This repository has been archived by the owner on Jul 30, 2020. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathinserir.php
87 lines (79 loc) · 2.98 KB
/
inserir.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
<?php
error_reporting(0);
require("inc/connecta.php");
function getRealIpAddr(){
if (!empty($_SERVER['HTTP_CLIENT_IP'])){ //check ip from share internet
$ip=$_SERVER['HTTP_CLIENT_IP'];
}elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])){ //to check ip is pass from proxy
$ip=$_SERVER['HTTP_X_FORWARDED_FOR'];
}else{
$ip=$_SERVER['REMOTE_ADDR'];
}
return $ip;
};
function getPara($paramName){
/*
if (isset($_GET[$paramName])){
return $_GET[$paramName];
}
*/
if (isset($_POST[$paramName])){
return strip_tags($_POST[$paramName]);
}
return "";
};
//'partit_afectat=test&provincia=test&poblacio=test&coords=test&collegi_electoral=test&causa=test&reportador=test&contacte_reportador=test&comentari=test
$ip = getRealIpAddr();
$partit_afectat = getPara('partit_afectat');
$collegi_electoral = getPara('collegi_electoral');
$causa = getPara('causa');
$reportador = getPara('reportador');
$contacte_reportador = getPara('contacte_reportador');
$comentari = getPara('comentari');
$provincia = getPara('provincia');
$poblacio = getPara('poblacio');
$coords = getPara('coords');
$deviceid = getPara('deviceid');
$return = array();
if($ip){
$consulta = sprintf("SELECT * FROM `incidenciesEleccions`.`device_bans` WHERE deviceid = '%s' UNION SELECT * FROM `incidenciesEleccions`.`ip_bans` WHERE ip = '%s'",mysql_real_escape_string($deviceid),mysql_real_escape_string($ip));
$resultado = mysql_query($consulta, $link);
if (!$resultado) {
$return['message'] = "request_fail";
}else{
if(mysql_num_rows($resultado) > 0){
$return['message'] = "request_denied";
}else{
if ($partit_afectat != "" && $provincia != "" && $poblacio != "" && $collegi_electoral !="" && $causa != "" && $reportador != "" && $contacte_reportador != ""){
$consulta = sprintf("INSERT INTO `incidenciesEleccions`.`incidencies` ( `ip` , `partit_afectat` , `provincia`, `poblacio`, `coords` , `deviceid`,`collegi_electoral` , `causa` , `reportador` , `contacte_reportador` , `comentari`)
VALUES ('%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s');",
mysql_real_escape_string($ip),
mysql_real_escape_string($partit_afectat),
mysql_real_escape_string($provincia),
mysql_real_escape_string($poblacio),
mysql_real_escape_string($coords),
mysql_real_escape_string($deviceid),
mysql_real_escape_string($collegi_electoral),
mysql_real_escape_string($causa),
mysql_real_escape_string($reportador),
mysql_real_escape_string($contacte_reportador),
mysql_real_escape_string($comentari)
);
$resultado = mysql_query($consulta, $link);
if (!$resultado) {
//$return['message'] =mysql_error();
$return['message'] ="request_fail";
}else{
$return['message'] = "OK";
}
}else{
$return['message'] = "request_incomplete";
}
}
}
}else{
$return['message'] = "request_fail";
}
header('Cache-Control: no-cache, must-revalidate');
header('Content-type: application/json; charset=UTF-8');
echo json_encode ($return);