This repository has been archived by the owner on Sep 28, 2020. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 20
/
Copy pathajax.php
90 lines (79 loc) · 2.76 KB
/
ajax.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
<?php
/* Developed by Juno_okyo */
define('ROOT', __DIR__ . DIRECTORY_SEPARATOR);
require_once ROOT . 'config.php';
require_once ROOT . 'vendor/autoload.php';
function request($url)
{
if ( ! filter_var($url, FILTER_VALIDATE_URL)) {
return FALSE;
}
$options = array(
CURLOPT_URL => $url,
CURLOPT_RETURNTRANSFER => TRUE,
CURLOPT_HEADER => FALSE,
CURLOPT_FOLLOWLOCATION => TRUE,
CURLOPT_ENCODING => '',
CURLOPT_USERAGENT => 'Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/50.0.2661.87 Safari/537.36',
CURLOPT_AUTOREFERER => TRUE,
CURLOPT_CONNECTTIMEOUT => 15,
CURLOPT_TIMEOUT => 15,
CURLOPT_MAXREDIRS => 5,
CURLOPT_SSL_VERIFYHOST => 2,
CURLOPT_SSL_VERIFYPEER => 0
);
$ch = curl_init();
curl_setopt_array($ch, $options);
$response = curl_exec($ch);
$http_code = curl_getinfo($ch, CURLINFO_HTTP_CODE);
curl_close($ch);
unset($options);
return $http_code === 200 ? json_decode($response) : FALSE;
}
session_start();
// Check login status
if ( ! isset($_SESSION['logged_in']) OR (empty($_SERVER['HTTP_X_REQUESTED_WITH']) OR strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) !== 'xmlhttprequest')) {
$data = ['error' => TRUE];
}
if (isset($_GET['action']) && ! empty($_GET['action'])) {
$action = strtolower($_GET['action']);
$db = new MysqliDb(DB_HOST, DB_USER, DB_PASS, DB_NAME);
switch ($action) {
case 'delete':
if (isset($_POST['id']) && ! empty($_POST['id'])) {
$db->where('id', intval($_POST['id']));
$data = ['success' => $db->delete('messages')];
} else {
$data = ['error' => TRUE];
}
break;
case 'share':
if (isset($_POST['id'], $_POST['caption'], $_POST['path']) && ! empty($_POST['id']) && ! empty($_POST['caption']) && ! empty($_POST['path'])) {
$db->where('id', intval($_POST['id']));
$message = $db->getOne('messages');
if ($db->count === 1) {
$url = $_POST['path'] . 'share.php?txt=' . base64_encode($message['content']);
$caption = $_POST['caption'];
$json = request('https://graph.facebook.com/v2.10/me/photos?method=post&url=' . urlencode($url) . '&caption=' . urlencode($caption) . '&access_token=' . urlencode(ACCESS_TOKEN));
if ($json !== FALSE && isset($json->post_id)) {
$data = ['success' => TRUE, 'id' => $json->post_id];
} else {
$data = ['error' => TRUE];
}
} else {
$data = ['error' => TRUE];
}
} else {
$data = ['error' => TRUE];
}
break;
default:
$data = ['error' => TRUE];
break;
}
} else {
$data = ['error' => TRUE];
}
header('Content-Type: application/json');
echo json_encode($data);
exit;