From 423e9aaf33366a210a853e67836c6db5d8390680 Mon Sep 17 00:00:00 2001
From: Mark Campbell-Smith <mcampbellsmith@gmail.com>
Date: Thu, 24 Jul 2014 23:44:46 +1000
Subject: Update to RunnerUpLive

---
 requests.php | 250 ++++++++++++++++++-----------------------------------------
 1 file changed, 76 insertions(+), 174 deletions(-)

(limited to 'requests.php')

diff --git a/requests.php b/requests.php
index b112412..c9d8c59 100755
--- a/requests.php
+++ b/requests.php
@@ -2,6 +2,7 @@
 /* phpTrackme
  *
  * Copyright(C) 2013 Bartek Fabiszewski (www.fabiszewski.net)
+ * Copyright(C) 2014 Mark Campbell-Smith (campbellsmith.me)
  *
  * This is free software; you can redistribute it and/or modify it under
  * the terms of the GNU Library General Public License as published by
@@ -21,21 +22,35 @@
 // http://forum.xda-developers.com/showpost.php?p=3250539&postcount=2
 
 require_once("config.php");
-$user = (isset($_REQUEST['u']) ? $_REQUEST['u'] : "");
-$pass = (isset($_REQUEST['p']) ? md5($salt.$_REQUEST['p']) : "");
-$requireddb = (isset($_REQUEST['db']) ? $_REQUEST['db'] : 0);
-$tripname = (isset($_REQUEST['tn']) ? $_REQUEST['tn'] : "");
-$action = (isset($_REQUEST['a']) ? $_REQUEST['a'] : "");
+$debug = 0;
+$activityType = array("","Running", "Bike");
+$inputJSON = file_get_contents('php://input');
 
-// If the client uses Backitude then define the tripname as user-date
-if ($requireddb == 'backitude') {
-   $tripname = $user.'-'.date("Ymd");
-}
-// FIXME what is it for?
-elseif ($requireddb<8) {
-  //Result:5 Incompatible database.
-  quit(5);
-}
+
+    $input= json_decode( $inputJSON, TRUE ); //convert JSON into array
+    $user = $input['userName'];
+    $pass = $input['password'];
+    $lat = $input['lat'];
+    $long = $input['long'];
+    $pace = $input['Pace'];
+    $TotalDistance = $input['TotalDistance'];
+    $eventType = $input['runningEventType'];
+    $TotalTime = $input['TotalTime'];
+    $dateoccurred = time();
+    $tripname = $user.'-'.date("Ymd"); 
+    $iconid = 50;
+//    error_log("$tripname");
+//    foreach ($input as $key => $value) {
+//        echo "<tr>";
+//        echo "<td>";
+//        echo $key;
+//        echo "</td>";
+//        echo "<td>";
+//        echo $value;
+//        echo "</td>";
+//        echo "</tr>";
+//        error_log("key $key value $value");
+//    }
 
 $mysqli = new mysqli($dbhost, $dbuser, $dbpass, $dbname);
 if ($mysqli->connect_errno) {
@@ -43,11 +58,11 @@ if ($mysqli->connect_errno) {
   quit(4);
 }
 
-if ((!$user) || (!$pass)){
+if ((!$user) || (!$pass)){ 
   //Result:3 User or password not specified.
+  error_log("user or pass not specified ($user / $pass)");
   quit(3);
 }
-
 $query = $mysqli->prepare("SELECT ID,username,password FROM users WHERE username=? LIMIT 1");
 $query->bind_param('s', $user);
 $query->execute();
@@ -57,9 +72,11 @@ $query->fetch();
 $num = $query->num_rows;
 $query->free_result();
 $query->close();
+
 if ($num) {
   if (($user==$rec_user) && ($pass!=$rec_pass)) {
     //Result:1 User correct, invalid password.
+    error_log("user correct, invalid password ($user / $pass <> $rec_pass)");
     quit(1);
   }
 }
@@ -74,141 +91,57 @@ else {
     if (!$userid) {
       //Result:2 User did not exist but after being created couldn't be found.
       // Or rather something went wrong while updating database
-      quit(2);
+    error_log("User not created");
+    quit(2);
     }
-  }
+  } 
   else {
     // User unknown, we don't allow autoregistration
     // Let's use this one:
     //Result:1 User correct, invalid password.
-    quit(1);
+    error_log("User unknown");
+    quit(1);    
   }
 }
 
-switch($action) {
-  // action: noop
-  case "noop":
-    // test
-    quit(0);
-    break;
-
-  // action: deletetrip
-  case "deletetrip":
-    if ($tripname) {
-      $sql = "DELETE FROM positions LEFT JOIN trips ON positions.FK_Trips_ID=trips.ID "
-            ."WHERE positions.FK_Users_ID=? AND trips.Name=?";
-      $query = $mysqli->prepare($sql);
-      if ($query) {
-        $query->bind_param('is', $userid, $tripname);
-        $query->execute();
-        $query->close();
-      }
-      $sql = "DELETE FROM trips WHERE FK_Users_ID=? AND Name=?";
-      $query = $mysqli->prepare($sql);
-      $query->bind_param('is', $userid, $tripname);
-      $query->execute();
-      $rows = $mysqli->affected_rows;
-      $query->close();
-      if ($rows) {
-        quit(0);
-      }
-      else {
-        //Result:7 Trip not found
-        quit(7);
-      }
-    }
-    else {
-      //Result:6 Trip not specified.
-      quit(6);
-    }
-    break;
-
-  // action: addtrip
-  case "addtrip":
-    if ($tripname) {
-      $sql = "INSERT INTO trips (FK_Users_ID,Name) VALUES (?,?)";
-      $query = $mysqli->prepare($sql);
-      $query->bind_param('is', $userid, $tripname);
-      $query->execute();
-      $query->close();
-    }
-    else {
-      //Result:6 Trip not specified.
-      quit(6);
-    }
-    break;
-
-  // action: gettriplist
-  case "gettriplist":
-    $sql = "SELECT a1.Name,(SELECT MIN(a2.DateOccurred) FROM positions a2 "
-        ."WHERE a2.FK_Trips_ID=a1.ID) AS startdate "
-        ."FROM trips a1 WHERE a1.FK_Users_ID=? ORDER BY Name";
-    $query = $mysqli->prepare($sql);
-    $query->bind_param('i', $userid);
-    $query->execute();
-    $query->store_result();
-    $query->bind_result($tripname,$startdate);
-    $num = $query->num_rows;
-    $triplist = array();
-    if ($num) {
-      while ($query->fetch()) {
-        $triplist[] = $tripname."|".$startdate;
-      }
-    }
-    $query->free_result();
-    $query->close();
-    $param = implode("\n",$triplist);
-    quit(0,$param);
-    break;
-
-  // action: upload
-  case "upload":
-    $lat = isset($_REQUEST["lat"]) ? $_REQUEST["lat"] : NULL;
-    $long = isset($_REQUEST["long"]) ? $_REQUEST["long"] : NULL;
-    // If the client uses Backitude then convert the date into handled format
-    $dateoccurred = isset($_REQUEST["do"]) ? $_REQUEST["do"] : NULL;
-    $altitude = isset($_REQUEST["alt"]) ? $_REQUEST["alt"] : NULL;
-    $angle = isset($_REQUEST["ang"]) ? $_REQUEST["ang"] : NULL;
-    $speed = isset($_REQUEST["sp"]) ? $_REQUEST["sp"] : NULL;
-    $iconname = isset($_REQUEST["iconname"]) ? $_REQUEST["iconname"] : NULL;
-    $comments = isset($_REQUEST["comments"]) ? $_REQUEST["comments"] : NULL;
-    $imageurl = isset($_REQUEST["imageurl"]) ? $_REQUEST["imageurl"] : NULL;
-    $cellid = isset($_REQUEST["cid"]) ? $_REQUEST["cid"] : NULL;
-    $signalstrength = isset($_REQUEST["ss"]) ? $_REQUEST["ss"] : NULL;
-    $signalstrengthmax = isset($_REQUEST["ssmax"]) ? $_REQUEST["ssmax"] : NULL;
-    $signalstrengthmin = isset($_REQUEST["ssmin"]) ? $_REQUEST["ssmin"] : NULL;
-    $batterystatus = isset($_REQUEST["bs"]) ? $_REQUEST["bs"] : NULL;
-    $uploadss = isset($_REQUEST["upss"]) ? $_REQUEST["upss"] : NULL; // FIXME is it needed?
-    $iconid = NULL;
-    if ($iconname) {
-      $sql = "SELECT ID FROM icons WHERE Name=? LIMIT 1";
-      $query = $mysqli->prepare($sql);
-      $query->bind_param('s', $iconname);
+   if ($tripname) {
+      // get tripid
+      //$query = $mysqli->prepare("SELECT ID FROM trips WHERE FK_Users_ID=? AND Name=? LIMIT 1");      
+      //$query->bind_param('is', $userid, $tripname);
+      $query = $mysqli->prepare("SELECT ID,Name FROM trips WHERE FK_Users_ID=? AND Name LIKE '$tripname%' ORDER BY Name DESC limit 1");
+      $query->bind_param('i', $userid );
       $query->execute();
       $query->store_result();
-      $query->bind_result($id);
+      $query->bind_result($tripid,$tripname);
       $query->fetch();
       $num = $query->num_rows;
       $query->free_result();
       $query->close();
-      if ($num) {
-        $iconid = $id;
-      }
-    }
-    $tripid = NULL; // FIXME: not sure what trips with null id are
-    if ($tripname) {
-      // get tripid
-      $query = $mysqli->prepare("SELECT ID FROM trips WHERE FK_Users_ID=? AND Name=? LIMIT 1");
-      $query->bind_param('is', $userid, $tripname);
+            
+      $query = $mysqli->prepare("SELECT EventType FROM positions where FK_Users_ID=? and FK_Trips_ID=? ORDER BY ID DESC limit 1");
+      $query->bind_param('ii', $userid, $tripid);
       $query->execute();
       $query->store_result();
-      $query->bind_result($tripid);
+      $query->bind_result($eventTypeLast);
       $query->fetch();
-      $num = $query->num_rows;
       $query->free_result();
-      $query->close();
-      if (!$num) {
+      $query->close();     
+                         
+      if ((!$num) || ($eventTypeLast == 3)) {
         // create trip
+        error_log("create trip");
+        if (substr_count($tripname, '-') == 1) {
+           $tripname = $tripname."-1";
+           error_log("create trip 1 $tripname");
+        }
+        else {
+           $ptn = "/(.*)-(\d+$)/";
+           preg_match($ptn, $tripname, $matches);
+           $matches[2]=$matches[2]+1;
+           $tripname = $matches[1]."-".$matches[2];
+           error_log("create trip regex 2 $tripname");
+        }
+
         $query = $mysqli->prepare("INSERT INTO trips (FK_Users_ID,Name) VALUES (?,?)");
         $query->bind_param('is', $userid, $tripname);
         $query->execute();
@@ -218,64 +151,33 @@ switch($action) {
           //Result:6 Trip didn't exist and system was unable to create it.
           quit(6);
         }
-      }
     }
-     if ($requireddb == 'backitude') {
-         $sql = "INSERT INTO positions "
-               ."(FK_Users_ID,FK_Trips_ID,Latitude,Longitude,DateOccurred,FK_Icons_ID,"
-               ."Speed,Altitude,Comments,ImageURL,Angle,SignalStrength,SignalStrengthMax,"
-               ."SignalStrengthMin,BatteryStatus) VALUES (?,?,?,?,FROM_UNIXTIME(?),?,?,?,?,?,?,?,?,?,?)";
-     } else {
-         $sql = "INSERT INTO positions "
-               ."(FK_Users_ID,FK_Trips_ID,Latitude,Longitude,DateOccurred,FK_Icons_ID,"
-               ."Speed,Altitude,Comments,ImageURL,Angle,SignalStrength,SignalStrengthMax,"
-               ."SignalStrengthMin,BatteryStatus) VALUES (?,?,?,?,?,?,?,?,?,?,?,?,?,?,?)";
-     }
-
+   
+    $sql = "INSERT INTO positions "
+          ."(FK_Users_ID,FK_Trips_ID,Latitude,Longitude,FK_Icons_ID,"
+          ."Pace,TotalDistance,TotalTime,EventType) VALUES (?,?,?,?,?,?,?,?,?)";
     $query = $mysqli->prepare($sql);
-    $query->bind_param('iiddsiddssdiiii',
-            $userid,$tripid,$lat,$long,$dateoccurred,$iconid,
-            $speed,$altitude,$comments,$imageurl,$angle,$signalstrength,$signalstrengthmax,
-            $signalstrengthmin,$batterystatus);
+    $query->bind_param('iiddisisi',$userid,$tripid,$lat,$long,$iconid,$pace,$TotalDistance,$TotalTime,$eventType);
+
     $query->execute();
     $query->close();
     if ($mysqli->errno) {
       //Result:7|SQLERROR   Insert statement failed.
+      error_log("Mysql error on upload 1");
       quit(7,$mysqli->error);
     }
-    //FIXME Are cellids used in Android client?
-    $upcellext = isset($_REQUEST["upcellext"]) ? $_REQUEST["upcellext"] : NULL;
-    if ($upcellext==1 && $cellid) {
-      $sql = "INSERT INTO cellids (CellID,Latitude,Longitude,SignalStrength,SignalStrengthMax,SignalStrengthMin) "
-            ."VALUES (?,?,?,?,?,?)";
-      $query = $mysqli->prepare($sql);
-      $query->bind_param('sddiii',$cellid,$lat,$long,$signalstrength,$signalstrengthmax,$signalstrengthmin);
-      $query->execute();
-      $query->close();
-      if ($mysqli->errno) {
-        //Result:7|SQLERROR   Insert statement failed.
-        quit(7,$mysqli->error);
-      }
-    }
+    error_log("finish upload");
     quit(0);
     break;
-
-  // action: geticonlist
-  // action: renametrip
-  // action: findclosestbuddy
-  // action: delete
-  // action: sendemail
-  // action: updateimageurl
-  // action: findclosestpositionbytime
-  // action: findclosestpositionbyposition
-  // action: gettripinfo
-  // action: gettriphighlights
 }
 
 function quit($errno,$param=""){
   print "Result:".$errno.(($param)?"|$param":"");
+//  error_log( "Result:".$errno.(($param)?"|$param":""));
+
   exit();
 }
 
 $mysqli->close();
 ?>
+
-- 
cgit v1.2.3