use \Evolution\CodeIgniterDB as CI; use \Psr\Http\Message\ResponseInterface as Response; use \Psr\Http\Message\ServerRequestInterface as Request; use \Respect\Validation\Validator as v; error_reporting(E_ALL-E_WARNING-E_NOTICE); require 'vendor/autoload.php'; require './lib/SoapApi.php'; require './lib/config.php'; require './lib/Email.php'; session_start(); $configuration = [ 'settings' => [ 'displayErrorDetails' => true, ], ]; $c = new \Slim\Container($configuration); $c['errorHandler'] = function ($c) { return function ($request, $response, $exception) use ($c) { return $c['response']->withStatus(500) ->withHeader('Content-Type', 'application/json') ->write(json_encode(['error_message' => 'Something went wrong!', 'status' => 500])); // header('Content-type: application/json'); // header('Access-Control-Allow-Origin: *'); // header('Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS'); // header('Access-Control-Allow-Headers: Origin, Content-Type, Accept, Authorization, X-Request-With'); // header('Access-Control-Allow-Credentials: true'); // echo json_encode(['error_message' => 'Something went wrong!', 'status' => 500], JSON_NUMERIC_CHECK); }; }; $c['notFoundHandler'] = function ($c) { return function ($request, $response) use ($c) { return $c['response'] ->withStatus(404) ->withHeader('Content-Type', 'application/json') ->write(json_encode(['error_message' => 'Page Not Found!', 'status' => 404])); // header('Content-type: application/json'); // header('Access-Control-Allow-Origin: *'); // header('Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS'); // header('Access-Control-Allow-Headers: Origin, Content-Type, Accept, Authorization, X-Request-With'); // header('Access-Control-Allow-Credentials: true'); // echo json_encode(['error_message' => 'Page Not Found!', 'status' => 404], JSON_NUMERIC_CHECK); }; }; $c['notAllowedHandler'] = function ($c) { return function ($request, $response, $methods) use ($c) { return $c['response'] ->withStatus(405) ->withHeader('Allow', implode(', ', $methods)) ->withHeader('Content-type', 'application/json') ->write(json_encode(['error_message' => 'Method Not Found!', 'status' => 405])); // header('Content-type: application/json'); // header('Access-Control-Allow-Origin: *'); // header('Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS'); // header('Access-Control-Allow-Headers: Origin, Content-Type, Accept, Authorization, X-Request-With'); // header('Access-Control-Allow-Credentials: true'); // echo json_encode(['error_message' => 'Method Not Found!', 'status' => 405], JSON_NUMERIC_CHECK); }; }; $c['view'] = function ($c) { $view = new \Slim\Views\Twig('theme/templates', [ 'cache' => 'theme/cache', ]); $view->addExtension(new \Slim\Views\TwigExtension( $c['router'], $c['request']->getUri() )); return $view; }; $app = new \Slim\App($c); function echoResponse($data, $response, $status = 200, $error = false) { $output = new stdClass(); $output->result = $data; $output->error = $error; $output->status = $status; // $response->withHeader('Access-Control-Allow-Origin', '*'); // //$response->withHeader('Access-Control-Allow-Methods', 'POST, GET, OPTIONS, DELETE, PUT'); // $response->withHeader('Content-type', 'application/json'); // $response->write(json_encode($output, JSON_NUMERIC_CHECK)); // //d($response, 1); // $response->withHeader('Content-type', 'application/json'); // $response->withHeader('Access-Control-Allow-Origin', '*'); // $response->withHeader('Access-Control-Allow-Methods', 'GET, POST, PUT, DELETE, PATCH, OPTIONS'); // $response->withHeader('Access-Control-Allow-Headers', 'Origin, Content-Type, Accept, Authorization, X-Request-With'); // $response->withHeader('Access-Control-Allow-Credentials', 'true'); // $response->write(json_encode($output, JSON_NUMERIC_CHECK)); // return $response; header('Content-type: application/json'); header('Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS'); header('Access-Control-Allow-Headers: Origin, Content-Type, Accept, Authorization, X-Request-With'); header('Access-Control-Allow-Credentials: true'); echo json_encode($output); } $app->get('/', function (Request $request, Response $response, $args) use ($app) { $this->view->render($response, 'index.html', []); }); /** * show all now showing movies from Website */ $app->get('/now-showing', function (Request $request, Response $response, $args) use ($db_config, $app) { $db = &CI\DB($db_config); $sql = "SELECT t1.*,t2.ref_id as bbo_movie_id FROM movie as t1 RIGHT JOIN nowshowing as t2 ON t1.movie_id = t2.movie_id WHERE t2.ns_status=1"; $result = $db->query($sql)->result(); $db->close(); return echoResponse($result, $response, 200, false); }); /** * Showing all coming soon movies from Website */ $app->get('/coming-soon', function (Request $request, Response $response, $args) use ($db_config, $app) { $db = &CI\DB($db_config); $sql = "SELECT t1.*,t2.cstatus FROM movie as t1 RIGHT JOIN comingsoon as t2 ON t1.movie_id = t2.movie_id WHERE t2.cstatus=1 AND t1.movie_id >0"; $result = $db->query($sql)->result(); $db->close(); //d($result,1); return echoResponse($result, $response, 200, false); }); /** * Showing all available show date from API */ $app->get('/show-dates', function (Request $request, Response $response, $args) use ($db_config, $app) { $api = new API(); $result = $api->getShowdates(); //d($result,1); $output = new stdClass(); if ($result->responseData->dateList) { //d($result,1); if(is_array($result->responseData->dateList)){ foreach ($result->responseData->dateList as $key => $value) { if (isset($value->showdate)) { $output->showdate[] = $value->showdate; } } }else{ $output->showdate[0] = $result->responseData->dateList->showdate; } $output->response = $result; } return echoResponse($output, $response, 200, false); }); /** * Showing all available movies by show date from API */ $app->get('/available-movies/{showdate}', function ($request, $response, $args) use ($db_config, $app) { $output = new stdClass(); $api = new API(); $result = $api->getAvailableMoviesDetails($args); if (isset($result->responseData->movielist) && is_array($result->responseData->movielist) && !empty($result->responseData->movielist)) { foreach ($result->responseData->movielist as $key => $value) { $output->movies[$key] = $value; } }else{ $output->movies[0] = $result->responseData->movielist; } $output->response = $result; //d($output, 1); return echoResponse($output, $response, 200, false); }); /** * showing showtimes by showdate & movie id from API */ $app->get('/show-times/{showdate}/{movieId:[0-9]+}', function ($request, $response, $args) use ($db_config, $app) { $output = new stdClass(); $api = new API(); $result = $api->getAvailableShowTimes($args); // d($result,1); if (isset($result->responseData->showTimeList) && is_array($result->responseData->showTimeList) && !empty($result->responseData->showTimeList)) { foreach ($result->responseData->showTimeList as $key => $value) { $output->showtimes[$key] = $value; } //d($result,1); }else{ $output->showtimes[0] = $result->responseData->showTimeList; } //$output->response = $result; //d($output, 1); return echoResponse($output, $response, 200, false); }); /** * Showing Seat Types by Program Id (Program Id returns from show times api called) */ $app->get('/seat-types/{programid}', function ($request, $response, $args) use ($db_config, $app) { $output = new stdClass(); $api = new API(); $result = $api->getSeatTypes($args); //d($result, 1); if (isset($result->responseData->seatTypeList) && is_array($result->responseData->seatTypeList) && !empty($result->responseData->seatTypeList)) { foreach ($result->responseData->seatTypeList as $key => $value) { $output->seattypes[$key] = $value; } }else{ $output->seattypes[0] = $result->responseData->seatTypeList; } //$output->response = $result; //d($output, 1); return echoResponse($output, $response, 200, false); }); /** * Showing Ticket Price By Program Id & Seat Type */ $app->get('/ticket-price/{programid}/{seattype}', function ($request, $response, $args) use ($app) { $output = new stdClass(); $api = new API(); $result = $api->getTicketPrice($args); if (isset($result->responseData)) { $output->price = $result->responseData->amount; } //$output->response = $result; return echoResponse($output, $response, 200, false); }); /** * Post Booking */ $app->post('/booking', function ($request, $response, $args) use ($db_config, $app) { $output = new stdClass(); $api = new API(); $params['customername'] = $request->getParam('customername'); $params['mobilenumber'] = $request->getParam('mobilenumber'); $params['nooftickets'] = $request->getParam('nooftickets'); $params['programid'] = $request->getParam('programid'); $params['seattype'] = $request->getParam('seattype'); $params['showdate'] = date('d/m/Y',strtotime($request->getParam('showdate'))); $params['totalamount'] = $request->getParam('totalamount'); $result = $api->booking($params); if (isset($result->responseData)) { $output->booking = $result->responseData; $output->params = $params; } $output->response = $result; //d($output, 1); return echoResponse($output, $response, 200, false); }); $app->get('/booking', function ($request, $response, $args) use ($db_config, $app) { $output = new stdClass(); $api = new API(); $params['customername'] = "Md. Ataur Rahman"; $params['mobilenumber'] = "01532043016"; $params['nooftickets'] = 1; $params['programid'] = 55143; $params['seattype'] = 1; $params['showdate'] = "05-04-2016"; $params['totalamount'] = 250; $result = $api->booking($params); if (isset($result->responseData)) { $output->booking = $result->responseData; $output->params = $params; } $output->response = $result; //d($output, 1); return echoResponse($output, $response, 200, false); }); /** * Purchase */ $app->post('/purchage', function ($request, $response, $args) use ($db_config, $app) { $output = new stdClass(); $api = new API(); $params['trancode'] = $request->getParam('trancode'); $params['tickamt'] = $request->getParam('tickamt'); $result = $api->purchage($params); if (isset($result->responseData)) { $output->purchage = $result->responseData; } $output->response = $result; return echoResponse($output, $response, 200, false); }); /** * Purchase Confirmation */ $app->post('/purchage/confirmation', function ($request, $response, $args) use ($app) { $output = new stdClass(); $api = new API(); $params['trancode'] = $request->getParam('trancode'); $params['tickamt'] = $request->getParam('tickamt'); $result = $api->purchage($params); //d($result, 1); if (isset($result->responseData)) { $output->params = $params; $output->purchage = $result; } return echoResponse($output, $response, 200, false); }); /** * Get Log data for marchant * request params: marchantid,tranDateFrom,tranDateTo,tranid,status */ $app->get('/logs',function($request,$response,$args) use ($app) { $output = new stdClass(); $api = new API(); $params['marchantid'] = $request->getParam('marchantid').''; $params['tranDateFrom'] = $request->getParam('tranDateFrom').''; $params['tranDateTo'] = $request->getParam('tranDateTo').''; $params['tranid'] = $request->getParam('tranid').''; $params['status'] = $request->getParam('status').''; $params['loc'] = $request->getParam('loc').''; //d($params,1); $result = $api->getLogData($params); //d($result, 1); if (isset($result->responseData)) { $output->params = $params; $output->logs = $result; } return echoResponse($output, $response, 200, false); }); $app->get('/logs/test',function($request,$response,$args) use ($app) { $output = new stdClass(); $api = new API(); $params['marchantid'] = 'cineplex'; $params['tranDateFrom'] = '11/04/2016'; $params['tranDateTo'] = '20/04/2016'; $params['tranid'] = ''; $params['status'] = ''; //d($params,1); $result = $api->getLogData($params); //d($result, 1); if (isset($result->responseData)) { $output->params = $params; $output->logs = $result; } return echoResponse($output, $response, 200, false); }); // $app->get('/purchage/confirmation/{:trancode}', function ($request, $response, $args) use ($app) { // $output = new stdClass(); // $api = new API(); // $params['trancode'] = $args['trancode']; // $result = $api->purchage($params); // //d($result, 1); // if (isset($result->responseData)) { // $output->purchage = $result->responseData; // } // return echoResponse($output, $response, 200, false); // }); // $app->get('/purchage/confirmation', function ($request, $response, $args) use ($app) { // $output = new stdClass(); // $api = new API(); // $params['trancode'] = '2282016042030'; // $result = $api->purchage($params); // //d($result, 1); // if (isset($result->responseData)) { // $output->purchage = $result; // } // return echoResponse($output, $response, 200, false); // }); //include './routes/user.php'; /** * */ $app->post('/user/login', function (Request $request, Response $response, $args) use ($db_config, $app) { $db = &CI\DB($db_config); $password = sha1($request->getParam('password')); // $login = mysqli_escape_string(trim($request->getParam('username'))); $login = trim($request->getParam('username')); if (v::regex('/^01(1|5|6|7|8|9)\d{8}$/')->validate($login)) { $sql = "SELECT * FROM users WHERE mobile='$login' AND password='$password'"; } else if (v::alnum('_.')->noWhitespace()->validate($login)) { $sql = "SELECT * FROM users WHERE username='$login' AND password='$password'"; } else if (v::email()->validate($login)) { $sql = "SELECT * FROM users WHERE email='$login' AND password='$password'"; } else { return echoResponse(["error_message" => "Invalid Login"], $response, 200, true); } $result = $db->query($sql)->row(); $db->close(); if (is_object($result) && !empty($result)) { @session_destroy(); @session_start(); $_SESSION['user'] = $result; return echoResponse(['session' => $_SESSION], $response, 200, false); } else { return echoResponse(['error_message' => 'Invalid Login'], $response, 200, true); } }); $app->get('/user/session', function (Request $request, Response $response, $args) use ($db_config, $app) { $session = isset($_SESSION['user']) ? $_SESSION['user'] : false; if (!$session) { return echoResponse(['session' => false], $response, 200, true); } $result = $db->get_where('users', ['id' => $session->id])->row(); $db->close(); if (is_object($result) && !empty($result)) { $_SESSION['user'] = $result; return echoResponse(['session' => $_SESSION], $response, 200, false); } else { return echoResponse(['session' => $_SESSION], $response, 200, true); } }); $app->get('/user/username/{username}', function (Request $request, Response $response, $args) use ($db_config, $app) { $db = &CI\DB($db_config); $username = mysql_escape_string(trim($args['username'])); $sql = "SELECT *FROM users WHERE username='$username'"; $result = $db->query($sql)->row(); $db->close(); if (is_object($result) && !empty($result)) { return echoResponse($result, $response, 200, false); } else { return echoResponse(['error_message' => 'No user found'], $response, 200, true); } }); $app->get('/user/email/{email}', function (Request $request, Response $response, $args) use ($db_config, $app) { $db = &CI\DB($db_config); $email = mysql_escape_string(trim($args['email'])); $sql = "SELECT *FROM users WHERE email='$email'"; $result = $db->query($sql)->row(); $db->close(); if (is_object($result) && !empty($result)) { return echoResponse($result, $response, 200, false); } else { return echoResponse(['error_message' => 'No user found'], $response, 200, true); } }); $app->get('/user/mobile/{mobile}', function (Request $request, Response $response, $args) use ($db_config, $app) { $db = &CI\DB($db_config); $mobile = mysql_escape_string(trim($args['mobile'])); $sql = "SELECT *FROM users WHERE mobile='$mobile'"; $result = $db->query($sql)->row(); $db->close(); if (is_object($result) && !empty($result)) { return echoResponse($result, $response, 200, false); } else { return echoResponse(['error_message' => 'No user found'], $response, 200, true); } }); $app->get('/user/{id:[0-9]+}', function (Request $request, Response $response, $args) use ($db_config, $app) { $db = &CI\DB($db_config); $id = mysql_escape_string(trim($args['id'])); $sql = "SELECT *FROM users WHERE id='$id'"; $result = $db->query($sql)->row(); $db->close(); if (is_object($result) && !empty($result)) { return echoResponse($result, $response, 200, false); } else { return echoResponse(['error_message' => 'No user found'], $response, 200, true); } }); $app->get('/user', function (Request $request, Response $response, $args) use ($db_config, $app) { $db = &CI\DB($db_config); $sql = "SELECT *FROM users WHERE 1"; $result = $db->query($sql)->result(); $db->close(); if (is_object($result) && !empty($result)) { return echoResponse($result, $response, 200, false); } else { return echoResponse(['error_message' => 'No user found'], $response, 200, true); } }); $app->post('/user/forgot', function (Request $request, Response $response, $args) use ($db_config, $app, $mail_config) { $db = &CI\DB($db_config); $login = mysql_escape_string(trim($request->getParam('login'))); if (v::regex('/^01(1|5|6|7|8|9)\d{8}$/')->validate($login)) { $sql = "SELECT * FROM users WHERE mobile='$login'"; } else if (v::alnum('_.')->noWhitespace()->validate($login)) { $sql = "SELECT * FROM users WHERE username='$login'"; } else if (v::email()->validate($login)) { $sql = "SELECT * FROM users WHERE email='$login'"; } else { return echoResponse(["error_message" => "Invalid User"], $response, 200, true); } $result = $db->query($sql)->row(); $db->close(); $output = new stdClass(); if (is_object($result) && !empty($result)) { $user = new stdClass(); $user->password_recovery_code = $result->id . rand(100000, 999999); $user->updated_by = 'cinemobileapp'; $user->updated_at = date("Y-m-d H:i:s"); if ($db->update('users', $user)) { $email = new Email($mail_config); $email->from('base@ataur.me', 'Base Limited'); $email->to('ataur.me71@gmail.com'); // $email->cc('another@another-example.com'); // $email->bcc('them@their-example.com'); $email->subject('Email Test'); $email->message('Testing the email class.'); $email->attach('index.php'); $email->attach('Email.php'); if ($email->send()) { $output->succes_message = "A password recovery code has been sent to your email address. Please check your email to get the code & put it here."; $output->resend = '/user/resend/' . $user->id; } else { $output->error_message = 'Sorry! we could not send you the password recovery code right now. Please try again later.'; $output->resend = '/user/resend/' . $user->id; } } else { $output->error_message = 'Sorry! we could not generate the password recovery code for you right now. Please try again later.'; $output->resend = '/user/resend/' . $user->id; } return echoResponse($output, $response, 200, false); } else { return echoResponse(['error_message' => 'Invalid User'], $response, 200, true); } }); /** */ $app->post('/user/resend/{id}', function (Request $request, Response $response, $args) use ($db_config, $app, $mail_config) { $db = &CI\DB($db_config); $id = intval(trim($args['id'])); $result = $db->get_where('users', ['id' => $id])->row(); $db->close(); $output = new stdClass(); if (is_object($result) && !empty($result)) { $user = new stdClass(); $user->password_recovery_code = $result->id . rand(100000, 999999); $user->updated_by = 'cinemobileapp'; $user->updated_at = date("Y-m-d H:i:s"); if ($db->update('users', $user)) { $email = new Email($mail_config); $email->from('base@ataur.me', 'Base Limited'); $email->to('ataur.me71@gmail.com'); // $email->cc('another@another-example.com'); // $email->bcc('them@their-example.com'); $email->subject('Email Test'); $email->message('Testing the email class.'); $email->attach('index.php'); $email->attach('Email.php'); if ($email->send()) { $output->succes_message = "A password recovery code has been sent to your email address. Please check your email to get the code & put it here."; $output->resend = '/user/resend/' . $user->id; } else { $output->error_message = 'Sorry! we could not send you the password recovery code right now. Please try again later.'; $output->resend = '/user/resend/' . $user->id; } } else { $output->error_message = 'Sorry! we could not generate the password recovery code for you right now. Please try again later.'; $output->resend = '/user/resend/' . $user->id; } return echoResponse($output, $response, 200, false); } else { return echoResponse(['error_message' => 'Invalid User'], $response, 200, true); } }); /** * User logs out */ $app->get('/user/logout', function (Request $request, Response $response, $args) use ($db_config, $app) { @session_destroy(); @session_start(); return echoResponse(['session' => false, 'logout' => true], $response, 200, false); }); /** * Create new user */ $app->post('/user', function (Request $request, Response $response, $args) use ($db_config, $app, $mail_config) { $db = &CI\DB($db_config); include './lib/civalidation/validation.php'; //d($_POST,1); $v = new Validation(); $v->set_db($db); $v->set_rules('name','Name','required|callback_alpha[\'.\']|callback_length[3,50]'); $v->set_rules('username', 'Username', 'required|callback_noWhitespace|callback_alnum|callback_length[3,20]|is_unique[users.username]'); $v->set_rules('email', 'Email', 'required|callback_email|is_unique[users.email]'); $v->set_rules('mobile', 'Mobile', 'required|valid_bd_phone_no|is_unique[users.mobile]'); $v->set_rules('gender','Gender','required|callback_in[\'Male Female Unknown\']'); $v->set_rules('dob','Date of Birth','required|callback_date[Y-m-d]|callback_minimumAge[13,Y-m-d]'); $v->set_rules('password', 'Password', 'required|min_length[8]'); $v->set_rules('password_confirm', 'Password Confirmation', 'required|matches[password]'); $output = new stdClass; if ($v->run() == FALSE) { if(trim($v->error('name'))!='') $output->errors['name'] = $v->error('name'); if(trim($v->error('username'))!='') $output->errors['username'] = $v->error('username'); if(trim($v->error('email'))!='') $output->errors['email'] = $v->error('email'); if(trim($v->error('mobile'))!='') $output->errors['mobile'] = $v->error('mobile'); if(trim($v->error('gender'))!='') $output->errors['gender'] = $v->error('gender'); if(trim($v->error('dob'))!='') $output->errors['dob'] = $v->error('dob'); if(trim($v->error('password'))!='') $output->errors['password'] = $v->error('password'); if(trim($v->error('password_confirm'))!='') $output->errors['password_confirm'] = $v->error('password_confirm'); return echoResponse($output, $response, 403, true); } else { $user = new stdClass; $user->name = $request->getParam('name'); $user->username = $request->getParam('username'); $user->email = $request->getParam('email'); $user->password = sha1($request->getParam('password')); $user->gender = $request->getParam('gender'); $user->mobile = $request->getParam('mobile'); $user->dob = $request->getParam('dob'); $user->profile_extra = json_encode($request->getParam('profile_extra')); $db->insert('users',$user); $output->id = $db->insert_id(); return echoResponse($output, $response, 200, false); } }); $app->get('/payment', function (Request $request, Response $response, $args) use ($db_config, $app, $mail_config) { }); $app->post('/payment/success', function (Request $request, Response $response, $args) use ($db_config, $app, $mail_config) { $db = &CI\DB($db_config); $user = new stdClass; }); $app->post('/payment/fail', function (Request $request, Response $response, $args) use ($db_config, $app, $mail_config) { $db = &CI\DB($db_config); $user = new stdClass; }); $app->post('/payment/cancel', function (Request $request, Response $response, $args) use ($db_config, $app, $mail_config) { $db = &CI\DB($db_config); $user = new stdClass; }); // $app->get('/booking2', function ($request, $response, $args) use ($db_config, $app) { // $output = new stdClass(); // $api = new API(); // $params['customername'] = "Ataur"; // $params['mobilenumber'] = "01532043016"; // $params['nooftickets'] = 1; // $params['programid'] = 51291; // $params['seattype'] = 1; // $params['showdate'] = "28/02/2016"; // $params['totalamount'] = 250; // $result = $api->booking($params); // if (isset($result->responseData)) { // $output->booking = $result->responseData; // $output->params = $params; // } // //d($output, 1); // return echoResponse($output, $response, 200, false); // }); $app->run();