Skip to content

GitLab

Commit ff8836d5 authored by panjalasanthosh's avatar panjalasanthosh
Browse files

03-03-2021

parents
master
Pipeline #645 failed with stages
Expand all Hide whitespace changes
Inline Side-by-side
Showing
with 2862 additions and 0 deletions
+2862 -0
api/api.php 0 → 100644
View file @ ff8836d5
<?
include ('../init.php');
include ('../func/fn_common.php');
include ('../tools/gc_func.php');
include ('../tools/email.php');
include ('../tools/sms.php');
function getUserIdFromAPIKey($key)
{
global $ms;
$q = "SELECT * FROM `gs_users` WHERE `api_key`='".$key."'";
$r = mysqli_query($ms, $q);
$row = mysqli_fetch_array($r);
if($row["api"] == "true")
{
return $row["id"];
}
else
{
return false;
}
}
function getUserIdFromUsername($username)
{
global $ms;
$q = "SELECT * FROM `gs_users` WHERE `username`='".$username."'";
$r = mysqli_query($ms, $q);
$row = mysqli_fetch_array($r);
return $row["id"];
}
function getUserIdFromEmail($email)
{
global $ms;
$q = "SELECT * FROM `gs_users` WHERE `email`='".$email."'";
$r = mysqli_query($ms, $q);
if (!$r)
{
return false;
}
$row = mysqli_fetch_array($r);
return $row["id"];
}
function getUserAPIKeyFromEmail($email)
{
global $ms;
$q = "SELECT * FROM `gs_users` WHERE `email`='".$email."'";
$r = mysqli_query($ms, $q);
if (!$r)
{
return false;
}
$row = mysqli_fetch_array($r);
return $row["api_key"];
}
// validate access to api
$api_access = false;
$api = @$_GET['api'];
$ver = @$_GET['ver'];
$key = @$_GET['key'];
$cmd = @$_GET['cmd'];
if ($api == '') { die; }
if ($ver != '1.0') { die; }
if ($cmd == '') { die; }
if ($api == 'server')
{
if ($key != $gsValues['SERVER_API_KEY']) { die; }
$api_access = true;
include ('api_server.php');
}
if ($api == 'user')
{
$user_id = getUserIdFromAPIKey($key);
if ($user_id == false) { die; }
//check user usage
if (!checkUserUsage($user_id, 'api')) { die; }
//update user usage
updateUserUsage($user_id, false, false, false, 1);
$api_access = true;
include ('api_user.php');
}
die;
?>
\ No newline at end of file
api/api_loc.php 0 → 100644
View file @ ff8836d5
<?
ob_start();
echo "OK";
header("Connection: close");
header("Content-length: " . (string)ob_get_length());
ob_end_flush();
if (!isset($_GET["imei"]))
{
die;
}
chdir('../server');
include ('s_insert.php');
$loc = array();
$loc['imei'] = $_GET["imei"];
$loc['protocol'] = 'api_loc';
$loc['ip'] = '';
$loc['port'] = '';
$loc['dt_server'] = gmdate("Y-m-d H:i:s");
$loc['dt_tracker'] = gmdate("Y-m-d H:i:s");
if (@$_GET["dt"] != "")
{
$loc['dt_tracker'] = $_GET["dt"];
}
$loc['lat'] = @$_GET["lat"];
$loc['lng'] = @$_GET["lng"];
$loc['altitude'] = @$_GET["altitude"];
$loc['angle'] = @$_GET["angle"];
$loc['speed'] = @$_GET["speed"];
$loc['loc_valid'] = @$_GET["loc_valid"];
$loc['params'] = @$_GET["params"];
$loc['event'] = @$_GET["event"];
$loc['params'] = paramsToArray(@$loc['params']);
insert_db_loc($loc);
mysqli_close($ms);
die;
?>
\ No newline at end of file
api/api_server.php 0 → 100644
View file @ ff8836d5
<?
if (@$api_access != true) { die; }
// split command and params
$cmd = explode(',', $cmd);
$command = @$cmd[0];
$command = strtoupper($command);
if ($command == 'CHECK_USER_EXISTS')
{
// command validation
if (count($cmd) < 2) { die; }
// command parameters
$email = strtolower($cmd[1]);
if(checkUserExists($email))
{
echo 'true';
}
else
{
echo 'false';
}
}
if ($command == 'ADD_USER')
{
loadLanguage('english');
// command validation
if (count($cmd) < 2) { die; }
// command parameters
$email = strtolower($cmd[1]);
$privileges = array();
$privileges['type'] = 'user';
$privileges['history'] = (bool)$gsValues['HISTORY'];
$privileges['reports'] = (bool)$gsValues['REPORTS'];
$privileges['rilogbook'] = (bool)$gsValues['RILOGBOOK'];
$privileges['object_control'] = (bool)$gsValues['OBJECT_CONTROL'];
$privileges['image_gallery'] = (bool)$gsValues['IMAGE_GALLERY'];
$privileges['chat'] = (bool)$gsValues['CHAT'];
$privileges = json_encode($privileges);
addUser('true', 'true', 'false', '', $privileges, '', $email, '', $gsValues['OBJ_ADD'], $gsValues['OBJ_LIMIT'], $gsValues['OBJ_LIMIT_NUM'], $gsValues['OBJ_DAYS'], $gsValues['OBJ_DAYS_NUM'], $gsValues['OBJ_EDIT'], $gsValues['OBJ_HISTORY_CLEAR']);
}
if ($command == 'DEL_USER')
{
// command validation
if (count($cmd) < 2) { die; }
// command parameters
$email = strtolower($cmd[1]);
// get user id from email
$user_id = getUserIdFromEmail($email);
if (!$user_id)
{
die;
}
// delete user
delUser($user_id);
}
if ($command == 'ADD_OBJECT')
{
// command validation
if (count($cmd) < 5) { die; }
// command parameters
$imei = strtoupper($cmd[1]);
$name = $cmd[2];
$object_expire = $cmd[3];
$object_expire_dt = $cmd[4];
if($imei == '') die;
if($name == '') die;
if($object_expire == '') die;
// add object
addObjectSystem($name, $imei, 'true', $object_expire, $object_expire_dt, '0');
createObjectDataTable($imei);
}
if ($command == 'DEL_OBJECT')
{
// command validation
if (count($cmd) < 2) { die; }
// command parameters
$imei = strtoupper($cmd[1]);
// delete object
delObjectSystem($imei);
}
if ($command == 'ADD_USER_OBJECT')
{
// command validation
if (count($cmd) < 3) { die; }
// command parameters
$email = strtolower($cmd[1]);
$imei = strtoupper($cmd[2]);
if($email == '') die;
if($imei == '') die;
// get user id from email
$user_id = getUserIdFromEmail($email);
// add object to user
addObjectUser($user_id, $imei, 0, 0, 0);
}
if ($command == 'DEL_USER_OBJECT')
{
// command validation
if (count($cmd) < 3) { die; }
// command parameters
$email = strtolower($cmd[1]);
$imei = strtoupper($cmd[2]);
// get user id from email
$user_id = getUserIdFromEmail($email);
if (!$user_id)
{
die;
}
// delete object from user
delObjectUser($user_id, $imei);
}
if ($command == 'OBJECT_SET_ACTIVITY')
{
// command validation
if (count($cmd) < 5) { die; }
// command parameters
$imei = strtoupper($cmd[1]);
$active = strtolower($cmd[2]);
$object_expire = $cmd[3];
$object_expire_dt = $cmd[4];
// command exec
if ($active == 'true')
{
$q = "UPDATE `gs_objects` SET `active`='true', `object_expire`='".$object_expire."', `object_expire_dt`='".$object_expire_dt."' WHERE `imei`='".$imei."'";
}
else if ($active == 'false')
{
$q = "UPDATE `gs_objects` SET `active`='false', `object_expire`='".$object_expire."', `object_expire_dt`='".$object_expire_dt."' WHERE `imei`='".$imei."'";
}
//error_log($q);
$r = mysqli_query($ms, $q);
}
if ($command == 'ADD_USER_BILLING_PLAN')
{
// command validation
if (count($cmd) < 3) { die; }
// command parameters
$email = strtolower($cmd[1]);
$plan_id = $cmd[2];
// command exec
$user_id = getUserIdFromEmail($email);
if (!$user_id)
{
die;
}
$dt_purchase = gmdate("Y-m-d H:i:s");
$q = "SELECT * FROM `gs_billing_plans` WHERE `plan_id`='".$plan_id."'";
$r = mysqli_query($ms, $q);
if (!$r)
{
die;
}
$row = mysqli_fetch_array($r);
$name = $row['name'];
$active = $row['active'];
$objects = $row['objects'];
$period = $row['period'];
$period_type = $row['period_type'];
$price = $row['price'];
if ($active == 'true')
{
$q = "INSERT INTO `gs_user_billing_plans` (`user_id`,
`dt_purchase`,
`name`,
`objects`,
`period`,
`period_type`,
`price`
) VALUES (
'".$user_id."',
'".$dt_purchase."',
'".$name."',
'".$objects."',
'".$period."',
'".$period_type."',
'".$price."')";
$r = mysqli_query($ms, $q);
}
}
if ($command == 'GET_USER_API_KEY')
{
// command validation
if (count($cmd) < 2) { die; }
// command parameters
$email = strtolower($cmd[1]);
// get user api key from email
$api_key = getUserAPIKeyFromEmail($email);
if (!$api_key)
{
die;
}
echo $api_key;
}
die;
?>
\ No newline at end of file
api/api_user.php 0 → 100644
View file @ ff8836d5
<?
if (@$api_access != true) { die; }
// split command and params
//$cmd = explode(',', $cmd);
$cmd = urldecode($cmd);
$cmd = stripslashes($cmd);
$cmd = str_getcsv($cmd, ",", '"');
$command = @$cmd[0];
$command = strtoupper($command);
if ($command == 'USER_GET_OBJECTS')
{
// command validation
if (count($cmd) < 1) { die; }
$q = "SELECT * FROM `gs_user_objects` WHERE `user_id`='".$user_id."'";
$r = mysqli_query($ms, $q);
$result = array();
while($row = mysqli_fetch_array($r))
{
$imei = $row['imei'];
$q2 = "SELECT * FROM `gs_objects` WHERE `imei`='".$imei."'";
$r2 = mysqli_query($ms, $q2);
$row2 = mysqli_fetch_array($r2);
if ($row2)
{
$result[] = array('imei' => $row2['imei'],
'protocol' => $row2['protocol'],
'ip' => $row2['ip'],
'port' => $row2['port'],
'active' => $row2['active'],
'object_expire' => $row2['object_expire'],
'object_expire_dt' => $row2['object_expire_dt'],
'name' => $row2['name']);
}
}
header('Content-type: application/json');
echo json_encode($result);
}
if ($command == 'OBJECT_GET_CMDS')
{
// command validation
if (count($cmd) < 2) { die; }
// command parameters
$imei = strtoupper($cmd[1]);
$q = "SELECT * FROM `gs_object_cmd_exec` WHERE `user_id`='".$user_id."' AND `imei`='".$imei."' AND `status`='0'";
$r = mysqli_query($ms, $q);
$result = array();
while($row = mysqli_fetch_array($r))
{
$result[] = array($row['cmd_id'], $row['cmd']);
$q2 = "UPDATE `gs_object_cmd_exec` SET `status`='1' WHERE `cmd_id`='".$row["cmd_id"]."'";
$r2 = mysqli_query($ms, $q2);
}
header('Content-type: application/json');
echo json_encode($result);
}
if ($command == 'OBJECT_CMD_GPRS')
{
// command validation
if (count($cmd) < 5) { die; }
// command parameters
$imei = strtoupper($cmd[1]);
$name = $cmd[2];
$type = $cmd[3];
$cmd = $cmd[4];
$type = strtolower($type);
$q = "SELECT * FROM `gs_user_objects` WHERE `user_id`='".$user_id."' AND `imei`='".$imei."'";
$r = mysqli_query($ms, $q);
$row = mysqli_fetch_array($r);
if (!$row)
{
die();
}
sendObjectGPRSCommand($user_id, $imei, $name, $type, $cmd);
}
if ($command == 'OBJECT_CMD_SMS')
{
// command validation
if (count($cmd) < 4) { die; }
// command parameters
$imei = strtoupper($cmd[1]);
$name = $cmd[2];
$cmd = $cmd[3];
$q = "SELECT * FROM `gs_user_objects` WHERE `user_id`='".$user_id."' AND `imei`='".$imei."'";
$r = mysqli_query($ms, $q);
$row = mysqli_fetch_array($r);
if (!$row)
{
die();
}
sendObjectSMSCommand($user_id, $imei, $name, $cmd);
}
if ($command == 'OBJECT_GET_LOCATIONS')
{
// command validation
if (count($cmd) < 2) { die; }
// command parameters
if ($cmd[1] == "*")
{
$q = "SELECT * FROM `gs_user_objects` WHERE `user_id`='".$user_id ."'";
$r = mysqli_query($ms, $q);
}
else
{
$imeis = strtoupper($cmd[1]);
$imeis = explode(';', $imeis);
$imeis = implode('","', $imeis);
$imeis = '"'.$imeis.'"';
$q = "SELECT * FROM `gs_user_objects` WHERE `user_id`='".$user_id ."' AND `imei` IN (".$imeis.")";
$r = mysqli_query($ms, $q);
}
$result = array();
while($row = mysqli_fetch_array($r))
{
$imei = $row['imei'];
$q2 = "SELECT * FROM `gs_objects` WHERE `imei`='".$imei."'";
$r2 = mysqli_query($ms, $q2);
$row2 = mysqli_fetch_array($r2);
$result[$imei] = array('dt_server' => $row2['dt_server'],
'dt_tracker' => $row2['dt_tracker'],
'lat' => $row2['lat'],
'lng' => $row2['lng'],
'altitude' => $row2['altitude'],
'angle' => $row2['angle'],
'speed' => $row2['speed'],
'params' => json_decode($row2['params'],true),
'loc_valid' => $row2['loc_valid']);
}
header('Content-type: application/json');
echo json_encode($result);
}
if ($command == 'OBJECT_GET_MESSAGES')
{
// command validation
if (count($cmd) < 4) { die; }
// command parameters
$imei = strtoupper($cmd[1]);
$dtf = $cmd[2];
$dtt = $cmd[3];
$q = "SELECT * FROM `gs_user_objects` WHERE `user_id`='".$user_id."' AND `imei`='".$imei."'";
$r = mysqli_query($ms, $q);
$row = mysqli_fetch_array($r);
if (!$row)
{
die();
}
$result = array();
$q = "SELECT DISTINCT dt_tracker,
lat,
lng,
altitude,
angle,
speed,
params
FROM `gs_object_data_".$imei."` WHERE dt_tracker BETWEEN '".$dtf."' AND '".$dtt."' ORDER BY dt_tracker ASC";
$r = mysqli_query($ms, $q);
while($route_data=mysqli_fetch_array($r))
{
$route_data['params'] = json_decode($route_data['params'],true);
$result[] = array( $route_data['dt_tracker'],
$route_data['lat'],
$route_data['lng'],
$route_data['altitude'],
$route_data['angle'],
$route_data['speed'],
$route_data['params']);
}
header('Content-type: application/json');
echo json_encode($result);
}
if ($command == 'GET_ADDRESS')
{
// command validation
if (count($cmd) < 3) { die; }
// command parameters
$lat = $cmd[1];
$lng = $cmd[2];
$result = '';
if (($lat <> '') && ($lng <> ''))
{
$result = geocoderGetAddress($lat, $lng);
}
header('Content-Type: text/html; charset=utf-8');
echo $result;
}
?>
\ No newline at end of file
api/billing/paypal.php 0 → 100644
View file @ ff8836d5
<?
include ('../../init.php');
$debug = false;
$paypalmode = 'sandbox';
$paypalmode = '';
// debug
if ($debug == true)
{
$file = gmdate("YmdHis").'.txt';
$handle = fopen($file, 'w');
fwrite($handle, file_get_contents('php://input'));
fclose($handle);
}
if($_POST)
{
if($paypalmode == 'sandbox')
{
$paypalmode = '.sandbox';
}
$raw_post_data = file_get_contents('php://input');
$raw_post_array = explode('&', $raw_post_data);
$myPost = array();
foreach ($raw_post_array as $keyval)
{
$keyval = explode ('=', $keyval);
if (count($keyval) == 2)
$myPost[$keyval[0]] = urldecode($keyval[1]);
}
$req = 'cmd=_notify-validate';
if(function_exists('get_magic_quotes_gpc'))
{
$get_magic_quotes_exists = true;
}
foreach ($myPost as $key => $value)
{
if($get_magic_quotes_exists == true && get_magic_quotes_gpc() == 1)
{
$value = urlencode(stripslashes($value));
}
else
{
$value = urlencode($value);
}
$req .= "&$key=$value";
}
$ch = curl_init('https://www'.$paypalmode.'.paypal.com/cgi-bin/webscr');
curl_setopt($ch, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_1_1);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_RETURNTRANSFER,1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $req);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 1);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2);
curl_setopt($ch, CURLOPT_FORBID_REUSE, 1);
curl_setopt($ch, CURLOPT_HTTPHEADER, array('Connection: Close'));
if( !($res = curl_exec($ch)) )
{
curl_close($ch);
exit;
}
curl_close($ch);
// debug
if ($debug == true)
{
$file = 'res_'.gmdate("YmdHis").'.txt';
$handle = fopen($file, 'w');
fwrite($handle, $res);
fclose($handle);
}
if (strcmp ($res, "VERIFIED") == 0)
{
// prepare data
$paymentstatus = $_POST['payment_status'];
$total = $_POST['mc_gross'];
$custom = $_POST['custom'];
// end prepare data
// check if completed
if ($paymentstatus != "Completed")
{
die;
}
// check if not negative price
if ($total <= 0)
{
die;
}
// check for filter params
$custom = explode(',', $custom);
if (count($custom) == 0)
{
die;
}
if ($gsValues['BILLING_PAYPAL_CUSTOM'] == '')
{
die;
}
if ($custom[0] == $gsValues['BILLING_PAYPAL_CUSTOM'])
{
$user_email = $custom[1];
$plan_id = $custom[2];
$api_url = $gsValues['URL_ROOT'].'/api/api.php';
$api_key = $gsValues['SERVER_API_KEY'];
if (($api_url != '') && ($api_key != ''))
{
$url = $api_url.'?api=server&ver=1.0&key='.$api_key.'&cmd=ADD_USER_BILLING_PLAN,'.$user_email.','.$plan_id;
file_get_contents($url, false, null);
}
}
}
}
?>
\ No newline at end of file
changelog.txt 0 → 100644
View file @ ff8836d5
This diff is collapsed.
config.custom.php 0 → 100644
View file @ ff8836d5
<?
$gsValues['NAME'] = "Novisync Telesystems";
$gsValues['GENERATOR'] = "novitracking";
$gsValues['SERVER_API_KEY'] = "2AC8EB1A8E90584D9914E15296D870E9";
$gsValues['SHOW_ABOUT'] = "true";
$gsValues['LANGUAGES'] = "arabic";
$gsValues['LOGO'] = "logo.png";
$gsValues['URL_LOGIN'] = "";
$gsValues['URL_HELP'] = "http://www.gps-server.net/getting-started-with-gps-tracking";
$gsValues['URL_CONTACT'] = "http://www.gps-server.net/contacts";
$gsValues['URL_SHOP'] = "http://www.gps-server.net/personal-account";
$gsValues['URL_SMS_GATEWAY_APP'] = "http://www.gps-server.net/sms-gateway-android";
$gsValues['GEOCODER_CACHE'] = "true";
$gsValues['CONNECTION_TIMEOUT'] = "5";
$gsValues['HISTORY_PERIOD'] = "30";
$gsValues['DB_BACKUP_TIME'] = "00:00";
$gsValues['DB_BACKUP_EMAIL'] = "";
$gsValues['MAP_OSM'] = "true";
$gsValues['MAP_BING'] = "true";
$gsValues['MAP_GOOGLE'] = "true";
$gsValues['MAP_GOOGLE_TRAFFIC'] = "true";
$gsValues['MAP_MAPBOX'] = "false";
$gsValues['MAP_YANDEX'] = "false";
$gsValues['MAP_BING_KEY'] = "AIzaSyDGRsnM6X7mrqdKou011ykmy1sCHzM9QGU";
$gsValues['MAP_GOOGLE_KEY'] = "AIzaSyDGRsnM6X7mrqdKou011ykmy1sCHzM9QGU";
$gsValues['MAP_MAPBOX_KEY'] = "AIzaSyAWamPkZArs0bYnZ8E3j17f82hUEwPQtn8";
$gsValues['MAP_LAYER'] = "gmap";
$gsValues['MAP_ZOOM'] = "3";
$gsValues['MAP_LAT'] = "25";
$gsValues['MAP_LNG'] = "0";
$gsValues['PAGE_AFTER_LOGIN'] = "account";
$gsValues['ALLOW_REGISTRATION'] = "true";
$gsValues['ACCOUNT_EXPIRE'] = "false";
$gsValues['ACCOUNT_EXPIRE_PERIOD'] = "14";
$gsValues['LANGUAGE'] = "english";
$gsValues['UNIT_OF_DISTANCE'] = "km";
$gsValues['UNIT_OF_CAPACITY'] = "l";
$gsValues['UNIT_OF_TEMPERATURE'] = "c";
$gsValues['CURRENCY'] = "EUR";
$gsValues['TIMEZONE'] = "+ 5 hour + 30 minutes";
$gsValues['DST'] = "false";
$gsValues['DST_START'] = "";
$gsValues['DST_END'] = "";
$gsValues['OBJ_ADD'] = "trial";
$gsValues['OBJ_LIMIT'] = "false";
$gsValues['OBJ_LIMIT_NUM'] = "0";
$gsValues['OBJ_DAYS'] = "false";
$gsValues['OBJ_DAYS_NUM'] = "0";
$gsValues['OBJ_DAYS_TRIAL'] = "14";
$gsValues['OBJ_EDIT'] = "true";
$gsValues['OBJ_HISTORY_CLEAR'] = "true";
$gsValues['HISTORY'] = "true";
$gsValues['REPORTS'] = "true";
$gsValues['RILOGBOOK'] = "true";
$gsValues['DTC'] = "true";
$gsValues['OBJECT_CONTROL'] = "true";
$gsValues['IMAGE_GALLERY'] = "true";
$gsValues['CHAT'] = "true";
$gsValues['SMS_GATEWAY_SERVER'] = "true";
$gsValues['API'] = "true";
$gsValues['NOTIFY_OBJ_EXPIRE'] = "true";
$gsValues['NOTIFY_OBJ_EXPIRE_PERIOD'] = "7";
$gsValues['NOTIFY_ACCOUNT_EXPIRE'] = "false";
$gsValues['NOTIFY_ACCOUNT_EXPIRE_PERIOD'] = "7";
$gsValues['REPORTS_SCHEDULE'] = "true";
$gsValues['PLACES_MARKERS'] = "100";
$gsValues['PLACES_ROUTES'] = "100";
$gsValues['PLACES_ZONES'] = "100";
$gsValues['USAGE_EMAIL_DAILY'] = "10000";
$gsValues['USAGE_SMS_DAILY'] = "10000";
$gsValues['USAGE_API_DAILY'] = "10000";
$gsValues['BILLING'] = "false";
$gsValues['BILLING_GATEWAY'] = "";
$gsValues['BILLING_CURRENCY'] = "";
$gsValues['BILLING_PAYPAL_ACCOUNT'] = "";
$gsValues['BILLING_PAYPAL_CUSTOM'] = "";
$gsValues['BILLING_CUSTOM_URL'] = "";
$gsValues['EMAIL'] = "bhavanak@novisync.com";
$gsValues['EMAIL_NO_REPLY'] = "novisync";
$gsValues['EMAIL_SIGNATURE'] = "--\nglobat.com";
$gsValues['EMAIL_SMTP'] = "true";
$gsValues['EMAIL_SMTP_HOST'] = "smtp.globat.com";
$gsValues['EMAIL_SMTP_PORT'] = 465;
$gsValues['EMAIL_SMTP_AUTH'] = true;
$gsValues['EMAIL_SMTP_SECURE'] = "ssl";
$gsValues['EMAIL_SMTP_USERNAME'] = "bhavanak@novisync.com";
$gsValues['EMAIL_SMTP_PASSWORD'] = "Bvk123456";
$gsValues['SMS_GATEWAY'] = "true";
$gsValues['SMS_GATEWAY_TYPE'] = "app";
$gsValues['SMS_GATEWAY_NUMBER_FILTER'] = "9700998829";
$gsValues['SMS_GATEWAY_URL'] = "";
$gsValues['SMS_GATEWAY_IDENTIFIER'] = "81342629610334211996";
$gsValues['SERVER_CLEANUP_USERS_AE'] = "false";
$gsValues['SERVER_CLEANUP_OBJECTS_NOT_ACTIVATED_AE'] = "false";
$gsValues['SERVER_CLEANUP_OBJECTS_NOT_USED_AE'] = "false";
$gsValues['SERVER_CLEANUP_DB_JUNK_AE'] = "false";
$gsValues['SERVER_CLEANUP_USERS_DAYS'] = "30";
$gsValues['SERVER_CLEANUP_OBJECTS_NOT_ACTIVATED_DAYS'] = "30";
?>
\ No newline at end of file
config.php 0 → 100644
View file @ ff8836d5
<?
// ############################################################
// All listed setting can be changed only by editing this file
// Other settings can be changed from CPanel/Manage server
// ############################################################
error_reporting(0);
$gsValues['VERSION_ID'] = 1600;
$gsValues['VERSION'] = '1.0';
$gsValues['HTTP_MODE'] = 'http'; // options: http/https
// lock admin to IP addresses, example $gsValues['ADMIN_IP'] = '127.0.0.1,222.222.222.222,333.333.333.333';
$gsValues['ADMIN_IP'] = '';
// log out admin user if IP changes during active session, provides additional security from session stealing
$gsValues['ADMIN_IP_SESSION_CHECK'] = false; // options: false/true
$gsValues['SERVER_IP'] = '71.40.116.146'; // used only as information in CPanel
$gsValues['URL_SERVER_PORTS'] = 'http://www.gps-server.net/supported-devices'; // used only as information in CPanel
// multi server login
$gsValues['MULTI_SERVER_LOGIN'] = false; // options: false/true
$gsValues['MULTI_SERVER_LIST'] = array('' => '');
$gsValues['OBJECT_LIMIT'] = 0; // options: 0 means no limit, number sets limit
$gsValues['LOCATION_FILTER'] = true; // options: false/true
$gsValues['CURL'] = false; // options: false/true
// path to root of web application
// if application is installed not in root folder of web server, then folder name must be added, for example we install it in track folder: $_SERVER['DOCUMENT_ROOT'].'/track';
// very often web servers have no $_SERVER['DOCUMENT_ROOT'] set at all, then direct path should be used, for example c:/wamp/www or any other leading to www or public_html folder
$gsValues['PATH_ROOT'] = $_SERVER['DOCUMENT_ROOT'];
// url to root of web application, example: $gsValues['URL_ROOT'] = 'YOUR_DOMAIN/track';
$gsValues['URL_ROOT'] = 'http://gpstracking.novisync.com/';
$gsValues['URL_GC'] = array(); // do not remove this line
$gsValues['URL_GC'][] = ''; // url to geocoder, used for getting addresses, example: $gsValues['URL_GC'][] = 'YOUR_DOMAIN/track/tools/gc/google.php';
//$gsValues['URL_GC'][] = ''; // another url to geocoder (if needed)
//$gsValues['URL_GC'][] = ''; // another url to geocoder (if needed)
// hardware key, should be same as in GPS-Server.exe
$gsValues['HW_KEY'] = '24208079F00C70CC42A2A712F53EE0AB';
// connection to MySQL database
$gsValues['DB_HOSTNAME'] = '127.0.0.1'; // database host
$gsValues['DB_PORT'] = '3306'; // database host
$gsValues['DB_NAME'] = 'gps_2020'; // database name
$gsValues['DB_USERNAME'] = 'root'; // database user name
$gsValues['DB_PASSWORD'] = 'Novi1234'; // database password
?>
\ No newline at end of file
cpanel.php 0 → 100644
View file @ ff8836d5
<?
session_start();
include ('init.php');
include ('func/fn_common.php');
checkUserSession();
checkUserCPanelPrivileges();
setUserSessionSettings($_SESSION["user_id"]);
loadLanguage($_SESSION['language'], $_SESSION["units"]);
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<? generatorTag(); ?>
<link href="theme/images/cadrac_logo.svg" rel="icon">
<link href="theme/images/cadrac_logo.svg" rel="apple-touch-icon">
<title><? echo $gsValues['NAME'].' '.$gsValues['VERSION']; ?></title>
<link type="text/css" href="theme/jquery-ui.css?v=<? echo $gsValues['VERSION_ID']; ?>" rel="Stylesheet" />
<link type="text/css" href="theme/ui.jqgrid.css?v=<? echo $gsValues['VERSION_ID']; ?>" rel="Stylesheet" />
<link type="text/css" href="theme/jquery.tokenize.css?v=<? echo $gsValues['VERSION_ID']; ?>" rel="Stylesheet" />
<link type="text/css" href="theme/style.css?v=<? echo $gsValues['VERSION_ID']; ?>" rel="Stylesheet" />
<script type="text/javascript" src="js/md5.js?v=<? echo $gsValues['VERSION_ID']; ?>"></script>
<script type="text/javascript" src="js/jquery-2.1.4.min.js?v=<? echo $gsValues['VERSION_ID']; ?>"></script>
<script type="text/javascript" src="js/jquery-migrate-1.2.1.min.js?v=<? echo $gsValues['VERSION_ID']; ?>"></script>
<script type="text/javascript" src="js/jquery-ui.min.js?v=<? echo $gsValues['VERSION_ID']; ?>"></script>
<script type="text/javascript" src="js/jquery.jqGrid.locale.js?v=<? echo $gsValues['VERSION_ID']; ?>"></script>
<script type="text/javascript" src="js/jquery.jqGrid.min.js?v=<? echo $gsValues['VERSION_ID']; ?>"></script>
<script type="text/javascript" src="js/jquery.tokenize.js?v=<? echo $gsValues['VERSION_ID']; ?>"></script>
<script type="text/javascript" src="js/moment.min.js?v=<? echo $gsValues['VERSION_ID']; ?>"></script>
<script type="text/javascript" src="js/gs.config.js?v=<? echo $gsValues['VERSION_ID']; ?>"></script>
<script type="text/javascript" src="js/gs.common.js?v=<? echo $gsValues['VERSION_ID']; ?>"></script>
<script type="text/javascript" src="js/gs.connect.js?v=<? echo $gsValues['VERSION_ID']; ?>"></script>
<script type="text/javascript" src="js/gs.cpanel.js?v=<? echo $gsValues['VERSION_ID']; ?>"></script>
<script type="text/javascript" src="js/gs.cpanel.gui.js?v=<? echo $gsValues['VERSION_ID']; ?>"></script>
<script type="text/javascript" src="js/gs.cpanel.users.js?v=<? echo $gsValues['VERSION_ID']; ?>"></script>
<script type="text/javascript" src="js/gs.cpanel.objects.js?v=<? echo $gsValues['VERSION_ID']; ?>"></script>
<script type="text/javascript" src="js/gs.cpanel.billing.js?v=<? echo $gsValues['VERSION_ID']; ?>"></script>
<script type="text/javascript" src="js/gs.cpanel.server.js?v=<? echo $gsValues['VERSION_ID']; ?>"></script>
</head>
<body id="cpanel" onload="load()" >
<input id="load_file" type="file" style="display: none;" onchange=""/>
<? include ("inc/inc_cpanel.panels.php"); ?>
<? include ("inc/inc_cpanel.menus.php"); ?>
<? include ("inc/inc_cpanel.billing.php"); ?>
<? include ("inc/inc_cpanel.objects.php"); ?>
<? include ("inc/inc_cpanel.server.php"); ?>
<? include ("inc/inc_cpanel.users.php"); ?>
</body>
</html>
\ No newline at end of file
data/user/objects/13_1af1f37a53c6084b270b72f04586c077.png 0 → 100644
View file @ ff8836d5
data/user/objects/13_1af1f37a53c6084b270b72f04586c077.png

1.24 KB

data/user/objects/13_2bca420905769519ad2dda874510a3df.png 0 → 100644
View file @ ff8836d5
data/user/objects/13_2bca420905769519ad2dda874510a3df.png

1.72 KB

data/user/objects/13_5a2b86855b4067a89a63610f199da5ee.png 0 → 100644
View file @ ff8836d5
data/user/objects/13_5a2b86855b4067a89a63610f199da5ee.png

2.26 KB

demo.php 0 → 100644
View file @ ff8836d5
<?
session_start();
// if previous user did not log off, cancel his seesion and start new one
if (isset($_SESSION["user_id"]))
{
session_unset();
session_destroy();
session_start();
}
include ('init.php');
include ('func/fn_common.php');
$username = "demo";
$password = "demo123";
$q = "SELECT * FROM `gs_users` WHERE `username`='".$username."' AND `password`='".md5($password)."' LIMIT 1";
$r = mysqli_query($ms, $q);
if ($row=mysqli_fetch_array($r))
{
if ($row['active'] == "true")
{
setUserSession($row['id']);
setUserSessionSettings($row['id']);
setUserSessionCPanel($row['id']);
//write log
writeLog('user_access', 'User login via demo.php: successful');
header('Location: tracking.php');
die;
}
}
?>
\ No newline at end of file
favicon.ico 0 → 100644
View file @ ff8836d5
favicon.ico

1.12 KB

fn_connect.php 0 → 100644
View file @ ff8836d5
<?
session_start();
include ('../init.php');
include ('fn_common.php');
include ('../tools/email.php');
loadLanguage($gsValues['LANGUAGE']);
if(@$_POST['cmd'] == 'session_check')
{
checkUserSession();
if (checkUserSession2() == true)
{
echo 'true';
}
else
{
echo 'false';
}
die;
}
if(@$_POST['cmd'] == 'login')
{
$username = strtolower($_POST["username"]);
$password = $_POST["password"];
$remember_me = $_POST["remember_me"];
$mobile = $_POST["mobile"];
// check failed logins limit
$q = "SELECT * FROM `gs_user_failed_logins` WHERE `ip`='".$_SERVER['REMOTE_ADDR']."' AND dt_login > DATE_SUB(UTC_TIMESTAMP(), INTERVAL 10 MINUTE)";
$r = mysqli_query($ms, $q);
$count = mysqli_num_rows($r);
if ($count >= 10)
{
$result['cmd'] = 'msg';
$result['msg'] = $la['TOO_MANY_FAILED_LOGIN_ATTEMPTS'];
//write log
writeLog('user_access', 'User login: too many failed login attempts. Username: "'.$username.'"');
}
else
{
$q = "SELECT * FROM `gs_users` WHERE `username`='".$username."' AND `password`='".md5($password)."' LIMIT 1";
$r = mysqli_query($ms, $q);
if ($row = mysqli_fetch_array($r))
{
if ($row['active'] == 'true')
{
if ($remember_me == 'true')
{
setUserSessionHash($row['id']);
}
// reset session array
$_SESSION = array();
setUserSession($row['id']);
setUserSessionSettings($row['id']);
setUserSessionCPanel($row['id']);
if (($gsValues['PAGE_AFTER_LOGIN'] == 'cpanel') && ($_SESSION["cpanel_privileges"] != false))
{
$result['cmd'] = 'login_cpanel';
}
else
{
$result['cmd'] = 'login_tracking';
}
//write log
writeLog('user_access', 'User login: successful');
//update user usage
updateUserUsage($row['id'], 1, false, false, false);
}
else
{
$result['cmd'] = 'msg';
$result['msg'] = $la['THIS_ACCOUNT_IS_LOCKED'];
//write log
writeLog('user_access', 'User login: locked account. Username: "'.$username.'"');
}
}
else
{
// insert failed login
$q = "INSERT INTO `gs_user_failed_logins` (`ip`, `dt_login`) VALUES ('".$_SERVER['REMOTE_ADDR']."','".gmdate("Y-m-d H:i:s")."')";
$r = mysqli_query($ms, $q);
$result['cmd'] = 'msg';
$result['msg'] = $la['USERNAME_OR_PASSWORD_INCORRECT'];
//write log
writeLog('user_access', 'User login: unsuccessful. Username: "'.$username.'"');
}
}
header('Content-type: application/json');
echo json_encode($result);
die;
}
if (@$_POST['cmd'] == 'logout')
{
//write log
writeLog('user_access', 'User logout');
if (isset($_SESSION["user_id"]))
{
deleteUserSessionHash($_SESSION["user_id"]);
}
session_unset();
session_destroy();
echo $gsValues['URL_LOGIN'];
die;
}
if (@$_POST['cmd'] == 'recover_url')
{
$email = $_POST['email'];
$seccode = $_POST['seccode'];
if ($email != "")
{
if ($seccode == $_SESSION["seccode"])
{
$email = strtolower($email);
$q = "SELECT * FROM `gs_users` WHERE `email`='".$email."' AND `privileges` NOT LIKE ('%subuser%') LIMIT 1";
$r = mysqli_query($ms, $q);
$num = mysqli_num_rows($r);
if ($num > 0)
{
$row = mysqli_fetch_array($r);
$token = genAccountRecoverToken($email);
$url_recover = $gsValues['URL_ROOT'].'/index.php?op=rec&token='.$token;
$template = getDefaultTemplate('account_recover_url', $gsValues['LANGUAGE']);
$subject = $template['subject'];
$message = $template['message'];
$subject = str_replace("%SERVER_NAME%", $gsValues['NAME'], $subject);
$subject = str_replace("%URL_RECOVER%", $url_recover, $subject);
$message = str_replace("%SERVER_NAME%", $gsValues['NAME'], $message);
$message = str_replace("%URL_RECOVER%", $url_recover, $message);
if (sendEmail($email, $subject, $message))
{
// inset token
$q = "INSERT INTO `gs_user_account_recover` (`token`, `email`, `dt_recover`) VALUES ('".$token."','".$email."','".gmdate("Y-m-d H:i:s")."')";
$r = mysqli_query($ms, $q);
echo $la['RECOVERY_LINK_SENT'].' '.$la['PLEASE_CHECK_YOUR_EMAIL'];
//write log
writeLog('user_access', 'User recover: URL sent. E-mail: '.$email);
}
else
{
echo $la['CANT_SEND_EMAIL'].' '.$la['CONTACT_ADMINISTRATOR'];
}
}
else
{
echo $la['THIS_EMAIL_IS_NOT_REGISTERED'];
//write log
writeLog('user_access', 'User recover: no such e-mail. E-mail: '.$email);
}
}
else
{
echo $la['SECURITY_CODE_IS_INCORRECT'];
}
}
die;
}
if (@$_POST['cmd'] == 'recover')
{
$token = $_POST['token'];
$q = "SELECT * FROM `gs_user_account_recover` WHERE `token`='".$token."' LIMIT 1";
$r = mysqli_query($ms, $q);
$num = mysqli_num_rows($r);
if ($num > 0)
{
$row = mysqli_fetch_array($r);
$email = $row['email'];
$q = "SELECT * FROM `gs_users` WHERE `email`='".$email."' AND `privileges` NOT LIKE ('%subuser%') LIMIT 1";
$r = mysqli_query($ms, $q);
$num = mysqli_num_rows($r);
if ($num > 0)
{
$row = mysqli_fetch_array($r);
$new_password = genAccountPassword();
$template = getDefaultTemplate('account_recover', $gsValues['LANGUAGE']);
$subject = $template['subject'];
$message = $template['message'];
$subject = str_replace("%SERVER_NAME%", $gsValues['NAME'], $subject);
$subject = str_replace("%URL_LOGIN%", $gsValues['URL_LOGIN'], $subject);
$subject = str_replace("%EMAIL%", $email, $subject);
$subject = str_replace("%USERNAME%", $row['username'], $subject);
$subject = str_replace("%PASSWORD%", $new_password, $subject);
$message = str_replace("%SERVER_NAME%", $gsValues['NAME'], $message);
$message = str_replace("%URL_LOGIN%", $gsValues['URL_LOGIN'], $message);
$message = str_replace("%EMAIL%", $email, $message);
$message = str_replace("%USERNAME%", $row['username'], $message);
$message = str_replace("%PASSWORD%", $new_password, $message);
if (sendEmail($email, $subject, $message))
{
$q = "UPDATE gs_users SET password='".md5($new_password)."' WHERE email='".$email."'";
$r = mysqli_query($ms, $q);
$q = "DELETE FROM `gs_user_account_recover` WHERE `token`='".$token."'";
$r = mysqli_query($ms, $q);
echo $la['USERNAME_PASSWORD_SENT'].' '.$la['PLEASE_CHECK_YOUR_EMAIL'];
//write log
writeLog('user_access', 'User recover: successful. E-mail: '.$email);
}
else
{
echo $la['CANT_SEND_EMAIL'].' '.$la['CONTACT_ADMINISTRATOR'];
}
}
else
{
echo $la['THIS_EMAIL_IS_NOT_REGISTERED'];
//write log
writeLog('user_access', 'User recover: no such e-mail. E-mail: '.$email);
}
}
else
{
echo $la['RECOVERY_LINK_EXPIRED'];
}
die;
}
if ((@$_POST['cmd'] == 'register') && ($gsValues['ALLOW_REGISTRATION'] == "true"))
{
$email = $_POST['email'];
$seccode = $_POST['seccode'];
if ($email != '')
{
if ($seccode == @$_SESSION["seccode"])
{
$account_expire = $gsValues['ACCOUNT_EXPIRE'];
$account_expire_dt = '';
if ($account_expire == 'true')
{
$account_expire_dt = gmdate("Y-m-d", strtotime(gmdate("Y-m-d").' + '.$gsValues['ACCOUNT_EXPIRE_PERIOD'].' days'));
}
$privileges = array();
$privileges['type'] = 'user';
$privileges['history'] = stringToBool($gsValues['HISTORY']);
$privileges['reports'] = stringToBool($gsValues['REPORTS']);
$privileges['rilogbook'] = stringToBool($gsValues['RILOGBOOK']);
$privileges['dtc'] = stringToBool($gsValues['DTC']);
$privileges['object_control'] = stringToBool($gsValues['OBJECT_CONTROL']);
$privileges['image_gallery'] = stringToBool($gsValues['IMAGE_GALLERY']);
$privileges['chat'] = stringToBool($gsValues['CHAT']);
$privileges = json_encode($privileges);
$result = addUser('true', 'true', $account_expire, $account_expire_dt, $privileges, '', $email, '', $gsValues['OBJ_ADD'], $gsValues['OBJ_LIMIT'], $gsValues['OBJ_LIMIT_NUM'], $gsValues['OBJ_DAYS'], $gsValues['OBJ_DAYS_NUM'], $gsValues['OBJ_EDIT'], $gsValues['OBJ_HISTORY_CLEAR']);
if ($result == 'OK')
{
$result = $la['REGISTRATION_SUCCESSFUL'].' '.$la['PLEASE_CHECK_YOUR_EMAIL'];
}
echo $result;
}
else
{
echo $la['SECURITY_CODE_IS_INCORRECT'];
}
}
die;
}
?>
\ No newline at end of file
func/fn_billing.php 0 → 100644
View file @ ff8836d5
<?
session_start();
include ('../init.php');
include ('fn_common.php');
checkUserSession();
loadLanguage($_SESSION["language"], $_SESSION["units"]);
// check privileges
if ($_SESSION["privileges"] == 'subuser')
{
$user_id = $_SESSION["manager_id"];
}
else
{
$user_id = $_SESSION["user_id"];
}
if(@$_GET['cmd'] == 'load_billing_plan_list')
{
$page = $_GET['page']; // get the requested page
$limit = $_GET['rows']; // get how many rows we want to have into the grid
$sidx = $_GET['sidx']; // get index row - i.e. user click to sort
$sord = $_GET['sord']; // get the direction
//$search = strtoupper(@$_GET['s']); // get search
if(!$sidx) $sidx =1;
// get records number
$q = "SELECT * FROM `gs_user_billing_plans` WHERE `user_id`='".$user_id."'";
$r = mysqli_query($ms, $q);
$count = mysqli_num_rows($r);
if( $count >0 ) {
$total_pages = ceil($count/$limit);
} else {
$total_pages = 1;
}
if ($page > $total_pages) $page=$total_pages;
$start = $limit*$page - $limit; // do not put $limit*($page - 1)
$responce = new stdClass();
$responce->page = $page;
$responce->total = $total_pages;
$responce->records = $count;
if ($count > 0)
{
$q .= " ORDER BY $sidx $sord LIMIT $start, $limit";
$r = mysqli_query($ms, $q);
if (!$r){die;}
$i=0;
while($row = mysqli_fetch_array($r))
{
$plan_id = $row['plan_id'];
$dt_purchase = $row['dt_purchase'];
$name = $row['name'];
$objects = $row['objects'];
$period = $row['period'];
$period_type = $row['period_type'];
$price = $row['price'];
$price .= ' '.$gsValues['BILLING_CURRENCY'];
$dt_purchase = convUserTimezone($dt_purchase);
if ($period == 1)
{
$period_type = $la[substr(strtoupper($period_type),0,-1)];
}
else
{
$period_type = $la[strtoupper($period_type)];
}
$period = $period.' '.strtolower($period_type);
// set modify buttons
if ($objects == 0)
{
$modify = '<a href="#" onclick="billingPlanDelete(\''.$plan_id.'\');" title="'.$la['DELETE'].'"><img src="theme/images/remove3.svg" /></a>';
}
else
{
$modify = '<a href="#" onclick="billingPlanUse(\''.$plan_id.'\');" title="'.$la['USE_PLAN'].'"><img src="theme/images/use-plan.svg" /></a>';
}
// set row
$responce->rows[$i]['cell']=array($dt_purchase,$name,$objects,$period,$price,$modify);
$i++;
}
}
header('Content-type: application/json');
echo json_encode($responce);
die;
}
if(@$_POST['cmd'] == 'load_billing_plan_purchase_list')
{
$result = '';
// list plans
$q = "SELECT * FROM `gs_billing_plans` ORDER BY `price` ASC";
$r = mysqli_query($ms, $q);
$nbr = 1;
while($row=mysqli_fetch_array($r))
{
$plan_id = $row['plan_id'];
$name = $row['name'];
$active = $row['active'];
$objects = $row['objects'];
$period = $row['period'];
$period_type = $row['period_type'];
$price = $row['price'];
if ($active == 'true')
{
if ($period == 1)
{
$period_type = $la[substr(strtoupper($period_type),0,-1)];
}
else
{
$period_type = $la[strtoupper($period_type)];
}
$period = $period.' '.strtolower($period_type);
// generate url
if ($gsValues['BILLING_GATEWAY'] == 'paypal')
{
$custom = $gsValues['BILLING_PAYPAL_CUSTOM'].','.$_SESSION["email"].','.$plan_id;
$payment_url = 'https://www.paypal.com/cgi-bin/webscr?business='.$gsValues['BILLING_PAYPAL_ACCOUNT'].'&cmd=_xclick&currency_code='.$gsValues['BILLING_CURRENCY'];
$payment_url .='&amount='.$price.'&item_name='.$name.' ('.$_SESSION["email"].')';
$payment_url .='&custom='.$custom;
}
else if ($gsValues['BILLING_GATEWAY'] == 'custom')
{
$payment_url = $gsValues['BILLING_CUSTOM_URL'];
$payment_url = str_replace("%USER_EMAIL%", $_SESSION["email"], $payment_url);
$payment_url = str_replace("%PLAN_NAME%", $name, $payment_url);
$payment_url = str_replace("%PLAN_ID%", $plan_id, $payment_url);
$payment_url = str_replace("%PLAN_PRICE%", $price, $payment_url);
$payment_url = str_replace("%CURRENCY%", $gsValues['BILLING_CURRENCY'], $payment_url);
}
$payment_button = '<a href="'.$payment_url.'" target="_blank" title="'.$la['PURCHASE'].'"><i class="purchase"></i></a>';
$oddeven = ($nbr++%2 ? 'odd':'even');
// generate item
$result .= '<div class="row3 '.$oddeven.'"><div class="row2">';
$result .= '<div class="width5"><i class="arrow"></i></div>';
$result .= '<div class="width30 name">'.$name.'</div>';
$result .= '<div class="width15">'.$objects.'</div>';
$result .= '<div class="width15">'.$period.'</div>';
$result .= '<div class="width20">'.$price.' '.$gsValues['BILLING_CURRENCY'].'</div>';
$result .= '<div class="width15">'.$payment_button.'</div>';
$result .= '</div></div>';
}
}
// generate header
if ($result != '')
{
$header = '<div class="row3 header"><div class="row2">';
$header .= '<div class="width5"></div>';
$header .= '<div class="width30 name">'.$la['NAME'].'</div>';
$header .= '<div class="width15">'.$la['OBJECTS'].'</div>';
$header .= '<div class="width15">'.$la['PERIOD'].'</div>';
$header .= '<div class="width20">'.$la['PRICE'].'</div>';
$header .= '<div class="width15"></div>';
$header .= '</div></div>';
$result = $header.$result;
}
echo $result;
die;
}
if(@$_POST['cmd'] == 'use_billing_plan')
{
$plan = $_POST['plan'];
$imeis = strtoupper($_POST['imeis']);
$imeis_ = json_decode(stripslashes($imeis),true);
// verify plan
$q = "SELECT * FROM `gs_user_billing_plans` WHERE `plan_id`='".$plan['plan_id']."' AND `user_id`='".$user_id."'";
$r = mysqli_query($ms, $q);
if (!$r)
{
echo $la['PLAN_VERIFICATION_FAILED'];
die;
}
$row = mysqli_fetch_array($r);
if (($row['objects'] != $plan['objects']) || ($row['period'] != $plan['period']) || ($row['period_type'] != $plan['period_type']))
{
echo $la['PLAN_VERIFICATION_FAILED'];
die;
}
// activate objects
if(count($imeis_) > $plan['objects'])
{
echo $la['OBJECT_ACTIVATION_FAILED'];
die;
}
for($i=0; $i<count($imeis_); $i++)
{
$imei = $imeis_[$i];
$q = "SELECT * FROM `gs_objects` WHERE `imei`='".$imei."'";
$r = mysqli_query($ms, $q);
if (!$r)
{
echo $la['OBJECT_ACTIVATION_FAILED'];
die;
}
$row = mysqli_fetch_array($r);
$object_expire_dt = $row['object_expire_dt'];
if (strtotime($object_expire_dt) < strtotime(gmdate("Y-m-d")))
{
$object_expire_dt = gmdate("Y-m-d");
}
$object_expire_dt = gmdate("Y-m-d", strtotime($object_expire_dt.' + '.$plan['period'].' '.$plan['period_type']));
$q = "UPDATE `gs_objects` SET `active`='true', `object_expire`='true', `object_expire_dt`='".$object_expire_dt."' WHERE `imei`='".$imei."'";
$r = mysqli_query($ms, $q);
// reduce objects from plan
if ($r)
{
$q = "UPDATE `gs_user_billing_plans` SET objects=objects-1 WHERE `plan_id`='".$plan['plan_id']."'";
$r = mysqli_query($ms, $q);
}
else
{
echo $la['OBJECT_ACTIVATION_FAILED'];
die;
}
}
//write log
writeLog('object_op', 'Activate object: successful. IMEI: '.implode(",", $imeis_));
echo 'OK';
die;
}
if(@$_POST['cmd'] == 'load_billing_plan')
{
$result = array();
$plan_id = $_POST['plan_id'];
$q = "SELECT * FROM `gs_user_billing_plans` WHERE `plan_id`='".$plan_id."' AND `user_id`='".$user_id."'";
$r = mysqli_query($ms, $q);
$row = mysqli_fetch_array($r);
$result = array('plan_id' => $plan_id, 'name' => $row['name'], 'objects' => $row['objects'], 'period' => $row['period'], 'period_type' => $row['period_type'], 'price' => $row['price']);
echo json_encode($result);
die;
}
if(@$_POST['cmd'] == 'delete_billing_plan')
{
$plan_id = $_POST['plan_id'];
$q = "DELETE FROM `gs_user_billing_plans` WHERE `plan_id`='".$plan_id."' AND `user_id`='".$user_id."'";
$r = mysqli_query($ms, $q);
echo 'OK';
die;
}
if(@$_POST['cmd'] == 'get_billing_plan_total_objects')
{
$result['objects'] = 0;
$q = "SELECT * FROM `gs_user_billing_plans` WHERE `user_id`='".$user_id."'";
$r = mysqli_query($ms, $q);
while($row = mysqli_fetch_array($r))
{
$result['objects'] += $row['objects'];
}
echo json_encode($result);
die;
}
?>
\ No newline at end of file
func/fn_chat.php 0 → 100644
View file @ ff8836d5
<?
session_start();
include ('../init.php');
include ('fn_common.php');
checkUserSession();
loadLanguage($_SESSION["language"], $_SESSION["units"]);
// check privileges
if ($_SESSION["privileges"] == 'subuser')
{
$user_id = $_SESSION["manager_id"];
}
else
{
$user_id = $_SESSION["user_id"];
}
if(@$_POST['cmd'] == 'send_msg')
{
$dt_server = gmdate("Y-m-d H:i:s");
$imei = $_POST['imei'];
$side = 'S';
$msg = $_POST['msg'];
$q = 'UPDATE gs_objects SET `dt_chat`="'.$dt_server.'" WHERE imei="'.$imei.'"';
$r = mysqli_query($ms, $q);
$q = 'INSERT INTO gs_object_chat (dt_server,
imei,
side,
msg
) VALUES (
"'.$dt_server.'",
"'.$imei.'",
"'.$side.'",
"'.$msg.'")';
$r = mysqli_query($ms, $q);
echo 'OK';
die;
}
if(@$_POST['cmd'] == 'delete_all_msgs')
{
$imei = $_POST['imei'];
$q = "DELETE FROM `gs_object_chat` WHERE `imei`='".$imei."'";
$r = mysqli_query($ms, $q);
$q = 'UPDATE gs_objects SET `dt_chat`="" WHERE imei="'.$imei.'"';
$r = mysqli_query($ms, $q);
echo 'OK';
die;
}
if(@$_POST['cmd'] == 'load_chat_data')
{
$result = array();
$result['msg_count'] = array();
$result['msg_dt'] = array();
$result['last_msg_status'] = false;
$imei = $_POST['imei'];
$last_msg_id = $_POST['last_msg_id'];
// set messages to delivered
if ($_SESSION["privileges"] == 'subuser')
{
$q = "UPDATE `gs_object_chat` SET `status`=1 WHERE `imei` IN (".$_SESSION["privileges_imei"].") AND `side`='C' AND `status`=0";
}
else
{
$q = "UPDATE `gs_object_chat` SET `status`=1 WHERE `imei` IN (".getUserObjectIMEIs($user_id).") AND `side`='C' AND `status`=0";
}
$r = mysqli_query($ms, $q);
// get unread messages number
if ($_SESSION["privileges"] == 'subuser')
{
$q = "SELECT * FROM `gs_object_chat` WHERE `imei` IN (".$_SESSION["privileges_imei"].") AND `side`='C' AND `status`!=2";
}
else
{
$q = "SELECT * FROM `gs_object_chat` WHERE `imei` IN (".getUserObjectIMEIs($user_id).") AND `side`='C' AND `status`!=2";
}
$r = mysqli_query($ms, $q);
if ($r)
{
while($row = mysqli_fetch_array($r))
{
if (!isset($result['msg_count'][$row['imei']]))
{
$result['msg_count'][$row['imei']] = 0;
}
$result['msg_count'][$row['imei']] += 1;
}
}
// get last messages datetime
if ($_SESSION["privileges"] == 'subuser')
{
$q = "SELECT * FROM `gs_objects` WHERE `imei` IN (".$_SESSION["privileges_imei"].")";
}
else
{
$q = "SELECT * FROM `gs_objects` WHERE `imei` IN (".getUserObjectIMEIs($user_id).")";
}
$r = mysqli_query($ms, $q);
if ($r)
{
while($row = mysqli_fetch_array($r))
{
if (strtotime($row['dt_chat']) > 0)
{
$dt = convUserTimezone($row['dt_chat']);
$result['msg_dt'][$row['imei']] = $dt;
}
else
{
$result['msg_dt'][$row['imei']] = '';
}
}
}
// get last sent message status
if (($imei != 'false') && ($last_msg_id != 'false'))
{
$q = "SELECT * FROM `gs_object_chat` WHERE `imei`='".$imei."' AND `msg_id`='".$last_msg_id."' AND `side`='S'";
$r = mysqli_query($ms, $q);
if($row = mysqli_fetch_array($r))
{
$result['last_msg_status'] = $row['status'];
}
}
echo json_encode($result);
die;
}
if(@$_POST['cmd'] == 'load_msgs')
{
$result = array();
$imei = $_POST['imei'];
$type = $_POST['type'];
$msg_limit = $_POST['msg_limit'];
$first_msg_id = $_POST['first_msg_id'];
$last_msg_id = $_POST['last_msg_id'];
// set messages to seen
$q = "UPDATE `gs_object_chat` SET `status`=2 WHERE `imei`='".$imei."' AND `side`='C'";
$r = mysqli_query($ms, $q);
// get messages
if ($type == 'select')
{
$q = "SELECT * FROM `gs_object_chat` WHERE `imei`='".$imei."' ORDER BY `msg_id` desc LIMIT ".$msg_limit;
}
else if ($type == 'old')
{
$q = "SELECT * FROM `gs_object_chat` WHERE `imei`='".$imei."' AND `msg_id`<'".$first_msg_id."' ORDER BY `msg_id` desc LIMIT ".$msg_limit;
}
else if ($type == 'new')
{
$q = "SELECT * FROM `gs_object_chat` WHERE `imei`='".$imei."' AND `msg_id`>'".$last_msg_id."' ORDER BY `msg_id` desc";
}
$r = mysqli_query($ms, $q);
while($row = mysqli_fetch_array($r))
{
$msg_id = $row['msg_id'];
$dt = convUserTimezone($row['dt_server']);
$result[$msg_id] = array( 'dt' => $dt,
's' => $row['side'],
'm' => $row['msg'],
'st' => $row['status']
);
}
echo json_encode($result);
die;
}
?>
\ No newline at end of file
func/fn_cleanup.php 0 → 100644
View file @ ff8836d5
<?
function serverCleanupUsers($days)
{
global $ms;
$count = 0;
if ($days == '') return $count;
$q = "SELECT * FROM `gs_users` WHERE `privileges` NOT LIKE ('%super_admin%')
AND `privileges` NOT LIKE ('%admin%')
AND `privileges` NOT LIKE ('%manager%')
AND `privileges` NOT LIKE ('%subuser%')
AND dt_login < DATE_SUB(UTC_DATE(), INTERVAL ".$days." DAY)";
$r = mysqli_query($ms, $q);
while ($row = mysqli_fetch_array($r))
{
$user_id = $row["id"];
$username = $row["username"];
$q2 = 'SELECT * FROM `gs_user_objects` WHERE `user_id`="'.$user_id.'"';
$r2 = mysqli_query($ms, $q2);
$remove = true;
while ($row2 = mysqli_fetch_array($r2))
{
$imei = $row2['imei'];
if (checkObjectActive($imei))
{
$remove = false;
}
}
if ($remove == true)
{
$count++;
delUser($user_id);
}
}
return $count;
}
function serverCleanupObjectsNotActivated($days)
{
global $ms;
$count = 0;
if ($days == '') return $count;
$q = "SELECT * FROM `gs_objects` WHERE `active`='false' AND `object_expire`='true' AND `object_expire_dt` < DATE_SUB(UTC_DATE(), INTERVAL ".$days." DAY)";
$r = mysqli_query($ms, $q);
while ($row = mysqli_fetch_array($r))
{
$count++;
$imei = $row["imei"];
delObjectSystem($imei);
}
return $count;
}
function serverCleanupObjectsNotUsed()
{
global $ms;
$count = 0;
$q = "SELECT * FROM `gs_objects`";
$r = mysqli_query($ms, $q);
while ($row = mysqli_fetch_array($r))
{
$imei = $row["imei"];
if(!checkObjectExistsUser($imei))
{
$count++;
delObjectSystem($imei);
}
}
return $count;
}
function serverCleanupDbJunk()
{
global $ms;
$count = 0;
// check for user junk records
$user_ids = array();
$q = "SELECT * FROM `gs_users` WHERE `privileges` NOT LIKE ('%subuser%')";
$r = mysqli_query($ms, $q);
while ($row = mysqli_fetch_array($r))
{
$user_ids[] = $row["id"];
}
if (count($user_ids) > 0)
{
// gs_users - subaccounts
$q = "SELECT * FROM `gs_users` WHERE `privileges` LIKE '%subuser%'";
$r = mysqli_query($ms, $q);
while ($row = mysqli_fetch_array($r))
{
$user_id = $row['id'];
$manager_id = $row['manager_id'];
if (!in_array($manager_id, $user_ids))
{
$q2 = "DELETE FROM `gs_users` WHERE `id`='".$user_id."'";
$r2 = mysqli_query($ms, $q2);
$count++;
}
}
// gs_user_objects
$q = "SELECT * FROM `gs_user_objects`";
$r = mysqli_query($ms, $q);
while ($row = mysqli_fetch_array($r))
{
$user_id = $row['user_id'];
if (!in_array($user_id, $user_ids))
{
$q2 = "DELETE FROM `gs_user_objects` WHERE `user_id`='".$user_id."'";
$r2 = mysqli_query($ms, $q2);
$count++;
}
}
// gs_user_object_groups
$q = "SELECT * FROM `gs_user_object_groups`";
$r = mysqli_query($ms, $q);
while ($row = mysqli_fetch_array($r))
{
$user_id = $row['user_id'];
if (!in_array($user_id, $user_ids))
{
$q2 = "DELETE FROM `gs_user_object_groups` WHERE `user_id`='".$user_id."'";
$r2 = mysqli_query($ms, $q2);
$count++;
}
}
// gs_user_object_drivers
$q = "SELECT * FROM `gs_user_object_drivers`";
$r = mysqli_query($ms, $q);
while ($row = mysqli_fetch_array($r))
{
$user_id = $row['user_id'];
if (!in_array($user_id, $user_ids))
{
$q2 = "DELETE FROM `gs_user_object_drivers` WHERE `user_id`='".$user_id."'";
$r2 = mysqli_query($ms, $q2);
$count++;
}
}
// gs_user_object_passengers
$q = "SELECT * FROM `gs_user_object_passengers`";
$r = mysqli_query($ms, $q);
while ($row = mysqli_fetch_array($r))
{
$user_id = $row['user_id'];
if (!in_array($user_id, $user_ids))
{
$q2 = "DELETE FROM `gs_user_object_passengers` WHERE `user_id`='".$user_id."'";
$r2 = mysqli_query($ms, $q2);
$count++;
}
}
// gs_user_object_trailers
$q = "SELECT * FROM `gs_user_object_trailers`";
$r = mysqli_query($ms, $q);
while ($row = mysqli_fetch_array($r))
{
$user_id = $row['user_id'];
if (!in_array($user_id, $user_ids))
{
$q2 = "DELETE FROM `gs_user_object_trailers` WHERE `user_id`='".$user_id."'";
$r2 = mysqli_query($ms, $q2);
$count++;
}
}
// gs_user_places_groups
$q = "SELECT * FROM `gs_user_places_groups`";
$r = mysqli_query($ms, $q);
while ($row = mysqli_fetch_array($r))
{
$user_id = $row['user_id'];
if (!in_array($user_id, $user_ids))
{
$q2 = "DELETE FROM `gs_user_places_groups` WHERE `user_id`='".$user_id."'";
$r2 = mysqli_query($ms, $q2);
$count++;
}
}
// gs_user_markers
$q = "SELECT * FROM `gs_user_markers`";
$r = mysqli_query($ms, $q);
while ($row = mysqli_fetch_array($r))
{
$user_id = $row['user_id'];
if (!in_array($user_id, $user_ids))
{
$q2 = "DELETE FROM `gs_user_markers` WHERE `user_id`='".$user_id."'";
$r2 = mysqli_query($ms, $q2);
$count++;
}
}
// gs_user_routes
$q = "SELECT * FROM `gs_user_routes`";
$r = mysqli_query($ms, $q);
while ($row = mysqli_fetch_array($r))
{
$user_id = $row['user_id'];
if (!in_array($user_id, $user_ids))
{
$q2 = "DELETE FROM `gs_user_routes` WHERE `user_id`='".$user_id."'";
$r2 = mysqli_query($ms, $q2);
$count++;
}
}
// gs_user_zones
$q = "SELECT * FROM `gs_user_zones`";
$r = mysqli_query($ms, $q);
while ($row = mysqli_fetch_array($r))
{
$user_id = $row['user_id'];
if (!in_array($user_id, $user_ids))
{
$q2 = "DELETE FROM `gs_user_zones` WHERE `user_id`='".$user_id."'";
$r2 = mysqli_query($ms, $q2);
$count++;
}
}
// gs_user_cmd
$q = "SELECT * FROM `gs_user_cmd`";
$r = mysqli_query($ms, $q);
while ($row = mysqli_fetch_array($r))
{
$user_id = $row['user_id'];
if (!in_array($user_id, $user_ids))
{
$q2 = "DELETE FROM `gs_user_cmd` WHERE `user_id`='".$user_id."'";
$r2 = mysqli_query($ms, $q2);
$count++;
}
}
// gs_user_cmd_schedule
$q = "SELECT * FROM `gs_user_cmd_schedule`";
$r = mysqli_query($ms, $q);
while ($row = mysqli_fetch_array($r))
{
$user_id = $row['user_id'];
if (!in_array($user_id, $user_ids))
{
$q2 = "DELETE FROM `gs_user_cmd_schedule` WHERE `user_id`='".$user_id."'";
$r2 = mysqli_query($ms, $q2);
$count++;
}
}
// gs_user_events
$q = "SELECT * FROM `gs_user_events`";
$r = mysqli_query($ms, $q);
while ($row = mysqli_fetch_array($r))
{
$user_id = $row['user_id'];
if (!in_array($user_id, $user_ids))
{
$q2 = "DELETE FROM `gs_user_events` WHERE `user_id`='".$user_id."'";
$r2 = mysqli_query($ms, $q2);
$count++;
}
}
// gs_user_events_data
$q = "SELECT * FROM `gs_user_events_data`";
$r = mysqli_query($ms, $q);
while ($row = mysqli_fetch_array($r))
{
$user_id = $row['user_id'];
if (!in_array($user_id, $user_ids))
{
$q2 = "DELETE FROM `gs_user_events_data` WHERE `user_id`='".$user_id."'";
$r2 = mysqli_query($ms, $q2);
$count++;
}
}
// gs_user_templates
$q = "SELECT * FROM `gs_user_templates`";
$r = mysqli_query($ms, $q);
while ($row = mysqli_fetch_array($r))
{
$user_id = $row['user_id'];
if (!in_array($user_id, $user_ids))
{
$q2 = "DELETE FROM `gs_user_templates` WHERE `user_id`='".$user_id."'";
$r2 = mysqli_query($ms, $q2);
$count++;
}
}
// gs_user_reports
$q = "SELECT * FROM `gs_user_reports`";
$r = mysqli_query($ms, $q);
while ($row = mysqli_fetch_array($r))
{
$user_id = $row['user_id'];
if (!in_array($user_id, $user_ids))
{
$q2 = "DELETE FROM `gs_user_reports` WHERE `user_id`='".$user_id."'";
$r2 = mysqli_query($ms, $q2);
$count++;
}
}
// gs_user_billing_plans
$q = "SELECT * FROM `gs_user_billing_plans`";
$r = mysqli_query($ms, $q);
while ($row = mysqli_fetch_array($r))
{
$user_id = $row['user_id'];
if (!in_array($user_id, $user_ids))
{
$q2 = "DELETE FROM `gs_user_billing_plans` WHERE `user_id`='".$user_id."'";
$r2 = mysqli_query($ms, $q2);
$count++;
}
}
}
// check for object junk records
$object_imeis = array();
$q = "SELECT * FROM `gs_objects`";
$r = mysqli_query($ms, $q);
while ($row = mysqli_fetch_array($r))
{
$object_imeis[] = $row["imei"];
}
if (count($object_imeis) > 0)
{
// gs_user_objects
$q = "SELECT * FROM `gs_user_objects`";
$r = mysqli_query($ms, $q);
while ($row = mysqli_fetch_array($r))
{
$imei = $row['imei'];
if (!in_array($imei, $object_imeis))
{
$q2 = "DELETE FROM `gs_user_objects` WHERE `imei`='".$imei."'";
$r2 = mysqli_query($ms, $q2);
$count++;
}
}
// gs_object_sensors
$q = "SELECT * FROM `gs_object_sensors`";
$r = mysqli_query($ms, $q);
while ($row = mysqli_fetch_array($r))
{
$imei = $row['imei'];
if (!in_array($imei, $object_imeis))
{
$q2 = "DELETE FROM `gs_object_sensors` WHERE `imei`='".$imei."'";
$r2 = mysqli_query($ms, $q2);
$count++;
}
}
// gs_object_services
$q = "SELECT * FROM `gs_object_services`";
$r = mysqli_query($ms, $q);
while ($row = mysqli_fetch_array($r))
{
$imei = $row['imei'];
if (!in_array($imei, $object_imeis))
{
$q2 = "DELETE FROM `gs_object_services` WHERE `imei`='".$imei."'";
$r2 = mysqli_query($ms, $q2);
$count++;
}
}
// gs_object_custom_fields
$q = "SELECT * FROM `gs_object_custom_fields`";
$r = mysqli_query($ms, $q);
while ($row = mysqli_fetch_array($r))
{
$imei = $row['imei'];
if (!in_array($imei, $object_imeis))
{
$q2 = "DELETE FROM `gs_object_custom_fields` WHERE `imei`='".$imei."'";
$r2 = mysqli_query($ms, $q2);
$count++;
}
}
}
// check for event junk records
$event_ids = array();
$q = "SELECT * FROM `gs_user_events`";
$r = mysqli_query($ms, $q);
while ($row = mysqli_fetch_array($r))
{
$event_ids[] = $row["event_id"];
}
if (count($event_ids) > 0)
{
// gs_user_events_status
$q = "SELECT * FROM `gs_user_events_status`";
$r = mysqli_query($ms, $q);
while ($row = mysqli_fetch_array($r))
{
$event_id = $row['event_id'];
if (!in_array($event_id, $event_ids))
{
$q2 = "DELETE FROM `gs_user_events_status` WHERE `event_id`='".$event_id."'";
$r2 = mysqli_query($ms, $q2);
$count++;
}
}
}
return $count;
}
?>
\ No newline at end of file
func/fn_cmd.php 0 → 100644
View file @ ff8836d5
<?
session_start();
include ('../init.php');
include ('fn_common.php');
include ('../tools/sms.php');
checkUserSession();
loadLanguage($_SESSION["language"], $_SESSION["units"]);
// check privileges
if ($_SESSION["privileges"] == 'subuser')
{
$user_id = $_SESSION["manager_id"];
}
else
{
$user_id = $_SESSION["user_id"];
}
if(@$_GET['cmd'] == 'load_cmd_schedule_list')
{
$page = $_GET['page']; // get the requested page
$limit = $_GET['rows']; // get how many rows we want to have into the grid
$sidx = $_GET['sidx']; // get index row - i.e. user click to sort
$sord = $_GET['sord']; // get the direction
if(!$sidx) $sidx =1;
// get records number
$q = "SELECT * FROM `gs_user_cmd_schedule` WHERE `user_id`='".$user_id."'";
$r = mysqli_query($ms, $q);
$count = mysqli_num_rows($r);
if( $count >0 )
{
$total_pages = ceil($count/$limit);
}
else
{
$total_pages = 1;
}
if ($page > $total_pages) $page=$total_pages;
$start = $limit*$page - $limit; // do not put $limit*($page - 1)
$q = "SELECT * FROM `gs_user_cmd_schedule` WHERE `user_id`='".$user_id."' ORDER BY $sidx $sord LIMIT $start, $limit";
$result = mysqli_query($ms, $q);
$responce = new stdClass();
$responce->page = $page;
$responce->total = $total_pages;
$responce->records = $count;
$i=0;
while($row = mysqli_fetch_array($result))
{
$cmd_id = $row['cmd_id'];
$name = $row['name'];
if ($row['exact_time'] == 'true')
{
$schedule = $la['EXACT_TIME'];
}
else
{
$schedule = $la['RECURRING'];
}
$gateway = strtoupper($row['gateway']);
$type = strtoupper($row['type']);
$cmd = $row['cmd'];
if ($row['active'] == 'true')
{
$active = '<img src="theme/images/tick-green.svg" />';
}
else
{
$active = '<img src="theme/images/remove-red.svg" style="width:12px;" />';
}
// set modify buttons
$modify = '<a href="#" onclick="cmdScheduleProperties(\''.$cmd_id.'\');" title="'.$la['EDIT'].'"><img src="theme/images/edit.svg" />';
$modify .= '<a href="#" onclick="cmdScheduleDelete(\''.$cmd_id.'\');" title="'.$la['DELETE'].'"><img src="theme/images/remove3.svg" /></a>';
// set row
$responce->rows[$i]['id']=$cmd_id;
$responce->rows[$i]['cell']=array($name,$active,$schedule,$gateway,$type,$cmd,$modify);
$i++;
}
header('Content-type: application/json');
echo json_encode($responce);
die;
}
if(@$_POST['cmd'] == 'load_cmd_schedule')
{
$result = array();
$cmd_id = $_POST['cmd_id'];
$q = "SELECT * FROM `gs_user_cmd_schedule` WHERE `cmd_id`='".$cmd_id."'";
$r = mysqli_query($ms, $q);
$row = mysqli_fetch_array($r);
$day_time = json_decode($row['day_time'], true);
$result = array('name' => $row['name'],
'active' => $row['active'],
'exact_time' => $row['exact_time'],
'exact_time_dt' => $row['exact_time_dt'],
'day_time' => $day_time,
'protocol' => $row['protocol'],
'imei' => $row['imei'],
'gateway' => $row['gateway'],
'type' => $row['type'],
'cmd' => $row['cmd']);
echo json_encode($result);
die;
}
if(@$_POST['cmd'] == 'save_cmd_schedule')
{
$cmd_id = $_POST["cmd_id"];
$name = $_POST["name"];
$active = $_POST["active"];
$exact_time = $_POST["exact_time"];
$exact_time_dt = $_POST["exact_time_dt"];
$day_time = $_POST["day_time"];
$protocol = $_POST["protocol"];
$imei = $_POST["imei"];
$gateway = $_POST["gateway"];
$type = $_POST["type"];
$cmd_ = $_POST["cmd_"];
if ($cmd_id == 'false')
{
$q = "INSERT INTO `gs_user_cmd_schedule`(`user_id`,
`name`,
`active`,
`exact_time`,
`exact_time_dt`,
`day_time`,
`protocol`,
`imei`,
`gateway`,
`type`,
`cmd`)
VALUES
('".$user_id."',
'".$name."',
'".$active."',
'".$exact_time."',
'".$exact_time_dt."',
'".$day_time."',
'".$protocol."',
'".$imei."',
'".$gateway."',
'".$type."',
'".$cmd_."')";
}
else
{
$q = "UPDATE `gs_user_cmd_schedule` SET `name`='".$name."',
`active`='".$active."',
`exact_time`='".$exact_time."',
`exact_time_dt`='".$exact_time_dt."',
`day_time`='".$day_time."',
`protocol`='".$protocol."',
`imei`='".$imei."',
`protocol`='".$protocol."',
`gateway`='".$gateway."',
`type`='".$type."',
`cmd`='".$cmd_."',
`dt_schedule_e`='',
`dt_schedule_d`=''
WHERE `cmd_id`='".$cmd_id."'";
}
$r = mysqli_query($ms, $q);
echo 'OK';
die;
}
if(@$_POST['cmd'] == 'delete_cmd_schedule')
{
$cmd_id = $_POST["cmd_id"];
$q = "DELETE FROM `gs_user_cmd_schedule` WHERE `cmd_id`='".$cmd_id."' AND `user_id`='".$user_id."'";
$r = mysqli_query($ms, $q);
echo 'OK';
die;
}
if(@$_POST['cmd'] == 'delete_selected_cmd_schedules')
{
$items = $_POST["items"];
for ($i = 0; $i < count($items); ++$i)
{
$item = $items[$i];
$q = "DELETE FROM `gs_user_cmd_schedule` WHERE `cmd_id`='".$item."' AND `user_id`='".$user_id."'";
$r = mysqli_query($ms, $q);
}
echo 'OK';
die;
}
if(@$_POST['cmd'] == 'save_cmd_template')
{
$cmd_id = $_POST["cmd_id"];
$name = $_POST["name"];
$protocol = $_POST["protocol"];
$gateway = $_POST["gateway"];
$type = $_POST["type"];
$cmd_ = $_POST["cmd_"];
if ($cmd_id == 'false')
{
$q = "INSERT INTO `gs_user_cmd`(`user_id`,
`name`,
`protocol`,
`gateway`,
`type`,
`cmd`)
VALUES
('".$user_id."',
'".$name."',
'".$protocol."',
'".$gateway."',
'".$type."',
'".$cmd_."')";
}
else
{
$q = "UPDATE `gs_user_cmd` SET `name`='".$name."',
`protocol`='".$protocol."',
`gateway`='".$gateway."',
`type`='".$type."',
`cmd`='".$cmd_."'
WHERE `cmd_id`='".$cmd_id."'";
}
$r = mysqli_query($ms, $q);
echo 'OK';
die;
}
if(@$_POST['cmd'] == 'delete_cmd_template')
{
$cmd_id = $_POST["cmd_id"];
$q = "DELETE FROM `gs_user_cmd` WHERE `cmd_id`='".$cmd_id."' AND `user_id`='".$user_id."'";
$r = mysqli_query($ms, $q);
echo 'OK';
die;
}
if(@$_POST['cmd'] == 'delete_selected_cmd_templates')
{
$items = $_POST["items"];
for ($i = 0; $i < count($items); ++$i)
{
$item = $items[$i];
$q = "DELETE FROM `gs_user_cmd` WHERE `cmd_id`='".$item."' AND `user_id`='".$user_id."'";
$r = mysqli_query($ms, $q);
}
echo 'OK';
die;
}
if(@$_POST['cmd'] == 'delete_cmd_exec')
{
$cmd_id = $_POST["cmd_id"];
$q = "DELETE FROM `gs_object_cmd_exec` WHERE `cmd_id`='".$cmd_id."' AND `user_id`='".$user_id."'";
$r = mysqli_query($ms, $q);
echo 'OK';
die;
}
if(@$_POST['cmd'] == 'delete_selected_cmd_execs')
{
$items = $_POST["items"];
for ($i = 0; $i < count($items); ++$i)
{
$item = $items[$i];
$q = "DELETE FROM `gs_object_cmd_exec` WHERE `cmd_id`='".$item."' AND `user_id`='".$user_id."'";
$r = mysqli_query($ms, $q);
}
echo 'OK';
die;
}
if(@$_POST['cmd'] == 'exec_cmd')
{
$imei = $_POST["imei"];
$name = $_POST["name"];
$gateway = $_POST["gateway"];
$sim_number = $_POST["sim_number"];
$type = $_POST["type"];
$cmd_ = $_POST["cmd_"];
if ($gateway == 'gprs')
{
sendObjectGPRSCommand($user_id, $imei, $name, $type, $cmd_);
}
else if ($gateway == 'sms')
{
$result = sendObjectSMSCommand($user_id, $imei, $name, $cmd_);
if ($result == false)
{
echo 'error_sms';
die;
}
}
echo 'OK';
die;
}
if(@$_GET['cmd'] == 'load_cmd_exec_list')
{
$page = $_GET['page']; // get the requested page
$limit = $_GET['rows']; // get how many rows we want to have into the grid
$sidx = $_GET['sidx']; // get index row - i.e. user click to sort
$sord = $_GET['sord']; // get the direction
if(!$sidx) $sidx = 1;
// get records number
if ($_SESSION["privileges"] == 'subuser')
{
$q = "SELECT * FROM `gs_object_cmd_exec` WHERE `imei` IN (".$_SESSION["privileges_imei"].")";
}
else
{
$q = "SELECT * FROM `gs_object_cmd_exec` WHERE `imei` IN (".getUserObjectIMEIs($user_id).")";
}
$r = mysqli_query($ms, $q);
if (!$r){die;}
$count = mysqli_num_rows($r);
if ($_SESSION["privileges"] == 'subuser')
{
$q = "SELECT * FROM `gs_object_cmd_exec` WHERE `imei` IN (".$_SESSION["privileges_imei"].") ORDER BY $sidx $sord";
}
else
{
$q = "SELECT * FROM `gs_object_cmd_exec` WHERE `imei` IN (".getUserObjectIMEIs($user_id).") ORDER BY $sidx $sord";
}
$r = mysqli_query($ms, $q);
if (!$r){die;}
$responce = new stdClass();
$responce->page = 1;
//$responce->total = $count;
$responce->records = $count;
$i=0;
while($row = mysqli_fetch_array($r))
{
$cmd_id = $row['cmd_id'];
$time = convUserTimezone($row['dt_cmd']);
$object = getObjectName($row['imei']);
$name = $row['name'];
$gateway = strtoupper($row['gateway']);
$type = strtoupper($row['type']);
$cmd = $row['cmd'];
if ($row['status'] == 0)
{
$status = '<span class="spinner" style="height: 3px;"></span>';
}
else if ($row['status'] == 1)
{
$status = '<img src="theme/images/tick-green.svg" />';
}
$re_hex = $row['re_hex'];
// set modify buttons
$modify = '<a href="#" onclick="cmdExecDelete(\''.$cmd_id.'\');" title="'.$la['DELETE'].'"><img src="theme/images/remove3.svg" /></a>';
// set row
$responce->rows[$i]['id']=$cmd_id;
$responce->rows[$i]['cell']=array($time,$object,$name,$gateway,$type,$cmd,$status,$modify,$re_hex);
$i++;
}
header('Content-type: application/json');
echo json_encode($responce);
die;
}
if(@$_GET['cmd'] == 'load_cmd_template_list')
{
$page = $_GET['page']; // get the requested page
$limit = $_GET['rows']; // get how many rows we want to have into the grid
$sidx = $_GET['sidx']; // get index row - i.e. user click to sort
$sord = $_GET['sord']; // get the direction
if(!$sidx) $sidx =1;
// get records number
$q = "SELECT * FROM `gs_user_cmd` WHERE `user_id`='".$user_id."'";
$r = mysqli_query($ms, $q);
$count = mysqli_num_rows($r);
if( $count >0 )
{
$total_pages = ceil($count/$limit);
}
else
{
$total_pages = 1;
}
if ($page > $total_pages) $page=$total_pages;
$start = $limit*$page - $limit; // do not put $limit*($page - 1)
$q = "SELECT * FROM `gs_user_cmd` WHERE `user_id`='".$user_id."' ORDER BY $sidx $sord LIMIT $start, $limit";
$result = mysqli_query($ms, $q);
$responce = new stdClass();
$responce->page = $page;
$responce->total = $total_pages;
$responce->records = $count;
$i=0;
while($row = mysqli_fetch_array($result))
{
$cmd_id = $row['cmd_id'];
$name = $row['name'];
$protocol = $row['protocol'];
$gateway = strtoupper($row['gateway']);
$type = strtoupper($row['type']);
$cmd = $row['cmd'];
// set modify buttons
$modify = '<a href="#" onclick="cmdTemplateProperties(\''.$cmd_id.'\');" title="'.$la['EDIT'].'"><img src="theme/images/edit.svg" />';
$modify .= '<a href="#" onclick="cmdTemplateDelete(\''.$cmd_id.'\');" title="'.$la['DELETE'].'"><img src="theme/images/remove3.svg" /></a>';
// set row
$responce->rows[$i]['id']=$cmd_id;
$responce->rows[$i]['cell']=array($name,$protocol,$gateway,$type,$cmd,$modify);
$i++;
}
header('Content-type: application/json');
echo json_encode($responce);
die;
}
if(@$_POST['cmd'] == 'load_cmd_template_data')
{
$q = "SELECT * FROM `gs_user_cmd` WHERE `user_id`='".$user_id."' ORDER BY `cmd_id` ASC";
$r = mysqli_query($ms, $q);
$result = array();
while($row=mysqli_fetch_array($r))
{
$cmd_id = $row['cmd_id'];
$result[$cmd_id] = array( 'name' => $row['name'],
'protocol' => $row['protocol'],
'gateway' => $row['gateway'],
'type' => $row['type'],
'cmd' => $row['cmd']
);
}
echo json_encode($result);
die;
}
?>
\ No newline at end of file
func/fn_common.php 0 → 100644
View file @ ff8836d5
This diff is collapsed.
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment