-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathwarns.php
More file actions
52 lines (48 loc) · 2.05 KB
/
warns.php
File metadata and controls
52 lines (48 loc) · 2.05 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
<?php
require('connect.php');
$headers = getallheaders();
if (verifyRequest($con, $headers, $_SERVER)) {
if ($_SERVER['REQUEST_METHOD'] == "POST") { //POST
$Params = json_decode(file_get_contents('php://input'), true);
switch($Params['Method']) {
case 'update': {
$check = mysqli_query($con, "SELECT * FROM `warns` WHERE `user_id`=" . safe($con, $Params['User-Id']) . " AND `id`=" . safe($con, $Params['Warn-Id']));
if (mysqli_num_rows($check) == 0) {
$sql = "INSERT INTO `warns`(`user_id`, `staff_id`, `message`) VALUES (" . safe($con, $Params['User-Id']) . ", " . safe($con, $Params['Staff-Id']) . ", '" . safe($con, $Params['Message']) . "')";
} else {
$sql = "UPDATE `warns` SET `accepted`='" . safe($con, $Params['Accepted']) . "' WHERE `user_id`=" . safe($con, $Params['User-Id']) . " AND `id`=" . safe($con, $Params['Warn-Id']);
}
$res = mysqli_query($con, $sql);
if (!$res)
die(json_encode(array("status" => "Internal error: " . mysqli_error($con))));
die(json_encode(array("status" => "Success")));
break;
}
}
} else { //GET
$Params = $_GET;
switch($Params['Action']) {
case 'getall': {
$sql = "SELECT * FROM `warns` WHERE `user_id`=" . safe($con, $Params['User-Id']);
$res = mysqli_query($con, $sql);
if (!$res)
die(json_encode(array("status" => "Error", "data" => "Internal error: " . mysqli_error($con))));
if (mysqli_num_rows($res) < 1)
die(json_encode(array("status" => "Error", "data" => "No warnings.")));
$data = array();
while ($row = mysqli_fetch_assoc($res)) {
$data[$row['id']] = array(
"StaffId" => (int) $row['staff_id'],
"Message" => $row['message'],
"Accepted" => (int) $row['accepted']
);
}
die(json_encode(array("status" => "Success", "data" => $data)));
break;
}
}
}
} else {
die(require_once('index.php'));
}
?>