Fix Bugs && Continue Opfer Page + API
This commit is contained in:
marc-go
@@ -39,7 +39,7 @@ if ($_SERVER["REQUEST_METHOD"] == "POST") {
|
||||
setcookie("device_id", $device_id, time() + 3600, "/");
|
||||
setcookie("username", $user, time() + 3600, "/");
|
||||
|
||||
header("Location: /opfer.html");
|
||||
header("Location: /index.html");
|
||||
exit;
|
||||
|
||||
}else{
|
||||
|
||||
@@ -1,4 +1,38 @@
|
||||
<?php
|
||||
require "../api.php";
|
||||
|
||||
$api = new spamhasiApi()
|
||||
$api = new spamhasiApi();
|
||||
|
||||
if (!$api->checkAuth()) {
|
||||
header("Location: /index.html?status=500&error=Unauthorized");
|
||||
exit;
|
||||
}
|
||||
|
||||
if (!isset($_POST["name"]) || !isset($_POST["mail"]) || !isset($_POST["number"])) {
|
||||
die('{"status":500, "error":"Missing fields"}');
|
||||
}
|
||||
|
||||
$name = htmlspecialchars($_POST["name"]);
|
||||
$mail = htmlspecialchars($_POST["mail"]);
|
||||
$number = intval(htmlspecialchars($_POST["number"]));
|
||||
if (isset($_POST["enabled"])) {
|
||||
$enabled = 1;
|
||||
}else{
|
||||
$enabled = 0;
|
||||
}
|
||||
|
||||
$db = $api->getDB();
|
||||
|
||||
$sql = "INSERT INTO opfer (name, mail, number, status) VALUES (:name, :mail, :number, :status)";
|
||||
|
||||
$stmt = $db->prepare($sql);
|
||||
|
||||
$sql_exec = $stmt->execute([':name' => $name, ':mail' => $mail, ':number' => $number, ':status' => $enabled]);
|
||||
|
||||
if ($sql_exec) {
|
||||
header("Location: /index.html?status=200");
|
||||
}else{
|
||||
header("Location: /index.html?status=500&error=SQL Error");
|
||||
}
|
||||
exit;
|
||||
?>
|
||||
33
api/opfer/info.php
Normal file
33
api/opfer/info.php
Normal file
@@ -0,0 +1,33 @@
|
||||
<?php
|
||||
require "../api.php";
|
||||
|
||||
$api = new spamhasiApi();
|
||||
|
||||
if (!$api->checkAuth()) {
|
||||
die('{"status":500, "error":"Unauthorized"}');
|
||||
}
|
||||
|
||||
if (!isset($_POST["id"])) {
|
||||
die('{"status":500, "error":"Missing parameter"}');
|
||||
}
|
||||
|
||||
$id = intval($_POST["id"]);
|
||||
|
||||
$db = $api->getDB();
|
||||
|
||||
$sql = "SELECT * FROM opfer WHERE id = :id";
|
||||
$stmt = $db->prepare($sql);
|
||||
$stmt->execute([':id' => $id]);
|
||||
|
||||
$result = $stmt->fetchAll(PDO::FETCH_ASSOC);
|
||||
|
||||
if ($result) {
|
||||
$json["opfer"] = $result;
|
||||
$json["status"] = 200;
|
||||
}else{
|
||||
$json["status"] = 500;
|
||||
$json["error"] = "Empty SQL Result";
|
||||
}
|
||||
|
||||
die(json_encode($json));
|
||||
?>
|
||||
@@ -17,6 +17,7 @@ $all_opfer = [];
|
||||
|
||||
if ($result) {
|
||||
foreach ($result as $opfer_res) {
|
||||
$opfer["id"] = $opfer_res["id"];
|
||||
$opfer["name"] = $opfer_res["name"];
|
||||
$opfer["mail"] = $opfer_res["mail"];
|
||||
$opfer["number"] = $opfer_res["number"];
|
||||
|
||||
Reference in New Issue
Block a user