File Manager

Editing: save-fcm-token.php

<?php
declare(strict_types=1);

// ── CORS ─────────────────────────────────────────────────────────────────────
// Cordova Android WebView identifies itself as https://localhost or file://
// Both must be allowed or the preflight fetch will be blocked
$origin = $_SERVER['HTTP_ORIGIN'] ?? '';

$allowedOrigins = [
    'https://eizononline.com',
    'https://www.eizononline.com',
    'https://localhost',
    'http://localhost',
    'file://',
];

if (in_array($origin, $allowedOrigins, true) || $origin === '') {
    header('Access-Control-Allow-Origin: ' . ($origin !== '' ? $origin : '*'));
} else {
    header('Access-Control-Allow-Origin: https://eizononline.com');
}

header('Access-Control-Allow-Methods: POST, OPTIONS');
header('Access-Control-Allow-Headers: Content-Type');
header('Access-Control-Max-Age: 3600');
header('Content-Type: application/json; charset=utf-8');

// Preflight must return 200 immediately — 204 causes issues with some WebViews
if ($_SERVER['REQUEST_METHOD'] === 'OPTIONS') {
    http_response_code(200);
    exit;
}

if ($_SERVER['REQUEST_METHOD'] !== 'POST') {
    http_response_code(405);
    echo json_encode(['error' => 'Method not allowed']);
    exit;
}

// ── Read input ────────────────────────────────────────────────────────────────
$raw   = file_get_contents('php://input');
$input = json_decode($raw, true);

if (!$input || empty($input['fcm_token'])) {
    http_response_code(400);
    echo json_encode(['error' => 'Missing fcm_token']);
    exit;
}

$token    = trim($input['fcm_token']);
$platform = 'android';
$userId   = isset($input['user_id']) && is_numeric($input['user_id'])
            ? (int)$input['user_id'] : null;

if (strlen($token) < 100 || strlen($token) > 512) {
    http_response_code(400);
    echo json_encode(['error' => 'Invalid token']);
    exit;
}

// ── Database ──────────────────────────────────────────────────────────────────
$host   = '127.0.0.1';
$port   = '3306';
$dbname = 'u404542307_eizon';
$dbuser = 'u404542307_dacotywebsites';
$dbpass = 'daCotywebs1te5';

try {
    $pdo = new PDO(
        "mysql:host=$host;port=$port;dbname=$dbname;charset=utf8mb4",
        $dbuser,
        $dbpass,
        [
            PDO::ATTR_ERRMODE            => PDO::ERRMODE_EXCEPTION,
            PDO::ATTR_DEFAULT_FETCH_MODE => PDO::FETCH_ASSOC,
            PDO::ATTR_EMULATE_PREPARES   => false,
        ]
    );
} catch (PDOException $e) {
    error_log('[EIZON] DB connection error: ' . $e->getMessage());
    http_response_code(500);
    echo json_encode(['error' => 'Server error']);
    exit;
}

// ── Save or update token ──────────────────────────────────────────────────────
$sql = "
    INSERT INTO fcm_tokens (user_id, fcm_token, platform, is_active)
    VALUES (:user_id, :token, :platform, 1)
    ON DUPLICATE KEY UPDATE
        user_id    = COALESCE(:user_id2, user_id),
        is_active  = 1,
        updated_at = NOW()
";

try {
    $stmt = $pdo->prepare($sql);
    $stmt->execute([
        ':user_id'  => $userId,
        ':token'    => $token,
        ':platform' => $platform,
        ':user_id2' => $userId,
    ]);
    echo json_encode(['success' => true]);
} catch (PDOException $e) {
    error_log('[EIZON] Save token error: ' . $e->getMessage());
    http_response_code(500);
    echo json_encode(['error' => 'DB error']);
}

⬅ Back