diff --git a/exam/.htaccess b/exam/.htaccess index afeed45..d25c13b 100644 --- a/exam/.htaccess +++ b/exam/.htaccess @@ -9,10 +9,10 @@ RewriteBase /phpCourse/exam ## ## Black listed folders ## -RewriteRule ^app/.* index.php [L,NC] -RewriteRule ^config/.* index.php [L,NC] -RewriteRule ^vendor/.* index.php [L,NC] -RewriteRule ^routes/.* index.php [L,NC] +RewriteRule ^phpCourse/exam/app/.* index.php [L,NC] +RewriteRule ^phpCourse/exam/config/.* index.php [L,NC] +RewriteRule ^phpCourse/exam/vendor/.* index.php [L,NC] +RewriteRule ^phpCourse/exam/routes/.* index.php [L,NC] ## ## White listed folders diff --git a/exam/api/.htaccess b/exam/api/.htaccess deleted file mode 100644 index 583de22..0000000 --- a/exam/api/.htaccess +++ /dev/null @@ -1,5 +0,0 @@ -Order deny,allow -Deny From All - - Allow From All - \ No newline at end of file diff --git a/exam/api/docs/api.yaml b/exam/api/docs/api.yaml new file mode 100644 index 0000000..2146c5f --- /dev/null +++ b/exam/api/docs/api.yaml @@ -0,0 +1,114 @@ +openapi: 3.0.0 +info: + title: PHP Course Exam + version: 1.0.0 + contact: + name: Kilian Kurt Hofmann + email: khofmann@zedat.fu-berlin.de + description: PHP Course (ABV FU Berlin) 2024 Exam +paths: + /users: + get: + summary: Get Users + description: Returns all users + parameters: [] + operationId: "" + responses: + "200": + description: Default response + content: + application/json: + schema: + $ref: "#/components/schemas/UsersListResponse" + "401": + description: Not allowed + tags: + - Users + security: + - BasicAuth: [] + put: + summary: Add User + description: Add a new user + parameters: [] + operationId: "" + responses: + "200": + description: Default response + content: + application/json: + schema: + $ref: "#/components/schemas/TrueResponse" + "401": + description: Not allowed + "500": + description: Error + tags: + - Users + security: + - BasicAuth: [] + requestBody: + required: true + content: + application/json: + schema: + $ref: "#/components/schemas/UserAddBody" +externalDocs: + url: "https://khofmann.userpage.fu-berlin.de/phpCourse/exam/api/docs/" +security: [] +servers: + - url: "https://khofmann.userpage.fu-berlin.de/phpCourse/exam/api/" + description: "" + variables: {} +components: + links: {} + callbacks: {} + schemas: + UsersListResponse: + type: array + items: + $ref: "#/components/schemas/UserType" + UserType: + type: object + properties: + ID: + type: number + description: User ID + example: 1 + FirstName: + type: string + description: Given name of user + example: Max + LastName: + type: string + description: Family name of User + example: Mustermann + token: + type: string + description: Access Token + format: uuid + example: 3be6453c-03eb-4357-ae5a-984a0e574a54 + UserAddBody: + type: object + required: + - FirstName + - LastName + properties: + FirstName: + type: string + description: Given name of user + example: Max + LastName: + type: string + description: Family name of User + example: Mustermann + TrueResponse: + type: boolean + example: true + securitySchemes: + BasicAuth: + type: apiKey + name: token + in: header +tags: + - name: Users + - name: Posts diff --git a/exam/api/user/index.php b/exam/api/user/index.php new file mode 100644 index 0000000..1fb879c --- /dev/null +++ b/exam/api/user/index.php @@ -0,0 +1,90 @@ +prepare($query); + $stmt->bindValue(":ID", $id); + $stmt->execute(); + + Response::api($stmt->fetchAll()); +} + +function post($id) +{ + + $db = Database::getInstance(); + + $query = + "UPDATE + Users + SET + FirstName = :FIRST, LastName = :LAST + WHERE + ID = :ID"; + + $_POST = json_decode(file_get_contents('php://input'), true); + + try { + $stmt = $db->prepare($query); + $stmt->bindValue(":FIRST", $_POST["firstName"]); + $stmt->bindValue(":LAST", $_POST["lastName"]); + $stmt->bindValue(":ID", $id); + + Response::api($stmt->execute()); + } catch (Exception $e) { + Response::api($e->getMessage(), 500); + } +} + +function delete($id) +{ + $db = Database::getInstance(); + + $query = + "DELETE FROM + Users + WHERE + ID = :ID"; + + try { + $stmt = $db->prepare($query); + $stmt->bindValue(":ID", $id); + + Response::api($stmt->execute()); + } catch (Exception $e) { + Response::api($e->getMessage(), 500); + } +} diff --git a/exam/api/users/index.php b/exam/api/users/index.php index 4d6cc01..450241b 100644 --- a/exam/api/users/index.php +++ b/exam/api/users/index.php @@ -9,12 +9,6 @@ switch ($method) { case "PUT": if (Auth::hasPermission("write")) return put(); break; - case "POST": - if (Auth::hasPermission("write")) return post(); - break; - case "DELETE": - if (Auth::hasPermission("write")) return delete(); - break; default: return Response::api("$method not supported", 500); } @@ -58,51 +52,3 @@ function put() Response::api($e->getMessage(), 500); } } - -function post() -{ - $db = Database::getInstance(); - - $query = - "UPDATE - Users - SET - FirstName = :FIRST, LastName = :LAST - WHERE - ID = :ID"; - - $_POST = json_decode(file_get_contents('php://input'), true); - - try { - $stmt = $db->prepare($query); - $stmt->bindValue(":FIRST", $_POST["firstName"]); - $stmt->bindValue(":LAST", $_POST["lastName"]); - $stmt->bindValue(":ID", $_POST["ID"]); - - Response::api($stmt->execute()); - } catch (Exception $e) { - Response::api($e->getMessage(), 500); - } -} - -function delete() -{ - $db = Database::getInstance(); - - $_DELETE = json_decode(file_get_contents('php://input'), true); - - $query = - "DELETE FROM - Users - WHERE - ID = :ID"; - - try { - $stmt = $db->prepare($query); - $stmt->bindValue(":ID", $_DELETE["ID"]); - - Response::api($stmt->execute()); - } catch (Exception $e) { - Response::api($e->getMessage(), 500); - } -} diff --git a/exam/routes/routes.php b/exam/routes/routes.php index c977975..341ae4d 100644 --- a/exam/routes/routes.php +++ b/exam/routes/routes.php @@ -3,9 +3,11 @@ $path = ltrim(str_replace(Config::getBasePath(), "", $_SERVER['REQUEST_URI']), "/"); try { - if (substr($path, 0, 3) === "api") { - if (strpos($path, "docs") === false) { - require_once __DIR__ . "/../$path/index.php"; + $segments = PathParams::get(); + + if ($segments[0] === "api") { + if ($segments[1] !== "docs") { + require_once __DIR__ . "/../api/{$segments[1]}/index.php"; } else { Headers::redirect("index.html"); } diff --git a/exam/vendor/config/config.php b/exam/vendor/config/config.php index af3d89f..e2148c6 100644 --- a/exam/vendor/config/config.php +++ b/exam/vendor/config/config.php @@ -2,7 +2,7 @@ class Config { - private static $instances = []; + private static array $instances = []; private array $app; private array $database; diff --git a/exam/vendor/database/database.php b/exam/vendor/database/database.php index ffda7ba..2cca886 100644 --- a/exam/vendor/database/database.php +++ b/exam/vendor/database/database.php @@ -2,7 +2,7 @@ class Database extends PDO { - private static $instances = []; + private static array $instances = []; protected function __construct($dsn, $username = null, $password = null, array $options = null) { diff --git a/exam/vendor/headers/headers.php b/exam/vendor/headers/headers.php index cd8147c..ef7e62d 100644 --- a/exam/vendor/headers/headers.php +++ b/exam/vendor/headers/headers.php @@ -2,18 +2,18 @@ class Headers { - static function json() + public static function json() { header('Content-Type: text/html; charset=utf-8'); header("Content-Type: text/json"); } - static function html() + public static function html() { header('Content-Type: text/html; charset=utf-8'); } - static function redirect(string $newUrl, bool $permanent = FALSE) + public static function redirect(string $newUrl, bool $permanent = FALSE) { header('Location: ' . $newUrl, true, $permanent ? 301 : 303); diff --git a/exam/vendor/pathParams/pathParams.php b/exam/vendor/pathParams/pathParams.php new file mode 100644 index 0000000..6f6304c --- /dev/null +++ b/exam/vendor/pathParams/pathParams.php @@ -0,0 +1,11 @@ +