-
Notifications
You must be signed in to change notification settings - Fork 1
Expand file tree
/
Copy pathupdate.json
More file actions
77 lines (56 loc) · 2.12 KB
/
update.json
File metadata and controls
77 lines (56 loc) · 2.12 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
<?
//***********
// require local conf
require "plainnoteconf.php";
require "sqltojson.php";
// require the inspekt library
require "Inspekt/Inspekt.php";
// create a "SuperCage" to wrap all possible user input
// the SuperCage should be created before doing *anything* else
$input = Inspekt::makeSuperCage();
//ensure the user sent a user and pass
$username = $input->post->testEmail('username');
$account_id = $input->post->getRaw('account_id');
$post_id = $input->post->getRaw('post_id');
$note = $input->post->getRaw('content');
if (!$username || !$account_id || !$post_id || !$note) {
//bad user/account_id
echo json_encode(array ('status'=>400, 'error'=>'malformed request'));
}
else {
mysql_connect($dbHost,$dbUser,$dbPass);
@mysql_select_db($dbName) or die( "Unable to select database");
$note = $input->post->escMySQL('content');
//first things first get the userpk
$query="SELECT userpk,username,password,guid FROM users where username='$username' and guid='$account_id'";
$result=mysql_query($query);
$num=mysql_numrows($result);
if($num>0){
//found the user lets load some values
$d_userpk=mysql_result($result,$i,"userpk");
$d_username=mysql_result($result,$i,"username");
$d_password=mysql_result($result,$i,"password");
$d_guid=mysql_result($result,$i,"guid");
}
else{
echo json_encode(array ('status'=>400, 'error'=>'user not found'));
}
//need to stup in code here to select form notes, then insert or update if found
//hey @funkatron told me about on duplicate key update so we don't have to do a select then insert or update
//huzzah
//INSERT INTO table (a,b,c) VALUES (1,2,3)
// ON DUPLICATE KEY UPDATE c=c+1;
$sql = "insert into notes (lastmodified,userpk,note,noteguid) values ".
"(now(),$d_userpk,'$note','$post_id') ".
"ON DUPLICATE KEY UPDATE note='$note'";
mysql_query($sql);
If(mysql_affected_rows()>0){
echo json_encode(array ('status'=>201, 'error'=>'success'));
}
else{
echo json_encode(array ('status'=>400, 'error'=>'note not updated or created', 'sql'=>$sql));
}
mysql_close();
}
//all done
?>