pcwvanbeers/assetmgt
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

CMXX - Changed consumer_identity to identity

Browse Source
This commit is contained in:
“VeLiTi”
2025-02-23 15:25:06 +01:00
parent 3182cb0b3c
commit bc7e83efe9
5 changed files with 29 additions and 26 deletions
Download Patch File Download Diff File Expand all files Collapse all files

37
api/v2/post/consumer_identity.php → api/v2/post/identity.php
View File

@@ -2,7 +2,7 @@
defined($security_key) or exit;
//------------------------------------------
// consumer_identity
// identity
//------------------------------------------
//Connect to DB
$pdo = dbConnect($dbname);
@@ -47,7 +47,7 @@ $resetkey = generate_jwt($headers, $payload);
if ($id != '' && $command == 'reset'){
//STEP 1 - Get username
$stmt = $pdo->prepare('SELECT * FROM consumer_identity WHERE userkey = ?');
$stmt = $pdo->prepare('SELECT * FROM identity WHERE userkey = ?');
$stmt->execute([$id]);
$consumer_data = $stmt->fetch();
@@ -66,7 +66,7 @@ if ($id != '' && $command == 'reset'){
//ADD STANDARD PARAMETERS TO ARRAY BASED ON INSERT OR UPDATE
if ($command == 'update'){
//Define Query
$stmt = $pdo->prepare('SELECT * FROM consumer_identity WHERE userkey = ?');
$stmt = $pdo->prepare('SELECT * FROM identity WHERE userkey = ?');
$stmt->execute([$id]);
$consumer_data = $stmt->fetch();
@@ -78,23 +78,25 @@ if ($command == 'update'){
}
elseif ($command == 'insert'){
$post_content['password'] = bin2hex(random_bytes(25)); //generate initial password
$post_content['password'] = password_hash($post_content['password'], PASSWORD_DEFAULT);; //generate initial password
$post_content['language'] = isset($post_content['language']) ? $post_content['language'] : 'US';
$post_content['profile'] = 0;
$post_content['isverified'] = 0;
}
elseif ($command == 'login'){
//SETUP SQL FOR LOGIN_COUNT
$sql_login = 'UPDATE consumer_identity SET login_count = ? WHERE id = ?';
$sql_login = 'UPDATE identity SET login_count = ? WHERE id = ?';
// Check if the account exists
$stmt = $pdo->prepare('SELECT * FROM consumer_identity WHERE email = ?');
$stmt = $pdo->prepare('SELECT * FROM identity WHERE email = ?');
$stmt->execute([ $post_content['email'] ]);
$account = $stmt->fetch(PDO::FETCH_ASSOC);
if (count($account) != 0){
//CHECK NUMBER OF LOGIN ATTEMPTS IS BELOW 5
if($user_data['login_count'] < 5){
if($account['login_count'] < 5 || $account['isverified'] == 0 ){
// If account exists verify password
if ($account && password_verify($post_content['password'], $account['password'])) {
@@ -128,7 +130,8 @@ elseif ($command == 'login'){
}
else {
//User is blocked & send error
$messages = '1';
$messages = ($account['isverified'] == 0)? 0 : 1; //0 = not verified 1=blocked
//------------------------------------------
//Send results
//------------------------------------------
@@ -163,8 +166,8 @@ $clause_insert = substr($clause_insert, 2); //Clean clause - remove first comma
$input_insert = substr($input_insert, 1); //Clean clause - remove first comma
//QUERY AND VERIFY ALLOWED
if ($command == 'update' && (isAllowed('consumer_identity',$profile,$permission,'U') === 1)){
$sql = 'UPDATE consumer_identity SET '.$clause.' WHERE userkey = ? '.$whereclause.'';
if ($command == 'update' && (isAllowed('identity',$profile,$permission,'U') === 1)){
$sql = 'UPDATE identity SET '.$clause.' WHERE userkey = ? '.$whereclause.'';
$execute_input[] = $id;
$stmt = $pdo->prepare($sql);
@@ -173,19 +176,19 @@ if ($command == 'update' && (isAllowed('consumer_identity',$profile,$permission,
}
elseif ($command == 'insert' && isAllowed('',$profile,$permission,'C') === 1){
//check if consumer_identity exists
$stmt = $pdo->prepare('SELECT * FROM consumer_identity WHERE email = ?');
//check if identity exists
$stmt = $pdo->prepare('SELECT * FROM identity WHERE email = ?');
$stmt->execute([$post_content['email']]);
$consumer_exist = $stmt->fetch();
$exists = (isset($consumer_exist['email']))? 1 : 0;
if($consumer_exist == 0 ){
$sql = 'INSERT INTO consumer_identity ('.$clause_insert.') VALUES ('.$input_insert.')';
$sql = 'INSERT INTO identity ('.$clause_insert.') VALUES ('.$input_insert.')';
$stmt = $pdo->prepare($sql);
$stmt->execute($execute_input);
//STEP 2- Send to user
$messages = json_encode(array('consumer_email'=> $post_content['email'], "resetkey" => $resetkey), JSON_UNESCAPED_UNICODE);
$messages = json_encode(array('consumer_email'=> $post_content['email'],'accountID' => $account['userkey'],'profile' => $post_content['profile'], 'resetkey' => $resetkey), JSON_UNESCAPED_UNICODE);
//Send results
echo $messages;
exit;
@@ -199,13 +202,13 @@ elseif ($command == 'insert' && isAllowed('',$profile,$permission,'C') === 1){
echo $messages;
}
}
elseif ($command == 'delete' && isAllowed('consumer_identity',$profile,$permission,'D') === 1){
elseif ($command == 'delete' && isAllowed('identity',$profile,$permission,'D') === 1){
//delete equipment
$stmt = $pdo->prepare('DELETE FROM consumer_identity WHERE userkey = ? '.$whereclause.'');
$stmt = $pdo->prepare('DELETE FROM identity WHERE userkey = ? '.$whereclause.'');
$stmt->execute([ $id ]);
//Add deletion to changelog
changelog($dbname,'consumer_identity',$id,'Delete','Delete',$consumername);
changelog($dbname,'identity',$id,'Delete','Delete',$consumername);
} else
{
//do nothing