T.ME/BIBIL_0DAY
CasperSecurity


Server : Apache/2
System : Linux server-15-235-50-60 5.15.0-164-generic #174-Ubuntu SMP Fri Nov 14 20:25:16 UTC 2025 x86_64
User : gositeme ( 1004)
PHP Version : 8.2.29
Disable Function : exec,system,passthru,shell_exec,proc_close,proc_open,dl,popen,show_source,posix_kill,posix_mkfifo,posix_getpwuid,posix_setpgid,posix_setsid,posix_setuid,posix_setgid,posix_seteuid,posix_setegid,posix_uname
Directory :  /home/gositeme/.cursor-server/data/User/History/-272d03be/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Current File : /home/gositeme/.cursor-server/data/User/History/-272d03be/sGT1.php
<?php
/**
 * Mark Notifications as Read API
 * Marks notifications as read for the current user
 */

header('Content-Type: application/json');
session_start();
require_once __DIR__ . '/../config/database.php';

// Check authentication
if (!isset($_SESSION['user_id'])) {
    echo json_encode(['success' => false, 'message' => 'Authentication required']);
    exit;
}

$user_id = $_SESSION['user_id'];
$pdo = getDBConnection();

if (!$pdo) {
    echo json_encode(['success' => false, 'message' => 'Database connection failed']);
    exit;
}

// Create notification_reads table if it doesn't exist
try {
    $pdo->exec("
        CREATE TABLE IF NOT EXISTS notification_reads (
            id INT AUTO_INCREMENT PRIMARY KEY,
            user_id INT NOT NULL,
            notification_type ENUM('friend_request', 'like', 'comment', 'artist_rating', 'track_rating') NOT NULL,
            notification_id INT NOT NULL,
            created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
            UNIQUE KEY unique_notification (user_id, notification_type, notification_id),
            FOREIGN KEY (user_id) REFERENCES users(id) ON DELETE CASCADE,
            INDEX idx_user_type (user_id, notification_type)
        ) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci
    ");
} catch (PDOException $e) {
    // Table might already exist, that's okay
    error_log("Notification reads table creation: " . $e->getMessage());
}

$action = $_POST['action'] ?? $_GET['action'] ?? 'mark_all_read';
$notification_type = $_POST['notification_type'] ?? null;
$notification_id = $_POST['notification_id'] ?? null;

try {
    if ($action === 'mark_all_read') {
        // Mark all notifications as read for this user
        // This means we'll mark all friend requests, likes, and comments as read
        
        // Mark all friend requests as read
        $stmt = $pdo->prepare("
            INSERT IGNORE INTO notification_reads (user_id, notification_type, notification_id)
            SELECT ?, 'friend_request', uf.id
            FROM user_friends uf
            WHERE uf.friend_id = ? AND uf.status = 'pending'
        ");
        $stmt->execute([$user_id, $user_id]);
        $friend_requests_marked = $stmt->rowCount();
        
        // Mark all likes as read
        $stmt = $pdo->prepare("
            INSERT IGNORE INTO notification_reads (user_id, notification_type, notification_id)
            SELECT ?, 'like', tl.id
            FROM track_likes tl
            JOIN music_tracks mt ON tl.track_id = mt.id
            WHERE mt.user_id = ? AND tl.user_id != ?
        ");
        $stmt->execute([$user_id, $user_id, $user_id]);
        $likes_marked = $stmt->rowCount();
        
        // Mark all comments as read
        $stmt = $pdo->prepare("
            INSERT IGNORE INTO notification_reads (user_id, notification_type, notification_id)
            SELECT ?, 'comment', tc.id
            FROM track_comments tc
            JOIN music_tracks mt ON tc.track_id = mt.id
            WHERE mt.user_id = ? AND tc.user_id != ?
        ");
        $stmt->execute([$user_id, $user_id, $user_id]);
        $comments_marked = $stmt->rowCount();
        
        $total_marked = $friend_requests_marked + $likes_marked + $comments_marked;
        
        echo json_encode([
            'success' => true,
            'message' => 'All notifications marked as read',
            'marked' => $total_marked,
            'breakdown' => [
                'friend_requests' => $friend_requests_marked,
                'likes' => $likes_marked,
                'comments' => $comments_marked
            ]
        ]);
        
    } elseif ($action === 'mark_single_read' && $notification_type && $notification_id) {
        // Mark a single notification as read
        $valid_types = ['friend_request', 'like', 'comment'];
        if (!in_array($notification_type, $valid_types)) {
            echo json_encode(['success' => false, 'message' => 'Invalid notification type']);
            exit;
        }
        
        $stmt = $pdo->prepare("
            INSERT IGNORE INTO notification_reads (user_id, notification_type, notification_id)
            VALUES (?, ?, ?)
        ");
        $stmt->execute([$user_id, $notification_type, $notification_id]);
        
        echo json_encode([
            'success' => true,
            'message' => 'Notification marked as read',
            'marked' => $stmt->rowCount()
        ]);
        
    } else {
        echo json_encode(['success' => false, 'message' => 'Invalid action']);
    }
    
} catch (PDOException $e) {
    error_log("Error marking notifications as read: " . $e->getMessage());
    echo json_encode(['success' => false, 'message' => 'Database error occurred']);
}

CasperSecurity Mini