mirror of
https://github.com/ellite/Wallos.git
synced 2025-12-29 18:08:12 -05:00
355 lines
13 KiB
PHP
355 lines
13 KiB
PHP
<?php
|
|
/*
|
|
This API Endpoint accepts both POST and GET requests.
|
|
It receives the following parameters:
|
|
- member: comma-separated IDs of the members to filter (integer) default null.
|
|
- category: the ID of the category to filter (integer) default null.
|
|
- payment_method: the ID of the payment method to filter (integer) default null.
|
|
- state: the state of the subscription to filter (boolean) default null [0 - active, 1 - inactive].
|
|
- disabled_to_bottom: whether to sort the inactive subscriptions to the bottom (boolean) default false.
|
|
- sort: the sorting method (string) default next_payment ['name', 'id', 'next_payment', 'price', 'payer_user_id', 'category_id', 'payment_method_id', 'inactive', 'alphanumeric'].
|
|
- convert_currency: whether to convert to the main currency (boolean) default false.
|
|
- api_key: the API key of the user.
|
|
|
|
It returns a JSON object with the following properties:
|
|
- success: whether the request was successful (boolean).
|
|
- title: the title of the response (string).
|
|
- subscriptions: an array of subscriptions.
|
|
- notes: warning messages or additional information (array).
|
|
|
|
Example response:
|
|
{
|
|
"success": true,
|
|
"title": "subscriptions",
|
|
"subscriptions": [
|
|
{
|
|
"id": 1,
|
|
"name": "Example Subscription",
|
|
"logo": "example.png",
|
|
"price": 10.00,
|
|
"currency_id": 1,
|
|
"start_date": "2024-09-01",
|
|
"next_payment": "2024-09-01",
|
|
"cycle": 1,
|
|
"frequency": 1,
|
|
"auto_renew": 1,
|
|
"notes": "Example note",
|
|
"payment_method_id": 1,
|
|
"payer_user_id": 1,
|
|
"category_id": 1,
|
|
"notify": 1,
|
|
"url": "https://example.com",
|
|
"inactive": 0,
|
|
"notify_days_before": 1,
|
|
"user_id": 1,
|
|
"cancelation_date": null,
|
|
"cancellation_date": "",
|
|
"category_name": "General",
|
|
"payer_user_name": "John Doe",
|
|
"payment_method_name": "PayPal"
|
|
},
|
|
{
|
|
"id": 2,
|
|
"name": "Another Subscription",
|
|
"logo": "another.png",
|
|
"price": 15.00,
|
|
"currency_id": 2,
|
|
"start_date": "2024-09-02",
|
|
"next_payment": "2024-09-02",
|
|
"cycle": 1,
|
|
"frequency": 1,
|
|
"auto_renew": 0,
|
|
"notes": "",
|
|
"payment_method_id": 2,
|
|
"payer_user_id": 2,
|
|
"category_id": 2,
|
|
"notify": 0,
|
|
"url": "",
|
|
"inactive": 1,
|
|
"notify_days_before": null,
|
|
"user_id": 2,
|
|
"cancelation_date": null,
|
|
"cancellation_date": "",
|
|
"category_name": "Entertainment",
|
|
"payer_user_name": "Jane Doe",
|
|
"payment_method_name": "Credit Card",
|
|
"replacement_subscription_id": 1
|
|
}
|
|
],
|
|
"users": [
|
|
{
|
|
"id": 1,
|
|
"name": "admin",
|
|
"email": "admin@example.com"
|
|
},
|
|
{
|
|
"id": 2,
|
|
"name": "user",
|
|
"email": "user@example.com"
|
|
}
|
|
],
|
|
"notes": []
|
|
}
|
|
*/
|
|
|
|
require_once '../../includes/connect_endpoint.php';
|
|
|
|
header('Content-Type: application/json; charset=UTF-8');
|
|
|
|
if ($_SERVER["REQUEST_METHOD"] === "POST" || $_SERVER["REQUEST_METHOD"] === "GET") {
|
|
// if the parameters are not set, return an error
|
|
$apiKey = $_REQUEST['api_key'] ?? $_REQUEST['apiKey'] ?? null;
|
|
if (!$apiKey) {
|
|
$response = [
|
|
"success" => false,
|
|
"title" => "Missing parameters"
|
|
];
|
|
echo json_encode($response);
|
|
exit;
|
|
}
|
|
|
|
function getPriceConverted($price, $currency, $database)
|
|
{
|
|
$query = "SELECT rate FROM currencies WHERE id = :currency";
|
|
$stmt = $database->prepare($query);
|
|
$stmt->bindParam(':currency', $currency, SQLITE3_INTEGER);
|
|
$result = $stmt->execute();
|
|
$exchangeRate = $result->fetchArray(SQLITE3_ASSOC);
|
|
if ($exchangeRate === false) {
|
|
return $price;
|
|
} else {
|
|
$fromRate = $exchangeRate['rate'];
|
|
return $price / $fromRate;
|
|
}
|
|
}
|
|
|
|
// Get user from API key
|
|
$sql = "SELECT * FROM user WHERE api_key = :apiKey";
|
|
$stmt = $db->prepare($sql);
|
|
$stmt->bindValue(':apiKey', $apiKey);
|
|
$result = $stmt->execute();
|
|
$user = $result->fetchArray(SQLITE3_ASSOC);
|
|
|
|
// If the user is not found, return an error
|
|
if (!$user) {
|
|
$response = [
|
|
"success" => false,
|
|
"title" => "Invalid API key"
|
|
];
|
|
echo json_encode($response);
|
|
exit;
|
|
}
|
|
$userId = $user['id'];
|
|
$userCurrencyId = $user['main_currency'];
|
|
|
|
$allUserSubscription = isset($_REQUEST['all-user-subscription']) ? $_REQUEST['all-user-subscription'] : null;
|
|
if ($allUserSubscription == 1 && $userId != 1) {
|
|
$response = [
|
|
"success" => false,
|
|
"title" => "Denied. Not admin user"
|
|
];
|
|
echo json_encode($response);
|
|
exit;
|
|
}
|
|
|
|
// Get last exchange update date for user
|
|
$sql = "SELECT * FROM last_exchange_update WHERE user_id = :userId";
|
|
$stmt = $db->prepare($sql);
|
|
$stmt->bindValue(':userId', $userId);
|
|
$result = $stmt->execute();
|
|
$lastExchangeUpdate = $result->fetchArray(SQLITE3_ASSOC);
|
|
$canConvertCurrency = empty($lastExchangeUpdate['date']) ? false : true;
|
|
|
|
// Get currencies for user
|
|
$sql = "SELECT * FROM currencies WHERE user_id = :userId";
|
|
$stmt = $db->prepare($sql);
|
|
$stmt->bindValue(':userId', $userId);
|
|
$result = $stmt->execute();
|
|
$currencies = [];
|
|
while ($currency = $result->fetchArray(SQLITE3_ASSOC)) {
|
|
$currencies[$currency['id']] = $currency;
|
|
}
|
|
|
|
// Get categories for user
|
|
$sql = "SELECT * FROM categories WHERE user_id = :userId";
|
|
$stmt = $db->prepare($sql);
|
|
$stmt->bindValue(':userId', $userId);
|
|
$result = $stmt->execute();
|
|
$categories = [];
|
|
while ($category = $result->fetchArray(SQLITE3_ASSOC)) {
|
|
$categories[$category['id']] = $category['name'];
|
|
}
|
|
|
|
// Get members for user
|
|
$sql = "SELECT * FROM household WHERE user_id = :userId";
|
|
$stmt = $db->prepare($sql);
|
|
$stmt->bindValue(':userId', $userId);
|
|
$result = $stmt->execute();
|
|
$members = [];
|
|
while ($member = $result->fetchArray(SQLITE3_ASSOC)) {
|
|
$members[$member['id']] = $member['name'];
|
|
}
|
|
|
|
// Get payment methods for user
|
|
$sql = "SELECT * FROM payment_methods WHERE user_id = :userId";
|
|
$stmt = $db->prepare($sql);
|
|
$stmt->bindValue(':userId', $userId);
|
|
$result = $stmt->execute();
|
|
$paymentMethods = [];
|
|
while ($paymentMethod = $result->fetchArray(SQLITE3_ASSOC)) {
|
|
$paymentMethods[$paymentMethod['id']] = $paymentMethod['name'];
|
|
}
|
|
|
|
$sort = "next_payment";
|
|
if (isset($_REQUEST['sort'])) {
|
|
$sort = $_REQUEST['sort'];
|
|
}
|
|
$sortOrder = $sort;
|
|
$allowedSortCriteria = ['name', 'id', 'next_payment', 'price', 'payer_user_id', 'category_id', 'payment_method_id', 'inactive', 'alphanumeric'];
|
|
$order = ($sort == "price" || $sort == "id") ? "DESC" : "ASC";
|
|
if ($sort == "alphanumeric") {
|
|
$sort = "name";
|
|
}
|
|
if (!in_array($sort, $allowedSortCriteria)) {
|
|
$sort = "next_payment";
|
|
}
|
|
|
|
// Construction of the main SQL Query
|
|
$params = [];
|
|
if ($allUserSubscription == 1 && $userId == 1) {
|
|
$sql = "SELECT * FROM subscriptions";
|
|
} else {
|
|
$sql = "SELECT * FROM subscriptions WHERE user_id = :userId";
|
|
$params[':userId'] = $userId;
|
|
}
|
|
|
|
if (isset($_REQUEST['member'])) {
|
|
$memberIds = explode(',', $_REQUEST['member']);
|
|
$placeholders = array_map(function ($key) {
|
|
return ":member{$key}";
|
|
}, array_keys($memberIds));
|
|
$sql .= " AND payer_user_id IN (" . implode(',', $placeholders) . ")";
|
|
foreach ($memberIds as $key => $memberId) {
|
|
$params[":member{$key}"] = $memberId;
|
|
}
|
|
}
|
|
if (isset($_REQUEST['category'])) {
|
|
$categoryIds = explode(',', $_REQUEST['category']);
|
|
$placeholders = array_map(function ($key) {
|
|
return ":category{$key}";
|
|
}, array_keys($categoryIds));
|
|
$sql .= " AND category_id IN (" . implode(',', $placeholders) . ")";
|
|
foreach ($categoryIds as $key => $categoryId) {
|
|
$params[":category{$key}"] = $categoryId;
|
|
}
|
|
}
|
|
if (isset($_REQUEST['payment'])) {
|
|
$paymentIds = explode(',', $_REQUEST['payment']);
|
|
$placeholders = array_map(function ($key) {
|
|
return ":payment{$key}";
|
|
}, array_keys($paymentIds));
|
|
$sql .= " AND payment_method_id IN (" . implode(',', $placeholders) . ")";
|
|
foreach ($paymentIds as $key => $paymentId) {
|
|
$params[":payment{$key}"] = $paymentId;
|
|
}
|
|
}
|
|
if (isset($_REQUEST['state']) && $_REQUEST['state'] != "") {
|
|
$sql .= " AND inactive = :inactive";
|
|
$params[':inactive'] = $_REQUEST['state'];
|
|
}
|
|
|
|
$orderByClauses = [];
|
|
if (isset($_REQUEST['disabled_to_bottom']) && $_REQUEST['disabled_to_bottom'] === 'true') {
|
|
if (in_array($sort, ["payer_user_id", "category_id", "payment_method_id"])) {
|
|
$orderByClauses[] = "$sort $order";
|
|
$orderByClauses[] = "inactive ASC";
|
|
} else {
|
|
$orderByClauses[] = "inactive ASC";
|
|
$orderByClauses[] = "$sort $order";
|
|
}
|
|
} else {
|
|
$orderByClauses[] = "$sort $order";
|
|
if ($sort != "inactive") {
|
|
$orderByClauses[] = "inactive ASC";
|
|
}
|
|
}
|
|
if ($sort != "next_payment") {
|
|
$orderByClauses[] = "next_payment ASC";
|
|
}
|
|
$sql .= " ORDER BY " . implode(", ", $orderByClauses);
|
|
|
|
$stmt = $db->prepare($sql);
|
|
if (!empty($params)) {
|
|
foreach ($params as $key => $value) {
|
|
$stmt->bindValue($key, $value, SQLITE3_INTEGER);
|
|
}
|
|
}
|
|
$result = $stmt->execute();
|
|
if ($result) {
|
|
$subscriptions = array();
|
|
while ($row = $result->fetchArray(SQLITE3_ASSOC)) {
|
|
$subscriptions[] = $row;
|
|
}
|
|
}
|
|
$subscriptionsToReturn = array();
|
|
foreach ($subscriptions as $subscription) {
|
|
$subscriptionToReturn = $subscription;
|
|
if (isset($_REQUEST['convert_currency']) && $_REQUEST['convert_currency'] === 'true' && $canConvertCurrency && $subscription['currency_id'] != $userCurrencyId) {
|
|
$subscriptionToReturn['price'] = getPriceConverted($subscription['price'], $subscription['currency_id'], $db);
|
|
} else {
|
|
$subscriptionToReturn['price'] = $subscription['price'];
|
|
}
|
|
$subscriptionToReturn['category_name'] = isset($categories[$subscription['category_id']]) ? $categories[$subscription['category_id']] : 'No category';
|
|
$subscriptionToReturn['payer_user_name'] = isset($members[$subscription['payer_user_id']]) ? $members[$subscription['payer_user_id']] : 'Unknown member';
|
|
$subscriptionToReturn['payment_method_name'] = isset($paymentMethods[$subscription['payment_method_id']]) ? $paymentMethods[$subscription['payment_method_id']] : 'Unknown payment method';
|
|
$subscriptionsToReturn[] = $subscriptionToReturn;
|
|
}
|
|
|
|
$response = [
|
|
"success" => true,
|
|
"title" => "subscriptions",
|
|
"subscriptions" => $subscriptionsToReturn,
|
|
"notes" => []
|
|
];
|
|
|
|
if ($allUserSubscription == 1 && $userId == 1) {
|
|
$sql = "PRAGMA table_info(user)";
|
|
$stmt = $db->prepare($sql);
|
|
$result = $stmt->execute();
|
|
$userColumns = array();
|
|
while ($row = $result->fetchArray(SQLITE3_ASSOC)) {
|
|
$userColumns[] = $row['name'];
|
|
}
|
|
$userNameCol = in_array('username', $userColumns) ? 'username' : null;
|
|
$userEmailCol = in_array('email', $userColumns) ? 'email' : null;
|
|
if ($userNameCol && $userEmailCol) {
|
|
$sql = "SELECT id, $userNameCol as name, $userEmailCol as email FROM user";
|
|
} elseif ($userNameCol) {
|
|
$sql = "SELECT id, $userNameCol as name FROM user";
|
|
} elseif ($userEmailCol) {
|
|
$sql = "SELECT id, $userEmailCol as email FROM user";
|
|
} else {
|
|
$sql = "SELECT id FROM user";
|
|
}
|
|
$stmt = $db->prepare($sql);
|
|
$result = $stmt->execute();
|
|
$users = array();
|
|
while ($row = $result->fetchArray(SQLITE3_ASSOC)) {
|
|
$users[] = $row;
|
|
}
|
|
$response['users'] = $users;
|
|
}
|
|
|
|
echo json_encode($response);
|
|
$db->close();
|
|
exit;
|
|
|
|
|
|
} else {
|
|
$response = [
|
|
"success" => false,
|
|
"title" => "Invalid request method"
|
|
];
|
|
echo json_encode($response);
|
|
exit;
|
|
} |