· 4 years ago · May 06, 2021, 08:00 PM
1 case 'register':
2 if ($requestMethod == 'POST') {
3 $firstname = filter_input(INPUT_POST, 'firstname', FILTER_SANITIZE_STRING);
4 $lastname = filter_input(INPUT_POST, 'lastname', FILTER_SANITIZE_STRING);
5 $username = filter_input(INPUT_POST, 'username', FILTER_SANITIZE_STRING);
6 $email = filter_input(INPUT_POST, 'email', FILTER_SANITIZE_EMAIL);
7 $password = filter_input(INPUT_POST, 'password', FILTER_SANITIZE_STRING);
8 $language = filter_input(INPUT_POST, 'language', FILTER_SANITIZE_STRING);
9
10
11 if (
12 $firstname &&
13 $lastname &&
14 $username &&
15 $email &&
16 $password &&
17 $language
18 ) {
19
20 /*
21 *Checking if such an e-mail address or username exists
22 *if not add to database and return 201
23 *checking if such an e-mail address or username existsif not
24 *add to database and return 201if so, we check what repeated and
25 *return 400 + information about what repeated
26 */
27 $sql = "SELECT
28 count(case when email = '$email' then 1 else null end) as 'email',
29 count(case when username = '$username' then 1 else null end) as 'username'
30 FROM `users`;
31 ";
32
33 $result = $db->query($sql);
34 $result = $db->fetchByAssoc($result);
35 $row = $result[0];
36
37 if (!(intval($row['email']) or intval($row['username']))) {
38
39 $hash = password_hash($password, PASSWORD_BCRYPT);
40 $sql = "INSERT INTO
41 users (id, firstname, username, lastname, email, password, language)
42 VALUES ('', '$firstname', '$username', '$lastname', '$email', '$hash', '$language');
43 ";
44
45 $result = $db->query($sql);
46 echo json_encode(['ms' => 'sd']);
47 // sendResponse(201);
48 } else {
49
50 if (intval($row['email']) > 0 && intval($row['username']) > 0) {
51 sendResponse(400, 'email address and login are already registered');
52 } else if (intval($row['email'])) {
53 sendResponse(400, 'email address are already registered');
54 } else {
55 sendResponse(400, 'login are already registered');
56 }
57 }
58 } else {
59 /*
60 *incorrect or partial data was provided
61 */
62 sendResponse(400);
63 }
64 }
65 break;
66
67 case 'users':
68 if ($requestMethod == 'GET') {
69 $headers = getallheaders();
70 if (empty($headers['CP-Authorization'])) {
71 sendResponse(401, 'Token not found in request!');
72 }
73 $token = substr($headers['CP-Authorization'], 7);
74 if ($token) {
75 try {
76 $secretKey = $key;
77 $token = JWT::decode($token, $secretKey, [$algorithm]);
78
79 $data = [];
80 //$conn = mysqli_connect('localhost','root','','projektX');
81 //$zap= "SELECT * FROM users";
82 //$tablica[] = $zap->href;
83
84 /*
85 otworzyć połączenie do baz danych
86 napisać zapytanie zwracające wszystkich urzytkowiników z baz danych
87 wykonać zapytanie
88 wrzucić wszystkie rekordy do tablicy data
89 zamknąć połączenie do baz danych
90 */
91 echo json_encode($data);
92 exit;
93 } catch (Exception $e) {
94 /*
95 * the token was not able to be decoded.
96 * this is likely because the signature was not able to be verified (tampered token)
97 */
98 sendResponse(401);
99 }
100 } else {
101 /*
102 * No token was able to be extracted from the authorization header
103 */
104 sendResponse(400);
105 }
106 }
107 break;
108
109
110function sendResponse($code, $message = '')
111{
112 $description = '';
113 switch ($code) {
114 case 201:
115 $description = 'create a new user';
116 break;
117 case 400:
118 $description = 'Bad Request';
119 break;
120 case 401:
121 $description = 'Unauthorized';
122 break;
123 case 404:
124 $description = 'Not Found';
125 break;
126 case 405:
127 $description = 'Method Not Allowed';
128 break;
129 }
130
131 header('HTTP/1.0 ' . $code . ' ' . $description);
132 echo json_encode([
133 'message' => $message
134 ]);
135 exit;
136}