| Server IP : 158.247.231.215 / Your IP : 216.73.216.10 Web Server : Apache/2.4.41 (Ubuntu) System : Linux CTMS 5.4.0-216-generic #236-Ubuntu SMP Fri Apr 11 19:53:21 UTC 2025 x86_64 User : www-data ( 33) PHP Version : 8.0.30 Disable Function : pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_get_handler,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,pcntl_async_signals,pcntl_unshare, MySQL : OFF | cURL : ON | WGET : ON | Perl : ON | Python : OFF | Sudo : ON | Pkexec : ON Directory : /mnt/blockstorage/ctms/api/custom-api/ |
Upload File : |
<?php
header('Access-Control-Allow-Origin: *');
header('Access-Control-Allow-Methods: POST, OPTIONS');
header("Access-Control-Allow-Headers: X-Requested-With, Content-Type, Authorization");
if ($_SERVER['REQUEST_METHOD'] === 'OPTIONS') {
http_response_code(200);
exit();
}
// Load WordPress and auth helper
require_once('/mnt/blockstorage/ctms/wp-load.php');
require_once('auth-helper.php');
include('../database.php');
// Verify JWT token
$user_id = verify_jwt_token();
if (!$user_id) {
send_error_response('User not authenticated', 401);
}
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
try {
// Get POST data
$request_id = isset($_POST['request_id']) ? intval($_POST['request_id']) : 0;
$admin_id = isset($_POST['admin_id']) ? intval($_POST['admin_id']) : 1;
if ($request_id <= 0) {
throw new Exception('request_id is required');
}
// Check if request exists and is pending
$check_sql = "SELECT r.*, c.title as content_title, v.version_number
FROM vr_download_requests r
INNER JOIN vr_contents c ON r.content_id = c.id
INNER JOIN vr_content_versions v ON r.version_id = v.id
WHERE r.id = $request_id";
$check_result = $conn->query($check_sql);
if (!$check_result || $check_result->num_rows === 0) {
throw new Exception('Request not found');
}
$request = $check_result->fetch_assoc();
if ($request['status'] !== 'pending') {
throw new Exception('Only pending requests can be approved');
}
// Update request status
$update_sql = "UPDATE vr_download_requests
SET status = 'approved',
approved_by = $admin_id,
approved_at = NOW()
WHERE id = $request_id";
if ($conn->query($update_sql) !== TRUE) {
throw new Exception('Failed to approve request: ' . $conn->error);
}
$response = array(
'status' => 'success',
'message' => 'Download request approved successfully',
'data' => array(
'request_id' => $request_id,
'user_id' => intval($request['user_id']),
'content_title' => $request['content_title'],
'version_number' => $request['version_number'],
'device_type' => $request['device_type'],
'status' => 'approved',
'approved_by' => $admin_id,
'approved_at' => date('Y-m-d H:i:s')
)
);
header('Content-Type: application/json');
echo json_encode($response);
} catch (Exception $e) {
$response = array(
'status' => 'error',
'message' => $e->getMessage()
);
header('Content-Type: application/json');
http_response_code(400);
echo json_encode($response);
}
$conn->close();
} else {
$response = array(
'status' => 'error',
'message' => 'Only POST requests are allowed'
);
header('Content-Type: application/json');
http_response_code(405);
echo json_encode($response);
}
?>