81 lines
3.0 KiB
Plaintext
81 lines
3.0 KiB
Plaintext
<?php
|
|
require $_SERVER["DOCUMENT_ROOT"] . '/Hexine/api/core_functions.php';
|
|
$request_type = explode("/", $_SERVER["REQUEST_URI"])[2] ?? null;
|
|
|
|
requireLogin();
|
|
|
|
if($_SERVER['REQUEST_METHOD'] != 'POST'){ redirectToErrorPage(405); }
|
|
|
|
// Variables that're consistently used.
|
|
switch ($request_type) {
|
|
default:
|
|
if(!isset($_POST['targetUserID'])){ echo "No target user ID set"; die(header("HTTP/1.1 400 Bad Request")); }
|
|
if(!isset($_POST['displayedUserID'])){ echo "No displayed user ID set"; die(header("HTTP/1.1 400 Bad Request")); }
|
|
if(!isset($_POST['pageNum'])){ echo "No page number set"; die(header("HTTP/1.1 400 Bad Request")); }
|
|
if(!isset($_POST['view'])){ echo "No view set"; die(header("HTTP/1.1 400 Bad Request")); }
|
|
if(!isset($_POST['invitationID'])){ echo "No invitation ID set"; die(header("HTTP/1.1 400 Bad Request")); }
|
|
if($_POST['displayedUserID'] != SESSION["userid"]){ echo "Failed to verify data"; die(header("HTTP/1.1 400 Bad Request")); }
|
|
$userid = SESSION["userid"];
|
|
$friendid = $_POST['targetUserID'];
|
|
$pagenum = $_POST['pageNum'];
|
|
$view = $_POST['view'];
|
|
$invitationid = $_POST['invitationID'];
|
|
break;
|
|
case "friends":
|
|
if(!isset($_GET['DisplayedUserID'])){ die("Could not fetch friends"); }
|
|
if(!isset($_GET['PageNum'])){ $page = 1; }
|
|
$userid = $_GET['DisplayedUserID'];
|
|
$pagenum = $_GET['PageNum'];
|
|
break;
|
|
}
|
|
|
|
$request_type = explode("/", $_SERVER["REQUEST_URI"])[2] ?? null;
|
|
switch ($request_type) {
|
|
case null: // the API intended for this document
|
|
die(header("HTTP/1.1 501 Not Implemented"));
|
|
break;
|
|
case "acceptallfriendrequests":
|
|
$incomingFRs = $pdo->prepare("SELECT * FROM friends WHERE receiverid = :id AND status = 0");
|
|
$incomingFRs->bindParam(":id", $userid, PDO::PARAM_INT);
|
|
$incomingFRs->execute();
|
|
|
|
if(!$incomingFRs->rowCount()){ die(); }
|
|
|
|
while ($row = $incomingFRs->fetch(PDO::FETCH_OBJ)) {
|
|
$friends = $pdo->prepare("UPDATE friends SET status = 1 WHERE requesterId = :friendid AND receiverId = :id");
|
|
$friends->bindParam(":friendid", $row->requesterId, PDO::PARAM_INT);
|
|
$friends->bindParam(":id", $userid, PDO::PARAM_INT);
|
|
$friends->execute();
|
|
}
|
|
break;
|
|
case "acceptfriendrequest":
|
|
$friends = $pdo->prepare("UPDATE friends SET status = 1 WHERE Id = :invitationid ");
|
|
$friends->bindParam(":invitationid", $invitationid, PDO::PARAM_INT);
|
|
$friends->execute();
|
|
break;
|
|
case "declineallfriendrequests":
|
|
$incomingFRs = $pdo->prepare("SELECT * FROM friends WHERE receiverid = :id AND status = 0");
|
|
$incomingFRs->bindParam(":id", $userid, PDO::PARAM_INT);
|
|
$incomingFRs->execute();
|
|
|
|
if(!$incomingFRs->rowCount()){ die(); }
|
|
|
|
while ($row = $incomingFRs->fetch(PDO::FETCH_OBJ)) {
|
|
Unfriend($userid, $row->requesterId);
|
|
}
|
|
break;
|
|
case "declinefriendrequest":
|
|
BreakFriendship($invitationid);
|
|
break;
|
|
case "friends":
|
|
$view = "Friends";
|
|
break;
|
|
case "removefriend":
|
|
Unfriend($userid, $friendid);
|
|
break;
|
|
default:
|
|
die(header("HTTP/1.1 405 Bad Request"));
|
|
break;
|
|
}
|
|
loadFriendPage($userid, $pagenum, $view);
|
|
?> |