06-19 00:06:46 +02:00
$res = $result -> fetch_array (); // TODO check
2023-01-22 22:44:39 +01:00
$ret -> job = $res [ $field ];
2021-04-09 21:21:53 +02:00
if ( $ret -> job == Null )
{
$ret -> job = " None " ;
}
else
{
2023-01-22 22:44:39 +01:00
set_status ( $con , $ret -> job , $_POST [ " new-status " ], $level );
2021-06-19 00:06:46 +02:00
if ( isset ( $_POST [ " all-in-parent " ]) && $_POST [ " all-in-parent " ] == 1 )
{
$ret -> jobs = [];
$ret -> jobs [] = $ret -> job ;
2023-01-22 22:44:39 +01:00
$sql = " SELECT id FROM " . $table . " WHERE parent_id = ? AND status_id = (SELECT id FROM status WHERE name = ?) " ;
2021-06-19 00:06:46 +02:00
$stmt = $con -> prepare ( $sql );
$stmt -> bind_param ( " ss " , $res [ " parent_id " ], $_POST [ " status " ]);
$stmt -> execute ();
$result = $stmt -> get_result ();
$stmt -> close ();
if ( $result != False )
{
while ( $row = $result -> fetch_array ())
{
2023-01-22 20:28:24 +01:00
set_status ( $con , $row [ " id " ], $_POST [ " new-status " ], $level );
2021-06-19 00:06:46 +02:00
$ret -> jobs [] = $row [ " id " ];
}
}
}
2021-04-09 21:21:53 +02:00
}
rel_lock ( $con );
}
2023-01-22 20:28:24 +01:00
else if ( $action == " get-options " )
{
if ( isset ( $_POST [ 'tile' ]) && $_POST [ 'tile' ] != " " )
{
$sql = " SELECT tile_options.priority, option FROM tile_options INNER JOIN options ON tile_options.option_id = options.id where tile_id = (SELECT id FROM tile WHERE name = ?) ORDER BY tile_options.priority " ;
$pattern = " i " ;
$req = $_POST [ 'tile' ];
}
else if ( isset ( $_POST [ 'area' ]) && $_POST [ 'area' ] != " " )
{
$sql = " SELECT secondLevel_options.priority, option FROM secondLevel_options INNER JOIN options ON secondLevel_options.option_id = options.id where tile_id = (SELECT id FROM secondLevel WHERE name = ?) ORDER BY secondLevel_options.priority " ;
$pattern = " s " ;
$req = $_POST [ 'area' ];
}
else
{
quit ();
}
$stmt = $con -> prepare ( $sql );
$stmt -> bind_param ( $pattern , $req );
$stmt -> execute ();
$result = $stmt -> get_result ();
if ( $result == False )
{
quit ();
}
$stmt -> close ();
if ( $res == Null )
{
quit ();
}
$ret -> options = [];
if ( $result != False )
{
while ( $row = $result -> fetch_array ())
{
$ret -> options [] = $row [ " option " ];
}
}
}
2021-04-09 21:21:53 +02:00
else if ( $action == " status " )
{
if ( isset ( $_POST [ 'tile' ]) && $_POST [ 'tile' ] != " " )
{
$sql = " SELECT name FROM status WHERE id = (SELECT status_id FROM tile WHERE id = ?) " ;
$pattern = " i " ;
$req = $_POST [ 'tile' ];
}
else if ( isset ( $_POST [ 'area' ]) && $_POST [ 'area' ] != " " )
{
$sql = " SELECT name FROM status WHERE id = (SELECT status_id FROM secondLevel WHERE name = ?) " ;
$pattern = " s " ;
$req = $_POST [ 'area' ];
}
else
{
quit ();
}
$stmt = $con -> prepare ( $sql );
$stmt -> bind_param ( $pattern , $req );
$stmt -> execute ();
$result = $stmt -> get_result ();
if ( $result == False )
{
quit ();
}
$res = $result -> fetch_assoc ();
$stmt -> close ();
if ( $res == Null )
{
quit ();
}
$ret -> status = $res [ " name " ];
}
else
{
quit ();
}
// https://www.w3schools.com/php/php_mysql_prepared_statements.asp
$con -> close ();
echo ( json_encode ( $ret ));
?>