ok
Direktori : /proc/self/root/home2/selectio/www/wedding-info-new/api/ |
Current File : //proc/self/root/home2/selectio/www/wedding-info-new/api/profile_add.php |
<?php include_once('config/config.php'); session_start(); error_log('formstarts........'); $return_arr = array(); // Initialize the return array if (isset($_POST['type']) && $_POST['type'] == 'upload') { $wa_limit = $_POST['wa_limit']; $occupation_limit = $_POST['occupation_limit']; $phy_limit = $_POST['phy_limit']; $intrest_limit = $_POST['intrest_limit']; $alter_mobile_no = $_POST['alter_mobile_no']; $occupation = $_POST['occupation']; $physical_status = $_POST['physical_status']; $intrests = $_POST['intrests']; $marital_status_limit = $_POST['marital_status_limit']; $annual_incm_limit = $_POST['annual_incm_limit']; $annual_income = $_POST['annual_income']; $marital_status = $_POST['marital_status']; if ($_POST['edit'] == 'edit') { $statement = $pdo->prepare("SELECT * FROM `tbl_alliances_register` WHERE `id` = ?"); $statement->execute([$_SESSION['user']['id']]); $match = $statement->fetch(PDO::FETCH_ASSOC); $annual_incm_limit = ($annual_income == $match['annual_incm']) ? $annual_incm_limit : ($annual_incm_limit - 1); if($annual_income != $match['annual_incm']){ $stmt = $pdo->prepare("INSERT INTO tbl_attempt_values (alliance_id, old_value, field_name) VALUES (?, ?, ?)"); $stmt->execute([$_SESSION['user']['id'], $match['annual_incm'], 'annual_incm']); } $marital_status_limit = ($marital_status == $match['martial_status']) ? $marital_status_limit : ($marital_status_limit - 1); $wa_limit = ($alter_mobile_no == $match['mobile_no_alt']) ? $wa_limit : ($wa_limit - 1); $occupation_limit = ($occupation == $match['occupation']) ? $occupation_limit : ($occupation_limit - 1); $phy_limit = ($physical_status == $match['phy_status']) ? $phy_limit : ($phy_limit - 1); $intrest_limit = ($intrests == $match['intrests']) ? $intrest_limit : ($intrest_limit - 1); } $id = $_SESSION['user']['id']; $profile_created_for = $_POST['profile_created_for']; $profile_name = $_POST['profile_name']; $gender = $_POST['gender']; $dob = $_POST['dob']; $age = $_POST['age']; $country = $_POST['country']; $mobile_no = $_POST['mobile_no']; $address = $_POST['address']; $city = $_POST['city']; $state = $_POST['state']; $pin_code = $_POST['pin_code']; $land_mark = $_POST['land_mark']; $email_id = $_POST['email_id']; // marital_status_limit annual_incm_limit // Prepare and execute the SQL statement $statement = $pdo->prepare("UPDATE `tbl_alliances_register` SET `profile_ctd_fr` = ?, `name` = ?, `gender` = ?, `dob` = ?, `age` = ?, `country` = ?, `mobile_no` = ?, `mobile_no_alt` = ?, `lgl_address` = ?, `city` = ?, `state` = ?, `pincode` = ?, `l_mark` = ?, `email` = ?, `occupation` = ?, `annual_incm` = ?, `phy_status` = ?, `martial_status` = ?, `personal_info_cmt` = ?, `intrests` = ?, `wa_limit` = ?, `occupation_limit` = ?, `phy_limit` = ?, `intrest_limit` = ?, `marital_status_limit` = ?, `annual_incm_limit` = ? WHERE `id` = ?"); $result = $statement->execute([ $profile_created_for, $profile_name, $gender, $dob, $age, $country, $mobile_no, $alter_mobile_no, $address, $city, $state, $pin_code, $land_mark, $email_id, $occupation, $annual_income, $physical_status, $marital_status, 1, $intrests, $wa_limit, $occupation_limit, $phy_limit, $intrest_limit, $marital_status_limit, $annual_incm_limit, $id // Assuming $id contains the ID of the record you want to update ]); $_SESSION['user']['personal_info_cmt'] = 1; if ($result) { $return_arr['message'] = 'Profile Updated successfully.'; $return_arr['status'] = 200; } else { $return_arr['message'] = 'Something went wrong.'; $return_arr['status'] = 400; } echo json_encode($return_arr); } if (isset($_POST['type']) && $_POST['type'] == 'horoscope') { try { // relg_limit // caste_limit // birth_t_limit // dosham_limit // // mother_tongue_limit // zodiac_stars_limit // birth_pl_limit $relg_limit = $_POST['relg_limit']; $caste_limit = $_POST['caste_limit']; $birth_t_limit = $_POST['birth_t_limit']; $dosham_limit = $_POST['dosham_limit']; $mother_tongue_limit = $_POST['mother_tongue_limit']; $zodiac_stars_limit = $_POST['zodiac_stars_limit']; $birth_pl_limit = $_POST['birth_pl_limit']; $id = $_SESSION['user']['id']; // Assuming you have an active PDO connection $mother_tongue = $_POST['mother_tongue']; $birth_place = $_POST['birth_place']; $zodiac_signs_star = $_POST['zodiac_signs_star']; $religion = $_POST['religion']; $caste = $_POST['caste']; $birth_hour = $_POST['birth_hour']; $birth_min = $_POST['birth_min']; $birth_sn = $_POST['birth_sn']; $dhosam = $_POST['dhosam']; if ($_POST['edit'] == 'edit') { $statement = $pdo->prepare("SELECT * FROM `tbl_alliances_register` WHERE `id` = ?"); $statement->execute([$_SESSION['user']['id']]); $match = $statement->fetch(PDO::FETCH_ASSOC); error_log("match".$zodiac_signs_star .'='.$match['h_zodic']); error_log("limit star star".$zodiac_stars_limit); $relg_limit = ($religion == $match['religion']) ? $relg_limit : ($relg_limit - 1); $caste_limit = ($caste == $match['caste']) ? $caste_limit : ($caste_limit - 1 ) ; $birth_t_limit = ($birth_sn == $match['h_session']) && ($birth_min == $match['h_min']) && ($birth_hour == $match['h_hour']) ? $birth_t_limit : ($birth_t_limit - 1); $dosham_limit = ($dhosam == $match['h_dosham']) ? $dosham_limit : ($dosham_limit - 1); $mother_tongue_limit = ($mother_tongue == $match['mother_tonque']) ? $mother_tongue_limit : ($mother_tongue_limit - 1); $zodiac_stars_limit = ($zodiac_signs_star == $match['h_zodic']) ? $zodiac_stars_limit : ($zodiac_stars_limit - 1); error_log("limit star".$mother_tongue_limit); $birth_pl_limit = ($birth_place == $match['h_place_birth']) ? $birth_pl_limit : ($birth_pl_limit - 1); } error_log("limit star final".$zodiac_stars_limit); $horoscope_name = $_POST['horoscope_name']; $horoscope_gender = $_POST['horoscope_gender']; $horoscope_dob = $_POST['horoscope_dob']; // Prepare and execute the SQL statement $query = "UPDATE `tbl_alliances_register` SET `religion` = '$religion', `mother_tonque` = '$mother_tongue', `caste` = '$caste', `name` = '$horoscope_name', `h_gender` = '$horoscope_gender', `h_dob` = '$horoscope_dob', `h_place_birth` = '$birth_place', `h_hour` = '$birth_hour', `h_min` = '$birth_min', `h_session` = '$birth_sn', `h_zodic` = '$zodiac_signs_star', `h_dosham` = '$dhosam', `horroscope_info_cmt` = 1, `relg_limit` = '$relg_limit', `caste_limit` = '$caste_limit', `birth_t_limit` = '$birth_t_limit', `dosham_limit` = '$dosham_limit', `mother_tongue_limit` = '$mother_tongue_limit', `zodiac_stars_limit` = '$zodiac_stars_limit', `birth_pl_limit` = '$birth_pl_limit' WHERE `id` = '$id'"; $statement = $pdo->prepare($query); $result = $statement->execute(); $_SESSION['user']['horroscope_info_cmt'] = 1; if ($result) { $return_arr['message'] = 'Horoscope Details Updated successfully.'; $return_arr['status'] = 200; } else { $return_arr['message'] = 'Something went wrong.'; $return_arr['status'] = 400; } } catch (Exception $e) { $return_arr['message'] = $e->getMessage(); $return_arr['status'] = 500; error_log($e->getMessage()); } echo json_encode($return_arr); } if (isset($_POST['type']) && $_POST['type'] == 'verification') { try { // Validation and sanitization of input fields here function generateUniqueFileName($originalName) { $extension = pathinfo($originalName, PATHINFO_EXTENSION); $image = rand(10, 1000000000) . "-" . date('Y-m-d_his') . "-images." . $extension; return $image; } $fileFields = ['proof_zero', 'proof_first', 'proof_two', 'proof_three']; $fileNames = []; foreach ($fileFields as $fieldName) { if (isset($_FILES[$fieldName]) && $_FILES[$fieldName]["name"] != "") { $fileName = './uploads/proof/' . generateUniqueFileName($_FILES[$fieldName]['name']); $targetPath = "." . $fileName; if (move_uploaded_file($_FILES[$fieldName]['tmp_name'], $targetPath)) { $fileNames[$fieldName] = $fileName; } else { throw new Exception('Failed to move uploaded file.'); } } else { $fileNames[$fieldName] = $_POST['oldfileInput_' . $fieldName]; } } $ids = $_SESSION['user']['id']; $dhosam = $_POST['dhosam']; $verified_aadhar_no = $_POST['verified_aadhar_no']; $verified_aadhar_mobile_no = $_POST['verified_aadhar_mobile_no']; $birth_certificatenumber = $_POST['birth_certificatenumber']; $communication_certificate = $_POST['communication_certificate']; $agreement = $_POST['agreement']; $verified_aadhar_name = $_POST['verified_aadhar_name']; // Your validation and sanitization code goes here // Prepare the SQL query (removed extra comma, added placeholder for verification_info_cmt) $statement = $pdo->prepare("UPDATE `tbl_alliances_register` SET `v_photos` = ?, `v_birthcert` = ?, `v_aadhar_name` = ?, `name` = ?, `v_aadhar` = ?, `v_aadhar_no` = ?, `v_aadhar_mobile` = ?, `mobile_no` = ?, `v_birth_cert_no` = ?, `h_communication` = ?, `h_communication_no` = ?, `verification_info_cmt` = ? WHERE `id` = ?"); // Execute the query with appropriate parameters $result = $statement->execute([ $fileNames['proof_first'], $fileNames['proof_two'], $verified_aadhar_name, $verified_aadhar_name, $fileNames['proof_zero'], $verified_aadhar_no, $verified_aadhar_mobile_no, $verified_aadhar_mobile_no, $birth_certificatenumber, $fileNames['proof_three'], $communication_certificate, 1, // Assuming verification_info_cmt is boolean and should be set to 1 on successful update $ids ]); if ($result) { // Update session variable only if the update operation is successful $_SESSION['user']['verification_info_cmt'] = 1; $return_arr['message'] = 'Details Updated successfully.'; $return_arr['status'] = 200; } else { $return_arr['message'] = 'Something went wrong.'; $return_arr['status'] = 400; } } catch (Exception $e) { $return_arr['message'] = 'Internal Server Error: ' . $e->getMessage(); $return_arr['status'] = 500; error_log($e->getMessage()); } echo json_encode($return_arr); } if (isset($_POST['type']) && $_POST['type'] == 'astrology_reg') { try { function generateUniqueFileName($originalName) { $extension = pathinfo($originalName, PATHINFO_EXTENSION); $image = rand(10, 1000000000) . "-" . date('Y-m-d h:i:s a', time()) . "-images." . $extension; return $image; } $fieldName = "profileImage"; if (isset($_FILES[$fieldName]) && $_FILES[$fieldName]["name"] != "") { $fileName0 = './uploads/proof/' . generateUniqueFileName($_FILES[$fieldName]['name']); $targetPath0 = "." . $fileName0; // Folder path where images will be saved move_uploaded_file($_FILES[$fieldName]['tmp_name'], $targetPath0); } else { $fileName0 = $_POST['oldfileInput_zero']; } $profile_created_for=$_POST['profile_created_for']; $profile_name=$_POST['profile_name']; $gender=$_POST['gender']; $dob=$_POST['dob']; $age=$_POST['age']; $mobile_no=$_POST['mobile_no']; $alter_mobile_no=$_POST['alter_mobile_no']; $address=$_POST['address']; $city=$_POST['city']; $state=$_POST['state']; $pin_code=$_POST['pin_code']; $land_mark=$_POST['land_mark']; $occupation=$_POST['occupation']; $education=$_POST['education']; $experience=$_POST['experience']; $language=$_POST['language']; $c_time=$_POST['c_time']; $price=$_POST['price']; // Prepare and execute the SQL statement $statement = $pdo->prepare("INSERT INTO `tbl_astrologer` (`profile_ctd_fr`, `name`, `gender`, `dob`, `age`, `mobile_no`, `mobile_no_alt`, `lgl_address`, `city`, `state`, `pincode`, `l_mark`, `occupation`, `education`, `experience`, `language`, `v_profile_photo`,`call_time`,`price`) VALUES (?,?,?,?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)"); $result = $statement->execute([$profile_created_for, $profile_name, $gender, $dob, $age, $mobile_no, $alter_mobile_no, $address, $city, $state, $pin_code, $land_mark, $occupation, $education, $experience, $language, $fileName0,$c_time,$price]); if ($result) { $return_arr['message'] = 'Astorloger Created added successfully.'; $return_arr['status'] = 200; } else { $return_arr['message'] = 'Something went wrong.'; $return_arr['status'] = 400; } } catch (Exception $e) { $return_arr['message'] = $e->getMessage(); $return_arr['status'] = 500; error_log($e->getMessage()); } echo json_encode($return_arr); } if (isset($_POST['type']) && $_POST['type'] == 'photos_form') { error_log('all profile photos .....................'); $return_arr = array(); try { $count = $_POST['count']; $uid = $_SESSION['user']['id']; function generateUnique($originalName) { $extension = pathinfo($originalName, PATHINFO_EXTENSION); $image = rand(10, 1000000000) . "-" . date('Y-m-d_his') . "-images." . $extension; return $image; } for ($i = 0; $i < $count; $i++) { $fieldName = "files"; if (isset($_FILES[$fieldName]['name'][$i]) && $_FILES[$fieldName]['name'][$i] != "") { $fileName0 = './uploads/user_img/' . generateUnique($_FILES[$fieldName]['name'][$i]); $targetPath0 = "." . $fileName0; move_uploaded_file($_FILES[$fieldName]['tmp_name'][$i], $targetPath0); } else { $fileName0 = $_POST['oldfileInput_' . $i]; // Use dynamic index for old files } // Prepare and execute the SQL statement with prepared statements $statement = $pdo->prepare("INSERT INTO `tbl_images` (`user_id`, `image`) VALUES (?, ?)"); $result = $statement->execute([$uid, $fileName0]); } if ($result) { $return_arr['message'] = 'Image(s) added successfully.'; $return_arr['status'] = 200; } else { $return_arr['message'] = 'Failed to add image(s).'; $return_arr['status'] = 400; } } catch (PDOException $e) { $return_arr['message'] = 'Database error: ' . $e->getMessage(); $return_arr['status'] = 500; error_log($e->getMessage()); } catch (Exception $e) { $return_arr['message'] = 'Error: ' . $e->getMessage(); $return_arr['status'] = 500; error_log($e->getMessage()); } echo json_encode($return_arr); } if (isset($_POST['type']) && $_POST['type'] == 'rewards_form') { error_log("start................rewards"); $return_arr = array(); try { $count = $_POST['count']; $uid = $_SESSION['user']['id']; function generateUnique($originalName) { $extension = pathinfo($originalName, PATHINFO_EXTENSION); $image = rand(10, 1000000000) . "-" . date('Y-m-d_his') . "-images." . $extension; return $image; } for ($i = 0; $i < $count; $i++) { $fieldName = "rewards"; if (isset($_FILES[$fieldName]['name'][$i]) && $_FILES[$fieldName]['name'][$i] != "") { $fileName0 = './uploads/rewards/' . generateUnique($_FILES[$fieldName]['name'][$i]); $targetPath0 = "." . $fileName0; move_uploaded_file($_FILES[$fieldName]['tmp_name'][$i], $targetPath0); } else { $fileName0 = $_POST['oldfileInput_' . $i]; // Use dynamic index for old files } // Prepare and execute the SQL statement with prepared statements $statement = $pdo->prepare("INSERT INTO `tbl_rewards` (`user_id`, `photo`) VALUES (?, ?)"); $result = $statement->execute([$uid, $fileName0]); } if ($result) { $return_arr['message'] = 'Image(s) added successfully.'; $return_arr['status'] = 200; } else { $return_arr['message'] = 'Failed to add image(s).'; $return_arr['status'] = 400; } } catch (PDOException $e) { $return_arr['message'] = 'Database error: ' . $e->getMessage(); $return_arr['status'] = 500; error_log($e->getMessage()); } catch (Exception $e) { $return_arr['message'] = 'Error: ' . $e->getMessage(); $return_arr['status'] = 500; error_log($e->getMessage()); } echo json_encode($return_arr); } if (isset($_POST['type']) && $_POST['type'] == 'img-delete') { $return_arr = array(); try { $id = $_POST['id']; $uid = $_SESSION['user']['id']; // Retrieve the image file name from the database using $id $statement = $pdo->prepare("SELECT `image` FROM `tbl_images` WHERE `id` = ?"); $statement->execute([$id]); $imageRow = $statement->fetch(PDO::FETCH_ASSOC); if ($imageRow) { $imageFileName = $imageRow['image']; // Delete the image file from the server $filePath = '.'.$imageFileName; error_log($filePath); if ($filePath) { unlink($filePath); // Unlink (delete) the file } // Delete the record from the database $deleteStatement = $pdo->prepare("DELETE FROM `tbl_images` WHERE `id` = ?"); $deleteResult = $deleteStatement->execute([$id]); if ($deleteResult) { $return_arr['message'] = 'Image deleted successfully.'; $return_arr['status'] = 200; } else { $return_arr['message'] = 'Failed to delete image.'; $return_arr['status'] = 400; } } else { $return_arr['message'] = 'Image not found.'; $return_arr['status'] = 404; } } catch (PDOException $e) { $return_arr['message'] = 'Database error: ' . $e->getMessage(); $return_arr['status'] = 500; error_log($e->getMessage()); } catch (Exception $e) { $return_arr['message'] = 'Error: ' . $e->getMessage(); $return_arr['status'] = 500; error_log($e->getMessage()); } echo json_encode($return_arr); } if (isset($_POST['type']) && $_POST['type'] == 'rwd-delete') { $return_arr = array(); try { $id = $_POST['id']; $uid = $_SESSION['user']['id']; // Retrieve the image file name from the database using $id $statement = $pdo->prepare("SELECT `photo` FROM `tbl_rewards` WHERE `id` = ?"); $statement->execute([$id]); $imageRow = $statement->fetch(PDO::FETCH_ASSOC); if ($imageRow) { $imageFileName = $imageRow['photo']; // Delete the image file from the server $filePath = '.'.$imageFileName; error_log($filePath); if ($filePath) { unlink($filePath); // Unlink (delete) the file } // Delete the record from the database $deleteStatement = $pdo->prepare("DELETE FROM `tbl_rewards` WHERE `id` = ?"); $deleteResult = $deleteStatement->execute([$id]); if ($deleteResult) { $return_arr['message'] = 'Image deleted successfully.'; $return_arr['status'] = 200; } else { $return_arr['message'] = 'Failed to delete image.'; $return_arr['status'] = 400; } } else { $return_arr['message'] = 'Image not found.'; $return_arr['status'] = 404; } } catch (PDOException $e) { $return_arr['message'] = 'Database error: ' . $e->getMessage(); $return_arr['status'] = 500; error_log($e->getMessage()); } catch (Exception $e) { $return_arr['message'] = 'Error: ' . $e->getMessage(); $return_arr['status'] = 500; error_log($e->getMessage()); } echo json_encode($return_arr); } ?>