new file mode 100644

@@ -0,0 +1,47 @@

+<?php

+/**

+ *  Copyright (C) 2021  Double Bastion LLC

+ *

+ *  This file is part of Roundpin, which is licensed under the

+ *  GNU Affero General Public License Version 3.0. The license terms

+ *  are detailed in the "LICENSE.txt" file located in the root directory.

+ */

+

+session_start();

+

+ // header('Set-Cookie: PHPSESSID= ' . session_id() . '; SameSite=strict; Secure=true; HttpOnly=true;');

+

+if (isset($_POST['s_ajax_call']) && ($_POST['s_ajax_call'] == $_SESSION['validate_s_access'])) {

+

+    define('ACCESSCONST', TRUE);

+

+    require('db-connect.php');

+

+    $username = $_POST['username'];

+    $contactName = $_POST['contact_name'];

+

+    // Get the id of the user for which we want to update the contact data

+    $query1 = $mysqli->prepare("SELECT id, username FROM app_users WHERE BINARY username = ?");

+    $query1->bind_param("s", $username);

+    $query1->execute();

+    $queryres = $query1->get_result()->fetch_assoc();

+    $userID = $queryres['id'];

+

+    // Get the row id from the 'contacts' table, for the current contact

+    $query2 = $mysqli->prepare("SELECT id, user_id, contact_name FROM contacts WHERE user_id = ? AND contact_name = ?");

+    $query2->bind_param("is", $userID, $contactName);

+    $query2->execute();

+    $fetchInfo = $query2->get_result()->fetch_assoc();

+    $contactRowId = $fetchInfo['id'];

+

+    if ($contactRowId != '' && $contactRowId != null && $contactRowId != 'undefined') {

+        $CntctDatabaseId = $contactRowId;

+        $messagetosend = 'success';

+    } else { $CntctDatabaseId = ''; $messagetosend = "An error occurred while getting the contact\'s row id!"; }

+

+    $response = ['successorfailure' => $messagetosend, 'cntctDatabaseID' => $CntctDatabaseId];

+    echo json_encode($response);

+

+} else { header("Location: ../login.php"); }

+

+?>