<?php error_reporting(0); ?> <?php require_once('Connections/fleetMan.php'); ?><?php mysql_select_db($database_fleetMan, $fleetMan); ?> <?php require_once("manager/functions.php"); $api = new fleet(); ?> <?php date_default_timezone_set("Africa/Kampala"); ?> <?php if (!isset($_SESSION)) { session_start(); } $MM_authorizedUsers = ""; $MM_donotCheckaccess = "true"; // *** Restrict Access To Page: Grant or deny access to this page function isAuthorized($strUsers, $strGroups, $UserName, $UserGroup) { // For security, start by assuming the visitor is NOT authorized. $isValid = False; // When a visitor has logged into this site, the Session variable MM_Username set equal to their username. // Therefore, we know that a user is NOT logged in if that Session variable is blank. if (!empty($UserName)) { // Besides being logged in, you may restrict access to only certain users based on an ID established when they login. // Parse the strings into arrays. $arrUsers = Explode(",", $strUsers); $arrGroups = Explode(",", $strGroups); if (in_array($UserName, $arrUsers)) { $isValid = true; } // Or, you may restrict access to only certain users based on their username. if (in_array($UserGroup, $arrGroups)) { $isValid = true; } if (($strUsers == "") && true) { $isValid = true; } } return $isValid; } $MM_restrictGoTo = "index.php"; if (!((isset($_SESSION['MM_Username'])) && (isAuthorized("",$MM_authorizedUsers, $_SESSION['MM_Username'], $_SESSION['MM_UserGroup'])))) { $MM_qsChar = "?"; $MM_referrer = $_SERVER['PHP_SELF']; if (strpos($MM_restrictGoTo, "?")) $MM_qsChar = "&"; if (isset($_SERVER['QUERY_STRING']) && strlen($_SERVER['QUERY_STRING']) > 0) $MM_referrer .= "?" . $_SERVER['QUERY_STRING']; $MM_restrictGoTo = $MM_restrictGoTo. $MM_qsChar . "accesscheck=" . urlencode($MM_referrer); header("Location: ". $MM_restrictGoTo); exit; } ?> <?php if(isset($_FILES['bios_attachment']['name']) && trim($_FILES['bios_attachment']['name']) != "") { $file_name = $_FILES['bios_attachment']['name']; $tmp_name = $_FILES['bios_attachment']['tmp_name']; if(move_uploaded_file($tmp_name,"uploads/BarefootLaw_File_".str_replace(".","_",$file_name))) { echo "uploads/BarefootLaw_File_".str_replace(".","_",$file_name); exit; //$data = array("status"=>"1","file_name"=>"uploads/BarefootLaw_File_".$file_name); //goto app_end; } else { echo ""; exit; //$data = array("status"=>"0","file_name"=>""); //goto app_end; } } $action = $_GET['action']; switch($action) { case 'quick_stats': $data = array(); $data[] = $api->get_record("bios_message","count(*)","where id is not null /*substr(send_date,1,10) = '".date("Y-m-d")."'*/ and channel = 'barefootlaw_fb_page'")." BFL Page<br> 57 Garage<br> 649 SMS<br> ".$api->get_record("bios_message","count(*)","where id is not null /*substr(send_date,1,10) = '".date("Y-m-d")."'*/ and channel = 'email'")." Email<br> <hr> <strong>Messages</strong>"; $data[] = "<h1>".$api->get_record("bios_response","count(*)","where id is not null /*substr(send_date,1,10) = '".date("Y-m-d")."'*/")."</h1> <hr><strong>Responses</strong>"; $data[] = "<h1>".$api->get_record("bios_user","count(*)","where id is not null /*substr(send_date,1,10) = '".date("Y-m-d")."'*/")."</h1> <hr><strong>New Clients</strong>"; $data[] = "<h1>".$api->get_record("bios_issue_tracker","count(*)","where id is not null /*substr(send_date,1,10) = '".date("Y-m-d")."'*/")."</h1> <hr> <strong>New Issues</strong>"; break; case 'user_log': $data = $api->message_log($_GET['user_id'],isset($_GET['max_time']) ? urldecode($_GET['max_time']) : ""); break; case 'user_response': $user_id = $api->get_record("bios_user","page_user_id","where id = '".$_GET['user']."'"); $channel_to_use = (isset($_GET['channel']) && $_GET['channel'] != "") ? $_GET['channel'] : $api->get_record("bios_message","channel","where sender_id = '".$_GET['user']."' order by id desc limit 1"); $response = $_GET['response']; $logged_in_user = $api->get_record("bios_sys_user","id","where email = '".$_SESSION['MM_Username']."'"); $file = trim($_GET['file_name']); if($channel_to_use == "barefootlaw_fb_page") { if($api->post_to_user($response, $user_id, $logged_in_user,array(),$file)) { $data = array("status"=>1); } else { $data = array("status"=>0); } } //Email if($channel_to_use == "email") { } break; case 'categorize_message': $message_id = $_GET['message_id']; $category = $_GET['category']; $n = mysql_query("update bios_message set category = '".$category."', category_update = '".date("Y-m-d H:i:s")."' where id = '".$message_id."' limit 1"); if($n && mysql_affected_rows() == 1) { $affected = 1; $n2 = mysql_query("update bios_message set category = '".$category."', category_update = '".date("Y-m-d H:i:s")."' where category is null and id > '".$message_id."' and sender_id in (select sender_id from bios_message where id = '".$message_id."')"); if($n2 && mysql_affected_rows() > 0) { $affected = $affected+mysql_affected_rows(); } $data = array("status"=>1,"message"=>number_format($affected)." messages updated."); } else { $data = array("status"=>0,"message"=>"Please try again later: ".mysql_error()); } break; } app_end: header("Access-Control-Allow-Origin: *"); header("Access-Control-Allow-Methods: GET, POST, OPTIONS, PUT, DELETE"); header("Access-Control-Allow-Headers: X-API-KEY, Origin, X-Requested-With, Content-Type, Accept, Access-Control-Request-Method"); header("Content-Type: application/json"); header("Cache-Control: no-cache, no-store, must-revalidate"); // HTTP/1.1 header("Expires: 0"); // Date in the past echo json_encode($data); exit; ?>