HEX
Server: Apache/2.4.59 (Debian)
System: Linux keymana 4.19.0-21-cloud-amd64 #1 SMP Debian 4.19.249-2 (2022-06-30) x86_64
User: lijunjie (1003)
PHP: 7.4.33
Disabled: pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_get_handler,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,pcntl_async_signals,pcntl_unshare,
$ pwd: /var/www/html/wp-content/themes/ormedia/qrpatrol/
Upload Files
File: /var/www/html/wp-content/themes/ormedia/qrpatrol/api3.php
<?php

ini_set('display_errors', 1);
ini_set('display_startup_errors', 1);
error_reporting(E_ALL);

require_once 'formr/class.formr.php';
require "libs/HTML_Object.php";

header("Content-Encoding: UTF-8"); 

// Defines HTML_Object() Class
$objHTML = new HTML_Object();
$objHTMLDocument = clone $objHTML->Document;
$objHTMLDocument->head()
    ->title("E-Go QR patrol interface")
        ->cssURL("includes/tables.css");


$leftPanel = "";
$rightPanel = "";
$body = "";
$table = "";

$leftPanel .= "<p><img src='assets/logo.png' alt='E-Go Logo'></p> ";

$form = new Formr();
// make all fields required
$form->required = '*';
// check if the form was submitted
if($form->submit()) {

	// process and validate the POST data
	$username = $form->post('uname','Username','slug');
	$password = $form->post('passwd','Password','min_length[6]');
	$fromDate = $form->post('fromDate','From Date');
	$toDate = $form->post('toDate','To Date');
	
	// check if there were any errors
	if(!$form->errors()) {
		// no errors
		// user has entered a valid email address, username, and confirmed their password
		echo $form->success_message('Welcome ' . $username.".");
	}
}

$snapshotTypes = array(
''=>'ALL',
'START'=>'START',
'FINISH'=>'FINISH',
'TEST'=>'TEST',
'SCAN'=>'SCAN',
'NFCSCAN'=>'NFC SCAN',
'MISSEDSCAN'=>'MISSED SCAN',
'INMSG'=>'MME',
'CHECKPOINT SCAN'=>'CHECKPOINT SCAN',
'INCIDENT'=>'INCIDENT',
'MANDOWN'=>'MANDOWN',
'SOS'=>'SOS'
);



$leftPanel .=  $form->messages();
$leftPanel .=  $form->form_open();
$leftPanel .=  $form->heading("Title","Batch incident download");
$leftPanel .=  "</br>";
$leftPanel .=  $form->input_text('uname',"Username");
$leftPanel .=  "</br>";
$leftPanel .=  $form->input_password('passwd', "Password");
$leftPanel .=  "</br>";
$leftPanel .=  $form->input_date('fromDate',"From Date", date("Y-m-d", strtotime("-1 months")));
$leftPanel .=  "</br>";
$leftPanel .=  $form->input_date('toDate', "To Date", date("Y-m-d"));
$leftPanel .=  "</br>";
$leftPanel .=  $form->input_select("ssType[]", "Type<br></br>" , "" ,"","","", $form->post('ssType') ,$snapshotTypes);
$leftPanel .=  "<br></br>";
$leftPanel .=  $form->input_submit();
$leftPanel .=  $form->form_close();

//API Url
$url = 'https://ws.followmystaff.com/api/v3/getToken';
//Initiate cURL.
$ch = curl_init($url);
//The JSON data.
$jsonData = array(
    'username' => $username,
    'password' => $password
);

#var_dump($jsonData);
 
//Encode the array into JSON.
$jsonDataEncoded = json_encode($jsonData);
//Tell cURL that we want to send a POST request.
curl_setopt($ch, CURLOPT_POST, 1);
//Attach our encoded JSON string to the POST fields.
curl_setopt($ch, CURLOPT_POSTFIELDS, $jsonDataEncoded);
//Set the content type to application/json
curl_setopt($ch, CURLOPT_HTTPHEADER, array('Content-Type: application/json')); 
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
//Execute the request
$result = curl_exec($ch);
$resultArray = json_decode($result);
$apiToken = $resultArray->apiToken;

// convert POST captured dates to unix dates
$toDate = strtotime($toDate);;
$fromDate = strtotime($fromDate);

//API Url
$url2 = 'https://ws.followmystaff.com/api/v3/transactions?fromDate='.$fromDate.'&toDate='.$toDate;


if(strlen($form->post('ssType')[0]) > 0){
	$url2 .= '&snapshot='.'[';
	
	foreach ($form->post('ssType') as $value){
		$url2 .= '"'.$value.'",';
	}

	$url2 = rtrim($url2, ',');
	$url2 .= ']';
}
#$url2 = 'https://ws.followmystaff.com/api/v3/transactions?limit=5&fromDate=1565020800&toDate=1567699200';
#var_dump($url2);

$ch2 = curl_init($url2);
#curl_setopt($ch2, CURLOPT_POST, 1);

curl_setopt ( $ch2, CURLOPT_HTTPHEADER, array ('x-access-token:'.$apiToken) ); 
curl_setopt($ch2, CURLOPT_RETURNTRANSFER, true);


$result2 = curl_exec($ch2);
#var_dump($result2);
$jsonFileName = 'incidents/example.json';
$jfp = fopen($jsonFileName, 'w');
fwrite($jfp, $result2);
fclose($jfp);
$jsonDecoded = json_decode($result2, true);
//Give our CSV file a name.

$csvFileName = 'incidents/'.$username.$fromDate.'_ptrlData.csv';
//Open file pointer.
$fp = fopen($csvFileName, 'w');

if($apiToken==Null&&$username!=Null){
	echo "Auth Failed";
}
else{
	$rightPanel .= $objHTML->div("</br>Total record(s): ".intdiv($jsonDecoded["displaying"],3));
	$temp = file_get_contents($csvFileName);
	$temp = iconv('UTF-8','cp950',$temp);
	file_put_contents($csvFileName,$temp);
	
	// Assigns HTML Table object
	$objHTMLTable = clone $objHTML->Table;
	$objHTMLTable->setClass('table-grid');


	$head = array(
		"TID"=> "ID",
		"Time_stamp"=> "",
		"Type"=> "",
		"Guard_Login"=> "",
		"Guard_Name"=> "",
		"Checkpoint"=> "",
		"Branch_Name"=> "",
		"siteID"=> "",
		"Map"=> "",
		"companyID"=> ""
	
	);
		
	// Registers table row with the header columns
	$objHTMLTable->row("row-head")
	    	->head("No", array('width'=>'10'))
	    	->head("Time_Stamp", array('width'=>'130'))
		->head("Type")
		->head("Guard_Login")
		->head("Guard_Name")
		->head("Checkpoint")
		->head("Incident types")
#		->head("siteID")
		->head("Map")
		->head("MME");
	$objHTMLTable->apply();
	
	// Looping proces for registering table row with the columns
	$i = 0;
	foreach ($jsonDecoded["rows"] as $key => $value) {
#	foreach ($jsonDecoded["rows"]["PatrolPoint"] as $value) {
#	for ($i = 0; $i < count($jsonDecoded["rows"][$i]); $i++){
	    $i++;
	    if($i%3!=0){
	    	#`echo "SKIP! bc:".$i%3;
		continue;
            }

	$MME_link ="";
	if($value["snapshot"]=='INMSG')
	{
		$MME_link = "<a href='showMME.php?tid=".$value["ID"]."&apiToken=$apiToken' target='_new'>MME</a>";	
		$MME_link = $objHTML->link("MME", "showMME.php?tid=".$value["ID"]."&apiToken=$apiToken", null ,null , array("target"=>"_new"));
	}	
	
		$tempID = $value['ID'];

	    $objHTMLTable->row("row-$i")
		->col(intdiv($i,3) . ". ", array('align'=>'right', 'title'=>"$tempID"))
		->col($value["submitted"])
		->col($value["snapshot"])
		->col($value["guardID"])
		->col($value["Guard"]["alias"])
		->col($value["PatrolPoint"]["notes"])
		->col($value["scanvalue"])
		->col($objHTML->link("Open","maps.php?lat=".$value["latitude"]."&long=".$value["longitude"]."&zoom=13", null, null, array("target"=>"_new")))
		->col($MME_link);
		$objHTMLTable->apply();

	     	// to do:
		// now add all these data to CSV 

		$csvData = array(
		Date("Y-m-d hh:mm:ss",$value["submitted"]),
		$value["snapshot"],
		$value["guardID"],
		iconv("UTF-8", "Big5", $value["Guard"]["alias"]),
		iconv("UTF-8", "Big5", $value["PatrolPoint"]["notes"]),
		iconv("UTF-8", "Big5", $value["scanvalue"]));
		fputcsv($fp ,$csvData);
	}

	// Fetches HTML Table and assigns to $table variable
	$table .= $objHTMLTable->fetch();
	
	// Assigns $body variable that contains HTML Tags is generated by HTML Object
	$rightPanel .= $table;
}

if($jsonDecoded["displaying"]!=0)
{
	$rightPanel .= $objHTML->link("Download CSV File" , "$csvFileName" , null, null, array("target"=>"_new") ); 
}

//joins both panels together
#$body .= $leftPanel;
#$body .= $rightPanel;
// Assigns HTML Table frame layouts object
$frameTable = clone $objHTML->Table;
$frameTable->setClass('frame');

$frameTable->row("row")
	->style("frame")
	->col($leftPanel)
	->col($rightPanel);
#$frameTable->attribute("valign" , "top");
$frameTable->apply();

$body .= $frameTable->fetch();



$objHTMLDocument->body()
        ->content($body);
$objHTMLDocument->display();

//Finally, close the file pointer.
fclose($fp);

?>
@ Telegram