diff --git a/web/index.php b/web/index.php new file mode 100644 index 0000000..4d39251 --- /dev/null +++ b/web/index.php @@ -0,0 +1,214 @@ +success = False; + $ret->version = $GLOBALS["API_VERSION"]; + echo(json_encode($ret)); + exit(); +} + +$ret = new stdClass; +$ret->success = True; +$ret->version = $API_VERSION; + +// Make sure we've got at least auth and an action in the request +if (isset($_POST['auth']) && $_POST['auth'] != "" && isset($_POST['action']) && $_POST['action'] != "") +{ + $auth = $_POST['auth']; + $action = $_POST['action']; +} +else +{ + quit(); +} + +// Connect to DB +$con = new mysqli($SQL_SERVER, $SQL_USER, $SQL_PASSWORD, $SQL_DATABASE, $SQL_PORT); +if ($con->connect_error) +{ + quit(); +} + +// Check auth +$stmt = $con->prepare("SELECT id FROM auth WHERE token = ?"); +$stmt->bind_param("s", $auth); +$stmt->execute(); +$result = $stmt->get_result(); +$res = $result->fetch_assoc(); +$stmt->close(); +if ($res == Null) +{ + quit(); +} + +// Setup helper functions +function get_lock($con) +{ + $sql = "SELECT GET_LOCK('tile-status-lock', 10)"; + $ret = $con->query($sql)->fetch_array()[0]; + if ($ret == 0) + { + quit(); + } +} + +function rel_lock($con) +{ + $con->query("SELECT RELEASE_LOCK('tile-status-lock')"); +} + +function set_status($con, $name, $status, $type) +{ + get_lock($con); + if ($type == "area") + { + // Get parent ID + $sql = "SELECT id FROM secondLevel WHERE name = ?"; + $stmt = $con->prepare($sql); + $stmt->bind_param("s", $name); + $stmt->execute(); + $result = $stmt->get_result(); + $stmt->close(); + if ($result == False) + { + rel_lock($con); + quit(); + } + $pid = $result->fetch_array()[0]; + + // Get status ID + $sql = "SELECT id FROM status WHERE name = ?"; + $stmt = $con->prepare($sql); + $stmt->bind_param("s", $status); + $stmt->execute(); + $result = $stmt->get_result(); + $stmt->close(); + if ($result == False) + { + rel_lock($con); + quit(); + } + $sid = $result->fetch_array()[0]; + + // Update tiles in area + $sql = "UPDATE tile SET status_id = ? WHERE parent_id = ?"; + $stmt = $con->prepare($sql); + $stmt->bind_param("ii", $sid, $pid); + $stmt->execute(); + $stmt->close(); + } + else + { + $sql = "UPDATE tile SET status_id = (SELECT id FROM status WHERE name = ?) WHERE id = ?"; + $stmt = $con->prepare($sql); + $stmt->bind_param("si", $status, $name); + $stmt->execute(); + $stmt->close(); + } + rel_lock($con); +} + +if ($action == "set") +{ + if (isset($_POST['tile']) && $_POST['tile'] != "") + { + set_status($con, $_POST['tile'], $_POST['status'], "tile"); + } + else if (isset($_POST['area']) && $_POST['area'] != "") + { + set_status($con, $_POST['area'], $_POST['status'], "area"); + } + else + { + quit(); + } +} +else if ($action == "get-job") +{ + get_lock($con); + if (isset($_POST["additional-type"]) && $_POST["additional-type"] != "") + { + $sql = "SELECT id FROM tile WHERE status_id = (SELECT id FROM status WHERE name = 'pending') OR status_id = (SELECT id FROM status WHERE name = ?) ORDER BY parent_id LIMIT 1"; + $stmt = $con->prepare($sql); + $stmt->bind_param("s", $_POST["additional-type"]); + } + else + { + $sql = "SELECT id FROM tile WHERE status_id = (SELECT id FROM status WHERE name = 'pending') ORDER BY parent_id LIMIT 1"; + $stmt = $con->prepare($sql); + } + $stmt->execute(); + $result = $stmt->get_result(); + $stmt->close(); + if ($result == False) + { + quit(); + } + rel_lock($con); + $ret->job = $result->fetch_array()[0]; + if ($ret->job == Null) + { + $ret->job = "None"; + } + else + { + set_status($con, $ret->job, "started", "tile"); + } +} +else if ($action == "get-done") +{ + $sql = "SELECT name FROM secondLevel WHERE status_id = (SELECT id FROM status WHERE name = 'done') LIMIT 1"; + $ret->job = $con->query($sql)->fetch_array()[0]; + if ($ret->job == Null) + { + $ret->job = "None"; + } +} +else if ($action == "status") +{ + if (isset($_POST['tile']) && $_POST['tile'] != "") + { + $sql = "SELECT name FROM status WHERE id = (SELECT status_id FROM tile WHERE id = ?)"; + $pattern = "i"; + $req = $_POST['tile']; + } + else if (isset($_POST['area']) && $_POST['area'] != "") + { + $sql = "SELECT name FROM status WHERE id = (SELECT status_id FROM secondLevel WHERE name = ?)"; + $pattern = "s"; + $req = $_POST['area']; + } + else + { + quit(); + } + $stmt = $con->prepare($sql); + $stmt->bind_param($pattern, $req); + $stmt->execute(); + $result = $stmt->get_result(); + if ($result == False) + { + quit(); + } + $res = $result->fetch_assoc(); + $stmt->close(); + if ($res == Null) + { + quit(); + } + $ret->status = $res["name"]; +} +else +{ + quit(); +} + +// https://www.w3schools.com/php/php_mysql_prepared_statements.asp + +$con->close(); +echo(json_encode($ret)); +?>