From 388b9afde41a3a9764b2f94ee8f31dced26f7aff Mon Sep 17 00:00:00 2001 From: Miguel Ribeiro Date: Mon, 7 Oct 2024 23:09:08 +0200 Subject: [PATCH] new api endpoints --- api/admin/get_admin_settings.php | 116 +++++++ api/categories/get_categories.php | 124 +++++++ api/currencies/get_currencies.php | 135 +++++++ api/fixer/get_fixer.php | 106 ++++++ api/household/get_household.php | 117 +++++++ .../get_notification_settings.php | 196 +++++++++++ api/payment_methods/get_payment_methods.php | 153 ++++++++ api/settings/get_settings.php | 123 +++++++ api/subscriptions/get_monthly_cost.php | 35 +- api/subscriptions/get_subscriptions.php | 328 ++++++++++++++++++ api/users/get_user.php | 92 +++++ includes/version.php | 2 +- 12 files changed, 1515 insertions(+), 12 deletions(-) create mode 100644 api/admin/get_admin_settings.php create mode 100644 api/categories/get_categories.php create mode 100644 api/currencies/get_currencies.php create mode 100644 api/fixer/get_fixer.php create mode 100644 api/household/get_household.php create mode 100644 api/notifications/get_notification_settings.php create mode 100644 api/payment_methods/get_payment_methods.php create mode 100644 api/settings/get_settings.php create mode 100644 api/subscriptions/get_subscriptions.php create mode 100644 api/users/get_user.php diff --git a/api/admin/get_admin_settings.php b/api/admin/get_admin_settings.php new file mode 100644 index 000000000..a2e3bb2d5 --- /dev/null +++ b/api/admin/get_admin_settings.php @@ -0,0 +1,116 @@ + false, + "title" => "Missing parameters" + ]; + echo json_encode($response); + exit; + } + + $apiKey = $_REQUEST['api_key']; + + // Get user from API key + $sql = "SELECT * FROM user WHERE api_key = :apiKey"; + $stmt = $db->prepare($sql); + $stmt->bindValue(':apiKey', $apiKey); + $result = $stmt->execute(); + $user = $result->fetchArray(SQLITE3_ASSOC); + + // If the user is not found, return an error + if (!$user) { + $response = [ + "success" => false, + "title" => "Invalid API key" + ]; + echo json_encode($response); + exit; + } + + $userId = $user['id']; + + if ($userId !== 1) { + $response = [ + "success" => false, + "title" => "Invalid user" + ]; + echo json_encode($response); + exit; + } + + $sql = "SELECT * FROM 'admin'"; + $stmt = $db->prepare($sql); + $stmt->bindValue(':userId', $userId); + $result = $stmt->execute(); + $admin_settings = $result->fetchArray(SQLITE3_ASSOC); + + if ($admin_settings) { + unset($admin_settings['id']); + // if the smtp_password is set, hide it + if (isset($admin_settings['smtp_password'])) { + $admin_settings['smtp_password'] = "********"; + } + } + + $response = [ + "success" => true, + "title" => "admin_settings", + "admin_settings" => $admin_settings, + "notes" => [] + ]; + + echo json_encode($response); + + $db->close(); + +} else { + $response = [ + "success" => false, + "title" => "Invalid request method" + ]; + echo json_encode($response); + exit; +} + +?> \ No newline at end of file diff --git a/api/categories/get_categories.php b/api/categories/get_categories.php new file mode 100644 index 000000000..34541d19a --- /dev/null +++ b/api/categories/get_categories.php @@ -0,0 +1,124 @@ + false, + "title" => "Missing parameters" + ]; + echo json_encode($response); + exit; + } + + $apiKey = $_REQUEST['api_key']; + + // Get user from API key + $sql = "SELECT * FROM user WHERE api_key = :apiKey"; + $stmt = $db->prepare($sql); + $stmt->bindValue(':apiKey', $apiKey); + $result = $stmt->execute(); + $user = $result->fetchArray(SQLITE3_ASSOC); + + // If the user is not found, return an error + if (!$user) { + $response = [ + "success" => false, + "title" => "Invalid API key" + ]; + echo json_encode($response); + exit; + } + + $userId = $user['id']; + + $sql = "SELECT * FROM categories WHERE user_id = :userId"; + $stmt = $db->prepare($sql); + $stmt->bindValue(':userId', $userId); + $result = $stmt->execute(); + $categories = []; + while ($row = $result->fetchArray(SQLITE3_ASSOC)) { + $categories[] = $row; + } + + foreach ($categories as $key => $value) { + unset($categories[$key]['user_id']); + // Check if it's in use in any subscription + $categoryId = $categories[$key]['id']; + $sql = "SELECT COUNT(*) as count FROM subscriptions WHERE user_id = :userId AND category_id = :categoryId"; + $stmt = $db->prepare($sql); + $stmt->bindValue(':categoryId', $categoryId); + $stmt->bindValue(':userId', $userId); + $result = $stmt->execute(); + $count = $result->fetchArray(SQLITE3_ASSOC); + if ($count['count'] > 0) { + $categories[$key]['in_use'] = true; + } else { + $categories[$key]['in_use'] = false; + } + } + + $response = [ + "success" => true, + "title" => "categories", + "categories" => $categories, + "notes" => [] + ]; + + echo json_encode($response); + + $db->close(); + +} else { + $response = [ + "success" => false, + "title" => "Invalid request method" + ]; + echo json_encode($response); + exit; +} + +?> \ No newline at end of file diff --git a/api/currencies/get_currencies.php b/api/currencies/get_currencies.php new file mode 100644 index 000000000..22b9a630b --- /dev/null +++ b/api/currencies/get_currencies.php @@ -0,0 +1,135 @@ + false, + "title" => "Missing parameters" + ]; + echo json_encode($response); + exit; + } + + $apiKey = $_REQUEST['api_key']; + + // Get user from API key + $sql = "SELECT * FROM user WHERE api_key = :apiKey"; + $stmt = $db->prepare($sql); + $stmt->bindValue(':apiKey', $apiKey); + $result = $stmt->execute(); + $user = $result->fetchArray(SQLITE3_ASSOC); + + // If the user is not found, return an error + if (!$user) { + $response = [ + "success" => false, + "title" => "Invalid API key" + ]; + echo json_encode($response); + exit; + } + + $userId = $user['id']; + + $sql = "SELECT * FROM currencies WHERE user_id = :userId"; + $stmt = $db->prepare($sql); + $stmt->bindValue(':userId', $userId); + $result = $stmt->execute(); + $currencies = []; + while ($row = $result->fetchArray(SQLITE3_ASSOC)) { + $currencies[] = $row; + } + + foreach ($currencies as $key => $value) { + unset($currencies[$key]['user_id']); + // Check if it's in use in any subscription + $currencyId = $currencies[$key]['id']; + $sql = "SELECT COUNT(*) as count FROM subscriptions WHERE user_id = :userId AND currency_id = :currencyId"; + $stmt = $db->prepare($sql); + $stmt->bindValue(':currencyId', $currencyId); + $stmt->bindValue(':userId', $userId); + $result = $stmt->execute(); + $count = $result->fetchArray(SQLITE3_ASSOC); + if ($count['count'] > 0) { + $currencies[$key]['in_use'] = true; + } else { + $currencies[$key]['in_use'] = false; + } + } + + $mainCurrency = $user['main_currency']; + + $response = [ + "success" => true, + "title" => "currencies", + "main_currency" => $mainCurrency, + "currencies" => $currencies, + "notes" => [] + ]; + + echo json_encode($response); + + $db->close(); + +} else { + $response = [ + "success" => false, + "title" => "Invalid request method" + ]; + echo json_encode($response); + exit; +} + +?> \ No newline at end of file diff --git a/api/fixer/get_fixer.php b/api/fixer/get_fixer.php new file mode 100644 index 000000000..05abc8f53 --- /dev/null +++ b/api/fixer/get_fixer.php @@ -0,0 +1,106 @@ + false, + "title" => "Missing parameters" + ]; + echo json_encode($response); + exit; + } + + $apiKey = $_REQUEST['api_key']; + + // Get user from API key + $sql = "SELECT * FROM user WHERE api_key = :apiKey"; + $stmt = $db->prepare($sql); + $stmt->bindValue(':apiKey', $apiKey); + $result = $stmt->execute(); + $user = $result->fetchArray(SQLITE3_ASSOC); + + // If the user is not found, return an error + if (!$user) { + $response = [ + "success" => false, + "title" => "Invalid API key" + ]; + echo json_encode($response); + exit; + } + + $userId = $user['id']; + $providers = [ + 0 => "Fixer.io", + 1 => "APILayer.com" + ]; + + $query = "SELECT * FROM fixer WHERE user_id = :userId"; + $stmt = $db->prepare($query); + $stmt->bindValue(':userId', $userId); + $result = $stmt->execute(); + $fixer = $result->fetchArray(SQLITE3_ASSOC); + + $notes = []; + + if ($fixer) { + unset($fixer['user_id']); + $fixer['provider_name'] = $providers[$fixer['provider']]; + if ($fixer['api_key']) { + $fixer['api_key'] = "********"; + } + } else { + $fixer = []; + $notes[] = "No fixer settings found"; + } + + $response = [ + "success" => true, + "title" => "fixer", + "fixer" => $fixer, + "notes" => $notes + ]; + + echo json_encode($response); + + $db->close(); + +} else { + $response = [ + "success" => false, + "title" => "Invalid request method" + ]; + echo json_encode($response); + exit; +} + +?> \ No newline at end of file diff --git a/api/household/get_household.php b/api/household/get_household.php new file mode 100644 index 000000000..232fbfad9 --- /dev/null +++ b/api/household/get_household.php @@ -0,0 +1,117 @@ + false, + "title" => "Missing parameters" + ]; + echo json_encode($response); + exit; + } + + $apiKey = $_REQUEST['api_key']; + + // Get user from API key + $sql = "SELECT * FROM user WHERE api_key = :apiKey"; + $stmt = $db->prepare($sql); + $stmt->bindValue(':apiKey', $apiKey); + $result = $stmt->execute(); + $user = $result->fetchArray(SQLITE3_ASSOC); + + // If the user is not found, return an error + if (!$user) { + $response = [ + "success" => false, + "title" => "Invalid API key" + ]; + echo json_encode($response); + exit; + } + + $userId = $user['id']; + + $sql = "SELECT * FROM household WHERE user_id = :userId"; + $stmt = $db->prepare($sql); + $stmt->bindValue(':userId', $userId); + $result = $stmt->execute(); + $household = []; + while ($row = $result->fetchArray(SQLITE3_ASSOC)) { + $household[] = $row; + } + + foreach ($household as $key => $value) { + unset($household[$key]['user_id']); + // Check if is used in any subscriptions + $sql = "SELECT * FROM subscriptions WHERE user_id = :userId AND payer_user_id = :householdId"; + $stmt = $db->prepare($sql); + $stmt->bindValue(':userId', $userId); + $stmt->bindValue(':householdId', $household[$key]['id']); + $result = $stmt->execute(); + $subscription = $result->fetchArray(SQLITE3_ASSOC); + if ($subscription) { + $household[$key]['in_use'] = true; + } else { + $household[$key]['in_use'] = false; + } + } + + $response = [ + "success" => true, + "title" => "household", + "household" => $household, + "notes" => [] + ]; + + echo json_encode($response); + + $db->close(); + +} else { + $response = [ + "success" => false, + "title" => "Invalid request method" + ]; + echo json_encode($response); + exit; +} + +?> \ No newline at end of file diff --git a/api/notifications/get_notification_settings.php b/api/notifications/get_notification_settings.php new file mode 100644 index 000000000..e1f289248 --- /dev/null +++ b/api/notifications/get_notification_settings.php @@ -0,0 +1,196 @@ + false, + "title" => "Missing parameters" + ]; + echo json_encode($response); + exit; + } + + $apiKey = $_REQUEST['api_key']; + + // Get user from API key + $sql = "SELECT * FROM user WHERE api_key = :apiKey"; + $stmt = $db->prepare($sql); + $stmt->bindValue(':apiKey', $apiKey); + $result = $stmt->execute(); + $user = $result->fetchArray(SQLITE3_ASSOC); + + // If the user is not found, return an error + if (!$user) { + $response = [ + "success" => false, + "title" => "Invalid API key" + ]; + echo json_encode($response); + exit; + } + + $userId = $user['id']; + + $query = "SELECT * FROM notification_settings WHERE user_id = :userId"; + $stmt = $db->prepare($query); + $stmt->bindValue(':userId', $userId); + $result = $stmt->execute(); + $notification_settings = $result->fetchArray(SQLITE3_ASSOC); + + if ($notification_settings) { + unset($notification_settings['user_id']); + } else { + $notification_settings = []; + } + + $query = "SELECT * FROM email_notifications WHERE user_id = :userId"; + $stmt = $db->prepare($query); + $stmt->bindValue(':userId', $userId); + $result = $stmt->execute(); + $email_notifications = $result->fetchArray(SQLITE3_ASSOC); + if ($email_notifications) { + unset($email_notifications['user_id']); + if (isset($email_notifications['smtp_password'])) { + $email_notifications['smtp_password'] = "********"; + } + $notification_settings['email_notifications'] = $email_notifications; + } + + $query = "SELECT * FROM discord_notifications WHERE user_id = :userId"; + $stmt = $db->prepare($query); + $stmt->bindValue(':userId', $userId); + $result = $stmt->execute(); + $discord_notifications = $result->fetchArray(SQLITE3_ASSOC); + if ($discord_notifications) { + unset($discord_notifications['user_id']); + $notification_settings['discord_notifications'] = $discord_notifications; + } + + $query = "SELECT * FROM gotify_notifications WHERE user_id = :userId"; + $stmt = $db->prepare($query); + $stmt->bindValue(':userId', $userId); + $result = $stmt->execute(); + $gotify_notifications = $result->fetchArray(SQLITE3_ASSOC); + if ($gotify_notifications) { + unset($gotify_notifications['user_id']); + if (isset($gotify_notifications['token'])) { + $gotify_notifications['token'] = "********"; + } + $notification_settings['gotify_notifications'] = $gotify_notifications; + } + + $query = "SELECT * FROM ntfy_notifications WHERE user_id = :userId"; + $stmt = $db->prepare($query); + $stmt->bindValue(':userId', $userId); + $result = $stmt->execute(); + $ntfy_notifications = $result->fetchArray(SQLITE3_ASSOC); + if ($ntfy_notifications) { + unset($ntfy_notifications['user_id']); + if (isset($ntfy_notifications['headers'])) { + $ntfy_notifications['headers'] = "********"; + } + $notification_settings['ntfy_notifications'] = $ntfy_notifications; + } + + $query = "SELECT * FROM pushover_notifications WHERE user_id = :userId"; + $stmt = $db->prepare($query); + $stmt->bindValue(':userId', $userId); + $result = $stmt->execute(); + $pushover_notifications = $result->fetchArray(SQLITE3_ASSOC); + if ($pushover_notifications) { + unset($pushover_notifications['user_id']); + if (isset($pushover_notifications['token'])) { + $pushover_notifications['token'] = "********"; + } + $notification_settings['pushover_notifications'] = $pushover_notifications; + } + + $query = "SELECT * FROM telegram_notifications WHERE user_id = :userId"; + $stmt = $db->prepare($query); + $stmt->bindValue(':userId', $userId); + $result = $stmt->execute(); + $telegram_notifications = $result->fetchArray(SQLITE3_ASSOC); + if ($telegram_notifications) { + unset($telegram_notifications['user_id']); + if (isset($telegram_notifications['bot_token'])) { + $telegram_notifications['bot_token'] = "********"; + } + $notification_settings['telegram_notifications'] = $telegram_notifications; + } + + $query = "SELECT * FROM webhook_notifications WHERE user_id = :userId"; + $stmt = $db->prepare($query); + $stmt->bindValue(':userId', $userId); + $result = $stmt->execute(); + $webhook_notifications = $result->fetchArray(SQLITE3_ASSOC); + if ($webhook_notifications) { + unset($webhook_notifications['user_id']); + if (isset($webhook_notifications['headers'])) { + $webhook_notifications['headers'] = "********"; + } + $notification_settings['webhook_notifications'] = $webhook_notifications; + } + + $response = [ + "success" => true, + "title" => "notification_settings", + "notification_settings" => $notification_settings, + "notes" => [] + ]; + + echo json_encode($response); + + $db->close(); + +} else { + $response = [ + "success" => false, + "title" => "Invalid request method" + ]; + echo json_encode($response); + exit; +} + +?> \ No newline at end of file diff --git a/api/payment_methods/get_payment_methods.php b/api/payment_methods/get_payment_methods.php new file mode 100644 index 000000000..75b332343 --- /dev/null +++ b/api/payment_methods/get_payment_methods.php @@ -0,0 +1,153 @@ + false, + "title" => "Missing parameters" + ]; + echo json_encode($response); + exit; + } + + $apiKey = $_REQUEST['api_key']; + + // Get user from API key + $sql = "SELECT * FROM user WHERE api_key = :apiKey"; + $stmt = $db->prepare($sql); + $stmt->bindValue(':apiKey', $apiKey); + $result = $stmt->execute(); + $user = $result->fetchArray(SQLITE3_ASSOC); + + // If the user is not found, return an error + if (!$user) { + $response = [ + "success" => false, + "title" => "Invalid API key" + ]; + echo json_encode($response); + exit; + } + + $userId = $user['id']; + + $sql = "SELECT * FROM payment_methods WHERE user_id = :userId"; + $stmt = $db->prepare($sql); + $stmt->bindValue(':userId', $userId); + $result = $stmt->execute(); + $payment_methods = []; + while ($row = $result->fetchArray(SQLITE3_ASSOC)) { + $payment_methods[] = $row; + } + + foreach ($payment_methods as $key => $value) { + unset($payment_methods[$key]['user_id']); + // Check if is used in any subscriptions + $sql = "SELECT * FROM subscriptions WHERE user_id = :userId AND payment_method_id = :paymentMethodId"; + $stmt = $db->prepare($sql); + $stmt->bindValue(':userId', $userId); + $stmt->bindValue(':paymentMethodId', $payment_methods[$key]['id']); + $result = $stmt->execute(); + $subscription = $result->fetchArray(SQLITE3_ASSOC); + if ($subscription) { + $payment_methods[$key]['in_use'] = true; + } else { + $payment_methods[$key]['in_use'] = false; + } + } + + $response = [ + "success" => true, + "title" => "payment_methods", + "payment_methods" => $payment_methods, + "notes" => [] + ]; + + echo json_encode($response); + + $db->close(); + +} else { + $response = [ + "success" => false, + "title" => "Invalid request method" + ]; + echo json_encode($response); + exit; +} + +?> \ No newline at end of file diff --git a/api/settings/get_settings.php b/api/settings/get_settings.php new file mode 100644 index 000000000..1ff920d4f --- /dev/null +++ b/api/settings/get_settings.php @@ -0,0 +1,123 @@ + false, + "title" => "Missing parameters" + ]; + echo json_encode($response); + exit; + } + + $apiKey = $_REQUEST['api_key']; + + // Get user from API key + $sql = "SELECT * FROM user WHERE api_key = :apiKey"; + $stmt = $db->prepare($sql); + $stmt->bindValue(':apiKey', $apiKey); + $result = $stmt->execute(); + $user = $result->fetchArray(SQLITE3_ASSOC); + + // If the user is not found, return an error + if (!$user) { + $response = [ + "success" => false, + "title" => "Invalid API key" + ]; + echo json_encode($response); + exit; + } + + $userId = $user['id']; + + $sql = "SELECT * FROM settings WHERE user_id = :userId"; + $stmt = $db->prepare($sql); + $stmt->bindValue(':userId', $userId); + $result = $stmt->execute(); + $settings = $result->fetchArray(SQLITE3_ASSOC); + + if ($settings) { + unset($settings['user_id']); + } + + $sql = "SELECT * FROM custom_colors WHERE user_id = :userId"; + $stmt = $db->prepare($sql); + $stmt->bindValue(':userId', $userId); + $result = $stmt->execute(); + $custom_colors = $result->fetchArray(SQLITE3_ASSOC); + if ($custom_colors) { + unset($custom_colors['user_id']); + $settings['custom_colors'] = $custom_colors; + } + + + $sql = "SELECT * FROM custom_css_style WHERE user_id = :userId"; + $stmt = $db->prepare($sql); + $stmt->bindValue(':userId', $userId); + $result = $stmt->execute(); + $custom_css = $result->fetchArray(SQLITE3_ASSOC); + if ($custom_css) { + unset($custom_css['user_id']); + $settings['custom_css'] = $custom_css; + } + + $response = [ + "success" => true, + "title" => "settings", + "settings" => $settings, + "notes" => [] + ]; + + echo json_encode($response); + + $db->close(); + +} else { + $response = [ + "success" => false, + "title" => "Invalid request method" + ]; + echo json_encode($response); + exit; +} + +?> \ No newline at end of file diff --git a/api/subscriptions/get_monthly_cost.php b/api/subscriptions/get_monthly_cost.php index e0e7f4bc5..fcd72bfa0 100644 --- a/api/subscriptions/get_monthly_cost.php +++ b/api/subscriptions/get_monthly_cost.php @@ -1,17 +1,30 @@ false, + "title" => "Missing parameters" + ]; + echo json_encode($response); + exit; + } + + function getPriceConverted($price, $currency, $database) + { + $query = "SELECT rate FROM currencies WHERE id = :currency"; + $stmt = $database->prepare($query); + $stmt->bindParam(':currency', $currency, SQLITE3_INTEGER); + $result = $stmt->execute(); + + $exchangeRate = $result->fetchArray(SQLITE3_ASSOC); + if ($exchangeRate === false) { + return $price; + } else { + $fromRate = $exchangeRate['rate']; + return $price / $fromRate; + } + } + + $apiKey = $_REQUEST['api_key']; + + // Get user from API key + $sql = "SELECT * FROM user WHERE api_key = :apiKey"; + $stmt = $db->prepare($sql); + $stmt->bindValue(':apiKey', $apiKey); + $result = $stmt->execute(); + $user = $result->fetchArray(SQLITE3_ASSOC); + + // If the user is not found, return an error + if (!$user) { + $response = [ + "success" => false, + "title" => "Invalid API key" + ]; + echo json_encode($response); + exit; + } + + $userId = $user['id']; + $userCurrencyId = $user['main_currency']; + + // Get last exchange update date for user + $sql = "SELECT * FROM last_exchange_update WHERE user_id = :userId"; + $stmt = $db->prepare($sql); + $stmt->bindValue(':userId', $userId); + $result = $stmt->execute(); + $lastExchangeUpdate = $result->fetchArray(SQLITE3_ASSOC); + + $canConvertCurrency = empty($lastExchangeUpdate['date']) ? false : true; + + // Get currencies for user + $sql = "SELECT * FROM currencies WHERE user_id = :userId"; + $stmt = $db->prepare($sql); + $stmt->bindValue(':userId', $userId); + $result = $stmt->execute(); + $currencies = []; + while ($currency = $result->fetchArray(SQLITE3_ASSOC)) { + $currencies[$currency['id']] = $currency; + } + + // Get categories for user + $sql = "SELECT * FROM categories WHERE user_id = :userId"; + $stmt = $db->prepare($sql); + $stmt->bindValue(':userId', $userId); + $result = $stmt->execute(); + $categories = []; + while ($category = $result->fetchArray(SQLITE3_ASSOC)) { + $categories[$category['id']] = $category['name']; + } + + // Get members for user + $sql = "SELECT * FROM household WHERE user_id = :userId"; + $stmt = $db->prepare($sql); + $stmt->bindValue(':userId', $userId); + $result = $stmt->execute(); + $members = []; + while ($member = $result->fetchArray(SQLITE3_ASSOC)) { + $members[$member['id']] = $member['name']; + } + + // Get payment methods for user + $sql = "SELECT * FROM payment_methods WHERE user_id = :userId"; + $stmt = $db->prepare($sql); + $stmt->bindValue(':userId', $userId); + $result = $stmt->execute(); + $paymentMethods = []; + while ($paymentMethod = $result->fetchArray(SQLITE3_ASSOC)) { + $paymentMethods[$paymentMethod['id']] = $paymentMethod['name']; + } + + $sort = "next_payment"; + if (isset($_REQUEST['sort'])) { + $sort = $_REQUEST['sort']; + } + + $sortOrder = $sort; + $allowedSortCriteria = ['name', 'id', 'next_payment', 'price', 'payer_user_id', 'category_id', 'payment_method_id', 'inactive', 'alphanumeric']; + $order = ($sort == "price" || $sort == "id") ? "DESC" : "ASC"; + + if ($sort == "alphanumeric") { + $sort = "name"; + } + + if (!in_array($sort, $allowedSortCriteria)) { + $sort = "next_payment"; + } + + $sql = "SELECT * FROM subscriptions WHERE user_id = :userId"; + + if (isset($_REQUEST['member'])) { + $memberIds = explode(',', $_REQUEST['member']); + $placeholders = array_map(function ($key) { + return ":member{$key}"; + }, array_keys($memberIds)); + + $sql .= " AND payer_user_id IN (" . implode(',', $placeholders) . ")"; + + foreach ($memberIds as $key => $memberId) { + $params[":member{$key}"] = $memberId; + } + } + + if (isset($_REQUEST['category'])) { + $categoryIds = explode(',', $_REQUEST['category']); + $placeholders = array_map(function ($key) { + return ":category{$key}"; + }, array_keys($categoryIds)); + + $sql .= " AND category_id IN (" . implode(',', $placeholders) . ")"; + + foreach ($categoryIds as $key => $categoryId) { + $params[":category{$key}"] = $categoryId; + } + } + + if (isset($_REQUEST['payment'])) { + $paymentIds = explode(',', $_REQUEST['payment']); + $placeholders = array_map(function ($key) { + return ":payment{$key}"; + }, array_keys($paymentIds)); + + $sql .= " AND payment_method_id IN (" . implode(',', $placeholders) . ")"; + + foreach ($paymentIds as $key => $paymentId) { + $params[":payment{$key}"] = $paymentId; + } + } + + if (isset($_REQUEST['state']) && $_REQUEST['state'] != "") { + $sql .= " AND inactive = :inactive"; + $params[':inactive'] = $_REQUEST['state']; + } + + $orderByClauses = []; + + if (isset($_REQUEST['disabled_to_bottom']) && $_REQUEST['disabled_to_bottom'] === 'true') { + if (in_array($sort, ["payer_user_id", "category_id", "payment_method_id"])) { + $orderByClauses[] = "$sort $order"; + $orderByClauses[] = "inactive ASC"; + } else { + $orderByClauses[] = "inactive ASC"; + $orderByClauses[] = "$sort $order"; + } + } else { + $orderByClauses[] = "$sort $order"; + if ($sort != "inactive") { + $orderByClauses[] = "inactive ASC"; + } + } + + if ($sort != "next_payment") { + $orderByClauses[] = "next_payment ASC"; + } + + $sql .= " ORDER BY " . implode(", ", $orderByClauses); + + $stmt = $db->prepare($sql); + $stmt->bindValue(':userId', $userId, SQLITE3_INTEGER); + + + if (!empty($params)) { + foreach ($params as $key => $value) { + $stmt->bindValue($key, $value, SQLITE3_INTEGER); + } + } + + $result = $stmt->execute(); + + if ($result) { + $subscriptions = array(); + while ($row = $result->fetchArray(SQLITE3_ASSOC)) { + $subscriptions[] = $row; + } + } + + $subscriptionsToReturn = array(); + + foreach ($subscriptions as $subscription) { + $subscriptionToReturn = $subscription; + + if (isset($_REQUEST['convert_currency']) && $_REQUEST['convert_currency'] === 'true' && $canConvertCurrency && $subscription['currency_id'] != $userCurrencyId) { + $subscriptionToReturn['price'] = getPriceConverted($subscription['price'], $subscription['currency_id'], $db); + } else { + $subscriptionToReturn['price'] = $subscription['price']; + } + + $subscriptionToReturn['category_name'] = $categories[$subscription['category_id']]; + $subscriptionToReturn['payer_user_name'] = $members[$subscription['payer_user_id']]; + $subscriptionToReturn['payment_method_name'] = $paymentMethods[$subscription['payment_method_id']]; + + $subscriptionsToReturn[] = $subscriptionToReturn; + } + + + $response = [ + "success" => true, + "title" => "subscriptions", + "subscriptions" => $subscriptionsToReturn, + "notes" => [] + ]; + + echo json_encode($response); + + $db->close(); + exit; + + +} else { + $response = [ + "success" => false, + "title" => "Invalid request method" + ]; + echo json_encode($response); + exit; +} + + +?> \ No newline at end of file diff --git a/api/users/get_user.php b/api/users/get_user.php new file mode 100644 index 000000000..c6a691aee --- /dev/null +++ b/api/users/get_user.php @@ -0,0 +1,92 @@ + false, + "title" => "Missing parameters" + ]; + echo json_encode($response); + exit; + } + + $apiKey = $_REQUEST['api_key']; + + // Get user from API key + $sql = "SELECT * FROM user WHERE api_key = :apiKey"; + $stmt = $db->prepare($sql); + $stmt->bindValue(':apiKey', $apiKey); + $result = $stmt->execute(); + $user = $result->fetchArray(SQLITE3_ASSOC); + + // If the user is not found, return an error + if (!$user) { + $response = [ + "success" => false, + "title" => "Invalid API key" + ]; + echo json_encode($response); + exit; + } + + // remove password and api_key from array + $user['password'] = "********"; + $user['api_key'] = "********"; + + $response = [ + "success" => true, + "title" => "user", + "user" => $user, + "notes" => [] + ]; + + echo json_encode($response); + + $db->close(); + +} else { + $response = [ + "success" => false, + "title" => "Invalid request method" + ]; + echo json_encode($response); + exit; +} + +?> \ No newline at end of file diff --git a/includes/version.php b/includes/version.php index 3287fd772..9dd847774 100644 --- a/includes/version.php +++ b/includes/version.php @@ -1,3 +1,3 @@ \ No newline at end of file