Commit 337d4e7c authored by mohan122's avatar mohan122 Committed by GitHub

Add files via upload

parent b95bb35f
<?php
header('Access-Control-Allow-Origin:*');
// Define database connection parameters
$hn = 'localhost';
$un = 'root';
$pwd = '';
$db = 'digimart';
$cs = 'utf8';
// Set up the PDO parameters
$dsn = "mysql:host=" . $hn . ";port=3306;dbname=" . $db . ";charset=" . $cs;
$opt = array(
PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION,
PDO::ATTR_DEFAULT_FETCH_MODE => PDO::FETCH_OBJ,
PDO::ATTR_EMULATE_PREPARES => false,
);
// Create a PDO instance (connect to the database)
$pdo = new PDO($dsn, $un, $pwd, $opt);
// Retrieve the posted data
$json = file_get_contents('php://input');
$obj = json_decode($json);
$key = strip_tags($obj->key);
// Determine which mode is being requested
switch($key)
{
// Add a new record to the technologies table
case "create":
// Sanitise URL supplied values
$NAME = filter_var($obj->piece, FILTER_SANITIZE_STRING, FILTER_FLAG_ENCODE_LOW);
// Attempt to run PDO prepared statement
try {
$sql = "INSERT INTO buy(pieces) VALUES(:pieces)";
$stmt = $pdo->prepare($sql);
$stmt->bindParam(':pieces', $NAME, PDO::PARAM_STR);
$stmt->execute();
echo json_encode(array('message' => 'Congratulations the record ' . $NAME . ' was added to the database'));
}
// Catch any errors in running the prepared statement
catch(PDOException $e)
{
echo $e->getMessage();
}
break;
// Update an existing record in the technologies table
case "update":
$NAME = filter_var($obj->NAME, FILTER_SANITIZE_STRING, FILTER_FLAG_ENCODE_LOW);
$MOBILE = filter_var($obj->MOBILE, FILTER_SANITIZE_NUMBER_INT);
$PASSWORD = filter_var($obj->PASSWORD, FILTER_SANITIZE_STRING, FILTER_FLAG_ENCODE_LOW);
$SHOPNAME = filter_var($obj->SHOPNAME, FILTER_SANITIZE_STRING, FILTER_FLAG_ENCODE_LOW);
$CATEGORY = filter_var($obj->CATEGORY, FILTER_SANITIZE_STRING, FILTER_FLAG_ENCODE_LOW);
$LOCATION = filter_var($obj->LOCATION, FILTER_SANITIZE_NUMBER_INT);
$recordID = filter_var($obj->recordID, FILTER_SANITIZE_NUMBER_INT);
// Attempt to run PDO prepared statement
try {
$sql = "UPDATE register SET NAME = :NAME, MOBILE = :MOBILE,PASSWORD=:PASSWORD,SHOPNAME=:SHOPNAME,CATEGORY=:CATEGORY,LOCATION=:LOCATION WHERE sno = :recordID";
$stmt = $pdo->prepare($sql);
$stmt->bindParam(':NAME', $NAME, PDO::PARAM_STR);
$stmt->bindParam(':MOBILE', $MOBILE, PDO::PARAM_INT);
$stmt->bindParam(':PASSWORD', $PASSWORD, PDO::PARAM_STR);
$stmt->bindParam(':SHOPNAME', $SHOPNAME, PDO::PARAM_STR);
$stmt->bindParam(':CATEGORY', $CATEGORY, PDO::PARAM_STR);
$stmt->bindParam(':LOCATION', $LOCATION, PDO::PARAM_INT);
$stmt->bindParam(':recordID', $recordID, PDO::PARAM_INT);
$stmt->execute();
echo json_encode('Congratulations the record ' . $NAME . ' was updated');
}
// Catch any errors in running the prepared statement
catch(PDOException $e)
{
echo $e->getMessage();
}
break;
// Remove an existing record in the technologies table
case "delete":
// Sanitise supplied record ID for matching to table record
$recordID = filter_var($obj->recordID, FILTER_SANITIZE_NUMBER_INT);
// Attempt to run PDO prepared statement
try {
$pdo = new PDO($dsn, $un, $pwd);
$sql = "DELETE FROM technologies WHERE id = :recordID";
$stmt = $pdo->prepare($sql);
$stmt->bindParam(':recordID', $recordID, PDO::PARAM_INT);
$stmt->execute();
echo json_encode('Congratulations the record ' . $NAME . ' was removed');
}
// Catch any errors in running the prepared statement
catch(PDOException $e)
{
echo $e->getMessage();
}
break;
}
?>
<?php
header('Access-Control-Allow-Origin:*');
// Define database connection parameters
$hn = 'localhost';
$un = 'root';
$pwd = '';
$db = 'digimart';
$cs = 'utf8';
// Set up the PDO parameters
$dsn = "mysql:host=" . $hn . ";port=3306;dbname=" . $db . ";charset=" . $cs;
$opt = array(
PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION,
PDO::ATTR_DEFAULT_FETCH_MODE => PDO::FETCH_OBJ,
PDO::ATTR_EMULATE_PREPARES => false,
);
$pdo = new PDO($dsn, $un, $pwd, $opt);
$data = array();
$datak=array();
$json = file_get_contents("php://input");
$obj = json_decode($json);
$key = strip_tags($obj->key);
switch($key)
{
case "create":
$EMAIL = filter_var($obj->piece, FILTER_SANITIZE_STRING, FILTER_FLAG_ENCODE_LOW);
try {
$stmt1= $pdo->query("INSERT INTO productpurchase(SELECT EMAIL,emailf FROM itemregister WHERE emailf IN (SELECT NAME FROM register WHERE LATITUDE BETWEEN (select minlat FROM locate WHERE sno IN (SELECT MAX(sno) FROM locate)) AND (select maxlat FROM locate WHERE sno IN (SELECT MAX(sno) FROM locate)) AND LONGITUDE BETWEEN (select minlon FROM locate WHERE sno IN (SELECT MAX(sno) FROM locate)) AND (select maxlon FROM locate WHERE sno IN (SELECT MAX(sno) FROM locate)) ))");
$stmt = $pdo->query("SELECT itemname FROM productpurchase WHERE itemname= '$EMAIL'");
if ($row = $stmt->fetch(PDO::FETCH_OBJ))
{
$stmt2=$pdo->query("INSERT INTO productbuying(item) SELECT EMAIL FROM itemregister WHERE EMAIL= '$EMAIL' AND emailf IN (SELECT mailid FROM productpurchase) ");
$stmt2=$pdo->query("INSERT INTO productbuying(shopname) SELECT SHOPNAME FROM register WHERE NAME IN (select mailid FROM productpurchase) ");
}
else
{
echo json_encode($data);
}
}
catch(PDOException $e)
{
echo $e->getMessage();
}
}
?>
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment