new file mode 100644

@@ -0,0 +1,42 @@

+<?php

+/**

+ *  Copyright (C) 2021  Double Bastion LLC

+ *

+ *  This file is part of Roundpin, which is licensed under the

+ *  GNU Affero General Public License Version 3.0. The license terms

+ *  are detailed in the "LICENSE.txt" file located in the root directory.

+ */

+

+session_start();

+

+if (isset($_POST['s_ajax_call']) && ($_POST['s_ajax_call'] == $_SESSION['validate_s_access'])) {

+

+ define('ACCESSCONST', TRUE);

+

+ require('db-connect.php');

+

+    $username = $_POST['username'];

+

+    // Get the id of the current user from the 'app_users' table

+    $queryid = $mysqli->query("SELECT id, username, enabled FROM app_users WHERE BINARY username = '$username' AND enabled = 1");

+    $queryres = $queryid->fetch_array();

+    $userID = $queryres[0];

+

+    // Get the contacts for the current user

+    $querycont = $mysqli->query("SELECT id, user_id, contact_name, contact_desc, extension_number, contact_mobile, contact_num1, contact_num2, contact_email,

+                                 profile_picture_c FROM contacts WHERE user_id = '$userID'");

+    $contactsarr = [];

+    while ($querycontres = $querycont->fetch_row()) {

+           $contactsarr[] = ['contact_name' => $querycontres[2], 'contact_desc' => $querycontres[3], 'extension_number' => $querycontres[4], 'contact_mobile' => $querycontres[5],

+                             'contact_num1' => $querycontres[6], 'contact_num2' => $querycontres[7], 'contact_email' => $querycontres[8], 'profile_picture_c' => $querycontres[9]];

+    }

+

+    $contactsfromdb = ['contactsinfo' => $contactsarr];

+

+    echo json_encode($contactsfromdb);

+

+} else {

+     header("Location: roundpin-login.php");

+}

+

+?>