coderforhire/gist:2354509

## gistfile1.txt
?php
//GET GPS CO-ORDINATES AND COMPARE THEM TO DATABASE
include '/var/www/include/dbc.php';
app_page_protect();

$userid = mysql_real_escape_string($_SESSION['user_id']);

$shopid = mysql_real_escape_string($_POST['specid']);
$glong= mysql_real_escape_string($_POST['glong']);
$glat = mysql_real_escape_string($_POST['glat']);
$udid = mysql_real_escape_string($_POST['udid']);


//if(empty($_POST['glat']) || empty($_POST['glong']) && $shopid != '85'){
//exit('<messages><message id="1"><name></name><special></special><storerequires></storerequires><scanned></scanned><>Too Far</code></message></messages>');
//}


function getdist($point1,$point2,$uom='miles') {
        //      Use Haversine formula to calculate the great circle distance
        //              between two points identified by longitude and latitude
        switch (strtolower($uom)) {
                case 'km'       :
                        $earthMeanRadius = 6371.009; // km
                        break;
                case 'm'        :
                        $earthMeanRadius = 6371.009 * 1000; // km
                        break;
                case 'miles'    :
                        $earthMeanRadius = 3958.761; // miles
                        break;
                case 'yards'    :
                case 'yds'      :
                        $earthMeanRadius = 3958.761 * 1760; // miles
                        break;
                case 'feet'     :
                case 'ft'       :
                        $earthMeanRadius = 3958.761 * 1760 * 3; // miles
                        break;
                case 'nm'       :
                        $earthMeanRadius = 3440.069; // miles
                        break;
        }
        $deltaLatitude = deg2rad($point2['latitude'] - $point1['latitude']);
        $deltaLongitude = deg2rad($point2['longitude'] - $point1['longitude']);
        $a = sin($deltaLatitude / 2) * sin($deltaLatitude / 2) +
                 cos(deg2rad($point1['latitude'])) * cos(deg2rad($point2['latitude'])) *
                 sin($deltaLongitude / 2) * sin($deltaLongitude / 2);
        $c = 2 * atan2(sqrt($a), sqrt(1-$a));
        $distance = $earthMeanRadius * $c;
        return $distance;
}       //      function calculateDistanceFromL


//get current state of loyaltytbl for this user and this shop
$isnull = mysql_query("SELECT * from loyaltytbl where `userid` = '$userid' and `storeid` = '$shopid'") or die(mysql_error());
$isnullarray = mysql_fetch_assoc($isnull);
$lastscan = strtotime($isnullarray['Date']);
$unlimited = $isnullarray['unlimited'];
$storename = mysql_query("select *  from owners where `id` = '$shopid'") or die(mysql_error());
$name =  mysql_fetch_assoc($storename);
if($name['user_level'] == '3'){
exit('<messages><message id="1"><name>'.$name['business_name'].'</name><special></special><storerequires></storerequires><scanned></scanned><code>Program Not Supported</code></message></messages>');
};


$startPoint = array( 'latitude' =>$name['Latitude'],
                 'longitude'    =>$name['Longitude']
                   );
$endPoint = array( 'latitude'           =>$glat ,
                'longitude'     => $glong
                 );


$miles = round(getdist($startPoint, $endPoint, 'miles'),1);

if($miles > .75 && $shopid != '85'){
exit('<messages><message id="1"><name></name><special></special><storerequires></storerequires><scanned></scanned><code>Too Far</code></message></messages>');
}


//get current special that this shop is on
$current = mysql_query("select * from specials where `storeid` = '$shopid' order by `id` DESC limit 1") or die(mysql_error());
$currentspec =  mysql_fetch_assoc($current);
$specid=$currentspec['id'];

//make sure the establishment has a promo in case someone decides to fuck with other users

if(empty($currentspec['id'])){
exit('<messages><message id="1"><name>'.$name['business_name'].'</name><special></special><storerequires></storerequires><scanned></scanned><code>Program Not Supported</code></message></messages>');
}

//if the user has never used this shop before insert first entry for them
$favtest = mysql_query("SELECT * from favscans where `storeid`= '$shopid' AND `userid` = '$userid'");


if(mysql_num_rows($favtest) == 0  && mysql_num_rows($isnull) == 0)
{
mysql_query("INSERT INTO loyaltytbl (`userid`,`storeid`,`hopper`,`currentspecid`,`Date`) VALUES ('$userid','$shopid', 1 , '$specid',now())") or die(mysql_error());
mysql_query("INSERT INTO scanrecords (`storeid`, `userid`,`specid`,`udid`,`date`) VALUES ('$shopid', '$userid', '$isnullarray[currentspecid]','$udid', now())") or die(mysql_error());
mysql_query("INSERT INTO favscans (`storeid`, `userid`, `Date`) values ('$shopid', '$userid', now())") or die(mysql_error());
exit('<messages><message id="1"><name>'. $name['business_name'] .'</name><special>'.$currentspec['desc'].'</special><storerequires>'.$currentspec['x'].'</storerequires><scanned>1</scanned><code>Thanks for your first scan</code></message></messages>');
}


if(mysql_num_rows($isnull) == 0 ){
mysql_query("INSERT INTO loyaltytbl (`userid`,`storeid`,`hopper`,`currentspecid`,`Date`) VALUES ('$userid','$shopid', 1 , '$specid',now())") or die(mysql_error());
mysql_query("INSERT INTO scanrecords (`storeid`, `userid`,`specid`,`udid`,`date`) VALUES ('$shopid', '$userid', '$isnullarray[currentspecid]','$udid', now())") or die(mysql_error());
//mysql_query("INSERT INTO favscans (`storeid`, `userid`, `Date`) values ('$shopid', '$userid', now())") or die(mysql_error());
exit('<messages><message id="1"><name>'. $name['business_name'] .'</name><special>'.$currentspec['desc'].'</special><storerequires>'.$currentspec['x'].'</storerequires><scanned>1</scanned><code>Thanks for your first scan</code></message></messages>');
}


$todaypm = strtotime('midnight');

//make sure they have only scanned once per day
if( $lastscan == $todaypm && $unlimited = '0'){
exit('<messages><message id="1"><name></name><special></special><storerequires></storerequires><scanned></scanned><code>Too Many</code></message></messages>');
}
//if the user has used this shop check where they are at in the redemption stage
if(isset($isnullarray['currentspecid'])){
$tspec = mysql_query("Select * from specials where `id` = $isnullarray[currentspecid]");
$theirspecial = mysql_fetch_array($tspec);
        if($isnullarray['hopper'] < $theirspecial['x']){
        $inc = $isnullarray['hopper'];
        $inc++;
 	mysql_query("UPDATE loyaltytbl SET hopper = $inc, `Date` = now() WHERE userid = '$userid' AND storeid = '$shopid'") or die(mysql_error());
	$timesleft =  $theirspecial['x'] - $inc;
			if($timesleft =='0'){
        	mysql_query("UPDATE loyaltytbl SET hopper = 0 WHERE userid = '$userid' AND storeid = '$shopid'") or die(mysql_error());
		mysql_query("UPDATE loyaltytbl SET currentspecid = '$specid' WHERE userid = '$userid' AND storeid = '$shopid'") or die(mysql_error());
	mysql_query("INSERT INTO scanrecords (`storeid`,`userid`,`specid`,`udid`,`date`) VALUES ('$shopid', '$userid','$spec]','$udid',now())") or die(mysql_error());
           mysql_query("INSERT INTO redeemed (`storeid`,`userid`,`specid`,`Date`) VALUES ('$shopid', '$userid','$specid',now())") or die(mysql_error());
$code =  'QR'.mysql_insert_id();

			exit('<messages><message id="1"><name>'.$name['business_name'].'</name><data1>'.$code.'</data1><special>'.$theirspecial['desc'].'</special><storerequires>' . $theirspecial['x'] . '</storerequires><scanned>'.$timesleft.'</scanned><code>Thanks show the waitress to redeem</code></message></messages>');
		}
			else{

echo '<messages><message id="1"><name>'.$name['business_name'].'</name><special>'. $theirspecial['desc'] . '</special><storerequires>'. $theirspecial['x']. '</storerequires><scanned>'.$inc.'</scanned><code>Thanks you have '.$timesleft.' scans left to redeem</code></message></messages>';

mysql_query("INSERT INTO scanrecords (`storeid`, `userid`,`specid`, `date`) VALUES ('$shopid', '$userid',$isnullarray[currentspecid], now())") or die(mysql_error());
	}
 		}
}
?>
	?php
	//GET GPS CO-ORDINATES AND COMPARE THEM TO DATABASE
	include '/var/www/include/dbc.php';
	app_page_protect();

	$userid = mysql_real_escape_string($_SESSION['user_id']);

	$shopid = mysql_real_escape_string($_POST['specid']);
	$glong= mysql_real_escape_string($_POST['glong']);
	$glat = mysql_real_escape_string($_POST['glat']);
	$udid = mysql_real_escape_string($_POST['udid']);


	//if(empty($_POST['glat']) \|\| empty($_POST['glong']) && $shopid != '85'){
	//exit('<messages><message id="1"><name></name><special></special><storerequires></storerequires><scanned></scanned><>Too Far</code></message></messages>');
	//}




	function getdist($point1,$point2,$uom='miles') {
	// Use Haversine formula to calculate the great circle distance
	// between two points identified by longitude and latitude
	switch (strtolower($uom)) {
	case 'km' :
	$earthMeanRadius = 6371.009; // km
	break;
	case 'm' :
	$earthMeanRadius = 6371.009 * 1000; // km
	break;
	case 'miles' :
	$earthMeanRadius = 3958.761; // miles
	break;
	case 'yards' :
	case 'yds' :
	$earthMeanRadius = 3958.761 * 1760; // miles
	break;
	case 'feet' :
	case 'ft' :
	$earthMeanRadius = 3958.761 * 1760 * 3; // miles
	break;
	case 'nm' :
	$earthMeanRadius = 3440.069; // miles
	break;
	}
	$deltaLatitude = deg2rad($point2['latitude'] - $point1['latitude']);
	$deltaLongitude = deg2rad($point2['longitude'] - $point1['longitude']);
	$a = sin($deltaLatitude / 2) * sin($deltaLatitude / 2) +
	cos(deg2rad($point1['latitude'])) * cos(deg2rad($point2['latitude'])) *
	sin($deltaLongitude / 2) * sin($deltaLongitude / 2);
	$c = 2 * atan2(sqrt($a), sqrt(1-$a));
	$distance = $earthMeanRadius * $c;
	return $distance;
	} // function calculateDistanceFromL



	//get current state of loyaltytbl for this user and this shop
	$isnull = mysql_query("SELECT * from loyaltytbl where `userid` = '$userid' and `storeid` = '$shopid'") or die(mysql_error());
	$isnullarray = mysql_fetch_assoc($isnull);
	$lastscan = strtotime($isnullarray['Date']);
	$unlimited = $isnullarray['unlimited'];
	$storename = mysql_query("select * from owners where `id` = '$shopid'") or die(mysql_error());
	$name = mysql_fetch_assoc($storename);
	if($name['user_level'] == '3'){
	exit('<messages><message id="1"><name>'.$name['business_name'].'</name><special></special><storerequires></storerequires><scanned></scanned><code>Program Not Supported</code></message></messages>');
	};




	$startPoint = array( 'latitude' =>$name['Latitude'],
	'longitude' =>$name['Longitude']
	);
	$endPoint = array( 'latitude' =>$glat ,
	'longitude' => $glong
	);


	$miles = round(getdist($startPoint, $endPoint, 'miles'),1);

	if($miles > .75 && $shopid != '85'){
	exit('<messages><message id="1"><name></name><special></special><storerequires></storerequires><scanned></scanned><code>Too Far</code></message></messages>');
	}


	//get current special that this shop is on
	$current = mysql_query("select * from specials where `storeid` = '$shopid' order by `id` DESC limit 1") or die(mysql_error());
	$currentspec = mysql_fetch_assoc($current);
	$specid=$currentspec['id'];

	//make sure the establishment has a promo in case someone decides to fuck with other users

	if(empty($currentspec['id'])){
	exit('<messages><message id="1"><name>'.$name['business_name'].'</name><special></special><storerequires></storerequires><scanned></scanned><code>Program Not Supported</code></message></messages>');
	}

	//if the user has never used this shop before insert first entry for them
	$favtest = mysql_query("SELECT * from favscans where `storeid`= '$shopid' AND `userid` = '$userid'");


	if(mysql_num_rows($favtest) == 0 && mysql_num_rows($isnull) == 0)
	{
	mysql_query("INSERT INTO loyaltytbl (`userid`,`storeid`,`hopper`,`currentspecid`,`Date`) VALUES ('$userid','$shopid', 1 , '$specid',now())") or die(mysql_error());
	mysql_query("INSERT INTO scanrecords (`storeid`, `userid`,`specid`,`udid`,`date`) VALUES ('$shopid', '$userid', '$isnullarray[currentspecid]','$udid', now())") or die(mysql_error());
	mysql_query("INSERT INTO favscans (`storeid`, `userid`, `Date`) values ('$shopid', '$userid', now())") or die(mysql_error());
	exit('<messages><message id="1"><name>'. $name['business_name'] .'</name><special>'.$currentspec['desc'].'</special><storerequires>'.$currentspec['x'].'</storerequires><scanned>1</scanned><code>Thanks for your first scan</code></message></messages>');
	}



	if(mysql_num_rows($isnull) == 0 ){
	mysql_query("INSERT INTO loyaltytbl (`userid`,`storeid`,`hopper`,`currentspecid`,`Date`) VALUES ('$userid','$shopid', 1 , '$specid',now())") or die(mysql_error());
	mysql_query("INSERT INTO scanrecords (`storeid`, `userid`,`specid`,`udid`,`date`) VALUES ('$shopid', '$userid', '$isnullarray[currentspecid]','$udid', now())") or die(mysql_error());
	//mysql_query("INSERT INTO favscans (`storeid`, `userid`, `Date`) values ('$shopid', '$userid', now())") or die(mysql_error());
	exit('<messages><message id="1"><name>'. $name['business_name'] .'</name><special>'.$currentspec['desc'].'</special><storerequires>'.$currentspec['x'].'</storerequires><scanned>1</scanned><code>Thanks for your first scan</code></message></messages>');
	}




	$todaypm = strtotime('midnight');

	//make sure they have only scanned once per day
	if( $lastscan == $todaypm && $unlimited = '0'){
	exit('<messages><message id="1"><name></name><special></special><storerequires></storerequires><scanned></scanned><code>Too Many</code></message></messages>');
	}
	//if the user has used this shop check where they are at in the redemption stage
	if(isset($isnullarray['currentspecid'])){
	$tspec = mysql_query("Select * from specials where `id` = $isnullarray[currentspecid]");
	$theirspecial = mysql_fetch_array($tspec);
	if($isnullarray['hopper'] < $theirspecial['x']){
	$inc = $isnullarray['hopper'];
	$inc++;
	mysql_query("UPDATE loyaltytbl SET hopper = $inc, `Date` = now() WHERE userid = '$userid' AND storeid = '$shopid'") or die(mysql_error());
	$timesleft = $theirspecial['x'] - $inc;
	if($timesleft =='0'){
	mysql_query("UPDATE loyaltytbl SET hopper = 0 WHERE userid = '$userid' AND storeid = '$shopid'") or die(mysql_error());
	mysql_query("UPDATE loyaltytbl SET currentspecid = '$specid' WHERE userid = '$userid' AND storeid = '$shopid'") or die(mysql_error());
	mysql_query("INSERT INTO scanrecords (`storeid`,`userid`,`specid`,`udid`,`date`) VALUES ('$shopid', '$userid','$spec]','$udid',now())") or die(mysql_error());
	mysql_query("INSERT INTO redeemed (`storeid`,`userid`,`specid`,`Date`) VALUES ('$shopid', '$userid','$specid',now())") or die(mysql_error());
	$code = 'QR'.mysql_insert_id();

	exit('<messages><message id="1"><name>'.$name['business_name'].'</name><data1>'.$code.'</data1><special>'.$theirspecial['desc'].'</special><storerequires>' . $theirspecial['x'] . '</storerequires><scanned>'.$timesleft.'</scanned><code>Thanks show the waitress to redeem</code></message></messages>');
	}
	else{

	echo '<messages><message id="1"><name>'.$name['business_name'].'</name><special>'. $theirspecial['desc'] . '</special><storerequires>'. $theirspecial['x']. '</storerequires><scanned>'.$inc.'</scanned><code>Thanks you have '.$timesleft.' scans left to redeem</code></message></messages>';

	mysql_query("INSERT INTO scanrecords (`storeid`, `userid`,`specid`, `date`) VALUES ('$shopid', '$userid',$isnullarray[currentspecid], now())") or die(mysql_error());
	}
	}
	}
	?>