integrated EVERYTHING!
This commit is contained in:
StockiP
47
logic/getUserData.php
Normal file
47
logic/getUserData.php
Normal file
@@ -0,0 +1,47 @@
|
||||
<?php
|
||||
include($_SERVER['DOCUMENT_ROOT'] . '/logic/testinput.php');
|
||||
|
||||
$data = json_decode(file_get_contents('php://input'));
|
||||
getData($data->username);
|
||||
|
||||
function getData($email)
|
||||
{
|
||||
require($_SERVER['DOCUMENT_ROOT'] . '/config/setupDBAccess.php');
|
||||
|
||||
$sql = "SELECT `user_id`, `username`, `password`, `email`, `phone`, `salutation`, `firstname`, `lastname`, `address`, `role`, `created_at`, `plz`, `name` FROM `user` JOIN `cities` ON `plz` = `postalcode` WHERE `username` = ?";
|
||||
$stmt = $db->prepare($sql);
|
||||
$stmt->bind_param("s", $email);
|
||||
|
||||
$stmt->execute();
|
||||
$stmt->store_result();
|
||||
$stmt->bind_result($user_id, $username, $password, $email, $phone, $salutation, $firstname, $lastname, $address, $role, $created_at, $plz, $name);
|
||||
if ($stmt->num_rows == 1) {
|
||||
if ($stmt -> fetch()) {
|
||||
$data = array(
|
||||
'user_id' => $user_id,
|
||||
'username' => $username,
|
||||
'password' => $password,
|
||||
'email' => $email,
|
||||
'phone' => $phone,
|
||||
'salutation' => $salutation,
|
||||
'firstname' => $firstname,
|
||||
'lastname' => $lastname,
|
||||
'address' => $address,
|
||||
'plz' => $plz,
|
||||
'city' => $name,
|
||||
'role' => $role,
|
||||
'created_at' => $created_at
|
||||
);
|
||||
$data = json_encode($data);
|
||||
$response = $data;
|
||||
} else {
|
||||
$response = "failure";
|
||||
}
|
||||
} else {
|
||||
$response = "failure";
|
||||
}
|
||||
$stmt->close();
|
||||
$db->close();
|
||||
|
||||
echo $response;
|
||||
}
|
||||
45
logic/loginLogic.php
Normal file
45
logic/loginLogic.php
Normal file
@@ -0,0 +1,45 @@
|
||||
<?php
|
||||
include($_SERVER['DOCUMENT_ROOT'] . '/config/sessionStart.php');
|
||||
include($_SERVER['DOCUMENT_ROOT'] . '/logic/testinput.php');
|
||||
|
||||
$data = json_decode(file_get_contents('php://input'));
|
||||
$username = testinput($data->email);
|
||||
$passwordUnhashed = testinput($data->password);
|
||||
|
||||
loginUser($username, $passwordUnhashed);
|
||||
|
||||
function loginUser($username, $passwordUnhashed)
|
||||
{
|
||||
require($_SERVER['DOCUMENT_ROOT'] . '/config/setupDBAccess.php');
|
||||
|
||||
$sql = "SELECT `username`, `password`, `role` FROM `user` WHERE `username` = ?";
|
||||
$stmt = $db->prepare($sql);
|
||||
$stmt->bind_param("s", $username);
|
||||
|
||||
|
||||
$stmt->execute();
|
||||
$stmt->store_result();
|
||||
$stmt->bind_result($username, $password, $role);
|
||||
if ($stmt->num_rows == 1) {
|
||||
$stmt->fetch();
|
||||
if (password_verify($passwordUnhashed, $password)) {
|
||||
$response = "success";
|
||||
$_SESSION['username'] = $username;
|
||||
$_SESSION['role'] = $role;
|
||||
$_SESSION['loggedIn'] = true;
|
||||
} else {
|
||||
$response = "failure";
|
||||
}
|
||||
} else {
|
||||
$response = "failure";
|
||||
}
|
||||
$stmt->close();
|
||||
$db->close();
|
||||
|
||||
echo $response;
|
||||
}
|
||||
|
||||
|
||||
|
||||
|
||||
?>
|
||||
@@ -1,18 +1,24 @@
|
||||
<?php
|
||||
include( $_SERVER['DOCUMENT_ROOT'] . '/logic/userLogic.php' );
|
||||
|
||||
$param = "";
|
||||
$data = "";
|
||||
$method = "";
|
||||
|
||||
isset($_GET["method"]) ? $method = $_GET["method"] : false;
|
||||
isset($_GET["param"]) ? $param = $_GET["param"] : false;
|
||||
|
||||
$logic = new UserLogic();
|
||||
$result = $logic->handleUserRequests($method, $param);
|
||||
$method =
|
||||
$result = true;
|
||||
|
||||
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
|
||||
$json = file_get_contents('php://input');
|
||||
$data = json_decode($json, true);
|
||||
$result = $logic->handleUserRequests($method, $data);
|
||||
}
|
||||
|
||||
|
||||
if ($result == null) {
|
||||
response("GET", 400, null);
|
||||
response('POST', 400, $result);
|
||||
} else {
|
||||
response("GET", 200, $result);
|
||||
response('POST', 200, $result);
|
||||
}
|
||||
|
||||
function response($method, $status, $data)
|
||||
|
||||
37
logic/updateUserData.php
Normal file
37
logic/updateUserData.php
Normal file
@@ -0,0 +1,37 @@
|
||||
<?php
|
||||
$data = json_decode(file_get_contents('php://input'));
|
||||
$email = $data->username;
|
||||
$phone = $data->phone;
|
||||
$address = $data->street;
|
||||
$name = $data->city;
|
||||
$plz = $data->postalcode;
|
||||
$password = $data->password;
|
||||
$hashedPassword = $data->hashedPassword;
|
||||
updateData($email, $phone, $address, $name, $plz, $password, $hashedPassword);
|
||||
|
||||
function updateData($email, $phone, $address, $name, $plz, $password, $hashedPassword){
|
||||
require($_SERVER['DOCUMENT_ROOT'] . '/config/setupDBAccess.php');
|
||||
if (password_verify($password, $hashedPassword)) {
|
||||
$sqlOrt = "INSERT IGNORE INTO `cities` (`postalcode`, `name`) VALUES (?, ?)";
|
||||
$sqlUser = "UPDATE `user` SET `phone` = ?, `address` = ?, `plz` = ? WHERE `username` = ?";
|
||||
$stmtOrt = $db->prepare($sqlOrt);
|
||||
$stmtUser = $db->prepare($sqlUser);
|
||||
$stmtOrt->bind_param("ss", $plz, $name);
|
||||
$stmtUser->bind_param("ssss", $phone, $address, $plz, $email);
|
||||
|
||||
if ($stmtOrt->execute() && $stmtUser->execute()) {
|
||||
$response = "success";
|
||||
} else {
|
||||
$response = "failure";
|
||||
}
|
||||
$stmtOrt->close();
|
||||
$stmtUser->close();
|
||||
$db->close();
|
||||
} else {
|
||||
$response = "failure";
|
||||
}
|
||||
|
||||
echo $response;
|
||||
|
||||
|
||||
}
|
||||
Reference in New Issue
Block a user