Add files via upload

corda.php

+<?php
+    header('Access-Control-Allow-Origin:*');
+   // Define database connection parameters
+   $hn      = 'localhost';
+   $un      = 'root';
+   $pwd     = '';
+   $db      = 'digimart';
+   $cs      = 'utf8';
+
+   // Set up the PDO parameters
+   $dsn 	= "mysql:host=" . $hn . ";port=3306;dbname=" . $db . ";charset=" . $cs;
+   $opt 	= array(
+                        PDO::ATTR_ERRMODE            => PDO::ERRMODE_EXCEPTION,
+                        PDO::ATTR_DEFAULT_FETCH_MODE => PDO::FETCH_OBJ,
+                        PDO::ATTR_EMULATE_PREPARES   => false,
+                       );
+   // Create a PDO instance (connect to the database)
+   $pdo 	= new PDO($dsn, $un, $pwd, $opt);
+   $data    = array();
+
+
+   //$json    =  file_get_contents('php://input');
+   //$obj     =  json_decode($json);
+
+
+   //$latitudes=filter_var($obj->latitudes, FILTER_SANITIZE_NUMBER_FLOAT,FILTER_FLAG_ALLOW_FRACTION);
+     //$latitudes='16.3018';
+    //$longitudes=filter_var($obj->longitudes, FILTER_SANITIZE_NUMBER_FLOAT,FILTER_FLAG_ALLOW_FRACTION);
+//$longitudes='80.4335';
+   //$rad = 1; // radius of bounding circle in kilometers
+
+    //$R = 6371;  // earth's mean radius, km
+
+    // first-cut bounding box (in degrees)
+    //$maxLat = $latitudes + rad2deg($rad/$R);
+    //$minLat = $latitudes - rad2deg($rad/$R);
+    //$maxLon = $longitudes + rad2deg(asin($rad/$R) / cos(deg2rad($latitudes)));
+    //$minLon = $longitudes- rad2deg(asin($rad/$R) / cos(deg2rad($latitudes)));
+
+   try {
+     // $stmt 	= $pdo->query('SELECT item FROM searchbar WHERE email IN (SELECT NAME FROM register WHERE LATITUDE BETWEEN :minLat AND :maxLat AND LONGITUDE BETWEEN :minLon AND :maxLon  )');
+ $stmt 	= $pdo->query('SELECT item FROM searchbar WHERE email IN (SELECT NAME FROM register WHERE LATITUDE BETWEEN (select minlat FROM locate WHERE sno IN (SELECT MAX(sno) FROM locate)) AND (select maxlat FROM locate WHERE sno IN (SELECT MAX(sno) FROM locate)) AND LONGITUDE BETWEEN (select minlon FROM locate WHERE sno IN (SELECT MAX(sno) FROM locate)) AND (select maxlon FROM locate WHERE sno IN (SELECT MAX(sno) FROM locate)) )');
+//      $stmt 	= $pdo->prepare($sql);
+  //    $stmt->bindParam(':minLat', $minLat);
+    //  $stmt->bindParam(':maxLat', $maxLat);
+      //$stmt->bindParam(':minLon', $minLon);
+      //$stmt->bindParam(':maxLon', $maxLon);
+      //$stmt->execute();
+
+
+      while($row  = $stmt->fetch(PDO::FETCH_OBJ))
+      {
+         // Assign each row of data to associative array
+         $data[] = $row;
+      }
+
+      // Return data as JSON
+      echo json_encode($data);
+   }
+   catch(PDOException $e)
+   {
+      echo $e->getMessage();
+   }
+
+
+?>

itemretrive.php

@@ -16,48 +16,113 @@
                         PDO::ATTR_DEFAULT_FETCH_MODE => PDO::FETCH_OBJ,
                         PDO::ATTR_EMULATE_PREPARES   => false,
                        );
-   // Create a PDO instance (connect to the database)
+ 
    $pdo 	= new PDO($dsn, $un, $pwd, $opt);
   
 
 
  $json    =  file_get_contents("php://input");
  $obj   =  json_decode($json);
-var_dump($obj);
- //echo json_decode($json);
- 
-
-$key='create';
-
- switch($key)
+ $key     =  strip_tags($obj->key);
+switch($key)
    {
-
-      // Add a new record to the technologies table
       case "create":
 
- $EMAILS		     =    filter_var($obj->EMAILS, FILTER_SANITIZE_STRING, FILTER_FLAG_ENCODE_LOW);
+ $EMAIL		     =    filter_var($obj->EMAIL, FILTER_SANITIZE_STRING, FILTER_FLAG_ENCODE_LOW);
+ $weighta	  = filter_var($obj->weighta, FILTER_SANITIZE_NUMBER_INT);
+ $piecesa    = filter_var($obj->piecesa,FILTER_SANITIZE_NUMBER_INT, FILTER_FLAG_ENCODE_LOW);
+ $costa    = filter_var($obj->costa,FILTER_SANITIZE_NUMBER_INT, FILTER_FLAG_ENCODE_LOW);
+ $weightb	  = filter_var($obj->weightb,FILTER_SANITIZE_NUMBER_INT, FILTER_FLAG_ENCODE_LOW);
+ $piecesb		     = filter_var($obj->piecesb, FILTER_SANITIZE_NUMBER_INT, FILTER_FLAG_ENCODE_LOW);
+ $costb	  = filter_var($obj->costb, FILTER_SANITIZE_NUMBER_INT);
+ $weightc    = filter_var($obj->weightc,FILTER_SANITIZE_NUMBER_INT, FILTER_FLAG_ENCODE_LOW);
+ $piecesc	  = filter_var($obj->piecesc, FILTER_SANITIZE_NUMBER_INT, FILTER_FLAG_ENCODE_LOW);
+ $costc		     = filter_var($obj->costc, FILTER_SANITIZE_NUMBER_INT, FILTER_FLAG_ENCODE_LOW);
+ $weightd	  = filter_var($obj->weightd, FILTER_SANITIZE_NUMBER_INT);
+ $piecesd	  = filter_var($obj->piecesd, FILTER_SANITIZE_NUMBER_INT, FILTER_FLAG_ENCODE_LOW);
+ $costd		     = filter_var($obj->costd,FILTER_SANITIZE_NUMBER_INT, FILTER_FLAG_ENCODE_LOW);
+ $weighte  = filter_var($obj->weighte, FILTER_SANITIZE_NUMBER_INT);
+ $piecese	  = filter_var($obj->piecese, FILTER_SANITIZE_NUMBER_INT, FILTER_FLAG_ENCODE_LOW);
+ $coste		     = filter_var($obj->coste, FILTER_SANITIZE_NUMBER_INT, FILTER_FLAG_ENCODE_LOW);
+ $weightf  = filter_var($obj->weightf, FILTER_SANITIZE_NUMBER_INT);
+ $piecesf	  = filter_var($obj->piecesf,FILTER_SANITIZE_NUMBER_INT, FILTER_FLAG_ENCODE_LOW);
+ $costf		     = filter_var($obj->costf, FILTER_SANITIZE_NUMBER_INT, FILTER_FLAG_ENCODE_LOW);
+ $emailf		     = filter_var($obj->emailf, FILTER_SANITIZE_STRING, FILTER_FLAG_ENCODE_LOW);
 
 
-   // Attempt to query database table and retrieve dat
    try {
- //$EMAILS		     =    filter_var($obj->EMAILS, FILTER_SANITIZE_STRING, FILTER_FLAG_ENCODE_LOW);
-     
-      $sql 	= "SELECT EMAIL FROM itemregister WHERE emailf= '$EMAILS'";
-   
-//EMAIL, weighta,piecesa,costa,weightb,piecesb,costb,weightc,piecesc,costc,weightd,piecesd,costd,weighte,piecese,coste,weightf,piecesf,costf
-           $stmt 	= $pdo->prepare($sql);
-           
+      $stmt 	= $pdo->query("SELECT EMAIL FROM itemregister WHERE EMAIL= '$EMAIL'");
+      
+      
+          
+ if ($row  = $stmt->fetch(PDO::FETCH_OBJ))
+   {
+      $sqlr 	= "INSERT INTO itemregister(EMAIL,weighta,piecesa,costa,weightb,piecesb,costb,weightc,piecesc,costc,weightd,piecesd,costd,weighte,piecese,coste,weightf,piecesf,costf,emailf) VALUES(:EMAIL,:weighta,:piecesa,:costa,:weightb,:piecesb,:costb,:weightc,:piecesc,:costc,:weightd,:piecesd,:costd,:weighte,:piecese,:coste,:weightf,:piecesf,:costf,:emailf )";
+            $stmt 	= $pdo->prepare($sqlr);
+            $stmt->bindParam(':EMAIL', $EMAIL, PDO::PARAM_STR);
+            $stmt->bindParam(':weighta', $weighta, PDO::PARAM_INT);
+            $stmt->bindParam(':piecesa', $piecesa, PDO::PARAM_INT);
+            $stmt->bindParam(':costa', $costa, PDO::PARAM_INT);
+            $stmt->bindParam(':weightb', $weightb, PDO::PARAM_INT);
+            $stmt->bindParam(':piecesb', $piecesb, PDO::PARAM_INT);
+            $stmt->bindParam(':costb', $costb, PDO::PARAM_INT);
+            $stmt->bindParam(':weightc', $weightc, PDO::PARAM_INT);
+            $stmt->bindParam(':piecesc', $piecesc, PDO::PARAM_INT);
+            $stmt->bindParam(':costc', $costc, PDO::PARAM_INT);
+            $stmt->bindParam(':weightd', $weightd, PDO::PARAM_INT);
+            $stmt->bindParam(':piecesd', $piecesd, PDO::PARAM_INT);
+            $stmt->bindParam(':costd', $costd, PDO::PARAM_INT);
+            $stmt->bindParam(':weighte', $weighte, PDO::PARAM_INT);
+            $stmt->bindParam(':piecese', $piecese, PDO::PARAM_INT);
+            $stmt->bindParam(':coste', $coste, PDO::PARAM_INT);
+            $stmt->bindParam(':weightf', $weightf, PDO::PARAM_INT);
+            $stmt->bindParam(':piecesf', $piecesf, PDO::PARAM_INT);
+            $stmt->bindParam(':costf', $costf, PDO::PARAM_INT);
+            $stmt->bindParam(':emailf', $emailf, PDO::PARAM_STR);
             $stmt->execute();
+   }
+
+    else
+   {
+      $sql 	= "INSERT INTO searchbar(item,email) VALUES(:EMAIL,:emailf)";
+            $stmt 	= $pdo->prepare($sql);
+            $stmt->bindParam(':EMAIL', $EMAIL, PDO::PARAM_STR);
+            $stmt->bindParam(':emailf',$emailf,PDO::PARAM_STR);
+            $stmt->execute();
+
+      $sqls 	= "INSERT INTO itemregister(EMAIL,weighta,piecesa,costa,weightb,piecesb,costb,weightc,piecesc,costc,weightd,piecesd,costd,weighte,piecese,coste,weightf,piecesf,costf,emailf) VALUES(:EMAIL,:weighta,:piecesa,:costa,:weightb,:piecesb,:costb,:weightc,:piecesc,:costc,:weightd,:piecesd,:costd,:weighte,:piecese,:coste,:weightf,:piecesf,:costf,:emailf )";
+            $stmt 	= $pdo->prepare($sqls);
+            $stmt->bindParam(':EMAIL', $EMAIL, PDO::PARAM_STR);
+            $stmt->bindParam(':weighta', $weighta, PDO::PARAM_INT);
+            $stmt->bindParam(':piecesa', $piecesa, PDO::PARAM_INT);
+            $stmt->bindParam(':costa', $costa, PDO::PARAM_INT);
+            $stmt->bindParam(':weightb', $weightb, PDO::PARAM_INT);
+            $stmt->bindParam(':piecesb', $piecesb, PDO::PARAM_INT);
+            $stmt->bindParam(':costb', $costb, PDO::PARAM_INT);
+            $stmt->bindParam(':weightc', $weightc, PDO::PARAM_INT);
+            $stmt->bindParam(':piecesc', $piecesc, PDO::PARAM_INT);
+            $stmt->bindParam(':costc', $costc, PDO::PARAM_INT);
+            $stmt->bindParam(':weightd', $weightd, PDO::PARAM_INT);
+            $stmt->bindParam(':piecesd', $piecesd, PDO::PARAM_INT);
+            $stmt->bindParam(':costd', $costd, PDO::PARAM_INT);
+            $stmt->bindParam(':weighte', $weighte, PDO::PARAM_INT);
+            $stmt->bindParam(':piecese', $piecese, PDO::PARAM_INT);
+            $stmt->bindParam(':coste', $coste, PDO::PARAM_INT);
+            $stmt->bindParam(':weightf', $weightf, PDO::PARAM_INT);
+            $stmt->bindParam(':piecesf', $piecesf, PDO::PARAM_INT);
+            $stmt->bindParam(':costf', $costf, PDO::PARAM_INT);
+            $stmt->bindParam(':emailf', $emailf, PDO::PARAM_STR);
+            $stmt->execute();
+
+
 
 
-      while($row  = $stmt->fetch(PDO::FETCH_OBJ))
-      {
-         // Assign each row of data to associative array
-         $data[] = $row;
-      }
 
-      // Return data as JSON
-      echo json_encode($data);
+
+    }
+
+
+     
    }
    catch(PDOException $e)
    {

register.php

@@ -41,11 +41,13 @@
           $RETYPEPASSWORD    = filter_var($obj->RETYPEPASSWORD, FILTER_SANITIZE_STRING, FILTER_FLAG_ENCODE_LOW);
          $SHOPNAME	  = filter_var($obj->SHOPNAME, FILTER_SANITIZE_STRING, FILTER_FLAG_ENCODE_LOW);
           $CATEGORY		     = filter_var($obj->CATEGORY, FILTER_SANITIZE_STRING, FILTER_FLAG_ENCODE_LOW);
-         $LOCATION	  = filter_var($obj->LOCATION, FILTER_SANITIZE_NUMBER_INT);
+        
+         $latitude=filter_var($obj->latitude, FILTER_SANITIZE_NUMBER_FLOAT,FILTER_FLAG_ALLOW_FRACTION);
+          $longitude=filter_var($obj->longitude, FILTER_SANITIZE_NUMBER_FLOAT,FILTER_FLAG_ALLOW_FRACTION);
 
          // Attempt to run PDO prepared statement
          try {
-            $sql 	= "INSERT INTO register(NAME, MOBILE,PASSWORD,RETYPEPASSWORD,SHOPNAME,CATEGORY,LOCATION) VALUES(:NAME, :MOBILE,:PASSWORD,:RETYPEPASSWORD,:SHOPNAME,:CATEGORY,:LOCATION)";
+            $sql 	= "INSERT INTO register(NAME, MOBILE,PASSWORD,RETYPEPASSWORD,SHOPNAME,CATEGORY,LATITUDE,LONGITUDE) VALUES(:NAME, :MOBILE,:PASSWORD,:RETYPEPASSWORD,:SHOPNAME,:CATEGORY,:LATITUDE,:LONGITUDE)";
             $stmt 	= $pdo->prepare($sql);
             $stmt->bindParam(':NAME', $NAME, PDO::PARAM_STR);
             $stmt->bindParam(':MOBILE', $MOBILE, PDO::PARAM_INT);
@@ -53,7 +55,9 @@
             $stmt->bindParam(':RETYPEPASSWORD', $RETYPEPASSWORD, PDO::PARAM_STR);
             $stmt->bindParam(':SHOPNAME', $SHOPNAME, PDO::PARAM_STR);
             $stmt->bindParam(':CATEGORY', $CATEGORY, PDO::PARAM_STR);
-            $stmt->bindParam(':LOCATION', $LOCATION, PDO::PARAM_INT);
+           
+            $stmt->bindParam(':LATITUDE', $latitude);
+            $stmt->bindParam(':LONGITUDE', $longitude);
             $stmt->execute();
 
             echo json_encode(array('message' => 'Congratulations the record ' . $NAME . ' was added to the database'));

tesss.php

+
+<?php
+
+   header('Access-Control-Allow-Origin:*');
+
+   // Define database connection parameters
+   $hn      = 'localhost';
+   $un      = 'root';
+   $pwd     = '';
+   $db      = 'digimart';
+   $cs      = 'utf8';
+
+   // Set up the PDO parameters
+   $dsn 	= "mysql:host=" . $hn . ";port=3306;dbname=" . $db . ";charset=" . $cs;
+   $opt 	= array(
+                        PDO::ATTR_ERRMODE            => PDO::ERRMODE_EXCEPTION,
+                        PDO::ATTR_DEFAULT_FETCH_MODE => PDO::FETCH_OBJ,
+                        PDO::ATTR_EMULATE_PREPARES   => false,
+                       );
+   // Create a PDO instance (connect to the database)
+   $pdo 	= new PDO($dsn, $un, $pwd, $opt);
+
+
+   // Retrieve the posted data
+   $json    =  file_get_contents('php://input');
+   $obj     =  json_decode($json);
+   $key     =  strip_tags($obj->key);
+
+
+   // Determine which mode is being requested
+   switch($key)
+   {
+
+      // Add a new record to the technologies table
+      case "create":
+
+         // Sanitise URL supplied values
+         $rad = 1; // radius of bounding circle in kilometers
+
+    $R = 6371;
+        
+         $latitude=filter_var($obj->latitude, FILTER_SANITIZE_NUMBER_FLOAT,FILTER_FLAG_ALLOW_FRACTION);
+          $longitude=filter_var($obj->longitude, FILTER_SANITIZE_NUMBER_FLOAT,FILTER_FLAG_ALLOW_FRACTION);
+           $maxLat = $latitude + rad2deg($rad/$R);
+           $minLat = $latitude - rad2deg($rad/$R);
+           $maxLon = $longitude + rad2deg(asin($rad/$R) / cos(deg2rad($latitude)));
+           $minLon = $longitude - rad2deg(asin($rad/$R) / cos(deg2rad($latitude)));
+
+
+         // Attempt to run PDO prepared statement
+         try {
+            $sql 	= "INSERT INTO locate(maxlat,minlat,maxlon,minlon) VALUES(:LATITUDE,:LONGITUDE,:maxlon,:minlon)";
+            $stmt 	= $pdo->prepare($sql);
+        
+           
+            $stmt->bindParam(':LATITUDE', $maxLat);
+            $stmt->bindParam(':LONGITUDE', $minLat);
+            $stmt->bindParam(':maxlon', $maxLon);
+            $stmt->bindParam(':minlon', $minLon);
+            $stmt->execute();
+
+            echo json_encode(array('message' => 'Congratulations the record  was added to the database'));
+         }
+         // Catch any errors in running the prepared statement
+         catch(PDOException $e)
+         {
+            echo $e->getMessage();
+         }
+
+      break;
+
+
+
+      // Update an existing record in the technologies table
+      case "update":
+         $NAME 		     = filter_var($obj->NAME, FILTER_SANITIZE_STRING, FILTER_FLAG_ENCODE_LOW);
+         $MOBILE	  = filter_var($obj->MOBILE, FILTER_SANITIZE_NUMBER_INT);
+          $PASSWORD    = filter_var($obj->PASSWORD, FILTER_SANITIZE_STRING, FILTER_FLAG_ENCODE_LOW);
+         $SHOPNAME	  = filter_var($obj->SHOPNAME, FILTER_SANITIZE_STRING, FILTER_FLAG_ENCODE_LOW);
+          $CATEGORY		     = filter_var($obj->CATEGORY, FILTER_SANITIZE_STRING, FILTER_FLAG_ENCODE_LOW);
+         $LOCATION	  = filter_var($obj->LOCATION, FILTER_SANITIZE_NUMBER_INT);
+
+         
+         $recordID	     = filter_var($obj->recordID, FILTER_SANITIZE_NUMBER_INT);
+
+         // Attempt to run PDO prepared statement
+         try {
+            $sql 	= "UPDATE register SET NAME = :NAME, MOBILE = :MOBILE,PASSWORD=:PASSWORD,SHOPNAME=:SHOPNAME,CATEGORY=:CATEGORY,LOCATION=:LOCATION WHERE sno = :recordID";
+            $stmt 	=	$pdo->prepare($sql);
+             $stmt->bindParam(':NAME', $NAME, PDO::PARAM_STR);
+            $stmt->bindParam(':MOBILE', $MOBILE, PDO::PARAM_INT);
+            $stmt->bindParam(':PASSWORD', $PASSWORD, PDO::PARAM_STR);
+            $stmt->bindParam(':SHOPNAME', $SHOPNAME, PDO::PARAM_STR);
+            $stmt->bindParam(':CATEGORY', $CATEGORY, PDO::PARAM_STR);
+            $stmt->bindParam(':LOCATION', $LOCATION, PDO::PARAM_INT); 
+            $stmt->bindParam(':recordID', $recordID, PDO::PARAM_INT);
+            $stmt->execute();
+
+            echo json_encode('Congratulations the record ' . $NAME . ' was updated');
+         }
+         // Catch any errors in running the prepared statement
+         catch(PDOException $e)
+         {
+            echo $e->getMessage();
+         }
+
+      break;
+
+
+
+      // Remove an existing record in the technologies table
+      case "delete":
+
+         // Sanitise supplied record ID for matching to table record
+         $recordID	=	filter_var($obj->recordID, FILTER_SANITIZE_NUMBER_INT);
+
+         // Attempt to run PDO prepared statement
+         try {
+            $pdo 	= new PDO($dsn, $un, $pwd);
+            $sql 	= "DELETE FROM technologies WHERE id = :recordID";
+            $stmt 	= $pdo->prepare($sql);
+            $stmt->bindParam(':recordID', $recordID, PDO::PARAM_INT);
+            $stmt->execute();
+
+            echo json_encode('Congratulations the record ' . $NAME . ' was removed');
+         }
+         // Catch any errors in running the prepared statement
+         catch(PDOException $e)
+         {
+            echo $e->getMessage();
+         }
+
+      break;
+   }
+
+?>

updateitemk.php

@@ -38,16 +38,18 @@
          $name 		     = filter_var($obj->name, FILTER_SANITIZE_STRING, FILTER_FLAG_ENCODE_LOW);
          $weight	  = filter_var($obj->weight, FILTER_SANITIZE_NUMBER_INT);
           $price	  = filter_var($obj->price, FILTER_SANITIZE_NUMBER_INT);
+         $emailf	  = filter_var($obj->emailf, FILTER_SANITIZE_NUMBER_INT);
           
 
 
          // Attempt to run PDO prepared statement
          try {
-            $sql 	= "INSERT INTO itemregisterk(name,weight,price) VALUES(:name,:weight,:price)";
+            $sql 	= "INSERT INTO itemregisterk(name,weight,price,emailf) VALUES(:name,:weight,:price,:emailf)";
             $stmt 	= $pdo->prepare($sql);
             $stmt->bindParam(':name', $name, PDO::PARAM_STR);
             $stmt->bindParam(':weight', $weight, PDO::PARAM_INT);
             $stmt->bindParam(':price', $price, PDO::PARAM_INT);
+            $stmt->bindParam(':emailf', $emailf, PDO::PARAM_INT); 
             $stmt->execute();
 
             echo json_encode(array('message' => 'Congratulations the record ' . $name . ' was added to the database'));