Kilian/PHP-Course
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Better Errors

Browse Source
This commit is contained in:
Kilian Hofmann 2024-07-23 01:12:05 +02:00
parent 30849019af
commit 85d20e034a
18 changed files with 567 additions and 390 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
exam/api/Login/Login.php
View File

@ -4,6 +4,7 @@ namespace Api\Login;
use Exception;
use Khofmann\Api\Api;
use Khofmann\ApiError\ApiError;
use Khofmann\Input\Input;
use Khofmann\Response\Response;
use Khofmann\Models\User\User;
@ -12,21 +13,27 @@ class Login extends Api
{
public function post(): void
{
// Fetch all required inputs.
// Throw 400 error if a required one is missing.
$missing = [];
$email = Input::post("email");
if (empty($email)) throw new Exception("Missing email", 400);
$password = Input::post("password");
if (empty($password)) throw new Exception("Missing password", 400);
if (empty($email)) array_push($missing, "email");
if (empty($password)) array_push($missing, "password");
if (count($missing) > 0) throw ApiError::missingField($missing);
// Try and log in user.
// Throw errors according to situation.
try {
Response::json(User::logIn($email, $password));
} catch (Exception $err) {
switch ($err->getMessage()) {
case "Failed":
throw new Exception("Login failed", 500);
throw ApiError::failed("Login failed");
case "NotFound":
throw new Exception("User not found", 404);
throw ApiError::notFound("user");
case "Invalid":
throw new Exception("Invalid username or password", 401);
throw ApiError::unauthorized("Invalid username or password");
default:
throw $err;
}

2
exam/api/Logout/Logout.php
View File

@ -11,8 +11,10 @@ class Logout extends Api
{
public function post(): void
{
// Get user auth token.
$token = Request::token();
// Log out.
Response::json(User::getByToken($token)->logOut());
}
}

39
exam/api/Post/Post.php
View File

@ -4,6 +4,7 @@ namespace Api\Post;
use Exception;
use Khofmann\Api\Api;
use Khofmann\ApiError\ApiError;
use Khofmann\Input\Input;
use Khofmann\Models\Post\Post as MPost;
use Khofmann\Models\User\User;
@ -12,40 +13,29 @@ use Khofmann\Response\Response;
class Post extends Api
{
public function post(): void
{
$content = Input::patch("content");
$self = User::getByToken(Request::token());
try {
Response::json(MPost::create($self, $content));
} catch (Exception $err) {
switch ($err->getMessage()) {
default:
throw $err;
}
}
}
public function patch($id): void
{
// Fetch all inputs.
$content = Input::patch("content");
// Fetch authed user.
$self = User::getByToken(Request::token());
$post = MPost::getByID($id);
if (!$self->getIsAdmin() && $post->getUser()->getID() !== $self->getID()) throw new Exception("Not Authorized", 401);
try {
Response::json(MPost::getByID($id)->update($content));
// Try fetch the post in question, 404 if not found.
$post = MPost::getByID($id);
// Throw 400 if we aren't admin but trying to edit another users post.
if (!$self->getIsAdmin() && $post->getUser()->getID() !== $self->getID()) throw ApiError::unauthorized("Not allowed");
// Try update.
Response::json($post->update($content));
} catch (Exception $err) {
switch ($err->getMessage()) {
case "NotFound":
throw new Exception("Post not found", 404);
case "FailedContent":
throw new Exception("Failed to update content", 500);
throw ApiError::notFound("post");
default:
// Due to how the failed field is handled, it's ApiError is inside the models update
throw $err;
}
}
@ -53,12 +43,13 @@ class Post extends Api
public function delete($id): void
{
// Try delete, 404 if post was not found.
try {
Response::json(MPost::getByID($id)->delete());
} catch (Exception $err) {
switch ($err->getMessage()) {
case "NotFound":
throw new Exception("Post not found", 404);
throw ApiError::notFound("post");
default:
throw $err;
}

26
exam/api/Posts/Posts.php
View File

@ -2,9 +2,12 @@
namespace Api\Posts;
use Exception;
use Khofmann\Api\Api;
use Khofmann\ApiError\ApiError;
use Khofmann\Input\Input;
use Khofmann\Models\Post\Post;
use Khofmann\Models\User\User;
use Khofmann\Request\Request;
use Khofmann\Response\Response;
@ -12,10 +15,33 @@ class Posts extends Api
{
public function get()
{
// Fetch and constrain all parameters.
$page = max(0, intval(Input::get("p", 0)));
$limit = constrain(0, 30, intval(Input::get("l", 10)));
$authed = Request::token() !== null;
// Return list of posts.
Response::json(Post::list($page, $limit, $authed));
}
public function post(): void
{
// Fetch all required inputs.
// Throw 400 error if a required one is missing.
$content = Input::post("content");
if (empty($content)) throw ApiError::missingField(["content"]);
// Get logged in user
$self = User::getByToken(Request::token());
// Try to create a new post for logged in user.
try {
Response::json(Post::create($self, $content));
} catch (Exception $err) {
switch ($err->getMessage()) {
default:
throw $err;
}
}
}
}

23
exam/api/Register/Register.php
View File

@ -4,6 +4,7 @@ namespace Api\Register;
use Exception;
use Khofmann\Api\Api;
use Khofmann\ApiError\ApiError;
use Khofmann\Input\Input;
use Khofmann\Response\Response;
use Khofmann\Models\User\User;
@ -12,19 +13,26 @@ class Register extends Api
{
public function post(): void
{
// Fetch all required inputs.
// Throw 400 error if a required one is missing.
$missing = [];
$username = Input::post("username");
if (empty($username)) throw new Exception("Missing username", 400);
$email = Input::post("email");
if (empty($email)) throw new Exception("Missing email", 400);
$password = Input::post("password");
if (empty($password)) throw new Exception("Missing password", 400);
if (empty($username)) array_push($missing, "username");
if (empty($email)) array_push($missing, "email");
if (empty($password)) array_push($missing, "password");
if (count($missing) > 0) throw ApiError::missingField($missing);
// Try and create a new user, 400 if duplicate.
try {
Response::json(User::create($username, $email, $password));
} catch (Exception $err) {
switch ($err->getMessage()) {
case "NotFound":
throw ApiError::failed("Failed to create user");
case "Duplicate":
throw new Exception("A user with this username or email already exists", 400);
throw ApiError::duplicate("user");
default:
throw $err;
}
@ -33,15 +41,18 @@ class Register extends Api
public function patch(): void
{
// Fetch all required inputs.
// Throw 400 error if a required one is missing.
$code = Input::post("code");
if (empty($code)) throw new Exception("Missing code", 400);
if (empty($code)) throw ApiError::missingField(["code"]);
// Try and confirm user, 404 if user not found.
try {
Response::json(User::confirm($code));
} catch (Exception $err) {
switch ($err->getMessage()) {
case "NotFound":
throw new Exception("User not found", 404);
throw ApiError::notFound("user");
default:
throw $err;
}

31
exam/api/User/User.php
View File

@ -7,18 +7,20 @@ use Khofmann\Models\User\User as MUser;
use Khofmann\Input\Input;
use Khofmann\Response\Response;
use Khofmann\Api\Api;
use Khofmann\ApiError\ApiError;
use Khofmann\Request\Request;
class User extends Api
{
public function get($id): void
{
// Try and get a user, 404 if not found.
try {
Response::json(MUser::getByID($id));
} catch (Exception $err) {
switch ($err->getMessage()) {
case "NotFound":
throw new Exception("User not found", 404);
throw ApiError::notFound("user");
default:
throw $err;
}
@ -27,23 +29,21 @@ class User extends Api
public function patch($id): void
{
// Fetch all inputs.
$username = Input::patch("username");
$password = Input::patch("password");
$image = Input::file("image");
// Try and update user.
// Throw errors according to situation.
try {
Response::json(MUser::getByID($id)->update($username, $password, $image));
} catch (Exception $err) {
switch ($err->getMessage()) {
case "NotFound":
throw new Exception("User not found", 404);
case "FailedUsername":
throw new Exception("Failed to update username", 500);
case "FailedPassword":
throw new Exception("Failed to update password", 500);
case "FailedImage":
throw new Exception("Failed to update image", 500);
throw ApiError::notFound("user");
default:
// Due to how the failed field is handled, it's ApiError is inside the models update
throw $err;
}
}
@ -51,24 +51,22 @@ class User extends Api
public function patchSelf(): void
{
// Fetch all inputs.
$token = Request::token();
$username = Input::patch("username");
$password = Input::patch("password");
$image = Input::file("image");
// Try and update user.
// Throw errors according to situation.
try {
Response::json(MUser::getByToken($token)->update($username, $password, $image));
} catch (Exception $err) {
switch ($err->getMessage()) {
case "NotFound":
throw new Exception("User not found", 404);
case "FailedUsername":
throw new Exception("Failed to update username", 500);
case "FailedPassword":
throw new Exception("Failed to update password", 500);
case "FailedImage":
throw new Exception("Failed to update image", 500);
throw ApiError::notFound("user");
default:
// Due to how the failed field is handled, it's ApiError is inside the models update
throw $err;
}
}
@ -76,12 +74,13 @@ class User extends Api
public function delete($id): void
{
// Try to delete user, 404 if not found.
try {
Response::json(MUser::getByID($id)->delete());
} catch (Exception $err) {
switch ($err->getMessage()) {
case "NotFound":
throw new Exception("User not found", 404);
throw ApiError::notFound("user");
default:
throw $err;
}

3
exam/api/Users/Users.php
View File

@ -11,8 +11,11 @@ class Users extends Api
{
public function get()
{
// Fetch and constrain all parameters.
$page = max(0, intval(Input::get("p", 0)));
$limit = constrain(0, 30, intval(Input::get("l", 10)));
// Return list of users.
Response::json(User::list($page, $limit));
}
}

543
exam/api/docs/api.yaml
View File

@ -29,37 +29,42 @@ paths:
content:
application/json:
schema:
$ref: "#/components/schemas/ErrorResponse"
$ref: "#/components/schemas/MissingFieldResponse"
examples:
Missing fields:
value: { "message": "Missing email" }
value:
{ "code": "MissingField", "fields": ["email", "password"] }
401:
description: Invalid credentials.
content:
application/json:
schema:
$ref: "#/components/schemas/ErrorResponse"
$ref: "#/components/schemas/UnauthorizedResponse"
examples:
Invalid username or password:
value: { "message": "Invalid username or password" }
value:
{
"code": "Unauthorized",
"message": "Invalid username or password",
}
404:
description: User not found.
content:
application/json:
schema:
$ref: "#/components/schemas/ErrorResponse"
$ref: "#/components/schemas/NotFoundResponse"
examples:
User not found:
value: { "message": "User not found" }
value: { "code": "NotFound", "entity": "user" }
500:
description: Failed.
content:
application/json:
schema:
$ref: "#/components/schemas/ErrorResponse"
$ref: "#/components/schemas/FailedResponse"
examples:
Failed:
value: { "message": "Login failed" }
value: { "code": "Failed", "message": "Login failed" }
tags:
- Login/Logout
/logout:
@ -80,221 +85,6 @@ paths:
value: true
tags:
- Login/Logout
/register:
post:
summary: Register
description: Register a new user
requestBody:
required: true
content:
application/json:
schema:
$ref: "#/components/schemas/RegisterRequest"
responses:
200:
description: Success
content:
application/json:
schema:
$ref: "#/components/schemas/UserResponse"
400:
description: Missing fields or duplicate
content:
application/json:
schema:
$ref: "#/components/schemas/ErrorResponse"
examples:
Missing fields:
value: { "message": "Missing email" }
Duplicate:
value:
{
"message": "A user with this username or email already exists",
}
tags:
- Register
patch:
summary: Confirm register
description: Confirm a registration
requestBody:
required: true
content:
application/json:
schema:
$ref: "#/components/schemas/ConfirmRequest"
responses:
200:
description: Success
content:
application/json:
schema:
$ref: "#/components/schemas/BooleanResponse"
examples:
Success:
value: true
400:
description: Missing fields
content:
application/json:
schema:
$ref: "#/components/schemas/ErrorResponse"
examples:
Missing fields:
value: { "message": "Missing code" }
404:
description: User not found
content:
application/json:
schema:
$ref: "#/components/schemas/ErrorResponse"
examples:
User not found:
value: { "message": "User not found" }
tags:
- Register
/users:
get:
summary: List users
description: List all users.
security:
- BasicAuth: []
parameters:
- in: query
name: p
schema:
type: integer
minimum: 0
default: 0
description: Current page.
- in: query
name: l
schema:
type: integer
minimum: 0
maximum: 30
default: 10
description: The number of items to return.
responses:
200:
description: Success
content:
application/json:
schema:
$ref: "#/components/schemas/UserListResponse"
tags:
- User
/user/{id}:
get:
summary: Get user
description: Get user by ID.
security:
- BasicAuth: [isAdmin]
parameters:
- name: id
in: path
description: User ID
required: true
schema:
type: integer
format: int14
responses:
200:
description: Success.
content:
application/json:
schema:
$ref: "#/components/schemas/UserResponse"
404:
description: User not found.
content:
application/json:
schema:
$ref: "#/components/schemas/ErrorResponse"
examples:
User not found:
value: { "message": "User not found" }
tags:
- User
patch:
summary: Update user
description:
Update user with ID. Fields are updated in order username, password, image. If one fails, subsequent are not updated. <br>
Use special ID <code>self</code> to update logged in user. <br>
Requires logged in user to have admin permissions for any ID other than <code>self</code>.
security:
- BasicAuth: []
- BasicAuth: [isAdmin]
parameters:
- name: id
in: path
description: User ID
required: true
schema:
type: integer
format: int14
requestBody:
content:
application/json:
schema:
$ref: "#/components/schemas/UserUpdateRequest"
responses:
200:
description: Success.
content:
application/json:
schema:
$ref: "#/components/schemas/UserResponse"
404:
description: User not found.
content:
application/json:
schema:
$ref: "#/components/schemas/ErrorResponse"
examples:
User not found:
value: { "message": "User not found" }
500:
description: Update failed.
content:
application/json:
schema:
$ref: "#/components/schemas/ErrorResponse"
examples:
Failed username:
value: { "message": "Failed to update username" }
tags:
- User
delete:
summary: Delete user
description: Delete user with ID.
security:
- BasicAuth: [isAdmin]
parameters:
- name: id
in: path
description: User ID
required: true
schema:
type: integer
format: int14
responses:
200:
description: Success.
content:
application/json:
schema:
$ref: "#/components/schemas/UserResponse"
404:
description: User not found.
content:
application/json:
schema:
$ref: "#/components/schemas/ErrorResponse"
examples:
User not found:
value: { "message": "User not found" }
tags:
- User
/posts:
get:
summary: List posts
@ -404,16 +194,16 @@ paths:
content:
application/json:
schema:
$ref: "#/components/schemas/ErrorResponse"
$ref: "#/components/schemas/MissingFieldResponse"
examples:
Missing fields:
value: { "message": "Missing content" }
value: { "code": "MissingField", "fields": ["content"] }
tags:
- Post
/post/{id}:
patch:
summary: Update post
description: Update post with ID. <br>
description: Update post with ID. <br>
Requires logged in user to have admin permissions for posts not made by them.
security:
- BasicAuth: []
@ -438,24 +228,33 @@ paths:
application/json:
schema:
$ref: "#/components/schemas/PostResponse"
401:
description: Not allowed.
content:
application/json:
schema:
$ref: "#/components/schemas/UnauthorizedResponse"
examples:
Not allowed:
value: { "code": "Unauthorized", "message": "Not allowed" }
404:
description: Post not found.
content:
application/json:
schema:
$ref: "#/components/schemas/ErrorResponse"
$ref: "#/components/schemas/NotFoundResponse"
examples:
User not found:
value: { "message": "Post not found" }
Post not found:
value: { "code": "NotFound", "entity": "post" }
500:
description: Update failed.
content:
application/json:
schema:
$ref: "#/components/schemas/ErrorResponse"
$ref: "#/components/schemas/FailedUpdateResponse"
examples:
Failed:
value: { "message": "Failed to update post" }
value: { "code": "FailedUpdate", "fields": ["content"] }
tags:
- Post
delete:
@ -483,12 +282,242 @@ paths:
content:
application/json:
schema:
$ref: "#/components/schemas/ErrorResponse"
$ref: "#/components/schemas/NotFoundResponse"
examples:
Post not found:
value: { "message": "Post not found" }
value: { "code": "NotFound", "entity": "post" }
tags:
- Post
/register:
post:
summary: Register
description: Register a new user.
requestBody:
required: true
content:
application/json:
schema:
$ref: "#/components/schemas/RegisterRequest"
responses:
200:
description: Success.
content:
application/json:
schema:
$ref: "#/components/schemas/UserResponse"
400:
description: Missing fields or duplicate.
content:
application/json:
schema:
oneOf:
- $ref: "#/components/schemas/MissingFieldResponse"
- $ref: "#/components/schemas/DuplicateResponse"
examples:
Missing fields:
value:
{
"code": "MissingField",
"fields": ["username", "email", "password"],
}
Duplicate:
value: { "code": "Duplicate", "entity": "user" }
404:
description: Failed to create
content:
application/json:
schema:
$ref: "#/components/schemas/FailedResponse"
examples:
Failed to create:
value:
{ "code": "Failed", "message": "Failed to create user" }
tags:
- Register
patch:
summary: Confirm register
description: Confirm a registration.
requestBody:
required: true
content:
application/json:
schema:
$ref: "#/components/schemas/ConfirmRequest"
responses:
200:
description: Success.
content:
application/json:
schema:
$ref: "#/components/schemas/UserResponse"
400:
description: Missing fields.
content:
application/json:
schema:
$ref: "#/components/schemas/MissingFieldResponse"
examples:
Missing fields:
value: { "code": "MissingField", "fields": ["code"] }
404:
description: User not found.
content:
application/json:
schema:
$ref: "#/components/schemas/NotFoundResponse"
examples:
User not found:
value: { "code": "NotFound", "entity": "user" }
tags:
- Register
/users:
get:
summary: List users
description: List all users.
security:
- BasicAuth: []
parameters:
- in: query
name: p
schema:
type: integer
minimum: 0
default: 0
description: Current page.
- in: query
name: l
schema:
type: integer
minimum: 0
maximum: 30
default: 10
description: The number of items to return.
responses:
200:
description: Success
content:
application/json:
schema:
$ref: "#/components/schemas/UserListResponse"
tags:
- User
/user/{id}:
get:
summary: Get user
description: Get user by ID.
security:
- BasicAuth: [isAdmin]
parameters:
- name: id
in: path
description: User ID
required: true
schema:
type: integer
format: int14
responses:
200:
description: Success.
content:
application/json:
schema:
$ref: "#/components/schemas/UserResponse"
404:
description: User not found.
content:
application/json:
schema:
$ref: "#/components/schemas/NotFoundResponse"
examples:
User not found:
value: { "code": "NotFound", "entity": "user" }
tags:
- User
patch:
summary: Update user
description: Update user with ID. <br>
Use special ID <code>self</code> to update logged in user. <br>
Requires logged in user to have admin permissions for any ID other than <code>self</code>.
security:
- BasicAuth: []
- BasicAuth: [isAdmin]
parameters:
- name: id
in: path
description: User ID
required: true
schema:
type: integer
format: int14
requestBody:
content:
application/json:
schema:
$ref: "#/components/schemas/UserUpdateRequest"
responses:
200:
description: Success.
content:
application/json:
schema:
$ref: "#/components/schemas/UserResponse"
404:
description: User not found.
content:
application/json:
schema:
$ref: "#/components/schemas/NotFoundResponse"
examples:
User not found:
value: { "code": "NotFound", "entity": "username" }
500:
description: Update failed.
content:
application/json:
schema:
$ref: "#/components/schemas/FailedUpdateResponse"
examples:
Failed username:
value:
{
"code": "FailedUpdate",
"fields": ["username", "email", "password"],
}
tags:
- User
delete:
summary: Delete user
description: Delete user with ID.
security:
- BasicAuth: [isAdmin]
parameters:
- name: id
in: path
description: User ID
required: true
schema:
type: integer
format: int14
responses:
200:
description: Success.
content:
application/json:
schema:
$ref: "#/components/schemas/UserResponse"
404:
description: User not found.
content:
application/json:
schema:
$ref: "#/components/schemas/NotFoundResponse"
examples:
User not found:
value: { "code": "NotFound", "entity": "user" }
tags:
- User
externalDocs:
url: https://khofmann.userpage.fu-berlin.de/phpCourse/exam/api/docs/
security: []
@ -498,6 +527,52 @@ components:
schemas:
BooleanResponse:
type: boolean
MissingFieldResponse:
type: object
properties:
code:
type: MissingField
fields:
type: array
items:
type: string
NotFoundResponse:
type: object
properties:
code:
type: NotFound
entity:
type: string
UnauthorizedResponse:
type: object
properties:
code:
type: Unauthorized
message:
type: string
FailedResponse:
type: object
properties:
code:
type: Failed
message:
type: string
DuplicateResponse:
type: object
properties:
code:
type: Duplicate
entity:
type: string
FailedUpdateResponse:
type: object
properties:
code:
type: FailedUpdate
fields:
type: array
items:
type: string
ErrorResponse:
type: object
properties:
@ -635,6 +710,6 @@ components:
in: header
tags:
- name: Login/Logout
- name: Post
- name: Register
- name: User
- name: Post

116
exam/api/docs/index.html
View File

File diff suppressed because one or more lines are too long

61
exam/classes/ApiError/ApiError.php Normal file
View File

@ -0,0 +1,61 @@
<?php
namespace Khofmann\ApiError;
use Exception;
class ApiError extends Exception
{
private function __construct($message = "", $code = 0)
{
parent::__construct($message, $code);
}
public static function missingField(array $fields): ApiError
{
return new ApiError(json_encode([
"code" => "MissingField",
"fields" => $fields,
]), 400);
}
public static function duplicate(string $entity): ApiError
{
return new ApiError(json_encode([
"code" => "Duplicate",
"entity" => $entity,
]), 400);
}
public static function unauthorized(string $message)
{
return new ApiError(json_encode([
"code" => "Unauthorized",
"message" => $message,
]), 401);
}
public static function notFound(string $entity)
{
return new ApiError(json_encode([
"code" => "NotFound",
"entity" => $entity,
]), 404);
}
public static function failed(string $message)
{
return new ApiError(json_encode([
"code" => "Failed",
"message" => $message,
]), 500);
}
public static function failedUpdate(array $fields)
{
return new ApiError(json_encode([
"code" => "FailedUpdate",
"fields" => $fields,
]), 500);
}
}

6
exam/classes/Auth/AdminAuth.php
View File

@ -16,17 +16,17 @@ class AdminAuth implements IMiddleware
// No token
if ($token === null) {
Response::response()->httpCode(401)->json(["message" => "Not Authorized"]);
Response::response()->httpCode(401)->json(["code" => "Unauthorized", "message" => "Not Authorized"]);
}
try {
$user = User::getByToken($token);
if (!$user->getIsAdmin()) {
Response::response()->httpCode(401)->json(["message" => "Not Authorized"]);
Response::response()->httpCode(401)->json(["code" => "Unauthorized", "message" => "Not Authorized"]);
}
} catch (Exception $err) {
// No user with this token exists
Response::response()->httpCode(401)->json(["message" => "Not Authorized"]);
Response::response()->httpCode(401)->json(["code" => "Unauthorized", "message" => "Not Authorized"]);
}
}
}

4
exam/classes/Auth/Auth.php
View File

@ -16,14 +16,14 @@ class Auth implements IMiddleware
// No token
if ($token === null) {
Response::response()->httpCode(401)->json(["message" => "Not Authorized"]);
Response::response()->httpCode(401)->json(["code" => "Unauthorized", "message" => "Not Authorized"]);
}
try {
User::getByToken($token);
} catch (Exception $err) {
// No user with this token exists
Response::response()->httpCode(401)->json(["message" => "Not Authorized"]);
Response::response()->httpCode(401)->json(["code" => "Unauthorized", "message" => "Not Authorized"]);
}
}
}

2
exam/classes/Auth/OptAuth.php
View File

@ -23,7 +23,7 @@ class OptAuth implements IMiddleware
User::getByToken($token);
} catch (Exception $err) {
// No user with this token exists
Response::response()->httpCode(401)->json(["message" => "Not Authorized"]);
Response::response()->httpCode(401)->json(["code" => "Unauthorized", "message" => "Not Authorized"]);
}
}
}

9
exam/classes/Models/Post/Post.php
View File

@ -7,6 +7,7 @@ use DateTime;
use Exception;
use Khofmann\Models\User\User;
use JsonSerializable;
use Khofmann\ApiError\ApiError;
use Khofmann\Database\Database;
use PDO;
@ -113,14 +114,16 @@ class Post implements JsonSerializable
{
$db = Database::getInstance();
$error = false;
if (!empty($content)) {
$stmt = $db->prepare("UPDATE egb_gaestebuch SET beitrag = :CON WHERE id = :ID");
$stmt->bindValue(":CON", $content);
$stmt->bindValue(":ID", $this->id);
$error = !$stmt->execute();
try {
if (!$stmt->execute()) throw ApiError::failedUpdate(["content"]);
} catch (Exception $e) {
throw ApiError::failedUpdate(["content"]);
}
}
if ($error) throw new Exception("FailedContent");
return Post::getByID($this->id);
}

33
exam/classes/Models/User/User.php
View File

@ -8,6 +8,7 @@ use DateTime;
use Khofmann\Database\Database;
use Config\Config;
use JsonSerializable;
use Khofmann\ApiError\ApiError;
use Khofmann\GUID\GUID;
use PDOException;
@ -192,11 +193,11 @@ class User implements JsonSerializable
$stmt->bindValue(":EMA", $email);
$stmt->bindValue(":COD", $guid);
$user = User::getByID($db->lastInsertId());
try {
$stmt->execute();
$user = User::getByID($db->lastInsertId());
mail(
$email,
"Account activation GuestBookDB",
@ -211,7 +212,7 @@ class User implements JsonSerializable
}
}
public static function confirm(string $confirmCode): bool
public static function confirm(string $confirmCode): User
{
$db = Database::getInstance();
$user = User::getByConfirmCode($confirmCode);
@ -225,7 +226,7 @@ class User implements JsonSerializable
WHERE id = :UID"
);
$stmt->bindValue(":UID", $user->getID());
return $stmt->execute();
return User::getByID($user->getID());
}
public static function list(int $page, int $limit)
@ -273,22 +274,28 @@ class User implements JsonSerializable
{
$db = Database::getInstance();
$error = false;
$failed = [];
if (!empty($username)) {
$stmt = $db->prepare("UPDATE egb_benutzer SET benutzer = :USR WHERE id = :ID");
$stmt->bindValue(":USR", $username);
$stmt->bindValue(":ID", $this->id);
$error = !$stmt->execute();
try {
if (!$stmt->execute()) array_push($failed, "username");
} catch (Exception $e) {
array_push($failed, "username");
}
}
if ($error) throw new Exception("FailedUsername");
if (!empty($password)) {
$stmt = $db->prepare("UPDATE egb_benutzer SET passwort = :PAS WHERE id = :ID");
$stmt->bindValue(":PAS", password_hash($password, PASSWORD_DEFAULT));
$stmt->bindValue(":ID", $this->id);
$error = !$stmt->execute();
try {
if (!$stmt->execute()) array_push($failed, "password");
} catch (Exception $e) {
array_push($failed, "password");
}
}
if ($error) throw new Exception("FailedPassword");
if (!empty($image)) {
$destinationFilename = sprintf('%s.%s', uniqid(), $image->getExtension());
@ -297,9 +304,13 @@ class User implements JsonSerializable
$stmt = $db->prepare("UPDATE egb_benutzer SET image = :IMG WHERE id = :ID");
$stmt->bindValue(":IMG", $destinationFilename);
$stmt->bindValue(":ID", $this->id);
$error = !$stmt->execute();
try {
if (!$stmt->execute()) array_push($failed, "image");
} catch (Exception $e) {
array_push($failed, "image");
}
}
if ($error) throw new Exception("FailedImage");
if (count($failed) > 0) throw ApiError::failedUpdate($failed);
return User::getByID($this->id);
}

7
exam/classes/Response/Response.php
View File

@ -22,6 +22,13 @@ class Response
SimpleRouter::response()->json($value, $options, $dept);
}
public static function apiError(string $value, int $code): void
{
Response::response()->header('Content-Type: application/json; charset=utf-8')->httpCode($code);
echo $value;
exit(0);
}
public static function redirect(string $url, ?int $code = null): void
{
if ($code !== null) {

7
exam/routes/routes.php
View File

@ -1,6 +1,8 @@
<?php
// Namespaces
use Khofmann\ApiError\ApiError;
use Pecee\SimpleRouter\SimpleRouter;
use Pecee\Http\Request;
use Khofmann\Response\Response;
@ -8,7 +10,8 @@ use Khofmann\Response\Response;
// Error handling
SimpleRouter::error(function (Request $request, Exception $exception) {
$code = $exception->getCode();
Response::response()->httpCode(is_int($code) ? $code : 500)->json(["message" => $exception->getMessage()]);
if ($exception instanceof ApiError) Response::apiError($exception->getMessage(), $code);
else Response::response()->httpCode(is_int($code) ? $code : 500)->json(["message" => $exception->getMessage()]);
});
// CORS
@ -55,7 +58,7 @@ SimpleRouter::group(["middleware" => Khofmann\Auth\Auth::class], function () {
// Update post
SimpleRouter::patch("/post/{id}", [Api\Post\Post::class, "patch"]);
// Create post
SimpleRouter::post("/posts", [Api\Post\Post::class, "post"]);
SimpleRouter::post("/posts", [Api\Posts\Posts::class, "post"]);
});
/*

28
exam/utils/helpers.php
View File

@ -1,32 +1,6 @@
<?php
use Pecee\SimpleRouter\SimpleRouter as Router;
use Pecee\Http\Url;
/**
* Get url for a route by using either name/alias, class or method name.
*
* The name parameter supports the following values:
* - Route name
* - Controller/resource name (with or without method)
* - Controller class name
*
* When searching for controller/resource by name, you can use this syntax "route.name@method".
* You can also use the same syntax when searching for a specific controller-class "MyController@home".
* If no arguments is specified, it will return the url for the current loaded route.
*
* @param string|null $name
* @param string|array|null $parameters
* @param array|null $getParams
* @return \Pecee\Http\Url
* @throws \InvalidArgumentException
*/
function url(?string $name = null, $parameters = null, ?array $getParams = null): Url
{
return Router::getUrl($name, $parameters, $getParams);
}
function constrain(int $min, int $max, $n): int
{
return max(min($max, $n), $min);
return max(min($max, $n), $min);
}